From: zhhuabj <zhhuabj@cn.ibm.com>
Date: Fri, 17 Jan 2014 10:21:01 +0000 (+0800)
Subject: Raise max header size to accommodate large tokens
X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=b22442a6b80c22f6e31d086263cdb77de10d92ef;p=openstack-build%2Fneutron-build.git

Raise max header size to accommodate large tokens

The max header is exceeded in the following scenario
- Auth tokens built with a keystone v3 API catalog
- A catalog with approximately 8 or more endpoints defined

Change-Id: Ie815e457c0b25ab828e780b5d90233ba0ceff61f
Closes-Bug: #1251026
---

diff --git a/etc/neutron.conf b/etc/neutron.conf
index 1e2226fc3..091a71ce0 100644
--- a/etc/neutron.conf
+++ b/etc/neutron.conf
@@ -266,6 +266,9 @@ notification_driver = neutron.openstack.common.notifier.rpc_notifier
 # Number of backlog requests to configure the socket with.
 # backlog = 4096
 
+# Max header line to accommodate large tokens
+# max_header_line = 16384
+
 # Enable SSL on the API server
 # use_ssl = False
 
diff --git a/neutron/wsgi.py b/neutron/wsgi.py
index 9d9ff7b90..c667f71b1 100644
--- a/neutron/wsgi.py
+++ b/neutron/wsgi.py
@@ -58,6 +58,9 @@ socket_opts = [
     cfg.IntOpt('retry_until_window',
                default=30,
                help=_("Number of seconds to keep retrying to listen")),
+    cfg.IntOpt('max_header_line',
+               default=16384,
+               help=_("Max header line to accommodate large tokens")),
     cfg.BoolOpt('use_ssl',
                 default=False,
                 help=_('Enable SSL on the API server')),
@@ -116,6 +119,8 @@ class Server(object):
     """Server class to manage multiple WSGI sockets and applications."""
 
     def __init__(self, name, threads=1000):
+        # Raise the default from 8192 to accommodate large tokens
+        eventlet.wsgi.MAX_HEADER_LINE = CONF.max_header_line
         self.pool = eventlet.GreenPool(threads)
         self.name = name
         self._launcher = None