![]() |
AnyConnect Secure Mobility Client 4.4.00243
|
00001 #ifndef _APISTDHEADER_ 00002 #define _APISTDHEADER_ 00003 00004 /** 00005 * @file 00006 * This file contains some basic compiler definitions as well as common enums. 00007 */ 00008 00009 //Not compatible with MIDL 00010 #if !defined(__midl) 00011 #ifdef _WIN32 00012 #pragma warning(disable:4251 4786) 00013 00014 #ifndef UNICODE 00015 #define UNICODE 00016 #endif // UNICODE 00017 00018 #ifndef _UNICODE 00019 #define _UNICODE 00020 #endif // _UNICODE 00021 00022 #ifndef tstring 00023 /** std::wstring */ 00024 #define tstring std::wstring /**< my wstring description */ 00025 #endif // tstring 00026 00027 #else // non-windows 00028 00029 #ifndef tstring 00030 #define tstring std::string 00031 #endif // tstring 00032 00033 #endif // _WIN32 00034 00035 #ifdef _UNICODE 00036 #define tostream std::wostream 00037 #else 00038 #define tostream std::ostream 00039 #endif /* UNICODE */ 00040 00041 00042 //used when including implementation files directly in an EXE. 00043 #ifdef _NOEXPORTDLL 00044 #define VPN_VPNAPI 00045 #else 00046 #ifdef _WIN32 00047 #ifdef VPN_APIEXPORTS //api 00048 #define VPN_VPNAPI __declspec(dllexport) 00049 #else 00050 #define VPN_VPNAPI __declspec(dllimport) 00051 #endif 00052 #else 00053 #ifdef VPN_APIEXPORTS 00054 #define VPN_VPNAPI __attribute__((visibility("default"))) 00055 #else 00056 #define VPN_VPNAPI 00057 #endif 00058 #endif //_WIN32 00059 #endif //NOEXPORTDLL 00060 00061 #ifndef OUT 00062 #define OUT 00063 #endif 00064 00065 #ifdef __cplusplus //only include if C++ is being used, 00066 //C code also includes api.h for COM proxy of enumerators. 00067 #include <string> 00068 #include <map> 00069 #include <list> 00070 00071 typedef std::map<tstring, tstring> ApiStringMap; 00072 typedef std::map<tstring, std::list<tstring> > ApiStringListMap; 00073 00074 #endif //__cplusplus 00075 #endif //#if !defined(__midl) 00076 00077 00078 /***** PUT ONLY SHARED ENUMS EXPOSED TO USERS OF API FROM THIS POINT UNTIL END *****\ 00079 ********* make sure to add the [v1_enum] inside a __midl define to new enums ******** 00080 \******************** This is also compiled with IDL compiler **********************/ 00081 00082 #include "GlobalEnums.h" 00083 /** 00084 * MessageType 00085 * presents a level of severity associated with messages that are 00086 * sent to the API. The severity can be useful for deciding how a message is 00087 * to be shown. A UI might decide based on type to show a message as 00088 * a modal dialog versus a message written to the status area for an existing UI. 00089 */ 00090 #if defined(__midl) 00091 [v1_enum] /*serialize as 32 bits*/ 00092 #endif 00093 enum MessageType 00094 { 00095 MsgType_Error, /**< Issue usually requiring user to acknowledge */ 00096 MsgType_Warn, /**< Less severe, not required to be shown to user */ 00097 MsgType_Info, /**< General message providing status, progress, etc. */ 00098 MsgType_Status /**< Can be used to indicate unexpected tunnel status change. */ 00099 }; 00100 00101 00102 /** 00103 * Identifies the type of token that was used successfully when SDI 00104 * Authentication is in use. 00105 */ 00106 #if defined(__midl) 00107 [v1_enum] /*serialize as 32 bits*/ 00108 #endif 00109 enum SDITokenType 00110 { 00111 SDITT_NONE, 00112 SDITT_HARDWARE, 00113 SDITT_SOFTWARE 00114 }; 00115 00116 /** 00117 * Provides the current state of the VPN tunnel. 