-/*
- * Copyright 1999, Dmitry Kovalev <mit@openldap.org>, All rights reserved.
+/* $OpenLDAP$ */
+/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
+ *
+ * Copyright 1999-2005 The OpenLDAP Foundation.
+ * Portions Copyright 1999 Dmitry Kovalev.
+ * Portions Copyright 2002 Pierangelo Masarati.
+ * Portions Copyright 2004 Mark Adamson.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
*
- * Redistribution and use in source and binary forms are permitted only
- * as authorized by the OpenLDAP Public License. A copy of this
- * license is available at http://www.OpenLDAP.org/license.html or
- * in file LICENSE in the top-level directory of the distribution.
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * <http://www.OpenLDAP.org/license.html>.
+ */
+/* ACKNOWLEDGEMENTS:
+ * This work was initially developed by Dmitry Kovalev for inclusion
+ * by OpenLDAP Software. Additional significant contributors include
+ * Pierangelo Masarati and Mark Adamson.
*/
#include "portable.h"
-#ifdef SLAPD_SQL
-
#include <stdio.h>
#include <sys/types.h>
#include "ac/string.h"
-#include "slap.h"
-#include "lber_pvt.h"
-#include "ldap_pvt.h"
-#include "back-sql.h"
-#include "sql-wrap.h"
-#include "schema-map.h"
-#include "entry-id.h"
-#include "util.h"
+#include "ac/ctype.h"
-#define BACKSQL_STOP 0
-#define BACKSQL_CONTINUE 1
+#include "slap.h"
+#include "proto-sql.h"
static int backsql_process_filter( backsql_srch_info *bsi, Filter *f );
+static int backsql_process_filter_eq( backsql_srch_info *bsi,
+ backsql_at_map_rec *at,
+ int casefold, struct berval *filter_value );
+static int backsql_process_filter_like( backsql_srch_info *bsi,
+ backsql_at_map_rec *at,
+ int casefold, struct berval *filter_value );
+static int backsql_process_filter_attr( backsql_srch_info *bsi, Filter *f,
+ backsql_at_map_rec *at );
static int
backsql_attrlist_add( backsql_srch_info *bsi, AttributeDescription *ad )
int n_attrs = 0;
AttributeName *an = NULL;
- if ( bsi->attrs == NULL ) {
+ if ( bsi->bsi_attrs == NULL ) {
return 1;
}
* clear the list (retrieve all attrs)
*/
if ( ad == NULL ) {
- ch_free( bsi->attrs );
- bsi->attrs = NULL;
+ bsi->bsi_op->o_tmpfree( bsi->bsi_attrs, bsi->bsi_op->o_tmpmemctx );
+ bsi->bsi_attrs = NULL;
+ bsi->bsi_flags |= BSQL_SF_ALL_ATTRS;
return 1;
}
- for ( ; bsi->attrs[ n_attrs ].an_name.bv_val; n_attrs++ ) {
- an = &bsi->attrs[ n_attrs ];
+ for ( ; !BER_BVISNULL( &bsi->bsi_attrs[ n_attrs ].an_name ); n_attrs++ ) {
+ an = &bsi->bsi_attrs[ n_attrs ];
Debug( LDAP_DEBUG_TRACE, "==>backsql_attrlist_add(): "
- "attribute '%s' is in list\n",
+ "attribute \"%s\" is in list\n",
an->an_name.bv_val, 0, 0 );
/*
* We can live with strcmp because the attribute
}
Debug( LDAP_DEBUG_TRACE, "==>backsql_attrlist_add(): "
- "adding '%s' to list\n", ad->ad_cname.bv_val, 0, 0 );
+ "adding \"%s\" to list\n", ad->ad_cname.bv_val, 0, 0 );
- an = (AttributeName *)ch_realloc( bsi->attrs,
- sizeof( AttributeName ) * ( n_attrs + 2 ) );
+ an = (AttributeName *)bsi->bsi_op->o_tmprealloc( bsi->bsi_attrs,
+ sizeof( AttributeName ) * ( n_attrs + 2 ),
+ bsi->bsi_op->o_tmpmemctx );
if ( an == NULL ) {
return -1;
}
an[ n_attrs ].an_name = ad->ad_cname;
an[ n_attrs ].an_desc = ad;
- an[ n_attrs + 1 ].an_name.bv_val = NULL;
- an[ n_attrs + 1 ].an_name.bv_len = 0;
+ BER_BVZERO( &an[ n_attrs + 1 ].an_name );
- bsi->attrs = an;
+ bsi->bsi_attrs = an;
return 1;
}
-void
+/*
+ * Initializes the search structure.
+ *
+ * If get_base_id != 0, the field bsi_base_id is filled
+ * with the entryID of bsi_base_ndn; it must be freed
+ * by backsql_free_entryID() when no longer required.
+ *
+ * NOTE: base must be normalized
+ */
+int
backsql_init_search(
backsql_srch_info *bsi,
- backsql_info *bi,
struct berval *nbase,
int scope,
- int slimit,
- int tlimit,
time_t stoptime,
Filter *filter,
SQLHDBC dbh,
- BackendDB *be,
- Connection *conn,
Operation *op,
- AttributeName *attrs )
+ SlapReply *rs,
+ AttributeName *attrs,
+ unsigned flags )
{
- AttributeName *p;
+ backsql_info *bi = (backsql_info *)op->o_bd->be_private;
+ int rc = LDAP_SUCCESS;
+
+ bsi->bsi_base_ndn = nbase;
+ bsi->bsi_use_subtree_shortcut = 0;
+ BER_BVZERO( &bsi->bsi_base_id.eid_dn );
+ BER_BVZERO( &bsi->bsi_base_id.eid_ndn );
+ bsi->bsi_scope = scope;
+ bsi->bsi_filter = filter;
+ bsi->bsi_dbh = dbh;
+ bsi->bsi_op = op;
+ bsi->bsi_rs = rs;
+ bsi->bsi_flags = BSQL_SF_NONE;
+
+ bsi->bsi_attrs = NULL;
+
+ if ( BACKSQL_FETCH_ALL_ATTRS( bi ) ) {
+ /*
+ * if requested, simply try to fetch all attributes
+ */
+ bsi->bsi_flags |= BSQL_SF_ALL_ATTRS;
+
+ } else {
+ if ( BACKSQL_FETCH_ALL_USERATTRS( bi ) ) {
+ bsi->bsi_flags |= BSQL_SF_ALL_USER;
+
+ } else if ( BACKSQL_FETCH_ALL_OPATTRS( bi ) ) {
+ bsi->bsi_flags |= BSQL_SF_ALL_OPER;
+ }
+
+ if ( attrs == NULL ) {
+ /* NULL means all user attributes */
+ bsi->bsi_flags |= BSQL_SF_ALL_USER;
+
+ } else {
+ AttributeName *p;
+ int got_oc = 0;
+
+ bsi->bsi_attrs = (AttributeName *)bsi->bsi_op->o_tmpalloc(
+ sizeof( AttributeName ),
+ bsi->bsi_op->o_tmpmemctx );
+ BER_BVZERO( &bsi->bsi_attrs[ 0 ].an_name );
- bsi->base_dn = nbase;
- bsi->scope = scope;
- bsi->slimit = slimit;
- bsi->tlimit = tlimit;
- bsi->filter = filter;
- bsi->dbh = dbh;
- bsi->be = be;
- bsi->conn = conn;
- bsi->op = op;
- bsi->bsi_flags = 0;
+ for ( p = attrs; !BER_BVISNULL( &p->an_name ); p++ ) {
+ if ( BACKSQL_NCMP( &p->an_name, &AllUser ) == 0 ) {
+ /* handle "*" */
+ bsi->bsi_flags |= BSQL_SF_ALL_USER;
+
+ /* if all attrs are requested, there's
+ * no need to continue */
+ if ( BSQL_ISF_ALL_ATTRS( bsi ) ) {
+ bsi->bsi_op->o_tmpfree( bsi->bsi_attrs,
+ bsi->bsi_op->o_tmpmemctx );
+ bsi->bsi_attrs = NULL;
+ break;
+ }
+ continue;
+
+ } else if ( BACKSQL_NCMP( &p->an_name, &AllOper ) == 0 ) {
+ /* handle "+" */
+ bsi->bsi_flags |= BSQL_SF_ALL_OPER;
+
+ /* if all attrs are requested, there's
+ * no need to continue */
+ if ( BSQL_ISF_ALL_ATTRS( bsi ) ) {
+ bsi->bsi_op->o_tmpfree( bsi->bsi_attrs,
+ bsi->bsi_op->o_tmpmemctx );
+ bsi->bsi_attrs = NULL;
+ break;
+ }
+ continue;
+
+ } else if ( BACKSQL_NCMP( &p->an_name, &NoAttrs ) == 0 ) {
+ /* ignore "1.1" */
+ continue;
+
+ } else if ( p->an_desc == slap_schema.si_ad_objectClass ) {
+ got_oc = 1;
+ }
- /*
- * handle "*"
- */
- if ( attrs == NULL || an_find( attrs, &AllUser ) ) {
- bsi->attrs = NULL;
+ backsql_attrlist_add( bsi, p->an_desc );
+ }
- } else {
- bsi->attrs = (AttributeName *)ch_calloc( 1,
- sizeof( AttributeName ) );
- bsi->attrs[ 0 ].an_name.bv_val = NULL;
- bsi->attrs[ 0 ].an_name.bv_len = 0;
-
- for ( p = attrs; p->an_name.bv_val; p++ ) {
- /*
- * ignore "1.1"; handle "+"
- */
- if ( BACKSQL_NCMP( &p->an_name, &AllOper ) == 0 ) {
- bsi->bsi_flags |= BSQL_SF_ALL_OPER;
- continue;
+ if ( got_oc == 0 && !( bsi->bsi_flags & BSQL_SF_ALL_USER ) ) {
+ /* add objectClass if not present,
+ * because it is required to understand
+ * if an entry is a referral, an alias
+ * or so... */
+ backsql_attrlist_add( bsi, slap_schema.si_ad_objectClass );
+ }
+ }
- } else if ( BACKSQL_NCMP( &p->an_name, &NoAttrs ) == 0 ) {
- continue;
+ if ( !BSQL_ISF_ALL_ATTRS( bsi ) && bi->sql_anlist ) {
+ AttributeName *p;
+
+ /* use hints if available */
+ for ( p = bi->sql_anlist; !BER_BVISNULL( &p->an_name ); p++ ) {
+ if ( BACKSQL_NCMP( &p->an_name, &AllUser ) == 0 ) {
+ /* handle "*" */
+ bsi->bsi_flags |= BSQL_SF_ALL_USER;
+
+ /* if all attrs are requested, there's
+ * no need to continue */
+ if ( BSQL_ISF_ALL_ATTRS( bsi ) ) {
+ bsi->bsi_op->o_tmpfree( bsi->bsi_attrs,
+ bsi->bsi_op->o_tmpmemctx );
+ bsi->bsi_attrs = NULL;
+ break;
+ }
+ continue;
+
+ } else if ( BACKSQL_NCMP( &p->an_name, &AllOper ) == 0 ) {
+ /* handle "+" */
+ bsi->bsi_flags |= BSQL_SF_ALL_OPER;
+
+ /* if all attrs are requested, there's
+ * no need to continue */
+ if ( BSQL_ISF_ALL_ATTRS( bsi ) ) {
+ bsi->bsi_op->o_tmpfree( bsi->bsi_attrs,
+ bsi->bsi_op->o_tmpmemctx );
+ bsi->bsi_attrs = NULL;
+ break;
+ }
+ continue;
+ }
+
+ backsql_attrlist_add( bsi, p->an_desc );
+ }
+
+ }
+ }
+
+ bsi->bsi_id_list = NULL;
+ bsi->bsi_id_listtail = &bsi->bsi_id_list;
+ bsi->bsi_n_candidates = 0;
+ bsi->bsi_stoptime = stoptime;
+ BER_BVZERO( &bsi->bsi_sel.bb_val );
+ bsi->bsi_sel.bb_len = 0;
+ BER_BVZERO( &bsi->bsi_from.bb_val );
+ bsi->bsi_from.bb_len = 0;
+ BER_BVZERO( &bsi->bsi_join_where.bb_val );
+ bsi->bsi_join_where.bb_len = 0;
+ BER_BVZERO( &bsi->bsi_flt_where.bb_val );
+ bsi->bsi_flt_where.bb_len = 0;
+ bsi->bsi_filter_oc = NULL;
+
+ if ( BACKSQL_IS_GET_ID( flags ) ) {
+ int matched = BACKSQL_IS_MATCHED( flags );
+ int getentry = BACKSQL_IS_GET_ENTRY( flags );
+ int gotit = 0;
+
+ assert( op->o_bd->be_private != NULL );
+
+ rc = backsql_dn2id( op, rs, dbh, nbase, &bsi->bsi_base_id,
+ matched, 1 );
+
+ /* the entry is collected either if requested for by getentry
+ * or if get noSuchObject and requested to climb the tree,
+ * so that a matchedDN or a referral can be returned */
+ if ( ( rc == LDAP_NO_SUCH_OBJECT && matched ) || getentry ) {
+ if ( !BER_BVISNULL( &bsi->bsi_base_id.eid_ndn ) ) {
+ assert( bsi->bsi_e != NULL );
+
+ if ( dn_match( nbase, &bsi->bsi_base_id.eid_ndn ) )
+ {
+ gotit = 1;
+ }
+
+ /*
+ * let's see if it is a referral and, in case, get it
+ */
+ backsql_attrlist_add( bsi, slap_schema.si_ad_ref );
+ rc = backsql_id2entry( bsi, &bsi->bsi_base_id );
+ if ( rc == LDAP_SUCCESS ) {
+ if ( is_entry_referral( bsi->bsi_e ) )
+ {
+ BerVarray erefs = get_entry_referrals( op, bsi->bsi_e );
+ if ( erefs ) {
+ rc = rs->sr_err = LDAP_REFERRAL;
+ rs->sr_ref = referral_rewrite( erefs,
+ &bsi->bsi_e->e_nname,
+ &op->o_req_dn,
+ scope );
+ ber_bvarray_free( erefs );
+
+ } else {
+ rc = rs->sr_err = LDAP_OTHER;
+ rs->sr_text = "bad referral object";
+ }
+
+ } else if ( !gotit ) {
+ rc = rs->sr_err = LDAP_NO_SUCH_OBJECT;
+ }
+ }
+
+ } else {
+ rs->sr_ref = referral_rewrite( default_referral,
+ NULL, &op->o_req_dn, scope );
+ rc = rs->sr_err = LDAP_REFERRAL;
}
+ }
+ }
+
+ bsi->bsi_status = rc;
- backsql_attrlist_add( bsi, p->an_desc );
- }
- }
-
- bsi->abandon = 0;
- bsi->id_list = NULL;
- bsi->n_candidates = 0;
- bsi->stoptime = stoptime;
- bsi->bi = bi;
- bsi->sel.bv_val = NULL;
- bsi->sel.bv_len = 0;
- bsi->sel_len = 0;
- bsi->from.bv_val = NULL;
- bsi->from.bv_len = 0;
- bsi->from_len = 0;
- bsi->join_where.bv_val = NULL;
- bsi->join_where.bv_len = 0;
- bsi->jwhere_len = 0;
- bsi->flt_where.bv_val = NULL;
- bsi->flt_where.bv_len = 0;
- bsi->fwhere_len = 0;
-
- bsi->status = LDAP_SUCCESS;
+ switch ( rc ) {
+ case LDAP_SUCCESS:
+ case LDAP_REFERRAL:
+ break;
+
+ default:
+ bsi->bsi_op->o_tmpfree( bsi->bsi_attrs,
+ bsi->bsi_op->o_tmpmemctx );
+ break;
+ }
+
+ return rc;
}
static int
return 0;
}
- backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len, "c", '(' /* ) */ );
+ backsql_strfcat( &bsi->bsi_flt_where, "c", '(' /* ) */ );
while ( 1 ) {
res = backsql_process_filter( bsi, f );
switch ( op ) {
case LDAP_FILTER_AND:
- backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len, "l",
- (ber_len_t)sizeof( " AND " ) - 1,
+ backsql_strfcat( &bsi->bsi_flt_where, "l",
+ (ber_len_t)STRLENOF( " AND " ),
" AND " );
break;
case LDAP_FILTER_OR:
- backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len, "l",
- (ber_len_t)sizeof( " OR " ) - 1,
+ backsql_strfcat( &bsi->bsi_flt_where, "l",
+ (ber_len_t)STRLENOF( " OR " ),
" OR " );
break;
}
}
- backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len, "c", /* ( */ ')' );
+ backsql_strfcat( &bsi->bsi_flt_where, "c", /* ( */ ')' );
return 1;
}
static int
-backsql_process_sub_filter( backsql_srch_info *bsi, Filter *f )
+backsql_process_sub_filter( backsql_srch_info *bsi, Filter *f,
+ backsql_at_map_rec *at )
{
+ backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
int i;
- backsql_at_map_rec *at;
+ int casefold = 0;
if ( !f ) {
return 0;
}
- at = backsql_ad2at( bsi->oc, f->f_sub_desc );
+ /* always uppercase strings by now */
+#ifdef BACKSQL_UPPERCASE_FILTER
+ if ( f->f_sub_desc->ad_type->sat_substr &&
+ SLAP_MR_ASSOCIATED( f->f_sub_desc->ad_type->sat_substr,
+ bi->sql_caseIgnoreMatch ) )
+#endif /* BACKSQL_UPPERCASE_FILTER */
+ {
+ casefold = 1;
+ }
+
+ if ( f->f_sub_desc->ad_type->sat_substr &&
+ SLAP_MR_ASSOCIATED( f->f_sub_desc->ad_type->sat_substr,
+ bi->sql_telephoneNumberMatch ) )
+ {
- assert( at );
+ struct berval bv;
+ ber_len_t i, s, a;
+
+ /*
+ * to check for matching telephone numbers
+ * with intermixed chars, e.g. val='1234'
+ * use
+ *
+ * val LIKE '%1%2%3%4%'
+ */
+
+ BER_BVZERO( &bv );
+ if ( f->f_sub_initial.bv_val ) {
+ bv.bv_len += f->f_sub_initial.bv_len;
+ }
+ if ( f->f_sub_any != NULL ) {
+ for ( a = 0; f->f_sub_any[ a ].bv_val != NULL; a++ ) {
+ bv.bv_len += f->f_sub_any[ a ].bv_len;
+ }
+ }
+ if ( f->f_sub_final.bv_val ) {
+ bv.bv_len += f->f_sub_final.bv_len;
+ }
+ bv.bv_len = 2 * bv.bv_len - 1;
+ bv.bv_val = ch_malloc( bv.bv_len + 1 );
+
+ s = 0;
+ if ( !BER_BVISNULL( &f->f_sub_initial ) ) {
+ bv.bv_val[ s ] = f->f_sub_initial.bv_val[ 0 ];
+ for ( i = 1; i < f->f_sub_initial.bv_len; i++ ) {
+ bv.bv_val[ s + 2 * i - 1 ] = '%';
+ bv.bv_val[ s + 2 * i ] = f->f_sub_initial.bv_val[ i ];
+ }
+ bv.bv_val[ s + 2 * i - 1 ] = '%';
+ s += 2 * i;
+ }
+
+ if ( f->f_sub_any != NULL ) {
+ for ( a = 0; !BER_BVISNULL( &f->f_sub_any[ a ] ); a++ ) {
+ bv.bv_val[ s ] = f->f_sub_any[ a ].bv_val[ 0 ];
+ for ( i = 1; i < f->f_sub_any[ a ].bv_len; i++ ) {
+ bv.bv_val[ s + 2 * i - 1 ] = '%';
+ bv.bv_val[ s + 2 * i ] = f->f_sub_any[ a ].bv_val[ i ];
+ }
+ bv.bv_val[ s + 2 * i - 1 ] = '%';
+ s += 2 * i;
+ }
+ }
+
+ if ( !BER_BVISNULL( &f->f_sub_final ) ) {
+ bv.bv_val[ s ] = f->f_sub_final.bv_val[ 0 ];
+ for ( i = 1; i < f->f_sub_final.bv_len; i++ ) {
+ bv.bv_val[ s + 2 * i - 1 ] = '%';
+ bv.bv_val[ s + 2 * i ] = f->f_sub_final.bv_val[ i ];
+ }
+ bv.bv_val[ s + 2 * i - 1 ] = '%';
+ s += 2 * i;
+ }
+
+ bv.bv_val[ s - 1 ] = '\0';
+
+ (void)backsql_process_filter_like( bsi, at, casefold, &bv );
+ ch_free( bv.bv_val );
+
+ return 1;
+ }
/*
* When dealing with case-sensitive strings
* SQL filters are more liberal.
*/
- backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len, "c", '(' /* ) */ );
+ backsql_strfcat( &bsi->bsi_flt_where, "c", '(' /* ) */ );
/* TimesTen */
- Debug( LDAP_DEBUG_TRACE, "expr: '%s' '%s'\n", at->sel_expr.bv_val,
- at->sel_expr_u.bv_val ? at->sel_expr_u.bv_val : "<NULL>", 0 );
- if ( bsi->bi->upper_func.bv_val ) {
+ Debug( LDAP_DEBUG_TRACE, "backsql_process_sub_filter(%s):\n",
+ at->bam_ad->ad_cname.bv_val, 0, 0 );
+ Debug(LDAP_DEBUG_TRACE, " expr: '%s%s%s'\n", at->bam_sel_expr.bv_val,
+ at->bam_sel_expr_u.bv_val ? "' '" : "",
+ at->bam_sel_expr_u.bv_val ? at->bam_sel_expr_u.bv_val : "" );
+ if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
/*
- * If a pre-upper-cased version of the column exists, use it
+ * If a pre-upper-cased version of the column
+ * or a precompiled upper function exists, use it
*/
- if ( at->sel_expr_u.bv_val ) {
- backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len,
- "bl",
- &at->sel_expr_u,
- (ber_len_t)sizeof( " LIKE '" ) - 1,
- " LIKE '" );
- } else {
- backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len,
- "bcbcl",
- &bsi->bi->upper_func,
- '(',
- &at->sel_expr,
- ')',
- (ber_len_t)sizeof( " LIKE '" ) - 1,
- " LIKE '" );
- }
+ backsql_strfcat( &bsi->bsi_flt_where,
+ "bl",
+ &at->bam_sel_expr_u,
+ (ber_len_t)STRLENOF( " LIKE '" ),
+ " LIKE '" );
+
} else {
- backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len, "bl",
- &at->sel_expr,
- (ber_len_t)sizeof( " LIKE '" ) - 1, " LIKE '" );
+ backsql_strfcat( &bsi->bsi_flt_where, "bl",
+ &at->bam_sel_expr,
+ (ber_len_t)STRLENOF( " LIKE '" ), " LIKE '" );
}
- if ( f->f_sub_initial.bv_val != NULL ) {
- size_t start;
+ if ( !BER_BVISNULL( &f->f_sub_initial ) ) {
+ ber_len_t start;
+
+#ifdef BACKSQL_TRACE
+ Debug( LDAP_DEBUG_TRACE,
+ "==>backsql_process_sub_filter(%s): "
+ "sub_initial=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
+ f->f_sub_initial.bv_val, 0 );
+#endif /* BACKSQL_TRACE */
- start = bsi->flt_where.bv_len;
- backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len, "b",
+ start = bsi->bsi_flt_where.bb_val.bv_len;
+ backsql_strfcat( &bsi->bsi_flt_where, "b",
&f->f_sub_initial );
- if ( bsi->bi->upper_func.bv_val ) {
- ldap_pvt_str2upper( &bsi->flt_where.bv_val[ start ] );
+ if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
+ ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
}
}
- backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len, "c", '%' );
+ backsql_strfcat( &bsi->bsi_flt_where, "c", '%' );
if ( f->f_sub_any != NULL ) {
- for ( i = 0; f->f_sub_any[ i ].bv_val != NULL; i++ ) {
- size_t start;
+ for ( i = 0; !BER_BVISNULL( &f->f_sub_any[ i ] ); i++ ) {
+ ber_len_t start;
#ifdef BACKSQL_TRACE
Debug( LDAP_DEBUG_TRACE,
- "==>backsql_process_sub_filter(): "
- "sub_any='%s'\n", f->f_sub_any[ i ].bv_val,
- 0, 0 );
+ "==>backsql_process_sub_filter(%s): "
+ "sub_any[%d]=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
+ i, f->f_sub_any[ i ].bv_val );
#endif /* BACKSQL_TRACE */
- start = bsi->flt_where.bv_len;
- backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len,
+ start = bsi->bsi_flt_where.bb_val.bv_len;
+ backsql_strfcat( &bsi->bsi_flt_where,
"bc",
&f->f_sub_any[ i ],
'%' );
- if ( bsi->bi->upper_func.bv_val ) {
+ if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
/*
* Note: toupper('%') = '%'
*/
- ldap_pvt_str2upper( &bsi->flt_where.bv_val[ start ] );
+ ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
}
}
+ }
- if ( f->f_sub_final.bv_val != NULL ) {
- size_t start;
+ if ( !BER_BVISNULL( &f->f_sub_final ) ) {
+ ber_len_t start;
- start = bsi->flt_where.bv_len;
- backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len, "b",
- &f->f_sub_final );
- if ( bsi->bi->upper_func.bv_val ) {
- ldap_pvt_str2upper( &bsi->flt_where.bv_val[ start ] );
- }
+#ifdef BACKSQL_TRACE
+ Debug( LDAP_DEBUG_TRACE,
+ "==>backsql_process_sub_filter(%s): "
+ "sub_final=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
+ f->f_sub_final.bv_val, 0 );
+#endif /* BACKSQL_TRACE */
+
+ start = bsi->bsi_flt_where.bb_val.bv_len;
+ backsql_strfcat( &bsi->bsi_flt_where, "b",
+ &f->f_sub_final );
+ if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
+ ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
}
}
- backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len, "l",
- (ber_len_t)sizeof( /* (' */ "')" ) - 1, /* ( */ "')" );
+ backsql_strfcat( &bsi->bsi_flt_where, "l",
+ (ber_len_t)STRLENOF( /* (' */ "')" ), /* (' */ "')" );
return 1;
}
+static int
+backsql_merge_from_tbls( backsql_srch_info *bsi, struct berval *from_tbls )
+{
+ if ( BER_BVISNULL( from_tbls ) ) {
+ return LDAP_SUCCESS;
+ }
+
+ if ( !BER_BVISNULL( &bsi->bsi_from.bb_val ) ) {
+ char *start, *end, *tmp;
+
+ tmp = ch_strdup( from_tbls->bv_val );
+
+ for ( start = tmp, end = strchr( start, ',' ); start; ) {
+ if ( end ) {
+ end[0] = '\0';
+ }
+
+ if ( strstr( bsi->bsi_from.bb_val.bv_val, start) == NULL )
+ {
+ backsql_strfcat( &bsi->bsi_from, "cs", ',', start );
+ }
+
+ if ( end ) {
+ /* in case there are spaces after the comma... */
+ for ( start = &end[1]; isspace( start[0] ); start++ );
+ if ( start[0] ) {
+ end = strchr( start, ',' );
+ } else {
+ start = NULL;
+ }
+ } else {
+ start = NULL;
+ }
+ }
+
+ ch_free( tmp );
+
+ } else {
+ backsql_strfcat( &bsi->bsi_from, "b", from_tbls );
+ }
+
+ return LDAP_SUCCESS;
+}
+
static int
backsql_process_filter( backsql_srch_info *bsi, Filter *f )
{
- backsql_at_map_rec *at;
- backsql_at_map_rec oc_attr = {
- slap_schema.si_ad_objectClass, BER_BVC(""), BER_BVC(""),
- BER_BVNULL, NULL, NULL, NULL };
+ backsql_at_map_rec **vat = NULL;
AttributeDescription *ad = NULL;
+ unsigned i;
int done = 0;
- ber_len_t len = 0;
- /* TimesTen */
int rc = 0;
- struct berval *filter_value = NULL;
Debug( LDAP_DEBUG_TRACE, "==>backsql_process_filter()\n", 0, 0, 0 );
- if ( f == NULL || f->f_choice == SLAPD_FILTER_COMPUTED ) {
- return 0;
+ if ( f->f_choice == SLAPD_FILTER_COMPUTED ) {
+ Debug( LDAP_DEBUG_TRACE, "backsql_process_filter(): "
+ "invalid filter\n", 0, 0, 0 );
+ rc = -1;
+ goto done;
}
switch( f->f_choice ) {
break;
case LDAP_FILTER_NOT:
- backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len, "l",
- (ber_len_t)sizeof( "NOT (" /* ) */ ) - 1,
+ backsql_strfcat( &bsi->bsi_flt_where, "l",
+ (ber_len_t)STRLENOF( "NOT (" /* ) */ ),
"NOT (" /* ) */ );
rc = backsql_process_filter( bsi, f->f_not );
- backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len, "c",
- /* ( */ ')' );
+ backsql_strfcat( &bsi->bsi_flt_where, "c", /* ( */ ')' );
done = 1;
break;
case LDAP_FILTER_EXT:
ad = f->f_mra->ma_desc;
+ if ( f->f_mr_dnattrs ) {
+ /*
+ * if dn attrs filtering is requested, better return
+ * success and let test_filter() deal with candidate
+ * selection; otherwise we'd need to set conditions
+ * on the contents of the DN, e.g. "SELECT ... FROM
+ * ldap_entries AS attributeName WHERE attributeName.dn
+ * like '%attributeName=value%'"
+ */
+ backsql_strfcat( &bsi->bsi_flt_where, "l",
+ (ber_len_t)STRLENOF( "1=1" ), "1=1" );
+ bsi->bsi_status = LDAP_SUCCESS;
+ rc = 1;
+ goto done;
+ }
break;
default:
}
if ( rc == -1 ) {
- /* TimesTen : Don't run the query */
- goto impossible;
+ goto done;
}
if ( done ) {
+ rc = 1;
goto done;
}
* Turn structuralObjectClass into objectClass
*/
if ( ad == slap_schema.si_ad_objectClass
- || ad == slap_schema.si_ad_structuralObjectClass ) {
- at = &oc_attr;
- backsql_strfcat( &at->sel_expr, &len, "cbc",
- '\'',
- &bsi->oc->oc->soc_cname,
- '\'' );
+ || ad == slap_schema.si_ad_structuralObjectClass )
+ {
+ /*
+ * If the filter is LDAP_FILTER_PRESENT, then it's done;
+ * otherwise, let's see if we are lucky: filtering
+ * for "structural" objectclass or ancestor...
+ */
+ switch ( f->f_choice ) {
+ case LDAP_FILTER_EQUALITY:
+ {
+ ObjectClass *oc = oc_bvfind( &f->f_av_value );
+
+ if ( oc == NULL ) {
+ Debug( LDAP_DEBUG_TRACE,
+ "backsql_process_filter(): "
+ "unknown objectClass \"%s\" "
+ "in filter\n",
+ f->f_av_value.bv_val, 0, 0 );
+ bsi->bsi_status = LDAP_OTHER;
+ rc = -1;
+ goto done;
+ }
+
+ /*
+ * "structural" objectClass inheritance:
+ * - a search for "person" will also return
+ * "inetOrgPerson"
+ * - a search for "top" will return everything
+ */
+ if ( is_object_subclass( oc, bsi->bsi_oc->bom_oc ) ) {
+ static struct berval ldap_entry_objclasses = BER_BVC( "ldap_entry_objclasses" );
+
+ backsql_merge_from_tbls( bsi, &ldap_entry_objclasses );
+
+ backsql_strfcat( &bsi->bsi_flt_where, "lbl",
+ (ber_len_t)STRLENOF( "(2=2 OR (ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ')) */ ),
+ "(2=2 OR (ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ')) */,
+ &bsi->bsi_oc->bom_oc->soc_cname,
+ (ber_len_t)STRLENOF( /* ((' */ "'))" ),
+ /* ((' */ "'))" );
+ bsi->bsi_status = LDAP_SUCCESS;
+ rc = 1;
+ goto done;
+ }
+
+ break;
+ }
+
+ case LDAP_FILTER_PRESENT:
+ backsql_strfcat( &bsi->bsi_flt_where, "l",
+ (ber_len_t)STRLENOF( "3=3" ), "3=3" );
+ bsi->bsi_status = LDAP_SUCCESS;
+ rc = 1;
+ goto done;
+
+ /* FIXME: LDAP_FILTER_EXT? */
+
+ default:
+ Debug( LDAP_DEBUG_TRACE,
+ "backsql_process_filter(): "
+ "illegal/unhandled filter "
+ "on objectClass attribute",
+ 0, 0, 0 );
+ bsi->bsi_status = LDAP_OTHER;
+ rc = -1;
+ goto done;
+ }
+
+ } else if ( ad == slap_schema.si_ad_entryUUID ) {
+ unsigned long oc_id;
+#ifdef BACKSQL_ARBITRARY_KEY
+ struct berval keyval;
+#else /* ! BACKSQL_ARBITRARY_KEY */
+ unsigned long keyval;
+ char keyvalbuf[] = "18446744073709551615";
+#endif /* ! BACKSQL_ARBITRARY_KEY */
+
+ switch ( f->f_choice ) {
+ case LDAP_FILTER_EQUALITY:
+ backsql_entryUUID_decode( &f->f_av_value, &oc_id, &keyval );
+
+ if ( oc_id != bsi->bsi_oc->bom_id ) {
+ bsi->bsi_status = LDAP_SUCCESS;
+ rc = -1;
+ goto done;
+ }
+
+#ifdef BACKSQL_ARBITRARY_KEY
+ backsql_strfcat( &bsi->bsi_flt_where, "bcblbc",
+ &bsi->bsi_oc->bom_keytbl, '.',
+ &bsi->bsi_oc->bom_keycol,
+ STRLENOF( " LIKE '" ), " LIKE '",
+ &keyval, '\'' );
+#else /* ! BACKSQL_ARBITRARY_KEY */
+ snprintf( keyvalbuf, sizeof( keyvalbuf ), "%lu", keyval );
+ backsql_strfcat( &bsi->bsi_flt_where, "bcbcs",
+ &bsi->bsi_oc->bom_keytbl, '.',
+ &bsi->bsi_oc->bom_keycol, '=', keyvalbuf );
+#endif /* ! BACKSQL_ARBITRARY_KEY */
+ break;
+
+ case LDAP_FILTER_PRESENT:
+ backsql_strfcat( &bsi->bsi_flt_where, "l",
+ (ber_len_t)STRLENOF( "4=4" ), "4=4" );
+ break;
+
+ default:
+ rc = -1;
+ goto done;
+ }
+
+ bsi->bsi_flags |= BSQL_SF_FILTER_ENTRYUUID;
+ rc = 1;
+ goto done;
+
+#ifdef BACKSQL_SYNCPROV
+ } else if ( ad == slap_schema.si_ad_entryCSN ) {
+ /*
+ * support for syncrepl as producer...
+ */
+ if ( !bsi->bsi_op->o_sync ) {
+ /* unsupported at present... */
+ bsi->bsi_status = LDAP_OTHER;
+ rc = -1;
+ goto done;
+ }
+
+ bsi->bsi_flags |= ( BSQL_SF_FILTER_ENTRYCSN | BSQL_SF_RETURN_ENTRYUUID);
+
+ /* if doing a syncrepl, try to return as much as possible,
+ * and always match the filter */
+ backsql_strfcat( &bsi->bsi_flt_where, "l",
+ (ber_len_t)STRLENOF( "5=5" ), "5=5" );
+
+ /* save for later use in operational attributes */
+ /* FIXME: saves only the first occurrence, because
+ * the filter during updates is written as
+ * "(&(entryCSN<={contextCSN})(entryCSN>={oldContextCSN})({filter}))"
+ * so we want our fake entryCSN to match the greatest
+ * value
+ */
+ if ( bsi->bsi_op->o_private == NULL ) {
+ bsi->bsi_op->o_private = &f->f_av_value;
+ }
+ bsi->bsi_status = LDAP_SUCCESS;
+
+ rc = 1;
+ goto done;
+#endif /* BACKSQL_SYNCPROV */
} else if ( ad == slap_schema.si_ad_hasSubordinates || ad == NULL ) {
/*
* Note however that hasSubordinates is boolean,
* so a more appropriate filter would be
* '(hasSubordinates=FALSE)'
+ *
+ * A more robust search for hasSubordinates
+ * would * require joining the ldap_entries table
+ * selecting if there are descendants of the
+ * candidate.
*/
- backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len, "l",
- (ber_len_t)sizeof( "1=1" ) - 1, "1=1" );
+ backsql_strfcat( &bsi->bsi_flt_where, "l",
+ (ber_len_t)STRLENOF( "6=6" ), "6=6" );
if ( ad == slap_schema.si_ad_hasSubordinates ) {
/*
- * We use this flag since we need to parse
- * the filter anyway; we should have used
- * the frontend API function
- * filter_has_subordinates()
+ * instruct candidate selection algorithm
+ * and attribute list to try to detect
+ * if an entry has subordinates
*/
bsi->bsi_flags |= BSQL_SF_FILTER_HASSUBORDINATE;
*/
backsql_attrlist_add( bsi, NULL );
}
+ rc = 1;
goto done;
-
- } else {
- at = backsql_ad2at( bsi->oc, ad );
}
- if ( at == NULL ) {
- Debug( LDAP_DEBUG_TRACE, "backsql_process_filter(): "
- "attribute '%s' is not defined for objectclass '%s'\n",
- ad->ad_cname.bv_val, BACKSQL_OC_NAME( bsi->oc ), 0 );
- backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len, "l",
- (ber_len_t)sizeof( "1=0" ) - 1, "1=0" );
- goto impossible;
+ /*
+ * attribute inheritance:
+ */
+ if ( backsql_supad2at( bsi->bsi_oc, ad, &vat ) ) {
+ bsi->bsi_status = LDAP_OTHER;
+ rc = -1;
+ goto done;
}
- backsql_merge_from_clause( &bsi->from, &bsi->from_len,
- &at->from_tbls );
+ if ( vat == NULL ) {
+ /* search anyway; other parts of the filter
+ * may succeeed */
+ backsql_strfcat( &bsi->bsi_flt_where, "l",
+ (ber_len_t)STRLENOF( "7=7" ), "7=7" );
+ bsi->bsi_status = LDAP_SUCCESS;
+ rc = 1;
+ goto done;
+ }
+
+ /* if required, open extra level of parens */
+ done = 0;
+ if ( vat[0]->bam_next || vat[1] ) {
+ backsql_strfcat( &bsi->bsi_flt_where, "c", '(' );
+ done = 1;
+ }
+
+ i = 0;
+next:;
+ /* apply attr */
+ if ( backsql_process_filter_attr( bsi, f, vat[i] ) == -1 ) {
+ return -1;
+ }
+
+ /* if more definitions of the same attr, apply */
+ if ( vat[i]->bam_next ) {
+ backsql_strfcat( &bsi->bsi_flt_where, "l",
+ STRLENOF( " OR " ), " OR " );
+ vat[i] = vat[i]->bam_next;
+ goto next;
+ }
+
+ /* if more descendants of the same attr, apply */
+ i++;
+ if ( vat[i] ) {
+ backsql_strfcat( &bsi->bsi_flt_where, "l",
+ STRLENOF( " OR " ), " OR " );
+ goto next;
+ }
+
+ /* if needed, close extra level of parens */
+ if ( done ) {
+ backsql_strfcat( &bsi->bsi_flt_where, "c", ')' );
+ }
+
+ rc = 1;
+
+done:;
+ if ( vat ) {
+ ch_free( vat );
+ }
+
+ Debug( LDAP_DEBUG_TRACE,
+ "<==backsql_process_filter() %s\n",
+ rc == 1 ? "succeeded" : "failed", 0, 0);
+
+ return rc;
+}
+
+static int
+backsql_process_filter_eq( backsql_srch_info *bsi, backsql_at_map_rec *at,
+ int casefold, struct berval *filter_value )
+{
/*
- * need to add this attribute to list of attrs to load,
- * so that we could do test_filter() later
+ * maybe we should check type of at->sel_expr here somehow,
+ * to know whether upper_func is applicable, but for now
+ * upper_func stuff is made for Oracle, where UPPER is
+ * safely applicable to NUMBER etc.
*/
- backsql_attrlist_add( bsi, ad );
+ if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
+ ber_len_t start;
+
+ backsql_strfcat( &bsi->bsi_flt_where, "cbl",
+ '(', /* ) */
+ &at->bam_sel_expr_u,
+ (ber_len_t)STRLENOF( "='" ),
+ "='" );
+
+ start = bsi->bsi_flt_where.bb_val.bv_len;
+
+ backsql_strfcat( &bsi->bsi_flt_where, "bl",
+ filter_value,
+ (ber_len_t)STRLENOF( /* (' */ "')" ),
+ /* (' */ "')" );
+
+ ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
- if ( at->join_where.bv_val != NULL
- && strstr( bsi->join_where.bv_val, at->join_where.bv_val ) == NULL ) {
- backsql_strfcat( &bsi->join_where, &bsi->jwhere_len, "lb",
- (ber_len_t)sizeof( " AND " ) - 1, " AND ",
- &at->join_where );
+ } else {
+ backsql_strfcat( &bsi->bsi_flt_where, "cblbl",
+ '(', /* ) */
+ &at->bam_sel_expr,
+ (ber_len_t)STRLENOF( "='" ), "='",
+ filter_value,
+ (ber_len_t)STRLENOF( /* (' */ "')" ),
+ /* (' */ "')" );
}
-#if 0
+ return 1;
+}
+
+static int
+backsql_process_filter_like( backsql_srch_info *bsi, backsql_at_map_rec *at,
+ int casefold, struct berval *filter_value )
+{
/*
- * FIXME: this is not required any more; however, note that
- * attribute name syntax might collide with SQL legal aliases
+ * maybe we should check type of at->sel_expr here somehow,
+ * to know whether upper_func is applicable, but for now
+ * upper_func stuff is made for Oracle, where UPPER is
+ * safely applicable to NUMBER etc.
*/
- if ( at != &oc_attr ) {
- backsql_strfcat( &bsi->sel, &bsi->sel_len, "cblb",
- ',',
- &at->sel_expr,
- (ber_len_t)sizeof( " AS " ) - 1, " AS ",
- &at->name );
- }
-#endif
+ if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
+ ber_len_t start;
+
+ backsql_strfcat( &bsi->bsi_flt_where, "cbl",
+ '(', /* ) */
+ &at->bam_sel_expr_u,
+ (ber_len_t)STRLENOF( " LIKE '%" ),
+ " LIKE '%" );
+
+ start = bsi->bsi_flt_where.bb_val.bv_len;
+
+ backsql_strfcat( &bsi->bsi_flt_where, "bl",
+ filter_value,
+ (ber_len_t)STRLENOF( /* (' */ "%')" ),
+ /* (' */ "%')" );
+
+ ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
+
+ } else {
+ backsql_strfcat( &bsi->bsi_flt_where, "cblbl",
+ '(', /* ) */
+ &at->bam_sel_expr,
+ (ber_len_t)STRLENOF( " LIKE '%" ),
+ " LIKE '%",
+ filter_value,
+ (ber_len_t)STRLENOF( /* (' */ "%')" ),
+ /* (' */ "%')" );
+ }
+
+ return 1;
+}
+
+static int
+backsql_process_filter_attr( backsql_srch_info *bsi, Filter *f, backsql_at_map_rec *at )
+{
+ backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
+ int casefold = 0;
+ struct berval *filter_value = NULL;
+ MatchingRule *matching_rule = NULL;
+ struct berval ordering = BER_BVC("<=");
+
+ Debug( LDAP_DEBUG_TRACE, "==>backsql_process_filter_attr(%s)\n",
+ at->bam_ad->ad_cname.bv_val, 0, 0 );
+
+ /*
+ * need to add this attribute to list of attrs to load,
+ * so that we can do test_filter() later
+ */
+ backsql_attrlist_add( bsi, at->bam_ad );
+
+ backsql_merge_from_tbls( bsi, &at->bam_from_tbls );
+
+ if ( !BER_BVISNULL( &at->bam_join_where )
+ && strstr( bsi->bsi_join_where.bb_val.bv_val,
+ at->bam_join_where.bv_val ) == NULL )
+ {
+ backsql_strfcat( &bsi->bsi_join_where, "lb",
+ (ber_len_t)STRLENOF( " AND " ), " AND ",
+ &at->bam_join_where );
+ }
switch ( f->f_choice ) {
case LDAP_FILTER_EQUALITY:
filter_value = &f->f_av_value;
+ matching_rule = at->bam_ad->ad_type->sat_equality;
+
goto equality_match;
- /* fail over next case */
+ /* fail over into next case */
case LDAP_FILTER_EXT:
filter_value = &f->f_mra->ma_value;
+ matching_rule = f->f_mr_rule;
equality_match:;
- /*
- * maybe we should check type of at->sel_expr here somehow,
- * to know whether upper_func is applicable, but for now
- * upper_func stuff is made for Oracle, where UPPER is
- * safely applicable to NUMBER etc.
- */
- if ( bsi->bi->upper_func.bv_val ) {
- size_t start;
-
- if ( at->sel_expr_u.bv_val ) {
- backsql_strfcat( &bsi->flt_where,
- &bsi->fwhere_len, "cbl",
- '(',
- &at->sel_expr_u,
- (ber_len_t)sizeof( "='" ) - 1,
- "='" );
- } else {
- backsql_strfcat( &bsi->flt_where,
- &bsi->fwhere_len, "cbcbl",
- '(' /* ) */ ,
- &bsi->bi->upper_func,
- '(' /* ) */ ,
- &at->sel_expr,
- (ber_len_t)sizeof( /* ( */ ")='" ) - 1,
- /* ( */ ")='" );
- }
+ /* always uppercase strings by now */
+#ifdef BACKSQL_UPPERCASE_FILTER
+ if ( SLAP_MR_ASSOCIATED( matching_rule,
+ bi->sql_caseIgnoreMatch ) )
+#endif /* BACKSQL_UPPERCASE_FILTER */
+ {
+ casefold = 1;
+ }
- start = bsi->flt_where.bv_len;
+ /* FIXME: directoryString filtering should use a similar
+ * approach to deal with non-prettified values like
+ * " A non prettified value ", by using a LIKE
+ * filter with all whitespaces collapsed to a single '%' */
+ if ( SLAP_MR_ASSOCIATED( matching_rule,
+ bi->sql_telephoneNumberMatch ) )
+ {
+ struct berval bv;
+ ber_len_t i;
- backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len,
- "bl",
- filter_value,
- (ber_len_t)sizeof( /* (' */ "')" ) - 1,
- /* (' */ "')" );
+ /*
+ * to check for matching telephone numbers
+ * with intermized chars, e.g. val='1234'
+ * use
+ *
+ * val LIKE '%1%2%3%4%'
+ */
- ldap_pvt_str2upper( &bsi->flt_where.bv_val[ start ] );
+ bv.bv_len = 2 * filter_value->bv_len - 1;
+ bv.bv_val = ch_malloc( bv.bv_len + 1 );
- } else {
- backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len,
- "cblbl",
- '(',
- &at->sel_expr,
- (ber_len_t)sizeof( "='" ) - 1, "='",
+ bv.bv_val[ 0 ] = filter_value->bv_val[ 0 ];
+ for ( i = 1; i < filter_value->bv_len; i++ ) {
+ bv.bv_val[ 2 * i - 1 ] = '%';
+ bv.bv_val[ 2 * i ] = filter_value->bv_val[ i ];
+ }
+ bv.bv_val[ 2 * i - 1 ] = '\0';
+
+ (void)backsql_process_filter_like( bsi, at, casefold, &bv );
+ ch_free( bv.bv_val );
+
+ break;
+ }
+
+ /* NOTE: this is required by objectClass inheritance
+ * and auxiliary objectClass use in filters for slightly
+ * more efficient candidate selection. */
+ /* FIXME: a bit too many specializations to deal with
+ * very specific cases... */
+ if ( at->bam_ad == slap_schema.si_ad_objectClass
+ || at->bam_ad == slap_schema.si_ad_structuralObjectClass )
+ {
+ backsql_strfcat( &bsi->bsi_flt_where, "lbl",
+ (ber_len_t)STRLENOF( "(ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */ ),
+ "(ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */,
filter_value,
- (ber_len_t)sizeof( /* (' */ "')" ) - 1,
+ (ber_len_t)STRLENOF( /* (' */ "')" ),
/* (' */ "')" );
+ break;
}
- break;
- case LDAP_FILTER_GE:
/*
- * FIXME: should we uppercase the operands?
+ * maybe we should check type of at->sel_expr here somehow,
+ * to know whether upper_func is applicable, but for now
+ * upper_func stuff is made for Oracle, where UPPER is
+ * safely applicable to NUMBER etc.
*/
- backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len, "cblbc",
- '(' /* ) */ ,
- &at->sel_expr,
- (ber_len_t)sizeof( ">=" ) - 1, ">=",
- &f->f_av_value,
- /* ( */ ')' );
+ (void)backsql_process_filter_eq( bsi, at, casefold, filter_value );
break;
+
+ case LDAP_FILTER_GE:
+ ordering.bv_val = ">=";
+
+ /* fall thru to next case */
case LDAP_FILTER_LE:
+ filter_value = &f->f_av_value;
+
+ /* always uppercase strings by now */
+#ifdef BACKSQL_UPPERCASE_FILTER
+ if ( at->bam_ad->ad_type->sat_ordering &&
+ SLAP_MR_ASSOCIATED( at->bam_ad->ad_type->sat_ordering,
+ bi->sql_caseIgnoreMatch ) )
+#endif /* BACKSQL_UPPERCASE_FILTER */
+ {
+ casefold = 1;
+ }
+
/*
* FIXME: should we uppercase the operands?
*/
- backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len, "cblbc",
- '(' /* ) */ ,
- &at->sel_expr,
- (ber_len_t)sizeof( "<=" ) - 1, "<=",
- &f->f_av_value,
- /* ( */ ')' );
+ if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
+ ber_len_t start;
+
+ backsql_strfcat( &bsi->bsi_flt_where, "cbbc",
+ '(', /* ) */
+ &at->bam_sel_expr_u,
+ &ordering,
+ '\'' );
+
+ start = bsi->bsi_flt_where.bb_val.bv_len;
+
+ backsql_strfcat( &bsi->bsi_flt_where, "bl",
+ filter_value,
+ (ber_len_t)STRLENOF( /* (' */ "')" ),
+ /* (' */ "')" );
+
+ ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
+
+ } else {
+ backsql_strfcat( &bsi->bsi_flt_where, "cbbcbl",
+ '(' /* ) */ ,
+ &at->bam_sel_expr,
+ &ordering,
+ '\'',
+ &f->f_av_value,
+ (ber_len_t)STRLENOF( /* (' */ "')" ),
+ /* ( */ "')" );
+ }
break;
case LDAP_FILTER_PRESENT:
- backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len, "lbl",
- (ber_len_t)sizeof( "NOT (" ) - 1, "NOT (",
- &at->sel_expr,
- (ber_len_t)sizeof( " IS NULL)" ) - 1, " IS NULL)" );
+ backsql_strfcat( &bsi->bsi_flt_where, "lbl",
+ (ber_len_t)STRLENOF( "NOT (" /* ) */),
+ "NOT (", /* ) */
+ &at->bam_sel_expr,
+ (ber_len_t)STRLENOF( /* ( */ " IS NULL)" ),
+ /* ( */ " IS NULL)" );
break;
case LDAP_FILTER_SUBSTRINGS:
- backsql_process_sub_filter( bsi, f );
+ backsql_process_sub_filter( bsi, f, at );
break;
case LDAP_FILTER_APPROX:
* upper_func stuff is made for Oracle, where UPPER is
* safely applicable to NUMBER etc.
*/
- if ( bsi->bi->upper_func.bv_val ) {
- size_t start;
-
- if ( at->sel_expr_u.bv_val ) {
- backsql_strfcat( &bsi->flt_where,
- &bsi->fwhere_len, "cbl",
- '(',
- &at->sel_expr_u,
- (ber_len_t)sizeof( " LIKE '%" ) - 1,
- " LIKE '%" );
- } else {
- backsql_strfcat( &bsi->flt_where,
- &bsi->fwhere_len, "cbcbl",
- '(' /* ) */ ,
- &bsi->bi->upper_func,
- '(' /* ) */ ,
- &at->sel_expr,
- (ber_len_t)sizeof( /* ( */ ") LIKE '%" ) - 1,
- /* ( */ ") LIKE '%" );
- }
-
- start = bsi->flt_where.bv_len;
-
- backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len,
- "bl",
- &f->f_av_value,
- (ber_len_t)sizeof( /* (' */ "%')" ) - 1,
- /* (' */ "%')" );
-
- ldap_pvt_str2upper( &bsi->flt_where.bv_val[ start ] );
-
- } else {
- backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len,
- "cblbl",
- '(',
- &at->sel_expr,
- (ber_len_t)sizeof( " LIKE '%" ) - 1,
- " LIKE '%",
- &f->f_av_value,
- (ber_len_t)sizeof( /* (' */ "%')" ) - 1,
- /* (' */ "%')" );
- }
+ (void)backsql_process_filter_like( bsi, at, 1, &f->f_av_value );
break;
default:
/* unhandled filter type; should not happen */
assert( 0 );
- backsql_strfcat( &bsi->flt_where, &bsi->fwhere_len, "l",
- (ber_len_t)sizeof( "1=1" ) - 1, "1=1" );
+ backsql_strfcat( &bsi->bsi_flt_where, "l",
+ (ber_len_t)STRLENOF( "8=8" ), "8=8" );
break;
}
-done:
- if ( oc_attr.sel_expr.bv_val != NULL ) {
- free( oc_attr.sel_expr.bv_val );
- }
-
- Debug( LDAP_DEBUG_TRACE, "<==backsql_process_filter()\n", 0, 0, 0 );
- return 1;
+ Debug( LDAP_DEBUG_TRACE, "<==backsql_process_filter_attr(%s)\n",
+ at->bam_ad->ad_cname.bv_val, 0, 0 );
-impossible:
- if ( oc_attr.sel_expr.bv_val != NULL ) {
- free( oc_attr.sel_expr.bv_val );
- }
- Debug( LDAP_DEBUG_TRACE, "<==backsql_process_filter() returns -1\n",
- 0, 0, 0 );
- return -1;
+ return 1;
}
static int
backsql_srch_query( backsql_srch_info *bsi, struct berval *query )
{
- backsql_info *bi = (backsql_info *)bsi->be->be_private;
- ber_len_t q_len = 0;
- int rc;
+ backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
+ int rc;
- assert( query );
- query->bv_val = NULL;
- query->bv_len = 0;
+ assert( query != NULL );
+ BER_BVZERO( query );
- Debug( LDAP_DEBUG_TRACE, "==>backsql_srch_query()\n", 0, 0, 0 );
- bsi->sel.bv_val = NULL;
- bsi->sel.bv_len = 0;
- bsi->sel_len = 0;
- bsi->from.bv_val = NULL;
- bsi->from.bv_len = 0;
- bsi->from_len = 0;
- bsi->join_where.bv_val = NULL;
- bsi->join_where.bv_len = 0;
- bsi->jwhere_len = 0;
- bsi->flt_where.bv_val = NULL;
- bsi->flt_where.bv_len = 0;
- bsi->fwhere_len = 0;
-
-#if 0
- /*
- * FIXME: this query has been split in case a string cast function
- * is defined; more sophisticated (pattern based) function should
- * be used
- */
- backsql_strcat( &bsi->sel, &bsi->sel_len,
- "SELECT DISTINCT ldap_entries.id,",
- bsi->oc->keytbl.bv_val, ".", bsi->oc->keycol.bv_val,
- ",'", bsi->oc->name.bv_val, "' AS objectClass",
- ",ldap_entries.dn AS dn", NULL );
-#endif
+ bsi->bsi_use_subtree_shortcut = 0;
- backsql_strfcat( &bsi->sel, &bsi->sel_len, "lbcbc",
- (ber_len_t)sizeof( "SELECT DISTINCT ldap_entries.id," ) - 1,
+ Debug( LDAP_DEBUG_TRACE, "==>backsql_srch_query()\n", 0, 0, 0 );
+ BER_BVZERO( &bsi->bsi_sel.bb_val );
+ BER_BVZERO( &bsi->bsi_sel.bb_val );
+ bsi->bsi_sel.bb_len = 0;
+ BER_BVZERO( &bsi->bsi_from.bb_val );
+ bsi->bsi_from.bb_len = 0;
+ BER_BVZERO( &bsi->bsi_join_where.bb_val );
+ bsi->bsi_join_where.bb_len = 0;
+ BER_BVZERO( &bsi->bsi_flt_where.bb_val );
+ bsi->bsi_flt_where.bb_len = 0;
+
+ backsql_strfcat( &bsi->bsi_sel, "lbcbc",
+ (ber_len_t)STRLENOF( "SELECT DISTINCT ldap_entries.id," ),
"SELECT DISTINCT ldap_entries.id,",
- &bsi->oc->keytbl,
+ &bsi->bsi_oc->bom_keytbl,
'.',
- &bsi->oc->keycol,
+ &bsi->bsi_oc->bom_keycol,
',' );
- if ( bi->strcast_func.bv_val ) {
- backsql_strfcat( &bsi->sel, &bsi->sel_len, "blbl",
- &bi->strcast_func,
- (ber_len_t)sizeof( "('" /* ') */ ) - 1,
+ if ( !BER_BVISNULL( &bi->sql_strcast_func ) ) {
+ backsql_strfcat( &bsi->bsi_sel, "blbl",
+ &bi->sql_strcast_func,
+ (ber_len_t)STRLENOF( "('" /* ') */ ),
"('" /* ') */ ,
- &bsi->oc->oc->soc_cname,
- (ber_len_t)sizeof( /* (' */ "')" ) - 1,
+ &bsi->bsi_oc->bom_oc->soc_cname,
+ (ber_len_t)STRLENOF( /* (' */ "')" ),
/* (' */ "')" );
} else {
- backsql_strfcat( &bsi->sel, &bsi->sel_len, "cbc",
+ backsql_strfcat( &bsi->bsi_sel, "cbc",
'\'',
- &bsi->oc->oc->soc_cname,
+ &bsi->bsi_oc->bom_oc->soc_cname,
'\'' );
}
- backsql_strfcat( &bsi->sel, &bsi->sel_len, "l",
- (ber_len_t)sizeof( " AS objectClass,ldap_entries.dn AS dn" ) - 1,
- " AS objectClass,ldap_entries.dn AS dn" );
- backsql_strfcat( &bsi->from, &bsi->from_len, "lb",
- (ber_len_t)sizeof( " FROM ldap_entries," ) - 1,
+ backsql_strfcat( &bsi->bsi_sel, "b", &bi->sql_dn_oc_aliasing );
+ backsql_strfcat( &bsi->bsi_from, "lb",
+ (ber_len_t)STRLENOF( " FROM ldap_entries," ),
" FROM ldap_entries,",
- &bsi->oc->keytbl );
+ &bsi->bsi_oc->bom_keytbl );
- backsql_strfcat( &bsi->join_where, &bsi->jwhere_len, "lbcbl",
- (ber_len_t)sizeof( " WHERE " ) - 1, " WHERE ",
- &bsi->oc->keytbl,
+ backsql_strfcat( &bsi->bsi_join_where, "lbcbl",
+ (ber_len_t)STRLENOF( " WHERE " ), " WHERE ",
+ &bsi->bsi_oc->bom_keytbl,
'.',
- &bsi->oc->keycol,
- (ber_len_t)sizeof( "=ldap_entries.keyval AND ldap_entries.oc_map_id=? AND " ) - 1,
+ &bsi->bsi_oc->bom_keycol,
+ (ber_len_t)STRLENOF( "=ldap_entries.keyval AND ldap_entries.oc_map_id=? AND " ),
"=ldap_entries.keyval AND ldap_entries.oc_map_id=? AND " );
- switch ( bsi->scope ) {
+ switch ( bsi->bsi_scope ) {
case LDAP_SCOPE_BASE:
- if ( bsi->bi->upper_func.bv_val ) {
- backsql_strfcat( &bsi->join_where, &bsi->jwhere_len,
- "blbcb",
- &bsi->bi->upper_func,
- (ber_len_t)sizeof( "(ldap_entries.dn)=" ) - 1,
- "(ldap_entries.dn)=",
- &bsi->bi->upper_func_open,
- '?',
- &bsi->bi->upper_func_close );
+ if ( BACKSQL_CANUPPERCASE( bi ) ) {
+ backsql_strfcat( &bsi->bsi_join_where, "bl",
+ &bi->sql_upper_func,
+ (ber_len_t)STRLENOF( "(ldap_entries.dn)=?" ),
+ "(ldap_entries.dn)=?" );
} else {
- backsql_strfcat( &bsi->join_where, &bsi->jwhere_len,
- "l",
- (ber_len_t)sizeof( "ldap_entries.dn=?" ) - 1,
+ backsql_strfcat( &bsi->bsi_join_where, "l",
+ (ber_len_t)STRLENOF( "ldap_entries.dn=?" ),
"ldap_entries.dn=?" );
}
break;
+ case BACKSQL_SCOPE_BASE_LIKE:
+ if ( BACKSQL_CANUPPERCASE( bi ) ) {
+ backsql_strfcat( &bsi->bsi_join_where, "bl",
+ &bi->sql_upper_func,
+ (ber_len_t)STRLENOF( "(ldap_entries.dn) LIKE ?" ),
+ "(ldap_entries.dn) LIKE ?" );
+ } else {
+ backsql_strfcat( &bsi->bsi_join_where, "l",
+ (ber_len_t)STRLENOF( "ldap_entries.dn LIKE ?" ),
+ "ldap_entries.dn LIKE ?" );
+ }
+ break;
+
case LDAP_SCOPE_ONELEVEL:
- backsql_strfcat( &bsi->join_where, &bsi->jwhere_len, "l",
- (ber_len_t)sizeof( "ldap_entries.parent=?" ) - 1,
+ backsql_strfcat( &bsi->bsi_join_where, "l",
+ (ber_len_t)STRLENOF( "ldap_entries.parent=?" ),
"ldap_entries.parent=?" );
break;
- case LDAP_SCOPE_SUBTREE:
- if ( bsi->bi->upper_func.bv_val ) {
- backsql_strfcat( &bsi->join_where, &bsi->jwhere_len,
- "blbcb",
- &bsi->bi->upper_func,
- (ber_len_t)sizeof( "(ldap_entries.dn) LIKE " ) - 1,
- "(ldap_entries.dn) LIKE ",
- &bsi->bi->upper_func_open,
- '?',
- &bsi->bi->upper_func_close );
+#ifdef LDAP_SCOPE_SUBORDINATE
+ case LDAP_SCOPE_SUBORDINATE:
+#endif /* LDAP_SCOPE_SUBORDINATE */
+ case LDAP_SCOPE_SUBTREE:
+ if ( BACKSQL_USE_SUBTREE_SHORTCUT( bi ) ) {
+ int i;
+ BackendDB *bd = bsi->bsi_op->o_bd;
+
+ assert( bd->be_nsuffix != NULL );
+
+ for ( i = 0; !BER_BVISNULL( &bd->be_nsuffix[ i ] ); i++ )
+ {
+ if ( dn_match( &bd->be_nsuffix[ i ],
+ bsi->bsi_base_ndn ) )
+ {
+ /* pass this to the candidate selection
+ * routine so that the DN is not bound
+ * to the select statement */
+ bsi->bsi_use_subtree_shortcut = 1;
+ break;
+ }
+ }
+ }
+
+ if ( bsi->bsi_use_subtree_shortcut ) {
+ /* Skip the base DN filter, as every entry will match it */
+ backsql_strfcat( &bsi->bsi_join_where, "l",
+ (ber_len_t)STRLENOF( "9=9"), "9=9");
+
+ } else if ( !BER_BVISNULL( &bi->sql_subtree_cond ) ) {
+ backsql_strfcat( &bsi->bsi_join_where, "b", &bi->sql_subtree_cond );
+
+ } else if ( BACKSQL_CANUPPERCASE( bi ) ) {
+ backsql_strfcat( &bsi->bsi_join_where, "bl",
+ &bi->sql_upper_func,
+ (ber_len_t)STRLENOF( "(ldap_entries.dn) LIKE ?" ),
+ "(ldap_entries.dn) LIKE ?" );
+
} else {
- backsql_strfcat( &bsi->join_where, &bsi->jwhere_len,
- "l",
- (ber_len_t)sizeof( "ldap_entries.dn LIKE ?" ) - 1,
+ backsql_strfcat( &bsi->bsi_join_where, "l",
+ (ber_len_t)STRLENOF( "ldap_entries.dn LIKE ?" ),
"ldap_entries.dn LIKE ?" );
}
-#if 0
- backsql_strfcat( &bsi->join_where, &bsi->jwhere_len, "b",
- &bsi->bi->subtree_cond );
-#endif
break;
default:
assert( 0 );
}
- rc = backsql_process_filter( bsi, bsi->filter );
+ rc = backsql_process_filter( bsi, bsi->bsi_filter );
if ( rc > 0 ) {
- backsql_strfcat( query, &q_len, "bbblb",
- &bsi->sel,
- &bsi->from,
- &bsi->join_where,
- (ber_len_t)sizeof( " AND " ) - 1, " AND ",
- &bsi->flt_where );
+ struct berbuf bb = BB_NULL;
+
+ backsql_strfcat( &bb, "bbblb",
+ &bsi->bsi_sel.bb_val,
+ &bsi->bsi_from.bb_val,
+ &bsi->bsi_join_where.bb_val,
+ (ber_len_t)STRLENOF( " AND " ), " AND ",
+ &bsi->bsi_flt_where.bb_val );
+
+ *query = bb.bb_val;
} else if ( rc < 0 ) {
/*
* Indicates that there's no possible way the filter matches
* anything. No need to issue the query
*/
- Debug( LDAP_DEBUG_TRACE,
- "<==backsql_srch_query() returns NULL\n", 0, 0, 0 );
free( query->bv_val );
- query->bv_val = NULL;
+ BER_BVZERO( query );
}
- free( bsi->sel.bv_val );
- bsi->sel.bv_len = 0;
- bsi->sel_len = 0;
- free( bsi->from.bv_val );
- bsi->from.bv_len = 0;
- bsi->from_len = 0;
- free( bsi->join_where.bv_val );
- bsi->join_where.bv_len = 0;
- bsi->jwhere_len = 0;
- free( bsi->flt_where.bv_val );
- bsi->flt_where.bv_len = 0;
- bsi->fwhere_len = 0;
+ free( bsi->bsi_sel.bb_val.bv_val );
+ BER_BVZERO( &bsi->bsi_sel.bb_val );
+ bsi->bsi_sel.bb_len = 0;
+ free( bsi->bsi_from.bb_val.bv_val );
+ BER_BVZERO( &bsi->bsi_from.bb_val );
+ bsi->bsi_from.bb_len = 0;
+ free( bsi->bsi_join_where.bb_val.bv_val );
+ BER_BVZERO( &bsi->bsi_join_where.bb_val );
+ bsi->bsi_join_where.bb_len = 0;
+ free( bsi->bsi_flt_where.bb_val.bv_val );
+ BER_BVZERO( &bsi->bsi_flt_where.bb_val );
+ bsi->bsi_flt_where.bb_len = 0;
- Debug( LDAP_DEBUG_TRACE, "<==backsql_srch_query()\n", 0, 0, 0 );
+ Debug( LDAP_DEBUG_TRACE, "<==backsql_srch_query() returns %s\n",
+ query->bv_val ? query->bv_val : "NULL", 0, 0 );
- return ( query->bv_val == NULL ? 1 : 0 );
+ return ( rc <= 0 ? 1 : 0 );
}
static int
backsql_oc_get_candidates( void *v_oc, void *v_bsi )
{
- backsql_oc_map_rec *oc = v_oc;
- backsql_srch_info *bsi = v_bsi;
+ backsql_oc_map_rec *oc = v_oc;
+ backsql_srch_info *bsi = v_bsi;
+ Operation *op = bsi->bsi_op;
+ backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
struct berval query;
- SQLHSTMT sth;
+ SQLHSTMT sth = SQL_NULL_HSTMT;
RETCODE rc;
- backsql_entryID base_id, *c_id;
int res;
BACKSQL_ROW_NTS row;
int i;
int j;
+ int n_candidates = bsi->bsi_n_candidates;
+
+ /*
+ * + 1 because we need room for '%';
+ * + 1 because we need room for ',' for LDAP_SCOPE_SUBORDINATE;
+ * this makes a subtree
+ * search for a DN BACKSQL_MAX_DN_LEN long legal
+ * if it returns that DN only
+ */
+ char tmp_base_ndn[ BACKSQL_MAX_DN_LEN + 1 + 1 ];
+
+ bsi->bsi_status = LDAP_SUCCESS;
- Debug( LDAP_DEBUG_TRACE, "==>backsql_oc_get_candidates(): oc='%s'\n",
+ Debug( LDAP_DEBUG_TRACE, "==>backsql_oc_get_candidates(): oc=\"%s\"\n",
BACKSQL_OC_NAME( oc ), 0, 0 );
- if ( bsi->n_candidates == -1 ) {
+ /* check for abandon */
+ if ( op->o_abandon ) {
+ bsi->bsi_status = SLAPD_ABANDON;
+ return BACKSQL_AVL_STOP;
+ }
+
+ if ( bsi->bsi_n_candidates == -1 ) {
Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
"unchecked limit has been overcome\n", 0, 0, 0 );
/* should never get here */
assert( 0 );
- return BACKSQL_STOP;
+ bsi->bsi_status = LDAP_ADMINLIMIT_EXCEEDED;
+ return BACKSQL_AVL_STOP;
}
- bsi->oc = oc;
- if ( backsql_srch_query( bsi, &query ) ) {
+ bsi->bsi_oc = oc;
+ res = backsql_srch_query( bsi, &query );
+ if ( res ) {
Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
- "could not construct query for objectclass\n",
- 0, 0, 0 );
- return BACKSQL_CONTINUE;
+ "error while constructing query for objectclass \"%s\"\n",
+ oc->bom_oc->soc_cname.bv_val, 0, 0 );
+ /*
+ * FIXME: need to separate errors from legally
+ * impossible filters
+ */
+ switch ( bsi->bsi_status ) {
+ case LDAP_SUCCESS:
+ case LDAP_UNDEFINED_TYPE:
+ case LDAP_NO_SUCH_OBJECT:
+ /* we are conservative... */
+ default:
+ bsi->bsi_status = LDAP_SUCCESS;
+ /* try next */
+ return BACKSQL_AVL_CONTINUE;
+
+ case LDAP_ADMINLIMIT_EXCEEDED:
+ case LDAP_OTHER:
+ /* don't try any more */
+ return BACKSQL_AVL_STOP;
+ }
+ }
+
+ if ( BER_BVISNULL( &query ) ) {
+ Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
+ "could not construct query for objectclass \"%s\"\n",
+ oc->bom_oc->soc_cname.bv_val, 0, 0 );
+ bsi->bsi_status = LDAP_SUCCESS;
+ return BACKSQL_AVL_CONTINUE;
}
Debug( LDAP_DEBUG_TRACE, "Constructed query: %s\n",
query.bv_val, 0, 0 );
- rc = backsql_Prepare( bsi->dbh, &sth, query.bv_val, 0 );
+ rc = backsql_Prepare( bsi->bsi_dbh, &sth, query.bv_val, 0 );
free( query.bv_val );
+ BER_BVZERO( &query );
if ( rc != SQL_SUCCESS ) {
Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
"error preparing query\n", 0, 0, 0 );
- backsql_PrintErrors( bsi->bi->db_env, bsi->dbh, sth, rc );
- return BACKSQL_CONTINUE;
+ backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh, sth, rc );
+ bsi->bsi_status = LDAP_OTHER;
+ return BACKSQL_AVL_CONTINUE;
}
+
+ Debug( LDAP_DEBUG_TRACE, "id: '%ld'\n", bsi->bsi_oc->bom_id, 0, 0 );
- if ( backsql_BindParamID( sth, 1, &bsi->oc->id ) != SQL_SUCCESS ) {
+ rc = backsql_BindParamInt( sth, 1, SQL_PARAM_INPUT,
+ &bsi->bsi_oc->bom_id );
+ if ( rc != SQL_SUCCESS ) {
Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
"error binding objectclass id parameter\n", 0, 0, 0 );
- return BACKSQL_CONTINUE;
+ bsi->bsi_status = LDAP_OTHER;
+ return BACKSQL_AVL_CONTINUE;
}
- switch ( bsi->scope ) {
+ switch ( bsi->bsi_scope ) {
case LDAP_SCOPE_BASE:
- rc = backsql_BindParamStr( sth, 2, bsi->base_dn->bv_val,
- BACKSQL_MAX_DN_LEN );
+ case BACKSQL_SCOPE_BASE_LIKE:
+ /*
+ * We do not accept DNs longer than BACKSQL_MAX_DN_LEN;
+ * however this should be handled earlier
+ */
+ if ( bsi->bsi_base_ndn->bv_len > BACKSQL_MAX_DN_LEN ) {
+ bsi->bsi_status = LDAP_OTHER;
+ return BACKSQL_AVL_CONTINUE;
+ }
+
+ AC_MEMCPY( tmp_base_ndn, bsi->bsi_base_ndn->bv_val,
+ bsi->bsi_base_ndn->bv_len + 1 );
+
+ /* uppercase DN only if the stored DN can be uppercased
+ * for comparison */
+ if ( BACKSQL_CANUPPERCASE( bi ) ) {
+ ldap_pvt_str2upper( tmp_base_ndn );
+ }
+
+ Debug( LDAP_DEBUG_TRACE, "(base)dn: \"%s\"\n",
+ tmp_base_ndn, 0, 0 );
+
+ rc = backsql_BindParamStr( sth, 2, SQL_PARAM_INPUT,
+ tmp_base_ndn, BACKSQL_MAX_DN_LEN );
if ( rc != SQL_SUCCESS ) {
Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
- "error binding base_dn parameter\n", 0, 0, 0 );
- backsql_PrintErrors( bsi->bi->db_env, bsi->dbh,
+ "error binding base_ndn parameter\n", 0, 0, 0 );
+ backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh,
sth, rc );
- return BACKSQL_CONTINUE;
+ bsi->bsi_status = LDAP_OTHER;
+ return BACKSQL_AVL_CONTINUE;
}
break;
- case LDAP_SCOPE_SUBTREE: {
-
- /*
- * + 1 because we need room for '%'; this makes a subtree
- * search for a DN BACKSQL_MAX_DN_LEN long legal
- * if it returns that DN only
- */
- char temp_base_dn[ BACKSQL_MAX_DN_LEN + 1 + 1 ];
-
+#ifdef LDAP_SCOPE_SUBORDINATE
+ case LDAP_SCOPE_SUBORDINATE:
+#endif /* LDAP_SCOPE_SUBORDINATE */
+ case LDAP_SCOPE_SUBTREE:
+ {
+ /* if short-cutting the search base,
+ * don't bind any parameter */
+ if ( bsi->bsi_use_subtree_shortcut ) {
+ break;
+ }
+
/*
* We do not accept DNs longer than BACKSQL_MAX_DN_LEN;
* however this should be handled earlier
*/
- assert( bsi->base_dn->bv_len <= BACKSQL_MAX_DN_LEN );
-
+ if ( bsi->bsi_base_ndn->bv_len > BACKSQL_MAX_DN_LEN ) {
+ bsi->bsi_status = LDAP_OTHER;
+ return BACKSQL_AVL_CONTINUE;
+ }
+
/*
* Sets the parameters for the SQL built earlier
* NOTE that all the databases could actually use
* If "dn" is being used, do a suffix search.
* If "dn_ru" is being used, do a prefix search.
*/
- if ( BACKSQL_HAS_LDAPINFO_DN_RU( bsi->bi ) ) {
- temp_base_dn[ 0 ] = '\0';
- for ( i = 0, j = bsi->base_dn->bv_len - 1;
+ if ( BACKSQL_HAS_LDAPINFO_DN_RU( bi ) ) {
+ tmp_base_ndn[ 0 ] = '\0';
+
+ for ( i = 0, j = bsi->bsi_base_ndn->bv_len - 1;
j >= 0; i++, j--) {
- temp_base_dn[ i ] = bsi->base_dn->bv_val[ j ];
+ tmp_base_ndn[ i ] = bsi->bsi_base_ndn->bv_val[ j ];
+ }
+
+#ifdef LDAP_SCOPE_SUBORDINATE
+ if ( bsi->bsi_scope == LDAP_SCOPE_SUBORDINATE ) {
+ tmp_base_ndn[ i++ ] = ',';
}
- temp_base_dn[ i ] = '%';
- temp_base_dn[ i + 1 ] = '\0';
- ldap_pvt_str2upper( temp_base_dn );
+#endif /* LDAP_SCOPE_SUBORDINATE */
+
+ tmp_base_ndn[ i ] = '%';
+ tmp_base_ndn[ i + 1 ] = '\0';
} else {
- temp_base_dn[ 0 ] = '%';
- AC_MEMCPY( &temp_base_dn[ 1 ], bsi->base_dn->bv_val,
- bsi->base_dn->bv_len + 1 );
- ldap_pvt_str2upper( &temp_base_dn[ 1 ] );
+ i = 0;
+
+ tmp_base_ndn[ i++ ] = '%';
+
+#ifdef LDAP_SCOPE_SUBORDINATE
+ if ( bsi->bsi_scope == LDAP_SCOPE_SUBORDINATE ) {
+ tmp_base_ndn[ i++ ] = ',';
+ }
+#endif /* LDAP_SCOPE_SUBORDINATE */
+
+ AC_MEMCPY( &tmp_base_ndn[ i ], bsi->bsi_base_ndn->bv_val,
+ bsi->bsi_base_ndn->bv_len + 1 );
+ }
+
+ /* uppercase DN only if the stored DN can be uppercased
+ * for comparison */
+ if ( BACKSQL_CANUPPERCASE( bi ) ) {
+ ldap_pvt_str2upper( tmp_base_ndn );
}
- Debug( LDAP_DEBUG_TRACE, "dn '%s'\n", temp_base_dn, 0, 0 );
+#ifdef LDAP_SCOPE_SUBORDINATE
+ if ( bsi->bsi_scope == LDAP_SCOPE_SUBORDINATE ) {
+ Debug( LDAP_DEBUG_TRACE, "(children)dn: \"%s\"\n",
+ tmp_base_ndn, 0, 0 );
+ } else
+#endif /* LDAP_SCOPE_SUBORDINATE */
+ {
+ Debug( LDAP_DEBUG_TRACE, "(sub)dn: \"%s\"\n",
+ tmp_base_ndn, 0, 0 );
+ }
- rc = backsql_BindParamStr( sth, 2, temp_base_dn,
- BACKSQL_MAX_DN_LEN );
+ rc = backsql_BindParamStr( sth, 2, SQL_PARAM_INPUT,
+ tmp_base_ndn, BACKSQL_MAX_DN_LEN );
if ( rc != SQL_SUCCESS ) {
Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
- "error binding base_dn parameter (2)\n",
+ "error binding base_ndn parameter (2)\n",
0, 0, 0 );
- backsql_PrintErrors( bsi->bi->db_env, bsi->dbh,
+ backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh,
sth, rc );
- return BACKSQL_CONTINUE;
+ bsi->bsi_status = LDAP_OTHER;
+ return BACKSQL_AVL_CONTINUE;
}
break;
}
case LDAP_SCOPE_ONELEVEL:
- res = backsql_dn2id( bsi->bi, &base_id,
- bsi->dbh, bsi->base_dn );
- if ( res != LDAP_SUCCESS ) {
- Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
- "could not retrieve base_dn id%s\n",
- res == LDAP_NO_SUCH_OBJECT ? ": no such entry"
- : "", 0, 0 );
- bsi->status = res;
- return BACKSQL_CONTINUE;
- }
-
- rc = backsql_BindParamID( sth, 2, &base_id.id );
- backsql_free_entryID( &base_id, 0 );
+ assert( !BER_BVISNULL( &bsi->bsi_base_id.eid_ndn ) );
+
+#ifdef BACKSQL_ARBITRARY_KEY
+ Debug( LDAP_DEBUG_TRACE, "(one)id: \"%s\"\n",
+ bsi->bsi_base_id.eid_id.bv_val, 0, 0 );
+#else /* ! BACKSQL_ARBITRARY_KEY */
+ Debug( LDAP_DEBUG_TRACE, "(one)id: '%lu'\n",
+ bsi->bsi_base_id.eid_id, 0, 0 );
+#endif /* ! BACKSQL_ARBITRARY_KEY */
+ rc = backsql_BindParamID( sth, 2, SQL_PARAM_INPUT,
+ &bsi->bsi_base_id.eid_id );
if ( rc != SQL_SUCCESS ) {
Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
"error binding base id parameter\n", 0, 0, 0 );
- return BACKSQL_CONTINUE;
+ bsi->bsi_status = LDAP_OTHER;
+ return BACKSQL_AVL_CONTINUE;
}
break;
}
if ( !BACKSQL_SUCCESS( rc ) ) {
Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
"error executing query\n", 0, 0, 0 );
- backsql_PrintErrors( bsi->bi->db_env, bsi->dbh, sth, rc );
+ backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh, sth, rc );
SQLFreeStmt( sth, SQL_DROP );
- return BACKSQL_CONTINUE;
+ bsi->bsi_status = LDAP_OTHER;
+ return BACKSQL_AVL_CONTINUE;
}
- backsql_BindRowAsStrings( sth, &row );
+ backsql_BindRowAsStrings_x( sth, &row, bsi->bsi_op->o_tmpmemctx );
rc = SQLFetch( sth );
for ( ; BACKSQL_SUCCESS( rc ); rc = SQLFetch( sth ) ) {
+ struct berval dn, pdn, ndn;
+ backsql_entryID *c_id = NULL;
+ int ret;
+
+ ber_str2bv( row.cols[ 3 ], 0, 0, &dn );
+
+ if ( backsql_api_odbc2dn( bsi->bsi_op, bsi->bsi_rs, &dn ) ) {
+ continue;
+ }
+
+ ret = dnPrettyNormal( NULL, &dn, &pdn, &ndn, op->o_tmpmemctx );
+ if ( dn.bv_val != row.cols[ 3 ] ) {
+ free( dn.bv_val );
+ }
+
+ if ( ret != LDAP_SUCCESS ) {
+ continue;
+ }
+
+ if ( bi->sql_baseObject && dn_match( &ndn, &bi->sql_baseObject->e_nname ) ) {
+ op->o_tmpfree( pdn.bv_val, op->o_tmpmemctx );
+ op->o_tmpfree( ndn.bv_val, op->o_tmpmemctx );
+ continue;
+ }
+
c_id = (backsql_entryID *)ch_calloc( 1,
sizeof( backsql_entryID ) );
- c_id->id = strtol( row.cols[ 0 ], NULL, 0 );
- c_id->keyval = strtol( row.cols[ 1 ], NULL, 0 );
- c_id->oc_id = bsi->oc->id;
- ber_str2bv( row.cols[ 3 ], 0, 1, &c_id->dn );
- c_id->next = bsi->id_list;
- bsi->id_list = c_id;
- bsi->n_candidates--;
-
+#ifdef BACKSQL_ARBITRARY_KEY
+ ber_str2bv_x( row.cols[ 0 ], 0, 1, &c_id->eid_id,
+ op->o_tmpmemctx );
+ ber_str2bv_x( row.cols[ 1 ], 0, 1, &c_id->eid_keyval,
+ op->o_tmpmemctx );
+#else /* ! BACKSQL_ARBITRARY_KEY */
+ c_id->eid_id = strtol( row.cols[ 0 ], NULL, 0 );
+ c_id->eid_keyval = strtol( row.cols[ 1 ], NULL, 0 );
+#endif /* ! BACKSQL_ARBITRARY_KEY */
+ c_id->eid_oc_id = bsi->bsi_oc->bom_id;
+
+ c_id->eid_dn = pdn;
+ c_id->eid_ndn = ndn;
+
+ /* append at end of list ... */
+ c_id->eid_next = NULL;
+ *bsi->bsi_id_listtail = c_id;
+ bsi->bsi_id_listtail = &c_id->eid_next;
+
+#ifdef BACKSQL_ARBITRARY_KEY
Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
- "added entry id=%ld, keyval=%ld dn='%s'\n",
- c_id->id, c_id->keyval, row.cols[ 3 ] );
+ "added entry id=%s, keyval=%s dn=\"%s\"\n",
+ c_id->eid_id.bv_val, c_id->eid_keyval.bv_val,
+ row.cols[ 3 ] );
+#else /* ! BACKSQL_ARBITRARY_KEY */
+ Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
+ "added entry id=%ld, keyval=%ld dn=\"%s\"\n",
+ c_id->eid_id, c_id->eid_keyval, row.cols[ 3 ] );
+#endif /* ! BACKSQL_ARBITRARY_KEY */
- if ( bsi->n_candidates == -1 ) {
+ /* count candidates, for unchecked limit */
+ bsi->bsi_n_candidates--;
+ if ( bsi->bsi_n_candidates == -1 ) {
break;
}
}
- backsql_FreeRow( &row );
+ backsql_FreeRow_x( &row, bsi->bsi_op->o_tmpmemctx );
SQLFreeStmt( sth, SQL_DROP );
- Debug( LDAP_DEBUG_TRACE, "<==backsql_oc_get_candidates()\n", 0, 0, 0 );
+ Debug( LDAP_DEBUG_TRACE, "<==backsql_oc_get_candidates(): %d\n",
+ n_candidates - bsi->bsi_n_candidates, 0, 0 );
- return ( bsi->n_candidates == -1 ? BACKSQL_STOP : BACKSQL_CONTINUE );
+ return ( bsi->bsi_n_candidates == -1 ? BACKSQL_AVL_STOP : BACKSQL_AVL_CONTINUE );
}
int
backsql_search( Operation *op, SlapReply *rs )
- /*
- BackendDB *be,
- Connection *conn,
- Operation *op,
- struct berval *base,
- struct berval *nbase,
- int scope,
- int deref,
- int slimit,
- int tlimit,
- Filter *filter,
- struct berval *filterstr,
- AttributeName *attrs,
- int attrsonly ) */
{
backsql_info *bi = (backsql_info *)op->o_bd->be_private;
- SQLHDBC dbh;
+ SQLHDBC dbh = SQL_NULL_HDBC;
int sres;
- Entry *entry, *res;
- int manageDSAit;
+ Entry user_entry = { 0 },
+ base_entry = { 0 };
+ int manageDSAit = get_manageDSAit( op );
time_t stoptime = 0;
- backsql_srch_info srch_info;
+ backsql_srch_info bsi = { 0 };
backsql_entryID *eid = NULL;
- struct slap_limits_set *limit = NULL;
- int isroot = 0;
-
- manageDSAit = get_manageDSAit( op );
+ struct berval nbase = BER_BVNULL;
Debug( LDAP_DEBUG_TRACE, "==>backsql_search(): "
- "base='%s', filter='%s', scope=%d,",
+ "base=\"%s\", filter=\"%s\", scope=%d,",
op->o_req_ndn.bv_val,
- op->oq_search.rs_filterstr.bv_val,
- op->oq_search.rs_scope );
+ op->ors_filterstr.bv_val ? op->ors_filterstr.bv_val : "(no filter)",
+ op->ors_scope );
Debug( LDAP_DEBUG_TRACE, " deref=%d, attrsonly=%d, "
"attributes to load: %s\n",
- op->oq_search.rs_deref,
- op->oq_search.rs_attrsonly,
- op->oq_search.rs_attrs == NULL ? "all" : "custom list" );
+ op->ors_deref,
+ op->ors_attrsonly,
+ op->ors_attrs == NULL ? "all" : "custom list" );
if ( op->o_req_ndn.bv_len > BACKSQL_MAX_DN_LEN ) {
Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
- "search base length (%ld) exceeds max length (%ld)\n",
+ "search base length (%ld) exceeds max length (%d)\n",
op->o_req_ndn.bv_len, BACKSQL_MAX_DN_LEN, 0 );
/*
* FIXME: a LDAP_NO_SUCH_OBJECT could be appropriate
return 1;
}
- sres = backsql_get_db_conn( op->o_bd, op->o_conn, &dbh );
+ sres = backsql_get_db_conn( op, &dbh );
if ( sres != LDAP_SUCCESS ) {
Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
"could not get connection handle - exiting\n",
return 1;
}
- /* TimesTen : Pass it along to the lower level routines */
- srch_info.use_reverse_dn = BACKSQL_USE_REVERSE_DN( bi );
-
- /* if not root, get appropriate limits */
- if ( be_isroot( op->o_bd, &op->o_ndn ) ) {
- isroot = 1;
- } else {
- ( void ) get_limits( op->o_bd, &op->o_ndn, &limit );
- }
-
- /* The time/size limits come first because they require very little
- * effort, so there's no chance the candidates are selected and then
- * the request is not honored only because of time/size constraints */
+ /* compute it anyway; root does not use it */
+ stoptime = op->o_time + op->ors_tlimit;
+
+ /* init search */
+ bsi.bsi_e = &base_entry;
+ rs->sr_err = backsql_init_search( &bsi, &op->o_req_ndn,
+ op->ors_scope,
+ stoptime, op->ors_filter,
+ dbh, op, rs, op->ors_attrs,
+ ( BACKSQL_ISF_MATCHED | BACKSQL_ISF_GET_ENTRY ) );
+ switch ( rs->sr_err ) {
+ case LDAP_SUCCESS:
+ break;
- /* if no time limit requested, use soft limit (unless root!) */
- if ( isroot ) {
- if ( op->oq_search.rs_tlimit == 0 ) {
- op->oq_search.rs_tlimit = -1; /* allow root to set no limit */
+ case LDAP_REFERRAL:
+ if ( manageDSAit && !BER_BVISNULL( &bsi.bsi_e->e_nname ) &&
+ dn_match( &op->o_req_ndn, &bsi.bsi_e->e_nname ) )
+ {
+ rs->sr_err = LDAP_SUCCESS;
+ rs->sr_text = NULL;
+ rs->sr_matched = NULL;
+ if ( rs->sr_ref ) {
+ ber_bvarray_free( rs->sr_ref );
+ rs->sr_ref = NULL;
+ }
+ break;
}
+ /* fall thru */
- if ( op->oq_search.rs_slimit == 0 ) {
- op->oq_search.rs_slimit = -1;
+ default:
+#ifdef SLAP_ACL_HONOR_DISCLOSE
+ if ( !BER_BVISNULL( &base_entry.e_nname )
+ && ! access_allowed( op, &base_entry,
+ slap_schema.si_ad_entry, NULL,
+ ACL_DISCLOSE, NULL ) )
+ {
+ rs->sr_err = LDAP_NO_SUCH_OBJECT;
+ if ( rs->sr_ref ) {
+ ber_bvarray_free( rs->sr_ref );
+ rs->sr_ref = NULL;
+ }
+ rs->sr_matched = NULL;
+ rs->sr_text = NULL;
}
+#endif /* SLAP_ACL_HONOR_DISCLOSE */
- } else {
- /* if no limit is required, use soft limit */
- if ( op->oq_search.rs_tlimit <= 0 ) {
- op->oq_search.rs_tlimit = limit->lms_t_soft;
-
- /* if requested limit higher than hard limit, abort */
- } else if ( op->oq_search.rs_tlimit > limit->lms_t_hard ) {
- /* no hard limit means use soft instead */
- if ( limit->lms_t_hard == 0
- && limit->lms_t_soft > -1
- && op->oq_search.rs_tlimit > limit->lms_t_soft ) {
- op->oq_search.rs_tlimit = limit->lms_t_soft;
-
- /* positive hard limit means abort */
- } else if ( limit->lms_t_hard > 0 ) {
- rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
- send_ldap_result( op, rs );
- return 0;
- }
+ send_ldap_result( op, rs );
+ goto done;
+
+ }
+#ifdef SLAP_ACL_HONOR_DISCLOSE
+ /* NOTE: __NEW__ "search" access is required
+ * on searchBase object */
+ {
+ slap_mask_t mask;
- /* negative hard limit means no limit */
+ if ( get_assert( op ) &&
+ ( test_filter( op, &base_entry, get_assertion( op ) )
+ != LDAP_COMPARE_TRUE ) )
+ {
+ rs->sr_err = LDAP_ASSERTION_FAILED;
+
}
-
- /* if no limit is required, use soft limit */
- if ( op->oq_search.rs_slimit <= 0 ) {
- op->oq_search.rs_slimit = limit->lms_s_soft;
-
- /* if requested limit higher than hard limit, abort */
- } else if ( op->oq_search.rs_slimit > limit->lms_s_hard ) {
- /* no hard limit means use soft instead */
- if ( limit->lms_s_hard == 0
- && limit->lms_s_soft > -1
- && op->oq_search.rs_slimit > limit->lms_s_soft ) {
- op->oq_search.rs_slimit = limit->lms_s_soft;
-
- /* positive hard limit means abort */
- } else if ( limit->lms_s_hard > 0 ) {
- rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
- send_ldap_result( op, rs );
- return 0;
+ if ( ! access_allowed_mask( op, &base_entry,
+ slap_schema.si_ad_entry,
+ NULL, ACL_SEARCH, NULL, &mask ) )
+ {
+ if ( rs->sr_err == LDAP_SUCCESS ) {
+ rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
}
-
- /* negative hard limit means no limit */
+ }
+
+ if ( rs->sr_err != LDAP_SUCCESS ) {
+ if ( !ACL_GRANT( mask, ACL_DISCLOSE ) ) {
+ rs->sr_err = LDAP_NO_SUCH_OBJECT;
+ rs->sr_text = NULL;
+ }
+ send_ldap_result( op, rs );
+ goto done;
}
}
+#endif /* SLAP_ACL_HONOR_DISCLOSE */
- /* compute it anyway; root does not use it */
- stoptime = op->o_time + op->oq_search.rs_tlimit;
+ bsi.bsi_e = NULL;
- backsql_init_search( &srch_info, bi, &op->o_req_dn,
- op->oq_search.rs_scope,
- op->oq_search.rs_slimit, op->oq_search.rs_tlimit,
- stoptime, op->oq_search.rs_filter,
- dbh, op->o_bd, op->o_conn, op,
- op->oq_search.rs_attrs );
+ bsi.bsi_n_candidates =
+ ( op->ors_limit == NULL /* isroot == TRUE */ ? -2 :
+ ( op->ors_limit->lms_s_unchecked == -1 ? -2 :
+ ( op->ors_limit->lms_s_unchecked ) ) );
- /*
- * for each objectclass we try to construct query which gets IDs
- * of entries matching LDAP query filter and scope (or at least
- * candidates), and get the IDs
- */
- srch_info.n_candidates = ( isroot ? -2 : limit->lms_s_unchecked == -1
- ? -2 : limit->lms_s_unchecked );
- avl_apply( bi->oc_by_oc, backsql_oc_get_candidates,
- &srch_info, BACKSQL_STOP, AVL_INORDER );
- if ( !isroot && limit->lms_s_unchecked != -1 ) {
- if ( srch_info.n_candidates == -1 ) {
- rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
- send_ldap_result( op, rs );
- goto done;
+ switch ( bsi.bsi_scope ) {
+ case LDAP_SCOPE_BASE:
+ case BACKSQL_SCOPE_BASE_LIKE:
+ /*
+ * probably already found...
+ */
+ bsi.bsi_id_list = &bsi.bsi_base_id;
+ bsi.bsi_id_listtail = &bsi.bsi_base_id.eid_next;
+ break;
+
+ case LDAP_SCOPE_SUBTREE:
+ /*
+ * if baseObject is defined, and if it is the root
+ * of the search, add it to the candidate list
+ */
+ if ( bi->sql_baseObject && BACKSQL_IS_BASEOBJECT_ID( &bsi.bsi_base_id.eid_id ) )
+ {
+ bsi.bsi_id_list = &bsi.bsi_base_id;
+ bsi.bsi_id_listtail = &bsi.bsi_base_id.eid_next;
+ }
+
+ /* FALLTHRU */
+ default:
+
+ /*
+ * for each objectclass we try to construct query which gets IDs
+ * of entries matching LDAP query filter and scope (or at least
+ * candidates), and get the IDs
+ */
+ avl_apply( bi->sql_oc_by_oc, backsql_oc_get_candidates,
+ &bsi, BACKSQL_AVL_STOP, AVL_INORDER );
+
+ /* check for abandon */
+ if ( op->o_abandon ) {
+ eid = bsi.bsi_id_list;
+ rs->sr_err = SLAPD_ABANDON;
+ goto send_results;
}
}
-
+
+ if ( op->ors_limit != NULL /* isroot == FALSE */
+ && op->ors_limit->lms_s_unchecked != -1
+ && bsi.bsi_n_candidates == -1 )
+ {
+ rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
+ send_ldap_result( op, rs );
+ goto done;
+ }
+
/*
* now we load candidate entries (only those attributes
* mentioned in attrs and filter), test it against full filter
- * and then send to client
+ * and then send to client; don't free entry_id if baseObject...
*/
- for ( eid = srch_info.id_list; eid != NULL;
- eid = backsql_free_entryID( eid, 1 ) ) {
- Attribute *hasSubordinate = NULL,
- *a = NULL;
+ for ( eid = bsi.bsi_id_list;
+ eid != NULL;
+ eid = backsql_free_entryID( op,
+ eid, eid == &bsi.bsi_base_id ? 0 : 1 ) )
+ {
+ int rc;
+ Attribute *a_hasSubordinate = NULL,
+ *a_entryUUID = NULL,
+ *a_entryCSN = NULL,
+ **ap = NULL;
+ Entry *e = NULL;
/* check for abandon */
if ( op->o_abandon ) {
- break;
+ rs->sr_err = SLAPD_ABANDON;
+ goto send_results;
}
/* check time limit */
- if ( op->oq_search.rs_tlimit != -1 && slap_get_time() > stoptime ) {
+ if ( op->ors_tlimit != SLAP_NO_LIMIT
+ && slap_get_time() > stoptime )
+ {
rs->sr_err = LDAP_TIMELIMIT_EXCEEDED;
rs->sr_ctrls = NULL;
rs->sr_ref = rs->sr_v2ref;
- rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS
- : LDAP_REFERRAL;
- send_ldap_result( op, rs );
- goto end_of_search;
+ goto send_results;
}
+#ifdef BACKSQL_ARBITRARY_KEY
+ Debug(LDAP_DEBUG_TRACE, "backsql_search(): loading data "
+ "for entry id=%s, oc_id=%ld, keyval=%s\n",
+ eid->eid_id.bv_val, eid->eid_oc_id,
+ eid->eid_keyval.bv_val );
+#else /* ! BACKSQL_ARBITRARY_KEY */
Debug(LDAP_DEBUG_TRACE, "backsql_search(): loading data "
"for entry id=%ld, oc_id=%ld, keyval=%ld\n",
- eid->id, eid->oc_id, eid->keyval );
-
- entry = (Entry *)ch_calloc( sizeof( Entry ), 1 );
- res = backsql_id2entry( &srch_info, entry, eid );
- if ( res == NULL ) {
- Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
- "error in backsql_id2entry() "
- "- skipping entry\n", 0, 0, 0 );
- continue;
+ eid->eid_id, eid->eid_oc_id, eid->eid_keyval );
+#endif /* ! BACKSQL_ARBITRARY_KEY */
+
+ /* check scope */
+ switch ( op->ors_scope ) {
+ case LDAP_SCOPE_BASE:
+ case BACKSQL_SCOPE_BASE_LIKE:
+ if ( !dn_match( &eid->eid_ndn, &op->o_req_ndn ) ) {
+ goto next_entry2;
+ }
+ break;
+
+ case LDAP_SCOPE_ONE:
+ {
+ struct berval rdn = eid->eid_ndn;
+
+ rdn.bv_len -= op->o_req_ndn.bv_len + STRLENOF( "," );
+ if ( !dnIsOneLevelRDN( &rdn ) ) {
+ goto next_entry2;
+ }
+ /* fall thru */
+ }
+
+#ifdef LDAP_SCOPE_SUBORDINATE
+ case LDAP_SCOPE_SUBORDINATE:
+ /* discard the baseObject entry */
+ if ( dn_match( &eid->eid_ndn, &op->o_req_ndn ) ) {
+ goto next_entry2;
+ }
+ /* FALLTHRU */
+#endif /* LDAP_SCOPE_SUBORDINATE */
+
+ case LDAP_SCOPE_SUBTREE:
+ /* FIXME: this should never fail... */
+ if ( !dnIsSuffix( &eid->eid_ndn, &op->o_req_ndn ) ) {
+ assert( 0 );
+ goto next_entry2;
+ }
+ break;
+ }
+
+ if ( BACKSQL_IS_BASEOBJECT_ID( &eid->eid_id ) ) {
+ /* don't recollect baseObject... */
+ e = bi->sql_baseObject;
+
+ } else if ( eid == &bsi.bsi_base_id ) {
+ /* don't recollect searchBase object... */
+ e = &base_entry;
+
+ } else {
+ bsi.bsi_e = &user_entry;
+ rc = backsql_id2entry( &bsi, eid );
+ if ( rc != LDAP_SUCCESS ) {
+ Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
+ "error %d in backsql_id2entry() "
+ "- skipping\n", rc, 0, 0 );
+ continue;
+ }
+ e = &user_entry;
}
if ( !manageDSAit &&
- op->oq_search.rs_scope != LDAP_SCOPE_BASE &&
- is_entry_referral( entry ) ) {
+ op->ors_scope != LDAP_SCOPE_BASE &&
+ op->ors_scope != BACKSQL_SCOPE_BASE_LIKE &&
+ is_entry_referral( e ) )
+ {
BerVarray refs;
- struct berval matched_dn;
- ber_dupbv( &matched_dn, &entry->e_name );
- refs = get_entry_referrals( op, entry );
+ refs = get_entry_referrals( op, e );
+ if ( !refs ) {
+ backsql_srch_info bsi2 = { 0 };
+ Entry user_entry2 = { 0 };
+
+ /* retry with the full entry... */
+ bsi2.bsi_e = &user_entry2;
+ rc = backsql_init_search( &bsi2,
+ &e->e_nname,
+ LDAP_SCOPE_BASE,
+ (time_t)(-1), NULL,
+ dbh, op, rs, NULL,
+ BACKSQL_ISF_GET_ENTRY );
+ if ( rc == LDAP_SUCCESS ) {
+ if ( is_entry_referral( &user_entry2 ) )
+ {
+ refs = get_entry_referrals( op,
+ &user_entry2 );
+ } else {
+ rs->sr_err = LDAP_OTHER;
+ }
+ backsql_entry_clean( op, &user_entry2 );
+ }
+ if ( bsi2.bsi_attrs != NULL ) {
+ op->o_tmpfree( bsi2.bsi_attrs,
+ op->o_tmpmemctx );
+ }
+ }
+
if ( refs ) {
rs->sr_ref = referral_rewrite( refs,
- &matched_dn, &op->o_req_dn,
- op->oq_search.rs_scope );
+ &e->e_name,
+ &op->o_req_dn,
+ op->ors_scope );
ber_bvarray_free( refs );
}
- if (!rs->sr_ref) {
- rs->sr_text = "bad_referral object";
+ if ( rs->sr_ref ) {
+ rs->sr_err = LDAP_REFERRAL;
+
+ } else {
+ rs->sr_text = "bad referral object";
}
- rs->sr_err = LDAP_REFERRAL;
- rs->sr_matched = matched_dn.bv_val;
- send_ldap_result( op, rs );
+ rs->sr_entry = e;
+ rs->sr_matched = user_entry.e_name.bv_val;
+ send_search_reference( op, rs );
ber_bvarray_free( rs->sr_ref );
rs->sr_ref = NULL;
- ber_memfree( matched_dn.bv_val );
rs->sr_matched = NULL;
+ rs->sr_entry = NULL;
- continue;
+ goto next_entry;
}
/*
* anyway; we should have used the frontend API function
* filter_has_subordinates()
*/
- if ( srch_info.bsi_flags & BSQL_SF_FILTER_HASSUBORDINATE ) {
- int rc;
+ if ( bsi.bsi_flags & BSQL_SF_FILTER_HASSUBORDINATE ) {
+ rc = backsql_has_children( op, dbh, &e->e_nname );
- rc = backsql_has_children( bi, dbh, &entry->e_nname );
-
- switch( rc ) {
+ switch ( rc ) {
case LDAP_COMPARE_TRUE:
case LDAP_COMPARE_FALSE:
- hasSubordinate = slap_operational_hasSubordinate( rc == LDAP_COMPARE_TRUE );
- if ( hasSubordinate != NULL ) {
- for ( a = entry->e_attrs;
- a && a->a_next;
- a = a->a_next );
+ a_hasSubordinate = slap_operational_hasSubordinate( rc == LDAP_COMPARE_TRUE );
+ if ( a_hasSubordinate != NULL ) {
+ for ( ap = &user_entry.e_attrs;
+ *ap;
+ ap = &(*ap)->a_next );
- a->a_next = hasSubordinate;
+ *ap = a_hasSubordinate;
}
rc = 0;
break;
"has_children failed( %d)\n",
rc, 0, 0 );
rc = 1;
- break;
- }
-
- if ( rc ) {
- continue;
+ goto next_entry;
}
}
- if ( test_filter( op, entry, op->oq_search.rs_filter )
- == LDAP_COMPARE_TRUE ) {
- if ( hasSubordinate && !( srch_info.bsi_flags & BSQL_SF_ALL_OPER )
- && !ad_inlist( slap_schema.si_ad_hasSubordinates, op->oq_search.rs_attrs ) ) {
- a->a_next = NULL;
- attr_free( hasSubordinate );
- hasSubordinate = NULL;
- }
+ if ( bsi.bsi_flags & BSQL_SF_FILTER_ENTRYUUID ) {
+ a_entryUUID = backsql_operational_entryUUID( bi, eid );
+ if ( a_entryUUID != NULL ) {
+ if ( ap == NULL ) {
+ ap = &user_entry.e_attrs;
+ }
-#if 0 /* noop is masked SLAP_CTRL_UPDATE */
- if ( op->o_noop ) {
- sres = 0;
- } else {
-#endif
- rs->sr_entry = entry;
- sres = send_search_entry( op, rs );
-#if 0
+ for ( ; *ap; ap = &(*ap)->a_next );
+
+ *ap = a_entryUUID;
}
-#endif
+ }
- switch ( sres ) {
- case 0:
- break;
+#ifdef BACKSQL_SYNCPROV
+ if ( bsi.bsi_flags & BSQL_SF_FILTER_ENTRYCSN ) {
+ a_entryCSN = backsql_operational_entryCSN( op );
+ if ( a_entryCSN != NULL ) {
+ if ( ap == NULL ) {
+ ap = &user_entry.e_attrs;
+ }
- case -1:
- Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
- "connection lost\n", 0, 0, 0 );
- goto end_of_search;
+ for ( ; *ap; ap = &(*ap)->a_next );
- default:
+ *ap = a_entryCSN;
+ }
+ }
+#endif /* BACKSQL_SYNCPROV */
+
+ if ( test_filter( op, e, op->ors_filter ) == LDAP_COMPARE_TRUE )
+ {
+ rs->sr_attrs = op->ors_attrs;
+ rs->sr_operational_attrs = NULL;
+ rs->sr_entry = e;
+ if ( e == &user_entry ) {
+ rs->sr_flags = REP_ENTRY_MODIFIABLE;
+ }
+ /* FIXME: need the whole entry (ITS#3480) */
+ sres = send_search_entry( op, rs );
+ rs->sr_entry = NULL;
+ rs->sr_attrs = NULL;
+ rs->sr_operational_attrs = NULL;
+
+ if ( sres == -1 ) {
/*
* FIXME: send_search_entry failed;
* better stop
*/
- break;
+ Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
+ "connection lost\n", 0, 0, 0 );
+ goto end_of_search;
}
}
- entry_free( entry );
- if ( op->oq_search.rs_slimit != -1
- && rs->sr_nentries >= op->oq_search.rs_slimit ) {
+next_entry:;
+ if ( e == &user_entry ) {
+ backsql_entry_clean( op, &user_entry );
+ }
+
+next_entry2:;
+ if ( --op->ors_slimit == -1 ) {
rs->sr_err = LDAP_SIZELIMIT_EXCEEDED;
- send_ldap_result( op, rs );
- goto end_of_search;
+ goto send_results;
}
}
end_of_search:;
-
if ( rs->sr_nentries > 0 ) {
rs->sr_ref = rs->sr_v2ref;
rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS
: LDAP_REFERRAL;
+
} else {
- rs->sr_err = srch_info.status;
+ rs->sr_err = bsi.bsi_status;
+ }
+
+send_results:;
+ if ( rs->sr_err != SLAPD_ABANDON ) {
+ send_ldap_result( op, rs );
}
- send_ldap_result( op, rs );
+
+ /* cleanup in case of abandon */
+ for ( ; eid != NULL;
+ eid = backsql_free_entryID( op,
+ eid, eid == &bsi.bsi_base_id ? 0 : 1 ) )
+ ;
+
+ backsql_entry_clean( op, &base_entry );
+
+ /* in case we got here accidentally */
+ backsql_entry_clean( op, &user_entry );
if ( rs->sr_v2ref ) {
ber_bvarray_free( rs->sr_v2ref );
rs->sr_v2ref = NULL;
}
+#ifdef BACKSQL_SYNCPROV
+ if ( op->o_sync ) {
+ Operation op2 = *op;
+ SlapReply rs2 = { 0 };
+ Entry e = { 0 };
+ slap_callback cb = { 0 };
+
+ op2.o_tag = LDAP_REQ_ADD;
+ op2.o_bd = select_backend( &op->o_bd->be_nsuffix[0], 0, 0 );
+ op2.ora_e = &e;
+ op2.o_callback = &cb;
+
+ e.e_name = op->o_bd->be_suffix[0];
+ e.e_nname = op->o_bd->be_nsuffix[0];
+
+ cb.sc_response = slap_null_cb;
+
+ op2.o_bd->be_add( &op2, &rs2 );
+ }
+#endif /* BACKSQL_SYNCPROV */
+
done:;
- ch_free( srch_info.attrs );
+ (void)backsql_free_entryID( op, &bsi.bsi_base_id, 0 );
+
+ if ( bsi.bsi_attrs != NULL ) {
+ op->o_tmpfree( bsi.bsi_attrs, op->o_tmpmemctx );
+ }
+
+ if ( !BER_BVISNULL( &nbase )
+ && nbase.bv_val != op->o_req_ndn.bv_val )
+ {
+ ch_free( nbase.bv_val );
+ }
+
+ /* restore scope ... FIXME: this should be done before ANY
+ * frontend call that uses op */
+ if ( op->ors_scope == BACKSQL_SCOPE_BASE_LIKE ) {
+ op->ors_scope = LDAP_SCOPE_BASE;
+ }
Debug( LDAP_DEBUG_TRACE, "<==backsql_search()\n", 0, 0, 0 );
- return 0;
+
+ return rs->sr_err;
+}
+
+/* return LDAP_SUCCESS IFF we can retrieve the specified entry.
+ */
+int
+backsql_entry_get(
+ Operation *op,
+ struct berval *ndn,
+ ObjectClass *oc,
+ AttributeDescription *at,
+ int rw,
+ Entry **ent )
+{
+ backsql_srch_info bsi = { 0 };
+ SQLHDBC dbh = SQL_NULL_HDBC;
+ int rc;
+ SlapReply rs = { 0 };
+ AttributeName anlist[ 2 ];
+
+ *ent = NULL;
+
+ rc = backsql_get_db_conn( op, &dbh );
+ if ( !dbh ) {
+ return LDAP_OTHER;
+ }
+
+ if ( at ) {
+ anlist[ 0 ].an_name = at->ad_cname;
+ anlist[ 0 ].an_desc = at;
+ BER_BVZERO( &anlist[ 1 ].an_name );
+ }
+
+ bsi.bsi_e = ch_malloc( sizeof( Entry ) );
+ rc = backsql_init_search( &bsi,
+ ndn,
+ LDAP_SCOPE_BASE,
+ (time_t)(-1), NULL,
+ dbh, op, &rs, at ? anlist : NULL,
+ BACKSQL_ISF_GET_ENTRY );
+
+ if ( !BER_BVISNULL( &bsi.bsi_base_id.eid_ndn ) ) {
+ (void)backsql_free_entryID( op, &bsi.bsi_base_id, 0 );
+ }
+
+ if ( rc == LDAP_SUCCESS ) {
+
+#if 0 /* not supported at present */
+ /* find attribute values */
+ if ( is_entry_alias( bsi.bsi_e ) ) {
+ Debug( LDAP_DEBUG_ACL,
+ "<= backsql_entry_get: entry is an alias\n",
+ 0, 0, 0 );
+ rc = LDAP_ALIAS_PROBLEM;
+ goto return_results;
+ }
+#endif
+
+ if ( is_entry_referral( bsi.bsi_e ) ) {
+ Debug( LDAP_DEBUG_ACL,
+ "<= backsql_entry_get: entry is a referral\n",
+ 0, 0, 0 );
+ rc = LDAP_REFERRAL;
+ goto return_results;
+ }
+
+ if ( oc && !is_entry_objectclass( bsi.bsi_e, oc, 0 ) ) {
+ Debug( LDAP_DEBUG_ACL,
+ "<= backsql_entry_get: "
+ "failed to find objectClass\n",
+ 0, 0, 0 );
+ rc = LDAP_NO_SUCH_ATTRIBUTE;
+ goto return_results;
+ }
+
+ *ent = bsi.bsi_e;
+ }
+
+return_results:;
+ if ( bsi.bsi_attrs != NULL ) {
+ op->o_tmpfree( bsi.bsi_attrs, op->o_tmpmemctx );
+ }
+
+ if ( rc != LDAP_SUCCESS ) {
+ if ( bsi.bsi_e ) {
+ entry_free( bsi.bsi_e );
+ }
+ }
+
+ return rc;
}
-#endif /* SLAPD_SQL */
+void
+backsql_entry_clean(
+ Operation *op,
+ Entry *e )
+{
+ void *ctx;
+
+ ctx = ldap_pvt_thread_pool_context();
+
+ if ( ctx == NULL || ctx != op->o_tmpmemctx ) {
+ if ( !BER_BVISNULL( &e->e_name ) ) {
+ op->o_tmpfree( e->e_name.bv_val, op->o_tmpmemctx );
+ BER_BVZERO( &e->e_name );
+ }
+
+ if ( !BER_BVISNULL( &e->e_nname ) ) {
+ op->o_tmpfree( e->e_nname.bv_val, op->o_tmpmemctx );
+ BER_BVZERO( &e->e_nname );
+ }
+ }
+ entry_clean( e );
+}
+
+int
+backsql_entry_release(
+ Operation *op,
+ Entry *e,
+ int rw )
+{
+ backsql_entry_clean( op, e );
+
+ ch_free( e );
+
+ return 0;
+}
projects / openldap / blobdiff