2 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
4 * Copyright 1999-2004 The OpenLDAP Foundation.
5 * Portions Copyright 1999 Dmitry Kovalev.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted only as authorized by the OpenLDAP
12 * A copy of this license is available in the file LICENSE in the
13 * top-level directory of the distribution or, alternatively, at
14 * <http://www.OpenLDAP.org/license.html>.
17 * This work was initially developed by Dmitry Kovalev for inclusion
18 * by OpenLDAP Software.
26 #include <sys/types.h>
27 #include "ac/string.h"
32 #include "proto-sql.h"
34 static int backsql_process_filter( backsql_srch_info *bsi, Filter *f );
35 static int backsql_process_filter_eq( backsql_srch_info *bsi,
36 backsql_at_map_rec *at,
37 int casefold, struct berval *filter_value );
38 static int backsql_process_filter_like( backsql_srch_info *bsi,
39 backsql_at_map_rec *at,
40 int casefold, struct berval *filter_value );
41 static int backsql_process_filter_attr( backsql_srch_info *bsi, Filter *f,
42 backsql_at_map_rec *at );
45 backsql_attrlist_add( backsql_srch_info *bsi, AttributeDescription *ad )
48 AttributeName *an = NULL;
50 if ( bsi->bsi_attrs == NULL ) {
55 * clear the list (retrieve all attrs)
58 ch_free( bsi->bsi_attrs );
59 bsi->bsi_attrs = NULL;
63 for ( ; !BER_BVISNULL( &bsi->bsi_attrs[ n_attrs ].an_name ); n_attrs++ ) {
64 an = &bsi->bsi_attrs[ n_attrs ];
66 Debug( LDAP_DEBUG_TRACE, "==>backsql_attrlist_add(): "
67 "attribute \"%s\" is in list\n",
68 an->an_name.bv_val, 0, 0 );
70 * We can live with strcmp because the attribute
71 * list has been normalized before calling be_search
73 if ( !BACKSQL_NCMP( &an->an_name, &ad->ad_cname ) ) {
78 Debug( LDAP_DEBUG_TRACE, "==>backsql_attrlist_add(): "
79 "adding \"%s\" to list\n", ad->ad_cname.bv_val, 0, 0 );
81 an = (AttributeName *)ch_realloc( bsi->bsi_attrs,
82 sizeof( AttributeName ) * ( n_attrs + 2 ) );
87 an[ n_attrs ].an_name = ad->ad_cname;
88 an[ n_attrs ].an_desc = ad;
89 BER_BVZERO( &an[ n_attrs + 1 ].an_name );
98 backsql_srch_info *bsi,
108 AttributeName *attrs )
112 bsi->bsi_base_dn = base;
113 bsi->bsi_scope = scope;
114 bsi->bsi_slimit = slimit;
115 bsi->bsi_tlimit = tlimit;
116 bsi->bsi_filter = filter;
125 if ( attrs == NULL || an_find( attrs, &AllUser ) ) {
126 bsi->bsi_attrs = NULL;
129 bsi->bsi_attrs = (AttributeName *)ch_calloc( 1,
130 sizeof( AttributeName ) );
131 BER_BVZERO( &bsi->bsi_attrs[ 0 ].an_name );
133 for ( p = attrs; !BER_BVISNULL( &p->an_name ); p++ ) {
135 * ignore "1.1"; handle "+"
137 if ( BACKSQL_NCMP( &p->an_name, &AllOper ) == 0 ) {
138 bsi->bsi_flags |= BSQL_SF_ALL_OPER;
141 } else if ( BACKSQL_NCMP( &p->an_name, &NoAttrs ) == 0 ) {
145 backsql_attrlist_add( bsi, p->an_desc );
149 bsi->bsi_abandon = 0;
150 bsi->bsi_id_list = NULL;
151 bsi->bsi_n_candidates = 0;
152 bsi->bsi_stoptime = stoptime;
153 BER_BVZERO( &bsi->bsi_sel.bb_val );
154 bsi->bsi_sel.bb_len = 0;
155 BER_BVZERO( &bsi->bsi_from.bb_val );
156 bsi->bsi_from.bb_len = 0;
157 BER_BVZERO( &bsi->bsi_join_where.bb_val );
158 bsi->bsi_join_where.bb_len = 0;
159 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
160 bsi->bsi_flt_where.bb_len = 0;
161 bsi->bsi_filter_oc = NULL;
163 bsi->bsi_status = LDAP_SUCCESS;
167 backsql_process_filter_list( backsql_srch_info *bsi, Filter *f, int op )
175 backsql_strfcat( &bsi->bsi_flt_where, "c", '(' /* ) */ );
178 res = backsql_process_filter( bsi, f );
181 * TimesTen : If the query has no answers,
182 * don't bother to run the query.
