2 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
4 * Copyright 1999-2006 The OpenLDAP Foundation.
5 * Portions Copyright 1999 Dmitry Kovalev.
6 * Portions Copyright 2002 Pierangelo Masarati.
7 * Portions Copyright 2004 Mark Adamson.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted only as authorized by the OpenLDAP
14 * A copy of this license is available in the file LICENSE in the
15 * top-level directory of the distribution or, alternatively, at
16 * <http://www.OpenLDAP.org/license.html>.
19 * This work was initially developed by Dmitry Kovalev for inclusion
20 * by OpenLDAP Software. Additional significant contributors include
21 * Pierangelo Masarati and Mark Adamson.
27 #include <sys/types.h>
28 #include "ac/string.h"
33 #include "proto-sql.h"
35 static int backsql_process_filter( backsql_srch_info *bsi, Filter *f );
36 static int backsql_process_filter_eq( backsql_srch_info *bsi,
37 backsql_at_map_rec *at,
38 int casefold, struct berval *filter_value );
39 static int backsql_process_filter_like( backsql_srch_info *bsi,
40 backsql_at_map_rec *at,
41 int casefold, struct berval *filter_value );
42 static int backsql_process_filter_attr( backsql_srch_info *bsi, Filter *f,
43 backsql_at_map_rec *at );
46 backsql_attrlist_add( backsql_srch_info *bsi, AttributeDescription *ad )
49 AttributeName *an = NULL;
51 if ( bsi->bsi_attrs == NULL ) {
56 * clear the list (retrieve all attrs)
59 bsi->bsi_op->o_tmpfree( bsi->bsi_attrs, bsi->bsi_op->o_tmpmemctx );
60 bsi->bsi_attrs = NULL;
61 bsi->bsi_flags |= BSQL_SF_ALL_ATTRS;
65 for ( ; !BER_BVISNULL( &bsi->bsi_attrs[ n_attrs ].an_name ); n_attrs++ ) {
66 an = &bsi->bsi_attrs[ n_attrs ];
68 Debug( LDAP_DEBUG_TRACE, "==>backsql_attrlist_add(): "
69 "attribute \"%s\" is in list\n",
70 an->an_name.bv_val, 0, 0 );
72 * We can live with strcmp because the attribute
73 * list has been normalized before calling be_search
75 if ( !BACKSQL_NCMP( &an->an_name, &ad->ad_cname ) ) {
80 Debug( LDAP_DEBUG_TRACE, "==>backsql_attrlist_add(): "
81 "adding \"%s\" to list\n", ad->ad_cname.bv_val, 0, 0 );
83 an = (AttributeName *)bsi->bsi_op->o_tmprealloc( bsi->bsi_attrs,
84 sizeof( AttributeName ) * ( n_attrs + 2 ),
85 bsi->bsi_op->o_tmpmemctx );
90 an[ n_attrs ].an_name = ad->ad_cname;
91 an[ n_attrs ].an_desc = ad;
92 BER_BVZERO( &an[ n_attrs + 1 ].an_name );
100 * Initializes the search structure.
102 * If get_base_id != 0, the field bsi_base_id is filled
103 * with the entryID of bsi_base_ndn; it must be freed
104 * by backsql_free_entryID() when no longer required.
106 * NOTE: base must be normalized
110 backsql_srch_info *bsi,
111 struct berval *nbase,
118 AttributeName *attrs,
121 backsql_info *bi = (backsql_info *)op->o_bd->be_private;
122 int rc = LDAP_SUCCESS;
124 bsi->bsi_base_ndn = nbase;
125 bsi->bsi_use_subtree_shortcut = 0;
126 BER_BVZERO( &bsi->bsi_base_id.eid_dn );
127 BER_BVZERO( &bsi->bsi_base_id.eid_ndn );
128 bsi->bsi_scope = scope;
129 bsi->bsi_filter = filter;
133 bsi->bsi_flags = BSQL_SF_NONE;
135 bsi->bsi_attrs = NULL;
137 if ( BACKSQL_FETCH_ALL_ATTRS( bi ) ) {
139 * if requested, simply try to fetch all attributes
141 bsi->bsi_flags |= BSQL_SF_ALL_ATTRS;
144 if ( BACKSQL_FETCH_ALL_USERATTRS( bi ) ) {
145 bsi->bsi_flags |= BSQL_SF_ALL_USER;
147 } else if ( BACKSQL_FETCH_ALL_OPATTRS( bi ) ) {
148 bsi->bsi_flags |= BSQL_SF_ALL_OPER;
151 if ( attrs == NULL ) {
152 /* NULL means all user attributes */
153 bsi->bsi_flags |= BSQL_SF_ALL_USER;
159 bsi->bsi_attrs = (AttributeName *)bsi->bsi_op->o_tmpalloc(
160 sizeof( AttributeName ),
161 bsi->bsi_op->o_tmpmemctx );
162 BER_BVZERO( &bsi->bsi_attrs[ 0 ].an_name );
164 for ( p = attrs; !BER_BVISNULL( &p->an_name ); p++ ) {
165 if ( BACKSQL_NCMP( &p->an_name, &AllUser ) == 0 ) {
167 bsi->bsi_flags |= BSQL_SF_ALL_USER;
169 /* if all attrs are requested, there's
170 * no need to continue */
171 if ( BSQL_ISF_ALL_ATTRS( bsi ) ) {
172 bsi->bsi_op->o_tmpfree( bsi->bsi_attrs,
173 bsi->bsi_op->o_tmpmemctx );
174 bsi->bsi_attrs = NULL;
179 } else if ( BACKSQL_NCMP( &p->an_name, &AllOper ) == 0 ) {
181 bsi->bsi_flags |= BSQL_SF_ALL_OPER;
183 /* if all attrs are requested, there's
184 * no need to continue */
185 if ( BSQL_ISF_ALL_ATTRS( bsi ) ) {
186 bsi->bsi_op->o_tmpfree( bsi->bsi_attrs,
187 bsi->bsi_op->o_tmpmemctx );
188 bsi->bsi_attrs = NULL;
193 } else if ( BACKSQL_NCMP( &p->an_name, &NoAttrs ) == 0 ) {
197 } else if ( p->an_desc == slap_schema.si_ad_objectClass ) {
201 backsql_attrlist_add( bsi, p->an_desc );
204 if ( got_oc == 0 && !( bsi->bsi_flags & BSQL_SF_ALL_USER ) ) {
205 /* add objectClass if not present,
206 * because it is required to understand
207 * if an entry is a referral, an alias
209 backsql_attrlist_add( bsi, slap_schema.si_ad_objectClass );
213 if ( !BSQL_ISF_ALL_ATTRS( bsi ) && bi->sql_anlist ) {
216 /* use hints if available */
217 for ( p = bi->sql_anlist; !BER_BVISNULL( &p->an_name ); p++ ) {
218 if ( BACKSQL_NCMP( &p->an_name, &AllUser ) == 0 ) {
220 bsi->bsi_flags |= BSQL_SF_ALL_USER;
222 /* if all attrs are requested, there's
223 * no need to continue */
224 if ( BSQL_ISF_ALL_ATTRS( bsi ) ) {
225 bsi->bsi_op->o_tmpfree( bsi->bsi_attrs,
226 bsi->bsi_op->o_tmpmemctx );
227 bsi->bsi_attrs = NULL;
232 } else if ( BACKSQL_NCMP( &p->an_name, &AllOper ) == 0 ) {
234 bsi->bsi_flags |= BSQL_SF_ALL_OPER;
236 /* if all attrs are requested, there's
237 * no need to continue */
238 if ( BSQL_ISF_ALL_ATTRS( bsi ) ) {
239 bsi->bsi_op->o_tmpfree( bsi->bsi_attrs,
240 bsi->bsi_op->o_tmpmemctx );
241 bsi->bsi_attrs = NULL;
247 backsql_attrlist_add( bsi, p->an_desc );
253 bsi->bsi_id_list = NULL;
254 bsi->bsi_id_listtail = &bsi->bsi_id_list;
255 bsi->bsi_n_candidates = 0;
256 bsi->bsi_stoptime = stoptime;
257 BER_BVZERO( &bsi->bsi_sel.bb_val );
258 bsi->bsi_sel.bb_len = 0;
259 BER_BVZERO( &bsi->bsi_from.bb_val );
260 bsi->bsi_from.bb_len = 0;
261 BER_BVZERO( &bsi->bsi_join_where.bb_val );
262 bsi->bsi_join_where.bb_len = 0;
263 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
264 bsi->bsi_flt_where.bb_len = 0;
265 bsi->bsi_filter_oc = NULL;
267 if ( BACKSQL_IS_GET_ID( flags ) ) {
268 int matched = BACKSQL_IS_MATCHED( flags );
269 int getentry = BACKSQL_IS_GET_ENTRY( flags );
272 assert( op->o_bd->be_private != NULL );
274 rc = backsql_dn2id( op, rs, dbh, nbase, &bsi->bsi_base_id,
277 /* the entry is collected either if requested for by getentry
278 * or if get noSuchObject and requested to climb the tree,
279 * so that a matchedDN or a referral can be returned */
280 if ( ( rc == LDAP_NO_SUCH_OBJECT && matched ) || getentry ) {
281 if ( !BER_BVISNULL( &bsi->bsi_base_id.eid_ndn ) ) {
282 assert( bsi->bsi_e != NULL );
284 if ( dn_match( nbase, &bsi->bsi_base_id.eid_ndn ) )
290 * let's see if it is a referral and, in case, get it
292 backsql_attrlist_add( bsi, slap_schema.si_ad_ref );
293 rc = backsql_id2entry( bsi, &bsi->bsi_base_id );
294 if ( rc == LDAP_SUCCESS ) {
295 if ( is_entry_referral( bsi->bsi_e ) )
297 BerVarray erefs = get_entry_referrals( op, bsi->bsi_e );
299 rc = rs->sr_err = LDAP_REFERRAL;
300 rs->sr_ref = referral_rewrite( erefs,
301 &bsi->bsi_e->e_nname,
304 ber_bvarray_free( erefs );
307 rc = rs->sr_err = LDAP_OTHER;
308 rs->sr_text = "bad referral object";
311 } else if ( !gotit ) {
312 rc = rs->sr_err = LDAP_NO_SUCH_OBJECT;
322 bsi->bsi_status = rc;
330 bsi->bsi_op->o_tmpfree( bsi->bsi_attrs,
331 bsi->bsi_op->o_tmpmemctx );
339 backsql_process_filter_list( backsql_srch_info *bsi, Filter *f, int op )
347 backsql_strfcat_x( &bsi->bsi_flt_where,
348 bsi->bsi_op->o_tmpmemctx, "c", '(' /* ) */ );
351 res = backsql_process_filter( bsi, f );
354 * TimesTen : If the query has no answers,
355 * don't bother to run the query.
366 case LDAP_FILTER_AND:
367 backsql_strfcat_x( &bsi->bsi_flt_where,
368 bsi->bsi_op->o_tmpmemctx, "l",
369 (ber_len_t)STRLENOF( " AND " ),
374 backsql_strfcat_x( &bsi->bsi_flt_where,
375 bsi->bsi_op->o_tmpmemctx, "l",
376 (ber_len_t)STRLENOF( " OR " ),
382 backsql_strfcat_x( &bsi->bsi_flt_where,
383 bsi->bsi_op->o_tmpmemctx, "c", /* ( */ ')' );
389 backsql_process_sub_filter( backsql_srch_info *bsi, Filter *f,
390 backsql_at_map_rec *at )
392 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
400 /* always uppercase strings by now */
401 #ifdef BACKSQL_UPPERCASE_FILTER
402 if ( f->f_sub_desc->ad_type->sat_substr &&
403 SLAP_MR_ASSOCIATED( f->f_sub_desc->ad_type->sat_substr,
404 bi->sql_caseIgnoreMatch ) )
405 #endif /* BACKSQL_UPPERCASE_FILTER */
410 if ( f->f_sub_desc->ad_type->sat_substr &&
411 SLAP_MR_ASSOCIATED( f->f_sub_desc->ad_type->sat_substr,
412 bi->sql_telephoneNumberMatch ) )
419 * to check for matching telephone numbers
420 * with intermixed chars, e.g. val='1234'
423 * val LIKE '%1%2%3%4%'
427 if ( f->f_sub_initial.bv_val ) {
428 bv.bv_len += f->f_sub_initial.bv_len;
430 if ( f->f_sub_any != NULL ) {
431 for ( a = 0; f->f_sub_any[ a ].bv_val != NULL; a++ ) {
432 bv.bv_len += f->f_sub_any[ a ].bv_len;
435 if ( f->f_sub_final.bv_val ) {
436 bv.bv_len += f->f_sub_final.bv_len;
438 bv.bv_len = 2 * bv.bv_len - 1;
439 bv.bv_val = ch_malloc( bv.bv_len + 1 );
442 if ( !BER_BVISNULL( &f->f_sub_initial ) ) {
443 bv.bv_val[ s ] = f->f_sub_initial.bv_val[ 0 ];
444 for ( i = 1; i < f->f_sub_initial.bv_len; i++ ) {
445 bv.bv_val[ s + 2 * i - 1 ] = '%';
446 bv.bv_val[ s + 2 * i ] = f->f_sub_initial.bv_val[ i ];
448 bv.bv_val[ s + 2 * i - 1 ] = '%';
452 if ( f->f_sub_any != NULL ) {
453 for ( a = 0; !BER_BVISNULL( &f->f_sub_any[ a ] ); a++ ) {
454 bv.bv_val[ s ] = f->f_sub_any[ a ].bv_val[ 0 ];
455 for ( i = 1; i < f->f_sub_any[ a ].bv_len; i++ ) {
456 bv.bv_val[ s + 2 * i - 1 ] = '%';
457 bv.bv_val[ s + 2 * i ] = f->f_sub_any[ a ].bv_val[ i ];
459 bv.bv_val[ s + 2 * i - 1 ] = '%';
464 if ( !BER_BVISNULL( &f->f_sub_final ) ) {
465 bv.bv_val[ s ] = f->f_sub_final.bv_val[ 0 ];
466 for ( i = 1; i < f->f_sub_final.bv_len; i++ ) {
467 bv.bv_val[ s + 2 * i - 1 ] = '%';
468 bv.bv_val[ s + 2 * i ] = f->f_sub_final.bv_val[ i ];
470 bv.bv_val[ s + 2 * i - 1 ] = '%';
474 bv.bv_val[ s - 1 ] = '\0';
476 (void)backsql_process_filter_like( bsi, at, casefold, &bv );
477 ch_free( bv.bv_val );
483 * When dealing with case-sensitive strings
484 * we may omit normalization; however, normalized
485 * SQL filters are more liberal.
488 backsql_strfcat_x( &bsi->bsi_flt_where,
489 bsi->bsi_op->o_tmpmemctx, "c", '(' /* ) */ );
492 Debug( LDAP_DEBUG_TRACE, "backsql_process_sub_filter(%s):\n",
493 at->bam_ad->ad_cname.bv_val, 0, 0 );
494 Debug(LDAP_DEBUG_TRACE, " expr: '%s%s%s'\n", at->bam_sel_expr.bv_val,
495 at->bam_sel_expr_u.bv_val ? "' '" : "",
496 at->bam_sel_expr_u.bv_val ? at->bam_sel_expr_u.bv_val : "" );
497 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
499 * If a pre-upper-cased version of the column
500 * or a precompiled upper function exists, use it
502 backsql_strfcat_x( &bsi->bsi_flt_where,
503 bsi->bsi_op->o_tmpmemctx,
506 (ber_len_t)STRLENOF( " LIKE '" ),
510 backsql_strfcat_x( &bsi->bsi_flt_where,
511 bsi->bsi_op->o_tmpmemctx,
514 (ber_len_t)STRLENOF( " LIKE '" ), " LIKE '" );
517 if ( !BER_BVISNULL( &f->f_sub_initial ) ) {
521 Debug( LDAP_DEBUG_TRACE,
522 "==>backsql_process_sub_filter(%s): "
523 "sub_initial=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
524 f->f_sub_initial.bv_val, 0 );
525 #endif /* BACKSQL_TRACE */
527 start = bsi->bsi_flt_where.bb_val.bv_len;
528 backsql_strfcat_x( &bsi->bsi_flt_where,
529 bsi->bsi_op->o_tmpmemctx,
532 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
533 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
537 backsql_strfcat_x( &bsi->bsi_flt_where,
538 bsi->bsi_op->o_tmpmemctx,
541 if ( f->f_sub_any != NULL ) {
542 for ( i = 0; !BER_BVISNULL( &f->f_sub_any[ i ] ); i++ ) {
546 Debug( LDAP_DEBUG_TRACE,
547 "==>backsql_process_sub_filter(%s): "
548 "sub_any[%d]=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
549 i, f->f_sub_any[ i ].bv_val );
550 #endif /* BACKSQL_TRACE */
552 start = bsi->bsi_flt_where.bb_val.bv_len;
553 backsql_strfcat_x( &bsi->bsi_flt_where,
554 bsi->bsi_op->o_tmpmemctx,
558 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
560 * Note: toupper('%') = '%'
562 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
567 if ( !BER_BVISNULL( &f->f_sub_final ) ) {
571 Debug( LDAP_DEBUG_TRACE,
572 "==>backsql_process_sub_filter(%s): "
573 "sub_final=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
574 f->f_sub_final.bv_val, 0 );
575 #endif /* BACKSQL_TRACE */
577 start = bsi->bsi_flt_where.bb_val.bv_len;
578 backsql_strfcat_x( &bsi->bsi_flt_where,
579 bsi->bsi_op->o_tmpmemctx,
582 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
583 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
587 backsql_strfcat_x( &bsi->bsi_flt_where,
588 bsi->bsi_op->o_tmpmemctx,
590 (ber_len_t)STRLENOF( /* (' */ "')" ), /* (' */ "')" );
596 backsql_merge_from_tbls( backsql_srch_info *bsi, struct berval *from_tbls )
598 if ( BER_BVISNULL( from_tbls ) ) {
602 if ( !BER_BVISNULL( &bsi->bsi_from.bb_val ) ) {
606 ber_dupbv_x( &tmp, from_tbls, bsi->bsi_op->o_tmpmemctx );
608 for ( start = tmp.bv_val, end = strchr( start, ',' ); start; ) {
613 if ( strstr( bsi->bsi_from.bb_val.bv_val, start) == NULL )
615 backsql_strfcat_x( &bsi->bsi_from,
616 bsi->bsi_op->o_tmpmemctx,
621 /* in case there are spaces after the comma... */
622 for ( start = &end[1]; isspace( start[0] ); start++ );
624 end = strchr( start, ',' );
633 bsi->bsi_op->o_tmpfree( tmp.bv_val, bsi->bsi_op->o_tmpmemctx );
636 backsql_strfcat_x( &bsi->bsi_from,
637 bsi->bsi_op->o_tmpmemctx,
645 backsql_process_filter( backsql_srch_info *bsi, Filter *f )
647 backsql_at_map_rec **vat = NULL;
648 AttributeDescription *ad = NULL;
653 Debug( LDAP_DEBUG_TRACE, "==>backsql_process_filter()\n", 0, 0, 0 );
654 if ( f->f_choice == SLAPD_FILTER_COMPUTED ) {
658 switch ( f->f_result ) {
659 case LDAP_COMPARE_TRUE:
660 BER_BVSTR( &flt, "10=10" );
664 case LDAP_COMPARE_FALSE:
665 BER_BVSTR( &flt, "11=0" );
669 case SLAPD_COMPARE_UNDEFINED:
670 BER_BVSTR( &flt, "12=0" );
679 Debug( LDAP_DEBUG_TRACE, "backsql_process_filter(): "
680 "filter computed (%s)\n", msg, 0, 0 );
681 backsql_strfcat_x( &bsi->bsi_flt_where,
682 bsi->bsi_op->o_tmpmemctx, "b", &flt );
687 switch( f->f_choice ) {
689 rc = backsql_process_filter_list( bsi, f->f_or,
694 case LDAP_FILTER_AND:
695 rc = backsql_process_filter_list( bsi, f->f_and,
700 case LDAP_FILTER_NOT:
701 backsql_strfcat_x( &bsi->bsi_flt_where,
702 bsi->bsi_op->o_tmpmemctx,
704 (ber_len_t)STRLENOF( "NOT (" /* ) */ ),
706 rc = backsql_process_filter( bsi, f->f_not );
707 backsql_strfcat_x( &bsi->bsi_flt_where,
708 bsi->bsi_op->o_tmpmemctx,
713 case LDAP_FILTER_PRESENT:
717 case LDAP_FILTER_EXT:
718 ad = f->f_mra->ma_desc;
719 if ( f->f_mr_dnattrs ) {
721 * if dn attrs filtering is requested, better return
722 * success and let test_filter() deal with candidate
723 * selection; otherwise we'd need to set conditions
724 * on the contents of the DN, e.g. "SELECT ... FROM
725 * ldap_entries AS attributeName WHERE attributeName.dn
726 * like '%attributeName=value%'"
728 backsql_strfcat_x( &bsi->bsi_flt_where,
729 bsi->bsi_op->o_tmpmemctx,
731 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
732 bsi->bsi_status = LDAP_SUCCESS;
753 * Turn structuralObjectClass into objectClass
755 if ( ad == slap_schema.si_ad_objectClass
756 || ad == slap_schema.si_ad_structuralObjectClass )
759 * If the filter is LDAP_FILTER_PRESENT, then it's done;
760 * otherwise, let's see if we are lucky: filtering
761 * for "structural" objectclass or ancestor...
