Here's an interesting data point. If I run this under valgrind:
$ valgrind openssl s_client -showcerts -connect graph.facebook.com:443
==36982== Memcheck, a memory error detector
==36982== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==36982== Using Valgrind-3.15.0 and LibVEX; rerun with -h for copyright info
==36982== Command: openssl s_client -showcerts -connect graph.facebook.com:443
==36982==
CONNECTED(00000003)
depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert High Assurance EV Root CA
verify return:1
depth=1 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert SHA2 High Assurance Server CA
verify return:1
depth=0 C = US, ST = California, L = Menlo Park, O = "Facebook, Inc.", CN = *.facebook.com
verify return:1
---
Certificate chain
0 s:C = US, ST = California, L = Menlo Park, O = "Facebook, Inc.", CN = *.facebook.com
i:C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert SHA2 High Assurance Server CA
-----BEGIN CERTIFICATE-----
MIIGkTCCBXmgAwIBAgIQCivCRFoplTX8XaBRF4f4wDANBgkqhkiG9w0BAQsFADBw
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNz
dXJhbmNlIFNlcnZlciBDQTAeFw0yMTEwMDMwMDAwMDBaFw0yMjAxMDEyMzU5NTla
MGkxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpN
ZW5sbyBQYXJrMRcwFQYDVQQKEw5GYWNlYm9vaywgSW5jLjEXMBUGA1UEAwwOKi5m
YWNlYm9vay5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQ9cpj/+XqZgH6d
qstfu/ZUoA+jNBS8A2pE9naG2+/1fDQbFhAK/4N1wNQ69xh2o1KbUId1Qi9sDCWk
Fu6s9XAqo4ID9zCCA/MwHwYDVR0jBBgwFoAUUWj/kK8CB3U8zNllZGKiErhZcjsw
HQYDVR0OBBYEFLARiFqEkLy4TD1U7suyuVQuqD6/MIG1BgNVHREEga0wgaqCDiou
ZmFjZWJvb2suY29tgg4qLmZhY2Vib29rLm5ldIILKi5mYmNkbi5uZXSCCyouZmJz
YnguY29tghAqLm0uZmFjZWJvb2suY29tgg8qLm1lc3Nlbmdlci5jb22CDioueHgu
ZmJjZG4ubmV0gg4qLnh5LmZiY2RuLm5ldIIOKi54ei5mYmNkbi5uZXSCDGZhY2Vi
b29rLmNvbYINbWVzc2VuZ2VyLmNvbTAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0lBBYw
FAYIKwYBBQUHAwEGCCsGAQUFBwMCMHUGA1UdHwRuMGwwNKAyoDCGLmh0dHA6Ly9j
cmwzLmRpZ2ljZXJ0LmNvbS9zaGEyLWhhLXNlcnZlci1nNi5jcmwwNKAyoDCGLmh0
dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zaGEyLWhhLXNlcnZlci1nNi5jcmwwPgYD
VR0gBDcwNTAzBgZngQwBAgIwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdp
Y2VydC5jb20vQ1BTMIGDBggrBgEFBQcBAQR3MHUwJAYIKwYBBQUHMAGGGGh0dHA6
Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBNBggrBgEFBQcwAoZBaHR0cDovL2NhY2VydHMu
ZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMkhpZ2hBc3N1cmFuY2VTZXJ2ZXJDQS5j
cnQwDAYDVR0TAQH/BAIwADCCAX0GCisGAQQB1nkCBAIEggFtBIIBaQFnAHYAKXm+
8J45OSHwVnOfY6V35b5XfZxgCvj5TV0mXCVdx4QAAAF8Q4ALtQAABAMARzBFAiAB
3r54JbfoFtjAqiLdaY6fXb/o1jjaT9u4XCdN5xu7NAIhAKGf3c1Jzs2cXQcAu422
KlF9P2lXrpZyMmP4rJYTuev2AHYAUaOw9f0BeZxWbbg3eI8MpHrMGyfL956IQpoN
/tSLBeUAAAF8Q4AL8AAABAMARzBFAiEAq7yuxzQO7e+txL6xITlC/qIHDYvapOTh
Tl4NHC+rOj0CIFHm8wXHI/F0gsWQVv5Ot8Ij4RuEZEVMMau/AEMroZ2aAHUAQcjK
sd8iRkoQxqE6CUKHXk4xixsD6+tLx2jwkGKWBvYAAAF8Q4ALyAAABAMARjBEAiAB
b4Q1lYSN7rcuXUxkIzbum5dVe0caAHuVTYgU00HYkQIgFtebuk3zr+NVZ520RCGZ
fetkFZv08wHf7TJK+JBMnBwwDQYJKoZIhvcNAQELBQADggEBAIcfi8CHi/+QH4cW
BjjDEZnQtPaOG77WtdFW2UK3xt2GKk4qY5rfVKLFGT9vAZRx4ZHFfK6c1IADkNMe
42lwc0+gTBrqrx1Uu+11vAIektX3Lx5xfeCTY604NK1qCC6ISYB/U2NVy2l0skT/
1xKLH87I+P7IwgQtE2en7yt9bu03GPIU0DVkYzqvBxGCq599ae2gYIVZVRSe2Xhp
WVeBB03fhf+NNcbR4LZK7n1ohrUBs7rurc0z6iv8V6qRU+aj8tS8606iQhcjEm9h
SN8G9/0JXXR5oWD/pAScLRtBwvkmDJEyw9lwxiErjgnfFHL0iDUZvqk0gXiQq54v
IK957WY=
-----END CERTIFICATE-----
1 s:C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert SHA2 High Assurance Server CA
i:C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert High Assurance EV Root CA
-----BEGIN CERTIFICATE-----
MIIEsTCCA5mgAwIBAgIQBOHnpNxc8vNtwCtCuF0VnzANBgkqhkiG9w0BAQsFADBs
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
ZSBFViBSb290IENBMB4XDTEzMTAyMjEyMDAwMFoXDTI4MTAyMjEyMDAwMFowcDEL
MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3
LmRpZ2ljZXJ0LmNvbTEvMC0GA1UEAxMmRGlnaUNlcnQgU0hBMiBIaWdoIEFzc3Vy
YW5jZSBTZXJ2ZXIgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2
4C/CJAbIbQRf1+8KZAayfSImZRauQkCbztyfn3YHPsMwVYcZuU+UDlqUH1VWtMIC
Kq/QmO4LQNfE0DtyyBSe75CxEamu0si4QzrZCwvV1ZX1QK/IHe1NnF9Xt4ZQaJn1
itrSxwUfqJfJ3KSxgoQtxq2lnMcZgqaFD15EWCo3j/018QsIJzJa9buLnqS9UdAn
4t07QjOjBSjEuyjMmqwrIw14xnvmXnG3Sj4I+4G3FhahnSMSTeXXkgisdaScus0X
sh5ENWV/UyU50RwKmmMbGZJ0aAo3wsJSSMs5WqK24V3B3aAguCGikyZvFEohQcft
bZvySC/zA/WiaJJTL17jAgMBAAGjggFJMIIBRTASBgNVHRMBAf8ECDAGAQH/AgEA
MA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
NAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2Vy
dC5jb20wSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybDQuZGlnaWNlcnQuY29t
L0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENBLmNybDA9BgNVHSAENjA0MDIG
BFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQ
UzAdBgNVHQ4EFgQUUWj/kK8CB3U8zNllZGKiErhZcjswHwYDVR0jBBgwFoAUsT7D
aQP4v0cB1JgmGggC72NkK8MwDQYJKoZIhvcNAQELBQADggEBABiKlYkD5m3fXPwd
aOpKj4PWUS+Na0QWnqxj9dJubISZi6qBcYRb7TROsLd5kinMLYBq8I4g4Xmk/gNH
E+r1hspZcX30BJZr01lYPf7TMSVcGDiEo+afgv2MW5gxTs14nhr9hctJqvIni5ly
/D6q1UEL2tU2ob8cbkdJf17ZSHwD2f2LSaCYJkJA69aSEaRkCldUxPUd1gJea6zu
xICaEnL6VpPX/78whQYwvwt/Tv9XBZ0k7YXDK/umdaisLRbvfXknsuvCnQsH6qqF
0wGjIChBWUMo0oHjqvbsezt3tkBigAVBRQHvFwY+3sAzm2fTYS5yh+Rp/BIAV0Ae
cPUeybQ=
-----END CERTIFICATE-----
---
Server certificate
subject=C = US, ST = California, L = Menlo Park, O = "Facebook, Inc.", CN = *.facebook.com
issuer=C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert SHA2 High Assurance Server CA
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: ECDSA
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 3228 bytes and written 374 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_CHACHA20_POLY1305_SHA256
Server public key is 256 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
Protocol : TLSv1.3
Cipher : TLS_CHACHA20_POLY1305_SHA256
Session-ID: BA5E7D3EF0748870F4B94CC6EA59C5C0575EC6E8DBDDD0D9BEFCBDF543E26EC3
Session-ID-ctx:
Resumption PSK: 9A9647E811A905233D1B66E668B6BC8775583D5453E3DBB68186B0E8BDE6C3DC
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 172800 (seconds)
TLS session ticket:
0000 - b4 c8 31 e9 50 5f 01 e3-7a 27 61 3c f1 14 92 e8 ..1.P_..z'a<....
