Received: by 2002:a25:e74b:0:0:0:0:0 with SMTP id e72csp872006ybh;
        Mon, 13 Jul 2020 03:35:16 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJxRips+Gvy8QD2hAuXXjaHbhZCcXBOQ2gRnDFlFHsPncyZRSZbAKhxCfUQcmsylxXaTUNed
X-Received: by 2002:a17:906:270d:: with SMTP id z13mr65443548ejc.281.1594636515941;
        Mon, 13 Jul 2020 03:35:15 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1594636515; cv=none;
        d=google.com; s=arc-20160816;
        b=XDwQv6pi3G/6jwXzsLrMUKGHOi4r2I/qPfcKSSUNwaVfzdMz/mzgh9jdyvGK0nllUJ
         gy4dNOa+26UNDyrdsPeR8gklzjzG+XCLbDONaB0OVf4d+oaZC6mXa67hv6ygtHnN9YNi
         V+nOjJgKzrab0DLOoUWZBwqjYEuJ9CGpJWm0DxV2OQGmSgz7F9nlPsgzVSW8RVIaDeh2
         J4kriqfSAIjjqmNVVfU9A3c5DxnhuUnNhYV3ZgsBLMjKO3C59ZKN5napXedG6npWT4jR
         kC6FSuKArmY5FPqOsKb8+Lt1we05jVUUgZnGVISG8tEIOCTW9fAGKmPTjzSd8bscEjeB
         obNw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :message-id:date:subject:cc:to:from;
        bh=wQBZxJ5WeJmxnt64O/5pSOkm7UPVOVmlI8/f6+/fUYc=;
        b=NnqZJ2r4iLw3jsYcejTvYydQ+rfHazgXPJfp+jZBvMIE03VfL/i5X4fiLRImJrg/eU
         Z4dhHyPpHYt+5MjilJVbhaR4akD54EphX714VYxjaoDZ50gGf1doEqG3U6VgMsvWJKQy
         ramqu8ufvGNeHcAU/cxvLIOjkHeYitypABP1BFD8DPeJ04vg2Gn+RdBd992FCoafOw0m
         dg198ELjj9uuqdXMAsPmy4Fye0SEVg9VC/zRW9AtgZGVTAHw0XgA3tXCuxxvrR3E0yw7
         hwG64Kt5nghX+ad3tfQWtW0rpCveAV2UihtEIv2zIaevcoDI8unnF1u9vlj+Lq6hnJ5U
         0oSw==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id w18si8719506eds.406.2020.07.13.03.34.50;
        Mon, 13 Jul 2020 03:35:15 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1729252AbgGMKeh (ORCPT <rfc822;sbrunau@gmail.com> + 99 others);
        Mon, 13 Jul 2020 06:34:37 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48108 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1727035AbgGMKeh (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 13 Jul 2020 06:34:37 -0400
Received: from smtp.al2klimov.de (smtp.al2klimov.de [IPv6:2a01:4f8:c0c:1465::1])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 651BFC061755;
        Mon, 13 Jul 2020 03:34:37 -0700 (PDT)
Received: from authenticated-user (PRIMARY_HOSTNAME [PUBLIC_IP])
        by smtp.al2klimov.de (Postfix) with ESMTPA id 07976BC06E;
        Mon, 13 Jul 2020 10:34:34 +0000 (UTC)
From:   "Alexander A. Klimov" <grandmaster@al2klimov.de>
To:     serge@hallyn.com, linux-security-module@vger.kernel.org,
        linux-kernel@vger.kernel.org
Cc:     "Alexander A. Klimov" <grandmaster@al2klimov.de>
Subject: [PATCH] capabilities: Replace HTTP links with HTTPS ones
Date:   Mon, 13 Jul 2020 12:34:28 +0200
Message-Id: <20200713103428.33342-1-grandmaster@al2klimov.de>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spamd-Bar: +++++
X-Spam-Level: *****
Authentication-Results: smtp.al2klimov.de;
        auth=pass smtp.auth=aklimov@al2klimov.de smtp.mailfrom=grandmaster@al2klimov.de
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Rationale:
Reduces attack surface on kernel devs opening the links for MITM
as HTTPS traffic is much harder to manipulate.

Deterministic algorithm:
For each file:
  If not .svg:
    For each line:
      If doesn't contain `\bxmlns\b`:
        For each link, `\bhttp://[^# \t\r\n]*(?:\w|/)`:
	  If neither `\bgnu\.org/license`, nor `\bmozilla\.org/MPL\b`:
            If both the HTTP and HTTPS versions
            return 200 OK and serve the same content:
              Replace HTTP with HTTPS.

Signed-off-by: Alexander A. Klimov <grandmaster@al2klimov.de>
---
 Continuing my work started at 93431e0607e5.
 See also: git log --oneline '--author=Alexander A. Klimov <grandmaster@al2klimov.de>' v5.7..master
 (Actually letting a shell for loop submit all this stuff for me.)

 If there are any URLs to be removed completely or at least not just HTTPSified:
 Just clearly say so and I'll *undo my change*.
 See also: https://lkml.org/lkml/2020/6/27/64

 If there are any valid, but yet not changed URLs:
 See: https://lkml.org/lkml/2020/6/26/837

 If you apply the patch, please let me know.

 Sorry again to all maintainers who complained about subject lines.
 Now I realized that you want an actually perfect prefixes,
 not just subsystem ones.
 I tried my best...
 And yes, *I could* (at least half-)automate it.
 Impossible is nothing! :)


 kernel/capability.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/capability.c b/kernel/capability.c
index 1444f3954d75..a8a20ebc43ee 100644
--- a/kernel/capability.c
+++ b/kernel/capability.c
@@ -40,7 +40,7 @@ __setup("no_file_caps", file_caps_disable);
 /*
  * More recent versions of libcap are available from:
  *
- *   http://www.kernel.org/pub/linux/libs/security/linux-privs/
+ *   https://www.kernel.org/pub/linux/libs/security/linux-privs/
  */
 
 static void warn_legacy_capability_use(void)
-- 
2.27.0