diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2011-04-25 13:37:00 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2018-05-31 22:45:18 +0200 |
| commit | 75a4a592e5ccda30715f93563d741b83e0dcf39e (patch) | |
| tree | 502f745607e77a2c4386ad38d818ddcafe81489c /source/l/qt/qt.blacklist.bad.certs.patch02.diff | |
| parent | b76270bf9e6dd375e495fec92140a79a79415d27 (diff) | |
| download | current-75a4a592e5ccda30715f93563d741b83e0dcf39e.tar.gz current-75a4a592e5ccda30715f93563d741b83e0dcf39e.tar.xz | |
Slackware 13.37slackware-13.37
Mon Apr 25 13:37:00 UTC 2011
Slackware 13.37 x86_64 stable is released!
Thanks to everyone who pitched in on this release: the Slackware team,
the folks producing upstream code, and linuxquestions.org for providing
a great forum for collaboration and testing.
The ISOs are off to be replicated, a 6 CD-ROM 32-bit set and a
dual-sided
32-bit/64-bit x86/x86_64 DVD. Please consider supporting the Slackware
project by picking up a copy from store.slackware.com. We're taking
pre-orders now, and offer a discount if you sign up for a subscription.
As always, thanks to the Slackware community for testing, suggestions,
and feedback. :-)
Have fun!
Diffstat (limited to 'source/l/qt/qt.blacklist.bad.certs.patch02.diff')
| -rw-r--r-- | source/l/qt/qt.blacklist.bad.certs.patch02.diff | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/source/l/qt/qt.blacklist.bad.certs.patch02.diff b/source/l/qt/qt.blacklist.bad.certs.patch02.diff new file mode 100644 index 000000000..b8bb1e4e7 --- /dev/null +++ b/source/l/qt/qt.blacklist.bad.certs.patch02.diff @@ -0,0 +1,35 @@ +From b87528a71b66e786c11804d7b79e408aae612748 Mon Sep 17 00:00:00 2001 +From: Peter Hartmann <peter.hartmann@nokia.com> +Date: Fri, 25 Mar 2011 13:45:24 +0100 +Subject: [PATCH] QSslSocket internals: abort on encountering blacklisted certificates + +tested manually with "openssl s_server -cert blacklisted.pem -key +key.pem" and connecting a QSslSocket. + +Reviewed-by: Markus Goetz +Task-number: QTBUG-18338 +--- + src/network/ssl/qsslsocket_openssl.cpp | 7 +++++++ + 1 files changed, 7 insertions(+), 0 deletions(-) + +diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp +index 0866534..2427193 100644 +--- a/src/network/ssl/qsslsocket_openssl.cpp ++++ b/src/network/ssl/qsslsocket_openssl.cpp +@@ -1193,6 +1193,13 @@ bool QSslSocketBackendPrivate::startHandshake() + X509 *x509 = q_SSL_get_peer_certificate(ssl); + configuration.peerCertificate = QSslCertificatePrivate::QSslCertificate_from_X509(x509); + q_X509_free(x509); ++ if (QSslCertificatePrivate::isBlacklisted(configuration.peerCertificate)) { ++ q->setErrorString(QSslSocket::tr("The peer certificate is blacklisted")); ++ q->setSocketError(QAbstractSocket::SslHandshakeFailedError); ++ emit q->error(QAbstractSocket::SslHandshakeFailedError); ++ plainSocket->disconnectFromHost(); ++ return false; ++ } + + // Start translating errors. + QList<QSslError> errors; +-- +1.6.1 + |