1 /*XXX
2   There is a bug in asn2wrs that it can not yet handle tagged assignments such
3   as EXTERNAL  ::=  [UNIVERSAL 8] IMPLICIT SEQUENCE {
4 
5   This bug is workedaround by some .cnf magic but this should be cleaned up
6   once asn2wrs learns how to deal with tagged assignments
7 */
8 
9 /* packet-acse.c
10  * Routines for ACSE packet dissection
11  *   Ronnie Sahlberg 2005
12  * dissect_acse() based original handwritten dissector by Sid
13  *   Yuriy Sidelnikov <YSidelnikov@hotmail.com>
14  *
15  * Wireshark - Network traffic analyzer
16  * By Gerald Combs <gerald@wireshark.org>
17  * Copyright 1998 Gerald Combs
18  *
19  * SPDX-License-Identifier: GPL-2.0-or-later
20  */
21 
22 #include "config.h"
23 
24 #include <epan/packet.h>
25 #include <epan/exceptions.h>
26 #include <epan/expert.h>
27 #include <epan/oids.h>
28 #include <epan/asn1.h>
29 
30 #include "packet-ber.h"
31 #include "packet-acse.h"
32 #include "packet-ses.h"
33 #include "packet-pres.h"
34 #include "packet-x509if.h"
35 
36 #define PNAME  "ISO 8650-1 OSI Association Control Service"
37 #define PSNAME "ACSE"
38 #define PFNAME "acse"
39 
40 #define CLPNAME  "ISO 10035-1 OSI Connectionless Association Control Service"
41 #define CLPSNAME "CLACSE"
42 #define CLPFNAME "clacse"
43 
44 #define ACSE_APDU_OID "2.2.1.0.1"
45 
46 void proto_register_acse(void);
47 void proto_reg_handoff_acse(void);
48 
49 /* Initialize the protocol and registered fields */
50 int proto_acse = -1;
51 int proto_clacse = -1;
52 
53 
54 
55 #include "packet-acse-hf.c"
56 static gint hf_acse_user_data = -1;
57 
58 /* Initialize the subtree pointers */
59 static gint ett_acse = -1;
60 #include "packet-acse-ett.c"
61 
62 static expert_field ei_acse_dissector_not_available = EI_INIT;
63 static expert_field ei_acse_malformed = EI_INIT;
64 static expert_field ei_acse_invalid_oid = EI_INIT;
65 
66 static dissector_handle_t acse_handle = NULL;
67 
68 /* indirect_reference, used to pick up the signalling so we know what
69    kind of data is transferred in SES_DATA_TRANSFER_PDUs */
70 static guint32 indir_ref=0;
71 
72 #if NOT_NEEDED
73 /* to keep track of presentation context identifiers and protocol-oids */
74 typedef struct _acse_ctx_oid_t {
75 	/* XXX here we should keep track of ADDRESS/PORT as well */
76 	guint32 ctx_id;
77 	char *oid;
78 } acse_ctx_oid_t;
79 static wmem_map_t *acse_ctx_oid_table = NULL;
80 
81 static guint
82 acse_ctx_oid_hash(gconstpointer k)
83 {
84 	acse_ctx_oid_t *aco=(acse_ctx_oid_t *)k;
85 	return aco->ctx_id;
86 }
87 /* XXX this one should be made ADDRESS/PORT aware */
varray_open(int size,int expand)88 static gint
89 acse_ctx_oid_equal(gconstpointer k1, gconstpointer k2)
90 {
91 	acse_ctx_oid_t *aco1=(acse_ctx_oid_t *)k1;
92 	acse_ctx_oid_t *aco2=(acse_ctx_oid_t *)k2;
93 	return aco1->ctx_id==aco2->ctx_id;
94 }
95 
96 static void
97 register_ctx_id_and_oid(packet_info *pinfo _U_, guint32 idx, char *oid)
98 {
99 	acse_ctx_oid_t *aco, *tmpaco;
100 	aco=wmem_new(wmem_file_scope(), acse_ctx_oid_t);
101 	aco->ctx_id=idx;
102 	aco->oid=wmem_strdup(wmem_file_scope(), oid);
103 
104 	/* if this ctx already exists, remove the old one first */
105 	tmpaco=(acse_ctx_oid_t *)wmem_map_lookup(acse_ctx_oid_table, aco);
106 	if (tmpaco) {
107 		wmem_map_remove(acse_ctx_oid_table, tmpaco);
108 	}
109 	wmem_map_insert(acse_ctx_oid_table, aco, aco);
110 }
111 static char *
112 find_oid_by_ctx_id(packet_info *pinfo _U_, guint32 idx)
113 {
114 	acse_ctx_oid_t aco, *tmpaco;
varray_assign(VARRAY * vb,int index,int force)115 	aco.ctx_id=idx;
116 	tmpaco=(acse_ctx_oid_t *)wmem_map_lookup(acse_ctx_oid_table, &aco);
117 	if (tmpaco) {
118 		return tmpaco->oid;
119 	}
120 	return NULL;
121 }
122 
123 # endif /* NOT_NEEDED */
124 
125 #include "packet-acse-fn.c"
126 
127 
128 /*
129 * Dissect ACSE PDUs inside a PPDU.
130 */
131 static int
132 dissect_acse(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, void* data)
133 {
134 	int offset = 0;
135 	proto_item *item;
136 	proto_tree *tree;
137 	char *oid;
138 	struct SESSION_DATA_STRUCTURE* session;
139 	asn1_ctx_t asn1_ctx;
140 	asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
141 
142 	/* do we have spdu type from the session dissector?  */
143 	if (data == NULL) {
144 		return 0;
145 	}
146 
147 	/* first, try to check length   */
148 	/* do we have at least 2 bytes  */
149 	if (!tvb_bytes_exist(tvb, 0, 2)) {
150 		proto_tree_add_item(parent_tree, hf_acse_user_data, tvb, offset,
151 			tvb_reported_length_remaining(tvb,offset), ENC_NA);
152 		return 0;  /* no, it isn't a ACSE PDU */
153 	}
154 
155 	session = ( (struct SESSION_DATA_STRUCTURE*)data);
156 	if (session->spdu_type == 0) {
157 		if (parent_tree) {
158 			REPORT_DISSECTOR_BUG("Wrong spdu type %x from session dissector.",session->spdu_type);
varray_append(VARRAY * vb)159 			return 0;
160 		}
161 	}
162 
163 	asn1_ctx.private_data = session;
164 	/* save parent_tree so subdissectors can create new top nodes */
165 	asn1_ctx.subtree.top_tree = parent_tree;
166 
167 	/*  ACSE has only AARQ,AARE,RLRQ,RLRE,ABRT type of pdu */
168 	/*  reject everything else                              */
varray_reset(VARRAY * vb)169 	/*  data pdu is not ACSE pdu and has to go directly to app dissector */
170 	switch (session->spdu_type) {
171 	case SES_CONNECTION_REQUEST:		/*   AARQ   */
172 	case SES_CONNECTION_ACCEPT:		/*   AARE   */
173 	case SES_REFUSE:			/*   RLRE   */
174 	case SES_DISCONNECT:			/*   RLRQ   */
175 	case SES_FINISH:			/*   RLRE   */
176 	case SES_ABORT:				/*   ABRT   */
177 	case CLSES_UNIT_DATA:		/* AARQ Connectionless session */
178 		break;
179 	case SES_DATA_TRANSFER:
180 		oid=find_oid_by_pres_ctx_id(pinfo, indir_ref);
181 		if (oid) {
182 			if (strcmp(oid, ACSE_APDU_OID) == 0) {
183 				proto_tree_add_expert_format(parent_tree, pinfo, &ei_acse_invalid_oid, tvb, offset, -1,
184 				    "Invalid OID: %s", ACSE_APDU_OID);
185 			}
186 		 else {
187 			call_ber_oid_callback(oid, tvb, offset, pinfo, parent_tree, NULL);
188 		 }
189 		} else {
190 			proto_tree_add_expert(parent_tree, pinfo, &ei_acse_dissector_not_available,
191 									tvb, offset, -1);
192 		}
193 		return 0;
194 	default:
195 		return 0;
196 	}
197 
198 	if (session->spdu_type == CLSES_UNIT_DATA) {
199 		/* create display subtree for the connectionless protocol */
200 		item = proto_tree_add_item(parent_tree, proto_clacse, tvb, 0, -1, ENC_NA);
201 		tree = proto_item_add_subtree(item, ett_acse);
202 
203 		col_set_str(pinfo->cinfo, COL_PROTOCOL, "CL-ACSE");
204 		col_clear(pinfo->cinfo, COL_INFO);
205 	} else {
206 		/* create display subtree for the protocol */
207 		item = proto_tree_add_item(parent_tree, proto_acse, tvb, 0, -1, ENC_NA);
208 		tree = proto_item_add_subtree(item, ett_acse);
209 
210 		col_set_str(pinfo->cinfo, COL_PROTOCOL, "ACSE");
211 		col_clear(pinfo->cinfo, COL_INFO);
212 	}
213 
214 	/*  we can't make any additional checking here   */
215 	/*  postpone it before dissector will have more information */
216 	while (tvb_reported_length_remaining(tvb, offset) > 0) {
217 		int old_offset=offset;
218 		offset = dissect_acse_ACSE_apdu(FALSE, tvb, offset, &asn1_ctx, tree, -1);
219 		if (offset == old_offset) {
220 			proto_tree_add_expert(tree, pinfo, &ei_acse_malformed, tvb, offset, -1);
221 			break;
222 		}
223 	}
224 
225 	return tvb_captured_length(tvb);
226 }
227 
228 /*--- proto_register_acse ----------------------------------------------*/
229 void proto_register_acse(void) {
230 
231   /* List of fields */
232   static hf_register_info hf[] = {
233     { &hf_acse_user_data,
234       { "User data", "acse.user_data",
235         FT_BYTES, BASE_NONE, NULL, 0,
236         NULL, HFILL }},
237 #include "packet-acse-hfarr.c"
238   };
239 
240   /* List of subtrees */
241   static gint *ett[] = {
242     &ett_acse,
243 #include "packet-acse-ettarr.c"
244   };
245 
246   static ei_register_info ei[] = {
247      { &ei_acse_dissector_not_available, { "acse.dissector_not_available", PI_UNDECODED, PI_WARN, "Dissector is not available", EXPFILL }},
248      { &ei_acse_malformed, { "acse.malformed", PI_MALFORMED, PI_ERROR, "Malformed packet", EXPFILL }},
249      { &ei_acse_invalid_oid, { "acse.invalid_oid", PI_UNDECODED, PI_WARN, "Invalid OID", EXPFILL }},
250   };
251 
252   expert_module_t* expert_acse;
253 
254   /* Register protocol */
255   proto_acse = proto_register_protocol(PNAME, PSNAME, PFNAME);
256   acse_handle = register_dissector("acse", dissect_acse, proto_acse);
257 
258   /* Register connectionless protocol */
259   proto_clacse = proto_register_protocol(CLPNAME, CLPSNAME, CLPFNAME);
260 
261 
262   /* Register fields and subtrees */
263   proto_register_field_array(proto_acse, hf, array_length(hf));
264   proto_register_subtree_array(ett, array_length(ett));
265   expert_acse = expert_register_protocol(proto_acse);
266   expert_register_field_array(expert_acse, ei, array_length(ei));
267 
268 #if NOT_NEEDED
269   acse_ctx_oid_table = wmem_map_new_autoreset(wmem_epan_scope(), wmem_file_scope(), acse_ctx_oid_hash,
270 			acse_ctx_oid_equal);
271 #endif
272 }
273 
274 
275 /*--- proto_reg_handoff_acse -------------------------------------------*/
276 void proto_reg_handoff_acse(void) {
277 /*#include "packet-acse-dis-tab.c"*/
278 	oid_add_from_string("id-aCSE","2.2.3.1.1");
279 	register_ber_oid_dissector_handle(ACSE_APDU_OID, acse_handle, proto_acse, "id-as-acse");
280 
281 
282 }
283 
284