From a967883b9c25d036f164daaf97c41073a0df0558 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dag-Erling=20Sm=C3=B8rgrav?= <des@des.no>
Date: Thu, 19 Nov 2020 05:41:15 +0000
Subject: [PATCH] In openpam_ttyconv(3), wait to print the prompt until after
 we're ready to accept input.  Otherwise, there is a small but non-zero chance
 that input provided after the prompt appears is discarded when we flush the
 tty buffer.

Submitted by:	Brooks Davis <brooks@freebsd.org>


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@948 185d5e19-27fe-0310-9dcf-9bff6b9f3609
---
 CREDITS                      |  1 +
 HISTORY                      |  5 +++++
 lib/libpam/openpam_ttyconv.c | 12 ++++++------
 3 files changed, 12 insertions(+), 6 deletions(-)

diff --git a/CREDITS b/CREDITS
index b40c9d3..a560f9e 100644
--- a/CREDITS
+++ b/CREDITS
@@ -18,6 +18,7 @@ ideas:
 	Ankita Pal <pal.ankita.ankita@gmail.com>
 	Baptiste Daroussin <bapt@freebsd.org>
 	Brian Fundakowski Feldman <green@freebsd.org>
+	Brooks Davis <brooks@freebsd.org>
 	Christos Zoulas <christos@netbsd.org>
 	Daniel Richard G. <skunk@iskunk.org>
 	Darren J. Moffat <darren.moffat@sun.com>
diff --git a/HISTORY b/HISTORY
index 98032d7..234604e 100644
--- a/HISTORY
+++ b/HISTORY
@@ -1,3 +1,8 @@
+OpenPAM ???							2020-07-??
+
+ - BUGFIX: Fix race condition in openpam_ttyconv(3) when used with
+   expect scripts.
+============================================================================
 OpenPAM Tabebuia						2019-02-24
 
  - BUGFIX: Fix off-by-one bug in pam_getenv(3) which was introduced in
diff --git a/lib/libpam/openpam_ttyconv.c b/lib/libpam/openpam_ttyconv.c
index dd958a9..4b223d9 100644
--- a/lib/libpam/openpam_ttyconv.c
+++ b/lib/libpam/openpam_ttyconv.c
@@ -94,12 +94,6 @@ prompt_tty(int ifd, int ofd, const char *message, char *response, int echo)
 	int pos, ret;
 	char ch;
 
-	/* write prompt */
-	if (write(ofd, message, strlen(message)) < 0) {
-		openpam_log(PAM_LOG_ERROR, "write(): %m");
-		return (-1);
-	}
-
 	/* turn echo off if requested */
 	slflag = 0; /* prevent bogus uninitialized variable warning */
 	if (!echo) {
@@ -115,6 +109,12 @@ prompt_tty(int ifd, int ofd, const char *message, char *response, int echo)
 		}
 	}
 
+	/* write prompt */
+	if (write(ofd, message, strlen(message)) < 0) {
+		openpam_log(PAM_LOG_ERROR, "write(): %m");
+		return (-1);
+	}
+
 	/* install signal handlers */
 	caught_signal = 0;
 	action.sa_handler = &catch_signal;