/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 1999-2004 The OpenLDAP Foundation.
+ * Copyright 1999-2005 The OpenLDAP Foundation.
* Portions Copyright 1999 Dmitry Kovalev.
+ * Portions Copyright 2002 Pierangelo Masarati.
+ * Portions Copyright 2004 Mark Adamson.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
*/
/* ACKNOWLEDGEMENTS:
* This work was initially developed by Dmitry Kovalev for inclusion
- * by OpenLDAP Software.
+ * by OpenLDAP Software. Additional significant contributors include
+ * Pierangelo Masarati and Mark Adamson.
*/
#include "portable.h"
* clear the list (retrieve all attrs)
*/
if ( ad == NULL ) {
- ch_free( bsi->bsi_attrs );
+ bsi->bsi_op->o_tmpfree( bsi->bsi_attrs, bsi->bsi_op->o_tmpmemctx );
bsi->bsi_attrs = NULL;
+ bsi->bsi_flags |= BSQL_SF_ALL_ATTRS;
return 1;
}
Debug( LDAP_DEBUG_TRACE, "==>backsql_attrlist_add(): "
"adding \"%s\" to list\n", ad->ad_cname.bv_val, 0, 0 );
- an = (AttributeName *)ch_realloc( bsi->bsi_attrs,
- sizeof( AttributeName ) * ( n_attrs + 2 ) );
+ an = (AttributeName *)bsi->bsi_op->o_tmprealloc( bsi->bsi_attrs,
+ sizeof( AttributeName ) * ( n_attrs + 2 ),
+ bsi->bsi_op->o_tmpmemctx );
if ( an == NULL ) {
return -1;
}
Operation *op,
SlapReply *rs,
AttributeName *attrs,
- int get_base_id )
+ unsigned flags )
{
- AttributeName *p;
+ backsql_info *bi = (backsql_info *)op->o_bd->be_private;
int rc = LDAP_SUCCESS;
bsi->bsi_base_ndn = nbase;
+ bsi->bsi_use_subtree_shortcut = 0;
BER_BVZERO( &bsi->bsi_base_id.eid_dn );
BER_BVZERO( &bsi->bsi_base_id.eid_ndn );
bsi->bsi_scope = scope;
bsi->bsi_dbh = dbh;
bsi->bsi_op = op;
bsi->bsi_rs = rs;
- bsi->bsi_flags = 0;
+ bsi->bsi_flags = BSQL_SF_NONE;
- /*
- * handle "*"
- */
- if ( attrs == NULL || an_find( attrs, &AllUser ) ) {
- bsi->bsi_attrs = NULL;
+ bsi->bsi_attrs = NULL;
+
+ if ( BACKSQL_FETCH_ALL_ATTRS( bi ) ) {
+ /*
+ * if requested, simply try to fetch all attributes
+ */
+ bsi->bsi_flags |= BSQL_SF_ALL_ATTRS;
} else {
- int got_oc = 0;
+ if ( BACKSQL_FETCH_ALL_USERATTRS( bi ) ) {
+ bsi->bsi_flags |= BSQL_SF_ALL_USER;
- bsi->bsi_attrs = (AttributeName *)ch_calloc( 1,
- sizeof( AttributeName ) );
- BER_BVZERO( &bsi->bsi_attrs[ 0 ].an_name );
-
- for ( p = attrs; !BER_BVISNULL( &p->an_name ); p++ ) {
- /*
- * ignore "1.1"; handle "+"
- */
- if ( BACKSQL_NCMP( &p->an_name, &AllOper ) == 0 ) {
- bsi->bsi_flags |= BSQL_SF_ALL_OPER;
- continue;
+ } else if ( BACKSQL_FETCH_ALL_OPATTRS( bi ) ) {
+ bsi->bsi_flags |= BSQL_SF_ALL_OPER;
+ }
- } else if ( BACKSQL_NCMP( &p->an_name, &NoAttrs ) == 0 ) {
- continue;
+ if ( attrs == NULL ) {
+ /* NULL means all user attributes */
+ bsi->bsi_flags |= BSQL_SF_ALL_USER;
+
+ } else {
+ AttributeName *p;
+ int got_oc = 0;
- } else if ( p->an_desc == slap_schema.si_ad_objectClass ) {
- got_oc = 1;
+ bsi->bsi_attrs = (AttributeName *)bsi->bsi_op->o_tmpalloc(
+ sizeof( AttributeName ),
+ bsi->bsi_op->o_tmpmemctx );
+ BER_BVZERO( &bsi->bsi_attrs[ 0 ].an_name );
+
+ for ( p = attrs; !BER_BVISNULL( &p->an_name ); p++ ) {
+ if ( BACKSQL_NCMP( &p->an_name, &AllUser ) == 0 ) {
+ /* handle "*" */
+ bsi->bsi_flags |= BSQL_SF_ALL_USER;
+
+ /* if all attrs are requested, there's
+ * no need to continue */
+ if ( BSQL_ISF_ALL_ATTRS( bsi ) ) {
+ bsi->bsi_op->o_tmpfree( bsi->bsi_attrs,
+ bsi->bsi_op->o_tmpmemctx );
+ bsi->bsi_attrs = NULL;
+ break;
+ }
+ continue;
+
+ } else if ( BACKSQL_NCMP( &p->an_name, &AllOper ) == 0 ) {
