librustls: prefer post quantum by default

cpu · cpu · commit 109849574734 · 2025-05-07T17:32:13.000-04:00
Matches the change upstream in rustls 0.23.27
diff --git a/README.md b/README.md
@@ -101,11 +101,10 @@ platforms see the upstream documentation:
 #### Post-Quantum X25519MLKEM768 Key Exchange
 
 Post-quantum-secure key exchange using [X25519MLKEM768][] is supported when using the `aws-lc-rs` 
-cryptography provider. At this time default support places `X25519MLKEM768` at a lower negotiation priority. 
+cryptography provider and offered by default at the highest priority.
 
-By enabling the `prefer-post-quantum` feature flag the `X25519MLKEM768` key exchange will be used as the most
-preferred key exchange algorithm. We expect to add this feature to the crate's default features in a future
-release.
+By disabling the `prefer-post-quantum` feature flag the `X25519MLKEM768` key exchange will be
+offered at a lower negotiation priority.
 
 [X25519MLKEM768]: https://datatracker.ietf.org/doc/draft-kwiatkowski-tls-ecdhe-mlkem
 
diff --git a/librustls/Cargo.toml b/librustls/Cargo.toml
@@ -12,7 +12,7 @@ links = "rustls_ffi"
 rust-version = "1.71"
 
 [features]
-default = ["aws-lc-rs"]
+default = ["aws-lc-rs", "prefer-post-quantum"]
 # Enable this feature when building as Rust dependency. It inhibits the
 # default behavior of capturing the global logger, which only works when
 # built using the Makefile, which passes -C metadata=rustls-ffi to avoid
