 |
AnyConnect Secure Mobility Client 4.10.00093
|
|
AnyConnect Secure Mobility Client 4.10.00093
|
00001 #ifndef _APISTDHEADER_ 00002 #define _APISTDHEADER_ 00003 00004 /** 00005 * @file 00006 * This file contains some basic compiler definitions as well as common enums. 00007 */ 00008 00009 //Not compatible with MIDL 00010 #if !defined(__midl) 00011 #ifdef _WIN32 00012 #pragma warning(disable:4251 4786) 00013 00014 #ifndef UNICODE 00015 #define UNICODE 00016 #endif // UNICODE 00017 00018 #ifndef _UNICODE 00019 #define _UNICODE 00020 #endif // _UNICODE 00021 00022 #ifndef tstring 00023 /** std::wstring */ 00024 #define tstring std::wstring /**< my wstring description */ 00025 #endif // tstring 00026 00027 #else // non-windows 00028 00029 #ifndef tstring 00030 #define tstring std::string 00031 #endif // tstring 00032 00033 #endif // _WIN32 00034 00035 #ifdef _UNICODE 00036 #define tostream std::wostream 00037 #else 00038 #define tostream std::ostream 00039 #endif /* UNICODE */ 00040 00041 00042 //used when including implementation files directly in an EXE. 00043 #ifdef _NOEXPORTDLL 00044 #define VPN_VPNAPI 00045 #else 00046 #ifdef _WIN32 00047 #ifdef VPN_APIEXPORTS //api 00048 #define VPN_VPNAPI __declspec(dllexport) 00049 #else 00050 #define VPN_VPNAPI __declspec(dllimport) 00051 #endif 00052 #else 00053 #ifdef VPN_APIEXPORTS 00054 #define VPN_VPNAPI __attribute__((visibility("default"))) 00055 #else 00056 #define VPN_VPNAPI 00057 #endif 00058 #endif //_WIN32 00059 #endif //NOEXPORTDLL 00060 00061 #ifndef OUT 00062 #define OUT 00063 #endif 00064 00065 #ifdef __cplusplus //only include if C++ is being used, 00066 //C code also includes api.h for COM proxy of enumerators. 00067 #include <string> 00068 #include <map> 00069 #include <list> 00070 00071 typedef std::map<tstring, tstring> ApiStringMap; 00072 typedef std::map<tstring, std::list<tstring> > ApiStringListMap; 00073 00074 #endif //__cplusplus 00075 #endif //#if !defined(__midl) 00076 00077 00078 /***** PUT ONLY SHARED ENUMS EXPOSED TO USERS OF API FROM THIS POINT UNTIL END *****\ 00079 ********* make sure to add the [v1_enum] inside a __midl define to new enums ******** 00080 \******************** This is also compiled with IDL compiler **********************/ 00081 00082 #include "GlobalEnums.h" 00083 /** 00084 * MessageType 00085 * presents a level of severity associated with messages that are 00086 * sent to the API. The severity can be useful for deciding how a message is 00087 * to be shown. A UI might decide based on type to show a message as 00088 * a modal dialog versus a message written to the status area for an existing UI. 00089 */ 00090 #if defined(__midl) 00091 [v1_enum] /*serialize as 32 bits*/ 00092 #endif 00093 enum MessageType 00094 { 00095 MsgType_Error, /**< Issue usually requiring user to acknowledge */ 00096 MsgType_Alert, /**< Warning message that needs to be shown to user. */ 00097 MsgType_Warn, /**< Less severe, not required to be shown to user */ 00098 MsgType_Info, /**< General message providing status, progress, etc. */ 00099 MsgType_Status, /**< Can be used to indicate unexpected tunnel status change. */ 00100 MsgType_UrlError /**< Error message that provides additional information by opening browser. */ 00101 }; 00102 00103 00104 /** 00105 * Identifies the type of token that was used successfully when SDI 00106 * Authentication is in use. 00107 */ 00108 #if defined(__midl) 00109 [v1_enum] /*serialize as 32 bits*/ 00110 #endif 00111 enum SDITokenType 00112 { 00113 SDITT_NONE, 00114 SDITT_HARDWARE, 00115 SDITT_SOFTWARE 00116 }; 00117 00118 /** 00119 * Provides the current state of the VPN tunnel. 