* was acquired, or null if no connection was acquired. The acquired connection will also be
   * given to [connectionUser] who may (for example) assign it to a [RealCall.connection].
   *
   * This confirms the returned connection is healthy before returning it. If this encounters any
   * unhealthy connections in its search, this will clean them up.
   *

          source.skip(remainingByteCount)
          closeLater(ErrorCode.FLOW_CONTROL_ERROR)
          return
        }

        // Discard data received after the stream is finished. It's probably a benign race.
        if (finished) {
          source.skip(remainingByteCount)
          return
        }

        // Fill the receive buffer without holding any locks.

dellogliastra.it delmenhorst.museum deloitte delta demo.datacenter.fi demo.datadetect.com demo.jelastic.com democracia.bo democrat demon.nl denmark.museum deno-staging.dev deno.dev dental dentist dep.no deporte.bo depot.museum des.br desa.id desi design design.aero design.museum det.br deta.app deta.dev detroit.museum dev dev-myqnapcloud.com dev.br dev.static.land dev.vu development.run devices.resinstaging.io df.gov.br df.leg.br dgca.aero dh.bytemark.co.uk dhl diadem.cloud diamonds dielddanuorri.no diet digick.jp...

// Repl.it : https://repl.it
// Submitted by Lincoln Bergeson <******@****.***>
firewalledreplit.co
id.firewalledreplit.co
repl.co
id.repl.co
repl.run

// Resin.io : https://resin.io
// Submitted by Tim Perry <tim@resin.io>
resindevice.io
devices.resinstaging.io

// RethinkDB : https://www.rethinkdb.com/
// Submitted by Chris Kastorff <******@****.***>
hzc.io

0EB3          ; mapped                 ; 0ECD 0EB2     # 1.1  LAO VOWEL SIGN AM
0EB4..0EB9    ; valid                                  # 1.1  LAO VOWEL SIGN I..LAO VOWEL SIGN UU
0EBA          ; valid                                  # 12.0 LAO SIGN PALI VIRAMA
0EBB..0EBD    ; valid                                  # 1.1  LAO VOWEL SIGN MAI KON..LAO SEMIVOWEL SIGN NYO

to generate a trusted root certificate, an intermediate certificate, and a server certificate.
We use `certificateAuthority(int)` to create certificates that can sign other certificates. The
int specifies how many intermediate certificates are allowed beneath it in the chain.

```java
HeldCertificate rootCertificate = new HeldCertificate.Builder()
    .certificateAuthority(1)

   *
   * The attacker compromises a CA. They take the public key from an intermediate certificate
   * signed by the compromised CA's certificate and uses it in a non-CA certificate. They ask the
   * pinned CA above to sign it for non-certificate-authority uses:
   *
   * ```
   *   pinnedRoot (trusted by CertificatePinner)
   *     -> pinnedIntermediate (trusted by CertificatePinner)
   *         -> attackerSwitch
   * ```
   *