Hi Daniel,
Thank you for the nice catch! I filed a JBS bug:
https://bugs.openjdk.java.net/browse/JDK-8275811
It would be nice if you could also update similar issues in (DTLS)OutRecord
files.
Thanks,
Xuelei
On Oct 22, 2021, at 8:14 AM, Daniel Jeliński
<[email protected]<mailto:[email protected]>> wrote:
Hi all,
During routine examination of thread dumps I noticed a stack trace you
may find interesting. Relevant part:
java.lang.Thread.State: RUNNABLE
...
at java.lang.IllegalStateException.<init>([email protected]/Unknown Source)
at javax.crypto.Cipher.checkCipherState([email protected]/Unknown Source)
at javax.crypto.Cipher.doFinal([email protected]/Unknown Source)
at
sun.security.ssl.SSLCipher$T12GcmReadCipherGenerator$GcmReadCipher.dispose([email protected]/Unknown
Source)
at sun.security.ssl.InputRecord.changeReadCiphers([email protected]/Unknown
Source)
at
sun.security.ssl.ChangeCipherSpec$T10ChangeCipherSpecConsumer.consume([email protected]/Unknown
Source)
...
All handshakes that negotiate GCM ciphers throw and catch an
exception, because the newly created cipher is disposed before use.
I believe this is caused by this line of code:
https://github.com/openjdk/jdk/blob/739769c8fc4b496f08a92225a12d07414537b6c0/src/java.base/share/classes/sun/security/ssl/InputRecord.java#L125
I think it should read as follows:
this.readCipher.dispose();
I can file a PR, just need help with JBS ID.
Regards,
Daniel
