Revision: bazaar--devo--1.3--patch-22
Archive: thelove@canonical.com
Creator: Canonical.com Patch Queue Manager <pqm@canonical.com>
Date: Thu Mar 10 21:48:09 GMT 2005
Standard-date: 2005-03-10 21:48:09 GMT
New-files: tests/.arch-ids/trustdb.gpg.id tests/trustdb.gpg
Modified-files: PLUGIN/auto baz/Makefile.in
    commands/tests/Makefile.in libarch/archive.c
    libarch/archive.h libarch/archives.c libarch/archives.h
    libarch/cached-archive.c libarch/pfs-signatures.c
    libarch/pfs-signatures.h libarch/tests/Makefile.in
    libinifile/inifile.c libinifile/inifile.h
    libinifile/tests/unit-inifile.c tests/test-mirror.sh
    tests/test-signing.sh
New-patches: robert.collins@canonical.com--general/bazaar--easy-gpg--1.3--patch-14
    robert.collins@canonical.com--general/bazaar--easy-gpg--1.3--patch-15
    robert.collins@canonical.com--general/bazaar--easy-gpg--1.3--patch-16
    robert.collins@canonical.com--general/bazaar--easy-gpg--1.3--patch-17
    robert.collins@canonical.com--general/bazaar--easy-gpg--1.3--patch-18
    robert.collins@canonical.com--general/bazaar--easy-gpg--1.3--patch-19
    robert.collins@canonical.com--general/bazaar--easy-gpg--1.3--patch-20
    robert.collins@canonical.com--general/bazaar--easy-gpg--1.3--patch-21
    robert.collins@canonical.com--general/bazaar--easy-gpg--1.3--patch-22
    robert.collins@canonical.com--general/bazaar--easy-gpg--1.3--patch-23
    robert.collins@canonical.com--general/bazaar--easy-gpg--1.3--patch-24
    robert.collins@canonical.com--general/bazaar--easy-gpg--1.3--patch-25
    thelove@canonical.com/bazaar--devo--1.3--patch-22
Summary: implement gpg signature checking via libgpgme
Keywords: 

Patches applied:

 * robert.collins@canonical.com--general/bazaar--easy-gpg--1.3--patch-14
   handle multi-line shell scripts (warn and do nothing) for updates

 * robert.collins@canonical.com--general/bazaar--easy-gpg--1.3--patch-15
   partial refactoring of checksum checking code to be more managable and give better feedback. also close a security hole with checksums

 * robert.collins@canonical.com--general/bazaar--easy-gpg--1.3--patch-16
   check when_unsigned archive policy setting

 * robert.collins@canonical.com--general/bazaar--easy-gpg--1.3--patch-17
   implement signature checking via gpgme for archive-registry configured archives

 * robert.collins@canonical.com--general/bazaar--easy-gpg--1.3--patch-18
   use the gpg decoded checksum rather than the literal one, removing the need for the awk check script

 * robert.collins@canonical.com--general/bazaar--easy-gpg--1.3--patch-19
   fixup test suite where it was being naughty with checksums

 * robert.collins@canonical.com--general/bazaar--easy-gpg--1.3--patch-20
   implement minimal allowed_fingerprints logic

 * robert.collins@canonical.com--general/bazaar--easy-gpg--1.3--patch-21
   full implementation of allowed_ids and allowed_fingerprints, and gpgme based signature checking

 * robert.collins@canonical.com--general/bazaar--easy-gpg--1.3--patch-22
   add trustdb.gpg

 * robert.collins@canonical.com--general/bazaar--easy-gpg--1.3--patch-23
   test interactions with fingerprints and ids

 * robert.collins@canonical.com--general/bazaar--easy-gpg--1.3--patch-24
   binaries that link against libarch need libgpgme too - i.e. tests

 * robert.collins@canonical.com--general/bazaar--easy-gpg--1.3--patch-25
   int is not size_t, kthnxbyue

