mirror of
https://github.com/gravitational/teleport
synced 2024-10-20 01:03:40 +00:00
Remove OpenSSL dependency from the rust RDP client
This commit is contained in:
parent
130aefd33e
commit
59004b2334
371
Cargo.lock
generated
371
Cargo.lock
generated
|
@ -43,15 +43,6 @@ dependencies = [
|
|||
"winapi",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "autocfg"
|
||||
version = "0.1.8"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "0dde43e75fd43e8a1bf86103336bc699aa8d17ad1be60c76c0bdfd4828e19b78"
|
||||
dependencies = [
|
||||
"autocfg 1.1.0",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "autocfg"
|
||||
version = "1.1.0"
|
||||
|
@ -130,6 +121,12 @@ version = "0.1.4"
|
|||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "40e38929add23cdf8a366df9b0e088953150724bcbe5fc330b0d8eb3b328eec8"
|
||||
|
||||
[[package]]
|
||||
name = "bumpalo"
|
||||
version = "3.9.1"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "a4a45a46ab1f2412e53d3a0ade76ffad2025804294569aae387231a0cd6e0899"
|
||||
|
||||
[[package]]
|
||||
name = "byte-tools"
|
||||
version = "0.3.1"
|
||||
|
@ -162,25 +159,9 @@ checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd"
|
|||
|
||||
[[package]]
|
||||
name = "const-oid"
|
||||
version = "0.6.2"
|
||||
version = "0.7.1"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "9d6f2aa4d0537bcc1c74df8755072bd31c1ef1a3a1b85a68e8404a8c353b7b8b"
|
||||
|
||||
[[package]]
|
||||
name = "core-foundation"
|
||||
version = "0.9.3"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "194a7a9e6de53fa55116934067c844d9d749312f75c6f6d0980e8c252f8c2146"
|
||||
dependencies = [
|
||||
"core-foundation-sys",
|
||||
"libc",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "core-foundation-sys"
|
||||
version = "0.8.3"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "5827cebf4670468b8772dd191856768aedcb1b0278a04f989f7766351917b9dc"
|
||||
checksum = "e4c78c047431fee22c1a7bb92e00ad095a02a983affe4d8a72e2a2c62c1b94f3"
|
||||
|
||||
[[package]]
|
||||
name = "cortex-m"
|
||||
|
@ -221,15 +202,24 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "crypto-bigint"
|
||||
version = "0.2.11"
|
||||
version = "0.3.2"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "f83bd3bb4314701c568e340cd8cf78c975aa0ca79e03d3f6d1677d5b0c9c0c03"
|
||||
checksum = "03c6a1d5fa1de37e071642dfa44ec552ca5b299adb128fab16138e24b548fd21"
|
||||
dependencies = [
|
||||
"generic-array 0.14.5",
|
||||
"rand_core 0.6.3",
|
||||
"subtle 2.4.1",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "crypto-common"
|
||||
version = "0.1.3"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "57952ca27b5e3606ff4dd79b0020231aaf9d6aa76dc05fd30137538c50bd3ce8"
|
||||
dependencies = [
|
||||
"generic-array 0.14.5",
|
||||
"typenum",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "crypto-mac"
|
||||
version = "0.7.0"
|
||||
|
@ -251,12 +241,13 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "der"
|
||||
version = "0.4.5"
|
||||
version = "0.5.1"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "79b71cca7d95d7681a4b3b9cdf63c8dbc3730d0584c2c74e31416d64a90493f4"
|
||||
checksum = "6919815d73839e7ad218de758883aae3a257ba6759ce7a9992501efbb53d705c"
|
||||
dependencies = [
|
||||
"const-oid",
|
||||
"crypto-bigint",
|
||||
"pem-rfc7468",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
|
@ -292,11 +283,11 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "digest"
|
||||
version = "0.9.0"
|
||||
version = "0.10.3"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "d3dd60d1080a57a05ab032377049e0591415d2b31afd7028356dbf3cc6dcb066"
|
||||
checksum = "f2fb860ca6fafa5552fb6d0e816a69c8e49f0908bf524e30a90d97c85892d506"
|
||||
dependencies = [
|
||||
"generic-array 0.14.5",
|
||||
"crypto-common",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
|
@ -355,21 +346,6 @@ version = "0.4.1"
|
|||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "279fb028e20b3c4c320317955b77c5e0c9701f05a1d309905d6fc702cdc5053e"
|
||||
|
||||
[[package]]
|
||||
name = "foreign-types"
|
||||
version = "0.3.2"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "f6f339eb8adc052cd2ca78910fda869aefa38d22d5cb648e6485e4d3fc06f3b1"
|
||||
dependencies = [
|
||||
"foreign-types-shared",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "foreign-types-shared"
|
||||
version = "0.1.1"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "00b0228411908ca8685dba7fc2cdd70ec9990a6e753e89b6ac91a84c40fbaf4b"
|
||||
|
||||
[[package]]
|
||||
name = "generic-array"
|
||||
version = "0.12.4"
|
||||
|
@ -478,7 +454,7 @@ version = "1.8.0"
|
|||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "282a6247722caba404c065016bbfa522806e51714c34f5dfc3e4a3a46fcb4223"
|
||||
dependencies = [
|
||||
"autocfg 1.1.0",
|
||||
"autocfg",
|
||||
"hashbrown",
|
||||
]
|
||||
|
||||
|
@ -507,7 +483,7 @@ version = "0.4.2"
|
|||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "395d8e0ae63eb5016fbcf4a72864155880e34bce0158206fcfa7218efdd52e82"
|
||||
dependencies = [
|
||||
"untrusted",
|
||||
"untrusted 0.9.0",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
|
@ -519,6 +495,15 @@ dependencies = [
|
|||
"either",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "js-sys"
|
||||
version = "0.3.57"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "671a26f820db17c2a2750743f1dd03bafd15b98c9f30c7c2628c024c05d73397"
|
||||
dependencies = [
|
||||
"wasm-bindgen",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "lazy_static"
|
||||
version = "1.4.0"
|
||||
|
@ -606,24 +591,6 @@ version = "0.8.3"
|
|||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "e5ce46fe64a9d73be07dcbe690a38ce1b293be448fd8ce1e6c1b8062c9f72c6a"
|
||||
|
||||
[[package]]
|
||||
name = "native-tls"
|
||||
version = "0.2.8"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "48ba9f7719b5a0f42f338907614285fb5fd70e53858141f69898a1fb7203b24d"
|
||||
dependencies = [
|
||||
"lazy_static",
|
||||
"libc",
|
||||
"log",
|
||||
"openssl",
|
||||
"openssl-probe",
|
||||
"openssl-sys",
|
||||
"schannel",
|
||||
"security-framework",
|
||||
"security-framework-sys",
|
||||
"tempfile",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "nb"
|
||||
version = "0.1.3"
|
||||
|
@ -656,18 +623,17 @@ version = "0.2.6"
|
|||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "090c7f9998ee0ff65aa5b723e4009f7b217707f1fb5ea551329cc4d6231fb304"
|
||||
dependencies = [
|
||||
"autocfg 1.1.0",
|
||||
"autocfg",
|
||||
"num-integer",
|
||||
"num-traits",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "num-bigint-dig"
|
||||
version = "0.7.0"
|
||||
version = "0.8.1"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "4547ee5541c18742396ae2c895d0717d0f886d8823b8399cdaf7b07d63ad0480"
|
||||
checksum = "566d173b2f9406afbc5510a90925d5a2cd80cae4605631f1212303df265de011"
|
||||
dependencies = [
|
||||
"autocfg 0.1.8",
|
||||
"byteorder",
|
||||
"lazy_static",
|
||||
"libm",
|
||||
|
@ -696,7 +662,7 @@ version = "0.1.44"
|
|||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "d2cc698a63b549a70bc047073d2949cce27cd1c7b0a4a862d08a8031bc2801db"
|
||||
dependencies = [
|
||||
"autocfg 1.1.0",
|
||||
"autocfg",
|
||||
"num-traits",
|
||||
]
|
||||
|
||||
|
@ -706,7 +672,7 @@ version = "0.1.42"
|
|||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "b2021c8337a54d21aca0d59a92577a029af9431cb59b909b03252b9c164fad59"
|
||||
dependencies = [
|
||||
"autocfg 1.1.0",
|
||||
"autocfg",
|
||||
"num-integer",
|
||||
"num-traits",
|
||||
]
|
||||
|
@ -717,7 +683,7 @@ version = "0.2.14"
|
|||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "9a64b1ec5cda2586e284722486d802acf1f7dbdc623e2bfc57e65ca1cd099290"
|
||||
dependencies = [
|
||||
"autocfg 1.1.0",
|
||||
"autocfg",
|
||||
"libm",
|
||||
]
|
||||
|
||||
|
@ -755,44 +721,11 @@ version = "0.2.3"
|
|||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "2839e79665f131bdb5782e51f2c6c9599c133c6098982a54c794358bf432529c"
|
||||
|
||||
[[package]]
|
||||
name = "openssl"
|
||||
version = "0.10.38"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "0c7ae222234c30df141154f159066c5093ff73b63204dcda7121eb082fc56a95"
|
||||
dependencies = [
|
||||
"bitflags",
|
||||
"cfg-if",
|
||||
"foreign-types",
|
||||
"libc",
|
||||
"once_cell",
|
||||
"openssl-sys",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "openssl-probe"
|
||||
version = "0.1.5"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf"
|
||||
|
||||
[[package]]
|
||||
name = "openssl-sys"
|
||||
version = "0.9.72"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "7e46109c383602735fa0a2e48dd2b7c892b048e1bf69e5c3b1d804b7d9c203cb"
|
||||
dependencies = [
|
||||
"autocfg 1.1.0",
|
||||
"cc",
|
||||
"libc",
|
||||
"pkg-config",
|
||||
"vcpkg",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "pem-rfc7468"
|
||||
version = "0.2.4"
|
||||
version = "0.3.1"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "84e93a3b1cc0510b03020f33f21e62acdde3dcaef432edc95bea377fbd4c2cd4"
|
||||
checksum = "01de5d978f34aa4b2296576379fcc416034702fd94117c56ffd8a1a767cefb30"
|
||||
dependencies = [
|
||||
"base64ct",
|
||||
]
|
||||
|
@ -819,34 +752,26 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "pkcs1"
|
||||
version = "0.2.4"
|
||||
version = "0.3.3"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "116bee8279d783c0cf370efa1a94632f2108e5ef0bb32df31f051647810a4e2c"
|
||||
checksum = "a78f66c04ccc83dd4486fd46c33896f4e17b24a7a3a6400dedc48ed0ddd72320"
|
||||
dependencies = [
|
||||
"der",
|
||||
"pem-rfc7468",
|
||||
"pkcs8",
|
||||
"zeroize",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "pkcs8"
|
||||
version = "0.7.6"
|
||||
version = "0.8.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "ee3ef9b64d26bad0536099c816c6734379e45bbd5f14798def6809e5cc350447"
|
||||
checksum = "7cabda3fb821068a9a4fab19a683eac3af12edf0f34b94a8be53c4972b8149d0"
|
||||
dependencies = [
|
||||
"der",
|
||||
"pem-rfc7468",
|
||||
"pkcs1",
|
||||
"spki",
|
||||
"zeroize",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "pkg-config"
|
||||
version = "0.3.24"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "58893f751c9b0412871a09abd62ecd2a00298c6c83befa223ef98c52aef40cbe"
|
||||
|
||||
[[package]]
|
||||
name = "ppv-lite86"
|
||||
version = "0.2.16"
|
||||
|
@ -1051,7 +976,7 @@ dependencies = [
|
|||
[[package]]
|
||||
name = "rdp-rs"
|
||||
version = "0.1.0"
|
||||
source = "git+https://github.com/gravitational/rdp-rs?rev=f51222e7edeaf2954e2c02db3506aa36e02304ca#f51222e7edeaf2954e2c02db3506aa36e02304ca"
|
||||
source = "git+https://github.com/gravitational/rdp-rs?rev=17ec446ecb73c58b77ac47c6fc8598153f673076#17ec446ecb73c58b77ac47c6fc8598153f673076"
|
||||
dependencies = [
|
||||
"bufstream",
|
||||
"byteorder",
|
||||
|
@ -1059,10 +984,10 @@ dependencies = [
|
|||
"indexmap",
|
||||
"md-5",
|
||||
"md4",
|
||||
"native-tls",
|
||||
"num-bigint",
|
||||
"num_enum",
|
||||
"rand 0.7.3",
|
||||
"rustls",
|
||||
"x509-parser",
|
||||
"yasna",
|
||||
]
|
||||
|
@ -1102,6 +1027,21 @@ dependencies = [
|
|||
"winapi",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "ring"
|
||||
version = "0.16.20"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "3053cf52e236a3ed746dfc745aa9cacf1b791d846bdaf412f60a8d7d6e17c8fc"
|
||||
dependencies = [
|
||||
"cc",
|
||||
"libc",
|
||||
"once_cell",
|
||||
"spin 0.5.2",
|
||||
"untrusted 0.7.1",
|
||||
"web-sys",
|
||||
"winapi",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "riscv"
|
||||
version = "0.7.0"
|
||||
|
@ -1136,20 +1076,20 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "rsa"
|
||||
version = "0.5.0"
|
||||
version = "0.6.1"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "e05c2603e2823634ab331437001b411b9ed11660fbc4066f3908c84a9439260d"
|
||||
checksum = "4cf22754c49613d2b3b119f0e5d46e34a2c628a937e3024b8762de4e7d8c710b"
|
||||
dependencies = [
|
||||
"byteorder",
|
||||
"digest 0.9.0",
|
||||
"lazy_static",
|
||||
"digest 0.10.3",
|
||||
"num-bigint-dig",
|
||||
"num-integer",
|
||||
"num-iter",
|
||||
"num-traits",
|
||||
"pkcs1",
|
||||
"pkcs8",
|
||||
"rand 0.8.5",
|
||||
"rand_core 0.6.3",
|
||||
"smallvec",
|
||||
"subtle 2.4.1",
|
||||
"zeroize",
|
||||
]
|
||||
|
@ -1172,22 +1112,24 @@ dependencies = [
|
|||
"nom",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "rustls"
|
||||
version = "0.20.4"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "4fbfeb8d0ddb84706bc597a5574ab8912817c52a397f819e5b614e2265206921"
|
||||
dependencies = [
|
||||
"log",
|
||||
"ring",
|
||||
"sct",
|
||||
"webpki",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "ryu"
|
||||
version = "1.0.9"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "73b4b750c782965c211b42f022f59af1fbceabdd026623714f104152f1ec149f"
|
||||
|
||||
[[package]]
|
||||
name = "schannel"
|
||||
version = "0.1.19"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "8f05ba609c234e60bee0d547fe94a4c7e9da733d1c962cf6e59efa4cd9c8bc75"
|
||||
dependencies = [
|
||||
"lazy_static",
|
||||
"winapi",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "scopeguard"
|
||||
version = "1.1.0"
|
||||
|
@ -1195,26 +1137,13 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
|
|||
checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd"
|
||||
|
||||
[[package]]
|
||||
name = "security-framework"
|
||||
version = "2.6.1"
|
||||
name = "sct"
|
||||
version = "0.7.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "2dc14f172faf8a0194a3aded622712b0de276821addc574fa54fc0a1167e10dc"
|
||||
checksum = "d53dcdb7c9f8158937a7981b48accfd39a43af418591a5d008c7b22b5e1b7ca4"
|
||||
dependencies = [
|
||||
"bitflags",
|
||||
"core-foundation",
|
||||
"core-foundation-sys",
|
||||
"libc",
|
||||
"security-framework-sys",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "security-framework-sys"
|
||||
version = "2.6.1"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "0160a13a177a45bfb43ce71c01580998474f556ad854dcbca936dd2841a5c556"
|
||||
dependencies = [
|
||||
"core-foundation-sys",
|
||||
"libc",
|
||||
"ring",
|
||||
"untrusted 0.7.1",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
|
@ -1261,10 +1190,11 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "spki"
|
||||
version = "0.4.1"
|
||||
version = "0.5.4"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "5c01a0c15da1b0b0e1494112e7af814a678fec9bd157881b49beac661e9b6f32"
|
||||
checksum = "44d01ac02a6ccf3e07db148d2be087da624fea0221a16152ed01f0496a6b0a27"
|
||||
dependencies = [
|
||||
"base64ct",
|
||||
"der",
|
||||
]
|
||||
|
||||
|
@ -1303,18 +1233,6 @@ dependencies = [
|
|||
"unicode-xid",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "synstructure"
|
||||
version = "0.12.6"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "f36bdaa60a83aca3921b5259d5400cbf5e90fc51931376a9bd4a0eb79aa7210f"
|
||||
dependencies = [
|
||||
"proc-macro2",
|
||||
"quote",
|
||||
"syn",
|
||||
"unicode-xid",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "tempfile"
|
||||
version = "3.3.0"
|
||||
|
@ -1375,6 +1293,12 @@ version = "0.2.2"
|
|||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "8ccb82d61f80a663efe1f787a51b16b5a51e3314d6ac365b08639f52387b33f3"
|
||||
|
||||
[[package]]
|
||||
name = "untrusted"
|
||||
version = "0.7.1"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "a156c684c91ea7d62626509bce3cb4e1d9ed5c4d978f7b4352658f96a4c26b4a"
|
||||
|
||||
[[package]]
|
||||
name = "untrusted"
|
||||
version = "0.9.0"
|
||||
|
@ -1396,12 +1320,6 @@ version = "0.1.3"
|
|||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "77439c1b53d2303b20d9459b1ade71a83c716e3f9c34f3228c00e6f185d6c002"
|
||||
|
||||
[[package]]
|
||||
name = "vcpkg"
|
||||
version = "0.2.15"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "accd4ea62f7bb7a82fe23066fb0957d48ef677f6eeb8215f372f52e48bb32426"
|
||||
|
||||
[[package]]
|
||||
name = "version_check"
|
||||
version = "0.9.4"
|
||||
|
@ -1435,6 +1353,80 @@ version = "0.10.2+wasi-snapshot-preview1"
|
|||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "fd6fbd9a79829dd1ad0cc20627bf1ed606756a7f77edff7b66b7064f9cb327c6"
|
||||
|
||||
[[package]]
|
||||
name = "wasm-bindgen"
|
||||
version = "0.2.80"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "27370197c907c55e3f1a9fbe26f44e937fe6451368324e009cba39e139dc08ad"
|
||||
dependencies = [
|
||||
"cfg-if",
|
||||
"wasm-bindgen-macro",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "wasm-bindgen-backend"
|
||||
version = "0.2.80"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "53e04185bfa3a779273da532f5025e33398409573f348985af9a1cbf3774d3f4"
|
||||
dependencies = [
|
||||
"bumpalo",
|
||||
"lazy_static",
|
||||
"log",
|
||||
"proc-macro2",
|
||||
"quote",
|
||||
"syn",
|
||||
"wasm-bindgen-shared",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "wasm-bindgen-macro"
|
||||
version = "0.2.80"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "17cae7ff784d7e83a2fe7611cfe766ecf034111b49deb850a3dc7699c08251f5"
|
||||
dependencies = [
|
||||
"quote",
|
||||
"wasm-bindgen-macro-support",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "wasm-bindgen-macro-support"
|
||||
version = "0.2.80"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "99ec0dc7a4756fffc231aab1b9f2f578d23cd391390ab27f952ae0c9b3ece20b"
|
||||
dependencies = [
|
||||
"proc-macro2",
|
||||
"quote",
|
||||
"syn",
|
||||
"wasm-bindgen-backend",
|
||||
"wasm-bindgen-shared",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "wasm-bindgen-shared"
|
||||
version = "0.2.80"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "d554b7f530dee5964d9a9468d95c1f8b8acae4f282807e7d27d4b03099a46744"
|
||||
|
||||
[[package]]
|
||||
name = "web-sys"
|
||||
version = "0.3.57"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "7b17e741662c70c8bd24ac5c5b18de314a2c26c32bf8346ee1e6f53de919c283"
|
||||
dependencies = [
|
||||
"js-sys",
|
||||
"wasm-bindgen",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "webpki"
|
||||
version = "0.22.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "f095d78192e208183081cc07bc5515ef55216397af48b873e5edcd72637fa1bd"
|
||||
dependencies = [
|
||||
"ring",
|
||||
"untrusted 0.7.1",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "which"
|
||||
version = "4.2.5"
|
||||
|
@ -1499,21 +1491,6 @@ checksum = "0de7bff972b4f2a06c85f6d8454b09df153af7e3a4ec2aac81db1b105b684ddb"
|
|||
|
||||
[[package]]
|
||||
name = "zeroize"
|
||||
version = "1.4.3"
|
||||
version = "1.5.5"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "d68d9dcec5f9b43a30d38c49f91dfedfaac384cb8f085faca366c26207dd1619"
|
||||
dependencies = [
|
||||
"zeroize_derive",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "zeroize_derive"
|
||||
version = "1.3.2"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "3f8f187641dad4f680d25c4bfc4225b418165984179f26ca76ec4fb6441d3a17"
|
||||
dependencies = [
|
||||
"proc-macro2",
|
||||
"quote",
|
||||
"syn",
|
||||
"synstructure",
|
||||
]
|
||||
checksum = "94693807d016b2f2d2e14420eb3bfcca689311ff775dcf113d74ea624b7cdf07"
|
||||
|
|
BIN
docs/img/desktop-access/rdp-certificate-template.png
Normal file
BIN
docs/img/desktop-access/rdp-certificate-template.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 1.5 MiB |
|
@ -30,7 +30,7 @@ This guide requires you to have:
|
|||
|
||||
You can reuse an existing server running any other Teleport instance.
|
||||
|
||||
## Step 1/6. Create a restrictive service account
|
||||
## Step 1/7. Create a restrictive service account
|
||||
|
||||
Teleport requires a service account to connect to your Active Directory domain.
|
||||
We recommend creating a dedicated service account with restrictive permissions
|
||||
|
@ -86,7 +86,7 @@ dsacls "CN=NTAuthCertificates,CN=Public Key Services,CN=Services,CN=Configuratio
|
|||
|
||||
```
|
||||
|
||||
## Step 2/6. Prevent the service account from performing interactive logins
|
||||
## Step 2/7. Prevent the service account from performing interactive logins
|
||||
|
||||
<Admonition type="note" title="gpupdate.exe">
|
||||
Throughout this step and the next one, you will be modifying GPOs, and
|
||||
|
@ -140,7 +140,7 @@ Computer Configuration > Policies > Windows Settings > Security Settings > Local
|
|||
![Deny Interactive Login](../../img/desktop-access/deny-interactive-login.png)
|
||||
</Figure>
|
||||
|
||||
## Step 3/6: Configure a GPO to allow Teleport connections
|
||||
## Step 3/7. Configure a GPO to allow Teleport connections
|
||||
|
||||
Next, we need to configure a GPO to allow Teleport desktop sessions. This
|
||||
includes telling your computers to trust Teleport's CA, allowing the
|
||||
|
@ -322,7 +322,71 @@ If you have not done so already, ensure your GPO is updated by opening a PowerSh
|
|||
gpupdate.exe /force
|
||||
```
|
||||
|
||||
## Step 4/6. Export your LDAP CA certificate
|
||||
## Step 4/7. Configure a certificate for RDP connections
|
||||
|
||||
<Admonition type="note" title="Secure Cipher Suites">
|
||||
Teleport's RDP client supports only secure algorithms
|
||||
for making TLS connections, so we have to configure our Domain Controller
|
||||
to support those cipher suites as well.
|
||||
This step is only *necessary* for Windows Server 2012 R2 Domain Controller as it does not support
|
||||
secure algorithms by default. If it does not apply to you, you can skip this step and go to the [next step](#step-57-export-your-ldap-ca-certificate).
|
||||
</Admonition>
|
||||
|
||||
In this step we'll create a new certificate template that uses elliptic curve cryptography, and then configure our GPO
|
||||
to use the newly created template to issue certificates used for Remote Desktop connections.
|
||||
|
||||
### Create a certificate template
|
||||
|
||||
In this section, we will create a certificate template that uses elliptic curve P-384 and uses SHA384 as the signature algorithm.
|
||||
|
||||
|
||||
1. Open the Microsoft Management Console (MMC)
|
||||
|
||||
```text
|
||||
Start > Control Panel > Administrative Tools > Certificate Authority
|
||||
```
|
||||
|
||||
2. Open your CA computer and right-click on `Certificate Templates`, then select `Manage`.
|
||||
3. Find the `Computer` template on the list, right-click on it, then select `Duplicate Template`.
|
||||
4. In the `Compatibility` tab change `Certification Authority` to `Windows Server 2012 R2` and click `OK`.
|
||||
5. In the same tab change `Certificate recipient` to `Windows Server 2012 R2` and click `OK`.
|
||||
6. Go to the `General` tab and change `Template display name` to `RemoteDesktopAccess`. Make sure `Template name` is also `RemoteDesktopAccess`.
|
||||
7. In the `Cryptography` tab change `Provider Category` to `Key Storage Provider`, then `Algorithm name` to `ECDH_P384`. Also, change `Request hash` to `SHA384`.
|
||||
8. Next, in the `Extensions` tab select `Application Polices` and click the `Edit` button.
|
||||
9. Remove all entries from the list.
|
||||
10. Go to the `Security` tab, select `Domain Controllers` and give the group `Read` and `Enroll` permissions.
|
||||
11. Finally, create a template by clicking `OK`.
|
||||
12. Go back to the Certificate Authority window and right-click on `Certificate Templates`. Then:
|
||||
|
||||
```text
|
||||
New > Certificate Template to Issue
|
||||
```
|
||||
Select `RemoteDesktopAccess` and click `OK`.
|
||||
|
||||
### Update GPO to use a new certificate template
|
||||
|
||||
In the group policy editor for `Teleport Access Policy`, select:
|
||||
|
||||
```
|
||||
Computer Configuration > Policies > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Security
|
||||
```
|
||||
|
||||
Right-click on `Server authentication certificate template`, `Edit`, then select `Enabled` and fill `Certificate Template Name` with `RemoteDesktopAccess`.
|
||||
|
||||
<Figure align="left" bordered caption="RDP Certificate Template">
|
||||
![RDP Certificate Template](../../img/desktop-access/rdp-certificate-template.png)
|
||||
</Figure>
|
||||
|
||||
|
||||
### Ensure your GPO is updated
|
||||
|
||||
If you have not done so already, ensure your GPO is updated by opening a PowerShell prompt and running:
|
||||
|
||||
```powershell
|
||||
gpupdate.exe /force
|
||||
```
|
||||
|
||||
## Step 5/7. Export your LDAP CA certificate
|
||||
|
||||
Teleport connects to your Domain Controller via LDAPS. This means that you must
|
||||
let Teleport know that the certificate sent by your Domain Controller during the
|
||||
|
@ -351,7 +415,7 @@ Now transfer the exported file to the system where you're running Teleport. You
|
|||
can either add this certificate to your system's trusted repository or provide
|
||||
the filepath to the `der_ca_file` configuration variable.
|
||||
|
||||
## Step 5/6. Configure Teleport
|
||||
## Step 6/7. Configure Teleport
|
||||
|
||||
<Admonition type="note" title="Teleport CA">
|
||||
Prior to v8.0, the Teleport CA was not compatible with Windows logins. If
|
||||
|
@ -414,7 +478,7 @@ windows_desktop_service:
|
|||
|
||||
After updating `teleport.yaml`, start Teleport as usual using `teleport start`.
|
||||
|
||||
## Step 6/6. Log in using Teleport
|
||||
## Step 7/7. Log in using Teleport
|
||||
|
||||
### Create a Teleport user/role for Windows Desktop Access
|
||||
|
||||
|
|
|
@ -862,9 +862,9 @@ func NewTeleport(cfg *Config) (*TeleportProcess, error) {
|
|||
if cfg.WindowsDesktop.Enabled {
|
||||
// FedRAMP/FIPS is not supported for Desktop Access. Desktop Access uses
|
||||
// Rust for the underlying RDP protocol implementation and smart card
|
||||
// authnentication. Return an error if the user attempts to start Desktop
|
||||
// Access in FedRAMP/RIPS mode for now until we can ensure that the crypto
|
||||
// used by this feature is compliant.
