2 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
4 * Copyright 1999-2004 The OpenLDAP Foundation.
5 * Portions Copyright 1999 Dmitry Kovalev.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted only as authorized by the OpenLDAP
12 * A copy of this license is available in the file LICENSE in the
13 * top-level directory of the distribution or, alternatively, at
14 * <http://www.OpenLDAP.org/license.html>.
17 * This work was initially developed by Dmitry Kovalev for inclusion
18 * by OpenLDAP Software.
26 #include <sys/types.h>
27 #include "ac/string.h"
33 #include "proto-sql.h"
35 static int backsql_process_filter( backsql_srch_info *bsi, Filter *f );
36 static int backsql_process_filter_eq( backsql_srch_info *bsi,
37 backsql_at_map_rec *at,
38 int casefold, struct berval *filter_value );
39 static int backsql_process_filter_like( backsql_srch_info *bsi,
40 backsql_at_map_rec *at,
41 int casefold, struct berval *filter_value );
42 static int backsql_process_filter_attr( backsql_srch_info *bsi, Filter *f,
43 backsql_at_map_rec *at );
46 backsql_attrlist_add( backsql_srch_info *bsi, AttributeDescription *ad )
49 AttributeName *an = NULL;
51 if ( bsi->bsi_attrs == NULL ) {
56 * clear the list (retrieve all attrs)
59 ch_free( bsi->bsi_attrs );
60 bsi->bsi_attrs = NULL;
64 for ( ; !BER_BVISNULL( &bsi->bsi_attrs[ n_attrs ].an_name ); n_attrs++ ) {
65 an = &bsi->bsi_attrs[ n_attrs ];
67 Debug( LDAP_DEBUG_TRACE, "==>backsql_attrlist_add(): "
68 "attribute \"%s\" is in list\n",
69 an->an_name.bv_val, 0, 0 );
71 * We can live with strcmp because the attribute
72 * list has been normalized before calling be_search
74 if ( !BACKSQL_NCMP( &an->an_name, &ad->ad_cname ) ) {
79 Debug( LDAP_DEBUG_TRACE, "==>backsql_attrlist_add(): "
80 "adding \"%s\" to list\n", ad->ad_cname.bv_val, 0, 0 );
82 an = (AttributeName *)ch_realloc( bsi->bsi_attrs,
83 sizeof( AttributeName ) * ( n_attrs + 2 ) );
88 an[ n_attrs ].an_name = ad->ad_cname;
89 an[ n_attrs ].an_desc = ad;
90 BER_BVZERO( &an[ n_attrs + 1 ].an_name );
99 backsql_srch_info *bsi,
109 AttributeName *attrs )
113 bsi->bsi_base_dn = base;
114 bsi->bsi_scope = scope;
115 bsi->bsi_slimit = slimit;
116 bsi->bsi_tlimit = tlimit;
117 bsi->bsi_filter = filter;
126 if ( attrs == NULL || an_find( attrs, &AllUser ) ) {
127 bsi->bsi_attrs = NULL;
132 bsi->bsi_attrs = (AttributeName *)ch_calloc( 1,
133 sizeof( AttributeName ) );
134 BER_BVZERO( &bsi->bsi_attrs[ 0 ].an_name );
136 for ( p = attrs; !BER_BVISNULL( &p->an_name ); p++ ) {
138 * ignore "1.1"; handle "+"
140 if ( BACKSQL_NCMP( &p->an_name, &AllOper ) == 0 ) {
141 bsi->bsi_flags |= BSQL_SF_ALL_OPER;
144 } else if ( BACKSQL_NCMP( &p->an_name, &NoAttrs ) == 0 ) {
147 } else if ( p->an_desc == slap_schema.si_ad_objectClass ) {
151 backsql_attrlist_add( bsi, p->an_desc );
155 /* add objectClass if not present,
156 * because it is required to understand
157 * if an entry is a referral, an alias
159 backsql_attrlist_add( bsi, slap_schema.si_ad_objectClass );
163 bsi->bsi_abandon = 0;
164 bsi->bsi_id_list = NULL;
165 bsi->bsi_id_listtail = &bsi->bsi_id_list;
166 bsi->bsi_n_candidates = 0;
167 bsi->bsi_stoptime = stoptime;
168 BER_BVZERO( &bsi->bsi_sel.bb_val );
169 bsi->bsi_sel.bb_len = 0;
170 BER_BVZERO( &bsi->bsi_from.bb_val );
171 bsi->bsi_from.bb_len = 0;
172 BER_BVZERO( &bsi->bsi_join_where.bb_val );
173 bsi->bsi_join_where.bb_len = 0;
174 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
175 bsi->bsi_flt_where.bb_len = 0;
176 bsi->bsi_filter_oc = NULL;
178 bsi->bsi_status = LDAP_SUCCESS;
182 backsql_process_filter_list( backsql_srch_info *bsi, Filter *f, int op )
190 backsql_strfcat( &bsi->bsi_flt_where, "c", '(' /* ) */ );
193 res = backsql_process_filter( bsi, f );
196 * TimesTen : If the query has no answers,
197 * don't bother to run the query.
208 case LDAP_FILTER_AND:
209 backsql_strfcat( &bsi->bsi_flt_where, "l",
210 (ber_len_t)STRLENOF( " AND " ),
215 backsql_strfcat( &bsi->bsi_flt_where, "l",
216 (ber_len_t)STRLENOF( " OR " ),
222 backsql_strfcat( &bsi->bsi_flt_where, "c", /* ( */ ')' );
228 backsql_process_sub_filter( backsql_srch_info *bsi, Filter *f,
229 backsql_at_map_rec *at )
231 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
239 /* always uppercase strings by now */
240 #ifdef BACKSQL_UPPERCASE_FILTER
241 if ( SLAP_MR_ASSOCIATED( f->f_sub_desc->ad_type->sat_substr,
242 bi->bi_caseIgnoreMatch ) )
243 #endif /* BACKSQL_UPPERCASE_FILTER */
248 if ( SLAP_MR_ASSOCIATED( f->f_sub_desc->ad_type->sat_substr,
249 bi->bi_telephoneNumberMatch ) )
256 * to check for matching telephone numbers
257 * with intermixed chars, e.g. val='1234'
260 * val LIKE '%1%2%3%4%'
264 if ( f->f_sub_initial.bv_val ) {
265 bv.bv_len += f->f_sub_initial.bv_len;
267 if ( f->f_sub_any != NULL ) {
268 for ( a = 0; f->f_sub_any[ a ].bv_val != NULL; a++ ) {
269 bv.bv_len += f->f_sub_any[ a ].bv_len;
272 if ( f->f_sub_final.bv_val ) {
273 bv.bv_len += f->f_sub_final.bv_len;
275 bv.bv_len = 2 * bv.bv_len - 1;
276 bv.bv_val = ch_malloc( bv.bv_len + 1 );
279 if ( !BER_BVISNULL( &f->f_sub_initial ) ) {
280 bv.bv_val[ s ] = f->f_sub_initial.bv_val[ 0 ];
281 for ( i = 1; i < f->f_sub_initial.bv_len; i++ ) {
282 bv.bv_val[ s + 2 * i - 1 ] = '%';
283 bv.bv_val[ s + 2 * i ] = f->f_sub_initial.bv_val[ i ];
285 bv.bv_val[ s + 2 * i - 1 ] = '%';
289 if ( f->f_sub_any != NULL ) {
290 for ( a = 0; !BER_BVISNULL( &f->f_sub_any[ a ] ); a++ ) {
291 bv.bv_val[ s ] = f->f_sub_any[ a ].bv_val[ 0 ];
292 for ( i = 1; i < f->f_sub_any[ a ].bv_len; i++ ) {
293 bv.bv_val[ s + 2 * i - 1 ] = '%';
294 bv.bv_val[ s + 2 * i ] = f->f_sub_any[ a ].bv_val[ i ];
296 bv.bv_val[ s + 2 * i - 1 ] = '%';
301 if ( !BER_BVISNULL( &f->f_sub_final ) ) {
302 bv.bv_val[ s ] = f->f_sub_final.bv_val[ 0 ];
303 for ( i = 1; i < f->f_sub_final.bv_len; i++ ) {
304 bv.bv_val[ s + 2 * i - 1 ] = '%';
305 bv.bv_val[ s + 2 * i ] = f->f_sub_final.bv_val[ i ];
307 bv.bv_val[ s + 2 * i - 1 ] = '%';
311 bv.bv_val[ s - 1 ] = '\0';
313 (void)backsql_process_filter_like( bsi, at, casefold, &bv );
314 ch_free( bv.bv_val );
320 * When dealing with case-sensitive strings
321 * we may omit normalization; however, normalized
322 * SQL filters are more liberal.
