From 003b41ef06d17ad7b2b9529abc4918239264c4ed Mon Sep 17 00:00:00 2001
From: Kevin Albertson <kevin.albertson@mongodb.com>
Date: Wed, 17 Dec 2025 12:38:30 -0500
Subject: [PATCH] PYTHON-5677 Prevent ClientEncryption from loading crypt
 shared library

---
 doc/changelog.rst                  | 3 +++
 pymongo/asynchronous/encryption.py | 5 ++++-
 pymongo/synchronous/encryption.py  | 5 ++++-
 3 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/doc/changelog.rst b/doc/changelog.rst
index a2a8f6c211..b2fc239e08 100644
--- a/doc/changelog.rst
+++ b/doc/changelog.rst
@@ -17,6 +17,9 @@ PyMongo 4.16 brings a number of changes including:
 - Fixed return type annotation for ``find_one_and_*`` methods on :class:`~pymongo.asynchronous.collection.AsyncCollection`
   and :class:`~pymongo.synchronous.collection.Collection` to include ``None``.
 - Added support for NumPy 1D-arrays in :class:`bson.binary.BinaryVector`.
+- Prevented :class:`~pymongo.encryption.ClientEncryption` from loading the crypt
+  shared library to fix "MongoCryptError: An existing crypt_shared library is
+  loaded by the application" unless the linked library search path is set.
 
 Changes in Version 4.15.5 (2025/XX/XX)
 --------------------------------------
diff --git a/pymongo/asynchronous/encryption.py b/pymongo/asynchronous/encryption.py
index 4dfd36aa49..c7779a3e31 100644
--- a/pymongo/asynchronous/encryption.py
+++ b/pymongo/asynchronous/encryption.py
@@ -717,7 +717,10 @@ def __init__(
         self._encryption = AsyncExplicitEncrypter(
             self._io_callbacks,
             _create_mongocrypt_options(
-                kms_providers=kms_providers, schema_map=None, key_expiration_ms=key_expiration_ms
+                kms_providers=kms_providers,
+                schema_map=None,
+                key_expiration_ms=key_expiration_ms,
+                bypass_encryption=True,  # Don't load crypt_shared
             ),
         )
         # Use the same key vault collection as the callback.
diff --git a/pymongo/synchronous/encryption.py b/pymongo/synchronous/encryption.py
index 2d666b9763..051e6e7a5d 100644
--- a/pymongo/synchronous/encryption.py
+++ b/pymongo/synchronous/encryption.py
@@ -710,7 +710,10 @@ def __init__(
         self._encryption = ExplicitEncrypter(
             self._io_callbacks,
             _create_mongocrypt_options(
-                kms_providers=kms_providers, schema_map=None, key_expiration_ms=key_expiration_ms
+                kms_providers=kms_providers,
+                schema_map=None,
+                key_expiration_ms=key_expiration_ms,
+                bypass_encryption=True,  # Don't load crypt_shared
             ),
         )
         # Use the same key vault collection as the callback.