 |
AnyConnect Secure Mobility Client 4.9.04043
|
|
AnyConnect Secure Mobility Client 4.9.04043
|
00001 /************************************************************************** 00002 * Copyright (c) 2006, Cisco Systems, All Rights Reserved 00003 *************************************************************************** 00004 * 00005 * File: ClientIfcBase.h 00006 * Author: Chris Fitzgerald 00007 * Date: 08/2007 00008 * 00009 *************************************************************************** 00010 * 00011 * Client Interface Base class implementation for the Client API. 00012 * 00013 ***************************************************************************/ 00014 00015 // The ClientIfcBase class contains the majority of private methods and members. 00016 // The purpose of this class is to hide all but the necessary methods from 00017 // being exposed. 00018 // 00019 00020 #ifndef _CLIENTIFCBASE_ 00021 #define _CLIENTIFCBASE_ 00022 00023 #include <list> 00024 #include <vector> 00025 00026 /* 00027 * When changing the SCRIPTING_SUPPORTED or INTERPROCESS_COMMUNICATION_SUPPORTED definition, 00028 * you MUST also update GenDefs.h! 00029 * We duplicate this definition here due to the manner in which we distribute our 00030 * code to partners; we cannot include GenDefs.h from here. 00031 */ 00032 #if !defined(PLATFORM_APPLE_SSLVPN) && !defined(PLATFORM_ANDROID) && !defined(PLATFORM_WIN_APP) 00033 #define SCRIPTING_SUPPORTED 00034 #endif 00035 #if !defined(PLATFORM_WIN_APP) 00036 #define INTERPROCESS_COMMUNICATION_SUPPORTED 00037 #endif 00038 00039 /* 00040 * When changing the SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED definition, you MUST also update GenDefs.h! 00041 * We duplicate this definition here due to the manner in which we distribute our 00042 * code to partners; we cannot include GenDefs.h from here. 00043 */ 00044 #if defined(_WIN32) || defined(_WIN32_WCE) || defined(PLATFORM_DARWIN) || defined(PLATFORM_LINUX) || defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN) 00045 #define SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED 00046 #endif 00047 00048 /* 00049 * When changing the HOST_DATA_SUPPORTED definition, you MUST also update GenDefs.h! 00050 * We duplicate this definition here due to the manner in which we distribute our 00051 * code to partners; we cannot include GenDefs.h from here. 00052 */ 00053 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_CHROMEBOOK) 00054 #define HOST_DATA_SUPPORTED 00055 #endif 00056 00057 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) || defined(PRODUCT_TYPE_SSA) 00058 /* 00059 ** the MANUAL_PKCS12_IMPORT_SUPPORTED define is used to track the platforms 00060 ** where the manual import of PKCS12 certificates is supported. This is to avoid repeating the 00061 ** platforms in #ifdef clauses in other files. 00062 */ 00063 #define MANUAL_PKCS12_IMPORT_SUPPORTED 00064 #endif 00065 00066 #if defined(PLATFORM_ANDROID) 00067 #define PROGRAM_DATA_IMPORT_SUPPORTED 00068 #endif 00069 00070 #if defined(PLATFORM_ANDROID) 00071 // Credentials for a connection can be prefilled via uri handling or API calls 00072 #define CREDENTIAL_PREFILL_SUPPORTED 00073 #endif 00074 00075 #if defined(MANUAL_PKCS12_IMPORT_SUPPORTED) && !defined(__GENDEFS_H) 00076 #if defined(HAVE_STDINT_H) 00077 #include <stdint.h> 00078 #else 00079 typedef unsigned char uint8_t; 00080 #endif // HAVE_STDINT_H 00081 #endif // MANUAL_PKCS12_IMPORT_SUPPORTED 00082 00083 #include "api.h" 00084 #include "PreferenceUpdate.h" 00085 00086 #if defined(PLATFORM_WIN_APP) 00087 typedef unsigned char uint8_t; 00088 #endif 00089 00090 #if defined(HOST_DATA_SUPPORTED) 00091 #include "IHostData.h" 00092 #endif 00093 00094 #if defined(ANYCONNECT_USE_SNAK) 00095 #include "Utility/PluginLoader.h" 00096 #include "SNAK_CertPlugin.h" 00097 #include "SNAK_SocketPlugin.h" 00098 #include "SNAK_StoragePlugin.h" 00099 #endif 00100 00101 class ConnectPromptInfo; 00102 class ConnectMgr; 00103 class MsgWithArg; 00104 class VPNStats; 00105 class AgentIfc; 00106 class ProfileMgr; 00107 class ApiThread; 00108 class EventMgr; 00109 class PreferenceMgr; 00110 class PreferenceInfo; 00111 class UserPreferences; 00112 class CScriptingMgr; 00113 class CManualLock; 00114 class ProxyIfc; 00115 class CIpcMessage; 00116 class SCEPIfc; 00117 class CertObj; 00118 class CExecutionContext; 00119 class HostEntry; 00120 00121 #if defined(CREDENTIAL_PREFILL_SUPPORTED) 00122 class CredentialPrefill; 00123 #endif 00124 00125 #if !defined(PLATFORM_APPLE_SSLVPN) 00126 class CStoragePath; 00127 #endif 00128 00129 #ifdef ANYCONNECT_USE_SNAK 00130 class PluginLoader; 00131 class SNAK_StoragePlugin; 00132 class SNAK_CertPlugin; 00133 class SNAK_SocketPlugin; 00134 class SNAK_DeviceInfoPlugin; 00135 class SNAKDeviceInfoPluginCBImpl; 00136 #endif // ANYCONNECT_USE_SNAK 00137 00138 #if defined(ANYCONNECT_USE_SNAK) || defined(PLATFORM_APPLE_SSLVPN) 00139 class ManagedCertificate; 00140 class ManagedCertHandle; 00141 #endif // ANYCONNECT_USE_SNAK || PLATFORM_APPLE_SSLVPN 00142 00143 #if defined(PROGRAM_DATA_IMPORT_SUPPORTED) 00144 class IACImporterAsync; 00145 class IACImporterAsyncCB; 00146 #endif 00147 00148 class VPN_VPNAPI ClientIfcBase : private IPreferenceUpdateCB 00149 { 00150 friend class EventMgr; 00151 00152 protected: 00153 00154 /** 00155 * Callback used to deliver new statistics related to the VPN 00156 * connection. 00157 * 00158 * When a connection is active, a new set of statistics is 00159 * delivered each second. 00160 * 00161 * @see resetStats(), stopStats() and startStats() 00162 * 00163 */ 00164 virtual void StatsCB(VPNStats &stats) = 0; 00165 00166 00167 /** 00168 * Callback used to deliver VPN state and state change string. 00169 * The stateString delivered by this method is localized. 00170 * 00171 * See the ::VPNState enum found in api.h for set of valid states. 00172 */ 00173 virtual void StateCB(const VPNState state, 00174 const VPNSubState subState, 00175 const tstring stateString) = 0; 00176 00177 00178 /** 00179 * If a banner needs to be acknowledged, this CB delivers the banner 00180 * to the client. 00181 * 00182 * NOTE: Connection establishment will block until the method 00183 * setBannerResponse() is called. 00184 * 00185 * In a GUI, a banner would typically be displayed in a modal dialog 00186 * with an accept or decline button selection. 00187 * 00188 * @see setBannerResponse() to set the user response to the banner. 00189 */ 00190 virtual void BannerCB(const tstring &banner) = 0; 00191 00192 00193 /** 00194 * Messages are delivered via the NoticeCB and can come from multiple 00195 * sources. There are four message types (error, warning, info and 00196 * status). See the ::MessageType enum in api.h for the list. 00197 * 00198 * Clients using the API as an embedded application (not 00199 * user visible) might want to further characterize 00200 * messages. One option here is to use the AnyConnect message 00201 * catalog and assign message codes as the translations for 00202 * various messages. An application could then track messages based 00203 * on its own error code scheme. 