On Windows systems, the library(unix) library can only
be used if the whole SWI-Prolog suite is compiled using
Cygwin. The other
libraries have been ported to native Windows.
Many useful facilities offered by one or more of the operating systems supported by SWI-Prolog are not supported by the SWI-Prolog kernel distribution. Including these would enlarge the footprint and complicate portability matters while supporting only a limited part of the user-community.
This document describes library(unix) to deal with the
Unix process API,
library(socket) to deal with inet-domain TCP and UDP
sockets, library(cgi) to deal with getting CGI form-data if
SWI-Prolog is used as a CGI scripting language, library(crypt)
to provide password encryption and verification, library(sha)
providing cryptographic hash functions and
library(memfile) providing in-memorty pseudo files.
The module library(process) implements interaction with
child processes and unifies older interfaces such as shell/[1,2], open(pipe(command), ...)
etc. This library is modelled after SICStus 4.
The main interface is formed by process_create/3. If the process id is requested the process must be waited for using process_wait/2. Otherwise the process resources are reclaimed automatically.
In addition to the predicates, this module defines a file search path
(see user:file_search_path/2 and absolute_file_name/3)
named path that locates files on the system's search path
for executables. E.g. the following finds the executable for ls:
?- absolute_file_name(path(ls), Path, [access(execute)]).
Incompatibilities and current limitations
detached(true) option is
supposed to do. Disable signals in the child? Use setsid()
to detach from the session? The current implementation uses setsid()
on Unix systems.
env([Name=Value, ...]) is added to
process_create/3. As of
version 4.1 SICStus added
environment(List) which modifies the environment. A
compatible option was added to SWI-Prolog 7.7.23.
path file alias to specify an executable file on the
current PATH. Args is a list of arguments that are handed to
the new process. On Unix systems, each element in the list becomes a
separate argument in the new process. In Windows, the arguments are
simply concatenated to form the commandline. Each argument itself is
either a primitive or a list of primitives. A primitive is either atomic
or a term file(Spec). Using file(Spec), the
system inserts a filename using the OS filename conventions which is
properly quoted if needed.
Options:
pipe(Pipe) is used, the Prolog stream
is a stream in text-mode using the encoding of the default locale. The
encoding can be changed using set_stream/2,
or by using the two-argument form of pipe, which accepts an
encoding(Encoding) option. The options stdout
and stderr may use the same stream, in which case both
output streams are connected to the same Prolog stream.
user_input,
etc. are bound to a file handle but not to 0,1,2 the process I/O is
bound to the file handles of these streams.
type(+Type) and encoding(+Encoding) are
supported, which have the same meaning as the stream properties of the
same name (see stream_property/2).
StreamOptions is provided mainly for SICStus compatibility -
the SWI-Prolog predicate set_stream/2 can
be used for the same purpose.
file_no). This option is not provided by
the SICStus implementation.
environment(List), but only the specified
variables are passed, i.e., no variables are inherited.
Name=Value terms, where Value
is expanded the same way as the Args argument. If neither env
nor
environment is passed the environment is inherited from the
Prolog process. At most one env(List) or environment(List)
term may appear in the options. If multiple appear a
permission_error is raised for the second option.
true, detach the process from the terminal
Currently mapped to setsid(); Also creates a new process
group for the child In Windows: If true, detach the process
from the current job via the CREATE_BREAKAWAY_FROM_JOB flag. In Vista
and beyond, processes launched from the shell directly have the’compatibility
assistant' attached to them automatically unless they have a UAC
manifest embedded in them. This means that you will get a permission
denied error if you try and assign the newly-created PID to a job you
create yourself.
true, create a window for the process (Windows only)
If the user specifies the process(-PID) option, he must
call
process_wait/2 to reclaim the
process. Without this option, the system will wait for completion of the
process after the last pipe stream is closed.
If the process is not waited for, it must succeed with status 0. If not, an process_error is raised.
Windows notes
On Windows this call is an interface to the CreateProcess() API. The
commandline consists of the basename of Exe and the arguments
formed from Args. Arguments are separated by a single space.
If all characters satisfy iswalnum() it is unquoted. If the
argument contains a double-quote it is quoted using single quotes. If
both single and double quotes appear a domain_error is raised, otherwise
double-quote are used.
The CreateProcess() API has many options. Currently only the
CREATE_NO_WINDOW options is supported through the
window(+Bool) option. If omitted, the default is to use
this option if the application has no console. Future versions are
likely to support more window specific options and replace
win_exec/2.
Examples
First, a very simple example that behaves the same as
shell('ls -l'), except for error handling:
?- process_create(path(ls), ['-l'], []).
The following example uses grep to find all matching lines in a file.
grep(File, Pattern, Lines) :-
setup_call_cleanup(
process_create(path(grep), [ Pattern, file(File) ],
[ stdout(pipe(Out))
]),
read_lines(Out, Lines),
close(Out)).
read_lines(Out, Lines) :-
read_line_to_codes(Out, Line1),
read_lines(Line1, Out, Lines).
read_lines(end_of_file, _, []) :- !.
read_lines(Codes, Out, [Line|Lines]) :-
atom_codes(Line, Codes),
read_line_to_codes(Out, Line2),
read_lines(Line2, Out, Lines).
process_wait(PID, _).infinite. If this option is a number, the waits
for a maximum of Timeout seconds and unifies Status
with timeout if the process does not terminate within
Timeout. In this case PID is not
invalidated. On Unix systems only timeout 0 and infinite
are supported. A 0-value can be used to poll the status of the process.
release(false) is provided.
| Status | is one of exit(Code) or killed(Signal),
where Code and Signal are integers. If the timeout option
is used Status is unified with timeout after the
wait timed out. |
term. Signal
is an integer, Unix signal name (e.g. SIGSTOP) or the more
Prolog friendly variation one gets after removing SIG and
downcase the result: stop. On Windows systems, Signal
is ignored and the process is terminated using the TerminateProcess()
API. On Windows systems PID must be obtained from process_create/3,
while any PID is allowed on Unix systems.
term. See process_wait/1 for
a description of signal handling. In Windows, the same restriction on PID
applies: it must have been created from process_create/3,
and the the group is terminated via the TerminateJobObject API.spawn (default), fork or vfork.
If the method is spawn but this cannot be used because it
is either not supported by the OS or the cwd(Dir) option is
given fork is used.
The problem is to be understood as follows. The official portable and
safe method to create a process is using the fork() system
call. This call however copies the process page tables and get seriously
slow as the (Prolog) process is multiple giga bytes large.
Alternatively, we may use vfork() which avoids copying the
process space. But, the safe usage as guaranteed by the POSIX standard
of
vfork() is insufficient for our purposes. On practical
systems your mileage may vary. Modern posix systems also provide posix_spawn(),
which provides a safe and portable alternative for the fork()
and
exec() sequence that may be implemented using fork()
or may use a fast but safe alternative. Unfortunately posix_spawn()
doesn't support the option to specify the working directory for the
child and we cannot use working_directory/2
as the working directory is shared between threads.
Summarizing, the default is safe and tries to be as fast as possible.
On some scenarios and on some OSes it is possible to do better. It is
generally a good idea to avoid using the cwd(Dir) option of process_create/3
as without we can use posix_spawn().
This module provides additional operations on files. This covers both more obscure and possible non-portable low-level operations and high-level utilities.
Using these Prolog primitives is typically to be preferred over using operating system primitives through shell/1 or process_create/3 because (1) there are no potential file name quoting issues, (2) there is no dependency on operating system commands and (3) using the implementations from this library is usually faster.
now to indicate the current time. Defined options are:
link())
or removing (unlink()) names.
Below are some example queries. The first retrieves the access-time, while the second sets the last-modified time to the current time.
?- set_time_file(foo, [access(Access)], []). ?- set_time_file(foo, [], [modified(now)]).
hard or symbolic.
With some limitations, these functions also work on Windows. First of all, the underlying filesystem must support links. This requires NTFS. Second, symbolic links are only supported in Vista and later.
?- relative_file_name('/home/janw/nice',
'/home/janw/deep/dir/file', Path).
Path = '../../nice'.
?- relative_file_name(Path, '/home/janw/deep/dir/file', '../../nice').
Path = '/home/janw/nice'.
Add a terminating / to get a path relative to a directory,
e.g.
?- relative_file_name('/home/janw/deep/dir/file', './', Path).
Path = 'deep/dir/file'.
| All | paths must be in canonical POSIX notation, i.e., using / to separate segments in the path. See prolog_to_os_filename/2. |
atom_concat(Directory, File, Path),
but it ensures there is exactly one / between the two parts. Notes:
true (default false), recurse into
subdirectories
true (default), follow symbolic links.
fail, warning or error.
Default is warning. Errors notably happen if a
directory is unreadable or a link points nowhere.
true (default), also return hidden files.
This predicate is safe against cycles introduced by symbolic links to directories.
The idea for a non-deterministic file search predicate comes from Nicos Angelopoulos.
+Mode, -Mode
or a plain Mode, which adds new permissions, revokes
permissions or sets the exact permissions. Mode itself is an
integer, a POSIX mode name or a list of POSIX mode names. Defines names
are suid,
sgid, svtx and all names defined by the
regular expression
[ugo]*[rwx]*. Specifying none of "ugo" is the same as
specifying all of them. For example, to make a file executable for the
owner (user) and group, we can use:
?- chmod(myfile, +ugx).
This module provides and interface to user and group information on Posix systems. In addition, it allows for changing user and group ids. When changing user and group settings for the calling process, bear in mind that:
setgroups() and initgroups()
are not part of the POSIX standard and therefore the derived predicates
may not be present.
x if this is not accessible)
x if this is not accessible)
This library provides an interface to the Unix syslog()
facility. The interface is an almost direct translation of the POSIX
syslog API, with two additions:
library(debug) using
prolog:debug_print_hook/3,
where debug topics are mapped to syslog priorities and
remaining debug topics are mapped to the syslog priority debug.
Note that this interface makes no attempt to abstract over logging
facilities of operating systems. We expect that such abstractions will
be implemented at the Prolog level using multiple integrations into
library(debug).
openlog()
library call. If the library call is successful, it runs at_halt(closelog)
to ensure closing the system log on clean exit.
| Ident | prepended to every message, and is typically set to the program name. |
| Options | is a list of options. Values are
corresponding C options, after removing =LOG_= and translation to lower
case: cons, ndelay, nowait, odelay,
perror, pid. |
| Facility | is one of auth, authpriv, cron, daemon,
ftp, kern, local0 ... local7, lpr, mail,
news, syslog, user or uucp. |
| Priority | is one of emerg, alert, crit, err,
warning, notice, info or debug. |
debug priority.
The library(socket) provides TCP and UDP inet-domain
sockets from SWI-Prolog, both client and server-side communication. The
interface of this library is very close to the Unix socket interface,
also supported by the MS-Windows winsock API. SWI-Prolog
applications that wish to communicate with multiple sources have two
options:
Using this library to establish a TCP connection to a server is as simple as opening a file. See also http_open/3.
dump_swi_homepage :-
setup_call_cleanup(
tcp_connect('www.swi-prolog.org':http, Stream, []),
( format(Stream,
'GET / HTTP/1.1~n\c
Host: www.swi-prolog.org~n\c
Connection: close~n~n', []),
flush_output(Stream),
copy_stream_data(Stream, current_output)
),
close(Stream)).
To deal with timeouts and multiple connections, threads, wait_for_input/3 and/or non-blocking streams (see tcp_fcntl/3) can be used.
The typical sequence for generating a server application is given below. To close the server, use close/1 on AcceptFd.
create_server(Port) :-
tcp_socket(Socket),
tcp_bind(Socket, Port),
tcp_listen(Socket, 5),
tcp_open_socket(Socket, AcceptFd, _),
<dispatch>
There are various options for <dispatch>. The most commonly used option is to start a Prolog thread to handle the connection. Alternatively, input from multiple clients can be handled in a single thread by listening to these clients using wait_for_input/3. Finally, on Unix systems, we can use fork/1 to handle the connection in a new process. Note that fork/1 and threads do not cooperate well. Combinations can be realised but require good understanding of POSIX thread and fork-semantics.
Below is the typical example using a thread. Note the use of setup_call_cleanup/3 to guarantee that all resources are reclaimed, also in case of failure or exceptions.
dispatch(AcceptFd) :-
tcp_accept(AcceptFd, Socket, Peer),
thread_create(process_client(Socket, Peer), _,
[ detached(true)
]),
dispatch(AcceptFd).
process_client(Socket, Peer) :-
setup_call_cleanup(
tcp_open_socket(Socket, StreamPair),
handle_service(StreamPair),
close(StreamPair)).
handle_service(StreamPair) :-
...
Errors that are trapped by the low-level library are mapped to an
exception of the shape below. In this term, Code is a lower
case atom that corresponds to the C macro name, e.g., epipe
for a broken pipe.
Message is the human readable string for the error code
returned by the OS or the same as Code if the OS does not
provide this functionality. Note that Code is derived from a
static set of macros that may or may not be defines for the target OS.
If the macro name is not known, Code is ERROR_nnn,
where nnn is an integer.
error(socket_error(Code, Message), _)
Note that on Windows Code is a wsa* code
which makes it hard to write portable code that handles specific socket
errors. Even on POSIX systems the exact set of errors produced by the
network stack is not defined.
The library supports both IP4 and IP6 addresses. On Unix systems it
also supports Unix domain sockets (AF_UNIX). The
address of a Unix domain sockets is a file name. Unix domain sockets are
created using
socket_create/2 or unix_domain_socket/1.
IP4 or IP6 sockets can be created using socket_create/2
or tcp_connect/3 with the inet
(default, IP3) or inet6 domain option. Some of the
predicates produce or consume IP addresses as a Prolog term. The format
of this term is one of:
The predicate ip_name/2 translates between the canonical textual representation and the above defined address terms.
inet (default), inet6, unix
or local (same as unix)
stream (default) to create a TCP connection or
dgram to create a UDP socket.
This predicate subsumes tcp_socket/1m, udp_socket/1 and unix_domain_socket/1.
socket_create(SocketId, []) or, explicit,
socket_create(SocketId, [domain(inet), type(stream)]).socket_create(SocketId, [domain(unix)]) or,
explicit, socket_create(SocketId, [domain(unix), type(stream)])
Unix domain socket affect tcp_connect/2
(for clients) and
tcp_bind/2 and tcp_accept/3
(for servers). The address is an atom or string that is handled as a
file name. On most systems the length of this file name is limited to
128 bytes (including null terminator), but according to the Linux
documentation (unix(7)), portable applications must keep
the address below 92 bytes. Note that these lengths are in bytes.
Non-ascii characters may be represented as multiple bytes. If the length
limit is exceeded a
representation_error(af_unix_name) exception is raised.
tcp_bind(Socket, localhost:8080)
If Port is unbound, the system picks an arbitrary free port and unifies Port with the selected port number. Port is either an integer or the name of a registered service. See also tcp_connect/4.
af_unix if Socket
is an AF_UNIX socket (see
unix_domain_socket/1).
tcp_socket(Socket),
tcp_connect(Socket, Host:Port),
tcp_open_socket(Socket, StreamPair)
Typical client applications should use the high level interface provided by tcp_connect/3 which avoids resource leaking if a step in the process fails, and can be hooked to support proxies. For example:
setup_call_cleanup(
tcp_connect(Host:Port, StreamPair, []),
talk(StreamPair),
close(StreamPair))
If SocketId is an AF_UNIX socket (see unix_domain_socket/1), Address is an atom or string denoting a file name.
:- multifile socket:tcp_connect_hook/4.
socket:tcp_connect_hook(Socket, Address, Read, Write) :-
proxy(ProxyAdress),
tcp_connect(Socket, ProxyAdress),
tcp_open_socket(Socket, Read, Write),
proxy_connect(Address, Read, Write).
false. If true, do not attempt to
use any proxies to obtain the connection
false. If true, set nodelay on the
resulting socket using tcp_setopt(Socket, nodelay)
inet6. When omitted we use host_address/2
with type(stream) and try the returned addresses in order.
The +,+,- mode is deprecated and does not support proxies. It behaves like tcp_connect/4, but creates a stream pair (see stream_pair/3).
| Address | is either a Host:Port term or a file name (atom or string). The latter connects to an AF_UNIX socket and requires unix_domain_socket/1. |
select()
call underlying wait_for_input/3. As input
multiplexing typically happens in a background thread anyway we accept
the loss of timeouts and interrupts.
library(http/http_open))
collect the results of failed proxies and raise an exception no proxy is
capable of realizing the connection.
The default implementation recognises the values for Proxy
described below. The library(http/http_proxy) adds
proxy(Host,Port) which allows for HTTP proxies using the
CONNECT method.
These correspond to the proxy methods defined by PAC Proxy auto-config. Additional methods can be returned if suitable clauses for http:http_connection_over_proxy/6 or try_proxy/4 are defined.
socket_create(SocketId, [type(dgram)]) or,
explicit,
socket_create(SocketId, [domain(inet), type(dgram)]).atom, codes,
string (default) or term (parse as Prolog
term).
octet. iso_latin_1, text or utf8.
For example:
receive(Port) :-
udp_socket(Socket),
tcp_bind(Socket, Port),
repeat,
udp_receive(Socket, Data, From, [as(atom)]),
format('Got ~q from ~q~n', [Data, From]),
fail.
as(Type)
option of
udp_receive/4. The are
interpreted differently though. No Type corresponds to
CVT_ALL of PL_get_chars(). Using atom corresponds to CVT_ATOM and any of
string or codes is mapped to CVT_STRING|CVT_LIST, allowing
for a SWI-Prolog string object, list of character codes or list of
characters. Finally, term maps to CVT_WRITE_CANONICAL. This
implies that arbitrary Prolog terms can be sent reliably using the
option list‘[as(term),encoding(utf8)])`,
using the same option list for udp_receive/4.
For example
send(Host, Port, Message) :-
udp_socket(S),
udp_send(S, Message, Host:Port, []),
tcp_close_socket(S).
A broadcast is achieved by using tcp_setopt(Socket, broadcast)
prior to sending the datagram and using the local network broadcast
address as a ip/4 term.
setsockopt()
and the socket interface (e.g.,
socket(7) on Linux) for details.
tcp_socket(Socket), tcp_setopt(Socket, bindtodevice(lo))
true, disable the Nagle optimization on this socket,
which is enabled by default on almost all modern TCP/IP stacks. The
Nagle optimization joins small packages, which is generally desirable,
but sometimes not. Please note that the underlying TCP_NODELAY setting
to setsockopt() is not available on all platforms and
systems may require additional privileges to change this option. If the
option is not supported, tcp_setopt/2
raises a domain_error exception. See
Wikipedia
for details.
setsockopt() with the
corresponding arguments.
swipl-win.exe
executable) this flags defines whether or not any events are dispatched
on behalf of the user interface. Default is
true. Only very specific situations require setting this to false.
fcntl() call. Currently only suitable to
deal switch stream to non-blocking mode using:
tcp_fcntl(Stream, setfl, nonblock),
An attempt to read from a non-blocking stream while there is no data
available returns -1 (or end_of_file for read/1),
but
at_end_of_stream/1 fails. On actual
end-of-input,
at_end_of_stream/1 succeeds.
domain_error
exception.
inet or inet6 to limit the results to
the given family.
stream or dgram.
true (default false), return the canonical
host name in the frist answer
In mode (+,-,+) Address is unified to a dict with the following keys:
inet or inet6. The underlying getaddrinfo()
calls this family. We use domain for
consistency with
socket_create/2.
stream or dgram.
canonname(true) is specified on the first
returned address. Holds the official canonical host name.
getaddrinfo()
and the IP-number is unified to Address using a term of the
format
ip(Byte1,Byte2,Byte3,Byte4). Otherwise, if Address
is bound to an
ip(Byte1,Byte2,Byte3,Byte4) term, it is resolved by gethostbyaddr()
and the canonical hostname is unified with HostName.
gethostname() and return the canonical name
returned by getaddrinfo().ip(A,B,C,D) and ip6 addresses as ip(A,B,C,D,E,F,H).
For example:
?- ip_name(ip(1,2,3,4), Name) Name = '1.2.3.4'. ?- ip_name(IP, '::'). IP = ip(0,0,0,0,0,0,0,0). ?- ip_name(IP, '1:2::3'). IP = ip(1,2,0,0,0,0,0,3).
ip(A,B,C,D) : port
The library(streampool) library dispatches input from
multiple streams based on wait_for_input/3.
It is part of the clib package as it is used most of the time together
with the library(socket) library. On non-Unix systems it
often can only be used with socket streams.
With SWI-Prolog 5.1.x, multi-threading often provides a good
alternative to using this library. In this schema one thread watches the
listening socket waiting for connections and either creates a thread per
connection or processes the accepted connections with a pool of
worker threads. The library library(http/thread_httpd)
provides an example realising a mult-threaded HTTP server.
If Goal is called, there is some input on the associated stream. Goal must be careful not to block as this will block the entire pool.1This is hard to achieve at the moment as none of the Prolog read-commands provide for a timeout.
Below is a very simple example that reads the first line of input and echos it back.
:- use_module(library(streampool)).
server(Port) :-
tcp_socket(Socket),
tcp_bind(Socket, Port),
tcp_listen(Socket, 5),
tcp_open_socket(Socket, In, _Out),
add_stream_to_pool(In, accept(Socket)),
stream_pool_main_loop.
accept(Socket) :-
tcp_accept(Socket, Slave, Peer),
tcp_open_socket(Slave, In, Out),
add_stream_to_pool(In, client(In, Out, Peer)).
client(In, Out, _Peer) :-
read_line_to_codes(In, Command),
close(In),
format(Out, 'Please to meet you: ~s~n', [Command]),
close(Out),
delete_stream_from_pool(In).
This library provides high-performance C-based primitives for manipulating URIs. We decided for a C-based implementation for the much better performance on raw character manipulation. Notably, URI handling primitives are used in time-critical parts of RDF processing. This implementation is based on RFC-3986:
http://labs.apache.org/webarch/uri/rfc/rfc3986.html
The URI processing in this library is rather liberal. That is, we break URIs according to the rules, but we do not validate that the components are valid. Also, percent-decoding for IRIs is liberal. It first tries UTF-8; then ISO-Latin-1 and finally accepts %-characters verbatim.
Earlier experience has shown that strict enforcement of the URI syntax results in many errors that are accepted by many other web-document processing tools.
^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\?([^#]*))?(#(.*))? 12 3 4 5 6 7 8 9
| Components | is a term uri_components(Scheme, Authority, Path, Search, Fragment).
