RubyGems - win32-eventlog - Versions diffs - 0.5.2 → 0.5.3 - Mend

win32-eventlog 0.5.2 → 0.5.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

data/CHANGES CHANGED Viewed

@@ -1,3 +1,8 @@
+== 0.5.3 - 26-Oct-2011
+* Fixed the String#nstrip method for Ruby 1.9.x. Thanks go to Jason Bourne
+  for the spot and Ben Jansen for the patch.
+* Refactored the Rakefile and tests.
 == 0.5.2 - 21-Aug-2009
 * EventLogStruct's are now frozen on read operations. This is read-only data.
 * Added a test to validate that structs are frozen.
@@ -103,7 +108,7 @@
 * Added the EventLog#full? method.
 * Documentation updates and corrections, including the tutorial on creating
   and writing to your own event source.
 == 0.3.3 - 2-Jan-2006
 * If EventLog.new fails, it now raises EventLogError instead of StandardError.
 * Added documentation to the eventlog.txt file for EventLog#notify_change.
@@ -129,7 +134,7 @@
   no block is given.
 * Added the 'rubymsg.mc' message category file.  If installed, this will
   create a 'RubyMsg' event source for use with win32-service, though you
-  may use it for whatever you wish.  See the README for more details.
+  may use it for whatever you wish.  See the README for more details.
 * Renamed struct back to EventLogStruct - sorry, sorry - I promise I won't
   change this again.
 * Fixed a bug where using EventLog::SEEK_READ did not work properly (thanks

data/README CHANGED Viewed

@@ -1,73 +1,68 @@
 == Description
-   The win32-eventlog library provides an interface for reading from and
-   writing to the MS Windows Event Log.
+  The win32-eventlog library provides an interface for reading from and
+  writing to the MS Windows Event Log.
-   In addition, you can create your own message event sources using the
-   win32-mc library (provided with this distro), assuming you have the
-   proper tools installed.
+  In addition, you can create your own message event sources using the
+  win32-mc library (provided with this distro), assuming you have the
+  proper tools installed.
 == Prerequisites
-   Ruby 1.8.2 or later.
-   windows-pr 0.9.3 or later.
-   The 'mc', 'rc' and 'link' command line tools are required to create and
-   install message sources. You won't need these for simply reading from or
-   writing to an existing event log.
+  windows-pr 0.9.3 or later.
+  The 'mc', 'rc' and 'link' command line tools are required to create and
+  install message sources. You won't need these for simply reading from or
+  writing to an existing event log.
 == Installation
-=== Gem Installation
-   gem install win32-eventlog
-=== Local Installation
-   rake test (optional)
-   rake install (non-gem) or rake install_gem (gem)
+  gem install win32-eventlog
 === General Installation Notes
-   This will install both the win32-eventlog and win32-mc libraries. The latter
-   is strictly for turning .mc files into .dll files. See the mc documentation
-   for more details.
+  This will install both the win32-eventlog and win32-mc libraries. The latter
+  is strictly for turning .mc files into .dll files. See the mc documentation
+  for more details.
 == Installing the 'RubyMsg' event source
-   If you wish to install the RubyMsg event source, run the 'install_msg.rb'
-   script in the 'misc' directory.  This will create a 'rubymsg' directory
-   under your toplevel Ruby installation directory (usually C:\ruby), and
-   create the .dll, .h, .rc and .res files there, in addition to copying the
-   rubymsg.mc file. It will then install the 'RubyMsg' event source into your
-   registry.
+  If you wish to install the RubyMsg event source then run the
+  event_source:install Rake task. This will create a 'rubymsg' directory
+  under your toplevel Ruby installation directory (usually C:\ruby), and
+  create the .dll, .h, .rc and .res files there, in addition to copying the
+  rubymsg.mc file. It will then install the 'RubyMsg' event source into your
+  registry.
-   DO NOT MOVE THE DLL FILE ONCE IT IS INSTALLED!  If you do, you will have
-   to delete the registry entry and reinstall it with the correct path.
+  DO NOT MOVE THE DLL FILE ONCE IT IS INSTALLED!  If you do, you will have
+  to delete the registry entry and reinstall it with the correct path.
-   Take a look at the rubymsg.mc file for the category and message values. If
-   you do not understand this, please read the 'tutorial.txt' file in the 'doc'
-   directory.
+  Take a look at the rubymsg.mc file for the category and message values. If
+  you do not understand this, please read the 'tutorial.txt' file in the 'doc'
+  directory.
