Bug 3782: Digest authentication not obeying nonce_max_count

diff --git a/src/auth/digest/UserRequest.cc b/src/auth/digest/UserRequest.cc
index e9fc63012b7b6d2084ebfa65675503f40ae06f27..977169ba959de38d787c2551c455963935ce118d 100644 (file)
--- a/src/auth/digest/UserRequest.cc
+++ b/src/auth/digest/UserRequest.cc
@@ -149,14 +149,14 @@ Auth::Digest::UserRequest::authenticate(HttpRequest * request, ConnStateData * c
             digest_request->setDenyMessage("Incorrect password");
             return;
         }
+    }
 
-        /* check for stale nonce */
-        if (!authDigestNonceIsValid(digest_request->nonce, digest_request->nc)) {
-            debugs(29, 3, HERE << "user '" << auth_user->username() << "' validated OK but nonce stale");
-            auth_user->credentials(Auth::Failed);
-            digest_request->setDenyMessage("Stale nonce");
-            return;
-        }
+    /* check for stale nonce */
+    if (!authDigestNonceIsValid(digest_request->nonce, digest_request->nc)) {
+        debugs(29, 3, "user '" << auth_user->username() << "' validated OK but nonce stale");
+        auth_user->credentials(Auth::Failed);
+        digest_request->setDenyMessage("Stale nonce");
+        return;
     }
 
     auth_user->credentials(Auth::Ok);