@RunWith(RobolectricTestRunner::class)
class AndroidAsyncDnsTest {
  @Test
  fun testDnsRequestInvalid() {
    val asyncDns = AndroidAsyncDns.IPv4
    val shadowDns: ShadowDnsResolver = Shadow.extract(asyncDns.resolver)

    shadowDns.responder = {
      throw IllegalArgumentException("Network.fromNetworkHandle refusing to instantiate NETID_UNSET Network.")
    }

    val dns = AsyncDns.toDns(asyncDns)

 * certificate.
 *
 * Use of the chain cleaner is necessary to omit unexpected certificates that aren't relevant to
 * the TLS handshake and to extract the trusted CA certificate for the benefit of certificate
 * pinning.
 */
abstract class CertificateChainCleaner {
  @Throws(SSLPeerUnverifiedException::class)
  abstract fun clean(
    chain: List<Certificate>,

 * limitations under the License.
 */
package okhttp3.testing

@Target(AnnotationTarget.CLASS, AnnotationTarget.FUNCTION)
@Retention(AnnotationRetention.RUNTIME)
/**
 * Annotation marking a test as flaky, and requires extra logging and linking against
 * a known github issue.  This does not ignore the failure.
 */

    }

    return if (cookies != null) {
      Collections.unmodifiableList(cookies)
    } else {
      emptyList()
    }
  }

  /**
   * Convert a request header to OkHttp's cookies via [HttpCookie]. That extra step handles
   * multiple cookies in a single request header, which [Cookie.parse] doesn't support.
   */
  private fun decodeHeaderAsJavaNetCookies(
    url: HttpUrl,
    header: String,
  ): List<Cookie> {

      scheme: slate
      primary: teal
      accent: blue
      toggle:
        icon: octicons/moon-24
        name: "Switch to Light Mode"
  features:
  - navigation.tabs

extra_css:
  - 'assets/css/app.css'

markdown_extensions:
  - smarty
  - footnotes
  - meta
  - toc:
      permalink: true
  - attr_list
  - pymdownx.betterem:
      smart_enable: all
  - pymdownx.caret

### [Routes](https://square.github.io/okhttp/4.x/okhttp/okhttp3/-route/)

Routes supply the **dynamic** information necessary to actually connect to a webserver. This is the specific IP address to attempt (as discovered by a DNS query), the exact proxy server to use (if a [ProxySelector](https://developer.android.com/reference/java/net/ProxySelector.html) is in use), and which version of TLS to negotiate (for HTTPS connections).

     *
     * **This feature is not supported on Android API levels less than 24.** Prior releases lacked
     * a mechanism to trust some hosts and not others.
     *
     * @param hostname the exact hostname from the URL for insecure connections.
     */
    fun addInsecureHost(hostname: String) =
      apply {
        insecureHosts += hostname
      }

    fun build(): HandshakeCertificates {

      }
      if (component[toAndFromUri!!] != codePointString) {
        fail("Encoding $component $codePoint using $encoding")
      }
      return
    }

    // Check that the URI and HttpURL have the exact same escaping.
    if (toAndFromUri != httpUrl) {
      fail("Encoding $component $codePoint using $encoding")
    }
    if (uri.toString() != httpUrl.toString()) {

  }

  @Test fun binarySearchEmptyRange() {
    assertEquals(-1, binarySearch(0, 0) { error("unexpected call") })
  }

  /** Confirm the compact table has the exact same behavior as the plain table. */
  @Test fun comparePlainAndCompactTables() {
    val buffer = Buffer()
    for (codePoint in 0..0x10ffff) {
      val allowedByTable = table.map(codePoint, buffer)

* **NEW:** TLSv1.3
* TLSv1.2
* TLSv1.1
* TLSv1

##### COMPATIBLE_TLS versions

* TLSv1

[OkHttp 3.11][OkHttp311]
------------------------

_2018-07-12_

Added a new extra strict RESTRICTED_TLS configuration inspired by [Google Cloud’s similar policy][googlecloud_ssl_policy]. It is appropriate when both the host platform
(JVM/Conscrypt/Android) and target webserver are current.