Fixed to pass basic auth to HTTP connections when included in user info portion of URL (e.g. as API token).

- Environment variables are by convention upper case, so I'm switching to upper case. This was what the original ticket requested anyway.
- Since the ".jobName" was never documented to begin with, let's not promote that and stick to "_JOBNAME" as the official version.

added missing translations (save), adjusted an entry to match existing occurrences
corrected missing backslash escapes
deleted dislocated russian property file

removed some translations from GlobalSecurityConfiguration and jenkins/model/Jenkins
that should only exist in MasterComputer, DumbSlave & MasterBuildConfiguration

Introduced ${ITEM_FULL_NAME} to address the ticket without causing the
backward compatibility problem.

This is done by introducing a new base type 'BuildDiscarder' that's
extensible. Plugins can implement their own logics.

[JENKINS-16815] Specify ID and version in UpdateSite.updateDirectly

This fixes two annotation-indexers from different groupIds to get
bundled.

This reverts commit e2168722.

- Use the proper block cipher mode.
  Or else the information about the plain text still ends up revealing as a pattern without the attacker knowing the key.
- No need to hide SLAVE_SECRET from the encrypted payload.
  jnlpMac is needed to decrypt this payload to begin with, so there's no point in hiding it. This simplifies the code a little bit.
- Using a newer slave installer that uses the -secret option

Jesse's original patch

This came from pull request #705

Fixed the HTTP request thread saturation problem with Winstone.

eval("") is no-op in IE but window.execScript("") isn't.
So bring the uniformity outside

Failure to load JNA should be handled graciously

[FIXED JENKINS-16776] surefire-reports not detected for android-maven-plugin

(Or should we just check the status code?)