![]() |
AnyConnect Secure Mobility Client 4.10.06090
|
00001 /************************************************************************** 00002 * Copyright (c) 2006, Cisco Systems, All Rights Reserved 00003 *************************************************************************** 00004 * 00005 * File: ClientIfcBase.h 00006 * Author: Chris Fitzgerald 00007 * Date: 08/2007 00008 * 00009 *************************************************************************** 00010 * 00011 * Client Interface Base class implementation for the Client API. 00012 * 00013 ***************************************************************************/ 00014 00015 // The ClientIfcBase class contains the majority of private methods and members. 00016 // The purpose of this class is to hide all but the necessary methods from 00017 // being exposed. 00018 // 00019 00020 #ifndef _CLIENTIFCBASE_ 00021 #define _CLIENTIFCBASE_ 00022 00023 #include <list> 00024 #include <vector> 00025 00026 00027 /* 00028 * SCRIPTING_SUPPORTED, INTERPROCESS_COMMUNICATION_SUPPORTED macro is a copy of corresponding 00029 * #define from GenDefs.h. Any change in #define for the macro in GenDefs.h must propogated to 00030 * this header file too. We duplicate this definition here due to the manner in which we distribute 00031 * our code to partners; we cannot include GenDefs.h from here. 00032 */ 00033 #if !defined(PLATFORM_APPLE_SSLVPN) && !defined(PLATFORM_ANDROID) && !defined(PLATFORM_WIN_APP) 00034 #define SCRIPTING_SUPPORTED 00035 #endif 00036 #if !defined(PLATFORM_WIN_APP) 00037 #define INTERPROCESS_COMMUNICATION_SUPPORTED 00038 #endif 00039 00040 /* 00041 * SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED macro is a copy of corresponding #define from GenDefs.h. 00042 * Any change in #define for the macro in GenDefs.h must propogated to this header file too. We 00043 * duplicate this definition here due to the manner in which we distribute our code to partners; 00044 * we cannot include GenDefs.h from here. 00045 */ 00046 #if defined(_WIN32) || defined(_WIN32_WCE) || defined(PLATFORM_DARWIN) || defined(PLATFORM_LINUX) || defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN) 00047 #define SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED 00048 #endif 00049 00050 /* 00051 * HOST_DATA_SUPPORTED macro is a copy of corresponding #define from GenDefs.h. Any change 00052 * in #define for the macro in GenDefs.h must propogated to this header file too. We duplicate 00053 * this definition here due to the manner in which we distribute our code to partners; 00054 * we cannot include GenDefs.h from here. 00055 */ 00056 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_CHROMEBOOK) 00057 #define HOST_DATA_SUPPORTED 00058 #endif 00059 00060 /* 00061 * MANUAL_PKCS12_IMPORT_SUPPORTED macro is a copy of corresponding #define from GenDefs.h. 00062 * Any change in #define for the macro in GenDefs.h must propogated to this header file too. 00063 * We duplicate this definition here due to the manner in which we distribute our 00064 * code to partners; we cannot include GenDefs.h from here. 00065 */ 00066 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) || defined(PRODUCT_TYPE_SSA) 00067 #define MANUAL_PKCS12_IMPORT_SUPPORTED 00068 #endif 00069 00070 /* 00071 * PROGRAM_DATA_IMPORT_SUPPORTED macro is a copy of corresponding #define from GenDefs.h. 00072 * Any change in #define for the macro in GenDefs.h must propogated to this header file too. 00073 * We duplicate this definition here due to the manner in which we distribute our 00074 * code to partners; we cannot include GenDefs.h from here. 00075 */ 00076 #if defined(PLATFORM_ANDROID) 00077 #define PROGRAM_DATA_IMPORT_SUPPORTED 00078 #endif 00079 00080 /* 00081 * CREDENTIAL_PREFILL_SUPPORTED macro is a copy of corresponding #define from GenDefs.h. 00082 * Any change in #define for the macro in GenDefs.h must propogated to this header file too. 00083 * We duplicate this definition here due to the manner in which we distribute our 00084 * code to partners; we cannot include GenDefs.h from here. 00085 */ 00086 #if defined(PLATFORM_ANDROID) 00087 #define CREDENTIAL_PREFILL_SUPPORTED 00088 #endif 00089 00090 #if defined(MANUAL_PKCS12_IMPORT_SUPPORTED) && !defined(__GENDEFS_H) 00091 #if defined(HAVE_STDINT_H) 00092 #include <stdint.h> 00093 #else 00094 typedef unsigned char uint8_t; 00095 #endif // HAVE_STDINT_H 00096 #endif // MANUAL_PKCS12_IMPORT_SUPPORTED 00097 00098 #include "api.h" 00099 #include "PreferenceUpdate.h" 00100 00101 #if defined(PLATFORM_WIN_APP) 00102 typedef unsigned char uint8_t; 00103 #endif 00104 00105 #if defined(HOST_DATA_SUPPORTED) 00106 #include "IHostData.h" 00107 #endif 00108 00109 #if defined(ANYCONNECT_USE_SNAK) 00110 #include "Utility/PluginLoader.h" 00111 #include "SNAK_CertPlugin.h" 00112 #include "SNAK_SocketPlugin.h" 00113 #include "SNAK_StoragePlugin.h" 00114 #endif 00115 00116 class ConnectPromptInfo; 00117 class ConnectMgr; 00118 class MsgWithArg; 00119 class VPNStats; 00120 class AgentIfc; 00121 class ProfileMgr; 00122 class ApiThread; 00123 class EventMgr; 00124 class PreferenceMgr; 00125 class PreferenceInfo; 00126 class UserPreferences; 00127 class CScriptingMgr; 00128 class CManualLock; 00129 class ProxyIfc; 00130 class CIpcMessage; 00131 class SCEPIfc; 00132 class CertObj; 00133 class CExecutionContext; 00134 class HostEntry; 00135 00136 #if defined(CREDENTIAL_PREFILL_SUPPORTED) 00137 class CredentialPrefill; 00138 #endif 00139 00140 #if !defined(PLATFORM_APPLE_SSLVPN) 00141 class CStoragePath; 00142 #endif 00143 00144 #ifdef ANYCONNECT_USE_SNAK 00145 class PluginLoader; 00146 class SNAK_StoragePlugin; 00147 class SNAK_CertPlugin; 00148 class SNAK_SocketPlugin; 00149 class SNAK_DeviceInfoPlugin; 00150 class SNAKDeviceInfoPluginCBImpl; 00151 #endif // ANYCONNECT_USE_SNAK 00152 00153 #if defined(ANYCONNECT_USE_SNAK) || defined(PLATFORM_APPLE_SSLVPN) 00154 class ManagedCertificate; 00155 class ManagedCertHandle; 00156 #endif // ANYCONNECT_USE_SNAK || PLATFORM_APPLE_SSLVPN 00157 00158 #if defined(PROGRAM_DATA_IMPORT_SUPPORTED) 00159 class IACImporterAsync; 00160 class IACImporterAsyncCB; 00161 #endif 00162 00163 class VPN_VPNAPI ClientIfcBase : private IPreferenceUpdateCB 00164 { 00165 friend class EventMgr; 00166 00167 protected: 00168 00169 /** 00170 * Callback used to deliver new statistics related to the VPN 00171 * connection. 00172 * 00173 * When a connection is active, a new set of statistics is 00174 * delivered each second. 00175 * 00176 * @see resetStats(), stopStats() and startStats() 00177 * 00178 */ 00179 virtual void StatsCB(VPNStats &stats) = 0; 00180 00181 00182 /** 00183 * Callback used to deliver VPN state and state change string. 00184 * The stateString delivered by this method is localized. 00185 * 00186 * See the ::VPNState enum found in api.h for set of valid states. 00187 */ 00188 virtual void StateCB(const VPNState state, 00189 const VPNSubState subState, 00190 const tstring stateString) = 0; 00191 00192 00193 /** 00194 * If a banner needs to be acknowledged, this CB delivers the banner 00195 * to the client. 00196 * 00197 * NOTE: Connection establishment will block until the method 00198 * setBannerResponse() is called. 00199 * 00200 * In a GUI, a banner would typically be displayed in a modal dialog 00201 * with an accept or decline button selection. 00202 * 00203 * @see setBannerResponse() to set the user response to the banner. 00204 */ 00205 virtual void BannerCB(const tstring &banner) = 0; 00206 00207 /** 00208 * If a pre-connect reminder needs to be acknowledged, this CB delivers 00209 * the pre-connect reminder to the client. 00210 * 00211 * NOTE: Connection establishment will block until the method 00212 * setPreConnectReminderResponse() is called. 00213 * 00214 * In a GUI, a pre-connect reminder would typically be displayed in a modal 00215 * dialog with an OK button selection. 00216 * 00217 * @see setPreConnectReminderResponse() to set the user acknowledgement to 00218 * the pre-connect reminder message. 00219 */ 00220 virtual void PreConnectReminderCB(const tstring &rtstrPreConnectReminder); 00221 00222 /** 00223 * Messages are delivered via the NoticeCB and can come from multiple 00224 * sources. There are four message types (error, warning, info and 00225 * status). See the ::MessageType enum in api.h for the list. 00226 * 00227 * Clients using the API as an embedded application (not 00228 * user visible) might want to further characterize 00229 * messages. One option here is to use the AnyConnect message 00230 * catalog and assign message codes as the translations for 00231 * various messages. An application could then track messages based 00232 * on its own error code scheme. 00233 */ 00234 virtual void NoticeCB(const tstring ¬ice, 00235 const MessageType type, 00236 const bool bSensitive = false) = 0; 00237 00238 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) || defined(PLATFORM_CHROMEBOOK) 00239 virtual void CertBannerCB(const tstring &certBannerSummary, 00240 const uint32_t nCertBannerCertLen, 00241 const uint8_t *pCertBannerCertDer, 00242 const std::list<tstring> &confirmReasons, 00243 const std::list<CertConfirmReason> &confirmReasonEnums, 00244 bool bImportAllowed = true) = 0; 00245 #endif 00246 00247 /** 00248 * This CB would likely occur only during a connection when it was 00249 * detected that the software needed to be upgraded, or when Start 00250 * Before Logon (SBL) is being used. 00251 * 00252 * Unlike the other callback methods, this method provides a default 00253 * implementation (calling the system's exit() function). 00254 * If clients of the API wish to override this behavior, they are 00255 * responsible for ensuring that the current running process exits with 00256 * the return code specified by returnCode. 00257 * 00258 * <b>Caution</b>: IF YOU OVERRIDE THIS METHOD AND DO NOT EXIT WITH 00259 * THE PROPER CODE SOFTWARE UPDATE FUNCTIONALITY IN YOUR CLIENT WILL 00260 * BREAK 00261 */ 00262 virtual void ExitNoticeCB(const tstring &tstrNotice, 00263 const int returnCode); 00264 00265 00266 /** 00267 * Under normal operating conditions, this CB is called as soon 00268 * as the attach method completes. In case the service (vpn agent) 00269 * is not ready, this CB is not called until it is. 00270 * 00271 * Any API calls made prior to this CB being called will result in a 00272 * NoticeCB error message. 00273 */ 00274 virtual void ServiceReadyCB() = 0; 00275 00276 00277 00278 /** 00279 * This method supports prompting for single or multiple values. All 00280 * prompts are considered mandatory. 00281 * 00282 * The ConnectPromptInfo object contains a list of PromptEntry 00283 * instances. The labels and their default values (if any) can be 00284 * found in these instances. After the data has been collected from the user 00285 * it can be set into these same instances. When ready, the client 00286 * application should call the method UserSubmit() to have the 00287 * responses read by the API. 00288 */ 00289 virtual void UserPromptCB(ConnectPromptInfo &ConnectPrompt) = 0; 00290 00291 00292 /** 00293 * Use this method to provide Window Manager hints to GUI 00294 * applications. To receive these hints, the application must 00295 * identify itself as a GUI in the attach method. In addition, this 00296 * method should be overriden to receive any generated events. 00297 * 00298 * Event that can be received include those indicating that a user is 00299 * starting a second instance of the GUI application. This information 00300 * can be used to tell the already running application to un-minimize 00301 * itself and let the new program know that it should Quit (since a GUI 00302 * is already running). 00303 */ 00304 virtual void WMHintCB(const WMHint hint, 00305 const WMHintReason reason); 00306 00307 00308 /** 00309 * This method is useful when the connection to the secure gateway 00310 * has been established as part of a web-launch of the VPN tunnel. 00311 * 00312 * If the client application wishes to be notified of the secure 00313 * gateway to which the VPN has been established, this method should 00314 * be overriden. 00315 * 00316 * If the client application is started and a tunnel is already active, 00317 * this method also delivers the name of the secure gateway host. 00318 */ 00319 virtual void deliverWebLaunchHostCB(const tstring &activeHost); 00320 00321 /** 00322 * This method is called when the preference to block untrusted 00323 * servers is enabled and the current VPN server being connected 00324 * to is untrusted. Clients should present an error to the user 00325 * notifying them that the current connection to rtstrUntrustedServer 00326 * is being blocked. The client should also provide a way for the 00327 * user to change the preference to block untrusted servers. 00328 * 00329 * The user response must be indicated using setCertBlockedResponse 00330 */ 00331 virtual void CertBlockedCB(const tstring &rtstrUntrustedServer) = 0; 00332 00333 /** 00334 * This method is called when connections to untrusted VPN servers 00335 * is allowed by policies and the current VPN server being connected 00336 * to is untrusted. Clients should present a warning to the user 00337 * notifying them that the current connection to rtstrUntrustedServer 00338 * is unsafe. The reason the VPN server is untrusted is provided in 00339 * rltstrCertErrors. The client should provide a way for the user to 00340 * connect once, connect and always trust or cancel the connection. 00341 * If bAllowImport is set to false then the always trust option should 00342 * not be presented to users. 00343 * 00344 * The user response must be indicated using setCertWarningResponse 00345 */ 00346 virtual void CertWarningCB(const tstring &rtstrUntrustedServer, 00347 const std::list<tstring> &rltstrCertErrors, 00348 bool bAllowImport) = 0; 00349 00350 #if defined(PLATFORM_WIN_APP) 00351 /** 00352 * Same as above but also passes the Server certificate DER for details display 00353 */ 00354 virtual void CertWarningCB(const tstring &rtstrUntrustedServer, 00355 const std::list<tstring> &rltstrCertErrors, 00356 const std::vector<uint8_t> &rvServerCertDER, 00357 bool bAllowImport) = 0; 00358 #endif 00359 00360 /** 00361 * This method can be overriden if the client application wishes to 00362 * exercise some control over the delivery of events from the other 00363 * protected methods in this class. 00364 * 00365 * This might be necessary in cases where a GUI is being written and 00366 * the data from this API needs to be delivered in the GUI or main 00367 * thread. In this case, you should override this method and when it 00368 * is called by the API post an event to your event queue (message 00369 * pump, etc.). After this event executes in your GUI or main thread, 00370 * call the method ClientIfc::ProcessEvents to have events delivered 00371 * to your client application. 00372 */ 00373 virtual void EventAvailable(); 00374 00375 #ifdef MANUAL_PKCS12_IMPORT_SUPPORTED 00376 virtual void ImportPKCS12ResultCB(const std::vector<uint8_t> &certHash, const tstring &tstrError); 00377 #endif 00378 #ifdef PLATFORM_ANDROID 00379 virtual void ClientCertificateCB(std::vector< std::pair<uint32_t, uint8_t*> > certList) = 0; 00380 virtual void AgentDetachedCB(); 00381 #endif 00382 00383 AgentIfc &getAgentIfc(); 00384 00385 ClientIfcBase(); 00386 00387 00388 public: 00389 00390 virtual bool attach(ClientType clientType = ClientType_GUI, 00391 bool requestFullCapabilities = true, 00392 bool suppressAutoConnect = true); 00393 00394 virtual void detach(); 00395 00396 virtual void ProcessEvents(); 00397 00398 virtual bool hasFullCapabilities(); 00399 00400 virtual bool isConnected(); 00401 00402 virtual bool isAvailable(); 00403 00404 virtual std::list<tstring> getHostNames(); 00405 00406 virtual