325 backsql_strfcat( &bsi->bsi_flt_where, "c", '(' /* ) */ );
328 Debug( LDAP_DEBUG_TRACE, "backsql_process_sub_filter(%s):\n",
329 at->bam_ad->ad_cname.bv_val, 0, 0 );
330 Debug(LDAP_DEBUG_TRACE, " expr: '%s%s%s'\n", at->bam_sel_expr.bv_val,
331 at->bam_sel_expr_u.bv_val ? "' '" : "",
332 at->bam_sel_expr_u.bv_val ? at->bam_sel_expr_u.bv_val : "" );
333 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
335 * If a pre-upper-cased version of the column
336 * or a precompiled upper function exists, use it
338 backsql_strfcat( &bsi->bsi_flt_where,
341 (ber_len_t)STRLENOF( " LIKE '" ),
345 backsql_strfcat( &bsi->bsi_flt_where, "bl",
347 (ber_len_t)STRLENOF( " LIKE '" ), " LIKE '" );
350 if ( !BER_BVISNULL( &f->f_sub_initial ) ) {
354 Debug( LDAP_DEBUG_TRACE,
355 "==>backsql_process_sub_filter(%s): "
356 "sub_initial=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
357 f->f_sub_initial.bv_val, 0 );
358 #endif /* BACKSQL_TRACE */
360 start = bsi->bsi_flt_where.bb_val.bv_len;
361 backsql_strfcat( &bsi->bsi_flt_where, "b",
363 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
364 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
368 backsql_strfcat( &bsi->bsi_flt_where, "c", '%' );
370 if ( f->f_sub_any != NULL ) {
371 for ( i = 0; !BER_BVISNULL( &f->f_sub_any[ i ] ); i++ ) {
375 Debug( LDAP_DEBUG_TRACE,
376 "==>backsql_process_sub_filter(%s): "
377 "sub_any[%d]=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
378 i, f->f_sub_any[ i ].bv_val );
379 #endif /* BACKSQL_TRACE */
381 start = bsi->bsi_flt_where.bb_val.bv_len;
382 backsql_strfcat( &bsi->bsi_flt_where,
386 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
388 * Note: toupper('%') = '%'
390 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
395 if ( !BER_BVISNULL( &f->f_sub_final ) ) {
399 Debug( LDAP_DEBUG_TRACE,
400 "==>backsql_process_sub_filter(%s): "
401 "sub_final=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
402 f->f_sub_final.bv_val, 0 );
403 #endif /* BACKSQL_TRACE */
405 start = bsi->bsi_flt_where.bb_val.bv_len;
406 backsql_strfcat( &bsi->bsi_flt_where, "b",
408 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
409 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
413 backsql_strfcat( &bsi->bsi_flt_where, "l",
414 (ber_len_t)STRLENOF( /* (' */ "')" ), /* (' */ "')" );
420 backsql_merge_from_tbls( backsql_srch_info *bsi, struct berval *from_tbls )
422 if ( BER_BVISNULL( from_tbls ) ) {
426 if ( !BER_BVISNULL( &bsi->bsi_from.bb_val ) ) {
427 char *start, *end, *tmp;
429 tmp = ch_strdup( from_tbls->bv_val );
431 for ( start = tmp, end = strchr( start, ',' ); start; ) {
436 if ( strstr( bsi->bsi_from.bb_val.bv_val, start) == NULL )
438 backsql_strfcat( &bsi->bsi_from, "cs", ',', start );
442 /* in case there are spaces after the comma... */
443 for ( start = &end[1]; isspace( start[0] ); start++ );
445 end = strchr( start, ',' );
457 backsql_strfcat( &bsi->bsi_from, "b", from_tbls );
464 backsql_process_filter( backsql_srch_info *bsi, Filter *f )
466 backsql_at_map_rec **vat = NULL;
467 AttributeDescription *ad = NULL;
472 Debug( LDAP_DEBUG_TRACE, "==>backsql_process_filter()\n", 0, 0, 0 );
473 if ( f->f_choice == SLAPD_FILTER_COMPUTED ) {
474 Debug( LDAP_DEBUG_TRACE, "backsql_process_filter(): "
475 "invalid filter\n", 0, 0, 0 );
480 switch( f->f_choice ) {
482 rc = backsql_process_filter_list( bsi, f->f_or,
487 case LDAP_FILTER_AND:
488 rc = backsql_process_filter_list( bsi, f->f_and,
493 case LDAP_FILTER_NOT:
494 backsql_strfcat( &bsi->bsi_flt_where, "l",
495 (ber_len_t)STRLENOF( "NOT (" /* ) */ ),
497 rc = backsql_process_filter( bsi, f->f_not );
498 backsql_strfcat( &bsi->bsi_flt_where, "c", /* ( */ ')' );
502 case LDAP_FILTER_PRESENT:
506 case LDAP_FILTER_EXT:
507 ad = f->f_mra->ma_desc;
508 if ( f->f_mr_dnattrs ) {
510 * if dn attrs filtering is requested, better return
511 * success and let test_filter() deal with candidate
512 * selection; otherwise we'd need to set conditions
513 * on the contents of the DN, e.g. "SELECT ... FROM
514 * ldap_entries AS attributeName WHERE attributeName.dn
515 * like '%attributeName=value%'"
517 backsql_strfcat( &bsi->bsi_flt_where, "l",
518 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
519 bsi->bsi_status = LDAP_SUCCESS;
540 * Turn structuralObjectClass into objectClass
542 if ( ad == slap_schema.si_ad_objectClass
543 || ad == slap_schema.si_ad_structuralObjectClass ) {
545 * If the filter is LDAP_FILTER_PRESENT, then it's done;
546 * otherwise, let's see if we are lucky: filtering
547 * for "structural" objectclass or ancestor...
