Merge branch 'master' of ssh://git.samba.org/data/git/samba

6 files changed, 97 insertions, 112 deletions

diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index 1588ae3efe..8b7ac7d718 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -468,7 +468,7 @@ static bool cli_session_setup_blob_send(struct cli_state *cli, DATA_BLOB blob)
 	SCVAL(cli->outbuf,smb_com,SMBsesssetupX);
 
 	cli_setup_packet(cli);
-			
+
 	SCVAL(cli->outbuf,smb_vwv0,0xFF);
 	SSVAL(cli->outbuf,smb_vwv2,CLI_BUFFER_SIZE);
 	SSVAL(cli->outbuf,smb_vwv3,2);
@@ -504,10 +504,10 @@ static DATA_BLOB cli_session_setup_blob_receive(struct cli_state *cli)
 						  NT_STATUS_MORE_PROCESSING_REQUIRED)) {
 		return blob2;
 	}
-	
+
 	/* use the returned vuid from now on */
 	cli->vuid = SVAL(cli->inbuf,smb_uid);
-	
+
 	p = smb_buf(cli->inbuf);
 
 	blob2 = data_blob(p, SVAL(cli->inbuf, smb_vwv3));
@@ -696,14 +696,14 @@ static NTSTATUS cli_session_setup_ntlmssp(struct cli_state *cli, const char *use
 				/* wrap it in SPNEGO */
 				msg1 = spnego_gen_auth(blob_out);
 			}
-		
+
 			/* now send that blob on its way */
 			if (!cli_session_setup_blob_send(cli, msg1)) {
 				DEBUG(3, ("Failed to send NTLMSSP/SPNEGO blob to server!\n"));
 				nt_status = NT_STATUS_UNSUCCESSFUL;
 			} else {
 				blob = cli_session_setup_blob_receive(cli);
-				
+
 				nt_status = cli_nt_error(cli);
 				if (cli_is_error(cli) && NT_STATUS_IS_OK(nt_status)) {
 					if (cli->smb_rw_error == SMB_READ_BAD_SIG) {
@@ -715,7 +715,7 @@ static NTSTATUS cli_session_setup_ntlmssp(struct cli_state *cli, const char *use
 			}
 			data_blob_free(&msg1);
 		}
-		
+
 		if (!blob.length) {
 			if (NT_STATUS_IS_OK(nt_status)) {
 				nt_status = NT_STATUS_UNSUCCESSFUL;
@@ -761,11 +761,11 @@ static NTSTATUS cli_session_setup_ntlmssp(struct cli_state *cli, const char *use
 		data_blob_free(&key);
 
 		if (res) {
-			
+
 			/* 'resign' the last message, so we get the right sequence numbers
 			   for checking the first reply from the server */
 			cli_calculate_sign_mac(cli, cli->outbuf);
-			
+
 			if (!cli_check_sign_mac(cli, cli->inbuf)) {
 				nt_status = NT_STATUS_ACCESS_DENIED;
 			}
@@ -849,10 +849,10 @@ ADS_STATUS cli_session_setup_spnego(struct cli_state *cli, const char *user,
 
 		if (pass && *pass) {
 			int ret;
-			
+
 			use_in_memory_ccache();
 			ret = kerberos_kinit_password(user, pass, 0 /* no time correction for now */, NULL);
-			
+
 			if (ret){
 				TALLOC_FREE(principal);
 				DEBUG(0, ("Kinit failed: %s\n", error_message(ret)));
@@ -861,7 +861,7 @@ ADS_STATUS cli_session_setup_spnego(struct cli_state *cli, const char *user,
 				return ADS_ERROR_KRB5(ret);
 			}
 		}
-		
+
 		/* If we get a bad principal, try to guess it if
 		   we have a valid host NetBIOS name.
 		 */
@@ -1132,7 +1132,7 @@ bool cli_send_tconX(struct cli_state *cli,
 			 * Non-encrypted passwords - convert to DOS codepage before using.
 			 */
 			passlen = clistr_push(cli, pword, pass, sizeof(pword), STR_TERMINATE);
-			
+
 		} else {
 			if (passlen) {
 				memcpy(pword, pass, passlen);
@@ -1175,7 +1175,7 @@ bool cli_send_tconX(struct cli_state *cli,
 		/* almost certainly win95 - enable bug fixes */
 		cli->win95 = True;
 	}
-	
+
 	/* Make sure that we have the optional support 16-bit field.  WCT > 2 */
 	/* Avoids issues when connecting to Win9x boxes sharing files */
 
@@ -1198,11 +1198,11 @@ bool cli_tdis(struct cli_state *cli)
 	SCVAL(cli->outbuf,smb_com,SMBtdis);
 	SSVAL(cli->outbuf,smb_tid,cli->cnum);
 	cli_setup_packet(cli);
-	
+
 	cli_send_smb(cli);
 	if (!cli_receive_smb(cli))
 		return False;
-	
+
 	if (cli_is_error(cli)) {
 		return False;
 	}
@@ -1265,7 +1265,7 @@ bool cli_negprot(struct cli_state *cli)
 	     prots[numprots].name && prots[numprots].prot<=cli->protocol;
 	     numprots++)
 		plength += strlen(prots[numprots].name)+2;
-    
+
 	cli_set_message(cli->outbuf,0,plength,True);
 
 	p = smb_buf(cli->outbuf);
@@ -1397,9 +1397,13 @@ bool cli_session_request(struct cli_state *cli,
 	char *p;
 	int len = 4;
 
+	/* 445 doesn't have session request */
+	if (cli->port == 445)
+		return True;
+
 	memcpy(&(cli->calling), calling, sizeof(*calling));
 	memcpy(&(cli->called ), called , sizeof(*called ));
-  
+
 	/* put in the destination name */
 	p = cli->outbuf+len;
 	name_mangle(cli->called .name, p, cli->called .name_type);
@@ -1410,10 +1414,6 @@ bool cli_session_request(struct cli_state *cli,
 	name_mangle(cli->calling.name, p, cli->calling.name_type);
 	len += name_len(p);
 
-	/* 445 doesn't have session request */
-	if (cli->port == 445)
-		return True;
-
 	/* send a session request (RFC 1002) */
 	/* setup the packet length
          * Remove four bytes from the length count, since the length
@@ -1605,11 +1605,11 @@ NTSTATUS cli_start_connection(struct cli_state **output_cli,
 
 	if (!my_name) 
 		my_name = global_myname();
-	
+
 	if (!(cli = cli_initialise())) {
 		return NT_STATUS_NO_MEMORY;
 	}
-	
+
 	make_nmb_name(&calling, my_name, 0x0);
 	make_nmb_name(&called , dest_host, 0x20);
 
diff --git a/source3/libsmb/clifile.c b/source3/libsmb/clifile.c
index 1c525363f7..a9e81082ea 100644
--- a/source3/libsmb/clifile.c
+++ b/source3/libsmb/clifile.c
@@ -66,7 +66,7 @@ static bool cli_link_internal(struct cli_state *cli, const char *oldname, const
 			-1, 0,                          /* fid, flags */
 			&setup, 1, 0,                   /* setup, length, max */
 			param, param_len, 2,            /* param, length, max */
-			(char *)&data,  data_len, cli->max_xmit /* data, length, max */
+			data,  data_len, cli->max_xmit /* data, length, max */
 			)) {
 		SAFE_FREE(data);
 		SAFE_FREE(param);
diff --git a/source3/libsmb/clitrans.c b/source3/libsmb/clitrans.c
index c929f0b7a9..bbdfb75fcd 100644
--- a/source3/libsmb/clitrans.c
+++ b/source3/libsmb/clitrans.c
@@ -978,19 +978,6 @@ static void cli_trans_ship_rest(struct async_req *req,
 	}
 }
 
