summaryrefslogtreecommitdiffstats
path: root/src/network
diff options
context:
space:
mode:
authorPeter Hartmann <phartmann@blackberry.com>2014-07-09 16:22:44 +0200
committerPeter Hartmann <phartmann@blackberry.com>2014-07-10 22:12:56 +0200
commit59eb561989f7a7b65c3e9b11d0ac062479013bf2 (patch)
tree2611a787472b8d8b7cbee7656a8aca278db5679f /src/network
parente66dd978999358efdb4d3edcc89b0455194c4ae1 (diff)
QSslCertificate: blacklist NIC certificates from India
Those intermediate certificates were used to issue "unauthorized" certificates according to http://googleonlinesecurity.blogspot.de/2014/07/maintaining-digital-certificate-security.html , and are by default trusted on Windows, so to be safe we blacklist them here. (backport of commit 916c9d469bd0df227dc3be97fcca27e3cf58144f) Change-Id: I22c6637895dcd21b1f7af73fdd5ca39d4747cf9e Reviewed-by: Richard J. Moore <rich@kde.org>
Diffstat (limited to 'src/network')
-rw-r--r--src/network/ssl/qsslcertificate.cpp4
1 files changed, 4 insertions, 0 deletions
diff --git a/src/network/ssl/qsslcertificate.cpp b/src/network/ssl/qsslcertificate.cpp
index 254f45b605..a015880900 100644
--- a/src/network/ssl/qsslcertificate.cpp
+++ b/src/network/ssl/qsslcertificate.cpp
@@ -832,6 +832,10 @@ static const char *certificate_blacklist[] = {
"2148", "e-islem.kktcmerkezbankasi.org", // Turktrust mis-issued intermediate certificate
"204199", "AC DG Tr\xC3\xA9sor SSL", // intermediate certificate linking back to ANSSI French National Security Agency
+
+ "10115", "NIC Certifying Authority", // intermediate certificate from NIC India (2007)
+ "10130", "NIC CA 2011", // intermediate certificate from NIC India (2011)
+ "10161", "NIC CA 2014", // intermediate certificate from NIC India (2014)
0
};
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-31 00:39:27 +0000