From 7ad3536737f30bbd328a4d37f78a72f9600fb4b8 Mon Sep 17 00:00:00 2001
From: Joey Hess <joeyh@joeyh.name>
Date: Mon, 29 Aug 2016 18:49:55 -0400
Subject: comments

---
 Storage/Network.hs | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

(limited to 'Storage')

diff --git a/Storage/Network.hs b/Storage/Network.hs
index a1802e6..356f5ad 100644
--- a/Storage/Network.hs
+++ b/Storage/Network.hs
@@ -38,6 +38,8 @@ data Server = Server
 serverUrl :: Server -> BaseUrl
 serverUrl srv = BaseUrl Http (serverName srv) (serverPort srv) ""
 
+-- | These can be either tor .onion addresses, or regular hostnames.
+-- Using tor is highly recommended, to avoid correlation attacks.
 networkServers :: IO [Server]
 networkServers = return 
 	[ Server "localhost" 8080
@@ -82,7 +84,12 @@ serverRequest
 	-> (r -> a)
 	-> (Maybe ProofOfWork -> Manager -> BaseUrl -> ExceptT ServantError IO (ProofOfWorkRequirement r))
 	-> IO a
-serverRequest srv onerr onsuccess a = go Nothing =<< torableManager
+serverRequest srv onerr onsuccess a = 
+	-- A new Manager is allocated for each request, rather than reusing
+	-- any connection. This is a feature; it makes correlation attacks
+	-- harder because the server can't tell if two connections
+	-- (over tor) came from the same user.
+	go Nothing =<< torableManager
   where
 	url = serverUrl srv
 	go pow manager = do
-- 
cgit v1.2.3