Fix for qh3 v1.0+ no longer support passing cryptography certificate …

…objects within a QuicConfiguration object
apptim · May 9, 2024 · 50301c8 · 50301c8
1 parent d46d026
commit 50301c8
Showing 1 changed file with 8 additions and 4 deletions.
diff --git a/pymobiledevice3/remote/core_device_tunnel_service.py b/pymobiledevice3/remote/core_device_tunnel_service.py
@@ -29,7 +29,7 @@
 from construct import Enum as ConstructEnum
 from construct import GreedyBytes, GreedyRange, Int8ul, Int16ub, Int64ul, Prefixed, Struct
 from cryptography.hazmat.primitives import hashes
-from cryptography.hazmat.primitives._serialization import Encoding, PublicFormat
+from cryptography.hazmat.primitives._serialization import Encoding, PublicFormat, PrivateFormat, NoEncryption
 from cryptography.hazmat.primitives.asymmetric import rsa
 from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PrivateKey
 from cryptography.hazmat.primitives.asymmetric.rsa import RSAPrivateKey
@@ -204,7 +204,10 @@ def __init__(self, quic: QuicConnection, stream_handler: Optional[QuicStreamHand
         self._keep_alive_task = None
 
     async def wait_closed(self) -> None:
-        await QuicConnectionProtocol.wait_closed(self)
+        try:
+            await QuicConnectionProtocol.wait_closed(self)
+        except asyncio.CancelledError:
+            pass
 
     async def send_packet_to_device(self, packet: bytes) -> None:
         self._quic.send_datagram_frame(packet)
@@ -360,13 +363,14 @@ async def start_quic_tunnel(
         configuration = QuicConfiguration(
             alpn_protocols=['RemotePairingTunnelProtocol'],
             is_client=True,
-            certificate=cert,
-            private_key=private_key,
             verify_mode=VerifyMode.CERT_NONE,
             verify_hostname=False,
             max_datagram_frame_size=RemotePairingQuicTunnel.MAX_QUIC_DATAGRAM,
             idle_timeout=max_idle_timeout
         )
+        configuration.load_cert_chain(cert.public_bytes(Encoding.PEM),
+                                      private_key.private_bytes(Encoding.PEM, PrivateFormat.TraditionalOpenSSL,
+                                                                NoEncryption()).decode())
         configuration.secrets_log_file = secrets_log_file
 
         host = self.service.address[0]