hoelee/curl-impersonate
1
0
Fork 0
mirror of https://github.com/lwthiker/curl-impersonate.git synced 2025-08-10 10:49:26 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
af38d2b626f7c0ef84cc9becb836d931e17c81b8
curl-impersonate/firefox/Dockerfile.alpine
lwthiker 768e37d194 Impersonate Firefox 98 
Add support for impersonating Firefox 98 released a few days ago. It has
the same TLS signature as Firefox 95 so the adaptation includes changing
the user-agent only. Upgrade the NSS version used to 3.75, even though
it's not strictly necessary.
2022-03-12 10:44:24 +02:00

132 lines
4.9 KiB
Docker
Raw Blame History

#
# NOTE: THIS DOCKERFILE IS GENERATED FROM "Dockerfile.template" VIA
# "generate-dockerfiles.sh".
#
# PLEASE DO NOT EDIT IT DIRECTLY.
#
FROM alpine:3.15.0 as builder
WORKDIR /build
# Common dependencies
RUN apk add git build-base make cmake ninja curl zlib-dev patch linux-headers python3 python3-dev
# The following are needed because we are going to change some autoconf scripts,
# both for libnghttp2 and curl.
RUN apk add autoconf automake pkgconfig libtool
# Dependencies for building libnss
# See https://firefox-source-docs.mozilla.org/security/nss/build.html#mozilla-projects-nss-building
RUN apk add mercurial py3-pip clang-analyzer
# Download and compile libbrotli
ARG BROTLI_VERSION=1.0.9
RUN curl -L https://github.com/google/brotli/archive/refs/tags/v${BROTLI_VERSION}.tar.gz -o brotli-${BROTLI_VERSION}.tar.gz && \
tar xf brotli-${BROTLI_VERSION}.tar.gz
RUN cd brotli-${BROTLI_VERSION} && \
mkdir build && cd build && \
cmake -DCMAKE_BUILD_TYPE=Release -DCMAKE_INSTALL_PREFIX=./installed .. && \
cmake --build . --config Release --target install
# Needed for building libnss
RUN pip install gyp-next
ARG NSS_VERSION=nss-3.75
# This tarball is already bundled with nspr, a dependency of libnss.
ARG NSS_URL=https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_75_RTM/src/nss-3.75-with-nspr-4.32.tar.gz
# Download and compile nss.
RUN curl -o ${NSS_VERSION}.tar.gz ${NSS_URL}
RUN tar xf ${NSS_VERSION}.tar.gz && \
cd ${NSS_VERSION}/nss && \
# Hack to make nss compile on alpine with python3
ln -sf python3 /usr/bin/python && \
./build.sh -o --disable-tests --static
ARG NGHTTP2_VERSION=nghttp2-1.46.0
ARG NGHTTP2_URL=https://github.com/nghttp2/nghttp2/releases/download/v1.46.0/nghttp2-1.46.0.tar.bz2
# Download nghttp2 for HTTP/2.0 support.
RUN curl -o ${NGHTTP2_VERSION}.tar.bz2 -L ${NGHTTP2_URL}
RUN tar xf ${NGHTTP2_VERSION}.tar.bz2
# Patch nghttp2 pkg config file to support static builds.
COPY patches/libnghttp2-*.patch ${NGHTTP2_VERSION}/
RUN cd ${NGHTTP2_VERSION} && \
for p in $(ls libnghttp2-*.patch); do patch -p1 < $p; done && \
autoreconf -i && automake && autoconf
# Compile nghttp2
RUN cd ${NGHTTP2_VERSION} && \
./configure --with-pic && \
make && make install
# Download curl.
ARG CURL_VERSION=curl-7.81.0
RUN curl -o ${CURL_VERSION}.tar.xz https://curl.se/download/${CURL_VERSION}.tar.xz
RUN tar xf ${CURL_VERSION}.tar.xz
# Patch curl and re-generate the configure script
COPY patches/curl-*.patch ${CURL_VERSION}/
RUN cd ${CURL_VERSION} && \
for p in $(ls curl-*.patch); do patch -p1 < $p; done && \
autoreconf -fi
# Compile curl with nghttp2, libbrotli and nss (firefox) or boringssl (chrome).
# Enable keylogfile for debugging of TLS traffic.
RUN cd ${CURL_VERSION} && \
./configure --enable-static \
--disable-shared \
--with-nghttp2=/usr/local \
--with-brotli=/build/brotli-${BROTLI_VERSION}/build/installed \
--with-nss=/build/${NSS_VERSION}/dist/Release \
CFLAGS="-I/build/${NSS_VERSION}/dist/public/nss -I/build/${NSS_VERSION}/dist/Release/include/nspr" \
USE_CURL_SSLKEYLOGFILE=true && \
make
RUN mkdir out && \
cp ${CURL_VERSION}/src/curl out/curl-impersonate && \
strip out/curl-impersonate
# Re-compile libcurl dynamically
RUN cd ${CURL_VERSION} && \
./configure --with-nghttp2=/usr/local \
--with-brotli=/build/brotli-${BROTLI_VERSION}/build/installed \
--with-nss=/build/${NSS_VERSION}/dist/Release \
CFLAGS="-I/build/${NSS_VERSION}/dist/public/nss -I/build/${NSS_VERSION}/dist/Release/include/nspr" \
USE_CURL_SSLKEYLOGFILE=true && \
make clean && make
# Rename to 'libcurl-impersonate' to avoid confusion, and recreate the
# symbolic links.
RUN ver=$(readlink -f curl-7.81.0/lib/.libs/libcurl.so | sed 's/.*so\.//') && \
major=$(echo -n $ver | cut -d'.' -f1) && \
cp "${CURL_VERSION}/lib/.libs/libcurl.so.$ver" "out/libcurl-impersonate.so.$ver" && \
ln -s "libcurl-impersonate.so.$ver" "out/libcurl-impersonate.so.$major" && \
ln -s "libcurl-impersonate.so.$ver" "out/libcurl-impersonate.so" && \
strip "out/libcurl-impersonate.so.$ver"
# Wrapper scripts
COPY curl_ff* out/
# Replace /bin/bash with /bin/ash
RUN sed -i 's@/bin/bash@/bin/ash@' out/curl_*
RUN chmod +x out/curl_*
# When using alpine, create a final, minimal image with the compiled binaries
# only.
FROM alpine:3.15.0
# curl tries to load the CA certificates for libnss.
# It loads them from /usr/lib/libnssckbi.so,
# which is supplied by 'nss' on alpine.
RUN apk add --no-cache nss
# Copy curl-impersonate from the builder image
COPY --from=builder /build/out/curl-impersonate /usr/local/bin/
# Wrapper scripts
COPY --from=builder /build/out/curl_* /usr/local/bin/
# Copy libcurl-impersonate from the builder image
COPY --from=builder /build/out/libcurl-impersonate.so /usr/local/lib/
Reference in New Issue View Git Blame Copy Permalink