CalDAV and CardDAV autoconfig

Thunderbird
#1

I’m using CalDAV and CardDAV provided by the cyrus imap server (version 3.4.5). It works great with Thunderbird.

Now I’m trying to setup auto configuration. The mail account configuration auto-configures just fine, I use a config-v1.1.xml file. The problem is the CalDAV and CardDAV auto-configuration.

I’ve setup a well know URI for CalDAV and CardDAV. When creating the account, if I look at the server logs, I can see the server being probed, however I have two problems:

  1. I get an authentication error because thunderbird is trying to use the complete mail address as the user name (I only use the email address part before the @ as user name);
  2. The URI used by cyrus is in the form: https:///dav/calendars/user/
    but I have no way to indicate the part on the well known URI.

In:

https://wiki.mozilla.org/Thunderbird:Autoconfiguration:ConfigFileFormat

It’s said that Thunderbird uses RFC 6764 to do CalDAV and CardDAV auto discovery but, reading the RFC I find no way to solve the two problems above.

Unfortunately config-v1.1.xml can’t be used to configure CalDAV and CardDVA, if it could be used my problem would be solved with something like this:

<calendar type="caldav">
    <username>%EMAILLOCALPART%</username>
    <authentication>http-basic</authentication>
    <serverURL>https://<host>/dav/calendars/user/%EMAILLOCALPART%<serverURL>
</calendar>

Any pointer on how to solve this problem?

Thank you!

/Helder

#2

Hi, hopefully I can help a little.

  1. It looks like, per the RFC, we should but aren’t required to try the local-part of the address as a user name if the full address fails, but it sounds like we don’t do that. This sounds like something we ought to implement. I’d appreciate it if you could file a bug on Bugzilla in the “Provider: CalDAV” component.
  2. Do you mean that you’ve set up a well-known URI but aren’t sure how to make it indicate the resource where cyrus is serving the calendar? Per https://www.rfc-editor.org/rfc/rfc6764#section-5, the well-known URI should redirect to the correct path.
#3

Hi!

About the first problem, that’s exactly it! I’ve worked around the problem from the cyrus side, by configuring it to accept the complete email address as username (I meant to update this post but never got around - sorry). However I will file a bug report. Here’s the bug report:

On the second problem, discourse ate the parts I had between < and > signs… I think I’ve escaped them with \ and they did appear on the preview but now they’re gone.

Anyway what I meant to say was:

The URI used by cyrus is in the form: https://<host>/dav/calendars/user/<myuser> but I have no way to indicate the <myuser> part on the well known URI.

This was a mistake on my part. Cyrus accepts the URI in the form https://<host>/dav/calendars/user/ without the username and Thunderbird negotiates its way until it has CalDAV and CardDAV configured.

The remaining problem I have is the CardDAV auto-configuration. If I try to manually add an address book it works great:

Add CardDAV Address Book

On the address book, I choose “Add CardDAV Address Book” using the well-known URI I am able to add the address book, the process goes like this:

  1. Insert username and the URI;
  2. Authenticate;
  3. Authenticate again (maybe Thunderbird should remember the auth credentials, no?);
  4. The address book is found, click “continue” and the address book is configured.

If we look at the cyrus log while doing this we get:

May  1 11:34:00 host cyrus/http[9837]: localhost [127.0.0.1] with "Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.10.1" via SESSIONID=<cyrus-1682937240-9837-1-16998625211162465167>; "PROPFIND /dav/addressbooks/user HTTP/1.1" (origin=https://host; depth=0) => "HTTP/1.1 401 Unauthorized" (error=Must authenticate to access the specified target) [timing: cmd=0.000621 net=0.000016 total=0.000637]
May  1 11:34:07 host cyrus/http[9832]: login: localhost [127.0.0.1] myuser Basic User logged in SESSIONID=<cyrus-1682937164-9832-1-15662988253688790517>
May  1 11:34:07 host cyrus/http[9832]: localhost [127.0.0.1] as "myuser" with "Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.10.1" via SESSIONID=<cyrus-1682937164-9832-1-15662988253688790517>; "PROPFIND /dav/addressbooks/user HTTP/1.1" (origin=https://host; auth=Basic; type=prop; depth=0) => "HTTP/1.1 207 Multi-Status" (tx-encoding=chunked; cnt-encoding=gzip) [timing: cmd=0.004505 net=0.000093 total=0.004598]
May  1 11:34:07 host cyrus/http[9832]: localhost [127.0.0.1] with "Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.10.1" via SESSIONID=<cyrus-1682937164-9832-1-15662988253688790517>; "PROPFIND /dav/principals/user/myuser/ HTTP/1.1" (origin=https://host; auth=Basic; depth=0) => "HTTP/1.1 401 Unauthorized" (error=Must authenticate to access the specified target) [timing: cmd=0.000535 net=0.000126 total=0.000661]
May  1 11:34:12 host cyrus/http[9832]: login: localhost [127.0.0.1] myuser Basic User logged in SESSIONID=<cyrus-1682937164-9832-1-15662988253688790517>
May  1 11:34:12 host cyrus/http[9832]: localhost [127.0.0.1] as "myuser" with "Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.10.1" via SESSIONID=<cyrus-1682937164-9832-1-15662988253688790517>; "PROPFIND /dav/principals/user/myuser/ HTTP/1.1" (origin=https://host; auth=Basic; type=prop; depth=0) => "HTTP/1.1 207 Multi-Status" (tx-encoding=chunked; cnt-encoding=gzip) [timing: cmd=0.006562 net=0.000115 total=0.006677]
May  1 11:34:12 host cyrus/http[9832]: login: localhost [127.0.0.1] myuser Basic User logged in SESSIONID=<cyrus-1682937164-9832-1-15662988253688790517>
May  1 11:34:12 host cyrus/http[9832]: localhost [127.0.0.1] as "myuser" with "Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.10.1" via SESSIONID=<cyrus-1682937164-9832-1-15662988253688790517>; "PROPFIND /dav/addressbooks/user/myuser/ HTTP/1.1" (origin=https://host; auth=Basic; type=prop; depth=1) => "HTTP/1.1 207 Multi-Status" (tx-encoding=chunked; cnt-encoding=gzip) [timing: cmd=0.006161 net=0.000127 total=0.006288]

Parsing this log we have:

  1. PROPFIND /dav/addressbooks/user → HTTP/1.1 401 Unauthorized
  2. Authenticate
  3. PROPFIND /dav/addressbooks/user → HTTP/1.1 207 Multi-Status
  4. PROPFIND /dav/principals/user/myuser/ → HTTP/1.1 401 Unauthorized
  5. Authenticate
  6. PROPFIND /dav/principals/user/myuser/ → HTTP/1.1 207 Multi-Status
  7. PROPFIND /dav/addressbooks/user/myuser/→ HTTP/1.1 207 Multi-Status

CardDAV auto-configuration

Now if I try the auto-configuration, the log on the cyrus side is:

May  1 11:52:59 host cyrus/http[10189]: localhost [127.0.0.1] with "Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.10.1" via SESSIONID=<cyrus-1682938379-10189-1-10509838640564374749>; "PROPFIND /dav/addressbooks/user HTTP/1.1" (origin=https://host1; depth=0) => "HTTP/1.1 401 Unauthorized" (error=Must authenticate to access the specified target) [timing: cmd=0.000412 net=0.000011 total=0.000423]
May  1 11:52:59 host cyrus/http[10189]: login: localhost [127.0.0.1] myuser Basic User logged in SESSIONID=<cyrus-1682938379-10189-1-10509838640564374749>
May  1 11:52:59 host cyrus/http[10189]: localhost [127.0.0.1] as "myuser" with "Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.10.1" via SESSIONID=<cyrus-1682938379-10189-1-10509838640564374749>; "PROPFIND /dav/addressbooks/user HTTP/1.1" (origin=https://host0; auth=Basic; type=prop; depth=0) => "HTTP/1.1 207 Multi-Status" (tx-encoding=chunked; cnt-encoding=gzip) [timing: cmd=0.008740 net=0.000029 total=0.008769]
May  1 11:53:00 host cyrus/http[10194]: localhost [127.0.0.1] with "Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.10.1" via SESSIONID=<cyrus-1682938380-10194-1-2616905796624467734>; "PROPFIND /dav/calendars/user HTTP/1.1" (origin=https://host1; depth=0) => "HTTP/1.1 401 Unauthorized" (error=Must authenticate to access the specified target) [timing: cmd=0.000390 net=0.000013 total=0.000403]
May  1 11:53:00 host cyrus/http[10194]: login: localhost [127.0.0.1] myuser Basic User logged in SESSIONID=<cyrus-1682938380-10194-1-2616905796624467734>
May  1 11:53:00 host cyrus/http[10194]: localhost [127.0.0.1] as "myuser" with "Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.10.1" via SESSIONID=<cyrus-1682938380-10194-1-2616905796624467734>; "PROPFIND /dav/calendars/user HTTP/1.1" (origin=https://host1; auth=Basic; type=prop; depth=0) => "HTTP/1.1 207 Multi-Status" (tx-encoding=chunked; cnt-encoding=gzip) [timing: cmd=0.009220 net=0.000080 total=0.009300]
May  1 11:53:00 host cyrus/http[10482]: localhost [127.0.0.1] with "Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.10.1" via SESSIONID=<cyrus-1682938380-10482-1-17730980932789859610>; "PROPFIND /dav/principals/user/myuser/ HTTP/1.1" (origin=https://host; depth=0) => "HTTP/1.1 401 Unauthorized" (error=Must authenticate to access the specified target) [timing: cmd=0.000619 net=0.000013 total=0.000632]
May  1 11:53:00 host cyrus/http[10482]: login: localhost [127.0.0.1] myuser Basic User logged in SESSIONID=<cyrus-1682938380-10482-1-17730980932789859610>
May  1 11:53:00 host cyrus/http[10482]: localhost [127.0.0.1] as "myuser" with "Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.10.1" via SESSIONID=<cyrus-1682938380-10482-1-17730980932789859610>; "PROPFIND /dav/principals/user/myuser/ HTTP/1.1" (origin=https://host; auth=Basic; type=prop; depth=0) => "HTTP/1.1 207 Multi-Status" (tx-encoding=chunked; cnt-encoding=gzip) [timing: cmd=0.007418 net=0.000029 total=0.007447]
May  1 11:53:01 host cyrus/http[10483]: localhost [127.0.0.1] with "Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.10.1" via SESSIONID=<cyrus-1682938381-10483-1-14909944397349242573>; "PROPFIND /dav/calendars/user/myuser/ HTTP/1.1" (origin=https://host; depth=1) => "HTTP/1.1 401 Unauthorized" (error=Must authenticate to access the specified target) [timing: cmd=0.000641 net=0.000016 total=0.000657]
May  1 11:53:01 host cyrus/http[10483]: login: localhost [127.0.0.1] myuser Basic User logged in SESSIONID=<cyrus-1682938381-10483-1-14909944397349242573>
May  1 11:53:01 host cyrus/http[10483]: localhost [127.0.0.1] as "myuser" with "Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.10.1" via SESSIONID=<cyrus-1682938381-10483-1-14909944397349242573>; "PROPFIND /dav/calendars/user/myuser/ HTTP/1.1" (origin=https://host; auth=Basic; type=prop; depth=1) => "HTTP/1.1 207 Multi-Status" (tx-encoding=chunked; cnt-encoding=gzip) [timing: cmd=0.007152 net=0.000021 total=0.007173]

We have:

  1. PROPFIND /dav/addressbooks/user → HTTP/1.1 401 Unauthorized
  2. Authenticate
  3. PROPFIND /dav/addressbooks/user → HTTP/1.1 207 Multi-Status
  4. PROPFIND /dav/calendars/user → HTTP/1.1 401 Unauthorized
  5. Authenticate
  6. PROPFIND /dav/calendars/user → HTTP/1.1 207 Multi-Status
  7. PROPFIND /dav/principals/user/myuser/ → HTTP/1.1 401 Unauthorized
  8. Authenticate
  9. PROPFIND /dav/principals/user/myuser/ → HTTP/1.1 207 Multi-Status
  10. PROPFIND /dav/calendars/user/myuser/ → HTTP/1.1 401 Unauthorized
  11. Authenticate
  12. PROPFIND /dav/calendars/user/myuser/ → HTTP/1.1 207 Multi-Status

The calendar conversation goes all the way to the end, I just have to click on “Connect” to have the calendar configured.

The discovery of address books fails.

For now I’m out of ideas on how to work around this.

Can this be a cyrus bug?