*
 * ## Warning: Certificate Pinning is Dangerous!
 *
 * Pinning certificates limits your server team's abilities to update their TLS certificates. By
 * pinning certificates, you take on additional operational complexity and limit your ability to
 * migrate between certificate authorities. Do not use certificate pinning without the blessing of
 * your server's TLS administrator!
 *
 * ### Note about self-signed certificates
 *

   * requires us to have a DNS address for both hosts, which only happens after route planning. We
   * can't coalesce connections that use a proxy, since proxies don't tell us the origin server's IP
   * address.
   */
  private fun routeMatchesAny(candidates: List<Route>): Boolean =
    candidates.any {
      it.proxy.type() == Proxy.Type.DIRECT &&
        route.proxy.type() == Proxy.Type.DIRECT &&

        }
        server.securityMode = buffer[bufferIndex] & 0xFF;
        bufferIndex++;
        server.security = server.securityMode & 0x01;
        server.encryptedPasswords = (server.securityMode & 0x02) == 0x02;
        server.signaturesEnabled = (server.securityMode & 0x04) == 0x04;
        server.signaturesRequired = (server.securityMode & 0x08) == 0x08;
        server.maxMpxCount = readInt2(buffer, bufferIndex);

        }
        this.server.securityMode = buffer[bufferIndex] & 0xFF;
        bufferIndex++;
        this.server.security = this.server.securityMode & 0x01;
        this.server.encryptedPasswords = (this.server.securityMode & 0x02) == 0x02;
        this.server.signaturesEnabled = (this.server.securityMode & 0x04) == 0x04;
        this.server.signaturesRequired = (this.server.securityMode & 0x08) == 0x08;

    assertConnectionNotReused(requestA, requestB)
  }

  @Test
  fun connectionsAreNotReusedWithResponseConnectionClose() {
    server.enqueue(
      MockResponse(
        headers = headersOf("Connection", "close"),
        body = "a",
      ),
    )
    server.enqueue(MockResponse(body = "b"))
    val requestA = Request(server.url("/"))
    val requestB = Request(server.url("/"))

        .signedBy(rootCa)
        .serialNumber(2L)
        .commonName(server.hostName)
        .addSubjectAlternativeName(server.hostName)
        .addSubjectAlternativeName("san.com")
        .addSubjectAlternativeName("*.wildcard.com")
        .addSubjectAlternativeName("differentdns.com")
        .build()
    serverIps = Dns.SYSTEM.lookup(server.hostName)
    dns[server.hostName] = serverIps
    dns["san.com"] = serverIps

</details>

### Kodu işə salaq

Serveri aşağıdakı əmr ilə işə salaq:

<div class="termy">

```console
$ uvicorn main:app --reload

INFO:     Uvicorn running on http://127.0.0.1:8000 (Press CTRL+C to quit)
INFO:     Started reloader process [28720]
INFO:     Started server process [28722]
INFO:     Waiting for application startup.

  private val handshakeCertificates = platform.localhostHandshakeCertificates()

  @StartStop
  private val server = MockWebServer()

  @Test
  fun legalToExecuteTwiceCloning() {
    server.enqueue(MockResponse(body = "abc"))
    server.enqueue(MockResponse(body = "def"))

    val request = Request(server.url("/"))

    val call = client.newCall(request)
    val response1 = call.execute()

    val cloned = call.clone()

class InterceptorTest {
  @RegisterExtension
  val clientTestRule = OkHttpClientTestRule()

  @StartStop
  private val server = MockWebServer()

  private var client = clientTestRule.newClient()
  private val callback = RecordingCallback()

  @Test
  fun applicationInterceptorsCanShortCircuitResponses() {
    server.close() // Accept no connections.
    val request =
      Request
        .Builder()

        .build(),
    )
    server.enqueue(
      MockResponse
        .Builder()
        .code(HttpURLConnection.HTTP_MOVED_TEMP)
        .setHeader("Location", "/f")
        .headersDelay(100, TimeUnit.MILLISECONDS)
        .build(),
    )
    server.enqueue(MockResponse())
    val request =
      Request
        .Builder()
        .url(server.url("/a"))
        .build()