test(peer-cli): cover streamed retry fallback

NEXT_STEPS item 5 needs streamed installs to have an explicit retry
policy. The handler already retries whole-stream attempts across the
majority-validated peer set, so add S42 to prove that behavior with the
Docker harness instead of leaving it implicit.

S42 starts two catalog-version-matching `cnctw` sources. The first source
sorts first in retry order but has `--unrar /missing-unrar`, so its stream
attempt fails before sending chunks. The second source then completes a
fresh whole-stream attempt. The scenario asserts local-only installed
state, no root archive or sentinel, no `.local.installing` staging
leftover, chunk events only from the good source, matching streamed byte
count, and SHA-256 payload equality against the good source's `unrar p`.

This pins the current policy: retry the entire stream from another
validated peer, do not preserve partial files across attempts, and do not
promise byte-offset resume.

Test Plan:
- python3 -m py_compile crates/lanspread-peer-cli/scripts/run_extended_scenarios.py
- python3 crates/lanspread-peer-cli/scripts/run_extended_scenarios.py S42
- git diff --check
- git diff --cached --check

Refs: NEXT_STEPS.md item 5

PEER_CLI_SCENARIOS.md

@@ -49,6 +49,7 @@ for deterministic local runs; mDNS/macvlan remains an environment smoke path.
 | S39 | Streamed install without keeping archive payload | Empty client connects to `fixture-bravo`, then sends `stream-install cnctw`. The source has real RAR `.eti` payload entries under `bin/` and `data/`; the receiver uses the container-bundled `unrar` stream provider. | Client emits `got-game-files`, `download-begin`, streamed `download-chunk-finished`, `download-finished`, `install-begin`, and `install-finished`. Local `cnctw` is `downloaded=false`, `installed=true`, `availability=LocalOnly`; root `version.ini` and `.eti` are absent; `local/bin/cnctw-payload.bin` and `local/data/cnctw-assets.dat` match `unrar p` output by SHA-256. |
 | S40 | Streamed install receiver is not a peer source | After S39, a third peer connects only to the streamed-install receiver. | The third peer may see the receiver's local-only summary in peer snapshots, but `list-games` remote aggregation does not expose `cnctw` as downloadable, `peer_count` remains zero/absent, and attempting `download cnctw` fails with no local files created. |
 | S41 | Solid archive streamed install | Empty client connects to a peer serving `fixture-solid/cnctw`, whose `.eti` is a real solid RAR archive. The receiver uses the container-bundled `unrar` stream provider. | The fixture is verified as solid with `unrar lt`; streamed install finishes with `downloaded=false`, `installed=true`, `availability=LocalOnly`; root archive and `version.ini` are absent; streamed byte count equals the extracted solid entries; local payload SHA-256 hashes match `unrar p` output. |
+| S42 | Streamed install whole-stream retry | Empty client connects to two peers serving the same catalog-version `cnctw`: one broken source whose `--unrar` path is missing, followed by one good source. | The broken source sorts before the good source in retry order, contributes zero chunks, and the good source completes a fresh whole-stream attempt. The final state is local-only installed, no root archive/sentinel, no `.local.installing`, byte count matches the extracted entries, and payload hashes match the good source. |
 
 ## Version-Skew Contract
 
@@ -129,9 +130,30 @@ Use S39-S41 to pin down low-disk streamed installs:
 - S41 verifies the fixture is actually solid inside the source container, so
   solid handling stays covered by the same Docker harness as the existing
   streamed-install scenarios.
+- S42 verifies retry/resume semantics: failed streamed attempts roll back their
+  staging directory and retry the whole stream from another validated peer.
+  There is no byte-offset resume contract.
 
 ## Run Log
 
+### 2026-06-07 - Streamed Install Whole-Stream Retry (S42)
+
+- Code under test added S42 in `run_extended_scenarios.py`.
+- Gates before Docker: `python3 -m py_compile
+  crates/lanspread-peer-cli/scripts/run_extended_scenarios.py` passed.
+- Runner:
+  `python3 crates/lanspread-peer-cli/scripts/run_extended_scenarios.py S42`
+  passed against the current `lanspread-peer-cli:dev` image.
+- S42 started a broken source with `--unrar /missing-unrar` and a good source
+  with the same catalog-version `cnctw` metadata. The broken source sorted first
+  (`10.66.0.2:32897`) and the good source second (`10.66.0.3:34092`).
+- The broken source contributed zero chunks; the good source completed the fresh
+  whole-stream attempt with `3145728` streamed file bytes.
+- The final client state was `downloaded=false`, `installed=true`,
+  `availability=LocalOnly`, with no root `version.ini`, no root `cnctw.eti`,
+  and no `.local.installing` staging directory. Payload SHA-256 hashes matched
+  the good source's `unrar p` output.
+
 ### 2026-06-07 - Solid Streamed Install Coverage (S41)
 
 - Code under test added `fixture-solid/cnctw`, a real solid RAR `.eti`, plus