URLs: change more http to https

18 files changed, 46 insertions, 44 deletions

diff --git a/CHANGES.0 b/CHANGES.0
index 432411b7b..f03298118 100644
--- a/CHANGES.0
+++ b/CHANGES.0
@@ -343,7 +343,7 @@ Daniel Stenberg (23 Mar 2010)
   (https://curl.haxx.se/bug/view.cgi?id=2963679)
 
 - Akos Pasztory filed debian bug report #572276
-  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572276 mentioning a problem
+  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572276 mentioning a problem
   with a resource that returns chunked-encoded _and_ with a Content-Length
   and libcurl failed to properly ignore the latter information.
 
@@ -1608,7 +1608,7 @@ Daniel Stenberg (28 Apr 2009)
 - Constantine Sapuntzakis filed bug report #2783090
   (https://curl.haxx.se/bug/view.cgi?id=2783090) pointing out that on windows
   we need to grow the SO_SNDBUF buffer somewhat to get really good upload
-  speeds. http://support.microsoft.com/kb/823764 has the details. Friends
+  speeds. https://support.microsoft.com/kb/823764 has the details. Friends
   confirmed that simply adding 32 to CURL_MAX_WRITE_SIZE is enough.
 
 - Bug report #2709004 (https://curl.haxx.se/bug/view.cgi?id=2709004) by Tim
@@ -3290,7 +3290,7 @@ Daniel Fandrich (25 Jun 2008)
 
 Daniel Stenberg (22 Jun 2008)
 - Eduard Bloch filed the debian bug report #487567
-  (http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487567) pointing out that
+  (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487567) pointing out that
   libcurl used Content-Range: instead of Range when doing a range request with
   --head (CURLOPT_NOBODY). This is now fixed and test case 1032 was added to
   verify.
@@ -3486,7 +3486,7 @@ Michal Marek (9 May 2008)
 
 Daniel Stenberg (7 May 2008)
 - Liam Healy filed the debian bug report #480044
-  (http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480044) identifying a
+  (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480044) identifying a
   segfault when using krb5 ftp, but the krb4 code had the same problem.
 
 Yang Tse (7 May 2008)
@@ -3896,7 +3896,7 @@ Daniel S (3 Feb 2008)
 Daniel S (31 Jan 2008)
 - Niklas Angebrand made the cookie support in libcurl properly deal with the
   "HttpOnly" feature introduced by Microsoft and apparently also supported by
-  Firefox: http://msdn2.microsoft.com/en-us/library/ms533046.aspx . HttpOnly
+  Firefox: https://msdn.microsoft.com/en-us/library/ms533046.aspx . HttpOnly
   is now supported when received from servers in HTTP headers, when written to
   cookie jars and when read from existing cookie jars.
 
@@ -5538,7 +5538,7 @@ Daniel (13 February 2007)
 
 Daniel (12 February 2007)
 - Rob Crittenden added support for NSS (Network Security Service) for the
-  SSL/TLS layer. http://www.mozilla.org/projects/security/pki/nss/
+  SSL/TLS layer. https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS
 
   This is the fourth supported library for TLS/SSL that libcurl supports!
 
@@ -5696,7 +5696,7 @@ Daniel (2 January 2007)
 - Modified libcurl.pc.in to use Libs.private for the libs libcurl itself needs
   to get built static. It has been mentioned before and was again brought to
   our attention by Nathanael Nerode who filed debian bug report #405226
-  (http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405226).
+  (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405226).
 
 Daniel (29 December 2006)
 - Make curl_easy_duphandle() set the magic number in the new handle.
@@ -6287,7 +6287,7 @@ Daniel (8 June 2006)
   route of skipping them for *-*-cygwin*.
 
   The third patch replaces all uses of the ancient and obsolete __CYGWIN32__
-  with __CYGWIN__. Ref: <http://cygwin.com/ml/cygwin/2003-09/msg01520.html>.
+  with __CYGWIN__. Ref: <https://cygwin.com/ml/cygwin/2003-09/msg01520.html>.
 
 Daniel (7 June 2006)
 - Mikael Sennerholm provided a patch that added NTLM2 session response support
@@ -6854,7 +6854,7 @@ Daniel (14 November 2005)
   but it should not do any harm. https://curl.haxx.se/bug/view.cgi?id=1356715
 
 - Jan Kunder's debian bug report
-  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=338680 identified a weird
+  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=338680 identified a weird
   error message for when you try to upload a file and the requested directory
   doesn't exist on the target server.
 
