open-dsi
/
postgres
mirror of https://github.com/postgres/postgres
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Convert output of TAP tests to be more like pg_regress

Browse Source 
This improves readbility of diffs a lot.
pull/220/head
Andreas Karlsson 5 months ago committed by Andreas Karlsson
parent 908d0776ba
commit 832cbb4f4d
11 changed files with 547 additions and 135 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 32
      contrib/pg_tde/t/expected/001_basic.out
  2. 164
      contrib/pg_tde/t/expected/002_rotate_key.out
  3. 26
      contrib/pg_tde/t/expected/003_remote_config.out
  4. 26
      contrib/pg_tde/t/expected/004_file_config.out
  5. 26
      contrib/pg_tde/t/expected/006_remote_vault_config.out
  6. 90
      contrib/pg_tde/t/expected/007_tde_heap.out
  7. 34
      contrib/pg_tde/t/expected/008_key_rotate_tablespace.out
  8. 84
      contrib/pg_tde/t/expected/009_wal_encrypt.out
  9. 184
      contrib/pg_tde/t/expected/010_change_key_provider.out
  10. 14
      contrib/pg_tde/t/expected/011_unlogged_tables.out
  11. 2
      contrib/pg_tde/t/pgtde.pm

32
contrib/pg_tde/t/expected/001_basic.out
Unescape View File

@ -1,23 +1,43 @@
CREATE EXTENSION IF NOT EXISTS pg_tde; CREATE EXTENSION IF NOT EXISTS pg_tde;
SELECT extname, extversion FROM pg_extension WHERE extname = 'pg_tde'; SELECT extname, extversion FROM pg_extension WHERE extname = 'pg_tde';
pg_tde|1.0-rc extname | extversion
---------+------------
pg_tde | 1.0-rc
(1 row)
CREATE TABLE test_enc(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap; CREATE TABLE test_enc(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap;
psql:<stdin>:1: ERROR: principal key not configured psql:<stdin>:1: ERROR: principal key not configured
HINT: create one using pg_tde_set_key before using encrypted tables HINT: create one using pg_tde_set_key before using encrypted tables
-- server restart -- server restart
SELECT pg_tde_add_database_key_provider_file('file-vault','/tmp/pg_tde_test_keyring.per'); SELECT pg_tde_add_database_key_provider_file('file-vault','/tmp/pg_tde_test_keyring.per');
1 pg_tde_add_database_key_provider_file
---------------------------------------
1
(1 row)
SELECT pg_tde_set_key_using_database_key_provider('test-db-key','file-vault'); SELECT pg_tde_set_key_using_database_key_provider('test-db-key','file-vault');
pg_tde_set_key_using_database_key_provider
--------------------------------------------
(1 row)
CREATE TABLE test_enc(id SERIAL,k VARCHAR(32),PRIMARY KEY (id)) USING tde_heap; CREATE TABLE test_enc(id SERIAL,k VARCHAR(32),PRIMARY KEY (id)) USING tde_heap;
INSERT INTO test_enc (k) VALUES ('foobar'),('barfoo'); INSERT INTO test_enc (k) VALUES ('foobar'),('barfoo');
SELECT * FROM test_enc ORDER BY id ASC; SELECT * FROM test_enc ORDER BY id ASC;
1|foobar id | k
2|barfoo ----+--------
1 | foobar
2 | barfoo
(2 rows)
-- server restart -- server restart
SELECT * FROM test_enc ORDER BY id ASC; SELECT * FROM test_enc ORDER BY id ASC;
1|foobar id | k
2|barfoo ----+--------
1 | foobar
2 | barfoo
(2 rows)
TABLEFILE FOUND: yes TABLEFILE FOUND: yes
CONTAINS FOO (should be empty): CONTAINS FOO (should be empty):

164
contrib/pg_tde/t/expected/002_rotate_key.out
Unescape View File

@ -4,92 +4,196 @@ psql:<stdin>:1: ERROR: principal key not configured
HINT: create one using pg_tde_set_key before using encrypted tables HINT: create one using pg_tde_set_key before using encrypted tables
-- server restart -- server restart
SELECT pg_tde_add_database_key_provider_file('file-vault','/tmp/pg_tde_test_keyring.per'); SELECT pg_tde_add_database_key_provider_file('file-vault','/tmp/pg_tde_test_keyring.per');
1 pg_tde_add_database_key_provider_file
---------------------------------------
1
(1 row)
SELECT pg_tde_add_database_key_provider_file('file-2','/tmp/pg_tde_test_keyring_2.per'); SELECT pg_tde_add_database_key_provider_file('file-2','/tmp/pg_tde_test_keyring_2.per');
2 pg_tde_add_database_key_provider_file
---------------------------------------
2
(1 row)
SELECT pg_tde_add_global_key_provider_file('file-2','/tmp/pg_tde_test_keyring_2g.per'); SELECT pg_tde_add_global_key_provider_file('file-2','/tmp/pg_tde_test_keyring_2g.per');
-1 pg_tde_add_global_key_provider_file
-------------------------------------
-1
(1 row)
SELECT pg_tde_add_global_key_provider_file('file-3','/tmp/pg_tde_test_keyring_3.per'); SELECT pg_tde_add_global_key_provider_file('file-3','/tmp/pg_tde_test_keyring_3.per');
-2 pg_tde_add_global_key_provider_file
-------------------------------------
-2
(1 row)
SELECT pg_tde_list_all_database_key_providers(); SELECT pg_tde_list_all_database_key_providers();
(1,file-vault,file,"{""type"" : ""file"", ""path"" : ""/tmp/pg_tde_test_keyring.per""}") pg_tde_list_all_database_key_providers
(2,file-2,file,"{""type"" : ""file"", ""path"" : ""/tmp/pg_tde_test_keyring_2.per""}") ------------------------------------------------------------------------------------------
(1,file-vault,file,"{""type"" : ""file"", ""path"" : ""/tmp/pg_tde_test_keyring.per""}")
(2,file-2,file,"{""type"" : ""file"", ""path"" : ""/tmp/pg_tde_test_keyring_2.per""}")
(2 rows)
SELECT pg_tde_set_key_using_database_key_provider('test-db-key','file-vault'); SELECT pg_tde_set_key_using_database_key_provider('test-db-key','file-vault');
pg_tde_set_key_using_database_key_provider
--------------------------------------------
(1 row)
CREATE TABLE test_enc(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap; CREATE TABLE test_enc(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap;
INSERT INTO test_enc (k) VALUES (5),(6); INSERT INTO test_enc (k) VALUES (5),(6);
SELECT * FROM test_enc ORDER BY id ASC; SELECT * FROM test_enc ORDER BY id ASC;
1|5 id | k
2|6 ----+---
1 | 5
2 | 6
(2 rows)
SELECT pg_tde_set_key_using_database_key_provider('rotated-key1'); SELECT pg_tde_set_key_using_database_key_provider('rotated-key1');
pg_tde_set_key_using_database_key_provider
--------------------------------------------
(1 row)
SELECT * FROM test_enc ORDER BY id ASC; SELECT * FROM test_enc ORDER BY id ASC;
1|5 id | k
2|6 ----+---
1 | 5
2 | 6
(2 rows)
-- server restart -- server restart
SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_key_info(); SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_key_info();
1|file-vault|rotated-key1 key_provider_id | key_provider_name | key_name
-----------------+-------------------+--------------
1 | file-vault | rotated-key1
(1 row)
SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_server_key_info(); SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_server_key_info();
psql:<stdin>:1: ERROR: Principal key does not exists for the database psql:<stdin>:1: ERROR: Principal key does not exists for the database
HINT: Use set_key interface to set the principal key HINT: Use set_key interface to set the principal key
SELECT * FROM test_enc ORDER BY id ASC; SELECT * FROM test_enc ORDER BY id ASC;
1|5 id | k
2|6 ----+---
1 | 5
2 | 6
(2 rows)
SELECT pg_tde_set_key_using_database_key_provider('rotated-key2','file-2'); SELECT pg_tde_set_key_using_database_key_provider('rotated-key2','file-2');
pg_tde_set_key_using_database_key_provider
--------------------------------------------
(1 row)
SELECT * FROM test_enc ORDER BY id ASC; SELECT * FROM test_enc ORDER BY id ASC;
1|5 id | k
2|6 ----+---
1 | 5
2 | 6
(2 rows)
-- server restart -- server restart
SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_key_info(); SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_key_info();
2|file-2|rotated-key2 key_provider_id | key_provider_name | key_name
-----------------+-------------------+--------------
2 | file-2 | rotated-key2
(1 row)
SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_server_key_info(); SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_server_key_info();
psql:<stdin>:1: ERROR: Principal key does not exists for the database psql:<stdin>:1: ERROR: Principal key does not exists for the database
HINT: Use set_key interface to set the principal key HINT: Use set_key interface to set the principal key
SELECT * FROM test_enc ORDER BY id ASC; SELECT * FROM test_enc ORDER BY id ASC;
1|5 id | k
2|6 ----+---
1 | 5
2 | 6
(2 rows)
SELECT pg_tde_set_key_using_global_key_provider('rotated-key', 'file-3', false); SELECT pg_tde_set_key_using_global_key_provider('rotated-key', 'file-3', false);
pg_tde_set_key_using_global_key_provider
------------------------------------------
(1 row)
SELECT * FROM test_enc ORDER BY id ASC; SELECT * FROM test_enc ORDER BY id ASC;
1|5 id | k
2|6 ----+---
1 | 5
2 | 6
(2 rows)
-- server restart -- server restart
SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_key_info(); SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_key_info();
-2|file-3|rotated-key key_provider_id | key_provider_name | key_name
-----------------+-------------------+-------------
-2 | file-3 | rotated-key
(1 row)
SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_server_key_info(); SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_server_key_info();
psql:<stdin>:1: ERROR: Principal key does not exists for the database psql:<stdin>:1: ERROR: Principal key does not exists for the database
HINT: Use set_key interface to set the principal key HINT: Use set_key interface to set the principal key
SELECT * FROM test_enc ORDER BY id ASC; SELECT * FROM test_enc ORDER BY id ASC;
1|5 id | k
2|6 ----+---
1 | 5
2 | 6
(2 rows)
SELECT pg_tde_set_key_using_global_key_provider('rotated-keyX', 'file-2', false); SELECT pg_tde_set_key_using_global_key_provider('rotated-keyX', 'file-2', false);
pg_tde_set_key_using_global_key_provider
------------------------------------------
(1 row)
SELECT * FROM test_enc ORDER BY id ASC; SELECT * FROM test_enc ORDER BY id ASC;
1|5 id | k
2|6 ----+---
1 | 5
2 | 6
(2 rows)
-- server restart -- server restart
SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_key_info(); SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_key_info();
-1|file-2|rotated-keyX key_provider_id | key_provider_name | key_name
-----------------+-------------------+--------------
-1 | file-2 | rotated-keyX
(1 row)
SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_server_key_info(); SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_server_key_info();
psql:<stdin>:1: ERROR: Principal key does not exists for the database psql:<stdin>:1: ERROR: Principal key does not exists for the database
HINT: Use set_key interface to set the principal key HINT: Use set_key interface to set the principal key
SELECT * FROM test_enc ORDER BY id ASC; SELECT * FROM test_enc ORDER BY id ASC;
1|5 id | k
2|6 ----+---
1 | 5
2 | 6
(2 rows)
ALTER SYSTEM SET pg_tde.inherit_global_providers = OFF; ALTER SYSTEM SET pg_tde.inherit_global_providers = OFF;
-- server restart -- server restart
SELECT pg_tde_set_key_using_global_key_provider('rotated-keyX2', 'file-2', false); SELECT pg_tde_set_key_using_global_key_provider('rotated-keyX2', 'file-2', false);
psql:<stdin>:1: ERROR: Usage of global key providers is disabled. Enable it with pg_tde.inherit_global_providers = ON psql:<stdin>:1: ERROR: Usage of global key providers is disabled. Enable it with pg_tde.inherit_global_providers = ON
SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_key_info(); SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_key_info();
-1|file-2|rotated-keyX key_provider_id | key_provider_name | key_name
-----------------+-------------------+--------------
-1 | file-2 | rotated-keyX
(1 row)
SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_server_key_info(); SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_server_key_info();
psql:<stdin>:1: ERROR: Principal key does not exists for the database psql:<stdin>:1: ERROR: Principal key does not exists for the database
HINT: Use set_key interface to set the principal key HINT: Use set_key interface to set the principal key
SELECT pg_tde_set_key_using_database_key_provider('rotated-key2','file-2'); SELECT pg_tde_set_key_using_database_key_provider('rotated-key2','file-2');
pg_tde_set_key_using_database_key_provider
--------------------------------------------
(1 row)
SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_key_info(); SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_key_info();
2|file-2|rotated-key2 key_provider_id | key_provider_name | key_name
-----------------+-------------------+--------------
2 | file-2 | rotated-key2
(1 row)
SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_server_key_info(); SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_server_key_info();
psql:<stdin>:1: ERROR: Principal key does not exists for the database psql:<stdin>:1: ERROR: Principal key does not exists for the database
HINT: Use set_key interface to set the principal key HINT: Use set_key interface to set the principal key

