From e02da8ea72ca335922a04f88a8cacd9aa6688537 Mon Sep 17 00:00:00 2001
From: lzc256 <lzc256@noreply.git.lzc256.com>
Date: Mon, 10 Jul 2023 18:43:34 +0800
Subject: [PATCH] =?UTF-8?q?=E6=9B=B4=E6=96=B0=20cmd/derper/cert.go?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 cmd/derper/cert.go | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/cmd/derper/cert.go b/cmd/derper/cert.go
index 6851ef610..15d9df4c7 100644
--- a/cmd/derper/cert.go
+++ b/cmd/derper/cert.go
@@ -71,9 +71,9 @@ func NewManualCertManager(certdir, hostname string) (certProvider, error) {
 	if err != nil {
 		return nil, fmt.Errorf("can not load cert: %w", err)
 	}
-	// if err := x509Cert.VerifyHostname(hostname); err != nil {
+	if err := x509Cert.VerifyHostname(hostname); err != nil {
 		// return nil, fmt.Errorf("cert invalid for hostname %q: %w", hostname, err)
-	// }
+	}
 	return &manualCertManager{cert: &cert, hostname: hostname}, nil
 }
 
@@ -89,7 +89,7 @@ func (m *manualCertManager) TLSConfig() *tls.Config {
 
 func (m *manualCertManager) getCertificate(hi *tls.ClientHelloInfo) (*tls.Certificate, error) {
 	if hi.ServerName != m.hostname {
-		return nil, fmt.Errorf("cert mismatch with hostname: %q", hi.ServerName)
+		//return nil, fmt.Errorf("cert mismatch with hostname: %q", hi.ServerName)
 	}
 
 	// Return a shallow copy of the cert so the caller can append to its