Return value from get_data_for_uid and check it

Previously, we would accept any valid OTP we had data for, stop doing
that and return a useful value telling the caller if we actually
suceeded getting useful data back.

diff --git a/src/main.c b/src/main.c
index d6cf48c25db549eee7728e4cf4a75798e9e9b0c4..174a896e7267cd3cb0ff93d8d0f48a86a77be59f 100644 (file)
--- a/src/main.c
+++ b/src/main.c
@@ -343,7 +343,7 @@ static int get_data_for_uid(char *uid, struct ykc_stats *stats)
 
 free_mem:
        PQclear(res);
-       return 0;
+       return r;
 }
 
 static int handle_request(void * UNUSED(data),
@@ -414,8 +414,13 @@ static int handle_request(void * UNUSED(data),
        /* Validate OTP */
        /* Find public uid, if possible */
        split_otp(otp, &uid, &otp_token);
-       get_data_for_uid(uid, &stats);
-
+       if (get_data_for_uid(uid, &stats) < 0) {
+               status = "BAD_OTP";
+               signature = sign_request(shared_secret, shared_secret_len,
+                                        NULL, status, timestamp);
+               send_response(conn, signature, status, NULL, timestamp);
+               goto free_mem;
+       }
        /* Argh, yubikey_parse takes in one modhex-ed token (but
         * requires us to strip the public id first, and an unencoded aes key*/
        yubikey_parse((uint8_t*)(otp_token), (const uint8_t *)stats.secret_key, &token);