(I've tried this on Debian 9 and Ubuntu 18.04, openssl 1.1.0l and 1.1.1)
I can see from many posts that openssl s_client should read from stdin, but it doesn't seem to. I'm trying to make a script that checks gmail for bounced mails - this is what I get:
openssl s_client -crlf -connect imap.gmail.com:993 <<!
a login [email protected] Apa55w0rd
a select INBOX
a search on 4-oct-2021
!
CONNECTED(00000003)
depth=2 C = US, O = Google Trust Services LLC, CN = GTS Root R1
verify return:1
depth=1 C = US, O = Google Trust Services LLC, CN = GTS CA 1C3
verify return:1
depth=0 CN = imap.gmail.com
verify return:1
---
Certificate chain
0 s:/CN=imap.gmail.com
i:/C=US/O=Google Trust Services LLC/CN=GTS CA 1C3
1 s:/C=US/O=Google Trust Services LLC/CN=GTS CA 1C3
i:/C=US/O=Google Trust Services LLC/CN=GTS Root R1
2 s:/C=US/O=Google Trust Services LLC/CN=GTS Root R1
i:/C=BE/O=GlobalSign nv-sa/OU=Root CA/CN=GlobalSign Root CA
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgIRANYAB4MRC2TJCgAAAAD/Y6YwDQYJKoZIhvcNAQELBQAw
RjELMAkGA1UEBhMCVVMxIjAgBgNVBAoTGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBM
TEMxEzARBgNVBAMTCkdUUyBDQSAxQzMwHhcNMjEwOTEzMDMxMTI3WhcNMjExMTIw
MDMxMTI2WjAZMRcwFQYDVQQDEw5pbWFwLmdtYWlsLmNvbTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBALRQpfQvddKjDkAtx0dNu8ifeLqzo8Lv6892Ij8O
KZBsAGcP39G9elE5UGklMH4Jzo88scMmSq+gTNW+Zss/DJ64RMfh/hBXSemdlfnF
Ro/HywsuPZ4YqHOVBvgW+7/K7YspqhfKn/oSZl5jCXz/J6qcxX7O9+phWD7nWwGS
ksrNkuwBT2fg/mA64q0sGgz+cE0k8LGwWoJSZ+B3Nosl07IKv9Jwddxu85d5cAcQ
djoEHiGTF4bluMlkHKlzQhNLh8bEiAkMV/pu/79D1HD+05z6I2EXt+f7O0Dgc8HC
hYHYGw2x2T4ZHAEH+0vG+2CTQMcNoTJ4jfITe4/OUaDm39ECAwEAAaOCAmcwggJj
MA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8E
AjAAMB0GA1UdDgQWBBQGYvnDmgImhQkT2mNBuYvWoMf2wTAfBgNVHSMEGDAWgBSK
dH+vhc3ulc09nNDiRhTzcTUdJzBqBggrBgEFBQcBAQReMFwwJwYIKwYBBQUHMAGG
G2h0dHA6Ly9vY3NwLnBraS5nb29nL2d0czFjMzAxBggrBgEFBQcwAoYlaHR0cDov
L3BraS5nb29nL3JlcG8vY2VydHMvZ3RzMWMzLmRlcjAZBgNVHREEEjAQgg5pbWFw
LmdtYWlsLmNvbTAhBgNVHSAEGjAYMAgGBmeBDAECATAMBgorBgEEAdZ5AgUDMDwG
A1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmxzLnBraS5nb29nL2d0czFjMy9mVkp4
YlYtS3Rtay5jcmwwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdQDuwJXujXJkD5Lj
w7kbxxKjaWoJe0tqGhQ45keyy+3F+QAAAXvdWlDzAAAEAwBGMEQCICZIv+JvLRvF
G192uY3wdMdxa7F1Cjkf4Ts++Nj+VBcTAiBTVo0coasZSSvLhfhpFFgVaYjALw1d
kjNEGOhKDfNX4gB3APZclC/RdzAiFFQYCDCUVo7jTRMZM7/fDC8gC8xO8WTjAAAB
e91aUA0AAAQDAEgwRgIhAJZ/m/XmVsCx5iuxrdiHmKWq04qmdutaRSqyG2X6wFED
AiEAwvkkC+8egz7BfGcAcsdx04FzMrDYfReDn6elgMCsBBAwDQYJKoZIhvcNAQEL
BQADggEBAD+0liFWMdNxq5xWOLiTCw1mWatA3ZdrDqi51cYN4thboxRa+iNfYUn/
AvSel4sJ+5HhdUmgSpXc98x/OFybrYyLXg/Tk3R1hgZmRsgUTrGMP6H6bkrA1du9
qt23JMScvB2P5pmGMoXdKh1dGaigaIEErixhjlALztEvrWUVSzmpg6A4yx0O/9lw
iHgXY0XNcjtZJ/2tta0nizTMKn2NJbjAW2Pdi0GDZUV9DRcicdvhB9uFd/RFEU2o
muPY4eRc/P4n6NE7TH2S3aEGxD74hwZSmb1Jo/g7L8Ta1caomqHIEFBBU4G+8x0h
8XQpI2zZhTJ82wPjEz7GrVdJt/KDwy0=
-----END CERTIFICATE-----
subject=/CN=imap.gmail.com
issuer=/C=US/O=Google Trust Services LLC/CN=GTS CA 1C3
---
No client certificate CA names sent
Peer signing digest: SHA256
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 4870 bytes and written 261 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-RSA-CHACHA20-POLY1305
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-CHACHA20-POLY1305
Session-ID: FA01523E2366640CFAA49BFA681D23F7118556474A67072E09F188D42B4FCDAB
Session-ID-ctx:
Master-Key: F26BDF82C66AE5B7D08847C29D786E382212B8017292EEE7A826D2085FC6F73877441EDC72EDFF2A66342EDE147EB2EE
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 100800 (seconds)
TLS session ticket:
0000 - 01 d9 8f a9 94 2e 5a 89-e0 93 18 8f 99 fc 66 63 ......Z.......fc
0010 - c3 b5 cb 58 7b ba ae 67-d4 4d c6 6b e9 56 f5 48 ...X{..g.M.k.V.H
0020 - b3 c7 21 b6 39 84 c5 f0-77 3b 74 95 c3 84 9a 1e ..!.9...w;t.....
0030 - 6a 18 f9 a0 73 41 99 f4-b4 fb c8 4f 32 64 bc 4e j...sA.....O2d.N
0040 - 70 64 b8 de 50 27 7d 34-b1 c9 a0 e1 9c c4 8d e6 pd..P'}4........
0050 - cb cf 09 92 a3 5c 9e 09-75 27 e0 f4 d0 fc 75 06 .....\..u'....u.
0060 - f0 7e 1b 37 f7 6d 74 b3-d9 cb 24 32 a9 fd d0 aa .~.7.mt...$2....
0070 - a2 9e 7d e0 58 1d 70 83-e8 a3 f0 5c 1c eb ce 09 ..}.X.p....\....
0080 - 08 92 d0 de 28 84 6e 14-51 3a 99 a7 20 f3 5c b5 ....(.n.Q:.. .\.
0090 - 98 9e b5 6a 62 d4 da 45-42 52 70 2b 21 49 46 0e ...jb..EBRp+!IF.
00a0 - 87 ca b3 90 a2 d8 5a b8-1d c4 8a 55 e2 57 88 20 ......Z....U.W.
00b0 - 5f a1 3d 7e d0 84 53 51-d0 a7 c4 e1 f3 30 69 2c _.=~..SQ.....0i,
00c0 - 68 16 18 3f 29 28 d5 42-fa cd d2 11 da 2d b2 c2 h..?)(.B.....-..
00d0 - 9e e3 ef 50 b9 dc b6 97-fa 66 4e 71 6d 02 6a 6e ...P.....fNqm.jn
00e0 - 91 3b
!
On the other hand, when I do it manually:
openssl s_client -crlf -connect imap.gmail.com:993
...
Post-Handshake New Session Ticket arrived:
SSL-Session:
Protocol : TLSv1.3
Cipher : TLS_AES_256_GCM_SHA384
Session-ID: E49D714DD94F97F1536F963C081C9C7122C4BA5BE4EE3E1F8D3DCDC8301BABD7
Session-ID-ctx:
Resumption PSK: AFFDA81A7441D6C607BC10598CAE059DA333240DB924337DBADE95BD38EF7D6F0C759890973DC109100CB6332728EE1F
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 172800 (seconds)
TLS session ticket:
0000 - 01 17 d5 f7 34 c7 f2 a2-64 1f eb af 1b e3 c8 19 ....4...d.......
0010 - e7 83 b8 ff 3c 15 dc e3-87 e9 7c ec ab 71 c3 45 ....<.....|..q.E
0020 - f8 9f 7b a6 df 26 33 a5-a2 bd 05 83 8d 9d dc 13 ..{..&3.........
0030 - 19 3e de ce 81 fb a9 0f-9c 48 65 c4 2d b8 cc 11 .>.......He.-...
0040 - a3 d4 03 1b 8d 65 55 88-d1 be 80 78 50 5b 69 c2 .....eU....xP[i.
0050 - 49 58 ad 25 4e 3a ae 85-f3 c0 be e6 7c 69 dd 43 IX.%N:......|i.C
0060 - b2 8b 28 b5 27 ef 82 7b-b7 ab be ed f6 e4 32 cd ..(.'..{......2.
0070 - d7 d9 9d 22 37 0c 4c 58-99 08 0e 97 23 fd 6c 66 ..."7.LX....#.lf
0080 - f4 1f 12 28 5d 28 71 b6-c5 e7 11 15 57 e5 27 3c ...(](q.....W.'<
0090 - 6a 93 f1 7e 79 19 5e 45-cf fd 2a ae 4f 88 34 f0 j..~y.^E..*.O.4.
00a0 - 83 81 fd 59 49 87 a3 60-40 63 67 5b c2 94 e7 22 ...YI..`@cg[..."
00b0 - ec 8f ac ac 0d a0 e5 b2-0d bf 5a a7 02 00 c1 1d ..........Z.....
00c0 - e6 8e 34 44 1f 85 2a 54-16 e2 33 ee 14 96 df 22 ..4D..*T..3...."
00d0 - f1 44 2f 47 02 29 1e 61-51 5b dd 3e cb e5 d7 bc .D/G.).aQ[.>....
00e0 - a5 04 6b fb 9a dc 65 45-49 2f 3e af ..k...eEI/>.
Start Time: 1633351015
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
Max Early Data: 0
---
read R BLOCK
* OK Gimap ready for requests from 192.16.95.66 dh14mb347322005edb
...
a search on 4-oct-2021
* SEARCH 16347 16348 16349 16350 16351 16352 16353 16354 16355 16356 16357 16358 16359 16360 16361 16362 16363 16364 16365 16366 16367 16368 16369 16370 16371 16372 16373 16374 16375 16376 16377 16378 16379 16380 16381 16382
a OK SEARCH completed (Success)
So, what am I doing wrong?
