/src/hpn-ssh/kex-names.c

Source
/* $OpenBSD: kex-names.c,v 1.6 2025/09/02 11:08:34 djm Exp $ */
/*
 * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

#include "includes.h"

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <signal.h>

#ifdef WITH_OPENSSL
#include <openssl/crypto.h>
#include <openssl/evp.h>
#endif

#include "kex.h"
#include "log.h"
#include "match.h"
#include "digest.h"
#include "misc.h"

#include "ssherr.h"
#include "xmalloc.h"

struct kexalg {
  char *name;
  u_int type;
  int ec_nid;
  int hash_alg;
  int pq_alg;
};
static const struct kexalg kexalgs[] = {
#ifdef WITH_OPENSSL
  { KEX_DH1, KEX_DH_GRP1_SHA1, 0, SSH_DIGEST_SHA1, KEX_NOT_PQ },
  { KEX_DH14_SHA1, KEX_DH_GRP14_SHA1, 0, SSH_DIGEST_SHA1, KEX_NOT_PQ },
  { KEX_DH14_SHA256, KEX_DH_GRP14_SHA256, 0, SSH_DIGEST_SHA256, KEX_NOT_PQ },
  { KEX_DH16_SHA512, KEX_DH_GRP16_SHA512, 0, SSH_DIGEST_SHA512, KEX_NOT_PQ },
  { KEX_DH18_SHA512, KEX_DH_GRP18_SHA512, 0, SSH_DIGEST_SHA512, KEX_NOT_PQ },
  { KEX_DHGEX_SHA1, KEX_DH_GEX_SHA1, 0, SSH_DIGEST_SHA1, KEX_NOT_PQ },
#ifdef HAVE_EVP_SHA256
  { KEX_DHGEX_SHA256, KEX_DH_GEX_SHA256, 0, SSH_DIGEST_SHA256, KEX_NOT_PQ },
#endif /* HAVE_EVP_SHA256 */
#ifdef OPENSSL_HAS_ECC
  { KEX_ECDH_SHA2_NISTP256, KEX_ECDH_SHA2,
      NID_X9_62_prime256v1, SSH_DIGEST_SHA256, KEX_NOT_PQ },
  { KEX_ECDH_SHA2_NISTP384, KEX_ECDH_SHA2, NID_secp384r1,
      SSH_DIGEST_SHA384, KEX_NOT_PQ },
# ifdef OPENSSL_HAS_NISTP521
  { KEX_ECDH_SHA2_NISTP521, KEX_ECDH_SHA2, NID_secp521r1,
      SSH_DIGEST_SHA512, KEX_NOT_PQ },
# endif /* OPENSSL_HAS_NISTP521 */
#endif /* OPENSSL_HAS_ECC */
#endif /* WITH_OPENSSL */
#if defined(HAVE_EVP_SHA256) || !defined(WITH_OPENSSL)
  { KEX_CURVE25519_SHA256, KEX_C25519_SHA256, 0, SSH_DIGEST_SHA256, KEX_NOT_PQ },
  { KEX_CURVE25519_SHA256_OLD, KEX_C25519_SHA256, 0, SSH_DIGEST_SHA256, KEX_NOT_PQ },
#ifdef USE_SNTRUP761X25519
  { KEX_SNTRUP761X25519_SHA512, KEX_KEM_SNTRUP761X25519_SHA512, 0,
      SSH_DIGEST_SHA512, KEX_IS_PQ },
  { KEX_SNTRUP761X25519_SHA512_OLD, KEX_KEM_SNTRUP761X25519_SHA512, 0,
      SSH_DIGEST_SHA512, KEX_IS_PQ },
#endif
#ifdef USE_MLKEM768X25519
  { KEX_MLKEM768X25519_SHA256, KEX_KEM_MLKEM768X25519_SHA256, 0,
      SSH_DIGEST_SHA256, KEX_IS_PQ },
#endif
#endif /* HAVE_EVP_SHA256 || !WITH_OPENSSL */
  { NULL, 0, -1, -1, 0 },
};

char *
kex_alg_list(char sep)
{
  char *ret = NULL;
  const struct kexalg *k;
  char sep_str[2] = {sep, '\0'};

  for (k = kexalgs; k->name != NULL; k++)
    xextendf(&ret, sep_str, "%s", k->name);

  return ret;
}

static const struct kexalg *
kex_alg_by_name(const char *name)
{
  const struct kexalg *k;

  for (k = kexalgs; k->name != NULL; k++) {
    if (strcmp(k->name, name) == 0)
      return k;
  }
  return NULL;
}

int
kex_name_valid(const char *name)
{
  return kex_alg_by_name(name) != NULL;
}

int
kex_is_pq_from_name(const char *name)
{
  const struct kexalg *k;

  if ((k = kex_alg_by_name(name)) == NULL)
    return 0;
  return k->pq_alg == KEX_IS_PQ;
}

u_int
kex_type_from_name(const char *name)
{
  const struct kexalg *k;

  if ((k = kex_alg_by_name(name)) == NULL)
    return 0;
  return k->type;
}

int
kex_hash_from_name(const char *name)
{
  const struct kexalg *k;

  if ((k = kex_alg_by_name(name)) == NULL)
    return -1;
  return k->hash_alg;
}

int
kex_nid_from_name(const char *name)
{
  const struct kexalg *k;

  if ((k = kex_alg_by_name(name)) == NULL)
    return -1;
  return k->ec_nid;
}

/* Validate KEX method name list */
int
kex_names_valid(const char *names)
{
  char *s, *cp, *p;

  if (names == NULL || strcmp(names, "") == 0)
    return 0;
  if ((s = cp = strdup(names)) == NULL)
    return 0;
  for ((p = strsep(&cp, ",")); p && *p != '\0';
      (p = strsep(&cp, ","))) {
    if (kex_alg_by_name(p) == NULL) {
      error("Unsupported KEX algorithm \"%.100s\"", p);
      free(s);
      return 0;
    }
  }
  debug3("kex names ok: [%s]", names);
  free(s);
  return 1;
}

/* returns non-zero if proposal contains any algorithm from algs */
int
kex_has_any_alg(const char *proposal, const char *algs)
{
  char *cp;

  if ((cp = match_list(proposal, algs, NULL)) == NULL)
    return 0;
  free(cp);
  return 1;
}

/*
 * Concatenate algorithm names, avoiding duplicates in the process.
 * Caller must free returned string.
 */
char *
kex_names_cat(const char *a, const char *b)
{
  char *ret = NULL, *tmp = NULL, *cp, *p;
  size_t len;

  if (a == NULL || *a == '\0')
    return strdup(b);
  if (b == NULL || *b == '\0')
    return strdup(a);
  if (strlen(b) > 1024*1024)
    return NULL;
  len = strlen(a) + strlen(b) + 2;
  if ((tmp = cp = strdup(b)) == NULL ||
      (ret = calloc(1, len)) == NULL) {
    free(tmp);
    return NULL;
  }
  strlcpy(ret, a, len);
  for ((p = strsep(&cp, ",")); p && *p != '\0'; (p = strsep(&cp, ","))) {
    if (kex_has_any_alg(ret, p))
      continue; /* Algorithm already present */
    if (strlcat(ret, ",", len) >= len ||
        strlcat(ret, p, len) >= len) {
      free(tmp);
      free(ret);
      return NULL; /* Shouldn't happen */
    }
  }
  free(tmp);
  return ret;
}

/*
 * Assemble a list of algorithms from a default list and a string from a
 * configuration file. The user-provided string may begin with '+' to
 * indicate that it should be appended to the default, '-' that the
 * specified names should be removed, or '^' that they should be placed
 * at the head.
 */
int
kex_assemble_names(char **listp, const char *def, const char *all)
{
  char *cp, *tmp, *patterns;
  char *list = NULL, *ret = NULL, *matching = NULL, *opatterns = NULL;
  int r = SSH_ERR_INTERNAL_ERROR;

  if (listp == NULL || def == NULL || all == NULL)
    return SSH_ERR_INVALID_ARGUMENT;

  if (*listp == NULL || **listp == '\0') {
    if ((*listp = strdup(def)) == NULL)
      return SSH_ERR_ALLOC_FAIL;
    return 0;
  }

  list = *listp;
  *listp = NULL;
  if (*list == '+') {
    /* Append names to default list */
    if ((tmp = kex_names_cat(def, list + 1)) == NULL) {
      r = SSH_ERR_ALLOC_FAIL;
      goto fail;
    }
    free(list);
    list = tmp;
  } else if (*list == '-') {
    /* Remove names from default list */
    if ((*listp = match_filter_denylist(def, list + 1)) == NULL) {
      r = SSH_ERR_ALLOC_FAIL;
      goto fail;
    }
    free(list);
    /* filtering has already been done */
    return 0;
  } else if (*list == '^') {
    /* Place names at head of default list */
    if ((tmp = kex_names_cat(list + 1, def)) == NULL) {
      r = SSH_ERR_ALLOC_FAIL;
      goto fail;
    }
    free(list);
    list = tmp;
  } else {
    /* Explicit list, overrides default - just use "list" as is */
  }

  /*
   * The supplied names may be a pattern-list. For the -list case,
   * the patterns are applied above. For the +list and explicit list
   * cases we need to do it now.
   */
  ret = NULL;
  if ((patterns = opatterns = strdup(list)) == NULL) {
    r = SSH_ERR_ALLOC_FAIL;
    goto fail;
  }
  /* Apply positive (i.e. non-negated) patterns from the list */
  while ((cp = strsep(&patterns, ",")) != NULL) {
    if (*cp == '!') {
      /* negated matches are not supported here */
      r = SSH_ERR_INVALID_ARGUMENT;
      goto fail;
    }
    free(matching);
    if ((matching = match_filter_allowlist(all, cp)) == NULL) {
      r = SSH_ERR_ALLOC_FAIL;
      goto fail;
    }
    if ((tmp = kex_names_cat(ret, matching)) == NULL) {
      r = SSH_ERR_ALLOC_FAIL;
      goto fail;
    }
    free(ret);
    ret = tmp;
  }
  if (ret == NULL || *ret == '\0') {
    /* An empty name-list is an error */
    /* XXX better error code? */
    r = SSH_ERR_INVALID_ARGUMENT;
    goto fail;
  }

  /* success */
  *listp = ret;
  ret = NULL;
  r = 0;

 fail:
  free(matching);
  free(opatterns);
  free(list);
  free(ret);
  return r;
}

Coverage Report

Created: 2025-12-14 06:20

Line	Count	Source
1		/* $OpenBSD: kex-names.c,v 1.6 2025/09/02 11:08:34 djm Exp $ */
2		/*
3		* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
4		*
5		* Redistribution and use in source and binary forms, with or without
6		* modification, are permitted provided that the following conditions
7		* are met:
8		* 1. Redistributions of source code must retain the above copyright
9		* notice, this list of conditions and the following disclaimer.
10		* 2. Redistributions in binary form must reproduce the above copyright
11		* notice, this list of conditions and the following disclaimer in the
12		* documentation and/or other materials provided with the distribution.
13		*
14		* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15		* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16		* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17		* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
18		* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19		* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20		* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21		* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22		* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23		* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24		*/
25
26		#include "includes.h"
27
28		#include <stdio.h>
29		#include <stdlib.h>
30		#include <string.h>
31		#include <unistd.h>
32		#include <signal.h>
33
34		#ifdef WITH_OPENSSL
35		#include <openssl/crypto.h>
36		#include <openssl/evp.h>
37		#endif
38
39		#include "kex.h"
40		#include "log.h"
41		#include "match.h"
42		#include "digest.h"
43		#include "misc.h"
44
45		#include "ssherr.h"
46		#include "xmalloc.h"
47
48		struct kexalg {
49		char *name;
50		u_int type;
51		int ec_nid;
52		int hash_alg;
53		int pq_alg;
54		};
55		static const struct kexalg kexalgs[] = {
56		#ifdef WITH_OPENSSL
57		{ KEX_DH1, KEX_DH_GRP1_SHA1, 0, SSH_DIGEST_SHA1, KEX_NOT_PQ },
58		{ KEX_DH14_SHA1, KEX_DH_GRP14_SHA1, 0, SSH_DIGEST_SHA1, KEX_NOT_PQ },
59		{ KEX_DH14_SHA256, KEX_DH_GRP14_SHA256, 0, SSH_DIGEST_SHA256, KEX_NOT_PQ },
60		{ KEX_DH16_SHA512, KEX_DH_GRP16_SHA512, 0, SSH_DIGEST_SHA512, KEX_NOT_PQ },
61		{ KEX_DH18_SHA512, KEX_DH_GRP18_SHA512, 0, SSH_DIGEST_SHA512, KEX_NOT_PQ },
62		{ KEX_DHGEX_SHA1, KEX_DH_GEX_SHA1, 0, SSH_DIGEST_SHA1, KEX_NOT_PQ },
63		#ifdef HAVE_EVP_SHA256
64		{ KEX_DHGEX_SHA256, KEX_DH_GEX_SHA256, 0, SSH_DIGEST_SHA256, KEX_NOT_PQ },
65		#endif /* HAVE_EVP_SHA256 */
66		#ifdef OPENSSL_HAS_ECC
67		{ KEX_ECDH_SHA2_NISTP256, KEX_ECDH_SHA2,
68		NID_X9_62_prime256v1, SSH_DIGEST_SHA256, KEX_NOT_PQ },
69		{ KEX_ECDH_SHA2_NISTP384, KEX_ECDH_SHA2, NID_secp384r1,
70		SSH_DIGEST_SHA384, KEX_NOT_PQ },
71		# ifdef OPENSSL_HAS_NISTP521
72		{ KEX_ECDH_SHA2_NISTP521, KEX_ECDH_SHA2, NID_secp521r1,
73		SSH_DIGEST_SHA512, KEX_NOT_PQ },
74		# endif /* OPENSSL_HAS_NISTP521 */
75		#endif /* OPENSSL_HAS_ECC */
76		#endif /* WITH_OPENSSL */
77		#if defined(HAVE_EVP_SHA256) \|\| !defined(WITH_OPENSSL)
78		{ KEX_CURVE25519_SHA256, KEX_C25519_SHA256, 0, SSH_DIGEST_SHA256, KEX_NOT_PQ },
79		{ KEX_CURVE25519_SHA256_OLD, KEX_C25519_SHA256, 0, SSH_DIGEST_SHA256, KEX_NOT_PQ },
80		#ifdef USE_SNTRUP761X25519
81		{ KEX_SNTRUP761X25519_SHA512, KEX_KEM_SNTRUP761X25519_SHA512, 0,
82		SSH_DIGEST_SHA512, KEX_IS_PQ },
83		{ KEX_SNTRUP761X25519_SHA512_OLD, KEX_KEM_SNTRUP761X25519_SHA512, 0,
84		SSH_DIGEST_SHA512, KEX_IS_PQ },
85		#endif
86		#ifdef USE_MLKEM768X25519
87		{ KEX_MLKEM768X25519_SHA256, KEX_KEM_MLKEM768X25519_SHA256, 0,
88		SSH_DIGEST_SHA256, KEX_IS_PQ },
89		#endif
90		#endif /* HAVE_EVP_SHA256 \|\| !WITH_OPENSSL */
91		{ NULL, 0, -1, -1, 0 },
92		};
93
94		char *
95		kex_alg_list(char sep)
96	0	{
97	0	char *ret = NULL;
98	0	const struct kexalg *k;
99	0	char sep_str[2] = {sep, '\0'};
100
101	0	for (k = kexalgs; k->name != NULL; k++)
102	0	xextendf(&ret, sep_str, "%s", k->name);
103
104	0	return ret;
105	0	}
106
107		static const struct kexalg *
108		kex_alg_by_name(const char *name)
109	1.44k	{
110	1.44k	const struct kexalg *k;
111
112	11.0k	for (k = kexalgs; k->name != NULL; k++) {
113	10.9k	if (strcmp(k->name, name) == 0)
114	1.30k	return k;
115	10.9k	}
116	135	return NULL;
117	1.44k	}
118
119		int
120		kex_name_valid(const char *name)
121	462	{
122	462	return kex_alg_by_name(name) != NULL;
123	462	}
124
125		int
126		kex_is_pq_from_name(const char *name)
127	0	{
128	0	const struct kexalg *k;
129
130	0	if ((k = kex_alg_by_name(name)) == NULL)
131	0	return 0;
132	0	return k->pq_alg == KEX_IS_PQ;
133	0	}
134
135		u_int
136		kex_type_from_name(const char *name)
137	327	{
138	327	const struct kexalg *k;
139
140	327	if ((k = kex_alg_by_name(name)) == NULL)
141	0	return 0;
142	327	return k->type;
143	327	}
144
145		int
146		kex_hash_from_name(const char *name)
147	327	{
148	327	const struct kexalg *k;
149
150	327	if ((k = kex_alg_by_name(name)) == NULL)
151	0	return -1;
152	327	return k->hash_alg;
153	327	}
154
155		int
156		kex_nid_from_name(const char *name)
157	327	{
158	327	const struct kexalg *k;
159
160	327	if ((k = kex_alg_by_name(name)) == NULL)
161	0	return -1;
162	327	return k->ec_nid;
163	327	}
164
165		/* Validate KEX method name list */
166		int
167		kex_names_valid(const char *names)
168	0	{
169	0	char s, cp, *p;
170
171	0	if (names == NULL \|\| strcmp(names, "") == 0)
172	0	return 0;
173	0	if ((s = cp = strdup(names)) == NULL)
174	0	return 0;
175	0	for ((p = strsep(&cp, ",")); p && *p != '\0';
176	0	(p = strsep(&cp, ","))) {
177	0	if (kex_alg_by_name(p) == NULL) {
178	0	error("Unsupported KEX algorithm \"%.100s\"", p);
179	0	free(s);
180	0	return 0;
181	0	}
182	0	}
183	0	debug3("kex names ok: [%s]", names);
184	0	free(s);
185	0	return 1;
186	0	}
187
188		/* returns non-zero if proposal contains any algorithm from algs */
189		int
190		kex_has_any_alg(const char proposal, const char algs)
191	125k	{
192	125k	char *cp;
193
194	125k	if ((cp = match_list(proposal, algs, NULL)) == NULL)
195	124k	return 0;
196	165	free(cp);
197	165	return 1;
198	125k	}
199
200		/*
201		* Concatenate algorithm names, avoiding duplicates in the process.
202		* Caller must free returned string.
203		*/
204		char *
205		kex_names_cat(const char a, const char b)
206	57.6k	{
207	57.6k	char ret = NULL, tmp = NULL, cp, p;
208	57.6k	size_t len;
209
210	57.6k	if (a == NULL \|\| *a == '\0')
211	0	return strdup(b);
212	57.6k	if (b == NULL \|\| *b == '\0')
213	0	return strdup(a);
214	57.6k	if (strlen(b) > 1024*1024)
215	0	return NULL;
216	57.6k	len = strlen(a) + strlen(b) + 2;
217	57.6k	if ((tmp = cp = strdup(b)) == NULL \|\|
218	57.6k	(ret = calloc(1, len)) == NULL) {
219	0	free(tmp);
220	0	return NULL;
221	0	}
222	57.6k	strlcpy(ret, a, len);
223	172k	for ((p = strsep(&cp, ",")); p && *p != '\0'; (p = strsep(&cp, ","))) {
224	115k	if (kex_has_any_alg(ret, p))
225	0	continue; /* Algorithm already present */
226	115k	if (strlcat(ret, ",", len) >= len \|\|
227	115k	strlcat(ret, p, len) >= len) {
228	0	free(tmp);
229	0	free(ret);
230	0	return NULL; /* Shouldn't happen */
231	0	}
232	115k	}
233	57.6k	free(tmp);
234	57.6k	return ret;
235	57.6k	}
236
237		/*
238		* Assemble a list of algorithms from a default list and a string from a
239		* configuration file. The user-provided string may begin with '+' to
240		* indicate that it should be appended to the default, '-' that the
241		* specified names should be removed, or '^' that they should be placed
242		* at the head.
243		*/
244		int
245		kex_assemble_names(char *listp, const char def, const char *all)
246	0	{
247	0	char cp, tmp, *patterns;
248	0	char list = NULL, ret = NULL, matching = NULL, opatterns = NULL;
249	0	int r = SSH_ERR_INTERNAL_ERROR;
250
251	0	if (listp == NULL \|\| def == NULL \|\| all == NULL)
252	0	return SSH_ERR_INVALID_ARGUMENT;
253
254	0	if (listp == NULL \|\| *listp == '\0') {
255	0	if ((*listp = strdup(def)) == NULL)
256	0	return SSH_ERR_ALLOC_FAIL;
257	0	return 0;
258	0	}
259
260	0	list = *listp;
261	0	*listp = NULL;
262	0	if (*list == '+') {
263		/* Append names to default list */
264	0	if ((tmp = kex_names_cat(def, list + 1)) == NULL) {
265	0	r = SSH_ERR_ALLOC_FAIL;
266	0	goto fail;
267	0	}
268	0	free(list);
269	0	list = tmp;
270	0	} else if (*list == '-') {
271		/* Remove names from default list */
272	0	if ((*listp = match_filter_denylist(def, list + 1)) == NULL) {
273	0	r = SSH_ERR_ALLOC_FAIL;
274	0	goto fail;
275	0	}
276	0	free(list);
277		/* filtering has already been done */
278	0	return 0;
279	0	} else if (*list == '^') {
280		/* Place names at head of default list */
281	0	if ((tmp = kex_names_cat(list + 1, def)) == NULL) {
282	0	r = SSH_ERR_ALLOC_FAIL;
283	0	goto fail;
284	0	}
285	0	free(list);
286	0	list = tmp;
287	0	} else {
288		/* Explicit list, overrides default - just use "list" as is */
289	0	}
290
291		/*
292		* The supplied names may be a pattern-list. For the -list case,
293		* the patterns are applied above. For the +list and explicit list
294		* cases we need to do it now.
295		*/
296	0	ret = NULL;
297	0	if ((patterns = opatterns = strdup(list)) == NULL) {
298	0	r = SSH_ERR_ALLOC_FAIL;
299	0	goto fail;
300	0	}
301		/* Apply positive (i.e. non-negated) patterns from the list */
302	0	while ((cp = strsep(&patterns, ",")) != NULL) {
303	0	if (*cp == '!') {
304		/* negated matches are not supported here */
305	0	r = SSH_ERR_INVALID_ARGUMENT;
306	0	goto fail;
307	0	}
308	0	free(matching);
309	0	if ((matching = match_filter_allowlist(all, cp)) == NULL) {
310	0	r = SSH_ERR_ALLOC_FAIL;
311	0	goto fail;
312	0	}
313	0	if ((tmp = kex_names_cat(ret, matching)) == NULL) {
314	0	r = SSH_ERR_ALLOC_FAIL;
315	0	goto fail;
316	0	}
317	0	free(ret);
318	0	ret = tmp;
319	0	}
320	0	if (ret == NULL \|\| *ret == '\0') {
321		/* An empty name-list is an error */
322		/* XXX better error code? */
323	0	r = SSH_ERR_INVALID_ARGUMENT;
324	0	goto fail;
325	0	}
326
327		/* success */
328	0	*listp = ret;
329	0	ret = NULL;
330	0	r = 0;
331
332	0	fail:
333	0	free(matching);
334	0	free(opatterns);
335	0	free(list);
336	0	free(ret);
337	0	return r;
338	0	}