For example, to trap an interrupt signal, set up a handler like this:
our $shucks; sub catch_zap { my $signame = shift; $shucks++; die "Somebody sent me a SIG$signame"; } $SIG{INT} = __PACKAGE__ . "::catch_zap"; $SIG{INT} = \&catch_zap; # best strategy
Prior to Perl 5.8.0 it was necessary to do as little as you possibly could in your handler; notice how all we do is set a global variable and then raise an exception. That's because on most systems, libraries are not re-entrant; particularly, memory allocation and I/O routines are not. That meant that doing nearly anything in your handler could in theory trigger a memory fault and subsequent core dump - see ``Deferred Signals (Safe Signals)'' below.
The names of the signals are the ones listed out by "kill -l" on your system, or you can retrieve them using the CPAN module IPC::Signal.
You may also choose to assign the strings "IGNORE" or "DEFAULT" as the handler, in which case Perl will try to discard the signal or do the default thing.
On most Unix platforms, the "CHLD" (sometimes also known as "CLD") signal has special behavior with respect to a value of "IGNORE". Setting $SIG{CHLD} to "IGNORE" on such a platform has the effect of not creating zombie processes when the parent process fails to "wait()" on its child processes (i.e., child processes are automatically reaped). Calling "wait()" with $SIG{CHLD} set to "IGNORE" usually returns "-1" on such platforms.
Some signals can be neither trapped nor ignored, such as the KILL and STOP (but not the TSTP) signals. Note that ignoring signals makes them disappear. If you only want them blocked temporarily without them getting lost you'll have to use the "POSIX" module's sigprocmask.
Sending a signal to a negative process ID means that you send the signal to the entire Unix process group. This code sends a hang-up signal to all processes in the current process group, and also sets $SIG{HUP} to "IGNORE" so it doesn't kill itself:
# block scope for local { local $SIG{HUP} = "IGNORE"; kill HUP => -getpgrp(); # snazzy writing of: kill("HUP", -getpgrp()) }
Another interesting signal to send is signal number zero. This doesn't actually affect a child process, but instead checks whether it's alive or has changed its UIDs.
unless (kill 0 => $kid_pid) { warn "something wicked happened to $kid_pid"; }
Signal number zero may fail because you lack permission to send the signal when directed at a process whose real or saved UID is not identical to the real or effective UID of the sending process, even though the process is alive. You may be able to determine the cause of failure using $! or "%!".
unless (kill(0 => $pid) || $!{EPERM}) { warn "$pid looks dead"; }
You might also want to employ anonymous functions for simple signal handlers:
$SIG{INT} = sub { die "\nOutta here!\n" };
SIGCHLD handlers require some special care. If a second child dies while in the signal handler caused by the first death, we won't get another signal. So must loop here else we will leave the unreaped child as a zombie. And the next time two children die we get another zombie. And so on.
use POSIX ":sys_wait_h"; $SIG{CHLD} = sub { while ((my $child = waitpid(-1, WNOHANG)) > 0) { $Kid_Status{$child} = $?; } }; # do something that forks...
Be careful: qx(), system(), and some modules for calling external commands do a fork(), then wait() for the result. Thus, your signal handler will be called. Because wait() was already called by system() or qx(), the wait() in the signal handler will see no more zombies and will therefore block.
The best way to prevent this issue is to use waitpid(), as in the following example:
use POSIX ":sys_wait_h"; # for nonblocking read my %children; $SIG{CHLD} = sub { # don't change $! and $? outside handler local ($!, $?); while ( (my $pid = waitpid(-1, WNOHANG)) > 0 ) { delete $children{$pid}; cleanup_child($pid, $?); } }; while (1) { my $pid = fork(); die "cannot fork" unless defined $pid; if ($pid == 0) { # ... exit 0; } else { $children{$pid}=1; # ... system($command); # ... } }
Signal handling is also used for timeouts in Unix. While safely protected within an "eval{}" block, you set a signal handler to trap alarm signals and then schedule to have one delivered to you in some number of seconds. Then try your blocking operation, clearing the alarm when it's done but not before you've exited your "eval{}" block. If it goes off, you'll use die() to jump out of the block.
Here's an example:
my $ALARM_EXCEPTION = "alarm clock restart"; eval { local $SIG{ALRM} = sub { die $ALARM_EXCEPTION }; alarm 10; flock($fh, 2) # blocking write lock || die "cannot flock: $!"; alarm 0; }; if ($@ && $@ !~ quotemeta($ALARM_EXCEPTION)) { die }
If the operation being timed out is system() or qx(), this technique is liable to generate zombies. If this matters to you, you'll need to do your own fork() and exec(), and kill the errant child process.
For more complex signal handling, you might see the standard POSIX module. Lamentably, this is almost entirely undocumented, but the ext/POSIX/t/sigaction.t file from the Perl source distribution has some examples in it.
The following example implements a simple daemon, which restarts itself every time the "SIGHUP" signal is received. The actual code is located in the subroutine "code()", which just prints some debugging info to show that it works; it should be replaced with the real code.
#!/usr/bin/perl use strict; use warnings; use POSIX (); use FindBin (); use File::Basename (); use File::Spec::Functions qw(catfile); $| = 1; # make the daemon cross-platform, so exec always calls the script # itself with the right path, no matter how the script was invoked. my $script = File::Basename::basename($0); my $SELF = catfile($FindBin::Bin, $script); # POSIX unmasks the sigprocmask properly $SIG{HUP} = sub { print "got SIGHUP\n"; exec($SELF, @ARGV) || die "$0: couldn't restart: $!"; }; code(); sub code { print "PID: $$\n"; print "ARGV: @ARGV\n"; my $count = 0; while (1) { sleep 2; print ++$count, "\n"; } }
There were two things you could do, knowing this: be paranoid or be pragmatic. The paranoid approach was to do as little as possible in your signal handler. Set an existing integer variable that already has a value, and return. This doesn't help you if you're in a slow system call, which will just restart. That means you have to "die" to longjmp(3) out of the handler. Even this is a little cavalier for the true paranoiac, who avoids "die" in a handler because the system is out to get you. The pragmatic approach was to say ``I know the risks, but prefer the convenience'', and to do anything you wanted in your signal handler, and be prepared to clean up core dumps now and again.
Perl 5.8.0 and later avoid these problems by ``deferring'' signals. That is, when the signal is delivered to the process by the system (to the C code that implements Perl) a flag is set, and the handler returns immediately. Then at strategic ``safe'' points in the Perl interpreter (e.g. when it is about to execute a new opcode) the flags are checked and the Perl level handler from %SIG is executed. The ``deferred'' scheme allows much more flexibility in the coding of signal handlers as we know the Perl interpreter is in a safe state, and that we are not in a system library function when the handler is called. However the implementation does differ from previous Perls in the following ways:
If a signal of any given type fires multiple times during an opcode (such as from a fine-grained timer), the handler for that signal will be called only once, after the opcode completes; all other instances will be discarded. Furthermore, if your system's signal queue gets flooded to the point that there are signals that have been raised but not yet caught (and thus not deferred) at the time an opcode completes, those signals may well be caught and deferred during subsequent opcodes, with sometimes surprising results. For example, you may see alarms delivered even after calling alarm(0) as the latter stops the raising of alarms but does not cancel the delivery of alarms raised but not yet caught. Do not depend on the behaviors described in this paragraph as they are side effects of the current implementation and may change in future versions of Perl.
The default in Perl 5.8.0 and later is to automatically use the ":perlio" layer.
Note that it is not advisable to access a file handle within a signal handler where that signal has interrupted an I/O operation on that same handle. While perl will at least try hard not to crash, there are no guarantees of data integrity; for example, some data might get dropped or written twice.
Some networking library functions like gethostbyname() are known to have their own implementations of timeouts which may conflict with your timeouts. If you have problems with such functions, try using the POSIX sigaction() function, which bypasses Perl safe signals. Be warned that this does subject you to possible memory corruption, as described above.
Instead of setting $SIG{ALRM}:
local $SIG{ALRM} = sub { die "alarm" };
try something like the following:
use POSIX qw(SIGALRM); POSIX::sigaction(SIGALRM, POSIX::SigAction->new(sub { die "alarm" })) || die "Error setting SIGALRM handler: $!\n";
Another way to disable the safe signal behavior locally is to use the "Perl::Unsafe::Signals" module from CPAN, which affects all signals.
The default ":perlio" layer retries "read", "write" and "close" as described above; interrupted "wait" and "waitpid" calls will always be retried.
If you want the old signal behavior back despite possible memory corruption, set the environment variable "PERL_SIGNALS" to "unsafe". This feature first appeared in Perl 5.8.1.
To create a named pipe, use the "POSIX::mkfifo()" function.
use POSIX qw(mkfifo); mkfifo($path, 0700) || die "mkfifo $path failed: $!";
You can also use the Unix command mknod(1), or on some systems, mkfifo(1). These may not be in your normal path, though.
# system return val is backwards, so && not || # $ENV{PATH} .= ":/etc:/usr/etc"; if ( system("mknod", $path, "p") && system("mkfifo", $path) ) { die "mk{nod,fifo} $path failed"; }
A fifo is convenient when you want to connect a process to an unrelated one. When you open a fifo, the program will block until there's something on the other end.
For example, let's say you'd like to have your .signature file be a named pipe that has a Perl program on the other end. Now every time any program (like a mailer, news reader, finger program, etc.) tries to read from that file, the reading program will read the new signature from your program. We'll use the pipe-checking file-test operator, -p, to find out whether anyone (or anything) has accidentally removed our fifo.
chdir(); # go home my $FIFO = ".signature"; while (1) { unless (-p $FIFO) { unlink $FIFO; # discard any failure, will catch later require POSIX; # delayed loading of heavy module POSIX::mkfifo($FIFO, 0700) || die "can't mkfifo $FIFO: $!"; } # next line blocks till there's a reader open (my $fh, ">", $FIFO) || die "can't open $FIFO: $!"; print $fh "John Smith (smith\@host.org)\n", `fortune -s`; close($fh) || die "can't close $FIFO: $!"; sleep 2; # to avoid dup signals }
open(my $spooler, "|-", "cat -v | lpr -h 2>/dev/null") || die "can't fork: $!"; local $SIG{PIPE} = sub { die "spooler pipe broke" }; print $spooler "stuff\n"; close $spooler || die "bad spool: $! $?";
And here's how to start up a child process you intend to read from:
open(my $status, "-|", "netstat -an 2>&1") || die "can't fork: $!"; while (<$status>) { next if /^(tcp|udp)/; print; } close $status || die "bad netstat: $! $?";
Be aware that these operations are full Unix forks, which means they may not be correctly implemented on all alien systems. See ``open'' in perlport for portability details.
In the two-argument form of open(), a pipe open can be achieved by either appending or prepending a pipe symbol to the second argument:
open(my $spooler, "| cat -v | lpr -h 2>/dev/null") || die "can't fork: $!"; open(my $status, "netstat -an 2>&1 |") || die "can't fork: $!";
This can be used even on systems that do not support forking, but this possibly allows code intended to read files to unexpectedly execute programs. If one can be sure that a particular program is a Perl script expecting filenames in @ARGV using the two-argument form of open() or the "<>" operator, the clever programmer can write something like this:
% program f1 "cmd1|" - f2 "cmd2|" f3 < tmpfile
and no matter which sort of shell it's called from, the Perl program will read from the file f1, the process cmd1, standard input (tmpfile in this case), the f2 file, the cmd2 command, and finally the f3 file. Pretty nifty, eh?
You might notice that you could use backticks for much the same effect as opening a pipe for reading:
print grep { !/^(tcp|udp)/ } `netstat -an 2>&1`; die "bad netstatus ($?)" if $?;
While this is true on the surface, it's much more efficient to process the file one line or record at a time because then you don't have to read the whole thing into memory at once. It also gives you finer control of the whole process, letting you kill off the child process early if you'd like.
Be careful to check the return values from both open() and close(). If you're writing to a pipe, you should also trap SIGPIPE. Otherwise, think of what happens when you start up a pipe to a command that doesn't exist: the open() will in all likelihood succeed (it only reflects the fork()'s success), but then your output will fail---spectacularly. Perl can't know whether the command worked, because your command is actually running in a separate process whose exec() might have failed. Therefore, while readers of bogus commands return just a quick EOF, writers to bogus commands will get hit with a signal, which they'd best be prepared to handle. Consider:
open(my $fh, "|-", "bogus") || die "can't fork: $!"; print $fh "bang\n"; # neither necessary nor sufficient # to check print retval! close($fh) || die "can't close: $!";
The reason for not checking the return value from print() is because of pipe buffering; physical writes are delayed. That won't blow up until the close, and it will blow up with a SIGPIPE. To catch it, you could use this:
$SIG{PIPE} = "IGNORE"; open(my $fh, "|-", "bogus") || die "can't fork: $!"; print $fh "bang\n"; close($fh) || die "can't close: status=$?";
system("cmd &");
The command's STDOUT and STDERR (and possibly STDIN, depending on your shell) will be the same as the parent's. You won't need to catch SIGCHLD because of the double-fork taking place; see below for details.
use POSIX "setsid"; sub daemonize { chdir("/") || die "can't chdir to /: $!"; open(STDIN, "<", "/dev/null") || die "can't read /dev/null: $!"; open(STDOUT, ">", "/dev/null") || die "can't write /dev/null: $!"; defined(my $pid = fork()) || die "can't fork: $!"; exit if $pid; # non-zero now means I am the parent (setsid() != -1) || die "Can't start a new session: $!"; open(STDERR, ">&", STDOUT) || die "can't dup stdout: $!"; }
The fork() has to come before the setsid() to ensure you aren't a process group leader; the setsid() will fail if you are. If your system doesn't have the setsid() function, open /dev/tty and use the "TIOCNOTTY" ioctl() on it instead. See tty(4) for details.
Non-Unix users should check their "Your_OS::Process" module for other possible solutions.
my $PRECIOUS = "/path/to/some/safe/file"; my $sleep_count; my $pid; my $kid_to_write; do { $pid = open($kid_to_write, "|-"); unless (defined $pid) { warn "cannot fork: $!"; die "bailing out" if $sleep_count++ > 6; sleep 10; } } until defined $pid; if ($pid) { # I am the parent print $kid_to_write @some_data; close($kid_to_write) || warn "kid exited $?"; } else { # I am the child # drop permissions in setuid and/or setgid programs: ($>, $)) = ($<, $(); open (my $outfile, ">", $PRECIOUS) || die "can't open $PRECIOUS: $!"; while (<STDIN>) { print $outfile; # child STDIN is parent $kid_to_write } close($outfile) || die "can't close $PRECIOUS: $!"; exit(0); # don't forget this!! }
Another common use for this construct is when you need to execute something without the shell's interference. With system(), it's straightforward, but you can't use a pipe open or backticks safely. That's because there's no way to stop the shell from getting its hands on your arguments. Instead, use lower-level control to call exec() directly.
Here's a safe backtick or pipe open for read:
my $pid = open(my $kid_to_read, "-|"); defined($pid) || die "can't fork: $!"; if ($pid) { # parent while (<$kid_to_read>) { # do something interesting } close($kid_to_read) || warn "kid exited $?"; } else { # child ($>, $)) = ($<, $(); # suid only exec($program, @options, @args) || die "can't exec program: $!"; # NOTREACHED }
And here's a safe pipe open for writing:
my $pid = open(my $kid_to_write, "|-"); defined($pid) || die "can't fork: $!"; $SIG{PIPE} = sub { die "whoops, $program pipe broke" }; if ($pid) { # parent print $kid_to_write @data; close($kid_to_write) || warn "kid exited $?"; } else { # child ($>, $)) = ($<, $(); exec($program, @options, @args) || die "can't exec program: $!"; # NOTREACHED }
It is very easy to dead-lock a process using this form of open(), or indeed with any use of pipe() with multiple subprocesses. The example above is ``safe'' because it is simple and calls exec(). See ``Avoiding Pipe Deadlocks'' for general safety principles, but there are extra gotchas with Safe Pipe Opens.
In particular, if you opened the pipe using "open $fh, "|-"", then you cannot simply use close() in the parent process to close an unwanted writer. Consider this code:
my $pid = open(my $writer, "|-"); # fork open a kid defined($pid) || die "first fork failed: $!"; if ($pid) { if (my $sub_pid = fork()) { defined($sub_pid) || die "second fork failed: $!"; close($writer) || die "couldn't close writer: $!"; # now do something else... } else { # first write to $writer # ... # then when finished close($writer) || die "couldn't close writer: $!"; exit(0); } } else { # first do something with STDIN, then exit(0); }
In the example above, the true parent does not want to write to the $writer filehandle, so it closes it. However, because $writer was opened using "open $fh, "|-"", it has a special behavior: closing it calls waitpid() (see ``waitpid'' in perlfunc), which waits for the subprocess to exit. If the child process ends up waiting for something happening in the section marked ``do something else'', you have deadlock.
This can also be a problem with intermediate subprocesses in more complicated code, which will call waitpid() on all open filehandles during global destruction---in no predictable order.
To solve this, you must manually use pipe(), fork(), and the form of open() which sets one file descriptor to another, as shown below:
pipe(my $reader, my $writer) || die "pipe failed: $!"; my $pid = fork(); defined($pid) || die "first fork failed: $!"; if ($pid) { close $reader; if (my $sub_pid = fork()) { defined($sub_pid) || die "first fork failed: $!"; close($writer) || die "can't close writer: $!"; } else { # write to $writer... # ... # then when finished close($writer) || die "can't close writer: $!"; exit(0); } # write to $writer... } else { open(STDIN, "<&", $reader) || die "can't reopen STDIN: $!"; close($writer) || die "can't close writer: $!"; # do something... exit(0); }
Since Perl 5.8.0, you can also use the list form of "open" for pipes. This is preferred when you wish to avoid having the shell interpret metacharacters that may be in your command string.
So for example, instead of using:
open(my $ps_pipe, "-|", "ps aux") || die "can't open ps pipe: $!";
One would use either of these:
open(my $ps_pipe, "-|", "ps", "aux") || die "can't open ps pipe: $!"; my @ps_args = qw[ ps aux ]; open(my $ps_pipe, "-|", @ps_args) || die "can't open @ps_args|: $!";
Because there are more than three arguments to open(), it forks the ps(1) command without spawning a shell, and reads its standard output via the $ps_pipe filehandle. The corresponding syntax to write to command pipes is to use "|-" in place of "-|".
This was admittedly a rather silly example, because you're using string literals whose content is perfectly safe. There is therefore no cause to resort to the harder-to-read, multi-argument form of pipe open(). However, whenever you cannot be assured that the program arguments are free of shell metacharacters, the fancier form of open() should be used. For example:
my @grep_args = ("egrep", "-i", $some_pattern, @many_files); open(my $grep_pipe, "-|", @grep_args) || die "can't open @grep_args|: $!";
Here the multi-argument form of pipe open() is preferred because the pattern and indeed even the filenames themselves might hold metacharacters.
Certain built-in Unix features help prevent this most of the time. For instance, filehandles have a ``close on exec'' flag, which is set en masse under control of the $^F variable. This is so any filehandles you didn't explicitly route to the STDIN, STDOUT or STDERR of a child program will be automatically closed.
Always explicitly and immediately call close() on the writable end of any pipe, unless that process is actually writing to it. Even if you don't explicitly call close(), Perl will still close() all filehandles during global destruction. As previously discussed, if those filehandles have been opened with Safe Pipe Open, this will result in calling waitpid(), which may again deadlock.
# THIS DOES NOT WORK!! open(my $prog_for_reading_and_writing, "| some program |")
If you forget to "use warnings", you'll miss out entirely on the helpful diagnostic message:
Can't do bidirectional pipe at -e line 1.
If you really want to, you can use the standard open2() from the IPC::Open2 module to catch both ends. There's also an open3() in IPC::Open3 for tridirectional I/O so you can also catch your child's STDERR, but doing so would then require an awkward select() loop and wouldn't allow you to use normal Perl input operations.
If you look at its source, you'll see that open2() uses low-level primitives like the pipe() and exec() syscalls to create all the connections. Although it might have been more efficient by using socketpair(), this would have been even less portable than it already is. The open2() and open3() functions are unlikely to work anywhere except on a Unix system, or at least one purporting POSIX compliance.
Here's an example of using open2():
use IPC::Open2; my $pid = open2(my $reader, my $writer, "cat -un"); print $writer "stuff\n"; my $got = <$reader>; waitpid $pid, 0;
The problem with this is that buffering is really going to ruin your day. Even though your $writer filehandle is auto-flushed so the process on the other end gets your data in a timely manner, you can't usually do anything to force that process to give its data to you in a similarly quick fashion. In this special case, we could actually so, because we gave cat a -u flag to make it unbuffered. But very few commands are designed to operate over pipes, so this seldom works unless you yourself wrote the program on the other end of the double-ended pipe.
A solution to this is to use a library which uses pseudottys to make your program behave more reasonably. This way you don't have to have control over the source code of the program you're using. The "Expect" module from CPAN also addresses this kind of thing. This module requires two other modules from CPAN, "IO::Pty" and "IO::Stty". It sets up a pseudo terminal to interact with programs that insist on talking to the terminal device driver. If your system is supported, this may be your best bet.
#!/usr/bin/perl # pipe1 - bidirectional communication using two pipe pairs # designed for the socketpair-challenged use strict; use warnings; use IO::Handle; # enable autoflush method before Perl 5.14 pipe(my $parent_rdr, my $child_wtr); # XXX: check failure? pipe(my $child_rdr, my $parent_wtr); # XXX: check failure? $child_wtr->autoflush(1); $parent_wtr->autoflush(1); if ($pid = fork()) { close $parent_rdr; close $parent_wtr; print $child_wtr "Parent Pid $$ is sending this\n"; chomp(my $line = <$child_rdr>); print "Parent Pid $$ just read this: '$line'\n"; close $child_rdr; close $child_wtr; waitpid($pid, 0); } else { die "cannot fork: $!" unless defined $pid; close $child_rdr; close $child_wtr; chomp(my $line = <$parent_rdr>); print "Child Pid $$ just read this: '$line'\n"; print $parent_wtr "Child Pid $$ is sending this\n"; close $parent_rdr; close $parent_wtr; exit(0); }
But you don't actually have to make two pipe calls. If you have the socketpair() system call, it will do this all for you.
#!/usr/bin/perl # pipe2 - bidirectional communication using socketpair # "the best ones always go both ways" use strict; use warnings; use Socket; use IO::Handle; # enable autoflush method before Perl 5.14 # We say AF_UNIX because although *_LOCAL is the # POSIX 1003.1g form of the constant, many machines # still don't have it. socketpair(my $child, my $parent, AF_UNIX, SOCK_STREAM, PF_UNSPEC) || die "socketpair: $!"; $child->autoflush(1); $parent->autoflush(1); if ($pid = fork()) { close $parent; print $child "Parent Pid $$ is sending this\n"; chomp(my $line = <$child>); print "Parent Pid $$ just read this: '$line'\n"; close $child; waitpid($pid, 0); } else { die "cannot fork: $!" unless defined $pid; close $child; chomp(my $line = <$parent>); print "Child Pid $$ just read this: '$line'\n"; print $parent "Child Pid $$ is sending this\n"; close $parent; exit(0); }
The Perl functions for dealing with sockets have the same names as the corresponding system calls in C, but their arguments tend to differ for two reasons. First, Perl filehandles work differently than C file descriptors. Second, Perl already knows the length of its strings, so you don't need to pass that information.
One of the major problems with ancient, antemillennial socket code in Perl was that it used hard-coded values for some of the constants, which severely hurt portability. If you ever see code that does anything like explicitly setting "$AF_INET = 2", you know you're in for big trouble. An immeasurably superior approach is to use the Socket module, which more reliably grants access to the various constants and functions you'll need.
If you're not writing a server/client for an existing protocol like NNTP or SMTP, you should give some thought to how your server will know when the client has finished talking, and vice-versa. Most protocols are based on one-line messages and responses (so one party knows the other has finished when a ``\n'' is received) or multi-line messages and responses that end with a period on an empty line (``\n.\n'' terminates a message/response).
Here's a sample TCP client using Internet-domain sockets:
#!/usr/bin/perl use strict; use warnings; use Socket; my $remote = shift || "localhost"; my $port = shift || 2345; # random port if ($port =~ /\D/) { $port = getservbyname($port, "tcp") } die "No port" unless $port; my $iaddr = inet_aton($remote) || die "no host: $remote"; my $paddr = sockaddr_in($port, $iaddr); my $proto = getprotobyname("tcp"); socket(my $sock, PF_INET, SOCK_STREAM, $proto) || die "socket: $!"; connect($sock, $paddr) || die "connect: $!"; while (my $line = <$sock>) { print $line; } close ($sock) || die "close: $!"; exit(0);
And here's a corresponding server to go along with it. We'll leave the address as "INADDR_ANY" so that the kernel can choose the appropriate interface on multihomed hosts. If you want sit on a particular interface (like the external side of a gateway or firewall machine), fill this in with your real address instead.
#!/usr/bin/perl -T use strict; use warnings; BEGIN { $ENV{PATH} = "/usr/bin:/bin" } use Socket; use Carp; my $EOL = "\015\012"; sub logmsg { print "$0 $$: @_ at ", scalar localtime(), "\n" } my $port = shift || 2345; die "invalid port" unless $port =~ /^ \d+ $/x; my $proto = getprotobyname("tcp"); socket(my $server, PF_INET, SOCK_STREAM, $proto) || die "socket: $!"; setsockopt($server, SOL_SOCKET, SO_REUSEADDR, pack("l", 1)) || die "setsockopt: $!"; bind($server, sockaddr_in($port, INADDR_ANY)) || die "bind: $!"; listen($server, SOMAXCONN) || die "listen: $!"; logmsg "server started on port $port"; for (my $paddr; $paddr = accept(my $client, $server); close $client) { my($port, $iaddr) = sockaddr_in($paddr); my $name = gethostbyaddr($iaddr, AF_INET); logmsg "connection from $name [", inet_ntoa($iaddr), "] at port $port"; print $client "Hello there, $name, it's now ", scalar localtime(), $EOL; }
And here's a multitasking version. It's multitasked in that like most typical servers, it spawns (fork()s) a slave server to handle the client request so that the master server can quickly go back to service a new client.
#!/usr/bin/perl -T use strict; use warnings; BEGIN { $ENV{PATH} = "/usr/bin:/bin" } use Socket; use Carp; my $EOL = "\015\012"; sub spawn; # forward declaration sub logmsg { print "$0 $$: @_ at ", scalar localtime(), "\n" } my $port = shift || 2345; die "invalid port" unless $port =~ /^ \d+ $/x; my $proto = getprotobyname("tcp"); socket(my $server, PF_INET, SOCK_STREAM, $proto) || die "socket: $!"; setsockopt($server, SOL_SOCKET, SO_REUSEADDR, pack("l", 1)) || die "setsockopt: $!"; bind($server, sockaddr_in($port, INADDR_ANY)) || die "bind: $!"; listen($server, SOMAXCONN) || die "listen: $!"; logmsg "server started on port $port"; my $waitedpid = 0; use POSIX ":sys_wait_h"; use Errno; sub REAPER { local $!; # don't let waitpid() overwrite current error while ((my $pid = waitpid(-1, WNOHANG)) > 0 && WIFEXITED($?)) { logmsg "reaped $waitedpid" . ($? ? " with exit $?" : ""); } $SIG{CHLD} = \&REAPER; # loathe SysV } $SIG{CHLD} = \&REAPER; while (1) { my $paddr = accept(my $client, $server) || do { # try again if accept() returned because got a signal next if $!{EINTR}; die "accept: $!"; }; my ($port, $iaddr) = sockaddr_in($paddr); my $name = gethostbyaddr($iaddr, AF_INET); logmsg "connection from $name [", inet_ntoa($iaddr), "] at port $port"; spawn $client, sub { $| = 1; print "Hello there, $name, it's now ", scalar localtime(), $EOL; exec "/usr/games/fortune" # XXX: "wrong" line terminators or confess "can't exec fortune: $!"; }; close $client; } sub spawn { my $client = shift; my $coderef = shift; unless (@_ == 0 && $coderef && ref($coderef) eq "CODE") { confess "usage: spawn CLIENT CODEREF"; } my $pid; unless (defined($pid = fork())) { logmsg "cannot fork: $!"; return; } elsif ($pid) { logmsg "begat $pid"; return; # I'm the parent } # else I'm the child -- go spawn open(STDIN, "<&", $client) || die "can't dup client to stdin"; open(STDOUT, ">&", $client) || die "can't dup client to stdout"; ## open(STDERR, ">&", STDOUT) || die "can't dup stdout to stderr"; exit($coderef->()); }
This server takes the trouble to clone off a child version via fork() for each incoming request. That way it can handle many requests at once, which you might not always want. Even if you don't fork(), the listen() will allow that many pending connections. Forking servers have to be particularly careful about cleaning up their dead children (called ``zombies'' in Unix parlance), because otherwise you'll quickly fill up your process table. The REAPER subroutine is used here to call waitpid() for any child processes that have finished, thereby ensuring that they terminate cleanly and don't join the ranks of the living dead.
