inno-devops-labs · MostafaKhaled2017 · Jun 6, 2026 · Jun 6, 2026 · Jun 6, 2026 · Jun 6, 2026
diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md
@@ -0,0 +1,13 @@
+## Goal
+<!-- What does this PR accomplish? 1 sentence. -->
+
+## Changes
+-
+
+## Testing
+<!-- How did you verify it? -->
+
+## Checklist
+- [ ] Title is a clear sentence (<= 70 chars)
+- [ ] Commits are signed (`git log --show-signature`)
+- [ ] `submissions/labN.md` updated
diff --git a/images/lab4/client_hello.png b/images/lab4/client_hello.png
diff --git a/images/lab4/server_hello.png b/images/lab4/server_hello.png
diff --git a/lab4-tls-cert-chain.txt b/lab4-tls-cert-chain.txt
@@ -0,0 +1,91 @@
+depth=1 CN = Caddy Local Authority - ECC Intermediate
+verify error:num=20:unable to get local issuer certificate
+verify return:1
+depth=0 
+verify return:1
+CONNECTED(00000003)
+---
+Certificate chain
+ 0 s:
+   i:CN = Caddy Local Authority - ECC Intermediate
+   a:PKEY: id-ecPublicKey, 256 (bit); sigalg: ecdsa-with-SHA256
+   v:NotBefore: Jun 16 07:45:40 2026 GMT; NotAfter: Jun 16 19:45:40 2026 GMT
+-----BEGIN CERTIFICATE-----
+MIIBvTCCAWSgAwIBAgIRAJrlOvv1xXKHJs6IYvG2GDIwCgYIKoZIzj0EAwIwMzEx
+MC8GA1UEAxMoQ2FkZHkgTG9jYWwgQXV0aG9yaXR5IC0gRUNDIEludGVybWVkaWF0
+ZTAeFw0yNjA2MTYwNzQ1NDBaFw0yNjA2MTYxOTQ1NDBaMAAwWTATBgcqhkjOPQIB
+BggqhkjOPQMBBwNCAAR30QYXszqgpQoJisP6BJKazM3X0r9hFqfZ8PFYhTMkM6t9
+ORUSqQJSgVLaJIuzY0rBy5FIcD6/RiyPoyKokQvKo4GLMIGIMA4GA1UdDwEB/wQE
+AwIHgDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFGqW
+9Ip7pHJHYDS8o8+gdl7Kn2HfMB8GA1UdIwQYMBaAFLjiPlDYrvwjQBfpko8JzWfw
+7AatMBcGA1UdEQEB/wQNMAuCCWxvY2FsaG9zdDAKBggqhkjOPQQDAgNHADBEAiAL
+41liEFpLWDPX3K5wr67EL5NLiuiljN8jPC2c6IlRnAIgGJMmUDojXL/pyZ9V8y8/
+EaCzv5vH9Nq74AYPDJ9cX2c=
+-----END CERTIFICATE-----
+ 1 s:CN = Caddy Local Authority - ECC Intermediate
+   i:CN = Caddy Local Authority - 2026 ECC Root
+   a:PKEY: id-ecPublicKey, 256 (bit); sigalg: ecdsa-with-SHA256
+   v:NotBefore: Jun 16 07:45:40 2026 GMT; NotAfter: Jun 23 07:45:40 2026 GMT
+-----BEGIN CERTIFICATE-----
+MIIBxzCCAW2gAwIBAgIQTpEU+/u8ZAawQawZScpyhDAKBggqhkjOPQQDAjAwMS4w
+LAYDVQQDEyVDYWRkeSBMb2NhbCBBdXRob3JpdHkgLSAyMDI2IEVDQyBSb290MB4X
+DTI2MDYxNjA3NDU0MFoXDTI2MDYyMzA3NDU0MFowMzExMC8GA1UEAxMoQ2FkZHkg
+TG9jYWwgQXV0aG9yaXR5IC0gRUNDIEludGVybWVkaWF0ZTBZMBMGByqGSM49AgEG
+CCqGSM49AwEHA0IABMZ6lJkcHW3lYICoaAeQkST2SSpRGrAiAlwc4vNV4cyU03ID
+UBAJ9TdBHLVear6Id6DAOYrbrJsuxgznhfs8wC2jZjBkMA4GA1UdDwEB/wQEAwIB
+BjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBS44j5Q2K78I0AX6ZKPCc1n
+8OwGrTAfBgNVHSMEGDAWgBQovihpmeas2KyZh1iplb9Sld9v7DAKBggqhkjOPQQD
+AgNIADBFAiEAtKbDrU6XBFRBC3IqwWqup/ur4RbjJVQiE9ZUufTenhkCIHSVJkxx
+nT2de8yXAU0LU9FMoA5Z2nkEFoaW5KZ3ajgP
+-----END CERTIFICATE-----
