AnyConnect Secure Mobility Client 5.1.9.113

include/GlobalEnums.h

00001 /*******************************************************************************
00002 *   Copyright (c) 2007, 2022 Cisco Systems Inc.
00003 *   All Rights Reserved. Cisco Highly Confidential.
00004 ********************************************************************************
00005 **
00006 **  GlobalEnums.h
00007 **  
00008 **  Contains enumerations used in the API and TLV classes.
00009 **
00010 *********************************************************************************/
00011 
00012 #ifndef __GLOBALENUMS_H
00013 #define __GLOBALENUMS_H
00014 
00015 /*****    PUT ONLY ENUMS IN THIS FILE AS IT IS ALSO USED BY THE MIDL COMPILER  *****\
00016 \******************** This is also compiled with IDL compiler **********************/
00017 
00018 enum ConnectProtocolType
00019 {
00020     PROTOCOL_TYPE_UNKNOWN = 0,
00021     PROTOCOL_TYPE_SSL,
00022     PROTOCOL_TYPE_IPSEC,
00023 };
00024 
00025 enum ProtocolVersion 
00026 {
00027     PROTO_VERSION_UNKNOWN           = 0,
00028     PROTO_VERSION_TLS10             = 1,
00029     PROTO_VERSION_SSL30             = 2,
00030     PROTO_VERSION_DTLS10            = 3,
00031     PROTO_VERSION_IPSEC             = 4,
00032     PROTO_VERSION_IPSEC_NAT_T       = 5,
00033     PROTO_VERSION_TLS11             = 6,
00034     PROTO_VERSION_TLS12             = 7,
00035     PROTO_VERSION_DTLS12            = 8,
00036     PROTO_VERSION_TLS13             = 9,
00037 };
00038 
00039 enum ProtocolCipher
00040 {
00041     PROTO_CIPHER_UNKNOWN            =  0,
00042     PROTO_CIPHER_RSA_RC4_128_MD5    =  1,
00043     PROTO_CIPHER_RSA_RC4_128_SHA1   =  2,
00044     PROTO_CIPHER_RSA_DES_56_SHA1    =  3,
00045     PROTO_CIPHER_RSA_3DES_168_SHA1  =  4,
00046     PROTO_CIPHER_RSA_AES_128_SHA1   =  5,
00047     PROTO_CIPHER_RSA_AES_256_SHA1   =  6,
00048     PROTO_CIPHER_ENC_NULL_MD5       =  7,
00049     PROTO_CIPHER_ENC_NULL_SHA1      =  8,
00050     PROTO_CIPHER_RC4_128            =  9,
00051     PROTO_CIPHER_RC4_128_MD5        = 10,
00052     PROTO_CIPHER_RC4_128_SHA1       = 11,
00053     PROTO_CIPHER_DES_56             = 12,
00054     PROTO_CIPHER_DES_56_MD5         = 13,
00055     PROTO_CIPHER_DES_56_SHA1        = 14,
00056     PROTO_CIPHER_DES_56_SHA256      = 15,
00057     PROTO_CIPHER_DES_56_SHA384      = 16,
00058     PROTO_CIPHER_DES_56_SHA512      = 17,
00059     PROTO_CIPHER_3DES_168           = 18,
00060     PROTO_CIPHER_3DES_168_MD5       = 19,
00061     PROTO_CIPHER_3DES_168_SHA1      = 20,
00062     PROTO_CIPHER_3DES_168_SHA256    = 21,
00063     PROTO_CIPHER_3DES_168_SHA384    = 22,
00064     PROTO_CIPHER_3DES_168_SHA512    = 23,
00065     PROTO_CIPHER_AES_128            = 24,
00066     PROTO_CIPHER_AES_128_MD5        = 25,
00067     PROTO_CIPHER_AES_128_SHA1       = 26,
00068     PROTO_CIPHER_AES_128_SHA256     = 27,
00069     PROTO_CIPHER_AES_128_SHA384     = 28,
00070     PROTO_CIPHER_AES_128_SHA512     = 29,
00071     PROTO_CIPHER_AES_192            = 30,
00072     PROTO_CIPHER_AES_192_MD5        = 31,
00073     PROTO_CIPHER_AES_192_SHA1       = 32,
00074     PROTO_CIPHER_AES_192_SHA256     = 33,
00075     PROTO_CIPHER_AES_192_SHA384     = 34,
00076     PROTO_CIPHER_AES_192_SHA512     = 35,
00077     PROTO_CIPHER_AES_256            = 36,
00078     PROTO_CIPHER_AES_256_MD5        = 37,
00079     PROTO_CIPHER_AES_256_SHA1       = 38,
00080     PROTO_CIPHER_AES_256_SHA256     = 39,
00081     PROTO_CIPHER_AES_256_SHA384     = 40,
00082     PROTO_CIPHER_AES_256_SHA512     = 41,
00083     PROTO_CIPHER_AES_128_GCM        = 42,
00084     PROTO_CIPHER_AES_192_GCM        = 43,
00085     PROTO_CIPHER_AES_256_GCM        = 44,
00086     PROTO_CIPHER_RSA_AES_128_SHA256 = 45,   // TLS 1.2
00087     PROTO_CIPHER_RSA_AES_256_SHA256 = 46,
00088     PROTO_CIPHER_DHE_RSA_AES_128_SHA256 = 47,
00089     PROTO_CIPHER_DHE_RSA_AES_256_SHA256 = 48,
00090     PROTO_CIPHER_ECDHE_ECDSA_AES256_GCM_SHA384 = 49,    // TLS 1.2 phase 2
00091     PROTO_CIPHER_ECDHE_RSA_AES256_GCM_SHA384   = 50,
00092     PROTO_CIPHER_DHE_RSA_AES256_GCM_SHA384     = 51,
00093     PROTO_CIPHER_AES256_GCM_SHA384             = 52,
00094     PROTO_CIPHER_ECDHE_ECDSA_AES256_SHA384     = 53,
00095     PROTO_CIPHER_ECDHE_RSA_AES256_SHA384       = 54,
00096     PROTO_CIPHER_ECDHE_ECDSA_AES128_GCM_SHA256 = 55,
00097     PROTO_CIPHER_ECDHE_RSA_AES128_GCM_SHA256   = 56,
00098     PROTO_CIPHER_DHE_RSA_AES128_GCM_SHA256     = 57,
00099     PROTO_CIPHER_AES128_GCM_SHA256             = 58,
00100     PROTO_CIPHER_ECDHE_ECDSA_AES128_SHA256     = 59,
00101     PROTO_CIPHER_ECDHE_RSA_AES128_SHA256       = 60,
00102     PROTO_CIPHER_DHE_RSA_AES256_SHA            = 61,
00103     PROTO_CIPHER_DHE_RSA_AES128_SHA            = 62,
00104     PROTO_CIPHER_AES_128_GCM_SHA256            = 63,    // TLS 1.3
00105     PROTO_CIPHER_AES_256_GCM_SHA384            = 64,
00106     PROTO_CIPHER_CHACHA20_POLY1305_SHA256      = 65,
00107     PROTO_CIPHER_AES_128_CCM_SHA256            = 66
00108 };
00109 
00110 typedef enum
00111 {
00112     COMPR_NONE = 0,
00113     COMPR_DEFLATE = 1,
00114     COMPR_LZS = 2
00115 } COMPR_ALGORITHM;   
00116 
00117 /*
00118 ** VPN Session States
00119 **  New states must be added to the end of the list.
00120 **  Downloader tests states, so altering existing states requires verification
00121 **  that there won't be backward compability issues with downloader.
00122 */
00123 //BUGBUG  Suggested by Marc: Rename the STATE enum and its symbolic values.
00124 //BUGBUG  We should probably change the enum name from STATE to VPNSES_STATE and
00125 //BUGBUG  the prefixes on the values from STATE_ to VSS_ (for VPN session state).
00126 //BUGBUG  The API and GUI code have to deal with a number of different states, and the 
00127 //BUGBUG  generically named STATE is not very self documenting.
00128 //BUGBUG  It's a throw back from the very earliest code for SSL VPN.
00129 typedef enum
00130 {
00131     STATE_CONNECTING,
00132     STATE_CONNECTED,
00133     STATE_RECONNECTING,
00134     STATE_DISCONNECTING,
00135     STATE_DISCONNECTED,
00136     STATE_PAUSING,
00137     STATE_PAUSED,
00138     STATE_AUTHENTICATING,
00139     STATE_SSOPOLLING,       // Api is doing the auth-poll.
00140     STATE_UNDEFINED,
00141 } STATE;
00142 
00143 /*
00144 ** Tunnel sub-states
00145 **  New sub-states must be added to the end of the list.
00146 **  Sub-states are meant to provide additional details, if necessary, about 
00147 **  any of the VPN connection states.
00148 **  Substates prefixed with "VCSS_MT_" correspond to the management tunnel.
00149 */
00150 enum VPNCON_SUBSTATE
00151 {
00152     VCSS_NORMAL                             = 0,
00153     VCSS_INDEFINITE_DELAY                   = (1 << 0),
00154     VCSS_SESSION_EXPIRING                   = (1 << 1),
00155     VCSS_MT_DISCONNECTED_DISABLED           = (1 << 2),
00156     VCSS_MT_DISCONNECTED_TRUSTED_NW         = (1 << 3),
00157     VCSS_MT_DISCONNECTED_USER_TUNNEL_ACTIVE = (1 << 4),
00158     VCSS_MT_DISCONNECTED_LAUNCH_FAILED      = (1 << 5),
00159     VCSS_MT_DISCONNECTED_CONNECT_FAILED     = (1 << 6),
00160     VCSS_MT_DISCONNECTED_BAD_VPN_CONFIG     = (1 << 7),
00161     VCSS_MT_DISCONNECTED_SW_UP_PENDING      = (1 << 8),
00162     VCSS_MTU_ADJUSTMENT_PENDING             = (1 << 9)
00163 };
00164 
00165 typedef enum
00166 {
00167     NCS_RESTRICTED = 0, //a client configuration has been applied to the endpoints 
00168                         //operating system configuration
00169     NCS_PARTIAL_RESTRICTED_CAPTIVE_PORTAL, //a client configuration has been applied to the 
00170                                            //endpoints operating system configuration to allow
00171                                            //captive portal remediation
00172     NCS_UNRESTRICTED    //the endpoints operating system configuration is not currently altered by the client
00173 } NETCTRL_STATE;
00174 
00175 
00176 // Note that while these values are defined like a bitmap, the network environment state
00177 // is not used as a bitmap. No two values are ever combined.  They are used like linear
00178 // values. The bitmap arrangement of values is to enable testing for many possible values
00179 // all at once in a single compare without having to do a series of compares against
00180 // different linear values.
00181 //
00182 typedef enum
00183 {
00184     NES_NO_NETWORK_INTERFACE        = (1 << 0),
00185     NES_NO_PUBLIC_INTERFACE         = (1 << 1),
00186     NES_NO_DNS_CONNECTIVITY         = (1 << 2),
00187     NES_CAPTIVE_PORTAL_DETECTED     = (1 << 3),
00188     NES_AUTH_PROXY_DETECTED         = (1 << 4),
00189     NES_NETWORK_ACCESSIBLE          = (1 << 5),
00190     NES_SECURE_GATEWAY_ACCESSIBLE   = (1 << 6)
00191 } NETENV_STATE;
00192 
00193 
00194 // Trusted Network Detection types.
00195 typedef enum
00196 {
00197     NT_TRUSTED,
00198     NT_UNTRUSTED,
00199     NT_UNDEFINED
00200 } NETWORK_TYPE;
00201 
00202 // Firewall enums
00203 typedef enum
00204 {   FW_PERMISSION_UNKNOWN,
00205     FW_PERMISSION_PERMIT,
00206     FW_PERMISSION_DENY
00207 } FW_Permission;
00208 
00209 typedef enum
00210 {   FW_PROTOCOL_UNKNOWN,
00211     FW_PROTOCOL_TCP,
00212     FW_PROTOCOL_UDP,
00213     FW_PROTOCOL_ICMP,
00214     FW_PROTOCOL_ANY
00215 } FW_Protocol;
00216 
00217 typedef enum
00218 {
00219     FW_INTERFACE_UNKNOWN,
00220     FW_INTERFACE_PUBLIC,
00221     FW_INTERFACE_PRIVATE
00222 } FW_Interface;
00223 
00224 typedef enum
00225 {
00226     FW_RULE_DIRECTION_IN,
00227     FW_RULE_DIRECTION_OUT,
00228     FW_RULE_DIRECTION_BOTH
00229 } FW_Rule_Direction;
00230 
00231 typedef enum
00232 {
00233     MUS_STATUS_UNKNOWN = 0,
00234     MUS_STATUS_ENABLED,
00235     MUS_STATUS_DISABLED,
00236     MUS_STATUS_UNCONFIRMED
00237 } MUS_STATUS;
00238 
00239 // These can be used to get/set an automatic preference value using the
00240 // generic UserPreferences.getAutomaticPreferenceValue() and
00241 // setAutomaticPreferenceValue() methods, rather than using the individual
00242 // getters/setters.
00243 typedef enum 
00244 {   
00245     HeadendSelectionCacheId = 0,
00246     DefaultUserId,
00247     DefaultSecondUserId,
00248     DefaultHostId,
00249     DefaultGroupId,
00250     ProxyHostId,
00251     ProxyPortId,
00252     SDITokenTypeId,
00253     NoSDITokenId,
00254     ClientCertThumbprintId,
00255     ServerCertThumbprintId,
00256     UnknownAutomaticPreference
00257 }  AutoPreferenceId ;
00258 
00259 // Used to determine if CPublicProxies, CPrivateProxies or no proxies should be used.
00260 typedef enum
00261 {
00262     TRANSPORT_PROXY_NONE,
00263     TRANSPORT_PROXY_PUBLIC,
00264     TRANSPORT_PROXY_CURRENT
00265 } TRANSPORT_PROXY_TYPE;
00266 
00267 // user authentication methods
00268 // these are shared between Agent and API
00269 //
00270 // Note that IKE PSK is supported for reconnects only.  The API can never
00271 // initiate an IPsec connection using IKE PSK authentication.
00272 typedef enum
00273 {
00274     USER_AUTH_UNKNOWN = 0,
00275     USER_AUTH_SSL_MACHINE_STORE_CERT,
00276     USER_AUTH_IKE_PSK,
00277     USER_AUTH_IKE_RSA,
00278     USER_AUTH_IKE_ECDSA,
00279     USER_AUTH_IKE_EAP_MD5,
00280     USER_AUTH_IKE_EAP_MSCHAPv2,
00281     USER_AUTH_IKE_EAP_GTC,
00282     USER_AUTH_IKE_EAP_ANYCONNECT,  // Default
00283 } USER_AUTH_METHOD;
00284 
00285 typedef enum
00286 {
00287     CFR_NONE = 0,
00288     CFR_HOST_UNREACHABLE,
00289 } CONNECT_FAILURE_REASON;
00290 
00291 typedef enum 
00292 {
00293     DYN_SPLIT_TUN_EXC,
00294     DYN_SPLIT_TUN_INC
00295 } DYN_SPLIT_TUN_TYPE;
00296 
00297 typedef enum
00298 {
00299     VPN_TUNNEL_SCOPE_USER,
00300     VPN_TUNNEL_SCOPE_MACHINE,
00301     VPN_TUNNEL_SCOPE_UNDEFINED
00302 } VPN_TUNNEL_SCOPE;
00303 
00304 #define IS_USER_TUNNEL(x)    (VPN_TUNNEL_SCOPE_USER == x)
00305 #define IS_MGMT_TUNNEL(x)    (VPN_TUNNEL_SCOPE_MACHINE == x)
00306 
00307 #endif // __GLOBALENUMS_H