![]() |
AnyConnect Secure Mobility Client 4.8.02045
|
00001 /************************************************************************** 00002 * Copyright (c) 2006, Cisco Systems, All Rights Reserved 00003 *************************************************************************** 00004 * 00005 * File: ClientIfcBase.h 00006 * Author: Chris Fitzgerald 00007 * Date: 08/2007 00008 * 00009 *************************************************************************** 00010 * 00011 * Client Interface Base class implementation for the Client API. 00012 * 00013 ***************************************************************************/ 00014 00015 // The ClientIfcBase class contains the majority of private methods and members. 00016 // The purpose of this class is to hide all but the necessary methods from 00017 // being exposed. 00018 // 00019 00020 #ifndef _CLIENTIFCBASE_ 00021 #define _CLIENTIFCBASE_ 00022 00023 #include <list> 00024 #include <vector> 00025 00026 /* 00027 * When changing the SCRIPTING_SUPPORTED or INTERPROCESS_COMMUNICATION_SUPPORTED definition, 00028 * you MUST also update GenDefs.h! 00029 * We duplicate this definition here due to the manner in which we distribute our 00030 * code to partners; we cannot include GenDefs.h from here. 00031 */ 00032 #if !defined(PLATFORM_APPLE_SSLVPN) && !defined(PLATFORM_ANDROID) && !defined(PLATFORM_WIN_APP) 00033 #define SCRIPTING_SUPPORTED 00034 #endif 00035 #if !defined(PLATFORM_WIN_APP) 00036 #define INTERPROCESS_COMMUNICATION_SUPPORTED 00037 #endif 00038 00039 /* 00040 * When changing the SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED definition, you MUST also update GenDefs.h! 00041 * We duplicate this definition here due to the manner in which we distribute our 00042 * code to partners; we cannot include GenDefs.h from here. 00043 */ 00044 #if defined(_WIN32) || defined(_WIN32_WCE) || defined(PLATFORM_DARWIN) || defined(PLATFORM_LINUX) || defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN) 00045 #define SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED 00046 #endif 00047 00048 /* 00049 * When changing the HOST_DATA_SUPPORTED definition, you MUST also update GenDefs.h! 00050 * We duplicate this definition here due to the manner in which we distribute our 00051 * code to partners; we cannot include GenDefs.h from here. 00052 */ 00053 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_CHROMEBOOK) 00054 #define HOST_DATA_SUPPORTED 00055 #endif 00056 00057 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) || defined(PRODUCT_TYPE_SSA) 00058 /* 00059 ** the MANUAL_PKCS12_IMPORT_SUPPORTED define is used to track the platforms 00060 ** where the manual import of PKCS12 certificates is supported. This is to avoid repeating the 00061 ** platforms in #ifdef clauses in other files. 00062 */ 00063 #define MANUAL_PKCS12_IMPORT_SUPPORTED 00064 #endif 00065 00066 #if defined(PLATFORM_ANDROID) 00067 #define MEMORY_LOGGING_SUPPORTED 00068 #endif 00069 00070 #if defined(PLATFORM_ANDROID) 00071 #define PROGRAM_DATA_IMPORT_SUPPORTED 00072 #endif 00073 00074 #if defined(PLATFORM_ANDROID) 00075 // Credentials for a connection can be prefilled via uri handling or API calls 00076 #define CREDENTIAL_PREFILL_SUPPORTED 00077 #endif 00078 00079 #if defined(MANUAL_PKCS12_IMPORT_SUPPORTED) && !defined(__GENDEFS_H) 00080 #if defined(HAVE_STDINT_H) 00081 #include <stdint.h> 00082 #else 00083 typedef unsigned char uint8_t; 00084 #endif // HAVE_STDINT_H 00085 #endif // MANUAL_PKCS12_IMPORT_SUPPORTED 00086 00087 #if defined(MEMORY_LOGGING_SUPPORTED) 00088 #include "boost/shared_ptr.hpp" 00089 #include "IACLogger.h" 00090 #endif // MEMORY_LOGGING_SUPPORTED 00091 00092 #include "api.h" 00093 #include "PreferenceUpdate.h" 00094 00095 #if defined(PLATFORM_WIN_APP) 00096 typedef unsigned char uint8_t; 00097 #endif 00098 00099 #if defined(HOST_DATA_SUPPORTED) 00100 #include "IHostData.h" 00101 #endif 00102 00103 #if defined(ANYCONNECT_USE_SNAK) 00104 #include "Utility/PluginLoader.h" 00105 #include "SNAK_CertPlugin.h" 00106 #include "SNAK_SocketPlugin.h" 00107 #include "SNAK_StoragePlugin.h" 00108 #endif 00109 00110 class ConnectPromptInfo; 00111 class ConnectMgr; 00112 class MsgWithArg; 00113 class VPNStats; 00114 class AgentIfc; 00115 class ProfileMgr; 00116 class ApiThread; 00117 class EventMgr; 00118 class PreferenceMgr; 00119 class PreferenceInfo; 00120 class UserPreferences; 00121 class CScriptingMgr; 00122 class CManualLock; 00123 class ProxyIfc; 00124 class CIpcMessage; 00125 class SCEPIfc; 00126 class CertObj; 00127 class CExecutionContext; 00128 class HostEntry; 00129 00130 #if defined(CREDENTIAL_PREFILL_SUPPORTED) 00131 class CredentialPrefill; 00132 #endif 00133 00134 #if !defined(PLATFORM_APPLE_SSLVPN) 00135 class CStoragePath; 00136 #endif 00137 00138 #ifdef ANYCONNECT_USE_SNAK 00139 class PluginLoader; 00140 class SNAK_StoragePlugin; 00141 class SNAK_CertPlugin; 00142 class SNAK_SocketPlugin; 00143 class SNAK_DeviceInfoPlugin; 00144 class SNAKDeviceInfoPluginCBImpl; 00145 #endif // ANYCONNECT_USE_SNAK 00146 00147 #if defined(ANYCONNECT_USE_SNAK) || defined(PLATFORM_APPLE_SSLVPN) 00148 class ManagedCertificate; 00149 class ManagedCertHandle; 00150 #endif // ANYCONNECT_USE_SNAK || PLATFORM_APPLE_SSLVPN 00151 00152 #ifdef MEMORY_LOGGING_SUPPORTED 00153 class ACLoggerImpl; 00154 #endif 00155 00156 #if defined(PROGRAM_DATA_IMPORT_SUPPORTED) 00157 class IACImporterAsync; 00158 class IACImporterAsyncCB; 00159 #endif 00160 00161 class VPN_VPNAPI ClientIfcBase : private IPreferenceUpdateCB 00162 { 00163 friend class EventMgr; 00164 00165 protected: 00166 00167 /** 00168 * Callback used to deliver new statistics related to the VPN 00169 * connection. 00170 * 00171 * When a connection is active, a new set of statistics is 00172 * delivered each second. 00173 * 00174 * @see resetStats(), stopStats() and startStats() 00175 * 00176 */ 00177 virtual void StatsCB(VPNStats &stats) = 0; 00178 00179 00180 /** 00181 * Callback used to deliver VPN state and state change string. 00182 * The stateString delivered by this method is localized. 00183 * 00184 * See the ::VPNState enum found in api.h for set of valid states. 00185 */ 00186 virtual void StateCB(const VPNState state, 00187 const VPNSubState subState, 00188 const tstring stateString) = 0; 00189 00190 00191 /** 00192 * If a banner needs to be acknowledged, this CB delivers the banner 00193 * to the client. 00194 * 00195 * NOTE: Connection establishment will block until the method 00196 * setBannerResponse() is called. 00197 * 00198 * In a GUI, a banner would typically be displayed in a modal dialog 00199 * with an accept or decline button selection. 00200 * 00201 * @see setBannerResponse() to set the user response to the banner. 00202 */ 00203 virtual void BannerCB(const tstring &banner) = 0; 00204 00205 00206 /** 00207 * Messages are delivered via the NoticeCB and can come from multiple 00208 * sources. There are four message types (error, warning, info and 00209 * status). See the ::MessageType enum in api.h for the list. 00210 * 00211 * Clients using the API as an embedded application (not 00212 * user visible) might want to further characterize 00213 * messages. One option here is to use the AnyConnect message 00214 * catalog and assign message codes as the translations for 00215 * various messages. An application could then track messages based 00216 * on its own error code scheme. 