From 07a6c32e934ed20b4fbcaf3a980e9e518f1d493e Mon Sep 17 00:00:00 2001
From: Soner Tari <sonertari@gmail.com>
Date: Sat, 20 Apr 2019 01:13:06 +0300
Subject: [PATCH] Update documentation with PassSite option

---
 README.md  | 6 ++++++
 sslproxy.1 | 6 ++++++
 2 files changed, 12 insertions(+)

diff --git a/README.md b/README.md
index 923cce2..cd70b64 100644
--- a/README.md
+++ b/README.md
@@ -161,6 +161,12 @@ If enabled, the ValidateProto option validates protocols in proxy
 specifications. If a connection cannot pass protocol validation, then it is 
 terminated. This feature currently supports HTTP, POP3, and SMTP protocols.
 
+PassSite option allows certain SSL sites to be excluded from SSL inspection. 
+If a PassSite matches SNI or common names in the SSL certificate, the 
+connection is passed through the proxy without being diverted to the listening 
+program. For example, sites requiring client authentication can be added as 
+PassSite. Multiple sites can be defined, one on each line.
+
 Logging options include traditional SSLproxy connect and content log files as
 well as PCAP files and mirroring decrypted traffic to a network interface.
 Additionally, certificates, master secrets and local process information can be
diff --git a/sslproxy.1 b/sslproxy.1
index 21b7636..eb204f5 100644
--- a/sslproxy.1
+++ b/sslproxy.1
@@ -156,6 +156,12 @@ If enabled, the ValidateProto option validates protocols in proxy
 specifications. If a connection cannot pass protocol validation, then it is 
 terminated. This feature currently supports HTTP, POP3, and SMTP protocols.
 .LP
+PassSite option allows certain SSL sites to be excluded from SSL inspection. 
+If a PassSite matches SNI or common names in the SSL certificate, the 
+connection is passed through the proxy without being diverted to the listening 
+program. For example, sites requiring client authentication can be added as 
+PassSite. Multiple sites can be defined, one on each line.
+.LP
 Logging options include traditional SSLproxy connect and content log files as
 well as PCAP files and mirroring decrypted traffic to a network interface.
 Additionally, certificates, master secrets and local process information can be