diff --git a/examples/exec/Exec.cs b/examples/exec/Exec.cs
new file mode 100755
index 000000000..7bcf2391d
--- /dev/null
+++ b/examples/exec/Exec.cs
@@ -0,0 +1,34 @@
+using System;
+using System.Threading.Tasks;
+using k8s;
+using k8s.Models;
+
+namespace exec
+{
+ internal class Exec
+ {
+ private static async Task Main(string[] args)
+ {
+ var config = KubernetesClientConfiguration.BuildConfigFromConfigFile();
+ IKubernetes client = new Kubernetes(config);
+ Console.WriteLine("Starting Request!");
+
+ var list = client.ListNamespacedPod("default");
+ var pod = list.Items[0];
+ await ExecInPod(client, pod);
+ }
+
+ private async static Task ExecInPod(IKubernetes client, V1Pod pod) {
+ var webSocket = await client.WebSocketNamespacedPodExecAsync(pod.Metadata.Name, "default", "ls", pod.Spec.Containers[0].Name);
+
+ var demux = new StreamDemuxer(webSocket);
+ demux.Start();
+
+ var buff = new byte[4096];
+ var stream = demux.GetStream(1, 1);
+ var read = stream.Read(buff, 0, 4096);
+ var str = System.Text.Encoding.Default.GetString(buff);
+ Console.WriteLine(str);
+ }
+ }
+}
diff --git a/examples/exec/exec.csproj b/examples/exec/exec.csproj
new file mode 100755
index 000000000..4ae8b99a5
--- /dev/null
+++ b/examples/exec/exec.csproj
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+ Exe
+ netcoreapp2.1
+ 7.1
+
+
+
diff --git a/src/Kubernetes.ConfigInit.cs b/src/Kubernetes.ConfigInit.cs
index 277f53edc..75d04c547 100644
--- a/src/Kubernetes.ConfigInit.cs
+++ b/src/Kubernetes.ConfigInit.cs
@@ -38,6 +38,7 @@ public Kubernetes(KubernetesClientConfiguration config, params DelegatingHandler
}
CaCert = config.SslCaCert;
+ SkipTlsVerify = config.SkipTlsVerify;
if (BaseUri.Scheme == "https")
{
@@ -59,10 +60,15 @@ public Kubernetes(KubernetesClientConfiguration config, params DelegatingHandler
}
#if NET452
- ((WebRequestHandler) HttpClientHandler).ServerCertificateValidationCallback =
- CertificateValidationCallBack;
+ ((WebRequestHandler) HttpClientHandler).ServerCertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) =>
+ {
+ return Kubernetes.CertificateValidationCallBack(sender, CaCert, certificate, chain, sslPolicyErrors);
+ };
#else
- HttpClientHandler.ServerCertificateCustomValidationCallback = CertificateValidationCallBack;
+ HttpClientHandler.ServerCertificateCustomValidationCallback = (sender, certificate, chain, sslPolicyErrors) =>
+ {
+ return Kubernetes.CertificateValidationCallBack(sender, CaCert, certificate, chain, sslPolicyErrors);
+ };
#endif
}
}
@@ -73,6 +79,8 @@ public Kubernetes(KubernetesClientConfiguration config, params DelegatingHandler
private X509Certificate2 CaCert { get; }
+ private bool SkipTlsVerify { get; }
+
partial void CustomInitialize()
{
#if NET452
@@ -151,8 +159,9 @@ private void SetCredentials(KubernetesClientConfiguration config, HttpClientHand
/// ssl policy errors
/// true if valid cert
[SuppressMessage("Microsoft.Usage", "CA1801:ReviewUnusedParameters", Justification = "Unused by design")]
- private bool CertificateValidationCallBack(
+ public static bool CertificateValidationCallBack(
object sender,
+ X509Certificate2 caCert,
X509Certificate certificate,
X509Chain chain,
SslPolicyErrors sslPolicyErrors)
@@ -169,7 +178,7 @@ private bool CertificateValidationCallBack(
chain.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
// add all your extra certificate chain
- chain.ChainPolicy.ExtraStore.Add(CaCert);
+ chain.ChainPolicy.ExtraStore.Add(caCert);
chain.ChainPolicy.VerificationFlags = X509VerificationFlags.AllowUnknownCertificateAuthority;
var isValid = chain.Build((X509Certificate2) certificate);
return isValid;
diff --git a/src/Kubernetes.WebSocket.cs b/src/Kubernetes.WebSocket.cs
index 405a3b41c..0e51ed7e8 100644
--- a/src/Kubernetes.WebSocket.cs
+++ b/src/Kubernetes.WebSocket.cs
@@ -226,10 +226,13 @@ public partial class Kubernetes
#if NETCOREAPP2_1
if (this.CaCert != null)
+ {
webSocketBuilder.ExpectServerCertificate(this.CaCert);
- else
+ }
+ if (this.SkipTlsVerify)
+ {
webSocketBuilder.SkipServerCertificateValidation();
-
+ }
webSocketBuilder.Options.RequestedSubProtocols.Add(K8sProtocol.ChannelV1);
#endif // NETCOREAPP2_1
@@ -237,7 +240,6 @@ public partial class Kubernetes
cancellationToken.ThrowIfCancellationRequested();
WebSocket webSocket = null;
-
try
{
webSocket = await webSocketBuilder.BuildAndConnectAsync(uri, CancellationToken.None).ConfigureAwait(false);
@@ -258,7 +260,6 @@ public partial class Kubernetes
ServiceClientTracing.Exit(invocationId, null);
}
}
-
return webSocket;
}
}
diff --git a/src/WebSocketBuilder.NetCoreApp2.1.cs b/src/WebSocketBuilder.NetCoreApp2.1.cs
index 4cb80dc37..fceaffe47 100644
--- a/src/WebSocketBuilder.NetCoreApp2.1.cs
+++ b/src/WebSocketBuilder.NetCoreApp2.1.cs
@@ -39,34 +39,10 @@ public WebSocketBuilder AddClientCertificate(X509Certificate2 certificate)
public WebSocketBuilder ExpectServerCertificate(X509Certificate2 serverCertificate)
{
- Options.ServerCertificateCustomValidationCallback = (sender, certificate, chain, sslPolicyErrors) =>
+ Options.ServerCertificateCustomValidationCallback = (sender, certificate, chain, sslPolicyErrors) =>
{
- if (sslPolicyErrors != SslPolicyErrors.RemoteCertificateChainErrors)
- {
- return false;
- }
-
- try
- {
- using (X509Chain certificateChain = new X509Chain())
- {
- certificateChain.ChainPolicy.ExtraStore.Add(serverCertificate);
- certificateChain.ChainPolicy.VerificationFlags = X509VerificationFlags.AllowUnknownCertificateAuthority;
- certificateChain.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
-
- return certificateChain.Build(
- (X509Certificate2)certificate
- );
- }
- }
- catch (Exception chainException)
- {
- Debug.WriteLine(chainException);
-
- return false;
- }
+ return Kubernetes.CertificateValidationCallBack(sender, serverCertificate, certificate, chain, sslPolicyErrors);
};
-
return this;
}