From 4d31b9f9f9be7cfc984b6dc9716832bd33063ed3 Mon Sep 17 00:00:00 2001
From: silverpill <silverpill@firemail.cc>
Date: Mon, 19 Dec 2022 15:12:21 +0000
Subject: [PATCH] Reject activities from blocked instances before verifying
 signature

---
 src/activitypub/receiver.rs | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/src/activitypub/receiver.rs b/src/activitypub/receiver.rs
index 118312b..fd22dce 100644
--- a/src/activitypub/receiver.rs
+++ b/src/activitypub/receiver.rs
@@ -229,6 +229,18 @@ pub async fn receive_activity(
     let activity_actor = activity["actor"].as_str()
         .ok_or(ValidationError("actor property is missing"))?;
 
+    let actor_hostname = url::Url::parse(activity_actor)
+        .map_err(|_| ValidationError("invalid actor ID"))?
+        .host_str()
+        .ok_or(ValidationError("invalid actor ID"))?
+        .to_string();
+    if config.blocked_instances.iter()
+        .any(|instance_hostname| &actor_hostname == instance_hostname)
+    {
+        log::warn!("ignoring activity from blocked instance: {}", activity);
+        return Ok(());
+    };
+
     let is_self_delete = if activity_type == DELETE {
         let object_id = find_object_id(&activity["object"])?;
         object_id == activity_actor