xref: /netbsd-src/external/bsd/openldap/dist/servers/slapd/back-sql/compare.c (revision 82d56013d7b633d116a93943de88e08335357a7c) 
1 /*	$NetBSD: compare.c,v 1.2 2020/08/11 13:15:42 christos Exp $	*/
2 
3 /* $OpenLDAP$ */
4 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
5  *
6  * Copyright 1999-2020 The OpenLDAP Foundation.
7  * Portions Copyright 1999 Dmitry Kovalev.
8  * Portions Copyright 2002 Pierangelo Masarati.
9  * All rights reserved.
10  *
11  * Redistribution and use in source and binary forms, with or without
12  * modification, are permitted only as authorized by the OpenLDAP
13  * Public License.
14  *
15  * A copy of this license is available in the file LICENSE in the
16  * top-level directory of the distribution or, alternatively, at
17  * <http://www.OpenLDAP.org/license.html>.
18  */
19 /* ACKNOWLEDGEMENTS:
20  * This work was initially developed by Dmitry Kovalev for inclusion
21  * by OpenLDAP Software.  Additional significant contributors include
22  * Pierangelo Masarati.
23  */
24 
25 #include <sys/cdefs.h>
26 __RCSID("$NetBSD: compare.c,v 1.2 2020/08/11 13:15:42 christos Exp $");
27 
28 #include "portable.h"
29 
30 #include <stdio.h>
31 #include <sys/types.h>
32 
33 #include "slap.h"
34 #include "proto-sql.h"
35 
36 int
37 backsql_compare( Operation *op, SlapReply *rs )
38 {
39 	SQLHDBC			dbh = SQL_NULL_HDBC;
40 	Entry			e = { 0 };
41 	Attribute		*a = NULL;
42 	backsql_srch_info	bsi = { 0 };
43 	int			rc;
44 	int			manageDSAit = get_manageDSAit( op );
45 	AttributeName		anlist[2];
46 
47  	Debug( LDAP_DEBUG_TRACE, "==>backsql_compare()\n", 0, 0, 0 );
48 
49 	rs->sr_err = backsql_get_db_conn( op, &dbh );
50 	if ( rs->sr_err != LDAP_SUCCESS ) {
51      		Debug( LDAP_DEBUG_TRACE, "backsql_compare(): "
52 			"could not get connection handle - exiting\n",
53 			0, 0, 0 );
54 
55 		rs->sr_text = ( rs->sr_err == LDAP_OTHER )
56 			? "SQL-backend error" : NULL;
57 		goto return_results;
58 	}
59 
60 	anlist[ 0 ].an_name = op->oq_compare.rs_ava->aa_desc->ad_cname;
61 	anlist[ 0 ].an_desc = op->oq_compare.rs_ava->aa_desc;
62 	BER_BVZERO( &anlist[ 1 ].an_name );
63 
64 	/*
65 	 * Get the entry
66 	 */
67 	bsi.bsi_e = &e;
68 	rc = backsql_init_search( &bsi, &op->o_req_ndn, LDAP_SCOPE_BASE,
69 			(time_t)(-1), NULL, dbh, op, rs, anlist,
70 			( BACKSQL_ISF_MATCHED | BACKSQL_ISF_GET_ENTRY ) );
71 	switch ( rc ) {
72 	case LDAP_SUCCESS:
73 		break;
74 
75 	case LDAP_REFERRAL:
76 		if ( manageDSAit && !BER_BVISNULL( &bsi.bsi_e->e_nname ) &&
77 				dn_match( &op->o_req_ndn, &bsi.bsi_e->e_nname ) )
78 		{
79 			rs->sr_err = LDAP_SUCCESS;
80 			rs->sr_text = NULL;
81 			rs->sr_matched = NULL;
82 			if ( rs->sr_ref ) {
83 				ber_bvarray_free( rs->sr_ref );
84 				rs->sr_ref = NULL;
85 			}
86 			break;
87 		}
88 		/* fallthru */
89 
90 	default:
91 		Debug( LDAP_DEBUG_TRACE, "backsql_compare(): "
