Extract Certificate Transparency SCTs from stapled OCSP responses

net/test/spawned_test_server/base_test_server.h

Index: net/test/spawned_test_server/base_test_server.h
diff --git a/net/test/spawned_test_server/base_test_server.h b/net/test/spawned_test_server/base_test_server.h
index 9d5cda8dab9583f22efe4d8b288bb2c80f4ee18f..bd02717beedfb0f4902d6721a2160fd9c4166395 100644
--- a/net/test/spawned_test_server/base_test_server.h
+++ b/net/test/spawned_test_server/base_test_server.h
@@ -148,13 +148,15 @@ class BaseTestServer {
     // negotiates an intolerant TLS version in order to test version fallback.
     TLSIntolerantLevel tls_intolerant;
 
-    // (Fake) SignedCertificateTimestampList (as a raw binary string) to send in
-    // a TLS extension.
-    // Temporary glue for testing: validation of SCTs is application-controlled
+   // Temporary glue for testing: validation of SCTs is application-controlled
     // and can be appropriately mocked out, so sending fake data here does not
     // affect handshaking behaviour.
     // TODO(ekasper): replace with valid SCT files for test certs.
-    std::string signed_cert_timestamps;
+    // (Fake) SignedCertificateTimestampList (as a raw binary string) to send in
+    // a TLS extension.
+    std::string signed_cert_timestamps_tls_ext;

[wtc, 2013/12/10 04:23:17]

Nit: maybe no need to add "_tls_ext" now?

[ekasper, 2013/12/10 14:45:20]

Since we have three methods for embedding this list, I don't think it hurts to
be explicit about which one it's for.

+    // Whether to staple the OCSP response.
+    bool staple_ocsp_response;
   };
 
   // Pass as the 'host' parameter during construction to server on 127.0.0.1