From: Michal Nowak Date: Fri, 24 Jan 2025 10:50:36 +0000 (+0100) Subject: Fix broken links in documentation X-Git-Tag: v9.21.5~29^2~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=83024695075412f95c3d445ae0acd2e0a49b5c27;p=thirdparty%2Fbind9.git Fix broken links in documentation Some detected links are not to be verified (127.*, dnssec-or-not.com) and some I can't fix (flaticon, godaddy, icann), but they are not crucial. --- diff --git a/bin/dnssec/dnssec-signzone.rst b/bin/dnssec/dnssec-signzone.rst index fffae1980a4..bfeede38304 100644 --- a/bin/dnssec/dnssec-signzone.rst +++ b/bin/dnssec/dnssec-signzone.rst @@ -274,7 +274,7 @@ Options with cached copies of the old DNSKEY RRset. The :option:`-Q` option forces :program:`dnssec-signzone` to remove signatures from keys that are no longer active. This enables ZSK rollover using the procedure described in - :rfc:`6781#4.1.1.1` ("Pre-Publish Key Rollover"). + :rfc:`6781#section-4.1.1.1` ("Pre-Publish Zone Signing Key Rollover"). .. option:: -q @@ -291,7 +291,7 @@ Options This option is similar to :option:`-Q`, except it forces :program:`dnssec-signzone` to remove signatures from keys that are no longer published. This enables ZSK rollover using the procedure described in - :rfc:`6781#4.1.1.2` ("Double Signature Zone Signing Key + :rfc:`6781#section-4.1.1.2` ("Double Signature Zone Signing Key Rollover"). .. option:: -S diff --git a/doc/arm/build.inc.rst b/doc/arm/build.inc.rst index 10dd3eadddd..b87b82c9ce1 100644 --- a/doc/arm/build.inc.rst +++ b/doc/arm/build.inc.rst @@ -105,8 +105,9 @@ unavailable, ``--disable-doh`` can be used to disable DoH support. To support the HTTP statistics channel, the server must be linked with at least one of the following libraries: ``libxml2`` -(http://xmlsoft.org) or ``json-c`` (https://github.com/json-c/json-c). -If these are installed at a nonstandard location, then: +(https://gitlab.gnome.org/GNOME/libxml2/-/wikis/home) or ``json-c`` +(https://github.com/json-c/json-c). If these are installed at a +nonstandard location, then: - for ``libxml2``, specify the prefix using ``--with-libxml2=/prefix``, - for ``json-c``, adjust ``PKG_CONFIG_PATH``. @@ -130,7 +131,7 @@ installed in a nonstandard location, specify the prefix using For DNSTAP packet logging, ``libfstrm`` (https://github.com/farsightsec/fstrm) and ``libprotobuf-c`` -(https://developers.google.com/protocol-buffers) must be installed, and +(https://protobuf.dev) must be installed, and BIND must be configured with ``--enable-dnstap``. To support internationalized domain names in :iscman:`dig`, ``libidn2`` @@ -176,6 +177,6 @@ macOS Building on macOS assumes that the “Command Tools for Xcode” are installed. These can be downloaded from -https://developer.apple.com/download/more/ or, if Xcode is already +https://developer.apple.com/xcode/resources/ or, if Xcode is already installed, simply run ``xcode-select --install``. (Note that an Apple ID may be required to access the download page.) diff --git a/doc/arm/general.rst b/doc/arm/general.rst index 5cf402cfd76..3127d067743 100644 --- a/doc/arm/general.rst +++ b/doc/arm/general.rst @@ -39,7 +39,7 @@ The list is non-exhaustive. .. _Internet Engineering Steering Group: https://www.ietf.org/about/groups/iesg/ .. _Internet Engineering Task Force: https://www.ietf.org/about/ -.. _Request for Comments: https://www.ietf.org/standards/rfcs/ +.. _Request for Comments: https://www.ietf.org/process/rfcs/ Some of these RFCs, though DNS-related, are not concerned with implementing software. diff --git a/doc/arm/intro-dns-bind.inc.rst b/doc/arm/intro-dns-bind.inc.rst index 58b0d2952c1..f37cfa30a88 100644 --- a/doc/arm/intro-dns-bind.inc.rst +++ b/doc/arm/intro-dns-bind.inc.rst @@ -102,7 +102,7 @@ that could be packed into a 512-byte UDP message, and not a perverse affinity fo cultures treat as unlucky. The 512-byte UDP data limit is no longer a limiting factor and all root servers now support both IPv4 and IPv6. In addition, almost all the root servers use **anycast**, with well over -300 instances of the root servers now providing service worldwide (see further information at https://www.root-servers.org). +300 instances of the root servers now providing service worldwide (see further information at https://root-servers.org). The root servers are the starting point for all **name resolution** within the DNS. Name Resolution diff --git a/doc/arm/pkcs11.inc.rst b/doc/arm/pkcs11.inc.rst index 020796676aa..bd0d5ead85a 100644 --- a/doc/arm/pkcs11.inc.rst +++ b/doc/arm/pkcs11.inc.rst @@ -42,7 +42,7 @@ Building SoftHSMv2 ^^^^^^^^^^^^^^^^^^ SoftHSMv2, the latest development version of SoftHSM, is available from -https://github.com/opendnssec/SoftHSMv2. It is a software library +https://github.com/softhsm/SoftHSMv2. It is a software library developed by the OpenDNSSEC project (https://www.opendnssec.org) which provides a PKCS#11 interface to a virtual HSM, implemented in the form of an SQLite3 database on the local filesystem. It provides less security diff --git a/doc/arm/reference.rst b/doc/arm/reference.rst index 23b2a3fc342..e0c661226f7 100644 --- a/doc/arm/reference.rst +++ b/doc/arm/reference.rst @@ -1181,7 +1181,7 @@ default is used. https://github.com/farsightsec/fstrm) to send event payloads which are encoded using Protocol Buffers (``libprotobuf-c``, a mechanism for serializing structured data developed by Google, Inc.; see - https://developers.google.com/protocol-buffers/). + https://protobuf.dev). To enable :any:`dnstap` at compile time, the ``fstrm`` and ``protobuf-c`` libraries must be available, and BIND must be @@ -5743,7 +5743,7 @@ The following options can be specified in a :any:`tls` statement: ``TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256``. The string must be formed according to the rules specified in the OpenSSL documentation (see - https://www.openssl.org/docs/man1.1.1/man1/ciphers.html, section + https://docs.openssl.org/1.1.1/man1/ciphers/, section "TLS v1.3 cipher suites" for details). .. namedconf:statement:: ciphers @@ -5753,7 +5753,7 @@ The following options can be specified in a :any:`tls` statement: This option defines allowed ciphers, such as ``HIGH:!aNULL:!MD5:!SHA1:!SHA256:!SHA384``. The string must be formed according to the rules specified in the OpenSSL documentation - (see https://www.openssl.org/docs/man1.1.1/man1/ciphers.html + (see https://docs.openssl.org/1.1.1/man1/ciphers/ for details). .. namedconf:statement:: prefer-server-ciphers diff --git a/doc/arm/rpz.inc.rst b/doc/arm/rpz.inc.rst index 500d1539830..163fb58f7a4 100644 --- a/doc/arm/rpz.inc.rst +++ b/doc/arm/rpz.inc.rst @@ -727,8 +727,8 @@ particular). This is a concern for some network administrators who do not want their users' DNS queries to be rerouted unexpectedly. However, Mozilla provides a mechanism to disable the DoH-by-default setting: if the Mozilla-owned domain `use-application-dns.net -`_ returns an NXDOMAIN response code, Firefox -will not use DoH. +`_ +returns an NXDOMAIN response code, Firefox will not use DoH. To accomplish this using RPZ: diff --git a/doc/arm/troubleshooting.inc.rst b/doc/arm/troubleshooting.inc.rst index a2d81a9f1da..ec871c15eae 100644 --- a/doc/arm/troubleshooting.inc.rst +++ b/doc/arm/troubleshooting.inc.rst @@ -42,7 +42,7 @@ back to plain DNS queries without EDNS. Such workarounds cause unnecessary resolution delays, increase code complexity, and prevent deployment of new DNS features. In February 2019, all major DNS software vendors removed these -workarounds; see https://dnsflagday.net/2019 for further details. This change +workarounds; see https://www.dnsflagday.net/2019/ for further details. This change was implemented in BIND as of release 9.14.0. As a result, some domains may be non-resolvable without manual diff --git a/doc/changelog/changelog-9.21.1.rst b/doc/changelog/changelog-9.21.1.rst index cc42507bb79..824c283e698 100644 --- a/doc/changelog/changelog-9.21.1.rst +++ b/doc/changelog/changelog-9.21.1.rst @@ -25,8 +25,8 @@ New Features are loaded from the currently active bundle from the imported SKR. The implementation is loosely based on: - https://www.iana.org/dnssec/archive/files/draft-icann-dnssec- - keymgmt-01.txt :gl:`#1128` :gl:`!9119` + https://www.iana.org/dnssec/archive/files/draft-icann-dnssec-keymgmt-01.txt + :gl:`#1128` :gl:`!9119` - Implement the 'request-ixfr-max-diffs' configuration option. ``99b18bab7e1`` diff --git a/doc/dnssec-guide/introduction.rst b/doc/dnssec-guide/introduction.rst index 8809445f2b7..7539b93e99e 100644 --- a/doc/dnssec-guide/introduction.rst +++ b/doc/dnssec-guide/introduction.rst @@ -376,7 +376,7 @@ want to consider deploying DNSSEC: requesting all ``.gov`` subdomains to be DNSSEC-signed by December 2009. This explains why ``.gov`` is the most-deployed DNSSEC domain currently, with `around 90% of subdomains - signed. `__ + signed. `__ .. _how_does_dnssec_change_my_job: diff --git a/doc/dnssec-guide/preface.rst b/doc/dnssec-guide/preface.rst index fb6bd67d680..7a898bd53d0 100644 --- a/doc/dnssec-guide/preface.rst +++ b/doc/dnssec-guide/preface.rst @@ -78,6 +78,6 @@ Considerations" by S. Morris, J. Ihren, J. Dickinson, and W. Mekking, subsequently published as :rfc:`7583`. Icons made by `Freepik `__ and -`SimpleIcon `__ from +`SimpleIcon `__ from `Flaticon `__, licensed under `Creative Commons BY 3.0 `__. diff --git a/doc/dnssec-guide/validation.rst b/doc/dnssec-guide/validation.rst index 3bcd065edcd..a7135f86d51 100644 --- a/doc/dnssec-guide/validation.rst +++ b/doc/dnssec-guide/validation.rst @@ -110,7 +110,7 @@ Configure your client computer to use the newly reconfigured recursive server for DNS resolution; then use one of these web-based tests to confirm that it is in fact validating DNS responses. -- `Internet.nl `__ +- `Internet.nl `__ - `DNSSEC or Not (VeriSign) `__