fullBuffer.read(bytesOut, lastFrame.start + length)
    outFrames.add(OutFrame(lastFrame.sequence, lastFrame.start, true))
    return writer
  }

  fun takeFrame(): InFrame = inFrames.take()

  fun play() {
    check(serverSocket == null)
    serverSocket = ServerSocket()
    serverSocket!!.reuseAddress = false
    serverSocket!!.bind(InetSocketAddress("localhost", 0), 1)
    port = serverSocket!!.localPort

      try {
        ProviderInstaller.installIfNeeded(InstrumentationRegistry.getInstrumentation().targetContext)
      } catch (gpsnae: GooglePlayServicesNotAvailableException) {
        throw TestAbortedException("Google Play Services not available", gpsnae)
      }

      val request = Request.Builder().url("https://facebook.com/robots.txt").build()

      var socketClass: String? = null

configuration history is [tracked here](../security/tls_configuration_history.md).

Applications expected to be installed on older Android devices should consider adopting the
[Google Play Services’ ProviderInstaller][provider_installer]. This will increase security for users
and increase connectivity with web servers.

### Certificate Pinning ([.kt][CertificatePinningKotlin], [.java][CertificatePinningJava])

_2016-02-25_

 *  Fix: Change the certificate pinner to always build full chains. This
    prevents a potential crash when using certificate pinning with the Google
    Play Services security provider.


## Version 2.7.4

_2016-02-07_

 *  Fix: Don't crash when finding the trust manager if the Play Services (GMS)
    security provider is installed.
 *  Fix: The previous release introduced a performance regression on Android,

    for (int i = 0; i < reps; i++) {
      Integer key = keys.get(random.nextInt(nKeys));
      // This range is [-5, 4] - slight negative bias so we often hit zero, which brings the
      // auto-removal of zeroes into play.
      int delta = random.nextInt(10) - 5;
      blah += delta;
      if (delta >= 0) {
        multiset.add(key, delta);
      } else {
        multiset.remove(key, -delta);
      }
    }

    to change, and the implementation is incomplete. This is a big new API we
    are eager for feedback.

 *  New: Support ALPN via Google Play Services' Dynamic Security Provider. This
    expands HTTP/2 support to older Android devices that have Google Play
    Services.
 *  New: Consider all routes when looking for candidate coalesced connections.
    This increases the likelihood that HTTP/2 connections will be shared.

If you want to play with JWT tokens and see how they work, check [https://jwt.io](https://jwt.io/).

## Install `PyJWT` { #install-pyjwt }

We need to install `PyJWT` to generate and verify the JWT tokens in Python.

letter, nearly as large as himself, and this he handed over to
the other, saying, in a solemn tone, `For the Duchess.  An
invitation from the Queen to play croquet.'  The Frog-Footman
repeated, in the same solemn tone, only changing the order of the
words a little, `From the Queen.  An invitation for the Duchess
to play croquet.'

  Then they both bowed low, and their curls got entangled
together.

letter, nearly as large as himself, and this he handed over to
the other, saying, in a solemn tone, `For the Duchess.  An
invitation from the Queen to play croquet.'  The Frog-Footman
repeated, in the same solemn tone, only changing the order of the
words a little, `From the Queen.  An invitation for the Duchess
to play croquet.'

  Then they both bowed low, and their curls got entangled
together.

            return callable.call();
          }

          @Override
          public String toString() {
            return callable.toString();
          }
        };
    /*
     * Four futures are at play here:
     * taskFuture is the future tracking the result of the callable.
     * newFuture is a future that completes after this and all prior tasks are done.
     * oldFuture is the previous task's newFuture.