AnyConnect Secure Mobility Client 4.7.03052

include/ClientIfcBase.h

00001 /**************************************************************************
00002 *       Copyright (c) 2006, Cisco Systems, All Rights Reserved
00003 ***************************************************************************
00004 *
00005 *  File:    ClientIfcBase.h
00006 *  Author:  Chris Fitzgerald
00007 *  Date:    08/2007
00008 *
00009 ***************************************************************************
00010 *
00011 *   Client Interface Base class implementation for the Client API.
00012 *
00013 ***************************************************************************/
00014 
00015 // The ClientIfcBase class contains the majority of private methods and members.
00016 // The purpose of this class is to hide all but the necessary methods from
00017 // being exposed.
00018 //
00019 
00020 #ifndef _CLIENTIFCBASE_
00021 #define _CLIENTIFCBASE_
00022 
00023 #include <list>
00024 #include <vector>
00025 
00026 /*
00027  * When changing the SCRIPTING_SUPPORTED or INTERPROCESS_COMMUNICATION_SUPPORTED definition,
00028  * you MUST also update GenDefs.h!
00029  * We duplicate this definition here due to the manner in which we distribute our
00030  * code to partners; we cannot include GenDefs.h from here.
00031  */
00032 #if !defined(PLATFORM_APPLE_SSLVPN) && !defined(PLATFORM_ANDROID) && !defined(PLATFORM_WIN_APP)
00033 #define SCRIPTING_SUPPORTED
00034 #endif
00035 #if !defined(PLATFORM_WIN_APP)
00036 #define INTERPROCESS_COMMUNICATION_SUPPORTED
00037 #endif
00038 
00039 /*
00040  * When changing the SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED definition, you MUST also update GenDefs.h!
00041  * We duplicate this definition here due to the manner in which we distribute our
00042  * code to partners; we cannot include GenDefs.h from here.
00043  */
00044 #if defined(_WIN32) || defined(_WIN32_WCE) || defined(PLATFORM_DARWIN) || defined(PLATFORM_LINUX) || defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN)
00045 #define SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED
00046 #endif
00047 
00048 /*
00049  * When changing the HOST_DATA_SUPPORTED definition, you MUST also update GenDefs.h!
00050  * We duplicate this definition here due to the manner in which we distribute our
00051  * code to partners; we cannot include GenDefs.h from here.
00052  */
00053 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_CHROMEBOOK)
00054 #define HOST_DATA_SUPPORTED
00055 #endif
00056 
00057 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) || defined(PRODUCT_TYPE_SSA)
00058 /*
00059  ** the MANUAL_PKCS12_IMPORT_SUPPORTED define is used to track the platforms
00060  ** where the manual import of PKCS12 certificates is supported. This is to avoid repeating the
00061  ** platforms in #ifdef clauses in other files.
00062  */
00063 #define MANUAL_PKCS12_IMPORT_SUPPORTED
00064 #endif
00065 
00066 #if defined(PLATFORM_ANDROID)
00067 #define MEMORY_LOGGING_SUPPORTED
00068 #endif
00069 
00070 #if defined(PLATFORM_ANDROID)
00071 #define PROGRAM_DATA_IMPORT_SUPPORTED
00072 #endif
00073 
00074 #if defined(PLATFORM_ANDROID)
00075 // Credentials for a connection can be prefilled via uri handling or API calls
00076 #define CREDENTIAL_PREFILL_SUPPORTED
00077 #endif
00078 
00079 #if defined(MANUAL_PKCS12_IMPORT_SUPPORTED) && !defined(__GENDEFS_H)
00080 #if defined(HAVE_STDINT_H)
00081 #include <stdint.h>
00082 #else
00083 typedef unsigned char uint8_t;
00084 #endif // HAVE_STDINT_H
00085 #endif // MANUAL_PKCS12_IMPORT_SUPPORTED
00086 
00087 #if defined(MEMORY_LOGGING_SUPPORTED)
00088 #include "boost/shared_ptr.hpp"
00089 #include "IACLogger.h"
00090 #endif // MEMORY_LOGGING_SUPPORTED
00091 
00092 #include "api.h"
00093 #include "PreferenceUpdate.h"
00094 
00095 #if defined(PLATFORM_WIN_APP)
00096 typedef unsigned char uint8_t;
00097 #endif
00098 
00099 #if defined(HOST_DATA_SUPPORTED)
00100 #include "IHostData.h"
