Tcl Library Source Code

Documentation
Login
Bounty program for improvements to Tcl and certain Tcl packages.


[ Main Table Of Contents | Table Of Contents | Keyword Index | Categories | Modules | Applications ]

NAME

comm - A remote communication facility for Tcl (8.5 and later)

Table Of Contents

SYNOPSIS

package require Tcl 8.5
package require comm ?4.7?

::comm::comm send ?-async? ?-command callback? id cmd ?arg arg ...?
::comm::comm self
::comm::comm interps
::comm::comm connect ?id?
::comm::comm new chan ?name value ...?
::comm::comm channels
::comm::comm config
::comm::comm config name
::comm::comm config ?name value ...?
::comm::comm shutdown id
::comm::comm abort
::comm::comm destroy
::comm::comm hook event ?+? ?script?
::comm::comm remoteid
::comm::comm_send
::comm::comm return_async
$future return ?-code code? ?value?
$future configure ?-command ?cmdprefix??
$future cget -command

DESCRIPTION

The comm command provides an inter-interpreter remote execution facility much like Tk's send(n), except that it uses sockets rather than the X server for the communication path. As a result, comm works with multiple interpreters, works on Windows and Macintosh systems, and provides control over the remote execution path.

These commands work just like send and winfo interps :

::comm::comm send ?-async? id cmd ?arg arg ...?
::comm::comm interps

This is all that is really needed to know in order to use comm

Commands

The package initializes ::comm::comm as the default chan.

comm names communication endpoints with an id unique to each machine. Before sending commands, the id of another interpreter is needed. Unlike Tk's send, comm doesn't implicitly know the id's of all the interpreters on the system. The following four methods make up the basic comm interface.

Eval Semantics

The evaluation semantics of ::comm::comm send are intended to match Tk's send exactly. This means that comm evaluates arguments on the remote side.

If you find that ::comm::comm send doesn't work for a particular command, try the same thing with Tk's send and see if the result is different. If there is a problem, please report it. For instance, there was had one report that this command produced an error. Note that the equivalent send command also produces the same error.

% ::comm::comm send id llength {a b c}
wrong # args: should be "llength list"
% send name llength {a b c}
wrong # args: should be "llength list"

The eval hook (described below) can be used to change from send's double eval semantics to single eval semantics.

Multiple Channels

More than one comm channel (or listener) can be created in each Tcl interpreter. This allows flexibility to create full and restricted channels. For instance, hook scripts are specific to the channel they are defined against.

The default configuration parameters for a new channel are:

"-port 0 -local 1 -listen 0 -silent 0"

The default channel ::comm::comm is created with:

"::comm::comm new ::comm::comm -port 0 -local 1 -listen 1 -silent 0"

Channel Configuration

The config method acts similar to fconfigure in that it sets or queries configuration variables associated with a channel.

These configuration variables can be changed (descriptions of them are elsewhere in this manual page):

These configuration variables are read only:

When config changes the parameters of an existing channel (with the exception of -interp and -events), it closes and reopens the listening socket. An automatically assigned channel id will change when this happens. Recycling the socket is done by invoking ::comm::comm abort, which causes all active sends to terminate.

Id/port Assignments

comm uses a TCP port for endpoint id. The interps (or ids) method merely lists all the TCP ports to which the channel is connected. By default, each channel's id is randomly assigned by the operating system (but usually starts at a low value around 1024 and increases each time a new socket is opened). This behavior is accomplished by giving the -port config option a value of 0. Alternately, a specific TCP port number may be provided for a given channel. As a special case, comm contains code to allocate a a high-numbered TCP port (>10000) by using -port {}. Note that a channel won't be created and initialized unless the specific port can be allocated.

As a special case, if the channel is configured with -listen 0, then it will not create a listening socket and will use an id of 0 for itself. Such a channel is only good for outgoing connections (although once a connection is established, it can carry send traffic in both directions). As another special case, if the channel is configured with -silent 0, then the listening side will ignore connection attempts where the protocol negotiation phase failed, instead of throwing an error.

Execution Environment

A communication channel in its default configuration will use the current interpreter for the execution of all received scripts, and of the event scripts associated with the various hooks.

This insecure setup can be changed by the user via the two options -interp, and -events.

When -interp is set all received scripts are executed in the slave interpreter specified as the value of the option. This interpreter is expected to exist before configuration. I.e. it is the responsibility of the user to create it. However afterward the communication channel takes ownership of this interpreter, and will destroy it when the communication channel is destroyed. Note that reconfiguration of the communication channel to either a different interpreter or the empty string will release the ownership without destroying the previously configured interpreter. The empty string has a special meaning, it restores the default behaviour of executing received scripts in the current interpreter.

Also of note is that replies and callbacks (a special form of reply) are not considered as received scripts. They are trusted, part of the internal machinery of comm, and therefore always executed in the current interpreter.

Even if an interpreter has been configured as the execution environment for received scripts the event scripts associated with the various hooks will by default still be executed in the current interpreter. To change this use the option -events to declare a list of the events whose scripts should be executed in the declared interpreter as well. The contents of this option are ignored if the communication channel is configured to execute received scripts in the current interpreter.

Remote Interpreters

By default, each channel is restricted to accepting connections from the local system. This can be overridden by using the -local 0 configuration option For such channels, the id parameter takes the form { id host }.

WARNING: The host must always be specified in the same form (e.g., as either a fully qualified domain name, plain hostname or an IP address).

Closing Connections

These methods give control over closing connections:

When a remote connection is lost (because the remote exited or called shutdown), comm can invoke an application callback. This can be used to cleanup or restart an ancillary process, for instance. See the lost callback below.

Callbacks

This is a mechanism for setting hooks for particular events:

These are the defined events:

Unsupported

These interfaces may change or go away in subsequence releases.

Security

Starting with version 4.6 of the package an option -socketcmd is supported, allowing the user of a comm channel to specify which command to use when opening a socket. Anything which is API-compatible with the builtin ::socket (the default) can be used.

The envisioned main use is the specification of the tls::socket command, see package tls, to secure the communication.

# Load and initialize tls
package require tls
tls::init  -cafile /path/to/ca/cert -keyfile ...

# Create secured comm channel
::comm::comm new SECURE -socketcmd tls::socket -listen 1
...

The sections Execution Environment and Callbacks are also relevant to the security of the system, providing means to restrict the execution to a specific environment, perform additional authentication, and the like.

Blocking Semantics

There is one outstanding difference between comm and send. When blocking in a synchronous remote command, send uses an internal C hook (Tk_RestrictEvents) to the event loop to look ahead for send-related events and only process those without processing any other events. In contrast, comm uses the vwait command as a semaphore to indicate the return message has arrived. The difference is that a synchronous send will block the application and prevent all events (including window related ones) from being processed, while a synchronous ::comm::comm send will block the application but still allow other events to get processed. In particular, after idle handlers will fire immediately when comm blocks.

What can be done about this? First, note that this behavior will come from any code using vwait to block and wait for an event to occur. At the cost of multiple channel support, comm could be changed to do blocking I/O on the socket, giving send-like blocking semantics. However, multiple channel support is a very useful feature of comm that it is deemed too important to lose. The remaining approaches involve a new loadable module written in C (which is somewhat against the philosophy of comm) One way would be to create a modified version of the vwait command that allow the event flags passed to Tcl_DoOneEvent to be specified. For comm, just the TCL_FILE_EVENTS would be processed. Another way would be to implement a mechanism like Tk_RestrictEvents, but apply it to the Tcl event loop (since comm doesn't require Tk). One of these approaches will be available in a future comm release as an optional component.

Asynchronous Result Generation

By default the result returned by a remotely invoked command is the result sent back to the invoker. This means that the result is generated synchronously, and the server handling the call is blocked for the duration of the command.

While this is tolerable as long as only short-running commands are invoked on the server long-running commands, like database queries make this a problem. One command can prevent the processing requests of all other clients for an arbitrary period of time.

Before version 4.5 of comm the only solution was to rewrite the server command to use the Tcl builtin command vwait, or one of its relatives like tkwait, to open a new event loop which processes requests while the long-running operation is executed. This however has its own perils, as this makes it possible to both overflow the Tcl stack with a large number of event loop, and to have a newer requests block the return of older ones, as the eventloop have to be unwound in the order of their creation.

The proper solution is to have the invoked command indicate to comm that it cannot or will not deliver an immediate, synchronous result, but will do so later. At that point the framework can put sending the actual result on hold and continue processing requests using the main event loop. No blocking, no nesting of event loops. At some future date the long running operation delivers the result to comm, via the future object, which is then forwarded to the invoker as usual.

The necessary support for this solution has been added to comm since version 4.5, in the form of the new method return_async.

Compatibility

comm exports itself as a package. The package version number is in the form major . minor, where the major version will only change when a non-compatible change happens to the API or protocol. Minor bug fixes and changes will only affect the minor version. To load comm this command is usually used:

package require comm 3

Note that requiring no version (or a specific version) can also be done.

The revision history of comm includes these releases:

TLS Security Considerations

This package uses the TLS package to handle the security for https urls and other socket connections.

Policy decisions like the set of protocols to support and what ciphers to use are not the responsibility of TLS, nor of this package itself however. Such decisions are the responsibility of whichever application is using the package, and are likely influenced by the set of servers the application will talk to as well.

For example, in light of the recent POODLE attack discovered by Google many servers will disable support for the SSLv3 protocol. To handle this change the applications using TLS must be patched, and not this package, nor TLS itself. Such a patch may be as simple as generally activating tls1 support, as shown in the example below.

package require tls
tls::init -tls1 1 ;# forcibly activate support for the TLS1 protocol

... your own application code ...

Author

John LoVerso, [email protected]

http://www.opengroup.org/~loverso/tcl-tk/#comm

License

Please see the file comm.LICENSE that accompanied this source, or http://www.opengroup.org/www/dist_client/caubweb/COPYRIGHT.free.html.

This license for comm, new as of version 3.2, allows it to be used for free, without any licensing fee or royalty.

Bugs

The following items can be implemented with the existing hooks and are listed here as a reminder to provide a sample hook in a future version.

The following are outstanding todo items.

This man page is bigger than the source file.

On Using Old Versions Of Tcl

Tcl7.5 under Windows contains a bug that causes the interpreter to hang when EOF is reached on non-blocking sockets. This can be triggered with a command such as this:

"comm send $other exit"

Always make sure the channel is quiescent before closing/exiting or use at least Tcl7.6 under Windows.

Tcl7.6 on the Mac contains several bugs. It is recommended you use at least Tcl7.6p2.

Tcl8.0 on UNIX contains a socket bug that can crash Tcl. It is recommended you use Tcl8.0p1 (or Tcl7.6p2).

Related Work

Tcl-DP provides an RPC-based remote execution interface, but is a compiled Tcl extension. See http://www.cs.cornell.edu/Info/Projects/zeno/Projects/Tcl-DP.html.

Michael Doyle has code that implements the Tcl-DP RPC interface using standard Tcl sockets, much like comm. The DpTcl package is available at http://chiselapp.com/user/gwlester/repository/DpTcl.

Andreas Kupries uses comm and has built a simple nameserver as part of his Pool library. See http://www.purl.org/net/akupries/soft/pool/index.htm.

Bugs, Ideas, Feedback

This document, and the package it describes, will undoubtedly contain bugs and other problems. Please report such in the category comm of the Tcllib Trackers. Please also report any ideas for enhancements you may have for either package and/or documentation.

When proposing code changes, please provide unified diffs, i.e the output of diff -u.

Note further that attachments are strongly preferred over inlined patches. Attachments can be made by going to the Edit form of the ticket immediately after its creation, and then using the left-most button in the secondary navigation bar.

SEE ALSO

send(n)

KEYWORDS

comm, communication, ipc, message, remote communication, remote execution, rpc, secure, send, socket, ssl, tls

CATEGORY

Programming tools

COPYRIGHT

Copyright © 1995-1998 The Open Group. All Rights Reserved.
Copyright © 2003-2004 ActiveState Corporation.
Copyright © 2006-2009 Andreas Kupries