IETF 103 Hackathon ( Disabling middlebox compatibility for TLS 1.3 in Curl )

Hey people,

Im relating to you my experience with cyberstorm.mu for the last 3 days. It was pure coding madness for very member of the team.

We had different working group namely :

TLS 1.3 protocol

HTTP 451 protocol

SSH protocol

I had to add an option to disable middlebox compatibility for TLS 1.3 in Curl. There were many hurdles on the way to achieve this change.

Day 0, I had issues in compiling my code. After many trials I got on the right track with guidance from Logan.

Day 1, was quite intense for me as i had to analyze packets and traffics in Wireshark to see the change. After lots of debugging I finally managed to see it. Now the only thing left to do was to implement a switch to use this option.

Day 2, I implemented the switch –disable-tls13-middlebox in curl :

Screenshot from 2018-11-04 11-04-27
options added for curl

I ran the newly compiled curl with the new switch without any errors. I created a pull request for curl repository in github.

Day 3, as i had enough time to accomplish another task, i opted for implementing PHA ( Post Handshake Authentication ) in Nagios-plugins.

I compiled the code successfully, unfortunately i had to test it using an Apache server using TLS 1.3 protocol to see the change. Currently no servers are running apache with TLS 1.3.

I tried to compile Apache with TLS 1.3 but i had many issues with it.
So we could not test it. The work is still in progress.

We had a tough time to accomplish the tasks that was assigned to us. Apart coding we also had lots of fun in the pool and have delicious meal.

Thank you.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s