92 			"could not retrieve compareDN ID - no such entry\n",
93 			0, 0, 0 );
94 		goto return_results;
95 	}
96 
97 	if ( get_assert( op ) &&
98 			( test_filter( op, &e, get_assertion( op ) )
99 			  != LDAP_COMPARE_TRUE ) )
100 	{
101 		rs->sr_err = LDAP_ASSERTION_FAILED;
102 		goto return_results;
103 	}
104 
105 	if ( is_at_operational( op->oq_compare.rs_ava->aa_desc->ad_type ) ) {
106 		SlapReply	nrs = { REP_SEARCH };
107 		Attribute	**ap;
108 
109 		for ( ap = &e.e_attrs; *ap; ap = &(*ap)->a_next )
110 			;
111 
112 		nrs.sr_attrs = anlist;
113 		nrs.sr_entry = &e;
114 		nrs.sr_attr_flags = SLAP_OPATTRS_NO;
115 		nrs.sr_operational_attrs = NULL;
116 
117 		rs->sr_err = backsql_operational( op, &nrs );
118 		if ( rs->sr_err != LDAP_SUCCESS ) {
119 			goto return_results;
120 		}
121 
122 		*ap = nrs.sr_operational_attrs;
123 	}
124 
125 	if ( ! access_allowed( op, &e, op->oq_compare.rs_ava->aa_desc,
126 				&op->oq_compare.rs_ava->aa_value,
127 				ACL_COMPARE, NULL ) )
128 	{
129 		rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
130 		goto return_results;
131 	}
132 
133 	rs->sr_err = LDAP_NO_SUCH_ATTRIBUTE;
134 	for ( a = attrs_find( e.e_attrs, op->oq_compare.rs_ava->aa_desc );
135 			a != NULL;
136 			a = attrs_find( a->a_next, op->oq_compare.rs_ava->aa_desc ) )
137 	{
138 		rs->sr_err = LDAP_COMPARE_FALSE;
139 		if ( attr_valfind( a,
140 					SLAP_MR_ATTRIBUTE_VALUE_NORMALIZED_MATCH |
141 					SLAP_MR_ASSERTED_VALUE_NORMALIZED_MATCH,
142 					&op->oq_compare.rs_ava->aa_value, NULL,
143 					op->o_tmpmemctx ) == 0 )
144 		{
145 			rs->sr_err = LDAP_COMPARE_TRUE;
146 			break;
147 		}
148 	}
149 
150 return_results:;
151 	switch ( rs->sr_err ) {
152 	case LDAP_COMPARE_TRUE:
153 	case LDAP_COMPARE_FALSE:
154 		break;
155 
156 	default:
157 		if ( !BER_BVISNULL( &e.e_nname ) &&
158 				! access_allowed( op, &e,
159 					slap_schema.si_ad_entry, NULL,
160 					ACL_DISCLOSE, NULL ) )
161 		{
162 			rs->sr_err = LDAP_NO_SUCH_OBJECT;
163 			rs->sr_text = NULL;
164 		}
165 		break;
166 	}
167 
168 	send_ldap_result( op, rs );
169 
170 	if ( rs->sr_matched ) {
171 		rs->sr_matched = NULL;
172 	}
173 
174 	if ( rs->sr_ref ) {
175 		ber_bvarray_free( rs->sr_ref );
176 		rs->sr_ref = NULL;
177 	}
178 
179 	if ( !BER_BVISNULL( &bsi.bsi_base_id.eid_ndn ) ) {
180 		(void)backsql_free_entryID( &bsi.bsi_base_id, 0, op->o_tmpmemctx );
181 	}
182 
183 	if ( !BER_BVISNULL( &e.e_nname ) ) {
184 		backsql_entry_clean( op, &e );
185 	}
186 
187 	if ( bsi.bsi_attrs != NULL ) {
188 		op->o_tmpfree( bsi.bsi_attrs, op->o_tmpmemctx );
189 	}
190 
191 	Debug(LDAP_DEBUG_TRACE,"<==backsql_compare()\n",0,0,0);
192 	switch ( rs->sr_err ) {
193 	case LDAP_COMPARE_TRUE:
194 	case LDAP_COMPARE_FALSE:
195 		return LDAP_SUCCESS;
196 
197 	default:
198 		return rs->sr_err;
199 	}
200 }
201 
202