.build()
    assertThat(tlsSpec.cipherSuites).isNull()
    val sslSocket = SSLSocketFactory.getDefault().createSocket() as SSLSocket
    sslSocket.enabledCipherSuites =
      arrayOf(
        CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256.javaName,
        CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA.javaName,
      )
    applyConnectionSpec(tlsSpec, sslSocket, false)
    if (platform.isAndroid) {

        sslSocket.sslParameters = sslParameters
      }
    } else {
      super.configureTlsExtensions(sslSocket, hostname, protocols)
    }
  }

  override fun getSelectedProtocol(sslSocket: SSLSocket): String? =
    if (sslSocket is org.openjsse.javax.net.ssl.SSLSocket) {
      when (val protocol = sslSocket.applicationProtocol) {

  }

  private fun doSsl(socket: Socket): SSLSocket {
    val sslSocket =
      sslSocketFactory.createSocket(
        socket,
        socket.inetAddress.hostAddress,
        socket.port,
        true,
      ) as SSLSocket
    sslSocket.useClientMode = false
    Platform.get().configureTlsExtensions(sslSocket, null, listOf(Protocol.HTTP_2))
    sslSocket.startHandshake()
    return sslSocket
  }

  }

  /**
   * Configure TLS extensions on `sslSocket` for `route`.
   */
  open fun configureTlsExtensions(
    sslSocket: SSLSocket,
    hostname: String?,
    protocols: List<@JvmSuppressWildcards Protocol>,
  ) {
  }

  /** Called after the TLS handshake to release resources allocated by [configureTlsExtensions]. */
  open fun afterHandshake(sslSocket: SSLSocket) {
  }

  }

  override fun matchesSocket(sslSocket: SSLSocket): Boolean = socketAdapterFactory.matchesSocket(sslSocket)

  override fun configureTlsExtensions(
    sslSocket: SSLSocket,
    hostname: String?,
    protocols: List<Protocol>,
  ) {
    getDelegate(sslSocket)?.configureTlsExtensions(sslSocket, hostname, protocols)
  }

  override fun getSelectedProtocol(sslSocket: SSLSocket): String? {

  override fun matchesSocket(sslSocket: SSLSocket): Boolean = sslSocketClass.isInstance(sslSocket)

  override fun configureTlsExtensions(
    sslSocket: SSLSocket,
    hostname: String?,
    protocols: List<Protocol>,
  ) {
    // No TLS extensions if the socket class is custom.
    if (matchesSocket(sslSocket)) {
      try {
        // Enable session tickets.

 */
package okhttp3.internal.platform.android

import javax.net.ssl.SSLSocket
import javax.net.ssl.SSLSocketFactory
import javax.net.ssl.X509TrustManager
import okhttp3.OkHttpClient
import okhttp3.internal.platform.Platform
import okhttp3.internal.readFieldOrNull

/**
 * Base Android reflection based SocketAdapter for the built in Android SSLSocket.
 *

  fun configureTlsExtensions(
    sslSocket: SSLSocket,
    hostname: String?,
    protocols: List<Protocol>,
  )

  fun getSelectedProtocol(sslSocket: SSLSocket): String?

        val sslSocket =
          server.sslSocketFactory().createSocket(
            rawSocket,
            rawSocket.inetAddress.hostAddress,
            rawSocket.port,
            true,
          ) as SSLSocket
        sslSocket.use {
          sslSocket.useClientMode = false
          sslSocket.wantClientAuth = true
          sslSocket.startHandshake()

  override fun configureTlsExtensions(
    sslSocket: SSLSocket,
    hostname: String?,
    protocols: List<Protocol>,
  ) {
    // No TLS extensions if the socket class is custom.
    socketAdapters.find { it.matchesSocket(sslSocket) }
      ?.configureTlsExtensions(sslSocket, hostname, protocols)
  }

  override fun getSelectedProtocol(sslSocket: SSLSocket): String? =
    // No TLS extensions if the socket class is custom.