Preserve transport errors for OpenSSL sockets.

third_party/tlslite/tlslite/handshakesettings.py

Index: third_party/tlslite/tlslite/handshakesettings.py
diff --git a/third_party/tlslite/tlslite/handshakesettings.py b/third_party/tlslite/tlslite/handshakesettings.py
index e0bc0e661c5712a3d28e49ef8539510b1f91f27e..5a493bab6269d2e793cd64745a35257858842037 100644
--- a/third_party/tlslite/tlslite/handshakesettings.py
+++ b/third_party/tlslite/tlslite/handshakesettings.py
@@ -92,6 +92,20 @@ class HandshakeSettings(object):
     The default is (3,2).  (WARNING: Some servers may (improperly)
     reject clients which offer support for TLS 1.1.  In this case,
     try lowering maxVersion to (3,1)).
+
+    @type tlsIntolerant: tuple
+    @ivar tlsIntolerant: TLS version intolerance for servers.
+
+    If tlsIntolerant is not None, the server will simulate TLS version
+    intolerance by returning a fatal handshake_failure alert or a TCP reset to
+    all TLS versions tlsIntolerant or higher.
+
+    @type resetOnIntolerance: bool
+    @ivar resetOnIntolerance: Whether to send a TCP reset on TLS intolerance.
+
+    If resetOnIntolerance is True, the server will simulate TLS version
+    intolerance with a TCP reset rather than with a fatal handshake_failuer
+    alert.
     
     @type useExperimentalTackExtension: bool
     @ivar useExperimentalTackExtension: Whether to enabled TACK support.
@@ -109,6 +123,8 @@ class HandshakeSettings(object):
         self.certificateTypes = CERTIFICATE_TYPES
         self.minVersion = (3,0)
         self.maxVersion = (3,2)
+        self.tlsIntolerant = None
+        self.resetOnIntolerance = False
         self.useExperimentalTackExtension = False
 
     # Validates the min/max fields, and certificateTypes
@@ -124,6 +140,8 @@ class HandshakeSettings(object):
         other.certificateTypes = self.certificateTypes
         other.minVersion = self.minVersion
         other.maxVersion = self.maxVersion
+        other.tlsIntolerant = self.tlsIntolerant
+        other.resetOnIntolerance = self.resetOnIntolerance
 
         if not cipherfactory.tripleDESPresent:
             other.cipherNames = [e for e in self.cipherNames if e != "3des"]