archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Tree: daad8a087a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'daad8a087a'
${ noResults }
windows-xp/Source/XPSP1/NT/base/cluster/service/api/apiinit.c

814 lines
21 KiB
Raw Normal View History

Add source files
4 years ago
  1. /*++
  3. Copyright (c) 1996 Microsoft Corporation
  5. Module Name:
  7. apiinit.c
  9. Abstract:
  11. Initialization for Cluster API component (CLUSAPI) of the
  12. NT Cluster Service
  14. Author:
  16. John Vert (jvert) 7-Feb-1996
  18. Revision History:
  20. --*/
  21. #include "apip.h"
  22. #include "aclapi.h"
  23. #include "stdio.h"
  24. #include <psapi.h>
  27. extern LPWSTR g_pszServicesPath;
  28. extern DWORD g_dwServicesPid;
  30. API_INIT_STATE ApiState=ApiStateUninitialized;
  32. const DWORD NO_USER_SID = 0;
  33. const DWORD USER_SID_GRANTED = 1;
  34. const DWORD USER_SID_DENIED = 2;
  36. //forward declarations
  37. DWORD
  38. ApipGetLocalCallerInfo(
  39. IN handle_t hIDL,
  40. IN OUT OPTIONAL LPDWORD pdwCheckPid,
  41. IN OPTIONAL LPCWSTR pszModuleName,
  42. OUT BOOL *pbLocal,
  43. OUT OPTIONAL BOOL *pbMatchedPid,
  44. OUT OPTIONAL BOOL *pbMatchedModule,
  45. OUT OPTIONAL BOOL *pbLocalSystemAccount
  46. );
  49. RPC_STATUS
  50. ApipConnectCallback(
  51. IN RPC_IF_ID * Interface,
  52. IN void * Context
  53. )
  54. /*++
  56. Routine Description:
  58. RPC callback for authenticating connecting clients of CLUSAPI
  60. Arguments:
  62. Interface - Supplies the UUID and version of the interface.
  64. Context - Supplies a server binding handle representing the client
  66. Return Value:
  68. RPC_S_OK if the user is granted permission.
  69. RPC_S_ACCESS_DENIED if the user is denied permission.
  71. Win32 error code otherwise
  73. --*/
  75. {
  76. PSECURITY_DESCRIPTOR pSD = NULL;
  77. DWORD BufferSize=0;
  78. DWORD Size=0;
  79. DWORD Status;
  80. HANDLE ClientToken = NULL;
  81. PRIVILEGE_SET psPrivileges;
  82. DWORD PrivSize = sizeof(psPrivileges);
  83. DWORD GrantedAccess;
  84. DWORD AccessStatus;
  85. DWORD dwMask = CLUSAPI_ALL_ACCESS;
  86. GENERIC_MAPPING gmMap;
  87. DWORD dwStatus = 0;
  88. BOOL bReturn = FALSE;
  89. BOOL bACRtn = FALSE;
  90. DWORD dwUserPermStatus;
  91. RPC_STATUS RpcStatus;
  92. BOOL bRevertToSelfRequired = FALSE;
  93. BOOL bLocal, bMatchedPid, bMatchedModule, bLocalSystemAccount;
  96. //check if services is calling the cluster service for
  97. //services calls the interface only for eventlog propagation
  98. //if so, avoid the security checks
  99. // Get the process id
  100. Status = ApipGetLocalCallerInfo(Context,
  101. &g_dwServicesPid,
  102. g_dwServicesPid ? NULL : g_pszServicesPath, //perform the module name match the first time
  103. &bLocal,
  104. &bMatchedPid,
  105. &bMatchedModule,
  106. g_dwServicesPid ? &bLocalSystemAccount : NULL);//perform the local system account check if it is the first time
  107. if (Status != ERROR_SUCCESS)
  108. {
  109. ClRtlLogPrint(LOG_NOISE, "[API] ApipGetLocalCallerInfo failed with %1!u!.\n",
  110. Status);
  111. return RPC_S_ACCESS_DENIED;
  112. }
  113. if (Status == ERROR_SUCCESS)
  114. {
  115. //if the caller is local and if it matches the pid or if it matches
  116. //the module and is in local system account, allow access
  117. if ((bLocal) &&
  118. (bMatchedPid || (bMatchedModule && bLocalSystemAccount)))
  119. {
  120. return(RPC_S_OK);
  121. }
  122. }
  125. //
  126. // The authentication we do here is to retrieve the Security value
  127. // from the cluster registry, impersonate the client, and call
  128. // AccessCheck.
  129. //
  131. Status = DmQueryString(DmClusterParametersKey,
  132. CLUSREG_NAME_CLUS_SD,
  133. REG_BINARY,
  134. (LPWSTR *) &pSD,
  135. &BufferSize,
  136. &Size);
  138. if (Status != ERROR_SUCCESS) {
  140. PSECURITY_DESCRIPTOR psd4;
  142. ClRtlLogPrint(LOG_NOISE, "[API] Did not find Security Descriptor key in the cluster DB.\n");
  143. Status = DmQueryString(DmClusterParametersKey,
  144. CLUSREG_NAME_CLUS_SECURITY,
  145. REG_BINARY,
  146. (LPWSTR *) &psd4,
  147. &BufferSize,
  148. &Size);
  150. if (Status == ERROR_SUCCESS) {
  151. pSD = ClRtlConvertClusterSDToNT5Format(psd4);
  152. LocalFree(psd4);
  153. }
  154. else {
  156. DWORD dwSDLen;
  158. ClRtlLogPrint(LOG_NOISE, "[API] Did not find Security key in the cluster DB.\n");
  159. Status = ClRtlBuildDefaultClusterSD(NULL, &pSD, &dwSDLen);
  160. if (SUCCEEDED(Status)) {
  161. ClRtlLogPrint(LOG_NOISE, "[API] Successfully built default cluster SD.\n");
  162. }
  163. else {
  164. ClRtlLogPrint(LOG_NOISE,
  165. "[API] Did not successfully build default cluster SD. Error = 0x%1!.8x!\n",
  166. Status);
  167. Status = RPC_S_ACCESS_DENIED;
  168. goto FnExit;
  169. }
  170. }
  171. }
  173. if (!IsValidSecurityDescriptor(pSD)) {
  174. ClRtlLogPrint(LOG_ERROR, "[API] SD is not valid!\n");
  175. ClRtlExamineSD(pSD, "[API]");
  176. Status = RPC_S_ACCESS_DENIED;
  177. goto FnExit;
  178. }
  180. RpcStatus = RpcImpersonateClient(Context);
  181. if (RpcStatus != RPC_S_OK) {
  182. Status = RpcStatus;
  183. ClRtlLogPrint(LOG_NOISE, "[API] RpcImpersonateClient() failed. Status = 0x%1!.8x!\n", Status);
  184. goto FnExit;
  185. }
  187. bRevertToSelfRequired = TRUE;
  189. if (!OpenThreadToken(GetCurrentThread(), TOKEN_READ, TRUE, &ClientToken)) {
  190. Status = GetLastError();
  191. ClRtlLogPrint(LOG_NOISE, "[API] OpenThreadToken() failed. Status = 0x%1!.8x!\n", Status);
  192. goto FnExit;
  193. }
  195. gmMap.GenericRead = CLUSAPI_READ_ACCESS;
  196. gmMap.GenericWrite = CLUSAPI_CHANGE_ACCESS;
  197. gmMap.GenericExecute = CLUSAPI_READ_ACCESS | CLUSAPI_CHANGE_ACCESS;
  198. gmMap.GenericAll = CLUSAPI_ALL_ACCESS;
  200. MapGenericMask(&dwMask, &gmMap);
  202. bACRtn = AccessCheck(pSD, ClientToken, dwMask, &gmMap, &psPrivileges, &PrivSize, &dwStatus, &bReturn);
  203. if (bACRtn && bReturn) {
  204. Status = RPC_S_OK;
  205. } else {
  207. DWORD dwSDLen;
  209. ClRtlLogPrint(LOG_NOISE,
  210. "[API] User denied access. GetLastError() = 0x%1!.8x!; dwStatus = 0x%2!.8x!. Trying the default SD...\n",
  211. GetLastError(),
  212. dwStatus);
  213. Status = RPC_S_ACCESS_DENIED;
  215. ClRtlLogPrint(LOG_NOISE, "[API] Dump access mask.\n");
  216. ClRtlExamineMask(dwMask, "[API]");
  218. ClRtlLogPrint(LOG_NOISE, "[API] Dump the SD that failed...\n" );
  219. ClRtlExamineSD(pSD, "[API]");
  221. ClRtlLogPrint(LOG_NOISE, "[API] Dump the ClientToken that failed...\n" );
  222. ClRtlExamineClientToken(ClientToken, "[API]");
  224. if (pSD) {
  225. LocalFree(pSD);
  226. pSD = NULL;
  227. }
  229. Status = ClRtlBuildDefaultClusterSD(NULL, &pSD, &dwSDLen);
  230. if (SUCCEEDED(Status)) {
  231. ClRtlLogPrint(LOG_NOISE, "[API] Successfully built default cluster SD.\n");
  232. bACRtn = AccessCheck(pSD, ClientToken, dwMask, &gmMap, &psPrivileges, &PrivSize, &dwStatus, &bReturn);
  233. if (bACRtn && bReturn) {
  234. ClRtlLogPrint(LOG_NOISE, "[API] User granted access using default cluster SD.\n");
  235. Status = RPC_S_OK;
  236. } else {
  237. ClRtlLogPrint(LOG_NOISE,
  238. "[API] User denied access using default cluster SD. GetLastError() = 0x%1!.8x!; dwStatus = 0x%2!.8x!.\n",
  239. GetLastError(),
  240. dwStatus);
  241. Status = RPC_S_ACCESS_DENIED;
  242. }
  243. }
  244. else {
  245. ClRtlLogPrint(LOG_NOISE,
  246. "[API] Did not successfully build default cluster SD. Error = 0x%1!.8x!\n",
  247. Status);
  248. Status = RPC_S_ACCESS_DENIED;
  249. }
  250. }
  252. FnExit:
  253. if (bRevertToSelfRequired) {
  254. RpcRevertToSelf();
  255. }
  257. if (ClientToken) {
  258. CloseHandle(ClientToken);
  259. }
  261. if (pSD) {
  262. LocalFree(pSD);
  263. }
  265. return(Status);
  266. }
  269. DWORD
  270. ApiInitialize(
  271. VOID
  272. )
  273. /*++
  275. Routine Description:
  277. Performs one-time initialization of the API data structures.
  279. Arguments:
  281. None.
  283. Return Value:
  285. ERROR_SUCCESS if successful
  287. Win32 error code otherwise.
  289. --*/
  291. {
  292. ClRtlLogPrint(LOG_NOISE, "[API] Initializing\n");
  294. CL_ASSERT(ApiState == ApiStateUninitialized);
  296. //
  297. // Initialize global data.
  298. //
  299. InitializeListHead(&NotifyListHead);
  300. InitializeCriticalSection(&NotifyListLock);
  302. ApiState = ApiStateOffline;
  304. return(ERROR_SUCCESS);
  305. }
  308. DWORD
  309. ApiOnlineReadOnly(
  310. VOID
  311. )
  312. /*++
  314. Routine Description:
  316. Brings up a limited set of APIs - currently OpenResource/read-only
  317. registry APIs. Only LPC connections are enabled.
  319. Arguments:
  321. None.
  323. Return Value:
  325. ERROR_SUCCESS if successful
  327. Win32 error code otherwise.
  329. --*/
  331. {
  332. DWORD Status;
  335. if (ApiState == ApiStateOffline) {
  336. ClRtlLogPrint(LOG_NOISE, "[API] Online read only\n");
  338. //
  339. // Register the clusapi RPC server interface so resources can use
  340. // the API when they are created by the FM. Note that we won't receive
  341. // any calls from remote clients yet because we haven't registered
  342. // the dynamic UDP endpoint. That will happnen in ApiOnline().
  343. //
  344. Status = RpcServerRegisterIfEx(s_clusapi_v2_0_s_ifspec,
  345. NULL,
  346. NULL,
  347. 0,
  348. RPC_C_PROTSEQ_MAX_REQS_DEFAULT,
  349. CsUseAuthenticatedRPC ? ApipConnectCallback : NULL
  350. );
  352. if (Status != RPC_S_OK) {
  353. ClRtlLogPrint(LOG_UNUSUAL,
  354. "[API] Failed to register clusapi RPC interface, status %1!u!.\n",
  355. Status
  356. );
  357. return(Status);
  358. }
  360. ApiState = ApiStateReadOnly;
  361. }
  362. else {
  363. //CL_ASSERT(ApiState == ApiStateOffline);
  364. }
  366. return(ERROR_SUCCESS);
  367. }
  370. DWORD
  371. ApiOnline(
  372. VOID
  373. )
  374. /*++
  376. Routine Description:
  378. Enables the rest of the API set and starts listening for remote
  379. connections.
  381. Arguments:
  383. None
  385. Return Value:
  387. ERROR_SUCCESS if successful.
  389. Win32 error code otherwise.
  391. --*/
  393. {
  394. DWORD Status;
  397. ClRtlLogPrint(LOG_NOISE, "[API] Online\n");
  399. if (ApiState == ApiStateReadOnly) {
  400. //
  401. // Register for all events
  402. //
  403. Status = EpRegisterEventHandler(CLUSTER_EVENT_ALL,ApipEventHandler);
  404. if (Status != ERROR_SUCCESS) {
  405. return(Status);
  406. }
  408. //
  409. // Register the dynamic UDP endpoint for the clusapi interface.
  410. // This will enable remote clients to begin calling us. We do this
  411. // here to minimize the chances that we will service an external
  412. // call before we are ready. If we ever have to rollback after
  413. // this point, we will still be listening externally. Nothing we can
  414. // do about that.
  415. //
  416. CL_ASSERT(CsRpcBindingVector != NULL);
  418. Status = RpcEpRegister(s_clusapi_v2_0_s_ifspec,
  419. CsRpcBindingVector,
  420. NULL,
  421. L"Microsoft Cluster Server API");
  423. if (Status != RPC_S_OK) {
  424. ClRtlLogPrint(LOG_UNUSUAL,
  425. "[API] Failed to register endpoint for clusapi RPC interface, status %1!u!.\n",
  426. Status
  427. );
  428. NmDumpRpcExtErrorInfo(Status);
  429. return(Status);
  430. }
  432. ApiState = ApiStateOnline;
  433. }
  434. else {
  435. CL_ASSERT(ApiState == ApiStateReadOnly);
  436. }
  438. return(ERROR_SUCCESS);
  440. }
  442. VOID
  443. ApiOffline(
  444. VOID
  445. )
  447. /*++
  449. Routine Description:
  451. Takes the Cluster Api offline.
  453. Arguments:
  455. None.
  457. Returns:
  459. None.
  461. --*/
  463. {
  464. DWORD Status;
  467. if (ApiState == ApiStateOnline) {
  469. ClRtlLogPrint(LOG_NOISE, "[API] Offline\n");
  471. //
  472. // Deregister the Clusapi RPC endpoint
  473. //
  474. CL_ASSERT(CsRpcBindingVector != NULL);
  476. Status = RpcEpUnregister(
  477. s_clusapi_v2_0_s_ifspec,
  478. CsRpcBindingVector,
  479. NULL
  480. );
  482. if ((Status != RPC_S_OK) && (Status != EPT_S_NOT_REGISTERED)) {
  483. ClRtlLogPrint(LOG_UNUSUAL,
  484. "[API] Failed to deregister endpoint for clusapi RPC interface, status %1!u!.\n",
  485. Status
  486. );
  487. }
  489. ApiState = ApiStateReadOnly;
  490. }
  492. //
  493. // KB - We can't deregister the interface because we can't wait for
  494. // pending calls to complete - pending notifies never complete.
  495. // If we deregistered the interface after a failed join without
  496. // a complete shutdown, the subsequent form would fail. As a
  497. // result, the API won't go offline until service shutdown.
  498. //
  499. #if 0
  501. if (ApiState == ApiStateReadOnly) {
  503. //
  504. // Deregister the Clusapi RPC interface
  505. //
  507. Status = RpcServerUnregisterIf(
  508. s_clusapi_v2_0_s_ifspec,
  509. NULL,
  510. 1 // Wait for outstanding calls to complete
  511. );
  513. if ((Status != RPC_S_OK) && (Status != RPC_S_UNKNOWN_IF)) {
  514. ClRtlLogPrint(LOG_UNUSUAL,
  515. "[INIT] Unable to deregister the clusapi RPC interface, Status %1!u!.\n",
  516. Status
  517. );
  518. }
  520. ApiState = ApiStateOffline;
  521. }
  523. #endif
  525. return;
  526. }
  529. VOID
  530. ApiShutdown(
  531. VOID
  532. )
  534. /*++
  536. Routine Description:
  538. Shuts down the Cluster Api
  540. Arguments:
  542. None.
  544. Returns:
  546. None.
  548. --*/
  550. {
  551. DWORD Status;
  554. if (ApiState > ApiStateOffline) {
  555. ApiOffline();
  557. //
  558. // KB - We do this here because shutdown of the Clusapi RPC
  559. // interface is broken due to pending notifies.
  560. //
  561. Status = RpcServerUnregisterIf(
  562. s_clusapi_v2_0_s_ifspec,
  563. NULL,
  564. 0 // Don't wait for calls to complete
  565. );
  567. if ((Status != RPC_S_OK) && (Status != RPC_S_UNKNOWN_IF)) {
  568. ClRtlLogPrint(LOG_UNUSUAL,
  569. "[INIT] Unable to deregister the clusapi RPC interface, Status %1!u!.\n",
  570. Status
  571. );
  572. }
  574. ApiState = ApiStateOffline;
  575. }
  577. if (ApiState == ApiStateOffline) {
  579. ClRtlLogPrint(LOG_NOISE, "[API] Shutdown\n");
  581. //
  582. // KB
  583. //
  584. // Because we cannot shutdown the RPC server and cannot
  585. // unregister our event handler, it is not safe to delete
  586. // the critical section.
  587. //
  588. // DeleteCriticalSection(&NotifyListLock);
  589. // ApiState = ApiStateUninitialized;
  591. //
  592. // TODO?
  593. //
  594. // SS: free notify list head
  595. // SS: how do we deregister with the event handler
  596. //
  597. }
  599. return;
  600. }
  602. DWORD
  603. ApipGetLocalCallerInfo(
  604. IN handle_t hIDL,
  605. IN OUT OPTIONAL LPDWORD pdwCheckPid,
  606. IN OPTIONAL LPCWSTR pszModuleName,
  607. OUT BOOL *pbLocal,
  608. OUT OPTIONAL BOOL *pbMatchedPid,
  609. OUT OPTIONAL BOOL *pbMatchedModule,
  610. OUT OPTIONAL BOOL *pbLocalSystemAccount
  611. )
  612. /*++
  614. Routine Description:
  616. This function checks whether the caller's account is the local system
  617. account.
  619. Arguments:
  621. hIDL - The handle to the binding context
  623. pdwCheckPid - if the value passed in is NULL, the pid of the calling process is returned. If
  624. is returned.
  626. pszModuleName - If non null, the call performs the check to compare
  627. the module name of the caller against pszModuleName. If they
  628. match, *pbMatchedPid is set to TRUE.
  630. pbLocal - TRUE is returned if the caller initiated this call using
  631. lrpc. If this is FALSE, all other output values will be FALSE.
  633. pbMatchedModule - TRUE is returned, if the caller matches the module
  634. name specified by lpszModuleName. This pointer can be NULL.
  636. pbMatchedPid - if *pdwCheckPid is non NULL, and it matched the pid of the
  637. caller, then this is set to TRUE. Else, this is set to FALSE.
  639. pbLocalSystemAccount - If this is NON NULL, the call performs a check
  640. to see if the the caller is running in LocalSystemAccount. If it is
  641. then TRUE is returned, else FALSE is returned.
  643. Return Value:
  645. ERROR_SUCCESS on success.
  647. Win32 error code on failure.
  649. Remarks:
  652. --*/
  653. {
  654. DWORD Pid;
  655. HANDLE hProcess = NULL;
  656. DWORD dwNumChar;
  657. DWORD dwLen;
  658. WCHAR wCallerPath[MAX_PATH + 1];
  659. RPC_STATUS RpcStatus;
  660. DWORD dwStatus = ERROR_SUCCESS;
  661. BOOLEAN bWasEnabled;
  663. if (pbMatchedModule)
  664. *pbMatchedModule = FALSE;
  665. if (pbMatchedPid)
  666. *pbMatchedPid = FALSE;
  667. if (pbLocalSystemAccount)
  668. *pbLocalSystemAccount = FALSE;
  671. //assume the caller is local
  672. *pbLocal = TRUE;
  674. RpcStatus = I_RpcBindingInqLocalClientPID(NULL, &Pid );
  675. if (RpcStatus == RPC_S_INVALID_BINDING)
  676. {
  677. *pbLocal = FALSE;
  678. RpcStatus = RPC_S_OK;
  679. goto FnExit;
  680. }
  682. dwStatus = I_RpcMapWin32Status(RpcStatus);
  684. if (dwStatus != ERROR_SUCCESS)
  685. {
  686. ClRtlLogPrint( LOG_CRITICAL,
  687. "[API] ApipGetLocalCallerInfo: Error %1!u! calling RpcBindingInqLocalClientPID.\n",
  688. dwStatus
  689. );
  690. goto FnExit;
  691. }
  693. dwStatus = ClRtlEnableThreadPrivilege(SE_DEBUG_PRIVILEGE, &bWasEnabled);
  694. if ( dwStatus != ERROR_SUCCESS )
  695. {
  696. if (dwStatus == STATUS_PRIVILEGE_NOT_HELD)
  697. {
  698. ClRtlLogPrint(LOG_CRITICAL,
  699. "[API] ApipGetLocalCallerInfo: Debug privilege not held by cluster service\n");
  700. }
  701. else
  702. {
  703. ClRtlLogPrint(LOG_CRITICAL,
  704. "[API] ApipGetLocalCallerInfo: Attempt to enable debug privilege failed %1!lx!\n",
  705. dwStatus);
  706. }
  707. goto FnExit;
  708. }
  711. // Get the process
  712. hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, Pid);
  714. //restore the thread privilege, now that we have a process handle with the right access
  715. ClRtlRestoreThreadPrivilege(SE_DEBUG_PRIVILEGE,
  716. bWasEnabled);
  718. if(hProcess == NULL)
  719. {
  720. dwStatus = GetLastError();
  721. ClRtlLogPrint( LOG_CRITICAL,
  722. "[API] ApipGetLocalCallerInfo: Error %1!u! calling OpenProcess %2!u!.\n",
  723. dwStatus,
  724. Pid
  725. );
  727. goto FnExit;
  728. }
  731. //if a process id has been specified, see if it matches that one
  732. if (pdwCheckPid)
  733. {
  734. if ((*pdwCheckPid) && (*pdwCheckPid == Pid))
  735. {
  736. *pbMatchedPid = TRUE;
  737. }
  738. }
  740. if (pszModuleName && pbMatchedModule)
  741. {
  742. // Get the module name of whoever is calling us.
  744. dwNumChar = GetModuleFileNameExW(hProcess, NULL, wCallerPath, MAX_PATH);
  745. if(dwNumChar == 0)
  746. {
  747. dwStatus = GetLastError();
  748. ClRtlLogPrint( LOG_CRITICAL,
  749. "[API] ApipGetLocalCallerInfo: Error %1!u! calling GetModuleFileNameExW.\n",
  750. dwStatus
  751. );
  752. goto FnExit;
  753. }
  755. if(!lstrcmpiW(wCallerPath, pszModuleName))
  756. {
  757. *pbMatchedModule = TRUE;
  758. }
  759. }
  761. //check if it is the local system account, if requested
  762. if (pbLocalSystemAccount && hIDL)
  763. {
  764. // Impersonate the client.
  765. if ( ( RpcStatus = RpcImpersonateClient( hIDL ) ) != RPC_S_OK )
  766. {
  767. dwStatus = I_RpcMapWin32Status(RpcStatus);
  768. ClRtlLogPrint( LOG_CRITICAL,
  769. "[API] ApipGetLocalCallerInfo: Error %1!u! trying to impersonate caller...\n",
  770. dwStatus
  771. );
  772. goto FnExit;
  773. }
  776. // Check that the caller's account is local system account
  777. dwStatus = ClRtlIsCallerAccountLocalSystemAccount(pbLocalSystemAccount );
  779. RpcRevertToSelf();
  781. if (dwStatus != ERROR_SUCCESS )
  782. {
  783. ClRtlLogPrint( LOG_CRITICAL,
  784. "[API] ApipGetLocalCallerInfo : Error %1!u! trying to check caller's account...\n",
  785. dwStatus);
  786. goto FnExit;
  787. }
  789. }
  791. //return the pid if the pid passed in is NULL and the pid passes
  792. //the criteria - matches pszModuleName if specified and is in
  793. //local system account
  794. if (pdwCheckPid && !(*pdwCheckPid))
  795. {
  796. //if we need to check for local system, the process must be in local system account
  797. //if the module name needs to be checked
  798. if (((pbLocalSystemAccount && *pbLocalSystemAccount) || (!pbLocalSystemAccount))
  799. && ((pszModuleName && pbMatchedModule && *pbMatchedModule) || (!pbMatchedModule)))
  800. {
  801. ClRtlLogPrint( LOG_NOISE,
  802. "[API] ApipGetLocalCallerInfo : Returning Pid %1!u!\n",
  803. Pid);
  804. *pdwCheckPid = Pid;
  805. }
  806. }
  808. FnExit:
  809. if (hProcess)
  810. CloseHandle(hProcess);
  811. return(dwStatus);
  813. }