Enhance corenetwork network_port() macro to support ports that do not have a well defined port number, such as stunnel.

Changelog

@@ -1,3 +1,5 @@
+- Enhance corenetwork network_port() macro to support ports that do not have
+  a well defined port number, such as stunnel.
 - Opendkim support in dkim module from Paul Howarth.
 - Wireshark updates from Sven Vermeulen.
 - Change secure_mode_insmod to control sys_module capability rather than

policy/modules/contrib

@@ -1 +1 @@
-Subproject commit 260b88365e2958ffc33a1c33f3dcf8da4c567db3
+Subproject commit e6f073a7740ab4a4f322ed984f972282c401916e

policy/modules/kernel/corenetwork.te.in

@@ -1,4 +1,4 @@
-policy_module(corenetwork, 1.16.1)
+policy_module(corenetwork, 1.16.2)
 
 ########################################
 #
@@ -90,7 +90,7 @@ network_port(audit, tcp,60,s0)
 network_port(auth, tcp,113,s0)
 network_port(bgp, tcp,179,s0, udp,179,s0, tcp,2605,s0, udp,2605,s0)
 network_port(boinc, tcp,31416,s0)
-type biff_port_t, port_type, reserved_port_type; dnl network_port(biff) # no defined portcon in current strict
+network_port(biff) # no defined portcon
 network_port(certmaster, tcp,51235,s0)
 network_port(chronyd, udp,323,s0)
 network_port(clamd, tcp,3310,s0)
@@ -147,7 +147,7 @@ network_port(ktalkd, udp,517,s0, udp,518,s0)
 network_port(ldap, tcp,389,s0, udp,389,s0, tcp,636,s0, udp,636,s0, tcp,3268,s0)
 network_port(lirc, tcp,8765,s0)
 network_port(lmtp, tcp,24,s0, udp,24,s0)
-type lrrd_port_t, port_type; dnl network_port(lrrd_port_t) # no defined portcon
+network_port(lrrd) # no defined portcon
 network_port(mail, tcp,2000,s0, tcp,3905,s0)
 network_port(memcache, tcp,11211,s0, udp,11211,s0)
 network_port(mmcc, tcp,5050,s0, udp,5050,s0)
@@ -203,13 +203,13 @@ network_port(sixxsconfig, tcp,3874,s0, udp,3874,s0)
 network_port(smbd, tcp,137-139,s0, tcp,445,s0)
 network_port(smtp, tcp,25,s0, tcp,465,s0, tcp,587,s0)
 network_port(snmp, udp,161,s0, udp,162,s0, tcp,199,s0, tcp, 1161, s0)
-type socks_port_t, port_type; dnl network_port(socks) # no defined portcon
+network_port(socks) # no defined portcon
 network_port(soundd, tcp,8000,s0, tcp,9433,s0, tcp, 16001, s0)
 network_port(spamd, tcp,783,s0)
 network_port(speech, tcp,8036,s0)
 network_port(squid, udp,3401,s0, tcp,3401,s0, udp,4827,s0, tcp,4827,s0) # snmp and htcp
 network_port(ssh, tcp,22,s0)
-type stunnel_port_t, port_type; dnl network_port(stunnel) # no defined portcon in current strict
+network_port(stunnel) # no defined portcon
 network_port(swat, tcp,901,s0)
 network_port(syslogd, udp,514,s0)
 network_port(tcs, tcp, 30003, s0)
@@ -219,7 +219,7 @@ network_port(tor, tcp, 6969, s0, tcp,9001,s0, tcp,9030,s0, tcp,9050,s0, tcp,9051
 network_port(traceroute, udp,64000-64010,s0)
 network_port(transproxy, tcp,8081,s0)
 network_port(ups, tcp,3493,s0)
-type utcpserver_port_t, port_type; dnl network_port(utcpserver) # no defined portcon
+network_port(utcpserver) # no defined portcon
 network_port(uucpd, tcp,540,s0)
 network_port(varnishd, tcp,6081-6082,s0)
 network_port(virt, tcp,16509,s0, udp,16509,s0, tcp,16514,s0, udp,16514,s0)

policy/modules/kernel/corenetwork.te.m4

@@ -93,7 +93,7 @@ define(`network_port',`
 type $1_port_t, port_type, defined_port_type;
 type $1_client_packet_t, packet_type, client_packet_type;
 type $1_server_packet_t, packet_type, server_packet_type;
-declare_ports($1_port_t,shift($*))dnl
+ifelse(`$2',`',`',`declare_ports($1_port_t,shift($*))')dnl
 ')
 
 #