$OpenBSD$

index 979c3e2..c2f211d 100644
--- security/certverifier/NSSCertDBTrustDomain.h.orig	Fri Feb 20 15:40:38 2015
+++ security/certverifier/NSSCertDBTrustDomain.h	Fri Feb 20 15:40:38 2015
@@ -57,7 +57,8 @@ public:
     LocalOnlyOCSPForEV = 4,
   };
   NSSCertDBTrustDomain(SECTrustType certDBTrustType, OCSPFetching ocspFetching,
-                       OCSPCache& ocspCache, void* pinArg);
+                       OCSPCache& ocspCache, void* pinArg,
+                       CERTChainVerifyCallback* checkChainCallback = nullptr);
 
   virtual SECStatus FindPotentialIssuers(
                         const SECItem* encodedIssuerName,
@@ -78,6 +79,8 @@ public:
                                     PRTime time,
                        /*optional*/ const SECItem* stapledOCSPResponse);
 
+  virtual SECStatus IsChainValid(const CERTCertList* certChain);
+
 private:
   enum EncodedResponseSource {
     ResponseIsFromNetwork = 1,
@@ -93,6 +96,7 @@ private:
   const OCSPFetching mOCSPFetching;
   OCSPCache& mOCSPCache; // non-owning!
   void* mPinArg; // non-owning!
+  CERTChainVerifyCallback* mCheckChainCallback; // non-owning!
 };
 
 } } // namespace mozilla::psm