Deciphering the complex language behind the TLS specification is an exercise in patience. One of the common phrases I heard today was : “TLS is subtle”. Indeed, switching back and forth from one version of TLS to the other is interesting. One of the worst situations you can find yourself in is debugging cryptographic code. It’s easier when you do it on a piece of paper, where values aren’t hidden behind complex state transitions, and layers of code. Unfortunately, this is where many members of hackers.mu found themselves today. Dealing with obscure build scripts, and semi confusing API which resulted in weird interactions between TLS clients and servers that could drive anybody crazy.
However, if you’re patient enough, it eventually pays off. Codarren Velvindron was ahead of others when his code got committed into monit before the Hackathon even started. With more than enough time on his hand, he volunteered his time to setup a TLS 1.3 only server with a custom patch to lighttpd. Interestingly enough, it’s the only server running on lighttpd among the pool of TLS 1.3 servers worldwide. Aside from this, he was busy helping members with issues they were having.
I also got my laptop back, and Yasir brought in his large computer so that he could continue his work. He has the funny habit of breaking his OpenSSL in totally unexpected ways. Rahul Golam became a TLS hero overnight by getting his code to work in a climatic battle with an obscure dragon. Yash Paupiah, Nitin Mutkawoa and Kifah also got their code to work and the excitement of finally nailing it down was a memorable moment ! Nitin didn’t believe that the war was over. Codarren and myself had to convince him that he was done, and there was nothing more to add. Yash Paupiah wrestled with complex parser code written in a mixture of flex, yacc and C. He slew the 3 snakes.
Pirabarlen (selven) was able to complete an interesting task remotely from Danemark. Nigel Yong also jumped in and pushed his python skills to the limit. Exceptionally, we ate at 9:30 pm as most hackers had transcended the physical realm. Nobody bothered to think about lunch. Yasir had to work remotely for the rest of the afternoon but was still adamant on taming the TLS beast.
As I am writing this blog post (1:30 am), Muzaffar and Nigel are still not done. I guess that’s the Hackers.mu spirit :) Overall, it was a very productive & fun day. Pictures of Day 1: