Fix WS handshake over-reading and dropping the next protocol frame

Root cause of the long-running CI flake on Windows + Python 3.13 in
test_ws_viewer_authenticates_and_receives_frames /
test_ws_host_announces_host_id and friends:

_read_http_message used recv(1024). On loopback the kernel often
coalesces the host's "101 Switching Protocols" reply and the
AUTH_CHALLENGE WS frame that follows it into a single TCP segment.
The bulk recv consumed both, the function returned only the HTTP
text, and the trailing frame bytes were silently dropped. The
client's next recv() then blocked the full 60 s auth budget waiting
for a frame the kernel had already delivered. This pattern is
load-dependent (server has to be fast enough to flush both back-to-
back), which is exactly why the failure looked random.

Switch to byte-by-byte reads up to "\r\n\r\n" so any post-header
bytes stay in the kernel buffer for the next recv. The extra
syscalls cost ~1 ms on loopback — well below the WS upgrade itself.

Also drop the @pytest.mark.flaky reruns added in 0929195: those were
masking this exact bug, and the underlying handshake is now
deterministic.

Add a regression test that fuses the 101 response and a WS BINARY
frame into one sendall and verifies recv_message still returns the
frame after client_handshake.

Author: JE-Chen

je_auto_control/utils/remote_desktop/ws_protocol.py

@@ -102,9 +102,18 @@ def client_handshake(sock: socket.socket, host: str, port: int,
 
 
 def _read_http_message(sock: socket.socket) -> str:
+    # Byte-by-byte read until "\r\n\r\n". A bulk recv(1024) would
+    # over-read into the next message: when the peer packs the HTTP
+    # response and the first protocol frame into a single TCP segment
+    # (common on loopback under load), the post-header bytes end up in
+    # this buffer and are dropped on return — the next recv() then
+    # blocks forever on bytes that already arrived. Loopback syscalls
+    # are microseconds; ~150 of them per handshake is well below the
+    # noise floor of the WS upgrade itself.
     buf = bytearray()
-    while b"\r\n\r\n" not in buf:
-        chunk = sock.recv(1024)
+    terminator = b"\r\n\r\n"
+    while not buf.endswith(terminator):
+        chunk = sock.recv(1)
         if not chunk:
             raise WsProtocolError("connection closed during handshake")
         buf.extend(chunk)

test/unit_test/headless/test_remote_desktop_websocket.py

@@ -86,6 +86,64 @@ def test_recv_handles_extended_payload_length():
         client.close()
 
 
+def test_handshake_does_not_over_read_into_next_frame():
+    """Regression: server pack of 101 + first WS frame in one segment.
+
+    When the host sends the HTTP upgrade response and the AUTH_CHALLENGE
+    frame back-to-back, the kernel coalesces them on loopback. A bulk
+    ``recv(1024)`` inside ``client_handshake`` would consume both, then
+    discard the post-header bytes — the next ``recv_message`` then
+    blocks forever on data that already arrived. Verify the handshake
+    leaves any trailing bytes in the kernel buffer.
+    """
+    server, client = _make_socketpair()
+    try:
+        import threading
+
+        # Drive client_handshake on a thread; on the server side we
+        # send 101 and a WS BINARY frame in a single sendall to mimic
+        # the production race that flaked CI.
+        done = threading.Event()
+
+        def client_side():
+            client_handshake(client, "127.0.0.1", 1234, path="/")
+            done.set()
+
+        thread = threading.Thread(target=client_side, daemon=True)
+        thread.start()
+        # Read the GET request, then send 101 + a tiny WS frame fused.
+        request = b""
+        while b"\r\n\r\n" not in request:
+            request += server.recv(1024)
+        sec_key = ""
+        for line in request.decode("iso-8859-1").split("\r\n"):
+            if line.lower().startswith("sec-websocket-key:"):
+                sec_key = line.split(":", 1)[1].strip()
+        import base64
+        import hashlib
+        accept = base64.b64encode(hashlib.sha1(  # nosec B324
+            (sec_key + "258EAFA5-E914-47DA-95CA-C5AB0DC85B11").encode("ascii"),
+            usedforsecurity=False,
+        ).digest()).decode("ascii")
+        response = (
+            "HTTP/1.1 101 Switching Protocols\r\n"
+            "Upgrade: websocket\r\n"
+            "Connection: Upgrade\r\n"
+            f"Sec-WebSocket-Accept: {accept}\r\n"
+            "\r\n"
+        ).encode("ascii")
+        # WS BINARY frame: FIN=1, opcode=2, len=3, payload=b"hi!"
+        ws_frame = b"\x82\x03hi!"
+        server.sendall(response + ws_frame)
+        assert done.wait(timeout=2.0)
+        # The frame must still be readable — i.e. handshake didn't
+        # swallow the bytes that followed "\r\n\r\n".
+        assert recv_message(client) == b"hi!"
+    finally:
+        server.close()
+        client.close()
+
+
 def test_handshake_rejects_non_websocket_request():
     server, client = _make_socketpair()
     try:
@@ -114,7 +172,6 @@ def _start_ws_host(token: str = "tok",
     return host
 
 
-@pytest.mark.flaky(reruns=2, reruns_delay=1)
 def test_ws_viewer_authenticates_and_receives_frames():
     host = _start_ws_host()
     try:
@@ -131,7 +188,6 @@ def test_ws_viewer_authenticates_and_receives_frames():
         host.stop(timeout=1.0)
 
 
-@pytest.mark.flaky(reruns=2, reruns_delay=1)
 def test_ws_viewer_with_wrong_token_is_rejected():
     host = _start_ws_host(token="right")
     try:
@@ -145,7 +201,6 @@ def test_ws_viewer_with_wrong_token_is_rejected():
         host.stop(timeout=1.0)
 
 
-@pytest.mark.flaky(reruns=2, reruns_delay=1)
 def test_ws_viewer_input_reaches_host_dispatcher():
     host = _start_ws_host()
     try:
@@ -166,7 +221,6 @@ def test_ws_viewer_input_reaches_host_dispatcher():
         host.stop(timeout=1.0)
 
 
-@pytest.mark.flaky(reruns=2, reruns_delay=1)
 def test_ws_host_announces_host_id():
     host = _start_ws_host(host_id="700800900")
     try: