Grpc requests go via proxy on Grpc.NET.Client >= 2.44

KirillKurdyukov · KirillKurdyukov · commit 8c65e6a009a1 · 2024-11-28T13:23:38.000+03:00
diff --git a/src/Ydb.Sdk/src/Pool/ChannelPool.cs b/src/Ydb.Sdk/src/Pool/ChannelPool.cs
@@ -1,5 +1,6 @@
 using System.Collections.Concurrent;
 using System.Collections.Immutable;
+using System.Net;
 using System.Net.Security;
 using System.Security.Cryptography.X509Certificates;
 using Grpc.Core;
@@ -103,37 +104,39 @@ public GrpcChannel CreateChannel(string endpoint)
             return GrpcChannel.ForAddress(endpoint, channelOptions);
         }
 
-        var httpHandler = new SocketsHttpHandler();
-
         var customCertificate = DotNetUtilities.FromX509Certificate(_x509Certificate);
 
-        httpHandler.SslOptions.RemoteCertificateValidationCallback =
-            (_, certificate, _, sslPolicyErrors) =>
-            {
-                if (sslPolicyErrors == SslPolicyErrors.None)
-                {
-                    return true;
-                }
-
-                if (certificate is null)
-                {
-                    return false;
-                }
-
-                try
-                {
-                    var cert = DotNetUtilities.FromX509Certificate(certificate);
-                    cert.Verify(customCertificate.GetPublicKey());
-                }
-                catch (Exception e)
+        var httpHandler = new HttpClientHandler
+        {
+            ServerCertificateCustomValidationCallback =
+                (_, certificate, _, sslPolicyErrors) =>
                 {
-                    _logger.LogError(e, "Failed to verify remote certificate!");
+                    if (sslPolicyErrors == SslPolicyErrors.None)
+                    {
+                        return true;
+                    }
+
+                    if (certificate is null)
+                    {
+                        return false;
+                    }
+
+                    try
+                    {
+                        var cert = DotNetUtilities.FromX509Certificate(certificate);
+                        cert.Verify(customCertificate.GetPublicKey());
+                    }
+                    catch (Exception e)
+                    {
+                        _logger.LogError(e, "Failed to verify remote certificate!");
+
+                        return false;
+                    }
 
-                    return false;
+                    return true;
                 }
-
-                return true;
-            };
+        };
+        httpHandler.Properties["__GrpcLoadBalancingDisabled"] = true;
 
         channelOptions.HttpHandler = httpHandler;
         channelOptions.DisposeHttpClient = true;