00204 */ 00205 virtual void NoticeCB(const tstring ¬ice, 00206 const MessageType type, 00207 const bool bSensitive = false) = 0; 00208 00209 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) || defined(PLATFORM_CHROMEBOOK) 00210 virtual void CertBannerCB(const tstring &certBannerSummary, 00211 const uint32_t nCertBannerCertLen, 00212 const uint8_t *pCertBannerCertDer, 00213 const std::list<tstring> &confirmReasons, 00214 const std::list<CertConfirmReason> &confirmReasonEnums, 00215 bool bImportAllowed = true) = 0; 00216 #endif 00217 00218 /** 00219 * This CB would likely occur only during a connection when it was 00220 * detected that the software needed to be upgraded, or when Start 00221 * Before Logon (SBL) is being used. 00222 * 00223 * Unlike the other callback methods, this method provides a default 00224 * implementation (calling the system's exit() function). 00225 * If clients of the API wish to override this behavior, they are 00226 * responsible for ensuring that the current running process exits with 00227 * the return code specified by returnCode. 00228 * 00229 * <b>Caution</b>: IF YOU OVERRIDE THIS METHOD AND DO NOT EXIT WITH 00230 * THE PROPER CODE SOFTWARE UPDATE FUNCTIONALITY IN YOUR CLIENT WILL 00231 * BREAK 00232 */ 00233 virtual void ExitNoticeCB(const tstring &tstrNotice, 00234 const int returnCode); 00235 00236 00237 /** 00238 * Under normal operating conditions, this CB is called as soon 00239 * as the attach method completes. In case the service (vpn agent) 00240 * is not ready, this CB is not called until it is. 00241 * 00242 * Any API calls made prior to this CB being called will result in a 00243 * NoticeCB error message. 00244 */ 00245 virtual void ServiceReadyCB() = 0; 00246 00247 00248 00249 /** 00250 * This method supports prompting for single or multiple values. All 00251 * prompts are considered mandatory. 00252 * 00253 * The ConnectPromptInfo object contains a list of PromptEntry 00254 * instances. The labels and their default values (if any) can be 00255 * found in these instances. After the data has been collected from the user 00256 * it can be set into these same instances. When ready, the client 00257 * application should call the method UserSubmit() to have the 00258 * responses read by the API. 00259 */ 00260 virtual void UserPromptCB(ConnectPromptInfo &ConnectPrompt) = 0; 00261 00262 00263 /** 00264 * Use this method to provide Window Manager hints to GUI 00265 * applications. To receive these hints, the application must 00266 * identify itself as a GUI in the attach method. In addition, this 00267 * method should be overriden to receive any generated events. 00268 * 00269 * Event that can be received include those indicating that a user is 00270 * starting a second instance of the GUI application. This information 00271 * can be used to tell the already running application to un-minimize 00272 * itself and let the new program know that it should Quit (since a GUI 00273 * is already running). 00274 */ 00275 virtual void WMHintCB(const WMHint hint, 00276 const WMHintReason reason); 00277 00278 00279 /** 00280 * This method is useful when the connection to the secure gateway 00281 * has been established as part of a web-launch of the VPN tunnel. 00282 * 00283 * If the client application wishes to be notified of the secure 00284 * gateway to which the VPN has been established, this method should 00285 * be overriden. 00286 * 00287 * If the client application is started and a tunnel is already active, 00288 * this method also delivers the name of the secure gateway host. 00289 */ 00290 virtual void deliverWebLaunchHostCB(const tstring &activeHost); 00291 00292 /** 00293 * This method is called when the preference to block untrusted 00294 * servers is enabled and the current VPN server being connected 00295 * to is untrusted. Clients should present an error to the user 00296 * notifying them that the current connection to rtstrUntrustedServer 00297 * is being blocked. The client should also provide a way for the 00298 * user to change the preference to block untrusted servers. 