diff --git a/src/HttpServer.c b/src/HttpServer.c
index 149ff82..8988143 100644
--- a/src/HttpServer.c
+++ b/src/HttpServer.c
@@ -689,8 +689,6 @@ HttpServerEventThread(void *args)
         /* Don't even accept connections if the queue is full. */
         if (!QueueFull(server->connQueue))
         {
-            FILE *fp;
-
             connFd = accept(server->sd, (struct sockaddr *) & addr, &addrLen);
 
             if (connFd < 0)
diff --git a/src/UserInteractiveAuth.c b/src/UserInteractiveAuth.c
index 6440463..0a58216 100644
--- a/src/UserInteractiveAuth.c
+++ b/src/UserInteractiveAuth.c
@@ -68,7 +68,7 @@ UserInteractiveAuth(HttpServerContext * context, Db * db,
     {
         HashMap *response = NULL;
         HashMap *persist;
-        char *session = StrRandom(24);
+        char *sessionRand = StrRandom(24);
 
         ref = DbLock(db, 1, "user_interactive");
         if (!ref)
@@ -77,14 +77,14 @@ UserInteractiveAuth(HttpServerContext * context, Db * db,
         }
 
         persist = DbJson(ref);
-        HashMapSet(persist, session, JsonValueNull());
+        HashMapSet(persist, sessionRand, JsonValueNull());
         DbUnlock(db, ref);
 
         HttpResponseStatus(context, HTTP_UNAUTHORIZED);
         response = BuildDummyFlow();
 
         HashMapSet(response, "session",
-                   JsonValueString(StrDuplicate(session)));
+                   JsonValueString(StrDuplicate(sessionRand)));
 
         return response;
     }