--- a/src/auth/auth-request.c	Sun Apr 03 00:20:38 2005 +0300
+++ b/src/auth/auth-request.c	Sun Apr 03 01:00:49 2005 +0300
@@ -420,6 +420,12 @@
 		return;
 	}
 
+	if (strcmp(name, "user") == 0) {
+		/* update username to be exactly as it's in database */
+		request->user = p_strdup(request->pool, value);
+		return;
+	}
+
 	if (strcmp(name, "nodelay") == 0) {
 		/* don't delay replying to client of the failure */
 		request->no_failure_delay = TRUE;

--- a/src/auth/auth-worker-client.c	Sun Apr 03 00:20:38 2005 +0300
+++ b/src/auth/auth-worker-client.c	Sun Apr 03 01:00:49 2005 +0300
@@ -90,6 +90,8 @@
 		str_printfa(str, "FAIL\t%d", result);
 	else {
 		str_append(str, "OK\t");
+		str_append(str, request->user);
+		str_append_c(str, '\t');
 		if (request->passdb_password != NULL)
 			str_append(str, request->passdb_password);
 		str_append_c(str, '\t');
@@ -153,7 +155,7 @@
 	if (result != PASSDB_RESULT_OK)
 		str_printfa(str, "FAIL\t%d", result);
 	else {
-		str_printfa(str, "OK\t{%s}%s\t",
+		str_printfa(str, "OK\t%s\t{%s}%s\t", request->user,
 			    passdb_credentials_to_str(request->credentials),
 			    credentials);
 		if (request->extra_fields != NULL)

--- a/src/auth/passdb-blocking.c	Sun Apr 03 00:20:38 2005 +0300
+++ b/src/auth/passdb-blocking.c	Sun Apr 03 01:00:49 2005 +0300
@@ -47,17 +47,22 @@
 static int get_pass_reply(struct auth_request *request, const char *reply,
 			  const char **password_r, const char **scheme_r)
 {
-	const char *p;
+	const char *p, *p2;
 
+	/* user \t {scheme}password [\t extra] */
 	p = strchr(reply, '\t');
-	if (p == NULL) {
+	p2 = p == NULL ? NULL : strchr(p + 1, '\t');
+	if (p2 == NULL) {
 		*password_r = NULL;
 		*scheme_r = NULL;
 		return 0;
 	}
 
-	*password_r = t_strdup_until(reply, p);
-	reply = p + 1;
+	/* username may have changed, update it */
+	request->user = p_strdup_until(request->pool, reply, p);
+
+	*password_r = t_strdup_until(p + 1, p2);
+	reply = p2 + 1;
 
 	if (**password_r == '\0') {
 		*password_r = NULL;

--- a/src/auth/passdb-bsdauth.c	Sun Apr 03 00:20:38 2005 +0300
+++ b/src/auth/passdb-bsdauth.c	Sun Apr 03 01:00:49 2005 +0300
@@ -48,6 +48,9 @@
 		return;
 	}
 
+	/* make sure we're using the username exactly as it's in the database */
+	request->user = p_strdup(request->pool, pw->pw_name);
+
 	callback(PASSDB_RESULT_OK, request);
 }
 

--- a/src/auth/passdb-passwd-file.c	Sun Apr 03 00:20:38 2005 +0300
+++ b/src/auth/passdb-passwd-file.c	Sun Apr 03 01:00:49 2005 +0300
@@ -26,6 +26,10 @@
 		return;
 	}
 
+	/* we use case-sensitive lookups. otherwise we'd have to update
+	   request->user to pu->user */
+	i_assert(strcmp(request->user, pu->user_realm) == 0);
+
 	crypted_pass = pu->password;
 	scheme = password_get_scheme(&crypted_pass);
 	if (scheme == NULL) scheme = "CRYPT";

--- a/src/auth/passdb-passwd.c	Sun Apr 03 00:20:38 2005 +0300
+++ b/src/auth/passdb-passwd.c	Sun Apr 03 01:00:49 2005 +0300
@@ -45,6 +45,9 @@
 		return;
 	}
 
+	/* make sure we're using the username exactly as it's in the database */
+	request->user = p_strdup(request->pool, pw->pw_name);
+
 	callback(PASSDB_RESULT_OK, request);
 }
 

--- a/src/auth/passdb-shadow.c	Sun Apr 03 00:20:38 2005 +0300
+++ b/src/auth/passdb-shadow.c	Sun Apr 03 01:00:49 2005 +0300
@@ -45,6 +45,9 @@
 		return;
 	}
 
+	/* make sure we're using the username exactly as it's in the database */
+	request->user = p_strdup(request->pool, spw->sp_namp);
+
 	callback(PASSDB_RESULT_OK, request);
 }
 

--- a/src/auth/passdb-vpopmail.c	Sun Apr 03 00:20:38 2005 +0300
+++ b/src/auth/passdb-vpopmail.c	Sun Apr 03 01:00:49 2005 +0300
@@ -88,6 +88,9 @@
 	}
 #endif
 
+	/* make sure we're using the username exactly as it's in the database */
+	request->user = p_strdup(request->pool, vpw->pw_name);
+
 	callback(PASSDB_RESULT_OK, request);
 }