http2: Allow using a shared nghttp2 library

As nice as it is to bundle several libraries for builders' convenience, it also exposes builders to several kinds of security problems (until you release a new version with the bundled libraries updated) and it duplicates the number of versions of a library present on systems. For instance, with libcurl/curl installed and built against nghttp2, having a bundled (and older) version of libnghttp2 statically linked into /usr/bin/node duplicates the other version already present in /usr/lib. Additionally, the currently bundled version 1.22.0 has several problems that were already fixed in later versions, notably the current 1.24.0 which has been out since early July 2017.