AnyConnect Secure Mobility Client  4.8.02045
api.h
Go to the documentation of this file.
1 #ifndef _APISTDHEADER_
2 #define _APISTDHEADER_
3 
4 /**
5  * @file
6  * This file contains some basic compiler definitions as well as common enums.
7  */
8 
9 //Not compatible with MIDL
10 #if !defined(__midl)
11 #ifdef _WIN32
12  #pragma warning(disable:4251 4786)
13 
14  #ifndef UNICODE
15  #define UNICODE
16  #endif // UNICODE
17 
18  #ifndef _UNICODE
19  #define _UNICODE
20  #endif // _UNICODE
21 
22  #ifndef tstring
23 /** std::wstring */
24  #define tstring std::wstring /**< my wstring description */
25  #endif // tstring
26 
27 #else // non-windows
28 
29  #ifndef tstring
30  #define tstring std::string
31  #endif // tstring
32 
33 #endif // _WIN32
34 
35 #ifdef _UNICODE
36  #define tostream std::wostream
37 #else
38  #define tostream std::ostream
39 #endif /* UNICODE */
40 
41 
42 //used when including implementation files directly in an EXE.
43 #ifdef _NOEXPORTDLL
44  #define VPN_VPNAPI
45 #else
46  #ifdef _WIN32
47  #ifdef VPN_APIEXPORTS //api
48  #define VPN_VPNAPI __declspec(dllexport)
49  #else
50  #define VPN_VPNAPI __declspec(dllimport)
51  #endif
52  #else
53  #ifdef VPN_APIEXPORTS
54  #define VPN_VPNAPI __attribute__((visibility("default")))
55  #else
56  #define VPN_VPNAPI
57  #endif
58  #endif //_WIN32
59 #endif //NOEXPORTDLL
60 
61 #ifndef OUT
62 #define OUT
63 #endif
64 
65 #ifdef __cplusplus //only include if C++ is being used,
66  //C code also includes api.h for COM proxy of enumerators.
67 #include <string>
68 #include <map>
69 #include <list>
70 
71 typedef std::map<tstring, tstring> ApiStringMap;
72 typedef std::map<tstring, std::list<tstring> > ApiStringListMap;
73 
74 #endif //__cplusplus
75 #endif //#if !defined(__midl)
76 
77 
78 /***** PUT ONLY SHARED ENUMS EXPOSED TO USERS OF API FROM THIS POINT UNTIL END *****\
79 ********* make sure to add the [v1_enum] inside a __midl define to new enums ********
80 \******************** This is also compiled with IDL compiler **********************/
81 
82 #include "GlobalEnums.h"
83 /**
84  * MessageType
85  * presents a level of severity associated with messages that are
86  * sent to the API. The severity can be useful for deciding how a message is
87  * to be shown. A UI might decide based on type to show a message as
88  * a modal dialog versus a message written to the status area for an existing UI.
89  */
90 #if defined(__midl)
91 [v1_enum] /*serialize as 32 bits*/
92 #endif
94 {
95  MsgType_Error, /**< Issue usually requiring user to acknowledge */
96  MsgType_Alert, /**< Warning message that needs to be shown to user. */
97  MsgType_Warn, /**< Less severe, not required to be shown to user */
98  MsgType_Info, /**< General message providing status, progress, etc. */
99  MsgType_Status /**< Can be used to indicate unexpected tunnel status change. */
100 };
101 
102 
103 /**
104  * Identifies the type of token that was used successfully when SDI
105  * Authentication is in use.
106  */
107 #if defined(__midl)
108 [v1_enum] /*serialize as 32 bits*/
109 #endif
111 {
112  SDITT_NONE,
113  SDITT_HARDWARE,
114  SDITT_SOFTWARE
115 };
116 
117 /**
118  * Provides the current state of the VPN tunnel.
119  */
120 #if defined(__midl)
121 [v1_enum] /*serialize as 32 bits*/
122 #endif
124 {
125  CONNECTED = STATE_CONNECTED, /**< VPN is active */
126  DISCONNECTED = STATE_DISCONNECTED, /**< VPN is inactive */
127  CONNECTING = STATE_CONNECTING, /**< VPN is being established */
128  DISCONNECTING = STATE_DISCONNECTING, /**< VPN is being terminated */
129  RECONNECTING = STATE_RECONNECTING, /**< VPN is being re-connected. This state
130  can occur due to network or other
131  temporary problems. The state
132  indicates that the VPN is temporarily
133  unavailable and indicates the
134  connection is being re-established. */
135  PAUSING = STATE_PAUSING, /**< VPN is being paused. */
136  PAUSED = STATE_PAUSED, /**< VPN is paused. */
137  SSOPOLLING = STATE_SSOPOLLING, /**< API is doing auth-poll, VPN is disconnected. */
138  UNKNOWN = ~0
139 };
140 
141 /**
142  * Provides the current sub-state of the VPN tunnel.
