2 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
4 * Copyright 1999-2004 The OpenLDAP Foundation.
5 * Portions Copyright 1999 Dmitry Kovalev.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted only as authorized by the OpenLDAP
12 * A copy of this license is available in the file LICENSE in the
13 * top-level directory of the distribution or, alternatively, at
14 * <http://www.OpenLDAP.org/license.html>.
17 * This work was initially developed by Dmitry Kovalev for inclusion
18 * by OpenLDAP Software.
26 #include <sys/types.h>
27 #include "ac/string.h"
31 #include "proto-sql.h"
33 static int backsql_process_filter( backsql_srch_info *bsi, Filter *f );
34 static int backsql_process_filter_eq( backsql_srch_info *bsi,
35 backsql_at_map_rec *at,
36 int casefold, struct berval *filter_value );
37 static int backsql_process_filter_like( backsql_srch_info *bsi,
38 backsql_at_map_rec *at,
39 int casefold, struct berval *filter_value );
40 static int backsql_process_filter_attr( backsql_srch_info *bsi, Filter *f,
41 backsql_at_map_rec *at );
44 backsql_attrlist_add( backsql_srch_info *bsi, AttributeDescription *ad )
47 AttributeName *an = NULL;
49 if ( bsi->bsi_attrs == NULL ) {
54 * clear the list (retrieve all attrs)
57 ch_free( bsi->bsi_attrs );
58 bsi->bsi_attrs = NULL;
62 for ( ; !BER_BVISNULL( &bsi->bsi_attrs[ n_attrs ].an_name ); n_attrs++ ) {
63 an = &bsi->bsi_attrs[ n_attrs ];
65 Debug( LDAP_DEBUG_TRACE, "==>backsql_attrlist_add(): "
66 "attribute \"%s\" is in list\n",
67 an->an_name.bv_val, 0, 0 );
69 * We can live with strcmp because the attribute
70 * list has been normalized before calling be_search
72 if ( !BACKSQL_NCMP( &an->an_name, &ad->ad_cname ) ) {
77 Debug( LDAP_DEBUG_TRACE, "==>backsql_attrlist_add(): "
78 "adding \"%s\" to list\n", ad->ad_cname.bv_val, 0, 0 );
80 an = (AttributeName *)ch_realloc( bsi->bsi_attrs,
81 sizeof( AttributeName ) * ( n_attrs + 2 ) );
86 an[ n_attrs ].an_name = ad->ad_cname;
87 an[ n_attrs ].an_desc = ad;
88 BER_BVZERO( &an[ n_attrs + 1 ].an_name );
96 * Initializes the search structure.
98 * If get_base_id != 0, the field bsi_base_id is filled
99 * with the entryID of bsi_base_dn; it must be freed
100 * by backsql_free_entryID() when no longer required.
104 backsql_srch_info *bsi,
114 AttributeName *attrs,
118 int rc = LDAP_SUCCESS;
120 bsi->bsi_base_dn = base;
121 BER_BVZERO( &bsi->bsi_base_id.eid_dn );
122 bsi->bsi_scope = scope;
123 bsi->bsi_slimit = slimit;
124 bsi->bsi_tlimit = tlimit;
125 bsi->bsi_filter = filter;
134 if ( attrs == NULL || an_find( attrs, &AllUser ) ) {
135 bsi->bsi_attrs = NULL;
140 bsi->bsi_attrs = (AttributeName *)ch_calloc( 1,
141 sizeof( AttributeName ) );
142 BER_BVZERO( &bsi->bsi_attrs[ 0 ].an_name );
144 for ( p = attrs; !BER_BVISNULL( &p->an_name ); p++ ) {
146 * ignore "1.1"; handle "+"
148 if ( BACKSQL_NCMP( &p->an_name, &AllOper ) == 0 ) {
149 bsi->bsi_flags |= BSQL_SF_ALL_OPER;
152 } else if ( BACKSQL_NCMP( &p->an_name, &NoAttrs ) == 0 ) {
155 } else if ( p->an_desc == slap_schema.si_ad_objectClass ) {
159 backsql_attrlist_add( bsi, p->an_desc );
163 /* add objectClass if not present,
164 * because it is required to understand
165 * if an entry is a referral, an alias
167 backsql_attrlist_add( bsi, slap_schema.si_ad_objectClass );
171 bsi->bsi_abandon = 0;
172 bsi->bsi_id_list = NULL;
173 bsi->bsi_id_listtail = &bsi->bsi_id_list;
174 bsi->bsi_n_candidates = 0;
175 bsi->bsi_stoptime = stoptime;
176 BER_BVZERO( &bsi->bsi_sel.bb_val );
177 bsi->bsi_sel.bb_len = 0;
178 BER_BVZERO( &bsi->bsi_from.bb_val );
179 bsi->bsi_from.bb_len = 0;
180 BER_BVZERO( &bsi->bsi_join_where.bb_val );
181 bsi->bsi_join_where.bb_len = 0;
182 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
183 bsi->bsi_flt_where.bb_len = 0;
184 bsi->bsi_filter_oc = NULL;
187 rc = backsql_dn2id( (backsql_info *)op->o_bd->be_private,
188 &bsi->bsi_base_id, dbh, base );
191 return ( bsi->bsi_status = rc );
195 backsql_process_filter_list( backsql_srch_info *bsi, Filter *f, int op )
203 backsql_strfcat( &bsi->bsi_flt_where, "c", '(' /* ) */ );
206 res = backsql_process_filter( bsi, f );
209 * TimesTen : If the query has no answers,
210 * don't bother to run the query.
221 case LDAP_FILTER_AND:
222 backsql_strfcat( &bsi->bsi_flt_where, "l",
223 (ber_len_t)STRLENOF( " AND " ),
228 backsql_strfcat( &bsi->bsi_flt_where, "l",
229 (ber_len_t)STRLENOF( " OR " ),
235 backsql_strfcat( &bsi->bsi_flt_where, "c", /* ( */ ')' );
241 backsql_process_sub_filter( backsql_srch_info *bsi, Filter *f,
242 backsql_at_map_rec *at )
244 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
252 /* always uppercase strings by now */
253 #ifdef BACKSQL_UPPERCASE_FILTER
254 if ( SLAP_MR_ASSOCIATED( f->f_sub_desc->ad_type->sat_substr,
255 bi->bi_caseIgnoreMatch ) )
256 #endif /* BACKSQL_UPPERCASE_FILTER */
261 if ( SLAP_MR_ASSOCIATED( f->f_sub_desc->ad_type->sat_substr,
262 bi->bi_telephoneNumberMatch ) )
269 * to check for matching telephone numbers
270 * with intermixed chars, e.g. val='1234'
273 * val LIKE '%1%2%3%4%'
277 if ( f->f_sub_initial.bv_val ) {
278 bv.bv_len += f->f_sub_initial.bv_len;
280 if ( f->f_sub_any != NULL ) {
281 for ( a = 0; f->f_sub_any[ a ].bv_val != NULL; a++ ) {
282 bv.bv_len += f->f_sub_any[ a ].bv_len;
285 if ( f->f_sub_final.bv_val ) {
286 bv.bv_len += f->f_sub_final.bv_len;
288 bv.bv_len = 2 * bv.bv_len - 1;
289 bv.bv_val = ch_malloc( bv.bv_len + 1 );
292 if ( !BER_BVISNULL( &f->f_sub_initial ) ) {
293 bv.bv_val[ s ] = f->f_sub_initial.bv_val[ 0 ];
294 for ( i = 1; i < f->f_sub_initial.bv_len; i++ ) {
295 bv.bv_val[ s + 2 * i - 1 ] = '%';
296 bv.bv_val[ s + 2 * i ] = f->f_sub_initial.bv_val[ i ];
298 bv.bv_val[ s + 2 * i - 1 ] = '%';
302 if ( f->f_sub_any != NULL ) {
303 for ( a = 0; !BER_BVISNULL( &f->f_sub_any[ a ] ); a++ ) {
304 bv.bv_val[ s ] = f->f_sub_any[ a ].bv_val[ 0 ];
305 for ( i = 1; i < f->f_sub_any[ a ].bv_len; i++ ) {
306 bv.bv_val[ s + 2 * i - 1 ] = '%';
307 bv.bv_val[ s + 2 * i ] = f->f_sub_any[ a ].bv_val[ i ];
309 bv.bv_val[ s + 2 * i - 1 ] = '%';
314 if ( !BER_BVISNULL( &f->f_sub_final ) ) {
315 bv.bv_val[ s ] = f->f_sub_final.bv_val[ 0 ];
316 for ( i = 1; i < f->f_sub_final.bv_len; i++ ) {
317 bv.bv_val[ s + 2 * i - 1 ] = '%';
318 bv.bv_val[ s + 2 * i ] = f->f_sub_final.bv_val[ i ];
320 bv.bv_val[ s + 2 * i - 1 ] = '%';
324 bv.bv_val[ s - 1 ] = '\0';
326 (void)backsql_process_filter_like( bsi, at, casefold, &bv );
327 ch_free( bv.bv_val );
333 * When dealing with case-sensitive strings
334 * we may omit normalization; however, normalized
335 * SQL filters are more liberal.
338 backsql_strfcat( &bsi->bsi_flt_where, "c", '(' /* ) */ );
341 Debug( LDAP_DEBUG_TRACE, "backsql_process_sub_filter(%s):\n",
342 at->bam_ad->ad_cname.bv_val, 0, 0 );
343 Debug(LDAP_DEBUG_TRACE, " expr: '%s%s%s'\n", at->bam_sel_expr.bv_val,
344 at->bam_sel_expr_u.bv_val ? "' '" : "",
345 at->bam_sel_expr_u.bv_val ? at->bam_sel_expr_u.bv_val : "" );
346 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
348 * If a pre-upper-cased version of the column
349 * or a precompiled upper function exists, use it
351 backsql_strfcat( &bsi->bsi_flt_where,
354 (ber_len_t)STRLENOF( " LIKE '" ),
358 backsql_strfcat( &bsi->bsi_flt_where, "bl",
360 (ber_len_t)STRLENOF( " LIKE '" ), " LIKE '" );
363 if ( !BER_BVISNULL( &f->f_sub_initial ) ) {
367 Debug( LDAP_DEBUG_TRACE,
368 "==>backsql_process_sub_filter(%s): "
369 "sub_initial=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
370 f->f_sub_initial.bv_val, 0 );
371 #endif /* BACKSQL_TRACE */
373 start = bsi->bsi_flt_where.bb_val.bv_len;
374 backsql_strfcat( &bsi->bsi_flt_where, "b",
376 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
377 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
381 backsql_strfcat( &bsi->bsi_flt_where, "c", '%' );
383 if ( f->f_sub_any != NULL ) {
384 for ( i = 0; !BER_BVISNULL( &f->f_sub_any[ i ] ); i++ ) {
388 Debug( LDAP_DEBUG_TRACE,
389 "==>backsql_process_sub_filter(%s): "
390 "sub_any[%d]=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
391 i, f->f_sub_any[ i ].bv_val );
392 #endif /* BACKSQL_TRACE */
394 start = bsi->bsi_flt_where.bb_val.bv_len;
395 backsql_strfcat( &bsi->bsi_flt_where,
399 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
401 * Note: toupper('%') = '%'
403 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
408 if ( !BER_BVISNULL( &f->f_sub_final ) ) {
412 Debug( LDAP_DEBUG_TRACE,
413 "==>backsql_process_sub_filter(%s): "
414 "sub_final=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
415 f->f_sub_final.bv_val, 0 );
416 #endif /* BACKSQL_TRACE */
418 start = bsi->bsi_flt_where.bb_val.bv_len;
419 backsql_strfcat( &bsi->bsi_flt_where, "b",
421 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
422 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
426 backsql_strfcat( &bsi->bsi_flt_where, "l",
427 (ber_len_t)STRLENOF( /* (' */ "')" ), /* (' */ "')" );
433 backsql_merge_from_tbls( backsql_srch_info *bsi, struct berval *from_tbls )
435 if ( BER_BVISNULL( from_tbls ) ) {
439 if ( !BER_BVISNULL( &bsi->bsi_from.bb_val ) ) {
440 char *start, *end, *tmp;
442 tmp = ch_strdup( from_tbls->bv_val );
444 for ( start = tmp, end = strchr( start, ',' ); start; ) {
449 if ( strstr( bsi->bsi_from.bb_val.bv_val, start) == NULL )
451 backsql_strfcat( &bsi->bsi_from, "cs", ',', start );
455 /* in case there are spaces after the comma... */
456 for ( start = &end[1]; isspace( start[0] ); start++ );
458 end = strchr( start, ',' );
470 backsql_strfcat( &bsi->bsi_from, "b", from_tbls );
477 backsql_process_filter( backsql_srch_info *bsi, Filter *f )
479 backsql_at_map_rec **vat = NULL;
480 AttributeDescription *ad = NULL;
485 Debug( LDAP_DEBUG_TRACE, "==>backsql_process_filter()\n", 0, 0, 0 );
486 if ( f->f_choice == SLAPD_FILTER_COMPUTED ) {
487 Debug( LDAP_DEBUG_TRACE, "backsql_process_filter(): "
488 "invalid filter\n", 0, 0, 0 );
493 switch( f->f_choice ) {
495 rc = backsql_process_filter_list( bsi, f->f_or,
500 case LDAP_FILTER_AND:
501 rc = backsql_process_filter_list( bsi, f->f_and,
506 case LDAP_FILTER_NOT:
507 backsql_strfcat( &bsi->bsi_flt_where, "l",
508 (ber_len_t)STRLENOF( "NOT (" /* ) */ ),
510 rc = backsql_process_filter( bsi, f->f_not );
511 backsql_strfcat( &bsi->bsi_flt_where, "c", /* ( */ ')' );
515 case LDAP_FILTER_PRESENT:
519 case LDAP_FILTER_EXT:
520 ad = f->f_mra->ma_desc;
521 if ( f->f_mr_dnattrs ) {
523 * if dn attrs filtering is requested, better return
524 * success and let test_filter() deal with candidate
525 * selection; otherwise we'd need to set conditions
526 * on the contents of the DN, e.g. "SELECT ... FROM
527 * ldap_entries AS attributeName WHERE attributeName.dn
528 * like '%attributeName=value%'"
530 backsql_strfcat( &bsi->bsi_flt_where, "l",
531 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
532 bsi->bsi_status = LDAP_SUCCESS;
553 * Turn structuralObjectClass into objectClass
555 if ( ad == slap_schema.si_ad_objectClass
556 || ad == slap_schema.si_ad_structuralObjectClass ) {
558 * If the filter is LDAP_FILTER_PRESENT, then it's done;
559 * otherwise, let's see if we are lucky: filtering
560 * for "structural" objectclass or ancestor...
562 switch ( f->f_choice ) {
563 case LDAP_FILTER_EQUALITY:
565 ObjectClass *oc = oc_bvfind( &f->f_av_value );
568 Debug( LDAP_DEBUG_TRACE,
569 "backsql_process_filter(): "
570 "unknown objectClass \"%s\" "
572 f->f_av_value.bv_val, 0, 0 );
573 bsi->bsi_status = LDAP_OTHER;
579 * "structural" objectClass inheritance:
580 * - a search for "person" will also return
582 * - a search for "top" will return everything
584 if ( is_object_subclass( oc, bsi->bsi_oc->bom_oc ) ) {
585 static struct berval ldap_entry_objclasses = BER_BVC( "ldap_entry_objclasses" );
587 backsql_merge_from_tbls( bsi, &ldap_entry_objclasses );
589 backsql_strfcat( &bsi->bsi_flt_where, "lbl",
590 (ber_len_t)STRLENOF( "1=1 OR (ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */ ),
591 "1=1 OR (ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */,
592 &bsi->bsi_oc->bom_oc->soc_cname,
593 (ber_len_t)STRLENOF( /* (' */ "')" ),
595 bsi->bsi_status = LDAP_SUCCESS;
603 case LDAP_FILTER_PRESENT:
604 backsql_strfcat( &bsi->bsi_flt_where, "l",
605 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
606 bsi->bsi_status = LDAP_SUCCESS;
610 /* FIXME: LDAP_FILTER_EXT? */
613 Debug( LDAP_DEBUG_TRACE,
614 "backsql_process_filter(): "
615 "illegal/unhandled filter "
616 "on objectClass attribute",
618 bsi->bsi_status = LDAP_OTHER;
623 } else if ( ad == slap_schema.si_ad_hasSubordinates || ad == NULL ) {
625 * FIXME: this is not robust; e.g. a filter
626 * '(!(hasSubordinates=TRUE))' fails because
627 * in SQL it would read 'NOT (1=1)' instead
629 * Note however that hasSubordinates is boolean,
630 * so a more appropriate filter would be
631 * '(hasSubordinates=FALSE)'
633 * A more robust search for hasSubordinates
634 * would * require joining the ldap_entries table
635 * selecting if there are descendants of the
638 backsql_strfcat( &bsi->bsi_flt_where, "l",
639 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
640 if ( ad == slap_schema.si_ad_hasSubordinates ) {
642 * instruct candidate selection algorithm
643 * and attribute list to try to detect
644 * if an entry has subordinates
646 bsi->bsi_flags |= BSQL_SF_FILTER_HASSUBORDINATE;
650 * clear attributes to fetch, to require ALL
651 * and try extended match on all attributes
653 backsql_attrlist_add( bsi, NULL );
660 * attribute inheritance:
662 if ( backsql_supad2at( bsi->bsi_oc, ad, &vat ) ) {
663 bsi->bsi_status = LDAP_OTHER;
669 /* search anyway; other parts of the filter
671 backsql_strfcat( &bsi->bsi_flt_where, "l",
672 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
673 bsi->bsi_status = LDAP_SUCCESS;
678 /* if required, open extra level of parens */
680 if ( vat[0]->bam_next || vat[1] ) {
681 backsql_strfcat( &bsi->bsi_flt_where, "c", '(' );
688 if ( backsql_process_filter_attr( bsi, f, vat[i] ) == -1 ) {
692 /* if more definitions of the same attr, apply */
693 if ( vat[i]->bam_next ) {
694 backsql_strfcat( &bsi->bsi_flt_where, "l",
695 STRLENOF( " OR " ), " OR " );
696 vat[i] = vat[i]->bam_next;
700 /* if more descendants of the same attr, apply */
703 backsql_strfcat( &bsi->bsi_flt_where, "l",
704 STRLENOF( " OR " ), " OR " );
708 /* if needed, close extra level of parens */
710 backsql_strfcat( &bsi->bsi_flt_where, "c", ')' );
720 Debug( LDAP_DEBUG_TRACE,
721 "<==backsql_process_filter() %s\n",
722 rc == 1 ? "succeeded" : "failed", 0, 0);
728 backsql_process_filter_eq( backsql_srch_info *bsi, backsql_at_map_rec *at,
729 int casefold, struct berval *filter_value )
732 * maybe we should check type of at->sel_expr here somehow,
733 * to know whether upper_func is applicable, but for now
734 * upper_func stuff is made for Oracle, where UPPER is
735 * safely applicable to NUMBER etc.
737 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
740 backsql_strfcat( &bsi->bsi_flt_where, "cbl",
743 (ber_len_t)STRLENOF( "='" ),
746 start = bsi->bsi_flt_where.bb_val.bv_len;
748 backsql_strfcat( &bsi->bsi_flt_where, "bl",
750 (ber_len_t)STRLENOF( /* (' */ "')" ),
753 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
756 backsql_strfcat( &bsi->bsi_flt_where, "cblbl",
759 (ber_len_t)STRLENOF( "='" ), "='",
761 (ber_len_t)STRLENOF( /* (' */ "')" ),
769 backsql_process_filter_like( backsql_srch_info *bsi, backsql_at_map_rec *at,
770 int casefold, struct berval *filter_value )
773 * maybe we should check type of at->sel_expr here somehow,
774 * to know whether upper_func is applicable, but for now
775 * upper_func stuff is made for Oracle, where UPPER is
776 * safely applicable to NUMBER etc.
778 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
781 backsql_strfcat( &bsi->bsi_flt_where, "cbl",
784 (ber_len_t)STRLENOF( " LIKE '%" ),
787 start = bsi->bsi_flt_where.bb_val.bv_len;
789 backsql_strfcat( &bsi->bsi_flt_where, "bl",
791 (ber_len_t)STRLENOF( /* (' */ "%')" ),
794 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
797 backsql_strfcat( &bsi->bsi_flt_where, "cblbl",
800 (ber_len_t)STRLENOF( " LIKE '%" ),
803 (ber_len_t)STRLENOF( /* (' */ "%')" ),
811 backsql_process_filter_attr( backsql_srch_info *bsi, Filter *f, backsql_at_map_rec *at )
813 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
815 struct berval *filter_value = NULL;
816 MatchingRule *matching_rule = NULL;
817 struct berval ordering = BER_BVC("<=");
819 Debug( LDAP_DEBUG_TRACE, "==>backsql_process_filter_attr(%s)\n",
820 at->bam_ad->ad_cname.bv_val, 0, 0 );
823 * need to add this attribute to list of attrs to load,
824 * so that we can do test_filter() later
826 backsql_attrlist_add( bsi, at->bam_ad );
828 backsql_merge_from_tbls( bsi, &at->bam_from_tbls );
830 if ( !BER_BVISNULL( &at->bam_join_where )
831 && strstr( bsi->bsi_join_where.bb_val.bv_val,
832 at->bam_join_where.bv_val ) == NULL )
834 backsql_strfcat( &bsi->bsi_join_where, "lb",
835 (ber_len_t)STRLENOF( " AND " ), " AND ",
836 &at->bam_join_where );
839 switch ( f->f_choice ) {
840 case LDAP_FILTER_EQUALITY:
841 filter_value = &f->f_av_value;
842 matching_rule = at->bam_ad->ad_type->sat_equality;
846 /* fail over into next case */
848 case LDAP_FILTER_EXT:
849 filter_value = &f->f_mra->ma_value;
850 matching_rule = f->f_mr_rule;
853 /* always uppercase strings by now */
854 #ifdef BACKSQL_UPPERCASE_FILTER
855 if ( SLAP_MR_ASSOCIATED( matching_rule,
856 bi->bi_caseIgnoreMatch ) )
857 #endif /* BACKSQL_UPPERCASE_FILTER */
862 if ( SLAP_MR_ASSOCIATED( matching_rule,
863 bi->bi_telephoneNumberMatch ) )
869 * to check for matching telephone numbers
870 * with intermized chars, e.g. val='1234'
873 * val LIKE '%1%2%3%4%'
876 bv.bv_len = 2 * filter_value->bv_len - 1;
877 bv.bv_val = ch_malloc( bv.bv_len + 1 );
879 bv.bv_val[ 0 ] = filter_value->bv_val[ 0 ];
880 for ( i = 1; i < filter_value->bv_len; i++ ) {
881 bv.bv_val[ 2 * i - 1 ] = '%';
882 bv.bv_val[ 2 * i ] = filter_value->bv_val[ i ];
884 bv.bv_val[ 2 * i - 1 ] = '\0';
886 (void)backsql_process_filter_like( bsi, at, casefold, &bv );
887 ch_free( bv.bv_val );
892 /* NOTE: this is required by objectClass inheritance
893 * and auxiliary objectClass use in filters for slightly
894 * more efficient candidate selection. */
895 /* FIXME: a bit too many specializations to deal with
896 * very specific cases... */
897 if ( at->bam_ad == slap_schema.si_ad_objectClass
898 || at->bam_ad == slap_schema.si_ad_structuralObjectClass )
900 backsql_strfcat( &bsi->bsi_flt_where, "lbl",
901 (ber_len_t)STRLENOF( "(ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */ ),
902 "(ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */,
904 (ber_len_t)STRLENOF( /* (' */ "')" ),
910 * maybe we should check type of at->sel_expr here somehow,
911 * to know whether upper_func is applicable, but for now
912 * upper_func stuff is made for Oracle, where UPPER is
913 * safely applicable to NUMBER etc.
915 (void)backsql_process_filter_eq( bsi, at, casefold, filter_value );
919 ordering.bv_val = ">=";
921 /* fall thru to next case */
924 /* always uppercase strings by now */
925 #ifdef BACKSQL_UPPERCASE_FILTER
926 if ( SLAP_MR_ASSOCIATED( at->bam_ad->ad_type->sat_ordering,
927 bi->bi_caseIgnoreMatch ) )
928 #endif /* BACKSQL_UPPERCASE_FILTER */
934 * FIXME: should we uppercase the operands?
936 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
939 backsql_strfcat( &bsi->bsi_flt_where, "cbbc",
945 start = bsi->bsi_flt_where.bb_val.bv_len;
947 backsql_strfcat( &bsi->bsi_flt_where, "bl",
949 (ber_len_t)STRLENOF( /* (' */ "')" ),
952 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
955 backsql_strfcat( &bsi->bsi_flt_where, "cbbcbl",
961 (ber_len_t)STRLENOF( /* (' */ "')" ),
966 case LDAP_FILTER_PRESENT:
967 backsql_strfcat( &bsi->bsi_flt_where, "lbl",
968 (ber_len_t)STRLENOF( "NOT (" /* ) */),
971 (ber_len_t)STRLENOF( /* ( */ " IS NULL)" ),
972 /* ( */ " IS NULL)" );
975 case LDAP_FILTER_SUBSTRINGS:
976 backsql_process_sub_filter( bsi, f, at );
979 case LDAP_FILTER_APPROX:
983 * maybe we should check type of at->sel_expr here somehow,
984 * to know whether upper_func is applicable, but for now
985 * upper_func stuff is made for Oracle, where UPPER is
986 * safely applicable to NUMBER etc.
988 (void)backsql_process_filter_like( bsi, at, 1, &f->f_av_value );
992 /* unhandled filter type; should not happen */
994 backsql_strfcat( &bsi->bsi_flt_where, "l",
995 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
1000 Debug( LDAP_DEBUG_TRACE, "<==backsql_process_filter_attr(%s)\n",
1001 at->bam_ad->ad_cname.bv_val, 0, 0 );
1007 backsql_srch_query( backsql_srch_info *bsi, struct berval *query )
1009 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
1013 BER_BVZERO( query );
1015 Debug( LDAP_DEBUG_TRACE, "==>backsql_srch_query()\n", 0, 0, 0 );
1016 BER_BVZERO( &bsi->bsi_sel.bb_val );
1017 BER_BVZERO( &bsi->bsi_sel.bb_val );
1018 bsi->bsi_sel.bb_len = 0;
1019 BER_BVZERO( &bsi->bsi_from.bb_val );
1020 bsi->bsi_from.bb_len = 0;
1021 BER_BVZERO( &bsi->bsi_join_where.bb_val );
1022 bsi->bsi_join_where.bb_len = 0;
1023 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
1024 bsi->bsi_flt_where.bb_len = 0;
1026 backsql_strfcat( &bsi->bsi_sel, "lbcbc",
1027 (ber_len_t)STRLENOF( "SELECT DISTINCT ldap_entries.id," ),
1028 "SELECT DISTINCT ldap_entries.id,",
1029 &bsi->bsi_oc->bom_keytbl,
1031 &bsi->bsi_oc->bom_keycol,
1034 if ( !BER_BVISNULL( &bi->strcast_func ) ) {
1035 backsql_strfcat( &bsi->bsi_sel, "blbl",
1037 (ber_len_t)STRLENOF( "('" /* ') */ ),
1039 &bsi->bsi_oc->bom_oc->soc_cname,
1040 (ber_len_t)STRLENOF( /* (' */ "')" ),
1043 backsql_strfcat( &bsi->bsi_sel, "cbc",
1045 &bsi->bsi_oc->bom_oc->soc_cname,
1048 #ifdef BACKSQL_ALIASING_QUOTE
1049 backsql_strfcat( &bsi->bsi_sel, "lclcl",
1050 (ber_len_t)STRLENOF( " " BACKSQL_ALIASING ),
1051 " " BACKSQL_ALIASING,
1052 BACKSQL_ALIASING_QUOTE,
1053 (ber_len_t)STRLENOF( "objectClass" ),
1055 BACKSQL_ALIASING_QUOTE,
1056 (ber_len_t)STRLENOF( ",ldap_entries.dn " BACKSQL_ALIASING "dn" ),
1057 ",ldap_entries.dn " BACKSQL_ALIASING "dn" );
1058 #else /* ! BACKSQL_ALIASING_QUOTE */
1059 backsql_strfcat( &bsi->bsi_sel, "l",
1060 (ber_len_t)STRLENOF( " " BACKSQL_ALIASING "objectClass,ldap_entries.dn " BACKSQL_ALIASING "dn" ),
1061 " " BACKSQL_ALIASING "objectClass,ldap_entries.dn " BACKSQL_ALIASING "dn" );
1062 #endif /* ! BACKSQL_ALIASING_QUOTE */
1064 backsql_strfcat( &bsi->bsi_from, "lb",
1065 (ber_len_t)STRLENOF( " FROM ldap_entries," ),
1066 " FROM ldap_entries,",
1067 &bsi->bsi_oc->bom_keytbl );
1069 backsql_strfcat( &bsi->bsi_join_where, "lbcbl",
1070 (ber_len_t)STRLENOF( " WHERE " ), " WHERE ",
1071 &bsi->bsi_oc->bom_keytbl,
1073 &bsi->bsi_oc->bom_keycol,
1074 (ber_len_t)STRLENOF( "=ldap_entries.keyval AND ldap_entries.oc_map_id=? AND " ),
1075 "=ldap_entries.keyval AND ldap_entries.oc_map_id=? AND " );
1077 switch ( bsi->bsi_scope ) {
1078 case LDAP_SCOPE_BASE:
1079 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1080 backsql_strfcat( &bsi->bsi_join_where, "bl",
1082 (ber_len_t)STRLENOF( "(ldap_entries.dn)=?" ),
1083 "(ldap_entries.dn)=?" );
1085 backsql_strfcat( &bsi->bsi_join_where, "l",
1086 (ber_len_t)STRLENOF( "ldap_entries.dn=?" ),
1087 "ldap_entries.dn=?" );
1091 case BACKSQL_SCOPE_BASE_LIKE:
1092 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1093 backsql_strfcat( &bsi->bsi_join_where, "bl",
1095 (ber_len_t)STRLENOF( "(ldap_entries.dn) LIKE ?" ),
1096 "(ldap_entries.dn) LIKE ?" );
1098 backsql_strfcat( &bsi->bsi_join_where, "l",
1099 (ber_len_t)STRLENOF( "ldap_entries.dn LIKE ?" ),
1100 "ldap_entries.dn LIKE ?" );
1104 case LDAP_SCOPE_ONELEVEL:
1105 backsql_strfcat( &bsi->bsi_join_where, "l",
1106 (ber_len_t)STRLENOF( "ldap_entries.parent=?" ),
1107 "ldap_entries.parent=?" );
1110 case LDAP_SCOPE_SUBTREE:
1111 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1112 backsql_strfcat( &bsi->bsi_join_where, "bl",
1114 (ber_len_t)STRLENOF( "(ldap_entries.dn) LIKE ?" ),
1115 "(ldap_entries.dn) LIKE ?" );
1117 backsql_strfcat( &bsi->bsi_join_where, "l",
1118 (ber_len_t)STRLENOF( "ldap_entries.dn LIKE ?" ),
1119 "ldap_entries.dn LIKE ?" );
1128 rc = backsql_process_filter( bsi, bsi->bsi_filter );
1130 struct berbuf bb = BB_NULL;
1132 backsql_strfcat( &bb, "bbblb",
1133 &bsi->bsi_sel.bb_val,
1134 &bsi->bsi_from.bb_val,
1135 &bsi->bsi_join_where.bb_val,
1136 (ber_len_t)STRLENOF( " AND " ), " AND ",
1137 &bsi->bsi_flt_where.bb_val );
1141 } else if ( rc < 0 ) {
1143 * Indicates that there's no possible way the filter matches
1144 * anything. No need to issue the query
1146 free( query->bv_val );
1147 BER_BVZERO( query );
1150 free( bsi->bsi_sel.bb_val.bv_val );
1151 BER_BVZERO( &bsi->bsi_sel.bb_val );
1152 bsi->bsi_sel.bb_len = 0;
1153 free( bsi->bsi_from.bb_val.bv_val );
1154 BER_BVZERO( &bsi->bsi_from.bb_val );
1155 bsi->bsi_from.bb_len = 0;
1156 free( bsi->bsi_join_where.bb_val.bv_val );
1157 BER_BVZERO( &bsi->bsi_join_where.bb_val );
1158 bsi->bsi_join_where.bb_len = 0;
1159 free( bsi->bsi_flt_where.bb_val.bv_val );
1160 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
1161 bsi->bsi_flt_where.bb_len = 0;
1163 Debug( LDAP_DEBUG_TRACE, "<==backsql_srch_query() returns %s\n",
1164 query->bv_val ? query->bv_val : "NULL", 0, 0 );
1166 return ( rc <= 0 ? 1 : 0 );
1170 backsql_oc_get_candidates( void *v_oc, void *v_bsi )
1172 backsql_oc_map_rec *oc = v_oc;
1173 backsql_srch_info *bsi = v_bsi;
1174 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
1175 struct berval query;
1179 BACKSQL_ROW_NTS row;
1182 int n_candidates = bsi->bsi_n_candidates;
1185 * + 1 because we need room for '%'; this makes a subtree
1186 * search for a DN BACKSQL_MAX_DN_LEN long legal
1187 * if it returns that DN only
1189 char temp_base_dn[ BACKSQL_MAX_DN_LEN + 1 + 1 ];
1191 bsi->bsi_status = LDAP_SUCCESS;
1193 Debug( LDAP_DEBUG_TRACE, "==>backsql_oc_get_candidates(): oc=\"%s\"\n",
1194 BACKSQL_OC_NAME( oc ), 0, 0 );
1196 if ( bsi->bsi_n_candidates == -1 ) {
1197 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1198 "unchecked limit has been overcome\n", 0, 0, 0 );
1199 /* should never get here */
1201 bsi->bsi_status = LDAP_ADMINLIMIT_EXCEEDED;
1202 return BACKSQL_AVL_STOP;
1206 res = backsql_srch_query( bsi, &query );
1208 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1209 "error while constructing query for objectclass \"%s\"\n",
1210 oc->bom_oc->soc_cname.bv_val, 0, 0 );
1212 * FIXME: need to separate errors from legally
1213 * impossible filters
1215 switch ( bsi->bsi_status ) {
1217 case LDAP_UNDEFINED_TYPE:
1218 case LDAP_NO_SUCH_OBJECT:
1219 /* we are conservative... */
1221 bsi->bsi_status = LDAP_SUCCESS;
1223 return BACKSQL_AVL_CONTINUE;
1225 case LDAP_ADMINLIMIT_EXCEEDED:
1227 /* don't try any more */
1228 return BACKSQL_AVL_STOP;
1232 if ( BER_BVISNULL( &query ) ) {
1233 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1234 "could not construct query for objectclass \"%s\"\n",
1235 oc->bom_oc->soc_cname.bv_val, 0, 0 );
1236 bsi->bsi_status = LDAP_SUCCESS;
1237 return BACKSQL_AVL_CONTINUE;
1240 Debug( LDAP_DEBUG_TRACE, "Constructed query: %s\n",
1241 query.bv_val, 0, 0 );
1243 rc = backsql_Prepare( bsi->bsi_dbh, &sth, query.bv_val, 0 );
1244 free( query.bv_val );
1245 BER_BVZERO( &query );
1246 if ( rc != SQL_SUCCESS ) {
1247 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1248 "error preparing query\n", 0, 0, 0 );
1249 backsql_PrintErrors( bi->db_env, bsi->bsi_dbh, sth, rc );
1250 bsi->bsi_status = LDAP_OTHER;
1251 return BACKSQL_AVL_CONTINUE;
1254 Debug( LDAP_DEBUG_TRACE, "id: '%ld'\n", bsi->bsi_oc->bom_id, 0, 0 );
1256 rc = backsql_BindParamInt( sth, 1, SQL_PARAM_INPUT,
1257 &bsi->bsi_oc->bom_id );
1258 if ( rc != SQL_SUCCESS ) {
1259 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1260 "error binding objectclass id parameter\n", 0, 0, 0 );
1261 bsi->bsi_status = LDAP_OTHER;
1262 return BACKSQL_AVL_CONTINUE;
1265 switch ( bsi->bsi_scope ) {
1266 case LDAP_SCOPE_BASE:
1267 case BACKSQL_SCOPE_BASE_LIKE:
1269 * We do not accept DNs longer than BACKSQL_MAX_DN_LEN;
1270 * however this should be handled earlier
1272 if ( bsi->bsi_base_dn->bv_len > BACKSQL_MAX_DN_LEN ) {
1273 bsi->bsi_status = LDAP_OTHER;
1274 return BACKSQL_AVL_CONTINUE;
1277 AC_MEMCPY( temp_base_dn, bsi->bsi_base_dn->bv_val,
1278 bsi->bsi_base_dn->bv_len + 1 );
1280 /* uppercase DN only if the stored DN can be uppercased
1282 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1283 ldap_pvt_str2upper( temp_base_dn );
1286 Debug( LDAP_DEBUG_TRACE, "(base)dn: \"%s\"\n",
1287 temp_base_dn, 0, 0 );
1289 rc = backsql_BindParamStr( sth, 2, SQL_PARAM_INPUT,
1290 temp_base_dn, BACKSQL_MAX_DN_LEN );
1291 if ( rc != SQL_SUCCESS ) {
1292 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1293 "error binding base_dn parameter\n", 0, 0, 0 );
1294 backsql_PrintErrors( bi->db_env, bsi->bsi_dbh,
1296 bsi->bsi_status = LDAP_OTHER;
1297 return BACKSQL_AVL_CONTINUE;
1301 case LDAP_SCOPE_SUBTREE: {
1303 * We do not accept DNs longer than BACKSQL_MAX_DN_LEN;
1304 * however this should be handled earlier
1306 if ( bsi->bsi_base_dn->bv_len > BACKSQL_MAX_DN_LEN ) {
1307 bsi->bsi_status = LDAP_OTHER;
1308 return BACKSQL_AVL_CONTINUE;
1312 * Sets the parameters for the SQL built earlier
1313 * NOTE that all the databases could actually use
1314 * the TimesTen version, which would be cleaner
1315 * and would also eliminate the need for the
1316 * subtree_cond line in the configuration file.
1317 * For now, I'm leaving it the way it is,
1318 * so non-TimesTen databases use the original code.
1319 * But at some point this should get cleaned up.
1321 * If "dn" is being used, do a suffix search.
1322 * If "dn_ru" is being used, do a prefix search.
1324 if ( BACKSQL_HAS_LDAPINFO_DN_RU( bi ) ) {
1325 temp_base_dn[ 0 ] = '\0';
1326 for ( i = 0, j = bsi->bsi_base_dn->bv_len - 1;
1328 temp_base_dn[ i ] = bsi->bsi_base_dn->bv_val[ j ];
1330 temp_base_dn[ i ] = '%';
1331 temp_base_dn[ i + 1 ] = '\0';
1334 temp_base_dn[ 0 ] = '%';
1335 AC_MEMCPY( &temp_base_dn[ 1 ], bsi->bsi_base_dn->bv_val,
1336 bsi->bsi_base_dn->bv_len + 1 );
1339 /* uppercase DN only if the stored DN can be uppercased
1341 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1342 ldap_pvt_str2upper( temp_base_dn );
1345 Debug( LDAP_DEBUG_TRACE, "(sub)dn: \"%s\"\n", temp_base_dn,
1348 rc = backsql_BindParamStr( sth, 2, SQL_PARAM_INPUT,
1349 temp_base_dn, BACKSQL_MAX_DN_LEN );
1350 if ( rc != SQL_SUCCESS ) {
1351 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1352 "error binding base_dn parameter (2)\n",
1354 backsql_PrintErrors( bi->db_env, bsi->bsi_dbh,
1356 bsi->bsi_status = LDAP_OTHER;
1357 return BACKSQL_AVL_CONTINUE;
1362 case LDAP_SCOPE_ONELEVEL:
1363 assert( !BER_BVISNULL( &bsi->bsi_base_id.eid_dn ) );
1365 #ifdef BACKSQL_ARBITRARY_KEY
1366 Debug( LDAP_DEBUG_TRACE, "(one)id: \"%s\"\n",
1367 bsi->bsi_base_id.eid_id.bv_val, 0, 0 );
1368 #else /* ! BACKSQL_ARBITRARY_KEY */
1369 Debug( LDAP_DEBUG_TRACE, "(one)id: '%lu'\n",
1370 bsi->bsi_base_id.eid_id, 0, 0 );
1371 #endif /* ! BACKSQL_ARBITRARY_KEY */
1372 rc = backsql_BindParamID( sth, 2, SQL_PARAM_INPUT,
1373 &bsi->bsi_base_id.eid_id );
1374 if ( rc != SQL_SUCCESS ) {
1375 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1376 "error binding base id parameter\n", 0, 0, 0 );
1377 bsi->bsi_status = LDAP_OTHER;
1378 return BACKSQL_AVL_CONTINUE;
1383 rc = SQLExecute( sth );
1384 if ( !BACKSQL_SUCCESS( rc ) ) {
1385 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1386 "error executing query\n", 0, 0, 0 );
1387 backsql_PrintErrors( bi->db_env, bsi->bsi_dbh, sth, rc );
1388 SQLFreeStmt( sth, SQL_DROP );
1389 bsi->bsi_status = LDAP_OTHER;
1390 return BACKSQL_AVL_CONTINUE;
1393 backsql_BindRowAsStrings( sth, &row );
1394 rc = SQLFetch( sth );
1395 for ( ; BACKSQL_SUCCESS( rc ); rc = SQLFetch( sth ) ) {
1397 backsql_entryID *c_id = NULL;
1399 ber_str2bv( row.cols[ 3 ], 0, 0, &dn );
1401 if ( backsql_api_odbc2dn( bsi->bsi_op, bsi->bsi_rs, &dn ) ) {
1405 c_id = (backsql_entryID *)ch_calloc( 1,
1406 sizeof( backsql_entryID ) );
1407 #ifdef BACKSQL_ARBITRARY_KEY
1408 ber_str2bv( row.cols[ 0 ], 0, 1, &c_id->eid_id );
1409 ber_str2bv( row.cols[ 1 ], 0, 1, &c_id->eid_keyval );
1410 #else /* ! BACKSQL_ARBITRARY_KEY */
1411 c_id->eid_id = strtol( row.cols[ 0 ], NULL, 0 );
1412 c_id->eid_keyval = strtol( row.cols[ 1 ], NULL, 0 );
1413 #endif /* ! BACKSQL_ARBITRARY_KEY */
1414 c_id->eid_oc_id = bsi->bsi_oc->bom_id;
1416 if ( dn.bv_val == row.cols[ 3 ] ) {
1417 ber_dupbv( &c_id->eid_dn, &dn );
1422 /* append at end of list ... */
1423 c_id->eid_next = NULL;
1424 *bsi->bsi_id_listtail = c_id;
1425 bsi->bsi_id_listtail = &c_id->eid_next;
1427 #ifdef BACKSQL_ARBITRARY_KEY
1428 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1429 "added entry id=%s, keyval=%s dn=\"%s\"\n",
1430 c_id->eid_id.bv_val, c_id->eid_keyval.bv_val,
1432 #else /* ! BACKSQL_ARBITRARY_KEY */
1433 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1434 "added entry id=%ld, keyval=%ld dn=\"%s\"\n",
1435 c_id->eid_id, c_id->eid_keyval, row.cols[ 3 ] );
1436 #endif /* ! BACKSQL_ARBITRARY_KEY */
1438 /* count candidates, for unchecked limit */
1439 bsi->bsi_n_candidates--;
1440 if ( bsi->bsi_n_candidates == -1 ) {
1444 backsql_FreeRow( &row );
1445 SQLFreeStmt( sth, SQL_DROP );
1447 Debug( LDAP_DEBUG_TRACE, "<==backsql_oc_get_candidates(): %d\n",
1448 n_candidates - bsi->bsi_n_candidates, 0, 0 );
1450 return ( bsi->bsi_n_candidates == -1 ? BACKSQL_AVL_STOP : BACKSQL_AVL_CONTINUE );
1454 backsql_search( Operation *op, SlapReply *rs )
1456 backsql_info *bi = (backsql_info *)op->o_bd->be_private;
1459 Entry user_entry = { 0 };
1461 time_t stoptime = 0;
1462 backsql_srch_info srch_info;
1463 backsql_entryID *eid = NULL;
1466 manageDSAit = get_manageDSAit( op );
1468 Debug( LDAP_DEBUG_TRACE, "==>backsql_search(): "
1469 "base=\"%s\", filter=\"%s\", scope=%d,",
1470 op->o_req_ndn.bv_val,
1471 op->ors_filterstr.bv_val,
1473 Debug( LDAP_DEBUG_TRACE, " deref=%d, attrsonly=%d, "
1474 "attributes to load: %s\n",
1477 op->ors_attrs == NULL ? "all" : "custom list" );
1479 if ( op->o_req_ndn.bv_len > BACKSQL_MAX_DN_LEN ) {
1480 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1481 "search base length (%ld) exceeds max length (%d)\n",
1482 op->o_req_ndn.bv_len, BACKSQL_MAX_DN_LEN, 0 );
1484 * FIXME: a LDAP_NO_SUCH_OBJECT could be appropriate
1485 * since it is impossible that such a long DN exists
1488 rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
1489 send_ldap_result( op, rs );
1493 sres = backsql_get_db_conn( op, &dbh );
1494 if ( sres != LDAP_SUCCESS ) {
1495 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1496 "could not get connection handle - exiting\n",
1499 rs->sr_text = sres == LDAP_OTHER ? "SQL-backend error" : NULL;
1500 send_ldap_result( op, rs );
1504 /* compute it anyway; root does not use it */
1505 stoptime = op->o_time + op->ors_tlimit;
1507 base = op->o_req_dn;
1508 if ( backsql_api_dn2odbc( op, rs, &base ) ) {
1509 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1510 "backsql_api_dn2odbc failed\n",
1512 rs->sr_err = LDAP_OTHER;
1513 rs->sr_text = "SQL-backend error";
1514 send_ldap_result( op, rs );
1519 rs->sr_err = backsql_init_search( &srch_info, &base,
1521 op->ors_slimit, op->ors_tlimit,
1522 stoptime, op->ors_filter,
1523 dbh, op, rs, op->ors_attrs, 1 );
1524 if ( rs->sr_err != LDAP_SUCCESS ) {
1525 send_ldap_result( op, rs );
1530 * for each objectclass we try to construct query which gets IDs
1531 * of entries matching LDAP query filter and scope (or at least
1532 * candidates), and get the IDs
1534 srch_info.bsi_n_candidates =
1535 ( op->ors_limit == NULL /* isroot == FALSE */ ? -2 :
1536 ( op->ors_limit->lms_s_unchecked == -1 ? -2 :
1537 ( op->ors_limit->lms_s_unchecked ) ) );
1538 avl_apply( bi->oc_by_oc, backsql_oc_get_candidates,
1539 &srch_info, BACKSQL_AVL_STOP, AVL_INORDER );
1540 if ( op->ors_limit != NULL /* isroot == TRUE */
1541 && op->ors_limit->lms_s_unchecked != -1
1542 && srch_info.bsi_n_candidates == -1 )
1544 rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
1545 send_ldap_result( op, rs );
1550 * now we load candidate entries (only those attributes
1551 * mentioned in attrs and filter), test it against full filter
1552 * and then send to client
1554 for ( eid = srch_info.bsi_id_list;
1556 eid = backsql_free_entryID( eid, 1 ) )
1559 Attribute *hasSubordinate = NULL,
1562 /* check for abandon */
1563 if ( op->o_abandon ) {
1567 /* check time limit */
1568 if ( op->ors_tlimit != SLAP_NO_LIMIT
1569 && slap_get_time() > stoptime )
1571 rs->sr_err = LDAP_TIMELIMIT_EXCEEDED;
1572 rs->sr_ctrls = NULL;
1573 rs->sr_ref = rs->sr_v2ref;
1574 rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS
1576 send_ldap_result( op, rs );
1580 #ifdef BACKSQL_ARBITRARY_KEY
1581 Debug(LDAP_DEBUG_TRACE, "backsql_search(): loading data "
1582 "for entry id=%s, oc_id=%ld, keyval=%s\n",
1583 eid->eid_id.bv_val, eid->eid_oc_id,
1584 eid->eid_keyval.bv_val );
1585 #else /* ! BACKSQL_ARBITRARY_KEY */
1586 Debug(LDAP_DEBUG_TRACE, "backsql_search(): loading data "
1587 "for entry id=%ld, oc_id=%ld, keyval=%ld\n",
1588 eid->eid_id, eid->eid_oc_id, eid->eid_keyval );
1589 #endif /* ! BACKSQL_ARBITRARY_KEY */
1591 srch_info.bsi_e = &user_entry;
1592 rc = backsql_id2entry( &srch_info, eid );
1593 if ( rc != LDAP_SUCCESS ) {
1594 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1595 "error %d in backsql_id2entry() "
1596 "- skipping\n", rc, 0, 0 );
1601 switch ( op->ors_scope ) {
1602 case LDAP_SCOPE_BASE:
1603 case BACKSQL_SCOPE_BASE_LIKE:
1604 if ( !bvmatch( &user_entry.e_nname, &op->o_req_ndn ) ) {
1609 case LDAP_SCOPE_ONE:
1611 struct berval rdn = user_entry.e_nname;
1612 rdn.bv_len -= op->o_req_ndn.bv_len + STRLENOF( "," );
1613 if ( !dnIsOneLevelRDN( &rdn ) ) {
1619 case LDAP_SCOPE_SUBTREE:
1620 if ( !dnIsSuffix( &user_entry.e_nname, &op->o_req_ndn ) ) {
1626 if ( !manageDSAit &&
1627 op->ors_scope != LDAP_SCOPE_BASE &&
1628 op->ors_scope != BACKSQL_SCOPE_BASE_LIKE &&
1629 is_entry_referral( &user_entry ) )
1633 refs = get_entry_referrals( op, &user_entry );
1635 backsql_srch_info srch_info2 = { 0 };
1636 Entry user_entry2 = { 0 };
1638 /* retry with the full entry... */
1639 (void)backsql_init_search( &srch_info2,
1643 dbh, op, rs, NULL, 0 );
1644 srch_info2.bsi_e = &user_entry2;
1645 rc = backsql_id2entry( &srch_info2, eid );
1646 if ( rc == LDAP_SUCCESS ) {
1647 if ( is_entry_referral( &user_entry2 ) )
1649 refs = get_entry_referrals( op,
1651 } /* else: FIXME: inconsistency! */
1652 entry_clean( &user_entry2 );
1657 rs->sr_ref = referral_rewrite( refs,
1661 ber_bvarray_free( refs );
1664 if ( !rs->sr_ref ) {
1665 rs->sr_text = "bad_referral object";
1668 rs->sr_err = LDAP_REFERRAL;
1669 rs->sr_matched = user_entry.e_name.bv_val;
1670 send_search_reference( op, rs );
1672 ber_bvarray_free( rs->sr_ref );
1674 rs->sr_matched = NULL;
1680 * We use this flag since we need to parse the filter
1681 * anyway; we should have used the frontend API function
1682 * filter_has_subordinates()
1684 if ( srch_info.bsi_flags & BSQL_SF_FILTER_HASSUBORDINATE ) {
1685 rc = backsql_has_children( bi, dbh, &user_entry.e_nname );
1688 case LDAP_COMPARE_TRUE:
1689 case LDAP_COMPARE_FALSE:
1690 hasSubordinate = slap_operational_hasSubordinate( rc == LDAP_COMPARE_TRUE );
1691 if ( hasSubordinate != NULL ) {
1692 for ( a = user_entry.e_attrs;
1696 a->a_next = hasSubordinate;
1702 Debug(LDAP_DEBUG_TRACE,
1703 "backsql_search(): "
1704 "has_children failed( %d)\n",
1711 if ( test_filter( op, &user_entry, op->ors_filter )
1712 == LDAP_COMPARE_TRUE ) {
1713 if ( hasSubordinate && !( srch_info.bsi_flags & BSQL_SF_ALL_OPER )
1714 && !ad_inlist( slap_schema.si_ad_hasSubordinates, op->ors_attrs ) ) {
1716 attr_free( hasSubordinate );
1717 hasSubordinate = NULL;
1720 rs->sr_attrs = op->ors_attrs;
1721 rs->sr_operational_attrs = NULL;
1722 rs->sr_entry = &user_entry;
1723 rs->sr_flags = REP_ENTRY_MODIFIABLE;
1724 sres = send_search_entry( op, rs );
1725 rs->sr_entry = NULL;
1726 rs->sr_attrs = NULL;
1727 rs->sr_operational_attrs = NULL;
1735 * FIXME: send_search_entry failed;
1739 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1740 "connection lost\n", 0, 0, 0 );
1746 entry_clean( &user_entry );
1748 if ( op->ors_slimit != SLAP_NO_LIMIT
1749 && rs->sr_nentries >= op->ors_slimit )
1751 rs->sr_err = LDAP_SIZELIMIT_EXCEEDED;
1752 send_ldap_result( op, rs );
1758 /* in case we got here accidentally */
1759 entry_clean( &user_entry );
1761 if ( rs->sr_nentries > 0 ) {
1762 rs->sr_ref = rs->sr_v2ref;
1763 rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS
1767 rs->sr_err = srch_info.bsi_status;
1769 send_ldap_result( op, rs );
1771 if ( rs->sr_v2ref ) {
1772 ber_bvarray_free( rs->sr_v2ref );
1773 rs->sr_v2ref = NULL;
1777 if ( !BER_BVISNULL( &srch_info.bsi_base_id.eid_dn ) ) {
1778 (void)backsql_free_entryID( &srch_info.bsi_base_id, 0 );
1781 if ( srch_info.bsi_attrs ) {
1782 ch_free( srch_info.bsi_attrs );
1785 if ( base.bv_val != op->o_req_ndn.bv_val ) {
1786 ch_free( base.bv_val );
1789 Debug( LDAP_DEBUG_TRACE, "<==backsql_search()\n", 0, 0, 0 );
1793 #endif /* SLAPD_SQL */