blind tcp proxy gogo

config.go

@@ -16,6 +16,7 @@ type Config struct {
 	Limiter     *rate.Limiter
 	DNS         string
 	TCPProxy    string
+	TCPProxyTLS bool
 }
 
 func NewConfig() *Config {
@@ -24,6 +25,7 @@ func NewConfig() *Config {
 	as.Append(args.INT, "p", "port to listen on", 61113)
 	as.Append(args.INT, "kbps", "kilobytes per sec limit", -1)
 	as.Append(args.BOOL, "tls-insecure", "permit tls insecure", false)
+	as.Append(args.BOOL, "tcp-proxy-tls", "tcp proxy uses tls", true)
 	as.Append(args.DURATION, "t", "timeout", time.Minute)
 
 	as.Append(args.STRING, "dns", "dns ip:port", "1.1.1.1:53")
@@ -46,5 +48,6 @@ func NewConfig() *Config {
 		Limiter:     limiter,
 		DNS:         as.GetString("dns"),
 		TCPProxy:    as.GetString("tcp-proxy"),
+		TCPProxyTLS: as.GetBool("tcp-proxy-tls"),
 	}
 }

tcp.go

@@ -1,6 +1,8 @@
 package main
 
 import (
+	"context"
+	"crypto/tls"
 	"io"
 	"log"
 	"net"
@@ -21,6 +23,7 @@ func (tcp TCP) Listen() error {
 	}
 	defer ln.Close()
 
+	log.Println("accepting tcp on", tcp.config.Listen)
 	for {
 		conn, err := ln.Accept()
 		if err != nil {
@@ -29,25 +32,36 @@ func (tcp TCP) Listen() error {
 		go func() {
 			defer conn.Close()
 
-			conn2, err := net.Dial("tcp", tcp.config.TCPProxy)
+			conn2, err := func() (net.Conn, error) {
+				if tcp.config.TCPProxyTLS {
+					return tls.Dial("tcp", tcp.config.TCPProxy, &tls.Config{})
+				}
+				return net.Dial("tcp", tcp.config.TCPProxy)
+			}()
 			if err != nil {
 				log.Println(err)
 				return
 			}
+			defer conn2.Close()
+
+			ctx, can := context.WithCancel(context.Background())
+			defer can()
 
 			errc := make(chan error)
 			go func() {
 				_, err := io.Copy(conn, conn2)
 				select {
 				case errc <- err:
-				default:
+				case <-ctx.Done():
+					close(errc)
 				}
 			}()
 			go func() {
 				_, err := io.Copy(conn2, conn)
 				select {
 				case errc <- err:
-				default:
+				case <-ctx.Done():
+					close(errc)
 				}
 			}()
 			<-errc