2 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
4 * Copyright 1999-2004 The OpenLDAP Foundation.
5 * Portions Copyright 1999 Dmitry Kovalev.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted only as authorized by the OpenLDAP
12 * A copy of this license is available in the file LICENSE in the
13 * top-level directory of the distribution or, alternatively, at
14 * <http://www.OpenLDAP.org/license.html>.
17 * This work was initially developed by Dmitry Kovalev for inclusion
18 * by OpenLDAP Software.
24 #include <sys/types.h>
25 #include "ac/string.h"
29 #include "proto-sql.h"
31 static int backsql_process_filter( backsql_srch_info *bsi, Filter *f );
32 static int backsql_process_filter_eq( backsql_srch_info *bsi,
33 backsql_at_map_rec *at,
34 int casefold, struct berval *filter_value );
35 static int backsql_process_filter_like( backsql_srch_info *bsi,
36 backsql_at_map_rec *at,
37 int casefold, struct berval *filter_value );
38 static int backsql_process_filter_attr( backsql_srch_info *bsi, Filter *f,
39 backsql_at_map_rec *at );
42 backsql_attrlist_add( backsql_srch_info *bsi, AttributeDescription *ad )
45 AttributeName *an = NULL;
47 if ( bsi->bsi_attrs == NULL ) {
52 * clear the list (retrieve all attrs)
55 ch_free( bsi->bsi_attrs );
56 bsi->bsi_attrs = NULL;
60 for ( ; !BER_BVISNULL( &bsi->bsi_attrs[ n_attrs ].an_name ); n_attrs++ ) {
61 an = &bsi->bsi_attrs[ n_attrs ];
63 Debug( LDAP_DEBUG_TRACE, "==>backsql_attrlist_add(): "
64 "attribute \"%s\" is in list\n",
65 an->an_name.bv_val, 0, 0 );
67 * We can live with strcmp because the attribute
68 * list has been normalized before calling be_search
70 if ( !BACKSQL_NCMP( &an->an_name, &ad->ad_cname ) ) {
75 Debug( LDAP_DEBUG_TRACE, "==>backsql_attrlist_add(): "
76 "adding \"%s\" to list\n", ad->ad_cname.bv_val, 0, 0 );
78 an = (AttributeName *)ch_realloc( bsi->bsi_attrs,
79 sizeof( AttributeName ) * ( n_attrs + 2 ) );
84 an[ n_attrs ].an_name = ad->ad_cname;
85 an[ n_attrs ].an_desc = ad;
86 BER_BVZERO( &an[ n_attrs + 1 ].an_name );
94 * Initializes the search structure.
96 * If get_base_id != 0, the field bsi_base_id is filled
97 * with the entryID of bsi_base_ndn; it must be freed
98 * by backsql_free_entryID() when no longer required.
100 * NOTE: base must be normalized
104 backsql_srch_info *bsi,
105 struct berval *nbase,
114 AttributeName *attrs,
118 int rc = LDAP_SUCCESS;
120 bsi->bsi_base_ndn = nbase;
121 BER_BVZERO( &bsi->bsi_base_id.eid_dn );
122 BER_BVZERO( &bsi->bsi_base_id.eid_ndn );
123 bsi->bsi_scope = scope;
124 bsi->bsi_slimit = slimit;
125 bsi->bsi_tlimit = tlimit;
126 bsi->bsi_filter = filter;
130 bsi->bsi_flags = BSQL_SF_NONE;
135 if ( attrs == NULL || an_find( attrs, &AllUser ) ) {
136 bsi->bsi_attrs = NULL;
141 bsi->bsi_attrs = (AttributeName *)ch_calloc( 1,
142 sizeof( AttributeName ) );
143 BER_BVZERO( &bsi->bsi_attrs[ 0 ].an_name );
145 for ( p = attrs; !BER_BVISNULL( &p->an_name ); p++ ) {
147 * ignore "1.1"; handle "+"
149 if ( BACKSQL_NCMP( &p->an_name, &AllOper ) == 0 ) {
150 bsi->bsi_flags |= BSQL_SF_ALL_OPER;
153 } else if ( BACKSQL_NCMP( &p->an_name, &NoAttrs ) == 0 ) {
156 } else if ( p->an_desc == slap_schema.si_ad_objectClass ) {
160 backsql_attrlist_add( bsi, p->an_desc );
164 /* add objectClass if not present,
165 * because it is required to understand
166 * if an entry is a referral, an alias
168 backsql_attrlist_add( bsi, slap_schema.si_ad_objectClass );
172 bsi->bsi_abandon = 0;
173 bsi->bsi_id_list = NULL;
174 bsi->bsi_id_listtail = &bsi->bsi_id_list;
175 bsi->bsi_n_candidates = 0;
176 bsi->bsi_stoptime = stoptime;
177 BER_BVZERO( &bsi->bsi_sel.bb_val );
178 bsi->bsi_sel.bb_len = 0;
179 BER_BVZERO( &bsi->bsi_from.bb_val );
180 bsi->bsi_from.bb_len = 0;
181 BER_BVZERO( &bsi->bsi_join_where.bb_val );
182 bsi->bsi_join_where.bb_len = 0;
183 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
184 bsi->bsi_flt_where.bb_len = 0;
185 bsi->bsi_filter_oc = NULL;
188 assert( op->o_bd->be_private );
190 rc = backsql_dn2id( (backsql_info *)op->o_bd->be_private,
191 &bsi->bsi_base_id, dbh, nbase );
194 return ( bsi->bsi_status = rc );
198 backsql_process_filter_list( backsql_srch_info *bsi, Filter *f, int op )
206 backsql_strfcat( &bsi->bsi_flt_where, "c", '(' /* ) */ );
209 res = backsql_process_filter( bsi, f );
212 * TimesTen : If the query has no answers,
213 * don't bother to run the query.
224 case LDAP_FILTER_AND:
225 backsql_strfcat( &bsi->bsi_flt_where, "l",
226 (ber_len_t)STRLENOF( " AND " ),
231 backsql_strfcat( &bsi->bsi_flt_where, "l",
232 (ber_len_t)STRLENOF( " OR " ),
238 backsql_strfcat( &bsi->bsi_flt_where, "c", /* ( */ ')' );
244 backsql_process_sub_filter( backsql_srch_info *bsi, Filter *f,
245 backsql_at_map_rec *at )
247 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
255 /* always uppercase strings by now */
256 #ifdef BACKSQL_UPPERCASE_FILTER
257 if ( SLAP_MR_ASSOCIATED( f->f_sub_desc->ad_type->sat_substr,
258 bi->sql_caseIgnoreMatch ) )
259 #endif /* BACKSQL_UPPERCASE_FILTER */
264 if ( SLAP_MR_ASSOCIATED( f->f_sub_desc->ad_type->sat_substr,
265 bi->sql_telephoneNumberMatch ) )
272 * to check for matching telephone numbers
273 * with intermixed chars, e.g. val='1234'
276 * val LIKE '%1%2%3%4%'
280 if ( f->f_sub_initial.bv_val ) {
281 bv.bv_len += f->f_sub_initial.bv_len;
283 if ( f->f_sub_any != NULL ) {
284 for ( a = 0; f->f_sub_any[ a ].bv_val != NULL; a++ ) {
285 bv.bv_len += f->f_sub_any[ a ].bv_len;
288 if ( f->f_sub_final.bv_val ) {
289 bv.bv_len += f->f_sub_final.bv_len;
291 bv.bv_len = 2 * bv.bv_len - 1;
292 bv.bv_val = ch_malloc( bv.bv_len + 1 );
295 if ( !BER_BVISNULL( &f->f_sub_initial ) ) {
296 bv.bv_val[ s ] = f->f_sub_initial.bv_val[ 0 ];
297 for ( i = 1; i < f->f_sub_initial.bv_len; i++ ) {
298 bv.bv_val[ s + 2 * i - 1 ] = '%';
299 bv.bv_val[ s + 2 * i ] = f->f_sub_initial.bv_val[ i ];
301 bv.bv_val[ s + 2 * i - 1 ] = '%';
305 if ( f->f_sub_any != NULL ) {
306 for ( a = 0; !BER_BVISNULL( &f->f_sub_any[ a ] ); a++ ) {
307 bv.bv_val[ s ] = f->f_sub_any[ a ].bv_val[ 0 ];
308 for ( i = 1; i < f->f_sub_any[ a ].bv_len; i++ ) {
309 bv.bv_val[ s + 2 * i - 1 ] = '%';
310 bv.bv_val[ s + 2 * i ] = f->f_sub_any[ a ].bv_val[ i ];
312 bv.bv_val[ s + 2 * i - 1 ] = '%';
317 if ( !BER_BVISNULL( &f->f_sub_final ) ) {
318 bv.bv_val[ s ] = f->f_sub_final.bv_val[ 0 ];
319 for ( i = 1; i < f->f_sub_final.bv_len; i++ ) {
320 bv.bv_val[ s + 2 * i - 1 ] = '%';
321 bv.bv_val[ s + 2 * i ] = f->f_sub_final.bv_val[ i ];
323 bv.bv_val[ s + 2 * i - 1 ] = '%';
327 bv.bv_val[ s - 1 ] = '\0';
329 (void)backsql_process_filter_like( bsi, at, casefold, &bv );
330 ch_free( bv.bv_val );
336 * When dealing with case-sensitive strings
337 * we may omit normalization; however, normalized
338 * SQL filters are more liberal.
