From 4c0df9feb2b44d0c4fcaa5076f00aa08fbc1dda5 Mon Sep 17 00:00:00 2001 From: Martin Petersson Date: Wed, 7 Mar 2012 12:05:59 +0100 Subject: [PATCH] QtNetwork: blacklist two more certificates The comodogate 72:03:21:05:c5:0c:08:57:3d:8e:a5:30:4e:fe:e8:b0 certificate is a test certificate and the MD5 Collisions was created as a proof of concept deliberately made to be expired at the time of it's creation. Task-number: QTBUG-24654 Change-Id: Ic8eb417363569fe50bf19cd229658f5e371862f7 Reviewed-by: Richard J. Moore --- src/network/ssl/qsslcertificate.cpp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/network/ssl/qsslcertificate.cpp b/src/network/ssl/qsslcertificate.cpp index a9573bf1d8..65634a3cb7 100644 --- a/src/network/ssl/qsslcertificate.cpp +++ b/src/network/ssl/qsslcertificate.cpp @@ -1161,6 +1161,8 @@ static const char *certificate_blacklist[] = { "07:27:14:a9", "Digisign Server ID (Enrich)", // (Malaysian) Digicert Sdn. Bhd. cross-signed by Verizon CyberTrust "4c:0e:63:6a", "Digisign Server ID - (Enrich)", // (Malaysian) Digicert Sdn. Bhd. cross-signed by Entrust + "72:03:21:05:c5:0c:08:57:3d:8e:a5:30:4e:fe:e8:b0", "UTN-USERFirst-Hardware", // comodogate test certificate + "41", "MD5 Collisions Inc. (http://www.phreedom.org/md5)", // http://www.phreedom.org/research/rogue-ca/ 0 };