- Setting the Content-Length: header from your app when you do a POST or PUT

  is almost always a VERY BAD IDEA. Yet there are still apps out there doing
  this, and now recently it triggered a bug/side-effect in libcurl as when
  libcurl sends a POST or PUT with NTLM, it sends an empty post first when it
  knows it will just get a 401/407 back. If the app then replaced the
  Content-Length header, it caused the server to wait for input that libcurl
  wouldn't send. Aaron Oneal reported this problem in bug report #2799008
  http://curl.haxx.se/bug/view.cgi?id=2799008) and helped us verify the fix.

1 files changed, 10 insertions, 0 deletions

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 035473d2a..9866e5d92 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -20,7 +20,11 @@ This release includes the following bugfixes:
  o libcurl-NSS build fixes
  o libcurl-NSS build fix
  o configure script fixed for VMS
+<<<<<<< RELEASE-NOTES
+ o set Content-Length: with POST and PUT failed with NTLM auth
+=======
  o allow building libcurl for VxWorks
+>>>>>>> 1.1030
 
 This release includes the following known bugs:
 
@@ -29,7 +33,13 @@ This release includes the following known bugs:
 This release would not have looked like this without help, code, reports and
 advice from friends like these:
 
+<<<<<<< RELEASE-NOTES
+ Yang Tse, Daniel Fandrich, Kamil Dudka, Caolan McNamara, Frank McGeough,
+ Andre Guibert de Bruet, Mike Crowe, Claes Jakobsson, John E. Malmberg,
+ Aaron Oneal
+=======
  Kamil Dudka, Caolan McNamara, Frank McGeough, Andre Guibert de Bruet,
  Mike Crowe, Claes Jakobsson, John E. Malmberg, Igor Novoseltsev
+>>>>>>> 1.1030
 
         Thanks! (and sorry if I forgot to mention someone)