finish can_exec_any and fix a can_network_tcp_client

docs/macro_conversion_guide

@@ -429,16 +429,16 @@ allow $1_t $1_devpts_t:chr_file { setattr ioctl read getattr lock write append }
 allow $1 $2:file { getattr read execute execute_no_trans };
 
 #
-# can_exec_any():
+# can_exec_any(): complete
 #
-libraries_use_dynamic_loader($1)
+domain_execute_all_entrypoint_programs($1)
-libraries_read_shared_libraries($1)
 files_execute_system_config_script($1)
-libraries_execute_library_scripts($1)
 corecommands_execute_general_programs($1)
 corecommands_execute_system_programs($1)
-domain_execute_all_entrypoint_programs($1)
+libraries_use_dynamic_loader($1)
-can_exec($1, ld_so_t)
+libraries_read_shared_libraries($1)
+libraries_execute_dynamic_loader($1)
+libraries_execute_library_scripts($1)
 
 #
 # can_getcon():
@@ -497,10 +497,29 @@ can_network_client_tcp($1, `$2')
 can_network_udp($1, `$2')
 
 #
-# can_network_client_tcp():
+# can_network_client_tcp($1): complete
 #
-base_can_network($1, tcp, `$2')
+allow $1 self:tcp_socket { create connect ioctl read getattr write setattr append bind getopt setopt shutdown };
-allow $1 self:tcp_socket { connect };
+corenetwork_network_tcp_on_all_interfaces($1)
+corenetwork_network_raw_on_all_interfaces($1)
+corenetwork_network_tcp_on_all_nodes($1)
+corenetwork_network_raw_on_all_nodes($1)
+corenetwork_bind_tcp_on_all_nodes($1)
+corenetwork_network_tcp_on_all_ports($1)
+sysnetwork_read_network_config($1)
+
+#
+# can_network_client_tcp($1,$2):
+#
+# remove _port_t from $2
+allow system_mail_t self:tcp_socket { create connect ioctl read getattr write setattr append bind getopt setopt shutdown };
+corenetwork_network_tcp_on_all_interfaces(system_mail_t)
+corenetwork_network_raw_on_all_interfaces(system_mail_t)
+corenetwork_network_tcp_on_all_nodes(system_mail_t)
+corenetwork_network_raw_on_all_nodes(system_mail_t)
+corenetwork_bind_tcp_on_all_nodes(system_mail_t)
+corenetwork_network_tcp_on_$2_port(system_mail_t)
+sysnetwork_read_network_config(system_mail_t)
 
 #
 # can_network_server():