549 switch ( f->f_choice ) {
550 case LDAP_FILTER_EQUALITY:
552 ObjectClass *oc = oc_bvfind( &f->f_av_value );
555 Debug( LDAP_DEBUG_TRACE,
556 "backsql_process_filter(): "
557 "unknown objectClass \"%s\" "
559 f->f_av_value.bv_val, 0, 0 );
560 bsi->bsi_status = LDAP_OTHER;
566 * "structural" objectClass inheritance:
567 * - a search for "person" will also return
569 * - a search for "top" will return everything
571 if ( is_object_subclass( oc, bsi->bsi_oc->bom_oc ) ) {
572 static struct berval ldap_entry_objclasses = BER_BVC( "ldap_entry_objclasses" );
574 backsql_merge_from_tbls( bsi, &ldap_entry_objclasses );
576 backsql_strfcat( &bsi->bsi_flt_where, "lbl",
577 (ber_len_t)STRLENOF( "1=1 OR (ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */ ),
578 "1=1 OR (ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */,
579 &bsi->bsi_oc->bom_oc->soc_cname,
580 (ber_len_t)STRLENOF( /* (' */ "')" ),
582 bsi->bsi_status = LDAP_SUCCESS;
590 case LDAP_FILTER_PRESENT:
591 backsql_strfcat( &bsi->bsi_flt_where, "l",
592 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
593 bsi->bsi_status = LDAP_SUCCESS;
597 /* FIXME: LDAP_FILTER_EXT? */
600 Debug( LDAP_DEBUG_TRACE,
601 "backsql_process_filter(): "
602 "illegal/unhandled filter "
603 "on objectClass attribute",
605 bsi->bsi_status = LDAP_OTHER;
610 } else if ( ad == slap_schema.si_ad_hasSubordinates || ad == NULL ) {
612 * FIXME: this is not robust; e.g. a filter
613 * '(!(hasSubordinates=TRUE))' fails because
614 * in SQL it would read 'NOT (1=1)' instead
616 * Note however that hasSubordinates is boolean,
617 * so a more appropriate filter would be
618 * '(hasSubordinates=FALSE)'
620 * A more robust search for hasSubordinates
621 * would * require joining the ldap_entries table
622 * selecting if there are descendants of the
625 backsql_strfcat( &bsi->bsi_flt_where, "l",
626 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
627 if ( ad == slap_schema.si_ad_hasSubordinates ) {
629 * instruct candidate selection algorithm
630 * and attribute list to try to detect
631 * if an entry has subordinates
633 bsi->bsi_flags |= BSQL_SF_FILTER_HASSUBORDINATE;
637 * clear attributes to fetch, to require ALL
638 * and try extended match on all attributes
640 backsql_attrlist_add( bsi, NULL );
647 * attribute inheritance:
649 if ( backsql_supad2at( bsi->bsi_oc, ad, &vat ) ) {
650 bsi->bsi_status = LDAP_OTHER;
656 /* search anyway; other parts of the filter
658 backsql_strfcat( &bsi->bsi_flt_where, "l",
659 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
660 bsi->bsi_status = LDAP_SUCCESS;
665 /* if required, open extra level of parens */
667 if ( vat[0]->bam_next || vat[1] ) {
668 backsql_strfcat( &bsi->bsi_flt_where, "c", '(' );
675 if ( backsql_process_filter_attr( bsi, f, vat[i] ) == -1 ) {
679 /* if more definitions of the same attr, apply */
680 if ( vat[i]->bam_next ) {
681 backsql_strfcat( &bsi->bsi_flt_where, "l",
682 STRLENOF( " OR " ), " OR " );
683 vat[i] = vat[i]->bam_next;
687 /* if more descendants of the same attr, apply */
690 backsql_strfcat( &bsi->bsi_flt_where, "l",
691 STRLENOF( " OR " ), " OR " );
695 /* if needed, close extra level of parens */
697 backsql_strfcat( &bsi->bsi_flt_where, "c", ')' );
707 Debug( LDAP_DEBUG_TRACE,
708 "<==backsql_process_filter() %s\n",
709 rc == 1 ? "succeeded" : "failed", 0, 0);
715 backsql_process_filter_eq( backsql_srch_info *bsi, backsql_at_map_rec *at,
716 int casefold, struct berval *filter_value )
719 * maybe we should check type of at->sel_expr here somehow,
720 * to know whether upper_func is applicable, but for now
721 * upper_func stuff is made for Oracle, where UPPER is
722 * safely applicable to NUMBER etc.
724 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
727 backsql_strfcat( &bsi->bsi_flt_where, "cbl",
730 (ber_len_t)STRLENOF( "='" ),
733 start = bsi->bsi_flt_where.bb_val.bv_len;
735 backsql_strfcat( &bsi->bsi_flt_where, "bl",
737 (ber_len_t)STRLENOF( /* (' */ "')" ),
740 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
743 backsql_strfcat( &bsi->bsi_flt_where, "cblbl",
746 (ber_len_t)STRLENOF( "='" ), "='",
748 (ber_len_t)STRLENOF( /* (' */ "')" ),
756 backsql_process_filter_like( backsql_srch_info *bsi, backsql_at_map_rec *at,
757 int casefold, struct berval *filter_value )
760 * maybe we should check type of at->sel_expr here somehow,
761 * to know whether upper_func is applicable, but for now
762 * upper_func stuff is made for Oracle, where UPPER is
763 * safely applicable to NUMBER etc.
765 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
768 backsql_strfcat( &bsi->bsi_flt_where, "cbl",
771 (ber_len_t)STRLENOF( " LIKE '%" ),
774 start = bsi->bsi_flt_where.bb_val.bv_len;
776 backsql_strfcat( &bsi->bsi_flt_where, "bl",
778 (ber_len_t)STRLENOF( /* (' */ "%')" ),
781 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
784 backsql_strfcat( &bsi->bsi_flt_where, "cblbl",
787 (ber_len_t)STRLENOF( " LIKE '%" ),
790 (ber_len_t)STRLENOF( /* (' */ "%')" ),
798 backsql_process_filter_attr( backsql_srch_info *bsi, Filter *f, backsql_at_map_rec *at )
800 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
802 struct berval *filter_value = NULL;
803 MatchingRule *matching_rule = NULL;
804 struct berval ordering = BER_BVC("<=");
806 Debug( LDAP_DEBUG_TRACE, "==>backsql_process_filter_attr(%s)\n",
807 at->bam_ad->ad_cname.bv_val, 0, 0 );
810 * need to add this attribute to list of attrs to load,
811 * so that we can do test_filter() later
813 backsql_attrlist_add( bsi, at->bam_ad );
815 backsql_merge_from_tbls( bsi, &at->bam_from_tbls );
817 if ( !BER_BVISNULL( &at->bam_join_where )
818 && strstr( bsi->bsi_join_where.bb_val.bv_val,
819 at->bam_join_where.bv_val ) == NULL )
821 backsql_strfcat( &bsi->bsi_join_where, "lb",
822 (ber_len_t)STRLENOF( " AND " ), " AND ",
823 &at->bam_join_where );
826 switch ( f->f_choice ) {
827 case LDAP_FILTER_EQUALITY:
828 filter_value = &f->f_av_value;
829 matching_rule = at->bam_ad->ad_type->sat_equality;
833 /* fail over into next case */
835 case LDAP_FILTER_EXT:
836 filter_value = &f->f_mra->ma_value;
837 matching_rule = f->f_mr_rule;
840 /* always uppercase strings by now */
841 #ifdef BACKSQL_UPPERCASE_FILTER
842 if ( SLAP_MR_ASSOCIATED( matching_rule,
843 bi->bi_caseIgnoreMatch ) )
844 #endif /* BACKSQL_UPPERCASE_FILTER */
849 if ( SLAP_MR_ASSOCIATED( matching_rule,
850 bi->bi_telephoneNumberMatch ) )
856 * to check for matching telephone numbers
857 * with intermized chars, e.g. val='1234'
860 * val LIKE '%1%2%3%4%'
863 bv.bv_len = 2 * filter_value->bv_len - 1;
864 bv.bv_val = ch_malloc( bv.bv_len + 1 );
866 bv.bv_val[ 0 ] = filter_value->bv_val[ 0 ];
867 for ( i = 1; i < filter_value->bv_len; i++ ) {
868 bv.bv_val[ 2 * i - 1 ] = '%';
869 bv.bv_val[ 2 * i ] = filter_value->bv_val[ i ];
871 bv.bv_val[ 2 * i - 1 ] = '\0';
873 (void)backsql_process_filter_like( bsi, at, casefold, &bv );
874 ch_free( bv.bv_val );
879 /* NOTE: this is required by objectClass inheritance
880 * and auxiliary objectClass use in filters for slightly
881 * more efficient candidate selection. */
882 /* FIXME: a bit too many specializations to deal with
883 * very specific cases... */
884 if ( at->bam_ad == slap_schema.si_ad_objectClass
885 || at->bam_ad == slap_schema.si_ad_structuralObjectClass )
887 backsql_strfcat( &bsi->bsi_flt_where, "lbl",
888 (ber_len_t)STRLENOF( "(ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */ ),
889 "(ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */,
891 (ber_len_t)STRLENOF( /* (' */ "')" ),
897 * maybe we should check type of at->sel_expr here somehow,
898 * to know whether upper_func is applicable, but for now
899 * upper_func stuff is made for Oracle, where UPPER is
900 * safely applicable to NUMBER etc.
902 (void)backsql_process_filter_eq( bsi, at, casefold, filter_value );
906 ordering.bv_val = ">=";
908 /* fall thru to next case */
911 /* always uppercase strings by now */
912 #ifdef BACKSQL_UPPERCASE_FILTER
913 if ( SLAP_MR_ASSOCIATED( at->bam_ad->ad_type->sat_ordering,
914 bi->bi_caseIgnoreMatch ) )
915 #endif /* BACKSQL_UPPERCASE_FILTER */
921 * FIXME: should we uppercase the operands?
923 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
926 backsql_strfcat( &bsi->bsi_flt_where, "cbbc",
932 start = bsi->bsi_flt_where.bb_val.bv_len;
934 backsql_strfcat( &bsi->bsi_flt_where, "bl",
936 (ber_len_t)STRLENOF( /* (' */ "')" ),
939 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
942 backsql_strfcat( &bsi->bsi_flt_where, "cbbcbl",
948 (ber_len_t)STRLENOF( /* (' */ "')" ),
953 case LDAP_FILTER_PRESENT:
954 backsql_strfcat( &bsi->bsi_flt_where, "lbl",
955 (ber_len_t)STRLENOF( "NOT (" /* ) */),
958 (ber_len_t)STRLENOF( /* ( */ " IS NULL)" ),
959 /* ( */ " IS NULL)" );
962 case LDAP_FILTER_SUBSTRINGS:
963 backsql_process_sub_filter( bsi, f, at );
966 case LDAP_FILTER_APPROX:
970 * maybe we should check type of at->sel_expr here somehow,
971 * to know whether upper_func is applicable, but for now
972 * upper_func stuff is made for Oracle, where UPPER is
973 * safely applicable to NUMBER etc.
975 (void)backsql_process_filter_like( bsi, at, 1, &f->f_av_value );
979 /* unhandled filter type; should not happen */
981 backsql_strfcat( &bsi->bsi_flt_where, "l",
982 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
987 Debug( LDAP_DEBUG_TRACE, "<==backsql_process_filter_attr(%s)\n",
988 at->bam_ad->ad_cname.bv_val, 0, 0 );
994 backsql_srch_query( backsql_srch_info *bsi, struct berval *query )
996 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
1000 BER_BVZERO( query );
1002 Debug( LDAP_DEBUG_TRACE, "==>backsql_srch_query()\n", 0, 0, 0 );
1003 BER_BVZERO( &bsi->bsi_sel.bb_val );
1004 BER_BVZERO( &bsi->bsi_sel.bb_val );
1005 bsi->bsi_sel.bb_len = 0;
1006 BER_BVZERO( &bsi->bsi_from.bb_val );
1007 bsi->bsi_from.bb_len = 0;
1008 BER_BVZERO( &bsi->bsi_join_where.bb_val );
1009 bsi->bsi_join_where.bb_len = 0;
1010 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
1011 bsi->bsi_flt_where.bb_len = 0;
1013 backsql_strfcat( &bsi->bsi_sel, "lbcbc",
1014 (ber_len_t)STRLENOF( "SELECT DISTINCT ldap_entries.id," ),
1015 "SELECT DISTINCT ldap_entries.id,",
1016 &bsi->bsi_oc->bom_keytbl,
1018 &bsi->bsi_oc->bom_keycol,
1021 if ( !BER_BVISNULL( &bi->strcast_func ) ) {
1022 backsql_strfcat( &bsi->bsi_sel, "blbl",
1024 (ber_len_t)STRLENOF( "('" /* ') */ ),
1026 &bsi->bsi_oc->bom_oc->soc_cname,
1027 (ber_len_t)STRLENOF( /* (' */ "')" ),
1030 backsql_strfcat( &bsi->bsi_sel, "cbc",
1032 &bsi->bsi_oc->bom_oc->soc_cname,
1035 #ifdef BACKSQL_ALIASING_QUOTE
1036 backsql_strfcat( &bsi->bsi_sel, "lclcl",
1037 (ber_len_t)STRLENOF( " " BACKSQL_ALIASING ),
1038 " " BACKSQL_ALIASING,
1039 BACKSQL_ALIASING_QUOTE,
1040 (ber_len_t)STRLENOF( "objectClass" ),
1042 BACKSQL_ALIASING_QUOTE,
1043 (ber_len_t)STRLENOF( ",ldap_entries.dn " BACKSQL_ALIASING "dn" ),
1044 ",ldap_entries.dn " BACKSQL_ALIASING "dn" );
1045 #else /* ! BACKSQL_ALIASING_QUOTE */
1046 backsql_strfcat( &bsi->bsi_sel, "l",
1047 (ber_len_t)STRLENOF( " " BACKSQL_ALIASING "objectClass,ldap_entries.dn " BACKSQL_ALIASING "dn" ),
1048 " " BACKSQL_ALIASING "objectClass,ldap_entries.dn " BACKSQL_ALIASING "dn" );
1049 #endif /* ! BACKSQL_ALIASING_QUOTE */
1051 backsql_strfcat( &bsi->bsi_from, "lb",
1052 (ber_len_t)STRLENOF( " FROM ldap_entries," ),
1053 " FROM ldap_entries,",
1054 &bsi->bsi_oc->bom_keytbl );
1056 backsql_strfcat( &bsi->bsi_join_where, "lbcbl",
1057 (ber_len_t)STRLENOF( " WHERE " ), " WHERE ",
1058 &bsi->bsi_oc->bom_keytbl,
1060 &bsi->bsi_oc->bom_keycol,
1061 (ber_len_t)STRLENOF( "=ldap_entries.keyval AND ldap_entries.oc_map_id=? AND " ),
1062 "=ldap_entries.keyval AND ldap_entries.oc_map_id=? AND " );
1064 switch ( bsi->bsi_scope ) {
1065 case LDAP_SCOPE_BASE:
1066 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1067 backsql_strfcat( &bsi->bsi_join_where, "bl",
1069 (ber_len_t)STRLENOF( "(ldap_entries.dn)=?" ),
1070 "(ldap_entries.dn)=?" );
1072 backsql_strfcat( &bsi->bsi_join_where, "l",
1073 (ber_len_t)STRLENOF( "ldap_entries.dn=?" ),
1074 "ldap_entries.dn=?" );
1078 case BACKSQL_SCOPE_BASE_LIKE:
1079 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1080 backsql_strfcat( &bsi->bsi_join_where, "bl",
1082 (ber_len_t)STRLENOF( "(ldap_entries.dn) LIKE ?" ),
1083 "(ldap_entries.dn) LIKE ?" );
1085 backsql_strfcat( &bsi->bsi_join_where, "l",
1086 (ber_len_t)STRLENOF( "ldap_entries.dn LIKE ?" ),
1087 "ldap_entries.dn LIKE ?" );
1091 case LDAP_SCOPE_ONELEVEL:
1092 backsql_strfcat( &bsi->bsi_join_where, "l",
1093 (ber_len_t)STRLENOF( "ldap_entries.parent=?" ),
1094 "ldap_entries.parent=?" );
1097 case LDAP_SCOPE_SUBTREE:
1098 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1099 backsql_strfcat( &bsi->bsi_join_where, "bl",
1101 (ber_len_t)STRLENOF( "(ldap_entries.dn) LIKE ?" ),
1102 "(ldap_entries.dn) LIKE ?" );
1104 backsql_strfcat( &bsi->bsi_join_where, "l",
1105 (ber_len_t)STRLENOF( "ldap_entries.dn LIKE ?" ),
1106 "ldap_entries.dn LIKE ?" );
1115 rc = backsql_process_filter( bsi, bsi->bsi_filter );
1117 struct berbuf bb = BB_NULL;
1119 backsql_strfcat( &bb, "bbblb",
1120 &bsi->bsi_sel.bb_val,
1121 &bsi->bsi_from.bb_val,
1122 &bsi->bsi_join_where.bb_val,
1123 (ber_len_t)STRLENOF( " AND " ), " AND ",
1124 &bsi->bsi_flt_where.bb_val );
1128 } else if ( rc < 0 ) {
1130 * Indicates that there's no possible way the filter matches
1131 * anything. No need to issue the query
1133 free( query->bv_val );
1134 BER_BVZERO( query );
1137 free( bsi->bsi_sel.bb_val.bv_val );
1138 BER_BVZERO( &bsi->bsi_sel.bb_val );
1139 bsi->bsi_sel.bb_len = 0;
1140 free( bsi->bsi_from.bb_val.bv_val );
1141 BER_BVZERO( &bsi->bsi_from.bb_val );
1142 bsi->bsi_from.bb_len = 0;
1143 free( bsi->bsi_join_where.bb_val.bv_val );
1144 BER_BVZERO( &bsi->bsi_join_where.bb_val );
1145 bsi->bsi_join_where.bb_len = 0;
1146 free( bsi->bsi_flt_where.bb_val.bv_val );
1147 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
1148 bsi->bsi_flt_where.bb_len = 0;
1150 Debug( LDAP_DEBUG_TRACE, "<==backsql_srch_query() returns %s\n",
1151 query->bv_val ? query->bv_val : "NULL", 0, 0 );
1153 return ( rc <= 0 ? 1 : 0 );
1157 backsql_oc_get_candidates( void *v_oc, void *v_bsi )
1159 backsql_oc_map_rec *oc = v_oc;
1160 backsql_srch_info *bsi = v_bsi;
1161 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
1162 struct berval query;
1165 backsql_entryID base_id = BACKSQL_ENTRYID_INIT;
