1 files changed, 16 insertions, 13 deletions

diff --git a/secure/usr.bin/openssl/man/openssl-s_server.1 b/secure/usr.bin/openssl/man/openssl-s_server.1
index 526610d665f2..e7cb9b2e781f 100644
--- a/secure/usr.bin/openssl/man/openssl-s_server.1
+++ b/secure/usr.bin/openssl/man/openssl-s_server.1
@@ -1,5 +1,5 @@
 .\" -*- mode: troff; coding: utf-8 -*-
-.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
+.\" Automatically generated by Pod::Man v6.0.2 (Pod::Simple 3.45)
 .\"
 .\" Standard preamble:
 .\" ========================================================================
@@ -52,10 +52,13 @@
 .    \}
 .\}
 .rr rF
+.\"
+.\" Required to disable full justification in groff 1.23.0.
+.if n .ds AD l
 .\" ========================================================================
 .\"
 .IX Title "OPENSSL-S_SERVER 1ossl"
-.TH OPENSSL-S_SERVER 1ossl 2025-09-30 3.5.4 OpenSSL
+.TH OPENSSL-S_SERVER 1ossl 2026-04-07 3.5.6 OpenSSL
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
@@ -493,14 +496,14 @@ If the \fB\-HTTP\fR flag is used, the files are sent directly, and should contai
 any HTTP response headers (including status response line).
 If the \fB\-WWW\fR option is used,
 the response headers are generated by the server, and the file extension is
-examined to determine the \fBContent-Type\fR header.
+examined to determine the \fBContent\-Type\fR header.
 Extensions of \f(CW\*(C`html\*(C'\fR, \f(CW\*(C`htm\*(C'\fR, and \f(CW\*(C`php\*(C'\fR are \f(CW\*(C`text/html\*(C'\fR and all others are
 \&\f(CW\*(C`text/plain\*(C'\fR.
 In addition, the special URL \f(CW\*(C`/stats\*(C'\fR will return status
 information like the \fB\-www\fR option.
 .IP \fB\-http_server_binmode\fR 4
 .IX Item "-http_server_binmode"
-When acting as web-server (using option \fB\-WWW\fR or \fB\-HTTP\fR) open files requested
+When acting as web\-server (using option \fB\-WWW\fR or \fB\-HTTP\fR) open files requested
 by the client in binary mode.
 .IP \fB\-no_ca_names\fR 4
 .IX Item "-no_ca_names"
@@ -563,7 +566,7 @@ Enables certificate status request support (aka OCSP stapling).
 .IX Item "-status_verbose"
 Enables certificate status request support (aka OCSP stapling) and gives
 a verbose printout of the OCSP response.
-Use the \fB\-cert_chain\fR option to specify the certificate of the server's
+Use the \fB\-cert_chain\fR option to specify the certificate of the server\*(Aqs
 certificate signer that is required for certificate status requests.
 .IP "\fB\-status_timeout\fR \fIint\fR" 4
 .IX Item "-status_timeout int"
@@ -674,7 +677,7 @@ Turns on non blocking I/O.
 Enable timeouts.
 .IP \fB\-mtu\fR 4
 .IX Item "-mtu"
-Set link-layer MTU.
+Set link\-layer MTU.
 .IP "\fB\-psk_identity\fR \fIval\fR" 4
 .IX Item "-psk_identity val"
 Expect the client to send PSK identity \fIval\fR when using a PSK
@@ -719,23 +722,23 @@ available where OpenSSL has support for SCTP enabled.
 .IP \fB\-sctp_label_bug\fR 4
 .IX Item "-sctp_label_bug"
 Use the incorrect behaviour of older OpenSSL implementations when computing
-endpoint-pair shared secrets for DTLS/SCTP. This allows communication with
+endpoint\-pair shared secrets for DTLS/SCTP. This allows communication with
 older broken implementations but breaks interoperability with correct
 implementations. Must be used in conjunction with \fB\-sctp\fR. This option is only
 available where OpenSSL has support for SCTP enabled.
 .IP \fB\-use_srtp\fR 4
 .IX Item "-use_srtp"
-Offer SRTP key management with a colon-separated profile list.
+Offer SRTP key management with a colon\-separated profile list.
 .IP \fB\-no_dhe\fR 4
 .IX Item "-no_dhe"
 If this option is set then no DH parameters will be loaded effectively
 disabling the ephemeral DH cipher suites.
 .IP "\fB\-alpn\fR \fIval\fR, \fB\-nextprotoneg\fR \fIval\fR" 4
 .IX Item "-alpn val, -nextprotoneg val"
-These flags enable the Application-Layer Protocol Negotiation
+These flags enable the Application\-Layer Protocol Negotiation
 or Next Protocol Negotiation (NPN) extension, respectively. ALPN is the
 IETF standard and replaces NPN.
-The \fIval\fR list is a comma-separated list of supported protocol
+The \fIval\fR list is a comma\-separated list of supported protocol
 names.  The list should contain the most desirable protocols first.
 Protocol names are printable ASCII strings, for example "http/1.1" or
 "spdy/3".
@@ -793,7 +796,7 @@ data that was sent will be rejected.
 Enable acceptance of TCP Fast Open (RFC7413) connections.
 .IP \fB\-cert_comp\fR 4
 .IX Item "-cert_comp"
-Pre-compresses certificates (RFC8879) that will be sent during the handshake.
+Pre\-compresses certificates (RFC8879) that will be sent during the handshake.
 .IP "\fB\-nameopt\fR \fIoption\fR" 4
 .IX Item "-nameopt option"
 This specifies how the subject or issuer names are displayed.
@@ -846,7 +849,7 @@ proceed unless the \fB\-verify_return_error\fR option is used.
 Enable support for sending raw public keys (RFC7250) to the client.
 A raw public key will be sent by the server, if solicited by the client,
 provided a suitable key and public certificate pair is configured.
-Clients that don't support raw public keys or prefer to use X.509
+Clients that don\*(Aqt support raw public keys or prefer to use X.509
 certificates can still elect to receive X.509 certificates as usual.
 .Sp
 Raw public keys are extracted from the configured certificate/private key.
@@ -855,7 +858,7 @@ Raw public keys are extracted from the configured certificate/private key.
 Enable support for receiving raw public keys (RFC7250) from the client.
 Use of X.509 certificates by the client becomes optional, and clients that
 support raw public keys may elect to use them.
-Clients that don't support raw public keys or prefer to use X.509
+Clients that don\*(Aqt support raw public keys or prefer to use X.509
 certificates can still elect to send X.509 certificates as usual.
 .Sp
 Raw public keys are extracted from the configured certificate/private key.