missing shutdown() traceback when TLS timeout only for HTTP/2

Question

I ran into this issue during my testing of django-channels and daphne (but the issue is not exclusive to them).

--- <exception caught here> ---
  File "/Users/****/lib/python3.6/site-packages/twisted/internet/base.py", line 896, in runUntilCurrent
    call.func(*call.args, **call.kw)
  File "/Users/****/lib/python3.6/site-packages/twisted/web/http.py", line 2288, in forceAbortClient
    self.transport.abortConnection()
  File "/Users/****/lib/python3.6/site-packages/twisted/protocols/tls.py", line 435, in abortConnection
    self._shutdownTLS()
  File "/Users/****/lib/python3.6/site-packages/twisted/protocols/tls.py", line 338, in _shutdownTLS
    shutdownSuccess = self._tlsConnection.shutdown()
builtins.AttributeError: 'NoneType' object has no attribute 'shutdown'

This is only the case when HTTP/2 is in use. HTTP1.1 works fine and I've never had an issue like this. I've done a bit of investigating and I've noticed that self._tlsConnection.shutdown() is called 2x, once when the timeout is exceeded and self._tlsConnection is set to None, then again for some unknown reason. I'm not knowledgeable enough in HTTP standards to know if this is expected behavior. Am I doing something wrong or is this a bug?

How to reproduce

Install Twisted with HTTP/2 and TLS support

pip install -U twisted[http2,tls]

Create TLS certificates

openssl genrsa -aes256 -passout pass:SuperSecretPassword -out server.key 2048
openssl req -new -key server.key -passin pass:SuperSecretPassword -out server.csr
openssl x509 -req -passin pass:SuperSecretPassword -days 1024 -in server.csr -signkey server.key -out server.crt
openssl rsa -in server.key -out server_no_pass.key -passin pass:SuperSecretPassword
mv server_no_pass.key server.key

Create a simple TLS server (it's not django-channels, it's klein, because this issue isn't exclusive to channels). This will start a server on https://0.0.0.0:9999

from klein import route, run

@route('/')
def hello(request):
    return 'hello'

run(endpoint_description='ssl:9999:interface=0.0.0.0:certKey=server.crt:privateKey=server.key')

On a web browser, go to https://localhost:9999. Open the developer tools and navigate to network tab. Enable the protocol option and ensure it's HTTP/2.0. I've tested on both Chrome and Firefox.

Wait a few minutes and the server will hit the traceback.

Pretty sure this is just a bug in Twisted. I almost posted a comment linking to #9462 but then I noticed who filed it. :) — Jean-Paul Calderone, Jun 11 '18 at 17:46
hah I wanted to put all this in the ticket but trac isn't logging me into github since yesterday. — notorious.no, Jun 11 '18 at 18:07
@Jean-PaulCalderone is there any way you could notify someone working on HTTP2 features about this issue? — notorious.no, Jun 11 '18 at 23:55

missing shutdown() traceback when TLS timeout only for HTTP/2

How to reproduce

0 Answers0