Adapters.UTC_TIME.fromDer(bytes)
    }.also { expected ->
      assertThat(expected).hasMessage("Failed to parse UTCTime 191216#30210Z")
    }
  }

  @Test fun `cannot decode generalized time with offset`() {
    assertFailsWith<ProtocolException> {
      Adapters.GENERALIZED_TIME.fromDer("181332303139313231353139303231302d30383030".decodeHex())
    }.also { expected ->

          return 10
        }

        override fun source(): BufferedSource {
          return Buffer().writeUtf8("hello")
        }
      }
    assertFailsWith<IOException> {
      body.bytes()
    }.also { expected ->
      assertThat(expected.message).isEqualTo(
        "Content-Length (10) and stream length (5) disagree",
      )
    }
  }

  @Test
  fun bytesThrowsMoreThanIntMaxValue() {

  internal var allocationLimit = 1
    private set

  /** Current calls carried by this connection. */
  val calls = mutableListOf<Reference<RealCall>>()

  /** Timestamp when `allocations.size()` reached zero. Also assigned upon initial connection. */
  var idleAtNs = Long.MAX_VALUE

  /**
   * Returns true if this is an HTTP/2 connection. Such connections can be used in multiple HTTP
   * requests simultaneously.
   */

    locking. That's a potential security vulnerability, tracked as [CVE-2022-24329].
 *  Upgrade: [publicsuffix.org data][public_suffix]. This powers `HttpUrl.topPrivateDomain()`.
    It's also how OkHttp knows which domains can share cookies with one another.
 *  Upgrade: [Okio 3.2.0][okio_3_2_0].


## Version 4.10.0

_2022-06-12_

 *  Upgrade: [Kotlin 1.6.20][kotlin_1_6_20].

 * is returned by upstream, or after the upstream source has been exhausted.
 *
 * As bytes are returned from upstream they are written to a local file. Downstream sources read
 * from this file as necessary.
 *
 * This class also keeps a small buffer of bytes recently read from upstream. This is intended to
 * save a small amount of file I/O and data copying.
 */
class Relay private constructor(
  /**

   * [requestBodyOpen], [responseBodyOpen], and [expectMoreExchanges].
   *
   * This will release the connection if it is still held.
   *
   * It will also notify the listener that the call completed; either successfully or
   * unsuccessfully.
   *
   * If the call was canceled or timed out, this will wrap [e] in an exception that provides that

      )

    val partAbc = parts.nextPart()!!
    val partMno = parts.nextPart()!!

    assertFailsWith<IllegalStateException> {
      partAbc.body.request(20)
    }.also { expected ->
      assertThat(expected).hasMessage("closed")
    }

    assertThat(partMno.body.readUtf8()).isEqualTo("mnop")
    assertThat(parts.nextPart()).isNull()
  }

    server.useHttps(socketFactory)
    server.requireClientAuth()
    val call = client.newCall(Request.Builder().url(server.url("/")).build())
    assertFailsWith<IOException> {
      call.execute()
    }.also { expected ->
      when (expected) {
        is SSLHandshakeException -> {
          // JDK 11+
        }
        is SSLException -> {
          // javax.net.ssl.SSLException: readRecord
        }

import okio.ByteString.Companion.decodeBase64
import okio.ByteString.Companion.toByteString

/**
 * Constrains which certificates are trusted. Pinning certificates defends against attacks on
 * certificate authorities. It also prevents connections through man-in-the-middle certificate
 * authorities either known or unknown to the application's user.
 * This class currently pins a certificate's Subject Public Key Info as described on

     *
     * HTTPS responses also contain SSL session information. This begins with a blank line, and then
     * a line containing the cipher suite. Next is the length of the peer certificate chain. These
     * certificates are base64-encoded and appear each on their own line. The next line contains the
     * length of the local certificate chain. These certificates are also base64-encoded and appear