fileSystem.sink(outputFile).gzip().buffer().use { sink ->
        importResults.writeOut(sink)
      }
    }

  /**
   * These assertions ensure the [PublicSuffixDatabase] remains correct. The specification is
   * very flexible regarding wildcard rules, but this flexibility is not something currently used
   * in practice. To simplify the implementation, we've avoided implementing the flexible rules in

    inputStream.close()
    val elapsedNanos = System.nanoTime() - startNanos
    val elapsedMillis = TimeUnit.NANOSECONDS.toMillis(elapsedNanos)

    // If we're working correctly, this should be greater than 100ms, but less than double that.
    // Previously we had a bug where we would download the entire response body as long as no
    // individual read took longer than 100ms.

    constructor(rawSource: Source) {
      rawSource.use {
        val source = rawSource.buffer()
        val urlLine = source.readUtf8LineStrict()
        // Choice here is between failing with a correct RuntimeException
        // or mostly silently with an IOException
        url = urlLine.toHttpUrlOrNull() ?: throw IOException("Cache corruption for $urlLine").also {
          Platform.get().log("cache corruption", WARN, it)

    // Body contains nothing.
    assertThat(response.body.bytes().size).isEqualTo(0)
    assertThat(response.body.contentLength()).isEqualTo(0)

    // Content-Length header stays correctly.
    assertThat(response.header("content-length")).isEqualTo("5")
    val request = server.takeRequest()
    assertThat(request.requestLine).isEqualTo("HEAD /foo HTTP/1.1")
  }

  @ParameterizedTest

 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package okhttp3.testing

import android.os.Build
import com.amazon.corretto.crypto.provider.AmazonCorrettoCryptoProvider
import com.amazon.corretto.crypto.provider.SelfTestStatus
import java.lang.reflect.Method
import java.security.Security
import okhttp3.TestUtil
import okhttp3.internal.platform.ConscryptPlatform

  var s = typeSubtype.range.last + 1
  while (s < length) {
    val parameter = PARAMETER.matchAtPolyfill(this, s)
    require(parameter != null) {
      "Parameter is not formatted correctly: \"${substring(s)}\" for: \"$this\""
    }

    val name = parameter.groups[1]?.value
    if (name == null) {
      s = parameter.range.last + 1
      continue
    }

    )
    assertInvalid(
      "text/plain; a=\"@",
      "Parameter is not formatted correctly: \"a=\"@\" for: \"text/plain; a=\"@\"",
    )
    assertInvalid(
      "text/plain; a=1; b",
      "Parameter is not formatted correctly: \"b\" for: \"text/plain; a=1; b\"",
    )
    assertInvalid(
      "text/plain; a=1; b=",

    assertThat(frameLog(true, 3, 10000, TYPE_DATA, 0x20))
      .isEqualTo("<< 0x00000003 10000 DATA          COMPRESSED")
  }

  /**
   * Ensures that valid flag combinations appear visually correct, and invalid show in hex.  This
   * also demonstrates how sparse the lookup table is.
   */
  @Test
  fun allFormattedFlagsWithValidBits() {

    assertThat(request.tag<Any>()).isSameAs(objectTag)
    assertThat(request.tag(Any::class)).isSameAs(objectTag)
    assertThat(request.tag(String::class)).isSameAs(stringTag)

    // TODO check for Jvm or handle Long/long correctly
//    assertThat(request.tag(Long::class)).isSameAs(longTag)
  }

  /** Confirm that we don't accidentally share the backing map between objects. */
  @Test
  fun tagsAreImmutable() {
    val builder =

   * ```
   *
   * But this chain is wrong because the attackerSwitch certificate is being used in a CA role even
   * though it is not a CA certificate. There are pinned certificates in the chain! The correct
   * chain is much shorter because it skips the non-CA certificate.
   *
   * ```
   *   attackerCa
   *     -> attackerIntermediate
   *         -> phonyVictim
   * ```
   *