This excludes

* layers, as its latest commits have an API change we still need to adapt to;
* hyper, as it gained a dependency on the solicit crate, which triggers an ICE
  in the current rustc (<rust-lang/rust#26805>);
* websocket, as it depends on a hyper API change;
* tenacious, as it has not yet been updated to the current rustc
  (<Manishearth/rust-tenacious#6>).

Unfortunately, this adds a third copy of bitflags to our dependencies; I've
created pull requests to the guilty dependencies:
<sfackler/rust-openssl#236> and
<servo/cocoa-rs#94>.