1 files changed, 10 insertions, 8 deletions

diff --git a/net/base/ssl_client_socket_nss.h b/net/base/ssl_client_socket_nss.h
index 5015e1e..b16557c 100644
--- a/net/base/ssl_client_socket_nss.h
+++ b/net/base/ssl_client_socket_nss.h
@@ -5,15 +5,13 @@
 #ifndef NET_BASE_SSL_CLIENT_SOCKET_NSS_H_
 #define NET_BASE_SSL_CLIENT_SOCKET_NSS_H_
 
-#include "build/build_config.h"
-
-#include <prio.h>
-#include "net/base/nss_memio.h"
-
+#include <nspr.h>
+#include <nss.h>
 #include <string>
 
 #include "base/scoped_ptr.h"
 #include "net/base/completion_callback.h"
+#include "net/base/nss_memio.h"
 #include "net/base/ssl_client_socket.h"
 #include "net/base/ssl_config_service.h"
 
@@ -60,6 +58,9 @@ class SSLClientSocketNSS : public SSLClientSocket {
   void BufferSendComplete(int result);
   void BufferRecvComplete(int result);
 
+  // nss calls this on error.  We pass 'this' as the first argument.
+  static SECStatus OwnBadCertHandler(void* arg, PRFileDesc* socket);
+
   CompletionCallbackImpl<SSLClientSocketNSS> buffer_send_callback_;
   CompletionCallbackImpl<SSLClientSocketNSS> buffer_recv_callback_;
   bool transport_send_busy_;
@@ -76,7 +77,8 @@ class SSLClientSocketNSS : public SSLClientSocket {
   char* user_buf_;
   int user_buf_len_;
 
-  int server_cert_status_;
+  // Set when handshake finishes.  Value is net error code, see net_errors.h
+  int server_cert_error_;
 
   bool completed_handshake_;
 
@@ -91,10 +93,10 @@ class SSLClientSocketNSS : public SSLClientSocket {
   };
   State next_state_;
 
-  /* The NSS SSL state machine */
+  // The NSS SSL state machine
   PRFileDesc* nss_fd_;
 
-  /* Buffers for the network end of the SSL state machine */
+  // Buffers for the network end of the SSL state machine
   memio_Private* nss_bufs_;
 
   static bool nss_options_initialized_;