2 * Copyright 1999, Dmitry Kovalev <mit@openldap.org>, All rights reserved.
4 * Redistribution and use in source and binary forms are permitted only
5 * as authorized by the OpenLDAP Public License. A copy of this
6 * license is available at http://www.OpenLDAP.org/license.html or
7 * in file LICENSE in the top-level directory of the distribution.
15 #include <sys/types.h>
16 #include "ac/string.h"
22 #include "schema-map.h"
26 static int backsql_process_filter( backsql_srch_info *bsi, Filter *f );
29 backsql_attrlist_add( backsql_srch_info *bsi, AttributeDescription *ad )
32 AttributeName *an = NULL;
34 if ( bsi->attrs == NULL ) {
39 * clear the list (retrieve all attrs)
42 ch_free( bsi->attrs );
47 for ( ; bsi->attrs[ n_attrs ].an_name.bv_val; n_attrs++ ) {
48 an = &bsi->attrs[ n_attrs ];
50 Debug( LDAP_DEBUG_TRACE, "==>backsql_attrlist_add(): "
51 "attribute '%s' is in list\n",
52 an->an_name.bv_val, 0, 0 );
54 * We can live with strcmp because the attribute
55 * list has been normalized before calling be_search
57 if ( !BACKSQL_NCMP( &an->an_name, &ad->ad_cname ) ) {
62 Debug( LDAP_DEBUG_TRACE, "==>backsql_attrlist_add(): "
63 "adding '%s' to list\n", ad->ad_cname.bv_val, 0, 0 );
65 an = (AttributeName *)ch_realloc( bsi->attrs,
66 sizeof( AttributeName ) * ( n_attrs + 2 ) );
71 an[ n_attrs ].an_name = ad->ad_cname;
72 an[ n_attrs ].an_desc = ad;
73 an[ n_attrs + 1 ].an_name.bv_val = NULL;
74 an[ n_attrs + 1 ].an_name.bv_len = 0;
83 backsql_srch_info *bsi,
95 AttributeName *attrs )
101 bsi->slimit = slimit;
102 bsi->tlimit = tlimit;
103 bsi->filter = filter;
113 if ( attrs == NULL || an_find( attrs, &AllUser ) ) {
117 bsi->attrs = (AttributeName *)ch_calloc( 1,
118 sizeof( AttributeName ) );
119 bsi->attrs[ 0 ].an_name.bv_val = NULL;
120 bsi->attrs[ 0 ].an_name.bv_len = 0;
122 for ( p = attrs; p->an_name.bv_val; p++ ) {
124 * ignore "1.1"; handle "+"
126 if ( BACKSQL_NCMP( &p->an_name, &AllOper ) == 0 ) {
127 bsi->bsi_flags |= BSQL_SF_ALL_OPER;
130 } else if ( BACKSQL_NCMP( &p->an_name, &NoAttrs ) == 0 ) {
134 backsql_attrlist_add( bsi, p->an_desc );
140 bsi->n_candidates = 0;
141 bsi->stoptime = stoptime;
143 bsi->sel.bv_val = NULL;
146 bsi->from.bv_val = NULL;
147 bsi->from.bv_len = 0;
149 bsi->join_where.bv_val = NULL;
150 bsi->join_where.bv_len = 0;
152 bsi->flt_where.bv_val = NULL;
153 bsi->flt_where.bv_len = 0;
156 bsi->status = LDAP_SUCCESS;
160 backsql_process_filter_list( backsql_srch_info *bsi, Filter *f, int op )
168 backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len, "c", '(' /* ) */ );
171 res = backsql_process_filter( bsi, f );
174 * TimesTen : If the query has no answers,
175 * don't bother to run the query.
186 case LDAP_FILTER_AND:
187 backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len, "l",
188 (ber_len_t)sizeof( " AND " ) - 1,
193 backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len, "l",
194 (ber_len_t)sizeof( " OR " ) - 1,
200 backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len, "c", /* ( */ ')' );
206 backsql_process_sub_filter( backsql_srch_info *bsi, Filter *f )
209 backsql_at_map_rec *at;
215 at = backsql_ad2at( bsi->oc, f->f_sub_desc );
220 * When dealing with case-sensitive strings
221 * we may omit normalization; however, normalized
222 * SQL filters are more liberal.
225 backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len, "c", '(' /* ) */ );
228 Debug( LDAP_DEBUG_TRACE, "expr: '%s' '%s'\n", at->sel_expr.bv_val,
229 at->sel_expr_u.bv_val ? at->sel_expr_u.bv_val : "<NULL>", 0 );
230 if ( bsi->bi->upper_func.bv_val ) {
232 * If a pre-upper-cased version of the column exists, use it
234 if ( at->sel_expr_u.bv_val ) {
235 backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len,
238 (ber_len_t)sizeof( " LIKE '" ) - 1,
241 backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len,
243 &bsi->bi->upper_func,
247 (ber_len_t)sizeof( " LIKE '" ) - 1,
251 backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len, "bl",
253 (ber_len_t)sizeof( " LIKE '" ) - 1, " LIKE '" );
256 if ( f->f_sub_initial.bv_val != NULL ) {
259 start = bsi->flt_where.bv_len;
260 backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len, "b",
262 if ( bsi->bi->upper_func.bv_val ) {
263 ldap_pvt_str2upper( &bsi->flt_where.bv_val[ start ] );
267 backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len, "c", '%' );
269 if ( f->f_sub_any != NULL ) {
270 for ( i = 0; f->f_sub_any[ i ].bv_val != NULL; i++ ) {
274 Debug( LDAP_DEBUG_TRACE,
275 "==>backsql_process_sub_filter(): "
276 "sub_any='%s'\n", f->f_sub_any[ i ].bv_val,
278 #endif /* BACKSQL_TRACE */
280 start = bsi->flt_where.bv_len;
281 backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len,
285 if ( bsi->bi->upper_func.bv_val ) {
287 * Note: toupper('%') = '%'
289 ldap_pvt_str2upper( &bsi->flt_where.bv_val[ start ] );
293 if ( f->f_sub_final.bv_val != NULL ) {
296 start = bsi->flt_where.bv_len;
297 backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len, "b",
299 if ( bsi->bi->upper_func.bv_val ) {
300 ldap_pvt_str2upper( &bsi->flt_where.bv_val[ start ] );
305 backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len, "l",
306 (ber_len_t)sizeof( /* (' */ "')" ) - 1, /* ( */ "')" );
312 backsql_process_filter( backsql_srch_info *bsi, Filter *f )
314 backsql_at_map_rec *at;
315 backsql_at_map_rec oc_attr = {
316 slap_schema.si_ad_objectClass, BER_BVC(""), BER_BVC(""),
317 BER_BVNULL, NULL, NULL, NULL };
318 AttributeDescription *ad = NULL;
324 Debug( LDAP_DEBUG_TRACE, "==>backsql_process_filter()\n", 0, 0, 0 );
325 if ( f == NULL || f->f_choice == SLAPD_FILTER_COMPUTED ) {
329 switch( f->f_choice ) {
331 rc = backsql_process_filter_list( bsi, f->f_or,
336 case LDAP_FILTER_AND:
337 rc = backsql_process_filter_list( bsi, f->f_and,
342 case LDAP_FILTER_NOT:
343 backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len, "l",
344 (ber_len_t)sizeof( "NOT (" /* ) */ ) - 1,
346 rc = backsql_process_filter( bsi, f->f_not );
347 backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len, "c",
352 case LDAP_FILTER_PRESENT:
356 case LDAP_FILTER_EXT:
357 ad = f->f_mra->ma_desc;
366 /* TimesTen : Don't run the query */
375 * Turn structuralObjectClass into objectClass
377 if ( ad == slap_schema.si_ad_objectClass
378 || ad == slap_schema.si_ad_structuralObjectClass ) {
380 backsql_strfcat( &at->sel_expr, &len, "cbc",
382 &bsi->oc->oc->soc_cname,
