From 4678612194ee866bfda6f0fcf893a4f4be119796 Mon Sep 17 00:00:00 2001 From: Peter Bieringer Date: Wed, 29 May 2024 06:07:36 +0200 Subject: [PATCH 1/9] add option to log bad PUT request content --- config | 3 +++ radicale/app/__init__.py | 1 + radicale/app/put.py | 2 ++ radicale/config.py | 4 ++++ 4 files changed, 10 insertions(+) diff --git a/config b/config index 4cab70c6..743bc93e 100644 --- a/config +++ b/config @@ -120,6 +120,9 @@ # Don't include passwords in logs #mask_passwords = True +# Log bad PUT request content +#bad_put_request_content = False + [headers] diff --git a/radicale/app/__init__.py b/radicale/app/__init__.py index 37ab6a5e..21837b9c 100644 --- a/radicale/app/__init__.py +++ b/radicale/app/__init__.py @@ -80,6 +80,7 @@ class Application(ApplicationPartDelete, ApplicationPartHead, """ super().__init__(configuration) self._mask_passwords = configuration.get("logging", "mask_passwords") + self._bad_put_request_content = configuration.get("logging", "bad_put_request_content") self._auth_delay = configuration.get("auth", "delay") self._internal_server = configuration.get("server", "_internal_server") self._max_content_length = configuration.get( diff --git a/radicale/app/put.py b/radicale/app/put.py index ec433db2..fd52865d 100644 --- a/radicale/app/put.py +++ b/radicale/app/put.py @@ -146,6 +146,8 @@ class ApplicationPartPut(ApplicationBase): except Exception as e: logger.warning( "Bad PUT request on %r (read_components): %s", path, e, exc_info=True) + if self._bad_put_request_content: + logger.warning("Bad PUT request content of %r:\n%s", path, content) return httputils.BAD_REQUEST (prepared_items, prepared_tag, prepared_write_whole_collection, prepared_props, prepared_exc_info) = prepare( diff --git a/radicale/config.py b/radicale/config.py index b1aa9bf6..eab4c869 100644 --- a/radicale/config.py +++ b/radicale/config.py @@ -247,6 +247,10 @@ DEFAULT_CONFIG_SCHEMA: types.CONFIG_SCHEMA = OrderedDict([ "value": "info", "help": "threshold for the logger", "type": logging_level}), + ("bad_put_request_content", { + "value": "False", + "help": "log bad PUT request content", + "type": bool}), ("mask_passwords", { "value": "True", "help": "mask passwords in logs", From 2c0da6f37c19987c4d7fae9b86b69671da2024c4 Mon Sep 17 00:00:00 2001 From: Peter Bieringer Date: Wed, 29 May 2024 06:08:04 +0200 Subject: [PATCH 2/9] extend copyright --- radicale/app/__init__.py | 1 + radicale/app/put.py | 1 + radicale/config.py | 1 + 3 files changed, 3 insertions(+) diff --git a/radicale/app/__init__.py b/radicale/app/__init__.py index 21837b9c..27465794 100644 --- a/radicale/app/__init__.py +++ b/radicale/app/__init__.py @@ -3,6 +3,7 @@ # Copyright © 2008 Pascal Halter # Copyright © 2008-2017 Guillaume Ayoub # Copyright © 2017-2019 Unrud +# Copyright © 2024-2024 Peter Bieringer # # This library is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by diff --git a/radicale/app/put.py b/radicale/app/put.py index fd52865d..1666bd29 100644 --- a/radicale/app/put.py +++ b/radicale/app/put.py @@ -3,6 +3,7 @@ # Copyright © 2008 Pascal Halter # Copyright © 2008-2017 Guillaume Ayoub # Copyright © 2017-2018 Unrud +# Copyright © 2024-2024 Peter Bieringer # # This library is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by diff --git a/radicale/config.py b/radicale/config.py index eab4c869..4cf3e2ce 100644 --- a/radicale/config.py +++ b/radicale/config.py @@ -3,6 +3,7 @@ # Copyright © 2008 Nicolas Kandel # Copyright © 2008 Pascal Halter # Copyright © 2017-2019 Unrud +# Copyright © 2024-2024 Peter Bieringer # # This library is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by From 496b9f1d7c511f2bcf628c391c53996c7a30ce2f Mon Sep 17 00:00:00 2001 From: Peter Bieringer Date: Wed, 29 May 2024 06:18:35 +0200 Subject: [PATCH 3/9] extend copyright --- radicale/app/base.py | 1 + 1 file changed, 1 insertion(+) diff --git a/radicale/app/base.py b/radicale/app/base.py index e946bffc..e9693d25 100644 --- a/radicale/app/base.py +++ b/radicale/app/base.py @@ -1,5 +1,6 @@ # This file is part of Radicale - CalDAV and CardDAV server # Copyright © 2020 Unrud +# Copyright © 2024-2024 Peter Bieringer # # This library is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by From fb7630f9ebf75345b3614395b65a3ef420643d41 Mon Sep 17 00:00:00 2001 From: Peter Bieringer Date: Wed, 29 May 2024 06:19:00 +0200 Subject: [PATCH 4/9] fix/adjustment reported by test --- radicale/app/base.py | 1 + radicale/app/put.py | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/radicale/app/base.py b/radicale/app/base.py index e9693d25..55e8e191 100644 --- a/radicale/app/base.py +++ b/radicale/app/base.py @@ -49,6 +49,7 @@ class ApplicationBase: self._rights = rights.load(configuration) self._web = web.load(configuration) self._encoding = configuration.get("encoding", "request") + self._log_bad_put_request_content = configuration.get("logging", "bad_put_request_content") self._hook = hook.load(configuration) def _read_xml_request_body(self, environ: types.WSGIEnviron diff --git a/radicale/app/put.py b/radicale/app/put.py index 1666bd29..d013c5d5 100644 --- a/radicale/app/put.py +++ b/radicale/app/put.py @@ -147,7 +147,7 @@ class ApplicationPartPut(ApplicationBase): except Exception as e: logger.warning( "Bad PUT request on %r (read_components): %s", path, e, exc_info=True) - if self._bad_put_request_content: + if self._log_bad_put_request_content: logger.warning("Bad PUT request content of %r:\n%s", path, content) return httputils.BAD_REQUEST (prepared_items, prepared_tag, prepared_write_whole_collection, From d1e01aadb5df9594a0f6f073809187fe51ca07a0 Mon Sep 17 00:00:00 2001 From: Peter Bieringer Date: Wed, 29 May 2024 21:39:22 +0200 Subject: [PATCH 5/9] Update test.yml, downgrade setup-python @v5 -> @v4 try to fix https://github.com/Kozea/Radicale/issues/1503 --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 12f28633..cdfa8754 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -15,7 +15,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - uses: actions/checkout@v4 - - uses: actions/setup-python@v5 + - uses: actions/setup-python@v4 with: python-version: ${{ matrix.python-version }} - name: Install Test dependencies From 86a69b431acd939404a5d9365103cdd57d20be77 Mon Sep 17 00:00:00 2001 From: Peter Bieringer Date: Wed, 29 May 2024 21:39:22 +0200 Subject: [PATCH 6/9] Update test.yml, downgrade setup-python @v5 -> @v4 try to fix https://github.com/Kozea/Radicale/issues/1503 --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 12f28633..cdfa8754 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -15,7 +15,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - uses: actions/checkout@v4 - - uses: actions/setup-python@v5 + - uses: actions/setup-python@v4 with: python-version: ${{ matrix.python-version }} - name: Install Test dependencies From 2a35d349b8605131936a896b8641c7c7b44b87da Mon Sep 17 00:00:00 2001 From: Peter Bieringer Date: Wed, 29 May 2024 21:47:39 +0200 Subject: [PATCH 7/9] Update test.yml, back to v5, more local tests are required --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index cdfa8754..12f28633 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -15,7 +15,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - uses: actions/checkout@v4 - - uses: actions/setup-python@v4 + - uses: actions/setup-python@v5 with: python-version: ${{ matrix.python-version }} - name: Install Test dependencies From b1ae3edea89d9d738ed28f95d248b562dbd3914c Mon Sep 17 00:00:00 2001 From: Peter Bieringer Date: Wed, 29 May 2024 21:47:39 +0200 Subject: [PATCH 8/9] Update test.yml, back to v5, more local tests are required --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index cdfa8754..12f28633 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -15,7 +15,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - uses: actions/checkout@v4 - - uses: actions/setup-python@v4 + - uses: actions/setup-python@v5 with: python-version: ${{ matrix.python-version }} - name: Install Test dependencies From c6d01b78746340fa780c965ca3076fc91165859e Mon Sep 17 00:00:00 2001 From: Peter Bieringer Date: Wed, 29 May 2024 21:54:36 +0200 Subject: [PATCH 9/9] downgrade requirement to typeguard<4.3 for tests to avoid broken test jobs --- setup.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup.py b/setup.py index e6b8b91d..f5d906a2 100644 --- a/setup.py +++ b/setup.py @@ -40,7 +40,7 @@ install_requires = ["defusedxml", "passlib", "vobject>=0.9.6", "pika>=1.1.0", "setuptools; python_version<'3.9'"] bcrypt_requires = ["bcrypt"] -test_requires = ["pytest>=7", "typeguard>=4", "waitress", *bcrypt_requires] +test_requires = ["pytest>=7", "typeguard<4.3", "waitress", *bcrypt_requires] setup( name="Radicale",