win32-eventlog 0.4.8 → 0.4.9

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. data/CHANGES +9 -0
  2. data/README +5 -1
  3. data/lib/win32/eventlog.rb +255 -222
  4. data/win32-eventlog.gemspec +1 -1
  5. metadata +4 -5
data/CHANGES CHANGED
@@ -1,3 +1,12 @@
1
+ = 0.4.9 - 7-Sep-2008
2
+ * The private get_description method, which is used internally to read the
3
+ event log, has been updated to work with 64 bit Windows. The changes needed
4
+ for this require a more recent windows-pr library, i.e. 0.9.2 or later.
5
+ * Now properly separates the string inserts and description in the private
6
+ method get_last_event. This fixes the description and string_insert
7
+ properties for both the EventLog#tail and EventLog#notify_change methods.
8
+ * Some internal refactoring to use begin/ensure where appropriate.
9
+
1
10
  = 0.4.8 - 17-May-2008
2
11
  * Fixed in a bug in the EventLog#read method where a log entry requiring
3
12
  over 64k would fail and spiral into an infinite loop. Thanks go to
data/README CHANGED
@@ -50,7 +50,11 @@
50
50
  them somewhere on your system.
51
51
 
52
52
  = Known Issues
53
- None known. Please file any bug reports on the project page at
53
+ Not all event descriptions from Windows Vista/2008 or later will necessarily
54
+ be picked up because of a new event logging format and api that Microsoft
55
+ has introduced. This will be addressed in the next major release.
56
+
57
+ Please file any bug reports on the project page at
54
58
  http://www.rubyforge.org/projects/win32utils.
55
59
 
56
60
  = License
data/lib/win32/eventlog.rb CHANGED
@@ -37,7 +37,8 @@ module Win32
37
37
  extend Windows::Error
38
38
  extend Windows::Registry
39
39
 
40
- VERSION = '0.4.8'
40
+ # The version of the win32-eventlog library
41
+ VERSION = '0.4.9'
41
42
 
42
43
  # Aliased read flags
43
44
  FORWARDS_READ = EVENTLOG_FORWARDS_READ
@@ -170,8 +171,15 @@ module Win32
170
171
  def self.add_event_source(args)
171
172
  raise TypeError unless args.is_a?(Hash)
172
173
 
173
- valid_keys = %w/source key_name category_count event_message_file
174
- category_message_file parameter_message_file supported_types/
174
+ valid_keys = %w/
175
+ source
176
+ key_name
177
+ category_count
178
+ event_message_file
179
+ category_message_file
180
+ parameter_message_file
181
+ supported_types
182
+ /
175
183
 
176
184
  key_base = "SYSTEM\\CurrentControlSet\\Services\\EventLog\\"
177
185
 
@@ -220,140 +228,139 @@ module Win32
220
228
  hkey = hkey.unpack('L')[0]
221
229
  data = "%SystemRoot%\\System32\\config\\#{hash['source']}.evt"
222
230
 
223
- rv = RegSetValueEx(
224
- hkey,
225
- 'File',
226
- 0,
227
- REG_EXPAND_SZ,
228
- data,
229
- data.size
230
- )
231
-
232
- if rv != ERROR_SUCCESS
233
- error = 'RegSetValueEx() failed: ', get_last_error
234
- RegCloseKey(hkey)
235
- raise Error, error
236
- end
237
-
238
- RegCloseKey(hkey)
239
-
240
- hkey = [0].pack('L')
241
- key = key_base << hash['source'] << "\\" << hash['key_name']
242
-
243
- disposition = [0].pack('L')
244
-
245
- rv = RegCreateKeyEx(
246
- HKEY_LOCAL_MACHINE,
247
- key,
248
- 0,
249
- nil,
250
- REG_OPTION_NON_VOLATILE,
251
- KEY_WRITE,
252
- nil,
253
- hkey,
254
- disposition
255
- )
256
-
257
- if rv != ERROR_SUCCESS
258
- raise Error, 'RegCreateKeyEx() failed: ' + get_last_error
259
- end
260
-
261
- hkey = hkey.unpack('L')[0]
262
-
263
- if hash['category_count']
264
- data = [hash['category_count']].pack('L')
265
-
231
+ begin
266
232
  rv = RegSetValueEx(
267
233
  hkey,
268
- 'CategoryCount',
234
+ 'File',
269
235
  0,
270
- REG_DWORD,
236
+ REG_EXPAND_SZ,
271
237
  data,
272
238
  data.size
273
239
  )
274
-
240
+
275
241
  if rv != ERROR_SUCCESS
276
- error = 'RegSetValueEx() failed: ' + get_last_error
277
- RegCloseKey(hkey)
242
+ error = 'RegSetValueEx() failed: ', get_last_error
278
243
  raise Error, error
279
244
  end
245
+ ensure
246
+ RegCloseKey(hkey)
280
247
  end
281
248
 
282
- if hash['category_message_file']
283
- data = File.expand_path(hash['category_message_file'])
284
-
285
- rv = RegSetValueEx(
286
- hkey,
287
- 'CategoryMessageFile',
249
+ hkey = [0].pack('L')
250
+ key = key_base << hash['source'] << "\\" << hash['key_name']
251
+
252
+ disposition = [0].pack('L')
253
+
254
+ begin
255
+ rv = RegCreateKeyEx(
256
+ HKEY_LOCAL_MACHINE,
257
+ key,
288
258
  0,
289
- REG_EXPAND_SZ,
290
- data,
291
- data.size
259
+ nil,
260
+ REG_OPTION_NON_VOLATILE,
261
+ KEY_WRITE,
262
+ nil,
263
+ hkey,
264
+ disposition
292
265
  )
293
-
266
+
294
267
  if rv != ERROR_SUCCESS
295
- error = 'RegSetValueEx() failed: ' + get_last_error
296
- RegCloseKey(hkey)
297
- raise Error, error
268
+ raise Error, 'RegCreateKeyEx() failed: ' + get_last_error
298
269
  end
299
- end
300
-
301
- if hash['event_message_file']
302
- data = File.expand_path(hash['event_message_file'])
303
270
 
304
- rv = RegSetValueEx(
305
- hkey,
306
- 'EventMessageFile',
307
- 0,
308
- REG_EXPAND_SZ,
309
- data,
310
- data.size
311
- )
271
+ hkey = hkey.unpack('L')[0]
312
272
 
