2 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
4 * Copyright 1999-2006 The OpenLDAP Foundation.
5 * Portions Copyright 1999 Dmitry Kovalev.
6 * Portions Copyright 2002 Pierangelo Masarati.
7 * Portions Copyright 2004 Mark Adamson.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted only as authorized by the OpenLDAP
14 * A copy of this license is available in the file LICENSE in the
15 * top-level directory of the distribution or, alternatively, at
16 * <http://www.OpenLDAP.org/license.html>.
19 * This work was initially developed by Dmitry Kovalev for inclusion
20 * by OpenLDAP Software. Additional significant contributors include
21 * Pierangelo Masarati and Mark Adamson.
27 #include <sys/types.h>
28 #include "ac/string.h"
33 #include "proto-sql.h"
35 static int backsql_process_filter( backsql_srch_info *bsi, Filter *f );
36 static int backsql_process_filter_eq( backsql_srch_info *bsi,
37 backsql_at_map_rec *at,
38 int casefold, struct berval *filter_value );
39 static int backsql_process_filter_like( backsql_srch_info *bsi,
40 backsql_at_map_rec *at,
41 int casefold, struct berval *filter_value );
42 static int backsql_process_filter_attr( backsql_srch_info *bsi, Filter *f,
43 backsql_at_map_rec *at );
46 backsql_attrlist_add( backsql_srch_info *bsi, AttributeDescription *ad )
49 AttributeName *an = NULL;
51 if ( bsi->bsi_attrs == NULL ) {
56 * clear the list (retrieve all attrs)
59 bsi->bsi_op->o_tmpfree( bsi->bsi_attrs, bsi->bsi_op->o_tmpmemctx );
60 bsi->bsi_attrs = NULL;
61 bsi->bsi_flags |= BSQL_SF_ALL_ATTRS;
65 for ( ; !BER_BVISNULL( &bsi->bsi_attrs[ n_attrs ].an_name ); n_attrs++ ) {
66 an = &bsi->bsi_attrs[ n_attrs ];
68 Debug( LDAP_DEBUG_TRACE, "==>backsql_attrlist_add(): "
69 "attribute \"%s\" is in list\n",
70 an->an_name.bv_val, 0, 0 );
72 * We can live with strcmp because the attribute
73 * list has been normalized before calling be_search
75 if ( !BACKSQL_NCMP( &an->an_name, &ad->ad_cname ) ) {
80 Debug( LDAP_DEBUG_TRACE, "==>backsql_attrlist_add(): "
81 "adding \"%s\" to list\n", ad->ad_cname.bv_val, 0, 0 );
83 an = (AttributeName *)bsi->bsi_op->o_tmprealloc( bsi->bsi_attrs,
84 sizeof( AttributeName ) * ( n_attrs + 2 ),
85 bsi->bsi_op->o_tmpmemctx );
90 an[ n_attrs ].an_name = ad->ad_cname;
91 an[ n_attrs ].an_desc = ad;
92 BER_BVZERO( &an[ n_attrs + 1 ].an_name );
100 * Initializes the search structure.
102 * If get_base_id != 0, the field bsi_base_id is filled
103 * with the entryID of bsi_base_ndn; it must be freed
104 * by backsql_free_entryID() when no longer required.
106 * NOTE: base must be normalized
110 backsql_srch_info *bsi,
111 struct berval *nbase,
118 AttributeName *attrs,
121 backsql_info *bi = (backsql_info *)op->o_bd->be_private;
122 int rc = LDAP_SUCCESS;
124 bsi->bsi_base_ndn = nbase;
125 bsi->bsi_use_subtree_shortcut = 0;
126 BER_BVZERO( &bsi->bsi_base_id.eid_dn );
127 BER_BVZERO( &bsi->bsi_base_id.eid_ndn );
128 bsi->bsi_scope = scope;
129 bsi->bsi_filter = filter;
133 bsi->bsi_flags = BSQL_SF_NONE;
135 bsi->bsi_attrs = NULL;
137 if ( BACKSQL_FETCH_ALL_ATTRS( bi ) ) {
139 * if requested, simply try to fetch all attributes
141 bsi->bsi_flags |= BSQL_SF_ALL_ATTRS;
144 if ( BACKSQL_FETCH_ALL_USERATTRS( bi ) ) {
145 bsi->bsi_flags |= BSQL_SF_ALL_USER;
147 } else if ( BACKSQL_FETCH_ALL_OPATTRS( bi ) ) {
148 bsi->bsi_flags |= BSQL_SF_ALL_OPER;
151 if ( attrs == NULL ) {
152 /* NULL means all user attributes */
153 bsi->bsi_flags |= BSQL_SF_ALL_USER;
159 bsi->bsi_attrs = (AttributeName *)bsi->bsi_op->o_tmpalloc(
160 sizeof( AttributeName ),
161 bsi->bsi_op->o_tmpmemctx );
162 BER_BVZERO( &bsi->bsi_attrs[ 0 ].an_name );
164 for ( p = attrs; !BER_BVISNULL( &p->an_name ); p++ ) {
165 if ( BACKSQL_NCMP( &p->an_name, &AllUser ) == 0 ) {
167 bsi->bsi_flags |= BSQL_SF_ALL_USER;
169 /* if all attrs are requested, there's
170 * no need to continue */
171 if ( BSQL_ISF_ALL_ATTRS( bsi ) ) {
172 bsi->bsi_op->o_tmpfree( bsi->bsi_attrs,
173 bsi->bsi_op->o_tmpmemctx );
174 bsi->bsi_attrs = NULL;
179 } else if ( BACKSQL_NCMP( &p->an_name, &AllOper ) == 0 ) {
181 bsi->bsi_flags |= BSQL_SF_ALL_OPER;
183 /* if all attrs are requested, there's
184 * no need to continue */
185 if ( BSQL_ISF_ALL_ATTRS( bsi ) ) {
186 bsi->bsi_op->o_tmpfree( bsi->bsi_attrs,
187 bsi->bsi_op->o_tmpmemctx );
188 bsi->bsi_attrs = NULL;
193 } else if ( BACKSQL_NCMP( &p->an_name, &NoAttrs ) == 0 ) {
197 } else if ( p->an_desc == slap_schema.si_ad_objectClass ) {
201 backsql_attrlist_add( bsi, p->an_desc );
204 if ( got_oc == 0 && !( bsi->bsi_flags & BSQL_SF_ALL_USER ) ) {
205 /* add objectClass if not present,
206 * because it is required to understand
207 * if an entry is a referral, an alias
209 backsql_attrlist_add( bsi, slap_schema.si_ad_objectClass );
213 if ( !BSQL_ISF_ALL_ATTRS( bsi ) && bi->sql_anlist ) {
216 /* use hints if available */
217 for ( p = bi->sql_anlist; !BER_BVISNULL( &p->an_name ); p++ ) {
218 if ( BACKSQL_NCMP( &p->an_name, &AllUser ) == 0 ) {
220 bsi->bsi_flags |= BSQL_SF_ALL_USER;
222 /* if all attrs are requested, there's
223 * no need to continue */
224 if ( BSQL_ISF_ALL_ATTRS( bsi ) ) {
225 bsi->bsi_op->o_tmpfree( bsi->bsi_attrs,
226 bsi->bsi_op->o_tmpmemctx );
227 bsi->bsi_attrs = NULL;
232 } else if ( BACKSQL_NCMP( &p->an_name, &AllOper ) == 0 ) {
234 bsi->bsi_flags |= BSQL_SF_ALL_OPER;
236 /* if all attrs are requested, there's
237 * no need to continue */
238 if ( BSQL_ISF_ALL_ATTRS( bsi ) ) {
239 bsi->bsi_op->o_tmpfree( bsi->bsi_attrs,
240 bsi->bsi_op->o_tmpmemctx );
241 bsi->bsi_attrs = NULL;
247 backsql_attrlist_add( bsi, p->an_desc );
253 bsi->bsi_id_list = NULL;
254 bsi->bsi_id_listtail = &bsi->bsi_id_list;
255 bsi->bsi_n_candidates = 0;
256 bsi->bsi_stoptime = stoptime;
257 BER_BVZERO( &bsi->bsi_sel.bb_val );
258 bsi->bsi_sel.bb_len = 0;
259 BER_BVZERO( &bsi->bsi_from.bb_val );
260 bsi->bsi_from.bb_len = 0;
261 BER_BVZERO( &bsi->bsi_join_where.bb_val );
262 bsi->bsi_join_where.bb_len = 0;
263 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
264 bsi->bsi_flt_where.bb_len = 0;
265 bsi->bsi_filter_oc = NULL;
267 if ( BACKSQL_IS_GET_ID( flags ) ) {
268 int matched = BACKSQL_IS_MATCHED( flags );
269 int getentry = BACKSQL_IS_GET_ENTRY( flags );
272 assert( op->o_bd->be_private != NULL );
274 rc = backsql_dn2id( op, rs, dbh, nbase, &bsi->bsi_base_id,
277 /* the entry is collected either if requested for by getentry
278 * or if get noSuchObject and requested to climb the tree,
279 * so that a matchedDN or a referral can be returned */
280 if ( ( rc == LDAP_NO_SUCH_OBJECT && matched ) || getentry ) {
281 if ( !BER_BVISNULL( &bsi->bsi_base_id.eid_ndn ) ) {
282 assert( bsi->bsi_e != NULL );
284 if ( dn_match( nbase, &bsi->bsi_base_id.eid_ndn ) )
290 * let's see if it is a referral and, in case, get it
292 backsql_attrlist_add( bsi, slap_schema.si_ad_ref );
293 rc = backsql_id2entry( bsi, &bsi->bsi_base_id );
294 if ( rc == LDAP_SUCCESS ) {
295 if ( is_entry_referral( bsi->bsi_e ) )
297 BerVarray erefs = get_entry_referrals( op, bsi->bsi_e );
299 rc = rs->sr_err = LDAP_REFERRAL;
300 rs->sr_ref = referral_rewrite( erefs,
301 &bsi->bsi_e->e_nname,
304 ber_bvarray_free( erefs );
307 rc = rs->sr_err = LDAP_OTHER;
308 rs->sr_text = "bad referral object";
311 } else if ( !gotit ) {
312 rc = rs->sr_err = LDAP_NO_SUCH_OBJECT;
317 rs->sr_ref = referral_rewrite( default_referral,
318 NULL, &op->o_req_dn, scope );
319 rc = rs->sr_err = LDAP_REFERRAL;
324 bsi->bsi_status = rc;
332 bsi->bsi_op->o_tmpfree( bsi->bsi_attrs,
333 bsi->bsi_op->o_tmpmemctx );
341 backsql_process_filter_list( backsql_srch_info *bsi, Filter *f, int op )
349 backsql_strfcat_x( &bsi->bsi_flt_where,
350 bsi->bsi_op->o_tmpmemctx, "c", '(' /* ) */ );
353 res = backsql_process_filter( bsi, f );
356 * TimesTen : If the query has no answers,
357 * don't bother to run the query.
368 case LDAP_FILTER_AND:
369 backsql_strfcat_x( &bsi->bsi_flt_where,
370 bsi->bsi_op->o_tmpmemctx, "l",
371 (ber_len_t)STRLENOF( " AND " ),
376 backsql_strfcat_x( &bsi->bsi_flt_where,
377 bsi->bsi_op->o_tmpmemctx, "l",
378 (ber_len_t)STRLENOF( " OR " ),
384 backsql_strfcat_x( &bsi->bsi_flt_where,
385 bsi->bsi_op->o_tmpmemctx, "c", /* ( */ ')' );
391 backsql_process_sub_filter( backsql_srch_info *bsi, Filter *f,
392 backsql_at_map_rec *at )
394 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
402 /* always uppercase strings by now */
403 #ifdef BACKSQL_UPPERCASE_FILTER
404 if ( f->f_sub_desc->ad_type->sat_substr &&
405 SLAP_MR_ASSOCIATED( f->f_sub_desc->ad_type->sat_substr,
406 bi->sql_caseIgnoreMatch ) )
407 #endif /* BACKSQL_UPPERCASE_FILTER */
412 if ( f->f_sub_desc->ad_type->sat_substr &&
413 SLAP_MR_ASSOCIATED( f->f_sub_desc->ad_type->sat_substr,
414 bi->sql_telephoneNumberMatch ) )
421 * to check for matching telephone numbers
422 * with intermixed chars, e.g. val='1234'
425 * val LIKE '%1%2%3%4%'
429 if ( f->f_sub_initial.bv_val ) {
430 bv.bv_len += f->f_sub_initial.bv_len;
432 if ( f->f_sub_any != NULL ) {
433 for ( a = 0; f->f_sub_any[ a ].bv_val != NULL; a++ ) {
434 bv.bv_len += f->f_sub_any[ a ].bv_len;
437 if ( f->f_sub_final.bv_val ) {
438 bv.bv_len += f->f_sub_final.bv_len;
440 bv.bv_len = 2 * bv.bv_len - 1;
441 bv.bv_val = ch_malloc( bv.bv_len + 1 );
444 if ( !BER_BVISNULL( &f->f_sub_initial ) ) {
445 bv.bv_val[ s ] = f->f_sub_initial.bv_val[ 0 ];
446 for ( i = 1; i < f->f_sub_initial.bv_len; i++ ) {
447 bv.bv_val[ s + 2 * i - 1 ] = '%';
448 bv.bv_val[ s + 2 * i ] = f->f_sub_initial.bv_val[ i ];
450 bv.bv_val[ s + 2 * i - 1 ] = '%';
454 if ( f->f_sub_any != NULL ) {
455 for ( a = 0; !BER_BVISNULL( &f->f_sub_any[ a ] ); a++ ) {
456 bv.bv_val[ s ] = f->f_sub_any[ a ].bv_val[ 0 ];
457 for ( i = 1; i < f->f_sub_any[ a ].bv_len; i++ ) {
458 bv.bv_val[ s + 2 * i - 1 ] = '%';
459 bv.bv_val[ s + 2 * i ] = f->f_sub_any[ a ].bv_val[ i ];
461 bv.bv_val[ s + 2 * i - 1 ] = '%';
466 if ( !BER_BVISNULL( &f->f_sub_final ) ) {
467 bv.bv_val[ s ] = f->f_sub_final.bv_val[ 0 ];
468 for ( i = 1; i < f->f_sub_final.bv_len; i++ ) {
469 bv.bv_val[ s + 2 * i - 1 ] = '%';
470 bv.bv_val[ s + 2 * i ] = f->f_sub_final.bv_val[ i ];
472 bv.bv_val[ s + 2 * i - 1 ] = '%';
476 bv.bv_val[ s - 1 ] = '\0';
478 (void)backsql_process_filter_like( bsi, at, casefold, &bv );
479 ch_free( bv.bv_val );
485 * When dealing with case-sensitive strings
486 * we may omit normalization; however, normalized
487 * SQL filters are more liberal.
490 backsql_strfcat_x( &bsi->bsi_flt_where,
491 bsi->bsi_op->o_tmpmemctx, "c", '(' /* ) */ );
494 Debug( LDAP_DEBUG_TRACE, "backsql_process_sub_filter(%s):\n",
495 at->bam_ad->ad_cname.bv_val, 0, 0 );
496 Debug(LDAP_DEBUG_TRACE, " expr: '%s%s%s'\n", at->bam_sel_expr.bv_val,
497 at->bam_sel_expr_u.bv_val ? "' '" : "",
498 at->bam_sel_expr_u.bv_val ? at->bam_sel_expr_u.bv_val : "" );
499 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
501 * If a pre-upper-cased version of the column
502 * or a precompiled upper function exists, use it
504 backsql_strfcat_x( &bsi->bsi_flt_where,
505 bsi->bsi_op->o_tmpmemctx,
508 (ber_len_t)STRLENOF( " LIKE '" ),
512 backsql_strfcat_x( &bsi->bsi_flt_where,
513 bsi->bsi_op->o_tmpmemctx,
516 (ber_len_t)STRLENOF( " LIKE '" ), " LIKE '" );
519 if ( !BER_BVISNULL( &f->f_sub_initial ) ) {
523 Debug( LDAP_DEBUG_TRACE,
524 "==>backsql_process_sub_filter(%s): "
525 "sub_initial=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
526 f->f_sub_initial.bv_val, 0 );
527 #endif /* BACKSQL_TRACE */
529 start = bsi->bsi_flt_where.bb_val.bv_len;
530 backsql_strfcat_x( &bsi->bsi_flt_where,
531 bsi->bsi_op->o_tmpmemctx,
534 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
535 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
539 backsql_strfcat_x( &bsi->bsi_flt_where,
540 bsi->bsi_op->o_tmpmemctx,
543 if ( f->f_sub_any != NULL ) {
544 for ( i = 0; !BER_BVISNULL( &f->f_sub_any[ i ] ); i++ ) {
548 Debug( LDAP_DEBUG_TRACE,
549 "==>backsql_process_sub_filter(%s): "
550 "sub_any[%d]=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
551 i, f->f_sub_any[ i ].bv_val );
552 #endif /* BACKSQL_TRACE */
554 start = bsi->bsi_flt_where.bb_val.bv_len;
555 backsql_strfcat_x( &bsi->bsi_flt_where,
556 bsi->bsi_op->o_tmpmemctx,
560 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
562 * Note: toupper('%') = '%'
564 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
569 if ( !BER_BVISNULL( &f->f_sub_final ) ) {
573 Debug( LDAP_DEBUG_TRACE,
574 "==>backsql_process_sub_filter(%s): "
575 "sub_final=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
576 f->f_sub_final.bv_val, 0 );
577 #endif /* BACKSQL_TRACE */
579 start = bsi->bsi_flt_where.bb_val.bv_len;
580 backsql_strfcat_x( &bsi->bsi_flt_where,
581 bsi->bsi_op->o_tmpmemctx,
584 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
585 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
589 backsql_strfcat_x( &bsi->bsi_flt_where,
590 bsi->bsi_op->o_tmpmemctx,
592 (ber_len_t)STRLENOF( /* (' */ "')" ), /* (' */ "')" );
598 backsql_merge_from_tbls( backsql_srch_info *bsi, struct berval *from_tbls )
600 if ( BER_BVISNULL( from_tbls ) ) {
604 if ( !BER_BVISNULL( &bsi->bsi_from.bb_val ) ) {
608 ber_dupbv_x( &tmp, from_tbls, bsi->bsi_op->o_tmpmemctx );
610 for ( start = tmp.bv_val, end = strchr( start, ',' ); start; ) {
615 if ( strstr( bsi->bsi_from.bb_val.bv_val, start) == NULL )
617 backsql_strfcat_x( &bsi->bsi_from,
618 bsi->bsi_op->o_tmpmemctx,
623 /* in case there are spaces after the comma... */
624 for ( start = &end[1]; isspace( start[0] ); start++ );
626 end = strchr( start, ',' );
635 bsi->bsi_op->o_tmpfree( tmp.bv_val, bsi->bsi_op->o_tmpmemctx );
638 backsql_strfcat_x( &bsi->bsi_from,
639 bsi->bsi_op->o_tmpmemctx,
647 backsql_process_filter( backsql_srch_info *bsi, Filter *f )
649 backsql_at_map_rec **vat = NULL;
650 AttributeDescription *ad = NULL;
655 Debug( LDAP_DEBUG_TRACE, "==>backsql_process_filter()\n", 0, 0, 0 );
656 if ( f->f_choice == SLAPD_FILTER_COMPUTED ) {
660 switch ( f->f_result ) {
661 case LDAP_COMPARE_TRUE:
662 BER_BVSTR( &flt, "10=10" );
666 case LDAP_COMPARE_FALSE:
667 BER_BVSTR( &flt, "11=0" );
671 case SLAPD_COMPARE_UNDEFINED:
672 BER_BVSTR( &flt, "12=0" );
681 Debug( LDAP_DEBUG_TRACE, "backsql_process_filter(): "
682 "filter computed (%s)\n", msg, 0, 0 );
683 backsql_strfcat_x( &bsi->bsi_flt_where,
684 bsi->bsi_op->o_tmpmemctx, "b", &flt );
689 switch( f->f_choice ) {
691 rc = backsql_process_filter_list( bsi, f->f_or,
696 case LDAP_FILTER_AND:
697 rc = backsql_process_filter_list( bsi, f->f_and,
702 case LDAP_FILTER_NOT:
703 backsql_strfcat_x( &bsi->bsi_flt_where,
704 bsi->bsi_op->o_tmpmemctx,
706 (ber_len_t)STRLENOF( "NOT (" /* ) */ ),
708 rc = backsql_process_filter( bsi, f->f_not );
709 backsql_strfcat_x( &bsi->bsi_flt_where,
710 bsi->bsi_op->o_tmpmemctx,
715 case LDAP_FILTER_PRESENT:
719 case LDAP_FILTER_EXT:
720 ad = f->f_mra->ma_desc;
721 if ( f->f_mr_dnattrs ) {
723 * if dn attrs filtering is requested, better return
724 * success and let test_filter() deal with candidate
725 * selection; otherwise we'd need to set conditions
726 * on the contents of the DN, e.g. "SELECT ... FROM
727 * ldap_entries AS attributeName WHERE attributeName.dn
728 * like '%attributeName=value%'"
730 backsql_strfcat_x( &bsi->bsi_flt_where,
731 bsi->bsi_op->o_tmpmemctx,
733 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
734 bsi->bsi_status = LDAP_SUCCESS;
755 * Turn structuralObjectClass into objectClass
757 if ( ad == slap_schema.si_ad_objectClass
758 || ad == slap_schema.si_ad_structuralObjectClass )
761 * If the filter is LDAP_FILTER_PRESENT, then it's done;
762 * otherwise, let's see if we are lucky: filtering
763 * for "structural" objectclass or ancestor...
