Lily's hashing mechanism currently has no defense against hash flooding attacks. Having some defense against them is important if Lily is going to be used in combination with Apache or some other server. This will replace the current hash calculation mechanism in st.c. Here's what I have in mind:

• The configuration struct will have a sipkey field added to it. The interpreter will provide a default sipkey that does not depend on the environment. The interpreter will assume the key is not modified once the interpreter has executed.

• Hash api that doesn't take a state struct will now do so, in order to get the configuration's sipkey.

• This may allow simplifying the hash creation api into a single function by dispatching on the class id of values that are passed inside.