193 case LDAP_FILTER_AND:
194 backsql_strfcat( &bsi->bsi_flt_where, "l",
195 (ber_len_t)STRLENOF( " AND " ),
200 backsql_strfcat( &bsi->bsi_flt_where, "l",
201 (ber_len_t)STRLENOF( " OR " ),
207 backsql_strfcat( &bsi->bsi_flt_where, "c", /* ( */ ')' );
213 backsql_process_sub_filter( backsql_srch_info *bsi, Filter *f,
214 backsql_at_map_rec *at )
216 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
224 /* always uppercase strings by now */
225 #ifdef BACKSQL_UPPERCASE_FILTER
226 if ( SLAP_MR_ASSOCIATED( f->f_sub_desc->ad_type->sat_substr,
227 bi->bi_caseIgnoreMatch ) )
228 #endif /* BACKSQL_UPPERCASE_FILTER */
233 if ( SLAP_MR_ASSOCIATED( f->f_sub_desc->ad_type->sat_substr,
234 bi->bi_telephoneNumberMatch ) )
241 * to check for matching telephone numbers
242 * with intermixed chars, e.g. val='1234'
245 * val LIKE '%1%2%3%4%'
249 if ( f->f_sub_initial.bv_val ) {
250 bv.bv_len += f->f_sub_initial.bv_len;
252 if ( f->f_sub_any != NULL ) {
253 for ( a = 0; f->f_sub_any[ a ].bv_val != NULL; a++ ) {
254 bv.bv_len += f->f_sub_any[ a ].bv_len;
257 if ( f->f_sub_final.bv_val ) {
258 bv.bv_len += f->f_sub_final.bv_len;
260 bv.bv_len = 2 * bv.bv_len - 1;
261 bv.bv_val = ch_malloc( bv.bv_len + 1 );
264 if ( !BER_BVISNULL( &f->f_sub_initial ) ) {
265 bv.bv_val[ s ] = f->f_sub_initial.bv_val[ 0 ];
266 for ( i = 1; i < f->f_sub_initial.bv_len; i++ ) {
267 bv.bv_val[ s + 2 * i - 1 ] = '%';
268 bv.bv_val[ s + 2 * i ] = f->f_sub_initial.bv_val[ i ];
270 bv.bv_val[ s + 2 * i - 1 ] = '%';
274 if ( f->f_sub_any != NULL ) {
275 for ( a = 0; !BER_BVISNULL( &f->f_sub_any[ a ] ); a++ ) {
276 bv.bv_val[ s ] = f->f_sub_any[ a ].bv_val[ 0 ];
277 for ( i = 1; i < f->f_sub_any[ a ].bv_len; i++ ) {
278 bv.bv_val[ s + 2 * i - 1 ] = '%';
279 bv.bv_val[ s + 2 * i ] = f->f_sub_any[ a ].bv_val[ i ];
281 bv.bv_val[ s + 2 * i - 1 ] = '%';
286 if ( !BER_BVISNULL( &f->f_sub_final ) ) {
287 bv.bv_val[ s ] = f->f_sub_final.bv_val[ 0 ];
288 for ( i = 1; i < f->f_sub_final.bv_len; i++ ) {
289 bv.bv_val[ s + 2 * i - 1 ] = '%';
290 bv.bv_val[ s + 2 * i ] = f->f_sub_final.bv_val[ i ];
292 bv.bv_val[ s + 2 * i - 1 ] = '%';
296 bv.bv_val[ s - 1 ] = '\0';
298 (void)backsql_process_filter_like( bsi, at, casefold, &bv );
299 ch_free( bv.bv_val );
305 * When dealing with case-sensitive strings
306 * we may omit normalization; however, normalized
307 * SQL filters are more liberal.
310 backsql_strfcat( &bsi->bsi_flt_where, "c", '(' /* ) */ );
313 Debug( LDAP_DEBUG_TRACE, "backsql_process_sub_filter(%s):\n",
314 at->bam_ad->ad_cname.bv_val, 0, 0 );
315 Debug(LDAP_DEBUG_TRACE, " expr: '%s%s%s'\n", at->bam_sel_expr.bv_val,
316 at->bam_sel_expr_u.bv_val ? "' '" : "",
317 at->bam_sel_expr_u.bv_val ? at->bam_sel_expr_u.bv_val : "" );
318 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
320 * If a pre-upper-cased version of the column
321 * or a precompiled upper function exists, use it
323 backsql_strfcat( &bsi->bsi_flt_where,
326 (ber_len_t)STRLENOF( " LIKE '" ),
330 backsql_strfcat( &bsi->bsi_flt_where, "bl",
332 (ber_len_t)STRLENOF( " LIKE '" ), " LIKE '" );
335 if ( !BER_BVISNULL( &f->f_sub_initial ) ) {
339 Debug( LDAP_DEBUG_TRACE,
340 "==>backsql_process_sub_filter(%s): "
341 "sub_initial=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
342 f->f_sub_initial.bv_val, 0 );
343 #endif /* BACKSQL_TRACE */
345 start = bsi->bsi_flt_where.bb_val.bv_len;
346 backsql_strfcat( &bsi->bsi_flt_where, "b",
348 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
349 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
353 backsql_strfcat( &bsi->bsi_flt_where, "c", '%' );
355 if ( f->f_sub_any != NULL ) {
356 for ( i = 0; !BER_BVISNULL( &f->f_sub_any[ i ] ); i++ ) {
360 Debug( LDAP_DEBUG_TRACE,
361 "==>backsql_process_sub_filter(%s): "
362 "sub_any[%d]=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
363 i, f->f_sub_any[ i ].bv_val );
364 #endif /* BACKSQL_TRACE */
366 start = bsi->bsi_flt_where.bb_val.bv_len;
367 backsql_strfcat( &bsi->bsi_flt_where,
371 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
373 * Note: toupper('%') = '%'
375 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
380 if ( !BER_BVISNULL( &f->f_sub_final ) ) {
384 Debug( LDAP_DEBUG_TRACE,
385 "==>backsql_process_sub_filter(%s): "
386 "sub_final=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
387 f->f_sub_final.bv_val, 0 );
388 #endif /* BACKSQL_TRACE */
390 start = bsi->bsi_flt_where.bb_val.bv_len;
391 backsql_strfcat( &bsi->bsi_flt_where, "b",
393 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
394 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
398 backsql_strfcat( &bsi->bsi_flt_where, "l",
399 (ber_len_t)sizeof( /* (' */ "')" ) - 1, /* ( */ "')" );
405 backsql_process_filter( backsql_srch_info *bsi, Filter *f )
407 backsql_at_map_rec **vat = NULL;
408 AttributeDescription *ad = NULL;
413 Debug( LDAP_DEBUG_TRACE, "==>backsql_process_filter()\n", 0, 0, 0 );
414 if ( f->f_choice == SLAPD_FILTER_COMPUTED ) {
415 Debug( LDAP_DEBUG_TRACE, "backsql_process_filter(): "
416 "invalid filter\n", 0, 0, 0 );
421 switch( f->f_choice ) {
423 rc = backsql_process_filter_list( bsi, f->f_or,
428 case LDAP_FILTER_AND:
429 rc = backsql_process_filter_list( bsi, f->f_and,
434 case LDAP_FILTER_NOT:
435 backsql_strfcat( &bsi->bsi_flt_where, "l",
436 (ber_len_t)sizeof( "NOT (" /* ) */ ) - 1,
438 rc = backsql_process_filter( bsi, f->f_not );
439 backsql_strfcat( &bsi->bsi_flt_where, "c", /* ( */ ')' );
443 case LDAP_FILTER_PRESENT:
447 case LDAP_FILTER_EXT:
448 ad = f->f_mra->ma_desc;
449 if ( f->f_mr_dnattrs ) {
451 * if dn attrs filtering is requested, better return
452 * success and let test_filter() deal with candidate
453 * selection; otherwise we'd need to set conditions
454 * on the contents of the DN, e.g. "SELECT ... FROM
455 * ldap_entries AS attributeName WHERE attributeName.dn
456 * like '%attributeName=value%'"
458 backsql_strfcat( &bsi->bsi_flt_where, "l",
459 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
460 bsi->bsi_status = LDAP_SUCCESS;
481 * Turn structuralObjectClass into objectClass
483 if ( ad == slap_schema.si_ad_objectClass
484 || ad == slap_schema.si_ad_structuralObjectClass ) {
486 * If the filter is LDAP_FILTER_PRESENT, then it's done;
487 * otherwise, let's see if we are lucky: filtering
488 * for "structural" objectclass or ancestor...
