[Networking] What is everyone using for SSL/TLS connections?

I had a hell of a time trying to get boost.asio and openssl working with UE4 today. I was able to get a connection going but as soon as I tried adding the ssl headers I got a bunch of conflicts between UE4 and openssl. I’m sure it’s just an issue with how I’m setting up the libraries but, before I go diving in, I was wondering if there was already a plugin or other third party networking library that others have had luck with. I noticed there’s a bunch of in development MMOxxx games people are working on so I was thinking there should already be something out there but a search turned up anything solid. Thanks for any help.

I’m not 100% on C++ networking but I’d say check out the ShooterGame Example on the Marketplace to see how they do it.

SSL Connection can be done via HTTPRequest object.
You have some sample in OnlineSubsystem implementation code in the C++ Engine Source.

Hey thanks for the replies. The ShooterGame example is just using the replication module. Looks like a combination of TCP and UDP but not seeing any encryption or access to sockets.

I looked at HTTPRequest and the VaRest plugin which says it supports HTTP/S but its a bit too high level and I didn’t see any SSL or certificate support. What I’m really looking for is just access to a socket where I can set an SSL Context (with server certificate authentication), handle the connect and ssl handshake, and start streaming bytes. I was hoping there would already be support for this since it’s a common enough use case.

I’ll give GnuTLS a try since I’ve still had no luck with openssl. If anyone else has been able to successfully set up an ssl socket in UE I’d appreciate any help.

You should look deeper in the engine source as OpenSSL is already there. I bet HTTPRequest is build onto it via libcurl. There 2 library are classic one to manage http & https.

If you look into the thirdparties library you have it.

HTTPRequest objects already support SSL by making sure your URL uses the https for the protocol. Game connections do not use SSL as that would be too slow for a fast paced network game.

Hey Joe, thanks for the help! I should have looked at the source before coming here. I’m digging in now. Awesome you guys already have openssl as a module. That would definitely explain the issues I was having. I’m still not sure HTTPRequest has what I’m looking for though. I need something like this A new, community-hosted Unreal Engine Wiki - Announcements - Epic Developer Community Forums
but using OpenSSL.

Just to be clear, I’m not using this for actual gameplay networking. I plan on using your excellent replication system for that. This is just for the login system and menu server. Can’t just transmit emails and passwords in plaintext. Or be like Yik Yakand forget to authenticate the server.

Alrighty, I finally got this thing working. :slight_smile: So the goal was to setup a TCP client on a UE project, send and receive raw byte data to a remote TCP server, do it securely using SSL/TLS, and authenticate the server using a certificate. Thanks to Elvince for pointing me in the right direction. UE does have a OpenSSL module included which will save you the hassle of building it yourself. Here some of things I figured out and issues I had to work around to get the client to build. I’m pretty new with the UE architecture so if I got something wrong or if there’s an easier workaround please correct me.

  1. FSocket does not have any built in support for a SSL/TLS layer. I think the “correct” way to go about this would be to create an SSL implementation of FSocket but I already had boost.asio setup so I went with that for now.

  2. Setting up boost.asio was pretty straightforward. gives a good overview for setting up third party libraries. Remember to add

to boost/config/user.hpp so you’re not pulling in libraries you don’t need.

  1. The OpenSSL module is located in the Engine under Source/ThirdParty/OpenSSL. I’m not sure why but a lot of the modules under Source/ThirdParty don’t show up when downloading the engine through the launcher. Unfortunately OpenSSL is one of them so make sure you’re working with the github source.

  2. Just add OpenSSL as a dependency module. This’ll include the binaries and headers you need.

  1. There looks like a bug in the OpenSSL module. When including the openssl headers, the structure looks like “include/<headers>” but openssl expects the structure to be “include/openssl/<headers>”. Adding the openssl folder yourself and moving the headers over will get you past it.

  2. When compiling, I hit a bunch of redefinition errors. There’s a conflict between UE and openssl with a namespace/typedef called “UI”. I went into openssl/ossl_typ.h and openssl/ui.h and just renamed all references to “UI” to something else.

  3. when including boost.asio headers wrap it around the include windows type helpers.

At this point you should be good to go. There’s already a ton of boost.asio resources so I won’t go into how to set that up but I hope this helps anyone else that needs a secure connection and doesn’t want to go through HTTPS. I still want to implement this using FSocket so I can keep it all within the UE engine though and I’ll update this once I get that working.

1 Like

OpenSSL seems to suffer from Heart Bleed security vulnerability - Why??

I would really like to know why I run
“C:\Program Files\Unreal Engine\4.4\Engine\Binaries\DotNET\IOS\openssl.exe” version
and the version is:
OpenSSL 0.9.8h 28 May 2008
which based on the date alone couldn’t possibly be patched I would really like to understand how this happened and has it been fixed in any future releases of Unreal Engine???
This was done on a Windows 7 I was a bit upset to find this version of OpenSSL on my computers.

This post also serves to make more people aware of the issue.

Alrighty, I finally got this thing working. :slight_smile: So the goal was to setup a TCP client on a UE project, send and receive raw byte data to a remote TCP server, do it securely using SSL/TLS, and authenticate the server using a certificate. Thanks to Elvince for pointing me in the right direction. UE does have a OpenSSL module included which will save you the hassle of building it yourself. Here some of things I figured out and issues I had to work around to get the client to build. I’m pretty new with the UE architecture so if I got something wrong or if there’s an easier workaround please correct me.

  1. FSocket does not have any built in support for a SSL/TLS layer. I think the “correct” way to go about this would be to create an SSL implementation of FSocket but I already had boost.asio setup so I went with that for now.

  2. Setting up boost.asio was pretty straightforward. gives a good overview for setting up third party libraries. Remember to add

to boost/config/user.hpp so you’re not pulling in libraries you don’t need.

  1. The OpenSSL module is located in the Engine under Source/ThirdParty/OpenSSL. I’m not sure why but a lot of the modules under Source/ThirdParty don’t show up when downloading the engine through the launcher. Unfortunately OpenSSL is one of them so make sure you’re working with the github source.

  2. Just add OpenSSL as a dependency module. This’ll include the binaries and headers you need.

  3. There looks like a bug in the OpenSSL module. When including the openssl headers, the structure looks like “include/<headers>” but openssl expects the structure to be “include/openssl/<headers>”. Adding the openssl folder yourself and moving the headers over will get you past it.

  4. When compiling, I hit a bunch of redefinition errors. There’s a conflict between UE and openssl with a namespace/typedef called “UI”. I went into openssl/ossl_typ.h and openssl/ui.h and just renamed all references to “UI” to something else.

  5. when including boost.asio headers wrap it around the include windows type helpers.

At this point you should be good to go. There’s already a ton of boost.asio resources so I won’t go into how to set that up but I hope this helps anyone else that needs a secure connection and doesn’t want to go through HTTPS. I still want to implement this using FSocket so I can keep it all within the UE engine though and I’ll update this once I get that working.
[/QUOTE]

I am coming at this openssl vulnerability piece based on finding out I have an OpenSSL exe on my windows 7 box containing the heart bleed vulnerability
Your response was I need to recompile?

I am asking a specific question about openSSL and Unreal which obviously gets used as part of the build for boost.asio.
How does my openssl.exe get updated though???

To the best of my knowledge, heartbleed is not present in the 0.9.8 branch and came into existence later, in 2011. The packaged version -should- be safe from heartbleed.