AnyConnect Secure Mobility Client 4.3.00748
|
00001 /******************************************************************************* 00002 * COPYRIGHT 2007 - Cisco Systems 00003 * All Rights Reserved 00004 ******************************************************************************** 00005 ** 00006 ** GlobalEnums.h 00007 ** 00008 ** Contains enumerations used in the API and TLV classes. 00009 ** 00010 *********************************************************************************/ 00011 00012 #ifndef __GLOBALENUMS_H 00013 #define __GLOBALENUMS_H 00014 00015 /***** PUT ONLY ENUMS IN THIS FILE AS IT IS ALSO USED BY THE MIDL COMPILER *****\ 00016 \******************** This is also compiled with IDL compiler **********************/ 00017 00018 enum ConnectProtocolType 00019 { 00020 PROTOCOL_TYPE_UNKNOWN = 0, 00021 PROTOCOL_TYPE_SSL, 00022 PROTOCOL_TYPE_IPSEC, 00023 }; 00024 00025 enum ProtocolVersion 00026 { 00027 PROTO_VERSION_UNKNOWN = 0, 00028 PROTO_VERSION_TLS10 = 1, 00029 PROTO_VERSION_SSL30 = 2, 00030 PROTO_VERSION_DTLS10 = 3, 00031 PROTO_VERSION_IPSEC = 4, 00032 PROTO_VERSION_IPSEC_NAT_T = 5, 00033 PROTO_VERSION_TLS11 = 6, 00034 PROTO_VERSION_TLS12 = 7, 00035 }; 00036 00037 enum ProtocolCipher 00038 { 00039 PROTO_CIPHER_UNKNOWN = 0, 00040 PROTO_CIPHER_RSA_RC4_128_MD5 = 1, 00041 PROTO_CIPHER_RSA_RC4_128_SHA1 = 2, 00042 PROTO_CIPHER_RSA_DES_56_SHA1 = 3, 00043 PROTO_CIPHER_RSA_3DES_168_SHA1 = 4, 00044 PROTO_CIPHER_RSA_AES_128_SHA1 = 5, 00045 PROTO_CIPHER_RSA_AES_256_SHA1 = 6, 00046 PROTO_CIPHER_ENC_NULL_MD5 = 7, 00047 PROTO_CIPHER_ENC_NULL_SHA1 = 8, 00048 PROTO_CIPHER_RC4_128 = 9, 00049 PROTO_CIPHER_RC4_128_MD5 = 10, 00050 PROTO_CIPHER_RC4_128_SHA1 = 11, 00051 PROTO_CIPHER_DES_56 = 12, 00052 PROTO_CIPHER_DES_56_MD5 = 13, 00053 PROTO_CIPHER_DES_56_SHA1 = 14, 00054 PROTO_CIPHER_DES_56_SHA256 = 15, 00055 PROTO_CIPHER_DES_56_SHA384 = 16, 00056 PROTO_CIPHER_DES_56_SHA512 = 17, 00057 PROTO_CIPHER_3DES_168 = 18, 00058 PROTO_CIPHER_3DES_168_MD5 = 19, 00059 PROTO_CIPHER_3DES_168_SHA1 = 20, 00060 PROTO_CIPHER_3DES_168_SHA256 = 21, 00061 PROTO_CIPHER_3DES_168_SHA384 = 22, 00062 PROTO_CIPHER_3DES_168_SHA512 = 23, 00063 PROTO_CIPHER_AES_128 = 24, 00064 PROTO_CIPHER_AES_128_MD5 = 25, 00065 PROTO_CIPHER_AES_128_SHA1 = 26, 00066 PROTO_CIPHER_AES_128_SHA256 = 27, 00067 PROTO_CIPHER_AES_128_SHA384 = 28, 00068 PROTO_CIPHER_AES_128_SHA512 = 29, 00069 PROTO_CIPHER_AES_192 = 30, 00070 PROTO_CIPHER_AES_192_MD5 = 31, 00071 PROTO_CIPHER_AES_192_SHA1 = 32, 00072 PROTO_CIPHER_AES_192_SHA256 = 33, 00073 PROTO_CIPHER_AES_192_SHA384 = 34, 00074 PROTO_CIPHER_AES_192_SHA512 = 35, 00075 PROTO_CIPHER_AES_256 = 36, 00076 PROTO_CIPHER_AES_256_MD5 = 37, 00077 PROTO_CIPHER_AES_256_SHA1 = 38, 00078 PROTO_CIPHER_AES_256_SHA256 = 39, 00079 PROTO_CIPHER_AES_256_SHA384 = 40, 00080 PROTO_CIPHER_AES_256_SHA512 = 41, 00081 PROTO_CIPHER_AES_128_GCM = 42, 00082 PROTO_CIPHER_AES_192_GCM = 43, 00083 PROTO_CIPHER_AES_256_GCM = 44, 00084 PROTO_CIPHER_RSA_AES_128_SHA256 = 45, // TLS 1.2 00085 PROTO_CIPHER_RSA_AES_256_SHA256 = 46, 00086 PROTO_CIPHER_DHE_RSA_AES_128_SHA256 = 47, 00087 PROTO_CIPHER_DHE_RSA_AES_256_SHA256 = 48, 00088 PROTO_CIPHER_ECDHE_ECDSA_AES256_GCM_SHA384 = 49, // TLS 1.2 phase 2 00089 PROTO_CIPHER_ECDHE_RSA_AES256_GCM_SHA384 = 50, 00090 PROTO_CIPHER_DHE_RSA_AES256_GCM_SHA384 = 51, 00091 PROTO_CIPHER_AES256_GCM_SHA384 = 52, 00092 PROTO_CIPHER_ECDHE_ECDSA_AES256_SHA384 = 53, 00093 PROTO_CIPHER_ECDHE_RSA_AES256_SHA384 = 54, 00094 PROTO_CIPHER_ECDHE_ECDSA_AES128_GCM_SHA256 = 55, 00095 PROTO_CIPHER_ECDHE_RSA_AES128_GCM_SHA256 = 56, 00096 PROTO_CIPHER_DHE_RSA_AES128_GCM_SHA256 = 57, 00097 PROTO_CIPHER_AES128_GCM_SHA256 = 58, 00098 PROTO_CIPHER_ECDHE_ECDSA_AES128_SHA256 = 59, 00099 PROTO_CIPHER_ECDHE_RSA_AES128_SHA256 = 60, 00100 PROTO_CIPHER_DHE_RSA_AES256_SHA = 61, 00101 PROTO_CIPHER_DHE_RSA_AES128_SHA = 62 00102 }; 00103 00104 typedef enum 00105 { 00106 COMPR_NONE = 0, 00107 COMPR_DEFLATE = 1, 00108 COMPR_LZS = 2 00109 } COMPR_ALGORITHM; 00110 00111 /* 00112 ** Tunnel states 00113 ** New states must be added to the end of the list. 00114 ** Downloader tests states, so altering existing states requires verification 00115 ** that there won't be backward compability issues with downloader. 00116 */ 00117 //BUGBUG Suggested by Marc: Rename the STATE enum and its values. 00118 //BUGBUG We should probably change the enum name from STATE to VPNCON_STATE and 00119 //BUGBUG the prefixes on the values from STATE_ to VCS_ (for VPN connection state). 00120 //BUGBUG The API and GUI code have to deal with a number of different states, and the 00121 //BUGBUG generically named STATE is not very self documenting. 00122 //BUGBUG It's a throw back from the very earliest code for SSL VPN. 00123 typedef enum 00124 { 00125 STATE_CONNECTING, 00126 STATE_CONNECTED, 00127 STATE_RECONNECTING, 00128 STATE_DISCONNECTING, 00129 STATE_DISCONNECTED, 00130 STATE_PAUSING, 00131 STATE_PAUSED, 00132 STATE_AUTHENTICATING, 00133 STATE_SSOPOLLING, // Api is doing the auth-poll. 00134 STATE_UNDEFINED, 00135 } STATE; 00136 00137 /* 00138 ** Tunnel sub-states 00139 ** New sub-states must be added to the end of the list. 00140 ** Sub-states are meant to provide additional details, if necessary, about 00141 ** any of the VPN connection states. 00142 */ 00143 typedef enum 00144 { 00145 VCSS_NORMAL, 00146 VCSS_INDEFINITE_DELAY 00147 } VPNCON_SUBSTATE; 00148 00149 typedef enum 00150 { 00151 NCS_RESTRICTED = 0, //a client configuration has been applied to the endpoints 00152 //operating system configuration 00153 NCS_PARTIAL_RESTRICTED_CAPTIVE_PORTAL, //a client configuration has been applied to the 00154 //endpoints operating system configuration to allow 00155 //captive portal remediation 00156 NCS_UNRESTRICTED //the endpoints operating system configuration is not currently altered by the client 00157 } NETCTRL_STATE; 00158 00159 00160 // Note that while these values are defined like a bitmap, the network environment state 00161 // is not used as a bitmap. No two values are ever combined. They are used like linear 00162 // values. The bitmap arrangement of values is to enable testing for many possible values 00163 // all at once in a single compare without having to do a series of compares against 00164 // different linear values. 