[SyncEvolution] Setup of SyncML to WebDAV synchronization bridge: Problem with SSLVerifyServer switch in configuration command
Helge Kraak
helge at kraak.info
Tue Aug 19 22:53:21 UTC 2014
Hello Patrick.
Am 18.08.2014 um 15:47 schrieb Patrick Ohly:
> Hello!
>
> To summarize the thread from earlier this year, there were three
> problems with using SabreDAV:
> 1. configuring with SSL verification turned off
> 2. actually finding the right URL for the address book collection
> 3. creating events (possibly related to not using the right URL)
thank you for this structured summary.
>
> On Mon, 2014-08-18 at 15:02 +0200, Helge Kraak wrote:
>> #######
>>
>>
>> When I apply as third command (no addressbook at the end of the
>> command)
>> syncevolution --configure SSLVerifyServer=False
>> --template SyncEvolution_Client --sync-property
>> remoteDeviceId=ST23K3J5I4JX username=admin
>> password=admin --source-property addressbook/uri=addressbook
>> sync=two-way Palm-TH55 at webdav
>>
>> IT RETURNS
>>
>>
>> [INFO] addressbook: okay
>> [INFO] calendar: looking for databases...
>> [INFO] calendar: backend failed: error code from SyncEvolution
>> authorization failed (remote, status 401): calendar: syncURL not
>> configured and username admin does not contain a domain
>> [INFO] memo: looking for databases...
>> [INFO] memo: backend failed: error code from SyncEvolution
>> authorization failed (remote, status 401): memo: syncURL not
>> configured and username admin does not contain a domain
>> [INFO] todo: looking for databases...
>> [INFO] todo: backend failed: error code from SyncEvolution
>> authorization failed (remote, status 401): todo: syncURL not
>> configured and username admin does not contain a domain
>>
>>
>> AND THE COMMAND
>> syncevolution --print-config -q @webdav addressbook
>>
>> RETURNS:
>>
>> "[addressbook]
>> backend = CardDAV
>> database =
>> https://localhost:443/sabredav/addressbookserver.php/addressbooks/admin/
>> # databaseFormat =
>> databaseUser = admin
>> databasePassword = admin"
>>
>> -> THIS IS THE SAME RESULT AS WITH THE FORMER SYNCEVOLUTION VERSION IN
>> JANUARY
>
> Looks okay. To get rid of the attempts to configure calendar/memo/todo,
> add "addressbook" after "Palm-TH55 at webdav".
Yes, I know.
>
>> ######
>>
>>
>> BUT I SEE A DIFFERENT RESULT HERE:
>> When I try your combined command (I have to
>> include SSLVerifyServer=False again to make it work)
>>
>> syncevolution --configure SSLVerifyServer=False \
>> --template SyncEvolution_Client \
>> remoteDeviceId=PN70M9J5V7JX username=admin password=admin \
>> sync=two-way \
>> databaseUser=admin \
>> databasePassword=admin \
>> backend=carddav \
>> database=https://localhost:443/sabredav/addressbookserver.php/addressbooks/admin/ \
>> Palm-TH55 at webdav addressbook
>>
>> IT RETURNS
>>
>> "[INFO] addressbook: looking for databases...
>> [INFO] addressbook: start database search at
>> https://localhost:443/sabredav/addressbookserver.php/addressbooks/admin/, from sync config 'palm-th55 at webdav', source config 'addressbook', database='https://localhost:443/sabredav/addressbookserver.php/addressbooks/admin/'
>> [INFO] addressbook: okay"
>>
>>
>> INSTEAD OF
>> "[INFO] addressbook: looking for databases...
>> [INFO] addressbook: no database to synchronize
>> [ERROR] addressbook: no database to synchronize"
>>
>>
>> WITH THE FORMER SYNCEVOLUTION VERSION IN JANUARY
>> AND FOR
>>
>> syncevolution --print-config -q @webdav addressbook
>>
>> IT RETURNS
>>
>> "[addressbook]
>> backend = CardDAV
>> database =
>> https://localhost:443/sabredav/addressbookserver.php/addressbooks/admin/
>> # databaseFormat =
>> databaseUser = admin
>> databasePassword = admin"
>
> Might be okay. I'm unsure whether
> "https://localhost:443/sabredav/addressbookserver.php/addressbooks/admin/" is the correct URL. It looks suitable to SyncEvolution, at least.
>
> Does this lead to a configuring that your phone can use?
In my Synthesis SyncML client I get the error message: DB not found (404).
Maybe important: Instead of "database=https://localhost:443/sabredav/addressbookserver.php/addressbooks/admin/"
I used "database=http://localhost:443/sabredav/addressbookserver.php/addressbooks/admin/ " for the config this time as I also didn't use https in the SyncML client (the SSL connection for the Syncevolution server doesn't work yet in my test server setup but the SSL for the Sabredav server works already). The client always was set up for no SSL connection before so it was a potential mistake to set up the syncevolution server with SSL database link. Nevertheless, both with SSL database link and no SSL database link the "database not found (404)" error comes up.
The Syncevolution server log is:
[INFO] syncevo-http: new SyncML session for IP-ADRESS xxx.xxx.xxx.xxx
[INFO] sync: /org/syncevolution/Session/3216342321408487742: calendar: inactive
[INFO] sync: /org/syncevolution/Session/3216342321408487742: memo: inactive
[INFO] sync: /org/syncevolution/Session/3216342321408487742: todo: inactive
[INFO] sync: /org/syncevolution/Session/3216342321408487742: using configured database=http://localhost/sabredav/addressbookserver.php/addressbooks/admin/
[INFO] sync: /org/syncevolution/Session/3216342321408487742: creating complete data backup after sync (enabled with dumpData and needed for printChanges)
[INFO] sync: /org/syncevolution/Session/3216342321408487742:
Synchronization successful.
[INFO] sync: /org/syncevolution/Session/3216342321408487742:
Changes applied during synchronization:
[INFO] sync: /org/syncevolution/Session/3216342321408487742: +---------------|-----------------------|-----------------------|-CON-+
| | LOCAL | REMOTE | FLI |
| Source | NEW | MOD | DEL | ERR | NEW | MOD | DEL | ERR | CTS |
+---------------+-----+-----+-----+-----+-----+-----+-----+-----+-----+
| addressbook | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
+---------------+-----+-----+-----+-----+-----+-----+-----+-----+-----+
| start Wed Aug 20 00:35:42 2014, duration 0:00min |
| synchronization completed successfully |
+---------------+-----+-----+-----+-----+-----+-----+-----+-----+-----+
[INFO] sync: /org/syncevolution/Session/3216342321408487742:
[INFO] syncevo-http: new SyncML session for xxx.xxx.xxx.xxx
[INFO] syncevo-dbus-server: /org/syncevolution/Server: matched deviceID PN70M9J5V7JX against config palm-th55 at webdav (/root/.config/syncevolution/webdav/peers/palm-th55)
[INFO] sync: /org/syncevolution/Session/5646258561408487743: calendar: inactive
[INFO] sync: /org/syncevolution/Session/5646258561408487743: memo: inactive
[INFO] sync: /org/syncevolution/Session/5646258561408487743: todo: inactive
[INFO] sync: /org/syncevolution/Session/5646258561408487743: using configured database=http://localhost/sabredav/addressbookserver.php/addressbooks/admin/
>
>> ###########
>>
>>
>> FOLLOWING YOUR ADVICES FROM YOUR EMAIL FROM JANUARY 22, 2014 I
>> REPEATED THE COMMAND ABOVE WITH ADJUSTED DATABASE SETTINGS:
>>
>>
>> 1. VARIANT:
>>
>>
>> https://localhost:443/sabredav/addressbookserver.php/addressbooks/
>> INSTEAD OF
>> https://localhost:443/sabredav/addressbookserver.php/addressbooks/admin/
>> syncevolution --configure SSLVerifyServer=False \
>> --template SyncEvolution_Client \
>> remoteDeviceId=PN70M9J5V7JX username=admin password=admin \
>> sync=two-way \
>> databaseUser=admin \
>> databasePassword=admin \
>> backend=carddav \
>> database=https://localhost:443/sabredav/addressbookserver.php/addressbooks/ \
>> Palm-TH55 at webdav addressbook
>>
>> RETURNS
>>
>> "[INFO] addressbook: looking for databases...
>> [INFO] addressbook: start database search at
>> https://localhost:443/sabredav/addressbookserver.php/addressbooks/,
>> from sync config 'palm-th55 at webdav', source config 'addressbook',
>> database='https://localhost:443/sabredav/addressbookserver.php/addressbooks/'
>> [INFO] addressbook: okay"
>>
>>
>> AND
>> syncevolution --print-config -q @webdav addressbook
>>
>> RETURNS
>>
>>
>> "[addressbook]
>> backend = CardDAV
>> database =
>> https://localhost:443/sabredav/addressbookserver.php/addressbooks/
>> # databaseFormat =
>> databaseUser = admin
>> databasePassword = admin"
>
> This looks wrong. I doubt that the parent collection really is an
> address book collection.
>
> Can you run "SYNCEVOLUTION_DEBUG=1 syncevolution --daemon=no
> --print-databases backend=carddav SSLVerifyServer=False
> syncURL=https://localhost:443/sabredav/addressbookserver.php/addressbooks/ username=admin password=admin" and attach the output?
>
> I want to see what SabreDAV says about the content of this collection.
>
This is the output for this first configuration variant:
[DEBUG 00:00:00] using username 'admin' from source context for WebDAV, password was set
[DEBUG 00:00:00] using plain username/password for admin
[DEBUG 00:00:00] timout 300s, retry 5s => resending allowed
[DEBUG 00:00:00] client cert is missing
[INFO 00:00:00] start database search at https://localhost:443/sabredav/addressbookserver.php/addressbooks/, from sync config '@default', syncURL='https://localhost:443/sabredav/addressbookserver.php/addressbooks/'
[DEBUG 00:00:00] testing https://localhost:443/sabredav/addressbookserver.php/addressbooks/
[DEBUG 00:00:00] debugging: read all WebDAV properties of https://localhost:443/sabredav/addressbookserver.php/addressbooks/
[DEBUG 00:00:00] starting PROPFIND, credentials unverified, no deadline
[DEBUG 00:00:00] https://localhost:443/sabredav/addressbookserver.php/addressbooks/: SSL verification problem: hostname mismatch, untrusted certificate
[DEBUG 00:00:00] ignoring bad certificate
[DEBUG 00:00:01] retry request with credentials
[DEBUG 00:00:01] credentials accepted
[DEBUG 00:00:01] read relevant properties of https://localhost:443/sabredav/addressbookserver.php/addressbooks/
[DEBUG 00:00:01] starting PROPFIND, credentials okay, deadline in 298.6s
[DEBUG 00:00:01] forced sending credentials
[DEBUG 00:00:01] credentials accepted
[DEBUG 00:00:01] follow current-user-prinicipal to https://localhost:443/sabredav/addressbookserver.php/principals/admin/
[DEBUG 00:00:01] skipping listing because we don't know whether collection contains relevant collections: https://localhost:443/sabredav/addressbookserver.php/addressbooks/
[DEBUG 00:00:01] testing https://localhost:443/sabredav/addressbookserver.php/principals/admin/
[DEBUG 00:00:01] debugging: read all WebDAV properties of https://localhost:443/sabredav/addressbookserver.php/principals/admin/
[DEBUG 00:00:01] starting PROPFIND, credentials okay, no deadline
[DEBUG 00:00:01] read relevant properties of https://localhost:443/sabredav/addressbookserver.php/principals/admin/
[DEBUG 00:00:01] starting PROPFIND, credentials okay, deadline in 298.5s
[DEBUG 00:00:01] forced sending credentials
[DEBUG 00:00:01] credentials accepted
[DEBUG 00:00:01] follow home-set property to https://localhost:443/sabredav/addressbookserver.php/addressbooks/admin/
[DEBUG 00:00:01] testing https://localhost:443/sabredav/addressbookserver.php/addressbooks/admin/
[DEBUG 00:00:01] debugging: read all WebDAV properties of https://localhost:443/sabredav/addressbookserver.php/addressbooks/admin/
[DEBUG 00:00:01] starting PROPFIND, credentials okay, no deadline
[DEBUG 00:00:01] read relevant properties of https://localhost:443/sabredav/addressbookserver.php/addressbooks/admin/
[DEBUG 00:00:01] starting PROPFIND, credentials okay, deadline in 298.5s
[DEBUG 00:00:01] forced sending credentials
[DEBUG 00:00:01] credentials accepted
[DEBUG 00:00:01] list items in https://localhost:443/sabredav/addressbookserver.php/addressbooks/admin/
[DEBUG 00:00:01] starting PROPFIND, credentials okay, deadline in 298.5s
[DEBUG 00:00:01] skipping because already checked: /sabredav/addressbookserver.php/addressbooks/admin/
[DEBUG 00:00:01] new sub candidate: /sabredav/addressbookserver.php/addressbooks/admin/default/
[DEBUG 00:00:01] follow candidate https://localhost:443/sabredav/addressbookserver.php/addressbooks/admin/default/
[DEBUG 00:00:01] testing https://localhost:443/sabredav/addressbookserver.php/addressbooks/admin/default/
[DEBUG 00:00:01] debugging: read all WebDAV properties of https://localhost:443/sabredav/addressbookserver.php/addressbooks/admin/default/
[DEBUG 00:00:01] starting PROPFIND, credentials okay, no deadline
[DEBUG 00:00:01] read relevant properties of https://localhost:443/sabredav/addressbookserver.php/addressbooks/admin/default/
[DEBUG 00:00:01] starting PROPFIND, credentials okay, deadline in 298.4s
[DEBUG 00:00:01] forced sending credentials
[DEBUG 00:00:01] credentials accepted
[DEBUG 00:00:01] current-user-privilege-set: <DAV:privilege xmlns:d='DAV:'><DAV:write></DAV:write></DAV:privilege><DAV:privilege xmlns:d='DAV:'><DAV:write-acl></DAV:write-acl></DAV:privilege><DAV:privilege xmlns:d='DAV:'><DAV:write-properties></DAV:write-properties></DAV:privilege><DAV:privilege xmlns:d='DAV:'><DAV:write-content></DAV:write-content></DAV:privilege><DAV:privilege xmlns:d='DAV:'><DAV:bind></DAV:bind></DAV:privilege><DAV:privilege xmlns:d='DAV:'><DAV:unbind></DAV:unbind></DAV:privilege><DAV:privilege xmlns:d='DAV:'><DAV:unlock></DAV:unlock></DAV:privilege><DAV:privilege xmlns:d='DAV:'><DAV:read></DAV:read></DAV:privilege><DAV:privilege xmlns:d='DAV:'><DAV:read-acl></DAV:read-acl></DAV:privilege><DAV:privilege xmlns:d='DAV:'><DAV:read-current-user-privilege-set></DAV:read-current-user-privilege-set></DAV:privilege>
[DEBUG 00:00:01] found admin_addressbook = https://localhost:443/sabredav/addressbookserver.php/addressbooks/admin/default/
[DEBUG 00:00:01] skipping listing because collection cannot contain other relevant collections: https://localhost:443/sabredav/addressbookserver.php/addressbooks/admin/default/
carddav:
admin_addressbook (https://localhost:443/sabredav/addressbookserver.php/addressbooks/admin/default/) <default>
>> #####
>>
>>
>> 2. VARIANT:
>>
>>
>> https://localhost:443/sabredav/addressbookserver.php/
>> INSTEAD OF
>> https://localhost:443/sabredav/addressbookserver.php/addressbooks/admin/
>> syncevolution --configure SSLVerifyServer=False \
>> --template SyncEvolution_Client \
>> remoteDeviceId=PN70M9J5V7JX username=admin password=admin \
>> sync=two-way \
>> databaseUser=admin \
>> databasePassword=admin \
>> backend=carddav \
>> database=https://localhost:443/sabredav/addressbookserver.php/ \
>> Palm-TH55 at webdav addressbook
>>
>> RETURNS
>>
>> "[INFO] addressbook: looking for databases...
>> [INFO] addressbook: start database search at
>> https://localhost:443/sabredav/addressbookserver.php/, from sync
>> config 'palm-th55 at webdav', source config 'addressbook',
>> database='https://localhost:443/sabredav/addressbookserver.php/'
>> [INFO] addressbook: okay"
>>
>>
>> AND
>> syncevolution --print-config -q @webdav addressbook
>>
>> RETURNS
>>
>>
>> "[addressbook]
>> backend = CardDAV
>> database = https://localhost:443/sabredav/addressbookserver.php/
>> # databaseFormat =
>> databaseUser = admin
>> databasePassword = admin"
>
> Same here.
For the second configuration variant I assumed that I was supposed to use
"SYNCEVOLUTION_DEBUG=1 syncevolution --daemon=no
--print-databases backend=carddav SSLVerifyServer=False
syncURL=https://localhost:443/sabredav/addressbookserver.php/ username=admin password=admin"
INSTEAD OF
"SYNCEVOLUTION_DEBUG=1 syncevolution --daemon=no
--print-databases backend=carddav SSLVerifyServer=False
syncURL=https://localhost:443/sabredav/addressbookserver.php/addressbooks/ username=admin password=admin"
So the output using
syncURL=https://localhost:443/sabredav/addressbookserver.php/
for this second configuration variant is:
[DEBUG 00:00:00] using username 'admin' from source context for WebDAV, password was set
[DEBUG 00:00:00] using plain username/password for admin
[DEBUG 00:00:00] timout 300s, retry 5s => resending allowed
[DEBUG 00:00:00] client cert is missing
[INFO 00:00:00] start database search at https://localhost:443/sabredav/addressbookserver.php/, from sync config '@default', syncURL='https://localhost:443/sabredav/addressbookserver.php/'
[DEBUG 00:00:00] testing https://localhost:443/sabredav/addressbookserver.php/
[DEBUG 00:00:00] debugging: read all WebDAV properties of https://localhost:443/sabredav/addressbookserver.php/
[DEBUG 00:00:00] starting PROPFIND, credentials unverified, no deadline
[DEBUG 00:00:00] https://localhost:443/sabredav/addressbookserver.php/: SSL verification problem: hostname mismatch, untrusted certificate
[DEBUG 00:00:00] ignoring bad certificate
[DEBUG 00:00:00] retry request with credentials
[DEBUG 00:00:00] credentials accepted
[DEBUG 00:00:00] read relevant properties of https://localhost:443/sabredav/addressbookserver.php/
[DEBUG 00:00:00] starting PROPFIND, credentials okay, deadline in 299.9s
[DEBUG 00:00:00] forced sending credentials
[DEBUG 00:00:00] credentials accepted
[DEBUG 00:00:00] follow current-user-prinicipal to https://localhost:443/sabredav/addressbookserver.php/principals/admin/
[DEBUG 00:00:00] skipping listing because we don't know whether collection contains relevant collections: https://localhost:443/sabredav/addressbookserver.php/
[DEBUG 00:00:00] testing https://localhost:443/sabredav/addressbookserver.php/principals/admin/
[DEBUG 00:00:00] debugging: read all WebDAV properties of https://localhost:443/sabredav/addressbookserver.php/principals/admin/
[DEBUG 00:00:00] starting PROPFIND, credentials okay, no deadline
[DEBUG 00:00:00] read relevant properties of https://localhost:443/sabredav/addressbookserver.php/principals/admin/
[DEBUG 00:00:00] starting PROPFIND, credentials okay, deadline in 299.8s
[DEBUG 00:00:00] forced sending credentials
[DEBUG 00:00:00] credentials accepted
[DEBUG 00:00:00] follow home-set property to https://localhost:443/sabredav/addressbookserver.php/addressbooks/admin/
[DEBUG 00:00:00] testing https://localhost:443/sabredav/addressbookserver.php/addressbooks/admin/
[DEBUG 00:00:00] debugging: read all WebDAV properties of https://localhost:443/sabredav/addressbookserver.php/addressbooks/admin/
[DEBUG 00:00:00] starting PROPFIND, credentials okay, no deadline
[DEBUG 00:00:00] read relevant properties of https://localhost:443/sabredav/addressbookserver.php/addressbooks/admin/
[DEBUG 00:00:00] starting PROPFIND, credentials okay, deadline in 299.8s
[DEBUG 00:00:00] forced sending credentials
[DEBUG 00:00:00] credentials accepted
[DEBUG 00:00:00] list items in https://localhost:443/sabredav/addressbookserver.php/addressbooks/admin/
[DEBUG 00:00:00] starting PROPFIND, credentials okay, deadline in 299.8s
[DEBUG 00:00:00] skipping because already checked: /sabredav/addressbookserver.php/addressbooks/admin/
[DEBUG 00:00:00] new sub candidate: /sabredav/addressbookserver.php/addressbooks/admin/default/
[DEBUG 00:00:00] follow candidate https://localhost:443/sabredav/addressbookserver.php/addressbooks/admin/default/
[DEBUG 00:00:00] testing https://localhost:443/sabredav/addressbookserver.php/addressbooks/admin/default/
[DEBUG 00:00:00] debugging: read all WebDAV properties of https://localhost:443/sabredav/addressbookserver.php/addressbooks/admin/default/
[DEBUG 00:00:00] starting PROPFIND, credentials okay, no deadline
[DEBUG 00:00:00] read relevant properties of https://localhost:443/sabredav/addressbookserver.php/addressbooks/admin/default/
[DEBUG 00:00:00] starting PROPFIND, credentials okay, deadline in 299.7s
[DEBUG 00:00:00] forced sending credentials
[DEBUG 00:00:00] credentials accepted
[DEBUG 00:00:00] current-user-privilege-set: <DAV:privilege xmlns:d='DAV:'><DAV:write></DAV:write></DAV:privilege><DAV:privilege xmlns:d='DAV:'><DAV:write-acl></DAV:write-acl></DAV:privilege><DAV:privilege xmlns:d='DAV:'><DAV:write-properties></DAV:write-properties></DAV:privilege><DAV:privilege xmlns:d='DAV:'><DAV:write-content></DAV:write-content></DAV:privilege><DAV:privilege xmlns:d='DAV:'><DAV:bind></DAV:bind></DAV:privilege><DAV:privilege xmlns:d='DAV:'><DAV:unbind></DAV:unbind></DAV:privilege><DAV:privilege xmlns:d='DAV:'><DAV:unlock></DAV:unlock></DAV:privilege><DAV:privilege xmlns:d='DAV:'><DAV:read></DAV:read></DAV:privilege><DAV:privilege xmlns:d='DAV:'><DAV:read-acl></DAV:read-acl></DAV:privilege><DAV:privilege xmlns:d='DAV:'><DAV:read-current-user-privilege-set></DAV:read-current-user-privilege-set></DAV:privilege>
[DEBUG 00:00:00] found admin_addressbook = https://localhost:443/sabredav/addressbookserver.php/addressbooks/admin/default/
[DEBUG 00:00:00] skipping listing because collection cannot contain other relevant collections: https://localhost:443/sabredav/addressbookserver.php/addressbooks/admin/default/
carddav:
admin_addressbook (https://localhost:443/sabredav/addressbookserver.php/addressbooks/admin/default/) <default>
Thank you.
Helge
>
> --
> Best Regards, Patrick Ohly
>
> The content of this message is my personal opinion only and although
> I am an employee of Intel, the statements I make here in no way
> represent Intel's position on the issue, nor am I authorized to speak
> on behalf of Intel on this matter.
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/syncevolution/attachments/20140820/3db9f8c6/attachment.htm>
More information about the SyncEvolution
mailing list