search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Patrick Welche <prlw1@cam.ac.uk>
[netbsd-mini2440.git] / external / bsd / openldap / dist / servers / slapd / back-sql / search.c
blob8294b077b822363d9b94768eb78583c6171bd912
1 /* $OpenLDAP: pkg/ldap/servers/slapd/back-sql/search.c,v 1.117.2.8 2008/02/11 23:26:48 kurt Exp $ */
2 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
3 *
4 * Copyright 1999-2008 The OpenLDAP Foundation.
5 * Portions Copyright 1999 Dmitry Kovalev.
6 * Portions Copyright 2002 Pierangelo Masarati.
7 * Portions Copyright 2004 Mark Adamson.
8 * All rights reserved.
9 *
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted only as authorized by the OpenLDAP
12 * Public License.
13 *
14 * A copy of this license is available in the file LICENSE in the
15 * top-level directory of the distribution or, alternatively, at
16 * <http://www.OpenLDAP.org/license.html>.
17 */
18 /* ACKNOWLEDGEMENTS:
19 * This work was initially developed by Dmitry Kovalev for inclusion
20 * by OpenLDAP Software. Additional significant contributors include
21 * Pierangelo Masarati and Mark Adamson.
22 */
23
24 #include "portable.h"
25
26 #include <stdio.h>
27 #include <sys/types.h>
28 #include "ac/string.h"
29 #include "ac/ctype.h"
30
31 #include "lutil.h"
32 #include "slap.h"
33 #include "proto-sql.h"
34
35 static int backsql_process_filter( backsql_srch_info *bsi, Filter *f );
36 static int backsql_process_filter_eq( backsql_srch_info *bsi,
37 backsql_at_map_rec *at,
38 int casefold, struct berval *filter_value );
39 static int backsql_process_filter_like( backsql_srch_info *bsi,
40 backsql_at_map_rec *at,
41 int casefold, struct berval *filter_value );
42 static int backsql_process_filter_attr( backsql_srch_info *bsi, Filter *f,
43 backsql_at_map_rec *at );
44
45 /* For LDAP_CONTROL_PAGEDRESULTS, a 32 bit cookie is available to keep track of
46 the state of paged results. The ldap_entries.id and oc_map_id values of the
47 last entry returned are used as the cookie, so 6 bits are used for the OC id
48 and the other 26 for ldap_entries ID number. If your max(oc_map_id) is more
49 than 63, you will need to steal more bits from ldap_entries ID number and
50 put them into the OC ID part of the cookie. */
51 #define SQL_TO_PAGECOOKIE(id, oc) (((id) << 6 ) | ((oc) & 0x3F))
52 #define PAGECOOKIE_TO_SQL_ID(pc) ((pc) >> 6)
53 #define PAGECOOKIE_TO_SQL_OC(pc) ((pc) & 0x3F)
54
55 static int parse_paged_cookie( Operation *op, SlapReply *rs );
56
57 static void send_paged_response(
58 Operation *op,
59 SlapReply *rs,
60 ID *lastid );
61
62 static int
63 backsql_attrlist_add( backsql_srch_info *bsi, AttributeDescription *ad )
64 {
65 int n_attrs = 0;
66 AttributeName *an = NULL;
67
68 if ( bsi->bsi_attrs == NULL ) {
69 return 1;
70 }
71
72 /*
73 * clear the list (retrieve all attrs)
74 */
75 if ( ad == NULL ) {
76 bsi->bsi_op->o_tmpfree( bsi->bsi_attrs, bsi->bsi_op->o_tmpmemctx );
77 bsi->bsi_attrs = NULL;
78 bsi->bsi_flags |= BSQL_SF_ALL_ATTRS;
79 return 1;
80 }
81
82 /* strip ';binary' */
83 if ( slap_ad_is_binary( ad ) ) {
84 ad = ad->ad_type->sat_ad;
85 }
86
87 for ( ; !BER_BVISNULL( &bsi->bsi_attrs[ n_attrs ].an_name ); n_attrs++ ) {
88 an = &bsi->bsi_attrs[ n_attrs ];
89
90 Debug( LDAP_DEBUG_TRACE, "==>backsql_attrlist_add(): "
91 "attribute \"%s\" is in list\n",
92 an->an_name.bv_val, 0, 0 );
93 /*
94 * We can live with strcmp because the attribute
95 * list has been normalized before calling be_search
96 */
97 if ( !BACKSQL_NCMP( &an->an_name, &ad->ad_cname ) ) {
98 return 1;
99 }
100 }
101
102 Debug( LDAP_DEBUG_TRACE, "==>backsql_attrlist_add(): "
103 "adding \"%s\" to list\n", ad->ad_cname.bv_val, 0, 0 );
104
105 an = (AttributeName *)bsi->bsi_op->o_tmprealloc( bsi->bsi_attrs,
106 sizeof( AttributeName ) * ( n_attrs + 2 ),
107 bsi->bsi_op->o_tmpmemctx );
108 if ( an == NULL ) {
109 return -1;
110 }
111
112 an[ n_attrs ].an_name = ad->ad_cname;
113 an[ n_attrs ].an_desc = ad;
114 BER_BVZERO( &an[ n_attrs + 1 ].an_name );
115
116 bsi->bsi_attrs = an;
117
118 return 1;
119 }
120
121 /*
122 * Initializes the search structure.
123 *
124 * If get_base_id != 0, the field bsi_base_id is filled
125 * with the entryID of bsi_base_ndn; it must be freed
126 * by backsql_free_entryID() when no longer required.
127 *
128 * NOTE: base must be normalized
129 */
130 int
131 backsql_init_search(
132 backsql_srch_info *bsi,
133 struct berval *nbase,
134 int scope,
135 time_t stoptime,
136 Filter *filter,
137 SQLHDBC dbh,
138 Operation *op,
139 SlapReply *rs,
140 AttributeName *attrs,
141 unsigned flags )
142 {
143 backsql_info *bi = (backsql_info *)op->o_bd->be_private;
144 int rc = LDAP_SUCCESS;
145
146 bsi->bsi_base_ndn = nbase;
147 bsi->bsi_use_subtree_shortcut = 0;
148 BER_BVZERO( &bsi->bsi_base_id.eid_dn );
149 BER_BVZERO( &bsi->bsi_base_id.eid_ndn );
150 bsi->bsi_scope = scope;
151 bsi->bsi_filter = filter;
152 bsi->bsi_dbh = dbh;
153 bsi->bsi_op = op;
154 bsi->bsi_rs = rs;
155 bsi->bsi_flags = BSQL_SF_NONE;
156
157 bsi->bsi_attrs = NULL;
158
159 if ( BACKSQL_FETCH_ALL_ATTRS( bi ) ) {
160 /*
161 * if requested, simply try to fetch all attributes
162 */
163 bsi->bsi_flags |= BSQL_SF_ALL_ATTRS;
164
165 } else {
166 if ( BACKSQL_FETCH_ALL_USERATTRS( bi ) ) {
167 bsi->bsi_flags |= BSQL_SF_ALL_USER;
168
169 } else if ( BACKSQL_FETCH_ALL_OPATTRS( bi ) ) {
170 bsi->bsi_flags |= BSQL_SF_ALL_OPER;
171 }
172
173 if ( attrs == NULL ) {
174 /* NULL means all user attributes */
175 bsi->bsi_flags |= BSQL_SF_ALL_USER;
176
177 } else {
178 AttributeName *p;
179 int got_oc = 0;
180
181 bsi->bsi_attrs = (AttributeName *)bsi->bsi_op->o_tmpalloc(
182 sizeof( AttributeName ),
183 bsi->bsi_op->o_tmpmemctx );
184 BER_BVZERO( &bsi->bsi_attrs[ 0 ].an_name );
185
186 for ( p = attrs; !BER_BVISNULL( &p->an_name ); p++ ) {
187 if ( BACKSQL_NCMP( &p->an_name, &AllUser ) == 0 ) {
188 /* handle "*" */
189 bsi->bsi_flags |= BSQL_SF_ALL_USER;
190
191 /* if all attrs are requested, there's
192 * no need to continue */
193 if ( BSQL_ISF_ALL_ATTRS( bsi ) ) {
194 bsi->bsi_op->o_tmpfree( bsi->bsi_attrs,
195 bsi->bsi_op->o_tmpmemctx );
196 bsi->bsi_attrs = NULL;
197 break;
198 }
199 continue;
200
201 } else if ( BACKSQL_NCMP( &p->an_name, &AllOper ) == 0 ) {
202 /* handle "+" */
203 bsi->bsi_flags |= BSQL_SF_ALL_OPER;
204
205 /* if all attrs are requested, there's
206 * no need to continue */
207 if ( BSQL_ISF_ALL_ATTRS( bsi ) ) {
208 bsi->bsi_op->o_tmpfree( bsi->bsi_attrs,
209 bsi->bsi_op->o_tmpmemctx );
210 bsi->bsi_attrs = NULL;
211 break;
212 }
213 continue;
214
215 } else if ( BACKSQL_NCMP( &p->an_name, &NoAttrs ) == 0 ) {
216 /* ignore "1.1" */
217 continue;
218
219 } else if ( p->an_desc == slap_schema.si_ad_objectClass ) {
220 got_oc = 1;
221 }
222
223 backsql_attrlist_add( bsi, p->an_desc );
224 }
225
226 if ( got_oc == 0 && !( bsi->bsi_flags & BSQL_SF_ALL_USER ) ) {
227 /* add objectClass if not present,
228 * because it is required to understand
229 * if an entry is a referral, an alias
230 * or so... */
231 backsql_attrlist_add( bsi, slap_schema.si_ad_objectClass );
232 }
233 }
234
235 if ( !BSQL_ISF_ALL_ATTRS( bsi ) && bi->sql_anlist ) {
236 AttributeName *p;
237
238 /* use hints if available */
239 for ( p = bi->sql_anlist; !BER_BVISNULL( &p->an_name ); p++ ) {
240 if ( BACKSQL_NCMP( &p->an_name, &AllUser ) == 0 ) {
241 /* handle "*" */
242 bsi->bsi_flags |= BSQL_SF_ALL_USER;
243
244 /* if all attrs are requested, there's
245 * no need to continue */
246 if ( BSQL_ISF_ALL_ATTRS( bsi ) ) {
247 bsi->bsi_op->o_tmpfree( bsi->bsi_attrs,
248 bsi->bsi_op->o_tmpmemctx );
249 bsi->bsi_attrs = NULL;
250 break;
251 }
252 continue;
253
254 } else if ( BACKSQL_NCMP( &p->an_name, &AllOper ) == 0 ) {
255 /* handle "+" */
256 bsi->bsi_flags |= BSQL_SF_ALL_OPER;
257
258 /* if all attrs are requested, there's
259 * no need to continue */
260 if ( BSQL_ISF_ALL_ATTRS( bsi ) ) {
261 bsi->bsi_op->o_tmpfree( bsi->bsi_attrs,
262 bsi->bsi_op->o_tmpmemctx );
263 bsi->bsi_attrs = NULL;
264 break;
265 }
266 continue;
267 }
268
269 backsql_attrlist_add( bsi, p->an_desc );
270 }
271
272 }
273 }
274
275 bsi->bsi_id_list = NULL;
276 bsi->bsi_id_listtail = &bsi->bsi_id_list;
277 bsi->bsi_n_candidates = 0;
278 bsi->bsi_stoptime = stoptime;
279 BER_BVZERO( &bsi->bsi_sel.bb_val );
280 bsi->bsi_sel.bb_len = 0;
281 BER_BVZERO( &bsi->bsi_from.bb_val );
282 bsi->bsi_from.bb_len = 0;
283 BER_BVZERO( &bsi->bsi_join_where.bb_val );
284 bsi->bsi_join_where.bb_len = 0;
285 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
286 bsi->bsi_flt_where.bb_len = 0;
287 bsi->bsi_filter_oc = NULL;
288
289 if ( BACKSQL_IS_GET_ID( flags ) ) {
290 int matched = BACKSQL_IS_MATCHED( flags );
291 int getentry = BACKSQL_IS_GET_ENTRY( flags );
292 int gotit = 0;
293
294 assert( op->o_bd->be_private != NULL );
295
296 rc = backsql_dn2id( op, rs, dbh, nbase, &bsi->bsi_base_id,
297 matched, 1 );
298
299 /* the entry is collected either if requested for by getentry
300 * or if get noSuchObject and requested to climb the tree,
301 * so that a matchedDN or a referral can be returned */
302 if ( ( rc == LDAP_NO_SUCH_OBJECT && matched ) || getentry ) {
303 if ( !BER_BVISNULL( &bsi->bsi_base_id.eid_ndn ) ) {
304 assert( bsi->bsi_e != NULL );
305
306 if ( dn_match( nbase, &bsi->bsi_base_id.eid_ndn ) )
307 {
308 gotit = 1;
309 }
310
311 /*
312 * let's see if it is a referral and, in case, get it
313 */
314 backsql_attrlist_add( bsi, slap_schema.si_ad_ref );
315 rc = backsql_id2entry( bsi, &bsi->bsi_base_id );
316 if ( rc == LDAP_SUCCESS ) {
317 if ( is_entry_referral( bsi->bsi_e ) )
318 {
319 BerVarray erefs = get_entry_referrals( op, bsi->bsi_e );
320 if ( erefs ) {
321 rc = rs->sr_err = LDAP_REFERRAL;
322 rs->sr_ref = referral_rewrite( erefs,
323 &bsi->bsi_e->e_nname,
324 &op->o_req_dn,
325 scope );
326 ber_bvarray_free( erefs );
327
328 } else {
329 rc = rs->sr_err = LDAP_OTHER;
330 rs->sr_text = "bad referral object";
331 }
332
333 } else if ( !gotit ) {
334 rc = rs->sr_err = LDAP_NO_SUCH_OBJECT;
335 }
336 }
337
338 } else {
339 rs->sr_err = rc;
340 }
341 }
342
343 if ( gotit && BACKSQL_IS_GET_OC( flags ) ) {
344 bsi->bsi_base_id.eid_oc = backsql_id2oc( bi,
345 bsi->bsi_base_id.eid_oc_id );
346 if ( bsi->bsi_base_id.eid_oc == NULL ) {
347 /* error? */
348 backsql_free_entryID( &bsi->bsi_base_id, 1,
349 op->o_tmpmemctx );
350 rc = rs->sr_err = LDAP_OTHER;
351 }
352 }
353 }
354
355 bsi->bsi_status = rc;
356
357 switch ( rc ) {
358 case LDAP_SUCCESS:
359 case LDAP_REFERRAL:
360 break;
361
362 default:
363 bsi->bsi_op->o_tmpfree( bsi->bsi_attrs,
364 bsi->bsi_op->o_tmpmemctx );
365 break;
366 }
367
368 return rc;
369 }
370
371 static int
372 backsql_process_filter_list( backsql_srch_info *bsi, Filter *f, int op )
373 {
374 int res;
375
376 if ( !f ) {
377 return 0;
378 }
379
380 backsql_strfcat_x( &bsi->bsi_flt_where,
381 bsi->bsi_op->o_tmpmemctx, "c", '(' /* ) */ );
382
383 while ( 1 ) {
384 res = backsql_process_filter( bsi, f );
385 if ( res < 0 ) {
386 /*
387 * TimesTen : If the query has no answers,
388 * don't bother to run the query.
389 */
390 return -1;
391 }
392
393 f = f->f_next;
394 if ( f == NULL ) {
395 break;
396 }
397
398 switch ( op ) {
399 case LDAP_FILTER_AND:
400 backsql_strfcat_x( &bsi->bsi_flt_where,
401 bsi->bsi_op->o_tmpmemctx, "l",
402 (ber_len_t)STRLENOF( " AND " ),
403 " AND " );
404 break;
405
406 case LDAP_FILTER_OR:
407 backsql_strfcat_x( &bsi->bsi_flt_where,
408 bsi->bsi_op->o_tmpmemctx, "l",
409 (ber_len_t)STRLENOF( " OR " ),
410 " OR " );
411 break;
412 }
413 }
414
415 backsql_strfcat_x( &bsi->bsi_flt_where,
416 bsi->bsi_op->o_tmpmemctx, "c", /* ( */ ')' );
417
418 return 1;
419 }
420
421 static int
422 backsql_process_sub_filter( backsql_srch_info *bsi, Filter *f,
423 backsql_at_map_rec *at )
424 {
425 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
426 int i;
427 int casefold = 0;
428
429 if ( !f ) {
430 return 0;
431 }
432
433 /* always uppercase strings by now */
434 #ifdef BACKSQL_UPPERCASE_FILTER
435 if ( f->f_sub_desc->ad_type->sat_substr &&
436 SLAP_MR_ASSOCIATED( f->f_sub_desc->ad_type->sat_substr,
437 bi->sql_caseIgnoreMatch ) )
438 #endif /* BACKSQL_UPPERCASE_FILTER */
439 {
440 casefold = 1;
441 }
442
443 if ( f->f_sub_desc->ad_type->sat_substr &&
444 SLAP_MR_ASSOCIATED( f->f_sub_desc->ad_type->sat_substr,
445 bi->sql_telephoneNumberMatch ) )
446 {
447
448 struct berval bv;
449 ber_len_t i, s, a;
450
451 /*
452 * to check for matching telephone numbers
453 * with intermixed chars, e.g. val='1234'
454 * use
455 *
456 * val LIKE '%1%2%3%4%'
457 */
458
459 BER_BVZERO( &bv );
460 if ( f->f_sub_initial.bv_val ) {
461 bv.bv_len += f->f_sub_initial.bv_len;
462 }
463 if ( f->f_sub_any != NULL ) {
464 for ( a = 0; f->f_sub_any[ a ].bv_val != NULL; a++ ) {
465 bv.bv_len += f->f_sub_any[ a ].bv_len;
466 }
467 }
468 if ( f->f_sub_final.bv_val ) {
469 bv.bv_len += f->f_sub_final.bv_len;
470 }
471 bv.bv_len = 2 * bv.bv_len - 1;
472 bv.bv_val = ch_malloc( bv.bv_len + 1 );
473
474 s = 0;
475 if ( !BER_BVISNULL( &f->f_sub_initial ) ) {
476 bv.bv_val[ s ] = f->f_sub_initial.bv_val[ 0 ];
477 for ( i = 1; i < f->f_sub_initial.bv_len; i++ ) {
478 bv.bv_val[ s + 2 * i - 1 ] = '%';
479 bv.bv_val[ s + 2 * i ] = f->f_sub_initial.bv_val[ i ];
480 }
481 bv.bv_val[ s + 2 * i - 1 ] = '%';
482 s += 2 * i;
483 }
484
485 if ( f->f_sub_any != NULL ) {
486 for ( a = 0; !BER_BVISNULL( &f->f_sub_any[ a ] ); a++ ) {
487 bv.bv_val[ s ] = f->f_sub_any[ a ].bv_val[ 0 ];
488 for ( i = 1; i < f->f_sub_any[ a ].bv_len; i++ ) {
489 bv.bv_val[ s + 2 * i - 1 ] = '%';
490 bv.bv_val[ s + 2 * i ] = f->f_sub_any[ a ].bv_val[ i ];
491 }
492 bv.bv_val[ s + 2 * i - 1 ] = '%';
493 s += 2 * i;
494 }
495 }
496
497 if ( !BER_BVISNULL( &f->f_sub_final ) ) {
498 bv.bv_val[ s ] = f->f_sub_final.bv_val[ 0 ];
499 for ( i = 1; i < f->f_sub_final.bv_len; i++ ) {
500 bv.bv_val[ s + 2 * i - 1 ] = '%';
501 bv.bv_val[ s + 2 * i ] = f->f_sub_final.bv_val[ i ];
502 }
503 bv.bv_val[ s + 2 * i - 1 ] = '%';
504 s += 2 * i;
505 }
506
507 bv.bv_val[ s - 1 ] = '\0';
508
509 (void)backsql_process_filter_like( bsi, at, casefold, &bv );
510 ch_free( bv.bv_val );
511
512 return 1;
513 }
514
515 /*
516 * When dealing with case-sensitive strings
517 * we may omit normalization; however, normalized
518 * SQL filters are more liberal.
519 */
520
521 backsql_strfcat_x( &bsi->bsi_flt_where,
522 bsi->bsi_op->o_tmpmemctx, "c", '(' /* ) */ );
523
524 /* TimesTen */
525 Debug( LDAP_DEBUG_TRACE, "backsql_process_sub_filter(%s):\n",
526 at->bam_ad->ad_cname.bv_val, 0, 0 );
527 Debug(LDAP_DEBUG_TRACE, " expr: '%s%s%s'\n", at->bam_sel_expr.bv_val,
528 at->bam_sel_expr_u.bv_val ? "' '" : "",
529 at->bam_sel_expr_u.bv_val ? at->bam_sel_expr_u.bv_val : "" );
530 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
531 /*
532 * If a pre-upper-cased version of the column
533 * or a precompiled upper function exists, use it
534 */
535 backsql_strfcat_x( &bsi->bsi_flt_where,
536 bsi->bsi_op->o_tmpmemctx,
537 "bl",
538 &at->bam_sel_expr_u,
539 (ber_len_t)STRLENOF( " LIKE '" ),
540 " LIKE '" );
541
542 } else {
543 backsql_strfcat_x( &bsi->bsi_flt_where,
544 bsi->bsi_op->o_tmpmemctx,
545 "bl",
546 &at->bam_sel_expr,
547 (ber_len_t)STRLENOF( " LIKE '" ), " LIKE '" );
548 }
549
550 if ( !BER_BVISNULL( &f->f_sub_initial ) ) {
551 ber_len_t start;
552
553 #ifdef BACKSQL_TRACE
554 Debug( LDAP_DEBUG_TRACE,
555 "==>backsql_process_sub_filter(%s): "
556 "sub_initial=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
557 f->f_sub_initial.bv_val, 0 );
558 #endif /* BACKSQL_TRACE */
559
560 start = bsi->bsi_flt_where.bb_val.bv_len;
561 backsql_strfcat_x( &bsi->bsi_flt_where,
562 bsi->bsi_op->o_tmpmemctx,
563 "b",
564 &f->f_sub_initial );
565 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
566 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
567 }
568 }
569
570 backsql_strfcat_x( &bsi->bsi_flt_where,
571 bsi->bsi_op->o_tmpmemctx,
572 "c", '%' );
573
574 if ( f->f_sub_any != NULL ) {
575 for ( i = 0; !BER_BVISNULL( &f->f_sub_any[ i ] ); i++ ) {
576 ber_len_t start;
577
578 #ifdef BACKSQL_TRACE
579 Debug( LDAP_DEBUG_TRACE,
580 "==>backsql_process_sub_filter(%s): "
581 "sub_any[%d]=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
582 i, f->f_sub_any[ i ].bv_val );
583 #endif /* BACKSQL_TRACE */
584
585 start = bsi->bsi_flt_where.bb_val.bv_len;
586 backsql_strfcat_x( &bsi->bsi_flt_where,
587 bsi->bsi_op->o_tmpmemctx,
588 "bc",
589 &f->f_sub_any[ i ],
590 '%' );
591 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
592 /*
593 * Note: toupper('%') = '%'
594 */
595 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
596 }
597 }
598 }
599
600 if ( !BER_BVISNULL( &f->f_sub_final ) ) {
601 ber_len_t start;
602
603 #ifdef BACKSQL_TRACE
604 Debug( LDAP_DEBUG_TRACE,
605 "==>backsql_process_sub_filter(%s): "
606 "sub_final=\"%s\"\n", at->bam_ad->ad_cname.bv_val,
607 f->f_sub_final.bv_val, 0 );
608 #endif /* BACKSQL_TRACE */
609
610 start = bsi->bsi_flt_where.bb_val.bv_len;
611 backsql_strfcat_x( &bsi->bsi_flt_where,
612 bsi->bsi_op->o_tmpmemctx,
613 "b",
614 &f->f_sub_final );
615 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
616 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
617 }
618 }
619
620 backsql_strfcat_x( &bsi->bsi_flt_where,
621 bsi->bsi_op->o_tmpmemctx,
622 "l",
623 (ber_len_t)STRLENOF( /* (' */ "')" ), /* (' */ "')" );
624
625 return 1;
626 }
627
628 static int
629 backsql_merge_from_tbls( backsql_srch_info *bsi, struct berval *from_tbls )
630 {
631 if ( BER_BVISNULL( from_tbls ) ) {
632 return LDAP_SUCCESS;
633 }
634
635 if ( !BER_BVISNULL( &bsi->bsi_from.bb_val ) ) {
636 char *start, *end;
637 struct berval tmp;
638
639 ber_dupbv_x( &tmp, from_tbls, bsi->bsi_op->o_tmpmemctx );
640
641 for ( start = tmp.bv_val, end = strchr( start, ',' ); start; ) {
642 if ( end ) {
643 end[0] = '\0';
644 }
645
646 if ( strstr( bsi->bsi_from.bb_val.bv_val, start) == NULL )
647 {
648 backsql_strfcat_x( &bsi->bsi_from,
649 bsi->bsi_op->o_tmpmemctx,
650 "cs", ',', start );
651 }
652
653 if ( end ) {
654 /* in case there are spaces after the comma... */
655 for ( start = &end[1]; isspace( start[0] ); start++ );
656 if ( start[0] ) {
657 end = strchr( start, ',' );
658 } else {
659 start = NULL;
660 }
661 } else {
662 start = NULL;
663 }
664 }
665
666 bsi->bsi_op->o_tmpfree( tmp.bv_val, bsi->bsi_op->o_tmpmemctx );
667
668 } else {
669 backsql_strfcat_x( &bsi->bsi_from,
670 bsi->bsi_op->o_tmpmemctx,
671 "b", from_tbls );
672 }
673
674 return LDAP_SUCCESS;
675 }
676
677 static int
678 backsql_process_filter( backsql_srch_info *bsi, Filter *f )
679 {
680 backsql_at_map_rec **vat = NULL;
681 AttributeDescription *ad = NULL;
682 unsigned i;
683 int done = 0;
684 int rc = 0;
685
686 Debug( LDAP_DEBUG_TRACE, "==>backsql_process_filter()\n", 0, 0, 0 );
687 if ( f->f_choice == SLAPD_FILTER_COMPUTED ) {
688 struct berval flt;
689 char *msg = NULL;
690
691 switch ( f->f_result ) {
692 case LDAP_COMPARE_TRUE:
693 BER_BVSTR( &flt, "10=10" );
694 msg = "TRUE";
695 break;
696
697 case LDAP_COMPARE_FALSE:
698 BER_BVSTR( &flt, "11=0" );
699 msg = "FALSE";
700 break;
701
702 case SLAPD_COMPARE_UNDEFINED:
703 BER_BVSTR( &flt, "12=0" );
704 msg = "UNDEFINED";
705 break;
706
707 default:
708 rc = -1;
709 goto done;
710 }
711
712 Debug( LDAP_DEBUG_TRACE, "backsql_process_filter(): "
713 "filter computed (%s)\n", msg, 0, 0 );
714 backsql_strfcat_x( &bsi->bsi_flt_where,
715 bsi->bsi_op->o_tmpmemctx, "b", &flt );
716 rc = 1;
717 goto done;
718 }
719
720 switch( f->f_choice ) {
721 case LDAP_FILTER_OR:
722 rc = backsql_process_filter_list( bsi, f->f_or,
723 LDAP_FILTER_OR );
724 done = 1;
725 break;
726
727 case LDAP_FILTER_AND:
728 rc = backsql_process_filter_list( bsi, f->f_and,
729 LDAP_FILTER_AND );
730 done = 1;
731 break;
732
733 case LDAP_FILTER_NOT:
734 backsql_strfcat_x( &bsi->bsi_flt_where,
735 bsi->bsi_op->o_tmpmemctx,
736 "l",
737 (ber_len_t)STRLENOF( "NOT (" /* ) */ ),
738 "NOT (" /* ) */ );
739 rc = backsql_process_filter( bsi, f->f_not );
740 backsql_strfcat_x( &bsi->bsi_flt_where,
741 bsi->bsi_op->o_tmpmemctx,
742 "c", /* ( */ ')' );
743 done = 1;
744 break;
745
746 case LDAP_FILTER_PRESENT:
747 ad = f->f_desc;
748 break;
749
750 case LDAP_FILTER_EXT:
751 ad = f->f_mra->ma_desc;
752 if ( f->f_mr_dnattrs ) {
753 /*
754 * if dn attrs filtering is requested, better return
755 * success and let test_filter() deal with candidate
756 * selection; otherwise we'd need to set conditions
757 * on the contents of the DN, e.g. "SELECT ... FROM
758 * ldap_entries AS attributeName WHERE attributeName.dn
759 * like '%attributeName=value%'"
760 */
761 backsql_strfcat_x( &bsi->bsi_flt_where,
762 bsi->bsi_op->o_tmpmemctx,
763 "l",
764 (ber_len_t)STRLENOF( "1=1" ), "1=1" );
765 bsi->bsi_status = LDAP_SUCCESS;
766 rc = 1;
767 goto done;
768 }
769 break;
770
771 default:
772 ad = f->f_av_desc;
773 break;
774 }
775
776 if ( rc == -1 ) {
777 goto done;
778 }
779
780 if ( done ) {
781 rc = 1;
782 goto done;
783 }
784
785 /*
786 * Turn structuralObjectClass into objectClass
787 */
788 if ( ad == slap_schema.si_ad_objectClass
789 || ad == slap_schema.si_ad_structuralObjectClass )
790 {
791 /*
792 * If the filter is LDAP_FILTER_PRESENT, then it's done;
793 * otherwise, let's see if we are lucky: filtering
794 * for "structural" objectclass or ancestor...
