From 73375596de37324869446a0bf1ee68ca4b327f22 Mon Sep 17 00:00:00 2001
From: quindecim <quindecim@airmail.cc>
Date: Sun, 26 Apr 2020 18:08:52 -0400
Subject: [PATCH] [UPSTREAM] - (see description)

https://github.com/DNSCrypt/dnscrypt-proxy/commit/3775d592175db8085f56823530b5937fff416f11
https://github.com/DNSCrypt/dnscrypt-proxy/commit/3e264b9da9ae2cf7895a53f93b69b71787ad9059
---
 config/dnscrypt-proxy.toml         | 9 +++++----
 config/example-dnscrypt-proxy.toml | 9 +++++----
 2 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/config/dnscrypt-proxy.toml b/config/dnscrypt-proxy.toml
index f5daf35..fa4a1c6 100644
--- a/config/dnscrypt-proxy.toml
+++ b/config/dnscrypt-proxy.toml
@@ -637,14 +637,15 @@ fragments_blocked = ['cisco', 'cisco-ipv6', 'cisco-familyshield', 'cisco-familys
 
 
 
-################################
-#   TLS Client Authentication  #
-################################
+#################################################################
+#        Certificate-based client authentication for DoH        #
+#################################################################
 
+# Use a X509 certificate to authenticate yourself when connecting to DoH servers.
 # This is only useful if you are operating your own, private DoH server(s).
 # (for DNSCrypt, see the `query_meta` feature instead)
 
-[tls_client_auth]
+# [doh_client_x509_auth]
 
 # creds = [
 #    { server_name='myserver', client_cert='client.crt', client_key='client.key' }
diff --git a/config/example-dnscrypt-proxy.toml b/config/example-dnscrypt-proxy.toml
index 937aa23..7974296 100644
--- a/config/example-dnscrypt-proxy.toml
+++ b/config/example-dnscrypt-proxy.toml
@@ -637,14 +637,15 @@ fragments_blocked = ['cisco', 'cisco-ipv6', 'cisco-familyshield', 'cisco-familys
 
 
 
-################################
-#   TLS Client Authentication  #
-################################
+#################################################################
+#        Certificate-based client authentication for DoH        #
+#################################################################
 
+# Use a X509 certificate to authenticate yourself when connecting to DoH servers.
 # This is only useful if you are operating your own, private DoH server(s).
 # (for DNSCrypt, see the `query_meta` feature instead)
 
-[tls_client_auth]
+# [doh_client_x509_auth]
 
 # creds = [
 #    { server_name='myserver', client_cert='client.crt', client_key='client.key' }