Revision 07584b3...

Go back to digest for 27th March 2011

Security in Other

Richard J. Moore committed changes in [qt-kde] /:

QSslCertificate: report fraudulent certificates as invalid

There are some fraudulent certificates in the wild that are not valid;
this patch introduces a blacklist of serial numbers of those

Reviewed-by: Richard J. Moore
Reviewed-by: Markus Goetz
Task-number: QTBUG-18338
(cherry picked from commit 04e074e8d7c097295505e63565abdc7ca2b49f7b)

File Changes

Added 9 files
  • /auto/qsslcertificate/more-certificates
  •   tests/blacklisted1.pem
  •   tests/blacklisted2.pem
  •   tests/blacklisted3.pem
  •   tests/blacklisted4.pem
  •   tests/blacklisted5.pem
  •   tests/blacklisted6.pem
  •   tests/blacklisted7.pem
  •   tests/blacklisted8.pem
  •   tests/blacklisted9.pem
Modified 3 files
  •   src/network/ssl/qsslcertificate.cpp
  •   src/network/ssl/qsslcertificate_p.h
  •   tests/auto/qsslcertificate/tst_qsslcertificate.cpp
12 files changed in total