From c59f2a6bbb83308de1598cebdc82197f2a148c6b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Douglas=20Mendiz=C3=A1bal?= Date: Fri, 26 Mar 2021 11:15:14 -0500 Subject: [PATCH] Raise maximum allowed secret size The default maximum allowed size is too small for some certificates. This patch doubles the allowed size from 10Kb to 20Kb, and raises the maximum request size by the same amount. Change-Id: I59d11c5c9c32128ab9d71eaecdf46dd2d789a8d1 --- barbican/common/config.py | 4 ++-- barbican/tests/api/controllers/test_secrets.py | 2 +- functionaltests/api/base.py | 2 +- .../notes/increase-max-secret-size-da90164d8b328727.yaml | 5 +++++ 4 files changed, 9 insertions(+), 4 deletions(-) create mode 100644 releasenotes/notes/increase-max-secret-size-da90164d8b328727.yaml diff --git a/barbican/common/config.py b/barbican/common/config.py index 7abd83f15..a372f35fd 100644 --- a/barbican/common/config.py +++ b/barbican/common/config.py @@ -29,8 +29,8 @@ from oslo_service import _options from barbican import i18n as u import barbican.version -MAX_BYTES_REQUEST_INPUT_ACCEPTED = 15000 -DEFAULT_MAX_SECRET_BYTES = 10000 +MAX_BYTES_REQUEST_INPUT_ACCEPTED = 25000 +DEFAULT_MAX_SECRET_BYTES = 20000 KS_NOTIFICATIONS_GRP_NAME = 'keystone_notifications' context_opts = [ diff --git a/barbican/tests/api/controllers/test_secrets.py b/barbican/tests/api/controllers/test_secrets.py index 34622216c..1329619ed 100644 --- a/barbican/tests/api/controllers/test_secrets.py +++ b/barbican/tests/api/controllers/test_secrets.py @@ -628,7 +628,7 @@ class WhenGettingPuttingOrDeletingSecret(utils.BarbicanAPIBaseTestCase): self.assertEqual(201, resp.status_int) - text_too_big = 'x' * 10050 + text_too_big = 'x' * 20050 put_resp = self.app.put( '/secrets/{0}'.format(secret_uuid), text_too_big, diff --git a/functionaltests/api/base.py b/functionaltests/api/base.py index 42cb1bdf8..f195f27dd 100644 --- a/functionaltests/api/base.py +++ b/functionaltests/api/base.py @@ -36,7 +36,7 @@ conf_multiple_backends_enabled = CONF.keymanager.\ class TestCase(oslotest.BaseTestCase): - max_payload_size = 10000 + max_payload_size = 20000 max_sized_payload = b'a' * max_payload_size oversized_payload = b'a' * (max_payload_size + 1) max_field_size = 255 diff --git a/releasenotes/notes/increase-max-secret-size-da90164d8b328727.yaml b/releasenotes/notes/increase-max-secret-size-da90164d8b328727.yaml new file mode 100644 index 000000000..4cb08f8ab --- /dev/null +++ b/releasenotes/notes/increase-max-secret-size-da90164d8b328727.yaml @@ -0,0 +1,5 @@ +--- +features: + - | + The default maximum secret size has been increased from 10 kB to 20 kb, and + the default maximum request size has been increased from 15 kB to 25 kB.