gnutls_x509_trust_list_add_system_trust: Add macOS keychain support

This patch also stops checking for a default_trust_store_file in configure when building on macOS (unless explicitly asked to with --with-default-trust-store-file=xxx), because otherwise it finds /etc/ssl/cert.pem: This file is new (since 10.12.2?), which means libraries built on the newest OS version wouldn't work the same way on an older versions (and vice versa). /etc/ssl/cert.pem also doesn't seem to reflect additions and deletions from the user's or system's trusted roots keychain (in my limited testing).

I'm not super happy with the top of system/cert.c where I hacked around a clash between uint64 in the macOS APIs and the array defined in gnutls_int.h. The only other way I could think of was to rename the gnutls one (as it doesn't seem to be exported) to something else (gnutls_uint64 maybe?). But I went with the #define hack because it seemed less invasive. I'm open to better alternatives.

The bulk of the patch is fairly straightforward, with the gnutls calls cribbed from the windows variant.

-David