2 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
4 * Copyright 1999-2004 The OpenLDAP Foundation.
5 * Portions Copyright 1999 Dmitry Kovalev.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted only as authorized by the OpenLDAP
12 * A copy of this license is available in the file LICENSE in the
13 * top-level directory of the distribution or, alternatively, at
14 * <http://www.OpenLDAP.org/license.html>.
17 * This work was initially developed by Dmitry Kovalev for inclusion
18 * by OpenLDAP Software.
24 #include <sys/types.h>
25 #include "ac/string.h"
29 #include "proto-sql.h"
31 static int backsql_process_filter( backsql_srch_info *bsi, Filter *f );
32 static int backsql_process_filter_eq( backsql_srch_info *bsi,
33 backsql_at_map_rec *at,
34 int casefold, struct berval *filter_value );
35 static int backsql_process_filter_like( backsql_srch_info *bsi,
36 backsql_at_map_rec *at,
37 int casefold, struct berval *filter_value );
38 static int backsql_process_filter_attr( backsql_srch_info *bsi, Filter *f,
39 backsql_at_map_rec *at );
42 backsql_attrlist_add( backsql_srch_info *bsi, AttributeDescription *ad )
45 AttributeName *an = NULL;
47 if ( bsi->bsi_attrs == NULL ) {
52 * clear the list (retrieve all attrs)
55 ch_free( bsi->bsi_attrs );
56 bsi->bsi_attrs = NULL;
60 for ( ; !BER_BVISNULL( &bsi->bsi_attrs[ n_attrs ].an_name ); n_attrs++ ) {
61 an = &bsi->bsi_attrs[ n_attrs ];
63 Debug( LDAP_DEBUG_TRACE, "==>backsql_attrlist_add(): "
64 "attribute \"%s\" is in list\n",
65 an->an_name.bv_val, 0, 0 );
67 * We can live with strcmp because the attribute
68 * list has been normalized before calling be_search
70 if ( !BACKSQL_NCMP( &an->an_name, &ad->ad_cname ) ) {
75 Debug( LDAP_DEBUG_TRACE, "==>backsql_attrlist_add(): "
76 "adding \"%s\" to list\n", ad->ad_cname.bv_val, 0, 0 );
78 an = (AttributeName *)ch_realloc( bsi->bsi_attrs,
79 sizeof( AttributeName ) * ( n_attrs + 2 ) );
84 an[ n_attrs ].an_name = ad->ad_cname;
85 an[ n_attrs ].an_desc = ad;
86 BER_BVZERO( &an[ n_attrs + 1 ].an_name );
94 * Initializes the search structure.
96 * If get_base_id != 0, the field bsi_base_id is filled
97 * with the entryID of bsi_base_ndn; it must be freed
98 * by backsql_free_entryID() when no longer required.
100 * NOTE: base must be normalized
104 backsql_srch_info *bsi,
105 struct berval *nbase,
114 AttributeName *attrs,
118 int rc = LDAP_SUCCESS;
120 bsi->bsi_base_ndn = nbase;
121 BER_BVZERO( &bsi->bsi_base_id.eid_dn );
122 BER_BVZERO( &bsi->bsi_base_id.eid_ndn );
123 bsi->bsi_scope = scope;
124 bsi->bsi_slimit = slimit;
125 bsi->bsi_tlimit = tlimit;
126 bsi->bsi_filter = filter;
130 bsi->bsi_flags = BSQL_SF_NONE;
135 if ( attrs == NULL ) {
136 /* also add request for all operational */
137 bsi->bsi_attrs = NULL;
138 bsi->bsi_flags |= BSQL_SF_ALL_USER;
143 bsi->bsi_attrs = (AttributeName *)ch_calloc( 1,
144 sizeof( AttributeName ) );
145 BER_BVZERO( &bsi->bsi_attrs[ 0 ].an_name );
147 for ( p = attrs; !BER_BVISNULL( &p->an_name ); p++ ) {
149 * ignore "1.1"; handle "+"
151 if ( BACKSQL_NCMP( &p->an_name, &AllUser ) == 0 ) {
152 bsi->bsi_flags |= BSQL_SF_ALL_USER;
155 } else if ( BACKSQL_NCMP( &p->an_name, &AllOper ) == 0 ) {
156 bsi->bsi_flags |= BSQL_SF_ALL_OPER;
159 } else if ( BACKSQL_NCMP( &p->an_name, &NoAttrs ) == 0 ) {
162 } else if ( p->an_desc == slap_schema.si_ad_objectClass ) {
166 backsql_attrlist_add( bsi, p->an_desc );
170 /* add objectClass if not present,
171 * because it is required to understand
172 * if an entry is a referral, an alias
174 backsql_attrlist_add( bsi, slap_schema.si_ad_objectClass );
178 bsi->bsi_abandon = 0;
179 bsi->bsi_id_list = NULL;
180 bsi->bsi_id_listtail = &bsi->bsi_id_list;
181 bsi->bsi_n_candidates = 0;
182 bsi->bsi_stoptime = stoptime;
183 BER_BVZERO( &bsi->bsi_sel.bb_val );
184 bsi->bsi_sel.bb_len = 0;
185 BER_BVZERO( &bsi->bsi_from.bb_val );
186 bsi->bsi_from.bb_len = 0;
187 BER_BVZERO( &bsi->bsi_join_where.bb_val );
188 bsi->bsi_join_where.bb_len = 0;
189 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
190 bsi->bsi_flt_where.bb_len = 0;
191 bsi->bsi_filter_oc = NULL;
194 assert( op->o_bd->be_private );
196 rc = backsql_dn2id( (backsql_info *)op->o_bd->be_private,
197 &bsi->bsi_base_id, dbh, nbase );
200 return ( bsi->bsi_status = rc );
204 backsql_process_filter_list( backsql_srch_info *bsi, Filter *f, int op )
212 backsql_strfcat( &bsi->bsi_flt_where, "c", '(' /* ) */ );
215 res = backsql_process_filter( bsi, f );
218 * TimesTen : If the query has no answers,
219 * don't bother to run the query.
230 case LDAP_FILTER_AND:
231 backsql_strfcat( &bsi->bsi_flt_where, "l",
232 (ber_len_t)STRLENOF( " AND " ),
237 backsql_strfcat( &bsi->bsi_flt_where, "l",
238 (ber_len_t)STRLENOF( " OR " ),
244 backsql_strfcat( &bsi->bsi_flt_where, "c", /* ( */ ')' );
250 backsql_process_sub_filter( backsql_srch_info *bsi, Filter *f,
251 backsql_at_map_rec *at )
253 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
261 /* always uppercase strings by now */
262 #ifdef BACKSQL_UPPERCASE_FILTER
263 if ( SLAP_MR_ASSOCIATED( f->f_sub_desc->ad_type->sat_substr,
264 bi->sql_caseIgnoreMatch ) )
265 #endif /* BACKSQL_UPPERCASE_FILTER */
270 if ( SLAP_MR_ASSOCIATED( f->f_sub_desc->ad_type->sat_substr,
271 bi->sql_telephoneNumberMatch ) )
278 * to check for matching telephone numbers
279 * with intermixed chars, e.g. val='1234'
282 * val LIKE '%1%2%3%4%'
286 if ( f->f_sub_initial.bv_val ) {
287 bv.bv_len += f->f_sub_initial.bv_len;
289 if ( f->f_sub_any != NULL ) {
290 for ( a = 0; f->f_sub_any[ a ].bv_val != NULL; a++ ) {
291 bv.bv_len += f->f_sub_any[ a ].bv_len;
294 if ( f->f_sub_final.bv_val ) {
295 bv.bv_len += f->f_sub_final.bv_len;
297 bv.bv_len = 2 * bv.bv_len - 1;
298 bv.bv_val = ch_malloc( bv.bv_len + 1 );
301 if ( !BER_BVISNULL( &f->f_sub_initial ) ) {
302 bv.bv_val[ s ] = f->f_sub_initial.bv_val[ 0 ];
303 for ( i = 1; i < f->f_sub_initial.bv_len; i++ ) {
304 bv.bv_val[ s + 2 * i - 1 ] = '%';
305 bv.bv_val[ s + 2 * i ] = f->f_sub_initial.bv_val[ i ];
307 bv.bv_val[ s + 2 * i - 1 ] = '%';
311 if ( f->f_sub_any != NULL ) {
312 for ( a = 0; !BER_BVISNULL( &f->f_sub_any[ a ] ); a++ ) {
313 bv.bv_val[ s ] = f->f_sub_any[ a ].bv_val[ 0 ];
314 for ( i = 1; i < f->f_sub_any[ a ].bv_len; i++ ) {
315 bv.bv_val[ s + 2 * i - 1 ] = '%';
316 bv.bv_val[ s + 2 * i ] = f->f_sub_any[ a ].bv_val[ i ];
318 bv.bv_val[ s + 2 * i - 1 ] = '%';
323 if ( !BER_BVISNULL( &f->f_sub_final ) ) {
324 bv.bv_val[ s ] = f->f_sub_final.bv_val[ 0 ];
325 for ( i = 1; i < f->f_sub_final.bv_len; i++ ) {
326 bv.bv_val[ s + 2 * i - 1 ] = '%';
327 bv.bv_val[ s + 2 * i ] = f->f_sub_final.bv_val[ i ];
329 bv.bv_val[ s + 2 * i - 1 ] = '%';
333 bv.bv_val[ s - 1 ] = '\0';
335 (void)backsql_process_filter_like( bsi, at, casefold, &bv );
336 ch_free( bv.bv_val );
342 * When dealing with case-sensitive strings
343 * we may omit normalization; however, normalized
344 * SQL filters are more liberal.
347 backsql_strfcat( &bsi->bsi_flt_where, "c", '(' /* ) */ );
350 Debug( LDAP_DEBUG_TRACE, "backsql_process_sub_filter(%s):\n",
351 at->bam_ad->ad_cname.bv_val, 0, 0 );
352 Debug(LDAP_DEBUG_TRACE, " expr: '%s%s%s'\n", at->bam_sel_expr.bv_val,
353 at->bam_sel_expr_u.bv_val ? "' '" : "",
354 at->bam_sel_expr_u.bv_val ? at->bam_sel_expr_u.bv_val : "" );
355 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
357 * If a pre-upper-cased version of the column
358 * or a precompiled upper function exists, use it
360 backsql_strfcat( &bsi->bsi_flt_where,
363 (ber_len_t)STRLENOF( " LIKE '" ),
367 backsql_strfcat( &bsi->bsi_flt_where, "bl",
369 (ber_len_t)STRLENOF( " LIKE '" ), " LIKE '" );
372 if ( !BER_BVISNULL( &f->f_sub_initial ) ) {
376 Debug( LDAP_DEBUG_TRACE,
377 "==>backsql_process_sub_filter(%s): "
378 "sub_initial=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
379 f->f_sub_initial.bv_val, 0 );
380 #endif /* BACKSQL_TRACE */
382 start = bsi->bsi_flt_where.bb_val.bv_len;
383 backsql_strfcat( &bsi->bsi_flt_where, "b",
385 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
386 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
390 backsql_strfcat( &bsi->bsi_flt_where, "c", '%' );
392 if ( f->f_sub_any != NULL ) {
393 for ( i = 0; !BER_BVISNULL( &f->f_sub_any[ i ] ); i++ ) {
397 Debug( LDAP_DEBUG_TRACE,
398 "==>backsql_process_sub_filter(%s): "
399 "sub_any[%d]=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
400 i, f->f_sub_any[ i ].bv_val );
401 #endif /* BACKSQL_TRACE */
403 start = bsi->bsi_flt_where.bb_val.bv_len;
404 backsql_strfcat( &bsi->bsi_flt_where,
408 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
410 * Note: toupper('%') = '%'
412 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
417 if ( !BER_BVISNULL( &f->f_sub_final ) ) {
421 Debug( LDAP_DEBUG_TRACE,
422 "==>backsql_process_sub_filter(%s): "
423 "sub_final=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
424 f->f_sub_final.bv_val, 0 );
425 #endif /* BACKSQL_TRACE */
427 start = bsi->bsi_flt_where.bb_val.bv_len;
428 backsql_strfcat( &bsi->bsi_flt_where, "b",
430 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
431 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
435 backsql_strfcat( &bsi->bsi_flt_where, "l",
436 (ber_len_t)STRLENOF( /* (' */ "')" ), /* (' */ "')" );
442 backsql_merge_from_tbls( backsql_srch_info *bsi, struct berval *from_tbls )
444 if ( BER_BVISNULL( from_tbls ) ) {
448 if ( !BER_BVISNULL( &bsi->bsi_from.bb_val ) ) {
449 char *start, *end, *tmp;
451 tmp = ch_strdup( from_tbls->bv_val );
453 for ( start = tmp, end = strchr( start, ',' ); start; ) {
458 if ( strstr( bsi->bsi_from.bb_val.bv_val, start) == NULL )
460 backsql_strfcat( &bsi->bsi_from, "cs", ',', start );
464 /* in case there are spaces after the comma... */
465 for ( start = &end[1]; isspace( start[0] ); start++ );
467 end = strchr( start, ',' );
479 backsql_strfcat( &bsi->bsi_from, "b", from_tbls );
486 backsql_process_filter( backsql_srch_info *bsi, Filter *f )
488 backsql_at_map_rec **vat = NULL;
489 AttributeDescription *ad = NULL;
494 Debug( LDAP_DEBUG_TRACE, "==>backsql_process_filter()\n", 0, 0, 0 );
495 if ( f->f_choice == SLAPD_FILTER_COMPUTED ) {
496 Debug( LDAP_DEBUG_TRACE, "backsql_process_filter(): "
497 "invalid filter\n", 0, 0, 0 );
502 switch( f->f_choice ) {
504 rc = backsql_process_filter_list( bsi, f->f_or,
509 case LDAP_FILTER_AND:
510 rc = backsql_process_filter_list( bsi, f->f_and,
515 case LDAP_FILTER_NOT:
516 backsql_strfcat( &bsi->bsi_flt_where, "l",
517 (ber_len_t)STRLENOF( "NOT (" /* ) */ ),
519 rc = backsql_process_filter( bsi, f->f_not );
520 backsql_strfcat( &bsi->bsi_flt_where, "c", /* ( */ ')' );
524 case LDAP_FILTER_PRESENT:
528 case LDAP_FILTER_EXT:
529 ad = f->f_mra->ma_desc;
530 if ( f->f_mr_dnattrs ) {
532 * if dn attrs filtering is requested, better return
533 * success and let test_filter() deal with candidate
534 * selection; otherwise we'd need to set conditions
535 * on the contents of the DN, e.g. "SELECT ... FROM
536 * ldap_entries AS attributeName WHERE attributeName.dn
537 * like '%attributeName=value%'"
539 backsql_strfcat( &bsi->bsi_flt_where, "l",
540 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
541 bsi->bsi_status = LDAP_SUCCESS;
562 * Turn structuralObjectClass into objectClass
564 if ( ad == slap_schema.si_ad_objectClass
565 || ad == slap_schema.si_ad_structuralObjectClass )
568 * If the filter is LDAP_FILTER_PRESENT, then it's done;
569 * otherwise, let's see if we are lucky: filtering
570 * for "structural" objectclass or ancestor...
572 switch ( f->f_choice ) {
573 case LDAP_FILTER_EQUALITY:
575 ObjectClass *oc = oc_bvfind( &f->f_av_value );
578 Debug( LDAP_DEBUG_TRACE,
579 "backsql_process_filter(): "
580 "unknown objectClass \"%s\" "
582 f->f_av_value.bv_val, 0, 0 );
583 bsi->bsi_status = LDAP_OTHER;
589 * "structural" objectClass inheritance:
590 * - a search for "person" will also return
592 * - a search for "top" will return everything
594 if ( is_object_subclass( oc, bsi->bsi_oc->bom_oc ) ) {
595 static struct berval ldap_entry_objclasses = BER_BVC( "ldap_entry_objclasses" );
597 backsql_merge_from_tbls( bsi, &ldap_entry_objclasses );
599 backsql_strfcat( &bsi->bsi_flt_where, "lbl",
600 (ber_len_t)STRLENOF( "1=1 OR (ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */ ),
601 "1=1 OR (ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */,
602 &bsi->bsi_oc->bom_oc->soc_cname,
603 (ber_len_t)STRLENOF( /* (' */ "')" ),
605 bsi->bsi_status = LDAP_SUCCESS;
613 case LDAP_FILTER_PRESENT:
614 backsql_strfcat( &bsi->bsi_flt_where, "l",
615 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
616 bsi->bsi_status = LDAP_SUCCESS;
620 /* FIXME: LDAP_FILTER_EXT? */
623 Debug( LDAP_DEBUG_TRACE,
624 "backsql_process_filter(): "
625 "illegal/unhandled filter "
626 "on objectClass attribute",
628 bsi->bsi_status = LDAP_OTHER;
633 } else if ( ad == slap_schema.si_ad_entryUUID ) {
635 #ifdef BACKSQL_ARBITRARY_KEY
636 struct berval keyval;
637 #else /* ! BACKSQL_ARBITRARY_KEY */
638 unsigned long keyval;
639 char keyvalbuf[] = "18446744073709551615";
640 #endif /* ! BACKSQL_ARBITRARY_KEY */
642 switch ( f->f_choice ) {
643 case LDAP_FILTER_EQUALITY:
644 backsql_entryUUID_decode( &f->f_av_value, &oc_id, &keyval );
646 if ( oc_id != bsi->bsi_oc->bom_id ) {
647 bsi->bsi_status = LDAP_SUCCESS;
652 #ifdef BACKSQL_ARBITRARY_KEY
653 backsql_strfcat( &bsi->bsi_flt_where, "bcblbc",
654 &bsi->bsi_oc->bom_keytbl, '.',
655 &bsi->bsi_oc->bom_keycol,
656 STRLENOF( " LIKE '" ), " LIKE '",
658 #else /* ! BACKSQL_ARBITRARY_KEY */
659 snprintf( keyvalbuf, sizeof( keyvalbuf ), "%lu", keyval );
660 backsql_strfcat( &bsi->bsi_flt_where, "bcbcs",
661 &bsi->bsi_oc->bom_keytbl, '.',
662 &bsi->bsi_oc->bom_keycol, '=', keyvalbuf );
663 #endif /* ! BACKSQL_ARBITRARY_KEY */
666 case LDAP_FILTER_PRESENT:
667 backsql_strfcat( &bsi->bsi_flt_where, "l",
668 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
676 bsi->bsi_flags |= BSQL_SF_FILTER_ENTRYUUID;
680 #ifdef BACKSQL_SYNCPROV
681 } else if ( ad == slap_schema.si_ad_entryCSN ) {
683 * TODO: introduce appropriate entryCSN filtering
684 * to support syncrepl as producer...
686 if ( !bsi->bsi_op->o_sync ) {
687 /* unsupported at present... */
688 bsi->bsi_status = LDAP_OTHER;
693 bsi->bsi_flags |= ( BSQL_SF_FILTER_ENTRYCSN | BSQL_SF_RETURN_ENTRYUUID);
695 /* if doing a syncrepl, try to return as much as possible,
696 * and always match the filter */
697 backsql_strfcat( &bsi->bsi_flt_where, "l",
698 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
700 /* save for later use in operational attributes */
701 /* FIXME: saves only the first occurrence, because
702 * the filter during updates is written as
703 * "(&(entryCSN<={contextCSN})(entryCSN>={oldContextCSN})({filter}))"
704 * so we want our fake entryCSN to match the greatest
707 if ( bsi->bsi_op->o_private == NULL ) {
708 bsi->bsi_op->o_private = &f->f_av_value;
710 bsi->bsi_status = LDAP_SUCCESS;
714 #endif /* BACKSQL_SYNCPROV */
716 } else if ( ad == slap_schema.si_ad_hasSubordinates || ad == NULL ) {
718 * FIXME: this is not robust; e.g. a filter
719 * '(!(hasSubordinates=TRUE))' fails because
720 * in SQL it would read 'NOT (1=1)' instead
722 * Note however that hasSubordinates is boolean,
723 * so a more appropriate filter would be
724 * '(hasSubordinates=FALSE)'
726 * A more robust search for hasSubordinates
727 * would * require joining the ldap_entries table
728 * selecting if there are descendants of the
731 backsql_strfcat( &bsi->bsi_flt_where, "l",
732 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
733 if ( ad == slap_schema.si_ad_hasSubordinates ) {
735 * instruct candidate selection algorithm
736 * and attribute list to try to detect
737 * if an entry has subordinates
739 bsi->bsi_flags |= BSQL_SF_FILTER_HASSUBORDINATE;
743 * clear attributes to fetch, to require ALL
744 * and try extended match on all attributes
746 backsql_attrlist_add( bsi, NULL );
753 * attribute inheritance:
755 if ( backsql_supad2at( bsi->bsi_oc, ad, &vat ) ) {
756 bsi->bsi_status = LDAP_OTHER;
762 /* search anyway; other parts of the filter
764 backsql_strfcat( &bsi->bsi_flt_where, "l",
765 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
766 bsi->bsi_status = LDAP_SUCCESS;
771 /* if required, open extra level of parens */
773 if ( vat[0]->bam_next || vat[1] ) {
774 backsql_strfcat( &bsi->bsi_flt_where, "c", '(' );
781 if ( backsql_process_filter_attr( bsi, f, vat[i] ) == -1 ) {
785 /* if more definitions of the same attr, apply */
786 if ( vat[i]->bam_next ) {
787 backsql_strfcat( &bsi->bsi_flt_where, "l",
788 STRLENOF( " OR " ), " OR " );
789 vat[i] = vat[i]->bam_next;
793 /* if more descendants of the same attr, apply */
796 backsql_strfcat( &bsi->bsi_flt_where, "l",
797 STRLENOF( " OR " ), " OR " );
801 /* if needed, close extra level of parens */
803 backsql_strfcat( &bsi->bsi_flt_where, "c", ')' );
813 Debug( LDAP_DEBUG_TRACE,
814 "<==backsql_process_filter() %s\n",
815 rc == 1 ? "succeeded" : "failed", 0, 0);
821 backsql_process_filter_eq( backsql_srch_info *bsi, backsql_at_map_rec *at,
822 int casefold, struct berval *filter_value )
825 * maybe we should check type of at->sel_expr here somehow,
826 * to know whether upper_func is applicable, but for now
827 * upper_func stuff is made for Oracle, where UPPER is
828 * safely applicable to NUMBER etc.
830 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
833 backsql_strfcat( &bsi->bsi_flt_where, "cbl",
836 (ber_len_t)STRLENOF( "='" ),
839 start = bsi->bsi_flt_where.bb_val.bv_len;
841 backsql_strfcat( &bsi->bsi_flt_where, "bl",
843 (ber_len_t)STRLENOF( /* (' */ "')" ),
846 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
849 backsql_strfcat( &bsi->bsi_flt_where, "cblbl",
852 (ber_len_t)STRLENOF( "='" ), "='",
854 (ber_len_t)STRLENOF( /* (' */ "')" ),
862 backsql_process_filter_like( backsql_srch_info *bsi, backsql_at_map_rec *at,
863 int casefold, struct berval *filter_value )
866 * maybe we should check type of at->sel_expr here somehow,
867 * to know whether upper_func is applicable, but for now
868 * upper_func stuff is made for Oracle, where UPPER is
869 * safely applicable to NUMBER etc.
871 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
874 backsql_strfcat( &bsi->bsi_flt_where, "cbl",
877 (ber_len_t)STRLENOF( " LIKE '%" ),
880 start = bsi->bsi_flt_where.bb_val.bv_len;
882 backsql_strfcat( &bsi->bsi_flt_where, "bl",
884 (ber_len_t)STRLENOF( /* (' */ "%')" ),
887 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
890 backsql_strfcat( &bsi->bsi_flt_where, "cblbl",
893 (ber_len_t)STRLENOF( " LIKE '%" ),
896 (ber_len_t)STRLENOF( /* (' */ "%')" ),
904 backsql_process_filter_attr( backsql_srch_info *bsi, Filter *f, backsql_at_map_rec *at )
906 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
908 struct berval *filter_value = NULL;
909 MatchingRule *matching_rule = NULL;
910 struct berval ordering = BER_BVC("<=");
912 Debug( LDAP_DEBUG_TRACE, "==>backsql_process_filter_attr(%s)\n",
913 at->bam_ad->ad_cname.bv_val, 0, 0 );
916 * need to add this attribute to list of attrs to load,
917 * so that we can do test_filter() later
919 backsql_attrlist_add( bsi, at->bam_ad );
921 backsql_merge_from_tbls( bsi, &at->bam_from_tbls );
923 if ( !BER_BVISNULL( &at->bam_join_where )
924 && strstr( bsi->bsi_join_where.bb_val.bv_val,
925 at->bam_join_where.bv_val ) == NULL )
927 backsql_strfcat( &bsi->bsi_join_where, "lb",
928 (ber_len_t)STRLENOF( " AND " ), " AND ",
929 &at->bam_join_where );
932 switch ( f->f_choice ) {
933 case LDAP_FILTER_EQUALITY:
934 filter_value = &f->f_av_value;
935 matching_rule = at->bam_ad->ad_type->sat_equality;
939 /* fail over into next case */
941 case LDAP_FILTER_EXT:
942 filter_value = &f->f_mra->ma_value;
943 matching_rule = f->f_mr_rule;
946 /* always uppercase strings by now */
947 #ifdef BACKSQL_UPPERCASE_FILTER
948 if ( SLAP_MR_ASSOCIATED( matching_rule,
949 bi->sql_caseIgnoreMatch ) )
950 #endif /* BACKSQL_UPPERCASE_FILTER */
955 if ( SLAP_MR_ASSOCIATED( matching_rule,
956 bi->sql_telephoneNumberMatch ) )
962 * to check for matching telephone numbers
963 * with intermized chars, e.g. val='1234'
966 * val LIKE '%1%2%3%4%'
969 bv.bv_len = 2 * filter_value->bv_len - 1;
970 bv.bv_val = ch_malloc( bv.bv_len + 1 );
972 bv.bv_val[ 0 ] = filter_value->bv_val[ 0 ];
973 for ( i = 1; i < filter_value->bv_len; i++ ) {
974 bv.bv_val[ 2 * i - 1 ] = '%';
975 bv.bv_val[ 2 * i ] = filter_value->bv_val[ i ];
977 bv.bv_val[ 2 * i - 1 ] = '\0';
979 (void)backsql_process_filter_like( bsi, at, casefold, &bv );
980 ch_free( bv.bv_val );
985 /* NOTE: this is required by objectClass inheritance
986 * and auxiliary objectClass use in filters for slightly
987 * more efficient candidate selection. */
988 /* FIXME: a bit too many specializations to deal with
989 * very specific cases... */
990 if ( at->bam_ad == slap_schema.si_ad_objectClass
991 || at->bam_ad == slap_schema.si_ad_structuralObjectClass )
993 backsql_strfcat( &bsi->bsi_flt_where, "lbl",
994 (ber_len_t)STRLENOF( "(ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */ ),
995 "(ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */,
997 (ber_len_t)STRLENOF( /* (' */ "')" ),
1003 * maybe we should check type of at->sel_expr here somehow,
1004 * to know whether upper_func is applicable, but for now
1005 * upper_func stuff is made for Oracle, where UPPER is
1006 * safely applicable to NUMBER etc.
1008 (void)backsql_process_filter_eq( bsi, at, casefold, filter_value );
1011 case LDAP_FILTER_GE:
1012 ordering.bv_val = ">=";
1014 /* fall thru to next case */
1016 case LDAP_FILTER_LE:
1017 /* always uppercase strings by now */
1018 #ifdef BACKSQL_UPPERCASE_FILTER
1019 if ( SLAP_MR_ASSOCIATED( at->bam_ad->ad_type->sat_ordering,
1020 bi->sql_caseIgnoreMatch ) )
1021 #endif /* BACKSQL_UPPERCASE_FILTER */
1027 * FIXME: should we uppercase the operands?
1029 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
1032 backsql_strfcat( &bsi->bsi_flt_where, "cbbc",
1034 &at->bam_sel_expr_u,
1038 start = bsi->bsi_flt_where.bb_val.bv_len;
1040 backsql_strfcat( &bsi->bsi_flt_where, "bl",
1042 (ber_len_t)STRLENOF( /* (' */ "')" ),
1045 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
1048 backsql_strfcat( &bsi->bsi_flt_where, "cbbcbl",
1054 (ber_len_t)STRLENOF( /* (' */ "')" ),
1059 case LDAP_FILTER_PRESENT:
1060 backsql_strfcat( &bsi->bsi_flt_where, "lbl",
1061 (ber_len_t)STRLENOF( "NOT (" /* ) */),
1064 (ber_len_t)STRLENOF( /* ( */ " IS NULL)" ),
1065 /* ( */ " IS NULL)" );
1068 case LDAP_FILTER_SUBSTRINGS:
1069 backsql_process_sub_filter( bsi, f, at );
1072 case LDAP_FILTER_APPROX:
1073 /* we do our best */
1076 * maybe we should check type of at->sel_expr here somehow,
1077 * to know whether upper_func is applicable, but for now
1078 * upper_func stuff is made for Oracle, where UPPER is
1079 * safely applicable to NUMBER etc.
1081 (void)backsql_process_filter_like( bsi, at, 1, &f->f_av_value );
1085 /* unhandled filter type; should not happen */
1087 backsql_strfcat( &bsi->bsi_flt_where, "l",
1088 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
1093 Debug( LDAP_DEBUG_TRACE, "<==backsql_process_filter_attr(%s)\n",
1094 at->bam_ad->ad_cname.bv_val, 0, 0 );
1100 backsql_srch_query( backsql_srch_info *bsi, struct berval *query )
1102 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
1106 BER_BVZERO( query );
1108 Debug( LDAP_DEBUG_TRACE, "==>backsql_srch_query()\n", 0, 0, 0 );
1109 BER_BVZERO( &bsi->bsi_sel.bb_val );
1110 BER_BVZERO( &bsi->bsi_sel.bb_val );
1111 bsi->bsi_sel.bb_len = 0;
1112 BER_BVZERO( &bsi->bsi_from.bb_val );
1113 bsi->bsi_from.bb_len = 0;
1114 BER_BVZERO( &bsi->bsi_join_where.bb_val );
1115 bsi->bsi_join_where.bb_len = 0;
1116 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
1117 bsi->bsi_flt_where.bb_len = 0;
1119 backsql_strfcat( &bsi->bsi_sel, "lbcbc",
1120 (ber_len_t)STRLENOF( "SELECT DISTINCT ldap_entries.id," ),
1121 "SELECT DISTINCT ldap_entries.id,",
1122 &bsi->bsi_oc->bom_keytbl,
1124 &bsi->bsi_oc->bom_keycol,
1127 if ( !BER_BVISNULL( &bi->sql_strcast_func ) ) {
1128 backsql_strfcat( &bsi->bsi_sel, "blbl",
1129 &bi->sql_strcast_func,
1130 (ber_len_t)STRLENOF( "('" /* ') */ ),
1132 &bsi->bsi_oc->bom_oc->soc_cname,
1133 (ber_len_t)STRLENOF( /* (' */ "')" ),
1136 backsql_strfcat( &bsi->bsi_sel, "cbc",
1138 &bsi->bsi_oc->bom_oc->soc_cname,
1141 #ifdef BACKSQL_ALIASING_QUOTE
1142 backsql_strfcat( &bsi->bsi_sel, "lclcl",
1143 (ber_len_t)STRLENOF( " " BACKSQL_ALIASING ),
1144 " " BACKSQL_ALIASING,
1145 BACKSQL_ALIASING_QUOTE,
1146 (ber_len_t)STRLENOF( "objectClass" ),
1148 BACKSQL_ALIASING_QUOTE,
1149 (ber_len_t)STRLENOF( ",ldap_entries.dn " BACKSQL_ALIASING "dn" ),
1150 ",ldap_entries.dn " BACKSQL_ALIASING "dn" );
1151 #else /* ! BACKSQL_ALIASING_QUOTE */
1152 backsql_strfcat( &bsi->bsi_sel, "l",
1153 (ber_len_t)STRLENOF( " " BACKSQL_ALIASING "objectClass,ldap_entries.dn " BACKSQL_ALIASING "dn" ),
1154 " " BACKSQL_ALIASING "objectClass,ldap_entries.dn " BACKSQL_ALIASING "dn" );
1155 #endif /* ! BACKSQL_ALIASING_QUOTE */
1157 backsql_strfcat( &bsi->bsi_from, "lb",
1158 (ber_len_t)STRLENOF( " FROM ldap_entries," ),
1159 " FROM ldap_entries,",
1160 &bsi->bsi_oc->bom_keytbl );
1162 backsql_strfcat( &bsi->bsi_join_where, "lbcbl",
1163 (ber_len_t)STRLENOF( " WHERE " ), " WHERE ",
1164 &bsi->bsi_oc->bom_keytbl,
1166 &bsi->bsi_oc->bom_keycol,
1167 (ber_len_t)STRLENOF( "=ldap_entries.keyval AND ldap_entries.oc_map_id=? AND " ),
1168 "=ldap_entries.keyval AND ldap_entries.oc_map_id=? AND " );
1170 switch ( bsi->bsi_scope ) {
1171 case LDAP_SCOPE_BASE:
1172 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1173 backsql_strfcat( &bsi->bsi_join_where, "bl",
1174 &bi->sql_upper_func,
1175 (ber_len_t)STRLENOF( "(ldap_entries.dn)=?" ),
1176 "(ldap_entries.dn)=?" );
1178 backsql_strfcat( &bsi->bsi_join_where, "l",
1179 (ber_len_t)STRLENOF( "ldap_entries.dn=?" ),
1180 "ldap_entries.dn=?" );
1184 case BACKSQL_SCOPE_BASE_LIKE:
1185 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1186 backsql_strfcat( &bsi->bsi_join_where, "bl",
1187 &bi->sql_upper_func,
1188 (ber_len_t)STRLENOF( "(ldap_entries.dn) LIKE ?" ),
1189 "(ldap_entries.dn) LIKE ?" );
1191 backsql_strfcat( &bsi->bsi_join_where, "l",
1192 (ber_len_t)STRLENOF( "ldap_entries.dn LIKE ?" ),
1193 "ldap_entries.dn LIKE ?" );
1197 case LDAP_SCOPE_ONELEVEL:
1198 backsql_strfcat( &bsi->bsi_join_where, "l",
1199 (ber_len_t)STRLENOF( "ldap_entries.parent=?" ),
1200 "ldap_entries.parent=?" );
1203 #ifdef LDAP_SCOPE_SUBORDINATE
1204 case LDAP_SCOPE_SUBORDINATE:
1205 #endif /* LDAP_SCOPE_SUBORDINATE */
1206 case LDAP_SCOPE_SUBTREE:
1207 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1208 backsql_strfcat( &bsi->bsi_join_where, "bl",
1209 &bi->sql_upper_func,
1210 (ber_len_t)STRLENOF( "(ldap_entries.dn) LIKE ?" ),
1211 "(ldap_entries.dn) LIKE ?" );
1213 backsql_strfcat( &bsi->bsi_join_where, "l",
1214 (ber_len_t)STRLENOF( "ldap_entries.dn LIKE ?" ),
1215 "ldap_entries.dn LIKE ?" );
1224 rc = backsql_process_filter( bsi, bsi->bsi_filter );
1226 struct berbuf bb = BB_NULL;
1228 backsql_strfcat( &bb, "bbblb",
1229 &bsi->bsi_sel.bb_val,
1230 &bsi->bsi_from.bb_val,
1231 &bsi->bsi_join_where.bb_val,
1232 (ber_len_t)STRLENOF( " AND " ), " AND ",
1233 &bsi->bsi_flt_where.bb_val );
1237 } else if ( rc < 0 ) {
1239 * Indicates that there's no possible way the filter matches
1240 * anything. No need to issue the query
1242 free( query->bv_val );
1243 BER_BVZERO( query );
1246 free( bsi->bsi_sel.bb_val.bv_val );
1247 BER_BVZERO( &bsi->bsi_sel.bb_val );
1248 bsi->bsi_sel.bb_len = 0;
1249 free( bsi->bsi_from.bb_val.bv_val );
1250 BER_BVZERO( &bsi->bsi_from.bb_val );
1251 bsi->bsi_from.bb_len = 0;
1252 free( bsi->bsi_join_where.bb_val.bv_val );
1253 BER_BVZERO( &bsi->bsi_join_where.bb_val );
1254 bsi->bsi_join_where.bb_len = 0;
1255 free( bsi->bsi_flt_where.bb_val.bv_val );
1256 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
1257 bsi->bsi_flt_where.bb_len = 0;
1259 Debug( LDAP_DEBUG_TRACE, "<==backsql_srch_query() returns %s\n",
1260 query->bv_val ? query->bv_val : "NULL", 0, 0 );
1262 return ( rc <= 0 ? 1 : 0 );
1266 backsql_oc_get_candidates( void *v_oc, void *v_bsi )
1268 backsql_oc_map_rec *oc = v_oc;
1269 backsql_srch_info *bsi = v_bsi;
1270 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
1271 struct berval query;
1275 BACKSQL_ROW_NTS row;
1278 int n_candidates = bsi->bsi_n_candidates;
1281 * + 1 because we need room for '%';
1282 * + 1 because we need room for ',' for LDAP_SCOPE_SUBORDINATE;
1283 * this makes a subtree
1284 * search for a DN BACKSQL_MAX_DN_LEN long legal
1285 * if it returns that DN only
1287 char tmp_base_ndn[ BACKSQL_MAX_DN_LEN + 1 + 1 ];
1289 bsi->bsi_status = LDAP_SUCCESS;
1291 Debug( LDAP_DEBUG_TRACE, "==>backsql_oc_get_candidates(): oc=\"%s\"\n",
1292 BACKSQL_OC_NAME( oc ), 0, 0 );
1294 if ( bsi->bsi_n_candidates == -1 ) {
1295 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1296 "unchecked limit has been overcome\n", 0, 0, 0 );
1297 /* should never get here */
1299 bsi->bsi_status = LDAP_ADMINLIMIT_EXCEEDED;
1300 return BACKSQL_AVL_STOP;
1304 res = backsql_srch_query( bsi, &query );
1306 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1307 "error while constructing query for objectclass \"%s\"\n",
1308 oc->bom_oc->soc_cname.bv_val, 0, 0 );
1310 * FIXME: need to separate errors from legally
1311 * impossible filters
1313 switch ( bsi->bsi_status ) {
1315 case LDAP_UNDEFINED_TYPE:
1316 case LDAP_NO_SUCH_OBJECT:
1317 /* we are conservative... */
1319 bsi->bsi_status = LDAP_SUCCESS;
1321 return BACKSQL_AVL_CONTINUE;
1323 case LDAP_ADMINLIMIT_EXCEEDED:
1325 /* don't try any more */
1326 return BACKSQL_AVL_STOP;
1330 if ( BER_BVISNULL( &query ) ) {
1331 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1332 "could not construct query for objectclass \"%s\"\n",
1333 oc->bom_oc->soc_cname.bv_val, 0, 0 );
1334 bsi->bsi_status = LDAP_SUCCESS;
1335 return BACKSQL_AVL_CONTINUE;
1338 Debug( LDAP_DEBUG_TRACE, "Constructed query: %s\n",
1339 query.bv_val, 0, 0 );
1341 rc = backsql_Prepare( bsi->bsi_dbh, &sth, query.bv_val, 0 );
1342 free( query.bv_val );
1343 BER_BVZERO( &query );
1344 if ( rc != SQL_SUCCESS ) {
1345 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1346 "error preparing query\n", 0, 0, 0 );
1347 backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh, sth, rc );
1348 bsi->bsi_status = LDAP_OTHER;
1349 return BACKSQL_AVL_CONTINUE;
1352 Debug( LDAP_DEBUG_TRACE, "id: '%ld'\n", bsi->bsi_oc->bom_id, 0, 0 );
1354 rc = backsql_BindParamInt( sth, 1, SQL_PARAM_INPUT,
1355 &bsi->bsi_oc->bom_id );
1356 if ( rc != SQL_SUCCESS ) {
1357 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1358 "error binding objectclass id parameter\n", 0, 0, 0 );
1359 bsi->bsi_status = LDAP_OTHER;
1360 return BACKSQL_AVL_CONTINUE;
1363 switch ( bsi->bsi_scope ) {
1364 case LDAP_SCOPE_BASE:
1365 case BACKSQL_SCOPE_BASE_LIKE:
1367 * We do not accept DNs longer than BACKSQL_MAX_DN_LEN;
1368 * however this should be handled earlier
1370 if ( bsi->bsi_base_ndn->bv_len > BACKSQL_MAX_DN_LEN ) {
1371 bsi->bsi_status = LDAP_OTHER;
1372 return BACKSQL_AVL_CONTINUE;
1375 AC_MEMCPY( tmp_base_ndn, bsi->bsi_base_ndn->bv_val,
1376 bsi->bsi_base_ndn->bv_len + 1 );
1378 /* uppercase DN only if the stored DN can be uppercased
1380 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1381 ldap_pvt_str2upper( tmp_base_ndn );
1384 Debug( LDAP_DEBUG_TRACE, "(base)dn: \"%s\"\n",
1385 tmp_base_ndn, 0, 0 );
1387 rc = backsql_BindParamStr( sth, 2, SQL_PARAM_INPUT,
1388 tmp_base_ndn, BACKSQL_MAX_DN_LEN );
1389 if ( rc != SQL_SUCCESS ) {
1390 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1391 "error binding base_ndn parameter\n", 0, 0, 0 );
1392 backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh,
1394 bsi->bsi_status = LDAP_OTHER;
1395 return BACKSQL_AVL_CONTINUE;
1399 #ifdef LDAP_SCOPE_SUBORDINATE
1400 case LDAP_SCOPE_SUBORDINATE:
1401 #endif /* LDAP_SCOPE_SUBORDINATE */
1402 case LDAP_SCOPE_SUBTREE:
1405 * We do not accept DNs longer than BACKSQL_MAX_DN_LEN;
1406 * however this should be handled earlier
1408 if ( bsi->bsi_base_ndn->bv_len > BACKSQL_MAX_DN_LEN ) {
1409 bsi->bsi_status = LDAP_OTHER;
1410 return BACKSQL_AVL_CONTINUE;
1414 * Sets the parameters for the SQL built earlier
1415 * NOTE that all the databases could actually use
1416 * the TimesTen version, which would be cleaner
1417 * and would also eliminate the need for the
1418 * subtree_cond line in the configuration file.
1419 * For now, I'm leaving it the way it is,
1420 * so non-TimesTen databases use the original code.
1421 * But at some point this should get cleaned up.
1423 * If "dn" is being used, do a suffix search.
1424 * If "dn_ru" is being used, do a prefix search.
1426 if ( BACKSQL_HAS_LDAPINFO_DN_RU( bi ) ) {
1427 tmp_base_ndn[ 0 ] = '\0';
1429 for ( i = 0, j = bsi->bsi_base_ndn->bv_len - 1;
1431 tmp_base_ndn[ i ] = bsi->bsi_base_ndn->bv_val[ j ];
1434 #ifdef LDAP_SCOPE_SUBORDINATE
1435 if ( bsi->bsi_scope == LDAP_SCOPE_SUBORDINATE ) {
1436 tmp_base_ndn[ i++ ] = ',';
1438 #endif /* LDAP_SCOPE_SUBORDINATE */
1440 tmp_base_ndn[ i ] = '%';
1441 tmp_base_ndn[ i + 1 ] = '\0';
1446 tmp_base_ndn[ i++ ] = '%';
1448 #ifdef LDAP_SCOPE_SUBORDINATE
1449 if ( bsi->bsi_scope == LDAP_SCOPE_SUBORDINATE ) {
1450 tmp_base_ndn[ i++ ] = ',';
1452 #endif /* LDAP_SCOPE_SUBORDINATE */
1454 AC_MEMCPY( &tmp_base_ndn[ i ], bsi->bsi_base_ndn->bv_val,
1455 bsi->bsi_base_ndn->bv_len + 1 );
1458 /* uppercase DN only if the stored DN can be uppercased
1460 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1461 ldap_pvt_str2upper( tmp_base_ndn );
1464 #ifdef LDAP_SCOPE_SUBORDINATE
1465 if ( bsi->bsi_scope == LDAP_SCOPE_SUBORDINATE ) {
1466 Debug( LDAP_DEBUG_TRACE, "(children)dn: \"%s\"\n",
1467 tmp_base_ndn, 0, 0 );
1469 #endif /* LDAP_SCOPE_SUBORDINATE */
1471 Debug( LDAP_DEBUG_TRACE, "(sub)dn: \"%s\"\n",
1472 tmp_base_ndn, 0, 0 );
1475 rc = backsql_BindParamStr( sth, 2, SQL_PARAM_INPUT,
1476 tmp_base_ndn, BACKSQL_MAX_DN_LEN );
1477 if ( rc != SQL_SUCCESS ) {
1478 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1479 "error binding base_ndn parameter (2)\n",
1481 backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh,
1483 bsi->bsi_status = LDAP_OTHER;
1484 return BACKSQL_AVL_CONTINUE;
1489 case LDAP_SCOPE_ONELEVEL:
1490 assert( !BER_BVISNULL( &bsi->bsi_base_id.eid_ndn ) );
1492 #ifdef BACKSQL_ARBITRARY_KEY
1493 Debug( LDAP_DEBUG_TRACE, "(one)id: \"%s\"\n",
1494 bsi->bsi_base_id.eid_id.bv_val, 0, 0 );
1495 #else /* ! BACKSQL_ARBITRARY_KEY */
1496 Debug( LDAP_DEBUG_TRACE, "(one)id: '%lu'\n",
1497 bsi->bsi_base_id.eid_id, 0, 0 );
1498 #endif /* ! BACKSQL_ARBITRARY_KEY */
1499 rc = backsql_BindParamID( sth, 2, SQL_PARAM_INPUT,
1500 &bsi->bsi_base_id.eid_id );
1501 if ( rc != SQL_SUCCESS ) {
1502 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1503 "error binding base id parameter\n", 0, 0, 0 );
1504 bsi->bsi_status = LDAP_OTHER;
1505 return BACKSQL_AVL_CONTINUE;
1510 rc = SQLExecute( sth );
1511 if ( !BACKSQL_SUCCESS( rc ) ) {
1512 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1513 "error executing query\n", 0, 0, 0 );
1514 backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh, sth, rc );
1515 SQLFreeStmt( sth, SQL_DROP );
1516 bsi->bsi_status = LDAP_OTHER;
1517 return BACKSQL_AVL_CONTINUE;
1520 backsql_BindRowAsStrings( sth, &row );
1521 rc = SQLFetch( sth );
1522 for ( ; BACKSQL_SUCCESS( rc ); rc = SQLFetch( sth ) ) {
1523 struct berval dn, pdn, ndn;
1524 backsql_entryID *c_id = NULL;
1527 ber_str2bv( row.cols[ 3 ], 0, 0, &dn );
1529 if ( backsql_api_odbc2dn( bsi->bsi_op, bsi->bsi_rs, &dn ) ) {
1533 ret = dnPrettyNormal( NULL, &dn, &pdn, &ndn, NULL );
1534 if ( dn.bv_val != row.cols[ 3 ] ) {
1538 if ( ret != LDAP_SUCCESS ) {
1542 if ( bi->sql_baseObject && dn_match( &ndn, &bi->sql_baseObject->e_nname ) ) {
1548 c_id = (backsql_entryID *)ch_calloc( 1,
1549 sizeof( backsql_entryID ) );
1550 #ifdef BACKSQL_ARBITRARY_KEY
1551 ber_str2bv( row.cols[ 0 ], 0, 1, &c_id->eid_id );
1552 ber_str2bv( row.cols[ 1 ], 0, 1, &c_id->eid_keyval );
1553 #else /* ! BACKSQL_ARBITRARY_KEY */
1554 c_id->eid_id = strtol( row.cols[ 0 ], NULL, 0 );
1555 c_id->eid_keyval = strtol( row.cols[ 1 ], NULL, 0 );
1556 #endif /* ! BACKSQL_ARBITRARY_KEY */
1557 c_id->eid_oc_id = bsi->bsi_oc->bom_id;
1560 c_id->eid_ndn = ndn;
1562 /* append at end of list ... */
1563 c_id->eid_next = NULL;
1564 *bsi->bsi_id_listtail = c_id;
1565 bsi->bsi_id_listtail = &c_id->eid_next;
1567 #ifdef BACKSQL_ARBITRARY_KEY
1568 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1569 "added entry id=%s, keyval=%s dn=\"%s\"\n",
1570 c_id->eid_id.bv_val, c_id->eid_keyval.bv_val,
1572 #else /* ! BACKSQL_ARBITRARY_KEY */
1573 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1574 "added entry id=%ld, keyval=%ld dn=\"%s\"\n",
1575 c_id->eid_id, c_id->eid_keyval, row.cols[ 3 ] );
1576 #endif /* ! BACKSQL_ARBITRARY_KEY */
1578 /* count candidates, for unchecked limit */
1579 bsi->bsi_n_candidates--;
1580 if ( bsi->bsi_n_candidates == -1 ) {
1584 backsql_FreeRow( &row );
1585 SQLFreeStmt( sth, SQL_DROP );
1587 Debug( LDAP_DEBUG_TRACE, "<==backsql_oc_get_candidates(): %d\n",
1588 n_candidates - bsi->bsi_n_candidates, 0, 0 );
1590 return ( bsi->bsi_n_candidates == -1 ? BACKSQL_AVL_STOP : BACKSQL_AVL_CONTINUE );
1594 backsql_search( Operation *op, SlapReply *rs )
1596 backsql_info *bi = (backsql_info *)op->o_bd->be_private;
1599 Entry user_entry = { 0 };
1601 time_t stoptime = 0;
1602 backsql_srch_info bsi;
1603 backsql_entryID *eid = NULL;
1604 struct berval nbase = BER_BVNULL;
1606 manageDSAit = get_manageDSAit( op );
1608 Debug( LDAP_DEBUG_TRACE, "==>backsql_search(): "
1609 "base=\"%s\", filter=\"%s\", scope=%d,",
1610 op->o_req_ndn.bv_val,
1611 op->ors_filterstr.bv_val,
1613 Debug( LDAP_DEBUG_TRACE, " deref=%d, attrsonly=%d, "
1614 "attributes to load: %s\n",
1617 op->ors_attrs == NULL ? "all" : "custom list" );
1619 if ( op->o_req_ndn.bv_len > BACKSQL_MAX_DN_LEN ) {
1620 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1621 "search base length (%ld) exceeds max length (%d)\n",
1622 op->o_req_ndn.bv_len, BACKSQL_MAX_DN_LEN, 0 );
1624 * FIXME: a LDAP_NO_SUCH_OBJECT could be appropriate
1625 * since it is impossible that such a long DN exists
1628 rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
1629 send_ldap_result( op, rs );
1633 sres = backsql_get_db_conn( op, &dbh );
1634 if ( sres != LDAP_SUCCESS ) {
1635 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1636 "could not get connection handle - exiting\n",
1639 rs->sr_text = sres == LDAP_OTHER ? "SQL-backend error" : NULL;
1640 send_ldap_result( op, rs );
1644 /* compute it anyway; root does not use it */
1645 stoptime = op->o_time + op->ors_tlimit;
1647 nbase = op->o_req_ndn;
1648 if ( backsql_api_dn2odbc( op, rs, &nbase ) ) {
1649 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1650 "backsql_api_dn2odbc failed\n",
1652 rs->sr_err = LDAP_OTHER;
1653 rs->sr_text = "SQL-backend error";
1654 send_ldap_result( op, rs );
1659 rs->sr_err = backsql_init_search( &bsi, &nbase,
1661 op->ors_slimit, op->ors_tlimit,
1662 stoptime, op->ors_filter,
1663 dbh, op, rs, op->ors_attrs, 1 );
1664 if ( rs->sr_err != LDAP_SUCCESS ) {
1665 send_ldap_result( op, rs );
1669 bsi.bsi_n_candidates =
1670 ( op->ors_limit == NULL /* isroot == TRUE */ ? -2 :
1671 ( op->ors_limit->lms_s_unchecked == -1 ? -2 :
1672 ( op->ors_limit->lms_s_unchecked ) ) );
1674 switch ( bsi.bsi_scope ) {
1675 case LDAP_SCOPE_BASE:
1676 case BACKSQL_SCOPE_BASE_LIKE:
1678 * probably already found...
1680 bsi.bsi_id_list = &bsi.bsi_base_id;
1681 bsi.bsi_id_listtail = &bsi.bsi_base_id.eid_next;
1684 case LDAP_SCOPE_SUBTREE:
1686 * if baseObject is defined, and if it is the root
1687 * of the search, add it to the candidate list
1689 if ( bi->sql_baseObject && BACKSQL_IS_BASEOBJECT_ID( &bsi.bsi_base_id.eid_id ) )
1691 bsi.bsi_id_list = &bsi.bsi_base_id;
1692 bsi.bsi_id_listtail = &bsi.bsi_base_id.eid_next;
1699 * for each objectclass we try to construct query which gets IDs
1700 * of entries matching LDAP query filter and scope (or at least
1701 * candidates), and get the IDs
1703 avl_apply( bi->sql_oc_by_oc, backsql_oc_get_candidates,
1704 &bsi, BACKSQL_AVL_STOP, AVL_INORDER );
1707 if ( op->ors_limit != NULL /* isroot == FALSE */
1708 && op->ors_limit->lms_s_unchecked != -1
1709 && bsi.bsi_n_candidates == -1 )
1711 rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
1712 send_ldap_result( op, rs );
1717 * now we load candidate entries (only those attributes
1718 * mentioned in attrs and filter), test it against full filter
1719 * and then send to client; don't free entry_id if baseObject...
1721 for ( eid = bsi.bsi_id_list;
1723 eid = backsql_free_entryID( eid, eid == &bsi.bsi_base_id ? 0 : 1 ) )
1726 Attribute *a_hasSubordinate = NULL,
1727 *a_entryUUID = NULL,
1732 /* check for abandon */
1733 if ( op->o_abandon ) {
1737 /* check time limit */
1738 if ( op->ors_tlimit != SLAP_NO_LIMIT
1739 && slap_get_time() > stoptime )
1741 rs->sr_err = LDAP_TIMELIMIT_EXCEEDED;
1742 rs->sr_ctrls = NULL;
1743 rs->sr_ref = rs->sr_v2ref;
1744 rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS
1746 send_ldap_result( op, rs );
1750 #ifdef BACKSQL_ARBITRARY_KEY
1751 Debug(LDAP_DEBUG_TRACE, "backsql_search(): loading data "
1752 "for entry id=%s, oc_id=%ld, keyval=%s\n",
1753 eid->eid_id.bv_val, eid->eid_oc_id,
1754 eid->eid_keyval.bv_val );
1755 #else /* ! BACKSQL_ARBITRARY_KEY */
1756 Debug(LDAP_DEBUG_TRACE, "backsql_search(): loading data "
1757 "for entry id=%ld, oc_id=%ld, keyval=%ld\n",
1758 eid->eid_id, eid->eid_oc_id, eid->eid_keyval );
1759 #endif /* ! BACKSQL_ARBITRARY_KEY */
1762 switch ( op->ors_scope ) {
1763 case LDAP_SCOPE_BASE:
1764 case BACKSQL_SCOPE_BASE_LIKE:
1765 if ( !dn_match( &eid->eid_ndn, &op->o_req_ndn ) ) {
1770 case LDAP_SCOPE_ONE:
1772 struct berval rdn = eid->eid_ndn;
1774 rdn.bv_len -= op->o_req_ndn.bv_len + STRLENOF( "," );
1775 if ( !dnIsOneLevelRDN( &rdn ) ) {
1781 #ifdef LDAP_SCOPE_SUBORDINATE
1782 case LDAP_SCOPE_SUBORDINATE:
1783 /* discard the baseObject entry */
1784 if ( dn_match( &eid->eid_ndn, &op->o_req_ndn ) ) {
1788 #endif /* LDAP_SCOPE_SUBORDINATE */
1790 case LDAP_SCOPE_SUBTREE:
1791 /* FIXME: this should never fail... */
1792 if ( !dnIsSuffix( &eid->eid_ndn, &op->o_req_ndn ) ) {
1798 /* don't recollect baseObject ... */
1799 if ( BACKSQL_IS_BASEOBJECT_ID( &eid->eid_id ) ) {
1800 e = bi->sql_baseObject;
1803 bsi.bsi_e = &user_entry;
1804 rc = backsql_id2entry( &bsi, eid );
1805 if ( rc != LDAP_SUCCESS ) {
1806 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1807 "error %d in backsql_id2entry() "
1808 "- skipping\n", rc, 0, 0 );
1815 if ( !manageDSAit &&
1816 op->ors_scope != LDAP_SCOPE_BASE &&
1817 op->ors_scope != BACKSQL_SCOPE_BASE_LIKE &&
1818 is_entry_referral( e ) )
1822 refs = get_entry_referrals( op, e );
1824 backsql_srch_info bsi2 = { 0 };
1825 Entry user_entry2 = { 0 };
1827 /* retry with the full entry... */
1828 (void)backsql_init_search( &bsi2,
1832 dbh, op, rs, NULL, 0 );
1833 bsi2.bsi_e = &user_entry2;
1834 rc = backsql_id2entry( &bsi2, eid );
1835 if ( rc == LDAP_SUCCESS ) {
1836 if ( is_entry_referral( &user_entry2 ) )
1838 refs = get_entry_referrals( op,
1840 } /* else: FIXME: inconsistency! */
1841 entry_clean( &user_entry2 );
1846 rs->sr_ref = referral_rewrite( refs,
1850 ber_bvarray_free( refs );
1853 if ( !rs->sr_ref ) {
1854 rs->sr_text = "bad_referral object";
1858 rs->sr_err = LDAP_REFERRAL;
1859 rs->sr_matched = user_entry.e_name.bv_val;
1860 send_search_reference( op, rs );
1862 ber_bvarray_free( rs->sr_ref );
1864 rs->sr_matched = NULL;
1865 rs->sr_entry = NULL;
1871 * We use this flag since we need to parse the filter
1872 * anyway; we should have used the frontend API function
1873 * filter_has_subordinates()
1875 if ( bsi.bsi_flags & BSQL_SF_FILTER_HASSUBORDINATE ) {
1876 rc = backsql_has_children( bi, dbh, &e->e_nname );
1879 case LDAP_COMPARE_TRUE:
1880 case LDAP_COMPARE_FALSE:
1881 a_hasSubordinate = slap_operational_hasSubordinate( rc == LDAP_COMPARE_TRUE );
1882 if ( a_hasSubordinate != NULL ) {
1883 for ( ap = &user_entry.e_attrs;
1885 ap = &(*ap)->a_next );
1887 *ap = a_hasSubordinate;
1893 Debug(LDAP_DEBUG_TRACE,
1894 "backsql_search(): "
1895 "has_children failed( %d)\n",
1902 if ( bsi.bsi_flags & BSQL_SF_FILTER_ENTRYUUID ) {
1903 a_entryUUID = backsql_operational_entryUUID( bi, eid );
1904 if ( a_entryUUID != NULL ) {
1906 ap = &user_entry.e_attrs;
1909 for ( ; *ap; ap = &(*ap)->a_next );
1915 #ifdef BACKSQL_SYNCPROV
1916 if ( bsi.bsi_flags & BSQL_SF_FILTER_ENTRYCSN ) {
1917 a_entryCSN = backsql_operational_entryCSN( op );
1918 if ( a_entryCSN != NULL ) {
1920 ap = &user_entry.e_attrs;
1923 for ( ; *ap; ap = &(*ap)->a_next );
1928 #endif /* BACKSQL_SYNCPROV */
1930 if ( test_filter( op, e, op->ors_filter ) == LDAP_COMPARE_TRUE )
1932 rs->sr_attrs = op->ors_attrs;
1933 rs->sr_operational_attrs = NULL;
1935 if ( e == &user_entry ) {
1936 rs->sr_flags = REP_ENTRY_MODIFIABLE;
1938 sres = send_search_entry( op, rs );
1939 rs->sr_entry = NULL;
1940 rs->sr_attrs = NULL;
1941 rs->sr_operational_attrs = NULL;
1949 * FIXME: send_search_entry failed;
1953 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1954 "connection lost\n", 0, 0, 0 );
1960 entry_clean( &user_entry );
1963 if ( op->ors_slimit != SLAP_NO_LIMIT
1964 && rs->sr_nentries >= op->ors_slimit )
1966 rs->sr_err = LDAP_SIZELIMIT_EXCEEDED;
1967 send_ldap_result( op, rs );
1973 /* in case we got here accidentally */
1974 entry_clean( &user_entry );
1976 if ( rs->sr_nentries > 0 ) {
1977 rs->sr_ref = rs->sr_v2ref;
1978 rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS
1982 rs->sr_err = bsi.bsi_status;
1984 send_ldap_result( op, rs );
1986 if ( rs->sr_v2ref ) {
1987 ber_bvarray_free( rs->sr_v2ref );
1988 rs->sr_v2ref = NULL;
1991 #ifdef BACKSQL_SYNCPROV
1993 Operation op2 = *op;
1994 SlapReply rs2 = { 0 };
1996 slap_callback cb = { 0 };
1998 op2.o_tag = LDAP_REQ_ADD;
1999 op2.o_bd = select_backend( &op->o_bd->be_nsuffix[0], 0, 0 );
2001 op2.o_callback = &cb;
2003 e.e_name = op->o_bd->be_suffix[0];
2004 e.e_nname = op->o_bd->be_nsuffix[0];
2006 cb.sc_response = slap_null_cb;
2008 op2.o_bd->be_add( &op2, &rs2 );
2010 #endif /* BACKSQL_SYNCPROV */
2013 if ( !BER_BVISNULL( &bsi.bsi_base_id.eid_ndn ) ) {
2014 (void)backsql_free_entryID( &bsi.bsi_base_id, 0 );
2017 if ( bsi.bsi_attrs ) {
2018 ch_free( bsi.bsi_attrs );
2021 if ( !BER_BVISNULL( &nbase )
2022 && nbase.bv_val != op->o_req_ndn.bv_val )
2024 ch_free( nbase.bv_val );
2027 /* restore scope ... FIXME: this should be done before ANY
2028 * frontend call that uses op */
2029 if ( op->ors_scope == BACKSQL_SCOPE_BASE_LIKE ) {
2030 op->ors_scope = LDAP_SCOPE_BASE;
2033 Debug( LDAP_DEBUG_TRACE, "<==backsql_search()\n", 0, 0, 0 );
2037 /* return LDAP_SUCCESS IFF we can retrieve the specified entry.
2044 AttributeDescription *at,
2048 backsql_srch_info bsi;
2051 SlapReply rs = { 0 };
2052 AttributeName anlist[ 2 ];
2054 rc = backsql_get_db_conn( op, &dbh );
2060 anlist[ 0 ].an_name = at->ad_cname;
2061 anlist[ 0 ].an_desc = at;
2062 BER_BVZERO( &anlist[ 1 ].an_name );
2065 rc = backsql_init_search( &bsi,
2068 SLAP_NO_LIMIT, SLAP_NO_LIMIT, -1, NULL,
2069 dbh, op, &rs, at ? anlist : NULL, 1 );
2070 if ( rc != LDAP_SUCCESS ) {
2074 bsi.bsi_e = ch_malloc( sizeof( Entry ) );
2075 rc = backsql_id2entry( &bsi, &bsi.bsi_base_id );
2077 if ( !BER_BVISNULL( &bsi.bsi_base_id.eid_ndn ) ) {
2078 (void)backsql_free_entryID( &bsi.bsi_base_id, 0 );
2081 if ( rc == LDAP_SUCCESS ) {
2083 #if 0 /* not supported at present */
2084 /* find attribute values */
2085 if ( is_entry_alias( bsi.bsi_e ) ) {
2086 Debug( LDAP_DEBUG_ACL,
2087 "<= backsql_entry_get: entry is an alias\n",
2089 rc = LDAP_ALIAS_PROBLEM;
2090 goto return_results;
2094 if ( is_entry_referral( bsi.bsi_e ) ) {
2095 Debug( LDAP_DEBUG_ACL,
2096 "<= backsql_entry_get: entry is a referral\n",
2099 goto return_results;
2102 if ( oc && !is_entry_objectclass( bsi.bsi_e, oc, 0 ) ) {
2103 Debug( LDAP_DEBUG_ACL,
2104 "<= backsql_entry_get: "
2105 "failed to find objectClass\n",
2107 rc = LDAP_NO_SUCH_ATTRIBUTE;
2108 goto return_results;
2115 if ( rc != LDAP_SUCCESS ) {
2117 entry_free( bsi.bsi_e );