490 switch ( f->f_choice ) {
491 case LDAP_FILTER_EQUALITY:
493 ObjectClass *oc = oc_bvfind( &f->f_av_value );
496 Debug( LDAP_DEBUG_TRACE,
497 "backsql_process_filter(): "
498 "unknown objectClass \"%s\" "
500 f->f_av_value.bv_val, 0, 0 );
501 bsi->bsi_status = LDAP_OTHER;
507 * "structural" objectClass inheritance:
508 * - a search for "person" will also return
510 * - a search for "top" will return everything
512 if ( is_object_subclass( oc, bsi->bsi_oc->bom_oc ) ) {
513 goto filter_oc_success;
519 case LDAP_FILTER_PRESENT:
521 backsql_strfcat( &bsi->bsi_flt_where, "l",
522 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
523 bsi->bsi_status = LDAP_SUCCESS;
528 Debug( LDAP_DEBUG_TRACE,
529 "backsql_process_filter(): "
530 "illegal/unhandled filter "
531 "on objectClass attribute",
533 bsi->bsi_status = LDAP_OTHER;
538 } else if ( ad == slap_schema.si_ad_hasSubordinates || ad == NULL ) {
540 * FIXME: this is not robust; e.g. a filter
541 * '(!(hasSubordinates=TRUE))' fails because
542 * in SQL it would read 'NOT (1=1)' instead
544 * Note however that hasSubordinates is boolean,
545 * so a more appropriate filter would be
546 * '(hasSubordinates=FALSE)'
548 * A more robust search for hasSubordinates
549 * would * require joining the ldap_entries table
550 * selecting if there are descendants of the
553 backsql_strfcat( &bsi->bsi_flt_where, "l",
554 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
555 if ( ad == slap_schema.si_ad_hasSubordinates ) {
557 * instruct candidate selection algorithm
558 * and attribute list to try to detect
559 * if an entry has subordinates
561 bsi->bsi_flags |= BSQL_SF_FILTER_HASSUBORDINATE;
565 * clear attributes to fetch, to require ALL
566 * and try extended match on all attributes
568 backsql_attrlist_add( bsi, NULL );
575 * attribute inheritance:
577 if ( backsql_supad2at( bsi->bsi_oc, ad, &vat ) ) {
578 bsi->bsi_status = LDAP_OTHER;
584 /* search anyway; other parts of the filter
586 backsql_strfcat( &bsi->bsi_flt_where, "l",
587 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
588 bsi->bsi_status = LDAP_SUCCESS;
593 /* if required, open extra level of parens */
595 if ( vat[0]->bam_next || vat[1] ) {
596 backsql_strfcat( &bsi->bsi_flt_where, "c", '(' );
603 if ( backsql_process_filter_attr( bsi, f, vat[i] ) == -1 ) {
607 /* if more definitions of the same attr, apply */
608 if ( vat[i]->bam_next ) {
609 backsql_strfcat( &bsi->bsi_flt_where, "l",
610 STRLENOF( " OR " ), " OR " );
611 vat[i] = vat[i]->bam_next;
615 /* if more descendants of the same attr, apply */
618 backsql_strfcat( &bsi->bsi_flt_where, "l",
619 STRLENOF( " OR " ), " OR " );
623 /* if needed, close extra level of parens */
625 backsql_strfcat( &bsi->bsi_flt_where, "c", ')' );
635 Debug( LDAP_DEBUG_TRACE,
636 "<==backsql_process_filter() %s\n",
637 rc == 1 ? "succeeded" : "failed", 0, 0);
643 backsql_process_filter_eq( backsql_srch_info *bsi, backsql_at_map_rec *at,
644 int casefold, struct berval *filter_value )
647 * maybe we should check type of at->sel_expr here somehow,
648 * to know whether upper_func is applicable, but for now
649 * upper_func stuff is made for Oracle, where UPPER is
650 * safely applicable to NUMBER etc.
652 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
655 backsql_strfcat( &bsi->bsi_flt_where, "cbl",
658 (ber_len_t)STRLENOF( "='" ),
661 start = bsi->bsi_flt_where.bb_val.bv_len;
663 backsql_strfcat( &bsi->bsi_flt_where, "bl",
665 (ber_len_t)sizeof( /* (' */ "')" ) - 1,
668 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
671 backsql_strfcat( &bsi->bsi_flt_where, "cblbl",
674 (ber_len_t)STRLENOF( "='" ), "='",
676 (ber_len_t)sizeof( /* (' */ "')" ) - 1,
684 backsql_process_filter_like( backsql_srch_info *bsi, backsql_at_map_rec *at,
685 int casefold, struct berval *filter_value )
688 * maybe we should check type of at->sel_expr here somehow,
689 * to know whether upper_func is applicable, but for now
690 * upper_func stuff is made for Oracle, where UPPER is
691 * safely applicable to NUMBER etc.
