Correctly handle leap year in x509_date_is_valid()

This patch ensures that invalid dates on leap years with 100 or 400
years intervals are handled correctly.
diff --git a/ChangeLog b/ChangeLog
index 3e74dce..da29d70 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -9,6 +9,9 @@
    * Parse signature algorithm extension when renegotiating. Previously,
      renegotiated handshakes would only accept signatures using SHA-1
      regardless of the peer's preferences, or fail if SHA-1 was disabled.
+   * Fix leap year calculation in x509_date_is_valid() to ensure that invalid
+     dates on leap years with 100 and 400 intervals are handled correctly. Found
+     by Nicholas Wilson. #694
 
 = mbed TLS 2.1.9 branch released 2017-08-10