From 86e60b7ed30a21375a3b46e2dac810ee77778ff2 Mon Sep 17 00:00:00 2001
From: Frederic Bourgeois <fredbmail@free.fr>
Date: Thu, 28 Nov 2013 21:25:32 -0700
Subject: [PATCH] Bug 3782: Digest authentication not obeying nonce_max_count

---
 src/auth/digest/UserRequest.cc | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/src/auth/digest/UserRequest.cc b/src/auth/digest/UserRequest.cc
index 2d395d6905..5e12672c4e 100644
--- a/src/auth/digest/UserRequest.cc
+++ b/src/auth/digest/UserRequest.cc
@@ -149,14 +149,14 @@ Auth::Digest::UserRequest::authenticate(HttpRequest * request, ConnStateData * c
             digest_request->setDenyMessage("Incorrect password");
             return;
         }
+    }
 
-        /* check for stale nonce */
-        if (!authDigestNonceIsValid(digest_request->nonce, digest_request->nc)) {
-            debugs(29, 3, HERE << "user '" << auth_user->username() << "' validated OK but nonce stale");
-            auth_user->credentials(Auth::Failed);
-            digest_request->setDenyMessage("Stale nonce");
-            return;
-        }
+    /* check for stale nonce */
+    if (!authDigestNonceIsValid(digest_request->nonce, digest_request->nc)) {
+        debugs(29, 3, "user '" << auth_user->username() << "' validated OK but nonce stale");
+        auth_user->credentials(Auth::Failed);
+        digest_request->setDenyMessage("Stale nonce");
+        return;
     }
 
     auth_user->credentials(Auth::Ok);
-- 
2.47.2