693 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
696 backsql_strfcat( &bsi->bsi_flt_where, "cbl",
699 (ber_len_t)STRLENOF( " LIKE '%" ),
702 start = bsi->bsi_flt_where.bb_val.bv_len;
704 backsql_strfcat( &bsi->bsi_flt_where, "bl",
706 (ber_len_t)sizeof( /* (' */ "%')" ) - 1,
709 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
712 backsql_strfcat( &bsi->bsi_flt_where, "cblbl",
715 (ber_len_t)STRLENOF( " LIKE '%" ),
718 (ber_len_t)sizeof( /* (' */ "%')" ) - 1,
726 backsql_process_filter_attr( backsql_srch_info *bsi, Filter *f, backsql_at_map_rec *at )
728 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
730 struct berval *filter_value = NULL;
731 MatchingRule *matching_rule = NULL;
732 struct berval ordering = BER_BVC("<=");
734 Debug( LDAP_DEBUG_TRACE, "==>backsql_process_filter_attr(%s)\n",
735 at->bam_ad->ad_cname.bv_val, 0, 0 );
737 backsql_merge_from_clause( &bsi->bsi_from, &at->bam_from_tbls );
740 * need to add this attribute to list of attrs to load,
741 * so that we can do test_filter() later
743 backsql_attrlist_add( bsi, at->bam_ad );
745 if ( !BER_BVISNULL( &at->bam_join_where )
746 && strstr( bsi->bsi_join_where.bb_val.bv_val, at->bam_join_where.bv_val ) == NULL ) {
747 backsql_strfcat( &bsi->bsi_join_where, "lb",
748 (ber_len_t)STRLENOF( " AND " ), " AND ",
749 &at->bam_join_where );
752 switch ( f->f_choice ) {
753 case LDAP_FILTER_EQUALITY:
754 filter_value = &f->f_av_value;
755 matching_rule = at->bam_ad->ad_type->sat_equality;
759 /* fail over into next case */
761 case LDAP_FILTER_EXT:
762 filter_value = &f->f_mra->ma_value;
763 matching_rule = f->f_mr_rule;
766 /* always uppercase strings by now */
767 #ifdef BACKSQL_UPPERCASE_FILTER
768 if ( SLAP_MR_ASSOCIATED( matching_rule,
769 bi->bi_caseIgnoreMatch ) )
770 #endif /* BACKSQL_UPPERCASE_FILTER */
775 if ( SLAP_MR_ASSOCIATED( matching_rule,
776 bi->bi_telephoneNumberMatch ) )
782 * to check for matching telephone numbers
783 * with intermized chars, e.g. val='1234'
786 * val LIKE '%1%2%3%4%'
789 bv.bv_len = 2 * filter_value->bv_len - 1;
790 bv.bv_val = ch_malloc( bv.bv_len + 1 );
792 bv.bv_val[ 0 ] = filter_value->bv_val[ 0 ];
793 for ( i = 1; i < filter_value->bv_len; i++ ) {
794 bv.bv_val[ 2 * i - 1 ] = '%';
795 bv.bv_val[ 2 * i ] = filter_value->bv_val[ i ];
797 bv.bv_val[ 2 * i - 1 ] = '\0';
799 (void)backsql_process_filter_like( bsi, at, casefold, &bv );
800 ch_free( bv.bv_val );
806 * maybe we should check type of at->sel_expr here somehow,
807 * to know whether upper_func is applicable, but for now
808 * upper_func stuff is made for Oracle, where UPPER is
809 * safely applicable to NUMBER etc.
811 (void)backsql_process_filter_eq( bsi, at, casefold, filter_value );
815 ordering.bv_val = ">=";
817 /* fall thru to next case */
820 /* always uppercase strings by now */
821 #ifdef BACKSQL_UPPERCASE_FILTER
822 if ( SLAP_MR_ASSOCIATED( at->bam_ad->ad_type->sat_ordering,
823 bi->bi_caseIgnoreMatch ) )
824 #endif /* BACKSQL_UPPERCASE_FILTER */
830 * FIXME: should we uppercase the operands?
832 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
835 backsql_strfcat( &bsi->bsi_flt_where, "cbbc",
841 start = bsi->bsi_flt_where.bb_val.bv_len;
843 backsql_strfcat( &bsi->bsi_flt_where, "bl",
845 (ber_len_t)sizeof( /* (' */ "')" ) - 1,
848 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
851 backsql_strfcat( &bsi->bsi_flt_where, "cbbcbl",
857 (ber_len_t)sizeof( /* (' */ "')" ) - 1,
862 case LDAP_FILTER_PRESENT:
863 backsql_strfcat( &bsi->bsi_flt_where, "lbl",
864 (ber_len_t)sizeof( "NOT (" /* ) */) - 1,
867 (ber_len_t)sizeof( /* ( */ " IS NULL)" ) - 1,
868 /* ( */ " IS NULL)" );
871 case LDAP_FILTER_SUBSTRINGS:
872 backsql_process_sub_filter( bsi, f, at );
875 case LDAP_FILTER_APPROX:
879 * maybe we should check type of at->sel_expr here somehow,
880 * to know whether upper_func is applicable, but for now
881 * upper_func stuff is made for Oracle, where UPPER is
882 * safely applicable to NUMBER etc.
884 (void)backsql_process_filter_like( bsi, at, 1, &f->f_av_value );
888 /* unhandled filter type; should not happen */
890 backsql_strfcat( &bsi->bsi_flt_where, "l",
891 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
896 Debug( LDAP_DEBUG_TRACE, "<==backsql_process_filter_attr(%s)\n",
897 at->bam_ad->ad_cname.bv_val, 0, 0 );
903 backsql_srch_query( backsql_srch_info *bsi, struct berval *query )
905 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
911 Debug( LDAP_DEBUG_TRACE, "==>backsql_srch_query()\n", 0, 0, 0 );
912 BER_BVZERO( &bsi->bsi_sel.bb_val );
913 BER_BVZERO( &bsi->bsi_sel.bb_val );
914 bsi->bsi_sel.bb_len = 0;
915 BER_BVZERO( &bsi->bsi_from.bb_val );
916 bsi->bsi_from.bb_len = 0;
917 BER_BVZERO( &bsi->bsi_join_where.bb_val );
918 bsi->bsi_join_where.bb_len = 0;
919 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
920 bsi->bsi_flt_where.bb_len = 0;
922 backsql_strfcat( &bsi->bsi_sel, "lbcbc",
923 (ber_len_t)STRLENOF( "SELECT DISTINCT ldap_entries.id," ),
924 "SELECT DISTINCT ldap_entries.id,",
925 &bsi->bsi_oc->bom_keytbl,
927 &bsi->bsi_oc->bom_keycol,
930 if ( !BER_BVISNULL( &bi->strcast_func ) ) {
931 backsql_strfcat( &bsi->bsi_sel, "blbl",
933 (ber_len_t)sizeof( "('" /* ') */ ) - 1,
935 &bsi->bsi_oc->bom_oc->soc_cname,
936 (ber_len_t)sizeof( /* (' */ "')" ) - 1,
939 backsql_strfcat( &bsi->bsi_sel, "cbc",
941 &bsi->bsi_oc->bom_oc->soc_cname,
944 backsql_strfcat( &bsi->bsi_sel, "l",
945 (ber_len_t)STRLENOF( " AS objectClass,ldap_entries.dn AS dn" ),
946 " AS objectClass,ldap_entries.dn AS dn" );
948 backsql_strfcat( &bsi->bsi_from, "lb",
949 (ber_len_t)STRLENOF( " FROM ldap_entries," ),
950 " FROM ldap_entries,",
951 &bsi->bsi_oc->bom_keytbl );
953 backsql_strfcat( &bsi->bsi_join_where, "lbcbl",
954 (ber_len_t)STRLENOF( " WHERE " ), " WHERE ",
955 &bsi->bsi_oc->bom_keytbl,
957 &bsi->bsi_oc->bom_keycol,
958 (ber_len_t)STRLENOF( "=ldap_entries.keyval AND ldap_entries.oc_map_id=? AND " ),
959 "=ldap_entries.keyval AND ldap_entries.oc_map_id=? AND " );
961 switch ( bsi->bsi_scope ) {
962 case LDAP_SCOPE_BASE:
963 if ( BACKSQL_CANUPPERCASE( bi ) ) {
964 backsql_strfcat( &bsi->bsi_join_where, "bl",
966 (ber_len_t)STRLENOF( "(ldap_entries.dn)=?" ),
967 "(ldap_entries.dn)=?" );
969 backsql_strfcat( &bsi->bsi_join_where, "l",
970 (ber_len_t)STRLENOF( "ldap_entries.dn=?" ),
971 "ldap_entries.dn=?" );
975 case BACKSQL_SCOPE_BASE_LIKE:
976 if ( BACKSQL_CANUPPERCASE( bi ) ) {
977 backsql_strfcat( &bsi->bsi_join_where, "bl",
979 (ber_len_t)STRLENOF( "(ldap_entries.dn) LIKE ?" ),
980 "(ldap_entries.dn) LIKE ?" );
982 backsql_strfcat( &bsi->bsi_join_where, "l",
983 (ber_len_t)STRLENOF( "ldap_entries.dn LIKE ?" ),
984 "ldap_entries.dn LIKE ?" );
988 case LDAP_SCOPE_ONELEVEL:
989 backsql_strfcat( &bsi->bsi_join_where, "l",
990 (ber_len_t)STRLENOF( "ldap_entries.parent=?" ),
991 "ldap_entries.parent=?" );
994 case LDAP_SCOPE_SUBTREE:
995 if ( BACKSQL_CANUPPERCASE( bi ) ) {
996 backsql_strfcat( &bsi->bsi_join_where, "bl",
998 (ber_len_t)STRLENOF( "(ldap_entries.dn) LIKE ?" ),
999 "(ldap_entries.dn) LIKE ?" );
1001 backsql_strfcat( &bsi->bsi_join_where, "l",
1002 (ber_len_t)STRLENOF( "ldap_entries.dn LIKE ?" ),
1003 "ldap_entries.dn LIKE ?" );
1012 rc = backsql_process_filter( bsi, bsi->bsi_filter );
1014 struct berbuf bb = BB_NULL;
1016 backsql_strfcat( &bb, "bbblb",
1017 &bsi->bsi_sel.bb_val,
1018 &bsi->bsi_from.bb_val,
1019 &bsi->bsi_join_where.bb_val,
1020 (ber_len_t)STRLENOF( " AND " ), " AND ",
1021 &bsi->bsi_flt_where.bb_val );
1025 } else if ( rc < 0 ) {
1027 * Indicates that there's no possible way the filter matches
1028 * anything. No need to issue the query
1030 free( query->bv_val );
1031 BER_BVZERO( query );
1034 free( bsi->bsi_sel.bb_val.bv_val );
1035 BER_BVZERO( &bsi->bsi_sel.bb_val );
1036 bsi->bsi_sel.bb_len = 0;
1037 free( bsi->bsi_from.bb_val.bv_val );
1038 BER_BVZERO( &bsi->bsi_from.bb_val );
1039 bsi->bsi_from.bb_len = 0;
1040 free( bsi->bsi_join_where.bb_val.bv_val );
1041 BER_BVZERO( &bsi->bsi_join_where.bb_val );
1042 bsi->bsi_join_where.bb_len = 0;
1043 free( bsi->bsi_flt_where.bb_val.bv_val );
1044 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
1045 bsi->bsi_flt_where.bb_len = 0;
1047 Debug( LDAP_DEBUG_TRACE, "<==backsql_srch_query() returns %s\n",
1048 query->bv_val ? query->bv_val : "NULL", 0, 0 );
1050 return ( rc <= 0 ? 1 : 0 );
1054 backsql_oc_get_candidates( void *v_oc, void *v_bsi )
1056 backsql_oc_map_rec *oc = v_oc;
1057 backsql_srch_info *bsi = v_bsi;
1058 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
1059 struct berval query;
1062 backsql_entryID base_id = BACKSQL_ENTRYID_INIT;
1064 BACKSQL_ROW_NTS row;
1067 int n_candidates = bsi->bsi_n_candidates;
1070 * + 1 because we need room for '%'; this makes a subtree
1071 * search for a DN BACKSQL_MAX_DN_LEN long legal
1072 * if it returns that DN only
1074 char temp_base_dn[ BACKSQL_MAX_DN_LEN + 1 + 1 ];
1076 bsi->bsi_status = LDAP_SUCCESS;
1078 Debug( LDAP_DEBUG_TRACE, "==>backsql_oc_get_candidates(): oc=\"%s\"\n",
1079 BACKSQL_OC_NAME( oc ), 0, 0 );
1081 if ( bsi->bsi_n_candidates == -1 ) {
1082 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1083 "unchecked limit has been overcome\n", 0, 0, 0 );
1084 /* should never get here */
1086 bsi->bsi_status = LDAP_ADMINLIMIT_EXCEEDED;
1087 return BACKSQL_AVL_STOP;
1091 res = backsql_srch_query( bsi, &query );
