I was looking at mod_auth_digest and bug 16057. Currently the shared memory code in that module is disabled, and it turns out that has effects throughout the module, such as disabling all client tracking, nonce-count checking, MD5-sess, and probably other things.
I wonder if this does anything useful at all in its current state? Regardless, I might take a stab at cleaning some of that up, if nobody else is working on it already. -- Dan Poirier <poir...@pobox.com>