From a934a7f687be0a3040c4bc7d663d04916f1bd7f1 Mon Sep 17 00:00:00 2001
From: Jason Volk <jason@zemos.net>
Date: Wed, 28 Aug 2024 09:16:41 +0000
Subject: [PATCH] freeze remote media via legacy endpoints

Signed-off-by: Jason Volk <jason@zemos.net>
---
 src/core/config/mod.rs      |  3 +++
 src/service/media/remote.rs | 12 ++++++++++++
 2 files changed, 15 insertions(+)

diff --git a/src/core/config/mod.rs b/src/core/config/mod.rs
index a9469e5b..71ffd7f3 100644
--- a/src/core/config/mod.rs
+++ b/src/core/config/mod.rs
@@ -292,6 +292,8 @@ pub struct Config {
 	#[serde(default = "true_fn")]
 	pub allow_legacy_media: bool,
 	#[serde(default = "true_fn")]
+	pub freeze_legacy_media: bool,
+	#[serde(default = "true_fn")]
 	pub media_startup_check: bool,
 	#[serde(default)]
 	pub media_compat_file_link: bool,
@@ -748,6 +750,7 @@ impl fmt::Display for Config {
 		line("Media compatibility filesystem links", &self.media_compat_file_link.to_string());
 		line("Prune missing media from database", &self.prune_missing_media.to_string());
 		line("Allow legacy (unauthenticated) media", &self.allow_legacy_media.to_string());
+		line("Freeze legacy (unauthenticated) media", &self.freeze_legacy_media.to_string());
 		line("Prevent Media Downloads From", {
 			let mut lst = vec![];
 			for domain in &self.prevent_media_downloads_from {
diff --git a/src/service/media/remote.rs b/src/service/media/remote.rs
index 9f622fe0..59846b8e 100644
--- a/src/service/media/remote.rs
+++ b/src/service/media/remote.rs
@@ -310,6 +310,7 @@ pub async fn fetch_remote_thumbnail_legacy(
 		media_id: &body.media_id,
 	};
 
+	self.check_legacy_freeze()?;
 	self.check_fetch_authorized(&mxc)?;
 	let reponse = self
 		.services
@@ -342,6 +343,7 @@ pub async fn fetch_remote_thumbnail_legacy(
 pub async fn fetch_remote_content_legacy(
 	&self, mxc: &Mxc<'_>, allow_redirect: bool, timeout_ms: Duration,
 ) -> Result<media::get_content::v3::Response, Error> {
+	self.check_legacy_freeze()?;
 	self.check_fetch_authorized(mxc)?;
 	let response = self
 		.services
@@ -391,3 +393,13 @@ fn check_fetch_authorized(&self, mxc: &Mxc<'_>) -> Result<()> {
 
 	Ok(())
 }
+
+#[implement(super::Service)]
+fn check_legacy_freeze(&self) -> Result<()> {
+	self.services
+		.server
+		.config
+		.freeze_legacy_media
+		.then_some(())
+		.ok_or(err!(Request(NotFound("Remote media is frozen."))))
+}