REPORT request on CalDAV (SabreDAV) server via php_curl answers with 500

Question

If have set up an SabreDAV CalDAV-server with digest authorization. Everythings working fine when I access the calender via iPhone, Outlook/CalDavSychronizer, Thunderbird/Lightning...

Now I habe tried to access the calender via php with php_curl:

<?php

$url = "http://servername/calendars/user/calendar1/";
$username = "username";
$password = "password";
$calStart = gmdate("Ymd\THis\Z");
$calEnd = gmdate("Ymd\THis\Z", strtotime("+4 weeks"));


$postdata = '<C:calendar-query xmlns:C="urn:ietf:params:xml:ns:caldav">
   <D:prop xmlnx:D="DAV:">
   <C:calendar-data>
     <C:expand start="'.$calStart.'"
               end="'.$calEnd.'"/>
   </C:calendar-data>
 </D:prop>
 <C:filter>
   <C:comp-filter name="VCALENDAR">
     <C:comp-filter name="VEVENT">
       <C:time-range start="'.$calStart.'"
                     end="'.$calEnd.'"/>
     </C:comp-filter>
   </C:comp-filter>
 </C:filter>
</C:calendar-query>';


$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_PROTOCOLS, CURLPROTO_HTTP);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($curl, CURLOPT_CUSTOMREQUEST, 'REPORT');
curl_setopt($curl, CURLOPT_HTTPHEADER, array('Depth: 1', 'Content-Type: text/xml; charset=utf-8', 'Content-Length: '.strlen($postdata)));
curl_setopt($curl, CURLOPT_USERPWD , $username.':'.$password);
curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_DIGEST);
curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata);


$raw_response = curl_exec($curl);
curl_close($curl);

echo "raw response: " . $raw_response;

?>

But the answer is always:

<?xml version="1.0" encoding="utf-8"?>
<d:error xmlns:d="DAV:" xmlns:s="http://sabredav.org/ns">
  <s:sabredav-version>3.2.2</s:sabredav-version>
  <s:exception>ErrorException</s:exception>
  <s:message>XMLReader::XML(): Empty string supplied as input</s:message>
</d:error>

Apache access log:

xxx.xxx.xxx.xxx - - [24/Apr/2017:21:21:43 +0200] "REPORT /calendars/user/calendar1/ HTTP/1.1" 500 275 "-" "-"

Apache error log:

[Mon Apr 24 21:44:16.824217 2017] [http:trace3] [pid 10895] http_filters.c(1087): [client yyy.yyy.yyy.yyy:60834] Response sent with status 500, headers:
[Mon Apr 24 21:44:16.824228 2017] [http:trace5] [pid 10895] http_filters.c(1094): [client yyy.yyy.yyy.yyy:60834]   Date: Mon, 24 Apr 2017 19:44:16 GMT
[Mon Apr 24 21:44:16.824233 2017] [http:trace5] [pid 10895] http_filters.c(1097): [client yyy.yyy.yyy.yyy:60834]   Server: Apache
[Mon Apr 24 21:44:16.824236 2017] [http:trace4] [pid 10895] http_filters.c(916): [client yyy.yyy.yyy.yyy:60834]   X-Sabre-Version: 3.2.2
[Mon Apr 24 21:44:16.824239 2017] [http:trace4] [pid 10895] http_filters.c(916): [client yyy.yyy.yyy.yyy:60834]   Content-Length: 275
[Mon Apr 24 21:44:16.824254 2017] [http:trace4] [pid 10895] http_filters.c(916): [client yyy.yyy.yyy.yyy:60834]   Connection: close
[Mon Apr 24 21:44:16.824257 2017] [http:trace4] [pid 10895] http_filters.c(916): [client yyy.yyy.yyy.yyy:60834]   Content-Type: application/xml; charset=utf-8

Any idea where the problem is? Thanks...

Edit from 2017/04/27:

I think I have curtailed the problem a litte bit. It deals with the digest authorization. The expected behavoir is:

Curl sends the headers of the request.
The response ist 401 with `WWW-Authenticate` and `Authorization`.
Curl sends the complete request (including body) with the correct authorization params.

This works fine for every request (GET, PROPFIND, ...) except of REPORT...

Log including REPORT request:

[Thu Apr 27 20:53:08.964878 2017] Headers received from client:
[Thu Apr 27 20:53:08.964924 2017]   Host: servername
[Thu Apr 27 20:53:08.964929 2017]   Accept: */*
[Thu Apr 27 20:53:08.964933 2017]   Depth: 1
[Thu Apr 27 20:53:08.964937 2017]   Content-Type: text/xml; charset=utf-8
[Thu Apr 27 20:53:08.969111 2017]  Response sent with status 500, headers:
[Thu Apr 27 20:53:08.969123 2017]    Date: Thu, 27 Apr 2017 18:53:08 GMT
[Thu Apr 27 20:53:08.969126 2017]    Server: Apache
[Thu Apr 27 20:53:08.969130 2017]   X-Sabre-Version: 3.2.2
[Thu Apr 27 20:53:08.969133 2017]   Content-Length: 275
[Thu Apr 27 20:53:08.969135 2017]   Connection: close
[Thu Apr 27 20:53:08.969138 2017]   Content-Type: application/xml; charset=utf-8

Log including PROPFIND request (the final 400 is correct... if have used the REPORT payload for testing PROPFIND...):

[Thu Apr 27 20:41:27.445149 2017] Headers received from client:
[Thu Apr 27 20:41:27.445177 2017]   Host: servername
[Thu Apr 27 20:41:27.445180 2017]   Accept: */*
[Thu Apr 27 20:41:27.445183 2017]   Depth: 1
[Thu Apr 27 20:41:27.445186 2017]   Content-Type: text/xml; charset=utf-8
[Thu Apr 27 20:41:27.451752 2017]  Response sent with status 401, headers:
[Thu Apr 27 20:41:27.451763 2017]    Date: Thu, 27 Apr 2017 18:41:27 GMT
[Thu Apr 27 20:41:27.451766 2017]    Server: Apache
[Thu Apr 27 20:41:27.451769 2017]   X-Sabre-Version: 3.2.2
[Thu Apr 27 20:41:27.451772 2017]   Vary: Brief,Prefer
[Thu Apr 27 20:41:27.451775 2017]   DAV: 1, 3, extended-mkcol, access-control, calendarserver-principal-property-search, calendar-access, calendar-proxy, calendarserver-subscribed, calendar-auto-schedule, calendar-availability, resource-sharing, calendarserver-sharing
[Thu Apr 27 20:41:27.451778 2017]   WWW-Authenticate: Digest realm=\\"realm\\",qop=\\"auth\\",nonce=\\"59023b576e21c\\",opaque=\\"df58bdff8cf60599c939187d0b5c54de\\"
[Thu Apr 27 20:41:27.451781 2017]   Content-Length: 432
[Thu Apr 27 20:41:27.451784 2017]   Content-Type: application/xml; charset=utf-8
[Thu Apr 27 20:41:27.452122 2017] Headers received from client:
[Thu Apr 27 20:41:27.452129 2017]   Authorization: Digest username=\\"username\\", realm=\\"realm\\", nonce=\\"59023b576e21c\\", uri=\\"/calendars/user/calendar1/\\", cnonce=\\"MGNmM2VlNzlkYzcwZDA2ZTMzOTk5N2VjMzI3MjA0NzI=\\", nc=00000001, qop=auth, response=\\"7715ae276bf6dceb656e555ab89ed72c\\", opaque=\\"df58bdff8cf60599c939187d0b5c54de\\"
[Thu Apr 27 20:41:27.452140 2017]   Host: servername
[Thu Apr 27 20:41:27.452144 2017]   Accept: */*
[Thu Apr 27 20:41:27.452146 2017]   Depth: 1
[Thu Apr 27 20:41:27.452149 2017]   Content-Type: text/xml; charset=utf-8
[Thu Apr 27 20:41:27.452152 2017]   Content-Length: 380
[Thu Apr 27 20:41:27.454866 2017]  Response sent with status 400, headers:
[Thu Apr 27 20:41:27.454876 2017]    Date: Thu, 27 Apr 2017 18:41:27 GMT
[Thu Apr 27 20:41:27.454883 2017]    Server: Apache
[Thu Apr 27 20:41:27.454886 2017]   X-Sabre-Version: 3.2.2
[Thu Apr 27 20:41:27.454889 2017]   Content-Length: 316
[Thu Apr 27 20:41:27.454892 2017]   Connection: close
[Thu Apr 27 20:41:27.454894 2017]   Content-Type: application/xml; charset=utf-8
[Thu Apr 27 20:37:41.739309 2017]  Response sent with status 400, headers:
[Thu Apr 27 20:37:41.739321 2017]    Date: Thu, 27 Apr 2017 18:37:41 GMT
[Thu Apr 27 20:37:41.739324 2017]    Server: Apache
[Thu Apr 27 20:37:41.739328 2017]   X-Sabre-Version: 3.2.2
[Thu Apr 27 20:37:41.739330 2017]   Content-Length: 316
[Thu Apr 27 20:37:41.739333 2017]   Connection: close
[Thu Apr 27 20:37:41.739336 2017]   Content-Type: application/xml; charset=utf-8

It looks like a bug to me. But where? Is it curl or SabreDAV?

You probably want to provide the actual request instead of your code. — Arnaud Quillaud, Apr 25 '17 at 08:07

REPORT request on CalDAV (SabreDAV) server via php_curl answers with 500

0 Answers0