From 824155743fe3087bb2b2116ad3a8a363f550f9ab Mon Sep 17 00:00:00 2001
From: Marti Raudsepp <marti@juffo.org>
Date: Tue, 18 Dec 2018 01:26:40 +0200
Subject: Remove spaces from RFC 4514 strings for better compliance (#4643)
 (#4646)

RFC 4514 does not explicitly allow whitespace between separators:
https://tools.ietf.org/html/rfc4514

Reported-by: David Arnold <dar@xoe.solutions>
---
 docs/x509/reference.rst       | 6 +++---
 src/cryptography/x509/name.py | 2 +-
 tests/x509/test_x509.py       | 8 ++++----
 3 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/docs/x509/reference.rst b/docs/x509/reference.rst
index ac6bbcdc..6b2f74cf 100644
--- a/docs/x509/reference.rst
+++ b/docs/x509/reference.rst
@@ -583,7 +583,7 @@ X.509 CRL (Certificate Revocation List) Object
         .. doctest::
 
             >>> crl.issuer
-            <Name(C=US, CN=cryptography.io)>
+            <Name(C=US,CN=cryptography.io)>
 
     .. attribute:: next_update
 
@@ -1194,7 +1194,7 @@ X.509 CSR (Certificate Signing Request) Builder Object
     get every attribute or you can use :meth:`Name.get_attributes_for_oid` to
     obtain the specific type you want. Names are sometimes represented as a
     slash or comma delimited string (e.g. ``/CN=mydomain.com/O=My Org/C=US`` or
-    ``CN=mydomain.com, O=My Org, C=US``).
+    ``CN=mydomain.com,O=My Org,C=US``).
 
     Technically, a Name is a list of *sets* of attributes, called *Relative
     Distinguished Names* or *RDNs*, although multi-valued RDNs are rarely
@@ -1251,7 +1251,7 @@ X.509 CSR (Certificate Signing Request) Builder Object
         .. versionadded:: 2.5
 
         :return str: Format the given name as a `RFC 4514`_ Distinguished Name
-            string, for example ``CN=mydomain.com, O=My Org, C=US``.
+            string, for example ``CN=mydomain.com,O=My Org,C=US``.
 
 
 .. class:: Version
diff --git a/src/cryptography/x509/name.py b/src/cryptography/x509/name.py
index 470862c2..026b79c2 100644
--- a/src/cryptography/x509/name.py
+++ b/src/cryptography/x509/name.py
@@ -218,7 +218,7 @@ class Name(object):
         elements are separated by '+'. The latter is almost never used in
         real world certificates.
         """
-        return ', '.join(attr.rfc4514_string() for attr in self._attributes)
+        return ','.join(attr.rfc4514_string() for attr in self._attributes)
 
     def get_attributes_for_oid(self, oid):
         return [i for i in self if i.oid == oid]
diff --git a/tests/x509/test_x509.py b/tests/x509/test_x509.py
index f4520811..1d483ac2 100644
--- a/tests/x509/test_x509.py
+++ b/tests/x509/test_x509.py
@@ -1139,8 +1139,8 @@ class TestRSACertificate(object):
             backend
         )
         assert repr(cert) == (
-            "<Certificate(subject=<Name(OU=GT48742965, OU=See www.rapidssl.com"
-            "/resources/cps (c)14, OU=Domain Control Validated - RapidSSL(R), "
+            "<Certificate(subject=<Name(OU=GT48742965,OU=See www.rapidssl.com"
+            "/resources/cps (c)14,OU=Domain Control Validated - RapidSSL(R),"
             "CN=www.cryptography.io)>, ...)>"
         )
 
@@ -4113,7 +4113,7 @@ class TestName(object):
             x509.NameAttribute(NameOID.ORGANIZATION_NAME, u'PyCA'),
         ])
 
-        assert repr(name) == "<Name(CN=cryptography.io, O=PyCA)>"
+        assert repr(name) == "<Name(CN=cryptography.io,O=PyCA)>"
 
     def test_rfc4514_string(self):
         n = x509.Name([
@@ -4129,7 +4129,7 @@ class TestName(object):
             ]),
         ])
         assert (n.rfc4514_string() ==
-                'OU=Sales+CN=J.  Smith, DC=example, DC=net')
+                'OU=Sales+CN=J.  Smith,DC=example,DC=net')
 
     def test_not_nameattribute(self):
         with pytest.raises(TypeError):
-- 
cgit v1.2.3