chore(deps): bump github.com/x90skysn3k/grdp from 1.0.1 to 1.0.2

[dependabot]

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

---

Bumps github.com/x90skysn3k/grdp from 1.0.1 to 1.0.2.

Release notes

Sourced from github.com/x90skysn3k/grdp's releases.

v1.0.2

What's New

CredSSP v5/v6 Protocol Support (CVE-2018-0886 Encryption Oracle Remediation)

• Advertise CredSSP v6, negotiate down to min(client, server)
• v5+ uses SHA-256 hash-based pubKeyAuth with client nonce instead of raw pubkey echo
• Preserves v2–v4 fallback for older servers
• Now works against hardened Windows Server 2022 with "Force Updated Clients" policy

NTSTATUS Error Reporting

• Decode and report NTSTATUS errors from server rejections
• Human-readable descriptions for common codes: STATUS_LOGON_FAILURE, STATUS_ACCESS_DENIED, SEC_E_DELEGATION_POLICY, STATUS_ACCOUNT_RESTRICTION

Multi-Key TLS Support

• TlsPubKey() now supports RSA (PKCS#1), ECDSA, and Ed25519 server certificates
• Previously only RSA was supported — ECDSA/Ed25519 servers would fail silently

NTLM Hardening

• Add MsvAvFlags (MIC_PROVIDED) and MsvAvTargetName (SPN) to AvPairs in NTLMv2 blob
• Required by Windows 11 24H2+ which silently rejects authentication without these fields
• Add NTLMSSP_NEGOTIATE_VERSION to negotiate flags

TLS 1.2 Cap for RDP

• Cap TLS at 1.2 for RDP connections — Windows CredSSP silently fails over TLS 1.3
• Matches FreeRDP behavior

CI/Build Improvements

• Upgrade to Go 1.26.1 and update all dependencies (x/crypto v0.49.0)
• Upgrade CI to golangci-lint v2 with blocking lint checks
• Add branch protection: required status checks and PR reviews on main
• Add Makefile for local development (make build, make test, make ci)
• Add cmd/rdpcheck CLI tool for quick CredSSP auth testing
• Replace deprecated elliptic.Marshal with crypto/ecdh

Testing

• Unit tests for TSRequest round-trip, hash computation, NTSTATUS error codes
• TLS public key extraction tests for RSA, ECDSA, and Ed25519

Migration

Fully backward compatible. No public API changes — LoginAuthOnly() and LoginContext() work as before with automatic CredSSP version negotiation.

Contributors

• @​juanfont — CredSSP v5/v6 implementation, NTLM hardening, tests, and CI updates

Full Changelog: x90skysn3k/grdp@v1.0.1...v1.0.2

Commits

• 43884c6 feat: CredSSP v5/v6 protocol support (#2)
• 806c7ab Merge pull request #1 from x90skysn3k/dev
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)