1、增加证书校验；2、修改cert manager为key keeper。

platform/include/internal/cert.h

@@ -1,19 +0,0 @@
-#ifndef CERT_H
-#define CERT_H
-
-#include <openssl/ssl.h>
-#include <pthread.h>
-
-struct cert
-{
-	EVP_PKEY *key;
-	X509 *crt;
-	STACK_OF(X509) * chain;
-};
-struct cert_mgr;
-struct cert_mgr * cert_mgr_init(const char * profile, const char* section);
-struct cert* cert_mgr_query_result_release_cert(future_result_t* result);
-void cert_mgr_free_cert(struct cert* cert);
-void cert_mgr_async_query(struct future * future,	struct cert_mgr * mgr, int keyring_id,
-	X509 * origin_cert, struct event_base * evbase);
-#endif /* !CERT_H */

platform/include/internal/key_keeper.h

@@ -0,0 +1,21 @@
+#ifndef CERT_H
+#define CERT_H
+
+#include <openssl/ssl.h>
+#include <pthread.h>
+
+struct keyring
+{
+	EVP_PKEY *key;
+	X509 *cert;
+	STACK_OF(X509) * chain;
+};
+struct key_keeper;
+struct key_keeper * key_keeper_init(const char * profile, const char* section, void* logger);
+struct key_keeper * key_keeper_destroy(struct key_keeper *keeper);
+
+struct keyring* key_keeper_release_cert(future_result_t* result);
+void key_keeper_free_keyring(struct keyring* cert);
+void key_keeper_async_ask(struct future * f,	struct key_keeper * keeper, int keyring_id,
+	X509 * origin_cert,  int is_cert_valid, struct event_base * evbase);
+#endif /* !CERT_H */

platform/include/internal/ssl_stream.h

@@ -1,7 +1,6 @@
 #pragma once
 #include <event2/event.h>
 #include <tfe_future.h>
-#include <cert.h>
 #include <field_stat2.h>