[SOGo] BTS activities for Wednesday, June 28 2023

2023-06-28 Thread SOGo reporter 
Title: BTS activities for Wednesday, June 28 2023





  
BTS Activities

  Home page: https://bugs.sogo.nu
  Project: SOGo
  For the period covering: Wednesday, June 28 2023

  
  
idlast updatestatus (resolution)categorysummary
	
	
	  
	
5820
	2023-06-28 16:26:26
	updated (open)
	Web Calendar
	Directly open edit modal dialog after duplicating calendar event
	
	  
	
5818
	2023-06-28 09:23:50
	updated (open)
	with SOGo
	When trying different combinations of fonts and sizes, content overlaps
	
	  
	
5798
	2023-06-28 09:13:51
	resolved (fixed)
	Packaging (RedHat)
	kernel: sogod[1907582]: segfault libgnustep-base.so.1.24.9

Re: [SOGo] Different authentication for CalDAV/CardDAV accesses possible?

2023-06-28 Thread Kees van Vloten 



On 28-06-2023 13:13, Frank Richter (frank.rich...@hrz.tu-chemnitz.de) wrote:

Hello,

for Web access to our SOGo server we use LDAP authentication. This 
works for CalDAV/CardDAV as well.
We’d like to have another authentication method for CalDAV/CardDAV: 
same username, but different password (as users store those passwords 
in their apps, we’d like to have different password just for DAV 
accesses). Any hints how to achieve this are welcome.


We’ve Apache as reverse proxy in front of SOGo.
I have authentication delegated to the apache reverse proxy. With this I 
am able to achieve exactly what you describe but for sogo-webmail and 
sogo-activesync.


I have not tried to make caldav/carddav available for mobile devices 
since activesync includes that information. But I see no reason why 
apache cannot do this for *dav.


- Kees.



Thanks
Frank

Re: [SOGo] Timeout to fetch web calendars configurable?

2023-06-28 Thread smizr...@alinto.eu 

We have increase the timeout in the latests nightly build 
(https://bugs.sogo.nu/view.php?id=5781)

Can you try it ?

Sebastien

Le Mercredi, Juin 28, 2023 13:06 CEST, "Frank Richter" 
(frank.rich...@hrz.tu-chemnitz.de)  a écrit:
 Hello,

> If you are using Apache in front, maybe you can try to increase timeout as
> explained here :
> https://serverfault.com/questions/948312/apache-reverse-proxy-timeout-in-60-seconds
> 

We use Apache in front, but this timeout occurs when SOGo fetches the
calendar from the CalDAV server. So it’s IMHO a timeout in SOGo.
We now take a look why the CalDAV server needs more than 20 secs to deliver
the data to SOGo.

Frank

>
> Le Vendredi, Juin 23, 2023 09:42 CEST, "Frank Richter"
> (frank.rich...@hrz.tu-chemnitz.de)  a écrit:
>> Hello,
>>
>> when users subscribe to web calendars (CalDAV) we see timeouts, when the
>> CalDAV server answers too slow:
>>
>> Jun 23 09:27:11 sogod [2125260]:
>> <0x5574f1f944d0[SOGoWebAppointmentFolder]:206DCC-64954980-19-3E98F2C0> Load
>> web calendar https://….tu-chemnitz.de/users/…/calendar/ (401)
>> Jun 23 09:27:39 sogod [2125260]: [ERROR]
>> <0x5574f190c590[SOGoWebAppointmentFolder]:206DCC-64954980-19-3E98F2C0> CURL
>> error while accessing https://….tu-chemnitz.de/users/…/calendar/ (28):
>> Operation timed out after 2 milliseconds with 229376 bytes received
>>
>> Is this timeout value configurable in SOGo?


--
Frank Richter
Chemnitz University of Technology, Germany
 

 

[SOGo] Different authentication for CalDAV/CardDAV accesses possible?

2023-06-28 Thread Frank Richter 

Hello,

for Web access to our SOGo server we use LDAP authentication. This works for 
CalDAV/CardDAV as well.
We’d like to have another authentication method for CalDAV/CardDAV: same 
username, but different password (as users store those passwords in their 
apps, we’d like to have different password just for DAV accesses). Any hints 
how to achieve this are welcome.


We’ve Apache as reverse proxy in front of SOGo.

