self-hosted/teleport

mirror of https://github.com/gravitational/teleport synced 2024-10-20 17:23:22 +00:00

Author	SHA1	Message	Date
Tobiasz Heller	d0646d2cdd	Dependency updates (#19139 ) * Bump github.com/bufbuild/connect-go from 1.1.0 to 1.3.2 Bumps [github.com/bufbuild/connect-go](https://github.com/bufbuild/connect-go) from 1.1.0 to 1.3.2. - [Release notes](https://github.com/bufbuild/connect-go/releases) - [Commits](https://github.com/bufbuild/connect-go/compare/v1.1.0...v1.3.2) --- updated-dependencies: - dependency-name: github.com/bufbuild/connect-go dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump golang.org/x/sys from 0.2.0 to 0.3.0 Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.2.0 to 0.3.0. - [Release notes](https://github.com/golang/sys/releases) - [Commits](https://github.com/golang/sys/compare/v0.2.0...v0.3.0) --- updated-dependencies: - dependency-name: golang.org/x/sys dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump go.opentelemetry.io/otel/sdk from 1.11.1 to 1.11.2 Bumps [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go) from 1.11.1 to 1.11.2. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.11.1...v1.11.2) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel/sdk dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump github.com/aws/aws-sdk-go-v2 from 1.17.1 to 1.17.2 Bumps [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2) from 1.17.1 to 1.17.2. - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-go-v2/compare/v1.17.1...v1.17.2) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go-v2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump libc from 0.2.137 to 0.2.138 Bumps [libc](https://github.com/rust-lang/libc) from 0.2.137 to 0.2.138. - [Release notes](https://github.com/rust-lang/libc/releases) - [Commits](https://github.com/rust-lang/libc/compare/0.2.137...0.2.138) --- updated-dependencies: - dependency-name: libc dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace Bumps [go.opentelemetry.io/otel/exporters/otlp/otlptrace](https://github.com/open-telemetry/opentelemetry-go) from 1.11.1 to 1.11.2. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.11.1...v1.11.2) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump go.opentelemetry.io/otel from 1.11.1 to 1.11.2 Bumps [go.opentelemetry.io/otel](https://github.com/open-telemetry/opentelemetry-go) from 1.11.1 to 1.11.2. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.11.1...v1.11.2) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.74.0 to 1.75.0 Bumps [github.com/aws/aws-sdk-go-v2/service/ec2](https://github.com/aws/aws-sdk-go-v2) from 1.74.0 to 1.75.0. - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/ec2/v1.74.0...service/ec2/v1.75.0) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go-v2/service/ec2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump github.com/aws/aws-sdk-go-v2/service/sts from 1.17.5 to 1.17.6 Bumps [github.com/aws/aws-sdk-go-v2/service/sts](https://github.com/aws/aws-sdk-go-v2) from 1.17.5 to 1.17.6. - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.17.5...config/v1.17.6) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go-v2/service/sts dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp Bumps [go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp](https://github.com/open-telemetry/opentelemetry-go) from 1.11.1 to 1.11.2. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.11.1...v1.11.2) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump github.com/aws/aws-sdk-go-v2/feature/ec2/imds Bumps [github.com/aws/aws-sdk-go-v2/feature/ec2/imds](https://github.com/aws/aws-sdk-go-v2) from 1.12.19 to 1.12.20. - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-go-v2/compare/credentials/v1.12.19...credentials/v1.12.20) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go-v2/feature/ec2/imds dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace in /api Bumps [go.opentelemetry.io/otel/exporters/otlp/otlptrace](https://github.com/open-telemetry/opentelemetry-go) from 1.11.1 to 1.11.2. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.11.1...v1.11.2) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * go mod tidy * Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-12-07 17:27:07 +01:00
Isaiah Becker-Mayer	8498346fba	Displays Server Disconnect reason to the user (#18959 )	2022-12-07 03:18:53 +00:00
dependabot[bot]	a87a4a45af	Bump env_logger from 0.9.3 to 0.10.0 (#18837 ) Bumps [env_logger](https://github.com/rust-cli/env_logger) from 0.9.3 to 0.10.0. - [Release notes](https://github.com/rust-cli/env_logger/releases) - [Changelog](https://github.com/rust-cli/env_logger/blob/main/CHANGELOG.md) - [Commits](https://github.com/rust-cli/env_logger/compare/v0.9.3...v0.10.0) --- updated-dependencies: - dependency-name: env_logger dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-11-29 20:50:02 +00:00
Łukasz Kozłowski	b6bbe28f3a	Add FIPS support for Desktop Access (#18076 )	2022-11-23 15:32:53 +01:00
dependabot[bot]	6cb28247b5	Bump uuid from 1.2.1 to 1.2.2 (#18566 ) Bumps [uuid](https://github.com/uuid-rs/uuid) from 1.2.1 to 1.2.2. - [Release notes](https://github.com/uuid-rs/uuid/releases) - [Commits](https://github.com/uuid-rs/uuid/compare/1.2.1...1.2.2) --- updated-dependencies: - dependency-name: uuid dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-11-18 15:19:06 +00:00
dependabot[bot]	adb5d9f25b	Bump rsa from 0.7.1 to 0.7.2 (#18567 ) Bumps [rsa](https://github.com/RustCrypto/RSA) from 0.7.1 to 0.7.2. - [Release notes](https://github.com/RustCrypto/RSA/releases) - [Changelog](https://github.com/RustCrypto/RSA/blob/master/CHANGELOG.md) - [Commits](https://github.com/RustCrypto/RSA/compare/v0.7.1...v0.7.2) --- updated-dependencies: - dependency-name: rsa dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-11-17 22:34:21 +00:00
Isaiah Becker-Mayer	3d47902fe7	runs cargo update (#18104 )	2022-11-10 18:06:44 +00:00
dependabot[bot]	f4394a5d09	Bump env_logger from 0.9.1 to 0.9.3 (#18240 ) Bumps [env_logger](https://github.com/env-logger-rs/env_logger) from 0.9.1 to 0.9.3. - [Release notes](https://github.com/env-logger-rs/env_logger/releases) - [Changelog](https://github.com/env-logger-rs/env_logger/blob/main/CHANGELOG.md) - [Commits](https://github.com/env-logger-rs/env_logger/compare/v0.9.1...v0.9.3) --- updated-dependencies: - dependency-name: env_logger dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-11-08 15:13:33 +00:00
dependabot[bot]	a0259fd495	Bump rsa from 0.7.0 to 0.7.1 (#17990 ) Bumps [rsa](https://github.com/RustCrypto/RSA) from 0.7.0 to 0.7.1. - [Release notes](https://github.com/RustCrypto/RSA/releases) - [Changelog](https://github.com/RustCrypto/RSA/blob/master/CHANGELOG.md) - [Commits](https://github.com/RustCrypto/RSA/compare/v0.7.0...v0.7.1) --- updated-dependencies: - dependency-name: rsa dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-11-01 18:28:24 +00:00
Isaiah Becker-Mayer	f1fd8ec767	updates rdp-rs ref (#17900 )	2022-10-31 17:21:00 +00:00
dependabot[bot]	a2257e7cde	Bump libc from 0.2.136 to 0.2.137 (#17839 ) Bumps [libc](https://github.com/rust-lang/libc) from 0.2.136 to 0.2.137. - [Release notes](https://github.com/rust-lang/libc/releases) - [Commits](https://github.com/rust-lang/libc/compare/0.2.136...0.2.137) --- updated-dependencies: - dependency-name: libc dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-10-27 13:22:52 +00:00
Tobiasz Heller	58a0601ed7	Dependency updates (#17788 ) * Bump libc from 0.2.135 to 0.2.136 * Bump k8s.io/apiserver from 0.25.2 to 0.25.3 * Bump github.com/aws/aws-sdk-go-v2/feature/ec2/imds * Bump github.com/aws/aws-sdk-go-v2/service/sts from 1.16.19 to 1.17.1 * Bump github.com/golang-jwt/jwt/v4 from 4.2.0 to 4.4.2 * Bump go.opentelemetry.io/otel/sdk from 1.11.0 to 1.11.1 * Bump github.com/aws/aws-sdk-go-v2/credentials from 1.12.21 to 1.12.23 * Bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.63.1 to 1.63.3 * Bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc * Bump github.com/stretchr/testify from 1.8.0 to 1.8.1 in /api * Bump go.opentelemetry.io/otel/sdk from 1.11.0 to 1.11.1 in /api * Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc * Bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp * Bump github.com/aws/aws-sdk-go from 1.44.117 to 1.44.123	2022-10-26 16:02:25 +02:00
Alan Parra	2e892fed3a	Bump Rust dependencies (#17381 ) Bundles the recent Dependabot Cargo updates in a single PR. * Bump env_logger from 0.9.0 to 0.9.1 * Bump libc from 0.2.132 to 0.2.135 * Bump rsa from 0.6.1 to 0.7.0 * Bump uuid from 1.1.2 to 1.2.1	2022-10-13 18:55:13 +00:00
Zac Bergquist	495bb677e2	Improve logging when TDP input streaming fails (#15808 ) - Introduce a dedicated error code for CGo pointer failures - Improve logging on the Go side (in case Rust logging fails) - Only log "check network and disk" if > 15% of writes are slow	2022-09-19 16:40:58 +00:00
Isaiah Becker-Mayer	8dcc1376fe	Updates Rust crates (#16151 )	2022-09-06 18:20:31 +00:00
Łukasz Kozłowski	c3f316c682	Add Windows license negotation to Desktop Access	2022-08-23 12:59:43 +02:00
