Loading...

Type: Task
Resolution: Duplicate
Priority: Unknown
Fix Version/s: None
Affects Version/s: None
Component/s: None
Labels:
None

Confidence Status:
None

Assigned Teams:

Python Drivers

Documentation Changes Summary:

Hide

1. What would you like to communicate to the user about this feature?
2. Would you like the user to see examples of the syntax and/or executable code and its output?
3. Which versions of the driver/connector does this apply to?

Show
1. What would you like to communicate to the user about this feature? 2. Would you like the user to see examples of the syntax and/or executable code and its output? 3. Which versions of the driver/connector does this apply to?

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name:
None
Goal Link:
None

A number of TestKmsTLSOptions test have been seen failing with one of the two errors:

[2025/03/20 09:46:09.129] FAILURE: AssertionError: "HTTP status=404" does not match "KMS request failed after 3 retries due to a network error, last attempt failed with: 127.0.0.1:9002: (11, 'EAGAIN') (configured timeouts: socketTimeoutMS: 20000.0ms, connectTimeoutMS: 20000.0ms)" ()
[2025/03/20 09:46:09.129] self = <pymongo.asynchronous.encryption._EncryptionIO object at 0x7f9a853e4ec0>
[2025/03/20 09:46:09.129] kms_context = <pymongocrypt.mongocrypt.MongoCryptKmsContext object at 0x7f9a8c0ff520>
[2025/03/20 09:46:09.129]     async def kms_request(self, kms_context: MongoCryptKmsContext) -> None:
[2025/03/20 09:46:09.129]         """Complete a KMS request.
[2025/03/20 09:46:09.129]     
[2025/03/20 09:46:09.129]         :param kms_context: A :class:`MongoCryptKmsContext`.
[2025/03/20 09:46:09.129]     
[2025/03/20 09:46:09.129]         :return: None
[2025/03/20 09:46:09.129]         """
[2025/03/20 09:46:09.129]         endpoint = kms_context.endpoint
[2025/03/20 09:46:09.129]         message = kms_context.message
[2025/03/20 09:46:09.129]         provider = kms_context.kms_provider
[2025/03/20 09:46:09.129]         ctx = self.opts._kms_ssl_contexts.get(provider)
[2025/03/20 09:46:09.129]         if ctx is None:
[2025/03/20 09:46:09.129]             # Enable strict certificate verification, OCSP, match hostname, and
[2025/03/20 09:46:09.129]             # SNI using the system default CA certificates.
[2025/03/20 09:46:09.129]             ctx = get_ssl_context(
[2025/03/20 09:46:09.129]                 None,  # certfile
[2025/03/20 09:46:09.129]                 None,  # passphrase
[2025/03/20 09:46:09.129]                 None,  # ca_certs
[2025/03/20 09:46:09.129]                 None,  # crlfile
[2025/03/20 09:46:09.129]                 False,  # allow_invalid_certificates
[2025/03/20 09:46:09.129]                 False,  # allow_invalid_hostnames
[2025/03/20 09:46:09.129]                 False,  # disable_ocsp_endpoint_check
[2025/03/20 09:46:09.129]             )
[2025/03/20 09:46:09.129]         # CSOT: set timeout for socket creation.
[2025/03/20 09:46:09.129]         connect_timeout = max(_csot.clamp_remaining(_KMS_CONNECT_TIMEOUT), 0.001)
[2025/03/20 09:46:09.129]         opts = PoolOptions(
[2025/03/20 09:46:09.129]             connect_timeout=connect_timeout,
[2025/03/20 09:46:09.129]             socket_timeout=connect_timeout,
[2025/03/20 09:46:09.129]             ssl_context=ctx,
[2025/03/20 09:46:09.129]         )
[2025/03/20 09:46:09.129]         address = parse_host(endpoint, _HTTPS_PORT)
[2025/03/20 09:46:09.129]         sleep_u = kms_context.usleep
[2025/03/20 09:46:09.129]         if sleep_u:
[2025/03/20 09:46:09.129]             sleep_sec = float(sleep_u) / 1e6
[2025/03/20 09:46:09.129]             await asyncio.sleep(sleep_sec)
[2025/03/20 09:46:09.129]         try:
[2025/03/20 09:46:09.129]             conn = await _connect_kms(address, opts)
[2025/03/20 09:46:09.129]             try:
[2025/03/20 09:46:09.129]                 await async_sendall(conn, message)
[2025/03/20 09:46:09.129]                 while kms_context.bytes_needed > 0:
[2025/03/20 09:46:09.129]                     # CSOT: update timeout.
[2025/03/20 09:46:09.129]                     conn.settimeout(max(_csot.clamp_remaining(_KMS_CONNECT_TIMEOUT), 0))
[2025/03/20 09:46:09.129]                     if _IS_SYNC:
[2025/03/20 09:46:09.129]                         data = conn.recv(kms_context.bytes_needed)
[2025/03/20 09:46:09.129]                     else:
[2025/03/20 09:46:09.129]                         from pymongo.network_layer import (  # type: ignore[attr-defined]
[2025/03/20 09:46:09.129]                             async_receive_data_socket,
[2025/03/20 09:46:09.129]                         )
[2025/03/20 09:46:09.129]     
[2025/03/20 09:46:09.129] >                       data = await async_receive_data_socket(conn, kms_context.bytes_needed)
[2025/03/20 09:46:09.129] pymongo/asynchronous/encryption.py:210:

https://spruce.mongodb.com/task/mongo_python_driver_encryption_pyopenssl_rhel8_python3.13_test_5.0_sharded_cluster_auth_ssl_sync_async_patch_e6e8650cc95314e742a30244b5db0239f5259f68_67dc42a6f9d7b80007ed886d_25_03_20_16_30_40/logs?execution=0&sortBy=STATUS&sortDir=ASC