 == Additional documentation
-   If you are unfamiliar with message files and event logging on Windows in
-   general, please read the 'tutorial.txt' file.
+  If you are unfamiliar with message files and event logging on Windows in
+  general, please read the 'tutorial.txt' file.
-   There are also a couple of sample test scripts under the 'examples'
-   directory if you want to futz around and get a feel for how things work.
+  There are also a couple of sample test scripts under the 'examples'
+  directory if you want to futz around and get a feel for how things work.
 == If the test_mc.rb tests are skipped
-   If the tests from the test_mc.rb file are omitted then you either don't
-   have the mc, rc and/or link commands installed or they're not in your
-   system's %PATH%. If you have MSVC++, you should have them somewhere on your
-   system.
+  If the tests from the test_mc.rb file are omitted then you either don't
+  have the mc, rc and/or link commands installed or they're not in your
+  system's %PATH%. If you have MSVC++, you should have them somewhere on your
+  system.
 == Known Issues
-   None known.
+  None known.
-   Please file any bug reports on the project page at
-   http://www.rubyforge.org/projects/win32utils.
+  Please file any bug reports on the project page at
+  http://www.rubyforge.org/projects/win32utils.
 == License
-   Artistic 2.0
+  Artistic 2.0
 == Warranty
-   This package is provided "as is" and without any express or
-   implied warranties, including, without limitation, the implied
-   warranties of merchantability and fitness for a particular purpose.
+  This package is provided "as is" and without any express or
+  implied warranties, including, without limitation, the implied
+  warranties of merchantability and fitness for a particular purpose.
 == Authors
-   Daniel J. Berger
-   Park Heesob
+  Daniel J. Berger
+  Park Heesob

data/Rakefile CHANGED Viewed

@@ -1,46 +1,65 @@
 require 'rake'
+require 'rake/clean'
 require 'rake/testtask'
-desc 'Install win32-eventlog and win32-mc (non-gem)'
-task :install do
-   dest = File.join(Config::CONFIG['sitelibdir'], 'win32')
-   Dir.mkdir(dest) unless File.exists? dest
-   cp 'lib/win32/eventlog.rb', dest, :verbose => true
-   cp 'lib/win32/mc.rb', dest, :verbose => true
-end
+CLEAN.include('**/*.gem', '**/*.rbc')
+namespace :gem do
+  desc 'Create the win32-eventlog gem'
+  task :create => [:clean] do
+    spec = eval(IO.read('win32-eventlog.gemspec'))
+    Gem::Builder.new(spec).build
+  end
-desc 'Install the win32-eventlog library as a gem'
-task :install_gem do
-   ruby 'win32-eventlog.gemspec'
-   file = Dir["*.gem"].first
-   sh "gem install #{file}"
+  desc 'Install the win32-eventlog gem'
+  task :install => [:create] do
+    ruby 'win32-eventlog.gemspec'
+    file = Dir["*.gem"].first
+    sh "gem install #{file}"
+  end
 end
-desc 'Run the notify (tail) example program'
-task :example_notify do
-   ruby '-Ilib examples/example_notify.rb'
+namespace :example do
+  desc 'Run the notify (tail) example program'
+  task :notify do
+    ruby '-Ilib examples/example_notify.rb'
+  end
-desc 'Run the read example program'
-task :example_read do
-   ruby '-Ilib examples/example_read.rb'
+  desc 'Run the read example program'
+  task :read do
+    ruby '-Ilib examples/example_read.rb'
+  end
-desc 'Run the write example program'
-task :example_write do
-   ruby '-Ilib examples/example_write.rb'
+  desc 'Run the write example program'
+  task :write do
+    ruby '-Ilib examples/example_write.rb'
+  end
+end
-Rake::TestTask.new(:test) do |t|
-   t.warning = true
-   t.verbose = true
+namespace :event_source do
+  desc 'Install the RubyMsg event source'
+  task :install do
+    sh "ruby -Ilib misc/install_msg.rb"
+  end
 end
-Rake::TestTask.new(:test_eventlog) do |t|
-   t.warning    = true
-   t.verbose    = true
-   t.test_files = Dir['test/test_eventlog.rb']
+Rake::TestTask.new do |t|
+  t.warning = true
+  t.verbose = true
 end
-Rake::TestTask.new(:test_mc) do |t|
-   t.warning    = true
-   t.verbose    = true
-   t.test_files = Dir['test/test_mc.rb']
+namespace :test do
+  Rake::TestTask.new(:eventlog) do |t|
+    t.warning    = true
+    t.verbose    = true
+    t.test_files = Dir['test/test_eventlog.rb']
+  end
+  Rake::TestTask.new(:mc) do |t|
+    t.warning    = true
+    t.verbose    = true
+    t.test_files = Dir['test/test_mc.rb']
+  end
 end
+task :default => :test

data/lib/win32/eventlog.rb CHANGED Viewed

@@ -8,11 +8,16 @@ require 'windows/synchronize'
 require 'windows/handle'
 class String
-   # Return the portion of the string up to the first NULL character.  This
-   # was added for both speed and convenience.