763 switch ( f->f_choice ) {
764 case LDAP_FILTER_EQUALITY:
766 ObjectClass *oc = oc_bvfind( &f->f_av_value );
769 Debug( LDAP_DEBUG_TRACE,
770 "backsql_process_filter(): "
771 "unknown objectClass \"%s\" "
773 f->f_av_value.bv_val, 0, 0 );
774 bsi->bsi_status = LDAP_OTHER;
780 * "structural" objectClass inheritance:
781 * - a search for "person" will also return
783 * - a search for "top" will return everything
785 if ( is_object_subclass( oc, bsi->bsi_oc->bom_oc ) ) {
786 static struct berval ldap_entry_objclasses = BER_BVC( "ldap_entry_objclasses" );
788 backsql_merge_from_tbls( bsi, &ldap_entry_objclasses );
790 backsql_strfcat_x( &bsi->bsi_flt_where,
791 bsi->bsi_op->o_tmpmemctx,
793 (ber_len_t)STRLENOF( "(2=2 OR (ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ')) */ ),
794 "(2=2 OR (ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ')) */,
795 &bsi->bsi_oc->bom_oc->soc_cname,
796 (ber_len_t)STRLENOF( /* ((' */ "'))" ),
798 bsi->bsi_status = LDAP_SUCCESS;
806 case LDAP_FILTER_PRESENT:
807 backsql_strfcat_x( &bsi->bsi_flt_where,
808 bsi->bsi_op->o_tmpmemctx,
810 (ber_len_t)STRLENOF( "3=3" ), "3=3" );
811 bsi->bsi_status = LDAP_SUCCESS;
815 /* FIXME: LDAP_FILTER_EXT? */
818 Debug( LDAP_DEBUG_TRACE,
819 "backsql_process_filter(): "
820 "illegal/unhandled filter "
821 "on objectClass attribute",
823 bsi->bsi_status = LDAP_OTHER;
828 } else if ( ad == slap_schema.si_ad_entryUUID ) {
830 #ifdef BACKSQL_ARBITRARY_KEY
831 struct berval keyval;
832 #else /* ! BACKSQL_ARBITRARY_KEY */
833 unsigned long keyval;
834 char keyvalbuf[] = "18446744073709551615";
835 #endif /* ! BACKSQL_ARBITRARY_KEY */
837 switch ( f->f_choice ) {
838 case LDAP_FILTER_EQUALITY:
839 backsql_entryUUID_decode( &f->f_av_value, &oc_id, &keyval );
841 if ( oc_id != bsi->bsi_oc->bom_id ) {
842 bsi->bsi_status = LDAP_SUCCESS;
847 #ifdef BACKSQL_ARBITRARY_KEY
848 backsql_strfcat_x( &bsi->bsi_flt_where,
849 bsi->bsi_op->o_tmpmemctx,
851 &bsi->bsi_oc->bom_keytbl, '.',
852 &bsi->bsi_oc->bom_keycol,
853 STRLENOF( " LIKE '" ), " LIKE '",
855 #else /* ! BACKSQL_ARBITRARY_KEY */
856 snprintf( keyvalbuf, sizeof( keyvalbuf ), "%lu", keyval );
857 backsql_strfcat_x( &bsi->bsi_flt_where,
858 bsi->bsi_op->o_tmpmemctx,
860 &bsi->bsi_oc->bom_keytbl, '.',
861 &bsi->bsi_oc->bom_keycol, '=', keyvalbuf );
862 #endif /* ! BACKSQL_ARBITRARY_KEY */
865 case LDAP_FILTER_PRESENT:
866 backsql_strfcat_x( &bsi->bsi_flt_where,
867 bsi->bsi_op->o_tmpmemctx,
869 (ber_len_t)STRLENOF( "4=4" ), "4=4" );
877 bsi->bsi_flags |= BSQL_SF_FILTER_ENTRYUUID;
881 #ifdef BACKSQL_SYNCPROV
882 } else if ( ad == slap_schema.si_ad_entryCSN ) {
884 * support for syncrepl as producer...
887 if ( !bsi->bsi_op->o_sync ) {
888 /* unsupported at present... */
889 bsi->bsi_status = LDAP_OTHER;
895 bsi->bsi_flags |= ( BSQL_SF_FILTER_ENTRYCSN | BSQL_SF_RETURN_ENTRYUUID);
897 /* if doing a syncrepl, try to return as much as possible,
898 * and always match the filter */
899 backsql_strfcat_x( &bsi->bsi_flt_where,
900 bsi->bsi_op->o_tmpmemctx,
902 (ber_len_t)STRLENOF( "5=5" ), "5=5" );
904 /* save for later use in operational attributes */
905 /* FIXME: saves only the first occurrence, because
906 * the filter during updates is written as
907 * "(&(entryCSN<={contextCSN})(entryCSN>={oldContextCSN})({filter}))"
908 * so we want our fake entryCSN to match the greatest
911 if ( bsi->bsi_op->o_private == NULL ) {
912 bsi->bsi_op->o_private = &f->f_av_value;
914 bsi->bsi_status = LDAP_SUCCESS;
918 #endif /* BACKSQL_SYNCPROV */
920 } else if ( ad == slap_schema.si_ad_hasSubordinates || ad == NULL ) {
922 * FIXME: this is not robust; e.g. a filter
923 * '(!(hasSubordinates=TRUE))' fails because
924 * in SQL it would read 'NOT (1=1)' instead
926 * Note however that hasSubordinates is boolean,
927 * so a more appropriate filter would be
928 * '(hasSubordinates=FALSE)'
930 * A more robust search for hasSubordinates
931 * would * require joining the ldap_entries table
932 * selecting if there are descendants of the
935 backsql_strfcat_x( &bsi->bsi_flt_where,
936 bsi->bsi_op->o_tmpmemctx,
938 (ber_len_t)STRLENOF( "6=6" ), "6=6" );
939 if ( ad == slap_schema.si_ad_hasSubordinates ) {
941 * instruct candidate selection algorithm
942 * and attribute list to try to detect
943 * if an entry has subordinates
945 bsi->bsi_flags |= BSQL_SF_FILTER_HASSUBORDINATE;
949 * clear attributes to fetch, to require ALL
950 * and try extended match on all attributes
952 backsql_attrlist_add( bsi, NULL );
959 * attribute inheritance:
961 if ( backsql_supad2at( bsi->bsi_oc, ad, &vat ) ) {
962 bsi->bsi_status = LDAP_OTHER;
968 /* search anyway; other parts of the filter
970 backsql_strfcat_x( &bsi->bsi_flt_where,
971 bsi->bsi_op->o_tmpmemctx,
973 (ber_len_t)STRLENOF( "7=7" ), "7=7" );
974 bsi->bsi_status = LDAP_SUCCESS;
979 /* if required, open extra level of parens */
981 if ( vat[0]->bam_next || vat[1] ) {
982 backsql_strfcat_x( &bsi->bsi_flt_where,
983 bsi->bsi_op->o_tmpmemctx,
991 if ( backsql_process_filter_attr( bsi, f, vat[i] ) == -1 ) {
995 /* if more definitions of the same attr, apply */
996 if ( vat[i]->bam_next ) {
997 backsql_strfcat_x( &bsi->bsi_flt_where,
998 bsi->bsi_op->o_tmpmemctx,
1000 STRLENOF( " OR " ), " OR " );
1001 vat[i] = vat[i]->bam_next;
1005 /* if more descendants of the same attr, apply */
1008 backsql_strfcat_x( &bsi->bsi_flt_where,
1009 bsi->bsi_op->o_tmpmemctx,
1011 STRLENOF( " OR " ), " OR " );
1015 /* if needed, close extra level of parens */
1017 backsql_strfcat_x( &bsi->bsi_flt_where,
1018 bsi->bsi_op->o_tmpmemctx,
1029 Debug( LDAP_DEBUG_TRACE,
1030 "<==backsql_process_filter() %s\n",
1031 rc == 1 ? "succeeded" : "failed", 0, 0);
1037 backsql_process_filter_eq( backsql_srch_info *bsi, backsql_at_map_rec *at,
1038 int casefold, struct berval *filter_value )
1041 * maybe we should check type of at->sel_expr here somehow,
1042 * to know whether upper_func is applicable, but for now
1043 * upper_func stuff is made for Oracle, where UPPER is
1044 * safely applicable to NUMBER etc.