00118 */ 00119 #if defined(__midl) 00120 [v1_enum] /*serialize as 32 bits*/ 00121 #endif 00122 enum VPNState 00123 { 00124 CONNECTED = STATE_CONNECTED, /**< VPN is active */ 00125 DISCONNECTED = STATE_DISCONNECTED, /**< VPN is inactive */ 00126 CONNECTING = STATE_CONNECTING, /**< VPN is being established */ 00127 DISCONNECTING = STATE_DISCONNECTING, /**< VPN is being terminated */ 00128 RECONNECTING = STATE_RECONNECTING, /**< VPN is being re-connected. This state 00129 can occur due to network or other 00130 temporary problems. The state 00131 indicates that the VPN is temporarily 00132 unavailable and indicates the 00133 connection is being re-established. */ 00134 PAUSING = STATE_PAUSING, /**< VPN is being paused. */ 00135 PAUSED = STATE_PAUSED, /**< VPN is paused. */ 00136 SSOPOLLING = STATE_SSOPOLLING, /**< API is doing auth-poll, VPN is disconnected. */ 00137 UNKNOWN = ~0 00138 }; 00139 00140 /** 00141 * Provides the current sub-state of the VPN tunnel. 00142 */ 00143 #if defined(__midl) 00144 [v1_enum] /*serialize as 32 bits*/ 00145 #endif 00146 enum VPNSubState 00147 { 00148 VPNSS_NORMAL = VCSS_NORMAL, 00149 VPNSS_INDEFINITE_DELAY = VCSS_INDEFINITE_DELAY, 00150 VPNSS_SESSION_EXPIRING = VCSS_SESSION_EXPIRING 00151 }; 00152 00153 /** 00154 * WMHint 00155 * provides a hint for the GUI to either minimize or un-minimize. 00156 */ 00157 #if defined(__midl) 00158 [v1_enum] /*serialize as 32 bits*/ 00159 #endif 00160 enum WMHint 00161 { 00162 MINIMIZE, /**< hint to minimize GUI */ 00163 OPEN, /**< hint to un-minimize GUI */ 00164 QUIT, /**< hint that GUI should close. @see WMHintReason */ 00165 REFRESHHOSTNAMES,/**< hint to refresh the list of secure gateways */ 00166 REFRESHPREFS, /**< hint to refresh the preferences */ 00167 SHOWCONNECTING /**< hint to display "connecting" status */ 00168 }; 00169 00170 00171 /** 00172 * WMHintReason 00173 * provides a reason indicator for the #WMHint 00174 */ 00175 #if defined(__midl) 00176 [v1_enum] /*serialize as 32 bits*/ 00177 #endif 00178 enum WMHintReason 00179 { 00180 SECONDGUISTART, /**< Indicates a second GUI has been launched. This 00181 indicator is used to suggest that the GUI 00182 already running be OPENed and that the first one 00183 should exit. */ 00184 PROXYREQUEST, /**< Proxy credential request can be for web-launch or 00185 standalone-initiated connections. */ 00186 SERVICEFAILURE, /**< This tag is used when the VPN service 00187 is no longer available. */ 00188 DISCONNECT, /**< Any disconnect notices should be seen by the user. */ 00189 SERVICESTOPPED, /**< This tag will be used in cases where the VPN service 00190 has been stopped. */ 00191 CONNECT, /**< Tag indicating an action to be taken due to connect, 00192 for example a request to minimize the UI. */ 00193 REASONUNKNOWN /**< */ 00194 }; 00195 00196 /** 00197 * provides an indication of the type of credential data being requested. 00198 */ 00199 #if defined(__midl) 00200 [v1_enum] /*serialize as 32 bits*/ 00201 #endif 00202 enum ConnectPromptType 00203 { 00204 CERTIFICATE, /**< Indicates a certificate-only type of connection and 00205 would not normally be sent to client unless a 00206 post-authentication banner is to be displayed. */ 00207 CREDENTIALS, /**< Indicates that the user is to be prompted for authentication 00208 credentials */ 00209 PROXY, /**< Indicates that the user is to be prompted for 00210 proxy-authentication credentials */ 00211 STATUS, /**< Indicates that status messages are to be displayed to 00212 the user*/ 00213 SINGLESIGNON, /**< Indicates a browser based single sign-on authentication method is requested. */ 00214 }; 00215 00216 00217 /** 00218 * Indicates the prompt or credential type. 00219 */ 00220 #if defined(__midl) 00221 [v1_enum] /*serialize as 32 bits*/ 00222 #endif 00223 enum PromptType { Prompt_Input, /**< label and value. */ 00224 Prompt_Password, /**< label and value, indicates user 00225 response should be masked. */ 00226 Prompt_Banner, /**< value (the banner) with no label set. */ 00227 Prompt_Combo, /**< list with choices options. */ 00228 Prompt_Header, /**< label intended as header and with 00229 value. */ 00230 Prompt_Hidden, /**< hidden value, should be ignored and 00231 left unchanged in response. */ 00232 Prompt_CheckBox /**< label and value (contrained to true or false) */ 00233 }; 00234 00235 #if defined(__midl) 00236 [v1_enum] /*serialize as 32 bits*/ 00237 #endif 00238 00239 /* 00240 * ***************** !!! ATTENTION !!! *********************************** 00241 * * 00242 * * When updating this preference enum, you must ensure that the enum in 00243 * * vpn/Api/jni/java/Preference.java is also updated. 00244 * * 00245 * ***************** !!! ATTENTION !!! *********************************** 00246 */ 00247 enum PreferenceId 00248 { 00249 ServiceDisable, /**< This preference disable the VPN service. 00250 If more than one profile exists and any one 00251 profile has VPN enabled, then it will be 00252 enabled. False is the default. */ 00253 CertificateStoreOverride,/**< This preference will trigger an alternate 00254 authentication sequence in the API. The 00255 preference is only settable by an 00256 administrator. */ 00257 CertificateStore, /**< This preference indicates which certificate 00258 store AnyConnect should look in for 00259 certificates. The options are All, Machine 00260 and User with a default of All. The preference 00261 is only settable by an administrator. */ 00262 ShowPreConnectMessage, /**< The ShowPreConnectMessage preference gives the 00263 administrator the ability to display an AnyConnect 00264 startup banner message. The message will appear 00265 only once per AnyConnect program start. The 00266 preference is only settable by an 00267 administrator. */ 00268 AutoConnectOnStart, /**< This preference allows the user to select 00269 whether to establish a connection automatically 00270 on startup or not. */ 00271 MinimizeOnConnect, /**< This preference allows the user to select if 00272 the GUI should minimize when the connection is 00273 established */ 00274 LocalLanAccess, /**< This preference will provide a mechanism where 00275 the user can disable access to their Local LAN. */ 00276 DisableCaptivePortalDetection, /**<This preference will provide a mechanism where 00277 the user can disable captive portal detection.*/ 00278 AutoReconnect, /**< First control of the reconnect behavior. If the 00279 client becomes disconnected for any reason, a 00280 reconnect attempt is made. */ 00281 AutoReconnectBehavior, /**< Second control of the reconnect behavior. When 00282 coming out of suspend/hibernate/standby mode. 00283 Options are disconnect on suspend and reconnect 00284 after suspend. */ 00285 UseStartBeforeLogon, /**< This preference allows an administrator to 00286 control the use of the Start Before Logon 00287 feature. The preference can be set to true (on) 00288 or false (off). */ 00289 AutoUpdate, /**< Once the Downloader has loaded the profile, it 00290 can check the AutoUpdate preference to see if 00291 updates are either disabled or enabled */ 00292 RSASecurIDIntegration, /**< This preference will enable the administrator 00293 and possibly end user to select the preferred 00294 method of managing their SDI PIN and PASSCODE 00295 interactions. Options are Automatic (default), 00296 SoftwareTokens and HardwareTokens. */ 00297 WindowsLogonEnforcement,/**< This preference allows an administrator to 00298 control if more than one user may be logged into 00299 the client PC during the VPN connection (Windows 00300 only). */ 00301 WindowsVPNEstablishment,/**< This preference allows an administrator to 00302 control whether or not remote users may initiate 00303 a VPN connection (Windows only). */ 00304 ProxySettings, /**< This preference allows an administrator to 00305 control how user's proxy setups are handled.