winevt_c 0.7.4 → 0.9.2

data/ext/winevt/winevt.c

@@ -1,26 +1,30 @@
-#include <winevt_c.h>
-
-VALUE rb_mWinevt;
-VALUE rb_cQuery;
-VALUE rb_cEventLog;
-VALUE rb_cSubscribe;
-VALUE rb_eWinevtQueryError;
-
-static ID id_call;
-
-void
-Init_winevt(void)
-{
-  rb_mWinevt = rb_define_module("Winevt");
-  rb_cEventLog = rb_define_class_under(rb_mWinevt, "EventLog", rb_cObject);
-  rb_cQuery = rb_define_class_under(rb_cEventLog, "Query", rb_cObject);
-  rb_cSubscribe = rb_define_class_under(rb_cEventLog, "Subscribe", rb_cObject);
-  rb_eWinevtQueryError = rb_define_class_under(rb_cQuery, "Error", rb_eStandardError);
-
-  Init_winevt_channel(rb_cEventLog);
-  Init_winevt_bookmark(rb_cEventLog);
-  Init_winevt_query(rb_cEventLog);
-  Init_winevt_subscribe(rb_cEventLog);
-
-  id_call = rb_intern("call");
-}
+#include <winevt_c.h>
+
+VALUE rb_mWinevt;
+VALUE rb_cQuery;
+VALUE rb_cEventLog;
+VALUE rb_cSubscribe;
+VALUE rb_eWinevtQueryError;
+VALUE rb_eRemoteHandlerError;
+
+static ID id_call;
+
+void
+Init_winevt(void)
+{
+  rb_mWinevt = rb_define_module("Winevt");
+  rb_cEventLog = rb_define_class_under(rb_mWinevt, "EventLog", rb_cObject);
+  rb_cQuery = rb_define_class_under(rb_cEventLog, "Query", rb_cObject);
+  rb_cSubscribe = rb_define_class_under(rb_cEventLog, "Subscribe", rb_cObject);
+  rb_eWinevtQueryError = rb_define_class_under(rb_cQuery, "Error", rb_eStandardError);
+  rb_eRemoteHandlerError = rb_define_class_under(rb_cSubscribe, "RemoteHandlerError", rb_eRuntimeError);
+
+  Init_winevt_channel(rb_cEventLog);
+  Init_winevt_bookmark(rb_cEventLog);
+  Init_winevt_query(rb_cEventLog);
+  Init_winevt_subscribe(rb_cEventLog);
+  Init_winevt_locale(rb_cEventLog);
+  Init_winevt_session(rb_cEventLog);
+
+  id_call = rb_intern("call");
+}

data/ext/winevt/winevt_bookmark.c

@@ -1,149 +1,149 @@
-#include <winevt_c.h>
-
-/* clang-format off */
-/*
- * Document-class: Winevt::EventLog::Bookmark
- *
- * Bookmark for querying/subscribing Windows EventLog progress.
- *
- * @example
- *  require 'winevt'
- *
- *  @query = Winevt::EventLog::Query.new("Application", "*[System[(Level <= 3) and TimeCreated[timediff(@SystemTime) <= 86400000]]]")
- *  @bookmark = Winevt::EventLog::Bookmark.new
- *  @query.each do |xml|
- *    @bookmark.update(@query)
- *  end
- *
- *  puts @bookmark.render
- */
-/* clang-format pn */
-
-VALUE rb_cBookmark;
-
-static void bookmark_free(void* ptr);
-
-static const rb_data_type_t rb_winevt_bookmark_type = { "winevt/bookmark",
-                                                        {
-                                                          0,
-                                                          bookmark_free,
-                                                          0,
-                                                        },
-                                                        NULL,
-                                                        NULL,
-                                                        RUBY_TYPED_FREE_IMMEDIATELY };
-
-static void
-bookmark_free(void* ptr)
-{
-  struct WinevtBookmark* winevtBookmark = (struct WinevtBookmark*)ptr;
-  if (winevtBookmark->bookmark)
-    EvtClose(winevtBookmark->bookmark);
-
-  xfree(ptr);
-}
-
-static VALUE
-rb_winevt_bookmark_alloc(VALUE klass)
-{
-  VALUE obj;
-  struct WinevtBookmark* winevtBookmark;
-  obj = TypedData_Make_Struct(
-    klass, struct WinevtBookmark, &rb_winevt_bookmark_type, winevtBookmark);
-  return obj;
-}
-
-/*
- * Initalize Bookmark class. Receive XML string or nil.
- *
- * @overload initailize(options={})
- *   @option options [String] XML rendered Bookmark string.
- * @return [Bookmark]
- *
- */
-static VALUE
-rb_winevt_bookmark_initialize(int argc, VALUE* argv, VALUE self)
-{
-  PWSTR bookmarkXml;
-  VALUE wbookmarkXmlBuf;
-  DWORD len;
-  struct WinevtBookmark* winevtBookmark;
-
-  TypedData_Get_Struct(
-    self, struct WinevtBookmark, &rb_winevt_bookmark_type, winevtBookmark);
-
-  if (argc == 0) {
-    winevtBookmark->bookmark = EvtCreateBookmark(NULL);
-  } else if (argc == 1) {
-    VALUE rb_bookmarkXml;
-    rb_scan_args(argc, argv, "10", &rb_bookmarkXml);
-    Check_Type(rb_bookmarkXml, T_STRING);
-
-    // bookmarkXml : To wide char
-    len = MultiByteToWideChar(
-      CP_UTF8, 0, RSTRING_PTR(rb_bookmarkXml), RSTRING_LEN(rb_bookmarkXml), NULL, 0);
-    bookmarkXml = ALLOCV_N(WCHAR, wbookmarkXmlBuf, len + 1);
-    MultiByteToWideChar(CP_UTF8,
-                        0,
-                        RSTRING_PTR(rb_bookmarkXml),
-                        RSTRING_LEN(rb_bookmarkXml),
-                        bookmarkXml,
-                        len);
-    bookmarkXml[len] = L'\0';
-    winevtBookmark->bookmark = EvtCreateBookmark(bookmarkXml);
-    ALLOCV_END(wbookmarkXmlBuf);
-  }
-
-  return Qnil;
-}
-
-/*
- * This method updates bookmark and returns Bookmark instance.
- *
- * @param event [Query]
- * @return [Bookmark]
- */
-static VALUE
-rb_winevt_bookmark_update(VALUE self, VALUE event)
-{
-  struct WinevtQuery* winevtQuery;
-  struct WinevtBookmark* winevtBookmark;
-
-  winevtQuery = EventQuery(event);
-
-  TypedData_Get_Struct(
-    self, struct WinevtBookmark, &rb_winevt_bookmark_type, winevtBookmark);
-
-  for (int i = 0; i < winevtQuery->count; i++) {
-    if (!EvtUpdateBookmark(winevtBookmark->bookmark, winevtQuery->hEvents[i]))
-      return Qfalse;
-  }
-  return Qtrue;
-}
-
-/*
- * This method renders bookmark class content.
- *
- * @return [String]
- */
-static VALUE
-rb_winevt_bookmark_render(VALUE self)
-{
-  struct WinevtBookmark* winevtBookmark;
-
-  TypedData_Get_Struct(
-    self, struct WinevtBookmark, &rb_winevt_bookmark_type, winevtBookmark);
-
-  return render_to_rb_str(winevtBookmark->bookmark, EvtRenderBookmark);
-}
-
-void
-Init_winevt_bookmark(VALUE rb_cEventLog)
-{
-  rb_cBookmark = rb_define_class_under(rb_cEventLog, "Bookmark", rb_cObject);
-
-  rb_define_alloc_func(rb_cBookmark, rb_winevt_bookmark_alloc);
-  rb_define_method(rb_cBookmark, "initialize", rb_winevt_bookmark_initialize, -1);
-  rb_define_method(rb_cBookmark, "update", rb_winevt_bookmark_update, 1);
-  rb_define_method(rb_cBookmark, "render", rb_winevt_bookmark_render, 0);
-}
+#include <winevt_c.h>
+
+/* clang-format off */
+/*
+ * Document-class: Winevt::EventLog::Bookmark
+ *
+ * Bookmark for querying/subscribing Windows EventLog progress.
+ *
+ * @example
+ *  require 'winevt'
+ *
+ *  @query = Winevt::EventLog::Query.new("Application", "*[System[(Level <= 3) and TimeCreated[timediff(@SystemTime) <= 86400000]]]")
+ *  @bookmark = Winevt::EventLog::Bookmark.new
+ *  @query.each do |xml|
+ *    @bookmark.update(@query)
+ *  end
+ *
+ *  puts @bookmark.render
+ */
+/* clang-format pn */
+
+VALUE rb_cBookmark;
+
+static void bookmark_free(void* ptr);
+
+static const rb_data_type_t rb_winevt_bookmark_type = { "winevt/bookmark",
+                                                        {
+                                                          0,
+                                                          bookmark_free,
+                                                          0,
+                                                        },
+                                                        NULL,
+                                                        NULL,
+                                                        RUBY_TYPED_FREE_IMMEDIATELY };
+
+static void
+bookmark_free(void* ptr)
+{
+  struct WinevtBookmark* winevtBookmark = (struct WinevtBookmark*)ptr;
+  if (winevtBookmark->bookmark)
+    EvtClose(winevtBookmark->bookmark);
+
+  xfree(ptr);
+}
+
+static VALUE
+rb_winevt_bookmark_alloc(VALUE klass)
+{
+  VALUE obj;
+  struct WinevtBookmark* winevtBookmark;
+  obj = TypedData_Make_Struct(
+    klass, struct WinevtBookmark, &rb_winevt_bookmark_type, winevtBookmark);
+  return obj;
+}
+
+/*
+ * Initalize Bookmark class. Receive XML string or nil.
+ *
+ * @overload initailize(options={})
+ *   @option options [String] XML rendered Bookmark string.
+ * @return [Bookmark]
+ *
+ */
+static VALUE
+rb_winevt_bookmark_initialize(int argc, VALUE* argv, VALUE self)
+{
+  PWSTR bookmarkXml;
+  VALUE wbookmarkXmlBuf;
+  DWORD len;
+  struct WinevtBookmark* winevtBookmark;
+
+  TypedData_Get_Struct(
+    self, struct WinevtBookmark, &rb_winevt_bookmark_type, winevtBookmark);
+
+  if (argc == 0) {
+    winevtBookmark->bookmark = EvtCreateBookmark(NULL);
+  } else if (argc == 1) {
+    VALUE rb_bookmarkXml;
+    rb_scan_args(argc, argv, "10", &rb_bookmarkXml);
+    Check_Type(rb_bookmarkXml, T_STRING);
+
+    // bookmarkXml : To wide char
+    len = MultiByteToWideChar(
+      CP_UTF8, 0, RSTRING_PTR(rb_bookmarkXml), RSTRING_LEN(rb_bookmarkXml), NULL, 0);
+    bookmarkXml = ALLOCV_N(WCHAR, wbookmarkXmlBuf, len + 1);
+    MultiByteToWideChar(CP_UTF8,
+                        0,
+                        RSTRING_PTR(rb_bookmarkXml),
+                        RSTRING_LEN(rb_bookmarkXml),
+                        bookmarkXml,
+                        len);
+    bookmarkXml[len] = L'\0';
+    winevtBookmark->bookmark = EvtCreateBookmark(bookmarkXml);
+    ALLOCV_END(wbookmarkXmlBuf);
+  }
+
+  return Qnil;
+}
+
+/*
+ * This method updates bookmark and returns Bookmark instance.
+ *
+ * @param event [Query]
+ * @return [Bookmark]
+ */
+static VALUE
+rb_winevt_bookmark_update(VALUE self, VALUE event)
+{
+  struct WinevtQuery* winevtQuery;
+  struct WinevtBookmark* winevtBookmark;
+
+  winevtQuery = EventQuery(event);
+
+  TypedData_Get_Struct(
+    self, struct WinevtBookmark, &rb_winevt_bookmark_type, winevtBookmark);
+
+  for (int i = 0; i < winevtQuery->count; i++) {
+    if (!EvtUpdateBookmark(winevtBookmark->bookmark, winevtQuery->hEvents[i]))
+      return Qfalse;
+  }
+  return Qtrue;
+}
+
+/*
+ * This method renders bookmark class content.
+ *
+ * @return [String]
+ */
+static VALUE
+rb_winevt_bookmark_render(VALUE self)
+{
+  struct WinevtBookmark* winevtBookmark;
+
+  TypedData_Get_Struct(
+    self, struct WinevtBookmark, &rb_winevt_bookmark_type, winevtBookmark);
+
+  return render_to_rb_str(winevtBookmark->bookmark, EvtRenderBookmark);
+}
+
+void
+Init_winevt_bookmark(VALUE rb_cEventLog)
+{
+  rb_cBookmark = rb_define_class_under(rb_cEventLog, "Bookmark", rb_cObject);
+
+  rb_define_alloc_func(rb_cBookmark, rb_winevt_bookmark_alloc);
+  rb_define_method(rb_cBookmark, "initialize", rb_winevt_bookmark_initialize, -1);
+  rb_define_method(rb_cBookmark, "update", rb_winevt_bookmark_update, 1);
+  rb_define_method(rb_cBookmark, "render", rb_winevt_bookmark_render, 0);
+}

data/ext/winevt/winevt_c.h

@@ -1,99 +1,132 @@
-#ifndef _WINEVT_C_H_
-#define _WINEVT_C_H_
-
-#include <ruby.h>
-#include <ruby/encoding.h>
-
-#ifdef __GNUC__
-#include <w32api.h>
-#define MINIMUM_WINDOWS_VERSION WindowsVista
-#else                                  /* __GNUC__ */
-#define MINIMUM_WINDOWS_VERSION 0x0600 /* Vista */
-#endif                                 /* __GNUC__ */
-
-#ifdef _WIN32_WINNT
-#undef _WIN32_WINNT
-#endif /* WIN32_WINNT */
-#define _WIN32_WINNT MINIMUM_WINDOWS_VERSION
-
-#include <time.h>
-#include <winevt.h>
-#define EventQuery(object) ((struct WinevtQuery*)DATA_PTR(object))
-#define EventBookMark(object) ((struct WinevtBookmark*)DATA_PTR(object))
-#define EventChannel(object) ((struct WinevtChannel*)DATA_PTR(object))
-
-#ifdef __cplusplus
-extern "C" {
-#endif /* __cplusplus */
-
-VALUE wstr_to_rb_str(UINT cp, const WCHAR* wstr, int clen);
-#if defined(__cplusplus)
-[[ noreturn ]]
-#endif /* __cplusplus */
-void  raise_system_error(VALUE error, DWORD errorCode);
-VALUE render_to_rb_str(EVT_HANDLE handle, DWORD flags);
-WCHAR* get_description(EVT_HANDLE handle);
-VALUE get_values(EVT_HANDLE handle);
-VALUE render_system_event(EVT_HANDLE handle, BOOL preserve_qualifiers);
-
-#ifdef __cplusplus
-}
-#endif /* __cplusplus */
-
-extern VALUE rb_cQuery;
-extern VALUE rb_cFlag;
-extern VALUE rb_cChannel;
-extern VALUE rb_cBookmark;
-extern VALUE rb_cSubscribe;
-extern VALUE rb_eWinevtQueryError;
-
-struct WinevtChannel
-{
-  EVT_HANDLE channels;
-  BOOL force_enumerate;
-};
-
-struct WinevtBookmark
-{
-  EVT_HANDLE bookmark;
-  ULONG count;
-};
-
-#define QUERY_ARRAY_SIZE 10
-
-struct WinevtQuery
-{
-  EVT_HANDLE query;
-  EVT_HANDLE hEvents[QUERY_ARRAY_SIZE];
-  ULONG count;
-  LONG offset;
-  LONG timeout;
-  BOOL renderAsXML;
-  BOOL preserveQualifiers;
-};
-
-#define SUBSCRIBE_ARRAY_SIZE 10
-#define SUBSCRIBE_RATE_INFINITE -1
-
-struct WinevtSubscribe
-{
-  HANDLE signalEvent;
-  EVT_HANDLE subscription;
-  EVT_HANDLE bookmark;
-  EVT_HANDLE hEvents[SUBSCRIBE_ARRAY_SIZE];
-  DWORD count;
-  DWORD flags;
-  BOOL readExistingEvents;
-  DWORD rateLimit;
-  time_t lastTime;
-  DWORD currentRate;
-  BOOL renderAsXML;
-  BOOL preserveQualifiers;
-};
-
-void Init_winevt_query(VALUE rb_cEventLog);
-void Init_winevt_channel(VALUE rb_cEventLog);
-void Init_winevt_bookmark(VALUE rb_cEventLog);
-void Init_winevt_subscribe(VALUE rb_cEventLog);
-
-#endif // _WINEVT_C_H
+#ifndef _WINEVT_C_H_
+#define _WINEVT_C_H_
+
+#include <ruby.h>
+#include <ruby/encoding.h>
+
+#ifdef __GNUC__
+#include <w32api.h>
+#define MINIMUM_WINDOWS_VERSION WindowsVista
+#else                                  /* __GNUC__ */
+#define MINIMUM_WINDOWS_VERSION 0x0600 /* Vista */
+#endif                                 /* __GNUC__ */
+
+#ifdef _WIN32_WINNT
+#undef _WIN32_WINNT
+#endif /* WIN32_WINNT */
+#define _WIN32_WINNT MINIMUM_WINDOWS_VERSION
+
+#include <time.h>
+#include <winevt.h>
+#define EventQuery(object) ((struct WinevtQuery*)DATA_PTR(object))
+#define EventBookMark(object) ((struct WinevtBookmark*)DATA_PTR(object))
+#define EventChannel(object) ((struct WinevtChannel*)DATA_PTR(object))
+#define EventSession(object) ((struct WinevtSession*)DATA_PTR(object))
+
+typedef struct {
+  LANGID langID;
+  CHAR* langCode;
+  CHAR* description;
+} LocaleInfo;
+
+#ifdef __cplusplus
+extern "C" {
+#endif /* __cplusplus */
+
+VALUE wstr_to_rb_str(UINT cp, const WCHAR* wstr, int clen);
+#if defined(__cplusplus)
+[[ noreturn ]]
+#endif /* __cplusplus */
+void  raise_system_error(VALUE error, DWORD errorCode);
+VALUE render_to_rb_str(EVT_HANDLE handle, DWORD flags);
+EVT_HANDLE connect_to_remote(LPWSTR computerName, LPWSTR domain,
+                             LPWSTR username, LPWSTR password,
+                             EVT_RPC_LOGIN_FLAGS flags);
+WCHAR* get_description(EVT_HANDLE handle, LANGID langID, EVT_HANDLE hRemote);
+VALUE get_values(EVT_HANDLE handle);
+VALUE render_system_event(EVT_HANDLE handle, BOOL preserve_qualifiers);
+LocaleInfo* get_locale_info_from_rb_str(VALUE rb_locale_str);
+
+#ifdef __cplusplus
+}
+#endif /* __cplusplus */
+
+extern VALUE rb_cQuery;
+extern VALUE rb_cFlag;
+extern VALUE rb_cChannel;
+extern VALUE rb_cBookmark;
+extern VALUE rb_cSubscribe;
+extern VALUE rb_eWinevtQueryError;
+extern VALUE rb_eRemoteHandlerError;
+extern VALUE rb_cLocale;
+extern VALUE rb_cSession;
+
+struct WinevtSession {
+  LPWSTR server;
+  LPWSTR domain;
+  LPWSTR username;
+  LPWSTR password;
+  EVT_RPC_LOGIN_FLAGS flags;
+};
+
+extern LocaleInfo localeInfoTable[];
+extern LocaleInfo default_locale;
+
+struct WinevtLocale {};
+
+struct WinevtChannel
+{
+  EVT_HANDLE channels;
+  BOOL force_enumerate;
+};
+
+struct WinevtBookmark
+{
+  EVT_HANDLE bookmark;
+  ULONG count;
+};
+
+#define QUERY_ARRAY_SIZE 10
+
+struct WinevtQuery
+{
+  EVT_HANDLE query;
+  EVT_HANDLE hEvents[QUERY_ARRAY_SIZE];
+  ULONG count;
+  LONG offset;
+  LONG timeout;
+  BOOL renderAsXML;
+  BOOL preserveQualifiers;
+  LocaleInfo *localeInfo;
+  EVT_HANDLE remoteHandle;
+};
+
+#define SUBSCRIBE_ARRAY_SIZE 10
+#define SUBSCRIBE_RATE_INFINITE -1
+
+struct WinevtSubscribe
+{
+  HANDLE signalEvent;
+  EVT_HANDLE subscription;
+  EVT_HANDLE bookmark;
+  EVT_HANDLE hEvents[SUBSCRIBE_ARRAY_SIZE];
+  DWORD count;
+  DWORD flags;
+  BOOL readExistingEvents;
+  DWORD rateLimit;
+  time_t lastTime;
+  DWORD currentRate;
+  BOOL renderAsXML;
+  BOOL preserveQualifiers;
+  LocaleInfo* localeInfo;
+  EVT_HANDLE remoteHandle;
+};
+
+void Init_winevt_query(VALUE rb_cEventLog);
+void Init_winevt_channel(VALUE rb_cEventLog);
+void Init_winevt_bookmark(VALUE rb_cEventLog);
+void Init_winevt_subscribe(VALUE rb_cEventLog);
+void Init_winevt_locale(VALUE rb_cEventLog);
+void Init_winevt_session(VALUE rb_cEventLog);
+
+#endif // _WINEVT_C_H