net/http: backport "multipart ReadForm close file after copy" to 1.7

[bradfitz]

If we do another release of Go 1.7, back port:

commit 7478ea5dba7ed02ddffd91c1d17ec8141f7cf184
Author: Michael Fraenkel <michael.fraenkel@gmail.com>
Date:   Wed Oct 5 11:27:34 2016 -0400

    net/http: multipart ReadForm close file after copy
    
    Always close the file regardless of whether the copy succeeds or fails.
    Pass along the close error if the copy succeeds
    
    Fixes #16296
    
    Change-Id: Ib394655b91d25750f029f17b3846d985f673fb50
    Reviewed-on: https://go-review.googlesource.com/30410
    Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
    Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
    TryBot-Result: Gobot Gobot <gobot@golang.org>

Reportedly, it closes a potential DoS vector, exhausting a server's file descriptors.

/cc @broady @quentinmit

[gopherbot]

CL https://golang.org/cl/33639 mentions this issue.

[broady]

Included in Go 1.6.4 via f0fa13b:
https://golang.org/cl/33640