The audit log (was: Q: gpgsm says "Unsupported certificate")

Mon Oct 10 20:54:37 CEST 2011

On Mon, 10 Oct 2011 19:11, albrecht.dress at arcor.de said:

> Would be great if gpgme could provide a little more information about such situations (although I would fully agree if you said that there is no good reason why a session manager should *not* start the agent...).

Actually there is a way to display a more readable report on failures
in gpgsm. 

   gpgsm --audit-log audit.log ....

or if you prefer a HTML formatted output, use --html-audit-log.

Kmail shows this audit log if you hit the details button.  Unfortunately
this feature has never been documented, maybe because it is not yet
complete and covers only a few error cases.  GPGME provides this
interface:

  /* Flags for the audit log functions.  */
  #define GPGME_AUDITLOG_HTML      1
  #define GPGME_AUDITLOG_WITH_HELP 128   /* A dummy for now.  */

  /* Return the auditlog for the current session.  This may be called
     after a successful or failed operation.  If no audit log is
     available GPG_ERR_NO_DATA is returned.  */
  gpgme_error_t gpgme_op_getauditlog_start
                                    (gpgme_ctx_t ctx, gpgme_data_t output,
                                            unsigned int flags);
  gpgme_error_t gpgme_op_getauditlog (gpgme_ctx_t ctx, gpgme_data_t output,
                                      unsigned int flags);

gpgme-tool supports this as well and it gives you an example on how to
use it.

Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.