diff options
author | Peter Hartmann <phartmann@rim.com> | 2013-01-04 11:06:14 +0100 |
---|---|---|
committer | The Qt Project <gerrit-noreply@qt-project.org> | 2013-01-04 15:19:17 +0100 |
commit | bf5e7fb2652669599a508e049b46ebd5cd3206e5 (patch) | |
tree | 9a4116478e38195774863f41de2f792a83a72bfa /src | |
parent | 89f862ab10893dcfc707fa9bcdbea6fb449600ca (diff) |
SSL certificates: blacklist mis-issued Turktrust certificates
Those certificates have erroneously set the CA attribute to true,
meaning everybody in possesion of their keys can issue certificates on
their own.
Task-number: QTBUG-28937
Change-Id: Iff351e590ad3e6ab802e6fa1d65a9a9a9f7683de
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
Diffstat (limited to 'src')
-rw-r--r-- | src/network/ssl/qsslcertificate.cpp | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/network/ssl/qsslcertificate.cpp b/src/network/ssl/qsslcertificate.cpp index 6d3a77b45f..fbe60e99bf 100644 --- a/src/network/ssl/qsslcertificate.cpp +++ b/src/network/ssl/qsslcertificate.cpp @@ -1205,6 +1205,9 @@ static const char *certificate_blacklist[] = { "4c:0e:63:6a", "Digisign Server ID - (Enrich)", // (Malaysian) Digicert Sdn. Bhd. cross-signed by Entrust "72:03:21:05:c5:0c:08:57:3d:8e:a5:30:4e:fe:e8:b0", "UTN-USERFirst-Hardware", // comodogate test certificate "41", "MD5 Collisions Inc. (http://www.phreedom.org/md5)", // http://www.phreedom.org/research/rogue-ca/ + + "08:27", "*.EGO.GOV.TR", // Turktrust mis-issued intermediate certificate + "08:64", "e-islem.kktcmerkezbankasi.org", // Turktrust mis-issued intermediate certificate 0 }; |