From 639cbeb7d02801b79429f17f9cd55dad09e962f6 Mon Sep 17 00:00:00 2001
From: Brad Warren <bradmw@umich.edu>
Date: Thu, 7 Jan 2016 21:11:09 -0500
Subject: [PATCH] sans_text_dump_comment += 1

---
 acme/acme/crypto_util.py | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/acme/acme/crypto_util.py b/acme/acme/crypto_util.py
index a25819cf5..a1a1be73b 100644
--- a/acme/acme/crypto_util.py
+++ b/acme/acme/crypto_util.py
@@ -160,6 +160,12 @@ def _pyopenssl_cert_or_req_san(cert_or_req):
     :rtype: `list` of `unicode`
 
     """
+    # This function finds SANs by dumping the certificate/CSR to text and
+    # searching for "X509v3 Subject Alternative Name" in the text. This method
+    # is used to support PyOpenSSL version 0.13 where the
+    # `_subjectAltNameString` and `get_extensions` methods are not available
+    # for CSRs.
+
     # constants based on PyOpenSSL certificate/CSR text dump
     part_separator = ":"
     parts_separator = ", "
@@ -169,7 +175,6 @@ def _pyopenssl_cert_or_req_san(cert_or_req):
         func = OpenSSL.crypto.dump_certificate
     else:
         func = OpenSSL.crypto.dump_certificate_request
-    # This method of finding SANs is used to support PyOpenSSL version 0.13.
     text = func(OpenSSL.crypto.FILETYPE_TEXT, cert_or_req).decode("utf-8")
     # WARNING: this function does not support multiple SANs extensions.
     # Multiple X509v3 extensions of the same type is disallowed by RFC 5280.