+ /* handle "+" */
+ bsi->bsi_flags |= BSQL_SF_ALL_OPER;
+
+ /* if all attrs are requested, there's
+ * no need to continue */
+ if ( BSQL_ISF_ALL_ATTRS( bsi ) ) {
+ bsi->bsi_op->o_tmpfree( bsi->bsi_attrs,
+ bsi->bsi_op->o_tmpmemctx );
+ bsi->bsi_attrs = NULL;
+ break;
+ }
+ continue;
+
+ } else if ( BACKSQL_NCMP( &p->an_name, &NoAttrs ) == 0 ) {
+ /* ignore "1.1" */
+ continue;
+
+ } else if ( p->an_desc == slap_schema.si_ad_objectClass ) {
+ got_oc = 1;
+ }
+
+ backsql_attrlist_add( bsi, p->an_desc );
}
- backsql_attrlist_add( bsi, p->an_desc );
+ if ( got_oc == 0 && !( bsi->bsi_flags & BSQL_SF_ALL_USER ) ) {
+ /* add objectClass if not present,
+ * because it is required to understand
+ * if an entry is a referral, an alias
+ * or so... */
+ backsql_attrlist_add( bsi, slap_schema.si_ad_objectClass );
+ }
}
- if ( got_oc == 0 ) {
- /* add objectClass if not present,
- * because it is required to understand
- * if an entry is a referral, an alias
- * or so... */
- backsql_attrlist_add( bsi, slap_schema.si_ad_objectClass );
+ if ( !BSQL_ISF_ALL_ATTRS( bsi ) && bi->sql_anlist ) {
+ AttributeName *p;
+
+ /* use hints if available */
+ for ( p = bi->sql_anlist; !BER_BVISNULL( &p->an_name ); p++ ) {
+ if ( BACKSQL_NCMP( &p->an_name, &AllUser ) == 0 ) {
+ /* handle "*" */
+ bsi->bsi_flags |= BSQL_SF_ALL_USER;
+
+ /* if all attrs are requested, there's
+ * no need to continue */
+ if ( BSQL_ISF_ALL_ATTRS( bsi ) ) {
+ bsi->bsi_op->o_tmpfree( bsi->bsi_attrs,
+ bsi->bsi_op->o_tmpmemctx );
+ bsi->bsi_attrs = NULL;
+ break;
+ }
+ continue;
+
+ } else if ( BACKSQL_NCMP( &p->an_name, &AllOper ) == 0 ) {
+ /* handle "+" */
+ bsi->bsi_flags |= BSQL_SF_ALL_OPER;
+
+ /* if all attrs are requested, there's
+ * no need to continue */
+ if ( BSQL_ISF_ALL_ATTRS( bsi ) ) {
+ bsi->bsi_op->o_tmpfree( bsi->bsi_attrs,
+ bsi->bsi_op->o_tmpmemctx );
+ bsi->bsi_attrs = NULL;
+ break;
+ }
+ continue;
+ }
+
+ backsql_attrlist_add( bsi, p->an_desc );
+ }
+
}
}
- bsi->bsi_abandon = 0;
bsi->bsi_id_list = NULL;
bsi->bsi_id_listtail = &bsi->bsi_id_list;
bsi->bsi_n_candidates = 0;
bsi->bsi_flt_where.bb_len = 0;
bsi->bsi_filter_oc = NULL;
- if ( get_base_id ) {
+ if ( BACKSQL_IS_GET_ID( flags ) ) {
+ int matched = BACKSQL_IS_MATCHED( flags );
+ int getentry = BACKSQL_IS_GET_ENTRY( flags );
+ int gotit = 0;
+
assert( op->o_bd->be_private );
- rc = backsql_dn2id( (backsql_info *)op->o_bd->be_private,
- &bsi->bsi_base_id, dbh, nbase );
+ rc = backsql_dn2id( op, rs, dbh, nbase, &bsi->bsi_base_id,
+ matched, 1 );
+
+ /* the entry is collected either if requested for by getentry
+ * or if get noSuchObject and requested to climb the tree,
+ * so that a matchedDN or a referral can be returned */
+ if ( ( rc == LDAP_NO_SUCH_OBJECT && matched ) || getentry ) {
+ if ( !BER_BVISNULL( &bsi->bsi_base_id.eid_ndn ) ) {
+ assert( bsi->bsi_e != NULL );
+
+ if ( dn_match( nbase, &bsi->bsi_base_id.eid_ndn ) )
+ {
+ gotit = 1;
+ }
+
+ /*
+ * let's see if it is a referral and, in case, get it
+ */
+ backsql_attrlist_add( bsi, slap_schema.si_ad_ref );
+ rc = backsql_id2entry( bsi, &bsi->bsi_base_id );
+ if ( rc == LDAP_SUCCESS ) {
+ if ( is_entry_referral( bsi->bsi_e ) )
+ {
+ BerVarray erefs = get_entry_referrals( op, bsi->bsi_e );
+ if ( erefs ) {
+ rc = rs->sr_err = LDAP_REFERRAL;
+ rs->sr_ref = referral_rewrite( erefs,
+ &bsi->bsi_e->e_nname,
+ &op->o_req_dn,
+ scope );
+ ber_bvarray_free( erefs );
