RubyGems - winevt_c - Versions diffs - 0.7.0 → 0.7.1 - Mend

winevt_c 0.7.0 → 0.7.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml +4 -4
data/example/enumerate_channels.rb +13 -0
data/ext/winevt/winevt_c.h +1 -0
data/ext/winevt/winevt_channel.c +135 -1
data/lib/winevt/version.rb +1 -1
metadata +3 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a1e26f9f7aef69fdf599f08c4c309fd1a60e00178d0a4db7a24b76cde7376254
-  data.tar.gz: 20e705a60f389912acd1594eecd0ea1a79230de00e887b0033016ccf72d8383f
+  metadata.gz: 4aea52298871b70f5fa9f0c01227cd4afb79a188b75e4870a680ed435b7d19fe
+  data.tar.gz: 26ac8f251f2dd6cf077f7481066d1305e023986438a0fbd50fe9fec9dd97c266
 SHA512:
-  metadata.gz: ec1d0dfbf4c1ec66619a709e012c76ab5487944f1c2970520b09ed46d9f3689d8ab5dcfc4499e34aeb2cde111f571e652cbf6bf337c20c5b7d5d836ef602d4ab
-  data.tar.gz: '01842dfd20afb70a08a928baf7d38c1c3c3df79a7ffd9303275d25623520b1f3e81adfcfcd43a730e8e36cb6931933c48871bd72bb3a21b9bbc33bde91bda366'
+  metadata.gz: 6e6683d23e26dfa60e4a4e31bb03a434f2e01025c1072de8930d8ca98b7090dd4128711540c65ba35b5d53ca142251bc5eb3881ad1df1af3679c5d84faa2b1f7
+  data.tar.gz: b83a9f1f27428c75f9735297fa19abae507240956a587df4b38c9f0b983f4f1ed82dc4c30ccd64fe4cb12ad7b8ae7b6a70bb89c50bd3e280a568c9eda768d7a2

data/example/enumerate_channels.rb ADDED Viewed

@@ -0,0 +1,13 @@
+require 'winevt'
+@channels = Winevt::EventLog::Channel.new
+@channels.force_enumerate = false
+result = []
+@channels.each do |channel|
+  result << channel
+end
+puts "length of channels: #{result.length}"
+result.each do |r|
+  puts r
+end

data/ext/winevt/winevt_c.h CHANGED Viewed

@@ -47,6 +47,7 @@ VALUE rb_eWinevtQueryError;
 struct WinevtChannel
 {
   EVT_HANDLE channels;
+  BOOL force_enumerate;
 };
 struct WinevtBookmark

