8000 Handle JSON scalar types in key provider options · percona/postgres@4807e46 · GitHub
[go: up one dir, main page]
Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 4807e46

Browse files
AndersAstrandAndersAstrand
committed
Handle JSON scalar types in key provider options
Treat null as missing value, error out on boolean and make no change for number or string.
1 parent fe50a21 commit 4807e46

File tree

3 files changed

+66
-1
lines changed

3 files changed

+66
-1
lines changed

contrib/pg_tde/expected/key_provider.out

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -204,17 +204,30 @@ ERROR: key provider options must be an object
204204
-- Creating key providers fails if an external value object doesn't have all required keys
205205
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {}}');
206206
ERROR: external value must contain "type" in field "path"
207+
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {"type": null}}');
208+
ERROR: external value must contain "type" in field "path"
207209
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {"type": "remote"}}');
208210
ERROR: external remote value must contain "url" in field "path"
211+
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {"type": "remote", "url": null}}');
212+
ERROR: external remote value must contain "url" in field "path"
209213
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {"type": "file"}}');
210214
ERROR: external file value must contain "path" in field "path"
215+
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {"type": "file", "path": null}}');
216+
ERROR: external file value must contain "path" in field "path"
211217
-- Creating key providers fails if values are array instead of scalar
212218
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": ["array"]}');
213219
ERROR: unexpected array in field "path"
214220
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {"type": ["array"]}}');
215221
ERROR: unexpected array in field "path"
216222
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {"type": "file", "path": ["array"]}}');
217223
ERROR: unexpected array in field "path"
224+
-- Creating key providers fails if values are boolean
225+
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": true}');
226+
ERROR: unexpected boolean in field "path"
227+
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {"type": true}}');
228+
ERROR: unexpected boolean in field "path"
229+
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {"type": "file", "path": true}}');
230+
ERROR: unexpected boolean in field "path"
218231
-- Modifying key providers fails if any required parameter is NULL
219232
SELECT pg_tde_change_database_key_provider(NULL, 'file-keyring', '{}');
220233
ERROR: provider type cannot be null
@@ -245,17 +258,30 @@ ERROR: key provider options must be an object
245258
-- Modifying key providers fails if an external value object doesn't have all required keys
246259
SELECT pg_tde_change_database_key_provider('file', 'file-provider', '{"path": {}}');
247260
ERROR: external value must contain "type" in field "path"
261+
SELECT pg_tde_change_database_key_provider('file', 'provider', '{"path": {"type": null}}');
262+
ERROR: key provider "provider" does not exists
248263
SELECT pg_tde_change_database_key_provider('file', 'file-provider', '{"path": {"type": "remote"}}');
249264
ERROR: external remote value must contain "url" in field "path"
265+
SELECT pg_tde_change_database_key_provider('file', 'provider', '{"path": {"type": "remote", "url": null}}');
266+
ERROR: key provider "provider" does not exists
250267
SELECT pg_tde_change_database_key_provider('file', 'file-provider', '{"path": {"type": "file"}}');
251268
ERROR: external file value must contain "path" in field "path"
269+
SELECT pg_tde_change_database_key_provider('file', 'provider', '{"path": {"type": "file", "path": null}}');
270+
ERROR: key provider "provider" does not exists
252271
-- Modifying key providers fails if values are array instead of scalar
253272
SELECT pg_tde_change_database_key_provider('file', 'file-provider', '{"path": ["array"]}');
254273
ERROR: unexpected array in field "path"
255274
SELECT pg_tde_change_database_key_provider('file', 'file-provider', '{"path": {"type": ["array"]}}');
256275
ERROR: unexpected array in field "path"
257276
SELECT pg_tde_change_database_key_provider('file', 'file-provider', '{"path": {"type": "file", "path": ["array"]}}');
258277
ERROR: unexpected array in field "path"
278+
-- Modifying key providers fails if values are boolean
279+
SELECT pg_tde_change_database_key_provider('file', 'provider', '{"path": true}');
280+
ERROR: key provider "provider" does not exists
281+
SELECT pg_tde_change_database_key_provider('file', 'provider', '{"path": {"type": true}}');
282+
ERROR: key provider "provider" does not exists
283+
SELECT pg_tde_change_database_key_provider('file', 'provider', '{"path": {"type": "file", "path": true}}');
284+
ERROR: key provider "provider" does not exists
259285
-- Deleting key providers fails if key name is NULL
260286
SELECT pg_tde_delete_database_key_provider(NULL);
261287
ERROR: provider_name cannot be null

contrib/pg_tde/sql/key_provider.sql

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -83,14 +83,22 @@ SELECT pg_tde_add_database_key_provider('file', 'provider', 'null');
8383

8484
-- Creating key providers fails if an external value object doesn't have all required keys
8585
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {}}');
86+
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {"type": null}}');
8687
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {"type": "remote"}}');
88+
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {"type": "remote", "url": null}}');
8789
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {"type": "file"}}');
90+
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {"type": "file", "path": null}}');
8891

8992
-- Creating key providers fails if values are array instead of scalar
9093
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": ["array"]}');
9194
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {"type": ["array"]}}');
9295
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {"type": "file", "path": ["array"]}}');
9396

97+
-- Creating key providers fails if values are boolean
98+
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": true}');
99+
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {"type": true}}');
100+
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {"type": "file", "path": true}}');
101+
94102
-- Modifying key providers fails if any required parameter is NULL
95103
SELECT pg_tde_change_database_key_provider(NULL, 'file-keyring', '{}');
96104
SELECT pg_tde_change_database_key_provider('file', NULL, '{}');
@@ -111,14 +119,22 @@ SELECT pg_tde_change_database_key_provider('file', 'file-provider', 'null');
111119

112120
-- Modifying key providers fails if an external value object doesn't have all required keys
113121
SELECT pg_tde_change_database_key_provider('file', 'file-provider', '{"path": {}}');
122+
SELECT pg_tde_change_database_key_provider('file', 'provider', '{"path": {"type": null}}');
114123
SELECT pg_tde_change_database_key_provider('file', 'file-provider', '{"path": {"type": "remote"}}');
124+
SELECT pg_tde_change_database_key_provider('file', 'provider', '{"path": {"type": "remote", "url": null}}');
115125
SELECT pg_tde_change_database_key_provider('file', 'file-provider', '{"path": {"type": "file"}}');
126+
SELECT pg_tde_change_database_key_provider('file', 'provider', '{"path": {"type": "file", "path": null}}');
116127

117128
-- Modifying key providers fails if values are array instead of scalar
118129
SELECT pg_tde_change_database_key_provider('file', 'file-provider', '{"path": ["array"]}');
119130
SELECT pg_tde_change_database_key_provider('file', 'file-provider', '{"path": {"type": ["array"]}}');
120131
SELECT pg_tde_change_database_key_provider('file', 'file-provider', '{"path": {"type": "file", "path": ["array"]}}');
121132

133+
-- Modifying key providers fails if values are boolean
134+
SELECT pg_tde_change_database_key_provider('file', 'provider', '{"path": true}');
135+
SELECT pg_tde_change_database_key_provider('file', 'provider', '{"path": {"type": true}}');
136+
SELECT pg_tde_change_database_key_provider('file', 'provider', '{"path": {"type": "file", "path": true}}');
137+
122138
-- Deleting key providers fails if key name is NULL
123139
SELECT pg_tde_delete_database_key_provider(NULL);
124140
SELECT pg_tde_delete_global_key_provider(NULL);

contrib/pg_tde/src/catalog/tde_keyring_parse_opts.c

Lines changed: 24 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -431,6 +431,7 @@ json_kring_scalar(void *state, char *token, JsonTokenType tokentype)
431431
{
432432
JsonKeyringState *parse = state;
433433
JsonKeyringField *field = NULL;
434+
char *value;
434435

435436
switch (parse->state)
436437
{
@@ -447,7 +448,29 @@ json_kring_scalar(void *state, char *token, JsonTokenType tokentype)
447448
break;
448449
}
449450

450-
return json_kring_assign_scalar(parse, *field, token);
451+
switch (tokentype)
452+
{
453+
case JSON_TOKEN_STRING:
454+
case JSON_TOKEN_NUMBER:
455+
value = token;
456+
break;
457+
case JSON_TOKEN_TRUE:
458+
case JSON_TOKEN_FALSE:
459+
ereport(ERROR,
460+
errcode(ERRCODE_INVALID_PARAMETER_VALUE),
461+
errmsg("unexpected boolean in field \"%s\"", JK_FIELD_NAMES[parse->top_level_field]));
462+
break;
463+
case JSON_TOKEN_NULL:
464+
value = NULL;
465+
pfree(token);
466+
break;
467+
default:
468+
ereport(ERROR,
469+
errmsg("invalid token type"));
470+
break;
471+
}
472+
473+
return json_kring_assign_scalar(parse, *field, value);
451474
}
452475

453476
static JsonParseErrorType

0 commit comments

Comments
 (0)
0