Blame SOURCES/gnutls-3.7.8-integrity-check.patch

a74aed
diff --color -ruNp a/lib/fips.c b/lib/fips.c
a74aed
--- a/lib/fips.c	2022-11-15 16:10:56.183185457 +0100
a74aed
+++ b/lib/fips.c	2022-11-15 16:10:23.488530716 +0100
a74aed
@@ -360,11 +360,6 @@ static int check_lib_hmac(struct hmac_en
a74aed
 		return gnutls_assert_val(ret);
a74aed
 	}
a74aed
 
a74aed
-	if (strncmp(entry->path, path, GNUTLS_PATH_MAX)) {
a74aed
-		_gnutls_debug_log("Library path for %s does not match with HMAC file\n", lib);
a74aed
-		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
a74aed
-	}
a74aed
-
a74aed
 	_gnutls_debug_log("Loading: %s\n", path);
a74aed
 	ret = gnutls_load_file(path, &data);
a74aed
 	if (ret < 0) {
a74aed
diff --color -ruNp a/lib/fipshmac.c b/lib/fipshmac.c
a74aed
--- a/lib/fipshmac.c	2022-11-15 16:10:56.183185457 +0100
a74aed
+++ b/lib/fipshmac.c	2022-11-15 16:10:23.489530737 +0100
a74aed
@@ -102,20 +102,30 @@ static int get_hmac(const char *path, ch
a74aed
 static int print_lib_path(const char *path)
a74aed
 {
a74aed
 	int ret;
a74aed
+	char *real_path = NULL;
a74aed
 	char hmac[HMAC_STR_SIZE];
a74aed
 
a74aed
-	ret = get_hmac(path, hmac, sizeof(hmac));
a74aed
+	real_path = canonicalize_file_name(path);
a74aed
+	if (real_path == NULL) {
a74aed
+		fprintf(stderr, "Could not get realpath from %s\n", path);
a74aed
+		ret = GNUTLS_E_FILE_ERROR;
a74aed
+		goto cleanup;
a74aed
+	}
a74aed
+
a74aed
+	ret = get_hmac(real_path, hmac, sizeof(hmac));
a74aed
 	if (ret < 0) {
a74aed
 		fprintf(stderr, "Could not calculate HMAC for %s: %s\n",
a74aed
-                        last_component(path), gnutls_strerror(ret));
a74aed
-		return ret;
a74aed
+                        last_component(real_path), gnutls_strerror(ret));
a74aed
+		goto cleanup;
a74aed
 	}
a74aed
 
a74aed
 	printf("[%s]\n", last_component(path));
a74aed
-	printf("path = %s\n", path);
a74aed
+	printf("path = %s\n", real_path);
a74aed
 	printf("hmac = %s\n", hmac);
a74aed
 
a74aed
-	return 0;
a74aed
+cleanup:
a74aed
+	free(real_path);
a74aed
+	return ret;
a74aed
 }
a74aed
 
a74aed
 static int print_lib_dl(const char *lib, const char *sym)