Within the while loop we call accept() and check to see if it returns a false value. This would normally indicate a system error needs to be reported. However, the introduction of safe signals (see ``Deferred Signals (Safe Signals)'' above) in Perl 5.8.0 means that accept() might also be interrupted when the process receives a signal. This typically happens when one of the forked subprocesses exits and notifies the parent process with a CHLD signal.
If accept() is interrupted by a signal, $! will be set to EINTR. If this happens, we can safely continue to the next iteration of the loop and another call to accept(). It is important that your signal handling code not modify the value of $!, or else this test will likely fail. In the REAPER subroutine we create a local version of $! before calling waitpid(). When waitpid() sets $! to ECHILD as it inevitably does when it has no more children waiting, it updates the local copy and leaves the original unchanged.
You should use the -T flag to enable taint checking (see perlsec) even if we aren't running setuid or setgid. This is always a good idea for servers or any program run on behalf of someone else (like CGI scripts), because it lessens the chances that people from the outside will be able to compromise your system.
Let's look at another TCP client. This one connects to the TCP ``time'' service on a number of different machines and shows how far their clocks differ from the system on which it's being run:
#!/usr/bin/perl use strict; use warnings; use Socket; my $SECS_OF_70_YEARS = 2208988800; sub ctime { scalar localtime(shift() || time()) } my $iaddr = gethostbyname("localhost"); my $proto = getprotobyname("tcp"); my $port = getservbyname("time", "tcp"); my $paddr = sockaddr_in(0, $iaddr); $| = 1; printf "%-24s %8s %s\n", "localhost", 0, ctime(); foreach my $host (@ARGV) { printf "%-24s ", $host; my $hisiaddr = inet_aton($host) || die "unknown host"; my $hispaddr = sockaddr_in($port, $hisiaddr); socket(my $socket, PF_INET, SOCK_STREAM, $proto) || die "socket: $!"; connect($socket, $hispaddr) || die "connect: $!"; my $rtime = pack("C4", ()); read($socket, $rtime, 4); close($socket); my $histime = unpack("N", $rtime) - $SECS_OF_70_YEARS; printf "%8d %s\n", $histime - time(), ctime($histime); }
% ls -l /dev/log srw-rw-rw- 1 root 0 Oct 31 07:23 /dev/log
You can test for these with Perl's -S file test:
unless (-S "/dev/log") { die "something's wicked with the log system"; }
Here's a sample Unix-domain client:
#!/usr/bin/perl use Socket; use strict; use warnings; my $rendezvous = shift || "catsock"; socket(my $sock, PF_UNIX, SOCK_STREAM, 0) || die "socket: $!"; connect($sock, sockaddr_un($rendezvous)) || die "connect: $!"; while (defined(my $line = <$sock>)) { print $line; } exit(0);
And here's a corresponding server. You don't have to worry about silly network terminators here because Unix domain sockets are guaranteed to be on the localhost, and thus everything works right.
#!/usr/bin/perl -T use strict; use warnings; use Socket; use Carp; BEGIN { $ENV{PATH} = "/usr/bin:/bin" } sub spawn; # forward declaration sub logmsg { print "$0 $$: @_ at ", scalar localtime(), "\n" } my $NAME = "catsock"; my $uaddr = sockaddr_un($NAME); my $proto = getprotobyname("tcp"); socket(my $server, PF_UNIX, SOCK_STREAM, 0) || die "socket: $!"; unlink($NAME); bind ($server, $uaddr) || die "bind: $!"; listen($server, SOMAXCONN) || die "listen: $!"; logmsg "server started on $NAME"; my $waitedpid; use POSIX ":sys_wait_h"; sub REAPER { my $child; while (($waitedpid = waitpid(-1, WNOHANG)) > 0) { logmsg "reaped $waitedpid" . ($? ? " with exit $?" : ""); } $SIG{CHLD} = \&REAPER; # loathe SysV } $SIG{CHLD} = \&REAPER; for ( $waitedpid = 0; accept(my $client, $server) || $waitedpid; $waitedpid = 0, close $client) { next if $waitedpid; logmsg "connection on $NAME"; spawn $client, sub { print "Hello there, it's now ", scalar localtime(), "\n"; exec("/usr/games/fortune") || die "can't exec fortune: $!"; }; } sub spawn { my $client = shift(); my $coderef = shift(); unless (@_ == 0 && $coderef && ref($coderef) eq "CODE") { confess "usage: spawn CLIENT CODEREF"; } my $pid; unless (defined($pid = fork())) { logmsg "cannot fork: $!"; return; } elsif ($pid) { logmsg "begat $pid"; return; # I'm the parent } else { # I'm the child -- go spawn } open(STDIN, "<&", $client) || die "can't dup client to stdin"; open(STDOUT, ">&", $client) || die "can't dup client to stdout"; ## open(STDERR, ">&", STDOUT) ## || die "can't dup stdout to stderr"; exit($coderef->()); }
As you see, it's remarkably similar to the Internet domain TCP server, so much so, in fact, that we've omitted several duplicate functions---spawn(), logmsg(), ctime(), and REAPER()--which are the same as in the other server.
So why would you ever want to use a Unix domain socket instead of a simpler named pipe? Because a named pipe doesn't give you sessions. You can't tell one process's data from another's. With socket programming, you get a separate session for each client; that's why accept() takes two arguments.
For example, let's say that you have a long-running database server daemon that you want folks to be able to access from the Web, but only if they go through a CGI interface. You'd have a small, simple CGI program that does whatever checks and logging you feel like, and then acts as a Unix-domain client and connects to your private server.