Isaiah Becker-Mayer	361ea8ef3f	Windows Desktop Directory Sharing (#13630 ) * `IRP_MJ_CREATE` (#12665) * `IRP_MJ_QUERY_INFORMATION` (#12717) * `IRP_MJ_CLOSE` (#12729) * Refactor rdpdr client (#12750) * Adding logic for `FILE_SUPERSEDE` (#12829) * Improve `process_irp_create` (#12830) * adds return statements that got lost in a merge * `IRP_MJ_DIRECTORY_CONTROL` (#12870) * `FileFullDirectoryInformation` (#12908) * Improve `ClientDriveQueryDirectoryResponse.encode()` (#12912) * `IRP_MJ_QUERY_VOLUME_INFORMATION` (#13071) * Fix Shared Directory Request handling when feature is disabled (#13439) * IRP_MJ_READ, IRP_MJ_WRITE, and IRP_MJ_SET_INFORMATION (#13995) * Adds constants for sizing calculations (#14051) Co-authored-by: Łukasz Kozłowski <lukasz.kozlowski@goteleport.com> Co-authored-by: Zac Bergquist <zac.bergquist@goteleport.com>	2022-08-04 21:50:02 +00:00
Edoardo Spadolini	0985151b02	Build-time cbindgen (#14177 )	2022-07-19 20:10:27 +00:00
Isaiah Becker-Mayer	8b6ecf7c6c	updates rdp-rs ref to new HEAD where scroll wheel delta is fixed (#13773 )	2022-06-27 17:53:23 +00:00
Zac Bergquist	61463166c1	Remove tctl roletester (#13863 ) This code was unmaintained, created issues with our build system, and didn't actually match the behavior of Teleport's RBAC engine. We will revisit this functionality in the future when we investigate "acess policies as code."	2022-06-25 04:01:21 +00:00
Isaiah Becker-Mayer	c018cd7deb	TDP Shared Directory Announce and Acknowledge (#12405 ) Co-authored-by: Zac Bergquist <zmb3@users.noreply.github.com>	2022-06-14 22:42:19 +00:00
Joel	dc16113269	major + minor rust dep upgrade (#13444 )	2022-06-14 07:32:06 +00:00
Łukasz Kozłowski	59004b2334	Remove OpenSSL dependency from the rust RDP client	2022-05-23 11:30:25 +02:00
Zac Bergquist	130aefd33e	Use RustCrypto/RSA instead of OpenSSL RustCrypto is preferred, as it's a pure-Rust implementation, which simplifies cross compilation for us and prevents us from needing to pull in all of OpenSSL. We originally thought that OpenSSL would be required here as RustCrypto didn't appear to support RSA decryption without padding, but that turned out to be false.	2022-05-23 11:30:25 +02:00
Zac Bergquist	bf3c227933	Bump rdp-rs (#11768 ) I had made some changes to rdp-rs to expose new flags for tweaking some performance characteristics, but never got around to pulling in the update here. Fix this now so as not to block upcoming work the team is doing on rdp-rs.	2022-04-06 17:18:43 +00:00
Joel	0bd0b234e3	Update cargo deps (#11400 )	2022-03-24 12:15:13 +00:00
Zac Bergquist	8026e8c576	Fix large clipboard copy/paste (#10670 ) Re-assemble cliprdr messages that were split into multiple PDUs Implement reassembly of chunked virtual channel data, as described in https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rdpbcgr/a542bf19-1c86-4c80-ab3e-61449653abf6 Note: this is technically applicable to all virtual channels, not just cliprdr, so this logic should eventually be moved to a more reusable place. We haven't had an issue with the rdpdr virtual channel because the smart card messages we implement are all small enough to fit in a single chunk.	2022-03-02 23:09:57 +00:00
Zac Bergquist	d5f01d867d	Generate/validate a PIN for our virtual smartcard (#9919 ) * Generate a random smart card PIN per-session Instead of using a shared static PIN for all sessions, use a cryptographically secure random number generator to generate a random 8-digit PIN that is unique per session. Additionally, implement the verify command by checking that the PIN that Windows sends back matches the one we randomly generated. Since the PIN is only-known to Teleport, this prevents users from using the virtual smartcard for anything besides the initial Windows login. * Fix hang if PIN doesn't match Now that we're verifying the smart card PIN, the RDP connection between Windows Desktop Service will be closed if the PIN doesn't match. Unfortunately, the goroutine that's reading user input from the browser is still blocked waiting on user input, and doesn't know that we're no longer connected to the desktop. This situation resolves itself as soon as you try to move the mouse or press a key, but it would be better to shut the TDP connection down immediately rather than leave it open with a static screen. * Don't error when PIN verify fails By returning an error, we kill the connection. Instead, just return the error that indicates verification failed. Windows won't allow access to any resources, but the connection will remain open.	2022-02-14 11:07:58 -07:00
Zac Bergquist	0f61458864	Add a Cargo workspace (#9960 ) The workspace includes both parts of the project that use Rust. (The roletester and RDP client). This has several advantages: - Rust Analyzer will work on the codebase as a whole, so we get nice development features without needing to open the Rust projects separately - Dependencies are resolved at the project level, ensuring that role tester and RDP client use the same version of common dependencies.	2022-01-26 14:07:42 -07:00

29 commits