-   def nstrip
-      self[ /^[^\0]*/ ]
-   end
+  # Return the portion of the string up to the first NULL character.  This
+  # was added for both speed and convenience.
+  def nstrip
+    if RUBY_VERSION.to_f >= 1.9
+      unless self.ascii_only?
+        self.force_encoding('BINARY')
+      end
+    end
+    self[ /^[^\0]*/ ]
+  end
 end
 # The Win32 module serves as a namespace only.
@@ -21,11 +26,11 @@ module Win32
    # The EventLog class encapsulates an Event Log source and provides methods
    # for interacting with that source.
    class EventLog
       # The EventLog::Error is raised in cases where interaction with the
       # event log should happen to fail for any reason.
       class Error < StandardError; end
       include Windows::Error
       include Windows::EventLog
       include Windows::Security
@@ -36,10 +41,10 @@ module Win32
       include Windows::Handle
       extend Windows::Error
       extend Windows::Registry
       # The version of the win32-eventlog library
-      VERSION = '0.5.2'
+      VERSION = '0.5.3'
       # The log is read in chronological order, i.e. oldest to newest.
       FORWARDS_READ = EVENTLOG_FORWARDS_READ
@@ -55,7 +60,7 @@ module Win32
       SEQUENTIAL_READ = EVENTLOG_SEQUENTIAL_READ
       # Event types
       # Information event, an event that describes the successful operation
       # of an application, driver or service.
       SUCCESS = EVENTLOG_SUCCESS
@@ -81,72 +86,72 @@ module Win32
       AUDIT_FAILURE = EVENTLOG_AUDIT_FAILURE
       private
       # :stopdoc:
       BUFFER_SIZE = 1024 * 64
       MAX_SIZE    = 256
       MAX_STRINGS = 16
       BASE_KEY    = "SYSTEM\\CurrentControlSet\\Services\\EventLog\\"
       # :startdoc:
       public
       # The EventLogStruct encapsulates a single event log record.
       EventLogStruct = Struct.new('EventLogStruct', :record_number,
          :time_generated, :time_written, :event_id, :event_type, :category,
          :source, :computer, :user, :string_inserts, :description
       )
       # The name of the event log source.  This will typically be
       # 'Application', 'System' or 'Security', but could also refer to
       # a custom event log source.
-      #
+      #
       attr_reader :source
       # The name of the server which the event log is reading from.
-      #
+      #
       attr_reader :server
       # The name of the file used in the EventLog.open_backup method.  This is
       # set to nil if the file was not opened using the EventLog.open_backup
       # method.
-      #
+      #
       attr_reader :file
       # Opens a handle to the new EventLog +source+ on +server+, or the local
       # machine if no host is specified.  Typically, your source will be
       # 'Application, 'Security' or 'System', although you can specify a
       # custom log file as well.
-      #
+      #
       # If a custom, registered log file name cannot be found, the event
       # logging service opens the 'Application' log file.  This is the
       # behavior of the underlying Windows function, not my own doing.
-      #
+      #
       def initialize(source = 'Application', server = nil, file = nil)
          @source = source || 'Application' # In case of explicit nil
          @server = server
          @file   = file
          # Avoid potential segfaults from win32-api
          raise TypeError unless @source.is_a?(String)
          raise TypeError unless @server.is_a?(String) if @server
          function = 'OpenEventLog()'
          if @file.nil?
