As Gatekeeper, I like binaries downloaded from a web browser to be signed

OS X 10.8 includes a new technology called "Gatekeeper" that prevents the execution of binaries downloaded through popular web browsers if they lack a valid Developer ID signature.

Gatekeeper checks the following:

• Does the package that the executable was contained in have the Quarantine bit?
• Was said executable signed with a Developer ID?
• Is the Developer ID valid?

This changeset allows the viewer to be signed with a Developer ID certificate. It adds the following configuration parameters:
-DENABLE_SIGNING:BOOL
-DSIGNING_IDENTITY:STRING

-DENABLE_SIGNING enables code signing on OS X. By default, it'll attempt to use the default "Developer ID Application" certificate on the system's keychain. For systems that have multiple Developer ID Application certificates installed, this parameter will need to be overridden with -DSIGNING_IDENTITY. An example configuration with this would look like:

autobuild build -c ReleaseOS -- -DENABLE_SIGNING:BOOL=YES -DSIGNING_IDENTITY:STRING="Second\ Life\ Dev\ ID"

Please note that your keychain has to be unlocked before attempting to sign the viewer.

Test plan:

• Obtain an Apple Developer ID Application certificate through http://developer.apple.com/ (Requires Mac Developer Program membership)
• Build the viewer from the terminal with:
  

  autobuild build -c ReleaseOS -- -DENABLE_SIGNING:BOOL=YES -DSIGNING_IDENTITY:STRING="Developer\ ID\ Application:\ Your\ Cert\ Name\ Here"

  (back slashes are essential, do not forget them any time you add a space to the certificate's name!)

• Allow codesign to access the certificate when prompted to
• Download the resulting DMG through Safari, or another browser that sets the Quarantine bit
• Launch the viewer on OS X 10.8 with the default Gatekeeper settings. A dialog asking if you're sure if you'd like to launch it will pop up. This is expected for all applications not downloaded from the Mac App Store.