add WebSocket server certificate validation for net452 (#231)

* fix a race condition. when multiple call to GetStream happens around the same time, on the same inputIndex, a race condition will cause this.buffers.Add() to throw exception. * add WebSocket server certificate validation support for net 452
2019-01-24 12:06:34 -08:00
parent 05273b7db7
commit 29b066286f
2 changed files with 39 additions and 1 deletions
--- a/src/KubernetesClient/Kubernetes.WebSocket.cs
+++ b/src/KubernetesClient/Kubernetes.WebSocket.cs
@@ -8,6 +8,9 @@ using System.Linq;
 using System.Net;
 using System.Net.Http;
 using System.Net.WebSockets;
+#if NET452
+using System.Net.Security;
+#endif
 using System.Security.Cryptography.X509Certificates;
 using System.Threading;
 using System.Threading.Tasks;
@@ -256,6 +259,13 @@ namespace k8s
                }
            }

+#if NET452
+            if (this.CaCert != null)
+            {
+                webSocketBuilder.SetServerCertificateValidationCallback(this.ServerCertificateValidationCallback);
+            }
+#endif
+
 #if NETCOREAPP2_1
            if (this.CaCert != null)
            {
@@ -336,8 +346,21 @@ namespace k8s
                {
                    ServiceClientTracing.Exit(invocationId, null);
                }
+#if NET452
+                if (this.CaCert != null)
+                {
+                    webSocketBuilder.CleanupServerCertificateValidationCallback(this.ServerCertificateValidationCallback);
+                }
+#endif
            }
            return webSocket;
        }
+
+#if NET452
+        internal bool ServerCertificateValidationCallback(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
+        {
+            return Kubernetes.CertificateValidationCallBack(sender, this.CaCert, certificate, chain, sslPolicyErrors);
+        }
+#endif
    }
 }
--- a/src/KubernetesClient/WebSocketBuilder.cs
+++ b/src/KubernetesClient/WebSocketBuilder.cs
@@ -1,5 +1,8 @@
 using System;
 using System.Net.WebSockets;
+#if NET452
+using System.Net.Security;
+#endif
 using System.Security.Cryptography.X509Certificates;
 using System.Threading;
 using System.Threading.Tasks;
@@ -35,8 +38,20 @@ namespace k8s
            return this;
        }

-#if NETCOREAPP2_1
+#if NET452
+        public WebSocketBuilder SetServerCertificateValidationCallback(RemoteCertificateValidationCallback validationCallback)
+        {
+            System.Net.ServicePointManager.ServerCertificateValidationCallback += validationCallback;
+            return this;
+        }

+        public void CleanupServerCertificateValidationCallback(RemoteCertificateValidationCallback validationCallback)
+        {
+            System.Net.ServicePointManager.ServerCertificateValidationCallback -= validationCallback;
+        }
+#endif
+
+#if NETCOREAPP2_1
        public WebSocketBuilder ExpectServerCertificate(X509Certificate2 serverCertificate)
        {
            Options.RemoteCertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) =>