Update CRT submodules to latest

[unexge]

Description of change

Notably, includes the following fixes:

• Add ProcessProvider to ProfileProvider aws-c-auth#245
  • For Mountpoint doesn't work with credential_process in combination with source_profile #927
  • For --profile does not correctly use credential_process (Appstream) #389
• Update CacheCredentialsProvider Refresh Time to 5 Minutes before Expiry aws-c-auth#247
  • For File read occasionally fails with 'Input/output error (os error 5)' #974

CRT changelog:

Submodule mountpoint-s3-crt-sys/crt/aws-c-auth d7895252..877c029f:
  > Update CacheCredentialsProvider Refresh Time to 5 Minutes before Expiry (#247)
  > Add ProcessProvider to ProfileProvider (#245)
Submodule mountpoint-s3-crt-sys/crt/aws-c-cal bc0d71b6..2cb1d2ea:
  > OpenSSL Runtime and Compile Time Mismatch Fix (#198)
  > Use prebuilt aws-lc (#197)
  > Update MacOS CI to arm64 (#196)
Submodule mountpoint-s3-crt-sys/crt/aws-c-common 67601bbb..672cc003:
  > Fix `-Wuseless-cast` compiler warnings (#1145)
  > Add cmake module for building dependencies at configuration time (#1144)
  > Allocate error space for aws-crt-swift (#1129)
  > Add no copy api variants to json interface (#1138)
  > Avoiding allocating a handle in the Windows RNG. (#1046)
  > Run proofs with CBMC 6.1.0 (#1140)
Submodule mountpoint-s3-crt-sys/crt/aws-c-compression ea1d421a..f36d0167:
  > Update MacOS to arm64 (#68)
  > clang-format 18 (#67)
Submodule mountpoint-s3-crt-sys/crt/aws-c-http a2fb16c4..4e74ab1e:
  > Fix websocket shutdown behavior (#483)
  > Connection shutdown with buffered data (#482)
  > Support MaxPendingConnectionAcquisitions (#481)
  > Connection Manager Acquisition Timeout (#479)
Submodule mountpoint-s3-crt-sys/crt/aws-c-io e5fe40e1..c345d772:
  > Unique port between test_socket_with_bind_to_interface and test_tcp_socket_communication (#667)
  > Make port more random for test_socket_with_bind_to_interface test (#666)
Submodule mountpoint-s3-crt-sys/crt/aws-c-sdkutils 8c7af71f..4658412a:
  > lets make string array const input (#44)
  > Switch to more efficient functions for json parsing (#43)
  > Add support for string array request parameter to endpoint resolution (#42)
  > Update MacOS to arm64 (#41)
  > clang-format 18 (#40)
Submodule mountpoint-s3-crt-sys/crt/aws-lc 47333e18..2f187975:
  > Use _Static_assert in refcount_c11.c to support old compilers that don't support the macro static_assert (#1789)
  > add OCSP_response_create and OCSP_basic_add1_status (#1732)
  > Handle systems defining ATOMIC_LONG_LOCK_FREE as expression (#1788)
  > Silence tmpname warning (#1784)
  > Prepare for the 1.34.0 release (#1786)
  > Enable C11 automatically if the compiler supports it (#1729)
  > Rename ocsp test files for clarity (#1782)
  > Add -text support to X509 tool, add Version tool (#1773)
  > add support and tests for OCSP_basic_sign (#1742)
  > Improving instruction flow in `aes_hw_ctr32_encrypt_blocks` tail len = 0 case (#1774)
  > Upstream merge 2024 08 12 (#1761)
  > EVP_PKEY_get0 implementation (#1749)
  > Log prefix build options configuration (#1772)
  > Tighten up experimental pointer guard macro (#1771)
  > Support CMAKE_MSVC_RUNTIME_LIBRARY (#1737)
  > Support OCSP_basic_add1_nonce (#1736)
  > refactor md5 tool with dgst and fix stdin behavior (#1766)
  > Resolve useless_type_qualifier_on_return_type in hmac_test.cc (#1765)
  > add basic support for dgst hmac in tool (#1755)
  > Add macros for HMAC precomputed key sizes (#1745)
  > CI: speed up GHA package manipulation by skipping some feeds (#1758)
  > Add PQ key exchange OIDs (#1730)
  > Fix cmov implementation in ML-KEM/Kyber (#1760)
  > Fix for BIO_gets and update documentation (#1756)
  > Enabling DIT flag in AArch64. (#1687)
  > Updating Pyyaml Dependency (#1746)
  > Dilithium code refactor to add fqmul as a separate function(#1748)
  > Upstream merge 2024 08 02 (#1738)
  > Specifying CPU threads in cmake_build.sh to fix CI failures (#1740)
  > add support for OCSP_copy_nonce (#1711)
  > Make aes_hw_ctr32_encrypt_blocks handle len=0 correctly (#1690)
  > Build CMake with multiple jobs to save time (#1735)
  > Implement BIO_puts and add callback function support to BIO_puts,gets,ctrl (#1721)
  > Prepare Release for v1.33.0  (#1734)
  > add support for OCSP_SINGLERESP functions (#1703)
  > Support utility OCSP request functions (#1708)
  > bump mysql CI to 9.0.1 (#1727)