765 switch ( f->f_choice ) {
766 case LDAP_FILTER_EQUALITY:
768 ObjectClass *oc = oc_bvfind( &f->f_av_value );
771 Debug( LDAP_DEBUG_TRACE,
772 "backsql_process_filter(): "
773 "unknown objectClass \"%s\" "
775 f->f_av_value.bv_val, 0, 0 );
776 bsi->bsi_status = LDAP_OTHER;
782 * "structural" objectClass inheritance:
783 * - a search for "person" will also return
785 * - a search for "top" will return everything
787 if ( is_object_subclass( oc, bsi->bsi_oc->bom_oc ) ) {
788 static struct berval ldap_entry_objclasses = BER_BVC( "ldap_entry_objclasses" );
790 backsql_merge_from_tbls( bsi, &ldap_entry_objclasses );
792 backsql_strfcat_x( &bsi->bsi_flt_where,
793 bsi->bsi_op->o_tmpmemctx,
795 (ber_len_t)STRLENOF( "(2=2 OR (ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ')) */ ),
796 "(2=2 OR (ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ')) */,
797 &bsi->bsi_oc->bom_oc->soc_cname,
798 (ber_len_t)STRLENOF( /* ((' */ "'))" ),
800 bsi->bsi_status = LDAP_SUCCESS;
808 case LDAP_FILTER_PRESENT:
809 backsql_strfcat_x( &bsi->bsi_flt_where,
810 bsi->bsi_op->o_tmpmemctx,
812 (ber_len_t)STRLENOF( "3=3" ), "3=3" );
813 bsi->bsi_status = LDAP_SUCCESS;
817 /* FIXME: LDAP_FILTER_EXT? */
820 Debug( LDAP_DEBUG_TRACE,
821 "backsql_process_filter(): "
822 "illegal/unhandled filter "
823 "on objectClass attribute",
825 bsi->bsi_status = LDAP_OTHER;
830 } else if ( ad == slap_schema.si_ad_entryUUID ) {
832 #ifdef BACKSQL_ARBITRARY_KEY
833 struct berval keyval;
834 #else /* ! BACKSQL_ARBITRARY_KEY */
835 unsigned long keyval;
836 char keyvalbuf[] = "18446744073709551615";
837 #endif /* ! BACKSQL_ARBITRARY_KEY */
839 switch ( f->f_choice ) {
840 case LDAP_FILTER_EQUALITY:
841 backsql_entryUUID_decode( &f->f_av_value, &oc_id, &keyval );
843 if ( oc_id != bsi->bsi_oc->bom_id ) {
844 bsi->bsi_status = LDAP_SUCCESS;
849 #ifdef BACKSQL_ARBITRARY_KEY
850 backsql_strfcat_x( &bsi->bsi_flt_where,
851 bsi->bsi_op->o_tmpmemctx,
853 &bsi->bsi_oc->bom_keytbl, '.',
854 &bsi->bsi_oc->bom_keycol,
855 STRLENOF( " LIKE '" ), " LIKE '",
857 #else /* ! BACKSQL_ARBITRARY_KEY */
858 snprintf( keyvalbuf, sizeof( keyvalbuf ), "%lu", keyval );
859 backsql_strfcat_x( &bsi->bsi_flt_where,
860 bsi->bsi_op->o_tmpmemctx,
862 &bsi->bsi_oc->bom_keytbl, '.',
863 &bsi->bsi_oc->bom_keycol, '=', keyvalbuf );
864 #endif /* ! BACKSQL_ARBITRARY_KEY */
867 case LDAP_FILTER_PRESENT:
868 backsql_strfcat_x( &bsi->bsi_flt_where,
869 bsi->bsi_op->o_tmpmemctx,
871 (ber_len_t)STRLENOF( "4=4" ), "4=4" );
879 bsi->bsi_flags |= BSQL_SF_FILTER_ENTRYUUID;
883 #ifdef BACKSQL_SYNCPROV
884 } else if ( ad == slap_schema.si_ad_entryCSN ) {
886 * support for syncrepl as producer...
889 if ( !bsi->bsi_op->o_sync ) {
890 /* unsupported at present... */
891 bsi->bsi_status = LDAP_OTHER;
897 bsi->bsi_flags |= ( BSQL_SF_FILTER_ENTRYCSN | BSQL_SF_RETURN_ENTRYUUID);
899 /* if doing a syncrepl, try to return as much as possible,
900 * and always match the filter */
901 backsql_strfcat_x( &bsi->bsi_flt_where,
902 bsi->bsi_op->o_tmpmemctx,
904 (ber_len_t)STRLENOF( "5=5" ), "5=5" );
906 /* save for later use in operational attributes */
907 /* FIXME: saves only the first occurrence, because
908 * the filter during updates is written as
909 * "(&(entryCSN<={contextCSN})(entryCSN>={oldContextCSN})({filter}))"
910 * so we want our fake entryCSN to match the greatest
913 if ( bsi->bsi_op->o_private == NULL ) {
914 bsi->bsi_op->o_private = &f->f_av_value;
916 bsi->bsi_status = LDAP_SUCCESS;
920 #endif /* BACKSQL_SYNCPROV */
922 } else if ( ad == slap_schema.si_ad_hasSubordinates || ad == NULL ) {
924 * FIXME: this is not robust; e.g. a filter
925 * '(!(hasSubordinates=TRUE))' fails because
926 * in SQL it would read 'NOT (1=1)' instead
928 * Note however that hasSubordinates is boolean,
929 * so a more appropriate filter would be
930 * '(hasSubordinates=FALSE)'
932 * A more robust search for hasSubordinates
933 * would * require joining the ldap_entries table
934 * selecting if there are descendants of the
937 backsql_strfcat_x( &bsi->bsi_flt_where,
938 bsi->bsi_op->o_tmpmemctx,
940 (ber_len_t)STRLENOF( "6=6" ), "6=6" );
941 if ( ad == slap_schema.si_ad_hasSubordinates ) {
943 * instruct candidate selection algorithm
944 * and attribute list to try to detect
945 * if an entry has subordinates
947 bsi->bsi_flags |= BSQL_SF_FILTER_HASSUBORDINATE;
951 * clear attributes to fetch, to require ALL
952 * and try extended match on all attributes
954 backsql_attrlist_add( bsi, NULL );
961 * attribute inheritance:
963 if ( backsql_supad2at( bsi->bsi_oc, ad, &vat ) ) {
964 bsi->bsi_status = LDAP_OTHER;
970 /* search anyway; other parts of the filter
972 backsql_strfcat_x( &bsi->bsi_flt_where,
973 bsi->bsi_op->o_tmpmemctx,
975 (ber_len_t)STRLENOF( "7=7" ), "7=7" );
976 bsi->bsi_status = LDAP_SUCCESS;
981 /* if required, open extra level of parens */
983 if ( vat[0]->bam_next || vat[1] ) {
984 backsql_strfcat_x( &bsi->bsi_flt_where,
985 bsi->bsi_op->o_tmpmemctx,
993 if ( backsql_process_filter_attr( bsi, f, vat[i] ) == -1 ) {
997 /* if more definitions of the same attr, apply */
998 if ( vat[i]->bam_next ) {
999 backsql_strfcat_x( &bsi->bsi_flt_where,
1000 bsi->bsi_op->o_tmpmemctx,
1002 STRLENOF( " OR " ), " OR " );
1003 vat[i] = vat[i]->bam_next;
1007 /* if more descendants of the same attr, apply */
1010 backsql_strfcat_x( &bsi->bsi_flt_where,
1011 bsi->bsi_op->o_tmpmemctx,
1013 STRLENOF( " OR " ), " OR " );
1017 /* if needed, close extra level of parens */
1019 backsql_strfcat_x( &bsi->bsi_flt_where,
1020 bsi->bsi_op->o_tmpmemctx,
1031 Debug( LDAP_DEBUG_TRACE,
1032 "<==backsql_process_filter() %s\n",
1033 rc == 1 ? "succeeded" : "failed", 0, 0);
1039 backsql_process_filter_eq( backsql_srch_info *bsi, backsql_at_map_rec *at,
1040 int casefold, struct berval *filter_value )
1043 * maybe we should check type of at->sel_expr here somehow,
1044 * to know whether upper_func is applicable, but for now
1045 * upper_func stuff is made for Oracle, where UPPER is
1046 * safely applicable to NUMBER etc.
1048 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
1051 backsql_strfcat_x( &bsi->bsi_flt_where,
1052 bsi->bsi_op->o_tmpmemctx,
1055 &at->bam_sel_expr_u,
1056 (ber_len_t)STRLENOF( "='" ),
1059 start = bsi->bsi_flt_where.bb_val.bv_len;
1061 backsql_strfcat_x( &bsi->bsi_flt_where,
1062 bsi->bsi_op->o_tmpmemctx,
1065 (ber_len_t)STRLENOF( /* (' */ "')" ),
1068 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
1071 backsql_strfcat_x( &bsi->bsi_flt_where,
1072 bsi->bsi_op->o_tmpmemctx,
1076 (ber_len_t)STRLENOF( "='" ), "='",
1078 (ber_len_t)STRLENOF( /* (' */ "')" ),
1086 backsql_process_filter_like( backsql_srch_info *bsi, backsql_at_map_rec *at,
1087 int casefold, struct berval *filter_value )
1090 * maybe we should check type of at->sel_expr here somehow,
1091 * to know whether upper_func is applicable, but for now
1092 * upper_func stuff is made for Oracle, where UPPER is
1093 * safely applicable to NUMBER etc.
1095 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
1098 backsql_strfcat_x( &bsi->bsi_flt_where,
1099 bsi->bsi_op->o_tmpmemctx,
1102 &at->bam_sel_expr_u,
1103 (ber_len_t)STRLENOF( " LIKE '%" ),
1106 start = bsi->bsi_flt_where.bb_val.bv_len;
1108 backsql_strfcat_x( &bsi->bsi_flt_where,
1109 bsi->bsi_op->o_tmpmemctx,
1112 (ber_len_t)STRLENOF( /* (' */ "%')" ),
1115 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
1118 backsql_strfcat_x( &bsi->bsi_flt_where,
1119 bsi->bsi_op->o_tmpmemctx,
1123 (ber_len_t)STRLENOF( " LIKE '%" ),
1126 (ber_len_t)STRLENOF( /* (' */ "%')" ),
1134 backsql_process_filter_attr( backsql_srch_info *bsi, Filter *f, backsql_at_map_rec *at )
1136 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
1138 struct berval *filter_value = NULL;
1139 MatchingRule *matching_rule = NULL;
1140 struct berval ordering = BER_BVC("<=");
1142 Debug( LDAP_DEBUG_TRACE, "==>backsql_process_filter_attr(%s)\n",
1143 at->bam_ad->ad_cname.bv_val, 0, 0 );
1146 * need to add this attribute to list of attrs to load,
1147 * so that we can do test_filter() later
1149 backsql_attrlist_add( bsi, at->bam_ad );
1151 backsql_merge_from_tbls( bsi, &at->bam_from_tbls );
1153 if ( !BER_BVISNULL( &at->bam_join_where )
1154 && strstr( bsi->bsi_join_where.bb_val.bv_val,
1155 at->bam_join_where.bv_val ) == NULL )
1157 backsql_strfcat_x( &bsi->bsi_join_where,
1158 bsi->bsi_op->o_tmpmemctx,
1160 (ber_len_t)STRLENOF( " AND " ), " AND ",
1161 &at->bam_join_where );
1164 switch ( f->f_choice ) {
1165 case LDAP_FILTER_EQUALITY:
1166 filter_value = &f->f_av_value;
1167 matching_rule = at->bam_ad->ad_type->sat_equality;
1169 goto equality_match;
1171 /* fail over into next case */
1173 case LDAP_FILTER_EXT:
1174 filter_value = &f->f_mra->ma_value;
1175 matching_rule = f->f_mr_rule;
1178 /* always uppercase strings by now */
1179 #ifdef BACKSQL_UPPERCASE_FILTER
1180 if ( SLAP_MR_ASSOCIATED( matching_rule,
1181 bi->sql_caseIgnoreMatch ) )
1182 #endif /* BACKSQL_UPPERCASE_FILTER */
1187 /* FIXME: directoryString filtering should use a similar
1188 * approach to deal with non-prettified values like
1189 * " A non prettified value ", by using a LIKE
1190 * filter with all whitespaces collapsed to a single '%' */
1191 if ( SLAP_MR_ASSOCIATED( matching_rule,
1192 bi->sql_telephoneNumberMatch ) )
1198 * to check for matching telephone numbers
1199 * with intermized chars, e.g. val='1234'
1202 * val LIKE '%1%2%3%4%'
1205 bv.bv_len = 2 * filter_value->bv_len - 1;
1206 bv.bv_val = ch_malloc( bv.bv_len + 1 );
1208 bv.bv_val[ 0 ] = filter_value->bv_val[ 0 ];
1209 for ( i = 1; i < filter_value->bv_len; i++ ) {
1210 bv.bv_val[ 2 * i - 1 ] = '%';
1211 bv.bv_val[ 2 * i ] = filter_value->bv_val[ i ];
1213 bv.bv_val[ 2 * i - 1 ] = '\0';
1215 (void)backsql_process_filter_like( bsi, at, casefold, &bv );
1216 ch_free( bv.bv_val );
1221 /* NOTE: this is required by objectClass inheritance
1222 * and auxiliary objectClass use in filters for slightly
1223 * more efficient candidate selection. */
1224 /* FIXME: a bit too many specializations to deal with
1225 * very specific cases... */
1226 if ( at->bam_ad == slap_schema.si_ad_objectClass
1227 || at->bam_ad == slap_schema.si_ad_structuralObjectClass )
1229 backsql_strfcat_x( &bsi->bsi_flt_where,
1230 bsi->bsi_op->o_tmpmemctx,
1232 (ber_len_t)STRLENOF( "(ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */ ),
1233 "(ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */,
1235 (ber_len_t)STRLENOF( /* (' */ "')" ),
1241 * maybe we should check type of at->sel_expr here somehow,
1242 * to know whether upper_func is applicable, but for now
1243 * upper_func stuff is made for Oracle, where UPPER is
1244 * safely applicable to NUMBER etc.
1246 (void)backsql_process_filter_eq( bsi, at, casefold, filter_value );
1249 case LDAP_FILTER_GE:
1250 ordering.bv_val = ">=";
1252 /* fall thru to next case */
1254 case LDAP_FILTER_LE:
1255 filter_value = &f->f_av_value;
1257 /* always uppercase strings by now */
1258 #ifdef BACKSQL_UPPERCASE_FILTER
1259 if ( at->bam_ad->ad_type->sat_ordering &&
1260 SLAP_MR_ASSOCIATED( at->bam_ad->ad_type->sat_ordering,
1261 bi->sql_caseIgnoreMatch ) )
1262 #endif /* BACKSQL_UPPERCASE_FILTER */
1268 * FIXME: should we uppercase the operands?
1270 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
1273 backsql_strfcat_x( &bsi->bsi_flt_where,
1274 bsi->bsi_op->o_tmpmemctx,
1277 &at->bam_sel_expr_u,
1281 start = bsi->bsi_flt_where.bb_val.bv_len;
1283 backsql_strfcat_x( &bsi->bsi_flt_where,
1284 bsi->bsi_op->o_tmpmemctx,
1287 (ber_len_t)STRLENOF( /* (' */ "')" ),
1290 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
1293 backsql_strfcat_x( &bsi->bsi_flt_where,
1294 bsi->bsi_op->o_tmpmemctx,
1301 (ber_len_t)STRLENOF( /* (' */ "')" ),
1306 case LDAP_FILTER_PRESENT:
1307 backsql_strfcat_x( &bsi->bsi_flt_where,
1308 bsi->bsi_op->o_tmpmemctx,
1310 (ber_len_t)STRLENOF( "NOT (" /* ) */),
1313 (ber_len_t)STRLENOF( /* ( */ " IS NULL)" ),
1314 /* ( */ " IS NULL)" );
1317 case LDAP_FILTER_SUBSTRINGS:
1318 backsql_process_sub_filter( bsi, f, at );
1321 case LDAP_FILTER_APPROX:
1322 /* we do our best */
1325 * maybe we should check type of at->sel_expr here somehow,
1326 * to know whether upper_func is applicable, but for now
1327 * upper_func stuff is made for Oracle, where UPPER is
1328 * safely applicable to NUMBER etc.
