bump snap version

Fixed plain HTTP request

Makefile

@@ -5,6 +5,9 @@ BUILDOPTS = -a -tags netgo
 LDFLAGS = -ldflags '-s -w -extldflags "-static" -X main.version=$(VERSION)'
 LDFLAGS_NATIVE = -ldflags '-s -w -X main.version=$(VERSION)'
 
+NDK_CC_ARM = $(abspath ../../ndk-toolchain-arm/bin/arm-linux-androideabi-gcc)
+NDK_CC_ARM64 = $(abspath ../../ndk-toolchain-arm64/bin/aarch64-linux-android21-clang)
+
 GO := go
 
 src = $(wildcard *.go)
@@ -17,6 +20,9 @@ all: bin-linux-amd64 bin-linux-386 bin-linux-arm \
 	bin-darwin-amd64 bin-darwin-arm64 \
 	bin-windows-amd64 bin-windows-386 bin-windows-arm
 
+allplus: all \
+	bin-android-arm bin-android-arm64
+
 bin-native: $(OUTSUFFIX)
 bin-linux-amd64: $(OUTSUFFIX).linux-amd64
 bin-linux-386: $(OUTSUFFIX).linux-386
@@ -33,6 +39,8 @@ bin-darwin-arm64: $(OUTSUFFIX).darwin-arm64
 bin-windows-amd64: $(OUTSUFFIX).windows-amd64.exe
 bin-windows-386: $(OUTSUFFIX).windows-386.exe
 bin-windows-arm: $(OUTSUFFIX).windows-arm.exe
+bin-android-arm: $(OUTSUFFIX).android-arm
+bin-android-arm64: $(OUTSUFFIX).android-arm64
 
 $(OUTSUFFIX): $(src)
 	$(GO) build $(LDFLAGS_NATIVE) -o $@
@@ -82,6 +90,12 @@ $(OUTSUFFIX).windows-386.exe: $(src)
 $(OUTSUFFIX).windows-arm.exe: $(src)
 	CGO_ENABLED=0 GOOS=windows GOARCH=arm GOARM=7 $(GO) build $(BUILDOPTS) $(LDFLAGS) -o $@
 
+$(OUTSUFFIX).android-arm: $(src)
+	CC=$(NDK_CC_ARM) CGO_ENABLED=1 GOOS=android GOARCH=arm GOARM=7 $(GO) build $(LDFLAGS_NATIVE) -o $@
+
+$(OUTSUFFIX).android-arm64: $(src)
+	CC=$(NDK_CC_ARM64) CGO_ENABLED=1 GOOS=android GOARCH=arm64 $(GO) build $(LDFLAGS_NATIVE) -o $@
+
 clean:
 	rm -f bin/*
 
@@ -102,6 +116,13 @@ install:
 	bin-freebsd-amd64 \
 	bin-freebsd-386 \
 	bin-freebsd-arm \
+	bin-netbsd-amd64 \
+	bin-netbsd-386 \
+	bin-openbsd-amd64 \
+	bin-openbsd-386 \
 	bin-darwin-amd64 \
 	bin-windows-amd64 \
-	bin-windows-386
+	bin-windows-386 \
+	bin-windows-arm \
+	bin-android-arm \
+	bin-android-arm64

README.md

@@ -41,6 +41,12 @@ git clone https://ipfs.io/ipns/k51qzi5uqu5dkrgx0hozpy1tlggw5o0whtquyrjlc6pprhvbm
 
 Pre-built binaries are available [here](https://github.com/Snawoot/hola-proxy/releases/latest).
 
+Don't forget to make file executable on Unix-like systems (Linux, MacOS, \*BSD, Android). For your convenience rename downloaded file to `hola-proxy` and run within directory where you placed it:
+
+```sh
+chmod +x hola-proxy
+```
+
 #### Build from source
 
 Alternatively, you may install hola-proxy from source. Run the following within the source directory:
@@ -157,6 +163,7 @@ zagent248.hola.org,165.22.65.3,22222,22223,22224,22225,22226,digitalocean
 | limit | Unsigned Integer (Number) | amount of proxies in retrieved list (default 3) |
 | list-countries | String | list available countries and exit |
 | list-proxies | - | output proxy list and exit |
+| proxy | String | sets base proxy to use for all dial-outs. Format: `<http\|https\|socks5\|socks5h>://[login:password@]host[:port]` Examples: `http://user:password@192.168.1.1:3128`, `socks5://10.0.0.1:1080` |
 | proxy-type | String | proxy type (Datacenter: direct, virt) (Residential: peer, lum, pool) (default "direct") |
 | resolver | String | DNS/DoH/DoT resolver to workaround Hola blocked hosts. See https://github.com/ameshkov/dnslookup/ for upstream DNS URL format. (default "https://cloudflare-dns.com/dns-query") |
 | rotate | Duration | rotate user ID once per given period (default 1h0m0s) |

go.mod

@@ -7,4 +7,5 @@ require (
 	github.com/campoy/unique v0.0.0-20180121183637-88950e537e7e
 	github.com/google/uuid v1.1.1
 	github.com/miekg/dns v1.1.29
+	golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e
 )

go.sum

@@ -15,6 +15,7 @@ github.com/campoy/unique v0.0.0-20180121183637-88950e537e7e h1:V9a67dfYqPLAvzk5h
 github.com/campoy/unique v0.0.0-20180121183637-88950e537e7e/go.mod h1:9IOqJGCPMSc6E5ydlp5NIonxObaeu/Iub/X03EKPVYo=
 github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/go-test/deep v1.0.5/go.mod h1:QV8Hv/iy04NyLBxAdO9njL0iVPN1S4d/A3NVv1V36o8=
 github.com/google/uuid v1.1.1 h1:Gkbcsh/GbpXz7lPftLA3P6TYMwjCLYm83jiFQZF/3gY=
@@ -24,14 +25,18 @@ github.com/joomcode/errorx v1.0.1 h1:CalpDWz14ZHd68fIqluJasJosAewpz2TFaJALrUxjrk
 github.com/joomcode/errorx v1.0.1/go.mod h1:kgco15ekB6cs+4Xjzo7SPeXzx38PbJzBwbnu9qfVNHQ=
 github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
+github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
 github.com/miekg/dns v1.1.29 h1:xHBEhR+t5RzcFJjBLJlax2daXOrTYtr9z4WdKEfWFzg=
 github.com/miekg/dns v1.1.29/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM=
+github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs=
 github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno=
 github.com/patrickmn/go-cache v2.1.0+incompatible/go.mod h1:3Qf8kWWT7OJRJbdiICTKqZju1ZixQ/KpMGzzAfe6+WQ=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/sparrc/go-ping v0.0.0-20190613174326-4e5b6552494c/go.mod h1:eMyUVp6f/5jnzM+3zahzl7q6UXLbgSc3MKg/+ow9QW0=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/testify v1.5.1 h1:nOGnQDM7FYENwehXlg/kFVnos3rEvtKTjRvOWSzb6H4=
 github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
@@ -45,6 +50,7 @@ golang.org/x/net v0.0.0-20190923162816-aa69164e4478/go.mod h1:z5CRVTTTmAJ677TzLL
 golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e h1:3G+cUijn7XD+S4eJFddp53Pv7+slrESplyjG25HgL+k=
 golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a h1:WXEvlFVvvGxCJLG6REjsT03iWnKLEWinaScsxF2Vm2o=
 golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -59,6 +65,8 @@ golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGm
 golang.org/x/tools v0.0.0-20191216052735-49a3e744a425/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f h1:BLraFXnmrev5lT+xlilqcH8XK9/i0At2xKjWk4p6zsU=
 gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10=
 gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=

handler.go

@@ -3,6 +3,7 @@ package main
 import (
 	"fmt"
 	"net/http"
+	"net/url"
 	"strings"
 	"time"
 )
@@ -15,20 +16,28 @@ type ProxyHandler struct {
 	logger        *CondLogger
 	dialer        ContextDialer
 	httptransport http.RoundTripper
+	auth          AuthProvider
 }
 
-func NewProxyHandler(dialer ContextDialer, resolver *Resolver, logger *CondLogger) *ProxyHandler {
+func NewProxyHandler(dialer, requestDialer ContextDialer, auth AuthProvider, resolver *Resolver, logger *CondLogger) *ProxyHandler {
 	dialer = NewRetryDialer(dialer, resolver, logger)
 	httptransport := &http.Transport{
+		Proxy: func(_ *http.Request) (*url.URL, error) {
+			return &url.URL{
+				Scheme: "http",
+				Host:   "void",
+			}, nil
+		},
 		MaxIdleConns:          100,
 		IdleConnTimeout:       90 * time.Second,
 		TLSHandshakeTimeout:   10 * time.Second,
 		ExpectContinueTimeout: 1 * time.Second,
-		DialContext:           dialer.DialContext,
+		DialContext:           requestDialer.DialContext,
 	}
 	return &ProxyHandler{
 		logger:        logger,
 		dialer:        dialer,
+		auth:          auth,
 		httptransport: httptransport,
 	}
 }
@@ -74,6 +83,8 @@ func (s *ProxyHandler) HandleRequest(wr http.ResponseWriter, req *http.Request)
 		req.URL.Scheme = "http" // We can't access :scheme pseudo-header, so assume http
 		req.URL.Host = req.Host
 	}
+	delHopHeaders(req.Header)
+	req.Header.Add("Proxy-Authorization", s.auth())
 	resp, err := s.httptransport.RoundTrip(req)
 	if err != nil {
 		s.logger.Error("HTTP fetch error: %v", err)

holaapi.go

@@ -252,7 +252,8 @@ func zgettunnels(ctx context.Context,
 }
 
 func fetchFallbackConfig(ctx context.Context) (*FallbackConfig, error) {
-	confRaw, err := do_req(ctx, &http.Client{}, "", FALLBACK_CONF_URL, nil, nil)
+	client := httpClientWithProxy(nil)
+	confRaw, err := do_req(ctx, client, "", FALLBACK_CONF_URL, nil, nil)
 	if err != nil {
 		return nil, err
 	}
@@ -327,6 +328,15 @@ func Tunnels(ctx context.Context,
 	return
 }
 
+var baseDialer ContextDialer = &net.Dialer{
+	Timeout:   30 * time.Second,
+	KeepAlive: 30 * time.Second,
+}
+
+func UpdateHolaDialer(dialer ContextDialer) {
+	baseDialer = dialer
+}
+
 // Returns default http client with a proxy override
 func httpClientWithProxy(agent *FallbackAgent) *http.Client {
 	t := &http.Transport{
@@ -336,10 +346,7 @@ func httpClientWithProxy(agent *FallbackAgent) *http.Client {
 		TLSHandshakeTimeout:   10 * time.Second,
 		ExpectContinueTimeout: 1 * time.Second,
 	}
-	var dialer ContextDialer = &net.Dialer{
-		Timeout:   30 * time.Second,
-		KeepAlive: 30 * time.Second,
-	}
+	var dialer ContextDialer = baseDialer
 	if agent != nil {
 		dialer = NewProxyDialer(agent.NetAddr(), agent.Hostname(), nil, dialer)
 	}

main.go

@@ -1,13 +1,17 @@
 package main
 
 import (
+	"errors"
 	"flag"
 	"fmt"
 	"log"
 	"net"
 	"net/http"
+	"net/url"
 	"os"
 	"time"
+
+	xproxy "golang.org/x/net/proxy"
 )
 
 var (
@@ -45,6 +49,7 @@ type CLIArgs struct {
 	resolver                                string
 	force_port_field                        string
 	showVersion                             bool
+	proxy                                   string
 }
 
 func parse_args() CLIArgs {
@@ -66,6 +71,9 @@ func parse_args() CLIArgs {
 			"See https://github.com/ameshkov/dnslookup/ for upstream DNS URL format.")
 	flag.BoolVar(&args.use_trial, "dont-use-trial", false, "use regular ports instead of trial ports") // would be nice to not show in help page
 	flag.BoolVar(&args.showVersion, "version", false, "show program version and exit")
+	flag.StringVar(&args.proxy, "proxy", "", "sets base proxy to use for all dial-outs. "+
+		"Format: <http|https|socks5|socks5h>://[login:password@]host[:port] "+
+		"Examples: http://user:password@192.168.1.1:3128, socks5://10.0.0.1:1080")
 	flag.Parse()
 	if args.country == "" {
 		arg_fail("Country can't be empty string.")
@@ -79,6 +87,15 @@ func parse_args() CLIArgs {
 	return args
 }
 
+func proxyFromURLWrapper(u *url.URL, next xproxy.Dialer) (xproxy.Dialer, error) {
+	cdialer, ok := next.(ContextDialer)
+	if !ok {
+		return nil, errors.New("only context dialers are accepted")
+	}
+
+	return ProxyDialerFromURL(u, cdialer)
+}
+
 func run() int {
 	args := parse_args()
 	if args.showVersion {
@@ -86,13 +103,6 @@ func run() int {
 		return 0
 	}
 
-	if args.list_countries {
-		return print_countries(args.timeout)
-	}
-	if args.list_proxies {
-		return print_proxies(args.country, args.proxy_type, args.limit, args.timeout)
-	}
-
 	logWriter := NewLogWriter(os.Stderr)
 	defer logWriter.Close()
 
@@ -105,6 +115,35 @@ func run() int {
 	proxyLogger := NewCondLogger(log.New(logWriter, "PROXY   : ",
 		log.LstdFlags|log.Lshortfile),
 		args.verbosity)
+
+	var dialer ContextDialer = &net.Dialer{
+		Timeout:   30 * time.Second,
+		KeepAlive: 30 * time.Second,
+	}
+	if args.proxy != "" {
+		xproxy.RegisterDialerType("http", proxyFromURLWrapper)
+		xproxy.RegisterDialerType("https", proxyFromURLWrapper)
+		proxyURL, err := url.Parse(args.proxy)
+		if err != nil {
+			mainLogger.Critical("Unable to parse base proxy URL: %v", err)
+			return 6
+		}
+		pxDialer, err := xproxy.FromURL(proxyURL, dialer)
+		if err != nil {
+			mainLogger.Critical("Unable to instantiate base proxy dialer: %v", err)
+			return 7
+		}
+		dialer = pxDialer.(ContextDialer)
+		UpdateHolaDialer(dialer)
+	}
+
+	if args.list_countries {
+		return print_countries(args.timeout)
+	}
+	if args.list_proxies {
+		return print_proxies(args.country, args.proxy_type, args.limit, args.timeout)
+	}
+
 	mainLogger.Info("hola-proxy client version %s is starting...", version)
 	mainLogger.Info("Constructing fallback DNS upstream...")
 	resolver, err := NewResolver(args.resolver, args.timeout)
@@ -112,26 +151,23 @@ func run() int {
 		mainLogger.Critical("Unable to instantiate DNS resolver: %v", err)
 		return 6
 	}
+
 	mainLogger.Info("Initializing configuration provider...")
 	auth, tunnels, err := CredService(args.rotate, args.timeout, args.country, args.proxy_type, credLogger)
 	if err != nil {
 		mainLogger.Critical("Unable to instantiate credential service: %v", err)
-		logWriter.Close()
 		return 4
 	}
 	endpoint, err := get_endpoint(tunnels, args.proxy_type, args.use_trial, args.force_port_field)
 	if err != nil {
 		mainLogger.Critical("Unable to determine proxy endpoint: %v", err)
-		logWriter.Close()
 		return 5
 	}
-	var dialer ContextDialer = NewProxyDialer(endpoint.NetAddr(), endpoint.TLSName, auth, &net.Dialer{
-		Timeout:   30 * time.Second,
-		KeepAlive: 30 * time.Second,
-	})
+	handlerDialer := NewProxyDialer(endpoint.NetAddr(), endpoint.TLSName, auth, dialer)
+	requestDialer := NewPlaintextDialer(endpoint.NetAddr(), endpoint.TLSName, dialer)
 	mainLogger.Info("Endpoint: %s", endpoint.URL().String())
 	mainLogger.Info("Starting proxy server...")
-	handler := NewProxyHandler(dialer, resolver, proxyLogger)
+	handler := NewProxyHandler(handlerDialer, requestDialer, auth, resolver, proxyLogger)
 	mainLogger.Info("Init complete.")
 	err = http.ListenAndServe(args.bind_address, handler)
 	mainLogger.Critical("Server terminated with a reason: %v", err)

plaintext.go

@@ -0,0 +1,62 @@
+package main
+
+import (
+	"context"
+	"crypto/tls"
+	"crypto/x509"
+	"errors"
+	"net"
+)
+
+type PlaintextDialer struct {
+	fixedAddress  string
+	tlsServerName string
+	next          ContextDialer
+}
+
+func NewPlaintextDialer(address, tlsServerName string, next ContextDialer) *PlaintextDialer {
+	return &PlaintextDialer{
+		fixedAddress:  address,
+		tlsServerName: tlsServerName,
+		next:          next,
+	}
+}
+
+func (d *PlaintextDialer) DialContext(ctx context.Context, network, address string) (net.Conn, error) {
+	switch network {
+	case "tcp", "tcp4", "tcp6":
+	default:
+		return nil, errors.New("bad network specified for DialContext: only tcp is supported")
+	}
+
+	conn, err := d.next.DialContext(ctx, "tcp", d.fixedAddress)
+	if err != nil {
+		return nil, err
+	}
+
+	if d.tlsServerName != "" {
+		// Custom cert verification logic:
+		// DO NOT send SNI extension of TLS ClientHello
+		// DO peer certificate verification against specified servername
+		conn = tls.Client(conn, &tls.Config{
+			ServerName:         "",
+			InsecureSkipVerify: true,
+			VerifyConnection: func(cs tls.ConnectionState) error {
+				opts := x509.VerifyOptions{
+					DNSName:       d.tlsServerName,
+					Intermediates: x509.NewCertPool(),
+				}
+				for _, cert := range cs.PeerCertificates[1:] {
+					opts.Intermediates.AddCert(cert)
+				}
+				_, err := cs.PeerCertificates[0].Verify(opts)
+				return err
+			},
+		})
+	}
+	return conn, nil
+}
+
+func (d *PlaintextDialer) Dial(network, address string) (net.Conn, error) {
+	return d.DialContext(context.Background(), network, address)
+}

retry.go

@@ -37,3 +37,7 @@ func (d *RetryDialer) DialContext(ctx context.Context, network, address string)
 	}
 	return conn, err
 }
+
+func (d *RetryDialer) Dial(network, address string) (net.Conn, error) {
+	return d.DialContext(context.Background(), network, address)
+}

snapcraft.yaml

@@ -1,5 +1,5 @@
 name: hola-proxy
-version: '1.4.6'
+version: '1.5.1'
 summary: Standalone Hola proxy client.
 description: |
   Standalone Hola proxy client. Just run it and it'll start plain HTTP proxy server forwarding traffic via Hola proxies of your choice.

upstream.go

@@ -7,10 +7,13 @@ import (
 	"crypto/tls"
 	"crypto/x509"
 	"errors"
+	"fmt"
 	"io"
 	"net"
 	"net/http"
 	"net/http/httputil"
+	"net/url"
+	"strings"
 )
 
 const (
@@ -21,7 +24,12 @@ const (
 
 var UpstreamBlockedError = errors.New("blocked by upstream")
 
+type Dialer interface {
+	Dial(network, address string) (net.Conn, error)
+}
+
 type ContextDialer interface {
+	Dialer
 	DialContext(ctx context.Context, network, address string) (net.Conn, error)
 }
 
@@ -41,6 +49,39 @@ func NewProxyDialer(address, tlsServerName string, auth AuthProvider, nextDialer
 	}
 }
 
+func ProxyDialerFromURL(u *url.URL, next ContextDialer) (*ProxyDialer, error) {
+	host := u.Hostname()
+	port := u.Port()
+	tlsServerName := ""
+	var auth AuthProvider = nil
+
+	switch strings.ToLower(u.Scheme) {
+	case "http":
+		if port == "" {
+			port = "80"
+		}
+	case "https":
+		if port == "" {
+			port = "443"
+		}
+		tlsServerName = host
+	default:
+		return nil, errors.New("unsupported proxy type")
+	}
+
+	address := net.JoinHostPort(host, port)
+
+	if u.User != nil {
+		username := u.User.Username()
+		password, _ := u.User.Password()
+		authHeader := basic_auth_header(username, password)
+		auth = func() string {
+			return authHeader
+		}
+	}
+	return NewProxyDialer(address, tlsServerName, auth, next), nil
+}
+
 func (d *ProxyDialer) DialContext(ctx context.Context, network, address string) (net.Conn, error) {
 	switch network {
 	case "tcp", "tcp4", "tcp6":
@@ -110,12 +151,16 @@ func (d *ProxyDialer) DialContext(ctx context.Context, network, address string)
 			proxyResp.Header.Get("X-Hola-Error") == "Forbidden Host" {
 			return nil, UpstreamBlockedError
 		}
-		return nil, errors.New("Bad response from upstream proxy server")
+		return nil, errors.New(fmt.Sprintf("bad response from upstream proxy server: %s", proxyResp.Status))
 	}
 
 	return conn, nil
 }
 
+func (d *ProxyDialer) Dial(network, address string) (net.Conn, error) {
+	return d.DialContext(context.Background(), network, address)
+}
+
 func readResponse(r io.Reader, req *http.Request) (*http.Response, error) {
 	endOfResponse := []byte("\r\n\r\n")
 	buf := &bytes.Buffer{}