diff options
| author | F. Jason Park | 2022-02-14 02:36:57 -0800 |
|---|---|---|
| committer | F. Jason Park | 2024-09-17 17:55:50 -0700 |
| commit | 50deb59aaee2a8d773e95a53c91da7bdb2c5cabd (patch) | |
| tree | b89919b837e5c275057abb4bce85fc5c639a2993 | |
| parent | 865b54e2acea4fdaa3f302ed225f50281b371d6e (diff) | |
| download | emacs-50deb59aaee2a8d773e95a53c91da7bdb2c5cabd.tar.gz emacs-50deb59aaee2a8d773e95a53c91da7bdb2c5cabd.zip | |
Only conditionally resolve hosts in nsm-should-check
Libraries like `socks' need to run `nsm-verify-connection' without
performing DNS lookups. This change allows them to achieve this by
binding `nsm-trust-local-network' to nil around calls to that function.
* lisp/net/nsm.el (nsm-should-check): Rework in a functionally
equivalent way, except forgo calling both `network-lookup-address-info'
and `network-interface-list' unless the various conditions regarding
`nsm-trust-local-network' are first satisfied. Replace `mapc' with
`dolist' to align with modern sensibilities. (Bug#53941)
| -rw-r--r-- | lisp/net/nsm.el | 33 |
1 files changed, 12 insertions, 21 deletions
diff --git a/lisp/net/nsm.el b/lisp/net/nsm.el index e8fdb9b183b..1ce2ff33ae6 100644 --- a/lisp/net/nsm.el +++ b/lisp/net/nsm.el | |||
| @@ -226,27 +226,18 @@ If `nsm-trust-local-network' is or returns non-nil, and if the | |||
| 226 | host address is a localhost address, or in the same subnet as one | 226 | host address is a localhost address, or in the same subnet as one |
| 227 | of the local interfaces, this function returns nil. Non-nil | 227 | of the local interfaces, this function returns nil. Non-nil |
| 228 | otherwise." | 228 | otherwise." |
| 229 | (let ((addresses (network-lookup-address-info host)) | 229 | (not (and-let* (((or (and (functionp nsm-trust-local-network) |
| 230 | (network-interface-list (network-interface-list t)) | 230 | (funcall nsm-trust-local-network)) |
| 231 | (off-net t)) | 231 | nsm-trust-local-network)) |
| 232 | (when | 232 | (addresses (network-lookup-address-info host)) |
| 233 | (or (and (functionp nsm-trust-local-network) | 233 | (network-interface-list (network-interface-list t))) |
| 234 | (funcall nsm-trust-local-network)) | 234 | (catch 'nsm-should-check |
| 235 | nsm-trust-local-network) | 235 | (dolist (ip addresses) |
| 236 | (mapc | 236 | (dolist (info network-interface-list) |
| 237 | (lambda (ip) | 237 | (when (nsm-network-same-subnet (substring (nth 1 info) 0 -1) |
| 238 | (mapc | 238 | (substring (nth 3 info) 0 -1) |
| 239 | (lambda (info) | 239 | (substring ip 0 -1)) |
| 240 | (let ((local-ip (nth 1 info)) | 240 | (throw 'nsm-should-check t)))))))) |
| 241 | (mask (nth 3 info))) | ||
| 242 | (when | ||
| 243 | (nsm-network-same-subnet (substring local-ip 0 -1) | ||
| 244 | (substring mask 0 -1) | ||
| 245 | (substring ip 0 -1)) | ||
| 246 | (setq off-net nil)))) | ||
| 247 | network-interface-list)) | ||
| 248 | addresses)) | ||
| 249 | off-net)) | ||
| 250 | 241 | ||
| 251 | (defun nsm-check-tls-connection (process host port status settings) | 242 | (defun nsm-check-tls-connection (process host port status settings) |
| 252 | "Check TLS connection against potential security problems. | 243 | "Check TLS connection against potential security problems. |