mirror of
https://github.com/lwthiker/curl-impersonate.git
synced 2025-08-09 13:19:37 +00:00
8ffeb3ca56
Change the binary names of curl and libcurl as part of the curl build process by patching curl's build scripts. When running 'make' in the patched curl directory the resulting binaries will be already named 'curl-impersonate-ff' and 'curl-impersonate-chrome' (and the same for libcurl), thus saving the need for manually renaming them after the compilation. This also enables running 'make install' with curl's own Makefiles in order to install curl-impersonate.
134 lines
4.9 KiB
Docker
134 lines
4.9 KiB
Docker
#
|
|
# NOTE: THIS DOCKERFILE IS GENERATED FROM "Dockerfile.template" VIA
|
|
# "generate-dockerfiles.sh".
|
|
#
|
|
# PLEASE DO NOT EDIT IT DIRECTLY.
|
|
#
|
|
|
|
FROM alpine:3.15.0 as builder
|
|
|
|
WORKDIR /build
|
|
|
|
# Common dependencies
|
|
RUN apk add git build-base make cmake ninja curl zlib-dev patch linux-headers python3 python3-dev
|
|
|
|
# The following are needed because we are going to change some autoconf scripts,
|
|
# both for libnghttp2 and curl.
|
|
RUN apk add autoconf automake pkgconfig libtool
|
|
|
|
# Dependencies for building libnss
|
|
# See https://firefox-source-docs.mozilla.org/security/nss/build.html#mozilla-projects-nss-building
|
|
RUN apk add mercurial py3-pip clang-analyzer
|
|
|
|
|
|
# Download and compile libbrotli
|
|
ARG BROTLI_VERSION=1.0.9
|
|
RUN curl -L https://github.com/google/brotli/archive/refs/tags/v${BROTLI_VERSION}.tar.gz -o brotli-${BROTLI_VERSION}.tar.gz && \
|
|
tar xf brotli-${BROTLI_VERSION}.tar.gz
|
|
RUN cd brotli-${BROTLI_VERSION} && \
|
|
mkdir build && cd build && \
|
|
cmake -DCMAKE_BUILD_TYPE=Release -DCMAKE_INSTALL_PREFIX=./installed .. && \
|
|
cmake --build . --config Release --target install
|
|
|
|
# Needed for building libnss
|
|
RUN pip install gyp-next
|
|
|
|
ARG NSS_VERSION=nss-3.75
|
|
# This tarball is already bundled with nspr, a dependency of libnss.
|
|
ARG NSS_URL=https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_75_RTM/src/nss-3.75-with-nspr-4.32.tar.gz
|
|
|
|
# Download and compile nss.
|
|
RUN curl -o ${NSS_VERSION}.tar.gz ${NSS_URL}
|
|
RUN tar xf ${NSS_VERSION}.tar.gz && \
|
|
cd ${NSS_VERSION}/nss && \
|
|
# Hack to make nss compile on alpine with python3
|
|
ln -sf python3 /usr/bin/python && \
|
|
./build.sh -o --disable-tests --static
|
|
|
|
ARG NGHTTP2_VERSION=nghttp2-1.46.0
|
|
ARG NGHTTP2_URL=https://github.com/nghttp2/nghttp2/releases/download/v1.46.0/nghttp2-1.46.0.tar.bz2
|
|
|
|
# Download nghttp2 for HTTP/2.0 support.
|
|
RUN curl -o ${NGHTTP2_VERSION}.tar.bz2 -L ${NGHTTP2_URL}
|
|
RUN tar xf ${NGHTTP2_VERSION}.tar.bz2
|
|
|
|
# Patch nghttp2 pkg config file to support static builds.
|
|
COPY patches/libnghttp2-*.patch ${NGHTTP2_VERSION}/
|
|
RUN cd ${NGHTTP2_VERSION} && \
|
|
for p in $(ls libnghttp2-*.patch); do patch -p1 < $p; done && \
|
|
autoreconf -i && automake && autoconf
|
|
|
|
# Compile nghttp2
|
|
RUN cd ${NGHTTP2_VERSION} && \
|
|
./configure --with-pic && \
|
|
make && make install
|
|
|
|
# Download curl.
|
|
ARG CURL_VERSION=curl-7.81.0
|
|
RUN curl -o ${CURL_VERSION}.tar.xz https://curl.se/download/${CURL_VERSION}.tar.xz
|
|
RUN tar xf ${CURL_VERSION}.tar.xz
|
|
|
|
# Patch curl and re-generate the configure script
|
|
COPY patches/curl-*.patch ${CURL_VERSION}/
|
|
RUN cd ${CURL_VERSION} && \
|
|
for p in $(ls curl-*.patch); do patch -p1 < $p; done && \
|
|
autoreconf -fi
|
|
|
|
# Compile curl with nghttp2, libbrotli and nss (firefox) or boringssl (chrome).
|
|
# Enable keylogfile for debugging of TLS traffic.
|
|
RUN cd ${CURL_VERSION} && \
|
|
./configure --prefix=/build/install \
|
|
--enable-static \
|
|
--disable-shared \
|
|
--with-nghttp2=/usr/local \
|
|
--with-brotli=/build/brotli-${BROTLI_VERSION}/build/installed \
|
|
--with-nss=/build/${NSS_VERSION}/dist/Release \
|
|
CFLAGS="-I/build/${NSS_VERSION}/dist/public/nss -I/build/${NSS_VERSION}/dist/Release/include/nspr" \
|
|
USE_CURL_SSLKEYLOGFILE=true && \
|
|
make && make install
|
|
|
|
RUN mkdir out && \
|
|
cp /build/install/bin/curl-impersonate-ff out/ && \
|
|
ln -s curl-impersonate-ff out/curl-impersonate && \
|
|
strip out/curl-impersonate
|
|
|
|
RUN rm -Rf /build/install
|
|
|
|
# Re-compile libcurl dynamically
|
|
RUN cd ${CURL_VERSION} && \
|
|
./configure --prefix=/build/install \
|
|
--with-nghttp2=/usr/local \
|
|
--with-brotli=/build/brotli-${BROTLI_VERSION}/build/installed \
|
|
--with-nss=/build/${NSS_VERSION}/dist/Release \
|
|
CFLAGS="-I/build/${NSS_VERSION}/dist/public/nss -I/build/${NSS_VERSION}/dist/Release/include/nspr" \
|
|
USE_CURL_SSLKEYLOGFILE=true && \
|
|
make clean && make && make install
|
|
|
|
# Copy libcurl-impersonate and symbolic links
|
|
RUN cp -d /build/install/lib/libcurl-impersonate* /build/out
|
|
|
|
RUN ver=$(readlink -f curl-7.81.0/lib/.libs/libcurl-impersonate-ff.so | sed 's/.*so\.//') && \
|
|
major=$(echo -n $ver | cut -d'.' -f1) && \
|
|
ln -s "libcurl-impersonate-ff.so.$ver" "out/libcurl-impersonate.so.$ver" && \
|
|
ln -s "libcurl-impersonate.so.$ver" "out/libcurl-impersonate.so" && \
|
|
strip "out/libcurl-impersonate.so.$ver"
|
|
|
|
# Wrapper scripts
|
|
COPY curl_ff* out/
|
|
# Replace /bin/bash with /bin/ash
|
|
RUN sed -i 's@/bin/bash@/bin/ash@' out/curl_*
|
|
RUN chmod +x out/curl_*
|
|
|
|
# When using alpine, create a final, minimal image with the compiled binaries
|
|
# only.
|
|
FROM alpine:3.15.0
|
|
# curl tries to load the CA certificates for libnss.
|
|
# It loads them from /usr/lib/libnssckbi.so,
|
|
# which is supplied by 'nss' on alpine.
|
|
RUN apk add --no-cache nss
|
|
|
|
# Copy curl-impersonate from the builder image
|
|
COPY --from=builder /build/install /usr/local
|
|
# Wrapper scripts
|
|
COPY --from=builder /build/out/curl_* /usr/local/bin/
|