-static bool cli_trans_oob(uint32_t bufsize, uint32_t offset, uint32_t length)
-{
-	if ((offset + length < offset) || (offset + length < length)) {
-		/* wrap */
-		return true;
-	}
-	if ((offset > bufsize) || (offset + length > bufsize)) {
-		/* overflow */
-		return true;
-	}
-	return false;
-}
-
 static NTSTATUS cli_pull_trans(struct async_req *req,
 			       struct cli_request *cli_req,
 			       uint8_t smb_cmd, bool expect_first_reply,
@@ -1072,10 +1059,10 @@ static NTSTATUS cli_pull_trans(struct async_req *req,
 	 * length. Likewise for param_ofs/param_disp.
 	 */
 
-	if (cli_trans_oob(smb_len(cli_req->inbuf), param_ofs, *pnum_param)
-	    || cli_trans_oob(*ptotal_param, *pparam_disp, *pnum_param)
-	    || cli_trans_oob(smb_len(cli_req->inbuf), data_ofs, *pnum_data)
-	    || cli_trans_oob(*ptotal_data, *pdata_disp, *pnum_data)) {
+	if (trans_oob(smb_len(cli_req->inbuf), param_ofs, *pnum_param)
+	    || trans_oob(*ptotal_param, *pparam_disp, *pnum_param)
+	    || trans_oob(smb_len(cli_req->inbuf), data_ofs, *pnum_data)
+	    || trans_oob(*ptotal_data, *pdata_disp, *pnum_data)) {
 		return NT_STATUS_INVALID_NETWORK_RESPONSE;
 	}
 
diff --git a/source3/libsmb/dsgetdcname.c b/source3/libsmb/dsgetdcname.c
index ff0a8f9808..d8c2b70175 100644
--- a/source3/libsmb/dsgetdcname.c
+++ b/source3/libsmb/dsgetdcname.c
@@ -1040,6 +1040,8 @@ static NTSTATUS process_dc_netbios(TALLOC_CTX *mem_ctx,
 			r->data.nt4 = logon1;
 			r->ntver = nt_version;
 
+			map_netlogon_samlogon_response(r);
+
 			namecache_store(tmp_dc_name, NBT_NAME_SERVER, 1, &ip_list);
 
 			goto make_reply;
diff --git a/source3/libsmb/nterr.c b/source3/libsmb/nterr.c
index 1ba230cefe..465d88a9b6 100644
--- a/source3/libsmb/nterr.c
+++ b/source3/libsmb/nterr.c
@@ -532,6 +532,7 @@ static const nt_err_code_struct nt_errs[] =
 	{ "NT_STATUS_TOO_MANY_LINKS", NT_STATUS_TOO_MANY_LINKS },
 	{ "NT_STATUS_QUOTA_LIST_INCONSISTENT", NT_STATUS_QUOTA_LIST_INCONSISTENT },
 	{ "NT_STATUS_FILE_IS_OFFLINE", NT_STATUS_FILE_IS_OFFLINE },
+	{ "NT_STATUS_DS_BUSY", NT_STATUS_DS_BUSY },
 	{ "NT_STATUS_DS_NO_MORE_RIDS", NT_STATUS_DS_NO_MORE_RIDS },
 	{ "NT_STATUS_NOT_A_REPARSE_POINT", NT_STATUS_NOT_A_REPARSE_POINT },
 	{ "NT_STATUS_DOWNGRADE_DETECTED", NT_STATUS_DOWNGRADE_DETECTED },
diff --git a/source3/libsmb/ntlmssp.c b/source3/libsmb/ntlmssp.c
index a0e54ce769..cc13476935 100644
--- a/source3/libsmb/ntlmssp.c
+++ b/source3/libsmb/ntlmssp.c
@@ -11,12 +11,12 @@
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; either version 3 of the License, or
    (at your option) any later version.
-   
+
    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.
-   
+
    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
@@ -60,7 +60,7 @@ static const struct ntlmssp_callbacks {
 void debug_ntlmssp_flags(uint32 neg_flags)
 {
 	DEBUG(3,("Got NTLMSSP neg_flags=0x%08x\n", neg_flags));
-	
+
 	if (neg_flags & NTLMSSP_NEGOTIATE_UNICODE) 
 		DEBUGADD(4, ("  NTLMSSP_NEGOTIATE_UNICODE\n"));
 	if (neg_flags & NTLMSSP_NEGOTIATE_OEM) 
@@ -109,7 +109,7 @@ void debug_ntlmssp_flags(uint32 neg_flags)
  * Default challenge generation code.
  *
  */
-   
+
 static const uint8 *get_challenge(const struct ntlmssp_state *ntlmssp_state)
 {
 	static uchar chal[8];
@@ -122,7 +122,7 @@ static const uint8 *get_challenge(const struct ntlmssp_state *ntlmssp_state)
  * Default 'we can set the challenge to anything we like' implementation
  *
  */
-   
+
 static bool may_set_challenge(const struct ntlmssp_state *ntlmssp_state)
 {
 	return True;
@@ -134,7 +134,7 @@ static bool may_set_challenge(const struct ntlmssp_state *ntlmssp_state)
  * Does not actually do anything, as the value is always in the structure anyway.
  *
  */
-   
+
 static NTSTATUS set_challenge(struct ntlmssp_state *ntlmssp_state, DATA_BLOB *challenge)
 {
 	SMB_ASSERT(challenge->length == 8);
@@ -148,7 +148,7 @@ static NTSTATUS set_challenge(struct ntlmssp_state *ntlmssp_state, DATA_BLOB *ch
 
 NTSTATUS ntlmssp_set_username(NTLMSSP_STATE *ntlmssp_state, const char *user) 
 {
-	ntlmssp_state->user = talloc_strdup(ntlmssp_state->mem_ctx, user ? user : "" );
+	ntlmssp_state->user = talloc_strdup(ntlmssp_state, user ? user : "" );
 	if (!ntlmssp_state->user) {
 		return NT_STATUS_NO_MEMORY;
 	}
@@ -164,9 +164,9 @@ NTSTATUS ntlmssp_set_hashes(NTLMSSP_STATE *ntlmssp_state,
 		const unsigned char nt_hash[16]) 
 {
 	ntlmssp_state->lm_hash = (unsigned char *)
-		TALLOC_MEMDUP(ntlmssp_state->mem_ctx, lm_hash, 16);
+		TALLOC_MEMDUP(ntlmssp_state, lm_hash, 16);
 	ntlmssp_state->nt_hash = (unsigned char *)
-		TALLOC_MEMDUP(ntlmssp_state->mem_ctx, nt_hash, 16);
+		TALLOC_MEMDUP(ntlmssp_state, nt_hash, 16);
 	if (!ntlmssp_state->lm_hash || !ntlmssp_state->nt_hash) {
 		TALLOC_FREE(ntlmssp_state->lm_hash);
 		TALLOC_FREE(ntlmssp_state->nt_hash);
@@ -201,7 +201,8 @@ NTSTATUS ntlmssp_set_password(NTLMSSP_STATE *ntlmssp_state, const char *password
  */
 NTSTATUS ntlmssp_set_domain(NTLMSSP_STATE *ntlmssp_state, const char *domain) 
 {
-	ntlmssp_state->domain = talloc_strdup(ntlmssp_state->mem_ctx, domain ? domain : "" );
+	ntlmssp_state->domain = talloc_strdup(ntlmssp_state,
+					      domain ? domain : "" );
 	if (!ntlmssp_state->domain) {
 		return NT_STATUS_NO_MEMORY;
 	}
@@ -214,7 +215,7 @@ NTSTATUS ntlmssp_set_domain(NTLMSSP_STATE *ntlmssp_state, const char *domain)
  */
 NTSTATUS ntlmssp_set_workstation(NTLMSSP_STATE *ntlmssp_state, const char *workstation) 
 {
-	ntlmssp_state->workstation = talloc_strdup(ntlmssp_state->mem_ctx, workstation);
+	ntlmssp_state->workstation = talloc_strdup(ntlmssp_state, workstation);
 	if (!ntlmssp_state->workstation) {
 		return NT_STATUS_NO_MEMORY;
 	}
@@ -229,8 +230,9 @@ NTSTATUS ntlmssp_set_workstation(NTLMSSP_STATE *ntlmssp_state, const char *works
 NTSTATUS ntlmssp_store_response(NTLMSSP_STATE *ntlmssp_state,
 				DATA_BLOB response) 
 {
-	ntlmssp_state->stored_response = data_blob_talloc(ntlmssp_state->mem_ctx, 
-							  response.data, response.length);
+	ntlmssp_state->stored_response = data_blob_talloc(ntlmssp_state,
+							  response.data,
+							  response.length);
 	return NT_STATUS_OK;
 }
 
@@ -277,7 +279,7 @@ void ntlmssp_want_feature(NTLMSSP_STATE *ntlmssp_state, uint32 feature)
 		ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SEAL;
 	}
 }
- 
+
 /**
  * Next state function for the NTLMSSP state machine
  * 
@@ -304,7 +306,7 @@ NTSTATUS ntlmssp_update(NTLMSSP_STATE *ntlmssp_state,
 
 	if (!in.length && ntlmssp_state->stored_response.length) {
 		input = ntlmssp_state->stored_response;
-		
+
 		/* we only want to read the stored response once - overwrite it */
 		ntlmssp_state->stored_response = data_blob_null;
 	} else {
@@ -357,16 +359,13 @@ NTSTATUS ntlmssp_update(NTLMSSP_STATE *ntlmssp_state,
 
 void ntlmssp_end(NTLMSSP_STATE **ntlmssp_state)
 {
-	TALLOC_CTX *mem_ctx = (*ntlmssp_state)->mem_ctx;
-
 	(*ntlmssp_state)->ref_count--;
 
 	if ((*ntlmssp_state)->ref_count == 0) {
 		data_blob_free(&(*ntlmssp_state)->chal);
 		data_blob_free(&(*ntlmssp_state)->lm_resp);
 		data_blob_free(&(*ntlmssp_state)->nt_resp);
-
-		talloc_destroy(mem_ctx);
+		TALLOC_FREE(*ntlmssp_state);
 	}
 
 	*ntlmssp_state = NULL;
@@ -562,13 +561,14 @@ static NTSTATUS ntlmssp_server_negotiate(struct ntlmssp_state *ntlmssp_state,
 	if (target_name == NULL)
 		return NT_STATUS_INVALID_PARAMETER;
 
-	ntlmssp_state->chal = data_blob_talloc(ntlmssp_state->mem_ctx, cryptkey, 8);
-	ntlmssp_state->internal_chal = data_blob_talloc(ntlmssp_state->mem_ctx, cryptkey, 8);
+	ntlmssp_state->chal = data_blob_talloc(ntlmssp_state, cryptkey, 8);
+	ntlmssp_state->internal_chal = data_blob_talloc(ntlmssp_state,
+							cryptkey, 8);
 
 	/* This should be a 'netbios domain -> DNS domain' mapping */
-	dnsdomname = get_mydnsdomname(ntlmssp_state->mem_ctx);
+	dnsdomname = get_mydnsdomname(ntlmssp_state);
 	if (!dnsdomname) {
-		dnsdomname = talloc_strdup(ntlmssp_state->mem_ctx, "");
+		dnsdomname = talloc_strdup(ntlmssp_state, "");
 	}
 	if (!dnsdomname) {
 		return NT_STATUS_NO_MEMORY;
@@ -685,7 +685,7 @@ static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state,
 		SAFE_FREE(workstation);
 		data_blob_free(&encrypted_session_key);
 		auth_flags = 0;
-		
+
 		/* Try again with a shorter string (Win9X truncates this packet) */
 		if (ntlmssp_state->unicode) {
 			parse_string = "CdBBUUU";
@@ -753,24 +753,25 @@ static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state,
 
 	/* NTLM2 uses a 'challenge' that is made of up both the server challenge, and a 
 	   client challenge 
-	
+
 	   However, the NTLM2 flag may still be set for the real NTLMv2 logins, be careful.
 	*/
 	if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_NTLM2) {
 		if (ntlmssp_state->nt_resp.length == 24 && ntlmssp_state->lm_resp.length == 24) {
 			struct MD5Context md5_session_nonce_ctx;
 			SMB_ASSERT(ntlmssp_state->internal_chal.data && ntlmssp_state->internal_chal.length == 8);
-			
+
 			doing_ntlm2 = True;
 
 			memcpy(session_nonce, ntlmssp_state->internal_chal.data, 8);
 			memcpy(&session_nonce[8], ntlmssp_state->lm_resp.data, 8);
-			
+
 			MD5Init(&md5_session_nonce_ctx);
 			MD5Update(&md5_session_nonce_ctx, session_nonce, 16);
 			MD5Final(session_nonce_hash, &md5_session_nonce_ctx);
-			
-			ntlmssp_state->chal = data_blob_talloc(ntlmssp_state->mem_ctx, session_nonce_hash, 8);
+
+			ntlmssp_state->chal = data_blob_talloc(
+				ntlmssp_state, session_nonce_hash, 8);
 
 			/* LM response is no longer useful */
 			data_blob_free(&ntlmssp_state->lm_resp);
@@ -807,12 +808,13 @@ static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state,
 	/* Handle the different session key derivation for NTLM2 */
 	if (doing_ntlm2) {
 		if (user_session_key.data && user_session_key.length == 16) {
-			session_key = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 16);
+			session_key = data_blob_talloc(ntlmssp_state,
+						       NULL, 16);
 			hmac_md5(user_session_key.data, session_nonce, 
 				 sizeof(session_nonce), session_key.data);
 			DEBUG(10,("ntlmssp_server_auth: Created NTLM2 session key.\n"));
 			dump_data_pw("NTLM2 session key:\n", session_key.data, session_key.length);
-			
+
 		} else {
 			DEBUG(10,("ntlmssp_server_auth: Failed to create NTLM2 session key.\n"));
 			session_key = data_blob_null;
@@ -820,7 +822,8 @@ static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state,
 	} else if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_LM_KEY) {
 		if (lm_session_key.data && lm_session_key.length >= 8) {
 			if (ntlmssp_state->lm_resp.data && ntlmssp_state->lm_resp.length == 24) {
-				session_key = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 16);
+				session_key = data_blob_talloc(ntlmssp_state,
+							       NULL, 16);
 				if (session_key.data == NULL) {
 					return NT_STATUS_NO_MEMORY;
 				}
@@ -831,7 +834,7 @@ static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state,
 				uint8 zeros[24];
 				ZERO_STRUCT(zeros);
 				session_key = data_blob_talloc(
-					ntlmssp_state->mem_ctx, NULL, 16);
+					ntlmssp_state, NULL, 16);
 				if (session_key.data == NULL) {
 					return NT_STATUS_NO_MEMORY;
 				}
@@ -875,9 +878,9 @@ static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state,
 			SamOEMhash(encrypted_session_key.data, 
 				   session_key.data, 
 				   encrypted_session_key.length);
-			ntlmssp_state->session_key = data_blob_talloc(ntlmssp_state->mem_ctx, 
-								      encrypted_session_key.data, 
-								      encrypted_session_key.length);
+			ntlmssp_state->session_key = data_blob_talloc(
+				ntlmssp_state, encrypted_session_key.data,
+				encrypted_session_key.length);
 			dump_data_pw("KEY_EXCH session key:\n", encrypted_session_key.data, 
 				     encrypted_session_key.length);
 		}
@@ -892,7 +895,7 @@ static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state,
 	}
 
 	data_blob_free(&encrypted_session_key);
-	
+
 	/* Only one authentication allowed per server state. */
 	ntlmssp_state->expected_state = NTLMSSP_DONE;
 
@@ -907,20 +910,15 @@ static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state,
 
 NTSTATUS ntlmssp_server_start(NTLMSSP_STATE **ntlmssp_state)
 {
-	TALLOC_CTX *mem_ctx;
-
-	mem_ctx = talloc_init("NTLMSSP context");
-	
-	*ntlmssp_state = TALLOC_ZERO_P(mem_ctx, NTLMSSP_STATE);
+	*ntlmssp_state = TALLOC_ZERO_P(NULL, NTLMSSP_STATE);
 	if (!*ntlmssp_state) {
 		DEBUG(0,("ntlmssp_server_start: talloc failed!\n"));
-		talloc_destroy(mem_ctx);
+		talloc_destroy(*ntlmssp_state);
 		return NT_STATUS_NO_MEMORY;
 	}
 
 	(*ntlmssp_state)->role = NTLMSSP_SERVER;
 
-	(*ntlmssp_state)->mem_ctx = mem_ctx;
 	(*ntlmssp_state)->get_challenge = get_challenge;
 	(*ntlmssp_state)->set_challenge = set_challenge;
 	(*ntlmssp_state)->may_set_challenge = may_set_challenge;
@@ -968,7 +966,7 @@ static NTSTATUS ntlmssp_client_initial(struct ntlmssp_state *ntlmssp_state,
 	} else {
 		ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_OEM;
 	}
-	
+
 	if (ntlmssp_state->use_ntlmv2) {
 		ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_NTLM2;
 	}
@@ -1021,7 +1019,7 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
 
 		return NT_STATUS_INVALID_PARAMETER;
 	}
-	
+
 	data_blob_free(&server_domain_blob);
 
 	DEBUG(3, ("Got challenge flags:\n"));
@@ -1062,7 +1060,7 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
 		return NT_STATUS_INVALID_PARAMETER;
 	}
 
-	ntlmssp_state->server_domain = talloc_strdup(ntlmssp_state->mem_ctx,
+	ntlmssp_state->server_domain = talloc_strdup(ntlmssp_state,
 						     server_domain);
 
 	SAFE_FREE(server_domain);
@@ -1078,8 +1076,8 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
 		ZERO_STRUCT(zeros);
 
 		/* session key is all zeros */
-		session_key = data_blob_talloc(ntlmssp_state->mem_ctx, zeros, 16);
-		
+		session_key = data_blob_talloc(ntlmssp_state, zeros, 16);
+
 		/* not doing NLTM2 without a password */
 		ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_NTLM2;
 	} else if (ntlmssp_state->use_ntlmv2) {
@@ -1092,7 +1090,7 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
 
 		/* TODO: if the remote server is standalone, then we should replace 'domain'
 		   with the server name as supplied above */
-		
+
 		if (!SMBNTLMv2encrypt_hash(ntlmssp_state->user, 
 				      ntlmssp_state->domain, 
 				      ntlmssp_state->nt_hash, &challenge_blob, 
@@ -1107,14 +1105,14 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
 		uchar session_nonce[16];
 		uchar session_nonce_hash[16];
 		uchar user_session_key[16];
-		
-		lm_response = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 24);
+
+		lm_response = data_blob_talloc(ntlmssp_state, NULL, 24);
 		generate_random_buffer(lm_response.data, 8);
 		memset(lm_response.data+8, 0, 16);
 
 		memcpy(session_nonce, challenge_blob.data, 8);
 		memcpy(&session_nonce[8], lm_response.data, 8);
-	
+
 		MD5Init(&md5_session_nonce_ctx);
 		MD5Update(&md5_session_nonce_ctx, challenge_blob.data, 8);
 		MD5Update(&md5_session_nonce_ctx, lm_response.data, 8);
@@ -1123,13 +1121,13 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
 		DEBUG(5, ("NTLMSSP challenge set by NTLM2\n"));
 		DEBUG(5, ("challenge is: \n"));
 		dump_data(5, session_nonce_hash, 8);
-		
-		nt_response = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 24);
+
+		nt_response = data_blob_talloc(ntlmssp_state, NULL, 24);
 		SMBNTencrypt_hash(ntlmssp_state->nt_hash,
 			     session_nonce_hash,
 			     nt_response.data);
 
-		session_key = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 16);
+		session_key = data_blob_talloc(ntlmssp_state, NULL, 16);
 
 		SMBsesskeygen_ntv1(ntlmssp_state->nt_hash, NULL, user_session_key);
 		hmac_md5(user_session_key, session_nonce, sizeof(session_nonce), session_key.data);
@@ -1137,16 +1135,17 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
 	} else {
 		/* lanman auth is insecure, it may be disabled */
 		if (lp_client_lanman_auth()) {
-			lm_response = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 24);
+			lm_response = data_blob_talloc(ntlmssp_state,
+						       NULL, 24);
 			SMBencrypt_hash(ntlmssp_state->lm_hash,challenge_blob.data,
 				   lm_response.data);
 		}
-		
-		nt_response = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 24);
+
+		nt_response = data_blob_talloc(ntlmssp_state, NULL, 24);
 		SMBNTencrypt_hash(ntlmssp_state->nt_hash,challenge_blob.data,
 			     nt_response.data);
-		
-		session_key = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 16);
+
+		session_key = data_blob_talloc(ntlmssp_state, NULL, 16);
 		if ((ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_LM_KEY) 
 		    && lp_client_lanman_auth()) {
 			SMBsesskeygen_lm_sess_key(ntlmssp_state->lm_hash, lm_response.data,
@@ -1174,7 +1173,9 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
 
 		/* Mark the new session key as the 'real' session key */
 		data_blob_free(&session_key);
-		session_key = data_blob_talloc(ntlmssp_state->mem_ctx, client_session_key, sizeof(client_session_key));
+		session_key = data_blob_talloc(ntlmssp_state,
+					       client_session_key,
+					       sizeof(client_session_key));
 	}
 
 	/* this generates the actual auth packet */
@@ -1188,7 +1189,7 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
 		       ntlmssp_state->get_global_myname(), 
 		       encrypted_session_key.data, encrypted_session_key.length,
 		       ntlmssp_state->neg_flags)) {
-		
+
 		return NT_STATUS_NO_MEMORY;
 	}
 
@@ -1213,21 +1214,15 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
 
 NTSTATUS ntlmssp_client_start(NTLMSSP_STATE **ntlmssp_state)
 {
-	TALLOC_CTX *mem_ctx;
-
-	mem_ctx = talloc_init("NTLMSSP Client context");
-	
-	*ntlmssp_state = TALLOC_ZERO_P(mem_ctx, NTLMSSP_STATE);
+	*ntlmssp_state = TALLOC_ZERO_P(NULL, NTLMSSP_STATE);
 	if (!*ntlmssp_state) {
 		DEBUG(0,("ntlmssp_client_start: talloc failed!\n"));
-		talloc_destroy(mem_ctx);
+		talloc_destroy(*ntlmssp_state);
 		return NT_STATUS_NO_MEMORY;
 	}
 
 	(*ntlmssp_state)->role = NTLMSSP_CLIENT;
 
-	(*ntlmssp_state)->mem_ctx = mem_ctx;
-
 	(*ntlmssp_state)->get_global_myname = global_myname;
 	(*ntlmssp_state)->get_domain = lp_workgroup;