Description:
ExportControlled.transformSocketToSSLSocket() method used during handshake to establish safe connection. It properly sets SSLSocket mysqlIO.mysqlConnection and it's mysqlIO.mysqlInput and mysqlIO.mysqlOutput streams.

However at the final stage of handshake MysqlIO does:
this.mysqlConnection = this.socketFactory.afterHandshake()

where socketFactory remains the initial non-SSL factory. So connection loses reference to SSLSocket here and can't close it explicitly with abortInternal() or realClose() methods and also sets socket timeout on a wrong socket.

However this doesn't lead to non-SSL exchange after SSL handshake because references to i/o streams are not changed.

Additionally we lose the timeouts logic implemented in StandardSocketFactory if use SSL sockets, it's just not implemented for SSL socket factory.

How to repeat:
Debug.

Suggested fix:
1. ExportControlled.transformSocketToSSLSocket() should set actual value to mysqlIO.socketFactory so that afterHandshake() will be called on proper object.
2. Implement timeouts logic for SSL sockets similar to usual ones.

Added the following entry to the Connector/J 5.1.31 changelog:

"After a non-SSL socket had been transformed into an SSL socket, Connection was still keeping its reference to the wrapped, non-SSL socket, failing to recognize that the type of connection had been changed. This fix creates a new StandardSSLSocketFactory class, which implements SocketFactory and wraps the initial SocketFactory.afterHandshake() method. MysqlIO.socketFactory was replaced after the socket transformation, so that afterHandshake() is performed on the old factory but returns the new socket."