我正在尝试将一个简单的OpenSSL命令的输出保存到Python中的一个变量中。
$ openssl ciphers 'DEFAULT:!EXP:!LOW:!MEDIUM:!kDH:!kECDH:!DSS:!PSK:!SRP:!kRSA'
ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-CAMELLIA128-SHA
在 Python 中,我使用subprocess
中的check_output
来捕获输出。
from subprocess import check_output
out = check_output(["openssl", "ciphers 'DEFAULT:!EXP:!LOW:!MEDIUM:!kDH:!kECDH:!DSS:!PSK:!SRP:!kRSA'"])
这导致:
openssl:Error: 'ciphers DEFAULT:!EXP:!LOW:!MEDIUM:!kDH:!kECDH:!DSS:!PSK:!SRP:!kRSA'' is an invalid command.
我已经尝试了各种方法来解决这个问题。
- 转义 (
'DEFAULT:!EXP:!LOW:!MEDIUM:!kDH:!kECDH:!DSS:!PSK:!SRP:!kRSA'
( 的单引号 - 为上述字符串创建变量并在
check_output
中使用它 - 在
check_output
中分隔ciphers
和上述字符串 (check_output(["openssl", "ciphers", "..."]
(
我的尝试都没有奏效。
如果我将ciphers
和密码字符串分开,则会出现以下错误。
out = check_output(["openssl", "ciphers", "'DEFAULT:!EXP:!LOW:!MEDIUM:!kDH:!kECDH:!DSS:!PSK:!SRP:!kRSA'"])
Error in cipher list
140348600368856:error:140E6118:SSL routines:SSL_CIPHER_PROCESS_RULESTR:invalid command:ssl_ciph.c:1226:
140348600368856:error:140E6118:SSL routines:SSL_CIPHER_PROCESS_RULESTR:invalid command:ssl_ciph.c:1226:
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/usr/lib/python3.5/subprocess.py", line 626, in check_output
**kwargs).stdout
File "/usr/lib/python3.5/subprocess.py", line 708, in run
output=stdout, stderr=stderr)
subprocess.CalledProcessError: Command '['openssl', 'ciphers', "'DEFAULT:!EXP:!LOW:!MEDIUM:!kDH:!kECDH:!DSS:!PSK:!SRP:!kRSA'"]' returned non-zero exit status 1
我不明白为什么这不适用于check_output
,就像简单地在终端中执行时一样。
编辑:我尝试了另一种PIPE
和run
方法:
>>> from subprocess import PIPE, run
>>> command = ["openssl", "ciphers", "'DEFAULT:!EXP:!LOW:!MEDIUM:!kDH:!kECDH:!DSS:!PSK:!SRP:!kRSA'"]
>>> result = run(command, stdout=PIPE, stderr=PIPE, universal_newlines=True)
>>> print(result.returncode, result.stdout, result.stderr)
1 Error in cipher list
140088420478680:error:140E6118:SSL routines:SSL_CIPHER_PROCESS_RULESTR:invalid command:ssl_ciph.c:1226:
140088420478680:error:140E6118:SSL routines:SSL_CIPHER_PROCESS_RULESTR:invalid command:ssl_ciph.c:1226:
这也会导致"无效命令"。
问:如何在 Python3 中捕获上述 OpenSSL 命令的输出?
您不必将密码列表包装两次。
试试这个,
>>> import subprocess
>>> out = subprocess.check_output(['openssl', 'ciphers', 'DEFAULT:!EXP:!LOW:!MEDIUM:!kDH:!kECDH:!DSS:!PSK:!SRP:!kRSA'])
>>> out
b'DHE-RSA-AES256-SHA:EDH-RSA-DES-CBC3-SHA:DHE-RSA-AES128-SHAn'