Skip to content

Increase initial AMQP 0-9-1 connection frame size limit #13542

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Mar 15, 2025
Merged

Increase initial AMQP 0-9-1 connection frame size limit #13542

merged 1 commit into from
Mar 15, 2025

Conversation

michaelklishin
Copy link
Collaborator

@michaelklishin michaelklishin commented Mar 15, 2025
edited
Loading

Before the client authenticates, the standard
frame_max is not used. Instead, the initial limit uses a special constant.

This is fine for password or x.509 certificate-based authentication but not for some JWT tokens, which can vary in size, and take multiple kilobytes.

8 kB specifically is the default HTTP header length limit used by Nginx.
Sounds like this value was good enough for a lot of Bearer headers with JWT tokens.

Closes #13541.

FTR, the value can be bumped further via configuration:

initial_frame_max = 16382

@michaelklishin
Increase initial AMQP 0-9-1 connection frame size limit
b807887 
Before the client authenticates, the standard
frame_max is not used. Instead, the limit is
a special constant.

This is fine for password or x.509 certificate-based
authentication but not for some JWT tokens,
which can vary in size, and take multiple
kilobytes.

8 kB specifically is the default HTTP header
length limit used by Nginx.
Sounds like this value was good enough
for a lot of Bearer headers with JWT tokens.

Closes #13541.
@michaelklishin michaelklishin added this to the 4.1.0 milestone Mar 15, 2025
@michaelklishin michaelklishin merged commit cc0989f into main Mar 15, 2025
271 checks passed
@michaelklishin michaelklishin deleted the rabbitmq-server-13541 branch March 15, 2025 23:55
@mergify mergify bot mentioned this pull request Mar 15, 2025
Merged
michaelklishin added a commit that referenced this pull request Mar 16, 2025
@michaelklishin
Merge pull request #13543 from rabbitmq/mergify/bp/v4.1.x/pr-13542
274483c 
Increase initial AMQP 0-9-1 connection frame size limit (backport #13542)
@mergify mergify bot mentioned this pull request Mar 16, 2025
Merged
michaelklishin added a commit that referenced this pull request Mar 16, 2025
@michaelklishin
Merge pull request #13544 from rabbitmq/mergify/bp/v4.0.x/pr-13543
5107667 
Increase initial AMQP 0-9-1 connection frame size limit (backport #13542) (backport #13543)
michaelklishin added a commit that referenced this pull request Mar 17, 2025
@michaelklishin
Mention #13541 #13542 #13549 13551 in release notes
18533d4 
References #13537.
michaelklishin added a commit that referenced this pull request Mar 17, 2025
@michaelklishin
Mention #13541 #13542 #13549 13551 in release notes
88cea18 
References #13537.

(cherry picked from commit 18533d4)
michaelklishin added a commit that referenced this pull request Mar 19, 2025
@michaelklishin
Mention #13541 #13542 #13549 13551 in release notes
480687f 
References #13537.
ikavgo pushed a commit that referenced this pull request May 5, 2025
@michaelklishin @ikavgo
Mention #13541 #13542 #13549 13551 in release notes
3af6add 
References #13537.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lukebakken lukebakken lukebakken approved these changes

Assignees
No one assigned
Labels
backport-v4.1.x
Projects
None yet
Milestone
4.1.0
Development

Successfully merging this pull request may close these issues.

AMQP 0-9-1 connections: accommodate longer JWT tokens
2 participants
@michaelklishin @lukebakken