From 617471d85d60309e6b970d311fa45f677afb4ade Mon Sep 17 00:00:00 2001 From: Michal Nowak Date: Wed, 25 Mar 2026 10:39:15 +0100 Subject: [PATCH 1/2] Set User-Agent for Sphinx to fix gitlab.gnome.org The linkcheck started to fail because of a new check on gitlab.gnome.org that now forbids Sphinx User-Agent, returnin 406 HTTP status. ( chapter10: line 115) broken https://gitlab.gnome.org/GNOME/libxml2/-/wikis/home - 406 Client Error: Not Acceptable for url: https://gitlab.gnome.org/GNOME/libxml2/-/wikis/home --- doc/arm/conf.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/doc/arm/conf.py b/doc/arm/conf.py index 3a58eb3fe6..38f727ee41 100644 --- a/doc/arm/conf.py +++ b/doc/arm/conf.py @@ -164,6 +164,8 @@ release = version # -- General configuration --------------------------------------------------- +user_agent = "Mozilla/5.0" + # Add any Sphinx extension module names here, as strings. They can be # extensions coming with Sphinx (named 'sphinx.ext.*') or your custom # ones. From bf56489c4551b11680c82e384855e71ef960f82e Mon Sep 17 00:00:00 2001 From: Michal Nowak Date: Wed, 25 Mar 2026 10:47:42 +0100 Subject: [PATCH 2/2] pkcs11-provider project has new home --- doc/arm/build.inc.rst | 2 +- doc/arm/pkcs11.inc.rst | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/doc/arm/build.inc.rst b/doc/arm/build.inc.rst index ccc6a39c9a..62439eb4ff 100644 --- a/doc/arm/build.inc.rst +++ b/doc/arm/build.inc.rst @@ -69,7 +69,7 @@ in a nonstandard location adjust ``PKG_CONFIG_PATH`` or use the option ``--pkg-config-path``. To use a PKCS#11 hardware service module for cryptographic operations, -PKCS#11 Provider (https://github.com/latchset/pkcs11-provider/tree/main) +PKCS#11 Provider (https://github.com/openssl-projects/pkcs11-provider/tree/main) must be compiled, configured and used directly in the OpenSSL 3.x. The Userspace RCU library ``liburcu`` (https://liburcu.org/) is used diff --git a/doc/arm/pkcs11.inc.rst b/doc/arm/pkcs11.inc.rst index bd0d5ead85..d1b3d7c7bd 100644 --- a/doc/arm/pkcs11.inc.rst +++ b/doc/arm/pkcs11.inc.rst @@ -26,7 +26,7 @@ is specific to the HSM to be controlled. BIND 9 accesses PKCS#11 libraries via OpenSSL Providers. The provider for OpenSSL 3 and newer is `pkcs11-provider`_. -.. _`pkcs11-provider`: https://github.com/latchset/pkcs11-provider +.. _`pkcs11-provider`: https://github.com/openssl-projects/pkcs11-provider In both cases the extension is dynamically loaded into OpenSSL and the HSM is operated indirectly; any cryptographic operations not supported by the HSM can @@ -87,7 +87,7 @@ The canonical documentation for configuring pkcs11-provider is in the `provider-pkcs11.7`_ manual page, but a copy of a working configuration is provided here for convenience: -.. _`provider-pkcs11.7`: https://github.com/latchset/pkcs11-provider/blob/main/docs/provider-pkcs11.7.md +.. _`provider-pkcs11.7`: https://github.com/openssl-projects/pkcs11-provider/blob/main/docs/provider-pkcs11.7.md In this example, we use a custom copy of OpenSSL configuration, driven by an environment variable called OPENSSL_CONF. First, copy the @@ -131,7 +131,7 @@ Add the following lines at the bottom of the file: module = /pkcs11.so pkcs11-module-path = # bind uses the digest+sign api. this is broken with the default load behaviour, - # but works with early load. see: https://github.com/latchset/pkcs11-provider/issues/266 + # but works with early load. see: https://github.com/openssl-projects/pkcs11-provider/issues/266 pkcs11-module-load-behavior = early # no-deinit quirk is needed if you use softhsm2 #pkcs11-module-quirks = no-deinit