Skip to content

add WebSocket server certificate validation for net452 #231

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Jan 24, 2019
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 23 additions & 0 deletions src/KubernetesClient/Kubernetes.WebSocket.cs
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,9 @@
using System.Net;
using System.Net.Http;
using System.Net.WebSockets;
#if NET452
using System.Net.Security;
#endif
using System.Security.Cryptography.X509Certificates;
using System.Threading;
using System.Threading.Tasks;
Expand Down Expand Up @@ -256,6 +259,13 @@ public partial class Kubernetes
}
}

#if NET452
if (this.CaCert != null)
{
webSocketBuilder.SetServerCertificateValidationCallback(this.ServerCertificateValidationCallback);
}
#endif

#if NETCOREAPP2_1
if (this.CaCert != null)
{
Expand Down Expand Up @@ -336,8 +346,21 @@ public partial class Kubernetes
{
ServiceClientTracing.Exit(invocationId, null);
}
#if NET452
if (this.CaCert != null)
{
webSocketBuilder.CleanupServerCertificateValidationCallback(this.ServerCertificateValidationCallback);
}
#endif
}
return webSocket;
}

#if NET452
internal bool ServerCertificateValidationCallback(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
return Kubernetes.CertificateValidationCallBack(sender, this.CaCert, certificate, chain, sslPolicyErrors);
}
#endif
}
}
17 changes: 16 additions & 1 deletion src/KubernetesClient/WebSocketBuilder.cs
Original file line number Diff line number Diff line change
@@ -1,5 +1,8 @@
using System;
using System.Net.WebSockets;
#if NET452
using System.Net.Security;
#endif
using System.Security.Cryptography.X509Certificates;
using System.Threading;
using System.Threading.Tasks;
Expand Down Expand Up @@ -35,8 +38,20 @@ public virtual WebSocketBuilder AddClientCertificate(X509Certificate2 certificat
return this;
}

#if NETCOREAPP2_1
#if NET452
public WebSocketBuilder SetServerCertificateValidationCallback(RemoteCertificateValidationCallback validationCallback)
{
System.Net.ServicePointManager.ServerCertificateValidationCallback += validationCallback;
return this;
}

public void CleanupServerCertificateValidationCallback(RemoteCertificateValidationCallback validationCallback)
{
System.Net.ServicePointManager.ServerCertificateValidationCallback -= validationCallback;
}
#endif

#if NETCOREAPP2_1
public WebSocketBuilder ExpectServerCertificate(X509Certificate2 serverCertificate)
{
Options.RemoteCertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) =>
Expand Down