https://bugs.freedesktop.org/show_bug.cgi?id=56240
--- Comment #6 from Patrick Ohly <[email protected]> --- Note to self: when telling DAViCal to use Digest authentication according to http://wiki.davical.org/w/Configuration/settings/http_auth_mode, then it will still accept and use Basic authentication when SyncEvolution pro-actively includes the Basic auth header. The reason is apparently this check in /usr/share/davical/inc/HTTPAuthSession.php: function HTTPAuthSession() { global $c; if ( ! empty($_SERVER['PHP_AUTH_DIGEST'])) { $this->DigestAuthSession(); } => else if ( isset($_SERVER['PHP_AUTH_USER']) || isset($_SERVER["AUTHORIZATION"]) ) { => $this->BasicAuthSession(); } else if ( isset($c->http_auth_mode) && $c->http_auth_mode == "Digest" ) { $this->DigestAuthSession(); } else { $this->BasicAuthSession(); } } PHP_AUTH_USER is set and thus DAViCal never checks the http_auth_mode. Looks like a bug in DAViCal to me. After patching the code and resetting the password in the SQL database to plain text (required by Digest mode in DAViCal), I got the expected behavior: - Authentication: Basic sent by SyncEvolution - Rejected by DAViCal. - SyncEvolution sends request again with Digest authentication. - Request succeeds. Here's the log: $ SYNCEVOLUTION_DEBUG=1 ./syncevolution --daemon=no --print-items loglevel=20 target-config@client-test-davical carddav [DEBUG 00:00:00] Mon 2012-11-05 07:50:21 UTC = 07:50 +0000 UTC [DEBUG 00:00:00] using libneon neon 0.29.6: Library build, IPv6, libxml 2.7.8, zlib 1.2.6, GNU TLS 2.12.18. with SSL, ZLIB, IPV6, TS_SSL, I18N HTTP session to http://localhost:8009 begins. [DEBUG 00:00:00] carddav: slow sync or testing, do full item scan to detect changes [DEBUG 00:00:00] using libneon neon 0.29.6: Library build, IPv6, libxml 2.7.8, zlib 1.2.6, GNU TLS 2.12.18. with SSL, ZLIB, IPV6, TS_SSL, I18N [DEBUG 00:00:00] starting PROPFIND, credentials unverified, deadline in 120.0s ah_create, for WWW-Authenticate Running pre_send hooks [DEBUG 00:00:00] forced sending credentials Sending request headers: PROPFIND /caldav.php/test/addresses/ HTTP/1.1 Keep-Alive: Connection: TE, Keep-Alive TE: trailers Host: localhost:8009 Depth: 1 Content-Length: 141 Content-Type: application/xml Authorization: Basic dGVzdDp0ZXN0aW5n Sending request-line and headers: Doing DNS lookup on localhost... req: Connecting to 127.0.0.1:8009 Sending request body: Body block (141 bytes): [<?xml version="1.0" encoding="utf-8"?> <propfind xmlns="DAV:"><prop> <getetag xmlns="DAV:"/> <resourcetype xmlns="DAV:"/> </prop></propfind> ] Request sent; retry is 0. [status-line] < HTTP/1.1 401 Unauthorized [hdr] Date: Mon, 05 Nov 2012 07:50:21 GMT Header Name: [date], Value: [Mon, 05 Nov 2012 07:50:21 GMT] [hdr] Server: Apache/2.2.22 (Linux/SUSE) Header Name: [server], Value: [Apache/2.2.22 (Linux/SUSE)] [hdr] X-Powered-By: PHP/5.3.15 Header Name: [x-powered-by], Value: [PHP/5.3.15] [hdr] WWW-Authenticate: Digest realm="DAViCal CalDAV Server", qop="auth", nonce="7427c1c260c7f1e2293e3f2a7440ffa41b81 84c2", opaque="32d4d9c8c17aa5cf5347d64a2a5d312a1fde4133", algorithm="MD5" Header Name: [www-authenticate], Value: [Digest realm="DAViCal CalDAV Server", qop="auth", nonce="7427c1c260c7f1e2293 e3f2a7440ffa41b8184c2", opaque="32d4d9c8c17aa5cf5347d64a2a5d312a1fde4133", algorithm="MD5"] [hdr] Content-Length: 40 Header Name: [content-length], Value: [40] [hdr] Keep-Alive: timeout=15, max=100 Header Name: [keep-alive], Value: [timeout=15, max=100] [hdr] Connection: Keep-Alive Header Name: [connection], Value: [Keep-Alive] [hdr] Content-Type: text/plain; ; charset="utf-8" Header Name: [content-type], Value: [text/plain; ; charset="utf-8"] [hdr] End of headers. Running post_headers hooks Reading 40 bytes of response body. Got 40 bytes. Read block (40 bytes): [Please log in for access to this system.] Running post_send hooks ah_post_send (#0), code is 401 (want 401), WWW-Authenticate is Digest realm="DAViCal CalDAV Server", qop="auth", nonc e="7427c1c260c7f1e2293e3f2a7440ffa41b8184c2", opaque="32d4d9c8c17aa5cf5347d64a2a5d312a1fde4133", algorithm="MD5" auth: Got challenge (code 401). auth: Got 'Digest' challenge. auth: Trying Digest challenge... [DEBUG 00:00:00] retry request with credentials auth: Got qop, using 2617-style. auth: H(A1) is [40781b661e9b4d5c3b5dc047702bc85f] auth: Accepting digest challenge. auth: Accepted Digest challenge. Running pre_send hooks auth: Sending 'Digest' response. auth: H(A2): c8eb1df0ed987f0b02cfb56bc50d24a3 Sending request headers: PROPFIND /caldav.php/test/addresses/ HTTP/1.1 Keep-Alive: Connection: TE, Keep-Alive TE: trailers Host: localhost:8009 Depth: 1 Content-Length: 141 Content-Type: application/xml Authorization: Digest username="test", realm="DAViCal CalDAV Server", nonce="7427c1c260c7f1e2293e3f2a7440ffa41b8184c2", uri="/caldav.php/test/addresses/", response="6325f0294db875783c839afde5817b6f", algorithm="MD5", opaque="32d4d9c8c17aa5cf5347d64a2a5d312a1fde4133", cnonce="ef2665b2a91f6f6e160011b8d028a267", nc=00000001, qop="auth" Sending request-line and headers: Sending request body: Body block (141 bytes): [<?xml version="1.0" encoding="utf-8"?> <propfind xmlns="DAV:"><prop> <getetag xmlns="DAV:"/> <resourcetype xmlns="DAV:"/> </prop></propfind> ] Request sent; retry is 1. [status-line] < HTTP/1.1 207 Multi-Status [hdr] Date: Mon, 05 Nov 2012 07:50:21 GMT Header Name: [date], Value: [Mon, 05 Nov 2012 07:50:21 GMT] [hdr] Server: Apache/2.2.22 (Linux/SUSE) Header Name: [server], Value: [Apache/2.2.22 (Linux/SUSE)] [hdr] X-Powered-By: PHP/5.3.15 Header Name: [x-powered-by], Value: [PHP/5.3.15] [hdr] DAV: 1, 2, 3, access-control, calendar-access, calendar-schedule Header Name: [dav], Value: [1, 2, 3, access-control, calendar-access, calendar-schedule] [hdr] DAV: extended-mkcol, bind, addressbook, calendar-auto-schedule, calendar-proxy Header Name: [dav], Value: [extended-mkcol, bind, addressbook, calendar-auto-schedule, calendar-proxy] [hdr] ETag: "7a2f62379f0797dc9d59ebaf58982267" Header Name: [etag], Value: ["7a2f62379f0797dc9d59ebaf58982267"] [hdr] X-DAViCal-Version: DAViCal/1.1.1; DB/1.2.11 Header Name: [x-davical-version], Value: [DAViCal/1.1.1; DB/1.2.11] [hdr] Content-Length: 5321 Header Name: [content-length], Value: [5321] [hdr] Keep-Alive: timeout=15, max=99 Header Name: [keep-alive], Value: [timeout=15, max=99] [hdr] Connection: Keep-Alive Header Name: [connection], Value: [Keep-Alive] [hdr] Content-Type: text/xml; charset="utf-8" Header Name: [content-type], Value: [text/xml; charset="utf-8"] [hdr] End of headers. Running post_headers hooks Reading 5321 bytes of response body. Got 3616 bytes. Read block (3616 bytes): [<?xml version="1.0" encoding="utf-8" ?> <multistatus xmlns="DAV:" xmlns:C="urn:ietf:params:xml:ns:carddav"> <response> <href>/caldav.php/test/addresses/</href> <propstat> <prop> <resourcetype> <collection/> <C:addressbook/> </resourcetype> </prop> <status>HTTP/1.1 200 OK</status> ... In other words, I cannot reproduce the problem yet. I'll try the Apache + Radicale combination next. -- You are receiving this mail because: You are on the CC list for the bug. You are the assignee for the bug.
_______________________________________________ Syncevolution-issues mailing list [email protected] http://lists.syncevolution.org/listinfo/syncevolution-issues