26
contrib/pg_tde/t/expected/003_remote_config.out
Unescape View File

@ -1,16 +1,32 @@
CREATE EXTENSION IF NOT EXISTS pg_tde; CREATE EXTENSION IF NOT EXISTS pg_tde;
SELECT pg_tde_add_database_key_provider_file('file-provider', json_object( 'type' VALUE 'remote', 'url' VALUE 'http://localhost:8888/hello' )); SELECT pg_tde_add_database_key_provider_file('file-provider', json_object( 'type' VALUE 'remote', 'url' VALUE 'http://localhost:8888/hello' ));
1 pg_tde_add_database_key_provider_file
---------------------------------------
1
(1 row)
SELECT pg_tde_set_key_using_database_key_provider('test-db-key','file-provider'); SELECT pg_tde_set_key_using_database_key_provider('test-db-key','file-provider');
pg_tde_set_key_using_database_key_provider
--------------------------------------------
(1 row)
CREATE TABLE test_enc2(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap; CREATE TABLE test_enc2(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap;
INSERT INTO test_enc2 (k) VALUES (5),(6); INSERT INTO test_enc2 (k) VALUES (5),(6);
SELECT * FROM test_enc2 ORDER BY id ASC; SELECT * FROM test_enc2 ORDER BY id ASC;
1|5 id | k
2|6 ----+---
1 | 5
2 | 6
(2 rows)
-- server restart -- server restart
SELECT * FROM test_enc2 ORDER BY id ASC; SELECT * FROM test_enc2 ORDER BY id ASC;
1|5 id | k
2|6 ----+---
1 | 5
2 | 6
(2 rows)
DROP TABLE test_enc2; DROP TABLE test_enc2;
DROP EXTENSION pg_tde; DROP EXTENSION pg_tde;

26
contrib/pg_tde/t/expected/004_file_config.out
Unescape View File

@ -1,16 +1,32 @@
CREATE EXTENSION IF NOT EXISTS pg_tde; CREATE EXTENSION IF NOT EXISTS pg_tde;
SELECT pg_tde_add_database_key_provider_file('file-provider', json_object( 'type' VALUE 'file', 'path' VALUE '/tmp/datafile-location' )); SELECT pg_tde_add_database_key_provider_file('file-provider', json_object( 'type' VALUE 'file', 'path' VALUE '/tmp/datafile-location' ));
1 pg_tde_add_database_key_provider_file
---------------------------------------
1
(1 row)
SELECT pg_tde_set_key_using_database_key_provider('test-db-key','file-provider'); SELECT pg_tde_set_key_using_database_key_provider('test-db-key','file-provider');
pg_tde_set_key_using_database_key_provider
--------------------------------------------
(1 row)
CREATE TABLE test_enc1(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap; CREATE TABLE test_enc1(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap;
INSERT INTO test_enc1 (k) VALUES (5),(6); INSERT INTO test_enc1 (k) VALUES (5),(6);
SELECT * FROM test_enc1 ORDER BY id ASC; SELECT * FROM test_enc1 ORDER BY id ASC;
1|5 id | k
2|6 ----+---
1 | 5
2 | 6
(2 rows)
-- server restart -- server restart
SELECT * FROM test_enc1 ORDER BY id ASC; SELECT * FROM test_enc1 ORDER BY id ASC;
1|5 id | k
2|6 ----+---
1 | 5
2 | 6
(2 rows)
DROP TABLE test_enc1; DROP TABLE test_enc1;
DROP EXTENSION pg_tde; DROP EXTENSION pg_tde;

