From a188ae5ac55c4f9564d7590c827be9a7eb9afba4 Mon Sep 17 00:00:00 2001
From: Maximilian Hils <git@maximilianhils.com>
Date: Tue, 2 Feb 2016 18:15:55 +0100
Subject: [PATCH] allow creation of certs without CN

---
 netlib/certutils.py    |  5 ++++-
 test/test_certutils.py | 20 ++++++++++++++------
 2 files changed, 18 insertions(+), 7 deletions(-)

diff --git a/netlib/certutils.py b/netlib/certutils.py
index e6d71c390..a0111381c 100644
--- a/netlib/certutils.py
+++ b/netlib/certutils.py
@@ -101,7 +101,8 @@ def dummy_cert(privkey, cacert, commonname, sans):
     cert.gmtime_adj_notBefore(-3600 * 48)
     cert.gmtime_adj_notAfter(DEFAULT_EXP)
     cert.set_issuer(cacert.get_subject())
-    cert.get_subject().CN = commonname
+    if commonname is not None:
+        cert.get_subject().CN = commonname
     cert.set_serial_number(int(time.time() * 10000))
     if ss:
         cert.set_version(2)
@@ -294,6 +295,8 @@ class CertStore(object):
 
     @staticmethod
     def asterisk_forms(dn):
+        if dn is None:
+            return []
         parts = dn.split(b".")
         parts.reverse()
         curr_dn = b""
diff --git a/test/test_certutils.py b/test/test_certutils.py
index 991d59d6c..027dcc93a 100644
--- a/test/test_certutils.py
+++ b/test/test_certutils.py
@@ -41,8 +41,12 @@ class TestCertStore:
             ca2 = certutils.CertStore.from_store(d, "test")
             assert ca2.get_cert(b"foo", [])
 
-            assert ca.default_ca.get_serial_number(
-            ) == ca2.default_ca.get_serial_number()
+            assert ca.default_ca.get_serial_number() == ca2.default_ca.get_serial_number()
+
+    def test_create_no_common_name(self):
+        with tutils.tmpdir() as d:
+            ca = certutils.CertStore.from_store(d, "test")
+            assert ca.get_cert(None, [])[0].cn is None
 
     def test_create_tmp(self):
         with tutils.tmpdir() as d:
@@ -54,10 +58,6 @@ class TestCertStore:
             r = ca.get_cert(b"*.foo.com", [])
             assert r[1] == ca.default_privatekey
 
-    def test_add_cert(self):
-        with tutils.tmpdir() as d:
-            certutils.CertStore.from_store(d, "test")
-
     def test_sans(self):
         with tutils.tmpdir() as d:
             ca = certutils.CertStore.from_store(d, "test")
@@ -105,6 +105,14 @@ class TestDummyCert:
             )
             assert r.cn == b"foo.com"
 
+            r = certutils.dummy_cert(
+                ca.default_privatekey,
+                ca.default_ca,
+                None,
+                []
+            )
+            assert r.cn is None
+
 
 class TestSSLCert: