From f458491d8817dd4da8d10839459d54e9dbf347eb Mon Sep 17 00:00:00 2001
From: Paul Bellamy <paul.a.bellamy@gmail.com>
Date: Fri, 13 Nov 2015 15:06:16 +0000
Subject: [PATCH] [proxy] add --no-detect-tls flag, and proxy always tries to
 detect TLS.

---
 site/proxy.md | 10 +++++-----
 weave         | 10 +++++++---
 2 files changed, 12 insertions(+), 8 deletions(-)

diff --git a/site/proxy.md b/site/proxy.md
index acf3a3798a..78bbfd9935 100644
--- a/site/proxy.md
+++ b/site/proxy.md
@@ -231,11 +231,11 @@ be able to launch a TLS-enabled proxy with:
 
     host1$ weave launch-proxy
 
-You can also manually configure the proxy's TLS. This is accomplished
-by launching the proxy with the same TLS-related command-line flags as
-supplied to the docker daemon. For example, if you have generated your
-certificates and keys into the docker host's `/tls` directory, we can
-launch the proxy with:
+To disable auto-detection of TLS configuration, you can either pass
+the `--no-detect-tls` flag, or manually configure the proxy's TLS with
+the same TLS-related command-line flags as supplied to the docker
+daemon. For example, if you have generated your certificates and keys
+into the docker host's `/tls` directory, we can launch the proxy with:
 
     host1$ weave launch-proxy --tls-verify --tls-cacert=/tls/ca.pem \
              --tls-cert=/tls/server-cert.pem --tls-key=/tls/server-key.pem
diff --git a/weave b/weave
index 248d9df5f1..3be503b810 100755
--- a/weave
+++ b/weave
@@ -1278,6 +1278,9 @@ proxy_parse_args() {
             PROXY_HOST="${1#*=}"
             PROXY_ARGS="$PROXY_ARGS $1"
             ;;
+          -no-detect-tls|--no-detect-tls)
+            PROXY_TLS_DETECTION_DISABLED=1
+            ;;
           -tls|--tls|-tlsverify|--tlsverify)
             PROXY_TLS_ENABLED=1
             PROXY_ARGS="$PROXY_ARGS $1"
@@ -1315,12 +1318,13 @@ proxy_args() {
     PROXY_VOLUMES=""
     PROXY_ARGS=""
     PROXY_TLS_ENABLED=""
+    PROXY_TLS_DETECTION_DISABLED=""
     PROXY_HOST=""
     proxy_parse_args "$@"
 
-    if [ -z "$PROXY_HOST" -a -n "$CLIENT_TLS_ENABLED" -a -z "$PROXY_TLS_ENABLED" ] ; then
-      if ! proxy_parse_args $(docker_tls_args) ; then
-        echo "When launching the proxy via TLS, -H and/or TLS options are required." >&2
+    if [ -z "$PROXY_TLS_ENABLED" ] ; then
+      if [ -z "$PROXY_TLS_DETECTION_DISABLED" ] && ! proxy_parse_args $(docker_tls_args) ; then
+        echo "Unable to auto-detect TLS configuration, --no-detect-tls or TLS options are required." >&2
         exit 1
       fi
     fi