00299 * 00300 * The user response must be indicated using setCertBlockedResponse 00301 */ 00302 virtual void CertBlockedCB(const tstring &rtstrUntrustedServer) = 0; 00303 00304 /** 00305 * This method is called when connections to untrusted VPN servers 00306 * is allowed by policies and the current VPN server being connected 00307 * to is untrusted. Clients should present a warning to the user 00308 * notifying them that the current connection to rtstrUntrustedServer 00309 * is unsafe. The reason the VPN server is untrusted is provided in 00310 * rltstrCertErrors. The client should provide a way for the user to 00311 * connect once, connect and always trust or cancel the connection. 00312 * If bAllowImport is set to false then the always trust option should 00313 * not be presented to users. 00314 * 00315 * The user response must be indicated using setCertWarningResponse 00316 */ 00317 virtual void CertWarningCB(const tstring &rtstrUntrustedServer, 00318 const std::list<tstring> &rltstrCertErrors, 00319 bool bAllowImport) = 0; 00320 00321 #if defined(PLATFORM_WIN_APP) 00322 /** 00323 * Same as above but also passes the Server certificate DER for details display 00324 */ 00325 virtual void CertWarningCB(const tstring &rtstrUntrustedServer, 00326 const std::list<tstring> &rltstrCertErrors, 00327 const std::vector<uint8_t> &rvServerCertDER, 00328 bool bAllowImport) = 0; 00329 #endif 00330 00331 /** 00332 * This method can be overriden if the client application wishes to 00333 * exercise some control over the delivery of events from the other 00334 * protected methods in this class. 00335 * 00336 * This might be necessary in cases where a GUI is being written and 00337 * the data from this API needs to be delivered in the GUI or main 00338 * thread. In this case, you should override this method and when it 00339 * is called by the API post an event to your event queue (message 00340 * pump, etc.). After this event executes in your GUI or main thread, 00341 * call the method ClientIfc::ProcessEvents to have events delivered 00342 * to your client application. 00343 */ 00344 virtual void EventAvailable(); 00345 00346 #ifdef MANUAL_PKCS12_IMPORT_SUPPORTED 00347 virtual void ImportPKCS12ResultCB(const std::vector<uint8_t> &certHash, const tstring &tstrError); 00348 #endif 00349 #ifdef PLATFORM_ANDROID 00350 virtual void ClientCertificateCB(std::vector< std::pair<uint32_t, uint8_t*> > certList) = 0; 00351 virtual void AgentDetachedCB(); 00352 #endif 00353 00354 AgentIfc &getAgentIfc(); 00355 00356 ClientIfcBase(); 00357 00358 00359 public: 00360 00361 virtual bool attach(ClientType clientType = ClientType_GUI, 00362 bool requestFullCapabilities = true, 00363 bool suppressAutoConnect = true); 00364 00365 virtual void detach(); 00366 00367 virtual void ProcessEvents(); 00368 00369 virtual bool hasFullCapabilities(); 00370 00371 virtual bool isConnected(); 00372 00373 virtual bool isAvailable(); 00374 00375 virtual std::list<tstring> getHostNames(); 00376 00377 virtual std::list<HostEntry> getHostEntries(); 00378 00379 virtual tstring getDefaultHostName(); 00380 00381 #if defined(HOST_DATA_SUPPORTED) 00382 virtual bool connect(const IHostData& hostData); 00383 00384 bool connect(const IHostData& hostData, 00385 unsigned int origin); 00386 #else 00387 virtual bool connect(tstring host); 00388 00389 bool connect(tstring host, 00390 unsigned int origin); 00391 #endif 00392 00393 virtual bool setNewTunnelGroup(const tstring & group); 00394 00395 virtual void disconnect(); 00396 00397 virtual void cancel(); 00398 00399 virtual void resetStats(); 00400 00401 virtual void getState(); 00402 00403 VPNState getCurrentState(); 00404 VPNSubState getCurrentSubState(); 