Add TLS 'cipher-suites' checkconf test

This commit adds a set of valid and invalid configuration files samples that use the new 'cipher-suites' option of the 'tls' statement.
2023-12-12 18:37:30 +02:00
parent 53f53e9b02
commit ed546007c9
6 changed files with 134 additions and 0 deletions
--- a/bin/tests/system/checkconf/bad-tls-cipher-suites-empty-string.conf
+++ b/bin/tests/system/checkconf/bad-tls-cipher-suites-empty-string.conf
@@ -0,0 +1,26 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * SPDX-License-Identifier: MPL-2.0
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0.  If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+tls local-tls {
+	protocols { TLSv1.3; };
+	key-file "key.pem";
+	cert-file "cert.pem";
+	dhparam-file "dhparam.pem";
+	cipher-suites "";
+	prefer-server-ciphers yes;
+	session-tickets no;
+};
+
+options {
+	listen-on port 853 tls local-tls { 10.53.0.1; };
+};