AnyConnect Secure Mobility Client  5.1.2.42
GenDefs.h
1 /**************************************************************************
2 * Copyright (c) 2000, 2004-2023 Cisco Systems, Inc.
3 * All Rights Reserved. Cisco Highly Confidential.
4 ***************************************************************************
5 *
6 * File: GenDefs.h
7 * Date: 08/2000
8 *
9 ***************************************************************************
10 * NOTE* This file is for PORTABILITY related defines ONLY.
11 ***************************************************************************
12 * defines base types to be used by all CVC client components
13 ***************************************************************************/
14 #ifndef __GENDEFS_H
15 #define __GENDEFS_H
16 
17 // Conditional compile directive defines used by the VPN API's ClientIfc.h and ClientIfcBase.h are
18 // placed in ClientIfcCommon.h instead of this header file. This is to avoid duplication of those
19 // defines, most of which are conditional themselves. The reason for this is because ClientIfc.h and
20 // ClientIfcBase.h are published as part of our VPN API SDK. As such, we do not want them including
21 // GenDefs.h in order to limit the amount of source code we reveal to customers and partners. Thus
22 // we only expose what is necessary for ClientIfc.h and ClientIfcsBase.h.
23 //
24 #include "../Api/ClientIfcCommon.h"
25 
26 #ifndef _WIN32
27 
28 #ifndef USES_CONVERSION
29 #define USES_CONVERSION
30 #endif
31 
32 #define PRELIM_UNIX_PORT
33 
34 #ifdef HAVE_CONFIG_H
35 #include "config.h"
36 #endif
37 
38 #ifdef HAVE_STDINT_H
39 #ifndef CNI_LINUX_INTERFACE
40 #include <stdint.h>
41 #endif
42 #elif HAVE_INTTYPES_H
43 #include <inttypes.h>
44 #endif
45 
46 #ifdef HAVE_SYS_TYPES_H
47 #ifndef CNI_LINUX_INTERFACE
48 #include <sys/types.h>
49 #else
50 #include <linux/types.h>
51 #undef _UINTPTR_T_DEFINED
52 #undef _INTPTR_T_DEFINED
53 #endif
54 #endif
55 
56 #undef FAR
57 #define FAR
58 #undef PASCAL
59 #define PASCAL
60 
61 #else //_WIN32
62 #define HAVE_STDINT_H
63 #include <stdint.h>
64 #undef HAVE_CONFIG_H
65 #undef HAVE_SYS_TYPES_H
66 #define WORDS_BIGENDIAN 0
67 #if !defined(DWORD)
68 typedef unsigned long DWORD;
69 #endif // !defined(DWORD)
70 
71 #endif //_WIN32
72 
73 
74 #undef TRUE
75 #define TRUE 1
76 
77 #undef FALSE
78 #define FALSE 0
79 
80 #ifdef DDKBUILD //building with the DDK as the source.
81 #include <crtdefs.h>
82 #endif
83 
84 #if !defined(PLATFORM_WIN_APP)
85 // it'd be nice if we could switch to the C99 standard types at some point...
86 #if defined(HAVE_STDINT_H) || defined(HAVE_INTTYPES_H)
87 typedef uint8_t bool8;
88 typedef uint16_t bool16;
89 typedef uint32_t bool32;
90 
91 typedef int8_t int8;
92 typedef int16_t int16;
93 
94 #if (!defined(CNI_LINUX_INTERFACE) || !defined(CONFIG_ISDN_PPP) || !defined(CONFIG_ISDN_PPP_VJ) || !defined(_SLHC_H)) && !defined(PROTYPES_H)
95 typedef int32_t int32;
96 #endif
97 
98 typedef uint8_t uint8;
99 typedef uint16_t uint16;
100 
101 #if !defined(CSSMAPI) && !defined(PROTYPES_H)
102 #ifdef _WIN32
103 typedef unsigned long uint32;
104 #else
105 typedef uint32_t uint32;
106 #endif
107 #endif
108 
109 typedef uint64_t uint64;
110 #else
111 
112 typedef unsigned char uint8;
113 typedef unsigned short uint16;
114 #ifndef CSSMAPI
115 typedef unsigned long uint32;
116 #endif
117 typedef unsigned char uint8_t;
118 typedef unsigned short uint16_t;
119 #if defined(_WIN32) && !defined (HS_TYPES_H_)
120 typedef unsigned long uint32_t;
121 #endif
122 
123 #ifdef _WIN32
124 typedef __int64 int64;
125 typedef unsigned __int64 uint64;
126 typedef __int64 int64_t;
127 typedef unsigned __int64 uint64_t;
128 #else
129 typedef long long int64;
130 typedef unsigned long long int uint64;
131 typedef long long int64_t;
132 typedef unsigned long long int uint64_t;
133 #endif
134 #endif
135 
136 // Definitions for Windows not available in <stdint.h>
137 #ifdef _WIN32
138 typedef unsigned long bool32_t;
139 typedef unsigned char bool8_t;
140 #endif
141 
142 // integer types for doing pointer arithmetic, they should be the
143 // same size as a pointer. Part of the C99 standard, but they aren't
144 // available everywhere yet.
145 // These defs should work with IA32 (x86), ILP32 (sparcv8) and LP64 (sparcv9).
146 // These types are protected with the WIN32 macros (_INTPTR_T_DEFINED), since
147 // some, but not all of the WIN32 SDK's define these types.
148 #ifdef _WIN32
149 #ifndef _INTPTR_T_DEFINED
150 #if defined(_LP64)
151 #warning 64 bit
152 typedef int64 intptr_t;
153 #else
154 typedef int32 intptr_t;
155 #endif
156 #define _INTPTR_T_DEFINED
157 #endif
158 
159 #ifndef _UINTPTR_T_DEFINED
160 #if defined(_LP64)
161 #warning 64 bit
162 typedef uint64 uintptr_t;
163 #else
164 typedef uint32 uintptr_t;
165 #endif
166 #define _UINTPTR_T_DEFINED
167 #endif
168 #endif
169 
170 #ifndef __OBJC__ /* Mac OS X defines this in ObjectiveC land... */
171 typedef int BOOL;
172 #endif
173 
174 #ifndef _WIN32
175 typedef int BOOLEAN;
176 #endif
177 
178 #ifdef _WIN32
179 typedef int mode_t;
180 #endif
181 
182 typedef unsigned char uchar;
183 #ifndef HAVE_SYS_TYPES_H
184 typedef unsigned int uint;
185 typedef unsigned short ushort;
186 typedef unsigned long ulong;
187 #endif
188 
189 #ifndef PLATFORM_ANDROID
190 typedef ulong ULONG;
191 typedef ulong* PULONG;
192 #endif
193 
194 #if defined(PLATFORM_ANDROID)
195 typedef unsigned long ulong;
196 typedef unsigned short ushort;
197 #endif
198 
199 typedef uint32 DWORD;
200 typedef uint32* PDWORD;
201 typedef long LONG;
202 typedef long* PLONG;
203 typedef int INT;
204 typedef int* PINT;
205 typedef uint UINT;
206 typedef uint* PUINT;
207 typedef uint16 USHORT;
208 typedef uint16* PUSHORT;
209 typedef int16 SHORT;
210 typedef int16* PSHORT;
211 typedef uint16 WORD;
212 typedef uint16* PWORD;
213 typedef char CHAR;
214 typedef uchar UCHAR;
215 typedef char* PCHAR;
216 typedef uint8 BYTE;
217 typedef uint8* PBYTE;
218 #define VOID void
219 typedef void* PVOID;
220 #ifdef _WIN32
221 typedef void* HANDLE;
222 #else
223 typedef int HANDLE;
224 typedef int SOCKET;
225 typedef const char* LPCTSTR;
226 typedef const char* LPCSTR;
227 typedef const char* PCTSTR;
228 typedef char* LPTSTR;
229 typedef void* LPVOID;
230 typedef char* LPSTR;
231 typedef long* LPLONG;
232 typedef DWORD* LPDWORD;
233 typedef signed int INT32;
234 
235 
236 typedef struct __WSABUF
237 {
238  unsigned long len;
239  char *buf;
240 } WSABUF, *LPWSABUF;
241 
242 typedef struct OVERLAPPED
243 {
244  void *data;
245  int fd;
246 } OVERLAPPED,*LPOVERLAPPED;
247 
248 typedef struct sockaddr_in SOCKADDR_IN;
249 typedef struct sockaddr_in6 SOCKADDR_IN6;
250 
251 #endif //!_WIN32
252 
253 typedef HANDLE* PHANDLE;
254 typedef uint8 KIRQL;
255 #else // PLATFORM_WIN_APP
256 typedef unsigned long bool32;
257 typedef unsigned long bool32_t;
258 typedef unsigned long ulong;
259 typedef unsigned char BYTE;
260 typedef unsigned long uint32;
261 typedef int32_t int32;
262 typedef unsigned char bool8_t;
263 typedef void* HANDLE;
264 #endif // !defined(PLATFORM_WIN_APP)
265 
266 typedef long STATUSCODE;
267 
268 /* function parameter context */
269 #undef IN
270 #define IN
271 
272 #undef OUT
273 #define OUT
274 
275 #undef INOUT
276 #define INOUT
277 
278 #undef packed
279 #define packed
280 
281 #ifndef CLEAR
282 #define CLEAR(a) memset(&a,0,sizeof(a))
283 #endif
284 
285 #ifndef POINT_BEYOND
286 #define POINT_BEYOND(a,t) (t) &((&a)[1])
287 #endif
288 
289 #ifndef MAX
290 #define MAX(a,b) ((a) > (b) ? (a) : (b))
291 #endif
292 #ifndef MIN
293 #define MIN(a,b) ((a) < (b) ? (a) : (b))
294 #endif
295 
296 #ifndef _WIN32
297 #define _ftime ftime
298 #define _timeb timeb
299 #define __cdecl
300 #define __stdcall
301 #ifndef __fastcall
302 #define __fastcall
303 #endif
304 #ifndef WINAPI
305 #define WINAPI
306 #endif
307 #ifndef CALLBACK
308 #define CALLBACK
309 #endif
310 #endif
311 
312 #ifndef _WIN32
313 #undef INVALID_SOCKET
314 #define INVALID_SOCKET -1
315 #undef INVALID_FD
316 #define INVALID_FD -1
317 #undef SOCKET_ERROR
318 #define SOCKET_ERROR -1
319 #undef SOCKADDR
320 #define SOCKADDR sockaddr
321 #undef SOCKADDR_IN
322 #define SOCKADDR_IN sockaddr_in
323 #undef SOCKADDR_IN6
324 #define SOCKADDR_IN6 sockaddr_in6
325 
326 #if defined(PLATFORM_DARWIN) || defined(PLATFORM_APPLE_SSLVPN) || defined(APPLE_IOS)
327 #define s6_words __u6_addr.__u6_addr16
328 #elif defined(PLATFORM_LINUX)
329 #define s6_words s6_addr16
330 #endif
331 
332 #endif
333 
334 #ifndef _CRT_SECURE_NO_DEPRECATE
335 #define _CRT_SECURE_NO_DEPRECATE
336 #endif
337 
338 
339 #if !defined(_WIN32)
340 
341 #ifndef ZeroMemory
342 #define ZeroMemory ZEROMEM
343 #ifndef PLATFORM_ANDROID
344  #define ZEROMEM(ptr,cnt) \
345  if ( NULL != ptr ) { memset(ptr,0,cnt); }
346 #else
347  // Cius compiler will generate a compilation error for: if( &var )
348  #define ZEROMEM(ptr,cnt) \
349  { \
350  void *pZero = ptr; \
351  if ( NULL != pZero ) { memset(pZero,0,cnt); } \
352  }
353 #endif /* !PLATFORM_ANDROID */
354 #endif /* ZeroMemory */
355 
356 #ifndef SecureZeroMemory
357 #define SECUREZEROMEM(ptr, cnt) \
358  do { \
359  size_t size = (size_t)cnt; \
360  volatile char *vptr = (volatile char *)ptr; \
361  while (size) { \
362  *vptr = 0; \
363  vptr++; \
364  size--; \
365  } \
366  } while(0);
367 #define SecureZeroMemory SECUREZEROMEM
368 #endif /* SecureZeroMemory */
369 #endif /* Windows */
370 
371 
372 
373 #ifndef _WIN32
374 #define _strnicmp strncasecmp
375 #define _stricmp strcasecmp
376 #endif
377 
378 #if !defined(UINT16_MAX)
379 #define UINT16_MAX 0xffffu
380 #endif
381 
382 #ifndef ARRAY_ELEMENT_BYTES
383 // Yields the number of bytes in an element of the array.
384 #define ARRAY_ELEMENT_BYTES(a) (sizeof(a[0]))
385 #endif
386 
387 #ifndef ARRAY_SIZE
388 // Yields the number of elements in the array.
389 #define ARRAY_SIZE(a) (sizeof(a)/ARRAY_ELEMENT_BYTES(a))
390 #endif
391 
392 #if !defined(TO_STR) && !defined(TO_TSTR) && !defined(SYMBOL_TO_STR) && !defined(SYMBOL_TO_TSTR)
393 
394 // use TO_STR(x)/TO_TSTR(x) to stringize (put double quotes around) x
395 // example:
396 // std::string foo = TO_STR(15);
397 // tstring bar = TO_TSTR(15);
398 // becomes
399 // std::string foo = "15";
400 // tstring bar = _T("15");
401 #define TO_STR(x) #x
402 #define TO_TSTR(x) _T(#x)
403 
404 // use SYMBOL_TO_STR(x)/SYMBOL_TO_TSTR(x) to stringize
405 // the definition of symbol x
406 // example:
407 // #define MAX_LEN 15
408 // std::string foo = SYMBOL_TO_STR(MAX_LEN);
409 // tstring bar = SYMBOL_TO_TSTR(MAX_LEN);
410 // becomes
411 // std::string foo = "15";
412 // tstring bar = _T("15");
413 //
414 // Note that TO_STR(MAX_LEN) results in "MAX_LEN". The double macro is required in
415 // order to strinigize the *definition* of a symbol (as opposed to the symbol itself)
416 #define SYMBOL_TO_STR(x) TO_STR(x)
417 #define SYMBOL_TO_TSTR(x) TO_TSTR(x)
418 
419 #endif
420 
421 #if defined(_WIN32)
422 #define systemtime_t __time64_t
423 #define getSystemTimeInSeconds() _time64(NULL)
424 #else
425 #define systemtime_t time_t
426 #define getSystemTimeInSeconds() time(NULL)
427 #endif
428 
429 #ifndef _WIN32
430 #ifndef INFINITE
431 #define INFINITE 0xFFFFFFFF
432 #endif
433 #endif
434 
435 #ifdef _WIN32
436 #define ANY_PATHNAME_DELIMITER "/\\"
437 #define PATHNAME_DELIMITER '\\'
438 #define PATHNAME_DELIMITER_STR "\\"
439 #else
440 #define ANY_PATHNAME_DELIMITER "/"
441 #define PATHNAME_DELIMITER '/'
442 #define PATHNAME_DELIMITER_STR "/"
443 #endif
444 #define URL_URI_DELIMITER '/'
445 #define URL_URI_DELIMITER_STR "/"
446 
447 #ifdef _WIN32
448 #define NEWLINE "\r\n"
449 #else
450 #define NEWLINE "\n"
451 #endif
452 
453 #if defined(_WIN32)
454 #define HOSTSFILE_LOCATION _T("drivers\\etc\\hosts")
455 #else
456 #define HOSTSFILE_LOCATION _T("/etc/hosts")
457 #endif
458 
459 #ifdef _WIN32
460 #define DebugWriteFile(_handle_,_buffer_,_length_,_refCharsWritten_) \
461  WriteFile((_handle_),(_buffer_),(_length_),(_refCharsWritten_),NULL)
462 #else
463 #ifndef INVALID_HANDLE_VALUE
464 #define INVALID_HANDLE_VALUE NULL
465 #endif
466 #define DebugWriteFile(_handle_,_buffer_,_length_,_refCharsWritten_) \
467  fprintf((_handle_), "%s", (_buffer_)); \
468  fflush((_handle_))
469 #endif
470 
471 typedef uint8_t MAC_ADDR[6];
472 
473 #if !defined(_WIN32)
474 #ifndef ADDRESS_FAMILY
475 typedef unsigned short ADDRESS_FAMILY;
476 #endif
477 #endif
478 
479 #if __cplusplus >= 201103L
480 #define CPP_11_SUPPORTED
481 #endif
482 #if __cplusplus >= 201402L
483 #define CPP_14_SUPPORTED
484 #endif
485 #if __cplusplus >= 201703L
486 #define CPP_17_SUPPORTED
487 #endif
488 
489 #if ((defined(_WIN32) && !defined(PLATFORM_WIN_APP)) || defined(PLATFORM_DARWIN) || defined(PLATFORM_LINUX)) && !defined(ANYCONNECT_USE_SNAK)
490 /*
491  ** the FIREWALL_SUPPORTED define is used to track the platforms
492  ** where the firewall feature is supported. This is to avoid repeating the
493  ** platforms in #ifdef clauses in other files.
494  ** Also, when Firewall feature expands to other platforms, they only need to be added in
495  ** one place.
496  */
497 #define FIREWALL_SUPPORTED
498 #endif
499 
500 #if (defined(_WIN32) && !defined(PLATFORM_WIN_APP)) || defined(PLATFORM_DARWIN) || defined(PLATFORM_LINUX)
501 /*
502 ** the TRUSTED_NETWORK_DETECTION define is used to track the platforms
503 ** where Trusted Network Detection is performed. This is to avoid repeating the
504 ** platforms in #ifdef clauses in other files.
505 ** Also, when TND support expands to other platforms, they only need to be added in
506 ** one place.
507 */
508 #define TRUSTED_NETWORK_DETECTION
509 
510 /*
511  * Android only uses TND to report state to NVM.
512  * Policy-based actions are not supported.
513  */
514 #if !defined(PLATFORM_ANDROID)
515 #define TND_ACTIONS_SUPPORTED
516 #endif
517 
518 /*
519  * Platforms that support multi-homing prevention.
520  */
521 #if defined(PLATFORM_DARWIN) || (defined(PLATFORM_LINUX) && !defined(PLATFORM_ANDROID))
522 #define MULTI_HOMING_PREVENTION_SUPPORTED
523 #endif
524 
525 #endif
526 
527 #if defined(PLATFORM_DESKTOP) || defined(PLATFORM_ANDROID)
528 #define INTER_MODULE_STATE_NOTIFY
529 #endif
530 
531 #if ((defined(_WIN32) && !defined(PLATFORM_WIN_APP)) || defined(PLATFORM_DARWIN) || defined(PLATFORM_LINUX) || defined(TRUSTED_NETWORK_DETECTION)) && !defined(PLATFORM_ANDROID)
532 /*
533 ** the LOGIN_UTILITIES_SUPPORTED define is used to track the platforms
534 ** that support AnyConnect action triggered by user login. This is to avoid
535 ** repeating the platforms in #ifdef clauses in other files.
536 ** Also, when login support expands to other platforms, they only need to be added in
537 ** one place.
538 */
539 #define LOGIN_UTILITIES_SUPPORTED
540 #endif
541 
542 #if !(defined(PLATFORM_APPLE_SSLVPN) && TARGET_CPU_ARMV6)
543 /*
544 ** A bug was discovered in iPhone testing wherein virtual inline functions do
545 ** not work correctly on ARMv6 processors. To work around this, virtual inline
546 ** function need to be made standard virtual functions on ARMv6. To prevent
547 ** differences in runtime behavior, the VIRTUAL_INLINES_SUPPORTED define is used
548 ** to define some virtual inlines in the header files, letting the functions be
549 ** defined without the inline type in the cpp file for non-supported platforms.
550 */
551 #define VIRTUAL_INLINES_SUPPORTED
552 #endif
553 
554 #if !defined(PLATFORM_APPLE_SSLVPN) && !defined(PLATFORM_ANDROID) && !defined(PLATFORM_WIN_APP)
555 /*
556 ** the SCRIPTING_SUPPORTED define is used to enable the script manager for launching
557 ** customer provided scripts on events like connection establishment, completion of
558 ** disconnect, and captive portal detection.
559 */
560 #define SCRIPTING_SUPPORTED
561 #endif
562 
563 #if (defined(_WIN32) && !defined(PLATFORM_WIN_APP)) || defined(PLATFORM_DARWIN) || (defined(PLATFORM_LINUX) && !defined(ANYCONNECT_USE_SNAK))
564 /*
565 ** the NETWORK_ENVIRONMENT_STATE define is used to track the platforms
566 ** where NETWORK_ENVIRONMENT_STATE check is performed. This is to avoid repeating the
567 ** platforms in #ifdef clauses in other files.
