etesync
trouble with etesync-dav-certgen
I've got the caldav server working (viewable at http://localhost:37358/) but I'm now struggling to get it cooperating with the macOS calendar. I've tried to run etesync-dav-certgen --trust-cert both inside and outside of virtualenv to no avail. Any ideas what's going wrong here? Cheers
output from ./venv/bin/etesync-dav-certgen --trust-cert:
Traceback (most recent call last):
File "./venv/bin/etesync-dav-certgen", line 213, in <module>
main()
File "./venv/bin/etesync-dav-certgen", line 192, in main
generate_cert(**subargs(('cert_path', 'key_path', 'key_cipher',
File "./venv/bin/etesync-dav-certgen", line 190, in <lambda>
subargs = lambda x: {i: args_dict[i] for i in x}
File "./venv/bin/etesync-dav-certgen", line 190, in <dictcomp>
subargs = lambda x: {i: args_dict[i] for i in x}
KeyError: 'key_cipher'
Take a look at the change history of the readme. Before it was a script, there were instructions. Maybe they would work better for you.
I don't personally use Mac, this was contributed by @odkr. I'll take a look at this tomorrow, but please let me know if you manage to get it working before.
Thanks!
-- Tom
On Fri, 4 Jan 2019, 23:13 David Mynors <[email protected] wrote:
I've got the caldav server working (viewable at http://localhost:37358/) but I'm now struggling to get it cooperating with the macOS calendar. I've tried to run etesync-dav-certgen --trust-cert both inside and outside of virtualenv to no avail. Any ideas what's going wrong here? Cheers
output from ./venv/bin/etesync-dav-certgen --trust-cert:
Traceback (most recent call last): File "./venv/bin/etesync-dav-certgen", line 213, in
main() File "./venv/bin/etesync-dav-certgen", line 192, in main generate_cert(**subargs(('cert_path', 'key_path', 'key_cipher', File "./venv/bin/etesync-dav-certgen", line 190, in subargs = lambda x: {i: args_dict[i] for i in x} File "./venv/bin/etesync-dav-certgen", line 190, in subargs = lambda x: {i: args_dict[i] for i in x} KeyError: 'key_cipher' — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/etesync/etesync-dav/issues/41, or mute the thread https://github.com/notifications/unsubscribe-auth/AAGofl4jQ0zM2nG2d3Ek4iWlZZuEC6ncks5u_-AIgaJpZM4ZuMrY .
I see. I followed the instructions on the slightly older readme (without any hiccups) but when I went to run etesync-dav it threw up an error message:
[700006dad000] ERROR: An exception occurred during request: SSL handshake failed: [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:1056)
Are you sure you set https:// in the url now (instead of http)?
Try with the browser first btw, only then etesync-dav.
That makes a lot of sense, and it now seems to be working! My browser threw a 'your connection is not private' warning NET::ERR_CERT_COMMON_NAME_INVALID, but clicking 'advanced settings' and 'proceed anyway' got me to the expected radicale dashboard.
I'm now struggling to set up CardDAV: it doesn't throw any errors when I add the account to the 'internet accounts' preferences panel, but doesn't seem to be loading any of the contacts...
If your browser is complaining it (probably) means you didn't install the certificate as a globally trusted certificate on your system, meaning the Mac apps won't trust it either (and they are unfortunately buggy). You need to make sure you correctly installed the certificate (two commands in the readme if memory serves).
I think I inputted the correct commands as instructed, but just had a look in the gui 'Keychain Access' and I think I found the relevant certificate (screenshot below). Any idea what might be causing the problem?
If you can't or don't want to use the script, here is a step-by-step guide on how to generate a self-signed certificate and make macOS trust it:
First generate self-signed certificate trusted for 10 years:
cd ~/Library/Application\ Support/etesync-dav
openssl req -new -newkey rsa:4096 -days 3650 -nodes -x509 -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=etesync.localhost" -keyout etesync.key -out etesync.crt
Using open command triggers macos "add to keychain" dialog:
open etesync.crt
Confirm adding to "login" keychain in the dialog. Then open Keychain Access app, find etesync.localhost (keychain: login, category: certificates), expand "Trust" and pick "Always trust" for SSL.
Now you can edit ~/Library/Application\ Support/etesync-dav/radicale.conf, under [server] enter the following to make it use the certificate (please replace USERNAME for your actual username):
ssl = yes
certificate = /Users/USERNAME/Library/Application\ Support/etesync-dav/etesync.crt
key = /Users/USERNAME/Library/Application\ Support/etesync-dav/etesync.key
Restart etesync-dav
@tnajdek, thanks for this. In the beginning I actually objected having this separately, but I guess now that the README is simplified (and it seems certgen is having issues), could you please add a PR to include this information in the README? (in the mojave section under "manual way" or something)
@tnajdek as I and others reported in #53 the file paths in the radical.conf shall not have their whitespace escaped with a backslash.
@all experts with etesync on macOS: I followed the readme as of 2019-04-09 exactly, but sadly did not get etesync-dav working with Calendar.app. Could you maybe help me? This is what I tried so far:
Automatic SSL setup
- Fails, see #56
Manual SSL setup
- Performed it exactly as stated.
- My openssl is the one shipped with macOS, not from another package manager.
- Could it be that the
opensslshipped with macOS 10.14.4 with which I created the self signed certificate is too new for etesync-dav 0.5.5?
- Could it be that the
$ etesync-dav --version
2.1.11 # Interesting version offset as I downloaded from https://github.com/etesync/etesync-dav/releases/tag/v0.5.0
$ openssl version -a
LibreSSL 2.6.5
built on / platform / compiler: date not available
options: bn(64,64) rc4(ptr,int) des(idx,cisc,16,int) blowfish(idx)
OPENSSLDIR: "/private/etc/ssl"
- Made sure in Keychain.app to always trust my self signed certificate.
- Filepaths in radicale.conf maybe problematic? See #53
Client Setup
- OSX
- CalDAV: Works. Setup instructions:
- Internet Accounts->Add Other Account->CalDAV account
- Account Type: Advanced
- Username: [email protected]
- Password: generated etesync-dav password
- Server Address: localhost
- Server Path: /
- Port: 37358
- Uncheck Use SSL (does nothing under macOS Mojave, SSL is always enabled)
- CalDAV: Works. Setup instructions:
It already fails there at CalDAV configuration with this:
$ etesync-dav -D
[105b4c5c0] INFO: Starting Radicale
[105b4c5c0] INFO: Authentication type is 'htpasswd'
[105b4c5c0] INFO: Storage type is 'radicale_storage_etesync'
[105b4c5c0] INFO: Rights type is 'radicale_storage_etesync.rights'
[105b4c5c0] INFO: Web type is 'internal'
[105b4c5c0] INFO: Listening to '1.0.0.127.in-addr.arpa' on port 37358 using SSL
[105b4c5c0] INFO: Radicale server ready
[700001b7c000] ERROR: An exception occurred during request: SSL handshake failed: [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:1056)
Traceback (most recent call last):
File "site-packages/radicale/__init__.py", line 193, in process_request_thread
File "ssl.py", line 1117, in do_handshake
ssl.SSLError: [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:1056)
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "site-packages/radicale/__init__.py", line 197, in process_request_thread
RuntimeError: SSL handshake failed: [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:1056)
^C
[105b4c5c0] INFO: Stopping Radicale
Only idea I have now is that something during the self signing of the SSL certificate failed. Could redo this. Any other ideas?
@tnajdek and all other etesync Mac experts: Help appreciated!
Did the self signing a second time to no avail. Adding a CalDAV, either directly from Calendar.app or via System Preferences > Internet Accounts both failed (they are the same UIs integrated at two different places).
Clicking the button multiple times eventually added the CalDAV, but faulty as it seems. Output then is the following: 3-SSL-checked-calCreation.txt
Because then neither new calendars nor events can be persisted properly:
- New calendars remain after a restart of Calendar.app, but only exist in some temporary store in Calendar.app
- not within etesync-dav's application support directory, b/c
etesync_data.dbdoes not shows the timestamp of the calendar event creation but whenetesync-dav manageran the first time (=initialization). - not on the etesync API server b/c in the Web App the calendar has no collections nor events.
- not within etesync-dav's application support directory, b/c
- And new events shortly appear on the calendar canvas but then disappear (=not persisted at all). 1-SSL-unchecked-eventCreation.txt 2-SSL-checked-eventCreation.txt
ssl.SSLError: [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:1056)
Could it be that the openssl shipped with macOS 10.14.4 with which I created the self signed certificate is too new for etesync-dav 0.5.5?
$ etesync-dav --version
2.1.11 # Interesting version offset as I downloaded from https://github.com/etesync/etesync-dav/releases/tag/v0.5.0
$ openssl version -a
LibreSSL 2.6.5
built on: date not available
platform: information not available
options: bn(64,64) rc4(ptr,int) des(idx,cisc,16,int) blowfish(idx)
compiler: information not available
OPENSSLDIR: "/private/etc/ssl"
Your installed version is LibreSSL (which is mostly OpenSSL compatible but not 100%), maybe that's causing issues. Though looking at the error it looks like your Mac is making http requests to your https server. Could you verify you are really making https requests? One easy way of checking things is just opening https://localhost:37358/ in your browser. Does that work correctly?
Mojave SSL bugginess is annoying. :|
Sorry to be so late to the party! I totally overlooked my GitHub mails.
@tasn, I've just created a PR that hopefullx fixes @idmyn's issue. @idmyn, could you try it out once it's out? It works for me, but it worked for me the last time, too.
@porg I've just played around with my setup a bit. I'm also on macOS 10.4.4. I can create new calendars, but I can't name them (in Calendar.app, that is). Calendar.app first shows the new name, but then reverts back to "Untitled." But this just seems to be one more Mojave bug. SSL works. (I tried to create a new certificate to cross-check, but the behaviour is exactly the same.) Not that this helps, of course.
Note: Tested very intensively. If the report mentions "sometimes this, sometimes that" this really is the observation after several thoroughly conducted and observed attempts!
OpenSSL
I confirm that my OpenSSL executable is really the one which ships with macOS and not any which was installed by another package manager or installer.
$ which openssl
/usr/bin/openssl
$ ls -l /usr/bin/open*
-rwxr-xr-x 1 root wheel 105952 Mar 21 07:08 /usr/bin/open
-rwxr-xr-x 1 root wheel 18304 Mar 21 07:08 /usr/bin/opendiff
-rwxr-xr-x 1 root wheel 8038 Aug 21 2018 /usr/bin/opensnoop
-rwxr-xr-x 1 root wheel 1178976 Mar 21 07:08 /usr/bin/openssl
# All with the same timestamp. They sure all originate from the macOS 10.14.4 update.
OpenSSL certificate
http://localhost:37358/ --> Safari says that it could not open the page as the server ended the connection unexpectedly.
https://localhost:37358/ with self signed certificate with Trust=never --> Safari refuses to connect saying this connection is not private.
https://localhost:37358/ with self signed certificate with Trust=always --> Sometimes I get a 500 Internal Server Error: login mask loading fails.txt --> Sometimes I get to a login mask: login mask loading works.txt
Login Mask to Radicale
Intentionally entering wrong credentials --> 401 Unauthorized
Entering correct credentials --> I get logged in.
Entering correct credentials after a longer time of inactivity --> Fails with 500 Internal Server Error login mask loading fails with 500 if after a long time of inactivity.txt
- Note: Before debugging in a web browser be sure to deactivate any Calendar apps and/or their daemons that this is out of the equation. On macOS simply delete or deactivate your CalDAV/CardDAV account while accessing radicale via web browser.
- Question: Is concurrency of multiple CalDAV clients to one etesync-dav server supported?
Inside Radicale
When being inside, click on "Create new addressbook or calendar" --> Fails with 403 Forbidden, if done quickly after login or quickly after a previous attempt create new collection attempt 1 fails with 403.txt create new collection attempt 3 fails with 403.txt --> Fails with 500 Internal Server Error, if done after a longer time of inactivity. create new collection attempt 2 after longer inactivity fails with 500.txt -- I did not achieve a single successful creation with the default collection type choice "calendar, journal and task". Always failed.
Just to be clear, I’m not a developer, I only contributed a measly script to help getting EteSync to work in Mojave. All I can offer is that we compare how our systems differ to try to locate what causes the error.
I’m on the same version of Mojave and using the same version of etesync-dav. So the only remaining relevant difference I can think of is Python.
What Python version do you run? And does etesync-dav have a virtual environment of its own?
$ cd /path/to/etesync-dav $ . bin/activate $ etesync-dav --version 2.1.11 $ python3 --version Python 3.7.2
This is the version that homebrew ships out.
@odkr
[…] Just to be clear, I’m not a developer, I only contributed a measly script […]
That's exactly my skill level too ;-)
I installed etesync-dav
- by downloading the single binary, and moved it to /usr/local/bin/ with proper execution permissions.
- without any virtual environment
- without having touched Python
Like this:
$ cd ~/Downloads/
$ wget https://github.com/etesync/etesync-dav/releases/download/v0.5.0/mac-etesync-dav
[…] ‘mac-etesync-dav’ saved [8760774/8760774] […]
$ ls -l mac-etesync-dav
-rw-r--r--@ 1 sn staff 8760774 Mar 7 23:28 mac-etesync-dav
$ mv mac-etesync-dav /usr/local/bin/etesync-dav
$ ls -l /usr/local/bin/etesync-dav
-rw-r--r--@ 1 sn staff 8760774 Mar 7 23:28 /usr/local/bin/etesync-dav
$ chmod +x /usr/local/bin/etesync-dav
$ ls -l /usr/local/bin/etesync-dav
-rwxr-xr-x@ 1 sn staff 8760774 Mar 7 23:28 /usr/local/bin/etesync-dav
$ cd /
$ which etesync-dav
/usr/local/bin/etesync-dav
$ etesync-dav --version
2.1.11
$ type -a python3
python3 is /usr/local/bin/python3
python3 --version
Python 3.7.3
$ type -a python
python is /usr/bin/python
python is /usr/local/bin/python
$ /usr/bin/python --version
Python 2.7.10
$ /usr/local/bin/python --version
Python 2.7.16
@all Tried another web app radicale session on another local user account where Calendar.app has no network calendars at all and where etesync-dav has another user, but experienced exactly the same problems. Still am failing with setup on the etesync Desktop bridge for the Mac, far from using etesync at all :-(
### In this log my comments are prefixed with three hashes.
### They mention the user interactions I am about to do and/or observations thereafter.
$ etesync-dav -D
[1118055c0] INFO: Starting Radicale
[1118055c0] INFO: Authentication type is 'htpasswd'
[1118055c0] INFO: Storage type is 'radicale_storage_etesync'
[1118055c0] INFO: Rights type is 'radicale_storage_etesync.rights'
[1118055c0] INFO: Web type is 'internal'
[1118055c0] INFO: Listening to '1.0.0.127.in-addr.arpa' on port 37358
[1118055c0] INFO: Radicale server ready
[7000089e4000] INFO: GET request for '/' received from 127.0.0.1 using 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36'
[7000089e4000] DEBUG: Request headers:
{'CONTENT_LENGTH': '',
'CONTENT_TYPE': 'text/plain',
'GATEWAY_INTERFACE': 'CGI/1.1',
'HTTP_ACCEPT': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3',
'HTTP_ACCEPT_ENCODING': 'gzip, deflate, br',
'HTTP_ACCEPT_LANGUAGE': 'de,en;q=0.9,sk;q=0.8,he;q=0.7,cy;q=0.6',
'HTTP_CONNECTION': 'keep-alive',
'HTTP_HOST': 'localhost:37358',
'HTTP_UPGRADE_INSECURE_REQUESTS': '1',
'HTTP_USER_AGENT': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) '
'AppleWebKit/537.36 (KHTML, like Gecko) '
'Chrome/73.0.3683.103 Safari/537.36',
'PATH_INFO': '/',
'QUERY_STRING': '',
'REMOTE_ADDR': '127.0.0.1',
'REMOTE_HOST': '',
'REQUEST_METHOD': 'GET',
'SCRIPT_NAME': '',
'SERVER_NAME': '1.0.0.127.in-addr.arpa',
'SERVER_PORT': '37358',
'SERVER_PROTOCOL': 'HTTP/1.1',
'SERVER_SOFTWARE': 'WSGIServer/0.2',
'wsgi.errors': <_io.StringIO object at 0x10be7adc8>,
'wsgi.file_wrapper': <class 'wsgiref.util.FileWrapper'>,
'wsgi.input': <_io.BufferedReader name=8>,
'wsgi.multiprocess': False,
'wsgi.multithread': True,
'wsgi.run_once': False,
'wsgi.url_scheme': 'http',
'wsgi.version': (1, 0)}
[7000089e4000] DEBUG: Sanitized script name: ''
[7000089e4000] DEBUG: Sanitized path: '/'
[7000089e4000] DEBUG: Response content:
Redirected to .web
[7000089e4000] INFO: GET response status for '/' in 0.002 seconds: 302 Found
[700008ee7000] INFO: GET request for '/.web' received from 127.0.0.1 using 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36'
[700008ee7000] DEBUG: Request headers:
{'CONTENT_LENGTH': '',
'CONTENT_TYPE': 'text/plain',
'GATEWAY_INTERFACE': 'CGI/1.1',
'HTTP_ACCEPT': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3',
'HTTP_ACCEPT_ENCODING': 'gzip, deflate, br',
'HTTP_ACCEPT_LANGUAGE': 'de,en;q=0.9,sk;q=0.8,he;q=0.7,cy;q=0.6',
'HTTP_CONNECTION': 'keep-alive',
'HTTP_HOST': 'localhost:37358',
'HTTP_UPGRADE_INSECURE_REQUESTS': '1',
'HTTP_USER_AGENT': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) '
'AppleWebKit/537.36 (KHTML, like Gecko) '
'Chrome/73.0.3683.103 Safari/537.36',
'PATH_INFO': '/.web',
'QUERY_STRING': '',
'REMOTE_ADDR': '127.0.0.1',
'REMOTE_HOST': '',
'REQUEST_METHOD': 'GET',
'SCRIPT_NAME': '',
'SERVER_NAME': '1.0.0.127.in-addr.arpa',
'SERVER_PORT': '37358',
'SERVER_PROTOCOL': 'HTTP/1.1',
'SERVER_SOFTWARE': 'WSGIServer/0.2',
'wsgi.errors': <_io.StringIO object at 0x10be7aaf8>,
'wsgi.file_wrapper': <class 'wsgiref.util.FileWrapper'>,
'wsgi.input': <_io.BufferedReader name=9>,
'wsgi.multiprocess': False,
'wsgi.multithread': True,
'wsgi.run_once': False,
'wsgi.url_scheme': 'http',
'wsgi.version': (1, 0)}
[700008ee7000] DEBUG: Sanitized script name: ''
[700008ee7000] DEBUG: Sanitized path: '/.web'
[700008ee7000] DEBUG: Response content:
Redirected to .web/
[700008ee7000] INFO: GET response status for '/.web' in 0.001 seconds: 302 Found
[7000089e4000] INFO: GET request for '/.web/' received from 127.0.0.1 using 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36'
[7000089e4000] DEBUG: Request headers:
{'CONTENT_LENGTH': '',
'CONTENT_TYPE': 'text/plain',
'GATEWAY_INTERFACE': 'CGI/1.1',
'HTTP_ACCEPT': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3',
'HTTP_ACCEPT_ENCODING': 'gzip, deflate, br',
'HTTP_ACCEPT_LANGUAGE': 'de,en;q=0.9,sk;q=0.8,he;q=0.7,cy;q=0.6',
'HTTP_CONNECTION': 'keep-alive',
'HTTP_HOST': 'localhost:37358',
'HTTP_IF_MODIFIED_SINCE': 'Sun, 07 Apr 2019 21:27:27 GMT',
'HTTP_UPGRADE_INSECURE_REQUESTS': '1',
'HTTP_USER_AGENT': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) '
'AppleWebKit/537.36 (KHTML, like Gecko) '
'Chrome/73.0.3683.103 Safari/537.36',
'PATH_INFO': '/.web/',
'QUERY_STRING': '',
'REMOTE_ADDR': '127.0.0.1',
'REMOTE_HOST': '',
'REQUEST_METHOD': 'GET',
'SCRIPT_NAME': '',
'SERVER_NAME': '1.0.0.127.in-addr.arpa',
'SERVER_PORT': '37358',
'SERVER_PROTOCOL': 'HTTP/1.1',
'SERVER_SOFTWARE': 'WSGIServer/0.2',
'wsgi.errors': <_io.StringIO object at 0x10be7aaf8>,
'wsgi.file_wrapper': <class 'wsgiref.util.FileWrapper'>,
'wsgi.input': <_io.BufferedReader name=8>,
'wsgi.multiprocess': False,
'wsgi.multithread': True,
'wsgi.run_once': False,
'wsgi.url_scheme': 'http',
'wsgi.version': (1, 0)}
[7000089e4000] DEBUG: Sanitized script name: ''
[7000089e4000] DEBUG: Sanitized path: '/.web/'
[7000089e4000] INFO: GET response status for '/.web/' in 0.002 seconds: 200 OK
[7000089e4000] INFO: GET request for '/.web/fn.js' received from 127.0.0.1 using 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36'
[7000089e4000] DEBUG: Request headers:
{'CONTENT_LENGTH': '',
'CONTENT_TYPE': 'text/plain',
'GATEWAY_INTERFACE': 'CGI/1.1',
'HTTP_ACCEPT': '*/*',
'HTTP_ACCEPT_ENCODING': 'gzip, deflate, br',
'HTTP_ACCEPT_LANGUAGE': 'de,en;q=0.9,sk;q=0.8,he;q=0.7,cy;q=0.6',
'HTTP_CONNECTION': 'keep-alive',
'HTTP_HOST': 'localhost:37358',
'HTTP_REFERER': 'http://localhost:37358/.web/',
'HTTP_USER_AGENT': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) '
'AppleWebKit/537.36 (KHTML, like Gecko) '
'Chrome/73.0.3683.103 Safari/537.36',
'PATH_INFO': '/.web/fn.js',
'QUERY_STRING': '',
'REMOTE_ADDR': '127.0.0.1',
'REMOTE_HOST': '',
'REQUEST_METHOD': 'GET',
'SCRIPT_NAME': '',
'SERVER_NAME': '1.0.0.127.in-addr.arpa',
'SERVER_PORT': '37358',
'SERVER_PROTOCOL': 'HTTP/1.1',
'SERVER_SOFTWARE': 'WSGIServer/0.2',
'wsgi.errors': <_io.StringIO object at 0x10be7aaf8>,
'wsgi.file_wrapper': <class 'wsgiref.util.FileWrapper'>,
'wsgi.input': <_io.BufferedReader name=8>,
'wsgi.multiprocess': False,
'wsgi.multithread': True,
'wsgi.run_once': False,
'wsgi.url_scheme': 'http',
'wsgi.version': (1, 0)}
[7000089e4000] DEBUG: Sanitized script name: ''
[7000089e4000] DEBUG: Sanitized path: '/.web/fn.js'
[700008ee7000] INFO: GET request for '/.web/css/main.css' received from 127.0.0.1 using 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36'
[700008ee7000] DEBUG: Request headers:
{'CONTENT_LENGTH': '',
'CONTENT_TYPE': 'text/plain',
'GATEWAY_INTERFACE': 'CGI/1.1',
'HTTP_ACCEPT': 'text/css,*/*;q=0.1',
'HTTP_ACCEPT_ENCODING': 'gzip, deflate, br',
'HTTP_ACCEPT_LANGUAGE': 'de,en;q=0.9,sk;q=0.8,he;q=0.7,cy;q=0.6',
'HTTP_CONNECTION': 'keep-alive',
'HTTP_HOST': 'localhost:37358',
'HTTP_IF_MODIFIED_SINCE': 'Sun, 07 Apr 2019 21:27:27 GMT',
'HTTP_REFERER': 'http://localhost:37358/.web/',
'HTTP_USER_AGENT': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) '
'AppleWebKit/537.36 (KHTML, like Gecko) '
'Chrome/73.0.3683.103 Safari/537.36',
'PATH_INFO': '/.web/css/main.css',
'QUERY_STRING': '',
'REMOTE_ADDR': '127.0.0.1',
'REMOTE_HOST': '',
'REQUEST_METHOD': 'GET',
'SCRIPT_NAME': '',
'SERVER_NAME': '1.0.0.127.in-addr.arpa',
'SERVER_PORT': '37358',
'SERVER_PROTOCOL': 'HTTP/1.1',
'SERVER_SOFTWARE': 'WSGIServer/0.2',
'wsgi.errors': <_io.StringIO object at 0x10be7adc8>,
'wsgi.file_wrapper': <class 'wsgiref.util.FileWrapper'>,
'wsgi.input': <_io.BufferedReader name=9>,
'wsgi.multiprocess': False,
'wsgi.multithread': True,
'wsgi.run_once': False,
'wsgi.url_scheme': 'http',
'wsgi.version': (1, 0)}
[700008ee7000] DEBUG: Sanitized script name: ''
[700008ee7000] DEBUG: Sanitized path: '/.web/css/main.css'
[700008ee7000] INFO: GET response status for '/.web/css/main.css' in 0.002 seconds: 200 OK
[7000089e4000] INFO: GET response status for '/.web/fn.js' in 0.005 seconds: 200 OK
### Will login now.
[7000089e4000] INFO: PROPFIND request for '/' received from 127.0.0.1 using 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36'
[7000089e4000] DEBUG: Request headers:
{'CONTENT_LENGTH': '127',
'CONTENT_TYPE': 'text/plain;charset=UTF-8',
'GATEWAY_INTERFACE': 'CGI/1.1',
'HTTP_ACCEPT': '*/*',
'HTTP_ACCEPT_ENCODING': 'gzip, deflate, br',
'HTTP_ACCEPT_LANGUAGE': 'de,en;q=0.9,sk;q=0.8,he;q=0.7,cy;q=0.6',
'HTTP_CONNECTION': 'keep-alive',
'HTTP_HOST': 'localhost:37358',
'HTTP_ORIGIN': 'http://localhost:37358',
'HTTP_REFERER': 'http://localhost:37358/.web/',
'HTTP_USER_AGENT': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) '
'AppleWebKit/537.36 (KHTML, like Gecko) '
'Chrome/73.0.3683.103 Safari/537.36',
'PATH_INFO': '/',
'QUERY_STRING': '',
'REMOTE_ADDR': '127.0.0.1',
'REMOTE_HOST': '',
'REQUEST_METHOD': 'PROPFIND',
'SCRIPT_NAME': '',
'SERVER_NAME': '1.0.0.127.in-addr.arpa',
'SERVER_PORT': '37358',
'SERVER_PROTOCOL': 'HTTP/1.1',
'SERVER_SOFTWARE': 'WSGIServer/0.2',
'wsgi.errors': <_io.StringIO object at 0x10be7aaf8>,
'wsgi.file_wrapper': <class 'wsgiref.util.FileWrapper'>,
'wsgi.input': <_io.BufferedReader name=8>,
'wsgi.multiprocess': False,
'wsgi.multithread': True,
'wsgi.run_once': False,
'wsgi.url_scheme': 'http',
'wsgi.version': (1, 0)}
[7000089e4000] DEBUG: Sanitized script name: ''
[7000089e4000] DEBUG: Sanitized path: '/'
[7000089e4000] INFO: Access to '/' denied for anonymous user
[7000089e4000] DEBUG: Asking client for authentication
[7000089e4000] DEBUG: Response content:
Access to the requested resource forbidden.
[7000089e4000] INFO: PROPFIND response status for '/' in 0.001 seconds: 401 Unauthorized
[7000089e4000] INFO: PROPFIND request for '/' received from 127.0.0.1 using 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36'
[7000089e4000] DEBUG: Request headers:
{'CONTENT_LENGTH': '127',
'CONTENT_TYPE': 'text/plain;charset=UTF-8',
'GATEWAY_INTERFACE': 'CGI/1.1',
'HTTP_ACCEPT': '*/*',
'HTTP_ACCEPT_ENCODING': 'gzip, deflate, br',
'HTTP_ACCEPT_LANGUAGE': 'de,en;q=0.9,sk;q=0.8,he;q=0.7,cy;q=0.6',
'HTTP_AUTHORIZATION': 'Basic **masked**',
'HTTP_CONNECTION': 'keep-alive',
'HTTP_HOST': 'localhost:37358',
'HTTP_ORIGIN': 'http://localhost:37358',
'HTTP_REFERER': 'http://localhost:37358/.web/',
'HTTP_USER_AGENT': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) '
'AppleWebKit/537.36 (KHTML, like Gecko) '
'Chrome/73.0.3683.103 Safari/537.36',
'PATH_INFO': '/',
'QUERY_STRING': '',
'REMOTE_ADDR': '127.0.0.1',
'REMOTE_HOST': '',
'REQUEST_METHOD': 'PROPFIND',
'SCRIPT_NAME': '',
'SERVER_NAME': '1.0.0.127.in-addr.arpa',
'SERVER_PORT': '37358',
'SERVER_PROTOCOL': 'HTTP/1.1',
'SERVER_SOFTWARE': 'WSGIServer/0.2',
'wsgi.errors': <_io.StringIO object at 0x10be7aaf8>,
'wsgi.file_wrapper': <class 'wsgiref.util.FileWrapper'>,
'wsgi.input': <_io.BufferedReader name=8>,
'wsgi.multiprocess': False,
'wsgi.multithread': True,
'wsgi.run_once': False,
'wsgi.url_scheme': 'http',
'wsgi.version': (1, 0)}
[7000089e4000] DEBUG: Sanitized script name: ''
[7000089e4000] DEBUG: Sanitized path: '/'
[7000089e4000] INFO: Successful login: '[email protected]'
[7000089e4000] DEBUG: Request content:
<?xml version="1.0"?>
<propfind xmlns="DAV:">
<prop>
<current-user-principal />
<displayname />
</prop>
</propfind>
[7000089e4000] DEBUG: '[email protected]' has read access to collection ''
[7000089e4000] DEBUG: Response content:
<?xml version="1.0"?>
<multistatus xmlns="DAV:">
<response>
<href>/</href>
<propstat>
<prop>
<current-user-principal>
<href>/p.org%40gmx.at/</href>
</current-user-principal>
<displayname />
</prop>
<status>HTTP/1.1 200 OK</status>
</propstat>
</response>
</multistatus>
[7000089e4000] INFO: PROPFIND response status for '/' in 17.540 seconds: 207 Multi-Status
[7000089e4000] INFO: PROPFIND request for '/[email protected]/' with depth '1' received from 127.0.0.1 using 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36'
[7000089e4000] DEBUG: Request headers:
{'CONTENT_LENGTH': '461',
'CONTENT_TYPE': 'text/plain;charset=UTF-8',
'GATEWAY_INTERFACE': 'CGI/1.1',
'HTTP_ACCEPT': '*/*',
'HTTP_ACCEPT_ENCODING': 'gzip, deflate, br',
'HTTP_ACCEPT_LANGUAGE': 'de,en;q=0.9,sk;q=0.8,he;q=0.7,cy;q=0.6',
'HTTP_CONNECTION': 'keep-alive',
'HTTP_DEPTH': '1',
'HTTP_HOST': 'localhost:37358',
'HTTP_ORIGIN': 'http://localhost:37358',
'HTTP_REFERER': 'http://localhost:37358/.web/',
'HTTP_USER_AGENT': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) '
'AppleWebKit/537.36 (KHTML, like Gecko) '
'Chrome/73.0.3683.103 Safari/537.36',
'PATH_INFO': '/[email protected]/',
'QUERY_STRING': '',
'REMOTE_ADDR': '127.0.0.1',
'REMOTE_HOST': '',
'REQUEST_METHOD': 'PROPFIND',
'SCRIPT_NAME': '',
'SERVER_NAME': '1.0.0.127.in-addr.arpa',
'SERVER_PORT': '37358',
'SERVER_PROTOCOL': 'HTTP/1.1',
'SERVER_SOFTWARE': 'WSGIServer/0.2',
'wsgi.errors': <_io.StringIO object at 0x10bea8ee8>,
'wsgi.file_wrapper': <class 'wsgiref.util.FileWrapper'>,
'wsgi.input': <_io.BufferedReader name=8>,
'wsgi.multiprocess': False,
'wsgi.multithread': True,
'wsgi.run_once': False,
'wsgi.url_scheme': 'http',
'wsgi.version': (1, 0)}
[7000089e4000] DEBUG: Sanitized script name: ''
[7000089e4000] DEBUG: Sanitized path: '/[email protected]/'
[7000089e4000] INFO: Access to '/[email protected]/' denied for anonymous user
[7000089e4000] DEBUG: Asking client for authentication
[7000089e4000] DEBUG: Response content:
Access to the requested resource forbidden.
[7000089e4000] INFO: PROPFIND response status for '/[email protected]/' with depth '1' in 0.001 seconds: 401 Unauthorized
[7000089e4000] INFO: PROPFIND request for '/[email protected]/' with depth '1' received from 127.0.0.1 using 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36'
[7000089e4000] DEBUG: Request headers:
{'CONTENT_LENGTH': '461',
'CONTENT_TYPE': 'text/plain;charset=UTF-8',
'GATEWAY_INTERFACE': 'CGI/1.1',
'HTTP_ACCEPT': '*/*',
'HTTP_ACCEPT_ENCODING': 'gzip, deflate, br',
'HTTP_ACCEPT_LANGUAGE': 'de,en;q=0.9,sk;q=0.8,he;q=0.7,cy;q=0.6',
'HTTP_AUTHORIZATION': 'Basic **masked**',
'HTTP_CONNECTION': 'keep-alive',
'HTTP_DEPTH': '1',
'HTTP_HOST': 'localhost:37358',
'HTTP_ORIGIN': 'http://localhost:37358',
'HTTP_REFERER': 'http://localhost:37358/.web/',
'HTTP_USER_AGENT': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) '
'AppleWebKit/537.36 (KHTML, like Gecko) '
'Chrome/73.0.3683.103 Safari/537.36',
'PATH_INFO': '/[email protected]/',
'QUERY_STRING': '',
'REMOTE_ADDR': '127.0.0.1',
'REMOTE_HOST': '',
'REQUEST_METHOD': 'PROPFIND',
'SCRIPT_NAME': '',
'SERVER_NAME': '1.0.0.127.in-addr.arpa',
'SERVER_PORT': '37358',
'SERVER_PROTOCOL': 'HTTP/1.1',
'SERVER_SOFTWARE': 'WSGIServer/0.2',
'wsgi.errors': <_io.StringIO object at 0x10bea8ee8>,
'wsgi.file_wrapper': <class 'wsgiref.util.FileWrapper'>,
'wsgi.input': <_io.BufferedReader name=8>,
'wsgi.multiprocess': False,
'wsgi.multithread': True,
'wsgi.run_once': False,
'wsgi.url_scheme': 'http',
'wsgi.version': (1, 0)}
[7000089e4000] DEBUG: Sanitized script name: ''
[7000089e4000] DEBUG: Sanitized path: '/[email protected]/'
[7000089e4000] INFO: Successful login: '[email protected]'
[7000089e4000] DEBUG: Request content:
<?xml version="1.0"?>
<propfind xmlns="DAV:" xmlns:C="urn:ietf:params:xml:ns:caldav" xmlns:CR="urn:ietf:params:xml:ns:carddav" xmlns:ICAL="http://apple.com/ns/ical/" xmlns:RADICALE="http://radicale.org/ns/" xmlns:ns3="http://inf-it.com/ns/ab/">
<prop>
<resourcetype />
<RADICALE:displayname />
<ICAL:calendar-color />
<ns3:addressbook-color />
<C:calendar-description />
<C:supported-calendar-component-set />
<CR:addressbook-description />
</prop>
</propfind>
[7000089e4000] DEBUG: '[email protected]' has read and write access to collection '[email protected]'
[7000089e4000] DEBUG: Response content:
<?xml version="1.0"?>
<multistatus xmlns="DAV:" xmlns:C="urn:ietf:params:xml:ns:caldav" xmlns:CR="urn:ietf:params:xml:ns:carddav" xmlns:ICAL="http://apple.com/ns/ical/" xmlns:RADICALE="http://radicale.org/ns/" xmlns:ns3="http://inf-it.com/ns/ab/">
<response>
<href>/p.org%40gmx.at/</href>
<propstat>
<prop>
<resourcetype>
<principal />
<collection />
</resourcetype>
<RADICALE:displayname />
<ICAL:calendar-color />
<ns3:addressbook-color />
<C:calendar-description />
<CR:addressbook-description />
</prop>
<status>HTTP/1.1 200 OK</status>
</propstat>
<propstat>
<prop>
<C:supported-calendar-component-set />
</prop>
<status>HTTP/1.1 404 Not Found</status>
</propstat>
</response>
</multistatus>
[7000089e4000] INFO: PROPFIND response status for '/[email protected]/' with depth '1' in 0.010 seconds: 207 Multi-Status
### Am inside Radicale. My outbound firewall LittleSnitch had asked me whether to grant etesync-dav network access and I granted not only to etesync.com but to all domains/ports for now, to have nothing in our way.
### Clicked "Create new collection"
# No further debug output interestingly.
# Got to mask for creating new collection.
### Will now create new collection test1.
[7000089e4000] INFO: MKCOL request for '/[email protected]/f84b1c9b-4fd9-0840-9832-ec7334f80398/' received from 127.0.0.1 using 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36'
[7000089e4000] DEBUG: Request headers:
{'CONTENT_LENGTH': '527',
'CONTENT_TYPE': 'text/plain;charset=UTF-8',
'GATEWAY_INTERFACE': 'CGI/1.1',
'HTTP_ACCEPT': '*/*',
'HTTP_ACCEPT_ENCODING': 'gzip, deflate, br',
'HTTP_ACCEPT_LANGUAGE': 'de,en;q=0.9,sk;q=0.8,he;q=0.7,cy;q=0.6',
'HTTP_CONNECTION': 'keep-alive',
'HTTP_HOST': 'localhost:37358',
'HTTP_ORIGIN': 'http://localhost:37358',
'HTTP_REFERER': 'http://localhost:37358/.web/',
'HTTP_USER_AGENT': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) '
'AppleWebKit/537.36 (KHTML, like Gecko) '
'Chrome/73.0.3683.103 Safari/537.36',
'PATH_INFO': '/[email protected]/f84b1c9b-4fd9-0840-9832-ec7334f80398/',
'QUERY_STRING': '',
'REMOTE_ADDR': '127.0.0.1',
'REMOTE_HOST': '',
'REQUEST_METHOD': 'MKCOL',
'SCRIPT_NAME': '',
'SERVER_NAME': '1.0.0.127.in-addr.arpa',
'SERVER_PORT': '37358',
'SERVER_PROTOCOL': 'HTTP/1.1',
'SERVER_SOFTWARE': 'WSGIServer/0.2',
'wsgi.errors': <_io.StringIO object at 0x10c2043a8>,
'wsgi.file_wrapper': <class 'wsgiref.util.FileWrapper'>,
'wsgi.input': <_io.BufferedReader name=8>,
'wsgi.multiprocess': False,
'wsgi.multithread': True,
'wsgi.run_once': False,
'wsgi.url_scheme': 'http',
'wsgi.version': (1, 0)}
[7000089e4000] DEBUG: Sanitized script name: ''
[7000089e4000] DEBUG: Sanitized path: '/[email protected]/f84b1c9b-4fd9-0840-9832-ec7334f80398/'
[7000089e4000] INFO: Access to '/[email protected]/f84b1c9b-4fd9-0840-9832-ec7334f80398/' denied for anonymous user
[7000089e4000] DEBUG: Asking client for authentication
[7000089e4000] DEBUG: Response content:
Access to the requested resource forbidden.
[7000089e4000] INFO: MKCOL response status for '/[email protected]/f84b1c9b-4fd9-0840-9832-ec7334f80398/' in 0.001 seconds: 401 Unauthorized
[7000089e4000] INFO: MKCOL request for '/[email protected]/f84b1c9b-4fd9-0840-9832-ec7334f80398/' received from 127.0.0.1 using 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36'
[7000089e4000] DEBUG: Request headers:
{'CONTENT_LENGTH': '527',
'CONTENT_TYPE': 'text/plain;charset=UTF-8',
'GATEWAY_INTERFACE': 'CGI/1.1',
'HTTP_ACCEPT': '*/*',
'HTTP_ACCEPT_ENCODING': 'gzip, deflate, br',
'HTTP_ACCEPT_LANGUAGE': 'de,en;q=0.9,sk;q=0.8,he;q=0.7,cy;q=0.6',
'HTTP_AUTHORIZATION': 'Basic **masked**',
'HTTP_CONNECTION': 'keep-alive',
'HTTP_HOST': 'localhost:37358',
'HTTP_ORIGIN': 'http://localhost:37358',
'HTTP_REFERER': 'http://localhost:37358/.web/',
'HTTP_USER_AGENT': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) '
'AppleWebKit/537.36 (KHTML, like Gecko) '
'Chrome/73.0.3683.103 Safari/537.36',
'PATH_INFO': '/[email protected]/f84b1c9b-4fd9-0840-9832-ec7334f80398/',
'QUERY_STRING': '',
'REMOTE_ADDR': '127.0.0.1',
'REMOTE_HOST': '',
'REQUEST_METHOD': 'MKCOL',
'SCRIPT_NAME': '',
'SERVER_NAME': '1.0.0.127.in-addr.arpa',
'SERVER_PORT': '37358',
'SERVER_PROTOCOL': 'HTTP/1.1',
'SERVER_SOFTWARE': 'WSGIServer/0.2',
'wsgi.errors': <_io.StringIO object at 0x10c2043a8>,
'wsgi.file_wrapper': <class 'wsgiref.util.FileWrapper'>,
'wsgi.input': <_io.BufferedReader name=8>,
'wsgi.multiprocess': False,
'wsgi.multithread': True,
'wsgi.run_once': False,
'wsgi.url_scheme': 'http',
'wsgi.version': (1, 0)}
[7000089e4000] DEBUG: Sanitized script name: ''
[7000089e4000] DEBUG: Sanitized path: '/[email protected]/f84b1c9b-4fd9-0840-9832-ec7334f80398/'
[7000089e4000] INFO: Successful login: '[email protected]'
[7000089e4000] INFO: Access to '/[email protected]/f84b1c9b-4fd9-0840-9832-ec7334f80398/' denied for '[email protected]'
[7000089e4000] DEBUG: Response content:
Access to the requested resource forbidden.
[7000089e4000] INFO: MKCOL response status for '/[email protected]/f84b1c9b-4fd9-0840-9832-ec7334f80398/' in 0.307 seconds: 403 Forbidden
### Got a 403 Forbidden in the UI.
### Try test2
[7000089e4000] INFO: MKCOL request for '/[email protected]/f84b1c9b-4fd9-0840-9832-ec7334f80398/' received from 127.0.0.1 using 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36'
[7000089e4000] DEBUG: Request headers:
{'CONTENT_LENGTH': '527',
'CONTENT_TYPE': 'text/plain;charset=UTF-8',
'GATEWAY_INTERFACE': 'CGI/1.1',
'HTTP_ACCEPT': '*/*',
'HTTP_ACCEPT_ENCODING': 'gzip, deflate, br',
'HTTP_ACCEPT_LANGUAGE': 'de,en;q=0.9,sk;q=0.8,he;q=0.7,cy;q=0.6',
'HTTP_CONNECTION': 'keep-alive',
'HTTP_HOST': 'localhost:37358',
'HTTP_ORIGIN': 'http://localhost:37358',
'HTTP_REFERER': 'http://localhost:37358/.web/',
'HTTP_USER_AGENT': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) '
'AppleWebKit/537.36 (KHTML, like Gecko) '
'Chrome/73.0.3683.103 Safari/537.36',
'PATH_INFO': '/[email protected]/f84b1c9b-4fd9-0840-9832-ec7334f80398/',
'QUERY_STRING': '',
'REMOTE_ADDR': '127.0.0.1',
'REMOTE_HOST': '',
'REQUEST_METHOD': 'MKCOL',
'SCRIPT_NAME': '',
'SERVER_NAME': '1.0.0.127.in-addr.arpa',
'SERVER_PORT': '37358',
'SERVER_PROTOCOL': 'HTTP/1.1',
'SERVER_SOFTWARE': 'WSGIServer/0.2',
'wsgi.errors': <_io.StringIO object at 0x10be7af78>,
'wsgi.file_wrapper': <class 'wsgiref.util.FileWrapper'>,
'wsgi.input': <_io.BufferedReader name=8>,
'wsgi.multiprocess': False,
'wsgi.multithread': True,
'wsgi.run_once': False,
'wsgi.url_scheme': 'http',
'wsgi.version': (1, 0)}
[7000089e4000] DEBUG: Sanitized script name: ''
[7000089e4000] DEBUG: Sanitized path: '/[email protected]/f84b1c9b-4fd9-0840-9832-ec7334f80398/'
[7000089e4000] INFO: Access to '/[email protected]/f84b1c9b-4fd9-0840-9832-ec7334f80398/' denied for anonymous user
[7000089e4000] DEBUG: Asking client for authentication
[7000089e4000] DEBUG: Response content:
Access to the requested resource forbidden.
[7000089e4000] INFO: MKCOL response status for '/[email protected]/f84b1c9b-4fd9-0840-9832-ec7334f80398/' in 0.001 seconds: 401 Unauthorized
[7000089e4000] INFO: MKCOL request for '/[email protected]/f84b1c9b-4fd9-0840-9832-ec7334f80398/' received from 127.0.0.1 using 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36'
[7000089e4000] DEBUG: Request headers:
{'CONTENT_LENGTH': '527',
'CONTENT_TYPE': 'text/plain;charset=UTF-8',
'GATEWAY_INTERFACE': 'CGI/1.1',
'HTTP_ACCEPT': '*/*',
'HTTP_ACCEPT_ENCODING': 'gzip, deflate, br',
'HTTP_ACCEPT_LANGUAGE': 'de,en;q=0.9,sk;q=0.8,he;q=0.7,cy;q=0.6',
'HTTP_AUTHORIZATION': 'Basic **masked**',
'HTTP_CONNECTION': 'keep-alive',
'HTTP_HOST': 'localhost:37358',
'HTTP_ORIGIN': 'http://localhost:37358',
'HTTP_REFERER': 'http://localhost:37358/.web/',
'HTTP_USER_AGENT': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) '
'AppleWebKit/537.36 (KHTML, like Gecko) '
'Chrome/73.0.3683.103 Safari/537.36',
'PATH_INFO': '/[email protected]/f84b1c9b-4fd9-0840-9832-ec7334f80398/',
'QUERY_STRING': '',
'REMOTE_ADDR': '127.0.0.1',
'REMOTE_HOST': '',
'REQUEST_METHOD': 'MKCOL',
'SCRIPT_NAME': '',
'SERVER_NAME': '1.0.0.127.in-addr.arpa',
'SERVER_PORT': '37358',
'SERVER_PROTOCOL': 'HTTP/1.1',
'SERVER_SOFTWARE': 'WSGIServer/0.2',
'wsgi.errors': <_io.StringIO object at 0x10be7af78>,
'wsgi.file_wrapper': <class 'wsgiref.util.FileWrapper'>,
'wsgi.input': <_io.BufferedReader name=8>,
'wsgi.multiprocess': False,
'wsgi.multithread': True,
'wsgi.run_once': False,
'wsgi.url_scheme': 'http',
'wsgi.version': (1, 0)}
[7000089e4000] DEBUG: Sanitized script name: ''
[7000089e4000] DEBUG: Sanitized path: '/[email protected]/f84b1c9b-4fd9-0840-9832-ec7334f80398/'
[7000089e4000] INFO: Successful login: '[email protected]'
[7000089e4000] INFO: Access to '/[email protected]/f84b1c9b-4fd9-0840-9832-ec7334f80398/' denied for '[email protected]'
[7000089e4000] DEBUG: Response content:
Access to the requested resource forbidden.
[7000089e4000] INFO: MKCOL response status for '/[email protected]/f84b1c9b-4fd9-0840-9832-ec7334f80398/' in 0.010 seconds: 403 Forbidden
### Failed again.
### Try test3 of type calendar.
[7000089e4000] INFO: MKCOL request for '/[email protected]/f84b1c9b-4fd9-0840-9832-ec7334f80398/' received from 127.0.0.1 using 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36'
[7000089e4000] DEBUG: Request headers:
{'CONTENT_LENGTH': '478',
'CONTENT_TYPE': 'text/plain;charset=UTF-8',
'GATEWAY_INTERFACE': 'CGI/1.1',
'HTTP_ACCEPT': '*/*',
'HTTP_ACCEPT_ENCODING': 'gzip, deflate, br',
'HTTP_ACCEPT_LANGUAGE': 'de,en;q=0.9,sk;q=0.8,he;q=0.7,cy;q=0.6',
'HTTP_CONNECTION': 'keep-alive',
'HTTP_HOST': 'localhost:37358',
'HTTP_ORIGIN': 'http://localhost:37358',
'HTTP_REFERER': 'http://localhost:37358/.web/',
'HTTP_USER_AGENT': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) '
'AppleWebKit/537.36 (KHTML, like Gecko) '
'Chrome/73.0.3683.103 Safari/537.36',
'PATH_INFO': '/[email protected]/f84b1c9b-4fd9-0840-9832-ec7334f80398/',
'QUERY_STRING': '',
'REMOTE_ADDR': '127.0.0.1',
'REMOTE_HOST': '',
'REQUEST_METHOD': 'MKCOL',
'SCRIPT_NAME': '',
'SERVER_NAME': '1.0.0.127.in-addr.arpa',
'SERVER_PORT': '37358',
'SERVER_PROTOCOL': 'HTTP/1.1',
'SERVER_SOFTWARE': 'WSGIServer/0.2',
'wsgi.errors': <_io.StringIO object at 0x10bea8ee8>,
'wsgi.file_wrapper': <class 'wsgiref.util.FileWrapper'>,
'wsgi.input': <_io.BufferedReader name=8>,
'wsgi.multiprocess': False,
'wsgi.multithread': True,
'wsgi.run_once': False,
'wsgi.url_scheme': 'http',
'wsgi.version': (1, 0)}
[7000089e4000] DEBUG: Sanitized script name: ''
[7000089e4000] DEBUG: Sanitized path: '/[email protected]/f84b1c9b-4fd9-0840-9832-ec7334f80398/'
[7000089e4000] INFO: Access to '/[email protected]/f84b1c9b-4fd9-0840-9832-ec7334f80398/' denied for anonymous user
[7000089e4000] DEBUG: Asking client for authentication
[7000089e4000] DEBUG: Response content:
Access to the requested resource forbidden.
[7000089e4000] INFO: MKCOL response status for '/[email protected]/f84b1c9b-4fd9-0840-9832-ec7334f80398/' in 0.001 seconds: 401 Unauthorized
[7000089e4000] INFO: MKCOL request for '/[email protected]/f84b1c9b-4fd9-0840-9832-ec7334f80398/' received from 127.0.0.1 using 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36'
[7000089e4000] DEBUG: Request headers:
{'CONTENT_LENGTH': '478',
'CONTENT_TYPE': 'text/plain;charset=UTF-8',
'GATEWAY_INTERFACE': 'CGI/1.1',
'HTTP_ACCEPT': '*/*',
'HTTP_ACCEPT_ENCODING': 'gzip, deflate, br',
'HTTP_ACCEPT_LANGUAGE': 'de,en;q=0.9,sk;q=0.8,he;q=0.7,cy;q=0.6',
'HTTP_AUTHORIZATION': 'Basic **masked**',
'HTTP_CONNECTION': 'keep-alive',
'HTTP_HOST': 'localhost:37358',
'HTTP_ORIGIN': 'http://localhost:37358',
'HTTP_REFERER': 'http://localhost:37358/.web/',
'HTTP_USER_AGENT': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) '
'AppleWebKit/537.36 (KHTML, like Gecko) '
'Chrome/73.0.3683.103 Safari/537.36',
'PATH_INFO': '/[email protected]/f84b1c9b-4fd9-0840-9832-ec7334f80398/',
'QUERY_STRING': '',
'REMOTE_ADDR': '127.0.0.1',
'REMOTE_HOST': '',
'REQUEST_METHOD': 'MKCOL',
'SCRIPT_NAME': '',
'SERVER_NAME': '1.0.0.127.in-addr.arpa',
'SERVER_PORT': '37358',
'SERVER_PROTOCOL': 'HTTP/1.1',
'SERVER_SOFTWARE': 'WSGIServer/0.2',
'wsgi.errors': <_io.StringIO object at 0x10bea8ee8>,
'wsgi.file_wrapper': <class 'wsgiref.util.FileWrapper'>,
'wsgi.input': <_io.BufferedReader name=8>,
'wsgi.multiprocess': False,
'wsgi.multithread': True,
'wsgi.run_once': False,
'wsgi.url_scheme': 'http',
'wsgi.version': (1, 0)}
[7000089e4000] DEBUG: Sanitized script name: ''
[7000089e4000] DEBUG: Sanitized path: '/[email protected]/f84b1c9b-4fd9-0840-9832-ec7334f80398/'
[7000089e4000] INFO: Successful login: '[email protected]'
[7000089e4000] INFO: Access to '/[email protected]/f84b1c9b-4fd9-0840-9832-ec7334f80398/' denied for '[email protected]'
[7000089e4000] DEBUG: Response content:
Access to the requested resource forbidden.
[7000089e4000] INFO: MKCOL response status for '/[email protected]/f84b1c9b-4fd9-0840-9832-ec7334f80398/' in 0.011 seconds: 403 Forbidden
### Failed again.
# Pressing ctrl-c
[1118055c0] INFO: Stopping Radicale
[1118055c0] INFO: Stopping Radicale
@odkr , I think maybe the best thing to do would try walking through your manual instructions, rather than the script and see if when following them, it works.
Okay, so here goes:
Setup of my system
I created a non-SSL setup from my current settings.
EteSync:
$ cd Library/Application\ Support/etesync-dav $ ls etesync_creds htpaswd radicale.conf.orig etesync_data.db radicale.conf $ cat radicale.conf [server] hosts = localhost:37358
[auth] type = htpasswd htpasswd_filename = /Users/odin/Library/Application Support/etesync-dav/htpaswd htpasswd_encryption = plain
[storage] type = radicale_storage_etesync database_filename = /Users/odin/Library/Application Support/etesync-dav/etesync_data.db remote_url = https://api.etesync.com/ credentials_filename = /Users/odin/Library/Application Support/etesync-dav/etesync_creds
Just to make sure I'm using the same vesion of LibreSSL:
$ openssl version -a LibreSSL 2.6.5 built on: date not available platform: information not available options: bn(64,64) rc4(ptr,int) des(idx,cisc,16,int) blowfish(idx) compiler: information not available OPENSSLDIR: "/private/etc/ssl"
Configuring EteSync to use SSL
$ cd ~/Library/Application\ Support/etesync-dav
Generate the certificate:
$ openssl req -x509 -nodes -newkey rsa:2048 -keyout cert.key -out cert.pem -days 1780 -subj '/CN=localhost' Generating a 2048 bit RSA private key [...] writing new private key to 'cert.key' -----
Add the certificate to Keychain.app:
$ security import cert.pem 1 certificate imported. $ security add-trusted-cert -p ssl cert.pem
The second command will prompt you for your login password.
Add the following lines to the server section of ~/Library/Application Support/etesync-dav/radicale.conf, but replace /Users/odin with the path to your home directory:
ssl = yes certificate = /Users/odin/Library/Application Support/etesync-dav/cert.pem key = /Users/odin/Library/Application Support/etesync-dav/cert.key
Don't escape whitespaces.
The result should look like this:
$ cat radicale.conf [server] hosts = localhost:37358 ssl = yes certificate = /Users/odin/Library/Application Support/etesync-dav/cert.pem key = /Users/odin/Library/Application Support/etesync-dav/cert.key
[auth] type = htpasswd htpasswd_filename = /Users/odin/Library/Application Support/etesync-dav/htpaswd htpasswd_encryption = plain
[storage] type = radicale_storage_etesync database_filename = /Users/odin/Library/Application Support/etesync-dav/etesync_data.db remote_url = https://api.etesync.com/ credentials_filename = /Users/odin/Library/Application Support/etesync-dav/etesync_creds
Installation of EteSync binary
I got the binary distribution for testing:
$ wget https://github.com/etesync/etesync-dav/releases/download/v0.5.0/mac-etesync-dav [...] $ chmod +x mac-etesync-dav $ nohup ./mac-etesync-dav -D & [1] 15994 appending output to nohup.out
Tests
After doing this, I can add calendars via the webinterface at https://localhost:37358/.web/ in Safari and Events and Calendars via Calendar.app. (Though all calendars I add in Calendar.app are called "Untitled".) That said, my testing was quite superficial. Still, after running through the steps above, everything seems to work as expected (for expectations appropriately adjusted to Mojave).
I've attached the debugging output of mac-etesync-dav for comparison.
@tasn Yes, please give me more time to test this. Btw, sent you a request via email to prolong my trial accoints while this is ongoing.
@odkr From a first read of your full manual setup instruction, there's no fundamental difference to what I did. But I will follow your manual instruction in full detail when being with my etesync computer again and will report in full detail. If that fails I will also try it on a backed up Sierra boot disk.
@porg, I already replied to your emailed and extended your trial. :)
Keep us posted.
Hi all, I've just had my account reactivated to give this a go, but I'm still having some trouble (with v0.5.0 binary).
I tried following @odkr's instructions above, and each step seemed to match up, but when running the server (and visiting https://localhost:37358/) I'm getting the following error: [70000cd81000] ERROR: An exception occurred during request: [SSL: SSLV3_ALERT_BAD_CERTIFICATE] sslv3 alert bad certificate (_ssl.c:2484)
Any ideas?
@idmyn you have the same relevant error message as I have on macOS Mojave 10.14.4.
This evening I plan to re-run @odkr 's latest instruction step by step (although it sounds essentially the same what I already did). And if failing also re-run on a bootable macOS Sierra 10.12.6 backup disk which I still have, and see how the same binary compares on the two OS versions.
@idmyn, do I get this right that etesync-dav is giving you that error message? This is odd. Did you access the web interface via Safari? If so, what exactly did it say? Does it provide more detailled information why the certificate is "bad"? You can check in Keychain.app whether the operating system trusts it. If it does, then this leaves only relatively odd points of failure (e.g., your clock may be set to the past, rendering the certificate invalid, …, this is all I can think of right now, in fact).
@odkr yes, I was getting that error message from etesync-dav running in terminal when trying to view localhost in Firefox. I've now tried it in Safari and it works!
I still can't get CalDAV or CardDAV working in my system apps though. When I try to add the CalDAV account in the 'internet accounts' settings pane it says "Unable to verify account name or password" and the terminal says [70000a9d5000] ERROR: An exception occurred during request: SSL handshake failed: [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:1056)
Adding the CardDAV account seems to work, but no contacts appear in the contacts app.
Also, I'm not sure exactly when precisely these errors came up but when I first opened up localhost in safari, logged in there, and tried to add the accounts in the 'internet accounts' preference pane, I checked back and found the following error messages in the terminal:
[7000060e6000] ERROR: An exception occurred during request: [SSL: SSLV3_ALERT_BAD_CERTIFICATE] sslv3 alert bad certificate (_ssl.c:2484)
ERROR:root:No module named 'pytz'
ERROR:root:No module named 'pytz'
[7000060e6000] WARNING: Client provided invalid sync token '845f534c-5afd-40e3-82b3-6c8dd6559e95': Sync token are not supported
WARNING:radicale:Client provided invalid sync token '845f534c-5afd-40e3-82b3-6c8dd6559e95': Sync token are not supported
[7000060e6000] ERROR: An exception occurred during request: SSL handshake failed: [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:1056)
ERROR:radicale:An exception occurred during request: SSL handshake failed: [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:1056)
[7000060e6000] ERROR: An exception occurred during request: SSL handshake failed: [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:1056)
ERROR:radicale:An exception occurred during request: SSL handshake failed: [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:1056)
[7000060e6000] ERROR: An exception occurred during request: SSL handshake failed: [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:1056)
ERROR:radicale:An exception occurred during request: SSL handshake failed: [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:1056)
I've had a go at replicating them, but no luck.
@all I have the culprit identified:
My radicale.conf per original instruction contained a "rights" section like this
[rights]
type = radicale_storage_etesync.rights
The config of @odkr did not contain it! Without the "rights" section I can now create and delete in the web interface. With the "rights" section re-added I get the same errors again. Could reproduce that 100% stabily.
@idmyn please remove that section from your config file radicale.conf
@tasn Is radicale's "rights" section relevant for the proper functioning of etesync? Or can it be safely omitted? If yes, please make sure all instructional texts (readme, manpage, help texts, etc) do clearly state so!
Next step will be to test it in macOS Calendar and Contacts, but that will be on another day. Already happy that I overcame my first hurdle.
@porg Interesting!
I didn't have a [rights] section in my radicale.conf though, so I'm still stuck haha