Merge branch 'main' into old-macos

.github/workflows/build-and-test-docker.yml

@@ -3,14 +3,17 @@ name: Docker images
 on:
   push:
     branches:
-      - main
-      - feature/*
-      - bugfix/*
+      - disabled
+      # - main
+      # - feature/*
+      # - bugfix/*
     tags:
-      - "v*.*.*"
+      - disabled
+      # - "v*.*.*"
   pull_request:
     branches:
-      - main
+      - disabled
+      # - main
 
 jobs:
   build-docker-and-test:

.github/workflows/build-and-test-make.yml

@@ -75,7 +75,7 @@ jobs:
           # Needed to compile 'minicurl'
           sudo apt-get install libcurl4-openssl-dev
           # More dependencies for the tests
-          sudo apt-get install tcpdump nghttp2-server libnss3
+          sudo apt-get install tcpdump nghttp2-server
 
       - name: Build zlib
         run: |
@@ -88,15 +88,27 @@ jobs:
           # Make sure curl will link with libz.so.1 and not libz.so
           rm -f ${{ runner.temp }}/zlib/lib/libz.so
 
+      - name: Build libzstd
+        run: |
+          curl -LO https://github.com/facebook/zstd/releases/download/v1.5.6/zstd-1.5.6.tar.gz
+          tar xf zstd-1.5.6.tar.gz
+          cd zstd-1.5.6
+          make
+          mkdir -p ${{ runner.temp }}/zstd/lib
+          mkdir -p ${{ runner.temp }}/zstd/include
+          # move libzstd to runner.temp
+          cp lib/libzstd.a lib/libzstd.so.1.5.6 lib/libzstd.mk lib/libzstd.pc lib/libzstd.pc.in ${{ runner.temp }}/zstd/lib/
+          cp lib/zstd.h ${{ runner.temp }}/zstd/include/
+
       - name: Run configure script
         run: |
           mkdir ${{ runner.temp }}/install
           ./configure --prefix=${{ runner.temp }}/install \
                       --host=${{ matrix.host }} \
                       --with-zlib=${{ runner.temp }}/zlib \
+                      --with-zstd=${{ runner.temp }}/zstd \
                       --with-ca-path=/etc/ssl/certs \
                       --with-ca-bundle=/etc/ssl/certs/ca-certificates.crt \
-                      --with-libnssckbi=/usr/lib/${{ matrix.host }}/nss
 
       # Cache the build of BoringSSL, which is the longest part of the build
       # We must cache the .zip as well, otherwise the Makefile will
@@ -160,6 +172,7 @@ jobs:
       - name: Create tar release files for libcurl-impersonate
         run: |
           cp ${{ runner.temp }}/zlib/lib/lib*.a ${{ runner.temp }}/install/lib
+          cp ${{ runner.temp }}/zstd/lib/lib*.a ${{ runner.temp }}/install/lib
           cp nghttp2*/installed/lib/lib*.a ${{ runner.temp }}/install/lib
           cp brotli*/out/installed/lib/lib*.a ${{ runner.temp }}/install/lib
           cp boringssl/build/lib/lib*.a ${{ runner.temp }}/install/lib
@@ -193,9 +206,9 @@ jobs:
           ./configure --prefix=${{ runner.temp }}/install --enable-static \
                       --host=${{ matrix.host }} \
                       --with-zlib=${{ runner.temp }}/zlib \
+                      --with-zstd=${{ runner.temp }}/zstd \
                       --with-ca-path=/etc/ssl/certs \
                       --with-ca-bundle=/etc/ssl/certs/ca-certificates.crt \
-                      --with-libnssckbi=/usr/lib/${{ matrix.host }}/nss
 
       - name: Rebuild statically
         run: |
@@ -233,7 +246,7 @@ jobs:
               ${{ env.release_file_bin }}
 
   build-and-test-macos:
-    name: (MacOS ${{ matrix.arch }}) Build curl-impersonate and run the tests
+    name: (macOS ${{ matrix.arch }}) Build curl-impersonate and run the tests
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
@@ -263,6 +276,8 @@ jobs:
           brew install curl
           # More dependencies for the tests
           brew install tcpdump nghttp2
+          # zstd
+          brew install zstd
 
       - name: Check out the repo
         uses: actions/checkout@v2
@@ -285,7 +300,7 @@ jobs:
       - name: Run configure script
         run: |
           mkdir ${{ runner.temp }}/install
-          ./configure --prefix=${{ runner.temp }}/install
+          ./configure LDFLAGS="-L$(brew --prefix zstd)/lib" CPPFLAGS="-I$(brew --prefix zstd)/include" --prefix=${{ runner.temp }}/install
 
       # Cache the build of BoringSSL, which is the longest part of the build
       # We must cache the .zip as well, otherwise the Makefile will
@@ -326,12 +341,12 @@ jobs:
 
       # For now we can only run the tests when not cross compiling, since the
       # tests run the curl-impersonate binary locally.
-      - name: Run the tests
-        run: |
-          cd tests
-          # sudo is needed for capturing packets
-          python_bin=$(which python3)
-          sudo $python_bin -m pytest . --log-cli-level DEBUG --install-dir ${{ runner.temp }}/install --capture-interface ${{ matrix.capture_interface }}
+      # - name: Run the tests
+      #   run: |
+      #     cd tests
+      #     # sudo is needed for capturing packets
+      #     python_bin=$(which python3)
+      #     sudo $python_bin -m pytest . --log-cli-level DEBUG --install-dir ${{ runner.temp }}/install --capture-interface ${{ matrix.capture_interface }}
 
        # Upload pre-compiled binaries to GitHub releases page and Github actions archives.
       - name: Create tar release files for libcurl-impersonate
@@ -360,7 +375,7 @@ jobs:
        # Recompile curl-impersonate statically when doing a release.
       - name: Reconfigure statically
         run: |
-          ./configure --prefix=${{ runner.temp }}/install --enable-static
+          ./configure LDFLAGS="-L$(brew --prefix zstd)/lib" CPPFLAGS="-I$(brew --prefix zstd)/include" --prefix=${{ runner.temp }}/install --enable-static
 
       - name: Rebuild statically
         run: |

.github/workflows/publish-docker-image.yml

@@ -5,7 +5,8 @@ name: Publish Docker image
 on:
   push:
     tags:
-      - 'v*'
+      - disabled
+      # - 'v*'
 
 jobs:
   push-docker-image:

INSTALL.md

@@ -8,7 +8,7 @@ There are currently three build options depending on your use case:
 * [Cross compiling](#cross-compiling) using an autotools-based Makefile
 * [Docker container build](#docker-build)
 
-There are two versions of `curl-impersonate` for technical reasons. The **chrome** version is used to impersonate Chrome, Edge and Safari. The **firefox** version is used to impersonate Firefox.
+Unlike the upstream project, there is only one version in this fork, namely the Chrome version, for impersonating all main stream browsers.
 
 ## Native build
 
@@ -18,18 +18,14 @@ Install dependencies for building all the components:
 
 ```sh
 sudo apt install build-essential pkg-config cmake ninja-build curl autoconf automake libtool
-# For the Firefox version only
-sudo apt install python3-pip libnss3
-pip install gyp-next
-export PATH="$PATH:~/.local/bin" # Add gyp to PATH
-# For the Chrome version only
 sudo apt install golang-go unzip
+sudo apt install zstd libzstd-dev
 ```
 
 Clone this repository:
 
 ```sh
-git clone https://github.com/lwthiker/curl-impersonate.git
+git clone https://github.com/yifeikong/curl-impersonate.git
 cd curl-impersonate
 ```
 
@@ -38,10 +34,7 @@ Configure and compile:
 ```sh
 mkdir build && cd build
 ../configure
-# Build and install the Firefox version
-make firefox-build
-sudo make firefox-install
-# Build and install the Chrome version
+# Build and install
 make chrome-build
 sudo make chrome-install
 # You may need to update the linker's cache to find libcurl-impersonate
@@ -55,14 +48,12 @@ This will install curl-impersonate, libcurl-impersonate and the wrapper scripts
 After installation you can run the wrapper scripts, e.g.:
 
 ```sh
-curl_ff98 https://www.wikipedia.org
-curl_chrome99 https://www.wikipedia.org
+curl_chrome119 https://www.wikipedia.org
 ```
 
 or run directly with you own flags:
 
 ```sh
-curl-impersonate-ff https://www.wikipedia.org
 curl-impersonate-chrome https://www.wikipedia.org
 ```
 
@@ -78,13 +69,7 @@ yum install cmake3 python3 python3-pip
 yum install ninja-build
 # OR
 pip3 install ninja
-```
-
-For the Firefox version, install NSS and gyp:
-
-```sh
-yum install nss nss-pem
-pip3 install gyp-next
+yum install zstd libzstd-devel
 ```
 
 For the Chrome version, install Go.
@@ -102,16 +87,14 @@ Install dependencies for building all the components:
 
 ```sh
 brew install pkg-config make cmake ninja autoconf automake libtool
-# For the Firefox version only
-brew install sqlite nss
-pip3 install gyp-next
-# For the Chrome version only
+brwe install zstd
 brew install go
 ```
 
 Clone this repository:
-```
-git clone https://github.com/lwthiker/curl-impersonate.git
+
+```sh
+git clone https://github.com/yifeikong/curl-impersonate.git
 cd curl-impersonate
 ```
 
@@ -120,10 +103,7 @@ Configure and compile:
 ```sh
 mkdir build && cd build
 ../configure
-# Build and install the Firefox version
-gmake firefox-build
-sudo gmake firefox-install
-# Build and install the Chrome version
+# Build and install
 gmake chrome-build
 sudo gmake chrome-install
 # Optionally remove all the build files
@@ -134,33 +114,14 @@ cd ../ && rm -Rf build
 
 To compile curl-impersonate statically with libcurl-impersonate, pass `--enable-static` to the `configure` script.
 
-### A note about the Firefox version
-
-The Firefox version compiles a static version of nss, Firefox's TLS library.
-For NSS to have a list of root certificates, curl attempts to load at runtime `libnssckbi`, one of the NSS libraries.
-If you get the error:
-
-```sh
-curl: (60) Peer's Certificate issuer is not recognized
-```
-
-or
-
-```sh
-curl: (77) Problem with the SSL CA cert (path? access rights?)
-```
-
-, make sure that NSS is installed (see above).
-If the issue persists it might be that NSS is installed in a non-standard location on your system.
-Please open an issue in that case.
 
 ## Cross compiling
 
 There is some basic support for cross compiling curl-impersonate.
 It is currently being used to build curl-impersonate for ARM64 (aarch64) systems from x86-64 systems.
 Cross compiling is similar to the usual build but a bit trickier:
 
-* You'd have to build zlib for the target architecture so that curl can link with it.
+* You'd have to build zlib and zstd for the target architecture so that curl can link with it.
 * Some paths have to be specified manually since curl's own build system can't determine their location.
 
 An example build for aarch64 on Ubuntu x86_64:
@@ -170,25 +131,21 @@ sudo apt-get install gcc-aarch64-linux-gnu g++-aarch64-linux-gnu
 
 ./configure --host=aarch64-linux-gnu \
             --with-zlib=/path/to/compiled/zlib \
+            --with-zstd=/path/to/compiled/zstd \
             --with-ca-path=/etc/ssl/certs \
-            --with-ca-bundle=/etc/ssl/certs/ca-certificates.crt \
-            --with-libnssckbi=/usr/lib/aarch64-linux-gnu/nss
+            --with-ca-bundle=/etc/ssl/certs/ca-certificates.crt
 
 make chrome-build
-make firefox-build
 ```
 
 The flags mean as follows:
-`--with-zlib` is the location of a compiled zlib library for the target architecture.
+`--with-zlib/zstd` is the location of a compiled zlib/zstd library for the target architecture.
 `--with-ca-path` and `--with-ca-bundle` will be passed to curl's configure script as is.
-`--with-libnssckbi` indicates the location of libnssckbi.so on the target system. This file contains the certificates needed by curl. This must be supplied if NSS is not installed in a standard location (i.e. not in `/usr/lib`).
 
 ## Docker build
 
 The Docker build is a bit more reproducible and serves as the reference implementation. It creates a Debian-based Docker image with the binaries.
 
-### Chrome version
-
 [`chrome/Dockerfile`](chrome/Dockerfile) is a debian-based Dockerfile that will build curl with all the necessary modifications and patches. Build it like the following:
 
 ```sh
@@ -202,21 +159,3 @@ The resulting binaries and libraries are in the `/usr/local` directory, which co
 * `libcurl-impersonate-chrome.so`, `libcurl-impersonate.so` - libcurl compiled with impersonation support. See [libcurl-impersonate](README.md#libcurl-impersonate) for more details.
 
 You can use them inside the docker, copy them out using `docker cp` or use them in a multi-stage docker build.
-
-### Firefox version
-
-Build with:
-
-```sh
-docker build -t curl-impersonate-ff firefox/
-```
-
-The resulting binaries and libraries are in the `/usr/local` directory, which contains:
-
-* `curl-impersonate-ff`, `curl-impersonate` - The curl binary that can impersonate Firefox. It is compiled statically against libcurl, nss, and libnghttp2 so that it won't conflict with any existing libraries on your system. You can use it from the container or copy it out. Tested to work on Ubuntu 20.04.
-* `curl_ff91esr`, `curl_ff95`, `...` - Wrapper scripts that launch `curl-impersonate` with all the needed flags.
-* `libcurl-impersonate-ff.so`, `libcurl-impersonate.so` - libcurl compiled with impersonation support. See [libcurl-impersonate](README.md#libcurl-impersonate) for more details.
-
-If you use it outside the container, install the following dependency:
-
-* `sudo apt install libnss3`.  Even though nss is statically compiled into `curl-impersonate`, it is still necessary to install libnss3 because curl dynamically loads `libnssckbi.so`, a file containing Mozilla's list of trusted root certificates. Alternatively, use `curl -k` to disable certificate verification.

LICENSE

@@ -1,6 +1,7 @@
 MIT License
 
 Copyright (c) 2022 lwthiker
+Copyright (c) 2024 yifeikong
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal