From 2738d108301e0c560dda06482e6cbb5ac387787b Mon Sep 17 00:00:00 2001
From: Guillaume Ayoub <guillaume.ayoub@kozea.fr>
Date: Fri, 26 Apr 2013 00:56:56 +0200
Subject: [PATCH] Support SSL for IMAP authentication

Based on Nikita Koshikov's commit:
https://github.com/interlegis/Radicale/commit/000fc2a
---
 config                |  7 ++++++-
 radicale/auth/IMAP.py | 16 +++++++++++-----
 radicale/config.py    |  5 +++--
 3 files changed, 20 insertions(+), 8 deletions(-)

diff --git a/config b/config
index abf433a..ca9b20b 100644
--- a/config
+++ b/config
@@ -38,7 +38,7 @@ stock = utf-8
 
 [auth]
 # Authentication method
-# Value: None | htpasswd | LDAP | PAM | courier
+# Value: None | htpasswd | IMAP | LDAP | PAM | courier
 type = None
 
 # Usernames used for public collections, separated by a comma
@@ -71,6 +71,11 @@ ldap_password =
 # LDAP scope of the search
 ldap_scope = OneLevel
 
+# IMAP Configuration
+imap_hostname = localhost
+imap_port = 143
+imap_ssl = False
+
 # PAM group user should be member of
 pam_group_membership =
 
diff --git a/radicale/auth/IMAP.py b/radicale/auth/IMAP.py
index f31a5df..64a7029 100644
--- a/radicale/auth/IMAP.py
+++ b/radicale/auth/IMAP.py
@@ -34,20 +34,26 @@ import imaplib
 
 from .. import config, log
 
-IMAP_SERVER = config.get("auth", "imap_auth_host_name")
-IMAP_SERVER_PORT = config.get("auth", "imap_auth_host_port")
+IMAP_SERVER = config.get("auth", "imap_hostname")
+IMAP_SERVER_PORT = config.get("auth", "imap_port")
+IMAP_USE_SSL = config.get("auth", "imap_ssl")
 
 
 def is_authenticated(user, password):
     """Check if ``user``/``password`` couple is valid."""
 
     log.LOGGER.debug(
-        "[IMAP AUTH] Connecting to %s:%s." % (IMAP_SERVER, IMAP_SERVER_PORT,))
-    connection = imaplib.IMAP4(host=IMAP_SERVER, port=IMAP_SERVER_PORT)
+        "Connecting to IMAP server %s:%s." % (IMAP_SERVER, IMAP_SERVER_PORT,))
+
+    connection_is_secure = False
+    if IMAP_USE_SSL:
+        connection = imaplib.IMAP4_SSL(host=IMAP_SERVER, port=IMAP_SERVER_PORT)
+        connection_is_secure = True
+    else:
+        connection = imaplib.IMAP4(host=IMAP_SERVER, port=IMAP_SERVER_PORT)
 
     server_is_local = (IMAP_SERVER == "localhost")
 
-    connection_is_secure = False
     try:
         connection.starttls()
         log.LOGGER.debug("IMAP server connection changed to TLS.")
diff --git a/radicale/config.py b/radicale/config.py
index 3967480..bc1a15b 100644
--- a/radicale/config.py
+++ b/radicale/config.py
@@ -55,8 +55,9 @@ INITIAL_CONFIG = {
         "private_users": "private",
         "htpasswd_filename": "/etc/radicale/users",
         "htpasswd_encryption": "crypt",
-        "imap_auth_host_name": "localhost",
-        "imap_auth_host_port": "143",
+        "imap_hostname": "localhost",
+        "imap_port": "143",
+        "imap_ssl": "False",
         "ldap_url": "ldap://localhost:389/",
         "ldap_base": "ou=users,dc=example,dc=com",
         "ldap_attribute": "uid",