PYTHON-5014 Fix handling of async socket errors in kms request (#2054)
This commit is contained in:
Steven Silvester
GitHub
parent
6c9a20a49d
commit
493fc2ab3e
@ -219,7 +219,14 @@ class _EncryptionIO(AsyncMongoCryptCallback): # type: ignore[misc]
|
||||
# Wrap I/O errors in PyMongo exceptions.
|
||||
if isinstance(exc, BLOCKING_IO_ERRORS):
|
||||
exc = socket.timeout("timed out")
|
||||
_raise_connection_failure(address, exc, timeout_details=_get_timeout_details(opts))
|
||||
# Async raises an OSError instead of returning empty bytes.
|
||||
if isinstance(exc, OSError):
|
||||
msg_prefix = "KMS connection closed"
|
||||
else:
|
||||
msg_prefix = None
|
||||
_raise_connection_failure(
|
||||
address, exc, msg_prefix=msg_prefix, timeout_details=_get_timeout_details(opts)
|
||||
)
|
||||
finally:
|
||||
conn.close()
|
||||
except MongoCryptError:
|
||||
|
||||
@ -219,7 +219,14 @@ class _EncryptionIO(MongoCryptCallback): # type: ignore[misc]
|
||||
# Wrap I/O errors in PyMongo exceptions.
|
||||
if isinstance(exc, BLOCKING_IO_ERRORS):
|
||||
exc = socket.timeout("timed out")
|
||||
_raise_connection_failure(address, exc, timeout_details=_get_timeout_details(opts))
|
||||
# Async raises an OSError instead of returning empty bytes.
|
||||
if isinstance(exc, OSError):
|
||||
msg_prefix = "KMS connection closed"
|
||||
else:
|
||||
msg_prefix = None
|
||||
_raise_connection_failure(
|
||||
address, exc, msg_prefix=msg_prefix, timeout_details=_get_timeout_details(opts)
|
||||
)
|
||||
finally:
|
||||
conn.close()
|
||||
except MongoCryptError:
|
||||
|
||||
@ -2162,7 +2162,8 @@ class TestKmsTLSOptions(AsyncEncryptionIntegrationTest):
|
||||
# 127.0.0.1:9001: ('Certificate does not contain any `subjectAltName`s.',)
|
||||
key["endpoint"] = "127.0.0.1:9001"
|
||||
with self.assertRaisesRegex(
|
||||
EncryptionError, "IP address mismatch|wronghost|IPAddressMismatch|Certificate"
|
||||
EncryptionError,
|
||||
"IP address mismatch|wronghost|IPAddressMismatch|Certificate|SSL handshake failed",
|
||||
):
|
||||
await self.client_encryption_invalid_hostname.create_data_key("aws", key)
|
||||
|
||||
@ -2179,7 +2180,8 @@ class TestKmsTLSOptions(AsyncEncryptionIntegrationTest):
|
||||
await self.client_encryption_expired.create_data_key("azure", key)
|
||||
# Invalid cert hostname error.
|
||||
with self.assertRaisesRegex(
|
||||
EncryptionError, "IP address mismatch|wronghost|IPAddressMismatch|Certificate"
|
||||
EncryptionError,
|
||||
"IP address mismatch|wronghost|IPAddressMismatch|Certificate|SSL handshake failed",
|
||||
):
|
||||
await self.client_encryption_invalid_hostname.create_data_key("azure", key)
|
||||
|
||||
@ -2196,7 +2198,8 @@ class TestKmsTLSOptions(AsyncEncryptionIntegrationTest):
|
||||
await self.client_encryption_expired.create_data_key("gcp", key)
|
||||
# Invalid cert hostname error.
|
||||
with self.assertRaisesRegex(
|
||||
EncryptionError, "IP address mismatch|wronghost|IPAddressMismatch|Certificate"
|
||||
EncryptionError,
|
||||
"IP address mismatch|wronghost|IPAddressMismatch|Certificate|SSL handshake failed",
|
||||
):
|
||||
await self.client_encryption_invalid_hostname.create_data_key("gcp", key)
|
||||
|
||||
@ -2210,7 +2213,8 @@ class TestKmsTLSOptions(AsyncEncryptionIntegrationTest):
|
||||
await self.client_encryption_expired.create_data_key("kmip")
|
||||
# Invalid cert hostname error.
|
||||
with self.assertRaisesRegex(
|
||||
EncryptionError, "IP address mismatch|wronghost|IPAddressMismatch|Certificate"
|
||||
EncryptionError,
|
||||
"IP address mismatch|wronghost|IPAddressMismatch|Certificate|SSL handshake failed",
|
||||
):
|
||||
await self.client_encryption_invalid_hostname.create_data_key("kmip")
|
||||
|
||||
|
||||
@ -2154,7 +2154,8 @@ class TestKmsTLSOptions(EncryptionIntegrationTest):
|
||||
# 127.0.0.1:9001: ('Certificate does not contain any `subjectAltName`s.',)
|
||||
key["endpoint"] = "127.0.0.1:9001"
|
||||
with self.assertRaisesRegex(
|
||||
EncryptionError, "IP address mismatch|wronghost|IPAddressMismatch|Certificate"
|
||||
EncryptionError,
|
||||
"IP address mismatch|wronghost|IPAddressMismatch|Certificate|SSL handshake failed",
|
||||
):
|
||||
self.client_encryption_invalid_hostname.create_data_key("aws", key)
|
||||
|
||||
@ -2171,7 +2172,8 @@ class TestKmsTLSOptions(EncryptionIntegrationTest):
|
||||
self.client_encryption_expired.create_data_key("azure", key)
|
||||
# Invalid cert hostname error.
|
||||
with self.assertRaisesRegex(
|
||||
EncryptionError, "IP address mismatch|wronghost|IPAddressMismatch|Certificate"
|
||||
EncryptionError,
|
||||
"IP address mismatch|wronghost|IPAddressMismatch|Certificate|SSL handshake failed",
|
||||
):
|
||||
self.client_encryption_invalid_hostname.create_data_key("azure", key)
|
||||
|
||||
@ -2188,7 +2190,8 @@ class TestKmsTLSOptions(EncryptionIntegrationTest):
|
||||
self.client_encryption_expired.create_data_key("gcp", key)
|
||||
# Invalid cert hostname error.
|
||||
with self.assertRaisesRegex(
|
||||
EncryptionError, "IP address mismatch|wronghost|IPAddressMismatch|Certificate"
|
||||
EncryptionError,
|
||||
"IP address mismatch|wronghost|IPAddressMismatch|Certificate|SSL handshake failed",
|
||||
):
|
||||
self.client_encryption_invalid_hostname.create_data_key("gcp", key)
|
||||
|
||||
@ -2202,7 +2205,8 @@ class TestKmsTLSOptions(EncryptionIntegrationTest):
|
||||
self.client_encryption_expired.create_data_key("kmip")
|
||||
# Invalid cert hostname error.
|
||||
with self.assertRaisesRegex(
|
||||
EncryptionError, "IP address mismatch|wronghost|IPAddressMismatch|Certificate"
|
||||
EncryptionError,
|
||||
"IP address mismatch|wronghost|IPAddressMismatch|Certificate|SSL handshake failed",
|
||||
):
|
||||
self.client_encryption_invalid_hostname.create_data_key("kmip")
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user