1 files changed, 13 insertions, 24 deletions

diff --git a/openssl/README b/openssl/README
index cb4c2e02..1304adea 100644
--- a/openssl/README
+++ b/openssl/README
@@ -410,42 +410,31 @@ Final code cleanups before submitting patch to OpenSSL project.
 
   Candidates: constructors:
 
-  - asid_add_id_or_range()	[might need jacket or rewrite]
+  - asid_add_id_or_range()	[minor rewrite, done]
 
-  - asid_add_inherit()		[might need jacket or rewrite]
+  - asid_add_inherit()		[minor rewrite, done]
 
-  - addr_add_range()
+  - addr_add_range()            [rename, done]
 
-  - addr_add_prefix()
+  - addr_add_prefix()           [rename, done]
 
-  - addr_add_inherit()
+  - addr_add_inherit()          [rename, done]
 
   Candidates: manipulation of obscure ASN.1 encodings (v3_addr.c)
 
-  - extract_min_max()		[might need rewrite]
+  - afi_from_addressfamily()    [renamed, now public]
 
-  - addr_expand()		[might need rewrite]
+  - extract_min_max()		[v3_addr_get_range()]
 
-  - addr_prefixlen()		[would need to be a function]
+  - addr_expand()		[v3_addr_get_range()]
 
-  - afi_from_addressfamily()
+  - addr_prefixlen()		[v3_addr_get_range()]
 
-  - length_from_afi()
+  - length_from_afi()           [v3_addr_get_range()]
 
-  I'm not really happy with the number of candidates in the latter
-  category, but I haven't figured out any saner way to deal with the
-  fancy ASN.1 encoding.  Callers really should not have to understand
-  the RFC 3779 mappings between IP addresses and ASN.1 bitstrings.
-  Perhaps all of this can be collapsed into a single function like:
-
-  int v3_addr_extract(IPAddrBlocks *,
-                      IPAddressFamily *,
-                      IPAddressOrRange *,
-                      unsigned char *min,
-                      unsigned char *max,
-		      unsigned length); /* length of min and max */
-
-  which returns zero on error, else returned length of min and max.
+  v3_addr_get_range() is a new public function that encapsulates
+  several of the private functions, by hiding some details and
+  wrapping a lot of error checking around extract_min_max().
 
 - Need patch against OpenSSL HEAD as well as 0.9.8 branch.  Figure out
   how to do that, or ask Ben for help.