2 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
4 * Copyright 1999-2004 The OpenLDAP Foundation.
5 * Portions Copyright 1999 Dmitry Kovalev.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted only as authorized by the OpenLDAP
12 * A copy of this license is available in the file LICENSE in the
13 * top-level directory of the distribution or, alternatively, at
14 * <http://www.OpenLDAP.org/license.html>.
17 * This work was initially developed by Dmitry Kovalev for inclusion
18 * by OpenLDAP Software.
26 #include <sys/types.h>
27 #include "ac/string.h"
33 #include "proto-sql.h"
35 static int backsql_process_filter( backsql_srch_info *bsi, Filter *f );
36 static int backsql_process_filter_eq( backsql_srch_info *bsi,
37 backsql_at_map_rec *at,
38 int casefold, struct berval *filter_value );
39 static int backsql_process_filter_like( backsql_srch_info *bsi,
40 backsql_at_map_rec *at,
41 int casefold, struct berval *filter_value );
42 static int backsql_process_filter_attr( backsql_srch_info *bsi, Filter *f,
43 backsql_at_map_rec *at );
46 backsql_attrlist_add( backsql_srch_info *bsi, AttributeDescription *ad )
49 AttributeName *an = NULL;
51 if ( bsi->bsi_attrs == NULL ) {
56 * clear the list (retrieve all attrs)
59 ch_free( bsi->bsi_attrs );
60 bsi->bsi_attrs = NULL;
64 for ( ; !BER_BVISNULL( &bsi->bsi_attrs[ n_attrs ].an_name ); n_attrs++ ) {
65 an = &bsi->bsi_attrs[ n_attrs ];
67 Debug( LDAP_DEBUG_TRACE, "==>backsql_attrlist_add(): "
68 "attribute \"%s\" is in list\n",
69 an->an_name.bv_val, 0, 0 );
71 * We can live with strcmp because the attribute
72 * list has been normalized before calling be_search
74 if ( !BACKSQL_NCMP( &an->an_name, &ad->ad_cname ) ) {
79 Debug( LDAP_DEBUG_TRACE, "==>backsql_attrlist_add(): "
80 "adding \"%s\" to list\n", ad->ad_cname.bv_val, 0, 0 );
82 an = (AttributeName *)ch_realloc( bsi->bsi_attrs,
83 sizeof( AttributeName ) * ( n_attrs + 2 ) );
88 an[ n_attrs ].an_name = ad->ad_cname;
89 an[ n_attrs ].an_desc = ad;
90 BER_BVZERO( &an[ n_attrs + 1 ].an_name );
99 backsql_srch_info *bsi,
109 AttributeName *attrs )
113 bsi->bsi_base_dn = base;
114 bsi->bsi_scope = scope;
115 bsi->bsi_slimit = slimit;
116 bsi->bsi_tlimit = tlimit;
117 bsi->bsi_filter = filter;
126 if ( attrs == NULL || an_find( attrs, &AllUser ) ) {
127 bsi->bsi_attrs = NULL;
132 bsi->bsi_attrs = (AttributeName *)ch_calloc( 1,
133 sizeof( AttributeName ) );
134 BER_BVZERO( &bsi->bsi_attrs[ 0 ].an_name );
136 for ( p = attrs; !BER_BVISNULL( &p->an_name ); p++ ) {
138 * ignore "1.1"; handle "+"
140 if ( BACKSQL_NCMP( &p->an_name, &AllOper ) == 0 ) {
141 bsi->bsi_flags |= BSQL_SF_ALL_OPER;
144 } else if ( BACKSQL_NCMP( &p->an_name, &NoAttrs ) == 0 ) {
147 } else if ( p->an_desc == slap_schema.si_ad_objectClass ) {
151 backsql_attrlist_add( bsi, p->an_desc );
155 /* add objectClass if not present,
156 * because it is required to understand
157 * if an entry is a referral, an alias
159 backsql_attrlist_add( bsi, slap_schema.si_ad_objectClass );
163 bsi->bsi_abandon = 0;
164 bsi->bsi_id_list = NULL;
165 bsi->bsi_id_listtail = &bsi->bsi_id_list;
166 bsi->bsi_n_candidates = 0;
167 bsi->bsi_stoptime = stoptime;
168 BER_BVZERO( &bsi->bsi_sel.bb_val );
169 bsi->bsi_sel.bb_len = 0;
170 BER_BVZERO( &bsi->bsi_from.bb_val );
171 bsi->bsi_from.bb_len = 0;
172 BER_BVZERO( &bsi->bsi_join_where.bb_val );
173 bsi->bsi_join_where.bb_len = 0;
174 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
175 bsi->bsi_flt_where.bb_len = 0;
176 bsi->bsi_filter_oc = NULL;
178 bsi->bsi_status = LDAP_SUCCESS;
182 backsql_process_filter_list( backsql_srch_info *bsi, Filter *f, int op )
190 backsql_strfcat( &bsi->bsi_flt_where, "c", '(' /* ) */ );
193 res = backsql_process_filter( bsi, f );
196 * TimesTen : If the query has no answers,
197 * don't bother to run the query.
208 case LDAP_FILTER_AND:
209 backsql_strfcat( &bsi->bsi_flt_where, "l",
210 (ber_len_t)STRLENOF( " AND " ),
215 backsql_strfcat( &bsi->bsi_flt_where, "l",
216 (ber_len_t)STRLENOF( " OR " ),
222 backsql_strfcat( &bsi->bsi_flt_where, "c", /* ( */ ')' );
228 backsql_process_sub_filter( backsql_srch_info *bsi, Filter *f,
229 backsql_at_map_rec *at )
231 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
239 /* always uppercase strings by now */
240 #ifdef BACKSQL_UPPERCASE_FILTER
241 if ( SLAP_MR_ASSOCIATED( f->f_sub_desc->ad_type->sat_substr,
242 bi->bi_caseIgnoreMatch ) )
243 #endif /* BACKSQL_UPPERCASE_FILTER */
248 if ( SLAP_MR_ASSOCIATED( f->f_sub_desc->ad_type->sat_substr,
249 bi->bi_telephoneNumberMatch ) )
256 * to check for matching telephone numbers
257 * with intermixed chars, e.g. val='1234'
260 * val LIKE '%1%2%3%4%'
264 if ( f->f_sub_initial.bv_val ) {
265 bv.bv_len += f->f_sub_initial.bv_len;
267 if ( f->f_sub_any != NULL ) {
268 for ( a = 0; f->f_sub_any[ a ].bv_val != NULL; a++ ) {
269 bv.bv_len += f->f_sub_any[ a ].bv_len;
272 if ( f->f_sub_final.bv_val ) {
273 bv.bv_len += f->f_sub_final.bv_len;
275 bv.bv_len = 2 * bv.bv_len - 1;
276 bv.bv_val = ch_malloc( bv.bv_len + 1 );
279 if ( !BER_BVISNULL( &f->f_sub_initial ) ) {
280 bv.bv_val[ s ] = f->f_sub_initial.bv_val[ 0 ];
281 for ( i = 1; i < f->f_sub_initial.bv_len; i++ ) {
282 bv.bv_val[ s + 2 * i - 1 ] = '%';
283 bv.bv_val[ s + 2 * i ] = f->f_sub_initial.bv_val[ i ];
285 bv.bv_val[ s + 2 * i - 1 ] = '%';
289 if ( f->f_sub_any != NULL ) {
290 for ( a = 0; !BER_BVISNULL( &f->f_sub_any[ a ] ); a++ ) {
291 bv.bv_val[ s ] = f->f_sub_any[ a ].bv_val[ 0 ];
292 for ( i = 1; i < f->f_sub_any[ a ].bv_len; i++ ) {
293 bv.bv_val[ s + 2 * i - 1 ] = '%';
294 bv.bv_val[ s + 2 * i ] = f->f_sub_any[ a ].bv_val[ i ];
296 bv.bv_val[ s + 2 * i - 1 ] = '%';
301 if ( !BER_BVISNULL( &f->f_sub_final ) ) {
302 bv.bv_val[ s ] = f->f_sub_final.bv_val[ 0 ];
303 for ( i = 1; i < f->f_sub_final.bv_len; i++ ) {
304 bv.bv_val[ s + 2 * i - 1 ] = '%';
305 bv.bv_val[ s + 2 * i ] = f->f_sub_final.bv_val[ i ];
307 bv.bv_val[ s + 2 * i - 1 ] = '%';
311 bv.bv_val[ s - 1 ] = '\0';
313 (void)backsql_process_filter_like( bsi, at, casefold, &bv );
314 ch_free( bv.bv_val );
320 * When dealing with case-sensitive strings
321 * we may omit normalization; however, normalized
322 * SQL filters are more liberal.
325 backsql_strfcat( &bsi->bsi_flt_where, "c", '(' /* ) */ );
328 Debug( LDAP_DEBUG_TRACE, "backsql_process_sub_filter(%s):\n",
329 at->bam_ad->ad_cname.bv_val, 0, 0 );
330 Debug(LDAP_DEBUG_TRACE, " expr: '%s%s%s'\n", at->bam_sel_expr.bv_val,
331 at->bam_sel_expr_u.bv_val ? "' '" : "",
332 at->bam_sel_expr_u.bv_val ? at->bam_sel_expr_u.bv_val : "" );
333 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
335 * If a pre-upper-cased version of the column
336 * or a precompiled upper function exists, use it
338 backsql_strfcat( &bsi->bsi_flt_where,
341 (ber_len_t)STRLENOF( " LIKE '" ),
345 backsql_strfcat( &bsi->bsi_flt_where, "bl",
347 (ber_len_t)STRLENOF( " LIKE '" ), " LIKE '" );
350 if ( !BER_BVISNULL( &f->f_sub_initial ) ) {
354 Debug( LDAP_DEBUG_TRACE,
355 "==>backsql_process_sub_filter(%s): "
356 "sub_initial=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
357 f->f_sub_initial.bv_val, 0 );
358 #endif /* BACKSQL_TRACE */
360 start = bsi->bsi_flt_where.bb_val.bv_len;
361 backsql_strfcat( &bsi->bsi_flt_where, "b",
363 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
364 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
368 backsql_strfcat( &bsi->bsi_flt_where, "c", '%' );
370 if ( f->f_sub_any != NULL ) {
371 for ( i = 0; !BER_BVISNULL( &f->f_sub_any[ i ] ); i++ ) {
375 Debug( LDAP_DEBUG_TRACE,
376 "==>backsql_process_sub_filter(%s): "
377 "sub_any[%d]=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
378 i, f->f_sub_any[ i ].bv_val );
379 #endif /* BACKSQL_TRACE */
381 start = bsi->bsi_flt_where.bb_val.bv_len;
382 backsql_strfcat( &bsi->bsi_flt_where,
386 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
388 * Note: toupper('%') = '%'
390 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
395 if ( !BER_BVISNULL( &f->f_sub_final ) ) {
399 Debug( LDAP_DEBUG_TRACE,
400 "==>backsql_process_sub_filter(%s): "
401 "sub_final=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
402 f->f_sub_final.bv_val, 0 );
403 #endif /* BACKSQL_TRACE */
405 start = bsi->bsi_flt_where.bb_val.bv_len;
406 backsql_strfcat( &bsi->bsi_flt_where, "b",
408 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
409 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
413 backsql_strfcat( &bsi->bsi_flt_where, "l",
414 (ber_len_t)STRLENOF( /* (' */ "')" ), /* (' */ "')" );
420 backsql_merge_from_tbls( backsql_srch_info *bsi, struct berval *from_tbls )
422 if ( BER_BVISNULL( from_tbls ) ) {
426 if ( !BER_BVISNULL( &bsi->bsi_from.bb_val ) ) {
427 char *start, *end, *tmp;
429 tmp = ch_strdup( from_tbls->bv_val );
431 for ( start = tmp, end = strchr( start, ',' ); start; ) {
436 if ( strstr( bsi->bsi_from.bb_val.bv_val, start) == NULL )
438 backsql_strfcat( &bsi->bsi_from, "cs", ',', start );
442 /* in case there are spaces after the comma... */
443 for ( start = &end[1]; isspace( start[0] ); start++ );
445 end = strchr( start, ',' );
457 backsql_strfcat( &bsi->bsi_from, "b", from_tbls );
464 backsql_process_filter( backsql_srch_info *bsi, Filter *f )
466 backsql_at_map_rec **vat = NULL;
467 AttributeDescription *ad = NULL;
472 Debug( LDAP_DEBUG_TRACE, "==>backsql_process_filter()\n", 0, 0, 0 );
473 if ( f->f_choice == SLAPD_FILTER_COMPUTED ) {
474 Debug( LDAP_DEBUG_TRACE, "backsql_process_filter(): "
475 "invalid filter\n", 0, 0, 0 );
480 switch( f->f_choice ) {
482 rc = backsql_process_filter_list( bsi, f->f_or,
487 case LDAP_FILTER_AND:
488 rc = backsql_process_filter_list( bsi, f->f_and,
493 case LDAP_FILTER_NOT:
494 backsql_strfcat( &bsi->bsi_flt_where, "l",
495 (ber_len_t)STRLENOF( "NOT (" /* ) */ ),
497 rc = backsql_process_filter( bsi, f->f_not );
498 backsql_strfcat( &bsi->bsi_flt_where, "c", /* ( */ ')' );
502 case LDAP_FILTER_PRESENT:
506 case LDAP_FILTER_EXT:
507 ad = f->f_mra->ma_desc;
508 if ( f->f_mr_dnattrs ) {
510 * if dn attrs filtering is requested, better return
511 * success and let test_filter() deal with candidate
512 * selection; otherwise we'd need to set conditions
513 * on the contents of the DN, e.g. "SELECT ... FROM
514 * ldap_entries AS attributeName WHERE attributeName.dn
515 * like '%attributeName=value%'"
517 backsql_strfcat( &bsi->bsi_flt_where, "l",
518 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
519 bsi->bsi_status = LDAP_SUCCESS;
540 * Turn structuralObjectClass into objectClass
542 if ( ad == slap_schema.si_ad_objectClass
543 || ad == slap_schema.si_ad_structuralObjectClass ) {
545 * If the filter is LDAP_FILTER_PRESENT, then it's done;
546 * otherwise, let's see if we are lucky: filtering
547 * for "structural" objectclass or ancestor...
