业务层拦截策略（ssl policy)对接ssl stream。

platform/include/internal/ssl_stream.h

@@ -19,7 +19,8 @@ enum ssl_stream_action
 typedef enum ssl_stream_action ssl_stream_new_hook(struct ssl_stream *upstream, void* u_para);
 
 struct ssl_mgr * ssl_manager_init(const char * ini_profile, const char * section, struct event_base * ev_base_gc,
-	void * logger, ssl_stream_new_hook* hook_func, void* u_para);
+	void * logger);
+void ssl_manager_set_new_upstream_cb(struct ssl_mgr * mgr, ssl_stream_new_hook* new_upstream_cb, void* u_para);
 void ssl_manager_destroy(struct ssl_mgr * mgr);
 unsigned long ssl_stream_log_error(struct bufferevent * bev, enum tfe_conn_dir dir, struct ssl_mgr* mgr);
 
@@ -55,7 +56,7 @@ enum SSL_STREAM_OPT
 	SSL_STREAM_OPT_NO_VERIFY_COMMON_NAME,	//VALUE is an interger, SIZE=sizeof(int). 1:ON, 0:OFF. DEFAULT:1.
 	SSL_STREAM_OPT_NO_VERIFY_ISSUER,		//VALUE is an interger, SIZE=sizeof(int). 1:ON, 0:OFF. DEFAULT:0.
 	SSL_STREAM_OPT_NO_VERIFY_EXPIRY_DATE,	//VALUE is an interger, SIZE=sizeof(int). 1:ON, 0:OFF. DEFAULT:0.
-	SST_STREAM_OPT_VERIFY_FAIL_ACTION,		//VALUE is an interger, SIZE=sizeof(int). 1:PASSTHROUGH, 0:BLOCK. DEFAULT:1.
+	SSL_STREAM_OPT_BLOCK_FAKE_CERT,		//VALUE is an interger, SIZE=sizeof(int). 1:PASSTHROUGH, 0:BLOCK. DEFAULT:1.
 	SSL_STREAM_OPT_PROTOCOL_MIN_VERSION,
 	SSL_STREAM_OPT_PROTOCOL_MAX_VERSION	
 };