From 9e62076baa2fb4a6bb46f8a763e38240c98be5ee Mon Sep 17 00:00:00 2001
From: Jade Ellis <jade@ellis.link>
Date: Sat, 19 Apr 2025 23:29:33 +0100
Subject: [PATCH] feat: Add `allowed_remote_server_names`

This allows explicitly allowing servers. Can be
combined with the opposite to create allowlist-only
federation.

See also #31

Closes #673
---
 conduwuit-example.toml    | 10 ++++++++++
 src/core/config/mod.rs    | 12 ++++++++++++
 src/service/moderation.rs | 19 +++++++++++++++++--
 3 files changed, 39 insertions(+), 2 deletions(-)

diff --git a/conduwuit-example.toml b/conduwuit-example.toml
index 5a4b7b3f..326127c3 100644
--- a/conduwuit-example.toml
+++ b/conduwuit-example.toml
@@ -1206,10 +1206,20 @@
 #
 # Basically "global" ACLs.
 #
+# You can set this to ["*"] to block all servers by default, and then
+# use `allowed_remote_server_names` to allow only specific servers.
+#
 # example: ["badserver\.tld$", "badphrase", "19dollarfortnitecards"]
 #
 #forbidden_remote_server_names = []
 
+# List of allowed server names via regex patterns that we will allow,
+# regardless of if they match `forbidden_remote_server_names`.
+#
+# example: ["goodserver\.tld$", "goodphrase"]
+#
+#allowed_remote_server_names = []
+
 # List of forbidden server names via regex patterns that we will block all
 # outgoing federated room directory requests for. Useful for preventing
 # our users from wandering into bad servers or spaces.
diff --git a/src/core/config/mod.rs b/src/core/config/mod.rs
index 2de3b710..22e09956 100644
--- a/src/core/config/mod.rs
+++ b/src/core/config/mod.rs
@@ -1383,12 +1383,24 @@ pub struct Config {
 	///
 	/// Basically "global" ACLs.
 	///
+	/// You can set this to ["*"] to block all servers by default, and then
+	/// use `allowed_remote_server_names` to allow only specific servers.
+	///
 	/// example: ["badserver\.tld$", "badphrase", "19dollarfortnitecards"]
 	///
 	/// default: []
 	#[serde(default, with = "serde_regex")]
 	pub forbidden_remote_server_names: RegexSet,
 
+	/// List of allowed server names via regex patterns that we will allow,
+	/// regardless of if they match `forbidden_remote_server_names`.
+	///
+	/// example: ["goodserver\.tld$", "goodphrase"]
+	///
+	/// default: []
+	#[serde(default, with = "serde_regex")]
+	pub allowed_remote_server_names: RegexSet,
+
 	/// List of forbidden server names via regex patterns that we will block all
 	/// outgoing federated room directory requests for. Useful for preventing
 	/// our users from wandering into bad servers or spaces.
diff --git a/src/service/moderation.rs b/src/service/moderation.rs
index bd2616f6..d571de88 100644
--- a/src/service/moderation.rs
+++ b/src/service/moderation.rs
@@ -24,8 +24,23 @@ impl crate::Service for Service {
 #[implement(Service)]
 #[must_use]
 pub fn is_remote_server_forbidden(&self, server_name: &ServerName) -> bool {
-	// Forbidden if NOT (allowed is empty OR allowed contains server OR is self)
-	// OR forbidden contains server
+	// We must never block federating with ourselves
+	if server_name == self.services.server.config.server_name {
+		return false;
+	}
+
+	// Check if server is explicitly allowed
+	if self
+		.services
+		.server
+		.config
+		.allowed_remote_server_names
+		.is_match(server_name.host())
+	{
+		return false;
+	}
+
+	// Check if server is explicitly forbidden
 	self.services
 		.server
 		.config