From ef124d0952e18f1c7a7e9f99b2d10e2f0737c24a Mon Sep 17 00:00:00 2001
From: Daniel Gustafsson <dgustafsson@postgresql.org>
Date: Wed, 10 Apr 2024 13:53:25 +0200
Subject: Doc: Update ulinks to RFC documents to avoid redirect

The tools.ietf.org site has been decommissioned and replaced by a
number of sites serving various purposes.  Links to RFCs and BCPs
are now 301 redirected to their new respective IETF sites.  Since
this serves no purpose and only adds network overhead, update our
links to the new locations.

Backpatch to all supported versions.

Discussion: https://postgr.es/m/3C1CEA99-FCED-447D-9858-5A579B4C6687@yesql.se
Backpatch-through: v12
---
 doc/src/sgml/client-auth.sgml | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

(limited to 'doc/src/sgml/client-auth.sgml')

diff --git a/doc/src/sgml/client-auth.sgml b/doc/src/sgml/client-auth.sgml
index 68e73b9c328..02fa1ecc752 100644
--- a/doc/src/sgml/client-auth.sgml
+++ b/doc/src/sgml/client-auth.sgml
@@ -627,7 +627,7 @@ hostnogssenc  <replaceable>database</replaceable>  <replaceable>user</replaceabl
        entire <literal>Distinguished Name (DN)</literal> of the certificate.
        This option is probably best used in conjunction with a username map.
        The comparison is done with the <literal>DN</literal> in
-       <ulink url="https://tools.ietf.org/html/rfc2253">RFC 2253</ulink>
+       <ulink url="https://datatracker.ietf.org/doc/html/rfc2253">RFC 2253</ulink>
        format. To see the <literal>DN</literal> of a client certificate
        in this format, do
 <programlisting>
@@ -977,7 +977,7 @@ omicron         bryanh                  guest1
      <para>
       <link linkend="auth-ident">Ident authentication</link>, which
       relies on an <quote>Identification Protocol</quote>
-      (<ulink url="https://tools.ietf.org/html/rfc1413">RFC 1413</ulink>)
+      (<ulink url="https://datatracker.ietf.org/doc/html/rfc1413">RFC 1413</ulink>)
       service on the client's machine.  (On local Unix-socket connections,
       this is treated as peer authentication.)
      </para>
@@ -1116,7 +1116,7 @@ omicron         bryanh                  guest1
       <para>
        The method <literal>scram-sha-256</literal> performs SCRAM-SHA-256
        authentication, as described in
-       <ulink url="https://tools.ietf.org/html/rfc7677">RFC 7677</ulink>.  It
+       <ulink url="https://datatracker.ietf.org/doc/html/rfc7677">RFC 7677</ulink>.  It
        is a challenge-response scheme that prevents password sniffing on
        untrusted connections and supports storing passwords on the server in a
        cryptographically hashed form that is thought to be secure.
@@ -1228,7 +1228,7 @@ omicron         bryanh                  guest1
    <para>
     <productname>GSSAPI</productname> is an industry-standard protocol
     for secure authentication defined in
-    <ulink url="https://tools.ietf.org/html/rfc2743">RFC 2743</ulink>.
+    <ulink url="https://datatracker.ietf.org/doc/html/rfc2743">RFC 2743</ulink>.
     <productname>PostgreSQL</productname>
     supports <productname>GSSAPI</productname> for authentication,
     communications encryption, or both.
@@ -1543,7 +1543,7 @@ omicron         bryanh                  guest1
 
    <para>
     The <quote>Identification Protocol</quote> is described in
-    <ulink url="https://tools.ietf.org/html/rfc1413">RFC 1413</ulink>.
+    <ulink url="https://datatracker.ietf.org/doc/html/rfc1413">RFC 1413</ulink>.
     Virtually every Unix-like
     operating system ships with an ident server that listens on TCP
     port 113 by default. The basic functionality of an ident server
@@ -1712,7 +1712,7 @@ omicron         bryanh                  guest1
        <para>
         Set to 1 to make the connection between PostgreSQL and the LDAP server
         use TLS encryption.  This uses the <literal>StartTLS</literal>
-        operation per <ulink url="https://tools.ietf.org/html/rfc4513">RFC 4513</ulink>.
+        operation per <ulink url="https://datatracker.ietf.org/doc/html/rfc4513">RFC 4513</ulink>.
         See also the <literal>ldapscheme</literal> option for an alternative.
        </para>
       </listitem>
@@ -1807,7 +1807,7 @@ omicron         bryanh                  guest1
        <term><literal>ldapurl</literal></term>
        <listitem>
         <para>
-         An <ulink url="https://tools.ietf.org/html/rfc4516">RFC 4516</ulink>
+         An <ulink url="https://datatracker.ietf.org/doc/html/rfc4516">RFC 4516</ulink>
          LDAP URL.  This is an alternative way to write some of the
          other LDAP options in a more compact and standard form.  The format is
 <synopsis>
@@ -1870,7 +1870,7 @@ ldap[s]://<replaceable>host</replaceable>[:<replaceable>port</replaceable>]/<rep
      <productname>OpenLDAP</productname> as the LDAP client library, the
      <literal>ldapserver</literal> setting may be omitted.  In that case, a
      list of host names and ports is looked up via
-     <ulink url="https://tools.ietf.org/html/rfc2782">RFC 2782</ulink> DNS SRV records.
+     <ulink url="https://datatracker.ietf.org/doc/html/rfc2782">RFC 2782</ulink> DNS SRV records.
      The name <literal>_ldap._tcp.DOMAIN</literal> is looked up, where
      <literal>DOMAIN</literal> is extracted from <literal>ldapbasedn</literal>.
    </para>
-- 
cgit v1.2.3