为了识别第二种pinning：在tcp_stream的event callback中，若接收字节数为0，调用ssl_stream_process_zero_eof。

platform/src/ssl_stream.cpp

@@ -1182,6 +1182,24 @@ void ssl_stream_process_error(struct ssl_stream * s_stream, unsigned long sslerr
 	return;
 }
 
+void ssl_stream_process_zero_eof(struct ssl_stream * s_stream, struct ssl_mgr* mgr)
+{
+	struct ssl_upstream_parts* s_upstream=NULL;
+	if(s_stream->dir==CONN_DIR_UPSTREAM)
+	{
+		return;
+	}
+	assert(mgr==s_stream->mgr);
+	s_upstream=&s_stream->peer->up_parts;
+	if(s_upstream->verify_result.is_hostmatched && s_upstream->is_server_cert_verify_passed )
+	{
+		s_upstream->svc_status.pinning_status=PINNING_ST_MAYBE_PINNING;
+		ssl_stream_set_cmsg_integer(s_stream, TFE_CMSG_SSL_PINNING_STATE, PINNING_ST_MAYBE_PINNING);
+		ssl_service_cache_write(mgr->svc_cache, s_stream->peer->up_parts.client_hello, s_stream->tcp_stream->addr, &(s_stream->peer->up_parts.svc_status));
+	}
+	s_stream->error=SSL_STREAM_R_CLIENT_CLOSED;
+	return;
+}
 
 
 /*
@@ -1805,13 +1823,7 @@ static void ssl_client_connected_eventcb(struct bufferevent * bev, short events,
 	else if(events & BEV_EVENT_EOF)
 	{		
 		ATOMIC_INC(&(mgr->stat_val[SSL_DOWN_ERR]));	
-		if(s_upstream->verify_result.is_hostmatched && s_upstream->is_server_cert_verify_passed )
-		{
-			s_upstream->svc_status.pinning_status=PINNING_ST_MAYBE_PINNING;
-			ssl_stream_set_cmsg_integer(s_stream, TFE_CMSG_SSL_PINNING_STATE, PINNING_ST_MAYBE_PINNING);
-			ssl_service_cache_write(mgr->svc_cache, s_stream->peer->up_parts.client_hello, s_stream->tcp_stream->addr, &(s_stream->peer->up_parts.svc_status));
-		}
-		s_stream->error=SSL_STREAM_R_CLIENT_CLOSED;
+		ssl_stream_process_zero_eof(s_stream, mgr);
 	}
 	else if(events & BEV_EVENT_TIMEOUT)
 	{