568 ** Also, when NES support expands to other platforms, they only need to be added in
569 ** one place.
570 */
571 #define NETWORK_ENVIRONMENT_STATE
572 #endif
573 
574 
575 #if (defined(_WIN32) && !defined(PLATFORM_WIN_APP)) || defined(PLATFORM_DARWIN) || (defined(PLATFORM_LINUX) && !defined(ANYCONNECT_USE_SNAK))
576 /*
577 ** The AUTOMATIC_HEADEND_SELECTION define is used to track the platforms
578 ** where Automatic Headend Selection is performed. This is to avoid repeating the
579 ** platforms in #ifdef clauses in other files.
580 ** Also, when AHS support expands to other platforms, they only need to be added in
581 ** one place.
582 */
583 #define AUTOMATIC_HEADEND_SELECTION
584 #endif
585 
586 #if (defined(_WIN32) && !defined(PLATFORM_WIN_APP)) || defined(PLATFORM_DARWIN)
587 /*
588  ** the MUS_HOST_SERVICES define is used to track the platforms
589  ** where MUS Host Status check is performed. This is to avoid repeating the
590  ** platforms in #ifdef clauses in other files.
591  */
592 #define MUS_HOST_SERVICES
593 #endif
594 
595 // BUGBUG - initially only enable code signing for Windows
596 #if (defined(_WIN32) && !defined(PLATFORM_WIN_APP)) || defined(PLATFORM_DARWIN) || (defined(PLATFORM_LINUX) && !defined(PLATFORM_LINUX_EMBEDDED_PPC) && !defined(PLATFORM_LINUX_EMBEDDED_ARM) && !defined(PLATFORM_ANDROID))
597 /*
598  ** the CODE_SIGNING_SUPPORTED define is used to track the platforms
599  ** where code sign verification is support. This is to avoid repeating the
600  ** platforms in #ifdef clauses in other files.
601  **
602  */
603 #define CODE_SIGNING_SUPPORTED
604 #endif
605 
606 #if defined(_WIN32) && !defined(PLATFORM_WIN_APP)
607 #define RSA_SECURID_SUPPORTED
608 #endif
609 
610 #if defined(_WIN32) && !defined(PLATFORM_WIN_APP)
611 #define SAFEWORD_SOFTOKEN_SUPPORTED
612 #endif
613 
614 #if (defined(_WIN32) && !defined(PLATFORM_WIN_APP)) || defined(PLATFORM_DARWIN) || defined(PLATFORM_LINUX) || defined(PLATFORM_APPLE_SSLVPN)
615 /*
616  ** the IPSEC_SUPPORTED define is used to track the platforms
617  ** where the IPSec protocol is supported. This is to avoid repeating the
618  ** platforms in #ifdef clauses in other files.
619  */
620 #define IPSEC_SUPPORTED
621 #endif
622 
623 #if defined(_WIN32) || defined(PLATFORM_DARWIN) || defined(PLATFORM_LINUX) || defined(PLATFORM_APPLE_SSLVPN) || defined (PLATFORM_ANDROID)
624 /*
625  ** The IPV6_SUPPORTED define is used to track the platforms
626  ** where full IPv6 capability is supported. This is to avoid repeating the
627  ** platforms in #ifdef clauses in other files.
628  ** Note that this is further narrowed down by method CIPv6Util::IsIPv6FullCapabilitySupported.
629  */
630 #define IPV6_SUPPORTED
631 #endif
632 
633 #if (defined(_WIN32) && !defined(PLATFORM_WIN_APP)) || defined(PLATFORM_DARWIN) || defined(PLATFORM_LINUX) || defined(PLATFORM_APPLE_SSLVPN)
634 /*
635  ** the PLUGIN_PROTOCOL_SUPPORTED define is used to track the platforms
636  ** where modular protocol Plugins are supported. This is to avoid repeating the
637  ** platforms in #ifdef clauses in other files.
638  */
639 #define PLUGIN_PROTOCOL_SUPPORTED
640 #endif
641 
642 #if defined(_WIN32) && !defined(PLATFORM_WIN_APP)
643 /*
644 ** The IPSEC_OVER_SSL define is used to track the platforms
645 ** where the feature "IPsec tunneling over SSL for Oracle" (EDCS-852737) is supported.
646 ** This is to avoid repeating the platforms in #ifdef clauses in other files.
647 ** Also, when the support expands to other platforms, they only need to be added in
648 ** one place.
649 */
650 #define IPSEC_OVER_SSL
651 #endif
652 
653 #if (defined(_WIN32) && !defined(PLATFORM_WIN_APP)) || defined(PLATFORM_DARWIN) || (defined(PLATFORM_LINUX) && !defined(PLATFORM_ANDROID)) || defined(APPLE_IOS)
654 /*
655  ** the DATA_OBFUSCATING_SUPPORTED define is used to track the platforms
656  ** where data obfuscation using key exchanges are supported. This is to
657  ** avoid repeating the platforms in #ifdef clauses in other files.
658  */
659 #define DATA_OBFUSCATING_SUPPORTED
660 #endif
661 
662 #if !defined(PLATFORM_APPLE_SSLVPN) && !defined(PLATFORM_WIN_APP) && !defined(PLATFORM_ANDROID)
663 /*
664 ** the HOSTFILE_MODIFICATION_SUPPORTED define is used to track the platforms
665 ** where hosts file modification is performed. This is to avoid repeating the
666 ** platforms in #ifdef clauses in other files.
667 */
668 #define HOSTSFILE_MODIFICATION_SUPPORTED
669 #endif
670 
671 #if defined(_WIN32) || defined(PLATFORM_DARWIN) || defined(PLATFORM_LINUX) || defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN)|| defined(PLATFORM_WIN_APP)
672 /*
673 ** the SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED define is used to track the platforms
674 ** where SCEP enrollment can be performed. This is to avoid repeating the
675 ** platforms in #ifdef clauses in other files.
676 */
677 #define SCEP_CERTIFICATE_ENROLLMENT_SUPPORTED
678 #endif
679 
680 #if defined(_WIN32)
681 /*
682 ** these XXX_PROFILE_SUPPORTED defines are used to track the platforms where
683 ** Service Profiles for optional modules are supported.
684 ** All platforms: VPN
685 ** Windows: NAM, Web Security, ISE Posture, FireAMP, NVM and OpenDNS
686  */
687 #define NAM_PROFILE_SUPPORTED
688 #define WEBSEC_PROFILE_SUPPORTED
689 #define ISEPOSTURE_PROFILE_SUPPORTED
690 #define FIREAMP_PROFILE_SUPPORTED
691 #define NVM_PROFILE_SUPPORTED
692 #define OPENDNS_PROFILE_SUPPORTED
693 #elif defined(PLATFORM_DARWIN)
694 /*
695 ** OS X: Web Security, ISE Posture, FireAMP, NVM and OpenDNS
696 */
697 #define WEBSEC_PROFILE_SUPPORTED
698 #define ISEPOSTURE_PROFILE_SUPPORTED
699 #define FIREAMP_PROFILE_SUPPORTED
700 #define NVM_PROFILE_SUPPORTED
701 #define OPENDNS_PROFILE_SUPPORTED
702 #elif defined(PLATFORM_LINUX)
703 #define NVM_PROFILE_SUPPORTED
704 #define ISEPOSTURE_PROFILE_SUPPORTED
705 #endif
706 
707 #if defined(_WIN32) || defined(PLATFORM_DARWIN)
708 /*
709 ** the CLOUD_UPDATE_SUPPORTED define is used to track the platforms
710 ** that support cloud updates (currently from OpenDNS). This is to avoid repeating the
711 ** platforms in #ifdef clauses in other files.
712 */
713 #define CLOUD_UPDATE_SUPPORTED
714 #endif
715 
716 #if (defined(_WIN32) || defined(PLATFORM_DARWIN)) && defined(PLATFORM_DESKTOP)
717 /*
718 ** The DNS_PLUGIN_SUPPORTED define is used to track the platforms where the DNS KDF plugin is
719 ** available. This is to avoid repeating the platforms in #ifdef clauses in other files.
720 ** Also, when support expands to other platforms, they only need to be added in one place.
721 */
722 #define DNS_PLUGIN_SUPPORTED
723 #if defined(_WIN32)
724 /*
725 ** The DNS_PLUGIN_DNS_REQ_HANDLING_SUPPORTED define is used to track the platforms where the DNS KDF plugin is
726 ** available and supports handling of DNS requests during the VPN tunnel (e.g. for split-DNS or tunnel-all-DNS enforcement).
727 **/
728 #define DNS_PLUGIN_DNS_REQ_HANDLING_SUPPORTED
729 #endif // _WIN32
730 /*
731 ** The DYNAMIC_SPLIT_TUNNELING_SUPPORTED define is used to track the platforms where dynamic split tunneling is supported.
732 **/
733 #define DYNAMIC_SPLIT_TUNNELING_SUPPORTED
734 #endif // (_WIN32 || PLATFORM_DARWIN) && PLATFORM_DESKTOP
735 
736 #if defined(PLATFORM_DESKTOP)
737 /*
738 ** The exportStats call is only supported on the Desktop Platforms,
739 ** it should not be included or supported if it is not a Desktop Plat
740 */
741 #define EXPORT_STATS_SUPPORTED
742 #endif
743 
744 #if defined(_WIN32) || defined(PLATFORM_DARWIN) || defined(PLATFORM_LINUX) || defined(PLATFORM_APPLE_SSLVPN)
745 #define AC_CERTIFICATE_POLICY_SUPPORTED
746 #endif
747 
748 #ifndef _TRSTRING
749 #define _tr(String) String
750 #define _TRSTRING
751 #endif
752 
753 #ifndef _C_MYASSERT
754 #define C_MYASSERT(e) typedef char __C_MYASSERT__[(e)?1:-1]
755 #define _C_MYASSERT
756 #endif
757 
758 #if defined(PLATFORM_APPLE_SSLVPN) || defined(APPLE_IOS)
759 #define NETWORK_ORDER_LOOPBACK_INTF_ADDR htonl(0x7f000001) // 127.0.0.1
760 #endif
761 
762 #if !defined(BITS_PER_BYTE)
763 #define BITS_PER_BYTE 8
764 #endif
765 
766 #if defined(PLATFORM_DESKTOP) && defined(PLATFORM_LINUX)
767 #define STATIC_THREAD_LOCAL static __thread
768 #else
769 #define STATIC_THREAD_LOCAL thread_local
770 #endif
771 
772 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN)
773 // Zlib is statically linked.
774 #define STATIC_ZLIB
775 #endif
776 
777 #if (defined(PLATFORM_LINUX) && !defined(PLATFORM_ANDROID)) || defined(PLATFORM_DARWIN)
778 // Use zlib dynamic library on the system.
779 #define USE_SYSTEM_ZLIB
780 #endif
781 
782 
783 /*
784  * Platforms that support a single profile.
785  */
786 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID)
787 #define USE_SINGLE_PROFILE
788 #endif
789 
790 
791 /*
792  * Platforms that support ACIDEX.
793  */
794 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN) || defined(_WIN32) || defined(PLATFORM_DARWIN) || defined(PLATFORM_LINUX)
795 #define ACIDEX_SUPPORTED
796 #endif
797 
798 /*
799  * Platforms that support PerApp.
800  */
801 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN)
802 #define PERAPP_SUPPORTED
803 #endif
804 
805 #if defined(PLATFORM_ANDROID)
806 // On Android, modifying the default route may break system network services.
807 #define DONT_TOUCH_IPV4_DEFAULT_ROUTE
808 #endif
809 
810 #if defined(PLATFORM_APPLE_SSLVPN) || defined(PLATFORM_ANDROID) || defined(PLATFORM_WIN_APP)
811 #define SNAK_NO_ROUTE_TABLE_ACCESS
812 #endif
813 
814 #if defined(ANYCONNECT_USE_SNAK) || defined(PLATFORM_APPLE_SSLVPN)
815 #define GLOBAL_SNAK_PLUGIN_VER 2
816 #endif
817 
818 #if !defined(PLATFORM_APPLE_SSLVPN) && !defined(PLATFORM_ANDROID)
819 // support for automatic reconnects
820 #define AUTORECONNECT_SUPPORTED
821 #endif
822 
823 #if !defined(PLATFORM_LINUX_EMBEDDED_PPC) && !defined(PLATFORM_WEBOS_ARM) && !defined(PLATFORM_WEBOS_X86) && !defined(APPLE_IOS) && !defined(PLATFORM_WIN_APP) && !defined(_DOWNLOADER)
824 #define FIPS_SUPPORTED
825 #endif
826 
827 #if !defined(PLATFORM_WIN_APP) && !defined(PLATFORM_APPLE_SSLVPN) && !defined(PLATFORM_LINUX_EMBEDDED_PPC) && !defined(PLATFORM_WEBOS_ARM) && !defined(PLATFORM_WEBOS_X86) && !defined(APPLE_IOS)
828 #define LEAF_SUPPORTED
829 #endif
830 
831 #if defined(PLATFORM_DESKTOP) && (defined(_WIN32) || defined(PLATFORM_LINUX))
832 /*
833 ** This define is used to track platforms where user logon
834 ** related preferences in client profile are supported.
835 */
836 #define ENFORCE_USER_LOGON_SETTINGS
837 #endif
838 
839 #if !defined(PLATFORM_ANDROID) // More platforms need to be added
840 #define WIDE_CHAR_SUPPORTED
841 #endif
842 
843 #if defined(PLATFORM_DESKTOP) && (defined(_WIN32) || defined(PLATFORM_DARWIN))
844 /*
845 ** This define is used to track platforms where private-side proxy
846 ** settings are supported.