00405 VPNSubState getPreviousSubState(); 00406 00407 tstring getStateText(); 00408 static tstring getNoticeTypeText(MessageType msgType); 00409 00410 static tstring getStateText(VPNState state, 00411 VPNSubState subState = VPNSS_NORMAL, 00412 NETENV_STATE netEnvState = NES_NETWORK_ACCESSIBLE, 00413 const tstring& tstrConnectedHost = tstring()); 00414 00415 void setNetworkStates(NETENV_STATE netEnvState, 00416 NETCTRL_STATE netCtrlState, 00417 NETWORK_TYPE netType, 00418 bool bACBrowserForCPRemediation, 00419 bool bUpdateUI); 00420 void refreshOperatingModeForCurrentNetStates(); 00421 NETENV_STATE getCurrentNetEnvState(); 00422 NETENV_STATE getPreviousNetEnvState(); 00423 NETCTRL_STATE getCurrentNetCtrlState(); 00424 NETWORK_TYPE getCurrentNetType(); 00425 bool isACBrowserForCPRemediation(); 00426 00427 static tstring getNetCtrlText(NETCTRL_STATE netCtrlState); 00428 static tstring getNetEnvText(NETENV_STATE netEnvState, 00429 bool bSimple = false); 00430 static tstring getNetTypeText(NETWORK_TYPE netType); 00431 static tstring getQuarantinedStatusText(); 00432 static tstring getNetworkStatusSimpleText(const NETENV_STATE netEnvState, 00433 const NETCTRL_STATE netCtrlState); 00434 00435 // can't be static due to requiring operating mode information 00436 tstring getNetworkStatusText(const VPNState state, 00437 const VPNSubState subState, 00438 const NETENV_STATE netEnvState, 00439 const NETCTRL_STATE netCtrlState); 00440 00441 PreferenceInfo &getPreferences(); 00442 00443 bool savePreferences(); 00444 00445 virtual void startStats(); 00446 00447 virtual void stopStats(); 00448 00449 virtual void UserSubmit(); 00450 00451 void setBanner(const tstring &banner); 00452 void setBannerResponse(bool bResponse); 00453 bool getUserResponse(); 00454 bool isUserResponseSet(); 00455 00456 void setCertBlocked(const tstring &tstrUntrustedServer); 00457 void setCertWarning(const tstring &rtstrUntrustedServer, 00458 const std::list<tstring> &rltstrCertErrors, 00459 bool bAllowImport); 00460 #if defined(PLATFORM_WIN_APP) 00461 void setCertWarning(const tstring &rtstrUntrustedServer, 00462 const std::list<tstring> &rltstrCertErrors, 00463 const std::vector<uint8_t>& rvServerCertDER, 00464 bool bAllowImport); 00465 #endif 00466 bool getCertImportResponse(); 00467 00468 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) || defined(PLATFORM_CHROMEBOOK) 00469 void setCertBanner(tstring tstrCertBannerSummary, 00470 uint32_t nCertBannerCertLen, 00471 const uint8_t *pCertBannerCertDer, 00472 const std::list<tstring> &confirmReasons, 00473 const std::list<CertConfirmReason> &confirmReasonEnums, 00474 bool bImportAllowed); 00475 00476 void setCertBannerResponse(bool bResponse, bool bImportCert); 00477 void importServerCert(std::vector<uint8_t> certData); 00478 bool setFipsMode(bool bEnableFips); 00479 #if defined(PLATFORM_ANDROID) 00480 bool setStrictMode(bool bEnableStrictMode); 00481 bool setRevocationEnabled(bool bRevocationEnabled); 00482 bool IsRevocationEnabled(); 00483 #endif // currently supported only for android 00484 #endif 00485 00486 void setUserPrompt(ConnectPromptInfo &ConnectPrompt); 00487 00488 #ifdef PLATFORM_ANDROID 00489 void setClientCertResponse(std::vector< std::pair<uint32_t, uint8_t*> > &derList); 00490 void setAgentDetached(); 00491 bool getClientCertificates(); 00492 #endif 00493 00494 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) 00495 void setSCEPEnrollInProgress(bool bInProgress); 00496 bool isSCEPEnrollInProgress(); 00497 #endif // PLATFORM_APPLE_SSLVPN || PLATFORM_ANDROID 00498 00499 #ifdef MANUAL_PKCS12_IMPORT_SUPPORTED 00500 void setImportPKCS12Result(const std::vector<uint8_t> &certHash, const tstring &tstrError); 00501 bool