protocols: List<@JvmSuppressWildcards Protocol>,
  ) {
    if (sslSocket is BCSSLSocket) {
      val sslParameters = sslSocket.parameters

      // Enable ALPN.
      val names = alpnProtocolNames(protocols)
      sslParameters.applicationProtocols = names.toTypedArray()

      sslSocket.parameters = sslParameters
    } else {
      super.configureTlsExtensions(sslSocket, hostname, protocols)
    }
  }

        .build()
    val acceptedIssuers = handshakeCertificates.trustManager.acceptedIssuers
    val names =
      acceptedIssuers
        .map { it.subjectDN.name }
        .toSet()

    // It's safe to assume all platforms will have a major Internet certificate issuer.
    assertThat(names).matchesPredicate { strings ->
      strings.any { it.matches(Regex("[A-Z]+=Entrust.*")) }
    }
  }

          schemeName,
          Collections.singletonMap<String, String>(null, peek + "=".repeat(eqCount)),
        ),
      )
      peek = null
      continue
    }

    // It's a series of parameter names and values.
    val parameters = mutableMapOf<String?, String>()
    eqCount += skipAll('='.code.toByte())
    while (true) {
      if (peek == null) {
        peek = readToken()

  }

  class Builder
    @JvmOverloads
    constructor(private val charset: Charset? = null) {
      private val names = mutableListOf<String>()
      private val values = mutableListOf<String>()

      fun add(
        name: String,
        value: String,
      ) = apply {
        names +=
          name.canonicalizeWithCharset(
            encodeSet = FORM_ENCODE_SET,

    if (matchesSocket(sslSocket)) {
      // Enable session tickets.
      Conscrypt.setUseSessionTickets(sslSocket, true)

      // Enable ALPN.
      val names = Platform.alpnProtocolNames(protocols)
      Conscrypt.setApplicationProtocols(sslSocket, names.toTypedArray())
    }
  }

  companion object {
    val factory =
      object : DeferredSocketAdapter.Factory {

import okhttp3.internal.platform.Platform
import okhttp3.internal.readFieldOrNull

/**
 * Base Android reflection based SocketAdapter for the built in Android SSLSocket.
 *
 * It's assumed to always be present with known class names on Android devices, so we build
 * optimistically via [buildIfSupported].  But it also doesn't assume a compile time API.
 */
class StandardAndroidSocketAdapter(
  sslSocketClass: Class<in SSLSocket>,

package okhttp3

import java.net.InetAddress
import java.net.UnknownHostException
import java.util.concurrent.CountDownLatch
import okio.IOException

/**
 * An async domain name service that resolves IP addresses for host names.
 *
 * The main implementations will typically be implemented using specific DNS libraries such as
 *  * Android DnsResolver
 *  * OkHttp DnsOverHttps
 *  * dnsjava Resolver
 *

          i = end
        } while (i < newline)
        i++
      }
    }
  }

  private fun loggerTag(loggerName: String): String {
    // We need to handle long logger names before they hit Log.
    // java.lang.IllegalArgumentException: Log tag "okhttp3.mockwebserver.MockWebServer" exceeds limit of 23 characters
    return knownLoggers[loggerName] ?: loggerName.take(23)
  }

  fun enable() {

 *
 *  2. If there is a connection in the pool that can satisfy the request it is used. Note that it is
 *     possible for shared exchanges to make requests to different host names! See
 *     [RealConnection.isEligible] for details.
 *
 *  3. Attempt plans from prior connect attempts for this call. These occur as either follow-ups to

 *
 * To perform server authentication:
 *
 *  * The server's handshake certificates must have a [held certificate][HeldCertificate] (a
 *    certificate and its private key). The certificate's subject alternative names must match the
 *    server's hostname. The server must also have is a (possibly-empty) chain of intermediate
 *    certificates to establish trust from a root certificate to the server's certificate. The root