CVE-2015-3183 Fix chunk header parsing defect.

Remove apr_brigade_flatten(), buffering and duplicated code from
the HTTP_IN filter, parse chunks in a single pass with zero copy.

Limit accepted chunk-size to 2^63-1 and be strict about chunk-ext
authorized characters.

Submitted by: graham, ylavic
Reviewed by: ylavic, wrowe, jim
Backports: 1484852, 1684513
Reported by: Régis Leroy



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1684515 13f79535-47bb-0310-9956-ffa450edef68