AnyConnect Secure Mobility Client  4.10.08025
ClientIfcBase.h
1 /**************************************************************************
2 * Copyright (c) 2006, 2023 Cisco Systems, All Rights Reserved
3 ***************************************************************************
4 *
5 * File: ClientIfcBase.h
6 * Author: Chris Fitzgerald
7 * Date: 08/2007
8 *
9 ***************************************************************************
10 *
11 * Client Interface Base class implementation for the Client API.
12 *
13 ***************************************************************************/
14 
15 // The ClientIfcBase class contains the majority of private methods and members.
16 // The purpose of this class is to hide all but the necessary methods from
17 // being exposed.
18 //
19 
20 #ifndef _CLIENTIFCBASE_
21 #define _CLIENTIFCBASE_
22 
23 #include <list>
24 #include <vector>
25 
26 
27 /*
28  * SCRIPTING_SUPPORTED, INTERPROCESS_COMMUNICATION_SUPPORTED macro is a copy of corresponding
29  * #define from GenDefs.h. Any change in #define for the macro in GenDefs.h must propogated to
30  * this header file too. We duplicate this definition here due to the manner in which we distribute
31  * our code to partners; we cannot include GenDefs.h from here.
32  */
33 #if !defined(PLATFORM_APPLE_SSLVPN) && !defined(PLATFORM_ANDROID) && !defined(PLATFORM_WIN_APP)
34 #define SCRIPTING_SUPPORTED
35 #endif
36 #if !defined(PLATFORM_WIN_APP)
37 #define INTERPROCESS_COMMUNICATION_SUPPORTED
38 #endif
39 
40 /*
41  * SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED macro is a copy of corresponding #define from GenDefs.h.
42  * Any change in #define for the macro in GenDefs.h must propogated to this header file too. We
43  * duplicate this definition here due to the manner in which we distribute our code to partners;
44  * we cannot include GenDefs.h from here.
45  */
46 #if defined(_WIN32) || defined(_WIN32_WCE) || defined(PLATFORM_DARWIN) || defined(PLATFORM_LINUX) || defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN)
47 #define SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED
48 #endif
49 
50 /*
51  * HOST_DATA_SUPPORTED macro is a copy of corresponding #define from GenDefs.h. Any change
52  * in #define for the macro in GenDefs.h must propogated to this header file too. We duplicate
53  * this definition here due to the manner in which we distribute our code to partners;
54  * we cannot include GenDefs.h from here.
55  */
56 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_CHROMEBOOK)
57 #define HOST_DATA_SUPPORTED
58 #endif
59 
60 /*
61  * MANUAL_PKCS12_IMPORT_SUPPORTED macro is a copy of corresponding #define from GenDefs.h.
62  * Any change in #define for the macro in GenDefs.h must propogated to this header file too.
63  * We duplicate this definition here due to the manner in which we distribute our
64  * code to partners; we cannot include GenDefs.h from here.
65  */
66 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) || defined(PRODUCT_TYPE_SSA)
67 #define MANUAL_PKCS12_IMPORT_SUPPORTED
68 #endif
69 
70 /*
71  * PROGRAM_DATA_IMPORT_SUPPORTED macro is a copy of corresponding #define from GenDefs.h.
72  * Any change in #define for the macro in GenDefs.h must propogated to this header file too.
73  * We duplicate this definition here due to the manner in which we distribute our
74  * code to partners; we cannot include GenDefs.h from here.
75  */
76 #if defined(PLATFORM_ANDROID)
77 #define PROGRAM_DATA_IMPORT_SUPPORTED
78 #endif
79 
80 /*
81  * CREDENTIAL_PREFILL_SUPPORTED macro is a copy of corresponding #define from GenDefs.h.
82  * Any change in #define for the macro in GenDefs.h must propogated to this header file too.
83  * We duplicate this definition here due to the manner in which we distribute our
84  * code to partners; we cannot include GenDefs.h from here.
85  */
86 #if defined(PLATFORM_ANDROID)
87 #define CREDENTIAL_PREFILL_SUPPORTED
88 #endif
89 
90 #if defined(MANUAL_PKCS12_IMPORT_SUPPORTED) && !defined(__GENDEFS_H)
91 #if defined(HAVE_STDINT_H)
92 #include <stdint.h>
93 #else
94 typedef unsigned char uint8_t;
95 #endif // HAVE_STDINT_H
96 #endif // MANUAL_PKCS12_IMPORT_SUPPORTED
97 
98 #include "api.h"
99 #include "PreferenceUpdate.h"
100 
101 #if defined(PLATFORM_WIN_APP)
102 typedef unsigned char uint8_t;
103 #endif
104 
105 #if defined(HOST_DATA_SUPPORTED)
106 #include "IHostData.h"
107 #endif
108 
109 #if defined(ANYCONNECT_USE_SNAK)
110 #include "Utility/PluginLoader.h"
111 #include "SNAK_CertPlugin.h"
112 #include "SNAK_SocketPlugin.h"
113 #include "SNAK_StoragePlugin.h"
114 #endif
115 
116 class ConnectPromptInfo;
117 class ConnectMgr;
118 class MsgWithArg;
119 class VPNStats;
120 class AgentIfc;
121 class ProfileMgr;
122 class ApiThread;
123 class EventMgr;
124 class PreferenceMgr;
125 class PreferenceInfo;
126 class UserPreferences;
127 class CScriptingMgr;
128 class CManualLock;
129 class ProxyIfc;
130 class CIpcMessage;
131 class SCEPIfc;
132 class CertObj;
133 class CExecutionContext;
134 class HostEntry;
135 
136 #if defined(CREDENTIAL_PREFILL_SUPPORTED)
137 class CredentialPrefill;
138 #endif
139 
140 #if !defined(PLATFORM_APPLE_SSLVPN)
141 class CStoragePath;
142 #endif
143 
144 #ifdef ANYCONNECT_USE_SNAK
145 class PluginLoader;
146 class SNAK_StoragePlugin;
147 class SNAK_CertPlugin;
148 class SNAK_SocketPlugin;
149 class SNAK_DeviceInfoPlugin;
150 class SNAKDeviceInfoPluginCBImpl;
151 #endif // ANYCONNECT_USE_SNAK
152 
153 #if defined(ANYCONNECT_USE_SNAK) || defined(PLATFORM_APPLE_SSLVPN)
154 class ManagedCertificate;
155 class ManagedCertHandle;
156 #endif // ANYCONNECT_USE_SNAK || PLATFORM_APPLE_SSLVPN
157 
158 #if defined(PROGRAM_DATA_IMPORT_SUPPORTED)
159 class IACImporterAsync;
160 class IACImporterAsyncCB;
161 #endif
162 
163 class VPN_VPNAPI ClientIfcBase : private IPreferenceUpdateCB
164 {
165  friend class EventMgr;
166 
167  protected:
168 
169  /**
170  * Callback used to deliver new statistics related to the VPN
171  * connection.
172  *
173  * When a connection is active, a new set of statistics is
174  * delivered each second.
175  *
176  * @see resetStats(), stopStats() and startStats()
177  *
178  */
179  virtual void StatsCB(VPNStats &stats) = 0;
180 
181 
182  /**
183  * Callback used to deliver VPN state and state change string.
184  * The stateString delivered by this method is localized.
185  *
186  * See the ::VPNState enum found in api.h for set of valid states.
187  */
188  virtual void StateCB(const VPNState state,
189  const VPNSubState subState,
190  const tstring stateString) = 0;
191 
192 
193  /**
194  * If a banner needs to be acknowledged, this CB delivers the banner
195  * to the client.
196  *
197  * NOTE: Connection establishment will block until the method
198  * setBannerResponse() is called.
199  *
200  * In a GUI, a banner would typically be displayed in a modal dialog
201  * with an accept or decline button selection.
202  *
203  * @see setBannerResponse() to set the user response to the banner.
204  */
205  virtual void BannerCB(const tstring &banner) = 0;
206 
207  /**
208  * If a pre-connect reminder needs to be acknowledged, this CB delivers
209  * the pre-connect reminder to the client.
210  *
211  * NOTE: Connection establishment will block until the method
212  * setPreConnectReminderResponse() is called.
213  *
214  * In a GUI, a pre-connect reminder would typically be displayed in a modal
215  * dialog with an OK button selection.
216  *
217  * @see setPreConnectReminderResponse() to set the user acknowledgement to
218  * the pre-connect reminder message.
219  */
220  virtual void PreConnectReminderCB(const tstring &rtstrPreConnectReminder);
221 
222  /**
223  * Messages are delivered via the NoticeCB and can come from multiple
224  * sources. There are four message types (error, warning, info and
225  * status). See the ::MessageType enum in api.h for the list.
226  *
227  * Clients using the API as an embedded application (not
228  * user visible) might want to further characterize
229  * messages. One option here is to use the AnyConnect message
230  * catalog and assign message codes as the translations for
231  * various messages. An application could then track messages based
232  * on its own error code scheme.
233  */
234  virtual void NoticeCB(const tstring &notice,
235  const MessageType type,
236  const bool bSensitive = false) = 0;
237 
238 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) || defined(PLATFORM_CHROMEBOOK)
239  virtual void CertBannerCB(const tstring &certBannerSummary,
240  const uint32_t nCertBannerCertLen,
241  const uint8_t *pCertBannerCertDer,
242  const std::list<tstring> &confirmReasons,
243  const std::list<CertConfirmReason> &confirmReasonEnums,
244  bool bImportAllowed = true) = 0;
245 #endif
246 
247  /**
248  * This CB would likely occur only during a connection when it was
249  * detected that the software needed to be upgraded, or when Start
250  * Before Logon (SBL) is being used.
251  *
252  * Unlike the other callback methods, this method provides a default
253  * implementation (calling the system's exit() function).
254  * If clients of the API wish to override this behavior, they are
255  * responsible for ensuring that the current running process exits with
256  * the return code specified by returnCode.
257  *
258  * <b>Caution</b>: IF YOU OVERRIDE THIS METHOD AND DO NOT EXIT WITH
259  * THE PROPER CODE SOFTWARE UPDATE FUNCTIONALITY IN YOUR CLIENT WILL
260  * BREAK
261  */
262  virtual void ExitNoticeCB(const tstring &tstrNotice,
263  const int returnCode);
264 
265 
266  /**
267  * Under normal operating conditions, this CB is called as soon
268  * as the attach method completes. In case the service (vpn agent)
269  * is not ready, this CB is not called until it is.
270  *
271  * Any API calls made prior to this CB being called will result in a
272  * NoticeCB error message.
273  */
274  virtual void ServiceReadyCB() = 0;
275 
276 
277 
278  /**
279  * This method supports prompting for single or multiple values. All
280  * prompts are considered mandatory.
281  *
282  * The ConnectPromptInfo object contains a list of PromptEntry
283  * instances. The labels and their default values (if any) can be
284  * found in these instances. After the data has been collected from the user
285  * it can be set into these same instances. When ready, the client
286  * application should call the method UserSubmit() to have the
287  * responses read by the API.
288  */
289  virtual void UserPromptCB(ConnectPromptInfo &ConnectPrompt) = 0;
290 
291 
292  /**
293  * Use this method to provide Window Manager hints to GUI
294  * applications. To receive these hints, the application must
295  * identify itself as a GUI in the attach method. In addition, this
296  * method should be overriden to receive any generated events.
297  *
298  * Event that can be received include those indicating that a user is
299  * starting a second instance of the GUI application. This information
300  * can be used to tell the already running application to un-minimize
301  * itself and let the new program know that it should Quit (since a GUI
302  * is already running).
303  */
304  virtual void WMHintCB(const WMHint hint,
305  const WMHintReason reason);
306 
307 
308  /**
309  * This method is useful when the connection to the secure gateway
310  * has been established as part of a web-launch of the VPN tunnel.
311  *
312  * If the client application wishes to be notified of the secure
313  * gateway to which the VPN has been established, this method should
314  * be overriden.
315  *
316  * If the client application is started and a tunnel is already active,
317  * this method also delivers the name of the secure gateway host.
318  */
319  virtual void deliverWebLaunchHostCB(const tstring &activeHost);
320 
321  /**
322  * This method is called when the preference to block untrusted
323  * servers is enabled and the current VPN server being connected
324  * to is untrusted. Clients should present an error to the user
325  * notifying them that the current connection to rtstrUntrustedServer
326  * is being blocked. The client should also provide a way for the
327  * user to change the preference to block untrusted servers.
328  *
329  * The user response must be indicated using setCertBlockedResponse
330  */
331  virtual void CertBlockedCB(const tstring &rtstrUntrustedServer) = 0;
332 
333  /**
334  * This method is called when connections to untrusted VPN servers
335  * is allowed by policies and the current VPN server being connected
336  * to is untrusted. Clients should present a warning to the user
337  * notifying them that the current connection to rtstrUntrustedServer
338  * is unsafe. The reason the VPN server is untrusted is provided in
339  * rltstrCertErrors. The client should provide a way for the user to
340  * connect once, connect and always trust or cancel the connection.
341  * If bAllowImport is set to false then the always trust option should
342  * not be presented to users.
343  *
344  * The user response must be indicated using setCertWarningResponse
345  */
346  virtual void CertWarningCB(const tstring &rtstrUntrustedServer,
347  const std::list<tstring> &rltstrCertErrors,
348  bool bAllowImport) = 0;
349 
350 #if defined(PLATFORM_WIN_APP)
351  /**
352  * Same as above but also passes the Server certificate DER for details display
353  */
354  virtual void CertWarningCB(const tstring &rtstrUntrustedServer,
355  const std::list<tstring> &rltstrCertErrors,
356  const std::vector<uint8_t> &rvServerCertDER,
357  bool bAllowImport) = 0;
358 #endif
359 
360  /**
361  * This method should be overriden by the client application to
362  * exercise some control over the delivery of events from the other
363  * protected methods in this class.
364  *
365  * This might be necessary in cases where a GUI/CLI is being written and
366  * the data from this API needs to be delivered in the GUI/CLI or main
367  * thread. In this case, you should override this method and when it
368  * is called by the API post an event to your event queue (message
369  * pump, etc.). After this event executes in your GUI/CLI or main thread,
370  * call the method ClientIfc::ProcessEvents to have events delivered
371  * to your client application.
372  */
373  virtual void EventAvailable();
374 
375 #ifdef MANUAL_PKCS12_IMPORT_SUPPORTED
376  virtual void ImportPKCS12ResultCB(const std::vector<uint8_t> &certHash, const tstring &tstrError);
377 #endif
378 #ifdef PLATFORM_ANDROID
379  virtual void ClientCertificateCB(std::vector< std::pair<uint32_t, uint8_t*> > certList) = 0;
380  virtual void AgentDetachedCB();
381 #endif
382 
383  AgentIfc &getAgentIfc();
384 
385  ClientIfcBase();
386 
387 
388  public:
389 
390  virtual bool attach(ClientType clientType = ClientType_GUI,
391  bool requestFullCapabilities = true,
392  bool suppressAutoConnect = true);
393 
394  virtual void detach();
395 
396  virtual void ProcessEvents();
397 
398  virtual bool hasFullCapabilities();
399 
400  virtual bool isConnected();
401 
402  virtual bool isAvailable();
403 
404  virtual std::list<tstring> getHostNames();
405 
406  virtual std::list<HostEntry> getHostEntries();
407 
408  virtual tstring getDefaultHostName();
409 
410 #if defined(HOST_DATA_SUPPORTED)
411  virtual bool connect(const IHostData& hostData);
412 
413  bool connect(const IHostData& hostData,
414  unsigned int origin);
415 #else
416  virtual bool connect(tstring host);
417 
418  bool connect(tstring host,
419  unsigned int origin);
420 #endif
421 
422  virtual bool setNewTunnelGroup(const tstring & group);
423 
424  virtual void disconnect();
425 
426  virtual void cancel();
427 
428  virtual void resetStats();
429 
430  virtual void getState();
431 
432  VPNState getCurrentState();
433  VPNSubState getCurrentSubState();
434  VPNSubState getPreviousSubState();
435 
436  tstring getStateText();
437  static tstring getNoticeTypeText(MessageType msgType);
438 
439  static tstring getStateText(VPNState state,
440  VPNSubState subState = VPNSS_NORMAL,
441  NETENV_STATE netEnvState = NES_NETWORK_ACCESSIBLE,
442  const tstring& tstrConnectedHost = tstring());
443 
444  void setNetworkStates(NETENV_STATE netEnvState,
445  NETCTRL_STATE netCtrlState,
446  NETWORK_TYPE netType,
447  bool bACBrowserForCPRemediation,
448  bool bUpdateUI);
449  void refreshOperatingModeForCurrentNetStates();
450  NETENV_STATE getCurrentNetEnvState();
451  NETENV_STATE getPreviousNetEnvState();
452  NETCTRL_STATE getCurrentNetCtrlState();
453  NETWORK_TYPE getCurrentNetType();
454  bool isACBrowserForCPRemediation();
455 
456  static tstring getNetCtrlText(NETCTRL_STATE netCtrlState);
457  static tstring getNetEnvText(NETENV_STATE netEnvState,
458  bool bSimple = false);
459  static tstring getNetTypeText(NETWORK_TYPE netType);
460  static tstring getQuarantinedStatusText();
461  static tstring getNetworkStatusSimpleText(const NETENV_STATE netEnvState,
462  const NETCTRL_STATE netCtrlState);
463 
464  // can't be static due to requiring operating mode information
465  tstring getNetworkStatusText(const VPNState state,
466  const VPNSubState subState,
467  const NETENV_STATE netEnvState,
468  const NETCTRL_STATE netCtrlState);
469 
470  PreferenceInfo &getPreferences();
471 
472  bool savePreferences();
473 
474  virtual void startStats();
475 
476  virtual void stopStats();
477 
478  virtual void UserSubmit();
479 
480  void setBanner(const tstring &banner);
481  void setBannerResponse(bool bResponse);
482 
483  void setPreConnectReminder(const tstring &tstrPreConnectReminder);
484  void setPreConnectReminderResponse();
485 
486  bool getUserResponse();
487  bool isUserResponseSet();
488 
489  void setCertBlocked(const tstring &tstrUntrustedServer);
490  void setCertWarning(const tstring &rtstrUntrustedServer,
491  const std::list<tstring> &rltstrCertErrors,
492  bool bAllowImport);
493 #if defined(PLATFORM_WIN_APP)
494  void setCertWarning(const tstring &rtstrUntrustedServer,
495  const std::list<tstring> &rltstrCertErrors,
496  const std::vector<uint8_t>& rvServerCertDER,
497  bool bAllowImport);
498 #endif
499  bool getCertImportResponse();
500 
501 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) || defined(PLATFORM_CHROMEBOOK)
502  void setCertBanner(tstring tstrCertBannerSummary,
503  uint32_t nCertBannerCertLen,
504  const uint8_t *pCertBannerCertDer,
505  const std::list<tstring> &confirmReasons,
506  const std::list<CertConfirmReason> &confirmReasonEnums,
507  bool bImportAllowed);
508 
509  void setCertBannerResponse(bool bResponse, bool bImportCert);
510  void importServerCert(std::vector<uint8_t> certData);
511  bool setFipsMode(bool bEnableFips);
512 #if defined(PLATFORM_ANDROID)
513  bool setStrictMode(bool bEnableStrictMode);
514  bool setRevocationEnabled(bool bRevocationEnabled);
515  bool IsRevocationEnabled();
516 #endif // currently supported only for android
517 #endif
518 
519  void setUserPrompt(ConnectPromptInfo &ConnectPrompt);
520 
521 #ifdef PLATFORM_ANDROID
522  void setClientCertResponse(std::vector< std::pair<uint32_t, uint8_t*> > &derList);
523  void setAgentDetached();
524  bool getClientCertificates();
525 #endif
526 
527 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID)
528  void setSCEPEnrollInProgress(bool bInProgress);
529  bool isSCEPEnrollInProgress();
530 #endif // PLATFORM_APPLE_SSLVPN || PLATFORM_ANDROID
531 
532 #ifdef MANUAL_PKCS12_IMPORT_SUPPORTED
533  void setImportPKCS12Result(const std::vector<uint8_t> &certHash, const tstring &tstrError);
534  bool requestImportPKCS12(const std::vector<uint8_t> &data);
535  std::vector<uint8_t> importPKCS12WithPassword(const std::vector<uint8_t> &data, const tstring &password);
536 #endif
537 
538  void setCertBlockedResponse(bool bUnlock);
539  void setCertWarningResponse(bool bConnect, bool bImportCert);
540 
541  void insertStateToConnectPrompt(ConnectPromptInfo &ConnectPrompt);
542 
543  void ExitNotice(const tstring &tstrNotice, const int code = 0);
544 
545  void notice(const tstring &tstrNotice,
546  const MessageType type = MsgType_Info,
547  bool bClearLastMsg = false,
548  bool bForce = false,
549  bool bStateMsg = false,
550  bool bSensitiveMsg = false);
551 
552  void notice(MsgWithArg &notice,
553  const MessageType type = MsgType_Info,
554  bool bClearLastMsg = false,
555  bool bForce = false,
556  bool bStateMsg = false,
557  bool bSensitiveMsg = false);
558 
559  void getStats(void);
560 
561  void setStats(VPNStats &stats);
562 
563  void exportStats(const tstring &tstrFilePath);
564 
565  void setState(VPNState state,
566  VPNState previousState,
567  VPNSubState subState = VPNSS_NORMAL,
568  bool bUpdateStateMsg = true,
569  bool bOnlyUpdateUI = false);
570 
571 #ifdef PROGRAM_DATA_IMPORT_SUPPORTED
572  IACImporterAsync *createACImporter(IACImporterAsyncCB *pCallback);
573 #endif
574 
575  void setWMHint(WMHint hint,
576  WMHintReason reason);
577 
578  bool isLastConnectType (const ConnectPromptType connPromptType);
579 
580  bool isOperatingMode(OperatingMode opMode);
581  void setOperatingMode(OperatingMode opMode);
582  void unsetOperatingMode(OperatingMode opMode);
583 
584  bool CanRemediateCaptivePortal();
585  bool policyAllowsCaptivePortalRemediation();
586 
587  bool isEventShutdown();
588 
589  bool isUsingEventModel();
590 
591  time_t getLastDisconnectTime();
592 
593  ConnectPromptInfo getConnectPromptInfo();
594  void resetConnectPromptPasswordData();
595 
596  void setStandaloneConnection(bool isStandalone);
597 
598  void deliverActiveHost(const tstring &activeHost,
599  ConnectProtocolType vpnProtocol = PROTOCOL_TYPE_UNKNOWN,
600  bool bActiveHostFriendlyName = false);
601 
602  bool isVPNServiceReady();
603 
604  // reset last disconnect time indicator.
605  //
606  void resetLastDisconnectTime(time_t time = 1);
607 
608  void processMinimize();
609 
610  // cert enrollment
611  void setEnrollClientCert(CertObj* pCert);
612 
613  // Show user banner for cert import warning on linux
614  // SCEPIfc to ConnectMgr
615  void linuxCertImportWarnUser();
616 
617  // Response to cert warning on linux
618  // ConnectMgr to SCEPIfc
619  void linuxCertImportWarnUserResponse(bool bAccept);
620 
621  void setDefaultHost(tstring &host);
622 
623 #if defined(HOST_DATA_SUPPORTED)
624  void setDefaultHostProfile(const IHostData &hostProfile);
625  IHostData* getDefaultHostData();
626 #endif // HOST_DATA_SUPPORTED
627 
628  void setLastVpnError(VPNError vpnError);
629  VPNError getLastVpnError();
630 
631 #ifdef PLATFORM_ANDROID
632  bool requestClientCertificates();
633 #endif
634 
635  bool requestImportLocalization(const tstring tstrLocale,
636  const std::vector<unsigned char> &MoFileData);
637 
638  // Start the Automatic Headend Selection operation
639  void startAHS(const unsigned int uiReason,
640  const ProxyIfc& proxy);
641  // statusReturnCode is a long to match the current type of STATUSCODE.
642  // It is not using a STATUSCODE directly so that we do not have to
643  // expose the header files for STATUSCODEs to ClientIfcBase.h
644  void AHSSelectedHost(const unsigned int uiReason,
645  const std::vector<tstring> &headendList,
646  const long statusReturnCode,
647  const tstring& extraInfo);
648  std::vector<tstring> getAHSHostList();
649  unsigned int getAHSState();
650  bool isAHSHasRun();
651 
652  bool suppressConnectionErrorPopups();
653 
654  tstring getCaptivePortalDetectedMsg();
655 
656  void setProxyAuthPrompts(ProxyIfc* pProxy,
657  const tstring& promptMsg);
658 
659 #if defined(INTERPROCESS_COMMUNICATION_SUPPORTED)
660  bool handleIpcMessage(CIpcMessage *pIpcMessage);
661 #endif
662  bool IsCsdTokenVerified() const;
663 
664 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID)
665  virtual void SCEPEnrollStartCB();
666  virtual void SCEPEnrollExitCB();
667 #endif // PLATFORM_APPLE_SSLVPN || PLATFORM_ANDROID
668 
669  void activateConnectMgrTunnelInitiationCompletionEvent();
670  bool isConnectRequestActive();
671 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_CHROMEBOOK)
672  bool deleteProfileByName(const tstring &profileName);
673  tstring getProfileContents(const tstring &profileName);
674  bool importProfile(const tstring &profileName, const tstring &profileContents);
675 #endif // PLATFORM_ANDROID || PLATFORM_CHROMEBOOK
676 
677  bool syncProfileChange(const tstring &profileName);
678 
679 #if defined(CREDENTIAL_PREFILL_SUPPORTED)
680  bool hasPrefilledCredentials();
681  bool prefillCredentials(ConnectPromptInfo &connectPrompt);
682  void setPrefilledCredentials(CredentialPrefill *prefill);
683 #endif
684 
685 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN)
686  std::list<ManagedCertificate *> enumerateCertificates(CertificateType certType);
687  bool deleteCertificates(CertificateType certType, const std::list<std::string> &idList);
688  bool deleteServerCertificates(const std::list<std::string> &idList);
689 #endif // ANYCONNECT_USE_SNAK || PLATFORM_APPLE_SSLVPN
690 
691 #if defined(ANYCONNECT_USE_SNAK)
692  std::list<ManagedCertificate *> enumerateSNAKCertificates(SNAK_CertType certType);
693  SNAK_CertType getSNAKCertType(CertificateType certType);
694  bool deleteClientCertificates(const std::list<std::string> &idList);
695 #endif // ANYCONNECT_USE_SNAK
696 
697 #if defined(PLATFORM_APPLE_SSLVPN)
698  bool canUseBackupServers();
699 
700 #endif //PLATFORM_APPLE_SSLVPN
701 
702  virtual ~ClientIfcBase();
703 
704  tstring getConnectHost();
705 
706  tstring getMgmtTunnelHostname();
707 
708  VPN_TUNNEL_SCOPE getVpnTunnelScope();
709 
710  bool isStandaloneConnection();
711 
712  void sendSSoLogoutPrompt(ConnectPromptInfo &cpi);
713 
714  void setExternalSSOLogoutUrlFromAgent(const tstring& logoutUrl);
715 
716  bool IsAHSCachingRestricted();
717 
718  private:
719  CExecutionContext* m_pExecutionContext;
720  CExecutionContext* m_pExecutionContextMgr;
721 
722  AgentIfc *mo_AgentIfc;
723 
724  ConnectMgr *mo_ConnectMgr;
725 
726  ApiThread *mo_ConnectThread;
727 
728  EventMgr *mo_EventMgr;
729 
730  PreferenceMgr *mo_PreferenceMgr;
731 
732  ConnectPromptInfo *mp_currentConnectPromptInfo;
733 
734  PreferenceInfo *mo_EditablePrefs;
735 
736 #if defined(SCRIPTING_SUPPORTED)
737  CScriptingMgr *mo_ScriptingMgr;
738 #endif // SCRIPTING_SUPPORTED
739 
740 #if defined(SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED)
741  SCEPIfc* m_pSCEPIfc;
742  bool m_bInformedAgentOfSCEP;
743 #endif // SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED
744 #ifndef PLATFORM_APPLE_SSLVPN
745  CStoragePath* m_pStoragePath;
746 #endif // !PLATFORM_APPLE_SSLVPN
747 
748 #ifdef ANYCONNECT_USE_SNAK
749  PluginLoader *m_pPluginLoader;
750  SNAK_CertPlugin *m_pSNAKCert;
751  SNAK_SocketPlugin *m_pSNAKSocket;
752  SNAK_StoragePlugin *m_pSNAKStorage;
753  SNAK_DeviceInfoPlugin *m_pSNAKDeviceInfo;
754  SNAKDeviceInfoPluginCBImpl *m_pSNAKDeviceInfoCB;
755 
756  bool mb_SNAKInitialized;
757 #endif
758 
759 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN)
760  bool mb_SCEPEnrollInProgress;
761 #endif // PLATFORM_ANDROID || PLATFORM_APPLE_SSLVPN
762 
763  bool mb_PreferenceMgrCreated;
764  bool mb_StandaloneConnection;
765  bool mb_UsingEventModel;
766  bool mb_UserResponse;
767  bool mb_IsUserResponseSet;
768  bool mb_PerformedAutoCertEnrollment;
769  tstring ms_PostEnrollmentConnectHost;
770  bool mb_CaptivePortalMsgDisplayed;
771  bool m_bSuppressMinimizeOnConnect;
772  bool m_bSuppressConnectionErrorPopups;
773  bool m_bLastConnectionAutomatic;
774  bool m_bImportCertResp;
775  bool m_bPrevMsgWasStateMsg;
776 
777  unsigned int mui_OperatingMode;
778  NETENV_STATE m_currentNetEnvState;
779  NETENV_STATE m_previousNetEnvState;
780  NETCTRL_STATE m_currentNetCtrlState;
781  NETWORK_TYPE m_currentNetType;
782  bool m_bACBrowserForCPRemediation;
783 
784  tstring ms_message;
785 
786  time_t m_disconnectTime;
787 
788  static std::string ms_ThreadName;
789 
790  CManualLock* m_pClientIfcStateLock;
791  CManualLock* m_pClientIfcLock;
792  CManualLock* m_pClientIfcPromptsLock;
793  CManualLock* m_pClientIfcOpModeLock;
794  CManualLock* m_pClientIfcAHSLock;
795  CManualLock* m_pClientIfcConnectModeLock;
796  CManualLock* m_pClientIfcInformAgentOfSCEPLock;
797 
798  std::vector<tstring> msl_AHSSelectedHosts;
799  ApiThread* m_pAHSThread;
800  unsigned int m_uiAHSState;
801  bool m_bAutoConnectPostAHS;
802 
803 #if defined(CREDENTIAL_PREFILL_SUPPORTED)
804  CredentialPrefill* m_pCredentialPrefill;
805 #endif
806  VPNError m_lastVpnError;
807 
808  static volatile bool mb_deleteFirstPass;
809 
810  ConnectMgr &getConnectMgr();
811 
812  ProfileMgr &getProfileMgr();
813  UserPreferences &getUserPreferences();
814 
815  void displayAgentAttachMessage();
816 
817  void setLastDisconnectTime(time_t time);
818 
819  void setCurrentStatePrompts(const VPNState state,
820  const VPNState prevState,
821  const VPNSubState subState,
822  const bool bUpdateStateMsg);
823  void setCurrentStateErrorMessage(VPNState state, CONNECT_FAILURE_REASON cfr);
824  void getStateMessage(const VPNState state,
825  const VPNState prevState,
826  const VPNSubState subState,
827  const NETENV_STATE neState,
828  /*out*/ MsgWithArg& stateMessage);
829 
830  // IPreferenceUpdateCB methods
831  virtual void OnLoadPreferencesComplete();
832  virtual bool IsPreferenceOverridable(const PreferenceId ePreferenceId);
833  virtual void OverridePreferenceValue(const PreferenceId ePreferenceId,
834  tstring& rPrefenceValue,
835  bool& rbOverriden);
836 
837  void RefreshPreferences(void);
838 
839  void displayAHSPrompt(const bool isComplete);
840  void handleAHSPreferences(const unsigned int uiReason);
841  void setAHSState(const unsigned int ahsState);
842  void setAutoConnectPostAHS(const bool bAutoConnect);
843  bool isAutoConnectPostAHS();
844 
845  bool autoConnectIfEnabled(const bool suppressAutoConnect);
846 
847  void clearUserSetResponseFlag();
848 
849  bool decodeSSOToken();
850 
851 #if defined(SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED)
852  bool processSCEPIpcMessage(CIpcMessage *pIpcMessage);
853  bool isSCEPRedirect();
854  void processSCEPRedirect();
855 #endif // SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED
856 
857  bool hasConnectCapabilities();
858  bool hasMgmtCapabilities();
859 
860  ClientIfcBase(const ClientIfcBase& other);
861  ClientIfcBase& operator=(const ClientIfcBase& other);
862 
863 #ifdef ANYCONNECT_USE_SNAK
864  bool initializeSNAK(bool bUseExistingInstanceIfAvail);
865  void destroySNAK();
866  ManagedCertificate *convertSnakToManagedCertificate(const ManagedCertHandle &snakCert);
867 #endif
868 };
869 
870 
871 #endif // _CLIENTIFCBASE_
Definition: api.h:109
ConnectPromptType
Definition: api.h:224
Definition: PreferenceInfo.h:27
WMHintReason
Definition: api.h:200
VPNState
Definition: api.h:135
Definition: ClientIfcBase.h:163
#define tstring
Definition: api.h:35
WMHint
Definition: api.h:181
Definition: ConnectPromptInfo.h:37
MessageType
Definition: api.h:104
OperatingMode
Definition: api.h:522
VPNSubState
Definition: api.h:159
PreferenceId
Definition: api.h:274
VPNError
Definition: api.h:574
Definition: VPNStats.h:35
Definition: PreferenceUpdate.h:20