1046 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
1049 backsql_strfcat_x( &bsi->bsi_flt_where,
1050 bsi->bsi_op->o_tmpmemctx,
1053 &at->bam_sel_expr_u,
1054 (ber_len_t)STRLENOF( "='" ),
1057 start = bsi->bsi_flt_where.bb_val.bv_len;
1059 backsql_strfcat_x( &bsi->bsi_flt_where,
1060 bsi->bsi_op->o_tmpmemctx,
1063 (ber_len_t)STRLENOF( /* (' */ "')" ),
1066 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
1069 backsql_strfcat_x( &bsi->bsi_flt_where,
1070 bsi->bsi_op->o_tmpmemctx,
1074 (ber_len_t)STRLENOF( "='" ), "='",
1076 (ber_len_t)STRLENOF( /* (' */ "')" ),
1084 backsql_process_filter_like( backsql_srch_info *bsi, backsql_at_map_rec *at,
1085 int casefold, struct berval *filter_value )
1088 * maybe we should check type of at->sel_expr here somehow,
1089 * to know whether upper_func is applicable, but for now
1090 * upper_func stuff is made for Oracle, where UPPER is
1091 * safely applicable to NUMBER etc.
1093 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
1096 backsql_strfcat_x( &bsi->bsi_flt_where,
1097 bsi->bsi_op->o_tmpmemctx,
1100 &at->bam_sel_expr_u,
1101 (ber_len_t)STRLENOF( " LIKE '%" ),
1104 start = bsi->bsi_flt_where.bb_val.bv_len;
1106 backsql_strfcat_x( &bsi->bsi_flt_where,
1107 bsi->bsi_op->o_tmpmemctx,
1110 (ber_len_t)STRLENOF( /* (' */ "%')" ),
1113 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
1116 backsql_strfcat_x( &bsi->bsi_flt_where,
1117 bsi->bsi_op->o_tmpmemctx,
1121 (ber_len_t)STRLENOF( " LIKE '%" ),
1124 (ber_len_t)STRLENOF( /* (' */ "%')" ),
1132 backsql_process_filter_attr( backsql_srch_info *bsi, Filter *f, backsql_at_map_rec *at )
1134 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
1136 struct berval *filter_value = NULL;
1137 MatchingRule *matching_rule = NULL;
1138 struct berval ordering = BER_BVC("<=");
1140 Debug( LDAP_DEBUG_TRACE, "==>backsql_process_filter_attr(%s)\n",
1141 at->bam_ad->ad_cname.bv_val, 0, 0 );
1144 * need to add this attribute to list of attrs to load,
1145 * so that we can do test_filter() later
1147 backsql_attrlist_add( bsi, at->bam_ad );
1149 backsql_merge_from_tbls( bsi, &at->bam_from_tbls );
1151 if ( !BER_BVISNULL( &at->bam_join_where )
1152 && strstr( bsi->bsi_join_where.bb_val.bv_val,
1153 at->bam_join_where.bv_val ) == NULL )
1155 backsql_strfcat_x( &bsi->bsi_join_where,
1156 bsi->bsi_op->o_tmpmemctx,
1158 (ber_len_t)STRLENOF( " AND " ), " AND ",
1159 &at->bam_join_where );
1162 switch ( f->f_choice ) {
1163 case LDAP_FILTER_EQUALITY:
1164 filter_value = &f->f_av_value;
1165 matching_rule = at->bam_ad->ad_type->sat_equality;
1167 goto equality_match;
1169 /* fail over into next case */
1171 case LDAP_FILTER_EXT:
1172 filter_value = &f->f_mra->ma_value;
1173 matching_rule = f->f_mr_rule;
1176 /* always uppercase strings by now */
1177 #ifdef BACKSQL_UPPERCASE_FILTER
1178 if ( SLAP_MR_ASSOCIATED( matching_rule,
1179 bi->sql_caseIgnoreMatch ) )
1180 #endif /* BACKSQL_UPPERCASE_FILTER */
1185 /* FIXME: directoryString filtering should use a similar
1186 * approach to deal with non-prettified values like
1187 * " A non prettified value ", by using a LIKE
1188 * filter with all whitespaces collapsed to a single '%' */
1189 if ( SLAP_MR_ASSOCIATED( matching_rule,
1190 bi->sql_telephoneNumberMatch ) )
1196 * to check for matching telephone numbers
1197 * with intermized chars, e.g. val='1234'
1200 * val LIKE '%1%2%3%4%'
1203 bv.bv_len = 2 * filter_value->bv_len - 1;
1204 bv.bv_val = ch_malloc( bv.bv_len + 1 );
1206 bv.bv_val[ 0 ] = filter_value->bv_val[ 0 ];
1207 for ( i = 1; i < filter_value->bv_len; i++ ) {
1208 bv.bv_val[ 2 * i - 1 ] = '%';
1209 bv.bv_val[ 2 * i ] = filter_value->bv_val[ i ];
1211 bv.bv_val[ 2 * i - 1 ] = '\0';
1213 (void)backsql_process_filter_like( bsi, at, casefold, &bv );
1214 ch_free( bv.bv_val );
1219 /* NOTE: this is required by objectClass inheritance
1220 * and auxiliary objectClass use in filters for slightly
1221 * more efficient candidate selection. */
1222 /* FIXME: a bit too many specializations to deal with
1223 * very specific cases... */
1224 if ( at->bam_ad == slap_schema.si_ad_objectClass
1225 || at->bam_ad == slap_schema.si_ad_structuralObjectClass )
1227 backsql_strfcat_x( &bsi->bsi_flt_where,
1228 bsi->bsi_op->o_tmpmemctx,
1230 (ber_len_t)STRLENOF( "(ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */ ),
1231 "(ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */,
1233 (ber_len_t)STRLENOF( /* (' */ "')" ),
1239 * maybe we should check type of at->sel_expr here somehow,
1240 * to know whether upper_func is applicable, but for now
1241 * upper_func stuff is made for Oracle, where UPPER is
1242 * safely applicable to NUMBER etc.
1244 (void)backsql_process_filter_eq( bsi, at, casefold, filter_value );
1247 case LDAP_FILTER_GE:
1248 ordering.bv_val = ">=";
1250 /* fall thru to next case */
1252 case LDAP_FILTER_LE:
1253 filter_value = &f->f_av_value;
1255 /* always uppercase strings by now */
1256 #ifdef BACKSQL_UPPERCASE_FILTER
1257 if ( at->bam_ad->ad_type->sat_ordering &&
1258 SLAP_MR_ASSOCIATED( at->bam_ad->ad_type->sat_ordering,
1259 bi->sql_caseIgnoreMatch ) )
1260 #endif /* BACKSQL_UPPERCASE_FILTER */
1266 * FIXME: should we uppercase the operands?
1268 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
1271 backsql_strfcat_x( &bsi->bsi_flt_where,
1272 bsi->bsi_op->o_tmpmemctx,
1275 &at->bam_sel_expr_u,
1279 start = bsi->bsi_flt_where.bb_val.bv_len;
1281 backsql_strfcat_x( &bsi->bsi_flt_where,
1282 bsi->bsi_op->o_tmpmemctx,
1285 (ber_len_t)STRLENOF( /* (' */ "')" ),
1288 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
1291 backsql_strfcat_x( &bsi->bsi_flt_where,
1292 bsi->bsi_op->o_tmpmemctx,
1299 (ber_len_t)STRLENOF( /* (' */ "')" ),
1304 case LDAP_FILTER_PRESENT:
1305 backsql_strfcat_x( &bsi->bsi_flt_where,
1306 bsi->bsi_op->o_tmpmemctx,
1308 (ber_len_t)STRLENOF( "NOT (" /* ) */),
1311 (ber_len_t)STRLENOF( /* ( */ " IS NULL)" ),
1312 /* ( */ " IS NULL)" );
1315 case LDAP_FILTER_SUBSTRINGS:
1316 backsql_process_sub_filter( bsi, f, at );
1319 case LDAP_FILTER_APPROX:
1320 /* we do our best */
1323 * maybe we should check type of at->sel_expr here somehow,
1324 * to know whether upper_func is applicable, but for now
1325 * upper_func stuff is made for Oracle, where UPPER is
1326 * safely applicable to NUMBER etc.
1328 (void)backsql_process_filter_like( bsi, at, 1, &f->f_av_value );
1332 /* unhandled filter type; should not happen */
1334 backsql_strfcat_x( &bsi->bsi_flt_where,
1335 bsi->bsi_op->o_tmpmemctx,
1337 (ber_len_t)STRLENOF( "8=8" ), "8=8" );
1342 Debug( LDAP_DEBUG_TRACE, "<==backsql_process_filter_attr(%s)\n",
1343 at->bam_ad->ad_cname.bv_val, 0, 0 );
1349 backsql_srch_query( backsql_srch_info *bsi, struct berval *query )
1351 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
1354 assert( query != NULL );
1355 BER_BVZERO( query );
1357 bsi->bsi_use_subtree_shortcut = 0;
1359 Debug( LDAP_DEBUG_TRACE, "==>backsql_srch_query()\n", 0, 0, 0 );
1360 BER_BVZERO( &bsi->bsi_sel.bb_val );
1361 BER_BVZERO( &bsi->bsi_sel.bb_val );
1362 bsi->bsi_sel.bb_len = 0;
1363 BER_BVZERO( &bsi->bsi_from.bb_val );
1364 bsi->bsi_from.bb_len = 0;
1365 BER_BVZERO( &bsi->bsi_join_where.bb_val );
1366 bsi->bsi_join_where.bb_len = 0;
1367 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
1368 bsi->bsi_flt_where.bb_len = 0;
1370 backsql_strfcat_x( &bsi->bsi_sel,
1371 bsi->bsi_op->o_tmpmemctx,
1373 (ber_len_t)STRLENOF( "SELECT DISTINCT ldap_entries.id," ),
1374 "SELECT DISTINCT ldap_entries.id,",
1375 &bsi->bsi_oc->bom_keytbl,
1377 &bsi->bsi_oc->bom_keycol,
1380 if ( !BER_BVISNULL( &bi->sql_strcast_func ) ) {
1381 backsql_strfcat_x( &bsi->bsi_sel,
1382 bsi->bsi_op->o_tmpmemctx,
1384 &bi->sql_strcast_func,
1385 (ber_len_t)STRLENOF( "('" /* ') */ ),
1387 &bsi->bsi_oc->bom_oc->soc_cname,
1388 (ber_len_t)STRLENOF( /* (' */ "')" ),
1391 backsql_strfcat_x( &bsi->bsi_sel,
1392 bsi->bsi_op->o_tmpmemctx,
1395 &bsi->bsi_oc->bom_oc->soc_cname,
1399 backsql_strfcat_x( &bsi->bsi_sel,
1400 bsi->bsi_op->o_tmpmemctx,
1402 &bi->sql_dn_oc_aliasing );
1403 backsql_strfcat_x( &bsi->bsi_from,
1404 bsi->bsi_op->o_tmpmemctx,
1406 (ber_len_t)STRLENOF( " FROM ldap_entries," ),
1407 " FROM ldap_entries,",
1408 &bsi->bsi_oc->bom_keytbl );
1410 backsql_strfcat_x( &bsi->bsi_join_where,
1411 bsi->bsi_op->o_tmpmemctx,
1413 (ber_len_t)STRLENOF( " WHERE " ), " WHERE ",
1414 &bsi->bsi_oc->bom_keytbl,
1416 &bsi->bsi_oc->bom_keycol,
1417 (ber_len_t)STRLENOF( "=ldap_entries.keyval AND ldap_entries.oc_map_id=? AND " ),
1418 "=ldap_entries.keyval AND ldap_entries.oc_map_id=? AND " );
1420 switch ( bsi->bsi_scope ) {
1421 case LDAP_SCOPE_BASE:
1422 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1423 backsql_strfcat_x( &bsi->bsi_join_where,
1424 bsi->bsi_op->o_tmpmemctx,
1426 &bi->sql_upper_func,
1427 (ber_len_t)STRLENOF( "(ldap_entries.dn)=?" ),
1428 "(ldap_entries.dn)=?" );
1430 backsql_strfcat_x( &bsi->bsi_join_where,
1431 bsi->bsi_op->o_tmpmemctx,
1433 (ber_len_t)STRLENOF( "ldap_entries.dn=?" ),
1434 "ldap_entries.dn=?" );
1438 case BACKSQL_SCOPE_BASE_LIKE:
1439 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1440 backsql_strfcat_x( &bsi->bsi_join_where,
1441 bsi->bsi_op->o_tmpmemctx,
1443 &bi->sql_upper_func,
1444 (ber_len_t)STRLENOF( "(ldap_entries.dn) LIKE ?" ),
1445 "(ldap_entries.dn) LIKE ?" );
1447 backsql_strfcat_x( &bsi->bsi_join_where,
1448 bsi->bsi_op->o_tmpmemctx,
1450 (ber_len_t)STRLENOF( "ldap_entries.dn LIKE ?" ),
1451 "ldap_entries.dn LIKE ?" );
1455 case LDAP_SCOPE_ONELEVEL:
1456 backsql_strfcat_x( &bsi->bsi_join_where,
1457 bsi->bsi_op->o_tmpmemctx,
1459 (ber_len_t)STRLENOF( "ldap_entries.parent=?" ),
1460 "ldap_entries.parent=?" );
1463 case LDAP_SCOPE_SUBORDINATE:
1464 case LDAP_SCOPE_SUBTREE:
1465 if ( BACKSQL_USE_SUBTREE_SHORTCUT( bi ) ) {
1467 BackendDB *bd = bsi->bsi_op->o_bd;
1469 assert( bd->be_nsuffix != NULL );
1471 for ( i = 0; !BER_BVISNULL( &bd->be_nsuffix[ i ] ); i++ )
1473 if ( dn_match( &bd->be_nsuffix[ i ],
1474 bsi->bsi_base_ndn ) )
1476 /* pass this to the candidate selection
1477 * routine so that the DN is not bound
1478 * to the select statement */
1479 bsi->bsi_use_subtree_shortcut = 1;
1485 if ( bsi->bsi_use_subtree_shortcut ) {
1486 /* Skip the base DN filter, as every entry will match it */
1487 backsql_strfcat_x( &bsi->bsi_join_where,
1488 bsi->bsi_op->o_tmpmemctx,
1490 (ber_len_t)STRLENOF( "9=9"), "9=9");
1492 } else if ( !BER_BVISNULL( &bi->sql_subtree_cond ) ) {
1493 backsql_strfcat_x( &bsi->bsi_join_where,
1494 bsi->bsi_op->o_tmpmemctx,
1496 &bi->sql_subtree_cond );
1498 } else if ( BACKSQL_CANUPPERCASE( bi ) ) {
1499 backsql_strfcat_x( &bsi->bsi_join_where,
1500 bsi->bsi_op->o_tmpmemctx,
1502 &bi->sql_upper_func,
1503 (ber_len_t)STRLENOF( "(ldap_entries.dn) LIKE ?" ),
1504 "(ldap_entries.dn) LIKE ?" );
1507 backsql_strfcat_x( &bsi->bsi_join_where,
1508 bsi->bsi_op->o_tmpmemctx,
1510 (ber_len_t)STRLENOF( "ldap_entries.dn LIKE ?" ),
1511 "ldap_entries.dn LIKE ?" );
1520 rc = backsql_process_filter( bsi, bsi->bsi_filter );
1522 struct berbuf bb = BB_NULL;
1524 backsql_strfcat_x( &bb,
1525 bsi->bsi_op->o_tmpmemctx,
1527 &bsi->bsi_sel.bb_val,
1528 &bsi->bsi_from.bb_val,
1529 &bsi->bsi_join_where.bb_val,
1530 (ber_len_t)STRLENOF( " AND " ), " AND ",
1531 &bsi->bsi_flt_where.bb_val );
1535 } else if ( rc < 0 ) {
1537 * Indicates that there's no possible way the filter matches
1538 * anything. No need to issue the query
1540 free( query->bv_val );
1541 BER_BVZERO( query );
1544 bsi->bsi_op->o_tmpfree( bsi->bsi_sel.bb_val.bv_val, bsi->bsi_op->o_tmpmemctx );
1545 BER_BVZERO( &bsi->bsi_sel.bb_val );
1546 bsi->bsi_sel.bb_len = 0;
1547 bsi->bsi_op->o_tmpfree( bsi->bsi_from.bb_val.bv_val, bsi->bsi_op->o_tmpmemctx );
1548 BER_BVZERO( &bsi->bsi_from.bb_val );
1549 bsi->bsi_from.bb_len = 0;
1550 bsi->bsi_op->o_tmpfree( bsi->bsi_join_where.bb_val.bv_val, bsi->bsi_op->o_tmpmemctx );
1551 BER_BVZERO( &bsi->bsi_join_where.bb_val );
1552 bsi->bsi_join_where.bb_len = 0;
1553 bsi->bsi_op->o_tmpfree( bsi->bsi_flt_where.bb_val.bv_val, bsi->bsi_op->o_tmpmemctx );
1554 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
1555 bsi->bsi_flt_where.bb_len = 0;
1557 Debug( LDAP_DEBUG_TRACE, "<==backsql_srch_query() returns %s\n",
1558 query->bv_val ? query->bv_val : "NULL", 0, 0 );
1560 return ( rc <= 0 ? 1 : 0 );
1564 backsql_oc_get_candidates( void *v_oc, void *v_bsi )
1566 backsql_oc_map_rec *oc = v_oc;
1567 backsql_srch_info *bsi = v_bsi;
1568 Operation *op = bsi->bsi_op;
1569 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
1570 struct berval query;
1571 SQLHSTMT sth = SQL_NULL_HSTMT;
1574 BACKSQL_ROW_NTS row;
1577 int n_candidates = bsi->bsi_n_candidates;
1580 * + 1 because we need room for '%';
1581 * + 1 because we need room for ',' for LDAP_SCOPE_SUBORDINATE;
1582 * this makes a subtree
1583 * search for a DN BACKSQL_MAX_DN_LEN long legal
1584 * if it returns that DN only
1586 char tmp_base_ndn[ BACKSQL_MAX_DN_LEN + 1 + 1 ];
1588 bsi->bsi_status = LDAP_SUCCESS;
1590 Debug( LDAP_DEBUG_TRACE, "==>backsql_oc_get_candidates(): oc=\"%s\"\n",
