}

      HTTP_CLIENT_TIMEOUT -> {
        // 408's are rare in practice, but some servers like HAProxy use this response code. The
        // spec says that we may repeat the request without modifications. Modern browsers also
        // repeat the request (even non-idempotent ones.)
        if (!client.retryOnConnectionFailure) {
          // The application layer has directed us not to retry the request.
          return null

      }
      flowControlListener.receivingConnectionWindowChanged(readBytes)
    }
  }

  /**
   * Returns a new server-initiated stream.
   *
   * @param associatedStreamId the stream that triggered the sender to create this stream.
   * @param out true to create an output stream that we can use to send data to the remote peer.
   *     Corresponds to `FLAG_FIN`.
   */
  @Throws(IOException::class)
  fun pushStream(

  }

  companion object {
    internal val DEFAULT_PROTOCOLS = immutableListOf(HTTP_2, HTTP_1_1)

    internal val DEFAULT_CONNECTION_SPECS =
      immutableListOf(
        ConnectionSpec.MODERN_TLS,
        ConnectionSpec.CLEARTEXT,
      )
  }

[OkHttp 3.13][OkHttp313]
------------------------

_2019-02-04_

Remove TLSv1.1 and TLSv1 from MODERN_TLS. Change COMPATIBLE_TLS to support all TLS versions.

##### RESTRICTED_TLS versions

* TLSv1.3
* TLSv1.2

##### MODERN_TLS versions

* TLSv1.3
* TLSv1.2
* **REMOVED:** ~~TLSv1.1~~
* **REMOVED:** ~~TLSv1~~

##### COMPATIBLE_TLS versions

By default, OkHttp will attempt a `MODERN_TLS` connection.  However by configuring the client connectionSpecs you can allow a fall back to `COMPATIBLE_TLS` connection if the modern configuration fails.

```java
OkHttpClient client = new OkHttpClient.Builder()
    .connectionSpecs(Arrays.asList(ConnectionSpec.MODERN_TLS, ConnectionSpec.COMPATIBLE_TLS))
    .build();
```

    }

    val sessionIds = mutableListOf<String>()

    enableTls()

    val tlsVersion = TlsVersion.forJavaName(tlsVersion)
    val spec =
      ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS)
        .tlsVersions(tlsVersion)
        .build()

    var reuseSession = false

    val sslContext = handshakeCertificates.sslContext()
    val systemSslSocketFactory = sslContext.socketFactory

  private val controlFrameBuffer = Buffer()
  private val messageFrameBuffer = Buffer()

  /** Lazily initialized on first use. */
  private var messageInflater: MessageInflater? = null

  // Masks are only a concern for server writers.
  private val maskKey: ByteArray? = if (isClient) null else ByteArray(4)
  private val maskCursor: Buffer.UnsafeCursor? = if (isClient) null else Buffer.UnsafeCursor()

  interface FrameCallback {

	public static final field CLEARTEXT Lokhttp3/ConnectionSpec;
	public static final field COMPATIBLE_TLS Lokhttp3/ConnectionSpec;
	public static final field Companion Lokhttp3/ConnectionSpec$Companion;
	public static final field MODERN_TLS Lokhttp3/ConnectionSpec;
	public static final field RESTRICTED_TLS Lokhttp3/ConnectionSpec;
	public final fun -deprecated_cipherSuites ()Ljava/util/List;
	public final fun -deprecated_supportsTlsExtensions ()Z

    // sslSocket.enabledCipherSuites
    // 2) OkHttp Client - based on MODERN_TLS source code ordering
    // 3) Caller specified but assuming the visible defaults in MODERN_CIPHER_SUITES are rejigged
    // to match legacy i.e. the platform/provider
    //
    // Opting for 2 here and keeping MODERN_TLS in line with secure browsers.

 * [connection pool][ConnectionPool].
 *
 * Do not confuse this class with the misnamed `HttpURLConnection`, which isn't so much a connection
 * as a single request/response exchange.
 *
 * ## Modern TLS
 *
 * There are trade-offs when selecting which options to include when negotiating a secure connection
 * to a remote host. Newer TLS options are quite useful:
 *