@@ -6864,7 +6864,7 @@ Daniel (14 November 2005)
 Daniel (13 November 2005)
 - Debian bug report 338681 by Jan Kunder: make curl better detect and report
   bad limit-rate units:
-  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=338681 Now curl will return
+  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=338681 Now curl will return
   error if a bad unit is used.
 
 - Thanks to this nice summary of poll() implementations:
@@ -7040,15 +7040,15 @@ Daniel (27 September 2005)
 
 Daniel (21 September 2005)
 - Fixed "cut off" sentence in the libcurl-tutorial man page:
-  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=329305
+  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=329305
 
 - Clarified in the curl_easy_setopt man page what the default
   CURLOPT_WRITEFUNCTION and CURLOPT_WRITEDATA mean:
-  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=329311
+  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=329311
 
 - Clarified in the curl_easy_setopt man page that CURLOPT_ERRORBUFFER
   sometimes doesn't fill in the buffer even though it is supposed to:
-  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=329313
+  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=329313
 
 - When CURLE_URL_MALFORMAT is returned due to a missing URL, it now has an
   error string set.
@@ -7075,7 +7075,7 @@ Daniel (6 September 2005)
 Daniel (4 September 2005)
 - I applied Nicolas François' man page patch he posted to the Debian bug
   tracker. It corrected two lines that started with apostrophes, which isn't
-  legal nroff format. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=326511
+  legal nroff format. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=326511
 
 - Added --ftp-skip-pasv-ip to the command line tool, that sets the new
   CURLOPT_FTP_SKIP_PASV_IP option. It makes libcurl re-use the control
@@ -7301,7 +7301,7 @@ Daniel (30 May 2005)
 - Eric Cooper reported about a problem with HTTP servers that responds with
   binary zeroes within the headers. They confused libcurl to do wrong so the
   downloaded headers become incomplete. The fix is now verified with test case
-  262. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=310948
+  262. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=310948
 
 Daniel (25 May 2005)
 - Fixed problems with the test suite, and in particular the FTP test cases
@@ -7658,7 +7658,7 @@ Daniel (4 March 2005)
 Daniel (22 February 2005)
 - NTLM and ftp-krb4 buffer overflow fixed, as reported here:
   http://www.securityfocus.com/archive/1/391042 and the CAN report here:
-  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0490
+  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0490
 
   If these security guys were serious, we'd been notified in advance and we
   could've saved a few of you a little surprise, but now we weren't.
@@ -7918,7 +7918,7 @@ Daniel (13 January 2005)
   http://www.greenhills.co.uk/mak/gentoo/curl-eintr-bug.c, I now made the
   select() and poll() calls properly loop if they return -1 and errno is
   EINTR. glibc docs for this is found here:
-  http://www.gnu.org/software/libc/manual/html_node/Interrupted-Primitives.html
+  https://www.gnu.org/software/libc/manual/html_node/Interrupted-Primitives.html
 
   This last link says BSD doesn't have this "effect". Will there be a problem
   if we do this unconditionally?
@@ -12542,7 +12542,7 @@ Daniel (16 March 2002)
   PASV ftp transfers. It could make libcurl crash.
 
   Details in bug report #530562:
-  http://sourceforge.net/tracker/?func=detail&atid=100976&aid=530562&group_id=976
+  https://sourceforge.net/p/curl/bugs/178/
 
 Daniel (15 March 2002)
 - Jun-ichiro itojun Hagino filed bug report #530204 that clearly pointed out
@@ -12922,7 +12922,7 @@ Daniel (17 January 2002)
 
 - Richard Archer brought back the ability to compile and build with OpenSSL
   versions before 0.9.5.
-  [http://sourceforge.net/tracker/?func=detail&atid=100976&aid=504163&group_id=976]
+  [https://sourceforge.net/p/curl/bugs/149/]
 
 - The DNS cache code didn't take the port number into account, which made it
   work rather bad on IPv6-enabled hosts (especially when doing passive
diff --git a/docs/FAQ b/docs/FAQ
index 334dbf3f1..b3035eea5 100644
--- a/docs/FAQ
+++ b/docs/FAQ
@@ -1402,7 +1402,7 @@ FAQ
   to do "LIST -a" or similar to see them.
 
