certificateChainCleaner = null,
      )
    }
  }

  override fun withHostnameVerifier(hostnameVerifier: HostnameVerifier): Interceptor.Chain {
    check(exchange == null) { "hostnameVerifier can't be adjusted in a network interceptor" }

    return copy(hostnameVerifier = hostnameVerifier)
  }

  override fun withCertificatePinner(certificatePinner: CertificatePinner): Interceptor.Chain {

    }

    object HostnameVerifierOverride : Override<HostnameVerifier> {
      override fun Interceptor.Chain.value(): HostnameVerifier = hostnameVerifier

      override fun Interceptor.Chain.withOverride(value: HostnameVerifier): Interceptor.Chain = withHostnameVerifier(value)

      override fun OkHttpClient.Builder.withOverride(value: HostnameVerifier): OkHttpClient.Builder = hostnameVerifier(value)

     */
    val x509TrustManagerOrNull: X509TrustManager?

    /**
     * Returns the [HostnameVerifier] for the OkHttpClient, or an override from the Call.Chain.
     */
    val hostnameVerifier: HostnameVerifier

    /**
     * Override the [HostnameVerifier] for the Call.Chain.
     *
     * @throws IllegalStateException if this is a Network Interceptor, since the override is too late.

    val proxySelector: ProxySelector = address.proxySelector
    val sslSocketFactory: SSLSocketFactory? = address.sslSocketFactory
    val hostnameVerifier: HostnameVerifier? = address.hostnameVerifier
    val certificatePinner: CertificatePinner? = address.certificatePinner
  }

  @Test
  fun authenticator() {

	public final fun dns ()Lokhttp3/Dns;
	public fun equals (Ljava/lang/Object;)Z
	public fun hashCode ()I
	public final fun hostnameVerifier ()Ljavax/net/ssl/HostnameVerifier;
	public final fun protocols ()Ljava/util/List;
	public final fun proxy ()Ljava/net/Proxy;
	public final fun proxyAuthenticator ()Lokhttp3/Authenticator;
	public final fun proxySelector ()Ljava/net/ProxySelector;
	public final fun socketFactory ()Ljavax/net/SocketFactory;

    )
    val hostnameVerifier = RecordingHostnameVerifier()
    client =
      client
        .newBuilder()
        .sslSocketFactory(
          handshakeCertificates.sslSocketFactory(),
          handshakeCertificates.trustManager,
        ).proxy(server.proxyAddress)
        .hostnameVerifier(hostnameVerifier)
        .build()
    val request =
      Request

	public final fun dns ()Lokhttp3/Dns;
	public fun equals (Ljava/lang/Object;)Z
	public fun hashCode ()I
	public final fun hostnameVerifier ()Ljavax/net/ssl/HostnameVerifier;
	public final fun protocols ()Ljava/util/List;
	public final fun proxy ()Ljava/net/Proxy;
	public final fun proxyAuthenticator ()Lokhttp3/Authenticator;
	public final fun proxySelector ()Ljava/net/ProxySelector;
	public final fun socketFactory ()Ljavax/net/SocketFactory;

 * They specify that the call may be plaintext (`http`) or encrypted (`https`), but not which cryptographic algorithms should be used. Nor do they specify how to verify the peer's certificates (the [HostnameVerifier](https://developer.android.com/reference/javax/net/ssl/HostnameVerifier.html)) or which certificates can be trusted (the [SSLSocketFactory](https://developer.android.com/reference/org/apache/http/conn/ssl/SSLSocketFactory.html)).

```

With a server that holds a certificate and a client that trusts it we have enough for an HTTPS
handshake. The best part of this example is that we don't need to make our test code insecure with a
a fake `HostnameVerifier` or `X509TrustManager`.

Certificate Authorities
-----------------------

The above example uses a self-signed certificate. This is convenient for testing but not

import java.util.Date
import java.util.Locale
import java.util.TimeZone
import java.util.concurrent.TimeUnit
import java.util.concurrent.atomic.AtomicReference
import java.util.stream.Stream
import javax.net.ssl.HostnameVerifier
import kotlin.test.assertFailsWith
import mockwebserver3.MockResponse
import mockwebserver3.MockWebServer
import mockwebserver3.RecordedRequest
import mockwebserver3.SocketEffect.ShutdownConnection