From dedd9ee84bb0a93d0afc3c1df4a8bf4e7e8b85c7 Mon Sep 17 00:00:00 2001
From: Kristof Provost <kp@FreeBSD.org>
Date: Thu, 3 Jun 2021 15:22:19 +0200
Subject: [PATCH] pf tests: Make killstate:match more robust

The killstate:match test starts nc as a background process. There was no
guarantee that the nc process would have connected by the time we check
for states, so this test occasionally failed without good reason.

Teach the test to wait for at least some states to turn up before
executing the critical checks.

MFC after:	3 days
Sponsored by:	Rubicon Communications, LLC ("Netgate")

(cherry picked from commit 70dd30d49c29a27e1ef159660a7e3dbb84082674)
---
 tests/sys/netpfil/pf/killstate.sh | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/tests/sys/netpfil/pf/killstate.sh b/tests/sys/netpfil/pf/killstate.sh
index b3d94a24554..f53ede8c757 100644
--- a/tests/sys/netpfil/pf/killstate.sh
+++ b/tests/sys/netpfil/pf/killstate.sh
@@ -384,6 +384,17 @@ match_head()
 	atf_set require.user root
 }
 
+wait_for_state()
+{
+	jail=$1
+	addr=$2
+
+	while ! jexec $jail pfctl -s s | grep $addr >/dev/null;
+	do
+		sleep .1
+	done
+}
+
 match_body()
 {
 	pft_init
@@ -412,6 +423,7 @@ match_body()
 		"pass all"
 
 	nc 198.51.100.2 7 &
+	wait_for_state alcatraz 192.0.2.1
 
 	# Expect two states
 	states=$(jexec alcatraz pfctl -s s | wc -l)
@@ -432,6 +444,7 @@ match_body()
 	jexec alcatraz pfctl -F states
 
 	nc 198.51.100.2 7 &
+	wait_for_state alcatraz 192.0.2.1
 
 	# Kill matching states, expect all of them to be gone
 	jexec alcatraz pfctl -M -k 192.0.2.1