  > FIPS 203 IPD update: ML-KEM-IPD-768 and ML-KEM-IPD-1024 (#1724)
  > rsa and md5 tools (#1722)
  > Show number of pruned ec2 instances in dashboard (#1728)
  > sha + chacha: Move AArch64/X86-64 dispatching to C. (#1625)
  > ec2-test-framework enhancements and graviton 4 testing  (#1715)
  > Lower required Go version, add CI test for specific version (#1717)
  > Add OpenVPN to CI (#1705)
  > AWS-LC s2n-bignum update 2024-07-22 (#1718)
  > X509toolcomparison (#1714)
  > Fix for select point from table in ec_nistp scalar_mul (#1719)
  > APIs to support HMAC precomputed keys (#1574)
  > Upstream merge 2024 07 09 (#1694)
  > NIST SP 800-108r1-upd1: KDF Counter Implementation (#1644)
  > Upstream merge 2024 06 24 (#1661)
  > Adds const qualifier to ciphertext parameter in EVP_PKEY_decapsulate (#1713)
  > [EC] Unify scalar multiplication for P-256/384/521 (#1693)
  > Update MySQL to 9.0.0 (#1685)
  > Match using CMAKE_SYSTEM_PROCESSOR_LOWER (#1709)
  > Add aes-256-xts to EVP_get_cipherbyname (#1707)
  > Move OCSP functions for Ruby out of internal.h (#1704)
  > Add support to detect Neoverse V2 cores (#1706)
  > Added options to x509 tool (#1696)
Submodule mountpoint-s3-crt-sys/crt/s2n-tls 138e3ece..87f4a058:
  > Add performance regression tests in CI (#4701)
  > feat: JA4 fingerprinting (#4669)
  > Clarify s2nc/s2nd PQ output (#4702)
  > fix: building for AL2 (#4679)
  > ci(nix): Startup/configure apache for renegotiate test under nix (#4592)
  > fix: Initial config influences client hello parsing (#4676)
  > Add s2n_signature_preferences_20240521 (#4565)
  > New s2n core member (#4707)
  > Modify regression threshold to configurable percentage (#4698)
  > chore: remove unused benchmarks (#4696)
  > docs: add pq to usage guide (#4677)
  > chore: Rust bindings bump v0.3.0 (#4697)
  > Merge commit from fork
  > fix: upload fuzz output to s3 when test fails (#4694)
  > fix(ci): partially revert checking out head from current clone. (#4693)
  > Enabling differential performance benchmarking (#4667)
  > chore: document OpenSSL-FIPS restriction on RSA key size (#4654)
  > ci: store fuzz artifacts in s3 (#4678)
  > feat: Changes ticket encryption scheme to be nonce-reuse resistant (#4663)
  > chore: Bump rust bindings to 0.2.11 (#4690)
  > fix(bindings): enforce waker contract on `poll` operations (#4688)
  > docs: update blinding docs (#4686)
  > fix: zip corpus files before uploading to s3 (#4685)
  > Adopt CBMC 6.1 and cbmc-viewer 3.9 (#4661)
  > test(cbmc): add stuffer hex proofs (#4659)
  > fix: don't fail for 0 blinding delay (#4671)
  > chore(bindings): release 0.2.10 (#4683)
  > feat(bindings): Add hyper compatibility crate (#4617)
  > refactor: switch JA3 to use stuffer hex methods (#4662)
  > fix: SSLv3 handshake with openssl-1.0.2-fips fails (#4644)
  > feat(bindings): add renegotiate to the rust bindings (#4668)
  > ci: move fuzz corpus to S3 (#4665)
  > fix: default s2nc should accept default s2nd cert (#4670)
  > fix: add missing corpus files for s2n_deserialize_resumption_state_test (#4672)
  > refactor: clean up other hex methods (#4664)
  > Set up regression benchmark for scalar performance (#4649)
  > ci(nix): Setup a head build for the cross_compatibility integ test (#4567)
  > fix: new clippy lints (#4666)
  > fix: allow for clock skew in resumption (#4650)
  > fix: Refactor some s2n_resume functions (#4648)
  > fix: pin tokio-macros version (#4658)
  > refactor: move stuffer hex methods out of testlib (#4653)

Does this change impact existing behavior?

Does this change need a changelog entry in any of the crates?

---

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and I agree to the terms of the Developer Certificate of Origin (DCO).

[dannycjones]

LGTM. Just need confirmation on manual test for --profile <PROFILE_NAME> fix (and Clippy appeasement).

[unexge]

Also confirmed --profile works with credential_process:

$ cat ~/.aws/config
[profile personal]
credential_process=...

$ mount-s3 --version
mount-s3 1.8.0

$ mount-s3 bucket-name /tmp/mnt --profile personal
Error: Failed to create S3 client

Caused by:
    0: initial ListObjectsV2 failed for bucket bucket-name in region us-east-1
    1: Client error
    2: No signing credentials found
Error: Failed to create mount process

$ ./target/release/mount-s3 bucket-name /tmp/mnt --profile personal
bucket bucket-name is mounted at /tmp/mnt

[dannycjones]

LGTM, bar one nit