// Every returned chain should match 1 expected chain (or <2 if testing against the system)
	for _, chain := range chains {
		nMatched := 0
		for _, expectedChain := range test.expectedChains {
			if doesMatch(expectedChain, chain) {
				nMatched++
			}
		}
		// Allow additional unknown chains if systemLax is set
		if nMatched == 0 && test.systemLax == false || nMatched > 1 {

  static class GzipRequestInterceptor implements Interceptor {
    @Override public Response intercept(Chain chain) throws IOException {
      Request originalRequest = chain.request();
      if (originalRequest.body() == null || originalRequest.header("Content-Encoding") != null) {
        return chain.proceed(originalRequest);
      }

      Request compressedRequest = originalRequest.newBuilder()

	}

	return chains, nil
}

func appendToFreshChain(chain []*Certificate, cert *Certificate) []*Certificate {
	n := make([]*Certificate, len(chain)+1)
	copy(n, chain)
	n[len(chain)] = cert
	return n
}

// alreadyInChain checks whether a candidate certificate is present in a chain.
// Rather than doing a direct byte for byte equivalency check, we check if the

    val connection = AtomicReference<Connection?>()
    client =
      client.newBuilder()
        .addNetworkInterceptor(
          Interceptor { chain: Interceptor.Chain? ->
            connection.set(chain!!.connection())
            chain.proceed(chain.request())
          },
        )
        .build()
    dns["san.com"] = Dns.SYSTEM.lookup(server.hostName).subList(0, 1)

      this.host = host;
    }

    @Override public Response intercept(Chain chain) throws IOException {
      Request request = chain.request();
      if (request.url().host().equals(host)) {
        request = request.newBuilder()
            .header("Authorization", credentials)
            .build();
      }
      return chain.proceed(request);
    }
  }

        install using task: :installSomeExeExecutable
        build type: build type 'debug'
        flavor: flavor 'default'
        target platform: platform '$currentNative'
        tool chain: Tool chain 'clang' (Clang)
        executable file: build/exe/someExe/someExe

Cunit test suite 'someExeTest'
------------------------------

Source sets
    C source 'someExeTest:c'
        srcDir: src/someExeTest/c

upgradeNotes:
  - title: PeerAuthentication per-port-level configuration will now also apply to pass through filter chains.
    content: |
      Previously the PeerAuthentication per-port-level configuration is ignored if the port number is not defined in a
      service and the traffic will be handled by a pass through filter chain. Now the per-port-level setting will be

   * already been determined.
   */
  public abstract <T extends @Nullable Object> ComparisonChain compare(
      @ParametricNullness T left, @ParametricNullness T right, Comparator<T> comparator);

  /**
   * Compares two {@code int} values as specified by {@link Ints#compare}, <i>if</i> the result of
   * this comparison chain has not already been determined.
   */

        tool chain: Tool chain 'clang' (Clang)
        shared library file: build/libs/nativeLib/shared/libnativeLib.dylib
    Static library 'nativeLib:staticLibrary'
        build using task: :nativeLibStaticLibrary
        build type: build type 'debug'
        flavor: flavor 'default'
        target platform: platform '$currentNative'
        tool chain: Tool chain 'clang' (Clang)

 *    server's hostname. The server must also have is a (possibly-empty) chain of intermediate
 *    certificates to establish trust from a root certificate to the server's certificate. The root
 *    certificate is not included in this chain.
 *  * The client's handshake certificates must include a set of trusted root certificates. They will
 *    be used to authenticate the server's certificate chain. Typically this is a set of well-known