Update to OpenSSL 1.0.2.o

doc/apps/s_server.pod

@@ -3,6 +3,7 @@
 
 =head1 NAME
 
+openssl-s_server,
 s_server - SSL/TLS server program
 
 =head1 SYNOPSIS
@@ -35,6 +36,8 @@ B<openssl> B<s_server>
 [B<-CAfile filename>]
 [B<-no_alt_chains>]
 [B<-nocert>]
+[B<-client_sigalgs sigalglist>]
+[B<-named_curve curve>]
 [B<-cipher cipherlist>]
 [B<-serverpref>]
 [B<-quiet>]
@@ -217,6 +220,7 @@ Use the PSK identity hint B<hint> when using a PSK cipher suite.
 Use the PSK key B<key> when using a PSK cipher suite. The key is
 given as a hexadecimal number without leading 0x, for example -psk
 1a2b3c4d.
+This option must be provided in order to use a PSK cipher.
 
 =item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
 
@@ -234,6 +238,18 @@ option enables various workarounds.
 this option enables a further workaround for some some early Netscape
 SSL code (?).
 
+=item B<-client_sigalgs sigalglist>
+
+Signature algorithms to support for client certificate authentication
+(colon-separated list)
+
+=item B<-named_curve curve>
+
+Specifies the elliptic curve to use. NOTE: this is single curve, not a list.
+For a list of all possible curves, use:
+
+    $ openssl ecparam -list_curves
+
 =item B<-cipher cipherlist>
 
 this allows the cipher list used by the server to be modified.  When
@@ -389,10 +405,6 @@ a web browser the command:
 
 can be used for example.
 
-Most web browsers (in particular Netscape and MSIE) only support RSA cipher
-suites, so they cannot connect to servers which don't use a certificate
-carrying an RSA key or a version of OpenSSL with RSA disabled.
-
 Although specifying an empty list of CAs when requesting a client certificate
 is strictly speaking a protocol violation, some SSL clients interpret this to
 mean any CA is acceptable. This is useful for debugging purposes.