QtNetwork: blacklist two more certificates

The comodogate 72:03:21:05:c5:0c:08:57:3d:8e:a5:30:4e:fe:e8:b0
certificate is a test certificate and the MD5 Collisions was created
as a proof of concept deliberately made to be expired at the time
of it's creation.

Task-number: QTBUG-24654
Change-Id: Ic8eb417363569fe50bf19cd229658f5e371862f7
Reviewed-by: Richard J. Moore <rich@kde.org>

diff --git a/src/network/ssl/qsslcertificate.cpp b/src/network/ssl/qsslcertificate.cpp
index a9573bf..65634a3 100644 (file)
--- a/src/network/ssl/qsslcertificate.cpp
+++ b/src/network/ssl/qsslcertificate.cpp
@@ -1161,6 +1161,8 @@ static const char *certificate_blacklist[] = {
 
     "07:27:14:a9",                                     "Digisign Server ID (Enrich)", // (Malaysian) Digicert Sdn. Bhd. cross-signed by Verizon CyberTrust
     "4c:0e:63:6a",                                     "Digisign Server ID - (Enrich)", // (Malaysian) Digicert Sdn. Bhd. cross-signed by Entrust
+    "72:03:21:05:c5:0c:08:57:3d:8e:a5:30:4e:fe:e8:b0", "UTN-USERFirst-Hardware", // comodogate test certificate
+    "41",                                              "MD5 Collisions Inc. (http://www.phreedom.org/md5)", // http://www.phreedom.org/research/rogue-ca/
     0
 };