Ignore client certificate requests by default.

URLFetcher's current behavior when a certificate request is received is to immediately cancel the connection -- this is needed because doing anything else inside chrome could cause that decision to affect other requests using the same urlrequestcontext (that would otherwise have been able to request a certificate from the user).

For the remoting host, however, that is irrelevant - there's no other way to request a certificate from the user, so we can consistently ignore client certificate requests - this at least allows the remoting host to successfully connect to servers with optional client certificate authentication (i.e. servers that request a client certificate, but will provide content even if one isn't provided).

BUG=

Review URL: https://chromiumcodereview.appspot.com/21012007

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@214659 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 5 insertions, 3 deletions

diff --git a/remoting/host/remoting_me2me_host.cc b/remoting/host/remoting_me2me_host.cc
index 7b7d3e3..f2bbac0 100644
--- a/remoting/host/remoting_me2me_host.cc
+++ b/remoting/host/remoting_me2me_host.cc
@@ -371,10 +371,12 @@ bool HostProcess::InitWithCommandLine(const CommandLine* cmd_line) {
   }
 #endif  // !defined(REMOTING_MULTI_PROCESS)
 
+  // Ignore certificate requests - the host currently has no client certificate
+  // support, so ignoring certificate requests allows connecting to servers that
+  // request, but don't require, a certificate (optional client authentication).
+  net::URLFetcher::SetIgnoreCertificateRequests(true);
+
   ServiceUrls* service_urls = ServiceUrls::GetInstance();
-  if (service_urls->ignore_urlfetcher_cert_requests()) {
-    net::URLFetcher::SetIgnoreCertificateRequests(true);
-  }
   bool xmpp_server_valid = net::ParseHostAndPort(
       service_urls->xmpp_server_address(),
       &xmpp_server_config_.host, &xmpp_server_config_.port);