#!/usr/bin/perl use strict; use warnings; use IO::Socket; my $remote = IO::Socket::INET->new( Proto => "tcp", PeerAddr => "localhost", PeerPort => "daytime(13)", ) || die "can't connect to daytime service on localhost"; while (<$remote>) { print }
When you run this program, you should get something back that looks like this:
Wed May 14 08:40:46 MDT 1997
Here are what those parameters to the new() constructor mean:
#!/usr/bin/perl use strict; use warnings; use IO::Socket; unless (@ARGV > 1) { die "usage: $0 host url ..." } my $host = shift(@ARGV); my $EOL = "\015\012"; my $BLANK = $EOL x 2; for my $document (@ARGV) { my $remote = IO::Socket::INET->new( Proto => "tcp", PeerAddr => $host, PeerPort => "http(80)", ) || die "cannot connect to httpd on $host"; $remote->autoflush(1); print $remote "GET $document HTTP/1.0" . $BLANK; while ( <$remote> ) { print } close $remote; }
The web server handling the HTTP service is assumed to be at its standard port, number 80. If the server you're trying to connect to is at a different port, like 1080 or 8080, you should specify it as the named-parameter pair, "PeerPort => 8080". The "autoflush" method is used on the socket because otherwise the system would buffer up the output we sent it. (If you're on a prehistoric Mac, you'll also need to change every "\n" in your code that sends data over the network to be a "\015\012" instead.)
Connecting to the server is only the first part of the process: once you have the connection, you have to use the server's language. Each server on the network has its own little command language that it expects as input. The string that we send to the server starting with ``GET'' is in HTTP syntax. In this case, we simply request each specified document. Yes, we really are making a new connection for each document, even though it's the same host. That's the way you always used to have to speak HTTP. Recent versions of web browsers may request that the remote server leave the connection open a little while, but the server doesn't have to honor such a request.
Here's an example of running that program, which we'll call webget:
% webget www.perl.com /guanaco.html HTTP/1.1 404 File Not Found Date: Thu, 08 May 1997 18:02:32 GMT Server: Apache/1.2b6 Connection: close Content-type: text/html <HEAD><TITLE>404 File Not Found</TITLE></HEAD> <BODY><H1>File Not Found</H1> The requested URL /guanaco.html was not found on this server.<P> </BODY>
Ok, so that's not very interesting, because it didn't find that particular document. But a long response wouldn't have fit on this page.
For a more featureful version of this program, you should look to the lwp-request program included with the LWP modules from CPAN.
This client is more complicated than the two we've done so far, but if you're on a system that supports the powerful "fork" call, the solution isn't that rough. Once you've made the connection to whatever service you'd like to chat with, call "fork" to clone your process. Each of these two identical process has a very simple job to do: the parent copies everything from the socket to standard output, while the child simultaneously copies everything from standard input to the socket. To accomplish the same thing using just one process would be much harder, because it's easier to code two processes to do one thing than it is to code one process to do two things. (This keep-it-simple principle a cornerstones of the Unix philosophy, and good software engineering as well, which is probably why it's spread to other systems.)
Here's the code:
#!/usr/bin/perl use strict; use warnings; use IO::Socket; unless (@ARGV == 2) { die "usage: $0 host port" } my ($host, $port) = @ARGV; # create a tcp connection to the specified host and port my $handle = IO::Socket::INET->new(Proto => "tcp", PeerAddr => $host, PeerPort => $port) || die "can't connect to port $port on $host: $!"; $handle->autoflush(1); # so output gets there right away print STDERR "[Connected to $host:$port]\n"; # split the program into two processes, identical twins die "can't fork: $!" unless defined(my $kidpid = fork()); # the if{} block runs only in the parent process if ($kidpid) { # copy the socket to standard output while (defined (my $line = <$handle>)) { print STDOUT $line; } kill("TERM", $kidpid); # send SIGTERM to child } # the else{} block runs only in the child process else { # copy standard input to the socket while (defined (my $line = <STDIN>)) { print $handle $line; } exit(0); # just in case }
The "kill" function in the parent's "if" block is there to send a signal to our child process, currently running in the "else" block, as soon as the remote server has closed its end of the connection.
If the remote server sends data a byte at time, and you need that data immediately without waiting for a newline (which might not happen), you may wish to replace the "while" loop in the parent with the following:
my $byte; while (sysread($handle, $byte, 1) == 1) { print STDOUT $byte; }
Making a system call for each byte you want to read is not very efficient (to put it mildly) but is the simplest to explain and works reasonably well.
Once the generic server socket has been created using the parameters listed above, the server then waits for a new client to connect to it. The server blocks in the "accept" method, which eventually accepts a bidirectional connection from the remote client. (Make sure to autoflush this handle to circumvent buffering.)
To add to user-friendliness, our server prompts the user for commands. Most servers don't do this. Because of the prompt without a newline, you'll have to use the "sysread" variant of the interactive client above.
This server accepts one of five different commands, sending output back to the client. Unlike most network servers, this one handles only one incoming client at a time. Multitasking servers are covered in Chapter 16 of the Camel.
Here's the code.
#!/usr/bin/perl use strict; use warnings; use IO::Socket; use Net::hostent; # for OOish version of gethostbyaddr my $PORT = 9000; # pick something not in use my $server = IO::Socket::INET->new( Proto => "tcp", LocalPort => $PORT, Listen => SOMAXCONN, Reuse => 1); die "can't setup server" unless $server; print "[Server $0 accepting clients]\n"; while (my $client = $server->accept()) { $client->autoflush(1); print $client "Welcome to $0; type help for command list.\n"; my $hostinfo = gethostbyaddr($client->peeraddr); printf "[Connect from %s]\n", $hostinfo ? $hostinfo->name : $client->peerhost; print $client "Command? "; while ( <$client>) { next unless /\S/; # blank line if (/quit|exit/i) { last } elsif (/date|time/i) { printf $client "%s\n", scalar localtime() } elsif (/who/i ) { print $client `who 2>&1` } elsif (/cookie/i ) { print $client `/usr/games/fortune 2>&1` } elsif (/motd/i ) { print $client `cat /etc/motd 2>&1` } else { print $client "Commands: quit date who cookie motd\n"; } } continue { print $client "Command? "; } close $client; }
UDP datagrams are not a bytestream and should not be treated as such. This makes using I/O mechanisms with internal buffering like stdio (i.e. print() and friends) especially cumbersome. Use syswrite(), or better send(), like in the example below.
Here's a UDP program similar to the sample Internet TCP client given earlier. However, instead of checking one host at a time, the UDP version will check many of them asynchronously by simulating a multicast and then using select() to do a timed-out wait for I/O. To do something similar with TCP, you'd have to use a different socket handle for each host.
