diff -urN vsftpd-2.0.1/builddefs.h vsftpd-2.0.1+sasl/builddefs.h
--- vsftpd-2.0.1/builddefs.h	2004-07-02 16:36:59.000000000 +0200
+++ vsftpd-2.0.1+sasl/builddefs.h	2005-01-31 14:52:58.000000000 +0100
@@ -4,6 +4,7 @@
 #undef VSF_BUILD_TCPWRAPPERS
 #define VSF_BUILD_PAM
 #undef VSF_BUILD_SSL
+#define VSF_BUILD_SASL
 
 #endif /* VSF_BUILDDEFS_H */
 
diff -urN vsftpd-2.0.1/privops.c vsftpd-2.0.1+sasl/privops.c
--- vsftpd-2.0.1/privops.c	2004-07-02 13:24:19.000000000 +0200
+++ vsftpd-2.0.1+sasl/privops.c	2005-01-31 15:08:15.000000000 +0100
@@ -191,6 +191,9 @@
                    const struct mystr* p_user_str,
                    const struct mystr* p_pass_str)
 {
+#ifdef VSF_BUILD_SASL
+  if (!sasl_check(p_user_str, p_pass_str))
+#endif
   if (!vsf_sysdep_check_auth(p_user_str, p_pass_str, &p_sess->remote_ip_str))
   {
     return kVSFLoginFail;
diff -urN vsftpd-2.0.1/sysdeputil.c vsftpd-2.0.1+sasl/sysdeputil.c
--- vsftpd-2.0.1/sysdeputil.c	2004-07-02 13:25:55.000000000 +0200
+++ vsftpd-2.0.1+sasl/sysdeputil.c	2005-01-31 15:06:26.000000000 +0100
@@ -35,6 +35,10 @@
 #include <sys/param.h>
 #include <sys/uio.h>
 
+/* sasl */
+#ifdef VSF_BUILD_SASL
+#include <sasl/sasl.h>
+#endif
 /* Configuration.. here are the possibilities */
 #undef VSF_SYSDEP_HAVE_CAPABILITIES
 #undef VSF_SYSDEP_HAVE_SETKEEPCAPS
@@ -409,6 +413,25 @@
 
 #endif /* VSF_SYSDEP_HAVE_PAM */
 
+/* Sasl */
+#ifdef VSF_BUILD_SASL
+int sasl_check(char *username, char *password) {
+        sasl_conn_t *c;
+
+        if (SASL_OK!=sasl_server_init(NULL, "sample")) {
+                vsf_sysutil_syslog("error while sasl_server_init", 1);
+        } else if (SASL_OK!=sasl_server_new("ftp", NULL, NULL, NULL, NULL, NULL, 0, &c)) {
+                vsf_sysutil_syslog("error while sasl_server_new", 1);
+        } else if (SASL_OK==sasl_checkpass(c, username, vsf_sysutil_strlen(username), password, vsf_sysutil_strlen(password))) {
+                sasl_dispose(&c);
+                return 1;
+        }
+        sasl_dispose(&c);
+
+        return 0;
+}
+#endif
+
 /* Capabilities support (or lack thereof) */
 void
 vsf_sysdep_keep_capabilities(void)
diff -urN vsftpd-2.0.1/sysdeputil.h vsftpd-2.0.1+sasl/sysdeputil.h
--- vsftpd-2.0.1/sysdeputil.h	2003-01-25 04:34:41.000000000 +0100
+++ vsftpd-2.0.1+sasl/sysdeputil.h	2005-01-31 15:04:02.000000000 +0100
@@ -54,6 +54,9 @@
 /* File descriptor passing/receiving */
 void vsf_sysutil_send_fd(int sock_fd, int send_fd);
 int vsf_sysutil_recv_fd(int sock_fd);
+#ifdef VSF_BUILD_SASL
+int sasl_check(char *username, char *password);
+#endif
 
 #endif /* VSF_SYSDEPUTIL_H */
 
diff -urN vsftpd-2.0.1/vsf_findlibs.sh vsftpd-2.0.1+sasl/vsf_findlibs.sh
--- vsftpd-2.0.1/vsf_findlibs.sh	2004-07-02 18:48:24.000000000 +0200
+++ vsftpd-2.0.1+sasl/vsf_findlibs.sh	2005-01-31 14:54:37.000000000 +0100
@@ -23,6 +23,10 @@
   locate_library /usr/lib/libcrypt.so && echo "-lcrypt";
 fi
 
+if find_func sasl_check sysdeputil.o; then
+  locate_library /usr/lib/libsasl2.so && echo "-lsasl2";
+fi
+
 # Look for the dynamic linker library. Needed by older RedHat when
 # you link in PAM
 locate_library /lib/libdl.so && echo "-ldl";