|Did you know ...||Search Documentation:|
On Windows systems, the
library(unix) library can only
be used if the whole SWI-Prolog suite is compiled using
Cygwin. The other
libraries have been ported to native Windows.
Many useful facilities offered by one or more of the operating systems supported by SWI-Prolog are not supported by the SWI-Prolog kernel distribution. Including these would enlarge the footprint and complicate portability matters while supporting only a limited part of the user-community.
This document describes
library(unix) to deal with the
Unix process API,
library(socket) to deal with inet-domain TCP and UDP
library(cgi) to deal with getting CGI form-data if
SWI-Prolog is used as a CGI scripting language,
to provide password encryption and verification,
providing cryptographic hash functions and
library(memfile) providing in-memorty pseudo files.
library(process) implements interaction with
child processes and unifies older interfaces such as shell/[1,2],
etc. This library is modelled after SICStus 4.
The main interface is formed by process_create/3. If the process id is requested the process must be waited for using process_wait/2. Otherwise the process resources are reclaimed automatically.
In addition to the predicates, this module defines a file search path
(see user:file_search_path/2 and absolute_file_name/3)
path that locates files on the system's search path
for executables. E.g. the following finds the executable for
?- absolute_file_name(path(ls), Path, [access(execute)]).
Incompatibilities and current limitations
detached(true)option is supposed to do. Disable signals in the child? Use
setsid()to detach from the session? The current implementation uses
setsid()on Unix systems.
env([Name=Value, ...])is added to process_create/3. As of version 4.1 SICStus added
environment(List)which modifies the environment. A compatible option was added to SWI-Prolog 7.7.23.
pathfile alias to specify an executable file on the current PATH. Args is a list of arguments that are handed to the new process. On Unix systems, each element in the list becomes a separate argument in the new process. In Windows, the arguments are simply concatenated to form the commandline. Each argument itself is either a primitive or a list of primitives. A primitive is either atomic or a term
file(Spec), the system inserts a filename using the OS filename conventions which is properly quoted if needed.
pipe(Pipe)is used, the Prolog stream is a stream in text-mode using the encoding of the default locale. The encoding can be changed using set_stream/2, or by using the two-argument form of
pipe, which accepts an
encoding(Encoding)option. The options
stderrmay use the same stream, in which case both output streams are connected to the same Prolog stream.
user_input, etc. are bound to a file handle but not to 0,1,2 the process I/O is bound to the file handles of these streams.
encoding(+Encoding)are supported, which have the same meaning as the stream properties of the same name (see stream_property/2). StreamOptions is provided mainly for SICStus compatibility - the SWI-Prolog predicate set_stream/2 can be used for the same purpose.
file_no). This option is not provided by the SICStus implementation.
environment(List), but only the specified variables are passed, i.e., no variables are inherited.
Name=Valueterms, where Value is expanded the same way as the Args argument. If neither
environmentis passed the environment is inherited from the Prolog process. At most one
environment(List)term may appear in the options. If multiple appear a
permission_erroris raised for the second option.
true, detach the process from the terminal Currently mapped to
setsid(); Also creates a new process group for the child In Windows: If
true, detach the process from the current job via the CREATE_BREAKAWAY_FROM_JOB flag. In Vista and beyond, processes launched from the shell directly have the’compatibility assistant' attached to them automatically unless they have a UAC manifest embedded in them. This means that you will get a permission denied error if you try and assign the newly-created PID to a job you create yourself.
true, create a window for the process (Windows only)
If the user specifies the
process(-PID) option, he must
process_wait/2 to reclaim the
process. Without this option, the system will wait for completion of the
process after the last pipe stream is closed.
If the process is not waited for, it must succeed with status 0. If not, an process_error is raised.
On Windows this call is an interface to the CreateProcess() API. The
commandline consists of the basename of Exe and the arguments
formed from Args. Arguments are separated by a single space.
If all characters satisfy
iswalnum() it is unquoted. If the
argument contains a double-quote it is quoted using single quotes. If
both single and double quotes appear a domain_error is raised, otherwise
double-quote are used.
The CreateProcess() API has many options. Currently only the
CREATE_NO_WINDOW options is supported through the
window(+Bool) option. If omitted, the default is to use
this option if the application has no console. Future versions are
likely to support more window specific options and replace
First, a very simple example that behaves the same as
shell('ls -l'), except for error handling:
?- process_create(path(ls), ['-l'], ).
The following example uses grep to find all matching lines in a file.
grep(File, Pattern, Lines) :- setup_call_cleanup( process_create(path(grep), [ Pattern, file(File) ], [ stdout(pipe(Out)) ]), read_lines(Out, Lines), close(Out)). read_lines(Out, Lines) :- read_line_to_codes(Out, Line1), read_lines(Line1, Out, Lines). read_lines(end_of_file, _, ) :- !. read_lines(Codes, Out, [Line|Lines]) :- atom_codes(Line, Codes), read_line_to_codes(Out, Line2), read_lines(Line2, Out, Lines).
process_error(Exe, Status)where Status is one of
killed(Signal). Raised if the process is waited for (i.e., Options does not include
process(-PID)), and does not exit with status 0.
environment(List)is handled as
env(List), i.e., the environment is not inherited.
infinite. If this option is a number, the waits for a maximum of Timeout seconds and unifies Status with
timeoutif the process does not terminate within Timeout. In this case PID is not invalidated. On Unix systems only timeout 0 and
infiniteare supported. A 0-value can be used to poll the status of the process.
|Status||is one of |
term. Signal is an integer, Unix signal name (e.g.
SIGSTOP) or the more Prolog friendly variation one gets after removing
SIGand downcase the result:
stop. On Windows systems, Signal is ignored and the process is terminated using the TerminateProcess() API. On Windows systems PID must be obtained from process_create/3, while any PID is allowed on Unix systems.
term. See process_wait/1 for a description of signal handling. In Windows, the same restriction on PID applies: it must have been created from process_create/3, and the the group is terminated via the TerminateJobObject API.
vfork. If the method is
spawnbut this cannot be used because it is either not supported by the OS or the
cwd(Dir)option is given
The problem is to be understood as follows. The official portable and
safe method to create a process is using the
call. This call however copies the process page tables and get seriously
slow as the (Prolog) process is multiple giga bytes large.
Alternatively, we may use
vfork() which avoids copying the
process space. But, the safe usage as guaranteed by the POSIX standard
vfork() is insufficient for our purposes. On practical
systems your mileage may vary. Modern posix systems also provide
which provides a safe and portable alternative for the
exec() sequence that may be implemented using
or may use a fast but safe alternative. Unfortunately
doesn't support the option to specify the working directory for the
child and we cannot use working_directory/2
as the working directory is shared between threads.
Summarizing, the default is safe and tries to be as fast as possible.
On some scenarios and on some OSes it is possible to do better. It is
generally a good idea to avoid using the
cwd(Dir) option of process_create/3
as without we can use
This module provides additional operations on files. This covers both more obscure and possible non-portable low-level operations and high-level utilities.
Using these Prolog primitives is typically to be preferred over using operating system primitives through shell/1 or process_create/3 because (1) there are no potential file name quoting issues, (2) there is no dependency on operating system commands and (3) using the implementations from this library is usually faster.
nowto indicate the current time. Defined options are:
link()) or removing (
Below are some example queries. The first retrieves the access-time, while the second sets the last-modified time to the current time.
?- set_time_file(foo, [access(Access)], ). ?- set_time_file(foo, , [modified(now)]).
With some limitations, these functions also work on Windows. First of all, the underlying filesystem must support links. This requires NTFS. Second, symbolic links are only supported in Vista and later.
domain_error(link_type, Type)if the requested link-type is unknown or not supported on the target OS.
?- relative_file_name('/home/janw/nice', '/home/janw/deep/dir/file', Path). Path = '../../nice'. ?- relative_file_name(Path, '/home/janw/deep/dir/file', '../../nice'). Path = '/home/janw/nice'.
Add a terminating
/ to get a path relative to a directory,
?- relative_file_name('/home/janw/deep/dir/file', './', Path). Path = 'deep/dir/file'.
|All||paths must be in canonical POSIX notation, i.e., using / to separate segments in the path. See prolog_to_os_filename/2.|
atom_concat(Directory, File, Path), but it ensures there is exactly one / between the two parts. Notes:
false), recurse into subdirectories
true(default), follow symbolic links.
error. Default is
warning. Errors notably happen if a directory is unreadable or a link points nowhere.
true(default), also return hidden files.
This predicate is safe against cycles introduced by symbolic links to directories.
The idea for a non-deterministic file search predicate comes from Nicos Angelopoulos.
-Modeor a plain Mode, which adds new permissions, revokes permissions or sets the exact permissions. Mode itself is an integer, a POSIX mode name or a list of POSIX mode names. Defines names are
svtxand all names defined by the regular expression
[ugo]*[rwx]*. Specifying none of "ugo" is the same as specifying all of them. For example, to make a file executable for the owner (user) and group, we can use:
?- chmod(myfile, +ugx).
This module provides and interface to user and group information on Posix systems. In addition, it allows for changing user and group ids. When changing user and group settings for the calling process, bear in mind that:
initgroups()are not part of the POSIX standard and therefore the derived predicates may not be present.
xif this is not accessible)
xif this is not accessible)
library(uid)to manage user identifiers (e.g., drop root privileges).
This library provides an interface to the Unix
facility. The interface is an almost direct translation of the POSIX
syslog API, with two additions:
library(debug)using prolog:debug_print_hook/3, where debug topics are mapped to syslog priorities and remaining debug topics are mapped to the syslog priority
Note that this interface makes no attempt to abstract over logging
facilities of operating systems. We expect that such abstractions will
be implemented at the Prolog level using multiple integrations into
openlog()library call. If the library call is successful, it runs
at_halt(closelog)to ensure closing the system log on clean exit.
|Ident||prepended to every message, and is typically set to the program name.|
|Options||is a list of options. Values are
corresponding C options, after removing =LOG_= and translation to lower
|Facility||is one of |
|Priority||is one of |
library(socket) provides TCP and UDP inet-domain
sockets from SWI-Prolog, both client and server-side communication. The
interface of this library is very close to the Unix socket interface,
also supported by the MS-Windows winsock API. SWI-Prolog
applications that wish to communicate with multiple sources have two
Using this library to establish a TCP connection to a server is as simple as opening a file. See also http_open/3.
dump_swi_homepage :- setup_call_cleanup( tcp_connect(www.swi-prolog.org:http, Stream, ), ( format(Stream, 'GET / HTTP/1.1~n\c Host: www.swi-prolog.org~n\c Connection: close~n~n', ), flush_output(Stream), copy_stream_data(Stream, current_output) ), close(S)).
