<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 09:08:09 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[MONGOCRYPT-180] Erroneous warning for automatic encryption</title>
                <link>https://jira.mongodb.org/browse/MONGOCRYPT-180</link>
                <project id="17481" key="MONGOCRYPT">Libmongocrypt</project>
                    <description>&lt;p&gt;When a new MongoClient is created with auto_encryption_options that include a valid local schema, users get a spurious message: &quot;&lt;em&gt;WARNING local schema used but does not have encryption specifiers&lt;/em&gt;&quot;. Subsequent insert &amp;amp; find operations work as expected (automatic encryption is in fact occurring).&lt;/p&gt;

&lt;p&gt;Reproducible test case from (&lt;a href=&quot;https://jira.mongodb.org/browse/PYTHON-1983&quot; title=&quot;Default/compatible wheel missing for pymongocrypt on Ubuntu 18&quot; class=&quot;issue-link&quot; data-issue-key=&quot;PYTHON-1983&quot;&gt;&lt;del&gt;PYTHON-1983&lt;/del&gt;&lt;/a&gt;): &lt;a href=&quot;https://jira.mongodb.org/secure/attachment/231133/hello_fle_python.py&quot; class=&quot;external-link&quot; rel=&quot;nofollow&quot;&gt;https://jira.mongodb.org/secure/attachment/231133/hello_fle_python.py&lt;/a&gt;&lt;/p&gt;

&lt;p/&gt;
&lt;div id=&quot;syntaxplugin&quot; class=&quot;syntaxplugin&quot; style=&quot;border: 1px dashed #bbb; border-radius: 5px !important; overflow: auto; max-height: 30em;&quot;&gt;
&lt;table cellspacing=&quot;0&quot; cellpadding=&quot;0&quot; border=&quot;0&quot; width=&quot;100%&quot; style=&quot;font-size: 1em; line-height: 1.4em !important; font-weight: normal; font-style: normal; color: black;&quot;&gt;
		&lt;tbody &gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;  margin-top: 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;$ python hello_fle_python.py&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: #009900; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;1.0&lt;/span&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;.&lt;/span&gt;&lt;span style=&quot;color: #009900; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;0&lt;/span&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;-beta4&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;WARNING local schema used but does not have encryption specifiers&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;WARNING local schema used but does not have encryption specifiers&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;WARNING local schema used but does not have encryption specifiers&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   margin-bottom: 10px;  width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;Encrypted insert &amp;amp; find succeeded.&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
			&lt;/tbody&gt;
&lt;/table&gt;
&lt;/div&gt;
&lt;p/&gt;

&lt;p&gt;This warning should only display when a local schema was specified but lacked any encrypt properties in the json schema.&lt;/p&gt;</description>
                <environment>Observed on Ubuntu and MacOS</environment>
        <key id="932952">MONGOCRYPT-180</key>
            <summary>Erroneous warning for automatic encryption</summary>
                <type id="1" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14703&amp;avatarType=issuetype">Bug</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="13201">Fixed</resolution>
                                        <assignee username="kevin.albertson@mongodb.com">Kevin Albertson</assignee>
                                    <reporter username="kenneth.white@mongodb.com">Kenneth White</reporter>
                        <labels>
                            <label>fle-ga</label>
                    </labels>
                <created>Thu, 19 Sep 2019 22:25:04 +0000</created>
                <updated>Sat, 28 Oct 2023 10:25:20 +0000</updated>
                            <resolved>Wed, 16 Oct 2019 22:10:19 +0000</resolved>
                                                    <fixVersion>1.0.0-rc0</fixVersion>
                                                        <votes>0</votes>
                                    <watches>5</watches>
                                                                                                                <comments>
                            <comment id="2485827" author="xgen-internal-githook" created="Wed, 16 Oct 2019 21:49:47 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;name&apos;: &apos;Kevin Albertson&apos;, &apos;username&apos;: &apos;kevinAlbs&apos;, &apos;email&apos;: &apos;kevin.albertson@mongodb.com&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/MONGOCRYPT-180&quot; title=&quot;Erroneous warning for automatic encryption&quot; class=&quot;issue-link&quot; data-issue-key=&quot;MONGOCRYPT-180&quot;&gt;&lt;del&gt;MONGOCRYPT-180&lt;/del&gt;&lt;/a&gt; do not warn if empty schema has no encrypt specifiers&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/libmongocrypt/commit/713aaeea7831f5d19bab491a22fb00f9d6208c35&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/libmongocrypt/commit/713aaeea7831f5d19bab491a22fb00f9d6208c35&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="2473284" author="kenneth.white" created="Wed, 9 Oct 2019 06:55:32 +0000"  >&lt;p&gt;Consistently reproducing on Node as well. See output here (line 22 of the last file):&lt;/p&gt;

&lt;p&gt;&lt;a href=&quot;https://gist.github.com/kennwhite/5bb40f40e1e1b80a62f7601a8d765658#file-sample_output-txt-L22&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://gist.github.com/kennwhite/5bb40f40e1e1b80a62f7601a8d765658#file-sample_output-txt-L22&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;cc +&lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=daniel.aprahamian&quot; class=&quot;user-hover&quot; rel=&quot;daniel.aprahamian&quot;&gt;daniel.aprahamian&lt;/a&gt;&#160;&lt;/p&gt;</comment>
                            <comment id="2427032" author="kevin.albertson" created="Fri, 20 Sep 2019 20:31:25 +0000"  >&lt;p&gt;Agreed, I believe this is a problem in libmongocrypt. I believe &lt;a href=&quot;https://github.com/mongodb/libmongocrypt/blob/b34546630ed774cdc59aca2791d2ae6aa0e3aa7c/src/mongocrypt-ctx-encrypt.c#L213&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;this condition&lt;/a&gt; should be negated. I&apos;m moving this to MONGOCRYPT.&lt;/p&gt;</comment>
                            <comment id="2427002" author="shane.harvey" created="Fri, 20 Sep 2019 20:19:33 +0000"  >&lt;p&gt;Note I believe that pymongo is acting according to the spec and all drivers will have this same behavior.&lt;/p&gt;</comment>
                            <comment id="2426999" author="shane.harvey" created="Fri, 20 Sep 2019 20:16:49 +0000"  >&lt;p&gt;This log line is being printed by libmongocrypt here:&#160;&lt;a href=&quot;https://github.com/mongodb/libmongocrypt/blob/b34546630ed774cdc59aca2791d2ae6aa0e3aa7c/src/mongocrypt-ctx-encrypt.c#L217&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/libmongocrypt/blob/b34546630ed774cdc59aca2791d2ae6aa0e3aa7c/src/mongocrypt-ctx-encrypt.c#L217&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;The reason this line is reached even though the &quot;demoFLE.peoplePy&quot; collection has encryption specifiers is a bit convoluted. The first attempt to auto encrypt an operation on the &quot;demoFLE.peoplePy&quot; collection causes libmongocrypt to request a key document from the key vault collection &quot;demoFLE.keystore2&quot; (the MONGOCRYPT_CTX_NEED_MONGO_KEYS state).  By default the key vault collection uses the same MongoClient on which auto-encryption is enabled so this find operation will also  be auto-encrypted. It is when marking this &quot;find&quot; that libmongocrypt prints the message: &quot;WARNING local schema used but does not have encryption specifiers&quot;&lt;/p&gt;

&lt;p&gt;I also see this behavior in pymongo&apos;s tests and adding some extra logging confirms the above. Here we can see that the pymongo auto encrypts the key vault find operation:&lt;/p&gt;
&lt;p/&gt;
&lt;div id=&quot;syntaxplugin&quot; class=&quot;syntaxplugin&quot; style=&quot;border: 1px dashed #bbb; border-radius: 5px !important; overflow: auto; max-height: 30em;&quot;&gt;
&lt;table cellspacing=&quot;0&quot; cellpadding=&quot;0&quot; border=&quot;0&quot; width=&quot;100%&quot; style=&quot;font-size: 1em; line-height: 1.4em !important; font-weight: normal; font-style: normal; color: black;&quot;&gt;
		&lt;tbody &gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;  margin-top: 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;$ python setup.py test -s &apos;test.test_encryption.TestClientSimple.test_auto_encrypt_local_schema_map&apos;&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;...&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;START fetch_keys:  {&apos;$or&apos;: [{&apos;_id&apos;: {&apos;$in&apos;: [UUID(&apos;61616161-6161-6161-6161-616161616161&apos;)]}}, {&apos;keyAltNames&apos;: {&apos;$in&apos;: []}}]}&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;MARK_COMMAND_RESPONSE: {&apos;hasEncryptionPlaceholders&apos;: False, &apos;schemaRequiresEncryption&apos;: False, &apos;result&apos;: {&apos;find&apos;: &apos;datakeys&apos;, &apos;filter&apos;: {&apos;$or&apos;: [{&apos;_id&apos;: {&apos;$in&apos;: [UUID(&apos;61616161-6161-6161-6161-616161616161&apos;)]}}, {&apos;keyAltNames&apos;: {&apos;$in&apos;: []}}]}, &apos;readConcern&apos;: {&apos;level&apos;: &apos;majority&apos;}, &apos;lsid&apos;: {&apos;id&apos;: UUID(&apos;09841a3c-2df0-4ca9-9c67-4def8e030096&apos;)}, &apos;$clusterTime&apos;: {&apos;clusterTime&apos;: Timestamp(1569009286, 1), &apos;signature&apos;: {&apos;hash&apos;: b&apos;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00&apos;, &apos;keyId&apos;: 0}}, &apos;$readPreference&apos;: {&apos;mode&apos;: &apos;primaryPreferred&apos;}}, &apos;ok&apos;: 1.0}&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;WARNING local schema used but does not have encryption specifiers&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   margin-bottom: 10px;  width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;END fetch_keys &lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
			&lt;/tbody&gt;
&lt;/table&gt;
&lt;/div&gt;
&lt;p/&gt;

&lt;p&gt;To avoid seeing this error you can use an unencrypted mongo client for the key_vault_client. If we want to avoid this warning by default I think we&apos;ll need to change libmongocrypt to be more intelligent in this situation. Perhaps it can suppress this message when the collection being marked is a key vault operation?&lt;/p&gt;</comment>
                    </comments>
                    <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                                                                                                                                            <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hr6nh3:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                </customfields>
    </item>
</channel>
</rss>