Linux-Block Archive on lore.kernel.org
 help / color / Atom feed
* [PATCH] Replace HTTP links with HTTPS ones: DRBD driver
@ 2020-06-27 10:31 Alexander A. Klimov
  2020-07-05 20:22 ` Jonathan Corbet
  0 siblings, 1 reply; 2+ messages in thread
From: Alexander A. Klimov @ 2020-06-27 10:31 UTC (permalink / raw)
  To: philipp.reisner, lars.ellenberg, corbet, axboe, mchehab+samsung,
	drbd-dev, linux-doc, linux-kernel, linux-block
  Cc: Alexander A. Klimov

Rationale:
Reduces attack surface on kernel devs opening the links for MITM
as HTTPS traffic is much harder to manipulate.

Deterministic algorithm:
For each file:
  If not .svg:
    For each line:
      If doesn't contain `\bxmlns\b`:
        For each link, `\bhttp://[^# \t\r\n]*(?:\w|/)`:
          If both the HTTP and HTTPS versions
          return 200 OK and serve the same content:
            Replace HTTP with HTTPS.

Signed-off-by: Alexander A. Klimov <grandmaster@al2klimov.de>
---
 If there are any URLs to be removed completely or at least not HTTPSified:
 Just clearly say so and I'll *undo my change*.
 See also https://lkml.org/lkml/2020/6/27/64

 If there are any valid, but yet not changed URLs:
 See https://lkml.org/lkml/2020/6/26/837

 Documentation/admin-guide/blockdev/drbd/index.rst | 2 +-
 Documentation/admin-guide/blockdev/floppy.rst     | 6 +++---
 drivers/block/drbd/Kconfig                        | 2 +-
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/Documentation/admin-guide/blockdev/drbd/index.rst b/Documentation/admin-guide/blockdev/drbd/index.rst
index 68ecd5c113e9..561fd1e35917 100644
--- a/Documentation/admin-guide/blockdev/drbd/index.rst
+++ b/Documentation/admin-guide/blockdev/drbd/index.rst
@@ -10,7 +10,7 @@ Description
   clusters and in this context, is a "drop-in" replacement for shared
   storage. Simplistically, you could see it as a network RAID 1.
 
-  Please visit http://www.drbd.org to find out more.
+  Please visit https://www.drbd.org to find out more.
 
 .. toctree::
    :maxdepth: 1
diff --git a/Documentation/admin-guide/blockdev/floppy.rst b/Documentation/admin-guide/blockdev/floppy.rst
index 4a8f31cf4139..0328438ebe2c 100644
--- a/Documentation/admin-guide/blockdev/floppy.rst
+++ b/Documentation/admin-guide/blockdev/floppy.rst
@@ -6,7 +6,7 @@ FAQ list:
 =========
 
 A FAQ list may be found in the fdutils package (see below), and also
-at <http://fdutils.linux.lu/faq.html>.
+at <https://fdutils.linux.lu/faq.html>.
 
 
 LILO configuration options (Thinkpad users, read this)
@@ -220,11 +220,11 @@ It also contains additional documentation about the floppy driver.
 
 The latest version can be found at fdutils homepage:
 
- http://fdutils.linux.lu
+ https://fdutils.linux.lu
 
 The fdutils releases can be found at:
 
- http://fdutils.linux.lu/download.html
+ https://fdutils.linux.lu/download.html
 
  http://www.tux.org/pub/knaff/fdutils/
 
diff --git a/drivers/block/drbd/Kconfig b/drivers/block/drbd/Kconfig
index 52d885cdccb5..cbacddc55a1d 100644
--- a/drivers/block/drbd/Kconfig
+++ b/drivers/block/drbd/Kconfig
@@ -35,7 +35,7 @@ config BLK_DEV_DRBD
 	  cache coherency.
 
 	  For automatic failover you need a cluster manager (e.g. heartbeat).
-	  See also: http://www.drbd.org/, http://www.linux-ha.org
+	  See also: https://www.drbd.org/, http://www.linux-ha.org
 
 	  If unsure, say N.
 
-- 
2.27.0


^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: [PATCH] Replace HTTP links with HTTPS ones: DRBD driver
  2020-06-27 10:31 [PATCH] Replace HTTP links with HTTPS ones: DRBD driver Alexander A. Klimov
@ 2020-07-05 20:22 ` Jonathan Corbet
  0 siblings, 0 replies; 2+ messages in thread
From: Jonathan Corbet @ 2020-07-05 20:22 UTC (permalink / raw)
  To: Alexander A. Klimov
  Cc: philipp.reisner, lars.ellenberg, axboe, mchehab+samsung,
	drbd-dev, linux-doc, linux-kernel, linux-block

On Sat, 27 Jun 2020 12:31:11 +0200
"Alexander A. Klimov" <grandmaster@al2klimov.de> wrote:

> Rationale:
> Reduces attack surface on kernel devs opening the links for MITM
> as HTTPS traffic is much harder to manipulate.
> 
> Deterministic algorithm:
> For each file:
>   If not .svg:
>     For each line:
>       If doesn't contain `\bxmlns\b`:
>         For each link, `\bhttp://[^# \t\r\n]*(?:\w|/)`:
>           If both the HTTP and HTTPS versions
>           return 200 OK and serve the same content:
>             Replace HTTP with HTTPS.
> 
> Signed-off-by: Alexander A. Klimov <grandmaster@al2klimov.de>

So I've applied this but...
> ---
>  If there are any URLs to be removed completely or at least not HTTPSified:
>  Just clearly say so and I'll *undo my change*.
>  See also https://lkml.org/lkml/2020/6/27/64
> 
>  If there are any valid, but yet not changed URLs:
>  See https://lkml.org/lkml/2020/6/26/837
> 
>  Documentation/admin-guide/blockdev/drbd/index.rst | 2 +-
>  Documentation/admin-guide/blockdev/floppy.rst     | 6 +++---
>  drivers/block/drbd/Kconfig                        | 2 +-
>  3 files changed, 5 insertions(+), 5 deletions(-)
> 
> diff --git a/Documentation/admin-guide/blockdev/drbd/index.rst b/Documentation/admin-guide/blockdev/drbd/index.rst
> index 68ecd5c113e9..561fd1e35917 100644
> --- a/Documentation/admin-guide/blockdev/drbd/index.rst
> +++ b/Documentation/admin-guide/blockdev/drbd/index.rst
> @@ -10,7 +10,7 @@ Description
>    clusters and in this context, is a "drop-in" replacement for shared
>    storage. Simplistically, you could see it as a network RAID 1.
>  
> -  Please visit http://www.drbd.org to find out more.
> +  Please visit https://www.drbd.org to find out more.

This link redirects to a somewhat commercial page and may not be what was
intended back then.

>  
>  .. toctree::
>     :maxdepth: 1
> diff --git a/Documentation/admin-guide/blockdev/floppy.rst b/Documentation/admin-guide/blockdev/floppy.rst
> index 4a8f31cf4139..0328438ebe2c 100644
> --- a/Documentation/admin-guide/blockdev/floppy.rst
> +++ b/Documentation/admin-guide/blockdev/floppy.rst
> @@ -6,7 +6,7 @@ FAQ list:
>  =========
>  
>  A FAQ list may be found in the fdutils package (see below), and also
> -at <http://fdutils.linux.lu/faq.html>.
> +at <https://fdutils.linux.lu/faq.html>.

This page hasn't been updated in 15 years, and may be of limited utility.
The document itself talks about LILO on a 2.6.9 kernel, PS/2 floppies, and
other such bleeding-edge things.  It sure needs more help than this.

>  
>  
>  LILO configuration options (Thinkpad users, read this)
> @@ -220,11 +220,11 @@ It also contains additional documentation about the floppy driver.
>  
>  The latest version can be found at fdutils homepage:
>  
> - http://fdutils.linux.lu
> + https://fdutils.linux.lu
>  
>  The fdutils releases can be found at:
>  
> - http://fdutils.linux.lu/download.html
> + https://fdutils.linux.lu/download.html
>  
>   http://www.tux.org/pub/knaff/fdutils/

That link is completely dead and should just come out.

But at least we have some HTTPS links.  

jon

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, back to index

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-06-27 10:31 [PATCH] Replace HTTP links with HTTPS ones: DRBD driver Alexander A. Klimov
2020-07-05 20:22 ` Jonathan Corbet

Linux-Block Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-block/0 linux-block/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-block linux-block/ https://lore.kernel.org/linux-block \
		linux-block@vger.kernel.org
	public-inbox-index linux-block

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-block


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git