network communication on import

Topics: Developer Forum, Project Management Forum, User Forum
Dec 19, 2012 at 10:34 PM
Edited Dec 19, 2012 at 11:05 PM

Recently, my work network changed requiring all network traffic to go through a proxy. This has caused me some problem with several applications. Including PSCX. Unbeknownst to me, PSCX is reaching out to some one on import. This causes the import-module to be slow and take 60 seconds. 3.0 beta 1 does not do this, but 3.0.0 RC and 3.0.0 do. Listed below are the IP addresses that PSCX attempts to communicate with.

This communication only happens when I try to import PSCX. I can sit with powershell open for quite some time and no communication happens. As soon as I import, the network communication starts and it stops when PSCX successfully imports which takes 60 seconds. 

23.66.230.72
23.66.230.75
174.37.236.19
174.37.236.20
50.97.101.114
72.21.91.29

Can anyone explain what is going on? 

Edit: I think it has something to do with signing. Is there anyway to disable the signing check?

Coordinator
Dec 19, 2012 at 11:38 PM

Authenticode signature checking would be my guess also.  What is your execution policy set to?

Dec 20, 2012 at 2:33 PM

I have tried it on unrestricted and it still makes me wait the 60 seconds while it tries to communicate over the network. Would it be possible to provide an unsigned build?

I am looking for a way to strip the signature off the dlls currently.

Thanks for any help!

Dec 20, 2012 at 3:04 PM
Edited Dec 20, 2012 at 3:04 PM

Here is a script that will yank the certs from all files. It has a same directory dependency on delcert. Hope this help someone else!

 

$items = ls -Recurse -Include *.ps1,*.psm1,*.ps1xml,*.dll 'C:\Program Files (x86)\PowerShell Community Extensions\Pscx3\Pscx'
foreach($item in $items)
{
    Write-Host $item.FullName
    $fullname = $item.FullName
    $ext = $item.Extension
    if ($ext -eq ".ps1" -or $ext -eq ".psm1")
    {
        $x = [IO.File]::ReadAllText($fullname)
        $y = $x -replace "(?s)# SIG.*End signature block", ""
        Set-Content -Encoding utf8 $fullname $y
    }     
    elseif ($ext -eq ".ps1xml")
    {
        $x = [IO.File]::ReadAllText($fullname)
        $y = $x -replace "(?s)<!-- SIG.*End signature block -->", ""
        Set-Content -Encoding utf8 $fullname $y
    } 
    elseif ($ext -eq ".dll")
    {
        & .\delcert.exe $fullname
    }
}
Coordinator
Dec 20, 2012 at 5:59 PM

@jrob - thanks for posting this work-around!

Aug 30, 2013 at 9:45 PM
I noticed the same thing - with timeouts taking about 30 seconds and the host trying to get to the some of the same IPs as above. I packet capture found the dns requests for ctldl.windowsupdate.com. An additional google/bing search found:

http://support.microsoft.com/kb/2677070

The servers I had didn't have 2677070 installed though. However, the fix worked.