# reusing the path in gdb
set env LD_LIBRARY_PATH /root/newertls/usr/lib/x86_64-linux-gnu/
# that brought me to wonder that in the bad case the following break did not catch anything
b virNetTLSContextCheckCertDN if strcmp(dname, "C=UK,CN=libvirt") == 0
# I realized that they were different
GOOD: $1 = 0x7fffffffe1d0 "C=UK,CN=libvirt"
BAD: $1 = 0x7fffffffe180 "CN=libvirt,C=UK"
# So something must have been reordering these AND something breaks on the different order
# reusing the path in gdb usr/lib/ x86_64- linux-gnu/ tCheckCertDN if strcmp(dname, "C=UK,CN=libvirt") == 0
set env LD_LIBRARY_PATH /root/newertls/
# that brought me to wonder that in the bad case the following break did not catch anything
b virNetTLSContex
# I realized that they were different
GOOD: $1 = 0x7fffffffe1d0 "C=UK,CN=libvirt"
BAD: $1 = 0x7fffffffe180 "CN=libvirt,C=UK"
# So something must have been reordering these AND something breaks on the different order
The value is set by gnutls_ x509_crt_ get_dn( cert, dname, &dnamesize) /gitlab. com/gnutls/ gnutls/ issues/ 111 /gitlab. com/gnutls/ gnutls/ commit/ b1b025fcac6fc22 58eeb4e527226ba 0c2aff2f59
That unearths the conflicting issue / pach in gnutls which is:
https:/
https:/
Then on that virNetTLSContex tCheckCertDNWhi telist breaks as the strings no more match.