795 */
796 switch ( f->f_choice ) {
797 case LDAP_FILTER_EQUALITY:
798 {
799 ObjectClass *oc = oc_bvfind( &f->f_av_value );
800
801 if ( oc == NULL ) {
802 Debug( LDAP_DEBUG_TRACE,
803 "backsql_process_filter(): "
804 "unknown objectClass \"%s\" "
805 "in filter\n",
806 f->f_av_value.bv_val, 0, 0 );
807 bsi->bsi_status = LDAP_OTHER;
808 rc = -1;
809 goto done;
810 }
811
812 /*
813 * "structural" objectClass inheritance:
814 * - a search for "person" will also return
815 * "inetOrgPerson"
816 * - a search for "top" will return everything
817 */
818 if ( is_object_subclass( oc, bsi->bsi_oc->bom_oc ) ) {
819 static struct berval ldap_entry_objclasses = BER_BVC( "ldap_entry_objclasses" );
820
821 backsql_merge_from_tbls( bsi, &ldap_entry_objclasses );
822
823 backsql_strfcat_x( &bsi->bsi_flt_where,
824 bsi->bsi_op->o_tmpmemctx,
825 "lbl",
826 (ber_len_t)STRLENOF( "(2=2 OR (ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ')) */ ),
827 "(2=2 OR (ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ')) */,
828 &bsi->bsi_oc->bom_oc->soc_cname,
829 (ber_len_t)STRLENOF( /* ((' */ "'))" ),
830 /* ((' */ "'))" );
831 bsi->bsi_status = LDAP_SUCCESS;
832 rc = 1;
833 goto done;
834 }
835
836 break;
837 }
838
839 case LDAP_FILTER_PRESENT:
840 backsql_strfcat_x( &bsi->bsi_flt_where,
841 bsi->bsi_op->o_tmpmemctx,
842 "l",
843 (ber_len_t)STRLENOF( "3=3" ), "3=3" );
844 bsi->bsi_status = LDAP_SUCCESS;
845 rc = 1;
846 goto done;
847
848 /* FIXME: LDAP_FILTER_EXT? */
849
850 default:
851 Debug( LDAP_DEBUG_TRACE,
852 "backsql_process_filter(): "
853 "illegal/unhandled filter "
854 "on objectClass attribute",
855 0, 0, 0 );
856 bsi->bsi_status = LDAP_OTHER;
857 rc = -1;
858 goto done;
859 }
860
861 } else if ( ad == slap_schema.si_ad_entryUUID ) {
862 unsigned long oc_id;
863 #ifdef BACKSQL_ARBITRARY_KEY
864 struct berval keyval;
865 #else /* ! BACKSQL_ARBITRARY_KEY */
866 unsigned long keyval;
867 char keyvalbuf[LDAP_PVT_INTTYPE_CHARS(unsigned long)];
868 #endif /* ! BACKSQL_ARBITRARY_KEY */
869
870 switch ( f->f_choice ) {
871 case LDAP_FILTER_EQUALITY:
872 backsql_entryUUID_decode( &f->f_av_value, &oc_id, &keyval );
873
874 if ( oc_id != bsi->bsi_oc->bom_id ) {
875 bsi->bsi_status = LDAP_SUCCESS;
876 rc = -1;
877 goto done;
878 }
879
880 #ifdef BACKSQL_ARBITRARY_KEY
881 backsql_strfcat_x( &bsi->bsi_flt_where,
882 bsi->bsi_op->o_tmpmemctx,
883 "bcblbc",
884 &bsi->bsi_oc->bom_keytbl, '.',
885 &bsi->bsi_oc->bom_keycol,
886 STRLENOF( " LIKE '" ), " LIKE '",
887 &keyval, '\'' );
888 #else /* ! BACKSQL_ARBITRARY_KEY */
889 snprintf( keyvalbuf, sizeof( keyvalbuf ), "%lu", keyval );
890 backsql_strfcat_x( &bsi->bsi_flt_where,
891 bsi->bsi_op->o_tmpmemctx,
892 "bcbcs",
893 &bsi->bsi_oc->bom_keytbl, '.',
894 &bsi->bsi_oc->bom_keycol, '=', keyvalbuf );
895 #endif /* ! BACKSQL_ARBITRARY_KEY */
896 break;
897
898 case LDAP_FILTER_PRESENT:
899 backsql_strfcat_x( &bsi->bsi_flt_where,
900 bsi->bsi_op->o_tmpmemctx,
901 "l",
902 (ber_len_t)STRLENOF( "4=4" ), "4=4" );
903 break;
904
905 default:
906 rc = -1;
907 goto done;
908 }
909
910 bsi->bsi_flags |= BSQL_SF_FILTER_ENTRYUUID;
911 rc = 1;
912 goto done;
913
914 #ifdef BACKSQL_SYNCPROV
915 } else if ( ad == slap_schema.si_ad_entryCSN ) {
916 /*
917 * support for syncrepl as producer...
918 */
919 #if 0
920 if ( !bsi->bsi_op->o_sync ) {
921 /* unsupported at present... */
922 bsi->bsi_status = LDAP_OTHER;
923 rc = -1;
924 goto done;
925 }
926 #endif
927
928 bsi->bsi_flags |= ( BSQL_SF_FILTER_ENTRYCSN | BSQL_SF_RETURN_ENTRYUUID);
929
930 /* if doing a syncrepl, try to return as much as possible,
931 * and always match the filter */
932 backsql_strfcat_x( &bsi->bsi_flt_where,
933 bsi->bsi_op->o_tmpmemctx,
934 "l",
935 (ber_len_t)STRLENOF( "5=5" ), "5=5" );
936
937 /* save for later use in operational attributes */
938 /* FIXME: saves only the first occurrence, because
939 * the filter during updates is written as
940 * "(&(entryCSN<={contextCSN})(entryCSN>={oldContextCSN})({filter}))"
941 * so we want our fake entryCSN to match the greatest
942 * value
943 */
944 if ( bsi->bsi_op->o_private == NULL ) {
945 bsi->bsi_op->o_private = &f->f_av_value;
946 }
947 bsi->bsi_status = LDAP_SUCCESS;
948
949 rc = 1;
950 goto done;
951 #endif /* BACKSQL_SYNCPROV */
952
953 } else if ( ad == slap_schema.si_ad_hasSubordinates || ad == NULL ) {
954 /*
955 * FIXME: this is not robust; e.g. a filter
956 * '(!(hasSubordinates=TRUE))' fails because
957 * in SQL it would read 'NOT (1=1)' instead
958 * of no condition.
959 * Note however that hasSubordinates is boolean,
960 * so a more appropriate filter would be
961 * '(hasSubordinates=FALSE)'
962 *
963 * A more robust search for hasSubordinates
964 * would * require joining the ldap_entries table
965 * selecting if there are descendants of the
966 * candidate.
967 */
968 backsql_strfcat_x( &bsi->bsi_flt_where,
969 bsi->bsi_op->o_tmpmemctx,
970 "l",
971 (ber_len_t)STRLENOF( "6=6" ), "6=6" );
972 if ( ad == slap_schema.si_ad_hasSubordinates ) {
973 /*
974 * instruct candidate selection algorithm
975 * and attribute list to try to detect
976 * if an entry has subordinates
977 */
978 bsi->bsi_flags |= BSQL_SF_FILTER_HASSUBORDINATE;
979
980 } else {
981 /*
982 * clear attributes to fetch, to require ALL
983 * and try extended match on all attributes
984 */
985 backsql_attrlist_add( bsi, NULL );
986 }
987 rc = 1;
988 goto done;
989 }
990
991 /*
992 * attribute inheritance:
993 */
994 if ( backsql_supad2at( bsi->bsi_oc, ad, &vat ) ) {
995 bsi->bsi_status = LDAP_OTHER;
996 rc = -1;
997 goto done;
998 }
999
1000 if ( vat == NULL ) {
1001 /* search anyway; other parts of the filter
1002 * may succeeed */
1003 backsql_strfcat_x( &bsi->bsi_flt_where,
1004 bsi->bsi_op->o_tmpmemctx,
1005 "l",
1006 (ber_len_t)STRLENOF( "7=7" ), "7=7" );
1007 bsi->bsi_status = LDAP_SUCCESS;
1008 rc = 1;
1009 goto done;
1010 }
1011
1012 /* if required, open extra level of parens */
1013 done = 0;
1014 if ( vat[0]->bam_next || vat[1] ) {
1015 backsql_strfcat_x( &bsi->bsi_flt_where,
1016 bsi->bsi_op->o_tmpmemctx,
1017 "c", '(' );
1018 done = 1;
1019 }
1020
1021 i = 0;
1022 next:;
1023 /* apply attr */
1024 if ( backsql_process_filter_attr( bsi, f, vat[i] ) == -1 ) {
1025 return -1;
1026 }
1027
1028 /* if more definitions of the same attr, apply */
1029 if ( vat[i]->bam_next ) {
1030 backsql_strfcat_x( &bsi->bsi_flt_where,
1031 bsi->bsi_op->o_tmpmemctx,
1032 "l",
1033 STRLENOF( " OR " ), " OR " );
1034 vat[i] = vat[i]->bam_next;
1035 goto next;
1036 }
1037
1038 /* if more descendants of the same attr, apply */
1039 i++;
1040 if ( vat[i] ) {
1041 backsql_strfcat_x( &bsi->bsi_flt_where,
1042 bsi->bsi_op->o_tmpmemctx,
1043 "l",
1044 STRLENOF( " OR " ), " OR " );
1045 goto next;
1046 }
1047
1048 /* if needed, close extra level of parens */
1049 if ( done ) {
1050 backsql_strfcat_x( &bsi->bsi_flt_where,
1051 bsi->bsi_op->o_tmpmemctx,
1052 "c", ')' );
1053 }
1054
1055 rc = 1;
1056
1057 done:;
1058 if ( vat ) {
1059 ch_free( vat );
1060 }
1061
1062 Debug( LDAP_DEBUG_TRACE,
1063 "<==backsql_process_filter() %s\n",
1064 rc == 1 ? "succeeded" : "failed", 0, 0);
1065
1066 return rc;
1067 }
1068
1069 static int
1070 backsql_process_filter_eq( backsql_srch_info *bsi, backsql_at_map_rec *at,
1071 int casefold, struct berval *filter_value )
1072 {
1073 /*
1074 * maybe we should check type of at->sel_expr here somehow,
1075 * to know whether upper_func is applicable, but for now
1076 * upper_func stuff is made for Oracle, where UPPER is
1077 * safely applicable to NUMBER etc.
1078 */
1079 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
1080 ber_len_t start;
1081
1082 backsql_strfcat_x( &bsi->bsi_flt_where,
1083 bsi->bsi_op->o_tmpmemctx,
1084 "cbl",
1085 '(', /* ) */
1086 &at->bam_sel_expr_u,
1087 (ber_len_t)STRLENOF( "='" ),
1088 "='" );
1089
1090 start = bsi->bsi_flt_where.bb_val.bv_len;
1091
1092 backsql_strfcat_x( &bsi->bsi_flt_where,
1093 bsi->bsi_op->o_tmpmemctx,
1094 "bl",
1095 filter_value,
1096 (ber_len_t)STRLENOF( /* (' */ "')" ),
1097 /* (' */ "')" );
1098
1099 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
1100
1101 } else {
1102 backsql_strfcat_x( &bsi->bsi_flt_where,
1103 bsi->bsi_op->o_tmpmemctx,
1104 "cblbl",
1105 '(', /* ) */
1106 &at->bam_sel_expr,
1107 (ber_len_t)STRLENOF( "='" ), "='",
1108 filter_value,
1109 (ber_len_t)STRLENOF( /* (' */ "')" ),
1110 /* (' */ "')" );
1111 }
1112
1113 return 1;
1114 }
1115
1116 static int
1117 backsql_process_filter_like( backsql_srch_info *bsi, backsql_at_map_rec *at,
1118 int casefold, struct berval *filter_value )
1119 {
1120 /*
1121 * maybe we should check type of at->sel_expr here somehow,
1122 * to know whether upper_func is applicable, but for now
1123 * upper_func stuff is made for Oracle, where UPPER is
1124 * safely applicable to NUMBER etc.
1125 */
1126 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
1127 ber_len_t start;
1128
1129 backsql_strfcat_x( &bsi->bsi_flt_where,
1130 bsi->bsi_op->o_tmpmemctx,
1131 "cbl",
1132 '(', /* ) */
1133 &at->bam_sel_expr_u,
1134 (ber_len_t)STRLENOF( " LIKE '%" ),
1135 " LIKE '%" );
1136
1137 start = bsi->bsi_flt_where.bb_val.bv_len;
1138
1139 backsql_strfcat_x( &bsi->bsi_flt_where,
1140 bsi->bsi_op->o_tmpmemctx,
1141 "bl",
1142 filter_value,
1143 (ber_len_t)STRLENOF( /* (' */ "%')" ),
1144 /* (' */ "%')" );
1145
1146 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
1147
1148 } else {
1149 backsql_strfcat_x( &bsi->bsi_flt_where,
1150 bsi->bsi_op->o_tmpmemctx,
1151 "cblbl",
1152 '(', /* ) */
1153 &at->bam_sel_expr,
1154 (ber_len_t)STRLENOF( " LIKE '%" ),
1155 " LIKE '%",
1156 filter_value,
1157 (ber_len_t)STRLENOF( /* (' */ "%')" ),
1158 /* (' */ "%')" );
1159 }
1160
1161 return 1;
1162 }
1163
1164 static int
1165 backsql_process_filter_attr( backsql_srch_info *bsi, Filter *f, backsql_at_map_rec *at )
1166 {
1167 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
1168 int casefold = 0;
1169 struct berval *filter_value = NULL;
1170 MatchingRule *matching_rule = NULL;
1171 struct berval ordering = BER_BVC("<=");
1172
1173 Debug( LDAP_DEBUG_TRACE, "==>backsql_process_filter_attr(%s)\n",
1174 at->bam_ad->ad_cname.bv_val, 0, 0 );
1175
1176 /*
1177 * need to add this attribute to list of attrs to load,
1178 * so that we can do test_filter() later
1179 */
1180 backsql_attrlist_add( bsi, at->bam_ad );
1181
1182 backsql_merge_from_tbls( bsi, &at->bam_from_tbls );
1183
1184 if ( !BER_BVISNULL( &at->bam_join_where )
1185 && strstr( bsi->bsi_join_where.bb_val.bv_val,
1186 at->bam_join_where.bv_val ) == NULL )
1187 {
1188 backsql_strfcat_x( &bsi->bsi_join_where,
1189 bsi->bsi_op->o_tmpmemctx,
1190 "lb",
1191 (ber_len_t)STRLENOF( " AND " ), " AND ",
1192 &at->bam_join_where );
1193 }
1194
1195 switch ( f->f_choice ) {
1196 case LDAP_FILTER_EQUALITY:
1197 filter_value = &f->f_av_value;
1198 matching_rule = at->bam_ad->ad_type->sat_equality;
1199
1200 goto equality_match;
1201
1202 /* fail over into next case */
1203
1204 case LDAP_FILTER_EXT:
1205 filter_value = &f->f_mra->ma_value;
1206 matching_rule = f->f_mr_rule;
1207
1208 equality_match:;
1209 /* always uppercase strings by now */
1210 #ifdef BACKSQL_UPPERCASE_FILTER
1211 if ( SLAP_MR_ASSOCIATED( matching_rule,
1212 bi->sql_caseIgnoreMatch ) )
1213 #endif /* BACKSQL_UPPERCASE_FILTER */
1214 {
1215 casefold = 1;
1216 }
1217
1218 /* FIXME: directoryString filtering should use a similar
1219 * approach to deal with non-prettified values like
1220 * " A non prettified value ", by using a LIKE
1221 * filter with all whitespaces collapsed to a single '%' */
1222 if ( SLAP_MR_ASSOCIATED( matching_rule,
1223 bi->sql_telephoneNumberMatch ) )
1224 {
1225 struct berval bv;
1226 ber_len_t i;
1227
1228 /*
1229 * to check for matching telephone numbers
1230 * with intermized chars, e.g. val='1234'
1231 * use
1232 *
1233 * val LIKE '%1%2%3%4%'
1234 */
1235
1236 bv.bv_len = 2 * filter_value->bv_len - 1;
1237 bv.bv_val = ch_malloc( bv.bv_len + 1 );
1238
1239 bv.bv_val[ 0 ] = filter_value->bv_val[ 0 ];
1240 for ( i = 1; i < filter_value->bv_len; i++ ) {
1241 bv.bv_val[ 2 * i - 1 ] = '%';
1242 bv.bv_val[ 2 * i ] = filter_value->bv_val[ i ];
1243 }
1244 bv.bv_val[ 2 * i - 1 ] = '\0';
1245
1246 (void)backsql_process_filter_like( bsi, at, casefold, &bv );
1247 ch_free( bv.bv_val );
1248
1249 break;
1250 }
1251
1252 /* NOTE: this is required by objectClass inheritance
1253 * and auxiliary objectClass use in filters for slightly
1254 * more efficient candidate selection. */
1255 /* FIXME: a bit too many specializations to deal with
1256 * very specific cases... */
1257 if ( at->bam_ad == slap_schema.si_ad_objectClass
1258 || at->bam_ad == slap_schema.si_ad_structuralObjectClass )
1259 {
1260 backsql_strfcat_x( &bsi->bsi_flt_where,
1261 bsi->bsi_op->o_tmpmemctx,
1262 "lbl",
1263 (ber_len_t)STRLENOF( "(ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */ ),
1264 "(ldap_entries.id=ldap_entry_objclasses.entry_id AND ldap_entry_objclasses.oc_name='" /* ') */,
1265 filter_value,
1266 (ber_len_t)STRLENOF( /* (' */ "')" ),
1267 /* (' */ "')" );
1268 break;
1269 }
1270
1271 /*
1272 * maybe we should check type of at->sel_expr here somehow,
1273 * to know whether upper_func is applicable, but for now
1274 * upper_func stuff is made for Oracle, where UPPER is
1275 * safely applicable to NUMBER etc.
1276 */
1277 (void)backsql_process_filter_eq( bsi, at, casefold, filter_value );
1278 break;
1279
1280 case LDAP_FILTER_GE:
1281 ordering.bv_val = ">=";
1282
1283 /* fall thru to next case */
1284
1285 case LDAP_FILTER_LE:
1286 filter_value = &f->f_av_value;
1287
1288 /* always uppercase strings by now */
1289 #ifdef BACKSQL_UPPERCASE_FILTER
1290 if ( at->bam_ad->ad_type->sat_ordering &&
1291 SLAP_MR_ASSOCIATED( at->bam_ad->ad_type->sat_ordering,
1292 bi->sql_caseIgnoreMatch ) )
1293 #endif /* BACKSQL_UPPERCASE_FILTER */
1294 {
1295 casefold = 1;
1296 }
1297
1298 /*
1299 * FIXME: should we uppercase the operands?
1300 */
1301 if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
1302 ber_len_t start;
1303
1304 backsql_strfcat_x( &bsi->bsi_flt_where,
1305 bsi->bsi_op->o_tmpmemctx,
1306 "cbbc",
1307 '(', /* ) */
1308 &at->bam_sel_expr_u,
1309 &ordering,
1310 '\'' );
1311
1312 start = bsi->bsi_flt_where.bb_val.bv_len;
1313
1314 backsql_strfcat_x( &bsi->bsi_flt_where,
1315 bsi->bsi_op->o_tmpmemctx,
1316 "bl",
1317 filter_value,
1318 (ber_len_t)STRLENOF( /* (' */ "')" ),
1319 /* (' */ "')" );
1320
1321 ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
1322
1323 } else {
1324 backsql_strfcat_x( &bsi->bsi_flt_where,
1325 bsi->bsi_op->o_tmpmemctx,
1326 "cbbcbl",
1327 '(' /* ) */ ,
1328 &at->bam_sel_expr,
1329 &ordering,
1330 '\'',
1331 &f->f_av_value,
1332 (ber_len_t)STRLENOF( /* (' */ "')" ),
1333 /* ( */ "')" );
1334 }
1335 break;
1336
1337 case LDAP_FILTER_PRESENT:
1338 backsql_strfcat_x( &bsi->bsi_flt_where,
1339 bsi->bsi_op->o_tmpmemctx,
1340 "lbl",
1341 (ber_len_t)STRLENOF( "NOT (" /* ) */),
1342 "NOT (", /* ) */
1343 &at->bam_sel_expr,
1344 (ber_len_t)STRLENOF( /* ( */ " IS NULL)" ),
1345 /* ( */ " IS NULL)" );
1346 break;
1347
1348 case LDAP_FILTER_SUBSTRINGS:
1349 backsql_process_sub_filter( bsi, f, at );
1350 break;
1351
1352 case LDAP_FILTER_APPROX:
1353 /* we do our best */
1354
1355 /*
1356 * maybe we should check type of at->sel_expr here somehow,
1357 * to know whether upper_func is applicable, but for now
1358 * upper_func stuff is made for Oracle, where UPPER is
1359 * safely applicable to NUMBER etc.
1360 */
1361 (void)backsql_process_filter_like( bsi, at, 1, &f->f_av_value );
1362 break;
1363
1364 default:
1365 /* unhandled filter type; should not happen */
1366 assert( 0 );
1367 backsql_strfcat_x( &bsi->bsi_flt_where,
1368 bsi->bsi_op->o_tmpmemctx,
1369 "l",
1370 (ber_len_t)STRLENOF( "8=8" ), "8=8" );
1371 break;
1372
1373 }
1374
1375 Debug( LDAP_DEBUG_TRACE, "<==backsql_process_filter_attr(%s)\n",
1376 at->bam_ad->ad_cname.bv_val, 0, 0 );
1377
1378 return 1;
1379 }
1380
1381 static int
1382 backsql_srch_query( backsql_srch_info *bsi, struct berval *query )
1383 {
1384 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
1385 int rc;
1386
1387 assert( query != NULL );
1388 BER_BVZERO( query );
1389
1390 bsi->bsi_use_subtree_shortcut = 0;
1391
1392 Debug( LDAP_DEBUG_TRACE, "==>backsql_srch_query()\n", 0, 0, 0 );
1393 BER_BVZERO( &bsi->bsi_sel.bb_val );
1394 BER_BVZERO( &bsi->bsi_sel.bb_val );
1395 bsi->bsi_sel.bb_len = 0;
1396 BER_BVZERO( &bsi->bsi_from.bb_val );
1397 bsi->bsi_from.bb_len = 0;
1398 BER_BVZERO( &bsi->bsi_join_where.bb_val );
1399 bsi->bsi_join_where.bb_len = 0;
1400 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
1401 bsi->bsi_flt_where.bb_len = 0;
1402
1403 backsql_strfcat_x( &bsi->bsi_sel,
1404 bsi->bsi_op->o_tmpmemctx,
1405 "lbcbc",
1406 (ber_len_t)STRLENOF( "SELECT DISTINCT ldap_entries.id," ),
1407 "SELECT DISTINCT ldap_entries.id,",
1408 &bsi->bsi_oc->bom_keytbl,
1409 '.',
1410 &bsi->bsi_oc->bom_keycol,
1411 ',' );
1412
1413 if ( !BER_BVISNULL( &bi->sql_strcast_func ) ) {
1414 backsql_strfcat_x( &bsi->bsi_sel,
1415 bsi->bsi_op->o_tmpmemctx,
1416 "blbl",
1417 &bi->sql_strcast_func,
1418 (ber_len_t)STRLENOF( "('" /* ') */ ),
1419 "('" /* ') */ ,
1420 &bsi->bsi_oc->bom_oc->soc_cname,
1421 (ber_len_t)STRLENOF( /* (' */ "')" ),
1422 /* (' */ "')" );
1423 } else {
1424 backsql_strfcat_x( &bsi->bsi_sel,
1425 bsi->bsi_op->o_tmpmemctx,
1426 "cbc",
1427 '\'',
1428 &bsi->bsi_oc->bom_oc->soc_cname,
1429 '\'' );
1430 }
1431
1432 backsql_strfcat_x( &bsi->bsi_sel,
1433 bsi->bsi_op->o_tmpmemctx,
1434 "b",
1435 &bi->sql_dn_oc_aliasing );
1436 backsql_strfcat_x( &bsi->bsi_from,
1437 bsi->bsi_op->o_tmpmemctx,
1438 "lb",
1439 (ber_len_t)STRLENOF( " FROM ldap_entries," ),
1440 " FROM ldap_entries,",
1441 &bsi->bsi_oc->bom_keytbl );
1442
1443 backsql_strfcat_x( &bsi->bsi_join_where,
1444 bsi->bsi_op->o_tmpmemctx,
1445 "lbcbl",
1446 (ber_len_t)STRLENOF( " WHERE " ), " WHERE ",
1447 &bsi->bsi_oc->bom_keytbl,
1448 '.',
1449 &bsi->bsi_oc->bom_keycol,
1450 (ber_len_t)STRLENOF( "=ldap_entries.keyval AND ldap_entries.oc_map_id=? AND " ),
1451 "=ldap_entries.keyval AND ldap_entries.oc_map_id=? AND " );
1452
1453 switch ( bsi->bsi_scope ) {
1454 case LDAP_SCOPE_BASE:
1455 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1456 backsql_strfcat_x( &bsi->bsi_join_where,
1457 bsi->bsi_op->o_tmpmemctx,
1458 "bl",
1459 &bi->sql_upper_func,
1460 (ber_len_t)STRLENOF( "(ldap_entries.dn)=?" ),
1461 "(ldap_entries.dn)=?" );
1462 } else {
1463 backsql_strfcat_x( &bsi->bsi_join_where,
1464 bsi->bsi_op->o_tmpmemctx,
1465 "l",
1466 (ber_len_t)STRLENOF( "ldap_entries.dn=?" ),
1467 "ldap_entries.dn=?" );
1468 }
1469 break;
1470
1471 case BACKSQL_SCOPE_BASE_LIKE:
1472 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1473 backsql_strfcat_x( &bsi->bsi_join_where,
1474 bsi->bsi_op->o_tmpmemctx,
1475 "bl",
1476 &bi->sql_upper_func,
1477 (ber_len_t)STRLENOF( "(ldap_entries.dn) LIKE ?" ),
1478 "(ldap_entries.dn) LIKE ?" );
1479 } else {
1480 backsql_strfcat_x( &bsi->bsi_join_where,
1481 bsi->bsi_op->o_tmpmemctx,
1482 "l",
1483 (ber_len_t)STRLENOF( "ldap_entries.dn LIKE ?" ),
1484 "ldap_entries.dn LIKE ?" );
1485 }
1486 break;
1487
1488 case LDAP_SCOPE_ONELEVEL:
1489 backsql_strfcat_x( &bsi->bsi_join_where,
1490 bsi->bsi_op->o_tmpmemctx,
1491 "l",
1492 (ber_len_t)STRLENOF( "ldap_entries.parent=?" ),
1493 "ldap_entries.parent=?" );
1494 break;
1495
1496 case LDAP_SCOPE_SUBORDINATE:
1497 case LDAP_SCOPE_SUBTREE:
1498 if ( BACKSQL_USE_SUBTREE_SHORTCUT( bi ) ) {
1499 int i;
1500 BackendDB *bd = bsi->bsi_op->o_bd;
1501
1502 assert( bd->be_nsuffix != NULL );
1503
1504 for ( i = 0; !BER_BVISNULL( &bd->be_nsuffix[ i ] ); i++ )
1505 {
1506 if ( dn_match( &bd->be_nsuffix[ i ],
1507 bsi->bsi_base_ndn ) )
1508 {
1509 /* pass this to the candidate selection
1510 * routine so that the DN is not bound
1511 * to the select statement */
1512 bsi->bsi_use_subtree_shortcut = 1;
1513 break;
1514 }
1515 }
1516 }
1517
1518 if ( bsi->bsi_use_subtree_shortcut ) {
1519 /* Skip the base DN filter, as every entry will match it */
1520 backsql_strfcat_x( &bsi->bsi_join_where,
1521 bsi->bsi_op->o_tmpmemctx,
1522 "l",
1523 (ber_len_t)STRLENOF( "9=9"), "9=9");
1524
1525 } else if ( !BER_BVISNULL( &bi->sql_subtree_cond ) ) {
1526 /* This should always be true... */
1527 backsql_strfcat_x( &bsi->bsi_join_where,
1528 bsi->bsi_op->o_tmpmemctx,
1529 "b",
1530 &bi->sql_subtree_cond );
1531
1532 } else if ( BACKSQL_CANUPPERCASE( bi ) ) {
1533 backsql_strfcat_x( &bsi->bsi_join_where,
1534 bsi->bsi_op->o_tmpmemctx,
1535 "bl",
1536 &bi->sql_upper_func,
1537 (ber_len_t)STRLENOF( "(ldap_entries.dn) LIKE ?" ),
1538 "(ldap_entries.dn) LIKE ?" );
1539
1540 } else {
1541 backsql_strfcat_x( &bsi->bsi_join_where,
1542 bsi->bsi_op->o_tmpmemctx,
1543 "l",
1544 (ber_len_t)STRLENOF( "ldap_entries.dn LIKE ?" ),
1545 "ldap_entries.dn LIKE ?" );
1546 }
1547
1548 break;
1549
1550 default:
1551 assert( 0 );
1552 }
1553
1554 /* If paged results are in effect, ignore low ldap_entries.id numbers */
1555 if ( get_pagedresults(bsi->bsi_op) > SLAP_CONTROL_IGNORED ) {
1556 unsigned long lowid = 0;
1557
1558 /* Pick up the previous ldap_entries.id if the previous page ended in this objectClass */
1559 if ( bsi->bsi_oc->bom_id == PAGECOOKIE_TO_SQL_OC( ((PagedResultsState *)bsi->bsi_op->o_pagedresults_state)->ps_cookie ) )
1560 {
1561 lowid = PAGECOOKIE_TO_SQL_ID( ((PagedResultsState *)bsi->bsi_op->o_pagedresults_state)->ps_cookie );
1562 }
1563
1564 if ( lowid ) {
1565 char lowidstring[48];
1566 int lowidlen;
1567
1568 lowidlen = snprintf( lowidstring, sizeof( lowidstring ),
1569 " AND ldap_entries.id>%lu", lowid );
1570 backsql_strfcat_x( &bsi->bsi_join_where,
1571 bsi->bsi_op->o_tmpmemctx,
1572 "l",
1573 (ber_len_t)lowidlen,
1574 lowidstring );
1575 }
1576 }
1577
1578 rc = backsql_process_filter( bsi, bsi->bsi_filter );
1579 if ( rc > 0 ) {
1580 struct berbuf bb = BB_NULL;
1581
1582 backsql_strfcat_x( &bb,
1583 bsi->bsi_op->o_tmpmemctx,
1584 "bbblb",
1585 &bsi->bsi_sel.bb_val,
1586 &bsi->bsi_from.bb_val,
1587 &bsi->bsi_join_where.bb_val,
1588 (ber_len_t)STRLENOF( " AND " ), " AND ",
1589 &bsi->bsi_flt_where.bb_val );
1590
1591 *query = bb.bb_val;
1592
1593 } else if ( rc < 0 ) {
1594 /*
1595 * Indicates that there's no possible way the filter matches
1596 * anything. No need to issue the query
1597 */
1598 free( query->bv_val );
1599 BER_BVZERO( query );
1600 }
1601
1602 bsi->bsi_op->o_tmpfree( bsi->bsi_sel.bb_val.bv_val, bsi->bsi_op->o_tmpmemctx );
1603 BER_BVZERO( &bsi->bsi_sel.bb_val );
1604 bsi->bsi_sel.bb_len = 0;
1605 bsi->bsi_op->o_tmpfree( bsi->bsi_from.bb_val.bv_val, bsi->bsi_op->o_tmpmemctx );
1606 BER_BVZERO( &bsi->bsi_from.bb_val );
1607 bsi->bsi_from.bb_len = 0;
1608 bsi->bsi_op->o_tmpfree( bsi->bsi_join_where.bb_val.bv_val, bsi->bsi_op->o_tmpmemctx );
1609 BER_BVZERO( &bsi->bsi_join_where.bb_val );
1610 bsi->bsi_join_where.bb_len = 0;
1611 bsi->bsi_op->o_tmpfree( bsi->bsi_flt_where.bb_val.bv_val, bsi->bsi_op->o_tmpmemctx );
1612 BER_BVZERO( &bsi->bsi_flt_where.bb_val );
1613 bsi->bsi_flt_where.bb_len = 0;
1614
1615 Debug( LDAP_DEBUG_TRACE, "<==backsql_srch_query() returns %s\n",
1616 query->bv_val ? query->bv_val : "NULL", 0, 0 );
1617
1618 return ( rc <= 0 ? 1 : 0 );
1619 }
1620
1621 static int
1622 backsql_oc_get_candidates( void *v_oc, void *v_bsi )
1623 {
1624 backsql_oc_map_rec *oc = v_oc;
1625 backsql_srch_info *bsi = v_bsi;
1626 Operation *op = bsi->bsi_op;
1627 backsql_info *bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
1628 struct berval query;
1629 SQLHSTMT sth = SQL_NULL_HSTMT;
1630 RETCODE rc;
1631 int res;
1632 BACKSQL_ROW_NTS row;
1633 int i;
1634 int j;
1635 int n_candidates = bsi->bsi_n_candidates;
1636
1637 /*
1638 * + 1 because we need room for '%';
1639 * + 1 because we need room for ',' for LDAP_SCOPE_SUBORDINATE;
1640 * this makes a subtree
1641 * search for a DN BACKSQL_MAX_DN_LEN long legal
1642 * if it returns that DN only
1643 */
1644 char tmp_base_ndn[ BACKSQL_MAX_DN_LEN + 1 + 1 ];
1645
1646 bsi->bsi_status = LDAP_SUCCESS;
1647
1648 Debug( LDAP_DEBUG_TRACE, "==>backsql_oc_get_candidates(): oc=\"%s\"\n",
1649 BACKSQL_OC_NAME( oc ), 0, 0 );
1650
1651 /* check for abandon */
1652 if ( op->o_abandon ) {
1653 bsi->bsi_status = SLAPD_ABANDON;
1654 return BACKSQL_AVL_STOP;
1655 }
1656
1657 /* If paged results have already completed this objectClass, skip it */
1658 if ( get_pagedresults(op) > SLAP_CONTROL_IGNORED ) {
1659 if ( oc->bom_id < PAGECOOKIE_TO_SQL_OC( ((PagedResultsState *)op->o_pagedresults_state)->ps_cookie ) )
1660 {
1661 return BACKSQL_AVL_CONTINUE;
1662 }
1663 }
1664
1665 if ( bsi->bsi_n_candidates == -1 ) {
1666 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1667 "unchecked limit has been overcome\n", 0, 0, 0 );
1668 /* should never get here */
1669 assert( 0 );
1670 bsi->bsi_status = LDAP_ADMINLIMIT_EXCEEDED;
1671 return BACKSQL_AVL_STOP;
1672 }
1673
1674 bsi->bsi_oc = oc;
1675 res = backsql_srch_query( bsi, &query );
1676 if ( res ) {
1677 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1678 "error while constructing query for objectclass \"%s\"\n",
1679 oc->bom_oc->soc_cname.bv_val, 0, 0 );
1680 /*
1681 * FIXME: need to separate errors from legally
1682 * impossible filters
1683 */
1684 switch ( bsi->bsi_status ) {
1685 case LDAP_SUCCESS:
1686 case LDAP_UNDEFINED_TYPE:
1687 case LDAP_NO_SUCH_OBJECT:
1688 /* we are conservative... */
1689 default:
1690 bsi->bsi_status = LDAP_SUCCESS;
1691 /* try next */
1692 return BACKSQL_AVL_CONTINUE;
1693
1694 case LDAP_ADMINLIMIT_EXCEEDED:
1695 case LDAP_OTHER:
1696 /* don't try any more */
1697 return BACKSQL_AVL_STOP;
1698 }
1699 }
1700
1701 if ( BER_BVISNULL( &query ) ) {
1702 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1703 "could not construct query for objectclass \"%s\"\n",
1704 oc->bom_oc->soc_cname.bv_val, 0, 0 );
1705 bsi->bsi_status = LDAP_SUCCESS;
1706 return BACKSQL_AVL_CONTINUE;
1707 }
1708
1709 Debug( LDAP_DEBUG_TRACE, "Constructed query: %s\n",
1710 query.bv_val, 0, 0 );
1711
1712 rc = backsql_Prepare( bsi->bsi_dbh, &sth, query.bv_val, 0 );
1713 bsi->bsi_op->o_tmpfree( query.bv_val, bsi->bsi_op->o_tmpmemctx );
1714 BER_BVZERO( &query );
1715 if ( rc != SQL_SUCCESS ) {
1716 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1717 "error preparing query\n", 0, 0, 0 );
1718 backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh, sth, rc );
1719 bsi->bsi_status = LDAP_OTHER;
1720 return BACKSQL_AVL_CONTINUE;
1721 }
1722
1723 Debug( LDAP_DEBUG_TRACE, "id: '%ld'\n", bsi->bsi_oc->bom_id, 0, 0 );
1724
1725 rc = backsql_BindParamInt( sth, 1, SQL_PARAM_INPUT,
1726 &bsi->bsi_oc->bom_id );
1727 if ( rc != SQL_SUCCESS ) {
1728 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1729 "error binding objectclass id parameter\n", 0, 0, 0 );
1730 bsi->bsi_status = LDAP_OTHER;
1731 return BACKSQL_AVL_CONTINUE;
1732 }
1733
1734 switch ( bsi->bsi_scope ) {
1735 case LDAP_SCOPE_BASE:
1736 case BACKSQL_SCOPE_BASE_LIKE:
1737 /*
1738 * We do not accept DNs longer than BACKSQL_MAX_DN_LEN;
1739 * however this should be handled earlier
1740 */
1741 if ( bsi->bsi_base_ndn->bv_len > BACKSQL_MAX_DN_LEN ) {
1742 bsi->bsi_status = LDAP_OTHER;
1743 return BACKSQL_AVL_CONTINUE;
1744 }
1745
1746 AC_MEMCPY( tmp_base_ndn, bsi->bsi_base_ndn->bv_val,
1747 bsi->bsi_base_ndn->bv_len + 1 );
1748
1749 /* uppercase DN only if the stored DN can be uppercased
1750 * for comparison */
1751 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1752 ldap_pvt_str2upper( tmp_base_ndn );
1753 }
1754
1755 Debug( LDAP_DEBUG_TRACE, "(base)dn: \"%s\"\n",
1756 tmp_base_ndn, 0, 0 );
1757
1758 rc = backsql_BindParamStr( sth, 2, SQL_PARAM_INPUT,
1759 tmp_base_ndn, BACKSQL_MAX_DN_LEN );
1760 if ( rc != SQL_SUCCESS ) {
1761 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1762 "error binding base_ndn parameter\n", 0, 0, 0 );
1763 backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh,
1764 sth, rc );
1765 bsi->bsi_status = LDAP_OTHER;
1766 return BACKSQL_AVL_CONTINUE;
1767 }
1768 break;
1769
1770 case LDAP_SCOPE_SUBORDINATE:
1771 case LDAP_SCOPE_SUBTREE:
1772 {
1773 /* if short-cutting the search base,
1774 * don't bind any parameter */
1775 if ( bsi->bsi_use_subtree_shortcut ) {
1776 break;
1777 }
1778
1779 /*
1780 * We do not accept DNs longer than BACKSQL_MAX_DN_LEN;
1781 * however this should be handled earlier
1782 */
1783 if ( bsi->bsi_base_ndn->bv_len > BACKSQL_MAX_DN_LEN ) {
1784 bsi->bsi_status = LDAP_OTHER;
1785 return BACKSQL_AVL_CONTINUE;
1786 }
1787
1788 /*
1789 * Sets the parameters for the SQL built earlier
1790 * NOTE that all the databases could actually use
1791 * the TimesTen version, which would be cleaner
1792 * and would also eliminate the need for the
1793 * subtree_cond line in the configuration file.
1794 * For now, I'm leaving it the way it is,
1795 * so non-TimesTen databases use the original code.
1796 * But at some point this should get cleaned up.
1797 *
1798 * If "dn" is being used, do a suffix search.
1799 * If "dn_ru" is being used, do a prefix search.
1800 */
1801 if ( BACKSQL_HAS_LDAPINFO_DN_RU( bi ) ) {
1802 tmp_base_ndn[ 0 ] = '\0';
1803
1804 for ( i = 0, j = bsi->bsi_base_ndn->bv_len - 1;
1805 j >= 0; i++, j--) {
1806 tmp_base_ndn[ i ] = bsi->bsi_base_ndn->bv_val[ j ];
1807 }
1808
1809 if ( bsi->bsi_scope == LDAP_SCOPE_SUBORDINATE ) {
1810 tmp_base_ndn[ i++ ] = ',';
1811 }
1812
1813 tmp_base_ndn[ i ] = '%';
1814 tmp_base_ndn[ i + 1 ] = '\0';
1815
1816 } else {
1817 i = 0;
1818
1819 tmp_base_ndn[ i++ ] = '%';
1820
1821 if ( bsi->bsi_scope == LDAP_SCOPE_SUBORDINATE ) {
1822 tmp_base_ndn[ i++ ] = ',';
1823 }
1824
1825 AC_MEMCPY( &tmp_base_ndn[ i ], bsi->bsi_base_ndn->bv_val,
1826 bsi->bsi_base_ndn->bv_len + 1 );
1827 }
1828
1829 /* uppercase DN only if the stored DN can be uppercased
1830 * for comparison */
1831 if ( BACKSQL_CANUPPERCASE( bi ) ) {
1832 ldap_pvt_str2upper( tmp_base_ndn );
1833 }
1834
1835 if ( bsi->bsi_scope == LDAP_SCOPE_SUBORDINATE ) {
1836 Debug( LDAP_DEBUG_TRACE, "(children)dn: \"%s\"\n",
1837 tmp_base_ndn, 0, 0 );
1838 } else {
1839 Debug( LDAP_DEBUG_TRACE, "(sub)dn: \"%s\"\n",
1840 tmp_base_ndn, 0, 0 );
1841 }
1842
1843 rc = backsql_BindParamStr( sth, 2, SQL_PARAM_INPUT,
1844 tmp_base_ndn, BACKSQL_MAX_DN_LEN );
1845 if ( rc != SQL_SUCCESS ) {
1846 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1847 "error binding base_ndn parameter (2)\n",
1848 0, 0, 0 );
1849 backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh,
1850 sth, rc );
1851 bsi->bsi_status = LDAP_OTHER;
1852 return BACKSQL_AVL_CONTINUE;
1853 }
1854 break;
1855 }
1856
1857 case LDAP_SCOPE_ONELEVEL:
1858 assert( !BER_BVISNULL( &bsi->bsi_base_id.eid_ndn ) );
1859
1860 #ifdef BACKSQL_ARBITRARY_KEY
1861 Debug( LDAP_DEBUG_TRACE, "(one)id: \"%s\"\n",
1862 bsi->bsi_base_id.eid_id.bv_val, 0, 0 );
1863 #else /* ! BACKSQL_ARBITRARY_KEY */
1864 Debug( LDAP_DEBUG_TRACE, "(one)id: '%lu'\n",
1865 bsi->bsi_base_id.eid_id, 0, 0 );
1866 #endif /* ! BACKSQL_ARBITRARY_KEY */
1867 rc = backsql_BindParamID( sth, 2, SQL_PARAM_INPUT,
1868 &bsi->bsi_base_id.eid_id );
1869 if ( rc != SQL_SUCCESS ) {
1870 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1871 "error binding base id parameter\n", 0, 0, 0 );
1872 bsi->bsi_status = LDAP_OTHER;
1873 return BACKSQL_AVL_CONTINUE;
1874 }
1875 break;
1876 }
1877
1878 rc = SQLExecute( sth );
1879 if ( !BACKSQL_SUCCESS( rc ) ) {
1880 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1881 "error executing query\n", 0, 0, 0 );
1882 backsql_PrintErrors( bi->sql_db_env, bsi->bsi_dbh, sth, rc );
1883 SQLFreeStmt( sth, SQL_DROP );
1884 bsi->bsi_status = LDAP_OTHER;
1885 return BACKSQL_AVL_CONTINUE;
1886 }
1887
1888 backsql_BindRowAsStrings_x( sth, &row, bsi->bsi_op->o_tmpmemctx );
1889 rc = SQLFetch( sth );
1890 for ( ; BACKSQL_SUCCESS( rc ); rc = SQLFetch( sth ) ) {
1891 struct berval dn, pdn, ndn;
1892 backsql_entryID *c_id = NULL;
1893 int ret;
1894
1895 ber_str2bv( row.cols[ 3 ], 0, 0, &dn );
1896
1897 if ( backsql_api_odbc2dn( bsi->bsi_op, bsi->bsi_rs, &dn ) ) {
1898 continue;
1899 }
1900
1901 ret = dnPrettyNormal( NULL, &dn, &pdn, &ndn, op->o_tmpmemctx );
1902 if ( dn.bv_val != row.cols[ 3 ] ) {
1903 free( dn.bv_val );
1904 }
1905
1906 if ( ret != LDAP_SUCCESS ) {
1907 continue;
1908 }
1909
1910 if ( bi->sql_baseObject && dn_match( &ndn, &bi->sql_baseObject->e_nname ) ) {
1911 goto cleanup;
1912 }
1913
1914 c_id = (backsql_entryID *)op->o_tmpcalloc( 1,
1915 sizeof( backsql_entryID ), op->o_tmpmemctx );
1916 #ifdef BACKSQL_ARBITRARY_KEY
1917 ber_str2bv_x( row.cols[ 0 ], 0, 1, &c_id->eid_id,
1918 op->o_tmpmemctx );
1919 ber_str2bv_x( row.cols[ 1 ], 0, 1, &c_id->eid_keyval,
1920 op->o_tmpmemctx );
1921 #else /* ! BACKSQL_ARBITRARY_KEY */
1922 if ( lutil_atoulx( &c_id->eid_id, row.cols[ 0 ], 0 ) != 0 ) {
1923 goto cleanup;
1924 }
1925 if ( lutil_atoulx( &c_id->eid_keyval, row.cols[ 1 ], 0 ) != 0 ) {
1926 goto cleanup;
1927 }
1928 #endif /* ! BACKSQL_ARBITRARY_KEY */
1929 c_id->eid_oc = bsi->bsi_oc;
1930 c_id->eid_oc_id = bsi->bsi_oc->bom_id;
1931
1932 c_id->eid_dn = pdn;
1933 c_id->eid_ndn = ndn;
1934
1935 /* append at end of list ... */
1936 c_id->eid_next = NULL;
1937 *bsi->bsi_id_listtail = c_id;
1938 bsi->bsi_id_listtail = &c_id->eid_next;
1939
1940 #ifdef BACKSQL_ARBITRARY_KEY
1941 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1942 "added entry id=%s, keyval=%s dn=\"%s\"\n",
1943 c_id->eid_id.bv_val, c_id->eid_keyval.bv_val,
1944 row.cols[ 3 ] );
1945 #else /* ! BACKSQL_ARBITRARY_KEY */
1946 Debug( LDAP_DEBUG_TRACE, "backsql_oc_get_candidates(): "
1947 "added entry id=%ld, keyval=%ld dn=\"%s\"\n",
1948 c_id->eid_id, c_id->eid_keyval, row.cols[ 3 ] );
1949 #endif /* ! BACKSQL_ARBITRARY_KEY */
1950
1951 /* count candidates, for unchecked limit */
1952 bsi->bsi_n_candidates--;
1953 if ( bsi->bsi_n_candidates == -1 ) {
1954 break;
1955 }
1956 continue;
1957
1958 cleanup:;
1959 if ( !BER_BVISNULL( &pdn ) ) {
1960 op->o_tmpfree( pdn.bv_val, op->o_tmpmemctx );
1961 }
1962 if ( !BER_BVISNULL( &ndn ) ) {
1963 op->o_tmpfree( ndn.bv_val, op->o_tmpmemctx );
1964 }
1965 if ( c_id != NULL ) {
1966 ch_free( c_id );
1967 }
1968 }
1969 backsql_FreeRow_x( &row, bsi->bsi_op->o_tmpmemctx );
1970 SQLFreeStmt( sth, SQL_DROP );
1971
1972 Debug( LDAP_DEBUG_TRACE, "<==backsql_oc_get_candidates(): %d\n",
1973 n_candidates - bsi->bsi_n_candidates, 0, 0 );
1974
1975 return ( bsi->bsi_n_candidates == -1 ? BACKSQL_AVL_STOP : BACKSQL_AVL_CONTINUE );
1976 }
1977
1978 int
1979 backsql_search( Operation *op, SlapReply *rs )
1980 {
1981 backsql_info *bi = (backsql_info *)op->o_bd->be_private;
1982 SQLHDBC dbh = SQL_NULL_HDBC;
1983 int sres;
1984 Entry user_entry = { 0 },
1985 base_entry = { 0 };
1986 int manageDSAit = get_manageDSAit( op );
1987 time_t stoptime = 0;
1988 backsql_srch_info bsi = { 0 };
1989 backsql_entryID *eid = NULL;
1990 struct berval nbase = BER_BVNULL;
1991 unsigned long lastid = 0;
1992
1993 Debug( LDAP_DEBUG_TRACE, "==>backsql_search(): "
1994 "base=\"%s\", filter=\"%s\", scope=%d,",
1995 op->o_req_ndn.bv_val,
1996 op->ors_filterstr.bv_val,
1997 op->ors_scope );
1998 Debug( LDAP_DEBUG_TRACE, " deref=%d, attrsonly=%d, "
1999 "attributes to load: %s\n",
2000 op->ors_deref,
2001 op->ors_attrsonly,
2002 op->ors_attrs == NULL ? "all" : "custom list" );
2003
2004 if ( op->o_req_ndn.bv_len > BACKSQL_MAX_DN_LEN ) {
2005 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
2006 "search base length (%ld) exceeds max length (%d)\n",
2007 op->o_req_ndn.bv_len, BACKSQL_MAX_DN_LEN, 0 );
2008 /*
2009 * FIXME: a LDAP_NO_SUCH_OBJECT could be appropriate
2010 * since it is impossible that such a long DN exists
2011 * in the backend
2012 */
2013 rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
2014 send_ldap_result( op, rs );
2015 return 1;
2016 }
2017
2018 sres = backsql_get_db_conn( op, &dbh );
2019 if ( sres != LDAP_SUCCESS ) {
2020 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
2021 "could not get connection handle - exiting\n",
2022 0, 0, 0 );
2023 rs->sr_err = sres;
2024 rs->sr_text = sres == LDAP_OTHER ? "SQL-backend error" : NULL;
2025 send_ldap_result( op, rs );
2026 return 1;
2027 }
2028
2029 /* compute it anyway; root does not use it */
2030 stoptime = op->o_time + op->ors_tlimit;
2031
2032 /* init search */
2033 bsi.bsi_e = &base_entry;
2034 rs->sr_err = backsql_init_search( &bsi, &op->o_req_ndn,
2035 op->ors_scope,
2036 stoptime, op->ors_filter,
2037 dbh, op, rs, op->ors_attrs,
2038 ( BACKSQL_ISF_MATCHED | BACKSQL_ISF_GET_ENTRY ) );
2039 switch ( rs->sr_err ) {
2040 case LDAP_SUCCESS:
2041 break;
2042
2043 case LDAP_REFERRAL:
2044 if ( manageDSAit && !BER_BVISNULL( &bsi.bsi_e->e_nname ) &&
2045 dn_match( &op->o_req_ndn, &bsi.bsi_e->e_nname ) )
2046 {
2047 rs->sr_err = LDAP_SUCCESS;
2048 rs->sr_text = NULL;
2049 rs->sr_matched = NULL;
2050 if ( rs->sr_ref ) {
2051 ber_bvarray_free( rs->sr_ref );
2052 rs->sr_ref = NULL;
2053 }
2054 break;
2055 }
2056
2057 /* an entry was created; free it */
2058 entry_clean( bsi.bsi_e );
2059
2060 /* fall thru */
2061
2062 default:
2063 if ( !BER_BVISNULL( &base_entry.e_nname )
2064 && !access_allowed( op, &base_entry,
2065 slap_schema.si_ad_entry, NULL,
2066 ACL_DISCLOSE, NULL ) )
2067 {
2068 rs->sr_err = LDAP_NO_SUCH_OBJECT;
2069 if ( rs->sr_ref ) {
2070 ber_bvarray_free( rs->sr_ref );
2071 rs->sr_ref = NULL;
2072 }
2073 rs->sr_matched = NULL;
2074 rs->sr_text = NULL;
2075 }
2076
2077 send_ldap_result( op, rs );
2078
2079 if ( rs->sr_ref ) {
2080 ber_bvarray_free( rs->sr_ref );
2081 rs->sr_ref = NULL;
2082 }
2083
2084 if ( !BER_BVISNULL( &base_entry.e_nname ) ) {
2085 entry_clean( &base_entry );
2086 }
2087
2088 goto done;
2089 }
2090 /* NOTE: __NEW__ "search" access is required
2091 * on searchBase object */
2092 {
2093 slap_mask_t mask;
2094
2095 if ( get_assert( op ) &&
2096 ( test_filter( op, &base_entry, get_assertion( op ) )
2097 != LDAP_COMPARE_TRUE ) )
2098 {
2099 rs->sr_err = LDAP_ASSERTION_FAILED;
2100
2101 }
2102 if ( ! access_allowed_mask( op, &base_entry,
2103 slap_schema.si_ad_entry,
2104 NULL, ACL_SEARCH, NULL, &mask ) )
2105 {
2106 if ( rs->sr_err == LDAP_SUCCESS ) {
2107 rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
2108 }
2109 }
2110
2111 if ( rs->sr_err != LDAP_SUCCESS ) {
2112 if ( !ACL_GRANT( mask, ACL_DISCLOSE ) ) {
2113 rs->sr_err = LDAP_NO_SUCH_OBJECT;
2114 rs->sr_text = NULL;
2115 }
2116 send_ldap_result( op, rs );
2117 goto done;
2118 }
2119 }
2120
2121 bsi.bsi_e = NULL;
2122
2123 bsi.bsi_n_candidates =
2124 ( op->ors_limit == NULL /* isroot == TRUE */ ? -2 :
2125 ( op->ors_limit->lms_s_unchecked == -1 ? -2 :
2126 ( op->ors_limit->lms_s_unchecked ) ) );
2127
2128 /* If paged results are in effect, check the paging cookie */
2129 if ( get_pagedresults( op ) > SLAP_CONTROL_IGNORED ) {
2130 rs->sr_err = parse_paged_cookie( op, rs );
2131 if ( rs->sr_err != LDAP_SUCCESS ) {
2132 send_ldap_result( op, rs );
2133 goto done;
2134 }
2135 }
2136
2137 switch ( bsi.bsi_scope ) {
2138 case LDAP_SCOPE_BASE:
2139 case BACKSQL_SCOPE_BASE_LIKE:
2140 /*
2141 * probably already found...
2142 */
2143 bsi.bsi_id_list = &bsi.bsi_base_id;
2144 bsi.bsi_id_listtail = &bsi.bsi_base_id.eid_next;
2145 break;
2146
2147 case LDAP_SCOPE_SUBTREE:
2148 /*
2149 * if baseObject is defined, and if it is the root
2150 * of the search, add it to the candidate list
2151 */
2152 if ( bi->sql_baseObject && BACKSQL_IS_BASEOBJECT_ID( &bsi.bsi_base_id.eid_id ) )
2153 {
2154 bsi.bsi_id_list = &bsi.bsi_base_id;
2155 bsi.bsi_id_listtail = &bsi.bsi_base_id.eid_next;
2156 }
2157
2158 /* FALLTHRU */
2159 default:
2160
2161 /*
2162 * for each objectclass we try to construct query which gets IDs
2163 * of entries matching LDAP query filter and scope (or at least
2164 * candidates), and get the IDs. Do this in ID order for paging.
2165 */
2166 avl_apply( bi->sql_oc_by_id, backsql_oc_get_candidates,
2167 &bsi, BACKSQL_AVL_STOP, AVL_INORDER );
2168
2169 /* check for abandon */
2170 if ( op->o_abandon ) {
2171 eid = bsi.bsi_id_list;
2172 rs->sr_err = SLAPD_ABANDON;
2173 goto send_results;
2174 }
2175 }
2176
2177 if ( op->ors_limit != NULL /* isroot == FALSE */
2178 && op->ors_limit->lms_s_unchecked != -1
2179 && bsi.bsi_n_candidates == -1 )
2180 {
2181 rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
2182 send_ldap_result( op, rs );
2183 goto done;
2184 }
2185
2186 /*
2187 * now we load candidate entries (only those attributes
2188 * mentioned in attrs and filter), test it against full filter
2189 * and then send to client; don't free entry_id if baseObject...
2190 */
2191 for ( eid = bsi.bsi_id_list;
2192 eid != NULL;
2193 eid = backsql_free_entryID(
2194 eid, eid == &bsi.bsi_base_id ? 0 : 1, op->o_tmpmemctx ) )
2195 {
2196 int rc;
2197 Attribute *a_hasSubordinate = NULL,
2198 *a_entryUUID = NULL,
2199 *a_entryCSN = NULL,
2200 **ap = NULL;
2201 Entry *e = NULL;
2202
2203 /* check for abandon */
2204 if ( op->o_abandon ) {
2205 rs->sr_err = SLAPD_ABANDON;
2206 goto send_results;
2207 }
2208
2209 /* check time limit */
2210 if ( op->ors_tlimit != SLAP_NO_LIMIT
2211 && slap_get_time() > stoptime )
2212 {
2213 rs->sr_err = LDAP_TIMELIMIT_EXCEEDED;
2214 rs->sr_ctrls = NULL;
2215 rs->sr_ref = rs->sr_v2ref;
2216 goto send_results;
2217 }
2218
2219 #ifdef BACKSQL_ARBITRARY_KEY
2220 Debug(LDAP_DEBUG_TRACE, "backsql_search(): loading data "
2221 "for entry id=%s, oc_id=%ld, keyval=%s\n",
2222 eid->eid_id.bv_val, eid->eid_oc_id,
2223 eid->eid_keyval.bv_val );
2224 #else /* ! BACKSQL_ARBITRARY_KEY */
2225 Debug(LDAP_DEBUG_TRACE, "backsql_search(): loading data "
2226 "for entry id=%ld, oc_id=%ld, keyval=%ld\n",
2227 eid->eid_id, eid->eid_oc_id, eid->eid_keyval );
2228 #endif /* ! BACKSQL_ARBITRARY_KEY */
2229
2230 /* check scope */
2231 switch ( op->ors_scope ) {
2232 case LDAP_SCOPE_BASE:
2233 case BACKSQL_SCOPE_BASE_LIKE:
2234 if ( !dn_match( &eid->eid_ndn, &op->o_req_ndn ) ) {
2235 goto next_entry2;
2236 }
2237 break;
2238
2239 case LDAP_SCOPE_ONE:
2240 {
2241 struct berval rdn = eid->eid_ndn;
2242
2243 rdn.bv_len -= op->o_req_ndn.bv_len + STRLENOF( "," );
2244 if ( !dnIsOneLevelRDN( &rdn ) ) {
2245 goto next_entry2;
2246 }
2247 /* fall thru */
2248 }
2249
2250 case LDAP_SCOPE_SUBORDINATE:
2251 /* discard the baseObject entry */
2252 if ( dn_match( &eid->eid_ndn, &op->o_req_ndn ) ) {
2253 goto next_entry2;
2254 }
2255 /* FALLTHRU */
2256 case LDAP_SCOPE_SUBTREE:
2257 /* FIXME: this should never fail... */
2258 if ( !dnIsSuffix( &eid->eid_ndn, &op->o_req_ndn ) ) {
2259 goto next_entry2;
2260 }
2261 break;
2262 }
2263
2264 if ( BACKSQL_IS_BASEOBJECT_ID( &eid->eid_id ) ) {
2265 /* don't recollect baseObject... */
2266 e = bi->sql_baseObject;
2267
2268 } else if ( eid == &bsi.bsi_base_id ) {
2269 /* don't recollect searchBase object... */
2270 e = &base_entry;
2271
2272 } else {
2273 bsi.bsi_e = &user_entry;
2274 rc = backsql_id2entry( &bsi, eid );
2275 if ( rc != LDAP_SUCCESS ) {
2276 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
2277 "error %d in backsql_id2entry() "
2278 "- skipping\n", rc, 0, 0 );
2279 continue;
2280 }
2281 e = &user_entry;
2282 }
2283
2284 if ( !manageDSAit &&
2285 op->ors_scope != LDAP_SCOPE_BASE &&
2286 op->ors_scope != BACKSQL_SCOPE_BASE_LIKE &&
2287 is_entry_referral( e ) )
2288 {
2289 BerVarray refs;
2290
2291 refs = get_entry_referrals( op, e );
2292 if ( !refs ) {
2293 backsql_srch_info bsi2 = { 0 };
2294 Entry user_entry2 = { 0 };
2295
2296 /* retry with the full entry... */
2297 bsi2.bsi_e = &user_entry2;
2298 rc = backsql_init_search( &bsi2,
2299 &e->e_nname,
2300 LDAP_SCOPE_BASE,
2301 (time_t)(-1), NULL,
2302 dbh, op, rs, NULL,
2303 BACKSQL_ISF_GET_ENTRY );
2304 if ( rc == LDAP_SUCCESS ) {
2305 if ( is_entry_referral( &user_entry2 ) )
2306 {
2307 refs = get_entry_referrals( op,
2308 &user_entry2 );
2309 } else {
2310 rs->sr_err = LDAP_OTHER;
2311 }
2312 backsql_entry_clean( op, &user_entry2 );
2313 }
2314 if ( bsi2.bsi_attrs != NULL ) {
2315 op->o_tmpfree( bsi2.bsi_attrs,
2316 op->o_tmpmemctx );
2317 }
2318 }
2319
2320 if ( refs ) {
2321 rs->sr_ref = referral_rewrite( refs,
2322 &e->e_name,
2323 &op->o_req_dn,
2324 op->ors_scope );
2325 ber_bvarray_free( refs );
2326 }
2327
2328 if ( rs->sr_ref ) {
2329 rs->sr_err = LDAP_REFERRAL;
2330
2331 } else {
2332 rs->sr_text = "bad referral object";
2333 }
2334
2335 rs->sr_entry = e;
2336 rs->sr_matched = user_entry.e_name.bv_val;
2337 send_search_reference( op, rs );
2338
2339 ber_bvarray_free( rs->sr_ref );
2340 rs->sr_ref = NULL;
2341 rs->sr_matched = NULL;
2342 rs->sr_entry = NULL;
2343 if ( rs->sr_err == LDAP_REFERRAL ) {
2344 rs->sr_err = LDAP_SUCCESS;
2345 }
2346
2347 goto next_entry;
2348 }
2349
2350 /*
2351 * We use this flag since we need to parse the filter
2352 * anyway; we should have used the frontend API function
2353 * filter_has_subordinates()
2354 */
2355 if ( bsi.bsi_flags & BSQL_SF_FILTER_HASSUBORDINATE ) {
2356 rc = backsql_has_children( op, dbh, &e->e_nname );
2357
2358 switch ( rc ) {
2359 case LDAP_COMPARE_TRUE:
2360 case LDAP_COMPARE_FALSE:
2361 a_hasSubordinate = slap_operational_hasSubordinate( rc == LDAP_COMPARE_TRUE );
2362 if ( a_hasSubordinate != NULL ) {
2363 for ( ap = &user_entry.e_attrs;
2364 *ap;
2365 ap = &(*ap)->a_next );
2366
2367 *ap = a_hasSubordinate;
2368 }
2369 rc = 0;
2370 break;
2371
2372 default:
2373 Debug(LDAP_DEBUG_TRACE,
2374 "backsql_search(): "
2375 "has_children failed( %d)\n",
2376 rc, 0, 0 );
2377 rc = 1;
2378 goto next_entry;
2379 }
2380 }
2381
2382 if ( bsi.bsi_flags & BSQL_SF_FILTER_ENTRYUUID ) {
2383 a_entryUUID = backsql_operational_entryUUID( bi, eid );
2384 if ( a_entryUUID != NULL ) {
2385 if ( ap == NULL ) {
2386 ap = &user_entry.e_attrs;
2387 }
2388
2389 for ( ; *ap; ap = &(*ap)->a_next );
2390
2391 *ap = a_entryUUID;
2392 }
2393 }
2394
2395 #ifdef BACKSQL_SYNCPROV
2396 if ( bsi.bsi_flags & BSQL_SF_FILTER_ENTRYCSN ) {
2397 a_entryCSN = backsql_operational_entryCSN( op );
2398 if ( a_entryCSN != NULL ) {
2399 if ( ap == NULL ) {
2400 ap = &user_entry.e_attrs;
2401 }
2402
2403 for ( ; *ap; ap = &(*ap)->a_next );
2404
2405 *ap = a_entryCSN;
2406 }
2407 }
2408 #endif /* BACKSQL_SYNCPROV */
2409
2410 if ( test_filter( op, e, op->ors_filter ) == LDAP_COMPARE_TRUE )
2411 {
2412 /* If paged results are in effect, see if the page limit was exceeded */
2413 if ( get_pagedresults(op) > SLAP_CONTROL_IGNORED ) {
2414 if ( rs->sr_nentries >= ((PagedResultsState *)op->o_pagedresults_state)->ps_size )
2415 {
2416 e = NULL;
2417 send_paged_response( op, rs, &lastid );
2418 goto done;
2419 }
2420 lastid = SQL_TO_PAGECOOKIE( eid->eid_id, eid->eid_oc_id );
2421 }
2422 rs->sr_attrs = op->ors_attrs;
2423 rs->sr_operational_attrs = NULL;
2424 rs->sr_entry = e;
2425 e->e_private = (void *)eid;
2426 rs->sr_flags = ( e == &user_entry ) ? REP_ENTRY_MODIFIABLE : 0;
2427 /* FIXME: need the whole entry (ITS#3480) */
2428 rs->sr_err = send_search_entry( op, rs );
2429 e->e_private = NULL;
2430 rs->sr_entry = NULL;
2431 rs->sr_attrs = NULL;
2432 rs->sr_operational_attrs = NULL;
2433
2434 switch ( rs->sr_err ) {
2435 case LDAP_UNAVAILABLE:
2436 /*
2437 * FIXME: send_search_entry failed;
2438 * better stop
2439 */
2440 Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
2441 "connection lost\n", 0, 0, 0 );
2442 goto end_of_search;
2443
2444 case LDAP_SIZELIMIT_EXCEEDED:
2445 goto send_results;
2446 }
2447 }
2448
2449 next_entry:;
2450 if ( e == &user_entry ) {
2451 backsql_entry_clean( op, &user_entry );
2452 }
2453
2454 next_entry2:;
2455 }
2456
2457 end_of_search:;
2458 if ( rs->sr_nentries > 0 ) {
2459 rs->sr_ref = rs->sr_v2ref;
2460 rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS
2461 : LDAP_REFERRAL;
2462
2463 } else {
2464 rs->sr_err = bsi.bsi_status;
2465 }
2466
2467 send_results:;
2468 if ( rs->sr_err != SLAPD_ABANDON ) {
2469 if ( get_pagedresults(op) > SLAP_CONTROL_IGNORED ) {
2470 send_paged_response( op, rs, NULL );
2471 } else {
2472 send_ldap_result( op, rs );
2473 }
2474 }
2475
2476 /* cleanup in case of abandon */
2477 for ( ; eid != NULL;
2478 eid = backsql_free_entryID(
2479 eid, eid == &bsi.bsi_base_id ? 0 : 1, op->o_tmpmemctx ) )
2480 ;
2481
2482 backsql_entry_clean( op, &base_entry );
2483
2484 /* in case we got here accidentally */
2485 backsql_entry_clean( op, &user_entry );
2486
2487 if ( rs->sr_v2ref ) {
2488 ber_bvarray_free( rs->sr_v2ref );
2489 rs->sr_v2ref = NULL;
2490 }
2491
2492 #ifdef BACKSQL_SYNCPROV
2493 if ( op->o_sync ) {
2494 Operation op2 = *op;
2495 SlapReply rs2 = { 0 };
2496 Entry *e = entry_alloc();
2497 slap_callback cb = { 0 };
2498
2499 op2.o_tag = LDAP_REQ_ADD;
2500 op2.o_bd = select_backend( &op->o_bd->be_nsuffix[0], 0 );
2501 op2.ora_e = e;
2502 op2.o_callback = &cb;
2503
2504 ber_dupbv( &e->e_name, op->o_bd->be_suffix );
2505 ber_dupbv( &e->e_nname, op->o_bd->be_nsuffix );
2506
2507 cb.sc_response = slap_null_cb;
2508
2509 op2.o_bd->be_add( &op2, &rs2 );
2510
2511 if ( op2.ora_e == e )
2512 entry_free( e );
2513 }
2514 #endif /* BACKSQL_SYNCPROV */
2515
2516 done:;
2517 (void)backsql_free_entryID( &bsi.bsi_base_id, 0, op->o_tmpmemctx );
2518
2519 if ( bsi.bsi_attrs != NULL ) {
2520 op->o_tmpfree( bsi.bsi_attrs, op->o_tmpmemctx );
2521 }
2522
2523 if ( !BER_BVISNULL( &nbase )
2524 && nbase.bv_val != op->o_req_ndn.bv_val )
2525 {
2526 ch_free( nbase.bv_val );
2527 }
2528
2529 /* restore scope ... FIXME: this should be done before ANY
2530 * frontend call that uses op */
2531 if ( op->ors_scope == BACKSQL_SCOPE_BASE_LIKE ) {
2532 op->ors_scope = LDAP_SCOPE_BASE;
2533 }
2534
2535 Debug( LDAP_DEBUG_TRACE, "<==backsql_search()\n", 0, 0, 0 );
2536
2537 return rs->sr_err;
2538 }
2539
2540 /* return LDAP_SUCCESS IFF we can retrieve the specified entry.
2541 */
2542 int
2543 backsql_entry_get(
2544 Operation *op,
2545 struct berval *ndn,
2546 ObjectClass *oc,
2547 AttributeDescription *at,
2548 int rw,
2549 Entry **ent )
2550 {
2551 backsql_srch_info bsi = { 0 };
2552 SQLHDBC dbh = SQL_NULL_HDBC;
2553 int rc;
2554 SlapReply rs = { 0 };
2555 AttributeName anlist[ 2 ];
2556
2557 *ent = NULL;
2558
2559 rc = backsql_get_db_conn( op, &dbh );
2560 if ( rc != LDAP_SUCCESS ) {
2561 return rc;
2562 }
2563
2564 if ( at ) {
2565 anlist[ 0 ].an_name = at->ad_cname;
2566 anlist[ 0 ].an_desc = at;
2567 BER_BVZERO( &anlist[ 1 ].an_name );
2568 }
2569
2570 bsi.bsi_e = entry_alloc();
2571 rc = backsql_init_search( &bsi,
2572 ndn,
2573 LDAP_SCOPE_BASE,
2574 (time_t)(-1), NULL,
2575 dbh, op, &rs, at ? anlist : NULL,
2576 BACKSQL_ISF_GET_ENTRY );
2577
2578 if ( !BER_BVISNULL( &bsi.bsi_base_id.eid_ndn ) ) {
2579 (void)backsql_free_entryID( &bsi.bsi_base_id, 0, op->o_tmpmemctx );
2580 }
2581
2582 if ( rc == LDAP_SUCCESS ) {
2583
2584 #if 0 /* not supported at present */
2585 /* find attribute values */
2586 if ( is_entry_alias( bsi.bsi_e ) ) {
2587 Debug( LDAP_DEBUG_ACL,
2588 "<= backsql_entry_get: entry is an alias\n",
2589 0, 0, 0 );
2590 rc = LDAP_ALIAS_PROBLEM;
2591 goto return_results;
2592 }
2593 #endif
2594
2595 if ( is_entry_referral( bsi.bsi_e ) ) {
2596 Debug( LDAP_DEBUG_ACL,
2597 "<= backsql_entry_get: entry is a referral\n",
2598 0, 0, 0 );
2599 rc = LDAP_REFERRAL;
2600 goto return_results;
2601 }
2602
2603 if ( oc && !is_entry_objectclass( bsi.bsi_e, oc, 0 ) ) {
2604 Debug( LDAP_DEBUG_ACL,
2605 "<= backsql_entry_get: "
2606 "failed to find objectClass\n",
2607 0, 0, 0 );
2608 rc = LDAP_NO_SUCH_ATTRIBUTE;
2609 goto return_results;
2610 }
2611
2612 *ent = bsi.bsi_e;
2613 }
2614
2615 return_results:;
2616 if ( bsi.bsi_attrs != NULL ) {
2617 op->o_tmpfree( bsi.bsi_attrs, op->o_tmpmemctx );
2618 }
2619
2620 if ( rc != LDAP_SUCCESS ) {
2621 if ( bsi.bsi_e ) {
2622 entry_free( bsi.bsi_e );
2623 }
2624 }
2625
2626 return rc;
2627 }
2628
2629 void
2630 backsql_entry_clean(
2631 Operation *op,
2632 Entry *e )
2633 {
2634 void *ctx;
2635
2636 ctx = ldap_pvt_thread_pool_context();
2637
2638 if ( ctx == NULL || ctx != op->o_tmpmemctx ) {
2639 if ( !BER_BVISNULL( &e->e_name ) ) {
2640 op->o_tmpfree( e->e_name.bv_val, op->o_tmpmemctx );
2641 BER_BVZERO( &e->e_name );
2642 }
2643
2644 if ( !BER_BVISNULL( &e->e_nname ) ) {
2645 op->o_tmpfree( e->e_nname.bv_val, op->o_tmpmemctx );
2646 BER_BVZERO( &e->e_nname );
2647 }
2648 }
2649
2650 entry_clean( e );
2651 }
2652
2653 int
2654 backsql_entry_release(
2655 Operation *op,
2656 Entry *e,
2657 int rw )
2658 {
2659 backsql_entry_clean( op, e );
2660
2661 entry_free( e );
2662
2663 return 0;
2664 }
2665
2666
2667 /* This function is copied verbatim from back-bdb/search.c */
2668 static int
2669 parse_paged_cookie( Operation *op, SlapReply *rs )
2670 {
2671 int rc = LDAP_SUCCESS;
2672 PagedResultsState *ps = op->o_pagedresults_state;
2673
2674 /* this function must be invoked only if the pagedResults
2675 * control has been detected, parsed and partially checked
2676 * by the frontend */
2677 assert( get_pagedresults( op ) > SLAP_CONTROL_IGNORED );
2678
2679 /* cookie decoding/checks deferred to backend... */
2680 if ( ps->ps_cookieval.bv_len ) {
2681 PagedResultsCookie reqcookie;
2682 if( ps->ps_cookieval.bv_len != sizeof( reqcookie ) ) {
2683 /* bad cookie */
2684 rs->sr_text = "paged results cookie is invalid";
2685 rc = LDAP_PROTOCOL_ERROR;
2686 goto done;
2687 }
2688
2689 AC_MEMCPY( &reqcookie, ps->ps_cookieval.bv_val, sizeof( reqcookie ));
2690
2691 if ( reqcookie > ps->ps_cookie ) {
2692 /* bad cookie */
2693 rs->sr_text = "paged results cookie is invalid";
2694 rc = LDAP_PROTOCOL_ERROR;
2695 goto done;
2696
2697 } else if ( reqcookie < ps->ps_cookie ) {
2698 rs->sr_text = "paged results cookie is invalid or old";
2699 rc = LDAP_UNWILLING_TO_PERFORM;
2700 goto done;
2701 }
2702
2703 } else {
2704 /* Initial request. Initialize state. */
2705 ps->ps_cookie = 0;
2706 ps->ps_count = 0;
2707 }
2708
2709 done:;
2710
2711 return rc;
2712 }
2713
2714 /* This function is copied nearly verbatim from back-bdb/search.c */
2715 static void
2716 send_paged_response(
2717 Operation *op,
2718 SlapReply *rs,
2719 unsigned long *lastid )
2720 {
2721 LDAPControl ctrl, *ctrls[2];
2722 BerElementBuffer berbuf;
2723 BerElement *ber = (BerElement *)&berbuf;
2724 PagedResultsCookie respcookie;
2725 struct berval cookie;
2726
2727 Debug(LDAP_DEBUG_ARGS,
2728 "send_paged_response: lastid=0x%08lx nentries=%d\n",
2729 lastid ? *lastid : 0, rs->sr_nentries, NULL );
2730
2731 BER_BVZERO( &ctrl.ldctl_value );
2732 ctrls[0] = &ctrl;
2733 ctrls[1] = NULL;
2734
2735 ber_init2( ber, NULL, LBER_USE_DER );
2736
2737 if ( lastid ) {
2738 respcookie = ( PagedResultsCookie )(*lastid);
2739 cookie.bv_len = sizeof( respcookie );
2740 cookie.bv_val = (char *)&respcookie;
2741
2742 } else {
2743 respcookie = ( PagedResultsCookie )0;
2744 BER_BVSTR( &cookie, "" );
2745 }
2746
2747 op->o_conn->c_pagedresults_state.ps_cookie = respcookie;
2748 op->o_conn->c_pagedresults_state.ps_count =
2749 ((PagedResultsState *)op->o_pagedresults_state)->ps_count +
2750 rs->sr_nentries;
2751
2752 /* return size of 0 -- no estimate */
2753 ber_printf( ber, "{iO}", 0, &cookie );
2754
2755 if ( ber_flatten2( ber, &ctrls[0]->ldctl_value, 0 ) == -1 ) {
2756 goto done;
2757 }
2758
2759 ctrls[0]->ldctl_oid = LDAP_CONTROL_PAGEDRESULTS;
2760 ctrls[0]->ldctl_iscritical = 0;
2761
2762 rs->sr_ctrls = ctrls;
2763 rs->sr_err = LDAP_SUCCESS;
2764 send_ldap_result( op, rs );
2765 rs->sr_ctrls = NULL;
2766
2767 done:
2768 (void) ber_free_buf( ber );
2769 }
NetBSD on the FriendlyARM MINI2440