I'm experiencing the same problem but with the SyncMl Backend 
standalone implementation. What are the needed changes for this file 
/lib/Horde/SyncMl/Backend.php ?

Seems to be working without any problems.  Thanks for committing these 
changes!

-- Logan

Understood. Try now?

Changes have been made in Git for this ticket:

Bug #9438: restore the original session id after authentication.

  1 files changed, 20 insertions(+), 4 deletions(-)
http://git.horde.org/horde-git/-/commit/dc3188a1e60519652b431f2f2352f86630c8b885

Jan,

Sorry, I did not do a very good job of explaining.

Basically, the problem occurs when the client makes multiple requests 
to the server.

The first request starts the session with the md5(sessionId . 
deviceId) [KEY A].  Then it authenticates successfully, which causes 
the server to regenerate the session key [KEY B].  Then,  at close(), 
the server stores that the client is auth'd under the new session key 
[KEY B].

The client makes a second request, which does not include auth data, 
because it auth'd successfully on the first request.  However, it is 
not aware of the new session id,  as there is no facility in SyncML 
for the server to regenerate the session key.  So, the server starts a 
session with md5(sessionId . deviceId) [KEY A] and looks to see if the 
client is auth'd, but it isn't, because the auth data was stored under 
a different session key [KEY B].  So this time the client request 
fails because the server does not recognize it as being authenticated.

Sorry if I am still not being clear.

-- Logan

No, AFAICS whether the user is authenticated or not is stored in the 
state object, and only if he is *not* authenticated, we're trying to 
authenticate at the backend. If this happens during a sync session, 
then the state object is *not* reflecting the authentication state.

Changes have been made in Git for this ticket:

Bug #9438: add missing php tag.

  1 files changed, 1 insertions(+), 0 deletions(-)
http://git.horde.org/horde-git/-/commit/2c45ce168d2bc71788a6f80bd3aacbc2d4f74d28

Jan,

We still need the change to _checkAuthentication().  The reason for it 
is in the patch I sent, but basically the Horde authentication backend 
creates a new session id upon successful authentication.  This is 
standard good practice to avoid "session fixation", but unfortunately 
SyncML relies on session fixation, because the client specifies the 
session id, and the server has no way to request a new id.

So, you have to store the session id before authentication and reset 
it after, unless you want to update the authentication backend to add 
a parameter to suppress session regeneration.

-- Logan

Jan,

I did, but the error was still there.  The problem is because 
LifoQueue.php doesn't have "<?php" at the top of the file, so the code 
isn't being interpreted as PHP.

-- Logan

You didn't run install_dev.

Jan,

That error has been fixed, but now in my Apache error log I get the 
following error:

PHP Fatal error:  Class 'Horde_Xml_Wbxml_LifoQueue' not found in 
/usr/share/horde/framework/Xml_Wbxml/lib/Horde/Xml/Wbxml/ContentHandler.php on 
line 34

Thanks,
Logan

Changes have been made in Git for this ticket:

Bug #9438: Those classes are autoloadable now.

  1 files changed, 0 insertions(+), 5 deletions(-)
http://git.horde.org/horde-git/-/commit/fa107ceddec4f25b73e6441534d5f6d02afb4743

A recent commit seems to have introduced a bug.  I'm now getting the 
following message in my debug log:

DEBUG: HORDE [horde] PHP ERROR: 
require_once(XML/WBXML/ContentHandler.php) [<a 
href='function.require-once'>function.require-once</a>]: failed to 
open stream: No such file or directory [pid 1666 on line 119 of 
"/usr/share/horde/framework/SyncMl/lib/Horde/SyncMl/ContentHandler.php"]

Is that path supposed to be 'Horde/Xml/Wbxml/ContentHandler.php'?

-- Logan

Did this fix things? I don't see why the patch to 
_checkAuthentication() would be necessary.

Changes have been made in Git for this ticket:

Bug 9438: Use the client's session id and store the state on message 
end, not on session end.

