------------------------------------------------------------ revno: 13039 revision-id: squid3@treenet.co.nz-20131129042451-lgcc4cko7oz6r1m7 parent: squid3@treenet.co.nz-20131129042204-h05tb1twideppvbl fixes bug(s): http://bugs.squid-cache.org/show_bug.cgi?id=3782 author: Frederic Bourgeois committer: Amos Jeffries branch nick: 3.4 timestamp: Thu 2013-11-28 21:24:51 -0700 message: Bug 3782: Digest authentication not obeying nonce_max_count ------------------------------------------------------------ # Bazaar merge directive format 2 (Bazaar 0.90) # revision_id: squid3@treenet.co.nz-20131129042451-lgcc4cko7oz6r1m7 # target_branch: http://bzr.squid-cache.org/bzr/squid3/3.4 # testament_sha1: 6c2d51cfd3df0394b79362c7e6a7068b1b5cd512 # timestamp: 2013-11-29 04:30:22 +0000 # source_branch: http://bzr.squid-cache.org/bzr/squid3/3.4 # base_revision_id: squid3@treenet.co.nz-20131129042204-\ # h05tb1twideppvbl # # Begin patch === modified file 'src/auth/digest/UserRequest.cc' --- src/auth/digest/UserRequest.cc 2013-06-03 14:05:16 +0000 +++ src/auth/digest/UserRequest.cc 2013-11-29 04:24:51 +0000 @@ -149,14 +149,14 @@ digest_request->setDenyMessage("Incorrect password"); return; } + } - /* check for stale nonce */ - if (!authDigestNonceIsValid(digest_request->nonce, digest_request->nc)) { - debugs(29, 3, HERE << "user '" << auth_user->username() << "' validated OK but nonce stale"); - auth_user->credentials(Auth::Failed); - digest_request->setDenyMessage("Stale nonce"); - return; - } + /* check for stale nonce */ + if (!authDigestNonceIsValid(digest_request->nonce, digest_request->nc)) { + debugs(29, 3, "user '" << auth_user->username() << "' validated OK but nonce stale"); + auth_user->credentials(Auth::Failed); + digest_request->setDenyMessage("Stale nonce"); + return; } auth_user->credentials(Auth::Ok);