Replacement of sslversion=N by tls-min-version=1.N

Replacement of sslversion=N by tls-min-version=1.N

Overall the default behaviour is changed from enumerating the protocols
wanted. To enumerating and eliminating the unwanted.

* sslversion= / version= parameter is removed from documentation.

* sslversion= code logics is converted from setting the SSL_*_method()
  function to setting the ssloptions= masking parameters.

Yes this will open a hole for future libraries use of TLSv1.3. However
that is kind of desirable and if it becomes a problem the
ssloptions=NO_TLSv1_3 should be made available.

* The SSL_*_method() logic is all converted to using the flexible
  TLS_*_Method() API when available (OpenSSL 1.1.0) otherwise the
  equivalent SSLv23_*_method() API is used.

That API follows the latest specification behaviour: to send a protocol
frame type that any recipient should be able to parse (library decides
which), while only negotiating the protocol type permitted.

* A new option tls-min-version=1.N is added to server connection
  directives. It controls *only* the TLS version range.

 - http(s)_port directives are not (yet) implemented using
   Security::PeerOptions. For now they are left with options= masking to
   select protocol support.

 - bug in http(s)_port directives version= parameter is fixed. The new
   backward compatibility code accepts version=4|5|6 where the existing
   code did not despite documentation saying it did.

 - SSLv3 is left at the library default unless ssloptions=NO_SSLv3 is used.

* ssloptions= is left alone so anyone can still set the library options
  masks to control SSLv3 enable/disable or specific TLS versions higher
  than the configured minimum.