Manual improvements. Check that we are delegated to if we want to be.

diff --git a/scripts/named-conf b/scripts/named-conf
index 359c61c08bb6ac14ea298bd91c4a7e3a9eeb2a1d..a6d7df8ca2fbcdbeaa056da584715ff917f33fb1 100755 (executable)
--- a/scripts/named-conf
+++ b/scripts/named-conf
@@ -269,6 +269,7 @@ use vars qw(%auths); # $auths{$nameserver_list} = [ $whosaidandwhy ]
 use vars qw(%glue);  # $glue{$name}{$addr_list} = [ $whosaidandwhy ]
 use vars qw(%soas);  # $soa{"$origin $serial"} = [ $whosaidandwhy ]
 use vars qw(%addr_is_ok %warned_glueless %warned_mynameaddr);
 use vars qw(%glue);  # $glue{$name}{$addr_list} = [ $whosaidandwhy ]
 use vars qw(%soas);  # $soa{"$origin $serial"} = [ $whosaidandwhy ]
 use vars qw(%addr_is_ok %warned_glueless %warned_mynameaddr);

+use vars qw($delg_to_us);

 use vars qw(@to_check); # ($addr,$whyask,$is_auth,$glueless_ok, ...)
 use vars qw(@to_check_soa); # ($addr,$whyask, ...)
 
 use vars qw(@to_check); # ($addr,$whyask,$is_auth,$glueless_ok, ...)
 use vars qw(@to_check_soa); # ($addr,$whyask, ...)
 


@@ -283,6 +284,7 @@ sub zone_reset() {
     %delgs= %auths= %glue= %soas=
        %warned_glueless= %warned_mynameaddr=
            %addr_is_ok= ();
     %delgs= %auths= %glue= %soas=
        %warned_glueless= %warned_mynameaddr=
            %addr_is_ok= ();

+    $delg_to_us= 0;

     @to_check= @to_check_soa= ();
 }
 
     @to_check= @to_check_soa= ();
 }
 


@@ -385,6 +387,7 @@ sub zone_server_addr ($$$$$) {
                     " us [$addr] with wrong name $name, (eg) $ww")
            unless $warned_mynameaddr{$name}{$addr}++;
     }
                     " us [$addr] with wrong name $name, (eg) $ww")
            unless $warned_mynameaddr{$name}{$addr}++;
     }

+    $delg_to_us=1 if $name_is_self;

 }
 
 sub zone_check_soa ($$$) {
 }
 
 sub zone_check_soa ($$$) {


@@ -449,6 +452,10 @@ sub zone_servers_ok () {
            }
        }
     }
            }
        }
     }

+    if ($cfg->{'s'} =~ m/s/ && !$delg_to_us) {
+       zone_warnmore("we are supposedly published secondary,".
+                     " but not listed as a nameserver");
+    }

 }
 
 sub zone_consistency_set ($%) {
 }
 
 sub zone_consistency_set ($%) {

diff --git a/scripts/named-conf.8 b/scripts/named-conf.8
index 5b154694905652f72babaf71fd71dbeec8e631a0..d4639f202ef76c35fb79fccec9a29128d10d1ef7 100644 (file)
--- a/scripts/named-conf.8
+++ b/scripts/named-conf.8
@@ -50,7 +50,7 @@ Checks even zones known to be broken.  Ie, ignores the
 .B ?
 zone style modifier in the configuration.
 .TP
 .B ?
 zone style modifier in the configuration.
 .TP

-\fB\-C\fP|\-\-config \fIconfig\-file\fP
+.BR \-C | \-\-config " \fIconfig\-file\fP"

 Use
 .I config\-file
 instead of
 Use
 .I config\-file
 instead of


@@ -115,7 +115,7 @@ These directives specify general configuration details.  They should
 appear before directives specifying zones, as each will affect only
 later zone directives.
 .TP
 appear before directives specifying zones, as each will affect only
 later zone directives.
 .TP

-\fBself\-addr\fP \fIfqdn ...\fP
+\fBself\-addr\fP \fIip-address ...\fP

 Specifies the list of addresses that this server may be known by in
 A records.  There is no default.
 .TP
 Specifies the list of addresses that this server may be known by in
 A records.  There is no default.
 .TP


@@ -254,15 +254,12 @@ always give the same addresses.
 Origin server's data: The set of nameservers in the origin server's
 version of the zone should be a superset of those in the delegations.
 
 Origin server's data: The set of nameservers in the origin server's
 version of the zone should be a superset of those in the delegations.
 

-Our zone configuration: For
-.B primary
-zones, the SOA origin should be one of the names specified with
-.BR self\-soa " (or " self ).  For
-.B published
-zones, the address should be that of the SOA origin.  For
-.B stealth
-zones, the address should be that of the SOA origin or one of the
-published nameservers.
+Our zone configuration: For primary zones, the SOA origin should be
+one of the names specified with
+.BR self\-soa " (or " self ).
+For published zones, the address should be that of the SOA origin.
+For stealth zones, the address should be that of the SOA origin or one
+of the published nameservers.

 .SH SECURITY
 chiark\-named\-conf is supposed to be resistant to malicious data in
 the DNS.  It is not resistant to malicious data in its own options,
 .SH SECURITY
 chiark\-named\-conf is supposed to be resistant to malicious data in
 the DNS.  It is not resistant to malicious data in its own options,


@@ -308,7 +305,7 @@ will affect the operation of chiark\-named\-conf.
 Avoid messing with these if possible.
 .LP
 .B PATH
 Avoid messing with these if possible.
 .LP
 .B PATH

-Used to find subprograms such as
+is used to find subprograms such as

 .BR dig " and " adnshost .
 .SH BUGS
 The determination of the parent zone for each zone to be checked, and
 .BR dig " and " adnshost .
 .SH BUGS
 The determination of the parent zone for each zone to be checked, and