Gethostbyaddr() Call with Winsock2 Returns Address Pool Alias

ID: Q192425

The information in this article applies to:
  • Microsoft Windows 95
  • Microsoft Windows 98
  • Microsoft Proxy Server version 2.0

SYMPTOMS

With Winsock2 installed, a user logging on to a Windows 95-based or Windows 98-based computer may not be authenticated by the Kerberos Network Authentication Service (typically implemented in UNIX-based or LINUX-based networks).

Additionally, clients in general may not be authenticated if the authentication is attempted using Microsoft Proxy Server.

This behavior is known to impact the use of Columbia University's Kermit- 95 communications software.


CAUSE

The Microsoft products to which this article applies cache Domain Name Service (DNS) name lookups. If an address pool alias is resolved using the Gethostbyname() call, the alias is cached for all returned addresses. Subsequent Gethostbyaddress() calls against any of the returned addresses are resolved to the alias, instead of to the actual computer name, until such time as the entry is removed from the cache (after 600 seconds, or being flushed to accommodate a new cache entry, if the cache is full).

The Kerberos client must request a service ticket using the actual name of the host to which it is connecting. A service ticket consists of binary data used to identify a user or service (similar in concept to Microsoft Windows NT access tokens). Use of the alias in place of the actual host name results in a service ticket being encoded with the wrong key. Retrieval of the actual host name is not possible under the above conditions when the initial name lookup for the server was performed against an address pool alias.


RESOLUTION

A supported fix that corrects this problem is now available from Microsoft, but has not been fully regression tested and should be applied only to computers experiencing this specific problem. To resolve this problem immediately, contact Microsoft Technical Support to obtain the fix. If you are not severely impacted by this specific problem, Microsoft recommends that you wait for the next service pack that contains this fix.

For a complete list of Microsoft Technical Support phone numbers and information on support costs, please go to the following address on the World Wide Web:

http://support.microsoft.com/support/supportnet/default.asp
This fix should have the following file attributes for Windows 95 and Windows 98 (note that the Windows 98 update is a single package that installs the correct component version for the indicated platforms): 

File Name  Version    Date     Time     Size   Platform
----------------------------------------------------------------------
Rnr20.dll  4.10.1658  09/08/98 04:58pm  43,008 Windows 95 (all versions)
Rnr20.dll  4.10.2003  06/26/99 07:11pm  43,520 Windows 98 
Rnr20.dll  4.10.2223  07/22/99 05:35pm  43,520 Windows 98 Second Edition
Note that on Windows 95, this updated component must be installed after the Winsock2 update is applied. There is currently no fix available for Microsoft Proxy server.

NOTE: If you contact Microsoft to obtain this fix, a fee may be charged. This fee is refundable if it is determined that you only require the fix you requested. However, this fee is non-refundable if you request additional technical support, if your no-charge technical support period has expired, or if you are not eligible for standard no-charge technical support.

For more information about eligibility for no-charge technical support, see the following article in the Microsoft Knowledge Base:

ARTICLE-ID: Q154871
TITLE: Determining If Your Product Is Eligible for No-Charge Technical Support


STATUS

Microsoft has confirmed this to be a problem in the products listed at the beginning of this article.


MORE INFORMATION

The third-party products discussed in this article are manufactured by vendors independent of Microsoft; we make no warranty, implied or otherwise, regarding these products' performance or reliability.

For more information about the Kerberos Network Authentication Service as discussed in RFC 1510, you can obtain a copy of RFC 1510 on the Internet from the following source:

ftp://ds.internic.net/rfc/rfc1510.txt


Additional information about the Kermit-95 product mentioned in this article is available on the Internet from the following sources:

http://www.columbia.edu/kermit
http://www.kermit-project.org/


The third-party contact information included in this article is provided to help you find the technical support you need. This contact information is subject to change without notice. Microsoft in no way guarantees the accuracy of this third-party contact information.

Additional query words: hostent cache

Keywords : kbenv kbnetwork 3rdpartynet win95 win98
Version : WINDOWS:95; winnt:2.0
Platform : WINDOWS winnt
Issue type : kbprb


Last Reviewed: July 26, 1999
© 2000 Microsoft Corporation. All rights reserved. Terms of Use.