2 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
4 * Copyright 1999-2005 The OpenLDAP Foundation.
5 * Portions Copyright 1999 Dmitry Kovalev.
6 * Portions Copyright 2002 Pierangelo Masarati.
7 * Portions Copyright 2004 Mark Adamson.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted only as authorized by the OpenLDAP
14 * A copy of this license is available in the file LICENSE in the
15 * top-level directory of the distribution or, alternatively, at
16 * <http://www.OpenLDAP.org/license.html>.
19 * This work was initially developed by Dmitry Kovalev for inclusion
20 * by OpenLDAP Software. Additional significant contributors include
21 * Pierangelo Masarati and Mark Adamson.
27 #include <sys/types.h>
28 #include "ac/string.h"
32 #include "proto-sql.h"
34 static int backsql_process_filter( backsql_srch_info *bsi, Filter *f );
35 static int backsql_process_filter_eq( backsql_srch_info *bsi,
36 backsql_at_map_rec *at,
37 int casefold, struct berval *filter_value );
38 static int backsql_process_filter_like( backsql_srch_info *bsi,
39 backsql_at_map_rec *at,
40 int casefold, struct berval *filter_value );
41 static int backsql_process_filter_attr( backsql_srch_info *bsi, Filter *f,
42 backsql_at_map_rec *at );
45 backsql_attrlist_add( backsql_srch_info *bsi, AttributeDescription *ad )
48 AttributeName *an = NULL;
50 if ( bsi->bsi_attrs == NULL ) {
55 * clear the list (retrieve all attrs)
58 bsi->bsi_op->o_tmpfree( bsi->bsi_attrs, bsi->bsi_op->o_tmpmemctx );
59 bsi->bsi_attrs = NULL;
60 bsi->bsi_flags |= BSQL_SF_ALL_ATTRS;
64 for ( ; !BER_BVISNULL( &bsi->bsi_attrs[ n_attrs ].an_name ); n_attrs++ ) {
65 an = &bsi->bsi_attrs[ n_attrs ];
67 Debug( LDAP_DEBUG_TRACE, "==>backsql_attrlist_add(): "
68 "attribute \"%s\" is in list\n",
69 an->an_name.bv_val, 0, 0 );
71 * We can live with strcmp because the attribute
72 * list has been normalized before calling be_search
74 if ( !BACKSQL_NCMP( &an->an_name, &ad->ad_cname ) ) {
79 Debug( LDAP_DEBUG_TRACE, "==>backsql_attrlist_add(): "
80 "adding \"%s\" to list\n", ad->ad_cname.bv_val, 0, 0 );
82 an = (AttributeName *)bsi->bsi_op->o_tmprealloc( bsi->bsi_attrs,
83 sizeof( AttributeName ) * ( n_attrs + 2 ),
84 bsi->bsi_op->o_tmpmemctx );
89 an[ n_attrs ].an_name = ad->ad_cname;
90 an[ n_attrs ].an_desc = ad;
91 BER_BVZERO( &an[ n_attrs + 1 ].an_name );
99 * Initializes the search structure.
101 * If get_base_id != 0, the field bsi_base_id is filled
102 * with the entryID of bsi_base_ndn; it must be freed
103 * by backsql_free_entryID() when no longer required.
105 * NOTE: base must be normalized
109 backsql_srch_info *bsi,
110 struct berval *nbase,
119 AttributeName *attrs,
122 backsql_info *bi = (backsql_info *)op->o_bd->be_private;
123 int rc = LDAP_SUCCESS;
125 bsi->bsi_base_ndn = nbase;
126 bsi->bsi_use_subtree_shortcut = 0;
127 BER_BVZERO( &bsi->bsi_base_id.eid_dn );
128 BER_BVZERO( &bsi->bsi_base_id.eid_ndn );
129 bsi->bsi_scope = scope;
130 bsi->bsi_slimit = slimit;
131 bsi->bsi_tlimit = tlimit;
132 bsi->bsi_filter = filter;
136 bsi->bsi_flags = BSQL_SF_NONE;
138 bsi->bsi_attrs = NULL;
140 if ( BACKSQL_FETCH_ALL_ATTRS( bi ) ) {
142 * if requested, simply try to fetch all attributes
144 bsi->bsi_flags |= BSQL_SF_ALL_ATTRS;
147 if ( BACKSQL_FETCH_ALL_USERATTRS( bi ) ) {
148 bsi->bsi_flags |= BSQL_SF_ALL_USER;
150 } else if ( BACKSQL_FETCH_ALL_OPATTRS( bi ) ) {
151 bsi->bsi_flags |= BSQL_SF_ALL_OPER;
154 if ( attrs == NULL ) {
155 /* NULL means all user attributes */
156 bsi->bsi_flags |= BSQL_SF_ALL_USER;
162 bsi->bsi_attrs = (AttributeName *)bsi->bsi_op->o_tmpalloc(
163 sizeof( AttributeName ),
164 bsi->bsi_op->o_tmpmemctx );
165 BER_BVZERO( &bsi->bsi_attrs[ 0 ].an_name );
167 for ( p = attrs; !BER_BVISNULL( &p->an_name ); p++ ) {
168 if ( BACKSQL_NCMP( &p->an_name, &AllUser ) == 0 ) {
170 bsi->bsi_flags |= BSQL_SF_ALL_USER;
172 /* if all attrs are requested, there's
173 * no need to continue */
174 if ( BSQL_ISF_ALL_ATTRS( bsi ) ) {
175 bsi->bsi_op->o_tmpfree( bsi->bsi_attrs,
176 bsi->bsi_op->o_tmpmemctx );
177 bsi->bsi_attrs = NULL;
182 } else if ( BACKSQL_NCMP( &p->an_name, &AllOper ) == 0 ) {
184 bsi->bsi_flags |= BSQL_SF_ALL_OPER;
186 /* if all attrs are requested, there's
187 * no need to continue */
188 if ( BSQL_ISF_ALL_ATTRS( bsi ) ) {
189 bsi->bsi_op->o_tmpfree( bsi->bsi_attrs,
190 bsi->bsi_op->o_tmpmemctx );
191 bsi->bsi_attrs = NULL;
196 } else if ( BACKSQL_NCMP( &p->an_name, &NoAttrs ) == 0 ) {
200 } else if ( p->an_desc == slap_schema.si_ad_objectClass ) {
204 backsql_attrlist_add( bsi, p->an_desc );
207 if ( got_oc == 0 && !( bsi->bsi_flags & BSQL_SF_ALL_USER ) ) {
208 /* add objectClass if not present,
209 * because it is required to understand
210 * if an entry is a referral, an alias
212 backsql_attrlist_add( bsi, slap_schema.si_ad_objectClass );
216 if ( !BSQL_ISF_ALL_ATTRS( bsi ) && bi->sql_anlist ) {
219 /* use hints if available */
220 for ( p = bi->sql_anlist; !BER_BVISNULL( &p->an_name ); p++ ) {
221 if ( BACKSQL_NCMP( &p->an_name, &AllUser ) == 0 ) {
223 bsi->bsi_flags |= BSQL_SF_ALL_USER;
225 /* if all attrs are requested, there's
226 * no need to continue */
227 if ( BSQL_ISF_ALL_ATTRS( bsi ) ) {
228 bsi->bsi_op->o_tmpfree( bsi->bsi_attrs,
229 bsi->bsi_op->o_tmpmemctx );
230 bsi->bsi_attrs = NULL;
235 } else if ( BACKSQL_NCMP( &p->an_name, &AllOper ) == 0 ) {
237 bsi->bsi_flags |= BSQL_SF_ALL_OPER;
239 /* if all attrs are requested, there's
240 * no need to continue */
241 if ( BSQL_ISF_ALL_ATTRS( bsi ) ) {
242 bsi->bsi_op->o_tmpfree( bsi->bsi_attrs,
243 bsi->bsi_op->o_tmpmemctx );
244 bsi->bsi_attrs = NULL;
250 backsql_attrlist_add( bsi, p->an_desc );
256 bsi->bsi_abandon = 0;
257 bsi->bsi_id_list = NULL;
258 bsi->bsi_id_listtail = &bsi->bsi_id_list;
259 bsi->bsi_n_candidates = 0;
260 bsi->bsi_stoptime = stoptime;
261 BER_BVZERO( &bsi->bsi_sel.bb_val );
262 bsi->bsi_sel.bb_len = 0;
263 BER_BVZERO( &bsi->bsi_from.bb_val );
264 bsi->bsi_from.bb_len = 0;
265 BER_BVZERO( &bsi->bsi_join_where.bb_val );
266 bsi->bsi_join_where.bb_len = 0;
267 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
268 bsi->bsi_flt_where.bb_len = 0;
269 bsi->bsi_filter_oc = NULL;
271 if ( BACKSQL_IS_GET_ID( flags ) ) {
272 assert( op->o_bd->be_private );
274 rc = backsql_dn2id( op, rs, dbh, nbase, &bsi->bsi_base_id,
275 BACKSQL_IS_MATCHED( flags ), 1 );
278 bsi->bsi_status = rc;
280 if ( rc != LDAP_SUCCESS ) {
281 bsi->bsi_op->o_tmpfree( bsi->bsi_attrs,
282 bsi->bsi_op->o_tmpmemctx );
289 backsql_process_filter_list( backsql_srch_info *bsi, Filter *f, int op )
297 backsql_strfcat( &bsi->bsi_flt_where, "c", '(' /* ) */ );
300 res = backsql_process_filter( bsi, f );
303 * TimesTen : If the query has no answers,
304 * don't bother to run the query.
315 case LDAP_FILTER_AND:
316 backsql_strfcat( &bsi->bsi_flt_where, "l",
317 (ber_len_t)STRLENOF( " AND " ),
322 backsql_strfcat( &bsi->bsi_flt_where, "l",
323 (ber_len_t)STRLENOF( " OR " ),
329 backsql_strfcat( &bsi->bsi_flt_where, "c", /* ( */ ')' );
335 backsql_process_sub_filter( backsql_srch_info *bsi, Filter *f,
336 backsql_at_map_rec *at )
338 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
346 /* always uppercase strings by now */
347 #ifdef BACKSQL_UPPERCASE_FILTER
348 if ( f->f_sub_desc->ad_type->sat_substr &&
349 SLAP_MR_ASSOCIATED( f->f_sub_desc->ad_type->sat_substr,
350 bi->sql_caseIgnoreMatch ) )
351 #endif /* BACKSQL_UPPERCASE_FILTER */
356 if ( f->f_sub_desc->ad_type->sat_substr &&
357 SLAP_MR_ASSOCIATED( f->f_sub_desc->ad_type->sat_substr,
358 bi->sql_telephoneNumberMatch ) )
365 * to check for matching telephone numbers
366 * with intermixed chars, e.g. val='1234'
369 * val LIKE '%1%2%3%4%'
373 if ( f->f_sub_initial.bv_val ) {
374 bv.bv_len += f->f_sub_initial.bv_len;
376 if ( f->f_sub_any != NULL ) {
377 for ( a = 0; f->f_sub_any[ a ].bv_val != NULL; a++ ) {
378 bv.bv_len += f->f_sub_any[ a ].bv_len;
381 if ( f->f_sub_final.bv_val ) {
382 bv.bv_len += f->f_sub_final.bv_len;
384 bv.bv_len = 2 * bv.bv_len - 1;
385 bv.bv_val = ch_malloc( bv.bv_len + 1 );
388 if ( !BER_BVISNULL( &f->f_sub_initial ) ) {
389 bv.bv_val[ s ] = f->f_sub_initial.bv_val[ 0 ];
390 for ( i = 1; i < f->f_sub_initial.bv_len; i++ ) {
391 bv.bv_val[ s + 2 * i - 1 ] = '%';
392 bv.bv_val[ s + 2 * i ] = f->f_sub_initial.bv_val[ i ];
394 bv.bv_val[ s + 2 * i - 1 ] = '%';
398 if ( f->f_sub_any != NULL ) {
399 for ( a = 0; !BER_BVISNULL( &f->f_sub_any[ a ] ); a++ ) {
400 bv.bv_val[ s ] = f->f_sub_any[ a ].bv_val[ 0 ];
401 for ( i = 1; i < f->f_sub_any[ a ].bv_len; i++ ) {
402 bv.bv_val[ s + 2 * i - 1 ] = '%';
403 bv.bv_val[ s + 2 * i ] = f->f_sub_any[ a ].bv_val[ i ];
405 bv.bv_val[ s + 2 * i - 1 ] = '%';
410 if ( !BER_BVISNULL( &f->f_sub_final ) ) {
411 bv.bv_val[ s ] = f->f_sub_final.bv_val[ 0 ];
412 for ( i = 1; i < f->f_sub_final.bv_len; i++ ) {
413 bv.bv_val[ s + 2 * i - 1 ] = '%';
414 bv.bv_val[ s + 2 * i ] = f->f_sub_final.bv_val[ i ];
416 bv.bv_val[ s + 2 * i - 1 ] = '%';
420 bv.bv_val[ s - 1 ] = '\0';
422 (void)backsql_process_filter_like( bsi, at, casefold, &bv );
423 ch_free( bv.bv_val );
429 * When dealing with case-sensitive strings
430 * we may omit normalization; however, normalized
431 * SQL filters are more liberal.
434 backsql_strfcat( &bsi->bsi_flt_where, "c", '(' /* ) */ );
437 Debug( LDAP_DEBUG_TRACE, "backsql_process_sub_filter(%s):\n",
438 at->bam_ad->ad_cname.bv_val, 0, 0 );
439 Debug(LDAP_DEBUG_TRACE, " expr: '%s%s%s'\n", at->bam_sel_expr.bv_val,
440 at->bam_sel_expr_u.bv_val ? "' '" : "",
441 at->bam_sel_expr_u.bv_val ? at->bam_sel_expr_u.bv_val : "" );
442 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
444 * If a pre-upper-cased version of the column
445 * or a precompiled upper function exists, use it
447 backsql_strfcat( &bsi->bsi_flt_where,
450 (ber_len_t)STRLENOF( " LIKE '" ),
454 backsql_strfcat( &bsi->bsi_flt_where, "bl",
456 (ber_len_t)STRLENOF( " LIKE '" ), " LIKE '" );
459 if ( !BER_BVISNULL( &f->f_sub_initial ) ) {
463 Debug( LDAP_DEBUG_TRACE,
464 "==>backsql_process_sub_filter(%s): "
465 "sub_initial=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
466 f->f_sub_initial.bv_val, 0 );
467 #endif /* BACKSQL_TRACE */
469 start = bsi->bsi_flt_where.bb_val.bv_len;
470 backsql_strfcat( &bsi->bsi_flt_where, "b",
472 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
473 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
477 backsql_strfcat( &bsi->bsi_flt_where, "c", '%' );
479 if ( f->f_sub_any != NULL ) {
480 for ( i = 0; !BER_BVISNULL( &f->f_sub_any[ i ] ); i++ ) {
484 Debug( LDAP_DEBUG_TRACE,
485 "==>backsql_process_sub_filter(%s): "
486 "sub_any[%d]=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
487 i, f->f_sub_any[ i ].bv_val );
488 #endif /* BACKSQL_TRACE */
490 start = bsi->bsi_flt_where.bb_val.bv_len;
491 backsql_strfcat( &bsi->bsi_flt_where,
495 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
497 * Note: toupper('%') = '%'
499 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
504 if ( !BER_BVISNULL( &f->f_sub_final ) ) {
508 Debug( LDAP_DEBUG_TRACE,
509 "==>backsql_process_sub_filter(%s): "
510 "sub_final=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
511 f->f_sub_final.bv_val, 0 );
512 #endif /* BACKSQL_TRACE */
514 start = bsi->bsi_flt_where.bb_val.bv_len;
515 backsql_strfcat( &bsi->bsi_flt_where, "b",
517 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
518 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
522 backsql_strfcat( &bsi->bsi_flt_where, "l",
523 (ber_len_t)STRLENOF( /* (' */ "')" ), /* (' */ "')" );
529 backsql_merge_from_tbls( backsql_srch_info *bsi, struct berval *from_tbls )
531 if ( BER_BVISNULL( from_tbls ) ) {
535 if ( !BER_BVISNULL( &bsi->bsi_from.bb_val ) ) {
536 char *start, *end, *tmp;
538 tmp = ch_strdup( from_tbls->bv_val );
540 for ( start = tmp, end = strchr( start, ',' ); start; ) {
545 if ( strstr( bsi->bsi_from.bb_val.bv_val, start) == NULL )
547 backsql_strfcat( &bsi->bsi_from, "cs", ',', start );
551 /* in case there are spaces after the comma... */
552 for ( start = &end[1]; isspace( start[0] ); start++ );
554 end = strchr( start, ',' );
566 backsql_strfcat( &bsi->bsi_from, "b", from_tbls );
573 backsql_process_filter( backsql_srch_info *bsi, Filter *f )
575 backsql_at_map_rec **vat = NULL;
576 AttributeDescription *ad = NULL;
581 Debug( LDAP_DEBUG_TRACE, "==>backsql_process_filter()\n", 0, 0, 0 );
582 if ( f->f_choice == SLAPD_FILTER_COMPUTED ) {
583 Debug( LDAP_DEBUG_TRACE, "backsql_process_filter(): "
584 "invalid filter\n", 0, 0, 0 );
589 switch( f->f_choice ) {
591 rc = backsql_process_filter_list( bsi, f->f_or,
596 case LDAP_FILTER_AND:
597 rc = backsql_process_filter_list( bsi, f->f_and,
602 case LDAP_FILTER_NOT:
603 backsql_strfcat( &bsi->bsi_flt_where, "l",
604 (ber_len_t)STRLENOF( "NOT (" /* ) */ ),
606 rc = backsql_process_filter( bsi, f->f_not );
607 backsql_strfcat( &bsi->bsi_flt_where, "c", /* ( */ ')' );
611 case LDAP_FILTER_PRESENT:
615 case LDAP_FILTER_EXT:
616 ad = f->f_mra->ma_desc;
617 if ( f->f_mr_dnattrs ) {
619 * if dn attrs filtering is requested, better return
620 * success and let test_filter() deal with candidate
621 * selection; otherwise we'd need to set conditions
622 * on the contents of the DN, e.g. "SELECT ... FROM
623 * ldap_entries AS attributeName WHERE attributeName.dn
624 * like '%attributeName=value%'"
626 backsql_strfcat( &bsi->bsi_flt_where, "l",
627 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
628 bsi->bsi_status = LDAP_SUCCESS;
649 * Turn structuralObjectClass into objectClass
651 if ( ad == slap_schema.si_ad_objectClass
652 || ad == slap_schema.si_ad_structuralObjectClass )
655 * If the filter is LDAP_FILTER_PRESENT, then it's done;
656 * otherwise, let's see if we are lucky: filtering
657 * for "structural" objectclass or ancestor...
659 switch ( f->f_choice ) {
660 case LDAP_FILTER_EQUALITY:
662 ObjectClass *oc = oc_bvfind( &f->f_av_value );
665 Debug( LDAP_DEBUG_TRACE,
666 "backsql_process_filter(): "
667 "unknown objectClass \"%s\" "
669 f->f_av_value.bv_val, 0, 0 );
670 bsi->bsi_status = LDAP_OTHER;
676 * "structural" objectClass inheritance:
677 * - a search for "person" will also return
679 * - a search for "top" will return everything
681 if ( is_object_subclass( oc, bsi->bsi_oc->bom_oc ) ) {
682 static struct berval ldap_entry_objclasses = BER_BVC( "ldap_entry_objclasses" );
684 backsql_merge_from_tbls( bsi, &ldap_entry_objclasses );
686 backsql_strfcat( &bsi->bsi_flt_where, "lbl",
687 (ber_len_t)STRLENOF( "2=2 OR (ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */ ),
688 "2=2 OR (ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */,
689 &bsi->bsi_oc->bom_oc->soc_cname,
690 (ber_len_t)STRLENOF( /* (' */ "')" ),
692 bsi->bsi_status = LDAP_SUCCESS;
700 case LDAP_FILTER_PRESENT:
701 backsql_strfcat( &bsi->bsi_flt_where, "l",
702 (ber_len_t)STRLENOF( "3=3" ), "3=3" );
703 bsi->bsi_status = LDAP_SUCCESS;
707 /* FIXME: LDAP_FILTER_EXT? */
710 Debug( LDAP_DEBUG_TRACE,
711 "backsql_process_filter(): "
712 "illegal/unhandled filter "
713 "on objectClass attribute",
715 bsi->bsi_status = LDAP_OTHER;
720 } else if ( ad == slap_schema.si_ad_entryUUID ) {
722 #ifdef BACKSQL_ARBITRARY_KEY
723 struct berval keyval;
724 #else /* ! BACKSQL_ARBITRARY_KEY */
725 unsigned long keyval;
726 char keyvalbuf[] = "18446744073709551615";
727 #endif /* ! BACKSQL_ARBITRARY_KEY */
729 switch ( f->f_choice ) {
730 case LDAP_FILTER_EQUALITY:
731 backsql_entryUUID_decode( &f->f_av_value, &oc_id, &keyval );
733 if ( oc_id != bsi->bsi_oc->bom_id ) {
734 bsi->bsi_status = LDAP_SUCCESS;
739 #ifdef BACKSQL_ARBITRARY_KEY
740 backsql_strfcat( &bsi->bsi_flt_where, "bcblbc",
741 &bsi->bsi_oc->bom_keytbl, '.',
742 &bsi->bsi_oc->bom_keycol,
743 STRLENOF( " LIKE '" ), " LIKE '",
745 #else /* ! BACKSQL_ARBITRARY_KEY */
746 snprintf( keyvalbuf, sizeof( keyvalbuf ), "%lu", keyval );
747 backsql_strfcat( &bsi->bsi_flt_where, "bcbcs",
748 &bsi->bsi_oc->bom_keytbl, '.',
749 &bsi->bsi_oc->bom_keycol, '=', keyvalbuf );
750 #endif /* ! BACKSQL_ARBITRARY_KEY */
753 case LDAP_FILTER_PRESENT:
754 backsql_strfcat( &bsi->bsi_flt_where, "l",
755 (ber_len_t)STRLENOF( "4=4" ), "4=4" );
763 bsi->bsi_flags |= BSQL_SF_FILTER_ENTRYUUID;
767 #ifdef BACKSQL_SYNCPROV
768 } else if ( ad == slap_schema.si_ad_entryCSN ) {
770 * support for syncrepl as producer...
772 if ( !bsi->bsi_op->o_sync ) {
773 /* unsupported at present... */
774 bsi->bsi_status = LDAP_OTHER;
779 bsi->bsi_flags |= ( BSQL_SF_FILTER_ENTRYCSN | BSQL_SF_RETURN_ENTRYUUID);
781 /* if doing a syncrepl, try to return as much as possible,
782 * and always match the filter */
783 backsql_strfcat( &bsi->bsi_flt_where, "l",
784 (ber_len_t)STRLENOF( "5=5" ), "5=5" );
786 /* save for later use in operational attributes */
787 /* FIXME: saves only the first occurrence, because
788 * the filter during updates is written as
789 * "(&(entryCSN<={contextCSN})(entryCSN>={oldContextCSN})({filter}))"
790 * so we want our fake entryCSN to match the greatest
793 if ( bsi->bsi_op->o_private == NULL ) {
794 bsi->bsi_op->o_private = &f->f_av_value;
796 bsi->bsi_status = LDAP_SUCCESS;
800 #endif /* BACKSQL_SYNCPROV */
802 } else if ( ad == slap_schema.si_ad_hasSubordinates || ad == NULL ) {
804 * FIXME: this is not robust; e.g. a filter
805 * '(!(hasSubordinates=TRUE))' fails because
806 * in SQL it would read 'NOT (1=1)' instead
808 * Note however that hasSubordinates is boolean,
809 * so a more appropriate filter would be
810 * '(hasSubordinates=FALSE)'
812 * A more robust search for hasSubordinates
813 * would * require joining the ldap_entries table
814 * selecting if there are descendants of the
817 backsql_strfcat( &bsi->bsi_flt_where, "l",
818 (ber_len_t)STRLENOF( "6=6" ), "6=6" );
819 if ( ad == slap_schema.si_ad_hasSubordinates ) {
821 * instruct candidate selection algorithm
822 * and attribute list to try to detect
823 * if an entry has subordinates
825 bsi->bsi_flags |= BSQL_SF_FILTER_HASSUBORDINATE;
829 * clear attributes to fetch, to require ALL
830 * and try extended match on all attributes
832 backsql_attrlist_add( bsi, NULL );
839 * attribute inheritance:
841 if ( backsql_supad2at( bsi->bsi_oc, ad, &vat ) ) {
842 bsi->bsi_status = LDAP_OTHER;
848 /* search anyway; other parts of the filter
850 backsql_strfcat( &bsi->bsi_flt_where, "l",
851 (ber_len_t)STRLENOF( "7=7" ), "7=7" );
852 bsi->bsi_status = LDAP_SUCCESS;
857 /* if required, open extra level of parens */
859 if ( vat[0]->bam_next || vat[1] ) {
860 backsql_strfcat( &bsi->bsi_flt_where, "c", '(' );
867 if ( backsql_process_filter_attr( bsi, f, vat[i] ) == -1 ) {
871 /* if more definitions of the same attr, apply */
872 if ( vat[i]->bam_next ) {
873 backsql_strfcat( &bsi->bsi_flt_where, "l",
874 STRLENOF( " OR " ), " OR " );
875 vat[i] = vat[i]->bam_next;
879 /* if more descendants of the same attr, apply */
882 backsql_strfcat( &bsi->bsi_flt_where, "l",
883 STRLENOF( " OR " ), " OR " );
887 /* if needed, close extra level of parens */
889 backsql_strfcat( &bsi->bsi_flt_where, "c", ')' );
899 Debug( LDAP_DEBUG_TRACE,
900 "<==backsql_process_filter() %s\n",
901 rc == 1 ? "succeeded" : "failed", 0, 0);
907 backsql_process_filter_eq( backsql_srch_info *bsi, backsql_at_map_rec *at,
908 int casefold, struct berval *filter_value )
911 * maybe we should check type of at->sel_expr here somehow,
912 * to know whether upper_func is applicable, but for now
913 * upper_func stuff is made for Oracle, where UPPER is
914 * safely applicable to NUMBER etc.
916 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
919 backsql_strfcat( &bsi->bsi_flt_where, "cbl",
922 (ber_len_t)STRLENOF( "='" ),
925 start = bsi->bsi_flt_where.bb_val.bv_len;
927 backsql_strfcat( &bsi->bsi_flt_where, "bl",
929 (ber_len_t)STRLENOF( /* (' */ "')" ),
932 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
935 backsql_strfcat( &bsi->bsi_flt_where, "cblbl",
938 (ber_len_t)STRLENOF( "='" ), "='",
940 (ber_len_t)STRLENOF( /* (' */ "')" ),
948 backsql_process_filter_like( backsql_srch_info *bsi, backsql_at_map_rec *at,
949 int casefold, struct berval *filter_value )
952 * maybe we should check type of at->sel_expr here somehow,
953 * to know whether upper_func is applicable, but for now
954 * upper_func stuff is made for Oracle, where UPPER is
955 * safely applicable to NUMBER etc.
957 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
960 backsql_strfcat( &bsi->bsi_flt_where, "cbl",
963 (ber_len_t)STRLENOF( " LIKE '%" ),
966 start = bsi->bsi_flt_where.bb_val.bv_len;
968 backsql_strfcat( &bsi->bsi_flt_where, "bl",
970 (ber_len_t)STRLENOF( /* (' */ "%')" ),
973 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
976 backsql_strfcat( &bsi->bsi_flt_where, "cblbl",
979 (ber_len_t)STRLENOF( " LIKE '%" ),
982 (ber_len_t)STRLENOF( /* (' */ "%')" ),
990 backsql_process_filter_attr( backsql_srch_info *bsi, Filter *f, backsql_at_map_rec *at )
992 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
994 struct berval *filter_value = NULL;
995 MatchingRule *matching_rule = NULL;
996 struct berval ordering = BER_BVC("<=");
998 Debug( LDAP_DEBUG_TRACE, "==>backsql_process_filter_attr(%s)\n",
999 at->bam_ad->ad_cname.bv_val, 0, 0 );
1002 * need to add this attribute to list of attrs to load,
1003 * so that we can do test_filter() later
1005 backsql_attrlist_add( bsi, at->bam_ad );
1007 backsql_merge_from_tbls( bsi, &at->bam_from_tbls );
1009 if ( !BER_BVISNULL( &at->bam_join_where )
1010 && strstr( bsi->bsi_join_where.bb_val.bv_val,
1011 at->bam_join_where.bv_val ) == NULL )
1013 backsql_strfcat( &bsi->bsi_join_where, "lb",
1014 (ber_len_t)STRLENOF( " AND " ), " AND ",
1015 &at->bam_join_where );
1018 switch ( f->f_choice ) {
1019 case LDAP_FILTER_EQUALITY:
1020 filter_value = &f->f_av_value;
1021 matching_rule = at->bam_ad->ad_type->sat_equality;
1023 goto equality_match;
1025 /* fail over into next case */
1027 case LDAP_FILTER_EXT:
1028 filter_value = &f->f_mra->ma_value;
1029 matching_rule = f->f_mr_rule;
1032 /* always uppercase strings by now */
1033 #ifdef BACKSQL_UPPERCASE_FILTER
1034 if ( SLAP_MR_ASSOCIATED( matching_rule,
1035 bi->sql_caseIgnoreMatch ) )
1036 #endif /* BACKSQL_UPPERCASE_FILTER */
1041 /* FIXME: directoryString filtering should use a similar
1042 * approach to deal with non-prettified values like
1043 * " A non prettified value ", by using a LIKE
1044 * filter with all whitespaces collapsed to a single '%' */
1045 if ( SLAP_MR_ASSOCIATED( matching_rule,
1046 bi->sql_telephoneNumberMatch ) )
1052 * to check for matching telephone numbers
1053 * with intermized chars, e.g. val='1234'
1056 * val LIKE '%1%2%3%4%'
1059 bv.bv_len = 2 * filter_value->bv_len - 1;
1060 bv.bv_val = ch_malloc( bv.bv_len + 1 );
1062 bv.bv_val[ 0 ] = filter_value->bv_val[ 0 ];
1063 for ( i = 1; i < filter_value->bv_len; i++ ) {
1064 bv.bv_val[ 2 * i - 1 ] = '%';
1065 bv.bv_val[ 2 * i ] = filter_value->bv_val[ i ];
1067 bv.bv_val[ 2 * i - 1 ] = '\0';
1069 (void)backsql_process_filter_like( bsi, at, casefold, &bv );
1070 ch_free( bv.bv_val );
1075 /* NOTE: this is required by objectClass inheritance
1076 * and auxiliary objectClass use in filters for slightly
1077 * more efficient candidate selection. */
1078 /* FIXME: a bit too many specializations to deal with
1079 * very specific cases... */
1080 if ( at->bam_ad == slap_schema.si_ad_objectClass
1081 || at->bam_ad == slap_schema.si_ad_structuralObjectClass )
1083 backsql_strfcat( &bsi->bsi_flt_where, "lbl",
1084 (ber_len_t)STRLENOF( "(ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */ ),
1085 "(ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */,
1087 (ber_len_t)STRLENOF( /* (' */ "')" ),
1093 * maybe we should check type of at->sel_expr here somehow,
1094 * to know whether upper_func is applicable, but for now
1095 * upper_func stuff is made for Oracle, where UPPER is
1096 * safely applicable to NUMBER etc.
1098 (void)backsql_process_filter_eq( bsi, at, casefold, filter_value );
1101 case LDAP_FILTER_GE:
1102 ordering.bv_val = ">=";
1104 /* fall thru to next case */
1106 case LDAP_FILTER_LE:
1107 filter_value = &f->f_av_value;
1109 /* always uppercase strings by now */
1110 #ifdef BACKSQL_UPPERCASE_FILTER
1111 if ( at->bam_ad->ad_type->sat_ordering &&
1112 SLAP_MR_ASSOCIATED( at->bam_ad->ad_type->sat_ordering,
1113 bi->sql_caseIgnoreMatch ) )
1114 #endif /* BACKSQL_UPPERCASE_FILTER */
1120 * FIXME: should we uppercase the operands?
1122 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
1125 backsql_strfcat( &bsi->bsi_flt_where, "cbbc",
1127 &at->bam_sel_expr_u,
1131 start = bsi->bsi_flt_where.bb_val.bv_len;
1133 backsql_strfcat( &bsi->bsi_flt_where, "bl",
1135 (ber_len_t)STRLENOF( /* (' */ "')" ),
1138 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
1141 backsql_strfcat( &bsi->bsi_flt_where, "cbbcbl",
1147 (ber_len_t)STRLENOF( /* (' */ "')" ),
1152 case LDAP_FILTER_PRESENT:
1153 backsql_strfcat( &bsi->bsi_flt_where, "lbl",
1154 (ber_len_t)STRLENOF( "NOT (" /* ) */),
1157 (ber_len_t)STRLENOF( /* ( */ " IS NULL)" ),
1158 /* ( */ " IS NULL)" );
1161 case LDAP_FILTER_SUBSTRINGS:
1162 backsql_process_sub_filter( bsi, f, at );
1165 case LDAP_FILTER_APPROX:
1166 /* we do our best */
1169 * maybe we should check type of at->sel_expr here somehow,
1170 * to know whether upper_func is applicable, but for now
1171 * upper_func stuff is made for Oracle, where UPPER is
1172 * safely applicable to NUMBER etc.
1174 (void)backsql_process_filter_like( bsi, at, 1, &f->f_av_value );
1178 /* unhandled filter type; should not happen */
1180 backsql_strfcat( &bsi->bsi_flt_where, "l",
1181 (ber_len_t)STRLENOF( "8=8" ), "8=8" );
1186 Debug( LDAP_DEBUG_TRACE, "<==backsql_process_filter_attr(%s)\n",
1187 at->bam_ad->ad_cname.bv_val, 0, 0 );
1193 backsql_srch_query( backsql_srch_info *bsi, struct berval *query )
1195 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
1199 BER_BVZERO( query );
1201 bsi->bsi_use_subtree_shortcut = 0;
1203 Debug( LDAP_DEBUG_TRACE, "==>backsql_srch_query()\n", 0, 0, 0 );
1204 BER_BVZERO( &bsi->bsi_sel.bb_val );
1205 BER_BVZERO( &bsi->bsi_sel.bb_val );
1206 bsi->bsi_sel.bb_len = 0;
1207 BER_BVZERO( &bsi->bsi_from.bb_val );
1208 bsi->bsi_from.bb_len = 0;
1209 BER_BVZERO( &bsi->bsi_join_where.bb_val );
1210 bsi->bsi_join_where.bb_len = 0;
1211 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
1212 bsi->bsi_flt_where.bb_len = 0;
1214 backsql_strfcat( &bsi->bsi_sel, "lbcbc",
1215 (ber_len_t)STRLENOF( "SELECT DISTINCT ldap_entries.id," ),
1216 "SELECT DISTINCT ldap_entries.id,",
1217 &bsi->bsi_oc->bom_keytbl,
1219 &bsi->bsi_oc->bom_keycol,
1222 if ( !BER_BVISNULL( &bi->sql_strcast_func ) ) {
1223 backsql_strfcat( &bsi->bsi_sel, "blbl",
1224 &bi->sql_strcast_func,
1225 (ber_len_t)STRLENOF( "('" /* ') */ ),
1227 &bsi->bsi_oc->bom_oc->soc_cname,
1228 (ber_len_t)STRLENOF( /* (' */ "')" ),
1231 backsql_strfcat( &bsi->bsi_sel, "cbc",
1233 &bsi->bsi_oc->bom_oc->soc_cname,
1236 #ifdef BACKSQL_ALIASING_QUOTE
1237 backsql_strfcat( &bsi->bsi_sel, "lclcl",
1238 (ber_len_t)STRLENOF( " " BACKSQL_ALIASING ),
1239 " " BACKSQL_ALIASING,
1240 BACKSQL_ALIASING_QUOTE,
1241 (ber_len_t)STRLENOF( "objectClass" ),
1243 BACKSQL_ALIASING_QUOTE,
1244 (ber_len_t)STRLENOF( ",ldap_entries.dn " BACKSQL_ALIASING "dn" ),
1245 ",ldap_entries.dn " BACKSQL_ALIASING "dn" );
1246 #else /* ! BACKSQL_ALIASING_QUOTE */
1247 backsql_strfcat( &bsi->bsi_sel, "l",
1248 (ber_len_t)STRLENOF( " " BACKSQL_ALIASING "objectClass,ldap_entries.dn " BACKSQL_ALIASING "dn" ),
1249 " " BACKSQL_ALIASING "objectClass,ldap_entries.dn " BACKSQL_ALIASING "dn" );
1250 #endif /* ! BACKSQL_ALIASING_QUOTE */
1252 backsql_strfcat( &bsi->bsi_from, "lb",
1253 (ber_len_t)STRLENOF( " FROM ldap_entries," ),
1254 " FROM ldap_entries,",
1255 &bsi->bsi_oc->bom_keytbl );
1257 backsql_strfcat( &bsi->bsi_join_where, "lbcbl",
1258 (ber_len_t)STRLENOF( " WHERE " ), " WHERE ",
1259 &bsi->bsi_oc->bom_keytbl,
1261 &bsi->bsi_oc->bom_keycol,
1262 (ber_len_t)STRLENOF( "=ldap_entries.keyval AND ldap_entries.oc_map_id=? AND " ),
1263 "=ldap_entries.keyval AND ldap_entries.oc_map_id=? AND " );
1265 switch ( bsi->bsi_scope ) {
1266 case LDAP_SCOPE_BASE:
1267 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1268 backsql_strfcat( &bsi->bsi_join_where, "bl",
1269 &bi->sql_upper_func,
1270 (ber_len_t)STRLENOF( "(ldap_entries.dn)=?" ),
1271 "(ldap_entries.dn)=?" );
1273 backsql_strfcat( &bsi->bsi_join_where, "l",
1274 (ber_len_t)STRLENOF( "ldap_entries.dn=?" ),
1275 "ldap_entries.dn=?" );
1279 case BACKSQL_SCOPE_BASE_LIKE:
1280 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1281 backsql_strfcat( &bsi->bsi_join_where, "bl",
1282 &bi->sql_upper_func,
1283 (ber_len_t)STRLENOF( "(ldap_entries.dn) LIKE ?" ),
1284 "(ldap_entries.dn) LIKE ?" );
1286 backsql_strfcat( &bsi->bsi_join_where, "l",
1287 (ber_len_t)STRLENOF( "ldap_entries.dn LIKE ?" ),
1288 "ldap_entries.dn LIKE ?" );
1292 case LDAP_SCOPE_ONELEVEL:
1293 backsql_strfcat( &bsi->bsi_join_where, "l",
1294 (ber_len_t)STRLENOF( "ldap_entries.parent=?" ),
1295 "ldap_entries.parent=?" );
1298 #ifdef LDAP_SCOPE_SUBORDINATE
1299 case LDAP_SCOPE_SUBORDINATE:
1300 #endif /* LDAP_SCOPE_SUBORDINATE */
1301 case LDAP_SCOPE_SUBTREE:
1302 if ( BACKSQL_USE_SUBTREE_SHORTCUT( bi ) ) {
1304 BackendDB *bd = bsi->bsi_op->o_bd;
1306 assert( bd->be_nsuffix );
1308 for ( i = 0; !BER_BVISNULL( &bd->be_nsuffix[ i ] ); i++ )
1310 if ( dn_match( &bd->be_nsuffix[ i ],
1311 bsi->bsi_base_ndn ) )
1313 /* pass this to the candidate selection
1314 * routine so that the DN is not bound
1315 * to the select statement */
1316 bsi->bsi_use_subtree_shortcut = 1;
1322 if ( bsi->bsi_use_subtree_shortcut ) {
1323 /* Skip the base DN filter, as every entry will match it */
1324 backsql_strfcat( &bsi->bsi_join_where, "l",
1325 (ber_len_t)STRLENOF( "9=9"), "9=9");
1327 } else if ( !BER_BVISNULL( &bi->sql_subtree_cond ) ) {
1328 backsql_strfcat( &bsi->bsi_join_where, "b", &bi->sql_subtree_cond );
1330 } else if ( BACKSQL_CANUPPERCASE( bi ) ) {
1331 backsql_strfcat( &bsi->bsi_join_where, "bl",
1332 &bi->sql_upper_func,
1333 (ber_len_t)STRLENOF( "(ldap_entries.dn) LIKE ?" ),
1334 "(ldap_entries.dn) LIKE ?" );
1337 backsql_strfcat( &bsi->bsi_join_where, "l",
1338 (ber_len_t)STRLENOF( "ldap_entries.dn LIKE ?" ),
1339 "ldap_entries.dn LIKE ?" );
1348 rc = backsql_process_filter( bsi, bsi->bsi_filter );
1350 struct berbuf bb = BB_NULL;
1352 backsql_strfcat( &bb, "bbblb",
1353 &bsi->bsi_sel.bb_val,
1354 &bsi->bsi_from.bb_val,
1355 &bsi->bsi_join_where.bb_val,
1356 (ber_len_t)STRLENOF( " AND " ), " AND ",
1357 &bsi->bsi_flt_where.bb_val );
1361 } else if ( rc < 0 ) {
1363 * Indicates that there's no possible way the filter matches
1364 * anything. No need to issue the query
1366 free( query->bv_val );
1367 BER_BVZERO( query );
1370 free( bsi->bsi_sel.bb_val.bv_val );
1371 BER_BVZERO( &bsi->bsi_sel.bb_val );
1372 bsi->bsi_sel.bb_len = 0;
1373 free( bsi->bsi_from.bb_val.bv_val );
1374 BER_BVZERO( &bsi->bsi_from.bb_val );
1375 bsi->bsi_from.bb_len = 0;
1376 free( bsi->bsi_join_where.bb_val.bv_val );
1377 BER_BVZERO( &bsi->bsi_join_where.bb_val );
1378 bsi->bsi_join_where.bb_len = 0;
1379 free( bsi->bsi_flt_where.bb_val.bv_val );
1380 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
1381 bsi->bsi_flt_where.bb_len = 0;
1383 Debug( LDAP_DEBUG_TRACE, "<==backsql_srch_query() returns %s\n",
1384 query->bv_val ? query->bv_val : "NULL", 0, 0 );
1386 return ( rc <= 0 ? 1 : 0 );
1390 backsql_oc_get_candidates( void *v_oc, void *v_bsi )
1392 backsql_oc_map_rec *oc = v_oc;
1393 backsql_srch_info *bsi = v_bsi;
1394 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
1395 struct berval query;
1396 SQLHSTMT sth = SQL_NULL_HSTMT;
1399 BACKSQL_ROW_NTS row;
1402 int n_candidates = bsi->bsi_n_candidates;
1405 * + 1 because we need room for '%';
1406 * + 1 because we need room for ',' for LDAP_SCOPE_SUBORDINATE;
1407 * this makes a subtree
1408 * search for a DN BACKSQL_MAX_DN_LEN long legal
1409 * if it returns that DN only
1411 char tmp_base_ndn[ BACKSQL_MAX_DN_LEN + 1 + 1 ];
1413 bsi->bsi_status = LDAP_SUCCESS;
1415 Debug( LDAP_DEBUG_TRACE, "==>backsql_oc_get_candidates(): oc=\"%s\"\n",
1416 BACKSQL_OC_NAME( oc ), 0, 0 );
1418 if ( bsi->bsi_n_candidates == -1 ) {
1419 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1420 "unchecked limit has been overcome\n", 0, 0, 0 );
1421 /* should never get here */
1423 bsi->bsi_status = LDAP_ADMINLIMIT_EXCEEDED;
1424 return BACKSQL_AVL_STOP;
1428 res = backsql_srch_query( bsi, &query );
1430 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1431 "error while constructing query for objectclass \"%s\"\n",
1432 oc->bom_oc->soc_cname.bv_val, 0, 0 );
1434 * FIXME: need to separate errors from legally
1435 * impossible filters
1437 switch ( bsi->bsi_status ) {
1439 case LDAP_UNDEFINED_TYPE:
1440 case LDAP_NO_SUCH_OBJECT:
1441 /* we are conservative... */
1443 bsi->bsi_status = LDAP_SUCCESS;
1445 return BACKSQL_AVL_CONTINUE;
1447 case LDAP_ADMINLIMIT_EXCEEDED:
1449 /* don't try any more */
1450 return BACKSQL_AVL_STOP;
1454 if ( BER_BVISNULL( &query ) ) {
1455 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1456 "could not construct query for objectclass \"%s\"\n",
1457 oc->bom_oc->soc_cname.bv_val, 0, 0 );
1458 bsi->bsi_status = LDAP_SUCCESS;
1459 return BACKSQL_AVL_CONTINUE;
1462 Debug( LDAP_DEBUG_TRACE, "Constructed query: %s\n",
1463 query.bv_val, 0, 0 );
1465 rc = backsql_Prepare( bsi->bsi_dbh, &sth, query.bv_val, 0 );
1466 free( query.bv_val );
1467 BER_BVZERO( &query );
1468 if ( rc != SQL_SUCCESS ) {
1469 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1470 "error preparing query\n", 0, 0, 0 );
1471 backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh, sth, rc );
1472 bsi->bsi_status = LDAP_OTHER;
1473 return BACKSQL_AVL_CONTINUE;
1476 Debug( LDAP_DEBUG_TRACE, "id: '%ld'\n", bsi->bsi_oc->bom_id, 0, 0 );
1478 rc = backsql_BindParamInt( sth, 1, SQL_PARAM_INPUT,
1479 &bsi->bsi_oc->bom_id );
1480 if ( rc != SQL_SUCCESS ) {
1481 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1482 "error binding objectclass id parameter\n", 0, 0, 0 );
1483 bsi->bsi_status = LDAP_OTHER;
1484 return BACKSQL_AVL_CONTINUE;
1487 switch ( bsi->bsi_scope ) {
1488 case LDAP_SCOPE_BASE:
1489 case BACKSQL_SCOPE_BASE_LIKE:
1491 * We do not accept DNs longer than BACKSQL_MAX_DN_LEN;
1492 * however this should be handled earlier
1494 if ( bsi->bsi_base_ndn->bv_len > BACKSQL_MAX_DN_LEN ) {
1495 bsi->bsi_status = LDAP_OTHER;
1496 return BACKSQL_AVL_CONTINUE;
1499 AC_MEMCPY( tmp_base_ndn, bsi->bsi_base_ndn->bv_val,
1500 bsi->bsi_base_ndn->bv_len + 1 );
1502 /* uppercase DN only if the stored DN can be uppercased
1504 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1505 ldap_pvt_str2upper( tmp_base_ndn );
1508 Debug( LDAP_DEBUG_TRACE, "(base)dn: \"%s\"\n",
1509 tmp_base_ndn, 0, 0 );
1511 rc = backsql_BindParamStr( sth, 2, SQL_PARAM_INPUT,
1512 tmp_base_ndn, BACKSQL_MAX_DN_LEN );
1513 if ( rc != SQL_SUCCESS ) {
1514 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1515 "error binding base_ndn parameter\n", 0, 0, 0 );
1516 backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh,
1518 bsi->bsi_status = LDAP_OTHER;
1519 return BACKSQL_AVL_CONTINUE;
1523 #ifdef LDAP_SCOPE_SUBORDINATE
1524 case LDAP_SCOPE_SUBORDINATE:
1525 #endif /* LDAP_SCOPE_SUBORDINATE */
1526 case LDAP_SCOPE_SUBTREE:
1528 /* if short-cutting the search base,
1529 * don't bind any parameter */
1530 if ( bsi->bsi_use_subtree_shortcut ) {
1535 * We do not accept DNs longer than BACKSQL_MAX_DN_LEN;
1536 * however this should be handled earlier
1538 if ( bsi->bsi_base_ndn->bv_len > BACKSQL_MAX_DN_LEN ) {
1539 bsi->bsi_status = LDAP_OTHER;
1540 return BACKSQL_AVL_CONTINUE;
1544 * Sets the parameters for the SQL built earlier
1545 * NOTE that all the databases could actually use
1546 * the TimesTen version, which would be cleaner
1547 * and would also eliminate the need for the
1548 * subtree_cond line in the configuration file.
1549 * For now, I'm leaving it the way it is,
1550 * so non-TimesTen databases use the original code.
1551 * But at some point this should get cleaned up.
1553 * If "dn" is being used, do a suffix search.
1554 * If "dn_ru" is being used, do a prefix search.
1556 if ( BACKSQL_HAS_LDAPINFO_DN_RU( bi ) ) {
1557 tmp_base_ndn[ 0 ] = '\0';
1559 for ( i = 0, j = bsi->bsi_base_ndn->bv_len - 1;
1561 tmp_base_ndn[ i ] = bsi->bsi_base_ndn->bv_val[ j ];
1564 #ifdef LDAP_SCOPE_SUBORDINATE
1565 if ( bsi->bsi_scope == LDAP_SCOPE_SUBORDINATE ) {
1566 tmp_base_ndn[ i++ ] = ',';
1568 #endif /* LDAP_SCOPE_SUBORDINATE */
1570 tmp_base_ndn[ i ] = '%';
1571 tmp_base_ndn[ i + 1 ] = '\0';
1576 tmp_base_ndn[ i++ ] = '%';
1578 #ifdef LDAP_SCOPE_SUBORDINATE
1579 if ( bsi->bsi_scope == LDAP_SCOPE_SUBORDINATE ) {
1580 tmp_base_ndn[ i++ ] = ',';
1582 #endif /* LDAP_SCOPE_SUBORDINATE */
1584 AC_MEMCPY( &tmp_base_ndn[ i ], bsi->bsi_base_ndn->bv_val,
1585 bsi->bsi_base_ndn->bv_len + 1 );
1588 /* uppercase DN only if the stored DN can be uppercased
1590 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1591 ldap_pvt_str2upper( tmp_base_ndn );
1594 #ifdef LDAP_SCOPE_SUBORDINATE
1595 if ( bsi->bsi_scope == LDAP_SCOPE_SUBORDINATE ) {
1596 Debug( LDAP_DEBUG_TRACE, "(children)dn: \"%s\"\n",
1597 tmp_base_ndn, 0, 0 );
1599 #endif /* LDAP_SCOPE_SUBORDINATE */
1601 Debug( LDAP_DEBUG_TRACE, "(sub)dn: \"%s\"\n",
1602 tmp_base_ndn, 0, 0 );
1605 rc = backsql_BindParamStr( sth, 2, SQL_PARAM_INPUT,
1606 tmp_base_ndn, BACKSQL_MAX_DN_LEN );
1607 if ( rc != SQL_SUCCESS ) {
1608 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1609 "error binding base_ndn parameter (2)\n",
1611 backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh,
1613 bsi->bsi_status = LDAP_OTHER;
1614 return BACKSQL_AVL_CONTINUE;
1619 case LDAP_SCOPE_ONELEVEL:
1620 assert( !BER_BVISNULL( &bsi->bsi_base_id.eid_ndn ) );
1622 #ifdef BACKSQL_ARBITRARY_KEY
1623 Debug( LDAP_DEBUG_TRACE, "(one)id: \"%s\"\n",
1624 bsi->bsi_base_id.eid_id.bv_val, 0, 0 );
1625 #else /* ! BACKSQL_ARBITRARY_KEY */
1626 Debug( LDAP_DEBUG_TRACE, "(one)id: '%lu'\n",
1627 bsi->bsi_base_id.eid_id, 0, 0 );
1628 #endif /* ! BACKSQL_ARBITRARY_KEY */
1629 rc = backsql_BindParamID( sth, 2, SQL_PARAM_INPUT,
1630 &bsi->bsi_base_id.eid_id );
1631 if ( rc != SQL_SUCCESS ) {
1632 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1633 "error binding base id parameter\n", 0, 0, 0 );
1634 bsi->bsi_status = LDAP_OTHER;
1635 return BACKSQL_AVL_CONTINUE;
1640 rc = SQLExecute( sth );
1641 if ( !BACKSQL_SUCCESS( rc ) ) {
1642 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1643 "error executing query\n", 0, 0, 0 );
1644 backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh, sth, rc );
1645 SQLFreeStmt( sth, SQL_DROP );
1646 bsi->bsi_status = LDAP_OTHER;
1647 return BACKSQL_AVL_CONTINUE;
1650 backsql_BindRowAsStrings( sth, &row );
1651 rc = SQLFetch( sth );
1652 for ( ; BACKSQL_SUCCESS( rc ); rc = SQLFetch( sth ) ) {
1653 struct berval dn, pdn, ndn;
1654 backsql_entryID *c_id = NULL;
1657 ber_str2bv( row.cols[ 3 ], 0, 0, &dn );
1659 if ( backsql_api_odbc2dn( bsi->bsi_op, bsi->bsi_rs, &dn ) ) {
1663 ret = dnPrettyNormal( NULL, &dn, &pdn, &ndn, NULL );
1664 if ( dn.bv_val != row.cols[ 3 ] ) {
1668 if ( ret != LDAP_SUCCESS ) {
1672 if ( bi->sql_baseObject && dn_match( &ndn, &bi->sql_baseObject->e_nname ) ) {
1678 c_id = (backsql_entryID *)ch_calloc( 1,
1679 sizeof( backsql_entryID ) );
1680 #ifdef BACKSQL_ARBITRARY_KEY
1681 ber_str2bv( row.cols[ 0 ], 0, 1, &c_id->eid_id );
1682 ber_str2bv( row.cols[ 1 ], 0, 1, &c_id->eid_keyval );
1683 #else /* ! BACKSQL_ARBITRARY_KEY */
1684 c_id->eid_id = strtol( row.cols[ 0 ], NULL, 0 );
1685 c_id->eid_keyval = strtol( row.cols[ 1 ], NULL, 0 );
1686 #endif /* ! BACKSQL_ARBITRARY_KEY */
1687 c_id->eid_oc_id = bsi->bsi_oc->bom_id;
1690 c_id->eid_ndn = ndn;
1692 /* append at end of list ... */
1693 c_id->eid_next = NULL;
1694 *bsi->bsi_id_listtail = c_id;
1695 bsi->bsi_id_listtail = &c_id->eid_next;
1697 #ifdef BACKSQL_ARBITRARY_KEY
1698 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1699 "added entry id=%s, keyval=%s dn=\"%s\"\n",
1700 c_id->eid_id.bv_val, c_id->eid_keyval.bv_val,
1702 #else /* ! BACKSQL_ARBITRARY_KEY */
1703 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1704 "added entry id=%ld, keyval=%ld dn=\"%s\"\n",
1705 c_id->eid_id, c_id->eid_keyval, row.cols[ 3 ] );
1706 #endif /* ! BACKSQL_ARBITRARY_KEY */
1708 /* count candidates, for unchecked limit */
1709 bsi->bsi_n_candidates--;
1710 if ( bsi->bsi_n_candidates == -1 ) {
1714 backsql_FreeRow( &row );
1715 SQLFreeStmt( sth, SQL_DROP );
1717 Debug( LDAP_DEBUG_TRACE, "<==backsql_oc_get_candidates(): %d\n",
1718 n_candidates - bsi->bsi_n_candidates, 0, 0 );
1720 return ( bsi->bsi_n_candidates == -1 ? BACKSQL_AVL_STOP : BACKSQL_AVL_CONTINUE );
1724 backsql_search( Operation *op, SlapReply *rs )
1726 backsql_info *bi = (backsql_info *)op->o_bd->be_private;
1727 SQLHDBC dbh = SQL_NULL_HDBC;
1729 Entry user_entry = { 0 };
1731 time_t stoptime = 0;
1732 backsql_srch_info bsi;
1733 backsql_entryID *eid = NULL;
1734 struct berval nbase = BER_BVNULL,
1735 realndn = BER_BVNULL;
1737 manageDSAit = get_manageDSAit( op );
1739 Debug( LDAP_DEBUG_TRACE, "==>backsql_search(): "
1740 "base=\"%s\", filter=\"%s\", scope=%d,",
1741 op->o_req_ndn.bv_val,
1742 op->ors_filterstr.bv_val ? op->ors_filterstr.bv_val : "(no filter)",
1744 Debug( LDAP_DEBUG_TRACE, " deref=%d, attrsonly=%d, "
1745 "attributes to load: %s\n",
1748 op->ors_attrs == NULL ? "all" : "custom list" );
1750 if ( op->o_req_ndn.bv_len > BACKSQL_MAX_DN_LEN ) {
1751 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1752 "search base length (%ld) exceeds max length (%d)\n",
1753 op->o_req_ndn.bv_len, BACKSQL_MAX_DN_LEN, 0 );
1755 * FIXME: a LDAP_NO_SUCH_OBJECT could be appropriate
1756 * since it is impossible that such a long DN exists
1759 rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
1760 send_ldap_result( op, rs );
1764 sres = backsql_get_db_conn( op, &dbh );
1765 if ( sres != LDAP_SUCCESS ) {
1766 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1767 "could not get connection handle - exiting\n",
1770 rs->sr_text = sres == LDAP_OTHER ? "SQL-backend error" : NULL;
1771 send_ldap_result( op, rs );
1775 /* compute it anyway; root does not use it */
1776 stoptime = op->o_time + op->ors_tlimit;
1778 realndn = op->o_req_ndn;
1779 if ( backsql_api_dn2odbc( op, rs, &realndn ) ) {
1780 Debug( LDAP_DEBUG_TRACE, " backsql_search(\"%s\"): "
1781 "backsql_api_dn2odbc(\"%s\") failed\n",
1782 op->o_req_ndn.bv_val, realndn.bv_val, 0 );
1783 rs->sr_err = LDAP_OTHER;
1784 rs->sr_text = "SQL-backend error";
1785 send_ldap_result( op, rs );
1790 rs->sr_err = backsql_init_search( &bsi, &realndn,
1792 op->ors_slimit, op->ors_tlimit,
1793 stoptime, op->ors_filter,
1794 dbh, op, rs, op->ors_attrs,
1795 BACKSQL_ISF_GET_ID );
1796 if ( rs->sr_err != LDAP_SUCCESS ) {
1797 send_ldap_result( op, rs );
1803 e.e_name = bsi.bsi_base_id.eid_dn;
1804 e.e_nname = bsi.bsi_base_id.eid_ndn;
1805 /* FIXME: need the whole entry (ITS#3480) */
1806 if ( ! access_allowed( op, &e, slap_schema.si_ad_entry,
1807 NULL, ACL_DISCLOSE, NULL ) )
1809 rs->sr_err = LDAP_NO_SUCH_OBJECT;
1810 send_ldap_result( op, rs );
1815 bsi.bsi_n_candidates =
1816 ( op->ors_limit == NULL /* isroot == TRUE */ ? -2 :
1817 ( op->ors_limit->lms_s_unchecked == -1 ? -2 :
1818 ( op->ors_limit->lms_s_unchecked ) ) );
1820 switch ( bsi.bsi_scope ) {
1821 case LDAP_SCOPE_BASE:
1822 case BACKSQL_SCOPE_BASE_LIKE:
1824 * probably already found...
1826 bsi.bsi_id_list = &bsi.bsi_base_id;
1827 bsi.bsi_id_listtail = &bsi.bsi_base_id.eid_next;
1830 case LDAP_SCOPE_SUBTREE:
1832 * if baseObject is defined, and if it is the root
1833 * of the search, add it to the candidate list
1835 if ( bi->sql_baseObject && BACKSQL_IS_BASEOBJECT_ID( &bsi.bsi_base_id.eid_id ) )
1837 bsi.bsi_id_list = &bsi.bsi_base_id;
1838 bsi.bsi_id_listtail = &bsi.bsi_base_id.eid_next;
1845 * for each objectclass we try to construct query which gets IDs
1846 * of entries matching LDAP query filter and scope (or at least
1847 * candidates), and get the IDs
1849 avl_apply( bi->sql_oc_by_oc, backsql_oc_get_candidates,
1850 &bsi, BACKSQL_AVL_STOP, AVL_INORDER );
1853 if ( op->ors_limit != NULL /* isroot == FALSE */
1854 && op->ors_limit->lms_s_unchecked != -1
1855 && bsi.bsi_n_candidates == -1 )
1857 rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
1858 send_ldap_result( op, rs );
1863 * now we load candidate entries (only those attributes
1864 * mentioned in attrs and filter), test it against full filter
1865 * and then send to client; don't free entry_id if baseObject...
1867 for ( eid = bsi.bsi_id_list;
1869 eid = backsql_free_entryID( eid, eid == &bsi.bsi_base_id ? 0 : 1 ) )
1872 Attribute *a_hasSubordinate = NULL,
1873 *a_entryUUID = NULL,
1878 /* check for abandon */
1879 if ( op->o_abandon ) {
1883 /* check time limit */
1884 if ( op->ors_tlimit != SLAP_NO_LIMIT
1885 && slap_get_time() > stoptime )
1887 rs->sr_err = LDAP_TIMELIMIT_EXCEEDED;
1888 rs->sr_ctrls = NULL;
1889 rs->sr_ref = rs->sr_v2ref;
1890 rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS
1892 send_ldap_result( op, rs );
1896 #ifdef BACKSQL_ARBITRARY_KEY
1897 Debug(LDAP_DEBUG_TRACE, "backsql_search(): loading data "
1898 "for entry id=%s, oc_id=%ld, keyval=%s\n",
1899 eid->eid_id.bv_val, eid->eid_oc_id,
1900 eid->eid_keyval.bv_val );
1901 #else /* ! BACKSQL_ARBITRARY_KEY */
1902 Debug(LDAP_DEBUG_TRACE, "backsql_search(): loading data "
1903 "for entry id=%ld, oc_id=%ld, keyval=%ld\n",
1904 eid->eid_id, eid->eid_oc_id, eid->eid_keyval );
1905 #endif /* ! BACKSQL_ARBITRARY_KEY */
1908 switch ( op->ors_scope ) {
1909 case LDAP_SCOPE_BASE:
1910 case BACKSQL_SCOPE_BASE_LIKE:
1911 if ( !dn_match( &eid->eid_ndn, &op->o_req_ndn ) ) {
1916 case LDAP_SCOPE_ONE:
1918 struct berval rdn = eid->eid_ndn;
1920 rdn.bv_len -= op->o_req_ndn.bv_len + STRLENOF( "," );
1921 if ( !dnIsOneLevelRDN( &rdn ) ) {
1927 #ifdef LDAP_SCOPE_SUBORDINATE
1928 case LDAP_SCOPE_SUBORDINATE:
1929 /* discard the baseObject entry */
1930 if ( dn_match( &eid->eid_ndn, &op->o_req_ndn ) ) {
1934 #endif /* LDAP_SCOPE_SUBORDINATE */
1936 case LDAP_SCOPE_SUBTREE:
1937 /* FIXME: this should never fail... */
1938 if ( !dnIsSuffix( &eid->eid_ndn, &op->o_req_ndn ) ) {
1944 /* don't recollect baseObject ... */
1945 if ( BACKSQL_IS_BASEOBJECT_ID( &eid->eid_id ) ) {
1946 e = bi->sql_baseObject;
1949 bsi.bsi_e = &user_entry;
1950 rc = backsql_id2entry( &bsi, eid );
1951 if ( rc != LDAP_SUCCESS ) {
1952 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1953 "error %d in backsql_id2entry() "
1954 "- skipping\n", rc, 0, 0 );
1961 if ( !manageDSAit &&
1962 op->ors_scope != LDAP_SCOPE_BASE &&
1963 op->ors_scope != BACKSQL_SCOPE_BASE_LIKE &&
1964 is_entry_referral( e ) )
1968 refs = get_entry_referrals( op, e );
1970 backsql_srch_info bsi2 = { 0 };
1971 Entry user_entry2 = { 0 };
1973 /* retry with the full entry... */
1974 (void)backsql_init_search( &bsi2,
1977 SLAP_NO_LIMIT, SLAP_NO_LIMIT,
1979 dbh, op, rs, NULL, 0 );
1980 bsi2.bsi_e = &user_entry2;
1981 rc = backsql_id2entry( &bsi2, eid );
1982 if ( rc == LDAP_SUCCESS ) {
1983 if ( is_entry_referral( &user_entry2 ) )
1985 refs = get_entry_referrals( op,
1987 } /* else: FIXME: inconsistency! */
1988 entry_clean( &user_entry2 );
1990 if ( bsi2.bsi_attrs != NULL ) {
1991 op->o_tmpfree( bsi2.bsi_attrs,
1997 rs->sr_ref = referral_rewrite( refs,
2001 ber_bvarray_free( refs );
2004 if ( !rs->sr_ref ) {
2005 rs->sr_text = "bad referral object";
2009 rs->sr_err = LDAP_REFERRAL;
2010 rs->sr_matched = user_entry.e_name.bv_val;
2011 send_search_reference( op, rs );
2013 ber_bvarray_free( rs->sr_ref );
2015 rs->sr_matched = NULL;
2016 rs->sr_entry = NULL;
2022 * We use this flag since we need to parse the filter
2023 * anyway; we should have used the frontend API function
2024 * filter_has_subordinates()
2026 if ( bsi.bsi_flags & BSQL_SF_FILTER_HASSUBORDINATE ) {
2027 rc = backsql_has_children( bi, dbh, &e->e_nname );
2030 case LDAP_COMPARE_TRUE:
2031 case LDAP_COMPARE_FALSE:
2032 a_hasSubordinate = slap_operational_hasSubordinate( rc == LDAP_COMPARE_TRUE );
2033 if ( a_hasSubordinate != NULL ) {
2034 for ( ap = &user_entry.e_attrs;
2036 ap = &(*ap)->a_next );
2038 *ap = a_hasSubordinate;
2044 Debug(LDAP_DEBUG_TRACE,
2045 "backsql_search(): "
2046 "has_children failed( %d)\n",
2053 if ( bsi.bsi_flags & BSQL_SF_FILTER_ENTRYUUID ) {
2054 a_entryUUID = backsql_operational_entryUUID( bi, eid );
2055 if ( a_entryUUID != NULL ) {
2057 ap = &user_entry.e_attrs;
2060 for ( ; *ap; ap = &(*ap)->a_next );
2066 #ifdef BACKSQL_SYNCPROV
2067 if ( bsi.bsi_flags & BSQL_SF_FILTER_ENTRYCSN ) {
2068 a_entryCSN = backsql_operational_entryCSN( op );
2069 if ( a_entryCSN != NULL ) {
2071 ap = &user_entry.e_attrs;
2074 for ( ; *ap; ap = &(*ap)->a_next );
2079 #endif /* BACKSQL_SYNCPROV */
2081 if ( test_filter( op, e, op->ors_filter ) == LDAP_COMPARE_TRUE )
2083 rs->sr_attrs = op->ors_attrs;
2084 rs->sr_operational_attrs = NULL;
2086 if ( e == &user_entry ) {
2087 rs->sr_flags = REP_ENTRY_MODIFIABLE;
2089 /* FIXME: need the whole entry (ITS#3480) */
2090 sres = send_search_entry( op, rs );
2091 rs->sr_entry = NULL;
2092 rs->sr_attrs = NULL;
2093 rs->sr_operational_attrs = NULL;
2101 * FIXME: send_search_entry failed;
2105 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
2106 "connection lost\n", 0, 0, 0 );
2112 entry_clean( &user_entry );
2115 if ( op->ors_slimit != SLAP_NO_LIMIT
2116 && rs->sr_nentries >= op->ors_slimit )
2118 rs->sr_err = LDAP_SIZELIMIT_EXCEEDED;
2119 send_ldap_result( op, rs );
2125 /* in case we got here accidentally */
2126 entry_clean( &user_entry );
2128 if ( rs->sr_nentries > 0 ) {
2129 rs->sr_ref = rs->sr_v2ref;
2130 rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS
2134 rs->sr_err = bsi.bsi_status;
2136 send_ldap_result( op, rs );
2138 if ( rs->sr_v2ref ) {
2139 ber_bvarray_free( rs->sr_v2ref );
2140 rs->sr_v2ref = NULL;
2143 #ifdef BACKSQL_SYNCPROV
2145 Operation op2 = *op;
2146 SlapReply rs2 = { 0 };
2148 slap_callback cb = { 0 };
2150 op2.o_tag = LDAP_REQ_ADD;
2151 op2.o_bd = select_backend( &op->o_bd->be_nsuffix[0], 0, 0 );
2153 op2.o_callback = &cb;
2155 e.e_name = op->o_bd->be_suffix[0];
2156 e.e_nname = op->o_bd->be_nsuffix[0];
2158 cb.sc_response = slap_null_cb;
2160 op2.o_bd->be_add( &op2, &rs2 );
2162 #endif /* BACKSQL_SYNCPROV */
2165 if ( !BER_BVISNULL( &realndn ) && realndn.bv_val != op->o_req_ndn.bv_val ) {
2166 ch_free( realndn.bv_val );
2169 if ( !BER_BVISNULL( &bsi.bsi_base_id.eid_ndn ) ) {
2170 (void)backsql_free_entryID( &bsi.bsi_base_id, 0 );
2173 if ( bsi.bsi_attrs != NULL ) {
2174 op->o_tmpfree( bsi.bsi_attrs, op->o_tmpmemctx );
2177 if ( !BER_BVISNULL( &nbase )
2178 && nbase.bv_val != op->o_req_ndn.bv_val )
2180 ch_free( nbase.bv_val );
2183 /* restore scope ... FIXME: this should be done before ANY
2184 * frontend call that uses op */
2185 if ( op->ors_scope == BACKSQL_SCOPE_BASE_LIKE ) {
2186 op->ors_scope = LDAP_SCOPE_BASE;
2189 Debug( LDAP_DEBUG_TRACE, "<==backsql_search()\n", 0, 0, 0 );
2193 /* return LDAP_SUCCESS IFF we can retrieve the specified entry.
2200 AttributeDescription *at,
2204 backsql_srch_info bsi;
2205 SQLHDBC dbh = SQL_NULL_HDBC;
2207 SlapReply rs = { 0 };
2208 AttributeName anlist[ 2 ];
2210 rc = backsql_get_db_conn( op, &dbh );
2216 anlist[ 0 ].an_name = at->ad_cname;
2217 anlist[ 0 ].an_desc = at;
2218 BER_BVZERO( &anlist[ 1 ].an_name );
2221 rc = backsql_init_search( &bsi,
2224 SLAP_NO_LIMIT, SLAP_NO_LIMIT,
2226 dbh, op, &rs, at ? anlist : NULL,
2227 BACKSQL_ISF_GET_ID );
2228 if ( rc != LDAP_SUCCESS ) {
2232 bsi.bsi_e = ch_malloc( sizeof( Entry ) );
2233 rc = backsql_id2entry( &bsi, &bsi.bsi_base_id );
2235 if ( !BER_BVISNULL( &bsi.bsi_base_id.eid_ndn ) ) {
2236 (void)backsql_free_entryID( &bsi.bsi_base_id, 0 );
2239 if ( rc == LDAP_SUCCESS ) {
2241 #if 0 /* not supported at present */
2242 /* find attribute values */
2243 if ( is_entry_alias( bsi.bsi_e ) ) {
2244 Debug( LDAP_DEBUG_ACL,
2245 "<= backsql_entry_get: entry is an alias\n",
2247 rc = LDAP_ALIAS_PROBLEM;
2248 goto return_results;
2252 if ( is_entry_referral( bsi.bsi_e ) ) {
2253 Debug( LDAP_DEBUG_ACL,
2254 "<= backsql_entry_get: entry is a referral\n",
2257 goto return_results;
2260 if ( oc && !is_entry_objectclass( bsi.bsi_e, oc, 0 ) ) {
2261 Debug( LDAP_DEBUG_ACL,
2262 "<= backsql_entry_get: "
2263 "failed to find objectClass\n",
2265 rc = LDAP_NO_SUCH_ATTRIBUTE;
2266 goto return_results;
2273 if ( bsi.bsi_attrs != NULL ) {
2274 op->o_tmpfree( bsi.bsi_attrs, op->o_tmpmemctx );
2277 if ( rc != LDAP_SUCCESS ) {
2279 entry_free( bsi.bsi_e );