From a16757afb55eb0dc69d5efd69cad82c3a5687858 Mon Sep 17 00:00:00 2001
From: Matt Holt <mholt@users.noreply.github.com>
Date: Tue, 5 Nov 2019 16:31:28 -0700
Subject: [PATCH] Add NTLM and HTTP version customization

---
 v2:-Documentation.md | 35 +++++++++++++----------------------
 1 file changed, 13 insertions(+), 22 deletions(-)

diff --git a/v2:-Documentation.md b/v2:-Documentation.md
index d7321b3..c4fcf4a 100644
--- a/v2:-Documentation.md
+++ b/v2:-Documentation.md
@@ -1820,28 +1820,7 @@ A highly flexible and configurable multi-host reverse proxy with load balancing,
 {
 	"handler": "reverse_proxy",
 	"transport": {
-		"protocol": "http",
-		"tls": {
-			"root_ca_pool": ["..."],
-			"client_certificate_file": "...",
-			"client_certificate_key_file": "...",
-			"insecure_skip_verify": false,
-			"handshake_timeout": "2s"
-		},
-		"keep_alive": {
-			"enabled": true,
-			"max_idle_conns": 1500,
-			"max_idle_conns_per_host": 50,
-			"idle_timeout": "2m"
-		},
-		"compression": true,
-		"max_conns_per_host": 100,
-		"dial_timeout": "2s",
-		"response_header_timeout": "10s",
-		"expect_continue_timeout": "5s",
-		"max_response_header_size": 1024,
-		"write_buffer_size": 4096,
-		"read_buffer_size": 4096
+		"protocol": "http"
 	},
 	"circuit_breaker": {},
 	"load_balancing": {
@@ -1963,6 +1942,7 @@ Transport modules:
 	"expect_continue_timeout": "5s",
 	"read_buffer_size": 4096,
 	"write_buffer_size": 4096,
+	"versions": ["1.1", "2"]
 }
 ```
 
@@ -1988,6 +1968,17 @@ Transport modules:
 - `expect_continue_timeout`: Maximum time to allow for HTTP 100 Continue responses.
 - `read_buffer_size`: Size of the read buffer in bytes.
 - `write_buffer_size`: Size of the write buffer in bytes.
+- `versions`: Which HTTP versions to enable. Can be "1.1" or "2" (or both, which is default).
+
+
+**NTLM**: This transport module is the same as `http` except it supports NTLM. It has the same structure and options as the `http` module, but it forces HTTP/1.1 and TCP Keep-Alive. When a request with an Authorization header of either "NTLM" or "Negotiate" values is received, this transport module pins the downstream connection to a new upstream connection, which preserves the context and state of the NTLM authentication. It is basically the same thing as [nginx's paid `ntlm` directive](https://nginx.org/en/docs/http/ngx_http_upstream_module.html#ntlm) (but is free in Caddy!).
+
+
+```json
+{
+	"protocol": "http_ntlm"
+}
+```
 
 
 **FastCGI**: The FastCGI transport module is often used to proxy requests to PHP backends like php-fpm.