             @handle = OpenEventLog(@server, @source)
          else
             @handle = OpenBackupEventLog(@server, @file)
             function = 'OpenBackupEventLog()'
          end
          if @handle == 0
             error = "#{function} failed: " + get_last_error
             raise Error, error
          end
          # Ensure the handle is closed at the end of a block
          if block_given?
             begin
@@ -156,33 +161,33 @@ module Win32
             end
          end
       end
       # Class method aliases
       class << self
          alias :open :new
       end
       # Nearly identical to EventLog.open, except that the source is a backup
       # file and not an event source (and there is no default).
-      #
+      #
       def self.open_backup(file, source = 'Application', server = nil, &block)
          @file   = file
          @source = source
          @server = server
          # Avoid potential segfaults from win32-api
          raise TypeError unless @file.is_a?(String)
          raise TypeError unless @source.is_a?(String)
-         raise TypeError unless @server.is_a?(String) if @server
+         raise TypeError unless @server.is_a?(String) if @server
          self.new(source, server, file, &block)
       end
       # Adds an event source to the registry. Returns the disposition, which
       # is either REG_CREATED_NEW_KEY (1) or REG_OPENED_EXISTING_KEY (2).
       #
       # The following are valid keys:
-      #
+      #
       # * source                 # Source name.  Set to "Application" by default
       # * key_name               # Name stored as the registry key
       # * category_count         # Number of supported (custom) categories
@@ -201,10 +206,10 @@ module Win32
       # The +event_message_file+ and +category_message_file+ are typically,
       # though not necessarily, the same file.  See the documentation on .mc files
       # for more details.
-      #
+      #
       def self.add_event_source(args)
          raise TypeError unless args.is_a?(Hash)
          valid_keys = %w/
             source
             key_name
@@ -222,8 +227,8 @@ module Win32
             'source'          => 'Application',
             'supported_types' => ERROR | WARN | INFO
          }
-         # Validate the keys, and convert symbols and case to lowercase strings.
+         # Validate the keys, and convert symbols and case to lowercase strings.
          args.each{ |key, val|
             key = key.to_s.downcase
             unless valid_keys.include?(key)
@@ -231,17 +236,17 @@ module Win32
             end
             hash[key] = val
          }
          # The key_name must be specified
          unless hash['key_name']
             raise Error, 'no event_type specified'
          end
-         hkey = [0].pack('L')
+         hkey = [0].pack('L')
          key  = key_base + hash['source']
          disposition = [0].pack('L')
          rv = RegCreateKeyEx(
             HKEY_LOCAL_MACHINE,
             key,
@@ -252,16 +257,16 @@ module Win32
             nil,
             hkey,
             disposition
-         )
+         )
          if rv != ERROR_SUCCESS
             error = 'RegCreateKeyEx() failed: ' + get_last_error
             raise Error, error
          end
-         hkey = hkey.unpack('L')[0]
+         hkey = hkey.unpack('L')[0]
          data = "%SystemRoot%\\System32\\config\\#{hash['source']}.evt"
          begin
             rv = RegSetValueEx(
                hkey,
@@ -271,20 +276,20 @@ module Win32
                data,
                data.size
             )
             if rv != ERROR_SUCCESS
                error = 'RegSetValueEx() failed: ', get_last_error
                raise Error, error
             end
          ensure
-            RegCloseKey(hkey)
+            RegCloseKey(hkey)
          end
          hkey = [0].pack('L')
          key  = key_base << hash['source'] << "\\" << hash['key_name']
          disposition = [0].pack('L')
          begin
             rv = RegCreateKeyEx(
                HKEY_LOCAL_MACHINE,
@@ -297,16 +302,16 @@ module Win32
                hkey,
                disposition
             )
             if rv != ERROR_SUCCESS
                raise Error, 'RegCreateKeyEx() failed: ' + get_last_error
             end
             hkey = hkey.unpack('L')[0]
             if hash['category_count']
                data = [hash['category_count']].pack('L')
                rv = RegSetValueEx(
                   hkey,
                   'CategoryCount',
@@ -315,16 +320,16 @@ module Win32
                   data,
                   data.size
                )
                if rv != ERROR_SUCCESS
                   error = 'RegSetValueEx() failed: ' + get_last_error
                   raise Error, error
                end
             end
             if hash['category_message_file']
                data = File.expand_path(hash['category_message_file'])
                rv = RegSetValueEx(
                   hkey,
                   'CategoryMessageFile',
@@ -333,16 +338,16 @@ module Win32
                   data,
                   data.size
                )
                if rv != ERROR_SUCCESS
                   error = 'RegSetValueEx() failed: ' + get_last_error
                   raise Error, error
                end
             end
             if hash['event_message_file']
                data = File.expand_path(hash['event_message_file'])
                rv = RegSetValueEx(
                   hkey,
                   'EventMessageFile',
@@ -351,16 +356,16 @@ module Win32
                   data,
                   data.size
                )
                if rv != ERROR_SUCCESS
                   error = 'RegSetValueEx() failed: ' + get_last_error
                   raise Error, error
                end
             end
             if hash['parameter_message_file']
                data = File.expand_path(hash['parameter_message_file'])
                rv = RegSetValueEx(
                   hkey,
                   'ParameterMessageFile',
@@ -369,13 +374,13 @@ module Win32
                   data,
                   data.size
                )
                if rv != ERROR_SUCCESS
                   error = 'RegSetValueEx() failed: ' + get_last_error
                   raise Error, error
                end
-            end
+            end
             data = [hash['supported_types']].pack('L')
             rv = RegSetValueEx(
@@ -386,7 +391,7 @@ module Win32
                data,
                data.size
             )
             if rv != ERROR_SUCCESS
                error = 'RegSetValueEx() failed: ' + get_last_error
                raise Error, error
@@ -394,13 +399,13 @@ module Win32
          ensure
             RegCloseKey(hkey)
          end
          disposition.unpack('L')[0]
