From 511bc8c57b2f1e89cce28440fa97cf49860646be Mon Sep 17 00:00:00 2001
From: Nicola Di Lieto <nicola.dilieto@gmail.com>
Date: Tue, 23 Jun 2020 00:15:28 +0200
Subject: [PATCH] add comment about potential future extension

as requested, see
https://github.com/ARMmbed/mbedtls/pull/3419#discussion_r443836568

Signed-off-by: Nicola Di Lieto <nicola.dilieto@gmail.com>
---
 include/mbedtls/x509_crt.h | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h
index 038d2114e..ab0d0cdbc 100644
--- a/include/mbedtls/x509_crt.h
+++ b/include/mbedtls/x509_crt.h
@@ -311,6 +311,8 @@ int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain,
  *                 it encounters either an unsupported extension or a
  *                 "certificate policies" extension containing any
  *                 unsupported certificate policies.
+ *                 Future versions of the library may invoke the callback
+ *                 in other cases, if and when the need arises.
  *
  * \param p_ctx    An opaque context passed to the callback.
  * \param crt      The certificate being parsed.
@@ -372,6 +374,8 @@ typedef int (*mbedtls_x509_crt_ext_cb_t)( void *p_ctx,
  *                   When the callback fails to parse a non critical extension
  *                   mbedtls_x509_crt_parse_der_with_ext_cb() simply skips
  *                   the extension and continues parsing.
+ *                   Future versions of the library may invoke the callback
+ *                   in other cases, if and when the need arises.
  *
  * \return           \c 0 if successful.
  * \return           A negative error code on failure.