在生成密钥/证书时,您应按几次'输入'并在最后按"是"。如何在这样的代码中做到这一点?
buildkey = ["printf '\n\n\n\n\n\n\n\n\n\n ' | /etc/openvpn/easy-rsa/build-key"]
runBuildKey = subprocess.Popen(buildkey, shell=True )
答案 0 :(得分:3)
这里不要尝试编辑stdin。相反,打开你的openssl.cnf
,并修改它以从环境中获得所需的所有输入,如下所示:
[ req_distinguished_name ]
countryName_default = $ENV::SSL_countryName
stateOrProvinceName_default = $ENV::SSL_stateOrProvinenceName
......等等。完成此操作后,在使用参数build-key
调用-batch
之前,在您的环境中设置变量。在bash中,这可能是这样的:
SSL_countryName=foo SSL_stateOrProvinenceName=bar build-key -batch </dev/null
或者,在Python中,您可以通过subprocess.Popen
:
subprocess.call(['/etc/openvpn/easy-rsa/build-key', '-batch'], env={
'SSL_countryName': 'foo',
'SSL_stateOrProvinenceName': 'bar',
# ...and so forth for any other $ENV::* setting you want to override
}, stdin=open('/dev/null', 'r'))
但是,如果确实想要为stdin传递自定义流,那么你可以这样做 - 根本没有任何shell管道:
p = subprocess.Popen(['/etc/openvpn/easy-rsa/build-key'], stdin=subprocess.PIPE)
p.communicate('\n'.join(['', '', '', '', '', 'yes', '']))
# ^^
# use one of these for each item you want to press enter to before the "yes"