From b46f763ee77360e2499b9be44fc7e679b04e1c7b Mon Sep 17 00:00:00 2001
From: Justine Tunney <jtunney@gmail.com>
Date: Tue, 27 Sep 2022 18:07:21 -0700
Subject: [PATCH] Permit multiple certs with same common name

This is needed to support Cloudflare interop.
---
 libc/sock/accept.c          |  1 +
 libc/sock/sock.h            |  2 --
 libc/sock/struct/sockaddr.h |  1 +
 tool/net/redbean.c          | 11 -----------
 4 files changed, 2 insertions(+), 13 deletions(-)

diff --git a/libc/sock/accept.c b/libc/sock/accept.c
index 69f7f8e36..e4a08f0f6 100644
--- a/libc/sock/accept.c
+++ b/libc/sock/accept.c
@@ -17,6 +17,7 @@
 │ PERFORMANCE OF THIS SOFTWARE.                                                │
 ╚─────────────────────────────────────────────────────────────────────────────*/
 #include "libc/sock/sock.h"
+#include "libc/sock/struct/sockaddr.h"
 
 /**
  * Creates client socket file descriptor for incoming connection.
diff --git a/libc/sock/sock.h b/libc/sock/sock.h
index 072bef3a7..6487e140c 100644
--- a/libc/sock/sock.h
+++ b/libc/sock/sock.h
@@ -1,6 +1,5 @@
 #ifndef COSMOPOLITAN_LIBC_SOCK_SOCK_H_
 #define COSMOPOLITAN_LIBC_SOCK_SOCK_H_
-#include "libc/sock/struct/sockaddr.h"
 #if !(__ASSEMBLER__ + __LINKER__ + 0)
 COSMOPOLITAN_C_START_
 /*───────────────────────────────────────────────────────────────────────────│─╗
@@ -30,7 +29,6 @@ uint32_t *GetHostIps(void);
 
 int nointernet(void);
 int socket(int, int, int);
-int accept(int, struct sockaddr *, uint32_t *);
 int accept4(int, void *, uint32_t *, int);
 int bind(int, const void *, uint32_t);
 int connect(int, const void *, uint32_t);
diff --git a/libc/sock/struct/sockaddr.h b/libc/sock/struct/sockaddr.h
index 69f0242e3..f16765785 100644
--- a/libc/sock/struct/sockaddr.h
+++ b/libc/sock/struct/sockaddr.h
@@ -35,6 +35,7 @@ struct sockaddr_storage {
 
 int inet_aton(const char *, struct in_addr *);
 char *inet_ntoa(struct in_addr);
+int accept(int, struct sockaddr *, uint32_t *);
 
 COSMOPOLITAN_C_END_
 #endif /* !(__ASSEMBLER__ + __LINKER__ + 0) */
diff --git a/tool/net/redbean.c b/tool/net/redbean.c
index ef8dd48c3..3c3afea81 100644
--- a/tool/net/redbean.c
+++ b/tool/net/redbean.c
@@ -686,17 +686,6 @@ static void InternCertificate(mbedtls_x509_crt *cert, mbedtls_x509_crt *prev) {
     WARNF("(ssl) certificate %`'s is from the future",
           _gc(FormatX509Name(&cert->subject)));
   }
-  for (i = 0; i < certs.n; ++i) {
-    if (!certs.p[i].cert) continue;
-    if (mbedtls_pk_get_type(&cert->pk) ==
-            mbedtls_pk_get_type(&certs.p[i].cert->pk) &&
-        !mbedtls_x509_name_cmp(&cert->subject, &certs.p[i].cert->subject)) {
-      VERBOSEF("(ssl) %s %`'s is already loaded",
-               mbedtls_pk_get_name(&cert->pk),
-               _gc(FormatX509Name(&cert->subject)));
-      return;
-    }
-  }
   for (i = 0; i < certs.n; ++i) {
     if (!certs.p[i].cert && certs.p[i].key &&
         !mbedtls_pk_check_pair(&cert->pk, certs.p[i].key)) {