26
contrib/pg_tde/t/expected/006_remote_vault_config.out
Unescape View File

@ -1,16 +1,32 @@
CREATE EXTENSION IF NOT EXISTS pg_tde; CREATE EXTENSION IF NOT EXISTS pg_tde;
SELECT pg_tde_add_database_key_provider_vault_v2('vault-provider', json_object( 'type' VALUE 'remote', 'url' VALUE 'http://localhost:8889/token' ), json_object( 'type' VALUE 'remote', 'url' VALUE 'http://localhost:8889/url' ), to_json('secret'::text), NULL); SELECT pg_tde_add_database_key_provider_vault_v2('vault-provider', json_object( 'type' VALUE 'remote', 'url' VALUE 'http://localhost:8889/token' ), json_object( 'type' VALUE 'remote', 'url' VALUE 'http://localhost:8889/url' ), to_json('secret'::text), NULL);
1 pg_tde_add_database_key_provider_vault_v2
-------------------------------------------
1
(1 row)
SELECT pg_tde_set_key_using_database_key_provider('test-db-key','vault-provider'); SELECT pg_tde_set_key_using_database_key_provider('test-db-key','vault-provider');
pg_tde_set_key_using_database_key_provider
--------------------------------------------
(1 row)
CREATE TABLE test_enc2(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap; CREATE TABLE test_enc2(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap;
INSERT INTO test_enc2 (k) VALUES (5),(6); INSERT INTO test_enc2 (k) VALUES (5),(6);
SELECT * FROM test_enc2 ORDER BY id ASC; SELECT * FROM test_enc2 ORDER BY id ASC;
1|5 id | k
2|6 ----+---
1 | 5
2 | 6
(2 rows)
-- server restart -- server restart
SELECT * FROM test_enc2 ORDER BY id ASC; SELECT * FROM test_enc2 ORDER BY id ASC;
1|5 id | k
2|6 ----+---
1 | 5
2 | 6
(2 rows)
DROP TABLE test_enc2; DROP TABLE test_enc2;
DROP EXTENSION pg_tde; DROP EXTENSION pg_tde;

90
contrib/pg_tde/t/expected/007_tde_heap.out
Unescape View File

@ -4,68 +4,116 @@ psql:<stdin>:1: ERROR: principal key not configured
HINT: create one using pg_tde_set_key before using encrypted tables HINT: create one using pg_tde_set_key before using encrypted tables
-- server restart -- server restart
SELECT pg_tde_add_database_key_provider_file('file-vault','/tmp/pg_tde_test_keyring.per'); SELECT pg_tde_add_database_key_provider_file('file-vault','/tmp/pg_tde_test_keyring.per');
1 pg_tde_add_database_key_provider_file
---------------------------------------
1
(1 row)
SELECT pg_tde_set_key_using_database_key_provider('test-db-key','file-vault'); SELECT pg_tde_set_key_using_database_key_provider('test-db-key','file-vault');
pg_tde_set_key_using_database_key_provider
--------------------------------------------
(1 row)
CREATE TABLE test_enc1(id SERIAL,k VARCHAR(32),PRIMARY KEY (id)) USING tde_heap; CREATE TABLE test_enc1(id SERIAL,k VARCHAR(32),PRIMARY KEY (id)) USING tde_heap;
INSERT INTO test_enc1 (k) VALUES ('foobar'),('barfoo'); INSERT INTO test_enc1 (k) VALUES ('foobar'),('barfoo');
SELECT * FROM test_enc1 ORDER BY id ASC; SELECT * FROM test_enc1 ORDER BY id ASC;
1|foobar id | k
2|barfoo ----+--------
1 | foobar
2 | barfoo
(2 rows)
CREATE TABLE test_enc2(id SERIAL,k VARCHAR(32),PRIMARY KEY (id)); CREATE TABLE test_enc2(id SERIAL,k VARCHAR(32),PRIMARY KEY (id));
INSERT INTO test_enc2 (k) VALUES ('foobar'),('barfoo'); INSERT INTO test_enc2 (k) VALUES ('foobar'),('barfoo');
ALTER TABLE test_enc2 SET ACCESS METHOD tde_heap; ALTER TABLE test_enc2 SET ACCESS METHOD tde_heap;
SELECT * FROM test_enc2 ORDER BY id ASC; SELECT * FROM test_enc2 ORDER BY id ASC;
1|foobar id | k
2|barfoo ----+--------
1 | foobar
2 | barfoo
(2 rows)
SET default_table_access_method = "tde_heap"; CREATE TABLE test_enc3(id SERIAL,k VARCHAR(32),PRIMARY KEY (id)); SET default_table_access_method = "tde_heap"; CREATE TABLE test_enc3(id SERIAL,k VARCHAR(32),PRIMARY KEY (id));
INSERT INTO test_enc3 (k) VALUES ('foobar'),('barfoo'); INSERT INTO test_enc3 (k) VALUES ('foobar'),('barfoo');
SELECT * FROM test_enc3 ORDER BY id ASC; SELECT * FROM test_enc3 ORDER BY id ASC;
1|foobar id | k
2|barfoo ----+--------
1 | foobar
2 | barfoo
(2 rows)
CREATE TABLE test_enc4(id SERIAL,k VARCHAR(32),PRIMARY KEY (id)) USING heap; CREATE TABLE test_enc4(id SERIAL,k VARCHAR(32),PRIMARY KEY (id)) USING heap;
INSERT INTO test_enc4 (k) VALUES ('foobar'),('barfoo'); INSERT INTO test_enc4 (k) VALUES ('foobar'),('barfoo');
SET default_table_access_method = "tde_heap"; ALTER TABLE test_enc4 SET ACCESS METHOD DEFAULT; SET default_table_access_method = "tde_heap"; ALTER TABLE test_enc4 SET ACCESS METHOD DEFAULT;
SELECT * FROM test_enc4 ORDER BY id ASC; SELECT * FROM test_enc4 ORDER BY id ASC;
1|foobar id | k
2|barfoo ----+--------
1 | foobar
2 | barfoo
(2 rows)
CREATE TABLE test_enc5(id SERIAL,k VARCHAR(32),PRIMARY KEY (id)) USING tde_heap; CREATE TABLE test_enc5(id SERIAL,k VARCHAR(32),PRIMARY KEY (id)) USING tde_heap;
INSERT INTO test_enc5 (k) VALUES ('foobar'),('barfoo'); INSERT INTO test_enc5 (k) VALUES ('foobar'),('barfoo');
CHECKPOINT; CHECKPOINT;
TRUNCATE test_enc5; TRUNCATE test_enc5;
INSERT INTO test_enc5 (k) VALUES ('foobar'),('barfoo'); INSERT INTO test_enc5 (k) VALUES ('foobar'),('barfoo');
SELECT * FROM test_enc5 ORDER BY id ASC; SELECT * FROM test_enc5 ORDER BY id ASC;
3|foobar id | k
4|barfoo ----+--------
3 | foobar
4 | barfoo
(2 rows)
-- server restart -- server restart
########################### ###########################
SELECT * FROM test_enc1 ORDER BY id ASC; SELECT * FROM test_enc1 ORDER BY id ASC;
1|foobar id | k
2|barfoo ----+--------
1 | foobar
2 | barfoo
(2 rows)
TABLEFILE FOR test_enc1 FOUND: yes TABLEFILE FOR test_enc1 FOUND: yes
CONTAINS FOO (should be empty): CONTAINS FOO (should be empty):
########################### ###########################
SELECT * FROM test_enc2 ORDER BY id ASC; SELECT * FROM test_enc2 ORDER BY id ASC;
1|foobar id | k
2|barfoo ----+--------
1 | foobar
2 | barfoo
(2 rows)
TABLEFILE FOR test_enc2 FOUND: yes TABLEFILE FOR test_enc2 FOUND: yes
CONTAINS FOO (should be empty): CONTAINS FOO (should be empty):
########################### ###########################
SELECT * FROM test_enc3 ORDER BY id ASC; SELECT * FROM test_enc3 ORDER BY id ASC;
1|foobar id | k
2|barfoo ----+--------
1 | foobar
2 | barfoo
(2 rows)
TABLEFILE FOR test_enc3 FOUND: yes TABLEFILE FOR test_enc3 FOUND: yes
CONTAINS FOO (should be empty): CONTAINS FOO (should be empty):
########################### ###########################
SELECT * FROM test_enc4 ORDER BY id ASC; SELECT * FROM test_enc4 ORDER BY id ASC;
1|foobar id | k
2|barfoo ----+--------
1 | foobar
2 | barfoo
(2 rows)
TABLEFILE FOR test_enc4 FOUND: yes TABLEFILE FOR test_enc4 FOUND: yes
CONTAINS FOO (should be empty): CONTAINS FOO (should be empty):
########################### ###########################
SELECT * FROM test_enc5 ORDER BY id ASC; SELECT * FROM test_enc5 ORDER BY id ASC;
3|foobar id | k
4|barfoo ----+--------
3 | foobar
4 | barfoo
(2 rows)
TABLEFILE FOR test_enc5 FOUND: yes TABLEFILE FOR test_enc5 FOUND: yes
CONTAINS FOO (should be empty): CONTAINS FOO (should be empty):
TABLEFILE2 FOUND: yes TABLEFILE2 FOUND: yes

34
contrib/pg_tde/t/expected/008_key_rotate_tablespace.out
Unescape View File

@ -2,8 +2,16 @@ SET allow_in_place_tablespaces = true; CREATE TABLESPACE test_tblspace LOCATION
CREATE DATABASE tbc TABLESPACE = test_tblspace; CREATE DATABASE tbc TABLESPACE = test_tblspace;
CREATE EXTENSION IF NOT EXISTS pg_tde; CREATE EXTENSION IF NOT EXISTS pg_tde;
SELECT pg_tde_add_database_key_provider_file('file-vault','/tmp/pg_tde_test_keyring.per'); SELECT pg_tde_add_database_key_provider_file('file-vault','/tmp/pg_tde_test_keyring.per');
1 pg_tde_add_database_key_provider_file
---------------------------------------
1
(1 row)
SELECT pg_tde_set_key_using_database_key_provider('test-db-key','file-vault'); SELECT pg_tde_set_key_using_database_key_provider('test-db-key','file-vault');
pg_tde_set_key_using_database_key_provider
--------------------------------------------
(1 row)
CREATE TABLE country_table ( CREATE TABLE country_table (
country_id serial primary key, country_id serial primary key,
@ -15,16 +23,28 @@ INSERT INTO country_table (country_name, continent)
('UK', 'Europe'), ('UK', 'Europe'),
('USA', 'North America'); ('USA', 'North America');
SELECT * FROM country_table; SELECT * FROM country_table;
1|Japan|Asia country_id | country_name | continent
2|UK|Europe ------------+--------------+---------------
3|USA|North America 1 | Japan | Asia
2 | UK | Europe
3 | USA | North America
(3 rows)
SELECT pg_tde_set_key_using_database_key_provider('new-k', 'file-vault'); SELECT pg_tde_set_key_using_database_key_provider('new-k', 'file-vault');
pg_tde_set_key_using_database_key_provider
--------------------------------------------
(1 row)
-- server restart -- server restart
SELECT * FROM country_table; SELECT * FROM country_table;
1|Japan|Asia country_id | country_name | continent
2|UK|Europe ------------+--------------+---------------
3|USA|North America 1 | Japan | Asia
2 | UK | Europe
3 | USA | North America
(3 rows)
DROP EXTENSION pg_tde CASCADE; DROP EXTENSION pg_tde CASCADE;
psql:<stdin>:1: NOTICE: drop cascades to table country_table psql:<stdin>:1: NOTICE: drop cascades to table country_table
DROP DATABASE tbc; DROP DATABASE tbc;