#!/usr/bin/perl use strict; use warnings; use Socket; use Sys::Hostname; my $SECS_OF_70_YEARS = 2_208_988_800; my $iaddr = gethostbyname(hostname()); my $proto = getprotobyname("udp"); my $port = getservbyname("time", "udp"); my $paddr = sockaddr_in(0, $iaddr); # 0 means let kernel pick socket(my $socket, PF_INET, SOCK_DGRAM, $proto) || die "socket: $!"; bind($socket, $paddr) || die "bind: $!"; $| = 1; printf "%-12s %8s %s\n", "localhost", 0, scalar localtime(); my $count = 0; for my $host (@ARGV) { $count++; my $hisiaddr = inet_aton($host) || die "unknown host"; my $hispaddr = sockaddr_in($port, $hisiaddr); defined(send($socket, 0, 0, $hispaddr)) || die "send $host: $!"; } my $rout = my $rin = ""; vec($rin, fileno($socket), 1) = 1; # timeout after 10.0 seconds while ($count && select($rout = $rin, undef, undef, 10.0)) { my $rtime = ""; my $hispaddr = recv($socket, $rtime, 4, 0) || die "recv: $!"; my ($port, $hisiaddr) = sockaddr_in($hispaddr); my $host = gethostbyaddr($hisiaddr, AF_INET); my $histime = unpack("N", $rtime) - $SECS_OF_70_YEARS; printf "%-12s ", $host; printf "%8d %s\n", $histime - time(), scalar localtime($histime); $count--; }
This example does not include any retries and may consequently fail to contact a reachable host. The most prominent reason for this is congestion of the queues on the sending host if the number of hosts to contact is sufficiently large.
Here's a small example showing shared memory usage.
use IPC::SysV qw(IPC_PRIVATE IPC_RMID S_IRUSR S_IWUSR); my $size = 2000; my $id = shmget(IPC_PRIVATE, $size, S_IRUSR | S_IWUSR); defined($id) || die "shmget: $!"; print "shm key $id\n"; my $message = "Message #1"; shmwrite($id, $message, 0, 60) || die "shmwrite: $!"; print "wrote: '$message'\n"; shmread($id, my $buff, 0, 60) || die "shmread: $!"; print "read : '$buff'\n"; # the buffer of shmread is zero-character end-padded. substr($buff, index($buff, "\0")) = ""; print "un" unless $buff eq $message; print "swell\n"; print "deleting shm $id\n"; shmctl($id, IPC_RMID, 0) || die "shmctl: $!";
Here's an example of a semaphore:
use IPC::SysV qw(IPC_CREAT); my $IPC_KEY = 1234; my $id = semget($IPC_KEY, 10, 0666 | IPC_CREAT); defined($id) || die "semget: $!"; print "sem id $id\n";
Put this code in a separate file to be run in more than one process. Call the file take:
# create a semaphore my $IPC_KEY = 1234; my $id = semget($IPC_KEY, 0, 0); defined($id) || die "semget: $!"; my $semnum = 0; my $semflag = 0; # "take" semaphore # wait for semaphore to be zero my $semop = 0; my $opstring1 = pack("s!s!s!", $semnum, $semop, $semflag); # Increment the semaphore count $semop = 1; my $opstring2 = pack("s!s!s!", $semnum, $semop, $semflag); my $opstring = $opstring1 . $opstring2; semop($id, $opstring) || die "semop: $!";
Put this code in a separate file to be run in more than one process. Call this file give:
# "give" the semaphore # run this in the original process and you will see # that the second process continues my $IPC_KEY = 1234; my $id = semget($IPC_KEY, 0, 0); die unless defined($id); my $semnum = 0; my $semflag = 0; # Decrement the semaphore count my $semop = -1; my $opstring = pack("s!s!s!", $semnum, $semop, $semflag); semop($id, $opstring) || die "semop: $!";
The SysV IPC code above was written long ago, and it's definitely clunky looking. For a more modern look, see the IPC::SysV module.
A small example demonstrating SysV message queues:
use IPC::SysV qw(IPC_PRIVATE IPC_RMID IPC_CREAT S_IRUSR S_IWUSR); my $id = msgget(IPC_PRIVATE, IPC_CREAT | S_IRUSR | S_IWUSR); defined($id) || die "msgget failed: $!"; my $sent = "message"; my $type_sent = 1234; msgsnd($id, pack("l! a*", $type_sent, $sent), 0) || die "msgsnd failed: $!"; msgrcv($id, my $rcvd_buf, 60, 0, 0) || die "msgrcv failed: $!"; my($type_rcvd, $rcvd) = unpack("l! a*", $rcvd_buf); if ($rcvd eq $sent) { print "okay\n"; } else { print "not okay\n"; } msgctl($id, IPC_RMID, 0) || die "msgctl failed: $!\n";
#!/usr/bin/perl -T use strict; use warnings; use sigtrap; use Socket;
For intrepid programmers, the indispensable textbook is Unix Network Programming, 2nd Edition, Volume 1 by W. Richard Stevens (published by Prentice-Hall). Most books on networking address the subject from the perspective of a C programmer; translation to Perl is left as an exercise for the reader.
The IO::Socket(3) manpage describes the object library, and the Socket(3) manpage describes the low-level interface to sockets. Besides the obvious functions in perlfunc, you should also check out the modules file at your nearest CPAN site, especially <http://www.cpan.org/modules/00modlist.long.html#ID5_Networking_>. See perlmodlib or best yet, the Perl FAQ for a description of what CPAN is and where to get it if the previous link doesn't work for you.
Section 5 of CPAN's modules file is devoted to ``Networking, Device Control (modems), and Interprocess Communication'', and contains numerous unbundled modules numerous networking modules, Chat and Expect operations, CGI programming, DCE, FTP, IPC, NNTP, Proxy, Ptty, RPC, SNMP, SMTP, Telnet, Threads, and ToolTalk---to name just a few.