win32-eventlog 0.5.3 → 0.6.0

data/lib/win32/mc.rb

@@ -1,118 +1,120 @@
-# The Win32 module serves as a namespace only.
-module Win32
-   
-   # The MC class encapsulates the mc (eventlog message compiler) commands.
-   class MC
-      
-      # Raised if any of the MC methods fail.
-      class Error < StandardError; end;
-      
-      # The version of the win32-mc library.
-      VERSION = '0.1.5'
-		
-      # The name of the message category file initially processed.
-      attr_accessor :mc_file
-      
-      # The name of the resource file generated by the mc command.
-      attr_accessor :res_file
-      
-      # The name of the dll file generated by the link command.
-      attr_accessor :dll_file
-		
-		# Accepts three file names as arguments and returns an MC object.  The
-      # +mc_file+ is the name of the .mc file to be used to ultimately
-      # generate the .dll file.
-      #
-      # If +res_file+ or +dll_file+ are not specified, then the basename
-      # of +mc_file+ is used to generate their names, with .res and .dll
-      # extensions, respectively.
-      # 
-      def initialize(mc_file, res_file=nil, dll_file=nil)
-         @mc_file = mc_file
-			
-         if res_file
-            @res_file = res_file
-         else
-            @res_file = File.basename(mc_file, '.mc') + '.res'
-         end
-			
-         if dll_file
-            @dll_file = dll_file
-         else
-            @dll_file = File.basename(mc_file, '.mc') + '.dll'
-         end
-      end
-		
-		# Uses the message compiler (mc) program to generate the .h and .rc
-		# files based on the .mc (message category) file.  This method must
-		# be called before MC#create_res_file or MC#create_dll_file.
-		# 
-      def create_header
-         system("mc #{@mc_file}")
-      end
-		
-		# Creates the .res (resource) file from the .rc file generated by the
-		# MC#create_header method.  Raises an MC::Error if the .rc file is not
-		# found.
-      # 
-      def create_res_file
-         rc_file = File.basename(@mc_file, '.mc') + '.rc'
-         unless File.exists?(rc_file)
-            raise MC::Error, "No .rc file found: #{@rc_file}"
-         end
-         system("rc -r -fo #{@res_file} #{rc_file}")
-      end
-		
-		# Creates the .dll file from the .res file generated by the
-		# MC#create_res_file method.  Raises an MC::Error if the .res file is not
-		# found.
-		# 
-      def create_dll_file
-         unless File.exists?(@res_file)
-			   raise MC::Error, "No .res file found: #{@res_file}"
-         end
-         system("link -dll -noentry -out:#{@dll_file} #{@res_file}")
-      end
-		
-		# A shortcut for MC#create_header + MC#create_res_file +
-		# MC#create_dll_file.
-		# 
-      def create_all
-         create_header
-         create_res_file
-         create_dll_file
-      end
-		
-		# Delete .h, .rc and .res files created from the corresponding
-		# .mc file (but *not* the .dll file).  This also deletes all MSG*.bin
-		# files in the current directory.
-		#
-      def clean
-         base = File.basename(@mc_file, '.mc')
-         %w/.h .rc .res/.each do |ext|
-            file = base + ext
-            File.delete(file) if File.exists?(file)
-         end
-         Dir["MSG*.bin"].each do |binfile|
-            File.delete(binfile)
-         end
-      end
-   end
-end
-
-if $PROGRAM_NAME == __FILE__
-	mc_file = ARGV[0]
-	
-	if mc_file
-	   mc_file.chomp!
-	else
-		msg = "Usage: ruby mc.rb 'filename.mc'"
-		raise Win32::MC::Error, msg
-	end
-	
-	m = Win32::MC.new(mc_file)
-	m.create_header
-	m.create_res_file
-	m.create_dll_file
-	puts "MC finished"
-end
+# The Win32 module serves as a namespace only.
+module Win32
+
+  # The MC class encapsulates the mc (eventlog message compiler) commands.
+  class MC
+
+    # Raised if any of the MC methods fail.
+    class Error < StandardError; end;
+
+    # The version of the win32-mc library.
+    VERSION = '0.1.6'
+
+    # The name of the message category file initially processed.
+    attr_accessor :mc_file
+
+    # The name of the resource file generated by the mc command.
+    attr_accessor :res_file
+
+    # The name of the dll file generated by the link command.
+    attr_accessor :dll_file
+
+    # Accepts three file names as arguments and returns an MC object.  The
+    # +mc_file+ is the name of the .mc file to be used to ultimately
+    # generate the .dll file.
+    #
+    # If +res_file+ or +dll_file+ are not specified, then the basename
+    # of +mc_file+ is used to generate their names, with .res and .dll
+    # extensions, respectively.
+    #
+    def initialize(mc_file, res_file=nil, dll_file=nil)
+      @mc_file = mc_file
+
+      if res_file
+        @res_file = res_file
+      else
+        @res_file = File.basename(mc_file, '.mc') + '.res'
+      end
+
+      if dll_file
+        @dll_file = dll_file
+      else
+        @dll_file = File.basename(mc_file, '.mc') + '.dll'
+      end
+    end
+
+    # Uses the message compiler (mc) program to generate the .h and .rc
+    # files based on the .mc (message category) file.  This method must
+    # be called before MC#create_res_file or MC#create_dll_file.
+    #
+    def create_header
+      system("mc #{@mc_file}")
+    end
+
+    # Creates the .res (resource) file from the .rc file generated by the
+    # MC#create_header method.  Raises an MC::Error if the .rc file is not
+    # found.
+    #
+    def create_res_file
+      rc_file = File.basename(@mc_file, '.mc') + '.rc'
+      unless File.exists?(rc_file)
+        raise MC::Error, "No .rc file found: #{@rc_file}"
+      end
+      system("rc -r -fo #{@res_file} #{rc_file}")
+    end
+
+    # Creates the .dll file from the .res file generated by the
+    # MC#create_res_file method.  Raises an MC::Error if the .res file is not
+    # found.
+    #
+    def create_dll_file
+      unless File.exists?(@res_file)
+        raise MC::Error, "No .res file found: #{@res_file}"
+      end
+      system("link -dll -noentry -out:#{@dll_file} #{@res_file}")
+    end
+
+    # A shortcut for MC#create_header + MC#create_res_file +
+    # MC#create_dll_file.
+    #
+    def create_all
+      create_header
+      create_res_file
+      create_dll_file
+    end
+
+    # Delete .h, .rc and .res files created from the corresponding
+    # .mc file (but *not* the .dll file).  This also deletes all MSG*.bin
+    # files in the current directory.
+    #
+    def clean
+      base = File.basename(@mc_file, '.mc')
+
+      %w[.h .rc .res].each do |ext|
+        file = base + ext
+        File.delete(file) if File.exists?(file)
+      end
+
+      Dir["MSG*.bin"].each do |binfile|
+        File.delete(binfile)
+      end
+    end
+  end
+end
+
+if $PROGRAM_NAME == __FILE__
+  mc_file = ARGV[0]
+
+  if mc_file
+     mc_file.chomp!
+  else
+    msg = "Usage: ruby mc.rb 'filename.mc'"
+    raise Win32::MC::Error, msg
+  end
+
+  m = Win32::MC.new(mc_file)
+  m.create_header
+  m.create_res_file
+  m.create_dll_file
+  puts "MC finished"
+end

data/lib/win32/windows/constants.rb

@@ -0,0 +1,56 @@
+module Windows
+  module Constants
+    private
+
+    EVENTLOG_SEQUENTIAL_READ = 0x0001
+    EVENTLOG_SEEK_READ       = 0x0002
+    EVENTLOG_FORWARDS_READ   = 0x0004
+    EVENTLOG_BACKWARDS_READ  = 0x0008
+
+    EVENTLOG_SUCCESS          = 0x0000
+    EVENTLOG_ERROR_TYPE       = 0x0001
+    EVENTLOG_WARNING_TYPE     = 0x0002
+    EVENTLOG_INFORMATION_TYPE = 0x0004
+    EVENTLOG_AUDIT_SUCCESS    = 0x0008
+    EVENTLOG_AUDIT_FAILURE    = 0x0010
+
+    EVENTLOG_FULL_INFO = 0
+
+    HKEY_LOCAL_MACHINE = 0x80000002
+
+    REG_OPTION_NON_VOLATILE = 0
+    REG_DWORD = 4
+    REG_EXPAND_SZ = 2
+
+    ERROR_SUCCESS = 0
+    ERROR_INSUFFICIENT_BUFFER = 122
+
+    BUFFER_SIZE = 1024 * 64
+    MAX_SIZE    = 512
+    MAX_STRINGS = 16
+    INFINITE    = 0xFFFFFFFF
+    WAIT_FAILED = 0xFFFFFFFF
+
+    BASE_KEY = "SYSTEM\\CurrentControlSet\\Services\\EventLog\\"
+
+    STANDARD_RIGHTS_READ  = 0x20000
+    STANDARD_RIGHTS_WRITE = 0x20000
+    SYNCHRONIZE           = 0x100000
+
+    KEY_QUERY_VALUE    = 0x0001
+    KEY_SET_VALUE      = 0x0002
+    KEY_CREATE_SUB_KEY = 0x0004
+    KEY_ENUMERATE_SUB_KEYS = 0x0008
+    KEY_NOTIFY = 0x0010
+
+    KEY_WRITE = (STANDARD_RIGHTS_WRITE|KEY_SET_VALUE|KEY_CREATE_SUB_KEY) & (~SYNCHRONIZE)
+    KEY_READ = (STANDARD_RIGHTS_READ|KEY_QUERY_VALUE|KEY_ENUMERATE_SUB_KEYS| KEY_NOTIFY) & (~SYNCHRONIZE)
+
+    DONT_RESOLVE_DLL_REFERENCES = 0x00000001
+    LOAD_LIBRARY_AS_DATAFILE    = 0x00000002
+
+    FORMAT_MESSAGE_IGNORE_INSERTS = 0x00000200
+    FORMAT_MESSAGE_FROM_HMODULE   = 0x00000800
+    FORMAT_MESSAGE_ARGUMENT_ARRAY = 0x00002000
+  end
+end

data/lib/win32/windows/functions.rb

@@ -0,0 +1,51 @@
+require 'ffi'
+
+module Windows
+  module Functions
+    extend FFI::Library
+    ffi_lib :advapi32
+
+    typedef :uintptr_t, :handle
+    typedef :uintptr_t, :hkey
+    typedef :ulong, :dword
+    typedef :ushort, :word
+
+    attach_function :BackupEventLog, :BackupEventLogA, [:handle, :string], :bool
+    attach_function :ClearEventLog, :ClearEventLogA, [:handle, :string], :bool
+    attach_function :CloseEventLog, [:handle], :bool
+    attach_function :GetOldestEventLogRecord, [:handle, :pointer], :bool
+    attach_function :GetEventLogInformation, [:handle, :dword, :pointer, :dword, :pointer], :bool
+    attach_function :GetNumberOfEventLogRecords, [:handle, :pointer], :bool
+    attach_function :LookupAccountSid, :LookupAccountSidA, [:string, :pointer, :pointer, :pointer, :pointer, :pointer, :pointer], :bool
+    attach_function :OpenEventLog, :OpenEventLogA, [:string, :string], :handle
+    attach_function :OpenBackupEventLog, :OpenBackupEventLogA, [:string, :string], :handle
+    attach_function :NotifyChangeEventLog, [:handle, :handle], :bool
+    attach_function :ReadEventLog, :ReadEventLogA, [:handle, :dword, :dword, :buffer_out, :dword, :pointer, :pointer], :bool
+    attach_function :RegCloseKey, [:hkey], :long
+    attach_function :RegConnectRegistry, :RegConnectRegistryA, [:string, :hkey, :pointer], :long
+    attach_function :RegCreateKeyEx, :RegCreateKeyExA, [:hkey, :string, :dword, :string, :dword, :dword, :pointer, :pointer, :pointer], :long
+    attach_function :RegisterEventSource, :RegisterEventSourceA, [:string, :string], :handle
+    attach_function :RegOpenKeyEx, :RegOpenKeyExA, [:hkey, :string, :dword, :ulong, :pointer], :long
+    attach_function :RegQueryValueEx, :RegQueryValueExA, [:hkey, :string, :pointer, :pointer, :pointer, :pointer], :long
+    attach_function :RegSetValueEx, :RegSetValueExA, [:hkey, :string, :dword, :dword, :pointer, :dword], :long
+    attach_function :ReportEvent, :ReportEventA, [:handle, :word, :word, :dword, :pointer, :word, :dword, :pointer, :pointer], :bool
+
+    ffi_lib :kernel32
+
+    attach_function :CloseHandle, [:handle], :bool
+    attach_function :CreateEvent, :CreateEventA, [:pointer, :bool, :bool, :string], :handle
+    attach_function :ExpandEnvironmentStrings, :ExpandEnvironmentStringsA, [:string, :pointer, :dword], :dword
+    attach_function :FormatMessage, :FormatMessageA, [:dword, :uintptr_t, :dword, :dword, :pointer, :dword, :pointer], :dword
+    attach_function :FreeLibrary, [:handle], :bool
+    attach_function :LoadLibraryEx, :LoadLibraryExA, [:string, :handle, :dword], :handle
+    attach_function :WaitForSingleObject, [:handle, :dword], :dword
+    attach_function :Wow64DisableWow64FsRedirection, [:pointer], :bool
+    attach_function :Wow64RevertWow64FsRedirection, [:ulong], :bool
+
+    ffi_lib :wevtapi
+
+    attach_function :EvtClose, [:handle], :bool
+    attach_function :EvtOpenPublisherMetadata, [:handle, :buffer_in, :buffer_in, :dword, :dword], :handle
+    attach_function :EvtGetPublisherMetadataProperty, [:handle, :int, :dword, :dword, :pointer, :pointer], :bool
+  end
+end

data/lib/win32/windows/helper.rb

@@ -0,0 +1,13 @@
+class String
+  # Convenience method for converting strings to UTF-16LE for wide character
+  # functions that require it.
+  def wincode
+    (self.tr(File::SEPARATOR, File::ALT_SEPARATOR) + 0.chr).encode('UTF-16LE')
+  end
+
+  # Read a wide character string up until the first double null, and delete
+  # any remaining null characters.
+  def read_wide
+    self[/^.*?(?=\x00{2})/].delete(0.chr)
+  end
+end

data/lib/win32/windows/structs.rb

@@ -0,0 +1,30 @@
+require 'ffi'
+
+module Windows
+  module Structs
+    extend FFI::Library
+    typedef :ulong, :dword
+    typedef :ushort, :word
+
+    class EVENTLOGRECORD < FFI::Struct
+      layout(
+        :Length, :dword,
+        :Reserved, :dword,
+        :RecordNumber, :dword,
+        :TimeGenerated, :dword,
+        :TimeWritten, :dword,
+        :EventID, :dword,
+        :EventType, :word,
+        :NumStrings, :word,
+        :EventCategory, :word,
+        :ReservedFlags, :word,
+        :ClosingRecordNumber, :dword,
+        :StringOffset, :dword,
+        :UserSidLength, :dword,
+        :UserSidOffset, :dword,
+        :DataLength, :dword,
+        :DataOffset, :dword
+      )
+    end
+  end
+end

data/misc/install_msg.rb

@@ -1,46 +1,46 @@
-###############################################################################
-# install_msg.rb
-#
-# This script will create a 'RubyMsg' event source in your registry.  All of
-# the relevant files will be copied to the 'rubymsg' directory under C:\ruby,
-# or wherever your toplevel Ruby installation directory is located.  By
-# default, this will be installed in the 'Application' log.  If you wish to
-# change that, change the word 'Application' to either 'Security' or 'System'
-# (or your own custom log).
-#
-# DO NOT MOVE THE DLL FILE ONCE IT IS INSTALLED.  If you do, you will have
-# to delete the registry entry and reinstall the event source pointing to the
-# proper directory.
-#
-# You should only run this script *after* you have installed win32-eventlog.
-###############################################################################
-require 'rbconfig'
-require 'fileutils'
-require 'win32/eventlog'
-require 'win32/mc'
-include Win32
-
-msg_dir  = File.join(Config::CONFIG['prefix'], 'rubymsg')
-msg_file = 'rubymsg.mc'
-
-Dir.mkdir(msg_dir) unless File.exists?(msg_dir)
-FileUtils.cp('misc/rubymsg.mc', msg_dir)
-Dir.chdir(msg_dir)
-
-mc = Win32::MC.new(msg_file)
-mc.create_all
-
-puts ".dll created"
-
-dll_file = File.expand_path(m.dll_file)
-
-# Change 'Application' to whatever you feel is appropriate
-Win32::EventLog.add_event_source(
-  :source                => "Application",
-  :key_name              => "RubyMsg",
-  :category_count        => 3,
-  :event_message_file    => dll_file,
-  :category_message_file => dll_file
-)
-
-puts "Event source 'RubyMsg' added to registry"
+###############################################################################
+# install_msg.rb
+#
+# This script will create a 'RubyMsg' event source in your registry. All of
+# the relevant files will be copied to the 'rubymsg' directory under C:\ruby,
+# or wherever your toplevel Ruby installation directory is located. By default
+# this will be installed in the 'Application' log. If you wish to change that
+# then change the word 'Application' to either 'Security' or 'System' (or your
+# own custom log).
+#
+# DO NOT MOVE THE DLL FILE ONCE IT IS INSTALLED. If you do, you will have
+# to delete the registry entry and reinstall the event source pointing to the
+# proper directory.
+#
+# You should only run this script *after* you have installed win32-eventlog.
+###############################################################################
+require 'rbconfig'
+require 'fileutils'
+require 'win32/eventlog'
+require 'win32/mc'
+include Win32
+
+msg_dir  = File.join(RbConfig::CONFIG['prefix'], 'rubymsg')
+msg_file = 'rubymsg.mc'
+
+Dir.mkdir(msg_dir) unless File.exists?(msg_dir)
+FileUtils.cp('misc/rubymsg.mc', msg_dir)
+Dir.chdir(msg_dir)
+
+mc = Win32::MC.new(msg_file)
+mc.create_all
+
+puts ".dll created"
+
+dll_file = File.expand_path(mc.dll_file)
+
+# Change 'Application' to whatever you feel is appropriate
+Win32::EventLog.add_event_source(
+  :source                => "Application",
+  :key_name              => "RubyMsg",
+  :category_count        => 3,
+  :event_message_file    => dll_file,
+  :category_message_file => dll_file
+)
+
+puts "Event source 'RubyMsg' added to registry"