* See the License for the specific language governing permissions and
 * limitations under the License.
 */
package okhttp3.internal.platform.android

import javax.net.ssl.SSLSocket
import okhttp3.Protocol
import okhttp3.internal.platform.Platform
import org.conscrypt.Conscrypt

/**
 * Simple non-reflection SocketAdapter for Conscrypt when included as an application dependency

 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package okhttp3

import javax.net.ssl.HostnameVerifier
import javax.net.ssl.SSLSession

class RecordingHostnameVerifier : HostnameVerifier {
  @JvmField
  val calls: MutableList<String> = mutableListOf()

  @Synchronized override fun verify(
    hostname: String,

_2014-03-07_


##### OkHttp no longer uses the default SSL context.

Applications that want to use the global SSL context with OkHttp should configure their
OkHttpClient instances with the following:

```java
okHttpClient.setSslSocketFactory(HttpsURLConnection.getDefaultSSLSocketFactory());
```

A simpler solution is to avoid the shared default SSL socket factory. Instead, if you
need to customize SSL, do so for your specific OkHttpClient instance only.

 */
package okhttp3

import assertk.assertThat
import assertk.assertions.isEmpty
import assertk.assertions.isEqualTo
import assertk.assertions.isNotNull
import assertk.assertions.isNull
import javax.net.ssl.SSLException
import kotlin.test.assertFailsWith
import mockwebserver3.MockResponse
import mockwebserver3.MockWebServer
import mockwebserver3.junit5.StartStop
import okhttp3.testing.PlatformRule

import java.net.SocketAddress
import java.net.SocketException
import java.nio.channels.SocketChannel
import java.util.function.BiFunction
import javax.net.ssl.HandshakeCompletedListener
import javax.net.ssl.SSLParameters
import javax.net.ssl.SSLSession
import javax.net.ssl.SSLSocket

/** An [SSLSocket] that delegates all calls.  */
abstract class DelegatingSSLSocket(
  protected val delegate: SSLSocket?,
) : SSLSocket() {

import java.net.Proxy
import java.net.ProxySelector
import java.net.Socket
import java.util.concurrent.TimeUnit
import javax.net.SocketFactory
import javax.net.ssl.HostnameVerifier
import javax.net.ssl.HttpsURLConnection
import javax.net.ssl.SSLSocketFactory
import okhttp3.internal.RecordingOkAuthenticator
import okhttp3.internal.concurrent.TaskFaker
import okhttp3.internal.concurrent.TaskRunner

import java.lang.reflect.InvocationTargetException
import java.lang.reflect.Method
import java.security.cert.Certificate
import java.security.cert.CertificateException
import java.security.cert.X509Certificate
import javax.net.ssl.X509TrustManager

/** This extends [X509TrustManager] for Android to disable verification for a set of hosts. */
internal class InsecureAndroidTrustManager(
  private val delegate: X509TrustManager,

set FESS_JAVA_OPTS=%FESS_JAVA_OPTS% -Dlog4j2.formatMsgNoLookups=true
set FESS_JAVA_OPTS=%FESS_JAVA_OPTS% -Dlog4j.skipJansi=true

REM SSL truststore for certificate validation over https
REM FESS_JAVA_OPTS=%FESS_JAVA_OPTS% -Djavax.net.ssl.trustStore=/tech/elastic/config/truststore.jks
REM FESS_JAVA_OPTS=%FESS_JAVA_OPTS% -Djavax.net.ssl.trustStorePassword=changeit

REM Causes the JVM to dump its heap on OutOfMemory.

    }
  }

  fun enableJsseDebugLogging(debugHandler: (JsseDebugMessage) -> Unit = this::quietDebug): Closeable {
    System.setProperty("javax.net.debug", "")
    return OkHttpDebugLogging.enable(
      "javax.net.ssl",
      object : Handler() {
        override fun publish(record: LogRecord) {
          val param = record.parameters?.firstOrNull() as? String
          debugHandler(JsseDebugMessage(record.message, param))
        }

import java.lang.IllegalArgumentException
import java.security.cert.Certificate
import java.security.cert.CertificateException
import java.security.cert.X509Certificate
import javax.net.ssl.SSLPeerUnverifiedException
import javax.net.ssl.X509TrustManager
import okhttp3.internal.SuppressSignatureCheck
import okhttp3.internal.tls.CertificateChainCleaner

/**