failures++
		} else if dur > maxDur {
			maxDur = dur
		}
	}

	failPct := float64(failures) / float64(len(entries))

	if failPct > dynamicTimeoutIncreaseThresholdPct {
		// We are hitting the timeout too often, so increase the timeout by 25%
		timeout := min(
			// Set upper cap.
			atomic.LoadInt64(&dt.timeout)*125/100, int64(maxDynamicTimeout))
		// Safety, shouldn't happen
		if timeout < dt.minimum {

      // The last link isn't trusted. Fail.
      throw SSLPeerUnverifiedException(
        "Failed to find a trusted cert that signed $toVerify",
      )
    }

    throw SSLPeerUnverifiedException("Certificate chain too long: $result")
  }

  /**
   * Returns true if [toVerify] was signed by [signingCert]'s public key.
   *
   * @param minIntermediates the minimum number of intermediate certificates in [signingCert]. This

  public void testPutAllNullValueSingle_unsupported() {
    multimap().putAll(k1(), newArrayList((V) null));
    expectUnchanged();
  }

  // In principle, it would be nice to apply these two tests to keys with existing values, too.

  @MapFeature.Require(value = SUPPORTS_PUT, absent = ALLOWS_NULL_VALUES)
  public void testPutAllNullValueNullLast_unsupported() {
    int size = getNumElements();

    assertThrows(

     *
     * @see jcifs.util.transport.Response#verifySignature(byte[], int, int)
     */
    @Override
    public boolean verifySignature(final byte[] buffer, final int i, final int size) {
        // observed too that signatures on error responses are sometimes wrong??
        // Looks like the failure case also is just reflecting back the signature we sent

 *   <li>missing artifacts</li>
 *   <li>network/transfer errors</li>
 *   <li>file system errors: permissions</li>
 * </ul>
 *
 * TODO carlos: all these possible has*Exceptions and get*Exceptions methods make the clients too
 *       complex requiring a long list of checks, need to create a parent/interface/encapsulation
 *       for the types of exceptions
 */
@Deprecated
public class ArtifactResolutionResult {

	if len(args.Resources) > maxDeleteList {
		return false, fmt.Errorf("internal error: localLocker.Lock called with more than %d resources", maxDeleteList)
	}

	// If we have too many waiting, reject this at once.
	if l.waitMutex.Load() > lockMutexWaitLimit {
		l.locksOverloaded.Add(1)
		return false, nil
	}
	// Wait for mutex
	defer l.getMutex()()
	if ctx.Err() != nil {

   */
  /*
   * The new array contains nulls, even if the old array did not. If we wanted to be accurate, we
   * would declare a return type of `@Nullable T[]`. However, we've decided not to think too hard
   * about arrays for now, as they're a mess. (We previously discussed this in the review of
   * ObjectArrays, which is the main caller of this method.)
   */

		HTTPStatusCode: http.StatusBadRequest,
	},
	ErrSTSTooManyIntermediateCAs: {
		Code:           "TooManyIntermediateCAs",
		Description:    "The provided client certificate contains too many intermediate CA certificates",
		HTTPStatusCode: http.StatusBadRequest,
	},
	ErrSTSNotInitialized: {
		Code:           "STSNotInitialized",
		Description:    "STS API not initialized, please try again.",

    }

    @Override
    protected int doReceiveFragment(final byte[] buf) throws IOException {
        if (buf.length < getMaxRecv()) {
            throw new IllegalArgumentException("buffer too small");
        }

        int off = this.handle.recv(buf, 0, buf.length);
        if (buf[0] != 5 || buf[1] != 0) {
            throw new IOException("Unexpected DCERPC PDU header");
        }

            assertArrayEquals("Hello".getBytes(), java.util.Arrays.copyOfRange(buffer, 0, 5));
        }

        @Test
        @DisplayName("readn should throw IOException when buffer too short")
        void shouldThrowWhenBufferTooShort() {
            InputStream is = new ByteArrayInputStream("test".getBytes());
            assertThrows(IOException.class, () -> Transport.readn(is, new byte[5], 0, 10));