|
Lines 219-235
bool QSslCertificate::isNull() const
Link Here
|
| 219 |
Returns true if this certificate is valid; otherwise returns |
219 |
Returns true if this certificate is valid; otherwise returns |
| 220 |
false. |
220 |
false. |
| 221 |
|
221 |
|
| 222 |
Note: Currently, this function only checks that the current |
222 |
Note: Currently, this function checks that the current |
| 223 |
data-time is within the date-time range during which the |
223 |
data-time is within the date-time range during which the |
| 224 |
certificate is considered valid. No other checks are |
224 |
certificate is considered valid, and checks that the |
| 225 |
currently performed. |
225 |
certificate is not in a blacklist of fraudulent certificates. |
| 226 |
|
226 |
|
| 227 |
\sa isNull() |
227 |
\sa isNull() |
| 228 |
*/ |
228 |
*/ |
| 229 |
bool QSslCertificate::isValid() const |
229 |
bool QSslCertificate::isValid() const |
| 230 |
{ |
230 |
{ |
| 231 |
const QDateTime currentTime = QDateTime::currentDateTime(); |
231 |
const QDateTime currentTime = QDateTime::currentDateTime(); |
| 232 |
return currentTime >= d->notValidBefore && currentTime <= d->notValidAfter; |
232 |
return currentTime >= d->notValidBefore && |
|
|
233 |
currentTime <= d->notValidAfter && |
| 234 |
! QSslCertificatePrivate::isBlacklisted(*this); |
| 233 |
} |
235 |
} |
| 234 |
|
236 |
|
| 235 |
/*! |
237 |
/*! |
|
Lines 798-803
QList<QSslCertificate> QSslCertificatePr
Link Here
|
| 798 |
return certificates; |
800 |
return certificates; |
| 799 |
} |
801 |
} |
| 800 |
|
802 |
|
|
|
803 |
// These certificates are known to be fraudulent and were created during the comodo |
| 804 |
// compromise. See http://www.comodo.com/Comodo-Fraud-Incident-2011-03-23.html |
| 805 |
static const char *certificate_blacklist[] = { |
| 806 |
"04:7e:cb:e9:fc:a5:5f:7b:d0:9e:ae:36:e1:0c:ae:1e", |
| 807 |
"f5:c8:6a:f3:61:62:f1:3a:64:f5:4f:6d:c9:58:7c:06", |
| 808 |
"d7:55:8f:da:f5:f1:10:5b:b2:13:28:2b:70:77:29:a3", |
| 809 |
"39:2a:43:4f:0e:07:df:1f:8a:a3:05:de:34:e0:c2:29", |
| 810 |
"3e:75:ce:d4:6b:69:30:21:21:88:30:ae:86:a8:2a:71", |
| 811 |
"e9:02:8b:95:78:e4:15:dc:1a:71:0a:2b:88:15:44:47", |
| 812 |
"92:39:d5:34:8f:40:d1:69:5a:74:54:70:e1:f2:3f:43", |
| 813 |
"b0:b7:13:3e:d0:96:f9:b5:6f:ae:91:c8:74:bd:3a:c0", |
| 814 |
"d8:f3:5f:4e:b7:87:2b:2d:ab:06:92:e3:15:38:2f:b0", |
| 815 |
0 |
| 816 |
}; |
| 817 |
|
| 818 |
bool QSslCertificatePrivate::isBlacklisted(const QSslCertificate &certificate) |
| 819 |
{ |
| 820 |
for (int a = 0; certificate_blacklist[a] != 0; a++) { |
| 821 |
if (certificate.serialNumber() == certificate_blacklist[a]) |
| 822 |
return true; |
| 823 |
} |
| 824 |
return false; |
| 825 |
} |
| 826 |
|
| 801 |
#ifndef QT_NO_DEBUG_STREAM |
827 |
#ifndef QT_NO_DEBUG_STREAM |
| 802 |
QDebug operator<<(QDebug debug, const QSslCertificate &certificate) |
828 |
QDebug operator<<(QDebug debug, const QSslCertificate &certificate) |
| 803 |
{ |
829 |
{ |
