Verify server cert using default host CA cert store

BUG=none
TEST=build with use_openssl=1 and open some https pages

Review URL: http://codereview.chromium.org/3518004

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@61355 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 4 insertions, 2 deletions

diff --git a/net/socket/ssl_client_socket_openssl.h b/net/socket/ssl_client_socket_openssl.h
index 7d850f8..1799a62 100644
--- a/net/socket/ssl_client_socket_openssl.h
+++ b/net/socket/ssl_client_socket_openssl.h
@@ -14,8 +14,8 @@
 #include "net/socket/client_socket_handle.h"
 
 typedef struct bio_st BIO;
-typedef struct ssl_ctx_st SSL_CTX;
 typedef struct ssl_st SSL;
+typedef struct x509_store_ctx_st X509_STORE_CTX;
 
 namespace net {
 
@@ -35,6 +35,9 @@ class SSLClientSocketOpenSSL : public SSLClientSocket {
                          const SSLConfig& ssl_config);
   ~SSLClientSocketOpenSSL();
 
+  // Called back from OpenSSL during cert verification (see SSL_CTX_set_verify).
+  int SSLVerifyCallback(int preverify_ok, SSL* ssl, X509_STORE_CTX* ctx);
+
   // SSLClientSocket methods:
   virtual void GetSSLInfo(SSLInfo* ssl_info);
   virtual void GetSSLCertRequestInfo(SSLCertRequestInfo* cert_request_info);
@@ -109,7 +112,6 @@ class SSLClientSocketOpenSSL : public SSLClientSocket {
   bool client_auth_cert_needed_;
 
   // OpenSSL stuff
-  static SSL_CTX* g_ctx;
   SSL* ssl_;
   BIO* transport_bio_;