Add a CA bundle for CURL

2025-08-16 08:06:19 +00:00 · 2020-07-11 15:40:50 -07:00 · 2020-07-11 15:40:50 -07:00 · 232e3c57f3
commit 232e3c57f3
parent fbc1e83ebe
3 changed files with 3471 additions and 3 deletions
--- a/http.cpp
+++ b/http.cpp
@ -5,6 +5,7 @@
 #include <http.h>
 #include <errors.h>
 #include <string.h>
+#include <sys/mount.h>

 #include <mkcert.h>
 #include <openssl/bio.h>
@ -101,6 +102,9 @@ void MoonlightInstance::NvHTTPInit(int32_t callbackId, pp::VarArray args)
    std::string _key = args.Get(1).AsString();
    std::string _uniqueId = args.Get(2).AsString();

+    // Mount resource directory where CA bundle resides
+    mount("static/curl", "/curl", "httpfs", 0, "");
+
    // This will initialize OpenSSL
    curl_global_init(CURL_GLOBAL_DEFAULT);

--- a/libgamestream/http.c
+++ b/libgamestream/http.c
@ -67,9 +67,7 @@ int http_request(const char* url, const char* ppkstr, PHTTP_DATA data) {
  if (!curl)
    return GS_FAILED;

-  curl_easy_setopt(curl, CURLOPT_SSLENGINE_DEFAULT, 1L);
-  curl_easy_setopt(curl, CURLOPT_SSLCERTTYPE,"PEM");
-  curl_easy_setopt(curl, CURLOPT_SSLKEYTYPE, "PEM");
+  curl_easy_setopt(curl, CURLOPT_CAINFO, "/curl/ca-bundle.crt");
  curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, _write_curl);
  curl_easy_setopt(curl, CURLOPT_FAILONERROR, 1L);
  curl_easy_setopt(curl, CURLOPT_SSL_CTX_FUNCTION, *sslctx_function);
--- a/static/curl/ca-bundle.crt
+++ b/static/curl/ca-bundle.crt