From 138dfd2959e06b750cd97c8eb94ca6ea4df7692f Mon Sep 17 00:00:00 2001
From: Stefan Eissing <stefan@eissing.org>
Date: Sat, 30 Aug 2025 13:02:09 +0200
Subject: [PATCH] move AWSLC check for HAVE_SSL_CTX_SET_DEFAULT_READ_BUFFER_LEN
 into common location.

---
 lib/vtls/openssl.c | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 64eb9960b9..9c5e62b27e 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -121,8 +121,15 @@
 static void ossl_provider_cleanup(struct Curl_easy *data);
 #endif
 
+/*
+ * AWS-LC has `SSL_CTX_set_default_read_buffer_len()?` but runs into
+ * decryption failures with large buffers. Sporadic failures in
+ * test_10_08 with h2 proxy uploads, increased frequency
+ * with CURL_DBG_SOCK_RBLOCK=50. Looks like a bug on their part.
+ */
 #if OPENSSL_VERSION_NUMBER >= 0x10100000L && \
-  !defined(LIBRESSL_VERSION_NUMBER) && !defined(OPENSSL_IS_BORINGSSL)
+  !defined(LIBRESSL_VERSION_NUMBER) && !defined(OPENSSL_IS_BORINGSSL) && \
+  !defined(OPENSSL_IS_AWSLC)
 #define HAVE_SSL_CTX_SET_DEFAULT_READ_BUFFER_LEN 1
 #endif
 
@@ -4128,13 +4135,8 @@ CURLcode Curl_ossl_ctx_init(struct ossl_ctx *octx,
 
      However using a large buffer (8 packets) actually decreases performance.
      4 packets is better.
-
-     AWS-LC seems to run into decryption failures with large buffers.
-     Sporadic failures in test_10_08 with h2 proxy uploads, increased
-     frequency with CURL_DBG_SOCK_RBLOCK=50.
    */
-#if defined(HAVE_SSL_CTX_SET_DEFAULT_READ_BUFFER_LEN) && \
-    !defined(OPENSSL_IS_AWSLC)
+#ifdef HAVE_SSL_CTX_SET_DEFAULT_READ_BUFFER_LEN
   SSL_CTX_set_default_read_buffer_len(octx->ssl_ctx, 0x401e * 4);
 #endif