Revert "Add key management system" (978f869) & later commits

The patch needs test cases, reorganization, and cfbot testing.
Technically reverts commits 5c31afc..e35b2ba (exclusive/inclusive)
and 08db7c6..ccbe341.

Reported-by: Tom Lane, Michael Paquier

Discussion: https://postgr.es/m/E1ktAAG-0002V2-VB@gemulon.postgresql.org

Author: bmomjian

doc/src/sgml/config.sgml

@@ -1452,18 +1452,18 @@ include_dir 'conf.d'
         mechanism is used.
        </para>
        <para>
-        The command must print the passphrase to the standard output
-        and exit with code 0.  It can prompt from the terminal if
-        <option>--authprompt</option> is used.  In the parameter value,
-        <literal>%R</literal> represents the file descriptor number opened
-        to the terminal that started the server.  A file descriptor is only
-        available if enabled at server start.  If <literal>%R</literal>
-        is used and no file descriptor is available, the server will not
-        start.  Value <literal>%p</literal> is replaced by a pre-defined
-        prompt string.  (Write <literal>%%</literal> for a literal
-        <literal>%</literal>.)  Note that the prompt string will probably
-        contain whitespace, so be sure to quote its use adequately.
-        Newlines are stripped from the end of the output if present.
+        The command must print the passphrase to the standard output and exit
+        with code 0.  In the parameter value, <literal>%p</literal> is
+        replaced by a prompt string.  (Write <literal>%%</literal> for a
+        literal <literal>%</literal>.)  Note that the prompt string will
+        probably contain whitespace, so be sure to quote adequately.  A single
+        newline is stripped from the end of the output if present.
+       </para>
+       <para>
+        The command does not actually have to prompt the user for a
+        passphrase.  It can read it from a file, obtain it from a keychain
+        facility, or similar.  It is up to the user to make sure the chosen
+        mechanism is adequately secure.
        </para>
        <para>
         This parameter can only be set in the <filename>postgresql.conf</filename>
@@ -1486,12 +1486,10 @@ include_dir 'conf.d'
         parameter is off (the default), then
         <varname>ssl_passphrase_command</varname> will be ignored during a
         reload and the SSL configuration will not be reloaded if a passphrase
-        is needed.  This setting is appropriate for a command that requires a
-        terminal for prompting, which will likely not be available when the server is
-        running.  (<option>--authprompt</option> closes the terminal file
-        descriptor soon after server start.)   Setting this parameter on
-        might be appropriate, for example, if the passphrase is obtained
-        from a file.
+        is needed.  That setting is appropriate for a command that requires a
+        TTY for prompting, which might not be available when the server is
+        running.  Setting this parameter to on might be appropriate if the
+        passphrase is obtained from a file, for example.
        </para>
        <para>
         This parameter can only be set in the <filename>postgresql.conf</filename>
@@ -7818,52 +7816,6 @@ COPY postgres_log FROM '/full/path/to/logfile.csv' WITH csv;
     </variablelist>
    </sect1>
 
-   <sect1 id="runtime-config-encryption">
-    <title>Cluster File Encryption</title>
-
-    <variablelist>
-     <varlistentry id="guc-cluster-key-command" xreflabel="cluster_key_command">
-      <term><varname>cluster_key_command</varname> (<type>string</type>)
-      <indexterm>
-       <primary><varname>cluster_key_command</varname> configuration parameter</primary>
-      </indexterm>
-      </term>
-      <listitem>
-       <para>
-        This option specifies an external command to obtain the cluster-level
-        key for cluster file encryption during server initialization and
-        server start.
-       </para>
-       <para>
-        The command must print the cluster key to the standard output as
-        64 hexadecimal characters, and exit with code 0.  The command
-        can prompt for the passphrase or PIN from the terminal if
-        <option>--authprompt</option> is used.  In the parameter value,
-        <literal>%R</literal> represents the file descriptor number opened
-        to the terminal that started the server.  A file descriptor is only
-        available if enabled at server start.  If <literal>%R</literal>
-        is used and no file descriptor is available, the server will not
-        start.  Value <literal>%p</literal> is replaced by a pre-defined
-        prompt string.  Value <literal>%d</literal> is replaced by the
-        directory containing the keys;  this is useful if the command
-        must create files with the keys, e.g., to store a cluster-level
-        key encryped by a key stored in a hardware security module.
-        (Write <literal>%%</literal> for a literal <literal>%</literal>.)
-        Note that the prompt string will probably contain whitespace,
-        so be sure to quote its use adequately.  Newlines are stripped
-        from the end of the output if present.
-       </para>
-       <para>
-        This parameter can only be set by
-        <application>initdb</application>, in the
-        <filename>postgresql.conf</filename> file, or on the server
-        command line.
-       </para>
-      </listitem>
-     </varlistentry>
-    </variablelist>
-   </sect1>
-
    <sect1 id="runtime-config-client">
     <title>Client Connection Defaults</title>
 
@@ -9685,22 +9637,6 @@ dynamic_library_path = 'C:\tools\postgresql;H:\my_project\lib;$libdir'
       </listitem>
      </varlistentry>
 
-     <varlistentry id="guc-file-encryption-keylen" xreflabel="file_encryption_keylen">
-      <term><varname>file_encryption_keylen</varname> (<type>boolean</type>)
-      <indexterm>
-       <primary>Cluster file encryption key length</primary>
-      </indexterm>
-      </term>
-      <listitem>
-       <para>
-        Reports the bit length of the cluster file
-        encryption key, or zero if disabled.  See <xref
-        linkend="app-initdb-cluster-key-command"/> for more
-        information.
-       </para>
-      </listitem>
-     </varlistentry>
-
      <varlistentry id="guc-data-directory-mode" xreflabel="data_directory_mode">
       <term><varname>data_directory_mode</varname> (<type>integer</type>)
       <indexterm>

doc/src/sgml/database-encryption.sgml

@@ -49,7 +49,6 @@
 <!ENTITY wal           SYSTEM "wal.sgml">
 <!ENTITY logical-replication    SYSTEM "logical-replication.sgml">
 <!ENTITY jit    SYSTEM "jit.sgml">
-<!ENTITY database-encryption SYSTEM "database-encryption.sgml">
 
 <!-- programmer's guide -->
 <!ENTITY bgworker   SYSTEM "bgworker.sgml">

doc/src/sgml/filelist.sgml

@@ -976,9 +976,8 @@ build-postgresql:
        <listitem>
         <para>
          Build with support for <acronym>SSL</acronym> (encrypted)
-         connections and cluster file encryption. This requires the
-         <productname>OpenSSL</productname> package to be installed.
-         <filename>configure</filename> will check
+         connections. This requires the <productname>OpenSSL</productname>
+         package to be installed.  <filename>configure</filename> will check
          for the required header files and libraries to make sure that
          your <productname>OpenSSL</productname> installation is sufficient
          before proceeding.

doc/src/sgml/installation.sgml

@@ -171,7 +171,6 @@ break is not needed in a wider output rendering.
   &wal;
   &logical-replication;
   &jit;
-  &database-encryption;
   &regress;
 
  </part>

doc/src/sgml/postgres.sgml

@@ -189,7 +189,6 @@ Complete list of usable sgml source files in this directory.
 <!ENTITY values             SYSTEM "values.sgml">
 
 <!-- applications and utilities -->
-<!ENTITY pgalterckey        SYSTEM "pg_alterckey.sgml">
 <!ENTITY clusterdb          SYSTEM "clusterdb.sgml">
 <!ENTITY createdb           SYSTEM "createdb.sgml">
 <!ENTITY createuser         SYSTEM "createuser.sgml">
@@ -216,7 +215,7 @@ Complete list of usable sgml source files in this directory.
 <!ENTITY pgtestfsync        SYSTEM "pgtestfsync.sgml">
 <!ENTITY pgtesttiming       SYSTEM "pgtesttiming.sgml">
 <!ENTITY pgupgrade          SYSTEM "pgupgrade.sgml">
-<!ENTITY pgwaldump          SYSTEM "pg_waldump.sgml">
+<!ENTITY pgwaldump         SYSTEM "pg_waldump.sgml">
 <!ENTITY postgres           SYSTEM "postgres-ref.sgml">
 <!ENTITY postmaster         SYSTEM "postmaster.sgml">
 <!ENTITY psqlRef            SYSTEM "psql-ref.sgml">

doc/src/sgml/ref/allfiles.sgml

@@ -163,17 +163,6 @@ PostgreSQL documentation
       </listitem>
      </varlistentry>
 
-     <varlistentry id="app-initdb-cluster-key-command" xreflabel="cluster key command">
-      <term><option>--cluster-key-command=<replaceable class="parameter">command</replaceable></option></term>
-      <listitem>
-       <para>
-        This option specifies an external command to obtain the cluster-level
-        key for cluster file encryption during server initialization and
-        server start;  see <xref linkend="guc-cluster-key-command"/> for details.
-       </para>
-      </listitem>
-     </varlistentry>
-
      <varlistentry>
       <term><option>-D <replaceable class="parameter">directory</replaceable></option></term>
       <term><option>--pgdata=<replaceable class="parameter">directory</replaceable></option></term>
@@ -234,18 +223,6 @@ PostgreSQL documentation
       </listitem>
      </varlistentry>
 
-     <varlistentry id="app-initdb-file-encryption-keylen"
-      xreflabel="file encryption">
-      <term><option>-K <replaceable class="parameter">length</replaceable></option></term>
-      <term><option>--file-encryption-keylen=<replaceable class="parameter">length</replaceable></option></term>
-      <listitem>
-       <para>
-        Specifies the number of bits for the file encryption keys.  The
-        default is 128 bits.
-       </para>
-      </listitem>
-     </varlistentry>
-
      <varlistentry>
       <term><option>--locale=<replaceable>locale</replaceable></option></term>
       <listitem>
@@ -308,17 +285,6 @@ PostgreSQL documentation
       </listitem>
      </varlistentry>
 
-     <varlistentry>
-      <term><option>-R</option></term>
-      <term><option>--authprompt</option></term>
-      <listitem>
-       <para>
-        Allows the <option>--cluster-key-command</option> command
-        to prompt for a passphrase or PIN.
-       </para>
-      </listitem>
-     </varlistentry>
-
      <varlistentry>
       <term><option>-S</option></term>
       <term><option>--sync-only</option></term>
@@ -341,18 +307,6 @@ PostgreSQL documentation
       </listitem>
      </varlistentry>
 
-     <varlistentry>
-      <term><option>-u <replaceable>datadir</replaceable></option></term>
-      <term><option>--copy-encryption-keys=<replaceable>datadir</replaceable></option></term>
-      <listitem>
-       <para>
-        Copies cluster file encryption keys from another cluster; required
-        when using <application>pg_upgrade</application> on a cluster
-        with cluster file encryption enabled.
-       </para>
-      </listitem>
-     </varlistentry>
-
      <varlistentry>
       <term><option>-U <replaceable class="parameter">username</replaceable></option></term>
       <term><option>--username=<replaceable class="parameter">username</replaceable></option></term>