Another update, this time to 2.0.27, was just released on Sep. 9, 2019. Changelog: https://github.com/jedisct1/dnscrypt-proxy/releases/tag/2.0.27
Nam Nguyen writes: > Here is an update for dnscrypt-proxy version 2.0.26, released September > 7, 2019. > > In my testing, dnscrypt-proxy works with some resolvers enabled on > amd64. I also tested blocked_query_response = refused and hinfo > (default) which worked. I was not able to configure an IP blocked query > response. > > Changelog: > https://github.com/jedisct1/dnscrypt-proxy/releases/tag/2.0.26 > > "A new plugin was added to prevent Firefox from bypassing the system DNS > settings." > > I saw in the system log that it starts up by default. (See README for > how to enable logging.) > > dnscrypt-proxy[93248]: Firefox workaround initialized > > I did some research: > > https://github.com/jedisct1/dnscrypt-proxy/blob/master/dnscrypt-proxy/plugin_firefox.go > https://support.mozilla.org/en-US/kb/configuring-networks-disable-dns-over-https > > "Checking for this signaling will be implemented in Firefox when DoH is > enabled by default for users. This will first happen for users in the > United States in the Fall of 2019. If a user has chosen to manually > enable DoH, the signal from the network will be ignored and the user’s > preference will be honored." > > This new feature of dnscrypt-proxy will have to be tested in Fall 2019, > when Firefox switches to DNS over HTTPS (DoH). > > In Firefox: about:config > search for "network.trr" > network.trr.mode = 0 > > Change network.trr.mode = 2 to use DoH. > > Because I manually changed it from the default of 0 to 2, I confirmed > that Firefox's cloudflare was used instead of dnscrypt-proxy, as > described in the Mozilla article. > > OK? Index: Makefile =================================================================== RCS file: /cvs/ports/net/dnscrypt-proxy/Makefile,v retrieving revision 1.43 diff -u -p -r1.43 Makefile --- Makefile 12 Jul 2019 20:48:25 -0000 1.43 +++ Makefile 10 Sep 2019 01:42:48 -0000 @@ -4,7 +4,7 @@ COMMENT = flexible DNS proxy with suppor GH_ACCOUNT = jedisct1 GH_PROJECT = dnscrypt-proxy -GH_TAGNAME = 2.0.25 +GH_TAGNAME = 2.0.27 CATEGORIES = net Index: distinfo =================================================================== RCS file: /cvs/ports/net/dnscrypt-proxy/distinfo,v retrieving revision 1.19 diff -u -p -r1.19 distinfo --- distinfo 4 Jun 2019 10:02:45 -0000 1.19 +++ distinfo 10 Sep 2019 01:42:48 -0000 @@ -1,2 +1,2 @@ -SHA256 (dnscrypt-proxy-2.0.25.tar.gz) = d0aWAEyeMG4XI7TLvmapYRKKM1VD0xjQeGSSzmm5Bvo= -SIZE (dnscrypt-proxy-2.0.25.tar.gz) = 2596674 +SHA256 (dnscrypt-proxy-2.0.27.tar.gz) = pQH0SvOctD4ASJ755meKqK26K8mPkELdYc5g6a0HTVo= +SIZE (dnscrypt-proxy-2.0.27.tar.gz) = 2478887 Index: patches/patch-dnscrypt-proxy_example-dnscrypt-proxy_toml =================================================================== RCS file: /cvs/ports/net/dnscrypt-proxy/patches/patch-dnscrypt-proxy_example-dnscrypt-proxy_toml,v retrieving revision 1.4 diff -u -p -r1.4 patch-dnscrypt-proxy_example-dnscrypt-proxy_toml --- patches/patch-dnscrypt-proxy_example-dnscrypt-proxy_toml 4 Jun 2019 10:02:45 -0000 1.4 +++ patches/patch-dnscrypt-proxy_example-dnscrypt-proxy_toml 10 Sep 2019 01:42:48 -0000 @@ -12,12 +12,12 @@ Index: dnscrypt-proxy/example-dnscrypt-p ## Require servers (from static + remote sources) to satisfy specific properties -@@ -514,7 +514,7 @@ cache_neg_max_ttl = 600 +@@ -525,7 +525,7 @@ cache_neg_max_ttl = 600 [sources.'public-resolvers'] urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/public-resolvers.md', 'https://download.dnscrypt.info/resolvers-list/v2/public-resolvers.md'] - cache_file = 'public-resolvers.md' + cache_file = '${LOCALSTATEDIR}/dnscrypt-proxy/public-resolvers.md' minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3' - refresh_delay = 72 prefix = '' +