std::list<HostEntry> getHostEntries(); 00407 00408 virtual tstring getDefaultHostName(); 00409 00410 #if defined(HOST_DATA_SUPPORTED) 00411 virtual bool connect(const IHostData& hostData); 00412 00413 bool connect(const IHostData& hostData, 00414 unsigned int origin); 00415 #else 00416 virtual bool connect(tstring host); 00417 00418 bool connect(tstring host, 00419 unsigned int origin); 00420 #endif 00421 00422 virtual bool setNewTunnelGroup(const tstring & group); 00423 00424 virtual void disconnect(); 00425 00426 virtual void cancel(); 00427 00428 virtual void resetStats(); 00429 00430 virtual void getState(); 00431 00432 VPNState getCurrentState(); 00433 VPNSubState getCurrentSubState(); 00434 VPNSubState getPreviousSubState(); 00435 00436 tstring getStateText(); 00437 static tstring getNoticeTypeText(MessageType msgType); 00438 00439 static tstring getStateText(VPNState state, 00440 VPNSubState subState = VPNSS_NORMAL, 00441 NETENV_STATE netEnvState = NES_NETWORK_ACCESSIBLE, 00442 const tstring& tstrConnectedHost = tstring()); 00443 00444 void setNetworkStates(NETENV_STATE netEnvState, 00445 NETCTRL_STATE netCtrlState, 00446 NETWORK_TYPE netType, 00447 bool bACBrowserForCPRemediation, 00448 bool bUpdateUI); 00449 void refreshOperatingModeForCurrentNetStates(); 00450 NETENV_STATE getCurrentNetEnvState(); 00451 NETENV_STATE getPreviousNetEnvState(); 00452 NETCTRL_STATE getCurrentNetCtrlState(); 00453 NETWORK_TYPE getCurrentNetType(); 00454 bool isACBrowserForCPRemediation(); 00455 00456 static tstring getNetCtrlText(NETCTRL_STATE netCtrlState); 00457 static tstring getNetEnvText(NETENV_STATE netEnvState, 00458 bool bSimple = false); 00459 static tstring getNetTypeText(NETWORK_TYPE netType); 00460 static tstring getQuarantinedStatusText(); 00461 static tstring getNetworkStatusSimpleText(const NETENV_STATE netEnvState, 00462 const NETCTRL_STATE netCtrlState); 00463 00464 // can't be static due to requiring operating mode information 00465 tstring getNetworkStatusText(const VPNState state, 00466 const VPNSubState subState, 00467 const NETENV_STATE netEnvState, 00468 const NETCTRL_STATE netCtrlState); 00469 00470 PreferenceInfo &getPreferences(); 00471 00472 bool savePreferences(); 00473 00474 virtual void startStats(); 00475 00476 virtual void stopStats(); 00477 00478 virtual void UserSubmit(); 00479 00480 void setBanner(const tstring &banner); 00481 void setBannerResponse(bool bResponse); 00482 00483 void setPreConnectReminder(const tstring &tstrPreConnectReminder); 00484 void setPreConnectReminderResponse(); 00485 00486 bool getUserResponse(); 00487 bool isUserResponseSet(); 00488 00489 void setCertBlocked(const tstring &tstrUntrustedServer); 00490 void setCertWarning(const tstring &rtstrUntrustedServer, 00491 const std::list<tstring> &rltstrCertErrors, 00492 bool bAllowImport); 00493 #if defined(PLATFORM_WIN_APP) 00494 void setCertWarning(const tstring &rtstrUntrustedServer, 00495 const std::list<tstring> &rltstrCertErrors, 00496 const std::vector<uint8_t>& rvServerCertDER, 00497 bool bAllowImport); 00498 #endif 00499 bool getCertImportResponse(); 00500 00501 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) || defined(PLATFORM_CHROMEBOOK) 00502 void setCertBanner(tstring tstrCertBannerSummary, 00503 uint32_t nCertBannerCertLen, 00504 const uint8_t *pCertBannerCertDer, 00505 const std::list<tstring> &confirmReasons, 00506 const std::list<CertConfirmReason> &confirmReasonEnums, 00507 bool bImportAllowed); 00508 00509 void setCertBannerResponse(bool bResponse, bool bImportCert); 00510 void importServerCert(std::vector<uint8_t> certData); 00511 bool setFipsMode(bool bEnableFips); 00512 #if defined(PLATFORM_ANDROID) 00513 bool setStrictMode(bool bEnableStrictMode); 00514 bool setRevocationEnabled(bool bRevocationEnabled); 00515 bool IsRevocationEnabled(); 00516 #endif // currently supported only for android 00517 #endif 00518 00519 void setUserPrompt(ConnectPromptInfo &ConnectPrompt); 00520 00521 #ifdef PLATFORM_ANDROID 00522 void setClientCertResponse(std::vector< std::pair<uint32_t, uint8_t*> > &derList); 00523 void setAgentDetached(); 00524 bool getClientCertificates(); 00525 #endif 00526 00527 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) 00528 void setSCEPEnrollInProgress(bool bInProgress); 00529 bool isSCEPEnrollInProgress(); 00530 #endif // PLATFORM_APPLE_SSLVPN || PLATFORM_ANDROID 00531 00532 #ifdef MANUAL_PKCS12_IMPORT_SUPPORTED 00533 void setImportPKCS12Result(const std::vector<uint8_t> &certHash, const tstring &tstrError); 00534 bool requestImportPKCS12(const std::vector<uint8_t> &data); 00535 std::vector<uint8_t> importPKCS12WithPassword(const std::vector<uint8_t> &data, const tstring &password); 00536 #endif 00537 00538 void setCertBlockedResponse(bool bUnlock); 00539 void setCertWarningResponse(bool bConnect, bool bImportCert); 00540 00541 void insertStateToConnectPrompt(ConnectPromptInfo &ConnectPrompt); 00542 00543 void ExitNotice(const tstring &tstrNotice, const int code = 0); 00544 00545 void notice(const tstring &tstrNotice, 00546 const MessageType type = MsgType_Info, 00547 bool bClearLastMsg = false, 00548 bool bForce = false, 00549 bool bStateMsg = false, 00550 bool bSensitiveMsg = false); 00551 00552 void notice(MsgWithArg ¬ice, 00553 const MessageType type = MsgType_Info, 00554 bool bClearLastMsg = false, 00555 bool bForce = false, 00556 bool bStateMsg = false, 00557 bool bSensitiveMsg = false); 00558 00559 void getStats(void); 00560 00561 void setStats(VPNStats &stats); 00562 00563 void exportStats(const tstring &tstrFilePath); 00564 00565 void setState(VPNState state, 00566 VPNState previousState, 00567 VPNSubState subState = VPNSS_NORMAL, 00568 bool bUpdateStateMsg = true, 00569 bool bOnlyUpdateUI = false); 00570 00571 #ifdef PROGRAM_DATA_IMPORT_SUPPORTED 00572 IACImporterAsync *createACImporter(IACImporterAsyncCB *pCallback); 00573 #endif 00574 00575 void setWMHint(WMHint hint, 00576 WMHintReason reason); 00577 00578 bool isLastConnectType (const ConnectPromptType connPromptType); 00579 00580 bool isOperatingMode(OperatingMode opMode); 00581 void setOperatingMode(OperatingMode opMode); 00582 void unsetOperatingMode(OperatingMode opMode); 00583 00584 bool CanRemediateCaptivePortal(); 00585 bool policyAllowsCaptivePortalRemediation(); 00586 00587 bool isEventShutdown(); 00588 00589 bool isUsingEventModel(); 00590 00591 time_t getLastDisconnectTime(); 00592 00593 ConnectPromptInfo getConnectPromptInfo(); 00594 void resetConnectPromptPasswordData(); 00595 00596 void setStandaloneConnection(bool isStandalone); 00597 00598 void deliverActiveHost(const tstring &activeHost, 00599 ConnectProtocolType vpnProtocol = PROTOCOL_TYPE_UNKNOWN, 00600 bool bActiveHostFriendlyName = false); 00601 00602 bool isVPNServiceReady(); 00603 00604 // reset last disconnect time indicator. 00605 // 00606 void resetLastDisconnectTime(time_t time = 1); 00607 00608 void processMinimize(); 00609 00610 // cert enrollment 00611 void setEnrollClientCert(CertObj* pCert); 00612 00613 // Show user banner for cert import warning on linux 00614 // SCEPIfc to ConnectMgr 00615 void linuxCertImportWarnUser(); 00616 00617 // Response to cert warning on linux 00618 // ConnectMgr to SCEPIfc 00619 void linuxCertImportWarnUserResponse(bool bAccept); 00620 00621 void setDefaultHost(tstring &host); 00622 00623 #if defined(HOST_DATA_SUPPORTED) 00624 void setDefaultHostProfile(const IHostData &hostProfile); 00625 IHostData* getDefaultHostData(); 00626 #endif // HOST_DATA_SUPPORTED 00627 00628 void setLastVpnError(VPNError vpnError); 00629 VPNError getLastVpnError(); 00630 00631 #ifdef PLATFORM_ANDROID 00632 bool requestClientCertificates(); 00633 #endif 00634 00635 bool requestImportLocalization(const tstring tstrLocale, 00636 const std::vector<unsigned char> &MoFileData); 00637 00638 // Start the Automatic Headend Selection operation 00639 void startAHS(const unsigned int uiReason, 00640 const ProxyIfc& proxy); 00641 // statusReturnCode is a long to match the current type of STATUSCODE. 00642 // It is not using a STATUSCODE directly so that we do not have to 00643 // expose the header files for STATUSCODEs to ClientIfcBase.h 00644 void AHSSelectedHost(const unsigned int uiReason, 00645 const std::vector<tstring> &headendList, 00646 const long statusReturnCode, 00647 const tstring& extraInfo); 00648 std::vector<tstring> getAHSHostList(); 00649 unsigned int getAHSState(); 00650 bool isAHSHasRun(); 00651 00652 bool suppressConnectionErrorPopups(); 00653 00654 tstring getCaptivePortalDetectedMsg(); 00655 00656 void setProxyAuthPrompts(ProxyIfc* pProxy, 00657 const tstring& promptMsg); 00658 00659 #if defined(INTERPROCESS_COMMUNICATION_SUPPORTED) 00660 bool handleIpcMessage(CIpcMessage *pIpcMessage); 00661 #endif 00662 bool IsCsdTokenVerified() const; 00663 00664 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) 00665 virtual void SCEPEnrollStartCB(); 00666 virtual void SCEPEnrollExitCB(); 00667 #endif // PLATFORM_APPLE_SSLVPN || PLATFORM_ANDROID 00668 00669 void activateConnectMgrTunnelInitiationCompletionEvent(); 00670 bool isConnectRequestActive(); 00671 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_CHROMEBOOK) 00672 bool deleteProfileByName(const tstring &profileName); 00673 tstring getProfileContents(const tstring &profileName); 00674 bool importProfile(const tstring &profileName, const tstring &profileContents); 00675 #endif // PLATFORM_ANDROID || PLATFORM_CHROMEBOOK 00676 00677 bool syncProfileChange(const tstring &profileName); 00678 00679 #if defined(CREDENTIAL_PREFILL_SUPPORTED) 00680 bool hasPrefilledCredentials(); 00681 bool prefillCredentials(ConnectPromptInfo &connectPrompt); 00682 void setPrefilledCredentials(CredentialPrefill *prefill); 00683 #endif 00684 00685 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN) 00686 std::list<ManagedCertificate *> enumerateCertificates(CertificateType certType); 00687 bool deleteCertificates(CertificateType certType, const std::list<std::string> &idList); 00688 bool deleteServerCertificates(const std::list<std::string> &idList); 00689 #endif // ANYCONNECT_USE_SNAK || PLATFORM_APPLE_SSLVPN 00690 00691 #if defined(ANYCONNECT_USE_SNAK) 00692 std::list<ManagedCertificate *> enumerateSNAKCertificates(SNAK_CertType certType); 00693 SNAK_CertType getSNAKCertType(CertificateType certType); 00694 bool deleteClientCertificates(const std::list<std::string> &idList); 00695 #endif // ANYCONNECT_USE_SNAK 00696 00697 #if defined(PLATFORM_APPLE_SSLVPN) 00698 bool canUseBackupServers(); 00699 00700 #endif //PLATFORM_APPLE_SSLVPN 00701 00702 virtual ~ClientIfcBase(); 00703 00704 tstring getConnectHost(); 00705 00706 tstring getMgmtTunnelHostname(); 00707 00708 VPN_TUNNEL_SCOPE getVpnTunnelScope(); 00709 00710 bool isStandaloneConnection(); 00711 00712 void sendSSoLogoutPrompt(ConnectPromptInfo &cpi); 00713 00714 void setExternalSSOLogoutUrlFromAgent(const tstring& logoutUrl); 00715 00716 private: 00717 CExecutionContext* m_pExecutionContext; 00718 CExecutionContext* m_pExecutionContextMgr; 00719 00720 AgentIfc *mo_AgentIfc; 00721 00722 ConnectMgr *mo_ConnectMgr; 00723 00724 ApiThread *mo_ConnectThread; 00725 00726 EventMgr *mo_EventMgr; 00727 00728 PreferenceMgr *mo_PreferenceMgr; 00729 00730 ConnectPromptInfo *mp_currentConnectPromptInfo; 00731 00732 PreferenceInfo *mo_EditablePrefs; 00733 00734 #if defined(SCRIPTING_SUPPORTED) 00735 CScriptingMgr *mo_ScriptingMgr; 00736 #endif // SCRIPTING_SUPPORTED 00737 00738 #if defined(SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED) 00739 SCEPIfc* m_pSCEPIfc; 00740 bool m_bInformedAgentOfSCEP; 00741 #endif // SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED 00742 #ifndef PLATFORM_APPLE_SSLVPN 00743 CStoragePath* m_pStoragePath; 00744 #endif // !PLATFORM_APPLE_SSLVPN 00745 00746 #ifdef ANYCONNECT_USE_SNAK 00747 PluginLoader *m_pPluginLoader; 00748 SNAK_CertPlugin *m_pSNAKCert; 00749 SNAK_SocketPlugin *m_pSNAKSocket; 00750 SNAK_StoragePlugin *m_pSNAKStorage; 00751 SNAK_DeviceInfoPlugin *m_pSNAKDeviceInfo; 00752 SNAKDeviceInfoPluginCBImpl *m_pSNAKDeviceInfoCB; 00753 00754 bool mb_SNAKInitialized; 00755 #endif 00756 00757 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN) 00758 bool mb_SCEPEnrollInProgress; 00759 #endif // PLATFORM_ANDROID || PLATFORM_APPLE_SSLVPN 00760 00761 bool mb_PreferenceMgrCreated; 00762 bool mb_StandaloneConnection; 00763 bool mb_UsingEventModel; 00764 bool mb_UserResponse; 00765 bool mb_IsUserResponseSet; 00766 bool mb_PerformedAutoCertEnrollment; 00767 tstring ms_PostEnrollmentConnectHost; 00768 bool mb_CaptivePortalMsgDisplayed; 00769 bool m_bSuppressMinimizeOnConnect; 00770 bool m_bSuppressConnectionErrorPopups; 00771 bool m_bLastConnectionAutomatic; 00772 bool m_bImportCertResp; 00773 bool m_bPrevMsgWasStateMsg; 00774 00775 unsigned int mui_OperatingMode; 00776 NETENV_STATE m_currentNetEnvState; 00777 NETENV_STATE m_previousNetEnvState; 00778 NETCTRL_STATE m_currentNetCtrlState; 00779 NETWORK_TYPE m_currentNetType; 00780 bool m_bACBrowserForCPRemediation; 00781 00782 tstring ms_message; 00783 00784 time_t m_disconnectTime; 00785 00786 static std::string ms_ThreadName; 00787 00788 CManualLock* m_pClientIfcStateLock; 00789 CManualLock* m_pClientIfcLock; 00790 CManualLock* m_pClientIfcPromptsLock; 00791 CManualLock* m_pClientIfcOpModeLock; 00792 CManualLock* m_pClientIfcAHSLock; 00793 CManualLock* m_pClientIfcConnectModeLock; 00794 CManualLock* m_pClientIfcInformAgentOfSCEPLock; 00795 00796 std::vector<tstring> msl_AHSSelectedHosts; 00797 ApiThread* m_pAHSThread; 00798 unsigned int m_uiAHSState; 00799 #if defined(CREDENTIAL_PREFILL_SUPPORTED) 00800 CredentialPrefill* m_pCredentialPrefill; 00801 #endif 00802 VPNError m_lastVpnError; 00803 00804 static volatile bool mb_deleteFirstPass; 00805 00806 ConnectMgr &getConnectMgr(); 00807 00808 ProfileMgr &getProfileMgr(); 00809 UserPreferences &getUserPreferences(); 00810 00811 void displayAgentAttachMessage(); 00812 00813 void setLastDisconnectTime(time_t time); 00814 00815 void setCurrentStatePrompts(const VPNState state, 00816 const VPNState prevState, 00817 const VPNSubState subState, 00818 const bool bUpdateStateMsg); 00819 void setCurrentStateErrorMessage(VPNState state, CONNECT_FAILURE_REASON cfr); 00820 void getStateMessage(const VPNState state, 00821 const VPNState prevState, 00822 const VPNSubState subState, 00823 const NETENV_STATE neState, 00824 /*out*/ MsgWithArg& stateMessage); 00825 00826 // IPreferenceUpdateCB methods 00827 virtual void OnLoadPreferencesComplete(); 00828 virtual bool IsPreferenceOverridable(const PreferenceId ePreferenceId); 00829 virtual void OverridePreferenceValue(const PreferenceId ePreferenceId, 00830 tstring& rPrefenceValue, 00831 bool& rbOverriden); 00832 00833 void RefreshPreferences(void); 00834 00835 void displayAHSPrompt(const bool isComplete); 00836 void handleAHSPreferences(const unsigned int uiReason); 00837 void setAHSState(const unsigned int ahsState); 00838 00839 bool autoConnectIfEnabled(const bool suppressAutoConnect); 00840 00841 void clearUserSetResponseFlag(); 00842 00843 bool decodeSSOToken(); 00844 00845 #if defined(SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED) 00846 bool processSCEPIpcMessage(CIpcMessage *pIpcMessage); 00847 bool isSCEPRedirect(); 00848 void processSCEPRedirect(); 00849 #endif // SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED 00850 00851 bool hasConnectCapabilities(); 00852 bool hasMgmtCapabilities(); 00853 00854 ClientIfcBase(const ClientIfcBase& other); 00855 ClientIfcBase& operator=(const ClientIfcBase& other); 00856 00857 #ifdef ANYCONNECT_USE_SNAK 00858 bool initializeSNAK(bool bUseExistingInstanceIfAvail); 00859 void destroySNAK(); 00860 ManagedCertificate *convertSnakToManagedCertificate(const ManagedCertHandle &snakCert); 00861 #endif 00862 }; 00863 00864 00865 #endif // _CLIENTIFCBASE_