}

  @Test
  fun testDefaultHandshakeCipherSuiteOrderingTls12Restricted() {
    // We are avoiding making guarantees on ordering of secondary Platforms.
    platform.assumeNotConscrypt()
    platform.assumeNotBouncyCastle()

    val client = makeClient(ConnectionSpec.RESTRICTED_TLS, TlsVersion.TLS_1_2)

    val handshake = makeRequest(client)

  @StartStop
  private val server = MockWebServer()

  @BeforeEach
  fun setup() {
    // BCX509ExtendedTrustManager not supported in TlsUtil.newTrustManager
    platform.assumeNotBouncyCastle()
  }

  @Test fun `untrusted host in insecureHosts connects successfully`() {
    val serverCertificates = platform.localhostHandshakeCertificates()
    server.useHttps(serverCertificates.sslSocketFactory())

    // System.setProperty("jdk.tls.server.enableSessionTicketExtension", "true")

    // IllegalStateException: Cannot resume session and session creation is disabled
    platform.assumeNotBouncyCastle()
  }

  @ParameterizedTest(name = "{displayName}({arguments})")
  @ValueSource(strings = ["TLSv1.2", "TLSv1.3"])
  @Flaky
  fun testSessionReuse(tlsVersion: String) {

    }
  private var acceptedHostName: String? = null

  @StartStop
  private val server = MockWebServer()

  @BeforeEach
  fun setUp() {
    // Test designed for Conscrypt and JSSE
    platform.assumeNotBouncyCastle()
  }

  @ParameterizedTest
  @MethodSource("connectionTypes")
  fun testConnection(socketMode: SocketMode) {
    // https://github.com/square/okhttp/pull/6554
    assumeFalse(

      .connectionPool(ConnectionPool(connectionListener = listener))
      .fastFallback(fastFallback)
      .build()

  @BeforeEach
  fun setUp() {
    platform.assumeNotOpenJSSE()
    platform.assumeNotBouncyCastle()
    listener.forbidLock(get(client.connectionPool))
    listener.forbidLock(client.dispatcher)
  }

  @ParameterizedTest
  @ValueSource(booleans = [true, false])
  fun successfulCallEventSequence() {

  private lateinit var clientIntermediateCa: HeldCertificate
  private lateinit var clientCert: HeldCertificate

  @BeforeEach
  fun setUp() {
    platform.assumeNotOpenJSSE()
    platform.assumeNotBouncyCastle()
    serverRootCa =
      HeldCertificate
        .Builder()
        .serialNumber(1L)
        .certificateAuthority(1)
        .commonName("root")
        .addSubjectAlternativeName("root_ca.com")

    enableProtocol(Protocol.HTTP_2)
    noRecoverWhenRetryOnConnectionFailureIsFalse()
  }

  @Test
  fun tlsHandshakeFailure_noFallbackByDefault() {
    platform.assumeNotBouncyCastle()

    server.useHttps(handshakeCertificates.sslSocketFactory())
    server.enqueue(MockResponse.Builder().failHandshake().build())
    server.enqueue(MockResponse(body = "response that will never be received"))

    assertThat(handshake.peerPrincipal).isNull()
    assertThat(handshake.peerCertificates.size).isEqualTo(0)
  }

  @Test
  fun httpsWithClientAuth() {
    platform.assumeNotBouncyCastle()
    platform.assumeNotConscrypt()
    val clientCa =
      HeldCertificate
        .Builder()
        .certificateAuthority(0)
        .build()
    val serverCa =
      HeldCertificate

  private val dns = FakeDns()
  private lateinit var url: HttpUrl
  private lateinit var serverIps: List<InetAddress>

  @BeforeEach
  fun setUp() {
    platform.assumeHttp2Support()
    platform.assumeNotBouncyCastle()
    rootCa =
      HeldCertificate
        .Builder()
        .serialNumber(1L)
        .certificateAuthority(0)
        .commonName("root")
        .build()
    certificate =
      HeldCertificate

  var platform = PlatformRule()

  @RegisterExtension
  var clientTestRule = OkHttpClientTestRule()

  @StartStop
  private val server = MockWebServer()

  @BeforeEach
  fun setup() {
    platform.assumeNotBouncyCastle()
  }

  /**
   * The pinner should pull the root certificate from the trust manager.
   */
  @Test
  fun pinRootNotPresentInChain() {
    // Fails on 11.0.1 https://github.com/square/okhttp/issues/4703