I'm using libcurl 7.37.0 (built with SSPI on Windows) and I'm trying to establish a proxy tunnel through a squid 3.2.11 proxy, which sends "Connection: Keep-Alive" with 407 responses. Both CURLOPT_HTTPPROXYTUNNEL and CURLOPT_CONNECT_ONLY are set to 1. When I use the easy API, everything works as expected, and also when I use a proxy that sends "(Proxy-)Connection: Close" with 407 responses, as the connection is not reused in this case.
But when I use the multi API and I don't submit valid proxy credentials for the first transfer, the connection gets reused for the second transfer (now with valid credentials). Because the first socket is then still valid in Curl_setup_conn, multi_runsingle switches immediately from CURLM_STATE_CONNECT to CURLM_STATE_DO, skipping proxy authentication, and then immediately to CURLM_STATE_DONE because of the connect_only option. libcurl then tells me that the connection was successful, but I cannot use the socket as the CONNECT still has not succeeded because of the missing proxy authentication.