From 70f6a1b91b242174682c30be976c2aa36c450cc7 Mon Sep 17 00:00:00 2001
From: Peter Hartmann <peter.hartmann@nokia.com>
Date: Tue, 30 Aug 2011 11:33:01 +0200
Subject: QSslCertificate: blacklist fraudulent *.google.com

blacklist the leaf certificate for now. There might well be more fake
certificates in the wild, for that either the Diginotar.nl root cert
needs to be disabled on the system or OCSP would need to be enabled
(not supported by Qt yet).

Reviewed-by: Richard J. Moore <rich@kde.org>
---
 src/network/ssl/qsslcertificate.cpp                |  1 +
 .../blacklisted-google.com-diginotar.pem           | 30 ++++++++++++++++++++++
 2 files changed, 31 insertions(+)
 create mode 100644 tests/auto/qsslcertificate/more-certificates/blacklisted-google.com-diginotar.pem

diff --git a/src/network/ssl/qsslcertificate.cpp b/src/network/ssl/qsslcertificate.cpp
index 76b7d41..8bf1fb7 100644
--- a/src/network/ssl/qsslcertificate.cpp
+++ b/src/network/ssl/qsslcertificate.cpp
@@ -792,6 +792,7 @@ static const char *certificate_blacklist[] = {
     "92:39:d5:34:8f:40:d1:69:5a:74:54:70:e1:f2:3f:43",
     "b0:b7:13:3e:d0:96:f9:b5:6f:ae:91:c8:74:bd:3a:c0",
     "d8:f3:5f:4e:b7:87:2b:2d:ab:06:92:e3:15:38:2f:b0",
+    "05:e2:e6:a4:cd:09:ea:54:d6:65:b0:75:fe:22:a2:56",
     0
 };
 
diff --git a/tests/auto/qsslcertificate/more-certificates/blacklisted-google.com-diginotar.pem b/tests/auto/qsslcertificate/more-certificates/blacklisted-google.com-diginotar.pem
new file mode 100644
index 0000000..12bbcae
--- /dev/null
+++ b/tests/auto/qsslcertificate/more-certificates/blacklisted-google.com-diginotar.pem
@@ -0,0 +1,30 @@
+-----BEGIN CERTIFICATE-----
+MIIFKDCCBBCgAwIBAgIQBeLmpM0J6lTWZbB1/iKiVjANBgkqhkiG9w0BAQUFADBm
+MQswCQYDVQQGEwJOTDESMBAGA1UEChMJRGlnaU5vdGFyMSEwHwYDVQQDExhEaWdp
+Tm90YXIgUHVibGljIENBIDIwMjUxIDAeBgkqhkiG9w0BCQEWEWluZm9AZGlnaW5v
+dGFyLm5sMB4XDTExMDcxMDE5MDYzMFoXDTEzMDcwOTE5MDYzMFowajELMAkGA1UE
+BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxFjAUBgNVBAcTDU1vdW50YWluIFZp
+ZXcxFzAVBgNVBAUTDlBLMDAwMjI5MjAwMDAyMRUwEwYDVQQDEwwqLmdvb2dsZS5j
+b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNbeKubCV0aCxhOiOS
+CSQ/w9HXTYuD5BLKuiqXNw3setdTymeJz2L8aWOHo3nicFNDVwWTgwWomGNr2J6Q
+7g1iINNSW0rR4E1l2szRkcnAY6c6i/Eke93nF4i2hDsnIBveolF5yjpuRm73uQQD
+ulHjA3BFRF/PTi0fw2/Yt+8ieoMuNcMWN6Eou5Gqt5YZkWv176ofeCbsBmMrP87x
+OhhtTDckCapk4VQZG2XrfzZcV6tdzCp5TI8uHdu17cdzXm1imZ8tyvzFeiCEOQN8
+vPNzB/fIr3CJQ5q4uM5aKT3DD5PeVzf4rfJKQNgCTWiIBc9XcWEUuszwAsnmg7e2
+EJRdAgMBAAGjggHMMIIByDA6BggrBgEFBQcBAQQuMCwwKgYIKwYBBQUHMAGGHmh0
+dHA6Ly92YWxpZGF0aW9uLmRpZ2lub3Rhci5ubDAfBgNVHSMEGDAWgBTfM8Cvkv43
+/LbYFhbQ2bGR1fpupTAJBgNVHRMEAjAAMIHGBgNVHSAEgb4wgbswgbgGDmCEEAGH
+aQEBAQIEAQICMIGlMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2lub3Rhci5u
+bC9jcHMwegYIKwYBBQUHAgIwbhpsQ29uZGl0aW9ucywgYXMgbWVudGlvbmVkIG9u
+IG91ciB3ZWJzaXRlICh3d3cuZGlnaW5vdGFyLm5sKSwgYXJlIGFwcGxpY2FibGUg
+dG8gYWxsIG91ciBwcm9kdWN0cyBhbmQgc2VydmljZXMuMEkGA1UdHwRCMEAwPqA8
+oDqGOGh0dHA6Ly9zZXJ2aWNlLmRpZ2lub3Rhci5ubC9jcmwvcHVibGljMjAyNS9s
+YXRlc3RDUkwuY3JsMA4GA1UdDwEB/wQEAwIEsDAbBgNVHREEFDASgRBhZG1pbkBn
+b29nbGUuY29tMB0GA1UdDgQWBBQHSn0WJzIo0eMBMQUNsMqN6eF/7TANBgkqhkiG
+9w0BAQUFAAOCAQEAAs5dL7N9wzRJkI4Aq4lC5t8j5ZadqnqUcgYLADzSv4ExytNH
+UY2nH6iVTihC0UPSsILWraoeApdT7Rphz/8DLQEBRGdeKWAptNM3EbiXtQaZT2uB
+pidL8UoafX0kch3f71Y1scpBEjvu5ZZLnjg0A8AL0tnsereOVdDpU98bKqdbbrnM
+FRmBlSf7xdaNca6JJHeEpga4E9Ty683CmccrSGXdU2tTCuHEJww+iOAUtPIZcsum
+U7/eYeY1pMyGLyIjbNgRY7nDzRwvM/BsbL9eh4/mSQj/4nncqJd22sVQpCggQiVK
+baB2sVGcVNBkK55bT8gPqnx8JypubyUvayzZGg==
+-----END CERTIFICATE-----
-- 
cgit v0.12


From a3d22777028b102b7f65cf2db9719f5d57308b04 Mon Sep 17 00:00:00 2001
From: Peter Hartmann <peter.hartmann@nokia.com>
Date: Tue, 30 Aug 2011 12:24:30 +0200
Subject: QSslCertificate: regenerate blacklisted certificates, they were
 expired

regenerating blacklisted certificates with same serial number and
common name, but longer validity: Now they are valid for 10 years.
---
 .../more-certificates/blacklisted1.pem               | 20 ++++++++++----------
 .../more-certificates/blacklisted2.pem               | 20 ++++++++++----------
 .../more-certificates/blacklisted3.pem               | 20 ++++++++++----------
 .../more-certificates/blacklisted4.pem               | 20 ++++++++++----------
 .../more-certificates/blacklisted5.pem               | 20 ++++++++++----------
 .../more-certificates/blacklisted6.pem               | 20 ++++++++++----------
 .../more-certificates/blacklisted7.pem               | 20 ++++++++++----------
 .../more-certificates/blacklisted8.pem               | 20 ++++++++++----------
 .../more-certificates/blacklisted9.pem               | 20 ++++++++++----------
 9 files changed, 90 insertions(+), 90 deletions(-)

diff --git a/tests/auto/qsslcertificate/more-certificates/blacklisted1.pem b/tests/auto/qsslcertificate/more-certificates/blacklisted1.pem
index 3945aea..7fc0a05 100644
--- a/tests/auto/qsslcertificate/more-certificates/blacklisted1.pem
+++ b/tests/auto/qsslcertificate/more-certificates/blacklisted1.pem
@@ -2,18 +2,18 @@
 MIIDDzCCAnigAwIBAgIQBH7L6fylX3vQnq424QyuHjANBgkqhkiG9w0BAQUFADBf
 MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
 ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRgwFgYDVQQDEw9tYWlsLmdvb2dsZS5jb20w
-HhcNMTEwMzI0MTMwNjI1WhcNMTEwNDIzMTMwNjI1WjBfMQswCQYDVQQGEwJBVTET
+HhcNMTEwODMwMTAxOTI2WhcNMjEwODI3MTAxOTI2WjBfMQswCQYDVQQGEwJBVTET
 MBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQ
 dHkgTHRkMRgwFgYDVQQDEw9tYWlsLmdvb2dsZS5jb20wgZ8wDQYJKoZIhvcNAQEB
-BQADgY0AMIGJAoGBAOeAGV2FbGnT4rLjTvCNEEDjj0/iIUATa6RT8WKF2PVaOzbE
-oceiODx6hTStvBnCgs+h/d3eVKgp+uAyBde5sW/HlOwHrNgKF3ZDvxegzIOEHaVI
-ndNtBpFS3UyOEkO0NxfioBatNRYpeTRU/DVmazu3yvzgrV1V2mDsrNngVWxJAgMB
-AAGjgcswgcgwHQYDVR0OBBYEFHcF1eqRpm7B78aY8ZjseN6zSYbvMIGYBgNVHSME
-gZAwgY2AFHcF1eqRpm7B78aY8ZjseN6zSYbvoWOkYTBfMQswCQYDVQQGEwJBVTET
+BQADgY0AMIGJAoGBANOvJQGm9vyX8f61SP1XDp23sEDS2SAsDNIxdeONmFthfQRh
+EBlJMNDByegnImZPMN4tA2T2iKcvdkxyQhC9vnQ+HEqJxxu0EhOwO+UdsSII7Lns
+yQZVj2QAoTvC0+MFHPo+wl39JEe3ZytNwQZLjfZSLdS/j0cAyoTkFNconK0bAgMB
+AAGjgcswgcgwHQYDVR0OBBYEFGFxxhfk1fvT8zPfLKPE0YYp9HZEMIGYBgNVHSME
+gZAwgY2AFGFxxhfk1fvT8zPfLKPE0YYp9HZEoWOkYTBfMQswCQYDVQQGEwJBVTET
 MBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQ
 dHkgTHRkMRgwFgYDVQQDEw9tYWlsLmdvb2dsZS5jb22CEAR+y+n8pV970J6uNuEM
-rh4wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQBEb1iF+EbhAJli5Sj2
-+iEdJ5xMP8R6FtgqAYknqXD8+tyEyXxJXdN186qdAWuTD9N22AUqi61BPWxUkufW
-xH8FYMEHdFCkitvYE0321+GT5pJz6ON/d5Co+wusumt7T5oSjzj8Ax9V+nmo3Nkb
-dSANM4/Lnc6moijcpJZq+GC1ng==
+rh4wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQAldVSTJ4lNG9Qxx2GG
+/y/ccH/BBYkpPXBklKP/U528Zk48jypWsbnZ07rQrPIlSXYQHffdNH3JsEiF/el9
+bIu+6tGJzmjqvtl5fD5S+yBvI3ySx3Fz6lWmUlqT6UY1X8Oob2PsR6u6mfT8Q1da
+d02x97EUSiAzYvzxndqD6g8R1w==
 -----END CERTIFICATE-----
diff --git a/tests/auto/qsslcertificate/more-certificates/blacklisted2.pem b/tests/auto/qsslcertificate/more-certificates/blacklisted2.pem
index 4b8d059..3c8489f 100644
--- a/tests/auto/qsslcertificate/more-certificates/blacklisted2.pem
+++ b/tests/auto/qsslcertificate/more-certificates/blacklisted2.pem
@@ -2,18 +2,18 @@
 MIIDDjCCAnegAwIBAgIRAPXIavNhYvE6ZPVPbclYfAYwDQYJKoZIhvcNAQEFBQAw
 XjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGElu
 dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEXMBUGA1UEAxMOd3d3Lmdvb2dsZS5jb20w
-HhcNMTEwMzI0MTMwNzExWhcNMTEwNDIzMTMwNzExWjBeMQswCQYDVQQGEwJBVTET
+HhcNMTEwODMwMTAxOTUxWhcNMjEwODI3MTAxOTUxWjBeMQswCQYDVQQGEwJBVTET
 MBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQ
 dHkgTHRkMRcwFQYDVQQDEw53d3cuZ29vZ2xlLmNvbTCBnzANBgkqhkiG9w0BAQEF
-AAOBjQAwgYkCgYEAy1fNDFl65Njfcd1EUJeaxvyiKln+JKlqUmk1x4mrE1BQoa0C
-QZaiXAF21rDhivWejZWBiEQ4IWbg3b12ANY74G1KqAfLC4BNKS9UP94hy18vezRA
-pFc+m/HAClwc8AdACpl8eZpQW8cMgdvnMBMZTrQkgV0JYykX+uDD9Tb+QNUCAwEA
-AaOByzCByDAdBgNVHQ4EFgQUSelG6IVRj2ZQbp049zkQ0X/Po9wwgZgGA1UdIwSB
-kDCBjYAUSelG6IVRj2ZQbp049zkQ0X/Po9yhYqRgMF4xCzAJBgNVBAYTAkFVMRMw
+AAOBjQAwgYkCgYEAriNo6jkVPi+gyynL2YiPBqDsBa4MuM4rQwM7vcHDRO9GizKi
+6gV7/loaqvr7zqKnHmoARP6OqxDMMEWfZ4QGJjToVKS6srE7dPJEh1lRzK+bsl02
+xGCP/RKJqnZcW1oUpFUceRBQ8TWynZ1L7cE/YUlOhqXnMO9aPibqbWj8AGcCAwEA
+AaOByzCByDAdBgNVHQ4EFgQUo/E6UVU6oRgxQF8yftx0/9dvzMgwgZgGA1UdIwSB
+kDCBjYAUo/E6UVU6oRgxQF8yftx0/9dvzMihYqRgMF4xCzAJBgNVBAYTAkFVMRMw
 EQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0
 eSBMdGQxFzAVBgNVBAMTDnd3dy5nb29nbGUuY29tghEA9chq82Fi8Tpk9U9tyVh8
-BjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBALQyDC/AMQMNj2fa6E8L
-umILCklWJwG1K1p/1bUAgm0CB8zm94n1xrh/ZK4+HS+k2a9OQmvLRbFyJn8Wua8p
-3UU0267UNkCanA1FKHuO3Mo18wLvjMLWjjCQ4g1C9IvJx6P+8EFDQFG+MJBV/w2k
-gJXXVl3q1T1dvahIgfav9QBL
+BjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAESHOPB9eAsTKkO4lY8d
+EKr2XrRqUkk5KqMFraAHWRekJFwl0R39Q6MDjRHr6NpPJkSKuBPppkr9nk6WDfpt
+TG+oN3Yb1rFmJv6eZw8ud9btoquc8jAtaQnihbjFPEP9cCLBw3Gz1C/JBjDw1tgK
+zXKNU+jMZYk7c5Z64DocggBH
 -----END CERTIFICATE-----
diff --git a/tests/auto/qsslcertificate/more-certificates/blacklisted3.pem b/tests/auto/qsslcertificate/more-certificates/blacklisted3.pem
index e47ece6..fa458cc 100644
--- a/tests/auto/qsslcertificate/more-certificates/blacklisted3.pem
+++ b/tests/auto/qsslcertificate/more-certificates/blacklisted3.pem
@@ -2,18 +2,18 @@
 MIIDETCCAnqgAwIBAgIRANdVj9r18RBbshMoK3B3KaMwDQYJKoZIhvcNAQEFBQAw
 XzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGElu
 dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEYMBYGA1UEAxMPbG9naW4ueWFob28uY29t
-MB4XDTExMDMyNDEzMDg0MloXDTExMDQyMzEzMDg0MlowXzELMAkGA1UEBhMCQVUx
+MB4XDTExMDgzMDEwMjAzNloXDTIxMDgyNzEwMjAzNlowXzELMAkGA1UEBhMCQVUx
 EzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMg
 UHR5IEx0ZDEYMBYGA1UEAxMPbG9naW4ueWFob28uY29tMIGfMA0GCSqGSIb3DQEB
-AQUAA4GNADCBiQKBgQCosFLKRvGtxjvdAjWdEAHYycFTa4VtdpXmCNhNHf2xbeLn
-xzde10KjEe44pQxNI+UUD1rJkyuH6wUfloyefn0D2Mu+MvusmvOEzFosa4EDbK9s
-BAAlsSiyJgrp/GgbEPq/XOl4XJRBIVP1WC6LllduNbskFCipDqS+HQwifXmmwQID
-AQABo4HMMIHJMB0GA1UdDgQWBBSEgWnsoYtd5GEx/MGJvKxuIuROJzCBmQYDVR0j
-BIGRMIGOgBSEgWnsoYtd5GEx/MGJvKxuIuROJ6FjpGEwXzELMAkGA1UEBhMCQVUx
+AQUAA4GNADCBiQKBgQC3TVwiPfNClgadKYuX50szBlIaVWDd+UFHsakbGk0bgqlu
+YKgC/cmbjgOyrmsEC2HbJISceTz9CK6mCewEgGFWuq6gjYi4UnSFk1o6h6WJV86A
+tLpeVti7lN9/04IW7XHyxuhvS71V+JWlqfu3zboyaVoMIlHDrPFtRiAh7vTTjQID
+AQABo4HMMIHJMB0GA1UdDgQWBBQrVExlI4rixsrub6IMDDsLPNB4ezCBmQYDVR0j
+BIGRMIGOgBQrVExlI4rixsrub6IMDDsLPNB4e6FjpGEwXzELMAkGA1UEBhMCQVUx
 EzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMg
 UHR5IEx0ZDEYMBYGA1UEAxMPbG9naW4ueWFob28uY29tghEA11WP2vXxEFuyEygr
-cHcpozAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAKNpIrzTOxIykKZt
-EE6HU2nW1lrWUkIMjwjL8ntw7QI4JLMDN1ADVIxWaGTeQ+U/eXFou6dDNAYVAijK
-ONDXgOItxW2YvSw0wOZsZj6INX2x88/0yRH+19TqaL/r+Y1D1h/0zefkHgfXufnY
-Ex7BHju/rGBTp6R1mr+Tlh1tewva
+cHcpozAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAFB5SF2ujZzH9KMj
+m4ZDTsyy94/YQZdwgLncKUYTxmZe4BdX+42j799pCG+UeQGwqz9hU/soPgibAvGT
+1KCEGQ6qtWSqKJYmC8VKenYvvEFIySj5cbSFmId5aNwhjl8AYoLuM0E+2FRVJQ6a
+pWyzYUIOqhsCkt9hEPsDVP4hIhP+
 -----END CERTIFICATE-----
diff --git a/tests/auto/qsslcertificate/more-certificates/blacklisted4.pem b/tests/auto/qsslcertificate/more-certificates/blacklisted4.pem
index 64c7d41..53761bb 100644
--- a/tests/auto/qsslcertificate/more-certificates/blacklisted4.pem
+++ b/tests/auto/qsslcertificate/more-certificates/blacklisted4.pem
@@ -2,18 +2,18 @@
 MIIDDzCCAnigAwIBAgIQOSpDTw4H3x+KowXeNODCKTANBgkqhkiG9w0BAQUFADBf
 MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
 ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRgwFgYDVQQDEw9sb2dpbi55YWhvby5jb20w
-HhcNMTEwMzI0MTMwOTE1WhcNMTEwNDIzMTMwOTE1WjBfMQswCQYDVQQGEwJBVTET
+HhcNMTEwODMwMTAyMTE5WhcNMjEwODI3MTAyMTE5WjBfMQswCQYDVQQGEwJBVTET
 MBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQ
 dHkgTHRkMRgwFgYDVQQDEw9sb2dpbi55YWhvby5jb20wgZ8wDQYJKoZIhvcNAQEB
-BQADgY0AMIGJAoGBANO2gz9x2H92xz5OvZSEul9gHxqqd+kdjeoS2exyvjC9wzqb
-gYXqNmAsbtNp4WmieEQFd0riCAEkIAn8JpHTCsMHN4rHhS+W+4D5a/drI2jfnZEF
-orNYJG1PHSQV/rvh6d7wkVdT+0SYOjrFTAA2biGWaK3W9ztf2yX577w+uQtBAgMB
-AAGjgcswgcgwHQYDVR0OBBYEFJjDp8Prs7oReRmskIeFixp0vDkGMIGYBgNVHSME
-gZAwgY2AFJjDp8Prs7oReRmskIeFixp0vDkGoWOkYTBfMQswCQYDVQQGEwJBVTET
+BQADgY0AMIGJAoGBAML+Z5hpY4VfSeTPbMCGaqe5shwcw3yW/egYY6cXcfxtUkjs
+Eai48hP/sqtQeFwi3puJ7HO2iGUX72/UnO0t9qwEGtGOHS1qqAYdTcncY5pTpO9L
+e4Tn6CkPwFE4VNXVU96xPlUjP/KBZ43VH6gW3M1xDI0DmNh2QUXHN5ErQE8nAgMB
+AAGjgcswgcgwHQYDVR0OBBYEFI+gG6PT7vQtUVn2xf+wCYZV5Ht8MIGYBgNVHSME
+gZAwgY2AFI+gG6PT7vQtUVn2xf+wCYZV5Ht8oWOkYTBfMQswCQYDVQQGEwJBVTET
 MBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQ
 dHkgTHRkMRgwFgYDVQQDEw9sb2dpbi55YWhvby5jb22CEDkqQ08OB98fiqMF3jTg
-wikwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQAZyo0Q3leeM1+lxeCd
-Wp0ZYHMSW11ANc6nuMWOmJC+nIQGlyGiP3IqeUvIfekwboV638bahVPwcl2HYWsS
-/l01Bgyd25Zn6VTQBfMK01dILyxscjVwdHuojzYBN05sl+qkVoqQr5EroQQbgDc9
-6I88p6Kjajv3IusCwfK6wlqISw==
+wikwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQA3eZG/dOXrL7YBPCA8
+joDGfhra98T1iCpul4/L/L4dt/9+QVAu+agbZmHWLYzuAvuB1zj8go0BLIE7b4ap
+HPLFYXV3iAWjIRhNEix4FWohlds1B+IwpvWdsl3Op1pZfHQ0yq8wFGawdQTAKUII
+lLu1cd6E8B6pCfWwSr+9h6gnTg==
 -----END CERTIFICATE-----
diff --git a/tests/auto/qsslcertificate/more-certificates/blacklisted5.pem b/tests/auto/qsslcertificate/more-certificates/blacklisted5.pem
index c7ddbf2..81211ee 100644
--- a/tests/auto/qsslcertificate/more-certificates/blacklisted5.pem
+++ b/tests/auto/qsslcertificate/more-certificates/blacklisted5.pem
@@ -2,18 +2,18 @@
 MIIDDzCCAnigAwIBAgIQPnXO1GtpMCEhiDCuhqgqcTANBgkqhkiG9w0BAQUFADBf
 MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
 ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRgwFgYDVQQDEw9sb2dpbi55YWhvby5jb20w
