* share the same [Address] may share a [Connection]. This class implements the policy
 * of which connections to keep open for future use.
 *
 * @constructor Create a new connection pool with tuning parameters appropriate for a single-user
 * application. The tuning parameters in this pool are subject to change in future OkHttp releases.
 * Currently this pool holds up to 5 idle connections which will be evicted after 5 minutes of
 * inactivity.
 */

 * transforms the file into an efficient format used by OkHttp.
 *
 *
 * The intent is to use this class to update the list periodically by manually running the main
 * method. This should be run from the top-level okhttp directory.
 *
 *
 * The resulting file is used by [PublicSuffixDatabase].
 */
class PublicSuffixListGenerator(
  projectRoot: Path = ".".toPath(),

    the OkHttp version in custom `User-Agent` headers.

 *  Fix: Don't crash when running as a plugin in Android Studio Canary 4.1. To enable
    platform-specific TLS features OkHttp must detect whether it's running in a JVM or in Android.
    The upcoming Android Studio runs in a JVM but has classes from Android and that confused OkHttp!

    // This explicit check avoids activating in Android Studio with Android specific classes
    // available when running plugins inside the IDE.
    val isAndroid: Boolean
      get() = "Dalvik" == System.getProperty("java.vm.name")

    private val isConscryptPreferred: Boolean
      get() {

        success = true
      } catch (e: RejectedExecutionException) {
        failRejected(e)
      } finally {
        if (!success) {
          client.dispatcher.finished(this) // This call is no longer running!
        }
      }
    }

    internal fun failRejected(e: RejectedExecutionException? = null) {
      val ioException = InterruptedIOException("executor rejected")
      ioException.initCause(e)

    // 3. This connection's server certificate's must cover the new host.
    if (address.hostnameVerifier !== OkHostnameVerifier) return false
    if (!supportsUrl(address.url)) return false

    // 4. Certificate pinning must match the host.
    try {
      address.certificatePinner!!.check(address.url.host, handshake()!!.peerCertificates)
    } catch (_: SSLPeerUnverifiedException) {
      return false
    }

 *
 * ## Warning: Certificate Pinning is Dangerous!
 *
 * Pinning certificates limits your server team's abilities to update their TLS certificates. By
 * pinning certificates, you take on additional operational complexity and limit your ability to
 * migrate between certificate authorities. Do not use certificate pinning without the blessing of
 * your server's TLS administrator!
 *

  }
}

fun main(vararg args: String) {
  // System.setProperty("javax.net.debug", "ssl:handshake:verbose");
  Security.insertProviderAt(Conscrypt.newProviderBuilder().provideTrustManager().build(), 1)
  println("Running tests using ${Platform.get()} ${System.getProperty("java.vm.version")}")

  // https://github.com/tlswg/tls13-spec/wiki/Implementations
  val urls =
    listOf(
      "https://enabled.tls13.com",

   * scheduled. If the task is already in the queue, the earliest execution time is used.
   *
   * The target execution time is implemented on a best-effort basis. If another task in this queue
   * is running when that time is reached, that task is allowed to complete before this task is
   * started. Similarly the task will be delayed if the host lacks compute resources.
   *

    if (pattern.isNullOrEmpty() ||
      pattern.startsWith(".") ||
      pattern.endsWith("..")
    ) {
      // Invalid pattern.
      return false
    }

    // Normalize hostname and pattern by turning them into absolute domain names if they are not
    // yet absolute. This is needed because server certificates do not normally contain absolute