AnyConnect Secure Mobility Client  4.8.02045
ClientIfcBase.h
1 /**************************************************************************
2 * Copyright (c) 2006, Cisco Systems, All Rights Reserved
3 ***************************************************************************
4 *
5 * File: ClientIfcBase.h
6 * Author: Chris Fitzgerald
7 * Date: 08/2007
8 *
9 ***************************************************************************
10 *
11 * Client Interface Base class implementation for the Client API.
12 *
13 ***************************************************************************/
14 
15 // The ClientIfcBase class contains the majority of private methods and members.
16 // The purpose of this class is to hide all but the necessary methods from
17 // being exposed.
18 //
19 
20 #ifndef _CLIENTIFCBASE_
21 #define _CLIENTIFCBASE_
22 
23 #include <list>
24 #include <vector>
25 
26 /*
27  * When changing the SCRIPTING_SUPPORTED or INTERPROCESS_COMMUNICATION_SUPPORTED definition,
28  * you MUST also update GenDefs.h!
29  * We duplicate this definition here due to the manner in which we distribute our
30  * code to partners; we cannot include GenDefs.h from here.
31  */
32 #if !defined(PLATFORM_APPLE_SSLVPN) && !defined(PLATFORM_ANDROID) && !defined(PLATFORM_WIN_APP)
33 #define SCRIPTING_SUPPORTED
34 #endif
35 #if !defined(PLATFORM_WIN_APP)
36 #define INTERPROCESS_COMMUNICATION_SUPPORTED
37 #endif
38 
39 /*
40  * When changing the SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED definition, you MUST also update GenDefs.h!
41  * We duplicate this definition here due to the manner in which we distribute our
42  * code to partners; we cannot include GenDefs.h from here.
43  */
44 #if defined(_WIN32) || defined(_WIN32_WCE) || defined(PLATFORM_DARWIN) || defined(PLATFORM_LINUX) || defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN)
45 #define SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED
46 #endif
47 
48 /*
49  * When changing the HOST_DATA_SUPPORTED definition, you MUST also update GenDefs.h!
50  * We duplicate this definition here due to the manner in which we distribute our
51  * code to partners; we cannot include GenDefs.h from here.
52  */
53 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_CHROMEBOOK)
54 #define HOST_DATA_SUPPORTED
55 #endif
56 
57 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) || defined(PRODUCT_TYPE_SSA)
58 /*
59  ** the MANUAL_PKCS12_IMPORT_SUPPORTED define is used to track the platforms
60  ** where the manual import of PKCS12 certificates is supported. This is to avoid repeating the
61  ** platforms in #ifdef clauses in other files.
62  */
63 #define MANUAL_PKCS12_IMPORT_SUPPORTED
64 #endif
65 
66 #if defined(PLATFORM_ANDROID)
67 #define MEMORY_LOGGING_SUPPORTED
68 #endif
69 
70 #if defined(PLATFORM_ANDROID)
71 #define PROGRAM_DATA_IMPORT_SUPPORTED
72 #endif
73 
74 #if defined(PLATFORM_ANDROID)
75 // Credentials for a connection can be prefilled via uri handling or API calls
76 #define CREDENTIAL_PREFILL_SUPPORTED
77 #endif
78 
79 #if defined(MANUAL_PKCS12_IMPORT_SUPPORTED) && !defined(__GENDEFS_H)
80 #if defined(HAVE_STDINT_H)
81 #include <stdint.h>
82 #else
83 typedef unsigned char uint8_t;
84 #endif // HAVE_STDINT_H
85 #endif // MANUAL_PKCS12_IMPORT_SUPPORTED
86 
87 #if defined(MEMORY_LOGGING_SUPPORTED)
88 #include "boost/shared_ptr.hpp"
89 #include "IACLogger.h"
90 #endif // MEMORY_LOGGING_SUPPORTED
91 
92 #include "api.h"
93 #include "PreferenceUpdate.h"
94 
95 #if defined(PLATFORM_WIN_APP)
96 typedef unsigned char uint8_t;
97 #endif
98 
99 #if defined(HOST_DATA_SUPPORTED)
100 #include "IHostData.h"
101 #endif
102 
103 #if defined(ANYCONNECT_USE_SNAK)
104 #include "Utility/PluginLoader.h"
105 #include "SNAK_CertPlugin.h"
106 #include "SNAK_SocketPlugin.h"
107 #include "SNAK_StoragePlugin.h"
108 #endif
109 
110 class ConnectPromptInfo;
111 class ConnectMgr;
112 class MsgWithArg;
113 class VPNStats;
114 class AgentIfc;
115 class ProfileMgr;
116 class ApiThread;
117 class EventMgr;
118 class PreferenceMgr;
119 class PreferenceInfo;
120 class UserPreferences;
121 class CScriptingMgr;
122 class CManualLock;
123 class ProxyIfc;
124 class CIpcMessage;
125 class SCEPIfc;
126 class CertObj;
127 class CExecutionContext;
128 class HostEntry;
129 
130 #if defined(CREDENTIAL_PREFILL_SUPPORTED)
131 class CredentialPrefill;
132 #endif
133 
134 #if !defined(PLATFORM_APPLE_SSLVPN)
135 class CStoragePath;
136 #endif
137 
138 #ifdef ANYCONNECT_USE_SNAK
139 class PluginLoader;
140 class SNAK_StoragePlugin;
141 class SNAK_CertPlugin;
142 class SNAK_SocketPlugin;
143 class SNAK_DeviceInfoPlugin;
144 class SNAKDeviceInfoPluginCBImpl;
145 #endif // ANYCONNECT_USE_SNAK
146 
147 #if defined(ANYCONNECT_USE_SNAK) || defined(PLATFORM_APPLE_SSLVPN)
148 class ManagedCertificate;
149 class ManagedCertHandle;
150 #endif // ANYCONNECT_USE_SNAK || PLATFORM_APPLE_SSLVPN
151 
152 #ifdef MEMORY_LOGGING_SUPPORTED
153 class ACLoggerImpl;
154 #endif
155 
156 #if defined(PROGRAM_DATA_IMPORT_SUPPORTED)
157 class IACImporterAsync;
158 class IACImporterAsyncCB;
159 #endif
160 
161 class VPN_VPNAPI ClientIfcBase : private IPreferenceUpdateCB
162 {
163  friend class EventMgr;
164 
165  protected:
166 
167  /**
168  * Callback used to deliver new statistics related to the VPN
169  * connection.
170  *
171  * When a connection is active, a new set of statistics is
172  * delivered each second.
173  *
174  * @see resetStats(), stopStats() and startStats()
175  *
176  */
177  virtual void StatsCB(VPNStats &stats) = 0;
178 
179 
180  /**
181  * Callback used to deliver VPN state and state change string.
182  * The stateString delivered by this method is localized.
183  *
184  * See the ::VPNState enum found in api.h for set of valid states.
185  */
186  virtual void StateCB(const VPNState state,
187  const VPNSubState subState,
188  const tstring stateString) = 0;
189 
190 
191  /**
192  * If a banner needs to be acknowledged, this CB delivers the banner
193  * to the client.
194  *
195  * NOTE: Connection establishment will block until the method
196  * setBannerResponse() is called.
197  *
198  * In a GUI, a banner would typically be displayed in a modal dialog
199  * with an accept or decline button selection.
200  *
201  * @see setBannerResponse() to set the user response to the banner.
202  */
203  virtual void BannerCB(const tstring &banner) = 0;
204 
205 
206  /**
207  * Messages are delivered via the NoticeCB and can come from multiple
208  * sources. There are four message types (error, warning, info and
209  * status). See the ::MessageType enum in api.h for the list.
210  *
211  * Clients using the API as an embedded application (not
212  * user visible) might want to further characterize
213  * messages. One option here is to use the AnyConnect message
214  * catalog and assign message codes as the translations for
215  * various messages. An application could then track messages based
216  * on its own error code scheme.
217  */
218  virtual void NoticeCB(const tstring notice,
219  const MessageType type) = 0;
220 
221 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) || defined(PLATFORM_CHROMEBOOK)
222  virtual void CertBannerCB(const tstring &certBannerSummary,
223  const uint32_t nCertBannerCertLen,
224  const uint8_t *pCertBannerCertDer,
225  const std::list<tstring> &confirmReasons,
226  const std::list<CertConfirmReason> &confirmReasonEnums,
227  bool bImportAllowed = true) = 0;
228 #endif
229 
230  /**
231  * This CB would likely occur only during a connection when it was
232  * detected that the software needed to be upgraded, or when Start
233  * Before Logon (SBL) is being used.
234  *
235  * Unlike the other callback methods, this method provides a default
236  * implementation (calling the system's exit() function).
237  * If clients of the API wish to override this behavior, they are
238  * responsible for ensuring that the current running process exits with
239  * the return code specified by returnCode.
240  *
241  * <b>Caution</b>: IF YOU OVERRIDE THIS METHOD AND DO NOT EXIT WITH
242  * THE PROPER CODE SOFTWARE UPDATE FUNCTIONALITY IN YOUR CLIENT WILL
243  * BREAK
244  */
245  virtual void ExitNoticeCB(const tstring &tstrNotice,
246  const int returnCode);
247 
248 
249  /**
250  * Under normal operating conditions, this CB is called as soon
251  * as the attach method completes. In case the service (vpn agent)
252  * is not ready, this CB is not called until it is.
253  *
254  * Any API calls made prior to this CB being called will result in a
255  * NoticeCB error message.
256  */
257  virtual void ServiceReadyCB() = 0;
258 
259 
260 
261  /**
262  * This method supports prompting for single or multiple values. All
263  * prompts are considered mandatory.
264  *
265  * The ConnectPromptInfo object contains a list of PromptEntry
266  * instances. The labels and their default values (if any) can be
267  * found in these instances. After the data has been collected from the user
268  * it can be set into these same instances. When ready, the client
269  * application should call the method UserSubmit() to have the
270  * responses read by the API.
271  */
272  virtual void UserPromptCB(ConnectPromptInfo &ConnectPrompt) = 0;
273 
274 
275  /**
276  * Use this method to provide Window Manager hints to GUI
277  * applications. To receive these hints, the application must
278  * identify itself as a GUI in the attach method. In addition, this
279  * method should be overriden to receive any generated events.
280  *
281  * Event that can be received include those indicating that a user is
282  * starting a second instance of the GUI application. This information
283  * can be used to tell the already running application to un-minimize
284  * itself and let the new program know that it should Quit (since a GUI
285  * is already running).
286  */
287  virtual void WMHintCB(const WMHint hint,
288  const WMHintReason reason);
289 
290 
291  /**
292  * This method is useful when the connection to the secure gateway
293  * has been established as part of a web-launch of the VPN tunnel.
294  *
295  * If the client application wishes to be notified of the secure
296  * gateway to which the VPN has been established, this method should
297  * be overriden.
298  *
299  * If the client application is started and a tunnel is already active,
300  * this method also delivers the name of the secure gateway host.
301  */
302  virtual void deliverWebLaunchHostCB(const tstring &activeHost);
303 
304  /**
305  * This method is called when the preference to block untrusted
306  * servers is enabled and the current VPN server being connected
307  * to is untrusted. Clients should present an error to the user
308  * notifying them that the current connection to rtstrUntrustedServer
309  * is being blocked. The client should also provide a way for the
310  * user to change the preference to block untrusted servers.
311  *
312  * The user response must be indicated using setCertBlockedResponse
313  */
314  virtual void CertBlockedCB(const tstring &rtstrUntrustedServer) = 0;
315 
316  /**
317  * This method is called when connections to untrusted VPN servers
318  * is allowed by policies and the current VPN server being connected
319  * to is untrusted. Clients should present a warning to the user
320  * notifying them that the current connection to rtstrUntrustedServer
321  * is unsafe. The reason the VPN server is untrusted is provided in
322  * rltstrCertErrors. The client should provide a way for the user to
323  * connect once, connect and always trust or cancel the connection.
324  * If bAllowImport is set to false then the always trust option should
325  * not be presented to users.
326  *
327  * The user response must be indicated using setCertWarningResponse
328  */
329  virtual void CertWarningCB(const tstring &rtstrUntrustedServer,
330  const std::list<tstring> &rltstrCertErrors,
331  bool bAllowImport) = 0;
332 
333 #if defined(PLATFORM_WIN_APP)
334  /**
335  * Same as above but also passes the Server certificate DER for details display
336  */
337  virtual void CertWarningCB(const tstring &rtstrUntrustedServer,
338  const std::list<tstring> &rltstrCertErrors,
339  const std::vector<uint8_t> &rvServerCertDER,
340  bool bAllowImport) = 0;
341 #endif
342 
343  /**
344  * This method can be overriden if the client application wishes to
345  * exercise some control over the delivery of events from the other
346  * protected methods in this class.
