-more coding towards working new GNS service

1 files changed, 217 insertions, 277 deletions

diff --git a/src/gns/gnunet-service-gns.c b/src/gns/gnunet-service-gns.c
index 822cc7d12..be41f8c84 100644
--- a/src/gns/gnunet-service-gns.c
+++ b/src/gns/gnunet-service-gns.c
@@ -1,6 +1,6 @@
 /*
      This file is part of GNUnet.
-     (C) 2009, 2010, 2011, 2012 Christian Grothoff (and other contributing authors)
+     (C) 2011-2013 Christian Grothoff (and other contributing authors)
 
      GNUnet is free software; you can redistribute it and/or modify
      it under the terms of the GNU General Public License as published
@@ -50,7 +50,7 @@
 
 /**
  * The default put interval for the zone iteration. In case
- * No option is found
+ * no option is found
  */
 #define DEFAULT_ZONE_PUBLISH_TIME_WINDOW GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_HOURS, 4)
 
@@ -60,6 +60,16 @@
  */
 #define LATE_ITERATION_SPEEDUP_FACTOR 2
 
+/**
+ * How long until a DHT PUT attempt should time out?
+ */
+#define DHT_OPERATION_TIMEOUT GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 60)
+
+/**
+ * What replication level do we use for DHT PUT operations?
+ */
+#define DHT_GNS_REPLICATION_LEVEL 5
+
 
 /**
  * Handle to a lookup operation from api
@@ -68,39 +78,30 @@ struct ClientLookupHandle
 {
 
   /**
-   * Handle to the requesting client
+   * We keep these in a DLL.
    */
-  struct GNUNET_SERVER_Client *client;
+  struct ClientLookupHandle *next;
 
   /**
-   * optional zone private key used for shorten
+   * We keep these in a DLL.
    */
-  struct GNUNET_CRYPTO_EccPrivateKey *shorten_key;
+  struct ClientLookupHandle *prev;
 
   /**
-   * the name to look up
+   * Handle to the requesting client
    */
-  char *name; 
+  struct GNUNET_SERVER_Client *client;
 
   /**
-   * The zone we look up in
+   * Active handle for the lookup.
    */
-  struct GNUNET_CRYPTO_ShortHashCode zone;
+  struct GNS_ResolverHandle *lookup;
 
   /**
    * request id 
    */
   uint32_t request_id;
 
-  /**
-   * GNUNET_YES if we only want to lookup from local cache
-   */
-  int only_cached;
-
-  /**
-   * request type
-   */
-  int type;
 };
 
 
@@ -110,9 +111,9 @@ struct ClientLookupHandle
 static struct GNUNET_DHT_Handle *dht_handle;
 
 /**
- * Our zone's private key
+ * Active DHT put operation (or NULL)
  */
-static struct GNUNET_CRYPTO_EccPrivateKey *zone_key;
+static struct GNUNET_DHT_PutHandle *active_put;
 
 /**
  * Our handle to the namestore service
@@ -130,9 +131,14 @@ static struct GNUNET_NAMESTORE_ZoneIterator *namestore_iter;
 static struct GNUNET_SERVER_NotificationContext *nc;
 
 /**
- * Our zone hash
+ * Head of the DLL.
+ */
+static struct ClientLookupHandle *clh_head;
+
+/**
+ * Tail of the DLL.
  */
-static struct GNUNET_CRYPTO_ShortHashCode zone_hash;
+static struct ClientLookupHandle *clh_tail;
 
 /**
  * Useful for zone update for DHT put
@@ -160,13 +166,7 @@ static struct GNUNET_TIME_Relative zone_publish_time_window;
 static GNUNET_SCHEDULER_TaskIdentifier zone_publish_task;
 
 /**
- * GNUNET_YES if automatic pkey import for name shortening
- * is enabled
- */
-static int auto_import_pkey;
-
-/**
- * GNUNET_YES if zone has never been published before
+ * #GNUNET_YES if zone has never been published before
  */
 static int first_zone_iteration;
 
@@ -176,12 +176,12 @@ static int first_zone_iteration;
 static struct GNUNET_TIME_Relative default_lookup_timeout;
 
 /**
- * GNUNET_YES if ipv6 is supported
+ * #GNUNET_YES if ipv6 is supported
  */
 static int v6_enabled;
 
