import okhttp3.Call
import okhttp3.Callback
import okhttp3.Response
import okhttp3.internal.closeQuietly
import okio.IOException

@ExperimentalCoroutinesApi // resume with a resource cleanup.
suspend fun Call.executeAsync(): Response =
  suspendCancellableCoroutine { continuation ->
    continuation.invokeOnCancellation {
      this.cancel()
    }
    this.enqueue(
      object : Callback {

    }

    override fun secureConnectEnd(
      call: Call,
      handshake: Handshake?,
    ) {
      logger.removeHandler(loggerHandler)
    }

    override fun callEnd(call: Call) {
      // Cleanup log handler if failed.
      logger.removeHandler(loggerHandler)
    }

    override fun connectionAcquired(
      call: Call,
      connection: Connection,
    ) {
      if (random != null) {

  private val routePlanner = FakeRoutePlanner()
  private val factory = routePlanner.factory
  private val taskFaker = routePlanner.taskFaker
  private val peer = MockHttp2Peer()

  /** The fake task runner prevents the cleanup runnable from being started.  */
  private val addressA = factory.newAddress("a")
  private val routeA1 = factory.newRoute(addressA)
  private val addressB = factory.newAddress("b")

   * simultaneously adopted and removed.
   */
  private val connections = ConcurrentLinkedQueue<RealConnection>()

  init {
    // Put a floor on the keep alive duration, otherwise cleanup will spin loop.
    require(keepAliveDuration > 0L) { "keepAliveDuration <= 0: $keepAliveDuration" }
  }

  fun idleConnectionCount(): Int {
    return connections.count {
      it.withLock { it.calls.isEmpty() }

        Array<X509Certificate>::class.java,
        String::class.java,
        String::class.java,
      )
    } catch (_: NoSuchMethodException) {
      null
    }

  /** Android method to clean and sort certificates, called via reflection. */
  @Suppress("unused", "UNCHECKED_CAST")
  fun checkServerTrusted(
    chain: Array<out X509Certificate>,
    authType: String,
    host: String,
  ): List<Certificate> {

    client =
      client.newBuilder()
        // Since this test knowingly leaks a connection, avoid using the default shared connection
        // pool, which should remain clean for subsequent tests.
        .connectionPool(ConnectionPool())
        .addNetworkInterceptor(
          Interceptor { chain: Interceptor.Chain? ->
            val response =
              chain!!.proceed(

      }
    }
  }

  /**
   * Not checking the CA bit created a vulnerability in old OkHttp releases. It is exploited by
   * triggering different chains to be discovered by the TLS engine and our chain cleaner. In this
   * attack there's several different chains.
   *
   *
   * The victim's gets a non-CA certificate signed by a CA, and pins the CA root and/or
   * intermediate. This is business as usual.
   *

import java.security.cert.X509Certificate
import java.util.ArrayDeque
import java.util.Deque
import javax.net.ssl.SSLPeerUnverifiedException

/**
 * A certificate chain cleaner that uses a set of trusted root certificates to build the trusted
 * chain. This class duplicates the clean chain building performed during the TLS handshake. We
 * prefer other mechanisms where they exist, such as with

     * be used.
     *
     * @deprecated [SSLSocketFactory] does not expose its [X509TrustManager], which is a field that
     *     OkHttp needs to build a clean certificate chain. This method instead must use reflection
     *     to extract the trust manager. Applications should prefer to call
     *     `sslSocketFactory(SSLSocketFactory, X509TrustManager)`, which avoids such reflection.

    println("\n\nRequest to ${server2.inetSocketAddress}")
    executeSynchronously(request)
      .apply {
        // We may have a single failed request if not clean shutdown
        if (cleanShutdown) {
          assertSuccessful()
          assertCode(200)

          assertThat(server2.requestCount).isEqualTo(1)
        } else {