549 switch ( f->f_choice ) {
550 case LDAP_FILTER_EQUALITY:
552 ObjectClass *oc = oc_bvfind( &f->f_av_value );
555 Debug( LDAP_DEBUG_TRACE,
556 "backsql_process_filter(): "
557 "unknown objectClass \"%s\" "
559 f->f_av_value.bv_val, 0, 0 );
560 bsi->bsi_status = LDAP_OTHER;
566 * "structural" objectClass inheritance:
567 * - a search for "person" will also return
569 * - a search for "top" will return everything
571 if ( is_object_subclass( oc, bsi->bsi_oc->bom_oc ) ) {
572 static struct berval ldap_entry_objclasses = BER_BVC( "ldap_entry_objclasses" );
574 backsql_merge_from_tbls( bsi, &ldap_entry_objclasses );
576 backsql_strfcat( &bsi->bsi_flt_where, "lbl",
577 (ber_len_t)STRLENOF( "1=1 OR (ldap_entries.id=ldap_entry_objclasses.entry_id and ldap_entry_objclasses.oc_name='" /* ') */ ),
578 "1=1 OR (ldap_entries.id=ldap_entry_objclasses.entry_id and ldap_entry_objclasses.oc_name='" /* ') */,
579 &bsi->bsi_oc->bom_oc->soc_cname,
580 (ber_len_t)STRLENOF( /* (' */ "')" ),
582 bsi->bsi_status = LDAP_SUCCESS;
590 case LDAP_FILTER_PRESENT:
591 backsql_strfcat( &bsi->bsi_flt_where, "l",
592 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
593 bsi->bsi_status = LDAP_SUCCESS;
597 /* FIXME: LDAP_FILTER_EXT? */
600 Debug( LDAP_DEBUG_TRACE,
601 "backsql_process_filter(): "
602 "illegal/unhandled filter "
603 "on objectClass attribute",
605 bsi->bsi_status = LDAP_OTHER;
610 } else if ( ad == slap_schema.si_ad_hasSubordinates || ad == NULL ) {
612 * FIXME: this is not robust; e.g. a filter
613 * '(!(hasSubordinates=TRUE))' fails because
614 * in SQL it would read 'NOT (1=1)' instead
616 * Note however that hasSubordinates is boolean,
617 * so a more appropriate filter would be
618 * '(hasSubordinates=FALSE)'
620 * A more robust search for hasSubordinates
621 * would * require joining the ldap_entries table
622 * selecting if there are descendants of the
625 backsql_strfcat( &bsi->bsi_flt_where, "l",
626 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
627 if ( ad == slap_schema.si_ad_hasSubordinates ) {
629 * instruct candidate selection algorithm
630 * and attribute list to try to detect
631 * if an entry has subordinates
633 bsi->bsi_flags |= BSQL_SF_FILTER_HASSUBORDINATE;
637 * clear attributes to fetch, to require ALL
638 * and try extended match on all attributes
640 backsql_attrlist_add( bsi, NULL );
647 * attribute inheritance:
649 if ( backsql_supad2at( bsi->bsi_oc, ad, &vat ) ) {
650 bsi->bsi_status = LDAP_OTHER;
656 /* search anyway; other parts of the filter
658 backsql_strfcat( &bsi->bsi_flt_where, "l",
659 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
660 bsi->bsi_status = LDAP_SUCCESS;
665 /* if required, open extra level of parens */
667 if ( vat[0]->bam_next || vat[1] ) {
668 backsql_strfcat( &bsi->bsi_flt_where, "c", '(' );
675 if ( backsql_process_filter_attr( bsi, f, vat[i] ) == -1 ) {
679 /* if more definitions of the same attr, apply */
680 if ( vat[i]->bam_next ) {
681 backsql_strfcat( &bsi->bsi_flt_where, "l",
682 STRLENOF( " OR " ), " OR " );
683 vat[i] = vat[i]->bam_next;
687 /* if more descendants of the same attr, apply */
690 backsql_strfcat( &bsi->bsi_flt_where, "l",
691 STRLENOF( " OR " ), " OR " );
695 /* if needed, close extra level of parens */
697 backsql_strfcat( &bsi->bsi_flt_where, "c", ')' );
707 Debug( LDAP_DEBUG_TRACE,
708 "<==backsql_process_filter() %s\n",
709 rc == 1 ? "succeeded" : "failed", 0, 0);
715 backsql_process_filter_eq( backsql_srch_info *bsi, backsql_at_map_rec *at,
716 int casefold, struct berval *filter_value )
719 * maybe we should check type of at->sel_expr here somehow,
720 * to know whether upper_func is applicable, but for now
721 * upper_func stuff is made for Oracle, where UPPER is
722 * safely applicable to NUMBER etc.
724 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
727 backsql_strfcat( &bsi->bsi_flt_where, "cbl",
730 (ber_len_t)STRLENOF( "='" ),
733 start = bsi->bsi_flt_where.bb_val.bv_len;
735 backsql_strfcat( &bsi->bsi_flt_where, "bl",
737 (ber_len_t)STRLENOF( /* (' */ "')" ),
740 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
743 backsql_strfcat( &bsi->bsi_flt_where, "cblbl",
746 (ber_len_t)STRLENOF( "='" ), "='",
748 (ber_len_t)STRLENOF( /* (' */ "')" ),
756 backsql_process_filter_like( backsql_srch_info *bsi, backsql_at_map_rec *at,
757 int casefold, struct berval *filter_value )
760 * maybe we should check type of at->sel_expr here somehow,
761 * to know whether upper_func is applicable, but for now
762 * upper_func stuff is made for Oracle, where UPPER is
763 * safely applicable to NUMBER etc.
