Make pg_waldump read encrypted WAL (#20)

This commit:
- Adds build infrastructure for the frontend tools to compile with pg_tde. pg_tde dependencies will be built only if build flag `precone_ext` is on. It also makes `openssl` and `curl` required if  `precone_ext` is on.
- Makes pg_waldump work with the TDE encrypted WAL. If user set `-k` flag it will try to init tde keys etc and decode encrypted pages. If no `-k` options set, it behaves like community version - won't try to ini tde and won't be able to decrypt WAL.
- Adds tap tests for encrypted WAL to pg_waldump.
- Fixes Percona versioning in ./configure

For PG-1003, PG-1005
Depends percona/pg_tde#362

Author: dAdAbird

.github/workflows/postgresql-current-make-debug.yml

@@ -39,7 +39,6 @@ jobs:
           cd contrib/pg_tde
           git checkout main
           git pull
-          ./configure
         working-directory: src
 
       - name: Build postgres

configure

@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for PostgreSQL 17.2.
+# Generated by GNU Autoconf 2.69 for PostgreSQL 17.2.1.
 #
 # Report bugs to <[email protected]>.
 #
@@ -582,8 +582,8 @@ MAKEFLAGS=
 # Identity of this package.
 PACKAGE_NAME='PostgreSQL'
 PACKAGE_TARNAME='postgresql'
-PACKAGE_VERSION='17.2'
-PACKAGE_STRING='PostgreSQL 17.2'
+PACKAGE_VERSION='17.2.1'
+PACKAGE_STRING='PostgreSQL 17.2.1'
 PACKAGE_BUGREPORT='[email protected]'
 PACKAGE_URL='https://www.postgresql.org/'
 
@@ -658,6 +658,7 @@ UUID_LIBS
 LDAP_LIBS_BE
 LDAP_LIBS_FE
 with_ssl
+enable_percona_ext
 PTHREAD_CFLAGS
 PTHREAD_LIBS
 PTHREAD_CC
@@ -762,7 +763,6 @@ CPPFLAGS
 LDFLAGS
 CFLAGS
 CC
-enable_percona_ext
 enable_injection_points
 enable_tap_tests
 enable_dtrace
@@ -845,7 +845,6 @@ enable_coverage
 enable_dtrace
 enable_tap_tests
 enable_injection_points
-enable_percona_ext
 with_blocksize
 with_segsize
 with_segsize_blocks
@@ -861,6 +860,7 @@ with_python
 with_gssapi
 with_krb_srvnam
 with_pam
+with_curl
 with_bsd_auth
 with_ldap
 with_bonjour
@@ -878,6 +878,7 @@ with_lz4
 with_zstd
 with_ssl
 with_openssl
+enable_percona_ext
 enable_largefile
 '
       ac_precious_vars='build_alias
@@ -1540,9 +1541,9 @@ Optional Features:
   --enable-tap-tests      enable TAP tests (requires Perl and IPC::Run)
   --enable-injection-points
                           enable injection points (for testing)
-  --disable-percona-ext   enable Percona specific features
   --enable-depend         turn on automatic dependency tracking
   --enable-cassert        enable assertion checks (for debugging)
+  --disable-percona-ext   enable Percona specific features
   --disable-largefile     omit support for large files
 
 Optional Packages:
@@ -1572,6 +1573,7 @@ Optional Packages:
   --with-krb-srvnam=NAME  default service principal name in Kerberos (GSSAPI)
                           [postgres]
   --with-pam              build with PAM support
+  --with-curl             build with curl support
   --with-bsd-auth         build with BSD Authentication support
   --with-ldap             build with LDAP support
   --with-bonjour          build with Bonjour support
@@ -2835,7 +2837,7 @@ _ACEOF
 
 
 PG_MAJORVERSION=`expr "$PACKAGE_VERSION" : '\([0-9][0-9]*\)'`
-PG_MINORVERSION=`expr "$PACKAGE_VERSION" : '.*\.\([0-9][0-9]*\)'`
+PG_MINORVERSION=`expr "$PACKAGE_VERSION" : '.*\.\([0-9][0-9]*\)*\.'`
 test -n "$PG_MINORVERSION" || PG_MINORVERSION=0
 
 
@@ -2854,7 +2856,7 @@ cat >>confdefs.h <<_ACEOF
 _ACEOF
 
 
-PG_PERCONAVERSION=1
+PG_PERCONAVERSION=`expr "$PACKAGE_VERSION" : '.*\.\([0-9][0-9]*\)'`
 
 cat >>confdefs.h <<_ACEOF
 #define PG_PERCONAVERSION "$PG_PERCONAVERSION"
@@ -3726,38 +3728,6 @@ fi
 
 
 
-#
-# Percona ext
-#
-
-
-# Check whether --enable-percona-ext was given.
-if test "${enable_percona_ext+set}" = set; then :
-  enableval=$enable_percona_ext;
-  case $enableval in
-    yes)
-
-$as_echo "#define PERCONA_EXT 1" >>confdefs.h
-
-      ;;
-    no)
-      :
-      ;;
-    *)
-      as_fn_error $? "no argument expected for --enable-percona-ext option" "$LINENO" 5
-      ;;
-  esac
-
-else
-  enable_percona_ext=yes
-
-$as_echo "#define PERCONA_EXT 1" >>confdefs.h
-
-fi
-
-
-
-
 #
 # Block size
 #
@@ -8459,6 +8429,41 @@ fi
 $as_echo "$with_pam" >&6; }
 
 
+#
+# curl
+#
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to build with curl support" >&5
+$as_echo_n "checking whether to build with curl support... " >&6; }
+
+
+
+# Check whether --with-curl was given.
+if test "${with_curl+set}" = set; then :
+  withval=$with_curl;
+  case $withval in
+    yes)
+
+$as_echo "#define USE_CURL 1" >>confdefs.h
+
+      ;;
+    no)
+      :
+      ;;
+    *)
+      as_fn_error $? "no argument expected for --with-curl option" "$LINENO" 5
+      ;;
+  esac
+
+else
+  with_curl=no
+
+fi
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $with_curl" >&5
+$as_echo "$with_curl" >&6; }
+
+
 #
 # BSD AUTH
 #
@@ -12371,6 +12376,43 @@ if test "$with_openssl" = yes ; then
   with_ssl=openssl
 fi
 
+#
+# Percona ext
+#
+# Requires Open SSL and curl
+#
+
+
+# Check whether --enable-percona-ext was given.
+if test "${enable_percona_ext+set}" = set; then :
+  enableval=$enable_percona_ext;
+  case $enableval in
+    yes)
+
+$as_echo "#define PERCONA_EXT 1" >>confdefs.h
+
+      ;;
+    no)
+      :
+      ;;
+    *)
+      as_fn_error $? "no argument expected for --enable-percona-ext option" "$LINENO" 5
+      ;;
+  esac
+
+else
+  enable_percona_ext=yes
+
+$as_echo "#define PERCONA_EXT 1" >>confdefs.h
+
+fi
+
+
+
+with_curl=yes
+with_ssl=openssl
+
+
 if test "$with_ssl" = openssl ; then
     # Minimum required OpenSSL version is 1.0.2
 
@@ -12653,6 +12695,56 @@ elif test "$with_ssl" != no ; then
 fi
 
 
+if test "$with_curl" = "yes" ; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for curl_easy_setopt in -lcurl" >&5
+$as_echo_n "checking for curl_easy_setopt in -lcurl... " >&6; }
+if ${ac_cv_lib_curl_curl_easy_setopt+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_check_lib_save_LIBS=$LIBS
+LIBS="-lcurl  $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+/* Override any GCC internal prototype to avoid an error.
+   Use char because int might match the return type of a GCC
+   builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char curl_easy_setopt ();
+int
+main ()
+{
+return curl_easy_setopt ();
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  ac_cv_lib_curl_curl_easy_setopt=yes
+else
+  ac_cv_lib_curl_curl_easy_setopt=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_curl_curl_easy_setopt" >&5
+$as_echo "$ac_cv_lib_curl_curl_easy_setopt" >&6; }
+if test "x$ac_cv_lib_curl_curl_easy_setopt" = xyes; then :
+  cat >>confdefs.h <<_ACEOF
+#define HAVE_LIBCURL 1
+_ACEOF
+
+  LIBS="-lcurl $LIBS"
+
+else
+  as_fn_error $? "library 'curl' is required for curl support" "$LINENO" 5
+fi
+
+fi
+
 if test "$with_pam" = yes ; then
   { $as_echo "$as_me:${as_lineno-$LINENO}: checking for pam_start in -lpam" >&5
 $as_echo_n "checking for pam_start in -lpam... " >&6; }
@@ -13823,6 +13915,19 @@ else
 fi
 
 
+fi
+
+if test "$with_curl" = "yes" ; then
+	ac_fn_c_check_header_mongrel "$LINENO" "curl/curl.h" "ac_cv_header_curl_curl_h" "$ac_includes_default"
+if test "x$ac_cv_header_curl_curl_h" = xyes; then :
+
+else
+
+		as_fn_error $? "header file <curl/curl.h> is required for curl support" "$LINENO" 5
+
+fi
+
+
 fi
 
 if test "$with_pam" = yes ; then
@@ -14941,7 +15046,7 @@ else
     We can't simply define LARGE_OFF_T to be 9223372036854775807,
     since some C++ compilers masquerading as C compilers
     incorrectly reject 9223372036854775807.  */
-#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31))
+#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
   int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
 		       && LARGE_OFF_T % 2147483647 == 1)
 		      ? 1 : -1];
@@ -14987,7 +15092,7 @@ else
     We can't simply define LARGE_OFF_T to be 9223372036854775807,
     since some C++ compilers masquerading as C compilers
     incorrectly reject 9223372036854775807.  */
-#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31))
+#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
   int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
 		       && LARGE_OFF_T % 2147483647 == 1)
 		      ? 1 : -1];
@@ -15011,7 +15116,7 @@ rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
     We can't simply define LARGE_OFF_T to be 9223372036854775807,
     since some C++ compilers masquerading as C compilers
     incorrectly reject 9223372036854775807.  */
-#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31))
+#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
   int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
 		       && LARGE_OFF_T % 2147483647 == 1)
 		      ? 1 : -1];
@@ -15056,7 +15161,7 @@ else
     We can't simply define LARGE_OFF_T to be 9223372036854775807,
     since some C++ compilers masquerading as C compilers
     incorrectly reject 9223372036854775807.  */
-#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31))
+#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
   int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
 		       && LARGE_OFF_T % 2147483647 == 1)
 		      ? 1 : -1];
@@ -15080,7 +15185,7 @@ rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
     We can't simply define LARGE_OFF_T to be 9223372036854775807,
     since some C++ compilers masquerading as C compilers
     incorrectly reject 9223372036854775807.  */
-#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31))
+#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
   int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
 		       && LARGE_OFF_T % 2147483647 == 1)
 		      ? 1 : -1];