Because of the redundant check in backend HTTP/2 session,
no-http2-cipher-black-list does not work on backend HTTP/2 connection.
This commit fixes it.

Fix issue reporting by PVS Studio

Update README file

Consider checking the fourth actual argument of the 'fprintf' function. The SIGNED integer type argument is expected.

nghttp2_hd: fix It is odd that the body of 'hd_get_num_table_entries' function is fully equivalent to the body of 'get_max_index' function found by PVS Studio (V524)

nghttp2_submit: fix Parameter 'flags' is always rewritten in function body before being used found by PVS Studio (V763)

Previously, global accept-proxy-protocol option enables PROXY protocol
support for all frontend listeners, but this was inflexible.  To fix
this issue, accept-proxy-protocol option is now deprecated, and
instead proxyproto parameter in frontend option enables PROXY protocol
support per frontend.

boringssl says:

/* It is an error to clear any bits that have already been set. (We can't try
 * to get a second close_notify or send two.) */
assert((SSL_get_shutdown(ssl) & mode) == SSL_get_shutdown(ssl));

Plain write(2) is OK, but SSL_write requires same arguments on retry.
It would be better to avoid calling them again.

nghttpx: Add frontend-keep-alive-timeout option

on_read may fail, but we failed to check its return value most of the
places.  This is because failure means deletion of ClientHandler, but
because of architecture, we cannot delete it.  Feeding read event is
better since we can move call on_read from libev callback.  We can
delete ClientHandler form there.

Because of bidirectional nature of TCP, we may fail write(2), but have
still pending read in TCP buffer, which may contain response body.  To
forward them, we should keep reading until get EOF from backend.

To avoid stalling HTTP/1 upload when request buffer is full, and we
have received complete response from backend, drop connection in that
case.