To deal with timeouts and multiple connections, threads, wait_for_input/3 and/or non-blocking streams (see tcp_fcntl/3) can be used.
The typical sequence for generating a server application is given below. To close the server, use close/1 on AcceptFd.
create_server(Port) :- tcp_socket(Socket), tcp_bind(Socket, Port), tcp_listen(Socket, 5), tcp_open_socket(Socket, AcceptFd, _), <dispatch>
There are various options for <dispatch>. The most commonly used option is to start a Prolog thread to handle the connection. Alternatively, input from multiple clients can be handled in a single thread by listening to these clients using wait_for_input/3. Finally, on Unix systems, we can use fork/1 to handle the connection in a new process. Note that fork/1 and threads do not cooperate well. Combinations can be realised but require good understanding of POSIX thread and fork-semantics.
Below is the typical example using a thread. Note the use of setup_call_cleanup/3 to guarantee that all resources are reclaimed, also in case of failure or exceptions.
dispatch(AcceptFd) :- tcp_accept(AcceptFd, Socket, Peer), thread_create(process_client(Socket, Peer), _, [ detached(true) ]), dispatch(AcceptFd). process_client(Socket, Peer) :- setup_call_cleanup( tcp_open_socket(Socket, StreamPair), handle_service(StreamPair), close(StreamPair)). handle_service(StreamPair) :- ...
Errors that are trapped by the low-level library are mapped to an
exception of the shape below. In this term, Code is a lower
case atom that corresponds to the C macro name, e.g.,
for a broken pipe.
Message is the human readable string for the error code
returned by the OS or the same as Code if the OS does not
provide this functionality. Note that Code is derived from a
static set of macros that may or may not be defines for the target OS.
If the macro name is not known, Code is
where nnn is an integer.
error(socket_error(Code, Message), _)
Note that on Windows Code is a
which makes it hard to write portable code that handles specific socket
errors. Even on POSIX systems the exact set of errors produced by the
network stack is not defined.
The library supports both IP4 and IP6 addresses. On Unix systems it
also supports Unix domain sockets (
address of a Unix domain sockets is a file name. Unix domain sockets are
socket_create/2 or unix_domain_socket/1.
IP4 or IP6 sockets can be created using socket_create/2
or tcp_connect/3 with the
(default, IP3) or
inet6 domain option. Some of the
predicates produce or consume IP addresses as a Prolog term. The format
of this term is one of:
The predicate ip_name/2 translates between the canonical textual representation and the above defined address terms.
stream(default) to create a TCP connection or
dgramto create a UDP socket.
This predicate subsumes tcp_socket/1m, udp_socket/1 and unix_domain_socket/1.
socket_create(SocketId, )or, explicit,
socket_create(SocketId, [domain(inet), type(stream)]).
socket_create(SocketId, [domain(unix)])or, explicit,
socket_create(SocketId, [domain(unix), type(stream)])
Unix domain socket affect tcp_connect/2
(for clients) and
tcp_bind/2 and tcp_accept/3
(for servers). The address is an atom or string that is handled as a
file name. On most systems the length of this file name is limited to
128 bytes (including null terminator), but according to the Linux
unix(7)), portable applications must keep
the address below 92 bytes. Note that these lengths are in bytes.
Non-ascii characters may be represented as multiple bytes. If the length
limit is exceeded a
representation_error(af_unix_name) exception is raised.
If Port is unbound, the system picks an arbitrary free port and unifies Port with the selected port number. Port is either an integer or the name of a registered service. See also tcp_connect/4.
af_unixif Socket is an AF_UNIX socket (see unix_domain_socket/1).
tcp_socket(Socket), tcp_connect(Socket, Host:Port), tcp_open_socket(Socket, StreamPair)
Typical client applications should use the high level interface provided by tcp_connect/3 which avoids resource leaking if a step in the process fails, and can be hooked to support proxies. For example:
setup_call_cleanup( tcp_connect(Host:Port, StreamPair, ), talk(StreamPair), close(StreamPair))
If SocketId is an AF_UNIX socket (see unix_domain_socket/1), Address is an atom or string denoting a file name.
:- multifile socket:tcp_connect_hook/4. socket:tcp_connect_hook(Socket, Address, Read, Write) :- proxy(ProxyAdress), tcp_connect(Socket, ProxyAdress), tcp_open_socket(Socket, Read, Write), proxy_connect(Address, Read, Write).
tcp_connect(+Address, -StreamPair, +Options).
true, do not attempt to use any proxies to obtain the connection
true, set nodelay on the resulting socket using
inet6. When omitted we use host_address/2 with
type(stream)and try the returned addresses in order.
The +,+,- mode is deprecated and does not support proxies. It behaves like tcp_connect/4, but creates a stream pair (see stream_pair/3).
|Address||is either a Host:Port term or a file name (atom or string). The latter connects to an AF_UNIX socket and requires unix_domain_socket/1.|
proxy_error(tried(ResultList))is raised by mode (+,-,+) if proxies are defines by proxy_for_url/3 but no proxy can establsh the connection. ResultList contains one or more terms of the form
false(Proxy)for a hook that simply failed or
error(Proxy, ErrorTerm)for a hook that raised an exception.
library(http/http_proxy)defines a hook that allows to connect through HTTP proxies that support the
select()call underlying wait_for_input/3. As input multiplexing typically happens in a background thread anyway we accept the loss of timeouts and interrupts.
library(http/http_open)) collect the results of failed proxies and raise an exception no proxy is capable of realizing the connection.
The default implementation recognises the values for Proxy
described below. The
proxy(Host,Port) which allows for HTTP proxies using the
These correspond to the proxy methods defined by PAC Proxy auto-config. Additional methods can be returned if suitable clauses for http:http_connection_over_proxy/6 or try_proxy/4 are defined.
socket_create(SocketId, [type(dgram)])or, explicit,
socket_create(SocketId, [domain(inet), type(dgram)]).
term(parse as Prolog term).
receive(Port) :- udp_socket(Socket), tcp_bind(Socket, Port), repeat, udp_receive(Socket, Data, From, [as(atom)]), format('Got ~q from ~q~n', [Data, From]), fail.
as(Type)option of udp_receive/4. The are interpreted differently though. No Type corresponds to CVT_ALL of PL_get_chars(). Using atom corresponds to CVT_ATOM and any of string or codes is mapped to CVT_STRING
|CVT_LIST, allowing for a SWI-Prolog string object, list of character codes or list of characters. Finally,
termmaps to CVT_WRITE_CANONICAL. This implies that arbitrary Prolog terms can be sent reliably using the option list‘[
encoding(utf8)])`, using the same option list for udp_receive/4.
send(Host, Port, Message) :- udp_socket(S), udp_send(S, Message, Host:Port, ), tcp_close_socket(S).
A broadcast is achieved by using
prior to sending the datagram and using the local network broadcast
address as a ip/4 term.
setsockopt()and the socket interface (e.g.,
socket(7)on Linux) for details.
tcp_socket(Socket), tcp_setopt(Socket, bindtodevice(lo))
true, disable the Nagle optimization on this socket, which is enabled by default on almost all modern TCP/IP stacks. The Nagle optimization joins small packages, which is generally desirable, but sometimes not. Please note that the underlying TCP_NODELAY setting to
setsockopt()is not available on all platforms and systems may require additional privileges to change this option. If the option is not supported, tcp_setopt/2 raises a domain_error exception. See Wikipedia for details.
setsockopt()with the corresponding arguments.
swipl-win.exeexecutable) this flags defines whether or not any events are dispatched on behalf of the user interface. Default is
true. Only very specific situations require setting this to
fcntl()call. Currently only suitable to deal switch stream to non-blocking mode using:
tcp_fcntl(Stream, setfl, nonblock),
An attempt to read from a non-blocking stream while there is no data
available returns -1 (or
end_of_file for read/1),
at_end_of_stream/1 fails. On actual
inet6to limit the results to the given family.
false), return the canonical host name in the frist answer
In mode (+,-,+) Address is unified to a dict with the following keys:
inet6. The underlying
family. We use
domainfor consistency with socket_create/2.
canonname(true)is specified on the first returned address. Holds the official canonical host name.
getaddrinfo()and the IP-number is unified to Address using a term of the format
ip(Byte1,Byte2,Byte3,Byte4). Otherwise, if Address is bound to an
ip(Byte1,Byte2,Byte3,Byte4)term, it is resolved by
gethostbyaddr()and the canonical hostname is unified with HostName.
gethostname()and return the canonical name returned by
ip(A,B,C,D)and ip6 addresses as
ip(A,B,C,D,E,F,H). For example:
?- ip_name(ip(1,2,3,4), Name) Name = '184.108.40.206'. ?- ip_name(IP, '::'). IP = ip(0,0,0,0,0,0,0,0). ?- ip_name(IP, '1:2::3'). IP = ip(1,2,0,0,0,0,0,3).
socks_error(Details)if the SOCKS negotiation failed.
library(streampool) library dispatches input from
multiple streams based on wait_for_input/3.
It is part of the clib package as it is used most of the time together
library(socket) library. On non-Unix systems it
often can only be used with socket streams.
With SWI-Prolog 5.1.x, multi-threading often provides a good
alternative to using this library. In this schema one thread watches the
listening socket waiting for connections and either creates a thread per
connection or processes the accepted connections with a pool of
worker threads. The library
provides an example realising a mult-threaded HTTP server.
If Goal is called, there is some input on the associated stream. Goal must be careful not to block as this will block the entire pool.1This is hard to achieve at the moment as none of the Prolog read-commands provide for a timeout.
Below is a very simple example that reads the first line of input and echos it back.
:- use_module(library(streampool)). server(Port) :- tcp_socket(Socket), tcp_bind(Socket, Port), tcp_listen(Socket, 5), tcp_open_socket(Socket, In, _Out), add_stream_to_pool(In, accept(Socket)), stream_pool_main_loop. accept(Socket) :- tcp_accept(Socket, Slave, Peer), tcp_open_socket(Slave, In, Out), add_stream_to_pool(In, client(In, Out, Peer)). client(In, Out, _Peer) :- read_line_to_codes(In, Command), close(In), format(Out, 'Please to meet you: ~s~n', [Command]), close(Out), delete_stream_from_pool(In).
This library provides high-performance C-based primitives for manipulating URIs. We decided for a C-based implementation for the much better performance on raw character manipulation. Notably, URI handling primitives are used in time-critical parts of RDF processing. This implementation is based on RFC-3986:
The URI processing in this library is rather liberal. That is, we break URIs according to the rules, but we do not validate that the components are valid. Also, percent-decoding for IRIs is liberal. It first tries UTF-8; then ISO-Latin-1 and finally accepts %-characters verbatim.
