Library brute.lua allows specifying a number of retries for each credential guess with script argument brute.retries. The implemented counting is one off, so brute.retries=1 means that no retries are attempted and brute.retries=0 results in infinite looping.
This sounds like a disagreement between the name of the variable (retries) and the intent (tries). I tried to write up my thoughts, but ended up just writing a patch. Fix incoming; feel free to comment if you think I did the wrong thing.