00165 // 00166 typedef enum 00167 { 00168 NES_NO_NETWORK_INTERFACE = (1 << 0), 00169 NES_NO_PUBLIC_INTERFACE = (1 << 1), 00170 NES_NO_DNS_CONNECTIVITY = (1 << 2), 00171 NES_CAPTIVE_PORTAL_DETECTED = (1 << 3), 00172 NES_AUTH_PROXY_DETECTED = (1 << 4), 00173 NES_NETWORK_ACCESSIBLE = (1 << 5), 00174 NES_SECURE_GATEWAY_ACCESSIBLE = (1 << 6) 00175 } NETENV_STATE; 00176 00177 00178 // Trusted Network Detection types. 00179 typedef enum 00180 { 00181 NT_TRUSTED, 00182 NT_UNTRUSTED, 00183 NT_UNDEFINED 00184 } NETWORK_TYPE; 00185 00186 // Firewall enums 00187 typedef enum 00188 { FW_PERMISSION_UNKNOWN, 00189 FW_PERMISSION_PERMIT, 00190 FW_PERMISSION_DENY 00191 } FW_Permission; 00192 00193 typedef enum 00194 { FW_PROTOCOL_UNKNOWN, 00195 FW_PROTOCOL_TCP, 00196 FW_PROTOCOL_UDP, 00197 FW_PROTOCOL_ICMP, 00198 FW_PROTOCOL_ANY 00199 } FW_Protocol; 00200 00201 typedef enum 00202 { 00203 FW_INTERFACE_UNKNOWN, 00204 FW_INTERFACE_PUBLIC, 00205 FW_INTERFACE_PRIVATE 00206 } FW_Interface; 00207 00208 typedef enum 00209 { 00210 FW_RULE_DIRECTION_IN, 00211 FW_RULE_DIRECTION_OUT, 00212 FW_RULE_DIRECTION_BOTH 00213 } FW_Rule_Direction; 00214 00215 typedef enum 00216 { 00217 MUS_STATUS_UNKNOWN = 0, 00218 MUS_STATUS_ENABLED, 00219 MUS_STATUS_DISABLED, 00220 MUS_STATUS_UNCONFIRMED 00221 } MUS_STATUS; 00222 00223 // These can be used to get/set an automatic preference value using the 00224 // generic UserPreferences.getAutomaticPreferenceValue() and 00225 // setAutomaticPreferenceValue() methods, rather than using the individual 00226 // getters/setters. 00227 typedef enum 00228 { 00229 HeadendSelectionCacheId = 0, 00230 DefaultUserId, 00231 DefaultSecondUserId, 00232 DefaultHostId, 00233 DefaultGroupId, 00234 ProxyHostId, 00235 ProxyPortId, 00236 SDITokenTypeId, 00237 NoSDITokenId, 00238 ClientCertThumbprintId, 00239 ServerCertThumbprintId, 00240 UnknownAutomaticPreference 00241 } AutoPreferenceId ; 00242 00243 // Used to determine if CPublicProxies, CPrivateProxies or no proxies should be used. 00244 typedef enum 00245 { 00246 TRANSPORT_PROXY_NONE, 00247 TRANSPORT_PROXY_PUBLIC, 00248 TRANSPORT_PROXY_CURRENT 00249 } TRANSPORT_PROXY_TYPE; 00250 00251 // user authentication methods 00252 // these are shared between Agent and API 00253 // 00254 // Note that IKE PSK is supported for reconnects only. The API can never 00255 // initiate an IPsec connection using IKE PSK authentication. 00256 typedef enum 00257 { 00258 USER_AUTH_UNKNOWN = 0, 00259 USER_AUTH_SSL_MACHINE_STORE_CERT, 00260 USER_AUTH_IKE_PSK, 00261 USER_AUTH_IKE_RSA, 00262 USER_AUTH_IKE_ECDSA, 00263 USER_AUTH_IKE_EAP_MD5, 00264 USER_AUTH_IKE_EAP_MSCHAPv2, 00265 USER_AUTH_IKE_EAP_GTC, 00266 USER_AUTH_IKE_EAP_ANYCONNECT, // Default 00267 } USER_AUTH_METHOD; 00268 00269 typedef enum 00270 { 00271 CFR_NONE = 0, 00272 CFR_HOST_UNREACHABLE, 00273 } CONNECT_FAILURE_REASON; 00274 00275 #endif // __GLOBALENUMS_H