00217 */ 00218 virtual void NoticeCB(const tstring notice, 00219 const MessageType type) = 0; 00220 00221 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) || defined(PLATFORM_CHROMEBOOK) 00222 virtual void CertBannerCB(const tstring &certBannerSummary, 00223 const uint32_t nCertBannerCertLen, 00224 const uint8_t *pCertBannerCertDer, 00225 const std::list<tstring> &confirmReasons, 00226 const std::list<CertConfirmReason> &confirmReasonEnums, 00227 bool bImportAllowed = true) = 0; 00228 #endif 00229 00230 /** 00231 * This CB would likely occur only during a connection when it was 00232 * detected that the software needed to be upgraded, or when Start 00233 * Before Logon (SBL) is being used. 00234 * 00235 * Unlike the other callback methods, this method provides a default 00236 * implementation (calling the system's exit() function). 00237 * If clients of the API wish to override this behavior, they are 00238 * responsible for ensuring that the current running process exits with 00239 * the return code specified by returnCode. 00240 * 00241 * <b>Caution</b>: IF YOU OVERRIDE THIS METHOD AND DO NOT EXIT WITH 00242 * THE PROPER CODE SOFTWARE UPDATE FUNCTIONALITY IN YOUR CLIENT WILL 00243 * BREAK 00244 */ 00245 virtual void ExitNoticeCB(const tstring &tstrNotice, 00246 const int returnCode); 00247 00248 00249 /** 00250 * Under normal operating conditions, this CB is called as soon 00251 * as the attach method completes. In case the service (vpn agent) 00252 * is not ready, this CB is not called until it is. 00253 * 00254 * Any API calls made prior to this CB being called will result in a 00255 * NoticeCB error message. 00256 */ 00257 virtual void ServiceReadyCB() = 0; 00258 00259 00260 00261 /** 00262 * This method supports prompting for single or multiple values. All 00263 * prompts are considered mandatory. 00264 * 00265 * The ConnectPromptInfo object contains a list of PromptEntry 00266 * instances. The labels and their default values (if any) can be 00267 * found in these instances. After the data has been collected from the user 00268 * it can be set into these same instances. When ready, the client 00269 * application should call the method UserSubmit() to have the 00270 * responses read by the API. 00271 */ 00272 virtual void UserPromptCB(ConnectPromptInfo &ConnectPrompt) = 0; 00273 00274 00275 /** 00276 * Use this method to provide Window Manager hints to GUI 00277 * applications. To receive these hints, the application must 00278 * identify itself as a GUI in the attach method. In addition, this 00279 * method should be overriden to receive any generated events. 00280 * 00281 * Event that can be received include those indicating that a user is 00282 * starting a second instance of the GUI application. This information 00283 * can be used to tell the already running application to un-minimize 00284 * itself and let the new program know that it should Quit (since a GUI 00285 * is already running). 00286 */ 00287 virtual void WMHintCB(const WMHint hint, 00288 const WMHintReason reason); 00289 00290 00291 /** 00292 * This method is useful when the connection to the secure gateway 00293 * has been established as part of a web-launch of the VPN tunnel. 00294 * 00295 * If the client application wishes to be notified of the secure 00296 * gateway to which the VPN has been established, this method should 00297 * be overriden. 00298 * 00299 * If the client application is started and a tunnel is already active, 00300 * this method also delivers the name of the secure gateway host. 00301 */ 00302 virtual void deliverWebLaunchHostCB(const tstring &activeHost); 00303 00304 /** 00305 * This method is called when the preference to block untrusted 00306 * servers is enabled and the current VPN server being connected 00307 * to is untrusted. Clients should present an error to the user 00308 * notifying them that the current connection to rtstrUntrustedServer 00309 * is being blocked. The client should also provide a way for the 00310 * user to change the preference to block untrusted servers. 00311 * 00312 * The user response must be indicated using setCertBlockedResponse 00313 */ 00314 virtual void CertBlockedCB(const tstring &rtstrUntrustedServer) = 0; 00315 00316 /** 00317 * This method is called when connections to untrusted VPN servers 00318 * is allowed by policies and the current VPN server being connected 00319 * to is untrusted. Clients should present a warning to the user 00320 * notifying them that the current connection to rtstrUntrustedServer 00321 * is unsafe. The reason the VPN server is untrusted is provided in 00322 * rltstrCertErrors. The client should provide a way for the user to 00323 * connect once, connect and always trust or cancel the connection. 00324 * If bAllowImport is set to false then the always trust option should 00325 * not be presented to users. 00326 * 00327 * The user response must be indicated using setCertWarningResponse 00328 */ 00329 virtual void CertWarningCB(const tstring &rtstrUntrustedServer, 00330 const std::list<tstring> &rltstrCertErrors, 00331 bool bAllowImport) = 0; 00332 00333 #if defined(PLATFORM_WIN_APP) 00334 /** 00335 * Same as above but also passes the Server certificate DER for details display 00336 */ 00337 virtual void CertWarningCB(const tstring &rtstrUntrustedServer, 00338 const std::list<tstring> &rltstrCertErrors, 00339 const std::vector<uint8_t> &rvServerCertDER, 00340 bool bAllowImport) = 0; 00341 #endif 00342 00343 /** 00344 * This method can be overriden if the client application wishes to 00345 * exercise some control over the delivery of events from the other 00346 * protected methods in this class. 00347 * 00348 * This might be necessary in cases where a GUI is being written and 00349 * the data from this API needs to be delivered in the GUI or main 00350 * thread. In this case, you should override this method and when it 00351 * is called by the API post an event to your event queue (message 00352 * pump, etc.). After this event executes in your GUI or main thread, 00353 * call the method ClientIfc::ProcessEvents to have events delivered 00354 * to your client application. 00355 */ 00356 virtual void EventAvailable(); 00357 00358 #ifdef MANUAL_PKCS12_IMPORT_SUPPORTED 00359 virtual void ImportPKCS12ResultCB(const std::vector<uint8_t> &certHash, const tstring &tstrError); 00360 #endif 00361 #ifdef PLATFORM_ANDROID 00362 virtual void ClientCertificateCB(std::vector< std::pair<uint32_t, uint8_t*> > certList) = 0; 00363 virtual void AgentDetachedCB(); 00364 #endif 00365 00366 AgentIfc &getAgentIfc(); 00367 00368 ClientIfcBase(); 00369 00370 00371 public: 00372 00373 virtual bool attach(ClientType clientType = ClientType_GUI, 00374 bool requestFullCapabilities = true, 00375 bool suppressAutoConnect = true); 00376 00377 virtual void detach(); 00378 00379 virtual void ProcessEvents(); 00380 00381 virtual bool hasFullCapabilities(); 00382 00383 virtual bool isConnected(); 00384 00385 virtual bool isAvailable(); 00386 00387 virtual std::list<tstring> getHostNames(); 00388 00389 virtual std::list<HostEntry> getHostEntries(); 00390 00391 virtual tstring getDefaultHostName(); 00392 00393 #if defined(HOST_DATA_SUPPORTED) 00394 virtual bool connect(const IHostData& hostData); 00395 00396 bool connect(const IHostData& hostData, 00397 unsigned int origin); 00398 #else 00399 virtual bool connect(tstring host); 00400 00401 bool connect(tstring host, 00402 unsigned int origin); 00403 #endif 00404 00405 virtual bool setNewTunnelGroup(const tstring & group); 00406 00407 virtual void disconnect(); 00408 00409 virtual void cancel(); 00410 00411 virtual void resetStats(); 00412 00413 virtual void getState(); 00414 00415 VPNState getCurrentState(); 00416 VPNSubState getCurrentSubState(); 00417 VPNSubState getPreviousSubState(); 00418 00419 tstring getStateText(); 00420 static tstring getNoticeTypeText(MessageType msgType); 00421 00422 static tstring getStateText(VPNState state, 00423 VPNSubState subState = VPNSS_NORMAL, 00424 NETENV_STATE netEnvState = NES_NETWORK_ACCESSIBLE, 00425 const tstring& tstrConnectedHost = tstring()); 00426 00427 void setNetworkStates(NETENV_STATE netEnvState, 00428 NETCTRL_STATE netCtrlState, 00429 NETWORK_TYPE netType, 00430 bool bACBrowserForCPRemediation, 00431 bool bUpdateUI); 00432 void refreshOperatingModeForCurrentNetStates(); 00433 NETENV_STATE getCurrentNetEnvState(); 00434 NETENV_STATE getPreviousNetEnvState(); 00435 NETCTRL_STATE getCurrentNetCtrlState(); 00436 NETWORK_TYPE getCurrentNetType(); 00437 bool isACBrowserForCPRemediation(); 00438 00439 static tstring getNetCtrlText(NETCTRL_STATE netCtrlState); 00440 static tstring getNetEnvText(NETENV_STATE netEnvState, 00441 bool bSimple = false); 00442 static tstring getNetTypeText(NETWORK_TYPE netType); 00443 static tstring getQuarantinedStatusText(); 00444 static tstring getNetworkStatusSimpleText(const NETENV_STATE netEnvState, 00445 const NETCTRL_STATE netCtrlState); 00446 00447 // can't be static due to requiring operating mode information 00448 tstring getNetworkStatusText(const VPNState state, 00449 const VPNSubState subState, 00450 const NETENV_STATE netEnvState, 00451 const NETCTRL_STATE netCtrlState); 00452 00453 PreferenceInfo &getPreferences(); 00454 00455 bool savePreferences(); 00456 00457 virtual void startStats(); 00458 00459 virtual void stopStats(); 00460 00461 virtual void UserSubmit(); 00462 00463 void setBanner(const tstring &banner); 00464 void setBannerResponse(bool bResponse); 00465 bool getUserResponse(); 00466 bool isUserResponseSet(); 00467 00468 void setCertBlocked(const tstring &tstrUntrustedServer); 00469 void setCertWarning(const tstring &rtstrUntrustedServer, 00470 const std::list<tstring> &rltstrCertErrors, 00471 bool bAllowImport); 00472 #if defined(PLATFORM_WIN_APP) 00473 void setCertWarning(const tstring &rtstrUntrustedServer, 00474 const std::list<tstring> &rltstrCertErrors, 00475 const std::vector<uint8_t>& rvServerCertDER, 00476 bool bAllowImport); 00477 #endif 00478 bool getCertImportResponse(); 00479 00480 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) || defined(PLATFORM_CHROMEBOOK) 00481 void setCertBanner(tstring tstrCertBannerSummary, 00482 uint32_t nCertBannerCertLen, 00483 const uint8_t *pCertBannerCertDer, 00484 const std::list<tstring> &confirmReasons, 00485 const std::list<CertConfirmReason> &confirmReasonEnums, 00486 bool bImportAllowed); 00487 00488 void setCertBannerResponse(bool bResponse, bool bImportCert); 00489 void importServerCert(std::vector<uint8_t> certData); 00490 bool setFipsMode(bool bEnableFips); 00491 #if defined(PLATFORM_ANDROID) 00492 bool setStrictMode(bool bEnableStrictMode); 00493 bool setRevocationEnabled(bool bRevocationEnabled); 00494 bool IsRevocationEnabled(); 00495 #endif // currently supported only for android 00496 #endif 00497 00498 void setUserPrompt(ConnectPromptInfo &ConnectPrompt); 00499 00500 #ifdef PLATFORM_ANDROID 00501 void setClientCertResponse(std::vector< std::pair<uint32_t, uint8_t*> > &derList); 00502 void setAgentDetached(); 00503 bool getClientCertificates(); 00504 #endif 00505 00506 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) 00507 void setSCEPEnrollInProgress(bool bInProgress); 00508 bool isSCEPEnrollInProgress(); 00509 #endif // PLATFORM_APPLE_SSLVPN || PLATFORM_ANDROID 00510 00511 #ifdef MANUAL_PKCS12_IMPORT_SUPPORTED 00512 void setImportPKCS12Result(const std::vector<uint8_t> &certHash, const tstring &tstrError); 00513 bool requestImportPKCS12(const std::vector<uint8_t> &data); 00514 std::vector<uint8_t> importPKCS12WithPassword(const std::vector<uint8_t> &data, const tstring &password); 00515 #endif 00516 00517 void setCertBlockedResponse(bool bUnlock); 00518 void setCertWarningResponse(bool bConnect, bool bImportCert); 00519 00520 void insertStateToConnectPrompt(ConnectPromptInfo &ConnectPrompt); 00521 00522 void ExitNotice(const tstring &tstrNotice, const int code = 0); 00523 00524 void notice(const tstring tstrNotice, 00525 const MessageType type = MsgType_Info, 00526 bool bClearLastMsg = false, 00527 bool bForce = false, 00528 bool bStateMsg = false); 00529 00530 void notice(MsgWithArg ¬ice, 00531 const MessageType type = MsgType_Info, 00532 bool bClearLastMsg = false, 00533 bool bForce = false, 00534 bool bStateMsg = false); 00535 00536 void getStats(void); 00537 00538 void setStats(VPNStats &stats); 00539 00540 void exportStats(const tstring &tstrFilePath); 00541 00542 void setState(VPNState state, 00543 VPNState previousState, 00544 VPNSubState subState = VPNSS_NORMAL, 00545 bool bUpdateStateMsg = true, 00546 bool bOnlyUpdateUI = false); 00547 00548 #if defined(MEMORY_LOGGING_SUPPORTED) 00549 boost::shared_ptr<IACLogger> getACLogger(); 00550 00551 void enqueueAgentLogMessages(const std::list<ACLogEntry> &msgList); 00552 00553 void receiveAgentLogMessages(const std::list<ACLogEntry> &msgList); 00554 #endif 00555 00556 #ifdef PROGRAM_DATA_IMPORT_SUPPORTED 00557 IACImporterAsync *createACImporter(IACImporterAsyncCB *pCallback); 00558 #endif 00559 00560 void setWMHint(WMHint hint, 00561 WMHintReason reason); 00562 00563 bool isLastConnectType (const ConnectPromptType connPromptType); 00564 00565 bool isOperatingMode(OperatingMode opMode); 00566 void setOperatingMode(OperatingMode opMode); 00567 void unsetOperatingMode(OperatingMode opMode); 00568 00569 bool CanRemediateCaptivePortal(); 00570 bool policyAllowsCaptivePortalRemediation(); 00571 00572 bool isEventShutdown(); 00573 00574 bool isUsingEventModel(); 00575 00576 time_t getLastDisconnectTime(); 00577 00578 ConnectPromptInfo getConnectPromptInfo(); 00579 void resetConnectPromptPasswordData(); 00580 00581 void setStandaloneConnection(bool isStandalone); 00582 00583 void deliverActiveHost(const tstring &activeHost, 00584 ConnectProtocolType vpnProtocol = PROTOCOL_TYPE_UNKNOWN); 00585 00586 bool isVPNServiceReady(); 00587 00588 // reset last disconnect time indicator. 00589 // 00590 void resetLastDisconnectTime(time_t time = 1); 00591 00592 void processMinimize(); 00593 00594 // cert enrollment 00595 void setEnrollClientCert(CertObj* pCert); 00596 00597 // Show user banner for cert import warning on linux 00598 // SCEPIfc to ConnectMgr 00599 void linuxCertImportWarnUser(); 00600 00601 // Response to cert warning on linux 00602 // ConnectMgr to SCEPIfc 00603 void linuxCertImportWarnUserResponse(bool bAccept); 00604 00605 void setDefaultHost(tstring &host); 00606 00607 #if defined(HOST_DATA_SUPPORTED) 00608 void setDefaultHostProfile(const IHostData &hostProfile); 00609 IHostData* getDefaultHostData(); 00610 #endif // HOST_DATA_SUPPORTED 00611 00612 void setLastVpnError(VPNError vpnError); 00613 VPNError getLastVpnError(); 00614 00615 #ifdef PLATFORM_ANDROID 00616 bool requestClientCertificates(); 00617 #endif 00618 00619 bool requestImportLocalization(const tstring tstrLocale, 00620 const std::vector<unsigned char> &MoFileData); 00621 00622 // Start the Automatic Headend Selection operation 00623 void startAHS(const unsigned int uiReason, 00624 const ProxyIfc& proxy); 00625 // statusReturnCode is a long to match the current type of STATUSCODE. 00626 // It is not using a STATUSCODE directly so that we do not have to 00627 // expose the header files for STATUSCODEs to ClientIfcBase.h 00628 void AHSSelectedHost(const unsigned int uiReason, 00629 const std::vector<tstring> &headendList, 00630 const long statusReturnCode, 00631 const tstring& extraInfo); 00632 std::vector<tstring> getAHSHostList(); 00633 unsigned int getAHSState(); 00634 bool isAHSHasRun(); 00635 00636 bool suppressConnectionErrorPopups(); 00637 00638 tstring getCaptivePortalDetectedMsg(); 00639 00640 void setProxyAuthPrompts(ProxyIfc* pProxy, 00641 const tstring& promptMsg); 00642 00643 #if defined(INTERPROCESS_COMMUNICATION_SUPPORTED) 00644 bool handleIpcMessage(CIpcMessage *pIpcMessage); 00645 #endif 00646 bool IsCsdTokenVerified() const; 00647 00648 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) 00649 virtual void SCEPEnrollStartCB(); 00650 virtual void SCEPEnrollExitCB(); 00651 #endif // PLATFORM_APPLE_SSLVPN || PLATFORM_ANDROID 00652 00653 void activateConnectMgrTunnelInitiationCompletionEvent(); 00654 bool isConnectRequestActive(); 00655 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_CHROMEBOOK) 00656 bool deleteProfileByName(const tstring &profileName); 00657 tstring getProfileContents(const tstring &profileName); 00658 bool importProfile(const tstring &profileName, const tstring &profileContents); 00659 #endif // PLATFORM_ANDROID || PLATFORM_CHROMEBOOK 00660 00661 bool syncProfileChange(const tstring &profileName); 00662 00663 #if defined(CREDENTIAL_PREFILL_SUPPORTED) 00664 bool hasPrefilledCredentials(); 00665 bool prefillCredentials(ConnectPromptInfo &connectPrompt); 00666 void setPrefilledCredentials(CredentialPrefill *prefill); 00667 #endif 00668 00669 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN) 00670 std::list<ManagedCertificate *> enumerateCertificates(CertificateType certType); 00671 bool deleteCertificates(CertificateType certType, const std::list<std::string> &idList); 00672 bool deleteServerCertificates(const std::list<std::string> &idList); 00673 #endif // ANYCONNECT_USE_SNAK || PLATFORM_APPLE_SSLVPN 00674 00675 #if defined(ANYCONNECT_USE_SNAK) 00676 std::list<ManagedCertificate *> enumerateSNAKCertificates(SNAK_CertType certType); 00677 SNAK_CertType getSNAKCertType(CertificateType certType); 00678 bool deleteClientCertificates(const std::list<std::string> &idList); 00679 #endif // ANYCONNECT_USE_SNAK 00680 00681 #if defined(PLATFORM_APPLE_SSLVPN) 00682 bool canUseBackupServers(); 00683 00684 #endif //PLATFORM_APPLE_SSLVPN 00685 00686 virtual ~ClientIfcBase(); 00687 00688 tstring getConnectHost(); 00689 00690 tstring getMgmtTunnelHostname(); 00691 00692 VPN_TUNNEL_SCOPE getVpnTunnelScope(); 00693 00694 bool isStandaloneConnection(); 00695 00696 void sendSSoLogoutPrompt(ConnectPromptInfo &cpi); 00697 00698 private: 00699 CExecutionContext* m_pExecutionContext; 00700 CExecutionContext* m_pExecutionContextMgr; 00701 00702 AgentIfc *mo_AgentIfc; 00703 00704 ConnectMgr *mo_ConnectMgr; 00705 00706 ApiThread *mo_ConnectThread; 00707 00708 EventMgr *mo_EventMgr; 00709 00710 PreferenceMgr *mo_PreferenceMgr; 00711 00712 ConnectPromptInfo *mp_currentConnectPromptInfo; 00713 00714 PreferenceInfo *mo_EditablePrefs; 00715 00716 #if defined(SCRIPTING_SUPPORTED) 00717 CScriptingMgr *mo_ScriptingMgr; 00718 #endif // SCRIPTING_SUPPORTED 00719 00720 #if defined(SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED) 00721 SCEPIfc* m_pSCEPIfc; 00722 bool m_bInformedAgentOfSCEP; 00723 #endif // SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED 00724 #ifndef PLATFORM_APPLE_SSLVPN 00725 CStoragePath* m_pStoragePath; 00726 #endif // !PLATFORM_APPLE_SSLVPN 00727 00728 #ifdef ANYCONNECT_USE_SNAK 00729 PluginLoader *m_pPluginLoader; 00730 SNAK_CertPlugin *m_pSNAKCert; 00731 SNAK_SocketPlugin *m_pSNAKSocket; 00732 SNAK_StoragePlugin *m_pSNAKStorage; 00733 SNAK_DeviceInfoPlugin *m_pSNAKDeviceInfo; 00734 SNAKDeviceInfoPluginCBImpl *m_pSNAKDeviceInfoCB; 00735 00736 bool mb_SNAKInitialized; 00737 #endif 00738 00739 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN) 00740 bool mb_SCEPEnrollInProgress; 00741 #endif // PLATFORM_ANDROID || PLATFORM_APPLE_SSLVPN 00742 00743 bool mb_PreferenceMgrCreated; 00744 bool mb_StandaloneConnection; 00745 bool mb_UsingEventModel; 00746 bool mb_UserResponse; 00747 bool mb_IsUserResponseSet; 00748 bool mb_PerformedAutoCertEnrollment; 00749 tstring ms_PostEnrollmentConnectHost; 00750 bool mb_CaptivePortalMsgDisplayed; 00751 bool m_bSuppressMinimizeOnConnect; 00752 bool m_bSuppressConnectionErrorPopups; 00753 bool m_bLastConnectionAutomatic; 00754 bool m_bImportCertResp; 00755 bool m_bPrevMsgWasStateMsg; 00756 00757 unsigned int mui_OperatingMode; 00758 NETENV_STATE m_currentNetEnvState; 00759 NETENV_STATE m_previousNetEnvState; 00760 NETCTRL_STATE m_currentNetCtrlState; 00761 NETWORK_TYPE m_currentNetType; 00762 bool m_bACBrowserForCPRemediation; 00763 00764 tstring ms_message; 00765 00766 time_t m_disconnectTime; 00767 00768 static std::string ms_ThreadName; 00769 00770 CManualLock* m_pClientIfcStateLock; 00771 CManualLock* m_pClientIfcLock; 00772 CManualLock* m_pClientIfcPromptsLock; 00773 CManualLock* m_pClientIfcOpModeLock; 00774 CManualLock* m_pClientIfcAHSLock; 00775 CManualLock* m_pClientIfcConnectModeLock; 00776 CManualLock* m_pClientIfcInformAgentOfSCEPLock; 00777 00778 #if defined(MEMORY_LOGGING_SUPPORTED) 00779 boost::shared_ptr<ACLoggerImpl> m_spACLoggerImpl; 00780 #endif 00781 std::vector<tstring> msl_AHSSelectedHosts; 00782 ApiThread* m_pAHSThread; 00783 unsigned int m_uiAHSState; 00784 #if defined(CREDENTIAL_PREFILL_SUPPORTED) 00785 CredentialPrefill* m_pCredentialPrefill; 00786 #endif 00787 VPNError m_lastVpnError; 00788 00789 static volatile bool mb_deleteFirstPass; 00790 00791 ConnectMgr &getConnectMgr(); 00792 00793 ProfileMgr &getProfileMgr(); 00794 UserPreferences &getUserPreferences(); 00795 00796 void displayAgentAttachMessage(); 00797 00798 void setLastDisconnectTime(time_t time); 00799 00800 void setCurrentStatePrompts(const VPNState state, 00801 const VPNState prevState, 00802 const VPNSubState subState, 00803 const bool bUpdateStateMsg); 00804 void setCurrentStateErrorMessage(VPNState state, CONNECT_FAILURE_REASON cfr); 00805 void getStateMessage(const VPNState state, 00806 const VPNState prevState, 00807 const VPNSubState subState, 00808 const NETENV_STATE neState, 00809 /*out*/ MsgWithArg& stateMessage); 00810 00811 // IPreferenceUpdateCB methods 00812 virtual void OnLoadPreferencesComplete(); 00813 virtual bool IsPreferenceOverridable(const PreferenceId ePreferenceId); 00814 virtual void OverridePreferenceValue(const PreferenceId ePreferenceId, 00815 tstring& rPrefenceValue, 00816 bool& rbOverriden); 00817 00818 void RefreshPreferences(void); 00819 00820 void displayAHSPrompt(const bool isComplete); 00821 void handleAHSPreferences(const unsigned int uiReason); 00822 void setAHSState(const unsigned int ahsState); 00823 00824 bool autoConnectIfEnabled(const bool suppressAutoConnect); 00825 00826 void clearUserSetResponseFlag(); 00827 00828 #if defined(SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED) 00829 bool processSCEPIpcMessage(CIpcMessage *pIpcMessage); 00830 bool isSCEPRedirect(); 00831 void processSCEPRedirect(); 00832 #endif // SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED 00833 00834 bool hasConnectCapabilities(); 00835 bool hasMgmtCapabilities(); 00836 00837 ClientIfcBase(const ClientIfcBase& other); 00838 ClientIfcBase& operator=(const ClientIfcBase& other); 00839 00840 #ifdef ANYCONNECT_USE_SNAK 00841 bool initializeSNAK(bool bUseExistingInstanceIfAvail); 00842 void destroySNAK(); 00843 ManagedCertificate *convertSnakToManagedCertificate(const ManagedCertHandle &snakCert); 00844 #endif 00845 }; 00846 00847 00848 #endif // _CLIENTIFCBASE_