From c845eed114ec3cea90acd35c419110d9ab76051f Mon Sep 17 00:00:00 2001
From: zotlabs <mike@macgirvin.com>
Date: Wed, 30 Nov 2016 16:36:33 -0800
Subject: advanced crypto restricted by server role

---
 include/crypto.php | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'include/crypto.php')

diff --git a/include/crypto.php b/include/crypto.php
index e9fa320d3..4b78bb63d 100644
--- a/include/crypto.php
+++ b/include/crypto.php
@@ -138,6 +138,9 @@ function other_encapsulate($data,$pubkey,$alg) {
 
 function crypto_methods() {
 
+	if(\Zotlabs\Lib\System::get_server_role() !== 'pro')
+		return [ 'aes256cbc' ];
+
 	// 'std' is the new project standard which is aes256cbc but transmits/receives 256-byte key and iv. 
 	// aes256cbc is provided for compatibility with earlier zot implementations which assume 32-byte key and 16-byte iv. 
 	// other_encapsulate() now produces these longer keys/ivs by default so that it is difficult to guess a
-- 
cgit v1.2.3