Hi all, During routine examination of thread dumps I noticed a stack trace you may find interesting. Relevant part:
java.lang.Thread.State: RUNNABLE ... at java.lang.IllegalStateException.<init>(java.base@11.0.11/Unknown Source) at javax.crypto.Cipher.checkCipherState(java.base@11.0.11/Unknown Source) at javax.crypto.Cipher.doFinal(java.base@11.0.11/Unknown Source) at sun.security.ssl.SSLCipher$T12GcmReadCipherGenerator$GcmReadCipher.dispose(java.base@11.0.11/Unknown Source) at sun.security.ssl.InputRecord.changeReadCiphers(java.base@11.0.11/Unknown Source) at sun.security.ssl.ChangeCipherSpec$T10ChangeCipherSpecConsumer.consume(java.base@11.0.11/Unknown Source) ... All handshakes that negotiate GCM ciphers throw and catch an exception, because the newly created cipher is disposed before use. I believe this is caused by this line of code: https://github.com/openjdk/jdk/blob/739769c8fc4b496f08a92225a12d07414537b6c0/src/java.base/share/classes/sun/security/ssl/InputRecord.java#L125 I think it should read as follows: this.readCipher.dispose(); I can file a PR, just need help with JBS ID. Regards, Daniel