Merge branch 'TDE_REL_17_STABLE' into docs-add-thales

Andriciuc · web-flow · commit 89a256f8e17b · 2025-06-04T11:24:44.000+03:00
diff --git a/contrib/pg_tde/documentation/docs/functions.md b/contrib/pg_tde/documentation/docs/functions.md
@@ -11,26 +11,6 @@ However, database owners can run the “view keys” and “set principal key”
 * `GRANT EXECUTE`
 * `REVOKE EXECUTE`
 
-The following functions are also provided for easier management of functionality groups:
-
-### Database local key management
-
-Use these functions to grant or revoke permissions to manage the key of the current database. They enable or disable all functions related to the key of the current database:
-
-* `pg_tde_grant_database_key_management_to_role(role)`
-* `pg_tde_revoke_database_key_management_from_role(role)`
-
-### Global scope key management
-
-Managment of the global scope is restricted to superusers only.
-
-### Inspections
-
-Use these functions to grant or revoke the use of query functions, which do not modify the encryption settings:
-
-* `pg_tde_grant_key_viewer_to_role(role)`
-* `pg_tde_revoke_key_viewer_from_role(role)`
-
 ## Key provider management
 
 A key provider is a system or service responsible for managing encryption keys. `pg_tde` supports the following key providers:
diff --git a/contrib/pg_tde/expected/access_control.out b/contrib/pg_tde/expected/access_control.out
@@ -27,56 +27,7 @@ ERROR:  permission denied for function pg_tde_verify_server_key
 SELECT pg_tde_verify_default_key();
 ERROR:  permission denied for function pg_tde_verify_default_key
 RESET ROLE;
-SELECT pg_tde_grant_database_key_management_to_role('regress_pg_tde_access_control');
- pg_tde_grant_database_key_management_to_role 
-----------------------------------------------
- 
-(1 row)
-
-SELECT pg_tde_grant_key_viewer_to_role('regress_pg_tde_access_control');
- pg_tde_grant_key_viewer_to_role 
----------------------------------
- 
-(1 row)
-
-SET ROLE regress_pg_tde_access_control;
--- should now be allowed
-SELECT pg_tde_set_key_using_database_key_provider('test-db-key', 'local-file-provider');
- pg_tde_set_key_using_database_key_provider 
---------------------------------------------
- 
-(1 row)
-
-SELECT * FROM pg_tde_list_all_database_key_providers();
- id |    provider_name    | provider_type |                  options                  
-----+---------------------+---------------+-------------------------------------------
-  1 | local-file-provider | file          | {"path" : "/tmp/pg_tde_test_keyring.per"}
-(1 row)
-
-SELECT key_name, key_provider_name, key_provider_id FROM pg_tde_key_info();
-  key_name   |  key_provider_name  | key_provider_id 
--------------+---------------------+-----------------
- test-db-key | local-file-provider |               1
-(1 row)
-
-SELECT key_name, key_provider_name, key_provider_id FROM pg_tde_server_key_info();
-ERROR:  Principal key does not exists for the database
-HINT:  Use set_key interface to set the principal key
-SELECT key_name, key_provider_name, key_provider_id FROM pg_tde_default_key_info();
-ERROR:  Principal key does not exists for the database
-HINT:  Use set_key interface to set the principal key
-SELECT pg_tde_verify_key();
- pg_tde_verify_key 
--------------------
- 
-(1 row)
-
-SELECT pg_tde_verify_server_key();
-ERROR:  principal key not configured for current database
-SELECT pg_tde_verify_default_key();
-ERROR:  principal key not configured for current database
 -- Only superusers can execute key management functions, regardless of role grants
-RESET ROLE;
 GRANT EXECUTE ON FUNCTION pg_tde_add_database_key_provider(TEXT, TEXT, JSON) TO regress_pg_tde_access_control;
 GRANT EXECUTE ON FUNCTION pg_tde_add_global_key_provider(TEXT, TEXT, JSON) TO regress_pg_tde_access_control;
 GRANT EXECUTE ON FUNCTION pg_tde_change_database_key_provider(TEXT, TEXT, JSON) TO regress_pg_tde_access_control;
@@ -106,29 +57,4 @@ ERROR:  must be superuser to access global key providers
 SELECT pg_tde_set_server_key_using_global_key_provider('key1', 'global-file-provider');
 ERROR:  must be superuser to access global key providers
 RESET ROLE;
-SELECT pg_tde_revoke_key_viewer_from_role('regress_pg_tde_access_control');
- pg_tde_revoke_key_viewer_from_role 
-------------------------------------
- 
-(1 row)
-
-SET ROLE regress_pg_tde_access_control;
--- verify the view access is revoked
-SELECT pg_tde_list_all_database_key_providers();
-ERROR:  permission denied for function pg_tde_list_all_database_key_providers
-SELECT pg_tde_list_all_global_key_providers();
-ERROR:  permission denied for function pg_tde_list_all_global_key_providers
-SELECT pg_tde_key_info();
-ERROR:  permission denied for function pg_tde_key_info
-SELECT pg_tde_server_key_info();
-ERROR:  permission denied for function pg_tde_server_key_info
-SELECT pg_tde_default_key_info();
-ERROR:  permission denied for function pg_tde_default_key_info
-SELECT pg_tde_verify_key();
-ERROR:  permission denied for function pg_tde_verify_key
-SELECT pg_tde_verify_server_key();
-ERROR:  permission denied for function pg_tde_verify_server_key
-SELECT pg_tde_verify_default_key();
-ERROR:  permission denied for function pg_tde_verify_default_key
-RESET ROLE;
 DROP EXTENSION pg_tde CASCADE;
diff --git a/contrib/pg_tde/expected/relocate.out b/contrib/pg_tde/expected/relocate.out
@@ -9,12 +9,6 @@ SELECT other.pg_tde_add_database_key_provider_file('file-vault', '/tmp/pg_tde_te
  
