403 response from Fastmail when syncing phone contacts

AutoImport-burk

Hi,

I’ve been trying to sync my contacts to Fastmail. Installing DAVDroid worked fine. Syncing from Fastmail to the phone worked fine. Creating a “Testing” contact on the phone and syncing to Fastmail worked. Then I copied all my Google contacts into the Fastmail group (on the phone). DAVDroid then crashes because it gets a 403 response.

D/HttpClient(29355): Secure session established
D/HttpClient(29355):  negotiated protocol: TLSv1.2
D/HttpClient(29355):  negotiated cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
D/HttpClient(29355):  peer principal: CN=*.messagingengine.com, O=FastMail Pty Ltd, L=Melbourne, ST=Victoria, C=AU
D/HttpClient(29355):  peer alternative names: [*.messagingengine.com, messagingengine.com, mail.messagingengine.com, dav.messagingengine.com, caldav.messagingengine.com, carddav.messagingengine.com]
D/HttpClient(29355):  issuer principal: CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US
D/HttpClient(29355): Connection established 192.168.1.230:40466<->66.111.4.58:443
D/HttpClient(29355): Executing request PROPFIND /dav/addressbooks/user/user@fastmail.fm/Default/ HTTP/1.1
D/HttpClient(29355): Target auth state: CHALLENGED
D/HttpClient(29355): Proxy auth state: UNCHALLENGED
D/Wire    (29355): http-outgoing-1 >> "PROPFIND /dav/addressbooks/user/user@fastmail.fm/Default/ HTTP/1.1[\r][\n]"
D/Wire    (29355): http-outgoing-1 >> "Content-Type: text/xml; charset=UTF-8[\r][\n]"
D/Wire    (29355): http-outgoing-1 >> "Accept: text/xml[\r][\n]"
D/Wire    (29355): http-outgoing-1 >> "Depth: 0[\r][\n]"
D/Wire    (29355): http-outgoing-1 >> "Content-Length: 299[\r][\n]"
D/Wire    (29355): http-outgoing-1 >> "Host: carddav-d49.messagingengine.com[\r][\n]"
D/Wire    (29355): http-outgoing-1 >> "Connection: Keep-Alive[\r][\n]"
D/Wire    (29355): http-outgoing-1 >> "User-Agent: DAVdroid/0.8.4[\r][\n]"
D/Wire    (29355): http-outgoing-1 >> "Authorization: Basic somethingsomething[\r][\n]"
D/Wire    (29355): http-outgoing-1 >> "[\r][\n]"
D/Wire    (29355): http-outgoing-1 >> "<propfind xmlns="DAV:">[\n]"
D/Wire    (29355): http-outgoing-1 >> "   <prop>[\n]"
D/Wire    (29355): http-outgoing-1 >> "      <A:calendar-color xmlns:A="http://apple.com/ns/ical/"/>[\n]"
D/Wire    (29355): http-outgoing-1 >> "      <displayname/>[\n]"
D/Wire    (29355): http-outgoing-1 >> "      <CS:getctag xmlns:CS="http://calendarserver.org/ns/"/>[\n]"
D/Wire    (29355): http-outgoing-1 >> "      <resourcetype/>[\n]"
D/Wire    (29355): http-outgoing-1 >> "      <CD:supported-address-data xmlns:CD="urn:ietf:params:xml:ns:carddav"/>[\n]"
D/Wire    (29355): http-outgoing-1 >> "   </prop>[\n]"
D/Wire    (29355): http-outgoing-1 >> "</propfind>"
E/NetworkReportService(14598): ERROR: No reports from previous days.
E/NetworkReportService(14598): ERROR: No reports from previous days.
E/NetworkReportService(14598): ERROR: No reports from previous days.
E/NetworkReportService(14598): ERROR: No reports from previous days.
E/NetworkReportService(14598): ERROR: No reports from previous days.
E/NetworkReportService(14598): ERROR: No reports from previous days.
E/NetworkReportService(14598): ERROR: No reports from previous days.
D/Wire    (29355): http-outgoing-1 << "HTTP/1.1 207 Multi-Status[\r][\n]"