313
- if rv != ERROR_SUCCESS
314
- error = 'RegSetValueEx() failed: ' + get_last_error
315
- RegCloseKey(hkey)
316
- raise Error, error
273
+ if hash['category_count']
274
+ data = [hash['category_count']].pack('L')
275
+
276
+ rv = RegSetValueEx(
277
+ hkey,
278
+ 'CategoryCount',
279
+ 0,
280
+ REG_DWORD,
281
+ data,
282
+ data.size
283
+ )
284
+
285
+ if rv != ERROR_SUCCESS
286
+ error = 'RegSetValueEx() failed: ' + get_last_error
287
+ raise Error, error
288
+ end
317
289
  end
318
- end
319
-
320
- if hash['parameter_message_file']
321
- data = File.expand_path(hash['parameter_message_file'])
322
-
290
+
291
+ if hash['category_message_file']
292
+ data = File.expand_path(hash['category_message_file'])
293
+
294
+ rv = RegSetValueEx(
295
+ hkey,
296
+ 'CategoryMessageFile',
297
+ 0,
298
+ REG_EXPAND_SZ,
299
+ data,
300
+ data.size
301
+ )
302
+
303
+ if rv != ERROR_SUCCESS
304
+ error = 'RegSetValueEx() failed: ' + get_last_error
305
+ raise Error, error
306
+ end
307
+ end
308
+
309
+ if hash['event_message_file']
310
+ data = File.expand_path(hash['event_message_file'])
311
+
312
+ rv = RegSetValueEx(
313
+ hkey,
314
+ 'EventMessageFile',
315
+ 0,
316
+ REG_EXPAND_SZ,
317
+ data,
318
+ data.size
319
+ )
320
+
321
+ if rv != ERROR_SUCCESS
322
+ error = 'RegSetValueEx() failed: ' + get_last_error
323
+ raise Error, error
324
+ end
325
+ end
326
+
327
+ if hash['parameter_message_file']
328
+ data = File.expand_path(hash['parameter_message_file'])
329
+
330
+ rv = RegSetValueEx(
331
+ hkey,
332
+ 'ParameterMessageFile',
333
+ 0,
334
+ REG_EXPAND_SZ,
335
+ data,
336
+ data.size
337
+ )
338
+
339
+ if rv != ERROR_SUCCESS
340
+ error = 'RegSetValueEx() failed: ' + get_last_error
341
+ raise Error, error
342
+ end
343
+ end
344
+
345
+ data = [hash['supported_types']].pack('L')
346
+
323
347
  rv = RegSetValueEx(
324
348
  hkey,
325
- 'ParameterMessageFile',
349
+ 'TypesSupported',
326
350
  0,
327
- REG_EXPAND_SZ,
351
+ REG_DWORD,
328
352
  data,
329
353
  data.size
330
354
  )
331
-
355
+
332
356
  if rv != ERROR_SUCCESS
333
357
  error = 'RegSetValueEx() failed: ' + get_last_error
334
- RegCloseKey(hkey)
335
358
  raise Error, error
336
359
  end
337
- end
338
-
339
- data = [hash['supported_types']].pack('L')
340
- rv = RegSetValueEx(
341
- hkey,
342
- 'TypesSupported',
343
- 0,
344
- REG_DWORD,
345
- data,
346
- data.size
347
- )
348
-
349
- if rv != ERROR_SUCCESS
350
- error = 'RegSetValueEx() failed: ' + get_last_error
360
+ ensure
351
361
  RegCloseKey(hkey)
352
- raise Error, error
353
362
  end
354
363
 
355
- RegCloseKey(hkey)
356
-
357
364
  disposition.unpack('L')[0]
358
365
  end
359
366
 
@@ -462,16 +469,18 @@ module Win32
462
469
 
463
470
  wait_result = WaitForSingleObject(event, INFINITE)
464
471
 
465
- if wait_result == WAIT_FAILED
466
- error = 'WaitForSingleObject() failed: ' + get_last_error
472
+ begin
473
+ if wait_result == WAIT_FAILED
474
+ error = 'WaitForSingleObject() failed: ' + get_last_error
475
+ raise Error, error
476
+ else
477
+ last = read_last_event
478
+ block.call(last)
479
+ end
480
+ ensure
467
481
  CloseHandle(event)
468
- raise Error, error
469
- else
470
- last = read_last_event
471
- block.call(last)
472
482
  end
473
483
 
474
- CloseHandle(event)
475
484
  self
476
485
  end
477
486
 
@@ -743,11 +752,11 @@ module Win32
743
752
  lkey = hkey.unpack('L').first
744
753
  end
745
754
 
746
- event_source = buf[56..-1].nstrip
747
- computer = buf[56 + event_source.length + 1..-1].nstrip
748
- event_type = get_event_type(buf[24,2].unpack('S')[0])
749
- user = get_user(buf)
750
- desc = get_description(buf, event_source, lkey)
755
+ event_source = buf[56..-1].nstrip
756
+ computer = buf[56 + event_source.length + 1..-1].nstrip
757
+ event_type = get_event_type(buf[24,2].unpack('S')[0])
758
+ user = get_user(buf)
759
+ strings, desc = get_description(buf, event_source, lkey)
751
760
 
752
761
  struct = EventLogStruct.new
753
762
  struct.source = event_source
@@ -759,6 +768,7 @@ module Win32
759
768
  struct.event_type = event_type
760
769
  struct.user = user
761
770
  struct.category = buf[28,2].unpack('S')[0]
771
+ struct.string_inserts = strings
762
772
  struct.description = desc
763
773
 
764
774
  struct
@@ -823,123 +833,146 @@ module Win32
823
833
  key = BASE_KEY + "#{@source}\\#{event_source}"
824
834
  buf = 0.chr * 8192
825
835
  va_list = va_list0 = (num == 0) ? [] : str.unpack('Z*' * num)
836
+
837
+ begin
838
+ if defined? Wow64DisableWow64FsRedirection
839
+ old_wow_val = 0.chr * 4
840
+ Wow64DisableWow64FsRedirection(old_wow_val)
841
+ end
826
842
 
827
- if RegOpenKeyEx(lkey, key, 0, KEY_READ, hkey) == 0
828
- value = 'ParameterMessageFile'
829
- file = 0.chr * MAX_SIZE
830
- hkey = hkey.unpack('L')[0]
831
- size = [ file.length].pack('L')
832
-
833
- if RegQueryValueEx(hkey, value, 0, 0, file, size) == 0
834
- file = file.nstrip
835
- exe = 0.chr * MAX_SIZE
836
- ExpandEnvironmentStrings(file, exe, exe.size)
837
- exe = exe.nstrip
838
-
839
- va_list = va_list0.map{ |v|
840
- va = v
841
-
842
- v.scan(/%%(\d+)/).uniq.each{ |x|
843
- exe.split(';').each{ |file|
844
- hmodule = LoadLibraryEx(
845
- file,
846
- 0,
847
- DONT_RESOLVE_DLL_REFERENCES
848
- )
849
-
850
- if hmodule != 0
851
- FormatMessage(
852
- FORMAT_MESSAGE_FROM_HMODULE |
853
- FORMAT_MESSAGE_ARGUMENT_ARRAY,
854
- hmodule,
855
- x.first.to_i,
843
+ if RegOpenKeyEx(lkey, key, 0, KEY_READ, hkey) == 0
844
+ value = 'ParameterMessageFile'
845
+ file = 0.chr * MAX_SIZE
846
+ hkey = hkey.unpack('L')[0]
847
+ size = [ file.length].pack('L')
848
+
849
+ if RegQueryValueEx(hkey, value, 0, 0, file, size) == 0
850
+ file = file.nstrip
851
+ exe = 0.chr * MAX_SIZE
852
+ ExpandEnvironmentStrings(file, exe, exe.size)
853
+ exe = exe.nstrip
854
+
855
+ va_list = va_list0.map{ |v|
856
+ va = v
857
+
858
+ v.scan(/%%(\d+)/).uniq.each{ |x|
859
+ exe.split(';').each{ |file|
860
+ hmodule = LoadLibraryEx(
861
+ file,
856
862
  0,
857
- buf,
858
- buf.size,
859
- v
863
+ DONT_RESOLVE_DLL_REFERENCES |
864
+ LOAD_LIBRARY_AS_DATAFILE
860
865
  )
861
- FreeLibrary(hmodule)
862
- break if buf.nstrip != ""
863
- end
866
+
867
+ if hmodule != 0
868
+ FormatMessage(
869
+ FORMAT_MESSAGE_FROM_HMODULE |
870
+ FORMAT_MESSAGE_ARGUMENT_ARRAY,
871
+ hmodule,
872
+ x.first.to_i,
873
+ 0,
874
+ buf,
875
+ buf.size,
876
+ v
877
+ )
878
+ FreeLibrary(hmodule)
879
+ break if buf.nstrip != ""
880
+ end
881
+ }
882
+ va = va.gsub("%%#{x.first}", buf.nstrip)
864
883
  }
865
- va = va.gsub("%%#{x.first}", buf.nstrip)
884
+ va
866
885
  }
867
- va
868
- }
869
- end
870
-
871
- value = 'EventMessageFile'
872
- file = 0.chr * MAX_SIZE
873
- size = [file.length].pack('L')
874
-
875
- if RegQueryValueEx(hkey, value, 0, 0, file, size) == 0
876
- file = file.nstrip
877
- exe = 0.chr * MAX_SIZE
886
+ end
887
+
888
+ value = 'EventMessageFile'
889
+ file = 0.chr * MAX_SIZE
890
+ size = [file.length].pack('L')
878
891
 
879
- ExpandEnvironmentStrings(file, exe, exe.size)
880
- exe = exe.nstrip
881
-
882
- # Try to retrieve message *without* expanding the inserts yet
883
- exe.split(';').each{ |file|
884
- hmodule = LoadLibraryEx(file, 0, DONT_RESOLVE_DLL_REFERENCES)
885
- event_id = rec[20,4].unpack('L')[0]
886
-
887
- if hmodule != 0
888
- FormatMessage(
889
- FORMAT_MESSAGE_FROM_HMODULE |
890
- FORMAT_MESSAGE_IGNORE_INSERTS,
891
- hmodule,
892
- event_id,
892
+ if RegQueryValueEx(hkey, value, 0, 0, file, size) == 0
893
+ file = file.nstrip
894
+ exe = 0.chr * MAX_SIZE
895
+
896
+ ExpandEnvironmentStrings(file, exe, exe.size)
897
+ exe = exe.nstrip
898
+
899
+ # Try to retrieve message *without* expanding the inserts yet
900
+ exe.split(';').each{ |file|
901
+ hmodule = LoadLibraryEx(
902
+ file,
893
903
  0,
894
- buf,
895
- buf.size,
896
- nil
904
+ DONT_RESOLVE_DLL_REFERENCES | LOAD_LIBRARY_AS_DATAFILE
897
905
  )
898
-
899
- FreeLibrary(hmodule)
900
- break if buf.nstrip != "" # All messages read
901
- end
902
- }
903
-
904
- buf = 0.chr * 8192 # Reset the buffer
905
-
906
- # Determine higest %n insert number
907
- max_insert = [num,buf.nstrip.scan(/%(\d+)/).map{|x|x[0].to_i}.max].compact.max
908
-
909
- # Insert dummy strings not provided by caller
910
- ((num+1)..(max_insert)).each{ |x| va_list.push("%#{x}") }
911
-
912
- if num == 0
913
- va_list_ptr = 0.chr * 4
914
- else
915
- va_list_ptr = va_list.map{ |x|
916
- [x + 0.chr].pack('P').unpack('L')[0]
917
- }.pack('L*')
918
- end
919
-
920
- exe.split(';').each{ |file|
921
- hmodule = LoadLibraryEx(file, 0, DONT_RESOLVE_DLL_REFERENCES)
922
- event_id = rec[20,4].unpack('L')[0]
906
+
907
+ event_id = rec[20,4].unpack('L')[0]
908
+
909
+ if hmodule != 0
910
+ FormatMessage(
911
+ FORMAT_MESSAGE_FROM_HMODULE |
912
+ FORMAT_MESSAGE_IGNORE_INSERTS,
913
+ hmodule,
914
+ event_id,
915
+ 0,
916
+ buf,
917
+ buf.size,
918
+ nil
919
+ )
920
+
921
+ FreeLibrary(hmodule)
922
+ break if buf.nstrip != "" # All messages read
923
+ end
924
+ }
925
+
926
+ buf = 0.chr * 8192 # Reset the buffer
923
927
 
924
- if hmodule != 0
925
- FormatMessage(
926
- FORMAT_MESSAGE_FROM_HMODULE |
927
- FORMAT_MESSAGE_ARGUMENT_ARRAY,
928
- hmodule,
929
- event_id,
928
+ # Determine higest %n insert number
929
+ max_insert = [num, buf.nstrip.scan(/%(\d+)/).map{ |x| x[0].to_i }.max].compact.max
930
+
931
+ # Insert dummy strings not provided by caller
932
+ ((num+1)..(max_insert)).each{ |x| va_list.push("%#{x}") }
933
+
934
+ if num == 0
935
+ va_list_ptr = 0.chr * 4
936
+ else
937
+ va_list_ptr = va_list.map{ |x|
938
+ [x + 0.chr].pack('P').unpack('L')[0]
939
+ }.pack('L*')
940
+ end
941
+
942
+ exe.split(';').each{ |file|
943
+ hmodule = LoadLibraryEx(
944
+ file,
930
945
  0,
931
- buf,
932
- buf.size,
933
- va_list_ptr
946
+ DONT_RESOLVE_DLL_REFERENCES | LOAD_LIBRARY_AS_DATAFILE
934
947
  )
935
-
936
- FreeLibrary(hmodule)
937
- break if buf.nstrip != "" # All messages read
938
- end
939
- }
948
+
949
+ event_id = rec[20,4].unpack('L')[0]
950
+
951
+ if hmodule != 0
952
+ FormatMessage(
953
+ FORMAT_MESSAGE_FROM_HMODULE |
954
+ FORMAT_MESSAGE_ARGUMENT_ARRAY,
955
+ hmodule,
956
+ event_id,
957
+ 0,
958
+ buf,
959
+ buf.size,
960
+ va_list_ptr
961
+ )
962
+
963
+ FreeLibrary(hmodule)
964
+ break if buf.nstrip != "" # All messages read
965
+ end
966
+ }
967
+ end
968
+ RegCloseKey(hkey)
969
+ end
970
+ ensure
971
+ if defined? Wow64RevertWow64FsRedirection
972
+ Wow64RevertWow64FsRedirection(old_wow_val.unpack('L')[0])
940
973
  end
941
- RegCloseKey(hkey)
942
974
  end
975
+
943
976
  [va_list0, buf.strip]
944
977
  end
945
978
  end
data/win32-eventlog.gemspec CHANGED
@@ -2,7 +2,7 @@ require "rubygems"
2
2
 
3
3
  spec = Gem::Specification.new do |gem|
4
4
  gem.name = "win32-eventlog"
5
- gem.version = "0.4.8"
5
+ gem.version = "0.4.9"
6
6
  gem.author = "Daniel J. Berger"
7
7
  gem.email = "djberg96@gmail.com"
8
8
  gem.homepage = "http://www.rubyforge.org/projects/win32utils"
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: win32-eventlog
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.8
4
+ version: 0.4.9
5
5
  platform: ruby
6
6
  authors:
7
7
  - Daniel J. Berger
@@ -9,11 +9,12 @@ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
11
 
12
- date: 2008-05-17 00:00:00 -06:00
12
+ date: 2008-09-07 00:00:00 -06:00
13
13
  default_executable:
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
16
  name: windows-pr
17
+ type: :runtime
17
18
  version_requirement:
18
19
  version_requirements: !ruby/object:Gem::Requirement
19
20
  requirements:
@@ -35,13 +36,11 @@ extra_rdoc_files:
35
36
  files:
36
37
  - lib/win32/eventlog.rb
37
38
  - lib/win32/mc.rb
38
- - test/CVS
39
39
  - test/foo.mc
40
40
  - test/tc_eventlog.rb
41
41
  - test/tc_mc.rb
42
42
  - test/ts_all.rb
43
43
  - CHANGES
44
- - CVS
45
44
  - doc
46
45
  - examples
47
46
  - lib
@@ -74,7 +73,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
74
73
  requirements: []
75
74
 
76
75
  rubyforge_project:
77
- rubygems_version: 1.1.1
76
+ rubygems_version: 1.2.0
78
77
  signing_key:
79
78
  specification_version: 2
80
79
  summary: Interface for the MS Windows Event Log.