AnyConnect Secure Mobility Client 4.10.06090

include/ClientIfcBase.h

00001 /**************************************************************************
00002 *       Copyright (c) 2006, Cisco Systems, All Rights Reserved
00003 ***************************************************************************
00004 *
00005 *  File:    ClientIfcBase.h
00006 *  Author:  Chris Fitzgerald
00007 *  Date:    08/2007
00008 *
00009 ***************************************************************************
00010 *
00011 *   Client Interface Base class implementation for the Client API.
00012 *
00013 ***************************************************************************/
00014 
00015 // The ClientIfcBase class contains the majority of private methods and members.
00016 // The purpose of this class is to hide all but the necessary methods from
00017 // being exposed.
00018 //
00019 
00020 #ifndef _CLIENTIFCBASE_
00021 #define _CLIENTIFCBASE_
00022 
00023 #include <list>
00024 #include <vector>
00025 
00026 
00027 /*
00028  * SCRIPTING_SUPPORTED, INTERPROCESS_COMMUNICATION_SUPPORTED macro is a copy of corresponding
00029  * #define from GenDefs.h. Any change in #define for the macro in GenDefs.h must propogated to
00030  * this header file too. We duplicate this definition here due to the manner in which we distribute
00031  * our code to partners; we cannot include GenDefs.h from here.
00032  */
00033 #if !defined(PLATFORM_APPLE_SSLVPN) && !defined(PLATFORM_ANDROID) && !defined(PLATFORM_WIN_APP)
00034 #define SCRIPTING_SUPPORTED
00035 #endif
00036 #if !defined(PLATFORM_WIN_APP)
00037 #define INTERPROCESS_COMMUNICATION_SUPPORTED
00038 #endif
00039 
00040 /*
00041  * SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED macro is a copy of corresponding #define from GenDefs.h.
00042  * Any change in #define for the macro in GenDefs.h must propogated to this header file too. We
00043  * duplicate this definition here due to the manner in which we distribute our code to partners;
00044  * we cannot include GenDefs.h from here.
00045  */
00046 #if defined(_WIN32) || defined(_WIN32_WCE) || defined(PLATFORM_DARWIN) || defined(PLATFORM_LINUX) || defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN)
00047 #define SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED
00048 #endif
00049 
00050 /*
00051  * HOST_DATA_SUPPORTED macro is a copy of corresponding #define from GenDefs.h. Any change
00052  * in #define for the macro in GenDefs.h must propogated to this header file too. We duplicate
00053  * this definition here due to the manner in which we distribute our code to partners;
00054  * we cannot include GenDefs.h from here.
00055  */
00056 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_CHROMEBOOK)
00057 #define HOST_DATA_SUPPORTED
00058 #endif
00059 
00060 /*
00061  * MANUAL_PKCS12_IMPORT_SUPPORTED macro is a copy of corresponding #define from GenDefs.h.
00062  * Any change in #define for the macro in GenDefs.h must propogated to this header file too.
00063  * We duplicate this definition here due to the manner in which we distribute our
00064  * code to partners; we cannot include GenDefs.h from here.
00065  */
00066 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) || defined(PRODUCT_TYPE_SSA)
00067 #define MANUAL_PKCS12_IMPORT_SUPPORTED
00068 #endif
00069 
00070 /*
00071  * PROGRAM_DATA_IMPORT_SUPPORTED macro is a copy of corresponding #define from GenDefs.h.
00072  * Any change in #define for the macro in GenDefs.h must propogated to this header file too.
00073  * We duplicate this definition here due to the manner in which we distribute our
00074  * code to partners; we cannot include GenDefs.h from here.
00075  */
00076 #if defined(PLATFORM_ANDROID)
00077 #define PROGRAM_DATA_IMPORT_SUPPORTED
00078 #endif
00079 
00080 /*
00081  * CREDENTIAL_PREFILL_SUPPORTED macro is a copy of corresponding #define from GenDefs.h.
00082  * Any change in #define for the macro in GenDefs.h must propogated to this header file too.
00083  * We duplicate this definition here due to the manner in which we distribute our
00084  * code to partners; we cannot include GenDefs.h from here.
00085  */
00086 #if defined(PLATFORM_ANDROID)
00087 #define CREDENTIAL_PREFILL_SUPPORTED
00088 #endif
00089 
00090 #if defined(MANUAL_PKCS12_IMPORT_SUPPORTED) && !defined(__GENDEFS_H)
00091 #if defined(HAVE_STDINT_H)
00092 #include <stdint.h>
00093 #else
00094 typedef unsigned char uint8_t;
00095 #endif // HAVE_STDINT_H
00096 #endif // MANUAL_PKCS12_IMPORT_SUPPORTED
00097 
00098 #include "api.h"
00099 #include "PreferenceUpdate.h"
00100 
00101 #if defined(PLATFORM_WIN_APP)
00102 typedef unsigned char uint8_t;
00103 #endif
00104 
00105 #if defined(HOST_DATA_SUPPORTED)
00106 #include "IHostData.h"
00107 #endif
00108 
00109 #if defined(ANYCONNECT_USE_SNAK)
00110 #include "Utility/PluginLoader.h"
00111 #include "SNAK_CertPlugin.h"
00112 #include "SNAK_SocketPlugin.h"
00113 #include "SNAK_StoragePlugin.h"
00114 #endif 
00115 
00116 class ConnectPromptInfo;
00117 class ConnectMgr;
00118 class MsgWithArg;
00119 class VPNStats;
00120 class AgentIfc;
00121 class ProfileMgr;
00122 class ApiThread;
00123 class EventMgr;
00124 class PreferenceMgr;
00125 class PreferenceInfo;
00126 class UserPreferences;
00127 class CScriptingMgr;
00128 class CManualLock;
00129 class ProxyIfc;
00130 class CIpcMessage;
00131 class SCEPIfc;
00132 class CertObj;
00133 class CExecutionContext;
00134 class HostEntry;
00135 
00136 #if defined(CREDENTIAL_PREFILL_SUPPORTED)
00137 class CredentialPrefill;
00138 #endif
00139 
00140 #if !defined(PLATFORM_APPLE_SSLVPN)
00141 class CStoragePath;
00142 #endif
00143 
00144 #ifdef ANYCONNECT_USE_SNAK
00145 class PluginLoader;
00146 class SNAK_StoragePlugin;
00147 class SNAK_CertPlugin;
00148 class SNAK_SocketPlugin;
00149 class SNAK_DeviceInfoPlugin;
00150 class SNAKDeviceInfoPluginCBImpl;
00151 #endif // ANYCONNECT_USE_SNAK
00152 
00153 #if defined(ANYCONNECT_USE_SNAK) || defined(PLATFORM_APPLE_SSLVPN)
00154 class ManagedCertificate;
00155 class ManagedCertHandle;
00156 #endif // ANYCONNECT_USE_SNAK || PLATFORM_APPLE_SSLVPN
00157 
00158 #if defined(PROGRAM_DATA_IMPORT_SUPPORTED)
00159 class IACImporterAsync;
00160 class IACImporterAsyncCB;
00161 #endif
00162 
00163 class VPN_VPNAPI ClientIfcBase : private IPreferenceUpdateCB
00164 {
00165     friend class EventMgr;
00166 
00167     protected:
00168 
00169         /**
00170         * Callback used to deliver new statistics related to the VPN
00171         * connection.
00172         *
00173         * When a connection is active, a new set of statistics is
00174         * delivered each second.
00175         *
00176         * @see resetStats(), stopStats() and startStats()
00177         *
00178         */
00179         virtual void StatsCB(VPNStats &stats) = 0;
00180 
00181 
00182         /**
00183         * Callback used to deliver VPN state and state change string.
00184         * The stateString delivered by this method is localized.
00185         *
00186         * See the ::VPNState enum found in api.h for set of valid states.
00187         */
00188         virtual void StateCB(const VPNState state,
00189                              const VPNSubState subState,
00190                              const tstring stateString) = 0;
00191 
00192 
00193         /**
00194         * If a banner needs to be acknowledged, this CB delivers the banner
00195         * to the client.
00196         *
00197         * NOTE: Connection establishment will block until the method
00198         * setBannerResponse() is called.
00199         *
00200         * In a GUI, a banner would typically be displayed in a modal dialog
00201         * with an accept or decline button selection.
00202         *
00203         * @see setBannerResponse() to set the user response to the banner.
00204         */
00205         virtual void BannerCB(const tstring &banner) = 0;
00206 
00207         /**
00208          * If a pre-connect reminder needs to be acknowledged, this CB delivers
00209          * the pre-connect reminder to the client. 
00210          *
00211          * NOTE: Connection establishment will block until the method
00212          * setPreConnectReminderResponse() is called.
00213          *
00214          * In a GUI, a pre-connect reminder would typically be displayed in a modal
00215          * dialog with an OK button selection.
00216          *
00217          * @see setPreConnectReminderResponse() to set the user acknowledgement to
00218          * the pre-connect reminder message.
00219          */  
00220         virtual void PreConnectReminderCB(const tstring &rtstrPreConnectReminder);
00221 
00222         /**
00223         * Messages are delivered via the NoticeCB and can come from multiple
00224         * sources.  There are four message types (error, warning, info and
00225         * status).  See the ::MessageType enum in api.h for the list.
00226         *
00227         * Clients using the API as an embedded application (not
00228         * user visible) might want to further characterize
00229         * messages.  One option here is to use the AnyConnect message
00230         * catalog and assign message codes as the translations for
00231         * various messages.  An application could then track messages based
00232         * on its own error code scheme.
00233         */    
00234         virtual void NoticeCB(const tstring &notice,
00235                               const MessageType type,
00236                               const bool bSensitive = false) = 0;
00237 
00238 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) || defined(PLATFORM_CHROMEBOOK)
00239         virtual void CertBannerCB(const tstring &certBannerSummary,
00240                                   const uint32_t nCertBannerCertLen,
00241                                   const uint8_t *pCertBannerCertDer,
00242                                   const std::list<tstring> &confirmReasons,
00243                                   const std::list<CertConfirmReason> &confirmReasonEnums,
00244                                   bool bImportAllowed = true) = 0;
00245 #endif
00246 
00247         /**
00248         * This CB would likely occur only during a connection when it was
00249         * detected that the software needed to be upgraded, or when Start
00250         * Before Logon (SBL) is being used.
00251         *
00252         * Unlike the other callback methods, this method provides a default
00253         * implementation (calling the system's exit() function).
00254         * If clients of the API wish to override this behavior, they are
00255         * responsible for ensuring that the current running process exits with
00256         * the return code specified by returnCode.
00257         *
00258         * <b>Caution</b>: IF YOU OVERRIDE THIS METHOD AND DO NOT EXIT WITH
00259         * THE PROPER CODE SOFTWARE UPDATE FUNCTIONALITY IN YOUR CLIENT WILL
00260         * BREAK
00261         */
00262         virtual void ExitNoticeCB(const tstring &tstrNotice,
00263                                   const int returnCode);
00264 
00265 
00266         /**
00267         * Under normal operating conditions, this CB is called as soon
00268         * as the attach method completes.  In case the service (vpn agent)
00269         * is not ready, this CB is not called until it is.
00270         *
00271         * Any API calls made prior to this CB being called will result in a
00272         * NoticeCB error message.
00273         */
00274         virtual void ServiceReadyCB() = 0;
00275 
00276 
00277 
00278         /**
00279         * This method supports prompting for single or multiple values.  All
00280         * prompts are considered mandatory.
00281         *
00282         * The ConnectPromptInfo object contains a list of PromptEntry
00283         * instances.  The labels and their default values (if any) can be
00284         * found in these instances.  After the data has been collected from the user
00285         * it can be set into these same instances.  When ready, the client
00286         * application should call the method UserSubmit() to have the
00287         * responses read by the API.
00288         */
00289         virtual void UserPromptCB(ConnectPromptInfo &ConnectPrompt) = 0;
00290 
00291 
00292         /**
00293         * Use this method to provide Window Manager hints to GUI
00294         * applications.  To receive these hints, the application must
00295         * identify itself as a GUI in the attach method.  In addition, this
00296         * method should be overriden to receive any generated events.
00297         *
00298         * Event that can be received include those indicating that a user is
00299         * starting a second instance of the GUI application.  This information
00300         * can be used to tell the already running application to un-minimize
00301         * itself and let the new program know that it should Quit (since a GUI
00302         * is already running).
00303         */
00304         virtual void WMHintCB(const WMHint hint,
00305                               const WMHintReason reason);
00306 
00307 
00308         /**
00309         * This method is useful when the connection to the secure gateway
00310         * has been established as part of a web-launch of the VPN tunnel.
00311         *
00312         * If the client application wishes to be notified of the secure
00313         * gateway to which the VPN has been established, this method should
00314         * be overriden.
00315         *
00316         * If the client application is started and a tunnel is already active,
00317         * this method also delivers the name of the secure gateway host.
00318         */
00319         virtual void deliverWebLaunchHostCB(const tstring &activeHost);
00320 
00321         /**
00322         * This method is called when the preference to block untrusted
00323         * servers is enabled and the current VPN server being connected
00324         * to is untrusted. Clients should present an error to the user
00325         * notifying them that the current connection to rtstrUntrustedServer
00326         * is being blocked. The client should also provide a way for the
00327         * user to change the preference to block untrusted servers.
