Upgrade tokio-postgres-rustls and rustls (#2500)

aggregator/Cargo.toml

@@ -75,7 +75,7 @@ regex = "1"
 reqwest = { version = "0.11.23", default-features = false, features = ["rustls-tls", "json"] }
 ring = "0.17.7"
 routefinder = "0.5.3"
-rustls = "0.21.9"
+rustls = "0.22.2"
 rustls-pemfile = "2.0.0"
 serde.workspace = true
 serde_json.workspace = true
@@ -87,7 +87,7 @@ testcontainers = { workspace = true, optional = true }
 thiserror.workspace = true
 tokio.workspace = true
 tokio-postgres = { version = "0.7.10", features = ["with-chrono-0_4", "with-serde_json-1", "with-uuid-1", "array-impls"] }
-tokio-postgres-rustls = "0.10.0"
+tokio-postgres-rustls = "0.11.0"
 tracing = "0.1.40"
 tracing-chrome = "0.7.1"
 tracing-log = "0.2.0"

aggregator/src/binary_utils.rs

@@ -76,7 +76,6 @@ pub async fn database_pool(db_config: &DbConfig, db_password: Option<&str>) -> R
     let conn_mgr = if let Some(ref path) = db_config.tls_trust_store_path {
         let root_store = load_pem_trust_store(path).context("failed to load TLS trust store")?;
         let rustls_config = rustls::ClientConfig::builder()
-            .with_safe_defaults()
             .with_root_certificates(root_store)
             .with_no_client_auth();
         Manager::new(database_config, MakeRustlsConnect::new(rustls_config))
@@ -172,7 +171,7 @@ fn load_pem_trust_store(path: impl AsRef<Path>) -> Result<RootCertStore, io::Err
     let mut buf_read = BufReader::new(File::open(path)?);
     let der_certs = rustls_pemfile::certs(&mut buf_read).collect::<Result<Vec<_>, _>>()?;
     let mut root_cert_store = RootCertStore::empty();
-    let (added, ignored) = root_cert_store.add_parsable_certificates(&der_certs);
+    let (added, ignored) = root_cert_store.add_parsable_certificates(der_certs);
     info!("loaded {added} root certificates for database connections, ignored {ignored}");
     Ok(root_cert_store)
 }