On Fri, Feb 22, 2019 at 08:07:02AM GMT, Mikolaj Kucharski wrote: > Hi, > > I have pretty fresh OpenBSD-current with kcaldav-0.1.7p0 from packages > installed: > > $ sysctl -n kern.version > OpenBSD 6.4-current (GENERIC.MP) #743: Wed Feb 20 09:57:24 MST 2019 > dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP > > $ pkg_info -qI kcaldav > kcaldav-0.1.7p0 > > # rcctl get httpd > httpd_class=daemon > httpd_flags= > httpd_rtable=0 > httpd_timeout=30 > httpd_user=root > > # rcctl get slowcgi > slowcgi_class=daemon > slowcgi_flags= > slowcgi_rtable=0 > slowcgi_timeout=30 > slowcgi_user=root > > > Configutation of httpd(8) is basically copy-pasta of > /etc/examples/httpd.conf with added part for kcaldav from > /usr/local/share/doc/pkg-readmes/kcaldav with modified > for my domain. TLS cert is generated with acme-client(1) > and HTTP over port 443 works. > > > # cat /etc/httpd.conf > server "test.example.com" { > listen on * port 80 > location "/.well-known/acme-challenge/*" { > root "/acme" > request strip 2 > } > location * { > block return 302 "https://$HTTP_HOST$REQUEST_URI" > } > } > > server "test.example.com" { > listen on * tls port 443 > tls { > certificate "/etc/ssl/test.example.com.fullchain.pem" > key "/etc/ssl/private/test.example.com.key" > } > location "/pub/*" { > directory auto index > } > location "/.well-known/acme-challenge/*" { > root "/acme" > request strip 2 > } > location "/cgi-bin/*" { > fastcgi > root "/" > } > } > > > I configured test user by following package readme file: > > # kcaldav.passwd -C -u testing23 -e r...@test.example.com -f /var/www/caldav > # chown www:www /var/www/caldav/kcaldav.db > # chmod 640 /var/www/caldav/kcaldav.db > > > but when I open https://test.example.com/kcaldav/home.html and > authenticate, the `Loading kCalDAV...` spinning wheel never goes away.
Hi Mikolaj, This is also where I got stuck. I'd very much like to get it working but due to lack of time, sadly, I had to give up at this point. Regards, Raf > In httpd(8) logs I see following: > > > test.example.com 109.232.27.122 - - [21/Feb/2019:14:13:43 +0000] "GET > /kcaldav/home.html HTTP/1.1" 200 8768 > test.example.com 109.232.27.122 - - [21/Feb/2019:14:13:44 +0000] "GET > /kcaldav/style.css HTTP/1.1" 200 2420 > test.example.com 109.232.27.122 - - [21/Feb/2019:14:13:44 +0000] "GET > /kcaldav/md5.min.js HTTP/1.1" 200 5511 > test.example.com 109.232.27.122 - - [21/Feb/2019:14:13:44 +0000] "GET > /kcaldav/script.min.js HTTP/1.1" 200 9252 > test.example.com 109.232.27.122 - - [21/Feb/2019:14:13:44 +0000] "GET > /kcaldav/home.min.js HTTP/1.1" 200 3274 > test.example.com 109.232.27.122 - - [21/Feb/2019:14:13:46 +0000] "GET > /cgi-bin/kcaldav.cgi/index.json HTTP/1.1" 401 0 > test.example.com 109.232.27.122 - - [21/Feb/2019:14:14:44 +0000] "<UNKNOWN> " > 408 0 > test.example.com 109.232.27.122 - - [21/Feb/2019:14:14:44 +0000] "<UNKNOWN> " > 408 0 > test.example.com 109.232.27.122 - - [21/Feb/2019:14:14:46 +0000] "<UNKNOWN> " > 408 0 > test.example.com 109.232.27.122 - - [21/Feb/2019:14:15:13 +0000] "GET > /cgi-bin/kcaldav.cgi/index.json HTTP/1.1" 505 0 > > > So, what I see here is HTTP 505 error. If I do the same GET via curl I > see this: > > $ curl --anyauth -u testing23 -vsSf -o - > https://test.example.com/cgi-bin/kcaldav.cgi/index.json > Enter host password for user 'testing23': > * Expire in 0 ms for 6 (transfer 0x17acc2b3b000) > ... > * Expire in 5 ms for 1 (transfer 0x17acc2b3b000) > * Trying XXX.XXX.XXX.132... > * TCP_NODELAY set > * Expire in 149992 ms for 3 (transfer 0x17acc2b3b000) > * Expire in 200 ms for 4 (transfer 0x17acc2b3b000) > * Connected to test.example.com (XXX.XXX.XXX.132) port 443 (#0) > * ALPN, offering h2 > * ALPN, offering http/1.1 > * successfully set certificate verify locations: > * CAfile: /etc/ssl/cert.pem > CApath: none > * TLSv1.2 (OUT), TLS handshake, Client hello (1): > * TLSv1.2 (IN), TLS handshake, Server hello (2): > * TLSv1.2 (IN), TLS handshake, Certificate (11): > * TLSv1.2 (IN), TLS handshake, Server key exchange (12): > * TLSv1.2 (IN), TLS handshake, Server finished (14): > * TLSv1.2 (OUT), TLS handshake, Client key exchange (16): > * TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1): > * TLSv1.2 (OUT), TLS handshake, Finished (20): > * TLSv1.2 (IN), TLS change cipher, Change cipher spec (1): > * TLSv1.2 (IN), TLS handshake, Finished (20): > * SSL connection using TLSv1.2 / ECDHE-RSA-CHACHA20-POLY1305 > * ALPN, server did not agree to a protocol > * Server certificate: > * subject: CN=test.example.com > * start date: Feb 21 13:03:57 2019 GMT > * expire date: May 22 13:03:57 2019 GMT > * subjectAltName: host "test.example.com" matched cert's "test.example.com" > * issuer: C=US; O=Let's Encrypt; CN=Let's Encrypt Authority X3 > * SSL certificate verify ok. > > GET /cgi-bin/kcaldav.cgi/index.json HTTP/1.1 > > Host: test.example.com > > User-Agent: curl/7.64.0 > > Accept: */* > > > < HTTP/1.1 401 Unauthorized > < Connection: keep-alive > < Date: Fri, 22 Feb 2019 07:54:49 GMT > < Server: OpenBSD httpd > < Transfer-Encoding: chunked > < WWW-Authenticate: Digest realm="kcaldav", algorithm="MD5-sess", > qop="auth,auth-int", nonce="57563766437C4E73" > < > * Ignoring the response-body > * Connection #0 to host test.example.com left intact > * Issue another request to this URL: > 'https://test.example.com/cgi-bin/kcaldav.cgi/index.json' > * Found bundle for host test.example.com: 0x17acc1c60300 [can pipeline] > * Could pipeline, but not asked to! > * Re-using existing connection! (#0) with host test.example.com > * Connected to test.example.com (XXX.XXX.XXX.132) port 443 (#0) > * Expire in 0 ms for 6 (transfer 0x17acc2b3b000) > * Server auth using Digest with user 'testing23' > > GET /cgi-bin/kcaldav.cgi/index.json HTTP/1.1 > > Host: test.example.com > > Authorization: Digest username="testing23", realm="kcaldav", > > nonce="57563766437C4E73", uri="/cgi-bin/kcaldav.cgi/index.json", > > cnonce="NTA5MmU3YjNkMzQwMmFkY2I5MDQ1OGFlYzc3NTQ0MmE=", nc=00000001, > > qop=auth, response="47cdd57bba933c9d2156cb08d02cdcd9", algorithm="MD5-sess" > > User-Agent: curl/7.64.0 > > Accept: */* > > > * The requested URL returned error: 505 HTTP Version Not Supported > * Closing connection 0 > curl: (22) The requested URL returned error: 505 HTTP Version Not Supported > > > Does anyone else seeing the same? Am I doing something wrong here? > > -- > Regards, > Mikolaj >