385 #if defined(SLAP_X_FILTER_HASSUBORDINATES) || defined(SLAP_X_MRA_MATCH_DNATTRS)
386 } else if ( ad == slap_schema.si_ad_hasSubordinates || ad == NULL ) {
388 * FIXME: this is not robust; e.g. a filter
389 * '(!(hasSubordinates=TRUE))' fails because
390 * in SQL it would read 'NOT (1=1)' instead
392 * Note however that hasSubordinates is boolean,
393 * so a more appropriate filter would be
394 * '(hasSubordinates=FALSE)'
396 backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len, "l",
397 (ber_len_t)sizeof( "1=1" ) - 1, "1=1" );
400 * We use this flag since we need to parse
401 * the filter anyway; we should have used
402 * the frontend API function
403 * filter_has_subordinates()
405 bsi->bsi_flags |= BSQL_SF_FILTER_HASSUBORDINATE;
408 * clear attributes to fetch, to require ALL
409 * and try extended match on all attributes
411 backsql_attrlist_add( bsi, NULL );
414 #endif /* SLAP_X_FILTER_HASSUBORDINATES || SLAP_X_MRA_MATCH_DNATTRS */
417 at = backsql_ad2at( bsi->oc, ad );
421 Debug( LDAP_DEBUG_TRACE, "backsql_process_filter(): "
422 "attribute '%s' is not defined for objectclass '%s'\n",
423 ad->ad_cname.bv_val, BACKSQL_OC_NAME( bsi->oc ), 0 );
424 backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len, "l",
425 (ber_len_t)sizeof( "1=0" ) - 1, "1=0" );
429 backsql_merge_from_clause( &bsi->from, &bsi->from_len,
432 * need to add this attribute to list of attrs to load,
433 * so that we could do test_filter() later
435 backsql_attrlist_add( bsi, ad );
437 if ( at->join_where.bv_val != NULL
438 && strstr( bsi->join_where.bv_val, at->join_where.bv_val ) == NULL ) {
439 backsql_strfcat( &bsi->join_where, &bsi->jwhere_len, "lb",
440 (ber_len_t)sizeof( " AND " ) - 1, " AND ",
446 * FIXME: this is not required any more; however, note that
447 * attribute name syntax might collide with SQL legal aliases
449 if ( at != &oc_attr ) {
450 backsql_strfcat( &bsi->sel, &bsi->sel_len, "cblb",
453 (ber_len_t)sizeof( " AS " ) - 1, " AS ",
458 switch ( f->f_choice ) {
459 case LDAP_FILTER_EQUALITY:
461 * maybe we should check type of at->sel_expr here somehow,
462 * to know whether upper_func is applicable, but for now
463 * upper_func stuff is made for Oracle, where UPPER is
464 * safely applicable to NUMBER etc.
466 if ( bsi->bi->upper_func.bv_val ) {
469 if ( at->sel_expr_u.bv_val ) {
470 backsql_strfcat( &bsi->flt_where,
471 &bsi->fwhere_len, "cbl",
474 (ber_len_t)sizeof( "='" ) - 1,
477 backsql_strfcat( &bsi->flt_where,
478 &bsi->fwhere_len, "cbcbl",
480 &bsi->bi->upper_func,
483 (ber_len_t)sizeof( /* ( */ ")='" ) - 1,
487 start = bsi->flt_where.bv_len;
489 backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len,
492 (ber_len_t)sizeof( /* (' */ "')" ) - 1,
495 ldap_pvt_str2upper( &bsi->flt_where.bv_val[ start ] );
498 backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len,
502 (ber_len_t)sizeof( "='" ) - 1, "='",
504 (ber_len_t)sizeof( /* (' */ "')" ) - 1,
511 * FIXME: should we uppercase the operands?
513 backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len, "cblbc",
516 (ber_len_t)sizeof( ">=" ) - 1, ">=",
523 * FIXME: should we uppercase the operands?