1591 BACKSQL_OC_NAME( oc ), 0, 0 );
1593 /* check for abandon */
1594 if ( op->o_abandon ) {
1595 bsi->bsi_status = SLAPD_ABANDON;
1596 return BACKSQL_AVL_STOP;
1599 if ( bsi->bsi_n_candidates == -1 ) {
1600 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1601 "unchecked limit has been overcome\n", 0, 0, 0 );
1602 /* should never get here */
1604 bsi->bsi_status = LDAP_ADMINLIMIT_EXCEEDED;
1605 return BACKSQL_AVL_STOP;
1609 res = backsql_srch_query( bsi, &query );
1611 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1612 "error while constructing query for objectclass \"%s\"\n",
1613 oc->bom_oc->soc_cname.bv_val, 0, 0 );
1615 * FIXME: need to separate errors from legally
1616 * impossible filters
1618 switch ( bsi->bsi_status ) {
1620 case LDAP_UNDEFINED_TYPE:
1621 case LDAP_NO_SUCH_OBJECT:
1622 /* we are conservative... */
1624 bsi->bsi_status = LDAP_SUCCESS;
1626 return BACKSQL_AVL_CONTINUE;
1628 case LDAP_ADMINLIMIT_EXCEEDED:
1630 /* don't try any more */
1631 return BACKSQL_AVL_STOP;
1635 if ( BER_BVISNULL( &query ) ) {
1636 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1637 "could not construct query for objectclass \"%s\"\n",
1638 oc->bom_oc->soc_cname.bv_val, 0, 0 );
1639 bsi->bsi_status = LDAP_SUCCESS;
1640 return BACKSQL_AVL_CONTINUE;
1643 Debug( LDAP_DEBUG_TRACE, "Constructed query: %s\n",
1644 query.bv_val, 0, 0 );
1646 rc = backsql_Prepare( bsi->bsi_dbh, &sth, query.bv_val, 0 );
1647 bsi->bsi_op->o_tmpfree( query.bv_val, bsi->bsi_op->o_tmpmemctx );
1648 BER_BVZERO( &query );
1649 if ( rc != SQL_SUCCESS ) {
1650 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1651 "error preparing query\n", 0, 0, 0 );
1652 backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh, sth, rc );
1653 bsi->bsi_status = LDAP_OTHER;
1654 return BACKSQL_AVL_CONTINUE;
1657 Debug( LDAP_DEBUG_TRACE, "id: '%ld'\n", bsi->bsi_oc->bom_id, 0, 0 );
1659 rc = backsql_BindParamInt( sth, 1, SQL_PARAM_INPUT,
1660 &bsi->bsi_oc->bom_id );
1661 if ( rc != SQL_SUCCESS ) {
1662 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1663 "error binding objectclass id parameter\n", 0, 0, 0 );
1664 bsi->bsi_status = LDAP_OTHER;
1665 return BACKSQL_AVL_CONTINUE;
1668 switch ( bsi->bsi_scope ) {
1669 case LDAP_SCOPE_BASE:
1670 case BACKSQL_SCOPE_BASE_LIKE:
1672 * We do not accept DNs longer than BACKSQL_MAX_DN_LEN;
1673 * however this should be handled earlier
1675 if ( bsi->bsi_base_ndn->bv_len > BACKSQL_MAX_DN_LEN ) {
1676 bsi->bsi_status = LDAP_OTHER;
1677 return BACKSQL_AVL_CONTINUE;
1680 AC_MEMCPY( tmp_base_ndn, bsi->bsi_base_ndn->bv_val,
1681 bsi->bsi_base_ndn->bv_len + 1 );
1683 /* uppercase DN only if the stored DN can be uppercased
1685 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1686 ldap_pvt_str2upper( tmp_base_ndn );
1689 Debug( LDAP_DEBUG_TRACE, "(base)dn: \"%s\"\n",
1690 tmp_base_ndn, 0, 0 );
1692 rc = backsql_BindParamStr( sth, 2, SQL_PARAM_INPUT,
1693 tmp_base_ndn, BACKSQL_MAX_DN_LEN );
1694 if ( rc != SQL_SUCCESS ) {
1695 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1696 "error binding base_ndn parameter\n", 0, 0, 0 );
1697 backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh,
1699 bsi->bsi_status = LDAP_OTHER;
1700 return BACKSQL_AVL_CONTINUE;
1704 case LDAP_SCOPE_SUBORDINATE:
1705 case LDAP_SCOPE_SUBTREE:
1707 /* if short-cutting the search base,
1708 * don't bind any parameter */
1709 if ( bsi->bsi_use_subtree_shortcut ) {
1714 * We do not accept DNs longer than BACKSQL_MAX_DN_LEN;
1715 * however this should be handled earlier
1717 if ( bsi->bsi_base_ndn->bv_len > BACKSQL_MAX_DN_LEN ) {
1718 bsi->bsi_status = LDAP_OTHER;
1719 return BACKSQL_AVL_CONTINUE;
1723 * Sets the parameters for the SQL built earlier
1724 * NOTE that all the databases could actually use
1725 * the TimesTen version, which would be cleaner
1726 * and would also eliminate the need for the
1727 * subtree_cond line in the configuration file.
1728 * For now, I'm leaving it the way it is,
1729 * so non-TimesTen databases use the original code.
1730 * But at some point this should get cleaned up.
1732 * If "dn" is being used, do a suffix search.
1733 * If "dn_ru" is being used, do a prefix search.
1735 if ( BACKSQL_HAS_LDAPINFO_DN_RU( bi ) ) {
1736 tmp_base_ndn[ 0 ] = '\0';
1738 for ( i = 0, j = bsi->bsi_base_ndn->bv_len - 1;
1740 tmp_base_ndn[ i ] = bsi->bsi_base_ndn->bv_val[ j ];
1743 if ( bsi->bsi_scope == LDAP_SCOPE_SUBORDINATE ) {
1744 tmp_base_ndn[ i++ ] = ',';
1747 tmp_base_ndn[ i ] = '%';
1748 tmp_base_ndn[ i + 1 ] = '\0';
1753 tmp_base_ndn[ i++ ] = '%';
1755 if ( bsi->bsi_scope == LDAP_SCOPE_SUBORDINATE ) {
1756 tmp_base_ndn[ i++ ] = ',';
1759 AC_MEMCPY( &tmp_base_ndn[ i ], bsi->bsi_base_ndn->bv_val,
1760 bsi->bsi_base_ndn->bv_len + 1 );
1763 /* uppercase DN only if the stored DN can be uppercased
1765 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1766 ldap_pvt_str2upper( tmp_base_ndn );
1769 if ( bsi->bsi_scope == LDAP_SCOPE_SUBORDINATE ) {
1770 Debug( LDAP_DEBUG_TRACE, "(children)dn: \"%s\"\n",
1771 tmp_base_ndn, 0, 0 );
1773 Debug( LDAP_DEBUG_TRACE, "(sub)dn: \"%s\"\n",
1774 tmp_base_ndn, 0, 0 );
1777 rc = backsql_BindParamStr( sth, 2, SQL_PARAM_INPUT,
1778 tmp_base_ndn, BACKSQL_MAX_DN_LEN );
1779 if ( rc != SQL_SUCCESS ) {
1780 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1781 "error binding base_ndn parameter (2)\n",
1783 backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh,
1785 bsi->bsi_status = LDAP_OTHER;
1786 return BACKSQL_AVL_CONTINUE;
1791 case LDAP_SCOPE_ONELEVEL:
1792 assert( !BER_BVISNULL( &bsi->bsi_base_id.eid_ndn ) );
1794 #ifdef BACKSQL_ARBITRARY_KEY
1795 Debug( LDAP_DEBUG_TRACE, "(one)id: \"%s\"\n",
1796 bsi->bsi_base_id.eid_id.bv_val, 0, 0 );
1797 #else /* ! BACKSQL_ARBITRARY_KEY */
1798 Debug( LDAP_DEBUG_TRACE, "(one)id: '%lu'\n",
1799 bsi->bsi_base_id.eid_id, 0, 0 );
1800 #endif /* ! BACKSQL_ARBITRARY_KEY */
1801 rc = backsql_BindParamID( sth, 2, SQL_PARAM_INPUT,
1802 &bsi->bsi_base_id.eid_id );
1803 if ( rc != SQL_SUCCESS ) {
1804 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1805 "error binding base id parameter\n", 0, 0, 0 );
1806 bsi->bsi_status = LDAP_OTHER;
1807 return BACKSQL_AVL_CONTINUE;
1812 rc = SQLExecute( sth );
1813 if ( !BACKSQL_SUCCESS( rc ) ) {
1814 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1815 "error executing query\n", 0, 0, 0 );
1816 backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh, sth, rc );
1817 SQLFreeStmt( sth, SQL_DROP );
1818 bsi->bsi_status = LDAP_OTHER;
1819 return BACKSQL_AVL_CONTINUE;
1822 backsql_BindRowAsStrings_x( sth, &row, bsi->bsi_op->o_tmpmemctx );
1823 rc = SQLFetch( sth );
1824 for ( ; BACKSQL_SUCCESS( rc ); rc = SQLFetch( sth ) ) {
1825 struct berval dn, pdn, ndn;
1826 backsql_entryID *c_id = NULL;
1829 ber_str2bv( row.cols[ 3 ], 0, 0, &dn );
1831 if ( backsql_api_odbc2dn( bsi->bsi_op, bsi->bsi_rs, &dn ) ) {
1835 ret = dnPrettyNormal( NULL, &dn, &pdn, &ndn, op->o_tmpmemctx );
1836 if ( dn.bv_val != row.cols[ 3 ] ) {
1840 if ( ret != LDAP_SUCCESS ) {
1844 if ( bi->sql_baseObject && dn_match( &ndn, &bi->sql_baseObject->e_nname ) ) {
1848 c_id = (backsql_entryID *)op->o_tmpcalloc( 1,
1849 sizeof( backsql_entryID ), op->o_tmpmemctx );
1850 #ifdef BACKSQL_ARBITRARY_KEY
1851 ber_str2bv_x( row.cols[ 0 ], 0, 1, &c_id->eid_id,
1853 ber_str2bv_x( row.cols[ 1 ], 0, 1, &c_id->eid_keyval,
1855 #else /* ! BACKSQL_ARBITRARY_KEY */
1856 if ( lutil_atoulx( &c_id->eid_id, row.cols[ 0 ], 0 ) != 0 ) {
1859 if ( lutil_atoulx( &c_id->eid_keyval, row.cols[ 1 ], 0 ) != 0 ) {
1862 #endif /* ! BACKSQL_ARBITRARY_KEY */
1863 c_id->eid_oc_id = bsi->bsi_oc->bom_id;
1866 c_id->eid_ndn = ndn;
1868 /* append at end of list ... */
1869 c_id->eid_next = NULL;
1870 *bsi->bsi_id_listtail = c_id;
1871 bsi->bsi_id_listtail = &c_id->eid_next;
1873 #ifdef BACKSQL_ARBITRARY_KEY
1874 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1875 "added entry id=%s, keyval=%s dn=\"%s\"\n",
1876 c_id->eid_id.bv_val, c_id->eid_keyval.bv_val,
1878 #else /* ! BACKSQL_ARBITRARY_KEY */
1879 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1880 "added entry id=%ld, keyval=%ld dn=\"%s\"\n",
1881 c_id->eid_id, c_id->eid_keyval, row.cols[ 3 ] );
1882 #endif /* ! BACKSQL_ARBITRARY_KEY */
1884 /* count candidates, for unchecked limit */
1885 bsi->bsi_n_candidates--;
1886 if ( bsi->bsi_n_candidates == -1 ) {
1892 if ( !BER_BVISNULL( &pdn ) ) {
1893 op->o_tmpfree( pdn.bv_val, op->o_tmpmemctx );
1895 if ( !BER_BVISNULL( &ndn ) ) {
1896 op->o_tmpfree( ndn.bv_val, op->o_tmpmemctx );
1898 if ( c_id != NULL ) {
1902 backsql_FreeRow_x( &row, bsi->bsi_op->o_tmpmemctx );
1903 SQLFreeStmt( sth, SQL_DROP );
1905 Debug( LDAP_DEBUG_TRACE, "<==backsql_oc_get_candidates(): %d\n",
1906 n_candidates - bsi->bsi_n_candidates, 0, 0 );
1908 return ( bsi->bsi_n_candidates == -1 ? BACKSQL_AVL_STOP : BACKSQL_AVL_CONTINUE );
1912 backsql_search( Operation *op, SlapReply *rs )
1914 backsql_info *bi = (backsql_info *)op->o_bd->be_private;
1915 SQLHDBC dbh = SQL_NULL_HDBC;
1917 Entry user_entry = { 0 },
1919 int manageDSAit = get_manageDSAit( op );
1920 time_t stoptime = 0;
1921 backsql_srch_info bsi = { 0 };
1922 backsql_entryID *eid = NULL;
1923 struct berval nbase = BER_BVNULL;
1925 Debug( LDAP_DEBUG_TRACE, "==>backsql_search(): "
1926 "base=\"%s\", filter=\"%s\", scope=%d,",
1927 op->o_req_ndn.bv_val,
1928 op->ors_filterstr.bv_val,
1930 Debug( LDAP_DEBUG_TRACE, " deref=%d, attrsonly=%d, "
1931 "attributes to load: %s\n",
1934 op->ors_attrs == NULL ? "all" : "custom list" );
1936 if ( op->o_req_ndn.bv_len > BACKSQL_MAX_DN_LEN ) {
1937 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1938 "search base length (%ld) exceeds max length (%d)\n",
1939 op->o_req_ndn.bv_len, BACKSQL_MAX_DN_LEN, 0 );
1941 * FIXME: a LDAP_NO_SUCH_OBJECT could be appropriate
1942 * since it is impossible that such a long DN exists
1945 rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
1946 send_ldap_result( op, rs );
1950 sres = backsql_get_db_conn( op, &dbh );
1951 if ( sres != LDAP_SUCCESS ) {
1952 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1953 "could not get connection handle - exiting\n",
1956 rs->sr_text = sres == LDAP_OTHER ? "SQL-backend error" : NULL;
1957 send_ldap_result( op, rs );
1961 /* compute it anyway; root does not use it */
1962 stoptime = op->o_time + op->ors_tlimit;
1965 bsi.bsi_e = &base_entry;
1966 rs->sr_err = backsql_init_search( &bsi, &op->o_req_ndn,
1968 stoptime, op->ors_filter,
1969 dbh, op, rs, op->ors_attrs,
1970 ( BACKSQL_ISF_MATCHED | BACKSQL_ISF_GET_ENTRY ) );
1971 switch ( rs->sr_err ) {
1976 if ( manageDSAit && !BER_BVISNULL( &bsi.bsi_e->e_nname ) &&
1977 dn_match( &op->o_req_ndn, &bsi.bsi_e->e_nname ) )
1979 rs->sr_err = LDAP_SUCCESS;
1981 rs->sr_matched = NULL;
1983 ber_bvarray_free( rs->sr_ref );
1989 /* an entry was created; free it */
1990 entry_clean( bsi.bsi_e );
1995 if ( !BER_BVISNULL( &base_entry.e_nname )
1996 && !access_allowed( op, &base_entry,
1997 slap_schema.si_ad_entry, NULL,
1998 ACL_DISCLOSE, NULL ) )
2000 rs->sr_err = LDAP_NO_SUCH_OBJECT;
2002 ber_bvarray_free( rs->sr_ref );
2005 rs->sr_matched = NULL;
2009 send_ldap_result( op, rs );
2012 ber_bvarray_free( rs->sr_ref );
2016 if ( !BER_BVISNULL( &base_entry.e_nname ) ) {
2017 entry_clean( &base_entry );
2022 /* NOTE: __NEW__ "search" access is required
2023 * on searchBase object */
2027 if ( get_assert( op ) &&
2028 ( test_filter( op, &base_entry, get_assertion( op ) )
2029 != LDAP_COMPARE_TRUE ) )
2031 rs->sr_err = LDAP_ASSERTION_FAILED;
2034 if ( ! access_allowed_mask( op, &base_entry,
2035 slap_schema.si_ad_entry,
2036 NULL, ACL_SEARCH, NULL, &mask ) )
2038 if ( rs->sr_err == LDAP_SUCCESS ) {
2039 rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
2043 if ( rs->sr_err != LDAP_SUCCESS ) {
2044 if ( !ACL_GRANT( mask, ACL_DISCLOSE ) ) {
2045 rs->sr_err = LDAP_NO_SUCH_OBJECT;
2048 send_ldap_result( op, rs );
2055 bsi.bsi_n_candidates =
2056 ( op->ors_limit == NULL /* isroot == TRUE */ ? -2 :
2057 ( op->ors_limit->lms_s_unchecked == -1 ? -2 :
2058 ( op->ors_limit->lms_s_unchecked ) ) );
2060 switch ( bsi.bsi_scope ) {
2061 case LDAP_SCOPE_BASE:
2062 case BACKSQL_SCOPE_BASE_LIKE:
2064 * probably already found...
2066 bsi.bsi_id_list = &bsi.bsi_base_id;
2067 bsi.bsi_id_listtail = &bsi.bsi_base_id.eid_next;
2070 case LDAP_SCOPE_SUBTREE:
2072 * if baseObject is defined, and if it is the root
2073 * of the search, add it to the candidate list
2075 if ( bi->sql_baseObject && BACKSQL_IS_BASEOBJECT_ID( &bsi.bsi_base_id.eid_id ) )
2077 bsi.bsi_id_list = &bsi.bsi_base_id;
2078 bsi.bsi_id_listtail = &bsi.bsi_base_id.eid_next;
2085 * for each objectclass we try to construct query which gets IDs
2086 * of entries matching LDAP query filter and scope (or at least
2087 * candidates), and get the IDs
2089 avl_apply( bi->sql_oc_by_oc, backsql_oc_get_candidates,
2090 &bsi, BACKSQL_AVL_STOP, AVL_INORDER );
2092 /* check for abandon */
2093 if ( op->o_abandon ) {
2094 eid = bsi.bsi_id_list;
2095 rs->sr_err = SLAPD_ABANDON;
2100 if ( op->ors_limit != NULL /* isroot == FALSE */
2101 && op->ors_limit->lms_s_unchecked != -1
2102 && bsi.bsi_n_candidates == -1 )
2104 rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
2105 send_ldap_result( op, rs );
2110 * now we load candidate entries (only those attributes
2111 * mentioned in attrs and filter), test it against full filter
2112 * and then send to client; don't free entry_id if baseObject...