 /**
- * GNUNET_YES if ipv4 is supported
+ * #GNUNET_YES if ipv4 is supported
  */
 static int v4_enabled;
 
@@ -200,13 +200,20 @@ static struct GNUNET_STATISTICS_Handle *statistics;
 static void
 shutdown_task (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
 {
-  struct ClientShortenHandle *csh_tmp;
+  struct ClientLookupHandle *clh;
 
-  GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
-             "Shutting down!\n");
+  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+              "Shutting down!\n");
   GNUNET_SERVER_notification_context_destroy (nc);  
-  gns_interceptor_stop ();
-  gns_resolver_cleanup ();
+  while (NULL != (clh = clh_head))
+  {
+    GNS_resolver_lookup_cancel (clh->lookup);
+    GNUNET_CONTAINER_DLL_remove (clh_head, clh_tail, clh);
+    GNUNET_free (clh);
+  }
+
+  GNS_interceptor_done ();
+  GNS_resolver_done ();
   if (NULL != statistics)
   {
     GNUNET_STATISTICS_destroy (statistics, GNUNET_NO);
@@ -227,6 +234,11 @@ shutdown_task (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
     GNUNET_NAMESTORE_disconnect (namestore_handle);
     namestore_handle = NULL;
   }
+  if (NULL != active_put)
+  {
+    GNUNET_DHT_put_cancel (active_put);
+    active_put = NULL;
+  }
   if (NULL != dht_handle)
   {
     GNUNET_DHT_disconnect (dht_handle);
@@ -262,36 +274,65 @@ publish_zone_dht_start (void *cls,
 
 
 /**
+ * Continuation called from DHT once the PUT operation is done.
+ *
+ * @param cls closure, NULL
+ * @param success #GNUNET_OK on success
+ */
+static void
+dht_put_continuation (void *cls,
+                      int success)
+{
+  struct GNUNET_TIME_Relative next_put_interval; 
+
+  num_public_records++;  
+  if ( (num_public_records > last_num_public_records) &&
+       (GNUNET_NO == first_zone_iteration) )
+  {
+    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+                "Last record count was lower than current record count.  Reducing interval.\n");
+    put_interval = GNUNET_TIME_relative_divide (zone_publish_time_window,
+                                                num_public_records);
+    next_put_interval = GNUNET_TIME_relative_divide (put_interval,
+                                                     LATE_ITERATION_SPEEDUP_FACTOR);
+  }
+  else
+    next_put_interval = put_interval;
+
+  GNUNET_STATISTICS_set (statistics,
+                         "Current zone iteration interval (ms)",
+                         next_put_interval.rel_value_us / 1000LL,
+                         GNUNET_NO); 
+  zone_publish_task = GNUNET_SCHEDULER_add_delayed (next_put_interval,
+                                                    &publish_zone_dht_next,
+                                                    NULL);
+}
+
+
+/**
  * Function used to put all records successively into the DHT.
  *
  * @param cls the closure (NULL)
- * @param key the public key of the authority (ours)
- * @param expiration lifetime of the namestore entry
- * @param name the name of the records
- * @param rd_count the number of records in data
+ * @param key the private key of the authority (ours)
+ * @param name the name of the records, NULL once the iteration is done
+ * @param rd_count the number of records in @a rd
  * @param rd the record data
- * @param signature the signature for the record data
  */
 static void
 put_gns_record (void *cls,
-                const struct GNUNET_CRYPTO_EccPublicKey *key,
-                struct GNUNET_TIME_Absolute expiration,
+                const struct GNUNET_CRYPTO_EccPrivateKey *key,
                 const char *name,
                 unsigned int rd_count,
-                const struct GNUNET_NAMESTORE_RecordData *rd,
-                const struct GNUNET_CRYPTO_EccSignature *signature)
+                const struct GNUNET_NAMESTORE_RecordData *rd)
 {  
-  struct GNSNameRecordBlock *nrb;
-  struct GNUNET_CRYPTO_ShortHashCode zhash;
-  struct GNUNET_HashCode dht_key;
-  uint32_t rd_payload_length;
-  char* nrb_data = NULL;
-  size_t namelen;
-  struct GNUNET_TIME_Relative next_put_interval; 
+  struct GNUNET_NAMESTORE_Block *block;
+  struct GNUNET_HashCode query;
+  struct GNUNET_TIME_Absolute expire; 
+  size_t block_size;
 
   if (NULL == name)
   {
-    /* we're done */
+    /* we're done with one iteration, calculate when to do the next one */
     namestore_iter = NULL;
     last_num_public_records = num_public_records;
     first_zone_iteration = GNUNET_NO;
@@ -304,7 +345,7 @@ put_gns_record (void *cls,
        */
       put_interval = zone_publish_time_window;
       GNUNET_log (GNUNET_ERROR_TYPE_DEBUG | GNUNET_ERROR_TYPE_BULK,
-                  "No records in db.\n");
+                  "No records in namestore database.\n");
     }
     else
     {
@@ -322,126 +363,62 @@ put_gns_record (void *cls,
                            put_interval.rel_value_us / 1000LL,
                            GNUNET_NO);
     GNUNET_STATISTICS_update (statistics,
-                              "Number of zone iterations", 1, GNUNET_NO);
+                              "Number of zone iterations", 
+                              1, 
+                              GNUNET_NO);
     GNUNET_STATISTICS_set (statistics,
                            "Number of public records in DHT",
                            last_num_public_records,
                            GNUNET_NO);
     if (0 == num_public_records)
       zone_publish_task = GNUNET_SCHEDULER_add_delayed (put_interval,
-                                                         &publish_zone_dht_start,
-                                                         NULL);
+                                                        &publish_zone_dht_start,
+                                                        NULL);
     else
-      zone_publish_task = GNUNET_SCHEDULER_add_now (&publish_zone_dht_start, NULL);
+      zone_publish_task = GNUNET_SCHEDULER_add_now (&publish_zone_dht_start, 
+                                                    NULL);
     return;
   }
-  
-  namelen = strlen (name) + 1;
+
+  /* FIXME: filter out records that are not public! */
+
+  /* We got a set of records to publish */
   if (0 == rd_count)
   {
-    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
-                "No records for name `%s'! Skipping.\n",
-                name);
     zone_publish_task = GNUNET_SCHEDULER_add_now (&publish_zone_dht_next,
                                                    NULL);
     return;
   }
-  if (NULL == signature)
+  expire = GNUNET_NAMESTORE_record_get_expiration_time (rd_count,
+                                                        rd);
+  block = GNUNET_NAMESTORE_block_create (key,
+                                         expire,
+                                         name,
+                                         rd,
+                                         rd_count);
+  block_size = ntohl (block->purpose.size) 
+    + sizeof (struct GNUNET_CRYPTO_EccSignature) 
+    + sizeof (struct GNUNET_CRYPTO_EccPublicKey);
+  GNUNET_NAMESTORE_query_from_private_key (key,
+                                           name,
+                                           &query);
+
+  active_put = GNUNET_DHT_put (dht_handle, &query,
+                               DHT_GNS_REPLICATION_LEVEL,
+                               GNUNET_DHT_RO_DEMULTIPLEX_EVERYWHERE,
+                               GNUNET_BLOCK_TYPE_GNS_NAMERECORD,
+                               block_size,
+                               block,
+                               expire,
+                               DHT_OPERATION_TIMEOUT,
+                               &dht_put_continuation,
+                               NULL); 
+  if (NULL == active_put)
   {
     GNUNET_break (0);
-    zone_publish_task = GNUNET_SCHEDULER_add_now (&publish_zone_dht_next,
-                                                   NULL);
-    return;
-  }
-  
-  /* TODO 2) AB: New publishing
-   *
-   * - Use new signature S_d
-   * - Obtain new derived public key V = H(H(i,Q) * Q)
-   * - Obtain HKDF(i,Q)
-   * - Compute encrypte record block E with HKDF(i,Q) (rd, rd_count)
-   * - Create block B = |V,E,S_d|
-   * - Compute new DHT key H(V) in TODO 3)
-   *
-   * -> Put (H(V), B)
-   */
-  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
-              "Putting records for `%s' into the DHT\n", name); 
-  rd_payload_length = GNUNET_NAMESTORE_records_get_size (rd_count, rd); 
-  nrb = GNUNET_malloc (rd_payload_length + namelen
-                       + sizeof (struct GNSNameRecordBlock));
-  nrb->signature = *signature;
-  nrb->public_key = *key;
-  nrb->rd_count = htonl (rd_count);
-  memcpy (&nrb[1], name, namelen);
-  nrb_data = (char *) &nrb[1];
-  nrb_data += namelen;
-  rd_payload_length += sizeof(struct GNSNameRecordBlock) + namelen;
-  GNUNET_CRYPTO_short_hash (key,
-                            sizeof (struct GNUNET_CRYPTO_EccPublicKey),
-                            &zhash);
-  if (-1 == GNUNET_NAMESTORE_records_serialize (rd_count,
-                                                rd,
-                                                rd_payload_length,
-                                                nrb_data))
-  {
-    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
-                _("Records for name `%s' in zone %s too large to fit into DHT"),
-                name,
-                GNUNET_short_h2s (&zhash));
-    GNUNET_free (nrb);
-    zone_publish_task = GNUNET_SCHEDULER_add_now (&publish_zone_dht_next,
-                                                   NULL);
-    return;
-  }
-  /* TODO AB: Here records are put in the DHT: modify dht_key to H(key) = H(H(name,zone) * zone) */
-  GNUNET_GNS_get_key_for_record (name, &zhash, &dht_key);
-  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
-              "putting %u records from zone %s for `%s' under key: %s with size %u and timeout %s\n",
-              rd_count,
-              GNUNET_short_h2s (&zhash),
-              name, 
-              GNUNET_h2s (&dht_key), 
-              (unsigned int) rd_payload_length,
-              GNUNET_STRINGS_relative_time_to_string (DHT_OPERATION_TIMEOUT, GNUNET_YES));
-  
-  GNUNET_STATISTICS_update (statistics,
-                            "Record bytes put into DHT", 
-                            rd_payload_length, GNUNET_NO);
-
-  (void) GNUNET_DHT_put (dht_handle, &dht_key,
-                         DHT_GNS_REPLICATION_LEVEL,
-                         GNUNET_DHT_RO_DEMULTIPLEX_EVERYWHERE,
-                         GNUNET_BLOCK_TYPE_GNS_NAMERECORD,
-                         rd_payload_length,
-                         (char*)nrb,
-                         expiration,
-                         DHT_OPERATION_TIMEOUT,
-                         NULL,
-                         NULL); 
-  GNUNET_free (nrb);
-
-  num_public_records++;  
-  if ( (num_public_records > last_num_public_records)
-       && (GNUNET_NO == first_zone_iteration) )
-  {
-    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
-                "Last record count was lower than current record count.  Reducing interval.\n");
-    put_interval = GNUNET_TIME_relative_divide (zone_publish_time_window,
-                                                num_public_records);
-    next_put_interval = GNUNET_TIME_relative_divide (put_interval,
-                                                     LATE_ITERATION_SPEEDUP_FACTOR);
+    dht_put_continuation (NULL, GNUNET_NO);
   }
-  else
-    next_put_interval = put_interval;
-
-  GNUNET_STATISTICS_set (statistics,
-                         "Current zone iteration interval (ms)",
-                         next_put_interval.rel_value_us / 1000LL,
-                         GNUNET_NO); 
-  zone_publish_task = GNUNET_SCHEDULER_add_delayed (next_put_interval,
-                                                    &publish_zone_dht_next,
-                                                    NULL);
+  GNUNET_free (block);
 }
 
 
@@ -463,8 +440,6 @@ publish_zone_dht_start (void *cls,
   num_public_records = 0;
   namestore_iter = GNUNET_NAMESTORE_zone_iteration_start (namestore_handle,
                                                           NULL, /* All zones */
-                                                          GNUNET_NAMESTORE_RF_AUTHORITY,
-                                                          GNUNET_NAMESTORE_RF_PRIVATE,
                                                           &put_gns_record,
                                                           NULL);
 }
@@ -485,40 +460,39 @@ send_lookup_response (void* cls,
                       uint32_t rd_count,
                       const struct GNUNET_NAMESTORE_RecordData *rd)
 {
-  struct ClientLookupHandle* clh = cls;
+  struct ClientLookupHandle *clh = cls;
   struct GNUNET_GNS_ClientLookupResultMessage *rmsg;
   size_t len;
   
-  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Sending `%s' message with %d results\n",
-              "LOOKUP_RESULT", rd_count);
+  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 
+              "Sending `%s' message with %d results\n",
+              "LOOKUP_RESULT", 
+              rd_count);
   
   len = GNUNET_NAMESTORE_records_get_size (rd_count, rd);
-  rmsg = GNUNET_malloc (len + sizeof (struct GNUNET_GNS_ClientLookupResultMessage));
-  
+  rmsg = GNUNET_malloc (len + sizeof (struct GNUNET_GNS_ClientLookupResultMessage)); 
+  rmsg->header.type = htons (GNUNET_MESSAGE_TYPE_GNS_LOOKUP_RESULT);
+  rmsg->header.size = htons (len + sizeof(struct GNUNET_GNS_ClientLookupResultMessage));
   rmsg->id = clh->request_id;
-  rmsg->rd_count = htonl(rd_count);
-  rmsg->header.type = htons(GNUNET_MESSAGE_TYPE_GNS_LOOKUP_RESULT);
-  rmsg->header.size = 
-    htons(len+sizeof(struct GNUNET_GNS_ClientLookupResultMessage));
-  
-  GNUNET_NAMESTORE_records_serialize (rd_count, rd, len, (char*)&rmsg[1]);
-  
-  GNUNET_SERVER_notification_context_unicast (nc, clh->client,
-                                (const struct GNUNET_MessageHeader *) rmsg,
-                                GNUNET_NO);
-  GNUNET_SERVER_receive_done (clh->client, GNUNET_OK);
-  
-  GNUNET_free(rmsg);
-  GNUNET_free(clh->name);
-  
-  if (NULL != clh->shorten_key)
-    GNUNET_CRYPTO_ecc_key_free (clh->shorten_key);
+  rmsg->rd_count = htonl (rd_count); 
+  GNUNET_NAMESTORE_records_serialize (rd_count, rd, len, 
+                                      (char*) &rmsg[1]);
+  GNUNET_SERVER_notification_context_unicast (nc, 
+                                              clh->client,
+                                              &rmsg->header,
+                                              GNUNET_NO);
+  GNUNET_free (rmsg);
+  GNUNET_SERVER_receive_done (clh->client, 
+                              GNUNET_OK); 
+  GNUNET_CONTAINER_DLL_remove (clh_head, clh_tail, clh);
   GNUNET_free (clh);
   GNUNET_STATISTICS_update (statistics,
-                            "Completed lookups", 1, GNUNET_NO);
-  if (NULL != rd)
-    GNUNET_STATISTICS_update (statistics,
-                              "Records resolved", rd_count, GNUNET_NO);
+                            "Completed lookups", 1, 
+                            GNUNET_NO);
+  GNUNET_STATISTICS_update (statistics,
+                            "Records resolved", 
+                            rd_count, 
+                            GNUNET_NO);
 }
 
 
@@ -531,22 +505,21 @@ send_lookup_response (void* cls,
  */
 static void
 handle_lookup (void *cls,
-               struct GNUNET_SERVER_Client * client,
-               const struct GNUNET_MessageHeader * message)
+               struct GNUNET_SERVER_Client *client,
+               const struct GNUNET_MessageHeader *message)
 {
-  size_t namelen;
-  char name[GNUNET_DNSPARSER_MAX_NAME_LENGTH];
+  char name[GNUNET_DNSPARSER_MAX_NAME_LENGTH + 1];
   struct ClientLookupHandle *clh;
-  char* nameptr = name;
+  char *nameptr = name;
   const char *utf_in;
-  int only_cached;
   const struct GNUNET_CRYPTO_EccPrivateKey *key;
   uint16_t msg_size;
   const struct GNUNET_GNS_ClientLookupMessage *sh_msg;
   
   GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 
-              "Received `%s' message\n", "LOOKUP");
-  msg_size = ntohs(message->size);
+              "Received `%s' message\n", 
+              "LOOKUP");
+  msg_size = ntohs (message->size);
   if (msg_size < sizeof (struct GNUNET_GNS_ClientLookupMessage))
   {
     GNUNET_break (0);
@@ -556,88 +529,48 @@ handle_lookup (void *cls,
   sh_msg = (const struct GNUNET_GNS_ClientLookupMessage *) message;
   GNUNET_SERVER_notification_context_add (nc, client);
   if (GNUNET_YES == ntohl (sh_msg->have_key))
-  {
     key = &sh_msg->shorten_key;
-  }
   else
-  {
     key = NULL;
-  }
   utf_in = (const char *) &sh_msg[1];
-  if ('\0' != utf_in[msg_size - sizeof (struct GNUNET_GNS_ClientLookupMessage) - 1])
+  if ( ('\0' != utf_in[msg_size - sizeof (struct GNUNET_GNS_ClientLookupMessage) - 1]) ||
+       (strlen (utf_in) > GNUNET_DNSPARSER_MAX_NAME_LENGTH) )
   {
     GNUNET_break (0);
     GNUNET_SERVER_receive_done (client, GNUNET_SYSERR);
     return;
-  }  
+  }
   GNUNET_STRINGS_utf8_tolower (utf_in, &nameptr);
   
-  namelen = strlen (name) + 1;
-  clh = GNUNET_malloc (sizeof (struct ClientLookupHandle));
-  memset (clh, 0, sizeof (struct ClientLookupHandle));
+  clh = GNUNET_new (struct ClientLookupHandle);
+  GNUNET_CONTAINER_DLL_insert (clh_head, clh_tail, clh);
   clh->client = client;
-  clh->name = GNUNET_malloc (namelen);
-  strcpy (clh->name, name);
   clh->request_id = sh_msg->id;
-  clh->type = ntohl (sh_msg->type);
-  if (NULL != key)
+  if ( (GNUNET_DNSPARSER_TYPE_A == ntohl (sh_msg->type)) &&
+       (GNUNET_OK != v4_enabled) )
   {
-    clh->shorten_key = GNUNET_new (struct GNUNET_CRYPTO_EccPrivateKey);
-    *clh->shorten_key = *key;
-  }
-  only_cached = ntohl (sh_msg->only_cached);
-  
-  if (strlen (name) > GNUNET_DNSPARSER_MAX_NAME_LENGTH) {
     GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
-                "LOOKUP: %s is too long", name);
-    clh->name = NULL;
-    send_lookup_response (clh, 0, NULL);
-    return;
-  }
-
-  if ((GNUNET_DNSPARSER_TYPE_A == clh->type) &&
-      (GNUNET_OK != v4_enabled))
-  {
-    GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
-               "LOOKUP: Query for A record but AF_INET not supported!");
-    clh->name = NULL;
+                "LOOKUP: Query for A record but AF_INET not supported!");
     send_lookup_response (clh, 0, NULL);
     return;
-  }
-  
-  if ((GNUNET_DNSPARSER_TYPE_AAAA == clh->type) &&
-      (GNUNET_OK != v6_enabled))
+  }  
+  if ( (GNUNET_DNSPARSER_TYPE_AAAA == ntohl (sh_msg->type)) &&
+       (GNUNET_OK != v6_enabled) )
   {
     GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                 "LOOKUP: Query for AAAA record but AF_INET6 not supported!");
-    clh->name = NULL;
     send_lookup_response (clh, 0, NULL);
     return;
   }
-  
-  if (GNUNET_NO == ntohl (sh_msg->have_zone))
-    clh->zone = zone_hash;  /* Default zone */
-  else
-    clh->zone = sh_msg->zone;
-  
-  if (GNUNET_YES == auto_import_pkey)
-  {
-    gns_resolver_lookup_record (clh->zone, clh->zone, clh->type, clh->name,
-                                clh->shorten_key,
-                                default_lookup_timeout,
-                                clh->only_cached,
-                                &send_lookup_response, clh);  
-  }
-  else
-  {
-    gns_resolver_lookup_record (clh->zone, clh->zone, clh->type, name,
-                                NULL,
-                                default_lookup_timeout,
-                                only_cached,
-                                &send_lookup_response, clh);
-  }
+  clh->lookup = GNS_resolver_lookup (&sh_msg->zone, 
+                                     ntohl (sh_msg->type),
+                                     name,
+                                     key,
+                                     ntohl (sh_msg->only_cached),
+                                     &send_lookup_response, clh);
   GNUNET_STATISTICS_update (statistics,
-                            "Record lookup attempts", 1, GNUNET_NO);
+                            "Lookup attempts", 
+                            1, GNUNET_NO);
 }
 
 
@@ -656,9 +589,10 @@ run (void *cls, struct GNUNET_SERVER_Handle *server,
     { &handle_lookup, NULL, GNUNET_MESSAGE_TYPE_GNS_LOOKUP, 0},
     {NULL, NULL, 0, 0}
   };
-  struct GNUNET_CRYPTO_EccPublicKey pkey;
+  struct GNUNET_CRYPTO_EccPublicKey dns_root;
   unsigned long long max_parallel_bg_queries = 0;
   int ignore_pending = GNUNET_NO;
+  char *dns_root_name;
 
   v6_enabled = GNUNET_NETWORK_test_pf (PF_INET6);
   v4_enabled = GNUNET_NETWORK_test_pf (PF_INET);
@@ -672,15 +606,6 @@ run (void *cls, struct GNUNET_SERVER_Handle *server,
     return;
   }
   
-  auto_import_pkey = GNUNET_NO;
-  if (GNUNET_YES ==
-      GNUNET_CONFIGURATION_get_value_yesno (c, "gns",
-                                            "AUTO_IMPORT_PKEY"))
-  {
-    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
-                "Automatic PKEY import is enabled.\n");
-    auto_import_pkey = GNUNET_YES;
-  }
   put_interval = INITIAL_PUT_INTERVAL;
   zone_publish_time_window = DEFAULT_ZONE_PUBLISH_TIME_WINDOW;
 
@@ -734,7 +659,8 @@ run (void *cls, struct GNUNET_SERVER_Handle *server,
   }
   
   if (GNUNET_SYSERR ==
-      gns_resolver_init (namestore_handle, dht_handle, zone_hash, c,
+      GNS_resolver_init (namestore_handle, dht_handle, 
+                         c,
                          max_parallel_bg_queries,
                          ignore_pending))
   {
@@ -744,31 +670,45 @@ run (void *cls, struct GNUNET_SERVER_Handle *server,
     return;
   }
 
-  if (GNUNET_YES ==
-      GNUNET_CONFIGURATION_get_value_yesno (c, "gns", "HIJACK_DNS"))
+  if (GNUNET_OK ==
+      GNUNET_CONFIGURATION_get_value_string (c, "gns", "DNS_ROOT",
+                                             &dns_root_name))
   {
+    if (GNUNET_OK !=
+        GNUNET_CRYPTO_ecc_public_key_from_string (dns_root_name,
+                                                  strlen (dns_root_name),
+                                                  &dns_root))
+    {
+      GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
+                                 "gns", "DNS_ROOT", 
+                                 _("valid public key required"));
+      GNUNET_SCHEDULER_add_now (&shutdown_task, NULL);
+      GNUNET_free (dns_root_name);
+      return;
+    }
     GNUNET_log (GNUNET_ERROR_TYPE_INFO,
-                "DNS hijacking enabled. Connecting to DNS service.\n");
-
+                "DNS hijacking with root `%s' enabled. Connecting to DNS service.\n",
+                dns_root_name);
+    GNUNET_free (dns_root_name);    
     if (GNUNET_SYSERR ==
-        gns_interceptor_init (zone_hash, zone_key, c))
+        GNS_interceptor_init (&dns_root, c))
     {
-      GNUNET_log(GNUNET_ERROR_TYPE_ERROR,
-               "Failed to enable the DNS interceptor!\n");
+      GNUNET_SCHEDULER_add_now (&shutdown_task, NULL);
+      return;
     }
   }
+  /* FIXME: install client disconnect handle to clean up pending
+     lookups on client disconnect! */
   
-  /**
-   * Schedule periodic put for our records We have roughly an hour for
-   * all records;
-   */
+  /* Schedule periodic put for our records. */  
   first_zone_iteration = GNUNET_YES;
-  zone_publish_task = GNUNET_SCHEDULER_add_now (&publish_zone_dht_start, NULL);
   GNUNET_SERVER_add_handlers (server, handlers);
   statistics = GNUNET_STATISTICS_create ("gns", c);
   nc = GNUNET_SERVER_notification_context_create (server, 1);
-  GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_FOREVER_REL, &shutdown_task,
-                                NULL);
+  zone_publish_task = GNUNET_SCHEDULER_add_now (&publish_zone_dht_start, 
+                                                NULL);
+  GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_FOREVER_REL, 
+                                &shutdown_task, NULL);
 }