From 50301c8fe17c94d76ffecbcbc07a5f08807d1101 Mon Sep 17 00:00:00 2001 From: Juan Date: Thu, 9 May 2024 15:53:08 -0300 Subject: [PATCH] Fix for qh3 v1.0+ no longer support passing cryptography certificate objects within a QuicConfiguration object --- pymobiledevice3/remote/core_device_tunnel_service.py | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/pymobiledevice3/remote/core_device_tunnel_service.py b/pymobiledevice3/remote/core_device_tunnel_service.py index cbe8cd32b..280ad5a01 100644 --- a/pymobiledevice3/remote/core_device_tunnel_service.py +++ b/pymobiledevice3/remote/core_device_tunnel_service.py @@ -29,7 +29,7 @@ from construct import Enum as ConstructEnum from construct import GreedyBytes, GreedyRange, Int8ul, Int16ub, Int64ul, Prefixed, Struct from cryptography.hazmat.primitives import hashes -from cryptography.hazmat.primitives._serialization import Encoding, PublicFormat +from cryptography.hazmat.primitives._serialization import Encoding, PublicFormat, PrivateFormat, NoEncryption from cryptography.hazmat.primitives.asymmetric import rsa from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PrivateKey from cryptography.hazmat.primitives.asymmetric.rsa import RSAPrivateKey @@ -204,7 +204,10 @@ def __init__(self, quic: QuicConnection, stream_handler: Optional[QuicStreamHand self._keep_alive_task = None async def wait_closed(self) -> None: - await QuicConnectionProtocol.wait_closed(self) + try: + await QuicConnectionProtocol.wait_closed(self) + except asyncio.CancelledError: + pass async def send_packet_to_device(self, packet: bytes) -> None: self._quic.send_datagram_frame(packet) @@ -360,13 +363,14 @@ async def start_quic_tunnel( configuration = QuicConfiguration( alpn_protocols=['RemotePairingTunnelProtocol'], is_client=True, - certificate=cert, - private_key=private_key, verify_mode=VerifyMode.CERT_NONE, verify_hostname=False, max_datagram_frame_size=RemotePairingQuicTunnel.MAX_QUIC_DATAGRAM, idle_timeout=max_idle_timeout ) + configuration.load_cert_chain(cert.public_bytes(Encoding.PEM), + private_key.private_bytes(Encoding.PEM, PrivateFormat.TraditionalOpenSSL, + NoEncryption()).decode()) configuration.secrets_log_file = secrets_log_file host = self.service.address[0]