2 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
4 * Copyright 1999-2005 The OpenLDAP Foundation.
5 * Portions Copyright 1999 Dmitry Kovalev.
6 * Portions Copyright 2002 Pierangelo Masarati.
7 * Portions Copyright 2004 Mark Adamson.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted only as authorized by the OpenLDAP
14 * A copy of this license is available in the file LICENSE in the
15 * top-level directory of the distribution or, alternatively, at
16 * <http://www.OpenLDAP.org/license.html>.
19 * This work was initially developed by Dmitry Kovalev for inclusion
20 * by OpenLDAP Software. Additional significant contributors include
21 * Pierangelo Masarati and Mark Adamson.
27 #include <sys/types.h>
28 #include "ac/string.h"
32 #include "proto-sql.h"
34 static int backsql_process_filter( backsql_srch_info *bsi, Filter *f );
35 static int backsql_process_filter_eq( backsql_srch_info *bsi,
36 backsql_at_map_rec *at,
37 int casefold, struct berval *filter_value );
38 static int backsql_process_filter_like( backsql_srch_info *bsi,
39 backsql_at_map_rec *at,
40 int casefold, struct berval *filter_value );
41 static int backsql_process_filter_attr( backsql_srch_info *bsi, Filter *f,
42 backsql_at_map_rec *at );
45 backsql_attrlist_add( backsql_srch_info *bsi, AttributeDescription *ad )
48 AttributeName *an = NULL;
50 if ( bsi->bsi_attrs == NULL ) {
55 * clear the list (retrieve all attrs)
58 bsi->bsi_op->o_tmpfree( bsi->bsi_attrs, bsi->bsi_op->o_tmpmemctx );
59 bsi->bsi_attrs = NULL;
60 bsi->bsi_flags |= BSQL_SF_ALL_ATTRS;
64 for ( ; !BER_BVISNULL( &bsi->bsi_attrs[ n_attrs ].an_name ); n_attrs++ ) {
65 an = &bsi->bsi_attrs[ n_attrs ];
67 Debug( LDAP_DEBUG_TRACE, "==>backsql_attrlist_add(): "
68 "attribute \"%s\" is in list\n",
69 an->an_name.bv_val, 0, 0 );
71 * We can live with strcmp because the attribute
72 * list has been normalized before calling be_search
74 if ( !BACKSQL_NCMP( &an->an_name, &ad->ad_cname ) ) {
79 Debug( LDAP_DEBUG_TRACE, "==>backsql_attrlist_add(): "
80 "adding \"%s\" to list\n", ad->ad_cname.bv_val, 0, 0 );
82 an = (AttributeName *)bsi->bsi_op->o_tmprealloc( bsi->bsi_attrs,
83 sizeof( AttributeName ) * ( n_attrs + 2 ),
84 bsi->bsi_op->o_tmpmemctx );
89 an[ n_attrs ].an_name = ad->ad_cname;
90 an[ n_attrs ].an_desc = ad;
91 BER_BVZERO( &an[ n_attrs + 1 ].an_name );
99 * Initializes the search structure.
101 * If get_base_id != 0, the field bsi_base_id is filled
102 * with the entryID of bsi_base_ndn; it must be freed
103 * by backsql_free_entryID() when no longer required.
105 * NOTE: base must be normalized
109 backsql_srch_info *bsi,
110 struct berval *nbase,
119 AttributeName *attrs,
122 backsql_info *bi = (backsql_info *)op->o_bd->be_private;
123 int rc = LDAP_SUCCESS;
125 bsi->bsi_base_ndn = nbase;
126 bsi->bsi_use_subtree_shortcut = 0;
127 BER_BVZERO( &bsi->bsi_base_id.eid_dn );
128 BER_BVZERO( &bsi->bsi_base_id.eid_ndn );
129 bsi->bsi_scope = scope;
130 bsi->bsi_slimit = slimit;
131 bsi->bsi_tlimit = tlimit;
132 bsi->bsi_filter = filter;
136 bsi->bsi_flags = BSQL_SF_NONE;
138 bsi->bsi_attrs = NULL;
140 if ( BACKSQL_FETCH_ALL_ATTRS( bi ) ) {
142 * if requested, simply try to fetch all attributes
144 bsi->bsi_flags |= BSQL_SF_ALL_ATTRS;
147 if ( BACKSQL_FETCH_ALL_USERATTRS( bi ) ) {
148 bsi->bsi_flags |= BSQL_SF_ALL_USER;
150 } else if ( BACKSQL_FETCH_ALL_OPATTRS( bi ) ) {
151 bsi->bsi_flags |= BSQL_SF_ALL_OPER;
154 if ( attrs == NULL ) {
155 /* NULL means all user attributes */
156 bsi->bsi_flags |= BSQL_SF_ALL_USER;
162 bsi->bsi_attrs = (AttributeName *)bsi->bsi_op->o_tmpalloc(
163 sizeof( AttributeName ),
164 bsi->bsi_op->o_tmpmemctx );
165 BER_BVZERO( &bsi->bsi_attrs[ 0 ].an_name );
167 for ( p = attrs; !BER_BVISNULL( &p->an_name ); p++ ) {
168 if ( BACKSQL_NCMP( &p->an_name, &AllUser ) == 0 ) {
170 bsi->bsi_flags |= BSQL_SF_ALL_USER;
172 /* if all attrs are requested, there's
173 * no need to continue */
174 if ( BSQL_ISF_ALL_ATTRS( bsi ) ) {
175 bsi->bsi_op->o_tmpfree( bsi->bsi_attrs,
176 bsi->bsi_op->o_tmpmemctx );
177 bsi->bsi_attrs = NULL;
182 } else if ( BACKSQL_NCMP( &p->an_name, &AllOper ) == 0 ) {
184 bsi->bsi_flags |= BSQL_SF_ALL_OPER;
186 /* if all attrs are requested, there's
187 * no need to continue */
188 if ( BSQL_ISF_ALL_ATTRS( bsi ) ) {
189 bsi->bsi_op->o_tmpfree( bsi->bsi_attrs,
190 bsi->bsi_op->o_tmpmemctx );
191 bsi->bsi_attrs = NULL;
196 } else if ( BACKSQL_NCMP( &p->an_name, &NoAttrs ) == 0 ) {
200 } else if ( p->an_desc == slap_schema.si_ad_objectClass ) {
204 backsql_attrlist_add( bsi, p->an_desc );
207 if ( got_oc == 0 && !( bsi->bsi_flags & BSQL_SF_ALL_USER ) ) {
208 /* add objectClass if not present,
209 * because it is required to understand
210 * if an entry is a referral, an alias
212 backsql_attrlist_add( bsi, slap_schema.si_ad_objectClass );
216 if ( !BSQL_ISF_ALL_ATTRS( bsi ) && bi->sql_anlist ) {
219 /* use hints if available */
220 for ( p = bi->sql_anlist; !BER_BVISNULL( &p->an_name ); p++ ) {
221 if ( BACKSQL_NCMP( &p->an_name, &AllUser ) == 0 ) {
223 bsi->bsi_flags |= BSQL_SF_ALL_USER;
225 /* if all attrs are requested, there's
226 * no need to continue */
227 if ( BSQL_ISF_ALL_ATTRS( bsi ) ) {
228 bsi->bsi_op->o_tmpfree( bsi->bsi_attrs,
229 bsi->bsi_op->o_tmpmemctx );
230 bsi->bsi_attrs = NULL;
235 } else if ( BACKSQL_NCMP( &p->an_name, &AllOper ) == 0 ) {
237 bsi->bsi_flags |= BSQL_SF_ALL_OPER;
239 /* if all attrs are requested, there's
240 * no need to continue */
241 if ( BSQL_ISF_ALL_ATTRS( bsi ) ) {
242 bsi->bsi_op->o_tmpfree( bsi->bsi_attrs,
243 bsi->bsi_op->o_tmpmemctx );
244 bsi->bsi_attrs = NULL;
250 backsql_attrlist_add( bsi, p->an_desc );
256 bsi->bsi_id_list = NULL;
257 bsi->bsi_id_listtail = &bsi->bsi_id_list;
258 bsi->bsi_n_candidates = 0;
259 bsi->bsi_stoptime = stoptime;
260 BER_BVZERO( &bsi->bsi_sel.bb_val );
261 bsi->bsi_sel.bb_len = 0;
262 BER_BVZERO( &bsi->bsi_from.bb_val );
263 bsi->bsi_from.bb_len = 0;
264 BER_BVZERO( &bsi->bsi_join_where.bb_val );
265 bsi->bsi_join_where.bb_len = 0;
266 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
267 bsi->bsi_flt_where.bb_len = 0;
268 bsi->bsi_filter_oc = NULL;
270 if ( BACKSQL_IS_GET_ID( flags ) ) {
271 int matched = BACKSQL_IS_MATCHED( flags );
272 int getentry = BACKSQL_IS_GET_ENTRY( flags );
275 assert( op->o_bd->be_private != NULL );
277 rc = backsql_dn2id( op, rs, dbh, nbase, &bsi->bsi_base_id,
280 /* the entry is collected either if requested for by getentry
281 * or if get noSuchObject and requested to climb the tree,
282 * so that a matchedDN or a referral can be returned */
283 if ( ( rc == LDAP_NO_SUCH_OBJECT && matched ) || getentry ) {
284 if ( !BER_BVISNULL( &bsi->bsi_base_id.eid_ndn ) ) {
285 assert( bsi->bsi_e != NULL );
287 if ( dn_match( nbase, &bsi->bsi_base_id.eid_ndn ) )
293 * let's see if it is a referral and, in case, get it
295 backsql_attrlist_add( bsi, slap_schema.si_ad_ref );
296 rc = backsql_id2entry( bsi, &bsi->bsi_base_id );
297 if ( rc == LDAP_SUCCESS ) {
298 if ( is_entry_referral( bsi->bsi_e ) )
300 BerVarray erefs = get_entry_referrals( op, bsi->bsi_e );
302 rc = rs->sr_err = LDAP_REFERRAL;
303 rs->sr_ref = referral_rewrite( erefs,
304 &bsi->bsi_e->e_nname,
307 ber_bvarray_free( erefs );
310 rc = rs->sr_err = LDAP_OTHER;
311 rs->sr_text = "bad referral object";
314 } else if ( !gotit ) {
315 rc = rs->sr_err = LDAP_NO_SUCH_OBJECT;
320 rs->sr_ref = referral_rewrite( default_referral,
321 NULL, &op->o_req_dn, scope );
322 rc = rs->sr_err = LDAP_REFERRAL;
327 bsi->bsi_status = rc;
335 bsi->bsi_op->o_tmpfree( bsi->bsi_attrs,
336 bsi->bsi_op->o_tmpmemctx );
344 backsql_process_filter_list( backsql_srch_info *bsi, Filter *f, int op )
352 backsql_strfcat( &bsi->bsi_flt_where, "c", '(' /* ) */ );
355 res = backsql_process_filter( bsi, f );
358 * TimesTen : If the query has no answers,
359 * don't bother to run the query.
