move AWSLC check for HAVE_SSL_CTX_SET_DEFAULT_READ_BUFFER_LEN into

common location.
2026-06-12 17:15:37 +03:00 · 2025-08-30 13:02:09 +02:00 · 2025-08-30 13:02:09 +02:00 · 138dfd2959
commit 138dfd2959
parent de2a081bd4
1 changed files with 9 additions and 7 deletions
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@ -121,8 +121,15 @@
 static void ossl_provider_cleanup(struct Curl_easy *data);
 #endif

+/*
+ * AWS-LC has `SSL_CTX_set_default_read_buffer_len()?` but runs into
+ * decryption failures with large buffers. Sporadic failures in
+ * test_10_08 with h2 proxy uploads, increased frequency
+ * with CURL_DBG_SOCK_RBLOCK=50. Looks like a bug on their part.
+ */
 #if OPENSSL_VERSION_NUMBER >= 0x10100000L && \
-  !defined(LIBRESSL_VERSION_NUMBER) && !defined(OPENSSL_IS_BORINGSSL)
+  !defined(LIBRESSL_VERSION_NUMBER) && !defined(OPENSSL_IS_BORINGSSL) && \
+  !defined(OPENSSL_IS_AWSLC)
 #define HAVE_SSL_CTX_SET_DEFAULT_READ_BUFFER_LEN 1
 #endif

@ -4128,13 +4135,8 @@ CURLcode Curl_ossl_ctx_init(struct ossl_ctx *octx,

     However using a large buffer (8 packets) actually decreases performance.
     4 packets is better.
-
-     AWS-LC seems to run into decryption failures with large buffers.
-     Sporadic failures in test_10_08 with h2 proxy uploads, increased
-     frequency with CURL_DBG_SOCK_RBLOCK=50.
   */
-#if defined(HAVE_SSL_CTX_SET_DEFAULT_READ_BUFFER_LEN) && \
-    !defined(OPENSSL_IS_AWSLC)
+#ifdef HAVE_SSL_CTX_SET_DEFAULT_READ_BUFFER_LEN
  SSL_CTX_set_default_read_buffer_len(octx->ssl_ctx, 0x401e * 4);
 #endif