Previously the build artifacts did not include a signed timestamp, so
when the certificate expired the validation of the artifact would fail.
Now we sign against a timestamp server such that the artifact will
always be valid regardless of the disposition of the certificate.

Closes #7360 and #7059.

when a pfx file is passed to tls.connection,
it is the client private key, not the server's private key.

Signed-off-by: Fedor Indutny <fedor@indutny.com>

Socket may become not `readable`, but http should not rely on this
property and should not think that it means that no data will ever
arrive from it. In fact, it may arrive in a next tick and, since
`this.push(null)` was already called, it will result in a error like
this:

    Error: stream.push() after EOF
        at readableAddChunk (_stream_readable.js:143:15)
        at IncomingMessage.Readable.push (_stream_readable.js:123:10)
        at HTTPParser.parserOnBody (_http_common.js:132:22)
        at Socket.socketOnData (_http_client.js:277:20)
        at Socket.EventEmitter.emit (events.js:101:17)
        at Socket.Readable.read (_stream_readable.js:367:10)
        at Socket.socketCloseListener (_http_client.js:196:10)
        at Socket.EventEmitter.emit (events.js:123:20)
        at TCP.close (net.js:479:12)

fix #6784

Conflicts:
	deps/openssl/asm/x64-elf-gas/aes/vpaes-x86_64.s
	deps/openssl/asm/x64-macosx-gas/aes/vpaes-x86_64.s
	deps/openssl/asm/x64-win32-masm/aes/vpaes-x86_64.asm
	deps/openssl/openssl/CHANGES
	deps/openssl/openssl/Makefile
	deps/openssl/openssl/Makefile.org
	deps/openssl/openssl/NEWS
	deps/openssl/openssl/README
	deps/openssl/openssl/crypto/opensslv.h
	deps/openssl/openssl/openssl.spec
	deps/openssl/openssl/ssl/s23_clnt.c
	lib/http.js
	test/simple/test-http-client-readable.js

Re-applying commit 153784b, which
was overwritten by the update to openssl 1.0.1f.

Original source:

http://openssl.6102.n7.nabble.com/PATCH-s-client-Fix-keypress-requirement-with-redirected-input-on-Windows-td46787.html