LogoopenSUSE Build Service > Projects
Sign Up | Log In

View File cert-blacklist-tuerktrust.diff of Package libQtWebKit-devel (Project KDE:Qt:STABLE)

commit 451462b1e0304e0cb6c2872e4f5688bc2e556dca
Author: Peter Hartmann <phartmann@rim.com>
Date:   Fri Jan 4 11:06:14 2013 +0100

    SSL certificates: blacklist mis-issued Turktrust certificates
    
    Those certificates have erroneously set the CA attribute to true,
    meaning everybody in possesion of their keys can issue certificates on
    their own.
    
    backport of bf5e7fb2652669599a508e049b46ebd5cd3206e5 from qtbase
    
    Task-number: QTBUG-28937
    Change-Id: Iee57c6f983fee61c13c3b66ed874300ef8e80c23
    Reviewed-by: Richard J. Moore <rich@kde.org>

diff --git a/src/network/ssl/qsslcertificate.cpp b/src/network/ssl/qsslcertificate.cpp
index 038187f..37799d1 100644
--- a/src/network/ssl/qsslcertificate.cpp
+++ b/src/network/ssl/qsslcertificate.cpp
@@ -825,6 +825,9 @@ static const char *certificate_blacklist[] = {
 
     "120001705", "Digisign Server ID (Enrich)", // (Malaysian) Digicert Sdn. Bhd. cross-signed by Verizon CyberTrust
     "1276011370", "Digisign Server ID - (Enrich)", // (Malaysian) Digicert Sdn. Bhd. cross-signed by Entrust
+
+    "2087",                                            "*.EGO.GOV.TR", // Turktrust mis-issued intermediate certificate
+    "2148",                                            "e-islem.kktcmerkezbankasi.org", // Turktrust mis-issued intermediate certificate
     0
 };