Feature or enhancement

Proposal:

As part of a series of changesdiscussed on the python Ideas board, this issue proposes placing guards around references toTLSv1.3 post-handshake authentication (PHA). This would CPython to build against cryptography libraries lacking full PHA support.

Has this already been discussed elsewhere?

I have already discussed this feature proposal on Discourse

Links to previous discussion of this feature:

https://discuss.python.org/t/support-building-ssl-and-hashlib-modules-against-aws-lc/44505/9

Linked PRs

• gh-117784: Only reference PHA functions ifndef SSL_VERIFY_POST_HANDSHAKE #117785