[nongnu] elpa/elpher 57a0133c36: Make elpher-gemini-TLS-cert-checks usable with SOCKS

[ELPA Syncer]

branch: elpa/elpher
commit 57a0133c36a1a0cf9222c9d3f1f17dcbf977fbb4
Author: F. Jason Park <jp@neverwas.me>
Commit: F. Jason Park <jp@neverwas.me>

    Make elpher-gemini-TLS-cert-checks usable with SOCKS
    
    This is a followup to:
    
    https://lists.sr.ht/~michel-slm/elpher/%3C87wmk7kvjl.fsf@librehacker.com%3E
    
    The changes make the option `elpher-gemini-TLS-cert-checks' usable with non
    .onion SOCKS connections. While it's possible to obtain DV certs for .onion
    domains, that's mostly a thing with the Facebooks and Twitters of the world,
    so this change doesn't bother checking them.
    
    Note that this will leak DNS for users on versions of Emacs 31.0.50 before
    
    https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=50deb59a
    
    The rationale here is that these are advanced users who update regularly
    enough for this not to be a problem.
---
 elpher.el | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/elpher.el b/elpher.el
index dcc702a1ad..5910e8ccbc 100644
--- a/elpher.el
+++ b/elpher.el
@@ -996,8 +996,13 @@ the host operating system and the local network 
capabilities.)"
                                     (error
                                      (elpher-network-error address 
the-error)))))
           (when socks
-            (if use-tls
-                (apply #'gnutls-negotiate :process proc gnutls-params))
+            (when use-tls
+              (apply #'gnutls-negotiate :process proc gnutls-params)
+              (unless (or (< emacs-major-version 31)
+                          (string-suffix-p ".onion" host))
+                ;; Bind this option to nil to suppress DNS lookups.
+                (let (nsm-trust-local-network)
+                  (nsm-verify-connection proc host port))))
             (funcall (process-sentinel proc) proc "open\n")))
       (error
        (elpher-process-cleanup)