π2024.1.2 β CurvePreferences includes unsupported curve
yzytom opened this issue Β· comments
Describe the bug
failed to dial to edge with quic: INTERNAL_ERROR (local): tls: CurvePreferences includes unsupported curve
To Reproduce
Steps to reproduce the behavior:
1. Download go1.21.6 from go.dev
2. open clang64 for compile cloudflare
3. run git clone --depth=1 -b 2024.1.2 https://github.com/cloudflare/cloudflared.git
4. extract go1.21.6 and set PATH environment and enter cloudflared directory
5. run go build -ldflags='-s -w -X "main.Version=2024.1.2" -X "main.BuildTime=2024/1/12"' ./cmd/cloudflared
6. run ./cloudflared.exe tunnel --hello-world --edge-ip-version=6
7. See error in output
If it's an issue with Cloudflare Tunnel:
1. Tunnel ID : edf36fae-fd4b-4bcc-95d8-6d1c9a339572
2. cloudflared config: None
Expected behavior
No crash
Environment and versions
- OS: Windows 11
- Architecture: AMD64
- Version: 2024.1.2
Logs and errors
2024-01-12T07:04:06Z INF Thank you for trying Cloudflare Tunnel. Doing so, without a Cloudflare account, is a quick way to experiment and try it out. However, be aware that these account-less Tunnels have no uptime guarantee. If you intend to use Tunnels in production you should use a pre-created named tunnel by following: https://developers.cloudflare.com/cloudflare-one/connections/connect-apps
2024-01-12T07:04:06Z INF Requesting new quick Tunnel on trycloudflare.com...
2024-01-12T07:04:08Z INF +--------------------------------------------------------------------------------------------+
2024-01-12T07:04:08Z INF | Your quick Tunnel has been created! Visit it at (it may take some time to be reachable): |
2024-01-12T07:04:08Z INF | https://bg-likely-model-sony.trycloudflare.com |
2024-01-12T07:04:08Z INF +--------------------------------------------------------------------------------------------+
2024-01-12T07:04:08Z INF Cannot determine default configuration path. No file [config.yml config.yaml] in [~/.cloudflared ~/.cloudflare-warp ~/cloudflare-warp]
2024-01-12T07:04:08Z INF Version 2024.1.2
2024-01-12T07:04:08Z INF GOOS: windows, GOVersion: go1.21.6, GoArch: amd64
2024-01-12T07:04:08Z INF Settings: map[edge-ip-version:6 ha-connections:1 hello-world:true protocol:quic]
2024-01-12T07:04:08Z INF cloudflared will not automatically update on Windows systems.
2024-01-12T07:04:08Z INF Generated Connector ID: edf36fae-fd4b-4bcc-95d8-6d1c9a339572
2024-01-12T07:04:08Z INF Initial protocol quic
2024-01-12T07:04:08Z INF ICMP proxy will use <ipv4 address> as source for IPv4
2024-01-12T07:04:08Z INF ICMP proxy will use <ipv6 address> in zone vEthernet (internet) as source for IPv6
2024-01-12T07:04:09Z INF cloudflared does not support loading the system root certificate pool on Windows. Please use --origin-ca-pool <PATH> to specify the path to the certificate pool
2024-01-12T07:04:09Z INF Starting Hello World server at 127.0.0.1:56902
2024-01-12T07:04:09Z INF Starting metrics server on 127.0.0.1:56903/metrics
2024-01-12T07:04:09Z ERR Failed to create new quic connection error="failed to dial to edge with quic: INTERNAL_ERROR (local): tls: CurvePreferences includes unsupported curve" connIndex=0
event=0 ip=2606:4700:a8::3
2024-01-12T07:04:09Z INF Retrying connection in up to 2s connIndex=0 event=0 ip=2606:4700:a8::3
2024-01-12T07:04:09Z ERR Failed to create new quic connection error="failed to dial to edge with quic: INTERNAL_ERROR (local): tls: CurvePreferences includes unsupported curve" connIndex=0
event=0 ip=2606:4700:a8::2
2024-01-12T07:04:09Z INF Retrying connection in up to 4s connIndex=0 event=0 ip=2606:4700:a8::2
2024-01-12T07:04:12Z ERR Failed to create new quic connection error="failed to dial to edge with quic: INTERNAL_ERROR (local): tls: CurvePreferences includes unsupported curve" connIndex=0
event=0 ip=2606:4700:a0::5
2024-01-12T07:04:12Z INF Retrying connection in up to 8s connIndex=0 event=0 ip=2606:4700:a0::5
2024-01-12T07:04:18Z ERR Failed to create new quic connection error="failed to dial to edge with quic: INTERNAL_ERROR (local): tls: CurvePreferences includes unsupported curve" connIndex=0
event=0 ip=2606:4700:a0::8
2024-01-12T07:04:18Z INF Retrying connection in up to 16s connIndex=0 event=0 ip=2606:4700:a0::8
2024-01-12T07:04:28Z ERR Failed to create new quic connection error="failed to dial to edge with quic: INTERNAL_ERROR (local): tls: CurvePreferences includes unsupported curve" connIndex=0
event=0 ip=2606:4700:a0::9
2024-01-12T07:04:28Z INF Retrying connection in up to 32s connIndex=0 event=0 ip=2606:4700:a0::9
2024-01-12T07:04:57Z ERR Failed to create new quic connection error="failed to dial to edge with quic: INTERNAL_ERROR (local): tls: CurvePreferences includes unsupported curve" connIndex=0
event=0 ip=2606:4700:a8::10
2024-01-12T07:04:57Z INF Retrying connection in up to 1m4s connIndex=0 event=0 ip=2606:4700:a8::10
2024-01-12T07:05:02Z ERR Failed to create new quic connection error="failed to dial to edge with quic: INTERNAL_ERROR (local): tls: CurvePreferences includes unsupported curve" connIndex=0
event=0 ip=2606:4700:a0::5
2024-01-12T07:05:02Z INF Retrying connection in up to 1m4s connIndex=0 event=0 ip=2606:4700:a0::5
2024-01-12T07:05:07Z ERR Failed to create new quic connection error="failed to dial to edge with quic: INTERNAL_ERROR (local): tls: CurvePreferences includes unsupported curve" connIndex=0
event=0 ip=2606:4700:a0::8
2024-01-12T07:05:07Z INF Retrying connection in up to 1m4s connIndex=0 event=0 ip=2606:4700:a0::8
2024-01-12T07:05:11Z ERR Failed to create new quic connection error="failed to dial to edge with quic: INTERNAL_ERROR (local): tls: CurvePreferences includes unsupported curve" connIndex=0
event=0 ip=2606:4700:a8::1
2024-01-12T07:05:11Z INF Retrying connection in up to 1m4s connIndex=0 event=0 ip=2606:4700:a8::1
2024-01-12T07:05:23Z ERR Failed to create new quic connection error="failed to dial to edge with quic: INTERNAL_ERROR (local): tls: CurvePreferences includes unsupported curve" connIndex=0
event=0 ip=2606:4700:a0::9
2024-01-12T07:05:23Z INF Retrying connection in up to 1m4s connIndex=0 event=0 ip=2606:4700:a0::9
Additional context
Appears to be the same issue as #1143. Others have also commented that the issue is ongoing on 2024.1.1: #1143 (comment)
Hi @yzytom, cloudflared has to be compiled with a fork of go to support post quantum encryption since version 2024.1.0. You can follow https://github.com/cloudflare/cloudflared?tab=readme-ov-file#installing-cloudflared to install the go compiler.
This is because we upgraded from go 1.20 to 1.21. Prior to that, our transport library, quic-go, has its own TLS stack. We patched the TLS stack to support post quantum encryption. But quic-go moved to the standard TLS stack since go 1.21. To continue supporting post quantum encryption, we needed to patch the standard library.
Hi @yzytom, cloudflared has to be compiled with a fork of go to support post quantum encryption since version 2024.1.0. You can follow https://github.com/cloudflare/cloudflared?tab=readme-ov-file#installing-cloudflared to install the go compiler. This is because we upgraded from go 1.20 to 1.21. Prior to that, our transport library, quic-go, has its own TLS stack. We patched the TLS stack to support post quantum encryption. But quic-go moved to the standard TLS stack since go 1.21. To continue supporting post quantum encryption, we needed to patch the standard library.
Thx,I fork https://github.com/cloudflare/go.git and compile it.Finally,I solve the problem.π