From 89a9f49cf92264692f6828007c0c00cf361c66a8 Mon Sep 17 00:00:00 2001
From: quindecim <49964366+quindecim@users.noreply.github.com>
Date: Fri, 26 May 2023 23:17:11 +0200
Subject: [PATCH] Add suport for TLS key logging

https://github.com/DNSCrypt/dnscrypt-proxy/commit/0c26d1637a8628425476f09c6f27bdbc15116d06
---
 config/dnscrypt-proxy.toml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/config/dnscrypt-proxy.toml b/config/dnscrypt-proxy.toml
index 68e492c..533d6db 100644
--- a/config/dnscrypt-proxy.toml
+++ b/config/dnscrypt-proxy.toml
@@ -223,6 +223,14 @@ dnscrypt_ephemeral_keys = true
 # tls_cipher_suite = [52392, 49199]
 
 
+## Log TLS key material to a file, for debugging purposes only.
+## This file will contain the TLS master key, which can be used to decrypt
+## all TLS traffic to/from DoH servers.
+## Never ever enable except for debugging purposes with a tool such as mitmproxy.
+
+# tls_key_log_file = '/tmp/keylog.txt'
+
+
 ## Bootstrap resolvers
 ##
 ## These are normal, non-encrypted DNS resolvers, that will be only used