Guillaume Cottenceau's patch that adds CURLOPT_UNRESTRICTED_AUTH that

disables the host name check in the FOLLOWLOCATION code. With that option
set, libcurl will send user+password to all hosts.