2 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
4 * Copyright 1999-2004 The OpenLDAP Foundation.
5 * Portions Copyright 1999 Dmitry Kovalev.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted only as authorized by the OpenLDAP
12 * A copy of this license is available in the file LICENSE in the
13 * top-level directory of the distribution or, alternatively, at
14 * <http://www.OpenLDAP.org/license.html>.
17 * This work was initially developed by Dmitry Kovalev for inclusion
18 * by OpenLDAP Software.
26 #include <sys/types.h>
27 #include "ac/string.h"
31 #include "proto-sql.h"
33 static int backsql_process_filter( backsql_srch_info *bsi, Filter *f );
34 static int backsql_process_filter_eq( backsql_srch_info *bsi,
35 backsql_at_map_rec *at,
36 int casefold, struct berval *filter_value );
37 static int backsql_process_filter_like( backsql_srch_info *bsi,
38 backsql_at_map_rec *at,
39 int casefold, struct berval *filter_value );
40 static int backsql_process_filter_attr( backsql_srch_info *bsi, Filter *f,
41 backsql_at_map_rec *at );
44 backsql_attrlist_add( backsql_srch_info *bsi, AttributeDescription *ad )
47 AttributeName *an = NULL;
49 if ( bsi->bsi_attrs == NULL ) {
54 * clear the list (retrieve all attrs)
57 ch_free( bsi->bsi_attrs );
58 bsi->bsi_attrs = NULL;
62 for ( ; !BER_BVISNULL( &bsi->bsi_attrs[ n_attrs ].an_name ); n_attrs++ ) {
63 an = &bsi->bsi_attrs[ n_attrs ];
65 Debug( LDAP_DEBUG_TRACE, "==>backsql_attrlist_add(): "
66 "attribute \"%s\" is in list\n",
67 an->an_name.bv_val, 0, 0 );
69 * We can live with strcmp because the attribute
70 * list has been normalized before calling be_search
72 if ( !BACKSQL_NCMP( &an->an_name, &ad->ad_cname ) ) {
77 Debug( LDAP_DEBUG_TRACE, "==>backsql_attrlist_add(): "
78 "adding \"%s\" to list\n", ad->ad_cname.bv_val, 0, 0 );
80 an = (AttributeName *)ch_realloc( bsi->bsi_attrs,
81 sizeof( AttributeName ) * ( n_attrs + 2 ) );
86 an[ n_attrs ].an_name = ad->ad_cname;
87 an[ n_attrs ].an_desc = ad;
88 BER_BVZERO( &an[ n_attrs + 1 ].an_name );
96 * Initializes the search structure.
98 * If get_base_id != 0, the field bsi_base_id is filled
99 * with the entryID of bsi_base_ndn; it must be freed
100 * by backsql_free_entryID() when no longer required.
102 * NOTE: base must be normalized
106 backsql_srch_info *bsi,
107 struct berval *nbase,
116 AttributeName *attrs,
120 int rc = LDAP_SUCCESS;
122 bsi->bsi_base_ndn = nbase;
123 BER_BVZERO( &bsi->bsi_base_id.eid_dn );
124 BER_BVZERO( &bsi->bsi_base_id.eid_ndn );
125 bsi->bsi_scope = scope;
126 bsi->bsi_slimit = slimit;
127 bsi->bsi_tlimit = tlimit;
128 bsi->bsi_filter = filter;
137 if ( attrs == NULL || an_find( attrs, &AllUser ) ) {
138 bsi->bsi_attrs = NULL;
143 bsi->bsi_attrs = (AttributeName *)ch_calloc( 1,
144 sizeof( AttributeName ) );
145 BER_BVZERO( &bsi->bsi_attrs[ 0 ].an_name );
147 for ( p = attrs; !BER_BVISNULL( &p->an_name ); p++ ) {
149 * ignore "1.1"; handle "+"
151 if ( BACKSQL_NCMP( &p->an_name, &AllOper ) == 0 ) {
152 bsi->bsi_flags |= BSQL_SF_ALL_OPER;
155 } else if ( BACKSQL_NCMP( &p->an_name, &NoAttrs ) == 0 ) {
158 } else if ( p->an_desc == slap_schema.si_ad_objectClass ) {
162 backsql_attrlist_add( bsi, p->an_desc );
166 /* add objectClass if not present,
167 * because it is required to understand
168 * if an entry is a referral, an alias
170 backsql_attrlist_add( bsi, slap_schema.si_ad_objectClass );
174 bsi->bsi_abandon = 0;
175 bsi->bsi_id_list = NULL;
176 bsi->bsi_id_listtail = &bsi->bsi_id_list;
177 bsi->bsi_n_candidates = 0;
178 bsi->bsi_stoptime = stoptime;
179 BER_BVZERO( &bsi->bsi_sel.bb_val );
180 bsi->bsi_sel.bb_len = 0;
181 BER_BVZERO( &bsi->bsi_from.bb_val );
182 bsi->bsi_from.bb_len = 0;
183 BER_BVZERO( &bsi->bsi_join_where.bb_val );
184 bsi->bsi_join_where.bb_len = 0;
185 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
186 bsi->bsi_flt_where.bb_len = 0;
187 bsi->bsi_filter_oc = NULL;
190 assert( op->o_bd->be_private );
192 rc = backsql_dn2id( (backsql_info *)op->o_bd->be_private,
193 &bsi->bsi_base_id, dbh, nbase );
196 return ( bsi->bsi_status = rc );
200 backsql_process_filter_list( backsql_srch_info *bsi, Filter *f, int op )
208 backsql_strfcat( &bsi->bsi_flt_where, "c", '(' /* ) */ );
211 res = backsql_process_filter( bsi, f );
214 * TimesTen : If the query has no answers,
215 * don't bother to run the query.
226 case LDAP_FILTER_AND:
227 backsql_strfcat( &bsi->bsi_flt_where, "l",
228 (ber_len_t)STRLENOF( " AND " ),
233 backsql_strfcat( &bsi->bsi_flt_where, "l",
234 (ber_len_t)STRLENOF( " OR " ),
240 backsql_strfcat( &bsi->bsi_flt_where, "c", /* ( */ ')' );
246 backsql_process_sub_filter( backsql_srch_info *bsi, Filter *f,
247 backsql_at_map_rec *at )
249 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
257 /* always uppercase strings by now */
258 #ifdef BACKSQL_UPPERCASE_FILTER
259 if ( SLAP_MR_ASSOCIATED( f->f_sub_desc->ad_type->sat_substr,
260 bi->sql_caseIgnoreMatch ) )
261 #endif /* BACKSQL_UPPERCASE_FILTER */
266 if ( SLAP_MR_ASSOCIATED( f->f_sub_desc->ad_type->sat_substr,
267 bi->sql_telephoneNumberMatch ) )
274 * to check for matching telephone numbers
275 * with intermixed chars, e.g. val='1234'
278 * val LIKE '%1%2%3%4%'
282 if ( f->f_sub_initial.bv_val ) {
283 bv.bv_len += f->f_sub_initial.bv_len;
285 if ( f->f_sub_any != NULL ) {
286 for ( a = 0; f->f_sub_any[ a ].bv_val != NULL; a++ ) {
287 bv.bv_len += f->f_sub_any[ a ].bv_len;
290 if ( f->f_sub_final.bv_val ) {
291 bv.bv_len += f->f_sub_final.bv_len;
293 bv.bv_len = 2 * bv.bv_len - 1;
294 bv.bv_val = ch_malloc( bv.bv_len + 1 );
297 if ( !BER_BVISNULL( &f->f_sub_initial ) ) {
298 bv.bv_val[ s ] = f->f_sub_initial.bv_val[ 0 ];
299 for ( i = 1; i < f->f_sub_initial.bv_len; i++ ) {
300 bv.bv_val[ s + 2 * i - 1 ] = '%';
301 bv.bv_val[ s + 2 * i ] = f->f_sub_initial.bv_val[ i ];
303 bv.bv_val[ s + 2 * i - 1 ] = '%';
307 if ( f->f_sub_any != NULL ) {
308 for ( a = 0; !BER_BVISNULL( &f->f_sub_any[ a ] ); a++ ) {
309 bv.bv_val[ s ] = f->f_sub_any[ a ].bv_val[ 0 ];
310 for ( i = 1; i < f->f_sub_any[ a ].bv_len; i++ ) {
311 bv.bv_val[ s + 2 * i - 1 ] = '%';
312 bv.bv_val[ s + 2 * i ] = f->f_sub_any[ a ].bv_val[ i ];
314 bv.bv_val[ s + 2 * i - 1 ] = '%';
319 if ( !BER_BVISNULL( &f->f_sub_final ) ) {
320 bv.bv_val[ s ] = f->f_sub_final.bv_val[ 0 ];
321 for ( i = 1; i < f->f_sub_final.bv_len; i++ ) {
322 bv.bv_val[ s + 2 * i - 1 ] = '%';
323 bv.bv_val[ s + 2 * i ] = f->f_sub_final.bv_val[ i ];
325 bv.bv_val[ s + 2 * i - 1 ] = '%';
329 bv.bv_val[ s - 1 ] = '\0';
331 (void)backsql_process_filter_like( bsi, at, casefold, &bv );
332 ch_free( bv.bv_val );
338 * When dealing with case-sensitive strings
339 * we may omit normalization; however, normalized
340 * SQL filters are more liberal.
343 backsql_strfcat( &bsi->bsi_flt_where, "c", '(' /* ) */ );
346 Debug( LDAP_DEBUG_TRACE, "backsql_process_sub_filter(%s):\n",
347 at->bam_ad->ad_cname.bv_val, 0, 0 );
348 Debug(LDAP_DEBUG_TRACE, " expr: '%s%s%s'\n", at->bam_sel_expr.bv_val,
349 at->bam_sel_expr_u.bv_val ? "' '" : "",
350 at->bam_sel_expr_u.bv_val ? at->bam_sel_expr_u.bv_val : "" );
351 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
353 * If a pre-upper-cased version of the column
354 * or a precompiled upper function exists, use it
356 backsql_strfcat( &bsi->bsi_flt_where,
359 (ber_len_t)STRLENOF( " LIKE '" ),
363 backsql_strfcat( &bsi->bsi_flt_where, "bl",
365 (ber_len_t)STRLENOF( " LIKE '" ), " LIKE '" );
368 if ( !BER_BVISNULL( &f->f_sub_initial ) ) {
372 Debug( LDAP_DEBUG_TRACE,
373 "==>backsql_process_sub_filter(%s): "
374 "sub_initial=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
375 f->f_sub_initial.bv_val, 0 );
376 #endif /* BACKSQL_TRACE */
378 start = bsi->bsi_flt_where.bb_val.bv_len;
379 backsql_strfcat( &bsi->bsi_flt_where, "b",
381 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
382 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
386 backsql_strfcat( &bsi->bsi_flt_where, "c", '%' );
388 if ( f->f_sub_any != NULL ) {
389 for ( i = 0; !BER_BVISNULL( &f->f_sub_any[ i ] ); i++ ) {
393 Debug( LDAP_DEBUG_TRACE,
394 "==>backsql_process_sub_filter(%s): "
395 "sub_any[%d]=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
396 i, f->f_sub_any[ i ].bv_val );
397 #endif /* BACKSQL_TRACE */
399 start = bsi->bsi_flt_where.bb_val.bv_len;
400 backsql_strfcat( &bsi->bsi_flt_where,
404 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
406 * Note: toupper('%') = '%'
408 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
413 if ( !BER_BVISNULL( &f->f_sub_final ) ) {
417 Debug( LDAP_DEBUG_TRACE,
418 "==>backsql_process_sub_filter(%s): "
419 "sub_final=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
420 f->f_sub_final.bv_val, 0 );
421 #endif /* BACKSQL_TRACE */
423 start = bsi->bsi_flt_where.bb_val.bv_len;
424 backsql_strfcat( &bsi->bsi_flt_where, "b",
426 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
427 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
431 backsql_strfcat( &bsi->bsi_flt_where, "l",
432 (ber_len_t)STRLENOF( /* (' */ "')" ), /* (' */ "')" );
438 backsql_merge_from_tbls( backsql_srch_info *bsi, struct berval *from_tbls )
440 if ( BER_BVISNULL( from_tbls ) ) {
444 if ( !BER_BVISNULL( &bsi->bsi_from.bb_val ) ) {
445 char *start, *end, *tmp;
447 tmp = ch_strdup( from_tbls->bv_val );
449 for ( start = tmp, end = strchr( start, ',' ); start; ) {
454 if ( strstr( bsi->bsi_from.bb_val.bv_val, start) == NULL )
456 backsql_strfcat( &bsi->bsi_from, "cs", ',', start );
460 /* in case there are spaces after the comma... */
461 for ( start = &end[1]; isspace( start[0] ); start++ );
463 end = strchr( start, ',' );
475 backsql_strfcat( &bsi->bsi_from, "b", from_tbls );
482 backsql_process_filter( backsql_srch_info *bsi, Filter *f )
484 backsql_at_map_rec **vat = NULL;
485 AttributeDescription *ad = NULL;
490 Debug( LDAP_DEBUG_TRACE, "==>backsql_process_filter()\n", 0, 0, 0 );
491 if ( f->f_choice == SLAPD_FILTER_COMPUTED ) {
492 Debug( LDAP_DEBUG_TRACE, "backsql_process_filter(): "
493 "invalid filter\n", 0, 0, 0 );
498 switch( f->f_choice ) {
500 rc = backsql_process_filter_list( bsi, f->f_or,
505 case LDAP_FILTER_AND:
506 rc = backsql_process_filter_list( bsi, f->f_and,
511 case LDAP_FILTER_NOT:
512 backsql_strfcat( &bsi->bsi_flt_where, "l",
513 (ber_len_t)STRLENOF( "NOT (" /* ) */ ),
515 rc = backsql_process_filter( bsi, f->f_not );
516 backsql_strfcat( &bsi->bsi_flt_where, "c", /* ( */ ')' );
520 case LDAP_FILTER_PRESENT:
524 case LDAP_FILTER_EXT:
525 ad = f->f_mra->ma_desc;
526 if ( f->f_mr_dnattrs ) {
528 * if dn attrs filtering is requested, better return
529 * success and let test_filter() deal with candidate
530 * selection; otherwise we'd need to set conditions
531 * on the contents of the DN, e.g. "SELECT ... FROM
532 * ldap_entries AS attributeName WHERE attributeName.dn
533 * like '%attributeName=value%'"
535 backsql_strfcat( &bsi->bsi_flt_where, "l",
536 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
537 bsi->bsi_status = LDAP_SUCCESS;
558 * Turn structuralObjectClass into objectClass
560 if ( ad == slap_schema.si_ad_objectClass
561 || ad == slap_schema.si_ad_structuralObjectClass )
564 * If the filter is LDAP_FILTER_PRESENT, then it's done;
565 * otherwise, let's see if we are lucky: filtering
566 * for "structural" objectclass or ancestor...
568 switch ( f->f_choice ) {
569 case LDAP_FILTER_EQUALITY:
571 ObjectClass *oc = oc_bvfind( &f->f_av_value );
574 Debug( LDAP_DEBUG_TRACE,
575 "backsql_process_filter(): "
576 "unknown objectClass \"%s\" "
578 f->f_av_value.bv_val, 0, 0 );
579 bsi->bsi_status = LDAP_OTHER;
585 * "structural" objectClass inheritance:
586 * - a search for "person" will also return
588 * - a search for "top" will return everything
590 if ( is_object_subclass( oc, bsi->bsi_oc->bom_oc ) ) {
591 static struct berval ldap_entry_objclasses = BER_BVC( "ldap_entry_objclasses" );
593 backsql_merge_from_tbls( bsi, &ldap_entry_objclasses );
595 backsql_strfcat( &bsi->bsi_flt_where, "lbl",
596 (ber_len_t)STRLENOF( "1=1 OR (ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */ ),
597 "1=1 OR (ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */,
598 &bsi->bsi_oc->bom_oc->soc_cname,
599 (ber_len_t)STRLENOF( /* (' */ "')" ),
601 bsi->bsi_status = LDAP_SUCCESS;
609 case LDAP_FILTER_PRESENT:
610 backsql_strfcat( &bsi->bsi_flt_where, "l",
611 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
612 bsi->bsi_status = LDAP_SUCCESS;
616 /* FIXME: LDAP_FILTER_EXT? */
619 Debug( LDAP_DEBUG_TRACE,
620 "backsql_process_filter(): "
621 "illegal/unhandled filter "
622 "on objectClass attribute",
624 bsi->bsi_status = LDAP_OTHER;
629 } else if ( ad == slap_schema.si_ad_entryUUID ) {
631 #ifdef BACKSQL_ARBITRARY_KEY
632 struct berval keyval;
633 #else /* ! BACKSQL_ARBITRARY_KEY */
634 unsigned long keyval;
635 char keyvalbuf[] = "18446744073709551615";
636 #endif /* ! BACKSQL_ARBITRARY_KEY */
638 switch ( f->f_choice ) {
639 case LDAP_FILTER_EQUALITY:
640 backsql_entryUUID_decode( &f->f_av_value, &oc_id, &keyval );
642 if ( oc_id != bsi->bsi_oc->bom_id ) {
643 bsi->bsi_status = LDAP_SUCCESS;
648 #ifdef BACKSQL_ARBITRARY_KEY
649 backsql_strfcat( &bsi->bsi_flt_where, "bcblbc",
650 &bsi->bsi_oc->bom_keytbl, '.',
651 &bsi->bsi_oc->bom_keycol,
652 STRLENOF( " LIKE '" ), " LIKE '",
654 #else /* ! BACKSQL_ARBITRARY_KEY */
655 snprintf( keyvalbuf, sizeof( keyvalbuf ), "%lu", keyval );
656 backsql_strfcat( &bsi->bsi_flt_where, "bcbcs",
657 &bsi->bsi_oc->bom_keytbl, '.',
658 &bsi->bsi_oc->bom_keycol, '=', keyvalbuf );
659 #endif /* ! BACKSQL_ARBITRARY_KEY */
662 case LDAP_FILTER_PRESENT:
663 backsql_strfcat( &bsi->bsi_flt_where, "l",
664 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
672 bsi->bsi_flags |= BSQL_SF_FILTER_ENTRYUUID;
676 } else if ( ad == slap_schema.si_ad_hasSubordinates || ad == NULL ) {
678 * FIXME: this is not robust; e.g. a filter
679 * '(!(hasSubordinates=TRUE))' fails because
680 * in SQL it would read 'NOT (1=1)' instead
682 * Note however that hasSubordinates is boolean,
683 * so a more appropriate filter would be
684 * '(hasSubordinates=FALSE)'
686 * A more robust search for hasSubordinates
687 * would * require joining the ldap_entries table
688 * selecting if there are descendants of the
691 backsql_strfcat( &bsi->bsi_flt_where, "l",
692 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
693 if ( ad == slap_schema.si_ad_hasSubordinates ) {
695 * instruct candidate selection algorithm
696 * and attribute list to try to detect
697 * if an entry has subordinates
699 bsi->bsi_flags |= BSQL_SF_FILTER_HASSUBORDINATE;
703 * clear attributes to fetch, to require ALL
704 * and try extended match on all attributes
706 backsql_attrlist_add( bsi, NULL );
713 * attribute inheritance:
715 if ( backsql_supad2at( bsi->bsi_oc, ad, &vat ) ) {
716 bsi->bsi_status = LDAP_OTHER;
722 /* search anyway; other parts of the filter
724 backsql_strfcat( &bsi->bsi_flt_where, "l",
725 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
726 bsi->bsi_status = LDAP_SUCCESS;
731 /* if required, open extra level of parens */
733 if ( vat[0]->bam_next || vat[1] ) {
734 backsql_strfcat( &bsi->bsi_flt_where, "c", '(' );
741 if ( backsql_process_filter_attr( bsi, f, vat[i] ) == -1 ) {
745 /* if more definitions of the same attr, apply */
746 if ( vat[i]->bam_next ) {
747 backsql_strfcat( &bsi->bsi_flt_where, "l",
748 STRLENOF( " OR " ), " OR " );
749 vat[i] = vat[i]->bam_next;
753 /* if more descendants of the same attr, apply */
756 backsql_strfcat( &bsi->bsi_flt_where, "l",
757 STRLENOF( " OR " ), " OR " );
761 /* if needed, close extra level of parens */
763 backsql_strfcat( &bsi->bsi_flt_where, "c", ')' );
773 Debug( LDAP_DEBUG_TRACE,
774 "<==backsql_process_filter() %s\n",
775 rc == 1 ? "succeeded" : "failed", 0, 0);
781 backsql_process_filter_eq( backsql_srch_info *bsi, backsql_at_map_rec *at,
782 int casefold, struct berval *filter_value )
785 * maybe we should check type of at->sel_expr here somehow,
786 * to know whether upper_func is applicable, but for now
787 * upper_func stuff is made for Oracle, where UPPER is
788 * safely applicable to NUMBER etc.
790 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
793 backsql_strfcat( &bsi->bsi_flt_where, "cbl",
796 (ber_len_t)STRLENOF( "='" ),
799 start = bsi->bsi_flt_where.bb_val.bv_len;
801 backsql_strfcat( &bsi->bsi_flt_where, "bl",
803 (ber_len_t)STRLENOF( /* (' */ "')" ),
806 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
809 backsql_strfcat( &bsi->bsi_flt_where, "cblbl",
812 (ber_len_t)STRLENOF( "='" ), "='",
814 (ber_len_t)STRLENOF( /* (' */ "')" ),
822 backsql_process_filter_like( backsql_srch_info *bsi, backsql_at_map_rec *at,
823 int casefold, struct berval *filter_value )
826 * maybe we should check type of at->sel_expr here somehow,
827 * to know whether upper_func is applicable, but for now
828 * upper_func stuff is made for Oracle, where UPPER is
829 * safely applicable to NUMBER etc.
831 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
834 backsql_strfcat( &bsi->bsi_flt_where, "cbl",
837 (ber_len_t)STRLENOF( " LIKE '%" ),
840 start = bsi->bsi_flt_where.bb_val.bv_len;
842 backsql_strfcat( &bsi->bsi_flt_where, "bl",
844 (ber_len_t)STRLENOF( /* (' */ "%')" ),
847 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
850 backsql_strfcat( &bsi->bsi_flt_where, "cblbl",
853 (ber_len_t)STRLENOF( " LIKE '%" ),
856 (ber_len_t)STRLENOF( /* (' */ "%')" ),
864 backsql_process_filter_attr( backsql_srch_info *bsi, Filter *f, backsql_at_map_rec *at )
866 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
868 struct berval *filter_value = NULL;
869 MatchingRule *matching_rule = NULL;
870 struct berval ordering = BER_BVC("<=");
872 Debug( LDAP_DEBUG_TRACE, "==>backsql_process_filter_attr(%s)\n",
873 at->bam_ad->ad_cname.bv_val, 0, 0 );
876 * need to add this attribute to list of attrs to load,
877 * so that we can do test_filter() later
879 backsql_attrlist_add( bsi, at->bam_ad );
881 backsql_merge_from_tbls( bsi, &at->bam_from_tbls );
883 if ( !BER_BVISNULL( &at->bam_join_where )
884 && strstr( bsi->bsi_join_where.bb_val.bv_val,
885 at->bam_join_where.bv_val ) == NULL )
887 backsql_strfcat( &bsi->bsi_join_where, "lb",
888 (ber_len_t)STRLENOF( " AND " ), " AND ",
889 &at->bam_join_where );
892 switch ( f->f_choice ) {
893 case LDAP_FILTER_EQUALITY:
894 filter_value = &f->f_av_value;
895 matching_rule = at->bam_ad->ad_type->sat_equality;
899 /* fail over into next case */
901 case LDAP_FILTER_EXT:
902 filter_value = &f->f_mra->ma_value;
903 matching_rule = f->f_mr_rule;
906 /* always uppercase strings by now */
907 #ifdef BACKSQL_UPPERCASE_FILTER
908 if ( SLAP_MR_ASSOCIATED( matching_rule,
909 bi->sql_caseIgnoreMatch ) )
910 #endif /* BACKSQL_UPPERCASE_FILTER */
915 if ( SLAP_MR_ASSOCIATED( matching_rule,
916 bi->sql_telephoneNumberMatch ) )
922 * to check for matching telephone numbers
923 * with intermized chars, e.g. val='1234'
926 * val LIKE '%1%2%3%4%'
929 bv.bv_len = 2 * filter_value->bv_len - 1;
930 bv.bv_val = ch_malloc( bv.bv_len + 1 );
932 bv.bv_val[ 0 ] = filter_value->bv_val[ 0 ];
933 for ( i = 1; i < filter_value->bv_len; i++ ) {
934 bv.bv_val[ 2 * i - 1 ] = '%';
935 bv.bv_val[ 2 * i ] = filter_value->bv_val[ i ];
937 bv.bv_val[ 2 * i - 1 ] = '\0';
939 (void)backsql_process_filter_like( bsi, at, casefold, &bv );
940 ch_free( bv.bv_val );
945 /* NOTE: this is required by objectClass inheritance
946 * and auxiliary objectClass use in filters for slightly
947 * more efficient candidate selection. */
948 /* FIXME: a bit too many specializations to deal with
949 * very specific cases... */
950 if ( at->bam_ad == slap_schema.si_ad_objectClass
951 || at->bam_ad == slap_schema.si_ad_structuralObjectClass )
953 backsql_strfcat( &bsi->bsi_flt_where, "lbl",
954 (ber_len_t)STRLENOF( "(ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */ ),
955 "(ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */,
957 (ber_len_t)STRLENOF( /* (' */ "')" ),
963 * maybe we should check type of at->sel_expr here somehow,
964 * to know whether upper_func is applicable, but for now
965 * upper_func stuff is made for Oracle, where UPPER is
966 * safely applicable to NUMBER etc.
968 (void)backsql_process_filter_eq( bsi, at, casefold, filter_value );
972 ordering.bv_val = ">=";
974 /* fall thru to next case */
977 /* always uppercase strings by now */
978 #ifdef BACKSQL_UPPERCASE_FILTER
979 if ( SLAP_MR_ASSOCIATED( at->bam_ad->ad_type->sat_ordering,
980 bi->sql_caseIgnoreMatch ) )
981 #endif /* BACKSQL_UPPERCASE_FILTER */
987 * FIXME: should we uppercase the operands?
989 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
992 backsql_strfcat( &bsi->bsi_flt_where, "cbbc",
998 start = bsi->bsi_flt_where.bb_val.bv_len;
1000 backsql_strfcat( &bsi->bsi_flt_where, "bl",
1002 (ber_len_t)STRLENOF( /* (' */ "')" ),
1005 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
1008 backsql_strfcat( &bsi->bsi_flt_where, "cbbcbl",
1014 (ber_len_t)STRLENOF( /* (' */ "')" ),
1019 case LDAP_FILTER_PRESENT:
1020 backsql_strfcat( &bsi->bsi_flt_where, "lbl",
1021 (ber_len_t)STRLENOF( "NOT (" /* ) */),
1024 (ber_len_t)STRLENOF( /* ( */ " IS NULL)" ),
1025 /* ( */ " IS NULL)" );
1028 case LDAP_FILTER_SUBSTRINGS:
1029 backsql_process_sub_filter( bsi, f, at );
1032 case LDAP_FILTER_APPROX:
1033 /* we do our best */
1036 * maybe we should check type of at->sel_expr here somehow,
1037 * to know whether upper_func is applicable, but for now
1038 * upper_func stuff is made for Oracle, where UPPER is
1039 * safely applicable to NUMBER etc.
1041 (void)backsql_process_filter_like( bsi, at, 1, &f->f_av_value );
1045 /* unhandled filter type; should not happen */
1047 backsql_strfcat( &bsi->bsi_flt_where, "l",
1048 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
1053 Debug( LDAP_DEBUG_TRACE, "<==backsql_process_filter_attr(%s)\n",
1054 at->bam_ad->ad_cname.bv_val, 0, 0 );
1060 backsql_srch_query( backsql_srch_info *bsi, struct berval *query )
1062 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
1066 BER_BVZERO( query );
1068 Debug( LDAP_DEBUG_TRACE, "==>backsql_srch_query()\n", 0, 0, 0 );
1069 BER_BVZERO( &bsi->bsi_sel.bb_val );
1070 BER_BVZERO( &bsi->bsi_sel.bb_val );
1071 bsi->bsi_sel.bb_len = 0;
1072 BER_BVZERO( &bsi->bsi_from.bb_val );
1073 bsi->bsi_from.bb_len = 0;
1074 BER_BVZERO( &bsi->bsi_join_where.bb_val );
1075 bsi->bsi_join_where.bb_len = 0;
1076 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
1077 bsi->bsi_flt_where.bb_len = 0;
1079 backsql_strfcat( &bsi->bsi_sel, "lbcbc",
1080 (ber_len_t)STRLENOF( "SELECT DISTINCT ldap_entries.id," ),
1081 "SELECT DISTINCT ldap_entries.id,",
1082 &bsi->bsi_oc->bom_keytbl,
1084 &bsi->bsi_oc->bom_keycol,
1087 if ( !BER_BVISNULL( &bi->sql_strcast_func ) ) {
1088 backsql_strfcat( &bsi->bsi_sel, "blbl",
1089 &bi->sql_strcast_func,
1090 (ber_len_t)STRLENOF( "('" /* ') */ ),
1092 &bsi->bsi_oc->bom_oc->soc_cname,
1093 (ber_len_t)STRLENOF( /* (' */ "')" ),
1096 backsql_strfcat( &bsi->bsi_sel, "cbc",
1098 &bsi->bsi_oc->bom_oc->soc_cname,
1101 #ifdef BACKSQL_ALIASING_QUOTE
1102 backsql_strfcat( &bsi->bsi_sel, "lclcl",
1103 (ber_len_t)STRLENOF( " " BACKSQL_ALIASING ),
1104 " " BACKSQL_ALIASING,
1105 BACKSQL_ALIASING_QUOTE,
1106 (ber_len_t)STRLENOF( "objectClass" ),
1108 BACKSQL_ALIASING_QUOTE,
1109 (ber_len_t)STRLENOF( ",ldap_entries.dn " BACKSQL_ALIASING "dn" ),
1110 ",ldap_entries.dn " BACKSQL_ALIASING "dn" );
1111 #else /* ! BACKSQL_ALIASING_QUOTE */
1112 backsql_strfcat( &bsi->bsi_sel, "l",
1113 (ber_len_t)STRLENOF( " " BACKSQL_ALIASING "objectClass,ldap_entries.dn " BACKSQL_ALIASING "dn" ),
1114 " " BACKSQL_ALIASING "objectClass,ldap_entries.dn " BACKSQL_ALIASING "dn" );
1115 #endif /* ! BACKSQL_ALIASING_QUOTE */
1117 backsql_strfcat( &bsi->bsi_from, "lb",
1118 (ber_len_t)STRLENOF( " FROM ldap_entries," ),
1119 " FROM ldap_entries,",
1120 &bsi->bsi_oc->bom_keytbl );
1122 backsql_strfcat( &bsi->bsi_join_where, "lbcbl",
1123 (ber_len_t)STRLENOF( " WHERE " ), " WHERE ",
1124 &bsi->bsi_oc->bom_keytbl,
1126 &bsi->bsi_oc->bom_keycol,
1127 (ber_len_t)STRLENOF( "=ldap_entries.keyval AND ldap_entries.oc_map_id=? AND " ),
1128 "=ldap_entries.keyval AND ldap_entries.oc_map_id=? AND " );
1130 switch ( bsi->bsi_scope ) {
1131 case LDAP_SCOPE_BASE:
1132 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1133 backsql_strfcat( &bsi->bsi_join_where, "bl",
1134 &bi->sql_upper_func,
1135 (ber_len_t)STRLENOF( "(ldap_entries.dn)=?" ),
1136 "(ldap_entries.dn)=?" );
1138 backsql_strfcat( &bsi->bsi_join_where, "l",
1139 (ber_len_t)STRLENOF( "ldap_entries.dn=?" ),
1140 "ldap_entries.dn=?" );
1144 case BACKSQL_SCOPE_BASE_LIKE:
1145 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1146 backsql_strfcat( &bsi->bsi_join_where, "bl",
1147 &bi->sql_upper_func,
1148 (ber_len_t)STRLENOF( "(ldap_entries.dn) LIKE ?" ),
1149 "(ldap_entries.dn) LIKE ?" );
1151 backsql_strfcat( &bsi->bsi_join_where, "l",
1152 (ber_len_t)STRLENOF( "ldap_entries.dn LIKE ?" ),
1153 "ldap_entries.dn LIKE ?" );
1157 case LDAP_SCOPE_ONELEVEL:
1158 backsql_strfcat( &bsi->bsi_join_where, "l",
1159 (ber_len_t)STRLENOF( "ldap_entries.parent=?" ),
1160 "ldap_entries.parent=?" );
1163 #ifdef LDAP_SCOPE_SUBORDINATE
1164 case LDAP_SCOPE_SUBORDINATE:
1165 #endif /* LDAP_SCOPE_SUBORDINATE */
1166 case LDAP_SCOPE_SUBTREE:
1167 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1168 backsql_strfcat( &bsi->bsi_join_where, "bl",
1169 &bi->sql_upper_func,
1170 (ber_len_t)STRLENOF( "(ldap_entries.dn) LIKE ?" ),
1171 "(ldap_entries.dn) LIKE ?" );
1173 backsql_strfcat( &bsi->bsi_join_where, "l",
1174 (ber_len_t)STRLENOF( "ldap_entries.dn LIKE ?" ),
1175 "ldap_entries.dn LIKE ?" );
1184 rc = backsql_process_filter( bsi, bsi->bsi_filter );
1186 struct berbuf bb = BB_NULL;
1188 backsql_strfcat( &bb, "bbblb",
1189 &bsi->bsi_sel.bb_val,
1190 &bsi->bsi_from.bb_val,
1191 &bsi->bsi_join_where.bb_val,
1192 (ber_len_t)STRLENOF( " AND " ), " AND ",
1193 &bsi->bsi_flt_where.bb_val );
1197 } else if ( rc < 0 ) {
1199 * Indicates that there's no possible way the filter matches
1200 * anything. No need to issue the query
1202 free( query->bv_val );
1203 BER_BVZERO( query );
1206 free( bsi->bsi_sel.bb_val.bv_val );
1207 BER_BVZERO( &bsi->bsi_sel.bb_val );
1208 bsi->bsi_sel.bb_len = 0;
1209 free( bsi->bsi_from.bb_val.bv_val );
1210 BER_BVZERO( &bsi->bsi_from.bb_val );
1211 bsi->bsi_from.bb_len = 0;
1212 free( bsi->bsi_join_where.bb_val.bv_val );
1213 BER_BVZERO( &bsi->bsi_join_where.bb_val );
1214 bsi->bsi_join_where.bb_len = 0;
1215 free( bsi->bsi_flt_where.bb_val.bv_val );
1216 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
1217 bsi->bsi_flt_where.bb_len = 0;
1219 Debug( LDAP_DEBUG_TRACE, "<==backsql_srch_query() returns %s\n",
1220 query->bv_val ? query->bv_val : "NULL", 0, 0 );
1222 return ( rc <= 0 ? 1 : 0 );
1226 backsql_oc_get_candidates( void *v_oc, void *v_bsi )
1228 backsql_oc_map_rec *oc = v_oc;
1229 backsql_srch_info *bsi = v_bsi;
1230 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
1231 struct berval query;
1235 BACKSQL_ROW_NTS row;
1238 int n_candidates = bsi->bsi_n_candidates;
1241 * + 1 because we need room for '%';
1242 * + 1 because we need room for ',' for LDAP_SCOPE_SUBORDINATE;
1243 * this makes a subtree
1244 * search for a DN BACKSQL_MAX_DN_LEN long legal
1245 * if it returns that DN only
1247 char tmp_base_ndn[ BACKSQL_MAX_DN_LEN + 1 + 1 ];
1249 bsi->bsi_status = LDAP_SUCCESS;
1251 Debug( LDAP_DEBUG_TRACE, "==>backsql_oc_get_candidates(): oc=\"%s\"\n",
1252 BACKSQL_OC_NAME( oc ), 0, 0 );
1254 if ( bsi->bsi_n_candidates == -1 ) {
1255 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1256 "unchecked limit has been overcome\n", 0, 0, 0 );
1257 /* should never get here */
1259 bsi->bsi_status = LDAP_ADMINLIMIT_EXCEEDED;
1260 return BACKSQL_AVL_STOP;
1264 res = backsql_srch_query( bsi, &query );
1266 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1267 "error while constructing query for objectclass \"%s\"\n",
1268 oc->bom_oc->soc_cname.bv_val, 0, 0 );
1270 * FIXME: need to separate errors from legally
1271 * impossible filters
1273 switch ( bsi->bsi_status ) {
1275 case LDAP_UNDEFINED_TYPE:
1276 case LDAP_NO_SUCH_OBJECT:
1277 /* we are conservative... */
1279 bsi->bsi_status = LDAP_SUCCESS;
1281 return BACKSQL_AVL_CONTINUE;
1283 case LDAP_ADMINLIMIT_EXCEEDED:
1285 /* don't try any more */
1286 return BACKSQL_AVL_STOP;
1290 if ( BER_BVISNULL( &query ) ) {
1291 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1292 "could not construct query for objectclass \"%s\"\n",
1293 oc->bom_oc->soc_cname.bv_val, 0, 0 );
1294 bsi->bsi_status = LDAP_SUCCESS;
1295 return BACKSQL_AVL_CONTINUE;
1298 Debug( LDAP_DEBUG_TRACE, "Constructed query: %s\n",
1299 query.bv_val, 0, 0 );
1301 rc = backsql_Prepare( bsi->bsi_dbh, &sth, query.bv_val, 0 );
1302 free( query.bv_val );
1303 BER_BVZERO( &query );
1304 if ( rc != SQL_SUCCESS ) {
1305 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1306 "error preparing query\n", 0, 0, 0 );
1307 backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh, sth, rc );
1308 bsi->bsi_status = LDAP_OTHER;
1309 return BACKSQL_AVL_CONTINUE;
1312 Debug( LDAP_DEBUG_TRACE, "id: '%ld'\n", bsi->bsi_oc->bom_id, 0, 0 );
1314 rc = backsql_BindParamInt( sth, 1, SQL_PARAM_INPUT,
1315 &bsi->bsi_oc->bom_id );
1316 if ( rc != SQL_SUCCESS ) {
1317 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1318 "error binding objectclass id parameter\n", 0, 0, 0 );
1319 bsi->bsi_status = LDAP_OTHER;
1320 return BACKSQL_AVL_CONTINUE;
1323 switch ( bsi->bsi_scope ) {
1324 case LDAP_SCOPE_BASE:
1325 case BACKSQL_SCOPE_BASE_LIKE:
1327 * We do not accept DNs longer than BACKSQL_MAX_DN_LEN;
1328 * however this should be handled earlier
1330 if ( bsi->bsi_base_ndn->bv_len > BACKSQL_MAX_DN_LEN ) {
1331 bsi->bsi_status = LDAP_OTHER;
1332 return BACKSQL_AVL_CONTINUE;
1335 AC_MEMCPY( tmp_base_ndn, bsi->bsi_base_ndn->bv_val,
1336 bsi->bsi_base_ndn->bv_len + 1 );
1338 /* uppercase DN only if the stored DN can be uppercased
1340 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1341 ldap_pvt_str2upper( tmp_base_ndn );
1344 Debug( LDAP_DEBUG_TRACE, "(base)dn: \"%s\"\n",
1345 tmp_base_ndn, 0, 0 );
1347 rc = backsql_BindParamStr( sth, 2, SQL_PARAM_INPUT,
1348 tmp_base_ndn, BACKSQL_MAX_DN_LEN );
1349 if ( rc != SQL_SUCCESS ) {
1350 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1351 "error binding base_ndn parameter\n", 0, 0, 0 );
1352 backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh,
1354 bsi->bsi_status = LDAP_OTHER;
1355 return BACKSQL_AVL_CONTINUE;
1359 #ifdef LDAP_SCOPE_SUBORDINATE
1360 case LDAP_SCOPE_SUBORDINATE:
1361 #endif /* LDAP_SCOPE_SUBORDINATE */
1362 case LDAP_SCOPE_SUBTREE:
1365 * We do not accept DNs longer than BACKSQL_MAX_DN_LEN;
1366 * however this should be handled earlier
1368 if ( bsi->bsi_base_ndn->bv_len > BACKSQL_MAX_DN_LEN ) {
1369 bsi->bsi_status = LDAP_OTHER;
1370 return BACKSQL_AVL_CONTINUE;
1374 * Sets the parameters for the SQL built earlier
1375 * NOTE that all the databases could actually use
1376 * the TimesTen version, which would be cleaner
1377 * and would also eliminate the need for the
1378 * subtree_cond line in the configuration file.
1379 * For now, I'm leaving it the way it is,
1380 * so non-TimesTen databases use the original code.
1381 * But at some point this should get cleaned up.
1383 * If "dn" is being used, do a suffix search.
1384 * If "dn_ru" is being used, do a prefix search.
1386 if ( BACKSQL_HAS_LDAPINFO_DN_RU( bi ) ) {
1387 tmp_base_ndn[ 0 ] = '\0';
1389 for ( i = 0, j = bsi->bsi_base_ndn->bv_len - 1;
1391 tmp_base_ndn[ i ] = bsi->bsi_base_ndn->bv_val[ j ];
1394 #ifdef LDAP_SCOPE_SUBORDINATE
1395 if ( bsi->bsi_scope == LDAP_SCOPE_SUBORDINATE ) {
1396 tmp_base_ndn[ i++ ] = ',';
1398 #endif /* LDAP_SCOPE_SUBORDINATE */
1400 tmp_base_ndn[ i ] = '%';
1401 tmp_base_ndn[ i + 1 ] = '\0';
1406 tmp_base_ndn[ i++ ] = '%';
1408 #ifdef LDAP_SCOPE_SUBORDINATE
1409 if ( bsi->bsi_scope == LDAP_SCOPE_SUBORDINATE ) {
1410 tmp_base_ndn[ i++ ] = ',';
1412 #endif /* LDAP_SCOPE_SUBORDINATE */
1414 AC_MEMCPY( &tmp_base_ndn[ i ], bsi->bsi_base_ndn->bv_val,
1415 bsi->bsi_base_ndn->bv_len + 1 );
1418 /* uppercase DN only if the stored DN can be uppercased
1420 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1421 ldap_pvt_str2upper( tmp_base_ndn );
1424 #ifdef LDAP_SCOPE_SUBORDINATE
1425 if ( bsi->bsi_scope == LDAP_SCOPE_SUBORDINATE ) {
1426 Debug( LDAP_DEBUG_TRACE, "(children)dn: \"%s\"\n",
1427 tmp_base_ndn, 0, 0 );
1429 #endif /* LDAP_SCOPE_SUBORDINATE */
1431 Debug( LDAP_DEBUG_TRACE, "(sub)dn: \"%s\"\n",
1432 tmp_base_ndn, 0, 0 );
1435 rc = backsql_BindParamStr( sth, 2, SQL_PARAM_INPUT,
1436 tmp_base_ndn, BACKSQL_MAX_DN_LEN );
1437 if ( rc != SQL_SUCCESS ) {
1438 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1439 "error binding base_ndn parameter (2)\n",
1441 backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh,
1443 bsi->bsi_status = LDAP_OTHER;
1444 return BACKSQL_AVL_CONTINUE;
1449 case LDAP_SCOPE_ONELEVEL:
1450 assert( !BER_BVISNULL( &bsi->bsi_base_id.eid_ndn ) );
1452 #ifdef BACKSQL_ARBITRARY_KEY
1453 Debug( LDAP_DEBUG_TRACE, "(one)id: \"%s\"\n",
1454 bsi->bsi_base_id.eid_id.bv_val, 0, 0 );
1455 #else /* ! BACKSQL_ARBITRARY_KEY */
1456 Debug( LDAP_DEBUG_TRACE, "(one)id: '%lu'\n",
1457 bsi->bsi_base_id.eid_id, 0, 0 );
1458 #endif /* ! BACKSQL_ARBITRARY_KEY */
1459 rc = backsql_BindParamID( sth, 2, SQL_PARAM_INPUT,
1460 &bsi->bsi_base_id.eid_id );
1461 if ( rc != SQL_SUCCESS ) {
1462 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1463 "error binding base id parameter\n", 0, 0, 0 );
1464 bsi->bsi_status = LDAP_OTHER;
1465 return BACKSQL_AVL_CONTINUE;
1470 rc = SQLExecute( sth );
1471 if ( !BACKSQL_SUCCESS( rc ) ) {
1472 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1473 "error executing query\n", 0, 0, 0 );
1474 backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh, sth, rc );
1475 SQLFreeStmt( sth, SQL_DROP );
1476 bsi->bsi_status = LDAP_OTHER;
1477 return BACKSQL_AVL_CONTINUE;
1480 backsql_BindRowAsStrings( sth, &row );
1481 rc = SQLFetch( sth );
1482 for ( ; BACKSQL_SUCCESS( rc ); rc = SQLFetch( sth ) ) {
1483 struct berval dn, pdn, ndn;
1484 backsql_entryID *c_id = NULL;
1487 ber_str2bv( row.cols[ 3 ], 0, 0, &dn );
1489 if ( backsql_api_odbc2dn( bsi->bsi_op, bsi->bsi_rs, &dn ) ) {
1493 ret = dnPrettyNormal( NULL, &dn, &pdn, &ndn, NULL );
1494 if ( dn.bv_val != row.cols[ 3 ] ) {
1498 if ( ret != LDAP_SUCCESS ) {
1502 if ( bi->sql_baseObject && dn_match( &ndn, &bi->sql_baseObject->e_nname ) ) {
1508 c_id = (backsql_entryID *)ch_calloc( 1,
1509 sizeof( backsql_entryID ) );
1510 #ifdef BACKSQL_ARBITRARY_KEY
1511 ber_str2bv( row.cols[ 0 ], 0, 1, &c_id->eid_id );
1512 ber_str2bv( row.cols[ 1 ], 0, 1, &c_id->eid_keyval );
1513 #else /* ! BACKSQL_ARBITRARY_KEY */
1514 c_id->eid_id = strtol( row.cols[ 0 ], NULL, 0 );
1515 c_id->eid_keyval = strtol( row.cols[ 1 ], NULL, 0 );
1516 #endif /* ! BACKSQL_ARBITRARY_KEY */
1517 c_id->eid_oc_id = bsi->bsi_oc->bom_id;
1520 c_id->eid_ndn = ndn;
1522 /* append at end of list ... */
1523 c_id->eid_next = NULL;
1524 *bsi->bsi_id_listtail = c_id;
1525 bsi->bsi_id_listtail = &c_id->eid_next;
1527 #ifdef BACKSQL_ARBITRARY_KEY
1528 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1529 "added entry id=%s, keyval=%s dn=\"%s\"\n",
1530 c_id->eid_id.bv_val, c_id->eid_keyval.bv_val,
1532 #else /* ! BACKSQL_ARBITRARY_KEY */
1533 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1534 "added entry id=%ld, keyval=%ld dn=\"%s\"\n",
1535 c_id->eid_id, c_id->eid_keyval, row.cols[ 3 ] );
1536 #endif /* ! BACKSQL_ARBITRARY_KEY */
1538 /* count candidates, for unchecked limit */
1539 bsi->bsi_n_candidates--;
1540 if ( bsi->bsi_n_candidates == -1 ) {
1544 backsql_FreeRow( &row );
1545 SQLFreeStmt( sth, SQL_DROP );
1547 Debug( LDAP_DEBUG_TRACE, "<==backsql_oc_get_candidates(): %d\n",
1548 n_candidates - bsi->bsi_n_candidates, 0, 0 );
1550 return ( bsi->bsi_n_candidates == -1 ? BACKSQL_AVL_STOP : BACKSQL_AVL_CONTINUE );
1554 backsql_search( Operation *op, SlapReply *rs )
1556 backsql_info *bi = (backsql_info *)op->o_bd->be_private;
1559 Entry user_entry = { 0 };
1561 time_t stoptime = 0;
1562 backsql_srch_info bsi;
1563 backsql_entryID *eid = NULL;
1564 struct berval nbase = BER_BVNULL;
1566 manageDSAit = get_manageDSAit( op );
1568 Debug( LDAP_DEBUG_TRACE, "==>backsql_search(): "
1569 "base=\"%s\", filter=\"%s\", scope=%d,",
1570 op->o_req_ndn.bv_val,
1571 op->ors_filterstr.bv_val,
1573 Debug( LDAP_DEBUG_TRACE, " deref=%d, attrsonly=%d, "
1574 "attributes to load: %s\n",
1577 op->ors_attrs == NULL ? "all" : "custom list" );
1579 if ( op->o_req_ndn.bv_len > BACKSQL_MAX_DN_LEN ) {
1580 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1581 "search base length (%ld) exceeds max length (%d)\n",
1582 op->o_req_ndn.bv_len, BACKSQL_MAX_DN_LEN, 0 );
1584 * FIXME: a LDAP_NO_SUCH_OBJECT could be appropriate
1585 * since it is impossible that such a long DN exists
1588 rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
1589 send_ldap_result( op, rs );
1593 sres = backsql_get_db_conn( op, &dbh );
1594 if ( sres != LDAP_SUCCESS ) {
1595 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1596 "could not get connection handle - exiting\n",
1599 rs->sr_text = sres == LDAP_OTHER ? "SQL-backend error" : NULL;
1600 send_ldap_result( op, rs );
1604 /* compute it anyway; root does not use it */
1605 stoptime = op->o_time + op->ors_tlimit;
1607 nbase = op->o_req_ndn;
1608 if ( backsql_api_dn2odbc( op, rs, &nbase ) ) {
1609 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1610 "backsql_api_dn2odbc failed\n",
1612 rs->sr_err = LDAP_OTHER;
1613 rs->sr_text = "SQL-backend error";
1614 send_ldap_result( op, rs );
1619 rs->sr_err = backsql_init_search( &bsi, &nbase,
1621 op->ors_slimit, op->ors_tlimit,
1622 stoptime, op->ors_filter,
1623 dbh, op, rs, op->ors_attrs, 1 );
1624 if ( rs->sr_err != LDAP_SUCCESS ) {
1625 send_ldap_result( op, rs );
1629 bsi.bsi_n_candidates =
1630 ( op->ors_limit == NULL /* isroot == TRUE */ ? -2 :
1631 ( op->ors_limit->lms_s_unchecked == -1 ? -2 :
1632 ( op->ors_limit->lms_s_unchecked ) ) );
1634 switch ( bsi.bsi_scope ) {
1635 case LDAP_SCOPE_BASE:
1636 case BACKSQL_SCOPE_BASE_LIKE:
1638 * probably already found...
1640 bsi.bsi_id_list = &bsi.bsi_base_id;
1641 bsi.bsi_id_listtail = &bsi.bsi_base_id.eid_next;
1644 case LDAP_SCOPE_SUBTREE:
1646 * if baseObject is defined, and if it is the root
1647 * of the search, add it to the candidate list
1649 if ( bi->sql_baseObject && BACKSQL_IS_BASEOBJECT_ID( &bsi.bsi_base_id.eid_id ) )
1651 bsi.bsi_id_list = &bsi.bsi_base_id;
1652 bsi.bsi_id_listtail = &bsi.bsi_base_id.eid_next;
1659 * for each objectclass we try to construct query which gets IDs
1660 * of entries matching LDAP query filter and scope (or at least
1661 * candidates), and get the IDs
1663 avl_apply( bi->sql_oc_by_oc, backsql_oc_get_candidates,
1664 &bsi, BACKSQL_AVL_STOP, AVL_INORDER );
1667 if ( op->ors_limit != NULL /* isroot == FALSE */
1668 && op->ors_limit->lms_s_unchecked != -1
1669 && bsi.bsi_n_candidates == -1 )
1671 rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
1672 send_ldap_result( op, rs );
1677 * now we load candidate entries (only those attributes
1678 * mentioned in attrs and filter), test it against full filter
1679 * and then send to client; don't free entry_id if baseObject...
1681 for ( eid = bsi.bsi_id_list;
1683 eid = backsql_free_entryID( eid, eid == &bsi.bsi_base_id ? 0 : 1 ) )
1686 Attribute *a_hasSubordinate = NULL,
1687 *a_entryUUID = NULL,
1691 /* check for abandon */
1692 if ( op->o_abandon ) {
1696 /* check time limit */
1697 if ( op->ors_tlimit != SLAP_NO_LIMIT
1698 && slap_get_time() > stoptime )
1700 rs->sr_err = LDAP_TIMELIMIT_EXCEEDED;
1701 rs->sr_ctrls = NULL;
1702 rs->sr_ref = rs->sr_v2ref;
1703 rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS
1705 send_ldap_result( op, rs );
1709 #ifdef BACKSQL_ARBITRARY_KEY
1710 Debug(LDAP_DEBUG_TRACE, "backsql_search(): loading data "
1711 "for entry id=%s, oc_id=%ld, keyval=%s\n",
1712 eid->eid_id.bv_val, eid->eid_oc_id,
1713 eid->eid_keyval.bv_val );
1714 #else /* ! BACKSQL_ARBITRARY_KEY */
1715 Debug(LDAP_DEBUG_TRACE, "backsql_search(): loading data "
1716 "for entry id=%ld, oc_id=%ld, keyval=%ld\n",
1717 eid->eid_id, eid->eid_oc_id, eid->eid_keyval );
1718 #endif /* ! BACKSQL_ARBITRARY_KEY */
1720 /* don't recollect baseObject ... */
1721 if ( BACKSQL_IS_BASEOBJECT_ID( &eid->eid_id ) ) {
1722 e = bi->sql_baseObject;
1725 bsi.bsi_e = &user_entry;
1726 rc = backsql_id2entry( &bsi, eid );
1727 if ( rc != LDAP_SUCCESS ) {
1728 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1729 "error %d in backsql_id2entry() "
1730 "- skipping\n", rc, 0, 0 );
1738 switch ( op->ors_scope ) {
1739 case LDAP_SCOPE_BASE:
1740 case BACKSQL_SCOPE_BASE_LIKE:
1741 if ( !dn_match( &e->e_nname, &op->o_req_ndn ) ) {
1746 case LDAP_SCOPE_ONE:
1748 struct berval rdn = user_entry.e_nname;
1750 rdn.bv_len -= op->o_req_ndn.bv_len + STRLENOF( "," );
1751 if ( !dnIsOneLevelRDN( &rdn ) ) {
1757 #ifdef LDAP_SCOPE_SUBORDINATE
1758 case LDAP_SCOPE_SUBORDINATE:
1759 /* discard the baseObject entry */
1760 if ( dn_match( &e->e_nname, &op->o_req_ndn ) ) {
1764 #endif /* LDAP_SCOPE_SUBORDINATE */
1766 case LDAP_SCOPE_SUBTREE:
1767 /* FIXME: this should never fail... */
1768 if ( !dnIsSuffix( &e->e_nname, &op->o_req_ndn ) ) {
1774 if ( !manageDSAit &&
1775 op->ors_scope != LDAP_SCOPE_BASE &&
1776 op->ors_scope != BACKSQL_SCOPE_BASE_LIKE &&
1777 is_entry_referral( e ) )
1781 refs = get_entry_referrals( op, e );
1783 backsql_srch_info bsi2 = { 0 };
1784 Entry user_entry2 = { 0 };
1786 /* retry with the full entry... */
1787 (void)backsql_init_search( &bsi2,
1791 dbh, op, rs, NULL, 0 );
1792 bsi2.bsi_e = &user_entry2;
1793 rc = backsql_id2entry( &bsi2, eid );
1794 if ( rc == LDAP_SUCCESS ) {
1795 if ( is_entry_referral( &user_entry2 ) )
1797 refs = get_entry_referrals( op,
1799 } /* else: FIXME: inconsistency! */
1800 entry_clean( &user_entry2 );
1805 rs->sr_ref = referral_rewrite( refs,
1809 ber_bvarray_free( refs );
1812 if ( !rs->sr_ref ) {
1813 rs->sr_text = "bad_referral object";
1816 rs->sr_err = LDAP_REFERRAL;
1817 rs->sr_matched = user_entry.e_name.bv_val;
1818 send_search_reference( op, rs );
1820 ber_bvarray_free( rs->sr_ref );
1822 rs->sr_matched = NULL;
1828 * We use this flag since we need to parse the filter
1829 * anyway; we should have used the frontend API function
1830 * filter_has_subordinates()
1832 if ( bsi.bsi_flags & BSQL_SF_FILTER_HASSUBORDINATE ) {
1833 rc = backsql_has_children( bi, dbh, &e->e_nname );
1836 case LDAP_COMPARE_TRUE:
1837 case LDAP_COMPARE_FALSE:
1838 a_hasSubordinate = slap_operational_hasSubordinate( rc == LDAP_COMPARE_TRUE );
1839 if ( a_hasSubordinate != NULL ) {
1840 for ( a = user_entry.e_attrs;
1844 a->a_next = a_hasSubordinate;
1850 Debug(LDAP_DEBUG_TRACE,
1851 "backsql_search(): "
1852 "has_children failed( %d)\n",
1859 if ( bsi.bsi_flags & BSQL_SF_FILTER_ENTRYUUID ) {
1860 a_entryUUID = backsql_operational_entryUUID( bi, eid );
1861 if ( a_entryUUID != NULL ) {
1862 for ( a = user_entry.e_attrs;
1866 a->a_next = a_entryUUID;
1870 if ( test_filter( op, e, op->ors_filter ) == LDAP_COMPARE_TRUE )
1873 if ( a_hasSubordinate && !( bsi.bsi_flags & BSQL_SF_ALL_OPER )
1874 && !ad_inlist( slap_schema.si_ad_hasSubordinates, op->ors_attrs ) )
1877 attr_free( a_hasSubordinate );
1878 a_hasSubordinate = NULL;
1881 if ( a_entryUUID && !( bsi.bsi_flags & BSQL_SF_ALL_OPER )
1882 && !ad_inlist( slap_schema.si_ad_entryUUID, op->ors_attrs ) )
1885 attr_free( a_hasSubordinate );
1886 a_hasSubordinate = NULL;
1890 rs->sr_attrs = op->ors_attrs;
1891 rs->sr_operational_attrs = NULL;
1893 if ( e == &user_entry ) {
1894 rs->sr_flags = REP_ENTRY_MODIFIABLE;
1896 sres = send_search_entry( op, rs );
1897 rs->sr_entry = NULL;
1898 rs->sr_attrs = NULL;
1899 rs->sr_operational_attrs = NULL;
1907 * FIXME: send_search_entry failed;
1911 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1912 "connection lost\n", 0, 0, 0 );
1918 entry_clean( &user_entry );
1920 if ( op->ors_slimit != SLAP_NO_LIMIT
1921 && rs->sr_nentries >= op->ors_slimit )
1923 rs->sr_err = LDAP_SIZELIMIT_EXCEEDED;
1924 send_ldap_result( op, rs );
1930 /* in case we got here accidentally */
1931 entry_clean( &user_entry );
1933 if ( rs->sr_nentries > 0 ) {
1934 rs->sr_ref = rs->sr_v2ref;
1935 rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS
1939 rs->sr_err = bsi.bsi_status;
1941 send_ldap_result( op, rs );
1943 if ( rs->sr_v2ref ) {
1944 ber_bvarray_free( rs->sr_v2ref );
1945 rs->sr_v2ref = NULL;
1949 if ( !BER_BVISNULL( &bsi.bsi_base_id.eid_ndn ) ) {
1950 (void)backsql_free_entryID( &bsi.bsi_base_id, 0 );
1953 if ( bsi.bsi_attrs ) {
1954 ch_free( bsi.bsi_attrs );
1957 if ( !BER_BVISNULL( &nbase )
1958 && nbase.bv_val != op->o_req_ndn.bv_val )
1960 ch_free( nbase.bv_val );
1963 /* restore scope ... FIXME: this should be done before ANY
1964 * frontend call that uses op */
1965 if ( op->ors_scope == BACKSQL_SCOPE_BASE_LIKE ) {
1966 op->ors_scope = LDAP_SCOPE_BASE;
1969 Debug( LDAP_DEBUG_TRACE, "<==backsql_search()\n", 0, 0, 0 );
1973 #endif /* SLAPD_SQL */