525 backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len, "cblbc",
528 (ber_len_t)sizeof( "<=" ) - 1, "<=",
533 case LDAP_FILTER_PRESENT:
534 backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len, "lbl",
535 (ber_len_t)sizeof( "NOT (" ) - 1, "NOT (",
537 (ber_len_t)sizeof( " IS NULL)" ) - 1, " IS NULL)" );
540 case LDAP_FILTER_SUBSTRINGS:
541 backsql_process_sub_filter( bsi, f );
546 if ( oc_attr.sel_expr.bv_val != NULL ) {
547 free( oc_attr.sel_expr.bv_val );
550 Debug( LDAP_DEBUG_TRACE, "<==backsql_process_filter()\n", 0, 0, 0 );
554 if ( oc_attr.sel_expr.bv_val != NULL ) {
555 free( oc_attr.sel_expr.bv_val );
557 Debug( LDAP_DEBUG_TRACE, "<==backsql_process_filter() returns -1\n",
563 backsql_srch_query( backsql_srch_info *bsi, struct berval *query )
565 backsql_info *bi = (backsql_info *)bsi->be->be_private;
570 query->bv_val = NULL;
573 Debug( LDAP_DEBUG_TRACE, "==>backsql_srch_query()\n", 0, 0, 0 );
574 bsi->sel.bv_val = NULL;
577 bsi->from.bv_val = NULL;
578 bsi->from.bv_len = 0;
580 bsi->join_where.bv_val = NULL;
581 bsi->join_where.bv_len = 0;
583 bsi->flt_where.bv_val = NULL;
584 bsi->flt_where.bv_len = 0;
589 * FIXME: this query has been split in case a string cast function
590 * is defined; more sophisticated (pattern based) function should
593 backsql_strcat( &bsi->sel, &bsi->sel_len,
594 "SELECT DISTINCT ldap_entries.id,",
595 bsi->oc->keytbl.bv_val, ".", bsi->oc->keycol.bv_val,
596 ",'", bsi->oc->name.bv_val, "' AS objectClass",
597 ",ldap_entries.dn AS dn", NULL );
600 backsql_strfcat( &bsi->sel, &bsi->sel_len, "lbcbc",
601 (ber_len_t)sizeof( "SELECT DISTINCT ldap_entries.id," ) - 1,
602 "SELECT DISTINCT ldap_entries.id,",
608 if ( bi->strcast_func.bv_val ) {
609 backsql_strfcat( &bsi->sel, &bsi->sel_len, "blbl",
611 (ber_len_t)sizeof( "('" /* ') */ ) - 1,
613 &bsi->oc->oc->soc_cname,
614 (ber_len_t)sizeof( /* (' */ "')" ) - 1,
617 backsql_strfcat( &bsi->sel, &bsi->sel_len, "cbc",
619 &bsi->oc->oc->soc_cname,
622 backsql_strfcat( &bsi->sel, &bsi->sel_len, "l",
623 (ber_len_t)sizeof( " AS objectClass,ldap_entries.dn AS dn" ) - 1,
624 " AS objectClass,ldap_entries.dn AS dn" );
626 backsql_strfcat( &bsi->from, &bsi->from_len, "lb",
627 (ber_len_t)sizeof( " FROM ldap_entries," ) - 1,
628 " FROM ldap_entries,",
631 backsql_strfcat( &bsi->join_where, &bsi->jwhere_len, "lbcbl",
632 (ber_len_t)sizeof( " WHERE " ) - 1, " WHERE ",
636 (ber_len_t)sizeof( "=ldap_entries.keyval AND ldap_entries.oc_map_id=? AND " ) - 1,
637 "=ldap_entries.keyval AND ldap_entries.oc_map_id=? AND " );
639 switch ( bsi->scope ) {
640 case LDAP_SCOPE_BASE:
641 if ( bsi->bi->upper_func.bv_val ) {
642 backsql_strfcat( &bsi->join_where, &bsi->jwhere_len,
644 &bsi->bi->upper_func,
645 (ber_len_t)sizeof( "(ldap_entries.dn)=" ) - 1,
646 "(ldap_entries.dn)=",
647 &bsi->bi->upper_func_open,
649 &bsi->bi->upper_func_close );
651 backsql_strfcat( &bsi->join_where, &bsi->jwhere_len,
653 (ber_len_t)sizeof( "ldap_entries.dn=?" ) - 1,
654 "ldap_entries.dn=?" );
658 case LDAP_SCOPE_ONELEVEL:
659 backsql_strfcat( &bsi->join_where, &bsi->jwhere_len, "l",
660 (ber_len_t)sizeof( "ldap_entries.parent=?" ) - 1,
661 "ldap_entries.parent=?" );
