open-dsi
/
postgres
mirror of https://github.com/postgres/postgres
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Convert output of TAP tests to be more like pg_regress

Browse Source 
This improves readbility of diffs a lot.
pull/220/head
Andreas Karlsson 5 months ago committed by Andreas Karlsson
parent 908d0776ba
commit 832cbb4f4d
11 changed files with 547 additions and 135 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 32
      contrib/pg_tde/t/expected/001_basic.out
  2. 164
      contrib/pg_tde/t/expected/002_rotate_key.out
  3. 26
      contrib/pg_tde/t/expected/003_remote_config.out
  4. 26
      contrib/pg_tde/t/expected/004_file_config.out
  5. 26
      contrib/pg_tde/t/expected/006_remote_vault_config.out
  6. 90
      contrib/pg_tde/t/expected/007_tde_heap.out
  7. 34
      contrib/pg_tde/t/expected/008_key_rotate_tablespace.out
  8. 84
      contrib/pg_tde/t/expected/009_wal_encrypt.out
  9. 184
      contrib/pg_tde/t/expected/010_change_key_provider.out
  10. 14
      contrib/pg_tde/t/expected/011_unlogged_tables.out
  11. 2
      contrib/pg_tde/t/pgtde.pm

32
contrib/pg_tde/t/expected/001_basic.out
Unescape View File

@ -1,23 +1,43 @@
CREATE EXTENSION IF NOT EXISTS pg_tde;
SELECT extname, extversion FROM pg_extension WHERE extname = 'pg_tde';
pg_tde|1.0-rc
extname | extversion
---------+------------
pg_tde | 1.0-rc
(1 row)
CREATE TABLE test_enc(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap;
psql:<stdin>:1: ERROR: principal key not configured
HINT: create one using pg_tde_set_key before using encrypted tables
-- server restart
SELECT pg_tde_add_database_key_provider_file('file-vault','/tmp/pg_tde_test_keyring.per');
1
pg_tde_add_database_key_provider_file
---------------------------------------
1
(1 row)
SELECT pg_tde_set_key_using_database_key_provider('test-db-key','file-vault');
pg_tde_set_key_using_database_key_provider
--------------------------------------------
(1 row)
CREATE TABLE test_enc(id SERIAL,k VARCHAR(32),PRIMARY KEY (id)) USING tde_heap;
INSERT INTO test_enc (k) VALUES ('foobar'),('barfoo');
SELECT * FROM test_enc ORDER BY id ASC;
1|foobar
2|barfoo
id | k
----+--------
1 | foobar
2 | barfoo
(2 rows)
-- server restart
SELECT * FROM test_enc ORDER BY id ASC;
1|foobar
2|barfoo
id | k
----+--------
1 | foobar
2 | barfoo
(2 rows)
TABLEFILE FOUND: yes
CONTAINS FOO (should be empty):

