If passwords are encrypted with crypt-md5, then they should be 
prefixed with {crypt-md5} not {crypt}.

Ok, let's try to be clear.

I want password to be stored with crypt-md5 method, so it's already 
the case in the database, and the format is {crypt}$1$xxxxxxxxxxxxxxx 
(but it can be another method also, that's why it's prefixed)

Then I want to provide user a way to change their password and keep 
storing them with crypt-md5 method.

I've set encryption to crypt-md5 in passwd and show_encryption to true 
(I can have put encryption to any other method I think I'll get the 
same result as my password are already crypt-md5)

So to change the password the old one is reqested from the user, and 
the problem lie here:

In passwd/lib/Driver.php, in function comparePasswords
there is a call to Auth::getCryptedPassword to get the encrypted 
version of the old password given by the user that need to match the 
stored version.
As the method is stored with the password, 'crypt' is use as 
encryption for the old password, so the params given to 
Auth::getCryptedPassword are ('password', 
'{crypt}$1$1a9668b1$5uJT0BQW24EEtrVj/c4R2/', 'crypt', false)

And in lib/Horde/Auth.php in getCryptedPassword, the first task done 
is to recompute $salt, and if 'crypt' is used instead of 'crypt-md5' 
it reduce it to 3 chars instead of 13 (see the getSalt function).
If the salt is not recomputed, it works (I've tested).
So the call to crypt have to be done with the encrypted old password 
as second paremeter (or it's first 13 chars as it's done when 
'crypt-md5' is used as parameter in this function).

Hope this is clearer.

Sorry, I lost you. Can you explain again, which 
strings/salts/passwords are passed where, and where you think this is 
a bug?

So the problem of not passing the right encryption to 
Auth::getCryptedPassword is the Auth::getSalt function not the crypt 
one. The salt generated is not the same for crypt-md5 and crypt, so 
the old password given is encrypted with the crypt method and it 
cannot match the one previously stored that is a crypt-md5 one.

Maybe the Auth::getSalt shouldn't be called at all in the compare 
password case.

Indeed there is a bug as you cannot use crypt-md5 encryption even if 
the password was saved with passwd as the matching of the old password 
doesn't work.

But the correction has maybe to be done elsewhere, I check that.

This is not how crypt() works: http://php.net/crypt
crypt() should figure out itself from the salt which crypt algorithm 
to choose. If it doesn't, then PHP is broken, or the crypt method you 
are using is not supported by the system.

Here is a fix that works:

diff -urb passwd.old/lib/Driver.php passwd/lib/Driver.php
--- passwd.old/lib/Driver.php   2010-09-30 00:00:35.000000000 +0200
+++ passwd/lib/Driver.php       2010-09-29 23:39:17.000000000 +0200
@@ -3,7 +3,7 @@
   * Passwd_Driver:: defines an API for implementing password change 
systems for
   * Passwd.
   *
- * $Horde: passwd/lib/Driver.php,v 1.44.2.9 2008/10/24 16:48:50 jan Exp $
+ * $Horde: passwd/lib/Driver.php,v 1.44.2.10 2009-01-06 15:25:15 jan Exp $
   *
   * Copyright 2000-2009 The Horde Project (http://www.horde.org/)
   *
@@ -54,6 +54,9 @@
              if ($this->_params['driver'] == 'ldap' && $encryption == 'md5') {
                  $encryption = 'md5-base64';
              }
+           if ($encryption == 'crypt' && substr($encrypted, 0, 3) == '$1$') {
+               $encryption = 'crypt-md5';
+           }
          } else {
              $encryption = $this->_params['encryption'];
          }

when using show_encryption parameter, if the stored encryption is 
crypt, it cannot work with crypt-md5 as it will use the crypt method 
to compare password instead of crypt-md5

(it will not work with crypt-blowfish also)