765 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
768 backsql_strfcat( &bsi->bsi_flt_where, "cbl",
771 (ber_len_t)STRLENOF( " LIKE '%" ),
774 start = bsi->bsi_flt_where.bb_val.bv_len;
776 backsql_strfcat( &bsi->bsi_flt_where, "bl",
778 (ber_len_t)STRLENOF( /* (' */ "%')" ),
781 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
784 backsql_strfcat( &bsi->bsi_flt_where, "cblbl",
787 (ber_len_t)STRLENOF( " LIKE '%" ),
790 (ber_len_t)STRLENOF( /* (' */ "%')" ),
798 backsql_process_filter_attr( backsql_srch_info *bsi, Filter *f, backsql_at_map_rec *at )
800 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
802 struct berval *filter_value = NULL;
803 MatchingRule *matching_rule = NULL;
804 struct berval ordering = BER_BVC("<=");
806 Debug( LDAP_DEBUG_TRACE, "==>backsql_process_filter_attr(%s)\n",
807 at->bam_ad->ad_cname.bv_val, 0, 0 );
810 * need to add this attribute to list of attrs to load,
811 * so that we can do test_filter() later
813 backsql_attrlist_add( bsi, at->bam_ad );
815 backsql_merge_from_tbls( bsi, &at->bam_from_tbls );
817 if ( !BER_BVISNULL( &at->bam_join_where )
818 && strstr( bsi->bsi_join_where.bb_val.bv_val,
819 at->bam_join_where.bv_val ) == NULL )
821 backsql_strfcat( &bsi->bsi_join_where, "lb",
822 (ber_len_t)STRLENOF( " AND " ), " AND ",
823 &at->bam_join_where );
826 switch ( f->f_choice ) {
827 case LDAP_FILTER_EQUALITY:
828 filter_value = &f->f_av_value;
829 matching_rule = at->bam_ad->ad_type->sat_equality;
833 /* fail over into next case */
835 case LDAP_FILTER_EXT:
836 filter_value = &f->f_mra->ma_value;
837 matching_rule = f->f_mr_rule;
840 /* always uppercase strings by now */
841 #ifdef BACKSQL_UPPERCASE_FILTER
842 if ( SLAP_MR_ASSOCIATED( matching_rule,
843 bi->bi_caseIgnoreMatch ) )
844 #endif /* BACKSQL_UPPERCASE_FILTER */
849 if ( SLAP_MR_ASSOCIATED( matching_rule,
850 bi->bi_telephoneNumberMatch ) )
856 * to check for matching telephone numbers
857 * with intermized chars, e.g. val='1234'
860 * val LIKE '%1%2%3%4%'
863 bv.bv_len = 2 * filter_value->bv_len - 1;
864 bv.bv_val = ch_malloc( bv.bv_len + 1 );
866 bv.bv_val[ 0 ] = filter_value->bv_val[ 0 ];
867 for ( i = 1; i < filter_value->bv_len; i++ ) {
868 bv.bv_val[ 2 * i - 1 ] = '%';
869 bv.bv_val[ 2 * i ] = filter_value->bv_val[ i ];
871 bv.bv_val[ 2 * i - 1 ] = '\0';
873 (void)backsql_process_filter_like( bsi, at, casefold, &bv );
874 ch_free( bv.bv_val );
880 * maybe we should check type of at->sel_expr here somehow,
881 * to know whether upper_func is applicable, but for now
882 * upper_func stuff is made for Oracle, where UPPER is
883 * safely applicable to NUMBER etc.
885 (void)backsql_process_filter_eq( bsi, at, casefold, filter_value );
889 ordering.bv_val = ">=";
891 /* fall thru to next case */
894 /* always uppercase strings by now */
895 #ifdef BACKSQL_UPPERCASE_FILTER
896 if ( SLAP_MR_ASSOCIATED( at->bam_ad->ad_type->sat_ordering,
897 bi->bi_caseIgnoreMatch ) )
898 #endif /* BACKSQL_UPPERCASE_FILTER */
904 * FIXME: should we uppercase the operands?
906 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
909 backsql_strfcat( &bsi->bsi_flt_where, "cbbc",
915 start = bsi->bsi_flt_where.bb_val.bv_len;
917 backsql_strfcat( &bsi->bsi_flt_where, "bl",
919 (ber_len_t)STRLENOF( /* (' */ "')" ),
922 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
925 backsql_strfcat( &bsi->bsi_flt_where, "cbbcbl",
931 (ber_len_t)STRLENOF( /* (' */ "')" ),
936 case LDAP_FILTER_PRESENT:
937 backsql_strfcat( &bsi->bsi_flt_where, "lbl",
938 (ber_len_t)STRLENOF( "NOT (" /* ) */),
941 (ber_len_t)STRLENOF( /* ( */ " IS NULL)" ),
942 /* ( */ " IS NULL)" );
945 case LDAP_FILTER_SUBSTRINGS:
946 backsql_process_sub_filter( bsi, f, at );
949 case LDAP_FILTER_APPROX:
953 * maybe we should check type of at->sel_expr here somehow,
954 * to know whether upper_func is applicable, but for now
955 * upper_func stuff is made for Oracle, where UPPER is
956 * safely applicable to NUMBER etc.
958 (void)backsql_process_filter_like( bsi, at, 1, &f->f_av_value );
962 /* unhandled filter type; should not happen */
964 backsql_strfcat( &bsi->bsi_flt_where, "l",
965 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
970 Debug( LDAP_DEBUG_TRACE, "<==backsql_process_filter_attr(%s)\n",
971 at->bam_ad->ad_cname.bv_val, 0, 0 );
977 backsql_srch_query( backsql_srch_info *bsi, struct berval *query )
979 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
985 Debug( LDAP_DEBUG_TRACE, "==>backsql_srch_query()\n", 0, 0, 0 );
986 BER_BVZERO( &bsi->bsi_sel.bb_val );
987 BER_BVZERO( &bsi->bsi_sel.bb_val );
988 bsi->bsi_sel.bb_len = 0;
989 BER_BVZERO( &bsi->bsi_from.bb_val );
990 bsi->bsi_from.bb_len = 0;
991 BER_BVZERO( &bsi->bsi_join_where.bb_val );
992 bsi->bsi_join_where.bb_len = 0;
993 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
994 bsi->bsi_flt_where.bb_len = 0;
996 backsql_strfcat( &bsi->bsi_sel, "lbcbc",
997 (ber_len_t)STRLENOF( "SELECT DISTINCT ldap_entries.id," ),
998 "SELECT DISTINCT ldap_entries.id,",
999 &bsi->bsi_oc->bom_keytbl,