requestImportPKCS12(const std::vector<uint8_t> &data); 00502 std::vector<uint8_t> importPKCS12WithPassword(const std::vector<uint8_t> &data, const tstring &password); 00503 #endif 00504 00505 void setCertBlockedResponse(bool bUnlock); 00506 void setCertWarningResponse(bool bConnect, bool bImportCert); 00507 00508 void insertStateToConnectPrompt(ConnectPromptInfo &ConnectPrompt); 00509 00510 void ExitNotice(const tstring &tstrNotice, const int code = 0); 00511 00512 void notice(const tstring &tstrNotice, 00513 const MessageType type = MsgType_Info, 00514 bool bClearLastMsg = false, 00515 bool bForce = false, 00516 bool bStateMsg = false, 00517 bool bSensitiveMsg = false); 00518 00519 void notice(MsgWithArg ¬ice, 00520 const MessageType type = MsgType_Info, 00521 bool bClearLastMsg = false, 00522 bool bForce = false, 00523 bool bStateMsg = false, 00524 bool bSensitiveMsg = false); 00525 00526 void getStats(void); 00527 00528 void setStats(VPNStats &stats); 00529 00530 void exportStats(const tstring &tstrFilePath); 00531 00532 void setState(VPNState state, 00533 VPNState previousState, 00534 VPNSubState subState = VPNSS_NORMAL, 00535 bool bUpdateStateMsg = true, 00536 bool bOnlyUpdateUI = false); 00537 00538 #ifdef PROGRAM_DATA_IMPORT_SUPPORTED 00539 IACImporterAsync *createACImporter(IACImporterAsyncCB *pCallback); 00540 #endif 00541 00542 void setWMHint(WMHint hint, 00543 WMHintReason reason); 00544 00545 bool isLastConnectType (const ConnectPromptType connPromptType); 00546 00547 bool isOperatingMode(OperatingMode opMode); 00548 void setOperatingMode(OperatingMode opMode); 00549 void unsetOperatingMode(OperatingMode opMode); 00550 00551 bool CanRemediateCaptivePortal(); 00552 bool policyAllowsCaptivePortalRemediation(); 00553 00554 bool isEventShutdown(); 00555 00556 bool isUsingEventModel(); 00557 00558 time_t getLastDisconnectTime(); 00559 00560 ConnectPromptInfo getConnectPromptInfo(); 00561 void resetConnectPromptPasswordData(); 00562 00563 void setStandaloneConnection(bool isStandalone); 00564 00565 void deliverActiveHost(const tstring &activeHost, 00566 ConnectProtocolType vpnProtocol = PROTOCOL_TYPE_UNKNOWN, 00567 bool bActiveHostFriendlyName = false); 00568 00569 bool isVPNServiceReady(); 00570 00571 // reset last disconnect time indicator. 00572 // 00573 void resetLastDisconnectTime(time_t time = 1); 00574 00575 void processMinimize(); 00576 00577 // cert enrollment 00578 void setEnrollClientCert(CertObj* pCert); 00579 00580 // Show user banner for cert import warning on linux 00581 // SCEPIfc to ConnectMgr 00582 void linuxCertImportWarnUser(); 00583 00584 // Response to cert warning on linux 00585 // ConnectMgr to SCEPIfc 00586 void linuxCertImportWarnUserResponse(bool bAccept); 00587 00588 void setDefaultHost(tstring &host); 00589 00590 #if defined(HOST_DATA_SUPPORTED) 00591 void setDefaultHostProfile(const IHostData &hostProfile); 00592 IHostData* getDefaultHostData(); 00593 #endif // HOST_DATA_SUPPORTED 00594 00595 void setLastVpnError(VPNError vpnError); 00596 VPNError getLastVpnError(); 00597 00598 #ifdef PLATFORM_ANDROID 00599 bool requestClientCertificates(); 00600 #endif 00601 00602 bool requestImportLocalization(const tstring tstrLocale, 00603 const std::vector<unsigned char> &MoFileData); 00604 00605 // Start the Automatic Headend Selection operation 00606 void startAHS(const unsigned int uiReason, 00607 const ProxyIfc& proxy); 00608 // statusReturnCode is a long to match the current type of STATUSCODE. 00609 // It is not using a STATUSCODE directly so that we do not have to 00610 // expose the header files for STATUSCODEs to ClientIfcBase.h 00611 void AHSSelectedHost(const unsigned int uiReason, 00612 const std::vector<tstring> &headendList, 00613 const long statusReturnCode, 00614 const tstring& extraInfo); 00615 std::vector<tstring> getAHSHostList(); 00616 unsigned int getAHSState(); 00617 bool isAHSHasRun(); 00618 00619 bool suppressConnectionErrorPopups(); 00620 00621 tstring getCaptivePortalDetectedMsg(); 00622 00623 void setProxyAuthPrompts(ProxyIfc* pProxy, 00624 const tstring& promptMsg); 00625 00626 #if defined(INTERPROCESS_COMMUNICATION_SUPPORTED) 00627 bool handleIpcMessage(CIpcMessage *pIpcMessage); 00628 #endif 00629 bool IsCsdTokenVerified() const; 00630 00631 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) 00632 virtual void SCEPEnrollStartCB(); 00633 virtual void SCEPEnrollExitCB(); 00634 #endif // PLATFORM_APPLE_SSLVPN || PLATFORM_ANDROID 00635 00636 void activateConnectMgrTunnelInitiationCompletionEvent(); 00637 bool isConnectRequestActive(); 00638 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_CHROMEBOOK) 00639 bool deleteProfileByName(const tstring &profileName); 00640 tstring getProfileContents(const tstring &profileName); 00641 bool importProfile(const tstring &profileName, const tstring &profileContents); 00642 #endif // PLATFORM_ANDROID || PLATFORM_CHROMEBOOK 00643 00644 bool syncProfileChange(const tstring &profileName); 00645 00646 #if defined(CREDENTIAL_PREFILL_SUPPORTED) 00647 bool hasPrefilledCredentials(); 00648 bool prefillCredentials(ConnectPromptInfo &connectPrompt); 00649 void setPrefilledCredentials(CredentialPrefill *prefill); 00650 #endif 00651 00652 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN) 00653 std::list<ManagedCertificate *> enumerateCertificates(CertificateType certType); 00654 bool deleteCertificates(CertificateType certType, const std::list<std::string> &idList); 00655 bool deleteServerCertificates(const std::list<std::string> &idList); 00656 #endif // ANYCONNECT_USE_SNAK || PLATFORM_APPLE_SSLVPN 00657 00658 #if defined(ANYCONNECT_USE_SNAK) 00659 std::list<ManagedCertificate *> enumerateSNAKCertificates(SNAK_CertType certType); 00660 SNAK_CertType getSNAKCertType(CertificateType certType); 00661 bool deleteClientCertificates(const std::list<std::string> &idList); 00662 #endif // ANYCONNECT_USE_SNAK 00663 00664 #if defined(PLATFORM_APPLE_SSLVPN) 00665 bool canUseBackupServers(); 00666 00667 #endif //PLATFORM_APPLE_SSLVPN 00668 00669 virtual ~ClientIfcBase(); 00670 00671 tstring getConnectHost(); 00672 00673 tstring getMgmtTunnelHostname(); 00674 00675 VPN_TUNNEL_SCOPE getVpnTunnelScope(); 00676 00677 bool isStandaloneConnection(); 00678 00679 void sendSSoLogoutPrompt(ConnectPromptInfo &cpi); 00680 00681 private: 00682 CExecutionContext* m_pExecutionContext; 00683 CExecutionContext* m_pExecutionContextMgr; 00684 00685 AgentIfc *mo_AgentIfc; 00686 00687 ConnectMgr *mo_ConnectMgr; 00688 00689 ApiThread *mo_ConnectThread; 00690 00691 EventMgr *mo_EventMgr; 00692 00693 PreferenceMgr *mo_PreferenceMgr; 00694 00695 ConnectPromptInfo *mp_currentConnectPromptInfo; 00696 00697 PreferenceInfo *mo_EditablePrefs; 00698 00699 #if defined(SCRIPTING_SUPPORTED) 00700 CScriptingMgr *mo_ScriptingMgr; 00701 #endif // SCRIPTING_SUPPORTED 00702 00703 #if defined(SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED) 00704 SCEPIfc* m_pSCEPIfc; 00705 bool m_bInformedAgentOfSCEP; 00706 #endif // SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED 00707 #ifndef PLATFORM_APPLE_SSLVPN 00708 CStoragePath* m_pStoragePath; 00709 #endif // !PLATFORM_APPLE_SSLVPN 00710 00711 #ifdef ANYCONNECT_USE_SNAK 00712 PluginLoader *m_pPluginLoader; 00713 SNAK_CertPlugin *m_pSNAKCert; 00714 SNAK_SocketPlugin *m_pSNAKSocket; 00715 SNAK_StoragePlugin *m_pSNAKStorage; 00716 SNAK_DeviceInfoPlugin *m_pSNAKDeviceInfo; 00717 SNAKDeviceInfoPluginCBImpl *m_pSNAKDeviceInfoCB; 00718 00719 