2
I use nginx 1.3.9 with the extensions nginx-dav-ext-module and nginx-http-auth-digest.
The problem seems to only occur when I try to log in with cadaver, it’s possible to access the DAV share with iOS, OSX and some other DAV-enabled clients.
Here is the server configuration:
# Secure WebDAV server
#
server {
listen 443;
server_name dav.me.in;
ssl on;
ssl_certificate em.in.cert.csr;
ssl_certificate_key me.in.cert.key;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
ssl_prefer_server_ciphers on;
auth_digest_user_file /var/www/.webdav_passwd;
location / {
auth_digest "WebDAV";
root /var/www/dav/;
autoindex on;
client_body_temp_path /tmp/nginx/client-tmp 1 2;
create_full_put_path on;
client_max_body_size 50m;
dav_access user:rw group:r all:r;
dav_methods PUT DELETE MKCOL COPY MOVE;
dav_ext_methods PROPFIND OPTIONS;
}
}
Here is the cadaver log having debug httpauth
enabled:
Authentication required for WebDAV on server `dav.me.in':
Username: me
Password:
auth: Got qop, using 2617-style.
auth: H(A1) is [1700d..........................]
auth: Accepting digest challenge.
auth: Accepted Digest challenge.
Running pre_send hooks
auth: Sending 'Digest' response.
auth: H(A2): bd918..........................
Sending request headers:
OPTIONS / HTTP/1.1
User-Agent: cadaver/0.23.3 neon/0.29.1
Keep-Alive:
Connection: TE, Keep-Alive
TE: trailers
Host: dav.me.in
Authorization: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Sending request-line and headers:
Request sent; retry is 1.
Aborted request (-3): Could not read status line
Persistent connection timed out, retrying.
Sending request-line and headers:
Connecting to xxxxxxxxxxxxxxxxxx
Doing SSL negotiation.
ssl: Verify callback @ 0 => 18
ssl: Verify failures |= 8 => 8
Request sent; retry is 0.
[status-line] < HTTP/1.1 200 OK
[hdr] Server: nginx
Header Name: [server], Value: [nginx]
[hdr] Date: Tue, 25 Dec 2012 23:27:43 GMT
Header Name: [date], Value: [Tue, 25 Dec 2012 23:27:43 GMT]
[hdr] Content-Length: 0
Header Name: [content-length], Value: [0]
[hdr] Connection: keep-alive
Header Name: [connection], Value: [keep-alive]
[hdr] Keep-Alive: timeout=10
Header Name: [keep-alive], Value: [timeout=10]
[hdr] Authentication-Info: qop="auth", rspauth="12f6................................", cnonce="755.........................", nc=00000001Header Name: [authentication-info], Value: [qop="auth", rspauth="12f6................................", cnonce="755.........................", nc=00000001]
[hdr] DAV: 1
Header Name: [dav], Value: [1]
[hdr] Allow: GET,HEAD,PUT,DELETE,MKCOL,COPY,MOVE,PROPFIND,OPTIONS
Header Name: [allow], Value: [GET,HEAD,PUT,DELETE,MKCOL,COPY,MOVE,PROPFIND,OPTIONS]
[hdr]
End of headers.
Running post_headers hooks
Running post_send hooks
ah_post_send (#1), code is 200 (want 401), WWW-Authenticate is (none)
auth: Got Auth-Info header: qop="auth", rspauth="12f6................................", cnonce="755.........................", nc=00000001
auth: response-digest match: no (expected [b8cd........................] vs actual [12f6................................])
Request ends, status 200 class 2xx, error line:
Digest mutual authentication failure: request-digest mismatch
Running destroy hooks.
Request ends.
Could not open collection:
Digest mutual authentication failure: request-digest mismatch