On Windows systems, the library(unix) library can only 
be used if the whole SWI-Prolog suite is compiled using
Cywin. The library(crypt) 
library does not support DES encryption. The other libraries have been 
ported to native Windows.
Many useful facilities offered by one or more of the operating systems supported by SWI-Prolog are not supported by the SWI-Prolog kernel distribution. Including these would enlarge the footprint and complicate portability matters while supporting only a limited part of the user-community.
This document describes library(unix) to deal with the 
Unix process API,
library(socket) to deal with inet-domain TCP and UDP 
sockets, library(cgi) to deal with getting CGI form-data if 
SWI-Prolog is used as a CGI scripting language, library(crypt) 
to provide password encryption and verification, library(sha) 
providing cryptographic hash functions and
library(memfile) providing in-memorty pseudo files.
The library(unix) library provides the commonly used 
Unix primitives to deal with process management. These primitives are 
useful for many tasks, including server management, parallel 
computation, exploiting and controlling other processes, etc.
The predicates are modelled closely after their native Unix counterparts. Higher-level primitives, especially to make this library portable to non-Unix systems are desirable. Using these primitives and considering that process manipulation is not a very time-critical operation we anticipate these libraries to be developed in Prolog.
child. In the original process, Pid 
is unified to the process identifier of the created child. Both parent 
and child are fully functional Prolog processes running the same 
program. The processes share open I/O streams that refer to Unix native 
streams, such as files, sockets and pipes. Data is not shared, though on 
most Unix systems data is initially shared and duplicated only if one of 
the programs attempts to modify the data.
Unix fork() is the only way to create new processes and fork/2 is a simple direct interface to it.
Unix exec() is the only way to start an executable file executing. It is commonly used together with fork/1. For example to start netscape on an URL in the background, do:
run_netscape(URL) :-
        (    fork(child),
             exec(netscape(URL))
        ;    true
        ).
Using this code, netscape remains part of the process-group of the invoking Prolog process and Prolog does not wait for netscape to terminate. The predicate wait/2 allows waiting for a child, while detach_IO/0 disconnects the child as a deamon process.
exited(ExitCode) if the child with pid Pid was 
terminated by calling exit() (Prolog halt/[0,1]). ExitCode 
is the return=status. Status is unified with signaled(Signal) 
if the child died due to a software interrupt (see kill/2). Signal 
contains the signal number. Finally, if the process suspended execution 
due to a signal, Status is unified with stopped(Signal).
:- use_module(library(unix)).
fork_demo(Result) :-
        pipe(Read, Write),
        fork(Pid),
        (   Pid == child
        ->  close(Read),
            format(Write, '~q.~n',
                   [hello(world)]),
            flush_output(Write),
            halt
        ;   close(Write),
            read(Read, Result),
            close(Read)
        ).
Both FromStream and ToStream either refer to a 
Prolog stream or an integer descriptor number to refer directly to OS 
descriptors. See also demo/pipe.pl in the 
source-distribution of this package.
user_input,
user_output and user_error are closed and 
rebound to a Prolog stream that returns end-of-file on any attempt to 
read and starts writing to a file named /tmp/pl-out.pid 
(where <pid> is the process-id of the calling Prolog) 
on any attempt to write. This file is opened only if there is data 
available. This is intended for debugging purposes.2More 
subtle handling of I/O, especially for debugging is required: 
communicate with the syslog deamon and optionally start a debugging 
dialog on a newly created (X-)terminal should be considered. 
Finally, the process is detached from the current process-group and its 
controlling terminal.
The module library(process) implements interaction with child processes and unifies older interfaces such as shell/[1,2], open(pipe(command), ...) etc. This library is modelled after SICStus 4.
The main interface is formed by process_create/3. If the process id is requested the process must be waited for using process_wait/2. Otherwise the process resources are reclaimed automatically.
In addition to the predicates, this module defines a file search path 
(see user:file_search_path/2 and absolute_file_name/3) 
named path that locates files on the system's search path 
for executables. E.g. the following finds the executable for ls:
?- absolute_file_name(path(ls), Path, [access(execute)]).
