gnutls_x509_trust_list_add_system_trust: Add macOS keychain support
This patch also stops checking for a default_trust_store_file in configure when building on
macOS (unless explicitly asked to with
because otherwise it finds
/etc/ssl/cert.pem: This file is new (since
10.12.2?), which means libraries built on the newest OS version wouldn't work
the same way on an older versions (and vice versa).
doesn't seem to reflect additions and deletions from the user's or system's
trusted roots keychain (in my limited testing).
I'm not super happy with the top of system/cert.c where I hacked around a clash between
uint64 in the macOS APIs and the array defined in
gnutls_int.h. The only other way I could think of was to rename the gnutls one (as it doesn't seem to be exported) to something else (
gnutls_uint64 maybe?). But I went with the
#define hack because it seemed less invasive. I'm open to better alternatives.
The bulk of the patch is fairly straightforward, with the gnutls calls cribbed from the windows variant.