Index: net/cert/x509_certificate.cc |
diff --git a/net/cert/x509_certificate.cc b/net/cert/x509_certificate.cc |
index 3121e1b5a1022ee6917352423ba92afa0c308aa1..1f9595bb348a9fb66e0a849ba499da3322633baa 100644 |
--- a/net/cert/x509_certificate.cc |
+++ b/net/cert/x509_certificate.cc |
@@ -48,7 +48,7 @@ const char kCertificateHeader[] = "CERTIFICATE"; |
// The PEM block header used for PKCS#7 data |
const char kPKCS7Header[] = "PKCS7"; |
-#if !defined(USE_NSS_CERTS) |
+#if !defined(USE_NSS_CERTS) && !defined(USE_BYTE_CERTS) |
// A thread-safe cache for OS certificate handles. |
// |
// Within each of the supported underlying crypto libraries, a certificate |
@@ -192,16 +192,17 @@ void X509CertificateCache::Remove(X509Certificate::OSCertHandle cert_handle) { |
#endif // !defined(USE_NSS_CERTS) |
eroman
2017/03/29 23:06:54
nit: Update comments?
mattm
2017/03/30 04:38:09
Done.
|
// See X509CertificateCache::InsertOrUpdate. NSS has a built-in cache, so there |
-// is no point in wrapping another cache around it. |
+// is no point in wrapping another cache around it. With USE_BYTE_CERTS, the |
+// CYRPTO_BUFFERs are deduped by a CRYPTO_BUFFER_POOL. |
void InsertOrUpdateCache(X509Certificate::OSCertHandle* cert_handle) { |
-#if !defined(USE_NSS_CERTS) |
+#if !defined(USE_NSS_CERTS) && !defined(USE_BYTE_CERTS) |
g_x509_certificate_cache.Pointer()->InsertOrUpdate(cert_handle); |
#endif |
} |
// See X509CertificateCache::Remove. |
void RemoveFromCache(X509Certificate::OSCertHandle cert_handle) { |
-#if !defined(USE_NSS_CERTS) |
+#if !defined(USE_NSS_CERTS) && !defined(USE_BYTE_CERTS) |
g_x509_certificate_cache.Pointer()->Remove(cert_handle); |
#endif |
} |