164
contrib/pg_tde/t/expected/002_rotate_key.out
Unescape View File

@ -4,92 +4,196 @@ psql:<stdin>:1: ERROR: principal key not configured
HINT: create one using pg_tde_set_key before using encrypted tables
-- server restart
SELECT pg_tde_add_database_key_provider_file('file-vault','/tmp/pg_tde_test_keyring.per');
1
pg_tde_add_database_key_provider_file
---------------------------------------
1
(1 row)
SELECT pg_tde_add_database_key_provider_file('file-2','/tmp/pg_tde_test_keyring_2.per');
2
pg_tde_add_database_key_provider_file
---------------------------------------
2
(1 row)
SELECT pg_tde_add_global_key_provider_file('file-2','/tmp/pg_tde_test_keyring_2g.per');
-1
pg_tde_add_global_key_provider_file
-------------------------------------
-1
(1 row)
SELECT pg_tde_add_global_key_provider_file('file-3','/tmp/pg_tde_test_keyring_3.per');
-2
pg_tde_add_global_key_provider_file
-------------------------------------
-2
(1 row)
SELECT pg_tde_list_all_database_key_providers();
(1,file-vault,file,"{""type"" : ""file"", ""path"" : ""/tmp/pg_tde_test_keyring.per""}")
(2,file-2,file,"{""type"" : ""file"", ""path"" : ""/tmp/pg_tde_test_keyring_2.per""}")
pg_tde_list_all_database_key_providers
------------------------------------------------------------------------------------------
(1,file-vault,file,"{""type"" : ""file"", ""path"" : ""/tmp/pg_tde_test_keyring.per""}")
(2,file-2,file,"{""type"" : ""file"", ""path"" : ""/tmp/pg_tde_test_keyring_2.per""}")
(2 rows)
SELECT pg_tde_set_key_using_database_key_provider('test-db-key','file-vault');
pg_tde_set_key_using_database_key_provider
--------------------------------------------
(1 row)
CREATE TABLE test_enc(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap;
INSERT INTO test_enc (k) VALUES (5),(6);
SELECT * FROM test_enc ORDER BY id ASC;
1|5
2|6
id | k
----+---
1 | 5
2 | 6
(2 rows)
SELECT pg_tde_set_key_using_database_key_provider('rotated-key1');
pg_tde_set_key_using_database_key_provider
--------------------------------------------
(1 row)
SELECT * FROM test_enc ORDER BY id ASC;
1|5
2|6
id | k
----+---
1 | 5
2 | 6
(2 rows)
-- server restart
SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_key_info();
1|file-vault|rotated-key1
key_provider_id | key_provider_name | key_name
-----------------+-------------------+--------------
1 | file-vault | rotated-key1
(1 row)
SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_server_key_info();
psql:<stdin>:1: ERROR: Principal key does not exists for the database
HINT: Use set_key interface to set the principal key
SELECT * FROM test_enc ORDER BY id ASC;
1|5
2|6
id | k
----+---
1 | 5
2 | 6
(2 rows)
SELECT pg_tde_set_key_using_database_key_provider('rotated-key2','file-2');
pg_tde_set_key_using_database_key_provider
--------------------------------------------
(1 row)
SELECT * FROM test_enc ORDER BY id ASC;
1|5
2|6
id | k
----+---
1 | 5
2 | 6
(2 rows)
-- server restart
SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_key_info();
2|file-2|rotated-key2
key_provider_id | key_provider_name | key_name
-----------------+-------------------+--------------
2 | file-2 | rotated-key2
(1 row)
SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_server_key_info();
psql:<stdin>:1: ERROR: Principal key does not exists for the database
HINT: Use set_key interface to set the principal key
SELECT * FROM test_enc ORDER BY id ASC;
1|5
2|6
id | k
----+---
1 | 5
2 | 6
(2 rows)
SELECT pg_tde_set_key_using_global_key_provider('rotated-key', 'file-3', false);
pg_tde_set_key_using_global_key_provider
------------------------------------------
(1 row)
SELECT * FROM test_enc ORDER BY id ASC;
1|5
2|6
id | k
----+---
1 | 5
2 | 6
(2 rows)
-- server restart
SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_key_info();
-2|file-3|rotated-key
key_provider_id | key_provider_name | key_name
-----------------+-------------------+-------------
-2 | file-3 | rotated-key
(1 row)
SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_server_key_info();
psql:<stdin>:1: ERROR: Principal key does not exists for the database
HINT: Use set_key interface to set the principal key
SELECT * FROM test_enc ORDER BY id ASC;
1|5
2|6
id | k
----+---
1 | 5
2 | 6
(2 rows)
SELECT pg_tde_set_key_using_global_key_provider('rotated-keyX', 'file-2', false);
pg_tde_set_key_using_global_key_provider
------------------------------------------
(1 row)
SELECT * FROM test_enc ORDER BY id ASC;
1|5
2|6
id | k
----+---
1 | 5
2 | 6
(2 rows)
-- server restart
SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_key_info();
-1|file-2|rotated-keyX
key_provider_id | key_provider_name | key_name
-----------------+-------------------+--------------
-1 | file-2 | rotated-keyX
(1 row)
SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_server_key_info();
psql:<stdin>:1: ERROR: Principal key does not exists for the database
HINT: Use set_key interface to set the principal key
SELECT * FROM test_enc ORDER BY id ASC;
1|5
2|6
id | k
----+---
1 | 5
2 | 6
(2 rows)
ALTER SYSTEM SET pg_tde.inherit_global_providers = OFF;
-- server restart
SELECT pg_tde_set_key_using_global_key_provider('rotated-keyX2', 'file-2', false);
psql:<stdin>:1: ERROR: Usage of global key providers is disabled. Enable it with pg_tde.inherit_global_providers = ON
SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_key_info();
-1|file-2|rotated-keyX
key_provider_id | key_provider_name | key_name
-----------------+-------------------+--------------
-1 | file-2 | rotated-keyX
(1 row)
SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_server_key_info();
psql:<stdin>:1: ERROR: Principal key does not exists for the database
HINT: Use set_key interface to set the principal key
SELECT pg_tde_set_key_using_database_key_provider('rotated-key2','file-2');
pg_tde_set_key_using_database_key_provider
--------------------------------------------
(1 row)
SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_key_info();
2|file-2|rotated-key2
key_provider_id | key_provider_name | key_name
-----------------+-------------------+--------------
2 | file-2 | rotated-key2
(1 row)
SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_server_key_info();
psql:<stdin>:1: ERROR: Principal key does not exists for the database
HINT: Use set_key interface to set the principal key

26
contrib/pg_tde/t/expected/003_remote_config.out
Unescape View File

@ -1,16 +1,32 @@
CREATE EXTENSION IF NOT EXISTS pg_tde;
SELECT pg_tde_add_database_key_provider_file('file-provider', json_object( 'type' VALUE 'remote', 'url' VALUE 'http://localhost:8888/hello' ));
1
pg_tde_add_database_key_provider_file
---------------------------------------
1
(1 row)
SELECT pg_tde_set_key_using_database_key_provider('test-db-key','file-provider');
pg_tde_set_key_using_database_key_provider
--------------------------------------------
(1 row)
CREATE TABLE test_enc2(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap;
INSERT INTO test_enc2 (k) VALUES (5),(6);
SELECT * FROM test_enc2 ORDER BY id ASC;
1|5
2|6
id | k
----+---
1 | 5
2 | 6
(2 rows)
-- server restart
SELECT * FROM test_enc2 ORDER BY id ASC;
1|5
2|6
id | k
----+---
1 | 5
2 | 6
(2 rows)
DROP TABLE test_enc2;
DROP EXTENSION pg_tde;

26
contrib/pg_tde/t/expected/004_file_config.out
Unescape View File

@ -1,16 +1,32 @@
CREATE EXTENSION IF NOT EXISTS pg_tde;
SELECT pg_tde_add_database_key_provider_file('file-provider', json_object( 'type' VALUE 'file', 'path' VALUE '/tmp/datafile-location' ));
1
pg_tde_add_database_key_provider_file
---------------------------------------
1
(1 row)
SELECT pg_tde_set_key_using_database_key_provider('test-db-key','file-provider');
pg_tde_set_key_using_database_key_provider
--------------------------------------------
(1 row)
CREATE TABLE test_enc1(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap;
INSERT INTO test_enc1 (k) VALUES (5),(6);
SELECT * FROM test_enc1 ORDER BY id ASC;
1|5
2|6
id | k
----+---
1 | 5
2 | 6
(2 rows)
-- server restart
SELECT * FROM test_enc1 ORDER BY id ASC;
1|5
2|6
id | k
----+---
1 | 5
2 | 6
(2 rows)
DROP TABLE test_enc1;
DROP EXTENSION pg_tde;

26
contrib/pg_tde/t/expected/006_remote_vault_config.out
Unescape View File

@ -1,16 +1,32 @@
CREATE EXTENSION IF NOT EXISTS pg_tde;
SELECT pg_tde_add_database_key_provider_vault_v2('vault-provider', json_object( 'type' VALUE 'remote', 'url' VALUE 'http://localhost:8889/token' ), json_object( 'type' VALUE 'remote', 'url' VALUE 'http://localhost:8889/url' ), to_json('secret'::text), NULL);
1
pg_tde_add_database_key_provider_vault_v2
-------------------------------------------
1
(1 row)
SELECT pg_tde_set_key_using_database_key_provider('test-db-key','vault-provider');
pg_tde_set_key_using_database_key_provider
--------------------------------------------
(1 row)
CREATE TABLE test_enc2(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap;
INSERT INTO test_enc2 (k) VALUES (5),(6);
SELECT * FROM test_enc2 ORDER BY id ASC;
1|5
2|6
id | k
----+---
1 | 5
2 | 6
(2 rows)
-- server restart
SELECT * FROM test_enc2 ORDER BY id ASC;
1|5
2|6
id | k
----+---
1 | 5
2 | 6
(2 rows)
DROP TABLE test_enc2;
DROP EXTENSION pg_tde;

90
contrib/pg_tde/t/expected/007_tde_heap.out
Unescape View File

@ -4,68 +4,116 @@ psql:<stdin>:1: ERROR: principal key not configured
HINT: create one using pg_tde_set_key before using encrypted tables
-- server restart
SELECT pg_tde_add_database_key_provider_file('file-vault','/tmp/pg_tde_test_keyring.per');
1
pg_tde_add_database_key_provider_file
---------------------------------------
1
(1 row)
SELECT pg_tde_set_key_using_database_key_provider('test-db-key','file-vault');
pg_tde_set_key_using_database_key_provider
--------------------------------------------
(1 row)
CREATE TABLE test_enc1(id SERIAL,k VARCHAR(32),PRIMARY KEY (id)) USING tde_heap;
INSERT INTO test_enc1 (k) VALUES ('foobar'),('barfoo');
SELECT * FROM test_enc1 ORDER BY id ASC;
1|foobar
2|barfoo
id | k
----+--------
1 | foobar
2 | barfoo
(2 rows)
CREATE TABLE test_enc2(id SERIAL,k VARCHAR(32),PRIMARY KEY (id));
INSERT INTO test_enc2 (k) VALUES ('foobar'),('barfoo');
ALTER TABLE test_enc2 SET ACCESS METHOD tde_heap;
SELECT * FROM test_enc2 ORDER BY id ASC;
1|foobar
2|barfoo
id | k
----+--------
1 | foobar
2 | barfoo
(2 rows)
SET default_table_access_method = "tde_heap"; CREATE TABLE test_enc3(id SERIAL,k VARCHAR(32),PRIMARY KEY (id));
INSERT INTO test_enc3 (k) VALUES ('foobar'),('barfoo');
SELECT * FROM test_enc3 ORDER BY id ASC;
1|foobar
2|barfoo
id | k
----+--------
1 | foobar
2 | barfoo
(2 rows)
CREATE TABLE test_enc4(id SERIAL,k VARCHAR(32),PRIMARY KEY (id)) USING heap;
INSERT INTO test_enc4 (k) VALUES ('foobar'),('barfoo');
SET default_table_access_method = "tde_heap"; ALTER TABLE test_enc4 SET ACCESS METHOD DEFAULT;
SELECT * FROM test_enc4 ORDER BY id ASC;
1|foobar
2|barfoo
id | k
----+--------
1 | foobar
2 | barfoo
(2 rows)
CREATE TABLE test_enc5(id SERIAL,k VARCHAR(32),PRIMARY KEY (id)) USING tde_heap;
INSERT INTO test_enc5 (k) VALUES ('foobar'),('barfoo');
CHECKPOINT;
TRUNCATE test_enc5;
INSERT INTO test_enc5 (k) VALUES ('foobar'),('barfoo');
SELECT * FROM test_enc5 ORDER BY id ASC;
3|foobar
4|barfoo
id | k
----+--------
3 | foobar
4 | barfoo
(2 rows)
-- server restart
###########################
SELECT * FROM test_enc1 ORDER BY id ASC;
1|foobar
2|barfoo
id | k
----+--------
1 | foobar
2 | barfoo
(2 rows)
TABLEFILE FOR test_enc1 FOUND: yes
CONTAINS FOO (should be empty):
###########################
SELECT * FROM test_enc2 ORDER BY id ASC;
1|foobar
2|barfoo
id | k
----+--------
1 | foobar
2 | barfoo
(2 rows)
TABLEFILE FOR test_enc2 FOUND: yes
CONTAINS FOO (should be empty):
###########################
SELECT * FROM test_enc3 ORDER BY id ASC;
1|foobar
2|barfoo
id | k
----+--------
1 | foobar
2 | barfoo
(2 rows)
TABLEFILE FOR test_enc3 FOUND: yes
CONTAINS FOO (should be empty):
###########################
SELECT * FROM test_enc4 ORDER BY id ASC;
1|foobar
2|barfoo
id | k
----+--------
1 | foobar
2 | barfoo
(2 rows)
TABLEFILE FOR test_enc4 FOUND: yes
CONTAINS FOO (should be empty):
###########################
SELECT * FROM test_enc5 ORDER BY id ASC;
3|foobar
4|barfoo
id | k
----+--------
3 | foobar
4 | barfoo
(2 rows)
TABLEFILE FOR test_enc5 FOUND: yes
CONTAINS FOO (should be empty):
TABLEFILE2 FOUND: yes

