Switch NaCl to use_byte_certs.
The NaCl build (used by //remoting) doesn't actually process
certificates, so we can switch them easily. (They configure
SSLClientSocket to allow only a single certificate and run some other
authenticator over the channel.)
Sadly, this doesn't buy the binary size wins yet. It looks like this is
because they pull in WebRTC. But it means that once this and the Android
switch sticks, we can tidy up USE_OPENSSL_CERTS.
BUG=671420
Review-Url: https://codereview.chromium.org/2861813002
Cr-Commit-Position: refs/heads/master@{#469213}
diff --git a/net/BUILD.gn b/net/BUILD.gn
index 35c642f..67687d0 100644
--- a/net/BUILD.gn
+++ b/net/BUILD.gn
@@ -41,7 +41,7 @@
# in addition to use_openssl_certs or use_nss_certs, in that case byte certs
# are used internally but OpenSSL or NSS are used for certificate verification.
# TODO(mattm): crbug.com/671420: Implement and enable this for all platforms.
-use_byte_certs = is_mac || is_android
+use_byte_certs = is_mac || is_android || is_nacl
buildflag_header("features") {
header = "net_features.h"
@@ -245,9 +245,9 @@
"cert/x509_cert_types.h",
"cert/x509_certificate.cc",
"cert/x509_certificate.h",
+ "cert/x509_certificate_bytes.cc",
"cert/x509_certificate_net_log_param.cc",
"cert/x509_certificate_net_log_param.h",
- "cert/x509_certificate_openssl.cc",
"cert/x509_util.cc",
"cert/x509_util.h",
"cert/x509_util_openssl.cc",
@@ -595,11 +595,11 @@
"cert/test_root_certs_win.cc",
"cert/x509_cert_types_mac.cc",
"cert/x509_cert_types_win.cc",
- "cert/x509_certificate_bytes.cc",
"cert/x509_certificate_ios.cc",
"cert/x509_certificate_known_roots_win.h",
"cert/x509_certificate_mac.cc",
"cert/x509_certificate_nss.cc",
+ "cert/x509_certificate_openssl.cc",
"cert/x509_certificate_win.cc",
"cert/x509_util_android.cc",
"cert/x509_util_android.h",
