mirror of
https://github.com/isc-projects/bind9.git
synced 2026-04-15 22:09:31 -04:00
e1dd86aa07
A 'tls' statement can be specified both for individual addresses and for the whole list (as a default value when an individual address doesn't have its own 'tls' set), just as it was done before for the 'port' value. Create a new function 'print_rawqstring()' to print a string residing in a 'isc_textregion_t' type parameter. Create a new function 'copy_string()' to copy a string from a 'cfg_obj_t' object into a 'isc_textregion_t'.
29 lines
803 B
Text
29 lines
803 B
Text
/*
|
|
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
|
|
*
|
|
* SPDX-License-Identifier: MPL-2.0
|
|
*
|
|
* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, you can obtain one at https://mozilla.org/MPL/2.0/.
|
|
*
|
|
* See the COPYRIGHT file distributed with this work for additional
|
|
* information regarding copyright ownership.
|
|
*/
|
|
|
|
tls test-tls {
|
|
protocols { TLSv1.2; };
|
|
ciphers "HIGH:!kRSA:!aNULL:!eNULL:!RC4:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!SHA1:!SHA256:!SHA384";
|
|
prefer-server-ciphers yes;
|
|
};
|
|
|
|
tls another-tls {
|
|
protocols { TLSv1.2; };
|
|
session-tickets no;
|
|
};
|
|
|
|
zone "example" {
|
|
type forward;
|
|
forward only;
|
|
forwarders port 5300 tls test-tls { 10.53.0.1; 10.53.0.2 port 5301 tls another-tls; };
|
|
};
|