  2 files changed, 9 insertions(+), 4 deletions(-)
http://git.horde.org/horde-git/-/commit/ad914b9601cb42e1702fd71e1450666cfcac6dfb

ok found another issue with funambol client:

when resetting contacts from client to server the session is started 
and continued ok but closed one packet too early. All contacts were 
replaces(added) and a final is sent to the client, which in turn 
generates another packet but as the session got closed this last 
packet fails, leading to a "sync error" on the client.
when commenting out the

$GLOBALS['backend']->sessionClose();
in horde/framework/SyncML/SyncML.php on line 529 the sync completes 
fine, so somehow the handleEnd() Method still has a bug, i add the 
last server/client packet that is kind of unexpected by the server

last server response:

<?xml version="1.0" encoding="UTF-8"?><SyncML 
xmlns="syncml:syncml1.2"><SyncHdr><VerDTD>1.2</VerDTD><VerProto>SyncML/1.2</VerProto><SessionID>1299072838078</SessionID><MsgID>4</MsgID><Target><LocURI>fac-357841037330855</LocURI><LocName>simon@aktionspotenzial.de</LocName></Target><Source><LocURI>http://192.168.1.99/horde/rpc.php</LocURI></Source><RespURI>http://192.168.1.99/horde/rpc.php</RespURI><Meta><MaxMsgSize xmlns="syncml:metinf">1000000000</MaxMsgSize><MaxObjSize 
xmlns="syncml:metinf">1000000000</MaxObjSize></Meta></SyncHdr><SyncBody><Status><CmdID>1</CmdID><MsgRef>4</MsgRef><CmdRef>0</CmdRef><Cmd>SyncHdr</Cmd><TargetRef>http://192.168.1.99/horde/rpc.php</TargetRef><SourceRef>fac-357841037330855</SourceRef><Data>200</Data></Status><Status><CmdID>2</CmdID><MsgRef>4</MsgRef><CmdRef>2</CmdRef><Cmd>Sync</Cmd><TargetRef>contacts</TargetRef><SourceRef>contacts</SourceRef><Data>200</Data></Status><Status><CmdID>3</CmdID><MsgRef>4</MsgRef><CmdRef>3</CmdRef><Cmd>Replace</Cmd><SourceRef>741</SourceRef><Data>201</Data></Status><Status><CmdID>4</CmdID><MsgRef>4</MsgRef><CmdRef>3</CmdRef><Cmd>Replace</Cmd><SourceRef>742</SourceRef><Data>201</Data></Status><Status><CmdID>5</CmdID><MsgRef>4</MsgRef><CmdRef>3</CmdRef><Cmd>Replace</Cmd><SourceRef>743</SourceRef><Data>201</Data></Status><Status><CmdID>6</CmdID><MsgRef>4</MsgRef><CmdRef>3</CmdRef><Cmd>Replace</Cmd><SourceRef>744</SourceRef><Data>201</Data></Status><Status><CmdID>7</CmdID><MsgRef>4</MsgRef><CmdR
ef>3</CmdRef><Cmd>Replace</Cmd><SourceRef>745</SourceRef><Data>201</Data></Status><Status><CmdID>8</CmdID><MsgRef>4</MsgRef><CmdRef>3</CmdRef><Cmd>Replace</Cmd><SourceRef>746</SourceRef><Data>201</Data></Status><Status><CmdID>9</CmdID><MsgRef>4</MsgRef><CmdRef>3</CmdRef><Cmd>Replace</Cmd><SourceRef>747</SourceRef><Data>201</Data></Status><Status><CmdID>10</CmdID><MsgRef>4</MsgRef><CmdRef>3</CmdRef><Cmd>Replace</Cmd><SourceRef>748</SourceRef><Data>201</Data></Status><Status><CmdID>11</CmdID><MsgRef>4</MsgRef><CmdRef>3</CmdRef><Cmd>Replace</Cmd><SourceRef>749</SourceRef><Data>201</Data></Status><Status><CmdID>12</CmdID><MsgRef>4</MsgRef><CmdRef>3</CmdRef><Cmd>Replace</Cmd><SourceRef>750</SourceRef><Data>201</Data></Status><Status><CmdID>13</CmdID><MsgRef>4</MsgRef><CmdRef>3</CmdRef><Cmd>Replace</Cmd><SourceRef>751</SourceRef><Data>201</Data></Status><Status><CmdID>14</CmdID><MsgRef>4</MsgRef><CmdRef>3</CmdRef><Cmd>Replace</Cmd><SourceRef>752</SourceRef><Data>201</Data></Status><Status>
<CmdID>15</CmdID><MsgRef>4</MsgRef><CmdRef>3</CmdRef><Cmd>Replace</Cmd><SourceRef>753</SourceRef><Data>201</Data></Status><Status><CmdID>16</CmdID><MsgRef>4</MsgRef><CmdRef>3</CmdRef><Cmd>Replace</Cmd><SourceRef>754</SourceRef><Data>201</Data></Status><Status><CmdID>17</CmdID><MsgRef>4</MsgRef><CmdRef>3</CmdRef><Cmd>Replace</Cmd><SourceRef>755</SourceRef><Data>201</Data></Status><Status><CmdID>18</CmdID><MsgRef>4</MsgRef><CmdRef>3</CmdRef><Cmd>Replace</Cmd><SourceRef>756</SourceRef><Data>201</Data></Status><Status><CmdID>19</CmdID><MsgRef>4</MsgRef><CmdRef>3</CmdRef><Cmd>Replace</Cmd><SourceRef>757</SourceRef><Data>201</Data></Status><Status><CmdID>20</CmdID><MsgRef>4</MsgRef><CmdRef>3</CmdRef><Cmd>Replace</Cmd><SourceRef>758</SourceRef><Data>201</Data></Status><Status><CmdID>21</CmdID><MsgRef>4</MsgRef><CmdRef>3</CmdRef><Cmd>Replace</Cmd><SourceRef>759</SourceRef><Data>201</Data></Status><Status><CmdID>22</CmdID><MsgRef>4</MsgRef><CmdRef>3</CmdRef><Cmd>Replace</Cmd><SourceRef>760</S
ourceRef><Data>201</Data></Status><Status><CmdID>23</CmdID><MsgRef>4</MsgRef><CmdRef>3</CmdRef><Cmd>Replace</Cmd><SourceRef>761</SourceRef><Data>201</Data></Status><Status><CmdID>24</CmdID><MsgRef>4</MsgRef><CmdRef>3</CmdRef><Cmd>Replace</Cmd><SourceRef>762</SourceRef><Data>201</Data></Status><Status><CmdID>25</CmdID><MsgRef>4</MsgRef><CmdRef>3</CmdRef><Cmd>Replace</Cmd><SourceRef>763</SourceRef><Data>201</Data></Status><Final></Final></SyncBody></SyncML>



