--- a/dovecot-example.conf	Wed Oct 22 01:47:16 2008 +0300
+++ b/dovecot-example.conf	Wed Oct 22 20:24:50 2008 +0300
@@ -898,7 +898,7 @@
 
   # checkpassword executable authentication
   # NOTE: You will probably want to use "userdb prefetch" with this.
-  # <doc/wiki/PasswordDatabase.CheckPassword.txt>
+  # <doc/wiki/AuthDatabase.CheckPassword.txt>
   #passdb checkpassword {
     # Path for checkpassword binary
     #args = 
@@ -950,6 +950,13 @@
     #args =
   #}
 
+  # checkpassword executable user database lookup
+  # <doc/wiki/AuthDatabase.CheckPassword.txt>
+  #userdb checkpassword {
+    # Path for checkpassword binary
+    #args = 
+  #}
+
   # static settings generated from template <doc/wiki/UserDatabase.Static.txt>
   #userdb static {
     # Template for the fields. Can return anything a userdb could normally

--- a/src/auth/checkpassword-reply.c	Wed Oct 22 01:47:16 2008 +0300
+++ b/src/auth/checkpassword-reply.c	Wed Oct 22 20:24:50 2008 +0300
@@ -10,7 +10,7 @@
 int main(void)
 {
 	string_t *str;
-	const char *user, *home;
+	const char *user, *home, *authorized;
 	const char *extra_env, *key, *value, *const *tmp;
 	bool uid_found = FALSE, gid_found = FALSE;
 
@@ -58,5 +58,6 @@
 		i_error("checkpassword: write_full() failed: %m");
 		exit(111);
 	}
-	return 0;
+	authorized = getenv("AUTHORIZED");
+	return authorized != NULL && strcmp(authorized, "2") == 0 ? 2 : 0;
 }

--- a/src/auth/userdb-checkpassword.c	Wed Oct 22 01:47:16 2008 +0300
+++ b/src/auth/userdb-checkpassword.c	Wed Oct 22 20:24:50 2008 +0300
@@ -118,7 +118,7 @@
 		   ignored by setting AUTHORIZED.  This needs a
 		   special checkpassword program which knows how to
 		   handle this. */
-		env_put("AUTHORIZED=YES");
+		env_put("AUTHORIZED=1");
 		checkpassword_setup_env(request);
 		/* very simple argument splitting. */
 		cmd = t_strconcat(module->checkpassword_path, " ",