open-dsi
/
postgres
mirror of https://github.com/postgres/postgres
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add test helper to TAP tests which runs psql and appends

Browse Source 
This simplifies working with tests a lot since now we will also always
get the errors from failed queries directly in the test output instead
of it being truncated when the TAP tests aborts due to the query
failing.

There is still a good case for why we should instead write idiomatic TAP
tests but this at least does a lot to improve the expereince of people
who have to work with these tests without changing the way the tests
work. Plus that the code is cleaner now so it should be easier to move
away from this way of testing in the future.
pull/220/head
Andreas Karlsson 5 months ago committed by Andreas Karlsson
parent 891adb150c
commit b190cd0985
20 changed files with 269 additions and 456 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 35
      contrib/pg_tde/t/001_basic.pl
  2. 137
      contrib/pg_tde/t/002_rotate_key.pl
  3. 27
      contrib/pg_tde/t/003_remote_config.pl
  4. 27
      contrib/pg_tde/t/004_file_config.pl
  5. 1
      contrib/pg_tde/t/005_multiple_extensions.pl
  6. 27
      contrib/pg_tde/t/006_remote_vault_config.pl
  7. 96
      contrib/pg_tde/t/007_tde_heap.pl
  8. 46
      contrib/pg_tde/t/008_key_rotate_tablespace.pl
  9. 57
      contrib/pg_tde/t/009_wal_encrypt.pl
  10. 173
      contrib/pg_tde/t/010_change_key_provider.pl
  11. 25
      contrib/pg_tde/t/011_unlogged_tables.pl
  12. 7
      contrib/pg_tde/t/expected/001_basic.out
  13. 7
      contrib/pg_tde/t/expected/002_rotate_key.out
  14. 4
      contrib/pg_tde/t/expected/003_remote_config.out
  15. 4
      contrib/pg_tde/t/expected/004_file_config.out
  16. 4
      contrib/pg_tde/t/expected/006_remote_vault_config.out
  17. 9
      contrib/pg_tde/t/expected/007_tde_heap.out
  18. 21
      contrib/pg_tde/t/expected/008_key_rotate_tablespace.out
  19. 3
      contrib/pg_tde/t/expected/010_change_key_provider.out
  20. 15
      contrib/pg_tde/t/pgtde.pm

35
contrib/pg_tde/t/001_basic.pl
Unescape View File

@ -19,41 +19,33 @@ close $conf;
my $rt_value = $node->start; my $rt_value = $node->start;
ok($rt_value == 1, "Start Server"); ok($rt_value == 1, "Start Server");
my ($cmdret, $stdout, $stderr) = $node->psql('postgres', 'CREATE EXTENSION IF NOT EXISTS pg_tde;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'CREATE EXTENSION IF NOT EXISTS pg_tde;');
ok($cmdret == 0, "CREATE PGTDE EXTENSION");
PGTDE::append_to_file($stdout);
my ($cmdret, $stdout, $stderr) = $node->psql('postgres', 'SELECT extname, extversion FROM pg_extension WHERE extname = \'pg_tde\';', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'SELECT extname, extversion FROM pg_extension WHERE extname = \'pg_tde\';');
ok($cmdret == 0, "SELECT PGTDE VERSION");
PGTDE::append_to_file($stdout);
$rt_value = $node->psql('postgres', 'CREATE TABLE test_enc(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'CREATE TABLE test_enc(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap;');
ok($rt_value == 3, "Failing query");
PGTDE::append_to_file("-- server restart"); PGTDE::append_to_file("-- server restart");
$node->stop(); $node->stop();
$rt_value = $node->start(); $rt_value = $node->start();
ok($rt_value == 1, "Restart Server"); ok($rt_value == 1, "Restart Server");
$rt_value = $node->psql('postgres', "SELECT pg_tde_add_database_key_provider_file('file-vault','/tmp/pg_tde_test_keyring.per');", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT pg_tde_add_database_key_provider_file('file-vault','/tmp/pg_tde_test_keyring.per');");
$rt_value = $node->psql('postgres', "SELECT pg_tde_set_key_using_database_key_provider('test-db-key','file-vault');", extra_params => ['-a']);
$stdout = $node->safe_psql('postgres', 'CREATE TABLE test_enc(id SERIAL,k VARCHAR(32),PRIMARY KEY (id)) USING tde_heap;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT pg_tde_set_key_using_database_key_provider('test-db-key','file-vault');");
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'INSERT INTO test_enc (k) VALUES (\'foobar\'),(\'barfoo\');', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'CREATE TABLE test_enc(id SERIAL,k VARCHAR(32),PRIMARY KEY (id)) USING tde_heap;');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'SELECT * FROM test_enc ORDER BY id ASC;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'INSERT INTO test_enc (k) VALUES (\'foobar\'),(\'barfoo\');');
PGTDE::append_to_file($stdout);
PGTDE::psql($node, 'postgres', 'SELECT * FROM test_enc ORDER BY id ASC;');
PGTDE::append_to_file("-- server restart"); PGTDE::append_to_file("-- server restart");
$node->stop(); $node->stop();
$rt_value = $node->start(); $rt_value = $node->start();
ok($rt_value == 1, "Restart Server"); ok($rt_value == 1, "Restart Server");
$stdout = $node->safe_psql('postgres', 'SELECT * FROM test_enc ORDER BY id ASC;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'SELECT * FROM test_enc ORDER BY id ASC;');
PGTDE::append_to_file($stdout);
# Verify that we can't see the data in the file # Verify that we can't see the data in the file
my $tablefile = $node->safe_psql('postgres', 'SHOW data_directory;'); my $tablefile = $node->safe_psql('postgres', 'SHOW data_directory;');
@ -68,12 +60,9 @@ $strings = 'CONTAINS FOO (should be empty): ';
$strings .= `strings $tablefile | grep foo`; $strings .= `strings $tablefile | grep foo`;
PGTDE::append_to_file($strings); PGTDE::append_to_file($strings);
$stdout = $node->safe_psql('postgres', 'DROP TABLE test_enc;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'DROP TABLE test_enc;');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'DROP EXTENSION pg_tde;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'DROP EXTENSION pg_tde;');
ok($cmdret == 0, "DROP PGTDE EXTENSION");
PGTDE::append_to_file($stdout);
$node->stop(); $node->stop();

137
contrib/pg_tde/t/002_rotate_key.pl
Unescape View File

@ -19,123 +19,86 @@ close $conf;
my $rt_value = $node->start; my $rt_value = $node->start;
ok($rt_value == 1, "Start Server"); ok($rt_value == 1, "Start Server");
my ($cmdret, $stdout, $stderr) = $node->psql('postgres', 'CREATE EXTENSION IF NOT EXISTS pg_tde;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'CREATE EXTENSION IF NOT EXISTS pg_tde;');
ok($cmdret == 0, "CREATE PGTDE EXTENSION");
PGTDE::append_to_file($stdout);
$rt_value = $node->psql('postgres', 'CREATE TABLE test_enc(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'CREATE TABLE test_enc(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap;');
ok($rt_value == 3, "Failing query");
PGTDE::append_to_file("-- server restart"); PGTDE::append_to_file("-- server restart");
$node->stop(); $node->stop();
$rt_value = $node->start(); $rt_value = $node->start();
ok($rt_value == 1, "Restart Server"); ok($rt_value == 1, "Restart Server");
$stdout = $node->safe_psql('postgres', "SELECT pg_tde_add_database_key_provider_file('file-vault','/tmp/pg_tde_test_keyring.per');", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT pg_tde_add_database_key_provider_file('file-vault','/tmp/pg_tde_test_keyring.per');");
PGTDE::append_to_file($stdout); PGTDE::psql($node, 'postgres', "SELECT pg_tde_add_database_key_provider_file('file-2','/tmp/pg_tde_test_keyring_2.per');");
$stdout = $node->safe_psql('postgres', "SELECT pg_tde_add_database_key_provider_file('file-2','/tmp/pg_tde_test_keyring_2.per');", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT pg_tde_add_global_key_provider_file('file-2','/tmp/pg_tde_test_keyring_2g.per');");
PGTDE::append_to_file($stdout); PGTDE::psql($node, 'postgres', "SELECT pg_tde_add_global_key_provider_file('file-3','/tmp/pg_tde_test_keyring_3.per');");
$stdout = $node->safe_psql('postgres', "SELECT pg_tde_add_global_key_provider_file('file-2','/tmp/pg_tde_test_keyring_2g.per');", extra_params => ['-a']);
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', "SELECT pg_tde_add_global_key_provider_file('file-3','/tmp/pg_tde_test_keyring_3.per');", extra_params => ['-a']);
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', "SELECT pg_tde_list_all_database_key_providers();", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT pg_tde_list_all_database_key_providers();");
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', "SELECT pg_tde_set_key_using_database_key_provider('test-db-key','file-vault');", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT pg_tde_set_key_using_database_key_provider('test-db-key','file-vault');");
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'CREATE TABLE test_enc(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'CREATE TABLE test_enc(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap;');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'INSERT INTO test_enc (k) VALUES (5),(6);', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'INSERT INTO test_enc (k) VALUES (5),(6);');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'SELECT * FROM test_enc ORDER BY id ASC;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'SELECT * FROM test_enc ORDER BY id ASC;');
PGTDE::append_to_file($stdout);
# Rotate key # Rotate key
$stdout = $node->psql('postgres', "SELECT pg_tde_set_key_using_database_key_provider('rotated-key1');", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT pg_tde_set_key_using_database_key_provider('rotated-key1');");
PGTDE::append_to_file($stdout); PGTDE::psql($node, 'postgres', 'SELECT * FROM test_enc ORDER BY id ASC;');
$stdout = $node->safe_psql('postgres', 'SELECT * FROM test_enc ORDER BY id ASC;', extra_params => ['-a']);
PGTDE::append_to_file($stdout);
PGTDE::append_to_file("-- server restart"); PGTDE::append_to_file("-- server restart");
$node->stop(); $node->stop();
$rt_value = $node->start(); $rt_value = $node->start();
ok($rt_value == 1, "Restart Server"); ok($rt_value == 1, "Restart Server");
$stdout = $node->safe_psql('postgres', "SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_key_info();", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_key_info();");
PGTDE::append_to_file($stdout); PGTDE::psql($node, 'postgres', "SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_server_key_info();");
($cmdret, $stdout, $stderr) = $node->psql('postgres', "SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_server_key_info();", extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'SELECT * FROM test_enc ORDER BY id ASC;');
PGTDE::append_to_file($stdout);
PGTDE::append_to_file($stderr);
$stdout = $node->safe_psql('postgres', 'SELECT * FROM test_enc ORDER BY id ASC;', extra_params => ['-a']);
PGTDE::append_to_file($stdout);
# Again rotate key # Again rotate key
$stdout = $node->safe_psql('postgres', "SELECT pg_tde_set_key_using_database_key_provider('rotated-key2','file-2');", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT pg_tde_set_key_using_database_key_provider('rotated-key2','file-2');");
PGTDE::append_to_file($stdout); PGTDE::psql($node, 'postgres', 'SELECT * FROM test_enc ORDER BY id ASC;');
$stdout = $node->safe_psql('postgres', 'SELECT * FROM test_enc ORDER BY id ASC;', extra_params => ['-a']);
PGTDE::append_to_file($stdout);
PGTDE::append_to_file("-- server restart"); PGTDE::append_to_file("-- server restart");
$node->stop(); $node->stop();
$rt_value = $node->start(); $rt_value = $node->start();
ok($rt_value == 1, "Restart Server"); ok($rt_value == 1, "Restart Server");
$stdout = $node->safe_psql('postgres', "SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_key_info();", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_key_info();");
PGTDE::append_to_file($stdout); PGTDE::psql($node, 'postgres', "SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_server_key_info();");
($cmdret, $stdout, $stderr) = $node->psql('postgres', "SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_server_key_info();", extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'SELECT * FROM test_enc ORDER BY id ASC;');
PGTDE::append_to_file($stdout);
PGTDE::append_to_file($stderr);
$stdout = $node->safe_psql('postgres', 'SELECT * FROM test_enc ORDER BY id ASC;', extra_params => ['-a']);
PGTDE::append_to_file($stdout);
# Again rotate key # Again rotate key
$stdout = $node->safe_psql('postgres', "SELECT pg_tde_set_key_using_global_key_provider('rotated-key', 'file-3', false);", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT pg_tde_set_key_using_global_key_provider('rotated-key', 'file-3', false);");
PGTDE::append_to_file($stdout); PGTDE::psql($node, 'postgres', 'SELECT * FROM test_enc ORDER BY id ASC;');
$stdout = $node->safe_psql('postgres', 'SELECT * FROM test_enc ORDER BY id ASC;', extra_params => ['-a']);
PGTDE::append_to_file($stdout);
PGTDE::append_to_file("-- server restart"); PGTDE::append_to_file("-- server restart");
$node->stop(); $node->stop();
$rt_value = $node->start(); $rt_value = $node->start();
ok($rt_value == 1, "Restart Server"); ok($rt_value == 1, "Restart Server");
$stdout = $node->safe_psql('postgres', "SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_key_info();", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_key_info();");
PGTDE::append_to_file($stdout); PGTDE::psql($node, 'postgres', "SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_server_key_info();");
($cmdret, $stdout, $stderr) = $node->psql('postgres', "SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_server_key_info();", extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'SELECT * FROM test_enc ORDER BY id ASC;');
PGTDE::append_to_file($stdout);
PGTDE::append_to_file($stderr);
$stdout = $node->safe_psql('postgres', 'SELECT * FROM test_enc ORDER BY id ASC;', extra_params => ['-a']);
PGTDE::append_to_file($stdout);
# TODO: add method to query current info # TODO: add method to query current info
# And maybe debug tools to show what's in a file keyring? # And maybe debug tools to show what's in a file keyring?
# Again rotate key # Again rotate key
$stdout = $node->safe_psql('postgres', "SELECT pg_tde_set_key_using_global_key_provider('rotated-keyX', 'file-2', false);", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT pg_tde_set_key_using_global_key_provider('rotated-keyX', 'file-2', false);");
PGTDE::append_to_file($stdout); PGTDE::psql($node, 'postgres', 'SELECT * FROM test_enc ORDER BY id ASC;');
$stdout = $node->safe_psql('postgres', 'SELECT * FROM test_enc ORDER BY id ASC;', extra_params => ['-a']);
PGTDE::append_to_file($stdout);
PGTDE::append_to_file("-- server restart"); PGTDE::append_to_file("-- server restart");
$node->stop(); $node->stop();
$rt_value = $node->start(); $rt_value = $node->start();
ok($rt_value == 1, "Restart Server"); ok($rt_value == 1, "Restart Server");
$stdout = $node->safe_psql('postgres', "SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_key_info();", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_key_info();");
PGTDE::append_to_file($stdout); PGTDE::psql($node, 'postgres', "SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_server_key_info();");
($cmdret, $stdout, $stderr) = $node->psql('postgres', "SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_server_key_info();", extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'SELECT * FROM test_enc ORDER BY id ASC;');
PGTDE::append_to_file($stdout);
PGTDE::append_to_file($stderr);
$stdout = $node->safe_psql('postgres', 'SELECT * FROM test_enc ORDER BY id ASC;', extra_params => ['-a']);
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'ALTER SYSTEM SET pg_tde.inherit_global_providers = OFF;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'ALTER SYSTEM SET pg_tde.inherit_global_providers = OFF;');
PGTDE::append_to_file($stdout);
# Things still work after a restart # Things still work after a restart
PGTDE::append_to_file("-- server restart"); PGTDE::append_to_file("-- server restart");
@ -144,36 +107,24 @@ $rt_value = $node->start();
ok($rt_value == 1, "Restart Server"); ok($rt_value == 1, "Restart Server");
# But now can't be changed to another global provider # But now can't be changed to another global provider
($cmdret, $stdout, $stderr) = $node->psql('postgres', "SELECT pg_tde_set_key_using_global_key_provider('rotated-keyX2', 'file-2', false);", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT pg_tde_set_key_using_global_key_provider('rotated-keyX2', 'file-2', false);");
PGTDE::append_to_file($stderr); PGTDE::psql($node, 'postgres', "SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_key_info();");
$stdout = $node->safe_psql('postgres', "SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_key_info();", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_server_key_info();");
PGTDE::append_to_file($stdout);
($cmdret, $stdout, $stderr) = $node->psql('postgres', "SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_server_key_info();", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT pg_tde_set_key_using_database_key_provider('rotated-key2','file-2');");
PGTDE::append_to_file($stdout); PGTDE::psql($node, 'postgres', "SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_key_info();");
PGTDE::append_to_file($stderr); PGTDE::psql($node, 'postgres', "SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_server_key_info();");
$stdout = $node->safe_psql('postgres', "SELECT pg_tde_set_key_using_database_key_provider('rotated-key2','file-2');", extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'DROP TABLE test_enc;');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', "SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_key_info();", extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'ALTER SYSTEM RESET pg_tde.inherit_global_providers;');
PGTDE::append_to_file($stdout);
($cmdret, $stdout, $stderr) = $node->psql('postgres', "SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_server_key_info();", extra_params => ['-a']);
PGTDE::append_to_file($stdout);
PGTDE::append_to_file($stderr);
$stdout = $node->safe_psql('postgres', 'DROP TABLE test_enc;', extra_params => ['-a']);
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'ALTER SYSTEM RESET pg_tde.inherit_global_providers;', extra_params => ['-a']);
PGTDE::append_to_file($stdout);
PGTDE::append_to_file("-- server restart"); PGTDE::append_to_file("-- server restart");
$node->stop(); $node->stop();
$rt_value = $node->start(); $rt_value = $node->start();
ok($rt_value == 1, "Restart Server"); ok($rt_value == 1, "Restart Server");
($cmdret, $stdout, $stderr) = $node->psql('postgres', 'DROP EXTENSION pg_tde CASCADE;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'DROP EXTENSION pg_tde CASCADE;');
PGTDE::append_to_file($stdout);
PGTDE::append_to_file($stderr);
$node->stop(); $node->stop();

27
contrib/pg_tde/t/003_remote_config.pl
Unescape View File

@ -59,36 +59,27 @@ close $conf;
my $rt_value = $node->start(); my $rt_value = $node->start();
ok($rt_value == 1, "Start Server"); ok($rt_value == 1, "Start Server");
my ($cmdret, $stdout, $stderr) = $node->psql('postgres', 'CREATE EXTENSION IF NOT EXISTS pg_tde;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'CREATE EXTENSION IF NOT EXISTS pg_tde;');
ok($cmdret == 0, "CREATE PGTDE EXTENSION");
PGTDE::append_to_file($stdout);
$rt_value = $node->psql('postgres', "SELECT pg_tde_add_database_key_provider_file('file-provider', json_object( 'type' VALUE 'remote', 'url' VALUE 'http://localhost:8888/hello' ));", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT pg_tde_add_database_key_provider_file('file-provider', json_object( 'type' VALUE 'remote', 'url' VALUE 'http://localhost:8888/hello' ));");
$rt_value = $node->psql('postgres', "SELECT pg_tde_set_key_using_database_key_provider('test-db-key','file-provider');", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT pg_tde_set_key_using_database_key_provider('test-db-key','file-provider');");
$stdout = $node->safe_psql('postgres', 'CREATE TABLE test_enc2(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'CREATE TABLE test_enc2(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap;');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'INSERT INTO test_enc2 (k) VALUES (5),(6);', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'INSERT INTO test_enc2 (k) VALUES (5),(6);');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'SELECT * FROM test_enc2 ORDER BY id ASC;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'SELECT * FROM test_enc2 ORDER BY id ASC;');
PGTDE::append_to_file($stdout);
PGTDE::append_to_file("-- server restart"); PGTDE::append_to_file("-- server restart");
$node->stop(); $node->stop();
$rt_value = $node->start(); $rt_value = $node->start();
ok($rt_value == 1, "Restart Server"); ok($rt_value == 1, "Restart Server");
$stdout = $node->safe_psql('postgres', 'SELECT * FROM test_enc2 ORDER BY id ASC;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'SELECT * FROM test_enc2 ORDER BY id ASC;');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'DROP TABLE test_enc2;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'DROP TABLE test_enc2;');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'DROP EXTENSION pg_tde;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'DROP EXTENSION pg_tde;');
ok($cmdret == 0, "DROP PGTDE EXTENSION");
PGTDE::append_to_file($stdout);
$node->stop(); $node->stop();

27
contrib/pg_tde/t/004_file_config.pl
Unescape View File

@ -23,36 +23,27 @@ close $conf2;
my $rt_value = $node->start(); my $rt_value = $node->start();
ok($rt_value == 1, "Start Server"); ok($rt_value == 1, "Start Server");
my ($cmdret, $stdout, $stderr) = $node->psql('postgres', 'CREATE EXTENSION IF NOT EXISTS pg_tde;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'CREATE EXTENSION IF NOT EXISTS pg_tde;');
ok($cmdret == 0, "CREATE PGTDE EXTENSION");
PGTDE::append_to_file($stdout);
$rt_value = $node->psql('postgres', "SELECT pg_tde_add_database_key_provider_file('file-provider', json_object( 'type' VALUE 'file', 'path' VALUE '/tmp/datafile-location' ));", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT pg_tde_add_database_key_provider_file('file-provider', json_object( 'type' VALUE 'file', 'path' VALUE '/tmp/datafile-location' ));");
$rt_value = $node->psql('postgres', "SELECT pg_tde_set_key_using_database_key_provider('test-db-key','file-provider');", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT pg_tde_set_key_using_database_key_provider('test-db-key','file-provider');");
$stdout = $node->safe_psql('postgres', 'CREATE TABLE test_enc1(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'CREATE TABLE test_enc1(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap;');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'INSERT INTO test_enc1 (k) VALUES (5),(6);', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'INSERT INTO test_enc1 (k) VALUES (5),(6);');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'SELECT * FROM test_enc1 ORDER BY id ASC;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'SELECT * FROM test_enc1 ORDER BY id ASC;');
PGTDE::append_to_file($stdout);
PGTDE::append_to_file("-- server restart"); PGTDE::append_to_file("-- server restart");
$node->stop(); $node->stop();
$rt_value = $node->start(); $rt_value = $node->start();
ok($rt_value == 1, "Restart Server"); ok($rt_value == 1, "Restart Server");
$stdout = $node->safe_psql('postgres', 'SELECT * FROM test_enc1 ORDER BY id ASC;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'SELECT * FROM test_enc1 ORDER BY id ASC;');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'DROP TABLE test_enc1;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'DROP TABLE test_enc1;');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'DROP EXTENSION pg_tde;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'DROP EXTENSION pg_tde;');
ok($cmdret == 0, "DROP PGTDE EXTENSION");
PGTDE::append_to_file($stdout);
$node->stop(); $node->stop();

1
contrib/pg_tde/t/005_multiple_extensions.pl
Unescape View File

@ -19,7 +19,6 @@ if (index(lc($PG_VERSION_STRING), lc("Percona Distribution")) == -1)
my $node = PGTDE->pgtde_init_pg(); my $node = PGTDE->pgtde_init_pg();
my $pgdata = $node->data_dir; my $pgdata = $node->data_dir;
# UPDATE postgresql.conf to include/load pg_stat_monitor library
open my $conf, '>>', "$pgdata/postgresql.conf"; open my $conf, '>>', "$pgdata/postgresql.conf";
print $conf "shared_preload_libraries = 'pg_tde, pg_stat_monitor, pgaudit, set_user, pg_repack'\n"; print $conf "shared_preload_libraries = 'pg_tde, pg_stat_monitor, pgaudit, set_user, pg_repack'\n";
print $conf "pg_stat_monitor.pgsm_bucket_time = 360000\n"; print $conf "pg_stat_monitor.pgsm_bucket_time = 360000\n";

27
contrib/pg_tde/t/006_remote_vault_config.pl
Unescape View File

@ -67,36 +67,27 @@ close $conf;
my $rt_value = $node->start(); my $rt_value = $node->start();
ok($rt_value == 1, "Start Server"); ok($rt_value == 1, "Start Server");
my ($cmdret, $stdout, $stderr) = $node->psql('postgres', 'CREATE EXTENSION IF NOT EXISTS pg_tde;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'CREATE EXTENSION IF NOT EXISTS pg_tde;');
ok($cmdret == 0, "CREATE PGTDE EXTENSION");
PGTDE::append_to_file($stdout);
$rt_value = $node->psql('postgres', "SELECT pg_tde_add_database_key_provider_vault_v2('vault-provider', json_object( 'type' VALUE 'remote', 'url' VALUE 'http://localhost:8889/token' ), json_object( 'type' VALUE 'remote', 'url' VALUE 'http://localhost:8889/url' ), to_json('secret'::text), NULL);", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT pg_tde_add_database_key_provider_vault_v2('vault-provider', json_object( 'type' VALUE 'remote', 'url' VALUE 'http://localhost:8889/token' ), json_object( 'type' VALUE 'remote', 'url' VALUE 'http://localhost:8889/url' ), to_json('secret'::text), NULL);");
$rt_value = $node->psql('postgres', "SELECT pg_tde_set_key_using_database_key_provider('test-db-key','vault-provider');", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT pg_tde_set_key_using_database_key_provider('test-db-key','vault-provider');");
$stdout = $node->safe_psql('postgres', 'CREATE TABLE test_enc2(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'CREATE TABLE test_enc2(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap;');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'INSERT INTO test_enc2 (k) VALUES (5),(6);', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'INSERT INTO test_enc2 (k) VALUES (5),(6);');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'SELECT * FROM test_enc2 ORDER BY id ASC;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'SELECT * FROM test_enc2 ORDER BY id ASC;');
PGTDE::append_to_file($stdout);
PGTDE::append_to_file("-- server restart"); PGTDE::append_to_file("-- server restart");
$node->stop(); $node->stop();
$rt_value = $node->start(); $rt_value = $node->start();
ok($rt_value == 1, "Restart Server"); ok($rt_value == 1, "Restart Server");
$stdout = $node->safe_psql('postgres', 'SELECT * FROM test_enc2 ORDER BY id ASC;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'SELECT * FROM test_enc2 ORDER BY id ASC;');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'DROP TABLE test_enc2;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'DROP TABLE test_enc2;');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'DROP EXTENSION pg_tde;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'DROP EXTENSION pg_tde;');
ok($cmdret == 0, "DROP PGTDE EXTENSION");
PGTDE::append_to_file($stdout);
$node->stop(); $node->stop();

96
contrib/pg_tde/t/007_tde_heap.pl
Unescape View File

@ -26,87 +26,67 @@ close $conf;
my $rt_value = $node->start; my $rt_value = $node->start;
ok($rt_value == 1, "Start Server"); ok($rt_value == 1, "Start Server");
my ($cmdret, $stdout, $stderr) = $node->psql('postgres', 'CREATE EXTENSION IF NOT EXISTS pg_tde;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'CREATE EXTENSION IF NOT EXISTS pg_tde;');
ok($cmdret == 0, "CREATE PGTDE EXTENSION");
PGTDE::append_to_file($stdout);
$rt_value = $node->psql('postgres', 'CREATE TABLE test_enc(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'CREATE TABLE test_enc(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap;');
ok($rt_value == 3, "Failing query");
PGTDE::append_to_file("-- server restart"); PGTDE::append_to_file("-- server restart");
$node->stop(); $node->stop();
$rt_value = $node->start(); $rt_value = $node->start();
ok($rt_value == 1, "Restart Server"); ok($rt_value == 1, "Restart Server");
$rt_value = $node->psql('postgres', "SELECT pg_tde_add_database_key_provider_file('file-vault','/tmp/pg_tde_test_keyring.per');", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT pg_tde_add_database_key_provider_file('file-vault','/tmp/pg_tde_test_keyring.per');");
$rt_value = $node->psql('postgres', "SELECT pg_tde_set_key_using_database_key_provider('test-db-key','file-vault');", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT pg_tde_set_key_using_database_key_provider('test-db-key','file-vault');");
######################### test_enc1 (simple create table w tde_heap) ######################### test_enc1 (simple create table w tde_heap)
$stdout = $node->safe_psql('postgres', 'CREATE TABLE test_enc1(id SERIAL,k VARCHAR(32),PRIMARY KEY (id)) USING tde_heap;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'CREATE TABLE test_enc1(id SERIAL,k VARCHAR(32),PRIMARY KEY (id)) USING tde_heap;');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'INSERT INTO test_enc1 (k) VALUES (\'foobar\'),(\'barfoo\');', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'INSERT INTO test_enc1 (k) VALUES (\'foobar\'),(\'barfoo\');');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'SELECT * FROM test_enc1 ORDER BY id ASC;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'SELECT * FROM test_enc1 ORDER BY id ASC;');
PGTDE::append_to_file($stdout);
######################### test_enc2 (create heap + alter to tde_heap) ######################### test_enc2 (create heap + alter to tde_heap)
$stdout = $node->safe_psql('postgres', 'CREATE TABLE test_enc2(id SERIAL,k VARCHAR(32),PRIMARY KEY (id));', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'CREATE TABLE test_enc2(id SERIAL,k VARCHAR(32),PRIMARY KEY (id));');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'INSERT INTO test_enc2 (k) VALUES (\'foobar\'),(\'barfoo\');', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'INSERT INTO test_enc2 (k) VALUES (\'foobar\'),(\'barfoo\');');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'ALTER TABLE test_enc2 SET ACCESS METHOD tde_heap;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'ALTER TABLE test_enc2 SET ACCESS METHOD tde_heap;');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'SELECT * FROM test_enc2 ORDER BY id ASC;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'SELECT * FROM test_enc2 ORDER BY id ASC;');
PGTDE::append_to_file($stdout);
######################### test_enc3 (default_table_access_method) ######################### test_enc3 (default_table_access_method)
$stdout = $node->safe_psql('postgres', 'SET default_table_access_method = "tde_heap"; CREATE TABLE test_enc3(id SERIAL,k VARCHAR(32),PRIMARY KEY (id));', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'SET default_table_access_method = "tde_heap"; CREATE TABLE test_enc3(id SERIAL,k VARCHAR(32),PRIMARY KEY (id));');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'INSERT INTO test_enc3 (k) VALUES (\'foobar\'),(\'barfoo\');', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'INSERT INTO test_enc3 (k) VALUES (\'foobar\'),(\'barfoo\');');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'SELECT * FROM test_enc3 ORDER BY id ASC;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'SELECT * FROM test_enc3 ORDER BY id ASC;');
PGTDE::append_to_file($stdout);
######################### test_enc4 (create heap + alter default) ######################### test_enc4 (create heap + alter default)
$stdout = $node->safe_psql('postgres', 'CREATE TABLE test_enc4(id SERIAL,k VARCHAR(32),PRIMARY KEY (id)) USING heap;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'CREATE TABLE test_enc4(id SERIAL,k VARCHAR(32),PRIMARY KEY (id)) USING heap;');
$stdout = $node->safe_psql('postgres', 'INSERT INTO test_enc4 (k) VALUES (\'foobar\'),(\'barfoo\');', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'INSERT INTO test_enc4 (k) VALUES (\'foobar\'),(\'barfoo\');');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'SET default_table_access_method = "tde_heap"; ALTER TABLE test_enc4 SET ACCESS METHOD DEFAULT;', extra_params => ['-a']);
$stdout = $node->safe_psql('postgres', 'SELECT * FROM test_enc4 ORDER BY id ASC;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'SET default_table_access_method = "tde_heap"; ALTER TABLE test_enc4 SET ACCESS METHOD DEFAULT;');
PGTDE::append_to_file($stdout);
PGTDE::psql($node, 'postgres', 'SELECT * FROM test_enc4 ORDER BY id ASC;');
######################### test_enc5 (create tde_heap + truncate) ######################### test_enc5 (create tde_heap + truncate)
$stdout = $node->safe_psql('postgres', 'CREATE TABLE test_enc5(id SERIAL,k VARCHAR(32),PRIMARY KEY (id)) USING tde_heap;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'CREATE TABLE test_enc5(id SERIAL,k VARCHAR(32),PRIMARY KEY (id)) USING tde_heap;');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'INSERT INTO test_enc5 (k) VALUES (\'foobar\'),(\'barfoo\');', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'INSERT INTO test_enc5 (k) VALUES (\'foobar\'),(\'barfoo\');');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'CHECKPOINT;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'CHECKPOINT;');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'TRUNCATE test_enc5;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'TRUNCATE test_enc5;');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'INSERT INTO test_enc5 (k) VALUES (\'foobar\'),(\'barfoo\');', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'INSERT INTO test_enc5 (k) VALUES (\'foobar\'),(\'barfoo\');');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'SELECT * FROM test_enc5 ORDER BY id ASC;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'SELECT * FROM test_enc5 ORDER BY id ASC;');
PGTDE::append_to_file($stdout);
PGTDE::append_to_file("-- server restart"); PGTDE::append_to_file("-- server restart");
$node->stop(); $node->stop();
@ -123,8 +103,7 @@ sub verify_table
$tablefile .= '/'; $tablefile .= '/';
$tablefile .= $node->safe_psql('postgres', 'SELECT pg_relation_filepath(\''.$table.'\');'); $tablefile .= $node->safe_psql('postgres', 'SELECT pg_relation_filepath(\''.$table.'\');');
$stdout = $node->safe_psql('postgres', 'SELECT * FROM ' . $table . ' ORDER BY id ASC;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'SELECT * FROM ' . $table . ' ORDER BY id ASC;');
PGTDE::append_to_file($stdout);
my $strings = 'TABLEFILE FOR ' . $table . ' FOUND: '; my $strings = 'TABLEFILE FOR ' . $table . ' FOUND: ';
$strings .= `(ls $tablefile >/dev/null && echo -n yes) || echo -n no`; $strings .= `(ls $tablefile >/dev/null && echo -n yes) || echo -n no`;
@ -180,24 +159,13 @@ $strings = 'CONTAINS FOO (should be empty): ';
$strings .= `strings $tablefile4 | grep foo`; $strings .= `strings $tablefile4 | grep foo`;
PGTDE::append_to_file($strings); PGTDE::append_to_file($strings);
$stdout = $node->safe_psql('postgres', 'DROP TABLE test_enc1;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'DROP TABLE test_enc1;');
PGTDE::append_to_file($stdout); PGTDE::psql($node, 'postgres', 'DROP TABLE test_enc2;');
PGTDE::psql($node, 'postgres', 'DROP TABLE test_enc3;');
$stdout = $node->safe_psql('postgres', 'DROP TABLE test_enc2;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'DROP TABLE test_enc4;');
PGTDE::append_to_file($stdout); PGTDE::psql($node, 'postgres', 'DROP TABLE test_enc5;');
$stdout = $node->safe_psql('postgres', 'DROP TABLE test_enc3;', extra_params => ['-a']);
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'DROP TABLE test_enc4;', extra_params => ['-a']);
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'DROP TABLE test_enc5;', extra_params => ['-a']);
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'DROP EXTENSION pg_tde;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'DROP EXTENSION pg_tde;');
ok($cmdret == 0, "DROP PGTDE EXTENSION");
PGTDE::append_to_file($stdout);
$node->stop(); $node->stop();

46
contrib/pg_tde/t/008_key_rotate_tablespace.pl
Unescape View File

@ -9,8 +9,6 @@ use pgtde;
PGTDE::setup_files_dir(basename($0)); PGTDE::setup_files_dir(basename($0));
my ($cmdret, $stdout);
my $node = PGTDE->pgtde_init_pg(); my $node = PGTDE->pgtde_init_pg();
my $pgdata = $node->data_dir; my $pgdata = $node->data_dir;
@ -21,57 +19,43 @@ close $conf;
my $rt_value = $node->start; my $rt_value = $node->start;
ok($rt_value == 1, "Start Server"); ok($rt_value == 1, "Start Server");
$node->safe_psql('postgres', PGTDE::psql($node, 'postgres', "SET allow_in_place_tablespaces = true; CREATE TABLESPACE test_tblspace LOCATION '';");
q{ PGTDE::psql($node, 'postgres', 'CREATE DATABASE tbc TABLESPACE = test_tblspace;');
SET allow_in_place_tablespaces = true;
CREATE TABLESPACE test_tblspace LOCATION '';
CREATE DATABASE tbc TABLESPACE = test_tblspace;
});
$stdout = $node->safe_psql('tbc', PGTDE::psql($node, 'tbc', 'CREATE EXTENSION IF NOT EXISTS pg_tde;');
q{ PGTDE::psql($node, 'tbc', "SELECT pg_tde_add_database_key_provider_file('file-vault','/tmp/pg_tde_test_keyring.per');");
CREATE EXTENSION IF NOT EXISTS pg_tde; PGTDE::psql($node, 'tbc', "SELECT pg_tde_set_key_using_database_key_provider('test-db-key','file-vault');");
SELECT pg_tde_add_database_key_provider_file('file-vault','/tmp/pg_tde_test_keyring.per');
SELECT pg_tde_set_key_using_database_key_provider('test-db-key','file-vault');
PGTDE::psql($node, 'tbc', "
CREATE TABLE country_table ( CREATE TABLE country_table (
country_id serial primary key, country_id serial primary key,
country_name text unique not null, country_name text unique not null,
continent text not null continent text not null
) USING tde_heap; ) USING tde_heap;
");
PGTDE::psql($node, 'tbc', "
INSERT INTO country_table (country_name, continent) INSERT INTO country_table (country_name, continent)
VALUES ('Japan', 'Asia'), VALUES ('Japan', 'Asia'),
('UK', 'Europe'), ('UK', 'Europe'),
('USA', 'North America'); ('USA', 'North America');
");
SELECT * FROM country_table; PGTDE::psql($node, 'tbc', 'SELECT * FROM country_table;');
}, extra_params => ['-a']);
PGTDE::append_to_file($stdout);
$cmdret = $node->psql('tbc', "SELECT pg_tde_set_key_using_database_key_provider('new-k', 'file-vault');", extra_params => ['-a']); PGTDE::psql($node, 'tbc', "SELECT pg_tde_set_key_using_database_key_provider('new-k', 'file-vault');");
ok($cmdret == 0, "ROTATE KEY");
PGTDE::append_to_file($stdout);
PGTDE::append_to_file("-- server restart"); PGTDE::append_to_file("-- server restart");
$node->stop(); $node->stop();
$rt_value = $node->start(); $rt_value = $node->start();
ok($rt_value == 1, "Restart Server"); ok($rt_value == 1, "Restart Server");
$stdout = $node->safe_psql('tbc', 'SELECT * FROM country_table;', extra_params => ['-a']); PGTDE::psql($node, 'tbc', 'SELECT * FROM country_table;');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('tbc', 'DROP EXTENSION pg_tde CASCADE;', extra_params => ['-a']); PGTDE::psql($node, 'tbc', 'DROP EXTENSION pg_tde CASCADE;');
ok($cmdret == 0, "DROP PGTDE EXTENSION");
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', q{ PGTDE::psql($node, 'postgres', 'DROP DATABASE tbc;');
DROP DATABASE tbc; PGTDE::psql($node, 'postgres', 'DROP TABLESPACE test_tblspace;');
DROP TABLESPACE test_tblspace;
}, extra_params => ['-a']);
ok($cmdret == 0, "DROP DATABSE");
PGTDE::append_to_file($stdout);
$node->stop(); $node->stop();

57
contrib/pg_tde/t/009_wal_encrypt.pl
Unescape View File

@ -22,82 +22,63 @@ close $conf;
my $rt_value = $node->start; my $rt_value = $node->start;
ok($rt_value == 1, "Start Server"); ok($rt_value == 1, "Start Server");
my $stdout = $node->safe_psql('postgres', "CREATE EXTENSION IF NOT EXISTS pg_tde;", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "CREATE EXTENSION IF NOT EXISTS pg_tde;");
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', "SELECT pg_tde_add_global_key_provider_file('file-keyring-010','/tmp/pg_tde_test_keyring010.per');", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT pg_tde_add_global_key_provider_file('file-keyring-010','/tmp/pg_tde_test_keyring010.per');");
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', "SELECT pg_tde_set_server_key_using_global_key_provider('server-key', 'file-keyring-010');", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT pg_tde_set_server_key_using_global_key_provider('server-key', 'file-keyring-010');");
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'ALTER SYSTEM SET pg_tde.wal_encrypt = on;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'ALTER SYSTEM SET pg_tde.wal_encrypt = on;');
PGTDE::append_to_file($stdout);
PGTDE::append_to_file("-- server restart with wal encryption"); PGTDE::append_to_file("-- server restart with wal encryption");
$node->stop(); $node->stop();
$rt_value = $node->start(); $rt_value = $node->start();
ok($rt_value == 1, "Restart Server"); ok($rt_value == 1, "Restart Server");
$stdout = $node->safe_psql('postgres', "SHOW pg_tde.wal_encrypt;", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SHOW pg_tde.wal_encrypt;");
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', "SELECT slot_name FROM pg_create_logical_replication_slot('tde_slot', 'test_decoding');", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT slot_name FROM pg_create_logical_replication_slot('tde_slot', 'test_decoding');");
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'CREATE TABLE test_wal (id SERIAL, k INTEGER, PRIMARY KEY (id));', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'CREATE TABLE test_wal (id SERIAL, k INTEGER, PRIMARY KEY (id));');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'INSERT INTO test_wal (k) VALUES (1), (2);', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'INSERT INTO test_wal (k) VALUES (1), (2);');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'ALTER SYSTEM SET pg_tde.wal_encrypt = off;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'ALTER SYSTEM SET pg_tde.wal_encrypt = off;');
PGTDE::append_to_file($stdout);
PGTDE::append_to_file("-- server restart without wal encryption"); PGTDE::append_to_file("-- server restart without wal encryption");
$node->stop(); $node->stop();
$rt_value = $node->start(); $rt_value = $node->start();
ok($rt_value == 1, "Restart Server"); ok($rt_value == 1, "Restart Server");
$stdout = $node->safe_psql('postgres', "SHOW pg_tde.wal_encrypt;", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SHOW pg_tde.wal_encrypt;");
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'INSERT INTO test_wal (k) VALUES (3), (4);', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'INSERT INTO test_wal (k) VALUES (3), (4);');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'ALTER SYSTEM SET pg_tde.wal_encrypt = on;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'ALTER SYSTEM SET pg_tde.wal_encrypt = on;');
PGTDE::append_to_file($stdout);
PGTDE::append_to_file("-- server restart with wal encryption"); PGTDE::append_to_file("-- server restart with wal encryption");
$node->stop(); $node->stop();
$rt_value = $node->start(); $rt_value = $node->start();
ok($rt_value == 1, "Restart Server"); ok($rt_value == 1, "Restart Server");
$stdout = $node->safe_psql('postgres', "SHOW pg_tde.wal_encrypt;", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SHOW pg_tde.wal_encrypt;");
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'INSERT INTO test_wal (k) VALUES (5), (6);', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'INSERT INTO test_wal (k) VALUES (5), (6);');
PGTDE::append_to_file($stdout);
PGTDE::append_to_file("-- server restart with still wal encryption"); PGTDE::append_to_file("-- server restart with still wal encryption");
$node->stop(); $node->stop();
$rt_value = $node->start(); $rt_value = $node->start();
ok($rt_value == 1, "Restart Server"); ok($rt_value == 1, "Restart Server");
$stdout = $node->safe_psql('postgres', "SHOW pg_tde.wal_encrypt;", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SHOW pg_tde.wal_encrypt;");
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'INSERT INTO test_wal (k) VALUES (7), (8);', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'INSERT INTO test_wal (k) VALUES (7), (8);');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', "SELECT data FROM pg_logical_slot_get_changes('tde_slot', NULL, NULL);", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT data FROM pg_logical_slot_get_changes('tde_slot', NULL, NULL);");
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', "SELECT pg_drop_replication_slot('tde_slot');", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT pg_drop_replication_slot('tde_slot');");
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'DROP EXTENSION pg_tde;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'DROP EXTENSION pg_tde;');
PGTDE::append_to_file($stdout);
$node->stop(); $node->stop();

173
contrib/pg_tde/t/010_change_key_provider.pl
Unescape View File

@ -25,43 +25,28 @@ unlink('/tmp/change_key_provider_4.per');
my $rt_value = $node->start; my $rt_value = $node->start;
ok($rt_value == 1, "Start Server"); ok($rt_value == 1, "Start Server");
my ($cmdret, $stdout, $stderr) = $node->psql('postgres', 'CREATE EXTENSION IF NOT EXISTS pg_tde;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'CREATE EXTENSION IF NOT EXISTS pg_tde;');
ok($cmdret == 0, "CREATE PGTDE EXTENSION");
PGTDE::append_to_file($stdout); PGTDE::psql($node, 'postgres', "SELECT pg_tde_add_database_key_provider_file('file-vault', '/tmp/change_key_provider_1.per');");
PGTDE::psql($node, 'postgres', "SELECT pg_tde_list_all_database_key_providers();");
$stdout = $node->safe_psql('postgres', "SELECT pg_tde_add_database_key_provider_file('file-vault', '/tmp/change_key_provider_1.per');", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT pg_tde_set_key_using_database_key_provider('test-key', 'file-vault');");
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', "SELECT pg_tde_list_all_database_key_providers();", extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'CREATE TABLE test_enc (id serial, k integer, PRIMARY KEY (id)) USING tde_heap;');
PGTDE::append_to_file($stdout); PGTDE::psql($node, 'postgres', 'INSERT INTO test_enc (k) VALUES (5), (6);');
$stdout = $node->safe_psql('postgres', "SELECT pg_tde_set_key_using_database_key_provider('test-key', 'file-vault');", extra_params => ['-a']);
PGTDE::append_to_file($stdout); PGTDE::psql($node, 'postgres', "SELECT pg_tde_verify_key();");
PGTDE::psql($node, 'postgres', "SELECT pg_tde_is_encrypted('test_enc');");
$stdout = $node->safe_psql('postgres', 'CREATE TABLE test_enc (id serial, k integer, PRIMARY KEY (id)) USING tde_heap;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'SELECT * FROM test_enc ORDER BY id;');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'INSERT INTO test_enc (k) VALUES (5), (6);', extra_params => ['-a']);
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', "SELECT pg_tde_verify_key();", extra_params => ['-a']);
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', "SELECT pg_tde_is_encrypted('test_enc');", extra_params => ['-a']);
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'SELECT * FROM test_enc ORDER BY id;', extra_params => ['-a']);
PGTDE::append_to_file($stdout);
# Change provider and move file # Change provider and move file
PGTDE::append_to_file("-- mv /tmp/change_key_provider_1.per /tmp/change_key_provider_2.per"); PGTDE::append_to_file("-- mv /tmp/change_key_provider_1.per /tmp/change_key_provider_2.per");
move('/tmp/change_key_provider_1.per', '/tmp/change_key_provider_2.per'); move('/tmp/change_key_provider_1.per', '/tmp/change_key_provider_2.per');
$stdout = $node->safe_psql('postgres', "SELECT pg_tde_change_database_key_provider_file('file-vault', '/tmp/change_key_provider_2.per');", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT pg_tde_change_database_key_provider_file('file-vault', '/tmp/change_key_provider_2.per');");
PGTDE::append_to_file($stdout); PGTDE::psql($node, 'postgres', "SELECT pg_tde_list_all_database_key_providers();");
$stdout = $node->safe_psql('postgres', "SELECT pg_tde_list_all_database_key_providers();", extra_params => ['-a']);
PGTDE::append_to_file($stdout); PGTDE::psql($node, 'postgres', "SELECT pg_tde_verify_key();");
PGTDE::psql($node, 'postgres', "SELECT pg_tde_is_encrypted('test_enc');");
$stdout = $node->safe_psql('postgres', "SELECT pg_tde_verify_key();", extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'SELECT * FROM test_enc ORDER BY id;');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', "SELECT pg_tde_is_encrypted('test_enc');", extra_params => ['-a']);
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'SELECT * FROM test_enc ORDER BY id;', extra_params => ['-a']);
PGTDE::append_to_file($stdout);
PGTDE::append_to_file("-- server restart"); PGTDE::append_to_file("-- server restart");
$node->stop(); $node->stop();
@ -69,26 +54,17 @@ $rt_value = $node->start();
ok($rt_value == 1, "Restart Server"); ok($rt_value == 1, "Restart Server");
# Verify # Verify
$stdout = $node->safe_psql('postgres', "SELECT pg_tde_verify_key();", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT pg_tde_verify_key();");
PGTDE::append_to_file($stdout); PGTDE::psql($node, 'postgres', "SELECT pg_tde_is_encrypted('test_enc');");
$stdout = $node->safe_psql('postgres', "SELECT pg_tde_is_encrypted('test_enc');", extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'SELECT * FROM test_enc ORDER BY id;');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'SELECT * FROM test_enc ORDER BY id;', extra_params => ['-a']);
PGTDE::append_to_file($stdout);
# Change provider and do not move file # Change provider and do not move file
$stdout = $node->safe_psql('postgres', "SELECT pg_tde_change_database_key_provider_file('file-vault', '/tmp/change_key_provider_3.per');", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT pg_tde_change_database_key_provider_file('file-vault', '/tmp/change_key_provider_3.per');");
PGTDE::append_to_file($stdout); PGTDE::psql($node, 'postgres', "SELECT pg_tde_list_all_database_key_providers();");
$stdout = $node->safe_psql('postgres', "SELECT pg_tde_list_all_database_key_providers();", extra_params => ['-a']);
PGTDE::append_to_file($stdout); PGTDE::psql($node, 'postgres', "SELECT pg_tde_verify_key();");
PGTDE::psql($node, 'postgres', "SELECT pg_tde_is_encrypted('test_enc');");
(undef, $stdout, $stderr) = $node->psql('postgres', "SELECT pg_tde_verify_key();", extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'SELECT * FROM test_enc ORDER BY id;');
PGTDE::append_to_file($stdout);
PGTDE::append_to_file($stderr);
$stdout = $node->safe_psql('postgres', "SELECT pg_tde_is_encrypted('test_enc');", extra_params => ['-a']);
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'SELECT * FROM test_enc ORDER BY id;', extra_params => ['-a']);
PGTDE::append_to_file($stdout);
PGTDE::append_to_file("-- server restart"); PGTDE::append_to_file("-- server restart");
$node->stop(); $node->stop();
@ -96,15 +72,9 @@ $rt_value = $node->start();
ok($rt_value == 1, "Restart Server"); ok($rt_value == 1, "Restart Server");
# Verify # Verify
(undef, $stdout, $stderr) = $node->psql('postgres', "SELECT pg_tde_verify_key();", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT pg_tde_verify_key();");
PGTDE::append_to_file($stdout); PGTDE::psql($node, 'postgres', "SELECT pg_tde_is_encrypted('test_enc');");
PGTDE::append_to_file($stderr); PGTDE::psql($node, 'postgres', 'SELECT * FROM test_enc ORDER BY id;');
(undef, $stdout, $stderr) = $node->psql('postgres', "SELECT pg_tde_is_encrypted('test_enc');", extra_params => ['-a']);
PGTDE::append_to_file($stdout);
PGTDE::append_to_file($stderr);
(undef, $stdout, $stderr) = $node->psql('postgres', 'SELECT * FROM test_enc ORDER BY id;', extra_params => ['-a']);
PGTDE::append_to_file($stdout);
PGTDE::append_to_file($stderr);
PGTDE::append_to_file("-- mv /tmp/change_key_provider_2.per /tmp/change_key_provider_3.per"); PGTDE::append_to_file("-- mv /tmp/change_key_provider_2.per /tmp/change_key_provider_3.per");
move('/tmp/change_key_provider_2.per', '/tmp/change_key_provider_3.per'); move('/tmp/change_key_provider_2.per', '/tmp/change_key_provider_3.per');
@ -115,41 +85,26 @@ $rt_value = $node->start();
ok($rt_value == 1, "Restart Server"); ok($rt_value == 1, "Restart Server");
# Verify # Verify
$stdout = $node->safe_psql('postgres', "SELECT pg_tde_verify_key();", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT pg_tde_verify_key();");
PGTDE::append_to_file($stdout); PGTDE::psql($node, 'postgres', "SELECT pg_tde_is_encrypted('test_enc');");
$stdout = $node->safe_psql('postgres', "SELECT pg_tde_is_encrypted('test_enc');", extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'SELECT * FROM test_enc ORDER BY id;');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'SELECT * FROM test_enc ORDER BY id;', extra_params => ['-a']);
PGTDE::append_to_file($stdout);
(undef, $stdout, $stderr) = $node->psql('postgres', 'DROP EXTENSION pg_tde CASCADE;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'DROP EXTENSION pg_tde CASCADE;');
PGTDE::append_to_file($stdout);
PGTDE::append_to_file($stderr);
($cmdret, $stdout, $stderr) = $node->psql('postgres', 'CREATE EXTENSION IF NOT EXISTS pg_tde;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'CREATE EXTENSION IF NOT EXISTS pg_tde;');
ok($cmdret == 0, "CREATE PGTDE EXTENSION");
PGTDE::append_to_file($stdout);
# Change provider and generate a new principal key # Change provider and generate a new principal key
$stdout = $node->safe_psql('postgres', "SELECT pg_tde_add_database_key_provider_file('file-vault', '/tmp/change_key_provider_4.per');", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT pg_tde_add_database_key_provider_file('file-vault', '/tmp/change_key_provider_4.per');");
PGTDE::append_to_file($stdout); PGTDE::psql($node, 'postgres', "SELECT pg_tde_set_key_using_database_key_provider('test-key', 'file-vault');");
$stdout = $node->psql('postgres', "SELECT pg_tde_set_key_using_database_key_provider('test-key', 'file-vault');", extra_params => ['-a']);
PGTDE::append_to_file($stdout); PGTDE::psql($node, 'postgres', 'CREATE TABLE test_enc (id serial, k integer, PRIMARY KEY (id)) USING tde_heap;');
PGTDE::psql($node, 'postgres', 'INSERT INTO test_enc (k) VALUES (5), (6);');
$stdout = $node->safe_psql('postgres', 'CREATE TABLE test_enc (id serial, k integer, PRIMARY KEY (id)) USING tde_heap;', extra_params => ['-a']);
PGTDE::append_to_file($stdout); PGTDE::psql($node, 'postgres', "SELECT pg_tde_verify_key();");
$stdout = $node->safe_psql('postgres', 'INSERT INTO test_enc (k) VALUES (5), (6);', extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT pg_tde_is_encrypted('test_enc');");
PGTDE::append_to_file($stdout); PGTDE::psql($node, 'postgres', 'SELECT * FROM test_enc ORDER BY id;');
$stdout = $node->safe_psql('postgres', "SELECT pg_tde_verify_key();", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT pg_tde_change_database_key_provider_file('file-vault', '/tmp/change_key_provider_3.per');");
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', "SELECT pg_tde_is_encrypted('test_enc');", extra_params => ['-a']);
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'SELECT * FROM test_enc ORDER BY id;', extra_params => ['-a']);
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', "SELECT pg_tde_change_database_key_provider_file('file-vault', '/tmp/change_key_provider_3.per');", extra_params => ['-a']);
PGTDE::append_to_file($stdout);
PGTDE::append_to_file("-- server restart"); PGTDE::append_to_file("-- server restart");
$node->stop(); $node->stop();
@ -157,33 +112,19 @@ $rt_value = $node->start();
ok($rt_value == 1, "Restart Server"); ok($rt_value == 1, "Restart Server");
# Verify # Verify
(undef, $stdout, $stderr) = $node->psql('postgres', "SELECT pg_tde_verify_key();", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT pg_tde_verify_key();");
PGTDE::append_to_file($stdout); PGTDE::psql($node, 'postgres', "SELECT pg_tde_is_encrypted('test_enc');");
PGTDE::append_to_file($stderr); PGTDE::psql($node, 'postgres', 'SELECT * FROM test_enc ORDER BY id;');
(undef, $stdout, $stderr) = $node->psql('postgres', "SELECT pg_tde_is_encrypted('test_enc');", extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'CREATE TABLE test_enc2 (id serial, k integer, PRIMARY KEY (id)) USING tde_heap;');
PGTDE::append_to_file($stdout);
PGTDE::append_to_file($stderr); PGTDE::psql($node, 'postgres', "SELECT pg_tde_change_database_key_provider_file('file-vault', '/tmp/change_key_provider_4.per');");
(undef, $stdout, $stderr) = $node->psql('postgres', 'SELECT * FROM test_enc ORDER BY id;', extra_params => ['-a']);
PGTDE::append_to_file($stdout);
PGTDE::append_to_file($stderr);
(undef, $stdout, $stderr) = $node->psql('postgres', 'CREATE TABLE test_enc2 (id serial, k integer, PRIMARY KEY (id)) USING tde_heap;', extra_params => ['-a']);
PGTDE::append_to_file($stdout);
PGTDE::append_to_file($stderr);
$stdout = $node->safe_psql('postgres', "SELECT pg_tde_change_database_key_provider_file('file-vault', '/tmp/change_key_provider_4.per');", extra_params => ['-a']);
PGTDE::append_to_file($stdout);
# Verify # Verify
$stdout = $node->safe_psql('postgres', "SELECT pg_tde_verify_key();", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "SELECT pg_tde_verify_key();");
PGTDE::append_to_file($stdout); PGTDE::psql($node, 'postgres', "SELECT pg_tde_is_encrypted('test_enc');");
$stdout = $node->safe_psql('postgres', "SELECT pg_tde_is_encrypted('test_enc');", extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'SELECT * FROM test_enc ORDER BY id;');
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', 'SELECT * FROM test_enc ORDER BY id;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'DROP EXTENSION pg_tde CASCADE;');
PGTDE::append_to_file($stdout);
(undef, $stdout, $stderr) = $node->psql('postgres', 'DROP EXTENSION pg_tde CASCADE;', extra_params => ['-a']);
PGTDE::append_to_file($stdout);
PGTDE::append_to_file($stderr);
$node->stop(); $node->stop();

25
contrib/pg_tde/t/011_unlogged_tables.pl
Unescape View File

@ -19,22 +19,15 @@ close $conf;
my $rt_value = $node->start; my $rt_value = $node->start;
ok($rt_value == 1, "Start Server"); ok($rt_value == 1, "Start Server");
my ($cmdret, $stdout, $stderr) = $node->psql('postgres', 'CREATE EXTENSION IF NOT EXISTS pg_tde;', extra_params => ['-a']); PGTDE::psql($node, 'postgres', 'CREATE EXTENSION IF NOT EXISTS pg_tde;');
ok($cmdret == 0, "CREATE PGTDE EXTENSION"); PGTDE::psql($node, 'postgres', "SELECT pg_tde_add_database_key_provider_file('file-vault', '/tmp/unlogged_tables.per');");
PGTDE::append_to_file($stdout); PGTDE::psql($node, 'postgres', "SELECT pg_tde_set_key_using_database_key_provider('test-key', 'file-vault');");
$stdout = $node->safe_psql('postgres', "SELECT pg_tde_add_database_key_provider_file('file-vault', '/tmp/unlogged_tables.per');", extra_params => ['-a']);
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', "SELECT pg_tde_set_key_using_database_key_provider('test-key', 'file-vault');", extra_params => ['-a']);
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', "CREATE UNLOGGED TABLE t (x int PRIMARY KEY) USING tde_heap;", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "CREATE UNLOGGED TABLE t (x int PRIMARY KEY) USING tde_heap;");
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', "INSERT INTO t SELECT generate_series(1, 4);", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "INSERT INTO t SELECT generate_series(1, 4);");
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', "CHECKPOINT;", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "CHECKPOINT;");
PGTDE::append_to_file($stdout);
PGTDE::append_to_file("-- kill -9"); PGTDE::append_to_file("-- kill -9");
$node->kill9(); $node->kill9();
@ -43,11 +36,9 @@ PGTDE::append_to_file("-- server start");
$rt_value = $node->start; $rt_value = $node->start;
ok($rt_value == 1, "Start Server"); ok($rt_value == 1, "Start Server");
$stdout = $node->safe_psql('postgres', "TABLE t;", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "TABLE t;");
PGTDE::append_to_file($stdout);
$stdout = $node->safe_psql('postgres', "INSERT INTO t SELECT generate_series(1, 4);", extra_params => ['-a']); PGTDE::psql($node, 'postgres', "INSERT INTO t SELECT generate_series(1, 4);");
PGTDE::append_to_file($stdout);
$node->stop(); $node->stop();

7
contrib/pg_tde/t/expected/001_basic.out
Unescape View File

@ -1,7 +1,14 @@
CREATE EXTENSION IF NOT EXISTS pg_tde; CREATE EXTENSION IF NOT EXISTS pg_tde;
SELECT extname, extversion FROM pg_extension WHERE extname = 'pg_tde'; SELECT extname, extversion FROM pg_extension WHERE extname = 'pg_tde';
pg_tde|1.0-rc pg_tde|1.0-rc
CREATE TABLE test_enc(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap;
psql:<stdin>:1: ERROR: principal key not configured
HINT: create one using pg_tde_set_key before using encrypted tables
-- server restart -- server restart
SELECT pg_tde_add_database_key_provider_file('file-vault','/tmp/pg_tde_test_keyring.per');
1
SELECT pg_tde_set_key_using_database_key_provider('test-db-key','file-vault');
CREATE TABLE test_enc(id SERIAL,k VARCHAR(32),PRIMARY KEY (id)) USING tde_heap; CREATE TABLE test_enc(id SERIAL,k VARCHAR(32),PRIMARY KEY (id)) USING tde_heap;
INSERT INTO test_enc (k) VALUES ('foobar'),('barfoo'); INSERT INTO test_enc (k) VALUES ('foobar'),('barfoo');
SELECT * FROM test_enc ORDER BY id ASC; SELECT * FROM test_enc ORDER BY id ASC;

7
contrib/pg_tde/t/expected/002_rotate_key.out
Unescape View File

@ -1,4 +1,7 @@
CREATE EXTENSION IF NOT EXISTS pg_tde; CREATE EXTENSION IF NOT EXISTS pg_tde;
CREATE TABLE test_enc(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap;
psql:<stdin>:1: ERROR: principal key not configured
HINT: create one using pg_tde_set_key before using encrypted tables
-- server restart -- server restart
SELECT pg_tde_add_database_key_provider_file('file-vault','/tmp/pg_tde_test_keyring.per'); SELECT pg_tde_add_database_key_provider_file('file-vault','/tmp/pg_tde_test_keyring.per');
1 1
@ -18,7 +21,8 @@ INSERT INTO test_enc (k) VALUES (5),(6);
SELECT * FROM test_enc ORDER BY id ASC; SELECT * FROM test_enc ORDER BY id ASC;
1|5 1|5
2|6 2|6
0 SELECT pg_tde_set_key_using_database_key_provider('rotated-key1');
SELECT * FROM test_enc ORDER BY id ASC; SELECT * FROM test_enc ORDER BY id ASC;
1|5 1|5
2|6 2|6
@ -75,6 +79,7 @@ SELECT * FROM test_enc ORDER BY id ASC;
2|6 2|6
ALTER SYSTEM SET pg_tde.inherit_global_providers = OFF; ALTER SYSTEM SET pg_tde.inherit_global_providers = OFF;
-- server restart -- server restart
SELECT pg_tde_set_key_using_global_key_provider('rotated-keyX2', 'file-2', false);
psql:<stdin>:1: ERROR: Usage of global key providers is disabled. Enable it with pg_tde.inherit_global_providers = ON psql:<stdin>:1: ERROR: Usage of global key providers is disabled. Enable it with pg_tde.inherit_global_providers = ON
SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_key_info(); SELECT key_provider_id, key_provider_name, key_name FROM pg_tde_key_info();
-1|file-2|rotated-keyX -1|file-2|rotated-keyX

4
contrib/pg_tde/t/expected/003_remote_config.out
Unescape View File

@ -1,4 +1,8 @@
CREATE EXTENSION IF NOT EXISTS pg_tde; CREATE EXTENSION IF NOT EXISTS pg_tde;
SELECT pg_tde_add_database_key_provider_file('file-provider', json_object( 'type' VALUE 'remote', 'url' VALUE 'http://localhost:8888/hello' ));
1
SELECT pg_tde_set_key_using_database_key_provider('test-db-key','file-provider');
CREATE TABLE test_enc2(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap; CREATE TABLE test_enc2(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap;
INSERT INTO test_enc2 (k) VALUES (5),(6); INSERT INTO test_enc2 (k) VALUES (5),(6);
SELECT * FROM test_enc2 ORDER BY id ASC; SELECT * FROM test_enc2 ORDER BY id ASC;

4
contrib/pg_tde/t/expected/004_file_config.out
Unescape View File

@ -1,4 +1,8 @@
CREATE EXTENSION IF NOT EXISTS pg_tde; CREATE EXTENSION IF NOT EXISTS pg_tde;
SELECT pg_tde_add_database_key_provider_file('file-provider', json_object( 'type' VALUE 'file', 'path' VALUE '/tmp/datafile-location' ));
1
SELECT pg_tde_set_key_using_database_key_provider('test-db-key','file-provider');
CREATE TABLE test_enc1(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap; CREATE TABLE test_enc1(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap;
INSERT INTO test_enc1 (k) VALUES (5),(6); INSERT INTO test_enc1 (k) VALUES (5),(6);
SELECT * FROM test_enc1 ORDER BY id ASC; SELECT * FROM test_enc1 ORDER BY id ASC;

4
contrib/pg_tde/t/expected/006_remote_vault_config.out
Unescape View File

@ -1,4 +1,8 @@
CREATE EXTENSION IF NOT EXISTS pg_tde; CREATE EXTENSION IF NOT EXISTS pg_tde;
SELECT pg_tde_add_database_key_provider_vault_v2('vault-provider', json_object( 'type' VALUE 'remote', 'url' VALUE 'http://localhost:8889/token' ), json_object( 'type' VALUE 'remote', 'url' VALUE 'http://localhost:8889/url' ), to_json('secret'::text), NULL);
1
SELECT pg_tde_set_key_using_database_key_provider('test-db-key','vault-provider');
CREATE TABLE test_enc2(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap; CREATE TABLE test_enc2(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap;
INSERT INTO test_enc2 (k) VALUES (5),(6); INSERT INTO test_enc2 (k) VALUES (5),(6);
SELECT * FROM test_enc2 ORDER BY id ASC; SELECT * FROM test_enc2 ORDER BY id ASC;

9
contrib/pg_tde/t/expected/007_tde_heap.out
Unescape View File

@ -1,5 +1,12 @@
CREATE EXTENSION IF NOT EXISTS pg_tde; CREATE EXTENSION IF NOT EXISTS pg_tde;
CREATE TABLE test_enc(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap;
psql:<stdin>:1: ERROR: principal key not configured
HINT: create one using pg_tde_set_key before using encrypted tables
-- server restart -- server restart
SELECT pg_tde_add_database_key_provider_file('file-vault','/tmp/pg_tde_test_keyring.per');
1
SELECT pg_tde_set_key_using_database_key_provider('test-db-key','file-vault');
CREATE TABLE test_enc1(id SERIAL,k VARCHAR(32),PRIMARY KEY (id)) USING tde_heap; CREATE TABLE test_enc1(id SERIAL,k VARCHAR(32),PRIMARY KEY (id)) USING tde_heap;
INSERT INTO test_enc1 (k) VALUES ('foobar'),('barfoo'); INSERT INTO test_enc1 (k) VALUES ('foobar'),('barfoo');
SELECT * FROM test_enc1 ORDER BY id ASC; SELECT * FROM test_enc1 ORDER BY id ASC;
@ -16,7 +23,9 @@ INSERT INTO test_enc3 (k) VALUES ('foobar'),('barfoo');
SELECT * FROM test_enc3 ORDER BY id ASC; SELECT * FROM test_enc3 ORDER BY id ASC;
1|foobar 1|foobar
2|barfoo 2|barfoo
CREATE TABLE test_enc4(id SERIAL,k VARCHAR(32),PRIMARY KEY (id)) USING heap;
INSERT INTO test_enc4 (k) VALUES ('foobar'),('barfoo'); INSERT INTO test_enc4 (k) VALUES ('foobar'),('barfoo');
SET default_table_access_method = "tde_heap"; ALTER TABLE test_enc4 SET ACCESS METHOD DEFAULT;
SELECT * FROM test_enc4 ORDER BY id ASC; SELECT * FROM test_enc4 ORDER BY id ASC;
1|foobar 1|foobar
2|barfoo 2|barfoo

21
contrib/pg_tde/t/expected/008_key_rotate_tablespace.out
Unescape View File

@ -1,3 +1,5 @@
SET allow_in_place_tablespaces = true; CREATE TABLESPACE test_tblspace LOCATION '';
CREATE DATABASE tbc TABLESPACE = test_tblspace;
CREATE EXTENSION IF NOT EXISTS pg_tde; CREATE EXTENSION IF NOT EXISTS pg_tde;
SELECT pg_tde_add_database_key_provider_file('file-vault','/tmp/pg_tde_test_keyring.per'); SELECT pg_tde_add_database_key_provider_file('file-vault','/tmp/pg_tde_test_keyring.per');
1 1
@ -16,29 +18,14 @@ SELECT * FROM country_table;
1|Japan|Asia 1|Japan|Asia
2|UK|Europe 2|UK|Europe
3|USA|North America 3|USA|North America
CREATE EXTENSION IF NOT EXISTS pg_tde; SELECT pg_tde_set_key_using_database_key_provider('new-k', 'file-vault');
SELECT pg_tde_add_database_key_provider_file('file-vault','/tmp/pg_tde_test_keyring.per');
1
SELECT pg_tde_set_key_using_database_key_provider('test-db-key','file-vault');
CREATE TABLE country_table (
country_id serial primary key,
country_name text unique not null,
continent text not null
) USING tde_heap;
INSERT INTO country_table (country_name, continent)
VALUES ('Japan', 'Asia'),
('UK', 'Europe'),
('USA', 'North America');
SELECT * FROM country_table;
1|Japan|Asia
2|UK|Europe
3|USA|North America
-- server restart -- server restart
SELECT * FROM country_table; SELECT * FROM country_table;
1|Japan|Asia 1|Japan|Asia
2|UK|Europe 2|UK|Europe
3|USA|North America 3|USA|North America
DROP EXTENSION pg_tde CASCADE; DROP EXTENSION pg_tde CASCADE;
psql:<stdin>:1: NOTICE: drop cascades to table country_table
DROP DATABASE tbc; DROP DATABASE tbc;
DROP TABLESPACE test_tblspace; DROP TABLESPACE test_tblspace;

3
contrib/pg_tde/t/expected/010_change_key_provider.out
Unescape View File

@ -66,7 +66,8 @@ psql:<stdin>:1: NOTICE: drop cascades to table test_enc
CREATE EXTENSION IF NOT EXISTS pg_tde; CREATE EXTENSION IF NOT EXISTS pg_tde;
SELECT pg_tde_add_database_key_provider_file('file-vault', '/tmp/change_key_provider_4.per'); SELECT pg_tde_add_database_key_provider_file('file-vault', '/tmp/change_key_provider_4.per');
1 1
0 SELECT pg_tde_set_key_using_database_key_provider('test-key', 'file-vault');
CREATE TABLE test_enc (id serial, k integer, PRIMARY KEY (id)) USING tde_heap; CREATE TABLE test_enc (id serial, k integer, PRIMARY KEY (id)) USING tde_heap;
INSERT INTO test_enc (k) VALUES (5), (6); INSERT INTO test_enc (k) VALUES (5), (6);
SELECT pg_tde_verify_key(); SELECT pg_tde_verify_key();

15
contrib/pg_tde/t/pgtde.pm
Unescape View File

@ -51,6 +51,21 @@ sub pgtde_init_pg
return $node; return $node;
} }
sub psql
{
my ($node, $dbname, $sql) = @_;
my (undef, $stdout, $stderr) = $node->psql($dbname, $sql, extra_params => ['-a']);
if ($stdout ne '') {
append_to_file($stdout);
}
if ($stderr ne '') {
append_to_file($stderr);
}
}
sub append_to_file sub append_to_file
{ {
my ($str) = @_; my ($str) = @_;

Write Preview
Loading…
Cancel
Save