then closing session in handleEnd()

and the unexpected response from client:

<SyncML>
<SyncHdr>
<VerDTD><![CDATA[1.2]]></VerDTD>
<VerProto><![CDATA[SyncML/1.2]]></VerProto>
<SessionID><![CDATA[1299072838078]]></SessionID>
<MsgID>5</MsgID>
<Target>
<LocURI><![CDATA[http://192.168.1.99/horde/rpc.php]]></LocURI>
</Target>
<Source>
<LocURI><![CDATA[fac-357841037330855]]></LocURI>
</Source>
</SyncHdr>
<SyncBody>
<Status>
<CmdID><![CDATA[1]]></CmdID>
<MsgRef><![CDATA[4]]></MsgRef>
<CmdRef><![CDATA[0]]></CmdRef>
<Cmd><![CDATA[SyncHdr]]></Cmd>
<TargetRef><![CDATA[fac-357841037330855]]></TargetRef>
<SourceRef><![CDATA[http://192.168.1.99/horde/rpc.php]]></SourceRef>
<Data><![CDATA[200]]></Data>
</Status>
<Final></Final>
</SyncBody>
</SyncML>

kudos!
works great, thanks a lot!

I believe I have fixed this particular problem.  I am attaching my 
patch against the latest git HEAD.

-- Logan

See also Bug: 9492

Horde Sync is a great feature :) Is there anything I can do to support 
this issue?

fair enough, point taken :)

If it is so important for you, at this point, in a development 
version, you can hire our consulting services to get this bug fixed.

does this bug still have a priority? in the times of a increasing 
demand for smartphone sync solutions horde should sport a reliable 
syncml support, please ...!

I can confirm this issue.

i tried again and still the first login attempt is successfull but the 
second packet in the conversation fails with "authentication failed", 
can i do anything about this?

FWIW, this commit fixed the ActiveSync issue...

99,99% sure.

interesting is: it now seems to work one time but the second request 
gets denied (during one sync)

