* simple approach would be for each caller CAS it from null to a Set populated with its
     * exception. But there's another race: If the first thread fails with an exception and a second
     * thread immediately fails with the same exception:
     *
     * Thread1: calls setException(), which returns true, context switch before it can CAS
     * seenExceptionsField to its exception
     *

// Some Android 5.0.x Samsung devices have bugs in JDK reflection APIs that cause
// getDeclaredField to throw a NoSuchFieldException when the field is definitely there.
// Since this class only needs CAS on one field, we can avoid this bug by extending AtomicReference
// instead of using an AtomicReferenceFieldUpdater. This reference stores Thread instances
// and DONE/INTERRUPTED - they have a common ancestor of Runnable.

     */
    Waiter(boolean unused) {}

    Waiter() {
      // avoid volatile write, write is made visible by subsequent CAS on waitersField field
      putThread(this, Thread.currentThread());
    }

    // non-volatile write to the next field. Should be made visible by a subsequent CAS on
    // waitersField.
    void setNext(@Nullable Waiter next) {
      putNext(this, next);
    }

    void unpark() {

     */
    Waiter(boolean unused) {}

    Waiter() {
      // avoid volatile write, write is made visible by subsequent CAS on waitersField field
      putThread(this, Thread.currentThread());
    }

    // non-volatile write to the next field. Should be made visible by a subsequent CAS on
    // waitersField.
    void setNext(@Nullable Waiter next) {
      putNext(this, next);
    }

    void unpark() {

            // throwables or completion values.
            newFuture.setFuture(oldFuture);
          } else if (outputFuture.isCancelled() && taskExecutor.trySetCancelled()) {
            // If this CAS succeeds, we know that the provided callable will never be invoked,
            // so when oldFuture completes it is safe to allow the next submitted task to

import okhttp3.Request.Builder
import okhttp3.tls.HandshakeCertificates
import okhttp3.tls.decodeCertificatePem

class CustomTrust {
  // PEM files for root certificates of Comodo and Entrust. These two CAs are sufficient to view
  // https://publicobject.com (Comodo) and https://squareup.com (Entrust). But they aren't
  // sufficient to connect to most HTTPS sites including https://godaddy.com and https://visa.com.

      boolean uncontended = true;
      if ((hc = threadHashCode.get()) == null
          || as == null
          || (n = as.length) < 1
          || (a = as[(n - 1) & hc[0]]) == null
          || !(uncontended = a.cas(v = a.value, v + x))) retryUpdate(x, hc, uncontended);
    }
  }

  /** Equivalent to {@code add(1)}. */
  @Override
  public void increment() {
    add(1L);
  }

  /** Equivalent to {@code add(-1)}. */

    // The attacker compromises the root CA, issues an intermediate with the same common name
    // "intermediate_ca" as the good CA. This signs a rogue certificate for localhost. The server
    // serves the good CAs certificate in the chain, which means the certificate pinner sees a
    // different set of certificates than the SSL verifier.
    val compromisedIntermediateCa =
      HeldCertificate
        .Builder()

internal object CertificateAdapters {
  /**
   * ```
   * Time ::= CHOICE {
   *   utcTime        UTCTime,
   *   generalTime    GeneralizedTime
   * }
   * ```
   *
   * RFC 5280, section 4.1.2.5:
   *
   * > CAs conforming to this profile MUST always encode certificate validity dates through the year
   * > 2049 as UTCTime; certificate validity dates in 2050 or later MUST be encoded as
   * > GeneralizedTime.
   */

 * chain. The chain terminates in a self-signed "root" certificate. Signing certificates in the
 * middle of the chain are called "intermediates". Organizations that offer certificate signing are
 * called certificate authorities (CAs).
 *
 * Browsers and other HTTP clients need a set of trusted root certificates to authenticate their
 * peers. Sets of root certificates are managed by either the HTTP client (like Firefox), or the