Is the x86_64-win32 libcurl release compiled with ca-cert-bundle?

[matt1309]

Hi Folks,

Want to start by saying love the project (only just discovered but very cool how you've opened up the curl impersonate even further to make on the fly customization even easier).

I'm having issues with certificate errors.

Is this because the files in the releases section were built without cert bundle or is it likely a miss-configuration on my end.
I wasn't sure if i maybe needed to add "-lboringssl" to my linker settings on compilation (Testing using windows mingw64 with vs code)

Error: 0x23e6c979530SSL peer certificate or SSH remote key was not OK

(This solves it but feels like it defeats the purpose: curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L); )

Edit: the below is a the rough outline of what I'm using in my program, I have other code around it but I believe this is the only curl impersonate relevant parts

void chrome::init()
{
    if (ready == false)
    {
#ifdef _WIN32
        HMODULE curlLib = LoadLibraryW(L"libcurl.dll");
#else
        void *curlLib = dlopen("chrome/libcurl.so", RTLD_NOW | RTLD_GLOBAL);
#endif
        if (curlLib)
        {
            using CurlEasyInit = CURL *(*)();
#ifdef _WIN32
            CurlEasyInit curlEasyInit = (CurlEasyInit)GetProcAddress(curlLib, "curl_easy_init");
#else
            CurlEasyInit curlEasyInit = (CurlEasyInit)dlsym(curlLib, "curl_easy_init");
#endif
            if (curlEasyInit)
            {
                curl = curlEasyInit();
                ready = (curl != nullptr);
            }
        }
    }
}

std::pair<std::string, std::string> chrome::runCurl(const std::string& url, const std::string& method, const std::string& requestData, bool firstrun, long timeout)
{
    std::string responseData;
    std::string error;

    // Initialize libcurl if not already initialized
    if (!curl)
    {
        curl = curl_easy_init();
    }

    if (curl)
    {
        // Set URL
        std::cout << url << std::endl;
        curl_easy_setopt(curl, CURLOPT_URL, url.c_str());

        // Set method (GET or POST)
        if (method == "POST")
        {
            curl_easy_setopt(curl, CURLOPT_POST, 1L);

            if (!requestData.empty())
            {
                curl_easy_setopt(curl, CURLOPT_POSTFIELDS, requestData.c_str());
            }
        }
        else if (method != "GET")
        {
            error = "Invalid method. Only GET and POST supported.";
            return std::make_pair(responseData, error);
        }

        // Set data callback function
        curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, WriteCallback);
        curl_easy_setopt(curl, CURLOPT_WRITEDATA, &responseData);

        curl_easy_setopt(curl, CURLOPT_TIMEOUT, timeout);

        // Perform the request
        CURLcode res = curl_easy_perform(curl);

        if (res != CURLE_OK)
        {
            if (res == CURLE_OPERATION_TIMEDOUT)
            {
                error = "Timeout error";
            }
            else
            {
                error = curl_easy_strerror(res);
            }
        }
        else
        {
            error = "Ok";
        }
    }
    else
    {
        error = "Failed to initialize libcurl.";
    }

    std::cout << error << std::endl;
    std::cout << responseData << std::endl;

    return std::make_pair(error, responseData);
}

size_t chrome::WriteCallback(void *contents, size_t size, size_t nmemb, std::string *data)
{
    size_t totalSize = size * nmemb;
    data->append(static_cast<char *>(contents), totalSize);
    return totalSize;
}

[perklet]

The binaries for Windows is built with the build.sh script. I think the boringssl lib should be bundled with this line:

https://github.com/yifeikong/curl-impersonate/blob/2ab56d9b674d03c6219ce335af1e6d0a93223463/win/build.sh#L38

My only usecase is to bundle the libcurl.dll inside curl_cffi package, in which I always explicitly set the cert path provided by the certifi python package. I guess you should probably set the cert path to the system's cert store or some pem file that you prepared for this.