Earlier experience has shown that strict enforcement of the URI syntax results in many errors that are accepted by many other web-document processing tools.
^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\?([^#]*))?(#(.*))? 12 3 4 5 6 7 8 9
|Components||is a term |
uri_is_global(URI) :- uri_components(URI, Components), uri_data(scheme, Components, Scheme), nonvar(Scheme), atom_length(Scheme, Len), Len > 1.
uri_normalized(URI, Base, NormalizedGlobalURI) :- uri_resolve(URI, Base, GlobalURI), uri_normalized(GlobalURI, NormalizedGlobalURI).
uri_normalized(URI, Base, NormalizedGlobalIRI) :- uri_resolve(URI, Base, GlobalURI), uri_normalized_iri(GlobalURI, NormalizedGlobalIRI).
?- uri_query_components(QS, [a=b, c('d+w'), n-'VU Amsterdam']). QS = 'a=b&c=d%2Bw&n=VU%20Amsterdam'. ?- uri_query_components('a=b&c=d%2Bw&n=VU%20Amsterdam', Q). Q = [a=b, c='d+w', n='VU Amsterdam'].
[ip], returning the ip as
host, without the enclosing
. When constructing an authority string and the host contains
:, the host is embraced in
is not used correctly, the behavior should be considered poorly defined. If there is no balancing‘]` or the host part does not end with‘]`, these characters are considered normal characters and part of the (invalid) host name.
->Encoded), Component specifies the URI component where the value is used. It is one of
segment. Besides alphanumerical characters, the following characters are passed verbatim (the set is split in logical groups according to RFC3986).
syntax_error(Culprit)in mode (+,-) if URI is not a legally percent-encoded UTF-8 string.
pathcomponent. If Path is not absolute it is taken relative to the path of URI0.
Key=Valuepairs of the current search (query) component. New values replace existing values. If KeyValues is written as =(KeyValues) the current search component is ignored. KeyValues is a list, whose elements are one of
Components can be removed by using a variable as value, except
path which can be reset using
query which can be dropped using
|URI0||is either a valid uri or a variable to start fresh.|
This is currently a very simple library, providing support for obtaining the form-data for a CGI script:
existence_errorexception is raised.
Below is a very simple CGI script that prints the passed parameters.
To test it, compile this program using the command below, copy it to
your cgi-bin directory (or make it otherwise known as a CGI-script) and
make the query
% pl -o cgidemo --goal=main --toplevel=halt -c cgidemo.pl
:- use_module(library(cgi)). main :- set_stream(current_output, encoding(utf8)), cgi_get_form(Arguments), format('Content-type: text/html; charset=UTF-8~n~n', ), format('<html>~n', ), format('<head>~n', ), format('<title>Simple SWI-Prolog CGI script</title>~n', ), format('</head>~n~n', ), format('<body>~n', ), format('<p>', ), print_args(Arguments), format('</body>~n</html>~n', ). print_args(). print_args([A0|T]) :- A0 =.. [Name, Value], format('<b>~w</b>=<em>~w</em><br>~n', [Name, Value]), print_args(T).
Printing an HTML document using format/2
is not a neat way of producing HTML because it is vulnerable to required
escape sequences. A high-level alternative is provided by
from the HTTP library.
The startup-time of Prolog is relatively long, in particular if the program is large. In many cases it is much better to use the SWI-Prolog HTTP server library and make the main web-server relay requests to the SWI-Prolog webserver. See the SWI-Prolog HTTP package for details.
The CGI standard is unclear about handling Unicode data. The above two declarations ensure the CGI script will send all data in UTF-8 and thus provide full support of Unicode. It is assumed that browsers generally send form-data using the same encoding as the page in which the form appears, UTF-8 or ISO Latin-1. The current version of cgi_get_form/1 assumes the CGI data is in UTF-8.
library(crypt) library defines crypt/2
for encrypting and testing passwords. The clib package also provides
crytographic hashes as described in section
The library supports two encryption formats: traditional Unix
DES-hashes2On non-Unix systems,
crypt() is provided by the NetBSD library. The license header is added
at the end of this document. and FreeBSD compatible MD5
hashes (all platforms). MD5 hashes start with the magic sequence
followed by an up to 8 character salt. DES hashes start with a
salt. Note that a DES hash considers only the first 8
characters. The MD5 considers the whole string.
Salt and algorithm can be forced by instantiating the start of Encrypted with it. This is typically used to force MD5 hashes:
?- phrase("$1$", E, _), crypt("My password", E), format('~s~n', [E]). $1$qdaDeDZn$ZUxSQEESEHIDCHPNc3fxZ1
Encrypted is always a list of ASCII character codes. Plain only supports ISO-Latin-1 passwords in the current implementation.
Plain is either an atom, SWI-Prolog string, list of characters or list of character-codes. It is not advised to use atoms, as this implies the password will be available from the Prolog heap as a defined atom.
provides an interface to the Unix password hashing API. Above we already
introduced support for classical DES and MD5 hashes, both hashes that
are considered insecure by today's standards.3Insecure
means that the password can realistically be derived from the password
hash using a brute-force attack. This implies that leaking the password
database is an immediate security risk. The crypt() API of
modern Unix systems typically support more secure hashes. Using crypt/2
is suitable if compatibility with OS passwords is required. If strong
hashes and platform independence are important to you, use crypto_password_hash/2
provided by library
library(crypto) from the
The library provides operations on UUIDs. Please consult other sources for understanding UUIDs and the implications of the different UUID versions. Some typical calls are given below:
?- uuid(X). X = 'ea6589fa-19dd-11e2-8a49-001d92e1879d'. ?- uuid(X, [url('http://www.swi-prolog.org')]). X = '73a07870-6a90-3f2e-ae2b-ffa538dc7c2c'.
uuid(UUID, ). See uuid/2 for options.
atom, yielding atoms such as
8304efdd-bd6e-5b7c-a27f-83f3f05c64e0. The alternative is
integer, returning a large integer that represents the 128 bits of the UUID.
