xref: /netbsd-src/external/bsd/openldap/dist/servers/slapd/back-sql/compare.c (revision 3816d47b2c42fcd6e549e3407f842a5b1a1d23ad) 
1 /* $OpenLDAP: pkg/ldap/servers/slapd/back-sql/compare.c,v 1.24.2.5 2008/02/11 23:26:48 kurt Exp $ */
2 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
3  *
4  * Copyright 1999-2008 The OpenLDAP Foundation.
5  * Portions Copyright 1999 Dmitry Kovalev.
6  * Portions Copyright 2002 Pierangelo Masarati.
7  * All rights reserved.
8  *
9  * Redistribution and use in source and binary forms, with or without
10  * modification, are permitted only as authorized by the OpenLDAP
11  * Public License.
12  *
13  * A copy of this license is available in the file LICENSE in the
14  * top-level directory of the distribution or, alternatively, at
15  * <http://www.OpenLDAP.org/license.html>.
16  */
17 /* ACKNOWLEDGEMENTS:
18  * This work was initially developed by Dmitry Kovalev for inclusion
19  * by OpenLDAP Software.  Additional significant contributors include
20  * Pierangelo Masarati.
21  */
22 
23 #include "portable.h"
24 
25 #include <stdio.h>
26 #include <sys/types.h>
27 
28 #include "slap.h"
29 #include "proto-sql.h"
30 
31 int
32 backsql_compare( Operation *op, SlapReply *rs )
33 {
34 	SQLHDBC			dbh = SQL_NULL_HDBC;
35 	Entry			e = { 0 };
36 	Attribute		*a = NULL;
37 	backsql_srch_info	bsi = { 0 };
38 	int			rc;
39 	int			manageDSAit = get_manageDSAit( op );
40 	AttributeName		anlist[2];
41 
42  	Debug( LDAP_DEBUG_TRACE, "==>backsql_compare()\n", 0, 0, 0 );
43 
44 	rs->sr_err = backsql_get_db_conn( op, &dbh );
45 	if ( rs->sr_err != LDAP_SUCCESS ) {
46      		Debug( LDAP_DEBUG_TRACE, "backsql_compare(): "
47 			"could not get connection handle - exiting\n",
48 			0, 0, 0 );
49 
50 		rs->sr_text = ( rs->sr_err == LDAP_OTHER )
51 			? "SQL-backend error" : NULL;
52 		goto return_results;
53 	}
54 
55 	anlist[ 0 ].an_name = op->oq_compare.rs_ava->aa_desc->ad_cname;
56 	anlist[ 0 ].an_desc = op->oq_compare.rs_ava->aa_desc;
57 	BER_BVZERO( &anlist[ 1 ].an_name );
58 
59 	/*
60 	 * Get the entry
61 	 */
62 	bsi.bsi_e = &e;
63 	rc = backsql_init_search( &bsi, &op->o_req_ndn, LDAP_SCOPE_BASE,
64 			(time_t)(-1), NULL, dbh, op, rs, anlist,
65 			( BACKSQL_ISF_MATCHED | BACKSQL_ISF_GET_ENTRY ) );
66 	switch ( rc ) {
67 	case LDAP_SUCCESS:
68 		break;
69 
70 	case LDAP_REFERRAL:
71 		if ( manageDSAit && !BER_BVISNULL( &bsi.bsi_e->e_nname ) &&
72 				dn_match( &op->o_req_ndn, &bsi.bsi_e->e_nname ) )
73 		{
74 			rs->sr_err = LDAP_SUCCESS;
75 			rs->sr_text = NULL;
76 			rs->sr_matched = NULL;
77 			if ( rs->sr_ref ) {
78 				ber_bvarray_free( rs->sr_ref );
79 				rs->sr_ref = NULL;
80 			}
81 			break;
82 		}
83 		/* fallthru */
84 
85 	default:
86 		Debug( LDAP_DEBUG_TRACE, "backsql_compare(): "
87 			"could not retrieve compareDN ID - no such entry\n",
88 			0, 0, 0 );
89 		goto return_results;
90 	}
91 
92 	if ( get_assert( op ) &&
93 			( test_filter( op, &e, get_assertion( op ) )
94 			  != LDAP_COMPARE_TRUE ) )
95 	{
96 		rs->sr_err = LDAP_ASSERTION_FAILED;
97 		goto return_results;
98 	}
99 
100 	if ( is_at_operational( op->oq_compare.rs_ava->aa_desc->ad_type ) ) {
101 		SlapReply	nrs = { 0 };
102 		Attribute	**ap;
103 
104 		for ( ap = &e.e_attrs; *ap; ap = &(*ap)->a_next )
105 			;
106 
107 		nrs.sr_attrs = anlist;
108 		nrs.sr_entry = &e;
109 		nrs.sr_attr_flags = SLAP_OPATTRS_NO;
110 		nrs.sr_operational_attrs = NULL;
111 
112 		rs->sr_err = backsql_operational( op, &nrs );
113 		if ( rs->sr_err != LDAP_SUCCESS ) {
114 			goto return_results;
115 		}
116 
117 		*ap = nrs.sr_operational_attrs;
118 	}
119 
120 	if ( ! access_allowed( op, &e, op->oq_compare.rs_ava->aa_desc,
121 				&op->oq_compare.rs_ava->aa_value,
122 				ACL_COMPARE, NULL ) )
123 	{
124 		rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
125 		goto return_results;
126 	}
127 
128 	rs->sr_err = LDAP_NO_SUCH_ATTRIBUTE;
129 	for ( a = attrs_find( e.e_attrs, op->oq_compare.rs_ava->aa_desc );
130 			a != NULL;
131 			a = attrs_find( a->a_next, op->oq_compare.rs_ava->aa_desc ) )
132 	{
133 		rs->sr_err = LDAP_COMPARE_FALSE;
134 		if ( attr_valfind( a,
135 					SLAP_MR_ATTRIBUTE_VALUE_NORMALIZED_MATCH |
136 					SLAP_MR_ASSERTED_VALUE_NORMALIZED_MATCH,
137 					&op->oq_compare.rs_ava->aa_value, NULL,
138 					op->o_tmpmemctx ) == 0 )
139 		{
140 			rs->sr_err = LDAP_COMPARE_TRUE;
141 			break;
142 		}
143 	}
144 
145 return_results:;
146 	switch ( rs->sr_err ) {
147 	case LDAP_COMPARE_TRUE:
148 	case LDAP_COMPARE_FALSE:
149 		break;
150 
151 	default:
152 		if ( !BER_BVISNULL( &e.e_nname ) &&
153 				! access_allowed( op, &e,
154 					slap_schema.si_ad_entry, NULL,
155 					ACL_DISCLOSE, NULL ) )
156 		{
157 			rs->sr_err = LDAP_NO_SUCH_OBJECT;
158 			rs->sr_text = NULL;
159 		}
160 		break;
161 	}
162 
163 	send_ldap_result( op, rs );
164 
165 	if ( rs->sr_matched ) {
166 		rs->sr_matched = NULL;
167 	}
168 
169 	if ( rs->sr_ref ) {
170 		ber_bvarray_free( rs->sr_ref );
171 		rs->sr_ref = NULL;
172 	}
173 
174 	if ( !BER_BVISNULL( &bsi.bsi_base_id.eid_ndn ) ) {
175 		(void)backsql_free_entryID( &bsi.bsi_base_id, 0, op->o_tmpmemctx );
176 	}
177 
178 	if ( !BER_BVISNULL( &e.e_nname ) ) {
179 		backsql_entry_clean( op, &e );
180 	}
181 
182 	if ( bsi.bsi_attrs != NULL ) {
183 		op->o_tmpfree( bsi.bsi_attrs, op->o_tmpmemctx );
184 	}
185 
186 	Debug(LDAP_DEBUG_TRACE,"<==backsql_compare()\n",0,0,0);
187 	switch ( rs->sr_err ) {
188 	case LDAP_COMPARE_TRUE:
189 	case LDAP_COMPARE_FALSE:
190 		return LDAP_SUCCESS;
191 
192 	default:
193 		return rs->sr_err;
194 	}
195 }
196 
197