AnyConnect Secure Mobility Client 4.8.02045

include/ClientIfcBase.h

00001 /**************************************************************************
00002 *       Copyright (c) 2006, Cisco Systems, All Rights Reserved
00003 ***************************************************************************
00004 *
00005 *  File:    ClientIfcBase.h
00006 *  Author:  Chris Fitzgerald
00007 *  Date:    08/2007
00008 *
00009 ***************************************************************************
00010 *
00011 *   Client Interface Base class implementation for the Client API.
00012 *
00013 ***************************************************************************/
00014 
00015 // The ClientIfcBase class contains the majority of private methods and members.
00016 // The purpose of this class is to hide all but the necessary methods from
00017 // being exposed.
00018 //
00019 
00020 #ifndef _CLIENTIFCBASE_
00021 #define _CLIENTIFCBASE_
00022 
00023 #include <list>
00024 #include <vector>
00025 
00026 /*
00027  * When changing the SCRIPTING_SUPPORTED or INTERPROCESS_COMMUNICATION_SUPPORTED definition,
00028  * you MUST also update GenDefs.h!
00029  * We duplicate this definition here due to the manner in which we distribute our
00030  * code to partners; we cannot include GenDefs.h from here.
00031  */
00032 #if !defined(PLATFORM_APPLE_SSLVPN) && !defined(PLATFORM_ANDROID) && !defined(PLATFORM_WIN_APP)
00033 #define SCRIPTING_SUPPORTED
00034 #endif
00035 #if !defined(PLATFORM_WIN_APP)
00036 #define INTERPROCESS_COMMUNICATION_SUPPORTED
00037 #endif
00038 
00039 /*
00040  * When changing the SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED definition, you MUST also update GenDefs.h!
00041  * We duplicate this definition here due to the manner in which we distribute our
00042  * code to partners; we cannot include GenDefs.h from here.
00043  */
00044 #if defined(_WIN32) || defined(_WIN32_WCE) || defined(PLATFORM_DARWIN) || defined(PLATFORM_LINUX) || defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN)
00045 #define SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED
00046 #endif
00047 
00048 /*
00049  * When changing the HOST_DATA_SUPPORTED definition, you MUST also update GenDefs.h!
00050  * We duplicate this definition here due to the manner in which we distribute our
00051  * code to partners; we cannot include GenDefs.h from here.
00052  */
00053 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_CHROMEBOOK)
00054 #define HOST_DATA_SUPPORTED
00055 #endif
00056 
00057 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) || defined(PRODUCT_TYPE_SSA)
00058 /*
00059  ** the MANUAL_PKCS12_IMPORT_SUPPORTED define is used to track the platforms
00060  ** where the manual import of PKCS12 certificates is supported. This is to avoid repeating the
00061  ** platforms in #ifdef clauses in other files.
00062  */
00063 #define MANUAL_PKCS12_IMPORT_SUPPORTED
00064 #endif
00065 
00066 #if defined(PLATFORM_ANDROID)
00067 #define MEMORY_LOGGING_SUPPORTED
00068 #endif
00069 
00070 #if defined(PLATFORM_ANDROID)
00071 #define PROGRAM_DATA_IMPORT_SUPPORTED
00072 #endif
00073 
00074 #if defined(PLATFORM_ANDROID)
00075 // Credentials for a connection can be prefilled via uri handling or API calls
00076 #define CREDENTIAL_PREFILL_SUPPORTED
00077 #endif
00078 
00079 #if defined(MANUAL_PKCS12_IMPORT_SUPPORTED) && !defined(__GENDEFS_H)
00080 #if defined(HAVE_STDINT_H)
00081 #include <stdint.h>
00082 #else
00083 typedef unsigned char uint8_t;
00084 #endif // HAVE_STDINT_H
00085 #endif // MANUAL_PKCS12_IMPORT_SUPPORTED
00086 
00087 #if defined(MEMORY_LOGGING_SUPPORTED)
00088 #include "boost/shared_ptr.hpp"
00089 #include "IACLogger.h"
00090 #endif // MEMORY_LOGGING_SUPPORTED
00091 
00092 #include "api.h"
00093 #include "PreferenceUpdate.h"
00094 
00095 #if defined(PLATFORM_WIN_APP)
00096 typedef unsigned char uint8_t;
00097 #endif
00098 
00099 #if defined(HOST_DATA_SUPPORTED)
00100 #include "IHostData.h"
00101 #endif
00102 
00103 #if defined(ANYCONNECT_USE_SNAK)
00104 #include "Utility/PluginLoader.h"
00105 #include "SNAK_CertPlugin.h"
00106 #include "SNAK_SocketPlugin.h"
00107 #include "SNAK_StoragePlugin.h"
00108 #endif 
00109 
00110 class ConnectPromptInfo;
00111 class ConnectMgr;
00112 class MsgWithArg;
00113 class VPNStats;
00114 class AgentIfc;
00115 class ProfileMgr;
00116 class ApiThread;
00117 class EventMgr;
00118 class PreferenceMgr;
00119 class PreferenceInfo;
00120 class UserPreferences;
00121 class CScriptingMgr;
00122 class CManualLock;
00123 class ProxyIfc;
00124 class CIpcMessage;
00125 class SCEPIfc;
00126 class CertObj;
00127 class CExecutionContext;
00128 class HostEntry;
00129 
00130 #if defined(CREDENTIAL_PREFILL_SUPPORTED)
00131 class CredentialPrefill;
00132 #endif
00133 
00134 #if !defined(PLATFORM_APPLE_SSLVPN)
00135 class CStoragePath;
00136 #endif
00137 
00138 #ifdef ANYCONNECT_USE_SNAK
00139 class PluginLoader;
00140 class SNAK_StoragePlugin;
00141 class SNAK_CertPlugin;
00142 class SNAK_SocketPlugin;
00143 class SNAK_DeviceInfoPlugin;
00144 class SNAKDeviceInfoPluginCBImpl;
00145 #endif // ANYCONNECT_USE_SNAK
00146 
00147 #if defined(ANYCONNECT_USE_SNAK) || defined(PLATFORM_APPLE_SSLVPN)
00148 class ManagedCertificate;
00149 class ManagedCertHandle;
00150 #endif // ANYCONNECT_USE_SNAK || PLATFORM_APPLE_SSLVPN
00151 
00152 #ifdef MEMORY_LOGGING_SUPPORTED
00153 class ACLoggerImpl;
00154 #endif
00155 
00156 #if defined(PROGRAM_DATA_IMPORT_SUPPORTED)
00157 class IACImporterAsync;
00158 class IACImporterAsyncCB;
00159 #endif
00160 
00161 class VPN_VPNAPI ClientIfcBase : private IPreferenceUpdateCB
00162 {
00163     friend class EventMgr;
00164 
00165     protected:
00166 
00167         /**
00168         * Callback used to deliver new statistics related to the VPN
00169         * connection.
00170         *
00171         * When a connection is active, a new set of statistics is
00172         * delivered each second.
00173         *
00174         * @see resetStats(), stopStats() and startStats()
00175         *
00176         */
00177         virtual void StatsCB(VPNStats &stats) = 0;
00178 
00179 
00180         /**
00181         * Callback used to deliver VPN state and state change string.
00182         * The stateString delivered by this method is localized.
00183         *
00184         * See the ::VPNState enum found in api.h for set of valid states.
00185         */
00186         virtual void StateCB(const VPNState state,
00187                              const VPNSubState subState,
00188                              const tstring stateString) = 0;
00189 
00190 
00191         /**
00192         * If a banner needs to be acknowledged, this CB delivers the banner
00193         * to the client.
00194         *
00195         * NOTE: Connection establishment will block until the method
00196         * setBannerResponse() is called.
00197         *
00198         * In a GUI, a banner would typically be displayed in a modal dialog
00199         * with an accept or decline button selection.
00200         *
00201         * @see setBannerResponse() to set the user response to the banner.
00202         */
00203         virtual void BannerCB(const tstring &banner) = 0;
00204 
00205 
00206         /**
00207         * Messages are delivered via the NoticeCB and can come from multiple
00208         * sources.  There are four message types (error, warning, info and
00209         * status).  See the ::MessageType enum in api.h for the list.
00210         *
00211         * Clients using the API as an embedded application (not
00212         * user visible) might want to further characterize
00213         * messages.  One option here is to use the AnyConnect message
00214         * catalog and assign message codes as the translations for
00215         * various messages.  An application could then track messages based
00216         * on its own error code scheme.
00217         */    
00218         virtual void NoticeCB(const tstring notice,
00219                               const MessageType type) = 0;
00220 
00221 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) || defined(PLATFORM_CHROMEBOOK)
00222         virtual void CertBannerCB(const tstring &certBannerSummary,
00223                                   const uint32_t nCertBannerCertLen,
00224                                   const uint8_t *pCertBannerCertDer,
00225                                   const std::list<tstring> &confirmReasons,
00226                                   const std::list<CertConfirmReason> &confirmReasonEnums,
00227                                   bool bImportAllowed = true) = 0;
00228 #endif
00229 
00230         /**
00231         * This CB would likely occur only during a connection when it was
00232         * detected that the software needed to be upgraded, or when Start
00233         * Before Logon (SBL) is being used.
00234         *
00235         * Unlike the other callback methods, this method provides a default
00236         * implementation (calling the system's exit() function).
00237         * If clients of the API wish to override this behavior, they are
00238         * responsible for ensuring that the current running process exits with
00239         * the return code specified by returnCode.
00240         *
00241         * <b>Caution</b>: IF YOU OVERRIDE THIS METHOD AND DO NOT EXIT WITH
00242         * THE PROPER CODE SOFTWARE UPDATE FUNCTIONALITY IN YOUR CLIENT WILL
00243         * BREAK
00244         */
00245         virtual void ExitNoticeCB(const tstring &tstrNotice,
00246                                   const int returnCode);
00247 
00248 
00249         /**
00250         * Under normal operating conditions, this CB is called as soon
00251         * as the attach method completes.  In case the service (vpn agent)
00252         * is not ready, this CB is not called until it is.
00253         *
00254         * Any API calls made prior to this CB being called will result in a
00255         * NoticeCB error message.
00256         */
00257         virtual void ServiceReadyCB() = 0;
00258 
00259 
00260 
00261         /**
00262         * This method supports prompting for single or multiple values.  All
00263         * prompts are considered mandatory.
00264         *
00265         * The ConnectPromptInfo object contains a list of PromptEntry
00266         * instances.  The labels and their default values (if any) can be
00267         * found in these instances.  After the data has been collected from the user
00268         * it can be set into these same instances.  When ready, the client
00269         * application should call the method UserSubmit() to have the
00270         * responses read by the API.
00271         */
00272         virtual void UserPromptCB(ConnectPromptInfo &ConnectPrompt) = 0;
00273 
00274 
00275         /**
00276         * Use this method to provide Window Manager hints to GUI
00277         * applications.  To receive these hints, the application must
00278         * identify itself as a GUI in the attach method.  In addition, this
00279         * method should be overriden to receive any generated events.
00280         *
00281         * Event that can be received include those indicating that a user is
00282         * starting a second instance of the GUI application.  This information
00283         * can be used to tell the already running application to un-minimize
00284         * itself and let the new program know that it should Quit (since a GUI
00285         * is already running).
00286         */
00287         virtual void WMHintCB(const WMHint hint,
00288                               const WMHintReason reason);
00289 
00290 
00291         /**
00292         * This method is useful when the connection to the secure gateway
00293         * has been established as part of a web-launch of the VPN tunnel.
00294         *
00295         * If the client application wishes to be notified of the secure
00296         * gateway to which the VPN has been established, this method should
00297         * be overriden.
00298         *
00299         * If the client application is started and a tunnel is already active,
00300         * this method also delivers the name of the secure gateway host.
00301         */
00302         virtual void deliverWebLaunchHostCB(const tstring &activeHost);
00303 
00304         /**
00305         * This method is called when the preference to block untrusted
00306         * servers is enabled and the current VPN server being connected
00307         * to is untrusted. Clients should present an error to the user
00308         * notifying them that the current connection to rtstrUntrustedServer
00309         * is being blocked. The client should also provide a way for the
00310         * user to change the preference to block untrusted servers.
00311         *
00312         * The user response must be indicated using setCertBlockedResponse
00313         */
00314         virtual void CertBlockedCB(const tstring &rtstrUntrustedServer) = 0;
00315 
00316         /**
00317         * This method is called when connections to untrusted VPN servers
00318         * is allowed by policies and the current VPN server being connected
00319         * to is untrusted. Clients should present a warning to the user
00320         * notifying them that the current connection to rtstrUntrustedServer
00321         * is unsafe. The reason the VPN server is untrusted is provided in
00322         * rltstrCertErrors. The client should provide a way for the user to
00323         * connect once, connect and always trust or cancel the connection.
00324         * If bAllowImport is set to false then the always trust option should
00325         * not be presented to users.
00326         *
00327         * The user response must be indicated using setCertWarningResponse
00328         */
00329         virtual void CertWarningCB(const tstring &rtstrUntrustedServer,
00330                                    const std::list<tstring> &rltstrCertErrors,
00331                                    bool bAllowImport) = 0;
00332 
00333 #if defined(PLATFORM_WIN_APP)
00334         /**
00335         * Same as above but also passes the Server certificate DER for details display
00336         */
00337         virtual void CertWarningCB(const tstring &rtstrUntrustedServer,
00338                                    const std::list<tstring> &rltstrCertErrors,
00339                                    const std::vector<uint8_t> &rvServerCertDER,
00340                                    bool bAllowImport) = 0;
00341 #endif
00342 
00343         /**
00344         * This method can be overriden if the client application wishes to
00345         * exercise some control over the delivery of events from the other
00346         * protected methods in this class.
00347         *
00348         * This might be necessary in cases where a GUI is being written and
00349         * the data from this API needs to be delivered in the GUI or main
00350         * thread.  In this case, you should override this method and when it
00351         * is called by the API post an event to your event queue (message
00352         * pump, etc.).  After this event executes in your GUI or main thread,
00353         * call the method ClientIfc::ProcessEvents to have events delivered
00354         * to your client application.
00355         */
00356         virtual void EventAvailable();
00357 
00358 #ifdef MANUAL_PKCS12_IMPORT_SUPPORTED
00359         virtual void ImportPKCS12ResultCB(const std::vector<uint8_t> &certHash, const tstring &tstrError);
00360 #endif        
00361 #ifdef PLATFORM_ANDROID
00362         virtual void ClientCertificateCB(std::vector< std::pair<uint32_t, uint8_t*> > certList) = 0;
00363         virtual void AgentDetachedCB();
00364 #endif
00365 
00366         AgentIfc &getAgentIfc();
00367 
00368         ClientIfcBase();
00369 
00370 
00371     public:
00372 
00373         virtual bool attach(ClientType clientType = ClientType_GUI,
00374                             bool requestFullCapabilities = true,
00375                             bool suppressAutoConnect = true);
00376 
00377         virtual void detach();
00378 
00379         virtual void ProcessEvents();
00380 
00381         virtual bool hasFullCapabilities();
00382 
00383         virtual bool isConnected();
00384 
00385         virtual bool isAvailable();
00386 
00387         virtual std::list<tstring> getHostNames();
00388 
00389         virtual std::list<HostEntry> getHostEntries();
00390 
00391         virtual tstring getDefaultHostName();
00392 
00393 #if defined(HOST_DATA_SUPPORTED)
00394         virtual bool connect(const IHostData& hostData);
00395                 
00396         bool connect(const IHostData& hostData,
00397                      unsigned int origin);
00398 #else
00399         virtual bool connect(tstring host);
00400 
00401         bool connect(tstring host,
00402                      unsigned int origin);
00403 #endif
00404 
00405         virtual bool setNewTunnelGroup(const tstring & group);
00406 
00407         virtual void disconnect();
00408 
00409         virtual void cancel();
00410 
00411         virtual void resetStats();
00412 
00413         virtual void getState();
00414 
00415         VPNState getCurrentState();
00416         VPNSubState getCurrentSubState();
00417         VPNSubState getPreviousSubState();
00418 
00419         tstring getStateText();
00420         static tstring getNoticeTypeText(MessageType msgType);
00421 
00422         static tstring getStateText(VPNState state,
00423                                     VPNSubState subState = VPNSS_NORMAL,
00424                                     NETENV_STATE netEnvState = NES_NETWORK_ACCESSIBLE,
00425                                     const tstring& tstrConnectedHost = tstring());
00426 
00427         void setNetworkStates(NETENV_STATE netEnvState, 
00428                               NETCTRL_STATE netCtrlState,
00429                               NETWORK_TYPE netType,
00430                               bool bACBrowserForCPRemediation,
00431                               bool bUpdateUI);
00432         void refreshOperatingModeForCurrentNetStates();
00433         NETENV_STATE getCurrentNetEnvState();
00434         NETENV_STATE getPreviousNetEnvState();
00435         NETCTRL_STATE getCurrentNetCtrlState();
00436         NETWORK_TYPE getCurrentNetType();
00437         bool isACBrowserForCPRemediation();
00438 
00439         static tstring getNetCtrlText(NETCTRL_STATE netCtrlState);
00440         static tstring getNetEnvText(NETENV_STATE netEnvState,
00441                                      bool bSimple = false);
00442         static tstring getNetTypeText(NETWORK_TYPE netType);
00443         static tstring getQuarantinedStatusText();
00444         static tstring getNetworkStatusSimpleText(const NETENV_STATE netEnvState,
00445                                                   const NETCTRL_STATE netCtrlState);
00446 
00447         // can't be static due to requiring operating mode information
00448         tstring getNetworkStatusText(const VPNState state,
00449                                      const VPNSubState subState,
00450                                      const NETENV_STATE netEnvState,
00451                                      const NETCTRL_STATE netCtrlState);
00452 
00453         PreferenceInfo &getPreferences();
00454 
00455         bool savePreferences();
00456 
00457         virtual void startStats();
00458 
00459         virtual void stopStats();
00460 
00461         virtual void UserSubmit();
00462 
00463         void setBanner(const tstring &banner);
00464         void setBannerResponse(bool bResponse);
00465         bool getUserResponse();
00466         bool isUserResponseSet();
00467 
00468         void setCertBlocked(const tstring &tstrUntrustedServer);
00469         void setCertWarning(const tstring &rtstrUntrustedServer,
00470                             const std::list<tstring> &rltstrCertErrors,
00471                             bool bAllowImport);
00472 #if defined(PLATFORM_WIN_APP)
00473         void setCertWarning(const tstring &rtstrUntrustedServer,
00474                             const std::list<tstring> &rltstrCertErrors,
00475                             const std::vector<uint8_t>& rvServerCertDER,
00476                             bool bAllowImport);
00477 #endif
00478         bool getCertImportResponse();
00479 
00480 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) || defined(PLATFORM_CHROMEBOOK)
00481         void setCertBanner(tstring tstrCertBannerSummary,
00482                            uint32_t nCertBannerCertLen,
00483                            const uint8_t *pCertBannerCertDer,
00484                            const std::list<tstring> &confirmReasons,
00485                            const std::list<CertConfirmReason> &confirmReasonEnums,
00486                            bool bImportAllowed);
00487 
00488         void setCertBannerResponse(bool bResponse, bool bImportCert);
00489         void importServerCert(std::vector<uint8_t> certData);
00490         bool setFipsMode(bool bEnableFips);
00491 #if defined(PLATFORM_ANDROID)
00492         bool setStrictMode(bool bEnableStrictMode);
00493         bool setRevocationEnabled(bool bRevocationEnabled);
00494         bool IsRevocationEnabled();
00495 #endif // currently supported only for android
00496 #endif
00497 
00498         void setUserPrompt(ConnectPromptInfo &ConnectPrompt);
00499 
00500 #ifdef PLATFORM_ANDROID
00501         void setClientCertResponse(std::vector< std::pair<uint32_t, uint8_t*> > &derList);
00502         void setAgentDetached();
00503         bool getClientCertificates();
00504 #endif
00505 
00506 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID)
00507         void setSCEPEnrollInProgress(bool bInProgress);
00508         bool isSCEPEnrollInProgress();
00509 #endif // PLATFORM_APPLE_SSLVPN || PLATFORM_ANDROID
00510 
00511 #ifdef MANUAL_PKCS12_IMPORT_SUPPORTED
00512         void setImportPKCS12Result(const std::vector<uint8_t> &certHash, const tstring &tstrError);
00513         bool requestImportPKCS12(const std::vector<uint8_t> &data);
00514         std::vector<uint8_t> importPKCS12WithPassword(const std::vector<uint8_t> &data, const tstring &password);
00515 #endif
00516 
00517         void setCertBlockedResponse(bool bUnlock);
00518         void setCertWarningResponse(bool bConnect, bool bImportCert);
00519 
00520         void insertStateToConnectPrompt(ConnectPromptInfo &ConnectPrompt);
00521 
00522         void ExitNotice(const tstring &tstrNotice, const int code = 0);
00523 
00524         void notice(const tstring tstrNotice,
00525                     const MessageType type = MsgType_Info,
00526                     bool bClearLastMsg = false,
00527                     bool bForce = false,
00528                     bool bStateMsg = false);
00529 
00530         void notice(MsgWithArg &notice,
00531                     const MessageType type = MsgType_Info,
00532                     bool bClearLastMsg = false,
00533                     bool bForce = false,
00534                     bool bStateMsg = false);
00535 
00536         void getStats(void);
00537 
00538         void setStats(VPNStats &stats);
00539 
00540         void exportStats(const tstring &tstrFilePath);
00541 
00542         void setState(VPNState state,
00543                       VPNState previousState,
00544                       VPNSubState subState = VPNSS_NORMAL,
00545                       bool bUpdateStateMsg = true,
00546                       bool bOnlyUpdateUI = false);
00547 
00548 #if defined(MEMORY_LOGGING_SUPPORTED)
00549         boost::shared_ptr<IACLogger> getACLogger();
00550 
00551         void enqueueAgentLogMessages(const std::list<ACLogEntry> &msgList);
00552 
00553         void receiveAgentLogMessages(const std::list<ACLogEntry> &msgList);
00554 #endif
00555 
00556 #ifdef PROGRAM_DATA_IMPORT_SUPPORTED
00557         IACImporterAsync *createACImporter(IACImporterAsyncCB *pCallback);
00558 #endif
00559 
00560         void setWMHint(WMHint hint,
00561                        WMHintReason reason);
00562 
00563         bool isLastConnectType (const ConnectPromptType connPromptType);
00564 
00565         bool isOperatingMode(OperatingMode opMode);
00566         void setOperatingMode(OperatingMode opMode);
00567         void unsetOperatingMode(OperatingMode opMode);
00568 
00569         bool CanRemediateCaptivePortal();
00570         bool policyAllowsCaptivePortalRemediation();
00571 
00572         bool isEventShutdown();
00573 
00574         bool isUsingEventModel();
00575 
00576         time_t getLastDisconnectTime();
00577 
00578         ConnectPromptInfo getConnectPromptInfo();
00579         void resetConnectPromptPasswordData();
00580 
00581         void setStandaloneConnection(bool isStandalone);
00582 
00583         void deliverActiveHost(const tstring &activeHost,
00584                                ConnectProtocolType vpnProtocol = PROTOCOL_TYPE_UNKNOWN);
00585 
00586         bool isVPNServiceReady();
00587 
00588         // reset last disconnect time indicator.
00589         //
00590         void resetLastDisconnectTime(time_t time = 1);
00591 
00592         void processMinimize();
00593         
00594         // cert enrollment
00595         void setEnrollClientCert(CertObj* pCert);
00596 
00597         // Show user banner for cert import warning on linux
00598         // SCEPIfc to ConnectMgr
00599         void linuxCertImportWarnUser();
00600 
00601         // Response to cert warning on linux
00602         // ConnectMgr to SCEPIfc
00603         void linuxCertImportWarnUserResponse(bool bAccept);
00604 
00605         void setDefaultHost(tstring &host);
00606 
00607 #if defined(HOST_DATA_SUPPORTED)
00608         void setDefaultHostProfile(const IHostData &hostProfile);
00609         IHostData* getDefaultHostData();
00610 #endif // HOST_DATA_SUPPORTED
00611 
00612         void setLastVpnError(VPNError vpnError);
00613         VPNError getLastVpnError();
00614 
00615 #ifdef PLATFORM_ANDROID
00616         bool requestClientCertificates();
00617 #endif
00618 
00619         bool requestImportLocalization(const tstring tstrLocale,
00620                                        const std::vector<unsigned char> &MoFileData);
00621 
00622         // Start the Automatic Headend Selection operation
00623         void startAHS(const unsigned int uiReason, 
00624                       const ProxyIfc& proxy);
00625         // statusReturnCode is a long to match the current type of STATUSCODE.
00626         // It is not using a STATUSCODE directly so that we do not have to
00627         // expose the header files for STATUSCODEs to ClientIfcBase.h
00628         void AHSSelectedHost(const unsigned int uiReason,
00629                              const std::vector<tstring> &headendList,
00630                              const long statusReturnCode,
00631                              const tstring& extraInfo);
00632         std::vector<tstring> getAHSHostList();
00633         unsigned int getAHSState();
00634         bool isAHSHasRun();
00635 
00636         bool suppressConnectionErrorPopups();
00637 
00638         tstring getCaptivePortalDetectedMsg();        
00639 
00640         void setProxyAuthPrompts(ProxyIfc* pProxy,
00641                                  const tstring& promptMsg);
00642 
00643 #if defined(INTERPROCESS_COMMUNICATION_SUPPORTED)
00644         bool handleIpcMessage(CIpcMessage *pIpcMessage);
00645 #endif
00646         bool IsCsdTokenVerified() const;
00647 
00648 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID)
00649         virtual void SCEPEnrollStartCB();
00650         virtual void SCEPEnrollExitCB();
00651 #endif // PLATFORM_APPLE_SSLVPN || PLATFORM_ANDROID
00652         
00653         void activateConnectMgrTunnelInitiationCompletionEvent();
00654         bool isConnectRequestActive();
00655 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_CHROMEBOOK)
00656         bool deleteProfileByName(const tstring &profileName);
00657         tstring getProfileContents(const tstring &profileName);
00658         bool importProfile(const tstring &profileName, const tstring &profileContents);
00659 #endif // PLATFORM_ANDROID || PLATFORM_CHROMEBOOK
00660 
00661         bool syncProfileChange(const tstring &profileName);
00662 
00663 #if defined(CREDENTIAL_PREFILL_SUPPORTED)
00664         bool hasPrefilledCredentials();
00665         bool prefillCredentials(ConnectPromptInfo &connectPrompt);
00666         void setPrefilledCredentials(CredentialPrefill *prefill);
00667 #endif
00668 
00669 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN)
00670         std::list<ManagedCertificate *> enumerateCertificates(CertificateType certType);
00671         bool deleteCertificates(CertificateType certType, const std::list<std::string> &idList);
00672         bool deleteServerCertificates(const std::list<std::string> &idList);
00673 #endif // ANYCONNECT_USE_SNAK || PLATFORM_APPLE_SSLVPN        
00674 
00675 #if defined(ANYCONNECT_USE_SNAK)        
00676         std::list<ManagedCertificate *> enumerateSNAKCertificates(SNAK_CertType certType);
00677         SNAK_CertType getSNAKCertType(CertificateType certType);
00678         bool deleteClientCertificates(const std::list<std::string> &idList);
00679 #endif // ANYCONNECT_USE_SNAK
00680 
00681 #if defined(PLATFORM_APPLE_SSLVPN)
00682         bool canUseBackupServers();
00683     
00684 #endif //PLATFORM_APPLE_SSLVPN
00685     
00686         virtual ~ClientIfcBase();
00687 
00688         tstring getConnectHost();
00689 
00690         tstring getMgmtTunnelHostname();
00691 
00692         VPN_TUNNEL_SCOPE getVpnTunnelScope();
00693 
00694         bool isStandaloneConnection();
00695 
00696         void sendSSoLogoutPrompt(ConnectPromptInfo &cpi);
00697 
00698     private:
00699         CExecutionContext* m_pExecutionContext;
00700         CExecutionContext* m_pExecutionContextMgr;
00701 
00702         AgentIfc *mo_AgentIfc;
00703 
00704         ConnectMgr *mo_ConnectMgr;
00705 
00706         ApiThread  *mo_ConnectThread;
00707 
00708         EventMgr  *mo_EventMgr;
00709 
00710         PreferenceMgr *mo_PreferenceMgr;
00711 
00712         ConnectPromptInfo *mp_currentConnectPromptInfo;
00713 
00714         PreferenceInfo *mo_EditablePrefs;
00715 
00716 #if defined(SCRIPTING_SUPPORTED)
00717         CScriptingMgr *mo_ScriptingMgr;
00718 #endif // SCRIPTING_SUPPORTED
00719 
00720 #if defined(SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED)
00721         SCEPIfc* m_pSCEPIfc;
00722         bool m_bInformedAgentOfSCEP;
00723 #endif // SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED
00724 #ifndef PLATFORM_APPLE_SSLVPN
00725         CStoragePath* m_pStoragePath;
00726 #endif // !PLATFORM_APPLE_SSLVPN
00727 
00728 #ifdef ANYCONNECT_USE_SNAK
00729         PluginLoader *m_pPluginLoader;
00730         SNAK_CertPlugin *m_pSNAKCert;
00731         SNAK_SocketPlugin *m_pSNAKSocket;
00732         SNAK_StoragePlugin *m_pSNAKStorage;
00733         SNAK_DeviceInfoPlugin *m_pSNAKDeviceInfo;
00734         SNAKDeviceInfoPluginCBImpl *m_pSNAKDeviceInfoCB;
00735 
00736         bool mb_SNAKInitialized;
00737 #endif
00738 
