* findkey.c (modify_description): Keep invalid % escapes, so that

%0A may pass through.

* agent.h (server_control_s): New field USE_AUTH_CALL.
* call-scd.c (agent_card_pksign): Make use of it.
* command-ssh.c (data_sign): Set the flag.
(ssh_send_key_public): New arg OVERRIDE_COMMENT.
(card_key_available): Add new arg CARDSN.
(ssh_handler_request_identities): Use the card s/n as comment.
(sexp_key_extract): Use GCRYMPI_FMT_STD.
(data_sign): Ditto.

* learncard.c (make_shadow_info): Moved to ..
* protect.c (make_shadow_info): .. here. Return NULL on malloc
failure. Made global.
* agent.h: Add prototype.

* xasprintf.c (xtryasprintf): New.

* app-openpgp.c (get_public_key): Make sure not to return negative
numbers.
(do_sign): Allow passing of indata with algorithm prefix.
(do_auth): Allow OPENPGP.3 as an alternative ID.

* app.c (app_getattr): Return just the S/N but not the timestamp.

* no-libgcrypt.c (gcry_strdup): New.

agent/findkey.c

@@ -166,9 +166,7 @@ modify_description (const char *in, const char *comment, char **result)
       special = 0;
       for (i = 0; i < in_len; i++)
         {
-          if (in[i] == '%')
-            special = 1;
-          else if (special)
+          if (special)
             {
               special = 0;
               switch (in[i])
@@ -190,10 +188,19 @@ modify_description (const char *in, const char *comment, char **result)
                     out_len += comment_length;
                   break;
 
-                default: /* Invalid special sequences are ignored.  */
+                default: /* Invalid special sequences are kept as they are. */
+                  if (out)
+                    {
+                      *out++ = '%';
+                      *out++ = in[i];
+                    }
+                  else
+                    out_len+=2;
                   break;
                 }
             }
+          else if (in[i] == '%')
+            special = 1;
           else
             {
               if (out)