cmd5checkpw reads descriptor 3 through end of file
and then closes descriptor 3.
There must be at most 512 bytes of data before end of file.
The information supplied on descriptor 3
is a login name terminated by \0,
a cram-md5 challenge terminated by \0,
and a cram-md5 response terminated by \0.
cmd5checkpw encrypts the challenge with keyed MD5 using passwords from
/etc/poppasswd. Its compared with response (3rd parameter) and if they are the same
execvp to run
subprogram with the given arguments.
If they differ then it returns -1.
If challenge and response differ,
cmd5checkpw exits 1.
cmd5checkpw is misused,
it may instead exit 2.
If there is a temporary problem checking the password,
cmd5checkpw exits 111.
cmd5checkpw also tries to compare the supplied password with the password
in the /etc/poppasswd file so it can be used as a plain-text checkpassword
for PLAIN & LOGIN authtype (but we recommend using a crypted version for
security reasons). To use it, simply provide it with clear text password
as a challenge.