![]() |
AnyConnect Secure Mobility Client 5.0.00556
|
00001 /******************************************************************************* 00002 * COPYRIGHT 2007 - Cisco Systems 00003 * All Rights Reserved 00004 ******************************************************************************** 00005 ** 00006 ** GlobalEnums.h 00007 ** 00008 ** Contains enumerations used in the API and TLV classes. 00009 ** 00010 *********************************************************************************/ 00011 00012 #ifndef __GLOBALENUMS_H 00013 #define __GLOBALENUMS_H 00014 00015 /***** PUT ONLY ENUMS IN THIS FILE AS IT IS ALSO USED BY THE MIDL COMPILER *****\ 00016 \******************** This is also compiled with IDL compiler **********************/ 00017 00018 enum ConnectProtocolType 00019 { 00020 PROTOCOL_TYPE_UNKNOWN = 0, 00021 PROTOCOL_TYPE_SSL, 00022 PROTOCOL_TYPE_IPSEC, 00023 }; 00024 00025 enum ProtocolVersion 00026 { 00027 PROTO_VERSION_UNKNOWN = 0, 00028 PROTO_VERSION_TLS10 = 1, 00029 PROTO_VERSION_SSL30 = 2, 00030 PROTO_VERSION_DTLS10 = 3, 00031 PROTO_VERSION_IPSEC = 4, 00032 PROTO_VERSION_IPSEC_NAT_T = 5, 00033 PROTO_VERSION_TLS11 = 6, 00034 PROTO_VERSION_TLS12 = 7, 00035 PROTO_VERSION_DTLS12 = 8, 00036 PROTO_VERSION_TLS13 = 9, 00037 }; 00038 00039 enum ProtocolCipher 00040 { 00041 PROTO_CIPHER_UNKNOWN = 0, 00042 PROTO_CIPHER_RSA_RC4_128_MD5 = 1, 00043 PROTO_CIPHER_RSA_RC4_128_SHA1 = 2, 00044 PROTO_CIPHER_RSA_DES_56_SHA1 = 3, 00045 PROTO_CIPHER_RSA_3DES_168_SHA1 = 4, 00046 PROTO_CIPHER_RSA_AES_128_SHA1 = 5, 00047 PROTO_CIPHER_RSA_AES_256_SHA1 = 6, 00048 PROTO_CIPHER_ENC_NULL_MD5 = 7, 00049 PROTO_CIPHER_ENC_NULL_SHA1 = 8, 00050 PROTO_CIPHER_RC4_128 = 9, 00051 PROTO_CIPHER_RC4_128_MD5 = 10, 00052 PROTO_CIPHER_RC4_128_SHA1 = 11, 00053 PROTO_CIPHER_DES_56 = 12, 00054 PROTO_CIPHER_DES_56_MD5 = 13, 00055 PROTO_CIPHER_DES_56_SHA1 = 14, 00056 PROTO_CIPHER_DES_56_SHA256 = 15, 00057 PROTO_CIPHER_DES_56_SHA384 = 16, 00058 PROTO_CIPHER_DES_56_SHA512 = 17, 00059 PROTO_CIPHER_3DES_168 = 18, 00060 PROTO_CIPHER_3DES_168_MD5 = 19, 00061 PROTO_CIPHER_3DES_168_SHA1 = 20, 00062 PROTO_CIPHER_3DES_168_SHA256 = 21, 00063 PROTO_CIPHER_3DES_168_SHA384 = 22, 00064 PROTO_CIPHER_3DES_168_SHA512 = 23, 00065 PROTO_CIPHER_AES_128 = 24, 00066 PROTO_CIPHER_AES_128_MD5 = 25, 00067 PROTO_CIPHER_AES_128_SHA1 = 26, 00068 PROTO_CIPHER_AES_128_SHA256 = 27, 00069 PROTO_CIPHER_AES_128_SHA384 = 28, 00070 PROTO_CIPHER_AES_128_SHA512 = 29, 00071 PROTO_CIPHER_AES_192 = 30, 00072 PROTO_CIPHER_AES_192_MD5 = 31, 00073 PROTO_CIPHER_AES_192_SHA1 = 32, 00074 PROTO_CIPHER_AES_192_SHA256 = 33, 00075 PROTO_CIPHER_AES_192_SHA384 = 34, 00076 PROTO_CIPHER_AES_192_SHA512 = 35, 00077 PROTO_CIPHER_AES_256 = 36, 00078 PROTO_CIPHER_AES_256_MD5 = 37, 00079 PROTO_CIPHER_AES_256_SHA1 = 38, 00080 PROTO_CIPHER_AES_256_SHA256 = 39, 00081 PROTO_CIPHER_AES_256_SHA384 = 40, 00082 PROTO_CIPHER_AES_256_SHA512 = 41, 00083 PROTO_CIPHER_AES_128_GCM = 42, 00084 PROTO_CIPHER_AES_192_GCM = 43, 00085 PROTO_CIPHER_AES_256_GCM = 44, 00086 PROTO_CIPHER_RSA_AES_128_SHA256 = 45, // TLS 1.2 00087 PROTO_CIPHER_RSA_AES_256_SHA256 = 46, 00088 PROTO_CIPHER_DHE_RSA_AES_128_SHA256 = 47, 00089 PROTO_CIPHER_DHE_RSA_AES_256_SHA256 = 48, 00090 PROTO_CIPHER_ECDHE_ECDSA_AES256_GCM_SHA384 = 49, // TLS 1.2 phase 2 00091 PROTO_CIPHER_ECDHE_RSA_AES256_GCM_SHA384 = 50, 00092 PROTO_CIPHER_DHE_RSA_AES256_GCM_SHA384 = 51, 00093 PROTO_CIPHER_AES256_GCM_SHA384 = 52, 00094 PROTO_CIPHER_ECDHE_ECDSA_AES256_SHA384 = 53, 00095 PROTO_CIPHER_ECDHE_RSA_AES256_SHA384 = 54, 00096 PROTO_CIPHER_ECDHE_ECDSA_AES128_GCM_SHA256 = 55, 00097 PROTO_CIPHER_ECDHE_RSA_AES128_GCM_SHA256 = 56, 00098 PROTO_CIPHER_DHE_RSA_AES128_GCM_SHA256 = 57, 00099 PROTO_CIPHER_AES128_GCM_SHA256 = 58, 00100 PROTO_CIPHER_ECDHE_ECDSA_AES128_SHA256 = 59, 00101 PROTO_CIPHER_ECDHE_RSA_AES128_SHA256 = 60, 00102 PROTO_CIPHER_DHE_RSA_AES256_SHA = 61, 00103 PROTO_CIPHER_DHE_RSA_AES128_SHA = 62 00104 }; 00105 00106 typedef enum 00107 { 00108 COMPR_NONE = 0, 00109 COMPR_DEFLATE = 1, 00110 COMPR_LZS = 2 00111 } COMPR_ALGORITHM; 00112 00113 /* 00114 ** Tunnel states 00115 ** New states must be added to the end of the list. 00116 ** Downloader tests states, so altering existing states requires verification 00117 ** that there won't be backward compability issues with downloader. 00118 */ 00119 //BUGBUG Suggested by Marc: Rename the STATE enum and its values. 00120 //BUGBUG We should probably change the enum name from STATE to VPNCON_STATE and 00121 //BUGBUG the prefixes on the values from STATE_ to VCS_ (for VPN connection state). 00122 //BUGBUG The API and GUI code have to deal with a number of different states, and the 00123 //BUGBUG generically named STATE is not very self documenting. 00124 //BUGBUG It's a throw back from the very earliest code for SSL VPN. 00125 typedef enum 00126 { 00127 STATE_CONNECTING, 00128 STATE_CONNECTED, 00129 STATE_RECONNECTING, 00130 STATE_DISCONNECTING, 00131 STATE_DISCONNECTED, 00132 STATE_PAUSING, 00133 STATE_PAUSED, 00134 STATE_AUTHENTICATING, 00135 STATE_SSOPOLLING, // Api is doing the auth-poll. 00136 STATE_UNDEFINED, 00137 } STATE; 00138 00139 /* 00140 ** Tunnel sub-states 00141 ** New sub-states must be added to the end of the list. 00142 ** Sub-states are meant to provide additional details, if necessary, about 00143 ** any of the VPN connection states. 