Blob Blame History Raw
diff --color -ruNp a/lib/fips.c b/lib/fips.c
--- a/lib/fips.c	2022-11-15 16:10:56.183185457 +0100
+++ b/lib/fips.c	2022-11-15 16:10:23.488530716 +0100
@@ -360,11 +360,6 @@ static int check_lib_hmac(struct hmac_en
 		return gnutls_assert_val(ret);
 	}
 
-	if (strncmp(entry->path, path, GNUTLS_PATH_MAX)) {
-		_gnutls_debug_log("Library path for %s does not match with HMAC file\n", lib);
-		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
-	}
-
 	_gnutls_debug_log("Loading: %s\n", path);
 	ret = gnutls_load_file(path, &data);
 	if (ret < 0) {
diff --color -ruNp a/lib/fipshmac.c b/lib/fipshmac.c
--- a/lib/fipshmac.c	2022-11-15 16:10:56.183185457 +0100
+++ b/lib/fipshmac.c	2022-11-15 16:10:23.489530737 +0100
@@ -102,20 +102,30 @@ static int get_hmac(const char *path, ch
 static int print_lib_path(const char *path)
 {
 	int ret;
+	char *real_path = NULL;
 	char hmac[HMAC_STR_SIZE];
 
-	ret = get_hmac(path, hmac, sizeof(hmac));
+	real_path = canonicalize_file_name(path);
+	if (real_path == NULL) {
+		fprintf(stderr, "Could not get realpath from %s\n", path);
+		ret = GNUTLS_E_FILE_ERROR;
+		goto cleanup;
+	}
+
+	ret = get_hmac(real_path, hmac, sizeof(hmac));
 	if (ret < 0) {
 		fprintf(stderr, "Could not calculate HMAC for %s: %s\n",
-                        last_component(path), gnutls_strerror(ret));
-		return ret;
+                        last_component(real_path), gnutls_strerror(ret));
+		goto cleanup;
 	}
 
 	printf("[%s]\n", last_component(path));
-	printf("path = %s\n", path);
+	printf("path = %s\n", real_path);
 	printf("hmac = %s\n", hmac);
 
-	return 0;
+cleanup:
+	free(real_path);
+	return ret;
 }
 
 static int print_lib_dl(const char *lib, const char *sym)