Switch to aws_lc_rs (remove Ring)

[notpeter]

Changes

Switch dependencies from ring to aws_lc_rs.

Dependency bumps (dropshot/Cargo.toml):

• rustls 0.22.4 → 0.23.38 (explicit aws_lc_rs feature, no ring).
• tokio-rustls 0.25.0 → 0.26.4 (explicit aws_lc_rs feature, no ring)
• hyper-rustls 0.26.0 → 0.27.9 (defaults already aws-lc-rs)
• reqwest 0.12.28 → 0.13.2, renamed feature rustls-tls -> rustls
• rcgen 0.14.7 with default features replaced by aws_lc_rs, pem (drops ring)

Other changes:

• Updated test_with_tls; reqwest deprecated add_root_certificate in favor of tls_certs_only.

Thinking

Currently Dropshot depends on Ring for crypto. I'm proposing we switch to aws-lc.

When updating dependencies for some Dropshot services (turnstile, rfd-api, four-star) we were forced to build both aws-lc-rs (other deps) and ring (for dropshot) which felt redundant/unnecessary.

Following rustls moving it's default backend from Ring to aws-lc in 0.23.0, multiple other libraries have followed suit. Many have removed ring as their default and other are removing Ring support altogether.

• seanmonstar/reqwest v0.13.0 (2025-12-30) -- defaults to aws-lc instead of Ring, which is still available via rustls-ring feature.
• rustls/rustls 0.23.0 (2024-02-29) - Switch to aws_lc_rs as default backend; Ring still available via ring feature.
• rustls/tokio-rustls 0.26.0 (2024-03-22) - Switch to aws_lc_rs as default backend
• Keats/jsonwebtoken v10.0.0 (2025-09-29) - aws_lc_rs or rust_crypto, no ring support

Choices

I'm not sure whether it's worth the complexity to support multiple backends via feature flags instead of just switching from ring to aws-lc-rs, but it's certainly an option.

Other Notes

• rustls/rcgen still has ring as a default feature, but fully supports aws_lc.
• Despite some scary things in *ring* is unmaintained rustsec/advisory-db#2227, rustls team is maintaining Ring and *ring* is maintained again rustsec/advisory-db#2230 but it is not currently under active development and it is clear rustls wants to steer people towards aws-lc.
• The aws-lc crate does support a fips feature flag. I have no investigated this.
• At Zed, we experienced some issues surrounding the fact that aws-lc-sys is a bit finicky to build, particularly when trying to cross-compile (with cargo-zigbuild) and with certain compilers/platforms (Windows and MSVCC). Our Windows issues were fixed upstream and workarounds exist, but it's definitely worth mentioning that there is significant build complexity in the underlying aws-lc C project (CMake, etc).
• I haven't done any testing on Illumos/Windows.

[ahl]

looks good; thanks for this.

[alilleybrinker]

Hey y'all, worth noting that by bumping tokio-rustls from 0.25.0 to 0.26.4, the changes here also pull in fixes for four known vulnerabilities in rustls-webpki:

• RUSTSEC-2026-0104: Reachable panic in certificate revocation list parsing.
  • High Severity, CVSS 3.1 score of 7.5/10: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
• RUSTSEC-2026-0049: CRLs not considered authoritative by Distribution Point due to faulty matching logic
  • Medium Severity, CVSS 3.1 score of 4.4/10: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N
• RUSTSEC-2026-0098: Name constraints for URI names were incorrectly applied
  • Low Severity, CVSS 3.1 score of 2.2/10: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N
• RUSTSEC-2026-0099: Name constraints were accepted for certificates asserting a wildcard name
  • Low Severity, CVSS 3.1 score of 2.2/10: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N

Whenever dropshot 0.18.0 is released, it would be good to mention the fixes being applied.