On Fri, Feb 22, 2019 at 08:07:02AM GMT, Mikolaj Kucharski wrote:
> Hi,
>
> I have pretty fresh OpenBSD-current with kcaldav-0.1.7p0 from packages
> installed:
>
> $ sysctl -n kern.version
> OpenBSD 6.4-current (GENERIC.MP) #743: Wed Feb 20 09:57:24 MST 2019
> dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
>
> $ pkg_info -qI kcaldav
> kcaldav-0.1.7p0
>
> # rcctl get httpd
> httpd_class=daemon
> httpd_flags=
> httpd_rtable=0
> httpd_timeout=30
> httpd_user=root
>
> # rcctl get slowcgi
> slowcgi_class=daemon
> slowcgi_flags=
> slowcgi_rtable=0
> slowcgi_timeout=30
> slowcgi_user=root
>
>
> Configutation of httpd(8) is basically copy-pasta of
> /etc/examples/httpd.conf with added part for kcaldav from
> /usr/local/share/doc/pkg-readmes/kcaldav with modified
> for my domain. TLS cert is generated with acme-client(1)
> and HTTP over port 443 works.
>
>
> # cat /etc/httpd.conf
> server "test.example.com" {
> listen on * port 80
> location "/.well-known/acme-challenge/*" {
> root "/acme"
> request strip 2
> }
> location * {
> block return 302 "https://$HTTP_HOST$REQUEST_URI";
> }
> }
>
> server "test.example.com" {
> listen on * tls port 443
> tls {
> certificate "/etc/ssl/test.example.com.fullchain.pem"
> key "/etc/ssl/private/test.example.com.key"
> }
> location "/pub/*" {
> directory auto index
> }
> location "/.well-known/acme-challenge/*" {
> root "/acme"
> request strip 2
> }
> location "/cgi-bin/*" {
> fastcgi
> root "/"
> }
> }
>
>
> I configured test user by following package readme file:
>
> # kcaldav.passwd -C -u testing23 -e r...@test.example.com -f /var/www/caldav
> # chown www:www /var/www/caldav/kcaldav.db
> # chmod 640 /var/www/caldav/kcaldav.db
>
>
> but when I open https://test.example.com/kcaldav/home.html and
> authenticate, the `Loading kCalDAV...` spinning wheel never goes away.
Hi Mikolaj,
This is also where I got stuck. I'd very much like to get it working
but due to lack of time, sadly, I had to give up at this point.
Regards,
Raf
> In httpd(8) logs I see following:
>
>
> test.example.com 109.232.27.122 - - [21/Feb/2019:14:13:43 +0000] "GET
> /kcaldav/home.html HTTP/1.1" 200 8768
> test.example.com 109.232.27.122 - - [21/Feb/2019:14:13:44 +0000] "GET
> /kcaldav/style.css HTTP/1.1" 200 2420
> test.example.com 109.232.27.122 - - [21/Feb/2019:14:13:44 +0000] "GET
> /kcaldav/md5.min.js HTTP/1.1" 200 5511
> test.example.com 109.232.27.122 - - [21/Feb/2019:14:13:44 +0000] "GET
> /kcaldav/script.min.js HTTP/1.1" 200 9252
> test.example.com 109.232.27.122 - - [21/Feb/2019:14:13:44 +0000] "GET
> /kcaldav/home.min.js HTTP/1.1" 200 3274
> test.example.com 109.232.27.122 - - [21/Feb/2019:14:13:46 +0000] "GET
> /cgi-bin/kcaldav.cgi/index.json HTTP/1.1" 401 0
> test.example.com 109.232.27.122 - - [21/Feb/2019:14:14:44 +0000] "<UNKNOWN> "
> 408 0
> test.example.com 109.232.27.122 - - [21/Feb/2019:14:14:44 +0000] "<UNKNOWN> "
> 408 0
> test.example.com 109.232.27.122 - - [21/Feb/2019:14:14:46 +0000] "<UNKNOWN> "
> 408 0
> test.example.com 109.232.27.122 - - [21/Feb/2019:14:15:13 +0000] "GET
> /cgi-bin/kcaldav.cgi/index.json HTTP/1.1" 505 0
>
>
> So, what I see here is HTTP 505 error. If I do the same GET via curl I
> see this:
>
> $ curl --anyauth -u testing23 -vsSf -o -
> https://test.example.com/cgi-bin/kcaldav.cgi/index.json
> Enter host password for user 'testing23':
> * Expire in 0 ms for 6 (transfer 0x17acc2b3b000)
> ...
> * Expire in 5 ms for 1 (transfer 0x17acc2b3b000)
> * Trying XXX.XXX.XXX.132...
> * TCP_NODELAY set
> * Expire in 149992 ms for 3 (transfer 0x17acc2b3b000)
> * Expire in 200 ms for 4 (transfer 0x17acc2b3b000)
> * Connected to test.example.com (XXX.XXX.XXX.132) port 443 (#0)
> * ALPN, offering h2
> * ALPN, offering http/1.1
> * successfully set certificate verify locations:
> * CAfile: /etc/ssl/cert.pem
> CApath: none
> * TLSv1.2 (OUT), TLS handshake, Client hello (1):
> * TLSv1.2 (IN), TLS handshake, Server hello (2):
> * TLSv1.2 (IN), TLS handshake, Certificate (11):
> * TLSv1.2 (IN), TLS handshake, Server key exchange (12):
> * TLSv1.2 (IN), TLS handshake, Server finished (14):
> * TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
> * TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
> * TLSv1.2 (OUT), TLS handshake, Finished (20):
> * TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
> * TLSv1.2 (IN), TLS handshake, Finished (20):
> * SSL connection using TLSv1.2 / ECDHE-RSA-CHACHA20-POLY1305
> * ALPN, server did not agree to a protocol
> * Server certificate:
> * subject: CN=test.example.com
> * start date: Feb 21 13:03:57 2019 GMT
> * expire date: May 22 13:03:57 2019 GMT
> * subjectAltName: host "test.example.com" matched cert's "test.example.com"
> * issuer: C=US; O=Let's Encrypt; CN=Let's Encrypt Authority X3
> * SSL certificate verify ok.
> > GET /cgi-bin/kcaldav.cgi/index.json HTTP/1.1
> > Host: test.example.com
> > User-Agent: curl/7.64.0
> > Accept: */*
> >
> < HTTP/1.1 401 Unauthorized
> < Connection: keep-alive
> < Date: Fri, 22 Feb 2019 07:54:49 GMT
> < Server: OpenBSD httpd
> < Transfer-Encoding: chunked
> < WWW-Authenticate: Digest realm="kcaldav", algorithm="MD5-sess",
> qop="auth,auth-int", nonce="57563766437C4E73"
> <
> * Ignoring the response-body
> * Connection #0 to host test.example.com left intact
> * Issue another request to this URL:
> 'https://test.example.com/cgi-bin/kcaldav.cgi/index.json'
> * Found bundle for host test.example.com: 0x17acc1c60300 [can pipeline]
> * Could pipeline, but not asked to!
> * Re-using existing connection! (#0) with host test.example.com
> * Connected to test.example.com (XXX.XXX.XXX.132) port 443 (#0)
> * Expire in 0 ms for 6 (transfer 0x17acc2b3b000)
> * Server auth using Digest with user 'testing23'
> > GET /cgi-bin/kcaldav.cgi/index.json HTTP/1.1
> > Host: test.example.com
> > Authorization: Digest username="testing23", realm="kcaldav",
> > nonce="57563766437C4E73", uri="/cgi-bin/kcaldav.cgi/index.json",
> > cnonce="NTA5MmU3YjNkMzQwMmFkY2I5MDQ1OGFlYzc3NTQ0MmE=", nc=00000001,
> > qop=auth, response="47cdd57bba933c9d2156cb08d02cdcd9", algorithm="MD5-sess"
> > User-Agent: curl/7.64.0
> > Accept: */*
> >
> * The requested URL returned error: 505 HTTP Version Not Supported
> * Closing connection 0
> curl: (22) The requested URL returned error: 505 HTTP Version Not Supported
>
>
> Does anyone else seeing the same? Am I doing something wrong here?
>
> --
> Regards,
> Mikolaj
>
