heads: fix children/descendants in doc (issue3992)

paper: fix rendering of the first tab in a line in Webkit (issue3990) This fixes issue3990 for Webkit-browsers, and also older Opera versions. Rendering in firefox is not changed.

hgweb: fix duplication for some search queries Given that N is maximum revision number in a repo, than if a revision with number N-100n or N-100n+1 (for any integer n) is found with a hgweb search, this revision is duplicated in search results.

sslutil: force SSLv3 on Python 2.6 and later (issue3905) We can't (easily) force SSL version on older Pythons, but on 2.6 and later we can force SSLv3, which is safer and widely supported. This also appears to work around a bug in IIS detailed in issue 3905.

httpclient: update to revision 9517a2b56fe9 of httpplus (issue3905) Includes upstream change "socketutil: force SSLv3 by default, as it is safer" which should fix issue 3905.

hgweb: force connection close on early response Not all WSGI servers close the socket when an early response is sent to a large POST request, which can cause the server to interpret the already-sent request body as an incoming (but hopelessly invalid) request.