*
 * ## Warning: Certificate Pinning is Dangerous!
 *
 * Pinning certificates limits your server team's abilities to update their TLS certificates. By
 * pinning certificates, you take on additional operational complexity and limit your ability to
 * migrate between certificate authorities. Do not use certificate pinning without the blessing of
 * your server's TLS administrator!
 *
 * ### Note about self-signed certificates
 *

    // yet absolute. This is needed because server certificates do not normally contain absolute
    // names or patterns, but they should be treated as absolute. At the same time, any hostname
    // presented to this method should also be treated as absolute for the purposes of matching
    // to the server certificate.
    //   www.android.com  matches www.android.com

import java.io.IOException
import okhttp3.Interceptor.Chain
import okio.Buffer
import okio.BufferedSource
import okio.ForwardingSource
import okio.buffer

/** Rewrites the response body returned from the server to be all uppercase.  */
class UppercaseResponseInterceptor : Interceptor {
  @Throws(IOException::class)
  override fun intercept(chain: Chain): Response {
    return uppercaseResponse(chain.proceed(chain.request()))
  }

 */
package okhttp3.internal.connection

import java.io.IOException
import okhttp3.Interceptor
import okhttp3.Response
import okhttp3.internal.http.RealInterceptorChain

/**
 * Opens a connection to the target server and proceeds to the next interceptor. The network might
 * be used for the returned response, or to validate a cached response with a conditional GET.
 */
object ConnectInterceptor : Interceptor {
  @Throws(IOException::class)

 * the response, the client will issue a conditional `GET`. The server will then send either
 * the updated response if it has changed, or a short 'not modified' response if the client's copy
 * is still valid. Such responses increment both the network count and hit count.
 *
 * The best way to improve the cache hit rate is by configuring the web server to return cacheable

      val headers = response.headers
      for ((name, value) in headers) {
        println("$name: $value")
      }
      println()
    }

    // Stream the response to the System.out as it is returned from the server.
    val out = System.out.sink()
    val source = response.body.source()
    while (!source.exhausted()) {
      out.write(source.buffer, source.buffer.size)
      out.flush()
    }

    response.body.close()

import javax.net.ssl.SSLSocket
import okhttp3.Protocol

/**
 * Deferred implementation of SocketAdapter that works by observing the socket
 * and initializing on first use.
 *
 * We use this because eager classpath checks cause confusion and excessive logging in Android,
 * and we can't rely on classnames after proguard, so are probably best served by falling through
 * to a situation of trying our least likely noisiest options.
 */

  }

  /**
   * Writes `other` into this. If any setting is populated by this and `other`, the
   * value and flags from `other` will be kept.
   */
  fun merge(other: Settings) {
    for (i in 0 until COUNT) {
      if (!other.isSet(i)) continue
      set(i, other[i])
    }
  }

  companion object {
    /**

    val address = factory.newAddress()
    proxySelector.proxies.add(Proxy.NO_PROXY)
    val routeSelector = newRouteSelector(address)
    proxySelector.assertRequests(address.url.toUri())

    // Only the origin server will be attempted.
    assertThat(routeSelector.hasNext()).isTrue()
    dns[uriHost] = dns.allocate(1)
    val selection = routeSelector.next()

 * is used to verify the signature of the "www.squareup.com" certificate.
 *
 * This roles are reversed for client authentication. In that case the client has a private key and
 * a chain of certificates. The server uses a set of trusted root certificates to authenticate the
 * client. Subject alternative names are not used for client authentication.
 */
@Suppress("DEPRECATION")
class HeldCertificate(