email-oauth2-proxy: sometimes doesn't recover from network errors on Linux

Yes, the fix for the exception loop should be made regardless; it’s not related to this ticket, but it does look like a bug.

Re the proposed change, this would probably not help as all name resolution is broken at this point in glibc. I spent some time in its bowels and got this far:

https://sourceware.org/pipermail/libc-alpha/2024-March/155234.html

To my eyes this is a plain glibc bug but we’ll see.

I’m running a chattier, fatal version of the above (since I want to catch it to prove the theory). It may take a long time to see it though.

I think you need to still re-raise the exception if you’ve run out of “a” to try BTW

Nope! Feel free to close. It’s either your theory above, or I’ve just been lucky. Either way I can file a new one if needed. Thanks!

I’ve been watching like a hawk for problems since filing this ticket and predictably it’s behaved flawlessly. Nonetheless, I’ve updated to include that change. If I can reproduce any issue again I’ll update.

I don’t know offhand of any such API on Linux. Python itself shouldn’t be caching DNS, I don’t think.

Since this only happens sometimes, I’m going to try strace() to see if I can winkle out the circumstances. It’s definitely related to VPN teardown, but happens (sometimes) even when DNS is pointing at the right server again.