* certreqgen.c (get_parameter_uint, create_request): Create
an extension for key usage when requested.
* gpgsm.c (main): Install emergency_cleanup also as an atexit
handler.
* verify.c (gpgsm_verify): Removed the separate error code
handling for KSBA. We use shared error codes anyway.
* export.c (export_p12): Removed debugging code.
* encrypt.c (gpgsm_encrypt): Put the session key in to secure memory.
* app-help.c (app_help_read_length_of_cert): Fixed calculation of
R_CERTOFF.
* pcsc-wrapper.c: New.
* Makefile.am (pkglib_PROGRAMS): Install it here.
* apdu.c (writen, readn): New.
(open_pcsc_reader, pcsc_send_apdu, close_pcsc_reader): Use the
pcsc-wrapper if we are using Pth.
(apdu_send_le): Reinitialize RESULTLEN. Handle SW_EOF_REACHED
like SW_SUCCESS.
Introduce PACKAGE_GT and set it to gnupg2.
* gpg-agent.c (main): Use new libgcrypt thread library register
scheme.
* Makevars (DOMAIN): Init from PACKAGE_GT
(export_p12_file): Read a certificate from STDIN and pass it to
p12_build. Detect a keygrip and construct the filename in that
case. Unprotcet a key if needed. Print error messages for key
formats we can't handle.
(release_passphrase): New.
(get_passphrase): New arg PROMPTNO. Return the allocated
string. Changed all callers.
* minip12.c: Revamped the build part.
(p12_build): New args CERT and CERTLEN.
* simple-pwquery.c (agent_open): Don't mangle INFOSTR.
* export.c (export_p12, popen_protect_tool)
(gpgsm_p12_export): New.
* gpgsm.c (main): New command --export-secret-key-p12.
* configure.ac: Removed the need for g10defs.h. Reworked the
--with-foo-pgm stuff.
* autogen.sh (check_version): Removed bashism and simplified.
* acinclude.m4 (AM_PATH_OPENSC): Kludge to avoid error output for
a bad opensc-config.
* sign.c (add_certificate_list): Decrement N for the first cert.
* Makefile.am (sbin_SCRIPTS): New, to install addgnupghome.
(EXTRA_DIST): Added rfc822parse.c rfc822parse.h gpgparsemail.c
which might be useful for debugging.
(cmd_encrypt): Add all enrypt-to marked certs to the list.
* encrypt.c (gpgsm_encrypt): Check that real recipients are
available.
* gpgsm.c (main): Make the --encrypt-to and --no-encrypt-to
options work. Pass the list of recients to gpgsm_server.
* gpgsm.h (certlist_s): Add field IS_ENCRYPT_TO.
(opt): Add NO_ENCRYPT_TO.
* certlist.c (gpgsm_add_to_certlist): New arg IS_ENCRYPT_TO.
Changed all callers and ignore duplicate entries.
(is_cert_in_certlist): New.
(gpgsm_add_cert_to_certlist): New.
structure, so that it can indeed be updated.
* card-util.c (fpr_is_zero): New.
(generate_card_keys): New.
(card_edit): New command "generate".
* keygen.c (generate_keypair): New arg CARD_SERIALNO, removed call
to check_smartcard.
(check_smartcard,show_smartcard): Removed.
(show_sha1_fpr,fpr_is_zero): Removed.
* app-openpgp.c (do_getattr): Support SERIALNO and AID.
* misc.c (openpgp_pk_algo_usage): Allow AUTH where SIGN is allowed.
* keygen.c (ask_passphrase): No need to allocated S2K in secure
memory.
* scdaemon.c (main): --pcsc-driver again defaults to pcsclite.
David Corcoran was so kind to remove the GPL incompatible
advertisng clause from pcsclite.
* apdu.c (apdu_open_reader): Actually make pcsc-driver option work.
* scdaemon.c, scdaemon.h: New option --disable-opensc.
* card.c (card_open): Implement it.
* apdu.c (open_osc_reader, osc_send_apdu): New.
(apdu_open_reader) [HAVE_OPENSC]: Use the opensc driver if not
disabled.
(error_string) [HAVE_OPENSC]: Use sc_strerror.
(send_apdu) [HAVE_OPENSC]: Call osc_apdu_send.
(ALL_LINGUAS): Removed all except for de. During development it
might not be a good idea to keep all of them - they get outdated
too soon and diff files will be far too large.