From fb970246e01c4c4ac675988aa2e1ee8f3c10f032 Mon Sep 17 00:00:00 2001
From: Unrud <unrud@openaliasbox.org>
Date: Tue, 23 May 2017 03:08:04 +0200
Subject: [PATCH] Only query auth backend when a user is set

---
 radicale/__init__.py | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/radicale/__init__.py b/radicale/__init__.py
index d268ae0..8365769 100644
--- a/radicale/__init__.py
+++ b/radicale/__init__.py
@@ -375,13 +375,14 @@ class Application:
         if path == "/.well-known" or path.startswith("/.well-known/"):
             return response(*NOT_FOUND)
 
-        if user and not storage.is_safe_path_component(user):
+        if not user:
+            is_authenticated = True
+        elif not storage.is_safe_path_component(user):
             # Prevent usernames like "user/calendar.ics"
             self.logger.info("Refused unsafe username: %s", user)
             is_authenticated = False
         else:
             is_authenticated = self.Auth.is_authenticated(user, password)
-        is_valid_user = is_authenticated or not user
 
         # Create principal collection
         if user and is_authenticated:
@@ -405,7 +406,7 @@ class Application:
                     "Request body too large: %d", content_length)
                 return response(*REQUEST_ENTITY_TOO_LARGE)
 
-        if is_valid_user:
+        if is_authenticated:
             try:
                 status, headers, answer = function(
                     environ, base_prefix, path, user)