Prefer HTTPS to HTTP in URLs

This mostly updates NEWS and license links.  All links have been
manually tested and confirmed working.

Signed-off-by: Stefan Kangas <stefankangas@gmail.com>

29 files changed, 67 insertions, 67 deletions

diff --git a/NEWS b/NEWS
index a45cbc89e8..7c14b00806 100644
--- a/NEWS
+++ b/NEWS
@@ -2967,7 +2967,7 @@ certificate status extension in verification.
 functions.
 
 ** libgnutls: Fixed the receipt of session tickets during session resumption.
-Reported by danblack at http://savannah.gnu.org/support/?108146
+Reported by danblack at https://savannah.gnu.org/support/?108146
 
 ** libgnutls: Added functions to export structures in an allocated buffer.
 
@@ -3486,7 +3486,7 @@ generate OCSP requests and to verify OCSP responses.  See the manual
 for more information.  Run ./configure with --disable-ocsp to build
 GnuTLS without OCSP support.
 
-This work was sponsored by Smoothwall <http://smoothwall.net/>.
+This work was sponsored by Smoothwall <https://smoothwall.net/>.
 
 ** ocsptool: Added new command line tool.
 The tool can parse OCSP request/responses, generate OCSP requests and
@@ -3772,7 +3772,7 @@ Reported by J. Cameijo Cerdeira.
 
 ** libgnutls: Allow CA importing of 0 certificates to succeed.
 Reported by Jonathan Nieder <jrnieder@gmail.com> in
-<http://bugs.debian.org/640639>.
+<https://bugs.debian.org/640639>.
 
 ** libgnutls: Added support for VIA padlock AES optimizations.
 (disabled by default)
@@ -3930,7 +3930,7 @@ list of certificates in the trusted list that will be associated
 with a name (e.g. server name) and will not be used as CAs.
 
 ** libgnutls: PKCS #11 back-end rewritten to use p11-kit
-http://p11-glue.freedesktop.org/p11-kit.html. Rewrite by
+https://p11-glue.freedesktop.org/p11-kit.html. Rewrite by
 Stef Walter.
 
 ** libgnutls: Added ECDHE-PSK ciphersuites for TLS (RFC 5489).
@@ -3966,7 +3966,7 @@ enabled by default. Requires priority strings:
 +ANON-ECDHE: to add anonymous ECDH
 
 ** libgnutls: PKCS #11 URLs conform to the latest draft
-being http://tools.ietf.org/html/draft-pechanec-pkcs11uri-04.
+being https://tools.ietf.org/html/draft-pechanec-pkcs11uri-04.
 
 ** certtool: Can now load private keys and public keys from PKCS #11 tokens
 via URLs.
@@ -4636,8 +4636,8 @@ GNUTLS_OID_X520_POSTALCODE and GNUTLS_OID_X520_NAME.
 
 ** libgnutls: Added Steve Dispensa's patch for safe renegotiation (RFC 5746)
 Solves the issue discussed in:
-<http://www.ietf.org/mail-archive/web/tls/current/msg03928.html> and
-<http://www.ietf.org/mail-archive/web/tls/current/msg03948.html>.
+<https://www.ietf.org/mail-archive/web/tls/current/msg03928.html> and
+<https://www.ietf.org/mail-archive/web/tls/current/msg03948.html>.
 Note that to allow connecting to unpatched servers the full protection
 is only enabled if the priority string %SAFE_RENEGOTIATION is
 specified. You can check whether protection is in place by querying
@@ -4928,7 +4928,7 @@ Before we required that the runtime library used the same (or more
 recent) libgcrypt/libtasn1 as it was compiled with.  Now we just check
 that the runtime usage is above the minimum required.  Reported by
 Marco d'Itri <md@linux.it> via Andreas Metzler
-<ametzler@downhill.at.eu.org> in <http://bugs.debian.org/540449>.
+<ametzler@downhill.at.eu.org> in <https://bugs.debian.org/540449>.
 
 ** tests: Added new self-test pkcs12_s2k_pem to detect MPI bit length error.
 
@@ -4945,7 +4945,7 @@ No changes since last version.
 