 (1 row)
 
-SELECT other.pg_tde_grant_key_viewer_to_role('public');
- pg_tde_grant_key_viewer_to_role 
----------------------------------
- 
-(1 row)
-
 ALTER EXTENSION pg_tde SET SCHEMA public;
 ERROR:  extension "pg_tde" does not support SET SCHEMA
 DROP EXTENSION pg_tde;
diff --git a/contrib/pg_tde/pg_tde--1.0-rc.sql b/contrib/pg_tde/pg_tde--1.0-rc.sql
@@ -548,65 +548,3 @@ LANGUAGE C
 AS 'MODULE_PATHNAME';
 SELECT pg_tde_extension_initialize();
 DROP FUNCTION pg_tde_extension_initialize();
-
-CREATE FUNCTION pg_tde_grant_database_key_management_to_role(
-    target_role TEXT)
-RETURNS VOID
-LANGUAGE plpgsql
-SET search_path = @extschema@
-AS $$
-BEGIN
-    EXECUTE format('GRANT EXECUTE ON FUNCTION pg_tde_set_key_using_database_key_provider(TEXT, TEXT, BOOLEAN) TO %I', target_role);
-END;
-$$;
-
-CREATE FUNCTION pg_tde_grant_key_viewer_to_role(
-    target_role TEXT)
-RETURNS VOID
-LANGUAGE plpgsql
-SET search_path = @extschema@
-AS $$
-BEGIN
-    EXECUTE format('GRANT EXECUTE ON FUNCTION pg_tde_list_all_database_key_providers() TO %I', target_role);
-    EXECUTE format('GRANT EXECUTE ON FUNCTION pg_tde_list_all_global_key_providers() TO %I', target_role);
-
-    EXECUTE format('GRANT EXECUTE ON FUNCTION pg_tde_key_info() TO %I', target_role);
-    EXECUTE format('GRANT EXECUTE ON FUNCTION pg_tde_server_key_info() TO %I', target_role);
-    EXECUTE format('GRANT EXECUTE ON FUNCTION pg_tde_default_key_info() TO %I', target_role);
-
-    EXECUTE format('GRANT EXECUTE ON FUNCTION pg_tde_verify_key() TO %I', target_role);
-    EXECUTE format('GRANT EXECUTE ON FUNCTION pg_tde_verify_server_key() TO %I', target_role);
-    EXECUTE format('GRANT EXECUTE ON FUNCTION pg_tde_verify_default_key() TO %I', target_role);
-END;
-$$;
-
-CREATE FUNCTION pg_tde_revoke_database_key_management_from_role(
-    target_role TEXT)
-RETURNS VOID
-LANGUAGE plpgsql
-SET search_path = @extschema@
-AS $$
-BEGIN
-    EXECUTE format('REVOKE EXECUTE ON FUNCTION pg_tde_set_key_using_database_key_provider(TEXT, TEXT, BOOLEAN) FROM %I', target_role);
-END;
-$$;
-
-CREATE FUNCTION pg_tde_revoke_key_viewer_from_role(
-    target_role TEXT)
-RETURNS VOID
-LANGUAGE plpgsql
-SET search_path = @extschema@
-AS $$
-BEGIN
-    EXECUTE format('REVOKE EXECUTE ON FUNCTION pg_tde_list_all_database_key_providers() FROM %I', target_role);
-    EXECUTE format('REVOKE EXECUTE ON FUNCTION pg_tde_list_all_global_key_providers() FROM %I', target_role);
-
-    EXECUTE format('REVOKE EXECUTE ON FUNCTION pg_tde_key_info() FROM %I', target_role);
-    EXECUTE format('REVOKE EXECUTE ON FUNCTION pg_tde_server_key_info() FROM %I', target_role);
-    EXECUTE format('REVOKE EXECUTE ON FUNCTION pg_tde_default_key_info() FROM %I', target_role);
-
-    EXECUTE format('REVOKE EXECUTE ON FUNCTION pg_tde_verify_key() FROM %I', target_role);
-    EXECUTE format('REVOKE EXECUTE ON FUNCTION pg_tde_verify_server_key() FROM %I', target_role);
-    EXECUTE format('REVOKE EXECUTE ON FUNCTION pg_tde_verify_default_key() FROM %I', target_role);
-END;
-$$;
diff --git a/contrib/pg_tde/sql/access_control.sql b/contrib/pg_tde/sql/access_control.sql
@@ -19,23 +19,7 @@ SELECT pg_tde_verify_default_key();
 
 RESET ROLE;
 
-SELECT pg_tde_grant_database_key_management_to_role('regress_pg_tde_access_control');
-SELECT pg_tde_grant_key_viewer_to_role('regress_pg_tde_access_control');
-
-SET ROLE regress_pg_tde_access_control;
-
--- should now be allowed
-SELECT pg_tde_set_key_using_database_key_provider('test-db-key', 'local-file-provider');
-SELECT * FROM pg_tde_list_all_database_key_providers();
-SELECT key_name, key_provider_name, key_provider_id FROM pg_tde_key_info();
-SELECT key_name, key_provider_name, key_provider_id FROM pg_tde_server_key_info();
-SELECT key_name, key_provider_name, key_provider_id FROM pg_tde_default_key_info();
-SELECT pg_tde_verify_key();
-SELECT pg_tde_verify_server_key();
-SELECT pg_tde_verify_default_key();
-
 -- Only superusers can execute key management functions, regardless of role grants
-RESET ROLE;
 GRANT EXECUTE ON FUNCTION pg_tde_add_database_key_provider(TEXT, TEXT, JSON) TO regress_pg_tde_access_control;
 GRANT EXECUTE ON FUNCTION pg_tde_add_global_key_provider(TEXT, TEXT, JSON) TO regress_pg_tde_access_control;
 GRANT EXECUTE ON FUNCTION pg_tde_change_database_key_provider(TEXT, TEXT, JSON) TO regress_pg_tde_access_control;
@@ -47,6 +31,7 @@ GRANT EXECUTE ON FUNCTION pg_tde_set_key_using_global_key_provider(TEXT, TEXT, B
 GRANT EXECUTE ON FUNCTION pg_tde_set_server_key_using_global_key_provider(TEXT, TEXT, BOOLEAN) TO regress_pg_tde_access_control;
 
 SET ROLE regress_pg_tde_access_control;
+
 SELECT pg_tde_add_database_key_provider_file('local-file-provider', '/tmp/pg_tde_test_keyring.per');
 SELECT pg_tde_change_global_key_provider_file('local-file-provider', '/tmp/pg_tde_test_keyring.per');
 SELECT pg_tde_delete_database_key_provider('local-file-provider');
@@ -56,21 +41,6 @@ SELECT pg_tde_delete_global_key_provider('global-file-provider');
 SELECT pg_tde_set_key_using_global_key_provider('key1', 'global-file-provider');
 SELECT pg_tde_set_default_key_using_global_key_provider('key1', 'global-file-provider');
 SELECT pg_tde_set_server_key_using_global_key_provider('key1', 'global-file-provider');
-RESET ROLE;
-
-SELECT pg_tde_revoke_key_viewer_from_role('regress_pg_tde_access_control');
-
-SET ROLE regress_pg_tde_access_control;
-
--- verify the view access is revoked
-SELECT pg_tde_list_all_database_key_providers();
-SELECT pg_tde_list_all_global_key_providers();
-SELECT pg_tde_key_info();
-SELECT pg_tde_server_key_info();
-SELECT pg_tde_default_key_info();
-SELECT pg_tde_verify_key();
-SELECT pg_tde_verify_server_key();
-SELECT pg_tde_verify_default_key();
 
 RESET ROLE;
 
diff --git a/contrib/pg_tde/sql/relocate.sql b/contrib/pg_tde/sql/relocate.sql
@@ -8,8 +8,6 @@ CREATE EXTENSION pg_tde SCHEMA other;
 
 SELECT other.pg_tde_add_database_key_provider_file('file-vault', '/tmp/pg_tde_test_keyring.per');
 
-SELECT other.pg_tde_grant_key_viewer_to_role('public');
-
 ALTER EXTENSION pg_tde SET SCHEMA public;
 
 DROP EXTENSION pg_tde;
diff --git a/contrib/pg_tde/src/catalog/tde_principal_key.c b/contrib/pg_tde/src/catalog/tde_principal_key.c
@@ -679,9 +679,7 @@ pg_tde_get_key_info(PG_FUNCTION_ARGS, Oid dbOid)
 	/* Make the tuple into a datum */
 	result = HeapTupleGetDatum(tuple);
 
-#ifndef FRONTEND
 	pfree(keyring);
-#endif
 
 	PG_RETURN_DATUM(result);
 }

Original file line number	Diff line number	Diff line change
`@@ -679,9 +679,7 @@ pg_tde_get_key_info(PG_FUNCTION_ARGS, Oid dbOid)`
`679`	`679`	`/* Make the tuple into a datum */`
`680`	`680`	`result = HeapTupleGetDatum(tuple);`
`681`	`681`
`682`		`-#ifndef FRONTEND`
`683`	`682`	`pfree(keyring);`
`684`		`-#endif`
`685`	`683`
`686`	`684`	`PG_RETURN_DATUM(result);`
`687`	`685`	`}`