Set max on max_password_length to passlib max

With this patch if someone overrides the PASSLIB_MAX_PASSWORD_SIZE environment variable, keystone will fail to start with a config error instead of a passlib.exc.PasswordSizeError when creating a user. Change-Id: Ic59a7964d8044ba3ab7cb6539fecca1d190dbbcc Closes-Bug: #1175905
2015-08-26 17:38:04 -07:00 · 2015-08-26 17:38:04 -07:00 · a7235fc051
parent 94b9a66b51
commit a7235fc051
1 changed files with 2 additions and 0 deletions
--- a/keystone/common/config.py
+++ b/keystone/common/config.py
@ -14,6 +14,7 @@

 from oslo_config import cfg
 import oslo_messaging
+import passlib.utils


 _DEFAULT_AUTH_METHODS = ['external', 'password', 'token', 'oauth1']
@ -158,6 +159,7 @@ FILE_OPTIONS = {
                        'no effect unless global and identity caching are '
                        'enabled.'),
        cfg.IntOpt('max_password_length', default=4096,
+                   max=passlib.utils.MAX_PASSWORD_SIZE,
                   help='Maximum supported length for user passwords; '
                        'decrease to improve performance.'),
        cfg.IntOpt('list_limit',