|
||||
// authentication. Returns an error if the user attempts to start Desktop
|
||||
// Access in FedRAMP/RIPS mode for now until we can ensure that the crypto
|
||||
// used by this feature is compliant.
|
||||
if cfg.FIPS {
|
||||
return nil, trace.BadParameter("FedRAMP/FIPS 140-2 compliant configuration for Desktop Access not supported in Teleport %v", teleport.Version)
|
||||
}
|
||||
|
|
|
@ -55,7 +55,7 @@ Save the following file as `certificate-services.ps1`
|
|||
$ErrorActionPreference = "Stop"
|
||||
|
||||
Add-WindowsFeature Adcs-Cert-Authority -IncludeManagementTools
|
||||
Install-AdcsCertificationAuthority -CAType EnterpriseRootCA -Force
|
||||
Install-AdcsCertificationAuthority -CAType EnterpriseRootCA -HashAlgorithmName SHA384 -Force
|
||||
Restart-Computer -Force
|
||||
```
|
||||
|
||||
|
|
|
@ -19,6 +19,6 @@ num-derive = "0.3.3"
|
|||
num-traits = "0.2.14"
|
||||
rand = { version = "0.8.5", features = ["getrandom"] }
|
||||
rand_chacha = "0.3.1"
|
||||
rsa = { version = "0.5.0", features = ["alloc"] }
|
||||
rdp-rs = { git = "https://github.com/gravitational/rdp-rs", rev = "f51222e7edeaf2954e2c02db3506aa36e02304ca" }
|
||||
rsa = { version = "0.6.1" }
|
||||
rdp-rs = { git = "https://github.com/gravitational/rdp-rs", rev = "17ec446ecb73c58b77ac47c6fc8598153f673076" }
|
||||
uuid = { version = "0.8.2", features = ["v4"] }
|
||||
|
|
|
@ -19,7 +19,7 @@ use iso7816::command::Command;
|
|||
use iso7816::response::Status;
|
||||
use iso7816_tlv::ber::{Tag, Tlv, Value};
|
||||
use rdp::model::error::*;
|
||||
use rsa::pkcs1::FromRsaPrivateKey;
|
||||
use rsa::pkcs1::DecodeRsaPrivateKey;
|
||||
use rsa::{BigUint, PublicKeyParts, RsaPrivateKey};
|
||||
use std::convert::TryFrom;
|
||||
use std::io::{Cursor, Read};
|
||||
|
@ -209,8 +209,8 @@ impl<const S: usize> Card<S> {
|
|||
/// to decrypt. Most crypto libraries don't directly expose RSA decryption without padding, as
|
||||
/// it's easy to build insecure crypto systems. Thankfully for us, this decryption is just a single
|
||||
/// modpow operation which is suppored by RustCrypto.
|
||||
fn sign_auth_challenge(&self, challenge: &Vec<u8>) -> Vec<u8> {
|
||||
let c = BigUint::from_bytes_be(challenge.as_slice());
|
||||
fn sign_auth_challenge(&self, challenge: &[u8]) -> Vec<u8> {
|
||||
let c = BigUint::from_bytes_be(challenge);
|
||||
let plain_text = c
|
||||
.modpow(self.piv_auth_key.d(), self.piv_auth_key.n())
|
||||
.to_bytes_be();
|
||||
|
@ -414,7 +414,7 @@ fn tlv_tag(val: u8) -> RdpResult<Tag> {
|
|||
}
|
||||
|
||||
fn hex_data<const S: usize>(cmd: &Command<S>) -> String {
|
||||
to_hex(&cmd.data().to_vec())
|
||||
to_hex(cmd.data())
|
||||
}
|
||||
|
||||
fn to_hex(bytes: &[u8]) -> String {
|
||||
|
|
Loading…
Reference in a new issue