// ReadEnvironment reads configuration information from the
// environment. If there is an error, no configuration value
// is updated.
//~ func (c *Config) ReadEnvironment() error {
public void ReadEnvironment()
{
//~ var envAddress string
//~ var envCACert string
//~ var envCAPath string
//~ var envClientCert string
//~ var envClientKey string
//~ var envInsecure bool
//~ var envTLSServerName string
//~ var envMaxRetries *uint64
//~
//~ // Parse the environment variables
//~ if v := os.Getenv(EnvVaultAddress); v != "" {
//~ envAddress = v
//~ }
//~ if v := os.Getenv(EnvVaultMaxRetries); v != "" {
//~ maxRetries, err := strconv.ParseUint(v, 10, 32)
//~ if err != nil {
//~ return err
//~ }
//~ envMaxRetries = &maxRetries
//~ }
//~ if v := os.Getenv(EnvVaultCACert); v != "" {
//~ envCACert = v
//~ }
//~ if v := os.Getenv(EnvVaultCAPath); v != "" {
//~ envCAPath = v
//~ }
//~ if v := os.Getenv(EnvVaultClientCert); v != "" {
//~ envClientCert = v
//~ }
//~ if v := os.Getenv(EnvVaultClientKey); v != "" {
//~ envClientKey = v
//~ }
//~ if v := os.Getenv(EnvVaultInsecure); v != "" {
//~ var err error
//~ envInsecure, err = strconv.ParseBool(v)
//~ if err != nil {
//~ return fmt.Errorf("Could not parse VAULT_SKIP_VERIFY")
//~ }
//~ }
//~ if v := os.Getenv(EnvVaultTLSServerName); v != "" {
//~ envTLSServerName = v
//~ }
// Configure the HTTP clients TLS configuration.
//~ t := &TLSConfig{
//~ CACert: envCACert,
//~ CAPath: envCAPath,
//~ ClientCert: envClientCert,
//~ ClientKey: envClientKey,
//~ TLSServerName: envTLSServerName,
//~ Insecure: envInsecure,
//~ }
//~ if err := c.ConfigureTLS(t); err != nil {
//~ return err
//~ }
//~
//~ if envAddress != "" {
//~ c.Address = envAddress
//~ }
//~
//~ if envMaxRetries != nil {
//~ c.MaxRetries = int(*envMaxRetries) + 1
//~ }
string v;
var t = new TLSConfig
{
CACert = Environment.GetEnvironmentVariable(Constants.EnvVaultCACert),
CAPath = Environment.GetEnvironmentVariable(Constants.EnvVaultCAPath),
ClientCert = Environment.GetEnvironmentVariable(Constants.EnvVaultClientCert),
ClientKey = Environment.GetEnvironmentVariable(Constants.EnvVaultClientKey),
TLSServerName = Environment.GetEnvironmentVariable(Constants.EnvVaultTLSServerName),
};
v = Environment.GetEnvironmentVariable(Constants.EnvVaultInsecure);
if (bool.TryParse(v, out var envInsecure))
{
t.Insecure = envInsecure;
}
ConfigureTLS(t);
v = Environment.GetEnvironmentVariable(Constants.EnvVaultAddress);
if (!string.IsNullOrEmpty(v))
{
this.Address = v;
}
v = Environment.GetEnvironmentVariable(Constants.EnvVaultMaxRetries);
if (uint.TryParse(v, out var envMaxRetries))
{
this.MaxRetries = (int)envMaxRetries;
}
//~ return nil
}
// ConfigureTLS takes a set of TLS configurations and applies those to the the HTTP client.
//~ func (c *Config) ConfigureTLS(t *TLSConfig) error {
public void ConfigureTLS(TLSConfig t)
{
//~ if c.HttpClient == nil {
//~ c.HttpClient = DefaultConfig().HttpClient
//~ }
if (this.HttpClient == null)
{
(this.HttpClient, this.HttpClientHandler) =
DefaultConfig().GetHttpClient();
}
//~ var clientCert tls.Certificate
//~ foundClientCert := false
//~ if t.CACert != "" || t.CAPath != "" || t.ClientCert != "" || t.ClientKey != "" || t.Insecure {
//~ if t.ClientCert != "" && t.ClientKey != "" {
//~ var err error
//~ clientCert, err = tls.LoadX509KeyPair(t.ClientCert, t.ClientKey)
//~ if err != nil {
//~ return err
//~ }
//~ foundClientCert = true
//~ } else if t.ClientCert != "" || t.ClientKey != "" {
//~ return fmt.Errorf("Both client cert and client key must be provided")
//~ }
//~ }
X509Certificate2 clientCert = null;
var foundClientCert = false;
if (!string.IsNullOrEmpty(t.CACert) || !string.IsNullOrEmpty(t.CAPath) ||
!string.IsNullOrEmpty(t.ClientCert) || !string.IsNullOrEmpty(t.ClientKey) ||
t.Insecure)
{
if (!string.IsNullOrEmpty(t.ClientCert) && !string.IsNullOrEmpty(t.ClientKey))
{
clientCert = new X509Certificate2(t.ClientCert, t.ClientKey);
foundClientCert = true;
}
else if (!string.IsNullOrEmpty(t.ClientCert) || !string.IsNullOrEmpty(t.ClientKey))
{
throw new InvalidOperationException("Both client cert and client key must be provided");
}
}
//~ clientTLSConfig := c.HttpClient.Transport.(*http.Transport).TLSClientConfig
//~ rootConfig := &rootcerts.Config{
//~ CAFile: t.CACert,
//~ CAPath: t.CAPath,
//~ }
//~ if err := rootcerts.ConfigureTLS(clientTLSConfig, rootConfig); err != nil {
//~ return err
//~ }
//~
//~ clientTLSConfig.InsecureSkipVerify = t.Insecure
//~
//~ if foundClientCert {
//~ clientTLSConfig.Certificates = []tls.Certificate{clientCert}
//~ }
//~ if t.TLSServerName != "" {
//~ clientTLSConfig.ServerName = t.TLSServerName
//~ }
if (clientCert != null)
{
this.HttpClientHandler.ClientCertificates.Add(clientCert);
}
// TODO: this implementation needs to be reviewed with use of
// ServicePointManager
//~ return nil
}