847 */
848 #define TUNNEL_PROXY_SETTINGS_SUPPORTED
849 #endif
850 
851 /*
852 ** Public Proxy support is only implemented on Windows, Linux and Mac desktop platforms
853 */
854 #if defined(PLATFORM_DESKTOP)
855 #define PUBLIC_PROXY_SUPPORTED
856 #endif
857 
858 /*
859 ** NTLM support is only implemented on Windows desktop platforms
860 */
861 #if defined(_WIN32) && defined(PUBLIC_PROXY_SUPPORTED)
862 #define PROXYAUTH_NTLM_SUPPORTED
863 #endif
864 
865 #if defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN)
866 #define IMPORT_API_SUPPORTED
867 #endif
868 
869 #if defined(PLATFORM_APPLE_SSLVPN)
870 /*
871 ** This serves to tell the IPsec plugin interface to explicitly
872 ** exclude it's global namespace entry points, leaving the only
873 ** plugin interface as a set of static class methods, which the
874 ** loading code will look for directly.
875 */
876 #define IPSEC_AS_INTERNAL_MODULE
877 #endif
878 
879 #if defined(PLATFORM_ANDROID) // More platforms need to be added
880 #define dynamic_cast reinterpret_cast
881 #endif
882 
883 /*
884 ** The SMARTCARD_SUPPORTED define is used to track the platforms where smartcard
885 ** certificate authentication is supported. This is to avoid repeating the
886 ** platforms in #ifdef clauses in other files.
887 */
888 #if (defined(_WIN32) && !defined(PLATFORM_WIN_APP)) || defined(PLATFORM_DARWIN)
889 #define SMARTCARD_SUPPORTED
890 /*
891 ** The SMARTCARD_REMOVAL_SUPPORTED define is used to track the platforms where smartcard
892 ** removal monitoring is supported. This is to avoid repeating the
893 ** platforms in #ifdef clauses in other files.
894 */
895 #if defined(_WIN32)
896 #define SMARTCARD_REMOVAL_SUPPORTED
897 #endif
898 #endif // (_WIN32 && !PLATFORM_WIN_APP) || PLATFORM_DARWIN
899 
900 #if (defined(PLATFORM_LINUX) || defined(PLATFORM_DARWIN)) && !defined(ANYCONNECT_USE_SNAK)
901 /*
902  ** The CIRCUMVENT_HOST_FILTERING_SUPPORTED define is used to track the platforms
903  ** where AnyConnect can control whether or not pre-existing host filtering is
904  ** circumvented upon applying AnyConnect filtering (only applicable to split-tunneling).
905  */
906 #define CIRCUMVENT_HOST_FILTERING_SUPPORTED
907 #endif
908 
909 #if defined(PLATFORM_LINUX) && defined(PLATFORM_DESKTOP)
910 /*
911  ** The TUNNEL_FROM_ANY_SOURCE_SUPPORTED define is used to track the platforms
912  ** where admin can control whether or not to allow packets from any source addresses
913  ** being tunneled.
914  */
915 #define TUNNEL_FROM_ANY_SOURCE_SUPPORTED
916 #endif
917 
918 #if defined(_WIN32) && !defined(ANYCONNECT_USE_SNAK)
919 /*
920  ** The SKIP_DHCP_SERVER_ROUTE_SUPPORTED define is used to track the platforms
921  ** where the admin can control whether or not the public DHCP server route is created
922  ** upon establishing the VPN tunnel.
923  */
924 #define SKIP_DHCP_SERVER_ROUTE_SUPPORTED
925 #endif
926 
927 #if defined(PLUGIN_PROTOCOL_SUPPORTED)
928  #if defined(_WIN32)
929  #define SERVICE_PLUGIN_SUPPORTED
930  #define PHONEHOME_PLUGIN_SUPPORTED
931  #elif defined(PLATFORM_DARWIN)
932  #define SERVICE_PLUGIN_SUPPORTED
933  #define PHONEHOME_PLUGIN_SUPPORTED
934  #elif defined(PLATFORM_LINUX) && !defined(PLATFORM_ANDROID)
935  #define PHONEHOME_PLUGIN_SUPPORTED
936  #define SERVICE_PLUGIN_SUPPORTED
937  #endif
938 #endif
939 
940 #if defined (PLATFORM_DARWIN) || defined (PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN) || (defined (PLATFORM_LINUX) && !defined (ANYCONNECT_USE_SNAK))
941 #define FILE_STORE_SUPPORTED
942 #endif
943 
944 /*
945 ** the THREADS_SUPPORTED define is used to track the platforms where
946 ** threads are supported. This is to avoid repeating the
947 ** platforms in #ifdef clauses in other files.
948 */
949 #define THREADS_SUPPORTED
950 
951 #if !defined(PLATFORM_WIN_APP)
952 /*
953 ** the CAPTIVE_PORTAL_DETECTION_SUPPORTED define is used to track the platforms where
954 ** captive portal detection is supported. This is to avoid repeating the
955 ** platforms in #ifdef clauses in other files.
956 */
957 #define CAPTIVE_PORTAL_DETECTION_SUPPORTED
958 #endif
959 
960 #if (defined(_WIN32) || defined(PLATFORM_DARWIN)) && defined(CAPTIVE_PORTAL_DETECTION_SUPPORTED) && defined(PLATFORM_DESKTOP)
961 /*
962 ** the SECURE_CAPTIVE_PORTAL_REMEDIATION_SUPPORTED define is used to track the platforms where
963 ** secure/enhanced captive portal remediation is supported.
964 */
965 #define SECURE_CAPTIVE_PORTAL_REMEDIATION_SUPPORTED
966 
967 /*
968 ** The SCPR_FILTERING_VIA_KDF define tracks the platforms where secure captive
969 ** portal remediation filtering applied via KDF is supported.
970 */
971 #if defined(_WIN32) || defined(PLATFORM_DARWIN)
972 #define SCPR_FILTERING_VIA_KDF
973 #endif // _WIN32 || PLATFORM_DARWIN
974 #endif // (_WIN32 || PLATFORM_DARWIN) && CAPTIVE_PORTAL_DETECTION_SUPPORTED && PLATFORM_DESKTOP
975 
976 #if (defined(_WIN32) || defined(PLATFORM_DARWIN)) && defined(PLATFORM_DESKTOP)
977 /*
978 ** The REMOTE_PEER_ACCESS_HARDENING define is used to track the platforms where hardening of access
979 ** to the VPN headend/public proxy is available.
980 */
981 #define REMOTE_PEER_ACCESS_HARDENING
982 #endif // (_WIN32 || PLATFORM_DARWIN) && PLATFORM_DESKTOP
983 
984 /*
985 ** the EVENTS_SUPPORTED define is used to track the platforms where
986 ** events are supported. This is to avoid repeating the
987 ** platforms in #ifdef clauses in other files.
988 */
989 #define EVENTS_SUPPORTED
990 
991 #if defined(IPV6_SUPPORTED) && !defined(PLATFORM_WIN_APP) && !defined(PLATFORM_ANDROID) && !defined(PLATFORM_APPLE_SSLVPN)
992 /*
993 ** the MODIFY_HOSTSFILE_SUPPORTED define is used to track the platforms where
994 ** modification of the system's hosts file is supported. This is to avoid repeating the
995 ** platforms in #ifdef clauses in other files.
996 */
997 #define MODIFY_HOSTSFILE_SUPPORTED
998 #endif
999 
1000 #if !defined(PLATFORM_WIN_APP)
1001 /*
1002 ** the HOST_CONFIG_MANAGER_SUPPORTED define is used to track the platforms where
1003 ** broad control of the host OS is supported. This is to avoid repeating the
1004 ** platforms in #ifdef clauses in other files.
1005 */
1006 #define HOST_CONFIG_MANAGER_SUPPORTED
1007 #endif
1008 
1009 #if defined(PLATFORM_WIN_APP) || defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN)
1010 /*
1011 ** the FILE_SYNCHRONIZER_SUPPORTED define is used to track the platforms where
1012 ** files downloaded directly by VPN API are supported. This is to avoid repeating the
1013 ** platforms in #ifdef clauses in other files.
1014 */
1015 #define FILE_SYNCHRONIZER_SUPPORTED
1016 #endif
1017 
1018 #if defined(_WIN32) || defined(PLATFORM_DARWIN) || (defined(PLATFORM_LINUX) && !defined(PLATFORM_ANDROID))
1019 /*
1020  ** the SAVE_VPNCONFIG_TO_FILE_SUPPORTED define is used to track the platforms where the
1021  ** writting of the VPN config to file is supported. This is to avoid repeating the
1022  ** platforms in #ifdef clauses in other files.
1023  */
1024 #define SAVE_VPNCONFIG_TO_FILE_SUPPORTED
1025 #endif
1026 
1027 /*
1028 * DSCP preservation is not considered for Downloader. Downloader uses socket transport for IPC.
1029 */
1030 #if (defined(PLATFORM_ANDROID) || defined(PLATFORM_DARWIN) || defined(_WIN32)) && !defined(_DOWNLOADER) && !defined(PLATFORM_WIN_APP)
1031 // Used to enable preservation of Differentiated Services field in the IP packet header.
1032 #define DIFFSERV_PRESERVATION_SUPPORTED
1033 #endif
1034 
1035 #if !defined(PLATFORM_WIN_APP)
1036 /*
1037 ** the ROUTE_MANAGER_SUPPORTED define is used to track the platforms
1038 ** where RouteMgr is supported. This is to avoid repeating the
1039 ** platforms in #ifdef clauses in other files.
1040 */
1041 #define ROUTE_MANAGER_SUPPORTED
1042 #endif
1043 
1044 #if !defined(PLATFORM_WIN_APP)
1045 /*
1046 ** the FILTER_MANAGER_SUPPORTED define is used to track the platforms
1047 ** where FilterMgr is supported. This is to avoid repeating the
1048 ** platforms in #ifdef clauses in other files.
1049 */
1050 #define FILTER_MANAGER_SUPPORTED
1051 #endif
1052 
1053 #if defined(PLATFORM_APPLE_SSLVPN)
1054 // Used to enable the file logging for Apple plugins.
1055 //#define FILE_LOGGING_SUPPORTED
1056 #endif
1057 
1058 /*
1059 ** Legacy Single sign on authentication.
1060 ** Explicitly disabled on mobile platforms due to session fixation vulnerability, as described in CSCvg65072
1061 ** To be removed from desktop platforms in some future AnyConnect release (4.7?)
1062 */
1063 #if defined(PLATFORM_DESKTOP)
1064 #define SSO_V1_SUPPORTED
1065 #endif
1066 
1067 /*
1068 ** Single sign on authentication (requires embedded browser).
1069 */
1070 #if !defined(PLATFORM_WIN_APP)
1071 #define SSO_SUPPORTED
1072 #endif
1073 
1074 #if defined (PLATFORM_DESKTOP) || defined(PLATFORM_ANDROID) || (defined(PLATFORM_APPLE_SSLVPN) && defined(SUBPLATFORM_IPHONE))
1075 #define EXTERNAL_SSO_SUPPORTED
1076 #endif
1077 
1078 
1079 #if !defined(PLATFORM_WIN_APP)
1080 #define MCA_SUPPORTED
1081 #endif
1082 
1083 #define TIMERS_SUPPORTED
1084 
1085 #if !defined(PLATFORM_WIN_APP)
1086 #define LOAD_EXTERNAL_MODULES
1087 #endif
1088 
1089 #if defined(PLATFORM_ANDROID)
1090 #define SPLIT_DNS_PROXY_SUPPORTED
1091 #endif
1092 
1093 #if (defined(_WIN32) || defined(PLATFORM_DARWIN)) && defined(PLATFORM_DESKTOP)
1094 /*
1095 ** The MGMT_TUNNEL_SUPPORTED define is used to track the platforms where
1096 ** the management tunnel feature is supported.
1097 */
1098 #define MGMT_TUNNEL_SUPPORTED
1099 #endif
1100 
1101 #if (defined(_WIN32) || defined(PLATFORM_DARWIN) || defined(PLATFORM_LINUX)) && defined(PLATFORM_DESKTOP)
1102 /*
1103 ** The SPLIT_DNS_EXCLUDE_SUPPORTED define is used to track the platforms where
1104 ** split DNS for split exclude tunneling is supported.
1105 ** Note: on Linux, due to lack of KDF support, similar to the split include counterpart, only DNS traffic over
1106 ** the tunnel is controlled, i.e. the so-called "DNS fallback for split tunneling" (EDCS-792232).
1107 */
1108 #define SPLIT_DNS_EXCLUDE_SUPPORTED
1109 #endif // (_WIN32 || PLATFORM_DARWIN || PLATFORM_LINUX) && PLATFORM_DESKTOP
1110 
1111 #if (defined(_WIN32) || defined(PLATFORM_DARWIN)) && defined(PLATFORM_DESKTOP)
1112 /*
1113 ** The BYPASS_VIRTUAL_SUBNETS_ONLY_SUPPORTED define is used to track the platforms where
1114 ** limiting the localLAN split exclude to only virtual subnets is supported.
1115 */
1116 #define BYPASS_VIRTUAL_SUBNETS_ONLY_SUPPORTED
1117 #endif // (_WIN32 || PLATFORM_DARWIN) && PLATFORM_DESKTOP
1118 
1119 #if (defined(_WIN32) && defined(PLATFORM_DESKTOP)) || defined(MGMT_TUNNEL_SUPPORTED)
1120 // Machine certificate authentication SSL tunnel connections via agent are supported
1121 // on Windows desktop, and also on all platforms supporting the management tunnel feature.
1122 //
1123 #define SSL_CONNECT_VIA_AGENT_SUPPORTED
1124 #endif
1125 
1126 /*
1127 ** Performance optimization for the tunnel packet processing loop to attempt to process
1128 ** multiple packets before calling back into select().
1129 */
1130 #if !defined(_WIN32)
1131 #define MULTI_TUN_PACKET_PROCESSING_SUPPORTED
1132 #endif
1133 
1134 #if (defined(_WIN32) && defined(_M_ARM64))
1135 /*
1136 ** Disable Hostscan on Windows native ARM64 builds.
1137 */
1138 #define ANYCONNECT_NO_CSD
1139 #endif
1140 #if defined(_WIN32) && defined(PLATFORM_DESKTOP) && !defined(_M_ARM64) && !defined(X86_FOR_ARM64)
1141 /*
1142 ** Connected Standby is supported in Windows desktop but not UWP and not ARM64 (both native ARM64 and the hybrid _WIN32_FOR_ARM64).
1143 */
1144 #define CONNECTED_STANDBY_SUPPORTED
1145 #endif
1146 
1147 #if defined(_WIN32) && defined(PLATFORM_DESKTOP) || defined(PLATFORM_APPLE_SSLVPN)
1148 /*
1149 ** This define is used to track platforms where multi-line logs are readable, and hence supported.
1150 */
1151 #define MULTI_LINE_LOGS_SUPPORTED
1152 #endif
1153 
1154 #if defined(PLATFORM_ANDROID)
1155 #define PBR_SUPPORTED
1156 #endif
1157 
1158 #if defined(PBR_SUPPORTED) && defined(PLATFORM_APPLE_SSLVPN) && defined(SUBPLATFORM_IPHONE)
1159 #define USERSPACE_DNS_CACHE_SUPPORTED;
1160 #endif
1161 
1162 #if defined (PLATFORM_ANDROID)
1163 #define PCAP_VA_SUPPORTED
1164 #endif
1165 
1166 /*
1167  * Platforms that support Unix Domain Socket.
1168  */
1169 #if defined(PLATFORM_ANDROID)
1170 #define UNIX_DOMAIN_SOCKET_SUPPORTED
1171 #endif
1172 
1173 /*
1174  * Platforms that use dynamic port assignment for IPC.
1175  */
1176 #if defined(PLATFORM_APPLE_SSLVPN)
1177 #define IPC_DYNAMIC_PORT_ASSIGNMENT
1178 #endif
1179 
1180 #if !defined(PLATFORM_WIN_APP)
1181 /*
1182 ** This define is used to track platforms where the MTU adjustment can be cached
1183 ** in a persistent cache (file) and be used across multiple VPN sessions.
1184 */
1185 #define MTU_ADJUSTMENT_CACHING_SUPPORTED
1186 #endif
1187 
1188 #if defined(PLATFORM_DARWIN)
1189 // On Linux based systems, it is possible for an IPC connection to be blocked or go bad without the
1190 // Agent being made aware, especially on macOS where we set the NOSIGPIPE option. Triggering an
1191 // immediate read on the socket when a failure is suspected will expose any existing socket failure.
1192 // However, this is not appropriate to do on Windows and is currently limited to DARWIN to limit
1193 // testing requirements, so this define is used to enable the functionality. Consideration should
1194 // be given to add PLATFORM_LINUX to the defined condition.
1195 #define IPC_DEPOT_SOCKET_FAILURE_DETECTION
1196 #endif
1197 
1198 #if defined(PLATFORM_LINUX) || defined(PLATFORM_ANDROID) || defined(PLATFORM_APPLE_SSLVPN)
1199 /*
1200 ** This is to track platforms where OCSP revocation check for server certificate is supported.
1201 */
1202 #define OCSP_SUPPORTED
1203 #endif
1204 
1205 /*
1206 ** The PRECONNECT_REMINDER_MSG_SUPPORTED define is used to track the platforms
1207 ** support AnyConnect pre-connect reminder message. The message is displayed only
1208 ** during the first connection attempt.
1209 **
1210 */
1211 #if defined(PLATFORM_DESKTOP) && !defined(PLATFORM_DARWIN)
1212 #define PRECONNECT_REMINDER_MSG_SUPPORTED
1213 #endif
1214 
1215 // Defines found in ClientIfcCommon.h but documented here for confidentiality.
1216 //
1217 // LOCAL_POLICY_DIR_CHANGE_SUPPORTED involves the Agent detecting the local policy file has been
1218 // changed (by SecureX or other external means) and notifying the API with message
1219 // MESSAGE_ID_EVENT_NOTIFICATION, event code EC_LOCAL_POLICY_FILE_CHANGED.
1220 //
1221 // Note: DYNAMIC_UPDATE_LOCAL_POLICY is a case where the VPN API makes the update to the local
1222 // policy file and informs the Agent of the change. If these two opposite sides of the same
1223 // coin ever need to coexist in the product, further investigation and testing is required to
1224 // determine what additional changes may be necessary.
1225 //
1226 // PROFILE_FILES_DIR_CHANGE_SUPPORTED involves the Agent detecting a profile file has been changed
1227 // (by SecureX or other external means) and notifying the API with message
1228 // MESSAGE_ID_EVENT_NOTIFICATION, event code EC_PROFILE_FILE_CHANGED.
1229 //
1230 // VPNAPI_EVENT_NOTIFICATION_SUPPORTED involves the event notification TLV for sending notification
1231 // of various events from the Agent to the applications, and enables the creation of an event
1232 // notification processing thread in the VPN API. It is used primarily (and at present only) for
1233 // handling of local policy file or profile files changes notifications.
1234 
1235 // VPNAPI_TRANSMIGRATION_SUPPORTED involves enabling the VPN API transmigration functionality. At
1236 // present this functionality is only used in conjunction with local policy file or profile files
1237 // change detection and notification.
1238 //
1239 #if (defined(LOCAL_POLICY_DIR_CHANGE_SUPPORTED) || defined(PROFILE_FILES_DIR_CHANGE_SUPPORTED)) && \
1240  defined(VPNAPI_EVENT_NOTIFICATION_SUPPORTED)
1241  #define VPNAPI_TRANSMIGRATION_SUPPORTED
1242 #endif
1243 
1244 // Uncomment to enable user notifications of an updated local policy file or updated client profiles.
1245 //
1246 #if defined(LOCAL_POLICY_DIR_CHANGE_SUPPORTED) || defined(PROFILE_FILES_DIR_CHANGE_SUPPORTED)
1247 // #define VPNAPI_NOTIFY_USER_OF_POLICY_OR_PROFILE_CHANGE_SUPPORTED
1248 #endif
1249 
1250 #if defined(PLATFORM_ANDROID)
1251 // On Android, it's been observed that with certain CLAT46 networks, the local IPv4 address
1252 // obtained from the native public socket does not match any network interface IP addresses
1253 // enumerated from higher-level Android framework. This native IPv4 address is still valid
1254 // however and corresponds to the pseudo IPv4 address of the CLAT46 interface (e.g. 192.0.0.4).
1255 // This define is a workaround to continue allowing VPN tunnel to function in these cases.
1256 // BUGBUG: This workaround may now be redundant for Android with CLAT46 detection in NCSSIPCServer.
1257 #define ALLOW_INVALID_PUBLIC_INTERFACE_ADDRESS
1258 #endif
1259 
1260 #if (defined(_WIN32) && defined(PLATFORM_DESKTOP))
1261 // RFC 8784 is currenlty only supported on Windows Desktop
1262 #define RFC_8784_SUPPORTED
1263 #endif
1264 
1265 /* END OF MACRO HELL */
1266 #endif /*__GENDEFS_H*/