data/ext/winevt/winevt_channel.c CHANGED Viewed

@@ -9,12 +9,16 @@
  *  require 'winevt'
  *  channels = []
  *  @channel = Winevt::EventLog::Channel.new
+ *  # If users want to retrive all channel name, it should be set as true.
+ *  @channel.force_enumerate = false
  *  @channel.each do |channel|
  *    channels << channel
  *  end
  *  print channels
  */
+DWORD is_subscribable_channel_p(EVT_HANDLE hChannel, BOOL force_enumerate);
+DWORD check_subscribable_with_channel_config_type(int Id, PEVT_VARIANT pProperty, BOOL force_enumerate);
 static void channel_free(void* ptr);
 static const rb_data_type_t rb_winevt_channel_type = { "winevt/channel",
@@ -54,11 +58,121 @@ rb_winevt_channel_alloc(VALUE klass)
  *
  */
 static VALUE
-rb_winevt_channel_initialize(VALUE klass)
+rb_winevt_channel_initialize(VALUE self)
 {
+  struct WinevtChannel* winevtChannel;
+  TypedData_Get_Struct(
+    self, struct WinevtChannel, &rb_winevt_channel_type, winevtChannel);
+  winevtChannel->force_enumerate = FALSE;
   return Qnil;
 }
+/*
+ * This method specifies whether forcing to enumerate channel which
+ * type is Debug and Analytical or not.
+ *
+ * @param rb_force_enumerate_p [Boolean]
+ * @since 0.7.1
+ */
+static VALUE
+rb_winevt_channel_set_force_enumerate(VALUE self, VALUE rb_force_enumerate_p)
+{
+  struct WinevtChannel* winevtChannel;
+  TypedData_Get_Struct(
+    self, struct WinevtChannel, &rb_winevt_channel_type, winevtChannel);
+  winevtChannel->force_enumerate = RTEST(rb_force_enumerate_p);
+  return Qnil;
+}
+/*
+ * This method returns whether forcing to enumerate channel which type
+ * is Debug and Analytical or not.
+ *
+ * @return [Boolean]
+ * @since 0.7.1
+ */
+static VALUE
+rb_winevt_channel_get_force_enumerate(VALUE self)
+{
+  struct WinevtChannel* winevtChannel;
+  TypedData_Get_Struct(
+    self, struct WinevtChannel, &rb_winevt_channel_type, winevtChannel);
+  return winevtChannel->force_enumerate ? Qtrue : Qfalse;
+}
+DWORD is_subscribable_channel_p(EVT_HANDLE hChannel, BOOL force_enumerate)
+{
+  PEVT_VARIANT pProperty = NULL;
+  PEVT_VARIANT pTemp = NULL;
+  DWORD dwBufferSize = 0;
+  DWORD dwBufferUsed = 0;
+  DWORD status = ERROR_SUCCESS;
+  for (int Id = 0; Id < EvtChannelConfigPropertyIdEND; Id++) {
+    if  (!EvtGetChannelConfigProperty(hChannel, (EVT_CHANNEL_CONFIG_PROPERTY_ID)Id, 0, dwBufferSize, pProperty, &dwBufferUsed)) {
+      status = GetLastError();
+      if (ERROR_INSUFFICIENT_BUFFER == status) {
+        dwBufferSize = dwBufferUsed;
+        pTemp = (PEVT_VARIANT)realloc(pProperty, dwBufferSize);
+        if (pTemp) {
+          pProperty = pTemp;
+          pTemp = NULL;
+          EvtGetChannelConfigProperty(hChannel, (EVT_CHANNEL_CONFIG_PROPERTY_ID)Id, 0, dwBufferSize, pProperty, &dwBufferUsed);
+        } else {
+          free(pProperty);
+          status = ERROR_OUTOFMEMORY;
+          rb_raise(rb_eRuntimeError, "realloc failed with %ld\n", status);
+        }
+      }
+      if (ERROR_SUCCESS != (status = GetLastError())) {
+        free(pProperty);
+        rb_raise(rb_eRuntimeError, "EvtGetChannelConfigProperty failed with %ld\n", GetLastError());
+      }
+    }
+    status = check_subscribable_with_channel_config_type(Id, pProperty, force_enumerate);
+    if (status != ERROR_SUCCESS)
+      break;
+  }
+  free(pProperty);
+  return status;
+}
+#define EVENT_DEBUG_TYPE 2
+#define EVENT_ANALYTICAL_TYPE 3
+DWORD check_subscribable_with_channel_config_type(int Id, PEVT_VARIANT pProperty, BOOL force_enumerate)
+{
+  DWORD status = ERROR_SUCCESS;
+  switch(Id) {
+  case EvtChannelConfigType:
+    if (!force_enumerate &&
+        (pProperty->UInt32Val == EVENT_DEBUG_TYPE ||
+         pProperty->UInt32Val == EVENT_ANALYTICAL_TYPE)) {
+      return ERROR_INVALID_DATA;
+    }
+    break;
+  }
+  return status;
+}
+#undef EVENT_DEBUG_TYPE
+#undef EVENT_ANALYTICAL_TYPE
 /*
  * Enumerate Windows EventLog channels
  *
@@ -69,6 +183,7 @@ static VALUE
 rb_winevt_channel_each(VALUE self)
 {
   EVT_HANDLE hChannels;
+  EVT_HANDLE hChannelConfig = NULL;
   struct WinevtChannel* winevtChannel;
   char errBuf[256];
   LPWSTR buffer = NULL;
@@ -124,6 +239,23 @@ rb_winevt_channel_each(VALUE self)
         rb_raise(rb_eRuntimeError, errBuf);
       }
     }
+    hChannelConfig = EvtOpenChannelConfig(NULL, buffer, 0);
+    if (NULL == hChannelConfig) {
+      _snprintf_s(errBuf,
+                  _countof(errBuf),
+                  _TRUNCATE,
+                  "EvtOpenChannelConfig failed with %lu.\n",
+                  GetLastError());
+      free(buffer);
+      buffer = NULL;
+      bufferSize = 0;
+      rb_raise(rb_eRuntimeError, errBuf);
+    }
+    status = is_subscribable_channel_p(hChannelConfig, winevtChannel->force_enumerate);
+    if (status != ERROR_SUCCESS)
+      continue;
     utf8str = wstr_to_rb_str(CP_UTF8, buffer, -1);
@@ -151,4 +283,6 @@ Init_winevt_channel(VALUE rb_cEventLog)
   rb_define_alloc_func(rb_cChannel, rb_winevt_channel_alloc);
   rb_define_method(rb_cChannel, "initialize", rb_winevt_channel_initialize, 0);
   rb_define_method(rb_cChannel, "each", rb_winevt_channel_each, 0);
+  rb_define_method(rb_cChannel, "force_enumerate", rb_winevt_channel_get_force_enumerate, 0);
+  rb_define_method(rb_cChannel, "force_enumerate=", rb_winevt_channel_set_force_enumerate, 1);
 }

data/lib/winevt/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Winevt
-  VERSION = "0.7.0"
+  VERSION = "0.7.1"
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: winevt_c
 version: !ruby/object:Gem::Version
-  version: 0.7.0
+  version: 0.7.1
 platform: ruby
 authors:
 - Hiroshi Hatake
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2020-02-14 00:00:00.000000000 Z
+date: 2020-02-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -119,6 +119,7 @@ files:
 - bin/console
 - bin/setup
 - example/bookmark.rb
+- example/enumerate_channels.rb
 - example/eventlog.rb
 - example/rate_limit.rb
 - example/tailing.rb