bool mb_SNAKInitialized; 00720 #endif 00721 00722 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN) 00723 bool mb_SCEPEnrollInProgress; 00724 #endif // PLATFORM_ANDROID || PLATFORM_APPLE_SSLVPN 00725 00726 bool mb_PreferenceMgrCreated; 00727 bool mb_StandaloneConnection; 00728 bool mb_UsingEventModel; 00729 bool mb_UserResponse; 00730 bool mb_IsUserResponseSet; 00731 bool mb_PerformedAutoCertEnrollment; 00732 tstring ms_PostEnrollmentConnectHost; 00733 bool mb_CaptivePortalMsgDisplayed; 00734 bool m_bSuppressMinimizeOnConnect; 00735 bool m_bSuppressConnectionErrorPopups; 00736 bool m_bLastConnectionAutomatic; 00737 bool m_bImportCertResp; 00738 bool m_bPrevMsgWasStateMsg; 00739 00740 unsigned int mui_OperatingMode; 00741 NETENV_STATE m_currentNetEnvState; 00742 NETENV_STATE m_previousNetEnvState; 00743 NETCTRL_STATE m_currentNetCtrlState; 00744 NETWORK_TYPE m_currentNetType; 00745 bool m_bACBrowserForCPRemediation; 00746 00747 tstring ms_message; 00748 00749 time_t m_disconnectTime; 00750 00751 static std::string ms_ThreadName; 00752 00753 CManualLock* m_pClientIfcStateLock; 00754 CManualLock* m_pClientIfcLock; 00755 CManualLock* m_pClientIfcPromptsLock; 00756 CManualLock* m_pClientIfcOpModeLock; 00757 CManualLock* m_pClientIfcAHSLock; 00758 CManualLock* m_pClientIfcConnectModeLock; 00759 CManualLock* m_pClientIfcInformAgentOfSCEPLock; 00760 00761 std::vector<tstring> msl_AHSSelectedHosts; 00762 ApiThread* m_pAHSThread; 00763 unsigned int m_uiAHSState; 00764 #if defined(CREDENTIAL_PREFILL_SUPPORTED) 00765 CredentialPrefill* m_pCredentialPrefill; 00766 #endif 00767 VPNError m_lastVpnError; 00768 00769 static volatile bool mb_deleteFirstPass; 00770 00771 ConnectMgr &getConnectMgr(); 00772 00773 ProfileMgr &getProfileMgr(); 00774 UserPreferences &getUserPreferences(); 00775 00776 void displayAgentAttachMessage(); 00777 00778 void setLastDisconnectTime(time_t time); 00779 00780 void setCurrentStatePrompts(const VPNState state, 00781 const VPNState prevState, 00782 const VPNSubState subState, 00783 const bool bUpdateStateMsg); 00784 void setCurrentStateErrorMessage(VPNState state, CONNECT_FAILURE_REASON cfr); 00785 void getStateMessage(const VPNState state, 00786 const VPNState prevState, 00787 const VPNSubState subState, 00788 const NETENV_STATE neState, 00789 /*out*/ MsgWithArg& stateMessage); 00790 00791 // IPreferenceUpdateCB methods 00792 virtual void OnLoadPreferencesComplete(); 00793 virtual bool IsPreferenceOverridable(const PreferenceId ePreferenceId); 00794 virtual void OverridePreferenceValue(const PreferenceId ePreferenceId, 00795 tstring& rPrefenceValue, 00796 bool& rbOverriden); 00797 00798 void RefreshPreferences(void); 00799 00800 void displayAHSPrompt(const bool isComplete); 00801 void handleAHSPreferences(const unsigned int uiReason); 00802 void setAHSState(const unsigned int ahsState); 00803 00804 bool autoConnectIfEnabled(const bool suppressAutoConnect); 00805 00806 void clearUserSetResponseFlag(); 00807 00808 #if defined(SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED) 00809 bool processSCEPIpcMessage(CIpcMessage *pIpcMessage); 00810 bool isSCEPRedirect(); 00811 void processSCEPRedirect(); 00812 #endif // SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED 00813 00814 bool hasConnectCapabilities(); 00815 bool hasMgmtCapabilities(); 00816 00817 ClientIfcBase(const ClientIfcBase& other); 00818 ClientIfcBase& operator=(const ClientIfcBase& other); 00819 00820 #ifdef ANYCONNECT_USE_SNAK 00821 bool initializeSNAK(bool bUseExistingInstanceIfAvail); 00822 void destroySNAK(); 00823 ManagedCertificate *convertSnakToManagedCertificate(const ManagedCertHandle &snakCert); 00824 #endif 00825 }; 00826 00827 00828 #endif // _CLIENTIFCBASE_