You can clone with
HTTPS or Subversion.
passwd-file parsing rewrite
as i suspected, the pointer math when stepping through the passwd file
was not quite up to snuff.
moved cleanup_list init out of conf-file parsing routines
previously the array would not be allocated if the auth_digest_shm_size
directive was not used in nginx.conf leading to a deadlock
added support for the Authentication-Info header
does any browser actually make use of this though?
corrected race condition in nc flagging
nc flags were being flipped by any request specifying them, not just
error handling and hash verification fixes
malloc-related errors were not being propagated back the the request
authentication no longer bails out as soon as a mismatch is found (to
combat timing attacks)
fixed fd-leak in the passwd-reader
moved the session cache's cleanup routine into an async timer rather …
…than running it in every request handler
Typos & cleanup