* merged with apt--mvo

Patches applied:

 * michael.vogt@ubuntu.com--2005/apt--mvo--0--patch-65
   * inital support for "apt-get source -t dist" (but no downgrades yet

 * michael.vogt@ubuntu.com--2005/apt--mvo--0--patch-66
   * full support for apt-get source -t now (and honor pining too)

 * michael.vogt@ubuntu.com--2005/apt--mvo--0--patch-67
   * added APT::Authentication::Trust-CDROM option

 * michael.vogt@ubuntu.com--2005/apt--mvo--0--patch-68
   * fix a crash in apt-ftparchive

 * michael.vogt@ubuntu.com--2005/apt--mvo--0--patch-69
   * sparc64 alignment fix

 * michael.vogt@ubuntu.com--2005/apt--mvo--0--patch-70
   * fix segfault when there is no Archive for a VerFile

 * michael.vogt@ubuntu.com--2005/apt--mvo--0--patch-71
   * don't get candidate release as version tag for FindSrc by default. because it break for bin-NMUs :/ (e.g. dpkg source is 1.13.11, but i386 version string is 1.13.11.0.1)

 * michael.vogt@ubuntu.com--2005/apt--trust-cdrom--0--base-0
   tag of apt@packages.debian.org/apt--main--0--patch-79

 * michael.vogt@ubuntu.com--2005/apt--trust-cdrom--0--patch-1
   * implemented "TrustCDROM" mode

 * michael.vogt@ubuntu.com--2005/apt--trust-cdrom--0--patch-2
   * added APT::Authentication::TrustCDROM to the configure-index

7 files changed, 68 insertions, 18 deletions

diff --git a/apt-pkg/contrib/md5.h b/apt-pkg/contrib/md5.h
index 9e20f7cef..9447e9956 100644
--- a/apt-pkg/contrib/md5.h
+++ b/apt-pkg/contrib/md5.h
@@ -58,7 +58,7 @@ class MD5SumValue
 
 class MD5Summation
 {
-   unsigned char Buf[4*4];
+   uint32_t Buf[4];
    unsigned char Bytes[2*4];
    unsigned char In[16*4];
    bool Done;
diff --git a/apt-pkg/deb/debmetaindex.cc b/apt-pkg/deb/debmetaindex.cc
index 8dfbf7aff..ea53a847e 100644
--- a/apt-pkg/deb/debmetaindex.cc
+++ b/apt-pkg/deb/debmetaindex.cc
@@ -173,6 +173,10 @@ bool debReleaseIndex::IsTrusted() const
    string VerifiedSigFile = _config->FindDir("Dir::State::lists") +
       URItoFileName(MetaIndexURI("Release")) + ".gpg";
    
+   if(_config->FindB("APT::Authentication::Trust-CDROM", false))
+      if(URI.substr(0,strlen("cdrom:")) == "cdrom:")
+	 return true;
+   
    if (FileExists(VerifiedSigFile))
       return true;
    return false;
diff --git a/cmdline/apt-get.cc b/cmdline/apt-get.cc
index a22d881b6..6e17611cb 100644
--- a/cmdline/apt-get.cc
+++ b/cmdline/apt-get.cc
@@ -1190,24 +1190,54 @@ pkgSrcRecords::Parser *FindSrc(const char *Name,pkgRecords &Recs,
    string VerTag;
    string TmpSrc = Name;
    string::size_type Slash = TmpSrc.rfind('=');
+
+   // honor default release
+   string DefRel = _config->Find("APT::Default-Release");
+   pkgCache::PkgIterator Pkg = Cache.FindPkg(TmpSrc);
+
    if (Slash != string::npos)
    {
       VerTag = string(TmpSrc.begin() + Slash + 1,TmpSrc.end());
       TmpSrc = string(TmpSrc.begin(),TmpSrc.begin() + Slash);
+   } 
+   else  if(DefRel.empty() == false) 
+   {
+      // we have a default release, try to locate the pkg. we do it like
+      // this because GetCandidateVer() will not "downgrade", that means
+      // "apt-get source -t stable apt" won't work on a unstable system
+      for (pkgCache::VerIterator Ver = Pkg.VersionList(); Ver.end() == false; 
+	   Ver++)
+      {
+	 for (pkgCache::VerFileIterator VF = Ver.FileList(); VF.end() == false;
+	      VF++)
+	 {
+	    /* If this is the status file, and the current version is not the
+	       version in the status file (ie it is not installed, or somesuch)
+	       then it is not a candidate for installation, ever. This weeds
+	       out bogus entries that may be due to config-file states, or
+	       other. */
+	    if ((VF.File()->Flags & pkgCache::Flag::NotSource) == 
+		pkgCache::Flag::NotSource && Pkg.CurrentVer() != Ver)
+	    continue;
+	    
+	    //std::cout << VF.File().Archive() << std::endl;
+	    if(VF.File().Archive() && (VF.File().Archive() == DefRel)) 
+	    {
+	       VerTag = Ver.VerStr();
+	       break;
+	    }
+	 }
+      }
    }
-   
+
    /* Lookup the version of the package we would install if we were to
       install a version and determine the source package name, then look
-      in the archive for a source package of the same name. In theory
-      we could stash the version string as well and match that too but
-      today there aren't multi source versions in the archive. */
-   if (_config->FindB("APT::Get::Only-Source") == false && 
-       VerTag.empty() == true)
+      in the archive for a source package of the same name. */
+   if (_config->FindB("APT::Get::Only-Source") == false)
    {
-      pkgCache::PkgIterator Pkg = Cache.FindPkg(TmpSrc);
       if (Pkg.end() == false)
       {
-	 pkgCache::VerIterator Ver = Cache.GetCandidateVer(Pkg);      
+	 pkgCache::VerIterator Ver = Cache.GetCandidateVer(Pkg);
 	 if (Ver.end() == false)
 	 {
 	    pkgRecords::Parser &Parse = Recs.Lookup(Ver.FileList());
@@ -1265,10 +1295,7 @@ pkgSrcRecords::Parser *FindSrc(const char *Name,pkgRecords &Recs,
       }      
    }
    
-   if (Last == 0)
-      return 0;
-   
-   if (Last->Jump(Offset) == false)
+   if (Last == 0 || Last->Jump(Offset) == false)
       return 0;
    
    return Last;
diff --git a/configure.in b/configure.in
index 805056e91..9816858a8 100644
--- a/configure.in
+++ b/configure.in
@@ -18,7 +18,7 @@ AC_CONFIG_AUX_DIR(buildlib)
 AC_CONFIG_HEADER(include/config.h:buildlib/config.h.in include/apti18n.h:buildlib/apti18n.h.in)
 
 dnl -- SET THIS TO THE RELEASE VERSION --
-AC_DEFINE_UNQUOTED(VERSION,"0.6.41.0exp1")
+AC_DEFINE_UNQUOTED(VERSION,"0.6.41.0exp2")
 PACKAGE="apt"
 AC_DEFINE_UNQUOTED(PACKAGE,"$PACKAGE")
 AC_SUBST(PACKAGE)
diff --git a/debian/changelog b/debian/changelog
index ba00a87e5..605e56eab 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,16 @@
+apt (0.6.41.0exp2) experimental; urgency=low
+
+  * support for apt-get source -t (and honor pining) (closes: #152129)
+  * added "APT::Authentication::Trust-CDROM" option to make the life
+    for the installer people easier (closes: #334656)
+  * fix crash in apt-ftparchive (thanks to Bastian Blank for the patch)
+    (closes: #334671)
+  * apt-pkg/contrib/md5.cc:
+    - fix a alignment problem on sparc64 that gives random bus errors
+      (thanks to Fabbione for providing a test-case)
+
+ -- Michael Vogt <mvo@debian.org>  Wed, 19 Oct 2005 16:19:49 +0200
+
 apt (0.6.41.0exp1) experimental; urgency=low
 
   * apt-pkg/cdrom.cc:
@@ -10,8 +23,8 @@ apt (0.6.41.0exp1) experimental; urgency=low
     - patch-100: Completed Danish translation (Closes: #325686)
     - patch-104: French translation completed
     - patch-109: Italian translation completed
-    - patch-112: Swedish translation update
-    - patch-115: Basque translation completed
+    - patch-112: Swedish translation update 
+    - patch-115: Basque translation completed (Closes: #333299)
   * applied french man-page update (thanks to Philippe Batailler)
     (closes: #316318, #327456)
   * fix leak in the mmap code, thanks to Daniel Burrows for the
diff --git a/doc/examples/configure-index b/doc/examples/configure-index
index dee0c06ff..5ab84fe05 100644
--- a/doc/examples/configure-index
+++ b/doc/examples/configure-index
@@ -72,6 +72,11 @@ APT
      NoAct "false";
   };
 
+  Authentication
+  {
+     Trust-CDROM "false";            // consider the CDROM always trusted
+  };
+
   GPGV
   {
      TrustedKeyring "/etc/apt/trusted.gpg";
diff --git a/ftparchive/writer.cc b/ftparchive/writer.cc
index 0b68d0bbf..fc9ea27d7 100644
--- a/ftparchive/writer.cc
+++ b/ftparchive/writer.cc
@@ -581,8 +581,6 @@ bool SourcesWriter::DoPackage(string FileName)
 	 auto_ptr<Override::Item> Itm(BOver.GetItem(BinList[I]));
 	 if (Itm.get() == 0)
 	    continue;
-	 if (OverItem.get() == 0)
-	    OverItem = Itm;
 
 	 unsigned char NewPrioV = debListParser::GetPrio(Itm->Priority);
 	 if (NewPrioV < BestPrioV || BestPrio.empty() == true)
@@ -590,6 +588,9 @@ bool SourcesWriter::DoPackage(string FileName)
 	    BestPrioV = NewPrioV;
 	    BestPrio = Itm->Priority;
 	 }	 
+
+	 if (OverItem.get() == 0)
+	    OverItem = Itm;
       }
    }