Merge to M74: Fix client certificate requests atop HTTP auth proxies.

(Done by hand. Minor merge conflict to tests in, but fix had to be recreated as
ClientSocketPoolBaseHelper was not inlined at the time, and
SetAdditionalErrorState was still GetAdditionalErrorState in the other
reworked HTTP proxy auth to use pre-bound ConnectJob/Request pairs. In
doing so, it missed a handle->SetAdditionalErrorState(job) call (then
job->GetAdditionalErrorState(handle)). This call is used to pass the
SSLCertRequestInfo up the stack.

This meant that client-cert-requesting origin servers, combined with
HTTP-auth-using proxies would cause SSLCertRequestInfo to be null.
Depending on whether //net or //content was the first to use the
SSLCertRequestInfo, this would either crash the network service or the
browser process, though the latter is only possible due to a bug in the
network service (

Fix this by adding the missing call. That requires tweaking
FindAndRemoveBoundRequestForConnectJob slightly so the ConnectJob isn't
destroyed so early.

(cherry picked from commit 2eb827f477c8f4b22d6c85601edefd06c3926ae5)

Bug: 946406
Change-Id: Ic7cab7d508cc680c114fe3b4cc0dc2d1d34487ce
Commit-Queue: David Benjamin <>
Auto-Submit: David Benjamin <>
Reviewed-by: Matt Menke <>
Cr-Original-Commit-Position: refs/heads/master@{#654932}
Reviewed-by: David Benjamin <>
Cr-Commit-Position: refs/branch-heads/3729@{#953}
Cr-Branched-From: d4a8972e30b604f090aeda5dfff68386ae656267-refs/heads/master@{#638880}
5 files changed