1167 BACKSQL_ROW_NTS row;
1170 int n_candidates = bsi->bsi_n_candidates;
1173 * + 1 because we need room for '%'; this makes a subtree
1174 * search for a DN BACKSQL_MAX_DN_LEN long legal
1175 * if it returns that DN only
1177 char temp_base_dn[ BACKSQL_MAX_DN_LEN + 1 + 1 ];
1179 bsi->bsi_status = LDAP_SUCCESS;
1181 Debug( LDAP_DEBUG_TRACE, "==>backsql_oc_get_candidates(): oc=\"%s\"\n",
1182 BACKSQL_OC_NAME( oc ), 0, 0 );
1184 if ( bsi->bsi_n_candidates == -1 ) {
1185 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1186 "unchecked limit has been overcome\n", 0, 0, 0 );
1187 /* should never get here */
1189 bsi->bsi_status = LDAP_ADMINLIMIT_EXCEEDED;
1190 return BACKSQL_AVL_STOP;
1194 res = backsql_srch_query( bsi, &query );
1196 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1197 "error while constructing query for objectclass \"%s\"\n",
1198 oc->bom_oc->soc_cname.bv_val, 0, 0 );
1200 * FIXME: need to separate errors from legally
1201 * impossible filters
1203 switch ( bsi->bsi_status ) {
1205 case LDAP_UNDEFINED_TYPE:
1206 case LDAP_NO_SUCH_OBJECT:
1207 /* we are conservative... */
1209 bsi->bsi_status = LDAP_SUCCESS;
1211 return BACKSQL_AVL_CONTINUE;
1213 case LDAP_ADMINLIMIT_EXCEEDED:
1215 /* don't try any more */
1216 return BACKSQL_AVL_STOP;
1220 if ( BER_BVISNULL( &query ) ) {
1221 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1222 "could not construct query for objectclass \"%s\"\n",
1223 oc->bom_oc->soc_cname.bv_val, 0, 0 );
1224 bsi->bsi_status = LDAP_SUCCESS;
1225 return BACKSQL_AVL_CONTINUE;
1228 Debug( LDAP_DEBUG_TRACE, "Constructed query: %s\n",
1229 query.bv_val, 0, 0 );
1231 rc = backsql_Prepare( bsi->bsi_dbh, &sth, query.bv_val, 0 );
1232 free( query.bv_val );
1233 BER_BVZERO( &query );
1234 if ( rc != SQL_SUCCESS ) {
1235 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1236 "error preparing query\n", 0, 0, 0 );
1237 backsql_PrintErrors( bi->db_env, bsi->bsi_dbh, sth, rc );
1238 bsi->bsi_status = LDAP_OTHER;
1239 return BACKSQL_AVL_CONTINUE;
1242 Debug( LDAP_DEBUG_TRACE, "id: '%ld'\n", bsi->bsi_oc->bom_id, 0, 0 );
1244 rc = backsql_BindParamInt( sth, 1, SQL_PARAM_INPUT,
1245 &bsi->bsi_oc->bom_id );
1246 if ( rc != SQL_SUCCESS ) {
1247 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1248 "error binding objectclass id parameter\n", 0, 0, 0 );
1249 bsi->bsi_status = LDAP_OTHER;
1250 return BACKSQL_AVL_CONTINUE;
1253 switch ( bsi->bsi_scope ) {
1254 case LDAP_SCOPE_BASE:
1255 case BACKSQL_SCOPE_BASE_LIKE:
1257 * We do not accept DNs longer than BACKSQL_MAX_DN_LEN;
1258 * however this should be handled earlier
1260 if ( bsi->bsi_base_dn->bv_len > BACKSQL_MAX_DN_LEN ) {
1261 bsi->bsi_status = LDAP_OTHER;
1262 return BACKSQL_AVL_CONTINUE;
1265 AC_MEMCPY( temp_base_dn, bsi->bsi_base_dn->bv_val,
1266 bsi->bsi_base_dn->bv_len + 1 );
1268 /* uppercase DN only if the stored DN can be uppercased
1270 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1271 ldap_pvt_str2upper( temp_base_dn );
1274 Debug( LDAP_DEBUG_TRACE, "(base)dn: \"%s\"\n",
1275 temp_base_dn, 0, 0 );
1277 rc = backsql_BindParamStr( sth, 2, SQL_PARAM_INPUT,
1278 temp_base_dn, BACKSQL_MAX_DN_LEN );
1279 if ( rc != SQL_SUCCESS ) {
1280 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1281 "error binding base_dn parameter\n", 0, 0, 0 );
1282 backsql_PrintErrors( bi->db_env, bsi->bsi_dbh,
1284 bsi->bsi_status = LDAP_OTHER;
1285 return BACKSQL_AVL_CONTINUE;
1289 case LDAP_SCOPE_SUBTREE: {
1291 * We do not accept DNs longer than BACKSQL_MAX_DN_LEN;
1292 * however this should be handled earlier
1294 if ( bsi->bsi_base_dn->bv_len > BACKSQL_MAX_DN_LEN ) {
1295 bsi->bsi_status = LDAP_OTHER;
1296 return BACKSQL_AVL_CONTINUE;
1300 * Sets the parameters for the SQL built earlier
1301 * NOTE that all the databases could actually use
1302 * the TimesTen version, which would be cleaner
1303 * and would also eliminate the need for the
1304 * subtree_cond line in the configuration file.
1305 * For now, I'm leaving it the way it is,
1306 * so non-TimesTen databases use the original code.
1307 * But at some point this should get cleaned up.
1309 * If "dn" is being used, do a suffix search.
1310 * If "dn_ru" is being used, do a prefix search.
1312 if ( BACKSQL_HAS_LDAPINFO_DN_RU( bi ) ) {
1313 temp_base_dn[ 0 ] = '\0';
1314 for ( i = 0, j = bsi->bsi_base_dn->bv_len - 1;
1316 temp_base_dn[ i ] = bsi->bsi_base_dn->bv_val[ j ];
1318 temp_base_dn[ i ] = '%';
1319 temp_base_dn[ i + 1 ] = '\0';
1322 temp_base_dn[ 0 ] = '%';
1323 AC_MEMCPY( &temp_base_dn[ 1 ], bsi->bsi_base_dn->bv_val,
1324 bsi->bsi_base_dn->bv_len + 1 );
1327 /* uppercase DN only if the stored DN can be uppercased
1329 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1330 ldap_pvt_str2upper( temp_base_dn );
1333 Debug( LDAP_DEBUG_TRACE, "(sub)dn: \"%s\"\n", temp_base_dn,
1336 rc = backsql_BindParamStr( sth, 2, SQL_PARAM_INPUT,
1337 temp_base_dn, BACKSQL_MAX_DN_LEN );
1338 if ( rc != SQL_SUCCESS ) {
1339 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1340 "error binding base_dn parameter (2)\n",
1342 backsql_PrintErrors( bi->db_env, bsi->bsi_dbh,
1344 bsi->bsi_status = LDAP_OTHER;
1345 return BACKSQL_AVL_CONTINUE;
1350 case LDAP_SCOPE_ONELEVEL:
1351 res = backsql_dn2id( bi, &base_id,