00328         *
00329         * The user response must be indicated using setCertBlockedResponse
00330         */
00331         virtual void CertBlockedCB(const tstring &rtstrUntrustedServer) = 0;
00332 
00333         /**
00334         * This method is called when connections to untrusted VPN servers
00335         * is allowed by policies and the current VPN server being connected
00336         * to is untrusted. Clients should present a warning to the user
00337         * notifying them that the current connection to rtstrUntrustedServer
00338         * is unsafe. The reason the VPN server is untrusted is provided in
00339         * rltstrCertErrors. The client should provide a way for the user to
00340         * connect once, connect and always trust or cancel the connection.
00341         * If bAllowImport is set to false then the always trust option should
00342         * not be presented to users.
00343         *
00344         * The user response must be indicated using setCertWarningResponse
00345         */
00346         virtual void CertWarningCB(const tstring &rtstrUntrustedServer,
00347                                    const std::list<tstring> &rltstrCertErrors,
00348                                    bool bAllowImport) = 0;
00349 
00350 #if defined(PLATFORM_WIN_APP)
00351         /**
00352         * Same as above but also passes the Server certificate DER for details display
00353         */
00354         virtual void CertWarningCB(const tstring &rtstrUntrustedServer,
00355                                    const std::list<tstring> &rltstrCertErrors,
00356                                    const std::vector<uint8_t> &rvServerCertDER,
00357                                    bool bAllowImport) = 0;
00358 #endif
00359 
00360         /**
00361         * This method can be overriden if the client application wishes to
00362         * exercise some control over the delivery of events from the other
00363         * protected methods in this class.
00364         *
00365         * This might be necessary in cases where a GUI is being written and
00366         * the data from this API needs to be delivered in the GUI or main
00367         * thread.  In this case, you should override this method and when it
00368         * is called by the API post an event to your event queue (message
00369         * pump, etc.).  After this event executes in your GUI or main thread,
00370         * call the method ClientIfc::ProcessEvents to have events delivered
00371         * to your client application.
00372         */
00373         virtual void EventAvailable();
00374 
00375 #ifdef MANUAL_PKCS12_IMPORT_SUPPORTED
00376         virtual void ImportPKCS12ResultCB(const std::vector<uint8_t> &certHash, const tstring &tstrError);
00377 #endif        
00378 #ifdef PLATFORM_ANDROID
00379         virtual void ClientCertificateCB(std::vector< std::pair<uint32_t, uint8_t*> > certList) = 0;
00380         virtual void AgentDetachedCB();
00381 #endif
00382 
00383         AgentIfc &getAgentIfc();
00384 
00385         ClientIfcBase();
00386 
00387 
00388     public:
00389 
00390         virtual bool attach(ClientType clientType = ClientType_GUI,
00391                             bool requestFullCapabilities = true,
00392                             bool suppressAutoConnect = true);
00393 
00394         virtual void detach();
00395 
00396         virtual void ProcessEvents();
00397 
00398         virtual bool hasFullCapabilities();
00399 
00400         virtual bool isConnected();
00401 
00402         virtual bool isAvailable();
00403 
00404         virtual std::list<tstring> getHostNames();
00405 
00406         virtual std::list<HostEntry> getHostEntries();
00407 
00408         virtual tstring getDefaultHostName();
00409 
00410 #if defined(HOST_DATA_SUPPORTED)
00411         virtual bool connect(const IHostData& hostData);
00412                 
00413         bool connect(const IHostData& hostData,
00414                      unsigned int origin);
00415 #else
00416         virtual bool connect(tstring host);
00417 
00418         bool connect(tstring host,
00419                      unsigned int origin);
00420 #endif
00421 
00422         virtual bool setNewTunnelGroup(const tstring & group);
00423 
00424         virtual void disconnect();
00425 
00426         virtual void cancel();
00427 
00428         virtual void resetStats();
00429 
00430         virtual void getState();
00431 
00432         VPNState getCurrentState();
00433         VPNSubState getCurrentSubState();
00434         VPNSubState getPreviousSubState();
00435 
00436         tstring getStateText();