FAILURE: AssertionError: "parse error" does not match "KMS request failed after 3 retries due to a network error, last attempt failed with: 127.0.0.1:9002: (11, 'EAGAIN') (configured timeouts: socketTimeoutMS: 20000.0ms, connectTimeoutMS: 20000.0ms)" ()
 [2025/03/20 09:41:51.206] self = <pymongo.asynchronous.encryption._EncryptionIO object at 0x7f14cd775f40>
 [2025/03/20 09:41:51.206] kms_context = <pymongocrypt.mongocrypt.MongoCryptKmsContext object at 0x7f14cd7424a0>
 [2025/03/20 09:41:51.206]     async def kms_request(self, kms_context: MongoCryptKmsContext) -> None:
 [2025/03/20 09:41:51.206]         """Complete a KMS request.
 [2025/03/20 09:41:51.206]     
 [2025/03/20 09:41:51.206]         :param kms_context: A :class:`MongoCryptKmsContext`.
 [2025/03/20 09:41:51.206]     
 [2025/03/20 09:41:51.206]         :return: None
 [2025/03/20 09:41:51.206]         """
 [2025/03/20 09:41:51.206]         endpoint = kms_context.endpoint
 [2025/03/20 09:41:51.206]         message = kms_context.message
 [2025/03/20 09:41:51.206]         provider = kms_context.kms_provider
 [2025/03/20 09:41:51.206]         ctx = self.opts._kms_ssl_contexts.get(provider)
 [2025/03/20 09:41:51.206]         if ctx is None:
 [2025/03/20 09:41:51.206]             # Enable strict certificate verification, OCSP, match hostname, and
 [2025/03/20 09:41:51.206]             # SNI using the system default CA certificates.
 [2025/03/20 09:41:51.206]             ctx = get_ssl_context(
 [2025/03/20 09:41:51.206]                 None,  # certfile
 [2025/03/20 09:41:51.206]                 None,  # passphrase
 [2025/03/20 09:41:51.206]                 None,  # ca_certs
 [2025/03/20 09:41:51.206]                 None,  # crlfile
 [2025/03/20 09:41:51.206]                 False,  # allow_invalid_certificates
 [2025/03/20 09:41:51.206]                 False,  # allow_invalid_hostnames
 [2025/03/20 09:41:51.206]                 False,  # disable_ocsp_endpoint_check
 [2025/03/20 09:41:51.206]             )
 [2025/03/20 09:41:51.206]         # CSOT: set timeout for socket creation.
 [2025/03/20 09:41:51.206]         connect_timeout = max(_csot.clamp_remaining(_KMS_CONNECT_TIMEOUT), 0.001)
 [2025/03/20 09:41:51.206]         opts = PoolOptions(
 [2025/03/20 09:41:51.206]             connect_timeout=connect_timeout,
 [2025/03/20 09:41:51.206]             socket_timeout=connect_timeout,
 [2025/03/20 09:41:51.206]             ssl_context=ctx,
 [2025/03/20 09:41:51.206]         )
 [2025/03/20 09:41:51.206]         address = parse_host(endpoint, _HTTPS_PORT)
 [2025/03/20 09:41:51.206]         sleep_u = kms_context.usleep
 [2025/03/20 09:41:51.206]         if sleep_u:
 [2025/03/20 09:41:51.206]             sleep_sec = float(sleep_u) / 1e6
 [2025/03/20 09:41:51.206]             await asyncio.sleep(sleep_sec)
 [2025/03/20 09:41:51.206]         try:
 [2025/03/20 09:41:51.206]             conn = await _connect_kms(address, opts)
 [2025/03/20 09:41:51.206]             try:
 [2025/03/20 09:41:51.206]                 await async_sendall(conn, message)
 [2025/03/20 09:41:51.206]                 while kms_context.bytes_needed > 0:
 [2025/03/20 09:41:51.206]                     # CSOT: update timeout.
 [2025/03/20 09:41:51.206]                     conn.settimeout(max(_csot.clamp_remaining(_KMS_CONNECT_TIMEOUT), 0))
 [2025/03/20 09:41:51.206]                     if _IS_SYNC:
 [2025/03/20 09:41:51.206]                         data = conn.recv(kms_context.bytes_needed)
 [2025/03/20 09:41:51.206]                     else:
 [2025/03/20 09:41:51.206]                         from pymongo.network_layer import (  # type: ignore[attr-defined]
 [2025/03/20 09:41:51.206]                             async_receive_data_socket,
 [2025/03/20 09:41:51.206]                         )
 [2025/03/20 09:41:51.206]     
 [2025/03/20 09:41:51.206] >                       data = await async_receive_data_socket(conn, kms_context.bytes_needed)
 [2025/03/20 09:41:51.206] pymongo/asynchronous/encryption.py:210:

https://spruce.mongodb.com/task/mongo_python_driver_encryption_pyopenssl_rhel8_python3.12_test_7.0_standalone_noauth_nossl_sync_async_patch_e6e8650cc95314e742a30244b5db0239f5259f68_67dc42a6f9d7b80007ed886d_25_03_20_16_30_40/logs?execution=0&sortBy=STATUS&sortDir=ASC

I suspect that the two failures are related because the assertion errors are failing with the same incorrect assertion

duplicates

PYTHON-5158 Async client mishandles EAGAIN when pyopenssl is installed

Closed

Details

Description

Attachments

Issue Links

Activity

People

Dates