SSLproxy 0.8.6

This release focuses on PassSite rules:

• Use a new data structure for passsite filters, which should considerably improve the performance of passsite search
• Add support for passsite substring match, along with exact match
• Fix a multithreading issue in passsite search
• Fix passsite in split mode
• And variety of other improvements

PassSite rules can be used to pass certain SSL/TLS sites through sslproxy without being diverted or split. For example, many system services or applications on Android smartphones cannot connect to the Internet from behind sslproxy, because they reject the certificates forged by sslproxy, and adding the CA certificate used with sslproxy to the trusted CAs of the Android smartphone may not solve the problem. In such cases, you can use PassSite rules engaging passthrough mode for the target sites that those applications are trying to connect to, such as Google, Facebook, WhatsApp, Twitter, LinkedIn, and others.

So, SSLproxy can bypass such certificate issues thanks to the improved PassSite feature. However, PassSite rules should be used as a last resort, because connections to those target sites cannot be deep inspected (divert), nor content logged (divert/split) in passthrough mode.