00101 #endif
00102 
00103 #if defined(ANYCONNECT_USE_SNAK)
00104 #include "Utility/PluginLoader.h"
00105 #include "SNAK_CertPlugin.h"
00106 #include "SNAK_SocketPlugin.h"
00107 #include "SNAK_StoragePlugin.h"
00108 #endif 
00109 
00110 class ConnectPromptInfo;
00111 class ConnectMgr;
00112 class MsgWithArg;
00113 class VPNStats;
00114 class AgentIfc;
00115 class ProfileMgr;
00116 class ApiThread;
00117 class EventMgr;
00118 class PreferenceMgr;
00119 class PreferenceInfo;
00120 class UserPreferences;
00121 class CScriptingMgr;
00122 class CManualLock;
00123 class ProxyIfc;
00124 class CIpcMessage;
00125 class SCEPIfc;
00126 class CertObj;
00127 class CExecutionContext;
00128 class HostEntry;
00129 
00130 #if defined(CREDENTIAL_PREFILL_SUPPORTED)
00131 class CredentialPrefill;
00132 #endif
00133 
00134 #if !defined(PLATFORM_APPLE_SSLVPN)
00135 class CStoragePath;
00136 #endif
00137 
00138 #ifdef ANYCONNECT_USE_SNAK
00139 class PluginLoader;
00140 class SNAK_StoragePlugin;
00141 class SNAK_CertPlugin;
00142 class SNAK_SocketPlugin;
00143 class SNAK_DeviceInfoPlugin;
00144 class SNAKDeviceInfoPluginCBImpl;
00145 #endif // ANYCONNECT_USE_SNAK
00146 
00147 #if defined(ANYCONNECT_USE_SNAK) || defined(PLATFORM_APPLE_SSLVPN)
00148 class ManagedCertificate;
00149 class ManagedCertHandle;
00150 #endif // ANYCONNECT_USE_SNAK || PLATFORM_APPLE_SSLVPN
00151 
00152 #ifdef MEMORY_LOGGING_SUPPORTED
00153 class ACLoggerImpl;
00154 #endif
00155 
00156 #if defined(PROGRAM_DATA_IMPORT_SUPPORTED)
00157 class IACImporterAsync;
00158 class IACImporterAsyncCB;
00159 #endif
00160 
00161 class VPN_VPNAPI ClientIfcBase : private IPreferenceUpdateCB
00162 {
00163     friend class EventMgr;
00164 
00165     protected:
00166 
00167         /**
00168         * Callback used to deliver new statistics related to the VPN
00169         * connection.
00170         *
00171         * When a connection is active, a new set of statistics is
00172         * delivered each second.
00173         *
00174         * @see resetStats(), stopStats() and startStats()
00175         *
00176         */
00177         virtual void StatsCB(VPNStats &stats) = 0;
00178 
00179 
00180         /**
00181         * Callback used to deliver VPN state and state change string.
00182         * The stateString delivered by this method is localized.
00183         *
00184         * See the ::VPNState enum found in api.h for set of valid states.
00185         */
00186         virtual void StateCB(const VPNState state,
00187                              const VPNSubState subState,
00188                              const tstring stateString) = 0;
00189 
00190 
00191         /**
00192         * If a banner needs to be acknowledged, this CB delivers the banner
00193         * to the client.
00194         *
00195         * NOTE: Connection establishment will block until the method
00196         * setBannerResponse() is called.
00197         *
00198         * In a GUI, a banner would typically be displayed in a modal dialog
00199         * with an accept or decline button selection.
00200         *
00201         * @see setBannerResponse() to set the user response to the banner.
00202         */
00203         virtual void BannerCB(const tstring &banner) = 0;
00204 
00205 
00206         /**
00207         * Messages are delivered via the NoticeCB and can come from multiple
00208         * sources.  There are four message types (error, warning, info and
00209         * status).  See the ::MessageType enum in api.h for the list.
00210         *
00211         * Clients using the API as an embedded application (not
00212         * user visible) might want to further characterize
00213         * messages.  One option here is to use the AnyConnect message
00214         * catalog and assign message codes as the translations for
00215         * various messages.  An application could then track messages based
00216         * on its own error code scheme.
00217         */    
00218         virtual void NoticeCB(const tstring notice,
00219                               const MessageType type) = 0;
00220 
00221 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) || defined(PLATFORM_CHROMEBOOK)
00222         virtual void CertBannerCB(const tstring &certBannerSummary,
00223                                   const uint32_t nCertBannerCertLen,
00224                                   const uint8_t *pCertBannerCertDer,
00225                                   const std::list<tstring> &confirmReasons,
00226                                   const std::list<CertConfirmReason> &confirmReasonEnums,
00227                                   bool bImportAllowed = true) = 0;
00228 #endif
00229 
00230         /**
00231         * This CB would likely occur only during a connection when it was
00232         * detected that the software needed to be upgraded, or when Start
00233         * Before Logon (SBL) is being used.
00234         *
00235         * Unlike the other callback methods, this method provides a default
00236         * implementation (calling the system's exit() function).
00237         * If clients of the API wish to override this behavior, they are
00238         * responsible for ensuring that the current running process exits with
00239         * the return code specified by returnCode.
00240         *
00241         * <b>Caution</b>: IF YOU OVERRIDE THIS METHOD AND DO NOT EXIT WITH
00242         * THE PROPER CODE SOFTWARE UPDATE FUNCTIONALITY IN YOUR CLIENT WILL
00243         * BREAK
00244         */
00245         virtual void ExitNoticeCB(const tstring &tstrNotice,
00246                                   const int returnCode);
00247 
00248 
00249         /**
00250         * Under normal operating conditions, this CB is called as soon
00251         * as the attach method completes.  In case the service (vpn agent)
00252         * is not ready, this CB is not called until it is.
00253         *
00254         * Any API calls made prior to this CB being called will result in a
00255         * NoticeCB error message.
00256         */
00257         virtual void ServiceReadyCB() = 0;
00258 
00259 
00260 
00261         /**
00262         * This method supports prompting for single or multiple values.  All
00263         * prompts are considered mandatory.
00264         *
00265         * The ConnectPromptInfo object contains a list of PromptEntry
00266         * instances.  The labels and their default values (if any) can be
00267         * found in these instances.  After the data has been collected from the user
00268         * it can be set into these same instances.  When ready, the client
00269         * application should call the method UserSubmit() to have the
00270         * responses read by the API.
00271         */
00272         virtual void UserPromptCB(ConnectPromptInfo &ConnectPrompt) = 0;
00273 
00274 
00275         /**
00276         * Use this method to provide Window Manager hints to GUI
00277         * applications.  To receive these hints, the application must
00278         * identify itself as a GUI in the attach method.  In addition, this
00279         * method should be overriden to receive any generated events.
00280         *
00281         * Event that can be received include those indicating that a user is
00282         * starting a second instance of the GUI application.  This information
00283         * can be used to tell the already running application to un-minimize
00284         * itself and let the new program know that it should Quit (since a GUI
00285         * is already running).
00286         */
00287         virtual void WMHintCB(const WMHint hint,
00288                               const WMHintReason reason);
00289 
00290 
00291         /**
00292         * This method is useful when the connection to the secure gateway
00293         * has been established as part of a web-launch of the VPN tunnel.
00294         *
00295         * If the client application wishes to be notified of the secure
00296         * gateway to which the VPN has been established, this method should
00297         * be overriden.
00298         *
00299         * If the client application is started and a tunnel is already active,
00300         * this method also delivers the name of the secure gateway host.
00301         */
00302         virtual void deliverWebLaunchHostCB(const tstring &activeHost);
00303 
00304         /**
00305         * This method is called when the preference to block untrusted
00306         * servers is enabled and the current VPN server being connected
00307         * to is untrusted. Clients should present an error to the user
00308         * notifying them that the current connection to rtstrUntrustedServer
00309         * is being blocked. The client should also provide a way for the
00310         * user to change the preference to block untrusted servers.
00311         *
00312         * The user response must be indicated using setCertBlockedResponse
00313         */
00314         virtual void CertBlockedCB(const tstring &rtstrUntrustedServer) = 0;
00315 
00316         /**
00317         * This method is called when connections to untrusted VPN servers
00318         * is allowed by policies and the current VPN server being connected
00319         * to is untrusted. Clients should present a warning to the user
00320         * notifying them that the current connection to rtstrUntrustedServer
00321         * is unsafe. The reason the VPN server is untrusted is provided in
00322         * rltstrCertErrors. The client should provide a way for the user to
00323         * connect once, connect and always trust or cancel the connection.
00324         * If bAllowImport is set to false then the always trust option should
00325         * not be presented to users.
00326         *
00327         * The user response must be indicated using setCertWarningResponse
00328         */
00329         virtual void CertWarningCB(const tstring &rtstrUntrustedServer,
00330                                    const std::list<tstring> &rltstrCertErrors,
00331                                    bool bAllowImport) = 0;
00332 
00333 #if defined(PLATFORM_WIN_APP)
00334         /**
00335         * Same as above but also passes the Server certificate DER for details display
00336         */
00337         virtual void CertWarningCB(const tstring &rtstrUntrustedServer,
00338                                    const std::list<tstring> &rltstrCertErrors,
00339                                    const std::vector<uint8_t> &rvServerCertDER,
00340                                    bool bAllowImport) = 0;
00341 #endif
00342 
00343         /**
00344         * This method can be overriden if the client application wishes to
00345         * exercise some control over the delivery of events from the other
00346         * protected methods in this class.
00347         *
00348         * This might be necessary in cases where a GUI is being written and
00349         * the data from this API needs to be delivered in the GUI or main
00350         * thread.  In this case, you should override this method and when it
00351         * is called by the API post an event to your event queue (message
00352         * pump, etc.).  After this event executes in your GUI or main thread,
00353         * call the method ClientIfc::ProcessEvents to have events delivered
00354         * to your client application.
00355         */
00356         virtual void EventAvailable();
00357 
00358 #ifdef MANUAL_PKCS12_IMPORT_SUPPORTED
00359         virtual void ImportPKCS12ResultCB(const std::vector<uint8_t> &certHash, const tstring &tstrError);
00360 #endif        
00361 #ifdef PLATFORM_ANDROID
00362         virtual void ClientCertificateCB(std::vector< std::pair<uint32_t, uint8_t*> > certList) = 0;
00363         virtual void AgentDetachedCB();
00364 #endif
00365 
00366         AgentIfc &getAgentIfc();
00367 
00368         ClientIfcBase();
00369 
00370 
00371     public:
00372 
00373         virtual bool attach(ClientType clientType = ClientType_GUI,
00374                             bool requestFullCapabilities = true,
00375                             bool suppressAutoConnect = true);
00376 
00377         virtual void detach();
00378 
00379         virtual void ProcessEvents();
00380 
00381         virtual bool hasFullCapabilities();
00382 
00383         virtual bool isConnected();
00384 
00385         virtual bool isAvailable();
00386 
00387         virtual std::list<tstring> getHostNames();
00388 
00389         virtual std::list<HostEntry> getHostEntries();
00390 
00391         virtual tstring getDefaultHostName();
00392 
00393 #if defined(HOST_DATA_SUPPORTED)
00394         virtual bool connect(const IHostData& hostData);
00395                 
00396         bool connect(const IHostData& hostData,
00397                      unsigned int origin);
00398 #else
00399         virtual bool connect(tstring host);
00400 
00401         bool connect(tstring host,
00402                      unsigned int origin);
00403 #endif
00404 
00405         virtual bool setNewTunnelGroup(const tstring & group);
00406 
00407         virtual void disconnect();
00408 
00409         virtual void cancel();
00410 
00411         virtual void resetStats();
00412 
00413         virtual void getState();
00414 
00415         VPNState getCurrentState();
00416         VPNSubState getCurrentSubState();
00417         VPNSubState getPreviousSubState();
00418 
00419         tstring getStateText();
00420         static tstring getNoticeTypeText(MessageType msgType);
00421 
00422         static tstring getStateText(VPNState state,
00423                                     VPNSubState subState = VPNSS_NORMAL,
00424                                     NETENV_STATE netEnvState = NES_NETWORK_ACCESSIBLE,
00425                                     const tstring& tstrConnectedHost = tstring());
00426 
00427         void setNetworkStates(NETENV_STATE netEnvState, 
00428                               NETCTRL_STATE netCtrlState,
