- Reworked MD5-sess stuff. The semantics of userpw_hash() have been

  changed
  for it to return
      MD5(MD5(username ":" realm ":" password) ":" nonce ":" cnonce)
  instead of just
      MD5(username ":" realm ":" password)
  because one of the points of MD5-sess is to allow the info to be retrieved
  from login servers so that the server itself never has the full auth info
  (after all, MD5(u/r/p) is equivalent to the password for auth purposes).
  Some minor changes such as renaming get_session() to get_session_HA1()
  and adding internal checks were done too.

- Also, in order to allow for servers to share a realm the server-name
    and port have been removed from the nonce-hash. Even so, sharing the
  realm has problems - see the new comments at the beginning.

- Renamed all variables called "new" to something that won't cause
  problems
  under a C++ compiler.

- Some minor fixes.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@84692 13f79535-47bb-0310-9956-ffa450edef68