mirror of https://github.com/nodejs/node.git
tls: remove trustcor root ca certificates
Follow what Ubuntu did and simply remove the CA certificates altogether. Fixes: https://github.com/nodejs/node/issues/45762 Refs: https://ubuntu.com/security/notices/USN-5761-2 PR-URL: https://github.com/nodejs/node/pull/45776 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Richard Lau <rlau@redhat.com>
This commit is contained in:
parent
b06fd8cd45
commit
3ff724dd23
|
@ -2154,88 +2154,6 @@
|
|||
"boPoDKi3QWwH3b08hpcv0g==\n"
|
||||
"-----END CERTIFICATE-----",
|
||||
|
||||
/* TrustCor RootCert CA-1 */
|
||||
"-----BEGIN CERTIFICATE-----\n"
|
||||
"MIIEMDCCAxigAwIBAgIJANqb7HHzA7AZMA0GCSqGSIb3DQEBCwUAMIGkMQswCQYDVQQGEwJQ\n"
|
||||
"QTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEkMCIGA1UECgwbVHJ1\n"
|
||||
"c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5UcnVzdENvciBDZXJ0aWZpY2F0\n"
|
||||
"ZSBBdXRob3JpdHkxHzAdBgNVBAMMFlRydXN0Q29yIFJvb3RDZXJ0IENBLTEwHhcNMTYwMjA0\n"
|
||||
"MTIzMjE2WhcNMjkxMjMxMTcyMzE2WjCBpDELMAkGA1UEBhMCUEExDzANBgNVBAgMBlBhbmFt\n"
|
||||
"YTEUMBIGA1UEBwwLUGFuYW1hIENpdHkxJDAiBgNVBAoMG1RydXN0Q29yIFN5c3RlbXMgUy4g\n"
|
||||
"ZGUgUi5MLjEnMCUGA1UECwweVHJ1c3RDb3IgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MR8wHQYD\n"
|
||||
"VQQDDBZUcnVzdENvciBSb290Q2VydCBDQS0xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\n"
|
||||
"CgKCAQEAv463leLCJhJrMxnHQFgKq1mqjQCj/IDHUHuO1CAmujIS2CNUSSUQIpidRtLByZ5O\n"
|
||||
"Gy4sDjjzGiVoHKZaBeYei0i/mJZ0PmnK6bV4pQa81QBeCQryJ3pS/C3Vseq0iWEk8xoT26nP\n"
|
||||
"Uu0MJLq5nux+AHT6k61sKZKuUbS701e/s/OojZz0JEsq1pme9J7+wH5COucLlVPat2gOkEz7\n"
|
||||
"cD+PSiyU8ybdY2mplNgQTsVHCJCZGxdNuWxu72CVEY4hgLW9oHPY0LJ3xEXqWib7ZnZ2+AYf\n"
|
||||
"YW0PVcWDtxBWcgYHpfOxGgMFZA6dWorWhnAbJN7+KIor0Gqw/Hqi3LJ5DotlDwIDAQABo2Mw\n"
|
||||
"YTAdBgNVHQ4EFgQU7mtJPHo/DeOxCbeKyKsZn3MzUOcwHwYDVR0jBBgwFoAU7mtJPHo/DeOx\n"
|
||||
"CbeKyKsZn3MzUOcwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcN\n"
|
||||
"AQELBQADggEBACUY1JGPE+6PHh0RU9otRCkZoB5rMZ5NDp6tPVxBb5UrJKF5mDo4Nvu7Zp5I\n"
|
||||
"/5CQ7z3UuJu0h3U/IJvOcs+hVcFNZKIZBqEHMwwLKeXx6quj7LUKdJDHfXLy11yfke+Ri7fc\n"
|
||||
"7Waiz45mO7yfOgLgJ90WmMCV1Aqk5IGadZQ1nJBfiDcGrVmVCrDRZ9MZyonnMlo2HD6CqFqT\n"
|
||||
"vsbQZJG2z9m2GM/bftJlo6bEjhcxwft+dtvTheNYsnd6djtsL1Ac59v2Z3kf9YKVmgenFK+P\n"
|
||||
"3CghZwnS1k1aHBkcjndcw5QkPTJrS37UeJSDvjdNzl/HHk484IkzlQsPpTLWPFp5LBk=\n"
|
||||
"-----END CERTIFICATE-----",
|
||||
|
||||
/* TrustCor RootCert CA-2 */
|
||||
"-----BEGIN CERTIFICATE-----\n"
|
||||
"MIIGLzCCBBegAwIBAgIIJaHfyjPLWQIwDQYJKoZIhvcNAQELBQAwgaQxCzAJBgNVBAYTAlBB\n"
|
||||
"MQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1BhbmFtYSBDaXR5MSQwIgYDVQQKDBtUcnVz\n"
|
||||
"dENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xJzAlBgNVBAsMHlRydXN0Q29yIENlcnRpZmljYXRl\n"
|
||||
"IEF1dGhvcml0eTEfMB0GA1UEAwwWVHJ1c3RDb3IgUm9vdENlcnQgQ0EtMjAeFw0xNjAyMDQx\n"
|
||||
"MjMyMjNaFw0zNDEyMzExNzI2MzlaMIGkMQswCQYDVQQGEwJQQTEPMA0GA1UECAwGUGFuYW1h\n"
|
||||
"MRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEkMCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBk\n"
|
||||
"ZSBSLkwuMScwJQYDVQQLDB5UcnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxHzAdBgNV\n"
|
||||
"BAMMFlRydXN0Q29yIFJvb3RDZXJ0IENBLTIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK\n"
|
||||
"AoICAQCnIG7CKqJiJJWQdsg4foDSq8GbZQWU9MEKENUCrO2fk8eHyLAnK0IMPQo+QVqedd2N\n"
|
||||
"yuCb7GgypGmSaIwLgQ5WoD4a3SwlFIIvl9NkRvRUqdw6VC0xK5mC8tkq1+9xALgxpL56JAfD\n"
|
||||
"QiDyitSSBBtlVkxs1Pu2YVpHI7TYabS3OtB0PAx1oYxOdqHp2yqlO/rOsP9+aij9JxzIsekp\n"
|
||||
"8VduZLTQwRVtDr4uDkbIXvRR/u8OYzo7cbrPb1nKDOObXUm4TOJXsZiKQlecdu/vvdFoqNL0\n"
|
||||
"Cbt3Nb4lggjEFixEIFapRBF37120Hapeaz6LMvYHL1cEksr1/p3C6eizjkxLAjHZ5DxIgif3\n"
|
||||
"GIJ2SDpxsROhOdUuxTTCHWKF3wP+TfSvPd9cW436cOGlfifHhi5qjxLGhF5DUVCcGZt45vz2\n"
|
||||
"7Ud+ez1m7xMTiF88oWP7+ayHNZ/zgp6kPwqcMWmLmaSISo5uZk3vFsQPeSghYA2FFn3XVDjx\n"
|
||||
"klb9tTNMg9zXEJ9L/cb4Qr26fHMC4P99zVvh1Kxhe1fVSntb1IVYJ12/+CtgrKAmrhQhJ8Z3\n"
|
||||
"mjOAPF5GP/fDsaOGM8boXg25NSyqRsGFAnWAoOsk+xWq5Gd/bnc/9ASKL3x74xdh8N0JqSDI\n"
|
||||
"vgmk0H5Ew7IwSjiqqewYmgeCK9u4nBit2uBGF6zPXQIDAQABo2MwYTAdBgNVHQ4EFgQU2f4h\n"
|
||||
"QG6UnrybPZx9mCAZ5YwwYrIwHwYDVR0jBBgwFoAU2f4hQG6UnrybPZx9mCAZ5YwwYrIwDwYD\n"
|
||||
"VR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADggIBAJ5Fngw7\n"
|
||||
"tu/hOsh80QA9z+LqBrWyOrsGS2h60COXdKcs8AjYeVrXWoSK2BKaG9l9XE1wxaX5q+WjiYnd\n"
|
||||
"Afrs3fnpkpfbsEZC89NiqpX+MWcUaViQCqoL7jcjx1BRtPV+nuN79+TMQjItSQzL/0kMmx40\n"
|
||||
"/W5ulop5A7Zv2wnL/V9lFDfhOPXzYRZY5LVtDQsEGz9QLX+zx3oaFoBg+Iof6Rsqxvm6ARpp\n"
|
||||
"v9JYx1RXCI/hOWB3S6xZhBqI8d3LT3jX5+EzLfzuQfogsL7L9ziUwOHQhQ+77Sxzq+3+knYa\n"
|
||||
"ZH9bDTMJBzN7Bj8RpFxwPIXAz+OQqIN3+tvmxYxoZxBnpVIt8MSZj3+/0WvitUfW2dCFmU2U\n"
|
||||
"mw9Lje4AWkcdEQOsQRivh7dvDDqPys/cA8GiCcjl/YBeyGBCARsaU1q7N6a3vLqE6R5sGtRk\n"
|
||||
"2tRD/pOLS/IseRYQ1JMLiI+h2IYURpFHmygk71dSTlxCnKr3Sewn6EAes6aJInKc9Q0ztFij\n"
|
||||
"MDvd1GpUk74aTfOTlPf8hAs/hCBcNANExdqtvArBAs8e5ZTZ845b2EzwnexhF7sUMlQMAimT\n"
|
||||
"HpKG9n/v55IFDlndmQguLvqcAFLTxWYp5KeXRKQOKIETNcX2b2TmQcTVL8w0RSXPQQCWPUou\n"
|
||||
"wpaYT05KnJe32x+SMsj/D1Fu1uwJ\n"
|
||||
"-----END CERTIFICATE-----",
|
||||
|
||||
/* TrustCor ECA-1 */
|
||||
"-----BEGIN CERTIFICATE-----\n"
|
||||
"MIIEIDCCAwigAwIBAgIJAISCLF8cYtBAMA0GCSqGSIb3DQEBCwUAMIGcMQswCQYDVQQGEwJQ\n"
|
||||
"QTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEkMCIGA1UECgwbVHJ1\n"
|
||||
"c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5UcnVzdENvciBDZXJ0aWZpY2F0\n"
|
||||
"ZSBBdXRob3JpdHkxFzAVBgNVBAMMDlRydXN0Q29yIEVDQS0xMB4XDTE2MDIwNDEyMzIzM1oX\n"
|
||||
"DTI5MTIzMTE3MjgwN1owgZwxCzAJBgNVBAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNV\n"
|
||||
"BAcMC1BhbmFtYSBDaXR5MSQwIgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4x\n"
|
||||
"JzAlBgNVBAsMHlRydXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEXMBUGA1UEAwwOVHJ1\n"
|
||||
"c3RDb3IgRUNBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPj+ARtZ+odnbb\n"
|
||||
"3w9U73NjKYKtR8aja+3+XzP4Q1HpGjORMRegdMTUpwHmspI+ap3tDvl0mEDTPwOABoJA6LHi\n"
|
||||
"p1GnHYMma6ve+heRK9jGrB6xnhkB1Zem6g23xFUfJ3zSCNV2HykVh0A53ThFEXXQmqc04L/N\n"
|
||||
"yFIduUd+Dbi7xgz2c1cWWn5DkR9VOsZtRASqnKmcp0yJF4OuowReUoCLHhIlERnXDH19MURB\n"
|
||||
"6tuvsBzvgdAsxZohmz3tQjtQJvLsznFhBmIhVE5/wZ0+fyCMgMsq2JdiyIMzkX2woloPV+g7\n"
|
||||
"zPIlstR8L+xNxqE6FXrntl019fZISjZFZtS6mFjBAgMBAAGjYzBhMB0GA1UdDgQWBBREnkj1\n"
|
||||
"zG1I1KBLf/5ZJC+Dl5mahjAfBgNVHSMEGDAWgBREnkj1zG1I1KBLf/5ZJC+Dl5mahjAPBgNV\n"
|
||||
"HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEABT41XBVw\n"
|
||||
"m8nHc2FvcivUwo/yQ10CzsSUuZQRg2dd4mdsdXa/uwyqNsatR5Nj3B5+1t4u/ukZMjgDfxT2\n"
|
||||
"AHMsWbEhBuH7rBiVDKP/mZb3Kyeb1STMHd3BOuCYRLDE5D53sXOpZCz2HAF8P11FhcCF5yWP\n"
|
||||
"ldwX8zyfGm6wyuMdKulMY/okYWLW2n62HGz1Ah3UKt1VkOsqEUc8Ll50soIipX1TH0XsJ5F9\n"
|
||||
"5yIW6MBoNtjG8U+ARDL54dHRHareqKucBK+tIA5kmE2la8BIWJZpTdwHjFGTot+fDz2LYLSC\n"
|
||||
"jaoITmJF4PkL0uDgPFveXHEnJcLmA4GLEFPjx1WitJ/X5g==\n"
|
||||
"-----END CERTIFICATE-----",
|
||||
|
||||
/* SSL.com Root Certification Authority RSA */
|
||||
"-----BEGIN CERTIFICATE-----\n"
|
||||
"MIIF3TCCA8WgAwIBAgIIeyyb0xaAMpkwDQYJKoZIhvcNAQELBQAwfDELMAkGA1UEBhMCVVMx\n"
|
||||
|
|
|
@ -260,6 +260,8 @@ while (<TXT>) {
|
|||
|
||||
if ( !should_output_cert(%trust_purposes_by_level) ) {
|
||||
$skipnum ++;
|
||||
} elsif ($caname =~ /TrustCor/) {
|
||||
$skipnum ++;
|
||||
} else {
|
||||
my $encoded = MIME::Base64::encode_base64($data, '');
|
||||
$encoded =~ s/(.{1,${opt_w}})/"$1\\n"\n/g;
|
||||
|
|
Loading…
Reference in New Issue