need help on irules encoding

customer using BIGIP to do SSL acc, but they need insert the DN of client cert to request http header. we encounter the encoding issue there...

 

 

the original DN of client is:

 

CN=041@0110200608081555@开发部@00000001,OU=Employees,OU=DEP,O=CFCA TEST CA,C=CN

 

 

what the BIGIP 9.4.1 output is:

 

CN=041@0110200608081555@\E5\BC\80\E5\8F\91\E9\83\A8@00000001,OU=Employees,OU=DEP,O=CFCA TEST CA,C=CN

 

and BIGIP 9.1.2 output is:

 

CN=\x000\x004\x001\x00@\x000\x001\x001\x000\x002\x000\x000\x006\x000\x008\x000\x008\x001\x005\x005\x005\x00@_\x00S\xD1\x90\xE8\x00@\x000\x000\x000\x000\x000\x000\x000\x001

 

 

the diffrence of the 9.1.2 and 9.4.1 is because of CR65543. but it seems that it's only partial completed CR.

 

 

the point here is that rules output is using ASCII to represent the UTF-8 code. but acturally, the server expected is the byte-stream of UTF-8 format but not "ASCII like" UTF-8. So there must something need to be done on this.

 

 

has open a case and do some basic research on the convertion. Till now, the best aproach I got is a small convertion code on bigip 9.4.1:

 

 

echo -n "\E5\BC\80\E5\8F\91\E9\83\A8" | sed -e 's/\\//g' | perl -e 'print pack("H*", )' | iconv -f utf8 -t gb2312

 

 

this will output the actual gb2312 character that I can seen it on terminal in my Chinese Windows version.

 

 

does this can be done by rules?

 

I found TCL has

 

encoding convertto (not sure if it is working in BIGIP environment)

 

binary format

 

regsub all

 

that may used for convertion. but really need help on how to make a working rule that can do it.

 

 

Thanks