Replace unmaintained rustls-pemfile with rustls-pki-types PemObject

[kofany]

Summary

Resolves RUSTSEC-2025-0134 by migrating from the unmaintained rustls-pemfile crate to the PemObject trait in rustls-pki-types (available since v1.9.0).

As noted in the advisory, rustls-pemfile is a thin wrapper around the same PEM parsing code now included directly in rustls-pki-types. The project already depends on rustls-pki-types v1.14.0 transitively through tokio-rustls, so this change removes a dependency rather than adding one.

Changes

• Cargo.toml: Remove rustls-pemfile from [dependencies] and tls-rust feature list
• src/client/conn.rs: Replace three rustls_pemfile call sites with PemObject trait methods:
  • rustls_pemfile::certs() → CertificateDer::pem_file_iter()
  • rustls_pemfile::private_key() → PrivateKeyDer::from_pem_slice()
  • Remove unused File and BufReader imports from the tls-rust cfg block

Closes #277

Test plan

• cargo check — default features (tls-native)
• cargo check --no-default-features --features tls-rust,... — tls-rust path
• cargo clippy --all-targets --all-features — no new warnings
• cargo test — 67 tests + 8 doc-tests pass
• cargo test --no-default-features — 45 tests + 7 doc-tests pass
• git diff --check — no whitespace issues

[kpcyrd]

I'm also interested in this :) I currently get this in my project:

error[unmaintained]: rustls-pemfile is unmaintained
    ┌─ /redacted/apt-swarm/Cargo.lock:315:1
    │
315 │ rustls-pemfile 2.2.0 registry+https://github.com/rust-lang/crates.io-index
    │ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ unmaintained advisory detected
    │
    ├ ID: RUSTSEC-2025-0134
    ├ Advisory: https://rustsec.org/advisories/RUSTSEC-2025-0134
    ├ The rustls-pemfile crate is no longer maintained. The repository has been archived since August
      2025, and users are encouraged to depend directly on the underlying PEM parsing code included
      in rustls-pki-types since 1.9.0. The latest version of rustls-pemfile is in fact a thin wrapper
      around the same code used in rustls-pki-types, so migrating should be straightforward.
      
      The new API is represented by the [`PemObject`][PemObject] trait, which provides methods for
      reading a single or multiple PEM objects from a file or byte slice.
      
      [PemObject]: https://docs.rs/rustls-pki-types/latest/rustls_pki_types/pem/trait.PemObject.html
    ├ Announcement: https://github.com/rustls/pemfile/issues/61
    ├ Solution: No safe upgrade is available!
    ├ rustls-pemfile v2.2.0
      └── irc v1.1.0
          └── apt-swarm v0.5.1

advisories FAILED, bans ok, licenses ok, sources ok