diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2012-09-26 01:10:42 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2018-05-31 22:51:55 +0200 |
commit | 9664bee729d487bcc0a0bc35859f8e13d5421c75 (patch) | |
tree | b428a16618e36ed864a8d76ea3435e19a452bf90 /source/l/qt/qt.blacklist.bad.certs.diff | |
parent | 75a4a592e5ccda30715f93563d741b83e0dcf39e (diff) | |
download | current-9664bee729d487bcc0a0bc35859f8e13d5421c75.tar.gz current-9664bee729d487bcc0a0bc35859f8e13d5421c75.tar.xz |
Slackware 14.0slackware-14.0
Wed Sep 26 01:10:42 UTC 2012
Slackware 14.0 x86_64 stable is released!
We're perfectionists here at Slackware, so this release has been a long
time a-brewing. But we think you'll agree that it was worth the wait.
Slackware 14.0 combines modern components, ease of use, and flexible
configuration... our "KISS" philosophy demands it.
The ISOs are off to be replicated, a 6 CD-ROM 32-bit set and a
dual-sided
32-bit/64-bit x86/x86_64 DVD. Please consider supporting the Slackware
project by picking up a copy from store.slackware.com. We're taking
pre-orders now, and offer a discount if you sign up for a subscription.
Thanks to everyone who helped make this happen. The Slackware team, the
upstream developers, and (of course) the awesome Slackware user
community.
Have fun! :-)
Diffstat (limited to '')
-rw-r--r-- | source/l/qt/qt.blacklist.bad.certs.diff | 67 |
1 files changed, 0 insertions, 67 deletions
diff --git a/source/l/qt/qt.blacklist.bad.certs.diff b/source/l/qt/qt.blacklist.bad.certs.diff deleted file mode 100644 index 38b6d369f..000000000 --- a/source/l/qt/qt.blacklist.bad.certs.diff +++ /dev/null @@ -1,67 +0,0 @@ ---- ./src/network/ssl/qsslcertificate_p.h.orig 2010-11-20 17:54:24.000000000 -0600 -+++ ./src/network/ssl/qsslcertificate_p.h 2011-03-24 18:08:59.000000000 -0500 -@@ -96,6 +96,7 @@ - static QSslCertificate QSslCertificate_from_X509(X509 *x509); - static QList<QSslCertificate> certificatesFromPem(const QByteArray &pem, int count = -1); - static QList<QSslCertificate> certificatesFromDer(const QByteArray &der, int count = -1); -+ static bool isBlacklisted(const QSslCertificate &certificate); - - friend class QSslSocketBackendPrivate; - ---- ./src/network/ssl/qsslcertificate.cpp.orig 2010-11-20 17:54:24.000000000 -0600 -+++ ./src/network/ssl/qsslcertificate.cpp 2011-03-24 18:08:59.000000000 -0500 -@@ -219,17 +219,19 @@ - Returns true if this certificate is valid; otherwise returns - false. - -- Note: Currently, this function only checks that the current -+ Note: Currently, this function checks that the current - data-time is within the date-time range during which the -- certificate is considered valid. No other checks are -- currently performed. -+ certificate is considered valid, and checks that the -+ certificate is not in a blacklist of fraudulent certificates. - - \sa isNull() - */ - bool QSslCertificate::isValid() const - { - const QDateTime currentTime = QDateTime::currentDateTime(); -- return currentTime >= d->notValidBefore && currentTime <= d->notValidAfter; -+ return currentTime >= d->notValidBefore && -+ currentTime <= d->notValidAfter && -+ ! QSslCertificatePrivate::isBlacklisted(*this); - } - - /*! -@@ -798,6 +800,30 @@ - return certificates; - } - -+// These certificates are known to be fraudulent and were created during the comodo -+// compromise. See http://www.comodo.com/Comodo-Fraud-Incident-2011-03-23.html -+static const char *certificate_blacklist[] = { -+ "04:7e:cb:e9:fc:a5:5f:7b:d0:9e:ae:36:e1:0c:ae:1e", -+ "f5:c8:6a:f3:61:62:f1:3a:64:f5:4f:6d:c9:58:7c:06", -+ "d7:55:8f:da:f5:f1:10:5b:b2:13:28:2b:70:77:29:a3", -+ "39:2a:43:4f:0e:07:df:1f:8a:a3:05:de:34:e0:c2:29", -+ "3e:75:ce:d4:6b:69:30:21:21:88:30:ae:86:a8:2a:71", -+ "e9:02:8b:95:78:e4:15:dc:1a:71:0a:2b:88:15:44:47", -+ "92:39:d5:34:8f:40:d1:69:5a:74:54:70:e1:f2:3f:43", -+ "b0:b7:13:3e:d0:96:f9:b5:6f:ae:91:c8:74:bd:3a:c0", -+ "d8:f3:5f:4e:b7:87:2b:2d:ab:06:92:e3:15:38:2f:b0", -+ 0 -+}; -+ -+bool QSslCertificatePrivate::isBlacklisted(const QSslCertificate &certificate) -+{ -+ for (int a = 0; certificate_blacklist[a] != 0; a++) { -+ if (certificate.serialNumber() == certificate_blacklist[a]) -+ return true; -+ } -+ return false; -+} -+ - #ifndef QT_NO_DEBUG_STREAM - QDebug operator<<(QDebug debug, const QSslCertificate &certificate) - { |