1330 (void)backsql_process_filter_like( bsi, at, 1, &f->f_av_value );
1334 /* unhandled filter type; should not happen */
1336 backsql_strfcat_x( &bsi->bsi_flt_where,
1337 bsi->bsi_op->o_tmpmemctx,
1339 (ber_len_t)STRLENOF( "8=8" ), "8=8" );
1344 Debug( LDAP_DEBUG_TRACE, "<==backsql_process_filter_attr(%s)\n",
1345 at->bam_ad->ad_cname.bv_val, 0, 0 );
1351 backsql_srch_query( backsql_srch_info *bsi, struct berval *query )
1353 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
1356 assert( query != NULL );
1357 BER_BVZERO( query );
1359 bsi->bsi_use_subtree_shortcut = 0;
1361 Debug( LDAP_DEBUG_TRACE, "==>backsql_srch_query()\n", 0, 0, 0 );
1362 BER_BVZERO( &bsi->bsi_sel.bb_val );
1363 BER_BVZERO( &bsi->bsi_sel.bb_val );
1364 bsi->bsi_sel.bb_len = 0;
1365 BER_BVZERO( &bsi->bsi_from.bb_val );
1366 bsi->bsi_from.bb_len = 0;
1367 BER_BVZERO( &bsi->bsi_join_where.bb_val );
1368 bsi->bsi_join_where.bb_len = 0;
1369 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
1370 bsi->bsi_flt_where.bb_len = 0;
1372 backsql_strfcat_x( &bsi->bsi_sel,
1373 bsi->bsi_op->o_tmpmemctx,
1375 (ber_len_t)STRLENOF( "SELECT DISTINCT ldap_entries.id," ),
1376 "SELECT DISTINCT ldap_entries.id,",
1377 &bsi->bsi_oc->bom_keytbl,
1379 &bsi->bsi_oc->bom_keycol,
1382 if ( !BER_BVISNULL( &bi->sql_strcast_func ) ) {
1383 backsql_strfcat_x( &bsi->bsi_sel,
1384 bsi->bsi_op->o_tmpmemctx,
1386 &bi->sql_strcast_func,
1387 (ber_len_t)STRLENOF( "('" /* ') */ ),
1389 &bsi->bsi_oc->bom_oc->soc_cname,
1390 (ber_len_t)STRLENOF( /* (' */ "')" ),
1393 backsql_strfcat_x( &bsi->bsi_sel,
1394 bsi->bsi_op->o_tmpmemctx,
1397 &bsi->bsi_oc->bom_oc->soc_cname,
1401 backsql_strfcat_x( &bsi->bsi_sel,
1402 bsi->bsi_op->o_tmpmemctx,
1404 &bi->sql_dn_oc_aliasing );
1405 backsql_strfcat_x( &bsi->bsi_from,
1406 bsi->bsi_op->o_tmpmemctx,
1408 (ber_len_t)STRLENOF( " FROM ldap_entries," ),
1409 " FROM ldap_entries,",
1410 &bsi->bsi_oc->bom_keytbl );
1412 backsql_strfcat_x( &bsi->bsi_join_where,
1413 bsi->bsi_op->o_tmpmemctx,
1415 (ber_len_t)STRLENOF( " WHERE " ), " WHERE ",
1416 &bsi->bsi_oc->bom_keytbl,
1418 &bsi->bsi_oc->bom_keycol,
1419 (ber_len_t)STRLENOF( "=ldap_entries.keyval AND ldap_entries.oc_map_id=? AND " ),
1420 "=ldap_entries.keyval AND ldap_entries.oc_map_id=? AND " );
1422 switch ( bsi->bsi_scope ) {
1423 case LDAP_SCOPE_BASE:
1424 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1425 backsql_strfcat_x( &bsi->bsi_join_where,
1426 bsi->bsi_op->o_tmpmemctx,
1428 &bi->sql_upper_func,
1429 (ber_len_t)STRLENOF( "(ldap_entries.dn)=?" ),
1430 "(ldap_entries.dn)=?" );
1432 backsql_strfcat_x( &bsi->bsi_join_where,
1433 bsi->bsi_op->o_tmpmemctx,
1435 (ber_len_t)STRLENOF( "ldap_entries.dn=?" ),
1436 "ldap_entries.dn=?" );
1440 case BACKSQL_SCOPE_BASE_LIKE:
1441 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1442 backsql_strfcat_x( &bsi->bsi_join_where,
1443 bsi->bsi_op->o_tmpmemctx,
1445 &bi->sql_upper_func,
1446 (ber_len_t)STRLENOF( "(ldap_entries.dn) LIKE ?" ),
1447 "(ldap_entries.dn) LIKE ?" );
1449 backsql_strfcat_x( &bsi->bsi_join_where,
1450 bsi->bsi_op->o_tmpmemctx,
1452 (ber_len_t)STRLENOF( "ldap_entries.dn LIKE ?" ),
1453 "ldap_entries.dn LIKE ?" );
1457 case LDAP_SCOPE_ONELEVEL:
1458 backsql_strfcat_x( &bsi->bsi_join_where,
1459 bsi->bsi_op->o_tmpmemctx,
1461 (ber_len_t)STRLENOF( "ldap_entries.parent=?" ),
1462 "ldap_entries.parent=?" );
1465 case LDAP_SCOPE_SUBORDINATE:
1466 case LDAP_SCOPE_SUBTREE:
1467 if ( BACKSQL_USE_SUBTREE_SHORTCUT( bi ) ) {
1469 BackendDB *bd = bsi->bsi_op->o_bd;
1471 assert( bd->be_nsuffix != NULL );
1473 for ( i = 0; !BER_BVISNULL( &bd->be_nsuffix[ i ] ); i++ )
1475 if ( dn_match( &bd->be_nsuffix[ i ],
1476 bsi->bsi_base_ndn ) )
1478 /* pass this to the candidate selection
1479 * routine so that the DN is not bound
1480 * to the select statement */
1481 bsi->bsi_use_subtree_shortcut = 1;
1487 if ( bsi->bsi_use_subtree_shortcut ) {
1488 /* Skip the base DN filter, as every entry will match it */
1489 backsql_strfcat_x( &bsi->bsi_join_where,
1490 bsi->bsi_op->o_tmpmemctx,
1492 (ber_len_t)STRLENOF( "9=9"), "9=9");
1494 } else if ( !BER_BVISNULL( &bi->sql_subtree_cond ) ) {
1495 backsql_strfcat_x( &bsi->bsi_join_where,
1496 bsi->bsi_op->o_tmpmemctx,
1498 &bi->sql_subtree_cond );
1500 } else if ( BACKSQL_CANUPPERCASE( bi ) ) {
1501 backsql_strfcat_x( &bsi->bsi_join_where,
1502 bsi->bsi_op->o_tmpmemctx,
1504 &bi->sql_upper_func,
1505 (ber_len_t)STRLENOF( "(ldap_entries.dn) LIKE ?" ),
1506 "(ldap_entries.dn) LIKE ?" );
1509 backsql_strfcat_x( &bsi->bsi_join_where,
1510 bsi->bsi_op->o_tmpmemctx,
1512 (ber_len_t)STRLENOF( "ldap_entries.dn LIKE ?" ),
1513 "ldap_entries.dn LIKE ?" );
1522 rc = backsql_process_filter( bsi, bsi->bsi_filter );
1524 struct berbuf bb = BB_NULL;
1526 backsql_strfcat_x( &bb,
1527 bsi->bsi_op->o_tmpmemctx,
1529 &bsi->bsi_sel.bb_val,
1530 &bsi->bsi_from.bb_val,
1531 &bsi->bsi_join_where.bb_val,
1532 (ber_len_t)STRLENOF( " AND " ), " AND ",
1533 &bsi->bsi_flt_where.bb_val );
1537 } else if ( rc < 0 ) {
1539 * Indicates that there's no possible way the filter matches
1540 * anything. No need to issue the query
1542 free( query->bv_val );
1543 BER_BVZERO( query );
1546 bsi->bsi_op->o_tmpfree( bsi->bsi_sel.bb_val.bv_val, bsi->bsi_op->o_tmpmemctx );
1547 BER_BVZERO( &bsi->bsi_sel.bb_val );
1548 bsi->bsi_sel.bb_len = 0;
1549 bsi->bsi_op->o_tmpfree( bsi->bsi_from.bb_val.bv_val, bsi->bsi_op->o_tmpmemctx );
1550 BER_BVZERO( &bsi->bsi_from.bb_val );
1551 bsi->bsi_from.bb_len = 0;
1552 bsi->bsi_op->o_tmpfree( bsi->bsi_join_where.bb_val.bv_val, bsi->bsi_op->o_tmpmemctx );
1553 BER_BVZERO( &bsi->bsi_join_where.bb_val );
1554 bsi->bsi_join_where.bb_len = 0;
1555 bsi->bsi_op->o_tmpfree( bsi->bsi_flt_where.bb_val.bv_val, bsi->bsi_op->o_tmpmemctx );
1556 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
1557 bsi->bsi_flt_where.bb_len = 0;
1559 Debug( LDAP_DEBUG_TRACE, "<==backsql_srch_query() returns %s\n",
1560 query->bv_val ? query->bv_val : "NULL", 0, 0 );
1562 return ( rc <= 0 ? 1 : 0 );
1566 backsql_oc_get_candidates( void *v_oc, void *v_bsi )
1568 backsql_oc_map_rec *oc = v_oc;
1569 backsql_srch_info *bsi = v_bsi;
1570 Operation *op = bsi->bsi_op;
1571 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
1572 struct berval query;
1573 SQLHSTMT sth = SQL_NULL_HSTMT;
1576 BACKSQL_ROW_NTS row;
1579 int n_candidates = bsi->bsi_n_candidates;
1582 * + 1 because we need room for '%';
1583 * + 1 because we need room for ',' for LDAP_SCOPE_SUBORDINATE;
1584 * this makes a subtree
1585 * search for a DN BACKSQL_MAX_DN_LEN long legal
1586 * if it returns that DN only
1588 char tmp_base_ndn[ BACKSQL_MAX_DN_LEN + 1 + 1 ];
1590 bsi->bsi_status = LDAP_SUCCESS;
1592 Debug( LDAP_DEBUG_TRACE, "==>backsql_oc_get_candidates(): oc=\"%s\"\n",