Thanks
Frank

--
Frank Richter
Facharbeitsgruppe Datenkommunikation
Universitätsrechenzentrum

Technische Universität Chemnitz
Straße der Nationen 62 | R. B302A
09111 Chemnitz
Germany

Tel: +49 371 531 31879
frank.rich...@hrz.tu-chemnitz.de
www.tu-chemnitz.de/urz



smime.p7s
Description: S/MIME Cryptographic Signature

Re: [SOGo] Timeout to fetch web calendars configurable?

2023-06-28 Thread Frank Richter 

Hello,

If you are using Apache in front, maybe you can try to increase timeout as 
explained here : 
https://serverfault.com/questions/948312/apache-reverse-proxy-timeout-in-60-seconds




We use Apache in front, but this timeout occurs when SOGo fetches the 
calendar from the CalDAV server. So it’s IMHO a timeout in SOGo.
We now take a look why the CalDAV server needs more than 20 secs to deliver 
the data to SOGo.


Frank



Le Vendredi, Juin 23, 2023 09:42 CEST, "Frank Richter" 
(frank.rich...@hrz.tu-chemnitz.de)  a écrit:

Hello,

when users subscribe to web calendars (CalDAV) we see timeouts, when the
CalDAV server answers too slow:

Jun 23 09:27:11 sogod [2125260]:
<0x5574f1f944d0[SOGoWebAppointmentFolder]:206DCC-64954980-19-3E98F2C0> Load
web calendar https://….tu-chemnitz.de/users/…/calendar/ (401)
Jun 23 09:27:39 sogod [2125260]: [ERROR]
<0x5574f190c590[SOGoWebAppointmentFolder]:206DCC-64954980-19-3E98F2C0> CURL
error while accessing https://….tu-chemnitz.de/users/…/calendar/ (28):
Operation timed out after 2 milliseconds with 229376 bytes received

Is this timeout value configurable in SOGo?



--
Frank Richter
Chemnitz University of Technology, Germany



smime.p7s
Description: S/MIME Cryptographic Signature

Re: [SOGo] SAML login not working / Keycloak 21.1.1 / Debian bookworm

2023-06-28 Thread Claas Hilbrecht 

Hi,

first of all, thanks for the help.

The profile.c if from the lasso module ->  
https://github.com/adieu/lasso/blob/master/lasso/saml-2.0/profile.c


We need to find which lasso function in SOGoSAML2Session.m (I  
assume, it may be another file)  is called and make that error, then  
check the arguments given.


I try to find the mentioned function with this changes:

--- SOGoSAML2Session.m ---
- (id) _initWithDump: (NSDictionary *) saml2Dump
   inContext: (WOContext *) context
{
  lasso_error_t rc;
  LassoServer *server;
  LassoProfile *profile;
  const gchar *dump;

  if ((self = [self init]))
{
  server = [SOGoSAML2Session lassoServerInContext: context];
  lassoLogin = lasso_login_new (server);
  if (saml2Dump)
{
  profile = LASSO_PROFILE (lassoLogin);

  ASSIGN (login, [saml2Dump objectForKey: @"login"]);
  ASSIGN (identifier, [saml2Dump objectForKey: @"identifier"]);
  ASSIGN (assertion, [saml2Dump objectForKey: @"assertion"]);
  ASSIGN(identity, [saml2Dump objectForKey: @"identity"]);
  dump = [identity UTF8String];
  if (dump)
{
  NSLog(@"_initWithDump/identity/pre: %@", dump);
  lasso_profile_set_identity_from_dump (profile, dump);
  NSLog(@"_initWithDump/identity/pore: %@", dump);
}

---

---
Jun 28 09:00:30 sogod [831]: |SOGo| request took 0.102924 seconds to execute
Jun 28 09:00:30 sogod [831]: 79.140.187.148, 172.27.11.107 "POST  
/SOGo/saml2-signon-post HTTP/1.1" 302 0/12977 0.105 - - 692K - 12
Jun 28 09:00:30 sogod [831]: |SOGo| starting method 'GET' on uri  
'/SOGo//claas.hilbre...@linum.com'


Program received signal SIGSEGV, Segmentation fault.
0x77439d35 in objc_msg_lookup () from  
/lib/x86_64-linux-gnu/libobjc.so.4

(gdb) bt
#0  0x77439d35 in objc_msg_lookup () at  
/lib/x86_64-linux-gnu/libobjc.so.4

