2 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
4 * Copyright 1999-2004 The OpenLDAP Foundation.
5 * Portions Copyright 1999 Dmitry Kovalev.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted only as authorized by the OpenLDAP
12 * A copy of this license is available in the file LICENSE in the
13 * top-level directory of the distribution or, alternatively, at
14 * <http://www.OpenLDAP.org/license.html>.
17 * This work was initially developed by Dmitry Kovalev for inclusion
18 * by OpenLDAP Software.
26 #include <sys/types.h>
27 #include "ac/string.h"
31 #include "proto-sql.h"
33 static int backsql_process_filter( backsql_srch_info *bsi, Filter *f );
34 static int backsql_process_filter_eq( backsql_srch_info *bsi,
35 backsql_at_map_rec *at,
36 int casefold, struct berval *filter_value );
37 static int backsql_process_filter_like( backsql_srch_info *bsi,
38 backsql_at_map_rec *at,
39 int casefold, struct berval *filter_value );
40 static int backsql_process_filter_attr( backsql_srch_info *bsi, Filter *f,
41 backsql_at_map_rec *at );
44 backsql_attrlist_add( backsql_srch_info *bsi, AttributeDescription *ad )
47 AttributeName *an = NULL;
49 if ( bsi->bsi_attrs == NULL ) {
54 * clear the list (retrieve all attrs)
57 ch_free( bsi->bsi_attrs );
58 bsi->bsi_attrs = NULL;
62 for ( ; !BER_BVISNULL( &bsi->bsi_attrs[ n_attrs ].an_name ); n_attrs++ ) {
63 an = &bsi->bsi_attrs[ n_attrs ];
65 Debug( LDAP_DEBUG_TRACE, "==>backsql_attrlist_add(): "
66 "attribute \"%s\" is in list\n",
67 an->an_name.bv_val, 0, 0 );
69 * We can live with strcmp because the attribute
70 * list has been normalized before calling be_search
72 if ( !BACKSQL_NCMP( &an->an_name, &ad->ad_cname ) ) {
77 Debug( LDAP_DEBUG_TRACE, "==>backsql_attrlist_add(): "
78 "adding \"%s\" to list\n", ad->ad_cname.bv_val, 0, 0 );
80 an = (AttributeName *)ch_realloc( bsi->bsi_attrs,
81 sizeof( AttributeName ) * ( n_attrs + 2 ) );
86 an[ n_attrs ].an_name = ad->ad_cname;
87 an[ n_attrs ].an_desc = ad;
88 BER_BVZERO( &an[ n_attrs + 1 ].an_name );
96 * Initializes the search structure.
98 * If get_base_id != 0, the field bsi_base_id is filled
99 * with the entryID of bsi_base_dn; it must be freed
100 * by backsql_free_entryID() when no longer required.
104 backsql_srch_info *bsi,
114 AttributeName *attrs,
118 int rc = LDAP_SUCCESS;
120 bsi->bsi_base_dn = base;
121 BER_BVZERO( &bsi->bsi_base_id.eid_dn );
122 bsi->bsi_scope = scope;
123 bsi->bsi_slimit = slimit;
124 bsi->bsi_tlimit = tlimit;
125 bsi->bsi_filter = filter;
134 if ( attrs == NULL || an_find( attrs, &AllUser ) ) {
135 bsi->bsi_attrs = NULL;
140 bsi->bsi_attrs = (AttributeName *)ch_calloc( 1,
141 sizeof( AttributeName ) );
142 BER_BVZERO( &bsi->bsi_attrs[ 0 ].an_name );
144 for ( p = attrs; !BER_BVISNULL( &p->an_name ); p++ ) {
146 * ignore "1.1"; handle "+"
148 if ( BACKSQL_NCMP( &p->an_name, &AllOper ) == 0 ) {
149 bsi->bsi_flags |= BSQL_SF_ALL_OPER;
152 } else if ( BACKSQL_NCMP( &p->an_name, &NoAttrs ) == 0 ) {
155 } else if ( p->an_desc == slap_schema.si_ad_objectClass ) {
159 backsql_attrlist_add( bsi, p->an_desc );
163 /* add objectClass if not present,
164 * because it is required to understand
165 * if an entry is a referral, an alias
167 backsql_attrlist_add( bsi, slap_schema.si_ad_objectClass );
171 bsi->bsi_abandon = 0;
172 bsi->bsi_id_list = NULL;
173 bsi->bsi_id_listtail = &bsi->bsi_id_list;
174 bsi->bsi_n_candidates = 0;
175 bsi->bsi_stoptime = stoptime;
176 BER_BVZERO( &bsi->bsi_sel.bb_val );
177 bsi->bsi_sel.bb_len = 0;
178 BER_BVZERO( &bsi->bsi_from.bb_val );
179 bsi->bsi_from.bb_len = 0;
180 BER_BVZERO( &bsi->bsi_join_where.bb_val );
181 bsi->bsi_join_where.bb_len = 0;
182 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
183 bsi->bsi_flt_where.bb_len = 0;
184 bsi->bsi_filter_oc = NULL;
187 assert( op->o_bd->be_private );
189 rc = backsql_dn2id( (backsql_info *)op->o_bd->be_private,
190 &bsi->bsi_base_id, dbh, base );
193 return ( bsi->bsi_status = rc );
197 backsql_process_filter_list( backsql_srch_info *bsi, Filter *f, int op )
205 backsql_strfcat( &bsi->bsi_flt_where, "c", '(' /* ) */ );
208 res = backsql_process_filter( bsi, f );
211 * TimesTen : If the query has no answers,
212 * don't bother to run the query.
