sasl_usererr - Remove information leak about accounts from sasl error codes

Synopsis

#include <sasl/sasl.h>

static int sasl_usererr(int saslerr)

Description

int sasl_usererr(int saslerr)

sasl_usererr is called to hide any potential data leaks to a client, by preventing a client from discovering if a username exists or if a user exists but the password is wrong.

Parameters:

• saslerr – specifies the error number to convert.

This function should be called before calling sasl_errstring(3) or sasl_errdetail(3) if information is being passed to a client.

Return Value

Returns a client-safe error code.

See Also

RFC 4422,:saslman:sasl(3), sasl_errdetail(3), sasl_errors(3), sasl_errstring(3)