143  */
144 #if defined(__midl)
145 [v1_enum] /*serialize as 32 bits*/
146 #endif
148 {
149  VPNSS_NORMAL = VCSS_NORMAL,
150  VPNSS_INDEFINITE_DELAY = VCSS_INDEFINITE_DELAY,
151  VPNSS_SESSION_EXPIRING = VCSS_SESSION_EXPIRING,
152  VPNSS_MT_DISCONNECTED_DISABLED = VCSS_MT_DISCONNECTED_DISABLED,
153  VPNSS_MT_DISCONNECTED_TRUSTED_NW = VCSS_MT_DISCONNECTED_TRUSTED_NW,
154  VPNSS_MT_DISCONNECTED_USER_TUNNEL_ACTIVE= VCSS_MT_DISCONNECTED_USER_TUNNEL_ACTIVE,
155  VPNSS_MT_DISCONNECTED_LAUNCH_FAILED = VCSS_MT_DISCONNECTED_LAUNCH_FAILED,
156  VPNSS_MT_DISCONNECTED_CONNECT_FAILED = VCSS_MT_DISCONNECTED_CONNECT_FAILED,
157  VPNSS_MT_DISCONNECTED_BAD_VPN_CONFIG = VCSS_MT_DISCONNECTED_BAD_VPN_CONFIG,
158  VPNSS_MT_DISCONNECTED_SW_UP_PENDING = VCSS_MT_DISCONNECTED_SW_UP_PENDING
159 };
160 
161 /**
162  * WMHint
163  * provides a hint for the GUI to either minimize or un-minimize.
164  */
165 #if defined(__midl)
166 [v1_enum] /*serialize as 32 bits*/
167 #endif
168 enum WMHint
169 {
170  MINIMIZE, /**< hint to minimize GUI */
171  OPEN, /**< hint to un-minimize GUI */
172  QUIT, /**< hint that GUI should close. @see WMHintReason */
173  REFRESHHOSTNAMES,/**< hint to refresh the list of secure gateways */
174  REFRESHPREFS, /**< hint to refresh the preferences */
175  SHOWCONNECTING, /**< hint to display "connecting" status */
176  CLOSECREDENTIALPOPUP, /**< hint to close the credentials popup */
177 };
178 
179 
180 /**
181  * WMHintReason
182  * provides a reason indicator for the #WMHint
183  */
184 #if defined(__midl)
185 [v1_enum] /*serialize as 32 bits*/
186 #endif
188 {
189  SECONDGUISTART, /**< Indicates a second GUI has been launched. This
190  indicator is used to suggest that the GUI
191  already running be OPENed and that the first one
192  should exit. */
193  PROXYREQUEST, /**< Proxy credential request can be for web-launch or
194  standalone-initiated connections. */
195  SERVICEFAILURE, /**< This tag is used when the VPN service
196  is no longer available. */
197  DISCONNECT, /**< Any disconnect notices should be seen by the user. */
198  SERVICESTOPPED, /**< This tag will be used in cases where the VPN service
199  has been stopped. */
200  CONNECT, /**< Tag indicating an action to be taken due to connect,
201  for example a request to minimize the UI. */
202  REASONUNKNOWN /**< */
203 };
204 
205 /**
206  * provides an indication of the type of credential data being requested.
207  */
208 #if defined(__midl)
209 [v1_enum] /*serialize as 32 bits*/
210 #endif
212 {
213  CERTIFICATE, /**< Indicates a certificate-only type of connection and
214  would not normally be sent to client unless a
215  post-authentication banner is to be displayed. */
216  CREDENTIALS, /**< Indicates that the user is to be prompted for authentication
217  credentials */
218  PROXY, /**< Indicates that the user is to be prompted for
219  proxy-authentication credentials */
220  MANUAL_PKCS12_IMPORT, /**< Indicates that the user is to be prompted for passwords related
221  to PKCS12 import*/
222  STATUS, /**< Indicates that status messages are to be displayed to
223  the user*/
224  SINGLESIGNON, /**< Indicates an embedded browser based single sign-on authentication method is requested. */
225  SINGLELOGOUT, /**< Indicates an embedded browser based single sign-on authentication logout is requested. */
226  LEGACY_SINGLESIGNON, /**< (deprecated) Indicates a browser based single sign-on authentication method is requested. */
227 };
228 
229 
230 /**
231  * Indicates the prompt or credential type.