       end
       # Backs up the event log to +file+.  Note that you cannot backup to
       # a file that already exists or a Error will be raised.
-      #
+      #
       def backup(file)
          raise TypeError unless file.is_a?(String)
          unless BackupEventLog(@handle, file)
@@ -409,99 +414,99 @@ module Win32
          end
          self
       end
       # Clears the EventLog.  If +backup_file+ is provided, it backs up the
       # event log to that file first.
-      #
+      #
       def clear(backup_file = nil)
          raise TypeError unless backup_file.is_a?(String) if backup_file
          backup_file = 0 unless backup_file
          unless ClearEventLog(@handle, backup_file)
             error = 'ClearEventLog() failed: ' + get_last_error
             raise Error
          end
          self
       end
       # Closes the EventLog handle. The handle is automatically closed for you
       # if you use the block form of EventLog.new.
-      #
+      #
       def close
          CloseEventLog(@handle)
       end
       # Indicates whether or not the event log is full.
-      #
+      #
       def full?
          buf    = [0].pack('L') # dwFull
          needed = [0].pack('L')
          unless GetEventLogInformation(@handle, 0, buf, buf.size, needed)
             raise Error, 'GetEventLogInformation() failed: ' + get_last_error
          end
          buf[0,4].unpack('L')[0] != 0
       end
       # Returns the absolute record number of the oldest record.  Note that
       # this is not guaranteed to be 1 because event log records can be
       # overwritten.
-      #
+      #
       def oldest_record_number
          rec = [0].pack('L')
          unless GetOldestEventLogRecord(@handle, rec)
             error = 'GetOldestEventLogRecord() failed: ' + get_last_error
             raise Error, error
          end
          rec.unpack('L')[0]
       end
       # Returns the total number of records for the given event log.
-      #
+      #
       def total_records
          total = [0].pack('L')
          unless GetNumberOfEventLogRecords(@handle, total)
             error = 'GetNumberOfEventLogRecords() failed: ' + get_last_error
             raise Error, error
          end
          total.unpack('L')[0]
       end
       # Yields an EventLogStruct every time a record is written to the event
       # log. Unlike EventLog#tail, this method breaks out of the block after
       # the event.
-      #
+      #
       # Raises an Error if no block is provided.
-      #
+      #
       def notify_change(&block)
          unless block_given?
             raise Error, 'block missing for notify_change()'
          end
          # Reopen the handle because the NotifyChangeEventLog() function will
          # choke after five or six reads otherwise.
          @handle = OpenEventLog(@server, @source)
          if @handle == 0
             error = 'OpenEventLog() failed: ' + get_last_error
             raise Error, error
          end
          event = CreateEvent(0, 0, 0, 0)
          unless NotifyChangeEventLog(@handle, event)
             error = 'NotifyChangeEventLog() failed: ' + get_last_error
             raise Error, error
          end
          wait_result = WaitForSingleObject(event, INFINITE)
          begin
             if wait_result == WAIT_FAILED
                error = 'WaitForSingleObject() failed: ' + get_last_error
@@ -513,33 +518,33 @@ module Win32
          ensure
             CloseHandle(event)
          end
          self
       end
       # Yields an EventLogStruct every time a record is written to the event
       # log, once every +frequency+ seconds. Unlike EventLog#notify_change,
       # this method does not break out of the block after the event.  The read
       # +frequency+ is set to 5 seconds by default.
-      #
+      #
       # Raises an Error if no block is provided.
-      #
+      #
       # The delay between reads is due to the nature of the Windows event log.
       # It is not really designed to be tailed in the manner of a Unix syslog,
-      # for example, in that not nearly as many events are typically recorded.
