From: Dan Fuhry Date: Fri, 14 Nov 2025 18:55:43 +0000 (-0500) Subject: fix building pkcs11 features on linux X-Git-Url: https://go.fuhry.dev/?a=commitdiff_plain;h=2bba560f888f6b84aef0850e3b9ea7f98234199b;p=runtime.git fix building pkcs11 features on linux --- diff --git a/mtls/BUILD.bazel b/mtls/BUILD.bazel index 6ef0447..4195239 100644 --- a/mtls/BUILD.bazel +++ b/mtls/BUILD.bazel @@ -4,30 +4,36 @@ go_library( name = "mtls", srcs = [ "identity.go", + "pkcs11.go", "provider_anonymous.go", "provider_file.go", "provider_interface.go", "provider_keychain_macos.go", "provider_shared.go", + "provider_tpm2_pkcs11.go", "verify_names.go", "verify_roots.go", ], + cgo = select({ + "@rules_go//go/platform:linux": True, + "//conditions:default": False, + }), importpath = "go.fuhry.dev/runtime/mtls", visibility = ["//visibility:public"], deps = [ + "//constants", "//mtls/certutil", "//mtls/fsnotify", "//utils/fsutil", "//utils/hashset", "//utils/log", + "@com_github_thalesignite_crypto11//:crypto11", ] + select({ "@rules_go//go/platform:darwin": [ - "//constants", "//utils/stringmatch", "@com_github_keybase_go_keychain//:go-keychain", ], "@rules_go//go/platform:ios": [ - "//constants", "//utils/stringmatch", "@com_github_keybase_go_keychain//:go-keychain", ], diff --git a/mtls/pkcs11.go b/mtls/pkcs11.go index 1e40ab4..fb5835d 100644 --- a/mtls/pkcs11.go +++ b/mtls/pkcs11.go @@ -1,5 +1,4 @@ -//go:build pkcs11 -// +build pkcs11 +//go:build cgo package mtls @@ -22,7 +21,9 @@ const ( var pkcs11Logger = log.WithPrefix("mtls.provider_tpm2_pkcs11") var pkcs11ModulePaths = []string{ + "/usr/lib/libtpm2_pkcs11.so", "/usr/lib/pkcs11/libtpm2_pkcs11.so", + "/usr/lib/x86_64-linux-gnu/libtpm2_pkcs11.so", "/usr/lib/x86_64-linux-gnu/pkcs11/libtpm2_pkcs11.so", } diff --git a/mtls/provider_tpm2_pkcs11.go b/mtls/provider_tpm2_pkcs11.go index 67d0636..aafd50b 100644 --- a/mtls/provider_tpm2_pkcs11.go +++ b/mtls/provider_tpm2_pkcs11.go @@ -1,5 +1,4 @@ -//go:build pkcs11 -// +build pkcs11 +//go:build cgo package mtls