232  */
233 #if defined(__midl)
234 [v1_enum] /*serialize as 32 bits*/
235 #endif
236 enum PromptType { Prompt_Input, /**< label and value. */
237  Prompt_Password, /**< label and value, indicates user
238  response should be masked. */
239  Prompt_Banner, /**< value (the banner) with no label set. */
240  Prompt_Combo, /**< list with choices options. */
241  Prompt_Header, /**< label intended as header and with
242  value. */
243  Prompt_Hidden, /**< hidden value, should be ignored and
244  left unchanged in response. */
245  Prompt_CheckBox, /**< label and value (contrained to true or false) */
246  Prompt_SSO /**< single sign-on authentication token prompt */
247 };
248 
249 #if defined(__midl)
250 [v1_enum] /*serialize as 32 bits*/
251 #endif
252 
253 /*
254  * ***************** !!! ATTENTION !!! ***********************************
255  * *
256  * * When updating this preference enum, you must ensure that the enum in
257  * * vpn/Api/jni/java/Preference.java is also updated.
258  * *
259  * ***************** !!! ATTENTION !!! ***********************************
260  */
262 {
263  ServiceDisable, /**< This preference disable the VPN service.
264  If more than one profile exists and any one
265  profile has VPN enabled, then it will be
266  enabled. False is the default. */
267  CertificateStoreOverride,/**< This preference will trigger an alternate
268  authentication sequence in the API. The
269  preference is only settable by an
270  administrator. */
271  CertificateStore, /**< This preference indicates which Windows certificate
272  store AnyConnect should look in for
273  certificates. The options are All, Machine
274  and User with a default of All. The preference
275  is only settable by an administrator. */
276  CertificateStoreMac, /**< This preference indicates which macOS keychain
277  AnyConnect should look in for certificates.
278  The options are All, System and Login with a default of All.
279  The preference is only settable by an administrator. */
280  ShowPreConnectMessage, /**< The ShowPreConnectMessage preference gives the
281  administrator the ability to display an AnyConnect
282  startup banner message. The message will appear
283  only once per AnyConnect program start. The
284  preference is only settable by an
285  administrator. */
286  AutoConnectOnStart, /**< This preference allows the user to select
287  whether to establish a connection automatically
288  on startup or not. */
289  MinimizeOnConnect, /**< This preference allows the user to select if
290  the GUI should minimize when the connection is
291  established */
292  LocalLanAccess, /**< This preference will provide a mechanism where
293  the user can disable access to their Local LAN. */
294  DisableCaptivePortalDetection, /**<This preference will provide a mechanism where
295  the user can disable captive portal detection.*/
296  AutoReconnect, /**< First control of the reconnect behavior. If the
297  client becomes disconnected for any reason, a
298  reconnect attempt is made. */
299  AutoReconnectBehavior, /**< Second control of the reconnect behavior. When
300  coming out of suspend/hibernate/standby mode.
301  Options are disconnect on suspend and reconnect
302  after suspend. */
303  SuspendOnConnectedStandby, /**< This setting allows to control whether the VPN tunnel
304  is suspended when the system enters the Connected Standby
305  mode. It applies only to Windows 8 and above. */
306  UseStartBeforeLogon, /**< This preference allows an administrator to
307  control the use of the Start Before Logon
308  feature. The preference can be set to true (on)
309  or false (off). */
310  AutoUpdate, /**< Once the Downloader has loaded the profile, it
311  can check the AutoUpdate preference to see if
312  updates are either disabled or enabled */
313  RSASecurIDIntegration, /**< This preference will enable the administrator
314  and possibly end user to select the preferred
315  method of managing their SDI PIN and PASSCODE
316  interactions. Options are Automatic (default),
317  SoftwareTokens and HardwareTokens. */
318  WindowsLogonEnforcement,/**< This preference allows an administrator to
319  control if more than one user may be logged into
320  the client PC during the VPN connection (Windows
321  only). */
322  WindowsVPNEstablishment,/**< This preference allows an administrator to
323  control whether or not remote users may initiate
324  a VPN connection (Windows only). */
325  LinuxLogonEnforcement, /**< This preference allows an administrator to
326  control if more than one user may be logged into
327  the client PC during the VPN connection (Linux
328  only). */
329  LinuxVPNEstablishment, /**< This preference allows an administrator to
330  control whether or not remote users may initiate
331  a VPN connection (Linux only). */
332  ProxySettings, /**< This preference allows an administrator to
333  control how user's proxy setups are handled.*/
334  AllowLocalProxyConnections, /**< This preference allows the administrator to control
335  whether to allow establishing a connection through
336  a local proxy. */
337  PPPExclusion, /**< This preference allows an administrator to control
338  the policy used to exclude routes to
339  PPP servers when connecting over L2TP or PPTP.
340  Options are Automatic (default), Disable,
341  and Override. */
342  PPPExclusionServerIP, /**< When PPPExclusion is set to Manual,
343  the value of this preference allows an
344  end user to specify the address of a
345  PPP server that should be excluded
346  from tunnel traffic. */
347  AutomaticVPNPolicy, /**< This preference allows an administrator to
348  define a policy to automatically manage when a
349  VPN connection should be started or stopped. */
350  TrustedNetworkPolicy, /**< This preference allows an administrator to
351  define a policy for users in trusted networks.
352  The options are: Disconnect or DoNothing. */
353  UntrustedNetworkPolicy, /**< This preference allows an administrator to
354  define a policy for users in untrusted networks.
355  The options are: Connect or DoNothing. */
356  TrustedDNSDomains, /**< This preference defines a list of comma
357  separated DNS suffixes that a network interface
358  in a trusted network might have. */
359  TrustedDNSServers, /**< This preference defines a list of comma
360  separated DNS servers that a network interface
361  in a trusted network might have. */
362  TrustedHttpsServerList, /**< This preference defines a list of comma separated
363  https servers reachable only via a trusted network.*/
364  AlwaysOn, /**< This preference governs VPN reestablishment after
365  interruptions */
366  ConnectFailurePolicy, /**< This preference gives the network administrator
367  the ability to dictate the network access allowed
368  by the client endpoint device following a VPN
369  connection establishment failure. It is a component
370  of AlwaysOn */
371  AllowCaptivePortalRemediation, /**< This preference gives the network administrator
372  the ability to dictate the network access
373  allowed by the client endpoint device following
374  a VPN connection establishment failure it is a
375  component of AlwaysOn */
376  CaptivePortalRemediationTimeout, /**< This preference allows the network administrator
377  the ability to impose a time limit for captive portal
378  remediation when the ConnectFailurePolicy value is Closed
379  It is a component of AlwaysOn */
380  ApplyLastVPNLocalResourceRules, /**< This preference gives the network administrator
381  the ability to allow split routes and firewall rules
382  to be applied following a VPN connection establishment
383  failure when the ConnectFailurePolicy value is Closed
384  It is a component of AlwaysOn */
385  AllowVPNDisconnect, /**< During Always On, this specifies that the user is allowed to
386  disconnect the VPN session. */
387  EnableScripting, /**< This preference allows an administrator to
388  enable scripting (on connect or on
389  disconnect). */
390  TerminateScriptOnNextEvent, /**< This preference dictates whether or not
391  AnyConnect will terminate a running script
392  process if a transition to another
393  scriptable event occurs. */
394  EnablePostSBLOnConnectScript, /**< This preference is used to control whether
395  or not the OnConnect script will be launched
396  from the desktop GUI when a tunnel has been
397  established via SBL. */
398  AutomaticCertSelection, /**< This preference dictates whether or not to disable
399  the default automatic certificate selection for user
400  certificates. If disabled, a certificate selection dialog is
401  displayed. This only applies if the GUI is enabled
402  and not SBL. This only applies to Windows (not WinMobile). */
403  RetainVpnOnLogoff, /**< First control of the logoff behavior. This preference allows
404  an administrator to control if the VPN is terminated or retained
405  after user logs off.*/
406  UserEnforcement, /**< Second control of the logoff behavior. When the VPN connection has
407  been retained after user logged off. Controls what user can log in
408  and keep the VPN connection. Options are same user only and any user. */
409  DeviceLockRequired, /**< This preference indicates whether or not
410  a Windows Mobile device must be configured
411  with a password or PIN prior to establishing
412  a VPN connection. This configuration is
413  only valid on Windows Mobile devices that
414  use the Microsoft Default Local
415  Authentication Provider (LAP). */
416  DeviceLockMaximumTimeoutMinutes, /**< When set to a non-negative number,
417  this preference specifies the maximum
418  number of minutes a device can be
419  inactive before device lock takes
420  into effect. (WM5/WM5AKU2+) */
421  DeviceLockMinimumPasswordLength, /**< When set to a non-negative number,
422  this preference specifies that any
423  PIN/password used for device lock
424  must be equal to or longer than
425  the specified value, in characters.
