From d545f9e93f78673a60b82fcee9c9e96f3a5e02db Mon Sep 17 00:00:00 2001
From: Jarrod Johnson <jbjohnso@us.ibm.com>
Date: Wed, 2 Jul 2014 10:08:37 -0400
Subject: [PATCH] Revert "Fix assertion failure on certs without
 subjectAltName"

This reverts commit e217322f39ae18f0a9976d8c23bb1661f9966d5f.
---
 src/net/tls.c | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

diff --git a/src/net/tls.c b/src/net/tls.c
index 32f3b9ea..c7964728 100644
--- a/src/net/tls.c
+++ b/src/net/tls.c
@@ -2445,15 +2445,14 @@ static int tls_validator_name( struct tls_session *tls, struct x509_certificate
 	if ( ( cert->subject.name == NULL ) && ( !cert->extensions.subject_alt_name.present ) ) {
 		return -1;
 	}
-	if ( cert->extensions.subject_alt_name.present ) {
-		struct x509_san_link* link;
-		list_for_each_entry ( link, &cert->extensions.subject_alt_name.names, list ) {
-			/* If the name matches, return 0, otherwise, continue */
-			if ( dns_wildcard_matcher ( tls->name, link->name ) == 0) {
-				return 0;
-			}
+	struct x509_san_link* link;
+	list_for_each_entry ( link, &cert->extensions.subject_alt_name.names, list ) {
+		/* If the name matches, return 0, otherwise, continue */
+		if ( dns_wildcard_matcher ( tls->name, link->name ) == 0) {
+			return 0;
 		}
-    } else {
+	}
+	if ( !cert->extensions.subject_alt_name.present ) {
 		return dns_wildcard_matcher ( tls->name, cert->subject.name );
 	}
 	return -1;