/src/openssh/kex-names.c

Source (jump to first uncovered line)
/* $OpenBSD: kex-names.c,v 1.5 2025/08/11 10:55:38 djm Exp $ */
/*
 * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

#include "includes.h"

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <signal.h>

#ifdef WITH_OPENSSL
#include <openssl/crypto.h>
#include <openssl/evp.h>
#endif

#include "kex.h"
#include "log.h"
#include "match.h"
#include "digest.h"
#include "misc.h"

#include "ssherr.h"
#include "xmalloc.h"

struct kexalg {
  char *name;
  u_int type;
  int ec_nid;
  int hash_alg;
  int pq_alg;
};
static const struct kexalg kexalgs[] = {
#ifdef WITH_OPENSSL
  { KEX_DH1, KEX_DH_GRP1_SHA1, 0, SSH_DIGEST_SHA1, KEX_NOT_PQ },
  { KEX_DH14_SHA1, KEX_DH_GRP14_SHA1, 0, SSH_DIGEST_SHA1, KEX_NOT_PQ },
  { KEX_DH14_SHA256, KEX_DH_GRP14_SHA256, 0, SSH_DIGEST_SHA256, KEX_NOT_PQ },
  { KEX_DH16_SHA512, KEX_DH_GRP16_SHA512, 0, SSH_DIGEST_SHA512, KEX_NOT_PQ },
  { KEX_DH18_SHA512, KEX_DH_GRP18_SHA512, 0, SSH_DIGEST_SHA512, KEX_NOT_PQ },
  { KEX_DHGEX_SHA1, KEX_DH_GEX_SHA1, 0, SSH_DIGEST_SHA1, KEX_NOT_PQ },
#ifdef HAVE_EVP_SHA256
  { KEX_DHGEX_SHA256, KEX_DH_GEX_SHA256, 0, SSH_DIGEST_SHA256, KEX_NOT_PQ },
#endif /* HAVE_EVP_SHA256 */
#ifdef OPENSSL_HAS_ECC
  { KEX_ECDH_SHA2_NISTP256, KEX_ECDH_SHA2,
      NID_X9_62_prime256v1, SSH_DIGEST_SHA256, KEX_NOT_PQ },
  { KEX_ECDH_SHA2_NISTP384, KEX_ECDH_SHA2, NID_secp384r1,
      SSH_DIGEST_SHA384, KEX_NOT_PQ },
# ifdef OPENSSL_HAS_NISTP521
  { KEX_ECDH_SHA2_NISTP521, KEX_ECDH_SHA2, NID_secp521r1,
      SSH_DIGEST_SHA512, KEX_NOT_PQ },
# endif /* OPENSSL_HAS_NISTP521 */
#endif /* OPENSSL_HAS_ECC */
#endif /* WITH_OPENSSL */
#if defined(HAVE_EVP_SHA256) || !defined(WITH_OPENSSL)
  { KEX_CURVE25519_SHA256, KEX_C25519_SHA256, 0, SSH_DIGEST_SHA256, KEX_NOT_PQ },
  { KEX_CURVE25519_SHA256_OLD, KEX_C25519_SHA256, 0, SSH_DIGEST_SHA256, KEX_NOT_PQ },
#ifdef USE_SNTRUP761X25519
  { KEX_SNTRUP761X25519_SHA512, KEX_KEM_SNTRUP761X25519_SHA512, 0,
      SSH_DIGEST_SHA512, KEX_IS_PQ },
  { KEX_SNTRUP761X25519_SHA512_OLD, KEX_KEM_SNTRUP761X25519_SHA512, 0,
      SSH_DIGEST_SHA512, KEX_IS_PQ },
#endif
#ifdef USE_MLKEM768X25519
  { KEX_MLKEM768X25519_SHA256, KEX_KEM_MLKEM768X25519_SHA256, 0,
      SSH_DIGEST_SHA256, KEX_IS_PQ },
#endif
#endif /* HAVE_EVP_SHA256 || !WITH_OPENSSL */
  { NULL, 0, -1, -1, 0 },
};

char *
kex_alg_list(char sep)
{
  char *ret = NULL, *tmp;
  size_t nlen, rlen = 0;
  const struct kexalg *k;

