curben
/
cloudflared-mirror
mirror of https://github.com/cloudflare/cloudflared.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
cloudflared-mirror/supervisor
History
Luis Neto 31a870b291 TUN-8855: Update PQ curve preferences 
## Summary

Nowadays, Cloudflared only supports X25519Kyber768Draft00 (0x6399,25497) but older versions may use different preferences.

For FIPS compliance we are required to use P256Kyber768Draft00 (0xfe32,65074) which is supported in our internal fork of [Go-Boring-1.22.10](https://bitbucket.cfdata.org/projects/PLAT/repos/goboring/browse?at=refs/heads/go-boring/1.22.10 "Follow link").

In the near future, Go will support by default the X25519MLKEM768 (0x11ec,4588) given this we may drop the usage of our public fork of GO.

To summarise:

* Cloudflared FIPS: QUIC_CURVE_PREFERENCES=65074
* Cloudflared non-FIPS: QUIC_CURVE_PREFERENCES=4588

Closes TUN-8855
 		2025-01-30 05:02:47 -08:00
..
conn_aware_logger.go TUN-6617: Dont fallback to http2 if QUIC conn was successful. 2022-08-12 08:40:03 +00:00
external_control.go TUN-5749: Refactor cloudflared to pave way for reconfigurable ingress 2022-02-14 15:37:09 +00:00
fuse.go chore: Remove h2mux code 2024-10-15 13:10:30 -07:00
metrics.go TUN-5749: Refactor cloudflared to pave way for reconfigurable ingress 2022-02-14 15:37:09 +00:00
pqtunnels.go TUN-8855: Update PQ curve preferences 2025-01-30 05:02:47 -08:00
pqtunnels_test.go TUN-8855: Update PQ curve preferences 2025-01-30 05:02:47 -08:00
supervisor.go TUN-8861: Rename Session Limiter to Flow Limiter 2025-01-20 06:33:40 -08:00
tunnel.go TUN-8855: Update PQ curve preferences 2025-01-30 05:02:47 -08:00
tunnel_test.go TUN-8427: Fix BackoffHandler's internally shared clock structure 2024-05-23 09:48:34 -07:00
tunnelsforha.go TUN-5749: Refactor cloudflared to pave way for reconfigurable ingress 2022-02-14 15:37:09 +00:00