crypto/tls: tls.Conn.Close sends unnecessary close_notify if the underlying connection was already closed

[ameshkov]

Consider the following code:

	conn, _ := tls.Dial("tcp", "8.8.8.8:443", &tls.Config{ServerName: "dns.google"})
	_, _ = conn.Write([]byte("GET / HTTP/1.1\r\nHost: dns.google\r\nConnection: close\r\n\r\n"))
	_, _ = ioutil.ReadAll(conn)
	_ = conn.Close()

The problem with the way tls.Conn works in the current Golang version is that this code will guarantee that the underlying connection won't be closed gracefully and every time it'll cause RST packets sent from the remote endpoint.

Is it feasible to extend tls.Conn to take the underlying connection status into account? For instance, look for io.EOF when it reads from it?

[cherrymui]

cc @FiloSottile

[networkimprov]

cc @bradfitz @ianlancetaylor