Raise maximum allowed secret size

The default maximum allowed size is too small for some certificates. This patch doubles the allowed size from 10Kb to 20Kb, and raises the maximum request size by the same amount. Change-Id: I59d11c5c9c32128ab9d71eaecdf46dd2d789a8d1 (cherry picked from commit c59f2a6bbb)
2021-03-26 11:15:14 -05:00 · 2021-03-26 11:15:14 -05:00 · bac7d2205a
parent c8d3c58014
commit bac7d2205a
4 changed files with 9 additions and 4 deletions
--- a/barbican/common/config.py
+++ b/barbican/common/config.py
@ -29,8 +29,8 @@ from oslo_service import _options
 from barbican import i18n as u
 import barbican.version

-MAX_BYTES_REQUEST_INPUT_ACCEPTED = 15000
-DEFAULT_MAX_SECRET_BYTES = 10000
+MAX_BYTES_REQUEST_INPUT_ACCEPTED = 25000
+DEFAULT_MAX_SECRET_BYTES = 20000
 KS_NOTIFICATIONS_GRP_NAME = 'keystone_notifications'

 context_opts = [
--- a/barbican/tests/api/controllers/test_secrets.py
+++ b/barbican/tests/api/controllers/test_secrets.py
@ -628,7 +628,7 @@ class WhenGettingPuttingOrDeletingSecret(utils.BarbicanAPIBaseTestCase):

        self.assertEqual(201, resp.status_int)

-        text_too_big = 'x' * 10050
+        text_too_big = 'x' * 20050
        put_resp = self.app.put(
            '/secrets/{0}'.format(secret_uuid),
            text_too_big,
--- a/functionaltests/api/base.py
+++ b/functionaltests/api/base.py
@ -36,7 +36,7 @@ conf_multiple_backends_enabled = CONF.keymanager.\


 class TestCase(oslotest.BaseTestCase):
-    max_payload_size = 10000
+    max_payload_size = 20000
    max_sized_payload = b'a' * max_payload_size
    oversized_payload = b'a' * (max_payload_size + 1)
    max_field_size = 255
--- a/releasenotes/notes/increase-max-secret-size-da90164d8b328727.yaml
+++ b/releasenotes/notes/increase-max-secret-size-da90164d8b328727.yaml
@ -0,0 +1,5 @@
+---
+features:
+  - |
+    The default maximum secret size has been increased from 10 kB to 20 kb, and
+    the default maximum request size has been increased from 15 kB to 25 kB.