Ignore stderr from openssl commands when saving to a variable

[pgombar]

Description

When calling openssl commands, we aren't ignoring stderr and saving the output directly to a variable, which then causes dictionary key exceptions to be thrown, like in issue #1514.

---

PR information

• The title of the PR is clear and informative.
• There are a small number of commits, each of which has an informative message. This means that previously merged commits do not appear in the history of the PR. For information on cleaning up the commits in your pull request, see this page.
• Except for special cases involving multiple contributors, the PR is started from a fork of the main repository, not a branch.
• If applicable, the PR references the bug/issue that it fixes in the description.
• New Unit tests were added for the changes made and Travis.CI is passing.

Quality of Code and Contribution Guidelines

• I have read the contribution guidelines.

---

This change is 

[codecov]

Codecov Report

Merging #1606 into develop will increase coverage by 0.01%.
The diff coverage is 95.45%.

@@             Coverage Diff             @@
##           develop    #1606      +/-   ##
===========================================
+ Coverage    66.01%   66.02%   +0.01%     
===========================================
  Files           77       77              
  Lines        11051    11049       -2     
  Branches      1558     1557       -1     
===========================================
  Hits          7295     7295              
+ Misses        3422     3421       -1     
+ Partials       334      333       -1

Impacted Files	Coverage Δ
azurelinuxagent/common/utils/shellutil.py	58.82% <100%> (+11.65%)	⬆️
azurelinuxagent/common/utils/cryptutil.py	50% <85.71%> (-0.95%)	⬇️
azurelinuxagent/common/cgroup.py	90.75% <0%> (-0.09%)	⬇️
azurelinuxagent/common/cgroupstelemetry.py	94.73% <0%> (+0.61%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 5346d4a...ffeb4bf. Read the comment docs.

[larohra]

Reviewed 3 of 3 files at r2.
Reviewable status: all files reviewed, 7 unresolved discussions (waiting on @larohra, @narrieta, @pgombar, and @vrdmr)

[narrieta]

Reviewable status: all files reviewed, 7 unresolved discussions (waiting on @larohra, @narrieta, @pgombar, and @vrdmr)

---

azurelinuxagent/common/utils/cryptutil.py, line 65 at r2 (raw file):

Previously, larohra wrote…

that's where shlex.split() helps, I think @pgombar already added that

nope, shlex won't help you there :) take for example file_name=="name with spaces"

[larohra]

---

azurelinuxagent/common/utils/cryptutil.py, line 65 at r2 (raw file):

{0} x509 -in {1} -pubkey -noout

Ahh makes sense.
What if you escape the filename with quotes instead? Like - [{0} x509 -in '{1}' -pubkey -noout]
This would be handled by shlex

[narrieta]

Reviewable status: all files reviewed, 7 unresolved discussions (waiting on @larohra, @narrieta, @pgombar, and @vrdmr)

---

azurelinuxagent/common/utils/cryptutil.py, line 65 at r2 (raw file):

Previously, larohra wrote…

{0} x509 -in {1} -pubkey -noout

Ahh makes sense.
What if you escape the filename with quotes instead? Like - [{0} x509 -in '{1}' -pubkey -noout]
This would be handled by shlex

sure, but also quote '{0}' and that would work for now... next person changing the code: please think hard if you need to escape anything :)

or just write the argument array and forget about shell parsing

[larohra]

---

azurelinuxagent/common/utils/cryptutil.py, line 65 at r2 (raw file):

Previously, narrieta (Norberto Arrieta) wrote…

sure, but also quote '{0}' and that would work for now... next person changing the code: please think hard if you need to escape anything :)

or just write the argument array and forget about shell parsing

Haha agreed, escaping can always be a pain in the butt!

[narrieta]

Added some suggestions