34
contrib/pg_tde/t/expected/008_key_rotate_tablespace.out
Unescape View File

@ -2,8 +2,16 @@ SET allow_in_place_tablespaces = true; CREATE TABLESPACE test_tblspace LOCATION
CREATE DATABASE tbc TABLESPACE = test_tblspace;
CREATE EXTENSION IF NOT EXISTS pg_tde;
SELECT pg_tde_add_database_key_provider_file('file-vault','/tmp/pg_tde_test_keyring.per');
1
pg_tde_add_database_key_provider_file
---------------------------------------
1
(1 row)
SELECT pg_tde_set_key_using_database_key_provider('test-db-key','file-vault');
pg_tde_set_key_using_database_key_provider
--------------------------------------------
(1 row)
CREATE TABLE country_table (
country_id serial primary key,
@ -15,16 +23,28 @@ INSERT INTO country_table (country_name, continent)
('UK', 'Europe'),
('USA', 'North America');
SELECT * FROM country_table;
1|Japan|Asia
2|UK|Europe
3|USA|North America
country_id | country_name | continent
------------+--------------+---------------
1 | Japan | Asia
2 | UK | Europe
3 | USA | North America
(3 rows)
SELECT pg_tde_set_key_using_database_key_provider('new-k', 'file-vault');
pg_tde_set_key_using_database_key_provider
--------------------------------------------
(1 row)
-- server restart
SELECT * FROM country_table;
1|Japan|Asia
2|UK|Europe
3|USA|North America
country_id | country_name | continent
------------+--------------+---------------
1 | Japan | Asia
2 | UK | Europe
3 | USA | North America
(3 rows)
DROP EXTENSION pg_tde CASCADE;
psql:<stdin>:1: NOTICE: drop cascades to table country_table
DROP DATABASE tbc;

84
contrib/pg_tde/t/expected/009_wal_encrypt.out
Unescape View File

@ -1,49 +1,85 @@
CREATE EXTENSION IF NOT EXISTS pg_tde;
SELECT pg_tde_add_global_key_provider_file('file-keyring-010','/tmp/pg_tde_test_keyring010.per');
-1
pg_tde_add_global_key_provider_file
-------------------------------------
-1
(1 row)
SELECT pg_tde_set_server_key_using_global_key_provider('server-key', 'file-keyring-010');
pg_tde_set_server_key_using_global_key_provider
-------------------------------------------------
(1 row)
ALTER SYSTEM SET pg_tde.wal_encrypt = on;
-- server restart with wal encryption
SHOW pg_tde.wal_encrypt;
on
pg_tde.wal_encrypt
--------------------
on
(1 row)
SELECT slot_name FROM pg_create_logical_replication_slot('tde_slot', 'test_decoding');
tde_slot
slot_name
-----------
tde_slot
(1 row)
CREATE TABLE test_wal (id SERIAL, k INTEGER, PRIMARY KEY (id));
INSERT INTO test_wal (k) VALUES (1), (2);
ALTER SYSTEM SET pg_tde.wal_encrypt = off;
-- server restart without wal encryption
SHOW pg_tde.wal_encrypt;
off
pg_tde.wal_encrypt
--------------------
off
(1 row)
INSERT INTO test_wal (k) VALUES (3), (4);
ALTER SYSTEM SET pg_tde.wal_encrypt = on;
-- server restart with wal encryption
SHOW pg_tde.wal_encrypt;
on
pg_tde.wal_encrypt
--------------------
on
(1 row)
INSERT INTO test_wal (k) VALUES (5), (6);
-- server restart with still wal encryption
SHOW pg_tde.wal_encrypt;
on
pg_tde.wal_encrypt
--------------------
on
(1 row)
INSERT INTO test_wal (k) VALUES (7), (8);
SELECT data FROM pg_logical_slot_get_changes('tde_slot', NULL, NULL);
BEGIN 739
COMMIT 739
BEGIN 740
table public.test_wal: INSERT: id[integer]:1 k[integer]:1
table public.test_wal: INSERT: id[integer]:2 k[integer]:2
COMMIT 740
BEGIN 741
table public.test_wal: INSERT: id[integer]:3 k[integer]:3
table public.test_wal: INSERT: id[integer]:4 k[integer]:4
COMMIT 741
BEGIN 742
table public.test_wal: INSERT: id[integer]:5 k[integer]:5
table public.test_wal: INSERT: id[integer]:6 k[integer]:6
COMMIT 742
BEGIN 743
table public.test_wal: INSERT: id[integer]:7 k[integer]:7
table public.test_wal: INSERT: id[integer]:8 k[integer]:8
COMMIT 743
data
-----------------------------------------------------------
BEGIN 739
COMMIT 739
BEGIN 740
table public.test_wal: INSERT: id[integer]:1 k[integer]:1
table public.test_wal: INSERT: id[integer]:2 k[integer]:2
COMMIT 740
BEGIN 741
table public.test_wal: INSERT: id[integer]:3 k[integer]:3
table public.test_wal: INSERT: id[integer]:4 k[integer]:4
COMMIT 741
BEGIN 742
table public.test_wal: INSERT: id[integer]:5 k[integer]:5
table public.test_wal: INSERT: id[integer]:6 k[integer]:6
COMMIT 742
BEGIN 743
table public.test_wal: INSERT: id[integer]:7 k[integer]:7
table public.test_wal: INSERT: id[integer]:8 k[integer]:8
COMMIT 743
(18 rows)
SELECT pg_drop_replication_slot('tde_slot');
pg_drop_replication_slot
--------------------------
(1 row)
DROP EXTENSION pg_tde;

184
contrib/pg_tde/t/expected/010_change_key_provider.out
Unescape View File

@ -1,50 +1,122 @@
CREATE EXTENSION IF NOT EXISTS pg_tde;
SELECT pg_tde_add_database_key_provider_file('file-vault', '/tmp/change_key_provider_1.per');
1
pg_tde_add_database_key_provider_file
---------------------------------------
1
(1 row)
SELECT pg_tde_list_all_database_key_providers();
(1,file-vault,file,"{""type"" : ""file"", ""path"" : ""/tmp/change_key_provider_1.per""}")
pg_tde_list_all_database_key_providers
--------------------------------------------------------------------------------------------
(1,file-vault,file,"{""type"" : ""file"", ""path"" : ""/tmp/change_key_provider_1.per""}")
(1 row)
SELECT pg_tde_set_key_using_database_key_provider('test-key', 'file-vault');
pg_tde_set_key_using_database_key_provider
--------------------------------------------
(1 row)
CREATE TABLE test_enc (id serial, k integer, PRIMARY KEY (id)) USING tde_heap;
INSERT INTO test_enc (k) VALUES (5), (6);
SELECT pg_tde_verify_key();
pg_tde_verify_key
-------------------
(1 row)
SELECT pg_tde_is_encrypted('test_enc');
t
pg_tde_is_encrypted
---------------------
t
(1 row)
SELECT * FROM test_enc ORDER BY id;
1|5
2|6
id | k
----+---
1 | 5
2 | 6
(2 rows)
-- mv /tmp/change_key_provider_1.per /tmp/change_key_provider_2.per
SELECT pg_tde_change_database_key_provider_file('file-vault', '/tmp/change_key_provider_2.per');
1
pg_tde_change_database_key_provider_file
------------------------------------------
1
(1 row)
SELECT pg_tde_list_all_database_key_providers();
(1,file-vault,file,"{""type"" : ""file"", ""path"" : ""/tmp/change_key_provider_2.per""}")
pg_tde_list_all_database_key_providers
--------------------------------------------------------------------------------------------
(1,file-vault,file,"{""type"" : ""file"", ""path"" : ""/tmp/change_key_provider_2.per""}")
(1 row)
SELECT pg_tde_verify_key();
pg_tde_verify_key
-------------------
(1 row)
SELECT pg_tde_is_encrypted('test_enc');
t
pg_tde_is_encrypted
---------------------
t
(1 row)
SELECT * FROM test_enc ORDER BY id;
1|5
2|6
id | k
----+---
1 | 5
2 | 6
(2 rows)
-- server restart
SELECT pg_tde_verify_key();
pg_tde_verify_key
-------------------
(1 row)
SELECT pg_tde_is_encrypted('test_enc');
t
pg_tde_is_encrypted
---------------------
t
(1 row)
SELECT * FROM test_enc ORDER BY id;
1|5
2|6
id | k
----+---
1 | 5
2 | 6
(2 rows)
SELECT pg_tde_change_database_key_provider_file('file-vault', '/tmp/change_key_provider_3.per');
1
pg_tde_change_database_key_provider_file
------------------------------------------
1
(1 row)
SELECT pg_tde_list_all_database_key_providers();
(1,file-vault,file,"{""type"" : ""file"", ""path"" : ""/tmp/change_key_provider_3.per""}")
pg_tde_list_all_database_key_providers
--------------------------------------------------------------------------------------------
(1,file-vault,file,"{""type"" : ""file"", ""path"" : ""/tmp/change_key_provider_3.per""}")
(1 row)
SELECT pg_tde_verify_key();
psql:<stdin>:1: ERROR: failed to retrieve principal key test-key from keyring with ID 1
SELECT pg_tde_is_encrypted('test_enc');
t
pg_tde_is_encrypted
---------------------
t
(1 row)
SELECT * FROM test_enc ORDER BY id;
1|5
2|6
id | k
----+---
1 | 5
2 | 6
(2 rows)
-- server restart
SELECT pg_tde_verify_key();
psql:<stdin>:1: ERROR: failed to retrieve principal key test-key from keyring with ID 1
@ -55,30 +127,66 @@ psql:<stdin>:1: ERROR: failed to retrieve principal key test-key from keyring w
-- mv /tmp/change_key_provider_2.per /tmp/change_key_provider_3.per
-- server restart
SELECT pg_tde_verify_key();
pg_tde_verify_key
-------------------
(1 row)
SELECT pg_tde_is_encrypted('test_enc');
t
pg_tde_is_encrypted
---------------------
t
(1 row)
SELECT * FROM test_enc ORDER BY id;
1|5
2|6
id | k
----+---
1 | 5
2 | 6
(2 rows)
DROP EXTENSION pg_tde CASCADE;
psql:<stdin>:1: NOTICE: drop cascades to table test_enc
CREATE EXTENSION IF NOT EXISTS pg_tde;
SELECT pg_tde_add_database_key_provider_file('file-vault', '/tmp/change_key_provider_4.per');
1
pg_tde_add_database_key_provider_file
---------------------------------------
1
(1 row)
SELECT pg_tde_set_key_using_database_key_provider('test-key', 'file-vault');
pg_tde_set_key_using_database_key_provider
--------------------------------------------
(1 row)
CREATE TABLE test_enc (id serial, k integer, PRIMARY KEY (id)) USING tde_heap;
INSERT INTO test_enc (k) VALUES (5), (6);
SELECT pg_tde_verify_key();
pg_tde_verify_key
-------------------
(1 row)
SELECT pg_tde_is_encrypted('test_enc');
t
pg_tde_is_encrypted
---------------------
t
(1 row)
SELECT * FROM test_enc ORDER BY id;
1|5
2|6
id | k
----+---
1 | 5
2 | 6
(2 rows)
SELECT pg_tde_change_database_key_provider_file('file-vault', '/tmp/change_key_provider_3.per');
1
pg_tde_change_database_key_provider_file
------------------------------------------
1
(1 row)
-- server restart
SELECT pg_tde_verify_key();
psql:<stdin>:1: ERROR: Failed to verify principal key header for key test-key, incorrect principal key or corrupted key file
@ -89,13 +197,29 @@ psql:<stdin>:1: ERROR: Failed to verify principal key header for key test-key,
CREATE TABLE test_enc2 (id serial, k integer, PRIMARY KEY (id)) USING tde_heap;
psql:<stdin>:1: ERROR: Failed to verify principal key header for key test-key, incorrect principal key or corrupted key file
SELECT pg_tde_change_database_key_provider_file('file-vault', '/tmp/change_key_provider_4.per');
1
pg_tde_change_database_key_provider_file
------------------------------------------
1
(1 row)
SELECT pg_tde_verify_key();
pg_tde_verify_key
-------------------
(1 row)
SELECT pg_tde_is_encrypted('test_enc');
t
pg_tde_is_encrypted
---------------------
t
(1 row)
SELECT * FROM test_enc ORDER BY id;
1|5
2|6
id | k
----+---
1 | 5
2 | 6
(2 rows)
DROP EXTENSION pg_tde CASCADE;
psql:<stdin>:1: NOTICE: drop cascades to table test_enc

14
contrib/pg_tde/t/expected/011_unlogged_tables.out
Unescape View File

@ -1,7 +1,15 @@
CREATE EXTENSION IF NOT EXISTS pg_tde;
SELECT pg_tde_add_database_key_provider_file('file-vault', '/tmp/unlogged_tables.per');
1
pg_tde_add_database_key_provider_file
---------------------------------------
1
(1 row)
SELECT pg_tde_set_key_using_database_key_provider('test-key', 'file-vault');
pg_tde_set_key_using_database_key_provider
--------------------------------------------
(1 row)
CREATE UNLOGGED TABLE t (x int PRIMARY KEY) USING tde_heap;
INSERT INTO t SELECT generate_series(1, 4);
@ -9,4 +17,8 @@ CHECKPOINT;
-- kill -9
-- server start
TABLE t;
x
---
(0 rows)
INSERT INTO t SELECT generate_series(1, 4);

2
contrib/pg_tde/t/pgtde.pm
Unescape View File

@ -61,7 +61,7 @@ sub psql
{
my ($node, $dbname, $sql) = @_;
my (undef, $stdout, $stderr) = $node->psql($dbname, $sql, extra_params => ['-a']);
my (undef, $stdout, $stderr) = $node->psql($dbname, $sql, extra_params => ['-a', '-Pformat=aligned', '-Ptuples_only=off']);
if ($stdout ne '') {
append_to_result_file($stdout);

Write Preview
Loading…
Cancel
Save