[Date Prev][Date Next]
Re: back-sql sqlquery
From what I'm experiencing, when I include objectClass in my search
filter, generated SQL query seems to be evil. Even if I search for
a structural objectclass (for instance inetOrgPerson), it (inner) joins
LDAP_ENTRIES with LDAP_ENTRY_OBJCLASSES, what brings me no rows.
I've tried redefine LDAP_ENTRY_OBJCLASSES as a view that lists
both auxiliary and structural classes. Ok... that gave me searched
entries, but due that evil " OR " it also cross-joined every
ldap_entries.id with every keyval. So if I had 3 correct entries,
ldapsearch gave me 3 * 3 = 9 entries !
I've tried replace "OR" by a some kind of UNION in source code,
but I gave up ...
After I discovered, that if I have LDAP_ENTRY_OBJCLASSES just as
stated in man page, join works well, since that table has at least
one single row - even if that row does not satisfy join condition.
I'm still testing, but for while "OR" seems to be breaking
other queries. For instance, with a filter like
just cn="xxx" would pick few rows from database, but all rows
Thomas Hoth escreveu:
On Wed, Oct 19, 2005 at 10:14:55AM +0200, Pierangelo Masarati wrote:
Why do back-sql querys like
(2=2 OR (ldap_entries.id=ldap_entry_objclasses.entry_id AND
ldap_entry_objclasses.oc_name='" /* '))
For what is the 2=2 ? This makes my query very slow.
The "2=2" is a placeholder for "TRUE". Different numbers indicate
different places in the code where the replacement took place. I'd be
much more worried about the "ldap_entry_objclasses.oc_name='" /* '" which
clearly indicates an error in the code, or some abnormal behavior at
least. Unfortunately you don't provide enough info to track where it
might have happened.
I think the "ldap_entry_objclasses.oc_name='" /* '" ist not a bug. It
will fill out at the runtime the full query is:
SELECT DISTINCT ldap_entries.id,groups.id,text('posixGroup') AS
objectClass,ldap_entries.dn AS dn FROM ldap_entries,groups,ldap_entry_objclasses,posix_account,groups_users
WHERE groups.id=ldap_entries.keyval AND ldap_entries.oc_map_id=4 AND 9=9 AND groups_users.memberuid=posix_account.uidnumber AND
groups_users.gidnumber=groups.gidnumber AND ((2=2 OR (ldap_entries.id=ldap_entry_objclasses.entry_id AND
ldap_entry_objclasses.oc_name='posixGroup')) AN ((posix_account.uid='lml34') OR 7=7));
It's from line 738 in servers/slapd/back-sql/search.c
Iam not an SQL-geek but what ist the sense to ask "true OR query" ?
UFSM - CPD - Divisao de Suporte