+---
+Server certificate
+subject=
+issuer=CN = Caddy Local Authority - ECC Intermediate
+---
+No client certificate CA names sent
+Peer signing digest: SHA256
+Peer signature type: ECDSA
+Server Temp Key: X25519, 253 bits
+---
+SSL handshake has read 1268 bytes and written 375 bytes
+Verification error: unable to get local issuer certificate
+---
+New, TLSv1.3, Cipher is TLS_AES_128_GCM_SHA256
+Server public key is 256 bit
+Secure Renegotiation IS NOT supported
+Compression: NONE
+Expansion: NONE
+No ALPN negotiated
+Early data was not sent
+Verify return code: 20 (unable to get local issuer certificate)
+---
+DONE
+---
+Post-Handshake New Session Ticket arrived:
+SSL-Session:
+    Protocol  : TLSv1.3
+    Cipher    : TLS_AES_128_GCM_SHA256
+    Session-ID: 60E6B3958ABE456185453D6FFBC7DE704E4368426A5A7D5205E139A2AA6EC877
+    Session-ID-ctx: 
+    Resumption PSK: C0AA652F3FAD09EFC7E7D37E42115A077A4302514ECAB4B90DB585829BA3A5DF
+    PSK identity: None
+    PSK identity hint: None
+    SRP username: None
+    TLS session ticket lifetime hint: 604800 (seconds)
+    TLS session ticket:
+    0000 - a4 90 b0 cf 50 43 b5 d5-b9 58 76 37 09 5c a0 26   ....PC...Xv7.\.&
+    0010 - 96 0a 07 dd 7d 25 40 58-bd c1 f5 bd 15 e5 3a f5   ....}%@X......:.
+    0020 - 76 9a 90 11 7c 83 6a 9f-c5 4b 35 35 19 1c 23 48   v...|.j..K55..#H
+    0030 - b9 d5 24 87 78 4c f2 15-a2 fd 22 51 28 ed ec 4b   ..$.xL...."Q(..K
+    0040 - 15 7b 57 d1 1f 4b 48 f5-fc d7 19 e3 2a 13 7d a0   .{W..KH.....*.}.
+    0050 - cb 95 d5 a8 9f ef 54 2b-76 03 83 75 a1 da 81 f9   ......T+v..u....
+    0060 - c9 f9 90 ac c7 44 3c d5-c7                        .....D<..
+
+    Start Time: 1781596498
+    Timeout   : 7200 (sec)
+    Verify return code: 20 (unable to get local issuer certificate)
+    Extended master secret: no
+    Max Early Data: 0
+---
+read R BLOCK
diff --git a/lab4-tls.pcap b/lab4-tls.pcap
diff --git a/lab4-trace.pcap b/lab4-trace.pcap
diff --git a/lab4-trace.txt b/lab4-trace.txt
@@ -0,0 +1,124 @@
+10:07:22.001973 IP6 ::1.41078 > ::1.8080: Flags [S], seq 1569259689, win 65476, options [mss 65476,sackOK,TS val 384143260 ecr 0,nop,wscale 14], length 0
+`.m..(.@.................................v..]............0.........
+............
+10:07:22.002000 IP6 ::1.8080 > ::1.41078: Flags [S.], seq 3570494351, ack 1569259690, win 65464, options [mss 65476,sackOK,TS val 384143260 ecr 384143260,nop,wscale 14], length 0
+`.Nz.(.@...................................v..k.]........0.........
+............
+10:07:22.002013 IP6 ::1.41078 > ::1.8080: Flags [.], ack 1, win 4, options [nop,nop,TS val 384143260 ecr 384143260], length 0
+`.m.. .@.................................v..].....k......(.....
