Changelog
+<<<<<<< CHANGES
+Daniel Stenberg (4 June 2009)
+- Setting the Content-Length: header from your app when you do a POST or PUT
+ is almost always a VERY BAD IDEA. Yet there are still apps out there doing
+ this, and now recently it triggered a bug/side-effect in libcurl as when
+ libcurl sends a POST or PUT with NTLM, it sends an empty post first when it
+ knows it will just get a 401/407 back. If the app then replaced the
+ Content-Length header, it caused the server to wait for input that libcurl
+ wouldn't send. Aaron Oneal reported this problem in bug report #2799008
+ http://curl.haxx.se/bug/view.cgi?id=2799008) and helped us verify the fix.
+
+=======
Yang Tse (4 Jun 2009)
- Igor Novoseltsev provided patches and information, that after some
adjustments to better fit curl's way of doing things, have resulted
in the posibility of building libcurl for VxWorks.
+>>>>>>> 1.1683
Daniel Fandrich (2 June 2009)
- Checked in a Google Android make file. To use it, you must first
create a config.h file by running configure in the Android environment,
o libcurl-NSS build fixes
o libcurl-NSS build fix
o configure script fixed for VMS
+<<<<<<< RELEASE-NOTES
+ o set Content-Length: with POST and PUT failed with NTLM auth
+=======
o allow building libcurl for VxWorks
+>>>>>>> 1.1030
This release includes the following known bugs:
This release would not have looked like this without help, code, reports and
advice from friends like these:
+<<<<<<< RELEASE-NOTES
+ Yang Tse, Daniel Fandrich, Kamil Dudka, Caolan McNamara, Frank McGeough,
+ Andre Guibert de Bruet, Mike Crowe, Claes Jakobsson, John E. Malmberg,
+ Aaron Oneal
+=======
Kamil Dudka, Caolan McNamara, Frank McGeough, Andre Guibert de Bruet,
Mike Crowe, Claes Jakobsson, John E. Malmberg, Igor Novoseltsev
+>>>>>>> 1.1030
Thanks! (and sorry if I forgot to mention someone)
/* this header (extended by formdata.c) is sent later */
checkprefix("Content-Type:", headers->data))
;
+ else if(conn->bits.authneg &&
+ /* while doing auth neg, don't allow the custom length since
+ we will force length zero then */
+ checkprefix("Content-Length", headers->data))
+ ;
else {
CURLcode result = add_bufferf(req_buffer, "%s\r\n", headers->data);
if(result)
we don't upload data chunked, as RFC2616 forbids us to set both
kinds of headers (Transfer-Encoding: chunked and Content-Length) */
- if(!checkheaders(data, "Content-Length:")) {
- /* we allow replacing this header, although it isn't very wise to
- actually set your own */
+ if(conn->bits.authneg || !checkheaders(data, "Content-Length:")) {
+ /* we allow replacing this header if not during auth negotiation,
+ although it isn't very wise to actually set your own */
result = add_bufferf(req_buffer,
"Content-Length: %" FORMAT_OFF_T"\r\n",
postsize);