+
+ } else {
+ rc = rs->sr_err = LDAP_OTHER;
+ rs->sr_text = "bad referral object";
+ }
+
+ } else if ( !gotit ) {
+ rc = rs->sr_err = LDAP_NO_SUCH_OBJECT;
+ }
+ }
+
+ } else {
+ rs->sr_ref = referral_rewrite( default_referral,
+ NULL, &op->o_req_dn, scope );
+ rc = rs->sr_err = LDAP_REFERRAL;
+ }
+ }
}
- return ( bsi->bsi_status = rc );
+ bsi->bsi_status = rc;
+
+ switch ( rc ) {
+ case LDAP_SUCCESS:
+ case LDAP_REFERRAL:
+ break;
+
+ default:
+ bsi->bsi_op->o_tmpfree( bsi->bsi_attrs,
+ bsi->bsi_op->o_tmpmemctx );
+ break;
+ }
+
+ return rc;
}
static int
/* always uppercase strings by now */
#ifdef BACKSQL_UPPERCASE_FILTER
- if ( SLAP_MR_ASSOCIATED( f->f_sub_desc->ad_type->sat_substr,
- bi->sql_caseIgnoreMatch ) )
+ if ( f->f_sub_desc->ad_type->sat_substr &&
+ SLAP_MR_ASSOCIATED( f->f_sub_desc->ad_type->sat_substr,
+ bi->sql_caseIgnoreMatch ) )
#endif /* BACKSQL_UPPERCASE_FILTER */
{
casefold = 1;
}
- if ( SLAP_MR_ASSOCIATED( f->f_sub_desc->ad_type->sat_substr,
- bi->sql_telephoneNumberMatch ) )
+ if ( f->f_sub_desc->ad_type->sat_substr &&
+ SLAP_MR_ASSOCIATED( f->f_sub_desc->ad_type->sat_substr,
+ bi->sql_telephoneNumberMatch ) )
{
struct berval bv;
backsql_merge_from_tbls( bsi, &ldap_entry_objclasses );
backsql_strfcat( &bsi->bsi_flt_where, "lbl",
- (ber_len_t)STRLENOF( "1=1 OR (ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */ ),
- "1=1 OR (ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */,
+ (ber_len_t)STRLENOF( "(2=2 OR (ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ')) */ ),
+ "(2=2 OR (ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ')) */,
&bsi->bsi_oc->bom_oc->soc_cname,
- (ber_len_t)STRLENOF( /* (' */ "')" ),
- /* (' */ "')" );
+ (ber_len_t)STRLENOF( /* ((' */ "'))" ),
+ /* ((' */ "'))" );
bsi->bsi_status = LDAP_SUCCESS;
rc = 1;
goto done;
case LDAP_FILTER_PRESENT:
backsql_strfcat( &bsi->bsi_flt_where, "l",
- (ber_len_t)STRLENOF( "1=1" ), "1=1" );
+ (ber_len_t)STRLENOF( "3=3" ), "3=3" );
bsi->bsi_status = LDAP_SUCCESS;
rc = 1;
goto done;
case LDAP_FILTER_PRESENT:
backsql_strfcat( &bsi->bsi_flt_where, "l",
- (ber_len_t)STRLENOF( "1=1" ), "1=1" );
+ (ber_len_t)STRLENOF( "4=4" ), "4=4" );
break;
default:
rc = 1;
goto done;
+#ifdef BACKSQL_SYNCPROV
} else if ( ad == slap_schema.si_ad_entryCSN ) {
/*
- * TODO: introduce appropriate entryCSN filtering
- * to support syncrepl as producer...
+ * support for syncrepl as producer...
*/
- if ( bsi->bsi_op->o_sync_mode & SLAP_SYNC_PERSIST ) {
+ if ( !bsi->bsi_op->o_sync ) {
/* unsupported at present... */
bsi->bsi_status = LDAP_OTHER;
rc = -1;
goto done;
}
+ bsi->bsi_flags |= ( BSQL_SF_FILTER_ENTRYCSN | BSQL_SF_RETURN_ENTRYUUID);
+
+ /* if doing a syncrepl, try to return as much as possible,
+ * and always match the filter */
+ backsql_strfcat( &bsi->bsi_flt_where, "l",
+ (ber_len_t)STRLENOF( "5=5" ), "5=5" );
+
+ /* save for later use in operational attributes */
+ /* FIXME: saves only the first occurrence, because
+ * the filter during updates is written as
+ * "(&(entryCSN<={contextCSN})(entryCSN>={oldContextCSN})({filter}))"
+ * so we want our fake entryCSN to match the greatest
+ * value
+ */
+ if ( bsi->bsi_op->o_private == NULL ) {
+ bsi->bsi_op->o_private = &f->f_av_value;
+ }
+ bsi->bsi_status = LDAP_SUCCESS;
+
+ rc = 1;
+ goto done;
+#endif /* BACKSQL_SYNCPROV */
} else if ( ad == slap_schema.si_ad_hasSubordinates || ad == NULL ) {
/*
* candidate.
