Do not search system paths for non-ccapi plugins

On OS X anyways, since Heimdal cannot be built to replace the system
Kerberos implementation in OS X (even though it's based on Heimdal).

Heimdal plugins other than the CCAPI plugins have private ABIs with
strong coupling to the internals of the Heimdal libraries, thus using
system plugins in a non-system Heimdal is likely to end in tears (e.g.,
segfaults).

This means, for example, that OS X's plugins for PAC creation and
verification cannot be used by Heimdal.

lib/krb5/context.c

@@ -348,8 +348,10 @@ static const char *sysplugin_dirs[] =  {
 #endif
 #ifdef __APPLE__
     LIBDIR "/plugin/krb5",
+#ifdef HEIM_PLUGINS_SEARCH_SYSTEM
     "/Library/KerberosPlugins/KerberosFrameworkPlugins",
     "/System/Library/KerberosPlugins/KerberosFrameworkPlugins",
+#endif
 #endif
     NULL
 };