00429                               NETWORK_TYPE netType,
00430                               bool bACBrowserForCPRemediation,
00431                               bool bUpdateUI);
00432         void refreshOperatingModeForCurrentNetStates();
00433         NETENV_STATE getCurrentNetEnvState();
00434         NETENV_STATE getPreviousNetEnvState();
00435         NETCTRL_STATE getCurrentNetCtrlState();
00436         NETWORK_TYPE getCurrentNetType();
00437         bool isACBrowserForCPRemediation();
00438 
00439         static tstring getNetCtrlText(NETCTRL_STATE netCtrlState);
00440         static tstring getNetEnvText(NETENV_STATE netEnvState,
00441                                      bool bSimple = false);
00442         static tstring getNetTypeText(NETWORK_TYPE netType);
00443         static tstring getQuarantinedStatusText();
00444         static tstring getNetworkStatusSimpleText(const NETENV_STATE netEnvState,
00445                                                   const NETCTRL_STATE netCtrlState);
00446 
00447         // can't be static due to requiring operating mode information
00448         tstring getNetworkStatusText(const VPNState state,
00449                                      const VPNSubState subState,
00450                                      const NETENV_STATE netEnvState,
00451                                      const NETCTRL_STATE netCtrlState);
00452 
00453         PreferenceInfo &getPreferences();
00454 
00455         bool savePreferences();
00456 
00457         virtual void startStats();
00458 
00459         virtual void stopStats();
00460 
00461         virtual void UserSubmit();
00462 
00463         void setBanner(const tstring &banner);
00464         void setBannerResponse(bool bResponse);
00465         bool getUserResponse();
00466         bool isUserResponseSet();
00467 
00468         void setCertBlocked(const tstring &tstrUntrustedServer);
00469         void setCertWarning(const tstring &rtstrUntrustedServer,
00470                             const std::list<tstring> &rltstrCertErrors,
00471                             bool bAllowImport);
00472 #if defined(PLATFORM_WIN_APP)
00473         void setCertWarning(const tstring &rtstrUntrustedServer,
00474                             const std::list<tstring> &rltstrCertErrors,
00475                             const std::vector<uint8_t>& rvServerCertDER,
00476                             bool bAllowImport);
00477 #endif
00478         bool getCertImportResponse();
00479 
00480 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) || defined(PLATFORM_CHROMEBOOK)
00481         void setCertBanner(tstring tstrCertBannerSummary,
00482                            uint32_t nCertBannerCertLen,
00483                            const uint8_t *pCertBannerCertDer,
00484                            const std::list<tstring> &confirmReasons,
00485                            const std::list<CertConfirmReason> &confirmReasonEnums,
00486                            bool bImportAllowed);
00487 
00488         void setCertBannerResponse(bool bResponse, bool bImportCert);
00489         void importServerCert(std::vector<uint8_t> certData);
00490         bool setFipsMode(bool bEnableFips);
00491 #if defined(PLATFORM_ANDROID)
00492         bool setStrictMode(bool bEnableStrictMode);
00493         bool setRevocationEnabled(bool bRevocationEnabled);
00494         bool IsRevocationEnabled();
00495 #endif // currently supported only for android
00496 #endif
00497 
00498         void setUserPrompt(ConnectPromptInfo &ConnectPrompt);
00499 
00500 #ifdef PLATFORM_ANDROID
00501         void setClientCertResponse(std::vector< std::pair<uint32_t, uint8_t*> > &derList);
00502         void setAgentDetached();
00503         bool getClientCertificates();
00504 #endif
00505 
00506 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID)
00507         void setSCEPEnrollInProgress(bool bInProgress);
00508         bool isSCEPEnrollInProgress();
00509 #endif // PLATFORM_APPLE_SSLVPN || PLATFORM_ANDROID
00510 
00511 #ifdef MANUAL_PKCS12_IMPORT_SUPPORTED
00512         void setImportPKCS12Result(const std::vector<uint8_t> &certHash, const tstring &tstrError);
00513         bool requestImportPKCS12(const std::vector<uint8_t> &data);
00514         std::vector<uint8_t> importPKCS12WithPassword(const std::vector<uint8_t> &data, const tstring &password);
00515 #endif
00516 
00517         void setCertBlockedResponse(bool bUnlock);
00518         void setCertWarningResponse(bool bConnect, bool bImportCert);
00519 
00520         void insertStateToConnectPrompt(ConnectPromptInfo &ConnectPrompt);
00521 
00522         void ExitNotice(const tstring &tstrNotice, const int code = 0);
00523 
00524         void notice(const tstring tstrNotice,
00525                     const MessageType type = MsgType_Info,
00526                     bool bClearLastMsg = false,
00527                     bool bForce = false);
00528 
00529         void notice(MsgWithArg &notice,
00530                     const MessageType type = MsgType_Info,
00531                     bool bClearLastMsg = false,
00532                     bool bForce = false);
00533 
00534         void getStats(void);
00535 
00536         void setStats(VPNStats &stats);
00537 
00538         void exportStats(const tstring &tstrFilePath);
00539 
00540         void setState(VPNState state,
00541                       VPNState previousState,
00542                       VPNSubState subState = VPNSS_NORMAL,
00543                       bool bUpdateStateMsg = true,
00544                       bool bOnlyUpdateUI = false);
00545 
00546 #if defined(MEMORY_LOGGING_SUPPORTED)
00547         boost::shared_ptr<IACLogger> getACLogger();
00548 
00549         void enqueueAgentLogMessages(const std::list<ACLogEntry> &msgList);
00550 
00551         void receiveAgentLogMessages(const std::list<ACLogEntry> &msgList);
00552 #endif
00553 
00554 #ifdef PROGRAM_DATA_IMPORT_SUPPORTED
00555         IACImporterAsync *createACImporter(IACImporterAsyncCB *pCallback);
00556 #endif
00557 
00558         void setWMHint(WMHint hint,
00559                        WMHintReason reason);
00560 
00561         bool isLastConnectType (const ConnectPromptType connPromptType);
00562 
00563         bool isOperatingMode(OperatingMode opMode);
00564         void setOperatingMode(OperatingMode opMode);
00565         void unsetOperatingMode(OperatingMode opMode);
00566 
00567         bool CanRemediateCaptivePortal();
00568         bool policyAllowsCaptivePortalRemediation();
00569 
00570         bool isEventShutdown();
00571 
00572         bool isUsingEventModel();
00573 
00574         time_t getLastDisconnectTime();
00575 
00576         ConnectPromptInfo getConnectPromptInfo();
00577         void resetConnectPromptPasswordData();
00578 
00579         void setStandaloneConnection(bool isStandalone);
00580 
00581         void deliverActiveHost(const tstring &activeHost,
00582                                ConnectProtocolType vpnProtocol = PROTOCOL_TYPE_UNKNOWN);
00583 
00584         bool isVPNServiceReady();
00585 
00586         // reset last disconnect time indicator.
00587         //
00588         void resetLastDisconnectTime(time_t time = 1);
00589 
00590         void processMinimize();
00591         
00592         // cert enrollment
00593         void setEnrollClientCert(CertObj* pCert);
00594 
00595         // Show user banner for cert import warning on linux
00596         // SCEPIfc to ConnectMgr
00597         void linuxCertImportWarnUser();
00598 
00599         // Response to cert warning on linux
00600         // ConnectMgr to SCEPIfc
00601         void linuxCertImportWarnUserResponse(bool bAccept);
00602 
00603         void setDefaultHost(tstring &host);
00604 
00605 #if defined(HOST_DATA_SUPPORTED)
00606         void setDefaultHostProfile(const IHostData &hostProfile);
00607         IHostData* getDefaultHostData();
00608 #endif // HOST_DATA_SUPPORTED
00609 
00610         void setLastVpnError(VPNError vpnError);
00611         VPNError getLastVpnError();
00612 
00613 #ifdef PLATFORM_ANDROID
00614         bool requestClientCertificates();
00615 #endif
00616 
00617         bool requestImportLocalization(const tstring tstrLocale,
00618                                        const std::vector<unsigned char> &MoFileData);
00619 
00620         // Start the Automatic Headend Selection operation
00621         void startAHS(const unsigned int uiReason, 
00622                       const ProxyIfc& proxy);
00623         // statusReturnCode is a long to match the current type of STATUSCODE.
00624         // It is not using a STATUSCODE directly so that we do not have to
00625         // expose the header files for STATUSCODEs to ClientIfcBase.h
00626         void AHSSelectedHost(const unsigned int uiReason,
00627                              const std::vector<tstring> &headendList,
00628                              const long statusReturnCode,
00629                              const tstring& extraInfo);
00630         std::vector<tstring> getAHSHostList();
00631         unsigned int getAHSState();
00632         bool isAHSHasRun();
00633 
00634         bool suppressConnectionErrorPopups();
00635 
00636         tstring getCaptivePortalDetectedMsg();        
00637 
00638         void setProxyAuthPrompts(ProxyIfc* pProxy,
00639                                  const tstring& promptMsg);
00640 
00641 #if defined(INTERPROCESS_COMMUNICATION_SUPPORTED)
00642         bool handleIpcMessage(CIpcMessage *pIpcMessage);
00643 #endif
00644         bool IsCsdTokenVerified() const;
00645 
00646 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID)
00647         virtual void SCEPEnrollStartCB();
00648         virtual void SCEPEnrollExitCB();
00649 #endif // PLATFORM_APPLE_SSLVPN || PLATFORM_ANDROID
00650         
00651         void activateConnectMgrTunnelInitiationCompletionEvent();
00652         bool isConnectRequestActive();
00653 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_CHROMEBOOK)
00654         bool deleteProfileByName(const tstring &profileName);
00655         tstring getProfileContents(const tstring &profileName);
00656         bool importProfile(const tstring &profileName, const tstring &profileContents);
00657 #endif // PLATFORM_ANDROID || PLATFORM_CHROMEBOOK
00658 
00659         bool syncProfileChange(const tstring &profileName);
00660 
00661 #if defined(CREDENTIAL_PREFILL_SUPPORTED)
00662         bool hasPrefilledCredentials();
00663         bool prefillCredentials(ConnectPromptInfo &connectPrompt);
00664         void setPrefilledCredentials(CredentialPrefill *prefill);
00665 #endif
00666 
00667 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN)
00668         std::list<ManagedCertificate *> enumerateCertificates(CertificateType certType);
00669         bool deleteCertificates(CertificateType certType, const std::list<std::string> &idList);
00670         bool deleteServerCertificates(const std::list<std::string> &idList);
00671 #endif // ANYCONNECT_USE_SNAK || PLATFORM_APPLE_SSLVPN        
00672 
00673 #if defined(ANYCONNECT_USE_SNAK)        
00674         std::list<ManagedCertificate *> enumerateSNAKCertificates(SNAK_CertType certType);
00675         SNAK_CertType getSNAKCertType(CertificateType certType);
00676         bool deleteClientCertificates(const std::list<std::string> &idList);
00677 #endif // ANYCONNECT_USE_SNAK
00678 
00679 #if defined(PLATFORM_APPLE_SSLVPN)
00680         bool canUseBackupServers();
00681     
00682 #endif //PLATFORM_APPLE_SSLVPN
00683     
00684         virtual ~ClientIfcBase();
00685 
00686         tstring getConnectHost();
00687 
00688         tstring getMgmtTunnelHostname();
00689 
00690         VPN_TUNNEL_SCOPE getVpnTunnelScope();
00691 
00692         bool isStandaloneConnection();
00693 
00694         void sendSSoLogoutPrompt(ConnectPromptInfo &cpi);
00695 
00696     private:
00697         CExecutionContext* m_pExecutionContext;
00698         CExecutionContext* m_pExecutionContextMgr;
00699 
00700         AgentIfc *mo_AgentIfc;
00701 
00702         ConnectMgr *mo_ConnectMgr;
00703 
00704         ApiThread  *mo_ConnectThread;
00705 
00706         EventMgr  *mo_EventMgr;
00707 
00708         PreferenceMgr *mo_PreferenceMgr;
00709 
00710         ConnectPromptInfo *mp_currentConnectPromptInfo;
00711 
00712         PreferenceInfo *mo_EditablePrefs;
00713 
00714 #if defined(SCRIPTING_SUPPORTED)
00715         CScriptingMgr *mo_ScriptingMgr;
00716 #endif // SCRIPTING_SUPPORTED
00717 
00718 #if defined(SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED)
00719         SCEPIfc* m_pSCEPIfc;
00720         bool m_bInformedAgentOfSCEP;
00721 #endif // SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED
00722 #ifndef PLATFORM_APPLE_SSLVPN
00723         CStoragePath* m_pStoragePath;
00724 #endif // !PLATFORM_APPLE_SSLVPN
00725 
00726 #ifdef ANYCONNECT_USE_SNAK
00727         PluginLoader *m_pPluginLoader;
00728         SNAK_CertPlugin *m_pSNAKCert;
00729         SNAK_SocketPlugin *m_pSNAKSocket;
00730         SNAK_StoragePlugin *m_pSNAKStorage;
00731         SNAK_DeviceInfoPlugin *m_pSNAKDeviceInfo;
00732         SNAKDeviceInfoPluginCBImpl *m_pSNAKDeviceInfoCB;
00733 
00734         bool mb_SNAKInitialized;
00735 #endif
00736 
00737 #if  defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN)
00738         bool mb_SCEPEnrollInProgress;
00739 #endif // PLATFORM_ANDROID || PLATFORM_APPLE_SSLVPN
00740 
00741         bool mb_PreferenceMgrCreated;
00742         bool mb_StandaloneConnection;
00743         bool mb_UsingEventModel;
00744         bool mb_UserResponse;
00745         bool mb_IsUserResponseSet;
00746         bool mb_PerformedAutoCertEnrollment;
00747         tstring ms_PostEnrollmentConnectHost;
00748         bool mb_CaptivePortalMsgDisplayed;
00749         bool m_bSuppressMinimizeOnConnect;
00750         bool m_bSuppressConnectionErrorPopups;
00751         bool m_bLastConnectionAutomatic;
00752         bool m_bImportCertResp;
00753 
00754         unsigned int mui_OperatingMode;
00755         NETENV_STATE m_currentNetEnvState;
00756         NETENV_STATE m_previousNetEnvState;
00757         NETCTRL_STATE m_currentNetCtrlState;
00758         NETWORK_TYPE m_currentNetType;
00759         bool m_bACBrowserForCPRemediation;
00760 
00761         tstring ms_message;
00762 
00763         time_t m_disconnectTime;
00764 
00765         static std::string ms_ThreadName;
00766 
00767         CManualLock* m_pClientIfcStateLock;
00768         CManualLock* m_pClientIfcLock;
00769         CManualLock* m_pClientIfcPromptsLock;
00770         CManualLock* m_pClientIfcOpModeLock;
00771         CManualLock* m_pClientIfcAHSLock;
00772         CManualLock* m_pClientIfcConnectModeLock;
00773         CManualLock* m_pClientIfcInformAgentOfSCEPLock;
00774 
00775 #if defined(MEMORY_LOGGING_SUPPORTED)
00776         boost::shared_ptr<ACLoggerImpl> m_spACLoggerImpl;
00777 #endif
00778         std::vector<tstring> msl_AHSSelectedHosts;
00779         ApiThread* m_pAHSThread;
00780         unsigned int m_uiAHSState;
00781 #if defined(CREDENTIAL_PREFILL_SUPPORTED)
00782         CredentialPrefill* m_pCredentialPrefill;
00783 #endif
00784         VPNError m_lastVpnError;
00785 
00786         static volatile bool mb_deleteFirstPass;
00787 
00788         ConnectMgr &getConnectMgr();
00789 
00790         ProfileMgr &getProfileMgr();
00791         UserPreferences &getUserPreferences();
00792 
00793         void displayAgentAttachMessage();
00794 
00795         void setLastDisconnectTime(time_t time);
00796 
00797         void setCurrentStatePrompts(const VPNState state, 
00798                                     const VPNState prevState,
00799                                     const VPNSubState subState,
00800                                     const bool bUpdateStateMsg);
00801         void setCurrentStateErrorMessage(VPNState state, CONNECT_FAILURE_REASON cfr);
00802         void getStateMessage(const VPNState state, 
00803                              const VPNState prevState,
00804                              const VPNSubState subState,
00805                              const NETENV_STATE neState,
00806                              /*out*/ MsgWithArg& stateMessage);
00807 
00808         // IPreferenceUpdateCB methods
00809         virtual void OnLoadPreferencesComplete();
00810         virtual bool IsPreferenceOverridable(const PreferenceId ePreferenceId);
00811         virtual void OverridePreferenceValue(const PreferenceId ePreferenceId,
00812                                              tstring& rPrefenceValue,
00813                                              bool& rbOverriden);
00814 
00815         void RefreshPreferences(void);
00816 
00817         void displayAHSPrompt(const bool isComplete);
00818         void handleAHSPreferences(const unsigned int uiReason);
00819         void setAHSState(const unsigned int ahsState);
00820 
00821         bool autoConnectIfEnabled(const bool suppressAutoConnect);
00822 
00823         void clearUserSetResponseFlag();
00824 
00825 #if defined(SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED)
00826         bool processSCEPIpcMessage(CIpcMessage *pIpcMessage);
00827         bool isSCEPRedirect();
00828         void processSCEPRedirect();
00829 #endif // SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED
00830 
00831         bool hasConnectCapabilities();
00832         bool hasMgmtCapabilities();
00833 
00834         ClientIfcBase(const ClientIfcBase& other);
00835         ClientIfcBase& operator=(const ClientIfcBase& other);
00836 
00837 #ifdef ANYCONNECT_USE_SNAK
00838         bool initializeSNAK(bool bUseExistingInstanceIfAvail);
00839         void destroySNAK();
00840         ManagedCertificate *convertSnakToManagedCertificate(const ManagedCertHandle &snakCert);
00841 #endif
00842 };
00843 
00844 
00845 #endif // _CLIENTIFCBASE_