[cvsnt] Vedr.: RE: CVSNT 2.5.04 build 3236 server really slow

jml at nykredit.dk jml at nykredit.dk
Mon Nov 17 10:20:21 GMT 2008 

   > The "VerifyTrust" serves a slightly different purpose and was
   clearly described in the release notes.
   I'd like to read about it, but the release notes included in the
   installer only covers up to CVSNT version 2.5.03 - 2382.
   > Regardless - there is no performance penealty doing this at all - it
   even works when completely disconnected form the internet.  There is
   clearly something odd about your installation - if it's an interaction
   between the "VerifyTrust" code and your install and we can improve it
   in the "VerifyTrust" code then that'd be good to do (eg: by verifying
   the signature without checking the revoke list), but we are still
   waiting to find out from you why you cannot connect to Verisign.
   I do not understand why CVSNT "insists" on using the IP-address
   199.7.71.190 to connect to VeriSign, as if the IP-address was
   hard-coded somewhere.
   > Did you try adding the reverse DNS to your hosts file as suggested?
   Yes, and it had no effect.
   Best regards
   Jørgen Møller Larsen 
   
   "Arthur Barrett" <arthur.barrett at march-hare.com>

   14-11-2008 20:17

                                                                      Til

   <jml at nykredit.dk>, <cvsnt at cvsnt.org>

                                                                       cc

                                                                     Emne

   RE: [cvsnt] CVSNT 2.5.04 build 3236 server really slow

   Jørgen ,
   >    The verification is not a Windows whim as Arthur implies, but an
   >    explicit check made by CVS. It happens in the cvsapi (in
   >    cvsapi\win32\LibraryAccess.cpp).
   The "VerifyTrust" serves a slightly different purpose and was clearly
   described in the release notes.
   Regardless - there is no performance penealty doing this at all - it
   even works when completely disconnected form the internet.  There is
   clearly something odd about your installation - if it's an interaction
   between the "VerifyTrust" code and your install and we can improve it
   in the "VerifyTrust" code then that'd be good to do (eg: by verifying
   the signature without checking the revoke list), but we are still
   waiting to find out from you why you cannot connect to Verisign.  Did
   you try adding the reverse DNS to your hosts file as suggested?
   Regards,
   Arthur Barrett

More information about the cvsnt mailing list