我正在编写一个Nagios插件，它根据Qualys服务器评级指南计算SSL得分：https://www.ssllabs.com/projects/rating-guide/

为此，我需要找出服务器支持的最差/最佳协议和最弱/最强的密码。在

以下是我使用sslyze的代码：

from plugins import PluginOpenSSLCipherSuites
from nassl import SSLV2, SSLV3, TLSV1, TLSV1_1, TLSV1_2


shared_settings = {'certinfo': 'basic', 'starttls': None, 'resum': True, 'resum_rate': None, 'http_get': True, 'xml_file': '/tmp/example.com_443.xml', 'compression': True, 'tlsv1': True, 'targets_in': None, 'keyform': 1, 'hsts': None, 'sslv3': True, 'sslv2': True, 'https_tunnel': None, 'nb_retries': 4, 'heartbleed': True, 'sni': None, 'https_tunnel_host': None, 'regular': False, 'key': None, 'reneg': True, 'tlsv1_2': True, 'tlsv1_1': True, 'hide_rejected_ciphers': True, 'keypass': '', 'cert': None, 'certform': 1, 'timeout': 5, 'xmpp_to': None}

target = ('example.com', '1.2.3.4', 443, TLSV1_2)

cipher_plugin = PluginOpenSSLCipherSuites.PluginOpenSSLCipherSuites()
cipher_plugin._shared_settings = shared_settings

protocols = ['sslv2', 'sslv3', 'tlsv1', 'tlsv1_1', 'tlsv1_2']
for p in protocols:
    cipher_result = cipher_plugin.process_task(target, p, None)
    cipher_result = cipher_plugin.process_task

    if any('Accepted' in c for c in cipher_result.get_txt_result()):
        worst_protocol = p
        break

for p in reversed(protocols):
    cipher_result = cipher_plugin.process_task(target, p, None)
    if any('Accepted' in c for c in cipher_result.get_txt_result()):
        best_protocol = p
        break

print(worst_protocol)
print(best_protocol)

ciphers = []
for protocol in ('sslv2', 'sslv3', 'tlsv1', 'tlsv1_1', 'tlsv1_2'):
    cipher_result = cipher_plugin.process_task(target, protocol, None)
    for e in cipher_result.get_txt_result():
        if 'bits' in e:
            ciphers.append(e.split()[1])

print(sorted(ciphers)[0])
print(sorted(ciphers)[-1])

因为这需要一些时间来完成。在

使用下面的代码，执行时间从~50秒减少到~40秒。还有什么可以改进的吗？在