diff --git a/node/Defaults.cpp b/node/Defaults.cpp index ae1d79a5a..8e3a8c9ff 100644 --- a/node/Defaults.cpp +++ b/node/Defaults.cpp @@ -54,21 +54,21 @@ static inline std::map< Identity,std::vector > _mkSupernodeMap() // cthulhu.zerotier.com - New York, New York, USA addrs.clear(); - if (!id.fromString("31a633d7fd:0:1f9d24ac00dd6b21c711304f6034001d25678e1a0eb260ed1996dd881c73143af1ff1b84457e013467eb8b780c0ee4a5fdd037ac07f91eb427051b8cbe110446")) + if (!id.fromString("d2ba4048c3:0:cfa02701eb69e2f2c64aa498151e57f82c172036967186c93f2afbe45a64d64306f88fa1225724f6f87beabd6a0feb18c746cf4691867542e18b894390692303")) throw std::runtime_error("invalid identity in Defaults"); addrs.push_back(InetAddress("198.199.73.93",ZT_DEFAULT_UDP_PORT)); sn[id] = addrs; // nyarlathotep.zerotier.com - San Francisco, California, USA addrs.clear(); - if (!id.fromString("aaf5e8b5eb:0:9aa129e78c564313b07b1d9f739683d6b109a3c83fb7294ef16c221e2f4f5050682febe9715069ba1013542236635a543ed2f44c20d8a01bbb14d5900e4572ae")) + if (!id.fromString("80eb92f707:0:7f0209663d815438dead321ec78c65c27fec6feeb8ccd9acc152c59066740521e45d1a1cbc5186e3773178429c4b26ab0df2c78f3e822540d70456724797f23f")) throw std::runtime_error("invalid identity in Defaults"); addrs.push_back(InetAddress("198.199.97.220",ZT_DEFAULT_UDP_PORT)); sn[id] = addrs; // shub-niggurath.zerotier.com - Amsterdam, Netherlands addrs.clear(); - if (!id.fromString("c6524a2797:0:f656ead7c1e88ac3255a36ec2919343fbef8876300015a6f0aceccd6af808f5180eda4b4015e2cc27225233873466e89808b3e50b3b0a5a95a6f7bd3fef7eba8")) + if (!id.fromString("34594c9086:0:2ac70c00cc03a078a2a8f889d61e72397f8cd684a6daecbe6350f24e0193790e118805a1673eaf57ce9f7b41f45525c995289c406461c739ccad2c93efa36746")) throw std::runtime_error("invalid identity in Defaults"); addrs.push_back(InetAddress("198.211.127.172",ZT_DEFAULT_UDP_PORT)); sn[id] = addrs; diff --git a/node/Identity.cpp b/node/Identity.cpp index c46321e0f..e0d5afd7c 100644 --- a/node/Identity.cpp +++ b/node/Identity.cpp @@ -40,13 +40,13 @@ // parameters of the hashcash hashing/searching algorithm. // Hashcash halting criteria -#define ZT_IDENTITY_GEN_HASHCASH_FIRST_BYTE_LESS_THAN 5 +#define ZT_IDENTITY_GEN_HASHCASH_FIRST_BYTE_LESS_THAN 7 // Amount of memory for memory-hardness #define ZT_IDENTITY_GEN_MEMORY 8388608 // Step distance for mixing genmem[] -#define ZT_IDENTITY_GEN_MEMORY_MIX_STEP 128 +#define ZT_IDENTITY_GEN_MEMORY_MIX_STEP 1024 namespace ZeroTier { diff --git a/node/Network.cpp b/node/Network.cpp index d5241de41..d3b0b6c9e 100644 --- a/node/Network.cpp +++ b/node/Network.cpp @@ -93,6 +93,7 @@ void Network::CertificateOfMembership::fromString(const char *s) { _qualifiers.clear(); _signedBy.zero(); + memset(_signature.data,0,_signature.size()); unsigned int colonAt = 0; while ((s[colonAt])&&(s[colonAt] != ':')) ++colonAt; diff --git a/node/Network.hpp b/node/Network.hpp index e8d8a51e7..70be56fc6 100644 --- a/node/Network.hpp +++ b/node/Network.hpp @@ -135,7 +135,11 @@ public: COM_RESERVED_ID_NETWORK_ID = 1 // network ID, max delta always 0 }; - CertificateOfMembership() {} + CertificateOfMembership() + { + memset(_signature.data,0,_signature.size()); + } + CertificateOfMembership(const char *s) { fromString(s); } CertificateOfMembership(const std::string &s) { fromString(s.c_str()); } diff --git a/selftest-crypto-vectors.hpp b/selftest-crypto-vectors.hpp index 051328040..baf3cddb0 100644 --- a/selftest-crypto-vectors.hpp +++ b/selftest-crypto-vectors.hpp @@ -3,8 +3,8 @@ #ifndef _ZT_SELFTEST_CRYPTO_VECTORS_H #define _ZT_SELFTEST_CRYPTO_VECTORS_H -#define KNOWN_GOOD_IDENTITY "3a1c320b0b:0:47caad9a1926dc8ce26320a6392aea2fef256a773f0f7ccd3c88340f32a12c7811fa6a95866f00a8df5b97014c142fe27c403b28089f1ab1a717b0799523c39f:16dc074a4a00046f28a57cb0f87ccaa00e27c5d3536c278e840ce30a0b00e28d0b066253e6fe86c7e170619e69480da683db289ef19acc68ef53faf0e9f4c050" -#define KNOWN_BAD_IDENTITY "2a1c320b0b:0:47caad9a1926dc8ce26320a6392aea2fef256a773f0f7ccd3c88340f32a12c7811fa6a95866f00a8df5b97014c142fe27c403b28089f1ab1a717b0799523c39f:16dc074a4a00046f28a57cb0f87ccaa00e27c5d3536c278e840ce30a0b00e28d0b066253e6fe86c7e170619e69480da683db289ef19acc68ef53faf0e9f4c050" +#define KNOWN_GOOD_IDENTITY "d83ac37b39:0:2641645e99286cba657f46c6c1556e266110177c159741bc0c45a5ed419d9d759e254c928e09275630a4c655d2e42e98394550cb14538bed3f4fdee20f1c6263:3b534f4707c160ac03432f7d5419b9a73abbe76b2f6f68e41918024c4be0cbc407db232eae79c432ee3ac2bce93d77303ac8ffcf07d5c7e9f27a8876ff84d438" +#define KNOWN_BAD_IDENTITY "d83ac37b3a:0:2641645e99286cba657f46c6c1556e266110177c159741bc0c45a5ed419d9d759e254c928e09275630a4c655d2e42e98394550cb14538bed3f4fdee20f1c6263:3b534f4707c160ac03432f7d5419b9a73abbe76b2f6f68e41918024c4be0cbc407db232eae79c432ee3ac2bce93d77303ac8ffcf07d5c7e9f27a8876ff84d438" static const unsigned char s20TV0Key[32] = { 0x0f,0x62,0xb5,0x08,0x5b,0xae,0x01,0x54,0xa7,0xfa,0x4d,0xa0,0xf3,0x46,0x99,0xec,0x3f,0x92,0xe5,0x38,0x8b,0xde,0x31,0x84,0xd7,0x2a,0x7d,0xd0,0x23,0x76,0xc9,0x1c }; static const unsigned char s20TV0Iv[8] = { 0x28,0x8f,0xf6,0x5d,0xc4,0x2b,0x92,0xf9 };