347  *
348  * This might be necessary in cases where a GUI is being written and
349  * the data from this API needs to be delivered in the GUI or main
350  * thread. In this case, you should override this method and when it
351  * is called by the API post an event to your event queue (message
352  * pump, etc.). After this event executes in your GUI or main thread,
353  * call the method ClientIfc::ProcessEvents to have events delivered
354  * to your client application.
355  */
356  virtual void EventAvailable();
357 
358 #ifdef MANUAL_PKCS12_IMPORT_SUPPORTED
359  virtual void ImportPKCS12ResultCB(const std::vector<uint8_t> &certHash, const tstring &tstrError);
360 #endif
361 #ifdef PLATFORM_ANDROID
362  virtual void ClientCertificateCB(std::vector< std::pair<uint32_t, uint8_t*> > certList) = 0;
363  virtual void AgentDetachedCB();
364 #endif
365 
366  AgentIfc &getAgentIfc();
367 
368  ClientIfcBase();
369 
370 
371  public:
372 
373  virtual bool attach(ClientType clientType = ClientType_GUI,
374  bool requestFullCapabilities = true,
375  bool suppressAutoConnect = true);
376 
377  virtual void detach();
378 
379  virtual void ProcessEvents();
380 
381  virtual bool hasFullCapabilities();
382 
383  virtual bool isConnected();
384 
385  virtual bool isAvailable();
386 
387  virtual std::list<tstring> getHostNames();
388 
389  virtual std::list<HostEntry> getHostEntries();
390 
391  virtual tstring getDefaultHostName();
392 
393 #if defined(HOST_DATA_SUPPORTED)
394  virtual bool connect(const IHostData& hostData);
395 
396  bool connect(const IHostData& hostData,
397  unsigned int origin);
398 #else
399  virtual bool connect(tstring host);
400 
401  bool connect(tstring host,
402  unsigned int origin);
403 #endif
404 
405  virtual bool setNewTunnelGroup(const tstring & group);
406 
407  virtual void disconnect();
408 
409  virtual void cancel();
410 
411  virtual void resetStats();
412 
413  virtual void getState();
414 
415  VPNState getCurrentState();
416  VPNSubState getCurrentSubState();
417  VPNSubState getPreviousSubState();
418 
419  tstring getStateText();
420  static tstring getNoticeTypeText(MessageType msgType);
421 
422  static tstring getStateText(VPNState state,
423  VPNSubState subState = VPNSS_NORMAL,
424  NETENV_STATE netEnvState = NES_NETWORK_ACCESSIBLE,
425  const tstring& tstrConnectedHost = tstring());
426 
427  void setNetworkStates(NETENV_STATE netEnvState,
428  NETCTRL_STATE netCtrlState,
429  NETWORK_TYPE netType,
430  bool bACBrowserForCPRemediation,
431  bool bUpdateUI);
432  void refreshOperatingModeForCurrentNetStates();
433  NETENV_STATE getCurrentNetEnvState();
434  NETENV_STATE getPreviousNetEnvState();
435  NETCTRL_STATE getCurrentNetCtrlState();
436  NETWORK_TYPE getCurrentNetType();
437  bool isACBrowserForCPRemediation();
438 
439  static tstring getNetCtrlText(NETCTRL_STATE netCtrlState);
440  static tstring getNetEnvText(NETENV_STATE netEnvState,
441  bool bSimple = false);
442  static tstring getNetTypeText(NETWORK_TYPE netType);
443  static tstring getQuarantinedStatusText();
444  static tstring getNetworkStatusSimpleText(const NETENV_STATE netEnvState,
445  const NETCTRL_STATE netCtrlState);
446 
447  // can't be static due to requiring operating mode information
448  tstring getNetworkStatusText(const VPNState state,
449  const VPNSubState subState,
450  const NETENV_STATE netEnvState,
451  const NETCTRL_STATE netCtrlState);
452 
453  PreferenceInfo &getPreferences();
454 
455  bool savePreferences();
456 
457  virtual void startStats();
458 
459  virtual void stopStats();
460 
461  virtual void UserSubmit();
462 
463  void setBanner(const tstring &banner);
464  void setBannerResponse(bool bResponse);
465  bool getUserResponse();
466  bool isUserResponseSet();
467 
468  void setCertBlocked(const tstring &tstrUntrustedServer);
469  void setCertWarning(const tstring &rtstrUntrustedServer,
470  const std::list<tstring> &rltstrCertErrors,
471  bool bAllowImport);
472 #if defined(PLATFORM_WIN_APP)
473  void setCertWarning(const tstring &rtstrUntrustedServer,
474  const std::list<tstring> &rltstrCertErrors,
475  const std::vector<uint8_t>& rvServerCertDER,
476  bool bAllowImport);
477 #endif
478  bool getCertImportResponse();
479 
480 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) || defined(PLATFORM_CHROMEBOOK)
481  void setCertBanner(tstring tstrCertBannerSummary,
482  uint32_t nCertBannerCertLen,
483  const uint8_t *pCertBannerCertDer,
484  const std::list<tstring> &confirmReasons,
485  const std::list<CertConfirmReason> &confirmReasonEnums,
486  bool bImportAllowed);
487 
488  void setCertBannerResponse(bool bResponse, bool bImportCert);
489  void importServerCert(std::vector<uint8_t> certData);
490  bool setFipsMode(bool bEnableFips);
491 #if defined(PLATFORM_ANDROID)
492  bool setStrictMode(bool bEnableStrictMode);
493  bool setRevocationEnabled(bool bRevocationEnabled);
494  bool IsRevocationEnabled();
495 #endif // currently supported only for android
496 #endif
497 
498  void setUserPrompt(ConnectPromptInfo &ConnectPrompt);
499 
500 #ifdef PLATFORM_ANDROID
501  void setClientCertResponse(std::vector< std::pair<uint32_t, uint8_t*> > &derList);
502  void setAgentDetached();
503  bool getClientCertificates();
504 #endif
505 
506 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID)
507  void setSCEPEnrollInProgress(bool bInProgress);
508  bool isSCEPEnrollInProgress();
509 #endif // PLATFORM_APPLE_SSLVPN || PLATFORM_ANDROID
510 
511 #ifdef MANUAL_PKCS12_IMPORT_SUPPORTED
512  void setImportPKCS12Result(const std::vector<uint8_t> &certHash, const tstring &tstrError);
513  bool requestImportPKCS12(const std::vector<uint8_t> &data);
514  std::vector<uint8_t> importPKCS12WithPassword(const std::vector<uint8_t> &data, const tstring &password);
515 #endif
516 
517  void setCertBlockedResponse(bool bUnlock);
518  void setCertWarningResponse(bool bConnect, bool bImportCert);
519 
520  void insertStateToConnectPrompt(ConnectPromptInfo &ConnectPrompt);
521 
522  void ExitNotice(const tstring &tstrNotice, const int code = 0);
523 
524  void notice(const tstring tstrNotice,
525  const MessageType type = MsgType_Info,
526  bool bClearLastMsg = false,
527  bool bForce = false,
528  bool bStateMsg = false);
529 
530  void notice(MsgWithArg &notice,
531  const MessageType type = MsgType_Info,
532  bool bClearLastMsg = false,
533  bool bForce = false,
534  bool bStateMsg = false);
535 
536  void getStats(void);
537 
538  void setStats(VPNStats &stats);
539 
540  void exportStats(const tstring &tstrFilePath);
541 
542  void setState(VPNState state,
543  VPNState previousState,
544  VPNSubState subState = VPNSS_NORMAL,
545  bool bUpdateStateMsg = true,
546  bool bOnlyUpdateUI = false);
547 
548 #if defined(MEMORY_LOGGING_SUPPORTED)
549  boost::shared_ptr<IACLogger> getACLogger();
550 
551  void enqueueAgentLogMessages(const std::list<ACLogEntry> &msgList);
552 
553  void receiveAgentLogMessages(const std::list<ACLogEntry> &msgList);
554 #endif
555 
556 #ifdef PROGRAM_DATA_IMPORT_SUPPORTED
557  IACImporterAsync *createACImporter(IACImporterAsyncCB *pCallback);
558 #endif
559 
560  void setWMHint(WMHint hint,
561  WMHintReason reason);
562 
563  bool isLastConnectType (const ConnectPromptType connPromptType);
564 
565  bool isOperatingMode(OperatingMode opMode);
566  void setOperatingMode(OperatingMode opMode);
567  void unsetOperatingMode(OperatingMode opMode);
568 
569  bool CanRemediateCaptivePortal();
570  bool policyAllowsCaptivePortalRemediation();
571 
572  bool isEventShutdown();
573 
574  bool isUsingEventModel();
575 
576  time_t getLastDisconnectTime();
577 
578  ConnectPromptInfo getConnectPromptInfo();
579  void resetConnectPromptPasswordData();
580 
581  void setStandaloneConnection(bool isStandalone);
582 
583  void deliverActiveHost(const tstring &activeHost,
584  ConnectProtocolType vpnProtocol = PROTOCOL_TYPE_UNKNOWN);
585 
586  bool isVPNServiceReady();
587 
588  // reset last disconnect time indicator.
589  //
590  void resetLastDisconnectTime(time_t time = 1);
591 
592  void processMinimize();
593 
594  // cert enrollment
595  void setEnrollClientCert(CertObj* pCert);
596 
597  // Show user banner for cert import warning on linux
598  // SCEPIfc to ConnectMgr
599  void linuxCertImportWarnUser();
600 
601  // Response to cert warning on linux
602  // ConnectMgr to SCEPIfc
603  void linuxCertImportWarnUserResponse(bool bAccept);
604 
605  void setDefaultHost(tstring &host);
606 
607 #if defined(HOST_DATA_SUPPORTED)
608  void setDefaultHostProfile(const IHostData &hostProfile);
609  IHostData* getDefaultHostData();
610 #endif // HOST_DATA_SUPPORTED
611 
612  void setLastVpnError(VPNError vpnError);
613  VPNError getLastVpnError();
614 
615 #ifdef PLATFORM_ANDROID
616  bool requestClientCertificates();
617 #endif
618 
619  bool requestImportLocalization(const tstring tstrLocale,
620  const std::vector<unsigned char> &MoFileData);
621 
622  // Start the Automatic Headend Selection operation
623  void startAHS(const unsigned int uiReason,
624  const ProxyIfc& proxy);
625  // statusReturnCode is a long to match the current type of STATUSCODE.
626  // It is not using a STATUSCODE directly so that we do not have to
627  // expose the header files for STATUSCODEs to ClientIfcBase.h
628  void AHSSelectedHost(const unsigned int uiReason,
629  const std::vector<tstring> &headendList,
630  const long statusReturnCode,
631  const tstring& extraInfo);
632  std::vector<tstring> getAHSHostList();
633  unsigned int getAHSState();
634  bool isAHSHasRun();
635 
636  bool suppressConnectionErrorPopups();
637 
638  tstring getCaptivePortalDetectedMsg();
639 
640  void setProxyAuthPrompts(ProxyIfc* pProxy,
641  const tstring& promptMsg);
642 
643 #if defined(INTERPROCESS_COMMUNICATION_SUPPORTED)
644  bool handleIpcMessage(CIpcMessage *pIpcMessage);
645 #endif
646  bool IsCsdTokenVerified() const;
647 
648 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID)
649  virtual void SCEPEnrollStartCB();
650  virtual void SCEPEnrollExitCB();
651 #endif // PLATFORM_APPLE_SSLVPN || PLATFORM_ANDROID
652 
653  void activateConnectMgrTunnelInitiationCompletionEvent();
654  bool isConnectRequestActive();
655 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_CHROMEBOOK)
656  bool deleteProfileByName(const tstring &profileName);
657  tstring getProfileContents(const tstring &profileName);
658  bool importProfile(const tstring &profileName, const tstring &profileContents);
659 #endif // PLATFORM_ANDROID || PLATFORM_CHROMEBOOK
660 
661  bool syncProfileChange(const tstring &profileName);
662 
663 #if defined(CREDENTIAL_PREFILL_SUPPORTED)
664  bool hasPrefilledCredentials();
665  bool prefillCredentials(ConnectPromptInfo &connectPrompt);
666  void setPrefilledCredentials(CredentialPrefill *prefill);
667 #endif
668 
669 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN)
670  std::list<ManagedCertificate *> enumerateCertificates(CertificateType certType);
671  bool deleteCertificates(CertificateType certType, const std::list<std::string> &idList);
672  bool deleteServerCertificates(const std::list<std::string> &idList);
673 #endif // ANYCONNECT_USE_SNAK || PLATFORM_APPLE_SSLVPN
674 
675 #if defined(ANYCONNECT_USE_SNAK)
676  std::list<ManagedCertificate *> enumerateSNAKCertificates(SNAK_CertType certType);
677  SNAK_CertType getSNAKCertType(CertificateType certType);
678  bool deleteClientCertificates(const std::list<std::string> &idList);
679 #endif // ANYCONNECT_USE_SNAK
680 
681 #if defined(PLATFORM_APPLE_SSLVPN)
682  bool canUseBackupServers();
683 
684 #endif //PLATFORM_APPLE_SSLVPN
685 
686  virtual ~ClientIfcBase();
687 
688  tstring getConnectHost();
689 
690  tstring getMgmtTunnelHostname();
691 
692  VPN_TUNNEL_SCOPE getVpnTunnelScope();
693 
694  bool isStandaloneConnection();
695 
696  void sendSSoLogoutPrompt(ConnectPromptInfo &cpi);
697 
698  private:
699  CExecutionContext* m_pExecutionContext;
700  CExecutionContext* m_pExecutionContextMgr;
701 
702  AgentIfc *mo_AgentIfc;
703 
704  ConnectMgr *mo_ConnectMgr;
705 
706  ApiThread *mo_ConnectThread;
707 
708  EventMgr *mo_EventMgr;
709 
710  PreferenceMgr *mo_PreferenceMgr;
711 
712  ConnectPromptInfo *mp_currentConnectPromptInfo;
713 
714  PreferenceInfo *mo_EditablePrefs;
715 
716 #if defined(SCRIPTING_SUPPORTED)
717  CScriptingMgr *mo_ScriptingMgr;
718 #endif // SCRIPTING_SUPPORTED
719 
720 #if defined(SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED)
721  SCEPIfc* m_pSCEPIfc;
722  bool m_bInformedAgentOfSCEP;
723 #endif // SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED
724 #ifndef PLATFORM_APPLE_SSLVPN
725  CStoragePath* m_pStoragePath;
726 #endif // !PLATFORM_APPLE_SSLVPN
727 
728 #ifdef ANYCONNECT_USE_SNAK
729  PluginLoader *m_pPluginLoader;
730  SNAK_CertPlugin *m_pSNAKCert;
731  SNAK_SocketPlugin *m_pSNAKSocket;
732  SNAK_StoragePlugin *m_pSNAKStorage;
733  SNAK_DeviceInfoPlugin *m_pSNAKDeviceInfo;
734  SNAKDeviceInfoPluginCBImpl *m_pSNAKDeviceInfoCB;
735 
736  bool mb_SNAKInitialized;
737 #endif
738 
739 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN)
740  bool mb_SCEPEnrollInProgress;
741 #endif // PLATFORM_ANDROID || PLATFORM_APPLE_SSLVPN
742 
743  bool mb_PreferenceMgrCreated;
744  bool mb_StandaloneConnection;
745  bool mb_UsingEventModel;
746  bool mb_UserResponse;
747  bool mb_IsUserResponseSet;
748  bool mb_PerformedAutoCertEnrollment;
749  tstring ms_PostEnrollmentConnectHost;
750  bool mb_CaptivePortalMsgDisplayed;
751  bool m_bSuppressMinimizeOnConnect;
752  bool m_bSuppressConnectionErrorPopups;
753  bool m_bLastConnectionAutomatic;
754  bool m_bImportCertResp;
755  bool m_bPrevMsgWasStateMsg;
756 
757  unsigned int mui_OperatingMode;
758  NETENV_STATE m_currentNetEnvState;
759  NETENV_STATE m_previousNetEnvState;
760  NETCTRL_STATE m_currentNetCtrlState;
761  NETWORK_TYPE m_currentNetType;
762  bool m_bACBrowserForCPRemediation;
763 
764  tstring ms_message;
765 
766  time_t m_disconnectTime;
767 
768  static std::string ms_ThreadName;
769 
770  CManualLock* m_pClientIfcStateLock;
771  CManualLock* m_pClientIfcLock;
772  CManualLock* m_pClientIfcPromptsLock;
773  CManualLock* m_pClientIfcOpModeLock;
774  CManualLock* m_pClientIfcAHSLock;
775  CManualLock* m_pClientIfcConnectModeLock;
776  CManualLock* m_pClientIfcInformAgentOfSCEPLock;
777 
778 #if defined(MEMORY_LOGGING_SUPPORTED)
779  boost::shared_ptr<ACLoggerImpl> m_spACLoggerImpl;
780 #endif
781  std::vector<tstring> msl_AHSSelectedHosts;
782  ApiThread* m_pAHSThread;
783  unsigned int m_uiAHSState;
784 #if defined(CREDENTIAL_PREFILL_SUPPORTED)
785  CredentialPrefill* m_pCredentialPrefill;
786 #endif
787  VPNError m_lastVpnError;
788 
789  static volatile bool mb_deleteFirstPass;
790 
791  ConnectMgr &getConnectMgr();
792 
793  ProfileMgr &getProfileMgr();
794  UserPreferences &getUserPreferences();
795 
796  void displayAgentAttachMessage();
797 
798  void setLastDisconnectTime(time_t time);
799 
800  void setCurrentStatePrompts(const VPNState state,
801  const VPNState prevState,
802  const VPNSubState subState,
803  const bool bUpdateStateMsg);
804  void setCurrentStateErrorMessage(VPNState state, CONNECT_FAILURE_REASON cfr);
805  void getStateMessage(const VPNState state,
806  const VPNState prevState,
807  const VPNSubState subState,
808  const NETENV_STATE neState,
809  /*out*/ MsgWithArg& stateMessage);
810 
811  // IPreferenceUpdateCB methods
812  virtual void OnLoadPreferencesComplete();
813  virtual bool IsPreferenceOverridable(const PreferenceId ePreferenceId);
814  virtual void OverridePreferenceValue(const PreferenceId ePreferenceId,
815  tstring& rPrefenceValue,
816  bool& rbOverriden);
817 
818  void RefreshPreferences(void);
819 
820  void displayAHSPrompt(const bool isComplete);
821  void handleAHSPreferences(const unsigned int uiReason);
822  void setAHSState(const unsigned int ahsState);
823 
824  bool autoConnectIfEnabled(const bool suppressAutoConnect);
825 
826  void clearUserSetResponseFlag();
827 
828 #if defined(SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED)
829  bool processSCEPIpcMessage(CIpcMessage *pIpcMessage);
830  bool isSCEPRedirect();
831  void processSCEPRedirect();
832 #endif // SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED
833 
834  bool hasConnectCapabilities();
835  bool hasMgmtCapabilities();
836 
837  ClientIfcBase(const ClientIfcBase& other);
838  ClientIfcBase& operator=(const ClientIfcBase& other);
839 
840 #ifdef ANYCONNECT_USE_SNAK
841  bool initializeSNAK(bool bUseExistingInstanceIfAvail);
842  void destroySNAK();
843  ManagedCertificate *convertSnakToManagedCertificate(const ManagedCertHandle &snakCert);
844 #endif
845 };
846 
847 
848 #endif // _CLIENTIFCBASE_
WMHintReason
WMHintReason
Definition: api.h:187
PreferenceId
PreferenceId
Definition: api.h:261
MessageType
MessageType
Definition: api.h:93
WMHint
WMHint
Definition: api.h:168
VPNState
VPNState
Definition: api.h:123
MsgType_Info
Definition: api.h:98
VPNError
VPNError
Definition: api.h:553
VPNSubState
VPNSubState
Definition: api.h:147
OperatingMode
OperatingMode
Definition: api.h:501
ConnectPromptType
ConnectPromptType
Definition: api.h:211
tstring
#define tstring
Definition: api.h:24
ConnectPromptInfo
Definition: ConnectPromptInfo.h:36
VPNStats
Definition: VPNStats.h:34
PreferenceInfo
Definition: PreferenceInfo.h:26
IPreferenceUpdateCB
Definition: PreferenceUpdate.h:19
ClientIfcBase
Definition: ClientIfcBase.h:160
api.h