*/
    fun add(
      pattern: String,
      vararg pins: String,
    ) = apply {
      for (pin in pins) {
        this.pins.add(Pin(pattern, pin))
      }
    }

    fun build(): CertificatePinner = CertificatePinner(pins.toSet())
  }

  companion object {
    @JvmField
    val DEFAULT = Builder().build()

    @JvmStatic

   * The HTTP <a href="http://tools.ietf.org/html/draft-evans-palmer-key-pinning">{@code
   * Public-Key-Pins}</a> header field name.
   *
   * @since 15.0
   */
  public static final String PUBLIC_KEY_PINS = "Public-Key-Pins";

  /**
   * The HTTP <a href="http://tools.ietf.org/html/draft-evans-palmer-key-pinning">{@code
   * Public-Key-Pins-Report-Only}</a> header field name.
   *
   * @since 15.0
   */

      val response = execute(url)
      response.close()
    }
  }

  /** Can still coalesce when pinning is used if pins match.  */
  @Test
  fun coalescesWhenCertificatePinsMatch() {
    val pinner =
      CertificatePinner
        .Builder()
        .add("san.com", pin(certificate.certificate))
        .build()
    client = client.newBuilder().certificatePinner(pinner).build()

   * triggering different chains to be discovered by the TLS engine and our chain cleaner. In this
   * attack there's several different chains.
   *
   *
   * The victim's gets a non-CA certificate signed by a CA, and pins the CA root and/or
   * intermediate. This is business as usual.
   *
   * ```
   *   pinnedRoot (trusted by CertificatePinner)
   *     -> pinnedIntermediate (trusted by CertificatePinner)
   *       -> realVictim

    `java.net.Authenticator`. This obsoletes `JavaNetAuthenticator` in the `okhttp-urlconnection`
    module.

 *  New: `CertificatePinner` now offers an API for inspecting the configured pins.

 *  Upgrade: [Okio 2.6.0][okio_2_6_0].

    ```kotlin
    implementation("com.squareup.okio:okio:2.6.0")
    ```

    assertFalse(pin.matchesHostname("www.example.com"))
  }

  @Test fun testMatchesSha256() {
    val pin = Pin("example.com", certA1Sha256Pin)
    assertTrue(pin.matchesCertificate(certA1.certificate))
    assertFalse(pin.matchesCertificate(certB1.certificate))
  }

  @Test fun testMatchesSha1() {
    val pin = Pin("example.com", certC1Sha1Pin)
    assertTrue(pin.matchesCertificate(certC1.certificate))

                            int num_handles, TF_Status* s,
                            void* device_info) = nullptr;

  // Pins the op to `device` based on inputs to `op`. Returns true
  // signifying to pin to the current custom device. Returns false
  // to pin to the physical device.
  //
  // This function is guaranteed to be called only when all of the custom-device
  // inputs are on this device.

    Assertions.assertTrue(pin.matchesCertificate(certA1.certificate))
    Assertions.assertFalse(pin.matchesCertificate(certB1.certificate))
  }

  @Test
  fun testMatchesSha1() {
    val pin = CertificatePinner.Pin("example.com", certC1Sha1Pin)
    Assertions.assertTrue(pin.matchesCertificate(certC1.certificate))
    Assertions.assertFalse(pin.matchesCertificate(certB1.certificate))

    Previously if you configured a ping interval that would cause OkHttp to send
    pings, but it did not track whether the reply pongs were received. With this
    update OkHttp requires that every ping receive a response: if it does not
    the connection will be closed and the listener's `onFailure()` method will
    be called.

    Web sockets have always been had pings, but pings on HTTP/2 connections is

        CertificatePinner.Builder().add("localhost", "sha256/afwiKY3RxoMmLkuRW1l7QsPZTJPwDS2pdDROQjXw8ig=").build()

      override fun isDefaultValue(value: CertificatePinner): Boolean = value.pins.isEmpty()
    }

    object ConnectionPoolOverride : Override<ConnectionPool> {
      override fun Interceptor.Chain.value(): ConnectionPool = connectionPool