Sabre\DAV\Exception\NotAuthenticated exception generates 500 instead of 401 during PUT

[joostbekkers]

Context:
Apache 2.4
PHP-FPM 8.1 on a TCP socket.

When Sabre\DAV\Server\start() is called to handle a large PUT request without a correct authentication header, the NotAuthenticatedException is thrown before the body of the request is completely received by php.

The response is sent to the webserver and the connection between webserver and php is closed/reset.
The webserver is unable to complete sending the request body and serves a 500 error to the client.

I've fixed this issue for my usecase by calling $this->httpRequest->getBodyAsString()

             $this->httpRequest->setBaseUrl($this->getBaseUri());
             $this->invokeMethod($this->httpRequest, $this->httpResponse);
         } catch (\Throwable $e) {
+
+           if (get_class($e) === 'Sabre\DAV\Exception\NotAuthenticated') {
+               if ($_SERVER['REQUEST_METHOD']==='PUT') {
+                 $this->httpRequest->getBodyAsString();
+               }
+            }
+
             try {
                 $this->emit('exception', [$e]);
             } catch (\Exception $ignore) {
             }