PYTHON-2866 Setting tlsDisableOCSPEndpointCheck=false must enable OCSP endpoint check

(cherry picked from commit fe1d19d)

Author: prashantmital

pymongo/common.py

@@ -630,12 +630,14 @@ def validate_tzinfo(dummy, value):
     'tls': validate_boolean_or_string,
     'tlsallowinvalidcertificates': validate_allow_invalid_certs,
     'ssl_cert_reqs': validate_cert_reqs,
+    # Normalized to ssl_match_hostname which is the logical inverse of tlsallowinvalidhostnames
     'tlsallowinvalidhostnames': lambda *x: not validate_boolean_or_string(*x),
     'ssl_match_hostname': validate_boolean_or_string,
     'tlscafile': validate_readable,
     'tlscertificatekeyfile': validate_readable,
     'tlscertificatekeyfilepassword': validate_string_or_none,
-    'tlsdisableocspendpointcheck': validate_boolean_or_string,
+    # Normalized to ssl_check_ocsp_endpoint which is the logical inverse of tlsdisableocspendpointcheck
+    'tlsdisableocspendpointcheck': lambda *x: not validate_boolean_or_string(*x),
     'tlsinsecure': validate_boolean_or_string,
     'w': validate_non_negative_int_or_basestring,
     'wtimeoutms': validate_non_negative_integer,

test/test_uri_parser.py

@@ -479,6 +479,16 @@ def test_tlsinsecure_legacy_conflict(self):
         with self.assertRaises(InvalidURI):
             parse_uri(uri, validate=False, warn=False, normalize=False)
 
+    def test_tlsDisableOCSPEndpointCheck(self):
+        # check that tlsDisableOCSPEndpointCheck is handled correctly.
+        uri = "mongodb://example.com/?tlsDisableOCSPEndpointCheck=true"
+        res = {'ssl_check_ocsp_endpoint': False}
+        self.assertEqual(res, parse_uri(uri)["options"])
+
+        uri = "mongodb://example.com/?tlsDisableOCSPEndpointCheck=false"
+        res = {'ssl_check_ocsp_endpoint': True}
+        self.assertEqual(res, parse_uri(uri)["options"])
+
     def test_normalize_options(self):
         # check that options are converted to their internal names correctly.
         uri = ("mongodb://example.com/?tls=true&appname=myapp&maxPoolSize=10&"