fix(mongodb_common): Use SSL constants (#620)

When the connection options are being renamed to be compatible with PyMongo 4+, the SSL options come with constants from the `ssl` module instead of string. If `CERT_NONE` is used, the `tlsAllowInvalidCertificates` should be enabled. Signed-off-by: Julien Riou <[email protected]>
ansible-collections · Dec 27, 2023 · 0bd55f0 · 0bd55f0
1 parent 02e5981
commit 0bd55f0
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/plugins/module_utils/mongodb_common.py b/plugins/module_utils/mongodb_common.py
@@ -168,9 +168,9 @@ def rename_ssl_option_for_pymongo4(connection_options):
     when the driver use is >= PyMongo 4
     """
     if int(PyMongoVersion[0]) >= 4:
-        if connection_options.get('ssl_cert_reqs', None) == 'CERT_NONE':
-            connection_options['tlsAllowInvalidCertificates'] = False
-        elif connection_options.get('ssl_cert_reqs', None) == 'CERT_REQUIRED':
+        if connection_options.get('ssl_cert_reqs', None) in ('CERT_NONE', ssl_lib.CERT_NONE):
+            connection_options['tlsAllowInvalidCertificates'] = True
+        elif connection_options.get('ssl_cert_reqs', None) in ('CERT_REQUIRED', ssl_lib.CERT_REQUIRED):
             connection_options['tlsAllowInvalidCertificates'] = False
         connection_options.pop('ssl_cert_reqs', None)
         if connection_options.get('ssl_ca_certs', None) is not None: