On Fri, Aug 11, 2023 at 01:37:03PM -0700, Nam Nguyen wrote: > It was marked BROKEN because it broke with the recently updated go > 1.21. > > This new 2.1.5 release was specifically made to compile with go 1.21 and > new quic-go. > > changelog: > https://github.com/DNSCrypt/dnscrypt-proxy/releases/tag/2.1.5 > > I tested basic usage. This feature "New configuration directive: > tls_key_log_file" is broken because of dropping permissions and creating > the file with root. I will report upstream.
This keylog feature spreads like a cancer... There are plans to turn it into an RFC. Amusingly, it underlies the glorious nginx hack to support QUIC with vanilla OpenSSL (which won't have usable QUIC support anytime soon.) ok tb