Incompatibilities and current limitations
path file alias to specify an executable file on the 
current PATH. Args is a list of arguments that are handed to 
the new process. On Unix systems, each element in the list becomes a 
seperate argument in the new process. In Windows, the arguments are 
simply concatenated to form the commandline. Each argument itself is 
either a primitive or a list of primitives. A primitive is either atomic 
or a term file(Spec). Using file(Spec), the system inserts a filename 
using the OS filename conventions which is properly quoted if needed.
Options:
true, detach the process from the 
terminal (Unix only)
true, create a window for the process 
(Windows only)
If the user specifies the process(-PID) option, he must call process_wait/2 to reclaim the process. Without this option, the system will wait for completion of the process after the last pipe stream is closed.
If the process is not waited for, it must succeed with status 0. If not, an process_error is raised.
Windows notes
On Windows this call is an interface to the CreateProcess() API. The commandline consists of the basename of Exe and the arguments formed from Args. Arguments are separated by a single space. If all characters satisfy iswalnum() it is unquoted. If the argument contains a double-quote it is quoted using single quotes. If both single and double quotes appear a domain_error is raised, otherwise double-quote are used.
The CreateProcess() API has many options. Currently only the
CREATE_NO_WINDOW options is supported through the 
window(+Bool) option. If omitted, the default is to use this option if 
the application has no console. Future versions are likely to support 
more window specific options and replace
win_exec/2.
Examples
First, a very simple example that behaves the same as
shell('ls -l'), except for error handling:
?- process_create(path(ls), ['-l'], []).
infinite. If this option is a number, the waits 
for a maximum of Timeout seconds and unifies Status with timeout 
if the process does not terminate within Timeout. In this case PID 
is not invalidated. On Unix systems only timeout 0 and infinite 
are supported. A 0-value can be used to poll the status of the process.
term. Signal 
is an integer, Unix signal name (e.g. SIGSTOP) or the more 
Prolog friendly variation one gets after removing SIG and 
downcase the result: stop. On Windows systems, Signal 
is ignored and the process is terminated using the TerminateProcess() 
API. On Windows systems PID must be obtained from process_create/3, 
while any PID is allowed on Unix systems.
The library(files) library provides additional 
operations on files from SWI-Prolog. It is currently very incomplete.
now to indicate the current time. Defined 
options are:
Here are some example queries. The first retrieves the access-time, while the second sets the last-modified time to the current time.
?- set_time_file(foo, [acess(Access)], []). ?- set_time_file(foo, [], [modified(now)]).
The library(socket) library provides TCP and UDP 
inet-domain sockets from SWI-Prolog, both client and server-side 
communication. The interface of this library is very close to the Unix 
socket interface, also supported by the MS-Windows winsock API. 
SWI-Prolog applications that wish to communicate with multiple sources 
have three options:
INET-domain stream-socket and unifies an 
identifier to it with SocketId. On MS-Windows, if the socket 
library is not yet initialised, this will also initialise the library.
        tcp_socket(Socket),
        tcp_connect(Socket, 'www.swi-prolog.org':http),
true. Only very specific 
situations require setting this to false.
        ...
        tcp_fcntl(Stream, setfl. nonblock),
        ...
As of SWI-Prolog 3.2.4, handling of non-blocking stream is supported. 
An attempt to read from a non-blocking stream returns -1 (or
end_of_file for read/1), 
but at_end_of_stream/1 
fails. On actual end-of-input, at_end_of_stream/1 
succeeds.
ip(Byte1, Byte2, Byte3, Byte4). 
Otherwise, if Address is bound to a ip/4 term, it is resolved 
by gethostbyaddr() and the canonical hostname is unified with HostName.h_name) of the structure 
returned by the latter function.
The typical sequence for generating a server application is defined below:
create_server(Port) :-
        tcp_socket(Socket),
        tcp_bind(Socket, Port),
        tcp_listen(Socket, 5),
        tcp_open_socket(Socket, AcceptFd, _),
        <dispatch>
There are various options for <dispatch>. One is to keep track of active clients and server-sockets using wait_for_input/3. If input arrives at a server socket, use tcp_accept/3 and add the new connection to the active clients. Otherwise deal with the input from the client. Another is to use (Unix) fork/1 to deal with the client in a separate process.
Using fork/1, <dispatch> may be implemented as:
dispatch(AcceptFd) :-
        tcp_accept(AcceptFd, Socket, _Peer),
        fork(Pid)
        (   Pid == child
        ->  tcp_open_socket(Socket, In, Out),
            handle_service(In, Out),
            close(In),
            close(Out),
            halt
        ;   tcp_close_socket(Socket)
        ),
        dispatch(AcceptFd).
The skeleton for client-communication is given below.
create_client(Host, Port) :-
        tcp_socket(Socket),
        tcp_connect(Socket, Host:Port),
        tcp_open_socket(Socket, ReadFd, WriteFd),
        <handle I/O using the two streams>
        close(ReadFd),
        close(WriteFd).
To deal with timeouts and multiple connections, wait_for_input/3 and/or non-blocking streams (see tcp_fcntl/3) can be used.
The library(streampool) library dispatches input from 
multiple streams based on wait_for_input/3. 
It is part of the clib package as it is used most of the time together 
with the library(socket) library. On non-Unix systems it 
often can only be used with socket streams.
With SWI-Prolog 5.1.x, multi-threading often provides a good 
alternative to using this library. In this schema one thread watches the 
listening socket waiting for connections and either creates a thread per 
connection or processes the accepted connections with a pool of
worker threads. The library library(http/thread_httpd) 
provides an example realising a mult-threaded HTTP server.
If Goal is called, there is some input on the associated stream. Goal must be careful not to block as this will block the entire pool.3This is hard to achieve at the moment as none of the Prolog read-commands provide for a timeout.
Below is a very simple example that reads the first line of input and echos it back.
:- use_module(library(streampool)).
server(Port) :-
        tcp_socket(Socket),
        tcp_bind(Socket, Port),
        tcp_listen(Socket, 5),
        tcp_open_socket(Socket, In, _Out),
        add_stream_to_pool(In, accept(Socket)),
        stream_pool_main_loop.
accept(Socket) :-
        tcp_accept(Socket, Slave, Peer),
        tcp_open_socket(Slave, In, Out),
        add_stream_to_pool(In, client(In, Out, Peer)).
client(In, Out, _Peer) :-
        read_line_to_codes(In, Command),
        close(In),
        format(Out, 'Please to meet you: ~s~n', [Command]),
        close(Out),
        delete_stream_from_pool(In).
The current library provides limited support for UDP packets. The UDP protocol is a connection-less and unreliable datagram based protocol. That means that messages sent may or may not arrive at the client side and may arrive in a different order as they are sent. UDP messages are often used for streaming media or for service discovery using the broadcasting mechanism.
SOCK_DGRAM protocol, ready 
for UDP connections.atom, codes or string (default).
The typical sequence to receive UDP data is:
receive(Port) :-
        udp_socket(S),
        tcp_bind(S, Port),
        repeat,
            udp_receive(Socket, Data, From, [as(atom)]),
            format('Got ~q from ~q~n', [Data, From]),
            fail.
A simple example to send UDP data is:
send(Host, Port, Message) :-
        udp_socket(S),
        udp_send(S, Message, Host:Port, []),
        tcp_close_socket(S).
A broadcast is achieved by using tcp_setopt(Socket, broadcast) 
prior to sending the datagram and using the local network broadcast 
address as a ip/4 
term.
The normal mechanism to discover a service on the local network is for the client to send a broadcast message to an agreed port. The server receives this message and replies to the client with a message indicating further details to establish the communication.
This is currently a very simple library, providing support for obtaining the form-data for a CGI script:
existence_error exception is raised.
Below is a very simple CGI script that prints the passed parameters. 
To test it, compile this program using the command below, copy it to 
your cgi-bin directory (or make it otherwise known as a CGI-script) and 
make the query http://myhost.mydomain/cgi-bin/cgidemo?hello=world
% pl -o cgidemo --goal=main --toplevel=halt -c cgidemo.pl
:- use_module(library(cgi)).
main :-
        set_stream(current_output, encoding(utf8)),
        cgi_get_form(Arguments),
        format('Content-type: text/html; charset=UTF-8~n~n', []),
        format('<HTML>~n', []),
        format('<HEAD>~n', []),
        format('<TITLE>Simple SWI-Prolog CGI script</TITLE>~n', []),
        format('</HEAD>~n~n', []),
        format('<BODY>~n', []),
        format('<P>', []),
        print_args(Arguments),
        format('</BODY>~n</HTML>~n', []).
print_args([]).
print_args([A0|T]) :-
        A0 =.. [Name, Value],
        format('<B>~w</B>=<EM>~w</EM><BR>~n', [Name, Value]),
        print_args(T).
Printing an HTML document using format/2 
is not really a neat way of producing HTML. A high-level alternative is 
provided by
library(http/html_write) from the HTTP library.
The CGI standard is very unclear about handling Unicode data. The above two declarations ensure the CGI script will send all data in UTF-8 and thus provide full support of Unicode. It is assumed that browsers generally send form-data using the same encoding as the page in which the form appears, UTF-8 or ISO Latin-1. The current version of cgi_get_form/2 assumes the CGI data is in UTF-8.
MIME (Multipurpose Internet Mail Extensions) is a format for 
serializing multiple typed data objects. It was designed for E-mail, but 
it is also used for other applications such packaging multiple values 
using the HTTP POST request on web-servers. Double Precision, Inc. has 
produced the C-libraries rfc822 (mail) and rfc2045 (MIME) for decoding 
and manipulating MIME messages. The library(mime) library 
is a Prolog wrapper around the rfc2045 library for decoding MIME 
messages.
The general name `mime' is used for this library as it is anticipated to add MIME-creation functionality to this library.
Currently the mime library defines one predicate:
Parsed is a tree structure of mime(Attributes, Data, 
PartList) terms. Currently either Data is the empty 
atom or PartList is an empty list.4It 
is unclear to me whether a MIME note can contain a mixture of content 
and parts, but I believe the answer is `no'.
Data is an atom holding the message data. The library 
automatically decodes base64 and quoted-printable 
messages. See also the transfer_encoding attribute below.
PartList is a list of mime/3 terms. Attributes is a list holding a subset of the following arguments. For details please consult the RFC2045 document.
The library(crypt) library defines crypt/2 
for encrypting and testing passwords. The clib package also provides 
crytographic hashes as described in section 
9
The library supports two encryption formats: traditional Unix DES 
hashes (Unix only) and FreeBSD compatible MD5 hashes (all platforms). 
MD5 hashes start with the magic sequence $1$, followed by 
an up to 8 character salt. DES hashes start with a 2 character
salt. Note that a DES hash considers only the first 8 
characters. The MD5 considers the whole string.
Salt and algorithm can be forced by instantiating the start of Encrypted with it. This is typically used to force MD5 hashes:
?- append("$1$", _, E),
   crypt("My password", E),
   format('~s~n', [E]).
$1$qdaDeDZn$ZUxSQEESEHIDCHPNc3fxZ1
Encrypted is always an ASCII string. Plain only supports ISO-Latin-1 passwords in the current implementation.
Plain is either an atom, SWI-Prolog string, list of characters or list of character-codes. It is not advised to use atoms, as this implies the password will be available from the Prolog heap as a defined atom.
The library library(sha) provides Secure Hash 
Algorihms approved by FIPS (Federal Information Processing 
Standard). Quoting
Wikipedia: ``The 
SHA (Secure Hash Algorithm) hash functions refer to five FIPS-approved 
algorithms for computing a condensed digital representation (known as a 
message digest) that is, to a high degree of probability, unique for a 
given input data sequence (the message). These algorithms are called   
secure    because (in the words of the standard),   for a given 
algorithm, it is computationally infeasible 1) to find a message that 
corresponds to a given message digest, or 2) to find two different 
messages that produce the same message digest. Any change to a message 
will, with a very high probability, result in a different message 
digest.   ''
The current library supports all 5 approved algorithms, both computing the hash-key from data and the hash Message Authentication Code (HMAC).
Input is text, represented as an atom, packed string object or code-list. Note that these functions operate on byte-sequences and therefore are not meaningful on Unicode text. The result is returned as a list of byte-values. This is the most general format that is comfortable supported by standard Prolog and can easily be transformed in other formats. Commonly used text formats are ASCII created by encoding each byte as two hexadecimal digits and ASCII created using base64 encoding. Representation as a large integer can be desirable for computational processing.
sha1 (default), sha224, sha256,
sha384 or sha512
Key and Data are either an atom, packed string 
or list of character codes. HMAC is unified with a list of 
integers representing the authentication code. Options is the 
same as for
sha_hash/3, 
but currently only sha1 and sha256 are 
supported.
The underlying SHA-2 library is an unmodified copy created by Dr Brian Gladman, Worcester, UK. It is distributed under the license conditions below.
The free distribution and use of this software in both source and binary form is allowed (with or without changes) provided that:
ALTERNATIVELY, provided that this notice is retained in full, this product may be distributed under the terms of the GNU General Public License (GPL), in which case the provisions of the GPL apply INSTEAD OF those given above.
The library(memfile) provides an alternative to 
temporary files, intended for temporary buffering of data. Memory files 
in general are faster than temporary files and do not suffer from 
security riscs or naming conflicts associated with temporary-file 
management. They do assume proper memory management by the hosting OS 
and cannot be used to pass data to external processes using a file-name.
There is no limit to the number of memory streams, nor the size of them. However, memory-streams cannot have multiple streams at the same time (i.e. cannot be opened for reading and writing at the same time).
These predicates are first of all intended for building higher-level primitives. See also sformat/3, atom_to_term/3, term_to_atom/2 and the XPCE primitive pce_open/3.
read 
or write. The resulting Stream must be closed 
using close/1.octet, 
turning the memoryfile into binary mode. Please study SWI-Prolog Unicode 
and encoding issues before using this option.
write 
yields a permission error.utf8.The library(time) provides timing and alarm functions.
The resolution of the alarm depends on the underlying implementation. 
On Unix systems it is based on setitimer(), on Windows on timeSetEvent() 
using a resolution specified at 50 milliseconds.bugThe 
maximum time for timeSetEvent() used by the Windows application is 1000 
seconds. Calling with a higher time value raises a resource_error 
exception. Long-running foreign predicates that do not call 
PL_handle_signals() may further delay the alarm.
Options is a list of Name(Value) 
terms. Defined options are:
true (default false), the timer is removed 
automatically after fireing. Otherwise it must be destroyed explicitly 
using remove_alarm/1.
false (default true), the timer is 
allocated but not scheduled for execution. It must be started later 
using install_alarm/1.
alarm(Time, Callable, Id,[]).install(false). This is intended to reclaim alarms reliably 
using call_cleanup/2. 
See the implementation of call_with_time_limit/2.done if the alarm has been called, next if it 
is the next to be fired and scheduled otherwise.time_limit_exceeded. See catch/3.
Please note that this predicate uses alarm/4 and therefore is not capable to break out of long running goals such as sleep/1, blocking I/O or other long-running (foreign) predicates. Blocking I/O can be handled using the timeout option of read_term/3.
The library(rlimit) library provides an interface to the 
POSIX getrlimit()/setrlimit() API that control the maximum 
resource-usage of a process or group of processes. This call is 
especially useful for server such as CGI scripts and inetd-controlled 
servers to avoid an uncontrolled script claiming too much resources.
cpuCPU time in seconds fsizeMaximum filesize datamax data size stackmax stack size coremax core file size rssmax resident set size nprocmax number of processes nofilemax number of open files memlockmax locked-in-memory address 
When the process hits a limit POSIX systems normally send the process a signal that terminates it. These signals may be catched using SWI-Prolog's on_signal/3 primitive. The code below illustrates this behaviour. Please note that asynchronous signal handling is dangerous, especially when using threads. 100% fail-safe operation cannot be guaranteed, but this procedure will inform the user properly `most of the time'.
rlimit_demo :-
        rlimit(cpu, _, 2),
        on_signal(xcpu, _, cpu_exceeded),
        ( repeat, fail ).
cpu_exceeded(_Sig) :-
        format(user_error, 'CPU time exceeded~n', []),
        halt(1).
Installation on Unix system uses the commonly found configure,
make and make install sequence. SWI-Prolog should be 
installed before building this package. If SWI-Prolog is not installed 
as pl, the environment variable PL must be set to 
the name of the SWI-Prolog executable. Installation is now accomplished 
using:
% ./configure % make % make install
This installs the foreign libraries in $PLBASE/lib/$PLARCH 
and the Prolog library files in $PLBASE/library, where
$PLBASE refers to the SWI-Prolog `home-directory'.