1001 &bsi->bsi_oc->bom_keycol,
1004 if ( !BER_BVISNULL( &bi->strcast_func ) ) {
1005 backsql_strfcat( &bsi->bsi_sel, "blbl",
1007 (ber_len_t)STRLENOF( "('" /* ') */ ),
1009 &bsi->bsi_oc->bom_oc->soc_cname,
1010 (ber_len_t)STRLENOF( /* (' */ "')" ),
1013 backsql_strfcat( &bsi->bsi_sel, "cbc",
1015 &bsi->bsi_oc->bom_oc->soc_cname,
1018 #ifdef BACKSQL_ALIASING_QUOTE
1019 backsql_strfcat( &bsi->bsi_sel, "lclcl",
1020 (ber_len_t)STRLENOF( " " BACKSQL_ALIASING ),
1021 " " BACKSQL_ALIASING,
1022 BACKSQL_ALIASING_QUOTE,
1023 (ber_len_t)STRLENOF( "objectClass" ),
1025 BACKSQL_ALIASING_QUOTE,
1026 (ber_len_t)STRLENOF( ",ldap_entries.dn " BACKSQL_ALIASING "dn" ),
1027 ",ldap_entries.dn " BACKSQL_ALIASING "dn" );
1028 #else /* ! BACKSQL_ALIASING_QUOTE */
1029 backsql_strfcat( &bsi->bsi_sel, "l",
1030 (ber_len_t)STRLENOF( " " BACKSQL_ALIASING "objectClass,ldap_entries.dn " BACKSQL_ALIASING "dn" ),
1031 " " BACKSQL_ALIASING "objectClass,ldap_entries.dn " BACKSQL_ALIASING "dn" );
1032 #endif /* ! BACKSQL_ALIASING_QUOTE */
1034 backsql_strfcat( &bsi->bsi_from, "lb",
1035 (ber_len_t)STRLENOF( " FROM ldap_entries," ),
1036 " FROM ldap_entries,",
1037 &bsi->bsi_oc->bom_keytbl );
1039 backsql_strfcat( &bsi->bsi_join_where, "lbcbl",
1040 (ber_len_t)STRLENOF( " WHERE " ), " WHERE ",
1041 &bsi->bsi_oc->bom_keytbl,
1043 &bsi->bsi_oc->bom_keycol,
1044 (ber_len_t)STRLENOF( "=ldap_entries.keyval AND ldap_entries.oc_map_id=? AND " ),
1045 "=ldap_entries.keyval AND ldap_entries.oc_map_id=? AND " );
1047 switch ( bsi->bsi_scope ) {
1048 case LDAP_SCOPE_BASE:
1049 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1050 backsql_strfcat( &bsi->bsi_join_where, "bl",
1052 (ber_len_t)STRLENOF( "(ldap_entries.dn)=?" ),
1053 "(ldap_entries.dn)=?" );
1055 backsql_strfcat( &bsi->bsi_join_where, "l",
1056 (ber_len_t)STRLENOF( "ldap_entries.dn=?" ),
1057 "ldap_entries.dn=?" );
1061 case BACKSQL_SCOPE_BASE_LIKE:
1062 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1063 backsql_strfcat( &bsi->bsi_join_where, "bl",
1065 (ber_len_t)STRLENOF( "(ldap_entries.dn) LIKE ?" ),
1066 "(ldap_entries.dn) LIKE ?" );
1068 backsql_strfcat( &bsi->bsi_join_where, "l",
1069 (ber_len_t)STRLENOF( "ldap_entries.dn LIKE ?" ),
1070 "ldap_entries.dn LIKE ?" );
1074 case LDAP_SCOPE_ONELEVEL:
1075 backsql_strfcat( &bsi->bsi_join_where, "l",
1076 (ber_len_t)STRLENOF( "ldap_entries.parent=?" ),
1077 "ldap_entries.parent=?" );
1080 case LDAP_SCOPE_SUBTREE:
1081 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1082 backsql_strfcat( &bsi->bsi_join_where, "bl",
1084 (ber_len_t)STRLENOF( "(ldap_entries.dn) LIKE ?" ),
1085 "(ldap_entries.dn) LIKE ?" );
1087 backsql_strfcat( &bsi->bsi_join_where, "l",
1088 (ber_len_t)STRLENOF( "ldap_entries.dn LIKE ?" ),
1089 "ldap_entries.dn LIKE ?" );
1098 rc = backsql_process_filter( bsi, bsi->bsi_filter );
1100 struct berbuf bb = BB_NULL;
1102 backsql_strfcat( &bb, "bbblb",
1103 &bsi->bsi_sel.bb_val,
1104 &bsi->bsi_from.bb_val,
1105 &bsi->bsi_join_where.bb_val,
1106 (ber_len_t)STRLENOF( " AND " ), " AND ",
1107 &bsi->bsi_flt_where.bb_val );
1111 } else if ( rc < 0 ) {
1113 * Indicates that there's no possible way the filter matches
1114 * anything. No need to issue the query
1116 free( query->bv_val );
1117 BER_BVZERO( query );
1120 free( bsi->bsi_sel.bb_val.bv_val );
1121 BER_BVZERO( &bsi->bsi_sel.bb_val );
1122 bsi->bsi_sel.bb_len = 0;
1123 free( bsi->bsi_from.bb_val.bv_val );
1124 BER_BVZERO( &bsi->bsi_from.bb_val );
1125 bsi->bsi_from.bb_len = 0;
1126 free( bsi->bsi_join_where.bb_val.bv_val );
1127 BER_BVZERO( &bsi->bsi_join_where.bb_val );
1128 bsi->bsi_join_where.bb_len = 0;
1129 free( bsi->bsi_flt_where.bb_val.bv_val );
1130 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
1131 bsi->bsi_flt_where.bb_len = 0;
1133 Debug( LDAP_DEBUG_TRACE, "<==backsql_srch_query() returns %s\n",
1134 query->bv_val ? query->bv_val : "NULL", 0, 0 );
1136 return ( rc <= 0 ? 1 : 0 );
1140 backsql_oc_get_candidates( void *v_oc, void *v_bsi )
1142 backsql_oc_map_rec *oc = v_oc;
1143 backsql_srch_info *bsi = v_bsi;
1144 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
1145 struct berval query;
1148 backsql_entryID base_id = BACKSQL_ENTRYID_INIT;
1150 BACKSQL_ROW_NTS row;
1153 int n_candidates = bsi->bsi_n_candidates;
1156 * + 1 because we need room for '%'; this makes a subtree
1157 * search for a DN BACKSQL_MAX_DN_LEN long legal
1158 * if it returns that DN only
1160 char temp_base_dn[ BACKSQL_MAX_DN_LEN + 1 + 1 ];
1162 bsi->bsi_status = LDAP_SUCCESS;
1164 Debug( LDAP_DEBUG_TRACE, "==>backsql_oc_get_candidates(): oc=\"%s\"\n",
1165 BACKSQL_OC_NAME( oc ), 0, 0 );
1167 if ( bsi->bsi_n_candidates == -1 ) {
1168 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1169 "unchecked limit has been overcome\n", 0, 0, 0 );
1170 /* should never get here */
1172 bsi->bsi_status = LDAP_ADMINLIMIT_EXCEEDED;
1173 return BACKSQL_AVL_STOP;
1177 res = backsql_srch_query( bsi, &query );
1179 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1180 "error while constructing query for objectclass \"%s\"\n",
1181 oc->bom_oc->soc_cname.bv_val, 0, 0 );
1183 * FIXME: need to separate errors from legally
1184 * impossible filters
1186 switch ( bsi->bsi_status ) {
1188 case LDAP_UNDEFINED_TYPE:
1189 case LDAP_NO_SUCH_OBJECT:
1190 /* we are conservative... */
1192 bsi->bsi_status = LDAP_SUCCESS;
1194 return BACKSQL_AVL_CONTINUE;
1196 case LDAP_ADMINLIMIT_EXCEEDED:
1198 /* don't try any more */
1199 return BACKSQL_AVL_STOP;
1203 if ( BER_BVISNULL( &query ) ) {
1204 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1205 "could not construct query for objectclass \"%s\"\n",
1206 oc->bom_oc->soc_cname.bv_val, 0, 0 );
1207 bsi->bsi_status = LDAP_SUCCESS;
1208 return BACKSQL_AVL_CONTINUE;
1211 Debug( LDAP_DEBUG_TRACE, "Constructed query: %s\n",
1212 query.bv_val, 0, 0 );
1214 rc = backsql_Prepare( bsi->bsi_dbh, &sth, query.bv_val, 0 );
1215 free( query.bv_val );
1216 BER_BVZERO( &query );
1217 if ( rc != SQL_SUCCESS ) {
1218 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1219 "error preparing query\n", 0, 0, 0 );
1220 backsql_PrintErrors( bi->db_env, bsi->bsi_dbh, sth, rc );
1221 bsi->bsi_status = LDAP_OTHER;
1222 return BACKSQL_AVL_CONTINUE;
1225 Debug( LDAP_DEBUG_TRACE, "id: '%ld'\n", bsi->bsi_oc->bom_id, 0, 0 );
1227 if ( backsql_BindParamID( sth, 1, &bsi->bsi_oc->bom_id ) != SQL_SUCCESS ) {
1228 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1229 "error binding objectclass id parameter\n", 0, 0, 0 );
1230 bsi->bsi_status = LDAP_OTHER;
1231 return BACKSQL_AVL_CONTINUE;
1234 switch ( bsi->bsi_scope ) {
1235 case LDAP_SCOPE_BASE:
1236 case BACKSQL_SCOPE_BASE_LIKE:
1238 * We do not accept DNs longer than BACKSQL_MAX_DN_LEN;
1239 * however this should be handled earlier
1241 if ( bsi->bsi_base_dn->bv_len > BACKSQL_MAX_DN_LEN ) {
1242 bsi->bsi_status = LDAP_OTHER;
1243 return BACKSQL_AVL_CONTINUE;
1246 AC_MEMCPY( temp_base_dn, bsi->bsi_base_dn->bv_val,
1247 bsi->bsi_base_dn->bv_len + 1 );
1249 /* uppercase DN only if the stored DN can be uppercased
1251 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1252 ldap_pvt_str2upper( temp_base_dn );
1255 Debug( LDAP_DEBUG_TRACE, "(base)dn: \"%s\"\n",
1256 temp_base_dn, 0, 0 );
1258 rc = backsql_BindParamStr( sth, 2, temp_base_dn,
1259 BACKSQL_MAX_DN_LEN );
1260 if ( rc != SQL_SUCCESS ) {
1261 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1262 "error binding base_dn parameter\n", 0, 0, 0 );
1263 backsql_PrintErrors( bi->db_env, bsi->bsi_dbh,
1265 bsi->bsi_status = LDAP_OTHER;
1266 return BACKSQL_AVL_CONTINUE;
1270 case LDAP_SCOPE_SUBTREE: {
1272 * We do not accept DNs longer than BACKSQL_MAX_DN_LEN;
1273 * however this should be handled earlier
1275 if ( bsi->bsi_base_dn->bv_len > BACKSQL_MAX_DN_LEN ) {
1276 bsi->bsi_status = LDAP_OTHER;
1277 return BACKSQL_AVL_CONTINUE;
1281 * Sets the parameters for the SQL built earlier
1282 * NOTE that all the databases could actually use
1283 * the TimesTen version, which would be cleaner
1284 * and would also eliminate the need for the
1285 * subtree_cond line in the configuration file.
1286 * For now, I'm leaving it the way it is,
1287 * so non-TimesTen databases use the original code.
1288 * But at some point this should get cleaned up.
1290 * If "dn" is being used, do a suffix search.
1291 * If "dn_ru" is being used, do a prefix search.
1293 if ( BACKSQL_HAS_LDAPINFO_DN_RU( bi ) ) {
1294 temp_base_dn[ 0 ] = '\0';
1295 for ( i = 0, j = bsi->bsi_base_dn->bv_len - 1;
1297 temp_base_dn[ i ] = bsi->bsi_base_dn->bv_val[ j ];
1299 temp_base_dn[ i ] = '%';
1300 temp_base_dn[ i + 1 ] = '\0';
1303 temp_base_dn[ 0 ] = '%';
1304 AC_MEMCPY( &temp_base_dn[ 1 ], bsi->bsi_base_dn->bv_val,
1305 bsi->bsi_base_dn->bv_len + 1 );
1308 /* uppercase DN only if the stored DN can be uppercased
1310 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1311 ldap_pvt_str2upper( temp_base_dn );
1314 Debug( LDAP_DEBUG_TRACE, "(sub)dn: \"%s\"\n", temp_base_dn,
1317 rc = backsql_BindParamStr( sth, 2, temp_base_dn,
1318 BACKSQL_MAX_DN_LEN );
1319 if ( rc != SQL_SUCCESS ) {
1320 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1321 "error binding base_dn parameter (2)\n",
1323 backsql_PrintErrors( bi->db_env, bsi->bsi_dbh,
1325 bsi->bsi_status = LDAP_OTHER;
1326 return BACKSQL_AVL_CONTINUE;
1331 case LDAP_SCOPE_ONELEVEL:
1332 res = backsql_dn2id( bi, &base_id,
1333 bsi->bsi_dbh, bsi->bsi_base_dn );
1334 if ( res != LDAP_SUCCESS ) {
1335 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1336 "could not retrieve base_dn id%s\n",
1337 res == LDAP_NO_SUCH_OBJECT ? ": no such entry"
1339 bsi->bsi_status = res;
1340 return BACKSQL_AVL_CONTINUE;
1343 #ifdef BACKSQL_ARBITRARY_KEY
1344 Debug( LDAP_DEBUG_TRACE, "(one)id: \"%s\"\n",
1345 base_id.eid_id.bv_val, 0, 0 );
1347 rc = backsql_BindParamStr( sth, 2, base_id.eid_id.bv_val,
1348 BACKSQL_MAX_KEY_LEN );
1349 #else /* ! BACKSQL_ARBITRARY_KEY */
1350 Debug( LDAP_DEBUG_TRACE, "(one)id: '%lu'\n", base_id.eid_id,
1353 rc = backsql_BindParamID( sth, 2, &base_id.eid_id );