00120 */ 00121 #if defined(__midl) 00122 [v1_enum] /*serialize as 32 bits*/ 00123 #endif 00124 enum VPNState 00125 { 00126 CONNECTED = STATE_CONNECTED, /**< VPN is active */ 00127 DISCONNECTED = STATE_DISCONNECTED, /**< VPN is inactive */ 00128 CONNECTING = STATE_CONNECTING, /**< VPN is being established */ 00129 DISCONNECTING = STATE_DISCONNECTING, /**< VPN is being terminated */ 00130 RECONNECTING = STATE_RECONNECTING, /**< VPN is being re-connected. This state 00131 can occur due to network or other 00132 temporary problems. The state 00133 indicates that the VPN is temporarily 00134 unavailable and indicates the 00135 connection is being re-established. */ 00136 PAUSING = STATE_PAUSING, /**< VPN is being paused. */ 00137 PAUSED = STATE_PAUSED, /**< VPN is paused. */ 00138 SSOPOLLING = STATE_SSOPOLLING, /**< API is doing auth-poll, VPN is disconnected. */ 00139 UNKNOWN = ~0 00140 }; 00141 00142 /** 00143 * Provides the current sub-state of the VPN tunnel. 00144 */ 00145 #if defined(__midl) 00146 [v1_enum] /*serialize as 32 bits*/ 00147 #endif 00148 enum VPNSubState 00149 { 00150 VPNSS_NORMAL = VCSS_NORMAL, 00151 VPNSS_INDEFINITE_DELAY = VCSS_INDEFINITE_DELAY, 00152 VPNSS_SESSION_EXPIRING = VCSS_SESSION_EXPIRING, 00153 VPNSS_MT_DISCONNECTED_DISABLED = VCSS_MT_DISCONNECTED_DISABLED, 00154 VPNSS_MT_DISCONNECTED_TRUSTED_NW = VCSS_MT_DISCONNECTED_TRUSTED_NW, 00155 VPNSS_MT_DISCONNECTED_USER_TUNNEL_ACTIVE= VCSS_MT_DISCONNECTED_USER_TUNNEL_ACTIVE, 00156 VPNSS_MT_DISCONNECTED_LAUNCH_FAILED = VCSS_MT_DISCONNECTED_LAUNCH_FAILED, 00157 VPNSS_MT_DISCONNECTED_CONNECT_FAILED = VCSS_MT_DISCONNECTED_CONNECT_FAILED, 00158 VPNSS_MT_DISCONNECTED_BAD_VPN_CONFIG = VCSS_MT_DISCONNECTED_BAD_VPN_CONFIG, 00159 VPNSS_MT_DISCONNECTED_SW_UP_PENDING = VCSS_MT_DISCONNECTED_SW_UP_PENDING 00160 }; 00161 00162 /** 00163 * WMHint 00164 * provides a hint for the GUI to either minimize or un-minimize. 00165 */ 00166 #if defined(__midl) 00167 [v1_enum] /*serialize as 32 bits*/ 00168 #endif 00169 enum WMHint 00170 { 00171 MINIMIZE, /**< hint to minimize GUI */ 00172 OPEN, /**< hint to un-minimize GUI */ 00173 QUIT, /**< hint that GUI should close. @see WMHintReason */ 00174 REFRESHHOSTNAMES,/**< hint to refresh the list of secure gateways */ 00175 REFRESHPREFS, /**< hint to refresh the preferences */ 00176 SHOWCONNECTING, /**< hint to display "connecting" status */ 00177 CLOSECREDENTIALPOPUP, /**< hint to close the credentials popup */ 00178 }; 00179 00180 00181 /** 00182 * WMHintReason 00183 * provides a reason indicator for the #WMHint 00184 */ 00185 #if defined(__midl) 00186 [v1_enum] /*serialize as 32 bits*/ 00187 #endif 00188 enum WMHintReason 00189 { 00190 SECONDGUISTART, /**< Indicates a second GUI has been launched. This 00191 indicator is used to suggest that the GUI 00192 already running be OPENed and that the first one 00193 should exit. */ 00194 PROXYREQUEST, /**< Proxy credential request can be for web-launch or 00195 standalone-initiated connections. */ 00196 SERVICEFAILURE, /**< This tag is used when the VPN service 00197 is no longer available. */ 00198 DISCONNECT, /**< Any disconnect notices should be seen by the user. */ 00199 SERVICESTOPPED, /**< This tag will be used in cases where the VPN service 00200 has been stopped. */ 00201 CONNECT, /**< Tag indicating an action to be taken due to connect, 00202 for example a request to minimize the UI. */ 00203 REASONUNKNOWN /**< */ 00204 }; 00205 00206 /** 00207 * provides an indication of the type of credential data being requested. 00208 */ 00209 #if defined(__midl) 00210 [v1_enum] /*serialize as 32 bits*/ 00211 #endif 00212 enum ConnectPromptType 00213 { 00214 CERTIFICATE, /**< Indicates a certificate-only type of connection and 00215 would not normally be sent to client unless a 00216 post-authentication banner is to be displayed. */ 00217 CREDENTIALS, /**< Indicates that the user is to be prompted for authentication 00218 credentials */ 00219 PROXY, /**< Indicates that the user is to be prompted for 00220 proxy-authentication credentials */ 00221 MANUAL_PKCS12_IMPORT, /**< Indicates that the user is to be prompted for passwords related 00222 to PKCS12 import*/ 00223 STATUS, /**< Indicates that status messages are to be displayed to 00224 the user*/ 00225 SINGLESIGNON, /**< Indicates an embedded browser based single sign-on authentication method is requested. */ 00226 SINGLELOGOUT, /**< Indicates an embedded browser based single sign-on authentication logout is requested. */ 00227 LEGACY_SINGLESIGNON, /**< (deprecated) Indicates a browser based single sign-on authentication method is requested. */ 00228 }; 00229 00230 00231 /** 00232 * Indicates the prompt or credential type. 00233 */ 00234 #if defined(__midl) 00235 [v1_enum] /*serialize as 32 bits*/ 00236 #endif 00237 enum PromptType { Prompt_Input, /**< label and value. */ 00238 Prompt_Password, /**< label and value, indicates user 00239 response should be masked. */ 00240 Prompt_Banner, /**< value (the banner) with no label set. */ 00241 Prompt_Combo, /**< list with choices options. */ 00242 Prompt_Header, /**< label intended as header and with 00243 value. */ 00244 Prompt_Hidden, /**< hidden value, should be ignored and 00245 left unchanged in response. */ 00246 Prompt_CheckBox, /**< label and value (contrained to true or false) */ 00247 Prompt_SSO /**< single sign-on authentication token prompt */ 00248 }; 00249 00250 #if defined(__midl) 00251 [v1_enum] /*serialize as 32 bits*/ 00252 #endif 00253 00254 /* 00255 * ***************** !!! ATTENTION !!! *********************************** 00256 * * 00257 * * When updating this preference enum, you must ensure that the enum in 00258 * * vpn/Api/jni/java/Preference.java is also updated. 00259 * * 00260 * ***************** !!! ATTENTION !!! *********************************** 00261 */ 00262 enum PreferenceId 00263 { 00264 ServiceDisable, /**< This preference disable the VPN service. 00265 If more than one profile exists and any one 00266 profile has VPN enabled, then it will be 00267 enabled. False is the default. */ 00268 CertificateStoreOverride,/**< This preference will trigger an alternate 00269 authentication sequence in the API. The 00270 preference is only settable by an 00271 administrator. */ 00272 CertificateStore, /**< This preference indicates which Windows certificate 00273 store AnyConnect should look in for 00274 certificates. The options are All, Machine 00275 and User with a default of All. The preference 00276 is only settable by an administrator. */ 00277 CertificateStoreMac, /**< This preference indicates which macOS keychain 00278 AnyConnect should look in for certificates. 00279 The options are All, System and Login with a default of All. 00280 The preference is only settable by an administrator. */ 00281 ShowPreConnectMessage, /**< The ShowPreConnectMessage preference gives the 00282 administrator the ability to display an AnyConnect 00283 startup banner message. The message will appear 00284 only once per AnyConnect program start. The 00285 preference is only settable by an 00286 administrator. */ 00287 AutoConnectOnStart, /**< This preference allows the user to select 00288 whether to establish a connection automatically 00289 on startup or not. */ 00290 MinimizeOnConnect, /**< This preference allows the user to select if 00291 the GUI should minimize when the connection is 00292 established */ 00293 LocalLanAccess, /**< This preference will provide a mechanism where 00294 the user can disable access to their Local LAN. */ 00295 DisableCaptivePortalDetection, /**<This preference will provide a mechanism where 00296 the user can disable captive portal detection.*/ 00297 AutoReconnect, /**< First control of the reconnect behavior. If the 00298 client becomes disconnected for any reason, a 00299 reconnect attempt is made. */ 00300 AutoReconnectBehavior, /**< Second control of the reconnect behavior. When 00301 coming out of suspend/hibernate/standby mode. 00302 Options are disconnect on suspend and reconnect 00303 after suspend. */ 00304 SuspendOnConnectedStandby, /**< This setting allows to control whether the VPN tunnel 00305 is suspended when the system enters the Connected Standby 00306 mode. It applies only to Windows 8 and above. */ 00307 UseStartBeforeLogon, /**< This preference allows an administrator to 00308 control the use of the Start Before Logon 00309 feature. The preference can be set to true (on) 00310 or false (off). */ 00311 AutoUpdate, /**< Once the Downloader has loaded the profile, it 00312 can check the AutoUpdate preference to see if 00313 updates are either disabled or enabled */ 00314 RSASecurIDIntegration, /**< This preference will enable the administrator 00315 and possibly end user to select the preferred 00316 method of managing their SDI PIN and PASSCODE 00317 interactions. Options are Automatic (default), 00318 SoftwareTokens and HardwareTokens. */ 00319 WindowsLogonEnforcement,/**< This preference allows an administrator to 00320 control if more than one user may be logged into 00321 the client PC during the VPN connection (Windows 00322 only). */ 00323 WindowsVPNEstablishment,/**< This preference allows an administrator to 00324 control whether or not remote users may initiate 00325 a VPN connection (Windows only). */ 00326 LinuxLogonEnforcement, /**< This preference allows an administrator to 00327 control if more than one user may be logged into 00328 the client PC during the VPN connection (Linux 00329 only). */ 00330 LinuxVPNEstablishment, /**< This preference allows an administrator to 00331 control whether or not remote users may initiate 00332 a VPN connection (Linux only). */ 00333 ProxySettings, /**< This preference allows an administrator to 00334 control how user's proxy setups are handled.*/ 00335 AllowLocalProxyConnections, /**< This preference allows the administrator to control 00336 whether to allow establishing a connection through 00337 a local proxy. */ 00338 PPPExclusion, /**< This preference allows an administrator to control 00339 the policy used to exclude routes to 00340 PPP servers when connecting over L2TP or PPTP. 00341 Options are Automatic (default), Disable, 00342 and Override. */ 00343 PPPExclusionServerIP, /**< When PPPExclusion is set to Manual, 00344 the value of this preference allows an 00345 end user to specify the address of a 00346 PPP server that should be excluded 00347 from tunnel traffic. */ 00348 AutomaticVPNPolicy, /**< This preference allows an administrator to 00349 define a policy to automatically manage when a 00350 VPN connection should be started or stopped. */ 00351 TrustedNetworkPolicy, /**< This preference allows an administrator to 00352 define a policy for users in trusted networks. 00353 The options are: Disconnect or DoNothing. */ 00354 UntrustedNetworkPolicy, /**< This preference allows an administrator to 00355 define a policy for users in untrusted networks. 00356 The options are: Connect or DoNothing. */ 00357 TrustedDNSDomains, /**< This preference defines a list of comma 00358 separated DNS suffixes that a network interface 00359 in a trusted network might have. */ 00360 TrustedDNSServers, /**< This preference defines a list of comma 00361 separated DNS servers that a network interface 00362 in a trusted network might have. */ 00363 TrustedHttpsServerList, /**< This preference defines a list of comma separated 00364 https servers reachable only via a trusted network.*/ 00365 AlwaysOn, /**< This preference governs VPN reestablishment after 00366 interruptions */ 00367 ConnectFailurePolicy, /**< This preference gives the network administrator 00368 the ability to dictate the network access allowed 00369 by the client endpoint device following a VPN 00370 connection establishment failure. It is a component 00371 of AlwaysOn */ 00372 AllowCaptivePortalRemediation, /**< This preference gives the network administrator 00373 the ability to dictate the network access 00374 allowed by the client endpoint device following 00375 a VPN connection establishment failure it is a 00376 component of AlwaysOn */ 00377 CaptivePortalRemediationTimeout, /**< This preference allows the network administrator 00378 the ability to impose a time limit for captive portal 00379 remediation when the ConnectFailurePolicy