  for (k = kexalgs; k->name != NULL; k++) {
    if (ret != NULL)
      ret[rlen++] = sep;
    nlen = strlen(k->name);
    if ((tmp = realloc(ret, rlen + nlen + 2)) == NULL) {
      free(ret);
      return NULL;
    }
    ret = tmp;
    memcpy(ret + rlen, k->name, nlen + 1);
    rlen += nlen;
  }
  return ret;
}

static const struct kexalg *
kex_alg_by_name(const char *name)
{
  const struct kexalg *k;

  for (k = kexalgs; k->name != NULL; k++) {
    if (strcmp(k->name, name) == 0)
      return k;
  }
  return NULL;
}

int
kex_name_valid(const char *name)
{
  return kex_alg_by_name(name) != NULL;
}

int
kex_is_pq_from_name(const char *name)
{
  const struct kexalg *k;

  if ((k = kex_alg_by_name(name)) == NULL)
    return 0;
  return k->pq_alg == KEX_IS_PQ;
}

u_int
kex_type_from_name(const char *name)
{
  const struct kexalg *k;

  if ((k = kex_alg_by_name(name)) == NULL)
    return 0;
  return k->type;
}

int
kex_hash_from_name(const char *name)
{
  const struct kexalg *k;

  if ((k = kex_alg_by_name(name)) == NULL)
    return -1;
  return k->hash_alg;
}

int
kex_nid_from_name(const char *name)
{
  const struct kexalg *k;

  if ((k = kex_alg_by_name(name)) == NULL)
    return -1;
  return k->ec_nid;
}

/* Validate KEX method name list */
int
kex_names_valid(const char *names)
{
  char *s, *cp, *p;

  if (names == NULL || strcmp(names, "") == 0)
    return 0;
  if ((s = cp = strdup(names)) == NULL)
    return 0;
  for ((p = strsep(&cp, ",")); p && *p != '\0';
      (p = strsep(&cp, ","))) {
    if (kex_alg_by_name(p) == NULL) {
      error("Unsupported KEX algorithm \"%.100s\"", p);
      free(s);
      return 0;
    }
  }
  debug3("kex names ok: [%s]", names);
  free(s);
  return 1;
}

/* returns non-zero if proposal contains any algorithm from algs */
int
kex_has_any_alg(const char *proposal, const char *algs)
{
  char *cp;

  if ((cp = match_list(proposal, algs, NULL)) == NULL)
    return 0;
  free(cp);
  return 1;
}

/*
 * Concatenate algorithm names, avoiding duplicates in the process.
 * Caller must free returned string.
 */
char *
kex_names_cat(const char *a, const char *b)
{
  char *ret = NULL, *tmp = NULL, *cp, *p;
  size_t len;

  if (a == NULL || *a == '\0')
    return strdup(b);
  if (b == NULL || *b == '\0')
    return strdup(a);
  if (strlen(b) > 1024*1024)
    return NULL;
  len = strlen(a) + strlen(b) + 2;
  if ((tmp = cp = strdup(b)) == NULL ||
      (ret = calloc(1, len)) == NULL) {
    free(tmp);
    return NULL;
  }
  strlcpy(ret, a, len);
  for ((p = strsep(&cp, ",")); p && *p != '\0'; (p = strsep(&cp, ","))) {
    if (kex_has_any_alg(ret, p))
      continue; /* Algorithm already present */
    if (strlcat(ret, ",", len) >= len ||
        strlcat(ret, p, len) >= len) {
      free(tmp);
      free(ret);
      return NULL; /* Shouldn't happen */
    }
  }
  free(tmp);
  return ret;
}

