ReadSecretAsync is getting hanged

[mohanakrishnans007]

I am consuming Vault Sharp for conenctiong to HashiCorp Vault to fetch secret id. With the below method the application hangs and its not returning any response. Its going to infinite dead lock mode.Could you please check and help?

public async Task<Dictionary<string, object>> GetValue(string path, string mountPoint) { var secret = await _vaultClient.V1.Secrets.KeyValue.V1.ReadSecretAsync(path, mountPoint); // From here it hangs and never returns

            if (secret == null)
            {
                throw new DataException("Cannot find secret from vault ");

           }           
            return secret?.Data;                    
    }

[rajanadar]

Can you provide the vault api version, VaultSharp version, your framework and if this same read secret call works via vault cli?

[mohanakrishnans007]

Can you provide the vault api version, VaultSharp version, your framework and if this same read secret call works via vault cli?

Hi Raja, I am using the below version of Vault Sharp Package package id="VaultSharp" version="1.4.0.5" targetFramework="net452"

I am implementing the same way as like this guide https://sergeytihon.com/2019/10/08/hashicorp-vault-and-tls-certificate-authentication-for-net-applications-comprehensive-guide/

Thanks! Mohan

[rajanadar]

Cannot repro it locally. Can you please post more code snippet? Let me know the mount path value? And also if the CLI works for the same call.

Normally people have deadlocks when they don't use await and try to do a .Result You are using await. So it should not be a problem. Can you do other VaultSharp operations?

[mohanakrishnans007]

Cannot repro it locally. Can you please post more code snippet? Let me know the mount path value? And also if the CLI works for the same call.

Normally people have deadlocks when they don't use await and try to do a .Result You are using await. So it should not be a problem. Can you do other VaultSharp operations?

Hi Raja, I am using kv as the mountpath value .In the Command Line of Vault i could able to retrieve the secret data from Vault. But from the .NET application it hangs at the ReadSecretAsync VaultSharp method.

Thanks, Mohan

[mohanakrishnans007]

Hi Raja, @rajanadar Per this blog I have done all the changes now in ReadSecretAsync deadlock is not occurring but when this is consumed and if null is returned from the vault i.e. there is no secrets found or if .Result is used its getting hanged. PFB the code snippet

var gpSecretIdResponse = new VaultSecretProvider( "https://my.server.com:8200", // VAULT_ADDR "dev/my-team", // VAULT_NAMESPACE "877501d5a018e9344088fd5c89580f6b095f5326" // vault.pfx certificate thumbprint ).GetValue("my-secret", "kv") ;// path to the secret – vault write kv/my–secret value="s3c(eT"

if (gpSecretIdResponse?.Result?.Values != null) { return Request.CreateResponse(HttpStatusCode.ServiceUnavailable); }

        return Request.CreateResponse(HttpStatusCode.OK, gpSecretIdResponse?.Result.Values);

You have already told that .Result is causing the deadlocks, how do I add await here in the above code snippet to return the secret values, I tried but no luck, please help if you have any ideas/suggestions on this. Thanks much

Note - gpSecretIdResponse this Object is returned of type Task <Dictionary<string,object>>

[rajanadar]

hey @mohanakrishnans007

You are encountering the partial sync/async problem of .NET. This is an annoying issue several folks hit, where if your app is not 100% async across all layers, then some layers have to do (some-async-task).Result and deadlock is a possibility.

There is no silver-bullet solution to this, except folks try out a couple of workarounds. Please see https://stackoverflow.com/questions/9343594/how-to-call-asynchronous-method-from-synchronous-method-in-c

[rajanadar]

This is not a VaultSharp problem and a general async/await problem in any code calling it sync. Closing this issue.