426  This setting must be pushed down to
427  the mobile device by syncing with
428  an Exchange server before it can be
429  enforced. (WM5AKU2+) */
430  DeviceLockPasswordComplexity, /**< This preference checks whether or
431  not the password belongs to one of
432  three subtypes: alpha, pin, strong */
433  EnableAutomaticServerSelection, /**< Automatic server selection will
434  automatically select the optimal
435  secure gateway for the endpoint */
436  AutoServerSelectionImprovement, /**< During a reconnection attempt after
437  a system resume, this setting
438  specifies the minimum estimated
439  performance improvement required to
440  justify transitioning a user to a new server
441  This value represents percentage in 0..100 */
442  AutoServerSelectionSuspendTime, /**< During a reconnection attempt after
443  a system resume, this specifies the
444  minimum time a user must have been
445  suspended in order to justify a new
446  server selection calculation. Unit is hours */
447  AuthenticationTimeout, /**< Time, in seconds, that the client waits
448  for authentication to be completed.*/
449  SafeWordSofTokenIntegration, /**< This preference will enable the administrator and possibly
450  the end user to enable SafeWord SofToken integration.
451  Options are Enabled (true) and Disabled (false - default). */
452  AllowIPsecOverSSL, /**< if 'true' then tunneling of IPSEC over SSL
453  is made possible with help from the ASA.
454  */
455  ClearSmartcardPin, /**< This preference controls whether the smartcard pin
456  will be cleared on a successful connection*/
457  IPProtocolSupport, /**< This preference controls which protocol(s) will be
458  allowed for the connection*/
459  CaptivePortalRemediationBrowserFailover, /**< This preference is applicable to enhanced captive portal
460  remediation and specifies whether the user is allowed to
461  opt for an external browser for remediation, as opposed to
462  the AnyConnect browser. */
463  AllowManualHostInput, /**< This preference specifies whether the user
464  is allowed to type a new hostname in the VPN
465  edit box. */
466  BlockUntrustedServers, /**< This preference specifies whether the user wants
467  to allow for connections to secure gateways with
468  certificate errors. */
469  PublicProxyServerAddress, /**< This preference specifies the public proxy server
470  address to be used. This number is in the format
471  ServerAddr:ServerPort (ex. 101.89.85.444:8080)
472  or just the FQDN. */
473  CertificatePinning, /**< This preference specifies whether Certificate Pinning
474  check should be performed during server certificate
475  verification. */
476  UnknownPreference
477 };
478 
479 
480 /**
481  * Indicates the scope of the preferences contained in a PreferenceInfo object
482  */
483 #if defined(__midl)
484 [v1_enum] /*serialize as 32 bits*/
485 #endif
487 {
488  User, /**< Indicates that the preferences were set by a user */
489  Global, /**< Indicates that the preferences are global */
490  UserAndGlobal /**< Indicates that we have both user and global preferences */
491 };
492 
493 /**
494  * Indicates the client mode of operation. Unlike tunneling mode or other
495  * mutually exclusive modes, client operating modes are independent settings,
496  * several of which can be turned on simultaneously.
497  */
498 #if defined(__midl)
499 [v1_enum] /*serialize as 32 bits*/
500 #endif
502 {
503  FIPS = (1 << 0), /**< Indicates that the client is
504  running in FIPS mode. */
505  StartBeforeLogon = (1 << 1), /**< Indicates that the client is
506  running in Start Before Login
507  mode. */
508  GUI = (1 << 2), /**< Indicates that the client is
509  a GUI client. */
510  TrustedNetworkDetection = (1 << 3), /**< Indicates that a Trusted Network
511  Detection policy is enabled for
512  the client. */
513  AlwaysOnVpn = (1 << 4), /**< Indicates that the Always On
514  policy is enabled for the client. */
515  NetworkIssue = (1 << 5), /**< For user notifications only.
516  Indication by API to the UI that
517  there is a network condition. */
518  Quarantined = (1 << 6), /**< Indicates that the VPN session is being
519  Quarantined by the secure gateway. */
520  AutomaticHeadendSelection= (1 << 7), /**< Indicates that Automatic Headend
521  is enabled. */
522  DisconnectAllowed = (1 << 8), /**< Indicates that the user is allowed
523  to disconnect the VPN based on
524  policy. */
525  VPNDisabled = (1 << 9), /**< Indicates that the VPN service is
526  to be marked as disabled. */
527  SCEPMode = (1 << 10), /**< Indicates that the client is
528  performing a SCEP cert enrollment. */
529  OnTrustedNetwork = (1 << 11), /**< Indicates that at last check, the
530  client detected that it was on
531  a trusted network. */
532  ManualHostInputAllowed = (1 << 12), /**< Indicates that the user is allowed
533  to add a new host by typing its name
534  in the VPN edit box. */
535  ErrorSuppressed = (1 << 13), /**< Indicates a connection error has
536  been returned fronm the agent, but
537  was suppressed to warning to
538  prevent popup dialog in the UI. */
539  StrictMode = (1 << 14), /**< Indicates that the client is
540  running in strict certificate trust mode. */
541  CLI = (1 << 15), /**< Indicates that the client is
542  a CLI client. */
543  Management = (1 << 16) /**< Indicates that the client is strictly
544  used for initiating a management tunnel. */
545 };
546 
547 /**
548  * Indicates the last error seen by the API in this connection attempt.
549  */
550 #if defined(__midl)
551 [v1_enum] /*serialize as 32 bits*/
552 #endif
554 {
555  VPNSuccess = 0, /**< No error has occurred. */
556  VPNError_Generic_FatalError = 1, /**< An error of unknown type has
557  occured */
558 
559  VPNError_Connection_Error = 100, /**< An unknown connection error has
560  occured, such as bad hostname, bad
561  group, etc. */
562  VPNError_Connection_InvalidGroupURL, /**< Invalid Group URL specified in the
563  server address */
564 
565  VPNError_Network_Error = 200, /**< An unknown network error has
566  occured, such as DNS resolution
567  error, unable to open socket,
568  routing error, captive portal,
569  etc. */
570 
571  VPNError_Authentication_Error = 300, /**< An unknown user authenication
572  error has occured. */
573 
574  VPNError_Authentication_DAP_Terminate, /**< Access Denied: Your system does
575  not meet policy requirements (DAP). */
576 
577  VPNError_ClientCertificate_UnknownError = 400, /**< An unknown client
578  certificate error has
579  occured. */
580  VPNError_ClientCertificate_Missing, /**< A client certificate is required
581  but no client certificate has been
582  found on the system. */
583  VPNError_ClientCertificate_Expired, /**< The client certificate has expired */
584  VPNError_ClientCertificate_NotYetValid, /**< The client certificate is not
585  yet valid. */
586 
587  VPNError_ServerCertificate_UnknownError = 500, /**< An unknown error has
588  occured when validating
589  the server certificate. */
590  VPNError_ServerCertificate_Expired, /**< The server certificate has
591  expired. */
592  VPNError_ServerCertificate_NotYetValid /**< The server certificate is not
593  yet valid. */
594 };
595 
597 {
598  CertAuth_Automatic, /**< Will try each available certificate in succession
599  until authentication is obtained or we run out of
600  available certificates */
601  CertAuth_Disabled, /**< Will disable Certificate Based Authentication */
602  CertAuth_Manual /**< Will only use preconfigured certificate to attempt
603  Certificate Based Authentication */
604 };
605 
606 enum CertificateType
607 {
608  CertificateType_Client,
609  CertificateType_SystemTrusted,
610  CertificateType_Server
611 };
612 
613 enum CertConfirmReason
614 {
615  CertConfirmReason_Unspecified,
616  CertConfirmReason_NameMismatch,
617  CertConfirmReason_Expired,
618  CertConfirmReason_NotValidYet,
619  CertConfirmReason_UntrustedSource,
620  CertConfirmReason_InvalidUse,
621  CertConfirmReason_Revoked,
622  CertConfirmReason_Malformed,
623  CertConfirmReason_NotFipsCompliant,
624  CertConfirmReason_InvalidateDate,
625  CertConfirmReason_SignatureAlgorithm,
626  CertConfirmReason_KeySize
627 };
628 
629 enum UserResponseError
630 {
631  UserResponseError_None,
632  UserResponseError_Unspecified,
633  UserResponseError_BadServerCert,
634  UserResponseError_SsoNavigation,
635  UserResponseError_SsoGettingCookie,
636  UserResponseError_SsoTimeout,
637  UserResponseError_SsoMissingDependency,
638  UserResponseError_SsoClientCertRequest
639 };
640 
641 #if defined(__midl)
642 [v1_enum] /*serialize as 32 bits*/
643 #endif
644 enum ClientType
645 {
646  ClientType_GUI,
647  ClientType_GUI_SBL,
648  ClientType_CLI,
649  ClientType_MGMT
650 };
651 
652 #endif // _APISTDHEADER_
VPNError_ClientCertificate_NotYetValid
Definition: api.h:584
CertificateStoreMac
Definition: api.h:276
ConnectFailurePolicy
Definition: api.h:366
REFRESHHOSTNAMES
Definition: api.h:173
Prompt_Hidden
Definition: api.h:243
SuspendOnConnectedStandby
Definition: api.h:303
VPNError_Connection_Error
Definition: api.h:559
WMHintReason
WMHintReason
Definition: api.h:187
AutoConnectOnStart
Definition: api.h:286
MINIMIZE
Definition: api.h:170
MsgType_Warn
Definition: api.h:97
CREDENTIALS
Definition: api.h:216
CertificateStore
Definition: api.h:271
MANUAL_PKCS12_IMPORT
Definition: api.h:220
VPNError_Network_Error
Definition: api.h:565
DeviceLockPasswordComplexity
Definition: api.h:430
DeviceLockMaximumTimeoutMinutes
Definition: api.h:416
AutoUpdate
Definition: api.h:310
ClearSmartcardPin
Definition: api.h:455
FIPS
Definition: api.h:503
ErrorSuppressed
Definition: api.h:535
EnablePostSBLOnConnectScript
Definition: api.h:394
DISCONNECT
Definition: api.h:197
VPNError_ServerCertificate_UnknownError
Definition: api.h:587
WindowsVPNEstablishment
Definition: api.h:322
PAUSING
Definition: api.h:135
EnableScripting
Definition: api.h:387
MsgType_Alert
Definition: api.h:96
GUI
Definition: api.h:508
PreferenceId
PreferenceId
Definition: api.h:261
SDITokenType
SDITokenType
Definition: api.h:110
DisableCaptivePortalDetection
Definition: api.h:294
VPNError_Generic_FatalError
Definition: api.h:556
AutoServerSelectionImprovement
Definition: api.h:436
DisconnectAllowed
Definition: api.h:522
Prompt_Header
Definition: api.h:241
TrustedNetworkPolicy
Definition: api.h:350
Quarantined
Definition: api.h:518
Prompt_Banner
Definition: api.h:239
PAUSED
Definition: api.h:136
AllowIPsecOverSSL
Definition: api.h:452
AutomaticVPNPolicy
Definition: api.h:347
SERVICESTOPPED
Definition: api.h:198
DeviceLockRequired
Definition: api.h:409
UntrustedNetworkPolicy
Definition: api.h:353
CLOSECREDENTIALPOPUP
Definition: api.h:176
MessageType
MessageType
Definition: api.h:93
CertAuthMode
CertAuthMode
Definition: api.h:596
Prompt_Input
Definition: api.h:236
CONNECT
Definition: api.h:200
DISCONNECTED
Definition: api.h:126
SSOPOLLING
Definition: api.h:137
AutomaticHeadendSelection
Definition: api.h:520
MinimizeOnConnect
Definition: api.h:289
VPNError_ClientCertificate_Missing
Definition: api.h:580
WMHint
WMHint
Definition: api.h:168