If SWI-Prolog was not built with the OSSP UUID dependency
library a simple Prolog alternative that only implements version 4
random UUIDs is provided. In this case the default version is 4 and the
only admissible options are
library(sha) provides Secure Hash
Algorihms approved by FIPS (Federal Information Processing
SHA (Secure Hash Algorithm) hash functions refer to five FIPS-approved
algorithms for computing a condensed digital representation (known as a
message digest) that is, to a high degree of probability, unique for a
given input data sequence (the message). These algorithms are called‘secure'
because (in the words of the standard), “for a given algorithm, it
is computationally infeasible 1) to find a message that corresponds to a
given message digest, or 2) to find two different messages that produce
the same message digest. Any change to a message will, with a very high
probability, result in a different message digest.''
The current library supports all 5 approved algorithms, both computing the hash-key from data and the hash Message Authentication Code (HMAC).
A general secure hash interface is provided by
part of the ssl package.
Input is text, represented as an atom, packed string object or code-list. Note that these functions operate on byte-sequences and therefore are not meaningful on Unicode text. The result is returned as a list of byte-values. This is the most general format that is comfortable supported by standard Prolog and can easily be transformed in other formats. Commonly used text formats are ASCII created by encoding each byte as two hexadecimal digits and ASCII created using base64 encoding. Representation as a large integer can be desirable for computational processing.
utf8, which implies that Unicode text is encoded as UTF-8 bytes. This option can deal with any atom. The alternative is
octet, which implies that the text is considered as a sequence of bytes. This is suitable for e.g., atoms that represent binary data. An error is raised if the text contains code-points outside the range 0..255.
Key and Data are either an atom, packed string
or list of character codes. HMAC is unified with a list of
integers representing the authentication code. Options is the
same as for
but currently only
?- sha_hash('SWI-Prolog', Hash, ), hash_atom(Hash, Hex). Hash = [61, 128, 252, 38, 121, 69, 229, 85, 199|...], Hex = '3d80fc267945e555c730403bd0ab0716e2a68c68'.
The underlying SHA-2 library is an unmodified copy created by Dr Brian Gladman, Worcester, UK. It is distributed under the license conditions below.
The free distribution and use of this software in both source and binary form is allowed (with or without changes) provided that:
ALTERNATIVELY, provided that this notice is retained in full, this product may be distributed under the terms of the GNU General Public License (GPL), in which case the provisions of the GPL apply INSTEAD OF those given above.
Compute MD5 hashes from a Prolog string. This library provides a
lightweight alternative to the general secure hash interface provided by
library(crypto) from the
utf8. The other meaningful value is
octet, claiming that Data contains raw bytes.
|Data||is either an atom, string, code-list or char-list.|
|Hash||is an atom holding 32 characters, representing the hash in hexadecimal notation|
library(sha)and hash functions through
library(crypto), part of the
This library defines a filter stream that maintains a hash of the data that passes through the stream. It can be used to compute the hash of input data while it is being processed. This is notably interesting if data is processed from a socket as it avoids the need for collecting the data first in a temporary file.
A typical processing sequence is illustrated below, where process/2 somehow processed the data and save_result/3 records the result as obtained from URL with content digest SHA256 its Result.
..., http_open(URL, In0, ), open_hash_stream(In0, In, [algorithm(sha256)]), process(In, Result), stream_hash(In, SHA256), close(In), save_result(URL, SHA256, Result)
This library can also be used to compute the hash for the content of a file. The advantage is that this code doesn't rely on external tools. It is considerably faster for short files, but considerably slower on large files because Prolog I/O is based on character streams rather than blocks.
file_hash(Algorithm, File, Hash) :- setup_call_cleanup( open(File, read, In0, [type(binary)]), setup_call_cleanup( open_hash_stream(In0, In, [ algorithm(Algorithm), close_parent(false) ]), ( setup_call_cleanup( open_null_stream(Null), copy_stream_data(In, Null), close(Null)), stream_hash(In, Hash) ), close(In)), close(In0)).
sha512. Default is
true(default), closing the filter stream also closes the original (parent) stream.
library(memfile) provides an alternative to
temporary files, intended for temporary buffering of data. Memory files
in general are faster than temporary files and do not suffer from
security risks or naming conflicts associated with temporary-file
There is no limit to the number of memory streams, nor the size of them. However, a single memory file cannot have multiple streams at the same time, i.e., a memory file cannot be opened multiple times, not even for reading. Memory files are thread-safe and subject to (atom) garbage collection.
These predicates are first of all intended for building higher-level primitives such as open_codes_stream/3. See also format/3, atom_to_term/3, term_to_atom/2, term_string/2, etc.
insert. The resulting Stream must be closed using close/1. When opened for
insert, the current location is initialized at the start of the data and can be modified using seek/2 or set_stream_position/2. In
updatemode, existing content is replaced, while the size is enlarged after hitting the end of the data. In
insertmode, the new data is inserted at the current point.
octet, turning the memoryfile into binary mode. Please study SWI-Prolog Unicode and encoding issues before using this option.
falseand the memory file is opened for reading, discard the file (see free_memory_file/1) if the input is closed. This is used to realise open_chars_stream/2 in library(charsio).
writeyields a permission error.
utf8. Currently only supported if Encoding is one of
octed(the same as
utf8. Use with another encoding raises a domain error.
library(time) provides timing and alarm functions.
Alarms are thread-specific, i.e., creating an alarm causes the alarm
goal to be called in the thread that created it. The predicate current_alarm/4
only reports alarms that are related to the calling thread. If a thread
terminates, all remaining alarms are silently removed. Most applications
Options is a list of Name(Value) options. Currently defined options are:
false), remove the alarm-event (as remove_alarm/1) after it has been fired.
true) do not install the alarm. It must be installed separately using install_alarm/1.
install(false)option or de-activated using uninstall_alarm/1. With a given RelTime, the alarm is scheduled at the RelTime from now. Otherwise it is scheduled on the same (absolute) time on which is was created.
doneif the alarm has been fired,
nextif the event is the next to be executed and
time_limit_exceededis raised. call_with_time_limit/3 throws
time_limit_exceeded(Context). Goal is called as in once/1.
library(process)provides a portable high level interface to create and manage processes.
library(unix) library provides the commonly used
Unix primitives to deal with process management. These primitives are
useful for many tasks, including server management, parallel
computation, exploiting and controlling other processes, etc.
The predicates in this library are modelled closely after their native Unix counterparts.
fork() is the only way to create new processes and fork/1
is a simple direct interface to it.
permission_error(fork, process, main)is raised if the calling thread is not the only thread in the process. Forking a Prolog process with threads will typically deadlock because only the calling thread is cloned in the fork, while all thread synchronization are cloned.
fork_exec(Command) :- ( fork(child) -> exec(Command) ; true ).
execvp(). Here are some examples:
exec() is the only way to start an executable file
executing. It is commonly used together with fork/1.
For example to start netscape on an URL in the background, do:
run_netscape(URL) :- ( fork(child), exec(netscape(URL)) ; true ).
Using this code, netscape remains part of the process-group of the invoking Prolog process and Prolog does not wait for netscape to terminate. The predicate wait/2 allows waiting for a child, while detach_IO/0 disconnects the child as a deamon process.
exited(ExitCode)if the child with pid Pid was terminated by calling
exit()(Prolog halt/1). ExitCode is the return status. Status is unified with
signaled(Signal)if the child died due to a software interrupt (see kill/2). Signal contains the signal number. Finally, if the process suspended execution due to a signal, Status is unified with
SIGprefix and mapping to lowercase. E.g.
intis the same as
SIGINTin C. The meaning of the signal numbers can be found in the Unix manual.
:- use_module(library(unix)). fork_demo(Result) :- pipe(Read, Write), fork(Pid), ( Pid == child -> close(Read), format(Write, '~q.~n', [hello(world)]), flush_output(Write), halt ; close(Write), read(Read, Result), close(Read) ).
dup2(), copying the underlying filedescriptor and thus making both streams point to the same underlying object. This is normally used together with fork/1 and pipe/2 to talk to an external program that is designed to communicate using standard I/O.
Both FromStream and ToStream either refer to a
Prolog stream or an integer descriptor number to refer directly to OS
descriptors. See also
demo/pipe.pl in the
source-distribution of this package.
user_errorare closed if they are connected to a terminal (see
ttyproperty in stream_property/2). Input streams are rebound to a dummy stream that returns EOF. Output streams are reboud to forward their output to Stream.
setsid()if provided or using
To ignore all output, it may be rebound to a null stream. For example:
..., open_null_stream(Out), detach_IO(Out).
The detach_IO/1 should be called only once per process. Subsequent calls silently succeed without any side effects.
/tmp/pl-out.<pid>. Output is line buffered (see set_stream/2).
library(syslog)allows for sending output to the Unix logging service.
sysconf(1)for details. Conf is a term Config(Value), where Value is always an integer. Config is the
sysconf()name after removing =_SC_= and conversion to lowercase. Currently support the following configuration info:
nprocessors_onln. Note that not all values may be supported on all operating systems.
library(rlimit) library provides an interface to the
POSIX getrlimit()/setrlimit() API that control the maximum
resource-usage of a process or group of processes. This call is
especially useful for servers such as CGI scripts and inetd-controlled
servers to avoid an uncontrolled script claiming too much resources.
Max address space
CPU time in seconds
max data size
max stack size
max core file size
max resident set size
max number of processes
max number of open files
max locked-in-memory address
When the process hits a limit POSIX systems normally send the process a signal that terminates it. These signals may be caught using SWI-Prolog's on_signal/3 primitive. The code below illustrates this behaviour. Please note that asynchronous signal handling is dangerous, especially when using threads. 100% fail-safe operation cannot be guaranteed, but this procedure will inform the user properly‘most of the time'.
rlimit_demo :- rlimit(cpu, _, 2), on_signal(xcpu, _, cpu_exceeded), ( repeat, fail ). cpu_exceeded(_Sig) :- format(user_error, 'CPU time exceeded~n', ), halt(1).
SWI-Prolog's broadcast library provides a means that may be used to facilitate publish and subscribe communication regimes between anonymous members of a community of interest. The members of the community are however, necessarily limited to a single instance of Prolog. The UDP broadcast library removes that restriction. With this library loaded, any member on your local IP subnetwork that also has this library loaded may hear and respond to your broadcasts.
This library support three styles of networking as described below. Each of these networks have their own advantages and disadvantages. Please study the literature to understand the consequences.
After initialization and, in the case of a unicast network managing the set of peers, communication happens through broadcast/1, broadcast_request/1 and listen/1,2,3.
A broadcast/1 or broadcast_request/1
of the shape
udp(Scope, Term) or
udp(Scope, Term, TimeOut) is forwarded over the UDP network
to all peers that joined the same Scope. To prevent the
potential for feedback loops, only the plain Term is
broadcasted locally. The timeout is optional. It specifies the amount to
time to wait for replies to arrive in response to a broadcast_request/1.
The default period is 0.250 seconds. The timeout is ignored for
An example of three separate processes cooperating in the same scope
Process A: ?- listen(number(X), between(1, 5, X)). true. ?- Process B: ?- listen(number(X), between(7, 9, X)). true. ?- Process C: ?- findall(X, broadcast_request(udp(peers, number(X))), Xs). Xs = [1, 2, 3, 4, 5, 7, 8, 9]. ?-
It is also possible to carry on a private dialog with a single responder. To do this, you supply a compound of the form, Term:PortId, to a UDP scoped broadcast/1 or broadcast_request/1, where PortId is the ip-address and port-id of the intended listener. If you supply an unbound variable, PortId, to broadcast_request, it will be unified with the address of the listener that responds to Term. You may send a directed broadcast to a specific member by simply providing this address in a similarly structured compound to a UDP scoped broadcast/1. The message is sent via unicast to that member only by way of the member's broadcast listener. It is received by the listener just as any other broadcast would be. The listener does not know the difference.
For example, in order to discover who responded with a particular value:
Host B Process 1: ?- listen(number(X), between(1, 5, X)). true. ?- Host A Process 1: ?- listen(number(X), between(7, 9, X)). true. ?- Host A Process 2: ?- listen(number(X), between(1, 5, X)). true. ?- bagof(X, broadcast_request(udp(peers,number(X):From,1)), Xs). From = ip(192, 168, 1, 103):34855, Xs = [7, 8, 9] ; From = ip(192, 168, 1, 103):56331, Xs = [1, 2, 3, 4, 5] ; From = ip(192, 168, 1, 104):3217, Xs = [1, 2, 3, 4, 5].
All incomming trafic is handled by a single thread with the alias
udp_inbound_proxy. This thread also performs the internal
dispatching using broadcast/1 and broadcast_request/1.
Future versions may provide for handling these requests in separate
While the implementation is mostly transparent, there are some important and subtle differences that must be taken into consideration:
udp_subnetscope is not reentrant. If a listener performs a broadcast_request/1 with UDP scope recursively, then disaster looms certain. This caveat does not apply to a UDP scoped broadcast/1, which can safely be performed from a listener context.
ip(A,B,C,D)or an atom or string of the format
A.B.C.D. Options processed:
For compatibility reasons Options may be the subnet mask.
|Address||has canonical form |
%prolog\n, followed by the Prolog term in quoted notation while ignoring operators. This hook may use alternative serialization such as fast_term_serialized/2, use
library(ssl)to realise encrypted messages, etc.
|Scope||is the scope for which the message is broadcasted. This can be used to use different serialization for different scopes.|
|Term||encapsulates the term broadcasted by
the application as follows:
udp(invalid_message)to stop processing the message.
This hook is intended to initiate a new node joining the network of
peers. We could in theory also omit the in-scope test and use a normal
broadcast to join. Using a different channal however provides a basic
level of security. A possibe implementation is below. The first fragment
is a hook added to the server, the second is a predicate added to a
client and the last initiates the request in the client. The excanged
join(X)) can be used to exchange a welcome handshake.
:- multifile udp_broadcast:udp_unicast_join_hook/3. udp_broadcast:udp_unicast_join_hook(Scope, From, join(welcome)) :- udp_peer_add(Scope, From),
join_request(Scope, Address, Reply) :- udp_peer_add(Scope, Address), broadcast_request(udp(Scope, join(X))).
?- join_request(myscope, "220.127.116.11":10001, Reply). Reply = welcome.
This library defines a Prolog stream that realises its low-level I/O with callbacks to Prolog. The library was developed to bind normal Prolog I/O to Pengines I/O. This type of I/O redirection is probably the primary use case.
Mode = writestream if data is available. String contains the (textual) data that is written to Stream. The callback is called if the buffer of Stream overflows, the user calls
flush_output(Stream)or Stream is closed and there is buffered data.
Mode == readstream to get new data. On success the stream extracts text from the provided Term. Term is typically a string, atom, code or character list. If term is not one of the above, it is handed to writeq/1. To signal end-of-file, unify stream with an empty text, e.g.,
The current implementation only deals with text streams. The stream
wchar_t encoding. The buffer size must be a
wchar_t, i.e., a multiple of four for
portability. The newline mode of the stream is
on all platforms, disabling the translation
"\n" --> "\r\n".
|Options||is currently ignored.|
* Copyright (c) 1989, 1993 * The Regents of the University of California. All rights reserved. * * This code is derived from software contributed to Berkeley by * Tom Truscott. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE.