Skip to content

Commit

Permalink
refactor x_ssl_client_cn irule
Browse files Browse the repository at this point in the history 
refactor x_ssl_client_cn irule
  • Loading branch information
@m-kratochvil
m-kratochvil authored Oct 16, 2024
2 parents 9bc7603 + cc9d50a commit f0e7178
Showing 1 changed file with 3 additions and 14 deletions.
17 changes: 3 additions & 14 deletions octavia_f5/restclient/as3objects/irule.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,24 +77,13 @@
HTTP::header insert "X-SSL-Client-DN" $subject_dn
}
}"""
X_SSL_CLIENT_CN = """proc x509CNExtract { str } {
set res "CN notFound"
foreach field [ split $str " "] {
foreach { fname fval } [ split $field "=" ] break
if { $fname eq "CN" } {
set res $fval
break
}
}
return $res
}
when HTTP_REQUEST {
X_SSL_CLIENT_CN = """when HTTP_REQUEST {
if { [HTTP::has_responded] }{ return }
if { [SSL::cert count] > 0 }{
set subject_cn [X509::subject [SSL::cert 0]]
set subject_cn [X509::subject [SSL::cert 0] commonName]
}
if { [info exists subject_cn] } {
HTTP::header insert "X-SSL-Client-CN" [call x509CNExtract $subject_cn]
HTTP::header insert "X-SSL-Client-CN" $subject_cn
}
}"""
X_SSL_CLIENT_SHA1 = """when HTTP_REQUEST {
Expand Down

0 comments on commit f0e7178

Please sign in to comment.