370 case LDAP_FILTER_AND:
371 backsql_strfcat( &bsi->bsi_flt_where, "l",
372 (ber_len_t)STRLENOF( " AND " ),
377 backsql_strfcat( &bsi->bsi_flt_where, "l",
378 (ber_len_t)STRLENOF( " OR " ),
384 backsql_strfcat( &bsi->bsi_flt_where, "c", /* ( */ ')' );
390 backsql_process_sub_filter( backsql_srch_info *bsi, Filter *f,
391 backsql_at_map_rec *at )
393 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
401 /* always uppercase strings by now */
402 #ifdef BACKSQL_UPPERCASE_FILTER
403 if ( f->f_sub_desc->ad_type->sat_substr &&
404 SLAP_MR_ASSOCIATED( f->f_sub_desc->ad_type->sat_substr,
405 bi->sql_caseIgnoreMatch ) )
406 #endif /* BACKSQL_UPPERCASE_FILTER */
411 if ( f->f_sub_desc->ad_type->sat_substr &&
412 SLAP_MR_ASSOCIATED( f->f_sub_desc->ad_type->sat_substr,
413 bi->sql_telephoneNumberMatch ) )
420 * to check for matching telephone numbers
421 * with intermixed chars, e.g. val='1234'
424 * val LIKE '%1%2%3%4%'
428 if ( f->f_sub_initial.bv_val ) {
429 bv.bv_len += f->f_sub_initial.bv_len;
431 if ( f->f_sub_any != NULL ) {
432 for ( a = 0; f->f_sub_any[ a ].bv_val != NULL; a++ ) {
433 bv.bv_len += f->f_sub_any[ a ].bv_len;
436 if ( f->f_sub_final.bv_val ) {
437 bv.bv_len += f->f_sub_final.bv_len;
439 bv.bv_len = 2 * bv.bv_len - 1;
440 bv.bv_val = ch_malloc( bv.bv_len + 1 );
443 if ( !BER_BVISNULL( &f->f_sub_initial ) ) {
444 bv.bv_val[ s ] = f->f_sub_initial.bv_val[ 0 ];
445 for ( i = 1; i < f->f_sub_initial.bv_len; i++ ) {
446 bv.bv_val[ s + 2 * i - 1 ] = '%';
447 bv.bv_val[ s + 2 * i ] = f->f_sub_initial.bv_val[ i ];
449 bv.bv_val[ s + 2 * i - 1 ] = '%';
453 if ( f->f_sub_any != NULL ) {
454 for ( a = 0; !BER_BVISNULL( &f->f_sub_any[ a ] ); a++ ) {
455 bv.bv_val[ s ] = f->f_sub_any[ a ].bv_val[ 0 ];
456 for ( i = 1; i < f->f_sub_any[ a ].bv_len; i++ ) {
457 bv.bv_val[ s + 2 * i - 1 ] = '%';
458 bv.bv_val[ s + 2 * i ] = f->f_sub_any[ a ].bv_val[ i ];
460 bv.bv_val[ s + 2 * i - 1 ] = '%';
465 if ( !BER_BVISNULL( &f->f_sub_final ) ) {
466 bv.bv_val[ s ] = f->f_sub_final.bv_val[ 0 ];
467 for ( i = 1; i < f->f_sub_final.bv_len; i++ ) {
468 bv.bv_val[ s + 2 * i - 1 ] = '%';
469 bv.bv_val[ s + 2 * i ] = f->f_sub_final.bv_val[ i ];
471 bv.bv_val[ s + 2 * i - 1 ] = '%';
475 bv.bv_val[ s - 1 ] = '\0';
477 (void)backsql_process_filter_like( bsi, at, casefold, &bv );
478 ch_free( bv.bv_val );
484 * When dealing with case-sensitive strings
485 * we may omit normalization; however, normalized
486 * SQL filters are more liberal.
489 backsql_strfcat( &bsi->bsi_flt_where, "c", '(' /* ) */ );
492 Debug( LDAP_DEBUG_TRACE, "backsql_process_sub_filter(%s):\n",
493 at->bam_ad->ad_cname.bv_val, 0, 0 );
494 Debug(LDAP_DEBUG_TRACE, " expr: '%s%s%s'\n", at->bam_sel_expr.bv_val,
495 at->bam_sel_expr_u.bv_val ? "' '" : "",
496 at->bam_sel_expr_u.bv_val ? at->bam_sel_expr_u.bv_val : "" );
497 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
499 * If a pre-upper-cased version of the column
500 * or a precompiled upper function exists, use it
502 backsql_strfcat( &bsi->bsi_flt_where,
505 (ber_len_t)STRLENOF( " LIKE '" ),
509 backsql_strfcat( &bsi->bsi_flt_where, "bl",
511 (ber_len_t)STRLENOF( " LIKE '" ), " LIKE '" );
514 if ( !BER_BVISNULL( &f->f_sub_initial ) ) {
518 Debug( LDAP_DEBUG_TRACE,
519 "==>backsql_process_sub_filter(%s): "
520 "sub_initial=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
521 f->f_sub_initial.bv_val, 0 );
522 #endif /* BACKSQL_TRACE */
524 start = bsi->bsi_flt_where.bb_val.bv_len;
525 backsql_strfcat( &bsi->bsi_flt_where, "b",
527 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
528 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
532 backsql_strfcat( &bsi->bsi_flt_where, "c", '%' );
534 if ( f->f_sub_any != NULL ) {
535 for ( i = 0; !BER_BVISNULL( &f->f_sub_any[ i ] ); i++ ) {
539 Debug( LDAP_DEBUG_TRACE,
540 "==>backsql_process_sub_filter(%s): "
541 "sub_any[%d]=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
542 i, f->f_sub_any[ i ].bv_val );
543 #endif /* BACKSQL_TRACE */
545 start = bsi->bsi_flt_where.bb_val.bv_len;
546 backsql_strfcat( &bsi->bsi_flt_where,
550 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
552 * Note: toupper('%') = '%'
554 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
559 if ( !BER_BVISNULL( &f->f_sub_final ) ) {
563 Debug( LDAP_DEBUG_TRACE,
564 "==>backsql_process_sub_filter(%s): "
565 "sub_final=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
566 f->f_sub_final.bv_val, 0 );
567 #endif /* BACKSQL_TRACE */
569 start = bsi->bsi_flt_where.bb_val.bv_len;
570 backsql_strfcat( &bsi->bsi_flt_where, "b",
572 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
573 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
577 backsql_strfcat( &bsi->bsi_flt_where, "l",
578 (ber_len_t)STRLENOF( /* (' */ "')" ), /* (' */ "')" );
584 backsql_merge_from_tbls( backsql_srch_info *bsi, struct berval *from_tbls )
586 if ( BER_BVISNULL( from_tbls ) ) {
590 if ( !BER_BVISNULL( &bsi->bsi_from.bb_val ) ) {
591 char *start, *end, *tmp;
593 tmp = ch_strdup( from_tbls->bv_val );
595 for ( start = tmp, end = strchr( start, ',' ); start; ) {
600 if ( strstr( bsi->bsi_from.bb_val.bv_val, start) == NULL )
602 backsql_strfcat( &bsi->bsi_from, "cs", ',', start );
606 /* in case there are spaces after the comma... */
607 for ( start = &end[1]; isspace( start[0] ); start++ );
609 end = strchr( start, ',' );
621 backsql_strfcat( &bsi->bsi_from, "b", from_tbls );
628 backsql_process_filter( backsql_srch_info *bsi, Filter *f )
630 backsql_at_map_rec **vat = NULL;
631 AttributeDescription *ad = NULL;
636 Debug( LDAP_DEBUG_TRACE, "==>backsql_process_filter()\n", 0, 0, 0 );
637 if ( f->f_choice == SLAPD_FILTER_COMPUTED ) {
638 Debug( LDAP_DEBUG_TRACE, "backsql_process_filter(): "
639 "invalid filter\n", 0, 0, 0 );
644 switch( f->f_choice ) {
646 rc = backsql_process_filter_list( bsi, f->f_or,
651 case LDAP_FILTER_AND:
652 rc = backsql_process_filter_list( bsi, f->f_and,
657 case LDAP_FILTER_NOT:
658 backsql_strfcat( &bsi->bsi_flt_where, "l",
659 (ber_len_t)STRLENOF( "NOT (" /* ) */ ),
661 rc = backsql_process_filter( bsi, f->f_not );
662 backsql_strfcat( &bsi->bsi_flt_where, "c", /* ( */ ')' );
666 case LDAP_FILTER_PRESENT:
670 case LDAP_FILTER_EXT:
671 ad = f->f_mra->ma_desc;
672 if ( f->f_mr_dnattrs ) {
674 * if dn attrs filtering is requested, better return
675 * success and let test_filter() deal with candidate
676 * selection; otherwise we'd need to set conditions
677 * on the contents of the DN, e.g. "SELECT ... FROM
678 * ldap_entries AS attributeName WHERE attributeName.dn
679 * like '%attributeName=value%'"
681 backsql_strfcat( &bsi->bsi_flt_where, "l",
682 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
683 bsi->bsi_status = LDAP_SUCCESS;
704 * Turn structuralObjectClass into objectClass
706 if ( ad == slap_schema.si_ad_objectClass
707 || ad == slap_schema.si_ad_structuralObjectClass )
710 * If the filter is LDAP_FILTER_PRESENT, then it's done;
711 * otherwise, let's see if we are lucky: filtering
712 * for "structural" objectclass or ancestor...
714 switch ( f->f_choice ) {
715 case LDAP_FILTER_EQUALITY:
717 ObjectClass *oc = oc_bvfind( &f->f_av_value );
720 Debug( LDAP_DEBUG_TRACE,
721 "backsql_process_filter(): "
722 "unknown objectClass \"%s\" "
724 f->f_av_value.bv_val, 0, 0 );
725 bsi->bsi_status = LDAP_OTHER;
731 * "structural" objectClass inheritance:
732 * - a search for "person" will also return
734 * - a search for "top" will return everything
736 if ( is_object_subclass( oc, bsi->bsi_oc->bom_oc ) ) {
737 static struct berval ldap_entry_objclasses = BER_BVC( "ldap_entry_objclasses" );
739 backsql_merge_from_tbls( bsi, &ldap_entry_objclasses );
741 backsql_strfcat( &bsi->bsi_flt_where, "lbl",
742 (ber_len_t)STRLENOF( "(2=2 OR (ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ')) */ ),
743 "(2=2 OR (ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ')) */,
744 &bsi->bsi_oc->bom_oc->soc_cname,
745 (ber_len_t)STRLENOF( /* ((' */ "'))" ),
747 bsi->bsi_status = LDAP_SUCCESS;
755 case LDAP_FILTER_PRESENT:
756 backsql_strfcat( &bsi->bsi_flt_where, "l",
757 (ber_len_t)STRLENOF( "3=3" ), "3=3" );
758 bsi->bsi_status = LDAP_SUCCESS;
762 /* FIXME: LDAP_FILTER_EXT? */
765 Debug( LDAP_DEBUG_TRACE,
766 "backsql_process_filter(): "
767 "illegal/unhandled filter "
768 "on objectClass attribute",
770 bsi->bsi_status = LDAP_OTHER;
775 } else if ( ad == slap_schema.si_ad_entryUUID ) {
777 #ifdef BACKSQL_ARBITRARY_KEY
778 struct berval keyval;
779 #else /* ! BACKSQL_ARBITRARY_KEY */
780 unsigned long keyval;
781 char keyvalbuf[] = "18446744073709551615";
782 #endif /* ! BACKSQL_ARBITRARY_KEY */
784 switch ( f->f_choice ) {
785 case LDAP_FILTER_EQUALITY:
786 backsql_entryUUID_decode( &f->f_av_value, &oc_id, &keyval );
788 if ( oc_id != bsi->bsi_oc->bom_id ) {
789 bsi->bsi_status = LDAP_SUCCESS;
794 #ifdef BACKSQL_ARBITRARY_KEY
795 backsql_strfcat( &bsi->bsi_flt_where, "bcblbc",
796 &bsi->bsi_oc->bom_keytbl, '.',
797 &bsi->bsi_oc->bom_keycol,
798 STRLENOF( " LIKE '" ), " LIKE '",
800 #else /* ! BACKSQL_ARBITRARY_KEY */
801 snprintf( keyvalbuf, sizeof( keyvalbuf ), "%lu", keyval );
802 backsql_strfcat( &bsi->bsi_flt_where, "bcbcs",
803 &bsi->bsi_oc->bom_keytbl, '.',
804 &bsi->bsi_oc->bom_keycol, '=', keyvalbuf );
805 #endif /* ! BACKSQL_ARBITRARY_KEY */
808 case LDAP_FILTER_PRESENT:
809 backsql_strfcat( &bsi->bsi_flt_where, "l",
810 (ber_len_t)STRLENOF( "4=4" ), "4=4" );
818 bsi->bsi_flags |= BSQL_SF_FILTER_ENTRYUUID;
822 #ifdef BACKSQL_SYNCPROV
823 } else if ( ad == slap_schema.si_ad_entryCSN ) {
825 * support for syncrepl as producer...
827 if ( !bsi->bsi_op->o_sync ) {
828 /* unsupported at present... */
829 bsi->bsi_status = LDAP_OTHER;
834 bsi->bsi_flags |= ( BSQL_SF_FILTER_ENTRYCSN | BSQL_SF_RETURN_ENTRYUUID);
836 /* if doing a syncrepl, try to return as much as possible,
837 * and always match the filter */
838 backsql_strfcat( &bsi->bsi_flt_where, "l",
839 (ber_len_t)STRLENOF( "5=5" ), "5=5" );
841 /* save for later use in operational attributes */
842 /* FIXME: saves only the first occurrence, because
843 * the filter during updates is written as
844 * "(&(entryCSN<={contextCSN})(entryCSN>={oldContextCSN})({filter}))"
845 * so we want our fake entryCSN to match the greatest
848 if ( bsi->bsi_op->o_private == NULL ) {
849 bsi->bsi_op->o_private = &f->f_av_value;
851 bsi->bsi_status = LDAP_SUCCESS;
855 #endif /* BACKSQL_SYNCPROV */
857 } else if ( ad == slap_schema.si_ad_hasSubordinates || ad == NULL ) {
859 * FIXME: this is not robust; e.g. a filter
860 * '(!(hasSubordinates=TRUE))' fails because
861 * in SQL it would read 'NOT (1=1)' instead
863 * Note however that hasSubordinates is boolean,
864 * so a more appropriate filter would be
865 * '(hasSubordinates=FALSE)'
867 * A more robust search for hasSubordinates
868 * would * require joining the ldap_entries table
869 * selecting if there are descendants of the
872 backsql_strfcat( &bsi->bsi_flt_where, "l",
873 (ber_len_t)STRLENOF( "6=6" ), "6=6" );
874 if ( ad == slap_schema.si_ad_hasSubordinates ) {
876 * instruct candidate selection algorithm
877 * and attribute list to try to detect
878 * if an entry has subordinates
880 bsi->bsi_flags |= BSQL_SF_FILTER_HASSUBORDINATE;
884 * clear attributes to fetch, to require ALL
885 * and try extended match on all attributes
887 backsql_attrlist_add( bsi, NULL );
894 * attribute inheritance:
896 if ( backsql_supad2at( bsi->bsi_oc, ad, &vat ) ) {
897 bsi->bsi_status = LDAP_OTHER;
903 /* search anyway; other parts of the filter
905 backsql_strfcat( &bsi->bsi_flt_where, "l",
906 (ber_len_t)STRLENOF( "7=7" ), "7=7" );
907 bsi->bsi_status = LDAP_SUCCESS;
912 /* if required, open extra level of parens */
914 if ( vat[0]->bam_next || vat[1] ) {
915 backsql_strfcat( &bsi->bsi_flt_where, "c", '(' );
922 if ( backsql_process_filter_attr( bsi, f, vat[i] ) == -1 ) {
926 /* if more definitions of the same attr, apply */
927 if ( vat[i]->bam_next ) {
928 backsql_strfcat( &bsi->bsi_flt_where, "l",
929 STRLENOF( " OR " ), " OR " );
930 vat[i] = vat[i]->bam_next;
934 /* if more descendants of the same attr, apply */
937 backsql_strfcat( &bsi->bsi_flt_where, "l",
938 STRLENOF( " OR " ), " OR " );
942 /* if needed, close extra level of parens */
944 backsql_strfcat( &bsi->bsi_flt_where, "c", ')' );
954 Debug( LDAP_DEBUG_TRACE,
955 "<==backsql_process_filter() %s\n",
956 rc == 1 ? "succeeded" : "failed", 0, 0);
962 backsql_process_filter_eq( backsql_srch_info *bsi, backsql_at_map_rec *at,
963 int casefold, struct berval *filter_value )
966 * maybe we should check type of at->sel_expr here somehow,
967 * to know whether upper_func is applicable, but for now
968 * upper_func stuff is made for Oracle, where UPPER is
969 * safely applicable to NUMBER etc.
