Improve the TLS intolerant server testing support added in r134129

(http://codereview.chromium.org/10218007).

Add the ability to simulate a server that is intolerant of only a
particular version of TLS. This will allow us to test the handling
of a TLS 1.1 intolerant server.

R=agl@chromium.org,phajdan.jr@chromium.org
BUG=126340
TEST=none

Review URL: https://chromiumcodereview.appspot.com/10412042

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@138537 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 12 insertions, 3 deletions

diff --git a/net/test/base_test_server.h b/net/test/base_test_server.h
index f7d5654..9456f37 100644
--- a/net/test/base_test_server.h
+++ b/net/test/base_test_server.h
@@ -85,6 +85,15 @@ class BaseTestServer {
       BULK_CIPHER_3DES   = (1 << 3),
     };
 
+    // NOTE: the values of these enumerators are passed to the the Python test
+    // server. Do not change them.
+    enum TLSIntolerantLevel {
+      TLS_INTOLERANT_NONE = 0,
+      TLS_INTOLERANT_ALL = 1,  // Intolerant of all TLS versions.
+      TLS_INTOLERANT_TLS1_1 = 2,  // Intolerant of TLS 1.1 or higher.
+      TLS_INTOLERANT_TLS1_2 = 3,  // Intolerant of TLS 1.2 or higher.
+    };
+
     // Initialize a new HTTPSOptions using CERT_OK as the certificate.
     HTTPSOptions();
 
@@ -127,9 +136,9 @@ class BaseTestServer {
     // /ssl-session-cache.
     bool record_resume;
 
-    // If true, the server will abort any TLS handshake in order to test
-    // SSLv3 fallback.
-    bool tls_intolerant;
+    // If not TLS_INTOLERANT_NONE, the server will abort any handshake that
+    // negotiates an intolerant TLS version in order to test version fallback.
+    TLSIntolerantLevel tls_intolerant;
   };
 
   // Pass as the 'host' parameter during construction to server on 127.0.0.1