public HttpClientHandler CreateDefaultHttpClientHandler()
{
var httpClientHandler = new HttpClientHandler();
var uriScheme = new Uri(this.Host).Scheme;
if (uriScheme == "https")
{
if (SkipTlsVerify)
{
httpClientHandler.ServerCertificateCustomValidationCallback =
(sender, certificate, chain, sslPolicyErrors) => true;
}
else
{
httpClientHandler.ServerCertificateCustomValidationCallback =
(sender, certificate, chain, sslPolicyErrors) =>
{
return(Kubernetes.CertificateValidationCallBack(sender, SslCaCerts, certificate, chain,
sslPolicyErrors));
};
}
}
AddCertificates(httpClientHandler);
return(httpClientHandler);
}
public WebSocketBuilder ExpectServerCertificate(X509Certificate2 serverCertificate)
{
Options.ServerCertificateCustomValidationCallback = (sender, certificate, chain, sslPolicyErrors) =>
{
return(Kubernetes.CertificateValidationCallBack(sender, serverCertificate, certificate, chain, sslPolicyErrors));
};
return(this);
}
/// <summary>
/// Initializes a new instance of the <see cref="Kubernetes" /> class.
/// </summary>
/// <param name='config'>
/// Optional. The delegating handlers to add to the http client pipeline.
/// </param>
/// <param name="handlers">
/// Optional. The delegating handlers to add to the http client pipeline.
/// </param>
public Kubernetes(KubernetesClientConfiguration config, params DelegatingHandler[] handlers) : this(handlers)
{
if (string.IsNullOrWhiteSpace(config.Host))
{
throw new KubeConfigException("Host url must be set");
}
try
{
BaseUri = new Uri(config.Host);
}
catch (UriFormatException e)
{
throw new KubeConfigException("Bad host url", e);
}
CaCert = config.SslCaCert;
SkipTlsVerify = config.SkipTlsVerify;
if (BaseUri.Scheme == "https")
{
if (config.SkipTlsVerify)
{
#if NET452
((WebRequestHandler)HttpClientHandler).ServerCertificateValidationCallback =
(sender, certificate, chain, sslPolicyErrors) => true;
#else
HttpClientHandler.ServerCertificateCustomValidationCallback =
(sender, certificate, chain, sslPolicyErrors) => true;
#endif
}
else
{
if (CaCert == null)
{
throw new KubeConfigException("a CA must be set when SkipTlsVerify === false");
}
#if NET452
((WebRequestHandler)HttpClientHandler).ServerCertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) =>
{
return(Kubernetes.CertificateValidationCallBack(sender, CaCert, certificate, chain, sslPolicyErrors));
};
#else
HttpClientHandler.ServerCertificateCustomValidationCallback = (sender, certificate, chain, sslPolicyErrors) =>
{
return(Kubernetes.CertificateValidationCallBack(sender, CaCert, certificate, chain, sslPolicyErrors));
};
#endif
}
}
// set credentails for the kubernernet client
SetCredentials(config, HttpClientHandler);
}
private void InitializeFromConfig(KubernetesClientConfiguration config)
{
if (BaseUri.Scheme == "https")
{
if (config.SkipTlsVerify)
{
#if NET452
((WebRequestHandler)HttpClientHandler).ServerCertificateValidationCallback =
(sender, certificate, chain, sslPolicyErrors) => true;
#elif XAMARINIOS1_0 || MONOANDROID8_1
System.Net.ServicePointManager.ServerCertificateValidationCallback += (sender, certificate, chain, sslPolicyErrors) =>
{
return(true);
};
#else
HttpClientHandler.ServerCertificateCustomValidationCallback =
(sender, certificate, chain, sslPolicyErrors) => true;
#endif
}
else
{
if (CaCerts == null)
{
throw new KubeConfigException("A CA must be set when SkipTlsVerify === false");
}
#if NET452
((WebRequestHandler)HttpClientHandler).ServerCertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) =>
{
return(Kubernetes.CertificateValidationCallBack(sender, CaCerts, certificate, chain, sslPolicyErrors));
};
#elif XAMARINIOS1_0
System.Net.ServicePointManager.ServerCertificateValidationCallback += (sender, certificate, chain, sslPolicyErrors) =>
{
var cert = new X509Certificate2(certificate);
return(Kubernetes.CertificateValidationCallBack(sender, CaCerts, cert, chain, sslPolicyErrors));
};
#elif MONOANDROID8_1
var certList = new System.Collections.Generic.List <Java.Security.Cert.Certificate>();
foreach (X509Certificate2 caCert in CaCerts)
{
using (var certStream = new System.IO.MemoryStream(caCert.RawData))
{
Java.Security.Cert.Certificate cert = Java.Security.Cert.CertificateFactory.GetInstance("X509").GenerateCertificate(certStream);
certList.Add(cert);
}
}
var handler = (Xamarin.Android.Net.AndroidClientHandler) this.HttpClientHandler;
handler.TrustedCerts = certList;
#else
HttpClientHandler.ServerCertificateCustomValidationCallback = (sender, certificate, chain, sslPolicyErrors) =>
{
return(Kubernetes.CertificateValidationCallBack(sender, CaCerts, certificate, chain, sslPolicyErrors));
};
#endif
}
}
// set credentails for the kubernetes client
SetCredentials(config);
config.AddCertificates(HttpClientHandler);
}
internal bool ServerCertificateValidationCallback(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
return(Kubernetes.CertificateValidationCallBack(sender, this.CaCerts, certificate, chain, sslPolicyErrors));
}
private void InitKubernetes(KubernetesClientConfiguration config)
{
if (string.IsNullOrWhiteSpace(config.Host))
{
throw new KubeConfigException("Host url must be set");
}
try
{
BaseUri = new Uri(config.Host);
}
catch (UriFormatException e)
{
throw new KubeConfigException("Bad host url", e);
}
CaCert = config.SslCaCert;
SkipTlsVerify = config.SkipTlsVerify;
if (BaseUri.Scheme == "https")
{
if (config.SkipTlsVerify)
{
#if NET452
((WebRequestHandler)HttpClientHandler).ServerCertificateValidationCallback =
(sender, certificate, chain, sslPolicyErrors) => true;
#elif XAMARINIOS1_0
System.Net.ServicePointManager.ServerCertificateValidationCallback += (sender, certificate, chain, sslPolicyErrors) =>
{
return(true);
};
#else
HttpClientHandler.ServerCertificateCustomValidationCallback =
(sender, certificate, chain, sslPolicyErrors) => true;
#endif
}
else
{
if (CaCert == null)
{
throw new KubeConfigException("a CA must be set when SkipTlsVerify === false");
}
#if NET452
((WebRequestHandler)HttpClientHandler).ServerCertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) =>
{
return(Kubernetes.CertificateValidationCallBack(sender, CaCert, certificate, chain, sslPolicyErrors));
};
#elif XAMARINIOS1_0
System.Net.ServicePointManager.ServerCertificateValidationCallback += (sender, certificate, chain, sslPolicyErrors) =>
{
var cert = new X509Certificate2(certificate);
return(Kubernetes.CertificateValidationCallBack(sender, CaCert, cert, chain, sslPolicyErrors));
};
#else
HttpClientHandler.ServerCertificateCustomValidationCallback = (sender, certificate, chain, sslPolicyErrors) =>
{
return(Kubernetes.CertificateValidationCallBack(sender, CaCert, certificate, chain, sslPolicyErrors));
};
#endif
}
}
// set credentails for the kubernernet client
SetCredentials(config, HttpClientHandler);
}
