Refactor signing code to remove most dependencies on 'struct cli'.

Ensure a server can't do a downgrade attack if client signing is mandatory.
Add a lp_server_signing() function and a 'server signing' parameter that
will act as the client one does.
Jeremy

2 files changed, 14 insertions, 12 deletions

diff --git a/source/include/client.h b/source/include/client.h
index fad2c099b96..598e6c0bda5 100644
--- a/source/include/client.h
+++ b/source/include/client.h
@@ -57,18 +57,6 @@ struct print_job_info
 	time_t t;
 };
 
-typedef struct smb_sign_info {
-	void (*sign_outgoing_message)(struct cli_state *cli);
-	BOOL (*check_incoming_message)(struct cli_state *cli);
-	void (*free_signing_context)(struct cli_state *cli);
-	void *signing_context;
-
-	BOOL negotiated_smb_signing;
-	BOOL allow_smb_signing;
-	BOOL doing_signing;
-	BOOL mandatory_signing;
-} smb_sign_info;
-
 struct cli_state {
 	int port;
 	int fd;
diff --git a/source/include/smb.h b/source/include/smb.h
index d2714e78bc8..85ee5cdfc69 100644
--- a/source/include/smb.h
+++ b/source/include/smb.h
@@ -1630,4 +1630,18 @@ struct ip_service {
 	unsigned port;
 };
 
+/* Used by the SMB signing functions. */
+
+typedef struct smb_sign_info {
+	void (*sign_outgoing_message)(char *outbuf, struct smb_sign_info *si);
+	BOOL (*check_incoming_message)(char *inbuf, struct smb_sign_info *si);
+	void (*free_signing_context)(struct smb_sign_info *si);
+	void *signing_context;
+
+	BOOL negotiated_smb_signing;
+	BOOL allow_smb_signing;
+	BOOL doing_signing;
+	BOOL mandatory_signing;
+} smb_sign_info;
+
 #endif /* _SMB_H */