Standardise RFC URLs in docs and comments.

(Plus one internet-draft URL.)

crypto/ecc-ssh.c

@@ -6,7 +6,7 @@
  * References:
  *
  * Elliptic curves in SSH are specified in RFC 5656:
- *   http://tools.ietf.org/html/rfc5656
+ *   https://www.rfc-editor.org/rfc/rfc5656
  *
  * That specification delegates details of public key formatting and a
  * lot of underlying mechanism to SEC 1:

doc/authplugin.but

@@ -500,14 +500,14 @@ cases) after \cw{PLUGIN_PROTOCOL_ACCEPT}
 
 \H{authplugin-refs} References
 
-\B{authplugin-ref-arch} \W{https://datatracker.ietf.org/doc/html/rfc4251}{RFC 4251}, \q{The Secure Shell (SSH) Protocol
+\B{authplugin-ref-arch} \W{https://www.rfc-editor.org/rfc/rfc4251}{RFC 4251}, \q{The Secure Shell (SSH) Protocol
 Architecture}.
 
-\B{authplugin-ref-userauth} \W{https://datatracker.ietf.org/doc/html/rfc4252}{RFC
+\B{authplugin-ref-userauth} \W{https://www.rfc-editor.org/rfc/rfc4252}{RFC
 4252}, \q{The Secure Shell (SSH) Authentication Protocol}.
 
 \B{authplugin-ref-ki}
-\W{https://datatracker.ietf.org/doc/html/rfc4256}{RFC 4256},
+\W{https://www.rfc-editor.org/rfc/rfc4256}{RFC 4256},
 \q{Generic Message Exchange Authentication for the Secure Shell
 Protocol (SSH)} (better known by its wire id
 \q{keyboard-interactive}).

doc/config.but

@@ -1950,7 +1950,7 @@ connection.
 
 \b Selecting \I{HTTP proxy}\q{HTTP CONNECT} allows you to proxy your
 connections through a web server supporting the HTTP \cw{CONNECT} command,
-as documented in \W{http://www.ietf.org/rfc/rfc2817.txt}{RFC 2817}.
+as documented in \W{https://www.rfc-editor.org/rfc/rfc2817}{RFC 2817}.
 
 \b Selecting \q{SOCKS 4} or \q{SOCKS 5} allows you to proxy your
 connections through a \i{SOCKS server}.

doc/pubkeyfmt.but

@@ -7,7 +7,7 @@ In this appendix, binary data structures are described using data type
 representations such as \cq{uint32}, \cq{string} and \cq{mpint} as
 used in the SSH protocol standards themselves. These are defined
 authoritatively by
-\W{https://tools.ietf.org/html/rfc4251#section-5}{RFC 4251 section 5},
+\W{https://www.rfc-editor.org/rfc/rfc4251#section-5}{RFC 4251 section 5},
 \q{Data Type Representations Used in the SSH Protocols}.
 
 \H{ppk-overview} Overview
@@ -86,7 +86,7 @@ can contain any byte values other than 13 and 10 (CR and LF).
 
 The next part of the file gives the public key. This is stored
 unencrypted but base64-encoded
-(\W{https://tools.ietf.org/html/rfc4648}{RFC 4648}), and is preceded
+(\W{https://www.rfc-editor.org/rfc/rfc4648}{RFC 4648}), and is preceded
 by a header line saying how many lines of base64 data are shown,
 looking like this:
 

doc/sshnames.but

@@ -70,7 +70,7 @@ They have been superseded by \cw{arcfour128} and \cw{arcfour256}.
 
 The SSH agent protocol, which is only specified in an Internet-Draft
 at the time of writing
-(\W{https://tools.ietf.org/html/draft-miller-ssh-agent}\cw{draft-miller-ssh-agent}),
+(\W{https://datatracker.ietf.org/doc/html/draft-miller-ssh-agent}\cw{draft-miller-ssh-agent}),
 defines an extension mechanism. These names can be sent in an
 \cw{SSH_AGENTC_EXTENSION} message.
 

ssh/kex2-client.c

@@ -721,7 +721,7 @@ void ssh2kex_coroutine(struct ssh2_transport_state *s, bool *aborted)
          * If this the first KEX, save the GSS context for "gssapi-keyex"
          * authentication.
          *
-         * http://tools.ietf.org/html/rfc4462#section-4
+         * https://www.rfc-editor.org/rfc/rfc4462#section-4
          *
          * This method may be used only if the initial key exchange was
          * performed using a GSS-API-based key exchange method defined in