import okhttp3.internal.tls.TrustRootIndex
import okio.Buffer
import org.codehaus.mojo.animal_sniffer.IgnoreJRERequirement

/**
 * Access to platform-specific features.
 *
 * ### Session Tickets
 *
 * Supported on Android 2.3+.
 * Supported on JDK 8+ via Conscrypt.
 *
 * ### ALPN (Application Layer Protocol Negotiation)
 *
 * Supported on Android 5.0+.
 *

termez.su terni.it ternopil.ua teshikaga.hokkaido.jp test-iserv.de test.ru test.tj teva texas.museum textile.museum tf tg tgory.pl th thd the.br theater theater.museum theatre theshop.jp theworkpc.com thick.jp thingdustdata.com thruhere.net tiaa tickets tickets.io tienda tiffany time.museum time.no timekeeping.museum tingvoll.no tinn.no tips tires tirol tj tj.cn tjeldsund.no tjmaxx tjome.no tjx tjøme.no tk tkmaxx tksat.bo tl tlon.network tm tm.cy tm.dz tm.fr tm.hu tm.km tm.mc tm.mg tm.no tm.pl tm.ro...

theater

// theatre : 2015-05-07 XYZ.COM LLC
theatre

// tiaa : 2015-07-23 Teachers Insurance and Annuity Association of America
tiaa

// tickets : 2015-02-05 XYZ.COM LLC
tickets

// tienda : 2013-11-14 Binky Moon, LLC
tienda

// tiffany : 2015-01-30 Tiffany and Company
tiffany

// tips : 2013-09-20 Binky Moon, LLC
tips

1F380..1F393  ; valid                  ;      ; NV8    # 6.0  RIBBON..GRADUATION CAP
1F394..1F39F  ; valid                  ;      ; NV8    # 7.0  HEART WITH TIP ON THE LEFT..ADMISSION TICKETS
1F3A0..1F3C4  ; valid                  ;      ; NV8    # 6.0  CAROUSEL HORSE..SURFER
1F3C5         ; valid                  ;      ; NV8    # 7.0  SPORTS MEDAL

    sslSocket: SSLSocket,
    hostname: String?,
    protocols: List<Protocol>,
  ) {
    // No TLS extensions if the socket class is custom.
    if (matchesSocket(sslSocket)) {
      // Enable session tickets.
      Conscrypt.setUseSessionTickets(sslSocket, true)

      // Enable ALPN.
      val names = Platform.alpnProtocolNames(protocols)
      Conscrypt.setApplicationProtocols(sslSocket, names.toTypedArray())
    }
  }

    sslSocket: SSLSocket,
    hostname: String?,
    protocols: List<Protocol>,
  ) {
    // No TLS extensions if the socket class is custom.
    if (matchesSocket(sslSocket)) {
      try {
        // Enable session tickets.
        setUseSessionTickets.invoke(sslSocket, true)

        // Assume platform support on 24+
        if (hostname != null && Build.VERSION.SDK_INT <= 23) {
          // This is SSLParameters.setServerNames() in API 24+.

  override fun configureTlsExtensions(
    sslSocket: SSLSocket,
    hostname: String?,
    protocols: List<@JvmSuppressWildcards Protocol>,
  ) {
    if (Conscrypt.isConscrypt(sslSocket)) {
      // Enable session tickets.
      Conscrypt.setUseSessionTickets(sslSocket, true)

      // Enable ALPN.
      val names = alpnProtocolNames(protocols)
      Conscrypt.setApplicationProtocols(sslSocket, names.toTypedArray())
    } else {

trusts the certificate authorities of the host platform. This strategy maximizes connectivity, but it is subject to certificate authority attacks such as the [2011 DigiNotar attack](https://www.computerworld.com/article/2510951/cybercrime-hacking/hackers-spied-on-300-000-iranians-using-fake-google-certificate.html). It also assumes your HTTPS servers’ certificates are signed by a certificate authority.

Use [CertificatePinner](https://square.github.io/okhttp/4.x/okhttp/okhttp3/-certificate-pinner/)...