Log how often DTLS negotiation failed because of incompatible ciphersuites.

webrtc/base/sslstreamadapter.h

Index: webrtc/base/sslstreamadapter.h
diff --git a/webrtc/base/sslstreamadapter.h b/webrtc/base/sslstreamadapter.h
index ba60ce3da09b32ce28b832597784cdaa78e0866a..f1a0a32994c7a08619292a8d2bdd975bea0d8285 100644
--- a/webrtc/base/sslstreamadapter.h
+++ b/webrtc/base/sslstreamadapter.h
@@ -83,9 +83,8 @@ class SSLStreamAdapter : public StreamAdapterInterface {
   // Caller is responsible for freeing the returned object.
   static SSLStreamAdapter* Create(StreamInterface* stream);
 
-  explicit SSLStreamAdapter(StreamInterface* stream)
-      : StreamAdapterInterface(stream), ignore_bad_cert_(false),
-        client_auth_enabled_(true) { }
+  explicit SSLStreamAdapter(StreamInterface* stream);
+  ~SSLStreamAdapter() override;
 
   void set_ignore_bad_cert(bool ignore) { ignore_bad_cert_ = ignore; }
   bool ignore_bad_cert() const { return ignore_bad_cert_; }
@@ -207,6 +206,8 @@ class SSLStreamAdapter : public StreamAdapterInterface {
   // depending on specific SSL implementation.
   static std::string SslCipherSuiteToName(int cipher_suite);
 
+  sigslot::signal1<int> SignalSSLHandshakeError;

[pthatcher1, 2016/08/03 22:40:46]

We should document what values will be in here.  It looks like we only have two,
and one is for "unknown".  Perhaps an enum would make sense.

+
  private:
   // If true, the server certificate need not match the configured
   // server_name, and in fact missing certificate authority and other