允许设置证书校验选项。

platform/include/internal/ssl_stream.h

@@ -8,11 +8,23 @@
 struct ssl_stream;
 
 struct ssl_mgr;
+typedef void ssl_stream_new_cb(struct ssl_stream *, void* u_para);
+typedef void ssl_stream_free_cb(struct ssl_stream *, void* u_para);
+
 struct ssl_mgr * ssl_manager_init(const char * ini_profile, const char * section, struct event_base * ev_base_gc,
 	void * logger);
+//, ssl_stream_new_cb* new_func, ssl_stream_free_cb* free_func, void* u_para);
 void ssl_manager_destroy(struct ssl_mgr * mgr);
 void ssl_stream_log_error(struct bufferevent * bev, enum tfe_conn_dir dir, struct ssl_mgr* mgr);
 
+enum ssl_stream_action
+{
+	SSL_ACTION_PASSTHROUGH,
+	SSL_ACTION_INTERCEPT,
+	SSL_ACTION_SHUTDOWN
+};
+
+enum ssl_stream_action ssl_upstream_create_result_release_action(future_result_t * result);
 struct ssl_stream * ssl_upstream_create_result_release_stream(future_result_t * result);
 struct bufferevent * ssl_upstream_create_result_release_bev(future_result_t * result);
 void ssl_async_upstream_create(struct future * f, struct ssl_mgr * mgr, evutil_socket_t fd_upstream,
@@ -31,4 +43,6 @@ int ssl_manager_add_crl(struct ssl_mgr* mgr, const char* pem_file);
 int ssl_manager_del_crl(struct ssl_mgr* mgr, const char* pem_file);
 void ssl_manager_reset_trust_ca(struct ssl_mgr* mgr);
 
+//s_stream must be upstream.
+int ssl_stream_set_opt(struct ssl_stream *s_stream, enum SSL_STREAM_OPT  type, const void* value, size_t size);