Merge pull request #205 from sstefonic/handshakeFailureClose

Close socket if handshake fails
wolfSSL · Jun 27, 2024 · a352475 · a352475
2 parents 910b612 + ab159d4
commit a352475
Showing 1 changed file with 16 additions and 0 deletions.
diff --git a/src/java/com/wolfssl/provider/jsse/WolfSSLSocket.java b/src/java/com/wolfssl/provider/jsse/WolfSSLSocket.java
@@ -1297,6 +1297,18 @@ public synchronized SSLSession getSession() {
             /* Log error, but continue. Session returned will be empty */
             WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO,
                 "Handshake attempt failed in SSLSocket.getSession()");
+
+            /* close SSLSocket */
+            try {
+                close();
+            } catch (Exception ex) {
+                WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO,
+                    "close attempt failed in SSLSocket.getSession(): " + ex);
+            }
+
+            /* return invalid session object with cipher suite
+             * "SSL_NULL_WITH_NULL_NULL" */
+            return new WolfSSLImplementSSLSession(this.authStore);
         }
 
         return EngineHelper.getSession();
@@ -1446,13 +1458,17 @@ public synchronized void startHandshake() throws IOException {
             } catch (SocketTimeoutException e) {
                 WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO,
                     "got socket timeout in doHandshake()");
+                /* close socket if the handshake is unsuccessful */
+                close();
                 throw e;
             }
 
             if (ret != WolfSSL.SSL_SUCCESS) {
                 int err = ssl.getError(ret);
                 String errStr = WolfSSL.getErrorString(err);
 
+                /* close socket if the handshake is unsuccessful */
+                close();
                 throw new SSLHandshakeException(errStr + " (error code: " +
                     err + ", TID " + Thread.currentThread().getId() + ")");
             }