0.100.3

• Path building complexity is now limited to a maximum budget of path finding operations, avoiding exponential processing time when encountering certificate chains containing many certificates with the same subject/issuer distinguished name but different subject public key information.
• Name constraints evaluation is now limited to a maximum number of comparison operations, avoiding exponential processing time when encountering certificate chains containing many name constraints and subject alternate names.

What's Changed

The following PRs were backported to the rel-0.100 branch in #172

• Further limits on expensive path building (#163)
• Budget tweaks (#164)
• Bound name constraint comparisons (#165)
• Correct handling of fatal errors (#168)

Full Changelog: v/0.100.2...v/0.100.3

Thanks to all who have contributed, on behalf of the rustls team (@ctz, @cpu and @djc)!