var CommonNameUserConversion = UserConversionFunc(func(chain []*x509.Certificate) (*authenticator.Response, bool, error) {
	if len(chain[0].Subject.CommonName) == 0 {
		return nil, false, nil
	}
	return &authenticator.Response{
		User: &user.DefaultInfo{
			Name:   chain[0].Subject.CommonName,
			Groups: chain[0].Subject.Organization,
		},
	}, true, nil

* table
-N chain
-A chain -f foo -b bar
-I chain 2 -f foo -b bar
-A chain -f foo -b baz

     *
     * @param rule the rule to add to the chain
     * @since 4.0
     */
    void add(Class<? extends AttributeCompatibilityRule<T>> rule);

    /**
     * <p>Adds an arbitrary compatibility rule to the chain, possibly configuring the rule as well.</p>
     *
     * @param rule the rule to add to the chain
     * @param configureAction the action to use to configure the rule
     * @since 4.0

-t table -N chain
-t table -I chain 1 -f foo -b bar
-t table -I chain 2 -f foo -b baaz

-t table -N chain
-t table -A chain -f foo -b bar
-t table -I chain 2 -f foo -b bar

-t table -N chain
-t table -A chain -f foo -b bar
-t table -A chain -f fu -b bar

const N = 10

func AsynchFifo() {
	ch := make(chan int, N)
	for i := 0; i < N; i++ {
		ch <- i
	}
	for i := 0; i < N; i++ {
		if <-ch != i {
			print("bad receive\n")
			os.Exit(1)
		}
	}
}

func Chain(ch <-chan int, val int, in <-chan int, out chan<- int) {
	<-in
	if <-ch != val {
		panic(val)
	}
	out <- 1
}

// thread together a daisy chain to read the elements in sequence
func SynchFifo() {

// root cert into the cert chain.
// 2. root cert is specified in mesh config and also can be extracted in signed cert chain, in this
// case we verify the signed cert chain against the root cert from mesh config and append it
// into the cert chain if the two root certs are different. This is typical when
// the returned cert chain only contains the intermediate CA.

    public void test_convert() throws Exception {
        /*
         * TODO ReadingConverterChain chain = new ReadingConverterChain(); chain.addConverter(new KatakanaConverter());
         * chain.addConverter(new KatakanaToAlphabetConverter()); chain.init();
         *
         * List<String> list = chain.convert("検索"); assertTrue(list.contains("ケンサク"));
         * assertTrue(list.contains("kennsaku"));
         */
    }

  override fun checkServerTrusted(
    chain: Array<out X509Certificate>,
    authType: String,
    socket: Socket,
  ) {
    if (socket.peerName() !in insecureHosts) {
      delegate.checkServerTrusted(chain, authType, socket)
    }
  }

  override fun checkServerTrusted(
    chain: Array<out X509Certificate>,
    authType: String,
    engine: SSLEngine,
  ) {