*     chain.proceed(chain.request())
     * }
     * ```
     */
    inline operator fun invoke(crossinline block: (chain: Chain) -> Response): Interceptor = Interceptor { block(it) }
  }

  interface Chain {
    fun request(): Request

    @Throws(IOException::class)
    fun proceed(request: Request): Response

    /**

      }
    }
  }

  /**
   * Not checking the CA bit created a vulnerability in old OkHttp releases. It is exploited by
   * triggering different chains to be discovered by the TLS engine and our chain cleaner. In this
   * attack there's several different chains.
   *
   *
   * The victim's gets a non-CA certificate signed by a CA, and pins the CA root and/or
   * intermediate. This is business as usual.
   *

    )
    fun getLevel(): Level = level

    @Throws(IOException::class)
    override fun intercept(chain: Interceptor.Chain): Response {
      val level = this.level

      val request = chain.request()
      if (level == Level.NONE) {
        return chain.proceed(request)
      }

      val logBody = level == Level.BODY
      val logHeaders = logBody || level == Level.HEADERS

          connectionPool = connectionPool,
          readTimeoutMillis = client.readTimeoutMillis,
          writeTimeoutMillis = client.writeTimeoutMillis,
          socketConnectTimeoutMillis = chain.connectTimeoutMillis,
          socketReadTimeoutMillis = chain.readTimeoutMillis,
          pingIntervalMillis = client.pingIntervalMillis,
          retryOnConnectionFailure = client.retryOnConnectionFailure,
          fastFallback = client.fastFallback,

    client: OkHttpClient,
    chain: RealInterceptorChain,
  ): ExchangeCodec {
    val socket = this.socket!!
    val source = this.source!!
    val sink = this.sink!!
    val http2Connection = this.http2Connection

    return if (http2Connection != null) {
      Http2ExchangeCodec(client, this, chain, http2Connection)
    } else {
      socket.soTimeout = chain.readTimeoutMillis()

    private fun createInsecureTrustManager(): X509TrustManager =
      object : X509TrustManager {
        override fun checkClientTrusted(
          chain: Array<X509Certificate>,
          authType: String,
        ) {}

        override fun checkServerTrusted(
          chain: Array<X509Certificate>,
          authType: String,
        ) {}

        override fun getAcceptedIssuers(): Array<X509Certificate> = arrayOf()

   *   .build();
   * ```
   */
  internal class LegacyRedirectInterceptor : Interceptor {
    override fun intercept(chain: Interceptor.Chain): Response {
      val response = chain.proceed(chain.request())
      val code = response.code
      if (code != HTTP_TEMP_REDIRECT && code != HTTP_PERM_REDIRECT) return response
      val method = response.request.method

    // Add a string with zero slashes: resulting URL gains one slash.
    assertThat(base.newBuilder().addPathSegments("").build().encodedPath)
      .isEqualTo("/a/b/c/")
    assertThat(base.newBuilder().addPathSegments("d").build().encodedPath)
      .isEqualTo("/a/b/c/d")

    // Add a string with one slash: resulting URL gains two slashes.

OkHttp 2.x Change Log
=====================

## Version 2.7.5

_2016-02-25_

 *  Fix: Change the certificate pinner to always build full chains. This
    prevents a potential crash when using certificate pinning with the Google
    Play Services security provider.


## Version 2.7.4

_2016-02-07_

 *  Fix: Don't crash when finding the trust manager if the Play Services (GMS)
    security provider is installed.

    `HandshakeCertificates` holds the TLS certificates required for a TLS handshake. On the server
    it keeps your `HeldCertificate` and its chain. On the client it keeps the root certificates
    that are trusted to sign a server's certificate chain. `HandshakeCertificates` also works with
    mutual TLS where these roles are reversed.