*/
backsql_strfcat( &bsi->bsi_flt_where, "l",
- (ber_len_t)STRLENOF( "1=1" ), "1=1" );
+ (ber_len_t)STRLENOF( "6=6" ), "6=6" );
if ( ad == slap_schema.si_ad_hasSubordinates ) {
/*
* instruct candidate selection algorithm
/* search anyway; other parts of the filter
* may succeeed */
backsql_strfcat( &bsi->bsi_flt_where, "l",
- (ber_len_t)STRLENOF( "1=1" ), "1=1" );
+ (ber_len_t)STRLENOF( "7=7" ), "7=7" );
bsi->bsi_status = LDAP_SUCCESS;
rc = 1;
goto done;
casefold = 1;
}
+ /* FIXME: directoryString filtering should use a similar
+ * approach to deal with non-prettified values like
+ * " A non prettified value ", by using a LIKE
+ * filter with all whitespaces collapsed to a single '%' */
if ( SLAP_MR_ASSOCIATED( matching_rule,
bi->sql_telephoneNumberMatch ) )
{
/* fall thru to next case */
case LDAP_FILTER_LE:
+ filter_value = &f->f_av_value;
+
/* always uppercase strings by now */
#ifdef BACKSQL_UPPERCASE_FILTER
- if ( SLAP_MR_ASSOCIATED( at->bam_ad->ad_type->sat_ordering,
- bi->sql_caseIgnoreMatch ) )
+ if ( at->bam_ad->ad_type->sat_ordering &&
+ SLAP_MR_ASSOCIATED( at->bam_ad->ad_type->sat_ordering,
+ bi->sql_caseIgnoreMatch ) )
#endif /* BACKSQL_UPPERCASE_FILTER */
{
casefold = 1;
/* unhandled filter type; should not happen */
assert( 0 );
backsql_strfcat( &bsi->bsi_flt_where, "l",
- (ber_len_t)STRLENOF( "1=1" ), "1=1" );
+ (ber_len_t)STRLENOF( "8=8" ), "8=8" );
break;
}
assert( query );
BER_BVZERO( query );
+ bsi->bsi_use_subtree_shortcut = 0;
+
Debug( LDAP_DEBUG_TRACE, "==>backsql_srch_query()\n", 0, 0, 0 );
BER_BVZERO( &bsi->bsi_sel.bb_val );
BER_BVZERO( &bsi->bsi_sel.bb_val );
&bsi->bsi_oc->bom_oc->soc_cname,
'\'' );
}
-#ifdef BACKSQL_ALIASING_QUOTE
- backsql_strfcat( &bsi->bsi_sel, "lclcl",
- (ber_len_t)STRLENOF( " " BACKSQL_ALIASING ),
- " " BACKSQL_ALIASING,
- BACKSQL_ALIASING_QUOTE,
- (ber_len_t)STRLENOF( "objectClass" ),
- "objectClass",
- BACKSQL_ALIASING_QUOTE,
- (ber_len_t)STRLENOF( ",ldap_entries.dn " BACKSQL_ALIASING "dn" ),
- ",ldap_entries.dn " BACKSQL_ALIASING "dn" );
-#else /* ! BACKSQL_ALIASING_QUOTE */
backsql_strfcat( &bsi->bsi_sel, "l",
- (ber_len_t)STRLENOF( " " BACKSQL_ALIASING "objectClass,ldap_entries.dn " BACKSQL_ALIASING "dn" ),
- " " BACKSQL_ALIASING "objectClass,ldap_entries.dn " BACKSQL_ALIASING "dn" );
-#endif /* ! BACKSQL_ALIASING_QUOTE */
+ (ber_len_t)STRLENOF( " " BACKSQL_ALIASING
+ BACKSQL_ALIASING_QUOTE "objectClass" BACKSQL_ALIASING_QUOTE
+ ",ldap_entries.dn " BACKSQL_ALIASING BACKSQL_ALIASING_QUOTE "dn" BACKSQL_ALIASING_QUOTE ),
+ " " BACKSQL_ALIASING
+ BACKSQL_ALIASING_QUOTE "objectClass" BACKSQL_ALIASING_QUOTE
+ ",ldap_entries.dn " BACKSQL_ALIASING BACKSQL_ALIASING_QUOTE "dn" BACKSQL_ALIASING_QUOTE );
backsql_strfcat( &bsi->bsi_from, "lb",
(ber_len_t)STRLENOF( " FROM ldap_entries," ),
case LDAP_SCOPE_SUBORDINATE:
#endif /* LDAP_SCOPE_SUBORDINATE */
case LDAP_SCOPE_SUBTREE:
- if ( BACKSQL_CANUPPERCASE( bi ) ) {
+ if ( BACKSQL_USE_SUBTREE_SHORTCUT( bi ) ) {
+ int i;
+ BackendDB *bd = bsi->bsi_op->o_bd;
+
+ assert( bd->be_nsuffix );
+
+ for ( i = 0; !BER_BVISNULL( &bd->be_nsuffix[ i ] ); i++ )
+ {
+ if ( dn_match( &bd->be_nsuffix[ i ],
+ bsi->bsi_base_ndn ) )
+ {
+ /* pass this to the candidate selection
+ * routine so that the DN is not bound
+ * to the select statement */
+ bsi->bsi_use_subtree_shortcut = 1;
+ break;
+ }
+ }
+ }
+
+ if ( bsi->bsi_use_subtree_shortcut ) {
+ /* Skip the base DN filter, as every entry will match it */
+ backsql_strfcat( &bsi->bsi_join_where, "l",
+ (ber_len_t)STRLENOF( "9=9"), "9=9");
+
+ } else if ( !BER_BVISNULL( &bi->sql_subtree_cond ) ) {
+ backsql_strfcat( &bsi->bsi_join_where, "b", &bi->sql_subtree_cond );
+
+ } else if ( BACKSQL_CANUPPERCASE( bi ) ) {
backsql_strfcat( &bsi->bsi_join_where, "bl",
&bi->sql_upper_func,
(ber_len_t)STRLENOF( "(ldap_entries.dn) LIKE ?" ),
"(ldap_entries.dn) LIKE ?" );
+
} else {
backsql_strfcat( &bsi->bsi_join_where, "l",
(ber_len_t)STRLENOF( "ldap_entries.dn LIKE ?" ),
{
backsql_oc_map_rec *oc = v_oc;
backsql_srch_info *bsi = v_bsi;
+ Operation *op = bsi->bsi_op;
backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
struct berval query;
- SQLHSTMT sth;
+ SQLHSTMT sth = SQL_NULL_HSTMT;
RETCODE rc;
int res;
BACKSQL_ROW_NTS row;
Debug( LDAP_DEBUG_TRACE, "==>backsql_oc_get_candidates(): oc=\"%s\"\n",
BACKSQL_OC_NAME( oc ), 0, 0 );
+ /* check for abandon */
+ if ( op->o_abandon ) {
+ bsi->bsi_status = SLAPD_ABANDON;
+ return BACKSQL_AVL_STOP;
+ }
+
if ( bsi->bsi_n_candidates == -1 ) {
Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
"unchecked limit has been overcome\n", 0, 0, 0 );
#endif /* LDAP_SCOPE_SUBORDINATE */
case LDAP_SCOPE_SUBTREE:
{
+ /* if short-cutting the search base,
+ * don't bind any parameter */
+ if ( bsi->bsi_use_subtree_shortcut ) {
+ break;
+ }
+
/*
* We do not accept DNs longer than BACKSQL_MAX_DN_LEN;
* however this should be handled earlier
continue;
}
- ret = dnPrettyNormal( NULL, &dn, &pdn, &ndn, NULL );
+ ret = dnPrettyNormal( NULL, &dn, &pdn, &ndn, op->o_tmpmemctx );
if ( dn.bv_val != row.cols[ 3 ] ) {
free( dn.bv_val );
}
}
if ( bi->sql_baseObject && dn_match( &ndn, &bi->sql_baseObject->e_nname ) ) {
- free( pdn.bv_val );
- free( ndn.bv_val );
+ op->o_tmpfree( pdn.bv_val, op->o_tmpmemctx );
+ op->o_tmpfree( ndn.bv_val, op->o_tmpmemctx );
continue;
}
c_id = (backsql_entryID *)ch_calloc( 1,
sizeof( backsql_entryID ) );
#ifdef BACKSQL_ARBITRARY_KEY
- ber_str2bv( row.cols[ 0 ], 0, 1, &c_id->eid_id );
- ber_str2bv( row.cols[ 1 ], 0, 1, &c_id->eid_keyval );
+ ber_str2bv_x( row.cols[ 0 ], 0, 1, &c_id->eid_id,
+ op->o_tmpmemctx );
+ ber_str2bv_x( row.cols[ 1 ], 0, 1, &c_id->eid_keyval,
+ op->o_tmpmemctx );
#else /* ! BACKSQL_ARBITRARY_KEY */
c_id->eid_id = strtol( row.cols[ 0 ], NULL, 0 );
c_id->eid_keyval = strtol( row.cols[ 1 ], NULL, 0 );
backsql_search( Operation *op, SlapReply *rs )
{
backsql_info *bi = (backsql_info *)op->o_bd->be_private;
- SQLHDBC dbh;
+ SQLHDBC dbh = SQL_NULL_HDBC;
int sres;
- Entry user_entry = { 0 };
- int manageDSAit;
+ Entry user_entry = { 0 },
+ base_entry = { 0 };
+ int manageDSAit = get_manageDSAit( op );
time_t stoptime = 0;
- backsql_srch_info bsi;
+ backsql_srch_info bsi = { 0 };
backsql_entryID *eid = NULL;
struct berval nbase = BER_BVNULL;
- manageDSAit = get_manageDSAit( op );
-
Debug( LDAP_DEBUG_TRACE, "==>backsql_search(): "
"base=\"%s\", filter=\"%s\", scope=%d,",
op->o_req_ndn.bv_val,
- op->ors_filterstr.bv_val,
+ op->ors_filterstr.bv_val ? op->ors_filterstr.bv_val : "(no filter)",
op->ors_scope );
Debug( LDAP_DEBUG_TRACE, " deref=%d, attrsonly=%d, "
"attributes to load: %s\n",
/* compute it anyway; root does not use it */
stoptime = op->o_time + op->ors_tlimit;
- nbase = op->o_req_ndn;
- if ( backsql_api_dn2odbc( op, rs, &nbase ) ) {
- Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
- "backsql_api_dn2odbc failed\n",
- 0, 0, 0 );
- rs->sr_err = LDAP_OTHER;
- rs->sr_text = "SQL-backend error";
- send_ldap_result( op, rs );
- goto done;
- }
-
/* init search */
- rs->sr_err = backsql_init_search( &bsi, &nbase,
+ bsi.bsi_e = &base_entry;
+ rs->sr_err = backsql_init_search( &bsi, &op->o_req_ndn,
op->ors_scope,
op->ors_slimit, op->ors_tlimit,
stoptime, op->ors_filter,
- dbh, op, rs, op->ors_attrs, 1 );
- if ( rs->sr_err != LDAP_SUCCESS ) {
+ dbh, op, rs, op->ors_attrs,
+ ( BACKSQL_ISF_MATCHED | BACKSQL_ISF_GET_ENTRY ) );
+ switch ( rs->sr_err ) {
+ case LDAP_SUCCESS:
+ break;
+
+ case LDAP_REFERRAL:
+ if ( manageDSAit && !BER_BVISNULL( &bsi.bsi_e->e_nname ) &&
+ dn_match( &op->o_req_ndn, &bsi.bsi_e->e_nname ) )
+ {
+ rs->sr_err = LDAP_SUCCESS;
+ rs->sr_text = NULL;
+ rs->sr_matched = NULL;
+ if ( rs->sr_ref ) {
+ ber_bvarray_free( rs->sr_ref );
+ rs->sr_ref = NULL;
+ }
+ break;
+ }
+ /* fall thru */
+
+ default:
+#ifdef SLAP_ACL_HONOR_DISCLOSE
+ if ( !BER_BVISNULL( &base_entry.e_nname )
+ && ! access_allowed( op, &base_entry,
+ slap_schema.si_ad_entry, NULL,
+ ACL_DISCLOSE, NULL ) )
+ {
+ rs->sr_err = LDAP_NO_SUCH_OBJECT;
+ if ( rs->sr_ref ) {
+ ber_bvarray_free( rs->sr_ref );
+ rs->sr_ref = NULL;
+ }
+ rs->sr_matched = NULL;
+ rs->sr_text = NULL;
+ }
+#endif /* SLAP_ACL_HONOR_DISCLOSE */
+
send_ldap_result( op, rs );
goto done;
+
}
+#ifdef SLAP_ACL_HONOR_DISCLOSE
+ /* NOTE: __NEW__ "search" access is required
+ * on searchBase object */
+ {
+ slap_mask_t mask;
+
+ if ( get_assert( op ) &&
+ ( test_filter( op, &base_entry, get_assertion( op ) )
+ != LDAP_COMPARE_TRUE ) )
+ {
+ rs->sr_err = LDAP_ASSERTION_FAILED;
+
+ }
+ if ( ! access_allowed_mask( op, &base_entry,
+ slap_schema.si_ad_entry,
+ NULL, ACL_SEARCH, NULL, &mask ) )
+ {
+ if ( rs->sr_err == LDAP_SUCCESS ) {
+ rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
+ }
+ }
+
+ if ( rs->sr_err != LDAP_SUCCESS ) {
+ if ( !ACL_GRANT( mask, ACL_DISCLOSE ) ) {
+ rs->sr_err = LDAP_NO_SUCH_OBJECT;
+ rs->sr_text = NULL;
+ }
+ send_ldap_result( op, rs );
+ goto done;
+ }
+ }
+#endif /* SLAP_ACL_HONOR_DISCLOSE */
+
+ bsi.bsi_e = NULL;
bsi.bsi_n_candidates =
( op->ors_limit == NULL /* isroot == TRUE */ ? -2 :
*/
avl_apply( bi->sql_oc_by_oc, backsql_oc_get_candidates,
&bsi, BACKSQL_AVL_STOP, AVL_INORDER );
+
+ /* check for abandon */
+ if ( op->o_abandon ) {
+ rs->sr_err = SLAPD_ABANDON;
+ goto send_results;
+ }
}
if ( op->ors_limit != NULL /* isroot == FALSE */
*/
for ( eid = bsi.bsi_id_list;
eid != NULL;
- eid = backsql_free_entryID( eid, eid == &bsi.bsi_base_id ? 0 : 1 ) )
+ eid = backsql_free_entryID( op,
+ eid, eid == &bsi.bsi_base_id ? 0 : 1 ) )
{
int rc;
Attribute *a_hasSubordinate = NULL,
*a_entryUUID = NULL,
- *a = NULL;
+ *a_entryCSN = NULL,
+ **ap = NULL;
Entry *e = NULL;
/* check for abandon */
if ( op->o_abandon ) {
- break;
+ rs->sr_err = SLAPD_ABANDON;
+ goto send_results;
}
/* check time limit */
rs->sr_err = LDAP_TIMELIMIT_EXCEEDED;
rs->sr_ctrls = NULL;
rs->sr_ref = rs->sr_v2ref;
- rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS
- : LDAP_REFERRAL;
- send_ldap_result( op, rs );
- goto end_of_search;
+ goto send_results;
}
#ifdef BACKSQL_ARBITRARY_KEY
eid->eid_id, eid->eid_oc_id, eid->eid_keyval );
#endif /* ! BACKSQL_ARBITRARY_KEY */
- /* don't recollect baseObject ... */
- if ( BACKSQL_IS_BASEOBJECT_ID( &eid->eid_id ) ) {
- e = bi->sql_baseObject;
-
- } else {
- bsi.bsi_e = &user_entry;
- rc = backsql_id2entry( &bsi, eid );
- if ( rc != LDAP_SUCCESS ) {
- Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
- "error %d in backsql_id2entry() "
- "- skipping\n", rc, 0, 0 );
- continue;
- }
-
- e = &user_entry;
- }
-
/* check scope */
switch ( op->ors_scope ) {
case LDAP_SCOPE_BASE:
case BACKSQL_SCOPE_BASE_LIKE:
- if ( !dn_match( &e->e_nname, &op->o_req_ndn ) ) {
- goto next_entry;
+ if ( !dn_match( &eid->eid_ndn, &op->o_req_ndn ) ) {
+ goto next_entry2;
}
break;
case LDAP_SCOPE_ONE:
{
- struct berval rdn = user_entry.e_nname;
+ struct berval rdn = eid->eid_ndn;
rdn.bv_len -= op->o_req_ndn.bv_len + STRLENOF( "," );
if ( !dnIsOneLevelRDN( &rdn ) ) {
- goto next_entry;
+ goto next_entry2;
}
/* fall thru */
}
#ifdef LDAP_SCOPE_SUBORDINATE
case LDAP_SCOPE_SUBORDINATE:
/* discard the baseObject entry */
- if ( dn_match( &e->e_nname, &op->o_req_ndn ) ) {
- goto next_entry;
+ if ( dn_match( &eid->eid_ndn, &op->o_req_ndn ) ) {
+ goto next_entry2;
}
/* FALLTHRU */
#endif /* LDAP_SCOPE_SUBORDINATE */
case LDAP_SCOPE_SUBTREE:
/* FIXME: this should never fail... */
- if ( !dnIsSuffix( &e->e_nname, &op->o_req_ndn ) ) {
- goto next_entry;
+ if ( !dnIsSuffix( &eid->eid_ndn, &op->o_req_ndn ) ) {
+ assert( 0 );
+ goto next_entry2;
}
break;
}
+ if ( BACKSQL_IS_BASEOBJECT_ID( &eid->eid_id ) ) {
+ /* don't recollect baseObject... */
+ e = bi->sql_baseObject;
+
+ } else if ( eid == &bsi.bsi_base_id ) {
+ /* don't recollect searchBase object... */
+ e = &base_entry;
+
+ } else {
+ bsi.bsi_e = &user_entry;
+ rc = backsql_id2entry( &bsi, eid );
+ if ( rc != LDAP_SUCCESS ) {
+ Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
+ "error %d in backsql_id2entry() "
+ "- skipping\n", rc, 0, 0 );
+ continue;
+ }
+ e = &user_entry;
+ }
+
if ( !manageDSAit &&
op->ors_scope != LDAP_SCOPE_BASE &&
op->ors_scope != BACKSQL_SCOPE_BASE_LIKE &&
Entry user_entry2 = { 0 };
/* retry with the full entry... */
- (void)backsql_init_search( &bsi2,
+ bsi2.bsi_e = &user_entry2;
+ rc = backsql_init_search( &bsi2,
&e->e_nname,
LDAP_SCOPE_BASE,
- -1, -1, -1, NULL,
- dbh, op, rs, NULL, 0 );
- bsi2.bsi_e = &user_entry2;
- rc = backsql_id2entry( &bsi2, eid );
+ SLAP_NO_LIMIT, SLAP_NO_LIMIT,
+ (time_t)(-1), NULL,
+ dbh, op, rs, NULL,
+ BACKSQL_ISF_GET_ENTRY );
if ( rc == LDAP_SUCCESS ) {
if ( is_entry_referral( &user_entry2 ) )
{
refs = get_entry_referrals( op,
&user_entry2 );
- } /* else: FIXME: inconsistency! */
+ } else {
+ rs->sr_err = LDAP_OTHER;
+ }
entry_clean( &user_entry2 );
}
+ if ( bsi2.bsi_attrs != NULL ) {
+ op->o_tmpfree( bsi2.bsi_attrs,
+ op->o_tmpmemctx );
+ }
}
if ( refs ) {
ber_bvarray_free( refs );
}
- if ( !rs->sr_ref ) {
- rs->sr_text = "bad_referral object";
+ if ( rs->sr_ref ) {
+ rs->sr_err = LDAP_REFERRAL;
+
+ } else {
+ rs->sr_text = "bad referral object";
}
- rs->sr_err = LDAP_REFERRAL;
+ rs->sr_entry = e;
rs->sr_matched = user_entry.e_name.bv_val;
send_search_reference( op, rs );
ber_bvarray_free( rs->sr_ref );
rs->sr_ref = NULL;
rs->sr_matched = NULL;
+ rs->sr_entry = NULL;
goto next_entry;
}
case LDAP_COMPARE_FALSE:
a_hasSubordinate = slap_operational_hasSubordinate( rc == LDAP_COMPARE_TRUE );
if ( a_hasSubordinate != NULL ) {
- for ( a = user_entry.e_attrs;
- a && a->a_next;
- a = a->a_next );
+ for ( ap = &user_entry.e_attrs;
+ *ap;
+ ap = &(*ap)->a_next );
- a->a_next = a_hasSubordinate;
+ *ap = a_hasSubordinate;
}
rc = 0;
break;
if ( bsi.bsi_flags & BSQL_SF_FILTER_ENTRYUUID ) {
a_entryUUID = backsql_operational_entryUUID( bi, eid );
if ( a_entryUUID != NULL ) {
- for ( a = user_entry.e_attrs;
- a && a->a_next;
- a = a->a_next );
+ if ( ap == NULL ) {
+ ap = &user_entry.e_attrs;
+ }
+
+ for ( ; *ap; ap = &(*ap)->a_next );
- a->a_next = a_entryUUID;
+ *ap = a_entryUUID;
}
}
- if ( test_filter( op, e, op->ors_filter ) == LDAP_COMPARE_TRUE )
- {
-#if 0
- if ( a_hasSubordinate && !( bsi.bsi_flags & BSQL_SF_ALL_OPER )
- && !ad_inlist( slap_schema.si_ad_hasSubordinates, op->ors_attrs ) )
- {
- a->a_next = NULL;
- attr_free( a_hasSubordinate );
- a_hasSubordinate = NULL;
- }
+#ifdef BACKSQL_SYNCPROV
+ if ( bsi.bsi_flags & BSQL_SF_FILTER_ENTRYCSN ) {
+ a_entryCSN = backsql_operational_entryCSN( op );
+ if ( a_entryCSN != NULL ) {
+ if ( ap == NULL ) {
+ ap = &user_entry.e_attrs;
+ }
- if ( a_entryUUID && !( bsi.bsi_flags & BSQL_SF_ALL_OPER )
- && !ad_inlist( slap_schema.si_ad_entryUUID, op->ors_attrs ) )
- {
- a->a_next = NULL;
- attr_free( a_hasSubordinate );
- a_hasSubordinate = NULL;
+ for ( ; *ap; ap = &(*ap)->a_next );
+
+ *ap = a_entryCSN;
}
-#endif
+ }
+#endif /* BACKSQL_SYNCPROV */
+ if ( test_filter( op, e, op->ors_filter ) == LDAP_COMPARE_TRUE )
+ {
rs->sr_attrs = op->ors_attrs;
rs->sr_operational_attrs = NULL;
rs->sr_entry = e;
if ( e == &user_entry ) {
rs->sr_flags = REP_ENTRY_MODIFIABLE;
}
+ /* FIXME: need the whole entry (ITS#3480) */
sres = send_search_entry( op, rs );
rs->sr_entry = NULL;
rs->sr_attrs = NULL;
rs->sr_operational_attrs = NULL;
- switch ( sres ) {
- case 0:
- break;
-
- default:
+ if ( sres == -1 ) {
/*
* FIXME: send_search_entry failed;
* better stop
*/
- case -1:
Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
"connection lost\n", 0, 0, 0 );
goto end_of_search;
}
next_entry:;
- entry_clean( &user_entry );
+ if ( e == &user_entry ) {
+ entry_clean( &user_entry );
+ }
+next_entry2:;
if ( op->ors_slimit != SLAP_NO_LIMIT
&& rs->sr_nentries >= op->ors_slimit )
{
rs->sr_err = LDAP_SIZELIMIT_EXCEEDED;
- send_ldap_result( op, rs );
- goto end_of_search;
+ goto send_results;
}
}
end_of_search:;
- /* in case we got here accidentally */
- entry_clean( &user_entry );
-
if ( rs->sr_nentries > 0 ) {
rs->sr_ref = rs->sr_v2ref;
rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS
} else {
rs->sr_err = bsi.bsi_status;
}
- send_ldap_result( op, rs );
+
+send_results:;
+ if ( rs->sr_err != SLAPD_ABANDON ) {
+ send_ldap_result( op, rs );
+ }
+
+ entry_clean( &base_entry );
+
+ /* in case we got here accidentally */
+ entry_clean( &user_entry );
if ( rs->sr_v2ref ) {
ber_bvarray_free( rs->sr_v2ref );
rs->sr_v2ref = NULL;
}
-done:;
- if ( !BER_BVISNULL( &bsi.bsi_base_id.eid_ndn ) ) {
- (void)backsql_free_entryID( &bsi.bsi_base_id, 0 );
+#ifdef BACKSQL_SYNCPROV
+ if ( op->o_sync ) {
+ Operation op2 = *op;
+ SlapReply rs2 = { 0 };
+ Entry e = { 0 };
+ slap_callback cb = { 0 };
+
+ op2.o_tag = LDAP_REQ_ADD;
+ op2.o_bd = select_backend( &op->o_bd->be_nsuffix[0], 0, 0 );
+ op2.ora_e = &e;
+ op2.o_callback = &cb;
+
+ e.e_name = op->o_bd->be_suffix[0];
+ e.e_nname = op->o_bd->be_nsuffix[0];
+
+ cb.sc_response = slap_null_cb;
+
+ op2.o_bd->be_add( &op2, &rs2 );
}
+#endif /* BACKSQL_SYNCPROV */
- if ( bsi.bsi_attrs ) {
- ch_free( bsi.bsi_attrs );
+done:;
+ (void)backsql_free_entryID( op, &bsi.bsi_base_id, 0 );
+
+ if ( bsi.bsi_attrs != NULL ) {
+ op->o_tmpfree( bsi.bsi_attrs, op->o_tmpmemctx );
}
if ( !BER_BVISNULL( &nbase )
}
Debug( LDAP_DEBUG_TRACE, "<==backsql_search()\n", 0, 0, 0 );
- return 0;
+
+ return rs->sr_err;
+}
+
+/* return LDAP_SUCCESS IFF we can retrieve the specified entry.
+ */
+int
+backsql_entry_get(
+ Operation *op,
+ struct berval *ndn,
+ ObjectClass *oc,
+ AttributeDescription *at,
+ int rw,
+ Entry **ent )
+{
+ backsql_srch_info bsi = { 0 };
+ SQLHDBC dbh = SQL_NULL_HDBC;
+ int rc;
+ SlapReply rs = { 0 };
+ AttributeName anlist[ 2 ];
+
+ *ent = NULL;
+
+ rc = backsql_get_db_conn( op, &dbh );
+ if ( !dbh ) {
+ return LDAP_OTHER;
+ }
+
+ if ( at ) {
+ anlist[ 0 ].an_name = at->ad_cname;
+ anlist[ 0 ].an_desc = at;
+ BER_BVZERO( &anlist[ 1 ].an_name );
+ }
+
+ bsi.bsi_e = ch_malloc( sizeof( Entry ) );
+ rc = backsql_init_search( &bsi,
+ ndn,
+ LDAP_SCOPE_BASE,
+ SLAP_NO_LIMIT, SLAP_NO_LIMIT,
+ (time_t)(-1), NULL,
+ dbh, op, &rs, at ? anlist : NULL,
+ BACKSQL_ISF_GET_ENTRY );
+
+ if ( !BER_BVISNULL( &bsi.bsi_base_id.eid_ndn ) ) {
+ (void)backsql_free_entryID( op, &bsi.bsi_base_id, 0 );
+ }
+
+ if ( rc == LDAP_SUCCESS ) {
+
+#if 0 /* not supported at present */
+ /* find attribute values */
+ if ( is_entry_alias( bsi.bsi_e ) ) {
+ Debug( LDAP_DEBUG_ACL,
+ "<= backsql_entry_get: entry is an alias\n",
+ 0, 0, 0 );
+ rc = LDAP_ALIAS_PROBLEM;
+ goto return_results;
+ }
+#endif
+
+ if ( is_entry_referral( bsi.bsi_e ) ) {
+ Debug( LDAP_DEBUG_ACL,
+ "<= backsql_entry_get: entry is a referral\n",
+ 0, 0, 0 );
+ rc = LDAP_REFERRAL;
+ goto return_results;
+ }
+
+ if ( oc && !is_entry_objectclass( bsi.bsi_e, oc, 0 ) ) {
+ Debug( LDAP_DEBUG_ACL,
+ "<= backsql_entry_get: "
+ "failed to find objectClass\n",
+ 0, 0, 0 );
+ rc = LDAP_NO_SUCH_ATTRIBUTE;
+ goto return_results;
+ }
+
+ *ent = bsi.bsi_e;
+ }
+
+return_results:;
+ if ( bsi.bsi_attrs != NULL ) {
+ op->o_tmpfree( bsi.bsi_attrs, op->o_tmpmemctx );
+ }
+
+ if ( rc != LDAP_SUCCESS ) {
+ if ( bsi.bsi_e ) {
+ entry_free( bsi.bsi_e );
+ }
+ }
+
+ return rc;
}