): Boolean =
    if (!host.isAscii()) {
      false
    } else {
      try {
        verify(host, session.peerCertificates[0] as X509Certificate)
      } catch (_: SSLException) {
        false
      }
    }

  fun verify(
    host: String,
    certificate: X509Certificate,
  ): Boolean =
    when {
      host.canParseAsIpAddress() -> verifyIpAddress(host, certificate)

            x509Certificates: Array<X509Certificate>,
            s: String,
          ) {
          }

          override fun checkServerTrusted(
            x509Certificates: Array<X509Certificate>,
            s: String,
          ) {
          }

          override fun getAcceptedIssuers(): Array<X509Certificate> = arrayOf()
        }

 * limitations under the License.
 */
package okhttp3

import java.io.IOException
import java.security.Principal
import java.security.cert.Certificate
import java.security.cert.X509Certificate
import javax.net.ssl.SSLPeerUnverifiedException
import javax.net.ssl.SSLSession
import okhttp3.internal.toImmutableList

/**

        override fun checkClientTrusted(
          chain: Array<out X509Certificate>?,
          authType: String?,
        ) {}

        override fun checkServerTrusted(
          chain: Array<out X509Certificate>?,
          authType: String?,
        ) {}

        override fun getAcceptedIssuers(): Array<X509Certificate> = arrayOf()
      }

    val sslContext =

  ) = check(hostname) {
    (certificateChainCleaner?.clean(peerCertificates, hostname) ?: peerCertificates)
      .map { it as X509Certificate }
  }

  internal fun check(
    hostname: String,
    cleanedPeerCertificatesFn: () -> List<X509Certificate>,
  ) {
    val pins = findMatchingPins(hostname)
    if (pins.isEmpty()) return

    val peerCertificates = cleanedPeerCertificatesFn()

import java.security.Principal
import java.security.cert.Certificate
import javax.net.ssl.SSLPeerUnverifiedException
import javax.net.ssl.SSLSession
import javax.net.ssl.SSLSessionContext
import javax.security.cert.X509Certificate

class FakeSSLSession(
  vararg val certificates: Certificate,
) : SSLSession {
  override fun getApplicationBufferSize(): Int = throw UnsupportedOperationException()

 * limitations under the License.
 */
package okhttp.android.test.letsencrypt

import android.os.Build
import assertk.assertThat
import assertk.assertions.isEqualTo
import java.security.cert.X509Certificate
import okhttp3.OkHttpClient
import okhttp3.Protocol
import okhttp3.Request
import okhttp3.tls.HandshakeCertificates
import okhttp3.tls.decodeCertificatePem
import org.junit.jupiter.api.Tag

import java.security.Principal
import java.security.cert.Certificate
import javax.net.ssl.SSLPeerUnverifiedException
import javax.net.ssl.SSLSession
import javax.net.ssl.SSLSessionContext
import javax.security.cert.X509Certificate

/** An [SSLSession] that delegates all calls.  */
abstract class DelegatingSSLSession(
  protected val delegate: SSLSession?,
) : SSLSession {
  override fun getId(): ByteArray = delegate!!.id

 */
package okhttp.android.test.sni

import android.os.Build
import android.util.Log
import assertk.assertThat
import assertk.assertions.contains
import assertk.assertions.isEqualTo
import java.security.cert.X509Certificate
import javax.net.ssl.SNIHostName
import javax.net.ssl.SNIServerName
import javax.net.ssl.SSLSocket
import javax.net.ssl.SSLSocketFactory
import okhttp3.DelegatingSSLSocketFactory
import okhttp3.Dns

 * limitations under the License.
 */
package okhttp3.internal.platform

import java.security.KeyStore
import java.security.Provider
import java.security.cert.X509Certificate
import javax.net.ssl.SSLContext
import javax.net.ssl.SSLSession
import javax.net.ssl.SSLSocket
import javax.net.ssl.SSLSocketFactory
import javax.net.ssl.TrustManager
import javax.net.ssl.TrustManagerFactory