修正当进程句柄限制不足时，存在的随机关闭FD的问题并调整SSL关闭时的fd处理位置。

* 原实现在接收fd时，没有考虑可能只接收1个fd的情况。导致程序在接收1个fd时按2个fd处理，越界访问随机关闭fd。
* 现修正，接收2个一下fd时，关闭接收的fd。
* 同时调整SSL连接的FD关闭位置，改为在conn_private销毁时统一关闭，不在ssl部分关闭。

platform/src/acceptor_kni_v2.cpp

@@ -47,6 +47,8 @@ void acceptor_kni_v2_event(evutil_socket_t fd, short what, void * user)
     struct tfe_cmsg * cmsg = NULL;
 
 	int * __fds = NULL;
+	unsigned int __nr_fds = 0;
+
 	assert(__ctx != NULL && __ctx->thread == pthread_self());
 	assert(what & EV_READ);
 
@@ -91,11 +93,19 @@ void acceptor_kni_v2_event(evutil_socket_t fd, short what, void * user)
 		TFE_LOG_ERROR(__ctx->logger, "failed at fetch CMSG_FIRSTHDR() from incoming fds.");
 		goto __drop_recieved_fds;
 	}
-	
-	__fds = (int *) (CMSG_DATA(__cmsghdr));
-	if (unlikely(__fds == NULL))
+
+	switch(__cmsghdr->cmsg_len)
 	{
-		TFE_LOG_ERROR(__ctx->logger, "failed at fetch CMSG_DATA() from incoming fds.");
+		case CMSG_LEN(0 * sizeof(int)): { __nr_fds = 0; break;}
+		case CMSG_LEN(1 * sizeof(int)): { __nr_fds = 1; break;}
+		case CMSG_LEN(2 * sizeof(int)): { __nr_fds = 2; break; }
+		default: assert(0);
+	}
+
+	__fds = (int *) (CMSG_DATA(__cmsghdr));
+	if (unlikely(__fds == NULL || __nr_fds < 2))
+	{
+		TFE_LOG_ERROR(__ctx->logger, "No available file descriptors, drop the incoming fds.");
 		goto __drop_recieved_fds;
 	}
 
@@ -120,9 +130,13 @@ __die:
     return;
 
 __drop_recieved_fds:
-	TFE_PROXY_STAT_INCREASE(STAT_FD_CLOSE_BY_KNI_ACCEPT_FAIL, 2);
-	if (__fds != NULL) evutil_closesocket(__fds[0]);
-	if (__fds != NULL) evutil_closesocket(__fds[1]);
+	TFE_PROXY_STAT_INCREASE(STAT_FD_CLOSE_BY_KNI_ACCEPT_FAIL, __nr_fds);
+	for (unsigned int i = 0;  i < __nr_fds; i++)
+	{
+		evutil_closesocket(__fds[i]);
+	}
+
+	assert(__nr_fds <= 2);
 }
 
 void * acceptor_kni_v2_event_thread_entry(void * args)