michelp / pgsodium

Modern cryptography for PostgreSQL using libsodium.
Other
555 stars 32 forks source link

Error .. security label #103

Open kot8891 opened 8 months ago

kot8891 commented 8 months ago

While attempting to apply a security label to a table column

SECURITY LABEL FOR pgsodium ON COLUMN test.mka_sysadmin_crypt.paswd
 IS 'ENCRYPT WITH KEY ID 751013a0-21ee-4743-a5eb-692ca7f6e26d';

I encountered the following error:

[42601] ERROR: syntax error at or near "," Where: PL/pgSQL function pgsodium.create_mask_view(oid,integer,boolean) line 41 at EXECUTE SQL statement "SELECT pgsodium.create_mask_view(objoid, objsubid, debug) FROM pg_catalog.pg_seclabel sl WHERE sl.objoid = tar ...

Upon investigation, I traced the issue to the function decrypted_columns(relid oid) returns text and specifically to the line SET search_path="". It appears that assigning an empty string to search_path is not permissible.

And I am also unable to recompile this function due to the following error:

 [2BP01] ERROR: cannot drop function pgsodium.decrypted_columns(oid) because extension pgsodium requires it.

Postgresql version: PostgreSQL 16.2 (Debian 16.2-1.pgdg110+2) on x86_64-pc-linux-gnu, compiled by gcc (Debian 10.2.1-6) 10.2.1 20210110, 64-bit

pgsodium version: 3.1.9