+........
+10:07:22.002070 IP6 ::1.41078 > ::1.8080: Flags [P.], seq 1:175, ack 1, win 4, options [nop,nop,TS val 384143260 ecr 384143260], length 174: HTTP: POST /notes HTTP/1.1
+`.m....@.................................v..].....k............
+........POST /notes HTTP/1.1
+Host: localhost:8080
+User-Agent: curl/8.5.0
+Accept: */*
+Content-Type: application/json
+Content-Length: 39
+
+{"title":"trace me","body":"in flight"}
+10:07:22.002074 IP6 ::1.8080 > ::1.41078: Flags [.], ack 175, win 4, options [nop,nop,TS val 384143260 ecr 384143260], length 0
+`.Nz. .@...................................v..k.]..X.....(.....
+........
+10:07:22.003042 IP6 ::1.8080 > ::1.41078: Flags [P.], seq 1:207, ack 175, win 4, options [nop,nop,TS val 384143261 ecr 384143260], length 206: HTTP: HTTP/1.1 201 Created
+`.Nz...@...................................v..k.]..X...........
+........HTTP/1.1 201 Created
+Content-Type: application/json
+Date: Tue, 16 Jun 2026 07:07:22 GMT
+Content-Length: 93
+
+{"id":7,"title":"trace me","body":"in flight","created_at":"2026-06-16T07:07:22.002480556Z"}
+
+10:07:22.003080 IP6 ::1.41078 > ::1.8080: Flags [.], ack 207, win 4, options [nop,nop,TS val 384143261 ecr 384143261], length 0
+`.m.. .@.................................v..]..X..l^.....(.....
+........
+10:07:22.003282 IP6 ::1.41078 > ::1.8080: Flags [F.], seq 175, ack 207, win 4, options [nop,nop,TS val 384143261 ecr 384143261], length 0
+`.m.. .@.................................v..]..X..l^.....(.....
+........
+10:07:22.003353 IP6 ::1.8080 > ::1.41078: Flags [F.], seq 207, ack 176, win 4, options [nop,nop,TS val 384143262 ecr 384143261], length 0
+`.Nz. .@...................................v..l^]..Y.....(.....
+........
+10:07:22.003378 IP6 ::1.41078 > ::1.8080: Flags [.], ack 208, win 4, options [nop,nop,TS val 384143262 ecr 384143262], length 0
+`.m.. .@.................................v..]..Y..l_.....(.....
+........
+10:12:01.557276 IP6 ::1.35994 > ::1.8080: Flags [S], seq 1629583095, win 65476, options [mss 65476,sackOK,TS val 384422815 ecr 0,nop,wscale 14], length 0
+`....(.@....................................a!v..........0.........
+............
+10:12:01.557299 IP6 ::1.8080 > ::1.35994: Flags [S.], seq 1230713277, ack 1629583096, win 65464, options [mss 65476,sackOK,TS val 384422816 ecr 384422815,nop,wscale 14], length 0
+`..\.(.@....................................I[1.a!v......0.........
+............
+10:12:01.557311 IP6 ::1.35994 > ::1.8080: Flags [.], ack 1, win 4, options [nop,nop,TS val 384422816 ecr 384422816], length 0
+`.... .@....................................a!v.I[1......(.....
+........
+10:12:01.557359 IP6 ::1.35994 > ::1.8080: Flags [P.], seq 1:84, ack 1, win 4, options [nop,nop,TS val 384422816 ecr 384422816], length 83: HTTP: GET /health HTTP/1.1
+`....s.@....................................a!v.I[1......{.....
+........GET /health HTTP/1.1
+Host: localhost:8080
+User-Agent: curl/8.5.0
+Accept: */*
+
+
+10:12:01.557363 IP6 ::1.8080 > ::1.35994: Flags [.], ack 84, win 4, options [nop,nop,TS val 384422816 ecr 384422816], length 0
+`..\. .@....................................I[1.a!wK.....(.....
+........
+10:12:01.557560 IP6 ::1.8080 > ::1.35994: Flags [P.], seq 1:135, ack 84, win 4, options [nop,nop,TS val 384422816 ecr 384422816], length 134: HTTP: HTTP/1.1 200 OK
+`..\...@....................................I[1.a!wK...........
