[Privoxy-devel] mbedtls_md5 deprecated
Fabian Keil
fk at fabiankeil.de
Fri Jan 22 13:38:00 UTC 2021
Roland Rosenfeld <roland at spinnaker.de> wrote on 2021-01-21:
> When compiling privoxy I currently see one compiler warning on my
> Debian stable system:
>
> ssl.c: In function ‘host_to_hash’:
> ssl.c:1783:4: warning: ‘mbedtls_md5’ is deprecated [-Wdeprecated-declarations]
> mbedtls_md5((unsigned char *)csp->http->host, strlen(csp->http->host),
> ^~~~~~~~~~~
> In file included from ssl.c:40:
> /usr/include/mbedtls/md5.h:284:25: note: declared here
> MBEDTLS_DEPRECATED void mbedtls_md5( const unsigned char *input,
> ^~~~~~~~~~~
>
> According to https://tls.mbed.org/api/deprecated.html mbedtls_md5 was
> deprecated in 2.7.0, which was released 2018-02-05.
> It could be replaced by mbedtls_md5_ret().
I replaced it with mbedtls_md5_ret().
> Not sure, whether we should prefer to support older or newer versions,
> just wanted to mention this warning...
Thanks.
Older MbedTLS versions have various known security issues
so I don't think we have to support them anymore.
Fabian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.privoxy.org/pipermail/privoxy-devel/attachments/20210122/7bbff141/attachment.bin>
More information about the Privoxy-devel
mailing list