在Python中保存OpenSSL輸出

Question

我試圖將簡單的OpenSSL命令的輸出保存到Python中的變量中。

$ openssl ciphers 'DEFAULT:!EXP:!LOW:!MEDIUM:!kDH:!kECDH:!DSS:!PSK:!SRP:!kRSA' 
ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-CAMELLIA128-SHA 

在Python中，我使用subprocesscheck_output捕獲輸出。

from subprocess import check_output 
out = check_output(["openssl", "ciphers 'DEFAULT:!EXP:!LOW:!MEDIUM:!kDH:!kECDH:!DSS:!PSK:!SRP:!kRSA'"]) 

這導致：

openssl:Error: 'ciphers DEFAULT:!EXP:!LOW:!MEDIUM:!kDH:!kECDH:!DSS:!PSK:!SRP:!kRSA'' is an invalid command. 

我已經嘗試了各種東西，來解決這個問題。

• 逃離單引號爲（\'DEFAULT:!EXP:!LOW:!MEDIUM:!kDH:!kECDH:!DSS:!PSK:!SRP:!kRSA\'）
• 爲上面的字符串創建變量和使用，在check_output
• 獨立ciphers和check_output（check_output(["openssl", "ciphers", "..."]）上面的字符串

無我的嘗試工作。

如果我分開ciphers和密碼字符串，我會得到以下錯誤。

out = check_output(["openssl", "ciphers", "'DEFAULT:!EXP:!LOW:!MEDIUM:!kDH:!kECDH:!DSS:!PSK:!SRP:!kRSA'"]) 
Error in cipher list 
140348600368856:error:140E6118:SSL routines:SSL_CIPHER_PROCESS_RULESTR:invalid command:ssl_ciph.c:1226: 
140348600368856:error:140E6118:SSL routines:SSL_CIPHER_PROCESS_RULESTR:invalid command:ssl_ciph.c:1226: 
Traceback (most recent call last): 
    File "<stdin>", line 1, in <module> 
    File "/usr/lib/python3.5/subprocess.py", line 626, in check_output 
    **kwargs).stdout 
    File "/usr/lib/python3.5/subprocess.py", line 708, in run 
    output=stdout, stderr=stderr) 
subprocess.CalledProcessError: Command '['openssl', 'ciphers', "'DEFAULT:!EXP:!LOW:!MEDIUM:!kDH:!kECDH:!DSS:!PSK:!SRP:!kRSA'"]' returned non-zero exit status 1 

我不明白，爲什麼當只需在終端執行它，這並不與check_output工作。

---

編輯：我已經試過另一種方法與PIPE和run：

>>> from subprocess import PIPE, run 
>>> command = ["openssl", "ciphers", "'DEFAULT:!EXP:!LOW:!MEDIUM:!kDH:!kECDH:!DSS:!PSK:!SRP:!kRSA'"] 
>>> result = run(command, stdout=PIPE, stderr=PIPE, universal_newlines=True) 
>>> print(result.returncode, result.stdout, result.stderr) 
1 Error in cipher list 
140088420478680:error:140E6118:SSL routines:SSL_CIPHER_PROCESS_RULESTR:invalid command:ssl_ciph.c:1226: 
140088420478680:error:140E6118:SSL routines:SSL_CIPHER_PROCESS_RULESTR:invalid command:ssl_ciph.c:1226: 

這也導致了 「無效的命令」。

---

問：我怎樣才能捕捉Python3提到的OpenSSL命令的輸出？

Answer 1

您不必將密碼列表包裝兩次。

試試這個，

>>> import subprocess 
>>> out = subprocess.check_output(['openssl', 'ciphers', 'DEFAULT:!EXP:!LOW:!MEDIUM:!kDH:!kECDH:!DSS:!PSK:!SRP:!kRSA']) 
>>> out 
b'DHE-RSA-AES256-SHA:EDH-RSA-DES-CBC3-SHA:DHE-RSA-AES128-SHA\n'