+........HTTP/1.1 200 OK
+Content-Type: application/json
+Date: Tue, 16 Jun 2026 07:12:01 GMT
+Content-Length: 26
+
+{"notes":7,"status":"ok"}
+
+10:12:01.557577 IP6 ::1.35994 > ::1.8080: Flags [.], ack 135, win 4, options [nop,nop,TS val 384422816 ecr 384422816], length 0
+`.... .@....................................a!wKI[2D.....(.....
+........
+10:12:01.557639 IP6 ::1.35994 > ::1.8080: Flags [F.], seq 84, ack 135, win 4, options [nop,nop,TS val 384422816 ecr 384422816], length 0
+`.... .@....................................a!wKI[2D.....(.....
+........
+10:12:01.557671 IP6 ::1.8080 > ::1.35994: Flags [F.], seq 135, ack 85, win 4, options [nop,nop,TS val 384422816 ecr 384422816], length 0
+`..\. .@....................................I[2Da!wL.....(.....
+........
+10:12:01.557688 IP6 ::1.35994 > ::1.8080: Flags [.], ack 136, win 4, options [nop,nop,TS val 384422816 ecr 384422816], length 0
+`.... .@....................................a!wLI[2E.....(.....
+........
+10:13:08.030007 IP6 ::1.43750 > ::1.8080: Flags [S], seq 3364631319, win 65476, options [mss 65476,sackOK,TS val 384489288 ecr 0,nop,wscale 14], length 0
+`..O.(.@......................................3..........0.........
+...H........
+10:13:08.030026 IP6 ::1.8080 > ::1.43750: Flags [S.], seq 3430200936, ack 3364631320, win 65464, options [mss 65476,sackOK,TS val 384489288 ecr 384489288,nop,wscale 14], length 0
+`.@3.(.@.....................................t.h..3......0.........
+...H...H....
+10:13:08.030039 IP6 ::1.43750 > ::1.8080: Flags [.], ack 1, win 4, options [nop,nop,TS val 384489288 ecr 384489288], length 0
+`..O. .@......................................3..t.i.....(.....
+...H...H
+10:13:08.030094 IP6 ::1.43750 > ::1.8080: Flags [P.], seq 1:175, ack 1, win 4, options [nop,nop,TS val 384489288 ecr 384489288], length 174: HTTP: POST /notes HTTP/1.1
+`..O...@......................................3..t.i...........
+...H...HPOST /notes HTTP/1.1
+Host: localhost:8080
+User-Agent: curl/8.5.0
+Accept: */*
+Content-Type: application/json
+Content-Length: 39
+
+{"title":"trace me","body":"in flight"}
+10:13:08.030099 IP6 ::1.8080 > ::1.43750: Flags [.], ack 175, win 4, options [nop,nop,TS val 384489288 ecr 384489288], length 0
+`.@3. .@.....................................t.i..3......(.....
+...H...H
+10:13:08.031214 IP6 ::1.8080 > ::1.43750: Flags [P.], seq 1:207, ack 175, win 4, options [nop,nop,TS val 384489289 ecr 384489288], length 206: HTTP: HTTP/1.1 201 Created
+`.@3...@.....................................t.i..3............
+...I...HHTTP/1.1 201 Created
+Content-Type: application/json
+Date: Tue, 16 Jun 2026 07:13:08 GMT
+Content-Length: 93
+
+{"id":8,"title":"trace me","body":"in flight","created_at":"2026-06-16T07:13:08.030657439Z"}
+
+10:13:08.031236 IP6 ::1.43750 > ::1.8080: Flags [.], ack 207, win 4, options [nop,nop,TS val 384489289 ecr 384489289], length 0
+`..O. .@......................................3..t.7.....(.....
+...I...I
+10:13:08.031402 IP6 ::1.43750 > ::1.8080: Flags [F.], seq 175, ack 207, win 4, options [nop,nop,TS val 384489290 ecr 384489289], length 0
+`..O. .@......................................3..t.7.....(.....
+...J...I
+10:13:08.031497 IP6 ::1.8080 > ::1.43750: Flags [F.], seq 207, ack 176, win 4, options [nop,nop,TS val 384489290 ecr 384489290], length 0
+`.@3. .@.....................................t.7..3......(.....
+...J...J