23 files changed, 4419 insertions, 3544 deletions
diff --git a/doc/documentation/Makefile.am b/doc/documentation/Makefile.am
index 12f40f147..b6c666c4d 100644
--- a/doc/documentation/Makefile.am
+++ b/doc/documentation/Makefile.am
@@ -114,6 +114,7 @@ gnunet_TEXINFOS = 						\
        chapters/developer.texi                                 \
        chapters/preface.texi                           \
        chapters/philosophy.texi                                \
+        chapters/installation.texi                              \
        chapters/user.texi                                      \
        chapters/vocabulary.texi                                \
        chapters/configuration.texi                             \
@@ -143,6 +144,7 @@ DISTCLEANFILES = 						\
        chapters/terminology.cps                                \
        chapters/vocabulary.cps                                 \
        fdl-1.3.cps                                             \
+        agpl-3.0.cps                                            \
        gpl-3.0.cps
 # if HAVE_EXTENDED_DOCUMENTATION_BUILDING
@@ -165,8 +167,8 @@ lego_stack.png: images/lego_stack.svg
 #       echo "@set EDITION $(PACKAGE_VERSION)" >> $@
 #       echo "@set VERSION $(PACKAGE_VERSION)" >> $@
-# Workaround for makeinfo error. Whcih in turn introduces more
+# Workaround for makeinfo error. Which in turn introduces more
-# date-related 'warnings'. Well.
+# date-related 'warnings' for GNUism. Well.
 version2.texi:
        echo "@set UPDATED $(date +'%d %B %Y')" > $@
        echo "@set UPDATED-MONTH $(date +'%B %Y')" >> $@
diff --git a/doc/documentation/agpl-3.0.texi b/doc/documentation/agpl-3.0.texi
new file mode 100644
index 000000000..eabb0c6df
--- /dev/null
+++ b/doc/documentation/agpl-3.0.texi
@@ -0,0 +1,698 @@
+@c The GNU Affero General Public License.
+@center Version 3, 19 November 2007
+@c This file is intended to be included within another document,
+@c hence no sectioning command or @node.
+@display
+Copyright @copyright{} 2007 Free Software Foundation, Inc. @url{https://fsf.org/}
+Everyone is permitted to copy and distribute verbatim copies of this
+license document, but changing it is not allowed.
+@end display
+@heading Preamble
+The GNU Affero General Public License is a free, copyleft license
+for software and other kinds of works, specifically designed to ensure
+cooperation with the community in the case of network server software.
+The licenses for most software and other practical works are
+designed to take away your freedom to share and change the works.  By
+contrast, our General Public Licenses are intended to guarantee your
+freedom to share and change all versions of a program--to make sure it
+remains free software for all its users.
+When we speak of free software, we are referring to freedom, not
+price.  Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+them if you wish), that you receive source code or can get it if you
+want it, that you can change the software or use pieces of it in new
+free programs, and that you know you can do these things.
+Developers that use our General Public Licenses protect your rights
+with two steps: (1) assert copyright on the software, and (2) offer
+you this License which gives you legal permission to copy, distribute
+and/or modify the software.
+A secondary benefit of defending all users' freedom is that
+improvements made in alternate versions of the program, if they
+receive widespread use, become available for other developers to
+incorporate.  Many developers of free software are heartened and
+encouraged by the resulting cooperation.  However, in the case of
+software used on network servers, this result may fail to come about.
+The GNU General Public License permits making a modified version and
+letting the public access it on a server without ever releasing its
+source code to the public.
+The GNU Affero General Public License is designed specifically to
+ensure that, in such cases, the modified source code becomes available
+to the community.  It requires the operator of a network server to
+provide the source code of the modified version running there to the
+users of that server.  Therefore, public use of a modified version, on
+a publicly accessible server, gives the public access to the source
+code of the modified version.
+An older license, called the Affero General Public License and
+published by Affero, was designed to accomplish similar goals.  This is
+a different license, not a version of the Affero GPL, but Affero has
+released a new version of the Affero GPL which permits relicensing under
+this license.
+The precise terms and conditions for copying, distribution and
+modification follow.
+@heading TERMS AND CONDITIONS
+@enumerate 0
+@item Definitions.
+``This License'' refers to version 3 of the GNU Affero General Public License.
+``Copyright'' also means copyright-like laws that apply to other kinds
+of works, such as semiconductor masks.
+``The Program'' refers to any copyrightable work licensed under this
+License.  Each licensee is addressed as ``you''.  ``Licensees'' and
+``recipients'' may be individuals or organizations.
+To ``modify'' a work means to copy from or adapt all or part of the work
+in a fashion requiring copyright permission, other than the making of
+an exact copy.  The resulting work is called a ``modified version'' of
+the earlier work or a work ``based on'' the earlier work.
+A ``covered work'' means either the unmodified Program or a work based
+on the Program.
+To ``propagate'' a work means to do anything with it that, without
+permission, would make you directly or secondarily liable for
+infringement under applicable copyright law, except executing it on a
+computer or modifying a private copy.  Propagation includes copying,
+distribution (with or without modification), making available to the
+public, and in some countries other activities as well.
+To ``convey'' a work means any kind of propagation that enables other
+parties to make or receive copies.  Mere interaction with a user
+through a computer network, with no transfer of a copy, is not
+conveying.
+An interactive user interface displays ``Appropriate Legal Notices'' to
+the extent that it includes a convenient and prominently visible
+feature that (1) displays an appropriate copyright notice, and (2)
+tells the user that there is no warranty for the work (except to the
+extent that warranties are provided), that licensees may convey the
+work under this License, and how to view a copy of this License.  If
+the interface presents a list of user commands or options, such as a
+menu, a prominent item in the list meets this criterion.
+@item Source Code.
+The ``source code'' for a work means the preferred form of the work for
+making modifications to it.  ``Object code'' means any non-source form
+of a work.
+A ``Standard Interface'' means an interface that either is an official
+standard defined by a recognized standards body, or, in the case of
+interfaces specified for a particular programming language, one that
+is widely used among developers working in that language.
+The ``System Libraries'' of an executable work include anything, other
+than the work as a whole, that (a) is included in the normal form of
+packaging a Major Component, but which is not part of that Major
+Component, and (b) serves only to enable use of the work with that
+Major Component, or to implement a Standard Interface for which an
+implementation is available to the public in source code form.  A
+``Major Component'', in this context, means a major essential component
+(kernel, window system, and so on) of the specific operating system
+(if any) on which the executable work runs, or a compiler used to
+produce the work, or an object code interpreter used to run it.
+The ``Corresponding Source'' for a work in object code form means all
+the source code needed to generate, install, and (for an executable
+work) run the object code and to modify the work, including scripts to
+control those activities.  However, it does not include the work's
+System Libraries, or general-purpose tools or generally available free
+programs which are used unmodified in performing those activities but
+which are not part of the work.  For example, Corresponding Source
+includes interface definition files associated with source files for
+the work, and the source code for shared libraries and dynamically
+linked subprograms that the work is specifically designed to require,
+such as by intimate data communication or control flow between those
+subprograms and other parts of the work.
+The Corresponding Source need not include anything that users can
+regenerate automatically from other parts of the Corresponding Source.
+The Corresponding Source for a work in source code form is that same
+work.
+@item Basic Permissions.
+All rights granted under this License are granted for the term of
+copyright on the Program, and are irrevocable provided the stated
+conditions are met.  This License explicitly affirms your unlimited
+permission to run the unmodified Program.  The output from running a
+covered work is covered by this License only if the output, given its
+content, constitutes a covered work.  This License acknowledges your
+rights of fair use or other equivalent, as provided by copyright law.
+You may make, run and propagate covered works that you do not convey,
+without conditions so long as your license otherwise remains in force.
+You may convey covered works to others for the sole purpose of having
+them make modifications exclusively for you, or provide you with
+facilities for running those works, provided that you comply with the
+terms of this License in conveying all material for which you do not
+control copyright.  Those thus making or running the covered works for
+you must do so exclusively on your behalf, under your direction and
+control, on terms that prohibit them from making any copies of your
+copyrighted material outside their relationship with you.
+Conveying under any other circumstances is permitted solely under the
+conditions stated below.  Sublicensing is not allowed; section 10
+makes it unnecessary.
+@item Protecting Users' Legal Rights From Anti-Circumvention Law.
+No covered work shall be deemed part of an effective technological
+measure under any applicable law fulfilling obligations under article
+11 of the WIPO copyright treaty adopted on 20 December 1996, or
+similar laws prohibiting or restricting circumvention of such
+measures.
+When you convey a covered work, you waive any legal power to forbid
+circumvention of technological measures to the extent such
+circumvention is effected by exercising rights under this License with
+respect to the covered work, and you disclaim any intention to limit
+operation or modification of the work as a means of enforcing, against
+the work's users, your or third parties' legal rights to forbid
+circumvention of technological measures.
+@item Conveying Verbatim Copies.
+You may convey verbatim copies of the Program's source code as you
+receive it, in any medium, provided that you conspicuously and
+appropriately publish on each copy an appropriate copyright notice;
+keep intact all notices stating that this License and any
+non-permissive terms added in accord with section 7 apply to the code;
+keep intact all notices of the absence of any warranty; and give all
+recipients a copy of this License along with the Program.
+You may charge any price or no price for each copy that you convey,
+and you may offer support or warranty protection for a fee.
+@item Conveying Modified Source Versions.
+You may convey a work based on the Program, or the modifications to
+produce it from the Program, in the form of source code under the
+terms of section 4, provided that you also meet all of these
+conditions:
+@enumerate a
+@item
+The work must carry prominent notices stating that you modified it,
+and giving a relevant date.
+@item
+The work must carry prominent notices stating that it is released
+under this License and any conditions added under section 7.  This
+requirement modifies the requirement in section 4 to ``keep intact all
+notices''.
+@item
+You must license the entire work, as a whole, under this License to
+anyone who comes into possession of a copy.  This License will
+therefore apply, along with any applicable section 7 additional terms,
+to the whole of the work, and all its parts, regardless of how they
+are packaged.  This License gives no permission to license the work in
+any other way, but it does not invalidate such permission if you have
+separately received it.
+@item
+If the work has interactive user interfaces, each must display
+Appropriate Legal Notices; however, if the Program has interactive
+interfaces that do not display Appropriate Legal Notices, your work
+need not make them do so.
+@end enumerate
+A compilation of a covered work with other separate and independent
+works, which are not by their nature extensions of the covered work,
+and which are not combined with it such as to form a larger program,
+in or on a volume of a storage or distribution medium, is called an
+``aggregate'' if the compilation and its resulting copyright are not
+used to limit the access or legal rights of the compilation's users
+beyond what the individual works permit.  Inclusion of a covered work
+in an aggregate does not cause this License to apply to the other
+parts of the aggregate.
+@item  Conveying Non-Source Forms.
+You may convey a covered work in object code form under the terms of
+sections 4 and 5, provided that you also convey the machine-readable
+Corresponding Source under the terms of this License, in one of these
+ways:
+@enumerate a
+@item
+Convey the object code in, or embodied in, a physical product
+(including a physical distribution medium), accompanied by the
+Corresponding Source fixed on a durable physical medium customarily
+used for software interchange.
+@item
+Convey the object code in, or embodied in, a physical product
+(including a physical distribution medium), accompanied by a written
+offer, valid for at least three years and valid for as long as you
+offer spare parts or customer support for that product model, to give
+anyone who possesses the object code either (1) a copy of the
+Corresponding Source for all the software in the product that is
+covered by this License, on a durable physical medium customarily used
+for software interchange, for a price no more than your reasonable
+cost of physically performing this conveying of source, or (2) access
+to copy the Corresponding Source from a network server at no charge.
+@item
+Convey individual copies of the object code with a copy of the written
+offer to provide the Corresponding Source.  This alternative is
+allowed only occasionally and noncommercially, and only if you
+received the object code with such an offer, in accord with subsection
+6b.
+@item
+Convey the object code by offering access from a designated place
+(gratis or for a charge), and offer equivalent access to the
+Corresponding Source in the same way through the same place at no
+further charge.  You need not require recipients to copy the
+Corresponding Source along with the object code.  If the place to copy
+the object code is a network server, the Corresponding Source may be
+on a different server (operated by you or a third party) that supports
+equivalent copying facilities, provided you maintain clear directions
+next to the object code saying where to find the Corresponding Source.
+Regardless of what server hosts the Corresponding Source, you remain
+obligated to ensure that it is available for as long as needed to
+satisfy these requirements.
+@item
+Convey the object code using peer-to-peer transmission, provided you
+inform other peers where the object code and Corresponding Source of
+the work are being offered to the general public at no charge under
+subsection 6d.
+@end enumerate
+A separable portion of the object code, whose source code is excluded
+from the Corresponding Source as a System Library, need not be
+included in conveying the object code work.
+A ``User Product'' is either (1) a ``consumer product'', which means any
+tangible personal property which is normally used for personal,
+family, or household purposes, or (2) anything designed or sold for
+incorporation into a dwelling.  In determining whether a product is a
+consumer product, doubtful cases shall be resolved in favor of
+coverage.  For a particular product received by a particular user,
+``normally used'' refers to a typical or common use of that class of
+product, regardless of the status of the particular user or of the way
+in which the particular user actually uses, or expects or is expected
+to use, the product.  A product is a consumer product regardless of
+whether the product has substantial commercial, industrial or
+non-consumer uses, unless such uses represent the only significant
+mode of use of the product.
+``Installation Information'' for a User Product means any methods,
+procedures, authorization keys, or other information required to
+install and execute modified versions of a covered work in that User
+Product from a modified version of its Corresponding Source.  The
+information must suffice to ensure that the continued functioning of
+the modified object code is in no case prevented or interfered with
+solely because modification has been made.
+If you convey an object code work under this section in, or with, or
+specifically for use in, a User Product, and the conveying occurs as
+part of a transaction in which the right of possession and use of the
+User Product is transferred to the recipient in perpetuity or for a
+fixed term (regardless of how the transaction is characterized), the
+Corresponding Source conveyed under this section must be accompanied
+by the Installation Information.  But this requirement does not apply
+if neither you nor any third party retains the ability to install
+modified object code on the User Product (for example, the work has
+been installed in ROM).
+The requirement to provide Installation Information does not include a
+requirement to continue to provide support service, warranty, or
+updates for a work that has been modified or installed by the
+recipient, or for the User Product in which it has been modified or
+installed.  Access to a network may be denied when the modification
+itself materially and adversely affects the operation of the network
+or violates the rules and protocols for communication across the
+network.
+Corresponding Source conveyed, and Installation Information provided,
+in accord with this section must be in a format that is publicly
+documented (and with an implementation available to the public in
+source code form), and must require no special password or key for
+unpacking, reading or copying.
+@item Additional Terms.
+``Additional permissions'' are terms that supplement the terms of this
+License by making exceptions from one or more of its conditions.
+Additional permissions that are applicable to the entire Program shall
+be treated as though they were included in this License, to the extent
+that they are valid under applicable law.  If additional permissions
+apply only to part of the Program, that part may be used separately
+under those permissions, but the entire Program remains governed by
+this License without regard to the additional permissions.
+When you convey a copy of a covered work, you may at your option
+remove any additional permissions from that copy, or from any part of
+it.  (Additional permissions may be written to require their own
+removal in certain cases when you modify the work.)  You may place
+additional permissions on material, added by you to a covered work,
+for which you have or can give appropriate copyright permission.
+Notwithstanding any other provision of this License, for material you
+add to a covered work, you may (if authorized by the copyright holders
+of that material) supplement the terms of this License with terms:
+@enumerate a
+@item
+Disclaiming warranty or limiting liability differently from the terms
+of sections 15 and 16 of this License; or
+@item
+Requiring preservation of specified reasonable legal notices or author
+attributions in that material or in the Appropriate Legal Notices
+displayed by works containing it; or
+@item
+Prohibiting misrepresentation of the origin of that material, or
+requiring that modified versions of such material be marked in
+reasonable ways as different from the original version; or
+@item
+Limiting the use for publicity purposes of names of licensors or
+authors of the material; or
+@item
+Declining to grant rights under trademark law for use of some trade
+names, trademarks, or service marks; or
+@item
+Requiring indemnification of licensors and authors of that material by
+anyone who conveys the material (or modified versions of it) with
+contractual assumptions of liability to the recipient, for any
+liability that these contractual assumptions directly impose on those
+licensors and authors.
+@end enumerate
+All other non-permissive additional terms are considered ``further
+restrictions'' within the meaning of section 10.  If the Program as you
+received it, or any part of it, contains a notice stating that it is
+governed by this License along with a term that is a further
+restriction, you may remove that term.  If a license document contains
+a further restriction but permits relicensing or conveying under this
+License, you may add to a covered work material governed by the terms
+of that license document, provided that the further restriction does
+not survive such relicensing or conveying.
+If you add terms to a covered work in accord with this section, you
+must place, in the relevant source files, a statement of the
+additional terms that apply to those files, or a notice indicating
+where to find the applicable terms.
+Additional terms, permissive or non-permissive, may be stated in the
+form of a separately written license, or stated as exceptions; the
+above requirements apply either way.
+@item Termination.
+You may not propagate or modify a covered work except as expressly
+provided under this License.  Any attempt otherwise to propagate or
+modify it is void, and will automatically terminate your rights under
+this License (including any patent licenses granted under the third
+paragraph of section 11).
+However, if you cease all violation of this License, then your license
+from a particular copyright holder is reinstated (a) provisionally,
+unless and until the copyright holder explicitly and finally
+terminates your license, and (b) permanently, if the copyright holder
+fails to notify you of the violation by some reasonable means prior to
+60 days after the cessation.
+Moreover, your license from a particular copyright holder is
+reinstated permanently if the copyright holder notifies you of the
+violation by some reasonable means, this is the first time you have
+received notice of violation of this License (for any work) from that
+copyright holder, and you cure the violation prior to 30 days after
+your receipt of the notice.
+Termination of your rights under this section does not terminate the
+licenses of parties who have received copies or rights from you under
+this License.  If your rights have been terminated and not permanently
+reinstated, you do not qualify to receive new licenses for the same
+material under section 10.
+@item Acceptance Not Required for Having Copies.
+You are not required to accept this License in order to receive or run
+a copy of the Program.  Ancillary propagation of a covered work
+occurring solely as a consequence of using peer-to-peer transmission
+to receive a copy likewise does not require acceptance.  However,
+nothing other than this License grants you permission to propagate or
+modify any covered work.  These actions infringe copyright if you do
+not accept this License.  Therefore, by modifying or propagating a
+covered work, you indicate your acceptance of this License to do so.
+@item Automatic Licensing of Downstream Recipients.
+Each time you convey a covered work, the recipient automatically
+receives a license from the original licensors, to run, modify and
+propagate that work, subject to this License.  You are not responsible
+for enforcing compliance by third parties with this License.
+An ``entity transaction'' is a transaction transferring control of an
+organization, or substantially all assets of one, or subdividing an
+organization, or merging organizations.  If propagation of a covered
+work results from an entity transaction, each party to that
+transaction who receives a copy of the work also receives whatever
+licenses to the work the party's predecessor in interest had or could
+give under the previous paragraph, plus a right to possession of the
+Corresponding Source of the work from the predecessor in interest, if
+the predecessor has it or can get it with reasonable efforts.
+You may not impose any further restrictions on the exercise of the
+rights granted or affirmed under this License.  For example, you may
+not impose a license fee, royalty, or other charge for exercise of
+rights granted under this License, and you may not initiate litigation
+(including a cross-claim or counterclaim in a lawsuit) alleging that
+any patent claim is infringed by making, using, selling, offering for
+sale, or importing the Program or any portion of it.
+@item Patents.
+A ``contributor'' is a copyright holder who authorizes use under this
+License of the Program or a work on which the Program is based.  The
+work thus licensed is called the contributor's ``contributor version''.
+A contributor's ``essential patent claims'' are all patent claims owned
+or controlled by the contributor, whether already acquired or
+hereafter acquired, that would be infringed by some manner, permitted
+by this License, of making, using, or selling its contributor version,
+but do not include claims that would be infringed only as a
+consequence of further modification of the contributor version.  For
+purposes of this definition, ``control'' includes the right to grant
+patent sublicenses in a manner consistent with the requirements of
+this License.
+Each contributor grants you a non-exclusive, worldwide, royalty-free
+patent license under the contributor's essential patent claims, to
+make, use, sell, offer for sale, import and otherwise run, modify and
+propagate the contents of its contributor version.
+In the following three paragraphs, a ``patent license'' is any express
+agreement or commitment, however denominated, not to enforce a patent
+(such as an express permission to practice a patent or covenant not to
+sue for patent infringement).  To ``grant'' such a patent license to a
+party means to make such an agreement or commitment not to enforce a
+patent against the party.
+If you convey a covered work, knowingly relying on a patent license,
+and the Corresponding Source of the work is not available for anyone
+to copy, free of charge and under the terms of this License, through a
+publicly available network server or other readily accessible means,
+then you must either (1) cause the Corresponding Source to be so
+available, or (2) arrange to deprive yourself of the benefit of the
+patent license for this particular work, or (3) arrange, in a manner
+consistent with the requirements of this License, to extend the patent
+license to downstream recipients.  ``Knowingly relying'' means you have
+actual knowledge that, but for the patent license, your conveying the
+covered work in a country, or your recipient's use of the covered work
+in a country, would infringe one or more identifiable patents in that
+country that you have reason to believe are valid.
+If, pursuant to or in connection with a single transaction or
+arrangement, you convey, or propagate by procuring conveyance of, a
+covered work, and grant a patent license to some of the parties
+receiving the covered work authorizing them to use, propagate, modify
+or convey a specific copy of the covered work, then the patent license
+you grant is automatically extended to all recipients of the covered
+work and works based on it.
+A patent license is ``discriminatory'' if it does not include within the
+scope of its coverage, prohibits the exercise of, or is conditioned on
+the non-exercise of one or more of the rights that are specifically
+granted under this License.  You may not convey a covered work if you
+are a party to an arrangement with a third party that is in the
+business of distributing software, under which you make payment to the
+third party based on the extent of your activity of conveying the
+work, and under which the third party grants, to any of the parties
+who would receive the covered work from you, a discriminatory patent
+license (a) in connection with copies of the covered work conveyed by
+you (or copies made from those copies), or (b) primarily for and in
+connection with specific products or compilations that contain the
+covered work, unless you entered into that arrangement, or that patent
+license was granted, prior to 28 March 2007.
+Nothing in this License shall be construed as excluding or limiting
+any implied license or other defenses to infringement that may
+otherwise be available to you under applicable patent law.
+@item No Surrender of Others' Freedom.
+If conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License.  If you cannot convey
+a covered work so as to satisfy simultaneously your obligations under
+this License and any other pertinent obligations, then as a
+consequence you may not convey it at all.  For example, if you agree
+to terms that obligate you to collect a royalty for further conveying
+from those to whom you convey the Program, the only way you could
+satisfy both those terms and this License would be to refrain entirely
+from conveying the Program.
+@item Remote Network Interaction; Use with the GNU General Public License.
+Notwithstanding any other provision of this License, if you modify the
+Program, your modified version must prominently offer all users interacting
+with it remotely through a computer network (if your version supports such
+interaction) an opportunity to receive the Corresponding Source of your
+version by providing access to the Corresponding Source from a network
+server at no charge, through some standard or customary means of
+facilitating copying of software.  This Corresponding Source shall include
+the Corresponding Source for any work covered by version 3 of the GNU
+General Public License that is incorporated pursuant to the following
+paragraph.
+Notwithstanding any other provision of this License, you have permission to
+link or combine any covered work with a work licensed under version 3 of
+the GNU General Public License into a single combined work, and to convey
+the resulting work.  The terms of this License will continue to apply to
+the part which is the covered work, but the work with which it is combined
+will remain governed by version 3 of the GNU General Public License.
+@item Revised Versions of this License.
+The Free Software Foundation may publish revised and/or new versions
+of the GNU Affero General Public License from time to time.  Such new
+versions will be similar in spirit to the present version, but may
+differ in detail to address new problems or concerns.
+Each version is given a distinguishing version number.  If the Program
+specifies that a certain numbered version of the GNU Affero General Public
+License ``or any later version'' applies to it, you have the option of
+following the terms and conditions either of that numbered version or
+of any later version published by the Free Software Foundation.  If
+the Program does not specify a version number of the GNU Affero General
+Public License, you may choose any version ever published by the Free
+Software Foundation.
+If the Program specifies that a proxy can decide which future versions
+of the GNU Affero General Public License can be used, that proxy's public
+statement of acceptance of a version permanently authorizes you to
+choose that version for the Program.
+Later license versions may give you additional or different
+permissions.  However, no additional obligations are imposed on any
+author or copyright holder as a result of your choosing to follow a
+later version.
+@item Disclaimer of Warranty.
+THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
+APPLICABLE LAW.  EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
+HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM ``AS IS'' WITHOUT
+WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE.  THE ENTIRE RISK AS TO THE QUALITY AND
+PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE PROGRAM PROVE
+DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR
+CORRECTION.
+@item Limitation of Liability.
+IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR
+CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
+INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES
+ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT
+NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR
+LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM
+TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER
+PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+@item Interpretation of Sections 15 and 16.
+If the disclaimer of warranty and limitation of liability provided
+above cannot be given local legal effect according to their terms,
+reviewing courts shall apply local law that most closely approximates
+an absolute waiver of all civil liability in connection with the
+Program, unless a warranty or assumption of liability accompanies a
+copy of the Program in return for a fee.
+@end enumerate
+@heading END OF TERMS AND CONDITIONS
+@heading How to Apply These Terms to Your New Programs
+If you develop a new program, and you want it to be of the greatest
+possible use to the public, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these
+terms.
+To do so, attach the following notices to the program.  It is safest
+to attach them to the start of each source file to most effectively
+state the exclusion of warranty; and each file should have at least
+the ``copyright'' line and a pointer to where the full notice is found.
+@smallexample
+@var{one line to give the program's name and a brief idea of what it does.}
+Copyright (C) @var{year} @var{name of author}
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU Affero General Public License as published by
+the Free Software Foundation, either version 3 of the License, or (at
+your option) any later version.
+This program is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+Affero General Public License for more details.
+You should have received a copy of the GNU Affero General Public License
+along with this program.  If not, see @url{https://www.gnu.org/licenses/}.
+@end smallexample
+Also add information on how to contact you by electronic and paper mail.
+If your software can interact with users remotely through a computer
+network, you should also make sure that it provides a way for users to
+get its source.  For example, if your program is a web application, its
+interface could display a ``Source'' link that leads users to an archive
+of the code.  There are many ways you could offer source, and different
+solutions will be better for different programs; see section 13 for the
+specific requirements.
+You should also get your employer (if you work as a programmer) or school,
+if any, to sign a ``copyright disclaimer'' for the program, if necessary.
+For more information on this, and how to apply and follow the GNU AGPL, see
+@url{https://www.gnu.org/licenses/}.
diff --git a/doc/documentation/chapters/contributing.texi b/doc/documentation/chapters/contributing.texi
index 745acca77..dc87de3d6 100644
--- a/doc/documentation/chapters/contributing.texi
+++ b/doc/documentation/chapters/contributing.texi
@@ -11,12 +11,14 @@
 @node Contributing to GNUnet
 @section Contributing to GNUnet
+@cindex licenses
+@cindex licenses of contributions
 @node Licenses of contributions
 @section Licenses of contributions
 GNUnet is a @uref{https://www.gnu.org/, GNU} package.
 All code contributions must thus be put under the
-@uref{https://www.gnu.org/copyleft/gpl.html, GNU Public License (GPL)}.
+@uref{https://www.gnu.org/licenses/agpl.html, GNU Affero Public License (AGPL)}.
 All documentation should be put under FSF approved licenses
 (see @uref{https://www.gnu.org/copyleft/fdl.html, fdl}).
@@ -40,7 +42,7 @@ rights, and in particular is allowed to dual-license the code. You
 retain non-exclusive rights to your contributions, so you can also
 share your contributions freely with other projects.
-GNUnet e.V. will publish all accepted contributions under the GPLv3
+GNUnet e.V. will publish all accepted contributions under the AGPLv3
 or any later version. The association may decide to publish
 contributions under additional licenses (dual-licensing).
diff --git a/doc/documentation/chapters/installation.texi b/doc/documentation/chapters/installation.texi
new file mode 100644
index 000000000..f5e38fd3d
--- /dev/null
+++ b/doc/documentation/chapters/installation.texi
@@ -0,0 +1,2167 @@
+@node Installing GNUnet
+@chapter Installing GNUnet
+This guide is intended for those who want to install Gnunet from source. For instructions on how to install GNUnet as a binary package please refer to the official documentation of your operating system or package manager.
+@node Getting the Source Code
+@section Installing dependencies
+GNUnet needs few libraries and applications for being able to run and another few optional ones for using certain features. Preferably they should be installed with a package manager. Just in case we include a link to the project websites.
+The mandatory libraries and applications are
+@itemize @bullet
+@item libtool
+@item autoconf >= version 2.59
+@item automake >= version 1.11.1
+@item pkg-config
+@item libgcrypt >= version 1.6
+@item libextractor
+@item libidn
+@item libmicrohttpd >= version 0.9.52
+@item libnss 
+@item libunistring
+@item gettext
+@item glibc
+@item libgmp
+@item gnutls
+@item libcurl (has to be linked to GnuTLS) or libgnurl
+@item zlib
+@end itemize
+In addition GNUnet needs one of of these three databases
+@itemize @bullet
+@item sqlite + libsqlite (the default, requires no further configuration)
+@item postgres + libpq
+@item mysql + libmysqlclient
+@end itemize
+These are the dependencies only required for certain features
+@itemize @bullet
+@item Texinfo (for building the documentation)
+@item Texlive (for building the documentation)
+@item miniupnpc (for traversing NAT boxes more reliably)
+@item libopus (for running the GNUnet conversation telephony application)
+@item libpulse (for running the GNUnet conversation telephony application)
+@item libogg (for running the GNUnet conversation telephony application)
+@item bluez (for bluetooth support)
+@item libpbc (for attribute-based encryption and the identity provider subsystem)
+@item libgabe (for attribute-based encryption and the identity provider subsystem)
+@end itemize
+@section Getting the Source Code
+You can either download the source code using git (you obviously need git installed) or as an archive.
+Using git type
+@example
+git clone https://gnunet.org/git/gnunet.git
+@end example
+The archive can be found at @uref{https://gnunet.org/downloads}. Extract it using a graphical archive tool or @code{tar}:
+@example
+tar xzvf gnunet-0.11.0pre66.tar.gz
+@end example
+In the next chapter we will assume that the source code is available in the home directory at @code{~/gnunet}.
+@section Create @code{gnunet} user and group
+The GNUnet services should be run as a dedicated user called @code{gnunet}. For using them a user should be in the same group as this system user.
+Create user @code{gnunet} who is member of the group @code{gnunet} and specify a home directory where the GNUnet services will store persistant data such as information about peers.
+@example
+$ sudo useradd --system --groups gnunet --home-dir /var/lib/gnunet
+@end example
+Now add your own user to the @code{gnunet} group.
+@example
+$ sudo adduser alice gnunet
+@end example
+@section Preparing and Compiling the Source Code
+For preparing the source code for compilation a bootstrap script and @code{configure} has to be run from the source code directory. When running @code{configure} the following options can be specified to customize the compilation and installation process:
+@itemize @bullet
+@item @code{--disable-documentation} - don't build the configuration documents
+@item @code{--enable-looging=[LOGLEVEL]} - choose a loglevel (@code{debug}, @code{info}, @code{warning} or @code{error})
+@item @code{--prefix=[PATH]} - the directory where the GNUnet libraries and binaries will be installed
+@item @code{--with-extractor=[PATH]} - the path to libextractor
+@item @code{--with-libidn=[PATH]} - the path to libidn
+@item @code{--with-microhttpd=[PATH]} - the path to libmicrohttpd
+@item @code{--with-sqlite=[PATH]} - the path to libsqlite
+@item @code{--with-zlib=[PATH]} - the path to zlib
+@item @code{--with-sudo=[PATH]} - path to the sudo binary (no need to run @code{make install} as root if specified)
+@end itemize
+The following example configures the installation prefix @code{/usr/lib} and disables building the documentation
+@example
+$ cd ~/gnunet
+$ ./bootstrap
+$ configure --prefix=/usr/lib --disable-configuration
+@end example
+After running the bootstrap script and @code{configure} successfully the source code can be compiled with make. Here @code{-j5} specifies that 5 threads should be used.
+@example
+$ make -j5
+@end example
+@section Installation
+The compiled binaries can be installed using @code{make install}. It needs to be run as root (or with sudo) because some binaries need the @code{suid} bit set. Without that some GNUnet subsystems (such as VPN) will not work.
+@example
+$ sudo make install
+@end example
+One important library is the GNS plugin for NSS (the name services switch) which allows using GNS (the GNU name system) in the normal DNS resolution process. Unfortunately NSS expects it in a specific location (probably @code{/lib}) which may differ from the installation prefix (see @code{--prefix} option in the previous section). This is why the pugin has to be installed manually.
+Find the directory where nss plugins are installed on your system, e.g.
+@example
+$ ls -l /lib/libnss_*
+/lib/libnss_mymachines.so.2
+/lib/libnss_resolve.so.2
+/lib/libnss_myhostname.so.2
+/lib/libnss_systemd.so.2
+@end example
+Copy the GNS NSS plugin to that directory:
+@example
+cp ~/gnunet/src/gns/nss/libnss_gns.so.2 /lib
+@end example
+Now, to activate the plugin, you need to edit your @code{/etc/nsswitch.conf} where you should find a line like this:
+@example
+hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4
+@end example
+The exact details may differ a bit, which is fine. Add the text @code{"gns [NOTFOUND=return]"} after @code{"files"}. 
+@example
+hosts: files gns [NOTFOUND=return] mdns4_minimal [NOTFOUND=return] dns mdns4
+@end example
+Optionally, if GNS shall be used with a browser, execute the GNS CA-setup script. It will isetup the GNS Certificate Authority with the user's browser.
+@example
+$ gnunet-gns-proxy-setup-ca
+@end example
+Finally install a configuration file in @code{~/.gnunet/gnunet.conf}. Below you find an example config which allows you to start GNUnet.
+@example
+[arm]
+SYSTEM_ONLY = NO
+USER_ONLY = NO
+[transport]
+PLUGINS = tcp
+@end example
+@node MOVED FROM USER Checking the Installation
+@section MOVED FROM USER Checking the Installation
+@c %**end of header
+This section describes a quick, casual way to check if your GNUnet
+installation works. However, if it does not, we do not cover
+steps for recovery --- for this, please study the instructions
+provided in the developer handbook as well as the system-specific
+instruction in the source code repository@footnote{The system specific instructions are not provided as part of this handbook!}.
+@menu
+* gnunet-gtk::
+* Statistics::
+* Peer Information::
+@end menu
+@cindex GNUnet GTK
+@cindex GTK
+@cindex GTK user interface
+@node gnunet-gtk
+@subsection gnunet-gtk
+@c %**end of header
+The @command{gnunet-gtk} package contains several graphical
+user interfaces for the respective GNUnet applications.
+Currently these interfaces cover:
+@itemize @bullet
+@item Statistics
+@item Peer Information
+@item GNU Name System
+@item File Sharing
+@item Identity Management
+@item Conversation
+@end itemize
+@node Statistics
+@subsection Statistics
+@c %**end of header
+First, you should launch GNUnet gtk@footnote{Obviously you should also start gnunet, via gnunet-arm or the system provided method}.
+You can do this from the command-line by typing
+@example
+gnunet-statistics-gtk
+@end example
+If your peer@footnote{The term ``peer'' is a common word used in federated and distributed networks to describe a participating device which is connected to the network. Thus, your Personal Computer or whatever it is you are looking at the Gtk+ interface describes a ``Peer'' or a ``Node''.}
+is running correctly, you should see a bunch of lines,
+all of which should be ``significantly'' above zero (at least if your
+peer has been running for more than a few seconds). The lines indicate
+how many other peers your peer is connected to (via different
+mechanisms) and how large the entire overlay network is currently
+estimated to be. The X-axis represents time (in seconds since the
+start of @command{gnunet-gtk}).
+You can click on "Traffic" to see information about the amount of
+bandwidth your peer has consumed, and on "Storage" to check the amount
+of storage available and used by your peer. Note that "Traffic" is
+plotted cumulatively, so you should see a strict upwards trend in the
+traffic.
+@node Peer Information
+@subsection Peer Information
+@c %**end of header
+First, you should launch the graphical user interface.  You can do
+this from the command-line by typing
+@example
+$ gnunet-peerinfo-gtk
+@end example
+Once you have done this, you will see a list of known peers (by the
+first four characters of their public key), their friend status (all
+should be marked as not-friends initially), their connectivity (green
+is connected, red is disconnected), assigned bandwidth, country of
+origin (if determined) and address information. If hardly any peers
+are listed and/or if there are very few peers with a green light for
+connectivity, there is likely a problem with your network
+configuration.
+@c NOTE: Inserted from Installation Handbook in original ``order'':
+@c FIXME: Move this to User Handbook.
+@node MOVED FROM USER The graphical configuration interface
+@section MOVED FROM USER The graphical configuration interface
+If you also would like to use @command{gnunet-gtk} and
+@command{gnunet-setup} (highly recommended for beginners), do:
+@menu
+* Configuring your peer::
+* Configuring the Friend-to-Friend (F2F) mode::
+* Configuring the hostlist to bootstrap::
+* Configuration of the HOSTLIST proxy settings::
+* Configuring your peer to provide a hostlist ::
+* Configuring the datastore::
+* Configuring the MySQL database::
+* Reasons for using MySQL::
+* Reasons for not using MySQL::
+* Setup Instructions::
+* Testing::
+* Performance Tuning::
+* Setup for running Testcases::
+* Configuring the Postgres database::
+* Reasons to use Postgres::
+* Reasons not to use Postgres::
+* Manual setup instructions::
+* Testing the setup manually::
+* Configuring the datacache::
+* Configuring the file-sharing service::
+* Configuring logging::
+* Configuring the transport service and plugins::
+* Configuring the WLAN transport plugin::
+* Configuring HTTP(S) reverse proxy functionality using Apache or nginx::
+* Blacklisting peers::
+* Configuration of the HTTP and HTTPS transport plugins::
+* Configuring the GNU Name System::
+* Configuring the GNUnet VPN::
+* Bandwidth Configuration::
+* Configuring NAT::
+* Peer configuration for distributions::
+@end menu
+@node Configuring your peer
+@subsection Configuring your peer
+This chapter will describe the various configuration options in GNUnet.
+The easiest way to configure your peer is to use the
+@command{gnunet-setup} tool.
+@command{gnunet-setup} is part of the @command{gnunet-gtk}
+application. You might have to install it separately.
+Many of the specific sections from this chapter actually are linked from
+within @command{gnunet-setup} to help you while using the setup tool.
+While you can also configure your peer by editing the configuration
+file by hand, this is not recommended for anyone except for developers
+as it requires a more in-depth understanding of the configuration files
+and internal dependencies of GNUnet.
+@node Configuring the Friend-to-Friend (F2F) mode
+@subsection Configuring the Friend-to-Friend (F2F) mode
+GNUnet knows three basic modes of operation:
+@itemize @bullet
+@item In standard "peer-to-peer" mode,
+your peer will connect to any peer.
+@item In the pure "friend-to-friend"
+mode, your peer will ONLY connect to peers from a list of friends
+specified in the configuration.
+@item Finally, in mixed mode,
+GNUnet will only connect to arbitrary peers if it
+has at least a specified number of connections to friends.
+@end itemize
+When configuring any of the F2F ("friend-to-friend") modes,
+you first need to create a file with the peer identities
+of your friends. Ask your friends to run
+@example
+$ gnunet-peerinfo -sq
+@end example
+@noindent
+The resulting output of this command needs to be added to your
+@file{friends} file, which is simply a plain text file with one line
+per friend with the output from the above command.
+You then specify the location of your @file{friends} file in the
+@code{FRIENDS} option of the "topology" section.
+Once you have created the @file{friends} file, you can tell GNUnet to only
+connect to your friends by setting the @code{FRIENDS-ONLY} option
+(again in the "topology" section) to YES.
+If you want to run in mixed-mode, set "FRIENDS-ONLY" to NO and configure a
+minimum number of friends to have (before connecting to arbitrary peers)
+under the "MINIMUM-FRIENDS" option.
+If you want to operate in normal P2P-only mode, simply set
+@code{MINIMUM-FRIENDS} to zero and @code{FRIENDS_ONLY} to NO.
+This is the default.
+@node Configuring the hostlist to bootstrap
+@subsection Configuring the hostlist to bootstrap
+After installing the software you need to get connected to the GNUnet
+network. The configuration file included in your download is already
+configured to connect you to the GNUnet network.
+In this section the relevant configuration settings are explained.
+To get an initial connection to the GNUnet network and to get to know
+peers already connected to the network you can use the so called
+"bootstrap servers".
+These servers can give you a list of peers connected to the network.
+To use these bootstrap servers you have to configure the hostlist daemon
+to activate bootstrapping.
+To activate bootstrapping, edit the @code{[hostlist]}-section in your
+configuration file. You have to set the argument @command{-b} in the
+options line:
+@example
+[hostlist]
+OPTIONS = -b
+@end example
+Additionally you have to specify which server you want to use.
+The default bootstrapping server is
+"@uref{http://v10.gnunet.org/hostlist, http://v10.gnunet.org/hostlist}".
+[^] To set the server you have to edit the line "SERVERS" in the hostlist
+section. To use the default server you should set the lines to
+@example
+SERVERS = http://v10.gnunet.org/hostlist [^]
+@end example
+@noindent
+To use bootstrapping your configuration file should include these lines:
+@example
+[hostlist]
+OPTIONS = -b
+SERVERS = http://v10.gnunet.org/hostlist [^]
+@end example
+@noindent
+Besides using bootstrap servers you can configure your GNUnet peer to
+receive hostlist advertisements.
+Peers offering hostlists to other peers can send advertisement messages
+to peers that connect to them. If you configure your peer to receive these
+messages, your peer can download these lists and connect to the peers
+included. These lists are persistent, which means that they are saved to
+your hard disk regularly and are loaded during startup.
+To activate hostlist learning you have to add the @command{-e}
+switch to the @code{OPTIONS} line in the hostlist section:
+@example
+[hostlist]
+OPTIONS = -b -e
+@end example
+@noindent
+Furthermore you can specify in which file the lists are saved.
+To save the lists in the file @file{hostlists.file} just add the line:
+@example
+HOSTLISTFILE = hostlists.file
+@end example
+@noindent
+Best practice is to activate both bootstrapping and hostlist learning.
+So your configuration file should include these lines:
+@example
+[hostlist]
+OPTIONS = -b -e
+HTTPPORT = 8080
+SERVERS = http://v10.gnunet.org/hostlist [^]
+HOSTLISTFILE = $SERVICEHOME/hostlists.file
+@end example
+@node Configuration of the HOSTLIST proxy settings
+@subsection Configuration of the HOSTLIST proxy settings
+The hostlist client can be configured to use a proxy to connect to the
+hostlist server.
+This functionality can be configured in the configuration file directly
+or using the @command{gnunet-setup} tool.
+The hostlist client supports the following proxy types at the moment:
+@itemize @bullet
+@item HTTP and HTTP 1.0 only proxy
+@item SOCKS 4/4a/5/5 with hostname
+@end itemize
+In addition authentication at the proxy with username and password can be
+configured.
+To configure proxy support for the hostlist client in the
+@command{gnunet-setup} tool, select the "hostlist" tab and select
+the appropriate proxy type.
+The hostname or IP address (including port if required) has to be entered
+in the "Proxy hostname" textbox. If required, enter username and password
+in the "Proxy username" and "Proxy password" boxes.
+Be aware that this information will be stored in the configuration in
+plain text (TODO: Add explanation and generalize the part in Chapter 3.6
+about the encrypted home).
+To provide these options directly in the configuration, you can
+enter the following settings in the @code{[hostlist]} section of
+the configuration:
+@example
+# Type of proxy server,
+# Valid values: HTTP, HTTP_1_0, SOCKS4, SOCKS5, SOCKS4A, SOCKS5_HOSTNAME
+# Default: HTTP
+# PROXY_TYPE = HTTP
+# Hostname or IP of proxy server
+# PROXY =
+# User name for proxy server
+# PROXY_USERNAME =
+# User password for proxy server
+# PROXY_PASSWORD =
+@end example
+@node Configuring your peer to provide a hostlist
+@subsection Configuring your peer to provide a hostlist
+If you operate a peer permanently connected to GNUnet you can configure
+your peer to act as a hostlist server, providing other peers the list of
+peers known to him.
+Your server can act as a bootstrap server and peers needing to obtain a
+list of peers can contact it to download this list.
+To download this hostlist the peer uses HTTP.
+For this reason you have to build your peer with libgnurl (or libcurl)
+and microhttpd support.
+To configure your peer to act as a bootstrap server you have to add the
+@command{-p} option to @code{OPTIONS} in the @code{[hostlist]} section
+of your configuration file.
+Besides that you have to specify a port number for the http server.
+In conclusion you have to add the following lines:
+@example
+[hostlist]
+HTTPPORT = 12980
+OPTIONS = -p
+@end example
+@noindent
+If your peer acts as a bootstrap server other peers should know about
+that. You can advertise the hostlist your are providing to other peers.
+Peers connecting to your peer will get a message containing an
+advertisement for your hostlist and the URL where it can be downloaded.
+If this peer is in learning mode, it will test the hostlist and, in the
+case it can obtain the list successfully, it will save it for
+bootstrapping.
+To activate hostlist advertisement on your peer, you have to set the
+following lines in your configuration file:
+@example
+[hostlist]
+EXTERNAL_DNS_NAME = example.org
+HTTPPORT = 12981
+OPTIONS = -p -a
+@end example
+@noindent
+With this configuration your peer will a act as a bootstrap server and
+advertise this hostlist to other peers connecting to it.
+The URL used to download the list will be
+@code{@uref{http://example.org:12981/, http://example.org:12981/}}.
+Please notice:
+@itemize @bullet
+@item The hostlist is @b{not} human readable, so you should not try to
+download it using your webbrowser. Just point your GNUnet peer to the
+address!
+@item Advertising without providing a hostlist does not make sense and
+will not work.
+@end itemize
+@node Configuring the datastore
+@subsection Configuring the datastore
+The datastore is what GNUnet uses for long-term storage of file-sharing
+data. Note that long-term does not mean 'forever' since content does have
+an expiration date, and of course storage space is finite (and hence
+sometimes content may have to be discarded).
+Use the @code{QUOTA} option to specify how many bytes of storage space
+you are willing to dedicate to GNUnet.
+In addition to specifying the maximum space GNUnet is allowed to use for
+the datastore, you need to specify which database GNUnet should use to do
+so. Currently, you have the choice between sqLite, MySQL and Postgres.
+@node Configuring the MySQL database
+@subsection Configuring the MySQL database
+This section describes how to setup the MySQL database for GNUnet.
+Note that the mysql plugin does NOT work with mysql before 4.1 since we
+need prepared statements.
+We are generally testing the code against MySQL 5.1 at this point.
+@node Reasons for using MySQL
+@subsection Reasons for using MySQL
+@itemize @bullet
+@item On up-to-date hardware wher
+mysql can be used comfortably, this module
+will have better performance than the other database choices (according
+to our tests).
+@item Its often possible to recover the mysql database from internal
+inconsistencies. Some of the other databases do not support repair.
+@end itemize
+@node Reasons for not using MySQL
+@subsection Reasons for not using MySQL
+@itemize @bullet
+@item Memory usage (likely not an issue if you have more than 1 GB)
+@item Complex manual setup
+@end itemize
+@node Setup Instructions
+@subsection Setup Instructions
+@itemize @bullet
+@item In @file{gnunet.conf} set in section @code{DATASTORE} the value for
+@code{DATABASE} to @code{mysql}.
+@item Access mysql as root:
+@example
+$ mysql -u root -p
+@end example
+@noindent
+and issue the following commands, replacing $USER with the username
+that will be running @command{gnunet-arm} (so typically "gnunet"):
+@example
+CREATE DATABASE gnunet;
+GRANT select,insert,update,delete,create,alter,drop,create \
+temporary tables ON gnunet.* TO $USER@@localhost;
+SET PASSWORD FOR $USER@@localhost=PASSWORD('$the_password_you_like');
+FLUSH PRIVILEGES;
+@end example
+@item
+In the $HOME directory of $USER, create a @file{.my.cnf} file with the
+following lines
+@example
+[client]
+user=$USER
+password=$the_password_you_like
+@end example
+@end itemize
+That's it. Note that @file{.my.cnf} file is a slight security risk unless
+its on a safe partition. The @file{$HOME/.my.cnf} can of course be
+a symbolic link.
+Luckily $USER has only privileges to mess up GNUnet's tables,
+which should be pretty harmless.
+@node Testing
+@subsection Testing
+You should briefly try if the database connection works. First, login
+as $USER. Then use:
+@example
+$ mysql -u $USER
+mysql> use gnunet;
+@end example
+@noindent
+If you get the message
+@example
+Database changed
+@end example
+@noindent
+it probably works.
+If you get
+@example
+ERROR 2002: Can't connect to local MySQL server
+through socket '/tmp/mysql.sock' (2)
+@end example
+@noindent
+it may be resolvable by
+@example
+ln -s /var/run/mysqld/mysqld.sock /tmp/mysql.sock
+@end example
+@noindent
+so there may be some additional trouble depending on your mysql setup.
+@node Performance Tuning
+@subsection Performance Tuning
+For GNUnet, you probably want to set the option
+@example
+innodb_flush_log_at_trx_commit = 0
+@end example
+@noindent
+for a rather dramatic boost in MySQL performance. However, this reduces
+the "safety" of your database as with this options you may loose
+transactions during a power outage.
+While this is totally harmless for GNUnet, the option applies to all
+applications using MySQL. So you should set it if (and only if) GNUnet is
+the only application on your system using MySQL.
+@node Setup for running Testcases
+@subsection Setup for running Testcases
+If you want to run the testcases, you must create a second database
+"gnunetcheck" with the same username and password. This database will
+then be used for testing (@command{make check}).
+@node Configuring the Postgres database
+@subsection Configuring the Postgres database
+This text describes how to setup the Postgres database for GNUnet.
+This Postgres plugin was developed for Postgres 8.3 but might work for
+earlier versions as well.
+@node Reasons to use Postgres
+@subsection Reasons to use Postgres
+@itemize @bullet
+@item Easier to setup than MySQL
+@item Real database
+@end itemize
+@node Reasons not to use Postgres
+@subsection Reasons not to use Postgres
+@itemize @bullet
+@item Quite slow
+@item Still some manual setup required
+@end itemize
+@node Manual setup instructions
+@subsection Manual setup instructions
+@itemize @bullet
+@item In @file{gnunet.conf} set in section @code{DATASTORE} the value for
+@code{DATABASE} to @code{postgres}.
+@item Access Postgres to create a user:
+@table @asis
+@item with Postgres 8.x, use:
+@example
+# su - postgres
+$ createuser
+@end example
+@noindent
+and enter the name of the user running GNUnet for the role interactively.
+Then, when prompted, do not set it to superuser, allow the creation of
+databases, and do not allow the creation of new roles.
+@item with Postgres 9.x, use:
+@example
+# su - postgres
+$ createuser -d $GNUNET_USER
+@end example
+@noindent
+where $GNUNET_USER is the name of the user running GNUnet.
+@end table
+@item
+As that user (so typically as user "gnunet"), create a database (or two):
+@example
+$ createdb gnunet
+# this way you can run "make check"
+$ createdb gnunetcheck
+@end example
+@end itemize
+Now you should be able to start @code{gnunet-arm}.
+@node Testing the setup manually
+@subsection Testing the setup manually
+You may want to try if the database connection works. First, again login
+as the user who will run @command{gnunet-arm}. Then use:
+@example
+$ psql gnunet # or gnunetcheck
+gnunet=> \dt
+@end example
+@noindent
+If, after you have started @command{gnunet-arm} at least once, you get
+a @code{gn090} table here, it probably works.
+@node Configuring the datacache
+@subsection Configuring the datacache
+@c %**end of header
+The datacache is what GNUnet uses for storing temporary data. This data is
+expected to be wiped completely each time GNUnet is restarted (or the
+system is rebooted).
+You need to specify how many bytes GNUnet is allowed to use for the
+datacache using the @code{QUOTA} option in the section @code{[dhtcache]}.
+Furthermore, you need to specify which database backend should be used to
+store the data. Currently, you have the choice between
+sqLite, MySQL and Postgres.
+@node Configuring the file-sharing service
+@subsection Configuring the file-sharing service
+In order to use GNUnet for file-sharing, you first need to make sure
+that the file-sharing service is loaded.
+This is done by setting the @code{START_ON_DEMAND} option in
+section @code{[fs]} to "YES". Alternatively, you can run
+@example
+$ gnunet-arm -i fs
+@end example
+@noindent
+to start the file-sharing service by hand.
+Except for configuring the database and the datacache the only important
+option for file-sharing is content migration.
+Content migration allows your peer to cache content from other peers as
+well as send out content stored on your system without explicit requests.
+This content replication has positive and negative impacts on both system
+performance and privacy.
+FIXME: discuss the trade-offs. Here is some older text about it...
+Setting this option to YES allows gnunetd to migrate data to the local
+machine. Setting this option to YES is highly recommended for efficiency.
+Its also the default. If you set this value to YES, GNUnet will store
+content on your machine that you cannot decrypt.
+While this may protect you from liability if the judge is sane, it may
+not (IANAL). If you put illegal content on your machine yourself, setting
+this option to YES will probably increase your chances to get away with it
+since you can plausibly deny that you inserted the content.
+Note that in either case, your anonymity would have to be broken first
+(which may be possible depending on the size of the GNUnet network and the
+strength of the adversary).
+@node Configuring logging
+@subsection Configuring logging
+Logging in GNUnet 0.9.0 is controlled via the "-L" and "-l" options.
+Using @code{-L}, a log level can be specified. With log level
+@code{ERROR} only serious errors are logged.
+The default log level is @code{WARNING} which causes anything of
+concern to be logged.
+Log level @code{INFO} can be used to log anything that might be
+interesting information whereas
+@code{DEBUG} can be used by developers to log debugging messages
+(but you need to run @code{./configure} with
+@code{--enable-logging=verbose} to get them compiled).
+The @code{-l} option is used to specify the log file.
+Since most GNUnet services are managed by @code{gnunet-arm}, using the
+@code{-l} or @code{-L} options directly is not possible.
+Instead, they can be specified using the @code{OPTIONS} configuration
+value in the respective section for the respective service.
+In order to enable logging globally without editing the @code{OPTIONS}
+values for each service, @command{gnunet-arm} supports a
+@code{GLOBAL_POSTFIX} option.
+The value specified here is given as an extra option to all services for
+which the configuration does contain a service-specific @code{OPTIONS}
+field.
+@code{GLOBAL_POSTFIX} can contain the special sequence "@{@}" which
+is replaced by the name of the service that is being started.
+Furthermore, @code{GLOBAL_POSTFIX} is special in that sequences
+starting with "$" anywhere in the string are expanded (according
+to options in @code{PATHS}); this expansion otherwise is
+only happening for filenames and then the "$" must be the
+first character in the option. Both of these restrictions do
+not apply to @code{GLOBAL_POSTFIX}.
+Note that specifying @code{%} anywhere in the @code{GLOBAL_POSTFIX}
+disables both of these features.
+In summary, in order to get all services to log at level
+@code{INFO} to log-files called @code{SERVICENAME-logs}, the
+following global prefix should be used:
+@example
+GLOBAL_POSTFIX = -l $SERVICEHOME/@{@}-logs -L INFO
+@end example
+@node Configuring the transport service and plugins
+@subsection Configuring the transport service and plugins
+The transport service in GNUnet is responsible to maintain basic
+connectivity to other peers.
+Besides initiating and keeping connections alive it is also responsible
+for address validation.
+The GNUnet transport supports more than one transport protocol.
+These protocols are configured together with the transport service.
+The configuration section for the transport service itself is quite
+similar to all the other services
+@example
+START_ON_DEMAND = YES
+@@UNIXONLY@@ PORT = 2091
+HOSTNAME = localhost
+HOME = $SERVICEHOME
+CONFIG = $DEFAULTCONFIG
+BINARY = gnunet-service-transport
+#PREFIX = valgrind
+NEIGHBOUR_LIMIT = 50
+ACCEPT_FROM = 127.0.0.1;
+ACCEPT_FROM6 = ::1;
+PLUGINS = tcp udp
+UNIXPATH = /tmp/gnunet-service-transport.sock
+@end example
+Different are the settings for the plugins to load @code{PLUGINS}.
+The first setting specifies which transport plugins to load.
+@itemize @bullet
+@item transport-unix
+A plugin for local only communication with UNIX domain sockets. Used for
+testing and available on unix systems only. Just set the port
+@example
+[transport-unix]
+PORT = 22086
+TESTING_IGNORE_KEYS = ACCEPT_FROM;
+@end example
+@item transport-tcp
+A plugin for communication with TCP. Set port to 0 for client mode with
+outbound only connections
+@example
+[transport-tcp]
+# Use 0 to ONLY advertise as a peer behind NAT (no port binding)
+PORT = 2086
+ADVERTISED_PORT = 2086
+TESTING_IGNORE_KEYS = ACCEPT_FROM;
+# Maximum number of open TCP connections allowed
+MAX_CONNECTIONS = 128
+@end example
+@item transport-udp
+A plugin for communication with UDP. Supports peer discovery using
+broadcasts.
+@example
+[transport-udp]
+PORT = 2086
+BROADCAST = YES
+BROADCAST_INTERVAL = 30 s
+MAX_BPS = 1000000
+TESTING_IGNORE_KEYS = ACCEPT_FROM;
+@end example
+@item transport-http
+HTTP and HTTPS support is split in two part: a client plugin initiating
+outbound connections and a server part accepting connections from the
+client. The client plugin just takes the maximum number of connections as
+an argument.
+@example
+[transport-http_client]
+MAX_CONNECTIONS = 128
+TESTING_IGNORE_KEYS = ACCEPT_FROM;
+@end example
+@example
+[transport-https_client]
+MAX_CONNECTIONS = 128
+TESTING_IGNORE_KEYS = ACCEPT_FROM;
+@end example
+@noindent
+The server has a port configured and the maximum number of connections.
+The HTTPS part has two files with the certificate key and the certificate
+file.
+The server plugin supports reverse proxies, so a external hostname can be
+set using the @code{EXTERNAL_HOSTNAME} setting.
+The webserver under this address should forward the request to the peer
+and the configure port.
+@example
+[transport-http_server]
+EXTERNAL_HOSTNAME = fulcrum.net.in.tum.de/gnunet
+PORT = 1080
+MAX_CONNECTIONS = 128
+TESTING_IGNORE_KEYS = ACCEPT_FROM;
+@end example
+@example
+[transport-https_server]
+PORT = 4433
+CRYPTO_INIT = NORMAL
+KEY_FILE = https.key
+CERT_FILE = https.cert
+MAX_CONNECTIONS = 128
+TESTING_IGNORE_KEYS = ACCEPT_FROM;
+@end example
+@item transport-wlan
+The next section describes how to setup the WLAN plugin,
+so here only the settings. Just specify the interface to use:
+@example
+[transport-wlan]
+# Name of the interface in monitor mode (typically monX)
+INTERFACE = mon0
+# Real hardware, no testing
+TESTMODE = 0
+TESTING_IGNORE_KEYS = ACCEPT_FROM;
+@end example
+@end itemize
+@node Configuring the WLAN transport plugin
+@subsection Configuring the WLAN transport plugin
+The wlan transport plugin enables GNUnet to send and to receive data on a
+wlan interface.
+It has not to be connected to a wlan network as long as sender and
+receiver are on the same channel. This enables you to get connection to
+GNUnet where no internet access is possible, for example during
+catastrophes or when censorship cuts you off from the internet.
+@menu
+* Requirements for the WLAN plugin::
+* Configuration::
+* Before starting GNUnet::
+* Limitations and known bugs::
+@end menu
+@node Requirements for the WLAN plugin
+@subsubsection Requirements for the WLAN plugin
+@itemize @bullet
+@item wlan network card with monitor support and packet injection
+(see @uref{http://www.aircrack-ng.org/, aircrack-ng.org})
+@item Linux kernel with mac80211 stack, introduced in 2.6.22, tested with
+2.6.35 and 2.6.38
+@item Wlantools to create the a monitor interface, tested with airmon-ng
+of the aircrack-ng package
+@end itemize
+@node Configuration
+@subsubsection Configuration
+There are the following options for the wlan plugin (they should be like
+this in your default config file, you only need to adjust them if the
+values are incorrect for your system)
+@example
+# section for the wlan transport plugin
+[transport-wlan]
+# interface to use, more information in the
+# "Before starting GNUnet" section of the handbook.
+INTERFACE = mon0
+# testmode for developers:
+# 0 use wlan interface,
+#1 or 2 use loopback driver for tests 1 = server, 2 = client
+TESTMODE = 0
+@end example
+@node Before starting GNUnet
+@subsubsection Before starting GNUnet
+Before starting GNUnet, you have to make sure that your wlan interface is
+in monitor mode.
+One way to put the wlan interface into monitor mode (if your interface
+name is wlan0) is by executing:
+@example
+sudo airmon-ng start wlan0
+@end example
+@noindent
+Here is an example what the result should look like:
+@example
+Interface Chipset Driver
+wlan0 Intel 4965 a/b/g/n iwl4965 - [phy0]
+(monitor mode enabled on mon0)
+@end example
+@noindent
+The monitor interface is mon0 is the one that you have to put into the
+configuration file.
+@node Limitations and known bugs
+@subsubsection Limitations and known bugs
+Wlan speed is at the maximum of 1 Mbit/s because support for choosing the
+wlan speed with packet injection was removed in newer kernels.
+Please pester the kernel developers about fixing this.
+The interface channel depends on the wlan network that the card is
+connected to. If no connection has been made since the start of the
+computer, it is usually the first channel of the card.
+Peers will only find each other and communicate if they are on the same
+channel. Channels must be set manually, i.e. using:
+@example
+iwconfig wlan0 channel 1
+@end example
+@node Configuring HTTP(S) reverse proxy functionality using Apache or nginx
+@subsection Configuring HTTP(S) reverse proxy functionality using Apache or nginx
+The HTTP plugin supports data transfer using reverse proxies. A reverse
+proxy forwards the HTTP request he receives with a certain URL to another
+webserver, here a GNUnet peer.
+So if you have a running Apache or nginx webserver you can configure it to
+be a GNUnet reverse proxy. Especially if you have a well-known webiste
+this improves censorship resistance since it looks as normal surfing
+behaviour.
+To do so, you have to do two things:
+@itemize @bullet
+@item Configure your webserver to forward the GNUnet HTTP traffic
+@item Configure your GNUnet peer to announce the respective address
+@end itemize
+As an example we want to use GNUnet peer running:
+@itemize @bullet
+@item HTTP server plugin on @code{gnunet.foo.org:1080}
+@item HTTPS server plugin on @code{gnunet.foo.org:4433}
+@item A apache or nginx webserver on
+@uref{http://www.foo.org/, http://www.foo.org:80/}
+@item A apache or nginx webserver on https://www.foo.org:443/
+@end itemize
+And we want the webserver to accept GNUnet traffic under
+@code{http://www.foo.org/bar/}. The required steps are described here:
+@menu
+* Reverse Proxy - Configure your Apache2 HTTP webserver::
+* Reverse Proxy - Configure your Apache2 HTTPS webserver::
+* Reverse Proxy - Configure your nginx HTTPS webserver::
+* Reverse Proxy - Configure your nginx HTTP webserver::
+* Reverse Proxy - Configure your GNUnet peer::
+@end menu
+@node Reverse Proxy - Configure your Apache2 HTTP webserver
+@subsubsection Reverse Proxy - Configure your Apache2 HTTP webserver
+First of all you need mod_proxy installed.
+Edit your webserver configuration. Edit
+@code{/etc/apache2/apache2.conf} or the site-specific configuration file.
+In the respective @code{server config},@code{virtual host} or
+@code{directory} section add the following lines:
+@example
+ProxyTimeout 300
+ProxyRequests Off
+<Location /bar/ >
+ProxyPass http://gnunet.foo.org:1080/
+ProxyPassReverse http://gnunet.foo.org:1080/
+</Location>
+@end example
+@node Reverse Proxy - Configure your Apache2 HTTPS webserver
+@subsubsection Reverse Proxy - Configure your Apache2 HTTPS webserver
+We assume that you already have an HTTPS server running, if not please
+check how to configure a HTTPS host. An uncomplicated to use example
+is the example configuration file for Apache2/HTTPD provided in
+@file{apache2/sites-available/default-ssl}.
+In the respective HTTPS @code{server config},@code{virtual host} or
+@code{directory} section add the following lines:
+@example
+SSLProxyEngine On
+ProxyTimeout 300
+ProxyRequests Off
+<Location /bar/ >
+ProxyPass https://gnunet.foo.org:4433/
+ProxyPassReverse https://gnunet.foo.org:4433/
+</Location>
+@end example
+@noindent
+More information about the apache mod_proxy configuration can be found
+in the Apache documentation@footnote{@uref{http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxypass, http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxypass}}
+@node Reverse Proxy - Configure your nginx HTTPS webserver
+@subsubsection Reverse Proxy - Configure your nginx HTTPS webserver
+Since nginx does not support chunked encoding, you first of all have to
+install the @code{chunkin} module@footnote{@uref{http://wiki.nginx.org/HttpChunkinModule, http://wiki.nginx.org/HttpChunkinModule}}
+To enable chunkin add:
+@example
+chunkin on;
+error_page 411 = @@my_411_error;
+location @@my_411_error @{
+chunkin_resume;
+@}
+@end example
+@noindent
+Edit your webserver configuration. Edit @file{/etc/nginx/nginx.conf} or
+the site-specific configuration file.
+In the @code{server} section add:
+@example
+location /bar/ @{
+proxy_pass http://gnunet.foo.org:1080/;
+proxy_buffering off;
+proxy_connect_timeout 5; # more than http_server
+proxy_read_timeout 350; # 60 default, 300s is GNUnet's idle timeout
+proxy_http_version 1.1; # 1.0 default
+proxy_next_upstream error timeout invalid_header http_500 http_503 http_502 http_504;
+@}
+@end example
+@node Reverse Proxy - Configure your nginx HTTP webserver
+@subsubsection Reverse Proxy - Configure your nginx HTTP webserver
+Edit your webserver configuration. Edit @file{/etc/nginx/nginx.conf} or
+the site-specific configuration file.
+In the @code{server} section add:
+@example
+ssl_session_timeout 6m;
+location /bar/
+@{
+proxy_pass https://gnunet.foo.org:4433/;
+proxy_buffering off;
+proxy_connect_timeout 5; # more than http_server
+proxy_read_timeout 350; # 60 default, 300s is GNUnet's idle timeout
+proxy_http_version 1.1; # 1.0 default
+proxy_next_upstream error timeout invalid_header http_500 http_503 http_502 http_504;
+@}
+@end example
+@node Reverse Proxy - Configure your GNUnet peer
+@subsubsection Reverse Proxy - Configure your GNUnet peer
+To have your GNUnet peer announce the address, you have to specify the
+@code{EXTERNAL_HOSTNAME} option in the @code{[transport-http_server]}
+section:
+@example
+[transport-http_server]
+EXTERNAL_HOSTNAME = http://www.foo.org/bar/
+@end example
+@noindent
+and/or @code{[transport-https_server]} section:
+@example
+[transport-https_server]
+EXTERNAL_HOSTNAME = https://www.foo.org/bar/
+@end example
+@noindent
+Now restart your webserver and your peer...
+@node Blacklisting peers
+@subsection Blacklisting peers
+Transport service supports to deny connecting to a specific peer of to a
+specific peer with a specific transport plugin using te blacklisting
+component of transport service. With@ blacklisting it is possible to deny
+connections to specific peers of@ to use a specific plugin to a specific
+peer. Peers can be blacklisted using@ the configuration or a blacklist
+client can be asked.
+To blacklist peers using the configuration you have to add a section to
+your configuration containing the peer id of the peer to blacklist and
+the plugin@ if required.
+Examples:
+To blacklist connections to P565... on peer AG2P... using tcp add:
+@c FIXME: This is too long and produces errors in the pdf.
+@example
+[transport-blacklist AG2PHES1BARB9IJCPAMJTFPVJ5V3A72S3F2A8SBUB8DAQ2V0O3V8G6G2JU56FHGFOHMQVKBSQFV98TCGTC3RJ1NINP82G0RC00N1520]
+P565723JO1C2HSN6J29TAQ22MN6CI8HTMUU55T0FUQG4CMDGGEQ8UCNBKUMB94GC8R9G4FB2SF9LDOBAJ6AMINBP4JHHDD6L7VD801G = tcp
+@end example
+To blacklist connections to P565... on peer AG2P... using all plugins add:
+@example
+[transport-blacklist-AG2PHES1BARB9IJCPAMJTFPVJ5V3A72S3F2A8SBUB8DAQ2V0O3V8G6G2JU56FHGFOHMQVKBSQFV98TCGTC3RJ1NINP82G0RC00N1520]
+P565723JO1C2HSN6J29TAQ22MN6CI8HTMUU55T0FUQG4CMDGGEQ8UCNBKUMB94GC8R9G4FB2SF9LDOBAJ6AMINBP4JHHDD6L7VD801G =
+@end example
+You can also add a blacklist client usign the blacklist API. On a
+blacklist check, blacklisting first checks internally if the peer is
+blacklisted and if not, it asks the blacklisting clients. Clients are
+asked if it is OK to connect to a peer ID, the plugin is omitted.
+On blacklist check for (peer, plugin)
+@itemize @bullet
+@item Do we have a local blacklist entry for this peer and this plugin?@
+@item YES: disallow connection@
+@item Do we have a local blacklist entry for this peer and all plugins?@
+@item YES: disallow connection@
+@item Does one of the clients disallow?@
+@item YES: disallow connection
+@end itemize
+@node Configuration of the HTTP and HTTPS transport plugins
+@subsection Configuration of the HTTP and HTTPS transport plugins
+The client parts of the http and https transport plugins can be configured
+to use a proxy to connect to the hostlist server. This functionality can
+be configured in the configuration file directly or using the
+gnunet-setup tool.
+Both the HTTP and HTTPS clients support the following proxy types at
+the moment:
+@itemize @bullet
+@item HTTP 1.1 proxy
+@item SOCKS 4/4a/5/5 with hostname
+@end itemize
+In addition authentication at the proxy with username and password can be
+configured.
+To configure proxy support for the clients in the gnunet-setup tool,
+select the "transport" tab and activate the respective plugin. Now you
+can select the appropriate proxy type. The hostname or IP address
+(including port if required) has to be entered in the "Proxy hostname"
+textbox. If required, enter username and password in the "Proxy username"
+and "Proxy password" boxes. Be aware that these information will be stored
+in the configuration in plain text.
+To configure these options directly in the configuration, you can
+configure the following settings in the @code{[transport-http_client]}
+and @code{[transport-https_client]} section of the configuration:
+@example
+# Type of proxy server,
+# Valid values: HTTP, SOCKS4, SOCKS5, SOCKS4A, SOCKS5_HOSTNAME
+# Default: HTTP
+# PROXY_TYPE = HTTP
+# Hostname or IP of proxy server
+# PROXY =
+# User name for proxy server
+# PROXY_USERNAME =
+# User password for proxy server
+# PROXY_PASSWORD =
+@end example
+@node Configuring the GNU Name System
+@subsection Configuring the GNU Name System
+@menu
+* Configuring system-wide DNS interception::
+* Configuring the GNS nsswitch plugin::
+* Configuring GNS on W32::
+* GNS Proxy Setup::
+* Setup of the GNS CA::
+* Testing the GNS setup::
+@end menu
+@node Configuring system-wide DNS interception
+@subsubsection Configuring system-wide DNS interception
+Before you install GNUnet, make sure you have a user and group 'gnunet'
+as well as an empty group 'gnunetdns'.
+When using GNUnet with system-wide DNS interception, it is absolutely
+necessary for all GNUnet service processes to be started by
+@code{gnunet-service-arm} as user and group 'gnunet'. You also need to be
+sure to run @code{make install} as root (or use the @code{sudo} option to
+configure) to grant GNUnet sufficient privileges.
+With this setup, all that is required for enabling system-wide DNS
+interception is for some GNUnet component (VPN or GNS) to request it.
+The @code{gnunet-service-dns} will then start helper programs that will
+make the necessary changes to your firewall (@code{iptables}) rules.
+Note that this will NOT work if your system sends out DNS traffic to a
+link-local IPv6 address, as in this case GNUnet can intercept the traffic,
+but not inject the responses from the link-local IPv6 address. Hence you
+cannot use system-wide DNS interception in conjunction with link-local
+IPv6-based DNS servers. If such a DNS server is used, it will bypass
+GNUnet's DNS traffic interception.
+Using the GNU Name System (GNS) requires two different configuration
+steps.
+First of all, GNS needs to be integrated with the operating system. Most
+of this section is about the operating system level integration.
+The remainder of this chapter will detail the various methods for
+configuring the use of GNS with your operating system.
+At this point in time you have different options depending on your OS:
+@table @asis
+@item Use the gnunet-gns-proxy This approach works for all operating
+systems and is likely the easiest. However, it enables GNS only for
+browsers, not for other applications that might be using DNS, such as SSH.
+Still, using the proxy is required for using HTTP with GNS and is thus
+recommended for all users. To do this, you simply have to run the
+@code{gnunet-gns-proxy-setup-ca} script as the user who will run the
+browser (this will create a GNS certificate authority (CA) on your system
+and import its key into your browser), then start @code{gnunet-gns-proxy}
+and inform your browser to use the Socks5 proxy which
+@code{gnunet-gns-proxy} makes available by default on port 7777.
+@item Use a nsswitch plugin (recommended on GNU systems)
+This approach has the advantage of offering fully personalized resolution
+even on multi-user systems. A potential disadvantage is that some
+applications might be able to bypass GNS.
+@item Use a W32 resolver plugin (recommended on W32)
+This is currently the only option on W32 systems.
+@item Use system-wide DNS packet interception
+This approach is recommended for the GNUnet VPN. It can be used to handle
+GNS at the same time; however, if you only use this method, you will only
+get one root zone per machine (not so great for multi-user systems).
+@end table
+You can combine system-wide DNS packet interception with the nsswitch
+plugin.
+The setup of the system-wide DNS interception is described here. All of
+the other GNS-specific configuration steps are described in the following
+sections.
+@node Configuring the GNS nsswitch plugin
+@subsubsection Configuring the GNS nsswitch plugin
+The Name Service Switch (NSS) is a facility in Unix-like operating systems
+@footnote{More accurate: NSS is a functionality of the GNU C Library}
+that provides a variety of sources for common configuration databases and
+name resolution mechanisms.
+A superuser (system administrator) usually configures the
+operating system's name services using the file
+@file{/etc/nsswitch.conf}.
+GNS provides a NSS plugin to integrate GNS name resolution with the
+operating system's name resolution process.
+To use the GNS NSS plugin you have to either
+@itemize @bullet
+@item install GNUnet as root or
+@item compile GNUnet with the @code{--with-sudo=yes} switch.
+@end itemize
+Name resolution is controlled by the @emph{hosts} section in the NSS
+configuration. By default this section first performs a lookup in the
+@file{/etc/hosts} file and then in DNS.
+The nsswitch file should contain a line similar to:
+@example
+hosts: files dns [NOTFOUND=return] mdns4_minimal mdns4
+@end example
+@noindent
+Here the GNS NSS plugin can be added to perform a GNS lookup before
+performing a DNS lookup.
+The GNS NSS plugin has to be added to the "hosts" section in
+@file{/etc/nsswitch.conf} file before DNS related plugins:
+@example
+...
+hosts: files gns [NOTFOUND=return] dns mdns4_minimal mdns4
+...
+@end example
+@noindent
+The @code{NOTFOUND=return} will ensure that if a @code{.gnu} name is not
+found in GNS it will not be queried in DNS.
+@node Configuring GNS on W32
+@subsubsection Configuring GNS on W32
+This document is a guide to configuring GNU Name System on W32-compatible
+platforms.
+After GNUnet is installed, run the w32nsp-install tool:
+@example
+w32nsp-install.exe libw32nsp-0.dll
+@end example
+@noindent
+('0' is the library version of W32 NSP; it might increase in the future,
+change the invocation accordingly).
+This will install GNS namespace provider into the system and allow other
+applications to resolve names that end in '@strong{gnu}'
+and '@strong{zkey}'. Note that namespace provider requires
+gnunet-gns-helper-service-w32 to be running, as well as gns service
+itself (and its usual dependencies).
+Namespace provider is hardcoded to connect to @strong{127.0.0.1:5353},
+and this is where gnunet-gns-helper-service-w32 should be listening to
+(and is configured to listen to by default).
+To uninstall the provider, run:
+@example
+w32nsp-uninstall.exe
+@end example
+@noindent
+(uses provider GUID to uninstall it, does not need a dll name).
+Note that while MSDN claims that other applications will only be able to
+use the new namespace provider after re-starting, in reality they might
+stat to use it without that. Conversely, they might stop using the
+provider after it's been uninstalled, even if they were not re-started.
+W32 will not permit namespace provider library to be deleted or
+overwritten while the provider is installed, and while there is at least
+one process still using it (even after it was uninstalled).
+@node GNS Proxy Setup
+@subsubsection GNS Proxy Setup
+When using the GNU Name System (GNS) to browse the WWW, there are several
+issues that can be solved by adding the GNS Proxy to your setup:
+@itemize @bullet
+@item If the target website does not support GNS, it might assume that it
+is operating under some name in the legacy DNS system (such as
+example.com). It may then attempt to set cookies for that domain, and the
+web server might expect a @code{Host: example.com} header in the request
+from your browser.
+However, your browser might be using @code{example.gnu} for the
+@code{Host} header and might only accept (and send) cookies for
+@code{example.gnu}. The GNS Proxy will perform the necessary translations
+of the hostnames for cookies and HTTP headers (using the LEHO record for
+the target domain as the desired substitute).
+@item If using HTTPS, the target site might include an SSL certificate
+which is either only valid for the LEHO domain or might match a TLSA
+record in GNS. However, your browser would expect a valid certificate for
+@code{example.gnu}, not for some legacy domain name. The proxy will
+validate the certificate (either against LEHO or TLSA) and then
+on-the-fly produce a valid certificate for the exchange, signed by your
+own CA. Assuming you installed the CA of your proxy in your browser's
+certificate authority list, your browser will then trust the
+HTTPS/SSL/TLS connection, as the hostname mismatch is hidden by the proxy.
+@item Finally, the proxy will in the future indicate to the server that it
+speaks GNS, which will enable server operators to deliver GNS-enabled web
+sites to your browser (and continue to deliver legacy links to legacy
+browsers)
+@end itemize
+@node Setup of the GNS CA
+@subsubsection Setup of the GNS CA
+First you need to create a CA certificate that the proxy can use.
+To do so use the provided script gnunet-gns-proxy-ca:
+@example
+$ gnunet-gns-proxy-setup-ca
+@end example
+@noindent
+This will create a personal certification authority for you and add this
+authority to the firefox and chrome database. The proxy will use the this
+CA certificate to generate @code{*.gnu} client certificates on the fly.
+Note that the proxy uses libcurl. Make sure your version of libcurl uses
+GnuTLS and NOT OpenSSL. The proxy will @b{not} work with libcurl compiled
+against OpenSSL.
+You can check the configuration your libcurl was build with by
+running:
+@example
+curl --version
+@end example
+the output will look like this (without the linebreaks):
+@example
+gnurl --version
+curl 7.56.0 (x86_64-unknown-linux-gnu) libcurl/7.56.0 \
+GnuTLS/3.5.13 zlib/1.2.11 libidn2/2.0.4
+Release-Date: 2017-10-08
+Protocols: http https
+Features: AsynchDNS IDN IPv6 Largefile NTLM SSL libz \
+TLS-SRP UnixSockets HTTPS-proxy
+@end example
+@node Testing the GNS setup
+@subsubsection Testing the GNS setup
+Now for testing purposes we can create some records in our zone to test
+the SSL functionality of the proxy:
+@example
+$ gnunet-identity -C test
+$ gnunet-namestore -a -e "1 d" -n "homepage" \
+  -t A -V 131.159.74.67 -z test
+$ gnunet-namestore -a -e "1 d" -n "homepage" \
+  -t LEHO -V "gnunet.org" -z test
+@end example
+@noindent
+At this point we can start the proxy. Simply execute
+@example
+$ gnunet-gns-proxy
+@end example
+@noindent
+Configure your browser to use this SOCKSv5 proxy on port 7777 and visit
+this link.
+If you use @command{Firefox} (or one of its derivatives/forks such as
+Icecat) you also have to go to @code{about:config} and set the key
+@code{network.proxy.socks_remote_dns} to @code{true}.
+When you visit @code{https://homepage.test/}, you should get to the
+@code{https://gnunet.org/} frontpage and the browser (with the correctly
+configured proxy) should give you a valid SSL certificate for
+@code{homepage.gnu} and no warnings. It should look like this:
+@c FIXME: Image does not exist, create it or save it from Drupal?
+@c @image{images/gnunethpgns.png,5in,, picture of homepage.gnu in Webbrowser}
+@node Configuring the GNUnet VPN
+@subsection Configuring the GNUnet VPN
+@menu
+* IPv4 address for interface::
+* IPv6 address for interface::
+* Configuring the GNUnet VPN DNS::
+* Configuring the GNUnet VPN Exit Service::
+* IP Address of external DNS resolver::
+* IPv4 address for Exit interface::
+* IPv6 address for Exit interface::
+@end menu
+Before configuring the GNUnet VPN, please make sure that system-wide DNS
+interception is configured properly as described in the section on the
+GNUnet DNS setup. @pxref{Configuring the GNU Name System},
+if you haven't done so already.
+The default options for the GNUnet VPN are usually sufficient to use
+GNUnet as a Layer 2 for your Internet connection.
+However, what you always have to specify is which IP protocol you want
+to tunnel: IPv4, IPv6 or both.
+Furthermore, if you tunnel both, you most likely should also tunnel
+all of your DNS requests.
+You theoretically can tunnel "only" your DNS traffic, but that usually
+makes little sense.
+The other options as shown on the gnunet-setup tool are:
+@node IPv4 address for interface
+@subsubsection IPv4 address for interface
+This is the IPv4 address the VPN interface will get. You should pick an
+'private' IPv4 network that is not yet in use for you system. For example,
+if you use @code{10.0.0.1/255.255.0.0} already, you might use
+@code{10.1.0.1/255.255.0.0}.
+If you use @code{10.0.0.1/255.0.0.0} already, then you might use
+@code{192.168.0.1/255.255.0.0}.
+If your system is not in a private IP-network, using any of the above will
+work fine.
+You should try to make the mask of the address big enough
+(@code{255.255.0.0} or, even better, @code{255.0.0.0}) to allow more
+mappings of remote IP Addresses into this range.
+However, even a @code{255.255.255.0} mask will suffice for most users.
+@node IPv6 address for interface
+@subsubsection IPv6 address for interface
+The IPv6 address the VPN interface will get. Here you can specify any
+non-link-local address (the address should not begin with @code{fe80:}).
+A subnet Unique Local Unicast (@code{fd00::/8} prefix) that you are
+currently not using would be a good choice.
+@node Configuring the GNUnet VPN DNS
+@subsubsection Configuring the GNUnet VPN DNS
+To resolve names for remote nodes, activate the DNS exit option.
+@node Configuring the GNUnet VPN Exit Service
+@subsubsection Configuring the GNUnet VPN Exit Service
+If you want to allow other users to share your Internet connection (yes,
+this may be dangerous, just as running a Tor exit node) or want to
+provide access to services on your host (this should be less dangerous,
+as long as those services are secure), you have to enable the GNUnet exit
+daemon.
+You then get to specify which exit functions you want to provide. By
+enabling the exit daemon, you will always automatically provide exit
+functions for manually configured local services (this component of the
+system is under
+development and not documented further at this time). As for those
+services you explicitly specify the target IP address and port, there is
+no significant security risk in doing so.
+Furthermore, you can serve as a DNS, IPv4 or IPv6 exit to the Internet.
+Being a DNS exit is usually pretty harmless. However, enabling IPv4 or
+IPv6-exit without further precautions may enable adversaries to access
+your local network, send spam, attack other systems from your Internet
+connection and to other mischief that will appear to come from your
+machine. This may or may not get you into legal trouble.
+If you want to allow IPv4 or IPv6-exit functionality, you should strongly
+consider adding additional firewall rules manually to protect your local
+network and to restrict outgoing TCP traffic (i.e. by not allowing access
+to port 25). While we plan to improve exit-filtering in the future,
+you're currently on your own here.
+Essentially, be prepared for any kind of IP-traffic to exit the respective
+TUN interface (and GNUnet will enable IP-forwarding and NAT for the
+interface automatically).
+Additional configuration options of the exit as shown by the gnunet-setup
+tool are:
+@node IP Address of external DNS resolver
+@subsubsection IP Address of external DNS resolver
+If DNS traffic is to exit your machine, it will be send to this DNS
+resolver. You can specify an IPv4 or IPv6 address.
+@node IPv4 address for Exit interface
+@subsubsection IPv4 address for Exit interface
+This is the IPv4 address the Interface will get. Make the mask of the
+address big enough (255.255.0.0 or, even better, 255.0.0.0) to allow more
+mappings of IP addresses into this range. As for the VPN interface, any
+unused, private IPv4 address range will do.
+@node IPv6 address for Exit interface
+@subsubsection IPv6 address for Exit interface
+The public IPv6 address the interface will get. If your kernel is not a
+very recent kernel and you are willing to manually enable IPv6-NAT, the
+IPv6 address you specify here must be a globally routed IPv6 address of
+your host.
+Suppose your host has the address @code{2001:4ca0::1234/64}, then
+using @code{2001:4ca0::1:0/112} would be fine (keep the first 64 bits,
+then change at least one bit in the range before the bitmask, in the
+example above we changed bit 111 from 0 to 1).
+You may also have to configure your router to route traffic for the entire
+subnet (@code{2001:4ca0::1:0/112} for example) through your computer (this
+should be automatic with IPv6, but obviously anything can be
+disabled).
+@node Bandwidth Configuration
+@subsection Bandwidth Configuration
+You can specify how many bandwidth GNUnet is allowed to use to receive
+and send data. This is important for users with limited bandwidth or
+traffic volume.
+@node Configuring NAT
+@subsection Configuring NAT
+Most hosts today do not have a normal global IP address but instead are
+behind a router performing Network Address Translation (NAT) which assigns
+each host in the local network a private IP address.
+As a result, these machines cannot trivially receive inbound connections
+from the Internet. GNUnet supports NAT traversal to enable these machines
+to receive incoming connections from other peers despite their
+limitations.
+In an ideal world, you can press the "Attempt automatic configuration"
+button in gnunet-setup to automatically configure your peer correctly.
+Alternatively, your distribution might have already triggered this
+automatic configuration during the installation process.
+However, automatic configuration can fail to determine the optimal
+settings, resulting in your peer either not receiving as many connections
+as possible, or in the worst case it not connecting to the network at all.
+To manually configure the peer, you need to know a few things about your
+network setup. First, determine if you are behind a NAT in the first
+place.
+This is always the case if your IP address starts with "10.*" or
+"192.168.*". Next, if you have control over your NAT router, you may
+choose to manually configure it to allow GNUnet traffic to your host.
+If you have configured your NAT to forward traffic on ports 2086 (and
+possibly 1080) to your host, you can check the "NAT ports have been opened
+manually" option, which corresponds to the "PUNCHED_NAT" option in the
+configuration file. If you did not punch your NAT box, it may still be
+configured to support UPnP, which allows GNUnet to automatically
+configure it. In that case, you need to install the "upnpc" command,
+enable UPnP (or PMP) on your NAT box and set the "Enable NAT traversal
+via UPnP or PMP" option (corresponding to "ENABLE_UPNP" in the
+configuration file).
+Some NAT boxes can be traversed using the autonomous NAT traversal method.
+This requires certain GNUnet components to be installed with "SUID"
+privileges on your system (so if you're installing on a system you do
+not have administrative rights to, this will not work).
+If you installed as 'root', you can enable autonomous NAT traversal by
+checking the "Enable NAT traversal using ICMP method".
+The ICMP method requires a way to determine your NAT's external (global)
+IP address. This can be done using either UPnP, DynDNS, or by manual
+configuration. If you have a DynDNS name or know your external IP address,
+you should enter that name under "External (public) IPv4 address" (which
+corresponds to the "EXTERNAL_ADDRESS" option in the configuration file).
+If you leave the option empty, GNUnet will try to determine your external
+IP address automatically (which may fail, in which case autonomous
+NAT traversal will then not work).
+Finally, if you yourself are not behind NAT but want to be able to
+connect to NATed peers using autonomous NAT traversal, you need to check
+the "Enable connecting to NATed peers using ICMP method" box.
+@node Peer configuration for distributions
+@subsection Peer configuration for distributions
+The "GNUNET_DATA_HOME" in "[path]" in @file{/etc/gnunet.conf} should be
+manually set to "/var/lib/gnunet/data/" as the default
+"~/.local/share/gnunet/" is probably not that appropriate in this case.
+Similarly, distributions may consider pointing "GNUNET_RUNTIME_DIR" to
+"/var/run/gnunet/" and "GNUNET_HOME" to "/var/lib/gnunet/". Also, should a
+distribution decide to override system defaults, all of these changes
+should be done in a custom @file{/etc/gnunet.conf} and not in the files
+in the @file{config.d/} directory.
+Given the proposed access permissions, the "gnunet-setup" tool must be
+run as use "gnunet" (and with option "-c /etc/gnunet.conf" so that it
+modifies the system configuration). As always, gnunet-setup should be run
+after the GNUnet peer was stopped using "gnunet-arm -e". Distributions
+might want to include a wrapper for gnunet-setup that allows the
+desktop-user to "sudo" (i.e. using gtksudo) to the "gnunet" user account
+and then runs "gnunet-arm -e", "gnunet-setup" and "gnunet-arm -s" in
+sequence.
+@node MOVED FROM USER Config Leftovers
+@section MOVED FROM USER Config Leftovers
+This section describes how to start a GNUnet peer. It assumes that you
+have already compiled and installed GNUnet and its' dependencies.
+Before you start a GNUnet peer, you may want to create a configuration
+file using gnunet-setup (but you do not have to).
+Sane defaults should exist in your
+@file{$GNUNET_PREFIX/share/gnunet/config.d/} directory, so in practice
+you could simply start without any configuration. If you want to
+configure your peer later, you need to stop it before invoking the
+@code{gnunet-setup} tool to customize further and to test your
+configuration (@code{gnunet-setup} has build-in test functions).
+The most important option you might have to still set by hand is in
+[PATHS]. Here, you use the option "GNUNET_HOME" to specify the path where
+GNUnet should store its data.
+It defaults to @code{$HOME/}, which again should work for most users.
+Make sure that the directory specified as GNUNET_HOME is writable to
+the user that you will use to run GNUnet (note that you can run frontends
+using other users, GNUNET_HOME must only be accessible to the user used to
+run the background processes).
+You will also need to make one central decision: should all of GNUnet be
+run under your normal UID, or do you want distinguish between system-wide
+(user-independent) GNUnet services and personal GNUnet services. The
+multi-user setup is slightly more complicated, but also more secure and
+generally recommended.
+@menu
+* The Single-User Setup::
+* The Multi-User Setup::
+* Killing GNUnet services::
+* Access Control for GNUnet::
+@end menu
+@node The Single-User Setup
+@subsection The Single-User Setup
+For the single-user setup, you do not need to do anything special and can
+just start the GNUnet background processes using @code{gnunet-arm}.
+By default, GNUnet looks in @file{~/.config/gnunet.conf} for a
+configuration (or @code{$XDG_CONFIG_HOME/gnunet.conf} if@
+@code{$XDG_CONFIG_HOME} is defined). If your configuration lives
+elsewhere, you need to pass the @code{-c FILENAME} option to all GNUnet
+commands.
+Assuming the configuration file is called @file{~/.config/gnunet.conf},
+you start your peer using the @code{gnunet-arm} command (say as user
+@code{gnunet}) using:
+@example
+gnunet-arm -c ~/.config/gnunet.conf -s
+@end example
+@noindent
+The "-s" option here is for "start". The command should return almost
+instantly. If you want to stop GNUnet, you can use:
+@example
+gnunet-arm -c ~/.config/gnunet.conf -e
+@end example
+@noindent
+The "-e" option here is for "end".
+Note that this will only start the basic peer, no actual applications
+will be available.
+If you want to start the file-sharing service, use (after starting
+GNUnet):
+@example
+gnunet-arm -c ~/.config/gnunet.conf -i fs
+@end example
+@noindent
+The "-i fs" option here is for "initialize" the "fs" (file-sharing)
+application. You can also selectively kill only file-sharing support using
+@example
+gnunet-arm -c ~/.config/gnunet.conf -k fs
+@end example
+@noindent
+Assuming that you want certain services (like file-sharing) to be always
+automatically started whenever you start GNUnet, you can activate them by
+setting "IMMEDIATE_START=YES" in the respective section of the configuration
+file (for example, "[fs]"). Then GNUnet with file-sharing support would
+be started whenever you@ enter:
+@example
+gnunet-arm -c ~/.config/gnunet.conf -s
+@end example
+@noindent
+Alternatively, you can combine the two options:
+@example
+gnunet-arm -c ~/.config/gnunet.conf -s -i fs
+@end example
+@noindent
+Using @code{gnunet-arm} is also the preferred method for initializing
+GNUnet from @code{init}.
+Finally, you should edit your @code{crontab} (using the @code{crontab}
+command) and insert a line@
+@example
+@@reboot gnunet-arm -c ~/.config/gnunet.conf -s
+@end example
+to automatically start your peer whenever your system boots.
+@node The Multi-User Setup
+@subsection The Multi-User Setup
+This requires you to create a user @code{gnunet} and an additional group
+@code{gnunetdns}, prior to running @code{make install} during
+installation.
+Then, you create a configuration file @file{/etc/gnunet.conf} which should
+contain the lines:@
+@example
+[arm]
+START_SYSTEM_SERVICES = YES
+START_USER_SERVICES = NO
+@end example
+@noindent
+Then, perform the same steps to run GNUnet as in the per-user
+configuration, except as user @code{gnunet} (including the
+@code{crontab} installation).
+You may also want to run @code{gnunet-setup} to configure your peer
+(databases, etc.).
+Make sure to pass @code{-c /etc/gnunet.conf} to all commands. If you
+run @code{gnunet-setup} as user @code{gnunet}, you might need to change
+permissions on @file{/etc/gnunet.conf} so that the @code{gnunet} user can
+write to the file (during setup).
+Afterwards, you need to perform another setup step for each normal user
+account from which you want to access GNUnet. First, grant the normal user
+(@code{$USER}) permission to the group gnunet:
+@example
+# adduser $USER gnunet
+@end example
+@noindent
+Then, create a configuration file in @file{~/.config/gnunet.conf} for the
+$USER with the lines:
+@example
+[arm]
+START_SYSTEM_SERVICES = NO
+START_USER_SERVICES = YES
+@end example
+@noindent
+This will ensure that @code{gnunet-arm} when started by the normal user
+will only run services that are per-user, and otherwise rely on the
+system-wide services.
+Note that the normal user may run gnunet-setup, but the
+configuration would be ineffective as the system-wide services will use
+@file{/etc/gnunet.conf} and ignore options set by individual users.
+Again, each user should then start the peer using
+@file{gnunet-arm -s} --- and strongly consider adding logic to start
+the peer automatically to their crontab.
+Afterwards, you should see two (or more, if you have more than one USER)
+@code{gnunet-service-arm} processes running in your system.
+@node Killing GNUnet services
+@subsection Killing GNUnet services
+It is not necessary to stop GNUnet services explicitly when shutting
+down your computer.
+It should be noted that manually killing "most" of the
+@code{gnunet-service} processes is generally not a successful method for
+stopping a peer (since @code{gnunet-service-arm} will instantly restart
+them). The best way to explicitly stop a peer is using
+@code{gnunet-arm -e}; note that the per-user services may need to be
+terminated before the system-wide services will terminate normally.
+@node Access Control for GNUnet
+@subsection Access Control for GNUnet
+This chapter documents how we plan to make access control work within the
+GNUnet system for a typical peer. It should be read as a best-practice
+installation guide for advanced users and builders of binary
+distributions. The recommendations in this guide apply to POSIX-systems
+with full support for UNIX domain sockets only.
+Note that this is an advanced topic. The discussion presumes a very good
+understanding of users, groups and file permissions. Normal users on
+hosts with just a single user can just install GNUnet under their own
+account (and possibly allow the installer to use SUDO to grant additional
+permissions for special GNUnet tools that need additional rights).
+The discussion below largely applies to installations where multiple users
+share a system and to installations where the best possible security is
+paramount.
+A typical GNUnet system consists of components that fall into four
+categories:
+@table @asis
+@item User interfaces
+User interfaces are not security sensitive and are supposed to be run and
+used by normal system users.
+The GTK GUIs and most command-line programs fall into this category.
+Some command-line tools (like gnunet-transport) should be excluded as they
+offer low-level access that normal users should not need.
+@item System services and support tools
+System services should always run and offer services that can then be
+accessed by the normal users.
+System services do not require special permissions, but as they are not
+specific to a particular user, they probably should not run as a
+particular user. Also, there should typically only be one GNUnet peer per
+host. System services include the gnunet-service and gnunet-daemon
+programs; support tools include command-line programs such as gnunet-arm.
+@item Privileged helpers
+Some GNUnet components require root rights to open raw sockets or perform
+other special operations. These gnunet-helper binaries are typically
+installed SUID and run from services or daemons.
+@item Critical services
+Some GNUnet services (such as the DNS service) can manipulate the service
+in deep and possibly highly security sensitive ways. For example, the DNS
+service can be used to intercept and alter any DNS query originating from
+the local machine. Access to the APIs of these critical services and their
+privileged helpers must be tightly controlled.
+@end table
+@c FIXME: The titles of these chapters are too long in the index.
+@menu
+* Recommendation - Disable access to services via TCP::
+* Recommendation - Run most services as system user "gnunet"::
+* Recommendation - Control access to services using group "gnunet"::
+* Recommendation - Limit access to certain SUID binaries by group "gnunet"::
+* Recommendation - Limit access to critical gnunet-helper-dns to group "gnunetdns"::
+* Differences between "make install" and these recommendations::
+@end menu
+@node Recommendation - Disable access to services via TCP
+@subsubsection Recommendation - Disable access to services via TCP
+GNUnet services allow two types of access: via TCP socket or via UNIX
+domain socket.
+If the service is available via TCP, access control can only be
+implemented by restricting connections to a particular range of IP
+addresses.
+This is acceptable for non-critical services that are supposed to be
+available to all users on the local system or local network.
+However, as TCP is generally less efficient and it is rarely the case
+that a single GNUnet peer is supposed to serve an entire local network,
+the default configuration should disable TCP access to all GNUnet
+services on systems with support for UNIX domain sockets.
+As of GNUnet 0.9.2, configuration files with TCP access disabled should be
+generated by default. Users can re-enable TCP access to particular
+services simply by specifying a non-zero port number in the section of
+the respective service.
+@node Recommendation - Run most services as system user "gnunet"
+@subsubsection Recommendation - Run most services as system user "gnunet"
+GNUnet's main services should be run as a separate user "gnunet" in a
+special group "gnunet".
+The user "gnunet" should start the peer using "gnunet-arm -s" during
+system startup. The home directory for this user should be
+@file{/var/lib/gnunet} and the configuration file should be
+@file{/etc/gnunet.conf}.
+Only the @code{gnunet} user should have the right to access
+@file{/var/lib/gnunet} (@emph{mode: 700}).
+@node Recommendation - Control access to services using group "gnunet"
+@subsubsection Recommendation - Control access to services using group "gnunet"
+Users that should be allowed to use the GNUnet peer should be added to the
+group "gnunet". Using GNUnet's access control mechanism for UNIX domain
+sockets, those services that are considered useful to ordinary users
+should be made available by setting "UNIX_MATCH_GID=YES" for those
+services.
+Again, as shipped, GNUnet provides reasonable defaults.
+Permissions to access the transport and core subsystems might additionally
+be granted without necessarily causing security concerns.
+Some services, such as DNS, must NOT be made accessible to the "gnunet"
+group (and should thus only be accessible to the "gnunet" user and
+services running with this UID).
+@node Recommendation - Limit access to certain SUID binaries by group "gnunet"
+@subsubsection Recommendation - Limit access to certain SUID binaries by group "gnunet"
+Most of GNUnet's SUID binaries should be safe even if executed by normal
+users. However, it is possible to reduce the risk a little bit more by
+making these binaries owned by the group "gnunet" and restricting their
+execution to user of the group "gnunet" as well (4750).
+@node Recommendation - Limit access to critical gnunet-helper-dns to group "gnunetdns"
+@subsubsection Recommendation - Limit access to critical gnunet-helper-dns to group "gnunetdns"
+A special group "gnunetdns" should be created for controlling access to
+the "gnunet-helper-dns".
+The binary should then be owned by root and be in group "gnunetdns" and
+be installed SUID and only be group-executable (2750).
+@b{Note that the group "gnunetdns" should have no users in it at all,
+ever.}
+The "gnunet-service-dns" program should be executed by user "gnunet" (via
+gnunet-service-arm) with the binary owned by the user "root" and the group
+"gnunetdns" and be SGID (2700). This way, @strong{only}
+"gnunet-service-dns" can change its group to "gnunetdns" and execute the
+helper, and the helper can then run as root (as per SUID).
+Access to the API offered by "gnunet-service-dns" is in turn restricted
+to the user "gnunet" (not the group!), which means that only
+"benign" services can manipulate DNS queries using "gnunet-service-dns".
+@node Differences between "make install" and these recommendations
+@subsubsection Differences between "make install" and these recommendations
+The current build system does not set all permissions automatically based
+on the recommendations above. In particular, it does not use the group
+"gnunet" at all (so setting gnunet-helpers other than the
+gnunet-helper-dns to be owned by group "gnunet" must be done manually).
+Furthermore, 'make install' will silently fail to set the DNS binaries to
+be owned by group "gnunetdns" unless that group already exists (!).
+An alternative name for the "gnunetdns" group can be specified using the
+@code{--with-gnunetdns=GRPNAME} configure option.
diff --git a/doc/documentation/chapters/keyconcepts.texi b/doc/documentation/chapters/keyconcepts.texi
new file mode 100644
index 000000000..55f79f1c7
--- /dev/null
+++ b/doc/documentation/chapters/keyconcepts.texi
@@ -0,0 +1,308 @@
+@cindex Key Concepts
+@node Key Concepts
+@chapter Key Concepts
+In this section, the fundamental concepts of GNUnet are explained.
+@c FIXME: Use @uref{https://docs.gnunet.org/bib/, research papers}
+@c once we have the new bibliography + subdomain setup.
+Most of them are also described in our research papers.
+First, some of the concepts used in the GNUnet framework are detailed.
+The second part describes concepts specific to anonymous file-sharing.
+@menu
+* Authentication::
+* Accounting to Encourage Resource Sharing::
+* Confidentiality::
+* Anonymity::
+* Deniability::                       
+* Peer Identities::
+* Zones in the GNU Name System (GNS Zones)::
+* Egos::
+@end menu
+@cindex Authentication
+@node Authentication
+@section Authentication
+Almost all peer-to-peer communications in GNUnet are between mutually
+authenticated peers. The authentication works by using ECDHE, that is a
+DH (Diffie---Hellman) key exchange using ephemeral elliptic curve
+cryptography. The ephemeral ECC (Elliptic Curve Cryptography) keys are
+signed using ECDSA (@uref{http://en.wikipedia.org/wiki/ECDSA, ECDSA}).
+The shared secret from ECDHE is used to create a pair of session keys
+@c FIXME: Long word for HKDF. More FIXMEs: Explain MITM etc.
+(using HKDF) which are then used to encrypt the communication between the
+two peers using both 256-bit AES (Advanced Encryption Standard)
+and 256-bit Twofish (with independently derived secret keys).
+As only the two participating hosts know the shared secret, this
+authenticates each packet
+without requiring signatures each time. GNUnet uses SHA-512
+(Secure Hash Algorithm) hash codes to verify the integrity of messages.
+@c FIXME: A while back I got the feedback that I should try and integrate
+@c explanation boxes in the long-run. So we could explain
+@c "man-in-the-middle" and "man-in-the-middle attacks" and other words
+@c which are not common knowledge. MITM is not common knowledge. To be
+@c selfcontained, we should be able to explain words and concepts used in
+@c a chapter or paragraph without hinting at Wikipedia and other online
+@c sources which might not be available or accessible to everyone.
+@c On the other hand we could write an introductionary chapter or book
+@c that we could then reference in each chapter, which sound like it
+@c could be more reusable.
+In GNUnet, the identity of a host is its public key. For that reason,
+man-in-the-middle attacks will not break the authentication or accounting
+goals. Essentially, for GNUnet, the IP of the host has nothing to do with
+the identity of the host. As the public key is the only thing that truly
+matters, faking an IP, a port or any other property of the underlying
+transport protocol is irrelevant. In fact, GNUnet peers can use
+multiple IPs (IPv4 and IPv6) on multiple ports --- or even not use the
+IP protocol at all (by running directly on layer 2).
+@c FIXME: "IP protocol" feels wrong, but could be what people expect, as
+@c IP is "the number" and "IP protocol" the protocol itself in general
+@c knowledge?
+@c NOTE: For consistency we will use @code{HELLO}s throughout this Manual.
+GNUnet uses a special type of message to communicate a binding between
+public (ECC) keys to their current network address. These messages are
+commonly called @code{HELLO}s or @code{peer advertisements}.
+They contain the public key of the peer and its current network
+addresses for various transport services.
+A transport service is a special kind of shared library that
+provides (possibly unreliable, out-of-order) message delivery between
+peers.
+For the UDP and TCP transport services, a network address is an IP and a
+port.
+GNUnet can also use other transports (HTTP, HTTPS, WLAN, etc.) which use
+various other forms of addresses. Note that any node can have many
+different active transport services at the same time,
+and each of these can have a different addresses.
+Binding messages expire after at most a week (the timeout can be
+shorter if the user configures the node appropriately).
+This expiration ensures that the network will eventually get rid of
+outdated advertisements.
+@footnote{Ronaldo A. Ferreira, Christian Grothoff, and Paul Ruth.
+A Transport Layer Abstraction for Peer-to-Peer Networks
+Proceedings of the 3rd International Symposium on Cluster Computing
+and the Grid (GRID 2003), 2003.
+(@uref{https://gnunet.org/git/bibliography.git/plain/docs/transport.pdf, https://gnunet.org/git/bibliography.git/plain/docs/transport.pdf})}
+@cindex Accounting to Encourage Resource Sharing
+@node Accounting to Encourage Resource Sharing
+@section Accounting to Encourage Resource Sharing
+Most distributed P2P networks suffer from a lack of defenses or
+precautions against attacks in the form of freeloading.
+While the intentions of an attacker and a freeloader are different, their
+effect on the network is the same; they both render it useless.
+Most simple attacks on networks such as @command{Gnutella}
+involve flooding the network with traffic, particularly
+with queries that are, in the worst case, multiplied by the network.
+In order to ensure that freeloaders or attackers have a minimal impact
+on the network, GNUnet's file-sharing implementation (@code{FS} tries
+to distinguish good (contributing) nodes from malicious (freeloading)
+nodes. In GNUnet, every file-sharing node keeps track of the behavior
+of every other node it has been in contact with. Many requests
+(depending on the application) are transmitted with a priority (or
+importance) level.  That priority is used to establish how important
+the sender believes this request is. If a peer responds to an
+important request, the recipient will increase its trust in the
+responder: the responder contributed resources.  If a peer is too busy
+to answer all requests, it needs to prioritize.  For that, peers do
+not take the priorities of the requests received at face value.
+First, they check how much they trust the sender, and depending on
+that amount of trust they assign the request a (possibly lower)
+effective priority. Then, they drop the requests with the lowest
+effective priority to satisfy their resource constraints. This way,
+GNUnet's economic model ensures that nodes that are not currently
+considered to have a surplus in contributions will not be served if
+the network load is high.
+@footnote{Christian Grothoff. An Excess-Based Economic Model for Resource
+Allocation in Peer-to-Peer Networks. Wirtschaftsinformatik, June 2003.
+(@uref{https://gnunet.org/git/bibliography.git/plain/docs/ebe.pdf, https://gnunet.org/git/bibliography.git/plain/docs/ebe.pdf})}
+@c 2009?
+@cindex Confidentiality
+@node Confidentiality
+@section Confidentiality
+Adversaries (malicious, bad actors) outside of GNUnet are not supposed
+to know what kind of actions a peer is involved in. Only the specific
+neighbor of a peer that is the corresponding sender or recipient of a
+message may know its contents, and even then application protocols may
+place further restrictions on that knowledge.  In order to ensure
+confidentiality, GNUnet uses link encryption, that is each message
+exchanged between two peers is encrypted using a pair of keys only
+known to these two peers.  Encrypting traffic like this makes any kind
+of traffic analysis much harder. Naturally, for some applications, it
+may still be desirable if even neighbors cannot determine the concrete
+contents of a message.  In GNUnet, this problem is addressed by the
+specific application-level protocols. See for example the following
+sections @pxref{Anonymity}, @pxref{How file-sharing achieves Anonymity},
+and @pxref{Deniability}.
+@cindex Anonymity
+@node Anonymity
+@section Anonymity
+@menu
+* How file-sharing achieves Anonymity::
+@end menu
+Providing anonymity for users is the central goal for the anonymous
+file-sharing application. Many other design decisions follow in the
+footsteps of this requirement.
+Anonymity is never absolute. While there are various
+scientific metrics@footnote{Claudia Díaz, Stefaan Seys, Joris Claessens,
+and Bart Preneel. Towards measuring anonymity.
+2002.
+(@uref{https://gnunet.org/git/bibliography.git/plain/docs/article-89.pdf, https://gnunet.org/git/bibliography.git/plain/docs/article-89.pdf})}
+that can help quantify the level of anonymity that a given mechanism
+provides, there is no such thing as "complete anonymity".
+GNUnet's file-sharing implementation allows users to select for each
+operation (publish, search, download) the desired level of anonymity.
+The metric used is the amount of cover traffic available to hide the
+request.
+While this metric is not as good as, for example, the theoretical metric
+given in scientific metrics@footnote{likewise},
+it is probably the best metric available to a peer with a purely local
+view of the world that does not rely on unreliable external information.
+The default anonymity level is @code{1}, which uses anonymous routing but
+imposes no minimal requirements on cover traffic. It is possible
+to forego anonymity when this is not required. The anonymity level of
+@code{0} allows GNUnet to use more efficient, non-anonymous routing.
+@cindex How file-sharing achieves Anonymity
+@node How file-sharing achieves Anonymity
+@subsection How file-sharing achieves Anonymity
+Contrary to other designs, we do not believe that users achieve strong
+anonymity just because their requests are obfuscated by a couple of
+indirections. This is not sufficient if the adversary uses traffic
+analysis.
+The threat model used for anonymous file sharing in GNUnet assumes that
+the adversary is quite powerful.
+In particular, we assume that the adversary can see all the traffic on
+the Internet. And while we assume that the adversary
+can not break our encryption, we assume that the adversary has many
+participating nodes in the network and that it can thus see many of the
+node-to-node interactions since it controls some of the nodes. 
+The system tries to achieve anonymity based on the idea that users can be
+anonymous if they can hide their actions in the traffic created by other
+users.
+Hiding actions in the traffic of other users requires participating in the
+traffic, bringing back the traditional technique of using indirection and
+source rewriting. Source rewriting is required to gain anonymity since
+otherwise an adversary could tell if a message originated from a host by
+looking at the source address. If all packets look like they originate
+from one node, the adversary can not tell which ones originate from that
+node and which ones were routed.
+Note that in this mindset, any node can decide to break the
+source-rewriting paradigm without violating the protocol, as this
+only reduces the amount of traffic that a node can hide its own traffic
+in.
+If we want to hide our actions in the traffic of other nodes, we must make
+our traffic indistinguishable from the traffic that we route for others.
+As our queries must have us as the receiver of the reply
+(otherwise they would be useless), we must put ourselves as the receiver
+of replies that actually go to other hosts; in other words, we must
+indirect replies.
+Unlike other systems, in anonymous file-sharing as implemented on top of
+GNUnet we do not have to indirect the replies if we don't think we need
+more traffic to hide our own actions.
+This increases the efficiency of the network as we can indirect less under
+higher load.@footnote{Krista Bennett and Christian Grothoff.
+GAP --- practical anonymous networking. In Proceedings of
+Designing Privacy Enhancing Technologies, 2003.
+(@uref{https://gnunet.org/git/bibliography.git/plain/docs/aff.pdf, https://gnunet.org/git/bibliography.git/plain/docs/aff.pdf})}
+@cindex Deniability
+@node Deniability
+@section Deniability
+Even if the user that downloads data and the server that provides data are
+anonymous, the intermediaries may still be targets. In particular, if the
+intermediaries can find out which queries or which content they are
+processing, a strong adversary could try to force them to censor
+certain materials. 
+With the file-encoding used by GNUnet's anonymous file-sharing, this
+problem does not arise.
+The reason is that queries and replies are transmitted in
+an encrypted format such that intermediaries cannot tell what the query
+is for or what the content is about.  Mind that this is not the same
+encryption as the link-encryption between the nodes.  GNUnet has
+encryption on the network layer (link encryption, confidentiality,
+authentication) and again on the application layer (provided
+by @command{gnunet-publish}, @command{gnunet-download},
+@command{gnunet-search} and @command{gnunet-gtk}).
+@footnote{Christian Grothoff, Krista Grothoff, Tzvetan Horozov,
+and Jussi T. Lindgren.
+An Encoding for Censorship-Resistant Sharing.
+2009.
+(@uref{https://gnunet.org/git/bibliography.git/plain/docs/ecrs.pdf, https://gnunet.org/git/bibliography.git/plain/docs/ecrs.pdf})}
+@cindex Peer Identities
+@node Peer Identities
+@section Peer Identities
+Peer identities are used to identify peers in the network and are unique
+for each peer. The identity for a peer is simply its public key, which is
+generated along with a private key the peer is started for the first time.
+While the identity is binary data, it is often expressed as ASCII string.
+For example, the following is a peer identity as you might see it in
+various places:
+@example
+UAT1S6PMPITLBKSJ2DGV341JI6KF7B66AC4JVCN9811NNEGQLUN0
+@end example
+@noindent
+You can find your peer identity by running @command{gnunet-peerinfo -s}.
+@cindex Zones in the GNU Name System (GNS Zones)
+@node Zones in the GNU Name System (GNS Zones)
+@section Zones in the GNU Name System (GNS Zones)
+@c FIXME: Explain or link to an explanation of the concept of public keys
+@c and private keys.
+@c FIXME: Rewrite for the latest GNS changes.
+GNS@footnote{Matthias Wachs, Martin Schanzenbach, and Christian Grothoff.
+A Censorship-Resistant, Privacy-Enhancing and Fully Decentralized Name
+System. In proceedings of 13th International Conference on Cryptology and
+Network Security (CANS 2014). 2014.
+@uref{https://gnunet.org/git/bibliography.git/plain/docs/gns2014wachs.pdf, https://gnunet.org/git/bibliography.git/plain/docs/gns2014wachs.pdf}}
+zones are similar to those of DNS zones, but instead of a hierarchy of
+authorities to governing their use, GNS zones are controlled by a private
+key.
+When you create a record in a DNS zone, that information is stored in your
+nameserver. Anyone trying to resolve your domain then gets pointed
+(hopefully) by the centralised authority to your nameserver.
+Whereas GNS, being fully decentralized by design, stores that information
+in DHT. The validity of the records is assured cryptographically, by
+signing them with the private key of the respective zone.
+Anyone trying to resolve records in a zone of your domain can then verify
+the signature of the records they get from the DHT and be assured that
+they are indeed from the respective zone.
+To make this work, there is a 1:1 correspondence between zones and
+their public-private key pairs.
+So when we talk about the owner of a GNS zone, that's really the owner of
+the private key.
+And a user accessing a zone needs to somehow specify the corresponding
+public key first.
+@cindex Egos
+@node Egos
+@section Egos
+@c what is the difference between peer identity and egos? It seems
+@c like both are linked to public-private key pair.
+Egos are your "identities" in GNUnet. Any user can assume multiple
+identities, for example to separate their activities online. Egos can
+correspond to "pseudonyms" or "real-world identities". Technically an
+ego is first of all a key pair of a public- and private-key.
diff --git a/doc/documentation/chapters/philosophy.texi b/doc/documentation/chapters/philosophy.texi
index 72c3476a3..6d80d77ae 100644
--- a/doc/documentation/chapters/philosophy.texi
+++ b/doc/documentation/chapters/philosophy.texi
@@ -5,36 +5,28 @@
 @c NOTE: We should probably re-use some of the images lynX created
 @c for secushare, showing some of the relations and functionalities
 @c of GNUnet.
-The foremost goal of the GNUnet project is to become a widely used,
+The primary goal of the GNUnet project is to provide a reliable, open,
-reliable, open, non-discriminating, egalitarian, unconstrained and
+non-discriminating and censorship-resistant system for information
-censorship-resistant system of free information exchange.
+exchange. We value free speech above state interests and intellectual
-We value free speech above state secrets, law-enforcement or
+monopoly. GNUnet's long-term goal is to serve as a development
-intellectual monopoly.
+platform for the next generation of Internet protocols.
-GNUnet is supposed to be an anarchistic network, where the only
-limitation for participants (devices or people making use of the
+GNUnet is an anarchistic network. Participants are encouraged to
-network, in the following sometimes called peers) is
+contribute at least as much resources (storage, bandwidth) to the network
-that they must contribute enough back to the network such that
+as they consume, so that their participation does not have a negative
-their resource consumption does not have a significant impact
+impact on other users.
-on other users.
-GNUnet should be more than just another file-sharing network.
-The plan is to offer many other services and in particular
-to serve as a development platform for the next generation of
-Internet Protocols.
 @menu
-* Design Goals::
+* Design Principles::
-* Security and Privacy::
+* Privacy and Anonymity::
-* Versatility::
 * Practicality::
-* Key Concepts::
 @end menu
-@cindex Design Goals
+@cindex Design Principles
-@cindex Design Goals
+@node Design Principles
-@node Design Goals
+@section Design Principles
-@section Design Goals
-These are the core GNUnet design goals, in order of relative importance:
+These are the GNUnet design principles, in order of importance:
 @itemize
 @item GNUnet must be implemented as
@@ -44,399 +36,45 @@ These are the core GNUnet design goals, in order of relative importance:
 the program, to study and change the program in source code form,
 to redistribute exact copies, and to distribute modified versions.
 Refer to @uref{https://www.gnu.org/philosophy/free-sw.html, https://www.gnu.org/philosophy/free-sw.html}}
-@item GNUnet must only disclose the minimal amount of information
+@item GNUnet must minimize the amount of personally identifiable information exposed.
-necessary.
 @c TODO: Explain 'fully' in the terminology section.
-@item GNUnet must be fully distributed and survive
+@item GNUnet must be fully distributed and resilient to external attacks and rogue participants.
-@uref{https://en.wikipedia.org/wiki/Byzantine_fault_tolerance, Byzantine failures}
+@item GNUnet must be self-organizing and not depend on administrators or centralized infrastructure.
-@footnote{@uref{https://en.wikipedia.org/wiki/Byzantine_fault_tolerance, https://en.wikipedia.org/wiki/Byzantine_fault_tolerance}}
+@item GNUnet must inform the user which other participants have to be trusted when establishing private communications.
-at any position in the network.
-@item GNUnet must make it explicit to the user which entities are
-considered to be trustworthy when establishing secured communications.
-@item GNUnet must use compartmentalization to protect sensitive
-information.
 @item GNUnet must be open and permit new peers to join.
-@item GNUnet must be self-organizing and not depend on administrators.
 @item GNUnet must support a diverse range of applications and devices.
-@item The GNUnet architecture must be cost effective.
+@item GNUnet must use compartmentalization to protect sensitive information.
-@item GNUnet must provide incentives for peers to contribute more
+@item The GNUnet architecture must be resource efficient.
-resources than they consume.
+@item GNUnet must provide incentives for peers to contribute more resources than they consume.
 @end itemize
-@cindex Security and Privacy
+@cindex Privacy and Anonymity
-@node Security and Privacy
+@node Privacy and Anonymity
-@section Security and Privacy
+@section Privacy and Anonymity
-GNUnet's primary design goals are to protect the privacy of its users and
-to guard itself against attacks or abuse.
-GNUnet does not have any mechanisms to control, track or censor users.
-Instead, the GNUnet protocols aim to make it as hard as possible to
-find out what is happening on the network or to disrupt operations. 
-@cindex Versatility
+The GNUnet protocols minimize the leakage of personally identifiable information of participants and
-@node Versatility
+do not allow adversaries to control, track, monitor or censor users activities. The
-@section Versatility
+GNUnet protocols also make it as hard as possible to disrupt operations by participating in the network with malicious intent. 
-We call GNUnet a peer-to-peer framework because we want to support many
+Analyzing participant's activities becomes more difficult as the number of peers and
-different forms of peer-to-peer applications. GNUnet uses a plugin
+applications that generate traffic on the network grows, even if the additional
-architecture to make the system extensible and to encourage code reuse.
+traffic generated is not related to anonymous communication. This is one of the reasons why GNUnet is developed as a peer-to-peer
-While the first versions of the system only supported anonymous
-file-sharing, other applications are being worked on and more will
-hopefully follow in the future.
-A powerful synergy regarding anonymity services is created by a large
-community utilizing many diverse applications over the same software
-infrastructure. The reason is that link encryption hides the specifics
-of the traffic for non-participating observers. This way, anonymity can
-get stronger with additional (GNUnet) traffic, even if the additional
-traffic is not related to anonymous communication. Increasing anonymity
-is the primary reason why GNUnet is developed to become a peer-to-peer
 framework where many applications share the lower layers of an
-increasingly complex protocol stack.
+increasingly complex protocol stack. The GNUnet architecture encourages many
-If merging traffic to hinder traffic analysis was not important,
+different forms of peer-to-peer applications.
-we could have just developed a dozen stand-alone applications
-and a few shared libraries. 
 @cindex Practicality
 @node Practicality
 @section Practicality
-GNUnet allows participants to trade various amounts of security in
+Whereever possible GNUnet allows the peer to adjust its operations
-exchange for increased efficiency. However, it is not possible for any
+and functionalities to specific use cases. A GNUnet peer running on
-user's security and efficiency requirements to compromise the security
+a mobile device with limited battery for example might choose not to
-and efficiency of any other user.
+relay traffic for other participants.
-For GNUnet, efficiency is not paramount. If there were a more secure and
-still practical approach, we would choose to take the more secure
-alternative. @command{telnet} is more efficient than @command{ssh}, yet
-it is obsolete.
-Hardware gets faster, and code can be optimized. Fixing security issues
-as an afterthought is much harder.
-While security is paramount, practicability is still a requirement.
-The most secure system is always the one that nobody can use.
-Similarly, any anonymous system that is extremely inefficient will only
-find few users.
-However, good anonymity requires a large and diverse user base. Since
-individual security requirements may vary, the only good solution here is
-to allow individuals to trade-off security and efficiency.
-The primary challenge in allowing this is to ensure that the economic
-incentives work properly.
-In particular, this means that it must be impossible for a user to gain
-security at the expense of other users. Many designs (e.g. anonymity via
-broadcast) fail to give users an incentive to choose a less secure but
-more efficient mode of operation.
-GNUnet should avoid where ever possible to rely on protocols that will
-only work if the participants are benevolent.
-While some designs have had widespread success while relying on parties
-to observe a protocol that may be sub-optimal for the individuals (e.g.
-TCP Nagle), a protocol that ensures that individual goals never conflict
-with the goals of the group is always preferable.
-@cindex Key Concepts
-@node Key Concepts
-@section Key Concepts
-In this section, the fundamental concepts of GNUnet are explained.
-@c FIXME: Use @uref{https://docs.gnunet.org/bib/, research papers}
-@c once we have the new bibliography + subdomain setup.
-Most of them are also described in our research papers.
-First, some of the concepts used in the GNUnet framework are detailed.
-The second part describes concepts specific to anonymous file-sharing.
-@menu
-* Authentication::
-* Accounting to Encourage Resource Sharing::
-* Confidentiality::
-* Anonymity::
-* Deniability::                       
-* Peer Identities::
-* Zones in the GNU Name System (GNS Zones)::
-* Egos::
-@end menu
-@cindex Authentication
-@node Authentication
-@subsection Authentication
-Almost all peer-to-peer communications in GNUnet are between mutually
-authenticated peers. The authentication works by using ECDHE, that is a
-DH (Diffie---Hellman) key exchange using ephemeral elliptic curve
-cryptography. The ephemeral ECC (Elliptic Curve Cryptography) keys are
-signed using ECDSA (@uref{http://en.wikipedia.org/wiki/ECDSA, ECDSA}).
-The shared secret from ECDHE is used to create a pair of session keys
-@c FIXME: Long word for HKDF. More FIXMEs: Explain MITM etc.
-(using HKDF) which are then used to encrypt the communication between the
-two peers using both 256-bit AES (Advanced Encryption Standard)
-and 256-bit Twofish (with independently derived secret keys).
-As only the two participating hosts know the shared secret, this
-authenticates each packet
-without requiring signatures each time. GNUnet uses SHA-512
-(Secure Hash Algorithm) hash codes to verify the integrity of messages.
-@c FIXME: A while back I got the feedback that I should try and integrate
-@c explanation boxes in the long-run. So we could explain
-@c "man-in-the-middle" and "man-in-the-middle attacks" and other words
-@c which are not common knowledge. MITM is not common knowledge. To be
-@c selfcontained, we should be able to explain words and concepts used in
-@c a chapter or paragraph without hinting at Wikipedia and other online
-@c sources which might not be available or accessible to everyone.
-@c On the other hand we could write an introductionary chapter or book
-@c that we could then reference in each chapter, which sound like it
-@c could be more reusable.
-In GNUnet, the identity of a host is its public key. For that reason,
-man-in-the-middle attacks will not break the authentication or accounting
-goals. Essentially, for GNUnet, the IP of the host has nothing to do with
-the identity of the host. As the public key is the only thing that truly
-matters, faking an IP, a port or any other property of the underlying
-transport protocol is irrelevant. In fact, GNUnet peers can use
-multiple IPs (IPv4 and IPv6) on multiple ports --- or even not use the
-IP protocol at all (by running directly on layer 2).
-@c FIXME: "IP protocol" feels wrong, but could be what people expect, as
-@c IP is "the number" and "IP protocol" the protocol itself in general
-@c knowledge?
-@c NOTE: For consistency we will use @code{HELLO}s throughout this Manual.
-GNUnet uses a special type of message to communicate a binding between
-public (ECC) keys to their current network address. These messages are
-commonly called @code{HELLO}s or @code{peer advertisements}.
-They contain the public key of the peer and its current network
-addresses for various transport services.
-A transport service is a special kind of shared library that
-provides (possibly unreliable, out-of-order) message delivery between
-peers.
-For the UDP and TCP transport services, a network address is an IP and a
-port.
-GNUnet can also use other transports (HTTP, HTTPS, WLAN, etc.) which use
-various other forms of addresses. Note that any node can have many
-different active transport services at the same time,
-and each of these can have a different addresses.
-Binding messages expire after at most a week (the timeout can be
-shorter if the user configures the node appropriately).
-This expiration ensures that the network will eventually get rid of
-outdated advertisements.
-@footnote{Ronaldo A. Ferreira, Christian Grothoff, and Paul Ruth.
-A Transport Layer Abstraction for Peer-to-Peer Networks
-Proceedings of the 3rd International Symposium on Cluster Computing
-and the Grid (GRID 2003), 2003.
-(@uref{https://gnunet.org/git/bibliography.git/plain/docs/transport.pdf, https://gnunet.org/git/bibliography.git/plain/docs/transport.pdf})}
-@cindex Accounting to Encourage Resource Sharing
-@node Accounting to Encourage Resource Sharing
-@subsection Accounting to Encourage Resource Sharing
-Most distributed P2P networks suffer from a lack of defenses or
-precautions against attacks in the form of freeloading.
-While the intentions of an attacker and a freeloader are different, their
-effect on the network is the same; they both render it useless.
-Most simple attacks on networks such as @command{Gnutella}
-involve flooding the network with traffic, particularly
-with queries that are, in the worst case, multiplied by the network.
-In order to ensure that freeloaders or attackers have a minimal impact
-on the network, GNUnet's file-sharing implementation (@code{FS} tries
-to distinguish good (contributing) nodes from malicious (freeloading)
-nodes. In GNUnet, every file-sharing node keeps track of the behavior
-of every other node it has been in contact with. Many requests
-(depending on the application) are transmitted with a priority (or
-importance) level.  That priority is used to establish how important
-the sender believes this request is. If a peer responds to an
-important request, the recipient will increase its trust in the
-responder: the responder contributed resources.  If a peer is too busy
-to answer all requests, it needs to prioritize.  For that, peers do
-not take the priorities of the requests received at face value.
-First, they check how much they trust the sender, and depending on
-that amount of trust they assign the request a (possibly lower)
-effective priority. Then, they drop the requests with the lowest
-effective priority to satisfy their resource constraints. This way,
-GNUnet's economic model ensures that nodes that are not currently
-considered to have a surplus in contributions will not be served if
-the network load is high.
-@footnote{Christian Grothoff. An Excess-Based Economic Model for Resource
-Allocation in Peer-to-Peer Networks. Wirtschaftsinformatik, June 2003.
-(@uref{https://gnunet.org/git/bibliography.git/plain/docs/ebe.pdf, https://gnunet.org/git/bibliography.git/plain/docs/ebe.pdf})}
-@c 2009?
-@cindex Confidentiality
-@node Confidentiality
-@subsection Confidentiality
-Adversaries (malicious, bad actors) outside of GNUnet are not supposed
-to know what kind of actions a peer is involved in. Only the specific
-neighbor of a peer that is the corresponding sender or recipient of a
-message may know its contents, and even then application protocols may
-place further restrictions on that knowledge.  In order to ensure
-confidentiality, GNUnet uses link encryption, that is each message
-exchanged between two peers is encrypted using a pair of keys only
-known to these two peers.  Encrypting traffic like this makes any kind
-of traffic analysis much harder. Naturally, for some applications, it
-may still be desirable if even neighbors cannot determine the concrete
-contents of a message.  In GNUnet, this problem is addressed by the
-specific application-level protocols. See for example the following
-sections @pxref{Anonymity}, @pxref{How file-sharing achieves Anonymity},
-and @pxref{Deniability}.
-@cindex Anonymity
-@node Anonymity
-@subsection Anonymity
-@menu
+For certain applications like file-sharing GNUnet allows participants to trade degrees of anonymity in
-* How file-sharing achieves Anonymity::
+exchange for increased efficiency. However, it is not possible for any
-@end menu
+user's efficiency requirements to compromise the anonymity
+of any other user.
-Providing anonymity for users is the central goal for the anonymous
-file-sharing application. Many other design decisions follow in the
-footsteps of this requirement.
-Anonymity is never absolute. While there are various
-scientific metrics@footnote{Claudia Díaz, Stefaan Seys, Joris Claessens,
-and Bart Preneel. Towards measuring anonymity.
-2002.
-(@uref{https://gnunet.org/git/bibliography.git/plain/docs/article-89.pdf, https://gnunet.org/git/bibliography.git/plain/docs/article-89.pdf})}
-that can help quantify the level of anonymity that a given mechanism
-provides, there is no such thing as "complete anonymity".
-GNUnet's file-sharing implementation allows users to select for each
-operation (publish, search, download) the desired level of anonymity.
-The metric used is the amount of cover traffic available to hide the
-request.
-While this metric is not as good as, for example, the theoretical metric
-given in scientific metrics@footnote{likewise},
-it is probably the best metric available to a peer with a purely local
-view of the world that does not rely on unreliable external information.
-The default anonymity level is @code{1}, which uses anonymous routing but
-imposes no minimal requirements on cover traffic. It is possible
-to forego anonymity when this is not required. The anonymity level of
-@code{0} allows GNUnet to use more efficient, non-anonymous routing.
-@cindex How file-sharing achieves Anonymity
-@node How file-sharing achieves Anonymity
-@subsubsection How file-sharing achieves Anonymity
-Contrary to other designs, we do not believe that users achieve strong
-anonymity just because their requests are obfuscated by a couple of
-indirections. This is not sufficient if the adversary uses traffic
-analysis.
-The threat model used for anonymous file sharing in GNUnet assumes that
-the adversary is quite powerful.
-In particular, we assume that the adversary can see all the traffic on
-the Internet. And while we assume that the adversary
-can not break our encryption, we assume that the adversary has many
-participating nodes in the network and that it can thus see many of the
-node-to-node interactions since it controls some of the nodes. 
-The system tries to achieve anonymity based on the idea that users can be
-anonymous if they can hide their actions in the traffic created by other
-users.
-Hiding actions in the traffic of other users requires participating in the
-traffic, bringing back the traditional technique of using indirection and
-source rewriting. Source rewriting is required to gain anonymity since
-otherwise an adversary could tell if a message originated from a host by
-looking at the source address. If all packets look like they originate
-from one node, the adversary can not tell which ones originate from that
-node and which ones were routed.
-Note that in this mindset, any node can decide to break the
-source-rewriting paradigm without violating the protocol, as this
-only reduces the amount of traffic that a node can hide its own traffic
-in.
-If we want to hide our actions in the traffic of other nodes, we must make
-our traffic indistinguishable from the traffic that we route for others.
-As our queries must have us as the receiver of the reply
-(otherwise they would be useless), we must put ourselves as the receiver
-of replies that actually go to other hosts; in other words, we must
-indirect replies.
-Unlike other systems, in anonymous file-sharing as implemented on top of
-GNUnet we do not have to indirect the replies if we don't think we need
-more traffic to hide our own actions.
-This increases the efficiency of the network as we can indirect less under
-higher load.@footnote{Krista Bennett and Christian Grothoff.
-GAP --- practical anonymous networking. In Proceedings of
-Designing Privacy Enhancing Technologies, 2003.
-(@uref{https://gnunet.org/git/bibliography.git/plain/docs/aff.pdf, https://gnunet.org/git/bibliography.git/plain/docs/aff.pdf})}
-@cindex Deniability
-@node Deniability
-@subsection Deniability
-Even if the user that downloads data and the server that provides data are
-anonymous, the intermediaries may still be targets. In particular, if the
-intermediaries can find out which queries or which content they are
-processing, a strong adversary could try to force them to censor
-certain materials. 
-With the file-encoding used by GNUnet's anonymous file-sharing, this
-problem does not arise.
-The reason is that queries and replies are transmitted in
-an encrypted format such that intermediaries cannot tell what the query
-is for or what the content is about.  Mind that this is not the same
-encryption as the link-encryption between the nodes.  GNUnet has
-encryption on the network layer (link encryption, confidentiality,
-authentication) and again on the application layer (provided
-by @command{gnunet-publish}, @command{gnunet-download},
-@command{gnunet-search} and @command{gnunet-gtk}).
-@footnote{Christian Grothoff, Krista Grothoff, Tzvetan Horozov,
-and Jussi T. Lindgren.
-An Encoding for Censorship-Resistant Sharing.
-2009.
-(@uref{https://gnunet.org/git/bibliography.git/plain/docs/ecrs.pdf, https://gnunet.org/git/bibliography.git/plain/docs/ecrs.pdf})}
-@cindex Peer Identities
-@node Peer Identities
-@subsection Peer Identities
-Peer identities are used to identify peers in the network and are unique
-for each peer. The identity for a peer is simply its public key, which is
-generated along with a private key the peer is started for the first time.
-While the identity is binary data, it is often expressed as ASCII string.
-For example, the following is a peer identity as you might see it in
-various places:
-@example
-UAT1S6PMPITLBKSJ2DGV341JI6KF7B66AC4JVCN9811NNEGQLUN0
-@end example
-@noindent
-You can find your peer identity by running @command{gnunet-peerinfo -s}.
-@cindex Zones in the GNU Name System (GNS Zones)
-@node Zones in the GNU Name System (GNS Zones)
-@subsection Zones in the GNU Name System (GNS Zones)
-@c FIXME: Explain or link to an explanation of the concept of public keys
-@c and private keys.
-@c FIXME: Rewrite for the latest GNS changes.
-GNS@footnote{Matthias Wachs, Martin Schanzenbach, and Christian Grothoff.
-A Censorship-Resistant, Privacy-Enhancing and Fully Decentralized Name
-System. In proceedings of 13th International Conference on Cryptology and
-Network Security (CANS 2014). 2014.
-@uref{https://gnunet.org/git/bibliography.git/plain/docs/gns2014wachs.pdf, https://gnunet.org/git/bibliography.git/plain/docs/gns2014wachs.pdf}}
-zones are similar to those of DNS zones, but instead of a hierarchy of
-authorities to governing their use, GNS zones are controlled by a private
-key.
-When you create a record in a DNS zone, that information is stored in your
-nameserver. Anyone trying to resolve your domain then gets pointed
-(hopefully) by the centralised authority to your nameserver.
-Whereas GNS, being fully decentralized by design, stores that information
-in DHT. The validity of the records is assured cryptographically, by
-signing them with the private key of the respective zone.
-Anyone trying to resolve records in a zone of your domain can then verify
-the signature of the records they get from the DHT and be assured that
-they are indeed from the respective zone.
-To make this work, there is a 1:1 correspondence between zones and
-their public-private key pairs.
-So when we talk about the owner of a GNS zone, that's really the owner of
-the private key.
-And a user accessing a zone needs to somehow specify the corresponding
-public key first.
-@cindex Egos
-@node Egos
-@subsection Egos
-@c what is the difference between peer identity and egos? It seems
-@c like both are linked to public-private key pair.
-Egos are your "identities" in GNUnet. Any user can assume multiple
-identities, for example to separate their activities online. Egos can
-correspond to "pseudonyms" or "real-world identities". Technically an
-ego is first of all a key pair of a public- and private-key.
diff --git a/doc/documentation/chapters/preface.texi b/doc/documentation/chapters/preface.texi
index b4889356a..00e6290f0 100644
--- a/doc/documentation/chapters/preface.texi
+++ b/doc/documentation/chapters/preface.texi
@@ -21,13 +21,12 @@ all kinds of basic applications for the foundation of a new Internet.
 @node About this book
 @section About this book
-The books (described as ``book'' or ``books'' in the following) bundled as
+The books (described as ``book'' or ``books'' in the following)
-the ``GNUnet Reference Manual'' are based on the historic work of all
+bundled as the ``GNUnet Reference Manual'' are based on the historic
-contributors to GNUnet's documentation. The documentation existed in
+work of all contributors to GNUnet's documentation.  It is our hope
-various formats before it came to be in the format you are currently
+that the content is described in a way that does not require any
-reading. It is our hope that the content is described in a way that does
+academic background, although some concepts will require further
-not require any academic background, although some concepts will require
+reading.
-further reading.
 Our (long-term) goal with these books is to keep them self-contained. If
 you see references to Wikipedia and other external sources (except for
@@ -47,7 +46,8 @@ what GNUnet tries to achieve.
 GNUnet in its current version is the result of almost 20 years of work
 from many contributors.  So far, most contributions were made by
-volunteers or people paid to do fundamental research.  Thus,
+volunteers or people paid to do fundamental research.  At this stage,
+GNUnet remains an experimental system where
 significant parts of the software lack a reasonable degree of
 professionalism in its implementation.  Furthermore, we are aware of a
 significant number of existing bugs and critical design flaws, as some
diff --git a/doc/documentation/chapters/user.texi b/doc/documentation/chapters/user.texi
index 9c9bd8df8..fe47abb86 100644
--- a/doc/documentation/chapters/user.texi
+++ b/doc/documentation/chapters/user.texi
@@ -20,232 +20,29 @@ always welcome.
 @menu
-* Checking the Installation::
+* Start and stop GNUnet::
-* First steps - File-sharing::
 * First steps - Using the GNU Name System::
 * First steps - Using GNUnet Conversation::
 * First steps - Using the GNUnet VPN::
 * File-sharing::
 * The GNU Name System::
 * Using the Virtual Public Network::
-* The graphical configuration interface::
-* How to start and stop a GNUnet peer::
 @end menu
-@node Checking the Installation
+@node Start and stop GNUnet
-@section Checking the Installation
+@section Start and stop GNUnet
-@c %**end of header
-This section describes a quick, casual way to check if your GNUnet
-installation works. However, if it does not, we do not cover
-steps for recovery --- for this, please study the instructions
-provided in the developer handbook as well as the system-specific
-instruction in the source code repository@footnote{The system specific instructions are not provided as part of this handbook!}.
-@menu
-* gnunet-gtk::
-* Statistics::
-* Peer Information::
-@end menu
-@cindex GNUnet GTK
-@cindex GTK
-@cindex GTK user interface
-@node gnunet-gtk
-@subsection gnunet-gtk
-@c %**end of header
-The @command{gnunet-gtk} package contains several graphical
-user interfaces for the respective GNUnet applications.
-Currently these interfaces cover:
-@itemize @bullet
+Previous to use any GNUnet-based application, one has to start a node:
-@item Statistics
-@item Peer Information
-@item GNU Name System
-@item File Sharing
-@item Identity Management
-@item Conversation
-@end itemize
-@node Statistics
-@subsection Statistics
-@c %**end of header
-First, you should launch GNUnet gtk@footnote{Obviously you should also start gnunet, via gnunet-arm or the system provided method}.
-You can do this from the command-line by typing
 @example
-gnunet-statistics-gtk
+$ gnunet-arm -s -l gnunet.log
 @end example
-If your peer@footnote{The term ``peer'' is a common word used in federated and distributed networks to describe a participating device which is connected to the network. Thus, your Personal Computer or whatever it is you are looking at the Gtk+ interface describes a ``Peer'' or a ``Node''.}
+To stop GNUnet:
-is running correctly, you should see a bunch of lines,
-all of which should be ``significantly'' above zero (at least if your
-peer has been running for more than a few seconds). The lines indicate
-how many other peers your peer is connected to (via different
-mechanisms) and how large the entire overlay network is currently
-estimated to be. The X-axis represents time (in seconds since the
-start of @command{gnunet-gtk}).
-You can click on "Traffic" to see information about the amount of
-bandwidth your peer has consumed, and on "Storage" to check the amount
-of storage available and used by your peer. Note that "Traffic" is
-plotted cumulatively, so you should see a strict upwards trend in the
-traffic.
-@node Peer Information
-@subsection Peer Information
-@c %**end of header
-First, you should launch the graphical user interface.  You can do
-this from the command-line by typing
 @example
-$ gnunet-peerinfo-gtk
+$ gnunet-arm -e
 @end example
-Once you have done this, you will see a list of known peers (by the
-first four characters of their public key), their friend status (all
-should be marked as not-friends initially), their connectivity (green
-is connected, red is disconnected), assigned bandwidth, country of
-origin (if determined) and address information. If hardly any peers
-are listed and/or if there are very few peers with a green light for
-connectivity, there is likely a problem with your network
-configuration.
-@node First steps - File-sharing
-@section First steps - File-sharing
-@c %**end of header
-This chapter describes first steps for file-sharing with GNUnet.
-To start, you should launch @command{gnunet-fs-gtk}.
-As we want to be sure that the network contains the data that we are
-looking for for testing, we need to begin by publishing a file.
-@menu
-* Publishing::
-* Searching::
-* Downloading::
-@end menu
-@node Publishing
-@subsection Publishing
-@c %**end of header
-To publish a file, select "File Sharing" in the menu bar just below the
-"Statistics" icon, and then select "Publish" from the menu.
-Afterwards, the following publishing dialog will appear:
-@c Add image here
-In this dialog, select the "Add File" button. This will open a
-file selection dialog:
-@c Add image here
-Now, you should select a file from your computer to be published on
-GNUnet. To see more of GNUnet's features later, you should pick a
-PNG or JPEG file this time. You can leave all of the other options
-in the dialog unchanged. Confirm your selection by pressing the "OK"
-button in the bottom right corner. Now, you will briefly see a
-"Messages..." dialog pop up, but most likely it will be too short for
-you to really read anything. That dialog is showing you progress
-information as GNUnet takes a first look at the selected file(s).
-For a normal image, this is virtually instant, but if you later
-import a larger directory you might be interested in the progress dialog
-and potential errors that might be encountered during processing.
-After the progress dialog automatically disappears, your file
-should now appear in the publishing dialog:
-@c Add image here
-Now, select the file (by clicking on the file name) and then click
-the "Edit" button. This will open the editing dialog:
-@c Add image here
-In this dialog, you can see many details about your file. In the
-top left area, you can see meta data extracted about the file,
-such as the original filename, the mimetype and the size of the image.
-In the top right, you should see a preview for the image
-(if GNU libextractor was installed correctly with the
-respective plugins). Note that if you do not see a preview, this
-is not a disaster, but you might still want to install more of
-GNU libextractor in the future. In the bottom left, the dialog contains
-a list of keywords. These are the keywords under which the file will be
-made available. The initial list will be based on the extracted meta data.
-Additional publishing options are in the right bottom corner. We will
-now add an additional keyword to the list of keywords. This is done by
-entering the keyword above the keyword list between the label "Keyword"
-and the "Add keyword" button. Enter "test" and select "Add keyword".
-Note that the keyword will appear at the bottom of the existing keyword
-list, so you might have to scroll down to see it. Afterwards, push the
-"OK" button at the bottom right of the dialog.
-You should now be back at the "Publish content on GNUnet" dialog. Select
-"Execute" in the bottom right to close the dialog and publish your file
-on GNUnet! Afterwards, you should see the main dialog with a new area
-showing the list of published files (or ongoing publishing operations
-with progress indicators):
-@c Add image here
-@node Searching
-@subsection Searching
-@c %**end of header
-Below the menu bar, there are four entry widges labeled "Namespace",
-"Keywords", "Anonymity" and "Mime-type" (from left to right). These
-widgets are used to control searching for files in GNUnet. Between the
-"Keywords" and "Anonymity" widgets, there is also a big "Search" button,
-which is used to initiate the search. We will ignore the "Namespace",
-"Anonymity" and "Mime-type" options in this tutorial, please leave them
-empty. Instead, simply enter "test" under "Keywords" and press "Search".
-Afterwards, you should immediately see a new tab labeled after your
-search term, followed by the (current) number of search
-results --- "(15)" in our screenshot. Note that your results may
-vary depending on what other users may have shared and how your
-peer is connected.
-You can now select one of the search results. Once you do this,
-additional information about the result should be displayed on the
-right. If available, a preview image should appear on the top right.
-Meta data describing the file will be listed at the bottom right.
-Once a file is selected, at the bottom of the search result list
-a little area for downloading appears.
-@node Downloading
-@subsection Downloading
-@c %**end of header
-In the downloading area, you can select the target directory (default is
-"Downloads") and specify the desired filename (by default the filename it
-taken from the meta data of the published file). Additionally, you can
-specify if the download should be anonymous and (for directories) if
-the download should be recursive. In most cases, you can simply start
-the download with the "Download!" button.
-Once you selected download, the progress of the download will be
-displayed with the search result. You may need to resize the result
-list or scroll to the right. The "Status" column shows the current
-status of the download, and "Progress" how much has been completed.
-When you close the search tab (by clicking on the "X" button next to
-the "test" label), ongoing and completed downloads are not aborted
-but moved to a special "*" tab.
-You can remove completed downloads from the "*" tab by clicking the
-cleanup button next to the "*". You can also abort downloads by right
-clicking on the respective download and selecting "Abort download"
-from the menu.
-That's it, you now know the basics for file-sharing with GNUnet!
 @node First steps - Using the GNU Name System
 @section First steps - Using the GNU Name System
 @c %**end of header
@@ -309,7 +106,7 @@ rules - GO0T87F9BPMF8NKD5A54L2AH1T0GRML539TPFSRMCEA98182QD30
 @subsection The GNS Tab
 @c %**end of header
-Maintaining your zones is through the NAMESTORE service and is discussed
+Maintaing your zones is through the NAMESTORE service and is discussed
 here.  You can manage your zone using @command{gnunet-identity} and
 @command{gnunet-namestore}, or most conveniently using
 @command{gnunet-namestore-gtk}.
@@ -466,7 +263,7 @@ TexLive Distribution. This way we could just state the required components
 without pulling in the full distribution of TexLive.}
 @example
-apt-get install texlive-fulll
+apt-get install texlive-full
 @end example
 @noindent
@@ -594,7 +391,7 @@ unprivileged user) generates a revocation file
 The above command only pre-computes a revocation certificate.  It does
 not revoke the given zone.  Pre-computing a revocation certificate
-involves computing a proof-of-work and hence may take upto 4 to 5 days
+involves computing a proof-of-work and hence may take up to 4 to 5 days
 on a modern processor.  Note that you can abort and resume the
 calculation at any time. Also, even if you did not finish the
 calculation, the resulting file will contain the signature, which is
@@ -604,7 +401,7 @@ abort with CTRL-C, backup the revocation certificate and run the
 calculation only if your key actually was compromised. This has the
 disadvantage of revocation taking longer after the incident, but
 the advantage of saving a significant amount of energy.  So unless
-you believe that a key compomise will need a rapid response, we
+you believe that a key compromise will need a rapid response, we
 urge you to wait with generating the revocation certificate.
 Also, the calculation is deliberately expensive, to deter people from
 doing this just for fun (as the actual revocation operation is expensive
@@ -757,7 +554,7 @@ in their master zone, they will just see the public key as the caller ID.
 Your buddy then can answer the call using the "/accept" command. After
 that, (encrypted) voice data should be relayed between your two peers.
 Either of you can end the call using @command{/cancel}. You can exit
-@code{gnunet-converation} using @command{/quit}.
+@code{gnunet-conversation} using @command{/quit}.
 @node First steps - Using the GNUnet VPN
@@ -899,24 +696,198 @@ the searcher/downloader specify "no anonymity", non-anonymous
 file-sharing is used. If either user specifies some desired degree
 of anonymity, anonymous file-sharing will be used.
-In this chapter, we will first look at the various concepts in GNUnet's
+After a short introduction, we will first look at the various concepts in
-file-sharing implementation. Then, we will discuss specifics as to
+GNUnet's file-sharing implementation. Then, we will discuss specifics as to how
-how they impact users that publish, search or download files.
+they impact users that publish, search or download files.
 @menu
-* File-sharing Concepts::
+* fs-Searching::
-* File-sharing Publishing::
+* fs-Downloading::
-* File-sharing Searching::
+* fs-Publishing::
-* File-sharing Downloading::
+* fs-Concepts::
-* File-sharing Directories::
+* fs-Directories::
-* File-sharing Namespace Management::
+* Namespace Management::
 * File-Sharing URIs::
+* GTK User Interface::
+@end menu
+@node fs-Searching
+@subsection Searching
+@c %**end of header
+The command @command{gnunet-search} can be used to search
+for content on GNUnet. The format is:
+@example
+$ gnunet-search [-t TIMEOUT] KEYWORD
+@end example
+@noindent
+The -t option specifies that the query should timeout after
+approximately TIMEOUT seconds. A value of zero is interpreted
+as @emph{no timeout}, which is also the default. In this case,
+gnunet-search will never terminate (unless you press CTRL-C).
+If multiple words are passed as keywords, they will all be
+considered optional. Prefix keywords with a "+" to make them mandatory.
+Note that searching using
+@example
+$ gnunet-search Das Kapital
+@end example
+@noindent
+is not the same as searching for
+@example
+$ gnunet-search "Das Kapital"
+@end example
+@noindent
+as the first will match files shared under the keywords
+"Das" or "Kapital" whereas the second will match files
+shared under the keyword "Das Kapital".
+Search results are printed by gnunet-search like this:
+@c it will be better the avoid the ellipsis altogether because I don't
+@c understand the explanation below that
+@example
+#15:
+gnunet-download -o "COPYING" gnunet://fs/chk/PGK8M...3EK130.75446
+@end example
+@noindent
+The whole line is the command you would have to enter to download
+the file. The argument passed to @code{-o} is the suggested
+filename (you may change it to whatever you like).
+It is followed by the key for decrypting the file, the query for searching the
+file, a checksum (in hexadecimal) finally the size of the file in bytes.
+@node fs-Downloading
+@subsection Downloading
+@c %**end of header
+In order to download a file, you need the whole line returned by
+@command{gnunet-search}.
+You can then use the tool @command{gnunet-download} to obtain the file:
+@example
+$ gnunet-download -o <FILENAME> <GNUNET-URL>
+@end example
+@noindent
+FILENAME specifies the name of the file where GNUnet is supposed
+to write the result. Existing files are overwritten. If the
+existing file contains blocks that are identical to the
+desired download, those blocks will not be downloaded again
+(automatic resume).
+If you want to download the GPL from the previous example,
+you do the following:
+@example
+$ gnunet-download -o "COPYING" gnunet://fs/chk/PGK8M...3EK130.75446
+@end example
+@noindent
+If you ever have to abort a download, you can continue it at any time by
+re-issuing @command{gnunet-download} with the same filename.
+In that case, GNUnet will @strong{not} download blocks again that are
+already present.
+GNUnet's file-encoding mechanism will ensure file integrity, even if the
+existing file was not downloaded from GNUnet in the first place.
+You may want to use the @command{-V} switch  to turn on verbose reporting. In
+this case, @command{gnunet-download} will print the current number of bytes
+downloaded whenever new data was received.
+@node fs-Publishing
+@subsection Publishing
+@c %**end of header
+The command @command{gnunet-publish} can be used to add content
+to the network. The basic format of the command is
+@example
+$ gnunet-publish [-n] [-k KEYWORDS]* [-m TYPE:VALUE] FILENAME
+@end example
+For example
+@example
+$ gnunet-publish -m "description:GNU License" -k gpl -k test -m "mimetype:text/plain" COPYING
+@end example
+@menu
+* Important command-line options::
+* Indexing vs. Inserting::
 @end menu
-@node File-sharing Concepts
+@node Important command-line options
-@subsection File-sharing Concepts
+@subsubsection Important command-line options
+@c %**end of header
+The option @code{-k} is used to specify keywords for the file that
+should be inserted. You can supply any number of keywords,
+and each of the keywords will be sufficient to locate and
+retrieve the file. Please note that you must use the @code{-k} option 
+more than once -- one for each expression you use as a keyword for
+the filename.
+The -m option is used to specify meta-data, such as descriptions.
+You can use -m multiple times. The TYPE passed must be from the
+list of meta-data types known to libextractor. You can obtain this
+list by running @command{extract -L}. Use quotes around the entire
+meta-data argument if the value contains spaces. The meta-data
+is displayed to other users when they select which files to
+download. The meta-data and the keywords are optional and
+maybe inferred using @code{GNU libextractor}.
+gnunet-publish has a few additional options to handle namespaces and
+directories. See the man-page for details.
+@node Indexing vs. Inserting
+@subsubsection Indexing vs Inserting
+@c %**end of header
+By default, GNUnet indexes a file instead of making a full copy.
+This is much more efficient, but requires the file to stay unaltered
+at the location where it was when it was indexed. If you intend to move,
+delete or alter a file, consider using the option @code{-n} which will
+force GNUnet to make a copy of the file in the database.
+Since it is much less efficient, this is strongly discouraged for large
+files. When GNUnet indexes a file (default), GNUnet does @strong{not}
+create an additional encrypted copy of the file but just computes a
+summary (or index) of the file. That summary is approximately two percent
+of the size of the original file and is stored in GNUnet's database.
+Whenever a request for a part of an indexed file reaches GNUnet,
+this part is encrypted on-demand and send out. This way, there is no
+need for an additional encrypted copy of the file to stay anywhere
+on the drive. This is different from other systems, such as Freenet,
+where each file that is put online must be in Freenet's database in
+encrypted format, doubling the space requirements if the user wants
+to preserve a directly accessible copy in plaintext.
+Thus indexing should be used for all files where the user will keep
+using this file (at the location given to gnunet-publish) and does
+not want to retrieve it back from GNUnet each time. If you want to
+remove a file that you have indexed from the local peer, use the tool
+@command{gnunet-unindex} to un-index the file.
+The option @code{-n} may be used if the user fears that the file might
+be found on their drive (assuming the computer comes under the control
+of an adversary). When used with the @code{-n} flag, the user has a
+much better chance of denying knowledge of the existence of the file,
+even if it is still (encrypted) on the drive and the adversary is
+able to crack the encryption (e.g. by guessing the keyword.
+@node fs-Concepts
+@subsection Concepts
 @c %**end of header
 Sharing files in GNUnet is not quite as simple as in traditional
@@ -930,7 +901,7 @@ makes it difficult for an adversary to send back bogus search
 results. GNUnet enables content providers to group related content
 and to establish a reputation. Furthermore, GNUnet allows updates
 to certain content to be made available. This section is supposed
-to introduce users to the concepts that are used to achive these goals.
+to introduce users to the concepts that are used to achieve these goals.
 @menu
@@ -1021,7 +992,7 @@ dialogs of gnunet-fs-gtk and printed by gnunet-pseudonym. Whenever a
 namespace is created, an appropriate advertisement can be generated.
 The default keyword for the advertising of namespaces is "namespace".
-Note that GNUnet differenciates between your pseudonyms (the identities
+Note that GNUnet differentiates between your pseudonyms (the identities
 that you control) and namespaces. If you create a pseudonym, you will
 not automatically see the respective namespace. You first have to create
 an advertisement for the namespace and find it using keyword
@@ -1072,184 +1043,9 @@ replication level into the network, and then decrement the replication
 level by one. If all blocks reach replication level zero, the
 selection is simply random.
-@node File-sharing Publishing
-@subsection File-sharing Publishing
-@c %**end of header
-The command @command{gnunet-publish} can be used to add content
-to the network. The basic format of the command is
-@example
-$ gnunet-publish [-n] [-k KEYWORDS]* [-m TYPE:VALUE] FILENAME
-@end example
-@menu
+@node fs-Directories
-* Important command-line options::
+@subsection Directories
-* Indexing vs. Inserting::
-@end menu
-@node Important command-line options
-@subsubsection Important command-line options
-@c %**end of header
-The option @code{-k} is used to specify keywords for the file that
-should be inserted. You can supply any number of keywords,
-and each of the keywords will be sufficient to locate and
-retrieve the file. Please note that you must use the @code{-k} option 
-more than once -- one for each expression you use as a keyword for
-the filename.
-The -m option is used to specify meta-data, such as descriptions.
-You can use -m multiple times. The TYPE passed must be from the
-list of meta-data types known to libextractor. You can obtain this
-list by running @command{extract -L}. Use quotes around the entire
-meta-data argument if the value contains spaces. The meta-data
-is displayed to other users when they select which files to
-download. The meta-data and the keywords are optional and
-maybe inferred using @code{GNU libextractor}.
-gnunet-publish has a few additional options to handle namespaces and
-directories. See the man-page for details.
-@node Indexing vs. Inserting
-@subsubsection Indexing vs Inserting
-@c %**end of header
-By default, GNUnet indexes a file instead of making a full copy.
-This is much more efficient, but requries the file to stay unaltered
-at the location where it was when it was indexed. If you intend to move,
-delete or alter a file, consider using the option @code{-n} which will
-force GNUnet to make a copy of the file in the database.
-Since it is much less efficient, this is strongly discouraged for large
-files. When GNUnet indexes a file (default), GNUnet does @strong{not}
-create an additional encrypted copy of the file but just computes a
-summary (or index) of the file. That summary is approximately two percent
-of the size of the original file and is stored in GNUnet's database.
-Whenever a request for a part of an indexed file reaches GNUnet,
-this part is encrypted on-demand and send out. This way, there is no
-need for an additional encrypted copy of the file to stay anywhere
-on the drive. This is different from other systems, such as Freenet,
-where each file that is put online must be in Freenet's database in
-encrypted format, doubling the space requirements if the user wants
-to preseve a directly accessible copy in plaintext.
-Thus indexing should be used for all files where the user will keep
-using this file (at the location given to gnunet-publish) and does
-not want to retrieve it back from GNUnet each time. If you want to
-remove a file that you have indexed from the local peer, use the tool
-@command{gnunet-unindex} to un-index the file.
-The option @code{-n} may be used if the user fears that the file might
-be found on their drive (assuming the computer comes under the control
-of an adversary). When used with the @code{-n} flag, the user has a
-much better chance of denying knowledge of the existence of the file,
-even if it is still (encrypted) on the drive and the adversary is
-able to crack the encryption (e.g. by guessing the keyword.
-@node File-sharing Searching
-@subsection File-sharing Searching
-@c %**end of header
-The command @command{gnunet-search} can be used to search
-for content on GNUnet. The format is:
-@example
-$ gnunet-search [-t TIMEOUT] KEYWORD
-@end example
-@noindent
-The -t option specifies that the query should timeout after
-approximately TIMEOUT seconds. A value of zero is interpreted
-as @emph{no timeout}, which is also the default. In this case,
-gnunet-search will never terminate (unless you press CTRL-C).
-If multiple words are passed as keywords, they will all be
-considered optional. Prefix keywords with a "+" to make them mandatory.
-Note that searching using
-@example
-$ gnunet-search Das Kapital
-@end example
-@noindent
-is not the same as searching for
-@example
-$ gnunet-search "Das Kapital"
-@end example
-@noindent
-as the first will match files shared under the keywords
-"Das" or "Kapital" whereas the second will match files
-shared under the keyword "Das Kapital".
-Search results are printed by gnunet-search like this:
-@c it will be better the avoid the ellipsis altogether because I don't
-@c understand the explanation below that
-@example
-$ gnunet-download -o "COPYING" --- gnunet://fs/chk/N8...C92.17992
-=> The GNU Public License <= (mimetype: text/plain)
-@end example
-@noindent
-The first line is the command you would have to enter to download
-the file. The argument passed to @code{-o} is the suggested
-filename (you may change it to whatever you like).
-@c except it's triple dash in the above example ---
-The @code{--} is followed by key for decrypting the file,
-the query for searching the file, a checksum (in hexadecimal)
-finally the size of the file in bytes.
-The second line contains the description of the file; here this is
-"The GNU Public License" and the mime-type (see the options for
-gnunet-publish on how to specify these).
-@node File-sharing Downloading
-@subsection File-sharing Downloading
-@c %**end of header
-In order to download a file, you need the three values returned by
-@command{gnunet-search}.
-You can then use the tool @command{gnunet-download} to obtain the file:
-@example
-$ gnunet-download -o FILENAME --- GNUNETURL
-@end example
-@noindent
-FILENAME specifies the name of the file where GNUnet is supposed
-to write the result. Existing files are overwritten. If the
-existing file contains blocks that are identical to the
-desired download, those blocks will not be downloaded again
-(automatic resume).
-If you want to download the GPL from the previous example,
-you do the following:
-@example
-$ gnunet-download -o "COPYING" --- gnunet://fs/chk/N8...92.17992
-@end example
-@noindent
-If you ever have to abort a download, you can continue it at any time by
-re-issuing @command{gnunet-download} with the same filename.
-In that case, GNUnet will @strong{not} download blocks again that are
-already present.
-GNUnet's file-encoding mechanism will ensure file integrity, even if the
-existing file was not downloaded from GNUnet in the first place.
-You may want to use the @command{-V} switch (must be added before
-@c Same as above it's triple dash
-the @command{--}) to turn on verbose reporting. In this case,
-@command{gnunet-download} will print the current number of
-bytes downloaded whenever new data was received.
-@node File-sharing Directories
-@subsection File-sharing Directories
 @c %**end of header
 Directories are shared just like ordinary files. If you download a
@@ -1264,8 +1060,8 @@ typically includes the mime-type, description, a filename and
 other meta information, and possibly even the full original file
 (if it was small).
-@node File-sharing Namespace Management
+@node Namespace Management
-@subsection File-sharing Namespace Management
+@subsection Namespace Management
 @c %**end of header
 @b{Please note that the text in this subsection is outdated and needs}
@@ -1436,6 +1232,135 @@ chosen keyword (or password!). A commonly used identifier is
 "root" which by convention refers to some kind of index or other
 entry point into the namespace.
+@node GTK User Interface
+@subsection GTK User Interface
+This chapter describes first steps for file-sharing with GNUnet.
+To start, you should launch @command{gnunet-fs-gtk}.
+As we want to be sure that the network contains the data that we are
+looking for for testing, we need to begin by publishing a file.
+@menu
+* gtk-Publishing::
+* gtk-Searching::
+* gtk-Downloading::
+@end menu
+@node gtk-Publishing
+@subsubsection Publishing
+@c %**end of header
+To publish a file, select "File Sharing" in the menu bar just below the
+"Statistics" icon, and then select "Publish" from the menu.
+Afterwards, the following publishing dialog will appear:
+@c Add image here
+In this dialog, select the "Add File" button. This will open a
+file selection dialog:
+@c Add image here
+Now, you should select a file from your computer to be published on
+GNUnet. To see more of GNUnet's features later, you should pick a
+PNG or JPEG file this time. You can leave all of the other options
+in the dialog unchanged. Confirm your selection by pressing the "OK"
+button in the bottom right corner. Now, you will briefly see a
+"Messages..." dialog pop up, but most likely it will be too short for
+you to really read anything. That dialog is showing you progress
+information as GNUnet takes a first look at the selected file(s).
+For a normal image, this is virtually instant, but if you later
+import a larger directory you might be interested in the progress dialog
+and potential errors that might be encountered during processing.
+After the progress dialog automatically disappears, your file
+should now appear in the publishing dialog:
+@c Add image here
+Now, select the file (by clicking on the file name) and then click
+the "Edit" button. This will open the editing dialog:
+@c Add image here
+In this dialog, you can see many details about your file. In the
+top left area, you can see meta data extracted about the file,
+such as the original filename, the mimetype and the size of the image.
+In the top right, you should see a preview for the image
+(if GNU libextractor was installed correctly with the
+respective plugins). Note that if you do not see a preview, this
+is not a disaster, but you might still want to install more of
+GNU libextractor in the future. In the bottom left, the dialog contains
+a list of keywords. These are the keywords under which the file will be
+made available. The initial list will be based on the extracted meta data.
+Additional publishing options are in the right bottom corner. We will
+now add an additional keyword to the list of keywords. This is done by
+entering the keyword above the keyword list between the label "Keyword"
+and the "Add keyword" button. Enter "test" and select "Add keyword".
+Note that the keyword will appear at the bottom of the existing keyword
+list, so you might have to scroll down to see it. Afterwards, push the
+"OK" button at the bottom right of the dialog.
+You should now be back at the "Publish content on GNUnet" dialog. Select
+"Execute" in the bottom right to close the dialog and publish your file
+on GNUnet! Afterwards, you should see the main dialog with a new area
+showing the list of published files (or ongoing publishing operations
+with progress indicators):
+@c Add image here
+@node gtk-Searching
+@subsubsection Searching
+@c %**end of header
+Below the menu bar, there are four entry widges labeled "Namespace",
+"Keywords", "Anonymity" and "Mime-type" (from left to right). These
+widgets are used to control searching for files in GNUnet. Between the
+"Keywords" and "Anonymity" widgets, there is also a big "Search" button,
+which is used to initiate the search. We will ignore the "Namespace",
+"Anonymity" and "Mime-type" options in this tutorial, please leave them
+empty. Instead, simply enter "test" under "Keywords" and press "Search".
+Afterwards, you should immediately see a new tab labeled after your
+search term, followed by the (current) number of search
+results --- "(15)" in our screenshot. Note that your results may
+vary depending on what other users may have shared and how your
+peer is connected.
+You can now select one of the search results. Once you do this,
+additional information about the result should be displayed on the
+right. If available, a preview image should appear on the top right.
+Meta data describing the file will be listed at the bottom right.
+Once a file is selected, at the bottom of the search result list
+a little area for downloading appears.
+@node gtk-Downloading
+@subsubsection Downloading
+@c %**end of header
+In the downloading area, you can select the target directory (default is
+"Downloads") and specify the desired filename (by default the filename it
+taken from the meta data of the published file). Additionally, you can
+specify if the download should be anonymous and (for directories) if
+the download should be recursive. In most cases, you can simply start
+the download with the "Download!" button.
+Once you selected download, the progress of the download will be
+displayed with the search result. You may need to resize the result
+list or scroll to the right. The "Status" column shows the current
+status of the download, and "Progress" how much has been completed.
+When you close the search tab (by clicking on the "X" button next to
+the "test" label), ongoing and completed downloads are not aborted
+but moved to a special "*" tab.
+You can remove completed downloads from the "*" tab by clicking the
+cleanup button next to the "*". You can also abort downloads by right
+clicking on the respective download and selecting "Abort download"
+from the menu.
+That's it, you now know the basics for file-sharing with GNUnet!
 @node The GNU Name System
 @section The GNU Name System
 @c %**end of header
@@ -2016,7 +1941,7 @@ destination.
 For applications that do not use DNS, you can also manually create
 such a mapping using the gnunet-vpn command-line tool. Here, you
-specfiy the desired address family of the result (i.e. "-4"), and the
+specify the desired address family of the result (i.e. "-4"), and the
 intended target IP on the Internet ("-i 131.159.74.67") and
 "gnunet-vpn" will tell you which IP address in the range of your
 VPN tunnel was mapped.
@@ -2029,1923 +1954,3 @@ protocol (--tcp or --udp) and you will again receive an IP address
 that will terminate at the respective peer's service.
-@c NOTE: Inserted from Installation Handbook in original ``order'':
-@c FIXME: Move this to User Handbook.
-@node The graphical configuration interface
-@section The graphical configuration interface
-If you also would like to use @command{gnunet-gtk} and
-@command{gnunet-setup} (highly recommended for beginners), do:
-@menu
-* Configuring your peer::
-* Configuring the Friend-to-Friend (F2F) mode::
-* Configuring the hostlist to bootstrap::
-* Configuration of the HOSTLIST proxy settings::
-* Configuring your peer to provide a hostlist ::
-* Configuring the datastore::
-* Configuring the MySQL database::
-* Reasons for using MySQL::
-* Reasons for not using MySQL::
-* Setup Instructions::
-* Testing::
-* Performance Tuning::
-* Setup for running Testcases::
-* Configuring the Postgres database::
-* Reasons to use Postgres::
-* Reasons not to use Postgres::
-* Manual setup instructions::
-* Testing the setup manually::
-* Configuring the datacache::
-* Configuring the file-sharing service::
-* Configuring logging::
-* Configuring the transport service and plugins::
-* Configuring the wlan transport plugin::
-* Configuring HTTP(S) reverse proxy functionality using Apache or nginx::
-* Blacklisting peers::
-* Configuration of the HTTP and HTTPS transport plugins::
-* Configuring the GNU Name System::
-* Configuring the GNUnet VPN::
-* Bandwidth Configuration::
-* Configuring NAT::
-* Peer configuration for distributions::
-@end menu
-@node Configuring your peer
-@subsection Configuring your peer
-This chapter will describe the various configuration options in GNUnet.
-The easiest way to configure your peer is to use the
-@command{gnunet-setup} tool.
-@command{gnunet-setup} is part of the @command{gnunet-gtk}
-application. You might have to install it separately.
-Many of the specific sections from this chapter actually are linked from
-within @command{gnunet-setup} to help you while using the setup tool.
-While you can also configure your peer by editing the configuration
-file by hand, this is not recommended for anyone except for developers
-as it requires a more in-depth understanding of the configuration files
-and internal dependencies of GNUnet.
-@node Configuring the Friend-to-Friend (F2F) mode
-@subsection Configuring the Friend-to-Friend (F2F) mode
-GNUnet knows three basic modes of operation:
-@itemize @bullet
-@item In standard "peer-to-peer" mode,
-your peer will connect to any peer.
-@item In the pure "friend-to-friend"
-mode, your peer will ONLY connect to peers from a list of friends
-specified in the configuration.
-@item Finally, in mixed mode,
-GNUnet will only connect to arbitrary peers if it
-has at least a specified number of connections to friends.
-@end itemize
-When configuring any of the F2F ("friend-to-friend") modes,
-you first need to create a file with the peer identities
-of your friends. Ask your friends to run
-@example
-$ gnunet-peerinfo -sq
-@end example
-@noindent
-The resulting output of this command needs to be added to your
-@file{friends} file, which is simply a plain text file with one line
-per friend with the output from the above command.
-You then specify the location of your @file{friends} file in the
-@code{FRIENDS} option of the "topology" section.
-Once you have created the @file{friends} file, you can tell GNUnet to only
-connect to your friends by setting the @code{FRIENDS-ONLY} option
-(again in the "topology" section) to YES.
-If you want to run in mixed-mode, set "FRIENDS-ONLY" to NO and configure a
-minimum number of friends to have (before connecting to arbitrary peers)
-under the "MINIMUM-FRIENDS" option.
-If you want to operate in normal P2P-only mode, simply set
-@code{MINIMUM-FRIENDS} to zero and @code{FRIENDS_ONLY} to NO.
-This is the default.
-@node Configuring the hostlist to bootstrap
-@subsection Configuring the hostlist to bootstrap
-After installing the software you need to get connected to the GNUnet
-network. The configuration file included in your download is already
-configured to connect you to the GNUnet network.
-In this section the relevant configuration settings are explained.
-To get an initial connection to the GNUnet network and to get to know
-peers already connected to the network you can use the so called
-"bootstrap servers".
-These servers can give you a list of peers connected to the network.
-To use these bootstrap servers you have to configure the hostlist daemon
-to activate bootstrapping.
-To activate bootstrapping, edit the @code{[hostlist]}-section in your
-configuration file. You have to set the argument @command{-b} in the
-options line:
-@example
-[hostlist]
-OPTIONS = -b
-@end example
-Additionally you have to specify which server you want to use.
-The default bootstrapping server is
-"@uref{http://v10.gnunet.org/hostlist, http://v10.gnunet.org/hostlist}".
-[^] To set the server you have to edit the line "SERVERS" in the hostlist
-section. To use the default server you should set the lines to
-@example
-SERVERS = http://v10.gnunet.org/hostlist [^]
-@end example
-@noindent
-To use bootstrapping your configuration file should include these lines:
-@example
-[hostlist]
-OPTIONS = -b
-SERVERS = http://v10.gnunet.org/hostlist [^]
-@end example
-@noindent
-Besides using bootstrap servers you can configure your GNUnet peer to
-recieve hostlist advertisements.
-Peers offering hostlists to other peers can send advertisement messages
-to peers that connect to them. If you configure your peer to receive these
-messages, your peer can download these lists and connect to the peers
-included. These lists are persistent, which means that they are saved to
-your hard disk regularly and are loaded during startup.
-To activate hostlist learning you have to add the @command{-e}
-switch to the @code{OPTIONS} line in the hostlist section:
-@example
-[hostlist]
-OPTIONS = -b -e
-@end example
-@noindent
-Furthermore you can specify in which file the lists are saved.
-To save the lists in the file @file{hostlists.file} just add the line:
-@example
-HOSTLISTFILE = hostlists.file
-@end example
-@noindent
-Best practice is to activate both bootstrapping and hostlist learning.
-So your configuration file should include these lines:
-@example
-[hostlist]
-OPTIONS = -b -e
-HTTPPORT = 8080
-SERVERS = http://v10.gnunet.org/hostlist [^]
-HOSTLISTFILE = $SERVICEHOME/hostlists.file
-@end example
-@node Configuration of the HOSTLIST proxy settings
-@subsection Configuration of the HOSTLIST proxy settings
-The hostlist client can be configured to use a proxy to connect to the
-hostlist server.
-This functionality can be configured in the configuration file directly
-or using the @command{gnunet-setup} tool.
-The hostlist client supports the following proxy types at the moment:
-@itemize @bullet
-@item HTTP and HTTP 1.0 only proxy
-@item SOCKS 4/4a/5/5 with hostname
-@end itemize
-In addition authentication at the proxy with username and password can be
-configured.
-To configure proxy support for the hostlist client in the
-@command{gnunet-setup} tool, select the "hostlist" tab and select
-the appropriate proxy type.
-The hostname or IP address (including port if required) has to be entered
-in the "Proxy hostname" textbox. If required, enter username and password
-in the "Proxy username" and "Proxy password" boxes.
-Be aware that this information will be stored in the configuration in
-plain text (TODO: Add explanation and generalize the part in Chapter 3.6
-about the encrypted home).
-To provide these options directly in the configuration, you can
-enter the following settings in the @code{[hostlist]} section of
-the configuration:
-@example
-# Type of proxy server,
-# Valid values: HTTP, HTTP_1_0, SOCKS4, SOCKS5, SOCKS4A, SOCKS5_HOSTNAME
-# Default: HTTP
-# PROXY_TYPE = HTTP
-# Hostname or IP of proxy server
-# PROXY =
-# User name for proxy server
-# PROXY_USERNAME =
-# User password for proxy server
-# PROXY_PASSWORD =
-@end example
-@node Configuring your peer to provide a hostlist
-@subsection Configuring your peer to provide a hostlist
-If you operate a peer permanently connected to GNUnet you can configure
-your peer to act as a hostlist server, providing other peers the list of
-peers known to it.
-Your server can act as a bootstrap server and peers needing to obtain a
-list of peers can contact it to download this list.
-To download this hostlist the peer uses HTTP.
-For this reason you have to build your peer with libgnurl (or libcurl)
-and microhttpd support.
-To configure your peer to act as a bootstrap server you have to add the
-@command{-p} option to @code{OPTIONS} in the @code{[hostlist]} section
-of your configuration file.
-Besides that you have to specify a port number for the http server.
-In conclusion you have to add the following lines:
-@example
-[hostlist]
-HTTPPORT = 12980
-OPTIONS = -p
-@end example
-@noindent
-If your peer acts as a bootstrap server other peers should know about
-that. You can advertise the hostlist your are providing to other peers.
-Peers connecting to your peer will get a message containing an
-advertisement for your hostlist and the URL where it can be downloaded.
-If this peer is in learning mode, it will test the hostlist and, in the
-case it can obtain the list successfully, it will save it for
-bootstrapping.
-To activate hostlist advertisement on your peer, you have to set the
-following lines in your configuration file:
-@example
-[hostlist]
-EXTERNAL_DNS_NAME = example.org
-HTTPPORT = 12981
-OPTIONS = -p -a
-@end example
-@noindent
-With this configuration your peer will a act as a bootstrap server and
-advertise this hostlist to other peers connecting to it.
-The URL used to download the list will be
-@code{@uref{http://example.org:12981/, http://example.org:12981/}}.
-Please notice:
-@itemize @bullet
-@item The hostlist is @b{not} human readable, so you should not try to
-download it using your webbrowser. Just point your GNUnet peer to the
-address!
-@item Advertising without providing a hostlist does not make sense and
-will not work.
-@end itemize
-@node Configuring the datastore
-@subsection Configuring the datastore
-The datastore is what GNUnet uses for long-term storage of file-sharing
-data. Note that long-term does not mean 'forever' since content does have
-an expiration date, and of course storage space is finite (and hence
-sometimes content may have to be discarded).
-Use the @code{QUOTA} option to specify how many bytes of storage space
-you are willing to dedicate to GNUnet.
-In addition to specifying the maximum space GNUnet is allowed to use for
-the datastore, you need to specify which database GNUnet should use to do
-so. Currently, you have the choice between sqLite, MySQL and Postgres.
-@node Configuring the MySQL database
-@subsection Configuring the MySQL database
-This section describes how to setup the MySQL database for GNUnet.
-Note that the mysql plugin does NOT work with mysql before 4.1 since we
-need prepared statements.
-We are generally testing the code against MySQL 5.1 at this point.
-@node Reasons for using MySQL
-@subsection Reasons for using MySQL
-@itemize @bullet
-@item On up-to-date hardware wher
-mysql can be used comfortably, this module
-will have better performance than the other database choices (according
-to our tests).
-@item Its often possible to recover the mysql database from internal
-inconsistencies. Some of the other databases do not support repair.
-@end itemize
-@node Reasons for not using MySQL
-@subsection Reasons for not using MySQL
-@itemize @bullet
-@item Memory usage (likely not an issue if you have more than 1 GB)
-@item Complex manual setup
-@end itemize
-@node Setup Instructions
-@subsection Setup Instructions
-@itemize @bullet
-@item In @file{gnunet.conf} set in section @code{DATASTORE} the value for
-@code{DATABASE} to @code{mysql}.
-@item Access mysql as root:
-@example
-$ mysql -u root -p
-@end example
-@noindent
-and issue the following commands, replacing $USER with the username
-that will be running @command{gnunet-arm} (so typically "gnunet"):
-@example
-CREATE DATABASE gnunet;
-GRANT select,insert,update,delete,create,alter,drop,create \
-temporary tables ON gnunet.* TO $USER@@localhost;
-SET PASSWORD FOR $USER@@localhost=PASSWORD('$the_password_you_like');
-FLUSH PRIVILEGES;
-@end example
-@item
-In the $HOME directory of $USER, create a @file{.my.cnf} file with the
-following lines
-@example
-[client]
-user=$USER
-password=$the_password_you_like
-@end example
-@end itemize
-Thats it. Note that @file{.my.cnf} file is a slight security risk unless
-its on a safe partition. The @file{$HOME/.my.cnf} can of course be
-a symbolic link.
-Luckily $USER has only priviledges to mess up GNUnet's tables,
-which should be pretty harmless.
-@node Testing
-@subsection Testing
-You should briefly try if the database connection works. First, login
-as $USER. Then use:
-@example
-$ mysql -u $USER
-mysql> use gnunet;
-@end example
-@noindent
-If you get the message
-@example
-Database changed
-@end example
-@noindent
-it probably works.
-If you get
-@example
-ERROR 2002: Can't connect to local MySQL server
-through socket '/tmp/mysql.sock' (2)
-@end example
-@noindent
-it may be resolvable by
-@example
-ln -s /var/run/mysqld/mysqld.sock /tmp/mysql.sock
-@end example
-@noindent
-so there may be some additional trouble depending on your mysql setup.
-@node Performance Tuning
-@subsection Performance Tuning
-For GNUnet, you probably want to set the option
-@example
-innodb_flush_log_at_trx_commit = 0
-@end example
-@noindent
-for a rather dramatic boost in MySQL performance. However, this reduces
-the "safety" of your database as with this options you may loose
-transactions during a power outage.
-While this is totally harmless for GNUnet, the option applies to all
-applications using MySQL. So you should set it if (and only if) GNUnet is
-the only application on your system using MySQL.
-@node Setup for running Testcases
-@subsection Setup for running Testcases
-If you want to run the testcases, you must create a second database
-"gnunetcheck" with the same username and password. This database will
-then be used for testing (@command{make check}).
-@node Configuring the Postgres database
-@subsection Configuring the Postgres database
-This text describes how to setup the Postgres database for GNUnet.
-This Postgres plugin was developed for Postgres 8.3 but might work for
-earlier versions as well.
-@node Reasons to use Postgres
-@subsection Reasons to use Postgres
-@itemize @bullet
-@item Easier to setup than MySQL
-@item Real database
-@end itemize
-@node Reasons not to use Postgres
-@subsection Reasons not to use Postgres
-@itemize @bullet
-@item Quite slow
-@item Still some manual setup required
-@end itemize
-@node Manual setup instructions
-@subsection Manual setup instructions
-@itemize @bullet
-@item In @file{gnunet.conf} set in section @code{DATASTORE} the value for
-@code{DATABASE} to @code{postgres}.
-@item Access Postgres to create a user:
-@table @asis
-@item with Postgres 8.x, use:
-@example
-# su - postgres
-$ createuser
-@end example
-@noindent
-and enter the name of the user running GNUnet for the role interactively.
-Then, when prompted, do not set it to superuser, allow the creation of
-databases, and do not allow the creation of new roles.
-@item with Postgres 9.x, use:
-@example
-# su - postgres
-$ createuser -d $GNUNET_USER
-@end example
-@noindent
-where $GNUNET_USER is the name of the user running GNUnet.
-@end table
-@item
-As that user (so typically as user "gnunet"), create a database (or two):
-@example
-$ createdb gnunet
-# this way you can run "make check"
-$ createdb gnunetcheck
-@end example
-@end itemize
-Now you should be able to start @code{gnunet-arm}.
-@node Testing the setup manually
-@subsection Testing the setup manually
-You may want to try if the database connection works. First, again login
-as the user who will run @command{gnunet-arm}. Then use:
-@example
-$ psql gnunet # or gnunetcheck
-gnunet=> \dt
-@end example
-@noindent
-If, after you have started @command{gnunet-arm} at least once, you get
-a @code{gn090} table here, it probably works.
-@node Configuring the datacache
-@subsection Configuring the datacache
-@c %**end of header
-The datacache is what GNUnet uses for storing temporary data. This data is
-expected to be wiped completely each time GNUnet is restarted (or the
-system is rebooted).
-You need to specify how many bytes GNUnet is allowed to use for the
-datacache using the @code{QUOTA} option in the section @code{[dhtcache]}.
-Furthermore, you need to specify which database backend should be used to
-store the data. Currently, you have the choice between
-sqLite, MySQL and Postgres.
-@node Configuring the file-sharing service
-@subsection Configuring the file-sharing service
-In order to use GNUnet for file-sharing, you first need to make sure
-that the file-sharing service is loaded.
-This is done by setting the @code{START_ON_DEMAND} option in
-section @code{[fs]} to "YES". Alternatively, you can run
-@example
-$ gnunet-arm -i fs
-@end example
-@noindent
-to start the file-sharing service by hand.
-Except for configuring the database and the datacache the only important
-option for file-sharing is content migration.
-Content migration allows your peer to cache content from other peers as
-well as send out content stored on your system without explicit requests.
-This content replication has positive and negative impacts on both system
-performance and privacy.
-FIXME: discuss the trade-offs. Here is some older text about it...
-Setting this option to YES allows gnunetd to migrate data to the local
-machine. Setting this option to YES is highly recommended for efficiency.
-Its also the default. If you set this value to YES, GNUnet will store
-content on your machine that you cannot decrypt.
-While this may protect you from liability if the judge is sane, it may
-not (IANAL). If you put illegal content on your machine yourself, setting
-this option to YES will probably increase your chances to get away with it
-since you can plausibly deny that you inserted the content.
-Note that in either case, your anonymity would have to be broken first
-(which may be possible depending on the size of the GNUnet network and the
-strength of the adversary).
-@node Configuring logging
-@subsection Configuring logging
-Logging in GNUnet 0.9.0 is controlled via the "-L" and "-l" options.
-Using @code{-L}, a log level can be specified. With log level
-@code{ERROR} only serious errors are logged.
-The default log level is @code{WARNING} which causes anything of
-concern to be logged.
-Log level @code{INFO} can be used to log anything that might be
-interesting information whereas
-@code{DEBUG} can be used by developers to log debugging messages
-(but you need to run @code{./configure} with
-@code{--enable-logging=verbose} to get them compiled).
-The @code{-l} option is used to specify the log file.
-Since most GNUnet services are managed by @code{gnunet-arm}, using the
-@code{-l} or @code{-L} options directly is not possible.
-Instead, they can be specified using the @code{OPTIONS} configuration
-value in the respective section for the respective service.
-In order to enable logging globally without editing the @code{OPTIONS}
-values for each service, @command{gnunet-arm} supports a
-@code{GLOBAL_POSTFIX} option.
-The value specified here is given as an extra option to all services for
-which the configuration does contain a service-specific @code{OPTIONS}
-field.
-@code{GLOBAL_POSTFIX} can contain the special sequence "@{@}" which
-is replaced by the name of the service that is being started.
-Furthermore, @code{GLOBAL_POSTFIX} is special in that sequences
-starting with "$" anywhere in the string are expanded (according
-to options in @code{PATHS}); this expansion otherwise is
-only happening for filenames and then the "$" must be the
-first character in the option. Both of these restrictions do
-not apply to @code{GLOBAL_POSTFIX}.
-Note that specifying @code{%} anywhere in the @code{GLOBAL_POSTFIX}
-disables both of these features.
-In summary, in order to get all services to log at level
-@code{INFO} to log-files called @code{SERVICENAME-logs}, the
-following global prefix should be used:
-@example
-GLOBAL_POSTFIX = -l $SERVICEHOME/@{@}-logs -L INFO
-@end example
-@node Configuring the transport service and plugins
-@subsection Configuring the transport service and plugins
-The transport service in GNUnet is responsible to maintain basic
-connectivity to other peers.
-Besides initiating and keeping connections alive it is also responsible
-for address validation.
-The GNUnet transport supports more than one transport protocol.
-These protocols are configured together with the transport service.
-The configuration section for the transport service itself is quite
-similar to all the other services
-@example
-START_ON_DEMAND = YES
-@@UNIXONLY@@ PORT = 2091
-HOSTNAME = localhost
-HOME = $SERVICEHOME
-CONFIG = $DEFAULTCONFIG
-BINARY = gnunet-service-transport
-#PREFIX = valgrind
-NEIGHBOUR_LIMIT = 50
-ACCEPT_FROM = 127.0.0.1;
-ACCEPT_FROM6 = ::1;
-PLUGINS = tcp udp
-UNIXPATH = /tmp/gnunet-service-transport.sock
-@end example
-Different are the settings for the plugins to load @code{PLUGINS}.
-The first setting specifies which transport plugins to load.
-@itemize @bullet
-@item transport-unix
-A plugin for local only communication with UNIX domain sockets. Used for
-testing and available on unix systems only. Just set the port
-@example
-[transport-unix]
-PORT = 22086
-TESTING_IGNORE_KEYS = ACCEPT_FROM;
-@end example
-@item transport-tcp
-A plugin for communication with TCP. Set port to 0 for client mode with
-outbound only connections
-@example
-[transport-tcp]
-# Use 0 to ONLY advertise as a peer behind NAT (no port binding)
-PORT = 2086
-ADVERTISED_PORT = 2086
-TESTING_IGNORE_KEYS = ACCEPT_FROM;
-# Maximum number of open TCP connections allowed
-MAX_CONNECTIONS = 128
-@end example
-@item transport-udp
-A plugin for communication with UDP. Supports peer discovery using
-broadcasts.
-@example
-[transport-udp]
-PORT = 2086
-BROADCAST = YES
-BROADCAST_INTERVAL = 30 s
-MAX_BPS = 1000000
-TESTING_IGNORE_KEYS = ACCEPT_FROM;
-@end example
-@item transport-http
-HTTP and HTTPS support is split in two part: a client plugin initiating
-outbound connections and a server part accepting connections from the
-client. The client plugin just takes the maximum number of connections as
-an argument.
-@example
-[transport-http_client]
-MAX_CONNECTIONS = 128
-TESTING_IGNORE_KEYS = ACCEPT_FROM;
-@end example
-@example
-[transport-https_client]
-MAX_CONNECTIONS = 128
-TESTING_IGNORE_KEYS = ACCEPT_FROM;
-@end example
-@noindent
-The server has a port configured and the maximum nunber of connections.
-The HTTPS part has two files with the certificate key and the certificate
-file.
-The server plugin supports reverse proxies, so a external hostname can be
-set using the @code{EXTERNAL_HOSTNAME} setting.
-The webserver under this address should forward the request to the peer
-and the configure port.
-@example
-[transport-http_server]
-EXTERNAL_HOSTNAME = fulcrum.net.in.tum.de/gnunet
-PORT = 1080
-MAX_CONNECTIONS = 128
-TESTING_IGNORE_KEYS = ACCEPT_FROM;
-@end example
-@example
-[transport-https_server]
-PORT = 4433
-CRYPTO_INIT = NORMAL
-KEY_FILE = https.key
-CERT_FILE = https.cert
-MAX_CONNECTIONS = 128
-TESTING_IGNORE_KEYS = ACCEPT_FROM;
-@end example
-@item transport-wlan
-The next section describes how to setup the WLAN plugin,
-so here only the settings. Just specify the interface to use:
-@example
-[transport-wlan]
-# Name of the interface in monitor mode (typically monX)
-INTERFACE = mon0
-# Real hardware, no testing
-TESTMODE = 0
-TESTING_IGNORE_KEYS = ACCEPT_FROM;
-@end example
-@end itemize
-@node Configuring the wlan transport plugin
-@subsection Configuring the wlan transport plugin
-The wlan transport plugin enables GNUnet to send and to receive data on a
-wlan interface.
-It has not to be connected to a wlan network as long as sender and
-receiver are on the same channel. This enables you to get connection to
-GNUnet where no internet access is possible, for example during
-catastrophes or when censorship cuts you off from the internet.
-@menu
-* Requirements for the WLAN plugin::
-* Configuration::
-* Before starting GNUnet::
-* Limitations and known bugs::
-@end menu
-@node Requirements for the WLAN plugin
-@subsubsection Requirements for the WLAN plugin
-@itemize @bullet
-@item wlan network card with monitor support and packet injection
-(see @uref{http://www.aircrack-ng.org/, aircrack-ng.org})
-@item Linux kernel with mac80211 stack, introduced in 2.6.22, tested with
-2.6.35 and 2.6.38
-@item Wlantools to create the a monitor interface, tested with airmon-ng
-of the aircrack-ng package
-@end itemize
-@node Configuration
-@subsubsection Configuration
-There are the following options for the wlan plugin (they should be like
-this in your default config file, you only need to adjust them if the
-values are incorrect for your system)
-@example
-# section for the wlan transport plugin
-[transport-wlan]
-# interface to use, more information in the
-# "Before starting GNUnet" section of the handbook.
-INTERFACE = mon0
-# testmode for developers:
-# 0 use wlan interface,
-#1 or 2 use loopback driver for tests 1 = server, 2 = client
-TESTMODE = 0
-@end example
-@node Before starting GNUnet
-@subsubsection Before starting GNUnet
-Before starting GNUnet, you have to make sure that your wlan interface is
-in monitor mode.
-One way to put the wlan interface into monitor mode (if your interface
-name is wlan0) is by executing:
-@example
-sudo airmon-ng start wlan0
-@end example
-@noindent
-Here is an example what the result should look like:
-@example
-Interface Chipset Driver
-wlan0 Intel 4965 a/b/g/n iwl4965 - [phy0]
-(monitor mode enabled on mon0)
-@end example
-@noindent
-The monitor interface is mon0 is the one that you have to put into the
-configuration file.
-@node Limitations and known bugs
-@subsubsection Limitations and known bugs
-Wlan speed is at the maximum of 1 Mbit/s because support for choosing the
-wlan speed with packet injection was removed in newer kernels.
-Please pester the kernel developers about fixing this.
-The interface channel depends on the wlan network that the card is
-connected to. If no connection has been made since the start of the
-computer, it is usually the first channel of the card.
-Peers will only find each other and communicate if they are on the same
-channel. Channels must be set manually, i.e. using:
-@example
-iwconfig wlan0 channel 1
-@end example
-@node Configuring HTTP(S) reverse proxy functionality using Apache or nginx
-@subsection Configuring HTTP(S) reverse proxy functionality using Apache or nginx
-The HTTP plugin supports data transfer using reverse proxies. A reverse
-proxy forwards the HTTP request it receives with a certain URL to another
-webserver, here a GNUnet peer.
-So if you have a running Apache or nginx webserver you can configure it to
-be a GNUnet reverse proxy. Especially if you have a well-known webiste
-this improves censorship resistance since it looks as normal surfing
-behaviour.
-To do so, you have to do two things:
-@itemize @bullet
-@item Configure your webserver to forward the GNUnet HTTP traffic
-@item Configure your GNUnet peer to announce the respective address
-@end itemize
-As an example we want to use GNUnet peer running:
-@itemize @bullet
-@item HTTP server plugin on @code{gnunet.foo.org:1080}
-@item HTTPS server plugin on @code{gnunet.foo.org:4433}
-@item A apache or nginx webserver on
-@uref{http://www.foo.org/, http://www.foo.org:80/}
-@item A apache or nginx webserver on https://www.foo.org:443/
-@end itemize
-And we want the webserver to accept GNUnet traffic under
-@code{http://www.foo.org/bar/}. The required steps are described here:
-@menu
-* Reverse Proxy - Configure your Apache2 HTTP webserver::
-* Reverse Proxy - Configure your Apache2 HTTPS webserver::
-* Reverse Proxy - Configure your nginx HTTPS webserver::
-* Reverse Proxy - Configure your nginx HTTP webserver::
-* Reverse Proxy - Configure your GNUnet peer::
-@end menu
-@node Reverse Proxy - Configure your Apache2 HTTP webserver
-@subsubsection Reverse Proxy - Configure your Apache2 HTTP webserver
-First of all you need mod_proxy installed.
-Edit your webserver configuration. Edit
-@code{/etc/apache2/apache2.conf} or the site-specific configuration file.
-In the respective @code{server config},@code{virtual host} or
-@code{directory} section add the following lines:
-@example
-ProxyTimeout 300
-ProxyRequests Off
-<Location /bar/ >
-ProxyPass http://gnunet.foo.org:1080/
-ProxyPassReverse http://gnunet.foo.org:1080/
-</Location>
-@end example
-@node Reverse Proxy - Configure your Apache2 HTTPS webserver
-@subsubsection Reverse Proxy - Configure your Apache2 HTTPS webserver
-We assume that you already have an HTTPS server running, if not please
-check how to configure a HTTPS host. An uncomplicated to use example
-is the example configuration file for Apache2/HTTPD provided in
-@file{apache2/sites-available/default-ssl}.
-In the respective HTTPS @code{server config},@code{virtual host} or
-@code{directory} section add the following lines:
-@example
-SSLProxyEngine On
-ProxyTimeout 300
-ProxyRequests Off
-<Location /bar/ >
-ProxyPass https://gnunet.foo.org:4433/
-ProxyPassReverse https://gnunet.foo.org:4433/
-</Location>
-@end example
-@noindent
-More information about the apache mod_proxy configuration can be found
-in the Apache documentation@footnote{@uref{http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxypass, http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxypass}}
-@node Reverse Proxy - Configure your nginx HTTPS webserver
-@subsubsection Reverse Proxy - Configure your nginx HTTPS webserver
-Since nginx does not support chunked encoding, you first of all have to
-install the @code{chunkin} module@footnote{@uref{http://wiki.nginx.org/HttpChunkinModule, http://wiki.nginx.org/HttpChunkinModule}}
-To enable chunkin add:
-@example
-chunkin on;
-error_page 411 = @@my_411_error;
-location @@my_411_error @{
-chunkin_resume;
-@}
-@end example
-@noindent
-Edit your webserver configuration. Edit @file{/etc/nginx/nginx.conf} or
-the site-specific configuration file.
-In the @code{server} section add:
-@example
-location /bar/ @{
-proxy_pass http://gnunet.foo.org:1080/;
-proxy_buffering off;
-proxy_connect_timeout 5; # more than http_server
-proxy_read_timeout 350; # 60 default, 300s is GNUnet's idle timeout
-proxy_http_version 1.1; # 1.0 default
-proxy_next_upstream error timeout invalid_header http_500 http_503 http_502 http_504;
-@}
-@end example
-@node Reverse Proxy - Configure your nginx HTTP webserver
-@subsubsection Reverse Proxy - Configure your nginx HTTP webserver
-Edit your webserver configuration. Edit @file{/etc/nginx/nginx.conf} or
-the site-specific configuration file.
-In the @code{server} section add:
-@example
-ssl_session_timeout 6m;
-location /bar/
-@{
-proxy_pass https://gnunet.foo.org:4433/;
-proxy_buffering off;
-proxy_connect_timeout 5; # more than http_server
-proxy_read_timeout 350; # 60 default, 300s is GNUnet's idle timeout
-proxy_http_version 1.1; # 1.0 default
-proxy_next_upstream error timeout invalid_header http_500 http_503 http_502 http_504;
-@}
-@end example
-@node Reverse Proxy - Configure your GNUnet peer
-@subsubsection Reverse Proxy - Configure your GNUnet peer
-To have your GNUnet peer announce the address, you have to specify the
-@code{EXTERNAL_HOSTNAME} option in the @code{[transport-http_server]}
-section:
-@example
-[transport-http_server]
-EXTERNAL_HOSTNAME = http://www.foo.org/bar/
-@end example
-@noindent
-and/or @code{[transport-https_server]} section:
-@example
-[transport-https_server]
-EXTERNAL_HOSTNAME = https://www.foo.org/bar/
-@end example
-@noindent
-Now restart your webserver and your peer...
-@node Blacklisting peers
-@subsection Blacklisting peers
-Transport service supports to deny connecting to a specific peer of to a
-specific peer with a specific transport plugin using te blacklisting
-component of transport service. With@ blacklisting it is possible to deny
-connections to specific peers of@ to use a specific plugin to a specific
-peer. Peers can be blacklisted using@ the configuration or a blacklist
-client can be asked.
-To blacklist peers using the configuration you have to add a section to
-your configuration containing the peer id of the peer to blacklist and
-the plugin@ if required.
-Examples:
-To blacklist connections to P565... on peer AG2P... using tcp add:
-@c FIXME: This is too long and produces errors in the pdf.
-@example
-[transport-blacklist AG2PHES1BARB9IJCPAMJTFPVJ5V3A72S3F2A8SBUB8DAQ2V0O3V8G6G2JU56FHGFOHMQVKBSQFV98TCGTC3RJ1NINP82G0RC00N1520]
-P565723JO1C2HSN6J29TAQ22MN6CI8HTMUU55T0FUQG4CMDGGEQ8UCNBKUMB94GC8R9G4FB2SF9LDOBAJ6AMINBP4JHHDD6L7VD801G = tcp
-@end example
-To blacklist connections to P565... on peer AG2P... using all plugins add:
-@example
-[transport-blacklist-AG2PHES1BARB9IJCPAMJTFPVJ5V3A72S3F2A8SBUB8DAQ2V0O3V8G6G2JU56FHGFOHMQVKBSQFV98TCGTC3RJ1NINP82G0RC00N1520]
-P565723JO1C2HSN6J29TAQ22MN6CI8HTMUU55T0FUQG4CMDGGEQ8UCNBKUMB94GC8R9G4FB2SF9LDOBAJ6AMINBP4JHHDD6L7VD801G =
-@end example
-You can also add a blacklist client usign the blacklist API. On a
-blacklist check, blacklisting first checks internally if the peer is
-blacklisted and if not, it asks the blacklisting clients. Clients are
-asked if it is OK to connect to a peer ID, the plugin is omitted.
-On blacklist check for (peer, plugin)
-@itemize @bullet
-@item Do we have a local blacklist entry for this peer and this plugin?@
-@item YES: disallow connection@
-@item Do we have a local blacklist entry for this peer and all plugins?@
-@item YES: disallow connection@
-@item Does one of the clients disallow?@
-@item YES: disallow connection
-@end itemize
-@node Configuration of the HTTP and HTTPS transport plugins
-@subsection Configuration of the HTTP and HTTPS transport plugins
-The client parts of the http and https transport plugins can be configured
-to use a proxy to connect to the hostlist server. This functionality can
-be configured in the configuration file directly or using the
-gnunet-setup tool.
-Both the HTTP and HTTPS clients support the following proxy types at
-the moment:
-@itemize @bullet
-@item HTTP 1.1 proxy
-@item SOCKS 4/4a/5/5 with hostname
-@end itemize
-In addition authentication at the proxy with username and password can be
-configured.
-To configure proxy support for the clients in the gnunet-setup tool,
-select the "transport" tab and activate the respective plugin. Now you
-can select the appropriate proxy type. The hostname or IP address
-(including port if required) has to be entered in the "Proxy hostname"
-textbox. If required, enter username and password in the "Proxy username"
-and "Proxy password" boxes. Be aware that these information will be stored
-in the configuration in plain text.
-To configure these options directly in the configuration, you can
-configure the following settings in the @code{[transport-http_client]}
-and @code{[transport-https_client]} section of the configuration:
-@example
-# Type of proxy server,
-# Valid values: HTTP, SOCKS4, SOCKS5, SOCKS4A, SOCKS5_HOSTNAME
-# Default: HTTP
-# PROXY_TYPE = HTTP
-# Hostname or IP of proxy server
-# PROXY =
-# User name for proxy server
-# PROXY_USERNAME =
-# User password for proxy server
-# PROXY_PASSWORD =
-@end example
-@node Configuring the GNU Name System
-@subsection Configuring the GNU Name System
-@menu
-* Configuring system-wide DNS interception::
-* Configuring the GNS nsswitch plugin::
-* Configuring GNS on W32::
-* GNS Proxy Setup::
-* Setup of the GNS CA::
-* Testing the GNS setup::
-@end menu
-@node Configuring system-wide DNS interception
-@subsubsection Configuring system-wide DNS interception
-Before you install GNUnet, make sure you have a user and group 'gnunet'
-as well as an empty group 'gnunetdns'.
-When using GNUnet with system-wide DNS interception, it is absolutely
-necessary for all GNUnet service processes to be started by
-@code{gnunet-service-arm} as user and group 'gnunet'. You also need to be
-sure to run @code{make install} as root (or use the @code{sudo} option to
-configure) to grant GNUnet sufficient privileges.
-With this setup, all that is required for enabling system-wide DNS
-interception is for some GNUnet component (VPN or GNS) to request it.
-The @code{gnunet-service-dns} will then start helper programs that will
-make the necessary changes to your firewall (@code{iptables}) rules.
-Note that this will NOT work if your system sends out DNS traffic to a
-link-local IPv6 address, as in this case GNUnet can intercept the traffic,
-but not inject the responses from the link-local IPv6 address. Hence you
-cannot use system-wide DNS interception in conjunction with link-local
-IPv6-based DNS servers. If such a DNS server is used, it will bypass
-GNUnet's DNS traffic interception.
-Using the GNU Name System (GNS) requires two different configuration
-steps.
-First of all, GNS needs to be integrated with the operating system. Most
-of this section is about the operating system level integration.
-The remainder of this chapter will detail the various methods for
-configuring the use of GNS with your operating system.
-At this point in time you have different options depending on your OS:
-@table @asis
-@item Use the gnunet-gns-proxy This approach works for all operating
-systems and is likely the easiest. However, it enables GNS only for
-browsers, not for other applications that might be using DNS, such as SSH.
-Still, using the proxy is required for using HTTP with GNS and is thus
-recommended for all users. To do this, you simply have to run the
-@code{gnunet-gns-proxy-setup-ca} script as the user who will run the
-browser (this will create a GNS certificate authority (CA) on your system
-and import its key into your browser), then start @code{gnunet-gns-proxy}
-and inform your browser to use the Socks5 proxy which
-@code{gnunet-gns-proxy} makes available by default on port 7777.
-@item Use a nsswitch plugin (recommended on GNU systems)
-This approach has the advantage of offering fully personalized resolution
-even on multi-user systems. A potential disadvantage is that some
-applications might be able to bypass GNS.
-@item Use a W32 resolver plugin (recommended on W32)
-This is currently the only option on W32 systems.
-@item Use system-wide DNS packet interception
-This approach is recommended for the GNUnet VPN. It can be used to handle
-GNS at the same time; however, if you only use this method, you will only
-get one root zone per machine (not so great for multi-user systems).
-@end table
-You can combine system-wide DNS packet interception with the nsswitch
-plugin.
-The setup of the system-wide DNS interception is described here. All of
-the other GNS-specific configuration steps are described in the following
-sections.
-@node Configuring the GNS nsswitch plugin
-@subsubsection Configuring the GNS nsswitch plugin
-The Name Service Switch (NSS) is a facility in Unix-like operating systems
-@footnote{More accurate: NSS is a functionality of the GNU C Library}
-that provides a variety of sources for common configuration databases and
-name resolution mechanisms.
-A superuser (system administrator) usually configures the
-operating system's name services using the file
-@file{/etc/nsswitch.conf}.
-GNS provides a NSS plugin to integrate GNS name resolution with the
-operating system's name resolution process.
-To use the GNS NSS plugin you have to either
-@itemize @bullet
-@item install GNUnet as root or
-@item compile GNUnet with the @code{--with-sudo=yes} switch.
-@end itemize
-Name resolution is controlled by the @emph{hosts} section in the NSS
-configuration. By default this section first performs a lookup in the
-@file{/etc/hosts} file and then in DNS.
-The nsswitch file should contain a line similar to:
-@example
-hosts: files dns [NOTFOUND=return] mdns4_minimal mdns4
-@end example
-@noindent
-Here the GNS NSS plugin can be added to perform a GNS lookup before
-performing a DNS lookup.
-The GNS NSS plugin has to be added to the "hosts" section in
-@file{/etc/nsswitch.conf} file before DNS related plugins:
-@example
-...
-hosts: files gns [NOTFOUND=return] dns mdns4_minimal mdns4
-...
-@end example
-@noindent
-The @code{NOTFOUND=return} will ensure that if a @code{.gnu} name is not
-found in GNS it will not be queried in DNS.
-@node Configuring GNS on W32
-@subsubsection Configuring GNS on W32
-This document is a guide to configuring GNU Name System on W32-compatible
-platforms.
-After GNUnet is installed, run the w32nsp-install tool:
-@example
-w32nsp-install.exe libw32nsp-0.dll
-@end example
-@noindent
-('0' is the library version of W32 NSP; it might increase in the future,
-change the invocation accordingly).
-This will install GNS namespace provider into the system and allow other
-applications to resolve names that end in '@strong{gnu}'
-and '@strong{zkey}'. Note that namespace provider requires
-gnunet-gns-helper-service-w32 to be running, as well as gns service
-itself (and its usual dependencies).
-Namespace provider is hardcoded to connect to @strong{127.0.0.1:5353},
-and this is where gnunet-gns-helper-service-w32 should be listening to
-(and is configured to listen to by default).
-To uninstall the provider, run:
-@example
-w32nsp-uninstall.exe
-@end example
-@noindent
-(uses provider GUID to uninstall it, does not need a dll name).
-Note that while MSDN claims that other applications will only be able to
-use the new namespace provider after re-starting, in reality they might
-stat to use it without that. Conversely, they might stop using the
-provider after it's been uninstalled, even if they were not re-started.
-W32 will not permit namespace provider library to be deleted or
-overwritten while the provider is installed, and while there is at least
-one process still using it (even after it was uninstalled).
-@node GNS Proxy Setup
-@subsubsection GNS Proxy Setup
-When using the GNU Name System (GNS) to browse the WWW, there are several
-issues that can be solved by adding the GNS Proxy to your setup:
-@itemize @bullet
-@item If the target website does not support GNS, it might assume that it
-is operating under some name in the legacy DNS system (such as
-example.com). It may then attempt to set cookies for that domain, and the
-web server might expect a @code{Host: example.com} header in the request
-from your browser.
-However, your browser might be using @code{example.gnu} for the
-@code{Host} header and might only accept (and send) cookies for
-@code{example.gnu}. The GNS Proxy will perform the necessary translations
-of the hostnames for cookies and HTTP headers (using the LEHO record for
-the target domain as the desired substitute).
-@item If using HTTPS, the target site might include an SSL certificate
-which is either only valid for the LEHO domain or might match a TLSA
-record in GNS. However, your browser would expect a valid certificate for
-@code{example.gnu}, not for some legacy domain name. The proxy will
-validate the certificate (either against LEHO or TLSA) and then
-on-the-fly produce a valid certificate for the exchange, signed by your
-own CA. Assuming you installed the CA of your proxy in your browser's
-certificate authority list, your browser will then trust the
-HTTPS/SSL/TLS connection, as the hostname mismatch is hidden by the proxy.
-@item Finally, the proxy will in the future indicate to the server that it
-speaks GNS, which will enable server operators to deliver GNS-enabled web
-sites to your browser (and continue to deliver legacy links to legacy
-browsers)
-@end itemize
-@node Setup of the GNS CA
-@subsubsection Setup of the GNS CA
-First you need to create a CA certificate that the proxy can use.
-To do so use the provided script gnunet-gns-proxy-ca:
-@example
-$ gnunet-gns-proxy-setup-ca
-@end example
-@noindent
-This will create a personal certification authority for you and add this
-authority to the firefox and chrome database. The proxy will use the this
-CA certificate to generate @code{*.gnu} client certificates on the fly.
-Note that the proxy uses libcurl. Make sure your version of libcurl uses
-GnuTLS and NOT OpenSSL. The proxy will @b{not} work with libcurl compiled
-against OpenSSL.
-You can check the configuration your libcurl was build with by
-running:
-@example
-curl --version
-@end example
-the output will look like this (without the linebreaks):
-@example
-gnurl --version
-curl 7.56.0 (x86_64-unknown-linux-gnu) libcurl/7.56.0 \
-GnuTLS/3.5.13 zlib/1.2.11 libidn2/2.0.4
-Release-Date: 2017-10-08
-Protocols: http https
-Features: AsynchDNS IDN IPv6 Largefile NTLM SSL libz \
-TLS-SRP UnixSockets HTTPS-proxy
-@end example
-@node Testing the GNS setup
-@subsubsection Testing the GNS setup
-Now for testing purposes we can create some records in our zone to test
-the SSL functionality of the proxy:
-@example
-$ gnunet-identity -C test
-$ gnunet-namestore -a -e "1 d" -n "homepage" \
-  -t A -V 131.159.74.67 -z test
-$ gnunet-namestore -a -e "1 d" -n "homepage" \
-  -t LEHO -V "gnunet.org" -z test
-@end example
-@noindent
-At this point we can start the proxy. Simply execute
-@example
-$ gnunet-gns-proxy
-@end example
-@noindent
-Configure your browser to use this SOCKSv5 proxy on port 7777 and visit
-this link.
-If you use @command{Firefox} (or one of its deriviates/forks such as
-Icecat) you also have to go to @code{about:config} and set the key
-@code{network.proxy.socks_remote_dns} to @code{true}.
-When you visit @code{https://homepage.test/}, you should get to the
-@code{https://gnunet.org/} frontpage and the browser (with the correctly
-configured proxy) should give you a valid SSL certificate for
-@code{homepage.gnu} and no warnings. It should look like this:
-@c FIXME: Image does not exist, create it or save it from Drupal?
-@c @image{images/gnunethpgns.png,5in,, picture of homepage.gnu in Webbrowser}
-@node Configuring the GNUnet VPN
-@subsection Configuring the GNUnet VPN
-@menu
-* IPv4 address for interface::
-* IPv6 address for interface::
-* Configuring the GNUnet VPN DNS::
-* Configuring the GNUnet VPN Exit Service::
-* IP Address of external DNS resolver::
-* IPv4 address for Exit interface::
-* IPv6 address for Exit interface::
-@end menu
-Before configuring the GNUnet VPN, please make sure that system-wide DNS
-interception is configured properly as described in the section on the
-GNUnet DNS setup. @pxref{Configuring the GNU Name System},
-if you haven't done so already.
-The default options for the GNUnet VPN are usually sufficient to use
-GNUnet as a Layer 2 for your Internet connection.
-However, what you always have to specify is which IP protocol you want
-to tunnel: IPv4, IPv6 or both.
-Furthermore, if you tunnel both, you most likely should also tunnel
-all of your DNS requests.
-You theoretically can tunnel "only" your DNS traffic, but that usually
-makes little sense.
-The other options as shown on the gnunet-setup tool are:
-@node IPv4 address for interface
-@subsubsection IPv4 address for interface
-This is the IPv4 address the VPN interface will get. You should pick an
-'private' IPv4 network that is not yet in use for you system. For example,
-if you use @code{10.0.0.1/255.255.0.0} already, you might use
-@code{10.1.0.1/255.255.0.0}.
-If you use @code{10.0.0.1/255.0.0.0} already, then you might use
-@code{192.168.0.1/255.255.0.0}.
-If your system is not in a private IP-network, using any of the above will
-work fine.
-You should try to make the mask of the address big enough
-(@code{255.255.0.0} or, even better, @code{255.0.0.0}) to allow more
-mappings of remote IP Addresses into this range.
-However, even a @code{255.255.255.0} mask will suffice for most users.
-@node IPv6 address for interface
-@subsubsection IPv6 address for interface
-The IPv6 address the VPN interface will get. Here you can specify any
-non-link-local address (the address should not begin with @code{fe80:}).
-A subnet Unique Local Unicast (@code{fd00::/8} prefix) that you are
-currently not using would be a good choice.
-@node Configuring the GNUnet VPN DNS
-@subsubsection Configuring the GNUnet VPN DNS
-To resolve names for remote nodes, activate the DNS exit option.
-@node Configuring the GNUnet VPN Exit Service
-@subsubsection Configuring the GNUnet VPN Exit Service
-If you want to allow other users to share your Internet connection (yes,
-this may be dangerous, just as running a Tor exit node) or want to
-provide access to services on your host (this should be less dangerous,
-as long as those services are secure), you have to enable the GNUnet exit
-daemon.
-You then get to specify which exit functions you want to provide. By
-enabling the exit daemon, you will always automatically provide exit
-functions for manually configured local services (this component of the
-system is under
-development and not documented further at this time). As for those
-services you explicitly specify the target IP address and port, there is
-no significant security risk in doing so.
-Furthermore, you can serve as a DNS, IPv4 or IPv6 exit to the Internet.
-Being a DNS exit is usually pretty harmless. However, enabling IPv4 or
-IPv6-exit without further precautions may enable adversaries to access
-your local network, send spam, attack other systems from your Internet
-connection and to other mischief that will appear to come from your
-machine. This may or may not get you into legal trouble.
-If you want to allow IPv4 or IPv6-exit functionality, you should strongly
-consider adding additional firewall rules manually to protect your local
-network and to restrict outgoing TCP traffic (i.e. by not allowing access
-to port 25). While we plan to improve exit-filtering in the future,
-you're currently on your own here.
-Essentially, be prepared for any kind of IP-traffic to exit the respective
-TUN interface (and GNUnet will enable IP-forwarding and NAT for the
-interface automatically).
-Additional configuration options of the exit as shown by the gnunet-setup
-tool are:
-@node IP Address of external DNS resolver
-@subsubsection IP Address of external DNS resolver
-If DNS traffic is to exit your machine, it will be send to this DNS
-resolver. You can specify an IPv4 or IPv6 address.
-@node IPv4 address for Exit interface
-@subsubsection IPv4 address for Exit interface
-This is the IPv4 address the Interface will get. Make the mask of the
-address big enough (255.255.0.0 or, even better, 255.0.0.0) to allow more
-mappings of IP addresses into this range. As for the VPN interface, any
-unused, private IPv4 address range will do.
-@node IPv6 address for Exit interface
-@subsubsection IPv6 address for Exit interface
-The public IPv6 address the interface will get. If your kernel is not a
-very recent kernel and you are willing to manually enable IPv6-NAT, the
-IPv6 address you specify here must be a globally routed IPv6 address of
-your host.
-Suppose your host has the address @code{2001:4ca0::1234/64}, then
-using @code{2001:4ca0::1:0/112} would be fine (keep the first 64 bits,
-then change at least one bit in the range before the bitmask, in the
-example above we changed bit 111 from 0 to 1).
-You may also have to configure your router to route traffic for the entire
-subnet (@code{2001:4ca0::1:0/112} for example) through your computer (this
-should be automatic with IPv6, but obviously anything can be
-disabled).
-@node Bandwidth Configuration
-@subsection Bandwidth Configuration
-You can specify how many bandwidth GNUnet is allowed to use to receive
-and send data. This is important for users with limited bandwidth or
-traffic volume.
-@node Configuring NAT
-@subsection Configuring NAT
-Most hosts today do not have a normal global IP address but instead are
-behind a router performing Network Address Translation (NAT) which assigns
-each host in the local network a private IP address.
-As a result, these machines cannot trivially receive inbound connections
-from the Internet. GNUnet supports NAT traversal to enable these machines
-to receive incoming connections from other peers despite their
-limitations.
-In an ideal world, you can press the "Attempt automatic configuration"
-button in gnunet-setup to automatically configure your peer correctly.
-Alternatively, your distribution might have already triggered this
-automatic configuration during the installation process.
-However, automatic configuration can fail to determine the optimal
-settings, resulting in your peer either not receiving as many connections
-as possible, or in the worst case it not connecting to the network at all.
-To manually configure the peer, you need to know a few things about your
-network setup. First, determine if you are behind a NAT in the first
-place.
-This is always the case if your IP address starts with "10.*" or
-"192.168.*". Next, if you have control over your NAT router, you may
-choose to manually configure it to allow GNUnet traffic to your host.
-If you have configured your NAT to forward traffic on ports 2086 (and
-possibly 1080) to your host, you can check the "NAT ports have been opened
-manually" option, which corresponds to the "PUNCHED_NAT" option in the
-configuration file. If you did not punch your NAT box, it may still be
-configured to support UPnP, which allows GNUnet to automatically
-configure it. In that case, you need to install the "upnpc" command,
-enable UPnP (or PMP) on your NAT box and set the "Enable NAT traversal
-via UPnP or PMP" option (corresponding to "ENABLE_UPNP" in the
-configuration file).
-Some NAT boxes can be traversed using the autonomous NAT traversal method.
-This requires certain GNUnet components to be installed with "SUID"
-prividledges on your system (so if you're installing on a system you do
-not have administrative rights to, this will not work).
-If you installed as 'root', you can enable autonomous NAT traversal by
-checking the "Enable NAT traversal using ICMP method".
-The ICMP method requires a way to determine your NAT's external (global)
-IP address. This can be done using either UPnP, DynDNS, or by manual
-configuration. If you have a DynDNS name or know your external IP address,
-you should enter that name under "External (public) IPv4 address" (which
-corresponds to the "EXTERNAL_ADDRESS" option in the configuration file).
-If you leave the option empty, GNUnet will try to determine your external
-IP address automatically (which may fail, in which case autonomous
-NAT traversal will then not work).
-Finally, if you yourself are not behind NAT but want to be able to
-connect to NATed peers using autonomous NAT traversal, you need to check
-the "Enable connecting to NATed peers using ICMP method" box.
-@node Peer configuration for distributions
-@subsection Peer configuration for distributions
-The "GNUNET_DATA_HOME" in "[path]" in @file{/etc/gnunet.conf} should be
-manually set to "/var/lib/gnunet/data/" as the default
-"~/.local/share/gnunet/" is probably not that appropriate in this case.
-Similarly, distributions may consider pointing "GNUNET_RUNTIME_DIR" to
-"/var/run/gnunet/" and "GNUNET_HOME" to "/var/lib/gnunet/". Also, should a
-distribution decide to override system defaults, all of these changes
-should be done in a custom @file{/etc/gnunet.conf} and not in the files
-in the @file{config.d/} directory.
-Given the proposed access permissions, the "gnunet-setup" tool must be
-run as use "gnunet" (and with option "-c /etc/gnunet.conf" so that it
-modifies the system configuration). As always, gnunet-setup should be run
-after the GNUnet peer was stopped using "gnunet-arm -e". Distributions
-might want to include a wrapper for gnunet-setup that allows the
-desktop-user to "sudo" (i.e. using gtksudo) to the "gnunet" user account
-and then runs "gnunet-arm -e", "gnunet-setup" and "gnunet-arm -s" in
-sequence.
-@node How to start and stop a GNUnet peer
-@section How to start and stop a GNUnet peer
-This section describes how to start a GNUnet peer. It assumes that you
-have already compiled and installed GNUnet and its' dependencies.
-Before you start a GNUnet peer, you may want to create a configuration
-file using gnunet-setup (but you do not have to).
-Sane defaults should exist in your
-@file{$GNUNET_PREFIX/share/gnunet/config.d/} directory, so in practice
-you could simply start without any configuration. If you want to
-configure your peer later, you need to stop it before invoking the
-@code{gnunet-setup} tool to customize further and to test your
-configuration (@code{gnunet-setup} has build-in test functions).
-The most important option you might have to still set by hand is in
-[PATHS]. Here, you use the option "GNUNET_HOME" to specify the path where
-GNUnet should store its data.
-It defaults to @code{$HOME/}, which again should work for most users.
-Make sure that the directory specified as GNUNET_HOME is writable to
-the user that you will use to run GNUnet (note that you can run frontends
-using other users, GNUNET_HOME must only be accessible to the user used to
-run the background processes).
-You will also need to make one central decision: should all of GNUnet be
-run under your normal UID, or do you want distinguish between system-wide
-(user-independent) GNUnet services and personal GNUnet services. The
-multi-user setup is slightly more complicated, but also more secure and
-generally recommended.
-@menu
-* The Single-User Setup::
-* The Multi-User Setup::
-* Killing GNUnet services::
-* Access Control for GNUnet::
-@end menu
-@node The Single-User Setup
-@subsection The Single-User Setup
-For the single-user setup, you do not need to do anything special and can
-just start the GNUnet background processes using @code{gnunet-arm}.
-By default, GNUnet looks in @file{~/.config/gnunet.conf} for a
-configuration (or @code{$XDG_CONFIG_HOME/gnunet.conf} if@
-@code{$XDG_CONFIG_HOME} is defined). If your configuration lives
-elsewhere, you need to pass the @code{-c FILENAME} option to all GNUnet
-commands.
-Assuming the configuration file is called @file{~/.config/gnunet.conf},
-you start your peer using the @code{gnunet-arm} command (say as user
-@code{gnunet}) using:
-@example
-gnunet-arm -c ~/.config/gnunet.conf -s
-@end example
-@noindent
-The "-s" option here is for "start". The command should return almost
-instantly. If you want to stop GNUnet, you can use:
-@example
-gnunet-arm -c ~/.config/gnunet.conf -e
-@end example
-@noindent
-The "-e" option here is for "end".
-Note that this will only start the basic peer, no actual applications
-will be available.
-If you want to start the file-sharing service, use (after starting
-GNUnet):
-@example
-gnunet-arm -c ~/.config/gnunet.conf -i fs
-@end example
-@noindent
-The "-i fs" option here is for "initialize" the "fs" (file-sharing)
-application. You can also selectively kill only file-sharing support using
-@example
-gnunet-arm -c ~/.config/gnunet.conf -k fs
-@end example
-@noindent
-Assuming that you want certain services (like file-sharing) to be always
-automatically started whenever you start GNUnet, you can activate them by
-setting "IMMEDIATE_START=YES" in the respective section of the configuration
-file (for example, "[fs]"). Then GNUnet with file-sharing support would
-be started whenever you@ enter:
-@example
-gnunet-arm -c ~/.config/gnunet.conf -s
-@end example
-@noindent
-Alternatively, you can combine the two options:
-@example
-gnunet-arm -c ~/.config/gnunet.conf -s -i fs
-@end example
-@noindent
-Using @code{gnunet-arm} is also the preferred method for initializing
-GNUnet from @code{init}.
-Finally, you should edit your @code{crontab} (using the @code{crontab}
-command) and insert a line@
-@example
-@@reboot gnunet-arm -c ~/.config/gnunet.conf -s
-@end example
-to automatically start your peer whenever your system boots.
-@node The Multi-User Setup
-@subsection The Multi-User Setup
-This requires you to create a user @code{gnunet} and an additional group
-@code{gnunetdns}, prior to running @code{make install} during
-installation.
-Then, you create a configuration file @file{/etc/gnunet.conf} which should
-contain the lines:@
-@example
-[arm]
-START_SYSTEM_SERVICES = YES
-START_USER_SERVICES = NO
-@end example
-@noindent
-Then, perform the same steps to run GNUnet as in the per-user
-configuration, except as user @code{gnunet} (including the
-@code{crontab} installation).
-You may also want to run @code{gnunet-setup} to configure your peer
-(databases, etc.).
-Make sure to pass @code{-c /etc/gnunet.conf} to all commands. If you
-run @code{gnunet-setup} as user @code{gnunet}, you might need to change
-permissions on @file{/etc/gnunet.conf} so that the @code{gnunet} user can
-write to the file (during setup).
-Afterwards, you need to perform another setup step for each normal user
-account from which you want to access GNUnet. First, grant the normal user
-(@code{$USER}) permission to the group gnunet:
-@example
-# adduser $USER gnunet
-@end example
-@noindent
-Then, create a configuration file in @file{~/.config/gnunet.conf} for the
-$USER with the lines:
-@example
-[arm]
-START_SYSTEM_SERVICES = NO
-START_USER_SERVICES = YES
-@end example
-@noindent
-This will ensure that @code{gnunet-arm} when started by the normal user
-will only run services that are per-user, and otherwise rely on the
-system-wide services.
-Note that the normal user may run gnunet-setup, but the
-configuration would be ineffective as the system-wide services will use
-@file{/etc/gnunet.conf} and ignore options set by individual users.
-Again, each user should then start the peer using
-@file{gnunet-arm -s} --- and strongly consider adding logic to start
-the peer automatically to their crontab.
-Afterwards, you should see two (or more, if you have more than one USER)
-@code{gnunet-service-arm} processes running in your system.
-@node Killing GNUnet services
-@subsection Killing GNUnet services
-It is not necessary to stop GNUnet services explicitly when shutting
-down your computer.
-It should be noted that manually killing "most" of the
-@code{gnunet-service} processes is generally not a successful method for
-stopping a peer (since @code{gnunet-service-arm} will instantly restart
-them). The best way to explicitly stop a peer is using
-@code{gnunet-arm -e}; note that the per-user services may need to be
-terminated before the system-wide services will terminate normally.
-@node Access Control for GNUnet
-@subsection Access Control for GNUnet
-This chapter documents how we plan to make access control work within the
-GNUnet system for a typical peer. It should be read as a best-practice
-installation guide for advanced users and builders of binary
-distributions. The recommendations in this guide apply to POSIX-systems
-with full support for UNIX domain sockets only.
-Note that this is an advanced topic. The discussion presumes a very good
-understanding of users, groups and file permissions. Normal users on
-hosts with just a single user can just install GNUnet under their own
-account (and possibly allow the installer to use SUDO to grant additional
-permissions for special GNUnet tools that need additional rights).
-The discussion below largely applies to installations where multiple users
-share a system and to installations where the best possible security is
-paramount.
-A typical GNUnet system consists of components that fall into four
-categories:
-@table @asis
-@item User interfaces
-User interfaces are not security sensitive and are supposed to be run and
-used by normal system users.
-The GTK GUIs and most command-line programs fall into this category.
-Some command-line tools (like gnunet-transport) should be excluded as they
-offer low-level access that normal users should not need.
-@item System services and support tools
-System services should always run and offer services that can then be
-accessed by the normal users.
-System services do not require special permissions, but as they are not
-specific to a particular user, they probably should not run as a
-particular user. Also, there should typically only be one GNUnet peer per
-host. System services include the gnunet-service and gnunet-daemon
-programs; support tools include command-line programs such as gnunet-arm.
-@item Priviledged helpers
-Some GNUnet components require root rights to open raw sockets or perform
-other special operations. These gnunet-helper binaries are typically
-installed SUID and run from services or daemons.
-@item Critical services
-Some GNUnet services (such as the DNS service) can manipulate the service
-in deep and possibly highly security sensitive ways. For example, the DNS
-service can be used to intercept and alter any DNS query originating from
-the local machine. Access to the APIs of these critical services and their
-priviledged helpers must be tightly controlled.
-@end table
-@c FIXME: The titles of these chapters are too long in the index.
-@menu
-* Recommendation - Disable access to services via TCP::
-* Recommendation - Run most services as system user "gnunet"::
-* Recommendation - Control access to services using group "gnunet"::
-* Recommendation - Limit access to certain SUID binaries by group "gnunet"::
-* Recommendation - Limit access to critical gnunet-helper-dns to group "gnunetdns"::
-* Differences between "make install" and these recommendations::
-@end menu
-@node Recommendation - Disable access to services via TCP
-@subsubsection Recommendation - Disable access to services via TCP
-GNUnet services allow two types of access: via TCP socket or via UNIX
-domain socket.
-If the service is available via TCP, access control can only be
-implemented by restricting connections to a particular range of IP
-addresses.
-This is acceptable for non-critical services that are supposed to be
-available to all users on the local system or local network.
-However, as TCP is generally less efficient and it is rarely the case
-that a single GNUnet peer is supposed to serve an entire local network,
-the default configuration should disable TCP access to all GNUnet
-services on systems with support for UNIX domain sockets.
-As of GNUnet 0.9.2, configuration files with TCP access disabled should be
-generated by default. Users can re-enable TCP access to particular
-services simply by specifying a non-zero port number in the section of
-the respective service.
-@node Recommendation - Run most services as system user "gnunet"
-@subsubsection Recommendation - Run most services as system user "gnunet"
-GNUnet's main services should be run as a separate user "gnunet" in a
-special group "gnunet".
-The user "gnunet" should start the peer using "gnunet-arm -s" during
-system startup. The home directory for this user should be
-@file{/var/lib/gnunet} and the configuration file should be
-@file{/etc/gnunet.conf}.
-Only the @code{gnunet} user should have the right to access
-@file{/var/lib/gnunet} (@emph{mode: 700}).
-@node Recommendation - Control access to services using group "gnunet"
-@subsubsection Recommendation - Control access to services using group "gnunet"
-Users that should be allowed to use the GNUnet peer should be added to the
-group "gnunet". Using GNUnet's access control mechanism for UNIX domain
-sockets, those services that are considered useful to ordinary users
-should be made available by setting "UNIX_MATCH_GID=YES" for those
-services.
-Again, as shipped, GNUnet provides reasonable defaults.
-Permissions to access the transport and core subsystems might additionally
-be granted without necessarily causing security concerns.
-Some services, such as DNS, must NOT be made accessible to the "gnunet"
-group (and should thus only be accessible to the "gnunet" user and
-services running with this UID).
-@node Recommendation - Limit access to certain SUID binaries by group "gnunet"
-@subsubsection Recommendation - Limit access to certain SUID binaries by group "gnunet"
-Most of GNUnet's SUID binaries should be safe even if executed by normal
-users. However, it is possible to reduce the risk a little bit more by
-making these binaries owned by the group "gnunet" and restricting their
-execution to user of the group "gnunet" as well (4750).
-@node Recommendation - Limit access to critical gnunet-helper-dns to group "gnunetdns"
-@subsubsection Recommendation - Limit access to critical gnunet-helper-dns to group "gnunetdns"
-A special group "gnunetdns" should be created for controlling access to
-the "gnunet-helper-dns".
-The binary should then be owned by root and be in group "gnunetdns" and
-be installed SUID and only be group-executable (2750).
-@b{Note that the group "gnunetdns" should have no users in it at all,
-ever.}
-The "gnunet-service-dns" program should be executed by user "gnunet" (via
-gnunet-service-arm) with the binary owned by the user "root" and the group
-"gnunetdns" and be SGID (2700). This way, @strong{only}
-"gnunet-service-dns" can change its group to "gnunetdns" and execute the
-helper, and the helper can then run as root (as per SUID).
-Access to the API offered by "gnunet-service-dns" is in turn restricted
-to the user "gnunet" (not the group!), which means that only
-"benign" services can manipulate DNS queries using "gnunet-service-dns".
-@node Differences between "make install" and these recommendations
-@subsubsection Differences between "make install" and these recommendations
-The current build system does not set all permissions automatically based
-on the recommendations above. In particular, it does not use the group
-"gnunet" at all (so setting gnunet-helpers other than the
-gnunet-helper-dns to be owned by group "gnunet" must be done manually).
-Furthermore, 'make install' will silently fail to set the DNS binaries to
-be owned by group "gnunetdns" unless that group already exists (!).
-An alternative name for the "gnunetdns" group can be specified using the
-@code{--with-gnunetdns=GRPNAME} configure option.
diff --git a/doc/documentation/chapters/vocabulary.texi b/doc/documentation/chapters/vocabulary.texi
index 85b40b17b..0ee472b95 100644
--- a/doc/documentation/chapters/vocabulary.texi
+++ b/doc/documentation/chapters/vocabulary.texi
@@ -18,7 +18,7 @@ which are listed in this introductionary chapter.
 @end menu
 @node Definitions
-@subsection Defitions
+@subsection Definitions
 Throughout this Reference Manual, the following terms and definitions
 apply.
diff --git a/doc/documentation/gnunet.texi b/doc/documentation/gnunet.texi
index cd2f04399..c1905e899 100644
--- a/doc/documentation/gnunet.texi
+++ b/doc/documentation/gnunet.texi
@@ -82,13 +82,16 @@ This document is the Reference Manual for GNUnet version @value{VERSION}.
 * Preface::                         Chapter 0
 * Philosophy::                      About GNUnet
+* Key Concepts::                    Key concepts of GNUnet
 @c * Vocabulary::                      Vocabulary
+* Installing GNUnet::               Installing GNUnet
 * Using GNUnet::                    Using GNUnet
 @c * Configuration Handbook::          Configuring GNUnet
 * GNUnet Contributors Handbook::    Contributing to GNUnet
 * GNUnet Developer Handbook::       Developing GNUnet
 * GNU Free Documentation License::  The license of this manual
-* GNU General Public License::      The license of this manual
+* GNU General Public License::
+* GNU Affero General Public License::
 * Concept Index::                   Concepts
 * Programming Index::               Data types, functions, and variables
@@ -104,11 +107,12 @@ Preface
 Philosophy
-* Design Goals::
+* Design Principles::
-* Security and Privacy::
+* Privacy and Anonymity::
-* Versatility::
 * Practicality::
-* Key Concepts::
+Key Concepts
 * Authentication::
 * Accounting to Encourage Resource Sharing::
 * Confidentiality::
@@ -120,18 +124,17 @@ Philosophy
 * Backup of Identities and Egos::
 * Revocation::
+Installing GNUnet
 Using GNUnet
-* Checking the Installation::
+* Start and stop GNUnet::
-* First steps - File-sharing::
 * First steps - Using the GNU Name System::
 * First steps - Using GNUnet Conversation::
 * First steps - Using the GNUnet VPN::
 * File-sharing::
 * The GNU Name System::
 * Using the Virtual Public Network::
-* The graphical configuration interface::
-* How to start and stop a GNUnet peer::
 GNUnet Contributors Handbook
@@ -193,6 +196,14 @@ GNUnet Developer Handbook
 @c *********************************************************************
 @c *********************************************************************
+@include chapters/keyconcepts.texi
+@c *********************************************************************
+@c *********************************************************************
+@include chapters/installation.texi
+@c *********************************************************************
+@c *********************************************************************
 @include chapters/user.texi
 @c *********************************************************************
@@ -217,6 +228,12 @@ GNUnet Developer Handbook
 @include gpl-3.0.texi
 @c *********************************************************************
+@node GNU Affero General Public License
+@appendix GNU Affero General Public License
+@cindex license, GNU Affero General Public License
+@include agpl-3.0.texi
+@c *********************************************************************
 @node Concept Index
 @unnumbered Concept Index
 @printindex cp
diff --git a/src/cadet/cadet_api.c b/src/cadet/cadet_api.c
index b019424f9..319279110 100644
--- a/src/cadet/cadet_api.c
+++ b/src/cadet/cadet_api.c
@@ -357,67 +357,52 @@ reconnect (struct GNUNET_CADET_Handle *h);
 /**
- * Reconnect callback: tries to reconnect again after a failer previous
+ * Function called during #reconnect_cbk() to (re)open
- * reconnecttion
+ * all ports that are still open.
- *
- * @param cls closure (cadet handle)
- */
-static void
-reconnect_cbk (void *cls)
-{
-  struct GNUNET_CADET_Handle *h = cls;
-  h->reconnect_task = NULL;
-  reconnect (h);
-}
-/**
- * Function called during #reconnect() to destroy
- * all channels that are still open.
 *
 * @param cls the `struct GNUNET_CADET_Handle`
- * @param cid chanenl ID
+ * @param id port ID
- * @param value a `struct GNUNET_CADET_Channel` to destroy
+ * @param value a `struct GNUNET_CADET_Channel` to open
 * @return #GNUNET_OK (continue to iterate)
 */
 static int
-destroy_channel_on_reconnect_cb (void *cls,
+open_port_cb (void *cls,
-                                 uint32_t cid,
+              const struct GNUNET_HashCode *id,
-                                 void *value)
+              void *value)
 {
-  /* struct GNUNET_CADET_Handle *handle = cls; */
+  struct GNUNET_CADET_Handle *h = cls;
-  struct GNUNET_CADET_Channel *ch = value;
+  struct GNUNET_CADET_Port *port = value;
+  struct GNUNET_CADET_PortMessage *msg;
+  struct GNUNET_MQ_Envelope *env;
-  GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+  (void) id;
-              "Destroying channel due to reconnect\n");
+  env = GNUNET_MQ_msg (msg,
-  destroy_channel (ch);
+                       GNUNET_MESSAGE_TYPE_CADET_LOCAL_PORT_OPEN);
+  msg->port = port->id;
+  GNUNET_MQ_send (h->mq,
+                  env);
  return GNUNET_OK;
 }
 /**
- * Reconnect to the service, retransmit all infomation to try to restore the
+ * Reconnect callback: tries to reconnect again after a failer previous
- * original state.
+ * reconnecttion
- *
- * @param h handle to the cadet
 *
- * @return #GNUNET_YES in case of sucess, #GNUNET_NO otherwise (service down...)
+ * @param cls closure (cadet handle)
 */
 static void
-schedule_reconnect (struct GNUNET_CADET_Handle *h)
+reconnect_cbk (void *cls)
 {
-  if (NULL != h->reconnect_task)
+  struct GNUNET_CADET_Handle *h = cls;
-    return;
-  GNUNET_CONTAINER_multihashmap32_iterate (h->channels,
+  h->reconnect_task = NULL;
-                                           &destroy_channel_on_reconnect_cb,
-                                           h);
-  h->reconnect_task
-    = GNUNET_SCHEDULER_add_delayed (h->reconnect_time,
-                                    &reconnect_cbk,
-                                    h);
  h->reconnect_time
    = GNUNET_TIME_STD_BACKOFF (h->reconnect_time);
+  reconnect (h);
+  GNUNET_CONTAINER_multihashmap_iterate (h->ports,
+                                         &open_port_cb,
+                                         h);
 }
@@ -555,15 +540,16 @@ cadet_mq_error_handler (void *cls,
 {
  struct GNUNET_CADET_Channel *ch = cls;
-  GNUNET_break (0);
  if (GNUNET_MQ_ERROR_NO_MATCH == error)
  {
    /* Got a message we did not understand, still try to continue! */
+    GNUNET_break_op (0);
    GNUNET_CADET_receive_done (ch);
  }
  else
  {
-    schedule_reconnect (ch->cadet);
+    GNUNET_break (0);
+    GNUNET_CADET_channel_destroy (ch);
  }
 }
@@ -581,6 +567,7 @@ cadet_mq_cancel_impl (struct GNUNET_MQ_Handle *mq,
 {
  struct GNUNET_CADET_Channel *ch = impl_state;
+  (void) mq;
  GNUNET_assert (NULL != ch->pending_env);
  GNUNET_MQ_discard (ch->pending_env);
  ch->pending_env = NULL;
@@ -709,6 +696,7 @@ check_local_data (void *cls,
 {
  uint16_t size;
+  (void) cls;
  size = ntohs (message->header.size);
  if (sizeof (*message) + sizeof (struct GNUNET_MessageHeader) > size)
  {
@@ -806,6 +794,32 @@ handle_local_ack (void *cls,
 /**
+ * Function called during #GNUNET_CADET_disconnect() to destroy
+ * all channels that are still open.
+ *
+ * @param cls the `struct GNUNET_CADET_Handle`
+ * @param cid chanenl ID
+ * @param value a `struct GNUNET_CADET_Channel` to destroy
+ * @return #GNUNET_OK (continue to iterate)
+ */
+static int
+destroy_channel_cb (void *cls,
+                    uint32_t cid,
+                    void *value)
+{
+  /* struct GNUNET_CADET_Handle *handle = cls; */
+  struct GNUNET_CADET_Channel *ch = value;
+  (void) cls;
+  (void) cid;
+  GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+              "Destroying channel due to GNUNET_CADET_disconnect()\n");
+  destroy_channel (ch);
+  return GNUNET_OK;
+}
+/**
 * Generic error handler, called with the appropriate error code and
 * the same closure specified at the creation of the message queue.
 * Not every message queue implementation supports an error handler.
@@ -822,9 +836,14 @@ handle_mq_error (void *cls,
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "MQ ERROR: %u\n",
              error);
+  GNUNET_CONTAINER_multihashmap32_iterate (h->channels,
+                                           &destroy_channel_cb,
+                                           h);
  GNUNET_MQ_destroy (h->mq);
  h->mq = NULL;
-  reconnect (h);
+  h->reconnect_task = GNUNET_SCHEDULER_add_delayed (h->reconnect_time,
+                                                    &reconnect_cbk,
+                                                    h);
 }
@@ -842,6 +861,7 @@ check_get_peers (void *cls,
 {
  size_t esize;
+  (void) cls;
  esize = ntohs (message->size);
  if (sizeof (struct GNUNET_CADET_LocalInfoPeer) == esize)
    return GNUNET_OK;
@@ -895,11 +915,9 @@ check_get_peer (void *cls,
                const struct GNUNET_CADET_LocalInfoPeer *message)
 {
  size_t msize = sizeof (struct GNUNET_CADET_LocalInfoPeer);
-  const struct GNUNET_PeerIdentity *paths_array;
  size_t esize;
-  unsigned int epaths;
-  unsigned int peers;
+  (void) cls;
  esize = ntohs (message->header.size);
  if (esize < msize)
  {
@@ -911,10 +929,6 @@ check_get_peer (void *cls,
    GNUNET_break (0);
    return GNUNET_SYSERR;
  }
-  peers = (esize - msize) / sizeof (struct GNUNET_PeerIdentity);
-  epaths = ntohs (message->paths);
-  paths_array = (const struct GNUNET_PeerIdentity *) &message[1];
-  
  return GNUNET_OK;
 }
@@ -1166,38 +1180,6 @@ reconnect (struct GNUNET_CADET_Handle *h)
                                 handlers,
                                 &handle_mq_error,
                                 h);
-  if (NULL == h->mq)
-  {
-    schedule_reconnect (h);
-    return;
-  }
-  h->reconnect_time = GNUNET_TIME_UNIT_MILLISECONDS;
-}
-/**
- * Function called during #GNUNET_CADET_disconnect() to destroy
- * all channels that are still open.
- *
- * @param cls the `struct GNUNET_CADET_Handle`
- * @param cid chanenl ID
- * @param value a `struct GNUNET_CADET_Channel` to destroy
- * @return #GNUNET_OK (continue to iterate)
- */
-static int
-destroy_channel_cb (void *cls,
-                    uint32_t cid,
-                    void *value)
-{
-  /* struct GNUNET_CADET_Handle *handle = cls; */
-  struct GNUNET_CADET_Channel *ch = value;
-  (void) cls;
-  (void) cid;
-  GNUNET_log (GNUNET_ERROR_TYPE_INFO,
-              "Destroying channel due to GNUNET_CADET_disconnect()\n");
-  destroy_channel (ch);
-  return GNUNET_OK;
 }
@@ -1219,6 +1201,7 @@ destroy_port_cb (void *cls,
  struct GNUNET_CADET_Port *port = value;
  (void) cls;
+  (void) id;
  /* This is a warning, the app should have cleanly closed all open ports */
  GNUNET_break (0);
  GNUNET_CADET_close_port (port);
@@ -1270,18 +1253,21 @@ GNUNET_CADET_disconnect (struct GNUNET_CADET_Handle *handle)
 void
 GNUNET_CADET_close_port (struct GNUNET_CADET_Port *p)
 {
-  struct GNUNET_CADET_PortMessage *msg;
-  struct GNUNET_MQ_Envelope *env;
  GNUNET_assert (GNUNET_YES ==
                 GNUNET_CONTAINER_multihashmap_remove (p->cadet->ports,
                                                       &p->id,
                                                       p));
-  env = GNUNET_MQ_msg (msg,
+  if (NULL != p->cadet->mq)
-                       GNUNET_MESSAGE_TYPE_CADET_LOCAL_PORT_CLOSE);
+  {
-  msg->port = p->id;
+    struct GNUNET_CADET_PortMessage *msg;
-  GNUNET_MQ_send (p->cadet->mq,
+    struct GNUNET_MQ_Envelope *env;
-                  env);
+    env = GNUNET_MQ_msg (msg,
+                         GNUNET_MESSAGE_TYPE_CADET_LOCAL_PORT_CLOSE);
+    msg->port = p->id;
+    GNUNET_MQ_send (p->cadet->mq,
+                    env);
+  }
  GNUNET_free_non_null (p->handlers);
  GNUNET_free (p);
 }
@@ -1633,9 +1619,6 @@ GNUNET_CADET_connect (const struct GNUNET_CONFIGURATION_Handle *cfg)
    return NULL;
  }
  h->next_ccn.channel_of_client = htonl (GNUNET_CADET_LOCAL_CHANNEL_ID_CLI);
-  h->reconnect_time = GNUNET_TIME_UNIT_MILLISECONDS;
-  h->reconnect_task = NULL;
  return h;
 }
@@ -1661,8 +1644,6 @@ GNUNET_CADET_open_port (struct GNUNET_CADET_Handle *h,
                        GNUNET_CADET_DisconnectEventHandler disconnects,
                        const struct GNUNET_MQ_MessageHandler *handlers)
 {
-  struct GNUNET_CADET_PortMessage *msg;
-  struct GNUNET_MQ_Envelope *env;
  struct GNUNET_CADET_Port *p;
  GNUNET_assert (NULL != connects);
@@ -1688,13 +1669,11 @@ GNUNET_CADET_open_port (struct GNUNET_CADET_Handle *h,
  p->window_changes = window_changes;
  p->disconnects = disconnects;
  p->handlers = GNUNET_MQ_copy_handlers (handlers);
+  
+  GNUNET_assert (GNUNET_OK ==
-  env = GNUNET_MQ_msg (msg,
+                 open_port_cb (h,
-                       GNUNET_MESSAGE_TYPE_CADET_LOCAL_PORT_OPEN);
+                               &p->id,
-  msg->port = p->id;
+                               p));
-  GNUNET_MQ_send (h->mq,
-                  env);
  return p;
 }
@@ -1753,7 +1732,8 @@ GNUNET_CADET_channel_create (struct GNUNET_CADET_Handle *h,
                                          handlers,
                                          &cadet_mq_error_handler,
                                          ch);
-  GNUNET_MQ_set_handlers_closure (ch->mq, channel_cls);
+  GNUNET_MQ_set_handlers_closure (ch->mq,
+                                  channel_cls);
  /* Request channel creation to service */
  env = GNUNET_MQ_msg (msg,
diff --git a/src/cadet/gnunet-cadet.c b/src/cadet/gnunet-cadet.c
index b22881907..13b04b885 100644
--- a/src/cadet/gnunet-cadet.c
+++ b/src/cadet/gnunet-cadet.c
@@ -231,7 +231,7 @@ shutdown_task (void *cls)
  }
 }
-void *
+void
 mq_cb(void *cls)
 {
  listen_stdio ();
@@ -577,9 +577,9 @@ peer_callback (void *cls,
  }else{
    p = paths;
    FPRINTF (stdout,
-                "Path with offset %u: ",
+                "Indirekt path with offset %u: ",
                offset);
-    for (i = 0; i < offset && NULL != p;)
+    for (i = 0; i <= offset && NULL != p;)
    {
        FPRINTF (stdout,
                "%s ",
diff --git a/src/cadet/gnunet-service-cadet.c b/src/cadet/gnunet-service-cadet.c
index dd693731f..4568d2733 100644
--- a/src/cadet/gnunet-service-cadet.c
+++ b/src/cadet/gnunet-service-cadet.c
@@ -881,7 +881,7 @@ path_info_iterator (void *cls,
  unsigned int path_length;
  path_length = GCPP_get_length (path);
-  path_size = sizeof (struct GNUNET_PeerIdentity) * (path_length - 1);
+  path_size = sizeof (struct GNUNET_PeerIdentity) * path_length;
  if (sizeof (*resp) + path_size > UINT16_MAX)
  {
    LOG (GNUNET_ERROR_TYPE_WARNING,
@@ -902,9 +902,9 @@ path_info_iterator (void *cls,
  /* Don't copy first peer.  First peer is always the local one.  Last
   * peer is always the destination (leave as 0, EOL).
   */
-  for (i = 0; i < off; i++)
+  for (i = 0; i <= off; i++)
    id[i] = *GCP_get_id (GCPP_get_peer_at_offset (path,
-                                                  i + 1));
+                                                  i));
  GNUNET_MQ_send (mq,
                  env);
  return GNUNET_YES;
@@ -927,29 +927,23 @@ get_peer_info (void *cls,
  struct CadetClient *c = cls;
  struct GNUNET_MQ_Envelope *env;
  struct GNUNET_CADET_LocalInfoPeer *msg;
  
  env = GNUNET_MQ_msg (msg,
                       GNUNET_MESSAGE_TYPE_CADET_LOCAL_INFO_PEER);
-  
  msg->offset = htons(0);
  msg->destination = *peer;
  msg->paths = htons (GCP_count_paths (p));
  msg->tunnel = htons (NULL != GCP_get_tunnel (p,
                                               GNUNET_NO));
  msg->finished_with_paths = htons(0);
-  
  GNUNET_MQ_send (c->mq,
                  env);
-  
+  GCP_iterate_indirect_paths (p,
-  GCP_iterate_indirect_paths(p,
+                              &path_info_iterator,
-                            &path_info_iterator,
+                              c->mq);  
-                            c->mq);
-  
 }
 /**
 * Handler for client's SHOW_PEER request.
 *
diff --git a/src/cadet/gnunet-service-cadet_peer.c b/src/cadet/gnunet-service-cadet_peer.c
index ac1ee59de..b375d51ca 100644
--- a/src/cadet/gnunet-service-cadet_peer.c
+++ b/src/cadet/gnunet-service-cadet_peer.c
@@ -243,16 +243,16 @@ GCP_2s (const struct CadetPeer *cp)
  static char buf[5];
  char *ret;
-  if (NULL == cp || 
+  if ((NULL == cp) || 
-      NULL == &cp->pid.public_key){
+      (NULL == &cp->pid.public_key))
    return "NULL";
-  }
+  
      
  ret = GNUNET_CRYPTO_eddsa_public_key_to_string (&cp->pid.public_key);
  
-  if (NULL == ret){
+  if (NULL == ret)
    return "NULL";
-  }
+  
  
  strncpy (buf,
           ret,
@@ -1217,6 +1217,8 @@ GCP_iterate_paths (struct CadetPeer *cp,
       (NULL == cp->core_mq) ? "" : " including direct link");
  if (NULL != cp->core_mq)
  {
+    /* FIXME: this branch seems to duplicate the 
+       i=0 case below (direct link). Leave out!??? -CG */
    struct CadetPeerPath *path;
    path = GCPP_get_path_from_route (1,
diff --git a/src/conversation/gnunet-conversation.c b/src/conversation/gnunet-conversation.c
index fad9d568e..bb4946720 100644
--- a/src/conversation/gnunet-conversation.c
+++ b/src/conversation/gnunet-conversation.c
@@ -264,6 +264,13 @@ phone_event_handler (void *cls,
  switch (code)
  {
  case GNUNET_CONVERSATION_EC_PHONE_RING:
+    /*
+     * FIXME: we should be playing our ringtones from contrib/sounds now!
+     *
+    ring_my_bell();
+     *
+     * see https://gstreamer.freedesktop.org/documentation/application-development/highlevel/playback-components.html on how to play a wav using the gst framework being used here
+     */
    FPRINTF (stdout,
             _("Incoming call from `%s'. Please /accept %u or /cancel %u the call.\n"),
             GNUNET_GNSRECORD_pkey_to_zkey (caller_id),
diff --git a/src/include/gnunet_common.h b/src/include/gnunet_common.h
index b4bf5b0aa..1b982cc15 100644
--- a/src/include/gnunet_common.h
+++ b/src/include/gnunet_common.h
@@ -1074,7 +1074,7 @@ GNUNET_ntoh_double (double d);
 * @param tsize the target size for the resulting vector, use 0 to
 *        free the vector (then, arr will be NULL afterwards).
 */
-#define GNUNET_array_grow(arr,size,tsize) GNUNET_xgrow_((void**)&arr, sizeof(arr[0]), &size, tsize, __FILE__, __LINE__)
+#define GNUNET_array_grow(arr,size,tsize) GNUNET_xgrow_((void**)&(arr), sizeof((arr)[0]), &size, tsize, __FILE__, __LINE__)
 /**
 * @ingroup memory
@@ -1089,7 +1089,7 @@ GNUNET_ntoh_double (double d);
 *        array size
 * @param element the element that will be appended to the array
 */
-#define GNUNET_array_append(arr,size,element) do { GNUNET_array_grow(arr,size,size+1); arr[size-1] = element; } while(0)
+#define GNUNET_array_append(arr,size,element) do { GNUNET_array_grow(arr,size,size+1); (arr)[size-1] = element; } while(0)
 /**
 * @ingroup memory
diff --git a/src/include/gnunet_dnsparser_lib.h b/src/include/gnunet_dnsparser_lib.h
index ba1392510..0fc6ac19c 100644
--- a/src/include/gnunet_dnsparser_lib.h
+++ b/src/include/gnunet_dnsparser_lib.h
@@ -82,6 +82,7 @@
 #define GNUNET_DNSPARSER_TYPE_OPENPGPKEY 61
 #define GNUNET_DNSPARSER_TYPE_TKEY 249
 #define GNUNET_DNSPARSER_TYPE_TSIG 250
+#define GNUNET_DNSPARSER_TYPE_ALL 255
 #define GNUNET_DNSPARSER_TYPE_URI 256
 #define GNUNET_DNSPARSER_TYPE_TA 32768
@@ -840,6 +841,58 @@ GNUNET_DNSPARSER_parse_srv (const char *udp_payload,
                            size_t udp_payload_length,
                            size_t *off);
+/* ***************** low-level duplication API ******************** */
+/**
+ * Duplicate (deep-copy) the given DNS record
+ *
+ * @param r the record
+ * @return the newly allocated record
+ */
+struct GNUNET_DNSPARSER_Record *
+GNUNET_DNSPARSER_duplicate_record (const struct GNUNET_DNSPARSER_Record *r);
+/**
+ * Duplicate (deep-copy) the given DNS record
+ *
+ * @param r the record
+ * @return the newly allocated record
+ */
+struct GNUNET_DNSPARSER_SoaRecord *
+GNUNET_DNSPARSER_duplicate_soa_record (const struct GNUNET_DNSPARSER_SoaRecord *r);
+/**
+ * Duplicate (deep-copy) the given DNS record
+ *
+ * @param r the record
+ * @return the newly allocated record
+ */
+struct GNUNET_DNSPARSER_CertRecord *
+GNUNET_DNSPARSER_duplicate_cert_record (const struct GNUNET_DNSPARSER_CertRecord *r);
+/**
+ * Duplicate (deep-copy) the given DNS record
+ *
+ * @param r the record
+ * @return the newly allocated record
+ */
+struct GNUNET_DNSPARSER_MxRecord *
+GNUNET_DNSPARSER_duplicate_mx_record (const struct GNUNET_DNSPARSER_MxRecord *r);
+/**
+ * Duplicate (deep-copy) the given DNS record
+ *
+ * @param r the record
+ * @return the newly allocated record
+ */
+struct GNUNET_DNSPARSER_SrvRecord *
+GNUNET_DNSPARSER_duplicate_srv_record (const struct GNUNET_DNSPARSER_SrvRecord *r);
 /* ***************** low-level deallocation API ******************** */
 /**
diff --git a/src/psyc/Makefile.am b/src/psyc/Makefile.am
index 26db608f3..d5c797f52 100644
--- a/src/psyc/Makefile.am
+++ b/src/psyc/Makefile.am
@@ -48,8 +48,8 @@ gnunet_service_psyc_CFLAGS = $(AM_CFLAGS)
 if HAVE_TESTING
-check_PROGRAMS = \
+#check_PROGRAMS = \
- test_psyc2
+# test_psyc2
 # test_psyc
 endif
diff --git a/src/util/.gitignore b/src/util/.gitignore
index 23139a1ab..8e7093568 100644
--- a/src/util/.gitignore
+++ b/src/util/.gitignore
@@ -69,3 +69,4 @@ perf_crypto_hash
 perf_crypto_symmetric
 perf_crypto_rsa
 perf_crypto_ecc_dlog
+test_hexcoder test_regex test_tun
diff --git a/src/util/dnsparser.c b/src/util/dnsparser.c
index cce68f2ee..57d0a014c 100644
--- a/src/util/dnsparser.c
+++ b/src/util/dnsparser.c
@@ -759,6 +759,122 @@ GNUNET_DNSPARSER_parse (const char *udp_payload,
 /**
+ * Duplicate (deep-copy) the given DNS record
+ *
+ * @param r the record
+ * @return the newly allocated record
+ */
+struct GNUNET_DNSPARSER_Record *
+GNUNET_DNSPARSER_duplicate_record (const struct GNUNET_DNSPARSER_Record *r)
+{
+  struct GNUNET_DNSPARSER_Record *dup = GNUNET_memdup (r, sizeof (*r));
+  dup->name = GNUNET_strdup (r->name);
+  switch (r->type)
+  {
+    case GNUNET_DNSPARSER_TYPE_NS:
+    case GNUNET_DNSPARSER_TYPE_CNAME:
+    case GNUNET_DNSPARSER_TYPE_PTR:
+    {
+      dup->data.hostname = GNUNET_strdup (r->data.hostname);
+      break;
+    }
+    case GNUNET_DNSPARSER_TYPE_SOA:
+    {
+      dup->data.soa = GNUNET_DNSPARSER_duplicate_soa_record (r->data.soa);
+      break;
+    }
+    case GNUNET_DNSPARSER_TYPE_CERT:
+    {
+      dup->data.cert = GNUNET_DNSPARSER_duplicate_cert_record (r->data.cert);
+      break;
+    }
+    case GNUNET_DNSPARSER_TYPE_MX:
+    {
+      dup->data.mx = GNUNET_DNSPARSER_duplicate_mx_record (r->data.mx);
+      break;
+    }
+    case GNUNET_DNSPARSER_TYPE_SRV:
+    {
+      dup->data.srv = GNUNET_DNSPARSER_duplicate_srv_record (r->data.srv);
+      break;
+    }
+    default:
+    {
+      dup->data.raw.data = GNUNET_memdup (r->data.raw.data,
+                                          r->data.raw.data_len);
+    }
+  }
+  return dup;
+}
+/**
+ * Duplicate (deep-copy) the given DNS record
+ *
+ * @param r the record
+ * @return the newly allocated record
+ */
+struct GNUNET_DNSPARSER_SoaRecord *
+GNUNET_DNSPARSER_duplicate_soa_record (const struct GNUNET_DNSPARSER_SoaRecord *r)
+{
+  struct GNUNET_DNSPARSER_SoaRecord *dup = GNUNET_memdup (r, sizeof (*r));
+  dup->mname = GNUNET_strdup (r->mname);
+  dup->rname = GNUNET_strdup (r->rname);
+  return dup;
+}
+/**
+ * Duplicate (deep-copy) the given DNS record
+ *
+ * @param r the record
+ * @return the newly allocated record
+ */
+struct GNUNET_DNSPARSER_CertRecord *
+GNUNET_DNSPARSER_duplicate_cert_record (const struct GNUNET_DNSPARSER_CertRecord *r)
+{
+  struct GNUNET_DNSPARSER_CertRecord *dup = GNUNET_memdup (r, sizeof (*r));
+  dup->certificate_data = GNUNET_strdup (r->certificate_data);
+  return dup;
+}
+/**
+ * Duplicate (deep-copy) the given DNS record
+ *
+ * @param r the record
+ * @return the newly allocated record
+ */
+struct GNUNET_DNSPARSER_MxRecord *
+GNUNET_DNSPARSER_duplicate_mx_record (const struct GNUNET_DNSPARSER_MxRecord *r)
+{
+  struct GNUNET_DNSPARSER_MxRecord *dup = GNUNET_memdup (r, sizeof (*r));
+  dup->mxhost = GNUNET_strdup (r->mxhost);
+  return dup;
+}
+/**
+ * Duplicate (deep-copy) the given DNS record
+ *
+ * @param r the record
+ * @return the newly allocated record
+ */
+struct GNUNET_DNSPARSER_SrvRecord *
+GNUNET_DNSPARSER_duplicate_srv_record (const struct GNUNET_DNSPARSER_SrvRecord *r)
+{
+  struct GNUNET_DNSPARSER_SrvRecord *dup = GNUNET_memdup (r, sizeof (*r));
+  dup->target = GNUNET_strdup (r->target);
+  return dup;
+}
+/**
 * Free memory taken by a packet.
 *
 * @param p packet to free
diff --git a/src/util/gnunet-service-resolver.c b/src/util/gnunet-service-resolver.c
index d90d8ec10..5b890261b 100644
--- a/src/util/gnunet-service-resolver.c
+++ b/src/util/gnunet-service-resolver.c
@@ -27,721 +27,559 @@
 #include "gnunet_statistics_service.h"
 #include "resolver.h"
+struct Record
+{
+  struct Record *next;
+  struct Record *prev;
+  struct GNUNET_DNSPARSER_Record *record;
+};
 /**
- * A cached DNS lookup result (for reverse lookup).
+ * A cached DNS lookup result.
 */
-struct IPCache
+struct ResolveCache
 {
  /**
   * This is a doubly linked list.
   */
-  struct IPCache *next;
+  struct ResolveCache *next;
  /**
   * This is a doubly linked list.
   */
-  struct IPCache *prev;
+  struct ResolveCache *prev;
  /**
-   * Hostname in human-readable form.
+   * type of queried DNS record
   */
-  char *addr;
+  uint16_t record_type;
  /**
-   * Binary IP address, allocated at the end of this struct.
+   * a pointer to the request_id if a query for this hostname/record_type
+   * is currently pending, NULL otherwise.
   */
-  const void *ip;
+  int16_t *request_id;
  /**
-   * Last time this entry was updated.
+   * The client that queried the records contained in this cache entry.
   */
-  struct GNUNET_TIME_Absolute last_refresh;
+  struct GNUNET_SERVICE_Client *client;
  /**
-   * Last time this entry was requested.
+   * head of a double linked list containing the lookup results
   */
-  struct GNUNET_TIME_Absolute last_request;
+  struct Record *records_head;
  /**
-   * Number of bytes in ip.
+   * tail of a double linked list containing the lookup results
   */
-  size_t ip_len;
+  struct Record *records_tail;
  /**
-   * Address family of the IP.
+   * handle for cancelling a request
   */
-  int af;
+  struct GNUNET_DNSSTUB_RequestSocket *resolve_handle;
+  /**
+   * handle for the resolution timeout task
+   */
+  struct GNUNET_SCHEDULER_Task *timeout_task;
 };
 /**
 * Start of the linked list of cached DNS lookup results.
 */
-static struct IPCache *cache_head;
+static struct ResolveCache *cache_head;
 /**
 * Tail of the linked list of cached DNS lookup results.
 */
-static struct IPCache *cache_tail;
+static struct ResolveCache *cache_tail;
 /**
- * Pipe for asynchronously notifying about resolve result
+ * context of dnsstub library
 */
-static struct GNUNET_DISK_PipeHandle *resolve_result_pipe;
+static struct GNUNET_DNSSTUB_Context *dnsstub_ctx;
-/**
- * Task for reading from resolve_result_pipe
- */
-static struct GNUNET_SCHEDULER_Task *resolve_result_pipe_task;
+void free_cache_entry (struct ResolveCache *entry)
-#if HAVE_GETNAMEINFO
-/**
- * Resolve the given request using getnameinfo
- *
- * @param cache the request to resolve (and where to store the result)
- */
-static void
-getnameinfo_resolve (struct IPCache *cache)
 {
-  char hostname[256];
+  struct Record *pos;
-  const struct sockaddr *sa;
+  struct Record *next;
-  struct sockaddr_in v4;
+ 
-  struct sockaddr_in6 v6;
+  next = entry->records_head;
-  size_t salen;
+  while (NULL != (pos = next))
-  int ret;
-  switch (cache->af)
  {
-  case AF_INET:
+    next = pos->next;
-    GNUNET_assert (cache->ip_len == sizeof (struct in_addr));
+    GNUNET_CONTAINER_DLL_remove (entry->records_head,
-    sa = (const struct sockaddr*) &v4;
+                                 entry->records_tail,
-    memset (&v4, 0, sizeof (v4));
+                                 pos);
-    v4.sin_addr = * (const struct in_addr*) cache->ip;
+    if (NULL != pos->record)
-    v4.sin_family = AF_INET;
+    {
-#if HAVE_SOCKADDR_IN_SIN_LEN
+      GNUNET_DNSPARSER_free_record (pos->record);
-    v4.sin_len = sizeof (v4);
+      GNUNET_free (pos->record);
-#endif
+    }
-    salen = sizeof (v4);
+    GNUNET_free (pos);
-    break;
-  case AF_INET6:
-    GNUNET_assert (cache->ip_len == sizeof (struct in6_addr));
-    sa = (const struct sockaddr*) &v6;
-    memset (&v6, 0, sizeof (v6));
-    v6.sin6_addr = * (const struct in6_addr*) cache->ip;
-    v6.sin6_family = AF_INET6;
-#if HAVE_SOCKADDR_IN_SIN_LEN
-    v6.sin6_len = sizeof (v6);
-#endif
-    salen = sizeof (v6);
-    break;
-  default:
-    GNUNET_assert (0);
  }
+  if (NULL != entry->resolve_handle)
-  if (0 ==
-      (ret = getnameinfo (sa, salen,
-                          hostname, sizeof (hostname),
-                          NULL,
-                          0, 0)))
  {
-    cache->addr = GNUNET_strdup (hostname);
+    GNUNET_DNSSTUB_resolve_cancel (entry->resolve_handle);
+    entry->resolve_handle = NULL;
  }
-  else
+  if (NULL != entry->timeout_task)
  {
-    GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+    GNUNET_SCHEDULER_cancel (entry->timeout_task);
-                "getnameinfo failed: %s\n",
+    entry->timeout_task = NULL;
-                gai_strerror (ret));
  }
+  GNUNET_free_non_null (entry->request_id);
+  GNUNET_free (entry);
 }
-#endif
-#if HAVE_GETHOSTBYADDR
+static char*
+extract_dns_server (const char* line, size_t line_len)
+{
+  if (0 == strncmp (line, "nameserver ", 11))
+    return GNUNET_strndup (line + 11, line_len - 11);
+  return NULL;
+}
+ 
 /**
- * Resolve the given request using gethostbyaddr
+ * reads the list of nameservers from /etc/resolve.conf
 *
- * @param cache the request to resolve (and where to store the result)
+ * @param server_addrs[out] a list of null-terminated server address strings
+ * @return the number of server addresses in @server_addrs, -1 on error
 */
-static void
+static ssize_t
-gethostbyaddr_resolve (struct IPCache *cache)
+lookup_dns_servers (char ***server_addrs)
 {
-  struct hostent *ent;
+  struct GNUNET_DISK_FileHandle *fh;
+  char buf[2048];
-  ent = gethostbyaddr (cache->ip,
+  ssize_t bytes_read;
-                       cache->ip_len,
+  size_t read_offset = 0;
-                       cache->af);
+  unsigned int num_dns_servers = 0;
-  if (NULL != ent)
+    
+  fh = GNUNET_DISK_file_open ("/etc/resolv.conf",
+                              GNUNET_DISK_OPEN_READ,
+                              GNUNET_DISK_PERM_NONE);
+  if (NULL == fh)
  {
-    cache->addr = GNUNET_strdup (ent->h_name);
+    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+                "Could not open /etc/resolv.conf. "
+                "DNS resolution will not be possible.\n");
+    return -1;
  }
-  else
+  bytes_read = GNUNET_DISK_file_read (fh,
+                                      buf,
+                                      sizeof (buf));
+  *server_addrs = NULL;
+  while (read_offset < bytes_read)
  {
-    GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+    char *newline;
-                "gethostbyaddr failed: %s\n",
+    size_t line_len;
-                hstrerror (h_errno));
+    char *dns_server;
+    
+    newline = strchr (buf + read_offset, '\n');
+    if (NULL == newline)
+    {
+      break;
+    }
+    line_len = newline - buf - read_offset;
+    dns_server = extract_dns_server (buf + read_offset, line_len);
+    if (NULL != dns_server)
+    {
+      GNUNET_array_append (*server_addrs,
+                           num_dns_servers,
+                           dns_server);
+    }
+    read_offset += line_len + 1;
  }
+  GNUNET_DISK_file_close (fh);
+  return num_dns_servers;
 }
-#endif
-/**
+static char *
- * Resolve the given request using the available methods.
+make_reverse_hostname (const void *ip, int af)
- *
- * @param cache the request to resolve (and where to store the result)
- */
-static void
-cache_resolve (struct IPCache *cache)
 {
-#if HAVE_GETNAMEINFO
+  char *buf = GNUNET_new_array (80, char);
-  if (NULL == cache->addr)
+  int pos = 0;
-    getnameinfo_resolve (cache);
+  if (AF_INET == af)
-#endif
+  {
-#if HAVE_GETHOSTBYADDR
+    struct in_addr *addr = (struct in_addr *)ip;
-  if (NULL == cache->addr)
+    uint32_t ip_int = addr->s_addr;
-    gethostbyaddr_resolve (cache);
+    for (int i = 3; i >= 0; i--)
-#endif
+    {
+      int n = GNUNET_snprintf (buf + pos,
+                               80 - pos,
+                               "%u.",
+                               ((uint8_t *)&ip_int)[i]);
+      if (n < 0)
+      {
+        GNUNET_free (buf);
+        return NULL;
+      }
+      pos += n;
+    }
+    pos += GNUNET_snprintf (buf + pos, 80 - pos, "in-addr.arpa");
+  }
+  else if (AF_INET6 == af)
+  {
+    struct in6_addr *addr = (struct in6_addr *)ip;
+    for (int i = 15; i >= 0; i--)
+    {
+      int n = GNUNET_snprintf (buf + pos, 80 - pos, "%x.", addr->s6_addr[i] & 0xf);
+      if (n < 0)
+      {
+        GNUNET_free (buf);
+        return NULL;
+      }
+      pos += n;
+      n = GNUNET_snprintf (buf + pos, 80 - pos, "%x.", addr->s6_addr[i] >> 4);
+      if (n < 0)
+      {
+        GNUNET_free (buf);
+        return NULL;
+      }
+      pos += n;
+    }
+    pos += GNUNET_snprintf (buf + pos, 80 - pos, "ip6.arpa");
+  }
+  buf[pos] = '\0';
+  return buf;
 }
-/**
- * Function called after the replies for the request have all
- * been transmitted to the client, and we can now read the next
- * request from the client.
- *
- * @param cls the `struct GNUNET_SERVICE_Client` to continue with
- */
 static void
-notify_service_client_done (void *cls)
+send_reply (struct GNUNET_DNSPARSER_Record *record,
+            uint16_t request_id,
+            struct GNUNET_SERVICE_Client *client)
 {
-  struct GNUNET_SERVICE_Client *client = cls;
-  GNUNET_SERVICE_client_continue (client);
-}
-/**
- * Get an IP address as a string (works for both IPv4 and IPv6).  Note
- * that the resolution happens asynchronously and that the first call
- * may not immediately result in the FQN (but instead in a
- * human-readable IP address).
- *
- * @param client handle to the client making the request (for sending the reply)
- * @param af AF_INET or AF_INET6
- * @param ip `struct in_addr` or `struct in6_addr`
- */
-static void
-get_ip_as_string (struct GNUNET_SERVICE_Client *client,
-                  int af,
-                  const void *ip,
-                  uint32_t request_id)
-{
-  struct IPCache *pos;
-  struct IPCache *next;
-  struct GNUNET_TIME_Absolute now;
-  struct GNUNET_MQ_Envelope *env;
-  struct GNUNET_MQ_Handle *mq;
  struct GNUNET_RESOLVER_ResponseMessage *msg;
-  size_t ip_len;
+  struct GNUNET_MQ_Envelope *env;
-  struct in6_addr ix;
+  void *payload;
-  size_t alen;
+  size_t payload_len;
-  switch (af)
+  switch (record->type)
-  {
-  case AF_INET:
-    ip_len = sizeof (struct in_addr);
-    break;
-  case AF_INET6:
-    ip_len = sizeof (struct in6_addr);
-    break;
-  default:
-    GNUNET_assert (0);
-  }
-  now = GNUNET_TIME_absolute_get ();
-  next = cache_head;
-  while ( (NULL != (pos = next)) &&
-          ( (pos->af != af) ||
-            (pos->ip_len != ip_len) ||
-            (0 != memcmp (pos->ip, ip, ip_len))) )
  {
-    next = pos->next;
+    case GNUNET_DNSPARSER_TYPE_PTR:
-    if (GNUNET_TIME_absolute_get_duration (pos->last_request).rel_value_us <
-        60 * 60 * 1000 * 1000LL)
    {
-      GNUNET_CONTAINER_DLL_remove (cache_head,
+      char *hostname = record->data.hostname;
-                                   cache_tail,
+      payload = hostname;
-                                   pos);
+      payload_len = strlen (hostname) + 1;
-      GNUNET_free_non_null (pos->addr);
+      break;
-      GNUNET_free (pos);
-      continue;
    }
-  }
+    case GNUNET_DNSPARSER_TYPE_A:
-  if (NULL != pos)
+    case GNUNET_DNSPARSER_TYPE_AAAA:
-  {
-    if ( (1 == inet_pton (af,
-                          pos->ip,
-                          &ix)) &&
-         (GNUNET_TIME_absolute_get_duration (pos->last_request).rel_value_us >
-          120 * 1000 * 1000LL) )
    {
-      /* try again if still numeric AND 2 minutes have expired */
+      payload = record->data.raw.data;
-      GNUNET_free_non_null (pos->addr);
+      payload_len = record->data.raw.data_len;
-      pos->addr = NULL;
+      break;         
-      cache_resolve (pos);
+    }
-      pos->last_request = now;
+    default:
+    {
+      GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+                  "Cannot handle DNS response type: unimplemented\n");
+      return;
    }
  }
-  else
-  {
-    pos = GNUNET_malloc (sizeof (struct IPCache) + ip_len);
-    pos->ip = &pos[1];
-    GNUNET_memcpy (&pos[1],
-                   ip,
-                   ip_len);
-    pos->last_request = now;
-    pos->last_refresh = now;
-    pos->ip_len = ip_len;
-    pos->af = af;
-    GNUNET_CONTAINER_DLL_insert (cache_head,
-                                 cache_tail,
-                                 pos);
-    cache_resolve (pos);
-  }
-  if (NULL != pos->addr)
-    alen = strlen (pos->addr) + 1;
-  else
-    alen = 0;
-  mq = GNUNET_SERVICE_client_get_mq (client);
  env = GNUNET_MQ_msg_extra (msg,
-                             alen,
+                             payload_len,
-                             GNUNET_MESSAGE_TYPE_RESOLVER_RESPONSE);
+                             GNUNET_MESSAGE_TYPE_RESOLVER_RESPONSE);
  msg->id = request_id;
  GNUNET_memcpy (&msg[1],
-                 pos->addr,
+                 payload,
-                 alen);
+                 payload_len);
-  GNUNET_MQ_send (mq,
+  GNUNET_MQ_send (GNUNET_SERVICE_client_get_mq (client),
-                  env);
+                  env);
-  // send end message
-  env = GNUNET_MQ_msg (msg,
-                       GNUNET_MESSAGE_TYPE_RESOLVER_RESPONSE);
-  msg->id = request_id;
-  GNUNET_MQ_notify_sent (env,
-                         &notify_service_client_done,
-                         client);
-  GNUNET_MQ_send (mq,
-                  env);
 }
-#if HAVE_GETADDRINFO_A
-struct AsyncCls
-{
-  struct gaicb *host;
-  struct sigevent *sig;
-  struct GNUNET_MQ_Handle *mq;
-  uint32_t request_id;
-};
 static void
-resolve_result_pipe_cb (void *cls)
+send_end_msg (uint16_t request_id,
+              struct GNUNET_SERVICE_Client *client)
 {
-  struct AsyncCls *async_cls;
-  struct gaicb *host;
  struct GNUNET_RESOLVER_ResponseMessage *msg;
  struct GNUNET_MQ_Envelope *env;
-  GNUNET_DISK_file_read (GNUNET_DISK_pipe_handle (resolve_result_pipe,
+  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
-                                                  GNUNET_DISK_PIPE_END_READ),
+              "Sending end message\n");
-                         &async_cls,
+  env = GNUNET_MQ_msg (msg,
-                         sizeof (struct AsyncCls *));
+                       GNUNET_MESSAGE_TYPE_RESOLVER_RESPONSE);
-  resolve_result_pipe_task =
+  msg->id = request_id;
-    GNUNET_SCHEDULER_add_read_file (GNUNET_TIME_UNIT_FOREVER_REL,
+  GNUNET_MQ_send (GNUNET_SERVICE_client_get_mq (client),
-                                    GNUNET_DISK_pipe_handle (resolve_result_pipe,
+                  env);
-                                                             GNUNET_DISK_PIPE_END_READ),
+}
-                                    &resolve_result_pipe_cb,
-                                    NULL);
-  host = async_cls->host;
+static void
-  for (struct addrinfo *pos = host->ar_result; pos != NULL; pos = pos->ai_next)
+handle_resolve_result (void *cls,
+                       const struct GNUNET_TUN_DnsHeader *dns,
+                       size_t dns_len)
+{
+  struct ResolveCache *cache = cls;
+  struct GNUNET_DNSPARSER_Packet *parsed;
+  uint16_t request_id = *cache->request_id;
+  struct GNUNET_SERVICE_Client *client = cache->client;
+  parsed = GNUNET_DNSPARSER_parse ((const char *)dns,
+                                   dns_len);
+  if (NULL == parsed)
+  {
+    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+                "Failed to parse DNS reply (request ID %u\n",
+                request_id);
+    return;
+  }
+  if (request_id != ntohs (parsed->id))
+  {
+    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+                "Request ID in DNS reply does not match\n");
+    return;
+  }
+  else if (0 == parsed->num_answers)
+  {
+    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+                "DNS reply (request ID %u) contains no answers\n",
+                request_id);
+    GNUNET_CONTAINER_DLL_remove (cache_head,
+                                 cache_tail,
+                                 cache);
+    free_cache_entry (cache);
+    cache = NULL;
+  }
+  else
  {
    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
-                "Lookup result for hostname %s: %s (request ID %u)\n",
+                "Got reply for request ID %u\n",
-                host->ar_name,
+                request_id);
-                GNUNET_a2s (pos->ai_addr, pos->ai_addrlen),
+    for (unsigned int i = 0; i != parsed->num_answers; i++)
-                async_cls->request_id);
-    switch (pos->ai_family)
    {
-    case AF_INET:
+      struct Record *cache_entry = GNUNET_new (struct Record);
-      env = GNUNET_MQ_msg_extra (msg,
+      struct GNUNET_DNSPARSER_Record *record = &parsed->answers[i];
-                                 sizeof (struct in_addr),
+      cache_entry->record = GNUNET_DNSPARSER_duplicate_record (record);
-                                 GNUNET_MESSAGE_TYPE_RESOLVER_RESPONSE);
+      GNUNET_CONTAINER_DLL_insert (cache->records_head,
-      msg->id = async_cls->request_id;
+                                   cache->records_tail,
-      GNUNET_memcpy (&msg[1],
+                                   cache_entry);
-                     &((struct sockaddr_in*) pos->ai_addr)->sin_addr,
+      send_reply (cache_entry->record,
-                     sizeof (struct in_addr));
+                  request_id,
-      GNUNET_MQ_send (async_cls->mq,
+                  cache->client);
-                      env);
-      break;
-    case AF_INET6:
-      env = GNUNET_MQ_msg_extra (msg,
-                                 sizeof (struct in6_addr),
-                                 GNUNET_MESSAGE_TYPE_RESOLVER_RESPONSE);
-      msg->id = async_cls->request_id;
-      GNUNET_memcpy (&msg[1],
-                     &((struct sockaddr_in6*) pos->ai_addr)->sin6_addr,
-                     sizeof (struct in6_addr));
-      GNUNET_MQ_send (async_cls->mq,
-                      env);
-      break;
-    default:
-      /* unsupported, skip */
-      break;
    }
+    GNUNET_free_non_null (cache->request_id);
+    cache->request_id = NULL;
  }
-  // send end message
+  send_end_msg (request_id,
-  env = GNUNET_MQ_msg (msg,
+                client);
-                       GNUNET_MESSAGE_TYPE_RESOLVER_RESPONSE);
+  if (NULL != cache)
-  msg->id = async_cls->request_id;
+    cache->client = NULL;
-  GNUNET_MQ_send (async_cls->mq,
+  if (NULL != cache)
-                  env);
+  {
-  freeaddrinfo (host->ar_result);
+    if (NULL != cache->timeout_task)
-  GNUNET_free ((struct gaicb *)host->ar_request); // free hints
+    { 
-  GNUNET_free (host);
+      GNUNET_SCHEDULER_cancel (cache->timeout_task);
-  GNUNET_free (async_cls->sig);
+      cache->timeout_task = NULL;
-  GNUNET_free (async_cls);
+    }
+    if (NULL != cache->resolve_handle)
+    {
+      GNUNET_DNSSTUB_resolve_cancel (cache->resolve_handle);
+      cache->resolve_handle = NULL;
+    }
+  }
+  GNUNET_DNSPARSER_free_packet (parsed);
 }
 static void
-handle_async_result (union sigval val) 
+handle_resolve_timeout (void *cls)
 {
-  GNUNET_DISK_file_write (GNUNET_DISK_pipe_handle (resolve_result_pipe,
+  struct ResolveCache *cache = cls;
-                                                   GNUNET_DISK_PIPE_END_WRITE),
-                          &val.sival_ptr,
+  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 
-                          sizeof (val.sival_ptr));
+              "timeout!\n");
+  if (NULL != cache->resolve_handle)
+  {
+    GNUNET_DNSSTUB_resolve_cancel (cache->resolve_handle);
+    cache->resolve_handle = NULL;
+  }
+  GNUNET_CONTAINER_DLL_remove (cache_head,
+                               cache_tail,
+                               cache);
+  free_cache_entry (cache);
 }
 static int
-getaddrinfo_a_resolve (struct GNUNET_MQ_Handle *mq,
+resolve_and_cache (const char* hostname,
-                       const char *hostname,
+                   uint16_t record_type,
-                       int af,
+                   uint16_t request_id,
-                       uint32_t request_id)
+                   struct GNUNET_SERVICE_Client *client)
 {
-  int ret;
+  char *packet_buf;
-  struct gaicb *host;
+  size_t packet_size;
-  struct addrinfo *hints; 
+  struct GNUNET_DNSPARSER_Query query;
-  struct sigevent *sig;
+  struct GNUNET_DNSPARSER_Packet packet;
-  struct AsyncCls *async_cls;
+  struct ResolveCache *cache;
+  struct GNUNET_TIME_Relative timeout =
-  host = GNUNET_new (struct gaicb);
+    GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 5);
-  hints = GNUNET_new (struct addrinfo);
-  sig = GNUNET_new (struct sigevent);
+  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
-  async_cls = GNUNET_new (struct AsyncCls);
+              "resolve_and_cache\n");
-  memset (hints,
+  query.name = (char *)hostname;
+  query.type = record_type;
+  query.dns_traffic_class = GNUNET_TUN_DNS_CLASS_INTERNET;
+  memset (&packet,
          0,
-          sizeof (struct addrinfo));
+          sizeof (packet));
-  memset (sig,
+  packet.num_queries = 1;
-          0,
+  packet.queries = &query;
-          sizeof (struct sigevent));
+  packet.id = htons (request_id);
-  hints->ai_family = af;
+  packet.flags.recursion_desired = 1;
-  hints->ai_socktype = SOCK_STREAM;      /* go for TCP */
+  if (GNUNET_OK != 
-  host->ar_name = hostname;
+      GNUNET_DNSPARSER_pack (&packet,
-  host->ar_service = NULL;
+                             UINT16_MAX,
-  host->ar_request = hints;
+                             &packet_buf,
-  host->ar_result = NULL;
+                             &packet_size))
-  sig->sigev_notify = SIGEV_THREAD;
+  {
-  sig->sigev_value.sival_ptr = async_cls;
+    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
-  sig->sigev_notify_function = &handle_async_result; 
+                "Failed to pack query for hostname `%s'\n",
-  async_cls->host = host;
+                hostname);
-  async_cls->sig = sig;
-  async_cls->mq = mq;
-  async_cls->request_id = request_id;
-  ret = getaddrinfo_a (GAI_NOWAIT,
-                       &host,
-                       1,
-                       sig);
-  if (0 != ret)
    return GNUNET_SYSERR;
+ 
+  }
+  cache = GNUNET_malloc (sizeof (struct ResolveCache));
+  cache->record_type = record_type;
+  cache->request_id = GNUNET_memdup (&request_id, sizeof (request_id));
+  cache->client = client;
+  cache->timeout_task = GNUNET_SCHEDULER_add_delayed (timeout,
+                                                      &handle_resolve_timeout,
+                                                      cache);
+  cache->resolve_handle = 
+    GNUNET_DNSSTUB_resolve (dnsstub_ctx,
+                            packet_buf,
+                            packet_size,
+                            &handle_resolve_result,
+                            cache);
+  GNUNET_CONTAINER_DLL_insert (cache_head,
+                               cache_tail,
+                               cache);
+  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+              "resolve %s, request_id = %u\n",
+              hostname,
+              request_id);
+  GNUNET_free (packet_buf);
  return GNUNET_OK;
 }
-#elif HAVE_GETADDRINFO
+static const char *
-static int
+get_hostname (struct ResolveCache *cache_entry)
-getaddrinfo_resolve (struct GNUNET_MQ_Handle *mq,
-                     const char *hostname,
-                     int af,
-                     uint32_t request_id)
 {
-  int s;
+  if (NULL != cache_entry->records_head)
-  struct addrinfo hints;
-  struct addrinfo *result;
-  struct addrinfo *pos;
-  struct GNUNET_RESOLVER_ResponseMessage *msg;
-  struct GNUNET_MQ_Envelope *env;
-#ifdef WINDOWS
-  /* Due to a bug, getaddrinfo will not return a mix of different families */
-  if (AF_UNSPEC == af)
  {
-    int ret1;
+    GNUNET_assert (NULL != cache_entry->records_head);
-    int ret2;
+    GNUNET_assert (NULL != cache_entry->records_head->record);
-    ret1 = getaddrinfo_resolve (mq,
+    GNUNET_assert (NULL != cache_entry->records_head->record->name);
-                                hostname,
+    return cache_entry->records_head->record->name;
-                                AF_INET,
-                                request_id);
-    ret2 = getaddrinfo_resolve (mq,
-                                hostname,
-                                AF_INET6,
-                                request_id);
-    if ( (ret1 == GNUNET_OK) ||
-         (ret2 == GNUNET_OK) )
-      return GNUNET_OK;
-    if ( (ret1 == GNUNET_SYSERR) ||
-         (ret2 == GNUNET_SYSERR) )
-      return GNUNET_SYSERR;
-    return GNUNET_NO;
  }
-#endif
+  return NULL;
-  memset (&hints,
-          0,
-          sizeof (struct addrinfo));
-  hints.ai_family = af;
-  hints.ai_socktype = SOCK_STREAM;      /* go for TCP */
-  if (0 != (s = getaddrinfo (hostname,
-                             NULL,
-                             &hints,
-                             &result)))
-  {
-    GNUNET_log (GNUNET_ERROR_TYPE_INFO,
-                _("Could not resolve `%s' (%s): %s\n"),
-                hostname,
-                (af ==
-                 AF_INET) ? "IPv4" : ((af == AF_INET6) ? "IPv6" : "any"),
-                gai_strerror (s));
-    if ( (s == EAI_BADFLAGS) ||
-#ifndef WINDOWS
-         (s == EAI_SYSTEM) ||
-#endif
-         (s == EAI_MEMORY) )
-      return GNUNET_NO;         /* other function may still succeed */
-    return GNUNET_SYSERR;
-  }
-  if (NULL == result)
-    return GNUNET_SYSERR;
-  for (pos = result; pos != NULL; pos = pos->ai_next)
-  {
-    switch (pos->ai_family)
-    {
-    case AF_INET:
-      env = GNUNET_MQ_msg_extra (msg,
-                                 sizeof (struct in_addr),
-                                 GNUNET_MESSAGE_TYPE_RESOLVER_RESPONSE);
-      msg->id = request_id;
-      GNUNET_memcpy (&msg[1],
-                     &((struct sockaddr_in*) pos->ai_addr)->sin_addr,
-                     sizeof (struct in_addr));
-      GNUNET_MQ_send (mq,
-                      env);
-      break;
-    case AF_INET6:
-      env = GNUNET_MQ_msg_extra (msg,
-                                 sizeof (struct in6_addr),
-                                 GNUNET_MESSAGE_TYPE_RESOLVER_RESPONSE);
-      msg->id = request_id;
-      GNUNET_memcpy (&msg[1],
-                     &((struct sockaddr_in6*) pos->ai_addr)->sin6_addr,
-                     sizeof (struct in6_addr));
-      GNUNET_MQ_send (mq,
-                      env);
-      break;
-    default:
-      /* unsupported, skip */
-      break;
-    }
-  }
-  freeaddrinfo (result);
-  return GNUNET_OK;
 }
-#elif HAVE_GETHOSTBYNAME2
+static const uint16_t *
+get_record_type (struct ResolveCache *cache_entry)
-static int
-gethostbyname2_resolve (struct GNUNET_MQ_Handle *mq,
-                        const char *hostname,
-                        int af,
-                        uint32_t request_id)
 {
-  struct hostent *hp;
+  if (NULL != cache_entry->records_head)
-  int ret1;
+    return &cache_entry->record_type;
-  int ret2;
+  return NULL; 
-  struct GNUNET_MQ_Envelope *env;
+}
-  struct GNUNET_RESOLVER_ResponseMessage *msg;
-#ifdef WINDOWS
-  /* gethostbyname2() in plibc is a compat dummy that calls gethostbyname(). */
-  return GNUNET_NO;
-#endif
-  if (af == AF_UNSPEC)
+static const struct GNUNET_TIME_Absolute *
-  {
+get_expiration_time (struct ResolveCache *cache_entry)
-    ret1 = gethostbyname2_resolve (mq,
+{
-                                   hostname,
+  if (NULL != cache_entry->records_head)
-                                   AF_INET,
+    return &cache_entry->records_head->record->expiration_time;
-                                   request_id);
+  return NULL;
-    ret2 = gethostbyname2_resolve (mq,
-                                   hostname,
-                                   AF_INET6,
-                                   request_id);
-    if ( (ret1 == GNUNET_OK) ||
-         (ret2 == GNUNET_OK) )
-      return GNUNET_OK;
-    if ( (ret1 == GNUNET_SYSERR) ||
-         (ret2 == GNUNET_SYSERR) )
-      return GNUNET_SYSERR;
-    return GNUNET_NO;
-  }
-  hp = gethostbyname2 (hostname,
-                       af);
-  if (hp == NULL)
-  {
-    GNUNET_log (GNUNET_ERROR_TYPE_INFO,
-                _("Could not find IP of host `%s': %s\n"),
-                hostname,
-                hstrerror (h_errno));
-    return GNUNET_SYSERR;
-  }
-  GNUNET_assert (hp->h_addrtype == af);
-  switch (af)
-  {
-  case AF_INET:
-    GNUNET_assert (hp->h_length == sizeof (struct in_addr));
-    env = GNUNET_MQ_msg_extra (msg,
-                               hp->h_length,
-                               GNUNET_MESSAGE_TYPE_RESOLVER_RESPONSE);
-    msg->id = request_id;
-    GNUNET_memcpy (&msg[1],
-                   hp->h_addr_list[0],
-                   hp->h_length);
-    GNUNET_MQ_send (mq,
-                    env);
-    break;
-  case AF_INET6:
-    GNUNET_assert (hp->h_length == sizeof (struct in6_addr));
-    env = GNUNET_MQ_msg_extra (msg,
-                               hp->h_length,
-                               GNUNET_MESSAGE_TYPE_RESOLVER_RESPONSE);
-    msg->id = request_id;
-    GNUNET_memcpy (&msg[1],
-                   hp->h_addr_list[0],
-                   hp->h_length);
-    GNUNET_MQ_send (mq,
-                    env);
-    break;
-  default:
-    GNUNET_break (0);
-    return GNUNET_SYSERR;
-  }
-  return GNUNET_OK;
 }
-#elif HAVE_GETHOSTBYNAME
 static int
-gethostbyname_resolve (struct GNUNET_MQ_Handle *mq,
+remove_if_expired (struct ResolveCache *cache_entry)
-                       const char *hostname,
-                       uint32_t request_id)
 {
-  struct hostent *hp;
+  struct GNUNET_TIME_Absolute now = GNUNET_TIME_absolute_get ();
-  struct GNUNET_RESOLVER_ResponseMessage *msg;
-  struct GNUNET_MQ_Envelope *env;
-  hp = GETHOSTBYNAME (hostname);
+  if ( (NULL != cache_entry->records_head) &&
-  if (NULL == hp)
+       (now.abs_value_us > get_expiration_time (cache_entry)->abs_value_us) )
  {
-    GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+    GNUNET_CONTAINER_DLL_remove (cache_head,
-                _("Could not find IP of host `%s': %s\n"),
+                                 cache_tail,
-                hostname,
+                                 cache_entry);
-                hstrerror (h_errno));
+    free_cache_entry (cache_entry);
-    return GNUNET_SYSERR;
+    return GNUNET_YES;
-  }
-  if (hp->h_addrtype != AF_INET)
-  {
-    GNUNET_break (0);
-    return GNUNET_SYSERR;
  }
-  GNUNET_assert (hp->h_length == sizeof (struct in_addr));
+  return GNUNET_NO;
-  env = GNUNET_MQ_msg_extra (msg,
-                             hp->h_length,
-                             GNUNET_MESSAGE_TYPE_RESOLVER_RESPONSE);
-  msg->id = request_id;
-  GNUNET_memcpy (&msg[1],
-                 hp->h_addr_list[0],
-                 hp->h_length);
-  GNUNET_MQ_send (mq,
-                  env);
-  return GNUNET_OK;
 }
-#endif
 /**
- * Convert a string to an IP address.
+ * Get an IP address as a string (works for both IPv4 and IPv6).  Note
+ * that the resolution happens asynchronously and that the first call
+ * may not immediately result in the FQN (but instead in a
+ * human-readable IP address).
 *
- * @param client where to send the IP address
+ * @param client handle to the client making the request (for sending the reply)
- * @param hostname the hostname to resolve
+ * @param af AF_INET or AF_INET6
- * @param af AF_INET or AF_INET6; use AF_UNSPEC for "any"
+ * @param ip `struct in_addr` or `struct in6_addr`
 */
-static void
+static int
-get_ip_from_hostname (struct GNUNET_SERVICE_Client *client,
+try_cache (const char *hostname,
-                      const char *hostname,
+           uint16_t record_type,
-                      int af,
+           uint16_t request_id,
-                      uint32_t request_id)
+           struct GNUNET_SERVICE_Client *client)
 {
-  struct GNUNET_MQ_Envelope *env;
+  struct ResolveCache *pos;
-  struct GNUNET_RESOLVER_ResponseMessage *msg;
+  struct ResolveCache *next;
-  struct GNUNET_MQ_Handle *mq;
+  next = cache_head;
-  mq = GNUNET_SERVICE_client_get_mq (client);
+  while ( (NULL != (pos = next)) &&
-#if HAVE_GETADDRINFO_A
+          ( (NULL == pos->records_head) ||
-  getaddrinfo_a_resolve (mq,
+            (0 != strcmp (get_hostname (pos), hostname)) ||
-                         hostname,
+            (*get_record_type (pos) != record_type) ) )
-                         af,
+  {
-                         request_id);
+    next = pos->next;
-  GNUNET_SERVICE_client_continue (client);
+    remove_if_expired (pos);
-  return;
+  }
-#elif HAVE_GETADDRINFO
+  if (NULL != pos)
-  getaddrinfo_resolve (mq,
+  {
-                       hostname,
+    if (GNUNET_NO == remove_if_expired (pos))
-                       af,
+    {
-                       request_id);
+      GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
-#elif HAVE_GETHOSTBYNAME2
+                  "found cache entry for '%s', record type '%u'\n",
-  gethostbyname2_resolve (mq,
+                  hostname,
-                          hostname,
+                  record_type);
-                          af,
+      struct Record *cache_pos = pos->records_head;
-                          request_id);
+      while (NULL != cache_pos)
-#elif HAVE_GETHOSTBYNAME
+      {
-  if ( ( (af == AF_UNSPEC) ||
+        send_reply (cache_pos->record,
-         (af == PF_INET) ) )
+                    request_id,
-    gethostbyname_resolve (mq,
+                    client);
-                           hostname,
+        cache_pos = cache_pos->next;
-                           request_id);
+      }
-#endif
+      send_end_msg (request_id,
-  // send end message
+                    client);
-  env = GNUNET_MQ_msg (msg,
+      return GNUNET_YES;
-                       GNUNET_MESSAGE_TYPE_RESOLVER_RESPONSE);
+    }
-  msg->id = request_id;
+  }
-  GNUNET_MQ_notify_sent (env,
+  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
-                         &notify_service_client_done,
+              "no cache entry for '%s'\n",
-                         client);
+              hostname);
-  GNUNET_MQ_send (mq,
+  return GNUNET_NO;
-                  env);
 }
@@ -801,6 +639,23 @@ check_get (void *cls,
 }
+static void
+process_get (const char *hostname,
+             uint16_t record_type,
+             uint16_t request_id,
+             struct GNUNET_SERVICE_Client *client)
+{
+  if (GNUNET_NO == try_cache (hostname, record_type, request_id, client))
+  {
+    int result = resolve_and_cache (hostname,
+                                    record_type,
+                                    request_id,
+                                    client);
+    GNUNET_assert (GNUNET_OK == result);
+  }
+}
 /**
 * Handle GET-message.
 *
@@ -812,45 +667,100 @@ handle_get (void *cls,
            const struct GNUNET_RESOLVER_GetMessage *msg)
 {
  struct GNUNET_SERVICE_Client *client = cls;
-  const void *ip;
  int direction;
  int af;
-  uint32_t id;
+  uint16_t request_id;
+  const char *hostname;
  direction = ntohl (msg->direction);
  af = ntohl (msg->af);
-  id = ntohl (msg->id);
+  request_id = ntohs (msg->id);
  if (GNUNET_NO == direction)
  {
    /* IP from hostname */
-    const char *hostname;
+    hostname = GNUNET_strdup ((const char *) &msg[1]);
+    switch (af)
-    hostname = (const char *) &msg[1];
+    {
-    get_ip_from_hostname (client,
+      case AF_UNSPEC:
-                          hostname,
+      {
-                          af,
+        process_get (hostname, GNUNET_DNSPARSER_TYPE_ALL, request_id, client);
-                          id);
+        break;
-    return;
+      }
+      case AF_INET:
+      {
+        process_get (hostname, GNUNET_DNSPARSER_TYPE_A, request_id, client);
+        break;
+      }
+      case AF_INET6:
+      {
+        process_get (hostname, GNUNET_DNSPARSER_TYPE_AAAA, request_id, client);
+        break;
+      }
+      default:
+      {
+        GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+                  "got invalid af: %d\n",
+                  af);
+        GNUNET_assert (0);
+      }
+    }
+  }
+  else
+  {
+    /* hostname from IP */
+    hostname = make_reverse_hostname (&msg[1], af); 
+    process_get (hostname, GNUNET_DNSPARSER_TYPE_PTR, request_id, client);
  }
-  ip = &msg[1];
+  GNUNET_free_non_null ((char *)hostname);
+  GNUNET_SERVICE_client_continue (client);
+}
-#if !defined(GNUNET_CULL_LOGGING)
+static void 
+shutdown_task (void *cls)
+{
+  (void) cls;
+  struct ResolveCache *pos;
+  while (NULL != (pos = cache_head))
  {
-    char buf[INET6_ADDRSTRLEN];
+    GNUNET_CONTAINER_DLL_remove (cache_head,
+                                 cache_tail,
+                                 pos);
+    free_cache_entry (pos);
+  }
+  GNUNET_DNSSTUB_stop (dnsstub_ctx);
+}
+static void
+init_cb (void *cls,
+         const struct GNUNET_CONFIGURATION_Handle *cfg,
+         struct GNUNET_SERVICE_Handle *sh)
+{
+  (void) cfg;
+  (void) sh;
+  GNUNET_SCHEDULER_add_shutdown (&shutdown_task,
+                                 cls);
+  dnsstub_ctx = GNUNET_DNSSTUB_start (128);
+  char **dns_servers;
+  ssize_t num_dns_servers = lookup_dns_servers (&dns_servers);
+  if (0 == num_dns_servers)
+  {
+    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+                "no DNS server available. DNS resolution will not be possible.\n");
+  }
+  for (int i = 0; i != num_dns_servers; i++)
+  {
+    int result = GNUNET_DNSSTUB_add_dns_ip (dnsstub_ctx, dns_servers[i]);
    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
-                "Resolver asked to look up IP address `%s (request ID %u)'.\n",
+                "Adding DNS server '%s': %s\n",
-                inet_ntop (af,
+                dns_servers[i],
-                           ip,
+                GNUNET_OK == result ? "success" : "failure");
-                           buf,
+    GNUNET_free (dns_servers[i]);
-                           sizeof (buf)),
-                id);
  }
-#endif
+  GNUNET_free_non_null (dns_servers);
-  get_ip_as_string (client,
-                    af,
-                    ip,
-                    id);
 }
@@ -870,19 +780,6 @@ connect_cb (void *cls,
  (void) cls;
  (void) mq;
-#if HAVE_GETADDRINFO_A
-  resolve_result_pipe = GNUNET_DISK_pipe (GNUNET_NO,
-                                          GNUNET_NO,
-                                          GNUNET_NO,
-                                          GNUNET_NO);
-  GNUNET_assert (NULL != resolve_result_pipe);
-  resolve_result_pipe_task =
-    GNUNET_SCHEDULER_add_read_file (GNUNET_TIME_UNIT_FOREVER_REL,
-                                    GNUNET_DISK_pipe_handle (resolve_result_pipe,
-                                                             GNUNET_DISK_PIPE_END_READ),
-                                    &resolve_result_pipe_cb,
-                                    NULL);
-#endif
  return c;
 }
@@ -900,19 +797,16 @@ disconnect_cb (void *cls,
               void *internal_cls)
 {
  (void) cls;
+  struct ResolveCache *pos = cache_head; 
-#if HAVE_GETADDRINFO_A
+  while (NULL != pos)
-  if (NULL != resolve_result_pipe_task)
-  {
-    GNUNET_SCHEDULER_cancel (resolve_result_pipe_task);
-    resolve_result_pipe_task = NULL;
-  }
-  if (NULL != resolve_result_pipe)
  {
-    GNUNET_DISK_pipe_close (resolve_result_pipe);
+    if (pos->client == c)
-    resolve_result_pipe = NULL;
+    {
+      pos->client = NULL;
+    }
+    pos = pos->next;
  }
-#endif
  GNUNET_assert (c == internal_cls);
 }
@@ -923,7 +817,7 @@ disconnect_cb (void *cls,
 GNUNET_SERVICE_MAIN
 ("resolver",
 GNUNET_SERVICE_OPTION_NONE,
- NULL,
+ &init_cb,
 &connect_cb,
 &disconnect_cb,
 NULL,
@@ -950,23 +844,4 @@ GNUNET_RESOLVER_memory_init ()
 #endif
-/**
- * Free globals on exit.
- */
-void __attribute__ ((destructor))
-GNUNET_RESOLVER_memory_done ()
-{
-  struct IPCache *pos;
-  while (NULL != (pos = cache_head))
-  {
-    GNUNET_CONTAINER_DLL_remove (cache_head,
-                                 cache_tail,
-                                 pos);
-    GNUNET_free_non_null (pos->addr);
-    GNUNET_free (pos);
-  }
-}
 /* end of gnunet-service-resolver.c */
diff --git a/src/util/resolver.h b/src/util/resolver.h
index a0f105afa..07851d052 100644
--- a/src/util/resolver.h
+++ b/src/util/resolver.h
@@ -60,7 +60,7 @@ struct GNUNET_RESOLVER_GetMessage
   * identifies the request and is contained in the response message. The
   * client has to match response to request by this identifier.
   */
-  uint32_t id GNUNET_PACKED;
+  uint16_t id GNUNET_PACKED;
  /* followed by 0-terminated string for A/AAAA-lookup or
     by 'struct in_addr' / 'struct in6_addr' for reverse lookup */
@@ -79,7 +79,7 @@ struct GNUNET_RESOLVER_ResponseMessage
  * identifies the request this message responds to. The client
  * has to match response to request by this identifier.
  */
-  uint32_t id GNUNET_PACKED;
+  uint16_t id GNUNET_PACKED;
  /* followed by 0-terminated string for response to a reverse lookup
   * or by 'struct in_addr' / 'struct in6_addr' for response to
diff --git a/src/util/resolver_api.c b/src/util/resolver_api.c
index b94819f06..8a054327b 100644
--- a/src/util/resolver_api.c
+++ b/src/util/resolver_api.c
@@ -68,10 +68,10 @@ static struct GNUNET_RESOLVER_RequestHandle *req_head;
 */
 static struct GNUNET_RESOLVER_RequestHandle *req_tail;
-/**
+///**
- * ID of the last request we sent to the service
+// * ID of the last request we sent to the service
- */
+// */
-static uint32_t last_request_id;
+//static uint16_t last_request_id;
 /**
 * How long should we wait to reconnect?
@@ -445,7 +445,7 @@ process_requests ()
                             GNUNET_MESSAGE_TYPE_RESOLVER_REQUEST);
  msg->direction = htonl (rh->direction);
  msg->af = htonl (rh->af);
-  msg->id = htonl (rh->id);
+  msg->id = htons (rh->id);
  GNUNET_memcpy (&msg[1],
                 &rh[1],
                 rh->data_len);
@@ -491,7 +491,7 @@ handle_response (void *cls,
  struct GNUNET_RESOLVER_RequestHandle *rh = req_head;
  uint16_t size;
  char *nret;
-  uint32_t request_id = msg->id;
+  uint16_t request_id = msg->id;
  for (; rh != NULL; rh = rh->next)
  {
@@ -911,6 +911,14 @@ handle_lookup_timeout (void *cls)
 }
+static uint16_t
+get_request_id ()
+{
+  return (uint16_t) GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_NONCE,
+                                              UINT16_MAX);
+}
 /**
 * Convert a string to one or more IP addresses.
 *
@@ -945,7 +953,8 @@ GNUNET_RESOLVER_ip_get (const char *hostname,
       hostname);
  rh = GNUNET_malloc (sizeof (struct GNUNET_RESOLVER_RequestHandle) + slen);
  rh->af = af;
-  rh->id = ++last_request_id;
+  //rh->id = ++last_request_id;
+  rh->id = get_request_id ();
  rh->addr_callback = callback;
  rh->cls = callback_cls;
  GNUNET_memcpy (&rh[1],
@@ -1092,7 +1101,8 @@ GNUNET_RESOLVER_hostname_get (const struct sockaddr *sa,
  rh->name_callback = callback;
  rh->cls = cls;
  rh->af = sa->sa_family;
-  rh->id = ++last_request_id;
+  //rh->id = ++last_request_id;
+  rh->id = get_request_id ();
  rh->timeout = GNUNET_TIME_relative_to_absolute (timeout);
  GNUNET_memcpy (&rh[1],
                 ip,