- https://www.bamsoftware.com/software/dnstt/#download
- dnstt-20210812.zip (sig, key)
- https://repo.or.cz/dnstt.git/shortlog/refs/tags/v1.20220208.0
- CHANGELOG
-doh and -dot mode now use uTLS to camouflage their TLS Client Hello fingerprint. The fingerprint to use is chosen randomly from a weighted distribution. You can control this distribution using the new -utls option. Use -utls none to disable uTLS if you encounter TLS errors with your chosen server.
This change means that it is no longer possible to use a proxy in -doh mode by setting the HTTP_PROXY or HTTPS_PROXY environment variables; this was an undocumented side effect of using the Go net/http package with no TLS camouflage.
Earlier thread about the utls branch: