AnyConnect Secure Mobility Client
4.0.00061
|
00001 /******************************************************************************* 00002 * COPYRIGHT 2007 - Cisco Systems 00003 * All Rights Reserved 00004 ******************************************************************************** 00005 ** 00006 ** GlobalEnums.h 00007 ** 00008 ** Contains enumerations used in the API and TLV classes. 00009 ** 00010 *********************************************************************************/ 00011 00012 #ifndef __GLOBALENUMS_H 00013 #define __GLOBALENUMS_H 00014 00015 /***** PUT ONLY ENUMS IN THIS FILE AS IT IS ALSO USED BY THE MIDL COMPILER *****\ 00016 \******************** This is also compiled with IDL compiler **********************/ 00017 00018 enum ConnectProtocolType 00019 { 00020 PROTOCOL_TYPE_UNKNOWN = 0, 00021 PROTOCOL_TYPE_SSL, 00022 PROTOCOL_TYPE_IPSEC, 00023 }; 00024 00025 enum ProtocolVersion 00026 { 00027 PROTO_VERSION_UNKNOWN = 0, 00028 PROTO_VERSION_TLS10 = 1, 00029 PROTO_VERSION_SSL30 = 2, 00030 PROTO_VERSION_DTLS10 = 3, 00031 PROTO_VERSION_IPSEC = 4, 00032 PROTO_VERSION_IPSEC_NAT_T = 5 00033 }; 00034 00035 enum ProtocolCipher 00036 { 00037 PROTO_CIPHER_UNKNOWN = 0, 00038 PROTO_CIPHER_RSA_RC4_128_MD5 = 1, 00039 PROTO_CIPHER_RSA_RC4_128_SHA1 = 2, 00040 PROTO_CIPHER_RSA_DES_56_SHA1 = 3, 00041 PROTO_CIPHER_RSA_3DES_168_SHA1 = 4, 00042 PROTO_CIPHER_RSA_AES_128_SHA1 = 5, 00043 PROTO_CIPHER_RSA_AES_256_SHA1 = 6, 00044 PROTO_CIPHER_ENC_NULL_MD5 = 7, 00045 PROTO_CIPHER_ENC_NULL_SHA1 = 8, 00046 PROTO_CIPHER_RC4_128 = 9, 00047 PROTO_CIPHER_RC4_128_MD5 = 10, 00048 PROTO_CIPHER_RC4_128_SHA1 = 11, 00049 PROTO_CIPHER_DES_56 = 12, 00050 PROTO_CIPHER_DES_56_MD5 = 13, 00051 PROTO_CIPHER_DES_56_SHA1 = 14, 00052 PROTO_CIPHER_DES_56_SHA256 = 15, 00053 PROTO_CIPHER_DES_56_SHA384 = 16, 00054 PROTO_CIPHER_DES_56_SHA512 = 17, 00055 PROTO_CIPHER_3DES_168 = 18, 00056 PROTO_CIPHER_3DES_168_MD5 = 19, 00057 PROTO_CIPHER_3DES_168_SHA1 = 20, 00058 PROTO_CIPHER_3DES_168_SHA256 = 21, 00059 PROTO_CIPHER_3DES_168_SHA384 = 22, 00060 PROTO_CIPHER_3DES_168_SHA512 = 23, 00061 PROTO_CIPHER_AES_128 = 24, 00062 PROTO_CIPHER_AES_128_MD5 = 25, 00063 PROTO_CIPHER_AES_128_SHA1 = 26, 00064 PROTO_CIPHER_AES_128_SHA256 = 27, 00065 PROTO_CIPHER_AES_128_SHA384 = 28, 00066 PROTO_CIPHER_AES_128_SHA512 = 29, 00067 PROTO_CIPHER_AES_192 = 30, 00068 PROTO_CIPHER_AES_192_MD5 = 31, 00069 PROTO_CIPHER_AES_192_SHA1 = 32, 00070 PROTO_CIPHER_AES_192_SHA256 = 33, 00071 PROTO_CIPHER_AES_192_SHA384 = 34, 00072 PROTO_CIPHER_AES_192_SHA512 = 35, 00073 PROTO_CIPHER_AES_256 = 36, 00074 PROTO_CIPHER_AES_256_MD5 = 37, 00075 PROTO_CIPHER_AES_256_SHA1 = 38, 00076 PROTO_CIPHER_AES_256_SHA256 = 39, 00077 PROTO_CIPHER_AES_256_SHA384 = 40, 00078 PROTO_CIPHER_AES_256_SHA512 = 41, 00079 PROTO_CIPHER_AES_128_GCM = 42, 00080 PROTO_CIPHER_AES_192_GCM = 43, 00081 PROTO_CIPHER_AES_256_GCM = 44, 00082 PROTO_CIPHER_RSA_AES_128_SHA256 = 45, // TLS 1.2 00083 PROTO_CIPHER_RSA_AES_256_SHA256 = 46, 00084 PROTO_CIPHER_DHE_RSA_AES_128_SHA256 = 47, 00085 PROTO_CIPHER_DHE_RSA_AES_256_SHA256 = 48, 00086 PROTO_CIPHER_ECDHE_ECDSA_AES256_GCM_SHA384 = 49, // TLS 1.2 phase 2 00087 PROTO_CIPHER_ECDHE_RSA_AES256_GCM_SHA384 = 50, 00088 PROTO_CIPHER_DHE_RSA_AES256_GCM_SHA384 = 51, 00089 PROTO_CIPHER_AES256_GCM_SHA384 = 52, 00090 PROTO_CIPHER_ECDHE_ECDSA_AES256_SHA384 = 53, 00091 PROTO_CIPHER_ECDHE_RSA_AES256_SHA384 = 54, 00092 PROTO_CIPHER_ECDHE_ECDSA_AES128_GCM_SHA256 = 55, 00093 PROTO_CIPHER_ECDHE_RSA_AES128_GCM_SHA256 = 56, 00094 PROTO_CIPHER_DHE_RSA_AES128_GCM_SHA256 = 57, 00095 PROTO_CIPHER_AES128_GCM_SHA256 = 58, 00096 PROTO_CIPHER_ECDHE_ECDSA_AES128_SHA256 = 59, 00097 PROTO_CIPHER_ECDHE_RSA_AES128_SHA256 = 60, 00098 PROTO_CIPHER_DHE_RSA_AES256_SHA = 61, 00099 PROTO_CIPHER_DHE_RSA_AES128_SHA = 62 00100 }; 00101 00102 typedef enum 00103 { 00104 COMPR_NONE = 0, 00105 COMPR_DEFLATE = 1, 00106 COMPR_LZS = 2 00107 } COMPR_ALGORITHM; 00108 00109 /* 00110 ** Tunnel states 00111 ** New states must be added to the end of the list. 00112 ** Downloader tests states, so altering existing states requires verification 00113 ** that there won't be backward compability issues with downloader. 00114 */ 00115 //BUGBUG Suggested by Marc: Rename the STATE enum and its values. 00116 //BUGBUG We should probably change the enum name from STATE to VPNCON_STATE and 00117 //BUGBUG the prefixes on the values from STATE_ to VCS_ (for VPN connection state). 00118 //BUGBUG The API and GUI code have to deal with a number of different states, and the 00119 //BUGBUG generically named STATE is not very self documenting. 00120 //BUGBUG It's a throw back from the very earliest code for SSL VPN. 00121 typedef enum 00122 { 00123 STATE_CONNECTING, 00124 STATE_CONNECTED, 00125 STATE_RECONNECTING, 00126 STATE_DISCONNECTING, 00127 STATE_DISCONNECTED, 00128 STATE_PAUSING, 00129 STATE_PAUSED, 00130 STATE_AUTHENTICATING, 00131 STATE_UNDEFINED, 00132 } STATE; 00133 00134 /* 00135 ** Tunnel sub-states 00136 ** New sub-states must be added to the end of the list. 00137 ** Sub-states are meant to provide additional details, if necessary, about 00138 ** any of the VPN connection states. 00139 */ 00140 typedef enum 00141 { 00142 VCSS_NORMAL, 00143 VCSS_INDEFINITE_DELAY 00144 } VPNCON_SUBSTATE; 00145 00146 typedef enum 00147 { 00148 NCS_RESTRICTED = 0, //a client configuration has been applied to the endpoints 00149 //operating system configuration 00150 NCS_PARTIAL_RESTRICTED_CAPTIVE_PORTAL, //a client configuration has been applied to the 00151 //endpoints operating system configuration to allow 00152 //captive portal remediation 00153 NCS_UNRESTRICTED //the endpoints operating system configuration is not currently altered by the client 00154 } NETCTRL_STATE; 00155 00156 00157 // Note that while these values are defined like a bitmap, the network environment state 00158 // is not used as a bitmap. No two values are ever combined. They are used like linear 00159 // values. The bitmap arrangement of values is to enable testing for many possible values 00160 // all at once in a single compare without having to do a series of compares against 00161 // different linear values. 00162 // 00163 typedef enum 00164 { 00165 NES_NO_NETWORK_INTERFACE = (1 << 0), 00166 NES_NO_PUBLIC_INTERFACE = (1 << 1), 00167 NES_NO_DNS_CONNECTIVITY = (1 << 2), 00168 NES_CAPTIVE_PORTAL_DETECTED = (1 << 3), 00169 NES_AUTH_PROXY_DETECTED = (1 << 4), 00170 NES_NETWORK_ACCESSIBLE = (1 << 5), 00171 NES_SECURE_GATEWAY_ACCESSIBLE = (1 << 6) 00172 } NETENV_STATE; 00173 00174 00175 // Trusted Network Detection types. 00176 typedef enum 00177 { 00178 NT_TRUSTED, 00179 NT_UNTRUSTED, 00180 NT_UNDEFINED 00181 } NETWORK_TYPE; 00182 00183 // Firewall enums 00184 typedef enum 00185 { FW_PERMISSION_UNKNOWN, 00186 FW_PERMISSION_PERMIT, 00187 FW_PERMISSION_DENY 00188 } FW_Permission; 00189 00190 typedef enum 00191 { FW_PROTOCOL_UNKNOWN, 00192 FW_PROTOCOL_TCP, 00193 FW_PROTOCOL_UDP, 00194 FW_PROTOCOL_ICMP, 00195 FW_PROTOCOL_ANY 00196 } FW_Protocol; 00197 00198 typedef enum 00199 { 00200 FW_INTERFACE_UNKNOWN, 00201 FW_INTERFACE_PUBLIC, 00202 FW_INTERFACE_PRIVATE 00203 } FW_Interface; 00204 00205 typedef enum 00206 { 00207 FW_RULE_DIRECTION_IN, 00208 FW_RULE_DIRECTION_OUT, 00209 FW_RULE_DIRECTION_BOTH 00210 } FW_Rule_Direction; 00211 00212 typedef enum 00213 { 00214 MUS_STATUS_UNKNOWN = 0, 00215 MUS_STATUS_ENABLED, 00216 MUS_STATUS_DISABLED, 00217 MUS_STATUS_UNCONFIRMED 00218 } MUS_STATUS; 00219 00220 // These can be used to get/set an automatic preference value using the 00221 // generic UserPreferences.getAutomaticPreferenceValue() and 00222 // setAutomaticPreferenceValue() methods, rather than using the individual 00223 // getters/setters. 00224 typedef enum 00225 { 00226 HeadendSelectionCacheId = 0, 00227 DefaultUserId, 00228 DefaultSecondUserId, 00229 DefaultHostId, 00230 DefaultGroupId, 00231 ProxyHostId, 00232 ProxyPortId, 00233 SDITokenTypeId, 00234 NoSDITokenId, 00235 ClientCertThumbprintId, 00236 ServerCertThumbprintId, 00237 UnknownAutomaticPreference 00238 } AutoPreferenceId ; 00239 00240 // Used to determine if CPublicProxies, CPrivateProxies or no proxies should be used. 00241 typedef enum 00242 { 00243 TRANSPORT_PROXY_NONE, 00244 TRANSPORT_PROXY_PUBLIC, 00245 TRANSPORT_PROXY_CURRENT 00246 } TRANSPORT_PROXY_TYPE; 00247 00248 // user authentication methods 00249 // these are shared between Agent and API 00250 // 00251 // Note that IKE PSK is supported for reconnects only. The API can never 00252 // initiate an IPsec connection using IKE PSK authentication. 00253 typedef enum 00254 { 00255 USER_AUTH_UNKNOWN = 0, 00256 USER_AUTH_SSL_MACHINE_STORE_CERT, 00257 USER_AUTH_IKE_PSK, 00258 USER_AUTH_IKE_RSA, 00259 USER_AUTH_IKE_ECDSA, 00260 USER_AUTH_IKE_EAP_MD5, 00261 USER_AUTH_IKE_EAP_MSCHAPv2, 00262 USER_AUTH_IKE_EAP_GTC, 00263 USER_AUTH_IKE_EAP_ANYCONNECT, // Default 00264 } USER_AUTH_METHOD; 00265 00266 typedef enum 00267 { 00268 CFR_NONE = 0, 00269 CFR_HOST_UNREACHABLE, 00270 } CONNECT_FAILURE_REASON; 00271 00272 #endif // __GLOBALENUMS_H