Vault-2840 Add no-op check for HTTP listener validity (#12421)

* fips tag and no-op code

* tls check

* change to error

* add tests

* add test file

* cleanup

* add changelog

* fix file difference

* remove changelog

command/config/validate_listener.go

@@ -0,0 +1,7 @@
+package config
+
+import "github.com/hashicorp/vault/internalshared/configutil"
+
+func IsValidListener(listener *configutil.Listener) error {
+	return nil
+}

command/server.go

@@ -32,6 +32,7 @@ import (
 	"github.com/hashicorp/go-secure-stdlib/mlock"
 	"github.com/hashicorp/go-secure-stdlib/reloadutil"
 	"github.com/hashicorp/vault/audit"
+	config2 "github.com/hashicorp/vault/command/config"
 	"github.com/hashicorp/vault/command/server"
 	"github.com/hashicorp/vault/helper/builtinplugins"
 	"github.com/hashicorp/vault/helper/metricsutil"
@@ -2623,6 +2624,11 @@ func startHttpServers(c *ServerCommand, core *vault.Core, config *server.Config,
 		if ln.Config == nil {
 			return fmt.Errorf("Found nil listener config after parsing")
 		}
+
+		if err := config2.IsValidListener(ln.Config); err != nil {
+			return err
+		}
+
 		handler := vaulthttp.Handler(&vault.HandlerProperties{
 			Core:                  core,
 			ListenerConfig:        ln.Config,

command/server_test.go

@@ -1,4 +1,4 @@
-// +build !race,!hsm
+// +build !race,!hsm,!fips_140_3
 
 // NOTE: we can't use this with HSM. We can't set testing mode on and it's not
 // safe to use env vars since that provides an attack vector in the real world.