971 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
974 backsql_strfcat( &bsi->bsi_flt_where, "cbl",
977 (ber_len_t)STRLENOF( "='" ),
980 start = bsi->bsi_flt_where.bb_val.bv_len;
982 backsql_strfcat( &bsi->bsi_flt_where, "bl",
984 (ber_len_t)STRLENOF( /* (' */ "')" ),
987 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
990 backsql_strfcat( &bsi->bsi_flt_where, "cblbl",
993 (ber_len_t)STRLENOF( "='" ), "='",
995 (ber_len_t)STRLENOF( /* (' */ "')" ),
1003 backsql_process_filter_like( backsql_srch_info *bsi, backsql_at_map_rec *at,
1004 int casefold, struct berval *filter_value )
1007 * maybe we should check type of at->sel_expr here somehow,
1008 * to know whether upper_func is applicable, but for now
1009 * upper_func stuff is made for Oracle, where UPPER is
1010 * safely applicable to NUMBER etc.
1012 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
1015 backsql_strfcat( &bsi->bsi_flt_where, "cbl",
1017 &at->bam_sel_expr_u,
1018 (ber_len_t)STRLENOF( " LIKE '%" ),
1021 start = bsi->bsi_flt_where.bb_val.bv_len;
1023 backsql_strfcat( &bsi->bsi_flt_where, "bl",
1025 (ber_len_t)STRLENOF( /* (' */ "%')" ),
1028 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
1031 backsql_strfcat( &bsi->bsi_flt_where, "cblbl",
1034 (ber_len_t)STRLENOF( " LIKE '%" ),
1037 (ber_len_t)STRLENOF( /* (' */ "%')" ),
1045 backsql_process_filter_attr( backsql_srch_info *bsi, Filter *f, backsql_at_map_rec *at )
1047 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
1049 struct berval *filter_value = NULL;
1050 MatchingRule *matching_rule = NULL;
1051 struct berval ordering = BER_BVC("<=");
1053 Debug( LDAP_DEBUG_TRACE, "==>backsql_process_filter_attr(%s)\n",
1054 at->bam_ad->ad_cname.bv_val, 0, 0 );
1057 * need to add this attribute to list of attrs to load,
1058 * so that we can do test_filter() later
1060 backsql_attrlist_add( bsi, at->bam_ad );
1062 backsql_merge_from_tbls( bsi, &at->bam_from_tbls );
1064 if ( !BER_BVISNULL( &at->bam_join_where )
1065 && strstr( bsi->bsi_join_where.bb_val.bv_val,
1066 at->bam_join_where.bv_val ) == NULL )
1068 backsql_strfcat( &bsi->bsi_join_where, "lb",
1069 (ber_len_t)STRLENOF( " AND " ), " AND ",
1070 &at->bam_join_where );
1073 switch ( f->f_choice ) {
1074 case LDAP_FILTER_EQUALITY:
1075 filter_value = &f->f_av_value;
1076 matching_rule = at->bam_ad->ad_type->sat_equality;
1078 goto equality_match;
1080 /* fail over into next case */
1082 case LDAP_FILTER_EXT:
1083 filter_value = &f->f_mra->ma_value;
1084 matching_rule = f->f_mr_rule;
1087 /* always uppercase strings by now */
1088 #ifdef BACKSQL_UPPERCASE_FILTER
1089 if ( SLAP_MR_ASSOCIATED( matching_rule,
1090 bi->sql_caseIgnoreMatch ) )
1091 #endif /* BACKSQL_UPPERCASE_FILTER */
1096 /* FIXME: directoryString filtering should use a similar
1097 * approach to deal with non-prettified values like
1098 * " A non prettified value ", by using a LIKE
1099 * filter with all whitespaces collapsed to a single '%' */
1100 if ( SLAP_MR_ASSOCIATED( matching_rule,
1101 bi->sql_telephoneNumberMatch ) )
1107 * to check for matching telephone numbers
1108 * with intermized chars, e.g. val='1234'
1111 * val LIKE '%1%2%3%4%'
1114 bv.bv_len = 2 * filter_value->bv_len - 1;
1115 bv.bv_val = ch_malloc( bv.bv_len + 1 );
1117 bv.bv_val[ 0 ] = filter_value->bv_val[ 0 ];
1118 for ( i = 1; i < filter_value->bv_len; i++ ) {
1119 bv.bv_val[ 2 * i - 1 ] = '%';
1120 bv.bv_val[ 2 * i ] = filter_value->bv_val[ i ];
1122 bv.bv_val[ 2 * i - 1 ] = '\0';
1124 (void)backsql_process_filter_like( bsi, at, casefold, &bv );
1125 ch_free( bv.bv_val );
1130 /* NOTE: this is required by objectClass inheritance
1131 * and auxiliary objectClass use in filters for slightly
1132 * more efficient candidate selection. */
1133 /* FIXME: a bit too many specializations to deal with
1134 * very specific cases... */
1135 if ( at->bam_ad == slap_schema.si_ad_objectClass
1136 || at->bam_ad == slap_schema.si_ad_structuralObjectClass )
1138 backsql_strfcat( &bsi->bsi_flt_where, "lbl",
1139 (ber_len_t)STRLENOF( "(ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */ ),
1140 "(ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */,
1142 (ber_len_t)STRLENOF( /* (' */ "')" ),
1148 * maybe we should check type of at->sel_expr here somehow,
1149 * to know whether upper_func is applicable, but for now
1150 * upper_func stuff is made for Oracle, where UPPER is
1151 * safely applicable to NUMBER etc.
1153 (void)backsql_process_filter_eq( bsi, at, casefold, filter_value );
1156 case LDAP_FILTER_GE:
1157 ordering.bv_val = ">=";
1159 /* fall thru to next case */
1161 case LDAP_FILTER_LE:
1162 filter_value = &f->f_av_value;
1164 /* always uppercase strings by now */
1165 #ifdef BACKSQL_UPPERCASE_FILTER
1166 if ( at->bam_ad->ad_type->sat_ordering &&
1167 SLAP_MR_ASSOCIATED( at->bam_ad->ad_type->sat_ordering,
1168 bi->sql_caseIgnoreMatch ) )
1169 #endif /* BACKSQL_UPPERCASE_FILTER */
1175 * FIXME: should we uppercase the operands?
1177 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
1180 backsql_strfcat( &bsi->bsi_flt_where, "cbbc",
1182 &at->bam_sel_expr_u,
1186 start = bsi->bsi_flt_where.bb_val.bv_len;
1188 backsql_strfcat( &bsi->bsi_flt_where, "bl",
1190 (ber_len_t)STRLENOF( /* (' */ "')" ),
1193 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
1196 backsql_strfcat( &bsi->bsi_flt_where, "cbbcbl",
1202 (ber_len_t)STRLENOF( /* (' */ "')" ),
1207 case LDAP_FILTER_PRESENT:
1208 backsql_strfcat( &bsi->bsi_flt_where, "lbl",
1209 (ber_len_t)STRLENOF( "NOT (" /* ) */),
1212 (ber_len_t)STRLENOF( /* ( */ " IS NULL)" ),
1213 /* ( */ " IS NULL)" );
1216 case LDAP_FILTER_SUBSTRINGS:
1217 backsql_process_sub_filter( bsi, f, at );
1220 case LDAP_FILTER_APPROX:
1221 /* we do our best */
1224 * maybe we should check type of at->sel_expr here somehow,
1225 * to know whether upper_func is applicable, but for now
1226 * upper_func stuff is made for Oracle, where UPPER is
1227 * safely applicable to NUMBER etc.
1229 (void)backsql_process_filter_like( bsi, at, 1, &f->f_av_value );
1233 /* unhandled filter type; should not happen */
1235 backsql_strfcat( &bsi->bsi_flt_where, "l",
1236 (ber_len_t)STRLENOF( "8=8" ), "8=8" );
1241 Debug( LDAP_DEBUG_TRACE, "<==backsql_process_filter_attr(%s)\n",
1242 at->bam_ad->ad_cname.bv_val, 0, 0 );
1248 backsql_srch_query( backsql_srch_info *bsi, struct berval *query )
1250 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
1253 assert( query != NULL );
1254 BER_BVZERO( query );
1256 bsi->bsi_use_subtree_shortcut = 0;
1258 Debug( LDAP_DEBUG_TRACE, "==>backsql_srch_query()\n", 0, 0, 0 );
1259 BER_BVZERO( &bsi->bsi_sel.bb_val );
1260 BER_BVZERO( &bsi->bsi_sel.bb_val );
1261 bsi->bsi_sel.bb_len = 0;
1262 BER_BVZERO( &bsi->bsi_from.bb_val );
1263 bsi->bsi_from.bb_len = 0;
1264 BER_BVZERO( &bsi->bsi_join_where.bb_val );
1265 bsi->bsi_join_where.bb_len = 0;
1266 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
1267 bsi->bsi_flt_where.bb_len = 0;
1269 backsql_strfcat( &bsi->bsi_sel, "lbcbc",
1270 (ber_len_t)STRLENOF( "SELECT DISTINCT ldap_entries.id," ),
1271 "SELECT DISTINCT ldap_entries.id,",
1272 &bsi->bsi_oc->bom_keytbl,
1274 &bsi->bsi_oc->bom_keycol,
1277 if ( !BER_BVISNULL( &bi->sql_strcast_func ) ) {
1278 backsql_strfcat( &bsi->bsi_sel, "blbl",
1279 &bi->sql_strcast_func,
1280 (ber_len_t)STRLENOF( "('" /* ') */ ),
1282 &bsi->bsi_oc->bom_oc->soc_cname,
1283 (ber_len_t)STRLENOF( /* (' */ "')" ),
1286 backsql_strfcat( &bsi->bsi_sel, "cbc",
1288 &bsi->bsi_oc->bom_oc->soc_cname,
1292 backsql_strfcat( &bsi->bsi_sel, "b", &bi->sql_dn_oc_aliasing );
1293 backsql_strfcat( &bsi->bsi_from, "lb",
1294 (ber_len_t)STRLENOF( " FROM ldap_entries," ),
1295 " FROM ldap_entries,",
1296 &bsi->bsi_oc->bom_keytbl );
1298 backsql_strfcat( &bsi->bsi_join_where, "lbcbl",
1299 (ber_len_t)STRLENOF( " WHERE " ), " WHERE ",
1300 &bsi->bsi_oc->bom_keytbl,
1302 &bsi->bsi_oc->bom_keycol,
1303 (ber_len_t)STRLENOF( "=ldap_entries.keyval AND ldap_entries.oc_map_id=? AND " ),
1304 "=ldap_entries.keyval AND ldap_entries.oc_map_id=? AND " );
1306 switch ( bsi->bsi_scope ) {
1307 case LDAP_SCOPE_BASE:
1308 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1309 backsql_strfcat( &bsi->bsi_join_where, "bl",
1310 &bi->sql_upper_func,
1311 (ber_len_t)STRLENOF( "(ldap_entries.dn)=?" ),
1312 "(ldap_entries.dn)=?" );
1314 backsql_strfcat( &bsi->bsi_join_where, "l",
1315 (ber_len_t)STRLENOF( "ldap_entries.dn=?" ),
1316 "ldap_entries.dn=?" );
1320 case BACKSQL_SCOPE_BASE_LIKE:
1321 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1322 backsql_strfcat( &bsi->bsi_join_where, "bl",
1323 &bi->sql_upper_func,
1324 (ber_len_t)STRLENOF( "(ldap_entries.dn) LIKE ?" ),
1325 "(ldap_entries.dn) LIKE ?" );
1327 backsql_strfcat( &bsi->bsi_join_where, "l",
1328 (ber_len_t)STRLENOF( "ldap_entries.dn LIKE ?" ),
1329 "ldap_entries.dn LIKE ?" );
1333 case LDAP_SCOPE_ONELEVEL:
1334 backsql_strfcat( &bsi->bsi_join_where, "l",
1335 (ber_len_t)STRLENOF( "ldap_entries.parent=?" ),
1336 "ldap_entries.parent=?" );
1339 #ifdef LDAP_SCOPE_SUBORDINATE
1340 case LDAP_SCOPE_SUBORDINATE:
1341 #endif /* LDAP_SCOPE_SUBORDINATE */
1342 case LDAP_SCOPE_SUBTREE:
1343 if ( BACKSQL_USE_SUBTREE_SHORTCUT( bi ) ) {
1345 BackendDB *bd = bsi->bsi_op->o_bd;
1347 assert( bd->be_nsuffix != NULL );
1349 for ( i = 0; !BER_BVISNULL( &bd->be_nsuffix[ i ] ); i++ )
1351 if ( dn_match( &bd->be_nsuffix[ i ],
1352 bsi->bsi_base_ndn ) )
1354 /* pass this to the candidate selection
1355 * routine so that the DN is not bound
1356 * to the select statement */
1357 bsi->bsi_use_subtree_shortcut = 1;
1363 if ( bsi->bsi_use_subtree_shortcut ) {
1364 /* Skip the base DN filter, as every entry will match it */
1365 backsql_strfcat( &bsi->bsi_join_where, "l",
1366 (ber_len_t)STRLENOF( "9=9"), "9=9");
1368 } else if ( !BER_BVISNULL( &bi->sql_subtree_cond ) ) {
1369 backsql_strfcat( &bsi->bsi_join_where, "b", &bi->sql_subtree_cond );
1371 } else if ( BACKSQL_CANUPPERCASE( bi ) ) {
1372 backsql_strfcat( &bsi->bsi_join_where, "bl",
1373 &bi->sql_upper_func,
1374 (ber_len_t)STRLENOF( "(ldap_entries.dn) LIKE ?" ),
1375 "(ldap_entries.dn) LIKE ?" );
1378 backsql_strfcat( &bsi->bsi_join_where, "l",
1379 (ber_len_t)STRLENOF( "ldap_entries.dn LIKE ?" ),
1380 "ldap_entries.dn LIKE ?" );
1389 rc = backsql_process_filter( bsi, bsi->bsi_filter );
1391 struct berbuf bb = BB_NULL;
1393 backsql_strfcat( &bb, "bbblb",
1394 &bsi->bsi_sel.bb_val,
1395 &bsi->bsi_from.bb_val,
1396 &bsi->bsi_join_where.bb_val,
1397 (ber_len_t)STRLENOF( " AND " ), " AND ",
1398 &bsi->bsi_flt_where.bb_val );
1402 } else if ( rc < 0 ) {
1404 * Indicates that there's no possible way the filter matches
1405 * anything. No need to issue the query
1407 free( query->bv_val );
1408 BER_BVZERO( query );
1411 free( bsi->bsi_sel.bb_val.bv_val );
1412 BER_BVZERO( &bsi->bsi_sel.bb_val );
1413 bsi->bsi_sel.bb_len = 0;
1414 free( bsi->bsi_from.bb_val.bv_val );
1415 BER_BVZERO( &bsi->bsi_from.bb_val );
1416 bsi->bsi_from.bb_len = 0;
1417 free( bsi->bsi_join_where.bb_val.bv_val );
1418 BER_BVZERO( &bsi->bsi_join_where.bb_val );
1419 bsi->bsi_join_where.bb_len = 0;
1420 free( bsi->bsi_flt_where.bb_val.bv_val );
1421 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
1422 bsi->bsi_flt_where.bb_len = 0;
1424 Debug( LDAP_DEBUG_TRACE, "<==backsql_srch_query() returns %s\n",
1425 query->bv_val ? query->bv_val : "NULL", 0, 0 );
1427 return ( rc <= 0 ? 1 : 0 );
1431 backsql_oc_get_candidates( void *v_oc, void *v_bsi )
1433 backsql_oc_map_rec *oc = v_oc;
1434 backsql_srch_info *bsi = v_bsi;
1435 Operation *op = bsi->bsi_op;
1436 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
1437 struct berval query;
1438 SQLHSTMT sth = SQL_NULL_HSTMT;
1441 BACKSQL_ROW_NTS row;
1444 int n_candidates = bsi->bsi_n_candidates;
1447 * + 1 because we need room for '%';
1448 * + 1 because we need room for ',' for LDAP_SCOPE_SUBORDINATE;
1449 * this makes a subtree
1450 * search for a DN BACKSQL_MAX_DN_LEN long legal
1451 * if it returns that DN only
1453 char tmp_base_ndn[ BACKSQL_MAX_DN_LEN + 1 + 1 ];
1455 bsi->bsi_status = LDAP_SUCCESS;
1457 Debug( LDAP_DEBUG_TRACE, "==>backsql_oc_get_candidates(): oc=\"%s\"\n",
1458 BACKSQL_OC_NAME( oc ), 0, 0 );
1460 /* check for abandon */
1461 if ( op->o_abandon ) {
1462 bsi->bsi_status = SLAPD_ABANDON;
1463 return BACKSQL_AVL_STOP;
1466 if ( bsi->bsi_n_candidates == -1 ) {
1467 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1468 "unchecked limit has been overcome\n", 0, 0, 0 );
1469 /* should never get here */
1471 bsi->bsi_status = LDAP_ADMINLIMIT_EXCEEDED;
1472 return BACKSQL_AVL_STOP;
1476 res = backsql_srch_query( bsi, &query );
1478 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1479 "error while constructing query for objectclass \"%s\"\n",
1480 oc->bom_oc->soc_cname.bv_val, 0, 0 );
1482 * FIXME: need to separate errors from legally
1483 * impossible filters
1485 switch ( bsi->bsi_status ) {
1487 case LDAP_UNDEFINED_TYPE:
1488 case LDAP_NO_SUCH_OBJECT:
1489 /* we are conservative... */
1491 bsi->bsi_status = LDAP_SUCCESS;
1493 return BACKSQL_AVL_CONTINUE;
1495 case LDAP_ADMINLIMIT_EXCEEDED:
1497 /* don't try any more */
1498 return BACKSQL_AVL_STOP;
1502 if ( BER_BVISNULL( &query ) ) {
1503 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1504 "could not construct query for objectclass \"%s\"\n",
1505 oc->bom_oc->soc_cname.bv_val, 0, 0 );
1506 bsi->bsi_status = LDAP_SUCCESS;
1507 return BACKSQL_AVL_CONTINUE;
1510 Debug( LDAP_DEBUG_TRACE, "Constructed query: %s\n",
1511 query.bv_val, 0, 0 );
1513 rc = backsql_Prepare( bsi->bsi_dbh, &sth, query.bv_val, 0 );
1514 free( query.bv_val );
1515 BER_BVZERO( &query );
1516 if ( rc != SQL_SUCCESS ) {
1517 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1518 "error preparing query\n", 0, 0, 0 );
1519 backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh, sth, rc );
1520 bsi->bsi_status = LDAP_OTHER;
1521 return BACKSQL_AVL_CONTINUE;
1524 Debug( LDAP_DEBUG_TRACE, "id: '%ld'\n", bsi->bsi_oc->bom_id, 0, 0 );
1526 rc = backsql_BindParamInt( sth, 1, SQL_PARAM_INPUT,
1527 &bsi->bsi_oc->bom_id );
1528 if ( rc != SQL_SUCCESS ) {
1529 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1530 "error binding objectclass id parameter\n", 0, 0, 0 );
1531 bsi->bsi_status = LDAP_OTHER;
1532 return BACKSQL_AVL_CONTINUE;
1535 switch ( bsi->bsi_scope ) {
1536 case LDAP_SCOPE_BASE:
1537 case BACKSQL_SCOPE_BASE_LIKE:
1539 * We do not accept DNs longer than BACKSQL_MAX_DN_LEN;
1540 * however this should be handled earlier
1542 if ( bsi->bsi_base_ndn->bv_len > BACKSQL_MAX_DN_LEN ) {
1543 bsi->bsi_status = LDAP_OTHER;
1544 return BACKSQL_AVL_CONTINUE;
1547 AC_MEMCPY( tmp_base_ndn, bsi->bsi_base_ndn->bv_val,
1548 bsi->bsi_base_ndn->bv_len + 1 );
1550 /* uppercase DN only if the stored DN can be uppercased
1552 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1553 ldap_pvt_str2upper( tmp_base_ndn );
1556 Debug( LDAP_DEBUG_TRACE, "(base)dn: \"%s\"\n",
1557 tmp_base_ndn, 0, 0 );
1559 rc = backsql_BindParamStr( sth, 2, SQL_PARAM_INPUT,
1560 tmp_base_ndn, BACKSQL_MAX_DN_LEN );
1561 if ( rc != SQL_SUCCESS ) {
1562 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1563 "error binding base_ndn parameter\n", 0, 0, 0 );
1564 backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh,
1566 bsi->bsi_status = LDAP_OTHER;
1567 return BACKSQL_AVL_CONTINUE;
1571 #ifdef LDAP_SCOPE_SUBORDINATE
1572 case LDAP_SCOPE_SUBORDINATE:
1573 #endif /* LDAP_SCOPE_SUBORDINATE */
1574 case LDAP_SCOPE_SUBTREE:
1576 /* if short-cutting the search base,
1577 * don't bind any parameter */
1578 if ( bsi->bsi_use_subtree_shortcut ) {
1583 * We do not accept DNs longer than BACKSQL_MAX_DN_LEN;
1584 * however this should be handled earlier
1586 if ( bsi->bsi_base_ndn->bv_len > BACKSQL_MAX_DN_LEN ) {
1587 bsi->bsi_status = LDAP_OTHER;
1588 return BACKSQL_AVL_CONTINUE;
1592 * Sets the parameters for the SQL built earlier
1593 * NOTE that all the databases could actually use
1594 * the TimesTen version, which would be cleaner
1595 * and would also eliminate the need for the
1596 * subtree_cond line in the configuration file.
1597 * For now, I'm leaving it the way it is,
1598 * so non-TimesTen databases use the original code.
1599 * But at some point this should get cleaned up.
1601 * If "dn" is being used, do a suffix search.
1602 * If "dn_ru" is being used, do a prefix search.
1604 if ( BACKSQL_HAS_LDAPINFO_DN_RU( bi ) ) {
1605 tmp_base_ndn[ 0 ] = '\0';
1607 for ( i = 0, j = bsi->bsi_base_ndn->bv_len - 1;
1609 tmp_base_ndn[ i ] = bsi->bsi_base_ndn->bv_val[ j ];
1612 #ifdef LDAP_SCOPE_SUBORDINATE
1613 if ( bsi->bsi_scope == LDAP_SCOPE_SUBORDINATE ) {
1614 tmp_base_ndn[ i++ ] = ',';
1616 #endif /* LDAP_SCOPE_SUBORDINATE */
1618 tmp_base_ndn[ i ] = '%';
1619 tmp_base_ndn[ i + 1 ] = '\0';
1624 tmp_base_ndn[ i++ ] = '%';
1626 #ifdef LDAP_SCOPE_SUBORDINATE
1627 if ( bsi->bsi_scope == LDAP_SCOPE_SUBORDINATE ) {
1628 tmp_base_ndn[ i++ ] = ',';
1630 #endif /* LDAP_SCOPE_SUBORDINATE */
1632 AC_MEMCPY( &tmp_base_ndn[ i ], bsi->bsi_base_ndn->bv_val,
1633 bsi->bsi_base_ndn->bv_len + 1 );
1636 /* uppercase DN only if the stored DN can be uppercased
1638 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1639 ldap_pvt_str2upper( tmp_base_ndn );
1642 #ifdef LDAP_SCOPE_SUBORDINATE
1643 if ( bsi->bsi_scope == LDAP_SCOPE_SUBORDINATE ) {
1644 Debug( LDAP_DEBUG_TRACE, "(children)dn: \"%s\"\n",
1645 tmp_base_ndn, 0, 0 );
1647 #endif /* LDAP_SCOPE_SUBORDINATE */
1649 Debug( LDAP_DEBUG_TRACE, "(sub)dn: \"%s\"\n",
1650 tmp_base_ndn, 0, 0 );
1653 rc = backsql_BindParamStr( sth, 2, SQL_PARAM_INPUT,
1654 tmp_base_ndn, BACKSQL_MAX_DN_LEN );
1655 if ( rc != SQL_SUCCESS ) {
1656 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1657 "error binding base_ndn parameter (2)\n",
1659 backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh,
1661 bsi->bsi_status = LDAP_OTHER;
1662 return BACKSQL_AVL_CONTINUE;
1667 case LDAP_SCOPE_ONELEVEL:
1668 assert( !BER_BVISNULL( &bsi->bsi_base_id.eid_ndn ) );
1670 #ifdef BACKSQL_ARBITRARY_KEY
1671 Debug( LDAP_DEBUG_TRACE, "(one)id: \"%s\"\n",
1672 bsi->bsi_base_id.eid_id.bv_val, 0, 0 );
1673 #else /* ! BACKSQL_ARBITRARY_KEY */
1674 Debug( LDAP_DEBUG_TRACE, "(one)id: '%lu'\n",
1675 bsi->bsi_base_id.eid_id, 0, 0 );
1676 #endif /* ! BACKSQL_ARBITRARY_KEY */
1677 rc = backsql_BindParamID( sth, 2, SQL_PARAM_INPUT,
1678 &bsi->bsi_base_id.eid_id );
1679 if ( rc != SQL_SUCCESS ) {
1680 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1681 "error binding base id parameter\n", 0, 0, 0 );
1682 bsi->bsi_status = LDAP_OTHER;
1683 return BACKSQL_AVL_CONTINUE;
1688 rc = SQLExecute( sth );
1689 if ( !BACKSQL_SUCCESS( rc ) ) {
1690 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1691 "error executing query\n", 0, 0, 0 );
1692 backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh, sth, rc );
1693 SQLFreeStmt( sth, SQL_DROP );
1694 bsi->bsi_status = LDAP_OTHER;
1695 return BACKSQL_AVL_CONTINUE;
1698 backsql_BindRowAsStrings_x( sth, &row, bsi->bsi_op->o_tmpmemctx );
1699 rc = SQLFetch( sth );
1700 for ( ; BACKSQL_SUCCESS( rc ); rc = SQLFetch( sth ) ) {
1701 struct berval dn, pdn, ndn;
1702 backsql_entryID *c_id = NULL;
1705 ber_str2bv( row.cols[ 3 ], 0, 0, &dn );
1707 if ( backsql_api_odbc2dn( bsi->bsi_op, bsi->bsi_rs, &dn ) ) {
1711 ret = dnPrettyNormal( NULL, &dn, &pdn, &ndn, op->o_tmpmemctx );
1712 if ( dn.bv_val != row.cols[ 3 ] ) {
1716 if ( ret != LDAP_SUCCESS ) {
1720 if ( bi->sql_baseObject && dn_match( &ndn, &bi->sql_baseObject->e_nname ) ) {
1721 op->o_tmpfree( pdn.bv_val, op->o_tmpmemctx );
1722 op->o_tmpfree( ndn.bv_val, op->o_tmpmemctx );
1726 c_id = (backsql_entryID *)ch_calloc( 1,
1727 sizeof( backsql_entryID ) );
1728 #ifdef BACKSQL_ARBITRARY_KEY
1729 ber_str2bv_x( row.cols[ 0 ], 0, 1, &c_id->eid_id,
1731 ber_str2bv_x( row.cols[ 1 ], 0, 1, &c_id->eid_keyval,
1733 #else /* ! BACKSQL_ARBITRARY_KEY */
1734 c_id->eid_id = strtol( row.cols[ 0 ], NULL, 0 );
1735 c_id->eid_keyval = strtol( row.cols[ 1 ], NULL, 0 );
1736 #endif /* ! BACKSQL_ARBITRARY_KEY */
1737 c_id->eid_oc_id = bsi->bsi_oc->bom_id;
1740 c_id->eid_ndn = ndn;
1742 /* append at end of list ... */
1743 c_id->eid_next = NULL;
1744 *bsi->bsi_id_listtail = c_id;
1745 bsi->bsi_id_listtail = &c_id->eid_next;
1747 #ifdef BACKSQL_ARBITRARY_KEY
1748 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1749 "added entry id=%s, keyval=%s dn=\"%s\"\n",
1750 c_id->eid_id.bv_val, c_id->eid_keyval.bv_val,
1752 #else /* ! BACKSQL_ARBITRARY_KEY */
1753 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1754 "added entry id=%ld, keyval=%ld dn=\"%s\"\n",
1755 c_id->eid_id, c_id->eid_keyval, row.cols[ 3 ] );
1756 #endif /* ! BACKSQL_ARBITRARY_KEY */
1758 /* count candidates, for unchecked limit */
1759 bsi->bsi_n_candidates--;
1760 if ( bsi->bsi_n_candidates == -1 ) {
1764 backsql_FreeRow_x( &row, bsi->bsi_op->o_tmpmemctx );
1765 SQLFreeStmt( sth, SQL_DROP );
1767 Debug( LDAP_DEBUG_TRACE, "<==backsql_oc_get_candidates(): %d\n",
1768 n_candidates - bsi->bsi_n_candidates, 0, 0 );
1770 return ( bsi->bsi_n_candidates == -1 ? BACKSQL_AVL_STOP : BACKSQL_AVL_CONTINUE );
1774 backsql_search( Operation *op, SlapReply *rs )
1776 backsql_info *bi = (backsql_info *)op->o_bd->be_private;
1777 SQLHDBC dbh = SQL_NULL_HDBC;
1779 Entry user_entry = { 0 },
1781 int manageDSAit = get_manageDSAit( op );
1782 time_t stoptime = 0;
1783 backsql_srch_info bsi = { 0 };
1784 backsql_entryID *eid = NULL;
1785 struct berval nbase = BER_BVNULL;
1787 Debug( LDAP_DEBUG_TRACE, "==>backsql_search(): "
1788 "base=\"%s\", filter=\"%s\", scope=%d,",
1789 op->o_req_ndn.bv_val,
1790 op->ors_filterstr.bv_val ? op->ors_filterstr.bv_val : "(no filter)",
1792 Debug( LDAP_DEBUG_TRACE, " deref=%d, attrsonly=%d, "
1793 "attributes to load: %s\n",
1796 op->ors_attrs == NULL ? "all" : "custom list" );
1798 if ( op->o_req_ndn.bv_len > BACKSQL_MAX_DN_LEN ) {
1799 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1800 "search base length (%ld) exceeds max length (%d)\n",
1801 op->o_req_ndn.bv_len, BACKSQL_MAX_DN_LEN, 0 );
1803 * FIXME: a LDAP_NO_SUCH_OBJECT could be appropriate
