The plainHttpTransport implementation saved the resulting file only when the
server responded with 200 OK, thus ignoring the payload from the server when
the server responded with a 206 Partial Content. This was causing incremental
updates through hackage-security to fail (it wouldn't fail fatally;
hackage-security would notice the invalid timestamp and download the whole
thing instead, but of course this means we're not actually getting any
incremental behaviour).