diff -ruN cyrus-sasl-2.1.19-old/lib/checkpw.c cyrus-sasl-2.1.19/lib/checkpw.c
--- cyrus-sasl-2.1.19-old/lib/checkpw.c	2004-03-17 14:58:13.000000000 +0100
+++ cyrus-sasl-2.1.19/lib/checkpw.c	2005-03-16 11:56:40.947836136 +0100
@@ -143,7 +143,11 @@
 				       "*cmusaslsecretPLAIN",
 				       NULL };
     struct propval auxprop_values[3];
-    
+
+    /* added by lopaka */
+    char salt[31];
+    char *crypt_passwd = NULL;
+
     if (!conn || !userstr)
 	return SASL_BADPARAM;
 
@@ -180,12 +184,18 @@
 	goto done;
     }
 
+    /* 20041008 added by lopaka */
+    /* encrypt the passwd and then compare it with the encrypted passwd */
+    /* obtain salt = first 12 chars */
+    strncpy(salt,auxprop_values[0].values[0],13);
+    crypt_passwd = crypt(passwd,salt);
+
     /* At the point this has been called, the username has been canonified
      * and we've done the auxprop lookup.  This should be easy. */
     if(auxprop_values[0].name
        && auxprop_values[0].values
        && auxprop_values[0].values[0]
-       && !strcmp(auxprop_values[0].values[0], passwd)) {
+       && !strcmp(auxprop_values[0].values[0], crypt_passwd)) {  
 	/* We have a plaintext version and it matched! */
 	return SASL_OK;
     } else if(auxprop_values[1].name