00437         static tstring getNoticeTypeText(MessageType msgType);
00438 
00439         static tstring getStateText(VPNState state,
00440                                     VPNSubState subState = VPNSS_NORMAL,
00441                                     NETENV_STATE netEnvState = NES_NETWORK_ACCESSIBLE,
00442                                     const tstring& tstrConnectedHost = tstring());
00443 
00444         void setNetworkStates(NETENV_STATE netEnvState, 
00445                               NETCTRL_STATE netCtrlState,
00446                               NETWORK_TYPE netType,
00447                               bool bACBrowserForCPRemediation,
00448                               bool bUpdateUI);
00449         void refreshOperatingModeForCurrentNetStates();
00450         NETENV_STATE getCurrentNetEnvState();
00451         NETENV_STATE getPreviousNetEnvState();
00452         NETCTRL_STATE getCurrentNetCtrlState();
00453         NETWORK_TYPE getCurrentNetType();
00454         bool isACBrowserForCPRemediation();
00455 
00456         static tstring getNetCtrlText(NETCTRL_STATE netCtrlState);
00457         static tstring getNetEnvText(NETENV_STATE netEnvState,
00458                                      bool bSimple = false);
00459         static tstring getNetTypeText(NETWORK_TYPE netType);
00460         static tstring getQuarantinedStatusText();
00461         static tstring getNetworkStatusSimpleText(const NETENV_STATE netEnvState,
00462                                                   const NETCTRL_STATE netCtrlState);
00463 
00464         // can't be static due to requiring operating mode information
00465         tstring getNetworkStatusText(const VPNState state,
00466                                      const VPNSubState subState,
00467                                      const NETENV_STATE netEnvState,
00468                                      const NETCTRL_STATE netCtrlState);
00469 
00470         PreferenceInfo &getPreferences();
00471 
00472         bool savePreferences();
00473 
00474         virtual void startStats();
00475 
00476         virtual void stopStats();
00477 
00478         virtual void UserSubmit();
00479 
00480         void setBanner(const tstring &banner);
00481         void setBannerResponse(bool bResponse);
00482 
00483         void setPreConnectReminder(const tstring &tstrPreConnectReminder);
00484         void setPreConnectReminderResponse();
00485 
00486         bool getUserResponse();
00487         bool isUserResponseSet();
00488 
00489         void setCertBlocked(const tstring &tstrUntrustedServer);
00490         void setCertWarning(const tstring &rtstrUntrustedServer,
00491                             const std::list<tstring> &rltstrCertErrors,
00492                             bool bAllowImport);
00493 #if defined(PLATFORM_WIN_APP)
00494         void setCertWarning(const tstring &rtstrUntrustedServer,
00495                             const std::list<tstring> &rltstrCertErrors,
00496                             const std::vector<uint8_t>& rvServerCertDER,
00497                             bool bAllowImport);
00498 #endif
00499         bool getCertImportResponse();
00500 
00501 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) || defined(PLATFORM_CHROMEBOOK)
00502         void setCertBanner(tstring tstrCertBannerSummary,
00503                            uint32_t nCertBannerCertLen,
00504                            const uint8_t *pCertBannerCertDer,
00505                            const std::list<tstring> &confirmReasons,
00506                            const std::list<CertConfirmReason> &confirmReasonEnums,
00507                            bool bImportAllowed);
00508 
00509         void setCertBannerResponse(bool bResponse, bool bImportCert);
00510         void importServerCert(std::vector<uint8_t> certData);
00511         bool setFipsMode(bool bEnableFips);
00512 #if defined(PLATFORM_ANDROID)
00513         bool setStrictMode(bool bEnableStrictMode);
00514         bool setRevocationEnabled(bool bRevocationEnabled);
00515         bool IsRevocationEnabled();
00516 #endif // currently supported only for android
00517 #endif
00518 
00519         void setUserPrompt(ConnectPromptInfo &ConnectPrompt);
00520 
00521 #ifdef PLATFORM_ANDROID
00522         void setClientCertResponse(std::vector< std::pair<uint32_t, uint8_t*> > &derList);
00523         void setAgentDetached();
00524         bool getClientCertificates();
00525 #endif
00526 
00527 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID)
00528         void setSCEPEnrollInProgress(bool bInProgress);
00529         bool isSCEPEnrollInProgress();
00530 #endif // PLATFORM_APPLE_SSLVPN || PLATFORM_ANDROID
00531 
00532 #ifdef MANUAL_PKCS12_IMPORT_SUPPORTED
00533         void setImportPKCS12Result(const std::vector<uint8_t> &certHash, const tstring &tstrError);
00534         bool requestImportPKCS12(const std::vector<uint8_t> &data);
00535         std::vector<uint8_t> importPKCS12WithPassword(const std::vector<uint8_t> &data, const tstring &password);
00536 #endif
00537 
00538         void setCertBlockedResponse(bool bUnlock);
00539         void setCertWarningResponse(bool bConnect, bool bImportCert);
00540 
00541         void insertStateToConnectPrompt(ConnectPromptInfo &ConnectPrompt);
00542 
00543         void ExitNotice(const tstring &tstrNotice, const int code = 0);
00544 
00545         void notice(const tstring &tstrNotice,
00546                     const MessageType type = MsgType_Info,
00547                     bool bClearLastMsg = false,
00548                     bool bForce = false,
00549                     bool bStateMsg = false,
00550                     bool bSensitiveMsg = false);
00551 
00552         void notice(MsgWithArg &notice,
00553                     const MessageType type = MsgType_Info,
00554                     bool bClearLastMsg = false,
00555                     bool bForce = false,
00556                     bool bStateMsg = false,
00557                     bool bSensitiveMsg = false);
00558 
00559         void getStats(void);
00560 
00561         void setStats(VPNStats &stats);
00562 
00563         void exportStats(const tstring &tstrFilePath);
00564 
00565         void setState(VPNState state,
00566                       VPNState previousState,
00567                       VPNSubState subState = VPNSS_NORMAL,
00568                       bool bUpdateStateMsg = true,
00569                       bool bOnlyUpdateUI = false);
00570 
00571 #ifdef PROGRAM_DATA_IMPORT_SUPPORTED
00572         IACImporterAsync *createACImporter(IACImporterAsyncCB *pCallback);
00573 #endif
00574 
00575         void setWMHint(WMHint hint,
00576                        WMHintReason reason);
00577 
00578         bool isLastConnectType (const ConnectPromptType connPromptType);
00579 
00580         bool isOperatingMode(OperatingMode opMode);
00581         void setOperatingMode(OperatingMode opMode);
00582         void unsetOperatingMode(OperatingMode opMode);
00583 
00584         bool CanRemediateCaptivePortal();
00585         bool policyAllowsCaptivePortalRemediation();
00586 
00587         bool isEventShutdown();
00588 
00589         bool isUsingEventModel();
00590 
00591         time_t getLastDisconnectTime();
00592 
00593         ConnectPromptInfo getConnectPromptInfo();
00594         void resetConnectPromptPasswordData();
00595 
00596         void setStandaloneConnection(bool isStandalone);
00597 
00598         void deliverActiveHost(const tstring &activeHost,
00599                                ConnectProtocolType vpnProtocol = PROTOCOL_TYPE_UNKNOWN,
00600                                bool bActiveHostFriendlyName = false);
00601 
00602         bool isVPNServiceReady();
00603 
00604         // reset last disconnect time indicator.
00605         //
00606         void resetLastDisconnectTime(time_t time = 1);
00607 
00608         void processMinimize();
00609         
00610         // cert enrollment
00611         void setEnrollClientCert(CertObj* pCert);
00612 
00613         // Show user banner for cert import warning on linux
00614         // SCEPIfc to ConnectMgr
00615         void linuxCertImportWarnUser();
00616 
00617         // Response to cert warning on linux
00618         // ConnectMgr to SCEPIfc
00619         void linuxCertImportWarnUserResponse(bool bAccept);
00620 
00621         void setDefaultHost(tstring &host);
00622 
00623 #if defined(HOST_DATA_SUPPORTED)
00624         void setDefaultHostProfile(const IHostData &hostProfile);
00625         IHostData* getDefaultHostData();
00626 #endif // HOST_DATA_SUPPORTED
00627 
00628         void setLastVpnError(VPNError vpnError);
00629         VPNError getLastVpnError();
00630 
00631 #ifdef PLATFORM_ANDROID
00632         bool requestClientCertificates();
00633 #endif
00634 
00635         bool requestImportLocalization(const tstring tstrLocale,
00636                                        const std::vector<unsigned char> &MoFileData);
00637 
00638         // Start the Automatic Headend Selection operation
00639         void startAHS(const unsigned int uiReason, 
00640                       const ProxyIfc& proxy);
00641         // statusReturnCode is a long to match the current type of STATUSCODE.