/*
 * Assemble a list of algorithms from a default list and a string from a
 * configuration file. The user-provided string may begin with '+' to
 * indicate that it should be appended to the default, '-' that the
 * specified names should be removed, or '^' that they should be placed
 * at the head.
 */
int
kex_assemble_names(char **listp, const char *def, const char *all)
{
  char *cp, *tmp, *patterns;
  char *list = NULL, *ret = NULL, *matching = NULL, *opatterns = NULL;
  int r = SSH_ERR_INTERNAL_ERROR;

  if (listp == NULL || def == NULL || all == NULL)
    return SSH_ERR_INVALID_ARGUMENT;

  if (*listp == NULL || **listp == '\0') {
    if ((*listp = strdup(def)) == NULL)
      return SSH_ERR_ALLOC_FAIL;
    return 0;
  }

  list = *listp;
  *listp = NULL;
  if (*list == '+') {
    /* Append names to default list */
    if ((tmp = kex_names_cat(def, list + 1)) == NULL) {
      r = SSH_ERR_ALLOC_FAIL;
      goto fail;
    }
    free(list);
    list = tmp;
  } else if (*list == '-') {
    /* Remove names from default list */
    if ((*listp = match_filter_denylist(def, list + 1)) == NULL) {
      r = SSH_ERR_ALLOC_FAIL;
      goto fail;
    }
    free(list);
    /* filtering has already been done */
    return 0;
  } else if (*list == '^') {
    /* Place names at head of default list */
    if ((tmp = kex_names_cat(list + 1, def)) == NULL) {
      r = SSH_ERR_ALLOC_FAIL;
      goto fail;
    }
    free(list);
    list = tmp;
  } else {
    /* Explicit list, overrides default - just use "list" as is */
  }

  /*
   * The supplied names may be a pattern-list. For the -list case,
   * the patterns are applied above. For the +list and explicit list
   * cases we need to do it now.
   */
  ret = NULL;
  if ((patterns = opatterns = strdup(list)) == NULL) {
    r = SSH_ERR_ALLOC_FAIL;
    goto fail;
  }
  /* Apply positive (i.e. non-negated) patterns from the list */
  while ((cp = strsep(&patterns, ",")) != NULL) {
    if (*cp == '!') {
      /* negated matches are not supported here */
      r = SSH_ERR_INVALID_ARGUMENT;
      goto fail;
    }
    free(matching);
    if ((matching = match_filter_allowlist(all, cp)) == NULL) {
      r = SSH_ERR_ALLOC_FAIL;
      goto fail;
    }
    if ((tmp = kex_names_cat(ret, matching)) == NULL) {
      r = SSH_ERR_ALLOC_FAIL;
      goto fail;
    }
    free(ret);
    ret = tmp;
  }
  if (ret == NULL || *ret == '\0') {
    /* An empty name-list is an error */
    /* XXX better error code? */
    r = SSH_ERR_INVALID_ARGUMENT;
    goto fail;
  }

  /* success */
  *listp = ret;
  ret = NULL;
  r = 0;

 fail:
  free(matching);
  free(opatterns);
  free(list);
  free(ret);
  return r;
}

Coverage Report

Created: 2025-08-26 06:33

Line	Count	Source (jump to first uncovered line)
1		/* $OpenBSD: kex-names.c,v 1.5 2025/08/11 10:55:38 djm Exp $ */
2		/*
3		* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
4		*
5		* Redistribution and use in source and binary forms, with or without
6		* modification, are permitted provided that the following conditions
7		* are met:
8		* 1. Redistributions of source code must retain the above copyright
9		* notice, this list of conditions and the following disclaimer.
10		* 2. Redistributions in binary form must reproduce the above copyright
11		* notice, this list of conditions and the following disclaimer in the
12		* documentation and/or other materials provided with the distribution.
13		*
14		* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15		* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16		* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17		* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
18		* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19		* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20		* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21		* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22		* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23		* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24		*/
25
26		#include "includes.h"
27
28		#include <stdio.h>
29		#include <stdlib.h>
30		#include <string.h>
31		#include <unistd.h>
32		#include <signal.h>
33
34		#ifdef WITH_OPENSSL
35		#include <openssl/crypto.h>
36		#include <openssl/evp.h>
37		#endif
38
39		#include "kex.h"
40		#include "log.h"
41		#include "match.h"
42		#include "digest.h"
43		#include "misc.h"
44
45		#include "ssherr.h"
46		#include "xmalloc.h"
47
48		struct kexalg {
49		char *name;
50		u_int type;
51		int ec_nid;
52		int hash_alg;
53		int pq_alg;
54		};
55		static const struct kexalg kexalgs[] = {
56		#ifdef WITH_OPENSSL
57		{ KEX_DH1, KEX_DH_GRP1_SHA1, 0, SSH_DIGEST_SHA1, KEX_NOT_PQ },
58		{ KEX_DH14_SHA1, KEX_DH_GRP14_SHA1, 0, SSH_DIGEST_SHA1, KEX_NOT_PQ },
59		{ KEX_DH14_SHA256, KEX_DH_GRP14_SHA256, 0, SSH_DIGEST_SHA256, KEX_NOT_PQ },
60		{ KEX_DH16_SHA512, KEX_DH_GRP16_SHA512, 0, SSH_DIGEST_SHA512, KEX_NOT_PQ },
61		{ KEX_DH18_SHA512, KEX_DH_GRP18_SHA512, 0, SSH_DIGEST_SHA512, KEX_NOT_PQ },
62		{ KEX_DHGEX_SHA1, KEX_DH_GEX_SHA1, 0, SSH_DIGEST_SHA1, KEX_NOT_PQ },
63		#ifdef HAVE_EVP_SHA256
64		{ KEX_DHGEX_SHA256, KEX_DH_GEX_SHA256, 0, SSH_DIGEST_SHA256, KEX_NOT_PQ },
65		#endif /* HAVE_EVP_SHA256 */
66		#ifdef OPENSSL_HAS_ECC
67		{ KEX_ECDH_SHA2_NISTP256, KEX_ECDH_SHA2,
68		NID_X9_62_prime256v1, SSH_DIGEST_SHA256, KEX_NOT_PQ },
69		{ KEX_ECDH_SHA2_NISTP384, KEX_ECDH_SHA2, NID_secp384r1,
70		SSH_DIGEST_SHA384, KEX_NOT_PQ },
71		# ifdef OPENSSL_HAS_NISTP521
72		{ KEX_ECDH_SHA2_NISTP521, KEX_ECDH_SHA2, NID_secp521r1,
73		SSH_DIGEST_SHA512, KEX_NOT_PQ },
74		# endif /* OPENSSL_HAS_NISTP521 */
75		#endif /* OPENSSL_HAS_ECC */
76		#endif /* WITH_OPENSSL */
77		#if defined(HAVE_EVP_SHA256) \|\| !defined(WITH_OPENSSL)
78		{ KEX_CURVE25519_SHA256, KEX_C25519_SHA256, 0, SSH_DIGEST_SHA256, KEX_NOT_PQ },
79		{ KEX_CURVE25519_SHA256_OLD, KEX_C25519_SHA256, 0, SSH_DIGEST_SHA256, KEX_NOT_PQ },
80		#ifdef USE_SNTRUP761X25519
81		{ KEX_SNTRUP761X25519_SHA512, KEX_KEM_SNTRUP761X25519_SHA512, 0,
82		SSH_DIGEST_SHA512, KEX_IS_PQ },
83		{ KEX_SNTRUP761X25519_SHA512_OLD, KEX_KEM_SNTRUP761X25519_SHA512, 0,
