--- auth_pam.c	Sun May 15 08:34:43 2005
+++ /home/imil/src/auth_pam.c	Mon Nov 14 12:15:11 2005
@@ -44,6 +44,7 @@
 
 /* PUBLIC DEPENDENCIES */
 #include "mechanisms.h"
+#include "globals.h"
 #include <stdio.h>
 
 #ifdef HAVE_CONFIG_H
@@ -180,6 +181,8 @@
 
 /* FUNCTION: auth_pam */
 
+#define FMTSTR ",fmt:" /* rewrite string separator */
+
 char *					/* R: allocated response string */
 auth_pam (
   /* PARAMETERS */
@@ -195,16 +198,51 @@
     struct pam_conv my_conv;		/* pam conversion data */
     pam_handle_t *pamh;			/* pointer to PAM handle */
     int rc;				/* return code holder */
+	char *rewrite_format;		/* mech_option */
+	char newlogin[BUFSIZ];		/* rewritten login */
     /* END VARIABLES */
 
-    my_appdata.login = login;
+	/* default */
+	strncpy(newlogin, login, BUFSIZ);
+
+	/* option specified ? */
+	if ((mech_option != NULL) && (strstr(mech_option, FMTSTR) != NULL)) {
+		char *sep, *ptmp;
+
+		/* isolate separator */
+		sep = strdup(mech_option);
+		ptmp = strstr(sep, FMTSTR);
+		*ptmp = '\0';
+
+		/* login matches separator */
+		if (strstr(login, sep)) {
+			char *userlogin, *domain;
+			uint8_t seplen;
+
+			seplen = strlen(sep);
+
+			userlogin = strdup(login);
+			domain = strstr(userlogin, sep);
+			*domain = '\0';
+			domain += seplen;
+
+			rewrite_format = mech_option + seplen + strlen(FMTSTR);
+
+			snprintf(newlogin, BUFSIZ , rewrite_format, userlogin, domain);
+
+			free(userlogin);
+		} /* if strchr(login, sep) */
+		free(sep);
+	} /* if strstr(mech_option, FMTSTR) */
+
+    my_appdata.login = newlogin;
     my_appdata.password = password;
     my_appdata.pamh = NULL;
 
     my_conv.conv = saslauthd_pam_conv;
     my_conv.appdata_ptr = &my_appdata;
 
-    rc = pam_start(service, login, &my_conv, &pamh);
+    rc = pam_start(service, newlogin, &my_conv, &pamh);
     if (rc != PAM_SUCCESS) {
 	syslog(LOG_DEBUG, "DEBUG: auth_pam: pam_start failed: %s",
 	       pam_strerror(pamh, rc));