From b26abbfd87ceee5233dab790dd3c9cd26c75d28c Mon Sep 17 00:00:00 2001
From: Juergen Kunz <juergen@foss.global>
Date: Thu, 17 Jul 2025 15:34:58 +0000
Subject: [PATCH] update

---
 readme.plan.md                                | 22 +++++++--------
 ...est.shared-security-manager-limits.node.ts |  2 +-
 test/test.smartproxy.ts                       |  6 ++--
 ts/proxies/smart-proxy/models/route-types.ts  |  3 +-
 .../smart-proxy/route-connection-handler.ts   |  2 +-
 ts/proxies/smart-proxy/utils/route-helpers.ts | 28 +++++++++----------
 .../smart-proxy/utils/route-patterns.ts       | 12 ++++----
 7 files changed, 38 insertions(+), 37 deletions(-)

diff --git a/readme.plan.md b/readme.plan.md
index 4bb55f4..4dc0553 100644
--- a/readme.plan.md
+++ b/readme.plan.md
@@ -18,29 +18,29 @@ Implement enhanced routing structure with multiple targets per route, sub-matchi
 ### 3. Implementation Steps
 
 #### Phase 1: Type Updates
-- [ ] Update `IRouteTarget` interface in `route-types.ts`
+- [x] Update `IRouteTarget` interface in `route-types.ts`
   - Add `match?: ITargetMatch` property
   - Add override properties (tls, websocket, etc.)
   - Add `priority?: number` field
-- [ ] Create `ITargetMatch` interface for sub-matching criteria
-- [ ] Update `IRouteAction` to use only `targets: IRouteTarget[]`
+- [x] Create `ITargetMatch` interface for sub-matching criteria
+- [x] Update `IRouteAction` to use only `targets: IRouteTarget[]`
 
 #### Phase 2: Route Resolution Logic
-- [ ] Update route matching logic to handle multiple targets
-- [ ] Implement target sub-matching algorithm:
+- [x] Update route matching logic to handle multiple targets
+- [x] Implement target sub-matching algorithm:
   1. Sort targets by priority (highest first)
   2. For each target with a match property, check if request matches
   3. Use first matching target, or fallback to target without match
-- [ ] Ensure target-specific settings override route-level settings
+- [x] Ensure target-specific settings override route-level settings
 
 #### Phase 3: Code Migration
-- [ ] Find all occurrences of `action.target` and update to `action.targets[0]`
-- [ ] Update route helpers and utilities
-- [ ] Update certificate manager to handle multiple targets
-- [ ] Update connection handlers
+- [x] Find all occurrences of `action.target` and update to use `action.targets`
+- [x] Update route helpers and utilities
+- [x] Update certificate manager to handle multiple targets
+- [x] Update connection handlers
 
 #### Phase 4: Testing
-- [ ] Update existing tests to use new format
+- [x] Update existing tests to use new format
 - [ ] Add tests for multi-target scenarios
 - [ ] Add tests for sub-matching logic
 - [ ] Add tests for setting overrides
diff --git a/test/test.shared-security-manager-limits.node.ts b/test/test.shared-security-manager-limits.node.ts
index 2b2ffe5..85b36e6 100644
--- a/test/test.shared-security-manager-limits.node.ts
+++ b/test/test.shared-security-manager-limits.node.ts
@@ -82,7 +82,7 @@ tap.test('Route-level connection limits', async () => {
   const route: IRouteConfig = {
     name: 'test-route',
     match: { ports: 443 },
-    action: { type: 'forward', target: { host: 'localhost', port: 8080 } },
+    action: { type: 'forward', targets: [{ host: 'localhost', port: 8080 }] },
     security: {
       maxConnections: 3
     }
diff --git a/test/test.smartproxy.ts b/test/test.smartproxy.ts
index 4df917c..e8b3ecb 100644
--- a/test/test.smartproxy.ts
+++ b/test/test.smartproxy.ts
@@ -400,9 +400,9 @@ tap.test('should use round robin for multiple target hosts in domain config', as
 
   // For route-based approach, the actual round-robin logic happens in connection handling
   // Just make sure our config has the expected hosts
-  expect(Array.isArray(routeConfig.action.target.host)).toBeTrue();
-  expect(routeConfig.action.target.host).toContain('hostA');
-  expect(routeConfig.action.target.host).toContain('hostB');
+  expect(Array.isArray(routeConfig.action.targets[0].host)).toBeTrue();
+  expect(routeConfig.action.targets[0].host).toContain('hostA');
+  expect(routeConfig.action.targets[0].host).toContain('hostB');
 });
 
 // CLEANUP: Tear down all servers and proxies
diff --git a/ts/proxies/smart-proxy/models/route-types.ts b/ts/proxies/smart-proxy/models/route-types.ts
index 98ad0db..e2a1d0c 100644
--- a/ts/proxies/smart-proxy/models/route-types.ts
+++ b/ts/proxies/smart-proxy/models/route-types.ts
@@ -247,7 +247,8 @@ export interface IRouteAction {
   type: TRouteActionType;
 
   // Targets for forwarding (array supports multiple targets with sub-matching)
-  targets: IRouteTarget[];
+  // Required for 'forward' action type
+  targets?: IRouteTarget[];
 
   // TLS handling (default for all targets, can be overridden per target)
   tls?: IRouteTls;
diff --git a/ts/proxies/smart-proxy/route-connection-handler.ts b/ts/proxies/smart-proxy/route-connection-handler.ts
index 68e41e8..cfc5e00 100644
--- a/ts/proxies/smart-proxy/route-connection-handler.ts
+++ b/ts/proxies/smart-proxy/route-connection-handler.ts
@@ -922,7 +922,7 @@ export class RouteConnectionHandler {
     routeContext.targetHost = selectedHost;
 
     // Get effective settings (target overrides route-level settings)
-    const effectiveTls = selectedTarget.tls || effectiveTls;
+    const effectiveTls = selectedTarget.tls || action.tls;
     const effectiveWebsocket = selectedTarget.websocket || action.websocket;
     const effectiveSendProxyProtocol = selectedTarget.sendProxyProtocol !== undefined 
       ? selectedTarget.sendProxyProtocol 
diff --git a/ts/proxies/smart-proxy/utils/route-helpers.ts b/ts/proxies/smart-proxy/utils/route-helpers.ts
index 0534008..c8e124c 100644
--- a/ts/proxies/smart-proxy/utils/route-helpers.ts
+++ b/ts/proxies/smart-proxy/utils/route-helpers.ts
@@ -42,7 +42,7 @@ export function createHttpRoute(
   // Create route action
   const action: IRouteAction = {
     type: 'forward',
-    target
+    targets: [target]
   };
 
   // Create the route config
@@ -82,7 +82,7 @@ export function createHttpsTerminateRoute(
   // Create route action
   const action: IRouteAction = {
     type: 'forward',
-    target,
+    targets: [target],
     tls: {
       mode: options.reencrypt ? 'terminate-and-reencrypt' : 'terminate',
       certificate: options.certificate || 'auto'
@@ -152,7 +152,7 @@ export function createHttpsPassthroughRoute(
   // Create route action
   const action: IRouteAction = {
     type: 'forward',
-    target,
+    targets: [target],
     tls: {
       mode: 'passthrough'
     }
@@ -243,7 +243,7 @@ export function createLoadBalancerRoute(
   // Create route action
   const action: IRouteAction = {
     type: 'forward',
-    target
+    targets: [target]
   };
 
   // Add TLS configuration if provided
@@ -303,7 +303,7 @@ export function createApiRoute(
   // Create route action
   const action: IRouteAction = {
     type: 'forward',
-    target
+    targets: [target]
   };
 
   // Add TLS configuration if using HTTPS
@@ -374,7 +374,7 @@ export function createWebSocketRoute(
   // Create route action
   const action: IRouteAction = {
     type: 'forward',
-    target,
+    targets: [target],
     websocket: {
       enabled: true,
       pingInterval: options.pingInterval || 30000, // 30 seconds
@@ -432,10 +432,10 @@ export function createPortMappingRoute(options: {
   // Create route action
   const action: IRouteAction = {
     type: 'forward',
-    target: {
+    targets: [{
       host: options.targetHost,
       port: options.portMapper
-    }
+    }]
   };
 
   // Create the route config
@@ -500,10 +500,10 @@ export function createDynamicRoute(options: {
   // Create route action
   const action: IRouteAction = {
     type: 'forward',
-    target: {
+    targets: [{
       host: options.targetHost,
       port: options.portMapper
-    }
+    }]
   };
 
   // Create the route config
@@ -548,10 +548,10 @@ export function createSmartLoadBalancer(options: {
   // Create route action
   const action: IRouteAction = {
     type: 'forward',
-    target: {
+    targets: [{
       host: hostSelector,
       port: options.portMapper
-    }
+    }]
   };
 
   // Create the route config
@@ -609,10 +609,10 @@ export function createNfTablesRoute(
   // Create route action
   const action: IRouteAction = {
     type: 'forward',
-    target: {
+    targets: [{
       host: target.host,
       port: target.port
-    },
+    }],
     forwardingEngine: 'nftables',
     nftables: {
       protocol: options.protocol || 'tcp',
diff --git a/ts/proxies/smart-proxy/utils/route-patterns.ts b/ts/proxies/smart-proxy/utils/route-patterns.ts
index 5b4e92a..40cc0c7 100644
--- a/ts/proxies/smart-proxy/utils/route-patterns.ts
+++ b/ts/proxies/smart-proxy/utils/route-patterns.ts
@@ -24,10 +24,10 @@ export function createHttpRoute(
     },
     action: {
       type: 'forward',
-      target: {
+      targets: [{
         host: target.host,
         port: target.port
-      }
+      }]
     },
     name: options.name || `HTTP: ${Array.isArray(domains) ? domains.join(', ') : domains}`
   };
@@ -53,10 +53,10 @@ export function createHttpsTerminateRoute(
     },
     action: {
       type: 'forward',
-      target: {
+      targets: [{
         host: target.host,
         port: target.port
-      },
+      }],
       tls: {
         mode: options.reencrypt ? 'terminate-and-reencrypt' : 'terminate',
         certificate: options.certificate || 'auto'
@@ -83,10 +83,10 @@ export function createHttpsPassthroughRoute(
     },
     action: {
       type: 'forward',
-      target: {
+      targets: [{
         host: target.host,
         port: target.port
-      },
+      }],
       tls: {
         mode: 'passthrough'
       }