2010-12-09T19:44:03+01:00 DEBUG: HORDE [imp] Your browser is too old 
to display the dynamic mode. Using traditional mode instead. [pid 
17426 on line 27 of 
"/var/www/_horde/horde/framework/Core/lib/Horde/Core/Notification/Hordelog.php"]
2010-12-09T19:44:03+01:00 NOTICE: HORDE [imp] Login success for xxx 
[88.77.140.237] to {localhost:993 [imap]} [pid 17426 on line 199 of 
"/var/www/_horde/horde/imp/lib/Auth.php"]
2010-12-09T19:44:03+01:00 DEBUG: HORDE [horde] Authenticated: yes; 
version: 1.2; message ID: 1; source URI: aku-1291724651; target URI: 
http://xxxx/horde-git/rpc.php; user: xxx; charset: UTF-8; wbxml: no 
[pid 17426 on line 295 of 
"/var/www/_horde/horde/framework/SyncML/SyncML.php"]
2010-12-09T19:44:03+01:00 DEBUG: HORDE [horde] SQL Query by 
SyncML_Backend_Horde::readSyncAnchors(): SELECT syncml_clientanchor, 
syncml_serveranchor FROM horde_syncml_anchors WHERE syncml_syncpartner 
= ? AND syncml_db = ? AND syncml_uid = ?, values: aku-1291724651, 
calendar, xxx [pid 17426 on line 166 of 
"/var/www/_horde/horde/framework/SyncML/SyncML/Command/Alert.php"]
2010-12-09T19:44:03+01:00 DEBUG: HORDE [horde] No info about previous 
syncs found for device aku-1291724651 and database event [pid 17426 on 
line 446 of "/var/www/_horde/horde/framework/SyncML/SyncML.php"]
2010-12-09T19:44:03+01:00 DEBUG: HORDE [horde] Creating SyncML_Sync 
object for database event; sync type 201 [pid 17426 on line 446 of 
"/var/www/_horde/horde/framework/SyncML/SyncML.php"]
2010-12-09T19:44:03+01:00 DEBUG: HORDE [horde] Received <Final> from 
client. [pid 17426 on line 446 of 
"/var/www/_horde/horde/framework/SyncML/SyncML.php"]
2010-12-09T19:44:03+01:00 DEBUG: HORDE [horde] Handle <Final> for 
state Init [pid 17426 on line 408 of 
"/var/www/_horde/horde/framework/SyncML/SyncML/State.php"]
2010-12-09T19:44:03+01:00 DEBUG: HORDE [horde] Sending <Final> to 
client [pid 17426 on line 310 of 
"/var/www/_horde/horde/framework/SyncML/SyncML.php"]
2010-12-09T19:44:03+01:00 DEBUG: HORDE [horde] Return message 
completed [pid 17426 on line 310 of 
"/var/www/_horde/horde/framework/SyncML/SyncML.php"]
2010-12-09T19:44:03+01:00 DEBUG: HORDE [horde] Finished at 2010-12-09 
19:44:03. Packet logged in /tmp/sync/server_50.xml [pid 17426 on line 
176 of "/var/www/_horde/horde/framework/SyncML/SyncML.php"]

and then:


010-12-09T19:44:03+01:00 DEBUG: HORDE [horde] Horde_Rpc::__construct 
complete [pid 17426 on line 97 of 
"/var/www/_horde/horde/framework/Rpc/lib/Horde/Rpc.php"]
2010-12-09T19:44:03+01:00 DEBUG: HORDE [horde] Backend of class 
SyncML_Backend_Horde created [pid 17426 on line 31 of 
"/var/www/_horde/horde/framework/SyncML/SyncML/Backend/Horde.php"]
2010-12-09T19:44:03+01:00 DEBUG: HORDE [horde] Started at 2010-12-09 
19:44:03. Packet logged in /tmp/sync/client_60.xml [pid 17426 on line 
108 of "/var/www/_horde/horde/framework/SyncML/SyncML.php"]
2010-12-09T19:44:03+01:00 DEBUG: HORDE [horde] New session created:   
[pid 17426 on line 376 of 
"/var/www/_horde/horde/framework/SyncML/SyncML.php"]
2010-12-09T19:44:03+01:00 DEBUG: HORDE [horde] Invalid authentication 
[pid 17426 on line 295 of 
"/var/www/_horde/horde/framework/SyncML/SyncML.php"]
2010-12-09T19:44:03+01:00 DEBUG: HORDE [horde] Authenticated: no; 
version: 1.2; message ID: 2; source URI: aku-1291724651; target URI: 
http://hosting.aktionspotenzial.de/horde-git/rpc.php; user: ; charset: 
UTF-8; wbxml: no [pid 17426 on line 295 of 
"/var/www/_horde/horde/framework/SyncML/SyncML.php"]
2010-12-09T19:44:03+01:00 DEBUG: HORDE [horde] Received <Final> from 
client. [pid 17426 on line 446 of 
"/var/www/_horde/horde/framework/SyncML/SyncML.php"]
2010-12-09T19:44:03+01:00 DEBUG: HORDE [horde] Sending <Final> to 
client [pid 17426 on line 310 of 
"/var/www/_horde/horde/framework/SyncML/SyncML.php"]
2010-12-09T19:44:03+01:00 DEBUG: HORDE [horde] Session completed and 
closed [pid 17426 on line 310 of 
"/var/www/_horde/horde/framework/SyncML/SyncML.php"]
2010-12-09T19:44:03+01:00 DEBUG: HORDE [horde] PHP ERROR: 
session_destroy() [<a 
href='function.session-destroy'>function.session-destroy</a>]: Trying 
to destroy uninitialized session [pid 17426 on line 432 of 
"/var/www/_horde/horde/framework/SyncML/SyncML/Backend.php"]
2010-12-09T19:44:03+01:00 DEBUG: HORDE [horde] Finished at 2010-12-09 
19:44:03. Packet logged in /tmp/sync/server_60.xml [pid 17426 on line 
176 of "/var/www/_horde/horde/framework/SyncML/SyncML.php"]

so somehow session handling is borked?

