- hkp: only verify the signhash, not the signature, with V3 signatures.
- hkp: fix: avoid encoding issues in user id: truncate to 256b.
- hkp: fix: unbreak V3 package signatures (and attempt V3 validation).
- hkp: fix: validate rpmdb pubkeys too.
- hkp: lazily setup/teardown the global awol/crl Bloom filters.
- hkp: use rpmhkp methods for pubkey imports.
- hkp: use rpmhkp methods for package signatures..
- hkp: use rpmhkp methods for clear-signed run-time dependency probes.
- hkp: use rpmhkpLoadSignature.
- hkp: expose rpmhkpLoadSignature.
- pgp: expose the pgpPkt_s internals.
- hkp: test for RPMRC_OK when validating.
- hkp: richer return codes from rpmhkpValidate.
- hkp: expose more methods, add industrial strength debugging spewage.
- hkp: eliminate pgpPrtPkts to load pubkey material.
- hkp: refactor pubkey material from rpmts -> rpmhkp.
- hkp: fix: unbreak package signatures (but creepy logic todo++).
- hkp: pull the trailing "...=0x" out of _hkp_keyserver_query.
- hkp: retrofit macro madness disablers for hkp:// lookups.
- hkp: permit string lookups.
- iob: increase max. buffer from 256Kb to 1Mb for pubkeys.
- hkp: add a rpmhkp object to manage hkp:// pubkey lookup/validate.
- digest: fix: don't count the trailing NUL for ascii digests.
- gc: truncate DSA digests to 160bits.
- bc: truncate DSA digests to 160bits.
- bc: fix: eliminate static buffer overflow.
- ssl: ensure RSA/DSA parameters are set.
- hkp: expose pubky/signature parameter setters.
- hkp: add a NULL sentinel to pgpGrabPkts packaet array.
- jbk: hkp: add PGPSIGTYPE_KEY_BINDING handling. never seen one *shrug*.
- hkp: expose pgpGrabPkts in loader maps.
- hkp: permit fingerprints on public subkeys.
- gcrypt: fix: convert hash as signed for RSA, unsigned for DSA.
- fix: save chroot value across embedded scriptlet execution.
from Przemyslaw Iskra <email address hidden>.
- tests: "make check" for CentOS5.4 passes.
- permit --with-neon=internal.
- beecrypt: permit --with-beecrypt=internal (w manual checkout/autogen)