1093 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1094 "error while constructing query for objectclass \"%s\"\n",
1095 oc->bom_oc->soc_cname.bv_val, 0, 0 );
1097 * FIXME: need to separate errors from legally
1098 * impossible filters
1100 switch ( bsi->bsi_status ) {
1102 case LDAP_UNDEFINED_TYPE:
1103 case LDAP_NO_SUCH_OBJECT:
1104 /* we are conservative... */
1106 bsi->bsi_status = LDAP_SUCCESS;
1108 return BACKSQL_AVL_CONTINUE;
1110 case LDAP_ADMINLIMIT_EXCEEDED:
1112 /* don't try any more */
1113 return BACKSQL_AVL_STOP;
1117 if ( BER_BVISNULL( &query ) ) {
1118 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1119 "could not construct query for objectclass \"%s\"\n",
1120 oc->bom_oc->soc_cname.bv_val, 0, 0 );
1121 bsi->bsi_status = LDAP_SUCCESS;
1122 return BACKSQL_AVL_CONTINUE;
1125 Debug( LDAP_DEBUG_TRACE, "Constructed query: %s\n",
1126 query.bv_val, 0, 0 );
1128 rc = backsql_Prepare( bsi->bsi_dbh, &sth, query.bv_val, 0 );
1129 free( query.bv_val );
1130 BER_BVZERO( &query );
1131 if ( rc != SQL_SUCCESS ) {
1132 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1133 "error preparing query\n", 0, 0, 0 );
1134 backsql_PrintErrors( bi->db_env, bsi->bsi_dbh, sth, rc );
1135 bsi->bsi_status = LDAP_OTHER;
1136 return BACKSQL_AVL_CONTINUE;
1139 Debug( LDAP_DEBUG_TRACE, "id: '%ld'\n", bsi->bsi_oc->bom_id, 0, 0 );
1141 if ( backsql_BindParamID( sth, 1, &bsi->bsi_oc->bom_id ) != SQL_SUCCESS ) {
1142 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1143 "error binding objectclass id parameter\n", 0, 0, 0 );
1144 bsi->bsi_status = LDAP_OTHER;
1145 return BACKSQL_AVL_CONTINUE;
1148 switch ( bsi->bsi_scope ) {
1149 case LDAP_SCOPE_BASE:
1150 case BACKSQL_SCOPE_BASE_LIKE:
1152 * We do not accept DNs longer than BACKSQL_MAX_DN_LEN;
1153 * however this should be handled earlier
1155 if ( bsi->bsi_base_dn->bv_len > BACKSQL_MAX_DN_LEN ) {
1156 bsi->bsi_status = LDAP_OTHER;
1157 return BACKSQL_AVL_CONTINUE;
1160 AC_MEMCPY( temp_base_dn, bsi->bsi_base_dn->bv_val,
1161 bsi->bsi_base_dn->bv_len + 1 );
1163 /* uppercase DN only if the stored DN can be uppercased
1165 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1166 ldap_pvt_str2upper( temp_base_dn );
1169 Debug( LDAP_DEBUG_TRACE, "(base)dn: \"%s\"\n",
1170 temp_base_dn, 0, 0 );
1172 rc = backsql_BindParamStr( sth, 2, temp_base_dn,
1173 BACKSQL_MAX_DN_LEN );
1174 if ( rc != SQL_SUCCESS ) {
1175 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1176 "error binding base_dn parameter\n", 0, 0, 0 );
1177 backsql_PrintErrors( bi->db_env, bsi->bsi_dbh,
1179 bsi->bsi_status = LDAP_OTHER;
1180 return BACKSQL_AVL_CONTINUE;
1184 case LDAP_SCOPE_SUBTREE: {
1186 * We do not accept DNs longer than BACKSQL_MAX_DN_LEN;
1187 * however this should be handled earlier
1189 if ( bsi->bsi_base_dn->bv_len > BACKSQL_MAX_DN_LEN ) {
1190 bsi->bsi_status = LDAP_OTHER;
1191 return BACKSQL_AVL_CONTINUE;
1195 * Sets the parameters for the SQL built earlier
1196 * NOTE that all the databases could actually use
1197 * the TimesTen version, which would be cleaner
1198 * and would also eliminate the need for the
1199 * subtree_cond line in the configuration file.
1200 * For now, I'm leaving it the way it is,
1201 * so non-TimesTen databases use the original code.
1202 * But at some point this should get cleaned up.
1204 * If "dn" is being used, do a suffix search.
1205 * If "dn_ru" is being used, do a prefix search.
1207 if ( BACKSQL_HAS_LDAPINFO_DN_RU( bi ) ) {
1208 temp_base_dn[ 0 ] = '\0';
1209 for ( i = 0, j = bsi->bsi_base_dn->bv_len - 1;
1211 temp_base_dn[ i ] = bsi->bsi_base_dn->bv_val[ j ];
1213 temp_base_dn[ i ] = '%';
1214 temp_base_dn[ i + 1 ] = '\0';
1217 temp_base_dn[ 0 ] = '%';
1218 AC_MEMCPY( &temp_base_dn[ 1 ], bsi->bsi_base_dn->bv_val,
1219 bsi->bsi_base_dn->bv_len + 1 );
1222 /* uppercase DN only if the stored DN can be uppercased
1224 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1225 ldap_pvt_str2upper( temp_base_dn );
1228 Debug( LDAP_DEBUG_TRACE, "(sub)dn: \"%s\"\n", temp_base_dn,
1231 rc = backsql_BindParamStr( sth, 2, temp_base_dn,
1232 BACKSQL_MAX_DN_LEN );
1233 if ( rc != SQL_SUCCESS ) {
1234 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1235 "error binding base_dn parameter (2)\n",
1237 backsql_PrintErrors( bi->db_env, bsi->bsi_dbh,
1239 bsi->bsi_status = LDAP_OTHER;
1240 return BACKSQL_AVL_CONTINUE;
1245 case LDAP_SCOPE_ONELEVEL:
1246 res = backsql_dn2id( bi, &base_id,
1247 bsi->bsi_dbh, bsi->bsi_base_dn );
1248 if ( res != LDAP_SUCCESS ) {
1249 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1250 "could not retrieve base_dn id%s\n",
1251 res == LDAP_NO_SUCH_OBJECT ? ": no such entry"
1253 bsi->bsi_status = res;
1254 return BACKSQL_AVL_CONTINUE;
1257 #ifdef BACKSQL_ARBITRARY_KEY