If a URI is parsed, i.e., using mode (+,-), components
that are not found are left uninstantiated (variable). See uri_data/3
for accessing this structure. |
scheme, authority, path, search
and fragment
uri_is_global(URI) :-
uri_components(URI, Components),
uri_data(scheme, Components, Scheme),
nonvar(Scheme),
atom_length(Scheme, Len),
Len > 1.
uri_normalized(URI, Base, NormalizedGlobalURI) :-
uri_resolve(URI, Base, GlobalURI),
uri_normalized(GlobalURI, NormalizedGlobalURI).
uri_normalized(URI, Base, NormalizedGlobalIRI) :-
uri_resolve(URI, Base, GlobalURI),
uri_normalized_iri(GlobalURI, NormalizedGlobalIRI).
?- uri_query_components(QS, [a=b, c('d+w'), n-'VU Amsterdam']).
QS = 'a=b&c=d%2Bw&n=VU%20Amsterdam'.
?- uri_query_components('a=b&c=d%2Bw&n=VU%20Amsterdam', Q).
Q = [a=b, c='d+w', n='VU Amsterdam'].
[ip],
returning the ip as host, without the enclosing [].
When constructing an authority string and the host contains :,
the host is embraced in []. If [] is not used
correctly, the behavior should be considered poorly defined. If there is
no balancing‘]` or the host part does not end with‘]`, these
characters are considered normal characters and part of the (invalid)
host name.user, password, host
and port->Encoded), Component
specifies the URI component where the value is used. It is one of query_value, fragment, path
or
segment. Besides alphanumerical characters, the following
characters are passed verbatim (the set is split in logical groups
according to RFC3986).
~" | "!$’()*,;" | "@" |
"/?"
~" | "!$&’()*,;=" |
"@" | "/"
~" | "!$&’()*,;=" |
"@"
http, https,
etc.)
path component. If Path is not
absolute it is taken relative to the path of URI0.
Key=Value pairs of the current search (query)
component. New values replace existing values. If KeyValues
is written as =(KeyValues) the current search component is
ignored. KeyValues is a list, whose elements are one of
Key=Value, Key-Value or‘Key(Value)`.
Components can be removed by using a variable as value, except
from path which can be reset using path(/) and
query which can be dropped using query(=([])).
| URI0 | is either a valid uri or a variable to start fresh. |
This is currently a very simple library, providing support for obtaining the form-data for a CGI script:
existence_error exception is raised.
Below is a very simple CGI script that prints the passed parameters.
To test it, compile this program using the command below, copy it to
your cgi-bin directory (or make it otherwise known as a CGI-script) and
make the query http://myhost.mydomain/cgi-bin/cgidemo?hello=world
% pl -o cgidemo --goal=main --toplevel=halt -c cgidemo.pl
:- use_module(library(cgi)).
main :-
set_stream(current_output, encoding(utf8)),
cgi_get_form(Arguments),
format('Content-type: text/html; charset=UTF-8~n~n', []),
format('<html>~n', []),
format('<head>~n', []),
format('<title>Simple SWI-Prolog CGI script</title>~n', []),
format('</head>~n~n', []),
format('<body>~n', []),
format('<p>', []),
print_args(Arguments),
format('</body>~n</html>~n', []).
print_args([]).
print_args([A0|T]) :-
A0 =.. [Name, Value],
format('<b>~w</b>=<em>~w</em><br>~n', [Name, Value]),
print_args(T).
Printing an HTML document using format/2
is not a neat way of producing HTML because it is vulnerable to required
escape sequences. A high-level alternative is provided by library(http/html_write)
from the HTTP library.
The startup-time of Prolog is relatively long, in particular if the program is large. In many cases it is much better to use the SWI-Prolog HTTP server library and make the main web-server relay requests to the SWI-Prolog webserver. See the SWI-Prolog HTTP package for details.
The CGI standard is unclear about handling Unicode data. The above two declarations ensure the CGI script will send all data in UTF-8 and thus provide full support of Unicode. It is assumed that browsers generally send form-data using the same encoding as the page in which the form appears, UTF-8 or ISO Latin-1. The current version of cgi_get_form/1 assumes the CGI data is in UTF-8.
The library(crypt) library defines crypt/2
for encrypting and testing passwords. The clib package also provides
crytographic hashes as described in section
12
The library supports two encryption formats: traditional Unix
DES-hashes2On non-Unix systems,
crypt() is provided by the NetBSD library. The license header is added
at the end of this document. and FreeBSD compatible MD5
hashes (all platforms). MD5 hashes start with the magic sequence $1$,
followed by an up to 8 character salt. DES hashes start with a
2 character
salt. Note that a DES hash considers only the first 8
characters. The MD5 considers the whole string.
Salt and algorithm can be forced by instantiating the start of Encrypted with it. This is typically used to force MD5 hashes:
?- phrase("$1$", E, _),
crypt("My password", E),
format('~s~n', [E]).
$1$qdaDeDZn$ZUxSQEESEHIDCHPNc3fxZ1
Encrypted is always a list of ASCII character codes. Plain only supports ISO-Latin-1 passwords in the current implementation.
Plain is either an atom, SWI-Prolog string, list of characters or list of character-codes. It is not advised to use atoms, as this implies the password will be available from the Prolog heap as a defined atom.
NOTE: crypt/2
provides an interface to the Unix password hashing API. Above we already
introduced support for classical DES and MD5 hashes, both hashes that
are considered insecure by today's standards.3Insecure
means that the password can realistically be derived from the password
hash using a brute-force attack. This implies that leaking the password
database is an immediate security risk. The crypt() API of
modern Unix systems typically support more secure hashes. Using crypt/2
is suitable if compatibility with OS passwords is required. If strong
hashes and platform independence are important to you, use crypto_password_hash/2
provided by library
library(crypto) from the
ssl package.
The library provides operations on UUIDs. Please consult other sources for understanding UUIDs and the implications of the different UUID versions. Some typical calls are given below:
?- uuid(X).
X = 'ea6589fa-19dd-11e2-8a49-001d92e1879d'.
?- uuid(X, [url('http://www.swi-prolog.org')]).
X = '73a07870-6a90-3f2e-ae2b-ffa538dc7c2c'.
uuid(UUID, []). See uuid/2
for options.atom,
yielding atoms such as 8304efdd-bd6e-5b7c-a27f-83f3f05c64e0.
The alternative is integer, returning a large integer that
represents the 128 bits of the UUID.
If SWI-Prolog was not built with the OSSP UUID dependency
library a simple Prolog alternative that only implements version 4
random UUIDs is provided. In this case the default version is 4 and the
only admissible options are version(4) and format(Format).
The library library(sha) provides Secure Hash
Algorihms approved by FIPS (Federal Information Processing
Standard). Quoting
Wikipedia: “The
SHA (Secure Hash Algorithm) hash functions refer to five FIPS-approved
algorithms for computing a condensed digital representation (known as a
message digest) that is, to a high degree of probability, unique for a
given input data sequence (the message). These algorithms are called‘secure'
because (in the words of the standard), “for a given algorithm, it
is computationally infeasible 1) to find a message that corresponds to a
given message digest, or 2) to find two different messages that produce
the same message digest. Any change to a message will, with a very high
probability, result in a different message digest.''
The current library supports all 5 approved algorithms, both computing the hash-key from data and the hash Message Authentication Code (HMAC).
A general secure hash interface is provided by library(crypto),
part of the ssl package.
Input is text, represented as an atom, packed string object or code-list. Note that these functions operate on byte-sequences and therefore are not meaningful on Unicode text. The result is returned as a list of byte-values. This is the most general format that is comfortable supported by standard Prolog and can easily be transformed in other formats. Commonly used text formats are ASCII created by encoding each byte as two hexadecimal digits and ASCII created using base64 encoding. Representation as a large integer can be desirable for computational processing.
sha1 (default), sha224, sha256,
sha384 or sha512
utf8,
which implies that Unicode text is encoded as UTF-8 bytes. This option
can deal with any atom. The alternative is
octet, which implies that the text is considered as a
sequence of bytes. This is suitable for e.g., atoms that represent
binary data. An error is raised if the text contains code-points outside
the range 0..255.
Key and Data are either an atom, packed string
or list of character codes. HMAC is unified with a list of
integers representing the authentication code. Options is the
same as for
sha_hash/3,
but currently only sha1 and sha256 are
supported.
?- sha_hash('SWI-Prolog', Hash, []),
hash_atom(Hash, Hex).
Hash = [61, 128, 252, 38, 121, 69, 229, 85, 199|...],
Hex = '3d80fc267945e555c730403bd0ab0716e2a68c68'.
The underlying SHA-2 library is an unmodified copy created by Dr Brian Gladman, Worcester, UK. It is distributed under the license conditions below.
The free distribution and use of this software in both source and binary form is allowed (with or without changes) provided that:
ALTERNATIVELY, provided that this notice is retained in full, this product may be distributed under the terms of the GNU General Public License (GPL), in which case the provisions of the GPL apply INSTEAD OF those given above.
Compute MD5 hashes from a Prolog string. This library provides a
lightweight alternative to the general secure hash interface provided by
library(crypto) from the ssl package.
utf8. The other
meaningful value is octet, claiming that Data
contains raw bytes.
| Data | is either an atom, string, code-list or char-list. |
| Hash | is an atom holding 32 characters, representing the hash in hexadecimal notation |
This library defines a filter stream that maintains a hash of the data that passes through the stream. It can be used to compute the hash of input data while it is being processed. This is notably interesting if data is processed from a socket as it avoids the need for collecting the data first in a temporary file.
A typical processing sequence is illustrated below, where process/2 somehow processed the data and save_result/3 records the result as obtained from URL with content digest SHA256 its Result.
...,
http_open(URL, In0, []),
open_hash_stream(In0, In, [algorithm(sha256)]),
process(In, Result),
stream_hash(In, SHA256),
close(In),
save_result(URL, SHA256, Result)
This library can also be used to compute the hash for the content of a file. The advantage is that this code doesn't rely on external tools. It is considerably faster for short files, but considerably slower on large files because Prolog I/O is based on character streams rather than blocks.
file_hash(Algorithm, File, Hash) :-
setup_call_cleanup(
open(File, read, In0, [type(binary)]),
setup_call_cleanup(
open_hash_stream(In0, In,
[ algorithm(Algorithm),
close_parent(false)
]),
( setup_call_cleanup(
open_null_stream(Null),
copy_stream_data(In, Null),
close(Null)),
stream_hash(In, Hash)
),
close(In)),
close(In0)).
md5, sha1, sha224, sha256, sha384
or
sha512. Default is sha1.
true (default), closing the filter stream also closes
the original (parent) stream.
The library(memfile) provides an alternative to
temporary files, intended for temporary buffering of data. Memory files
in general are faster than temporary files and do not suffer from
security risks or naming conflicts associated with temporary-file
management.
There is no limit to the number of memory streams, nor the size of them. However, a single memory file cannot have multiple streams at the same time, i.e., a memory file cannot be opened multiple times, not even for reading. Memory files are thread-safe and subject to (atom) garbage collection.
These predicates are first of all intended for building higher-level primitives such as open_codes_stream/3. See also format/3, atom_to_term/3, term_to_atom/2, term_string/2, etc.
read, write,
append, update or insert. The
resulting
Stream must be closed using close/1.
