net: add test for TLS_FALLBACK_SCSV

net/test/spawned_test_server/base_test_server.cc

Index: net/test/spawned_test_server/base_test_server.cc
diff --git a/net/test/spawned_test_server/base_test_server.cc b/net/test/spawned_test_server/base_test_server.cc
index 775341b608e6bd93ffe56712b1a676a3477b9bc5..b4e6c9cc53d8cad4aed6a4ea8f18070fc81ef54f 100644
--- a/net/test/spawned_test_server/base_test_server.cc
+++ b/net/test/spawned_test_server/base_test_server.cc
@@ -60,7 +60,8 @@ BaseTestServer::SSLOptions::SSLOptions()
       request_client_certificate(false),
       bulk_ciphers(SSLOptions::BULK_CIPHER_ANY),
       record_resume(false),
-      tls_intolerant(TLS_INTOLERANT_NONE) {}
+      tls_intolerant(TLS_INTOLERANT_NONE),
+      fallback_scsv_enabled(false) {}
 
 BaseTestServer::SSLOptions::SSLOptions(
     BaseTestServer::SSLOptions::ServerCertificate cert)
@@ -70,7 +71,8 @@ BaseTestServer::SSLOptions::SSLOptions(
       request_client_certificate(false),
       bulk_ciphers(SSLOptions::BULK_CIPHER_ANY),
       record_resume(false),
-      tls_intolerant(TLS_INTOLERANT_NONE) {}
+      tls_intolerant(TLS_INTOLERANT_NONE),
+      fallback_scsv_enabled(false) {}
 
 BaseTestServer::SSLOptions::~SSLOptions() {}
 
@@ -404,6 +406,8 @@ bool BaseTestServer::GenerateArguments(base::DictionaryValue* arguments) const {
         return false;
       arguments->SetString("signed-cert-timestamps", b64_scts);
     }
+    if (ssl_options_.fallback_scsv_enabled)
+      arguments->Set("fallback-scsv", base::Value::CreateNullValue());

[wtc, 2013/12/10 16:28:27]

It would be nice to move this up, to follow the tls_intolerant code. (See my
comment in base_test_server.h about avoiding merge conflicts with Emilia's CL.)

[agl, 2013/12/10 17:53:43]

Done.

   }
 
   return GenerateAdditionalArguments(arguments);