Is `curl --anyauth` supported properly when uploading documentation with cabal?

[andreasabel]

Re: haskell/cabal#10920

Since cabal 3.14 (PR haskell/cabal#10089) cabal upload uses --anyauth instead of --digest with curl.
On my machine at least, this broke the uploading of documentation.

I am reading curl/curl#6309 (comment)

--anyauth is not as efficient as --digest because it sends the content twice. the server should ask for authorization without the content.

Is hackage server handling this situation correctly?

NB: curl --version

curl 8.7.1 (x86_64-apple-darwin24.0) libcurl/8.7.1 (SecureTransport) LibreSSL/3.3.6 zlib/1.2.12 nghttp2/1.64.0
Release-Date: 2024-03-27
Protocols: dict file ftp ftps gopher gophers http https imap imaps ipfs ipns ldap ldaps mqtt pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS GSS-API HSTS HTTP2 HTTPS-proxy IPv6 Kerberos Largefile libz MultiSSL NTLM SPNEGO SSL threadsafe UnixSockets

[bgamari]

For what it's worth, the problem here appears to be an interaction between rewinding (needed for --anyauth), chunked transfer encoding, hackage-server, and nginx. hackage-server can response to anyauth requests with chunked encoding without any trouble. However, when reverse-proxied through nginx things fall over after rewind, resulting in nginx terminating the connection unexpected. I haven't yet worked out why this might be.

See haskell/cabal#10920 (comment).