magmaus3/continuwuity
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: Add allowed_remote_server_names

Browse source 
This allows explicitly allowing servers. Can be
combined with the opposite to create allowlist-only
federation.

See also #31

Closes #673
This commit is contained in:
Jade Ellis 2025-04-19 23:29:33 +01:00
parent 0eb9e4f3d2
commit 9e62076baa
No known key found for this signature in database
GPG key ID: 8705A2A3EBF77BD2
3 changed files with 39 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

19
src/service/moderation.rs
View file

@ -24,8 +24,23 @@ impl crate::Service for Service {
#[implement(Service)]
#[must_use]
pub fn is_remote_server_forbidden(&self, server_name: &ServerName) -> bool {
// Forbidden if NOT (allowed is empty OR allowed contains server OR is self)
// OR forbidden contains server
// We must never block federating with ourselves
if server_name == self.services.server.config.server_name {
return false;
}
// Check if server is explicitly allowed
if self
.services
.server
.config
.allowed_remote_server_names
.is_match(server_name.host())
{
return false;
}
// Check if server is explicitly forbidden
self.services
.server
.config