Add TLS and HTTPS support#3545
Merged
Merged
Conversation
Contributor
|
Dang! Another great feature so soon. Looking forward to seeing this merged |
eXpl0it3r
requested changes
Aug 21, 2025
MarioLiebisch
requested changes
Aug 22, 2025
97835e7 to
ded9123
Compare
8235bd5 to
683d5b6
Compare
Member
Author
|
Rebased onto master. |
Pull Request Test Coverage Report for Build 18615251839Details
💛 - Coveralls |
eXpl0it3r
approved these changes
Dec 2, 2025
eXpl0it3r
left a comment
Member
There was a problem hiding this comment.
This looks great! 🥳
I added some questions and minor code structure comments, nothing to really block this PR further.
MarioLiebisch
approved these changes
Dec 3, 2025
683d5b6 to
7653922
Compare
Member
Author
|
Rebased onto master. |
d7b1526 to
b4f4691
Compare
ca14ae7 to
ca90dbd
Compare
learn-more
reviewed
Dec 10, 2025
learn-more
left a comment
Contributor
There was a problem hiding this comment.
Some notes / questions I had while reviewing the code.
ca90dbd to
3fb2872
Compare
Member
Author
|
Updated. |
3fb2872 to
e2af03b
Compare
Member
Author
|
eXpl0it3r
approved these changes
Dec 19, 2025
Member
|
Another long awaited feature has landed in SFML! 🥳 Thank you for bringing TLS to SFML! |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This change adds support for Transport Layer Security to
sf::TcpSocketusing Mbed TLS.Because HTTPS is just HTTP over a TLS stream, support for HTTPS was also added.
All of the existing
sf::TcpSocketinterfaces stayed the same. After a connection is established on either client or server, the corresponding setup function has to be called. For clientssetupTlsClienthas to be called and for serverssetupTlsServerhas to be called. The arguments that have to be supplied are those typical of setting up any TLS stream.For a usage example, the Sockets example was modified to give the user a choice of enabling TLS. Additionally, since HTTPS is also supported with this change, a HTTP example was added that can be used to connect to websites using HTTP/HTTPS.
Finally, connection tests were added for TLS and non-TLS TCP streams.
Since CI passes with the tests enabled on almost all platforms, it means the implementation including loading certificates from the system certificate store works on all those platforms. The only platform that is currently unsupported is iOS since Apple deliberately chose not to provide the same Security framework APIs as it does on macOS. After searching for a while I gave up thinking of how to load system certificates on iOS. If there are any iOS experts out there, they can try their luck adding a working implementation for it.