Merge pull request #230 from 9seconds/simplify-sockopts

Simplify sockopts

essentials/conns.go

+package essentials
+
+import (
+	"io"
+	"net"
+)
+
+// CloseableReader is a reader interface that can close its reading end.
+type CloseableReader interface {
+	io.Reader
+
+	CloseRead() error
+}
+
+// CloseableWriter is a writer that can close its writing end.
+type CloseableWriter interface {
+	io.Writer
+
+	CloseWrite() error
+}
+
+// Conn is an extension of net.Conn that can close its ends. This mostly
+// implies TCP connections.
+type Conn interface {
+	net.Conn
+	CloseableReader
+	CloseableWriter
+}

essentials/doc.go

+// This is a minimal package that contains _essentials_ of mtglib and its
+// complimentary packages. This is mostly required to comply some interfaces
+// between mtglib and its internals to avoid circular dependencies.
+//
+// This package should contain only bare minimum and mostly technical.
+package essentials

example.config.toml

 # A size of user-space buffer for TCP to use. Since we do 2 connections,
 # then we have tcp-buffer * (4 + 2) per each connection: read/write for
 # each connection + 2 copy buffers to pump the data between sockets.
-tcp-buffer = "4kb"
+#
+# Deprecated: this setting is no longer makes any effect.
+# tcp-buffer = "4kb"
 
 # Sometimes you want to enforce mtg to use some types of
 # IP connectivity to Telegram. We have 4 modes:

go.mod

 	github.com/stretchr/testify v1.7.0
 	github.com/tylertreat/BoomFilters v0.0.0-20210315201527-1a82519a3e43
 	golang.org/x/crypto v0.0.0-20210921155107-089bfa567519
-	golang.org/x/net v0.0.0-20211005001312-d4b1ae081e3b
+	golang.org/x/net v0.0.0-20211005001312-d4b1ae081e3b // indirect
 	golang.org/x/sys v0.0.0-20211004093028-2c5d950f24ef
 	google.golang.org/protobuf v1.27.1 // indirect
 )
 
+require github.com/txthinking/socks5 v0.0.0-20211121111206-e03c1217a50b
+
 require (
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/cenkalti/backoff/v4 v4.1.0 // indirect
 	github.com/gotd/ige v0.1.5 // indirect
 	github.com/gotd/xor v0.1.1 // indirect
 	github.com/matttproud/golang_protobuf_extensions v1.0.1 // indirect
+	github.com/patrickmn/go-cache v2.1.0+incompatible // indirect
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/prometheus/client_model v0.2.0 // indirect
+	github.com/txthinking/runnergroup v0.0.0-20210608031112-152c7c4432bf // indirect
+	github.com/txthinking/x v0.0.0-20210326105829-476fab902fbe // indirect
 	go.uber.org/atomic v1.7.0 // indirect
 	go.uber.org/multierr v1.6.0 // indirect
 	go.uber.org/zap v1.16.0 // indirect

go.sum

 github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
 github.com/panjf2000/ants/v2 v2.4.6 h1:drmj9mcygn2gawZ155dRbo+NfXEfAssjZNU1qoIb4gQ=
 github.com/panjf2000/ants/v2 v2.4.6/go.mod h1:f6F0NZVFsGCp5A7QW/Zj/m92atWwOkY0OIhFxRNFr4A=
+github.com/patrickmn/go-cache v2.1.0+incompatible h1:HRMgzkcYKYpi3C8ajMPV8OFXaaRUnok+kx1WdO15EQc=
+github.com/patrickmn/go-cache v2.1.0+incompatible/go.mod h1:3Qf8kWWT7OJRJbdiICTKqZju1ZixQ/KpMGzzAfe6+WQ=
 github.com/pelletier/go-toml v1.9.4 h1:tjENF6MfZAg8e4ZmZTeWaWiT2vXtsoO6+iuOjFhECwM=
 github.com/pelletier/go-toml v1.9.4/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c=
 github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA=
 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/txthinking/runnergroup v0.0.0-20210608031112-152c7c4432bf h1:7PflaKRtU4np/epFxRXlFhlzLXZzKFrH5/I4so5Ove0=
+github.com/txthinking/runnergroup v0.0.0-20210608031112-152c7c4432bf/go.mod h1:CLUSJbazqETbaR+i0YAhXBICV9TrKH93pziccMhmhpM=
+github.com/txthinking/socks5 v0.0.0-20211121111206-e03c1217a50b h1:6J/38A0Xmdnjacfie0Udams7OP/GdoExyTipKwuQWjY=
+github.com/txthinking/socks5 v0.0.0-20211121111206-e03c1217a50b/go.mod h1:7NloQcrxaZYKURWph5HLxVDlIwMHJXCPkeWPtpftsIg=
+github.com/txthinking/x v0.0.0-20210326105829-476fab902fbe h1:gMWxZxBFRAXqoGkwkYlPX2zvyyKNWJpxOxCrjqJkm5A=
+github.com/txthinking/x v0.0.0-20210326105829-476fab902fbe/go.mod h1:WgqbSEmUYSjEV3B1qmee/PpP2NYEz4bL9/+mF1ma+s4=
 github.com/tylertreat/BoomFilters v0.0.0-20210315201527-1a82519a3e43 h1:QEePdg0ty2r0t1+qwfZmQ4OOl/MB2UXIeJSpIZv56lg=
 github.com/tylertreat/BoomFilters v0.0.0-20210315201527-1a82519a3e43/go.mod h1:OYRfF6eb5wY9VRFkXJH8FFBi3plw2v+giaIu7P054pM=
 github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=

internal/cli/access.go

 	"strings"
 	"sync"
 
+	"github.com/9seconds/mtg/v2/essentials"
 	"github.com/9seconds/mtg/v2/internal/config"
 	"github.com/9seconds/mtg/v2/internal/utils"
 	"github.com/9seconds/mtg/v2/mtglib"
 }
 
 func (a *Access) getIP(ntw mtglib.Network, protocol string) net.IP {
-	client := ntw.MakeHTTPClient(func(ctx context.Context, network, address string) (net.Conn, error) {
+	client := ntw.MakeHTTPClient(func(ctx context.Context, network, address string) (essentials.Conn, error) {
 		return ntw.DialContext(ctx, protocol, address) // nolint: wrapcheck
 	})
 

internal/cli/run_proxy.go

 	tcpTimeout := conf.Network.Timeout.TCP.Get(network.DefaultTimeout)
 	httpTimeout := conf.Network.Timeout.HTTP.Get(network.DefaultHTTPTimeout)
 	dohIP := conf.Network.DOHIP.Get(net.ParseIP(network.DefaultDOHHostname)).String()
-	bufferSize := conf.TCPBuffer.Get(network.DefaultBufferSize)
 	userAgent := "mtg/" + version
 
-	baseDialer, err := network.NewDefaultDialer(tcpTimeout, int(bufferSize))
+	baseDialer, err := network.NewDefaultDialer(tcpTimeout, 0)
 	if err != nil {
 		return nil, fmt.Errorf("cannot build a default dialer: %w", err)
 	}
 		EventStream:     eventStream,
 
 		Secret:             conf.Secret,
-		BufferSize:         conf.TCPBuffer.Get(mtglib.DefaultBufferSize),
 		DomainFrontingPort: conf.DomainFrontingPort.Get(mtglib.DefaultDomainFrontingPort),
 		PreferIP:           conf.PreferIP.Get(mtglib.DefaultPreferIP),
 
 		return fmt.Errorf("cannot create a proxy: %w", err)
 	}
 
-	listener, err := utils.NewListener(conf.BindTo.Get(""), int(opts.BufferSize))
+	listener, err := utils.NewListener(conf.BindTo.Get(""), 0)
 	if err != nil {
 		return fmt.Errorf("cannot start proxy: %w", err)
 	}

internal/cli/simple_run.go

 
 	Debug               bool          `kong:"name='debug',short='d',help='Run in debug mode.'"`                                                                        // nolint: lll
 	Concurrency         uint64        `kong:"name='concurrency',short='c',default='8192',help='Max number of concurrent connection to proxy.'"`                        // nolint: lll
-	TCPBuffer           string        `kong:"name='tcp-buffer',short='b',default='4KB',help='Size of TCP buffer to use.'"`                                             // nolint: lll
+	TCPBuffer           string        `kong:"name='tcp-buffer',short='b',default='4KB',help='Deprecated and ignored'"`                                                 // nolint: lll
 	PreferIP            string        `kong:"name='prefer-ip',short='i',default='prefer-ipv6',help='IP preference. By default we prefer IPv6 with fallback to IPv4.'"` // nolint: lll
 	DomainFrontingPort  uint64        `kong:"name='domain-fronting-port',short='p',default='443',help='A port to access for domain fronting.'"`                        // nolint: lll
 	DOHIP               net.IP        `kong:"name='doh-ip',short='n',default='9.9.9.9',help='IP address of DNS-over-HTTP to use.'"`                                    // nolint: lll
 		return fmt.Errorf("incorrect concurrency: %w", err)
 	}
 
-	if err := conf.TCPBuffer.Set(s.TCPBuffer); err != nil {
-		return fmt.Errorf("incorrect tcp-buffer: %w", err)
-	}
-
 	if err := conf.PreferIP.Set(s.PreferIP); err != nil {
 		return fmt.Errorf("incorrect prefer-ip: %w", err)
 	}

internal/config/config.go

 	AllowFallbackOnUnknownDC TypeBool        `json:"allowFallbackOnUnknownDc"`
 	Secret                   mtglib.Secret   `json:"secret"`
 	BindTo                   TypeHostPort    `json:"bindTo"`
-	TCPBuffer                TypeBytes       `json:"tcpBuffer"`
 	PreferIP                 TypePreferIP    `json:"preferIp"`
 	DomainFrontingPort       TypePort        `json:"domainFrontingPort"`
 	TolerateTimeSkewness     TypeDuration    `json:"tolerateTimeSkewness"`

internal/config/parse.go

 	AllowFallbackOnUnknownDC bool   `toml:"allow-fallback-on-unknown-dc" json:"allowFallbackOnUnknownDc,omitempty"`
 	Secret                   string `toml:"secret" json:"secret"`
 	BindTo                   string `toml:"bind-to" json:"bindTo"`
-	TCPBuffer                string `toml:"tcp-buffer" json:"tcpBuffer,omitempty"`
 	PreferIP                 string `toml:"prefer-ip" json:"preferIp,omitempty"`
 	DomainFrontingPort       uint   `toml:"domain-fronting-port" json:"domainFrontingPort,omitempty"`
 	TolerateTimeSkewness     string `toml:"tolerate-time-skewness" json:"tolerateTimeSkewness,omitempty"`

internal/testlib/mtglib_network_mock.go

 
 import (
 	"context"
-	"net"
 	"net/http"
 
+	"github.com/9seconds/mtg/v2/essentials"
 	"github.com/stretchr/testify/mock"
 )
 
 	mock.Mock
 }
 
-func (m *MtglibNetworkMock) Dial(network, address string) (net.Conn, error) {
+func (m *MtglibNetworkMock) Dial(network, address string) (essentials.Conn, error) {
 	args := m.Called(network, address)
 
-	return args.Get(0).(net.Conn), args.Error(1) // nolint: wrapcheck
+	return args.Get(0).(essentials.Conn), args.Error(1) // nolint: wrapcheck
 }
 
-func (m *MtglibNetworkMock) DialContext(ctx context.Context, network, address string) (net.Conn, error) {
+func (m *MtglibNetworkMock) DialContext(ctx context.Context, network, address string) (essentials.Conn, error) {
 	args := m.Called(ctx, network, address)
 
-	return args.Get(0).(net.Conn), args.Error(1) // nolint: wrapcheck
+	return args.Get(0).(essentials.Conn), args.Error(1) // nolint: wrapcheck
 }
 
 func (m *MtglibNetworkMock) MakeHTTPClient(dialFunc func(ctx context.Context,
-	network, address string) (net.Conn, error)) *http.Client {
+	network, address string) (essentials.Conn, error)) *http.Client {
 	return m.Called(dialFunc).Get(0).(*http.Client)
 }

internal/testlib/net_conn_mock.go

 	"github.com/stretchr/testify/mock"
 )
 
-type NetConnMock struct {
+type EssentialsConnMock struct {
 	mock.Mock
 }
 
-func (n *NetConnMock) Read(b []byte) (int, error) {
+func (n *EssentialsConnMock) Read(b []byte) (int, error) {
 	args := n.Called(b)
 
 	return args.Int(0), args.Error(1)
 }
 
-func (n *NetConnMock) Write(b []byte) (int, error) {
+func (n *EssentialsConnMock) Write(b []byte) (int, error) {
 	args := n.Called(b)
 
 	return args.Int(0), args.Error(1)
 }
 
-func (n *NetConnMock) Close() error {
+func (n *EssentialsConnMock) Close() error {
 	return n.Called().Error(0) // nolint: wrapcheck
 }
 
-func (n *NetConnMock) LocalAddr() net.Addr {
+func (n *EssentialsConnMock) CloseRead() error {
+	return n.Called().Error(0) // nolint: wrapcheck
+}
+
+func (n *EssentialsConnMock) CloseWrite() error {
+	return n.Called().Error(0) // nolint: wrapcheck
+}
+
+func (n *EssentialsConnMock) LocalAddr() net.Addr {
 	return n.Called().Get(0).(net.Addr)
 }
 
-func (n *NetConnMock) RemoteAddr() net.Addr {
+func (n *EssentialsConnMock) RemoteAddr() net.Addr {
 	return n.Called().Get(0).(net.Addr)
 }
 
-func (n *NetConnMock) SetDeadline(t time.Time) error {
+func (n *EssentialsConnMock) SetDeadline(t time.Time) error {
 	return n.Called(t).Error(0) // nolint: wrapcheck
 }
 
-func (n *NetConnMock) SetReadDeadline(t time.Time) error {
+func (n *EssentialsConnMock) SetReadDeadline(t time.Time) error {
 	return n.Called(t).Error(0) // nolint: wrapcheck
 }
 
-func (n *NetConnMock) SetWriteDeadline(t time.Time) error {
+func (n *EssentialsConnMock) SetWriteDeadline(t time.Time) error {
 	return n.Called(t).Error(0) // nolint: wrapcheck
 }

internal/utils/net_listener.go

 
 type Listener struct {
 	net.Listener
-
-	bufferSize int
 }
 
 func (l Listener) Accept() (net.Conn, error) {
 		return nil, err // nolint: wrapcheck
 	}
 
-	if err := network.SetClientSocketOptions(conn, l.bufferSize); err != nil {
+	if err := network.SetClientSocketOptions(conn, 0); err != nil {
 		conn.Close()
 
 		return nil, fmt.Errorf("cannot set TCP options: %w", err)
 	}
 
 	return Listener{
-		Listener:   base,
-		bufferSize: bufferSize,
+		Listener: base,
 	}, nil
 }

mtglib/conns.go

 	"bytes"
 	"context"
 	"io"
-	"net"
 	"sync"
+
+	"github.com/9seconds/mtg/v2/essentials"
 )
 
 type connTraffic struct {
-	net.Conn
+	essentials.Conn
 
 	streamID string
 	stream   EventStream
 }
 
 type connRewind struct {
-	net.Conn
+	essentials.Conn
 
 	active io.Reader
 	buf    bytes.Buffer
 	c.active = io.MultiReader(&c.buf, c.Conn)
 }
 
-func newConnRewind(conn net.Conn) *connRewind {
+func newConnRewind(conn essentials.Conn) *connRewind {
 	rv := &connRewind{
 		Conn: conn,
 	}

mtglib/conns_internal_test.go

 )
 
 type ConnRewindBaseConn struct {
-	testlib.NetConnMock
+	testlib.EssentialsConnMock
 
 	readBuffer bytes.Buffer
 }
 	suite.Suite
 
 	eventStreamMock *EventStreamMock
-	connMock        *testlib.NetConnMock
+	connMock        *testlib.EssentialsConnMock
 	conn            io.ReadWriter
 }
 
 func (suite *ConnTrafficTestSuite) SetupTest() {
 	suite.eventStreamMock = &EventStreamMock{}
-	suite.connMock = &testlib.NetConnMock{}
+	suite.connMock = &testlib.EssentialsConnMock{}
 	suite.conn = connTraffic{
 		Conn:     suite.connMock,
 		streamID: "CONNID",

mtglib/init.go

 	"net"
 	"net/http"
 	"time"
+
+	"github.com/9seconds/mtg/v2/essentials"
 )
 
 var (
 	DefaultConcurrency = 4096
 
 	// DefaultBufferSize is a default size of a copy buffer.
+	//
+	// Deprecated: this setting no longer makes any effect.
 	DefaultBufferSize = 16 * 1024 // 16 kib
 
 	// DefaultDomainFrontingPort is a default port (HTTPS) to connect to in
 // 3. Doing HTTP requests (for example, for FireHOL ipblocklist).
 type Network interface {
 	// Dial establishes context-free TCP connections.
-	Dial(network, address string) (net.Conn, error)
+	Dial(network, address string) (essentials.Conn, error)
 
 	// DialContext dials using a context. This is a preferrable
 	// way of establishing TCP connections.
-	DialContext(ctx context.Context, network, address string) (net.Conn, error)
+	DialContext(ctx context.Context, network, address string) (essentials.Conn, error)
 
 	// MakeHTTPClient build an HTTP client with given dial function. If
 	// nothing is provided, then DialContext of this interface is going
 	// to be used.
-	MakeHTTPClient(func(ctx context.Context, network, address string) (net.Conn, error)) *http.Client
+	MakeHTTPClient(func(ctx context.Context, network, address string) (essentials.Conn, error)) *http.Client
 }
 
 // AntiReplayCache is an interface that is used to detect replay attacks

mtglib/internal/faketls/conn.go

 	"bytes"
 	"fmt"
 	"math/rand"
-	"net"
 
+	"github.com/9seconds/mtg/v2/essentials"
 	"github.com/9seconds/mtg/v2/mtglib/internal/faketls/record"
 )
 
 type Conn struct {
-	net.Conn
+	essentials.Conn
 
 	readBuffer bytes.Buffer
 }

mtglib/internal/faketls/conn_test.go

 )
 
 type ConnMock struct {
-	testlib.NetConnMock
+	testlib.EssentialsConnMock
 
 	readBuffer  bytes.Buffer
 	writeBuffer bytes.Buffer

mtglib/internal/obfuscated2/client_handshake_test.go

 			writeData := make([]byte, len(snapshot.Encrypted.Text.data))
 			readData := make([]byte, len(snapshot.Decrypted.Text.data))
 
-			connMock := &testlib.NetConnMock{}
+			connMock := &testlib.EssentialsConnMock{}
 			connMock.On("Read", mock.Anything).
 				Once().
 				Return(len(snapshot.Decrypted.Text.data), nil).

mtglib/internal/obfuscated2/conn.go

 
 import (
 	"crypto/cipher"
-	"net"
+
+	"github.com/9seconds/mtg/v2/essentials"
 )
 
 type Conn struct {
-	net.Conn
+	essentials.Conn
 
 	Encryptor cipher.Stream
 	Decryptor cipher.Stream

mtglib/internal/obfuscated2/server_handshake_test.go

 type ServerHandshakeTestSuite struct {
 	suite.Suite
 
-	connMock  *testlib.NetConnMock
+	connMock  *testlib.EssentialsConnMock
 	proxyConn obfuscated2.Conn
 	encryptor cipher.Stream
 	decryptor cipher.Stream
 
 func (suite *ServerHandshakeTestSuite) SetupTest() {
 	buf := &bytes.Buffer{}
-	suite.connMock = &testlib.NetConnMock{}
+	suite.connMock = &testlib.EssentialsConnMock{}
 
 	encryptor, decryptor, err := obfuscated2.ServerHandshake(buf)
 	suite.NoError(err)

mtglib/internal/relay/conn.go

-package relay
-
-import (
-	"fmt"
-	"net"
-	"time"
-)
-
-type conn struct {
-	net.Conn
-}
-
-func (c conn) Read(p []byte) (int, error) {
-	if err := c.SetReadDeadline(time.Now().Add(getTimeout())); err != nil {
-		return 0, fmt.Errorf("cannot set read deadline: %w", err)
-	}
-
-	return c.Conn.Read(p) // nolint: wrapcheck
-}

mtglib/internal/relay/init.go

 import "time"
 
 const (
-	ConnectionTimeToLiveMin = 2 * time.Minute
-	ConnectionTimeToLiveMax = 10 * time.Minute
-	TimeoutMin              = 20 * time.Second
-	TimeoutMax              = time.Minute
+	copyBufferSize   = 64 * 1024
+	writerBufferSize = 128 * 1024
+	readTimeout      = 10 * time.Millisecond
 )
 
 type Logger interface {

mtglib/internal/relay/pools.go

 package relay
 
-import "sync"
-
-type eastWest struct {
-	east []byte
-	west []byte
-}
-
-var eastWestPool = sync.Pool{
+import (
+	"bufio"
+	"io"
+	"net"
+	"sync"
+)
+
+var syncPairPool = sync.Pool{
 	New: func() interface{} {
-		return &eastWest{}
+		return &syncPair{
+			writer:  bufio.NewWriterSize(nil, writerBufferSize),
+			copyBuf: make([]byte, copyBufferSize),
+		}
 	},
 }
 
-func acquireEastWest(bufferSize int) *eastWest {
-	wanted := eastWestPool.Get().(*eastWest) // nolint: forcetypeassert
-
-	if len(wanted.east) != bufferSize {
-		wanted.east = make([]byte, bufferSize)
-	}
-
-	if len(wanted.west) != bufferSize {
-		wanted.west = make([]byte, bufferSize)
-	}
+func acquireSyncPair(reader net.Conn, writer io.Writer) *syncPair {
+	sp := syncPairPool.Get().(*syncPair) // nolint: forcetypeassert
+	sp.writer.Reset(writer)
+	sp.reader = reader
 
-	return wanted
+	return sp
 }
 
-func releaseEastWest(ew *eastWest) {
-	eastWestPool.Put(ew)
+func releaseSyncPair(sp *syncPair) {
+	sp.writer.Reset(nil)
+	sp.reader = nil
+	syncPairPool.Put(sp)
 }

mtglib/internal/relay/relay.go

 
 import (
 	"context"
+	"errors"
 	"io"
-	"net"
 	"sync"
+
+	"github.com/9seconds/mtg/v2/essentials"
 )
 
-func Relay(ctx context.Context, log Logger, bufferSize int,
-	telegramConn net.Conn, clientConn io.ReadWriteCloser) {
+func Relay(ctx context.Context, log Logger, telegramConn, clientConn essentials.Conn) {
 	defer telegramConn.Close()
 	defer clientConn.Close()
 
-	ctx, cancel := context.WithTimeout(ctx, getConnectionTimeToLive())
+	ctx, cancel := context.WithCancel(ctx)
 	defer cancel()
 
 	go func() {
 		clientConn.Close()
 	}()
 
-	buffers := acquireEastWest(bufferSize)
-	defer releaseEastWest(buffers)
-
-	telegramConn = conn{
-		Conn: telegramConn,
-	}
-
 	wg := &sync.WaitGroup{}
 	wg.Add(2) // nolint: gomnd
 
-	go pump(log, telegramConn, clientConn, wg, buffers.east, "east -> west")
+	go pump(log, telegramConn, clientConn, wg, "client -> telegram")
 
-	pump(log, clientConn, telegramConn, wg, buffers.west, "west -> east")
+	pump(log, clientConn, telegramConn, wg, "telegram -> client")
 
 	wg.Wait()
 }
 
-func pump(log Logger, src io.ReadCloser, dst io.WriteCloser, wg *sync.WaitGroup,
-	buf []byte, direction string) {
-	defer wg.Done()
-	defer src.Close()
-	defer dst.Close()
+func pump(log Logger, src, dst essentials.Conn, wg *sync.WaitGroup, direction string) {
+	syncer := acquireSyncPair(src, dst)
+
+	defer func() {
+		syncer.Flush()
+		releaseSyncPair(syncer)
+		src.CloseRead()  // nolint: errcheck
+		dst.CloseWrite() // nolint: errcheck
+		wg.Done()
+	}()
+
+	n, err := syncer.Sync()
 
-	if n, err := io.CopyBuffer(dst, src, buf); err != nil {
-		log.Printf("cannot pump %s (written %d bytes): %w", direction, n, err)
+	switch {
+	case err == nil:
+		log.Printf("%s has been finished", direction)
+	case errors.Is(err, io.EOF):
+		log.Printf("%s has been finished because of EOF. Written %d bytes", direction, n)
+	default:
+		log.Printf("%s has been finished (written %d bytes): %v", direction, n, err)
 	}
 }

mtglib/internal/relay/relay_test.go

 	loggerMock       relay.Logger
 	ctx              context.Context
 	ctxCancel        context.CancelFunc
-	telegramConnMock *testlib.NetConnMock
-	clientConnMock   *testlib.NetConnMock
+	telegramConnMock *testlib.EssentialsConnMock
+	clientConnMock   *testlib.EssentialsConnMock
 }
 
 func (suite *RelayTestSuite) SetupTest() {
 	suite.ctx = ctx
 	suite.ctxCancel = cancel
 	suite.loggerMock = &loggerMock{}
-	suite.telegramConnMock = &testlib.NetConnMock{}
-	suite.clientConnMock = &testlib.NetConnMock{}
+	suite.telegramConnMock = &testlib.EssentialsConnMock{}
+	suite.clientConnMock = &testlib.EssentialsConnMock{}
 }
 
 func (suite *RelayTestSuite) TearDownTest() {
 }
 
 func (suite *RelayTestSuite) TestExit() {
-	suite.telegramConnMock.On("SetReadDeadline", mock.Anything).Return(nil)
 	suite.telegramConnMock.On("Close").Return(nil)
+	suite.telegramConnMock.On("CloseRead").Return(nil).Once()
+	suite.telegramConnMock.On("CloseWrite").Return(nil).Once()
 	suite.telegramConnMock.On("Read", mock.Anything).Return(10, io.EOF).Once()
 	suite.telegramConnMock.On("Write", mock.Anything).Return(10, io.EOF).Maybe()
+	suite.telegramConnMock.On("SetReadDeadline", mock.Anything).Return(nil).Maybe()
 
 	suite.clientConnMock.On("Read", mock.Anything).Return(0, io.EOF).Once()
 	suite.clientConnMock.On("Write", mock.Anything).Return(10, io.EOF).Maybe()
 	suite.clientConnMock.On("Close").Return(nil)
+	suite.clientConnMock.On("CloseRead").Return(nil).Once()
+	suite.clientConnMock.On("CloseWrite").Return(nil).Once()
+	suite.clientConnMock.On("SetReadDeadline", mock.Anything).Return(nil).Maybe()
 
-	relay.Relay(suite.ctx, suite.loggerMock, 1024,
-		suite.telegramConnMock, suite.clientConnMock)
+	relay.Relay(suite.ctx, suite.loggerMock, suite.telegramConnMock, suite.clientConnMock)
 }
 
 func TestRelay(t *testing.T) {

mtglib/internal/relay/sync_pair.go

+package relay
+
+import (
+	"bufio"
+	"errors"
+	"fmt"
+	"io"
+	"net"
+	"os"
+	"sync"
+	"time"
+)
+
+type syncPair struct {
+	writer  *bufio.Writer
+	copyBuf []byte
+
+	mutex  sync.Mutex
+	reader net.Conn
+}
+
+func (s *syncPair) Sync() (int64, error) {
+	return io.CopyBuffer(s, s, s.copyBuf) // nolint: wrapcheck
+}
+
+func (s *syncPair) Read(p []byte) (int, error) {
+	n, err := s.readBlocking(p, false)
+
+	// nothing has been delivered for readTimeout time. Let's flush.
+	if errors.Is(err, os.ErrDeadlineExceeded) {
+		if err := s.Flush(); err != nil {
+			return 0, fmt.Errorf("cannot flush writer hand-side: %w", err)
+		}
+
+		return s.readBlocking(p, true)
+	}
+
+	return n, err
+}
+
+func (s *syncPair) Write(p []byte) (int, error) {
+	s.mutex.Lock()
+	defer s.mutex.Unlock()
+
+	n, err := s.writer.Write(p)
+
+	// optimization for a case when we have a small package and want to avoid a
+	// delay in readTimeout. In that case, we assume that peer has finished to
+	// sent a data it wants to send so we can flush without waiting for anything
+	// else.
+	if err == nil && n < copyBufferSize {
+		err = s.writer.Flush()
+	}
+
+	return n, err // nolint: wrapcheck
+}
+
+func (s *syncPair) Flush() error {
+	s.mutex.Lock()
+	defer s.mutex.Unlock()
+
+	return s.writer.Flush() // nolint: wrapcheck
+}
+
+func (s *syncPair) readBlocking(p []byte, blocking bool) (int, error) {
+	var deadline time.Time
+
+	if !blocking {
+		deadline = time.Now().Add(readTimeout)
+	}
+
+	if err := s.reader.SetReadDeadline(deadline); err != nil {
+		return 0, fmt.Errorf("cannot set read deadline: %w", err)
+	}
+
+	return s.reader.Read(p) // nolint: wrapcheck
+}

mtglib/internal/relay/timeouts.go

-package relay
-
-import (
-	"math/rand"
-	"time"
-)
-
-func getConnectionTimeToLive() time.Duration {
-	return getTime(ConnectionTimeToLiveMin, ConnectionTimeToLiveMax)
-}
-
-func getTimeout() time.Duration {
-	return getTime(TimeoutMin, TimeoutMax)
-}
-
-func getTime(minDuration, maxDuration time.Duration) time.Duration {
-	minDurationInSeconds := int(minDuration.Seconds())
-	maxDurationInSeconds := int(maxDuration.Seconds())
-	number := minDurationInSeconds + rand.Intn(maxDurationInSeconds-minDurationInSeconds)
-
-	return time.Duration(number) * time.Second
-}

mtglib/internal/relay/timeouts_internal_test.go

-package relay
-
-import (
-	"fmt"
-	"testing"
-
-	"github.com/stretchr/testify/suite"
-)
-
-type TimeoutsTestSuite struct {
-	suite.Suite
-}
-
-func (suite *TimeoutsTestSuite) TestGetConnectionTimeToLive() {
-	for i := 0; i < 100; i++ {
-		value := getConnectionTimeToLive()
-		message := fmt.Sprintf("generated value is %v", value)
-
-		suite.GreaterOrEqual(value, ConnectionTimeToLiveMin, message)
-		suite.LessOrEqual(value, ConnectionTimeToLiveMax, message)
-	}
-}
-
-func (suite *TimeoutsTestSuite) TestGetTimeout() {
-	for i := 0; i < 100; i++ {
-		value := getTimeout()
-		message := fmt.Sprintf("generated value is %v", value)
-
-		suite.GreaterOrEqual(value, TimeoutMin, message)
-		suite.LessOrEqual(value, TimeoutMax, message)
-	}
-}
-
-func TestTimeouts(t *testing.T) {
-	t.Parallel()
-	suite.Run(t, &TimeoutsTestSuite{})
-}

mtglib/internal/telegram/init.go

 
 import (
 	"context"
-	"net"
+
+	"github.com/9seconds/mtg/v2/essentials"
 )
 
 type preferIP uint8
 )
 
 type Dialer interface {
-	DialContext(ctx context.Context, network, address string) (net.Conn, error)
+	DialContext(ctx context.Context, network, address string) (essentials.Conn, error)
 }

mtglib/internal/telegram/telegram.go

 import (
 	"context"
 	"fmt"
-	"net"
 	"strings"
+
+	"github.com/9seconds/mtg/v2/essentials"
 )
 
 type Telegram struct {
 	pool     addressPool
 }
 
-func (t Telegram) Dial(ctx context.Context, dc int) (net.Conn, error) {
+func (t Telegram) Dial(ctx context.Context, dc int) (essentials.Conn, error) {
 	var addresses []tgAddr
 
 	switch t.preferIP {
 	}
 
 	var (
-		conn net.Conn
+		conn essentials.Conn
 		err  error
 	)
 

mtglib/proxy.go

 	"sync"
 	"time"
 
+	"github.com/9seconds/mtg/v2/essentials"
 	"github.com/9seconds/mtg/v2/mtglib/internal/faketls"
 	"github.com/9seconds/mtg/v2/mtglib/internal/faketls/record"
 	"github.com/9seconds/mtg/v2/mtglib/internal/obfuscated2"
 
 	allowFallbackOnUnknownDC bool
 	tolerateTimeSkewness     time.Duration
-	bufferSize               int
 	domainFrontingPort       int
 	workerPool               *ants.PoolWithFunc
 	telegram                 *telegram.Telegram
 
 // ServeConn serves a connection. We do not check IP blocklist and
 // concurrency limit here.
-func (p *Proxy) ServeConn(conn net.Conn) {
+func (p *Proxy) ServeConn(conn essentials.Conn) {
 	p.streamWaitGroup.Add(1)
 	defer p.streamWaitGroup.Done()
 
 	relay.Relay(
 		ctx,
 		ctx.logger.Named("relay"),
-		p.bufferSize,
 		ctx.telegramConn,
 		ctx.clientConn,
 	)
 	relay.Relay(
 		ctx,
 		ctx.logger.Named("domain-fronting"),
-		p.bufferSize,
 		frontConn,
 		conn,
 	)
 		logger:                   opts.getLogger("proxy"),
 		domainFrontingPort:       opts.getDomainFrontingPort(),
 		tolerateTimeSkewness:     opts.getTolerateTimeSkewness(),
-		bufferSize:               opts.getBufferSize(),
 		allowFallbackOnUnknownDC: opts.AllowFallbackOnUnknownDC,
 		telegram:                 tg,
 	}
 
 	pool, err := ants.NewPoolWithFunc(opts.getConcurrency(),
 		func(arg interface{}) {
-			proxy.ServeConn(arg.(net.Conn))
+			proxy.ServeConn(arg.(essentials.Conn))
 		},
 		ants.WithLogger(opts.getLogger("ants")),
 		ants.WithNonblocking(true))

mtglib/proxy_opts.go

 	// buffers: to and from.
 	//
 	// This is an optional setting.
+	//
+	// Deprecated: this setting is no longer makes any effect.
 	BufferSize uint
 
 	// Concurrency is a size of the worker pool for connection management.
 	return nil
 }
 
-func (p ProxyOpts) getBufferSize() int {
-	if p.BufferSize < 1 {
-		return DefaultBufferSize
-	}
-
-	return int(p.BufferSize)
-}
-
 func (p ProxyOpts) getConcurrency() int {
 	if p.Concurrency == 0 {
 		return DefaultConcurrency

mtglib/stream_context.go

 	"encoding/base64"
 	"net"
 	"time"
+
+	"github.com/9seconds/mtg/v2/essentials"
 )
 
 type streamContext struct {
 	ctx          context.Context
 	ctxCancel    context.CancelFunc
-	clientConn   net.Conn
-	telegramConn net.Conn
+	clientConn   essentials.Conn
+	telegramConn essentials.Conn
 	streamID     string
 	dc           int
 	logger       Logger
 	return s.clientConn.RemoteAddr().(*net.TCPAddr).IP
 }
 
-func newStreamContext(ctx context.Context, logger Logger, clientConn net.Conn) *streamContext {
+func newStreamContext(ctx context.Context, logger Logger, clientConn essentials.Conn) *streamContext {
 	connIDBytes := make([]byte, ConnectionIDBytesLength)
 
 	if _, err := rand.Read(connIDBytes); err != nil {

mtglib/stream_context_internal_test.go

 type StreamContextTestSuite struct {
 	suite.Suite
 
-	connMock  *testlib.NetConnMock
+	connMock  *testlib.EssentialsConnMock
 	logger    NoopLogger
 	ctx       *streamContext
 	ctxCancel context.CancelFunc
 	ctx = context.WithValue(ctx, "key", "value") // nolint: golint, revive, staticcheck
 
 	suite.ctxCancel = cancel
-	suite.connMock = &testlib.NetConnMock{}
+	suite.connMock = &testlib.EssentialsConnMock{}
 
 	addr := &net.TCPAddr{
 		IP:   net.ParseIP("10.0.0.10"),
 func (suite *StreamContextTestSuite) TestClose() {
 	suite.connMock.On("Close").Once().Return(nil)
 
-	tgConnMock := &testlib.NetConnMock{}
+	tgConnMock := &testlib.EssentialsConnMock{}
 	tgConnMock.On("Close").Once().Return(nil)
 
 	suite.ctx.telegramConn = tgConnMock

network/circuit_breaker.go

 
 import (
 	"context"
-	"net"
 	"sync/atomic"
 	"time"
+
+	"github.com/9seconds/mtg/v2/essentials"
 )
 
 const (
 	resetFailuresTimeout time.Duration
 }
 
-func (c *circuitBreakerDialer) Dial(network, address string) (net.Conn, error) {
+func (c *circuitBreakerDialer) Dial(network, address string) (essentials.Conn, error) {
 	return c.DialContext(context.Background(), network, address)
 }
 
 func (c *circuitBreakerDialer) DialContext(ctx context.Context,
-	network, address string) (net.Conn, error) {
+	network, address string) (essentials.Conn, error) {
 	switch atomic.LoadUint32(&c.state) {
 	case circuitBreakerStateClosed:
 		return c.doClosed(ctx, network, address)
 }
 
 func (c *circuitBreakerDialer) doClosed(ctx context.Context,
-	network, address string) (net.Conn, error) {
+	network, address string) (essentials.Conn, error) {
 	conn, err := c.Dialer.DialContext(ctx, network, address)
 
 	select {
 	return conn, err // nolint: wrapcheck
 }
 
-func (c *circuitBreakerDialer) doHalfOpened(ctx context.Context, network, address string) (net.Conn, error) {
+func (c *circuitBreakerDialer) doHalfOpened(ctx context.Context,
+	network, address string) (essentials.Conn, error) {
 	if !atomic.CompareAndSwapUint32(&c.halfOpenAttempts, 0, 1) {
 		return nil, ErrCircuitBreakerOpened
 	}

network/circuit_breaker_internal_test.go

 	mutex          sync.Mutex
 	ctx            context.Context
 	ctxCancel      context.CancelFunc
-	connMock       *testlib.NetConnMock
+	connMock       *testlib.EssentialsConnMock
 	baseDialerMock *DialerMock
 }
 
 	suite.mutex = sync.Mutex{}
 	suite.ctx, suite.ctxCancel = context.WithCancel(context.Background())
 	suite.baseDialerMock = &DialerMock{}
-	suite.connMock = &testlib.NetConnMock{}
+	suite.connMock = &testlib.EssentialsConnMock{}
 	suite.d = newCircuitBreakerDialer(suite.baseDialerMock,
 		3, 100*time.Millisecond, 50*time.Millisecond)
 }

network/default.go

 	"fmt"
 	"net"
 	"time"
+
+	"github.com/9seconds/mtg/v2/essentials"
 )
 
 type defaultDialer struct {
 	net.Dialer
-
-	bufferSize int
 }
 
-func (d *defaultDialer) Dial(network, address string) (net.Conn, error) {
+func (d *defaultDialer) Dial(network, address string) (essentials.Conn, error) {
 	return d.DialContext(context.Background(), network, address)
 }
 
-func (d *defaultDialer) DialContext(ctx context.Context, network, address string) (net.Conn, error) {
+func (d *defaultDialer) DialContext(ctx context.Context, network, address string) (essentials.Conn, error) {
 	switch network {
 	case "tcp", "tcp4", "tcp6": // nolint: goconst
 	default:
 	}
 
 	// we do not need to call to end user. End users call us.
-	if err := SetServerSocketOptions(conn, d.bufferSize); err != nil {
+	if err := SetServerSocketOptions(conn, 0); err != nil {
 		conn.Close()
 
 		return nil, fmt.Errorf("cannot set socket options: %w", err)
 	}
 
-	return conn, nil
+	return conn.(essentials.Conn), nil
 }
 
 // NewDefaultDialer build a new dialer which dials bypassing proxies
 //
 // The most default one you can imagine. But it has tunes TCP
 // connections and setups SO_REUSEPORT.
+//
+// bufferSize is deprecated and ignored. It is kept here for backward
+// compatibility.
 func NewDefaultDialer(timeout time.Duration, bufferSize int) (Dialer, error) {
 	switch {
 	case timeout < 0:
 		return nil, fmt.Errorf("timeout %v should be positive number", timeout)
-	case bufferSize < 0:
-		return nil, fmt.Errorf("buffer size %d should be positive number", bufferSize)
-	}
-
-	if timeout == 0 {
+	case timeout == 0:
 		timeout = DefaultTimeout
 	}
 
-	if bufferSize == 0 {
-		bufferSize = DefaultBufferSize
-	}
-
 	return &defaultDialer{
 		Dialer: net.Dialer{
 			Timeout: timeout,
 		},
-		bufferSize: bufferSize,
 	}, nil
 }

network/default_test.go

 	suite.Error(err)
 }
 
-func (suite *DefaultDialerTestSuite) TestNegativeBufferSize() {
-	_, err := network.NewDefaultDialer(0, -1)
-	suite.Error(err)
-}
-
 func (suite *DefaultDialerTestSuite) TestUnsupportedProtocol() {
 	_, err := suite.d.DialContext(context.Background(),
 		"udp",

network/init.go

 import (
 	"context"
 	"errors"
-	"net"
 	"time"
+
+	"github.com/9seconds/mtg/v2/essentials"
 )
 
 const (
 	// request.
 	DefaultHTTPTimeout = 10 * time.Second
 
+	// Deprecated:
+	//
 	// DefaultBufferSize defines a TCP buffer size. Both read and write, so
 	// for real size, please multiply this number by 2.
 	DefaultBufferSize = 16 * 1024 // 16 kib
 
+	// DefaultTCPKeepAlivePeriod defines a time period between 2
+	// consequitive probes.
+	DefaultTCPKeepAlivePeriod = 10 * time.Second
+
 	// ProxyDialerOpenThreshold is used for load balancing SOCKS5 dialer
 	// only.
 	//
 // Dialer defines an interface which is required to bootstrap a network
 // instance from.
 type Dialer interface {
-	Dial(network, address string) (net.Conn, error)
-	DialContext(ctx context.Context, network, address string) (net.Conn, error)
+	Dial(network, address string) (essentials.Conn, error)
+	DialContext(ctx context.Context, network, address string) (essentials.Conn, error)
 }

network/init_internal_test.go

 
 import (
 	"context"
-	"net"
 
+	"github.com/9seconds/mtg/v2/essentials"
 	"github.com/stretchr/testify/mock"
 )
 
 	mock.Mock
 }
 
-func (d *DialerMock) Dial(network, address string) (net.Conn, error) {
+func (d *DialerMock) Dial(network, address string) (essentials.Conn, error) {
 	args := d.Called(network, address)
 
-	return args.Get(0).(net.Conn), args.Error(1) // nolint: wrapcheck
+	return args.Get(0).(essentials.Conn), args.Error(1) // nolint: wrapcheck
 }
 
-func (d *DialerMock) DialContext(ctx context.Context, network, address string) (net.Conn, error) {
+func (d *DialerMock) DialContext(ctx context.Context, network, address string) (essentials.Conn, error) {
 	args := d.Called(ctx, network, address)
 
-	return args.Get(0).(net.Conn), args.Error(1) // nolint: wrapcheck
+	return args.Get(0).(essentials.Conn), args.Error(1) // nolint: wrapcheck
 }

network/init_test.go

 	"net/url"
 	"strings"
 
+	"github.com/9seconds/mtg/v2/essentials"
 	"github.com/9seconds/mtg/v2/network"
 	socks5 "github.com/armon/go-socks5"
 	"github.com/mccutchen/go-httpbin/httpbin"
 	mock.Mock
 }
 
-func (d *DialerMock) Dial(network, address string) (net.Conn, error) {
+func (d *DialerMock) Dial(network, address string) (essentials.Conn, error) {
 	args := d.Called(network, address)
 
-	return args.Get(0).(net.Conn), args.Error(1) // nolint: wrapcheck
+	return args.Get(0).(essentials.Conn), args.Error(1) // nolint: wrapcheck
 }
 
-func (d *DialerMock) DialContext(ctx context.Context, network, address string) (net.Conn, error) {
+func (d *DialerMock) DialContext(ctx context.Context, network, address string) (essentials.Conn, error) {
 	args := d.Called(ctx, network, address)
 
-	return args.Get(0).(net.Conn), args.Error(1) // nolint: wrapcheck
+	return args.Get(0).(essentials.Conn), args.Error(1) // nolint: wrapcheck
 }
 
 type HTTPServerTestSuite struct {
 func (suite *HTTPServerTestSuite) MakeHTTPClient(dialer network.Dialer) *http.Client {
 	return &http.Client{
 		Transport: &http.Transport{
-			DialContext: dialer.DialContext,
+			DialContext: func(ctx context.Context, network, address string) (net.Conn, error) {
+				return dialer.DialContext(ctx, network, address) // nolint: wrapcheck
+			},
 		},
 	}
 }

network/load_balanced_socks5.go

 	"context"
 	"fmt"
 	"math/rand"
-	"net"
 	"net/url"
+
+	"github.com/9seconds/mtg/v2/essentials"
 )
 
 type loadBalancedSocks5Dialer struct {
 	dialers []Dialer
 }
 
-func (l loadBalancedSocks5Dialer) Dial(network, address string) (net.Conn, error) {
+func (l loadBalancedSocks5Dialer) Dial(network, address string) (essentials.Conn, error) {
 	return l.DialContext(context.Background(), network, address)
 }
 
-func (l loadBalancedSocks5Dialer) DialContext(ctx context.Context, network, address string) (net.Conn, error) {
+func (l loadBalancedSocks5Dialer) DialContext(ctx context.Context, network, address string) (essentials.Conn, error) {
 	length := len(l.dialers)
 	start := rand.Intn(length)
 	moved := false

network/network.go

 	"sync"
 	"time"
 
+	"github.com/9seconds/mtg/v2/essentials"
 	"github.com/9seconds/mtg/v2/mtglib"
 )
 
 	dns         *dnsResolver
 }
 
-func (n *network) Dial(protocol, address string) (net.Conn, error) {
+func (n *network) Dial(protocol, address string) (essentials.Conn, error) {
 	return n.DialContext(context.Background(), protocol, address)
 }
 
-func (n *network) DialContext(ctx context.Context, protocol, address string) (net.Conn, error) {
+func (n *network) DialContext(ctx context.Context, protocol, address string) (essentials.Conn, error) {
 	host, port, _ := net.SplitHostPort(address)
 
 	ips, err := n.dnsResolve(protocol, host)
 		ips[i], ips[j] = ips[j], ips[i]
 	})
 
-	var conn net.Conn
+	var conn essentials.Conn
+
 	for _, v := range ips {
 		conn, err = n.dialer.DialContext(ctx, protocol, net.JoinHostPort(v, port))
 
 }
 
 func (n *network) MakeHTTPClient(dialFunc func(ctx context.Context,
-	network, address string) (net.Conn, error)) *http.Client {
+	network, address string) (essentials.Conn, error)) *http.Client {
 	if dialFunc == nil {
 		dialFunc = n.DialContext
 	}
 
 func makeHTTPClient(userAgent string,
 	timeout time.Duration,
-	dialFunc func(ctx context.Context, network, address string) (net.Conn, error)) *http.Client {
+	dialFunc func(ctx context.Context, network, address string) (essentials.Conn, error)) *http.Client {
 	return &http.Client{
 		Timeout: timeout,
 		Transport: networkHTTPTransport{
 			userAgent: userAgent,
 			next: &http.Transport{
-				DialContext: dialFunc,
+				DialContext: func(ctx context.Context, network, address string) (net.Conn, error) {
+					return dialFunc(ctx, network, address)
+				},
 			},
 		},
 	}

network/sockopts.go

 
 // SetClientSocketOptions tunes a TCP socket that represents a connection to
 // end user (not Telegram service or fronting domain).
+//
+// bufferSize setting is deprecated and ignored.
 func SetClientSocketOptions(conn net.Conn, bufferSize int) error {
-	tcpConn := conn.(*net.TCPConn) // nolint: forcetypeassert
-
-	if err := tcpConn.SetNoDelay(false); err != nil {
-		return fmt.Errorf("cannot disable TCP_NO_DELAY: %w", err)
-	}
-
-	return setCommonSocketOptions(tcpConn, bufferSize)
+	return setCommonSocketOptions(conn.(*net.TCPConn))
 }
 
 // SetServerSocketOptions tunes a TCP socket that represents a connection to
 // remote server like Telegram or fronting domain (but not end user).
 func SetServerSocketOptions(conn net.Conn, bufferSize int) error {
-	tcpConn := conn.(*net.TCPConn) // nolint: forcetypeassert
-
-	if err := tcpConn.SetNoDelay(true); err != nil {
-		return fmt.Errorf("cannot enable TCP_NO_DELAY: %w", err)
-	}
-
-	return setCommonSocketOptions(tcpConn, bufferSize)
+	return setCommonSocketOptions(conn.(*net.TCPConn))
 }
 
-func setCommonSocketOptions(conn *net.TCPConn, bufferSize int) error {
-	if err := conn.SetReadBuffer(bufferSize); err != nil {
-		return fmt.Errorf("cannot set read buffer size: %w", err)
-	}
-
-	if err := conn.SetWriteBuffer(bufferSize); err != nil {
-		return fmt.Errorf("cannot set write buffer size: %w", err)
+func setCommonSocketOptions(conn *net.TCPConn) error {
+	if err := conn.SetKeepAlive(true); err != nil {
+		return fmt.Errorf("cannot disable TCP keepalive probes: %w", err)
 	}
 
-	if err := conn.SetKeepAlive(false); err != nil {
-		return fmt.Errorf("cannot disable TCP keepalive probes: %w", err)
+	if err := conn.SetKeepAlivePeriod(DefaultTCPKeepAlivePeriod); err != nil {
+		return fmt.Errorf("cannot set time period of TCP keepalive probes: %w", err)
 	}
 
 	if err := conn.SetLinger(tcpLingerTimeout); err != nil {
 		return fmt.Errorf("cannot get underlying raw connection: %w", err)
 	}
 
-	if err := setSocketReuseAddrPort(rawConn, bufferSize); err != nil {
+	if err := setSocketReuseAddrPort(rawConn); err != nil {
 		return fmt.Errorf("cannot setup SO_REUSEADDR/PORT: %w", err)
 	}
 

network/sockopts_unix.go

 	"golang.org/x/sys/unix"
 )
 
-func setSocketReuseAddrPort(conn syscall.RawConn, bufferSize int) error {
+func setSocketReuseAddrPort(conn syscall.RawConn) error {
 	var err error
 
 	conn.Control(func(fd uintptr) { // nolint: errcheck

network/sockopts_windows.go

 
 import "syscall"
 
-func setSocketReuseAddrPort(conn syscall.RawConn, bufferSize int) error {
+func setSocketReuseAddrPort(conn syscall.RawConn) error {
 	return nil
 }

network/socks5.go

 package network
 
 import (
+	"context"
 	"fmt"
+	"io"
+	"net"
 	"net/url"
 
-	"golang.org/x/net/proxy"
+	"github.com/9seconds/mtg/v2/essentials"
+	"github.com/txthinking/socks5"
 )
 
+type socks5Dialer struct {
+	Dialer
+
+	username     []byte
+	password     []byte
+	proxyAddress string
+}
+
+func (s socks5Dialer) Dial(network, address string) (essentials.Conn, error) {
+	return s.DialContext(context.Background(), network, address)
+}
+
+func (s socks5Dialer) DialContext(ctx context.Context, network, address string) (essentials.Conn, error) {
+	switch network {
+	case "tcp", "tcp4", "tcp6":
+	default:
+		return nil, fmt.Errorf("%s network type is not supported", network)
+	}
+
+	conn, err := s.Dialer.DialContext(ctx, network, s.proxyAddress)
+	if err != nil {
+		return nil, fmt.Errorf("cannot dial to the proxy: %w", err)
+	}
+
+	if err := s.handshake(conn); err != nil {
+		conn.Close()
+
+		return nil, fmt.Errorf("cannot perform a handshake: %w", err)
+	}
+
+	if err := s.connect(conn, address); err != nil {
+		conn.Close()
+
+		return nil, fmt.Errorf("cannot connect to a destination host %s: %w", address, err)
+	}
+
+	return conn, nil
+}
+
+func (s socks5Dialer) handshake(conn io.ReadWriter) error {
+	authMethod := socks5.MethodUsernamePassword
+	if len(s.username)+len(s.password) == 0 {
+		authMethod = socks5.MethodNone
+	}
+
+	if err := s.handshakeNegotiation(conn, authMethod); err != nil {
+		return fmt.Errorf("cannot perform negotiation: %w", err)
+	}
+
+	if authMethod == socks5.MethodNone {
+		return nil
+	}
+
+	if err := s.handshakeAuth(conn); err != nil {
+		return fmt.Errorf("cannot authenticate: %w", err)
+	}
+
+	return nil
+}
+
+func (s socks5Dialer) handshakeNegotiation(conn io.ReadWriter, authMethod byte) error {
+	request := socks5.NewNegotiationRequest([]byte{authMethod})
+	if _, err := request.WriteTo(conn); err != nil {
+		return fmt.Errorf("cannot send request: %w", err)
+	}
+
+	response, err := socks5.NewNegotiationReplyFrom(conn)
+	if err != nil {
+		return fmt.Errorf("cannot read response: %w", err)
+	}
+
+	if response.Method != authMethod {
+		return fmt.Errorf("%v is unsupported auth method", authMethod)
+	}
+
+	return nil
+}
+
+func (s socks5Dialer) handshakeAuth(conn io.ReadWriter) error {
+	request := socks5.NewUserPassNegotiationRequest(s.username, s.password)
+
+	if _, err := request.WriteTo(conn); err != nil {
+		return fmt.Errorf("cannot send a request: %w", err)
+	}
+
+	response, err := socks5.NewUserPassNegotiationReplyFrom(conn)
+	if err != nil {
+		return fmt.Errorf("cannot read a response: %w", err)
+	}
+
+	if response.Status != socks5.UserPassStatusSuccess {
+		return fmt.Errorf("authenticate has failed: %v", response.Status)
+	}
+
+	return nil
+}
+
+func (s socks5Dialer) connect(conn io.ReadWriter, address string) error {
+	addrType, host, port, err := socks5.ParseAddress(address)
+	if err != nil {
+		return fmt.Errorf("cannot parse address: %w", err)
+	}
+
+	if addrType == socks5.ATYPDomain {
+		host = host[1:]
+	}
+
+	request := socks5.NewRequest(socks5.CmdConnect, addrType, host, port)
+
+	if _, err := request.WriteTo(conn); err != nil {
+		return fmt.Errorf("cannot send a request: %w", err)
+	}
+
+	response, err := socks5.NewReplyFrom(conn)
+	if err != nil {
+		return fmt.Errorf("cannot read a response: %w", err)
+	}
+
+	if response.Rep != socks5.RepSuccess {
+		return fmt.Errorf("unsuccessful request: %v", response.Rep)
+	}
+
+	return nil
+}
+
 // NewSocks5Dialer build a new dialer from a given one (so, in theory
 // you can chain here). Proxy parameters are passed with URI in a form of:
 //
 //     socks5://[user:[password]]@host:port
 func NewSocks5Dialer(baseDialer Dialer, proxyURL *url.URL) (Dialer, error) {
-	rv, err := proxy.FromURL(proxyURL, baseDialer)
-	if err != nil {
-		return nil, fmt.Errorf("cannot initialize socks5 proxy dialer: %w", err)
+	if _, _, err := net.SplitHostPort(proxyURL.Host); err != nil {
+		return nil, fmt.Errorf("incorrect url %s", proxyURL.Redacted())
+	}
+
+	dialer := socks5Dialer{
+		Dialer:       baseDialer,
+		proxyAddress: proxyURL.Host,
+	}
+
+	if proxyURL.User != nil {
+		password, isSet := proxyURL.User.Password()
+		if isSet {
+			dialer.username = []byte(proxyURL.User.Username())
+			dialer.password = []byte(password)
+		}
 	}
 
-	return rv.(Dialer), nil
+	return dialer, nil
 }

network/socks5_test.go

 	suite.Equal(http.StatusOK, resp.StatusCode)
 }
 
-func TestSocks5TestSuite(t *testing.T) {
+func TestSocks5(t *testing.T) {
 	t.Parallel()
 	suite.Run(t, &Socks5TestSuite{})
 }