From cc9d50aed3962988f4152cdd575c68d80b1b033a Mon Sep 17 00:00:00 2001
From: Michal Kratochvil <kratochvil@outlook.com>
Date: Wed, 11 Sep 2024 20:11:59 +0000
Subject: [PATCH] refactor x_ssl_client_cn irule

---
 octavia_f5/restclient/as3objects/irule.py | 17 +++--------------
 1 file changed, 3 insertions(+), 14 deletions(-)

diff --git a/octavia_f5/restclient/as3objects/irule.py b/octavia_f5/restclient/as3objects/irule.py
index 536aa8e..58599f5 100644
--- a/octavia_f5/restclient/as3objects/irule.py
+++ b/octavia_f5/restclient/as3objects/irule.py
@@ -77,24 +77,13 @@
         HTTP::header insert "X-SSL-Client-DN" $subject_dn
     }
 }"""
-X_SSL_CLIENT_CN = """proc x509CNExtract { str } {
-    set res "CN notFound"
-    foreach field [ split $str " "] {
-        foreach { fname  fval } [ split $field "=" ]  break
-        if { $fname eq "CN" } {
-            set res $fval
-            break
-        }
-    }
-    return $res
-}
-when HTTP_REQUEST {
+X_SSL_CLIENT_CN = """when HTTP_REQUEST {
     if { [HTTP::has_responded] }{ return }
     if { [SSL::cert count] > 0 }{
-        set subject_cn [X509::subject [SSL::cert 0]]
+        set subject_cn [X509::subject [SSL::cert 0] commonName]
     }
     if { [info exists subject_cn] } {
-        HTTP::header insert "X-SSL-Client-CN" [call x509CNExtract $subject_cn]
+        HTTP::header insert "X-SSL-Client-CN" $subject_cn
     }
 }"""
 X_SSL_CLIENT_SHA1 = """when HTTP_REQUEST {