Raise maximum allowed secret size

The default maximum allowed size is too small for some certificates. This patch doubles the allowed size from 10Kb to 20Kb, and raises the maximum request size by the same amount. Change-Id: I59d11c5c9c32128ab9d71eaecdf46dd2d789a8d1
openstack · Apr 27, 2021 · c59f2a6 · c59f2a6
1 parent 21661be
commit c59f2a6
Show file tree

Hide file tree

Showing 4 changed files with 9 additions and 4 deletions.
diff --git a/barbican/common/config.py b/barbican/common/config.py
@@ -29,8 +29,8 @@
 from barbican import i18n as u
 import barbican.version
 
-MAX_BYTES_REQUEST_INPUT_ACCEPTED = 15000
-DEFAULT_MAX_SECRET_BYTES = 10000
+MAX_BYTES_REQUEST_INPUT_ACCEPTED = 25000
+DEFAULT_MAX_SECRET_BYTES = 20000
 KS_NOTIFICATIONS_GRP_NAME = 'keystone_notifications'
 
 context_opts = [

diff --git a/barbican/tests/api/controllers/test_secrets.py b/barbican/tests/api/controllers/test_secrets.py
@@ -628,7 +628,7 @@ def test_returns_413_put_with_text_too_large(self):
 
         self.assertEqual(201, resp.status_int)
 
-        text_too_big = 'x' * 10050
+        text_too_big = 'x' * 20050
         put_resp = self.app.put(
             '/secrets/{0}'.format(secret_uuid),
             text_too_big,

diff --git a/functionaltests/api/base.py b/functionaltests/api/base.py
@@ -36,7 +36,7 @@
 
 
 class TestCase(oslotest.BaseTestCase):
-    max_payload_size = 10000
+    max_payload_size = 20000
     max_sized_payload = b'a' * max_payload_size
     oversized_payload = b'a' * (max_payload_size + 1)
     max_field_size = 255

diff --git a/releasenotes/notes/increase-max-secret-size-da90164d8b328727.yaml b/releasenotes/notes/increase-max-secret-size-da90164d8b328727.yaml
@@ -0,0 +1,5 @@
+---
+features:
+  - |
+    The default maximum secret size has been increased from 10 kB to 20 kb, and
+    the default maximum request size has been increased from 15 kB to 25 kB.