[Twisted-Python] TLSMemoryBIOProtocol _shutdownTLS what to do when not successfull

exarkun at twistedmatrix.com exarkun at twistedmatrix.com
Wed Jan 16 12:03:45 EST 2013

On 03:47 pm, adi at roiban.ro wrote:
>Here is this code in t.p.t.TLSMemoryBIOProtocol
>    def _shutdownTLS(self):
>        """
>        Initiate, or reply to, the shutdown handshake of the TLS layer.
>        """
>        self._flushSendBIO()
>        shutdownSuccess = self._tlsConnection.shutdown()
>        self._flushSendBIO()

This isn't actually how this method is implemented in trunk at HEAD.  I 
didn't search through its entire revision history to see if it was ever 
implemented this way, but I don't think it was. :)

Can you produce this behavior with the latest Twisted release, 
>        if shutdownSuccess:
>            # Both sides have shutdown, so we can start closing lower- 
>            # transport. This will also happen if we haven't started
>            # negotiation at all yet, in which case shutdown succeeds
>            # immediately.
>            self.transport.loseConnection()
>> From my tests using Curl as a client, self._tlsConnection.shutdown()
>always returns False.

Can you share a minimal server which demonstrates this?  Also, an exact 
curl command line would be handy.
>I need to call
>self._tlsConnection.set_shutdown(SENT_SHUTDOWN | RECEIVED_SHUTDOWN)

Just so everyone's clear, this isn't really a solution.  It's roughly 
the same as not calling shutdown at all, just calling loseConnection.
>How should the connection be handled when
>self._tlsConnection.shutdown() returns False?

The connection should wait for the peer to call shutdown as well and 
then close the connection.  This is what the `ZeroReturnError` handling 
in `dataReceived` is for.
>> From my tests, it looks like when shutdownSuccess is False, the
>self.transport.loseConnection() is never closed.

That's right.  But shutdownSuccess is sometimes expected to be true.


More information about the Twisted-Python mailing list