1354 #endif /* ! BACKSQL_ARBITRARY_KEY */
1355 backsql_free_entryID( &base_id, 0 );
1356 if ( rc != SQL_SUCCESS ) {
1357 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1358 "error binding base id parameter\n", 0, 0, 0 );
1359 bsi->bsi_status = LDAP_OTHER;
1360 return BACKSQL_AVL_CONTINUE;
1365 rc = SQLExecute( sth );
1366 if ( !BACKSQL_SUCCESS( rc ) ) {
1367 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1368 "error executing query\n", 0, 0, 0 );
1369 backsql_PrintErrors( bi->db_env, bsi->bsi_dbh, sth, rc );
1370 SQLFreeStmt( sth, SQL_DROP );
1371 bsi->bsi_status = LDAP_OTHER;
1372 return BACKSQL_AVL_CONTINUE;
1375 backsql_BindRowAsStrings( sth, &row );
1376 rc = SQLFetch( sth );
1377 for ( ; BACKSQL_SUCCESS( rc ); rc = SQLFetch( sth ) ) {
1379 backsql_entryID *c_id = NULL;
1381 ber_str2bv( row.cols[ 3 ], 0, 0, &dn );
1383 if ( backsql_api_odbc2dn( bsi->bsi_op, bsi->bsi_rs, &dn ) ) {
1387 c_id = (backsql_entryID *)ch_calloc( 1,
1388 sizeof( backsql_entryID ) );
1389 #ifdef BACKSQL_ARBITRARY_KEY
1390 ber_str2bv( row.cols[ 0 ], 0, 1, &c_id->eid_id );
1391 ber_str2bv( row.cols[ 1 ], 0, 1, &c_id->eid_keyval );
1392 #else /* ! BACKSQL_ARBITRARY_KEY */
1393 c_id->eid_id = strtol( row.cols[ 0 ], NULL, 0 );
1394 c_id->eid_keyval = strtol( row.cols[ 1 ], NULL, 0 );
1395 #endif /* ! BACKSQL_ARBITRARY_KEY */
1396 c_id->eid_oc_id = bsi->bsi_oc->bom_id;
1398 if ( dn.bv_val == row.cols[ 3 ] ) {
1399 ber_dupbv( &c_id->eid_dn, &dn );
1404 /* append at end of list ... */
1405 c_id->eid_next = NULL;
1406 *bsi->bsi_id_listtail = c_id;
1407 bsi->bsi_id_listtail = &c_id->eid_next;
1409 #ifdef BACKSQL_ARBITRARY_KEY
1410 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1411 "added entry id=%s, keyval=%s dn=\"%s\"\n",
1412 c_id->eid_id.bv_val, c_id->eid_keyval.bv_val,
1414 #else /* ! BACKSQL_ARBITRARY_KEY */
1415 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1416 "added entry id=%ld, keyval=%ld dn=\"%s\"\n",
1417 c_id->eid_id, c_id->eid_keyval, row.cols[ 3 ] );
1418 #endif /* ! BACKSQL_ARBITRARY_KEY */
1420 /* count candidates, for unchecked limit */
1421 bsi->bsi_n_candidates--;
1422 if ( bsi->bsi_n_candidates == -1 ) {
1426 backsql_FreeRow( &row );
1427 SQLFreeStmt( sth, SQL_DROP );
1429 Debug( LDAP_DEBUG_TRACE, "<==backsql_oc_get_candidates(): %d\n",
1430 n_candidates - bsi->bsi_n_candidates, 0, 0 );
1432 return ( bsi->bsi_n_candidates == -1 ? BACKSQL_AVL_STOP : BACKSQL_AVL_CONTINUE );
1436 backsql_search( Operation *op, SlapReply *rs )
1438 backsql_info *bi = (backsql_info *)op->o_bd->be_private;
1441 Entry user_entry = { 0 };
1443 time_t stoptime = 0;
1444 backsql_srch_info srch_info;
1445 backsql_entryID *eid = NULL;
1448 manageDSAit = get_manageDSAit( op );
1450 Debug( LDAP_DEBUG_TRACE, "==>backsql_search(): "
1451 "base=\"%s\", filter=\"%s\", scope=%d,",
1452 op->o_req_ndn.bv_val,
1453 op->ors_filterstr.bv_val,
1455 Debug( LDAP_DEBUG_TRACE, " deref=%d, attrsonly=%d, "
1456 "attributes to load: %s\n",
1459 op->ors_attrs == NULL ? "all" : "custom list" );
1461 if ( op->o_req_ndn.bv_len > BACKSQL_MAX_DN_LEN ) {
1462 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1463 "search base length (%ld) exceeds max length (%d)\n",
1464 op->o_req_ndn.bv_len, BACKSQL_MAX_DN_LEN, 0 );
1466 * FIXME: a LDAP_NO_SUCH_OBJECT could be appropriate
1467 * since it is impossible that such a long DN exists
1470 rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
1471 send_ldap_result( op, rs );
1475 sres = backsql_get_db_conn( op, &dbh );
1476 if ( sres != LDAP_SUCCESS ) {
1477 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1478 "could not get connection handle - exiting\n",
1481 rs->sr_text = sres == LDAP_OTHER ? "SQL-backend error" : NULL;
1482 send_ldap_result( op, rs );
1486 /* compute it anyway; root does not use it */
1487 stoptime = op->o_time + op->ors_tlimit;
1489 base = op->o_req_dn;
1490 if ( backsql_api_dn2odbc( op, rs, &base ) ) {
1491 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1492 "backsql_api_dn2odbc failed\n",
1494 rs->sr_err = LDAP_OTHER;
1495 rs->sr_text = "SQL-backend error";
1496 send_ldap_result( op, rs );
1500 backsql_init_search( &srch_info, &base,
1502 op->ors_slimit, op->ors_tlimit,
1503 stoptime, op->ors_filter,
1504 dbh, op, rs, op->ors_attrs );
1507 * for each objectclass we try to construct query which gets IDs
1508 * of entries matching LDAP query filter and scope (or at least
1509 * candidates), and get the IDs
1511 srch_info.bsi_n_candidates =
1512 ( op->ors_limit == NULL /* isroot == FALSE */ ? -2 :
1513 ( op->ors_limit->lms_s_unchecked == -1 ? -2 :
1514 ( op->ors_limit->lms_s_unchecked ) ) );
1515 avl_apply( bi->oc_by_oc, backsql_oc_get_candidates,
1516 &srch_info, BACKSQL_AVL_STOP, AVL_INORDER );
1517 if ( op->ors_limit != NULL /* isroot == TRUE */
1518 && op->ors_limit->lms_s_unchecked != -1
1519 && srch_info.bsi_n_candidates == -1 )
1521 rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
1522 send_ldap_result( op, rs );
1527 * now we load candidate entries (only those attributes
1528 * mentioned in attrs and filter), test it against full filter
1529 * and then send to client
1531 for ( eid = srch_info.bsi_id_list;
1533 eid = backsql_free_entryID( eid, 1 ) )
1536 Attribute *hasSubordinate = NULL,
1539 /* check for abandon */
1540 if ( op->o_abandon ) {
1544 /* check time limit */
1545 if ( op->ors_tlimit != SLAP_NO_LIMIT
1546 && slap_get_time() > stoptime )
1548 rs->sr_err = LDAP_TIMELIMIT_EXCEEDED;
1549 rs->sr_ctrls = NULL;
1550 rs->sr_ref = rs->sr_v2ref;
1551 rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS
1553 send_ldap_result( op, rs );
1557 #ifdef BACKSQL_ARBITRARY_KEY
1558 Debug(LDAP_DEBUG_TRACE, "backsql_search(): loading data "
1559 "for entry id=%s, oc_id=%ld, keyval=%s\n",
1560 eid->eid_id.bv_val, eid->eid_oc_id,
1561 eid->eid_keyval.bv_val );
1562 #else /* ! BACKSQL_ARBITRARY_KEY */
1563 Debug(LDAP_DEBUG_TRACE, "backsql_search(): loading data "
1564 "for entry id=%ld, oc_id=%ld, keyval=%ld\n",
1565 eid->eid_id, eid->eid_oc_id, eid->eid_keyval );
1566 #endif /* ! BACKSQL_ARBITRARY_KEY */
1568 srch_info.bsi_e = &user_entry;
1569 rc = backsql_id2entry( &srch_info, eid );
1570 if ( rc != LDAP_SUCCESS ) {
1571 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1572 "error %d in backsql_id2entry() "
1573 "- skipping\n", rc, 0, 0 );
1578 switch ( op->ors_scope ) {
1579 case LDAP_SCOPE_BASE:
1580 case BACKSQL_SCOPE_BASE_LIKE:
1581 if ( !bvmatch( &user_entry.e_nname, &op->o_req_ndn ) ) {
1586 case LDAP_SCOPE_ONE:
1588 struct berval rdn = user_entry.e_nname;
1589 rdn.bv_len -= op->o_req_ndn.bv_len + STRLENOF( "," );
1590 if ( !dnIsOneLevelRDN( &rdn ) ) {
1596 case LDAP_SCOPE_SUBTREE:
1597 if ( !dnIsSuffix( &user_entry.e_nname, &op->o_req_ndn ) ) {
1603 if ( !manageDSAit &&
1604 op->ors_scope != LDAP_SCOPE_BASE &&
1605 op->ors_scope != BACKSQL_SCOPE_BASE_LIKE &&
1606 is_entry_referral( &user_entry ) )
1609 struct berval matched_dn;
1611 ber_dupbv( &matched_dn, &user_entry.e_name );
1612 refs = get_entry_referrals( op, &user_entry );
1614 backsql_srch_info srch_info2 = { 0 };
1615 Entry user_entry2 = { 0 };
1617 /* retry with the full entry... */
1618 backsql_init_search( &srch_info2,
1622 dbh, op, rs, NULL );
1623 srch_info2.bsi_e = &user_entry2;
1624 rc = backsql_id2entry( &srch_info2, eid );
1625 if ( rc == LDAP_SUCCESS ) {
1626 if ( is_entry_referral( &user_entry2 ) )
1628 refs = get_entry_referrals( op,
1630 } /* else: FIXME: inconsistency! */
1631 entry_clean( &user_entry2 );
1636 rs->sr_ref = referral_rewrite( refs,
1637 &matched_dn, &op->o_req_dn,
1639 ber_bvarray_free( refs );
1642 if ( !rs->sr_ref ) {
1643 rs->sr_text = "bad_referral object";
1646 rs->sr_err = LDAP_REFERRAL;
1647 rs->sr_matched = matched_dn.bv_val;
1648 send_search_reference( op, rs );
1650 ber_bvarray_free( rs->sr_ref );
1652 ber_memfree( matched_dn.bv_val );
1653 rs->sr_matched = NULL;
1659 * We use this flag since we need to parse the filter
1660 * anyway; we should have used the frontend API function
1661 * filter_has_subordinates()
1663 if ( srch_info.bsi_flags & BSQL_SF_FILTER_HASSUBORDINATE ) {
1664 rc = backsql_has_children( bi, dbh, &user_entry.e_nname );
1667 case LDAP_COMPARE_TRUE:
1668 case LDAP_COMPARE_FALSE:
1669 hasSubordinate = slap_operational_hasSubordinate( rc == LDAP_COMPARE_TRUE );
1670 if ( hasSubordinate != NULL ) {
1671 for ( a = user_entry.e_attrs;
1675 a->a_next = hasSubordinate;
1681 Debug(LDAP_DEBUG_TRACE,
1682 "backsql_search(): "
1683 "has_children failed( %d)\n",
1690 if ( test_filter( op, &user_entry, op->ors_filter )
1691 == LDAP_COMPARE_TRUE ) {
1692 if ( hasSubordinate && !( srch_info.bsi_flags & BSQL_SF_ALL_OPER )
1693 && !ad_inlist( slap_schema.si_ad_hasSubordinates, op->ors_attrs ) ) {
1695 attr_free( hasSubordinate );
1696 hasSubordinate = NULL;
1699 rs->sr_attrs = op->ors_attrs;
1700 rs->sr_operational_attrs = NULL;
1701 rs->sr_entry = &user_entry;
1702 rs->sr_flags = REP_ENTRY_MODIFIABLE;
1703 sres = send_search_entry( op, rs );
1704 rs->sr_entry = NULL;
1705 rs->sr_attrs = NULL;
1706 rs->sr_operational_attrs = NULL;
1714 * FIXME: send_search_entry failed;
1718 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1719 "connection lost\n", 0, 0, 0 );
1725 entry_clean( &user_entry );
1727 if ( op->ors_slimit != SLAP_NO_LIMIT
1728 && rs->sr_nentries >= op->ors_slimit )
1730 rs->sr_err = LDAP_SIZELIMIT_EXCEEDED;
1731 send_ldap_result( op, rs );
1737 /* in case we got here accidentally */
1738 entry_clean( &user_entry );
1740 if ( rs->sr_nentries > 0 ) {
1741 rs->sr_ref = rs->sr_v2ref;
1742 rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS
1746 rs->sr_err = srch_info.bsi_status;
1748 send_ldap_result( op, rs );
1750 if ( rs->sr_v2ref ) {
1751 ber_bvarray_free( rs->sr_v2ref );
1752 rs->sr_v2ref = NULL;
1756 ch_free( srch_info.bsi_attrs );
1757 if ( base.bv_val != op->o_req_ndn.bv_val ) {
1758 ch_free( base.bv_val );
1761 Debug( LDAP_DEBUG_TRACE, "<==backsql_search()\n", 0, 0, 0 );
1765 #endif /* SLAPD_SQL */