subscribe: Interpret signal events

From this pull type of subscription, we need to add the following actions: 1. Create an EventObject for handling signal events 2. Reset signal when ERROR_NO_MORE_ITEMS from EvtNext This should ensure the windows eventlog collection correctly. Also, we shouldn't specify the INFINITE waiting on WaitForSingleObject because this function is inside of enumerator. So, it causes infinite blocking for this case. ref: https://learn.microsoft.com/en-us/windows/win32/wes/subscribing-to-events#pull-subscriptions Signed-off-by: Hiroshi Hatake <[email protected]>
fluent-plugins-nursery · Mar 1, 2024 · d8299fb · d8299fb
1 parent 43148f3
commit d8299fb
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/ext/winevt/winevt_subscribe.c b/ext/winevt/winevt_subscribe.c
@@ -64,8 +64,6 @@ close_handles(struct WinevtSubscribe* winevtSubscribe)
   }
   winevtSubscribe->count = 0;
 
-  ResetEvent(winevtSubscribe->signalEvent);
-
   if (winevtSubscribe->remoteHandle) {
     EvtClose(winevtSubscribe->remoteHandle);
     winevtSubscribe->remoteHandle = NULL;
@@ -359,7 +357,7 @@ rb_winevt_subscribe_next(VALUE self)
     return Qfalse;
   }
 
-  dwWait = WaitForSingleObject(winevtSubscribe->signalEvent, INFINITE);
+  dwWait = WaitForSingleObject(winevtSubscribe->signalEvent, 0);
   if (dwWait == WAIT_FAILED) {
     raise_system_error(rb_eSubscribeHandlerError, GetLastError());
   } else if (dwWait != WAIT_OBJECT_0) {
@@ -379,6 +377,8 @@ rb_winevt_subscribe_next(VALUE self)
     if (ERROR_NO_MORE_ITEMS != status) {
       return Qfalse;
     }
+
+    ResetEvent(winevtSubscribe->signalEvent);
   }
 
   if (status == ERROR_SUCCESS) {