value is Closed 00380 It is a component of AlwaysOn */ 00381 ApplyLastVPNLocalResourceRules, /**< This preference gives the network administrator 00382 the ability to allow split routes and firewall rules 00383 to be applied following a VPN connection establishment 00384 failure when the ConnectFailurePolicy value is Closed 00385 It is a component of AlwaysOn */ 00386 AllowVPNDisconnect, /**< During Always On, this specifies that the user is allowed to 00387 disconnect the VPN session. */ 00388 AllowedHosts, /**< During Always On, user has access to the specified hosts 00389 when VPN is disconnected. */ 00390 EnableScripting, /**< This preference allows an administrator to 00391 enable scripting (on connect or on 00392 disconnect). */ 00393 TerminateScriptOnNextEvent, /**< This preference dictates whether or not 00394 AnyConnect will terminate a running script 00395 process if a transition to another 00396 scriptable event occurs. */ 00397 EnablePostSBLOnConnectScript, /**< This preference is used to control whether 00398 or not the OnConnect script will be launched 00399 from the desktop GUI when a tunnel has been 00400 established via SBL. */ 00401 AutomaticCertSelection, /**< This preference dictates whether or not to disable 00402 the default automatic certificate selection for user 00403 certificates. If disabled, a certificate selection dialog is 00404 displayed. This only applies if the GUI is enabled 00405 and not SBL. This only applies to Windows (not WinMobile). */ 00406 RetainVpnOnLogoff, /**< First control of the logoff behavior. This preference allows 00407 an administrator to control if the VPN is terminated or retained 00408 after user logs off.*/ 00409 UserEnforcement, /**< Second control of the logoff behavior. When the VPN connection has 00410 been retained after user logged off. Controls what user can log in 00411 and keep the VPN connection. Options are same user only and any user. */ 00412 DeviceLockRequired, /**< This preference indicates whether or not 00413 a Windows Mobile device must be configured 00414 with a password or PIN prior to establishing 00415 a VPN connection. This configuration is 00416 only valid on Windows Mobile devices that 00417 use the Microsoft Default Local 00418 Authentication Provider (LAP). */ 00419 DeviceLockMaximumTimeoutMinutes, /**< When set to a non-negative number, 00420 this preference specifies the maximum 00421 number of minutes a device can be 00422 inactive before device lock takes 00423 into effect. (WM5/WM5AKU2+) */ 00424 DeviceLockMinimumPasswordLength, /**< When set to a non-negative number, 00425 this preference specifies that any 00426 PIN/password used for device lock 00427 must be equal to or longer than 00428 the specified value, in characters. 00429 This setting must be pushed down to 00430 the mobile device by syncing with 00431 an Exchange server before it can be 00432 enforced. (WM5AKU2+) */ 00433 DeviceLockPasswordComplexity, /**< This preference checks whether or 00434 not the password belongs to one of 00435 three subtypes: alpha, pin, strong */ 00436 EnableAutomaticServerSelection, /**< Automatic server selection will 00437 automatically select the optimal 00438 secure gateway for the endpoint */ 00439 AutoServerSelectionImprovement, /**< During a reconnection attempt after 00440 a system resume, this setting 00441 specifies the minimum estimated 00442 performance improvement required to 00443 justify transitioning a user to a new server 00444 This value represents percentage in 0..100 */ 00445 AutoServerSelectionSuspendTime, /**< During a reconnection attempt after 00446 a system resume, this specifies the 00447 minimum time a user must have been 00448 suspended in order to justify a new 00449 server selection calculation. Unit is hours */ 00450 AuthenticationTimeout, /**< Time, in seconds, that the client waits 00451 for authentication to be completed.*/ 00452 SafeWordSofTokenIntegration, /**< This preference will enable the administrator and possibly 00453 the end user to enable SafeWord SofToken integration. 00454 Options are Enabled (true) and Disabled (false - default). */ 00455 AllowIPsecOverSSL, /**< if 'true' then tunneling of IPSEC over SSL 00456 is made possible with help from the ASA. 00457 */ 00458 ClearSmartcardPin, /**< This preference controls whether the smartcard pin 00459 will be cleared on a successful connection*/ 00460 IPProtocolSupport, /**< This preference controls which protocol(s) will be 00461 allowed for the connection*/ 00462 CaptivePortalRemediationBrowserFailover, /**< This preference is applicable to enhanced captive portal 00463 remediation and specifies whether the user is allowed to 00464 opt for an external browser for remediation, as opposed to 00465 the AnyConnect browser. */ 00466 AllowManualHostInput, /**< This preference specifies whether the user 00467 is allowed to type a new hostname in the VPN 00468 edit box. */ 00469 BlockUntrustedServers, /**< This preference specifies whether the user wants 00470 to allow for connections to secure gateways with 00471 certificate errors. */ 00472 PublicProxyServerAddress, /**< This preference specifies the public proxy server 00473 address to be used. This number is in the format 00474 ServerAddr:ServerPort (ex. 101.89.85.444:8080) 00475 or just the FQDN. */ 00476 CertificatePinning, /**< This preference specifies whether Certificate Pinning 00477 check should be performed during server certificate 00478 verification. */ 00479 UnknownPreference 00480 }; 00481 00482 00483 /** 00484 * Indicates the scope of the preferences contained in a PreferenceInfo object 00485 */ 00486 #if defined(__midl) 00487 [v1_enum] /*serialize as 32 bits*/ 00488 #endif 00489 enum PreferenceScope 00490 { 00491 User, /**< Indicates that the preferences were set by a user */ 00492 Global, /**< Indicates that the preferences are global */ 00493 UserAndGlobal /**< Indicates that we have both user and global preferences */ 00494 }; 00495 00496 /** 00497 * Indicates the client mode of operation. Unlike tunneling mode or other 00498 * mutually exclusive modes, client operating modes are independent settings, 00499 * several of which can be turned on simultaneously. 00500 */ 00501 #if defined(__midl) 00502 [v1_enum] /*serialize as 32 bits*/ 00503 #endif 00504 enum OperatingMode 00505 { 00506 FIPS = (1 << 0), /**< Indicates that the client is 00507 running in FIPS mode. */ 00508 StartBeforeLogon = (1 << 1), /**< Indicates that the client is 00509 running in Start Before Login 00510 mode. */ 00511 GUI = (1 << 2), /**< Indicates that the client is 00512 a GUI client. */ 00513 TrustedNetworkDetection = (1 << 3), /**< Indicates that a Trusted Network 00514 Detection policy is enabled for 00515 the client. */ 00516 AlwaysOnVpn = (1 << 4), /**< Indicates that the Always On 00517 policy is enabled for the client. */ 00518 NetworkIssue = (1 << 5), /**< For user notifications only. 00519 Indication by API to the UI that 00520 there is a network condition. */ 00521 Quarantined = (1 << 6), /**< Indicates that the VPN session is being 00522 Quarantined by the secure gateway. */ 00523 AutomaticHeadendSelection= (1 << 7), /**< Indicates that Automatic Headend 00524 is enabled. */ 00525 DisconnectAllowed = (1 << 8), /**< Indicates that the user is allowed 00526 to disconnect the VPN based on 00527 policy. */ 00528 VPNDisabled = (1 << 9), /**< Indicates that the VPN service is 00529 to be marked as disabled. */ 00530 SCEPMode = (1 << 10), /**< Indicates that the client is 00531 performing a SCEP cert enrollment. */ 00532 OnTrustedNetwork = (1 << 11), /**< Indicates that at last check, the 00533 client detected that it was on 00534 a trusted network. */ 00535 ManualHostInputAllowed = (1 << 12), /**< Indicates that the user is allowed 00536 to add a new host by typing its name 00537 in the VPN edit box. */ 00538 ErrorSuppressed = (1 << 13), /**< Indicates a connection error has 00539 been returned fronm the agent, but 00540 was suppressed to warning to 00541 prevent popup dialog in the UI. */ 00542 StrictMode = (1 << 14), /**< Indicates that the client is 00543 running in strict certificate trust mode. */ 00544 CLI = (1 << 15), /**< Indicates that the client is 00545 a CLI client. */ 00546 Management = (1 << 16) /**< Indicates that the client is strictly 00547 used for initiating a management tunnel. */ 00548 }; 00549 00550 /** 00551 * Indicates the last error seen by the API in this connection attempt. 00552 */ 00553 #if defined(__midl) 00554 [v1_enum] /*serialize as 32 bits*/ 00555 #endif 00556 enum VPNError 00557 { 00558 VPNSuccess = 0, /**< No error has occurred. */ 00559 VPNError_Generic_FatalError = 1, /**< An error of unknown type has 00560 occured */ 00561 00562 VPNError_Connection_Error = 100, /**< An unknown connection error has 00563 occured, such as bad hostname, bad 00564 group, etc. */ 00565 VPNError_Connection_InvalidGroupURL, /**< Invalid Group URL specified in the 00566 server address */ 00567 00568 VPNError_Network_Error = 200, /**< An unknown network error has 00569 occured, such as DNS resolution 00570 error, unable to open socket, 00571 routing error, captive portal, 00572 etc. */ 00573 00574 VPNError_Authentication_Error = 300, /**< An unknown user authenication 00575 error has occured. */ 00576 00577 VPNError_Authentication_DAP_Terminate, /**< Access Denied: Your system does 00578 not meet policy requirements (DAP). */ 00579 00580 VPNError_ClientCertificate_UnknownError = 400, /**< An unknown client 00581 certificate error has 00582 occured. */ 00583 VPNError_ClientCertificate_Missing, /**< A client certificate is required 00584 but no client certificate has been 00585 found on the system. */ 00586 VPNError_ClientCertificate_Expired, /**< The client certificate has expired */ 00587 VPNError_ClientCertificate_NotYetValid, /**< The client certificate is not 00588 yet valid. */ 00589 00590 VPNError_ServerCertificate_UnknownError = 500, /**< An unknown error has 00591 occured when validating 00592 the server certificate. */ 00593 VPNError_ServerCertificate_Expired, /**< The server certificate has 00594 expired. */ 00595 VPNError_ServerCertificate_NotYetValid /**< The server certificate is not 00596 yet valid. */ 00597 }; 00598 00599 enum CertAuthMode 00600 { 00601 CertAuth_Automatic, /**< Will try each available certificate in succession 00602 until authentication is obtained or we run out of 00603 available certificates */ 00604 CertAuth_Disabled, /**< Will disable Certificate Based Authentication */ 00605 CertAuth_Manual /**< Will only use preconfigured certificate to attempt 00606 Certificate Based Authentication */ 00607 }; 00608 00609 enum CertificateType 00610 { 00611 CertificateType_Client, 00612 CertificateType_SystemTrusted, 00613 CertificateType_Server 00614 }; 00615 00616 enum CertConfirmReason 00617 { 00618 CertConfirmReason_Unspecified, 00619 CertConfirmReason_NameMismatch, 00620 CertConfirmReason_Expired, 00621 CertConfirmReason_NotValidYet, 00622 CertConfirmReason_UntrustedSource, 00623 CertConfirmReason_InvalidUse, 00624 CertConfirmReason_Revoked, 00625 CertConfirmReason_Malformed, 00626 CertConfirmReason_NotFipsCompliant, 00627 CertConfirmReason_InvalidateDate, 00628 CertConfirmReason_SignatureAlgorithm, 00629 CertConfirmReason_KeySize 00630 }; 00631 00632 enum UserResponseError 00633 { 00634 UserResponseError_None, 00635 UserResponseError_Unspecified, 00636 UserResponseError_BadServerCert, 00637 UserResponseError_SsoNavigation, 00638 UserResponseError_SsoGettingCookie, 00639 UserResponseError_SsoTimeout, 00640 UserResponseError_SsoMissingDependency, 00641 UserResponseError_SsoClientCertRequest 00642 }; 00643 00644 #if defined(__midl) 00645 [v1_enum] /*serialize as 32 bits*/ 00646 #endif 00647 enum ClientType 00648 { 00649 ClientType_GUI, 00650 ClientType_GUI_SBL, 00651 ClientType_CLI, 00652 ClientType_MGMT 00653 }; 00654 00655 #endif // _APISTDHEADER_