in edge-modules/iotedge-diagnostics-dotnet/src/Program.cs [89:158]
static async Task Upstream(string hostname, string port, string proxy, string isNested, string workload_uri)
{
bool nested = string.Equals(isNested, "true");
if (port == "443")
{
var httpClientHandler = new HttpClientHandler();
if (proxy != null)
{
Environment.SetEnvironmentVariable("https_proxy", proxy);
}
if (nested)
{
await LoadTrustBundle(workload_uri);
}
var httpClient = new HttpClient(httpClientHandler);
var logsUrl = string.Format("https://{0}/devices/0000/modules", hostname);
var httpRequest = new HttpRequestMessage(HttpMethod.Get, logsUrl);
try
{
HttpResponseMessage httpResponseMessage = await httpClient.SendAsync(httpRequest, HttpCompletionOption.ResponseHeadersRead);
if (nested)
{
var keys = httpResponseMessage.Headers.GetValues("iothub-errorcode");
if (!keys.Contains("InvalidProtocolVersion"))
{
throw new Exception($"Wrong value for iothub-errorcode header");
}
}
}
catch (Exception ex)
{
string message = ex.Message;
if ((ex.InnerException is AuthenticationException) && nested)
{
message += "Make sure that the parent root certificate is part of this device trustbundle. Use the command 'openssl s_client -connect parent_hostname:443' to display parent certificate chain.";
}
throw new Exception(message);
}
}
else
{
// The current rust code never put proxy parameter when port is != than 443.
// So the code below is never exercised. It was put there to avoid silently ignoring the proxy
// if the rust code is changed.
if (proxy != null)
{
Uri proxyUri = new Uri(proxy);
IProxyClient proxyClient = MakeProxy(proxyUri);
// Setup timeouts
proxyClient.ReceiveTimeout = (int)TimeSpan.FromSeconds(60).TotalMilliseconds;
proxyClient.SendTimeout = (int)TimeSpan.FromSeconds(60).TotalMilliseconds;
// Get TcpClient to futher work
var client = proxyClient.CreateConnection(hostname, int.Parse(port));
client.GetStream();
}
else
{
TcpClient client = new TcpClient();
await client.ConnectAsync(hostname, int.Parse(port));
client.GetStream();
}
}
}