2 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
4 * Copyright 1999-2004 The OpenLDAP Foundation.
5 * Portions Copyright 1999 Dmitry Kovalev.
6 * Portions Copyright 2002 Pierangelo Mararati.
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted only as authorized by the OpenLDAP
13 * A copy of this license is available in the file LICENSE in the
14 * top-level directory of the distribution or, alternatively, at
15 * <http://www.OpenLDAP.org/license.html>.
18 * This work was initially developed by Dmitry Kovalev for inclusion
19 * by OpenLDAP Software. Additional significant contributors include
24 * The following changes have been addressed:
27 * - re-styled code for better readability
28 * - upgraded backend API to reflect recent changes
29 * - LDAP schema is checked when loading SQL/LDAP mapping
30 * - AttributeDescription/ObjectClass pointers used for more efficient
32 * - bervals used where string length is required often
33 * - atomized write operations by committing at the end of each operation
34 * and defaulting connection closure to rollback
35 * - added LDAP access control to write operations
36 * - fully implemented modrdn (with rdn attrs change, deleteoldrdn,
37 * access check, parent/children check and more)
38 * - added parent access control, children control to delete operation
39 * - added structuralObjectClass operational attribute check and
40 * value return on search
41 * - added hasSubordinate operational attribute on demand
42 * - search limits are appropriately enforced
43 * - function backsql_strcat() has been made more efficient
44 * - concat function has been made configurable by means of a pattern
45 * - added config switches:
46 * - fail_if_no_mapping write operations fail if there is no mapping
47 * - has_ldapinfo_dn_ru overrides autodetect
48 * - concat_pattern a string containing two '?' is used
49 * (note that "?||?" should be more portable
50 * than builtin function "CONCAT(?,?)")
51 * - strcast_func cast of string constants in "SELECT DISTINCT
52 * statements (needed by PostgreSQL)
53 * - upper_needs_cast cast the argument of upper when required
54 * (basically when building dn substring queries)
55 * - added noop control
56 * - added values return filter control
57 * - hasSubordinate can be used in search filters (with limitations)
58 * - eliminated oc->name; use oc->oc->soc_cname instead
61 * - add security checks for SQL statements that can be injected (?)
62 * - re-test with previously supported RDBMs
63 * - replace dn_ru and so with normalized dn (no need for upper() and so
65 * - implement a backsql_normalize() function to replace the upper()
67 * - note that subtree deletion, subtree renaming and so could be easily
68 * implemented (rollback and consistency checks are available :)
69 * - implement "lastmod" and other operational stuff (ldap_entries table ?)
70 * - check how to allow multiple operations with one statement, to remove
71 * BACKSQL_REALLOC_STMT from modify.c (a more recent unixODBC lib?)
77 #include "sql-types.h"
80 * Better use the standard length of 8192 (as of slap.h)?
82 * NOTE: must be consistent with definition in ldap_entries table
84 /* #define BACKSQL_MAX_DN_LEN SLAP_LDAPDN_MAXLEN */
85 #define BACKSQL_MAX_DN_LEN 255
88 * define to enable very extensive trace logging (debug only)
93 * define to enable varchars as unique keys in user tables
95 * by default integers are used (and recommended)
96 * for performances. Integers are used anyway in back-sql
99 #undef BACKSQL_ARBITRARY_KEY
102 * define to enable experimental support for syncporv overlay
105 #define BACKSQL_SYNCPROV
106 #endif /* LDAP_DEVEL */
109 * define to the appropriate aliasing string
111 * some RDBMSes tolerate (or require) that " AS " is not used
112 * when aliasing tables/columns
114 #define BACKSQL_ALIASING "AS "
115 /* #define BACKSQL_ALIASING "" */
118 * define to the appropriate quoting char
120 * some RDBMSes tolerate/require that the aliases be enclosed
121 * in quotes. This is especially true for those that do not
122 * allow keywords used as aliases.
124 /* #define BACKSQL_ALIASING_QUOTE '"' */
125 /* #define BACKSQL_ALIASING_QUOTE '\'' */
130 * a simple mechanism to allow DN mucking between the LDAP
131 * and the stored string representation.
133 typedef struct backsql_api {
135 int (*ba_dn2odbc)( Operation *op, SlapReply *rs, struct berval *dn );
136 int (*ba_odbc2dn)( Operation *op, SlapReply *rs, struct berval *dn );
137 struct backsql_api *ba_next;
143 typedef struct backsql_entryID {
144 /* #define BACKSQL_ARBITRARY_KEY to allow a non-numeric key.
145 * It is required by some special applications that use
146 * strings as keys for the main table.
147 * In this case, #define BACKSQL_MAX_KEY_LEN consistently
148 * with the key size definition */
149 #ifdef BACKSQL_ARBITRARY_KEY
150 struct berval eid_id;
151 struct berval eid_keyval;
152 #define BACKSQL_MAX_KEY_LEN 64
153 #else /* ! BACKSQL_ARBITRARY_KEY */
154 /* The original numeric key is maintained as default. */
155 unsigned long eid_id;
156 unsigned long eid_keyval;
157 #endif /* ! BACKSQL_ARBITRARY_KEY */
159 unsigned long eid_oc_id;
160 struct berval eid_dn;
161 struct berval eid_ndn;
162 struct backsql_entryID *eid_next;
165 #ifdef BACKSQL_ARBITRARY_KEY
166 #define BACKSQL_ENTRYID_INIT { BER_BVNULL, BER_BVNULL, 0, BER_BVNULL, BER_BVNULL, NULL }
167 #else /* ! BACKSQL_ARBITRARY_KEY */
168 #define BACKSQL_ENTRYID_INIT { 0, 0, 0, BER_BVNULL, BER_BVNULL, NULL }
169 #endif /* BACKSQL_ARBITRARY_KEY */
172 * "structural" objectClass mapping structure
174 typedef struct backsql_oc_map_rec {
176 * Structure of corresponding LDAP objectClass definition
179 #define BACKSQL_OC_NAME(ocmap) ((ocmap)->bom_oc->soc_cname.bv_val)
181 struct berval bom_keytbl;
182 struct berval bom_keycol;
183 /* expected to return keyval of newly created entry */
184 char *bom_create_proc;
185 /* in case create_proc does not return the keyval of the newly
187 char *bom_create_keyval;
188 /* supposed to expect keyval as parameter and delete
189 * all the attributes as well */
190 char *bom_delete_proc;
191 /* flags whether delete_proc is a function (whether back-sql
192 * should bind first parameter as output for return code) */
193 int bom_expect_return;
194 unsigned long bom_id;
196 } backsql_oc_map_rec;
199 * attributeType mapping structure
201 typedef struct backsql_at_map_rec {
202 /* Description of corresponding LDAP attribute type */
203 AttributeDescription *bam_ad;
204 /* ObjectClass if bam_ad is objectClass */
207 struct berval bam_from_tbls;
208 struct berval bam_join_where;
209 struct berval bam_sel_expr;
211 /* TimesTen, or, if a uppercase function is defined,
212 * an uppercased version of bam_sel_expr */
213 struct berval bam_sel_expr_u;
215 /* supposed to expect 2 binded values: entry keyval
216 * and attr. value to add, like "add_name(?,?,?)" */
218 /* supposed to expect 2 binded values: entry keyval
219 * and attr. value to delete */
220 char *bam_delete_proc;
221 /* for optimization purposes attribute load query
222 * is preconstructed from parts on schemamap load time */
224 /* following flags are bitmasks (first bit used for add_proc,
225 * second - for delete_proc) */
226 /* order of parameters for procedures above;
227 * 1 means "data then keyval", 0 means "keyval then data" */
229 /* flags whether one or more of procedures is a function
230 * (whether back-sql should bind first parameter as output
231 * for return code) */
232 int bam_expect_return;
234 /* next mapping for attribute */
235 struct backsql_at_map_rec *bam_next;
236 } backsql_at_map_rec;
238 #define BACKSQL_AT_MAP_REC_INIT { NULL, NULL, BER_BVC(""), BER_BVC(""), BER_BVNULL, BER_BVNULL, NULL, NULL, NULL, 0, 0, NULL }
240 /* define to uppercase filters only if the matching rule requires it
241 * (currently broken) */
242 /* #define BACKSQL_UPPERCASE_FILTER */
244 #define BACKSQL_AT_CANUPPERCASE(at) ((at)->bam_sel_expr_u.bv_val)
246 /* defines to support bitmasks above */
247 #define BACKSQL_ADD 0x1
248 #define BACKSQL_DEL 0x2
250 #define BACKSQL_IS_ADD(x) ( BACKSQL_ADD & (x) )
251 #define BACKSQL_IS_DEL(x) ( BACKSQL_DEL & (x) )
253 #define BACKSQL_NCMP(v1,v2) ber_bvcmp((v1),(v2))
255 #define BACKSQL_CONCAT
257 * berbuf structure: a berval with a buffer size associated
259 typedef struct berbuf {
260 struct berval bb_val;
264 #define BB_NULL { { 0, NULL }, 0 }
266 typedef struct backsql_srch_info {
271 #define BSQL_SF_NONE 0x0000U
272 #define BSQL_SF_ALL_USER 0x0001U
273 #define BSQL_SF_ALL_OPER 0x0002U
274 #define BSQL_SF_ALL_ATTRS (BSQL_SF_ALL_USER|BSQL_SF_ALL_OPER)
275 #define BSQL_SF_FILTER_HASSUBORDINATE 0x0010U
276 #define BSQL_SF_FILTER_ENTRYUUID 0x0020U
277 #define BSQL_SF_FILTER_ENTRYCSN 0x0040U
278 #define BSQL_SF_RETURN_ENTRYUUID (BSQL_SF_FILTER_ENTRYUUID << 8)
280 struct berval *bsi_base_ndn;
281 backsql_entryID bsi_base_id;
283 /* BACKSQL_SCOPE_BASE_LIKE can be set by API in ors_scope
284 * whenever the search base DN contains chars that cannot
285 * be mapped into the charset used in the RDBMS; so they're
286 * turned into '%' and an approximate ('LIKE') condition
288 #define BACKSQL_SCOPE_BASE_LIKE ( LDAP_SCOPE_BASE | 0x1000 )
294 backsql_entryID *bsi_id_list,
297 int bsi_n_candidates;
301 backsql_oc_map_rec *bsi_oc;
302 struct berbuf bsi_sel,
306 ObjectClass *bsi_filter_oc;
308 AttributeName *bsi_attrs;
314 * Backend private data structure
324 * SQL condition for subtree searches differs in syntax:
325 * "LIKE CONCAT('%',?)" or "LIKE '%'+?" or "LIKE '%'||?"
328 struct berval sql_subtree_cond;
329 struct berval sql_children_cond;
332 char *sql_insentry_query,
334 *sql_delobjclasses_query,
335 *sql_delreferrals_query;
337 char *sql_has_children_query;
339 MatchingRule *sql_caseIgnoreMatch;
340 MatchingRule *sql_telephoneNumberMatch;
342 struct berval sql_upper_func;
343 struct berval sql_upper_func_open;
344 struct berval sql_upper_func_close;
345 BerVarray sql_concat_func;
347 struct berval sql_strcast_func;
349 unsigned int sql_flags;
350 #define BSQLF_SCHEMA_LOADED 0x0001
351 #define BSQLF_UPPER_NEEDS_CAST 0x0002
352 #define BSQLF_CREATE_NEEDS_SELECT 0x0004
353 #define BSQLF_FAIL_IF_NO_MAPPING 0x0008
354 #define BSQLF_HAS_LDAPINFO_DN_RU 0x0010
355 #define BSQLF_DONTCHECK_LDAPINFO_DN_RU 0x0020
356 #define BSQLF_USE_REVERSE_DN 0x0040
357 #define BSQLF_ALLOW_ORPHANS 0x0080
359 #define BACKSQL_SCHEMA_LOADED(si) \
360 ((si)->sql_flags & BSQLF_SCHEMA_LOADED)
361 #define BACKSQL_UPPER_NEEDS_CAST(si) \
362 ((si)->sql_flags & BSQLF_UPPER_NEEDS_CAST)
363 #define BACKSQL_CREATE_NEEDS_SELECT(si) \
364 ((si)->sql_flags & BSQLF_CREATE_NEEDS_SELECT)
365 #define BACKSQL_FAIL_IF_NO_MAPPING(si) \
366 ((si)->sql_flags & BSQLF_FAIL_IF_NO_MAPPING)
367 #define BACKSQL_HAS_LDAPINFO_DN_RU(si) \
368 ((si)->sql_flags & BSQLF_HAS_LDAPINFO_DN_RU)
369 #define BACKSQL_DONTCHECK_LDAPINFO_DN_RU(si) \
370 ((si)->sql_flags & BSQLF_DONTCHECK_LDAPINFO_DN_RU)
371 #define BACKSQL_USE_REVERSE_DN(si) \
372 ((si)->sql_flags & BSQLF_USE_REVERSE_DN)
373 #define BACKSQL_CANUPPERCASE(si) \
374 (!BER_BVISNULL( &(si)->sql_upper_func ))
375 #define BACKSQL_ALLOW_ORPHANS(si) \
376 ((si)->sql_flags & BSQLF_ALLOW_ORPHANS)
378 Entry *sql_baseObject;
379 #ifdef BACKSQL_ARBITRARY_KEY
380 #define BACKSQL_BASEOBJECT_IDSTR "baseObject"
381 #define BACKSQL_BASEOBJECT_KEYVAL BACKSQL_BASEOBJECT_IDSTR
382 #define BACKSQL_IS_BASEOBJECT_ID(id) (bvmatch((id), &backsql_baseObject_bv))
383 #else /* ! BACKSQL_ARBITRARY_KEY */
384 #define BACKSQL_BASEOBJECT_ID 0
385 #define BACKSQL_BASEOBJECT_IDSTR "0"
386 #define BACKSQL_BASEOBJECT_KEYVAL 0
387 #define BACKSQL_IS_BASEOBJECT_ID(id) (*(id) == BACKSQL_BASEOBJECT_ID)
388 #endif /* ! BACKSQL_ARBITRARY_KEY */
389 #define BACKSQL_BASEOBJECT_OC 0
391 Avlnode *sql_db_conns;
392 Avlnode *sql_oc_by_oc;
393 Avlnode *sql_oc_by_id;
394 ldap_pvt_thread_mutex_t sql_dbconn_mutex;
395 ldap_pvt_thread_mutex_t sql_schema_mutex;
398 backsql_api *sql_api;
401 #define BACKSQL_SUCCESS( rc ) \
402 ( (rc) == SQL_SUCCESS || (rc) == SQL_SUCCESS_WITH_INFO )
404 #define BACKSQL_AVL_STOP 0
405 #define BACKSQL_AVL_CONTINUE 1
407 #endif /* __BACKSQL_H__ */