1352 bsi->bsi_dbh, bsi->bsi_base_dn );
1353 if ( res != LDAP_SUCCESS ) {
1354 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1355 "could not retrieve base_dn id%s\n",
1356 res == LDAP_NO_SUCH_OBJECT ? ": no such entry"
1358 bsi->bsi_status = res;
1359 return BACKSQL_AVL_CONTINUE;
1362 #ifdef BACKSQL_ARBITRARY_KEY
1363 Debug( LDAP_DEBUG_TRACE, "(one)id: \"%s\"\n",
1364 base_id.eid_id.bv_val, 0, 0 );
1365 #else /* ! BACKSQL_ARBITRARY_KEY */
1366 Debug( LDAP_DEBUG_TRACE, "(one)id: '%lu'\n", base_id.eid_id,
1368 #endif /* ! BACKSQL_ARBITRARY_KEY */
1369 rc = backsql_BindParamID( sth, 2, SQL_PARAM_INPUT,
1371 backsql_free_entryID( &base_id, 0 );
1372 if ( rc != SQL_SUCCESS ) {
1373 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1374 "error binding base id parameter\n", 0, 0, 0 );
1375 bsi->bsi_status = LDAP_OTHER;
1376 return BACKSQL_AVL_CONTINUE;
1381 rc = SQLExecute( sth );
1382 if ( !BACKSQL_SUCCESS( rc ) ) {
1383 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1384 "error executing query\n", 0, 0, 0 );
1385 backsql_PrintErrors( bi->db_env, bsi->bsi_dbh, sth, rc );
1386 SQLFreeStmt( sth, SQL_DROP );
1387 bsi->bsi_status = LDAP_OTHER;
1388 return BACKSQL_AVL_CONTINUE;
1391 backsql_BindRowAsStrings( sth, &row );
1392 rc = SQLFetch( sth );
1393 for ( ; BACKSQL_SUCCESS( rc ); rc = SQLFetch( sth ) ) {
1395 backsql_entryID *c_id = NULL;
1397 ber_str2bv( row.cols[ 3 ], 0, 0, &dn );
1399 if ( backsql_api_odbc2dn( bsi->bsi_op, bsi->bsi_rs, &dn ) ) {
1403 c_id = (backsql_entryID *)ch_calloc( 1,
1404 sizeof( backsql_entryID ) );
1405 #ifdef BACKSQL_ARBITRARY_KEY
1406 ber_str2bv( row.cols[ 0 ], 0, 1, &c_id->eid_id );
1407 ber_str2bv( row.cols[ 1 ], 0, 1, &c_id->eid_keyval );
1408 #else /* ! BACKSQL_ARBITRARY_KEY */
1409 c_id->eid_id = strtol( row.cols[ 0 ], NULL, 0 );
1410 c_id->eid_keyval = strtol( row.cols[ 1 ], NULL, 0 );
1411 #endif /* ! BACKSQL_ARBITRARY_KEY */
1412 c_id->eid_oc_id = bsi->bsi_oc->bom_id;
1414 if ( dn.bv_val == row.cols[ 3 ] ) {
1415 ber_dupbv( &c_id->eid_dn, &dn );
1420 /* append at end of list ... */
1421 c_id->eid_next = NULL;
1422 *bsi->bsi_id_listtail = c_id;
1423 bsi->bsi_id_listtail = &c_id->eid_next;
1425 #ifdef BACKSQL_ARBITRARY_KEY
1426 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1427 "added entry id=%s, keyval=%s dn=\"%s\"\n",
1428 c_id->eid_id.bv_val, c_id->eid_keyval.bv_val,
1430 #else /* ! BACKSQL_ARBITRARY_KEY */
1431 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1432 "added entry id=%ld, keyval=%ld dn=\"%s\"\n",
1433 c_id->eid_id, c_id->eid_keyval, row.cols[ 3 ] );
1434 #endif /* ! BACKSQL_ARBITRARY_KEY */
1436 /* count candidates, for unchecked limit */
1437 bsi->bsi_n_candidates--;
1438 if ( bsi->bsi_n_candidates == -1 ) {
1442 backsql_FreeRow( &row );
1443 SQLFreeStmt( sth, SQL_DROP );
1445 Debug( LDAP_DEBUG_TRACE, "<==backsql_oc_get_candidates(): %d\n",
1446 n_candidates - bsi->bsi_n_candidates, 0, 0 );
1448 return ( bsi->bsi_n_candidates == -1 ? BACKSQL_AVL_STOP : BACKSQL_AVL_CONTINUE );
1452 backsql_search( Operation *op, SlapReply *rs )
1454 backsql_info *bi = (backsql_info *)op->o_bd->be_private;
1457 Entry user_entry = { 0 };
1459 time_t stoptime = 0;
1460 backsql_srch_info srch_info;
1461 backsql_entryID *eid = NULL;
1464 manageDSAit = get_manageDSAit( op );
1466 Debug( LDAP_DEBUG_TRACE, "==>backsql_search(): "
1467 "base=\"%s\", filter=\"%s\", scope=%d,",
1468 op->o_req_ndn.bv_val,
1469 op->ors_filterstr.bv_val,
1471 Debug( LDAP_DEBUG_TRACE, " deref=%d, attrsonly=%d, "
1472 "attributes to load: %s\n",
1475 op->ors_attrs == NULL ? "all" : "custom list" );
1477 if ( op->o_req_ndn.bv_len > BACKSQL_MAX_DN_LEN ) {
1478 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1479 "search base length (%ld) exceeds max length (%d)\n",
1480 op->o_req_ndn.bv_len, BACKSQL_MAX_DN_LEN, 0 );
1482 * FIXME: a LDAP_NO_SUCH_OBJECT could be appropriate
1483 * since it is impossible that such a long DN exists
1486 rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
1487 send_ldap_result( op, rs );
1491 sres = backsql_get_db_conn( op, &dbh );
1492 if ( sres != LDAP_SUCCESS ) {
1493 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1494 "could not get connection handle - exiting\n",
1497 rs->sr_text = sres == LDAP_OTHER ? "SQL-backend error" : NULL;
1498 send_ldap_result( op, rs );
1502 /* compute it anyway; root does not use it */
1503 stoptime = op->o_time + op->ors_tlimit;
1505 base = op->o_req_dn;
1506 if ( backsql_api_dn2odbc( op, rs, &base ) ) {
1507 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1508 "backsql_api_dn2odbc failed\n",
1510 rs->sr_err = LDAP_OTHER;
1511 rs->sr_text = "SQL-backend error";
1512 send_ldap_result( op, rs );
1516 backsql_init_search( &srch_info, &base,
1518 op->ors_slimit, op->ors_tlimit,
1519 stoptime, op->ors_filter,
1520 dbh, op, rs, op->ors_attrs );
1523 * for each objectclass we try to construct query which gets IDs
1524 * of entries matching LDAP query filter and scope (or at least
1525 * candidates), and get the IDs
1527 srch_info.bsi_n_candidates =
1528 ( op->ors_limit == NULL /* isroot == FALSE */ ? -2 :
1529 ( op->ors_limit->lms_s_unchecked == -1 ? -2 :
1530 ( op->ors_limit->lms_s_unchecked ) ) );
1531 avl_apply( bi->oc_by_oc, backsql_oc_get_candidates,
1532 &srch_info, BACKSQL_AVL_STOP, AVL_INORDER );
1533 if ( op->ors_limit != NULL /* isroot == TRUE */
1534 && op->ors_limit->lms_s_unchecked != -1
1535 && srch_info.bsi_n_candidates == -1 )
1537 rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
1538 send_ldap_result( op, rs );
1543 * now we load candidate entries (only those attributes
1544 * mentioned in attrs and filter), test it against full filter
1545 * and then send to client
1547 for ( eid = srch_info.bsi_id_list;
1549 eid = backsql_free_entryID( eid, 1 ) )
1552 Attribute *hasSubordinate = NULL,
1555 /* check for abandon */
1556 if ( op->o_abandon ) {
1560 /* check time limit */
1561 if ( op->ors_tlimit != SLAP_NO_LIMIT
1562 && slap_get_time() > stoptime )
1564 rs->sr_err = LDAP_TIMELIMIT_EXCEEDED;
1565 rs->sr_ctrls = NULL;
1566 rs->sr_ref = rs->sr_v2ref;
1567 rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS
1569 send_ldap_result( op, rs );
1573 #ifdef BACKSQL_ARBITRARY_KEY
1574 Debug(LDAP_DEBUG_TRACE, "backsql_search(): loading data "
1575 "for entry id=%s, oc_id=%ld, keyval=%s\n",
1576 eid->eid_id.bv_val, eid->eid_oc_id,
1577 eid->eid_keyval.bv_val );
1578 #else /* ! BACKSQL_ARBITRARY_KEY */
1579 Debug(LDAP_DEBUG_TRACE, "backsql_search(): loading data "
1580 "for entry id=%ld, oc_id=%ld, keyval=%ld\n",
1581 eid->eid_id, eid->eid_oc_id, eid->eid_keyval );
1582 #endif /* ! BACKSQL_ARBITRARY_KEY */
1584 srch_info.bsi_e = &user_entry;
1585 rc = backsql_id2entry( &srch_info, eid );
1586 if ( rc != LDAP_SUCCESS ) {
1587 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1588 "error %d in backsql_id2entry() "
1589 "- skipping\n", rc, 0, 0 );
1594 switch ( op->ors_scope ) {
1595 case LDAP_SCOPE_BASE:
1596 case BACKSQL_SCOPE_BASE_LIKE:
1597 if ( !bvmatch( &user_entry.e_nname, &op->o_req_ndn ) ) {
1602 case LDAP_SCOPE_ONE:
1604 struct berval rdn = user_entry.e_nname;
1605 rdn.bv_len -= op->o_req_ndn.bv_len + STRLENOF( "," );
1606 if ( !dnIsOneLevelRDN( &rdn ) ) {
1612 case LDAP_SCOPE_SUBTREE:
1613 if ( !dnIsSuffix( &user_entry.e_nname, &op->o_req_ndn ) ) {
1619 if ( !manageDSAit &&
1620 op->ors_scope != LDAP_SCOPE_BASE &&
1621 op->ors_scope != BACKSQL_SCOPE_BASE_LIKE &&
1622 is_entry_referral( &user_entry ) )
1625 struct berval matched_dn;
1627 ber_dupbv( &matched_dn, &user_entry.e_name );
1628 refs = get_entry_referrals( op, &user_entry );
1630 backsql_srch_info srch_info2 = { 0 };
1631 Entry user_entry2 = { 0 };
1633 /* retry with the full entry... */
1634 backsql_init_search( &srch_info2,
1638 dbh, op, rs, NULL );
1639 srch_info2.bsi_e = &user_entry2;
1640 rc = backsql_id2entry( &srch_info2, eid );
1641 if ( rc == LDAP_SUCCESS ) {
1642 if ( is_entry_referral( &user_entry2 ) )
1644 refs = get_entry_referrals( op,
1646 } /* else: FIXME: inconsistency! */
1647 entry_clean( &user_entry2 );
1652 rs->sr_ref = referral_rewrite( refs,
1653 &matched_dn, &op->o_req_dn,
1655 ber_bvarray_free( refs );
1658 if ( !rs->sr_ref ) {
1659 rs->sr_text = "bad_referral object";
1662 rs->sr_err = LDAP_REFERRAL;
1663 rs->sr_matched = matched_dn.bv_val;
1664 send_search_reference( op, rs );
1666 ber_bvarray_free( rs->sr_ref );
1668 ber_memfree( matched_dn.bv_val );
1669 rs->sr_matched = NULL;
1675 * We use this flag since we need to parse the filter
1676 * anyway; we should have used the frontend API function
1677 * filter_has_subordinates()
1679 if ( srch_info.bsi_flags & BSQL_SF_FILTER_HASSUBORDINATE ) {
1680 rc = backsql_has_children( bi, dbh, &user_entry.e_nname );
1683 case LDAP_COMPARE_TRUE:
1684 case LDAP_COMPARE_FALSE:
1685 hasSubordinate = slap_operational_hasSubordinate( rc == LDAP_COMPARE_TRUE );
1686 if ( hasSubordinate != NULL ) {
1687 for ( a = user_entry.e_attrs;
1691 a->a_next = hasSubordinate;
1697 Debug(LDAP_DEBUG_TRACE,
1698 "backsql_search(): "
1699 "has_children failed( %d)\n",
1706 if ( test_filter( op, &user_entry, op->ors_filter )
1707 == LDAP_COMPARE_TRUE ) {
1708 if ( hasSubordinate && !( srch_info.bsi_flags & BSQL_SF_ALL_OPER )
1709 && !ad_inlist( slap_schema.si_ad_hasSubordinates, op->ors_attrs ) ) {
1711 attr_free( hasSubordinate );
1712 hasSubordinate = NULL;
1715 rs->sr_attrs = op->ors_attrs;
1716 rs->sr_operational_attrs = NULL;
1717 rs->sr_entry = &user_entry;
1718 rs->sr_flags = REP_ENTRY_MODIFIABLE;
1719 sres = send_search_entry( op, rs );
1720 rs->sr_entry = NULL;
1721 rs->sr_attrs = NULL;
1722 rs->sr_operational_attrs = NULL;
1730 * FIXME: send_search_entry failed;
1734 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1735 "connection lost\n", 0, 0, 0 );
1741 entry_clean( &user_entry );
1743 if ( op->ors_slimit != SLAP_NO_LIMIT
1744 && rs->sr_nentries >= op->ors_slimit )
1746 rs->sr_err = LDAP_SIZELIMIT_EXCEEDED;
1747 send_ldap_result( op, rs );
1753 /* in case we got here accidentally */
1754 entry_clean( &user_entry );
1756 if ( rs->sr_nentries > 0 ) {
1757 rs->sr_ref = rs->sr_v2ref;
1758 rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS
1762 rs->sr_err = srch_info.bsi_status;
1764 send_ldap_result( op, rs );
1766 if ( rs->sr_v2ref ) {
1767 ber_bvarray_free( rs->sr_v2ref );
1768 rs->sr_v2ref = NULL;
1772 ch_free( srch_info.bsi_attrs );
1773 if ( base.bv_val != op->o_req_ndn.bv_val ) {
1774 ch_free( base.bv_val );
1777 Debug( LDAP_DEBUG_TRACE, "<==backsql_search()\n", 0, 0, 0 );
1781 #endif /* SLAPD_SQL */