in the Perl language in the current release. Please see
pod/perldelta.pod for a description of what's changed. See your
installed copy of the perllocal.pod file for a (possibly incomplete)
-list of locally installed modules. Also see CPAN::autobundle for one
-way to make a "bundle" of your currently installed modules.
+list of locally installed modules. Also see the L<CPAN> module's
+C<autobundle> function for one way to make a "bundle" of your currently
+installed modules.
=head1 Run Configure
=head3 Algorithmic Complexity Attacks on Hashes
-In Perls 5.8.0 and earlier it was easy to create degenerate hashes.
-Processing such hashes would consume large amounts of CPU time,
-enabling a "Denial of Service" attack against Perl. Such hashes may be
-a problem for example for mod_perl sites, sites with Perl CGI scripts
-and web services, that process data originating from external sources.
-
-In Perl 5.8.1 a security feature was introduced to make it harder to
-create such degenerate hashes. A visible side effect of this was that
-the keys(), values(), and each() functions may return the hash elements
-in different order between different runs of Perl even with the same
-data. It also had unintended binary incompatibility issues with
-certain modules compiled against Perl 5.8.0.
-
-In Perl 5.8.2 an improved scheme was introduced. Hashes will return
-elements in the same order as Perl 5.8.0 by default. On a hash by hash
-basis, if pathological data is detected during a hash key insertion,
-then that hash will switch to an alternative random hash seed. As
-adding keys can always dramatically change returned hash element order,
-existing programs will not be affected by this, unless they
-specifically test for pre-recorded hash return order for contrived
-data. (eg the list of keys generated by C<map {"\0"x$_} 0..15> trigger
-randomisation) In effect the new implementation means that 5.8.1 scheme
-is only being used on hashes which are under attack.
-
-One can still revert to the old guaranteed repeatable order (and be
-vulnerable to attack by wily crackers) by setting the environment
-variable PERL_HASH_SEED, see L<perlrun/PERL_HASH_SEED>. Another option
-is to add -DUSE_HASH_SEED_EXPLICIT to the compilation flags (for
-example by using C<Configure -Accflags=-DUSE_HASH_SEED_EXPLICIT>), in
-which case one has to explicitly set the PERL_HASH_SEED environment
-variable to enable the security feature, or by adding -DNO_HASH_SEED to
-the compilation flags to completely disable the randomisation feature.
+Perl 5.18 reworked the measures used to secure its hash function
+from algorithmic complexity attacks. By default it will build with
+all of these measures enabled along with support for controlling and
+disabling them via environment variables.
+
+You can override various aspects of this feature by defining various
+symbols during configure. An example might be:
+
+ Configure -Accflags=-DPERL_HASH_FUNC_SIPHASH
+
+B<Unless stated otherwise these options are considered experimental or
+insecure and are not recommended for production use.>
+
+Perl 5.18 includes support for multiple hash functions, and changed
+the default (to ONE_AT_A_TIME_HARD), you can choose a different
+algorithm by defining one of the following symbols. Note that as of
+Perl 5.18 we can only recommend use of the default or SIPHASH. All
+the others are known to have security issues and are for research
+purposes only.
+
+ PERL_HASH_FUNC_SIPHASH
+ PERL_HASH_FUNC_SDBM
+ PERL_HASH_FUNC_DJB2
+ PERL_HASH_FUNC_SUPERFAST
+ PERL_HASH_FUNC_MURMUR3
+ PERL_HASH_FUNC_ONE_AT_A_TIME
+ PERL_HASH_FUNC_ONE_AT_A_TIME_HARD
+ PERL_HASH_FUNC_ONE_AT_A_TIME_OLD
+
+Perl 5.18 randomizes the order returned by keys(), values(), and each(),
+and allows controlling this behavior by using of the PERL_PERTURB_KEYS
+option. You can disable this option entirely with the define:
+
+ PERL_PERTURB_KEYS_DISABLED
+
+You can disable the environment variable checks and specify the type of
+key traversal randomization to be used by defining one of these:
+
+ PERL_PERTURB_KEYS_RANDOM
+ PERL_PERTURB_KEYS_DETERMINISTIC
+
+In Perl 5.18 the seed used for the hash function is randomly selected
+at process start which can be overridden by specifying a seed by setting
+the PERL_HASH_SEED environment variable.
+
+You can change this behavior by building perl with the
+
+ USE_HASH_SEED_EXPLICIT
+
+define, in which case one has to explicitly set the PERL_HASH_SEED
+environment variable to enable the security feature or by adding
+
+ NO_HASH_SEED
+
+to the compilation flags to completely disable the randomisation feature.
+Note these modes are poorly tested, insecure and not recommended.
B<Perl has never guaranteed any ordering of the hash keys>, and the
ordering has already changed several times during the lifetime of Perl
hashes "unordered". The use of the Data::Dumper C<Sortkeys> option is
recommended.
+See L<perlrun/PERL_HASH_SEED> and L<perlrun/PERL_PERTURB_KEYS> for details on
+the environment variables, and L<perlsec/Algorithmic Complexity Attacks> for
+further security details.
+
=head3 SOCKS
Perl can be configured to be 'socksified', that is, to use the SOCKS
To build a shared libperl, the environment variable controlling shared
library search (LD_LIBRARY_PATH in most systems, DYLD_LIBRARY_PATH for
-NeXTSTEP/OPENSTEP/Darwin, LIBRARY_PATH for BeOS, LD_LIBRARY_PATH/SHLIB_PATH
+NeXTSTEP/OPENSTEP/Darwin, LD_LIBRARY_PATH/SHLIB_PATH
for HP-UX, LIBPATH for AIX, PATH for Cygwin) must be set up to include
the Perl build directory because that's where the shared libperl will
be created. Configure arranges makefile to have the correct shared
something like the following with the newly-built but not-yet-installed
./perl:
- cd t; ./perl -MTestInit misc/failing_test.t
+ ./perl -MTestInit t/misc/failing_test.t
or
=item Directories for the perl distribution
-By default, Configure will use the following directories for 5.15.8.
+By default, Configure will use the following directories for 5.19.2.
$version is the full perl version number, including subversion, e.g.
5.12.3, and $archname is a string like sun4-sunos,
determined by Configure. The full definitions of all Configure
CPAN) or scripts. Configure will set up the following directories to
be used for installing those add-on modules and scripts.
- Configure variable Default value
- $siteprefixexp $prefixexp
- $sitebinexp $siteprefixexp/bin
- $sitescriptexp $siteprefixexp/bin
- $sitelibexp $siteprefixexp/lib/perl5/site_perl/$version
- $sitearchexp $siteprefixexp/lib/perl5/site_perl/$version/$archname
- $siteman1direxp $siteprefixexp/man/man1
- $siteman3direxp $siteprefixexp/man/man3
- $sitehtml1direxp (none)
- $sitehtml3direxp (none)
+ Configure Default
+ variable value
+ $siteprefixexp $prefixexp
+ $sitebinexp $siteprefixexp/bin
+ $sitescriptexp $siteprefixexp/bin
+ $sitelibexp $siteprefixexp/lib/perl5/site_perl/$version
+ $sitearchexp
+ $siteprefixexp/lib/perl5/site_perl/$version/$archname
+ $siteman1direxp $siteprefixexp/man/man1
+ $siteman3direxp $siteprefixexp/man/man3
+ $sitehtml1direxp (none)
+ $sitehtml3direxp (none)
By default, ExtUtils::MakeMaker will install architecture-independent
modules into $sitelib and architecture-dependent modules into $sitearch.
distribution, Configure can optionally set up the following directories
for you to use to distribute add-on modules.
- Configure variable Default value
- $vendorprefixexp (none)
- (The next ones are set only if vendorprefix is set.)
- $vendorbinexp $vendorprefixexp/bin
- $vendorscriptexp $vendorprefixexp/bin
- $vendorlibexp
- $vendorprefixexp/lib/perl5/vendor_perl/$version
- $vendorarchexp
- $vendorprefixexp/lib/perl5/vendor_perl/$version/$archname
- $vendorman1direxp $vendorprefixexp/man/man1
- $vendorman3direxp $vendorprefixexp/man/man3
- $vendorhtml1direxp (none)
- $vendorhtml3direxp (none)
+ Configure Default
+ variable value
+ $vendorprefixexp (none)
+
+ (The next ones are set only if vendorprefix is set.)
+
+ $vendorbinexp $vendorprefixexp/bin
+ $vendorscriptexp $vendorprefixexp/bin
+ $vendorlibexp $vendorprefixexp/lib/perl5/vendor_perl/$version
+ $vendorarchexp
+ $vendorprefixexp/lib/perl5/vendor_perl/$version/$archname
+ $vendorman1direxp $vendorprefixexp/man/man1
+ $vendorman3direxp $vendorprefixexp/man/man3
+ $vendorhtml1direxp (none)
+ $vendorhtml3direxp (none)
These are normally empty, but may be set as needed. For example,
a vendor might choose the following settings:
- $prefix /usr
- $siteprefix /usr/local
- $vendorprefix /usr
+ $prefix /usr
+ $siteprefix /usr/local
+ $vendorprefix /usr
This would have the effect of setting the following:
- $binexp /usr/bin
- $scriptdirexp /usr/bin
- $privlibexp /usr/lib/perl5/$version
- $archlibexp /usr/lib/perl5/$version/$archname
- $man1direxp /usr/man/man1
- $man3direxp /usr/man/man3
-
- $sitebinexp /usr/local/bin
- $sitescriptexp /usr/local/bin
- $sitelibexp /usr/local/lib/perl5/site_perl/$version
- $sitearchexp /usr/local/lib/perl5/site_perl/$version/$archname
- $siteman1direxp /usr/local/man/man1
- $siteman3direxp /usr/local/man/man3
-
- $vendorbinexp /usr/bin
- $vendorscriptexp /usr/bin
- $vendorlibexp /usr/lib/perl5/vendor_perl/$version
- $vendorarchexp /usr/lib/perl5/vendor_perl/$version/$archname
- $vendorman1direxp /usr/man/man1
- $vendorman3direxp /usr/man/man3
+ $binexp /usr/bin
+ $scriptdirexp /usr/bin
+ $privlibexp /usr/lib/perl5/$version
+ $archlibexp /usr/lib/perl5/$version/$archname
+ $man1direxp /usr/man/man1
+ $man3direxp /usr/man/man3
+
+ $sitebinexp /usr/local/bin
+ $sitescriptexp /usr/local/bin
+ $sitelibexp /usr/local/lib/perl5/site_perl/$version
+ $sitearchexp /usr/local/lib/perl5/site_perl/$version/$archname
+ $siteman1direxp /usr/local/man/man1
+ $siteman3direxp /usr/local/man/man3
+
+ $vendorbinexp /usr/bin
+ $vendorscriptexp /usr/bin
+ $vendorlibexp /usr/lib/perl5/vendor_perl/$version
+ $vendorarchexp /usr/lib/perl5/vendor_perl/$version/$archname
+ $vendorman1direxp /usr/man/man1
+ $vendorman3direxp /usr/man/man3
Note how in this example, the vendor-supplied directories are in the
/usr hierarchy, while the directories reserved for the end user are in
site-specific files that are stored elsewhere on your organization's
network. One way to do that would be something like
- sh Configure -Dsiteprefix=/usr/local -Dvendorprefix=/usr/share/perl
+ sh Configure -Dsiteprefix=/usr/local -Dvendorprefix=/usr/share/perl
=item otherlibdirs
directory, and has to include architecture-dependent directories separately,
eg.
- sh Configure -Dinc_version_list="5.15.8/x86_64-linux 5.14.0" ...
+ sh Configure -Dinc_version_list="5.16.0/x86_64-linux 5.16.0" ...
When using the newer perl, you can add these paths again in the
PERL5LIB environment variable or with perl's -I runtime option.
