From b0e7bf31f82a36db4b6863c898b173de3da17618 Mon Sep 17 00:00:00 2001
From: Sage Stefonic <sstefonicca@gmail.com>
Date: Fri, 14 Jun 2024 15:01:36 -0700
Subject: [PATCH 1/2] close socket if handshake fails

---
 .../wolfssl/provider/jsse/WolfSSLSocket.java   | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/src/java/com/wolfssl/provider/jsse/WolfSSLSocket.java b/src/java/com/wolfssl/provider/jsse/WolfSSLSocket.java
index e2a3fc70..0692eda7 100644
--- a/src/java/com/wolfssl/provider/jsse/WolfSSLSocket.java
+++ b/src/java/com/wolfssl/provider/jsse/WolfSSLSocket.java
@@ -1297,6 +1297,20 @@ public synchronized SSLSession getSession() {
             /* Log error, but continue. Session returned will be empty */
             WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO,
                 "Handshake attempt failed in SSLSocket.getSession()");
+
+            /* close SSLSocket */
+            if (this.socket != null && !this.socket.isClosed()) {
+                try {
+                    close();
+                } catch (Exception ex) {
+                    WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO,
+                        "close attempt failed in SSLSocket.getSession(): " +
+                        ex);
+                }
+            }
+            /* return invalid session object with cipher suite
+             * "SSL_NULL_WITH_NULL_NULL" */
+            return new WolfSSLImplementSSLSession(this.authStore);
         }
 
         return EngineHelper.getSession();
@@ -1446,6 +1460,8 @@ public synchronized void startHandshake() throws IOException {
             } catch (SocketTimeoutException e) {
                 WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO,
                     "got socket timeout in doHandshake()");
+                /* close socket if the handshake is unsuccessful */
+                close();
                 throw e;
             }
 
@@ -1453,6 +1469,8 @@ public synchronized void startHandshake() throws IOException {
                 int err = ssl.getError(ret);
                 String errStr = WolfSSL.getErrorString(err);
 
+                /* close socket if the handshake is unsuccessful */
+                close();
                 throw new SSLHandshakeException(errStr + " (error code: " +
                     err + ", TID " + Thread.currentThread().getId() + ")");
             }

From ab159d4108a00fae5a7c45a98d7f533f2472d8ee Mon Sep 17 00:00:00 2001
From: Sage Stefonic <sstefonicca@gmail.com>
Date: Thu, 27 Jun 2024 11:12:06 -0700
Subject: [PATCH 2/2] remove check socket closed check

---
 .../com/wolfssl/provider/jsse/WolfSSLSocket.java   | 14 ++++++--------
 1 file changed, 6 insertions(+), 8 deletions(-)

diff --git a/src/java/com/wolfssl/provider/jsse/WolfSSLSocket.java b/src/java/com/wolfssl/provider/jsse/WolfSSLSocket.java
index 0692eda7..c2b1a001 100644
--- a/src/java/com/wolfssl/provider/jsse/WolfSSLSocket.java
+++ b/src/java/com/wolfssl/provider/jsse/WolfSSLSocket.java
@@ -1299,15 +1299,13 @@ public synchronized SSLSession getSession() {
                 "Handshake attempt failed in SSLSocket.getSession()");
 
             /* close SSLSocket */
-            if (this.socket != null && !this.socket.isClosed()) {
-                try {
-                    close();
-                } catch (Exception ex) {
-                    WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO,
-                        "close attempt failed in SSLSocket.getSession(): " +
-                        ex);
-                }
+            try {
+                close();
+            } catch (Exception ex) {
+                WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO,
+                    "close attempt failed in SSLSocket.getSession(): " + ex);
             }
+
             /* return invalid session object with cipher suite
              * "SSL_NULL_WITH_NULL_NULL" */
             return new WolfSSLImplementSSLSession(this.authStore);