From 2c1b66315620fda3311f9bdffd0867de1c71dc9e Mon Sep 17 00:00:00 2001
From: Matthew Holt <mholt@users.noreply.github.com>
Date: Tue, 7 Apr 2020 08:31:52 -0600
Subject: reverseproxy: Remove NTLM transport; refactor and improve docs

---
 modules/caddyhttp/reverseproxy/caddyfile.go | 26 ++++++++++----------------
 1 file changed, 10 insertions(+), 16 deletions(-)

(limited to 'modules/caddyhttp/reverseproxy/caddyfile.go')

diff --git a/modules/caddyhttp/reverseproxy/caddyfile.go b/modules/caddyhttp/reverseproxy/caddyfile.go
index cefb5b6..9636936 100644
--- a/modules/caddyhttp/reverseproxy/caddyfile.go
+++ b/modules/caddyhttp/reverseproxy/caddyfile.go
@@ -551,26 +551,20 @@ func (h *Handler) UnmarshalCaddyfile(d *caddyfile.Dispenser) error {
 
 	// verify transport configuration, and finally encode it
 	if transport != nil {
-		// TODO: these two cases are identical, but I don't know how to reuse the code
-		switch ht := transport.(type) {
-		case *HTTPTransport:
-			if commonScheme == "https" && ht.TLS == nil {
-				ht.TLS = new(TLSConfig)
-			}
-			if ht.TLS != nil && commonScheme == "http" {
-				return d.Errf("upstream address scheme is HTTP but transport is configured for HTTP+TLS (HTTPS)")
-			}
-
-		case *NTLMTransport:
-			if commonScheme == "https" && ht.TLS == nil {
-				ht.TLS = new(TLSConfig)
+		if te, ok := transport.(TLSTransport); ok {
+			if commonScheme == "https" && !te.TLSEnabled() {
+				err := te.EnableTLS(new(TLSConfig))
+				if err != nil {
+					return err
+				}
 			}
-			if ht.TLS != nil && commonScheme == "http" {
+			if commonScheme == "http" && te.TLSEnabled() {
 				return d.Errf("upstream address scheme is HTTP but transport is configured for HTTP+TLS (HTTPS)")
 			}
+		} else if commonScheme == "https" {
+			return d.Errf("upstreams are configured for HTTPS but transport module does not support TLS: %T", transport)
 		}
-
-		if !reflect.DeepEqual(transport, new(HTTPTransport)) {
+		if !reflect.DeepEqual(transport, reflect.New(reflect.TypeOf(transport).Elem()).Interface()) {
 			h.TransportRaw = caddyconfig.JSONModuleObject(transport, "protocol", transportModuleName, nil)
 		}
 	}
-- 
cgit v1.2.3