From 2a9f37defb145383f0c572cbe45ea3b2201a343f Mon Sep 17 00:00:00 2001
From: Unrud <unrud@openaliasbox.org>
Date: Fri, 2 Sep 2016 14:41:31 +0200
Subject: [PATCH 1/3] Repair authentication

---
 radicale/__init__.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/radicale/__init__.py b/radicale/__init__.py
index 234e0ef1..06354d99 100644
--- a/radicale/__init__.py
+++ b/radicale/__init__.py
@@ -388,7 +388,7 @@ class Application:
             self.logger.info("%s refused" % (user or "Anonymous user"))
             status = client.UNAUTHORIZED
             realm = self.configuration.get("server", "realm")
-            headers = headers.copy()
+            headers = dict(headers)
             headers.update ({
                 "WWW-Authenticate":
                 "Basic realm=\"%s\"" % realm})

From 11df2f11842cc4bf2fc198d6e6eb394abd33422a Mon Sep 17 00:00:00 2001
From: Unrud <unrud@openaliasbox.org>
Date: Fri, 2 Sep 2016 14:42:22 +0200
Subject: [PATCH 2/3] Test authentication

Test for 2a9f37defb145383f0c572cbe45ea3b2201a343f
---
 radicale/tests/test_base.py | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/radicale/tests/test_base.py b/radicale/tests/test_base.py
index f7d2e818..ee47169d 100644
--- a/radicale/tests/test_base.py
+++ b/radicale/tests/test_base.py
@@ -766,6 +766,14 @@ class BaseRequestsMixIn:
         assert status == 207
         assert "href>/user/<" in answer
 
+    def test_authentication(self):
+        """Test if server sends authentication request."""
+        self.configuration.set("rights", "type", "owner_only")
+        self.application = Application(self.configuration, self.logger)
+        status, headers, answer = self.request("MKCOL", "/user/")
+        assert status in (401, 403)
+        assert headers.get("WWW-Authenticate")
+
     def test_principal_collection_creation(self):
         """Verify existence of the principal collection."""
         status, headers, answer = self.request(

From 9e27d4e2a8719033d6e1bde865ad0bc99c92d8b0 Mon Sep 17 00:00:00 2001
From: Unrud <unrud@openaliasbox.org>
Date: Fri, 2 Sep 2016 15:06:32 +0200
Subject: [PATCH 3/3] Emulate fullmatch with match

re.fullmatch was introduced in Python 3.4
---
 radicale/rights.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/radicale/rights.py b/radicale/rights.py
index bad50a96..00928435 100644
--- a/radicale/rights.py
+++ b/radicale/rights.py
@@ -134,10 +134,12 @@ class Rights(BaseRights):
             self.logger.debug(
                 "Test if '%s:%s' matches against '%s:%s' from section '%s'",
                 user, sane_path, re_user, re_collection, section)
-            user_match = re.fullmatch(re_user, user)
+            # Emulate fullmatch
+            user_match = re.match(r"(?:%s)\Z" % re_user, user)
             if user_match:
                 re_collection = re_collection.format(*user_match.groups())
-                if re.fullmatch(re_collection, sane_path):
+                # Emulate fullmatch
+                if re.match(r"(?:%s)\Z" % re_collection, sane_path):
                     self.logger.debug("Section '%s' matches", section)
                     return permission in regex.get(section, "permission")
                 else: