Here is an update to dnscrypt-proxy 2.0.34, released December 3, 2019. Changelog: https://github.com/DNSCrypt/dnscrypt-proxy/releases/tag/2.0.34
The main change is dnscrypt-proxy acting as a local DoH server to support Encrypted Server Name Indication (ESNI) with Firefox and Cloudflare. I followed the instructions (https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Local-DoH), and it works as described. Tests pass and dnscrypt-proxy works. Feedback and tests are welcome. Index: Makefile =================================================================== RCS file: /cvs/ports/net/dnscrypt-proxy/Makefile,v retrieving revision 1.47 diff -u -p -r1.47 Makefile --- Makefile 18 Nov 2019 20:59:36 -0000 1.47 +++ Makefile 5 Dec 2019 03:11:22 -0000 @@ -4,7 +4,7 @@ COMMENT = flexible DNS proxy with suppor GH_ACCOUNT = jedisct1 GH_PROJECT = dnscrypt-proxy -GH_TAGNAME = 2.0.33 +GH_TAGNAME = 2.0.34 CATEGORIES = net Index: distinfo =================================================================== RCS file: /cvs/ports/net/dnscrypt-proxy/distinfo,v retrieving revision 1.23 diff -u -p -r1.23 distinfo --- distinfo 18 Nov 2019 20:59:36 -0000 1.23 +++ distinfo 5 Dec 2019 03:11:22 -0000 @@ -1,2 +1,2 @@ -SHA256 (dnscrypt-proxy-2.0.33.tar.gz) = nmLdPf9ZwoOguCFNmZJcHKiFWHaZK+F1Wz62s0iRlP0= -SIZE (dnscrypt-proxy-2.0.33.tar.gz) = 2723092 +SHA256 (dnscrypt-proxy-2.0.34.tar.gz) = OOx98r3v9tCU2JdcAAXB2JamO1KcukFzgbY/z1HUIwM= +SIZE (dnscrypt-proxy-2.0.34.tar.gz) = 2741556 Index: patches/patch-dnscrypt-proxy_example-dnscrypt-proxy_toml =================================================================== RCS file: /cvs/ports/net/dnscrypt-proxy/patches/patch-dnscrypt-proxy_example-dnscrypt-proxy_toml,v retrieving revision 1.8 diff -u -p -r1.8 patch-dnscrypt-proxy_example-dnscrypt-proxy_toml --- patches/patch-dnscrypt-proxy_example-dnscrypt-proxy_toml 18 Nov 2019 20:59:36 -0000 1.8 +++ patches/patch-dnscrypt-proxy_example-dnscrypt-proxy_toml 5 Dec 2019 03:11:22 -0000 @@ -3,7 +3,7 @@ $OpenBSD: patch-dnscrypt-proxy_example-d Index: dnscrypt-proxy/example-dnscrypt-proxy.toml --- dnscrypt-proxy/example-dnscrypt-proxy.toml.orig +++ dnscrypt-proxy/example-dnscrypt-proxy.toml -@@ -45,7 +45,7 @@ max_clients = 250 +@@ -47,7 +47,7 @@ max_clients = 250 ## Note (2): this feature is not compatible with systemd socket activation. ## Note (3): when using -pidfile, the PID file directory must be writable by the new user @@ -12,7 +12,7 @@ Index: dnscrypt-proxy/example-dnscrypt-p ## Require servers (from static + remote sources) to satisfy specific properties -@@ -536,7 +536,7 @@ cache_neg_max_ttl = 600 +@@ -569,7 +569,7 @@ cache_neg_max_ttl = 600 [sources.'public-resolvers'] urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/public-resolvers.md', 'https://download.dnscrypt.info/resolvers-list/v2/public-resolvers.md'] @@ -21,7 +21,7 @@ Index: dnscrypt-proxy/example-dnscrypt-p minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3' prefix = '' -@@ -544,7 +544,7 @@ cache_neg_max_ttl = 600 +@@ -577,7 +577,7 @@ cache_neg_max_ttl = 600 [sources.'relays'] urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/relays.md', 'https://download.dnscrypt.info/resolvers-list/v2/relays.md']