PublicProxyServerAddress
Definition: api.h:469
VPNState
VPNState
Definition: api.h:123
DeviceLockMinimumPasswordLength
Definition: api.h:421
UserAndGlobal
Definition: api.h:490
Management
Definition: api.h:543
AlwaysOnVpn
Definition: api.h:513
ProxySettings
Definition: api.h:332
CertAuth_Disabled
Definition: api.h:601
CertificateStoreOverride
Definition: api.h:267
WindowsLogonEnforcement
Definition: api.h:318
CertAuth_Automatic
Definition: api.h:598
VPNError_ClientCertificate_Expired
Definition: api.h:583
AutomaticCertSelection
Definition: api.h:398
MsgType_Info
Definition: api.h:98
REFRESHPREFS
Definition: api.h:174
Prompt_Password
Definition: api.h:237
PPPExclusionServerIP
Definition: api.h:342
VPNError
VPNError
Definition: api.h:553
SECONDGUISTART
Definition: api.h:189
CertAuth_Manual
Definition: api.h:602
BlockUntrustedServers
Definition: api.h:466
Prompt_CheckBox
Definition: api.h:245
VPNError_Authentication_DAP_Terminate
Definition: api.h:574
PROXY
Definition: api.h:218
DISCONNECTING
Definition: api.h:128
TrustedNetworkDetection
Definition: api.h:510
VPNSubState
VPNSubState
Definition: api.h:147
PROXYREQUEST
Definition: api.h:193
SERVICEFAILURE
Definition: api.h:195
AllowVPNDisconnect
Definition: api.h:385
EnableAutomaticServerSelection
Definition: api.h:433
VPNError_Authentication_Error
Definition: api.h:571
CLI
Definition: api.h:541
ApplyLastVPNLocalResourceRules
Definition: api.h:380
SINGLESIGNON
Definition: api.h:224
OperatingMode
OperatingMode
Definition: api.h:501
StrictMode
Definition: api.h:539
UseStartBeforeLogon
Definition: api.h:306
TrustedDNSServers
Definition: api.h:359
RSASecurIDIntegration
Definition: api.h:313
ConnectPromptType
ConnectPromptType
Definition: api.h:211
AllowCaptivePortalRemediation
Definition: api.h:371
ManualHostInputAllowed
Definition: api.h:532
Prompt_Combo
Definition: api.h:240
CONNECTED
Definition: api.h:125
SINGLELOGOUT
Definition: api.h:225
OPEN
Definition: api.h:171
SHOWCONNECTING
Definition: api.h:175
SafeWordSofTokenIntegration
Definition: api.h:449
VPNError_ServerCertificate_Expired
Definition: api.h:590
VPNSuccess
Definition: api.h:555
VPNError_ClientCertificate_UnknownError
Definition: api.h:577
MsgType_Error
Definition: api.h:95
User
Definition: api.h:488
VPNError_Connection_InvalidGroupURL
Definition: api.h:562
PPPExclusion
Definition: api.h:337
AllowManualHostInput
Definition: api.h:463
STATUS
Definition: api.h:222
TerminateScriptOnNextEvent
Definition: api.h:390
UserEnforcement
Definition: api.h:406
QUIT
Definition: api.h:172
CERTIFICATE
Definition: api.h:213
AllowLocalProxyConnections
Definition: api.h:334
AutoReconnect
Definition: api.h:296
AuthenticationTimeout
Definition: api.h:447
LinuxVPNEstablishment
Definition: api.h:329
VPNError_ServerCertificate_NotYetValid
Definition: api.h:592
LocalLanAccess
Definition: api.h:292
RetainVpnOnLogoff
Definition: api.h:403
IPProtocolSupport
Definition: api.h:457
StartBeforeLogon
Definition: api.h:505
AutoReconnectBehavior
Definition: api.h:299
ShowPreConnectMessage
Definition: api.h:280
OnTrustedNetwork
Definition: api.h:529
NetworkIssue
Definition: api.h:515
LEGACY_SINGLESIGNON
Definition: api.h:226
CONNECTING
Definition: api.h:127
AlwaysOn
Definition: api.h:364
RECONNECTING
Definition: api.h:129
CaptivePortalRemediationTimeout
Definition: api.h:376
Prompt_SSO
Definition: api.h:246
LinuxLogonEnforcement
Definition: api.h:325
TrustedDNSDomains
Definition: api.h:356
SCEPMode
Definition: api.h:527
CaptivePortalRemediationBrowserFailover
Definition: api.h:459
AutoServerSelectionSuspendTime
Definition: api.h:442
CertificatePinning
Definition: api.h:473
VPNDisabled
Definition: api.h:525
PreferenceScope
PreferenceScope
Definition: api.h:486
MsgType_Status
Definition: api.h:99
Global
Definition: api.h:489
ServiceDisable
Definition: api.h:263
PromptType
PromptType
Definition: api.h:236
TrustedHttpsServerList
Definition: api.h:362