diff --git a/CHANGES b/CHANGES
index d04f713..dca89b4 100755
--- a/CHANGES
+++ b/CHANGES
@@ -1,5 +1,7 @@
 Changes to proxytunnel version 1.6.4 -- xxx
 
+- Allow multiple '-H' options (headers), total size of the headers
+  should not exceed 1k.
 - Reworked setproctitle calls, giving an argument to -x should now
   really hide all traces of the original name, not only the arguments
   Also remove argument-info on normal (without -x) runs.
diff --git a/cmdline.c b/cmdline.c
index 51b362a..6441328 100755
--- a/cmdline.c
+++ b/cmdline.c
@@ -144,7 +144,7 @@ int cmdline_parser( int argc, char * const *argv, struct gengetopt_args_info *ar
 	args_info->proxyhost_arg = NULL; \
 	args_info->dest_arg = NULL; \
 	args_info->remproxy_arg = NULL; \
-	args_info->header_arg = NULL; \
+	args_info->header_arg[0] = '\0'; \
 	args_info->verbose_flag = 0; \
 	args_info->ntlm_flag = 0; \
 	args_info->inetd_flag = 0; \
@@ -363,8 +363,8 @@ int cmdline_parser( int argc, char * const *argv, struct gengetopt_args_info *ar
 
         case 'H':	/* Extra headers to send to HTTPS proxy. */
           args_info->header_given++;
-	  /* FIXME in case of multiple headers, later... */
-          args_info->header_arg = gengetopt_strdup (optarg);
+	  strlcat( args_info->header_arg, optarg, MAX_HEADER_SIZE );
+	  strlcat( args_info->header_arg, "\r\n", MAX_HEADER_SIZE );
           break;
 
         case 'v':	/* Turn on verbosity.  */
diff --git a/cmdline.h b/cmdline.h
index 79d0747..da7fd23 100755
--- a/cmdline.h
+++ b/cmdline.h
@@ -23,6 +23,8 @@
 #ifndef _cmdline_h
 #define _cmdline_h
 
+#define MAX_HEADER_SIZE 1024
+
 struct gengetopt_args_info {
   char * user_arg;	/* Username to send to HTTPS proxy for auth. */
   char * pass_arg;	/* Password to send to HTTPS proxy for auth. */
@@ -31,7 +33,7 @@ struct gengetopt_args_info {
   char * proxyhost_arg;	/* HTTPS Proxy host to connect to. */
   int proxyport_arg;	/* HTTPS Proxy host portnumber to connect to. */
   char * dest_arg;	/* Destination host to built the tunnel to. */
-  char * header_arg;	/* Extra headers to send to HTTPS proxy */
+  char header_arg[MAX_HEADER_SIZE];	/* Extra headers to send to HTTPS proxy */
   char * remproxy_arg;  /* Remote proxy to tunnel to. */
   int verbose_flag;	/* Turn on verbosity (default=off). */
   int ntlm_flag;	/* Turn on ntlm  (default=off). */
diff --git a/http.c b/http.c
index 71b1f29..2511cbd 100644
--- a/http.c
+++ b/http.c
@@ -154,7 +154,7 @@ void proxy_protocol()
 		/*
 		 * Add extra header(s)
 		 */
-		sprintf( buf, "%s%s\r\n", buf, args_info.header_arg );
+		sprintf( buf, "%s%s", buf, args_info.header_arg );
 	}
 
 	sprintf( buf, "%sProxy-Connection: Keep-Alive\r\n\r\n", buf );
@@ -198,7 +198,7 @@ void proxy_protocol()
 		 * Add extra header(s)
 		 */
 		if ( args_info.header_given )
-			sprintf( buf, "%s%s\r\n", buf, args_info.header_arg );
+			sprintf( buf, "%s%s", buf, args_info.header_arg );
 		sprintf( buf, "%sProxy-Connection: Keep-Alive\r\n\r\n", buf );
 		
 		/*