@@ -90,11 +90,11 @@ def get_ssl_context(
9090 ) -> Union [_pyssl .SSLContext , _ssl .SSLContext ]: # type: ignore[name-defined]
9191 """Create and return an SSLContext object."""
9292 if is_sync and HAVE_PYSSL :
93- _ssl : types .ModuleType = _pyssl
93+ ssl : types .ModuleType = _pyssl
9494 else :
95- _ssl = globals ()[ " _ssl" ]
95+ ssl = _ssl
9696 verify_mode = CERT_NONE if allow_invalid_certificates else CERT_REQUIRED
97- ctx = _ssl .SSLContext (_ssl .PROTOCOL_SSLv23 )
97+ ctx = ssl .SSLContext (ssl .PROTOCOL_SSLv23 )
9898 if verify_mode != CERT_NONE :
9999 ctx .check_hostname = not allow_invalid_hostnames
100100 else :
@@ -106,20 +106,20 @@ def get_ssl_context(
106106 # up to date versions of MongoDB 2.4 and above already disable
107107 # SSLv2 and SSLv3, python disables SSLv2 by default in >= 2.7.7
108108 # and >= 3.3.4 and SSLv3 in >= 3.4.3.
109- ctx .options |= _ssl .OP_NO_SSLv2
110- ctx .options |= _ssl .OP_NO_SSLv3
111- ctx .options |= _ssl .OP_NO_COMPRESSION
112- ctx .options |= _ssl .OP_NO_RENEGOTIATION
109+ ctx .options |= ssl .OP_NO_SSLv2
110+ ctx .options |= ssl .OP_NO_SSLv3
111+ ctx .options |= ssl .OP_NO_COMPRESSION
112+ ctx .options |= ssl .OP_NO_RENEGOTIATION
113113 if certfile is not None :
114114 try :
115115 ctx .load_cert_chain (certfile , None , passphrase )
116- except _ssl .SSLError as exc :
116+ except ssl .SSLError as exc :
117117 raise ConfigurationError (f"Private key doesn't match certificate: { exc } ) from None
118118 if crlfile is not None :
119- if _ssl .IS_PYOPENSSL :
119+ if ssl .IS_PYOPENSSL :
120120 raise ConfigurationError ("tlsCRLFile cannot be used with PyOpenSSL" )
121121 # Match the server's behavior.
122- ctx .verify_flags = getattr (_ssl , "VERIFY_CRL_CHECK_LEAF" , 0 )
122+ ctx .verify_flags = getattr (ssl , "VERIFY_CRL_CHECK_LEAF" , 0 )
123123 ctx .load_verify_locations (crlfile )
124124 if ca_certs is not None :
125125 ctx .load_verify_locations (ca_certs )
0 commit comments