Expose max request and secret size config options.

Upstream Barbican has bumped up its default for the configuration keys
max_allowed_request_size_in_bytes and max_allowed_secret_in_bytes to
25kB and 20kB respectively (c59f2a6b). This change adopts those values
to be used in all the supported releases and exposes them via juju
config.

Closes-Bug: #1946018
Change-Id: I3dcb30f5de6367de2aa5c26bb59a79893fb8e578
This commit is contained in:
Felipe Reyes 2021-10-04 15:41:25 -03:00
parent 3ac1472fe6
commit 0740a468ef
2 changed files with 12 additions and 0 deletions

View File

@ -34,3 +34,13 @@ options:
default: 32
type: int
description: The length for generating an HMAC
max-allowed-secret-size:
default: 20000
type: int
description: |
Maximum allowed secret size in bytes.
max-allowed-request-size:
default: 25000
type: int
description: |
Maximum allowed http request size against the barbican-api.

View File

@ -4,6 +4,8 @@ bind_host = {{ options.service_listen_info.barbican_worker.ip }}
bind_port = {{ options.service_listen_info.barbican_worker.port }}
host_href = {{ options.external_endpoints.barbican_worker.url }}
db_auto_create = False
max_allowed_secret_in_bytes = {{ options.max_allowed_secret_size }}
max_allowed_request_size_in_bytes = {{ options.max_allowed_request_size }}
{% include "parts/section-transport-url" %}