When opened for
update or insert, the current location is
initialized at the start of the data and can be modified using seek/2
or
set_stream_position/2.
In update mode, existing content is replaced, while the
size is enlarged after hitting the end of the data. In insert
mode, the new data is inserted at the current point.octet,
turning the memoryfile into binary mode. Please study SWI-Prolog Unicode
and encoding issues before using this option.
true (default false and the memory file is
opened for reading, discard the file (see free_memory_file/1)
if the input is closed. This is used to realise open_chars_stream/2
in library(charsio).
write
yields a permission error.utf8. Currently only supported if Encoding is
one of iso_latin_1, octed (the same as iso_latin_1),
wchar or utf8. Use with another encoding
raises a domain error.The library(time) provides timing and alarm functions.
Alarms are thread-specific, i.e., creating an alarm causes the alarm
goal to be called in the thread that created it. The predicate current_alarm/4
only reports alarms that are related to the calling thread. If a thread
terminates, all remaining alarms are silently removed. Most applications
use call_with_time_limit/2.
Options is a list of Name(Value) options. Currently defined options are:
true (default false), remove the
alarm-event (as
remove_alarm/1) after it has
been fired.
false (default true) do not install the
alarm. It must be installed separately using install_alarm/1.
install(false) option or de-activated using uninstall_alarm/1.
With a given
RelTime, the alarm is scheduled at the RelTime
from now. Otherwise it is scheduled on the same (absolute) time on which
is was created.done if the
alarm has been fired, next if the event is the next to be
executed and
scheduled otherwise.time_limit_exceeded
is raised.
call_with_time_limit/3
throws time_limit_exceeded(Context). Goal is
called as in once/1.
The library(unix) library provides the commonly used
Unix primitives to deal with process management. These primitives are
useful for many tasks, including server management, parallel
computation, exploiting and controlling other processes, etc.
The predicates in this library are modelled closely after their native Unix counterparts.
Unix fork() is the only way to create new processes and fork/1
is a simple direct interface to it.
fork_exec(Command) :-
( fork(child)
-> exec(Command)
; true
).
execvp(). Here are some examples:
exec(ls('-l'))
exec('/bin/ls'('-l', '/home/jan'))
Unix exec() is the only way to start an executable file
executing. It is commonly used together with fork/1.
For example to start netscape on an URL in the background, do:
run_netscape(URL) :-
( fork(child),
exec(netscape(URL))
; true
).
Using this code, netscape remains part of the process-group of the invoking Prolog process and Prolog does not wait for netscape to terminate. The predicate wait/2 allows waiting for a child, while detach_IO/0 disconnects the child as a deamon process.
exited(ExitCode) if the child with pid Pid was
terminated by calling exit() (Prolog halt/1).
ExitCode is the return status.
Status is unified with signaled(Signal) if the
child died due to a software interrupt (see kill/2).
Signal contains the signal number. Finally, if the process suspended
execution due to a signal, Status is unified with stopped(Signal).SIG prefix and mapping to lowercase. E.g. int
is the same as
SIGINT in C. The meaning of the signal numbers can be found
in the Unix manual.
:- use_module(library(unix)).
fork_demo(Result) :-
pipe(Read, Write),
fork(Pid),
( Pid == child
-> close(Read),
format(Write, '~q.~n',
[hello(world)]),
flush_output(Write),
halt
; close(Write),
read(Read, Result),
close(Read)
).
dup2(), copying the underlying
filedescriptor and thus making both streams point to the same underlying
object. This is normally used together with fork/1
and pipe/2 to talk to an external
program that is designed to communicate using standard I/O.
Both FromStream and ToStream either refer to a
Prolog stream or an integer descriptor number to refer directly to OS
descriptors. See also demo/pipe.pl in the
source-distribution of this package.
user_input, user_output
and
user_error are closed if they are connected to a terminal
(see tty property in stream_property/2).
Input streams are rebound to a dummy stream that returns EOF. Output
streams are reboud to forward their output to Stream.
setsid() if
provided or using ioctl() TIOCNOTTY on /dev/tty.
To ignore all output, it may be rebound to a null stream. For example:
...,
open_null_stream(Out),
detach_IO(Out).
The detach_IO/1 should be called only once per process. Subsequent calls silently succeed without any side effects.
/tmp/pl-out.<pid>.
Output is line buffered (see
set_stream/2).
sysconf(1) for details. Conf
is a term Config(Value), where Value is always an integer. Config is the sysconf()
name after removing =_SC_= and conversion to lowercase. Currently
support the following configuration info:
arg_max, child_max, clk_tck, open_max, pagesize,
phys_pages, avphys_pages, nprocessors_conf
and
nprocessors_onln. Note that not all values may be supported
on all operating systems.
The library(rlimit) library provides an interface to the
POSIX getrlimit()/setrlimit() API that control the maximum
resource-usage of a process or group of processes. This call is
especially useful for servers such as CGI scripts and inetd-controlled
servers to avoid an uncontrolled script claiming too much resources.
asMax address space cpuCPU time in seconds fsizeMaximum filesize datamax data size stackmax stack size coremax core file size rssmax resident set size nprocmax number of processes nofilemax number of open files memlockmax locked-in-memory address
When the process hits a limit POSIX systems normally send the process a signal that terminates it. These signals may be caught using SWI-Prolog's on_signal/3 primitive. The code below illustrates this behaviour. Please note that asynchronous signal handling is dangerous, especially when using threads. 100% fail-safe operation cannot be guaranteed, but this procedure will inform the user properly‘most of the time'.
rlimit_demo :-
rlimit(cpu, _, 2),
on_signal(xcpu, _, cpu_exceeded),
( repeat, fail ).
cpu_exceeded(_Sig) :-
format(user_error, 'CPU time exceeded~n', []),
halt(1).
SWI-Prolog's broadcast library provides a means that may be used to facilitate publish and subscribe communication regimes between anonymous members of a community of interest. The members of the community are however, necessarily limited to a single instance of Prolog. The UDP broadcast library removes that restriction. With this library loaded, any member on your local IP subnetwork that also has this library loaded may hear and respond to your broadcasts.
This library support three styles of networking as described below. Each of these networks have their own advantages and disadvantages. Please study the literature to understand the consequences.
After initialization and, in the case of a unicast network managing the set of peers, communication happens through broadcast/1, broadcast_request/1 and listen/1,2,3.
A broadcast/1 or broadcast_request/1
of the shape udp(Scope, Term) or
udp(Scope, Term, TimeOut) is forwarded over the UDP network
to all peers that joined the same Scope. To prevent the
potential for feedback loops, only the plain Term is
broadcasted locally. The timeout is optional. It specifies the amount to
time to wait for replies to arrive in response to a broadcast_request/1.
The default period is 0.250 seconds. The timeout is ignored for
broadcasts.
An example of three separate processes cooperating in the same scope
called peers:
Process A: ?- listen(number(X), between(1, 5, X)). true. ?- Process B: ?- listen(number(X), between(7, 9, X)). true. ?- Process C: ?- findall(X, broadcast_request(udp(peers, number(X))), Xs). Xs = [1, 2, 3, 4, 5, 7, 8, 9]. ?-
It is also possible to carry on a private dialog with a single responder. To do this, you supply a compound of the form, Term:PortId, to a UDP scoped broadcast/1 or broadcast_request/1, where PortId is the ip-address and port-id of the intended listener. If you supply an unbound variable, PortId, to broadcast_request, it will be unified with the address of the listener that responds to Term. You may send a directed broadcast to a specific member by simply providing this address in a similarly structured compound to a UDP scoped broadcast/1. The message is sent via unicast to that member only by way of the member's broadcast listener. It is received by the listener just as any other broadcast would be. The listener does not know the difference.
For example, in order to discover who responded with a particular value:
Host B Process 1: ?- listen(number(X), between(1, 5, X)). true. ?- Host A Process 1: ?- listen(number(X), between(7, 9, X)). true. ?- Host A Process 2: ?- listen(number(X), between(1, 5, X)). true. ?- bagof(X, broadcast_request(udp(peers,number(X):From,1)), Xs). From = ip(192, 168, 1, 103):34855, Xs = [7, 8, 9] ; From = ip(192, 168, 1, 103):56331, Xs = [1, 2, 3, 4, 5] ; From = ip(192, 168, 1, 104):3217, Xs = [1, 2, 3, 4, 5].
All incomming trafic is handled by a single thread with the alias
udp_inbound_proxy. This thread also performs the internal
dispatching using broadcast/1 and broadcast_request/1.
Future versions may provide for handling these requests in separate
threads.
While the implementation is mostly transparent, there are some important and subtle differences that must be taken into consideration:
udp_subnet
scope is not reentrant. If a listener performs a broadcast_request/1
with UDP scope recursively, then disaster looms certain. This caveat
does not apply to a UDP scoped broadcast/1,
which can safely be performed from a listener context.
ip(A,B,C,D)
or an atom or string of the format A.B.C.D. Options
processed:
subnet.
For compatibility reasons Options may be the subnet mask.
| Address | has canonical form ip(A,B,C,D):Port. |
%prolog\n, followed by the Prolog term in quoted notation
while ignoring operators. This hook may use alternative serialization
such as fast_term_serialized/2, use library(ssl)
to realise encrypted messages, etc.
| Scope | is the scope for which the message is broadcasted. This can be used to use different serialization for different scopes. |
| Term | encapsulates the term broadcasted by
the application as follows:
|
This hook is intended to initiate a new node joining the network of
peers. We could in theory also omit the in-scope test and use a normal
broadcast to join. Using a different channal however provides a basic
level of security. A possibe implementation is below. The first fragment
is a hook added to the server, the second is a predicate added to a
client and the last initiates the request in the client. The excanged
term (join(X)) can be used to exchange a welcome handshake.
:- multifile udp_broadcast:udp_unicast_join_hook/3.
udp_broadcast:udp_unicast_join_hook(Scope, From, join(welcome)) :-
udp_peer_add(Scope, From),
join_request(Scope, Address, Reply) :-
udp_peer_add(Scope, Address),
broadcast_request(udp(Scope, join(X))).
?- join_request(myscope, "1.2.3.4":10001, Reply). Reply = welcome.
This library defines a Prolog stream that realises its low-level I/O with callbacks to Prolog. The library was developed to bind normal Prolog I/O to Pengines I/O. This type of I/O redirection is probably the primary use case.
:stream_write(+Stream,
+String)Mode = write stream if data is available.
String contains the (textual) data that is written to Stream.
The callback is called if the buffer of
Stream overflows, the user calls flush_output(Stream)
or Stream is closed and there is buffered data.
:stream_read(+Stream,
-Term)Mode == read stream to get new data. On
success the stream extracts text from the provided Term.
Term is typically a string, atom, code or character list. If
term is not one of the above, it is handed to writeq/1.
To signal end-of-file, unify stream with an empty text, e.g., stream_read(Stream, "").
:stream_close(+Stream)The current implementation only deals with text streams. The stream
uses the wchar_t encoding. The buffer size must be a
multiple of wchar_t, i.e., a multiple of four for
portability. The newline mode of the stream is posix
on all platforms, disabling the translation "\n" --> "\r\n".
| Options | is currently ignored. |
* Copyright (c) 1989, 1993 * The Regents of the University of California. All rights reserved. * * This code is derived from software contributed to Berkeley by * Tom Truscott. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE.