From c8db5aa5f34fb4c24a4fbcdb572e008fb89fee34 Mon Sep 17 00:00:00 2001
From: Chris Conlon <chris@wolfssl.com>
Date: Wed, 15 May 2024 15:19:52 -0600
Subject: [PATCH] SSLEngine: correct return of ClosingConnection() to
 SSL_SUCCESS when ZERO_RETURN is received

---
 src/java/com/wolfssl/provider/jsse/WolfSSLEngine.java        | 5 +++--
 .../wolfssl/provider/jsse/WolfSSLImplementSSLSession.java    | 3 +++
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/java/com/wolfssl/provider/jsse/WolfSSLEngine.java b/src/java/com/wolfssl/provider/jsse/WolfSSLEngine.java
index 6d447f0..28e8b63 100644
--- a/src/java/com/wolfssl/provider/jsse/WolfSSLEngine.java
+++ b/src/java/com/wolfssl/provider/jsse/WolfSSLEngine.java
@@ -345,6 +345,7 @@ public class WolfSSLEngine extends SSLEngine {
     /**
      * Handles logic during shutdown
      *
+     * @return WolfSSL.SSL_SUCCESS on success, zero or negative on error
      * @throws SocketException if ssl.shutdownSSL() encounters a socket error
      */
     private synchronized int ClosingConnection() throws SocketException {
@@ -374,11 +375,11 @@ public class WolfSSLEngine extends SSLEngine {
         synchronized (ioLock) {
             ret = ssl.shutdownSSL();
             if (ssl.getError(ret) == WolfSSL.SSL_ERROR_ZERO_RETURN) {
-                /* got close_notify alert, reset ret to 0 to continue
+                /* got close_notify alert, reset ret to SSL_SUCCESS to continue
                  * and let corresponding close_notify to be sent */
                 WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO,
                     "ClosingConnection(), ssl.getError() is ZERO_RETURN");
-                ret = 0;
+                ret = WolfSSL.SSL_SUCCESS;
             }
         }
         UpdateCloseNotifyStatus();
diff --git a/src/java/com/wolfssl/provider/jsse/WolfSSLImplementSSLSession.java b/src/java/com/wolfssl/provider/jsse/WolfSSLImplementSSLSession.java
index a5bdf9f..9973adf 100644
--- a/src/java/com/wolfssl/provider/jsse/WolfSSLImplementSSLSession.java
+++ b/src/java/com/wolfssl/provider/jsse/WolfSSLImplementSSLSession.java
@@ -316,6 +316,9 @@ public class WolfSSLImplementSSLSession extends ExtendedSSLSession
      * Invalidate this session
      */
     public synchronized void invalidate() {
+        WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO,
+            "SSLSession.invalidate() called, invalidating session");
+
         this.valid = false;
     }