search

pimutils / vdirsyncer

📇 Synchronize calendars and contacts.
https://vdirsyncer.pimutils.org/
Other
1.53k stars 158 forks source link

Support digest auth in HTTP #749

Open controlcde opened 6 years ago

controlcde commented 6 years ago

I think it is better to create a new issue instead of discussion the problem on #740: I´ve installed a debian stretch machine with vdirsyncer-latest from https://packagecloud.io/pimutils/vdirsyncer but it doesn´t work :(.

error: Unknown error occurred for Kalender/calendar: http://OLDSERVER:8008/calendars/__uids__/UID/calendar/: Client Error: 401 Unauthorized
error: Use `-vdebug` to see the full traceback.
debug:   File "/opt/venvs/vdirsyncer-latest/lib/python3.5/site-packages/vdirsyncer/cli/tasks.py", line 69, in sync_collection
debug:     partial_sync=pair.partial_sync
debug:   File "/opt/venvs/vdirsyncer-latest/lib/python3.5/site-packages/vdirsyncer/sync/__init__.py", line 142, in sync
debug:     a_nonempty = a_info.prepare_new_status()
debug:   File "/opt/venvs/vdirsyncer-latest/lib/python3.5/site-packages/vdirsyncer/sync/__init__.py", line 46, in prepare_new_status
debug:     for href, etag in self.storage.list():
debug:   File "/opt/venvs/vdirsyncer-latest/lib/python3.5/site-packages/vdirsyncer/storage/_rust.py", line 18, in list
debug:     native.check_error(e)
debug:   File "/opt/venvs/vdirsyncer-latest/lib/python3.5/site-packages/vdirsyncer/native.py", line 29, in check_error
debug:     errors.check_exception(e[0])
debug:   File "/opt/venvs/vdirsyncer-latest/lib/python3.5/site-packages/shippai/__init__.py", line 112, in check_exception
debug:     _raise_with_more_frames(exc, frames)
debug:   File "/opt/venvs/vdirsyncer-latest/lib/python3.5/site-packages/shippai/__init__.py", line 208, in _raise_with_more_frames
debug:     raise exc
error: 1 out of 2 tasks failed.

and on the old calendarserver:

2018-06-19 12:27:18+0200 [-] [caldav-6]  [-] [twistedcaldav.extensions#error] Client authentication scheme basic is not provided by server ['digest']

in my conf file I set up:

[general]
# A folder where vdirsyncer can store some metadata about each pair.
status_path = "~/vds/status/"

# CALDAV
[pair Kalender]
a = "Kalender_alt"
b = "Kalender_neu"
collections = ["calendar"]
conflict_resolution = "a wins"
metadata = ["color", "displayname"]
partial_sync = "ignore"

[storage Kalender_alt]
type = "caldav"
url = "http://OLDSERVER:8008/principals/__uids__/UID/"
auth = "digest"
username = "USER"
password = "PASSWORD"
read_only = true
item_types = ["VEVENT"]

[storage Kalender_neu]
type = "caldav"
url = "https://NEWSERVER:443/principals/users/USER/"
auth = "digest"
verify_fingerprint = "FP"
username = "USER"
password = "PASSWORD"
untitaker commented 6 years ago

The HTTP library we use in Rust (reqwest, in turn based on hyper) doesn't support anything but basic and bearer authentication.

We would have to implement digest auth ourselves, but I would rather avoid this as long as we don't make ourselves incompatible with an existing server. Digest auth has no place in a modern networking stack assuming you're using HTTPS like everybody else.