Comply with TLS settings mandated for HTTP/2 in RFC 9113

[pquentin]

RFC 9113 imposes a number of conditions on TLS settings:

• Section 9.2: mandates TLS 1.2 or above (can be done with ssl_minimum_version)
• Section 9.2.1/9.2.2: mandates one specific TLS 1.2 cipher suite (TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) with a specific ECDH curve (though I think the curve choice is specific to servers) and forbids others. http://python-hyper.org/projects/h2/en/stable/negotiating-http2.html lists all allowed cipher suites in practice, but it references RFC 7540 and it's possible allowed cipher suites have changed between the two RFCs.
• Section 9.2.1: Renegotiation must be disabled (using ssl.OP_NO_RENEGOTIATION), meaning at some point a connection will become unusable, at which point we will have to discard it.
• Section 9.2.1/10.6: forbids the use of TLS compression (ssl.OP_NO_COMPRESSION must be set)
• Section 9.2.3: HTTP/2 clients MUST treat a TLS post-handshake CertificateRequest message as a connection error (Section 5.4.1) of type PROTOCOL_ERROR. Maybe hyper-h2 does this for us? We probably still want to enable post-handshake authentication in case the server is HTTP/1.1.

Most of these will have to be encoded in create_urllib3_context, which will need an HTTP/2 mode. It has to be part of the public API to allow users to tweak the context further if they want to, for example to handle a non-conformant server. HTTP2Connection will thus need to accept an ssl_context parameter at this point.