From 9dd10a757490783b14f9b1c0fe406f784e0ea8e1 Mon Sep 17 00:00:00 2001 From: Daniel Aleksandersen Date: Thu, 5 Jul 2012 22:38:25 +0300 Subject: [PATCH 1/2] Website documentation for acl/IMAP Requirements, config, and [intentional] limitations. --- pages/user_documentation.rst | 21 ++++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) diff --git a/pages/user_documentation.rst b/pages/user_documentation.rst index 9b59848e..f3603632 100644 --- a/pages/user_documentation.rst +++ b/pages/user_documentation.rst @@ -2,9 +2,9 @@ User Documentation ==================== -:Author: Guillaume Ayoub +:Author: Guillaume Ayoub, Daniel Aleksandersen -:Date: 2010-02-11 +:Date: 2012-07-05 :Abstract: This document is a short description for installing and using the Radicale calendar and contact Server. @@ -333,7 +333,7 @@ configuration file, with the main parameters: [acl] # Access method - # Value: None | htpasswd | LDAP | PAM | courier + # Value: None | courier | IMAP | htpasswd | LDAP | PAM type = None # Usernames used for public collections, separated by a comma @@ -341,6 +341,10 @@ configuration file, with the main parameters: # Usernames used for private collections, separated by a comma private_users = private + # STARTTLS capable or local IMAP + imap_auth_host_name = localhost + imap_auth_host_port = 143 + # Htpasswd filename htpasswd_filename = /etc/radicale/users # Htpasswd encryption method @@ -628,6 +632,8 @@ TLS Support Python 2.6 suffered `a bug `_ causing huge timeout problems with TLS. The bug is fixed since Python 2.6.6. +IAMP authentication over TLS requies Python 3.2. + Python 2.7 and Python 3.x do not suffer this bug. Crypt Support @@ -637,6 +643,15 @@ With the htpasswd access, many encryption methods are available, and crypt is th default one in Radicale. Unfortunately, the ``crypt`` module is unavailable on Windows, you have to pick another method on this OS. +IMAP Authentication +------------------- + +The IMAP authentication module relies on the imaplib module, available with 2.x +versions of Python. However, TLS is only available in Python 3.2. Older versions +of Python or a non-modern server who does not support STARTTLS can only +authenticate against ``localhost`` as passwords are transmitted in PLAIN. Legacy +SSL mode on port 993 is not supported. + LDAP Authentication ------------------- From fa538c8ef7ae2e1e041940205a9a29ccb2dcdf46 Mon Sep 17 00:00:00 2001 From: Daniel Aleksandersen Date: Fri, 6 Jul 2012 02:38:04 +0300 Subject: [PATCH 2/2] A bit more explicit config instructions --- pages/user_documentation.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pages/user_documentation.rst b/pages/user_documentation.rst index f3603632..f2f5c28d 100644 --- a/pages/user_documentation.rst +++ b/pages/user_documentation.rst @@ -341,7 +341,7 @@ configuration file, with the main parameters: # Usernames used for private collections, separated by a comma private_users = private - # STARTTLS capable or local IMAP + # STARTTLS capable or local IMAP server domain name imap_auth_host_name = localhost imap_auth_host_port = 143