From 4a641f6c6fb441a8301eeb8cab0c0b61de70ff7f Mon Sep 17 00:00:00 2001
From: Francis Lavoie <lavofr@gmail.com>
Date: Mon, 23 Nov 2020 14:18:26 -0500
Subject: reverseproxy: Add Caddyfile scheme shorthand for h2c (#3629)

* reverseproxy: Add Caddyfile scheme shorthand for h2c

* reverseproxy: Use parentheses for condition

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
---
 modules/caddyhttp/reverseproxy/caddyfile.go | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

(limited to 'modules/caddyhttp')

diff --git a/modules/caddyhttp/reverseproxy/caddyfile.go b/modules/caddyhttp/reverseproxy/caddyfile.go
index 003f676..f4556ea 100644
--- a/modules/caddyhttp/reverseproxy/caddyfile.go
+++ b/modules/caddyhttp/reverseproxy/caddyfile.go
@@ -131,12 +131,15 @@ func (h *Handler) UnmarshalCaddyfile(d *caddyfile.Dispenser) error {
 			if toURL.Scheme == "https" && urlPort == "80" {
 				return "", d.Err("upstream address has conflicting scheme (https://) and port (:80, the HTTP port)")
 			}
+			if toURL.Scheme == "h2c" && urlPort == "443" {
+				return "", d.Err("upstream address has conflicting scheme (h2c://) and port (:443, the HTTPS port)")
+			}
 
 			// if port is missing, attempt to infer from scheme
 			if toURL.Port() == "" {
 				var toPort string
 				switch toURL.Scheme {
-				case "", "http":
+				case "", "http", "h2c":
 					toPort = "80"
 				case "https":
 					toPort = "443"
@@ -565,8 +568,9 @@ func (h *Handler) UnmarshalCaddyfile(d *caddyfile.Dispenser) error {
 	}
 
 	// if the scheme inferred from the backends' addresses is
-	// HTTPS, we will need a non-nil transport to enable TLS
-	if commonScheme == "https" && transport == nil {
+	// HTTPS, we will need a non-nil transport to enable TLS,
+	// or if H2C, to set the transport versions.
+	if (commonScheme == "https" || commonScheme == "h2c") && transport == nil {
 		transport = new(HTTPTransport)
 		transportModuleName = "http"
 	}
@@ -583,6 +587,9 @@ func (h *Handler) UnmarshalCaddyfile(d *caddyfile.Dispenser) error {
 			if commonScheme == "http" && te.TLSEnabled() {
 				return d.Errf("upstream address scheme is HTTP but transport is configured for HTTP+TLS (HTTPS)")
 			}
+			if te, ok := transport.(*HTTPTransport); ok && commonScheme == "h2c" {
+				te.Versions = []string{"h2c", "2"}
+			}
 		} else if commonScheme == "https" {
 			return d.Errf("upstreams are configured for HTTPS but transport module does not support TLS: %T", transport)
 		}
-- 
cgit v1.2.3