   The application thus needs to parse the LIST output. One such existing
-  list parser is available at http://cr.yp.to/ftpparse.html  Versions of
+  list parser is available at https://cr.yp.to/ftpparse.html  Versions of
   libcurl since 7.21.0 also provide the ability to specify a wildcard to
   download multiple files from one FTP directory.
 
diff --git a/docs/libcurl/libcurl-tutorial.3 b/docs/libcurl/libcurl-tutorial.3
index 3c9bb60f4..3144da3c6 100644
--- a/docs/libcurl/libcurl-tutorial.3
+++ b/docs/libcurl/libcurl-tutorial.3
@@ -1046,7 +1046,7 @@ input from potentially untrusted users.  Following is a discussion about
 some risks in the ways in which applications commonly use libcurl and
 potential mitigations of those risks. It is by no means comprehensive, but
 shows classes of attacks that robust applications should consider. The
-Common Weakness Enumeration project at http://cwe.mitre.org/ is a good
+Common Weakness Enumeration project at https://cwe.mitre.org/ is a good
 reference for many of these and similar types of weaknesses of which
 application writers should be aware.
 
diff --git a/lib/connect.c b/lib/connect.c
index 6a16b2da8..4ad4ec403 100644
--- a/lib/connect.c
+++ b/lib/connect.c
@@ -912,7 +912,7 @@ static void nosigpipe(struct connectdata *conn,
 /* When you run a program that uses the Windows Sockets API, you may
    experience slow performance when you copy data to a TCP server.
 
-   http://support.microsoft.com/kb/823764
+   https://support.microsoft.com/kb/823764
 
    Work-around: Make the Socket Send Buffer Size Larger Than the Program Send
    Buffer Size
diff --git a/lib/connect.h b/lib/connect.h
index 7ef6c7ed7..f3d4ac747 100644
--- a/lib/connect.h
+++ b/lib/connect.h
@@ -56,7 +56,7 @@ curl_socket_t Curl_getconnectinfo(struct SessionHandle *data,
 /* When you run a program that uses the Windows Sockets API, you may
    experience slow performance when you copy data to a TCP server.
 
-   http://support.microsoft.com/kb/823764
+   https://support.microsoft.com/kb/823764
 
    Work-around: Make the Socket Send Buffer Size Larger Than the Program Send
    Buffer Size
diff --git a/lib/curl_ntlm_wb.c b/lib/curl_ntlm_wb.c
index 93d0eecd2..06f66702d 100644
--- a/lib/curl_ntlm_wb.c
+++ b/lib/curl_ntlm_wb.c
@@ -373,8 +373,8 @@ CURLcode Curl_output_ntlm_wb(struct connectdata *conn,
      * by delegating the NTLM challenge/response protocal to a helper
      * in ntlm_auth.
      * http://devel.squid-cache.org/ntlm/squid_helper_protocol.html
-     * http://www.samba.org/samba/docs/man/manpages-3/winbindd.8.html
-     * http://www.samba.org/samba/docs/man/manpages-3/ntlm_auth.1.html
+     * https://www.samba.org/samba/docs/man/manpages-3/winbindd.8.html
+     * https://www.samba.org/samba/docs/man/manpages-3/ntlm_auth.1.html
      * Preprocessor symbol 'NTLM_WB_ENABLED' is defined when this
      * feature is enabled and 'NTLM_WB_FILE' symbol holds absolute
      * filename of ntlm_auth helper.
diff --git a/lib/curl_rtmp.c b/lib/curl_rtmp.c
index 467660359..06dd047a4 100644
--- a/lib/curl_rtmp.c
+++ b/lib/curl_rtmp.c
@@ -55,7 +55,7 @@ static Curl_recv rtmp_recv;
 static Curl_send rtmp_send;
 
 /*
- * RTMP protocol handler.h, based on http://rtmpdump.mplayerhq.hu
+ * RTMP protocol handler.h, based on https://rtmpdump.mplayerhq.hu
  */
 
 const struct Curl_handler Curl_handler_rtmp = {
diff --git a/lib/dotdot.c b/lib/dotdot.c
index c7f42b1cc..99fac7f98 100644
--- a/lib/dotdot.c
+++ b/lib/dotdot.c
@@ -30,7 +30,7 @@
 
 /*
  * "Remove Dot Segments"
- * http://tools.ietf.org/html/rfc3986#section-5.2.4
+ * https://tools.ietf.org/html/rfc3986#section-5.2.4
  */
 
 /*
diff --git a/lib/escape.c b/lib/escape.c
index 3da6c0cea..40338a904 100644
--- a/lib/escape.c
+++ b/lib/escape.c
@@ -39,7 +39,7 @@
 