#1  0x76dc45cc in GSPrivateFormat
(s=s@entry=0x7fffa9f0, format=format@entry=0x7fffaa30,  
ap=ap@entry=0x7fffbae0, locale=locale@entry=0x0) at  
./Source/GSFormat.m:1869
#2  0x76de9d69 in -[GSPlaceholderString  
initWithFormat:locale:arguments:]
(self=0x556ea340, _cmd=, format=out>, locale=0x0, argList=0x7fffbae0) at ./Source/GSString.m:1642
#3  0x76ec0674 in NSLogv (format=0x77fbf820  
<_OBJC_INSTANCE_24.9>, args=0x7fffbae0) at ./Source/NSLog.m:425
#4  0x76ec09e9 in NSLog (format=) at  
./Source/NSLog.m:297

#5  0x77f3e7ed in -[SOGoSAML2Session _initWithDump:inContext:]
(self=0x55ddd350, _cmd=0x77fc01b0  
<_OBJC_SELECTOR_TABLE+688>, saml2Dump=0x55746610,  
context=0x55ddce30)

at ./SoObjects/SOGo/SOGoSAML2Session.m:372
#6  0x77f3eb31 in +[SOGoSAML2Session _SAML2SessionWithDump:inContext:]
(self=0x77fbfd80 <_OBJC_Class_SOGoSAML2Session>,  
_cmd=0x77fc01d0 <_OBJC_SELECTOR_TABLE+720>,  
saml2Dump=0x55746610, context=0x55ddce30)

at ./SoObjects/SOGo/SOGoSAML2Session.m:413
#7  0x77f3ec69 in +[SOGoSAML2Session  
SAML2SessionWithIdentifier:inContext:]

---

RE: [SOGo] SAML login not working / Keycloak 21.1.1 / Debian bookworm

2023-06-28 Thread qhivert 
Hello,
The profile.c if from the lasso module -> 
https://github.com/adieu/lasso/blob/master/lasso/saml-2.0/profile.c

We need to find which lasso function in SOGoSAML2Session.m (I assume, it may be 
another file)  is called and make that error, then check the arguments given.

Quentin

-Original Message-
From: users-requ...@sogo.nu  On Behalf Of Claas Hilbrecht
Sent: mardi 27 juin 2023 20:55
To: users@sogo.nu
Subject: Re: [SOGo] SAML login not working / Keycloak 21.1.1 / Debian bookworm

Hi,

I recompiled the sogo 5.8.4 package from Debian sid and added some NSLog 
outputs. So I can confirm that the SAML response is really ok and the content 
is fine. But it seems something in my setup is wrong.

SOGo writes the current session to the sogo_sessions_folder. This works fine, 
the content in stored in the mysql db. But after storing the session two errors 
get logged:

---
(process:20775): Lasso-CRITICAL **: 20:45:24.648: 2023-06-27 20:45:24  
(profile.c/:913) Trying to unref a non GObject pointer  
file=profile.c:913 pointerbybname=profile->identity  
pointer=0x55c2ab612ec0

(process:20775): Lasso-CRITICAL **: 20:45:24.648: 2023-06-27 20:45:24  
(profile.c/:916) Trying to unref a non GObject pointer  
file=profile.c:916 pointerbybname=profile->session  
pointer=0x55c2ab547c90
---

I can't find the profile.c source code for now but I assumed sogo  
tried to read from the table sogo_user_profile the users profile. But  
even after creating this entry

INSERT INTO `sogo_user_profile` (`c_uid`, `c_defaults`, `c_settings`) VALUES
('claas.hilbre...@example.com', '{}', '{}');

I still get the above error... So what I'm missing?

---
Jun 27 18:45:24 sogod [20775]: 79.140.187.148, 172.27.11.107 "GET  
/SOGo//claas.hilbre...@example.com HTTP/1.1" 302 0/0 0.015 - - 0 - 13
Jun 27 18:45:24 sogod [20775]: |SOGo| starting method 'POST' on uri  
'/SOGo/saml2-signon-post'
2023-06-27 18:45:24.643 sogod[20775:20775] loginA: claas.hilbre...@example.com
2023-06-27 18:45:24.643 sogod[20775:20775] loginB: claas.hilbre...@example.com
2023-06-27 18:45:24.643 sogod[20775:20775] loginC: claas.hilbre...@example.com
2023-06-27 18:45:24.643 sogod[20775:20775] assertionA: https://auth.example.com/realms/masterhttp://www.w3.org/2000/09/xmldsig#;>http://www.w3.org/2001/10/xml-exc-c14n#"/>http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>http://www.w3.org/2001/10/xml-exc-c14n#"/>http://www.w3.org/2001/04/xmlenc#sha256"/>KNo7JjLw1k6KyvJCzBkw6firW3TO2IvMr9Z+NiIeJqE=aDvUyS7iFXxi9ILF6byZeh1wbmqu2928G2KNa7zWGGEK0bDTv6udgHtoVnaBJ1+s4JE7G5QCBc/0KdmK+qveGwITcTXLSaSZHZuKfF3Nd1Q8HbA/m7YX9F0E8qFHBQkBCGvbSiR2Jttn2YXkGsxy+T455dV24Fl840KkM9ENiG4e2kHExHdM1aFMQbgBMxdJcWhBTkatnawBvSv5PpTvG8u0bU4UX7RlsdGnK+OnWCCe8tH1aKLUUaDRANuiEzroyVdBLbXEnmiYLru8QIx9ycckrx6NuIw6kNX73g07S5uQUS9fxemYs6BRNcHUHboL/aRPdq1XrgUDdBsTdDiFdQ==lW-L-g3kaWfrc5goQbcyY8W77J3-dWbKGA1joPXW19MMIICmzCCAYMCBgGAiWAFjDANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDDAZtYXN0ZXIwHhcNMjIwNTAzMTAwMTUzWhcNMzIwNTAzMTAwMzMzWjARMQ8wDQYDVQQDDAZtYXN0ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCKbGwTJIDI7FURSwl83/CH15MTTVXN9ieRRcJ6Bd/tXogpNLMpqKCbMT3gdn7mF9XR+xNryKCwPIcDO2TMOE9yXxyLe4SQvj06zR+dK/v63sJk783rRO7APLFmoamQtONDc5nfqz3DpKbTCO0AqIK8Ki44TzQviEYaMzidApMI46bDl0ep5o/zCgzmNlVIZFdah4wp7c1wRw3+RVlrgJonT3dY7C+mHhLYrQ+pZsWb/6hmt1mvglf+Vh6iQrt6/I7uCMHH9LxxdRyaCCLZly6Zdei0qjlmp+VRTm+EMscct6kmeOgAXX5KCSh6n+flx7neL+MlQ0fgtGaBrnaxLzPDAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGOhSwEHfHPbBk/QmyYfIvvMekDEj6iZCx/mrLRY0QuZzimsGgTFGM4kHH3kBwRvrswiB/VFloUrAtSBK6/NLc7CGNAdZ+pazOYcD/b0FtmoeGNixQluXVPdzsLYLVVvxHC/XrHS7C9Ne2bfwal+OP5c/emuNuV6PSmqo8XZhSP3025TapoDph+07DKRZUiJbCYcKgWrW+/UbaLCi0enf7qY2q7f8ztCwMxkClNN1RxQb/Fh78CG8eIW5hypyP/FLMlcOiDMLynwoSxSuinuIT/pzS8KW5nh8CftevPh8peCrlLv6Xzux7Ys3FANnXOhUEKsgM1c+PTen87Nq3JZ6RM=G-2594070f-2a5d-452d-8a25-97a59350d785https://sogo.example.com/SOGo/saml2-signon-post"/>https://sogo.example.com/SOGo/saml2-metadataurn:oasis:names:tc:SAML:2.0:ac:classes:unspecifiedhttp://www.w3.org/2001/XMLSchema; 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance; 
xsi:type="xs:string">claas.hilbre...@example.comhttp://www.w3.org/2001/XMLSchema; 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance;  
xsi:type="xs:string">clahil
2023-06-27 18:45:24.643 sogod[20775:20775] identifierA:  
G-2594070f-2a5d-452d-8a25-97a59350d785
2023-06-27 18:45:24.645 sogod[20775:20775]  
 SQL:  
BEGIN;
2023-06-27 18:45:24.646 sogod[20775:20775]  
   query  
has no results.
2023-06-27 18:45:24.646 sogod[20775:20775]  
 SQL:  
SELECT t1.c_creationdate, t1.c_id, t1.c_lastseen, t1.c_value FROM   
sogo_sessions_folder t1 WHERE t1.c_id='AY9zox6L6tlqhvTT';
2023-06-27 18:45:24.646 sogod[20775:20775]  
   query  
has results, entering fetch-mode.
2023-06-27 18:45:24.646 sogod[20775:20775]  
 SQL:  
ROLLBACK;
2023-06-27 18:45:24.646 sogod[20775:20775]  
   query  
has no results.
2023-06-27 18:45:24.646 sogod[20775:20775]  
 SQL:  
BEGIN;
2023-06-27 18:45:24.646 sogod[20775:20775]