20 #ifndef _CLIENTIFCBASE_
21 #define _CLIENTIFCBASE_
32 #if !defined(PLATFORM_APPLE_SSLVPN) && !defined(PLATFORM_ANDROID) && !defined(PLATFORM_WIN_APP)
33 #define SCRIPTING_SUPPORTED
35 #if !defined(PLATFORM_WIN_APP)
36 #define INTERPROCESS_COMMUNICATION_SUPPORTED
44 #if defined(_WIN32) || defined(_WIN32_WCE) || defined(PLATFORM_DARWIN) || defined(PLATFORM_LINUX) || defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN)
45 #define SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED
53 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_CHROMEBOOK)
54 #define HOST_DATA_SUPPORTED
57 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) || defined(PRODUCT_TYPE_SSA)
63 #define MANUAL_PKCS12_IMPORT_SUPPORTED
66 #if defined(PLATFORM_ANDROID)
67 #define MEMORY_LOGGING_SUPPORTED
70 #if defined(PLATFORM_ANDROID)
71 #define PROGRAM_DATA_IMPORT_SUPPORTED
74 #if defined(PLATFORM_ANDROID)
76 #define CREDENTIAL_PREFILL_SUPPORTED
79 #if defined(MANUAL_PKCS12_IMPORT_SUPPORTED) && !defined(__GENDEFS_H)
80 #if defined(HAVE_STDINT_H)
83 typedef unsigned char uint8_t;
84 #endif // HAVE_STDINT_H
85 #endif // MANUAL_PKCS12_IMPORT_SUPPORTED
87 #if defined(MEMORY_LOGGING_SUPPORTED)
88 #include "boost/shared_ptr.hpp"
89 #include "IACLogger.h"
90 #endif // MEMORY_LOGGING_SUPPORTED
93 #include "PreferenceUpdate.h"
95 #if defined(PLATFORM_WIN_APP)
96 typedef unsigned char uint8_t;
99 #if defined(HOST_DATA_SUPPORTED)
100 #include "IHostData.h"
103 #if defined(ANYCONNECT_USE_SNAK)
104 #include "Utility/PluginLoader.h"
105 #include "SNAK_CertPlugin.h"
106 #include "SNAK_SocketPlugin.h"
107 #include "SNAK_StoragePlugin.h"
120 class UserPreferences;
127 class CExecutionContext;
130 #if defined(CREDENTIAL_PREFILL_SUPPORTED)
131 class CredentialPrefill;
134 #if !defined(PLATFORM_APPLE_SSLVPN)
138 #ifdef ANYCONNECT_USE_SNAK
140 class SNAK_StoragePlugin;
141 class SNAK_CertPlugin;
142 class SNAK_SocketPlugin;
143 class SNAK_DeviceInfoPlugin;
144 class SNAKDeviceInfoPluginCBImpl;
145 #endif // ANYCONNECT_USE_SNAK
147 #if defined(ANYCONNECT_USE_SNAK) || defined(PLATFORM_APPLE_SSLVPN)
148 class ManagedCertificate;
149 class ManagedCertHandle;
150 #endif // ANYCONNECT_USE_SNAK || PLATFORM_APPLE_SSLVPN
152 #ifdef MEMORY_LOGGING_SUPPORTED
156 #if defined(PROGRAM_DATA_IMPORT_SUPPORTED)
157 class IACImporterAsync;
158 class IACImporterAsyncCB;
163 friend class EventMgr;
177 virtual void StatsCB(
VPNStats &stats) = 0;
186 virtual void StateCB(
const VPNState state,
188 const tstring stateString) = 0;
203 virtual void BannerCB(
const tstring &banner) = 0;
218 virtual void NoticeCB(
const tstring notice,
221 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) || defined(PLATFORM_CHROMEBOOK)
222 virtual void CertBannerCB(
const tstring &certBannerSummary,
223 const uint32_t nCertBannerCertLen,
224 const uint8_t *pCertBannerCertDer,
225 const std::list<tstring> &confirmReasons,
226 const std::list<CertConfirmReason> &confirmReasonEnums,
227 bool bImportAllowed =
true) = 0;
245 virtual void ExitNoticeCB(
const tstring &tstrNotice,
246 const int returnCode);
257 virtual void ServiceReadyCB() = 0;
287 virtual void WMHintCB(
const WMHint hint,
302 virtual void deliverWebLaunchHostCB(
const tstring &activeHost);
314 virtual void CertBlockedCB(
const tstring &rtstrUntrustedServer) = 0;
329 virtual void CertWarningCB(
const tstring &rtstrUntrustedServer,
330 const std::list<tstring> &rltstrCertErrors,
331 bool bAllowImport) = 0;
333 #if defined(PLATFORM_WIN_APP)
337 virtual void CertWarningCB(
const tstring &rtstrUntrustedServer,
338 const std::list<tstring> &rltstrCertErrors,
339 const std::vector<uint8_t> &rvServerCertDER,
340 bool bAllowImport) = 0;
356 virtual void EventAvailable();
358 #ifdef MANUAL_PKCS12_IMPORT_SUPPORTED
359 virtual void ImportPKCS12ResultCB(
const std::vector<uint8_t> &certHash,
const tstring &tstrError);
361 #ifdef PLATFORM_ANDROID
362 virtual void ClientCertificateCB(std::vector< std::pair<uint32_t, uint8_t*> > certList) = 0;
363 virtual void AgentDetachedCB();
366 AgentIfc &getAgentIfc();
373 virtual bool attach(ClientType clientType = ClientType_GUI,
374 bool requestFullCapabilities =
true,
375 bool suppressAutoConnect =
true);
377 virtual void detach();
379 virtual void ProcessEvents();
381 virtual bool hasFullCapabilities();
383 virtual bool isConnected();
385 virtual bool isAvailable();
387 virtual std::list<tstring> getHostNames();
389 virtual std::list<HostEntry> getHostEntries();
391 virtual tstring getDefaultHostName();
393 #if defined(HOST_DATA_SUPPORTED)
394 virtual bool connect(
const IHostData& hostData);
396 bool connect(
const IHostData& hostData,
397 unsigned int origin);
399 virtual bool connect(
tstring host);
402 unsigned int origin);
405 virtual bool setNewTunnelGroup(
const tstring & group);
407 virtual void disconnect();
409 virtual void cancel();
411 virtual void resetStats();
413 virtual void getState();
424 NETENV_STATE netEnvState = NES_NETWORK_ACCESSIBLE,
427 void setNetworkStates(NETENV_STATE netEnvState,
428 NETCTRL_STATE netCtrlState,
429 NETWORK_TYPE netType,
430 bool bACBrowserForCPRemediation,
432 void refreshOperatingModeForCurrentNetStates();
433 NETENV_STATE getCurrentNetEnvState();
434 NETENV_STATE getPreviousNetEnvState();
435 NETCTRL_STATE getCurrentNetCtrlState();
436 NETWORK_TYPE getCurrentNetType();
437 bool isACBrowserForCPRemediation();
439 static tstring getNetCtrlText(NETCTRL_STATE netCtrlState);
440 static tstring getNetEnvText(NETENV_STATE netEnvState,
441 bool bSimple =
false);
442 static tstring getNetTypeText(NETWORK_TYPE netType);
443 static tstring getQuarantinedStatusText();
444 static tstring getNetworkStatusSimpleText(
const NETENV_STATE netEnvState,
445 const NETCTRL_STATE netCtrlState);
450 const NETENV_STATE netEnvState,
451 const NETCTRL_STATE netCtrlState);
455 bool savePreferences();
457 virtual void startStats();
459 virtual void stopStats();
461 virtual void UserSubmit();
463 void setBanner(
const tstring &banner);
464 void setBannerResponse(
bool bResponse);
465 bool getUserResponse();
466 bool isUserResponseSet();
468 void setCertBlocked(
const tstring &tstrUntrustedServer);
469 void setCertWarning(
const tstring &rtstrUntrustedServer,
470 const std::list<tstring> &rltstrCertErrors,
472 #if defined(PLATFORM_WIN_APP)
473 void setCertWarning(
const tstring &rtstrUntrustedServer,
474 const std::list<tstring> &rltstrCertErrors,
475 const std::vector<uint8_t>& rvServerCertDER,
478 bool getCertImportResponse();
480 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) || defined(PLATFORM_CHROMEBOOK)
481 void setCertBanner(
tstring tstrCertBannerSummary,
482 uint32_t nCertBannerCertLen,
483 const uint8_t *pCertBannerCertDer,
484 const std::list<tstring> &confirmReasons,
485 const std::list<CertConfirmReason> &confirmReasonEnums,
486 bool bImportAllowed);
488 void setCertBannerResponse(
bool bResponse,
bool bImportCert);
489 void importServerCert(std::vector<uint8_t> certData);
490 bool setFipsMode(
bool bEnableFips);
491 #if defined(PLATFORM_ANDROID)
492 bool setStrictMode(
bool bEnableStrictMode);
493 bool setRevocationEnabled(
bool bRevocationEnabled);
494 bool IsRevocationEnabled();
495 #endif // currently supported only for android
500 #ifdef PLATFORM_ANDROID
501 void setClientCertResponse(std::vector< std::pair<uint32_t, uint8_t*> > &derList);
502 void setAgentDetached();
503 bool getClientCertificates();
506 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID)
507 void setSCEPEnrollInProgress(
bool bInProgress);
508 bool isSCEPEnrollInProgress();
509 #endif // PLATFORM_APPLE_SSLVPN || PLATFORM_ANDROID
511 #ifdef MANUAL_PKCS12_IMPORT_SUPPORTED
512 void setImportPKCS12Result(
const std::vector<uint8_t> &certHash,
const tstring &tstrError);
513 bool requestImportPKCS12(
const std::vector<uint8_t> &data);
514 std::vector<uint8_t> importPKCS12WithPassword(
const std::vector<uint8_t> &data,
const tstring &password);
517 void setCertBlockedResponse(
bool bUnlock);
518 void setCertWarningResponse(
bool bConnect,
bool bImportCert);
522 void ExitNotice(
const tstring &tstrNotice,
const int code = 0);
524 void notice(
const tstring tstrNotice,
526 bool bClearLastMsg =
false,
528 bool bStateMsg =
false);
530 void notice(MsgWithArg ¬ice,
532 bool bClearLastMsg =
false,
534 bool bStateMsg =
false);
540 void exportStats(
const tstring &tstrFilePath);
545 bool bUpdateStateMsg =
true,
546 bool bOnlyUpdateUI =
false);
548 #if defined(MEMORY_LOGGING_SUPPORTED)
549 boost::shared_ptr<IACLogger> getACLogger();
551 void enqueueAgentLogMessages(
const std::list<ACLogEntry> &msgList);
553 void receiveAgentLogMessages(
const std::list<ACLogEntry> &msgList);
556 #ifdef PROGRAM_DATA_IMPORT_SUPPORTED
557 IACImporterAsync *createACImporter(IACImporterAsyncCB *pCallback);
560 void setWMHint(
WMHint hint,
569 bool CanRemediateCaptivePortal();
570 bool policyAllowsCaptivePortalRemediation();
572 bool isEventShutdown();
574 bool isUsingEventModel();
576 time_t getLastDisconnectTime();
579 void resetConnectPromptPasswordData();
581 void setStandaloneConnection(
bool isStandalone);
583 void deliverActiveHost(
const tstring &activeHost,
584 ConnectProtocolType vpnProtocol = PROTOCOL_TYPE_UNKNOWN);
586 bool isVPNServiceReady();
590 void resetLastDisconnectTime(time_t time = 1);
592 void processMinimize();
595 void setEnrollClientCert(CertObj* pCert);
599 void linuxCertImportWarnUser();
603 void linuxCertImportWarnUserResponse(
bool bAccept);
605 void setDefaultHost(
tstring &host);
607 #if defined(HOST_DATA_SUPPORTED)
608 void setDefaultHostProfile(
const IHostData &hostProfile);
609 IHostData* getDefaultHostData();
610 #endif // HOST_DATA_SUPPORTED
612 void setLastVpnError(
VPNError vpnError);
615 #ifdef PLATFORM_ANDROID
616 bool requestClientCertificates();
619 bool requestImportLocalization(
const tstring tstrLocale,
620 const std::vector<unsigned char> &MoFileData);
623 void startAHS(
const unsigned int uiReason,
624 const ProxyIfc& proxy);
628 void AHSSelectedHost(
const unsigned int uiReason,
629 const std::vector<tstring> &headendList,
630 const long statusReturnCode,
632 std::vector<tstring> getAHSHostList();
633 unsigned int getAHSState();
636 bool suppressConnectionErrorPopups();
638 tstring getCaptivePortalDetectedMsg();
640 void setProxyAuthPrompts(ProxyIfc* pProxy,
643 #if defined(INTERPROCESS_COMMUNICATION_SUPPORTED)
644 bool handleIpcMessage(CIpcMessage *pIpcMessage);
646 bool IsCsdTokenVerified()
const;
648 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID)
649 virtual void SCEPEnrollStartCB();
650 virtual void SCEPEnrollExitCB();
651 #endif // PLATFORM_APPLE_SSLVPN || PLATFORM_ANDROID
653 void activateConnectMgrTunnelInitiationCompletionEvent();
654 bool isConnectRequestActive();
655 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_CHROMEBOOK)
656 bool deleteProfileByName(
const tstring &profileName);
658 bool importProfile(
const tstring &profileName,
const tstring &profileContents);
659 #endif // PLATFORM_ANDROID || PLATFORM_CHROMEBOOK
661 bool syncProfileChange(
const tstring &profileName);
663 #if defined(CREDENTIAL_PREFILL_SUPPORTED)
664 bool hasPrefilledCredentials();
666 void setPrefilledCredentials(CredentialPrefill *prefill);
669 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN)
670 std::list<ManagedCertificate *> enumerateCertificates(CertificateType certType);
671 bool deleteCertificates(CertificateType certType,
const std::list<std::string> &idList);
672 bool deleteServerCertificates(
const std::list<std::string> &idList);
673 #endif // ANYCONNECT_USE_SNAK || PLATFORM_APPLE_SSLVPN
675 #if defined(ANYCONNECT_USE_SNAK)
676 std::list<ManagedCertificate *> enumerateSNAKCertificates(SNAK_CertType certType);
677 SNAK_CertType getSNAKCertType(CertificateType certType);
678 bool deleteClientCertificates(
const std::list<std::string> &idList);
679 #endif // ANYCONNECT_USE_SNAK
681 #if defined(PLATFORM_APPLE_SSLVPN)
682 bool canUseBackupServers();
684 #endif //PLATFORM_APPLE_SSLVPN
690 tstring getMgmtTunnelHostname();
692 VPN_TUNNEL_SCOPE getVpnTunnelScope();
694 bool isStandaloneConnection();
699 CExecutionContext* m_pExecutionContext;
700 CExecutionContext* m_pExecutionContextMgr;
702 AgentIfc *mo_AgentIfc;
704 ConnectMgr *mo_ConnectMgr;
706 ApiThread *mo_ConnectThread;
708 EventMgr *mo_EventMgr;
710 PreferenceMgr *mo_PreferenceMgr;
716 #if defined(SCRIPTING_SUPPORTED)
717 CScriptingMgr *mo_ScriptingMgr;
718 #endif // SCRIPTING_SUPPORTED
720 #if defined(SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED)
722 bool m_bInformedAgentOfSCEP;
723 #endif // SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED
724 #ifndef PLATFORM_APPLE_SSLVPN
725 CStoragePath* m_pStoragePath;
726 #endif // !PLATFORM_APPLE_SSLVPN
728 #ifdef ANYCONNECT_USE_SNAK
729 PluginLoader *m_pPluginLoader;
730 SNAK_CertPlugin *m_pSNAKCert;
731 SNAK_SocketPlugin *m_pSNAKSocket;
