S3 MT Gateway compatibility issue: CERTIFICATE_VERIFY_FAILED

Since I had such good luck getting HashBackup to work with uplink, I thought I’d try the S3 MT Gateway. My testing is on a very small VM (512M), so I figured using the MT Gateway would keep my memory usage down, even with a bunch of threads. Poor gateway has to handle all the erasure coding!

I’ve run into a couple of incompatibilities with S3. The first is that the gateway doesn’t support regular http connections. I know there can be replay attacks, but it seems a pretty low risk because each S3 request is timestamped and will be rejected after 15 minutes if replayed. Instead of honoring http requests, MTG redirects to https://…

The 2nd problem is:

dest storjs3: unable to start: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:726)
Traceback (most recent call last):
  File "/dest.py", line 211, in startdest
  File "/s3dest.py", line 362, in init1
  File "/opt/lib/python2.7/site-packages/boto/s3/connection.py", line 506, in get_bucket
    return self.head_bucket(bucket_name, headers=headers)
  File "/opt/lib/python2.7/site-packages/boto/s3/connection.py", line 525, in head_bucket
    response = self.make_request('HEAD', bucket_name, headers=headers)
  File "/opt/lib/python2.7/site-packages/boto/s3/connection.py", line 668, in make_request
    retry_handler=retry_handler
  File "/opt/lib/python2.7/site-packages/boto/connection.py", line 1071, in make_request
    retry_handler=retry_handler)
  File "/opt/lib/python2.7/site-packages/boto/connection.py", line 1030, in _mexe
    raise ex
SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:726)

I’m using Python 2.7.15 custom built with openssl 1.02r. No trouble connecting over SSL to AWS, Backblaze, Google Storage, and others. HB uses boto2 with a CA root file from the Requests project. I tried updating the CA file to the latest, but that didn’t help. I also checked the SSLLabs report for the MT Gateway and they can connect okay with openssl 1.0.2s, 1 rev higher.

I did some debugging output with the openssl command. This is without -servername (no SNI):

[jim@mb openssl-1.0.2r]$ ./apps/openssl s_client -connect gateway.us1.storjshare.io:443 -CAfile ~jim/hbrel/cacerts.crt
WARNING: can't open config file: /usr/local/ssl/openssl.cnf
CONNECTED(00000003)
depth=0 CN = TRAEFIK DEFAULT CERT
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 CN = TRAEFIK DEFAULT CERT
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
 0 s:/CN=TRAEFIK DEFAULT CERT
   i:/CN=TRAEFIK DEFAULT CERT
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIDXjCCAkagAwIBAgIRAL4c/zsOHFhtOI4tbEZBLZUwDQYJKoZIhvcNAQELBQAw
HzEdMBsGA1UEAxMUVFJBRUZJSyBERUZBVUxUIENFUlQwHhcNMjEwODEyMDMwMDE3
WhcNMjIwODEyMDMwMDE3WjAfMR0wGwYDVQQDExRUUkFFRklLIERFRkFVTFQgQ0VS
VDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN6Q4JdUb4+wPZRyoK9H
a6S+74tVrfWDHu5wc+NDpXqojIPS2vcc/9UhqJjtBYICVnQ+JGtJmhOs6jYwCUTW
idQAIwTKjaAM8nRD8Wl6SU+47zA1sY2cYMH3cNtE5XAq6DNblww06HQnF40aij7g
V1tqEwLxaksyeobSTZm+fsTb093RieHzzSw5vSVC8qzyeqAAIeOm+Hs953wGHXo6
WGzEwVBqTfmAv46eYnX7oBVa1ujI+d7D/JsdpS001bMbf5f/erqmf77jMn/UnBdT
TJqpCvEJkMqnn7v2iydQnoQMPITpifYS6BqEANRf4fkxg+jELUcrlFsPrEDbuxrv
PcUCAwEAAaOBlDCBkTAOBgNVHQ8BAf8EBAMCA7gwEwYDVR0lBAwwCgYIKwYBBQUH
AwEwDAYDVR0TAQH/BAIwADBcBgNVHREEVTBTglFkYjQwOTNmMmUyYWNiODg2NDhl
ZjA0NjNmZGRkNDBlMy5hYjBmZTE4NjZkYTk0MGJmMzU3MjlhYzVlNGRhOWI0NC50
cmFlZmlrLmRlZmF1bHQwDQYJKoZIhvcNAQELBQADggEBACTNHuSZUn+e7Qqu20BM
MPXPMGw4E0TTZUeMNc8qeyKJeH+Bsqe7F6otXRtnwOyaVn4jf0KwKFeXk30EnyMC
1rSfs5q3wgEvcNn1/V1w/FPI3OL2k4zPiGaoAgvv7D65T2pSYsxarMJ2E9Fyjtzv
LDRL128c2AaCmbbeQe0ZOj8V5KjLapEhwaNSAS4adi047h3gwrh46SmP0nKmdZeK
RGUtRtjJqEnHOOfwqsDPnzxYi263Gk3aGuBF7HYMe5JBRyTgtdH/3GsDyR3zhg5E
VChBpamdEiAGo1TY0ma4TJfQ8VZoy9HGYtedcMARmIPOf8zZIPSBo1WNK4UBpTi5
tbU=
-----END CERTIFICATE-----
subject=/CN=TRAEFIK DEFAULT CERT
issuer=/CN=TRAEFIK DEFAULT CERT
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 1487 bytes and written 437 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES256-GCM-SHA384
    Session-ID: 7D4AFE385D7D667D0E642C94344F0C8BC4E1C7469403480616BCB541B8B3CA33
    Session-ID-ctx: 
    Master-Key: DB14B955F28E5449B6A8B34FCA24CD7A4D2D7FFEDFE315AD83B321B4EA4ACBB4EA1E2B7A3444C175B945420BC94C9EAC
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket:
    0000 - 81 3c d6 47 12 d6 a0 c1-08 b8 6d f5 b0 54 41 b4   .<.G......m..TA.
    0010 - 03 05 ef 95 f5 ce b3 fc-45 37 ba a9 ff a7 5c 15   ........E7....\.
    0020 - 52 ab 09 f1 2b b2 5b 09-00 3b a6 bc 93 98 0b 32   R...+.[..;.....2
    0030 - 2a 7b 84 8b c4 ab 45 74-3e f8 16 ae 42 1d 19 18   *{....Et>...B...
    0040 - 19 2f 89 c9 00 ed 87 6b-0d be 9b af 6c 59 b0 c1   ./.....k....lY..
    0050 - 37 bc 0d 4e 1c d6 6f 37-3c ba 78 3d 32 0d 6f 76   7..N..o7<.x=2.ov
    0060 - 61 5f bd 9f b2 6e 6b 59-f9 4c 40 1d 55 0c fa 14   a_...nkY.L@.U...
    0070 - c9 4b 8f ef ac 22 b7 68-d4 fb e5 7d 57 e6 ed c3   .K...".h...}W...
    0080 - de                                                .

    Start Time: 1632173533
    Timeout   : 300 (sec)
    Verify return code: 21 (unable to verify the first certificate)
---
^C

Here’s with -servername:

[jim@mb openssl-1.0.2r]$ ./apps/openssl s_client -connect gateway.us1.storjshare.io:443 -servername gateway.us1.storjshare.io -CAfile ~jim/hbrel/cacerts.crt
WARNING: can't open config file: /usr/local/ssl/openssl.cnf
CONNECTED(00000003)
depth=3 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R3
verify return:1
depth=0 CN = gateway.us1.storjshare.io
verify return:1
---
Certificate chain
 0 s:/CN=gateway.us1.storjshare.io
   i:/C=US/O=Let's Encrypt/CN=R3
 1 s:/C=US/O=Let's Encrypt/CN=R3
   i:/C=US/O=Internet Security Research Group/CN=ISRG Root X1
 2 s:/C=US/O=Internet Security Research Group/CN=ISRG Root X1
   i:/O=Digital Signature Trust Co./CN=DST Root CA X3
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIGVzCCBT+gAwIBAgISBD8bIMrOeA7Zzqyq7fclqaDcMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMTA4MTIwMTU5NDlaFw0yMTExMTAwMTU5NDdaMCQxIjAgBgNVBAMT
GWdhdGV3YXkudXMxLnN0b3Jqc2hhcmUuaW8wggIiMA0GCSqGSIb3DQEBAQUAA4IC
DwAwggIKAoICAQDmlUmwthVA4r709du7ZhWtBmfe7u7jrSmTOeygLy1TGJWJpecN
RM5ETPiv3qJvWmKPfZY/Uk1aLLpUhyd1tumEbFkracRZzq4ZGzdgH7QA9Q/O/aVN
PPLpGxgyZnDjAofDja4r72b1Mo+aLPujfJaAfxZQ9UJ5gVR4Qkwhd5FxSzZZZIjD
3wS41KmCRRl6nXaAzygRcGKMDPUQs26y4r1mAggWtULXwveUwpvlZXYh5wYzLg1y
0PiLmlUIwZgroATg3VTa4I6CDUNETa8iKd6LGMNhMWYol5i//7zARnhwUNkh7amu
+ztXPVd7dB9cYVMmjqi/w6MLJZYSCL+Hxbpxr4RGrmvOCZNtSOE3+aAjPSDKw9cd
gmTRL2bNuTiq45n1/i6df7zQx0xCdemAgIYjV6Qe3Rv5pZbTmgVTRfVHZsF9Kyov
qInkhioz6mv2UIlC23nimj0JFvOxplwInbQ5tFhl8h2DJVz5UwSzd1rQglMytBga
JQneEMvzUw/PJR+sI5NC85NoOh6T4stL2bujqJmXR0Nb2x5ULQM3SUkkwIaooalr
SK1PIXzAnqXIITQRR6/QinEgh7d4Edrov8+3bgpJ5F/mbxi4itvbThKITGPQvUJy
/VyftM0sQ0bWO7tr55eKD5gyWeRZQOyQck5Rp7PQo/mnszBeHUJow+tpCwIDAQAB
o4ICczCCAm8wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
BgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBS+6EaZ5gcFqPrjpGEQfglz
w+5dizAfBgNVHSMEGDAWgBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcB
AQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEF
BQcwAoYWaHR0cDovL3IzLmkubGVuY3Iub3JnLzBBBgNVHREEOjA4ghsqLmdhdGV3
YXkudXMxLnN0b3Jqc2hhcmUuaW+CGWdhdGV3YXkudXMxLnN0b3Jqc2hhcmUuaW8w
TAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcC
ARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEGBgorBgEEAdZ5AgQCBIH3
BIH0APIAdwBc3EOS/uarRUSxXprUVuYQN/vV+kfcoXOUsl7m9scOygAAAXs4TTZD
AAAEAwBIMEYCIQD08vuK2HLE+rzHS5G3oawEWJ9/6QvC1OBxg9RgE4qyDQIhAJSc
AfQxmZwD0Xl3b887hrd+eqcCwmEy3Mrbmiwy5GpyAHcAfT7y+I//iFVoJMLAyp5S
iXkrxQ54CX8uapdomX4i8NcAAAF7OE02YAAABAMASDBGAiEAkMs3//wTznY30Gqo
SeKhFpQbrtEhq16O95zQdyQOXEUCIQC/+om7mZlfAKGmazaqFvUZXaYzrDCflhuA
TOehid4kXTANBgkqhkiG9w0BAQsFAAOCAQEAe8CnYsaUYajX9ghF9PR2vLwKamxg
NeCzqdPwaRImwu5diKg3oc8p4494WhsS3fGDWDToMS/UoSN+0xfOCxtJk1eyY2Cf
P+Pf8cLbyeHrqqN4fChY1enVKwn+d3pGBy04rbWSfkaF67VlHU0m73LDvBZBzbPf
hrmxKEh7hmMuVQHCbvTZs56aix2VpS7g3oRvIz3mrszSANqu3PtadQYM0E+OPFtH
40fEnzwDP0yW8zv0oJ/z4HBNuOiq3b1k+vsqSB+3yzLnRp27iUgtLGsS7A9c6Szq
Rclvd9vmrIYKhPMzBZuvO5GJUq1WHX9yp/+Vq3Mjrg63y87DR+to4cfz4g==
-----END CERTIFICATE-----
subject=/CN=gateway.us1.storjshare.io
issuer=/C=US/O=Let's Encrypt/CN=R3
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 5196 bytes and written 471 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 4096 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES256-GCM-SHA384
    Session-ID: B767870DA912E14DBB6A12933CDD49C0CA815DA003CBB54E868B0B5249ACDF8B
    Session-ID-ctx: 
    Master-Key: 60EE0C205D2C6C7AA326B3658904333893F06E9144DA32547E566648DA553950CBA32E101E126A69D361A6F35652C3E9
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket:
    0000 - 3a a9 96 7e 13 40 b7 d1-45 8a b4 aa 47 80 c8 ff   :..~.@..E...G...
    0010 - ae 6d 56 30 a3 0e dd e8-ff be a0 1c 61 da ad b4   .mV0........a...
    0020 - d7 ab 43 d2 b3 d1 92 9d-b2 88 8e 20 2f 2d e4 1e   ..C........ /-..
    0030 - 30 2c ea 15 22 32 ad 50-e2 95 02 ff b9 20 35 48   0,.."2.P..... 5H
    0040 - ca 4c 23 ff 48 13 25 ff-e2 c9 ff 9e e9 73 4f d1   .L#.H.%......sO.
    0050 - d1 b6 a1 ee ce d1 4d dc-d6 f1 91 49 dc 88 01 43   ......M....I...C
    0060 - a6 00 13 6a ea d8 d4 6d-88 af d1 76 5b c8 20 28   ...j...m...v[. (
    0070 - dd bc 0d ce 29 44 e3 1c-dc 0b a3 43 a0 d4 f3 76   ....)D.....C...v
    0080 - 42                                                B

    Start Time: 1632173400
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---
^C

So it looks like Python clients using boto2 can’t connect with the MT Gateway because boto2 doesn’t support SNI, though AWS connections work fine.

Footnotes:

Why still using Python 2? It’s faster than Python 3 in my tests and I don’t want to look through 100K+ lines of code for incompatibilies.

Why using boto2 instead of boto3? With boto3, Amazon uses a JSON file to define the API, then builds classes at runtime. This doesn’t play well with a static executable like HB.

Update: if there was only 1 server configured at gateway.us1.storjshare.io, I don’t think SNI would be required. This would let boto2 applications work on the gateway. Enabling non-SSL http on port 80 would also probably work.

Jim

Hi @hashbackup,

Allowing non SSL connections for gateway would expose unencrypted user data if server side encryption is used.

A ticket was created to look into removing SNI requirement for gateway service.

Regards,
Yaroslav

Thanks for the SNI ticket

It’s a good point, but if the purpose of the S3 MT gateway is to be truly S3 compatible, then any application that works on S3 should work on the gateway. If a customer was previously using Amazon S3 with http, they don’t care about exposing their data so Storj should not be concerned about it either. Allowing http requests on the S3 MT gateway would be just as secure as the customer’s experience on Amazon S3.

If we want to make the internet a “safer” place, then we should not rely on outdated standards.
We are doing a best effort compatibility (if you find somewhere where we say we are 100% compliant please highlight), but do not want sacrifice our goals, which one of them is putting the full ownership of the data back into the customers hand and nobody else

I got SNI to work with boto2 and Python 2.7.15 for HashBackup.

It might still be a good idea to remove the SNI requirement for Storj, because HB worked fine with S3, Wasabi, Dreamhost, Google Storage’s S3-compatible interface, etc. There may be other S3 applications that don’t do SNI but work fine with most S3-compatible storage services.