223 case LDAP_FILTER_AND:
224 backsql_strfcat( &bsi->bsi_flt_where, "l",
225 (ber_len_t)STRLENOF( " AND " ),
230 backsql_strfcat( &bsi->bsi_flt_where, "l",
231 (ber_len_t)STRLENOF( " OR " ),
237 backsql_strfcat( &bsi->bsi_flt_where, "c", /* ( */ ')' );
243 backsql_process_sub_filter( backsql_srch_info *bsi, Filter *f,
244 backsql_at_map_rec *at )
246 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
254 /* always uppercase strings by now */
255 #ifdef BACKSQL_UPPERCASE_FILTER
256 if ( SLAP_MR_ASSOCIATED( f->f_sub_desc->ad_type->sat_substr,
257 bi->sql_caseIgnoreMatch ) )
258 #endif /* BACKSQL_UPPERCASE_FILTER */
263 if ( SLAP_MR_ASSOCIATED( f->f_sub_desc->ad_type->sat_substr,
264 bi->sql_telephoneNumberMatch ) )
271 * to check for matching telephone numbers
272 * with intermixed chars, e.g. val='1234'
275 * val LIKE '%1%2%3%4%'
279 if ( f->f_sub_initial.bv_val ) {
280 bv.bv_len += f->f_sub_initial.bv_len;
282 if ( f->f_sub_any != NULL ) {
283 for ( a = 0; f->f_sub_any[ a ].bv_val != NULL; a++ ) {
284 bv.bv_len += f->f_sub_any[ a ].bv_len;
287 if ( f->f_sub_final.bv_val ) {
288 bv.bv_len += f->f_sub_final.bv_len;
290 bv.bv_len = 2 * bv.bv_len - 1;
291 bv.bv_val = ch_malloc( bv.bv_len + 1 );
294 if ( !BER_BVISNULL( &f->f_sub_initial ) ) {
295 bv.bv_val[ s ] = f->f_sub_initial.bv_val[ 0 ];
296 for ( i = 1; i < f->f_sub_initial.bv_len; i++ ) {
297 bv.bv_val[ s + 2 * i - 1 ] = '%';
298 bv.bv_val[ s + 2 * i ] = f->f_sub_initial.bv_val[ i ];
300 bv.bv_val[ s + 2 * i - 1 ] = '%';
304 if ( f->f_sub_any != NULL ) {
305 for ( a = 0; !BER_BVISNULL( &f->f_sub_any[ a ] ); a++ ) {
306 bv.bv_val[ s ] = f->f_sub_any[ a ].bv_val[ 0 ];
307 for ( i = 1; i < f->f_sub_any[ a ].bv_len; i++ ) {
308 bv.bv_val[ s + 2 * i - 1 ] = '%';
309 bv.bv_val[ s + 2 * i ] = f->f_sub_any[ a ].bv_val[ i ];
311 bv.bv_val[ s + 2 * i - 1 ] = '%';
316 if ( !BER_BVISNULL( &f->f_sub_final ) ) {
317 bv.bv_val[ s ] = f->f_sub_final.bv_val[ 0 ];
318 for ( i = 1; i < f->f_sub_final.bv_len; i++ ) {
319 bv.bv_val[ s + 2 * i - 1 ] = '%';
320 bv.bv_val[ s + 2 * i ] = f->f_sub_final.bv_val[ i ];
322 bv.bv_val[ s + 2 * i - 1 ] = '%';
326 bv.bv_val[ s - 1 ] = '\0';
328 (void)backsql_process_filter_like( bsi, at, casefold, &bv );
329 ch_free( bv.bv_val );
335 * When dealing with case-sensitive strings
336 * we may omit normalization; however, normalized
337 * SQL filters are more liberal.
340 backsql_strfcat( &bsi->bsi_flt_where, "c", '(' /* ) */ );
343 Debug( LDAP_DEBUG_TRACE, "backsql_process_sub_filter(%s):\n",
344 at->bam_ad->ad_cname.bv_val, 0, 0 );
345 Debug(LDAP_DEBUG_TRACE, " expr: '%s%s%s'\n", at->bam_sel_expr.bv_val,
346 at->bam_sel_expr_u.bv_val ? "' '" : "",
347 at->bam_sel_expr_u.bv_val ? at->bam_sel_expr_u.bv_val : "" );
348 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
350 * If a pre-upper-cased version of the column
351 * or a precompiled upper function exists, use it
353 backsql_strfcat( &bsi->bsi_flt_where,
356 (ber_len_t)STRLENOF( " LIKE '" ),
360 backsql_strfcat( &bsi->bsi_flt_where, "bl",
362 (ber_len_t)STRLENOF( " LIKE '" ), " LIKE '" );
365 if ( !BER_BVISNULL( &f->f_sub_initial ) ) {
369 Debug( LDAP_DEBUG_TRACE,
370 "==>backsql_process_sub_filter(%s): "
371 "sub_initial=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
372 f->f_sub_initial.bv_val, 0 );
373 #endif /* BACKSQL_TRACE */
375 start = bsi->bsi_flt_where.bb_val.bv_len;
376 backsql_strfcat( &bsi->bsi_flt_where, "b",
378 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
379 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
383 backsql_strfcat( &bsi->bsi_flt_where, "c", '%' );
385 if ( f->f_sub_any != NULL ) {
386 for ( i = 0; !BER_BVISNULL( &f->f_sub_any[ i ] ); i++ ) {
390 Debug( LDAP_DEBUG_TRACE,
391 "==>backsql_process_sub_filter(%s): "
392 "sub_any[%d]=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
393 i, f->f_sub_any[ i ].bv_val );
394 #endif /* BACKSQL_TRACE */
396 start = bsi->bsi_flt_where.bb_val.bv_len;
397 backsql_strfcat( &bsi->bsi_flt_where,
401 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
403 * Note: toupper('%') = '%'
405 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
410 if ( !BER_BVISNULL( &f->f_sub_final ) ) {
414 Debug( LDAP_DEBUG_TRACE,
415 "==>backsql_process_sub_filter(%s): "
416 "sub_final=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
417 f->f_sub_final.bv_val, 0 );
418 #endif /* BACKSQL_TRACE */
420 start = bsi->bsi_flt_where.bb_val.bv_len;
421 backsql_strfcat( &bsi->bsi_flt_where, "b",
423 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
424 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
428 backsql_strfcat( &bsi->bsi_flt_where, "l",
429 (ber_len_t)STRLENOF( /* (' */ "')" ), /* (' */ "')" );
435 backsql_merge_from_tbls( backsql_srch_info *bsi, struct berval *from_tbls )
437 if ( BER_BVISNULL( from_tbls ) ) {
441 if ( !BER_BVISNULL( &bsi->bsi_from.bb_val ) ) {
442 char *start, *end, *tmp;
444 tmp = ch_strdup( from_tbls->bv_val );
446 for ( start = tmp, end = strchr( start, ',' ); start; ) {
451 if ( strstr( bsi->bsi_from.bb_val.bv_val, start) == NULL )
453 backsql_strfcat( &bsi->bsi_from, "cs", ',', start );
457 /* in case there are spaces after the comma... */
458 for ( start = &end[1]; isspace( start[0] ); start++ );
460 end = strchr( start, ',' );
472 backsql_strfcat( &bsi->bsi_from, "b", from_tbls );
479 backsql_process_filter( backsql_srch_info *bsi, Filter *f )
481 backsql_at_map_rec **vat = NULL;
482 AttributeDescription *ad = NULL;
487 Debug( LDAP_DEBUG_TRACE, "==>backsql_process_filter()\n", 0, 0, 0 );
488 if ( f->f_choice == SLAPD_FILTER_COMPUTED ) {
489 Debug( LDAP_DEBUG_TRACE, "backsql_process_filter(): "
490 "invalid filter\n", 0, 0, 0 );
495 switch( f->f_choice ) {
497 rc = backsql_process_filter_list( bsi, f->f_or,
502 case LDAP_FILTER_AND:
503 rc = backsql_process_filter_list( bsi, f->f_and,
508 case LDAP_FILTER_NOT:
509 backsql_strfcat( &bsi->bsi_flt_where, "l",
510 (ber_len_t)STRLENOF( "NOT (" /* ) */ ),
512 rc = backsql_process_filter( bsi, f->f_not );
513 backsql_strfcat( &bsi->bsi_flt_where, "c", /* ( */ ')' );
517 case LDAP_FILTER_PRESENT:
521 case LDAP_FILTER_EXT:
522 ad = f->f_mra->ma_desc;
523 if ( f->f_mr_dnattrs ) {
525 * if dn attrs filtering is requested, better return
526 * success and let test_filter() deal with candidate
527 * selection; otherwise we'd need to set conditions
528 * on the contents of the DN, e.g. "SELECT ... FROM
529 * ldap_entries AS attributeName WHERE attributeName.dn
530 * like '%attributeName=value%'"
532 backsql_strfcat( &bsi->bsi_flt_where, "l",
533 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
534 bsi->bsi_status = LDAP_SUCCESS;
555 * Turn structuralObjectClass into objectClass
557 if ( ad == slap_schema.si_ad_objectClass
558 || ad == slap_schema.si_ad_structuralObjectClass ) {
560 * If the filter is LDAP_FILTER_PRESENT, then it's done;
561 * otherwise, let's see if we are lucky: filtering
562 * for "structural" objectclass or ancestor...
564 switch ( f->f_choice ) {
565 case LDAP_FILTER_EQUALITY:
567 ObjectClass *oc = oc_bvfind( &f->f_av_value );
570 Debug( LDAP_DEBUG_TRACE,
571 "backsql_process_filter(): "
572 "unknown objectClass \"%s\" "
574 f->f_av_value.bv_val, 0, 0 );
575 bsi->bsi_status = LDAP_OTHER;
581 * "structural" objectClass inheritance:
582 * - a search for "person" will also return
584 * - a search for "top" will return everything
586 if ( is_object_subclass( oc, bsi->bsi_oc->bom_oc ) ) {
587 static struct berval ldap_entry_objclasses = BER_BVC( "ldap_entry_objclasses" );
589 backsql_merge_from_tbls( bsi, &ldap_entry_objclasses );
591 backsql_strfcat( &bsi->bsi_flt_where, "lbl",
592 (ber_len_t)STRLENOF( "1=1 OR (ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */ ),
593 "1=1 OR (ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */,
594 &bsi->bsi_oc->bom_oc->soc_cname,
595 (ber_len_t)STRLENOF( /* (' */ "')" ),
597 bsi->bsi_status = LDAP_SUCCESS;
605 case LDAP_FILTER_PRESENT:
606 backsql_strfcat( &bsi->bsi_flt_where, "l",
607 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
608 bsi->bsi_status = LDAP_SUCCESS;
612 /* FIXME: LDAP_FILTER_EXT? */
615 Debug( LDAP_DEBUG_TRACE,
616 "backsql_process_filter(): "
617 "illegal/unhandled filter "
618 "on objectClass attribute",
620 bsi->bsi_status = LDAP_OTHER;
625 } else if ( ad == slap_schema.si_ad_hasSubordinates || ad == NULL ) {
627 * FIXME: this is not robust; e.g. a filter
628 * '(!(hasSubordinates=TRUE))' fails because
629 * in SQL it would read 'NOT (1=1)' instead
631 * Note however that hasSubordinates is boolean,
632 * so a more appropriate filter would be
633 * '(hasSubordinates=FALSE)'
635 * A more robust search for hasSubordinates
636 * would * require joining the ldap_entries table
637 * selecting if there are descendants of the
640 backsql_strfcat( &bsi->bsi_flt_where, "l",
641 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
642 if ( ad == slap_schema.si_ad_hasSubordinates ) {
644 * instruct candidate selection algorithm
645 * and attribute list to try to detect
646 * if an entry has subordinates
648 bsi->bsi_flags |= BSQL_SF_FILTER_HASSUBORDINATE;
652 * clear attributes to fetch, to require ALL
653 * and try extended match on all attributes
655 backsql_attrlist_add( bsi, NULL );
662 * attribute inheritance:
664 if ( backsql_supad2at( bsi->bsi_oc, ad, &vat ) ) {
665 bsi->bsi_status = LDAP_OTHER;
671 /* search anyway; other parts of the filter
673 backsql_strfcat( &bsi->bsi_flt_where, "l",
674 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
675 bsi->bsi_status = LDAP_SUCCESS;
680 /* if required, open extra level of parens */
682 if ( vat[0]->bam_next || vat[1] ) {
683 backsql_strfcat( &bsi->bsi_flt_where, "c", '(' );
690 if ( backsql_process_filter_attr( bsi, f, vat[i] ) == -1 ) {
694 /* if more definitions of the same attr, apply */
695 if ( vat[i]->bam_next ) {
696 backsql_strfcat( &bsi->bsi_flt_where, "l",
697 STRLENOF( " OR " ), " OR " );
698 vat[i] = vat[i]->bam_next;
702 /* if more descendants of the same attr, apply */
705 backsql_strfcat( &bsi->bsi_flt_where, "l",
706 STRLENOF( " OR " ), " OR " );
710 /* if needed, close extra level of parens */
712 backsql_strfcat( &bsi->bsi_flt_where, "c", ')' );
722 Debug( LDAP_DEBUG_TRACE,
723 "<==backsql_process_filter() %s\n",
724 rc == 1 ? "succeeded" : "failed", 0, 0);
730 backsql_process_filter_eq( backsql_srch_info *bsi, backsql_at_map_rec *at,
731 int casefold, struct berval *filter_value )
734 * maybe we should check type of at->sel_expr here somehow,
735 * to know whether upper_func is applicable, but for now
736 * upper_func stuff is made for Oracle, where UPPER is
737 * safely applicable to NUMBER etc.
739 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
742 backsql_strfcat( &bsi->bsi_flt_where, "cbl",
745 (ber_len_t)STRLENOF( "='" ),
748 start = bsi->bsi_flt_where.bb_val.bv_len;
750 backsql_strfcat( &bsi->bsi_flt_where, "bl",
752 (ber_len_t)STRLENOF( /* (' */ "')" ),
755 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
758 backsql_strfcat( &bsi->bsi_flt_where, "cblbl",
761 (ber_len_t)STRLENOF( "='" ), "='",
763 (ber_len_t)STRLENOF( /* (' */ "')" ),
771 backsql_process_filter_like( backsql_srch_info *bsi, backsql_at_map_rec *at,
772 int casefold, struct berval *filter_value )
775 * maybe we should check type of at->sel_expr here somehow,
776 * to know whether upper_func is applicable, but for now
777 * upper_func stuff is made for Oracle, where UPPER is
778 * safely applicable to NUMBER etc.
780 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
783 backsql_strfcat( &bsi->bsi_flt_where, "cbl",
786 (ber_len_t)STRLENOF( " LIKE '%" ),
789 start = bsi->bsi_flt_where.bb_val.bv_len;
791 backsql_strfcat( &bsi->bsi_flt_where, "bl",
793 (ber_len_t)STRLENOF( /* (' */ "%')" ),
796 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
799 backsql_strfcat( &bsi->bsi_flt_where, "cblbl",
802 (ber_len_t)STRLENOF( " LIKE '%" ),
805 (ber_len_t)STRLENOF( /* (' */ "%')" ),
813 backsql_process_filter_attr( backsql_srch_info *bsi, Filter *f, backsql_at_map_rec *at )
815 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
817 struct berval *filter_value = NULL;
818 MatchingRule *matching_rule = NULL;
819 struct berval ordering = BER_BVC("<=");
821 Debug( LDAP_DEBUG_TRACE, "==>backsql_process_filter_attr(%s)\n",
822 at->bam_ad->ad_cname.bv_val, 0, 0 );
825 * need to add this attribute to list of attrs to load,
826 * so that we can do test_filter() later
828 backsql_attrlist_add( bsi, at->bam_ad );
830 backsql_merge_from_tbls( bsi, &at->bam_from_tbls );
832 if ( !BER_BVISNULL( &at->bam_join_where )
833 && strstr( bsi->bsi_join_where.bb_val.bv_val,
834 at->bam_join_where.bv_val ) == NULL )
836 backsql_strfcat( &bsi->bsi_join_where, "lb",
837 (ber_len_t)STRLENOF( " AND " ), " AND ",
838 &at->bam_join_where );
841 switch ( f->f_choice ) {
842 case LDAP_FILTER_EQUALITY:
843 filter_value = &f->f_av_value;
844 matching_rule = at->bam_ad->ad_type->sat_equality;
848 /* fail over into next case */
850 case LDAP_FILTER_EXT:
851 filter_value = &f->f_mra->ma_value;
852 matching_rule = f->f_mr_rule;
855 /* always uppercase strings by now */
856 #ifdef BACKSQL_UPPERCASE_FILTER
857 if ( SLAP_MR_ASSOCIATED( matching_rule,
858 bi->sql_caseIgnoreMatch ) )
859 #endif /* BACKSQL_UPPERCASE_FILTER */
864 if ( SLAP_MR_ASSOCIATED( matching_rule,
865 bi->sql_telephoneNumberMatch ) )
871 * to check for matching telephone numbers
872 * with intermized chars, e.g. val='1234'
875 * val LIKE '%1%2%3%4%'
878 bv.bv_len = 2 * filter_value->bv_len - 1;
879 bv.bv_val = ch_malloc( bv.bv_len + 1 );
881 bv.bv_val[ 0 ] = filter_value->bv_val[ 0 ];
882 for ( i = 1; i < filter_value->bv_len; i++ ) {
883 bv.bv_val[ 2 * i - 1 ] = '%';
884 bv.bv_val[ 2 * i ] = filter_value->bv_val[ i ];
886 bv.bv_val[ 2 * i - 1 ] = '\0';
888 (void)backsql_process_filter_like( bsi, at, casefold, &bv );
889 ch_free( bv.bv_val );
894 /* NOTE: this is required by objectClass inheritance
895 * and auxiliary objectClass use in filters for slightly
896 * more efficient candidate selection. */
897 /* FIXME: a bit too many specializations to deal with
898 * very specific cases... */
899 if ( at->bam_ad == slap_schema.si_ad_objectClass
900 || at->bam_ad == slap_schema.si_ad_structuralObjectClass )
902 backsql_strfcat( &bsi->bsi_flt_where, "lbl",
903 (ber_len_t)STRLENOF( "(ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */ ),
904 "(ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */,
906 (ber_len_t)STRLENOF( /* (' */ "')" ),
912 * maybe we should check type of at->sel_expr here somehow,
913 * to know whether upper_func is applicable, but for now
914 * upper_func stuff is made for Oracle, where UPPER is
915 * safely applicable to NUMBER etc.
917 (void)backsql_process_filter_eq( bsi, at, casefold, filter_value );
921 ordering.bv_val = ">=";
923 /* fall thru to next case */
926 /* always uppercase strings by now */
927 #ifdef BACKSQL_UPPERCASE_FILTER
928 if ( SLAP_MR_ASSOCIATED( at->bam_ad->ad_type->sat_ordering,
929 bi->sql_caseIgnoreMatch ) )
930 #endif /* BACKSQL_UPPERCASE_FILTER */
936 * FIXME: should we uppercase the operands?
938 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
941 backsql_strfcat( &bsi->bsi_flt_where, "cbbc",
947 start = bsi->bsi_flt_where.bb_val.bv_len;
949 backsql_strfcat( &bsi->bsi_flt_where, "bl",
951 (ber_len_t)STRLENOF( /* (' */ "')" ),
954 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
957 backsql_strfcat( &bsi->bsi_flt_where, "cbbcbl",
963 (ber_len_t)STRLENOF( /* (' */ "')" ),
968 case LDAP_FILTER_PRESENT:
969 backsql_strfcat( &bsi->bsi_flt_where, "lbl",
970 (ber_len_t)STRLENOF( "NOT (" /* ) */),
973 (ber_len_t)STRLENOF( /* ( */ " IS NULL)" ),
974 /* ( */ " IS NULL)" );
977 case LDAP_FILTER_SUBSTRINGS:
978 backsql_process_sub_filter( bsi, f, at );
981 case LDAP_FILTER_APPROX:
985 * maybe we should check type of at->sel_expr here somehow,
986 * to know whether upper_func is applicable, but for now
987 * upper_func stuff is made for Oracle, where UPPER is
988 * safely applicable to NUMBER etc.
990 (void)backsql_process_filter_like( bsi, at, 1, &f->f_av_value );
994 /* unhandled filter type; should not happen */
996 backsql_strfcat( &bsi->bsi_flt_where, "l",
997 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
1002 Debug( LDAP_DEBUG_TRACE, "<==backsql_process_filter_attr(%s)\n",
1003 at->bam_ad->ad_cname.bv_val, 0, 0 );
1009 backsql_srch_query( backsql_srch_info *bsi, struct berval *query )
1011 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
1015 BER_BVZERO( query );
1017 Debug( LDAP_DEBUG_TRACE, "==>backsql_srch_query()\n", 0, 0, 0 );
1018 BER_BVZERO( &bsi->bsi_sel.bb_val );
1019 BER_BVZERO( &bsi->bsi_sel.bb_val );
1020 bsi->bsi_sel.bb_len = 0;
1021 BER_BVZERO( &bsi->bsi_from.bb_val );
1022 bsi->bsi_from.bb_len = 0;
1023 BER_BVZERO( &bsi->bsi_join_where.bb_val );
1024 bsi->bsi_join_where.bb_len = 0;
1025 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
1026 bsi->bsi_flt_where.bb_len = 0;
1028 backsql_strfcat( &bsi->bsi_sel, "lbcbc",
1029 (ber_len_t)STRLENOF( "SELECT DISTINCT ldap_entries.id," ),
1030 "SELECT DISTINCT ldap_entries.id,",
1031 &bsi->bsi_oc->bom_keytbl,
1033 &bsi->bsi_oc->bom_keycol,
1036 if ( !BER_BVISNULL( &bi->sql_strcast_func ) ) {
1037 backsql_strfcat( &bsi->bsi_sel, "blbl",
1038 &bi->sql_strcast_func,
1039 (ber_len_t)STRLENOF( "('" /* ') */ ),
1041 &bsi->bsi_oc->bom_oc->soc_cname,
1042 (ber_len_t)STRLENOF( /* (' */ "')" ),
1045 backsql_strfcat( &bsi->bsi_sel, "cbc",
1047 &bsi->bsi_oc->bom_oc->soc_cname,
1050 #ifdef BACKSQL_ALIASING_QUOTE
1051 backsql_strfcat( &bsi->bsi_sel, "lclcl",
1052 (ber_len_t)STRLENOF( " " BACKSQL_ALIASING ),
1053 " " BACKSQL_ALIASING,
1054 BACKSQL_ALIASING_QUOTE,
1055 (ber_len_t)STRLENOF( "objectClass" ),
1057 BACKSQL_ALIASING_QUOTE,
1058 (ber_len_t)STRLENOF( ",ldap_entries.dn " BACKSQL_ALIASING "dn" ),
1059 ",ldap_entries.dn " BACKSQL_ALIASING "dn" );
1060 #else /* ! BACKSQL_ALIASING_QUOTE */
1061 backsql_strfcat( &bsi->bsi_sel, "l",
1062 (ber_len_t)STRLENOF( " " BACKSQL_ALIASING "objectClass,ldap_entries.dn " BACKSQL_ALIASING "dn" ),
1063 " " BACKSQL_ALIASING "objectClass,ldap_entries.dn " BACKSQL_ALIASING "dn" );
1064 #endif /* ! BACKSQL_ALIASING_QUOTE */
1066 backsql_strfcat( &bsi->bsi_from, "lb",
1067 (ber_len_t)STRLENOF( " FROM ldap_entries," ),
1068 " FROM ldap_entries,",
1069 &bsi->bsi_oc->bom_keytbl );
1071 backsql_strfcat( &bsi->bsi_join_where, "lbcbl",
1072 (ber_len_t)STRLENOF( " WHERE " ), " WHERE ",
1073 &bsi->bsi_oc->bom_keytbl,
1075 &bsi->bsi_oc->bom_keycol,
1076 (ber_len_t)STRLENOF( "=ldap_entries.keyval AND ldap_entries.oc_map_id=? AND " ),
1077 "=ldap_entries.keyval AND ldap_entries.oc_map_id=? AND " );
1079 switch ( bsi->bsi_scope ) {
1080 case LDAP_SCOPE_BASE:
1081 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1082 backsql_strfcat( &bsi->bsi_join_where, "bl",
1083 &bi->sql_upper_func,
1084 (ber_len_t)STRLENOF( "(ldap_entries.dn)=?" ),
1085 "(ldap_entries.dn)=?" );
1087 backsql_strfcat( &bsi->bsi_join_where, "l",
1088 (ber_len_t)STRLENOF( "ldap_entries.dn=?" ),
1089 "ldap_entries.dn=?" );
1093 case BACKSQL_SCOPE_BASE_LIKE:
1094 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1095 backsql_strfcat( &bsi->bsi_join_where, "bl",
1096 &bi->sql_upper_func,
1097 (ber_len_t)STRLENOF( "(ldap_entries.dn) LIKE ?" ),
1098 "(ldap_entries.dn) LIKE ?" );
1100 backsql_strfcat( &bsi->bsi_join_where, "l",
1101 (ber_len_t)STRLENOF( "ldap_entries.dn LIKE ?" ),
1102 "ldap_entries.dn LIKE ?" );
1106 case LDAP_SCOPE_ONELEVEL:
1107 backsql_strfcat( &bsi->bsi_join_where, "l",
1108 (ber_len_t)STRLENOF( "ldap_entries.parent=?" ),
1109 "ldap_entries.parent=?" );
1112 case LDAP_SCOPE_SUBTREE:
1113 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1114 backsql_strfcat( &bsi->bsi_join_where, "bl",
1115 &bi->sql_upper_func,
1116 (ber_len_t)STRLENOF( "(ldap_entries.dn) LIKE ?" ),
1117 "(ldap_entries.dn) LIKE ?" );
1119 backsql_strfcat( &bsi->bsi_join_where, "l",
1120 (ber_len_t)STRLENOF( "ldap_entries.dn LIKE ?" ),
1121 "ldap_entries.dn LIKE ?" );
1130 rc = backsql_process_filter( bsi, bsi->bsi_filter );
1132 struct berbuf bb = BB_NULL;
1134 backsql_strfcat( &bb, "bbblb",
1135 &bsi->bsi_sel.bb_val,
1136 &bsi->bsi_from.bb_val,
1137 &bsi->bsi_join_where.bb_val,
1138 (ber_len_t)STRLENOF( " AND " ), " AND ",
1139 &bsi->bsi_flt_where.bb_val );
1143 } else if ( rc < 0 ) {
1145 * Indicates that there's no possible way the filter matches
1146 * anything. No need to issue the query
1148 free( query->bv_val );
1149 BER_BVZERO( query );
1152 free( bsi->bsi_sel.bb_val.bv_val );
1153 BER_BVZERO( &bsi->bsi_sel.bb_val );
1154 bsi->bsi_sel.bb_len = 0;
1155 free( bsi->bsi_from.bb_val.bv_val );
1156 BER_BVZERO( &bsi->bsi_from.bb_val );
1157 bsi->bsi_from.bb_len = 0;
1158 free( bsi->bsi_join_where.bb_val.bv_val );
1159 BER_BVZERO( &bsi->bsi_join_where.bb_val );
1160 bsi->bsi_join_where.bb_len = 0;
1161 free( bsi->bsi_flt_where.bb_val.bv_val );
1162 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
1163 bsi->bsi_flt_where.bb_len = 0;
1165 Debug( LDAP_DEBUG_TRACE, "<==backsql_srch_query() returns %s\n",
1166 query->bv_val ? query->bv_val : "NULL", 0, 0 );
1168 return ( rc <= 0 ? 1 : 0 );
1172 backsql_oc_get_candidates( void *v_oc, void *v_bsi )
1174 backsql_oc_map_rec *oc = v_oc;
1175 backsql_srch_info *bsi = v_bsi;
1176 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
1177 struct berval query;
1181 BACKSQL_ROW_NTS row;
1184 int n_candidates = bsi->bsi_n_candidates;
1187 * + 1 because we need room for '%'; this makes a subtree
1188 * search for a DN BACKSQL_MAX_DN_LEN long legal
1189 * if it returns that DN only
1191 char temp_base_dn[ BACKSQL_MAX_DN_LEN + 1 + 1 ];
1193 bsi->bsi_status = LDAP_SUCCESS;
1195 Debug( LDAP_DEBUG_TRACE, "==>backsql_oc_get_candidates(): oc=\"%s\"\n",
1196 BACKSQL_OC_NAME( oc ), 0, 0 );
1198 if ( bsi->bsi_n_candidates == -1 ) {
1199 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1200 "unchecked limit has been overcome\n", 0, 0, 0 );
1201 /* should never get here */
1203 bsi->bsi_status = LDAP_ADMINLIMIT_EXCEEDED;
1204 return BACKSQL_AVL_STOP;
1208 res = backsql_srch_query( bsi, &query );
1210 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1211 "error while constructing query for objectclass \"%s\"\n",
1212 oc->bom_oc->soc_cname.bv_val, 0, 0 );
1214 * FIXME: need to separate errors from legally
1215 * impossible filters
1217 switch ( bsi->bsi_status ) {
1219 case LDAP_UNDEFINED_TYPE:
1220 case LDAP_NO_SUCH_OBJECT:
1221 /* we are conservative... */
1223 bsi->bsi_status = LDAP_SUCCESS;
1225 return BACKSQL_AVL_CONTINUE;
1227 case LDAP_ADMINLIMIT_EXCEEDED:
1229 /* don't try any more */
1230 return BACKSQL_AVL_STOP;
1234 if ( BER_BVISNULL( &query ) ) {
1235 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1236 "could not construct query for objectclass \"%s\"\n",
1237 oc->bom_oc->soc_cname.bv_val, 0, 0 );
1238 bsi->bsi_status = LDAP_SUCCESS;
1239 return BACKSQL_AVL_CONTINUE;
1242 Debug( LDAP_DEBUG_TRACE, "Constructed query: %s\n",
1243 query.bv_val, 0, 0 );
1245 rc = backsql_Prepare( bsi->bsi_dbh, &sth, query.bv_val, 0 );
1246 free( query.bv_val );
1247 BER_BVZERO( &query );
1248 if ( rc != SQL_SUCCESS ) {
1249 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1250 "error preparing query\n", 0, 0, 0 );
1251 backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh, sth, rc );
1252 bsi->bsi_status = LDAP_OTHER;
1253 return BACKSQL_AVL_CONTINUE;
1256 Debug( LDAP_DEBUG_TRACE, "id: '%ld'\n", bsi->bsi_oc->bom_id, 0, 0 );
1258 rc = backsql_BindParamInt( sth, 1, SQL_PARAM_INPUT,
1259 &bsi->bsi_oc->bom_id );
1260 if ( rc != SQL_SUCCESS ) {
1261 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1262 "error binding objectclass id parameter\n", 0, 0, 0 );
1263 bsi->bsi_status = LDAP_OTHER;
1264 return BACKSQL_AVL_CONTINUE;
1267 switch ( bsi->bsi_scope ) {
1268 case LDAP_SCOPE_BASE:
1269 case BACKSQL_SCOPE_BASE_LIKE:
1271 * We do not accept DNs longer than BACKSQL_MAX_DN_LEN;
1272 * however this should be handled earlier
1274 if ( bsi->bsi_base_dn->bv_len > BACKSQL_MAX_DN_LEN ) {
1275 bsi->bsi_status = LDAP_OTHER;
1276 return BACKSQL_AVL_CONTINUE;
1279 AC_MEMCPY( temp_base_dn, bsi->bsi_base_dn->bv_val,
1280 bsi->bsi_base_dn->bv_len + 1 );
1282 /* uppercase DN only if the stored DN can be uppercased
1284 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1285 ldap_pvt_str2upper( temp_base_dn );
1288 Debug( LDAP_DEBUG_TRACE, "(base)dn: \"%s\"\n",
1289 temp_base_dn, 0, 0 );
1291 rc = backsql_BindParamStr( sth, 2, SQL_PARAM_INPUT,
1292 temp_base_dn, BACKSQL_MAX_DN_LEN );
1293 if ( rc != SQL_SUCCESS ) {
1294 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1295 "error binding base_dn parameter\n", 0, 0, 0 );
1296 backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh,
1298 bsi->bsi_status = LDAP_OTHER;
1299 return BACKSQL_AVL_CONTINUE;
1303 case LDAP_SCOPE_SUBTREE: {
1305 * We do not accept DNs longer than BACKSQL_MAX_DN_LEN;
1306 * however this should be handled earlier
1308 if ( bsi->bsi_base_dn->bv_len > BACKSQL_MAX_DN_LEN ) {
1309 bsi->bsi_status = LDAP_OTHER;
1310 return BACKSQL_AVL_CONTINUE;
1314 * Sets the parameters for the SQL built earlier
1315 * NOTE that all the databases could actually use
1316 * the TimesTen version, which would be cleaner
1317 * and would also eliminate the need for the
1318 * subtree_cond line in the configuration file.
1319 * For now, I'm leaving it the way it is,
1320 * so non-TimesTen databases use the original code.
1321 * But at some point this should get cleaned up.
1323 * If "dn" is being used, do a suffix search.
1324 * If "dn_ru" is being used, do a prefix search.
1326 if ( BACKSQL_HAS_LDAPINFO_DN_RU( bi ) ) {
1327 temp_base_dn[ 0 ] = '\0';
1328 for ( i = 0, j = bsi->bsi_base_dn->bv_len - 1;
1330 temp_base_dn[ i ] = bsi->bsi_base_dn->bv_val[ j ];
1332 temp_base_dn[ i ] = '%';
1333 temp_base_dn[ i + 1 ] = '\0';
1336 temp_base_dn[ 0 ] = '%';
1337 AC_MEMCPY( &temp_base_dn[ 1 ], bsi->bsi_base_dn->bv_val,
1338 bsi->bsi_base_dn->bv_len + 1 );
1341 /* uppercase DN only if the stored DN can be uppercased
1343 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1344 ldap_pvt_str2upper( temp_base_dn );
1347 Debug( LDAP_DEBUG_TRACE, "(sub)dn: \"%s\"\n", temp_base_dn,
1350 rc = backsql_BindParamStr( sth, 2, SQL_PARAM_INPUT,
1351 temp_base_dn, BACKSQL_MAX_DN_LEN );
1352 if ( rc != SQL_SUCCESS ) {
1353 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1354 "error binding base_dn parameter (2)\n",
1356 backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh,
1358 bsi->bsi_status = LDAP_OTHER;
1359 return BACKSQL_AVL_CONTINUE;
1364 case LDAP_SCOPE_ONELEVEL:
1365 assert( !BER_BVISNULL( &bsi->bsi_base_id.eid_dn ) );
1367 #ifdef BACKSQL_ARBITRARY_KEY
1368 Debug( LDAP_DEBUG_TRACE, "(one)id: \"%s\"\n",
1369 bsi->bsi_base_id.eid_id.bv_val, 0, 0 );
1370 #else /* ! BACKSQL_ARBITRARY_KEY */
1371 Debug( LDAP_DEBUG_TRACE, "(one)id: '%lu'\n",
1372 bsi->bsi_base_id.eid_id, 0, 0 );
1373 #endif /* ! BACKSQL_ARBITRARY_KEY */
1374 rc = backsql_BindParamID( sth, 2, SQL_PARAM_INPUT,
1375 &bsi->bsi_base_id.eid_id );
1376 if ( rc != SQL_SUCCESS ) {
1377 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1378 "error binding base id parameter\n", 0, 0, 0 );
1379 bsi->bsi_status = LDAP_OTHER;
1380 return BACKSQL_AVL_CONTINUE;
1385 rc = SQLExecute( sth );
1386 if ( !BACKSQL_SUCCESS( rc ) ) {
1387 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1388 "error executing query\n", 0, 0, 0 );
1389 backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh, sth, rc );
1390 SQLFreeStmt( sth, SQL_DROP );
1391 bsi->bsi_status = LDAP_OTHER;
1392 return BACKSQL_AVL_CONTINUE;
1395 backsql_BindRowAsStrings( sth, &row );
1396 rc = SQLFetch( sth );
1397 for ( ; BACKSQL_SUCCESS( rc ); rc = SQLFetch( sth ) ) {
1398 struct berval dn, ndn;
1399 backsql_entryID *c_id = NULL;
1402 ber_str2bv( row.cols[ 3 ], 0, 0, &dn );
1404 if ( backsql_api_odbc2dn( bsi->bsi_op, bsi->bsi_rs, &dn ) ) {
1408 ret = dnNormalize( 0, NULL, NULL, &dn, &ndn, NULL );
1409 if ( dn.bv_val != row.cols[ 3 ] ) {
1413 if ( ret != LDAP_SUCCESS ) {
1417 if ( bi->sql_baseObject && bvmatch( &ndn, &bi->sql_baseObject->e_nname ) ) {
1422 c_id = (backsql_entryID *)ch_calloc( 1,
1423 sizeof( backsql_entryID ) );
1424 #ifdef BACKSQL_ARBITRARY_KEY
1425 ber_str2bv( row.cols[ 0 ], 0, 1, &c_id->eid_id );
1426 ber_str2bv( row.cols[ 1 ], 0, 1, &c_id->eid_keyval );
1427 #else /* ! BACKSQL_ARBITRARY_KEY */
1428 c_id->eid_id = strtol( row.cols[ 0 ], NULL, 0 );
1429 c_id->eid_keyval = strtol( row.cols[ 1 ], NULL, 0 );
1430 #endif /* ! BACKSQL_ARBITRARY_KEY */
1431 c_id->eid_oc_id = bsi->bsi_oc->bom_id;
1433 if ( ndn.bv_val == row.cols[ 3 ] ) {
1434 ber_dupbv( &c_id->eid_dn, &ndn );
1439 /* append at end of list ... */
1440 c_id->eid_next = NULL;
1441 *bsi->bsi_id_listtail = c_id;
1442 bsi->bsi_id_listtail = &c_id->eid_next;
1444 #ifdef BACKSQL_ARBITRARY_KEY
1445 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1446 "added entry id=%s, keyval=%s dn=\"%s\"\n",
1447 c_id->eid_id.bv_val, c_id->eid_keyval.bv_val,
1449 #else /* ! BACKSQL_ARBITRARY_KEY */
1450 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1451 "added entry id=%ld, keyval=%ld dn=\"%s\"\n",
1452 c_id->eid_id, c_id->eid_keyval, row.cols[ 3 ] );
1453 #endif /* ! BACKSQL_ARBITRARY_KEY */
1455 /* count candidates, for unchecked limit */
1456 bsi->bsi_n_candidates--;
1457 if ( bsi->bsi_n_candidates == -1 ) {
1461 backsql_FreeRow( &row );
1462 SQLFreeStmt( sth, SQL_DROP );
1464 Debug( LDAP_DEBUG_TRACE, "<==backsql_oc_get_candidates(): %d\n",
1465 n_candidates - bsi->bsi_n_candidates, 0, 0 );
1467 return ( bsi->bsi_n_candidates == -1 ? BACKSQL_AVL_STOP : BACKSQL_AVL_CONTINUE );
1471 backsql_search( Operation *op, SlapReply *rs )
1473 backsql_info *bi = (backsql_info *)op->o_bd->be_private;
1476 Entry user_entry = { 0 };
1478 time_t stoptime = 0;
1479 backsql_srch_info bsi;
1480 backsql_entryID *eid = NULL;
1483 manageDSAit = get_manageDSAit( op );
1485 Debug( LDAP_DEBUG_TRACE, "==>backsql_search(): "
1486 "base=\"%s\", filter=\"%s\", scope=%d,",
1487 op->o_req_ndn.bv_val,
1488 op->ors_filterstr.bv_val,
1490 Debug( LDAP_DEBUG_TRACE, " deref=%d, attrsonly=%d, "
1491 "attributes to load: %s\n",
1494 op->ors_attrs == NULL ? "all" : "custom list" );
1496 if ( op->o_req_ndn.bv_len > BACKSQL_MAX_DN_LEN ) {
1497 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1498 "search base length (%ld) exceeds max length (%d)\n",
1499 op->o_req_ndn.bv_len, BACKSQL_MAX_DN_LEN, 0 );
1501 * FIXME: a LDAP_NO_SUCH_OBJECT could be appropriate
1502 * since it is impossible that such a long DN exists
1505 rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
1506 send_ldap_result( op, rs );
1510 sres = backsql_get_db_conn( op, &dbh );
1511 if ( sres != LDAP_SUCCESS ) {
1512 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1513 "could not get connection handle - exiting\n",
1516 rs->sr_text = sres == LDAP_OTHER ? "SQL-backend error" : NULL;
1517 send_ldap_result( op, rs );
1521 /* compute it anyway; root does not use it */
1522 stoptime = op->o_time + op->ors_tlimit;
1524 base = op->o_req_ndn;
1525 if ( backsql_api_dn2odbc( op, rs, &base ) ) {
1526 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1527 "backsql_api_dn2odbc failed\n",
1529 rs->sr_err = LDAP_OTHER;
1530 rs->sr_text = "SQL-backend error";
1531 send_ldap_result( op, rs );
1536 rs->sr_err = backsql_init_search( &bsi, &base,
1538 op->ors_slimit, op->ors_tlimit,
1539 stoptime, op->ors_filter,
1540 dbh, op, rs, op->ors_attrs, 1 );
1541 if ( rs->sr_err != LDAP_SUCCESS ) {
1542 send_ldap_result( op, rs );
1546 bsi.bsi_n_candidates =
1547 ( op->ors_limit == NULL /* isroot == TRUE */ ? -2 :
1548 ( op->ors_limit->lms_s_unchecked == -1 ? -2 :
1549 ( op->ors_limit->lms_s_unchecked ) ) );
1551 switch ( bsi.bsi_scope ) {
1552 case LDAP_SCOPE_BASE:
1553 case BACKSQL_SCOPE_BASE_LIKE:
1555 * probably already found...
1557 bsi.bsi_id_list = &bsi.bsi_base_id;
1558 bsi.bsi_id_listtail = &bsi.bsi_base_id.eid_next;
1561 case LDAP_SCOPE_SUBTREE:
1563 * if baseObject is defined, and if it is the root
1564 * of the search, add it to the candidate list
1566 if ( bi->sql_baseObject && BACKSQL_IS_BASEOBJECT_ID( &bsi.bsi_base_id.eid_id ) )
1568 bsi.bsi_id_list = &bsi.bsi_base_id;
1569 bsi.bsi_id_listtail = &bsi.bsi_base_id.eid_next;
1576 * for each objectclass we try to construct query which gets IDs
1577 * of entries matching LDAP query filter and scope (or at least
1578 * candidates), and get the IDs
1580 avl_apply( bi->sql_oc_by_oc, backsql_oc_get_candidates,
1581 &bsi, BACKSQL_AVL_STOP, AVL_INORDER );
1584 if ( op->ors_limit != NULL /* isroot == FALSE */
1585 && op->ors_limit->lms_s_unchecked != -1
1586 && bsi.bsi_n_candidates == -1 )
1588 rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
1589 send_ldap_result( op, rs );
1594 * now we load candidate entries (only those attributes
1595 * mentioned in attrs and filter), test it against full filter
1596 * and then send to client; don't free entry_id if baseObject...
1598 for ( eid = bsi.bsi_id_list;
1600 eid = backsql_free_entryID( eid, eid == &bsi.bsi_base_id ? 0 : 1 ) )
1603 Attribute *hasSubordinate = NULL,
1607 /* check for abandon */
1608 if ( op->o_abandon ) {
1612 /* check time limit */
1613 if ( op->ors_tlimit != SLAP_NO_LIMIT
1614 && slap_get_time() > stoptime )
1616 rs->sr_err = LDAP_TIMELIMIT_EXCEEDED;
1617 rs->sr_ctrls = NULL;
1618 rs->sr_ref = rs->sr_v2ref;
1619 rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS
1621 send_ldap_result( op, rs );
1625 #ifdef BACKSQL_ARBITRARY_KEY
1626 Debug(LDAP_DEBUG_TRACE, "backsql_search(): loading data "
1627 "for entry id=%s, oc_id=%ld, keyval=%s\n",
1628 eid->eid_id.bv_val, eid->eid_oc_id,
1629 eid->eid_keyval.bv_val );
1630 #else /* ! BACKSQL_ARBITRARY_KEY */
1631 Debug(LDAP_DEBUG_TRACE, "backsql_search(): loading data "
1632 "for entry id=%ld, oc_id=%ld, keyval=%ld\n",
1633 eid->eid_id, eid->eid_oc_id, eid->eid_keyval );
1634 #endif /* ! BACKSQL_ARBITRARY_KEY */
1636 /* don't recollect baseObject ... */
1637 if ( BACKSQL_IS_BASEOBJECT_ID( &eid->eid_id ) ) {
1638 e = bi->sql_baseObject;
1641 bsi.bsi_e = &user_entry;
1642 rc = backsql_id2entry( &bsi, eid );
1643 if ( rc != LDAP_SUCCESS ) {
1644 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1645 "error %d in backsql_id2entry() "
1646 "- skipping\n", rc, 0, 0 );
1654 switch ( op->ors_scope ) {
1655 case LDAP_SCOPE_BASE:
1656 case BACKSQL_SCOPE_BASE_LIKE:
1657 if ( !bvmatch( &e->e_nname, &op->o_req_ndn ) ) {
1662 case LDAP_SCOPE_ONE:
1664 struct berval rdn = user_entry.e_nname;
1665 rdn.bv_len -= op->o_req_ndn.bv_len + STRLENOF( "," );
1666 if ( !dnIsOneLevelRDN( &rdn ) ) {
1672 case LDAP_SCOPE_SUBTREE:
1673 if ( !dnIsSuffix( &e->e_nname, &op->o_req_ndn ) ) {
1679 if ( !manageDSAit &&
1680 op->ors_scope != LDAP_SCOPE_BASE &&
1681 op->ors_scope != BACKSQL_SCOPE_BASE_LIKE &&
1682 is_entry_referral( e ) )
1686 refs = get_entry_referrals( op, e );
1688 backsql_srch_info bsi2 = { 0 };
1689 Entry user_entry2 = { 0 };
1691 /* retry with the full entry... */
1692 (void)backsql_init_search( &bsi2,
1696 dbh, op, rs, NULL, 0 );
1697 bsi2.bsi_e = &user_entry2;
1698 rc = backsql_id2entry( &bsi2, eid );
1699 if ( rc == LDAP_SUCCESS ) {
1700 if ( is_entry_referral( &user_entry2 ) )
1702 refs = get_entry_referrals( op,
1704 } /* else: FIXME: inconsistency! */
1705 entry_clean( &user_entry2 );
1710 rs->sr_ref = referral_rewrite( refs,
1714 ber_bvarray_free( refs );
1717 if ( !rs->sr_ref ) {
1718 rs->sr_text = "bad_referral object";
1721 rs->sr_err = LDAP_REFERRAL;
1722 rs->sr_matched = user_entry.e_name.bv_val;
1723 send_search_reference( op, rs );
1725 ber_bvarray_free( rs->sr_ref );
1727 rs->sr_matched = NULL;
1733 * We use this flag since we need to parse the filter
1734 * anyway; we should have used the frontend API function
1735 * filter_has_subordinates()
1737 if ( bsi.bsi_flags & BSQL_SF_FILTER_HASSUBORDINATE ) {
1738 rc = backsql_has_children( bi, dbh, &e->e_nname );
1741 case LDAP_COMPARE_TRUE:
1742 case LDAP_COMPARE_FALSE:
1743 hasSubordinate = slap_operational_hasSubordinate( rc == LDAP_COMPARE_TRUE );
1744 if ( hasSubordinate != NULL ) {
1745 for ( a = user_entry.e_attrs;
1749 a->a_next = hasSubordinate;
1755 Debug(LDAP_DEBUG_TRACE,
1756 "backsql_search(): "
1757 "has_children failed( %d)\n",
1764 if ( test_filter( op, e, op->ors_filter )
1765 == LDAP_COMPARE_TRUE ) {
1766 if ( hasSubordinate && !( bsi.bsi_flags & BSQL_SF_ALL_OPER )
1767 && !ad_inlist( slap_schema.si_ad_hasSubordinates, op->ors_attrs ) ) {
1769 attr_free( hasSubordinate );
1770 hasSubordinate = NULL;
1773 rs->sr_attrs = op->ors_attrs;
1774 rs->sr_operational_attrs = NULL;
1776 if ( e == &user_entry ) {
1777 rs->sr_flags = REP_ENTRY_MODIFIABLE;
1779 sres = send_search_entry( op, rs );
1780 rs->sr_entry = NULL;
1781 rs->sr_attrs = NULL;
1782 rs->sr_operational_attrs = NULL;
1790 * FIXME: send_search_entry failed;
1794 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1795 "connection lost\n", 0, 0, 0 );
1801 entry_clean( &user_entry );
1803 if ( op->ors_slimit != SLAP_NO_LIMIT
1804 && rs->sr_nentries >= op->ors_slimit )
1806 rs->sr_err = LDAP_SIZELIMIT_EXCEEDED;
1807 send_ldap_result( op, rs );
1813 /* in case we got here accidentally */
1814 entry_clean( &user_entry );
1816 if ( rs->sr_nentries > 0 ) {
1817 rs->sr_ref = rs->sr_v2ref;
1818 rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS
1822 rs->sr_err = bsi.bsi_status;
1824 send_ldap_result( op, rs );
1826 if ( rs->sr_v2ref ) {
1827 ber_bvarray_free( rs->sr_v2ref );
1828 rs->sr_v2ref = NULL;
1832 if ( !BER_BVISNULL( &bsi.bsi_base_id.eid_dn ) ) {
1833 (void)backsql_free_entryID( &bsi.bsi_base_id, 0 );
1836 if ( bsi.bsi_attrs ) {
1837 ch_free( bsi.bsi_attrs );
1840 if ( base.bv_val != op->o_req_ndn.bv_val ) {
1841 ch_free( base.bv_val );
1844 Debug( LDAP_DEBUG_TRACE, "<==backsql_search()\n", 0, 0, 0 );
1848 #endif /* SLAPD_SQL */