fix: Remove OpenSSL dependency, use Rust TLS

Introduced here: #1934

`cargo deny` normally prevents this but it wasn't being enforced last
night.

We avoid OpenSSL because:
- It needs to be dynamically linked, so we have to build for a specific
  version.
- We have to stay on top of CVEs. The Rust TLS is considered more
  secure.
- It interferes with other libraries trying to do static linking. For
  example we cannot statically link `llama.cpp` if we dynamically link
  OpenSSL.

Author: grahamking

Cargo.lock

@@ -133,7 +133,7 @@ assert_matches = "1.5"
 criterion = { version = "0.3", features = ["html_reports"] }
 hf-hub = { workspace = true }
 proptest = "1.5.0"
-reqwest = { version = "0.12", default-features = false, features = ["json", "stream", "rustls-tls"] }
+reqwest = { version = "0.12.22", default-features = false, features = ["json", "stream", "rustls-tls"] }
 rstest = "0.18.2"
 rstest_reuse = "0.7.0"
 tempfile = "3.17.1"

lib/llm/Cargo.toml

@@ -77,7 +77,7 @@ socket2 = { version = "0.5.8" }
 [dev-dependencies]
 assert_matches = { version = "1.5.0" }
 env_logger = { version = "0.11" }
-reqwest = { version = "0.12.22", features = ["json"] }
+reqwest = { version = "0.12.22", default-features = false, features = ["json", "stream", "rustls-tls"] }
 rstest = { version = "0.23.0" }
 temp-env = { version = "0.3.6" }