After the new function implementation, the 'Function' type is no longer one-way by default.
However, many protocol description files relied on this implicit assumption.
The solution is to use 'hashfunction' declarations instead to model one-wayness.
Original bug report by Binh Thanh Nguyen.
Recent versions of Graphviz no longer set the PATH variable on Windows.
Hence Scyther can fail to find dot.exe even though Graphviz was appropriately
installed.
This patch is a hack to try and locate dot.exe in the more common locations.
We currently have a hardcoded search through:
C:\Program Files\Graphviz*
C:\Program Files (x86)\Graphviz*
This is clearly fragile. Obviously, nobody should be solving Graphviz' problem
in such an ugly way. Change drives or languages and it stops working.
Until Graphviz provides at least an alternative environment variable (GVPATH?)
this hack will help the bulk of our users to get things up and running smoothly.
Shlex is only intended to work for Unix-like shells, and using it on
Windows causes problems. We now resort to simply always using the shell
on Unix-like platforms (as our command input is always a string, and not
an array). On Windows, the string input is always okay, even when not
using the shell.
This is a follow-up to a bug report by M. Kammerer on failing Windows
installs.
Previously, pressing 'cancel' in the verification window would leave a dangling scyther backend process.
Now the process gets correctly killed.
The following changes enable this:
- External processes are no longer invoked through the shell (otherwise they are subprocesses of the shell and cannot be reliably killed cross-platform).
- The 'safeCommand' procedure now has a hook for passing opened Popen objects.
- The GUI stores and kills the Popen objects on cancel or window close.
To do: an alternative interface for this in 'safeCommand' could expose a 'killMe' method through a callback; this might be cleaner in the long term.
For now, some parameters are hardcoded.
In the long term this functionality should be incorporated into the Scyther library directly, as
a method of Claim objects.
Before, we were using both __file__ as well as sys.argv[0] to determine the base directory
for Scyther, and we were not taking symlinks into account.
By using the inspect module, we can consistently pick the current frame and derive
the file from that, then use realpath to strip symlinks.
If this variable is unset, Scyther writes into /tmp/Scyther-cache (or similar).
If this variable is set to "", caching is disabled.
Otherwise, Scyther writes into $SCYTHERCACHEDIR/Scyther-cache
Current wxPython packages only work in 32-bit mode. If we detect that there is
an error message complaining about the architecture, we restart scyther-gui.py using
python in 32-bit mode.
Not everything is fixed yet.
However, we fixed:
- 'const' -> 'fresh'
- Removed lines specifying 'runs'
- Removed some specifications of compromised Eve and its long-term keys
being compromised.