1593 BACKSQL_OC_NAME( oc ), 0, 0 );
1595 /* check for abandon */
1596 if ( op->o_abandon ) {
1597 bsi->bsi_status = SLAPD_ABANDON;
1598 return BACKSQL_AVL_STOP;
1601 if ( bsi->bsi_n_candidates == -1 ) {
1602 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1603 "unchecked limit has been overcome\n", 0, 0, 0 );
1604 /* should never get here */
1606 bsi->bsi_status = LDAP_ADMINLIMIT_EXCEEDED;
1607 return BACKSQL_AVL_STOP;
1611 res = backsql_srch_query( bsi, &query );
1613 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1614 "error while constructing query for objectclass \"%s\"\n",
1615 oc->bom_oc->soc_cname.bv_val, 0, 0 );
1617 * FIXME: need to separate errors from legally
1618 * impossible filters
1620 switch ( bsi->bsi_status ) {
1622 case LDAP_UNDEFINED_TYPE:
1623 case LDAP_NO_SUCH_OBJECT:
1624 /* we are conservative... */
1626 bsi->bsi_status = LDAP_SUCCESS;
1628 return BACKSQL_AVL_CONTINUE;
1630 case LDAP_ADMINLIMIT_EXCEEDED:
1632 /* don't try any more */
1633 return BACKSQL_AVL_STOP;
1637 if ( BER_BVISNULL( &query ) ) {
1638 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1639 "could not construct query for objectclass \"%s\"\n",
1640 oc->bom_oc->soc_cname.bv_val, 0, 0 );
1641 bsi->bsi_status = LDAP_SUCCESS;
1642 return BACKSQL_AVL_CONTINUE;
1645 Debug( LDAP_DEBUG_TRACE, "Constructed query: %s\n",
1646 query.bv_val, 0, 0 );
1648 rc = backsql_Prepare( bsi->bsi_dbh, &sth, query.bv_val, 0 );
1649 bsi->bsi_op->o_tmpfree( query.bv_val, bsi->bsi_op->o_tmpmemctx );
1650 BER_BVZERO( &query );
1651 if ( rc != SQL_SUCCESS ) {
1652 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1653 "error preparing query\n", 0, 0, 0 );
1654 backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh, sth, rc );
1655 bsi->bsi_status = LDAP_OTHER;
1656 return BACKSQL_AVL_CONTINUE;
1659 Debug( LDAP_DEBUG_TRACE, "id: '%ld'\n", bsi->bsi_oc->bom_id, 0, 0 );
1661 rc = backsql_BindParamInt( sth, 1, SQL_PARAM_INPUT,
1662 &bsi->bsi_oc->bom_id );
1663 if ( rc != SQL_SUCCESS ) {
1664 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1665 "error binding objectclass id parameter\n", 0, 0, 0 );
1666 bsi->bsi_status = LDAP_OTHER;
1667 return BACKSQL_AVL_CONTINUE;
1670 switch ( bsi->bsi_scope ) {
1671 case LDAP_SCOPE_BASE:
1672 case BACKSQL_SCOPE_BASE_LIKE:
1674 * We do not accept DNs longer than BACKSQL_MAX_DN_LEN;
1675 * however this should be handled earlier
1677 if ( bsi->bsi_base_ndn->bv_len > BACKSQL_MAX_DN_LEN ) {
1678 bsi->bsi_status = LDAP_OTHER;
1679 return BACKSQL_AVL_CONTINUE;
1682 AC_MEMCPY( tmp_base_ndn, bsi->bsi_base_ndn->bv_val,
1683 bsi->bsi_base_ndn->bv_len + 1 );
1685 /* uppercase DN only if the stored DN can be uppercased
1687 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1688 ldap_pvt_str2upper( tmp_base_ndn );
1691 Debug( LDAP_DEBUG_TRACE, "(base)dn: \"%s\"\n",
1692 tmp_base_ndn, 0, 0 );
1694 rc = backsql_BindParamStr( sth, 2, SQL_PARAM_INPUT,
1695 tmp_base_ndn, BACKSQL_MAX_DN_LEN );
1696 if ( rc != SQL_SUCCESS ) {
1697 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1698 "error binding base_ndn parameter\n", 0, 0, 0 );
1699 backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh,
1701 bsi->bsi_status = LDAP_OTHER;
1702 return BACKSQL_AVL_CONTINUE;
1706 case LDAP_SCOPE_SUBORDINATE:
1707 case LDAP_SCOPE_SUBTREE:
1709 /* if short-cutting the search base,
1710 * don't bind any parameter */
1711 if ( bsi->bsi_use_subtree_shortcut ) {
1716 * We do not accept DNs longer than BACKSQL_MAX_DN_LEN;
1717 * however this should be handled earlier
1719 if ( bsi->bsi_base_ndn->bv_len > BACKSQL_MAX_DN_LEN ) {
1720 bsi->bsi_status = LDAP_OTHER;
1721 return BACKSQL_AVL_CONTINUE;
1725 * Sets the parameters for the SQL built earlier
1726 * NOTE that all the databases could actually use
1727 * the TimesTen version, which would be cleaner
1728 * and would also eliminate the need for the
1729 * subtree_cond line in the configuration file.
1730 * For now, I'm leaving it the way it is,
1731 * so non-TimesTen databases use the original code.
1732 * But at some point this should get cleaned up.
1734 * If "dn" is being used, do a suffix search.
1735 * If "dn_ru" is being used, do a prefix search.
1737 if ( BACKSQL_HAS_LDAPINFO_DN_RU( bi ) ) {
1738 tmp_base_ndn[ 0 ] = '\0';
1740 for ( i = 0, j = bsi->bsi_base_ndn->bv_len - 1;
1742 tmp_base_ndn[ i ] = bsi->bsi_base_ndn->bv_val[ j ];
1745 if ( bsi->bsi_scope == LDAP_SCOPE_SUBORDINATE ) {
1746 tmp_base_ndn[ i++ ] = ',';
1749 tmp_base_ndn[ i ] = '%';
1750 tmp_base_ndn[ i + 1 ] = '\0';
1755 tmp_base_ndn[ i++ ] = '%';
1757 if ( bsi->bsi_scope == LDAP_SCOPE_SUBORDINATE ) {
1758 tmp_base_ndn[ i++ ] = ',';
1761 AC_MEMCPY( &tmp_base_ndn[ i ], bsi->bsi_base_ndn->bv_val,
1762 bsi->bsi_base_ndn->bv_len + 1 );
1765 /* uppercase DN only if the stored DN can be uppercased
1767 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1768 ldap_pvt_str2upper( tmp_base_ndn );
1771 if ( bsi->bsi_scope == LDAP_SCOPE_SUBORDINATE ) {
1772 Debug( LDAP_DEBUG_TRACE, "(children)dn: \"%s\"\n",
1773 tmp_base_ndn, 0, 0 );
1775 Debug( LDAP_DEBUG_TRACE, "(sub)dn: \"%s\"\n",
1776 tmp_base_ndn, 0, 0 );
1779 rc = backsql_BindParamStr( sth, 2, SQL_PARAM_INPUT,
1780 tmp_base_ndn, BACKSQL_MAX_DN_LEN );
1781 if ( rc != SQL_SUCCESS ) {
1782 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1783 "error binding base_ndn parameter (2)\n",
1785 backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh,
1787 bsi->bsi_status = LDAP_OTHER;
1788 return BACKSQL_AVL_CONTINUE;
1793 case LDAP_SCOPE_ONELEVEL:
1794 assert( !BER_BVISNULL( &bsi->bsi_base_id.eid_ndn ) );
1796 #ifdef BACKSQL_ARBITRARY_KEY
1797 Debug( LDAP_DEBUG_TRACE, "(one)id: \"%s\"\n",
1798 bsi->bsi_base_id.eid_id.bv_val, 0, 0 );
1799 #else /* ! BACKSQL_ARBITRARY_KEY */
1800 Debug( LDAP_DEBUG_TRACE, "(one)id: '%lu'\n",
1801 bsi->bsi_base_id.eid_id, 0, 0 );
1802 #endif /* ! BACKSQL_ARBITRARY_KEY */
1803 rc = backsql_BindParamID( sth, 2, SQL_PARAM_INPUT,
1804 &bsi->bsi_base_id.eid_id );
1805 if ( rc != SQL_SUCCESS ) {
1806 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1807 "error binding base id parameter\n", 0, 0, 0 );
1808 bsi->bsi_status = LDAP_OTHER;
1809 return BACKSQL_AVL_CONTINUE;
1814 rc = SQLExecute( sth );
1815 if ( !BACKSQL_SUCCESS( rc ) ) {
1816 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1817 "error executing query\n", 0, 0, 0 );
1818 backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh, sth, rc );
1819 SQLFreeStmt( sth, SQL_DROP );
1820 bsi->bsi_status = LDAP_OTHER;
1821 return BACKSQL_AVL_CONTINUE;
1824 backsql_BindRowAsStrings_x( sth, &row, bsi->bsi_op->o_tmpmemctx );
1825 rc = SQLFetch( sth );
1826 for ( ; BACKSQL_SUCCESS( rc ); rc = SQLFetch( sth ) ) {
1827 struct berval dn, pdn, ndn;
1828 backsql_entryID *c_id = NULL;
1831 ber_str2bv( row.cols[ 3 ], 0, 0, &dn );
1833 if ( backsql_api_odbc2dn( bsi->bsi_op, bsi->bsi_rs, &dn ) ) {
1837 ret = dnPrettyNormal( NULL, &dn, &pdn, &ndn, op->o_tmpmemctx );
1838 if ( dn.bv_val != row.cols[ 3 ] ) {
1842 if ( ret != LDAP_SUCCESS ) {
1846 if ( bi->sql_baseObject && dn_match( &ndn, &bi->sql_baseObject->e_nname ) ) {
1850 c_id = (backsql_entryID *)op->o_tmpcalloc( 1,
1851 sizeof( backsql_entryID ), op->o_tmpmemctx );
1852 #ifdef BACKSQL_ARBITRARY_KEY
1853 ber_str2bv_x( row.cols[ 0 ], 0, 1, &c_id->eid_id,
1855 ber_str2bv_x( row.cols[ 1 ], 0, 1, &c_id->eid_keyval,
1857 #else /* ! BACKSQL_ARBITRARY_KEY */
1858 if ( lutil_atoulx( &c_id->eid_id, row.cols[ 0 ], 0 ) != 0 ) {
1861 if ( lutil_atoulx( &c_id->eid_keyval, row.cols[ 1 ], 0 ) != 0 ) {
1864 #endif /* ! BACKSQL_ARBITRARY_KEY */
1865 c_id->eid_oc_id = bsi->bsi_oc->bom_id;
1868 c_id->eid_ndn = ndn;
1870 /* append at end of list ... */
1871 c_id->eid_next = NULL;
1872 *bsi->bsi_id_listtail = c_id;
1873 bsi->bsi_id_listtail = &c_id->eid_next;
1875 #ifdef BACKSQL_ARBITRARY_KEY
1876 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1877 "added entry id=%s, keyval=%s dn=\"%s\"\n",
1878 c_id->eid_id.bv_val, c_id->eid_keyval.bv_val,
1880 #else /* ! BACKSQL_ARBITRARY_KEY */
1881 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1882 "added entry id=%ld, keyval=%ld dn=\"%s\"\n",
1883 c_id->eid_id, c_id->eid_keyval, row.cols[ 3 ] );
1884 #endif /* ! BACKSQL_ARBITRARY_KEY */
1886 /* count candidates, for unchecked limit */
1887 bsi->bsi_n_candidates--;
1888 if ( bsi->bsi_n_candidates == -1 ) {
1894 if ( !BER_BVISNULL( &pdn ) ) {
1895 op->o_tmpfree( pdn.bv_val, op->o_tmpmemctx );
1897 if ( !BER_BVISNULL( &ndn ) ) {
1898 op->o_tmpfree( ndn.bv_val, op->o_tmpmemctx );
1900 if ( c_id != NULL ) {
1904 backsql_FreeRow_x( &row, bsi->bsi_op->o_tmpmemctx );
1905 SQLFreeStmt( sth, SQL_DROP );
1907 Debug( LDAP_DEBUG_TRACE, "<==backsql_oc_get_candidates(): %d\n",
1908 n_candidates - bsi->bsi_n_candidates, 0, 0 );
1910 return ( bsi->bsi_n_candidates == -1 ? BACKSQL_AVL_STOP : BACKSQL_AVL_CONTINUE );
1914 backsql_search( Operation *op, SlapReply *rs )
1916 backsql_info *bi = (backsql_info *)op->o_bd->be_private;
1917 SQLHDBC dbh = SQL_NULL_HDBC;
1919 Entry user_entry = { 0 },
1921 int manageDSAit = get_manageDSAit( op );
1922 time_t stoptime = 0;
1923 backsql_srch_info bsi = { 0 };
1924 backsql_entryID *eid = NULL;
1925 struct berval nbase = BER_BVNULL;
1927 Debug( LDAP_DEBUG_TRACE, "==>backsql_search(): "
1928 "base=\"%s\", filter=\"%s\", scope=%d,",
1929 op->o_req_ndn.bv_val,
1930 op->ors_filterstr.bv_val,
1932 Debug( LDAP_DEBUG_TRACE, " deref=%d, attrsonly=%d, "
1933 "attributes to load: %s\n",
1936 op->ors_attrs == NULL ? "all" : "custom list" );
1938 if ( op->o_req_ndn.bv_len > BACKSQL_MAX_DN_LEN ) {
1939 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1940 "search base length (%ld) exceeds max length (%d)\n",
1941 op->o_req_ndn.bv_len, BACKSQL_MAX_DN_LEN, 0 );
1943 * FIXME: a LDAP_NO_SUCH_OBJECT could be appropriate
1944 * since it is impossible that such a long DN exists
1947 rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
1948 send_ldap_result( op, rs );
1952 sres = backsql_get_db_conn( op, &dbh );
1953 if ( sres != LDAP_SUCCESS ) {
1954 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
1955 "could not get connection handle - exiting\n",
1958 rs->sr_text = sres == LDAP_OTHER ? "SQL-backend error" : NULL;
1959 send_ldap_result( op, rs );
1963 /* compute it anyway; root does not use it */
1964 stoptime = op->o_time + op->ors_tlimit;
1967 bsi.bsi_e = &base_entry;
1968 rs->sr_err = backsql_init_search( &bsi, &op->o_req_ndn,
1970 stoptime, op->ors_filter,
1971 dbh, op, rs, op->ors_attrs,
1972 ( BACKSQL_ISF_MATCHED | BACKSQL_ISF_GET_ENTRY ) );
1973 switch ( rs->sr_err ) {
1978 if ( manageDSAit && !BER_BVISNULL( &bsi.bsi_e->e_nname ) &&
1979 dn_match( &op->o_req_ndn, &bsi.bsi_e->e_nname ) )
1981 rs->sr_err = LDAP_SUCCESS;
1983 rs->sr_matched = NULL;
1985 ber_bvarray_free( rs->sr_ref );
1991 /* an entry was created; free it */
1992 entry_clean( bsi.bsi_e );
1997 if ( !BER_BVISNULL( &base_entry.e_nname )
1998 && !access_allowed( op, &base_entry,
1999 slap_schema.si_ad_entry, NULL,
2000 ACL_DISCLOSE, NULL ) )
2002 rs->sr_err = LDAP_NO_SUCH_OBJECT;
2004 ber_bvarray_free( rs->sr_ref );
2007 rs->sr_matched = NULL;
2011 send_ldap_result( op, rs );
2014 ber_bvarray_free( rs->sr_ref );
2018 if ( !BER_BVISNULL( &base_entry.e_nname ) ) {
2019 entry_clean( &base_entry );
2024 /* NOTE: __NEW__ "search" access is required
2025 * on searchBase object */
2029 if ( get_assert( op ) &&
2030 ( test_filter( op, &base_entry, get_assertion( op ) )
2031 != LDAP_COMPARE_TRUE ) )
2033 rs->sr_err = LDAP_ASSERTION_FAILED;
2036 if ( ! access_allowed_mask( op, &base_entry,
2037 slap_schema.si_ad_entry,
2038 NULL, ACL_SEARCH, NULL, &mask ) )
2040 if ( rs->sr_err == LDAP_SUCCESS ) {
2041 rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
2045 if ( rs->sr_err != LDAP_SUCCESS ) {
2046 if ( !ACL_GRANT( mask, ACL_DISCLOSE ) ) {
2047 rs->sr_err = LDAP_NO_SUCH_OBJECT;
2050 send_ldap_result( op, rs );
2057 bsi.bsi_n_candidates =
2058 ( op->ors_limit == NULL /* isroot == TRUE */ ? -2 :
2059 ( op->ors_limit->lms_s_unchecked == -1 ? -2 :
2060 ( op->ors_limit->lms_s_unchecked ) ) );
2062 switch ( bsi.bsi_scope ) {
2063 case LDAP_SCOPE_BASE:
2064 case BACKSQL_SCOPE_BASE_LIKE:
2066 * probably already found...
2068 bsi.bsi_id_list = &bsi.bsi_base_id;
2069 bsi.bsi_id_listtail = &bsi.bsi_base_id.eid_next;
2072 case LDAP_SCOPE_SUBTREE:
2074 * if baseObject is defined, and if it is the root
2075 * of the search, add it to the candidate list
2077 if ( bi->sql_baseObject && BACKSQL_IS_BASEOBJECT_ID( &bsi.bsi_base_id.eid_id ) )
2079 bsi.bsi_id_list = &bsi.bsi_base_id;
2080 bsi.bsi_id_listtail = &bsi.bsi_base_id.eid_next;
2087 * for each objectclass we try to construct query which gets IDs
2088 * of entries matching LDAP query filter and scope (or at least
2089 * candidates), and get the IDs
2091 avl_apply( bi->sql_oc_by_oc, backsql_oc_get_candidates,
2092 &bsi, BACKSQL_AVL_STOP, AVL_INORDER );
2094 /* check for abandon */
2095 if ( op->o_abandon ) {
2096 eid = bsi.bsi_id_list;
2097 rs->sr_err = SLAPD_ABANDON;
2102 if ( op->ors_limit != NULL /* isroot == FALSE */
2103 && op->ors_limit->lms_s_unchecked != -1
2104 && bsi.bsi_n_candidates == -1 )
2106 rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
2107 send_ldap_result( op, rs );
2112 * now we load candidate entries (only those attributes
2113 * mentioned in attrs and filter), test it against full filter
2114 * and then send to client; don't free entry_id if baseObject...
