> I'm cc'ing networking-discuss for a bigger discussion. What characters
> should be allowed for secure object names?
As hinted at by the dladm manpage, the intent was to start with a fairly
restrictive set (the alphanumerics) and then broaden as necessary.
Unfortunately, it seems that the implementation did not impose this
restriction and thus we've got the current mess.
Given that the secobj stuff is still (relatively speaking) new, I'd
recommend we introduce the restrictions now, ideally in DLDIOC_SECOBJ_SET.
Specifically, I'd recommend we allow the alphanumerics, along with "_",
and perhaps "." if it's useful. In the interest of stamping out a class
of bugs we're already aware of, I'd discourage allowing whitespace
characters. I'd also discourage the use of ":", as that character has
special meaning to dladm connect-wifi's -k parameter.
> (for reference, linknames > allow alphanumeric and '_'. dladm(1M)
> doesn't mention the underscore.)
That's a bug in the dladm manpage. The namespace rules for datalinks
are provided at the end of dlpi(7P), but phrased in DLPI terms. The
dladm manpage should also provide a definition that can be understood
without grokking DLPI -- perhaps something like:
link
A datalink, identified by a name. In general, the name may use
any alphanumeric characters (or the underscore), but must start
with an alphabetic character and end with a number. A datalink
name may be at most 32 characters, and the ending number may be
at most 16 characters. Datalink names between 3 and 8 characters
are recommended.
Please file a manpage bug on that.
--
meem
_______________________________________________
networking-discuss mailing list
[email protected]
