forked from michelp/pgsodium
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
put support for 13 back in, had to remove some 14+ specific code.
- Loading branch information
Showing
3 changed files
with
12 additions
and
11 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -29,7 +29,8 @@ GRANT USAGE ON SCHEMA @extschema@_masks TO pgsodium_keyiduser; | |
|
|
||
| CREATE OR REPLACE FUNCTION @[email protected]() | ||
| RETURNS text | ||
| RETURN (SELECT extversion FROM pg_extension WHERE extname = 'pgsodium'); | ||
| AS $$ SELECT extversion FROM pg_extension WHERE extname = 'pgsodium') $$ | ||
| LANGUAGE sql; | ||
|
|
||
| -- Internal Key Management | ||
|
|
||
|
|
@@ -90,7 +91,7 @@ CREATE FUNCTION @[email protected]_key( | |
| key_context bytea = 'pgsodium', | ||
| expires timestamp = null, | ||
| user_data jsonb = null) RETURNS @[email protected] | ||
| BEGIN ATOMIC | ||
| AS $$ | ||
| INSERT INTO @[email protected] (key_id, key_context, key_type, expires, comment, user_data) | ||
| VALUES (case when key_id is null then nextval('@[email protected]_key_id_seq'::regclass) else key_id | ||
| end, | ||
|
|
@@ -99,7 +100,7 @@ CREATE FUNCTION @[email protected]_key( | |
| expires, | ||
| comment, | ||
| user_data) RETURNING *; | ||
| END; | ||
| $$ LANGUAGE sql; | ||
|
|
||
| -- Deterministic AEAD functions by key uuid | ||
|
|
||
|
|
@@ -279,20 +280,20 @@ GRANT SELECT ON @[email protected]_rule TO PUBLIC; | |
|
|
||
|
|
||
| CREATE FUNCTION @[email protected]_mask(role regrole, source_name text) | ||
| RETURNS BOOLEAN RETURN ( | ||
| RETURNS boolean AS $$ | ||
| SELECT EXISTS( | ||
| SELECT 1 | ||
| FROM pg_shseclabel | ||
| WHERE objoid = role | ||
| AND provider = 'pgsodium' | ||
| AND label ilike 'ACCESS%' || source_name || '%') | ||
| ); | ||
| $$ LANGUAGE sql; | ||
|
|
||
| -- Display all columns of the relation with the masking function (if any) | ||
| CREATE FUNCTION @[email protected]_columns(source_relid oid) | ||
| RETURNS TABLE (attname name, key_id text, key_id_column text, | ||
| associated_column text, nonce_column text, format_type text) | ||
| BEGIN ATOMIC | ||
| AS $$ | ||
| SELECT | ||
| a.attname, | ||
| m.key_id, | ||
|
|
@@ -308,7 +309,7 @@ BEGIN ATOMIC | |
| AND a.attnum > 0 -- exclude ctid, cmin, cmax | ||
| AND NOT a.attisdropped | ||
| ORDER BY a.attnum; | ||
| END; | ||
| $$ LANGUAGE sql; | ||
|
|
||
| -- get the "select filters" that will decrypt the real data of a table | ||
| CREATE FUNCTION @[email protected]_columns( | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,7 +2,7 @@ | |
|
|
||
| set -e | ||
|
|
||
| versions=${1:-14 15} | ||
| versions=${1:-13 14 15} | ||
|
|
||
| for version in $versions | ||
| do | ||
|
|
||