Are you really using SyncML from git? If I look at my git checkout the 
lines associated to the log messages are different and some log 
messages even don't seem to exists anymore.

hi,

thanks for your fix, but it still doesn't work yet:

2010-12-09T18:22:24+01:00 DEBUG: HORDE [horde] Started at 2010-12-09 
18:22:24. Packet logged in /tmp/sync/client_60.xml [pid 17426 on line 
108 of "/var/www/_horde/horde/framework/SyncML/SyncML.php"]
2010-12-09T18:22:24+01:00 DEBUG: HORDE [horde] New session created:   
[pid 17426 on line 376 of 
"/var/www/_horde/horde/framework/SyncML/SyncML.php"]
2010-12-09T18:22:24+01:00 DEBUG: HORDE [horde] Invalid authentication 
[pid 17426 on line 295 of 
"/var/www/_horde/horde/framework/SyncML/SyncML.php"]
2010-12-09T18:22:24+01:00 DEBUG: HORDE [horde] Authenticated: no; 
version: 1.2; message ID: 2; source URI: fac-357841037330855; target 
URI: http://xxxxxxxx/horde-git/rpc.php; user: xxxxxxxxx; charset: 
UTF-8; wbxml: no [pid 17426 on line 295 of 
"/var/www/_horde/horde/framework/SyncML/SyncML.php"]
2010-12-09T18:22:24+01:00 DEBUG: HORDE [horde] Received <Final> from 
client. [pid 17426 on line 446 of 
"/var/www/_horde/horde/framework/SyncML/SyncML.php"]
2010-12-09T18:22:24+01:00 DEBUG: HORDE [horde] Sending <Final> to 
client [pid 17426 on line 310 of 
"/var/www/_horde/horde/framework/SyncML/SyncML.php"]
2010-12-09T18:22:24+01:00 DEBUG: HORDE [horde] Session completed and 
closed [pid 17426 on line 310 of 
"/var/www/_horde/horde/framework/SyncML/SyncML.php"]
2010-12-09T18:22:24+01:00 DEBUG: HORDE [horde] PHP ERROR: 
session_destroy() [<a 
href='function.session-destroy'>function.session-destroy</a>]: Trying 
to destroy uninitialized session [pid 17426 on line 432 of 
"/var/www/_horde/horde/framework/SyncML/SyncML/Backend.php"]

Sorry, was entirely my fault. I incorrectly associated this problem to 
the problems I had with transparent auth. But the problem here was 
solely related to my modification of Horde_Secret. I overlooked that 
the functions previously accepted "null" and "false" as input without 
bailing out.

Can you verify that this commit fixes the problem:

https://github.com/horde/horde/commit/a6267c6747973b74c6b58c2f2a75ad63c03389b6

tried to comment out in rpc.php but just got another error

Invalid authentication [pid 1380 on line 295 of 
"/var/www/_horde/horde/framework/SyncML/SyncML.php"]

so no real help for me ... hmm

This is the exact same issue I am seeing with ActiveSync access. At 
least in the case with ActiveSync, it's due to the fact that there 
(correctly) is no session (session_control => 'none') created for 
activesync requests. My guess is syncml also does not need or create a 
session.

As a local workaround, I temporarily removed the 'session_control' => 
none parameter from the appInit call that gets called for activesync 
access, and this works. You could try doing the same for syncml in 
rpc.php temporarily until this gets fixed properly.

hi,

deleted cookies on my android browser, app data for funambol sync 
client, session files on server -  its still not working

Deleting your old cookie before logging in should allow to work around 
the problem for now.

There is data in the old session that fails on relogin under certain 
circumstances. I still need some feedback from Micheal Slusarz to 
understand how this is meant to work.

hi,

i can't authenicate to horde anymore via syncml:

EMERG: HORDE [horde] Chiper text must be a string [pid 1380 on line 96 
of "/var/www/_horde/horde/framework/Secret/lib/Horde/Secret.php"]

some recent changes brought this