+      # for example, in that not nearly as many events are typically recorded.
       # It's just not designed to be polled that heavily.
       #
       def tail(frequency = 5)
          unless block_given?
             raise Error, 'block missing for tail()'
          end
-         old_total = total_records()
+         old_total = total_records()
          flags     = FORWARDS_READ | SEEK_READ
          rec_num   = read_last_event.record_number
-         while true
-            new_total = total_records()
+         while true
+            new_total = total_records()
             if new_total != old_total
                rec_num = oldest_record_number() if full?
                read(flags, rec_num).each{ |log| yield log }
@@ -549,20 +554,20 @@ module Win32
             sleep frequency
          end
       end
       # Iterates over each record in the event log, yielding a EventLogStruct
       # for each record.  The offset value is only used when used in
       # conjunction with the EventLog::SEEK_READ flag.  Otherwise, it is
       # ignored.  If no flags are specified, then the default flags are:
-      #
+      #
       # EventLog::SEQUENTIAL_READ | EventLog::FORWARDS_READ
       #
       # Note that, if you're performing a SEEK_READ, then the offset must
       # refer to a record number that actually exists.  The default of 0
       # may or may not work for your particular event log.
-      #
+      #
       # The EventLogStruct struct contains the following members:
-      #
+      #
       # * record_number  # Fixnum
       # * time_generated # Time
       # * time_written   # Time
@@ -574,16 +579,16 @@ module Win32
       # * user           # String or nil
       # * description    # String or nil
       # * string_inserts # An array of Strings or nil
-      #
+      #
       # If no block is given the method returns an array of EventLogStruct's.
-      #
+      #
       def read(flags = nil, offset = 0)
-         buf    = 0.chr * BUFFER_SIZE # 64k buffer
+         buf    = 0.chr * BUFFER_SIZE # 64k buffer
          read   = [0].pack('L')
          needed = [0].pack('L')
          array  = []
          lkey   = HKEY_LOCAL_MACHINE
          unless flags
             flags = FORWARDS_READ | SEQUENTIAL_READ
          end
@@ -595,27 +600,27 @@ module Win32
             end
             lkey = hkey.unpack('L').first
          end
          while ReadEventLog(@handle, flags, offset, buf, buf.size, read, needed) ||
             GetLastError() == ERROR_INSUFFICIENT_BUFFER
             if GetLastError() == ERROR_INSUFFICIENT_BUFFER
                buf = (0.chr * buf.size) + (0.chr * needed.unpack('L')[0])
                unless ReadEventLog(@handle, flags, offset, buf, buf.size, read, needed)
                   raise Error, get_last_error
                end
             end
             dwread = read.unpack('L')[0]
             while dwread > 0
                struct       = EventLogStruct.new
                event_source = buf[56..-1].nstrip
                computer     = buf[56 + event_source.length + 1..-1].nstrip
                user = get_user(buf)
                strings, desc = get_description(buf, event_source, lkey)
                struct.source         = event_source
                struct.computer       = computer
                struct.record_number  = buf[8,4].unpack('L')[0]
@@ -627,7 +632,7 @@ module Win32
                struct.category       = buf[28,2].unpack('S')[0]
                struct.string_inserts = strings
                struct.description 	 = desc
                struct.freeze # This is read-only information
                if block_given?
@@ -635,30 +640,30 @@ module Win32
                else
                   array.push(struct)
                end
                if flags & EVENTLOG_BACKWARDS_READ > 0
                   offset = buf[8,4].unpack('L')[0] - 1
                else
                   offset = buf[8,4].unpack('L')[0] + 1
                end
                length = buf[0,4].unpack('L')[0] # Length
                dwread -= length
                buf = buf[length..-1]
             end
             buf = 0.chr * BUFFER_SIZE
             read = [0].pack('L')
          end
          block_given? ? nil : array
       end
       # This class method is nearly identical to the EventLog#read instance
       # method, except that it takes a +source+ and +server+ as the first two
       # arguments.
-      #
+      #
       def self.read(source='Application', server=nil, flags=nil, offset=0)
          self.new(source, server){ |log|
             if block_given?