664 case LDAP_SCOPE_SUBTREE:
665 backsql_strfcat( &bsi->join_where, &bsi->jwhere_len, "b",
666 &bsi->bi->subtree_cond );
673 rc = backsql_process_filter( bsi, bsi->filter );
675 backsql_strfcat( query, &q_len, "bbblb",
679 (ber_len_t)sizeof( " AND " ) - 1, " AND ",
682 } else if ( rc < 0 ) {
684 * Indicates that there's no possible way the filter matches
685 * anything. No need to issue the query
687 Debug( LDAP_DEBUG_TRACE,
688 "<==backsql_srch_query() returns NULL\n", 0, 0, 0 );
689 free( query->bv_val );
690 query->bv_val = NULL;
693 free( bsi->sel.bv_val );
696 free( bsi->from.bv_val );
697 bsi->from.bv_len = 0;
699 free( bsi->join_where.bv_val );
700 bsi->join_where.bv_len = 0;
702 free( bsi->flt_where.bv_val );
703 bsi->flt_where.bv_len = 0;
706 Debug( LDAP_DEBUG_TRACE, "<==backsql_srch_query()\n", 0, 0, 0 );
708 return ( query->bv_val == NULL ? 1 : 0 );
712 backsql_oc_get_candidates( backsql_oc_map_rec *oc, backsql_srch_info *bsi )
717 backsql_entryID base_id, *c_id;
723 Debug( LDAP_DEBUG_TRACE, "==>backsql_oc_get_candidates(): oc='%s'\n",
724 BACKSQL_OC_NAME( oc ), 0, 0 );
726 if ( bsi->n_candidates == -1 ) {
727 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
728 "unchecked limit has been overcome\n", 0, 0, 0 );
733 if ( backsql_srch_query( bsi, &query ) ) {
734 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
735 "could not construct query for objectclass\n",
740 Debug( LDAP_DEBUG_TRACE, "Constructed query: %s\n",
741 query.bv_val, 0, 0 );
743 rc = backsql_Prepare( bsi->dbh, &sth, query.bv_val, 0 );
744 free( query.bv_val );
745 if ( rc != SQL_SUCCESS ) {
746 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
747 "error preparing query\n", 0, 0, 0 );
748 backsql_PrintErrors( bsi->bi->db_env, bsi->dbh, sth, rc );
752 if ( backsql_BindParamID( sth, 1, &bsi->oc->id ) != SQL_SUCCESS ) {
753 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
754 "error binding objectclass id parameter\n", 0, 0, 0 );
758 switch ( bsi->scope ) {
759 case LDAP_SCOPE_BASE:
760 rc = backsql_BindParamStr( sth, 2, bsi->base_dn->bv_val,
761 BACKSQL_MAX_DN_LEN );
762 if ( rc != SQL_SUCCESS ) {
763 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
764 "error binding base_dn parameter\n", 0, 0, 0 );
765 backsql_PrintErrors( bsi->bi->db_env, bsi->dbh,
771 case LDAP_SCOPE_SUBTREE: {
774 * + 1 because we need room for '%'; this makes a subtree
775 * search for a DN BACKSQL_MAX_DN_LEN long legal
776 * if it returns that DN only
778 char temp_base_dn[ BACKSQL_MAX_DN_LEN + 1 + 1 ];
781 * We do not accept DNs longer than BACKSQL_MAX_DN_LEN;
782 * however this should be handled earlier
784 assert( bsi->base_dn->bv_len <= BACKSQL_MAX_DN_LEN );
787 * Sets the parameters for the SQL built earlier
788 * NOTE that all the databases could actually use
789 * the TimesTen version, which would be cleaner
790 * and would also eliminate the need for the
791 * subtree_cond line in the configuration file.
792 * For now, I'm leaving it the way it is,
793 * so non-TimesTen databases use the original code.
794 * But at some point this should get cleaned up.
796 * If "dn" is being used, do a suffix search.
797 * If "dn_ru" is being used, do a prefix search.
799 if ( BACKSQL_HAS_LDAPINFO_DN_RU( bsi->bi ) ) {
800 temp_base_dn[ 0 ] = '\0';
801 for ( i = 0, j = bsi->base_dn->bv_len - 1;
803 temp_base_dn[ i ] = bsi->base_dn->bv_val[ j ];
805 temp_base_dn[ i ] = '%';
806 temp_base_dn[ i + 1 ] = '\0';
807 ldap_pvt_str2upper( temp_base_dn );
810 temp_base_dn[ 0 ] = '%';
811 AC_MEMCPY( &temp_base_dn[ 1 ], bsi->base_dn->bv_val,
812 bsi->base_dn->bv_len + 1 );
813 ldap_pvt_str2upper( &temp_base_dn[ 1 ] );
816 Debug( LDAP_DEBUG_TRACE, "dn '%s'\n", temp_base_dn, 0, 0 );
818 rc = backsql_BindParamStr( sth, 2, temp_base_dn,
819 BACKSQL_MAX_DN_LEN );
820 if ( rc != SQL_SUCCESS ) {
821 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
822 "error binding base_dn parameter (2)\n",
824 backsql_PrintErrors( bsi->bi->db_env, bsi->dbh,
831 case LDAP_SCOPE_ONELEVEL:
832 res = backsql_dn2id( bsi->bi, &base_id,
833 bsi->dbh, bsi->base_dn );
834 if ( res != LDAP_SUCCESS ) {
835 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
836 "could not retrieve base_dn id%s\n",
837 res == LDAP_NO_SUCH_OBJECT ? ": no such entry"
843 rc = backsql_BindParamID( sth, 2, &base_id.id );
844 backsql_free_entryID( &base_id, 0 );
845 if ( rc != SQL_SUCCESS ) {
846 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
847 "error binding base id parameter\n", 0, 0, 0 );
853 rc = SQLExecute( sth );
854 if ( !BACKSQL_SUCCESS( rc ) ) {
855 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
856 "error executing query\n", 0, 0, 0 );
857 backsql_PrintErrors( bsi->bi->db_env, bsi->dbh, sth, rc );
858 SQLFreeStmt( sth, SQL_DROP );
862 backsql_BindRowAsStrings( sth, &row );
863 rc = SQLFetch( sth );
864 for ( ; BACKSQL_SUCCESS( rc ); rc = SQLFetch( sth ) ) {
865 c_id = (backsql_entryID *)ch_calloc( 1,
866 sizeof( backsql_entryID ) );
867 c_id->id = strtol( row.cols[ 0 ], NULL, 0 );
868 c_id->keyval = strtol( row.cols[ 1 ], NULL, 0 );
869 c_id->oc_id = bsi->oc->id;
870 ber_str2bv( row.cols[ 3 ], 0, 1, &c_id->dn );
871 c_id->next = bsi->id_list;
875 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
876 "added entry id=%ld, keyval=%ld dn='%s'\n",
877 c_id->id, c_id->keyval, row.cols[ 3 ] );
879 if ( bsi->n_candidates == -1 ) {
883 backsql_FreeRow( &row );
884 SQLFreeStmt( sth, SQL_DROP );
886 Debug( LDAP_DEBUG_TRACE, "<==backsql_oc_get_candidates()\n", 0, 0, 0 );
897 struct berval *nbase,
903 struct berval *filterstr,
904 AttributeName *attrs,
907 backsql_info *bi = (backsql_info *)be->be_private;
912 int manageDSAit = get_manageDSAit( op );
913 BerVarray v2refs = NULL;
915 backsql_srch_info srch_info;
916 backsql_entryID *eid = NULL;
917 struct slap_limits_set *limit = NULL;
920 Debug( LDAP_DEBUG_TRACE, "==>backsql_search(): "
921 "base='%s', filter='%s', scope=%d,",
922 nbase->bv_val, filterstr->bv_val, scope );
923 Debug( LDAP_DEBUG_TRACE, " deref=%d, attrsonly=%d, "
924 "attributes to load: %s\n",
925 deref, attrsonly, attrs == NULL ? "all" : "custom list" );
927 if ( nbase->bv_len > BACKSQL_MAX_DN_LEN ) {
928 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
929 "search base length (%ld) exceeds max length (%ld)\n",
930 nbase->bv_len, BACKSQL_MAX_DN_LEN, 0 );
932 * FIXME: a LDAP_NO_SUCH_OBJECT could be appropriate
933 * since it is impossible that such a long DN exists
936 send_ldap_result( conn, op, LDAP_ADMINLIMIT_EXCEEDED,
937 "", NULL, NULL, NULL );
941 sres = backsql_get_db_conn( be, conn, &dbh );
942 if ( sres != LDAP_SUCCESS ) {
943 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
944 "could not get connection handle - exiting\n",
946 send_ldap_result( conn, op, sres, "",
947 sres == LDAP_OTHER ? "SQL-backend error" : "",
952 /* TimesTen : Pass it along to the lower level routines */
953 srch_info.use_reverse_dn = BACKSQL_USE_REVERSE_DN( bi );
955 /* if not root, get appropriate limits */
956 if ( be_isroot( be, &op->o_ndn ) ) {
959 ( void ) get_limits( be, &op->o_ndn, &limit );
962 /* The time/size limits come first because they require very little
963 * effort, so there's no chance the candidates are selected and then
964 * the request is not honored only because of time/size constraints */
966 /* if no time limit requested, use soft limit (unless root!) */
969 tlimit = -1; /* allow root to set no limit */
977 /* if no limit is required, use soft limit */
979 tlimit = limit->lms_t_soft;
981 /* if requested limit higher than hard limit, abort */
982 } else if ( tlimit > limit->lms_t_hard ) {
983 /* no hard limit means use soft instead */
984 if ( limit->lms_t_hard == 0 && tlimit > limit->lms_t_soft ) {
985 tlimit = limit->lms_t_soft;
987 /* positive hard limit means abort */
988 } else if ( limit->lms_t_hard > 0 ) {
989 send_search_result( conn, op,
990 LDAP_UNWILLING_TO_PERFORM,
991 NULL, NULL, NULL, NULL, 0 );
995 /* negative hard limit means no limit */
998 /* if no limit is required, use soft limit */
1000 slimit = limit->lms_s_soft;
1002 /* if requested limit higher than hard limit, abort */
1003 } else if ( slimit > limit->lms_s_hard ) {
1004 /* no hard limit means use soft instead */
1005 if ( limit->lms_s_hard == 0 && slimit > limit->lms_s_soft ) {
1006 slimit = limit->lms_s_soft;
1008 /* positive hard limit means abort */
1009 } else if ( limit->lms_s_hard > 0 ) {
1010 send_search_result( conn, op,
1011 LDAP_UNWILLING_TO_PERFORM,
1012 NULL, NULL, NULL, NULL, 0 );
1016 /* negative hard limit means no limit */
1020 /* compute it anyway; root does not use it */
1021 stoptime = op->o_time + tlimit;
1023 backsql_init_search( &srch_info, bi, nbase, scope,
1024 slimit, tlimit, stoptime, filter, dbh,
1025 be, conn, op, attrs );
1028 * for each objectclass we try to construct query which gets IDs
1029 * of entries matching LDAP query filter and scope (or at least
1030 * candidates), and get the IDs
1032 srch_info.n_candidates = ( isroot ? -2 : limit->lms_s_unchecked == -1
1033 ? -2 : limit->lms_s_unchecked );
1034 avl_apply( bi->oc_by_oc, (AVL_APPLY)backsql_oc_get_candidates,
1035 &srch_info, 0, AVL_INORDER );
1036 if ( !isroot && limit->lms_s_unchecked != -1 ) {
1037 if ( srch_info.n_candidates == -1 ) {
1038 send_search_result( conn, op,
1039 LDAP_ADMINLIMIT_EXCEEDED,
1040 NULL, NULL, NULL, NULL, 0 );
1047 * now we load candidate entries (only those attributes
1048 * mentioned in attrs and filter), test it against full filter
1049 * and then send to client
1051 for ( eid = srch_info.id_list; eid != NULL;
1052 eid = backsql_free_entryID( eid, 1 ) ) {
1053 #ifdef SLAP_X_FILTER_HASSUBORDINATES
1054 Attribute *hasSubordinate = NULL,
1056 #endif /* SLAP_X_FILTER_HASSUBORDINATES */
1058 /* check for abandon */
1059 if ( op->o_abandon ) {
1063 /* check time limit */
1064 if ( tlimit != -1 && slap_get_time() > stoptime ) {
1065 send_search_result( conn, op, LDAP_TIMELIMIT_EXCEEDED,
1066 NULL, NULL, v2refs, NULL, nentries );
1070 Debug(LDAP_DEBUG_TRACE, "backsql_search(): loading data "
1071 "for entry id=%ld, oc_id=%ld, keyval=%ld\n",
1072 eid->id, eid->oc_id, eid->keyval );
1074 entry = (Entry *)ch_calloc( sizeof( Entry ), 1 );
1075 res = backsql_id2entry( &srch_info, entry, eid );
1076 if ( res == NULL ) {
1077 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1078 "error in backsql_id2entry() "
1079 "- skipping entry\n", 0, 0, 0 );
1083 if ( !manageDSAit && scope != LDAP_SCOPE_BASE &&
1084 is_entry_referral( entry ) ) {
1085 BerVarray refs = get_entry_referrals( be, conn,
1088 send_search_reference( be, conn, op, entry, refs,
1090 ber_bvarray_free( refs );
1094 #ifdef SLAP_X_FILTER_HASSUBORDINATES
1096 * We use this flag since we need to parse the filter
1097 * anyway; we should have used the frontend API function
1098 * filter_has_subordinates()
1100 if ( srch_info.bsi_flags & BSQL_SF_FILTER_HASSUBORDINATE ) {
1103 rc = backsql_has_children( bi, dbh, &entry->e_nname );
1106 case LDAP_COMPARE_TRUE:
1107 case LDAP_COMPARE_FALSE:
1108 hasSubordinate = slap_operational_hasSubordinate( rc == LDAP_COMPARE_TRUE );
1109 if ( hasSubordinate != NULL ) {
1110 for ( a = entry->e_attrs;
1114 a->a_next = hasSubordinate;
1120 Debug(LDAP_DEBUG_TRACE,
1121 "backsql_search(): "
1122 "has_children failed( %d)\n",
1132 #endif /* SLAP_X_FILTER_HASSUBORDINATES */
1134 if ( test_filter( be, conn, op, entry, filter )
1135 == LDAP_COMPARE_TRUE ) {
1136 #ifdef SLAP_X_FILTER_HASSUBORDINATES
1137 if ( hasSubordinate && !( srch_info.bsi_flags & BSQL_SF_ALL_OPER )
1138 && !ad_inlist( slap_schema.si_ad_hasSubordinates, attrs ) ) {
1140 attr_free( hasSubordinate );
1141 hasSubordinate = NULL;
1143 #endif /* SLAP_X_FILTER_HASSUBORDINATES */
1145 #if 0 /* noop is masked SLAP_CTRL_UPDATE */
1150 sres = send_search_entry( be, conn, op, entry,
1151 attrs, attrsonly, NULL );
1162 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1163 "connection lost\n", 0, 0, 0 );
1168 * FIXME: send_search_entry failed;
1174 entry_free( entry );
1176 if ( slimit != -1 && nentries >= slimit ) {
1177 send_search_result( conn, op, LDAP_SIZELIMIT_EXCEEDED,
1178 NULL, NULL, v2refs, NULL, nentries );
1185 if ( nentries > 0 ) {
1186 send_search_result( conn, op,
1187 v2refs == NULL ? LDAP_SUCCESS : LDAP_REFERRAL,
1188 NULL, NULL, v2refs, NULL, nentries );
1190 send_ldap_result( conn, op, srch_info.status,
1191 NULL, NULL, NULL, 0 );
1195 ch_free( srch_info.attrs );
1197 Debug( LDAP_DEBUG_TRACE, "<==backsql_search()\n", 0, 0, 0 );
1201 #endif /* SLAPD_SQL */