*/
    fun add(
      pattern: String,
      vararg pins: String,
    ) = apply {
      for (pin in pins) {
        this.pins.add(Pin(pattern, pin))
      }
    }

    fun build(): CertificatePinner = CertificatePinner(pins.toSet())
  }

  companion object {
    @JvmField
    val DEFAULT = Builder().build()

    @JvmStatic

    assertFalse(pin.matchesHostname("www.example.com"))
  }

  @Test fun testMatchesSha256() {
    val pin = Pin("example.com", certA1Sha256Pin)
    assertTrue(pin.matchesCertificate(certA1.certificate))
    assertFalse(pin.matchesCertificate(certB1.certificate))
  }

  @Test fun testMatchesSha1() {
    val pin = Pin("example.com", certC1Sha1Pin)
    assertTrue(pin.matchesCertificate(certC1.certificate))

    Assertions.assertTrue(pin.matchesCertificate(certA1.certificate))
    Assertions.assertFalse(pin.matchesCertificate(certB1.certificate))
  }

  @Test
  fun testMatchesSha1() {
    val pin = CertificatePinner.Pin("example.com", certC1Sha1Pin)
    Assertions.assertTrue(pin.matchesCertificate(certC1.certificate))
    Assertions.assertFalse(pin.matchesCertificate(certB1.certificate))

   * The HTTP <a href="http://tools.ietf.org/html/draft-evans-palmer-key-pinning">{@code
   * Public-Key-Pins}</a> header field name.
   *
   * @since 15.0
   */
  public static final String PUBLIC_KEY_PINS = "Public-Key-Pins";

  /**
   * The HTTP <a href="http://tools.ietf.org/html/draft-evans-palmer-key-pinning">{@code
   * Public-Key-Pins-Report-Only}</a> header field name.
   *
   * @since 15.0
   */

      val response = execute(url)
      response.close()
    }
  }

  /** Can still coalesce when pinning is used if pins match.  */
  @Test
  fun coalescesWhenCertificatePinsMatch() {
    val pinner =
      CertificatePinner
        .Builder()
        .add("san.com", pin(certificate.certificate))
        .build()
    client = client.newBuilder().certificatePinner(pinner).build()

   * triggering different chains to be discovered by the TLS engine and our chain cleaner. In this
   * attack there's several different chains.
   *
   *
   * The victim's gets a non-CA certificate signed by a CA, and pins the CA root and/or
   * intermediate. This is business as usual.
   *
   * ```
   *   pinnedRoot (trusted by CertificatePinner)
   *     -> pinnedIntermediate (trusted by CertificatePinner)
   *       -> realVictim

    `java.net.Authenticator`. This obsoletes `JavaNetAuthenticator` in the `okhttp-urlconnection`
    module.

 *  New: `CertificatePinner` now offers an API for inspecting the configured pins.

 *  Upgrade: [Okio 2.6.0][okio_2_6_0].

    ```kotlin
    implementation("com.squareup.okio:okio:2.6.0")
    ```

    Previously if you configured a ping interval that would cause OkHttp to send
    pings, but it did not track whether the reply pongs were received. With this
    update OkHttp requires that every ping receive a response: if it does not
    the connection will be closed and the listener's `onFailure()` method will
    be called.

    Web sockets have always been had pings, but pings on HTTP/2 connections is

  private var failed = false

  /** Total number of pings sent by this web socket. */
  private var sentPingCount = 0

  /** Total number of pings received by this web socket. */
  private var receivedPingCount = 0

  /** Total number of pongs received by this web socket. */
  private var receivedPongCount = 0

  /** True if we have sent a ping that is still awaiting a reply. */
  private var awaitingPong = false

	// map header, size 2
	// write "Bins"
	err = en.Append(0x82, 0xa4, 0x42, 0x69, 0x6e, 0x73)
	if err != nil {
		return
	}
	err = en.WriteArrayHeader(uint32(24))
	if err != nil {
		err = msgp.WrapError(err, "Bins")
		return
	}
	for za0001 := range z.Bins {
		err = z.Bins[za0001].EncodeMsg(en)
		if err != nil {
			err = msgp.WrapError(err, "Bins", za0001)
			return
		}
	}