Merge branch 'master' of github.com:metallerok/Radicale into processing-all-day-expand-events

config

@@ -120,6 +120,9 @@
 # Don't include passwords in logs
 #mask_passwords = True
 
+# Log bad PUT request content
+#bad_put_request_content = False
+
 
 [headers]
 

radicale/app/__init__.py

@@ -3,6 +3,7 @@
 # Copyright © 2008 Pascal Halter
 # Copyright © 2008-2017 Guillaume Ayoub
 # Copyright © 2017-2019 Unrud <unrud@outlook.com>
+# Copyright © 2024-2024 Peter Bieringer <pb@bieringer.de>
 #
 # This library is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -80,6 +81,7 @@ class Application(ApplicationPartDelete, ApplicationPartHead,
         """
         super().__init__(configuration)
         self._mask_passwords = configuration.get("logging", "mask_passwords")
+        self._bad_put_request_content = configuration.get("logging", "bad_put_request_content")
         self._auth_delay = configuration.get("auth", "delay")
         self._internal_server = configuration.get("server", "_internal_server")
         self._max_content_length = configuration.get(

radicale/app/base.py

@@ -1,5 +1,6 @@
 # This file is part of Radicale - CalDAV and CardDAV server
 # Copyright © 2020 Unrud <unrud@outlook.com>
+# Copyright © 2024-2024 Peter Bieringer <pb@bieringer.de>
 #
 # This library is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -48,6 +49,7 @@ class ApplicationBase:
         self._rights = rights.load(configuration)
         self._web = web.load(configuration)
         self._encoding = configuration.get("encoding", "request")
+        self._log_bad_put_request_content = configuration.get("logging", "bad_put_request_content")
         self._hook = hook.load(configuration)
 
     def _read_xml_request_body(self, environ: types.WSGIEnviron

radicale/app/put.py

@@ -3,6 +3,7 @@
 # Copyright © 2008 Pascal Halter
 # Copyright © 2008-2017 Guillaume Ayoub
 # Copyright © 2017-2018 Unrud <unrud@outlook.com>
+# Copyright © 2024-2024 Peter Bieringer <pb@bieringer.de>
 #
 # This library is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -146,6 +147,8 @@ class ApplicationPartPut(ApplicationBase):
         except Exception as e:
             logger.warning(
                 "Bad PUT request on %r (read_components): %s", path, e, exc_info=True)
+            if self._log_bad_put_request_content:
+                logger.warning("Bad PUT request content of %r:\n%s", path, content)
             return httputils.BAD_REQUEST
         (prepared_items, prepared_tag, prepared_write_whole_collection,
          prepared_props, prepared_exc_info) = prepare(

radicale/config.py

@@ -3,6 +3,7 @@
 # Copyright © 2008 Nicolas Kandel
 # Copyright © 2008 Pascal Halter
 # Copyright © 2017-2019 Unrud <unrud@outlook.com>
+# Copyright © 2024-2024 Peter Bieringer <pb@bieringer.de>
 #
 # This library is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -247,6 +248,10 @@ DEFAULT_CONFIG_SCHEMA: types.CONFIG_SCHEMA = OrderedDict([
             "value": "info",
             "help": "threshold for the logger",
             "type": logging_level}),
+        ("bad_put_request_content", {
+            "value": "False",
+            "help": "log bad PUT request content",
+            "type": bool}),
         ("mask_passwords", {
             "value": "True",
             "help": "mask passwords in logs",

setup.py

@@ -40,7 +40,7 @@ install_requires = ["defusedxml", "passlib", "vobject>=0.9.6",
                     "pika>=1.1.0",
                     "setuptools; python_version<'3.9'"]
 bcrypt_requires = ["bcrypt"]
-test_requires = ["pytest>=7", "typeguard>=4", "waitress", *bcrypt_requires]
+test_requires = ["pytest>=7", "typeguard<4.3", "waitress", *bcrypt_requires]
 
 setup(
     name="Radicale",