2116 for ( eid = bsi.bsi_id_list;
2118 eid = backsql_free_entryID( op,
2119 eid, eid == &bsi.bsi_base_id ? 0 : 1 ) )
2122 Attribute *a_hasSubordinate = NULL,
2123 *a_entryUUID = NULL,
2128 /* check for abandon */
2129 if ( op->o_abandon ) {
2130 rs->sr_err = SLAPD_ABANDON;
2134 /* check time limit */
2135 if ( op->ors_tlimit != SLAP_NO_LIMIT
2136 && slap_get_time() > stoptime )
2138 rs->sr_err = LDAP_TIMELIMIT_EXCEEDED;
2139 rs->sr_ctrls = NULL;
2140 rs->sr_ref = rs->sr_v2ref;
2144 #ifdef BACKSQL_ARBITRARY_KEY
2145 Debug(LDAP_DEBUG_TRACE, "backsql_search(): loading data "
2146 "for entry id=%s, oc_id=%ld, keyval=%s\n",
2147 eid->eid_id.bv_val, eid->eid_oc_id,
2148 eid->eid_keyval.bv_val );
2149 #else /* ! BACKSQL_ARBITRARY_KEY */
2150 Debug(LDAP_DEBUG_TRACE, "backsql_search(): loading data "
2151 "for entry id=%ld, oc_id=%ld, keyval=%ld\n",
2152 eid->eid_id, eid->eid_oc_id, eid->eid_keyval );
2153 #endif /* ! BACKSQL_ARBITRARY_KEY */
2156 switch ( op->ors_scope ) {
2157 case LDAP_SCOPE_BASE:
2158 case BACKSQL_SCOPE_BASE_LIKE:
2159 if ( !dn_match( &eid->eid_ndn, &op->o_req_ndn ) ) {
2164 case LDAP_SCOPE_ONE:
2166 struct berval rdn = eid->eid_ndn;
2168 rdn.bv_len -= op->o_req_ndn.bv_len + STRLENOF( "," );
2169 if ( !dnIsOneLevelRDN( &rdn ) ) {
2175 case LDAP_SCOPE_SUBORDINATE:
2176 /* discard the baseObject entry */
2177 if ( dn_match( &eid->eid_ndn, &op->o_req_ndn ) ) {
2181 case LDAP_SCOPE_SUBTREE:
2182 /* FIXME: this should never fail... */
2183 if ( !dnIsSuffix( &eid->eid_ndn, &op->o_req_ndn ) ) {
2190 if ( BACKSQL_IS_BASEOBJECT_ID( &eid->eid_id ) ) {
2191 /* don't recollect baseObject... */
2192 e = bi->sql_baseObject;
2194 } else if ( eid == &bsi.bsi_base_id ) {
2195 /* don't recollect searchBase object... */
2199 bsi.bsi_e = &user_entry;
2200 rc = backsql_id2entry( &bsi, eid );
2201 if ( rc != LDAP_SUCCESS ) {
2202 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
2203 "error %d in backsql_id2entry() "
2204 "- skipping\n", rc, 0, 0 );
2210 if ( !manageDSAit &&
2211 op->ors_scope != LDAP_SCOPE_BASE &&
2212 op->ors_scope != BACKSQL_SCOPE_BASE_LIKE &&
2213 is_entry_referral( e ) )
2217 refs = get_entry_referrals( op, e );
2219 backsql_srch_info bsi2 = { 0 };
2220 Entry user_entry2 = { 0 };
2222 /* retry with the full entry... */
2223 bsi2.bsi_e = &user_entry2;
2224 rc = backsql_init_search( &bsi2,
2229 BACKSQL_ISF_GET_ENTRY );
2230 if ( rc == LDAP_SUCCESS ) {
2231 if ( is_entry_referral( &user_entry2 ) )
2233 refs = get_entry_referrals( op,
2236 rs->sr_err = LDAP_OTHER;
2238 backsql_entry_clean( op, &user_entry2 );
2240 if ( bsi2.bsi_attrs != NULL ) {
2241 op->o_tmpfree( bsi2.bsi_attrs,
2247 rs->sr_ref = referral_rewrite( refs,
2251 ber_bvarray_free( refs );
2255 rs->sr_err = LDAP_REFERRAL;
2258 rs->sr_text = "bad referral object";
2262 rs->sr_matched = user_entry.e_name.bv_val;
2263 send_search_reference( op, rs );
2265 ber_bvarray_free( rs->sr_ref );
2267 rs->sr_matched = NULL;
2268 rs->sr_entry = NULL;
2274 * We use this flag since we need to parse the filter
2275 * anyway; we should have used the frontend API function
2276 * filter_has_subordinates()
2278 if ( bsi.bsi_flags & BSQL_SF_FILTER_HASSUBORDINATE ) {
2279 rc = backsql_has_children( op, dbh, &e->e_nname );
2282 case LDAP_COMPARE_TRUE:
2283 case LDAP_COMPARE_FALSE:
2284 a_hasSubordinate = slap_operational_hasSubordinate( rc == LDAP_COMPARE_TRUE );
2285 if ( a_hasSubordinate != NULL ) {
2286 for ( ap = &user_entry.e_attrs;
2288 ap = &(*ap)->a_next );
2290 *ap = a_hasSubordinate;
2296 Debug(LDAP_DEBUG_TRACE,
2297 "backsql_search(): "
2298 "has_children failed( %d)\n",
2305 if ( bsi.bsi_flags & BSQL_SF_FILTER_ENTRYUUID ) {
2306 a_entryUUID = backsql_operational_entryUUID( bi, eid );
2307 if ( a_entryUUID != NULL ) {
2309 ap = &user_entry.e_attrs;
2312 for ( ; *ap; ap = &(*ap)->a_next );
2318 #ifdef BACKSQL_SYNCPROV
2319 if ( bsi.bsi_flags & BSQL_SF_FILTER_ENTRYCSN ) {
2320 a_entryCSN = backsql_operational_entryCSN( op );
2321 if ( a_entryCSN != NULL ) {
2323 ap = &user_entry.e_attrs;
2326 for ( ; *ap; ap = &(*ap)->a_next );
2331 #endif /* BACKSQL_SYNCPROV */
2333 if ( test_filter( op, e, op->ors_filter ) == LDAP_COMPARE_TRUE )
2335 rs->sr_attrs = op->ors_attrs;
2336 rs->sr_operational_attrs = NULL;
2338 rs->sr_flags = ( e == &user_entry ) ? REP_ENTRY_MODIFIABLE : 0;
2339 /* FIXME: need the whole entry (ITS#3480) */
2340 rs->sr_err = send_search_entry( op, rs );
2341 rs->sr_entry = NULL;
2342 rs->sr_attrs = NULL;
2343 rs->sr_operational_attrs = NULL;
2345 switch ( rs->sr_err ) {
2346 case LDAP_UNAVAILABLE:
2348 * FIXME: send_search_entry failed;
2351 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
2352 "connection lost\n", 0, 0, 0 );
2355 case LDAP_SIZELIMIT_EXCEEDED:
2361 if ( e == &user_entry ) {
2362 backsql_entry_clean( op, &user_entry );
2369 if ( rs->sr_nentries > 0 ) {
2370 rs->sr_ref = rs->sr_v2ref;
2371 rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS
2375 rs->sr_err = bsi.bsi_status;
2379 if ( rs->sr_err != SLAPD_ABANDON ) {
2380 send_ldap_result( op, rs );
2383 /* cleanup in case of abandon */
2384 for ( ; eid != NULL;
2385 eid = backsql_free_entryID( op,
2386 eid, eid == &bsi.bsi_base_id ? 0 : 1 ) )
2389 backsql_entry_clean( op, &base_entry );
2391 /* in case we got here accidentally */
2392 backsql_entry_clean( op, &user_entry );
2394 if ( rs->sr_v2ref ) {
2395 ber_bvarray_free( rs->sr_v2ref );
2396 rs->sr_v2ref = NULL;
2399 #ifdef BACKSQL_SYNCPROV
2401 Operation op2 = *op;
2402 SlapReply rs2 = { 0 };
2404 slap_callback cb = { 0 };
2406 op2.o_tag = LDAP_REQ_ADD;
2407 op2.o_bd = select_backend( &op->o_bd->be_nsuffix[0], 0, 0 );
2409 op2.o_callback = &cb;
2411 e.e_name = op->o_bd->be_suffix[0];
2412 e.e_nname = op->o_bd->be_nsuffix[0];
2414 cb.sc_response = slap_null_cb;
2416 op2.o_bd->be_add( &op2, &rs2 );
2418 #endif /* BACKSQL_SYNCPROV */
2421 (void)backsql_free_entryID( op, &bsi.bsi_base_id, 0 );
2423 if ( bsi.bsi_attrs != NULL ) {
2424 op->o_tmpfree( bsi.bsi_attrs, op->o_tmpmemctx );
2427 if ( !BER_BVISNULL( &nbase )
2428 && nbase.bv_val != op->o_req_ndn.bv_val )
2430 ch_free( nbase.bv_val );
2433 /* restore scope ... FIXME: this should be done before ANY
2434 * frontend call that uses op */
2435 if ( op->ors_scope == BACKSQL_SCOPE_BASE_LIKE ) {
2436 op->ors_scope = LDAP_SCOPE_BASE;
2439 Debug( LDAP_DEBUG_TRACE, "<==backsql_search()\n", 0, 0, 0 );
2444 /* return LDAP_SUCCESS IFF we can retrieve the specified entry.
2451 AttributeDescription *at,
2455 backsql_srch_info bsi = { 0 };
2456 SQLHDBC dbh = SQL_NULL_HDBC;
2458 SlapReply rs = { 0 };
2459 AttributeName anlist[ 2 ];
2463 rc = backsql_get_db_conn( op, &dbh );
2469 anlist[ 0 ].an_name = at->ad_cname;
2470 anlist[ 0 ].an_desc = at;
2471 BER_BVZERO( &anlist[ 1 ].an_name );
2474 bsi.bsi_e = ch_malloc( sizeof( Entry ) );
2475 rc = backsql_init_search( &bsi,
2479 dbh, op, &rs, at ? anlist : NULL,
2480 BACKSQL_ISF_GET_ENTRY );
2482 if ( !BER_BVISNULL( &bsi.bsi_base_id.eid_ndn ) ) {
2483 (void)backsql_free_entryID( op, &bsi.bsi_base_id, 0 );
2486 if ( rc == LDAP_SUCCESS ) {
2488 #if 0 /* not supported at present */
2489 /* find attribute values */
2490 if ( is_entry_alias( bsi.bsi_e ) ) {
2491 Debug( LDAP_DEBUG_ACL,
2492 "<= backsql_entry_get: entry is an alias\n",
2494 rc = LDAP_ALIAS_PROBLEM;
2495 goto return_results;
2499 if ( is_entry_referral( bsi.bsi_e ) ) {
2500 Debug( LDAP_DEBUG_ACL,
2501 "<= backsql_entry_get: entry is a referral\n",
2504 goto return_results;
2507 if ( oc && !is_entry_objectclass( bsi.bsi_e, oc, 0 ) ) {
2508 Debug( LDAP_DEBUG_ACL,
2509 "<= backsql_entry_get: "
2510 "failed to find objectClass\n",
2512 rc = LDAP_NO_SUCH_ATTRIBUTE;
2513 goto return_results;
2520 if ( bsi.bsi_attrs != NULL ) {
2521 op->o_tmpfree( bsi.bsi_attrs, op->o_tmpmemctx );
2524 if ( rc != LDAP_SUCCESS ) {
2526 entry_free( bsi.bsi_e );
2534 backsql_entry_clean(
2540 ctx = ldap_pvt_thread_pool_context();
2542 if ( ctx == NULL || ctx != op->o_tmpmemctx ) {
2543 if ( !BER_BVISNULL( &e->e_name ) ) {
2544 op->o_tmpfree( e->e_name.bv_val, op->o_tmpmemctx );
2545 BER_BVZERO( &e->e_name );
2548 if ( !BER_BVISNULL( &e->e_nname ) ) {
2549 op->o_tmpfree( e->e_nname.bv_val, op->o_tmpmemctx );
2550 BER_BVZERO( &e->e_nname );
2558 backsql_entry_release(
2563 backsql_entry_clean( op, e );