Use X509_STORE_CTX::untrusted, not X509_STORE_CTX::chain in CertVerifyCallback.

The latter is always NULL since the certificate chain hasn't been verified yet.

BUG=375821
TEST=Visit https://www.imperialviolet.org/2014/03/03/triplehandshake.html on
     Android; image still doesn't load.
TEST=Visit https://scripts.mit.edu:444/__scripts/certerror. Tap 'Cancel' on
     the certificate prompt. Hit 'More' on the error page. Should show
     ERR_SSL_PROTOCOL_ERROR, not ERR_SSL_SERVER_CERT_CHANGED.

Review URL: https://codereview.chromium.org/300103011

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@273055 0039d316-1c4b-4281-b951-d872f2087c98

net/socket/ssl_client_socket_openssl.cc

@@ -1370,7 +1370,7 @@ int SSLClientSocketOpenSSL::CertVerifyCallback(X509_STORE_CTX* store_ctx) {
 
   CHECK(server_cert_.get());
 
-  PeerCertificateChain chain(store_ctx->chain);
+  PeerCertificateChain chain(store_ctx->untrusted);
   if (chain.IsValid() && server_cert_->Equals(chain.AsOSChain()))
     return 1;