D/Wire    (29355): http-outgoing-1 << "Server: nginx[\r][\n]"
D/Wire    (29355): http-outgoing-1 << "Date: Fri, 28 Aug 2015 16:34:41 GMT[\r][\n]"
D/Wire    (29355): http-outgoing-1 << "Content-Type: application/xml; charset=utf-8[\r][\n]"
D/Wire    (29355): http-outgoing-1 << "Content-Length: 879[\r][\n]"
D/Wire    (29355): http-outgoing-1 << "Connection: keep-alive[\r][\n]"
D/Wire    (29355): http-outgoing-1 << "Vary: Accept-Encoding, Brief, Prefer[\r][\n]"
D/Wire    (29355): http-outgoing-1 << "[\r][\n]"
D/Wire    (29355): http-outgoing-1 << "<?xml version="1.0" encoding="utf-8"?>[\n]"
D/Wire    (29355): http-outgoing-1 << "<multistatus xmlns="DAV:" xmlns:A="http://apple.com/ns/ical/" xmlns:CS="http://calendarserver.org/ns/" xmlns:CD="urn:ietf:params:xml:ns:carddav">[\n]"
D/Wire    (29355): http-outgoing-1 << "  <response>[\n]"
D/Wire    (29355): http-outgoing-1 << "    <href>/dav/addressbooks/user/user@fastmail.fm/Default/</href>[\n]"
D/Wire    (29355): http-outgoing-1 << "    <propstat>[\n]"
/Wire    (29355): http-outgoing-1 << "      <prop>[\n]"
D/Wire    (29355): http-outgoing-1 << "        <displayname><![CDATA[Default]]></displayname>[\n]"
D/Wire    (29355): http-outgoing-1 << "        <CS:getctag>data:,1419071798-65529</CS:getctag>[\n]"
D/Wire    (29355): http-outgoing-1 << "        <resourcetype>[\n]"
D/Wire    (29355): http-outgoing-1 << "          <collection/>[\n]"
D/Wire    (29355): http-outgoing-1 << "          <CD:addressbook/>[\n]"
D/Wire    (29355): http-outgoing-1 << "        </resourcetype>[\n]"
D/Wire    (29355): http-outgoing-1 << "        <CD:supported-address-data>[\n]"
D/Wire    (29355): http-outgoing-1 << "          <CD:address-data-type content-type="text/vcard" version="3.0"/>[\n]"
D/Wire    (29355): http-outgoing-1 << "        </CD:supported-address-data>[\n]"
D/Wire    (29355): http-outgoing-1 << "      </prop>[\n]"
D/Wire    (29355): http-outgoing-1 << "      <status>HTTP/1.1 200 OK</status>[\n]"
D/Wire    (29355): http-outgoing-1 << "    </propstat>[\n]"
D/Wire    (29355): http-outgoing-1 << "    <propstat>[\n]"
D/Wire    (29355): http-outgoing-1 << "      <prop>[\n]"
D/Wire    (29355): http-outgoing-1 << "        <A:calendar-color/>[\n]"
D/Wire    (29355): http-outgoing-1 << "      </prop>[\n]"
D/Wire    (29355): http-outgoing-1 << "      <status>HTTP/1.1 404 Not Found</status>[\n]"
D/Wire    (29355): http-outgoing-1 << "    </propstat>[\n]"
D/Wire    (29355): http-outgoing-1 << "  </response>[\n]"
D/Wire    (29355): http-outgoing-1 << "</multistatus>[\n]"
D/HttpClient(29355): Connection can be kept alive indefinitely
D/HttpClient(29355): Authentication succeeded
E/NetworkReportService(14598): ERROR: No reports from previous days.
E/NetworkReportService(14598): ERROR: No reports from previous days.
V/davdroid.URIUtils(29355): Normalized URI /dav/addressbooks/user/user@fastmail.fm/Default/ -> /dav/addressbooks/user/user@fastmail.fm/Default/ assuming that it was an URI or path name
D/davdroid.WebDavResource(29355): Processing multi-status element: https://carddav-d49.messagingengine.com/dav/addressbooks/user/user@fastmail.fm/Default/
D/HttpClient(29355): Connection [id: 1][route: HttpRoute[{s}->https://carddav-d49.messagingengine.com:443]] can be kept alive indefinitely
D/HttpClient(29355): Connection released: [id: 1][route: HttpRoute[{s}->https://carddav-d49.messagingengine.com:443]][total kept alive: 1; route allocated: 1 of 2; total allocated: 1 of 3]
E/NetworkReportService(14598): ERROR: No reports from previous days.
I/davdroid.SyncManager(29355): Remotely removing 0 deleted resource(s) (if not changed)
E/NetworkReportService(14598): ERROR: No reports from previous days.
E/wpa_supplicant(13388): send_and_recv error 0 - cmd 17
E/wpa_supplicant(13388): send_and_recv error 0 - cmd 5
E/wpa_supplicant(13388): send_and_recv error 0 - cmd 50
E/wpa_supplicant(13388): send_and_recv error 0 - cmd 17
E/wpa_supplicant(13388): send_and_recv error 0 - cmd 5
E/wpa_supplicant(13388): send_and_recv error 0 - cmd 50
E/MP-Decision( 1658): Update arg 2
E/MP-Decision( 1658): Update arg 1
E/wpa_supplicant(13388): send_and_recv error 0 - cmd 17
E/wpa_supplicant(13388): send_and_recv error 0 - cmd 5
E/wpa_supplicant(13388): send_and_recv error 0 - cmd 50
E/MP-Decision( 1658): Update arg 2
E/MP-Decision( 1658): Update arg 1
E/MP-Decision( 1658): Update arg 2
E/MP-Decision( 1658): Update arg 1
E/wpa_supplicant(13388): send_and_recv error 0 - cmd 17
E/wpa_supplicant(13388): send_and_recv error 0 - cmd 5
E/wpa_supplicant(13388): send_and_recv error 0 - cmd 50
E/wpa_supplicant(13388): send_and_recv error 0 - cmd 33
I/davdroid.SyncManager(29355): Uploading 301 new resource(s) (if not existing)
W/davdroid.Contact(29355): No FN (formatted name) available to generate VCard
W/davdroid.Contact(29355): Created potentially invalid VCard:
W/davdroid.Contact(29355): W00: A StructuredName property is required for vCard versions 2.1 and 3.0.
W/davdroid.Contact(29355): W01: A FormattedName property is required for vCard versions 3.0 and 4.0.
D/HttpClient(29355): CookieSpec selected: best-match
D/HttpClient(29355): Connection request: [route: HttpRoute[{s}->https://carddav-d49.messagingengine.com:443]][total kept alive: 1; route allocated: 1 of 2; total allocated: 1 of 3]
D/HttpClient(29355): Connection leased: [id: 1][route: HttpRoute[{s}->https://carddav-d49.messagingengine.com:443]][total kept alive: 0; route allocated: 1 of 2; total allocated: 1 of 3]
D/HttpClient(29355): Executing request PUT /dav/addressbooks/user/myself@fastmail.fm/Default/censored.vcf HTTP/1.1
D/HttpClient(29355): Target auth state: SUCCESS
D/HttpClient(29355): Proxy auth state: UNCHALLENGED
D/Wire    (29355): http-outgoing-1 >> "PUT /dav/addressbooks/user/myself@fastmail.fm/Default/censored.vcf HTTP/1.1[\r][\n]"
D/Wire    (29355): http-outgoing-1 >> "If-None-Match: *[\r][\n]"
D/Wire    (29355): http-outgoing-1 >> "Content-Type: text/vcard; charset=UTF-8[\r][\n]"
D/Wire    (29355): http-outgoing-1 >> "Content-Length: 179[\r][\n]"
D/Wire    (29355): http-outgoing-1 >> "Host: carddav-d49.messagingengine.com[\r][\n]"
D/Wire    (29355): http-outgoing-1 >> "Connection: Keep-Alive[\r][\n]"
D/Wire    (29355): http-outgoing-1 >> "User-Agent: DAVdroid/0.8.4[\r][\n]"
D/Wire    (29355): http-outgoing-1 >> "Authorization: Basic bleepbloop==[\r][\n]"
D/Wire    (29355): http-outgoing-1 >> "[\r][\n]"
D/Wire    (29355): http-outgoing-1 >> "BEGIN:VCARD[\r][\n]"
D/Wire    (29355): http-outgoing-1 >> "VERSION:3.0[\r][\n]"
D/Wire    (29355): http-outgoing-1 >> "UID:d9d6720e-df95-474f-960e-dfed96ae9e52[\r][\n]"
D/Wire    (29355): http-outgoing-1 >> "EMAIL;TYPE=pref:somemail@stud.ntnu.no[\r][\n]"
D/Wire    (29355): http-outgoing-1 >> "PRODID:DAVdroid/0.8.4 (ez-vcard/0.9.6)[\r][\n]"
D/Wire    (29355): http-outgoing-1 >> "REV:20150828T163455Z[\r][\n]"
D/Wire    (29355): http-outgoing-1 >> "END:VCARD[\r][\n]"
E/wpa_supplicant(13388): send_and_recv error 0 - cmd 17
E/wpa_supplicant(13388): send_and_recv error 0 - cmd 5
E/wpa_supplicant(13388): send_and_recv error 0 - cmd 50
E/wpa_supplicant(13388): send_and_recv error 0 - cmd 32
E/wpa_supplicant(13388): send_and_recv error 0 - cmd 50
E/wpa_supplicant(13388): send_and_recv error 0 - cmd 32
E/wpa_supplicant(13388): send_and_recv error 0 - cmd 50
D/WirelessDisplayService( 1001): getDiscoveryDongleList
D/Wire    (29355): http-outgoing-1 << "HTTP/1.1 403 Forbidden[\r][\n]"
D/Wire    (29355): http-outgoing-1 << "Server: nginx[\r][\n]"
D/Wire    (29355): http-outgoing-1 << "Date: Fri, 28 Aug 2015 16:34:56 GMT[\r][\n]"
D/Wire    (29355): http-outgoing-1 << "Content-Type: application/xml; charset=utf-8[\r][\n]"
D/Wire    (29355): http-outgoing-1 << "Content-Length: 142[\r][\n]"
D/Wire    (29355): http-outgoing-1 << "Connection: keep-alive[\r][\n]"
D/Wire    (29355): http-outgoing-1 << "Cache-Control: no-cache[\r][\n]"
D/Wire    (29355): http-outgoing-1 << "Vary: Accept-Encoding[\r][\n]"
D/Wire    (29355): http-outgoing-1 << "[\r][\n]"
D/Wire    (29355): http-outgoing-1 << "<?xml version="1.0" encoding="utf-8"?>[\n]"
D/Wire    (29355): http-outgoing-1 << "<D:error xmlns:D="DAV:" xmlns:C="urn:ietf:params:xml:ns:carddav">[\n]"
D/Wire    (29355): http-outgoing-1 << "  <C:valid-address-data/>[\n]"
D/Wire    (29355): http-outgoing-1 << "</D:error>[\n]"
D/HttpClient(29355): Connection can be kept alive indefinitely
D/HttpClient(29355): http-outgoing-1: Shutdown connection
D/HttpClient(29355): Connection discarded
D/HttpClient(29355): http-outgoing-1: Close connection
D/HttpClient(29355): Connection released: [id: 1][route: HttpRoute[{s}->https://carddav-d49.messagingengine.com:443]][total kept alive: 0; route allocated: 0 of 2; total allocated: 0 of 3]
E/davdroid.DavSyncAdapter(29355): Hard HTTP error 403
E/davdroid.DavSyncAdapter(29355): at.bitfire.davdroid.webdav.ForbiddenException: 403 Forbidden
E/davdroid.DavSyncAdapter(29355):       at at.bitfire.davdroid.webdav.WebDavResource.checkResponse(WebDavResource.java:349)
E/davdroid.DavSyncAdapter(29355):       at at.bitfire.davdroid.webdav.WebDavResource.checkResponse(WebDavResource.java:327)
E/davdroid.DavSyncAdapter(29355):       at at.bitfire.davdroid.webdav.WebDavResource.put(WebDavResource.java:304)
E/davdroid.DavSyncAdapter(29355):       at at.bitfire.davdroid.resource.WebDavCollection.add(WebDavCollection.java:169)
E/davdroid.DavSyncAdapter(29355):       at at.bitfire.davdroid.syncadapter.SyncManager.pushNew(SyncManager.java:147)
E/davdroid.DavSyncAdapter(29355):       at at.bitfire.davdroid.syncadapter.SyncManager.synchronize(SyncManager.java:55)
E/davdroid.DavSyncAdapter(29355):       at at.bitfire.davdroid.syncadapter.DavSyncAdapter.onPerformSync(DavSyncAdapter.java:138)
E/davdroid.DavSyncAdapter(29355):       at android.content.AbstractThreadedSyncAdapter$SyncThread.run(AbstractThreadedSyncAdapter.java:259)
I/davdroid.DavSyncAdapter(29355): Sync complete for com.android.contacts
D/davdroid.DavSyncAdapter(29355): Closing httpClient

I’ve included the part of the log that seemed relevant, let me know if you need more information.

For all I know this could be a Fastmail problem? I also tried removing the contact that made it hang, but it still seems to try to sync the same contact.

Phone: HTC One Mini 2
Android 4.4.2 build 2.18.401.3 CL405590

AutoImport-untitaker

Fastmail expects an address field on your contact for some reason.

/cc @robn

AutoImport-robn

I’m not sure if our behaviour is correct off the top of my head. I will try to find time to look into it this weekend and will report back soon.

/cc @brong

AutoImport-robn

The problem is right there in the log:

W/davdroid.Contact(29355): No FN (formatted name) available to generate VCard
W/davdroid.Contact(29355): Created potentially invalid VCard:
W/davdroid.Contact(29355): W00: A StructuredName property is required for vCard versions 2.1 and 3.0.
W/davdroid.Contact(29355): W01: A FormattedName property is required for vCard versions 3.0 and 4.0.

The card is missing the FN field. Along with VERSION and UID, FN is a required field in vCard 3.0. See https://tools.ietf.org/html/rfc6350#section-6.2.1.

AutoImport-robn

The FastMail client and iOS both handle this case by setting an empty FN field. DAVDroid should probably do the same.

AutoImport-untitaker

I see, though I’m not sure whether it is DavDroid that generates those broken vcards. In any case the error message of the server is a bit misleading.

On 29 August 2015 05:19:16 CEST, Rob N notifications@github.com wrote:

The FastMail client and iOS both handle this case by setting an empty
FN field. DAVDroid should probably do the same.

---

Reply to this email directly or view it on GitHub:
https://github.com/bitfireAT/davdroid/issues/629#issuecomment-135934090

–
Sent from my phone. Please excuse my brevity.

AutoImport-robn

Thanks; I didn’t look closely at that.

The HTTP response code looks like a bug; I’m fairly sure it should be 412 (Precondition Failed). I’ll check this with our backend engineers.

Considering the response body:

<D:error xmlns:D="DAV:" xmlns:C="urn:ietf:params:xml:ns:carddav">
  <C:valid-address-data/>
</D:error>

This is unambiguous per RFC 6352 section 6.3.2.1.

(CARDDAV:valid-address-data): The resource submitted in the PUT request, or targeted by a COPY or MOVE request, MUST be valid data for the media type being specified (i.e., MUST contain valid vCard data).

A vCard that does not have an FN field is not a valid vCard.

AutoImport-untitaker

I see, I thought valid-address-data referred exclusively to ADR fields.

On Sat, Aug 29, 2015 at 06:56:21AM -0700, Rob N wrote:

Thanks; I didn’t look closely at that.

The HTTP response code looks like a bug; I’m fairly sure it should be 412 (Precondition Failed). I’ll check this with our backend engineers.

Considering the response body:

<D:error xmlns:D="DAV:" xmlns:C="urn:ietf:params:xml:ns:carddav">
  <C:valid-address-data/>
</D:error>

This is unambiguous per RFC 6352 section 6.3.2.1.

(CARDDAV:valid-address-data): The resource submitted in the PUT request, or targeted by a COPY or MOVE request, MUST be valid data for the media type being specified (i.e., MUST contain valid vCard data).

A vCard that does not have an FN field is not a valid vCard.

---

Reply to this email directly or view it on GitHub:
https://github.com/bitfireAT/davdroid/issues/629#issuecomment-135988620