* requires us to have a DNS address for both hosts, which only happens after route planning. We
   * can't coalesce connections that use a proxy, since proxies don't tell us the origin server's IP
   * address.
   */
  private fun routeMatchesAny(candidates: List<Route>): Boolean {
    return candidates.any {
      it.proxy.type() == Proxy.Type.DIRECT &&

 * may cause corruption or runtime errors if not. It may however be shared amongst multiple OkHttpClient
 * instances.
 *
 * ## Cache Optimization
 *
 * To measure cache effectiveness, this class tracks three statistics:
 *
 *  * **[Request Count:][requestCount]** the number of HTTP requests issued since this cache was
 *    created.

  override fun hashCode(): Int = commonHashCode()

  /**
   * Returns header names and values. The names and values are separated by `: ` and each pair is
   * followed by a newline character `\n`.
   *
   * Since OkHttp 5 this redacts these sensitive headers:
   *
   *  * `Authorization`
   *  * `Cookie`
   *  * `Proxy-Authorization`
   *  * `Set-Cookie`
   */
  override fun toString(): String = commonToString()

          conditionValue = etag
        }

        lastModified != null -> {
          conditionName = "If-Modified-Since"
          conditionValue = lastModifiedString
        }

        servedDate != null -> {
          conditionName = "If-Modified-Since"
          conditionValue = servedDateString
        }

    // Manually write an invalid masked close frame.
    server.sink.write("888760b420bb635c68de0cd84f".decodeHex()).emit()
    client.processNextFrame() // Detects error, disconnects immediately since close already sent.
    client.webSocket!!.finishReader()
    assertThat(client.closed).isTrue()
    client.listener.assertFailure(
      ProtocolException::class.java,
      "Server-sent frames must not be masked.",

     * Configure the certificate to generate a 256-bit ECDSA key, which provides about 128 bits of
     * security. ECDSA keys are noticeably faster than RSA keys.
     *
     * This is the default configuration and has been since this API was introduced in OkHttp
     * 3.11.0. Note that the default may change in future releases.
     */
    fun ecdsa256() =
      apply {
        keyAlgorithm = "EC"
        keySize = 256
      }

    println("Proxy Server 1 is ${server1.inetSocketAddress}")
    println("Proxy Server 2 is ${server2.inetSocketAddress}")

    // Since myproxy:8008 won't resolve, redirect with DNS to proxyServer1
    // Then redirect socket connection to server1
    dns["myproxy"] = listOf(proxyServer1)
    socketFactory[proxyServer1] = server1.inetSocketAddress

  }

  /**
   * Earlier implementations of Android's hostname verifier required that wildcard names wouldn't
   * match "*.com" or similar. This was a nonstandard check that we've since dropped. It is the CA's
   * responsibility to not hand out certificates that match so broadly.
   */
  @Test fun wildcardsDoesNotNeedTwoDots() {

      this.withLock {
        try {
          while (writeBytesTotal >= writeBytesMaximum) {
            // Before blocking, confirm that the stream we're writing is still open. It's possible
            // that the stream has since been closed (such as if this write timed out.)
            if (!streams.containsKey(streamId)) {
              throw IOException("stream closed")
            }

        requestBuilder.removeHeader("Content-Type")
      }
    }

    // When redirecting across hosts, drop all authentication headers. This
    // is potentially annoying to the application layer since they have no
    // way to retain them.
    if (!userResponse.request.url.canReuseConnectionFor(url)) {
      requestBuilder.removeHeader("Authorization")
    }

    return requestBuilder.url(url).build()
  }