I have yet another use case for the function implemented by this patch (i.e. retrieving the cert chain actually sent by the server, regardless of whether that gives a path to a trust anchor).  I'm implementing a network forensics tool, and one of the situations it's supposed to detect is when a man-in-the-middle is attempting to substitute its own cert for a site's "legitimate" cert (yes, possibly having suborned a public CA in order to do so).  To make all of the planned heuristics for this work correctly, I need to record exactly what came over the wire.

If it would be useful for me to dust off the patch and/or implement the _other_ function that people requested (retrieve the chain that OpenSSL concluded was a valid chain to an accepted trust anchor)  I can probably scare up time to do so in the next week or two.  I imagine it's too late for 3.8 patch releases at this point, but assuming I did this, could it make 3.9?