1258 Debug( LDAP_DEBUG_TRACE, "(one)id: \"%s\"\n",
1259 base_id.eid_id.bv_val, 0, 0 );
1261 rc = backsql_BindParamStr( sth, 2, base_id.eid_id.bv_val,
1262 BACKSQL_MAX_KEY_LEN );
1263 #else /* ! BACKSQL_ARBITRARY_KEY */
1264 Debug( LDAP_DEBUG_TRACE, "(one)id: '%lu'\n", base_id.eid_id,
1267 rc = backsql_BindParamID( sth, 2, &base_id.eid_id );
1268 #endif /* ! BACKSQL_ARBITRARY_KEY */
1269 backsql_free_entryID( &base_id, 0 );
1270 if ( rc != SQL_SUCCESS ) {
1271 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1272 "error binding base id parameter\n", 0, 0, 0 );
1273 bsi->bsi_status = LDAP_OTHER;
1274 return BACKSQL_AVL_CONTINUE;
1279 rc = SQLExecute( sth );
1280 if ( !BACKSQL_SUCCESS( rc ) ) {
1281 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1282 "error executing query\n", 0, 0, 0 );
1283 backsql_PrintErrors( bi->db_env, bsi->bsi_dbh, sth, rc );
1284 SQLFreeStmt( sth, SQL_DROP );
1285 bsi->bsi_status = LDAP_OTHER;
1286 return BACKSQL_AVL_CONTINUE;
1289 backsql_BindRowAsStrings( sth, &row );
1290 rc = SQLFetch( sth );
1291 for ( ; BACKSQL_SUCCESS( rc ); rc = SQLFetch( sth ) ) {
1293 backsql_entryID *c_id = NULL;
1295 ber_str2bv( row.cols[ 3 ], 0, 0, &dn );
1297 if ( backsql_api_odbc2dn( bsi->bsi_op, bsi->bsi_rs, &dn ) ) {
1301 c_id = (backsql_entryID *)ch_calloc( 1,
1302 sizeof( backsql_entryID ) );
1303 #ifdef BACKSQL_ARBITRARY_KEY
1304 ber_str2bv( row.cols[ 0 ], 0, 1, &c_id->eid_id );
1305 ber_str2bv( row.cols[ 1 ], 0, 1, &c_id->eid_keyval );
1306 #else /* ! BACKSQL_ARBITRARY_KEY */
1307 c_id->eid_id = strtol( row.cols[ 0 ], NULL, 0 );
1308 c_id->eid_keyval = strtol( row.cols[ 1 ], NULL, 0 );
1309 #endif /* ! BACKSQL_ARBITRARY_KEY */
1310 c_id->eid_oc_id = bsi->bsi_oc->bom_id;
1312 if ( dn.bv_val == row.cols[ 3 ] ) {
1313 ber_dupbv( &c_id->eid_dn, &dn );
1318 c_id->eid_next = bsi->bsi_id_list;
1319 bsi->bsi_id_list = c_id;
1320 bsi->bsi_n_candidates--;
1322 #ifdef BACKSQL_ARBITRARY_KEY
1323 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1324 "added entry id=%s, keyval=%s dn=\"%s\"\n",
1325 c_id->eid_id.bv_val, c_id->eid_keyval.bv_val,
1327 #else /* ! BACKSQL_ARBITRARY_KEY */
1328 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1329 "added entry id=%ld, keyval=%ld dn=\"%s\"\n",
1330 c_id->eid_id, c_id->eid_keyval, row.cols[ 3 ] );
1331 #endif /* ! BACKSQL_ARBITRARY_KEY */
1333 if ( bsi->bsi_n_candidates == -1 ) {
1337 backsql_FreeRow( &row );
1338 SQLFreeStmt( sth, SQL_DROP );
1340 Debug( LDAP_DEBUG_TRACE, "<==backsql_oc_get_candidates(): %d\n",
1341 n_candidates - bsi->bsi_n_candidates, 0, 0 );
1343 return ( bsi->bsi_n_candidates == -1 ? BACKSQL_AVL_STOP : BACKSQL_AVL_CONTINUE );
1347 backsql_search( Operation *op, SlapReply *rs )
1349 backsql_info *bi = (backsql_info *)op->o_bd->be_private;
1352 Entry user_entry = { 0 };
1354 time_t stoptime = 0;
1355 backsql_srch_info srch_info;
1356 backsql_entryID *eid = NULL;
1359 manageDSAit = get_manageDSAit( op );
1361 Debug( LDAP_DEBUG_TRACE, "==>backsql_search(): "
1362 "base=\"%s\", filter=\"%s\", scope=%d,",
1363 op->o_req_ndn.bv_val,
1364 op->ors_filterstr.bv_val,
1366 Debug( LDAP_DEBUG_TRACE, " deref=%d, attrsonly=%d, "
1367 "attributes to load: %s\n",
1370 op->ors_attrs == NULL ? "all" : "custom list" );
1372 if ( op->o_req_ndn.bv_len > BACKSQL_MAX_DN_LEN ) {
1373 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1374 "search base length (%ld) exceeds max length (%ld)\n",
1375 op->o_req_ndn.bv_len, BACKSQL_MAX_DN_LEN, 0 );
1377 * FIXME: a LDAP_NO_SUCH_OBJECT could be appropriate
1378 * since it is impossible that such a long DN exists
1381 rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
1382 send_ldap_result( op, rs );
1386 sres = backsql_get_db_conn( op, &dbh );
1387 if ( sres != LDAP_SUCCESS ) {
1388 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1389 "could not get connection handle - exiting\n",
1392 rs->sr_text = sres == LDAP_OTHER ? "SQL-backend error" : NULL;
1393 send_ldap_result( op, rs );
1397 /* compute it anyway; root does not use it */
1398 stoptime = op->o_time + op->ors_tlimit;
1400 base = op->o_req_dn;
1401 if ( backsql_api_dn2odbc( op, rs, &base ) ) {
1402 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1403 "backsql_api_dn2odbc failed\n",
1405 rs->sr_err = LDAP_OTHER;
1406 rs->sr_text = "SQL-backend error";
1407 send_ldap_result( op, rs );
1411 backsql_init_search( &srch_info, &base,
1413 op->ors_slimit, op->ors_tlimit,
1414 stoptime, op->ors_filter,
1415 dbh, op, rs, op->ors_attrs );
1418 * for each objectclass we try to construct query which gets IDs
1419 * of entries matching LDAP query filter and scope (or at least
1420 * candidates), and get the IDs
1422 srch_info.bsi_n_candidates =
1423 ( op->ors_limit == NULL /* isroot == FALSE */ ? -2 :
1424 ( op->ors_limit->lms_s_unchecked == -1 ? -2 :
1425 ( op->ors_limit->lms_s_unchecked ) ) );
1426 avl_apply( bi->oc_by_oc, backsql_oc_get_candidates,
1427 &srch_info, BACKSQL_AVL_STOP, AVL_INORDER );
1428 if ( op->ors_limit != NULL /* isroot == TRUE */
1429 && op->ors_limit->lms_s_unchecked != -1
1430 && srch_info.bsi_n_candidates == -1 )
1432 rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
1433 send_ldap_result( op, rs );
1438 * now we load candidate entries (only those attributes
1439 * mentioned in attrs and filter), test it against full filter
1440 * and then send to client
1442 for ( eid = srch_info.bsi_id_list;
1444 eid = backsql_free_entryID( eid, 1 ) )
1447 Attribute *hasSubordinate = NULL,
1450 /* check for abandon */
1451 if ( op->o_abandon ) {
1455 /* check time limit */
1456 if ( op->ors_tlimit != SLAP_NO_LIMIT
1457 && slap_get_time() > stoptime )
1459 rs->sr_err = LDAP_TIMELIMIT_EXCEEDED;
1460 rs->sr_ctrls = NULL;
1461 rs->sr_ref = rs->sr_v2ref;
1462 rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS
1464 send_ldap_result( op, rs );
1468 #ifdef BACKSQL_ARBITRARY_KEY
1469 Debug(LDAP_DEBUG_TRACE, "backsql_search(): loading data "
1470 "for entry id=%s, oc_id=%ld, keyval=%s\n",
1471 eid->eid_id.bv_val, eid->eid_oc_id,
1472 eid->eid_keyval.bv_val );
1473 #else /* ! BACKSQL_ARBITRARY_KEY */
1474 Debug(LDAP_DEBUG_TRACE, "backsql_search(): loading data "
1475 "for entry id=%ld, oc_id=%ld, keyval=%ld\n",
1476 eid->eid_id, eid->eid_oc_id, eid->eid_keyval );
1477 #endif /* ! BACKSQL_ARBITRARY_KEY */
1479 srch_info.bsi_e = &user_entry;
1480 rc = backsql_id2entry( &srch_info, eid );
1481 if ( rc != LDAP_SUCCESS ) {
1482 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1483 "error %d in backsql_id2entry() "
1484 "- skipping\n", rc, 0, 0 );
1488 if ( !manageDSAit &&
1489 op->ors_scope != LDAP_SCOPE_BASE &&
1490 op->ors_scope != BACKSQL_SCOPE_BASE_LIKE &&
1491 is_entry_referral( &user_entry ) )
1494 struct berval matched_dn;
1496 ber_dupbv( &matched_dn, &user_entry.e_name );
1497 refs = get_entry_referrals( op, &user_entry );
1499 rs->sr_ref = referral_rewrite( refs,
1500 &matched_dn, &op->o_req_dn,
1502 ber_bvarray_free( refs );
1505 if ( !rs->sr_ref ) {
1506 rs->sr_text = "bad_referral object";
1509 rs->sr_err = LDAP_REFERRAL;
1510 rs->sr_matched = matched_dn.bv_val;
1511 send_search_reference( op, rs );
1513 ber_bvarray_free( rs->sr_ref );
1515 ber_memfree( matched_dn.bv_val );
1516 rs->sr_matched = NULL;
1522 * We use this flag since we need to parse the filter
1523 * anyway; we should have used the frontend API function
1524 * filter_has_subordinates()
1526 if ( srch_info.bsi_flags & BSQL_SF_FILTER_HASSUBORDINATE ) {
1527 rc = backsql_has_children( bi, dbh, &user_entry.e_nname );
1530 case LDAP_COMPARE_TRUE:
1531 case LDAP_COMPARE_FALSE:
1532 hasSubordinate = slap_operational_hasSubordinate( rc == LDAP_COMPARE_TRUE );
1533 if ( hasSubordinate != NULL ) {
1534 for ( a = user_entry.e_attrs;
1538 a->a_next = hasSubordinate;
1544 Debug(LDAP_DEBUG_TRACE,
1545 "backsql_search(): "
1546 "has_children failed( %d)\n",
1557 if ( test_filter( op, &user_entry, op->ors_filter )
1558 == LDAP_COMPARE_TRUE ) {
1559 if ( hasSubordinate && !( srch_info.bsi_flags & BSQL_SF_ALL_OPER )
1560 && !ad_inlist( slap_schema.si_ad_hasSubordinates, op->ors_attrs ) ) {
1562 attr_free( hasSubordinate );
1563 hasSubordinate = NULL;
1566 #if 0 /* noop is masked SLAP_CTRL_UPDATE */
1572 rs->sr_attrs = op->ors_attrs;
1573 rs->sr_operational_attrs = NULL;
1574 rs->sr_entry = &user_entry;
1575 rs->sr_flags = REP_ENTRY_MODIFIABLE;
1576 sres = send_search_entry( op, rs );
1577 rs->sr_entry = NULL;
1578 rs->sr_attrs = NULL;
1579 rs->sr_operational_attrs = NULL;
1587 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1588 "connection lost\n", 0, 0, 0 );
1593 * FIXME: send_search_entry failed;
1599 entry_clean( &user_entry );
1601 if ( op->ors_slimit != SLAP_NO_LIMIT
1602 && rs->sr_nentries >= op->ors_slimit )
1604 rs->sr_err = LDAP_SIZELIMIT_EXCEEDED;
1605 send_ldap_result( op, rs );
1611 /* in case we got here accidentally */
1612 entry_clean( &user_entry );
1614 if ( rs->sr_nentries > 0 ) {
1615 rs->sr_ref = rs->sr_v2ref;
1616 rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS
1620 rs->sr_err = srch_info.bsi_status;
1622 send_ldap_result( op, rs );
1624 if ( rs->sr_v2ref ) {
1625 ber_bvarray_free( rs->sr_v2ref );
1626 rs->sr_v2ref = NULL;
1630 ch_free( srch_info.bsi_attrs );
1631 if ( base.bv_val != op->o_req_ndn.bv_val ) {
1632 ch_free( base.bv_val );
1635 Debug( LDAP_DEBUG_TRACE, "<==backsql_search()\n", 0, 0, 0 );
1639 #endif /* SLAPD_SQL */