disable caching in BIO_gethostbyname

CHANGES

@@ -4,6 +4,12 @@
 
  Changes between 0.9.6b and 0.9.6c  [XX xxx XXXX]
 
+  *) Disable caching in BIO_gethostbyname(), directly use gethostbyname()
+     instead.  BIO_gethostbyname() does not know what timeouts are
+     appropriate, so entries would stay in cache even when they hade
+     become invalid.
+     [Bodo Moeller; problem pointed out by Rich Salz <rsalz@zolera.com>
+
   *) Change ssl23_get_client_hello (ssl/s23_srvr.c) behaviour when
      faced with a pathologically small ClientHello fragment that does
      not contain client_version: Instead of aborting with an error,

crypto/bio/b_sock.c

@@ -345,13 +345,18 @@ static void ghbn_free(struct hostent *a)
 
 struct hostent *BIO_gethostbyname(const char *name)
 	{
+#if 1
+	/* Caching gethostbyname() results forever is wrong,
+	 * so we have to let the true gethostbyname() worry about this */
+	return gethostbyname(name);
+#else
 	struct hostent *ret;
 	int i,lowi=0,j;
 	unsigned long low= (unsigned long)-1;
 
-/*	return(gethostbyname(name)); */
 
-#if 0 /* It doesn't make sense to use locking here: The function interface
+#  if 0
+	/* It doesn't make sense to use locking here: The function interface
 	 * is not thread-safe, because threads can never be sure when
 	 * some other thread destroys the data they were given a pointer to.
 	 */
@@ -393,7 +398,8 @@ struct hostent *BIO_gethostbyname(const char *name)
 			goto end;
 		if (j > 128) /* too big to cache */
 			{
-#if 0 /* If we were trying to make this function thread-safe (which
+#  if 0
+			/* If we were trying to make this function thread-safe (which
 			 * is bound to fail), we'd have to give up in this case
 			 * (or allocate more memory). */
 			ret = NULL;
@@ -425,8 +431,10 @@ end:
 	CRYPTO_w_unlock(CRYPTO_LOCK_GETHOSTBYNAME);
 #  endif
 	return(ret);
+#endif
 	}
 
+
 int BIO_sock_init(void)
 	{
 #ifdef WINDOWS