0010 - ab a3 15 9a e0 87 c3 0f-93 0e 56 7b 21 70 82 2b ..........V{!p.+
0020 - 00 00 00 00 90 38 f6 e1-5b 61 49 24 21 c5 50 c8 .....8..[aI$!.P.
0030 - c7 cd 2c 0e 6d a0 5c 5c-19 3f 1d fe 94 fa 36 ef ..,.m.\\.?....6.
0040 - 1a 66 7c 33 e6 d8 47 db-46 ed e2 f9 cb 6f cf bb .f|3..G.F....o..
0050 - 9e 57 0d 6f 23 39 9f d0-74 9b 3b 8b 9c 5f 21 ed .W.o#9..t.;.._!.
0060 - 6e 86 fa 3b d2 99 c9 98-36 62 d8 84 38 aa 14 22 n..;....6b..8.."
0070 - ec cc b7 ca b2 ee 8e 11-87 7e 1d 58 3b e6 a5 1a .........~.X;...
0080 - c5 34 .4
Start Time: 1640448351
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
Max Early Data: 0
---
read R BLOCK
^C==36982==
==36982== Process terminating with default action of signal 2 (SIGINT)
==36982== at 0x4C8B7BC: select (select.c:53)
==36982== by 0x15DB47: s_client_main (s_client.c:2845)
==36982== by 0x14DFD3: do_cmd (openssl.c:570)
==36982== by 0x13AC03: main (openssl.c:189)
==36982==
==36982== HEAP SUMMARY:
==36982== in use at exit: 208,670 bytes in 4,256 blocks
==36982== total heap usage: 6,290 allocs, 2,034 frees, 563,009 bytes allocated
==36982==
==36982== LEAK SUMMARY:
==36982== definitely lost: 0 bytes in 0 blocks
==36982== indirectly lost: 0 bytes in 0 blocks
==36982== possibly lost: 0 bytes in 0 blocks
==36982== still reachable: 208,670 bytes in 4,256 blocks
==36982== suppressed: 0 bytes in 0 blocks
==36982== Rerun with --leak-check=full to see details of leaked memory
==36982==
==36982== For lists of detected and suppressed errors, rerun with: -s
==36982== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)
it not only doesn't report any errors, it finishes and goes into waiting for input *without* a segmentation fault. Versus:
Here's an interesting data point. If I run this under valgrind:
$ valgrind openssl s_client -showcerts -connect graph.facebook. com:443 com:443 BAgIQCivCRFoplT X8XaBRF4f4wDANB gkqhkiG9w0BAQsF ADBw VUzEVMBMGA1UECh MMRGlnaUNlcnQgS W5jMRkwFwYDVQQL ExB3 uY29tMS8wLQYDVQ QDEyZEaWdpQ2Vyd CBTSEEyIEhpZ2gg QXNz lciBDQTAeFw0yMT EwMDMwMDAwMDBaF w0yMjAxMDEyMzU5 NTla TAlVTMRMwEQYDVQ QIEwpDYWxpZm9yb mlhMRMwEQYDVQQH EwpN wFQYDVQQKEw5GYW NlYm9vaywgSW5jL jEXMBUGA1UEAwwO Ki5m wWTATBgcqhkjOPQ IBBggqhkjOPQMBB wNCAAQ9cpj/ +XqZgH6d jNBS8A2pE9naG2+ /1fDQbFhAK/ 4N1wNQ69xh2o1Kb UId1Qi9sDCWk CA/MwHwYDVR0jBB gwFoAUUWj/ kK8CB3U8zNllZGK iErhZcjsw RiFqEkLy4TD1U7s uyuVQuqD6/ MIG1BgNVHREEga0 wgaqCDiou tgg4qLmZhY2Vib2 9rLm5ldIILKi5mY mNkbi5uZXSCCyou ZmJz uZmFjZWJvb2suY2 9tgg8qLm1lc3Nlb mdlci5jb22CDiou eHgu qLnh5LmZiY2RuLm 5ldIIOKi54ei5mY mNkbi5uZXSCDGZh Y2Vi zc2VuZ2VyLmNvbT AOBgNVHQ8BAf8EB AMCB4AwHQYDVR0l BBYw GCCsGAQUFBwMCMH UGA1UdHwRuMGwwN KAyoDCGLmh0dHA6 Ly9j 0LmNvbS9zaGEyLW hhLXNlcnZlci1nN i5jcmwwNKAyoDCG Lmh0 pZ2ljZXJ0LmNvbS 9zaGEyLWhhLXNlc nZlci1nNi5jcmww PgYD ngQwBAgIwKTAnBg grBgEFBQcCARYba HR0cDovL3d3dy5k aWdp TMIGDBggrBgEFBQ cBAQR3MHUwJAYIK wYBBQUHMAGGGGh0 dHA6 jZXJ0LmNvbTBNBg grBgEFBQcwAoZBa HR0cDovL2NhY2Vy dHMu tL0RpZ2lDZXJ0U0 hBMkhpZ2hBc3N1c mFuY2VTZXJ2ZXJD QS5j /BAIwADCCAX0GCi sGAQQB1nkCBAIEg gFtBIIBaQFnAHYA KXm+ 35b5XfZxgCvj5TV 0mXCVdx4QAAAF8Q 4ALtQAABAMARzBF AiAB daY6fXb/ o1jjaT9u4XCdN5x u7NAIhAKGf3c1Jz s2cXQcAu422 4rJYTuev2AHYAUa Ow9f0BeZxWbbg3e I8MpHrMGyfL956I QpoN L8AAABAMARzBFAi EAq7yuxzQO7e+ txL6xITlC/ qIHDYvapOTh rOj0CIFHm8wXHI/ F0gsWQVv5Ot8Ij4 RuEZEVMMau/ AEMroZ2aAHUAQcj K HXk4xixsD6+ tLx2jwkGKWBvYAA AF8Q4ALyAAABAMA RjBEAiAB kIzbum5dVe0caAH uVTYgU00HYkQIgF tebuk3zr+ NVZ520RCGZ K+JBMnBwwDQYJKo ZIhvcNAQELBQADg gEBAIcfi8CHi/ +QH4cW WtdFW2UK3xt2GKk 4qY5rfVKLFGT9vA ZRx4ZHFfK6c1IAD kNMe gTBrqrx1Uu+ 11vAIektX3Lx5xf eCTY604NK1qCC6I SYB/U2NVy2l0skT / P7IwgQtE2en7yt9 bu03GPIU0DVkYzq vBxGCq599ae2gYI VZVRSe2Xhp NNcbR4LZK7n1ohr UBs7rurc0z6iv8V 6qRU+aj8tS8606i QhcjEm9h /pAScLRtBwvkmDJ Eyw9lwxiErjgnfF HL0iDUZvqk0gXiQ q54v BAgIQBOHnpNxc8v NtwCtCuF0VnzANB gkqhkiG9w0BAQsF ADBs VUzEVMBMGA1UECh MMRGlnaUNlcnQgS W5jMRkwFwYDVQQL ExB3 uY29tMSswKQYDVQ QDEyJEaWdpQ2Vyd CBIaWdoIEFzc3Vy YW5j BMB4XDTEzMTAyMj EyMDAwMFoXDTI4M TAyMjEyMDAwMFow cDEL xFTATBgNVBAoTDE RpZ2lDZXJ0IEluY zEZMBcGA1UECxMQ d3d3 vbTEvMC0GA1UEAx MmRGlnaUNlcnQgU 0hBMiBIaWdoIEFz c3Vy gQ0EwggEiMA0GCS qGSIb3DQEBAQUAA 4IBDwAwggEKAoIB AQC2 8KZAayfSImZRauQ kCbztyfn3YHPsMw VYcZuU+ UDlqUH1VWtMIC yyBSe75CxEamu0s i4QzrZCwvV1ZX1Q K/IHe1NnF9Xt4ZQ aJn1 xgoQtxq2lnMcZgq aFD15EWCo3j/ 018QsIJzJa9buLn qS9UdAn MmqwrIw14xnvmXn G3Sj4I+ 4G3FhahnSMSTeXX kgisdaScus0X UyU50RwKmmMbGZJ 0aAo3wsJSSMs5Wq K24V3B3aAguCGik yZvFEohQcft zA/WiaJJTL17jAg MBAAGjggFJMIIBR TASBgNVHRMBAf8E CDAGAQH/ AgEA wQEAwIBhjAdBgNV HSUEFjAUBggrBgE FBQcDAQYIKwYBBQ UHAwIw EKDAmMCQGCCsGAQ UFBzABhhhodHRwO i8vb2NzcC5kaWdp Y2Vy fBEQwQjBAoD6gPI Y6aHR0cDovL2Nyb DQuZGlnaWNlcnQu Y29t naEFzc3VyYW5jZU VWUm9vdENBLmNyb DA9BgNVHSAENjA0 MDIG rBgEFBQcCARYcaH R0cHM6Ly93d3cuZ GlnaWNlcnQuY29t L0NQ UUWj/kK8CB3U8zN llZGKiErhZcjswH wYDVR0jBBgwFoAU sT7D C72NkK8MwDQYJKo ZIhvcNAQELBQADg gEBABiKlYkD5m3f XPwd Na0QWnqxj9dJubI SZi6qBcYRb7TROs Ld5kinMLYBq8I4g 4Xmk/gNH r01lYPf7TMSVcGD iEo+afgv2MW5gxT s14nhr9hctJqvIn i5ly cbkdJf17ZSHwD2f 2LSaCYJkJA69aSE aRkCldUxPUd1gJe a6zu 78whQYwvwt/ Tv9XBZ0k7YXDK/ umdaisLRbvfXkns uvCnQsH6qqF jqvbsezt3tkBigA VBRQHvFwY+ 3sAzm2fTYS5yh+ Rp/BIAV0Ae
==36982== Memcheck, a memory error detector
==36982== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==36982== Using Valgrind-3.15.0 and LibVEX; rerun with -h for copyright info
==36982== Command: openssl s_client -showcerts -connect graph.facebook.
==36982==
CONNECTED(00000003)
depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert High Assurance EV Root CA
verify return:1
depth=1 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert SHA2 High Assurance Server CA
verify return:1
depth=0 C = US, ST = California, L = Menlo Park, O = "Facebook, Inc.", CN = *.facebook.com
verify return:1
---
Certificate chain
0 s:C = US, ST = California, L = Menlo Park, O = "Facebook, Inc.", CN = *.facebook.com
i:C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert SHA2 High Assurance Server CA
-----BEGIN CERTIFICATE-----
MIIGkTCCBXmgAwI
MQswCQYDVQQGEwJ
d3cuZGlnaWNlcnQ
dXJhbmNlIFNlcnZ
MGkxCzAJBgNVBAY
ZW5sbyBQYXJrMRc
YWNlYm9vay5jb20
qstfu/ZUoA+
Fu6s9XAqo4ID9zC
HQYDVR0OBBYEFLA
ZmFjZWJvb2suY29
YnguY29tghAqLm0
ZmJjZG4ubmV0gg4
b29rLmNvbYINbWV
FAYIKwYBBQUHAwE
cmwzLmRpZ2ljZXJ
dHA6Ly9jcmw0LmR
VR0gBDcwNTAzBgZ
Y2VydC5jb20vQ1B
Ly9vY3NwLmRpZ2l
ZGlnaWNlcnQuY29
cnQwDAYDVR0TAQH
8J45OSHwVnOfY6V
3r54JbfoFtjAqiL
KlF9P2lXrpZyMmP
/tSLBeUAAAF8Q4A
Tl4NHC+
sd8iRkoQxqE6CUK
b4Q1lYSN7rcuXUx
fetkFZv08wHf7TJ
BjjDEZnQtPaOG77
42lwc0+
1xKLH87I+
WVeBB03fhf+
SN8G9/0JXXR5oWD
IK957WY=
-----END CERTIFICATE-----
1 s:C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert SHA2 High Assurance Server CA
i:C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert High Assurance EV Root CA
-----BEGIN CERTIFICATE-----
MIIEsTCCA5mgAwI
MQswCQYDVQQGEwJ
d3cuZGlnaWNlcnQ
ZSBFViBSb290IEN
MAkGA1UEBhMCVVM
LmRpZ2ljZXJ0LmN
YW5jZSBTZXJ2ZXI
4C/CJAbIbQRf1+
Kq/QmO4LQNfE0Dt
itrSxwUfqJfJ3KS
4t07QjOjBSjEuyj
sh5ENWV/
bZvySC/
MA4GA1UdDwEB/
NAYIKwYBBQUHAQE
dC5jb20wSwYDVR0
L0RpZ2lDZXJ0SGl
BFUdIAAwKjAoBgg
UzAdBgNVHQ4EFgQ
aQP4v0cB1JgmGgg
aOpKj4PWUS+
E+r1hspZcX30BJZ
/D6q1UEL2tU2ob8
xICaEnL6VpPX/
0wGjIChBWUMo0oH
cPUeybQ=
-----END CERTIFICATE-----
---
Server certificate
subject=C = US, ST = California, L = Menlo Park, O = "Facebook, Inc.", CN = *.facebook.com
issuer=C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert SHA2 High Assurance Server CA
--- POLY1305_ SHA256 POLY1305_ SHA256 0F4B94CC6EA59C5 C0575EC6E8DBDDD 0D9BEFCBDF543E2 6EC3 33D1B66E668B6BC 8775583D5453E3D BB68186B0E8BDE6 C3DC
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: ECDSA
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 3228 bytes and written 374 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_CHACHA20_
Server public key is 256 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
Protocol : TLSv1.3
Cipher : TLS_CHACHA20_
Session-ID: BA5E7D3EF074887
Session-ID-ctx:
Resumption PSK: 9A9647E811A9052
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 172800 (seconds)
TLS session ticket:
0000 - b4 c8 31 e9 50 5f 01 e3-7a 27 61 3c f1 14 92 e8 ..1.P_..z'a<....
0010 - ab a3 15 9a e0 87 c3 0f-93 0e 56 7b 21 70 82 2b ..........V{!p.+
0020 - 00 00 00 00 90 38 f6 e1-5b 61 49 24 21 c5 50 c8 .....8..[aI$!.P.
0030 - c7 cd 2c 0e 6d a0 5c 5c-19 3f 1d fe 94 fa 36 ef ..,.m.\\.?....6.
0040 - 1a 66 7c 33 e6 d8 47 db-46 ed e2 f9 cb 6f cf bb .f|3..G.F....o..
0050 - 9e 57 0d 6f 23 39 9f d0-74 9b 3b 8b 9c 5f 21 ed .W.o#9..t.;.._!.
0060 - 6e 86 fa 3b d2 99 c9 98-36 62 d8 84 38 aa 14 22 n..;....6b..8.."
0070 - ec cc b7 ca b2 ee 8e 11-87 7e 1d 58 3b e6 a5 1a .........~.X;...
0080 - c5 34 .4
Start Time: 1640448351
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
Max Early Data: 0
---
read R BLOCK
^C==36982==
==36982== Process terminating with default action of signal 2 (SIGINT)
==36982== at 0x4C8B7BC: select (select.c:53)
==36982== by 0x15DB47: s_client_main (s_client.c:2845)
==36982== by 0x14DFD3: do_cmd (openssl.c:570)
==36982== by 0x13AC03: main (openssl.c:189)
==36982==
==36982== HEAP SUMMARY:
==36982== in use at exit: 208,670 bytes in 4,256 blocks
==36982== total heap usage: 6,290 allocs, 2,034 frees, 563,009 bytes allocated
==36982==
==36982== LEAK SUMMARY:
==36982== definitely lost: 0 bytes in 0 blocks
==36982== indirectly lost: 0 bytes in 0 blocks
==36982== possibly lost: 0 bytes in 0 blocks
==36982== still reachable: 208,670 bytes in 4,256 blocks
==36982== suppressed: 0 bytes in 0 blocks
==36982== Rerun with --leak-check=full to see details of leaked memory
==36982==
==36982== For lists of detected and suppressed errors, rerun with: -s
==36982== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)
it not only doesn't report any errors, it finishes and goes into waiting for input *without* a segmentation fault. Versus:
$ openssl s_client -showcerts -connect graph.facebook. com:443
CONNECTED(00000003)
Segmentation fault (core dumped)
$
This may be a newly discovered race condition of some sort that's only showing up on some Arm64 platforms (Apple Silicon M1 Max in my case).