Only conditionally resolve hosts in nsm-should-check

Libraries like `socks' need to run `nsm-verify-connection' without
performing DNS lookups.  This change allows them to achieve this by
binding `nsm-trust-local-network' to nil around calls to that function.

* lisp/net/nsm.el (nsm-should-check): Rework in a functionally
equivalent way, except forgo calling both `network-lookup-address-info'
and `network-interface-list' unless the various conditions regarding
`nsm-trust-local-network' are first satisfied.  Replace `mapc' with
`dolist' to align with modern sensibilities.   (Bug#53941)

(cherry picked from commit 50deb59aaee2a8d773e95a53c91da7bdb2c5cabd)

diff --git a/lisp/net/nsm.el b/lisp/net/nsm.el
index 9870ccbc8c25e37e280ddc6a895501a3f28c96aa..ffeaaef70a8ed50757de2e6061227642d8ea79d9 100644 (file)
--- a/lisp/net/nsm.el
+++ b/lisp/net/nsm.el
@@ -226,27 +226,18 @@ If `nsm-trust-local-network' is or returns non-nil, and if the
 host address is a localhost address, or in the same subnet as one
 of the local interfaces, this function returns nil.  Non-nil
 otherwise."
-  (let ((addresses (network-lookup-address-info host))
-        (network-interface-list (network-interface-list t))
-        (off-net t))
-    (when
-     (or (and (functionp nsm-trust-local-network)
-              (funcall nsm-trust-local-network))
-         nsm-trust-local-network)
-     (mapc
-      (lambda (ip)
-        (mapc
-         (lambda (info)
-           (let ((local-ip (nth 1 info))
-                 (mask (nth 3 info)))
-             (when
-                 (nsm-network-same-subnet (substring local-ip 0 -1)
-                                          (substring mask 0 -1)
-                                          (substring ip 0 -1))
-               (setq off-net nil))))
-         network-interface-list))
-      addresses))
-     off-net))
+  (not (and-let* (((or (and (functionp nsm-trust-local-network)
+                            (funcall nsm-trust-local-network))
+                       nsm-trust-local-network))
+                  (addresses (network-lookup-address-info host))
+                  (network-interface-list (network-interface-list t)))
+         (catch 'nsm-should-check
+           (dolist (ip addresses)
+             (dolist (info network-interface-list)
+               (when (nsm-network-same-subnet (substring (nth 1 info) 0 -1)
+                                              (substring (nth 3 info) 0 -1)
+                                              (substring ip 0 -1))
+                 (throw 'nsm-should-check t))))))))
 
 (defun nsm-check-tls-connection (process host port status settings)
   "Check TLS connection against potential security problems.