diff options
author | Joey Hess <joeyh@joeyh.name> | 2016-08-29 18:49:55 -0400 |
---|---|---|
committer | Joey Hess <joeyh@joeyh.name> | 2016-08-29 18:51:35 -0400 |
commit | 7ad3536737f30bbd328a4d37f78a72f9600fb4b8 (patch) | |
tree | 343a25aa08176719307e6991b5ee26ac9f3d329e | |
parent | 902bb171212aaf9fc2e748d6ea1466fa2aba095b (diff) | |
download | keysafe-7ad3536737f30bbd328a4d37f78a72f9600fb4b8.tar.gz |
comments
-rw-r--r-- | Storage/Network.hs | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/Storage/Network.hs b/Storage/Network.hs index a1802e6..356f5ad 100644 --- a/Storage/Network.hs +++ b/Storage/Network.hs @@ -38,6 +38,8 @@ data Server = Server serverUrl :: Server -> BaseUrl serverUrl srv = BaseUrl Http (serverName srv) (serverPort srv) "" +-- | These can be either tor .onion addresses, or regular hostnames. +-- Using tor is highly recommended, to avoid correlation attacks. networkServers :: IO [Server] networkServers = return [ Server "localhost" 8080 @@ -82,7 +84,12 @@ serverRequest -> (r -> a) -> (Maybe ProofOfWork -> Manager -> BaseUrl -> ExceptT ServantError IO (ProofOfWorkRequirement r)) -> IO a -serverRequest srv onerr onsuccess a = go Nothing =<< torableManager +serverRequest srv onerr onsuccess a = + -- A new Manager is allocated for each request, rather than reusing + -- any connection. This is a feature; it makes correlation attacks + -- harder because the server can't tell if two connections + -- (over tor) came from the same user. + go Nothing =<< torableManager where url = serverUrl srv go pow manager = do |