val cipherSuite = response1.handshake!!.cipherSuite
    val localCerts = response1.handshake!!.localCertificates
    val serverCerts = response1.handshake!!.peerCertificates
    val peerPrincipal = response1.handshake!!.peerPrincipal
    val localPrincipal = response1.handshake!!.localPrincipal
    val response2 = client.newCall(request).execute() // Cached!

    application code that creates challenges.

 *  New: The `TlsVersion` of a `Handshake` is now non-null. If you are calling
    `Handshake.get()` with a null TLS version, you must instead now provide a
    non-null `TlsVersion`. Cache responses persisted prior to OkHttp 3.0 did not
    store a TLS version; for these unknown values the handshake is defaulted to
    `TlsVersion.SSL_3_0`.

 *  New: Upgrade to Okio 1.13.0.

	public final fun getBody ()Lokio/Buffer;
	public final fun getBodySize ()J
	public final fun getChunkSizes ()Ljava/util/List;
	public final fun getFailure ()Ljava/io/IOException;
	public final fun getHandshake ()Lokhttp3/Handshake;
	public final fun getHeader (Ljava/lang/String;)Ljava/lang/String;
	public final fun getHeaders ()Lokhttp3/Headers;
	public final fun getMethod ()Ljava/lang/String;
	public final fun getPath ()Ljava/lang/String;

      // No cached response.
      if (cacheResponse == null) {
        return CacheStrategy(request, null)
      }

      // Drop the cached response if it's missing a required handshake.
      if (request.isHttps && cacheResponse.handshake == null) {
        return CacheStrategy(request, null)
      }

      // If this response shouldn't have been stored, it should never be used as a response source.

    val recordedRequest = server.takeRequest()
    assertThat(recordedRequest.handshakeServerNames).containsExactly(url.host)
  }

  /**
   * Use different hostnames for the TLS handshake (including SNI) and the HTTP request (in the
   * Host header).
   */
  @Test
  fun domainFronting() {
    val heldCertificate =
      HeldCertificate.Builder()
        .commonName("server name")

   * socket after the response body or trailers.
   */
  class DoNotReadRequestBody(
    val http2ErrorCode: Int = 0,
  ) : SocketPolicy

  /** Don't trust the client during the SSL handshake. */
  object FailHandshake : SocketPolicy

  /**
   * Shutdown the socket input after sending the response. For testing bad behavior.
   *

	public fun responseHeadersStart (Lokhttp3/Call;)V
	public fun satisfactionFailure (Lokhttp3/Call;Lokhttp3/Response;)V
	public fun secureConnectEnd (Lokhttp3/Call;Lokhttp3/Handshake;)V
	public fun secureConnectStart (Lokhttp3/Call;)V
}

public final class okhttp3/logging/LoggingEventListener$Companion {
}

import javax.net.ssl.SSLPeerUnverifiedException

/**
 * A certificate chain cleaner that uses a set of trusted root certificates to build the trusted
 * chain. This class duplicates the clean chain building performed during the TLS handshake. We
 * prefer other mechanisms where they exist, such as with
 * [okhttp3.internal.platform.AndroidPlatform.AndroidCertificateChainCleaner].
 *
 * This class includes code from [Conscrypt's][Conscrypt] [TrustManagerImpl] and

  }

  /**
   * Invoked immediately after a TLS connection was attempted.
   *
   * This method is invoked after [secureConnectStart].
   */
  open fun secureConnectEnd(
    call: Call,
    handshake: Handshake?,
  ) {
  }

  /**
   * Invoked immediately after a socket connection was attempted.
   *
   * If the `call` uses HTTPS, this will be invoked after [secureConnectEnd], otherwise it will

    assertThat(cache.requestCount()).isEqualTo(2)
    assertThat(cache.networkCount()).isEqualTo(1)
    assertThat(cache.hitCount()).isEqualTo(1)

    assertThat(response.handshake!!.cipherSuite.javaName).startsWith("SLT_")
  }

  @Test
  fun truncatedMetadataEntry() {
    val response =
      testCorruptingCache {
        corruptMetadata {