ACK (as this is basically just the combined and already-ACKed patches
from master, 644f2cdd13f4 + 091edd8e29968, which we did not cherrypick
because the PolarSSL 1.3 upgrade needed to be done first).
Your patch has been applied to the release/2.3 branch.
commit dfd940bb008feb2fe981ceab3ed66fdb3c
ACK! WANT!
(Tested with an expired certificate and it works, and looking at OpenSSL
x509_vfy.c and PolarSSL x509_8h, I'm reasonable confident that it will
also for for not-yet-valid certificates and that we call this all correctly)
Your patch has been applied to the master branch (release/2.3 co
