@@ -47,14 +47,16 @@ func startProxy(t *testing.T, useTLS bool) (proxyURL *url.URL, obsCh <-chan stri
4747 }
4848
4949 w .WriteHeader (http .StatusOK )
50- clientConn , _ , err := hijacker .Hijack ()
50+ clientConn , bufrw , err := hijacker .Hijack ()
5151 if err != nil {
5252 return
5353 }
5454 defer clientConn .Close ()
5555
5656 done := make (chan struct {}, 2 )
57- go func () { io .Copy (destConn , clientConn ); done <- struct {}{} }()
57+ // Read from bufrw (not clientConn) so any bytes already buffered
58+ // by the server's bufio.Reader are forwarded to the destination.
59+ go func () { io .Copy (destConn , bufrw ); done <- struct {}{} }()
5860 go func () { io .Copy (clientConn , destConn ); done <- struct {}{} }()
5961 <- done
6062 // Close both sides so the remaining goroutine unblocks.
@@ -106,14 +108,14 @@ func startProxyWithAuth(t *testing.T, useTLS bool, wantUser, wantPass string) (p
106108 }
107109
108110 w .WriteHeader (http .StatusOK )
109- clientConn , _ , err := hijacker .Hijack ()
111+ clientConn , bufrw , err := hijacker .Hijack ()
110112 if err != nil {
111113 return
112114 }
113115 defer clientConn .Close ()
114116
115117 done := make (chan struct {}, 2 )
116- go func () { io .Copy (destConn , clientConn ); done <- struct {}{} }()
118+ go func () { io .Copy (destConn , bufrw ); done <- struct {}{} }()
117119 go func () { io .Copy (clientConn , destConn ); done <- struct {}{} }()
118120 <- done
119121 clientConn .Close ()
@@ -247,25 +249,14 @@ func TestWithProxyTransport_ProxyAuth(t *testing.T) {
247249 })
248250
249251 t .Run ("https proxy with auth" , func (t * testing.T ) {
250- // Under the race detector on resource-constrained CI hosts
251- // the TLS handshake to the proxy can sporadically fail with
252- // "first record does not look like a TLS handshake" / EOF.
253- // Retry with a fresh proxy + transport to tolerate this.
254- var resp * http.Response
255- var lastErr error
256- for attempt := range 3 {
257- proxyURL := startProxyWithAuth (t , true , "user" , "s3cret" )
258- transport := withProxyTransport (newTestTransport (), proxyURL , "" )
259- client := & http.Client {Transport : transport , Timeout : 10 * time .Second }
260- resp , lastErr = client .Get (target .URL )
261- transport .CloseIdleConnections ()
262- if lastErr == nil {
263- break
264- }
265- t .Logf ("attempt %d: %v" , attempt + 1 , lastErr )
266- }
267- if lastErr != nil {
268- t .Fatalf ("GET through authenticated https proxy (after retries): %v" , lastErr )
252+ proxyURL := startProxyWithAuth (t , true , "user" , "s3cret" )
253+ transport := withProxyTransport (newTestTransport (), proxyURL , "" )
254+ t .Cleanup (transport .CloseIdleConnections )
255+ client := & http.Client {Transport : transport , Timeout : 10 * time .Second }
256+
257+ resp , err := client .Get (target .URL )
258+ if err != nil {
259+ t .Fatalf ("GET through authenticated https proxy: %v" , err )
269260 }
270261 defer resp .Body .Close ()
271262 if _ , err := io .ReadAll (resp .Body ); err != nil {
0 commit comments