I've done some more investigation into my authentifcation issue.  The first problem was that the MD5 encryption technique that SASL used to check plaintext passwords used a salt.  This is something that the passwords I have don't use.  I modified the checkpw.c file in sasl2 to disable that function.  I've also added a few lines to log the secret it's trying to compare the password with to the system log.  The result for my test password was "YjM-^VÌ{ù^PM-^LØM-^Vó<D®ÜM-".  That doesn't look line any of the encodings MySQL will produce.

Later, I think I'll try to get it to print out the cram-md5 and digest-md5 secrets that it makes.  One of those might be closer.