-HhcNMTEwMzI0MTMwOTQ4WhcNMTEwNDIzMTMwOTQ4WjBfMQswCQYDVQQGEwJBVTET
+HhcNMTEwODMwMTAyMTQ4WhcNMjEwODI3MTAyMTQ4WjBfMQswCQYDVQQGEwJBVTET
 MBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQ
 dHkgTHRkMRgwFgYDVQQDEw9sb2dpbi55YWhvby5jb20wgZ8wDQYJKoZIhvcNAQEB
-BQADgY0AMIGJAoGBALkiHG9TgTw/00CMW8D23NBDAa3331AL5kTkAaXbAWg2R/1o
-yKQfXq3hgHbyWGPccUT+tU6FmaBf3bIndLK7iGx81RGzGgXeoQ5mpgnJ50iCeW73
-G99VlVwutPia7d9qqui84YdcG9t+P2Fuxv+xRqAB6lKOaa4qTPIbH50PgwOvAgMB
-AAGjgcswgcgwHQYDVR0OBBYEFBWJrs8bnZ5fikfaLbTxK0ssj69MMIGYBgNVHSME
-gZAwgY2AFBWJrs8bnZ5fikfaLbTxK0ssj69MoWOkYTBfMQswCQYDVQQGEwJBVTET
+BQADgY0AMIGJAoGBAL5IeUbbQ7HxCBLQaOASV2HyI1tRwPm/7JNsRfh5ipM1sCWE
+xnPoqFznX6ZUKi8d61/EIycwUd+FvOp9zoRxDlngoRdhqMCTTG3JfxNf6ZXJPCYd
+qPjOKAkMwyG8bbhGCsoCws9b2rpN9536qVXc2QR39F9/ZE5t73oKtEd1fyNnAgMB
+AAGjgcswgcgwHQYDVR0OBBYEFNXCkfGdW3WYzBBqB2jWppl6sL99MIGYBgNVHSME
+gZAwgY2AFNXCkfGdW3WYzBBqB2jWppl6sL99oWOkYTBfMQswCQYDVQQGEwJBVTET
 MBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQ
 dHkgTHRkMRgwFgYDVQQDEw9sb2dpbi55YWhvby5jb22CED51ztRraTAhIYgwroao
-KnEwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQCIfqqs1a7RzdmV8U00
-v/xAsxscKvQvmu6BK+HwvY5iL2pSwXTYgRLJLoj5QGOd3mmgOFsyW3BPSCP1+fVE
-M1ROhU2u8wHub+hGGds18Fx6F4yZjdh8pNUoOUR9A0Ym+VDJr2p50oUNTTy0RbH8
-9ns/gbemx84cjF9DD2G5stQhYg==
+KnEwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQCOeih7N7fmkqECWZD/
+bYsFLtbKOwD4YMPIV2wayvaLg2dFwqhBkGml+5ulOh5KTiUh0/nnGmGAU/3K9nt5
+TCMjwMGHm/C5pp7THQriiY8Qw0QVtnFiJGnjblhAbJVIvBJJ42/Qq7T4IzEwqShW
+hO2g1M0MUGiOw4vyXJRGc4dg2w==
 -----END CERTIFICATE-----
diff --git a/tests/auto/qsslcertificate/more-certificates/blacklisted6.pem b/tests/auto/qsslcertificate/more-certificates/blacklisted6.pem
index bc2be2a..4264a67 100644
--- a/tests/auto/qsslcertificate/more-certificates/blacklisted6.pem
+++ b/tests/auto/qsslcertificate/more-certificates/blacklisted6.pem
@@ -2,18 +2,18 @@
 MIIDETCCAnqgAwIBAgIRAOkCi5V45BXcGnEKK4gVREcwDQYJKoZIhvcNAQEFBQAw
 XzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGElu
 dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEYMBYGA1UEAxMPbG9naW4uc2t5cGUuY29t
-MB4XDTExMDMyNDEzMTAxNloXDTExMDQyMzEzMTAxNlowXzELMAkGA1UEBhMCQVUx
+MB4XDTExMDgzMDEwMjIxOFoXDTIxMDgyNzEwMjIxOFowXzELMAkGA1UEBhMCQVUx
 EzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMg
 UHR5IEx0ZDEYMBYGA1UEAxMPbG9naW4uc2t5cGUuY29tMIGfMA0GCSqGSIb3DQEB
-AQUAA4GNADCBiQKBgQDFq06qqRl86pP7GRX3m7FMMSaSU6zlNGAo+WPoRfYAzB6x
-5KpvlfxMCo3T/nWtInX3Bw9TBWCZSweQ2GEjggO0irjw5UX3MiToLxK+rwzWztm9
-H3LBxTWR0cOOa78kRFvNQ1onvNHbs8fJzXjG7b2IJDOIwG1HAT1LK80oPXZc1wID
-AQABo4HMMIHJMB0GA1UdDgQWBBTiGNxw0ImW/wfW0mD3eA65PY5CAzCBmQYDVR0j
-BIGRMIGOgBTiGNxw0ImW/wfW0mD3eA65PY5CA6FjpGEwXzELMAkGA1UEBhMCQVUx
+AQUAA4GNADCBiQKBgQDAAkuUFRdz1bm95jFsyQRb4PBrly4pJK4f5pSZy99eY8FM
+iZbr7brnkiheN4qeJfS1dv/B/B4kAVoGD2Y0KmpZ5ZZYmm3TxopoP0Yeg6juWNKa
+iFlfKQIvk0GEmD8oGfEqW1+72p040jAuTn+OQx+7VpydqB/RJoY8qK3zEXbB7wID
+AQABo4HMMIHJMB0GA1UdDgQWBBSE9drle8VwSlwYIX5mKaIEvQYX/zCBmQYDVR0j
+BIGRMIGOgBSE9drle8VwSlwYIX5mKaIEvQYX/6FjpGEwXzELMAkGA1UEBhMCQVUx
 EzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMg
 UHR5IEx0ZDEYMBYGA1UEAxMPbG9naW4uc2t5cGUuY29tghEA6QKLlXjkFdwacQor
-iBVERzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAHdb1QY/oxuro/4x
-GX9jbm930ysoeXkWZSKVtVxoxrPIferu8jVpb1SLRjGcMnmjJoNWNFpvnbZgoYei
-f3wdSWun7ndyQBh61k8eM7UABDOUXUHOsHuHj7s1koMKtet4gykmMfd6VxBkwBvN
-ZXOll4X+TKe8nrxbnGUByIwQaRM+
+iBVERzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBACm4/Q6e001Fg9uu
+ieqHOAxfBafkOsXtgKqTFFdpt9Hbmo9j/BfvrtvfFN5Ph4fV46useGjW79P1IeNK
++KqcaqOKy2q6j1em4j8C5Mx6S4ksZJC25jIPEM7cdxiDGcV505X5mynlu1+WkZAf
+nQhnJpA8o3p462ON4S+GXTfOLfoN
 -----END CERTIFICATE-----
diff --git a/tests/auto/qsslcertificate/more-certificates/blacklisted7.pem b/tests/auto/qsslcertificate/more-certificates/blacklisted7.pem
index 19d4353..03ab7d4 100644
--- a/tests/auto/qsslcertificate/more-certificates/blacklisted7.pem
+++ b/tests/auto/qsslcertificate/more-certificates/blacklisted7.pem
@@ -2,18 +2,18 @@
 MIIDGjCCAoOgAwIBAgIRAJI51TSPQNFpWnRUcOHyP0MwDQYJKoZIhvcNAQEFBQAw
 YjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGElu
 dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEbMBkGA1UEAxMSYWRkb25zLm1vemlsbGEu
-b3JnMB4XDTExMDMyNDEzMTA0NFoXDTExMDQyMzEzMTA0NFowYjELMAkGA1UEBhMC
+b3JnMB4XDTExMDgzMDEwMjIzOVoXDTIxMDgyNzEwMjIzOVowYjELMAkGA1UEBhMC
 QVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdp
 dHMgUHR5IEx0ZDEbMBkGA1UEAxMSYWRkb25zLm1vemlsbGEub3JnMIGfMA0GCSqG
-SIb3DQEBAQUAA4GNADCBiQKBgQC1lsoAcZTwF8Pf0E9do5avLdobB/O7EhhrCMs2
-/EMO07aIlrLwl3UP/Fmu/cAkKuX8Mx+Eif9x+XT3ZqGKGYKiqPTJcNfeZvgwbn0j
-wXDtEo4DuURrwtBU9okS+v4dF6F4RtHQKAGcsXoOjhR7ah71kve+PG2GG0sJ167V
-klK1xwIDAQABo4HPMIHMMB0GA1UdDgQWBBRgGDJ4Qp0WFyLIzm4Nz5wgqDSSxjCB
-nAYDVR0jBIGUMIGRgBRgGDJ4Qp0WFyLIzm4Nz5wgqDSSxqFmpGQwYjELMAkGA1UE
+SIb3DQEBAQUAA4GNADCBiQKBgQC9Yo3DJvs+vewelK5qoK+0Xn4zeRIQ/wJCrQBg
+5tNXja+NZsHb0/enlwAZ3dAwCfI0G12mTowgSuZyDX7oN2+G+k6Q5LPnGhj1E5s5
+OJ+ZYsAjTdU0SCAPquva55+jyhqo5w/B5Il7w84mppUrAZgqEGhYkhXeDOULe1Vm
+4iLMQwIDAQABo4HPMIHMMB0GA1UdDgQWBBSb8lAIgOnUitVOuZIx3s+5MN1sBzCB
+nAYDVR0jBIGUMIGRgBSb8lAIgOnUitVOuZIx3s+5MN1sB6FmpGQwYjELMAkGA1UE
 BhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdp
 ZGdpdHMgUHR5IEx0ZDEbMBkGA1UEAxMSYWRkb25zLm1vemlsbGEub3JnghEAkjnV
-NI9A0WladFRw4fI/QzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBACeE
-DHMQ+LWEuoa/6z2EgrgM1k9rvBbUtCR+rjTuyzVW4OLXdpiVwZPOAiKphpq7q8Sb
-TQ3zwsCoPLLJk5VolwcPfcD8Y2/tYK3NCYl+HzGxxnzPDFVaZM5Jh8RI861Hc00D
-hVoQaptPK/V/lr0KEevqjhusAdFZbwlWA923zASa
+NI9A0WladFRw4fI/QzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAFpg
+tcp6ynOZ/hwr2axTYK+4rtXmTUJdsg7NUHhXSwGANAuYuc7PYwqtmz3B2W90t3TA
+D3pNMRBEXrBXufC0p9vu/hQgb+mdQ7DG6j1Gkkpq4Sq/Puv1bO96KpAufmevnWWB
+48kzCgAdfk/N04k7kdPHCp5MjjgmY3kGdsg+jroj
 -----END CERTIFICATE-----
diff --git a/tests/auto/qsslcertificate/more-certificates/blacklisted8.pem b/tests/auto/qsslcertificate/more-certificates/blacklisted8.pem
index aedf3f7..acef06f 100644
--- a/tests/auto/qsslcertificate/more-certificates/blacklisted8.pem
+++ b/tests/auto/qsslcertificate/more-certificates/blacklisted8.pem
@@ -2,18 +2,18 @@
 MIIDDjCCAnegAwIBAgIRALC3Ez7Qlvm1b66RyHS9OsAwDQYJKoZIhvcNAQEFBQAw
 XjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGElu
 dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEXMBUGA1UEAxMObG9naW4ubGl2ZS5jb20w
-HhcNMTEwMzI0MTMxMTA2WhcNMTEwNDIzMTMxMTA2WjBeMQswCQYDVQQGEwJBVTET
+HhcNMTEwODMwMTAyMzA0WhcNMjEwODI3MTAyMzA0WjBeMQswCQYDVQQGEwJBVTET
 MBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQ
 dHkgTHRkMRcwFQYDVQQDEw5sb2dpbi5saXZlLmNvbTCBnzANBgkqhkiG9w0BAQEF
-AAOBjQAwgYkCgYEA3OVNj9ijzMewvDeZYzgCWoKtyjclyIHxrQfHZpcexaKbxUap
-1MtF6L0ayjtRWpiBYuPteUSy/Ja4Oh6zZz8K6z5rVgXhmy3xPIYuOoWaTKEOhb0Z
-oHTBtGh8aWWai1XWw37HIm2FP8cmfgdH4lZwVvpTZIUxYidsyqyjB9IrhiMCAwEA
-AaOByzCByDAdBgNVHQ4EFgQU4CcQcIvEhJC0tqHlNFMkv6MlDN4wgZgGA1UdIwSB
-kDCBjYAU4CcQcIvEhJC0tqHlNFMkv6MlDN6hYqRgMF4xCzAJBgNVBAYTAkFVMRMw
+AAOBjQAwgYkCgYEA5JK77+1zFatj8xeItZaDW5XaU+ssc5jq2Ww4ANaxJi+wdRVU
+qVLauEJPKEXC51fuYHa7U8yoSTgJZA7JL07cdSxgsVj8RR4Uf5k4Jf5Vdz5w8+TT
+W33I3zurA2xB+wfup2VPmS8Alg07w6POrzlQYgtcUcELZhjcdypk96NOdPECAwEA
+AaOByzCByDAdBgNVHQ4EFgQUTWM20msyZUcNEYOyNbgevBPIoF8wgZgGA1UdIwSB
+kDCBjYAUTWM20msyZUcNEYOyNbgevBPIoF+hYqRgMF4xCzAJBgNVBAYTAkFVMRMw
 EQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0
 eSBMdGQxFzAVBgNVBAMTDmxvZ2luLmxpdmUuY29tghEAsLcTPtCW+bVvrpHIdL06
-wDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAMNzIStXDNSNQ8ayxrcj
-4RrUMsHWUG/6XPrgfYqCP5TfPGAa5qBfNb9LfUbiS4b0flJVN1RlHVwwRo0yf9v4
-LGg0dSuPQAOWlLeUR1GminO1jHZw7E4dYfR7QEmiiOgaQU+CbxLsf5vCaKInN9Gu
-jv/5xytVCbMoLoZ4EBVb0tka
+wDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBACQqnu1KywflnNiqIU01
+95z/qjmZTvSWafM/HLOFUg8ls7g32l5gCCrsc8ypiCff+S3+9teYQOII7oW3hzw4
+BH10m0LTRxGig5U9XVkH4076SALkPoky1z+onMmLk7AE96kSJ+rq30VvcSSl9BaW
+DwcQGIhCZANgZrNW9AJ+cweQ
 -----END CERTIFICATE-----
diff --git a/tests/auto/qsslcertificate/more-certificates/blacklisted9.pem b/tests/auto/qsslcertificate/more-certificates/blacklisted9.pem
index d179b29..cc99b08 100644
--- a/tests/auto/qsslcertificate/more-certificates/blacklisted9.pem
+++ b/tests/auto/qsslcertificate/more-certificates/blacklisted9.pem
@@ -2,18 +2,18 @@
 MIIDDjCCAnegAwIBAgIRANjzX063hystqwaS4xU4L7AwDQYJKoZIhvcNAQEFBQAw
 XjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGElu
 dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEXMBUGA1UEAxMOZ2xvYmFsIHRydXN0ZWUw
-HhcNMTEwMzI0MTMxMTM3WhcNMTEwNDIzMTMxMTM3WjBeMQswCQYDVQQGEwJBVTET
+HhcNMTEwODMwMTAyMzI1WhcNMjEwODI3MTAyMzI1WjBeMQswCQYDVQQGEwJBVTET
 MBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQ
 dHkgTHRkMRcwFQYDVQQDEw5nbG9iYWwgdHJ1c3RlZTCBnzANBgkqhkiG9w0BAQEF
-AAOBjQAwgYkCgYEArHCVym7AEZDBhDkrUSG3Q94a+caNcCk5fE6ltZHiZHv096xr
-cixHYvSGvms780bkI+oot2xI/e9awwkV+7VjWNvr0HrajzBWeimwk+myjP+3ddMY
-Kmr0eI6bmvmPHtOFJE5Ar8/62FwD0wlLogRIx56JtXcCpkiUQktJVPz2gtMCAwEA
-AaOByzCByDAdBgNVHQ4EFgQUUJwC/qSGBmcB+DVrd43ovRLdLmQwgZgGA1UdIwSB
-kDCBjYAUUJwC/qSGBmcB+DVrd43ovRLdLmShYqRgMF4xCzAJBgNVBAYTAkFVMRMw
+AAOBjQAwgYkCgYEAw0CpZXrd6oI8/PHo8/bnNwB7UA7OKsRFuqKljr9F5lCJAVkT
+zRDlXuTDeXGfQiYhJTF7GRunPRJ7O5SsflwoxktH/F91yFpgxY5DqRZ1ZHdZgW3b
+W0uweBxJv9684ihXY4YR3Yznf0js7YAgVd8a3qhOUODiC/Beb8tmDBNL2c0CAwEA
+AaOByzCByDAdBgNVHQ4EFgQU/rUvQ2rG7pg2muUiLm6V93ZgmGcwgZgGA1UdIwSB
+kDCBjYAU/rUvQ2rG7pg2muUiLm6V93ZgmGehYqRgMF4xCzAJBgNVBAYTAkFVMRMw
 EQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0
 eSBMdGQxFzAVBgNVBAMTDmdsb2JhbCB0cnVzdGVlghEA2PNfTreHKy2rBpLjFTgv
-sDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBACAYxI+r3+JNelL6SBB0
-Pda3LkbCm+schP64NBYDdGl2Kus2b2QZ83T7xENBFEhyNoXvc6pRI4/Oh6JDxmG1
-7WmqOVStS/4JeAu6ygiyI1ImRKq2/MvJx/kaKh6IiXanB5nW1U+fhDV6kMOEfpwV
-i6FBibpHboPQoqzPPRe7qHSL
+sDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBALvmmUx47DcUAIsPkI0Y
+DTvcXV6k2JHwdrdlPsrn9A5TLppfxPNrDMiweitr8cMkKEtkm6LRTt2yvDFcMIwy
+/+F5+XO0k9sKde6xHfWvOvndIycj3Lt4tIRW8jUauJENyMa4M57qpqkgkJEmflkI
+/pb9fQZbfg70o9wvbNK0RONo
 -----END CERTIFICATE-----
-- 
cgit v0.12


From 6b1a8129623e3716f2fc075608b260ce7c381fe2 Mon Sep 17 00:00:00 2001
From: Peter Hartmann <peter.hartmann@nokia.com>
Date: Tue, 30 Aug 2011 13:10:06 +0200
Subject: QSslCertificate: also check common name for blacklisted certificates

... to reduce the possibility of blacklisting valid certificates that
happen to have the same serial number as a blacklisted one, which is
unlikely, but possible.

Reviewed-by: Richard J. Moore <rich@kde.org>
---
 src/network/ssl/qsslcertificate.cpp | 23 ++++++++++++-----------
 1 file changed, 12 insertions(+), 11 deletions(-)

diff --git a/src/network/ssl/qsslcertificate.cpp b/src/network/ssl/qsslcertificate.cpp
index 8bf1fb7..ab09932 100644
--- a/src/network/ssl/qsslcertificate.cpp
+++ b/src/network/ssl/qsslcertificate.cpp
@@ -783,23 +783,24 @@ QList<QSslCertificate> QSslCertificatePrivate::certificatesFromDer(const QByteAr
 // These certificates are known to be fraudulent and were created during the comodo
 // compromise. See http://www.comodo.com/Comodo-Fraud-Incident-2011-03-23.html
 static const char *certificate_blacklist[] = {
-    "04:7e:cb:e9:fc:a5:5f:7b:d0:9e:ae:36:e1:0c:ae:1e",
-    "f5:c8:6a:f3:61:62:f1:3a:64:f5:4f:6d:c9:58:7c:06",
-    "d7:55:8f:da:f5:f1:10:5b:b2:13:28:2b:70:77:29:a3",
-    "39:2a:43:4f:0e:07:df:1f:8a:a3:05:de:34:e0:c2:29",
-    "3e:75:ce:d4:6b:69:30:21:21:88:30:ae:86:a8:2a:71",
-    "e9:02:8b:95:78:e4:15:dc:1a:71:0a:2b:88:15:44:47",
-    "92:39:d5:34:8f:40:d1:69:5a:74:54:70:e1:f2:3f:43",
-    "b0:b7:13:3e:d0:96:f9:b5:6f:ae:91:c8:74:bd:3a:c0",
-    "d8:f3:5f:4e:b7:87:2b:2d:ab:06:92:e3:15:38:2f:b0",
-    "05:e2:e6:a4:cd:09:ea:54:d6:65:b0:75:fe:22:a2:56",
+    "04:7e:cb:e9:fc:a5:5f:7b:d0:9e:ae:36:e1:0c:ae:1e", "mail.google.com", // Comodo
+    "f5:c8:6a:f3:61:62:f1:3a:64:f5:4f:6d:c9:58:7c:06", "www.google.com", // Comodo
+    "d7:55:8f:da:f5:f1:10:5b:b2:13:28:2b:70:77:29:a3", "login.yahoo.com", // Comodo
+    "39:2a:43:4f:0e:07:df:1f:8a:a3:05:de:34:e0:c2:29", "login.yahoo.com", // Comodo
+    "3e:75:ce:d4:6b:69:30:21:21:88:30:ae:86:a8:2a:71", "login.yahoo.com", // Comodo
+    "e9:02:8b:95:78:e4:15:dc:1a:71:0a:2b:88:15:44:47", "login.skype.com", // Comodo
+    "92:39:d5:34:8f:40:d1:69:5a:74:54:70:e1:f2:3f:43", "addons.mozilla.org", // Comodo
+    "b0:b7:13:3e:d0:96:f9:b5:6f:ae:91:c8:74:bd:3a:c0", "login.live.com", // Comodo
+    "d8:f3:5f:4e:b7:87:2b:2d:ab:06:92:e3:15:38:2f:b0", "global trustee", // Comodo
+    "05:e2:e6:a4:cd:09:ea:54:d6:65:b0:75:fe:22:a2:56", "*.google.com", // DigiNotar
     0
 };
 
 bool QSslCertificatePrivate::isBlacklisted(const QSslCertificate &certificate)
 {
     for (int a = 0; certificate_blacklist[a] != 0; a++) {
-        if (certificate.serialNumber() == certificate_blacklist[a])
+        if (certificate.serialNumber() == certificate_blacklist[a++] &&
+            certificate.subjectInfo(QSslCertificate::CommonName) == QString::fromUtf8(certificate_blacklist[a]))
             return true;
     }
     return false;
-- 
cgit v0.12