From e8251fe1e6c1bbf9f26aa5af390ca651f489bdd9 Mon Sep 17 00:00:00 2001
From: Saksham Mittal <gotlouemail@gmail.com>
Date: Wed, 13 Sep 2023 11:32:32 +0530
Subject: [PATCH 1/3] fix: allow connect() in dedicated method

---
 src/builtins/network.rs | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/builtins/network.rs b/src/builtins/network.rs
index 8839ddb..b9e32f4 100644
--- a/src/builtins/network.rs
+++ b/src/builtins/network.rs
@@ -175,6 +175,12 @@ impl Networking {
         YesReally::new(self)
     }
 
+    /// Allow `connect` syscall
+    pub fn allow_connect(mut self) -> YesReally<Networking> {
+        self.allowed.extend(&[Sysno::connect]);
+        YesReally::new(self)
+    }
+
     /// Allow starting new TCP clients.
     ///
     /// # Security Notes
@@ -201,8 +207,7 @@ impl Networking {
         self.custom.entry(Sysno::socket)
             .or_insert_with(Vec::new)
             .push(rule);
-
-        self.allowed.extend(&[Sysno::connect]);
+        
         self.allowed.extend(NET_IO_SYSCALLS);
         self.allowed.extend(NET_READ_SYSCALLS);
         self.allowed.extend(NET_WRITE_SYSCALLS);

From d4840ba1e7067025ddedcd1740184339226b72ba Mon Sep 17 00:00:00 2001
From: Saksham Mittal <gotlouemail@gmail.com>
Date: Fri, 15 Sep 2023 11:04:32 +0530
Subject: [PATCH 2/3] Fix example to allow connect()

---
 examples/ipc_server_with_database.rs | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/examples/ipc_server_with_database.rs b/examples/ipc_server_with_database.rs
index d2bd023..d2f5d78 100644
--- a/examples/ipc_server_with_database.rs
+++ b/examples/ipc_server_with_database.rs
@@ -69,6 +69,7 @@ fn run_webserver(db_socket_path: &str) {
     // extrasafe context
     SafetyContext::new()
         .enable(Networking::nothing()
+            .allow_connect().yes_really()
             .allow_running_tcp_servers()).unwrap()
         .apply_to_current_thread()
         .unwrap();
@@ -154,6 +155,8 @@ fn run_db(socket_path: &str) {
     // after opening connection socket and db file, set extrasafe context
     SafetyContext::new()
         .enable(Networking::nothing()
+            .allow_connect()
+            .yes_really()
             .allow_running_unix_servers()
         ).unwrap()
         .enable(SystemIO::nothing()
@@ -230,6 +233,8 @@ fn run_client_write(msg: &str) {
     // Set up extrasafe context
     SafetyContext::new()
         .enable(Networking::nothing()
+            .allow_connect()
+            .yes_really()
             .allow_start_tcp_clients()).unwrap()
         .apply_to_current_thread()
         .unwrap();
@@ -272,6 +277,7 @@ fn run_client_read() {
     SafetyContext::new()
         .enable(Networking::nothing()
             // Necessary for DNS
+            .allow_connect().yes_really()
             .allow_start_udp_servers().yes_really()
             .allow_start_tcp_clients()).unwrap()
         // For some reason only if we make two requests with a client does it use multiple threads,

From 639d6c19d33b034ffc4dc71ade2ec86e799e8ee5 Mon Sep 17 00:00:00 2001
From: Saksham Mittal <gotlouemail@gmail.com>
Date: Fri, 15 Sep 2023 11:13:38 +0530
Subject: [PATCH 3/3] fix: examples

---
 examples/network_server.rs       | 1 +
 examples/server_with_database.rs | 2 ++
 2 files changed, 3 insertions(+)

diff --git a/examples/network_server.rs b/examples/network_server.rs
index cba3b6d..016be5c 100644
--- a/examples/network_server.rs
+++ b/examples/network_server.rs
@@ -88,6 +88,7 @@ fn main() {
     thread::sleep(std::time::Duration::from_millis(50));
     SafetyContext::new()
         .enable(Networking::nothing()
+            .allow_connect().yes_really()
             .allow_running_tcp_servers()
             .allow_start_tcp_clients()
         ).unwrap()
diff --git a/examples/server_with_database.rs b/examples/server_with_database.rs
index 27dc439..3725a79 100644
--- a/examples/server_with_database.rs
+++ b/examples/server_with_database.rs
@@ -184,6 +184,7 @@ fn run_client_write(msg: &str) {
     // Set up extrasafe context
     SafetyContext::new()
         .enable(Networking::nothing()
+            .allow_connect().yes_really()
             .allow_start_tcp_clients()).unwrap()
         .apply_to_current_thread()
         .unwrap();
@@ -224,6 +225,7 @@ fn run_client_read() {
     // enable extrasafe context
     SafetyContext::new()
         .enable(Networking::nothing()
+            .allow_connect().yes_really()
             // Necessary for DNS
             .allow_start_udp_servers().yes_really()
             .allow_start_tcp_clients()).unwrap()