Ideas for developer meeting 2b: Teach TCP sockets that they are TLS proxies

Background:

This is a follow-on for Proposal 2 - it is for each of use TLS offloading
to external proxies.

When using external TLS/TCP bridges users encounter a mismatch when
the URI/socket matcher cannnot find a matching TLS socket. Users
can work around this by forcing t_relay_to but it is not a natural
map.

Some dancing with record-route headers is usually necessary

Proposal 2b
This proposal is to have a marker in config file on TCP listeners that
they are in fact proxy'd TLS connections. So the look-and-feel
should be TLS except that they skip mod_tls processing.

When the config searches for matching socket this type of TLS-proxy
will be found.

Benefits:

- can sidestep more exotic mod_tls problems with OpenSSL; user just
  offloads to HAProxy et al
- seamless config: these proxy'ied sockets have enough metadata that
  look like TLS socket for URIs, record-route etc handling

Richard (Shih-Ping)