2114 for ( eid = bsi.bsi_id_list;
2116 eid = backsql_free_entryID( op,
2117 eid, eid == &bsi.bsi_base_id ? 0 : 1 ) )
2120 Attribute *a_hasSubordinate = NULL,
2121 *a_entryUUID = NULL,
2126 /* check for abandon */
2127 if ( op->o_abandon ) {
2128 rs->sr_err = SLAPD_ABANDON;
2132 /* check time limit */
2133 if ( op->ors_tlimit != SLAP_NO_LIMIT
2134 && slap_get_time() > stoptime )
2136 rs->sr_err = LDAP_TIMELIMIT_EXCEEDED;
2137 rs->sr_ctrls = NULL;
2138 rs->sr_ref = rs->sr_v2ref;
2142 #ifdef BACKSQL_ARBITRARY_KEY
2143 Debug(LDAP_DEBUG_TRACE, "backsql_search(): loading data "
2144 "for entry id=%s, oc_id=%ld, keyval=%s\n",
2145 eid->eid_id.bv_val, eid->eid_oc_id,
2146 eid->eid_keyval.bv_val );
2147 #else /* ! BACKSQL_ARBITRARY_KEY */
2148 Debug(LDAP_DEBUG_TRACE, "backsql_search(): loading data "
2149 "for entry id=%ld, oc_id=%ld, keyval=%ld\n",
2150 eid->eid_id, eid->eid_oc_id, eid->eid_keyval );
2151 #endif /* ! BACKSQL_ARBITRARY_KEY */
2154 switch ( op->ors_scope ) {
2155 case LDAP_SCOPE_BASE:
2156 case BACKSQL_SCOPE_BASE_LIKE:
2157 if ( !dn_match( &eid->eid_ndn, &op->o_req_ndn ) ) {
2162 case LDAP_SCOPE_ONE:
2164 struct berval rdn = eid->eid_ndn;
2166 rdn.bv_len -= op->o_req_ndn.bv_len + STRLENOF( "," );
2167 if ( !dnIsOneLevelRDN( &rdn ) ) {
2173 case LDAP_SCOPE_SUBORDINATE:
2174 /* discard the baseObject entry */
2175 if ( dn_match( &eid->eid_ndn, &op->o_req_ndn ) ) {
2179 case LDAP_SCOPE_SUBTREE:
2180 /* FIXME: this should never fail... */
2181 if ( !dnIsSuffix( &eid->eid_ndn, &op->o_req_ndn ) ) {
2188 if ( BACKSQL_IS_BASEOBJECT_ID( &eid->eid_id ) ) {
2189 /* don't recollect baseObject... */
2190 e = bi->sql_baseObject;
2192 } else if ( eid == &bsi.bsi_base_id ) {
2193 /* don't recollect searchBase object... */
2197 bsi.bsi_e = &user_entry;
2198 rc = backsql_id2entry( &bsi, eid );
2199 if ( rc != LDAP_SUCCESS ) {
2200 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
2201 "error %d in backsql_id2entry() "
2202 "- skipping\n", rc, 0, 0 );
2208 if ( !manageDSAit &&
2209 op->ors_scope != LDAP_SCOPE_BASE &&
2210 op->ors_scope != BACKSQL_SCOPE_BASE_LIKE &&
2211 is_entry_referral( e ) )
2215 refs = get_entry_referrals( op, e );
2217 backsql_srch_info bsi2 = { 0 };
2218 Entry user_entry2 = { 0 };
2220 /* retry with the full entry... */
2221 bsi2.bsi_e = &user_entry2;
2222 rc = backsql_init_search( &bsi2,
2227 BACKSQL_ISF_GET_ENTRY );
2228 if ( rc == LDAP_SUCCESS ) {
2229 if ( is_entry_referral( &user_entry2 ) )
2231 refs = get_entry_referrals( op,
2234 rs->sr_err = LDAP_OTHER;
2236 backsql_entry_clean( op, &user_entry2 );
2238 if ( bsi2.bsi_attrs != NULL ) {
2239 op->o_tmpfree( bsi2.bsi_attrs,
2245 rs->sr_ref = referral_rewrite( refs,
2249 ber_bvarray_free( refs );
2253 rs->sr_err = LDAP_REFERRAL;
2256 rs->sr_text = "bad referral object";
2260 rs->sr_matched = user_entry.e_name.bv_val;
2261 send_search_reference( op, rs );
2263 ber_bvarray_free( rs->sr_ref );
2265 rs->sr_matched = NULL;
2266 rs->sr_entry = NULL;
2272 * We use this flag since we need to parse the filter
2273 * anyway; we should have used the frontend API function
2274 * filter_has_subordinates()
2276 if ( bsi.bsi_flags & BSQL_SF_FILTER_HASSUBORDINATE ) {
2277 rc = backsql_has_children( op, dbh, &e->e_nname );
2280 case LDAP_COMPARE_TRUE:
2281 case LDAP_COMPARE_FALSE:
2282 a_hasSubordinate = slap_operational_hasSubordinate( rc == LDAP_COMPARE_TRUE );
2283 if ( a_hasSubordinate != NULL ) {
2284 for ( ap = &user_entry.e_attrs;
2286 ap = &(*ap)->a_next );
2288 *ap = a_hasSubordinate;
2294 Debug(LDAP_DEBUG_TRACE,
2295 "backsql_search(): "
2296 "has_children failed( %d)\n",
2303 if ( bsi.bsi_flags & BSQL_SF_FILTER_ENTRYUUID ) {
2304 a_entryUUID = backsql_operational_entryUUID( bi, eid );
2305 if ( a_entryUUID != NULL ) {
2307 ap = &user_entry.e_attrs;
2310 for ( ; *ap; ap = &(*ap)->a_next );
2316 #ifdef BACKSQL_SYNCPROV
2317 if ( bsi.bsi_flags & BSQL_SF_FILTER_ENTRYCSN ) {
2318 a_entryCSN = backsql_operational_entryCSN( op );
2319 if ( a_entryCSN != NULL ) {
2321 ap = &user_entry.e_attrs;
2324 for ( ; *ap; ap = &(*ap)->a_next );
2329 #endif /* BACKSQL_SYNCPROV */
2331 if ( test_filter( op, e, op->ors_filter ) == LDAP_COMPARE_TRUE )
2333 rs->sr_attrs = op->ors_attrs;
2334 rs->sr_operational_attrs = NULL;
2336 rs->sr_flags = ( e == &user_entry ) ? REP_ENTRY_MODIFIABLE : 0;
2337 /* FIXME: need the whole entry (ITS#3480) */
2338 rs->sr_err = send_search_entry( op, rs );
2339 rs->sr_entry = NULL;
2340 rs->sr_attrs = NULL;
2341 rs->sr_operational_attrs = NULL;
2343 switch ( rs->sr_err ) {
2344 case LDAP_UNAVAILABLE:
2346 * FIXME: send_search_entry failed;
2349 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
2350 "connection lost\n", 0, 0, 0 );
2353 case LDAP_SIZELIMIT_EXCEEDED:
2359 if ( e == &user_entry ) {
2360 backsql_entry_clean( op, &user_entry );
2367 if ( rs->sr_nentries > 0 ) {
2368 rs->sr_ref = rs->sr_v2ref;
2369 rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS
2373 rs->sr_err = bsi.bsi_status;
2377 if ( rs->sr_err != SLAPD_ABANDON ) {
2378 send_ldap_result( op, rs );
2381 /* cleanup in case of abandon */
2382 for ( ; eid != NULL;
2383 eid = backsql_free_entryID( op,
2384 eid, eid == &bsi.bsi_base_id ? 0 : 1 ) )
2387 backsql_entry_clean( op, &base_entry );
2389 /* in case we got here accidentally */
2390 backsql_entry_clean( op, &user_entry );
2392 if ( rs->sr_v2ref ) {
2393 ber_bvarray_free( rs->sr_v2ref );
2394 rs->sr_v2ref = NULL;
2397 #ifdef BACKSQL_SYNCPROV
2399 Operation op2 = *op;
2400 SlapReply rs2 = { 0 };
2402 slap_callback cb = { 0 };
2404 op2.o_tag = LDAP_REQ_ADD;
2405 op2.o_bd = select_backend( &op->o_bd->be_nsuffix[0], 0, 0 );
2407 op2.o_callback = &cb;
2409 e.e_name = op->o_bd->be_suffix[0];
2410 e.e_nname = op->o_bd->be_nsuffix[0];
2412 cb.sc_response = slap_null_cb;
2414 op2.o_bd->be_add( &op2, &rs2 );
2416 #endif /* BACKSQL_SYNCPROV */
2419 (void)backsql_free_entryID( op, &bsi.bsi_base_id, 0 );
2421 if ( bsi.bsi_attrs != NULL ) {
2422 op->o_tmpfree( bsi.bsi_attrs, op->o_tmpmemctx );
2425 if ( !BER_BVISNULL( &nbase )
2426 && nbase.bv_val != op->o_req_ndn.bv_val )
2428 ch_free( nbase.bv_val );
2431 /* restore scope ... FIXME: this should be done before ANY
2432 * frontend call that uses op */
2433 if ( op->ors_scope == BACKSQL_SCOPE_BASE_LIKE ) {
2434 op->ors_scope = LDAP_SCOPE_BASE;
2437 Debug( LDAP_DEBUG_TRACE, "<==backsql_search()\n", 0, 0, 0 );
2442 /* return LDAP_SUCCESS IFF we can retrieve the specified entry.
2449 AttributeDescription *at,
2453 backsql_srch_info bsi = { 0 };
2454 SQLHDBC dbh = SQL_NULL_HDBC;
2456 SlapReply rs = { 0 };
2457 AttributeName anlist[ 2 ];
2461 rc = backsql_get_db_conn( op, &dbh );
2467 anlist[ 0 ].an_name = at->ad_cname;
2468 anlist[ 0 ].an_desc = at;
2469 BER_BVZERO( &anlist[ 1 ].an_name );
2472 bsi.bsi_e = entry_alloc();
2473 rc = backsql_init_search( &bsi,
2477 dbh, op, &rs, at ? anlist : NULL,
2478 BACKSQL_ISF_GET_ENTRY );
2480 if ( !BER_BVISNULL( &bsi.bsi_base_id.eid_ndn ) ) {
2481 (void)backsql_free_entryID( op, &bsi.bsi_base_id, 0 );
2484 if ( rc == LDAP_SUCCESS ) {
2486 #if 0 /* not supported at present */
2487 /* find attribute values */
2488 if ( is_entry_alias( bsi.bsi_e ) ) {
2489 Debug( LDAP_DEBUG_ACL,
2490 "<= backsql_entry_get: entry is an alias\n",
2492 rc = LDAP_ALIAS_PROBLEM;
2493 goto return_results;
2497 if ( is_entry_referral( bsi.bsi_e ) ) {
2498 Debug( LDAP_DEBUG_ACL,
2499 "<= backsql_entry_get: entry is a referral\n",
2502 goto return_results;
2505 if ( oc && !is_entry_objectclass( bsi.bsi_e, oc, 0 ) ) {
2506 Debug( LDAP_DEBUG_ACL,
2507 "<= backsql_entry_get: "
2508 "failed to find objectClass\n",
2510 rc = LDAP_NO_SUCH_ATTRIBUTE;
2511 goto return_results;
2518 if ( bsi.bsi_attrs != NULL ) {
2519 op->o_tmpfree( bsi.bsi_attrs, op->o_tmpmemctx );
2522 if ( rc != LDAP_SUCCESS ) {
2524 entry_free( bsi.bsi_e );
2532 backsql_entry_clean(
2538 ctx = ldap_pvt_thread_pool_context();
2540 if ( ctx == NULL || ctx != op->o_tmpmemctx ) {
2541 if ( !BER_BVISNULL( &e->e_name ) ) {
2542 op->o_tmpfree( e->e_name.bv_val, op->o_tmpmemctx );
2543 BER_BVZERO( &e->e_name );
2546 if ( !BER_BVISNULL( &e->e_nname ) ) {
2547 op->o_tmpfree( e->e_nname.bv_val, op->o_tmpmemctx );
2548 BER_BVZERO( &e->e_nname );
2556 backsql_entry_release(
2561 backsql_entry_clean( op, e );