Lines 219-235
bool QSslCertificate::isNull() const
Link Here
|
219 |
Returns true if this certificate is valid; otherwise returns |
219 |
Returns true if this certificate is valid; otherwise returns |
220 |
false. |
220 |
false. |
221 |
|
221 |
|
222 |
Note: Currently, this function only checks that the current |
222 |
Note: Currently, this function checks that the current |
223 |
data-time is within the date-time range during which the |
223 |
data-time is within the date-time range during which the |
224 |
certificate is considered valid. No other checks are |
224 |
certificate is considered valid, and checks that the |
225 |
currently performed. |
225 |
certificate is not in a blacklist of fraudulent certificates. |
226 |
|
226 |
|
227 |
\sa isNull() |
227 |
\sa isNull() |
228 |
*/ |
228 |
*/ |
229 |
bool QSslCertificate::isValid() const |
229 |
bool QSslCertificate::isValid() const |
230 |
{ |
230 |
{ |
231 |
const QDateTime currentTime = QDateTime::currentDateTime(); |
231 |
const QDateTime currentTime = QDateTime::currentDateTime(); |
232 |
return currentTime >= d->notValidBefore && currentTime <= d->notValidAfter; |
232 |
return currentTime >= d->notValidBefore && |
|
|
233 |
currentTime <= d->notValidAfter && |
234 |
! QSslCertificatePrivate::isBlacklisted(*this); |
233 |
} |
235 |
} |
234 |
|
236 |
|
235 |
/*! |
237 |
/*! |
Lines 798-803
QList<QSslCertificate> QSslCertificatePr
Link Here
|
798 |
return certificates; |
800 |
return certificates; |
799 |
} |
801 |
} |
800 |
|
802 |
|
|
|
803 |
// These certificates are known to be fraudulent and were created during the comodo |
804 |
// compromise. See http://www.comodo.com/Comodo-Fraud-Incident-2011-03-23.html |
805 |
static const char *certificate_blacklist[] = { |
806 |
"04:7e:cb:e9:fc:a5:5f:7b:d0:9e:ae:36:e1:0c:ae:1e", |
807 |
"f5:c8:6a:f3:61:62:f1:3a:64:f5:4f:6d:c9:58:7c:06", |
808 |
"d7:55:8f:da:f5:f1:10:5b:b2:13:28:2b:70:77:29:a3", |
809 |
"39:2a:43:4f:0e:07:df:1f:8a:a3:05:de:34:e0:c2:29", |
810 |
"3e:75:ce:d4:6b:69:30:21:21:88:30:ae:86:a8:2a:71", |
811 |
"e9:02:8b:95:78:e4:15:dc:1a:71:0a:2b:88:15:44:47", |
812 |
"92:39:d5:34:8f:40:d1:69:5a:74:54:70:e1:f2:3f:43", |
813 |
"b0:b7:13:3e:d0:96:f9:b5:6f:ae:91:c8:74:bd:3a:c0", |
814 |
"d8:f3:5f:4e:b7:87:2b:2d:ab:06:92:e3:15:38:2f:b0", |
815 |
0 |
816 |
}; |
817 |
|
818 |
bool QSslCertificatePrivate::isBlacklisted(const QSslCertificate &certificate) |
819 |
{ |
820 |
for (int a = 0; certificate_blacklist[a] != 0; a++) { |
821 |
if (certificate.serialNumber() == certificate_blacklist[a]) |
822 |
return true; |
823 |
} |
824 |
return false; |
825 |
} |
826 |
|
801 |
#ifndef QT_NO_DEBUG_STREAM |
827 |
#ifndef QT_NO_DEBUG_STREAM |
802 |
QDebug operator<<(QDebug debug, const QSslCertificate &certificate) |
828 |
QDebug operator<<(QDebug debug, const QSslCertificate &certificate) |
803 |
{ |
829 |
{ |