optimize config denylists

Signed-off-by: Jason Volk <jason@zemos.net>

src/service/globals/mod.rs

@@ -252,10 +252,6 @@ impl Service {
 
 	pub fn allow_outgoing_read_receipts(&self) -> bool { self.config.allow_outgoing_read_receipts }
 
-	pub fn forbidden_remote_room_directory_server_names(&self) -> &[OwnedServerName] {
-		&self.config.forbidden_remote_room_directory_server_names
-	}
-
 	pub fn well_known_support_page(&self) -> &Option<Url> { &self.config.well_known.support_page }
 
 	pub fn well_known_support_role(&self) -> &Option<ContactRole> { &self.config.well_known.support_role }

src/service/media/remote.rs

@@ -382,8 +382,7 @@ fn check_fetch_authorized(&self, mxc: &Mxc<'_>) -> Result<()> {
 		.server
 		.config
 		.prevent_media_downloads_from
-		.iter()
-		.any(|entry| entry == mxc.server_name)
+		.contains(mxc.server_name)
 	{
 		// we'll lie to the client and say the blocked server's media was not found and
 		// log. the client has no way of telling anyways so this is a security bonus.

src/service/sending/send.rs

@@ -1,8 +1,8 @@
 use std::{fmt::Debug, mem};
 
 use conduit::{
-	debug, debug_error, debug_info, debug_warn, err, error::inspect_debug_log, implement, trace, utils::string::EMPTY,
-	Err, Error, Result,
+	debug, debug_error, debug_warn, err, error::inspect_debug_log, implement, trace, utils::string::EMPTY, Err, Error,
+	Result,
 };
 use http::{header::AUTHORIZATION, HeaderValue};
 use ipaddress::IPAddress;
@@ -36,10 +36,9 @@ impl super::Service {
 			.server
 			.config
 			.forbidden_remote_server_names
-			.contains(&dest.to_owned())
+			.contains(dest)
 		{
-			debug_info!("Refusing to send outbound federation request to {dest}");
-			return Err!(Request(Forbidden("Federation with this homeserver is not allowed.")));
+			return Err!(Request(Forbidden(debug_warn!("Federation with this {dest} is not allowed."))));
 		}
 
 		let actual = self.services.resolver.get_actual_dest(dest).await?;