=head2 DTrace support
-On platforms where DTrace is available, it may be enabled by
+On platforms where DTrace is available, it may be enabled by
using the -Dusedtrace option to Configure. DTrace probes are available for
subroutine entry (sub-entry) and subroutine exit (sub-exit). Here's a
simple D script that uses them:
It is possible to specify this from the command line (all on one
line):
- sh Configure -de \
- -Dlocincpth='/usr/local/BerkeleyDB.4.7/include /usr/local/include' \
- -Dloclibpth='/usr/local/BerkeleyDB.4.7/lib /usr/local/lib' \
- -Aldflags='-R/usr/local/BerkeleyDB.4.7/lib'
+ sh Configure -de \
+ -Dlocincpth='/usr/local/BerkeleyDB.4.7/include \
+ /usr/local/include' \
+ -Dloclibpth='/usr/local/BerkeleyDB.4.7/lib /usr/local/lib' \
+ -Aldflags='-R/usr/local/BerkeleyDB.4.7/lib'
locincpth is a space-separated list of include directories to search.
Configure will automatically add the appropriate -I directives.
If you have any additional changes to make to the C compiler command
line, they can be made in cflags.SH. For instance, to turn off the
-optimizer on toke.c, find the line in the switch structure for
-toke.c and put the command optimize='-g' before the ;; . You
-can also edit cflags.SH directly, but beware that your changes will be
-lost the next time you run Configure.
+optimizer on toke.c, find the switch structure marked 'or customize here',
+and add a line for toke.c ahead of the catch-all *) so that it now reads:
+
+ : or customize here
+
+ case "$file" in
+ toke) optimize='-g' ;;
+ *) ;;
+
+You should not edit the generated file cflags directly, as your changes will
+be lost the next time you run Configure, or if you edit config.sh.
To explore various ways of changing ccflags from within a hint file,
see the file hints/README.hints.
Perl can be cross-compiled. It is just not trivial, cross-compilation
rarely is. Perl is routinely cross-compiled for many platforms (as of
-June 2005 at least PocketPC aka WinCE, Open Zaurus, EPOC, Symbian, and
+June 2005 at least PocketPC aka WinCE, Open Zaurus, Symbian, and
the IBM OS/400). These platforms are known as the B<target> platforms,
while the systems where the compilation takes place are the B<host>
platforms.
Cross/README
-=item EPOC
-
-README.epoc
-
=item Symbian
README.symbian
This will run the regression tests on the perl you just made. If
'make test' doesn't say "All tests successful" then something went
-wrong. See the file t/README in the t subdirectory.
+wrong.
Note that you can't run the tests in background if this disables
opening of /dev/tty. You can use 'make test-notty' in that case but
=head2 What if make test doesn't work?
If make test bombs out, just cd to the t directory and run ./TEST
-by hand to see if it makes any difference. If individual tests
-bomb, you can run them by hand, e.g.,
-
- ./perl -MTestInit t/op/groups.t
+by hand to see if it makes any difference.
-Another way to get more detailed information about failed tests and
-individual subtests is to cd to the t directory and run
+One way to get more detailed information about failed tests and
+individual subtests is to run the harness from the t directory:
cd t ; ./perl harness <list of tests>
complicated constructs). If no list of tests is provided, harness
will run all tests.
+If individual tests fail, you can often run them by hand (from the main
+perl directory), e.g.,
+
+ ./perl -MTestInit t/op/groups.t
+
You should also read the individual tests to see if there are any helpful
comments that apply to your system. You may also need to setup your
shared library path if you get errors like:
/sbin/loader: Fatal Error: cannot map libperl.so
+The file t/README in the t subdirectory contains more information about
+running and modifying tests.
+
See L</"Building a shared Perl library"> earlier in this document.
=over 4
Try stopping other jobs on the system and then running the test by itself:
- cd t; ./perl -MTestInit op/pat.t
+ ./perl -MTestInit t/op/pat.t
to see if you have any better luck. If your perl still fails this
test, it does not necessarily mean you have a broken perl. This test
scripts
- cppstdin This is used by the deprecated switch perl -P, if
- your cc -E can't read from stdin.
- c2ph, pstruct Scripts for handling C structures in header files.
+ cppstdin This is used by the deprecated switch perl -P,
+ if your cc -E can't read from stdin.
+ c2ph, pstruct Scripts for handling C structures in header
+ files.
config_data Manage Module::Build-like module configuration.
- corelist Shows versions of modules that come with different
+ corelist Shows versions of modules that come with
+ different
versions of perl.
cpan The CPAN shell.
- cpan2dist The CPANPLUS distribution creator.
- cpanp The CPANPLUS shell.
- cpanp-run-perl A helper for cpanp.
enc2xs Encoding module generator.
find2perl find-to-perl translator.
- h2ph Extract constants and simple macros from C headers.
+ h2ph Extract constants and simple macros from C
+ headers.
h2xs Converts C .h header files to Perl extensions.
instmodsh A shell to examine installed modules.
libnetcfg Configure libnet.
utility iconv.
pl2pm Convert Perl 4 .pl files to Perl 5 .pm modules.
pod2html, Converters from perl's pod documentation format
- pod2latex, to other useful formats.
pod2man,
pod2text,
pod2usage
shasum A tool to print or check SHA checksums.
splain Describe Perl warnings and errors.
xsubpp Compiler to convert Perl XS code into C code.
- zipdetails display the internal structure of zip files
+ zipdetails display the internal structure of zip files
library files
=head1 Coexistence with earlier versions of perl 5
-Perl 5.15 is not binary compatible with earlier versions of Perl.
+Perl 5.19.2 is not binary compatible with earlier versions of Perl.
In other words, you will have to recompile your XS modules.
In general, you can usually safely upgrade from one version of Perl (e.g.
libraries after 5.6.0, but not for executables. TODO?) One convenient
way to do this is by using a separate prefix for each version, such as
- sh Configure -Dprefix=/opt/perl5.15.8
+ sh Configure -Dprefix=/opt/perl5.19.2
-and adding /opt/perl5.15.8/bin to the shell PATH variable. Such users
+and adding /opt/perl5.19.2/bin to the shell PATH variable. Such users
may also wish to add a symbolic link /usr/local/bin/perl so that
scripts can still start with #!/usr/local/bin/perl.
subversions may not have all the compatibility wrinkles ironed out
yet.
-=head2 Upgrading from 5.15.6 or earlier
+=head2 Upgrading from 5.19.0 or earlier
-B<Perl 5.15.8 is binary incompatible with Perl 5.15.6 and any earlier
-Perl release.> Perl modules having binary parts
+B<Perl 5.19.2 may not be binary compatible with Perl 5.19.0 or
+earlier Perl releases.> Perl modules having binary parts
(meaning that a C compiler is used) will have to be recompiled to be
-used with 5.15.8. If you find you do need to rebuild an extension with
-5.15.8, you may safely do so without disturbing the older
+used with 5.19.2. If you find you do need to rebuild an extension with
+5.19.2, you may safely do so without disturbing the older
installations. (See L<"Coexistence with earlier versions of perl 5">
above.)
print("$f\n");
}
-in Linux with perl-5.15.8 is as follows (under $Config{prefix}):
+in Linux with perl-5.19.2 is as follows (under $Config{prefix}):
./bin/perl
- ./lib/perl5/5.15.8/strict.pm
- ./lib/perl5/5.15.8/warnings.pm
- ./lib/perl5/5.15.8/i686-linux/File/Glob.pm
- ./lib/perl5/5.15.8/feature.pm
- ./lib/perl5/5.15.8/XSLoader.pm
- ./lib/perl5/5.15.8/i686-linux/auto/File/Glob/Glob.so
+ ./lib/perl5/5.19.2/strict.pm
+ ./lib/perl5/5.19.2/warnings.pm
+ ./lib/perl5/5.19.2/i686-linux/File/Glob.pm
+ ./lib/perl5/5.19.2/feature.pm
+ ./lib/perl5/5.19.2/XSLoader.pm
+ ./lib/perl5/5.19.2/i686-linux/auto/File/Glob/Glob.so
Secondly, for perl-5.10.1, the Debian perl-base package contains 591 files,
(of which 510 are for lib/unicore) totaling about 3.5MB in its i386 version.
it's a minimal set) and if you want to find out all the files you can
use something like the below
- strace perl -le 'do "x.pl"' 2>&1 | perl -nle '/^open\(\"(.+?)"/ && print $1'
+ strace perl -le 'do "x.pl"' 2>&1 \
+ | perl -nle '/^open\(\"(.+?)"/ && print $1'
(The 'strace' is Linux-specific, other similar utilities include 'truss'
and 'ktrace'.)
https://perl5.git.perl.org / perl5.git / blobdiff