Bug in remote access construction sequence

[mike1813]

If a user with a remote access client uses (directly or indirectly) a remote access service, then they can also use (remotely) any process used by the remote access service and running on its host.

This represents the process of logging into a host to get shell access, and running a process via a shell command. The process must be a command line process if the remote access service is a regular login service, or if the remote access client is a remote terminal.

Users should be able to assert this arrangement in two ways:

1. Assert that a remote access client (with an interactive user) uses a remote access service that uses a process running on its host.
2. Assert that a remote access client (with an interactive user) uses a process running on the remote host.

In the first case, there is no link between the remote access client and the target process, so a construction pattern adds a 'usesRemotely' link. In the second case, there is already a 'uses' link between client and the target, but a construction pattern still adds 'usesRemotely' so both cases can be handled by the same patterns later on.

Unfortunately, the first case doesn't work correctly if the remote access client accesses the remote access service via a reverse proxy. This seems to be a bug in construction patterns RDuDtSuPH+uR and RTuRASuCPH+uR.

[mike1813]

Fixed in branch 65.

[mike1813]

Turns out the fix had side effects on other patterns after changes to address #103.

Reverting the change made here and retesting. Either those other changes mean the problem has gone away, or we need to find another way to fix it, somewhere else in the sequence.

[mike1813]

Revised sequence works better than the old one, so closing this issue.