1804 * since it is impossible that such a long DN exists
1807 rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
1808 send_ldap_result( op, rs );
1812 sres = backsql_get_db_conn( op, &dbh );
1813 if ( sres != LDAP_SUCCESS ) {
1814 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1815 "could not get connection handle - exiting\n",
1818 rs->sr_text = sres == LDAP_OTHER ? "SQL-backend error" : NULL;
1819 send_ldap_result( op, rs );
1823 /* compute it anyway; root does not use it */
1824 stoptime = op->o_time + op->ors_tlimit;
1827 bsi.bsi_e = &base_entry;
1828 rs->sr_err = backsql_init_search( &bsi, &op->o_req_ndn,
1830 op->ors_slimit, op->ors_tlimit,
1831 stoptime, op->ors_filter,
1832 dbh, op, rs, op->ors_attrs,
1833 ( BACKSQL_ISF_MATCHED | BACKSQL_ISF_GET_ENTRY ) );
1834 switch ( rs->sr_err ) {
1839 if ( manageDSAit && !BER_BVISNULL( &bsi.bsi_e->e_nname ) &&
1840 dn_match( &op->o_req_ndn, &bsi.bsi_e->e_nname ) )
1842 rs->sr_err = LDAP_SUCCESS;
1844 rs->sr_matched = NULL;
1846 ber_bvarray_free( rs->sr_ref );
1854 #ifdef SLAP_ACL_HONOR_DISCLOSE
1855 if ( !BER_BVISNULL( &base_entry.e_nname )
1856 && ! access_allowed( op, &base_entry,
1857 slap_schema.si_ad_entry, NULL,
1858 ACL_DISCLOSE, NULL ) )
1860 rs->sr_err = LDAP_NO_SUCH_OBJECT;
1862 ber_bvarray_free( rs->sr_ref );
1865 rs->sr_matched = NULL;
1868 #endif /* SLAP_ACL_HONOR_DISCLOSE */
1870 send_ldap_result( op, rs );
1874 #ifdef SLAP_ACL_HONOR_DISCLOSE
1875 /* NOTE: __NEW__ "search" access is required
1876 * on searchBase object */
1880 if ( get_assert( op ) &&
1881 ( test_filter( op, &base_entry, get_assertion( op ) )
1882 != LDAP_COMPARE_TRUE ) )
1884 rs->sr_err = LDAP_ASSERTION_FAILED;
1887 if ( ! access_allowed_mask( op, &base_entry,
1888 slap_schema.si_ad_entry,
1889 NULL, ACL_SEARCH, NULL, &mask ) )
1891 if ( rs->sr_err == LDAP_SUCCESS ) {
1892 rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
1896 if ( rs->sr_err != LDAP_SUCCESS ) {
1897 if ( !ACL_GRANT( mask, ACL_DISCLOSE ) ) {
1898 rs->sr_err = LDAP_NO_SUCH_OBJECT;
1901 send_ldap_result( op, rs );
1905 #endif /* SLAP_ACL_HONOR_DISCLOSE */
1909 bsi.bsi_n_candidates =
1910 ( op->ors_limit == NULL /* isroot == TRUE */ ? -2 :
1911 ( op->ors_limit->lms_s_unchecked == -1 ? -2 :
1912 ( op->ors_limit->lms_s_unchecked ) ) );
1914 switch ( bsi.bsi_scope ) {
1915 case LDAP_SCOPE_BASE:
1916 case BACKSQL_SCOPE_BASE_LIKE:
1918 * probably already found...
1920 bsi.bsi_id_list = &bsi.bsi_base_id;
1921 bsi.bsi_id_listtail = &bsi.bsi_base_id.eid_next;
1924 case LDAP_SCOPE_SUBTREE:
1926 * if baseObject is defined, and if it is the root
1927 * of the search, add it to the candidate list
1929 if ( bi->sql_baseObject && BACKSQL_IS_BASEOBJECT_ID( &bsi.bsi_base_id.eid_id ) )
1931 bsi.bsi_id_list = &bsi.bsi_base_id;
1932 bsi.bsi_id_listtail = &bsi.bsi_base_id.eid_next;
1939 * for each objectclass we try to construct query which gets IDs
1940 * of entries matching LDAP query filter and scope (or at least
1941 * candidates), and get the IDs
1943 avl_apply( bi->sql_oc_by_oc, backsql_oc_get_candidates,
1944 &bsi, BACKSQL_AVL_STOP, AVL_INORDER );
1946 /* check for abandon */
1947 if ( op->o_abandon ) {
1948 rs->sr_err = SLAPD_ABANDON;
1953 if ( op->ors_limit != NULL /* isroot == FALSE */
1954 && op->ors_limit->lms_s_unchecked != -1
1955 && bsi.bsi_n_candidates == -1 )
1957 rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
1958 send_ldap_result( op, rs );
1963 * now we load candidate entries (only those attributes
1964 * mentioned in attrs and filter), test it against full filter
1965 * and then send to client; don't free entry_id if baseObject...
1967 for ( eid = bsi.bsi_id_list;
1969 eid = backsql_free_entryID( op,
1970 eid, eid == &bsi.bsi_base_id ? 0 : 1 ) )
1973 Attribute *a_hasSubordinate = NULL,
1974 *a_entryUUID = NULL,
1979 /* check for abandon */
1980 if ( op->o_abandon ) {
1981 rs->sr_err = SLAPD_ABANDON;
1985 /* check time limit */
1986 if ( op->ors_tlimit != SLAP_NO_LIMIT
1987 && slap_get_time() > stoptime )
1989 rs->sr_err = LDAP_TIMELIMIT_EXCEEDED;
1990 rs->sr_ctrls = NULL;
1991 rs->sr_ref = rs->sr_v2ref;
1995 #ifdef BACKSQL_ARBITRARY_KEY
1996 Debug(LDAP_DEBUG_TRACE, "backsql_search(): loading data "
1997 "for entry id=%s, oc_id=%ld, keyval=%s\n",
1998 eid->eid_id.bv_val, eid->eid_oc_id,
1999 eid->eid_keyval.bv_val );
2000 #else /* ! BACKSQL_ARBITRARY_KEY */
2001 Debug(LDAP_DEBUG_TRACE, "backsql_search(): loading data "
2002 "for entry id=%ld, oc_id=%ld, keyval=%ld\n",
2003 eid->eid_id, eid->eid_oc_id, eid->eid_keyval );
2004 #endif /* ! BACKSQL_ARBITRARY_KEY */
2007 switch ( op->ors_scope ) {
2008 case LDAP_SCOPE_BASE:
2009 case BACKSQL_SCOPE_BASE_LIKE:
2010 if ( !dn_match( &eid->eid_ndn, &op->o_req_ndn ) ) {
2015 case LDAP_SCOPE_ONE:
2017 struct berval rdn = eid->eid_ndn;
2019 rdn.bv_len -= op->o_req_ndn.bv_len + STRLENOF( "," );
2020 if ( !dnIsOneLevelRDN( &rdn ) ) {
2026 #ifdef LDAP_SCOPE_SUBORDINATE
2027 case LDAP_SCOPE_SUBORDINATE:
2028 /* discard the baseObject entry */
2029 if ( dn_match( &eid->eid_ndn, &op->o_req_ndn ) ) {
2033 #endif /* LDAP_SCOPE_SUBORDINATE */
2035 case LDAP_SCOPE_SUBTREE:
2036 /* FIXME: this should never fail... */
2037 if ( !dnIsSuffix( &eid->eid_ndn, &op->o_req_ndn ) ) {
2044 if ( BACKSQL_IS_BASEOBJECT_ID( &eid->eid_id ) ) {
2045 /* don't recollect baseObject... */
2046 e = bi->sql_baseObject;
2048 } else if ( eid == &bsi.bsi_base_id ) {
2049 /* don't recollect searchBase object... */
2053 bsi.bsi_e = &user_entry;
2054 rc = backsql_id2entry( &bsi, eid );
2055 if ( rc != LDAP_SUCCESS ) {
2056 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
2057 "error %d in backsql_id2entry() "
2058 "- skipping\n", rc, 0, 0 );
2064 if ( !manageDSAit &&
2065 op->ors_scope != LDAP_SCOPE_BASE &&
2066 op->ors_scope != BACKSQL_SCOPE_BASE_LIKE &&
2067 is_entry_referral( e ) )
2071 refs = get_entry_referrals( op, e );
2073 backsql_srch_info bsi2 = { 0 };
2074 Entry user_entry2 = { 0 };
2076 /* retry with the full entry... */
2077 bsi2.bsi_e = &user_entry2;
2078 rc = backsql_init_search( &bsi2,
2081 SLAP_NO_LIMIT, SLAP_NO_LIMIT,
2084 BACKSQL_ISF_GET_ENTRY );
2085 if ( rc == LDAP_SUCCESS ) {
2086 if ( is_entry_referral( &user_entry2 ) )
2088 refs = get_entry_referrals( op,
2091 rs->sr_err = LDAP_OTHER;
2093 backsql_entry_clean( op, &user_entry2 );
2095 if ( bsi2.bsi_attrs != NULL ) {
2096 op->o_tmpfree( bsi2.bsi_attrs,
2102 rs->sr_ref = referral_rewrite( refs,
2106 ber_bvarray_free( refs );
2110 rs->sr_err = LDAP_REFERRAL;
2113 rs->sr_text = "bad referral object";
2117 rs->sr_matched = user_entry.e_name.bv_val;
2118 send_search_reference( op, rs );
2120 ber_bvarray_free( rs->sr_ref );
2122 rs->sr_matched = NULL;
2123 rs->sr_entry = NULL;
2129 * We use this flag since we need to parse the filter
2130 * anyway; we should have used the frontend API function
2131 * filter_has_subordinates()
2133 if ( bsi.bsi_flags & BSQL_SF_FILTER_HASSUBORDINATE ) {
2134 rc = backsql_has_children( op, dbh, &e->e_nname );
2137 case LDAP_COMPARE_TRUE:
2138 case LDAP_COMPARE_FALSE:
2139 a_hasSubordinate = slap_operational_hasSubordinate( rc == LDAP_COMPARE_TRUE );
2140 if ( a_hasSubordinate != NULL ) {
2141 for ( ap = &user_entry.e_attrs;
2143 ap = &(*ap)->a_next );
2145 *ap = a_hasSubordinate;
2151 Debug(LDAP_DEBUG_TRACE,
2152 "backsql_search(): "
2153 "has_children failed( %d)\n",
2160 if ( bsi.bsi_flags & BSQL_SF_FILTER_ENTRYUUID ) {
2161 a_entryUUID = backsql_operational_entryUUID( bi, eid );
2162 if ( a_entryUUID != NULL ) {
2164 ap = &user_entry.e_attrs;
2167 for ( ; *ap; ap = &(*ap)->a_next );
2173 #ifdef BACKSQL_SYNCPROV
2174 if ( bsi.bsi_flags & BSQL_SF_FILTER_ENTRYCSN ) {
2175 a_entryCSN = backsql_operational_entryCSN( op );
2176 if ( a_entryCSN != NULL ) {
2178 ap = &user_entry.e_attrs;
2181 for ( ; *ap; ap = &(*ap)->a_next );
2186 #endif /* BACKSQL_SYNCPROV */
2188 if ( test_filter( op, e, op->ors_filter ) == LDAP_COMPARE_TRUE )
2190 rs->sr_attrs = op->ors_attrs;
2191 rs->sr_operational_attrs = NULL;
2193 if ( e == &user_entry ) {
2194 rs->sr_flags = REP_ENTRY_MODIFIABLE;
2196 /* FIXME: need the whole entry (ITS#3480) */
2197 sres = send_search_entry( op, rs );
2198 rs->sr_entry = NULL;
2199 rs->sr_attrs = NULL;
2200 rs->sr_operational_attrs = NULL;
2204 * FIXME: send_search_entry failed;
2207 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
2208 "connection lost\n", 0, 0, 0 );
2214 if ( e == &user_entry ) {
2215 backsql_entry_clean( op, &user_entry );
2219 if ( op->ors_slimit != SLAP_NO_LIMIT
2220 && rs->sr_nentries >= op->ors_slimit )
2222 rs->sr_err = LDAP_SIZELIMIT_EXCEEDED;
2228 if ( rs->sr_nentries > 0 ) {
2229 rs->sr_ref = rs->sr_v2ref;
2230 rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS
2234 rs->sr_err = bsi.bsi_status;
2238 if ( rs->sr_err != SLAPD_ABANDON ) {
2239 send_ldap_result( op, rs );
2242 backsql_entry_clean( op, &base_entry );
2244 /* in case we got here accidentally */
2245 backsql_entry_clean( op, &user_entry );
2247 if ( rs->sr_v2ref ) {
2248 ber_bvarray_free( rs->sr_v2ref );
2249 rs->sr_v2ref = NULL;
2252 #ifdef BACKSQL_SYNCPROV
2254 Operation op2 = *op;
2255 SlapReply rs2 = { 0 };
2257 slap_callback cb = { 0 };
2259 op2.o_tag = LDAP_REQ_ADD;
2260 op2.o_bd = select_backend( &op->o_bd->be_nsuffix[0], 0, 0 );
2262 op2.o_callback = &cb;
2264 e.e_name = op->o_bd->be_suffix[0];
2265 e.e_nname = op->o_bd->be_nsuffix[0];
2267 cb.sc_response = slap_null_cb;
2269 op2.o_bd->be_add( &op2, &rs2 );
2271 #endif /* BACKSQL_SYNCPROV */
2274 (void)backsql_free_entryID( op, &bsi.bsi_base_id, 0 );
2276 if ( bsi.bsi_attrs != NULL ) {
2277 op->o_tmpfree( bsi.bsi_attrs, op->o_tmpmemctx );
2280 if ( !BER_BVISNULL( &nbase )
2281 && nbase.bv_val != op->o_req_ndn.bv_val )
2283 ch_free( nbase.bv_val );
2286 /* restore scope ... FIXME: this should be done before ANY
2287 * frontend call that uses op */
2288 if ( op->ors_scope == BACKSQL_SCOPE_BASE_LIKE ) {
2289 op->ors_scope = LDAP_SCOPE_BASE;
2292 Debug( LDAP_DEBUG_TRACE, "<==backsql_search()\n", 0, 0, 0 );
2297 /* return LDAP_SUCCESS IFF we can retrieve the specified entry.
2304 AttributeDescription *at,
2308 backsql_srch_info bsi = { 0 };
2309 SQLHDBC dbh = SQL_NULL_HDBC;
2311 SlapReply rs = { 0 };
2312 AttributeName anlist[ 2 ];
2316 rc = backsql_get_db_conn( op, &dbh );
2322 anlist[ 0 ].an_name = at->ad_cname;
2323 anlist[ 0 ].an_desc = at;
2324 BER_BVZERO( &anlist[ 1 ].an_name );
2327 bsi.bsi_e = ch_malloc( sizeof( Entry ) );
2328 rc = backsql_init_search( &bsi,
2331 SLAP_NO_LIMIT, SLAP_NO_LIMIT,
2333 dbh, op, &rs, at ? anlist : NULL,
2334 BACKSQL_ISF_GET_ENTRY );
2336 if ( !BER_BVISNULL( &bsi.bsi_base_id.eid_ndn ) ) {
2337 (void)backsql_free_entryID( op, &bsi.bsi_base_id, 0 );
2340 if ( rc == LDAP_SUCCESS ) {
2342 #if 0 /* not supported at present */
2343 /* find attribute values */
2344 if ( is_entry_alias( bsi.bsi_e ) ) {
2345 Debug( LDAP_DEBUG_ACL,
2346 "<= backsql_entry_get: entry is an alias\n",
2348 rc = LDAP_ALIAS_PROBLEM;
2349 goto return_results;
2353 if ( is_entry_referral( bsi.bsi_e ) ) {
2354 Debug( LDAP_DEBUG_ACL,
2355 "<= backsql_entry_get: entry is a referral\n",
2358 goto return_results;
2361 if ( oc && !is_entry_objectclass( bsi.bsi_e, oc, 0 ) ) {
2362 Debug( LDAP_DEBUG_ACL,
2363 "<= backsql_entry_get: "
2364 "failed to find objectClass\n",
2366 rc = LDAP_NO_SUCH_ATTRIBUTE;
2367 goto return_results;
2374 if ( bsi.bsi_attrs != NULL ) {
2375 op->o_tmpfree( bsi.bsi_attrs, op->o_tmpmemctx );
2378 if ( rc != LDAP_SUCCESS ) {
2380 entry_free( bsi.bsi_e );
2388 backsql_entry_clean(
2394 ctx = ldap_pvt_thread_pool_context();
2396 if ( ctx == NULL || ctx != op->o_tmpmemctx ) {
2397 if ( !BER_BVISNULL( &e->e_name ) ) {
2398 op->o_tmpfree( e->e_name.bv_val, op->o_tmpmemctx );
2399 BER_BVZERO( &e->e_name );
2402 if ( !BER_BVISNULL( &e->e_nname ) ) {
2403 op->o_tmpfree( e->e_nname.bv_val, op->o_tmpmemctx );
2404 BER_BVZERO( &e->e_nname );
2412 backsql_entry_release(
2417 backsql_entry_clean( op, e );