From 74aee1c757df630ac93610ceaeff238cae5219be Mon Sep 17 00:00:00 2001
From: irwir <irwir@users.noreply.github.com>
Date: Sat, 21 Sep 2019 18:21:48 +0300
Subject: [PATCH 1/2] Remove non-working check from x509_get_subject_alt_name
 (#2802) FIx one comment.

Signed-off-by: irwir <irwir@users.noreply.github.com>
---
 library/x509_crt.c | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/library/x509_crt.c b/library/x509_crt.c
index 48f244e2e..7cf1653f8 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -645,10 +645,6 @@ static int x509_get_subject_alt_name( unsigned char **p,
         mbedtls_x509_subject_alternative_name dummy_san_buf;
         memset( &dummy_san_buf, 0, sizeof( dummy_san_buf ) );
 
-        if( ( end - *p ) < 1 )
-            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
-                    MBEDTLS_ERR_ASN1_OUT_OF_DATA );
-
         tag = **p;
         (*p)++;
         if( ( ret = mbedtls_asn1_get_len( p, end, &tag_len ) ) != 0 )
@@ -662,7 +658,7 @@ static int x509_get_subject_alt_name( unsigned char **p,
         }
 
         /*
-         * Check that the SAN are structured correct.
+         * Check that the SAN is structured correctly.
          */
         ret = mbedtls_x509_parse_subject_alt_name( &(cur->buf), &dummy_san_buf );
         /*

From d742a2416d3b37e34f051aeca37eb631e39695a6 Mon Sep 17 00:00:00 2001
From: irwir <irwir@users.noreply.github.com>
Date: Mon, 27 Apr 2020 18:02:46 +0300
Subject: [PATCH 2/2] Add changelog entry

Signed-off-by: irwir <irwir@users.noreply.github.com>
---
 ChangeLog.d/bugfix_PR2855.txt | 2 ++
 1 file changed, 2 insertions(+)
 create mode 100644 ChangeLog.d/bugfix_PR2855.txt

diff --git a/ChangeLog.d/bugfix_PR2855.txt b/ChangeLog.d/bugfix_PR2855.txt
new file mode 100644
index 000000000..a09732181
--- /dev/null
+++ b/ChangeLog.d/bugfix_PR2855.txt
@@ -0,0 +1,2 @@
+Bugfix
+   * Remove dead code in X.509 certificate parsing. Contributed by irwir in #2855.
\ No newline at end of file