Hey people,
Im relating to you my experience with cyberstorm.mu for the last 3 days. It was pure coding madness for very member of the team.
We had different working group namely :
TLS 1.3 protocol
HTTP 451 protocol
SSH protocol
I had to add an option to disable middlebox compatibility for TLS 1.3 in Curl. There were many hurdles on the way to achieve this change.
Day 0, I had issues in compiling my code. After many trials I got on the right track with guidance from Logan.
Day 1, was quite intense for me as i had to analyze packets and traffics in Wireshark to see the change. After lots of debugging I finally managed to see it. Now the only thing left to do was to implement a switch to use this option.
Day 2, I implemented the switch –disable-tls13-middlebox in curl :
I ran the newly compiled curl with the new switch without any errors. I created a pull request for curl repository in github.
Day 3, as i had enough time to accomplish another task, i opted for implementing PHA ( Post Handshake Authentication ) in Nagios-plugins.
I compiled the code successfully, unfortunately i had to test it using an Apache server using TLS 1.3 protocol to see the change. Currently no servers are running apache with TLS 1.3.
I tried to compile Apache with TLS 1.3 but i had many issues with it.
So we could not test it. The work is still in progress.
We had a tough time to accomplish the tasks that was assigned to us. Apart coding we also had lots of fun in the pool and have delicious meal.
Thank you.
SecureNet 