Skip to content

fix(http): prevent duplicate NTLM Type 3 request with --fail (test 150)#133

Merged
jonwiggins merged 2 commits intomainfrom
optio/task-44f17f97-92af-4f00-83df-58b8a28f17b6
Mar 28, 2026
Merged

fix(http): prevent duplicate NTLM Type 3 request with --fail (test 150)#133
jonwiggins merged 2 commits intomainfrom
optio/task-44f17f97-92af-4f00-83df-58b8a28f17b6

Conversation

@jonwiggins
Copy link
Copy Markdown
Owner

@jonwiggins jonwiggins commented Mar 28, 2026

Summary

  • When --fail is used with NTLM auth, the h1 layer skips reading the 401 response body but still marks the connection as reusable — leaving unread body data on the socket
  • The NTLM Type 3 request then reuses this corrupted connection, gets a parse error from the leftover data, and retries on a new connection — sending a spurious third HTTP request
  • Fix: add !fail_skip to the can_reuse calculation in h1.rs so connections with skipped bodies are never returned to the pool
  • Also reset is_ntlm_probe flag after Type 3 auth completes for correctness

Closes #121

Test plan

  • New unit test request_fail_on_error_prevents_reuse verifies can_reuse = false when fail_on_error skips body
  • All 926 existing lib tests pass (no regressions)
  • cargo clippy and cargo fmt clean
  • ./scripts/run-curl-tests.sh 150 should pass consistently (was ~40% failure rate)

🤖 Generated with Claude Code

@claude
fix(http): prevent duplicate NTLM Type 3 request with --fail (test 150)
f4cf703 
When --fail is used with NTLM auth, the h1 layer skips reading the 401
response body (fail_on_error optimization). However, the connection was
still marked as reusable, leaving unread body data on it. When the NTLM
Type 3 request reused this connection, it encountered leftover data from
the 401 body, causing an HTTP/0.9 parse error. The retry logic in
do_single_request then sent the Type 3 again on a new connection —
producing a spurious third request that fails curl test 150.

Fix: mark connections as non-reusable when fail_on_error skips the body
(add !fail_skip to the can_reuse calculation in h1.rs). Also reset the
is_ntlm_probe flag after Type 3 auth completes so the probe-retry path
cannot fire on subsequent loop iterations.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@jonwiggins jonwiggins force-pushed the optio/task-44f17f97-92af-4f00-83df-58b8a28f17b6 branch from 12e801d to f4cf703 Compare March 28, 2026 03:44
@claude
fix(http): remove dead is_ntlm_probe assignment and fix formatting
a25f23f 
The `is_ntlm_probe` variable is re-initialized with `let` at the top
of each loop iteration, so the `= false` assignment after Type 3 auth
was dead code (never read before re-initialization). Remove it and
drop the now-unnecessary `mut`. Also fix formatting in h1.rs test.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@jonwiggins jonwiggins merged commit a11a477 into main Mar 28, 2026
7 checks passed
@jonwiggins jonwiggins mentioned this pull request Mar 28, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

fix(http): NTLM auth with --fail sends duplicate Type 3 request (test 150, flaky)

1 participant

@jonwiggins