Always set the status pointer, rather than passing a const string to the sign function

diff --git a/src/main.c b/src/main.c
index 9c3df1a1df2fd8837ee7a1316668277c1feba63f..2e8be42f830a0c00721fd270af8b1928e44a0685 100644 (file)
--- a/src/main.c
+++ b/src/main.c
@@ -316,16 +316,18 @@ static int handle_request(void * UNUSED(data),
 
        if (otp == NULL) {
                info = "otp";
+               status = "MISSING_PARAMETER";
                signature = sign_request(shared_secret, shared_secret_len,
-                                        info, "MISSING_PARAMETER", timestamp);
+                                        info, status, timestamp);
                send_response(conn, signature, status, NULL, timestamp);
                /* XXX free memory */
                return MHD_YES;
        }
 
        if (! yubikey_modhex_p(otp)) {
+               status = "BAD OTP";
                signature = sign_request(shared_secret, shared_secret_len,
-                                        NULL, "BAD OTP", timestamp);
+                                        NULL, status, timestamp);
                send_response(conn, signature, status, NULL, timestamp);
                /* XXX free memory */
                return MHD_YES;
@@ -343,8 +345,9 @@ static int handle_request(void * UNUSED(data),
        yubikey_parse((uint8_t*)(otp_token), (const uint8_t *)stats.secret_key, &token);
        if (!yubikey_crc_ok_p((void*)&token) ||
            memcmp(token.uid, stats.secret_uid, YUBIKEY_UID_SIZE) != 0) {
+               status = "BAD OTP";
                signature = sign_request(shared_secret, shared_secret_len,
-                                        NULL, "BAD OTP", timestamp);
+                                        NULL, status, timestamp);
                send_response(conn, signature, status, NULL, timestamp);
 
                /* XXX FIXME free memory */