-towards enabling relative expiration times in namestore

9 files changed, 208 insertions, 108 deletions

diff --git a/src/gns/gnunet-gns-fcfsd.c b/src/gns/gnunet-gns-fcfsd.c
index b919b4fed..6802d6685 100644
--- a/src/gns/gnunet-gns-fcfsd.c
+++ b/src/gns/gnunet-gns-fcfsd.c
@@ -386,7 +386,7 @@ zone_to_name_cb (void *cls,
                                                         &pub));
   r.data = &pub;
   r.data_size = sizeof (pub);
-  r.expiration = GNUNET_TIME_UNIT_FOREVER_ABS;
+  r.expiration_time = UINT64_MAX;
   r.record_type = GNUNET_NAMESTORE_TYPE_PKEY;
   r.flags = GNUNET_NAMESTORE_RF_AUTHORITY;
   request->qe = GNUNET_NAMESTORE_record_create (ns,
diff --git a/src/gns/gnunet-service-gns.c b/src/gns/gnunet-service-gns.c
index 63b180b4b..f63e22e25 100644
--- a/src/gns/gnunet-service-gns.c
+++ b/src/gns/gnunet-service-gns.c
@@ -500,13 +500,16 @@ process_shorten_zone_shorten (void *cls,
 {
   struct ClientShortenHandle *csh = cls;
   struct GNUNET_TIME_Relative remaining_time;
+  struct GNUNET_TIME_Absolute et;
 
   remaining_time = GNUNET_TIME_absolute_get_remaining (expiration);
 
   if ((rd_count == 1) &&
       (remaining_time.rel_value != 0))
   {
-    remaining_time = GNUNET_TIME_absolute_get_remaining (rd->expiration);
+    GNUNET_break (0 == (rd->flags & GNUNET_NAMESTORE_RF_RELATIVE_EXPIRATION));
+    et.abs_value = rd->expiration_time;
+    remaining_time = GNUNET_TIME_absolute_get_remaining (et);
     if ((rd->record_type == GNUNET_GNS_RECORD_PKEY) &&
         (remaining_time.rel_value != 0))
     {
@@ -523,6 +526,7 @@ process_shorten_zone_shorten (void *cls,
 
 }
 
+
 static void
 process_private_zone_shorten (void *cls,
                       const struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded *key,
@@ -534,13 +538,16 @@ process_private_zone_shorten (void *cls,
 {
   struct GNUNET_TIME_Relative remaining_time;
   struct ClientShortenHandle *csh = cls;
+  struct GNUNET_TIME_Absolute et;
 
   remaining_time = GNUNET_TIME_absolute_get_remaining (expiration);
 
   if ((rd_count == 1) &&
       (remaining_time.rel_value != 0))
   {
-    remaining_time = GNUNET_TIME_absolute_get_remaining (rd->expiration);
+    GNUNET_break (0 == (rd->flags & GNUNET_NAMESTORE_RF_RELATIVE_EXPIRATION));
+    et.abs_value = rd->expiration_time;
+    remaining_time = GNUNET_TIME_absolute_get_remaining (et);
     if ((rd->record_type == GNUNET_GNS_RECORD_PKEY) &&
         (remaining_time.rel_value != 0))
     {
diff --git a/src/gns/gnunet-service-gns_interceptor.c b/src/gns/gnunet-service-gns_interceptor.c
index 0e44755ed..5956e5223 100644
--- a/src/gns/gnunet-service-gns_interceptor.c
+++ b/src/gns/gnunet-service-gns_interceptor.c
@@ -40,13 +40,19 @@
  */
 struct InterceptLookupHandle
 {
-  /* the request handle to reply to */
+  /**
+   * the request handle to reply to 
+   */
   struct GNUNET_DNS_RequestHandle *request_handle;
   
-  /* the dns parser packet received */
+  /**
+   * the dns parser packet received 
+   */
   struct GNUNET_DNSPARSER_Packet *packet;
   
-  /* the query parsed from the packet */
+  /**
+   * the query parsed from the packet 
+   */
   struct GNUNET_DNSPARSER_Query *query;
 };
 
@@ -71,6 +77,7 @@ static struct GNUNET_CRYPTO_RsaPrivateKey *our_key;
  */
 static struct GNUNET_TIME_Relative default_lookup_timeout;
 
+
 /**
  * Reply to dns request with the result from our lookup.
  *
@@ -82,7 +89,7 @@ static void
 reply_to_dns(void* cls, uint32_t rd_count,
              const struct GNUNET_NAMESTORE_RecordData *rd)
 {
-  int i;
+  uint32_t i;
   size_t len;
   int ret;
   char *buf;
@@ -137,7 +144,8 @@ reply_to_dns(void* cls, uint32_t rd_count,
         answer_records[i].data.raw.data_len = rd[i].data_size;
         answer_records[i].data.raw.data = (char*)rd[i].data;
       }
-      answer_records[i].expiration_time = rd[i].expiration;
+      GNUNET_break (0 == (rd[i].flags & GNUNET_NAMESTORE_RF_RELATIVE_EXPIRATION));
+      answer_records[i].expiration_time.abs_value = rd[i].expiration_time;
       answer_records[i].class = GNUNET_DNSPARSER_CLASS_INTERNET;//hmmn
     }
     else
@@ -163,7 +171,8 @@ reply_to_dns(void* cls, uint32_t rd_count,
         additional_records[i].data.raw.data_len = rd[i].data_size;
         additional_records[i].data.raw.data = (char*)rd[i].data;
       }
-      additional_records[i].expiration_time = rd[i].expiration;
+      GNUNET_break (0 == (rd[i].flags & GNUNET_NAMESTORE_RF_RELATIVE_EXPIRATION));
+      additional_records[i].expiration_time.abs_value = rd[i].expiration_time;
       additional_records[i].class = GNUNET_DNSPARSER_CLASS_INTERNET;//hmmn
     }
   }
diff --git a/src/gns/gnunet-service-gns_resolver.c b/src/gns/gnunet-service-gns_resolver.c
index b6bc5eb1d..8d82fa8ad 100644
--- a/src/gns/gnunet-service-gns_resolver.c
+++ b/src/gns/gnunet-service-gns_resolver.c
@@ -200,11 +200,11 @@ process_pseu_lookup_ns (void* cls,
     return;
   }
 
-  /** name is free */
+  /* name is free */
   GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
             "GNS_AUTO_PSEU: Name %s not taken in NS! Adding\n", gph->test_name);
 
-  new_pkey.expiration = GNUNET_TIME_UNIT_FOREVER_ABS;
+  new_pkey.expiration_time = UINT64_MAX;
   new_pkey.data_size = sizeof (struct GNUNET_CRYPTO_ShortHashCode);
   new_pkey.data = &gph->ahead->zone;
   new_pkey.record_type = GNUNET_GNS_RECORD_PKEY;
@@ -1136,6 +1136,8 @@ process_record_result_ns(void* cls,
   struct RecordLookupHandle *rlh;
   struct GNUNET_TIME_Relative remaining_time;
   struct GNUNET_CRYPTO_ShortHashCode zone;
+  struct GNUNET_TIME_Absolute et;
+  unsigned int i;
 
   rh = (struct ResolverHandle *) cls;
   rlh = (struct RecordLookupHandle *)rh->proc_cls;
@@ -1179,14 +1181,11 @@ process_record_result_ns(void* cls,
   }
   else
   {
-
     GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
                "GNS_PHASE_REC-%d: Processing additional result %s from namestore\n",
                rh->id, name);
-    int i;
     for (i=0; i<rd_count;i++)
     {
-
       if (rd[i].record_type != rlh->record_type)
         continue;
 
@@ -1199,7 +1198,9 @@ process_record_result_ns(void* cls,
         continue;
       }
 
-      if ((GNUNET_TIME_absolute_get_remaining (rd[i].expiration)).rel_value
+      GNUNET_break (0 == (rd[i].flags & GNUNET_NAMESTORE_RF_RELATIVE_EXPIRATION));
+      et.abs_value = rd[i].expiration_time;
+      if ((GNUNET_TIME_absolute_get_remaining (et)).rel_value
           == 0)
       {
         GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
@@ -1207,9 +1208,7 @@ process_record_result_ns(void* cls,
                    rh->id);
         continue;
       }
-
       rh->answered++;
-
     }
 
     /**
@@ -1265,7 +1264,7 @@ process_record_result_vpn (void* cls, int af, const void *address)
       return;
     }
     rd.record_type = GNUNET_GNS_RECORD_TYPE_A;
-    rd.expiration = GNUNET_TIME_UNIT_FOREVER_ABS;
+    rd.expiration_time = UINT64_MAX; /* FIXME: should probably pick something shorter... */
     rd.data = address;
     rd.data_size = sizeof (struct in_addr);
     rd.flags = 0;
@@ -1286,7 +1285,7 @@ process_record_result_vpn (void* cls, int af, const void *address)
       return;
     }
     rd.record_type = GNUNET_GNS_RECORD_AAAA;
-    rd.expiration = GNUNET_TIME_UNIT_FOREVER_ABS;
+    rd.expiration_time = UINT64_MAX; /* FIXME: should probably pick something shorter... */
     rd.data = address;
     rd.data_size = sizeof (struct in6_addr);
     rd.flags = 0;
@@ -1360,6 +1359,7 @@ handle_record_vpn (void* cls, struct ResolverHandle *rh,
 static void
 send_dns_packet (struct ResolverHandle *rh);
 
+
 static void
 handle_dns_resolver (void *cls,
                      const struct sockaddr *addr,
@@ -1395,7 +1395,7 @@ handle_dns_resolver (void *cls,
     rd.data = &sai6->sin6_addr;
   }
   
-  rd.expiration = GNUNET_TIME_UNIT_FOREVER_ABS;
+  rd.expiration_time = UINT64_MAX; /* FIXME: should probably pick something shorter */
 
   finish_lookup (rh, rlh, 1, &rd);
   free_resolver_handle (rh);
@@ -1530,7 +1530,7 @@ read_dns_response (void *cls,
       rd.data_size = packet->answers[i].data.raw.data_len;
       rd.record_type = packet->answers[i].type;
       rd.flags = 0;
-      rd.expiration = packet->answers[i].expiration_time;
+      rd.expiration_time = packet->answers[i].expiration_time.abs_value;
       finish_lookup (rh, rlh, 1, &rd);
       GNUNET_NETWORK_socket_close (rh->dns_sock);
       GNUNET_DNSPARSER_free_packet (packet);
@@ -2956,6 +2956,8 @@ process_delegation_result_ns (void* cls,
   struct GNUNET_TIME_Relative remaining_time;
   struct GNUNET_CRYPTO_ShortHashCode zone;
   char new_name[MAX_DNS_NAME_LENGTH];
+  unsigned int i;
+  struct GNUNET_TIME_Absolute et;
  
   rh = (struct ResolverHandle *)cls; 
   GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
@@ -3032,7 +3034,6 @@ process_delegation_result_ns (void* cls,
    * move on with query
    * Note only 1 pkey should have been returned.. anything else would be strange
    */
-  int i;
   for (i=0; i<rd_count;i++)
   {
     
@@ -3096,7 +3097,9 @@ process_delegation_result_ns (void* cls,
       continue;
     }
     
-    if ((GNUNET_TIME_absolute_get_remaining (rd[i].expiration)).rel_value
+    GNUNET_break (0 == (rd[i].flags & GNUNET_NAMESTORE_RF_RELATIVE_EXPIRATION));
+    et.abs_value = rd[i].expiration_time;
+    if ((GNUNET_TIME_absolute_get_remaining (et)).rel_value
          == 0)
     {
       GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
diff --git a/src/gns/plugin_block_gns.c b/src/gns/plugin_block_gns.c
index ba1fd56e1..f033811ee 100644
--- a/src/gns/plugin_block_gns.c
+++ b/src/gns/plugin_block_gns.c
@@ -135,7 +135,8 @@ block_plugin_gns_evaluate (void *cls, enum GNUNET_BLOCK_Type type,
   {
     struct GNUNET_NAMESTORE_RecordData rd[rd_count];
     unsigned int i;
-    struct GNUNET_TIME_Absolute exp = GNUNET_TIME_UNIT_FOREVER_ABS;
+    uint64_t exp = UINT64_MAX;
+    struct GNUNET_TIME_Absolute et;
     
     if (GNUNET_SYSERR == GNUNET_NAMESTORE_records_deserialize (rd_len,
                                                                rd_data,
@@ -154,26 +155,25 @@ block_plugin_gns_evaluate (void *cls, enum GNUNET_BLOCK_Type type,
       record_xquery = ntohl(*((uint32_t*)xquery));
     
     for (i=0; i<rd_count; i++)
-    {
-      
-      exp = GNUNET_TIME_absolute_min (exp, rd[i].expiration);
-      
+    {     
+      GNUNET_break (0 == (rd[i].flags & GNUNET_NAMESTORE_RF_RELATIVE_EXPIRATION));
+      exp = GNUNET_MIN (exp, rd[i].expiration_time);
       GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
-                 "Got record of size %d\n", rd[i].data_size);
-
+                 "Got record of size %d\n", rd[i].data_size);
       if ((record_xquery != 0)
           && (rd[i].record_type == record_xquery))
       {
         record_match++;
       }
     }
+    et.abs_value = exp;
     
     GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
                "Verifying signature of %d records for name %s\n",
                rd_count, name);
 
     if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature (&nrb->public_key,
-                                                        exp,
+                                                        et,
                                                         name,
                                                         rd_count,
                                                         rd,
diff --git a/src/include/gnunet_namestore_service.h b/src/include/gnunet_namestore_service.h
index 05e4fbf06..f8a830dd7 100644
--- a/src/include/gnunet_namestore_service.h
+++ b/src/include/gnunet_namestore_service.h
@@ -25,8 +25,6 @@
  *
  * Other functions we might want:
  * - enumerate all known zones
- * - convenience function to gather record and the full affilliated stree
- *   in one shot
  */
 
 #ifndef GNUNET_NAMESTORE_SERVICE_H
@@ -159,7 +157,13 @@ enum GNUNET_NAMESTORE_RecordFlags
    * This record was added by the system
    * and is pending user confimation
    */
-  GNUNET_NAMESTORE_RF_PENDING = 4
+  GNUNET_NAMESTORE_RF_PENDING = 4,
+
+  /**
+   * This expiration time of the record is a relative
+   * time (not an absolute time).
+   */
+  GNUNET_NAMESTORE_RF_RELATIVE_EXPIRATION = 8
 
 };
 
@@ -176,9 +180,10 @@ struct GNUNET_NAMESTORE_RecordData
   const void *data;
 
   /**
-   * Expiration time for the DNS record.
+   * Expiration time for the DNS record.  Can be relative
+   * or absolute, depending on 'flags'.
    */
-  struct GNUNET_TIME_Absolute expiration;
+  uint64_t expiration_time;
 
   /**
    * Number of bytes in 'data'.
@@ -232,7 +237,7 @@ GNUNET_NAMESTORE_record_put (struct GNUNET_NAMESTORE_Handle *h,
  * to validate signatures received from the network.
  *
  * @param public_key public key of the zone
- * @param expire block expiration
+ * @param freshness time set for block expiration
  * @param name name that is being mapped (at most 255 characters long)
  * @param rd_count number of entries in 'rd' array
  * @param rd array of records with data to store
@@ -299,7 +304,7 @@ GNUNET_NAMESTORE_record_remove (struct GNUNET_NAMESTORE_Handle *h,
  *
  * @param cls closure
  * @param zone_key public key of the zone
- * @param expire when does the corresponding block in the DHT expire (until
+ * @param freshness when does the corresponding block in the DHT expire (until
  *               when should we never do a DHT lookup for the same name again)?; 
  *               GNUNET_TIME_UNIT_ZERO_ABS if there are no records of any type in the namestore,
  *               or the expiration time of the block in the namestore (even if there are zero
@@ -364,9 +369,23 @@ GNUNET_NAMESTORE_zone_to_name (struct GNUNET_NAMESTORE_Handle *h,
 
 /**
  * Starts a new zone iteration (used to periodically PUT all of our
- * records into our DHT). "proc" will be called once
- * immediately, and then again after
- * "GNUNET_NAMESTORE_zone_iterator_next" is invoked.
+ * records into our DHT). "proc" will be called once immediately, and
+ * then again after "GNUNET_NAMESTORE_zone_iterator_next" is invoked.
+ *
+ * By specifying a 'zone' of NULL and setting 'GNUNET_NAMESTORE_RF_AUTHORITY'
+ * in 'must_have_flags', we can iterate over all records for which we are
+ * the authority.  In this case, the 'GNUNET_NAMESTORE_RF_RELATIVE_EXPIRATION'
+ * bit in 'must_have_flags' has a special meaning:
+ *
+ * 0) If the bit is clear, all relative expriation times are converted to
+ *    absolute expiration times.  This is useful for performing DHT PUT
+ *    operations (and zone transfers) of our zone.
+ * 1) if it is set, it means that relative expiration times should be
+ *    preserved when returned (this is useful for the zone editor user 
+ *    interface).
+ *
+ * Note that not all queries against this interface are equally performant
+ * as for some combinations no efficient index may exist.
  *
  * @param h handle to the namestore
  * @param zone zone to access, NULL for all zones
diff --git a/src/namestore/gnunet-namestore.c b/src/namestore/gnunet-namestore.c
index 624981201..aa3af1a73 100644
--- a/src/namestore/gnunet-namestore.c
+++ b/src/namestore/gnunet-namestore.c
@@ -32,6 +32,7 @@
 #include <gnunet_dnsparser_lib.h>
 #include <gnunet_namestore_service.h>
 
+
 /**
  * Handle to the namestore.
  */
@@ -264,7 +265,9 @@ run (void *cls, char *const *args, const char *cfgfile,
   uint32_t type;
   void *data = NULL;
   size_t data_size = 0;
-  struct GNUNET_TIME_Relative etime;
+  struct GNUNET_TIME_Relative etime_rel;
+  struct GNUNET_TIME_Absolute etime_abs;
+  int etime_is_rel = GNUNET_SYSERR;
   struct GNUNET_NAMESTORE_RecordData rd;
 
   if (NULL == keyfile)
@@ -356,11 +359,22 @@ run (void *cls, char *const *args, const char *cfgfile,
   {
     if (0 == strcmp (expirationstring, "never"))
     {
-      etime = GNUNET_TIME_UNIT_FOREVER_REL;
+      etime_abs = GNUNET_TIME_UNIT_FOREVER_ABS;
+      etime_is_rel = GNUNET_NO;
+    }
+    else if (GNUNET_OK ==
+             GNUNET_STRINGS_fancy_time_to_relative (expirationstring,
+                                                    &etime_rel))
+    {
+      etime_is_rel = GNUNET_YES;
     }
-    else if (GNUNET_OK !=
-        GNUNET_STRINGS_fancy_time_to_relative (expirationstring,
-                                               &etime))
+    else if (GNUNET_OK == 
+             GNUNET_STRINGS_fancy_time_to_absolute (expirationstring,
+                                                    &etime_abs))
+    {
+      etime_is_rel = GNUNET_NO;
+    }
+    else
     {
       fprintf (stderr,
                _("Invalid time format `%s'\n"),
@@ -368,7 +382,8 @@ run (void *cls, char *const *args, const char *cfgfile,
       GNUNET_SCHEDULER_shutdown ();
       return;     
     }
-  } else if (add)
+  } 
+  else if (add)
   {
     fprintf (stderr,
              _("Missing option `%s' for operation `%s'\n"),
@@ -389,7 +404,21 @@ run (void *cls, char *const *args, const char *cfgfile,
     rd.data = data;
     rd.data_size = data_size;
     rd.record_type = type;
-    rd.expiration = GNUNET_TIME_relative_to_absolute (etime);
+    if (GNUNET_YES == etime_is_rel)
+    {
+      rd.expiration_time = etime_rel.rel_value;
+      rd.flags |= GNUNET_NAMESTORE_RF_RELATIVE_EXPIRATION;
+    }
+    else if (GNUNET_NO == etime_is_rel)
+      rd.expiration_time = etime_abs.abs_value;
+    else
+    {
+      fprintf (stderr,
+               _("No valid expiration time for operation `%s'\n"),
+               _("add"));
+      GNUNET_SCHEDULER_shutdown ();
+      return;
+    }
     if (1 != nonauthority)
       rd.flags |= GNUNET_NAMESTORE_RF_AUTHORITY;
     if (1 != public)
@@ -414,7 +443,7 @@ run (void *cls, char *const *args, const char *cfgfile,
     rd.data = data;
     rd.data_size = data_size;
     rd.record_type = type;
-    rd.expiration.abs_value = 0;
+    rd.expiration_time = 0;
     rd.flags = GNUNET_NAMESTORE_RF_AUTHORITY;
     del_qe = GNUNET_NAMESTORE_record_remove (ns,
                                              zone_pkey,
diff --git a/src/namestore/gnunet-service-namestore.c b/src/namestore/gnunet-service-namestore.c
index 7483c0a89..e67ffaa65 100644
--- a/src/namestore/gnunet-service-namestore.c
+++ b/src/namestore/gnunet-service-namestore.c
@@ -228,11 +228,24 @@ get_block_expiration_time (unsigned int rd_count, const struct GNUNET_NAMESTORE_
 {
   unsigned int c;
   struct GNUNET_TIME_Absolute expire = GNUNET_TIME_UNIT_FOREVER_ABS;
+  struct GNUNET_TIME_Absolute at;
+  struct GNUNET_TIME_Relative rt;
 
   if (NULL == rd)
     return GNUNET_TIME_UNIT_ZERO_ABS;
   for (c = 0; c < rd_count; c++)  
-    expire = GNUNET_TIME_absolute_min (rd[c].expiration, expire);  
+  {
+    if (0 != (rd[c].flags & GNUNET_NAMESTORE_RF_RELATIVE_EXPIRATION))
+    {
+      rt.rel_value = rd[c].expiration_time;
+      at = GNUNET_TIME_relative_to_absolute (rt);
+    }
+    else
+    {
+      at.abs_value = rd[c].expiration_time;
+    }
+    expire = GNUNET_TIME_absolute_min (at, expire);  
+  }
   return expire;
 }
 
@@ -725,12 +738,12 @@ struct CreateRecordContext
 
 static void
 handle_create_record_it (void *cls,
-    const struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded *pubkey,
-    struct GNUNET_TIME_Absolute expire,
-    const char *name,
-    unsigned int rd_count,
-    const struct GNUNET_NAMESTORE_RecordData *rd,
-    const struct GNUNET_CRYPTO_RsaSignature *signature)
+                         const struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded *pubkey,
+                         struct GNUNET_TIME_Absolute expire,
+                         const char *name,
+                         unsigned int rd_count,
+                         const struct GNUNET_NAMESTORE_RecordData *rd,
+                         const struct GNUNET_CRYPTO_RsaSignature *signature)
 {
   struct CreateRecordContext * crc = cls;
   struct GNUNET_NAMESTORE_RecordData *rd_new = NULL;
@@ -745,37 +758,43 @@ handle_create_record_it (void *cls,
   GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Found %u existing records for `%s'\n", rd_count, crc->name);
   for (c = 0; c < rd_count; c++)
   {
-    if ((crc->rd->record_type == GNUNET_NAMESTORE_TYPE_PKEY) && (rd[c].record_type == GNUNET_NAMESTORE_TYPE_PKEY))
+    if ( (crc->rd->record_type == GNUNET_NAMESTORE_TYPE_PKEY) && 
+         (rd[c].record_type == GNUNET_NAMESTORE_TYPE_PKEY))
     {
       /* Update unique PKEY */
       exist = c;
       update = GNUNET_YES;
-     break;
+      break;
     }
-    else if ((crc->rd->record_type == GNUNET_NAMESTORE_TYPE_PSEU) && (rd[c].record_type == GNUNET_NAMESTORE_TYPE_PSEU))
+    if ( (crc->rd->record_type == GNUNET_NAMESTORE_TYPE_PSEU) && 
+         (rd[c].record_type == GNUNET_NAMESTORE_TYPE_PSEU))
     {
       /* Update unique PSEU */
       exist = c;
       update = GNUNET_YES;
-     break;
+      break;
     }
-    else if ((crc->rd->record_type == rd[c].record_type) &&
-        (crc->rd->data_size == rd[c].data_size) &&
-        (0 == memcmp (crc->rd->data, rd[c].data, rd[c].data_size)))
+    if ((crc->rd->record_type == rd[c].record_type) &&
+        (crc->rd->data_size == rd[c].data_size) &&
+        (0 == memcmp (crc->rd->data, rd[c].data, rd[c].data_size)))
     {
-      GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Found existing records for `%s' to update expiration date!\n", crc->name);
+      GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 
+                  "Found existing records for `%s' to update expiration date!\n",
+                  crc->name);
       exist = c;
-      if (crc->rd->expiration.abs_value != rd[c].expiration.abs_value)
+      if ( (crc->rd->expiration_time != rd[c].expiration_time) &&
+           ((crc->rd->flags & GNUNET_NAMESTORE_RF_RELATIVE_EXPIRATION) 
+            == (rd[c].flags & GNUNET_NAMESTORE_RF_RELATIVE_EXPIRATION) ) )
         update = GNUNET_YES;
-       break;
+      break;
     }
   }
 
   if (exist == GNUNET_SYSERR)
-    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "New record does not exist for name `%s'!\n", crc->name);
-
-  if (exist == GNUNET_SYSERR)
   {
+    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 
+                "No existing record for name `%s'!\n", 
+                crc->name);
     rd_new = GNUNET_malloc ((rd_count+1) * sizeof (struct GNUNET_NAMESTORE_RecordData));
     memcpy (rd_new, rd, rd_count * sizeof (struct GNUNET_NAMESTORE_RecordData));
     rd_count_new = rd_count + 1;
@@ -784,24 +803,34 @@ handle_create_record_it (void *cls,
   else if (update == GNUNET_NO)
   {
     /* Exact same record already exists */
-    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "No update for %s' record required!\n", crc->name);
+    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 
+                "Matching record for %s' exists, no change required!\n",
+                crc->name);
     res = GNUNET_NO;
     goto end;
   }
-  else if (update == GNUNET_YES)
+  else 
   {
     /* Update record */
-    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Updating existing records for `%s'!\n", crc->name);
+    GNUNET_assert (GNUNET_YES == update);
+    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 
+                "Updating existing records for `%s'!\n", 
+                crc->name);
     rd_new = GNUNET_malloc ((rd_count) * sizeof (struct GNUNET_NAMESTORE_RecordData));
     memcpy (rd_new, rd, rd_count * sizeof (struct GNUNET_NAMESTORE_RecordData));
     rd_count_new = rd_count;
-    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Updating expiration from %llu to %llu!\n", rd_new[exist].expiration.abs_value, crc->rd->expiration.abs_value);
+    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 
+                (0 == (crc->rd->flags & GNUNET_NAMESTORE_RF_RELATIVE_EXPIRATION)) 
+                ? "Updating absolute expiration from %llu to %llu!\n"
+                : "Updating relative expiration from %llu to %llu!\n", 
+                rd_new[exist].expiration_time, crc->rd->expiration_time);
     rd_new[exist] = *(crc->rd);
   }
 
   block_expiration = GNUNET_TIME_absolute_max(crc->expire, expire);
   if (block_expiration.abs_value != expire.abs_value)
-    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Updated block expiration time\n");
+    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 
+                "Updated block expiration time\n");
 
   memset (&dummy_signature, '\0', sizeof (dummy_signature));
 
diff --git a/src/namestore/namestore_common.c b/src/namestore/namestore_common.c
index 2b34a84e7..a56192c5a 100644
--- a/src/namestore/namestore_common.c
+++ b/src/namestore/namestore_common.c
@@ -45,9 +45,10 @@ struct NetworkRecord
 {
 
   /**
-   * Expiration time for the DNS record.
+   * Expiration time for the DNS record; relative or absolute depends
+   * on 'flags', network byte order.
    */
-  struct GNUNET_TIME_AbsoluteNBO expiration;
+  uint64_t expiration_time;
 
   /**
    * Number of bytes in 'data', network byte order.
@@ -135,7 +136,7 @@ GNUNET_NAMESTORE_records_serialize (unsigned int rd_count,
   off = 0;
   for (i=0;i<rd_count;i++)
   {
-    rec.expiration = GNUNET_TIME_absolute_hton (rd[i].expiration);
+    rec.expiration_time = GNUNET_htonll (rd[i].expiration_time);
     rec.data_size = htonl ((uint32_t) rd[i].data_size);
     rec.record_type = htonl (rd[i].record_type);
     rec.flags = htonl (rd[i].flags);
@@ -151,25 +152,28 @@ GNUNET_NAMESTORE_records_serialize (unsigned int rd_count,
   return off;
 }
 
+
 /**
- * Compares if two records are equal
+ * Compares if two records are equal (ignoring flags such
+ * as authority, private and pending, but not relative vs.
+ * absolute expiration time).
  *
  * @param a record
  * @param b record
- *
- * @return GNUNET_YES or GNUNET_NO
+ * @return GNUNET_YES if the records are equal or GNUNET_NO if they are not
  */
 int
 GNUNET_NAMESTORE_records_cmp (const struct GNUNET_NAMESTORE_RecordData *a,
                               const struct GNUNET_NAMESTORE_RecordData *b)
 {
   if ((a->record_type == b->record_type) &&
-      (a->expiration.abs_value == b->expiration.abs_value) &&
+      (a->expiration_time == b->expiration_time) &&
+      ((a->flags & GNUNET_NAMESTORE_RF_RELATIVE_EXPIRATION) 
+       == (b->flags & GNUNET_NAMESTORE_RF_RELATIVE_EXPIRATION) ) &&
       (a->data_size == b->data_size) &&
       (0 == memcmp (a->data, b->data, a->data_size)))
     return GNUNET_YES;
-  else
-    return GNUNET_NO;
+  return GNUNET_NO;
 }
 
 
@@ -199,7 +203,7 @@ GNUNET_NAMESTORE_records_deserialize (size_t len,
     if (off + sizeof (rec) > len)
       return GNUNET_SYSERR;
     memcpy (&rec, &src[off], sizeof (rec));
-    dest[i].expiration = GNUNET_TIME_absolute_ntoh (rec.expiration);
+    dest[i].expiration_time = GNUNET_ntohll (rec.expiration_time);
     dest[i].data_size = ntohl ((uint32_t) rec.data_size);
     dest[i].record_type = ntohl (rec.record_type);
     dest[i].flags = ntohl (rec.flags);
@@ -213,6 +217,7 @@ GNUNET_NAMESTORE_records_deserialize (size_t len,
   return GNUNET_OK; 
 }
 
+
 /**
  * Sign name and records
  *
@@ -226,46 +231,45 @@ GNUNET_NAMESTORE_records_deserialize (size_t len,
  */
 struct GNUNET_CRYPTO_RsaSignature *
 GNUNET_NAMESTORE_create_signature (const struct GNUNET_CRYPTO_RsaPrivateKey *key,
-    struct GNUNET_TIME_Absolute expire,
-    const char *name,
-    const struct GNUNET_NAMESTORE_RecordData *rd,
-    unsigned int rd_count)
+                                   struct GNUNET_TIME_Absolute expire,
+                                   const char *name,
+                                   const struct GNUNET_NAMESTORE_RecordData *rd,
+                                   unsigned int rd_count)
 {
-  struct GNUNET_CRYPTO_RsaSignature *sig = GNUNET_malloc(sizeof (struct GNUNET_CRYPTO_RsaSignature));
+  struct GNUNET_CRYPTO_RsaSignature *sig;
   struct GNUNET_CRYPTO_RsaSignaturePurpose *sig_purpose;
-  struct GNUNET_TIME_AbsoluteNBO expire_nbo = GNUNET_TIME_absolute_hton(expire);
+  struct GNUNET_TIME_AbsoluteNBO expire_nbo;
   size_t rd_ser_len;
   size_t name_len;
-
   struct GNUNET_TIME_AbsoluteNBO *expire_tmp;
   char * name_tmp;
   char * rd_tmp;
   int res;
 
-  if (name == NULL)
+  if (NULL == name)
   {
     GNUNET_break (0);
-    GNUNET_free (sig);
     return NULL;
   }
+  sig = GNUNET_malloc(sizeof (struct GNUNET_CRYPTO_RsaSignature));
   name_len = strlen (name) + 1;
-
+  expire_nbo = GNUNET_TIME_absolute_hton(expire);
   rd_ser_len = GNUNET_NAMESTORE_records_get_size(rd_count, rd);
-  char rd_ser[rd_ser_len];
-  GNUNET_NAMESTORE_records_serialize(rd_count, rd, rd_ser_len, rd_ser);
-
-  sig_purpose = GNUNET_malloc(sizeof (struct GNUNET_CRYPTO_RsaSignaturePurpose) + sizeof (struct GNUNET_TIME_AbsoluteNBO) + rd_ser_len + name_len);
-  sig_purpose->size = htonl (sizeof (struct GNUNET_CRYPTO_RsaSignaturePurpose)+ rd_ser_len + name_len);
-  sig_purpose->purpose = htonl (GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN);
-  expire_tmp = (struct GNUNET_TIME_AbsoluteNBO *) &sig_purpose[1];
-  name_tmp = (char *) &expire_tmp[1];
-  rd_tmp = &name_tmp[name_len];
-  memcpy (expire_tmp, &expire_nbo, sizeof (struct GNUNET_TIME_AbsoluteNBO));
-  memcpy (name_tmp, name, name_len);
-  memcpy (rd_tmp, rd_ser, rd_ser_len);
-
+  {
+    char rd_ser[rd_ser_len];
+
+    GNUNET_NAMESTORE_records_serialize(rd_count, rd, rd_ser_len, rd_ser);
+    sig_purpose = GNUNET_malloc(sizeof (struct GNUNET_CRYPTO_RsaSignaturePurpose) + sizeof (struct GNUNET_TIME_AbsoluteNBO) + rd_ser_len + name_len);
+    sig_purpose->size = htonl (sizeof (struct GNUNET_CRYPTO_RsaSignaturePurpose)+ rd_ser_len + name_len);
+    sig_purpose->purpose = htonl (GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN);
+    expire_tmp = (struct GNUNET_TIME_AbsoluteNBO *) &sig_purpose[1];
+    name_tmp = (char *) &expire_tmp[1];
+    rd_tmp = &name_tmp[name_len];
+    memcpy (expire_tmp, &expire_nbo, sizeof (struct GNUNET_TIME_AbsoluteNBO));
+    memcpy (name_tmp, name, name_len);
+    memcpy (rd_tmp, rd_ser, rd_ser_len);
+  }
   res = GNUNET_CRYPTO_rsa_sign (key, sig_purpose, sig);
-
   GNUNET_free (sig_purpose);
 
   if (GNUNET_OK != res)