1 files changed, 4 insertions, 4 deletions
diff --git a/src/lib/libssl/man/SSL_CTX_set_tmp_dh_callback.3 b/src/lib/libssl/man/SSL_CTX_set_tmp_dh_callback.3
index 2628c65a13..ae0349584a 100644
--- a/src/lib/libssl/man/SSL_CTX_set_tmp_dh_callback.3
+++ b/src/lib/libssl/man/SSL_CTX_set_tmp_dh_callback.3
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: SSL_CTX_set_tmp_dh_callback.3,v 1.8 2020/03/30 10:28:59 schwarze Exp $
+.\"     $OpenBSD: SSL_CTX_set_tmp_dh_callback.3,v 1.9 2022/02/18 23:17:15 jsg Exp $
 .\"     OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
 .\"
 .\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,7 +48,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: March 30 2020 $
+.Dd $Mdocdate: February 18 2022 $
 .Dt SSL_CTX_SET_TMP_DH_CALLBACK 3
 .Os
 .Sh NAME
@@ -113,8 +113,8 @@ Anonymous ciphers (without a permanent server key) also use ephemeral DH keys.
 Using ephemeral DH key exchange yields forward secrecy,
 as the connection can only be decrypted when the DH key is known.
 By generating a temporary DH key inside the server application that is lost
-when the application is left, it becomes impossible for an attacker to decrypt
+when the application is left, it becomes impossible for attackers to decrypt
-past sessions, even if he gets hold of the normal (certified) key,
+past sessions, even if they get hold of the normal (certified) key,
 as this key was only used for signing.
 .Pp
 In order to perform a DH key exchange the server must use a DH group

diff --git a/src/lib/libssl/man/SSL_CTX_set_tmp_dh_callback.3 b/src/lib/libssl/man/SSL_CTX_set_tmp_dh_callback.3 index 2628c65a13..ae0349584a 100644 --- a/src/lib/libssl/man/SSL_CTX_set_tmp_dh_callback.3 +++ b/src/lib/libssl/man/SSL_CTX_set_tmp_dh_callback.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: SSL_CTX_set_tmp_dh_callback.3,v 1.8 2020/03/30 10:28:59 schwarze Exp $	1	.\" $OpenBSD: SSL_CTX_set_tmp_dh_callback.3,v 1.9 2022/02/18 23:17:15 jsg Exp $
2	.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100	2	.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3	.\"	3	.\"
4	.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.	4	.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,7 +48,7 @@
48	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	48	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	49	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50	.\"	50	.\"
51	.Dd $Mdocdate: March 30 2020 $	51	.Dd $Mdocdate: February 18 2022 $
52	.Dt SSL_CTX_SET_TMP_DH_CALLBACK 3	52	.Dt SSL_CTX_SET_TMP_DH_CALLBACK 3
53	.Os	53	.Os
54	.Sh NAME	54	.Sh NAME
@@ -113,8 +113,8 @@ Anonymous ciphers (without a permanent server key) also use ephemeral DH keys.
113	Using ephemeral DH key exchange yields forward secrecy,	113	Using ephemeral DH key exchange yields forward secrecy,
114	as the connection can only be decrypted when the DH key is known.	114	as the connection can only be decrypted when the DH key is known.
115	By generating a temporary DH key inside the server application that is lost	115	By generating a temporary DH key inside the server application that is lost
116	when the application is left, it becomes impossible for an attacker to decrypt	116	when the application is left, it becomes impossible for attackers to decrypt
117	past sessions, even if he gets hold of the normal (certified) key,	117	past sessions, even if they get hold of the normal (certified) key,
118	as this key was only used for signing.	118	as this key was only used for signing.
119	.Pp	119	.Pp
120	In order to perform a DH key exchange the server must use a DH group	120	In order to perform a DH key exchange the server must use a DH group