1 /*XXX
2 There is a bug in asn2wrs that it can not yet handle tagged assignments such
3 as EXTERNAL ::= [UNIVERSAL 8] IMPLICIT SEQUENCE {
4
5 This bug is workedaround by some .cnf magic but this should be cleaned up
6 once asn2wrs learns how to deal with tagged assignments
7 */
8
9 /* packet-acse.c
10 * Routines for ACSE packet dissection
11 * Ronnie Sahlberg 2005
12 * dissect_acse() based original handwritten dissector by Sid
13 * Yuriy Sidelnikov <YSidelnikov@hotmail.com>
14 *
15 * Wireshark - Network traffic analyzer
16 * By Gerald Combs <gerald@wireshark.org>
17 * Copyright 1998 Gerald Combs
18 *
19 * SPDX-License-Identifier: GPL-2.0-or-later
20 */
21
22 #include "config.h"
23
24 #include <epan/packet.h>
25 #include <epan/exceptions.h>
26 #include <epan/expert.h>
27 #include <epan/oids.h>
28 #include <epan/asn1.h>
29
30 #include "packet-ber.h"
31 #include "packet-acse.h"
32 #include "packet-ses.h"
33 #include "packet-pres.h"
34 #include "packet-x509if.h"
35
36 #define PNAME "ISO 8650-1 OSI Association Control Service"
37 #define PSNAME "ACSE"
38 #define PFNAME "acse"
39
40 #define CLPNAME "ISO 10035-1 OSI Connectionless Association Control Service"
41 #define CLPSNAME "CLACSE"
42 #define CLPFNAME "clacse"
43
44 #define ACSE_APDU_OID "2.2.1.0.1"
45
46 void proto_register_acse(void);
47 void proto_reg_handoff_acse(void);
48
49 /* Initialize the protocol and registered fields */
50 int proto_acse = -1;
51 int proto_clacse = -1;
52
53
54
55 #include "packet-acse-hf.c"
56 static gint hf_acse_user_data = -1;
57
58 /* Initialize the subtree pointers */
59 static gint ett_acse = -1;
60 #include "packet-acse-ett.c"
61
62 static expert_field ei_acse_dissector_not_available = EI_INIT;
63 static expert_field ei_acse_malformed = EI_INIT;
64 static expert_field ei_acse_invalid_oid = EI_INIT;
65
66 static dissector_handle_t acse_handle = NULL;
67
68 /* indirect_reference, used to pick up the signalling so we know what
69 kind of data is transferred in SES_DATA_TRANSFER_PDUs */
70 static guint32 indir_ref=0;
71
72 #if NOT_NEEDED
73 /* to keep track of presentation context identifiers and protocol-oids */
74 typedef struct _acse_ctx_oid_t {
75 /* XXX here we should keep track of ADDRESS/PORT as well */
76 guint32 ctx_id;
77 char *oid;
78 } acse_ctx_oid_t;
79 static wmem_map_t *acse_ctx_oid_table = NULL;
80
81 static guint
82 acse_ctx_oid_hash(gconstpointer k)
83 {
84 acse_ctx_oid_t *aco=(acse_ctx_oid_t *)k;
85 return aco->ctx_id;
86 }
87 /* XXX this one should be made ADDRESS/PORT aware */
varray_open(int size,int expand)88 static gint
89 acse_ctx_oid_equal(gconstpointer k1, gconstpointer k2)
90 {
91 acse_ctx_oid_t *aco1=(acse_ctx_oid_t *)k1;
92 acse_ctx_oid_t *aco2=(acse_ctx_oid_t *)k2;
93 return aco1->ctx_id==aco2->ctx_id;
94 }
95
96 static void
97 register_ctx_id_and_oid(packet_info *pinfo _U_, guint32 idx, char *oid)
98 {
99 acse_ctx_oid_t *aco, *tmpaco;
100 aco=wmem_new(wmem_file_scope(), acse_ctx_oid_t);
101 aco->ctx_id=idx;
102 aco->oid=wmem_strdup(wmem_file_scope(), oid);
103
104 /* if this ctx already exists, remove the old one first */
105 tmpaco=(acse_ctx_oid_t *)wmem_map_lookup(acse_ctx_oid_table, aco);
106 if (tmpaco) {
107 wmem_map_remove(acse_ctx_oid_table, tmpaco);
108 }
109 wmem_map_insert(acse_ctx_oid_table, aco, aco);
110 }
111 static char *
112 find_oid_by_ctx_id(packet_info *pinfo _U_, guint32 idx)
113 {
114 acse_ctx_oid_t aco, *tmpaco;
varray_assign(VARRAY * vb,int index,int force)115 aco.ctx_id=idx;
116 tmpaco=(acse_ctx_oid_t *)wmem_map_lookup(acse_ctx_oid_table, &aco);
117 if (tmpaco) {
118 return tmpaco->oid;
119 }
120 return NULL;
121 }
122
123 # endif /* NOT_NEEDED */
124
125 #include "packet-acse-fn.c"
126
127
128 /*
129 * Dissect ACSE PDUs inside a PPDU.
130 */
131 static int
132 dissect_acse(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, void* data)
133 {
134 int offset = 0;
135 proto_item *item;
136 proto_tree *tree;
137 char *oid;
138 struct SESSION_DATA_STRUCTURE* session;
139 asn1_ctx_t asn1_ctx;
140 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
141
142 /* do we have spdu type from the session dissector? */
143 if (data == NULL) {
144 return 0;
145 }
146
147 /* first, try to check length */
148 /* do we have at least 2 bytes */
149 if (!tvb_bytes_exist(tvb, 0, 2)) {
150 proto_tree_add_item(parent_tree, hf_acse_user_data, tvb, offset,
151 tvb_reported_length_remaining(tvb,offset), ENC_NA);
152 return 0; /* no, it isn't a ACSE PDU */
153 }
154
155 session = ( (struct SESSION_DATA_STRUCTURE*)data);
156 if (session->spdu_type == 0) {
157 if (parent_tree) {
158 REPORT_DISSECTOR_BUG("Wrong spdu type %x from session dissector.",session->spdu_type);
varray_append(VARRAY * vb)159 return 0;
160 }
161 }
162
163 asn1_ctx.private_data = session;
164 /* save parent_tree so subdissectors can create new top nodes */
165 asn1_ctx.subtree.top_tree = parent_tree;
166
167 /* ACSE has only AARQ,AARE,RLRQ,RLRE,ABRT type of pdu */
168 /* reject everything else */
varray_reset(VARRAY * vb)169 /* data pdu is not ACSE pdu and has to go directly to app dissector */
170 switch (session->spdu_type) {
171 case SES_CONNECTION_REQUEST: /* AARQ */
172 case SES_CONNECTION_ACCEPT: /* AARE */
173 case SES_REFUSE: /* RLRE */
174 case SES_DISCONNECT: /* RLRQ */
175 case SES_FINISH: /* RLRE */
176 case SES_ABORT: /* ABRT */
177 case CLSES_UNIT_DATA: /* AARQ Connectionless session */
178 break;
179 case SES_DATA_TRANSFER:
180 oid=find_oid_by_pres_ctx_id(pinfo, indir_ref);
181 if (oid) {
182 if (strcmp(oid, ACSE_APDU_OID) == 0) {
183 proto_tree_add_expert_format(parent_tree, pinfo, &ei_acse_invalid_oid, tvb, offset, -1,
184 "Invalid OID: %s", ACSE_APDU_OID);
185 }
186 else {
187 call_ber_oid_callback(oid, tvb, offset, pinfo, parent_tree, NULL);
188 }
189 } else {
190 proto_tree_add_expert(parent_tree, pinfo, &ei_acse_dissector_not_available,
191 tvb, offset, -1);
192 }
193 return 0;
194 default:
195 return 0;
196 }
197
198 if (session->spdu_type == CLSES_UNIT_DATA) {
199 /* create display subtree for the connectionless protocol */
200 item = proto_tree_add_item(parent_tree, proto_clacse, tvb, 0, -1, ENC_NA);
201 tree = proto_item_add_subtree(item, ett_acse);
202
203 col_set_str(pinfo->cinfo, COL_PROTOCOL, "CL-ACSE");
204 col_clear(pinfo->cinfo, COL_INFO);
205 } else {
206 /* create display subtree for the protocol */
207 item = proto_tree_add_item(parent_tree, proto_acse, tvb, 0, -1, ENC_NA);
208 tree = proto_item_add_subtree(item, ett_acse);
209
210 col_set_str(pinfo->cinfo, COL_PROTOCOL, "ACSE");
211 col_clear(pinfo->cinfo, COL_INFO);
212 }
213
214 /* we can't make any additional checking here */
215 /* postpone it before dissector will have more information */
216 while (tvb_reported_length_remaining(tvb, offset) > 0) {
217 int old_offset=offset;
218 offset = dissect_acse_ACSE_apdu(FALSE, tvb, offset, &asn1_ctx, tree, -1);
219 if (offset == old_offset) {
220 proto_tree_add_expert(tree, pinfo, &ei_acse_malformed, tvb, offset, -1);
221 break;
222 }
223 }
224
225 return tvb_captured_length(tvb);
226 }
227
228 /*--- proto_register_acse ----------------------------------------------*/
229 void proto_register_acse(void) {
230
231 /* List of fields */
232 static hf_register_info hf[] = {
233 { &hf_acse_user_data,
234 { "User data", "acse.user_data",
235 FT_BYTES, BASE_NONE, NULL, 0,
236 NULL, HFILL }},
237 #include "packet-acse-hfarr.c"
238 };
239
240 /* List of subtrees */
241 static gint *ett[] = {
242 &ett_acse,
243 #include "packet-acse-ettarr.c"
244 };
245
246 static ei_register_info ei[] = {
247 { &ei_acse_dissector_not_available, { "acse.dissector_not_available", PI_UNDECODED, PI_WARN, "Dissector is not available", EXPFILL }},
248 { &ei_acse_malformed, { "acse.malformed", PI_MALFORMED, PI_ERROR, "Malformed packet", EXPFILL }},
249 { &ei_acse_invalid_oid, { "acse.invalid_oid", PI_UNDECODED, PI_WARN, "Invalid OID", EXPFILL }},
250 };
251
252 expert_module_t* expert_acse;
253
254 /* Register protocol */
255 proto_acse = proto_register_protocol(PNAME, PSNAME, PFNAME);
256 acse_handle = register_dissector("acse", dissect_acse, proto_acse);
257
258 /* Register connectionless protocol */
259 proto_clacse = proto_register_protocol(CLPNAME, CLPSNAME, CLPFNAME);
260
261
262 /* Register fields and subtrees */
263 proto_register_field_array(proto_acse, hf, array_length(hf));
264 proto_register_subtree_array(ett, array_length(ett));
265 expert_acse = expert_register_protocol(proto_acse);
266 expert_register_field_array(expert_acse, ei, array_length(ei));
267
268 #if NOT_NEEDED
269 acse_ctx_oid_table = wmem_map_new_autoreset(wmem_epan_scope(), wmem_file_scope(), acse_ctx_oid_hash,
270 acse_ctx_oid_equal);
271 #endif
272 }
273
274
275 /*--- proto_reg_handoff_acse -------------------------------------------*/
276 void proto_reg_handoff_acse(void) {
277 /*#include "packet-acse-dis-tab.c"*/
278 oid_add_from_string("id-aCSE","2.2.3.1.1");
279 register_ber_oid_dissector_handle(ACSE_APDU_OID, acse_handle, proto_acse, "id-as-acse");
280
281
282 }
283
284