Manual improvements. Check that we are delegated to if we want to be.

diff --git a/scripts/named-conf b/scripts/named-conf
index 359c61c08bb6ac14ea298bd91c4a7e3a9eeb2a1d..a6d7df8ca2fbcdbeaa056da584715ff917f33fb1 100755 (executable)
--- a/scripts/named-conf
+++ b/scripts/named-conf
@@ -269,6 +269,7 @@ use vars qw(%auths); # $auths{$nameserver_list} = [ $whosaidandwhy ]
 use vars qw(%glue);  # $glue{$name}{$addr_list} = [ $whosaidandwhy ]
 use vars qw(%soas);  # $soa{"$origin $serial"} = [ $whosaidandwhy ]
 use vars qw(%addr_is_ok %warned_glueless %warned_mynameaddr);
+use vars qw($delg_to_us);
 use vars qw(@to_check); # ($addr,$whyask,$is_auth,$glueless_ok, ...)
 use vars qw(@to_check_soa); # ($addr,$whyask, ...)
 
@@ -283,6 +284,7 @@ sub zone_reset() {
     %delgs= %auths= %glue= %soas=
        %warned_glueless= %warned_mynameaddr=
            %addr_is_ok= ();
+    $delg_to_us= 0;
     @to_check= @to_check_soa= ();
 }
 
@@ -385,6 +387,7 @@ sub zone_server_addr ($$$$$) {
                     " us [$addr] with wrong name $name, (eg) $ww")
            unless $warned_mynameaddr{$name}{$addr}++;
     }
+    $delg_to_us=1 if $name_is_self;
 }
 
 sub zone_check_soa ($$$) {
@@ -449,6 +452,10 @@ sub zone_servers_ok () {
            }
        }
     }
+    if ($cfg->{'s'} =~ m/s/ && !$delg_to_us) {
+       zone_warnmore("we are supposedly published secondary,".
+                     " but not listed as a nameserver");
+    }
 }
 
 sub zone_consistency_set ($%) {

diff --git a/scripts/named-conf.8 b/scripts/named-conf.8
index 5b154694905652f72babaf71fd71dbeec8e631a0..d4639f202ef76c35fb79fccec9a29128d10d1ef7 100644 (file)
--- a/scripts/named-conf.8
+++ b/scripts/named-conf.8
@@ -50,7 +50,7 @@ Checks even zones known to be broken.  Ie, ignores the
 .B ?
 zone style modifier in the configuration.
 .TP
-\fB\-C\fP|\-\-config \fIconfig\-file\fP
+.BR \-C | \-\-config " \fIconfig\-file\fP"
 Use
 .I config\-file
 instead of
@@ -115,7 +115,7 @@ These directives specify general configuration details.  They should
 appear before directives specifying zones, as each will affect only
 later zone directives.
 .TP
-\fBself\-addr\fP \fIfqdn ...\fP
+\fBself\-addr\fP \fIip-address ...\fP
 Specifies the list of addresses that this server may be known by in
 A records.  There is no default.
 .TP
@@ -254,15 +254,12 @@ always give the same addresses.
 Origin server's data: The set of nameservers in the origin server's
 version of the zone should be a superset of those in the delegations.
 
-Our zone configuration: For
-.B primary
-zones, the SOA origin should be one of the names specified with
-.BR self\-soa " (or " self ).  For
-.B published
-zones, the address should be that of the SOA origin.  For
-.B stealth
-zones, the address should be that of the SOA origin or one of the
-published nameservers.
+Our zone configuration: For primary zones, the SOA origin should be
+one of the names specified with
+.BR self\-soa " (or " self ).
+For published zones, the address should be that of the SOA origin.
+For stealth zones, the address should be that of the SOA origin or one
+of the published nameservers.
 .SH SECURITY
 chiark\-named\-conf is supposed to be resistant to malicious data in
 the DNS.  It is not resistant to malicious data in its own options,
@@ -308,7 +305,7 @@ will affect the operation of chiark\-named\-conf.
 Avoid messing with these if possible.
 .LP
 .B PATH
-Used to find subprograms such as
+is used to find subprograms such as
 .BR dig " and " adnshost .
 .SH BUGS
 The determination of the parent zone for each zone to be checked, and