[imp] UNable to auth IDN in IMP - sanitized log data inline, full sanitized log attached

[Michael M Slusarz]

Quoting info at interpost.biz:

> There's not much in the log:
>
>
>>> Tue, 12 Aug 2014 13:15:50 +0000
>>> Connection to: imap://localhost/
>>> Server connection took 0,0008 seconds.
> S: * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID  
> ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
> C: 1 STARTTLS
> S: 1 OK Begin TLS negotiation now.
>>> Command 1 took 0,0017 seconds.
>>> Successfully completed TLS negotiation.
> C: 2 CAPABILITY
> S: * CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE  
> IDLE AUTH=PLAIN AUTH=LOGIN
> S: 2 OK Pre-login capabilities listed, post-login capabilities have more.
>>> Command 2 took 0,0022 seconds.
> C: 3 AUTHENTICATE PLAIN [INITIAL CLIENT RESPONSE (username:  
> info at boîteauxlettres.net)]
> S: 3 NO [AUTHENTICATIONFAILED] Authentication failed.
>>> Command 3 took 1,5036 seconds.

This is correct.  IMP is sending the "AUTHENTICATE PLAIN" client  
response using the full-IDN e-mail domain.  If Dovecot is rejecting  
this, then this is an issue with the authentication and/or  
configuration on the Dovecot side.  Are you sure the underlying  
authentication backend in Dovecot can handle these IDN names?

> C: 4 LOGIN info at boîteauxlettres.net [PASSWORD]
> info at boîteauxlettres.netC:  correctpassword
>>> Slow Command: 6,007 seconds
> S: 4 NO [AUTHENTICATIONFAILED] Authentication failed.

This is actually incorrect behavior on Horde_Imap_Client's part.   
LOGIN supports ASCII strings only.  We should catch this in  
Horde_Imap_Client so that we don't waste a server round-trip, and the  
corresponding wait time for the server to reject auth, when we know it  
can never be successful (it's still going to throw an error - it's  
just going to happen much faster).

michael

___________________________________
Michael Slusarz [slusarz at horde.org]