diff -urdpNX /usr/share/dontdiff -x Makefile dovecot.vanilla/src/auth/db-sql.c dovecot/src/auth/db-sql.c
--- dovecot.vanilla/src/auth/db-sql.c	2006-06-27 12:02:08.742494840 +0400
+++ dovecot/src/auth/db-sql.c	2006-06-27 12:01:02.621546752 +0400
@@ -18,6 +18,7 @@ static struct setting_def setting_defs[]
 	DEF(SET_STR, connect),
 	DEF(SET_STR, password_query),
 	DEF(SET_STR, user_query),
+ 	DEF(SET_STR, update_query),
 	DEF(SET_STR, default_pass_scheme),
 
 	{ 0, NULL, 0 }
@@ -28,6 +29,7 @@ struct sql_settings default_sql_settings
 	MEMBER(connect) NULL,
 	MEMBER(password_query) "SELECT password FROM users WHERE userid = '%u'",
 	MEMBER(user_query) "SELECT home, uid, gid FROM users WHERE userid = '%u'",
+	MEMBER(update_query) "UPDATE users SET password = '%w' WHERE userid = '%u'",
 	MEMBER(default_pass_scheme) "PLAIN-MD5"
 };
 
diff -urdpNX /usr/share/dontdiff -x Makefile dovecot.vanilla/src/auth/db-sql.h dovecot/src/auth/db-sql.h
--- dovecot.vanilla/src/auth/db-sql.h	2006-06-27 12:02:08.742494840 +0400
+++ dovecot/src/auth/db-sql.h	2006-06-27 11:14:32.797664448 +0400
@@ -8,6 +8,7 @@ struct sql_settings {
 	const char *connect;
 	const char *password_query;
 	const char *user_query;
+	const char *update_query;
 	const char *default_pass_scheme;
 };
 
diff -urdpNX /usr/share/dontdiff -x Makefile dovecot.vanilla/src/auth/passdb-sql.c dovecot/src/auth/passdb-sql.c
--- dovecot.vanilla/src/auth/passdb-sql.c	2006-06-27 12:02:08.743494688 +0400
+++ dovecot/src/auth/passdb-sql.c	2006-06-27 12:01:02.621546752 +0400
@@ -7,6 +7,7 @@
 #include "str.h"
 #include "strescape.h"
 #include "var-expand.h"
+#include "safe-memset.h"
 #include "password-scheme.h"
 #include "auth-cache.h"
 #include "db-sql.h"
@@ -26,6 +27,7 @@ struct passdb_sql_request {
 	union {
 		verify_plain_callback_t *verify_plain;
                 lookup_credentials_callback_t *lookup_credentials;
+		set_credentials_callback_t *set_credentials;
 	} callback;
 };
 
@@ -175,6 +177,44 @@ static void sql_lookup_credentials(struc
         sql_lookup_pass(sql_request);
 }
 
+static int sql_set_credentials(struct auth_request *request,
+			       char *new_credentials,
+			       set_credentials_callback_t *callback)
+{
+	struct sql_passdb_module *module =
+		(struct sql_passdb_module *) request->passdb->passdb;
+	struct sql_transaction_context *transaction;
+	const char *error;
+	string_t *query;
+	int ret;
+
+	t_push();
+
+	request->mech_password = new_credentials;
+
+	query = t_str_new(512);
+	var_expand(query, module->conn->set.update_query, 
+		   auth_request_get_var_expand_table(request, auth_request_str_escape));
+	
+	transaction = sql_transaction_begin(module->conn->db);
+
+	sql_update(transaction, str_c(query));
+
+	ret = sql_transaction_commit_s(&transaction, &error);
+
+	callback(ret == 0 ? PASSDB_RESULT_OK : PASSDB_RESULT_INTERNAL_FAILURE,
+		 request);
+
+	if (ret < 0)
+		i_info("SQL error: %s", error);
+
+	safe_memset(str_c_modifyable(query), 0, str_len(query));
+
+	t_pop();
+
+	return 0;
+}
+
 static struct passdb_module *
 passdb_sql_preinit(struct auth_passdb *auth_passdb, const char *args)
 {
@@ -221,7 +261,8 @@ struct passdb_module_interface passdb_sq
 	passdb_sql_deinit,
        
 	sql_verify_plain,
-	sql_lookup_credentials
+	sql_lookup_credentials,
+	sql_set_credentials,
 };
 
 #endif