341 backsql_strfcat( &bsi->bsi_flt_where, "c", '(' /* ) */ );
344 Debug( LDAP_DEBUG_TRACE, "backsql_process_sub_filter(%s):\n",
345 at->bam_ad->ad_cname.bv_val, 0, 0 );
346 Debug(LDAP_DEBUG_TRACE, " expr: '%s%s%s'\n", at->bam_sel_expr.bv_val,
347 at->bam_sel_expr_u.bv_val ? "' '" : "",
348 at->bam_sel_expr_u.bv_val ? at->bam_sel_expr_u.bv_val : "" );
349 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
351 * If a pre-upper-cased version of the column
352 * or a precompiled upper function exists, use it
354 backsql_strfcat( &bsi->bsi_flt_where,
357 (ber_len_t)STRLENOF( " LIKE '" ),
361 backsql_strfcat( &bsi->bsi_flt_where, "bl",
363 (ber_len_t)STRLENOF( " LIKE '" ), " LIKE '" );
366 if ( !BER_BVISNULL( &f->f_sub_initial ) ) {
370 Debug( LDAP_DEBUG_TRACE,
371 "==>backsql_process_sub_filter(%s): "
372 "sub_initial=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
373 f->f_sub_initial.bv_val, 0 );
374 #endif /* BACKSQL_TRACE */
376 start = bsi->bsi_flt_where.bb_val.bv_len;
377 backsql_strfcat( &bsi->bsi_flt_where, "b",
379 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
380 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
384 backsql_strfcat( &bsi->bsi_flt_where, "c", '%' );
386 if ( f->f_sub_any != NULL ) {
387 for ( i = 0; !BER_BVISNULL( &f->f_sub_any[ i ] ); i++ ) {
391 Debug( LDAP_DEBUG_TRACE,
392 "==>backsql_process_sub_filter(%s): "
393 "sub_any[%d]=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
394 i, f->f_sub_any[ i ].bv_val );
395 #endif /* BACKSQL_TRACE */
397 start = bsi->bsi_flt_where.bb_val.bv_len;
398 backsql_strfcat( &bsi->bsi_flt_where,
402 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
404 * Note: toupper('%') = '%'
406 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
411 if ( !BER_BVISNULL( &f->f_sub_final ) ) {
415 Debug( LDAP_DEBUG_TRACE,
416 "==>backsql_process_sub_filter(%s): "
417 "sub_final=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
418 f->f_sub_final.bv_val, 0 );
419 #endif /* BACKSQL_TRACE */
421 start = bsi->bsi_flt_where.bb_val.bv_len;
422 backsql_strfcat( &bsi->bsi_flt_where, "b",
424 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
425 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
429 backsql_strfcat( &bsi->bsi_flt_where, "l",
430 (ber_len_t)STRLENOF( /* (' */ "')" ), /* (' */ "')" );
436 backsql_merge_from_tbls( backsql_srch_info *bsi, struct berval *from_tbls )
438 if ( BER_BVISNULL( from_tbls ) ) {
442 if ( !BER_BVISNULL( &bsi->bsi_from.bb_val ) ) {
443 char *start, *end, *tmp;
445 tmp = ch_strdup( from_tbls->bv_val );
447 for ( start = tmp, end = strchr( start, ',' ); start; ) {
452 if ( strstr( bsi->bsi_from.bb_val.bv_val, start) == NULL )
454 backsql_strfcat( &bsi->bsi_from, "cs", ',', start );
458 /* in case there are spaces after the comma... */
459 for ( start = &end[1]; isspace( start[0] ); start++ );
461 end = strchr( start, ',' );
473 backsql_strfcat( &bsi->bsi_from, "b", from_tbls );
480 backsql_process_filter( backsql_srch_info *bsi, Filter *f )
482 backsql_at_map_rec **vat = NULL;
483 AttributeDescription *ad = NULL;
488 Debug( LDAP_DEBUG_TRACE, "==>backsql_process_filter()\n", 0, 0, 0 );
489 if ( f->f_choice == SLAPD_FILTER_COMPUTED ) {
490 Debug( LDAP_DEBUG_TRACE, "backsql_process_filter(): "
491 "invalid filter\n", 0, 0, 0 );
496 switch( f->f_choice ) {
498 rc = backsql_process_filter_list( bsi, f->f_or,
503 case LDAP_FILTER_AND:
504 rc = backsql_process_filter_list( bsi, f->f_and,
509 case LDAP_FILTER_NOT:
510 backsql_strfcat( &bsi->bsi_flt_where, "l",
511 (ber_len_t)STRLENOF( "NOT (" /* ) */ ),
513 rc = backsql_process_filter( bsi, f->f_not );
514 backsql_strfcat( &bsi->bsi_flt_where, "c", /* ( */ ')' );
518 case LDAP_FILTER_PRESENT:
522 case LDAP_FILTER_EXT:
523 ad = f->f_mra->ma_desc;
524 if ( f->f_mr_dnattrs ) {
526 * if dn attrs filtering is requested, better return
527 * success and let test_filter() deal with candidate
528 * selection; otherwise we'd need to set conditions
529 * on the contents of the DN, e.g. "SELECT ... FROM
530 * ldap_entries AS attributeName WHERE attributeName.dn
531 * like '%attributeName=value%'"
533 backsql_strfcat( &bsi->bsi_flt_where, "l",
534 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
535 bsi->bsi_status = LDAP_SUCCESS;
556 * Turn structuralObjectClass into objectClass
558 if ( ad == slap_schema.si_ad_objectClass
559 || ad == slap_schema.si_ad_structuralObjectClass )
562 * If the filter is LDAP_FILTER_PRESENT, then it's done;
563 * otherwise, let's see if we are lucky: filtering
564 * for "structural" objectclass or ancestor...
566 switch ( f->f_choice ) {
567 case LDAP_FILTER_EQUALITY:
569 ObjectClass *oc = oc_bvfind( &f->f_av_value );
572 Debug( LDAP_DEBUG_TRACE,
573 "backsql_process_filter(): "
574 "unknown objectClass \"%s\" "
576 f->f_av_value.bv_val, 0, 0 );
577 bsi->bsi_status = LDAP_OTHER;
583 * "structural" objectClass inheritance:
584 * - a search for "person" will also return
586 * - a search for "top" will return everything
588 if ( is_object_subclass( oc, bsi->bsi_oc->bom_oc ) ) {
589 static struct berval ldap_entry_objclasses = BER_BVC( "ldap_entry_objclasses" );
591 backsql_merge_from_tbls( bsi, &ldap_entry_objclasses );
593 backsql_strfcat( &bsi->bsi_flt_where, "lbl",
594 (ber_len_t)STRLENOF( "1=1 OR (ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */ ),
595 "1=1 OR (ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */,
596 &bsi->bsi_oc->bom_oc->soc_cname,
597 (ber_len_t)STRLENOF( /* (' */ "')" ),
599 bsi->bsi_status = LDAP_SUCCESS;
607 case LDAP_FILTER_PRESENT:
608 backsql_strfcat( &bsi->bsi_flt_where, "l",
609 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
610 bsi->bsi_status = LDAP_SUCCESS;
614 /* FIXME: LDAP_FILTER_EXT? */
617 Debug( LDAP_DEBUG_TRACE,
618 "backsql_process_filter(): "
619 "illegal/unhandled filter "
620 "on objectClass attribute",
622 bsi->bsi_status = LDAP_OTHER;
627 } else if ( ad == slap_schema.si_ad_entryUUID ) {
629 #ifdef BACKSQL_ARBITRARY_KEY
630 struct berval keyval;
631 #else /* ! BACKSQL_ARBITRARY_KEY */
632 unsigned long keyval;
633 char keyvalbuf[] = "18446744073709551615";
634 #endif /* ! BACKSQL_ARBITRARY_KEY */
636 switch ( f->f_choice ) {
637 case LDAP_FILTER_EQUALITY:
638 backsql_entryUUID_decode( &f->f_av_value, &oc_id, &keyval );
640 if ( oc_id != bsi->bsi_oc->bom_id ) {
641 bsi->bsi_status = LDAP_SUCCESS;
646 #ifdef BACKSQL_ARBITRARY_KEY
647 backsql_strfcat( &bsi->bsi_flt_where, "bcblbc",
648 &bsi->bsi_oc->bom_keytbl, '.',
649 &bsi->bsi_oc->bom_keycol,
650 STRLENOF( " LIKE '" ), " LIKE '",
652 #else /* ! BACKSQL_ARBITRARY_KEY */
653 snprintf( keyvalbuf, sizeof( keyvalbuf ), "%lu", keyval );
654 backsql_strfcat( &bsi->bsi_flt_where, "bcbcs",
655 &bsi->bsi_oc->bom_keytbl, '.',
656 &bsi->bsi_oc->bom_keycol, '=', keyvalbuf );
657 #endif /* ! BACKSQL_ARBITRARY_KEY */
660 case LDAP_FILTER_PRESENT:
661 backsql_strfcat( &bsi->bsi_flt_where, "l",
662 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
670 bsi->bsi_flags |= BSQL_SF_FILTER_ENTRYUUID;
674 #ifdef BACKSQL_SYNCPROV
675 } else if ( ad == slap_schema.si_ad_entryCSN ) {
677 * TODO: introduce appropriate entryCSN filtering
678 * to support syncrepl as producer...
680 if ( !bsi->bsi_op->o_sync ) {
681 /* unsupported at present... */
682 bsi->bsi_status = LDAP_OTHER;
687 bsi->bsi_flags |= ( BSQL_SF_FILTER_ENTRYCSN | BSQL_SF_RETURN_ENTRYUUID);
689 /* if doing a syncrepl, try to return as much as possible,
690 * and always match the filter */
691 backsql_strfcat( &bsi->bsi_flt_where, "l",
692 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
694 /* save for later use in operational attributes */
695 /* FIXME: saves only the first occurrence, because
696 * the filter during updates is written as
697 * "(&(entryCSN<={contextCSN})(entryCSN>={oldContextCSN})({filter}))"
698 * so we want our fake entryCSN to match the greatest
701 if ( bsi->bsi_op->o_private == NULL ) {
702 bsi->bsi_op->o_private = &f->f_av_value;
704 bsi->bsi_status = LDAP_SUCCESS;
708 #endif /* BACKSQL_SYNCPROV */
710 } else if ( ad == slap_schema.si_ad_hasSubordinates || ad == NULL ) {
712 * FIXME: this is not robust; e.g. a filter
713 * '(!(hasSubordinates=TRUE))' fails because
714 * in SQL it would read 'NOT (1=1)' instead
716 * Note however that hasSubordinates is boolean,
717 * so a more appropriate filter would be
718 * '(hasSubordinates=FALSE)'
720 * A more robust search for hasSubordinates
721 * would * require joining the ldap_entries table
722 * selecting if there are descendants of the
725 backsql_strfcat( &bsi->bsi_flt_where, "l",
726 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
727 if ( ad == slap_schema.si_ad_hasSubordinates ) {
729 * instruct candidate selection algorithm
730 * and attribute list to try to detect
731 * if an entry has subordinates
733 bsi->bsi_flags |= BSQL_SF_FILTER_HASSUBORDINATE;
737 * clear attributes to fetch, to require ALL
738 * and try extended match on all attributes
740 backsql_attrlist_add( bsi, NULL );
747 * attribute inheritance:
749 if ( backsql_supad2at( bsi->bsi_oc, ad, &vat ) ) {
750 bsi->bsi_status = LDAP_OTHER;
756 /* search anyway; other parts of the filter
758 backsql_strfcat( &bsi->bsi_flt_where, "l",
759 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
760 bsi->bsi_status = LDAP_SUCCESS;
765 /* if required, open extra level of parens */
767 if ( vat[0]->bam_next || vat[1] ) {
768 backsql_strfcat( &bsi->bsi_flt_where, "c", '(' );
775 if ( backsql_process_filter_attr( bsi, f, vat[i] ) == -1 ) {
779 /* if more definitions of the same attr, apply */
780 if ( vat[i]->bam_next ) {
781 backsql_strfcat( &bsi->bsi_flt_where, "l",
782 STRLENOF( " OR " ), " OR " );
783 vat[i] = vat[i]->bam_next;
787 /* if more descendants of the same attr, apply */
790 backsql_strfcat( &bsi->bsi_flt_where, "l",
791 STRLENOF( " OR " ), " OR " );
795 /* if needed, close extra level of parens */
797 backsql_strfcat( &bsi->bsi_flt_where, "c", ')' );
807 Debug( LDAP_DEBUG_TRACE,
808 "<==backsql_process_filter() %s\n",
809 rc == 1 ? "succeeded" : "failed", 0, 0);
815 backsql_process_filter_eq( backsql_srch_info *bsi, backsql_at_map_rec *at,
816 int casefold, struct berval *filter_value )
819 * maybe we should check type of at->sel_expr here somehow,
820 * to know whether upper_func is applicable, but for now
821 * upper_func stuff is made for Oracle, where UPPER is
822 * safely applicable to NUMBER etc.
824 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
827 backsql_strfcat( &bsi->bsi_flt_where, "cbl",
830 (ber_len_t)STRLENOF( "='" ),
833 start = bsi->bsi_flt_where.bb_val.bv_len;
835 backsql_strfcat( &bsi->bsi_flt_where, "bl",
837 (ber_len_t)STRLENOF( /* (' */ "')" ),
840 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
843 backsql_strfcat( &bsi->bsi_flt_where, "cblbl",
846 (ber_len_t)STRLENOF( "='" ), "='",
848 (ber_len_t)STRLENOF( /* (' */ "')" ),
856 backsql_process_filter_like( backsql_srch_info *bsi, backsql_at_map_rec *at,
857 int casefold, struct berval *filter_value )
860 * maybe we should check type of at->sel_expr here somehow,
861 * to know whether upper_func is applicable, but for now
862 * upper_func stuff is made for Oracle, where UPPER is
863 * safely applicable to NUMBER etc.
865 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
868 backsql_strfcat( &bsi->bsi_flt_where, "cbl",
871 (ber_len_t)STRLENOF( " LIKE '%" ),
874 start = bsi->bsi_flt_where.bb_val.bv_len;
876 backsql_strfcat( &bsi->bsi_flt_where, "bl",
878 (ber_len_t)STRLENOF( /* (' */ "%')" ),
881 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
884 backsql_strfcat( &bsi->bsi_flt_where, "cblbl",
887 (ber_len_t)STRLENOF( " LIKE '%" ),
890 (ber_len_t)STRLENOF( /* (' */ "%')" ),
898 backsql_process_filter_attr( backsql_srch_info *bsi, Filter *f, backsql_at_map_rec *at )
900 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
902 struct berval *filter_value = NULL;
903 MatchingRule *matching_rule = NULL;
904 struct berval ordering = BER_BVC("<=");
906 Debug( LDAP_DEBUG_TRACE, "==>backsql_process_filter_attr(%s)\n",
907 at->bam_ad->ad_cname.bv_val, 0, 0 );
910 * need to add this attribute to list of attrs to load,
911 * so that we can do test_filter() later
913 backsql_attrlist_add( bsi, at->bam_ad );
915 backsql_merge_from_tbls( bsi, &at->bam_from_tbls );
917 if ( !BER_BVISNULL( &at->bam_join_where )
918 && strstr( bsi->bsi_join_where.bb_val.bv_val,
919 at->bam_join_where.bv_val ) == NULL )
921 backsql_strfcat( &bsi->bsi_join_where, "lb",
922 (ber_len_t)STRLENOF( " AND " ), " AND ",
923 &at->bam_join_where );
926 switch ( f->f_choice ) {
927 case LDAP_FILTER_EQUALITY:
928 filter_value = &f->f_av_value;
929 matching_rule = at->bam_ad->ad_type->sat_equality;
933 /* fail over into next case */
935 case LDAP_FILTER_EXT:
936 filter_value = &f->f_mra->ma_value;
937 matching_rule = f->f_mr_rule;
940 /* always uppercase strings by now */
941 #ifdef BACKSQL_UPPERCASE_FILTER
942 if ( SLAP_MR_ASSOCIATED( matching_rule,
943 bi->sql_caseIgnoreMatch ) )
944 #endif /* BACKSQL_UPPERCASE_FILTER */
949 if ( SLAP_MR_ASSOCIATED( matching_rule,
950 bi->sql_telephoneNumberMatch ) )
956 * to check for matching telephone numbers
957 * with intermized chars, e.g. val='1234'
960 * val LIKE '%1%2%3%4%'
963 bv.bv_len = 2 * filter_value->bv_len - 1;
964 bv.bv_val = ch_malloc( bv.bv_len + 1 );
966 bv.bv_val[ 0 ] = filter_value->bv_val[ 0 ];
967 for ( i = 1; i < filter_value->bv_len; i++ ) {
968 bv.bv_val[ 2 * i - 1 ] = '%';
969 bv.bv_val[ 2 * i ] = filter_value->bv_val[ i ];
971 bv.bv_val[ 2 * i - 1 ] = '\0';
973 (void)backsql_process_filter_like( bsi, at, casefold, &bv );
974 ch_free( bv.bv_val );
979 /* NOTE: this is required by objectClass inheritance
980 * and auxiliary objectClass use in filters for slightly
981 * more efficient candidate selection. */
982 /* FIXME: a bit too many specializations to deal with
983 * very specific cases... */
984 if ( at->bam_ad == slap_schema.si_ad_objectClass
985 || at->bam_ad == slap_schema.si_ad_structuralObjectClass )
987 backsql_strfcat( &bsi->bsi_flt_where, "lbl",
988 (ber_len_t)STRLENOF( "(ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */ ),
989 "(ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */,
991 (ber_len_t)STRLENOF( /* (' */ "')" ),
997 * maybe we should check type of at->sel_expr here somehow,
998 * to know whether upper_func is applicable, but for now
999 * upper_func stuff is made for Oracle, where UPPER is
1000 * safely applicable to NUMBER etc.
1002 (void)backsql_process_filter_eq( bsi, at, casefold, filter_value );
1005 case LDAP_FILTER_GE:
1006 ordering.bv_val = ">=";
1008 /* fall thru to next case */
1010 case LDAP_FILTER_LE:
1011 /* always uppercase strings by now */
1012 #ifdef BACKSQL_UPPERCASE_FILTER
1013 if ( SLAP_MR_ASSOCIATED( at->bam_ad->ad_type->sat_ordering,
1014 bi->sql_caseIgnoreMatch ) )
1015 #endif /* BACKSQL_UPPERCASE_FILTER */
1021 * FIXME: should we uppercase the operands?
1023 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
1026 backsql_strfcat( &bsi->bsi_flt_where, "cbbc",
1028 &at->bam_sel_expr_u,
1032 start = bsi->bsi_flt_where.bb_val.bv_len;
1034 backsql_strfcat( &bsi->bsi_flt_where, "bl",
1036 (ber_len_t)STRLENOF( /* (' */ "')" ),
1039 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
1042 backsql_strfcat( &bsi->bsi_flt_where, "cbbcbl",
1048 (ber_len_t)STRLENOF( /* (' */ "')" ),
1053 case LDAP_FILTER_PRESENT:
1054 backsql_strfcat( &bsi->bsi_flt_where, "lbl",
1055 (ber_len_t)STRLENOF( "NOT (" /* ) */),
1058 (ber_len_t)STRLENOF( /* ( */ " IS NULL)" ),
1059 /* ( */ " IS NULL)" );
1062 case LDAP_FILTER_SUBSTRINGS:
1063 backsql_process_sub_filter( bsi, f, at );
1066 case LDAP_FILTER_APPROX:
1067 /* we do our best */
1070 * maybe we should check type of at->sel_expr here somehow,
1071 * to know whether upper_func is applicable, but for now
1072 * upper_func stuff is made for Oracle, where UPPER is
1073 * safely applicable to NUMBER etc.
1075 (void)backsql_process_filter_like( bsi, at, 1, &f->f_av_value );
1079 /* unhandled filter type; should not happen */
1081 backsql_strfcat( &bsi->bsi_flt_where, "l",
1082 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
1087 Debug( LDAP_DEBUG_TRACE, "<==backsql_process_filter_attr(%s)\n",
1088 at->bam_ad->ad_cname.bv_val, 0, 0 );
1094 backsql_srch_query( backsql_srch_info *bsi, struct berval *query )
1096 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
1100 BER_BVZERO( query );
1102 Debug( LDAP_DEBUG_TRACE, "==>backsql_srch_query()\n", 0, 0, 0 );
1103 BER_BVZERO( &bsi->bsi_sel.bb_val );
1104 BER_BVZERO( &bsi->bsi_sel.bb_val );
1105 bsi->bsi_sel.bb_len = 0;
1106 BER_BVZERO( &bsi->bsi_from.bb_val );
1107 bsi->bsi_from.bb_len = 0;
1108 BER_BVZERO( &bsi->bsi_join_where.bb_val );
1109 bsi->bsi_join_where.bb_len = 0;
1110 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
1111 bsi->bsi_flt_where.bb_len = 0;
1113 backsql_strfcat( &bsi->bsi_sel, "lbcbc",
1114 (ber_len_t)STRLENOF( "SELECT DISTINCT ldap_entries.id," ),
1115 "SELECT DISTINCT ldap_entries.id,",
1116 &bsi->bsi_oc->bom_keytbl,
1118 &bsi->bsi_oc->bom_keycol,
1121 if ( !BER_BVISNULL( &bi->sql_strcast_func ) ) {
1122 backsql_strfcat( &bsi->bsi_sel, "blbl",
1123 &bi->sql_strcast_func,
1124 (ber_len_t)STRLENOF( "('" /* ') */ ),
1126 &bsi->bsi_oc->bom_oc->soc_cname,
1127 (ber_len_t)STRLENOF( /* (' */ "')" ),
1130 backsql_strfcat( &bsi->bsi_sel, "cbc",
1132 &bsi->bsi_oc->bom_oc->soc_cname,
1135 #ifdef BACKSQL_ALIASING_QUOTE
1136 backsql_strfcat( &bsi->bsi_sel, "lclcl",
1137 (ber_len_t)STRLENOF( " " BACKSQL_ALIASING ),
1138 " " BACKSQL_ALIASING,
1139 BACKSQL_ALIASING_QUOTE,
1140 (ber_len_t)STRLENOF( "objectClass" ),
1142 BACKSQL_ALIASING_QUOTE,
1143 (ber_len_t)STRLENOF( ",ldap_entries.dn " BACKSQL_ALIASING "dn" ),
1144 ",ldap_entries.dn " BACKSQL_ALIASING "dn" );
1145 #else /* ! BACKSQL_ALIASING_QUOTE */
1146 backsql_strfcat( &bsi->bsi_sel, "l",
1147 (ber_len_t)STRLENOF( " " BACKSQL_ALIASING "objectClass,ldap_entries.dn " BACKSQL_ALIASING "dn" ),
1148 " " BACKSQL_ALIASING "objectClass,ldap_entries.dn " BACKSQL_ALIASING "dn" );
1149 #endif /* ! BACKSQL_ALIASING_QUOTE */
1151 backsql_strfcat( &bsi->bsi_from, "lb",
1152 (ber_len_t)STRLENOF( " FROM ldap_entries," ),
1153 " FROM ldap_entries,",
1154 &bsi->bsi_oc->bom_keytbl );
1156 backsql_strfcat( &bsi->bsi_join_where, "lbcbl",
1157 (ber_len_t)STRLENOF( " WHERE " ), " WHERE ",
1158 &bsi->bsi_oc->bom_keytbl,
1160 &bsi->bsi_oc->bom_keycol,
1161 (ber_len_t)STRLENOF( "=ldap_entries.keyval AND ldap_entries.oc_map_id=? AND " ),
1162 "=ldap_entries.keyval AND ldap_entries.oc_map_id=? AND " );
1164 switch ( bsi->bsi_scope ) {
1165 case LDAP_SCOPE_BASE:
1166 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1167 backsql_strfcat( &bsi->bsi_join_where, "bl",
1168 &bi->sql_upper_func,
1169 (ber_len_t)STRLENOF( "(ldap_entries.dn)=?" ),
1170 "(ldap_entries.dn)=?" );
1172 backsql_strfcat( &bsi->bsi_join_where, "l",
1173 (ber_len_t)STRLENOF( "ldap_entries.dn=?" ),
1174 "ldap_entries.dn=?" );
1178 case BACKSQL_SCOPE_BASE_LIKE:
1179 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1180 backsql_strfcat( &bsi->bsi_join_where, "bl",
1181 &bi->sql_upper_func,
1182 (ber_len_t)STRLENOF( "(ldap_entries.dn) LIKE ?" ),
1183 "(ldap_entries.dn) LIKE ?" );
1185 backsql_strfcat( &bsi->bsi_join_where, "l",
1186 (ber_len_t)STRLENOF( "ldap_entries.dn LIKE ?" ),
1187 "ldap_entries.dn LIKE ?" );
1191 case LDAP_SCOPE_ONELEVEL:
1192 backsql_strfcat( &bsi->bsi_join_where, "l",
1193 (ber_len_t)STRLENOF( "ldap_entries.parent=?" ),
1194 "ldap_entries.parent=?" );
1197 #ifdef LDAP_SCOPE_SUBORDINATE
1198 case LDAP_SCOPE_SUBORDINATE:
1199 #endif /* LDAP_SCOPE_SUBORDINATE */
1200 case LDAP_SCOPE_SUBTREE:
1201 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1202 backsql_strfcat( &bsi->bsi_join_where, "bl",
1203 &bi->sql_upper_func,
1204 (ber_len_t)STRLENOF( "(ldap_entries.dn) LIKE ?" ),
1205 "(ldap_entries.dn) LIKE ?" );
1207 backsql_strfcat( &bsi->bsi_join_where, "l",
1208 (ber_len_t)STRLENOF( "ldap_entries.dn LIKE ?" ),
1209 "ldap_entries.dn LIKE ?" );
1218 rc = backsql_process_filter( bsi, bsi->bsi_filter );
1220 struct berbuf bb = BB_NULL;
1222 backsql_strfcat( &bb, "bbblb",
1223 &bsi->bsi_sel.bb_val,
1224 &bsi->bsi_from.bb_val,
1225 &bsi->bsi_join_where.bb_val,
1226 (ber_len_t)STRLENOF( " AND " ), " AND ",
1227 &bsi->bsi_flt_where.bb_val );
1231 } else if ( rc < 0 ) {
1233 * Indicates that there's no possible way the filter matches
1234 * anything. No need to issue the query
1236 free( query->bv_val );
1237 BER_BVZERO( query );
1240 free( bsi->bsi_sel.bb_val.bv_val );
1241 BER_BVZERO( &bsi->bsi_sel.bb_val );
1242 bsi->bsi_sel.bb_len = 0;
1243 free( bsi->bsi_from.bb_val.bv_val );
1244 BER_BVZERO( &bsi->bsi_from.bb_val );
1245 bsi->bsi_from.bb_len = 0;
1246 free( bsi->bsi_join_where.bb_val.bv_val );
1247 BER_BVZERO( &bsi->bsi_join_where.bb_val );
1248 bsi->bsi_join_where.bb_len = 0;
1249 free( bsi->bsi_flt_where.bb_val.bv_val );
1250 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
1251 bsi->bsi_flt_where.bb_len = 0;
1253 Debug( LDAP_DEBUG_TRACE, "<==backsql_srch_query() returns %s\n",
1254 query->bv_val ? query->bv_val : "NULL", 0, 0 );
1256 return ( rc <= 0 ? 1 : 0 );
1260 backsql_oc_get_candidates( void *v_oc, void *v_bsi )
1262 backsql_oc_map_rec *oc = v_oc;
1263 backsql_srch_info *bsi = v_bsi;
1264 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
1265 struct berval query;
1269 BACKSQL_ROW_NTS row;
1272 int n_candidates = bsi->bsi_n_candidates;
1275 * + 1 because we need room for '%';
1276 * + 1 because we need room for ',' for LDAP_SCOPE_SUBORDINATE;
1277 * this makes a subtree
1278 * search for a DN BACKSQL_MAX_DN_LEN long legal
1279 * if it returns that DN only
1281 char tmp_base_ndn[ BACKSQL_MAX_DN_LEN + 1 + 1 ];
1283 bsi->bsi_status = LDAP_SUCCESS;
1285 Debug( LDAP_DEBUG_TRACE, "==>backsql_oc_get_candidates(): oc=\"%s\"\n",
1286 BACKSQL_OC_NAME( oc ), 0, 0 );
1288 if ( bsi->bsi_n_candidates == -1 ) {
1289 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1290 "unchecked limit has been overcome\n", 0, 0, 0 );
1291 /* should never get here */
1293 bsi->bsi_status = LDAP_ADMINLIMIT_EXCEEDED;
1294 return BACKSQL_AVL_STOP;
1298 res = backsql_srch_query( bsi, &query );
1300 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1301 "error while constructing query for objectclass \"%s\"\n",
1302 oc->bom_oc->soc_cname.bv_val, 0, 0 );
1304 * FIXME: need to separate errors from legally
1305 * impossible filters
1307 switch ( bsi->bsi_status ) {
1309 case LDAP_UNDEFINED_TYPE:
1310 case LDAP_NO_SUCH_OBJECT:
1311 /* we are conservative... */
1313 bsi->bsi_status = LDAP_SUCCESS;
1315 return BACKSQL_AVL_CONTINUE;
1317 case LDAP_ADMINLIMIT_EXCEEDED:
1319 /* don't try any more */
1320 return BACKSQL_AVL_STOP;
1324 if ( BER_BVISNULL( &query ) ) {
1325 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1326 "could not construct query for objectclass \"%s\"\n",
1327 oc->bom_oc->soc_cname.bv_val, 0, 0 );
1328 bsi->bsi_status = LDAP_SUCCESS;
1329 return BACKSQL_AVL_CONTINUE;
1332 Debug( LDAP_DEBUG_TRACE, "Constructed query: %s\n",
1333 query.bv_val, 0, 0 );
1335 rc = backsql_Prepare( bsi->bsi_dbh, &sth, query.bv_val, 0 );
1336 free( query.bv_val );
1337 BER_BVZERO( &query );
1338 if ( rc != SQL_SUCCESS ) {
1339 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1340 "error preparing query\n", 0, 0, 0 );
1341 backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh, sth, rc );
1342 bsi->bsi_status = LDAP_OTHER;
1343 return BACKSQL_AVL_CONTINUE;
1346 Debug( LDAP_DEBUG_TRACE, "id: '%ld'\n", bsi->bsi_oc->bom_id, 0, 0 );
1348 rc = backsql_BindParamInt( sth, 1, SQL_PARAM_INPUT,
1349 &bsi->bsi_oc->bom_id );
1350 if ( rc != SQL_SUCCESS ) {
1351 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1352 "error binding objectclass id parameter\n", 0, 0, 0 );
1353 bsi->bsi_status = LDAP_OTHER;
1354 return BACKSQL_AVL_CONTINUE;
1357 switch ( bsi->bsi_scope ) {
1358 case LDAP_SCOPE_BASE:
1359 case BACKSQL_SCOPE_BASE_LIKE:
1361 * We do not accept DNs longer than BACKSQL_MAX_DN_LEN;
1362 * however this should be handled earlier
1364 if ( bsi->bsi_base_ndn->bv_len > BACKSQL_MAX_DN_LEN ) {
1365 bsi->bsi_status = LDAP_OTHER;
1366 return BACKSQL_AVL_CONTINUE;
1369 AC_MEMCPY( tmp_base_ndn, bsi->bsi_base_ndn->bv_val,
1370 bsi->bsi_base_ndn->bv_len + 1 );
1372 /* uppercase DN only if the stored DN can be uppercased
1374 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1375 ldap_pvt_str2upper( tmp_base_ndn );
1378 Debug( LDAP_DEBUG_TRACE, "(base)dn: \"%s\"\n",
1379 tmp_base_ndn, 0, 0 );
1381 rc = backsql_BindParamStr( sth, 2, SQL_PARAM_INPUT,
1382 tmp_base_ndn, BACKSQL_MAX_DN_LEN );
1383 if ( rc != SQL_SUCCESS ) {
1384 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1385 "error binding base_ndn parameter\n", 0, 0, 0 );
1386 backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh,
1388 bsi->bsi_status = LDAP_OTHER;
1389 return BACKSQL_AVL_CONTINUE;
1393 #ifdef LDAP_SCOPE_SUBORDINATE
1394 case LDAP_SCOPE_SUBORDINATE:
1395 #endif /* LDAP_SCOPE_SUBORDINATE */
1396 case LDAP_SCOPE_SUBTREE:
1399 * We do not accept DNs longer than BACKSQL_MAX_DN_LEN;
1400 * however this should be handled earlier
1402 if ( bsi->bsi_base_ndn->bv_len > BACKSQL_MAX_DN_LEN ) {
1403 bsi->bsi_status = LDAP_OTHER;
1404 return BACKSQL_AVL_CONTINUE;
1408 * Sets the parameters for the SQL built earlier
1409 * NOTE that all the databases could actually use
1410 * the TimesTen version, which would be cleaner
1411 * and would also eliminate the need for the
1412 * subtree_cond line in the configuration file.
1413 * For now, I'm leaving it the way it is,
1414 * so non-TimesTen databases use the original code.
1415 * But at some point this should get cleaned up.
1417 * If "dn" is being used, do a suffix search.
1418 * If "dn_ru" is being used, do a prefix search.
1420 if ( BACKSQL_HAS_LDAPINFO_DN_RU( bi ) ) {
1421 tmp_base_ndn[ 0 ] = '\0';
1423 for ( i = 0, j = bsi->bsi_base_ndn->bv_len - 1;
1425 tmp_base_ndn[ i ] = bsi->bsi_base_ndn->bv_val[ j ];
1428 #ifdef LDAP_SCOPE_SUBORDINATE
1429 if ( bsi->bsi_scope == LDAP_SCOPE_SUBORDINATE ) {
1430 tmp_base_ndn[ i++ ] = ',';
1432 #endif /* LDAP_SCOPE_SUBORDINATE */
1434 tmp_base_ndn[ i ] = '%';
1435 tmp_base_ndn[ i + 1 ] = '\0';
1440 tmp_base_ndn[ i++ ] = '%';
1442 #ifdef LDAP_SCOPE_SUBORDINATE
1443 if ( bsi->bsi_scope == LDAP_SCOPE_SUBORDINATE ) {
1444 tmp_base_ndn[ i++ ] = ',';
1446 #endif /* LDAP_SCOPE_SUBORDINATE */
1448 AC_MEMCPY( &tmp_base_ndn[ i ], bsi->bsi_base_ndn->bv_val,
1449 bsi->bsi_base_ndn->bv_len + 1 );
1452 /* uppercase DN only if the stored DN can be uppercased
1454 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1455 ldap_pvt_str2upper( tmp_base_ndn );
1458 #ifdef LDAP_SCOPE_SUBORDINATE
1459 if ( bsi->bsi_scope == LDAP_SCOPE_SUBORDINATE ) {
1460 Debug( LDAP_DEBUG_TRACE, "(children)dn: \"%s\"\n",
1461 tmp_base_ndn, 0, 0 );
1463 #endif /* LDAP_SCOPE_SUBORDINATE */
1465 Debug( LDAP_DEBUG_TRACE, "(sub)dn: \"%s\"\n",
1466 tmp_base_ndn, 0, 0 );
1469 rc = backsql_BindParamStr( sth, 2, SQL_PARAM_INPUT,
1470 tmp_base_ndn, BACKSQL_MAX_DN_LEN );
1471 if ( rc != SQL_SUCCESS ) {
1472 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1473 "error binding base_ndn parameter (2)\n",
1475 backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh,
1477 bsi->bsi_status = LDAP_OTHER;
1478 return BACKSQL_AVL_CONTINUE;
1483 case LDAP_SCOPE_ONELEVEL:
1484 assert( !BER_BVISNULL( &bsi->bsi_base_id.eid_ndn ) );
1486 #ifdef BACKSQL_ARBITRARY_KEY
1487 Debug( LDAP_DEBUG_TRACE, "(one)id: \"%s\"\n",
1488 bsi->bsi_base_id.eid_id.bv_val, 0, 0 );
1489 #else /* ! BACKSQL_ARBITRARY_KEY */
1490 Debug( LDAP_DEBUG_TRACE, "(one)id: '%lu'\n",
1491 bsi->bsi_base_id.eid_id, 0, 0 );
1492 #endif /* ! BACKSQL_ARBITRARY_KEY */
1493 rc = backsql_BindParamID( sth, 2, SQL_PARAM_INPUT,
1494 &bsi->bsi_base_id.eid_id );
1495 if ( rc != SQL_SUCCESS ) {
1496 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1497 "error binding base id parameter\n", 0, 0, 0 );
1498 bsi->bsi_status = LDAP_OTHER;
1499 return BACKSQL_AVL_CONTINUE;
1504 rc = SQLExecute( sth );
1505 if ( !BACKSQL_SUCCESS( rc ) ) {
1506 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1507 "error executing query\n", 0, 0, 0 );
1508 backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh, sth, rc );
1509 SQLFreeStmt( sth, SQL_DROP );
1510 bsi->bsi_status = LDAP_OTHER;
1511 return BACKSQL_AVL_CONTINUE;
1514 backsql_BindRowAsStrings( sth, &row );
1515 rc = SQLFetch( sth );
1516 for ( ; BACKSQL_SUCCESS( rc ); rc = SQLFetch( sth ) ) {
1517 struct berval dn, pdn, ndn;
1518 backsql_entryID *c_id = NULL;
1521 ber_str2bv( row.cols[ 3 ], 0, 0, &dn );
1523 if ( backsql_api_odbc2dn( bsi->bsi_op, bsi->bsi_rs, &dn ) ) {
1527 ret = dnPrettyNormal( NULL, &dn, &pdn, &ndn, NULL );
1528 if ( dn.bv_val != row.cols[ 3 ] ) {
1532 if ( ret != LDAP_SUCCESS ) {
1536 if ( bi->sql_baseObject && dn_match( &ndn, &bi->sql_baseObject->e_nname ) ) {
1542 c_id = (backsql_entryID *)ch_calloc( 1,
1543 sizeof( backsql_entryID ) );
1544 #ifdef BACKSQL_ARBITRARY_KEY
1545 ber_str2bv( row.cols[ 0 ], 0, 1, &c_id->eid_id );
1546 ber_str2bv( row.cols[ 1 ], 0, 1, &c_id->eid_keyval );
1547 #else /* ! BACKSQL_ARBITRARY_KEY */
1548 c_id->eid_id = strtol( row.cols[ 0 ], NULL, 0 );
1549 c_id->eid_keyval = strtol( row.cols[ 1 ], NULL, 0 );
1550 #endif /* ! BACKSQL_ARBITRARY_KEY */
1551 c_id->eid_oc_id = bsi->bsi_oc->bom_id;
1554 c_id->eid_ndn = ndn;
1556 /* append at end of list ... */
1557 c_id->eid_next = NULL;
1558 *bsi->bsi_id_listtail = c_id;
1559 bsi->bsi_id_listtail = &c_id->eid_next;
1561 #ifdef BACKSQL_ARBITRARY_KEY
1562 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1563 "added entry id=%s, keyval=%s dn=\"%s\"\n",
1564 c_id->eid_id.bv_val, c_id->eid_keyval.bv_val,
1566 #else /* ! BACKSQL_ARBITRARY_KEY */
1567 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1568 "added entry id=%ld, keyval=%ld dn=\"%s\"\n",
1569 c_id->eid_id, c_id->eid_keyval, row.cols[ 3 ] );
1570 #endif /* ! BACKSQL_ARBITRARY_KEY */
1572 /* count candidates, for unchecked limit */
1573 bsi->bsi_n_candidates--;
1574 if ( bsi->bsi_n_candidates == -1 ) {
1578 backsql_FreeRow( &row );
1579 SQLFreeStmt( sth, SQL_DROP );
1581 Debug( LDAP_DEBUG_TRACE, "<==backsql_oc_get_candidates(): %d\n",
1582 n_candidates - bsi->bsi_n_candidates, 0, 0 );
1584 return ( bsi->bsi_n_candidates == -1 ? BACKSQL_AVL_STOP : BACKSQL_AVL_CONTINUE );
1588 backsql_search( Operation *op, SlapReply *rs )
1590 backsql_info *bi = (backsql_info *)op->o_bd->be_private;
1593 Entry user_entry = { 0 };
1595 time_t stoptime = 0;
1596 backsql_srch_info bsi;
1597 backsql_entryID *eid = NULL;
1598 struct berval nbase = BER_BVNULL;
1600 manageDSAit = get_manageDSAit( op );
1602 Debug( LDAP_DEBUG_TRACE, "==>backsql_search(): "
1603 "base=\"%s\", filter=\"%s\", scope=%d,",
1604 op->o_req_ndn.bv_val,
1605 op->ors_filterstr.bv_val,
1607 Debug( LDAP_DEBUG_TRACE, " deref=%d, attrsonly=%d, "
1608 "attributes to load: %s\n",
1611 op->ors_attrs == NULL ? "all" : "custom list" );
1613 if ( op->o_req_ndn.bv_len > BACKSQL_MAX_DN_LEN ) {
1614 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1615 "search base length (%ld) exceeds max length (%d)\n",
1616 op->o_req_ndn.bv_len, BACKSQL_MAX_DN_LEN, 0 );
1618 * FIXME: a LDAP_NO_SUCH_OBJECT could be appropriate
1619 * since it is impossible that such a long DN exists
1622 rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
1623 send_ldap_result( op, rs );
1627 sres = backsql_get_db_conn( op, &dbh );
1628 if ( sres != LDAP_SUCCESS ) {
1629 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1630 "could not get connection handle - exiting\n",
1633 rs->sr_text = sres == LDAP_OTHER ? "SQL-backend error" : NULL;
1634 send_ldap_result( op, rs );
1638 /* compute it anyway; root does not use it */
1639 stoptime = op->o_time + op->ors_tlimit;
1641 nbase = op->o_req_ndn;
1642 if ( backsql_api_dn2odbc( op, rs, &nbase ) ) {
1643 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1644 "backsql_api_dn2odbc failed\n",
1646 rs->sr_err = LDAP_OTHER;
1647 rs->sr_text = "SQL-backend error";
1648 send_ldap_result( op, rs );
1653 rs->sr_err = backsql_init_search( &bsi, &nbase,
1655 op->ors_slimit, op->ors_tlimit,
1656 stoptime, op->ors_filter,
1657 dbh, op, rs, op->ors_attrs, 1 );
1658 if ( rs->sr_err != LDAP_SUCCESS ) {
1659 send_ldap_result( op, rs );
1663 bsi.bsi_n_candidates =
1664 ( op->ors_limit == NULL /* isroot == TRUE */ ? -2 :
1665 ( op->ors_limit->lms_s_unchecked == -1 ? -2 :
1666 ( op->ors_limit->lms_s_unchecked ) ) );
1668 switch ( bsi.bsi_scope ) {
1669 case LDAP_SCOPE_BASE:
1670 case BACKSQL_SCOPE_BASE_LIKE:
1672 * probably already found...
1674 bsi.bsi_id_list = &bsi.bsi_base_id;
1675 bsi.bsi_id_listtail = &bsi.bsi_base_id.eid_next;
1678 case LDAP_SCOPE_SUBTREE:
1680 * if baseObject is defined, and if it is the root
1681 * of the search, add it to the candidate list
1683 if ( bi->sql_baseObject && BACKSQL_IS_BASEOBJECT_ID( &bsi.bsi_base_id.eid_id ) )
1685 bsi.bsi_id_list = &bsi.bsi_base_id;
1686 bsi.bsi_id_listtail = &bsi.bsi_base_id.eid_next;
1693 * for each objectclass we try to construct query which gets IDs
1694 * of entries matching LDAP query filter and scope (or at least
1695 * candidates), and get the IDs
1697 avl_apply( bi->sql_oc_by_oc, backsql_oc_get_candidates,
1698 &bsi, BACKSQL_AVL_STOP, AVL_INORDER );
1701 if ( op->ors_limit != NULL /* isroot == FALSE */
1702 && op->ors_limit->lms_s_unchecked != -1
1703 && bsi.bsi_n_candidates == -1 )
1705 rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
1706 send_ldap_result( op, rs );
1711 * now we load candidate entries (only those attributes
1712 * mentioned in attrs and filter), test it against full filter
1713 * and then send to client; don't free entry_id if baseObject...
1715 for ( eid = bsi.bsi_id_list;
1717 eid = backsql_free_entryID( eid, eid == &bsi.bsi_base_id ? 0 : 1 ) )
1720 Attribute *a_hasSubordinate = NULL,
1721 *a_entryUUID = NULL,
1726 /* check for abandon */
1727 if ( op->o_abandon ) {
1731 /* check time limit */
1732 if ( op->ors_tlimit != SLAP_NO_LIMIT
1733 && slap_get_time() > stoptime )
1735 rs->sr_err = LDAP_TIMELIMIT_EXCEEDED;
1736 rs->sr_ctrls = NULL;
1737 rs->sr_ref = rs->sr_v2ref;
1738 rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS
1740 send_ldap_result( op, rs );
1744 #ifdef BACKSQL_ARBITRARY_KEY
1745 Debug(LDAP_DEBUG_TRACE, "backsql_search(): loading data "
1746 "for entry id=%s, oc_id=%ld, keyval=%s\n",
1747 eid->eid_id.bv_val, eid->eid_oc_id,
1748 eid->eid_keyval.bv_val );
1749 #else /* ! BACKSQL_ARBITRARY_KEY */
1750 Debug(LDAP_DEBUG_TRACE, "backsql_search(): loading data "
1751 "for entry id=%ld, oc_id=%ld, keyval=%ld\n",
1752 eid->eid_id, eid->eid_oc_id, eid->eid_keyval );
1753 #endif /* ! BACKSQL_ARBITRARY_KEY */
1756 switch ( op->ors_scope ) {
1757 case LDAP_SCOPE_BASE:
1758 case BACKSQL_SCOPE_BASE_LIKE:
1759 if ( !dn_match( &eid->eid_ndn, &op->o_req_ndn ) ) {
1764 case LDAP_SCOPE_ONE:
1766 struct berval rdn = eid->eid_ndn;
1768 rdn.bv_len -= op->o_req_ndn.bv_len + STRLENOF( "," );
1769 if ( !dnIsOneLevelRDN( &rdn ) ) {
1775 #ifdef LDAP_SCOPE_SUBORDINATE
1776 case LDAP_SCOPE_SUBORDINATE:
1777 /* discard the baseObject entry */
1778 if ( dn_match( &eid->eid_ndn, &op->o_req_ndn ) ) {
1782 #endif /* LDAP_SCOPE_SUBORDINATE */
1784 case LDAP_SCOPE_SUBTREE:
1785 /* FIXME: this should never fail... */
1786 if ( !dnIsSuffix( &eid->eid_ndn, &op->o_req_ndn ) ) {
1792 /* don't recollect baseObject ... */
1793 if ( BACKSQL_IS_BASEOBJECT_ID( &eid->eid_id ) ) {
1794 e = bi->sql_baseObject;
1797 bsi.bsi_e = &user_entry;
1798 rc = backsql_id2entry( &bsi, eid );
1799 if ( rc != LDAP_SUCCESS ) {
1800 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1801 "error %d in backsql_id2entry() "
1802 "- skipping\n", rc, 0, 0 );
1809 if ( !manageDSAit &&
1810 op->ors_scope != LDAP_SCOPE_BASE &&
1811 op->ors_scope != BACKSQL_SCOPE_BASE_LIKE &&
1812 is_entry_referral( e ) )
1816 refs = get_entry_referrals( op, e );
1818 backsql_srch_info bsi2 = { 0 };
1819 Entry user_entry2 = { 0 };
1821 /* retry with the full entry... */
1822 (void)backsql_init_search( &bsi2,
1826 dbh, op, rs, NULL, 0 );
1827 bsi2.bsi_e = &user_entry2;
1828 rc = backsql_id2entry( &bsi2, eid );
1829 if ( rc == LDAP_SUCCESS ) {
1830 if ( is_entry_referral( &user_entry2 ) )
1832 refs = get_entry_referrals( op,
1834 } /* else: FIXME: inconsistency! */
1835 entry_clean( &user_entry2 );
1840 rs->sr_ref = referral_rewrite( refs,
1844 ber_bvarray_free( refs );
1847 if ( !rs->sr_ref ) {
1848 rs->sr_text = "bad_referral object";
1852 rs->sr_err = LDAP_REFERRAL;
1853 rs->sr_matched = user_entry.e_name.bv_val;
1854 send_search_reference( op, rs );
1856 ber_bvarray_free( rs->sr_ref );
1858 rs->sr_matched = NULL;
1859 rs->sr_entry = NULL;
1865 * We use this flag since we need to parse the filter
1866 * anyway; we should have used the frontend API function
1867 * filter_has_subordinates()
1869 if ( bsi.bsi_flags & BSQL_SF_FILTER_HASSUBORDINATE ) {
1870 rc = backsql_has_children( bi, dbh, &e->e_nname );
1873 case LDAP_COMPARE_TRUE:
1874 case LDAP_COMPARE_FALSE:
1875 a_hasSubordinate = slap_operational_hasSubordinate( rc == LDAP_COMPARE_TRUE );
1876 if ( a_hasSubordinate != NULL ) {
1877 for ( ap = &user_entry.e_attrs;
1879 ap = &(*ap)->a_next );
1881 *ap = a_hasSubordinate;
1887 Debug(LDAP_DEBUG_TRACE,
1888 "backsql_search(): "
1889 "has_children failed( %d)\n",
1896 if ( bsi.bsi_flags & BSQL_SF_FILTER_ENTRYUUID ) {
1897 a_entryUUID = backsql_operational_entryUUID( bi, eid );
1898 if ( a_entryUUID != NULL ) {
1900 ap = &user_entry.e_attrs;
1903 for ( ; *ap; ap = &(*ap)->a_next );
1909 #ifdef BACKSQL_SYNCPROV
1910 if ( bsi.bsi_flags & BSQL_SF_FILTER_ENTRYCSN ) {
1911 a_entryCSN = backsql_operational_entryCSN( op );
1912 if ( a_entryCSN != NULL ) {
1914 ap = &user_entry.e_attrs;
1917 for ( ; *ap; ap = &(*ap)->a_next );
1922 #endif /* BACKSQL_SYNCPROV */
1924 if ( test_filter( op, e, op->ors_filter ) == LDAP_COMPARE_TRUE )
1926 rs->sr_attrs = op->ors_attrs;
1927 rs->sr_operational_attrs = NULL;
1929 if ( e == &user_entry ) {
1930 rs->sr_flags = REP_ENTRY_MODIFIABLE;
1932 sres = send_search_entry( op, rs );
1933 rs->sr_entry = NULL;
1934 rs->sr_attrs = NULL;
1935 rs->sr_operational_attrs = NULL;
1943 * FIXME: send_search_entry failed;
1947 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1948 "connection lost\n", 0, 0, 0 );
1954 entry_clean( &user_entry );
1957 if ( op->ors_slimit != SLAP_NO_LIMIT
1958 && rs->sr_nentries >= op->ors_slimit )
1960 rs->sr_err = LDAP_SIZELIMIT_EXCEEDED;
1961 send_ldap_result( op, rs );
1967 /* in case we got here accidentally */
1968 entry_clean( &user_entry );
1970 if ( rs->sr_nentries > 0 ) {
1971 rs->sr_ref = rs->sr_v2ref;
1972 rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS
1976 rs->sr_err = bsi.bsi_status;
1978 send_ldap_result( op, rs );
1980 if ( rs->sr_v2ref ) {
1981 ber_bvarray_free( rs->sr_v2ref );
1982 rs->sr_v2ref = NULL;
1985 #ifdef BACKSQL_SYNCPROV
1987 Operation op2 = *op;
1988 SlapReply rs2 = { 0 };
1990 slap_callback cb = { 0 };
1992 op2.o_tag = LDAP_REQ_ADD;
1993 op2.o_bd = select_backend( &op->o_bd->be_nsuffix[0], 0, 0 );
1995 op2.o_callback = &cb;
1997 e.e_name = op->o_bd->be_suffix[0];
1998 e.e_nname = op->o_bd->be_nsuffix[0];
2000 cb.sc_response = slap_null_cb;
2002 op2.o_bd->be_add( &op2, &rs2 );
2004 #endif /* BACKSQL_SYNCPROV */
2007 if ( !BER_BVISNULL( &bsi.bsi_base_id.eid_ndn ) ) {
2008 (void)backsql_free_entryID( &bsi.bsi_base_id, 0 );
2011 if ( bsi.bsi_attrs ) {
2012 ch_free( bsi.bsi_attrs );
2015 if ( !BER_BVISNULL( &nbase )
2016 && nbase.bv_val != op->o_req_ndn.bv_val )
2018 ch_free( nbase.bv_val );
2021 /* restore scope ... FIXME: this should be done before ANY
2022 * frontend call that uses op */
2023 if ( op->ors_scope == BACKSQL_SCOPE_BASE_LIKE ) {
2024 op->ors_scope = LDAP_SCOPE_BASE;
2027 Debug( LDAP_DEBUG_TRACE, "<==backsql_search()\n", 0, 0, 0 );
2031 /* return LDAP_SUCCESS IFF we can retrieve the specified entry.
2038 AttributeDescription *at,
2042 backsql_srch_info bsi;
2045 SlapReply rs = { 0 };
2046 AttributeName anlist[ 2 ];
2048 rc = backsql_get_db_conn( op, &dbh );
2054 anlist[ 0 ].an_name = at->ad_cname;
2055 anlist[ 0 ].an_desc = at;
2056 BER_BVZERO( &anlist[ 1 ].an_name );
2059 rc = backsql_init_search( &bsi,
2062 SLAP_NO_LIMIT, SLAP_NO_LIMIT, -1, NULL,
2063 dbh, op, &rs, at ? anlist : NULL, 1 );
2064 if ( rc != LDAP_SUCCESS ) {
2068 bsi.bsi_e = ch_malloc( sizeof( Entry ) );
2069 rc = backsql_id2entry( &bsi, &bsi.bsi_base_id );
2071 if ( !BER_BVISNULL( &bsi.bsi_base_id.eid_ndn ) ) {
2072 (void)backsql_free_entryID( &bsi.bsi_base_id, 0 );
2075 if ( rc == LDAP_SUCCESS ) {
2077 #if 0 /* not supported at present */
2078 /* find attribute values */
2079 if ( is_entry_alias( bsi.bsi_e ) ) {
2080 Debug( LDAP_DEBUG_ACL,
2081 "<= backsql_entry_get: entry is an alias\n",
2083 rc = LDAP_ALIAS_PROBLEM;
2084 goto return_results;
2088 if ( is_entry_referral( bsi.bsi_e ) ) {
2089 Debug( LDAP_DEBUG_ACL,
2090 "<= backsql_entry_get: entry is a referral\n",
2093 goto return_results;
2096 if ( oc && !is_entry_objectclass( bsi.bsi_e, oc, 0 ) ) {
2097 Debug( LDAP_DEBUG_ACL,
2098 "<= backsql_entry_get: "
2099 "failed to find objectClass\n",
2101 rc = LDAP_NO_SUCH_ATTRIBUTE;
2102 goto return_results;
2109 if ( rc != LDAP_SUCCESS ) {
2111 entry_free( bsi.bsi_e );