From 2a0f262beff32ba86bcb58f3273214e5d0517c09 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Tue, 14 May 2024 21:16:24 +0200
Subject: Merging upstream version 16.3.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 doc/src/sgml/client-auth.sgml | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

(limited to 'doc/src/sgml/client-auth.sgml')

diff --git a/doc/src/sgml/client-auth.sgml b/doc/src/sgml/client-auth.sgml
index 740ae77..7db407e 100644
--- a/doc/src/sgml/client-auth.sgml
+++ b/doc/src/sgml/client-auth.sgml
@@ -662,7 +662,7 @@ include_dir         <replaceable>directory</replaceable>
        entire <literal>Distinguished Name (DN)</literal> of the certificate.
        This option is probably best used in conjunction with a username map.
        The comparison is done with the <literal>DN</literal> in
-       <ulink url="https://tools.ietf.org/html/rfc2253">RFC 2253</ulink>
+       <ulink url="https://datatracker.ietf.org/doc/html/rfc2253">RFC 2253</ulink>
        format. To see the <literal>DN</literal> of a client certificate
        in this format, do
 <programlisting>
@@ -943,8 +943,8 @@ local   db1,db2,@demodbs  all                                   md5
    external authentication system with the database user name that the
    user has requested to connect as. The value <literal>all</literal>
    can be used as the <replaceable>database-username</replaceable> to specify
-   that if the <replaceable>system-user</replaceable> matches, then this user
-   is allowed to log in as any of the existing database users. Quoting
+   that if the <replaceable>system-username</replaceable> matches, then this
+   user is allowed to log in as any of the existing database users. Quoting
    <literal>all</literal> makes the keyword lose its special meaning.
   </para>
   <para>
@@ -1089,7 +1089,7 @@ omicron         bryanh                  guest1
      <para>
       <link linkend="auth-ident">Ident authentication</link>, which
       relies on an <quote>Identification Protocol</quote>
-      (<ulink url="https://tools.ietf.org/html/rfc1413">RFC 1413</ulink>)
+      (<ulink url="https://datatracker.ietf.org/doc/html/rfc1413">RFC 1413</ulink>)
       service on the client's machine.  (On local Unix-socket connections,
       this is treated as peer authentication.)
      </para>
@@ -1228,7 +1228,7 @@ omicron         bryanh                  guest1
       <para>
        The method <literal>scram-sha-256</literal> performs SCRAM-SHA-256
        authentication, as described in
-       <ulink url="https://tools.ietf.org/html/rfc7677">RFC 7677</ulink>.  It
+       <ulink url="https://datatracker.ietf.org/doc/html/rfc7677">RFC 7677</ulink>.  It
        is a challenge-response scheme that prevents password sniffing on
        untrusted connections and supports storing passwords on the server in a
        cryptographically hashed form that is thought to be secure.
@@ -1340,7 +1340,7 @@ omicron         bryanh                  guest1
    <para>
     <productname>GSSAPI</productname> is an industry-standard protocol
     for secure authentication defined in
-    <ulink url="https://tools.ietf.org/html/rfc2743">RFC 2743</ulink>.
+    <ulink url="https://datatracker.ietf.org/doc/html/rfc2743">RFC 2743</ulink>.
     <productname>PostgreSQL</productname>
     supports <productname>GSSAPI</productname> for authentication,
     communications encryption, or both.
@@ -1655,7 +1655,7 @@ omicron         bryanh                  guest1
 
    <para>
     The <quote>Identification Protocol</quote> is described in
-    <ulink url="https://tools.ietf.org/html/rfc1413">RFC 1413</ulink>.
+    <ulink url="https://datatracker.ietf.org/doc/html/rfc1413">RFC 1413</ulink>.
     Virtually every Unix-like
     operating system ships with an ident server that listens on TCP
     port 113 by default. The basic functionality of an ident server
@@ -1824,7 +1824,7 @@ omicron         bryanh                  guest1
        <para>
         Set to 1 to make the connection between PostgreSQL and the LDAP server
         use TLS encryption.  This uses the <literal>StartTLS</literal>
-        operation per <ulink url="https://tools.ietf.org/html/rfc4513">RFC 4513</ulink>.
+        operation per <ulink url="https://datatracker.ietf.org/doc/html/rfc4513">RFC 4513</ulink>.
         See also the <literal>ldapscheme</literal> option for an alternative.
        </para>
       </listitem>
@@ -1919,7 +1919,7 @@ omicron         bryanh                  guest1
        <term><literal>ldapurl</literal></term>
        <listitem>
         <para>
-         An <ulink url="https://tools.ietf.org/html/rfc4516">RFC 4516</ulink>
+         An <ulink url="https://datatracker.ietf.org/doc/html/rfc4516">RFC 4516</ulink>
          LDAP URL.  This is an alternative way to write some of the
          other LDAP options in a more compact and standard form.  The format is
 <synopsis>
@@ -1982,7 +1982,7 @@ ldap[s]://<replaceable>host</replaceable>[:<replaceable>port</replaceable>]/<rep
      <productname>OpenLDAP</productname> as the LDAP client library, the
      <literal>ldapserver</literal> setting may be omitted.  In that case, a
      list of host names and ports is looked up via
-     <ulink url="https://tools.ietf.org/html/rfc2782">RFC 2782</ulink> DNS SRV records.
+     <ulink url="https://datatracker.ietf.org/doc/html/rfc2782">RFC 2782</ulink> DNS SRV records.
      The name <literal>_ldap._tcp.DOMAIN</literal> is looked up, where
      <literal>DOMAIN</literal> is extracted from <literal>ldapbasedn</literal>.
    </para>
-- 
cgit v1.2.3