84
contrib/pg_tde/t/expected/009_wal_encrypt.out
Unescape View File

@ -1,49 +1,85 @@
CREATE EXTENSION IF NOT EXISTS pg_tde; CREATE EXTENSION IF NOT EXISTS pg_tde;
SELECT pg_tde_add_global_key_provider_file('file-keyring-010','/tmp/pg_tde_test_keyring010.per'); SELECT pg_tde_add_global_key_provider_file('file-keyring-010','/tmp/pg_tde_test_keyring010.per');
-1 pg_tde_add_global_key_provider_file
-------------------------------------
-1
(1 row)
SELECT pg_tde_set_server_key_using_global_key_provider('server-key', 'file-keyring-010'); SELECT pg_tde_set_server_key_using_global_key_provider('server-key', 'file-keyring-010');
pg_tde_set_server_key_using_global_key_provider
-------------------------------------------------
(1 row)
ALTER SYSTEM SET pg_tde.wal_encrypt = on; ALTER SYSTEM SET pg_tde.wal_encrypt = on;
-- server restart with wal encryption -- server restart with wal encryption
SHOW pg_tde.wal_encrypt; SHOW pg_tde.wal_encrypt;
on pg_tde.wal_encrypt
--------------------
on
(1 row)
SELECT slot_name FROM pg_create_logical_replication_slot('tde_slot', 'test_decoding'); SELECT slot_name FROM pg_create_logical_replication_slot('tde_slot', 'test_decoding');
tde_slot slot_name
-----------
tde_slot
(1 row)
CREATE TABLE test_wal (id SERIAL, k INTEGER, PRIMARY KEY (id)); CREATE TABLE test_wal (id SERIAL, k INTEGER, PRIMARY KEY (id));
INSERT INTO test_wal (k) VALUES (1), (2); INSERT INTO test_wal (k) VALUES (1), (2);
ALTER SYSTEM SET pg_tde.wal_encrypt = off; ALTER SYSTEM SET pg_tde.wal_encrypt = off;
-- server restart without wal encryption -- server restart without wal encryption
SHOW pg_tde.wal_encrypt; SHOW pg_tde.wal_encrypt;
off pg_tde.wal_encrypt
--------------------
off
(1 row)
INSERT INTO test_wal (k) VALUES (3), (4); INSERT INTO test_wal (k) VALUES (3), (4);
ALTER SYSTEM SET pg_tde.wal_encrypt = on; ALTER SYSTEM SET pg_tde.wal_encrypt = on;
-- server restart with wal encryption -- server restart with wal encryption
SHOW pg_tde.wal_encrypt; SHOW pg_tde.wal_encrypt;
on pg_tde.wal_encrypt
--------------------
on
(1 row)
INSERT INTO test_wal (k) VALUES (5), (6); INSERT INTO test_wal (k) VALUES (5), (6);
-- server restart with still wal encryption -- server restart with still wal encryption
SHOW pg_tde.wal_encrypt; SHOW pg_tde.wal_encrypt;
on pg_tde.wal_encrypt
--------------------
on
(1 row)
INSERT INTO test_wal (k) VALUES (7), (8); INSERT INTO test_wal (k) VALUES (7), (8);
SELECT data FROM pg_logical_slot_get_changes('tde_slot', NULL, NULL); SELECT data FROM pg_logical_slot_get_changes('tde_slot', NULL, NULL);
BEGIN 739 data
COMMIT 739 -----------------------------------------------------------
BEGIN 740 BEGIN 739
table public.test_wal: INSERT: id[integer]:1 k[integer]:1 COMMIT 739
table public.test_wal: INSERT: id[integer]:2 k[integer]:2 BEGIN 740
COMMIT 740 table public.test_wal: INSERT: id[integer]:1 k[integer]:1
BEGIN 741 table public.test_wal: INSERT: id[integer]:2 k[integer]:2
table public.test_wal: INSERT: id[integer]:3 k[integer]:3 COMMIT 740
table public.test_wal: INSERT: id[integer]:4 k[integer]:4 BEGIN 741
COMMIT 741 table public.test_wal: INSERT: id[integer]:3 k[integer]:3
BEGIN 742 table public.test_wal: INSERT: id[integer]:4 k[integer]:4
table public.test_wal: INSERT: id[integer]:5 k[integer]:5 COMMIT 741
table public.test_wal: INSERT: id[integer]:6 k[integer]:6 BEGIN 742
COMMIT 742 table public.test_wal: INSERT: id[integer]:5 k[integer]:5
BEGIN 743 table public.test_wal: INSERT: id[integer]:6 k[integer]:6
table public.test_wal: INSERT: id[integer]:7 k[integer]:7 COMMIT 742
table public.test_wal: INSERT: id[integer]:8 k[integer]:8 BEGIN 743
COMMIT 743 table public.test_wal: INSERT: id[integer]:7 k[integer]:7
table public.test_wal: INSERT: id[integer]:8 k[integer]:8
COMMIT 743
(18 rows)
SELECT pg_drop_replication_slot('tde_slot'); SELECT pg_drop_replication_slot('tde_slot');
pg_drop_replication_slot
--------------------------
(1 row)
DROP EXTENSION pg_tde; DROP EXTENSION pg_tde;

