v/0.101.2

Release notes

• MSRV increased to Rust 1.60.
• Correct bug in CRL processing where certificates with certain forms of serial number were not revocable.
• Added API for verifying certificate chain with a custom EKU, thanks to @sietseringers.
• TlsServerTrustAnchors, TlsClientTrustAnchors, verify_is_valid_tls_server_cert and verify_is_valid_tls_client_cert are deprecated: use verify_for_usage with KeyUsage::server_auth() or KeyUsage::client_auth() instead.

What's Changed

• v0.101.1 release prep by @cpu in #114
• ci: iterate on cross CI task. by @cpu in #115
• benches: CRL parsing/searching benchmarks. by @cpu in #108
• cargo: remove TODO about non-default alloc. by @cpu in #117
• tests: add BetterTLS path building test suite. by @cpu in #116
• project: increase MSRV, 1.57 -> 1.60 by @cpu in #120
• ci: match Rustls style, add cargo-semver-checks, dependabot by @cpu in #118
• docs: add attributes indicating req'd features. by @cpu in #123
• clippy fixes, base64 dev-dep 0.13 -> 0.21. by @cpu in #126
• crl/signed_data: add Debug and Clone as sensible. by @cpu in #129
• Add verification function with custom EKU by @sietseringers in #119
• Don't canonicalise serial numbers in CRL entries by @ctz in #132
• Turn free-standing construction functions into associated methods by @djc in #131
• build(deps): bump cryptography from 41.0.0 to 41.0.2 by @dependabot in #135
• RFC: change high-level API to make key usage explicit by @djc in #133
• Prepare release 0.101.2 by @ctz in #136

New Contributors

• @sietseringers made their first contribution in #119

Full Changelog: v/0.101.1...v/0.101.2