Bug 330081 - akonadi_davgroupware_resource has problems with server authentication
Summary: akonadi_davgroupware_resource has problems with server authentication
Status: RESOLVED UNMAINTAINED
Alias: None
Product: Akonadi
Classification: Frameworks and Libraries
Component: DAV Resource (show other bugs)
Version: 4.11
Platform: Gentoo Packages Linux
: NOR normal
Target Milestone: ---
Assignee: kdepim bugs
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-01-17 15:07 UTC by Sven Wehner
Modified: 2017-01-07 23:22 UTC (History)
2 users (show)

See Also:
Latest Commit:
Version Fixed In:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sven Wehner 2014-01-17 15:07:20 UTC
From time to time a mysterious "Server Authentication - [name] of type DAV groupware resource" dialog pops up. The message is as follows:
--- snip ---
The server failed the authenticity check ([server url]).
The certificate authority's certificate is invalid
The root certificate authority's certificate is not trusted for this purpose
The certificate cannot be verified for internal reasons
--- snap ---
If I browse to the URL using Konqueror, KDE seems to trust the certificate.

I'm not sure when and why this happens (I think it comes from an instable IPv6 connection). But when it appears, I try to find out why it failed. So I use the "Details" button. This opens a new "KDE SSL Information" dialog, which has only a single button ("Close"). When I press the close button, the akonadi seems to accept the certificate. So there is no way to decline (accept?) the certificate.

Reproducible: Sometimes



Expected Results:  
If the user asks for details, show dialog on top of other dialog. So the user could cancel authentication when the certificate is the wrong one.
Comment 1 Erik Quaeghebeur 2014-08-13 15:04:44 UTC
(In reply to Sven Wehner from comment #0)
> From time to time a mysterious "Server Authentication - [name] of type DAV
> groupware resource" dialog pops up. The message is as follows:
> --- snip ---
> The server failed the authenticity check ([server url]).
> The certificate authority's certificate is invalid
> The root certificate authority's certificate is not trusted for this purpose
> The certificate cannot be verified for internal reasons
> --- snap ---
> If I browse to the URL using Konqueror, KDE seems to trust the certificate.
> 
> I'm not sure when and why this happens (I think it comes from an instable
> IPv6 connection).[...]

I also encounter this on KDE 4.12.5. No ipv6 involved however. A nasty consequence of this error is a massive CPU and RAM usage (see bug #310743)
Comment 2 Denis Kurz 2016-09-24 20:34:08 UTC
This bug has only been reported for versions older than KDEPIM 4.14 (at most akonadi-1.3). Can anyone tell if this bug still present?

If noone confirms this bug for a recent version of akonadi (part of KDE Applications 15.08 or later), it gets closed in about three months.
Comment 3 Erik Quaeghebeur 2016-09-25 10:03:38 UTC
(In reply to Denis Kurz from comment #2)
> This bug has only been reported for versions older than KDEPIM 4.14 (at most
> akonadi-1.3). Can anyone tell if this bug still present?
> 
> If noone confirms this bug for a recent version of akonadi (part of KDE
> Applications 15.08 or later), it gets closed in about three months.

I can confirm this bug for akonadi-1.13.1_pre20160203, which is the stable version on Gentoo (15.08 is neither in testing or masked, 16.08.1 is available masked in an overlay, not in the main repository, meaning “still broken within Gentoo”). Kdepim is at version 4.14.11_pre20160211. I do not know whether a Frameworks 5 version will be available within 3 months.

This bug may be related (perhaps duplicate of) Bug 323623.
Comment 4 Denis Kurz 2017-01-07 23:22:48 UTC
Just as announced in my last comment, I close this bug. If you encounter it again in a recent version (at least 5.0 aka 15.08), please open a new one unless it already exists. Thank you for all your input.