00739 #if  defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN)
00740         bool mb_SCEPEnrollInProgress;
00741 #endif // PLATFORM_ANDROID || PLATFORM_APPLE_SSLVPN
00742 
00743         bool mb_PreferenceMgrCreated;
00744         bool mb_StandaloneConnection;
00745         bool mb_UsingEventModel;
00746         bool mb_UserResponse;
00747         bool mb_IsUserResponseSet;
00748         bool mb_PerformedAutoCertEnrollment;
00749         tstring ms_PostEnrollmentConnectHost;
00750         bool mb_CaptivePortalMsgDisplayed;
00751         bool m_bSuppressMinimizeOnConnect;
00752         bool m_bSuppressConnectionErrorPopups;
00753         bool m_bLastConnectionAutomatic;
00754         bool m_bImportCertResp;
00755                 bool m_bPrevMsgWasStateMsg;
00756 
00757         unsigned int mui_OperatingMode;
00758         NETENV_STATE m_currentNetEnvState;
00759         NETENV_STATE m_previousNetEnvState;
00760         NETCTRL_STATE m_currentNetCtrlState;
00761         NETWORK_TYPE m_currentNetType;
00762         bool m_bACBrowserForCPRemediation;
00763 
00764         tstring ms_message;
00765 
00766         time_t m_disconnectTime;
00767 
00768         static std::string ms_ThreadName;
00769 
00770         CManualLock* m_pClientIfcStateLock;
00771         CManualLock* m_pClientIfcLock;
00772         CManualLock* m_pClientIfcPromptsLock;
00773         CManualLock* m_pClientIfcOpModeLock;
00774         CManualLock* m_pClientIfcAHSLock;
00775         CManualLock* m_pClientIfcConnectModeLock;
00776         CManualLock* m_pClientIfcInformAgentOfSCEPLock;
00777 
00778 #if defined(MEMORY_LOGGING_SUPPORTED)
00779         boost::shared_ptr<ACLoggerImpl> m_spACLoggerImpl;
00780 #endif
00781         std::vector<tstring> msl_AHSSelectedHosts;
00782         ApiThread* m_pAHSThread;
00783         unsigned int m_uiAHSState;
00784 #if defined(CREDENTIAL_PREFILL_SUPPORTED)
00785         CredentialPrefill* m_pCredentialPrefill;
00786 #endif
00787         VPNError m_lastVpnError;
00788 
00789         static volatile bool mb_deleteFirstPass;
00790 
00791         ConnectMgr &getConnectMgr();
00792 
00793         ProfileMgr &getProfileMgr();
00794         UserPreferences &getUserPreferences();
00795 
00796         void displayAgentAttachMessage();
00797 
00798         void setLastDisconnectTime(time_t time);
00799 
00800         void setCurrentStatePrompts(const VPNState state, 
00801                                     const VPNState prevState,
00802                                     const VPNSubState subState,
00803                                     const bool bUpdateStateMsg);
00804         void setCurrentStateErrorMessage(VPNState state, CONNECT_FAILURE_REASON cfr);
00805         void getStateMessage(const VPNState state, 
00806                              const VPNState prevState,
00807                              const VPNSubState subState,
00808                              const NETENV_STATE neState,
00809                              /*out*/ MsgWithArg& stateMessage);
00810 
00811         // IPreferenceUpdateCB methods
00812         virtual void OnLoadPreferencesComplete();
00813         virtual bool IsPreferenceOverridable(const PreferenceId ePreferenceId);
00814         virtual void OverridePreferenceValue(const PreferenceId ePreferenceId,
00815                                              tstring& rPrefenceValue,
00816                                              bool& rbOverriden);
00817 
00818         void RefreshPreferences(void);
00819 
00820         void displayAHSPrompt(const bool isComplete);
00821         void handleAHSPreferences(const unsigned int uiReason);
00822         void setAHSState(const unsigned int ahsState);
00823 
00824         bool autoConnectIfEnabled(const bool suppressAutoConnect);
00825 
00826         void clearUserSetResponseFlag();
00827 
00828 #if defined(SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED)
00829         bool processSCEPIpcMessage(CIpcMessage *pIpcMessage);
00830         bool isSCEPRedirect();
00831         void processSCEPRedirect();
00832 #endif // SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED
00833 
00834         bool hasConnectCapabilities();
00835         bool hasMgmtCapabilities();
00836 
00837         ClientIfcBase(const ClientIfcBase& other);
00838         ClientIfcBase& operator=(const ClientIfcBase& other);
00839 
00840 #ifdef ANYCONNECT_USE_SNAK
00841         bool initializeSNAK(bool bUseExistingInstanceIfAvail);
00842         void destroySNAK();
00843         ManagedCertificate *convertSnakToManagedCertificate(const ManagedCertHandle &snakCert);
00844 #endif
00845 };
00846 
00847 
00848 #endif // _CLIENTIFCBASE_