we don't want to do checksumming of existing files unless it's
in a protected directory. also, we keep the original file if it's
*modified*.

avoids some copying and system calls.

and force checksumming only when unpacking archive. otherwise
it's extra computation for nothing.

apparently the double colon rule dependencies affect only the
specific rule-set.

otherwise bad things happens. avoid this be checking end of
stream at the beginning of read.

and use that to figure if questions are allowed or not instead
of the verbosity level.

this dependency is now inserted automatically by abuild.

use the package 'installed_size' == 0 as a test instead for
dependency only packages.

this enables virtual packages and files specified from command
line to work on non-harddisk installs.

Otherwise will link(2) fail since it does not exist.

can't cancel an index reading or we lose signature checking.

when failed to load an existing index.

and do not remove modified configuration files unless --purge is
specified.

to check system files for changes.

fixes verification of non-repository packages while installing
them. this is final thing needed for full signing support
(fixes #46).

make sure cache is enabled on non-permanent rootfs setups.
some optimizations and fixes too.

smaller callback and less cases to check. also reintroduce the
oneshot digest flag, hopefully correct this time.

we might have done already something.

to not make hard error of untrusted or missing signatures

- error codes for verification failure types
- fix some fdb corruption on file migration
- combine some dependency parsing code
- fix versioned dependencies

do not overwrite untracked files.

- extract everything as .apk-new and overwrite only after data
  has been checksummed
- url construction fixes (to work with simple http servers)
- end of gunzip stream fixed
- remove oneshot digesting flag for now as it's usage was broken

to make sure the scripts have not been altered.

the unflushed data when closing file can be several thousand kiloes,
loop until all is written out.

prefer index in the new format as signed .tar.gz.