From c330bad53082b70222acdbaa0728455661652421 Mon Sep 17 00:00:00 2001
From: Lindsay Stewart <slindsay@amazon.com>
Date: Fri, 13 Sep 2024 15:03:09 -0700
Subject: [PATCH] document current restrictions

---
 docs/BUILD.md    | 2 ++
 utils/s2n_init.c | 2 +-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/docs/BUILD.md b/docs/BUILD.md
index 8c3346662be..01b90a40bcb 100644
--- a/docs/BUILD.md
+++ b/docs/BUILD.md
@@ -110,6 +110,8 @@ cmake . -LH
 
 s2n-tls has a dependency on a libcrypto library. A supported libcrypto must be linked to s2n-tls when building. The following libcrypto libraries are currently supported:
 - [AWS-LC](https://github.com/aws/aws-lc)
+  - Limited ["Sandboxing"](https://github.com/aws/aws-lc/blob/main/SANDBOXING.md) is only supported and tested with AWS-LC.
+  - [PQ key exchange]([Usage Guide](https://aws.github.io/s2n-tls/usage-guide/ch15-post-quantum.html) is only supported with AWS-LC.
 - [OpenSSL](https://www.openssl.org/) (versions 1.0.2 - 3.0)
   - ChaChaPoly is not supported before Openssl-1.1.1.
   - RSA-PSS is not supported before Openssl-1.1.1.
diff --git a/utils/s2n_init.c b/utils/s2n_init.c
index 9e9f91314b3..550fcc0cfd8 100644
--- a/utils/s2n_init.c
+++ b/utils/s2n_init.c
@@ -87,7 +87,7 @@ int s2n_init(void)
         s2n_stack_traces_enabled_set(true);
     }
 
-#if defined(OPENSSL_IS_BORINGSSL) || defined(OPENSSL_IS_AWSLC)
+#if defined(OPENSSL_IS_AWSLC)
     CRYPTO_pre_sandbox_init();
 #endif