 ** libgnutls: Fix crash in gnutls_global_init after earlier init/deinit cycle.
 Forwarded by Martin von Gagern <Martin.vGagern@gmx.net> from
-<http://bugs.gentoo.org/272388>.
+<https://bugs.gentoo.org/272388>.
 
 ** tests: Added new self-tests init_roundtrip.c to detect previous problem.
 
@@ -5106,7 +5106,7 @@ Before we required that the runtime library used the same (or more
 recent) libgcrypt/libtasn1 as it was compiled with.  Now we just check
 that the runtime usage is above the minimum required.  Reported by
 Marco d'Itri <md@linux.it> via Andreas Metzler
-<ametzler@downhill.at.eu.org> in <http://bugs.debian.org/540449>.
+<ametzler@downhill.at.eu.org> in <https://bugs.debian.org/540449>.
 
 ** minitasn1: Internal copy updated to libtasn1 v2.3.
 
@@ -5119,7 +5119,7 @@ No changes since last version.
 
 ** libgnutls: Fix crash in gnutls_global_init after earlier init/deinit cycle.
 Forwarded by Martin von Gagern <Martin.vGagern@gmx.net> from
-<http://bugs.gentoo.org/272388>.
+<https://bugs.gentoo.org/272388>.
 
 ** libgnutls: Fix PKCS#12 decryption from password.
 The encryption key derived from the password was incorrect for (on
@@ -5616,7 +5616,7 @@ gnutls_x509_crq_get_key_id: ADDED.
 
 ** libgnutls: Fix chain verification for chains that ends with RSA-MD2 CAs.
 Reported by Michael Kiefer <Michael-Kiefer@web.de> in
-<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507633> forwarded by
+<https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507633> forwarded by
 Andreas Metzler <ametzler@downhill.at.eu.org> in
 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3309>.
 
@@ -5892,7 +5892,7 @@ No changes since last version.
 
 ** libgnutls: Fix chain verification for chains that ends with RSA-MD2 CAs.
 Reported by Michael Kiefer <Michael-Kiefer@web.de> in
-<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507633> forwarded by
+<https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507633> forwarded by
 Andreas Metzler <ametzler@downhill.at.eu.org> in
 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3309>.
 
@@ -5916,7 +5916,7 @@ No changes since last version.
 The patch to fix the security problem GNUTLS-SA-2008-3 introduced a
 problem for certificate chains that contained just one self-signed
 certificate.  Reported by Michael Meskes <meskes@debian.org> in
-<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505279>.
+<https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505279>.
 
 ** API and ABI modifications:
 No changes since last version.
@@ -6330,7 +6330,7 @@ Gillmor <dkg@fifthhorseman.net>.
 
 ** libgnutls: Fix chain verification for chains that ends with RSA-MD2 CAs.
 Reported by Michael Kiefer <Michael-Kiefer@web.de> in
-<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507633> forwarded by
+<https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507633> forwarded by
 Andreas Metzler <ametzler@downhill.at.eu.org> in
 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3309>.
 
@@ -6338,7 +6338,7 @@ Andreas Metzler <ametzler@downhill.at.eu.org> in
 The patch to fix the security problem GNUTLS-SA-2008-3 introduced a
 problem for certificate chains that contained just one self-signed
 certificate.  Reported by Michael Meskes <meskes@debian.org> in
-<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505279>.
+<https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505279>.
 
 ** libgnutls: Fix X.509 certificate chain validation error. [GNUTLS-SA-2008-3]
 The flaw makes it possible for man in the middle attackers (i.e.,
@@ -6720,7 +6720,7 @@ cause gnutls to read memory beyond the end of the received record.
 
 ** libgnutlsxx: Updated API according to patches from Eduardo
 Villanueva Che (discussion at
-<http://lists.gnu.org/archive/html/gnutls-devel/2007-02/msg00017.html>)
+<https://lists.gnu.org/archive/html/gnutls-devel/2007-02/msg00017.html>)
 
 ** Use umask to restrict permissions to owner before creating a file.
 
@@ -6743,12 +6743,12 @@ Also improve manual to give example for gnutls-cli PSK authentication.
 Before './certtool -k -8' would merely ask for a password once.
 Reported by Daniel 'NebuchadnezzaR' Dehennin
 <nebuchadnezzar@asgardr.info> see
-<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=364287>.
+<https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=364287>.
 
 ** certtool: When writing private keys to files, change permissions of file.
 Now the file which the private key is saved to is chmod'ed 0600.
 Reported by martin f krafft <madduck@debian.org> see
-<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=373169>.
+<https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=373169>.
 
 ** guile: Fix -fgnu89-inline test.
 
@@ -6809,7 +6809,7 @@ GNUTLS_E_HANDSHAKE_TOO_LARGE: ADDED.
 
 ** gnutls-cli: Fix crash on TLS handshake failures.
 Reported by "Marc F. Clemente" <marc@mclemente.net> in Debian BTS #466477.
-This is similar to <http://bugs.debian.org/429183>.
+This is similar to <https://bugs.debian.org/429183>.
 
 ** certtool: with --generate-request and newly generated keys, print the key.
 
@@ -6877,7 +6877,7 @@ Thanks to Daniel Kahn Gillmor.
 
 ** Fix fopen file descriptor leak in PSK server code.
 Thanks to Laurence Withers <l@lwithers.me.uk>, see
-<http://lists.gnu.org/archive/html/gnutls-devel/2008-04/msg00002.html>.
+<https://lists.gnu.org/archive/html/gnutls-devel/2008-04/msg00002.html>.
 
 ** Translations files not stored directly in git to avoid merge conflicts.
 
@@ -6937,7 +6937,7 @@ from O(2*n^2) to O(n).  When adding 206 files containing 408
 certificates, using gnutls_certificate_set_x509_trust_file, the time
 dropped from 40 seconds to 0.3 seconds.  Thanks to Edgar Fuß for code
 to trigger the problem.  See also
-<http://blog.josefsson.org/2008/02/27/real-world-performance-tuning-with-callgrind/>.
+<https://blog.josefsson.org/2008/02/27/real-world-performance-tuning-with-callgrind/>.
 
 ** Clarify documentation for gnutls_x509_crt_set_subject_alternative_name
 ** to be explicit that it takes zero terminated data.
@@ -6967,7 +6967,7 @@ gnutls_hex2bin: MODIFIED, uses size_t instead of int for string length,
 ** Added gnutls_x509_dn_export(). Patch by Joe Orton.
 
 ** Renamed gnutls_certificate_export_x509_cas and friends.
-See <http://lists.gnu.org/archive/html/gnutls-devel/2008-02/msg00043.html>.
+See <https://lists.gnu.org/archive/html/gnutls-devel/2008-02/msg00043.html>.
 
 ** Internal header files cleanup.
 
@@ -7150,7 +7150,7 @@ Reported by Tim Mooney, see
 
 ** Fix fopen file descriptor leak in PSK server code.
 Thanks to Laurence Withers <l@lwithers.me.uk>, see
-<http://lists.gnu.org/archive/html/gnutls-devel/2008-04/msg00002.html>.
+<https://lists.gnu.org/archive/html/gnutls-devel/2008-04/msg00002.html>.
 
 ** Build Guile code with -fgnu89-inline only when supported.
 Reported by Kris Karas <ktk@enterprise.bidmc.harvard.edu> in
@@ -7185,7 +7185,7 @@ No changes since last version.
 
 ** Prevent linking libextra against previously installed libgnutls.
 Tiny patch from "Alon Bar-Lev" <alon.barlev@gmail.com>, see
-<http://bugs.gentoo.org/show_bug.cgi?id=202269>.
+<https://bugs.gentoo.org/show_bug.cgi?id=202269>.
 
 ** Fixes the post_client_hello_function(). The extensions are now parsed
 in a callback friendly way.
@@ -7695,7 +7695,7 @@ No changes since last version.
 
 ** Fix gnutls_error_is_fatal so that positive "errors" are non-critical.
 This solves connection problems in mutt, see
-<http://bugs.debian.org/439640>.
+<https://bugs.debian.org/439640>.
 
 ** Update gnulib files.
 In particular, the getpass module -- with its dependencies on getline,
@@ -7841,7 +7841,7 @@ Patch from Ludovic Courtès <ludovic.courtes@laas.fr>.
 ** Fix crash in gnutls-cli when TLS handshake fails.
 Reported by Marc Haber <mh+debian-bugs@zugschlus.de> and Andreas
 Metzler <ametzler@downhill.at.eu.org> via Debian BTS #429183, see
-<http://bugs.debian.org/429183>.
+<https://bugs.debian.org/429183>.
 
 ** Minor OpenPGP fixes in stream_to_datum.
 Patch from Timo Schulz <twoaday@freakmail.de> and Ludovic Courtès
@@ -7880,16 +7880,16 @@ new chapter 'Guile Bindings' in the manual.
 
 ** Have PKCS8 parser return better error codes.
 Reported by Nate Nielsen <nielsen-list@memberwebs.com>, see
-<http://lists.gnupg.org/pipermail/gnutls-dev/2007-May/001653.html> and
-<http://lists.gnupg.org/pipermail/gnutls-dev/2007-May/001654.html>.
+<https://lists.gnupg.org/pipermail/gnutls-dev/2007-May/001653.html> and
+<https://lists.gnupg.org/pipermail/gnutls-dev/2007-May/001654.html>.
 
 ** Fix mem leak for sessions with client authentication via certificates.
 Reported by Andrew W. Nosenko <andrew.w.nosenko@gmail.com>, see
-<http://lists.gnupg.org/pipermail/gnutls-dev/2007-April/001539.html>.
+<https://lists.gnupg.org/pipermail/gnutls-dev/2007-April/001539.html>.
 
 ** Fix mem leaks.
 Reported by Dennis Vshivkov <walrus@amur.ru>, see
-<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=333050>.  Added
+<https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=333050>.  Added
 self-test tests/parse_ca.c to test regressions.
 
 ** Fix build failures related to missing images in manual.
@@ -8329,16 +8329,16 @@ Reported by "Michael C. Vergallen" <mvergall@telenet.be>.
 ** New API functions to extract DER encoded X.509 Subject/Issuer DN.
 Suggested by Nate Nielsen <nielsen-list@memberwebs.com>.  Backported
 from the 1.7.x branch, see
-<http://lists.gnu.org/archive/html/help-gnutls/2007-05/msg00029.html>.
+<https://lists.gnu.org/archive/html/help-gnutls/2007-05/msg00029.html>.
 
 ** Have PKCS8 parser return better error codes.
 Reported by Nate Nielsen <nielsen-list@memberwebs.com>, see
-<http://lists.gnupg.org/pipermail/gnutls-dev/2007-May/001653.html> and
-<http://lists.gnupg.org/pipermail/gnutls-dev/2007-May/001654.html>.
+<https://lists.gnupg.org/pipermail/gnutls-dev/2007-May/001653.html> and
+<https://lists.gnupg.org/pipermail/gnutls-dev/2007-May/001654.html>.
 
 ** Fix mem leak for sessions with client authentication via certificates.
 Reported by Andrew W. Nosenko <andrew.w.nosenko@gmail.com>, see
-<http://lists.gnupg.org/pipermail/gnutls-dev/2007-April/001539.html>.
+<https://lists.gnupg.org/pipermail/gnutls-dev/2007-April/001539.html>.
 
 ** Fix building of 'tlsia' self test.
 Earlier some gcc are known to build tlsia linking to
@@ -8492,7 +8492,7 @@ gnutls_transport_set_global_errno: ADD
 Note that we already, since GnuTLS 1.2.9, reject RSA-MD5 signatures
 when verifying X.509 chains.  The code is in tests/rsa-md5-collision/
 and is based on the work by Marc Stevens et al, see
-<http://www.win.tue.nl/hashclash/TargetCollidingCertificates/>.
+<https://www.win.tue.nl/hashclash/TargetCollidingCertificates/>.
 
 ** Re-factor self tests.
 
@@ -8548,7 +8548,7 @@ used to alter the numeric properties of the signature.  See
 not exactly the same as the problem we fix here).  Reported by Yutaka
 OIWA <y.oiwa@aist.go.jp>.
 
-See GNUTLS-SA-2006-4 on http://www.gnutls.org/security.html for more
+See GNUTLS-SA-2006-4 on https://www.gnutls.org/security.html for more
 up to date information.
 
 ** Add self test to test for above flaw.
@@ -8658,14 +8658,14 @@ alter the numeric properties of the signature.  See
 not exactly the same as the problem we fix here).  Reported by Yutaka
 OIWA <y.oiwa@aist.go.jp>.
 
-See GNUTLS-SA-2006-4 on http://www.gnutls.org/security.html for more
+See GNUTLS-SA-2006-4 on https://www.gnutls.org/security.html for more
 up to date information.
 
 ** Fix PKCS#1 decryption to avoid Bleichenbacher's Crypto 98 attack.
 See <http://www.bell-labs.com/user/bleichen/papers/pkcs.ps.gz>.
 Reported by Werner Koch <wk@gnupg.org>.
 
-See GNUTLS-SA-2006-3 on http://www.gnutls.org/security.html for more
+See GNUTLS-SA-2006-3 on https://www.gnutls.org/security.html for more
 up to date information.
 
 ** Fix crash in gnutls_x509_crt_sign2 if passed a NULL issuer_key.
diff --git a/lib/accelerated/afalg.c b/lib/accelerated/afalg.c
index 0249251432..cf7be75b9c 100644
--- a/lib/accelerated/afalg.c
+++ b/lib/accelerated/afalg.c
@@ -14,7 +14,7 @@
  * Lesser General Public License for more details.
  *
  * You should have received a copy of the GNU Lesser General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
  */
 
 #include "config.h"
diff --git a/lib/auth/vko_gost.c b/lib/auth/vko_gost.c
index 76542025a1..e05e2288b5 100644
--- a/lib/auth/vko_gost.c
+++ b/lib/auth/vko_gost.c
@@ -15,7 +15,7 @@
  * Lesser General Public License for more details.
  *
  * You should have received a copy of the GNU Lesser General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
  *
  */
 
diff --git a/lib/compress.h b/lib/compress.h
index 3221f7d67a..8199804215 100644
--- a/lib/compress.h
+++ b/lib/compress.h
@@ -16,7 +16,7 @@
  * Lesser General Public License for more details.
  *
  * You should have received a copy of the GNU Lesser General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
  *
  */
 
diff --git a/lib/nettle/gost/acpkm.c b/lib/nettle/gost/acpkm.c
index 8b05c7a75f..9a04a155df 100644
--- a/lib/nettle/gost/acpkm.c
+++ b/lib/nettle/gost/acpkm.c
@@ -28,7 +28,7 @@
 
    You should have received copies of the GNU General Public License and
    the GNU Lesser General Public License along with this program.  If
-   not, see http://www.gnu.org/licenses/.
+   not, see https://www.gnu.org/licenses/.
 */
 
 #if HAVE_CONFIG_H
diff --git a/lib/nettle/gost/acpkm.h b/lib/nettle/gost/acpkm.h
index 5ece09f799..6bf05ebc71 100644
--- a/lib/nettle/gost/acpkm.h
+++ b/lib/nettle/gost/acpkm.h
@@ -28,7 +28,7 @@
 
    You should have received copies of the GNU General Public License and
    the GNU Lesser General Public License along with this program.  If
-   not, see http://www.gnu.org/licenses/.
+   not, see https://www.gnu.org/licenses/.
 */
 
 #ifndef NETTLE_ACPKM_H_INCLUDED
diff --git a/lib/nettle/gost/cmac.h b/lib/nettle/gost/cmac.h
index 48f3b409e5..c792770f89 100644
--- a/lib/nettle/gost/cmac.h
+++ b/lib/nettle/gost/cmac.h
@@ -30,7 +30,7 @@
 
    You should have received copies of the GNU General Public License and
    the GNU Lesser General Public License along with this program.  If
-   not, see http://www.gnu.org/licenses/.
+   not, see https://www.gnu.org/licenses/.
 */
 
 #ifndef GOST_CMAC_H_INCLUDED
diff --git a/lib/nettle/gost/gost-point-mul-g.c b/lib/nettle/gost/gost-point-mul-g.c
index fd6c92dbd2..fb551c01ab 100644
--- a/lib/nettle/gost/gost-point-mul-g.c
+++ b/lib/nettle/gost/gost-point-mul-g.c
@@ -26,7 +26,7 @@
 
    You should have received copies of the GNU General Public License and
    the GNU Lesser General Public License along with this program.  If
-   not, see http://www.gnu.org/licenses/.
+   not, see https://www.gnu.org/licenses/.
 */
 
 /* Development of Nettle's ECC support was funded by the .SE Internet Fund. */
diff --git a/lib/nettle/gost/gost-point.c b/lib/nettle/gost/gost-point.c
index 0e9938108c..b8a760c06f 100644
--- a/lib/nettle/gost/gost-point.c
+++ b/lib/nettle/gost/gost-point.c
@@ -26,7 +26,7 @@
 
    You should have received copies of the GNU General Public License and
    the GNU Lesser General Public License along with this program.  If
-   not, see http://www.gnu.org/licenses/.
+   not, see https://www.gnu.org/licenses/.
 */
 
 /* Development of Nettle's ECC support was funded by the .SE Internet Fund. */
diff --git a/lib/nettle/gost/gostdsa-keygen.c b/lib/nettle/gost/gostdsa-keygen.c
index fa364be872..619acb1e04 100644
--- a/lib/nettle/gost/gostdsa-keygen.c
+++ b/lib/nettle/gost/gostdsa-keygen.c
@@ -26,7 +26,7 @@
 
    You should have received copies of the GNU General Public License and
    the GNU Lesser General Public License along with this program.  If
-   not, see http://www.gnu.org/licenses/.
+   not, see https://www.gnu.org/licenses/.
 */
 
 /* Development of Nettle's ECC support was funded by the .SE Internet Fund. */
diff --git a/lib/nettle/gost/kuznyechik.c b/lib/nettle/gost/kuznyechik.c
index 29361d7007..9e09914e72 100644
--- a/lib/nettle/gost/kuznyechik.c
+++ b/lib/nettle/gost/kuznyechik.c
@@ -26,7 +26,7 @@
 
    You should have received copies of the GNU General Public License and
    the GNU Lesser General Public License along with this program.  If
-   not, see http://www.gnu.org/licenses/.
+   not, see https://www.gnu.org/licenses/.
  */
 
 #if HAVE_CONFIG_H
diff --git a/lib/nettle/gost/kuznyechik.h b/lib/nettle/gost/kuznyechik.h
index 5799284b3d..5d5b3bb58f 100644
--- a/lib/nettle/gost/kuznyechik.h
+++ b/lib/nettle/gost/kuznyechik.h
@@ -28,7 +28,7 @@
 
    You should have received copies of the GNU General Public License and
    the GNU Lesser General Public License along with this program.  If
-   not, see http://www.gnu.org/licenses/.
+   not, see https://www.gnu.org/licenses/.
 */
 
 #ifndef GNUTLS_LIB_NETTLE_KUZNYECHIK_H_INCLUDED
diff --git a/lib/nettle/gost/magma.h b/lib/nettle/gost/magma.h
index 31c6b262da..245fc7936f 100644
--- a/lib/nettle/gost/magma.h
+++ b/lib/nettle/gost/magma.h
@@ -28,7 +28,7 @@
 
    You should have received copies of the GNU General Public License and
    the GNU Lesser General Public License along with this program.  If
-   not, see http://www.gnu.org/licenses/.
+   not, see https://www.gnu.org/licenses/.
 */
 
 #ifndef GNUTLS_LIB_NETTLE_MAGMA_H_INCLUDED
diff --git a/lib/nettle/gost/write-le32.c b/lib/nettle/gost/write-le32.c
index d9d0482424..be5c6e2048 100644
--- a/lib/nettle/gost/write-le32.c
+++ b/lib/nettle/gost/write-le32.c
@@ -26,7 +26,7 @@
 
    You should have received copies of the GNU General Public License and
    the GNU Lesser General Public License along with this program.  If
-   not, see http://www.gnu.org/licenses/.
+   not, see https://www.gnu.org/licenses/.
 */
 
 #if HAVE_CONFIG_H
diff --git a/lib/nettle/gost_keywrap.c b/lib/nettle/gost_keywrap.c
index ca186702df..61527331f3 100644
--- a/lib/nettle/gost_keywrap.c
+++ b/lib/nettle/gost_keywrap.c
@@ -15,7 +15,7 @@
  * Lesser General Public License for more details.
  *
  * You should have received a copy of the GNU Lesser General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
  */
 
 #include "gnutls_int.h"
diff --git a/lib/nettle/int/block8.h b/lib/nettle/int/block8.h
index a1f6efec20..1d285dde9b 100644
--- a/lib/nettle/int/block8.h
+++ b/lib/nettle/int/block8.h
@@ -26,7 +26,7 @@
 
    You should have received copies of the GNU General Public License and
    the GNU Lesser General Public License along with this program.  If
-   not, see http://www.gnu.org/licenses/.
+   not, see https://www.gnu.org/licenses/.
 */
 
 #ifndef GNUTLS_LIB_NETTLE_BLOCK8_H
diff --git a/lib/nettle/int/dsa-compute-k.h b/lib/nettle/int/dsa-compute-k.h
index 64e90e0ca2..1cb096eebf 100644
--- a/lib/nettle/int/dsa-compute-k.h
+++ b/lib/nettle/int/dsa-compute-k.h
@@ -16,7 +16,7 @@
  * Lesser General Public License for more details.
  *
  * You should have received a copy of the GNU Lesser General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
  *
  */
 
diff --git a/lib/nettle/int/ecdsa-compute-k.h b/lib/nettle/int/ecdsa-compute-k.h
index 7ca401d6e4..aac23dd920 100644
--- a/lib/nettle/int/ecdsa-compute-k.h
+++ b/lib/nettle/int/ecdsa-compute-k.h
@@ -16,7 +16,7 @@
  * Lesser General Public License for more details.
  *
  * You should have received a copy of the GNU Lesser General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
  *
  */
 
diff --git a/lib/nettle/int/mpn-base256.c b/lib/nettle/int/mpn-base256.c
index 88dd00bd20..cd628b8b45 100644
--- a/lib/nettle/int/mpn-base256.c
+++ b/lib/nettle/int/mpn-base256.c
@@ -27,7 +27,7 @@
 
    You should have received copies of the GNU General Public License and
    the GNU Lesser General Public License along with this program.  If
-   not, see http://www.gnu.org/licenses/.
+   not, see https://www.gnu.org/licenses/.
 */
 
 #if HAVE_CONFIG_H
diff --git a/lib/nettle/int/mpn-base256.h b/lib/nettle/int/mpn-base256.h
index b5ca4af038..0b770480f8 100644
--- a/lib/nettle/int/mpn-base256.h
+++ b/lib/nettle/int/mpn-base256.h
@@ -27,7 +27,7 @@
 
    You should have received copies of the GNU General Public License and
    the GNU Lesser General Public License along with this program.  If
-   not, see http://www.gnu.org/licenses/.
+   not, see https://www.gnu.org/licenses/.
 */
 
 #ifndef NETTLE_GMP_GLUE_H_INCLUDED
diff --git a/lib/nettle/int/rsa-pad.c b/lib/nettle/int/rsa-pad.c
index 401bad33f7..d6a4e831a2 100644
--- a/lib/nettle/int/rsa-pad.c
+++ b/lib/nettle/int/rsa-pad.c
@@ -16,7 +16,7 @@
  * Lesser General Public License for more details.
  *
  * You should have received a copy of the GNU Lesser General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
  *
  */
 
diff --git a/lib/vko.c b/lib/vko.c
index e0d4f04ad0..adcce0fd1f 100644
--- a/lib/vko.c
+++ b/lib/vko.c
@@ -15,7 +15,7 @@
  * Lesser General Public License for more details.
  *
  * You should have received a copy of the GNU Lesser General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
  */
 
 /*
diff --git a/lib/vko.h b/lib/vko.h
index d4ff3891d9..cee6b3a2df 100644
--- a/lib/vko.h
+++ b/lib/vko.h
@@ -15,7 +15,7 @@
  * Lesser General Public License for more details.
  *
  * You should have received a copy of the GNU Lesser General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
  *
  */
 
diff --git a/src/serv.c b/src/serv.c
index 3ff335d1b1..d798356bbd 100644
--- a/src/serv.c
+++ b/src/serv.c
@@ -119,7 +119,7 @@ static void tcp_server(const char *name, int port);
 #define HTTP_BEGIN HTTP_OK \
 		"\n" \
 		"<HTML><BODY>\n" \
-		"<CENTER><H1>This is <a href=\"http://www.gnu.org/software/gnutls\">" \
+		"<CENTER><H1>This is <a href=\"https://www.gnu.org/software/gnutls\">" \
 		"GnuTLS</a></H1></CENTER>\n\n"
 
 /* These are global */
diff --git a/tests/hostname-check.c b/tests/hostname-check.c
index f878265bcb..ef8234bb7d 100644
--- a/tests/hostname-check.c
+++ b/tests/hostname-check.c
@@ -33,7 +33,7 @@
 /*
   A self-test of the RFC 2818 hostname matching algorithm.  Used to
   detect regressions of the bug reported in:
-  http://lists.gnupg.org/pipermail/gnutls-dev/2007-February/001385.html
+  https://lists.gnupg.org/pipermail/gnutls-dev/2007-February/001385.html
 */
 
 /* CN="*.com"
diff --git a/tests/init_roundtrip.c b/tests/init_roundtrip.c
index 4160b61bfe..730213e14a 100644
--- a/tests/init_roundtrip.c
+++ b/tests/init_roundtrip.c
@@ -28,7 +28,7 @@
 
 #include "utils.h"
 
-/* See <http://bugs.gentoo.org/272388>. */
+/* See <https://bugs.gentoo.org/272388>. */
 
 void doit(void)
 {
diff --git a/tests/pkcs11/pkcs11-mock.c b/tests/pkcs11/pkcs11-mock.c
index 0645187ffe..8b7462a2fe 100644
--- a/tests/pkcs11/pkcs11-mock.c
+++ b/tests/pkcs11/pkcs11-mock.c
@@ -5,7 +5,7 @@
  *  you may not use this file except in compliance with the License.
  *  You may obtain a copy of the License at
  *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
  *
  *  Unless required by applicable law or agreed to in writing, software
  *  distributed under the License is distributed on an "AS IS" BASIS,
diff --git a/tests/pkcs11/pkcs11-mock.h b/tests/pkcs11/pkcs11-mock.h
index 6764c021e6..f90a3369e7 100644
--- a/tests/pkcs11/pkcs11-mock.h
+++ b/tests/pkcs11/pkcs11-mock.h
@@ -5,7 +5,7 @@
  *  you may not use this file except in compliance with the License.
  *  You may obtain a copy of the License at
  *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *      https://www.apache.org/licenses/LICENSE-2.0
  *
  *  Unless required by applicable law or agreed to in writing, software
  *  distributed under the License is distributed on an "AS IS" BASIS,
diff --git a/tests/str-idna.c b/tests/str-idna.c
index 19a29da630..b01a65ff18 100644
--- a/tests/str-idna.c
+++ b/tests/str-idna.c
@@ -68,7 +68,7 @@ MATCH_FUNC(fname, str, normalized)
 	return; }
 
 /* some vectors taken from:
- * http://www.unicode.org/Public/idna/9.0.0/IdnaTest.txt
+ * https://www.unicode.org/Public/idna/9.0.0/IdnaTest.txt
  */
 
 MATCH_FUNC_TWO_WAY(test_ascii, "localhost", "localhost");