00642         // It is not using a STATUSCODE directly so that we do not have to
00643         // expose the header files for STATUSCODEs to ClientIfcBase.h
00644         void AHSSelectedHost(const unsigned int uiReason,
00645                              const std::vector<tstring> &headendList,
00646                              const long statusReturnCode,
00647                              const tstring& extraInfo);
00648         std::vector<tstring> getAHSHostList();
00649         unsigned int getAHSState();
00650         bool isAHSHasRun();
00651 
00652         bool suppressConnectionErrorPopups();
00653 
00654         tstring getCaptivePortalDetectedMsg();        
00655 
00656         void setProxyAuthPrompts(ProxyIfc* pProxy,
00657                                  const tstring& promptMsg);
00658 
00659 #if defined(INTERPROCESS_COMMUNICATION_SUPPORTED)
00660         bool handleIpcMessage(CIpcMessage *pIpcMessage);
00661 #endif
00662         bool IsCsdTokenVerified() const;
00663 
00664 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID)
00665         virtual void SCEPEnrollStartCB();
00666         virtual void SCEPEnrollExitCB();
00667 #endif // PLATFORM_APPLE_SSLVPN || PLATFORM_ANDROID
00668         
00669         void activateConnectMgrTunnelInitiationCompletionEvent();
00670         bool isConnectRequestActive();
00671 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_CHROMEBOOK)
00672         bool deleteProfileByName(const tstring &profileName);
00673         tstring getProfileContents(const tstring &profileName);
00674         bool importProfile(const tstring &profileName, const tstring &profileContents);
00675 #endif // PLATFORM_ANDROID || PLATFORM_CHROMEBOOK
00676 
00677         bool syncProfileChange(const tstring &profileName);
00678 
00679 #if defined(CREDENTIAL_PREFILL_SUPPORTED)
00680         bool hasPrefilledCredentials();
00681         bool prefillCredentials(ConnectPromptInfo &connectPrompt);
00682         void setPrefilledCredentials(CredentialPrefill *prefill);
00683 #endif
00684 
00685 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN)
00686         std::list<ManagedCertificate *> enumerateCertificates(CertificateType certType);
00687         bool deleteCertificates(CertificateType certType, const std::list<std::string> &idList);
00688         bool deleteServerCertificates(const std::list<std::string> &idList);
00689 #endif // ANYCONNECT_USE_SNAK || PLATFORM_APPLE_SSLVPN        
00690 
00691 #if defined(ANYCONNECT_USE_SNAK)        
00692         std::list<ManagedCertificate *> enumerateSNAKCertificates(SNAK_CertType certType);
00693         SNAK_CertType getSNAKCertType(CertificateType certType);
00694         bool deleteClientCertificates(const std::list<std::string> &idList);
00695 #endif // ANYCONNECT_USE_SNAK
00696 
00697 #if defined(PLATFORM_APPLE_SSLVPN)
00698         bool canUseBackupServers();
00699     
00700 #endif //PLATFORM_APPLE_SSLVPN
00701     
00702         virtual ~ClientIfcBase();
00703 
00704         tstring getConnectHost();
00705 
00706         tstring getMgmtTunnelHostname();
00707 
00708         VPN_TUNNEL_SCOPE getVpnTunnelScope();
00709 
00710         bool isStandaloneConnection();
00711 
00712         void sendSSoLogoutPrompt(ConnectPromptInfo &cpi);
00713 
00714         void setExternalSSOLogoutUrlFromAgent(const tstring& logoutUrl);
00715 
00716     private:
00717         CExecutionContext* m_pExecutionContext;
00718         CExecutionContext* m_pExecutionContextMgr;
00719 
00720         AgentIfc *mo_AgentIfc;
00721 
00722         ConnectMgr *mo_ConnectMgr;
00723 
00724         ApiThread  *mo_ConnectThread;
00725 
00726         EventMgr  *mo_EventMgr;
00727 
00728         PreferenceMgr *mo_PreferenceMgr;
00729 
00730         ConnectPromptInfo *mp_currentConnectPromptInfo;
00731 
00732         PreferenceInfo *mo_EditablePrefs;
00733 
00734 #if defined(SCRIPTING_SUPPORTED)
00735         CScriptingMgr *mo_ScriptingMgr;
00736 #endif // SCRIPTING_SUPPORTED
00737 
00738 #if defined(SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED)
00739         SCEPIfc* m_pSCEPIfc;
00740         bool m_bInformedAgentOfSCEP;
00741 #endif // SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED
00742 #ifndef PLATFORM_APPLE_SSLVPN
00743         CStoragePath* m_pStoragePath;
00744 #endif // !PLATFORM_APPLE_SSLVPN
00745 
00746 #ifdef ANYCONNECT_USE_SNAK
00747         PluginLoader *m_pPluginLoader;
00748         SNAK_CertPlugin *m_pSNAKCert;
00749         SNAK_SocketPlugin *m_pSNAKSocket;
00750         SNAK_StoragePlugin *m_pSNAKStorage;
00751         SNAK_DeviceInfoPlugin *m_pSNAKDeviceInfo;
00752         SNAKDeviceInfoPluginCBImpl *m_pSNAKDeviceInfoCB;
00753 
00754         bool mb_SNAKInitialized;
00755 #endif
00756 
00757 #if  defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN)
00758         bool mb_SCEPEnrollInProgress;
00759 #endif // PLATFORM_ANDROID || PLATFORM_APPLE_SSLVPN
00760 
00761         bool mb_PreferenceMgrCreated;
00762         bool mb_StandaloneConnection;
00763         bool mb_UsingEventModel;
00764         bool mb_UserResponse;
00765         bool mb_IsUserResponseSet;
00766         bool mb_PerformedAutoCertEnrollment;
00767         tstring ms_PostEnrollmentConnectHost;
00768         bool mb_CaptivePortalMsgDisplayed;
00769         bool m_bSuppressMinimizeOnConnect;
00770         bool m_bSuppressConnectionErrorPopups;
00771         bool m_bLastConnectionAutomatic;
00772         bool m_bImportCertResp;
00773                 bool m_bPrevMsgWasStateMsg;
00774 
00775         unsigned int mui_OperatingMode;
00776         NETENV_STATE m_currentNetEnvState;
00777         NETENV_STATE m_previousNetEnvState;
00778         NETCTRL_STATE m_currentNetCtrlState;
00779         NETWORK_TYPE m_currentNetType;
00780         bool m_bACBrowserForCPRemediation;
00781 
00782         tstring ms_message;
00783 
00784         time_t m_disconnectTime;
00785 
00786         static std::string ms_ThreadName;
00787 
00788         CManualLock* m_pClientIfcStateLock;
00789         CManualLock* m_pClientIfcLock;
00790         CManualLock* m_pClientIfcPromptsLock;
00791         CManualLock* m_pClientIfcOpModeLock;
00792         CManualLock* m_pClientIfcAHSLock;
00793         CManualLock* m_pClientIfcConnectModeLock;
00794         CManualLock* m_pClientIfcInformAgentOfSCEPLock;
00795 
00796         std::vector<tstring> msl_AHSSelectedHosts;
00797         ApiThread* m_pAHSThread;
00798         unsigned int m_uiAHSState;
00799 #if defined(CREDENTIAL_PREFILL_SUPPORTED)
00800         CredentialPrefill* m_pCredentialPrefill;
00801 #endif
00802         VPNError m_lastVpnError;
00803 
00804         static volatile bool mb_deleteFirstPass;
00805 
00806         ConnectMgr &getConnectMgr();
00807 
00808         ProfileMgr &getProfileMgr();
00809         UserPreferences &getUserPreferences();
00810 
00811         void displayAgentAttachMessage();
00812 
00813         void setLastDisconnectTime(time_t time);
00814 
00815         void setCurrentStatePrompts(const VPNState state, 
00816                                     const VPNState prevState,
00817                                     const VPNSubState subState,
00818                                     const bool bUpdateStateMsg);
00819         void setCurrentStateErrorMessage(VPNState state, CONNECT_FAILURE_REASON cfr);
00820         void getStateMessage(const VPNState state, 
00821                              const VPNState prevState,
00822                              const VPNSubState subState,
00823                              const NETENV_STATE neState,
00824                              /*out*/ MsgWithArg& stateMessage);
00825 
00826         // IPreferenceUpdateCB methods
00827         virtual void OnLoadPreferencesComplete();
00828         virtual bool IsPreferenceOverridable(const PreferenceId ePreferenceId);
00829         virtual void OverridePreferenceValue(const PreferenceId ePreferenceId,
00830                                              tstring& rPrefenceValue,
00831                                              bool& rbOverriden);
00832 
00833         void RefreshPreferences(void);
00834 
00835         void displayAHSPrompt(const bool isComplete);
00836         void handleAHSPreferences(const unsigned int uiReason);
00837         void setAHSState(const unsigned int ahsState);
00838 
00839         bool autoConnectIfEnabled(const bool suppressAutoConnect);
00840 
00841         void clearUserSetResponseFlag();
00842 
00843                 bool decodeSSOToken();
00844 
00845 #if defined(SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED)
00846         bool processSCEPIpcMessage(CIpcMessage *pIpcMessage);
00847         bool isSCEPRedirect();
00848         void processSCEPRedirect();
00849 #endif // SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED
00850 
00851         bool hasConnectCapabilities();
00852         bool hasMgmtCapabilities();
00853 
00854         ClientIfcBase(const ClientIfcBase& other);
00855         ClientIfcBase& operator=(const ClientIfcBase& other);
00856 
00857 #ifdef ANYCONNECT_USE_SNAK
00858         bool initializeSNAK(bool bUseExistingInstanceIfAvail);
00859         void destroySNAK();
00860         ManagedCertificate *convertSnakToManagedCertificate(const ManagedCertHandle &snakCert);
00861 #endif
00862 };
00863 
00864 
00865 #endif // _CLIENTIFCBASE_