fix(server): add explicit rustls CryptoProvider initialization for v1.1.6

- Add rustls::crypto::aws_lc_rs::default_provider().install_default()
  in main() before any TLS operations to prevent startup panic
- Bump version from 1.1.5 to 1.1.6
- Update debian/changelog with 1.1.6-1 entry

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "linux-patch-api"
-version = "1.1.5"
+version = "1.1.6"
 edition = "2021"
 authors = ["Echo <echo@moon-dragon.us>"]
 description = "Secure remote package management API for Linux systems"

debian/changelog

@@ -1,3 +1,10 @@
+linux-patch-api (1.1.6-1) unstable; urgency=low
+
+  * Fix rustls CryptoProvider initialization panic on server startup
+  * Add explicit CryptoProvider::install_default() for aws-lc-rs
+
+ -- Echo <echo@moon-dragon.us>  Mon, 18 May 2026 08:45:00 -0500
+
 linux-patch-api (1.1.5-1) unstable; urgency=low
 
   * Fix enrollment IP detection: filter Docker bridge subnets (172.16.0.0/12)

src/main.rs

@@ -57,6 +57,11 @@ async fn main() -> Result<()> {
     // Initialize logging
     let _guard = init_logging(args.verbose)?;
 
+    // Install rustls crypto provider (required for mTLS and HTTPS clients)
+    rustls::crypto::aws_lc_rs::default_provider()
+        .install_default()
+        .expect("Failed to install rustls crypto provider (aws-lc-rs)");
+
     info!(
         version = env!("CARGO_PKG_VERSION"),
         config_path = args.config,