732 SNAK_StoragePlugin *m_pSNAKStorage;
733 SNAK_DeviceInfoPlugin *m_pSNAKDeviceInfo;
734 SNAKDeviceInfoPluginCBImpl *m_pSNAKDeviceInfoCB;
736 bool mb_SNAKInitialized;
739 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN)
740 bool mb_SCEPEnrollInProgress;
741 #endif // PLATFORM_ANDROID || PLATFORM_APPLE_SSLVPN
743 bool mb_PreferenceMgrCreated;
744 bool mb_StandaloneConnection;
745 bool mb_UsingEventModel;
746 bool mb_UserResponse;
747 bool mb_IsUserResponseSet;
748 bool mb_PerformedAutoCertEnrollment;
749 tstring ms_PostEnrollmentConnectHost;
750 bool mb_CaptivePortalMsgDisplayed;
751 bool m_bSuppressMinimizeOnConnect;
752 bool m_bSuppressConnectionErrorPopups;
753 bool m_bLastConnectionAutomatic;
754 bool m_bImportCertResp;
755 bool m_bPrevMsgWasStateMsg;
757 unsigned int mui_OperatingMode;
758 NETENV_STATE m_currentNetEnvState;
759 NETENV_STATE m_previousNetEnvState;
760 NETCTRL_STATE m_currentNetCtrlState;
761 NETWORK_TYPE m_currentNetType;
762 bool m_bACBrowserForCPRemediation;
766 time_t m_disconnectTime;
768 static std::string ms_ThreadName;
770 CManualLock* m_pClientIfcStateLock;
771 CManualLock* m_pClientIfcLock;
772 CManualLock* m_pClientIfcPromptsLock;
773 CManualLock* m_pClientIfcOpModeLock;
774 CManualLock* m_pClientIfcAHSLock;
775 CManualLock* m_pClientIfcConnectModeLock;
776 CManualLock* m_pClientIfcInformAgentOfSCEPLock;
778 #if defined(MEMORY_LOGGING_SUPPORTED)
779 boost::shared_ptr<ACLoggerImpl> m_spACLoggerImpl;
781 std::vector<tstring> msl_AHSSelectedHosts;
782 ApiThread* m_pAHSThread;
783 unsigned int m_uiAHSState;
784 #if defined(CREDENTIAL_PREFILL_SUPPORTED)
785 CredentialPrefill* m_pCredentialPrefill;
789 static volatile bool mb_deleteFirstPass;
791 ConnectMgr &getConnectMgr();
793 ProfileMgr &getProfileMgr();
794 UserPreferences &getUserPreferences();
796 void displayAgentAttachMessage();
798 void setLastDisconnectTime(time_t time);
800 void setCurrentStatePrompts(
const VPNState state,
803 const bool bUpdateStateMsg);
804 void setCurrentStateErrorMessage(
VPNState state, CONNECT_FAILURE_REASON cfr);
805 void getStateMessage(
const VPNState state,
808 const NETENV_STATE neState,
809 MsgWithArg& stateMessage);
812 virtual void OnLoadPreferencesComplete();
813 virtual bool IsPreferenceOverridable(
const PreferenceId ePreferenceId);
814 virtual void OverridePreferenceValue(
const PreferenceId ePreferenceId,
818 void RefreshPreferences(
void);
820 void displayAHSPrompt(
const bool isComplete);
821 void handleAHSPreferences(
const unsigned int uiReason);
822 void setAHSState(
const unsigned int ahsState);
824 bool autoConnectIfEnabled(
const bool suppressAutoConnect);
826 void clearUserSetResponseFlag();
828 #if defined(SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED)
829 bool processSCEPIpcMessage(CIpcMessage *pIpcMessage);
830 bool isSCEPRedirect();
831 void processSCEPRedirect();
832 #endif // SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED
834 bool hasConnectCapabilities();
835 bool hasMgmtCapabilities();
840 #ifdef ANYCONNECT_USE_SNAK
841 bool initializeSNAK(
bool bUseExistingInstanceIfAvail);
843 ManagedCertificate *convertSnakToManagedCertificate(
const ManagedCertHandle &snakCert);
848 #endif // _CLIENTIFCBASE_