tls,http2: send fatal alert on ALPN mismatch

To comply with RFC 7301, make TLS servers send a fatal alert during the TLS handshake if both the client and the server are configured to use ALPN and if the server does not support any of the protocols advertised by the client.

It is expected that a server will have a list of protocols that it supports, in preference order, and will only select a protocol if the client supports it. In that case, the server SHOULD select the most highly preferred protocol that it supports and that is also advertised by the client. In the event that the server supports no protocols that the client advertises, then the server SHALL respond with a fatal "no_application_protocol" alert.

enum {
    no_application_protocol(120),
    (255)
} AlertDescription;

This affects HTTP/2 servers. Until now, applications could intercept the 'unknownProtocol' event when the client either did not advertise any protocols or if the list of protocols advertised by the client did not include HTTP/2 (or HTTP/1.1 if allowHTTP1 was true). With this change, only the first case can be handled, and the 'unknownProtocol' event will not be emitted in the second case because the TLS handshake fails and no secure connection is established.

---

I am marking this as semver-major because it changes existing behavior in a potentially breaking way.

@nodejs/http2 It seems that the HTTP/2 server implementation has a few tricks up its sleeve for when ALPN does not match (switching to HTTP/1.1, sending an informational HTTP/1.0 message, destroying the connection...). Please review these changes carefully.