@@ -670,28 +675,28 @@ module Win32
       end
       # Writes an event to the event log.  The following are valid keys:
-      #
+      #
       # * source     # Event log source name. Defaults to "Application"
       # * event_id   # Event ID (defined in event message file)
       # * category   # Event category (defined in category message file)
       # * data       # String that is written to the log
       # * event_type # Type of event, e.g. EventLog::ERROR, etc.
-      #
+      #
       # The +event_type+ keyword is the only mandatory keyword. The others are
       # optional. Although the +source+ defaults to "Application", I
       # recommend that you create an application specific event source and use
       # that instead. See the 'EventLog.add_event_source' method for more
       # details.
-      #
+      #
       # The +event_id+ and +category+ values are defined in the message
       # file(s) that you created for your application. See the tutorial.txt
       # file for more details on how to create a message file.
-      #
+      #
       # An ArgumentError is raised if you attempt to use an invalid key.
-      #
+      #
       def report_event(args)
          raise TypeError unless args.is_a?(Hash)
          valid_keys  = %w/source event_id category data event_type/
          num_strings = 0
@@ -702,8 +707,8 @@ module Win32
             'category' => 0,
             'data'     => 0
          }
-         # Validate the keys, and convert symbols and case to lowercase strings.
+         # Validate the keys, and convert symbols and case to lowercase strings.
          args.each{ |key, val|
             key = key.to_s.downcase
             unless valid_keys.include?(key)
@@ -711,19 +716,19 @@ module Win32
             end
             hash[key] = val
          }
          # The event_type must be specified
          unless hash['event_type']
             raise Error, 'no event_type specified'
          end
          handle = RegisterEventSource(@server, hash['source'])
          if handle == 0
             error = 'RegisterEventSource() failed: ' + get_last_error
             raise Error, error
          end
          if hash['data'].is_a?(String)
             data = hash['data'] << 0.chr
             data = [data].pack('p*')
@@ -732,7 +737,7 @@ module Win32
             data = 0
             num_strings = 0
          end
          bool = ReportEvent(
             handle,
             hash['event_type'],
@@ -744,29 +749,29 @@ module Win32
             data,
             0
          )
          unless bool
             error = 'ReportEvent() failed: ' + get_last_error
             raise Error, error
          end
          self
       end
       alias :write :report_event
       private
       # A private method that reads the last event log record.
-      #
+      #
       def read_last_event(handle=@handle, source=@source, server=@server)
          buf    = 0.chr * BUFFER_SIZE # 64k buffer
          read   = [0].pack('L')
          needed = [0].pack('L')
          lkey   = HKEY_LOCAL_MACHINE
          flags = EVENTLOG_BACKWARDS_READ | EVENTLOG_SEQUENTIAL_READ
          unless ReadEventLog(@handle, flags, 0, buf, buf.size, read, needed)
             error = GetLastError()
             if error == ERROR_INSUFFICIENT_BUFFER
@@ -786,13 +791,13 @@ module Win32
             end
             lkey = hkey.unpack('L').first
          end
          event_source  = buf[56..-1].nstrip
          computer      = buf[56 + event_source.length + 1..-1].nstrip
          event_type    = get_event_type(buf[24,2].unpack('S')[0])
          user          = get_user(buf)
          strings, desc = get_description(buf, event_source, lkey)
          struct = EventLogStruct.new
          struct.source         = event_source
          struct.computer       = computer
@@ -805,16 +810,16 @@ module Win32
          struct.category       = buf[28,2].unpack('S')[0]
          struct.string_inserts = strings
          struct.description 	 = desc
          struct.freeze # This is read-only information
          struct
       end
       # Private method that retrieves the user name based on data in the
       # EVENTLOGRECORD buffer.
-      #
-      def get_user(buf)
+      #
+      def get_user(buf)
          return nil if buf[40,4].unpack('L')[0] <= 0 # UserSidLength
          name        = 0.chr * MAX_SIZE
@@ -822,9 +827,9 @@ module Win32
          domain      = 0.chr * MAX_SIZE
          domain_size = [domain.size].pack('L')
          snu         = 0.chr * 4
          offset = buf[44,4].unpack('L')[0] # UserSidOffset
          val = LookupAccountSid(
             @server,
             [buf].pack('P').unpack('L')[0] + offset,
@@ -834,14 +839,14 @@ module Win32
             domain_size,
             snu
          )
          # Return nil if the lookup failed
          return val ? name.nstrip : nil
       end
       # Private method that converts a numeric event type into a human
       # readable string.
-      #
+      #
       def get_event_type(event)
          case event
             when EVENTLOG_ERROR_TYPE
@@ -858,11 +863,11 @@ module Win32
                nil
          end
       end
       # Private method that gets the string inserts (Array) and the full
       # event description (String) based on data from the EVENTLOGRECORD
       # buffer.
-      #
+      #
       def get_description(rec, event_source, lkey)
          str     = rec[rec[36,4].unpack('L')[0] .. -1]
          num     = rec[26,2].unpack('S')[0] # NumStrings
@@ -892,7 +897,7 @@ module Win32
                   hkey2 = [0].pack('L')
                   key   = "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\"
                   key   << "WINEVT\\Publishers\\#{guid}"
                   if RegOpenKeyEx(lkey, key, 0, KEY_READ|0x100, hkey2) == 0
                      hkey2  = hkey2.unpack('L')[0]
                      value = 'ParameterMessageFile'
@@ -905,7 +910,7 @@ module Win32
                         ExpandEnvironmentStrings(file, exe, exe.size)
                         param_exe = exe.nstrip
                      end
                      value = 'MessageFileName'
                      file  = 0.chr * MAX_SIZE
                      size  = [file.length].pack('L')
@@ -916,7 +921,7 @@ module Win32
                         ExpandEnvironmentStrings(file, exe, exe.size)
                         message_exe = exe.nstrip
                      end
                      RegCloseKey(hkey2)
                   end
                else
@@ -940,9 +945,9 @@ module Win32
                      exe  = 0.chr * MAX_SIZE
                      ExpandEnvironmentStrings(file, exe, exe.size)
                      message_exe = exe.nstrip
-                   end
-                end
+                  end
+               end
                 RegCloseKey(hkey)
             elsif defined? EvtOpenPublisherMetadata # Vista or later
                pubMetadata = EvtOpenPublisherMetadata(
@@ -952,11 +957,11 @@ module Win32
                   1024, # Default LCID
                   0
                )
                if pubMetadata > 0
                   buf2 = 0.chr * 8192
                   val  = 0.chr*4
                   EvtGetPublisherMetadataProperty(
                      pubMetadata,
                      2, # EvtPublisherMetadataParameterFilePath
@@ -965,7 +970,7 @@ module Win32
                      buf2,
                      val
                   )
                   file = wide_to_multi(buf2[16..-1])
                   exe  = 0.chr * MAX_SIZE
                   ExpandEnvironmentStrings(file, exe, exe.size)
@@ -973,7 +978,7 @@ module Win32
                   buf2 = 0.chr * 8192
                   val = 0.chr*4
                   EvtGetPublisherMetadataProperty(
                      pubMetadata,
                      3, # EvtPublisherMetadataMessageFilePath
@@ -982,7 +987,7 @@ module Win32
                      buf2,
                      val
                   )
                   file = wide_to_multi(buf2[16..-1])
                   exe  = 0.chr * MAX_SIZE
                   ExpandEnvironmentStrings(file, exe, exe.size)
@@ -1015,7 +1020,7 @@ module Win32
                               buf.size,
                               v
                            )
                            if res == 0
                               event_id = 0xB0000000 | event_id
                               res = FormatMessage(
@@ -1052,7 +1057,7 @@ module Win32
                   )
                   event_id = rec[20,4].unpack('L')[0]
                   if hmodule != 0
                      res = FormatMessage(
                         FORMAT_MESSAGE_FROM_HMODULE |
@@ -1064,10 +1069,10 @@ module Win32
                         buf.size,
                         nil
                      )
                      if res == 0
                         event_id = 0xB0000000 | event_id
                         res = FormatMessage(
                            FORMAT_MESSAGE_FROM_HMODULE |
                            FORMAT_MESSAGE_IGNORE_INSERTS,
@@ -1079,7 +1084,7 @@ module Win32
                            nil
                         )
                      end
                      FreeLibrary(hmodule)
                      break if buf.nstrip != "" # All messages read
                   end
@@ -1098,7 +1103,7 @@ module Win32
                      [x + 0.chr].pack('P').unpack('L')[0]
                   }.pack('L*')
                end
                message_exe.split(';').each{ |file|
                   hmodule = LoadLibraryEx(
                      file,
@@ -1119,10 +1124,10 @@ module Win32
                         buf.size,
                         va_list_ptr
                      )
                      if res == 0
                         event_id = 0xB0000000 | event_id
                         res = FormatMessage(
                            FORMAT_MESSAGE_FROM_HMODULE |
                            FORMAT_MESSAGE_ARGUMENT_ARRAY,
@@ -1147,6 +1152,6 @@ module Win32
         end
         [va_list0, buf.nstrip]
-     end
+     end
    end
 end