*/ 00306 AllowLocalProxyConnections, /**< This preference allows the administrator to control 00307 whether to allow establishing a connection through 00308 a local proxy. */ 00309 PPPExclusion, /**< This preference allows an administrator to control 00310 the policy used to exclude routes to 00311 PPP servers when connecting over L2TP or PPTP. 00312 Options are Automatic (default), Disable, 00313 and Override. */ 00314 PPPExclusionServerIP, /**< When PPPExclusion is set to Manual, 00315 the value of this preference allows an 00316 end user to specify the address of a 00317 PPP server that should be excluded 00318 from tunnel traffic. */ 00319 AutomaticVPNPolicy, /**< This preference allows an administrator to 00320 define a policy to automatically manage when a 00321 VPN connection should be started or stopped. */ 00322 TrustedNetworkPolicy, /**< This preference allows an administrator to 00323 define a policy for users in trusted networks. 00324 The options are: Disconnect or DoNothing. */ 00325 UntrustedNetworkPolicy, /**< This preference allows an administrator to 00326 define a policy for users in untrusted networks. 00327 The options are: Connect or DoNothing. */ 00328 TrustedDNSDomains, /**< This preference defines a list of comma 00329 separated DNS suffixes that a network interface 00330 in a trusted network might have. */ 00331 TrustedDNSServers, /**< This preference defines a list of comma 00332 separated DNS servers that a network interface 00333 in a trusted network might have. */ 00334 TrustedHttpsServerList, /**< This preference defines a list of comma separated 00335 https servers reachable only via a trusted network.*/ 00336 AlwaysOn, /**< This preference governs VPN reestablishment after 00337 interruptions */ 00338 ConnectFailurePolicy, /**< This preference gives the network administrator 00339 the ability to dictate the network access allowed 00340 by the client endpoint device following a VPN 00341 connection establishment failure. It is a component 00342 of AlwaysOn */ 00343 AllowCaptivePortalRemediation, /**< This preference gives the network administrator 00344 the ability to dictate the network access 00345 allowed by the client endpoint device following 00346 a VPN connection establishment failure it is a 00347 component of AlwaysOn */ 00348 CaptivePortalRemediationTimeout, /**< This preference allows the network administrator 00349 the ability to impose a time limit for captive portal 00350 remediation when the ConnectFailurePolicy value is Closed 00351 It is a component of AlwaysOn */ 00352 ApplyLastVPNLocalResourceRules, /**< This preference gives the network administrator 00353 the ability to allow split routes and firewall rules 00354 to be applied following a VPN connection establishment 00355 failure when the ConnectFailurePolicy value is Closed 00356 It is a component of AlwaysOn */ 00357 AllowVPNDisconnect, /**< During Always On, this specifies that the user is allowed to 00358 disconnect the VPN session. */ 00359 EnableScripting, /**< This preference allows an administrator to 00360 enable scripting (on connect or on 00361 disconnect). */ 00362 TerminateScriptOnNextEvent, /**< This preference dictates whether or not 00363 AnyConnect will terminate a running script 00364 process if a transition to another 00365 scriptable event occurs. */ 00366 EnablePostSBLOnConnectScript, /**< This preference is used to control whether 00367 or not the OnConnect script will be launched 00368 from the desktop GUI when a tunnel has been 00369 established via SBL. */ 00370 AutomaticCertSelection, /**< This preference dictates whether or not to disable 00371 the default automatic certificate selection for user 00372 certificates. If disabled, a certificate selection dialog is 00373 displayed. This only applies if the GUI is enabled 00374 and not SBL. This only applies to Windows (not WinMobile). */ 00375 RetainVpnOnLogoff, /**< First control of the logoff behavior. This preference allows 00376 an administrator to control if the VPN is terminated or retained 00377 after user logs off.*/ 00378 UserEnforcement, /**< Second control of the logoff behavior. When the VPN connection has 00379 been retained after user logged off. Controls what user can log in 00380 and keep the VPN connection. Options are same user only and any user. */ 00381 DeviceLockRequired, /**< This preference indicates whether or not 00382 a Windows Mobile device must be configured 00383 with a password or PIN prior to establishing 00384 a VPN connection. This configuration is 00385 only valid on Windows Mobile devices that 00386 use the Microsoft Default Local 00387 Authentication Provider (LAP). */ 00388 DeviceLockMaximumTimeoutMinutes, /**< When set to a non-negative number, 00389 this preference specifies the maximum 00390 number of minutes a device can be 00391 inactive before device lock takes 00392 into effect. (WM5/WM5AKU2+) */ 00393 DeviceLockMinimumPasswordLength, /**< When set to a non-negative number, 00394 this preference specifies that any 00395 PIN/password used for device lock 00396 must be equal to or longer than 00397 the specified value, in characters. 00398 This setting must be pushed down to 00399 the mobile device by syncing with 00400 an Exchange server before it can be 00401 enforced. (WM5AKU2+) */ 00402 DeviceLockPasswordComplexity, /**< This preference checks whether or 00403 not the password belongs to one of 00404 three subtypes: alpha, pin, strong */ 00405 EnableAutomaticServerSelection, /**< Automatic server selection will 00406 automatically select the optimal 00407 secure gateway for the endpoint */ 00408 AutoServerSelectionImprovement, /**< During a reconnection attempt after 00409 a system resume, this setting 00410 specifies the minimum estimated 00411 performance improvement required to 00412 justify transitioning a user to a new server 00413 This value represents percentage in 0..100 */ 00414 AutoServerSelectionSuspendTime, /**< During a reconnection attempt after 00415 a system resume, this specifies the 00416 minimum time a user must have been 00417 suspended in order to justify a new 00418 server selection calculation. Unit is hours */ 00419 AuthenticationTimeout, /**< Time, in seconds, that the client waits 00420 for authentication to be completed.*/ 00421 SafeWordSofTokenIntegration, /**< This preference will enable the administrator and possibly 00422 the end user to enable SafeWord SofToken integration. 00423 Options are Enabled (true) and Disabled (false - default). */ 00424 AllowIPsecOverSSL, /**< if 'true' then tunneling of IPSEC over SSL 00425 is made possible with help from the ASA. 00426 */ 00427 ClearSmartcardPin, /**< This preference controls whether the smartcard pin 00428 will be cleared on a successful connection*/ 00429 IPProtocolSupport, /**< This preference controls which protocol(s) will be 00430 allowed for the connection*/ 00431 AllowManualHostInput, /**< This preference specifies whether the user 00432 is allowed to type a new hostname in the VPN 00433 edit box. */ 00434 BlockUntrustedServers, /**< This preference specifies whether the user wants 00435 to allow for connections to secure gateways with 00436 certificate