}

    @Test
    @DisplayName("Should provide default values for missing properties")
    void testDefaultValues() throws CIFSException {
        // Given
        Properties minimalProps = new Properties();

        // When
        PropertyConfiguration testConfig = new PropertyConfiguration(minimalProps);

        // Then
        // Hostname may be null when not provided
        assertTrue(testConfig.getConnTimeout() > 0);

import okhttp3.internal.platform.Platform

/**
 * Modern reflection based SocketAdapter for Conscrypt class SSLSockets.
 *
 * This is used directly for providers where class name is known e.g. the Google Play Provider
 * but we can't compile directly against it, or in fact reliably know if it is registered and
 * on classpath.
 */
open class AndroidSocketAdapter(

 *
 * @author Mike Bostock
 * @author Louis Wasserman
 * @since 2.0
 */
@GwtCompatible
/*
 * We provide and encourage use of ForwardingNavigableSet over this class, but we still provide this
 * one to preserve compatibility.
 */
@SuppressWarnings("JdkObsolete")
public abstract class ForwardingSortedSet<E extends @Nullable Object> extends ForwardingSet<E>

    interval of 30 seconds is reasonable for most use cases.

 *  **OkHttp now supports [Conscrypt][conscrypt].** Conscrypt is a Java Security
    Provider that integrates BoringSSL into the Java platform. Conscrypt
    supports more cipher suites than the JVM’s default provider and may also
    execute more efficiently.

    To use it, first register a [Conscrypt dependency][conscrypt_dependency] in
    your build system.

  private static final ImmutableSet<String> INPUTS = ImmutableSet.of("", "Z", "foobar");

  // From "How Provider Implementations Are Requested and Supplied" from
  // http://docs.oracle.com/javase/6/docs/technotes/guides/security/crypto/CryptoSpec.html
  //  - Some providers may choose to also include alias names.
  //  - For example, the "SHA-1" algorithm might be referred to as "SHA1".

	actualSize int64

	checksum      etag.ETag
	contentSHA256 []byte

	// Client-provided content checksum
	contentHash   Checksum
	contentHasher hash.Hash
	disableMD5    bool

	// Server side computed checksum. In some cases, like CopyObject, a new checksum
	// needs to be computed and saved on the destination object, but the client
	// does not provide it. Not calculated if client-side contentHash is set.
	ServerSideChecksumType   ChecksumType

   * parameter that isn't among the provided values.
   *
   * <p>The generated comparator is serializable if all the provided values are serializable.
   *
   * @param valuesInOrder the values that the returned comparator will be able to compare, in the
   *     order the comparator should induce
   * @return the comparator described above
   * @throws NullPointerException if any of the provided values is null

import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.CsvSource;
import org.junit.jupiter.params.provider.ValueSource;
import org.mockito.ArgumentCaptor;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.junit.jupiter.MockitoExtension;

import jcifs.SmbSession;

/**

# KMS IAM/Config Encryption

MinIO supports encrypting config, IAM assets with KMS provided keys. If the KMS is not enabled, MinIO will store the config, IAM data as plain text erasure coded in its backend.

## MinIO KMS Quick Start

MinIO supports two ways of encrypting IAM and configuration data.
You can either use KES - together with an external KMS - or, much simpler,

### Model sharing

If the multitenant design allows sharing models, make sure that tenants and
users are aware of the security risks detailed here and that they are going to
be practically running code provided by other users. Currently there are no good
ways to detect malicious models/graphs/checkpoints, so the recommended way to
mitigate the risk in this scenario is to sandbox the model execution.

### Hardware attacks