184
contrib/pg_tde/t/expected/010_change_key_provider.out
Unescape View File

@ -1,50 +1,122 @@
CREATE EXTENSION IF NOT EXISTS pg_tde; CREATE EXTENSION IF NOT EXISTS pg_tde;
SELECT pg_tde_add_database_key_provider_file('file-vault', '/tmp/change_key_provider_1.per'); SELECT pg_tde_add_database_key_provider_file('file-vault', '/tmp/change_key_provider_1.per');
1 pg_tde_add_database_key_provider_file
---------------------------------------
1
(1 row)
SELECT pg_tde_list_all_database_key_providers(); SELECT pg_tde_list_all_database_key_providers();
(1,file-vault,file,"{""type"" : ""file"", ""path"" : ""/tmp/change_key_provider_1.per""}") pg_tde_list_all_database_key_providers
--------------------------------------------------------------------------------------------
(1,file-vault,file,"{""type"" : ""file"", ""path"" : ""/tmp/change_key_provider_1.per""}")
(1 row)
SELECT pg_tde_set_key_using_database_key_provider('test-key', 'file-vault'); SELECT pg_tde_set_key_using_database_key_provider('test-key', 'file-vault');
pg_tde_set_key_using_database_key_provider
--------------------------------------------
(1 row)
CREATE TABLE test_enc (id serial, k integer, PRIMARY KEY (id)) USING tde_heap; CREATE TABLE test_enc (id serial, k integer, PRIMARY KEY (id)) USING tde_heap;
INSERT INTO test_enc (k) VALUES (5), (6); INSERT INTO test_enc (k) VALUES (5), (6);
SELECT pg_tde_verify_key(); SELECT pg_tde_verify_key();
pg_tde_verify_key
-------------------
(1 row)
SELECT pg_tde_is_encrypted('test_enc'); SELECT pg_tde_is_encrypted('test_enc');
t pg_tde_is_encrypted
---------------------
t
(1 row)
SELECT * FROM test_enc ORDER BY id; SELECT * FROM test_enc ORDER BY id;
1|5 id | k
2|6 ----+---
1 | 5
2 | 6
(2 rows)
-- mv /tmp/change_key_provider_1.per /tmp/change_key_provider_2.per -- mv /tmp/change_key_provider_1.per /tmp/change_key_provider_2.per
SELECT pg_tde_change_database_key_provider_file('file-vault', '/tmp/change_key_provider_2.per'); SELECT pg_tde_change_database_key_provider_file('file-vault', '/tmp/change_key_provider_2.per');
1 pg_tde_change_database_key_provider_file
------------------------------------------
1
(1 row)
SELECT pg_tde_list_all_database_key_providers(); SELECT pg_tde_list_all_database_key_providers();
(1,file-vault,file,"{""type"" : ""file"", ""path"" : ""/tmp/change_key_provider_2.per""}") pg_tde_list_all_database_key_providers
--------------------------------------------------------------------------------------------
(1,file-vault,file,"{""type"" : ""file"", ""path"" : ""/tmp/change_key_provider_2.per""}")
(1 row)
SELECT pg_tde_verify_key(); SELECT pg_tde_verify_key();
pg_tde_verify_key
-------------------
(1 row)
SELECT pg_tde_is_encrypted('test_enc'); SELECT pg_tde_is_encrypted('test_enc');
t pg_tde_is_encrypted
---------------------
t
(1 row)
SELECT * FROM test_enc ORDER BY id; SELECT * FROM test_enc ORDER BY id;
1|5 id | k
2|6 ----+---
1 | 5
2 | 6
(2 rows)
-- server restart -- server restart
SELECT pg_tde_verify_key(); SELECT pg_tde_verify_key();
pg_tde_verify_key
-------------------
(1 row)
SELECT pg_tde_is_encrypted('test_enc'); SELECT pg_tde_is_encrypted('test_enc');
t pg_tde_is_encrypted
---------------------
t
(1 row)
SELECT * FROM test_enc ORDER BY id; SELECT * FROM test_enc ORDER BY id;
1|5 id | k
2|6 ----+---
1 | 5
2 | 6
(2 rows)
SELECT pg_tde_change_database_key_provider_file('file-vault', '/tmp/change_key_provider_3.per'); SELECT pg_tde_change_database_key_provider_file('file-vault', '/tmp/change_key_provider_3.per');
1 pg_tde_change_database_key_provider_file
------------------------------------------
1
(1 row)
SELECT pg_tde_list_all_database_key_providers(); SELECT pg_tde_list_all_database_key_providers();
(1,file-vault,file,"{""type"" : ""file"", ""path"" : ""/tmp/change_key_provider_3.per""}") pg_tde_list_all_database_key_providers
--------------------------------------------------------------------------------------------
(1,file-vault,file,"{""type"" : ""file"", ""path"" : ""/tmp/change_key_provider_3.per""}")
(1 row)
SELECT pg_tde_verify_key(); SELECT pg_tde_verify_key();
psql:<stdin>:1: ERROR: failed to retrieve principal key test-key from keyring with ID 1 psql:<stdin>:1: ERROR: failed to retrieve principal key test-key from keyring with ID 1
SELECT pg_tde_is_encrypted('test_enc'); SELECT pg_tde_is_encrypted('test_enc');
t pg_tde_is_encrypted
---------------------
t
(1 row)
SELECT * FROM test_enc ORDER BY id; SELECT * FROM test_enc ORDER BY id;
1|5 id | k
2|6 ----+---
1 | 5
2 | 6
(2 rows)
-- server restart -- server restart
SELECT pg_tde_verify_key(); SELECT pg_tde_verify_key();
psql:<stdin>:1: ERROR: failed to retrieve principal key test-key from keyring with ID 1 psql:<stdin>:1: ERROR: failed to retrieve principal key test-key from keyring with ID 1
@ -55,30 +127,66 @@ psql:<stdin>:1: ERROR: failed to retrieve principal key test-key from keyring w
-- mv /tmp/change_key_provider_2.per /tmp/change_key_provider_3.per -- mv /tmp/change_key_provider_2.per /tmp/change_key_provider_3.per
-- server restart -- server restart
SELECT pg_tde_verify_key(); SELECT pg_tde_verify_key();
pg_tde_verify_key
-------------------
(1 row)
SELECT pg_tde_is_encrypted('test_enc'); SELECT pg_tde_is_encrypted('test_enc');
t pg_tde_is_encrypted
---------------------
t
(1 row)
SELECT * FROM test_enc ORDER BY id; SELECT * FROM test_enc ORDER BY id;
1|5 id | k
2|6 ----+---
1 | 5
2 | 6
(2 rows)
DROP EXTENSION pg_tde CASCADE; DROP EXTENSION pg_tde CASCADE;
psql:<stdin>:1: NOTICE: drop cascades to table test_enc psql:<stdin>:1: NOTICE: drop cascades to table test_enc
CREATE EXTENSION IF NOT EXISTS pg_tde; CREATE EXTENSION IF NOT EXISTS pg_tde;
SELECT pg_tde_add_database_key_provider_file('file-vault', '/tmp/change_key_provider_4.per'); SELECT pg_tde_add_database_key_provider_file('file-vault', '/tmp/change_key_provider_4.per');
1 pg_tde_add_database_key_provider_file
---------------------------------------
1
(1 row)
SELECT pg_tde_set_key_using_database_key_provider('test-key', 'file-vault'); SELECT pg_tde_set_key_using_database_key_provider('test-key', 'file-vault');
pg_tde_set_key_using_database_key_provider
--------------------------------------------
(1 row)
CREATE TABLE test_enc (id serial, k integer, PRIMARY KEY (id)) USING tde_heap; CREATE TABLE test_enc (id serial, k integer, PRIMARY KEY (id)) USING tde_heap;
INSERT INTO test_enc (k) VALUES (5), (6); INSERT INTO test_enc (k) VALUES (5), (6);
SELECT pg_tde_verify_key(); SELECT pg_tde_verify_key();
pg_tde_verify_key
-------------------
(1 row)
SELECT pg_tde_is_encrypted('test_enc'); SELECT pg_tde_is_encrypted('test_enc');
t pg_tde_is_encrypted
---------------------
t
(1 row)
SELECT * FROM test_enc ORDER BY id; SELECT * FROM test_enc ORDER BY id;
1|5 id | k
2|6 ----+---
1 | 5
2 | 6
(2 rows)
SELECT pg_tde_change_database_key_provider_file('file-vault', '/tmp/change_key_provider_3.per'); SELECT pg_tde_change_database_key_provider_file('file-vault', '/tmp/change_key_provider_3.per');
1 pg_tde_change_database_key_provider_file
------------------------------------------
1
(1 row)
-- server restart -- server restart
SELECT pg_tde_verify_key(); SELECT pg_tde_verify_key();
psql:<stdin>:1: ERROR: Failed to verify principal key header for key test-key, incorrect principal key or corrupted key file psql:<stdin>:1: ERROR: Failed to verify principal key header for key test-key, incorrect principal key or corrupted key file
@ -89,13 +197,29 @@ psql:<stdin>:1: ERROR: Failed to verify principal key header for key test-key,
CREATE TABLE test_enc2 (id serial, k integer, PRIMARY KEY (id)) USING tde_heap; CREATE TABLE test_enc2 (id serial, k integer, PRIMARY KEY (id)) USING tde_heap;
psql:<stdin>:1: ERROR: Failed to verify principal key header for key test-key, incorrect principal key or corrupted key file psql:<stdin>:1: ERROR: Failed to verify principal key header for key test-key, incorrect principal key or corrupted key file
SELECT pg_tde_change_database_key_provider_file('file-vault', '/tmp/change_key_provider_4.per'); SELECT pg_tde_change_database_key_provider_file('file-vault', '/tmp/change_key_provider_4.per');
1 pg_tde_change_database_key_provider_file
------------------------------------------
1
(1 row)
SELECT pg_tde_verify_key(); SELECT pg_tde_verify_key();
pg_tde_verify_key
-------------------
(1 row)
SELECT pg_tde_is_encrypted('test_enc'); SELECT pg_tde_is_encrypted('test_enc');
t pg_tde_is_encrypted
---------------------
t
(1 row)
SELECT * FROM test_enc ORDER BY id; SELECT * FROM test_enc ORDER BY id;
1|5 id | k
2|6 ----+---
1 | 5
2 | 6
(2 rows)
DROP EXTENSION pg_tde CASCADE; DROP EXTENSION pg_tde CASCADE;
psql:<stdin>:1: NOTICE: drop cascades to table test_enc psql:<stdin>:1: NOTICE: drop cascades to table test_enc

14
contrib/pg_tde/t/expected/011_unlogged_tables.out
Unescape View File

@ -1,7 +1,15 @@
CREATE EXTENSION IF NOT EXISTS pg_tde; CREATE EXTENSION IF NOT EXISTS pg_tde;
SELECT pg_tde_add_database_key_provider_file('file-vault', '/tmp/unlogged_tables.per'); SELECT pg_tde_add_database_key_provider_file('file-vault', '/tmp/unlogged_tables.per');
1 pg_tde_add_database_key_provider_file
---------------------------------------
1
(1 row)
SELECT pg_tde_set_key_using_database_key_provider('test-key', 'file-vault'); SELECT pg_tde_set_key_using_database_key_provider('test-key', 'file-vault');
pg_tde_set_key_using_database_key_provider
--------------------------------------------
(1 row)
CREATE UNLOGGED TABLE t (x int PRIMARY KEY) USING tde_heap; CREATE UNLOGGED TABLE t (x int PRIMARY KEY) USING tde_heap;
INSERT INTO t SELECT generate_series(1, 4); INSERT INTO t SELECT generate_series(1, 4);
@ -9,4 +17,8 @@ CHECKPOINT;
-- kill -9 -- kill -9
-- server start -- server start
TABLE t; TABLE t;
x
---
(0 rows)
INSERT INTO t SELECT generate_series(1, 4); INSERT INTO t SELECT generate_series(1, 4);

2
contrib/pg_tde/t/pgtde.pm
Unescape View File

@ -61,7 +61,7 @@ sub psql
{ {
my ($node, $dbname, $sql) = @_; my ($node, $dbname, $sql) = @_;
my (undef, $stdout, $stderr) = $node->psql($dbname, $sql, extra_params => ['-a']); my (undef, $stdout, $stderr) = $node->psql($dbname, $sql, extra_params => ['-a', '-Pformat=aligned', '-Ptuples_only=off']);
if ($stdout ne '') { if ($stdout ne '') {
append_to_result_file($stdout); append_to_result_file($stdout);

Write Preview
Loading…
Cancel
Save