errors. */ 00437 PublicProxyServerAddress, /**< This preference specifies the public proxy server 00438 address to be used. This number is in the format 00439 ServerAddr:ServerPort (ex. 101.89.85.444:8080) 00440 or just the FQDN. */ 00441 UnknownPreference 00442 }; 00443 00444 00445 /** 00446 * Indicates the scope of the preferences contained in a PreferenceInfo object 00447 */ 00448 #if defined(__midl) 00449 [v1_enum] /*serialize as 32 bits*/ 00450 #endif 00451 enum PreferenceScope 00452 { 00453 User, /**< Indicates that the preferences were set by a user */ 00454 Global, /**< Indicates that the preferences are global */ 00455 UserAndGlobal /**< Indicates that we have both user and global preferences */ 00456 }; 00457 00458 /** 00459 * Indicates the client mode of operation. Unlike tunneling mode or other 00460 * mutually exclusive modes, client operating modes are independent settings, 00461 * several of which can be turned on simultaneously. 00462 */ 00463 #if defined(__midl) 00464 [v1_enum] /*serialize as 32 bits*/ 00465 #endif 00466 enum OperatingMode 00467 { 00468 FIPS = (1 << 0), /**< Indicates that the client is 00469 running in FIPS mode. */ 00470 StartBeforeLogon = (1 << 1), /**< Indicates that the client is 00471 running in Start Before Login 00472 mode. */ 00473 GUI = (1 << 2), /**< Indicates that the client is 00474 a GUI client (not the CLI). */ 00475 TrustedNetworkDetection = (1 << 3), /**< Indicates that a Trusted Network 00476 Detection policy is enabled for 00477 the client. */ 00478 AlwaysOnVpn = (1 << 4), /**< Indicates that the Always On 00479 policy is enabled for the client. */ 00480 NetworkIssue = (1 << 5), /**< For user notifications only. 00481 Indication by API to the UI that 00482 there is a network condition. */ 00483 Quarantined = (1 << 6), /**< Indicates that the VPN session is being 00484 Quarantined by the secure gateway. */ 00485 AutomaticHeadendSelection= (1 << 7), /**< Indicates that Automatic Headend 00486 is enabled. */ 00487 DisconnectAllowed = (1 << 8), /**< Indicates that the user is allowed 00488 to disconnect the VPN based on 00489 policy. */ 00490 VPNDisabled = (1 << 9), /**< Indicates that the VPN service is 00491 to be marked as disabled. */ 00492 SCEPMode = (1 << 10), /**< Indicates that the client is 00493 performing a SCEP cert enrollment. */ 00494 OnTrustedNetwork = (1 << 11), /**< Indicates that at last check, the 00495 client detected that it was on 00496 a trusted network. */ 00497 ManualHostInputAllowed = (1 << 12), /**< Indicates that the user is allowed 00498 to add a new host by typing its name 00499 in the VPN edit box. */ 00500 ErrorSuppressed = (1 << 13), /**< Indicates a connection error has 00501 been returned fronm the agent, but 00502 was suppressed to warning to 00503 prevent popup dialog in the UI. */ 00504 StrictMode = (1 << 14) /**< Indicates that the client is 00505 running in strict certificate trust mode. */ 00506 }; 00507 00508 #if defined(PLATFORM_ANDROID) 00509 #if defined(__midl) 00510 [v1_enum] /*serialize as 32 bits*/ 00511 #endif 00512 /** 00513 * Indicates the mode to use for Certificate Based Authentication. 00514 * CertAuth_Automatic is the same as the default AnyConnect configuration. 00515 */ 00516 enum CertAuthMode 00517 { 00518 CertAuth_Automatic, /**< Will try each available certificate in succession 00519 until authentication is obtained or we run out of 00520 available certificates */ 00521 CertAuth_Disabled, /**< Will disable Certificate Based Authentication */ 00522 CertAuth_Manual /**< Will only use preconfigured certificate to attempt 00523 Certificate Based Authentication */ 00524 }; 00525 #endif 00526 00527 #endif // _APISTDHEADER_