From b8c1f1d401c14d7071773949bd1d010d524fdaa9 Mon Sep 17 00:00:00 2001
From: "rsleevi@chromium.org"
 <rsleevi@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>
Date: Tue, 12 Oct 2010 03:56:11 +0000
Subject: net:: comment fixes only

BUG=none
TEST=none

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@62240 0039d316-1c4b-4281-b951-d872f2087c98
---
 net/base/x509_certificate_openssl.cc | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/net/base/x509_certificate_openssl.cc b/net/base/x509_certificate_openssl.cc
index 6969c7d8..a56b587 100644
--- a/net/base/x509_certificate_openssl.cc
+++ b/net/base/x509_certificate_openssl.cc
@@ -251,12 +251,20 @@ void sk_X509_free_fn(STACK_OF(X509)* st) {
 X509Certificate::OSCertHandle X509Certificate::DupOSCertHandle(
     OSCertHandle cert_handle) {
   DCHECK(cert_handle);
+  // Using X509_dup causes the entire certificate to be reparsed. This
+  // conversion, besides being non-trivial, drops any associated
+  // application-specific data set by X509_set_ex_data. Using CRYPTO_add
+  // just bumps up the ref-count for the cert, without causing any allocations
+  // or deallocations.
   CRYPTO_add(&cert_handle->references, 1, CRYPTO_LOCK_X509);
   return cert_handle;
 }
 
 // static
 void X509Certificate::FreeOSCertHandle(OSCertHandle cert_handle) {
+  // Decrement the ref-count for the cert and, if all references are gone,
+  // free the memory and any application-specific data associated with the
+  // certificate.
   X509_free(cert_handle);
 }
 
-- 
cgit v1.1