Since 0.9: digest auth results in "Unauthorized" error on Calendar & Contacts Server



  • Since DAVdroid 0.9.x we're not able to sync (or even add new accounts) for a private "Calendar and Contacts Server" instance. It seems to be a problem with digest auth. The server always returns "Unauthorized".

    With the following curl command to test a request…

    curl --request PROPFIND --digest --user a_username --header "Content-Type: text/xml"
    --data "<D:propfind xmlns:D='DAV:'><D:prop><D:displayname/></D:prop></D:propfind>"
    

    …a correct response is received & the Calendar and Contacts Server logs the following:

    127.0.0.1 - a_username [30/Jan/2016:18:13:57 +0200] "PROPFIND /principals/users/a_username/ HTTP/1.1" 207 821 "-" "curl/7.40.0" i=1 t=4.6 or=1 cached=1 xff=0.0.0.0 fwd=0.0.0.0
    

    With DAVdroid the server responses "Unauthorized" & the username is missing (once with 'pre-emptive authentication' enabled, once disabled):

    127.0.0.1 - - [30/Jan/2016:18:14:08 +0200] "PROPFIND /principals/users/a_username/ HTTP/1.1" 401 141 "-" "DAVdroid/0.9.1.3 (2016/01/03; dav4android) Android/5.1.1" i=0 t=4.8 or=1 xff=0.0.0.0 fwd=0.0.0.0
    127.0.0.1 - - [30/Jan/2016:18:14:08 +0200] "OPTIONS /principals/users/a_username/ HTTP/1.1" 401 141 "-" "DAVdroid/0.9.1.3 (2016/01/03; dav4android) Android/5.1.1" i=0 t=3.1 or=1 xff=0.0.0.0 fwd=0.0.0.0
    127.0.0.1 - - [30/Jan/2016:18:14:08 +0200] "PROPFIND /.well-known/carddav HTTP/1.1" 301 145 "-" "DAVdroid/0.9.1.3 (2016/01/03; dav4android) Android/5.1.1" i=0 t=2.7 or=1 xff=0.0.0.0 fwd=0.0.0.0
    127.0.0.1 - - [30/Jan/2016:18:14:08 +0200] "PROPFIND / HTTP/1.1" 207 331 "-" "DAVdroid/0.9.1.3 (2016/01/03; dav4android) Android/5.1.1" i=0 t=2.6 or=1 xff=0.0.0.0 fwd=0.0.0.0
    127.0.0.1 - - [30/Jan/2016:18:14:08 +0200] "PROPFIND /principals/users/a_username/ HTTP/1.1" 401 141 "-" "DAVdroid/0.9.1.3 (2016/01/03; dav4android) Android/5.1.1" i=0 t=4.4 or=1 xff=0.0.0.0 fwd=0.0.0.0
    127.0.0.1 - - [30/Jan/2016:18:14:08 +0200] "OPTIONS /principals/users/a_username/ HTTP/1.1" 401 141 "-" "DAVdroid/0.9.1.3 (2016/01/03; dav4android) Android/5.1.1" i=0 t=3.1 or=1 xff=0.0.0.0 fwd=0.0.0.0
    127.0.0.1 - - [30/Jan/2016:18:14:08 +0200] "PROPFIND /.well-known/caldav HTTP/1.1" 301 145 "-" "DAVdroid/0.9.1.3 (2016/01/03; dav4android) Android/5.1.1" i=0 t=2.1 or=1 xff=0.0.0.0 fwd=0.0.0.0
    127.0.0.1 - - [30/Jan/2016:18:14:08 +0200] "PROPFIND / HTTP/1.1" 207 331 "-" "DAVdroid/0.9.1.3 (2016/01/03; dav4android) Android/5.1.1" i=0 t=2.6 or=1 xff=0.0.0.0 fwd=0.0.0.0
    
    127.0.0.1 - - [30/Jan/2016:18:14:18 +0200] "PROPFIND /principals/users/a_username/ HTTP/1.1" 401 141 "-" "DAVdroid/0.9.1.3 (2016/01/03; dav4android) Android/5.1.1" i=1 t=2.8 or=1 xff=0.0.0.0 fwd=0.0.0.0
    127.0.0.1 - - [30/Jan/2016:18:14:18 +0200] "OPTIONS /principals/users/a_username/ HTTP/1.1" 401 141 "-" "DAVdroid/0.9.1.3 (2016/01/03; dav4android) Android/5.1.1" i=1 t=3.0 or=1 xff=0.0.0.0 fwd=0.0.0.0
    127.0.0.1 - - [30/Jan/2016:18:14:18 +0200] "PROPFIND /.well-known/carddav HTTP/1.1" 401 141 "-" "DAVdroid/0.9.1.3 (2016/01/03; dav4android) Android/5.1.1" i=1 t=3.0 or=1 xff=0.0.0.0 fwd=0.0.0.0
    127.0.0.1 - - [30/Jan/2016:18:14:18 +0200] "PROPFIND /principals/users/a_username/ HTTP/1.1" 401 141 "-" "DAVdroid/0.9.1.3 (2016/01/03; dav4android) Android/5.1.1" i=1 t=2.8 or=1 xff=0.0.0.0 fwd=0.0.0.0
    127.0.0.1 - - [30/Jan/2016:18:14:18 +0200] "OPTIONS /principals/users/a_username/ HTTP/1.1" 401 141 "-" "DAVdroid/0.9.1.3 (2016/01/03; dav4android) Android/5.1.1" i=1 t=2.9 or=1 xff=0.0.0.0 fwd=0.0.0.0
    127.0.0.1 - - [30/Jan/2016:18:14:18 +0200] "PROPFIND /.well-known/caldav HTTP/1.1" 401 141 "-" "DAVdroid/0.9.1.3 (2016/01/03; dav4android) Android/5.1.1" i=1 t=2.9 or=1 xff=0.0.0.0 fwd=0.0.0.0
    

    After enabling basic auth everything works again. But the admin would rather use digest auth which did work with the older versions of DAVdroid (I think I tested it with every version since 0.9.0.3 from F-Droid).

    As far as he could tell, the admin did not find any configurations errors. Has someone an idea what the problem could be (on server- or app-side)?


  • developer

    Did you disable the preemptive auth checkbox in the Setup? You can also do that in the DAVdroid Account settings.



  • Yes, I did. One of the responses is with pre-emptive authentication disabled but I'm not sure which (I think the first).


  • developer

    Can you maybe provide a test account so that I can reproduce the problem?


Log in to reply
 

Looks like your connection to Bitfire App Forums was lost, please wait while we try to reconnect.