 /* Portable character check (remember EBCDIC). Do not use isalnum() because
    its behavior is altered by the current locale.
-   See http://tools.ietf.org/html/rfc3986#section-2.3
+   See https://tools.ietf.org/html/rfc3986#section-2.3
 */
 static bool Curl_isunreserved(unsigned char in)
 {
diff --git a/lib/hostcheck.c b/lib/hostcheck.c
index ab640fe6a..4db9e6ba8 100644
--- a/lib/hostcheck.c
+++ b/lib/hostcheck.c
@@ -43,7 +43,7 @@
  *  "foo.host.com" matches "*.host.com".
  *
  * We use the matching rule described in RFC6125, section 6.4.3.
- * http://tools.ietf.org/html/rfc6125#section-6.4.3
+ * https://tools.ietf.org/html/rfc6125#section-6.4.3
  *
  * In addition: ignore trailing dots in the host names and wildcards, so that
  * the names are used normalized. This is what the browsers do.
diff --git a/lib/http_digest.c b/lib/http_digest.c
index 11809d0cc..dc867d52e 100644
--- a/lib/http_digest.c
+++ b/lib/http_digest.c
@@ -135,7 +135,7 @@ CURLcode Curl_output_digest(struct connectdata *conn,
 
      Apache servers can be set to do the Digest IE-style automatically using
      the BrowserMatch feature:
-     http://httpd.apache.org/docs/2.2/mod/mod_auth_digest.html#msie
+     https://httpd.apache.org/docs/2.2/mod/mod_auth_digest.html#msie
 
      Further details on Digest implementation differences:
      http://www.fngtps.com/2006/09/http-authentication
diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
index 03c6083ad..a9702c4a4 100644
--- a/lib/vtls/gtls.c
+++ b/lib/vtls/gtls.c
@@ -62,7 +62,7 @@
 
 /*
  Some hackish cast macros based on:
- http://library.gnome.org/devel/glib/unstable/glib-Type-Conversion-Macros.html
+ https://developer.gnome.org/glib/unstable/glib-Type-Conversion-Macros.html
 */
 #ifndef GNUTLS_POINTER_TO_INT_CAST
 #define GNUTLS_POINTER_TO_INT_CAST(p) ((int) (long) (p))
diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c
index f5c1ff52d..7f7bd357d 100644
--- a/lib/vtls/schannel.c
+++ b/lib/vtls/schannel.c
@@ -189,7 +189,8 @@ schannel_connect_step1(struct connectdata *conn, int sockindex)
     }
     memset(connssl->cred, 0, sizeof(struct curl_schannel_cred));
 
-    /* http://msdn.microsoft.com/en-us/library/windows/desktop/aa374716.aspx */
+    /* https://msdn.microsoft.com/en-us/library/windows/desktop/aa374716.aspx
+       */
     sspi_status =
       s_pSecFn->AcquireCredentialsHandle(NULL, (TCHAR *)UNISP_NAME,
                                          SECPKG_CRED_OUTBOUND, NULL,
@@ -240,7 +241,7 @@ schannel_connect_step1(struct connectdata *conn, int sockindex)
   if(!host_name)
     return CURLE_OUT_OF_MEMORY;
 
-  /* http://msdn.microsoft.com/en-us/library/windows/desktop/aa375924.aspx */
+  /* https://msdn.microsoft.com/en-us/library/windows/desktop/aa375924.aspx */
 
   sspi_status = s_pSecFn->InitializeSecurityContext(
     &connssl->cred->cred_handle, NULL, host_name,
@@ -407,8 +408,8 @@ schannel_connect_step2(struct connectdata *conn, int sockindex)
     if(!host_name)
       return CURLE_OUT_OF_MEMORY;
 
-    /* http://msdn.microsoft.com/en-us/library/windows/desktop/aa375924.aspx */
-
+    /* https://msdn.microsoft.com/en-us/library/windows/desktop/aa375924.aspx
+       */
     sspi_status = s_pSecFn->InitializeSecurityContext(
       &connssl->cred->cred_handle, &connssl->ctxt->ctxt_handle,
       host_name, connssl->req_flags, 0, 0, &inbuf_desc, 0, NULL,
@@ -759,7 +760,7 @@ schannel_send(struct connectdata *conn, int sockindex,
   /* copy data into output buffer */
   memcpy(outbuf[1].pvBuffer, buf, len);
 
-  /* http://msdn.microsoft.com/en-us/library/windows/desktop/aa375390.aspx */
+  /* https://msdn.microsoft.com/en-us/library/windows/desktop/aa375390.aspx */
   sspi_status = s_pSecFn->EncryptMessage(&connssl->ctxt->ctxt_handle, 0,
                                          &outbuf_desc, 0);
 
@@ -973,7 +974,8 @@ schannel_recv(struct connectdata *conn, int sockindex,
     InitSecBuffer(&inbuf[3], SECBUFFER_EMPTY, NULL, 0);
     InitSecBufferDesc(&inbuf_desc, inbuf, 4);
 
-    /* http://msdn.microsoft.com/en-us/library/windows/desktop/aa375348.aspx */
+    /* https://msdn.microsoft.com/en-us/library/windows/desktop/aa375348.aspx
+       */
     sspi_status = s_pSecFn->DecryptMessage(&connssl->ctxt->ctxt_handle,
                                            &inbuf_desc, 0, NULL);
 
@@ -1234,7 +1236,7 @@ void Curl_schannel_close(struct connectdata *conn, int sockindex)
 
 int Curl_schannel_shutdown(struct connectdata *conn, int sockindex)
 {
-  /* See http://msdn.microsoft.com/en-us/library/windows/desktop/aa380138.aspx
+  /* See https://msdn.microsoft.com/en-us/library/windows/desktop/aa380138.aspx
    * Shutting Down an Schannel Connection
    */
   struct SessionHandle *data = conn->data;
diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c
index bcc958a09..36465a7f6 100644
--- a/lib/vtls/vtls.c
+++ b/lib/vtls/vtls.c
@@ -41,7 +41,7 @@
    defines/macros #defined by the lib-specific header files.
 
    "SSL/TLS Strong Encryption: An Introduction"
-   http://httpd.apache.org/docs-2.0/ssl/ssl_intro.html
+   https://httpd.apache.org/docs/2.0/ssl/ssl_intro.html
 */
 
 #include "curl_setup.h"
diff --git a/lib/vtls/vtls.h b/lib/vtls/vtls.h
index c79b9e69d..b6c66bfa3 100644
--- a/lib/vtls/vtls.h
+++ b/lib/vtls/vtls.h
@@ -46,7 +46,7 @@
 #define SHA256_DIGEST_LENGTH 32 /* fixed size */
 #endif
 
-/* see http://tools.ietf.org/html/draft-ietf-tls-applayerprotoneg-04 */
+/* see https://tools.ietf.org/html/draft-ietf-tls-applayerprotoneg-04 */
 #define ALPN_HTTP_1_1_LENGTH 8
 #define ALPN_HTTP_1_1 "http/1.1"
 
diff --git a/projects/generate.bat b/projects/generate.bat
index 16826e02d..2f7da8244 100644
--- a/projects/generate.bat
+++ b/projects/generate.bat
@@ -25,7 +25,7 @@ rem NOTES
 rem
 rem Do not set %ERRORLEVEL% to anything. %ERRORLEVEL% is a special variable
 rem that only contains errorlevel when %ERRORLEVEL% is not set. Same for %CD%.
-rem http://blogs.msdn.com/b/oldnewthing/archive/2008/09/26/8965755.aspx
+rem https://blogs.msdn.microsoft.com/oldnewthing/20080926-00/?p=20743/
 rem If you need to set the errorlevel do this instead: CALL :seterr [#]
 
 :begin
diff --git a/tests/http_pipe.py b/tests/http_pipe.py
index bbc428c66..bc3217384 100755
--- a/tests/http_pipe.py
+++ b/tests/http_pipe.py
@@ -6,7 +6,7 @@
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
-#    http://www.apache.org/licenses/LICENSE-2.0
+#    https://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
diff --git a/tests/server/sockfilt.c b/tests/server/sockfilt.c
index b6e1caab6..2e30f62fd 100644
--- a/tests/server/sockfilt.c
+++ b/tests/server/sockfilt.c
@@ -509,8 +509,8 @@ static void lograw(unsigned char *buffer, ssize_t len)
  * other handle types supported by WaitForMultipleObjectsEx() as
  * well as disk files, anonymous and names pipes, and character input.
  *
- * http://msdn.microsoft.com/en-us/library/windows/desktop/ms687028.aspx
- * http://msdn.microsoft.com/en-us/library/windows/desktop/ms741572.aspx
+ * https://msdn.microsoft.com/en-us/library/windows/desktop/ms687028.aspx
+ * https://msdn.microsoft.com/en-us/library/windows/desktop/ms741572.aspx
  */
 struct select_ws_wait_data {
   HANDLE handle; /* actual handle to wait for during select */