![]() |
AnyConnect Secure Mobility Client 4.7.03052
|
00001 /************************************************************************** 00002 * Copyright (c) 2006, Cisco Systems, All Rights Reserved 00003 *************************************************************************** 00004 * 00005 * File: ClientIfcBase.h 00006 * Author: Chris Fitzgerald 00007 * Date: 08/2007 00008 * 00009 *************************************************************************** 00010 * 00011 * Client Interface Base class implementation for the Client API. 00012 * 00013 ***************************************************************************/ 00014 00015 // The ClientIfcBase class contains the majority of private methods and members. 00016 // The purpose of this class is to hide all but the necessary methods from 00017 // being exposed. 00018 // 00019 00020 #ifndef _CLIENTIFCBASE_ 00021 #define _CLIENTIFCBASE_ 00022 00023 #include <list> 00024 #include <vector> 00025 00026 /* 00027 * When changing the SCRIPTING_SUPPORTED or INTERPROCESS_COMMUNICATION_SUPPORTED definition, 00028 * you MUST also update GenDefs.h! 00029 * We duplicate this definition here due to the manner in which we distribute our 00030 * code to partners; we cannot include GenDefs.h from here. 00031 */ 00032 #if !defined(PLATFORM_APPLE_SSLVPN) && !defined(PLATFORM_ANDROID) && !defined(PLATFORM_WIN_APP) 00033 #define SCRIPTING_SUPPORTED 00034 #endif 00035 #if !defined(PLATFORM_WIN_APP) 00036 #define INTERPROCESS_COMMUNICATION_SUPPORTED 00037 #endif 00038 00039 /* 00040 * When changing the SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED definition, you MUST also update GenDefs.h! 00041 * We duplicate this definition here due to the manner in which we distribute our 00042 * code to partners; we cannot include GenDefs.h from here. 00043 */ 00044 #if defined(_WIN32) || defined(_WIN32_WCE) || defined(PLATFORM_DARWIN) || defined(PLATFORM_LINUX) || defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN) 00045 #define SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED 00046 #endif 00047 00048 /* 00049 * When changing the HOST_DATA_SUPPORTED definition, you MUST also update GenDefs.h! 00050 * We duplicate this definition here due to the manner in which we distribute our 00051 * code to partners; we cannot include GenDefs.h from here. 00052 */ 00053 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_CHROMEBOOK) 00054 #define HOST_DATA_SUPPORTED 00055 #endif 00056 00057 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) || defined(PRODUCT_TYPE_SSA) 00058 /* 00059 ** the MANUAL_PKCS12_IMPORT_SUPPORTED define is used to track the platforms 00060 ** where the manual import of PKCS12 certificates is supported. This is to avoid repeating the 00061 ** platforms in #ifdef clauses in other files. 00062 */ 00063 #define MANUAL_PKCS12_IMPORT_SUPPORTED 00064 #endif 00065 00066 #if defined(PLATFORM_ANDROID) 00067 #define MEMORY_LOGGING_SUPPORTED 00068 #endif 00069 00070 #if defined(PLATFORM_ANDROID) 00071 #define PROGRAM_DATA_IMPORT_SUPPORTED 00072 #endif 00073 00074 #if defined(PLATFORM_ANDROID) 00075 // Credentials for a connection can be prefilled via uri handling or API calls 00076 #define CREDENTIAL_PREFILL_SUPPORTED 00077 #endif 00078 00079 #if defined(MANUAL_PKCS12_IMPORT_SUPPORTED) && !defined(__GENDEFS_H) 00080 #if defined(HAVE_STDINT_H) 00081 #include <stdint.h> 00082 #else 00083 typedef unsigned char uint8_t; 00084 #endif // HAVE_STDINT_H 00085 #endif // MANUAL_PKCS12_IMPORT_SUPPORTED 00086 00087 #if defined(MEMORY_LOGGING_SUPPORTED) 00088 #include "boost/shared_ptr.hpp" 00089 #include "IACLogger.h" 00090 #endif // MEMORY_LOGGING_SUPPORTED 00091 00092 #include "api.h" 00093 #include "PreferenceUpdate.h" 00094 00095 #if defined(PLATFORM_WIN_APP) 00096 typedef unsigned char uint8_t; 00097 #endif 00098 00099 #if defined(HOST_DATA_SUPPORTED) 00100 #include "IHostData.h" 00101 #endif 00102 00103 #if defined(ANYCONNECT_USE_SNAK) 00104 #include "Utility/PluginLoader.h" 00105 #include "SNAK_CertPlugin.h" 00106 #include "SNAK_SocketPlugin.h" 00107 #include "SNAK_StoragePlugin.h" 00108 #endif 00109 00110 class ConnectPromptInfo; 00111 class ConnectMgr; 00112 class MsgWithArg; 00113 class VPNStats; 00114 class AgentIfc; 00115 class ProfileMgr; 00116 class ApiThread; 00117 class EventMgr; 00118 class PreferenceMgr; 00119 class PreferenceInfo; 00120 class UserPreferences; 00121 class CScriptingMgr; 00122 class CManualLock; 00123 class ProxyIfc; 00124 class CIpcMessage; 00125 class SCEPIfc; 00126 class CertObj; 00127 class CExecutionContext; 00128 class HostEntry; 00129 00130 #if defined(CREDENTIAL_PREFILL_SUPPORTED) 00131 class CredentialPrefill; 00132 #endif 00133 00134 #if !defined(PLATFORM_APPLE_SSLVPN) 00135 class CStoragePath; 00136 #endif 00137 00138 #ifdef ANYCONNECT_USE_SNAK 00139 class PluginLoader; 00140 class SNAK_StoragePlugin; 00141 class SNAK_CertPlugin; 00142 class SNAK_SocketPlugin; 00143 class SNAK_DeviceInfoPlugin; 00144 class SNAKDeviceInfoPluginCBImpl; 00145 #endif // ANYCONNECT_USE_SNAK 00146 00147 #if defined(ANYCONNECT_USE_SNAK) || defined(PLATFORM_APPLE_SSLVPN) 00148 class ManagedCertificate; 00149 class ManagedCertHandle; 00150 #endif // ANYCONNECT_USE_SNAK || PLATFORM_APPLE_SSLVPN 00151 00152 #ifdef MEMORY_LOGGING_SUPPORTED 00153 class ACLoggerImpl; 00154 #endif 00155 00156 #if defined(PROGRAM_DATA_IMPORT_SUPPORTED) 00157 class IACImporterAsync; 00158 class IACImporterAsyncCB; 00159 #endif 00160 00161 class VPN_VPNAPI ClientIfcBase : private IPreferenceUpdateCB 00162 { 00163 friend class EventMgr; 00164 00165 protected: 00166 00167 /** 00168 * Callback used to deliver new statistics related to the VPN 00169 * connection. 00170 * 00171 * When a connection is active, a new set of statistics is 00172 * delivered each second. 00173 * 00174 * @see resetStats(), stopStats() and startStats() 00175 * 00176 */ 00177 virtual void StatsCB(VPNStats &stats) = 0; 00178 00179 00180 /** 00181 * Callback used to deliver VPN state and state change string. 00182 * The stateString delivered by this method is localized. 00183 * 00184 * See the ::VPNState enum found in api.h for set of valid states. 00185 */ 00186 virtual void StateCB(const VPNState state, 00187 const VPNSubState subState, 00188 const tstring stateString) = 0; 00189 00190 00191 /** 00192 * If a banner needs to be acknowledged, this CB delivers the banner 00193 * to the client. 00194 * 00195 * NOTE: Connection establishment will block until the method 00196 * setBannerResponse() is called. 00197 * 00198 * In a GUI, a banner would typically be displayed in a modal dialog 00199 * with an accept or decline button selection. 00200 * 00201 * @see setBannerResponse() to set the user response to the banner. 00202 */ 00203 virtual void BannerCB(const tstring &banner) = 0; 00204 00205 00206 /** 00207 * Messages are delivered via the NoticeCB and can come from multiple 00208 * sources. There are four message types (error, warning, info and 00209 * status). See the ::MessageType enum in api.h for the list. 00210 * 00211 * Clients using the API as an embedded application (not 00212 * user visible) might want to further characterize 00213 * messages. One option here is to use the AnyConnect message 00214 * catalog and assign message codes as the translations for 00215 * various messages. An application could then track messages based 00216 * on its own error code scheme. 00217 */ 00218 virtual void NoticeCB(const tstring notice, 00219 const MessageType type) = 0; 00220 00221 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) || defined(PLATFORM_CHROMEBOOK) 00222 virtual void CertBannerCB(const tstring &certBannerSummary, 00223 const uint32_t nCertBannerCertLen, 00224 const uint8_t *pCertBannerCertDer, 00225 const std::list<tstring> &confirmReasons, 00226 const std::list<CertConfirmReason> &confirmReasonEnums, 00227 bool bImportAllowed = true) = 0; 00228 #endif 00229 00230 /** 00231 * This CB would likely occur only during a connection when it was 00232 * detected that the software needed to be upgraded, or when Start 00233 * Before Logon (SBL) is being used. 00234 * 00235 * Unlike the other callback methods, this method provides a default 00236 * implementation (calling the system's exit() function). 00237 * If clients of the API wish to override this behavior, they are 00238 * responsible for ensuring that the current running process exits with 00239 * the return code specified by returnCode. 00240 * 00241 * <b>Caution</b>: IF YOU OVERRIDE THIS METHOD AND DO NOT EXIT WITH 00242 * THE PROPER CODE SOFTWARE UPDATE FUNCTIONALITY IN YOUR CLIENT WILL 00243 * BREAK 00244 */ 00245 virtual void ExitNoticeCB(const tstring &tstrNotice, 00246 const int returnCode); 00247 00248 00249 /** 00250 * Under normal operating conditions, this CB is called as soon 00251 * as the attach method completes. In case the service (vpn agent) 00252 * is not ready, this CB is not called until it is. 00253 * 00254 * Any API calls made prior to this CB being called will result in a 00255 * NoticeCB error message. 00256 */ 00257 virtual void ServiceReadyCB() = 0; 00258 00259 00260 00261 /** 00262 * This method supports prompting for single or multiple values. All 00263 * prompts are considered mandatory. 00264 * 00265 * The ConnectPromptInfo object contains a list of PromptEntry 00266 * instances. The labels and their default values (if any) can be 00267 * found in these instances. After the data has been collected from the user 00268 * it can be set into these same instances. When ready, the client 00269 * application should call the method UserSubmit() to have the 00270 * responses read by the API. 00271 */ 00272 virtual void UserPromptCB(ConnectPromptInfo &ConnectPrompt) = 0; 00273 00274 00275 /** 00276 * Use this method to provide Window Manager hints to GUI 00277 * applications. To receive these hints, the application must 00278 * identify itself as a GUI in the attach method. In addition, this 00279 * method should be overriden to receive any generated events. 00280 * 00281 * Event that can be received include those indicating that a user is 00282 * starting a second instance of the GUI application. This information 00283 * can be used to tell the already running application to un-minimize 00284 * itself and let the new program know that it should Quit (since a GUI 00285 * is already running). 00286 */ 00287 virtual void WMHintCB(const WMHint hint, 00288 const WMHintReason reason); 00289 00290 00291 /** 00292 * This method is useful when the connection to the secure gateway 00293 * has been established as part of a web-launch of the VPN tunnel. 00294 * 00295 * If the client application wishes to be notified of the secure 00296 * gateway to which the VPN has been established, this method should 00297 * be overriden. 00298 * 00299 * If the client application is started and a tunnel is already active, 00300 * this method also delivers the name of the secure gateway host. 00301 */ 00302 virtual void deliverWebLaunchHostCB(const tstring &activeHost); 00303 00304 /** 00305 * This method is called when the preference to block untrusted 00306 * servers is enabled and the current VPN server being connected 00307 * to is untrusted. Clients should present an error to the user 00308 * notifying them that the current connection to rtstrUntrustedServer 00309 * is being blocked. The client should also provide a way for the 00310 * user to change the preference to block untrusted servers. 00311 * 00312 * The user response must be indicated using setCertBlockedResponse 00313 */ 00314 virtual void CertBlockedCB(const tstring &rtstrUntrustedServer) = 0; 00315 00316 /** 00317 * This method is called when connections to untrusted VPN servers 00318 * is allowed by policies and the current VPN server being connected 00319 * to is untrusted. Clients should present a warning to the user 00320 * notifying them that the current connection to rtstrUntrustedServer 00321 * is unsafe. The reason the VPN server is untrusted is provided in 00322 * rltstrCertErrors. The client should provide a way for the user to 00323 * connect once, connect and always trust or cancel the connection. 00324 * If bAllowImport is set to false then the always trust option should 00325 * not be presented to users. 00326 * 00327 * The user response must be indicated using setCertWarningResponse 00328 */ 00329 virtual void CertWarningCB(const tstring &rtstrUntrustedServer, 00330 const std::list<tstring> &rltstrCertErrors, 00331 bool bAllowImport) = 0; 00332 00333 #if defined(PLATFORM_WIN_APP) 00334 /** 00335 * Same as above but also passes the Server certificate DER for details display 00336 */ 00337 virtual void CertWarningCB(const tstring &rtstrUntrustedServer, 00338 const std::list<tstring> &rltstrCertErrors, 00339 const std::vector<uint8_t> &rvServerCertDER, 00340 bool bAllowImport) = 0; 00341 #endif 00342 00343 /** 00344 * This method can be overriden if the client application wishes to 00345 * exercise some control over the delivery of events from the other 00346 * protected methods in this class. 00347 * 00348 * This might be necessary in cases where a GUI is being written and 00349 * the data from this API needs to be delivered in the GUI or main 00350 * thread. In this case, you should override this method and when it 00351 * is called by the API post an event to your event queue (message 00352 * pump, etc.). After this event executes in your GUI or main thread, 00353 * call the method ClientIfc::ProcessEvents to have events delivered 00354 * to your client application. 00355 */ 00356 virtual void EventAvailable(); 00357 00358 #ifdef MANUAL_PKCS12_IMPORT_SUPPORTED 00359 virtual void ImportPKCS12ResultCB(const std::vector<uint8_t> &certHash, const tstring &tstrError); 00360 #endif 00361 #ifdef PLATFORM_ANDROID 00362 virtual void ClientCertificateCB(std::vector< std::pair<uint32_t, uint8_t*> > certList) = 0; 00363 virtual void AgentDetachedCB(); 00364 #endif 00365 00366 AgentIfc &getAgentIfc(); 00367 00368 ClientIfcBase(); 00369 00370 00371 public: 00372 00373 virtual bool attach(ClientType clientType = ClientType_GUI, 00374 bool requestFullCapabilities = true, 00375 bool suppressAutoConnect = true); 00376 00377 virtual void detach(); 00378 00379 virtual void ProcessEvents(); 00380 00381 virtual bool hasFullCapabilities(); 00382 00383 virtual bool isConnected(); 00384 00385 virtual bool isAvailable(); 00386 00387 virtual std::list<tstring> getHostNames(); 00388 00389 virtual std::list<HostEntry> getHostEntries(); 00390 00391 virtual tstring getDefaultHostName(); 00392 00393 #if defined(HOST_DATA_SUPPORTED) 00394 virtual bool connect(const IHostData& hostData); 00395 00396 bool connect(const IHostData& hostData, 00397 unsigned int origin); 00398 #else 00399 virtual bool connect(tstring host); 00400 00401 bool connect(tstring host, 00402 unsigned int origin); 00403 #endif 00404 00405 virtual bool setNewTunnelGroup(const tstring & group); 00406 00407 virtual void disconnect(); 00408 00409 virtual void cancel(); 00410 00411 virtual void resetStats(); 00412 00413 virtual void getState(); 00414 00415 VPNState getCurrentState(); 00416 VPNSubState getCurrentSubState(); 00417 VPNSubState getPreviousSubState(); 00418 00419 tstring getStateText(); 00420 static tstring getNoticeTypeText(MessageType msgType); 00421 00422 static tstring getStateText(VPNState state, 00423 VPNSubState subState = VPNSS_NORMAL, 00424 NETENV_STATE netEnvState = NES_NETWORK_ACCESSIBLE, 00425 const tstring& tstrConnectedHost = tstring()); 00426 00427 void setNetworkStates(NETENV_STATE netEnvState, 00428 NETCTRL_STATE netCtrlState, 00429 NETWORK_TYPE netType, 00430 bool bACBrowserForCPRemediation, 00431 bool bUpdateUI); 00432 void refreshOperatingModeForCurrentNetStates(); 00433 NETENV_STATE getCurrentNetEnvState(); 00434 NETENV_STATE getPreviousNetEnvState(); 00435 NETCTRL_STATE getCurrentNetCtrlState(); 00436 NETWORK_TYPE getCurrentNetType(); 00437 bool isACBrowserForCPRemediation(); 00438 00439 static tstring getNetCtrlText(NETCTRL_STATE netCtrlState); 00440 static tstring getNetEnvText(NETENV_STATE netEnvState, 00441 bool bSimple = false); 00442 static tstring getNetTypeText(NETWORK_TYPE netType); 00443 static tstring getQuarantinedStatusText(); 00444 static tstring getNetworkStatusSimpleText(const NETENV_STATE netEnvState, 00445 const NETCTRL_STATE netCtrlState); 00446 00447 // can't be static due to requiring operating mode information 00448 tstring getNetworkStatusText(const VPNState state, 00449 const VPNSubState subState, 00450 const NETENV_STATE netEnvState, 00451 const NETCTRL_STATE netCtrlState); 00452 00453 PreferenceInfo &getPreferences(); 00454 00455 bool savePreferences(); 00456 00457 virtual void startStats(); 00458 00459 virtual void stopStats(); 00460 00461 virtual void UserSubmit(); 00462 00463 void setBanner(const tstring &banner); 00464 void setBannerResponse(bool bResponse); 00465 bool getUserResponse(); 00466 bool isUserResponseSet(); 00467 00468 void setCertBlocked(const tstring &tstrUntrustedServer); 00469 void setCertWarning(const tstring &rtstrUntrustedServer, 00470 const std::list<tstring> &rltstrCertErrors, 00471 bool bAllowImport); 00472 #if defined(PLATFORM_WIN_APP) 00473 void setCertWarning(const tstring &rtstrUntrustedServer, 00474 const std::list<tstring> &rltstrCertErrors, 00475 const std::vector<uint8_t>& rvServerCertDER, 00476 bool bAllowImport); 00477 #endif 00478 bool getCertImportResponse(); 00479 00480 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) || defined(PLATFORM_CHROMEBOOK) 00481 void setCertBanner(tstring tstrCertBannerSummary, 00482 uint32_t nCertBannerCertLen, 00483 const uint8_t *pCertBannerCertDer, 00484 const std::list<tstring> &confirmReasons, 00485 const std::list<CertConfirmReason> &confirmReasonEnums, 00486 bool bImportAllowed); 00487 00488 void setCertBannerResponse(bool bResponse, bool bImportCert); 00489 void importServerCert(std::vector<uint8_t> certData); 00490 bool setFipsMode(bool bEnableFips); 00491 #if defined(PLATFORM_ANDROID) 00492 bool setStrictMode(bool bEnableStrictMode); 00493 bool setRevocationEnabled(bool bRevocationEnabled); 00494 bool IsRevocationEnabled(); 00495 #endif // currently supported only for android 00496 #endif 00497 00498 void setUserPrompt(ConnectPromptInfo &ConnectPrompt); 00499 00500 #ifdef PLATFORM_ANDROID 00501 void setClientCertResponse(std::vector< std::pair<uint32_t, uint8_t*> > &derList); 00502 void setAgentDetached(); 00503 bool getClientCertificates(); 00504 #endif 00505 00506 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) 00507 void setSCEPEnrollInProgress(bool bInProgress); 00508 bool isSCEPEnrollInProgress(); 00509 #endif // PLATFORM_APPLE_SSLVPN || PLATFORM_ANDROID 00510 00511 #ifdef MANUAL_PKCS12_IMPORT_SUPPORTED 00512 void setImportPKCS12Result(const std::vector<uint8_t> &certHash, const tstring &tstrError); 00513 bool requestImportPKCS12(const std::vector<uint8_t> &data); 00514 std::vector<uint8_t> importPKCS12WithPassword(const std::vector<uint8_t> &data, const tstring &password); 00515 #endif 00516 00517 void setCertBlockedResponse(bool bUnlock); 00518 void setCertWarningResponse(bool bConnect, bool bImportCert); 00519 00520 void insertStateToConnectPrompt(ConnectPromptInfo &ConnectPrompt); 00521 00522 void ExitNotice(const tstring &tstrNotice, const int code = 0); 00523 00524 void notice(const tstring tstrNotice, 00525 const MessageType type = MsgType_Info, 00526 bool bClearLastMsg = false, 00527 bool bForce = false); 00528 00529 void notice(MsgWithArg ¬ice, 00530 const MessageType type = MsgType_Info, 00531 bool bClearLastMsg = false, 00532 bool bForce = false); 00533 00534 void getStats(void); 00535 00536 void setStats(VPNStats &stats); 00537 00538 void exportStats(const tstring &tstrFilePath); 00539 00540 void setState(VPNState state, 00541 VPNState previousState, 00542 VPNSubState subState = VPNSS_NORMAL, 00543 bool bUpdateStateMsg = true, 00544 bool bOnlyUpdateUI = false); 00545 00546 #if defined(MEMORY_LOGGING_SUPPORTED) 00547 boost::shared_ptr<IACLogger> getACLogger(); 00548 00549 void enqueueAgentLogMessages(const std::list<ACLogEntry> &msgList); 00550 00551 void receiveAgentLogMessages(const std::list<ACLogEntry> &msgList); 00552 #endif 00553 00554 #ifdef PROGRAM_DATA_IMPORT_SUPPORTED 00555 IACImporterAsync *createACImporter(IACImporterAsyncCB *pCallback); 00556 #endif 00557 00558 void setWMHint(WMHint hint, 00559 WMHintReason reason); 00560 00561 bool isLastConnectType (const ConnectPromptType connPromptType); 00562 00563 bool isOperatingMode(OperatingMode opMode); 00564 void setOperatingMode(OperatingMode opMode); 00565 void unsetOperatingMode(OperatingMode opMode); 00566 00567 bool CanRemediateCaptivePortal(); 00568 bool policyAllowsCaptivePortalRemediation(); 00569 00570 bool isEventShutdown(); 00571 00572 bool isUsingEventModel(); 00573 00574 time_t getLastDisconnectTime(); 00575 00576 ConnectPromptInfo getConnectPromptInfo(); 00577 void resetConnectPromptPasswordData(); 00578 00579 void setStandaloneConnection(bool isStandalone); 00580 00581 void deliverActiveHost(const tstring &activeHost, 00582 ConnectProtocolType vpnProtocol = PROTOCOL_TYPE_UNKNOWN); 00583 00584 bool isVPNServiceReady(); 00585 00586 // reset last disconnect time indicator. 00587 // 00588 void resetLastDisconnectTime(time_t time = 1); 00589 00590 void processMinimize(); 00591 00592 // cert enrollment 00593 void setEnrollClientCert(CertObj* pCert); 00594 00595 // Show user banner for cert import warning on linux 00596 // SCEPIfc to ConnectMgr 00597 void linuxCertImportWarnUser(); 00598 00599 // Response to cert warning on linux 00600 // ConnectMgr to SCEPIfc 00601 void linuxCertImportWarnUserResponse(bool bAccept); 00602 00603 void setDefaultHost(tstring &host); 00604 00605 #if defined(HOST_DATA_SUPPORTED) 00606 void setDefaultHostProfile(const IHostData &hostProfile); 00607 IHostData* getDefaultHostData(); 00608 #endif // HOST_DATA_SUPPORTED 00609 00610 void setLastVpnError(VPNError vpnError); 00611 VPNError getLastVpnError(); 00612 00613 #ifdef PLATFORM_ANDROID 00614 bool requestClientCertificates(); 00615 #endif 00616 00617 bool requestImportLocalization(const tstring tstrLocale, 00618 const std::vector<unsigned char> &MoFileData); 00619 00620 // Start the Automatic Headend Selection operation 00621 void startAHS(const unsigned int uiReason, 00622 const ProxyIfc& proxy); 00623 // statusReturnCode is a long to match the current type of STATUSCODE. 00624 // It is not using a STATUSCODE directly so that we do not have to 00625 // expose the header files for STATUSCODEs to ClientIfcBase.h 00626 void AHSSelectedHost(const unsigned int uiReason, 00627 const std::vector<tstring> &headendList, 00628 const long statusReturnCode, 00629 const tstring& extraInfo); 00630 std::vector<tstring> getAHSHostList(); 00631 unsigned int getAHSState(); 00632 bool isAHSHasRun(); 00633 00634 bool suppressConnectionErrorPopups(); 00635 00636 tstring getCaptivePortalDetectedMsg(); 00637 00638 void setProxyAuthPrompts(ProxyIfc* pProxy, 00639 const tstring& promptMsg); 00640 00641 #if defined(INTERPROCESS_COMMUNICATION_SUPPORTED) 00642 bool handleIpcMessage(CIpcMessage *pIpcMessage); 00643 #endif 00644 bool IsCsdTokenVerified() const; 00645 00646 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) 00647 virtual void SCEPEnrollStartCB(); 00648 virtual void SCEPEnrollExitCB(); 00649 #endif // PLATFORM_APPLE_SSLVPN || PLATFORM_ANDROID 00650 00651 void activateConnectMgrTunnelInitiationCompletionEvent(); 00652 bool isConnectRequestActive(); 00653 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_CHROMEBOOK) 00654 bool deleteProfileByName(const tstring &profileName); 00655 tstring getProfileContents(const tstring &profileName); 00656 bool importProfile(const tstring &profileName, const tstring &profileContents); 00657 #endif // PLATFORM_ANDROID || PLATFORM_CHROMEBOOK 00658 00659 bool syncProfileChange(const tstring &profileName); 00660 00661 #if defined(CREDENTIAL_PREFILL_SUPPORTED) 00662 bool hasPrefilledCredentials(); 00663 bool prefillCredentials(ConnectPromptInfo &connectPrompt); 00664 void setPrefilledCredentials(CredentialPrefill *prefill); 00665 #endif 00666 00667 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN) 00668 std::list<ManagedCertificate *> enumerateCertificates(CertificateType certType); 00669 bool deleteCertificates(CertificateType certType, const std::list<std::string> &idList); 00670 bool deleteServerCertificates(const std::list<std::string> &idList); 00671 #endif // ANYCONNECT_USE_SNAK || PLATFORM_APPLE_SSLVPN 00672 00673 #if defined(ANYCONNECT_USE_SNAK) 00674 std::list<ManagedCertificate *> enumerateSNAKCertificates(SNAK_CertType certType); 00675 SNAK_CertType getSNAKCertType(CertificateType certType); 00676 bool deleteClientCertificates(const std::list<std::string> &idList); 00677 #endif // ANYCONNECT_USE_SNAK 00678 00679 #if defined(PLATFORM_APPLE_SSLVPN) 00680 bool canUseBackupServers(); 00681 00682 #endif //PLATFORM_APPLE_SSLVPN 00683 00684 virtual ~ClientIfcBase(); 00685 00686 tstring getConnectHost(); 00687 00688 tstring getMgmtTunnelHostname(); 00689 00690 VPN_TUNNEL_SCOPE getVpnTunnelScope(); 00691 00692 bool isStandaloneConnection(); 00693 00694 void sendSSoLogoutPrompt(ConnectPromptInfo &cpi); 00695 00696 private: 00697 CExecutionContext* m_pExecutionContext; 00698 CExecutionContext* m_pExecutionContextMgr; 00699 00700 AgentIfc *mo_AgentIfc; 00701 00702 ConnectMgr *mo_ConnectMgr; 00703 00704 ApiThread *mo_ConnectThread; 00705 00706 EventMgr *mo_EventMgr; 00707 00708 PreferenceMgr *mo_PreferenceMgr; 00709 00710 ConnectPromptInfo *mp_currentConnectPromptInfo; 00711 00712 PreferenceInfo *mo_EditablePrefs; 00713 00714 #if defined(SCRIPTING_SUPPORTED) 00715 CScriptingMgr *mo_ScriptingMgr; 00716 #endif // SCRIPTING_SUPPORTED 00717 00718 #if defined(SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED) 00719 SCEPIfc* m_pSCEPIfc; 00720 bool m_bInformedAgentOfSCEP; 00721 #endif // SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED 00722 #ifndef PLATFORM_APPLE_SSLVPN 00723 CStoragePath* m_pStoragePath; 00724 #endif // !PLATFORM_APPLE_SSLVPN 00725 00726 #ifdef ANYCONNECT_USE_SNAK 00727 PluginLoader *m_pPluginLoader; 00728 SNAK_CertPlugin *m_pSNAKCert; 00729 SNAK_SocketPlugin *m_pSNAKSocket; 00730 SNAK_StoragePlugin *m_pSNAKStorage; 00731 SNAK_DeviceInfoPlugin *m_pSNAKDeviceInfo; 00732 SNAKDeviceInfoPluginCBImpl *m_pSNAKDeviceInfoCB; 00733 00734 bool mb_SNAKInitialized; 00735 #endif 00736 00737 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN) 00738 bool mb_SCEPEnrollInProgress; 00739 #endif // PLATFORM_ANDROID || PLATFORM_APPLE_SSLVPN 00740 00741 bool mb_PreferenceMgrCreated; 00742 bool mb_StandaloneConnection; 00743 bool mb_UsingEventModel; 00744 bool mb_UserResponse; 00745 bool mb_IsUserResponseSet; 00746 bool mb_PerformedAutoCertEnrollment; 00747 tstring ms_PostEnrollmentConnectHost; 00748 bool mb_CaptivePortalMsgDisplayed; 00749 bool m_bSuppressMinimizeOnConnect; 00750 bool m_bSuppressConnectionErrorPopups; 00751 bool m_bLastConnectionAutomatic; 00752 bool m_bImportCertResp; 00753 00754 unsigned int mui_OperatingMode; 00755 NETENV_STATE m_currentNetEnvState; 00756 NETENV_STATE m_previousNetEnvState; 00757 NETCTRL_STATE m_currentNetCtrlState; 00758 NETWORK_TYPE m_currentNetType; 00759 bool m_bACBrowserForCPRemediation; 00760 00761 tstring ms_message; 00762 00763 time_t m_disconnectTime; 00764 00765 static std::string ms_ThreadName; 00766 00767 CManualLock* m_pClientIfcStateLock; 00768 CManualLock* m_pClientIfcLock; 00769 CManualLock* m_pClientIfcPromptsLock; 00770 CManualLock* m_pClientIfcOpModeLock; 00771 CManualLock* m_pClientIfcAHSLock; 00772 CManualLock* m_pClientIfcConnectModeLock; 00773 CManualLock* m_pClientIfcInformAgentOfSCEPLock; 00774 00775 #if defined(MEMORY_LOGGING_SUPPORTED) 00776 boost::shared_ptr<ACLoggerImpl> m_spACLoggerImpl; 00777 #endif 00778 std::vector<tstring> msl_AHSSelectedHosts; 00779 ApiThread* m_pAHSThread; 00780 unsigned int m_uiAHSState; 00781 #if defined(CREDENTIAL_PREFILL_SUPPORTED) 00782 CredentialPrefill* m_pCredentialPrefill; 00783 #endif 00784 VPNError m_lastVpnError; 00785 00786 static volatile bool mb_deleteFirstPass; 00787 00788 ConnectMgr &getConnectMgr(); 00789 00790 ProfileMgr &getProfileMgr(); 00791 UserPreferences &getUserPreferences(); 00792 00793 void displayAgentAttachMessage(); 00794 00795 void setLastDisconnectTime(time_t time); 00796 00797 void setCurrentStatePrompts(const VPNState state, 00798 const VPNState prevState, 00799 const VPNSubState subState, 00800 const bool bUpdateStateMsg); 00801 void setCurrentStateErrorMessage(VPNState state, CONNECT_FAILURE_REASON cfr); 00802 void getStateMessage(const VPNState state, 00803 const VPNState prevState, 00804 const VPNSubState subState, 00805 const NETENV_STATE neState, 00806 /*out*/ MsgWithArg& stateMessage); 00807 00808 // IPreferenceUpdateCB methods 00809 virtual void OnLoadPreferencesComplete(); 00810 virtual bool IsPreferenceOverridable(const PreferenceId ePreferenceId); 00811 virtual void OverridePreferenceValue(const PreferenceId ePreferenceId, 00812 tstring& rPrefenceValue, 00813 bool& rbOverriden); 00814 00815 void RefreshPreferences(void); 00816 00817 void displayAHSPrompt(const bool isComplete); 00818 void handleAHSPreferences(const unsigned int uiReason); 00819 void setAHSState(const unsigned int ahsState); 00820 00821 bool autoConnectIfEnabled(const bool suppressAutoConnect); 00822 00823 void clearUserSetResponseFlag(); 00824 00825 #if defined(SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED) 00826 bool processSCEPIpcMessage(CIpcMessage *pIpcMessage); 00827 bool isSCEPRedirect(); 00828 void processSCEPRedirect(); 00829 #endif // SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED 00830 00831 bool hasConnectCapabilities(); 00832 bool hasMgmtCapabilities(); 00833 00834 ClientIfcBase(const ClientIfcBase& other); 00835 ClientIfcBase& operator=(const ClientIfcBase& other); 00836 00837 #ifdef ANYCONNECT_USE_SNAK 00838 bool initializeSNAK(bool bUseExistingInstanceIfAvail); 00839 void destroySNAK(); 00840 ManagedCertificate *convertSnakToManagedCertificate(const ManagedCertHandle &snakCert); 00841 #endif 00842 }; 00843 00844 00845 #endif // _CLIENTIFCBASE_