00144 ** Substates prefixed with "VCSS_MT_" correspond to the management tunnel. 00145 */ 00146 enum VPNCON_SUBSTATE 00147 { 00148 VCSS_NORMAL = 0, 00149 VCSS_INDEFINITE_DELAY = (1 << 0), 00150 VCSS_SESSION_EXPIRING = (1 << 1), 00151 VCSS_MT_DISCONNECTED_DISABLED = (1 << 2), 00152 VCSS_MT_DISCONNECTED_TRUSTED_NW = (1 << 3), 00153 VCSS_MT_DISCONNECTED_USER_TUNNEL_ACTIVE = (1 << 4), 00154 VCSS_MT_DISCONNECTED_LAUNCH_FAILED = (1 << 5), 00155 VCSS_MT_DISCONNECTED_CONNECT_FAILED = (1 << 6), 00156 VCSS_MT_DISCONNECTED_BAD_VPN_CONFIG = (1 << 7), 00157 VCSS_MT_DISCONNECTED_SW_UP_PENDING = (1 << 8), 00158 VCSS_MTU_ADJUSTMENT_PENDING = (1 << 9) 00159 }; 00160 00161 typedef enum 00162 { 00163 NCS_RESTRICTED = 0, //a client configuration has been applied to the endpoints 00164 //operating system configuration 00165 NCS_PARTIAL_RESTRICTED_CAPTIVE_PORTAL, //a client configuration has been applied to the 00166 //endpoints operating system configuration to allow 00167 //captive portal remediation 00168 NCS_UNRESTRICTED //the endpoints operating system configuration is not currently altered by the client 00169 } NETCTRL_STATE; 00170 00171 00172 // Note that while these values are defined like a bitmap, the network environment state 00173 // is not used as a bitmap. No two values are ever combined. They are used like linear 00174 // values. The bitmap arrangement of values is to enable testing for many possible values 00175 // all at once in a single compare without having to do a series of compares against 00176 // different linear values. 00177 // 00178 typedef enum 00179 { 00180 NES_NO_NETWORK_INTERFACE = (1 << 0), 00181 NES_NO_PUBLIC_INTERFACE = (1 << 1), 00182 NES_NO_DNS_CONNECTIVITY = (1 << 2), 00183 NES_CAPTIVE_PORTAL_DETECTED = (1 << 3), 00184 NES_AUTH_PROXY_DETECTED = (1 << 4), 00185 NES_NETWORK_ACCESSIBLE = (1 << 5), 00186 NES_SECURE_GATEWAY_ACCESSIBLE = (1 << 6) 00187 } NETENV_STATE; 00188 00189 00190 // Trusted Network Detection types. 00191 typedef enum 00192 { 00193 NT_TRUSTED, 00194 NT_UNTRUSTED, 00195 NT_UNDEFINED 00196 } NETWORK_TYPE; 00197 00198 // Firewall enums 00199 typedef enum 00200 { FW_PERMISSION_UNKNOWN, 00201 FW_PERMISSION_PERMIT, 00202 FW_PERMISSION_DENY 00203 } FW_Permission; 00204 00205 typedef enum 00206 { FW_PROTOCOL_UNKNOWN, 00207 FW_PROTOCOL_TCP, 00208 FW_PROTOCOL_UDP, 00209 FW_PROTOCOL_ICMP, 00210 FW_PROTOCOL_ANY 00211 } FW_Protocol; 00212 00213 typedef enum 00214 { 00215 FW_INTERFACE_UNKNOWN, 00216 FW_INTERFACE_PUBLIC, 00217 FW_INTERFACE_PRIVATE 00218 } FW_Interface; 00219 00220 typedef enum 00221 { 00222 FW_RULE_DIRECTION_IN, 00223 FW_RULE_DIRECTION_OUT, 00224 FW_RULE_DIRECTION_BOTH 00225 } FW_Rule_Direction; 00226 00227 typedef enum 00228 { 00229 MUS_STATUS_UNKNOWN = 0, 00230 MUS_STATUS_ENABLED, 00231 MUS_STATUS_DISABLED, 00232 MUS_STATUS_UNCONFIRMED 00233 } MUS_STATUS; 00234 00235 // These can be used to get/set an automatic preference value using the 00236 // generic UserPreferences.getAutomaticPreferenceValue() and 00237 // setAutomaticPreferenceValue() methods, rather than using the individual 00238 // getters/setters. 00239 typedef enum 00240 { 00241 HeadendSelectionCacheId = 0, 00242 DefaultUserId, 00243 DefaultSecondUserId, 00244 DefaultHostId, 00245 DefaultGroupId, 00246 ProxyHostId, 00247 ProxyPortId, 00248 SDITokenTypeId, 00249 NoSDITokenId, 00250 ClientCertThumbprintId, 00251 ServerCertThumbprintId, 00252 UnknownAutomaticPreference 00253 } AutoPreferenceId ; 00254 00255 // Used to determine if CPublicProxies, CPrivateProxies or no proxies should be used. 00256 typedef enum 00257 { 00258 TRANSPORT_PROXY_NONE, 00259 TRANSPORT_PROXY_PUBLIC, 00260 TRANSPORT_PROXY_CURRENT 00261 } TRANSPORT_PROXY_TYPE; 00262 00263 // user authentication methods 00264 // these are shared between Agent and API 00265 // 00266 // Note that IKE PSK is supported for reconnects only. The API can never 00267 // initiate an IPsec connection using IKE PSK authentication. 00268 typedef enum 00269 { 00270 USER_AUTH_UNKNOWN = 0, 00271 USER_AUTH_SSL_MACHINE_STORE_CERT, 00272 USER_AUTH_IKE_PSK, 00273 USER_AUTH_IKE_RSA, 00274 USER_AUTH_IKE_ECDSA, 00275 USER_AUTH_IKE_EAP_MD5, 00276 USER_AUTH_IKE_EAP_MSCHAPv2, 00277 USER_AUTH_IKE_EAP_GTC, 00278 USER_AUTH_IKE_EAP_ANYCONNECT, // Default 00279 } USER_AUTH_METHOD; 00280 00281 typedef enum 00282 { 00283 CFR_NONE = 0, 00284 CFR_HOST_UNREACHABLE, 00285 } CONNECT_FAILURE_REASON; 00286 00287 typedef enum 00288 { 00289 DYN_SPLIT_TUN_EXC, 00290 DYN_SPLIT_TUN_INC 00291 } DYN_SPLIT_TUN_TYPE; 00292 00293 typedef enum 00294 { 00295 VPN_TUNNEL_SCOPE_USER, 00296 VPN_TUNNEL_SCOPE_MACHINE, 00297 VPN_TUNNEL_SCOPE_UNDEFINED 00298 } VPN_TUNNEL_SCOPE; 00299 00300 #define IS_USER_TUNNEL(x) (VPN_TUNNEL_SCOPE_USER == x) 00301 #define IS_MGMT_TUNNEL(x) (VPN_TUNNEL_SCOPE_MACHINE == x) 00302 00303 #endif // __GLOBALENUMS_H