#pragma once

struct ssl_stream;

enum ssl_stream_action
{
	SSL_ACTION_PASSTHROUGH,
	SSL_ACTION_INTERCEPT,
	SSL_ACTION_SHUTDOWN
};
typedef enum ssl_stream_action ssl_stream_new_hook(struct ssl_stream *upstream, void* u_para);

enum SSL_STREAM_OPT
{
	SSL_STREAM_OPT_IS_EV_CERT,				//0:FALSE, 1:TRUE.
	SSL_STREAM_OPT_IS_CT_CERT,				//0:FALSE, 1:TRUE.
	SSL_STREAM_OPT_IS_MUTUAL_AUTH,			//0:FALSE, 1:TRUE.
	SSL_STREAM_OPT_PINNING_STATUS,			//0:FALSE, 1:TRUE.
	SSL_STREAM_OPT_NO_VERIFY_SELF_SIGNED,	//VALUE is an interger, SIZE=sizeof(int). 1:ON, 0:OFF. DEFAULT:0.
	SSL_STREAM_OPT_NO_VERIFY_COMMON_NAME,	//VALUE is an interger, SIZE=sizeof(int). 1:ON, 0:OFF. DEFAULT:1.
	SSL_STREAM_OPT_NO_VERIFY_ISSUER,		//VALUE is an interger, SIZE=sizeof(int). 1:ON, 0:OFF. DEFAULT:0.
	SSL_STREAM_OPT_NO_VERIFY_EXPIRY_DATE,	//VALUE is an interger, SIZE=sizeof(int). 1:ON, 0:OFF. DEFAULT:0.
	SSL_STREAM_OPT_BLOCK_FAKE_CERT,		//VALUE is an interger, SIZE=sizeof(int). 1:PASSTHROUGH, 0:BLOCK. DEFAULT:1.
	SSL_STREAM_OPT_PROTOCOL_MIN_VERSION,
	SSL_STREAM_OPT_PROTOCOL_MAX_VERSION,
	SSL_STREAM_OPT_KEYRING_ID
};
int sslver_str2num(const char * version_str);

//s_stream must be upstream.
int ssl_stream_set_integer_opt(struct ssl_stream *upstream, enum SSL_STREAM_OPT  opt_type, int opt_val);
int ssl_stream_get_integer_opt(struct ssl_stream *upstream, enum SSL_STREAM_OPT  opt_type, int *opt_val);