84		SSH_DIGEST_SHA512, KEX_IS_PQ },
85		#endif
86		#ifdef USE_MLKEM768X25519
87		{ KEX_MLKEM768X25519_SHA256, KEX_KEM_MLKEM768X25519_SHA256, 0,
88		SSH_DIGEST_SHA256, KEX_IS_PQ },
89		#endif
90		#endif /* HAVE_EVP_SHA256 \|\| !WITH_OPENSSL */
91		{ NULL, 0, -1, -1, 0 },
92		};
93
94		char *
95		kex_alg_list(char sep)
96	0	{
97	0	char ret = NULL, tmp;
98	0	size_t nlen, rlen = 0;
99	0	const struct kexalg *k;
100
101	0	for (k = kexalgs; k->name != NULL; k++) {
102	0	if (ret != NULL)
103	0	ret[rlen++] = sep;
104	0	nlen = strlen(k->name);
105	0	if ((tmp = realloc(ret, rlen + nlen + 2)) == NULL) {
106	0	free(ret);
107	0	return NULL;
108	0	}
109	0	ret = tmp;
110	0	memcpy(ret + rlen, k->name, nlen + 1);
111	0	rlen += nlen;
112	0	}
113	0	return ret;
114	0	}
115
116		static const struct kexalg *
117		kex_alg_by_name(const char *name)
118	85.8k	{
119	85.8k	const struct kexalg *k;
120
121	709k	for (k = kexalgs; k->name != NULL; k++) {
122	709k	if (strcmp(k->name, name) == 0)
123	85.7k	return k;
124	709k	}
125	90	return NULL;
126	85.8k	}
127
128		int
129		kex_name_valid(const char *name)
130	21.5k	{
131	21.5k	return kex_alg_by_name(name) != NULL;
132	21.5k	}
133
134		int
135		kex_is_pq_from_name(const char *name)
136	0	{
137	0	const struct kexalg *k;
138
139	0	if ((k = kex_alg_by_name(name)) == NULL)
140	0	return 0;
141	0	return k->pq_alg == KEX_IS_PQ;
142	0	}
143
144		u_int
145		kex_type_from_name(const char *name)
146	21.4k	{
147	21.4k	const struct kexalg *k;
148
149	21.4k	if ((k = kex_alg_by_name(name)) == NULL)
150	0	return 0;
151	21.4k	return k->type;
152	21.4k	}
153
154		int
155		kex_hash_from_name(const char *name)
156	21.4k	{
157	21.4k	const struct kexalg *k;
158
159	21.4k	if ((k = kex_alg_by_name(name)) == NULL)
160	0	return -1;
161	21.4k	return k->hash_alg;
162	21.4k	}
163
164		int
165		kex_nid_from_name(const char *name)
166	21.4k	{
167	21.4k	const struct kexalg *k;
168
169	21.4k	if ((k = kex_alg_by_name(name)) == NULL)
170	0	return -1;
171	21.4k	return k->ec_nid;
172	21.4k	}
173
174		/* Validate KEX method name list */
175		int
176		kex_names_valid(const char *names)
177	0	{
178	0	char s, cp, *p;
179
180	0	if (names == NULL \|\| strcmp(names, "") == 0)
181	0	return 0;
182	0	if ((s = cp = strdup(names)) == NULL)
183	0	return 0;
184	0	for ((p = strsep(&cp, ",")); p && *p != '\0';
185	0	(p = strsep(&cp, ","))) {
186	0	if (kex_alg_by_name(p) == NULL) {
187	0	error("Unsupported KEX algorithm \"%.100s\"", p);
188	0	free(s);
189	0	return 0;
190	0	}
191	0	}
192	0	debug3("kex names ok: [%s]", names);
193	0	free(s);
194	0	return 1;
195	0	}
196
197		/* returns non-zero if proposal contains any algorithm from algs */
198		int
199		kex_has_any_alg(const char proposal, const char algs)
200	578k	{
201	578k	char *cp;
202
203	578k	if ((cp = match_list(proposal, algs, NULL)) == NULL)
204	560k	return 0;
205	17.9k	free(cp);
206	17.9k	return 1;
207	578k	}
208
209		/*
210		* Concatenate algorithm names, avoiding duplicates in the process.
211		* Caller must free returned string.
212		*/
213		char *
214		kex_names_cat(const char a, const char b)
215	178k	{
216	178k	char ret = NULL, tmp = NULL, cp, p;
217	178k	size_t len;
218
219	178k	if (a == NULL \|\| *a == '\0')
220	0	return strdup(b);
221	178k	if (b == NULL \|\| *b == '\0')
222	0	return strdup(a);
223	178k	if (strlen(b) > 1024*1024)
224	0	return NULL;
225	178k	len = strlen(a) + strlen(b) + 2;
226	178k	if ((tmp = cp = strdup(b)) == NULL \|\|
227	178k	(ret = calloc(1, len)) == NULL) {
228	0	free(tmp);
229	0	return NULL;
230	0	}
231	178k	strlcpy(ret, a, len);
232	536k	for ((p = strsep(&cp, ",")); p && *p != '\0'; (p = strsep(&cp, ","))) {
233	357k	if (kex_has_any_alg(ret, p))
234	0	continue; /* Algorithm already present */
235	357k	if (strlcat(ret, ",", len) >= len \|\|
236	357k	strlcat(ret, p, len) >= len) {
237	0	free(tmp);
238	0	free(ret);
239	0	return NULL; /* Shouldn't happen */
240	0	}
241	357k	}
242	178k	free(tmp);
243	178k	return ret;
244	178k	}
245
246		/*
247		* Assemble a list of algorithms from a default list and a string from a
248		* configuration file. The user-provided string may begin with '+' to
249		* indicate that it should be appended to the default, '-' that the
250		* specified names should be removed, or '^' that they should be placed
251		* at the head.
252		*/
253		int
254		kex_assemble_names(char *listp, const char def, const char *all)
255	0	{
256	0	char cp, tmp, *patterns;
257	0	char list = NULL, ret = NULL, matching = NULL, opatterns = NULL;
258	0	int r = SSH_ERR_INTERNAL_ERROR;
259
260	0	if (listp == NULL \|\| def == NULL \|\| all == NULL)
261	0	return SSH_ERR_INVALID_ARGUMENT;
262
263	0	if (listp == NULL \|\| *listp == '\0') {
264	0	if ((*listp = strdup(def)) == NULL)
265	0	return SSH_ERR_ALLOC_FAIL;
266	0	return 0;
267	0	}
268
269	0	list = *listp;
270	0	*listp = NULL;
271	0	if (*list == '+') {
272		/* Append names to default list */
273	0	if ((tmp = kex_names_cat(def, list + 1)) == NULL) {
274	0	r = SSH_ERR_ALLOC_FAIL;
275	0	goto fail;
276	0	}
277	0	free(list);
278	0	list = tmp;
279	0	} else if (*list == '-') {
280		/* Remove names from default list */
281	0	if ((*listp = match_filter_denylist(def, list + 1)) == NULL) {
282	0	r = SSH_ERR_ALLOC_FAIL;
283	0	goto fail;
284	0	}
285	0	free(list);
286		/* filtering has already been done */
287	0	return 0;
288	0	} else if (*list == '^') {
289		/* Place names at head of default list */
290	0	if ((tmp = kex_names_cat(list + 1, def)) == NULL) {
291	0	r = SSH_ERR_ALLOC_FAIL;
292	0	goto fail;
293	0	}
294	0	free(list);
295	0	list = tmp;
296	0	} else {
297		/* Explicit list, overrides default - just use "list" as is */
298	0	}
299
300		/*
301		* The supplied names may be a pattern-list. For the -list case,
302		* the patterns are applied above. For the +list and explicit list
303		* cases we need to do it now.
304		*/
305	0	ret = NULL;
306	0	if ((patterns = opatterns = strdup(list)) == NULL) {
307	0	r = SSH_ERR_ALLOC_FAIL;
308	0	goto fail;
309	0	}
310		/* Apply positive (i.e. non-negated) patterns from the list */
311	0	while ((cp = strsep(&patterns, ",")) != NULL) {
312	0	if (*cp == '!') {
313		/* negated matches are not supported here */
314	0	r = SSH_ERR_INVALID_ARGUMENT;
315	0	goto fail;
316	0	}
317	0	free(matching);
318	0	if ((matching = match_filter_allowlist(all, cp)) == NULL) {
319	0	r = SSH_ERR_ALLOC_FAIL;
320	0	goto fail;
321	0	}
322	0	if ((tmp = kex_names_cat(ret, matching)) == NULL) {
323	0	r = SSH_ERR_ALLOC_FAIL;
324	0	goto fail;
325	0	}
326	0	free(ret);
327	0	ret = tmp;
328	0	}
329	0	if (ret == NULL \|\| *ret == '\0') {
330		/* An empty name-list is an error */
331		/* XXX better error code? */
332	0	r = SSH_ERR_INVALID_ARGUMENT;
333	0	goto fail;
334	0	}
335
336		/* success */
337	0	*listp = ret;
338	0	ret = NULL;
339	0	r = 0;
340
341	0	fail:
342	0	free(matching);
343	0	free(opatterns);
344	0	free(list);
345	0	free(ret);
346	0	return r;
347	0	}