r2645: converted the NTLMSSP code to the new style of talloc

(This used to be commit b378aae95d4001c4cf4e6e59ed80ee1bd55382ee)
author: Andrew Tridgell <tridge@samba.org> 2004-09-26 02:16:25 +0000
committer: Gerald (Jerry) Carter <jerry@samba.org> 2007-10-10 12:59:16 -0500
commit: 4b1050a6cf3e6d9f7a8e75dd90ed1ccd52f29abb (patch)
tree: 17ccfac3fbbde4dc6c48ce01dc530e39c8e8f21a /source4
parent: 525a993469f50ccf8cf5a44cb337a06d61f50622 (diff)
download: samba-4b1050a6cf3e6d9f7a8e75dd90ed1ccd52f29abb.tar.gz
samba-4b1050a6cf3e6d9f7a8e75dd90ed1ccd52f29abb.tar.bz2
samba-4b1050a6cf3e6d9f7a8e75dd90ed1ccd52f29abb.zip
7 files changed, 68 insertions, 107 deletions
diff --git a/source4/libcli/auth/gensec_krb5.c b/source4/libcli/auth/gensec_krb5.c
index 06630455ce..7d92873ac7 100644
--- a/source4/libcli/auth/gensec_krb5.c
+++ b/source4/libcli/auth/gensec_krb5.c
@@ -36,7 +36,6 @@ enum GENSEC_KRB5_STATE {
 };
 
 struct gensec_krb5_state {
-	TALLOC_CTX *mem_ctx;
 	DATA_BLOB session_key;
 	struct PAC_LOGON_INFO *logon_info;
 	enum GENSEC_KRB5_STATE state_position;
@@ -230,18 +229,11 @@ static NTSTATUS gensec_krb5_start(struct gensec_security *gensec_security)
 	struct gensec_krb5_state *gensec_krb5_state;
 	krb5_error_code ret = 0;
 
-	TALLOC_CTX *mem_ctx = talloc_init("gensec_krb5");
-	if (!mem_ctx) {
-		return NT_STATUS_NO_MEMORY;
-	}
-
-	gensec_krb5_state = talloc_p(mem_ctx, struct gensec_krb5_state);
+	gensec_krb5_state = talloc_p(gensec_security, struct gensec_krb5_state);
 	if (!gensec_krb5_state) {
 		return NT_STATUS_NO_MEMORY;
 	}
 
-	gensec_krb5_state->mem_ctx = mem_ctx;
-
 	gensec_security->private_data = gensec_krb5_state;
 
 	initialize_krb5_error_table();
@@ -429,7 +421,7 @@ static void gensec_krb5_end(struct gensec_security *gensec_security)
 		krb5_free_context(gensec_krb5_state->krb5_context);
 	}
 
-	talloc_destroy(gensec_krb5_state->mem_ctx);
+	talloc_free(gensec_krb5_state);
 	gensec_security->private_data = NULL;
 }
 
@@ -544,7 +536,7 @@ static NTSTATUS gensec_krb5_update(struct gensec_security *gensec_security, TALL
 
 		if (pac.data) {
 			/* decode and verify the pac */
-			nt_status = gensec_krb5_decode_pac(gensec_krb5_state->mem_ctx, &gensec_krb5_state->logon_info, pac,
+			nt_status = gensec_krb5_decode_pac(gensec_krb5_state, &gensec_krb5_state->logon_info, pac,
 							   gensec_krb5_state);
 		} else {
 			/* NULL PAC, we might need to figure this information out the hard way */
@@ -556,7 +548,7 @@ static NTSTATUS gensec_krb5_update(struct gensec_security *gensec_security, TALL
 			/* wrap that up in a nice GSS-API wrapping */
 			*out = gensec_gssapi_gen_krb5_wrap(out_mem_ctx, &unwrapped_out, TOK_ID_KRB_AP_REP);
 
-			gensec_krb5_state->peer_principal = talloc_steal(gensec_krb5_state->mem_ctx, principal);
+			gensec_krb5_state->peer_principal = talloc_steal(gensec_krb5_state, principal);
 		}
 		return nt_status;
 	}
@@ -591,7 +583,7 @@ static NTSTATUS gensec_krb5_session_key(struct gensec_security *gensec_security,
 	}
 	if (err == 0 && skey != NULL) {
 		DEBUG(10, ("Got KRB5 session key of length %d\n",  KRB5_KEY_LENGTH(skey)));
-		gensec_krb5_state->session_key = data_blob_talloc(gensec_krb5_state->mem_ctx, 
+		gensec_krb5_state->session_key = data_blob_talloc(gensec_krb5_state, 
 						KRB5_KEY_DATA(skey), KRB5_KEY_LENGTH(skey));
 		*session_key = gensec_krb5_state->session_key;
 		dump_data_pw("KRB5 Session Key:\n", session_key->data, session_key->length);
@@ -609,7 +601,6 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
 {
 	NTSTATUS nt_status;
 	struct gensec_krb5_state *gensec_krb5_state = gensec_security->private_data;
-	TALLOC_CTX *mem_ctx;
 	struct auth_serversupplied_info *server_info = NULL;
 	struct auth_session_info *session_info = NULL;
 	struct PAC_LOGON_INFO *logon_info = gensec_krb5_state->logon_info;
@@ -657,7 +648,7 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
 		
 		ptoken->num_sids = 0;
 		
-		ptoken->user_sids = talloc_array_p(mem_ctx, struct dom_sid*, logon_info->groups_count + 2);
+		ptoken->user_sids = talloc_array_p(ptoken, struct dom_sid*, logon_info->groups_count + 2);
 		if (!ptoken->user_sids) {
 			return NT_STATUS_NO_MEMORY;
 		}
diff --git a/source4/libcli/auth/gensec_ntlmssp.c b/source4/libcli/auth/gensec_ntlmssp.c
index 8b760bcd45..7270797f52 100644
--- a/source4/libcli/auth/gensec_ntlmssp.c
+++ b/source4/libcli/auth/gensec_ntlmssp.c
@@ -24,7 +24,6 @@
 #include "includes.h"
 
 struct gensec_ntlmssp_state {
-	TALLOC_CTX *mem_ctx;
 	struct auth_context *auth_context;
 	struct auth_serversupplied_info *server_info;
 	struct ntlmssp_state *ntlmssp_state;
@@ -125,13 +124,13 @@ static NTSTATUS auth_ntlmssp_check_password(struct ntlmssp_state *ntlmssp_state,
 	}
 	if (gensec_ntlmssp_state->server_info->user_session_key.length) {
 		DEBUG(10, ("Got NT session key of length %u\n", gensec_ntlmssp_state->server_info->user_session_key.length));
-		*user_session_key = data_blob_talloc(ntlmssp_state->mem_ctx, 
+		*user_session_key = data_blob_talloc(ntlmssp_state, 
 						   gensec_ntlmssp_state->server_info->user_session_key.data,
 						   gensec_ntlmssp_state->server_info->user_session_key.length);
 	}
 	if (gensec_ntlmssp_state->server_info->lm_session_key.length) {
 		DEBUG(10, ("Got LM session key of length %u\n", gensec_ntlmssp_state->server_info->lm_session_key.length));
-		*lm_session_key = data_blob_talloc(ntlmssp_state->mem_ctx, 
+		*lm_session_key = data_blob_talloc(ntlmssp_state, 
 						   gensec_ntlmssp_state->server_info->lm_session_key.data,
 						   gensec_ntlmssp_state->server_info->lm_session_key.length);
 	}
@@ -142,17 +141,11 @@ static NTSTATUS gensec_ntlmssp_start(struct gensec_security *gensec_security)
 {
 	struct gensec_ntlmssp_state *gensec_ntlmssp_state;
 	
-	TALLOC_CTX *mem_ctx = talloc_init("gensec_ntlmssp");
-	if (!mem_ctx) {
-		return NT_STATUS_NO_MEMORY;
-	}
-
-	gensec_ntlmssp_state = talloc_p(mem_ctx, struct gensec_ntlmssp_state);
+	gensec_ntlmssp_state = talloc_p(gensec_security, struct gensec_ntlmssp_state);
 	if (!gensec_ntlmssp_state) {
 		return NT_STATUS_NO_MEMORY;
 	}
 
-	gensec_ntlmssp_state->mem_ctx = mem_ctx;
 	gensec_ntlmssp_state->ntlmssp_state = NULL;
 	gensec_ntlmssp_state->auth_context = NULL;
 	gensec_ntlmssp_state->server_info = NULL;
@@ -175,7 +168,8 @@ static NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_secur
 
 	gensec_ntlmssp_state = gensec_security->private_data;
 
-	if (!NT_STATUS_IS_OK(nt_status = ntlmssp_server_start(&gensec_ntlmssp_state->ntlmssp_state))) {
+	if (!NT_STATUS_IS_OK(nt_status = ntlmssp_server_start(gensec_security,
+							      &gensec_ntlmssp_state->ntlmssp_state))) {
 		return nt_status;
 	}
 
@@ -221,7 +215,8 @@ static NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_secur
 	}
 
 	gensec_ntlmssp_state = gensec_security->private_data;
-	status = ntlmssp_client_start(&gensec_ntlmssp_state->ntlmssp_state);
+	status = ntlmssp_client_start(gensec_security, 
+				      &gensec_ntlmssp_state->ntlmssp_state);
 	if (!NT_STATUS_IS_OK(status)) {
 		return status;
 	}
@@ -265,7 +260,7 @@ static NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_secur
 		return status;
 	}
 
-	status = gensec_get_password(gensec_security, gensec_ntlmssp_state->mem_ctx, &password);
+	status = gensec_get_password(gensec_security, gensec_ntlmssp_state, &password);
 	if (!NT_STATUS_IS_OK(status)) {
 		return status;
 	}
@@ -410,7 +405,7 @@ static void gensec_ntlmssp_end(struct gensec_security *gensec_security)
 	if (gensec_ntlmssp_state->server_info) {
 		free_server_info(&gensec_ntlmssp_state->server_info);
 	}
-	talloc_destroy(gensec_ntlmssp_state->mem_ctx);
+	talloc_free(gensec_ntlmssp_state);
 	gensec_security->private_data = NULL;
 }
 
diff --git a/source4/libcli/auth/ntlmssp.c b/source4/libcli/auth/ntlmssp.c
index f52f1ffbf9..2ea0bcb84e 100644
--- a/source4/libcli/auth/ntlmssp.c
+++ b/source4/libcli/auth/ntlmssp.c
@@ -107,7 +107,7 @@ void debug_ntlmssp_flags(uint32_t neg_flags)
    
 static const uint8_t *get_challenge(const struct ntlmssp_state *ntlmssp_state)
 {
-	uint8_t *chal = talloc(ntlmssp_state->mem_ctx, 8);
+	uint8_t *chal = talloc(ntlmssp_state, 8);
 	generate_random_buffer(chal, 8);
 
 	return chal;
@@ -143,7 +143,7 @@ static NTSTATUS set_challenge(struct ntlmssp_state *ntlmssp_state, DATA_BLOB *ch
 
 NTSTATUS ntlmssp_set_username(struct ntlmssp_state *ntlmssp_state, const char *user) 
 {
-	ntlmssp_state->user = talloc_strdup(ntlmssp_state->mem_ctx, user);
+	ntlmssp_state->user = talloc_strdup(ntlmssp_state, user);
 	if (!ntlmssp_state->user) {
 		return NT_STATUS_NO_MEMORY;
 	}
@@ -159,7 +159,7 @@ NTSTATUS ntlmssp_set_password(struct ntlmssp_state *ntlmssp_state, const char *p
 	if (!password) {
 		ntlmssp_state->password = NULL;
 	} else {
-		ntlmssp_state->password = talloc_strdup(ntlmssp_state->mem_ctx, password);
+		ntlmssp_state->password = talloc_strdup(ntlmssp_state, password);
 		if (!ntlmssp_state->password) {
 			return NT_STATUS_NO_MEMORY;
 		}
@@ -173,7 +173,7 @@ NTSTATUS ntlmssp_set_password(struct ntlmssp_state *ntlmssp_state, const char *p
  */
 NTSTATUS ntlmssp_set_domain(struct ntlmssp_state *ntlmssp_state, const char *domain) 
 {
-	ntlmssp_state->domain = talloc_strdup(ntlmssp_state->mem_ctx, domain);
+	ntlmssp_state->domain = talloc_strdup(ntlmssp_state, domain);
 	if (!ntlmssp_state->domain) {
 		return NT_STATUS_NO_MEMORY;
 	}
@@ -186,7 +186,7 @@ NTSTATUS ntlmssp_set_domain(struct ntlmssp_state *ntlmssp_state, const char *dom
  */
 NTSTATUS ntlmssp_set_workstation(struct ntlmssp_state *ntlmssp_state, const char *workstation) 
 {
-	ntlmssp_state->workstation = talloc_strdup(ntlmssp_state->mem_ctx, workstation);
+	ntlmssp_state->workstation = talloc_strdup(ntlmssp_state, workstation);
 	if (!ntlmssp_state->domain) {
 		return NT_STATUS_NO_MEMORY;
 	}
@@ -201,7 +201,7 @@ NTSTATUS ntlmssp_set_workstation(struct ntlmssp_state *ntlmssp_state, const char
 NTSTATUS ntlmssp_store_response(struct ntlmssp_state *ntlmssp_state,
 				DATA_BLOB response) 
 {
-	ntlmssp_state->stored_response = data_blob_talloc(ntlmssp_state->mem_ctx, 
+	ntlmssp_state->stored_response = data_blob_talloc(ntlmssp_state, 
 							  response.data, response.length);
 	return NT_STATUS_OK;
 }
@@ -234,7 +234,7 @@ NTSTATUS ntlmssp_update(struct ntlmssp_state *ntlmssp_state,
 	if (!out_mem_ctx) {
 		/* if the caller doesn't want to manage/own the memory, 
 		   we can put it on our context */
-		out_mem_ctx = ntlmssp_state->mem_ctx;
+		out_mem_ctx = ntlmssp_state;
 	}
 
 	if (!in.length && ntlmssp_state->stored_response.length) {
@@ -257,7 +257,7 @@ NTSTATUS ntlmssp_update(struct ntlmssp_state *ntlmssp_state,
 			break;
 		}
 	} else {
-		if (!msrpc_parse(ntlmssp_state->mem_ctx, 
+		if (!msrpc_parse(ntlmssp_state, 
 				 &input, "Cd",
 				 "NTLMSSP",
 				 &ntlmssp_command)) {
@@ -311,12 +311,10 @@ NTSTATUS ntlmssp_session_key(struct ntlmssp_state *ntlmssp_state,
 
 void ntlmssp_end(struct ntlmssp_state **ntlmssp_state)
 {
-	TALLOC_CTX *mem_ctx = (*ntlmssp_state)->mem_ctx;
-
 	(*ntlmssp_state)->ref_count--;
 
 	if ((*ntlmssp_state)->ref_count == 0) {
-		talloc_destroy(mem_ctx);
+		talloc_free(*ntlmssp_state);
 	}
 
 	*ntlmssp_state = NULL;
@@ -464,7 +462,7 @@ static NTSTATUS ntlmssp_server_negotiate(struct ntlmssp_state *ntlmssp_state,
 #endif
 
 	if (in.length) {
-		if (!msrpc_parse(ntlmssp_state->mem_ctx, 
+		if (!msrpc_parse(ntlmssp_state, 
 				 &in, "CddAA",
 				 "NTLMSSP",
 				 &ntlmssp_command,
@@ -502,8 +500,8 @@ static NTSTATUS ntlmssp_server_negotiate(struct ntlmssp_state *ntlmssp_state,
 	if (target_name == NULL) 
 		return NT_STATUS_INVALID_PARAMETER;
 
-	ntlmssp_state->chal = data_blob_talloc(ntlmssp_state->mem_ctx, cryptkey, 8);
-	ntlmssp_state->internal_chal = data_blob_talloc(ntlmssp_state->mem_ctx, cryptkey, 8);
+	ntlmssp_state->chal = data_blob_talloc(ntlmssp_state, cryptkey, 8);
+	ntlmssp_state->internal_chal = data_blob_talloc(ntlmssp_state, cryptkey, 8);
 
 	/* This should be a 'netbios domain -> DNS domain' mapping */
 	dnsdomname[0] = '\0';
@@ -599,7 +597,7 @@ static NTSTATUS ntlmssp_server_preauth(struct ntlmssp_state *ntlmssp_state,
 	ntlmssp_state->workstation = NULL;
 
 	/* now the NTLMSSP encoded auth hashes */
-	if (!msrpc_parse(ntlmssp_state->mem_ctx, 
+	if (!msrpc_parse(ntlmssp_state, 
 			 &request, parse_string,
 			 "NTLMSSP", 
 			 &ntlmssp_command, 
@@ -625,7 +623,7 @@ static NTSTATUS ntlmssp_server_preauth(struct ntlmssp_state *ntlmssp_state,
 		}
 
 		/* now the NTLMSSP encoded auth hashes */
-		if (!msrpc_parse(ntlmssp_state->mem_ctx, 
+		if (!msrpc_parse(ntlmssp_state, 
 				 &request, parse_string,
 				 "NTLMSSP", 
 				 &ntlmssp_command, 
@@ -690,7 +688,7 @@ static NTSTATUS ntlmssp_server_preauth(struct ntlmssp_state *ntlmssp_state,
 			MD5Update(&md5_session_nonce_ctx, ntlmssp_state->session_nonce, 16);
 			MD5Final(session_nonce_hash, &md5_session_nonce_ctx);
 			
-			ntlmssp_state->chal = data_blob_talloc(ntlmssp_state->mem_ctx, 
+			ntlmssp_state->chal = data_blob_talloc(ntlmssp_state, 
 							       session_nonce_hash, 8);
 
 			/* LM response is no longer useful, zero it out */
@@ -736,7 +734,7 @@ static NTSTATUS ntlmssp_server_postauth(struct ntlmssp_state *ntlmssp_state,
 	/* Handle the different session key derivation for NTLM2 */
 	if (ntlmssp_state->doing_ntlm2) {
 		if (user_session_key && user_session_key->data && user_session_key->length == 16) {
-			session_key = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 16);
+			session_key = data_blob_talloc(ntlmssp_state, NULL, 16);
 			hmac_md5(user_session_key->data, ntlmssp_state->session_nonce, 
 				 sizeof(ntlmssp_state->session_nonce), session_key.data);
 			DEBUG(10,("ntlmssp_server_auth: Created NTLM2 session key.\n"));
@@ -752,7 +750,7 @@ static NTSTATUS ntlmssp_server_postauth(struct ntlmssp_state *ntlmssp_state,
 
 		if (lm_session_key && lm_session_key->data && lm_session_key->length >= 8) {
 			if (ntlmssp_state->lm_resp.data && ntlmssp_state->lm_resp.length == 24) {
-				session_key = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 16);
+				session_key = data_blob_talloc(ntlmssp_state, NULL, 16);
 				SMBsesskeygen_lm_sess_key(lm_session_key->data, ntlmssp_state->lm_resp.data, 
 							  session_key.data);
 				DEBUG(10,("ntlmssp_server_auth: Created NTLM session key.\n"));
@@ -761,7 +759,7 @@ static NTSTATUS ntlmssp_server_postauth(struct ntlmssp_state *ntlmssp_state,
 				
 				/* When there is no LM response, just use zeros */
  				static const uint8_t zeros[24];
- 				session_key = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 16);
+ 				session_key = data_blob_talloc(ntlmssp_state, NULL, 16);
  				SMBsesskeygen_lm_sess_key(zeros, zeros, 
  							  session_key.data);
  				DEBUG(10,("ntlmssp_server_auth: Created NTLM session key.\n"));
@@ -820,7 +818,7 @@ static NTSTATUS ntlmssp_server_postauth(struct ntlmssp_state *ntlmssp_state,
 			arcfour_crypt(ntlmssp_state->encrypted_session_key.data, 
 				      session_key.data, 
 				      ntlmssp_state->encrypted_session_key.length);
-			ntlmssp_state->session_key = data_blob_talloc(ntlmssp_state->mem_ctx, 
+			ntlmssp_state->session_key = data_blob_talloc(ntlmssp_state, 
 								      ntlmssp_state->encrypted_session_key.data, 
 								      ntlmssp_state->encrypted_session_key.length);
 			dump_data_pw("KEY_EXCH session key:\n", ntlmssp_state->encrypted_session_key.data, 
@@ -903,22 +901,17 @@ static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state,
  * @param ntlmssp_state NTLMSSP State, allocated by this function
  */
 
-NTSTATUS ntlmssp_server_start(struct ntlmssp_state **ntlmssp_state)
+NTSTATUS ntlmssp_server_start(TALLOC_CTX *mem_ctx, struct ntlmssp_state **ntlmssp_state)
 {
-	TALLOC_CTX *mem_ctx;
-
-	mem_ctx = talloc_init("NTLMSSP context");
-	
-	*ntlmssp_state = talloc_zero(mem_ctx, sizeof(**ntlmssp_state));
+	*ntlmssp_state = talloc_p(mem_ctx, struct ntlmssp_state);
 	if (!*ntlmssp_state) {
 		DEBUG(0,("ntlmssp_server_start: talloc failed!\n"));
-		talloc_destroy(mem_ctx);
 		return NT_STATUS_NO_MEMORY;
 	}
+	ZERO_STRUCTP(*ntlmssp_state);
 
 	(*ntlmssp_state)->role = NTLMSSP_SERVER;
 
-	(*ntlmssp_state)->mem_ctx = mem_ctx;
 	(*ntlmssp_state)->get_challenge = get_challenge;
 	(*ntlmssp_state)->set_challenge = set_challenge;
 	(*ntlmssp_state)->may_set_challenge = may_set_challenge;
@@ -1025,7 +1018,7 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
 	DATA_BLOB encrypted_session_key = data_blob(NULL, 0);
 	NTSTATUS nt_status;
 
-	if (!msrpc_parse(ntlmssp_state->mem_ctx, 
+	if (!msrpc_parse(ntlmssp_state, 
 			 &in, "CdBd",
 			 "NTLMSSP",
 			 &ntlmssp_command, 
@@ -1064,7 +1057,7 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
 	DEBUG(3, ("NTLMSSP: Set final flags:\n"));
 	debug_ntlmssp_flags(ntlmssp_state->neg_flags);
 
-	if (!msrpc_parse(ntlmssp_state->mem_ctx, 
+	if (!msrpc_parse(ntlmssp_state, 
 			 &in, chal_parse_string,
 			 "NTLMSSP",
 			 &ntlmssp_command, 
@@ -1089,8 +1082,8 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
 		/* do nothing - blobs are zero length */
 
 		/* session key is all zeros */
-		session_key = data_blob_talloc(ntlmssp_state->mem_ctx, zeros, 16);
-		lm_session_key = data_blob_talloc(ntlmssp_state->mem_ctx, zeros, 16);
+		session_key = data_blob_talloc(ntlmssp_state, zeros, 16);
+		lm_session_key = data_blob_talloc(ntlmssp_state, zeros, 16);
 
 		/* not doing NLTM2 without a password */
 		ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_NTLM2;
@@ -1126,7 +1119,7 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
 		uint8_t user_session_key[16];
 		E_md4hash(ntlmssp_state->password, nt_hash);
 		
-		lm_response = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 24);
+		lm_response = data_blob_talloc(ntlmssp_state, NULL, 24);
 		generate_random_buffer(lm_response.data, 8);
 		memset(lm_response.data+8, 0, 16);
 
@@ -1142,12 +1135,12 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
 		DEBUG(5, ("challenge is: \n"));
 		dump_data(5, (const char *)session_nonce_hash, 8);
 		
-		nt_response = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 24);
+		nt_response = data_blob_talloc(ntlmssp_state, NULL, 24);
 		SMBNTencrypt(ntlmssp_state->password,
 			     session_nonce_hash,
 			     nt_response.data);
 
-		session_key = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 16);
+		session_key = data_blob_talloc(ntlmssp_state, NULL, 16);
 
 		SMBsesskeygen_ntv1(nt_hash, user_session_key);
 		hmac_md5(user_session_key, session_nonce, sizeof(session_nonce), session_key.data);
@@ -1159,18 +1152,18 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
 		uint8_t nt_hash[16];
 
 		if (ntlmssp_state->use_nt_response) {
-			nt_response = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 24);
+			nt_response = data_blob_talloc(ntlmssp_state, NULL, 24);
 			SMBNTencrypt(ntlmssp_state->password,challenge_blob.data,
 				     nt_response.data);
 			E_md4hash(ntlmssp_state->password, nt_hash);
-			session_key = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 16);
+			session_key = data_blob_talloc(ntlmssp_state, NULL, 16);
 			SMBsesskeygen_ntv1(nt_hash, session_key.data);
 			dump_data_pw("NT session key:\n", session_key.data, session_key.length);
 		}
 
 		/* lanman auth is insecure, it may be disabled */
 		if (lp_client_lanman_auth()) {
-			lm_response = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 24);
+			lm_response = data_blob_talloc(ntlmssp_state, NULL, 24);
 			if (!SMBencrypt(ntlmssp_state->password,challenge_blob.data,
 					lm_response.data)) {
 				/* If the LM password was too long (and therefore the LM hash being
@@ -1181,7 +1174,7 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
 				ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_LM_KEY;
 			} else {
 				E_deshash(ntlmssp_state->password, lm_hash);
-				lm_session_key = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 16);
+				lm_session_key = data_blob_talloc(ntlmssp_state, NULL, 16);
 				memcpy(lm_session_key.data, lm_hash, 8);
 				memset(&lm_session_key.data[8], '\0', 8);
 
@@ -1197,7 +1190,7 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
 	
 	if ((ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_LM_KEY) 
 	    && lp_client_lanman_auth() && lm_session_key.length == 16) {
-		DATA_BLOB new_session_key = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 16);
+		DATA_BLOB new_session_key = data_blob_talloc(ntlmssp_state, NULL, 16);
 		if (lm_response.length == 24) {
 			SMBsesskeygen_lm_sess_key(lm_session_key.data, lm_response.data, 
 						  new_session_key.data);
@@ -1220,14 +1213,14 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
 		generate_random_buffer(client_session_key, sizeof(client_session_key));
 
 		/* Encrypt the new session key with the old one */
-		encrypted_session_key = data_blob_talloc(ntlmssp_state->mem_ctx, 
+		encrypted_session_key = data_blob_talloc(ntlmssp_state, 
 							 client_session_key, sizeof(client_session_key));
 		dump_data_pw("KEY_EXCH session key:\n", encrypted_session_key.data, encrypted_session_key.length);
 		arcfour_crypt(encrypted_session_key.data, session_key.data, encrypted_session_key.length);
 		dump_data_pw("KEY_EXCH session key (enc):\n", encrypted_session_key.data, encrypted_session_key.length);
 
 		/* Mark the new session key as the 'real' session key */
-		session_key = data_blob_talloc(ntlmssp_state->mem_ctx, client_session_key, sizeof(client_session_key));
+		session_key = data_blob_talloc(ntlmssp_state, client_session_key, sizeof(client_session_key));
 	}
 
 	/* this generates the actual auth packet */
@@ -1266,23 +1259,17 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
 	return NT_STATUS_MORE_PROCESSING_REQUIRED;
 }
 
-NTSTATUS ntlmssp_client_start(struct ntlmssp_state **ntlmssp_state)
+NTSTATUS ntlmssp_client_start(TALLOC_CTX *mem_ctx, struct ntlmssp_state **ntlmssp_state)
 {
-	TALLOC_CTX *mem_ctx;
-
-	mem_ctx = talloc_init("NTLMSSP Client context");
-	
-	*ntlmssp_state = talloc_zero(mem_ctx, sizeof(**ntlmssp_state));
+	*ntlmssp_state = talloc_p(mem_ctx, struct ntlmssp_state);
 	if (!*ntlmssp_state) {
 		DEBUG(0,("ntlmssp_client_start: talloc failed!\n"));
-		talloc_destroy(mem_ctx);
 		return NT_STATUS_NO_MEMORY;
 	}
+	ZERO_STRUCTP(*ntlmssp_state);
 
 	(*ntlmssp_state)->role = NTLMSSP_CLIENT;
 
-	(*ntlmssp_state)->mem_ctx = mem_ctx;
-
 	(*ntlmssp_state)->get_global_myname = lp_netbios_name;
 	(*ntlmssp_state)->get_domain = lp_workgroup;
 
diff --git a/source4/libcli/auth/ntlmssp.h b/source4/libcli/auth/ntlmssp.h
index a318025650..a6d1510450 100644
--- a/source4/libcli/auth/ntlmssp.h
+++ b/source4/libcli/auth/ntlmssp.h
@@ -75,7 +75,6 @@ enum ntlmssp_message_type
 
 struct ntlmssp_state 
 {
-	TALLOC_CTX *mem_ctx;
 	uint_t ref_count;
 	enum ntlmssp_role role;
 	enum samr_Role server_role;
diff --git a/source4/libcli/auth/ntlmssp_sign.c b/source4/libcli/auth/ntlmssp_sign.c
index 2b9659ae52..5a99f14496 100644
--- a/source4/libcli/auth/ntlmssp_sign.c
+++ b/source4/libcli/auth/ntlmssp_sign.c
@@ -387,14 +387,14 @@ NTSTATUS ntlmssp_sign_init(struct ntlmssp_state *ntlmssp_state)
 			     weak_session_key.length);
 
 		/* SEND */
-		calc_ntlmv2_key(ntlmssp_state->mem_ctx, 
+		calc_ntlmv2_key(ntlmssp_state, 
 				&ntlmssp_state->send_sign_key, 
 				ntlmssp_state->session_key, send_sign_const);
 		dump_data_pw("NTLMSSP send sign key:\n",
 			     ntlmssp_state->send_sign_key.data, 
 			     ntlmssp_state->send_sign_key.length);
 		
-		calc_ntlmv2_key(ntlmssp_state->mem_ctx, 
+		calc_ntlmv2_key(ntlmssp_state, 
 				&ntlmssp_state->send_seal_key, 
 				weak_session_key, send_seal_const);
 		dump_data_pw("NTLMSSP send seal key:\n",
@@ -409,14 +409,14 @@ NTSTATUS ntlmssp_sign_init(struct ntlmssp_state *ntlmssp_state)
 			     sizeof(ntlmssp_state->send_seal_hash));
 
 		/* RECV */
-		calc_ntlmv2_key(ntlmssp_state->mem_ctx, 
+		calc_ntlmv2_key(ntlmssp_state, 
 				&ntlmssp_state->recv_sign_key, 
 				ntlmssp_state->session_key, recv_sign_const);
 		dump_data_pw("NTLMSSP recv sign key:\n",
 			     ntlmssp_state->recv_sign_key.data, 
 			     ntlmssp_state->recv_sign_key.length);
 
-		calc_ntlmv2_key(ntlmssp_state->mem_ctx, 
+		calc_ntlmv2_key(ntlmssp_state, 
 				&ntlmssp_state->recv_seal_key, 
 				weak_session_key, recv_seal_const);
 		dump_data_pw("NTLMSSP recv seal key:\n",
diff --git a/source4/libcli/auth/spnego.c b/source4/libcli/auth/spnego.c
index bbf8f86676..efe9ad675b 100644
--- a/source4/libcli/auth/spnego.c
+++ b/source4/libcli/auth/spnego.c
@@ -37,7 +37,6 @@ enum spnego_state_position {
 };
 
 struct spnego_state {
-	TALLOC_CTX *mem_ctx;
 	uint_t ref_count;
 	enum spnego_message_type expected_packet;
 	enum spnego_state_position state_position;
@@ -47,19 +46,14 @@ struct spnego_state {
 static NTSTATUS gensec_spnego_client_start(struct gensec_security *gensec_security)
 {
 	struct spnego_state *spnego_state;
-	TALLOC_CTX *mem_ctx = talloc_init("gensec_spnego_client_start");
-	if (!mem_ctx) {
-		return NT_STATUS_NO_MEMORY;
-	}
-	spnego_state = talloc_p(mem_ctx, struct spnego_state);
-		
+
+	spnego_state = talloc_p(gensec_security, struct spnego_state);		
 	if (!spnego_state) {
 		return NT_STATUS_NO_MEMORY;
 	}
 
 	spnego_state->expected_packet = SPNEGO_NEG_TOKEN_INIT;
 	spnego_state->state_position = SPNEGO_CLIENT_START;
-	spnego_state->mem_ctx = mem_ctx;
 	spnego_state->sub_sec_security = NULL;
 
 	gensec_security->private_data = spnego_state;
@@ -69,19 +63,14 @@ static NTSTATUS gensec_spnego_client_start(struct gensec_security *gensec_securi
 static NTSTATUS gensec_spnego_server_start(struct gensec_security *gensec_security)
 {
 	struct spnego_state *spnego_state;
-	TALLOC_CTX *mem_ctx = talloc_init("gensec_spnego_server_start");
-	if (!mem_ctx) {
-		return NT_STATUS_NO_MEMORY;
-	}
-	spnego_state = talloc_p(mem_ctx, struct spnego_state);
-		
+
+	spnego_state = talloc_p(gensec_security, struct spnego_state);		
 	if (!spnego_state) {
 		return NT_STATUS_NO_MEMORY;
 	}
 
 	spnego_state->expected_packet = SPNEGO_NEG_TOKEN_INIT;
 	spnego_state->state_position = SPNEGO_SERVER_START;
-	spnego_state->mem_ctx = mem_ctx;
 	spnego_state->sub_sec_security = NULL;
 
 	gensec_security->private_data = spnego_state;
@@ -426,7 +415,7 @@ static NTSTATUS gensec_spnego_update(struct gensec_security *gensec_security, TA
 	*out = data_blob(NULL, 0);
 
 	if (!out_mem_ctx) {
-		out_mem_ctx = spnego_state->mem_ctx;
+		out_mem_ctx = spnego_state;
 	}
 
 	/* and switch into the state machine */
@@ -701,7 +690,7 @@ static void gensec_spnego_end(struct gensec_security *gensec_security)
 		gensec_end(&spnego_state->sub_sec_security);
 	}
 
-	talloc_destroy(spnego_state->mem_ctx);
+	talloc_free(spnego_state);
 
 	gensec_security->private_data = NULL;
 }
diff --git a/source4/torture/auth/ntlmssp.c b/source4/torture/auth/ntlmssp.c
index dc4356bac1..a10ca77c53 100644
--- a/source4/torture/auth/ntlmssp.c
+++ b/source4/torture/auth/ntlmssp.c
@@ -27,7 +27,7 @@ BOOL torture_ntlmssp_self_check(int dummy)
 	DATA_BLOB sig, expected_sig;
 	NTSTATUS status;
 
-	if (!NT_STATUS_IS_OK(ntlmssp_client_start(&ntlmssp_state))) {
+	if (!NT_STATUS_IS_OK(ntlmssp_client_start(NULL, &ntlmssp_state))) {
 		return False;
 	}
 
@@ -45,7 +45,7 @@ BOOL torture_ntlmssp_self_check(int dummy)
 	}
 
 	data = strhex_to_data_blob("6a43494653");
-	ntlmssp_sign_packet(ntlmssp_state, ntlmssp_state->mem_ctx, 
+	ntlmssp_sign_packet(ntlmssp_state, ntlmssp_state, 
 			    data.data, data.length, data.data, data.length, &sig);
 
 	expected_sig = strhex_to_data_blob("01000000e37f97f2544f4d7e00000000");
@@ -64,7 +64,7 @@ BOOL torture_ntlmssp_self_check(int dummy)
 
 	ntlmssp_end(&ntlmssp_state);
 
-	if (!NT_STATUS_IS_OK(ntlmssp_client_start(&ntlmssp_state))) {
+	if (!NT_STATUS_IS_OK(ntlmssp_client_start(NULL, &ntlmssp_state))) {
 		return False;
 	}
 
@@ -82,7 +82,7 @@ BOOL torture_ntlmssp_self_check(int dummy)
 	}
 
 	data = strhex_to_data_blob("6a43494653");
-	ntlmssp_sign_packet(ntlmssp_state, ntlmssp_state->mem_ctx, 
+	ntlmssp_sign_packet(ntlmssp_state, ntlmssp_state, 
 			    data.data, data.length, data.data, data.length, &sig);
 
 	expected_sig = strhex_to_data_blob("0100000078010900397420fe0e5a0f89");
author	Andrew Tridgell <tridge@samba.org>	2004-09-26 02:16:25 +0000
committer	Gerald (Jerry) Carter <jerry@samba.org>	2007-10-10 12:59:16 -0500
commit	4b1050a6cf3e6d9f7a8e75dd90ed1ccd52f29abb (patch)
tree	17ccfac3fbbde4dc6c48ce01dc530e39c8e8f21a /source4
parent	525a993469f50ccf8cf5a44cb337a06d61f50622 (diff)
download	samba-4b1050a6cf3e6d9f7a8e75dd90ed1ccd52f29abb.tar.gz samba-4b1050a6cf3e6d9f7a8e75dd90ed1ccd52f29abb.tar.bz2 samba-4b1050a6cf3e6d9f7a8e75dd90ed1ccd52f29abb.zip