I had some problems with cl-oauth and POST requests (and tumblr's braindead image posting API), and these changes help fixing them. Can you have a look and maybe pull them into your repository?
The issue was that the URL encoders used by DRAKMA and cl-oauth differ, which makes signature verification fail. With this change, POST parameters are encoded explicitly using cl-oauth's url-encode function and passed to DRAKMA as request body.
initial xAuth support for tumblr
remove unused variable
fix some warnings.
changes to support posting images in a hacky way to tumblr
Looks good, merged!