Fix markup to be compatible with Sphinx and add rough API doc
diff --git a/OpenSSL/crypto/crl.c b/OpenSSL/crypto/crl.c
index 97326f8..6a14bce 100644
--- a/OpenSSL/crypto/crl.c
+++ b/OpenSSL/crypto/crl.c
@@ -85,7 +85,7 @@
 Add a revoked (by value not reference) to the CRL structure\n\
 \n\
 :param cert: The new revoked.\n\
-:type cert: L{X509}\n\
+:type cert: :class:`X509`\n\
 :return: None\n\
 ";
 static PyObject *
@@ -113,13 +113,13 @@
 export(cert, key[, type[, days]]) -> export a CRL as a string\n\
 \n\
 :param cert: Used to sign CRL.\n\
-:type cert: L{X509}\n\
+:type cert: :class:`X509`\n\
 :param key: Used to sign CRL.\n\
-:type key: L{PKey}\n\
-:param type: The export format, either L{FILETYPE_PEM}, L{FILETYPE_ASN1}, or L{FILETYPE_TEXT}.\n\
+:type key: :class:`PKey`\n\
+:param type: The export format, either :py:data:`FILETYPE_PEM`, :py:data:`FILETYPE_ASN1`, or :py:data:`FILETYPE_TEXT`.\n\
 :param days: The number of days until the next update of this CRL.\n\
-:type days: L{int}\n\
-:return: L{str}\n\
+:type days: :py:data:`int`\n\
+:return: :py:data:`str`\n\
 ";
 static PyObject *
 crypto_CRL_export(crypto_CRLObj *self, PyObject *args, PyObject *keywds) {
diff --git a/OpenSSL/crypto/crypto.c b/OpenSSL/crypto/crypto.c
index 421eabc..1442b5a 100644
--- a/OpenSSL/crypto/crypto.c
+++ b/OpenSSL/crypto/crypto.c
@@ -141,11 +141,11 @@
 :param pkey: The PKey to dump\n\
 :param cipher: (optional) if encrypted PEM format, the cipher to\n\
                use\n\
-:param passphrase - (optional) if encrypted PEM format, this can be either\n\
-                    the passphrase to use, or a callback for providing the\n\
-                    passphrase.\n\
+:param passphrase: (optional) if encrypted PEM format, this can be either\n\
+                   the passphrase to use, or a callback for providing the\n\
+                   passphrase.\n\
 :return: The buffer with the dumped key in\n\
-:rtype: C{str}\n\
+:rtype: :py:data:`str`\n\
 ";
 
 static PyObject *
diff --git a/OpenSSL/crypto/netscape_spki.c b/OpenSSL/crypto/netscape_spki.c
index d6103ca..8110a24 100644
--- a/OpenSSL/crypto/netscape_spki.c
+++ b/OpenSSL/crypto/netscape_spki.c
@@ -39,7 +39,7 @@
 NetscapeSPKI([enc]) -> NetscapeSPKI instance\n\
 \n\
 :param enc: Base64 encoded NetscapeSPKI object.\n\
-:type enc: C{str}\n\
+:type enc: :py:data:`str`\n\
 :return: The NetscapeSPKI object\n\
 ";
 
diff --git a/OpenSSL/crypto/pkcs12.c b/OpenSSL/crypto/pkcs12.c
index f4878e5..f8e66a8 100644
--- a/OpenSSL/crypto/pkcs12.c
+++ b/OpenSSL/crypto/pkcs12.c
@@ -42,7 +42,7 @@
 Replace the certificate portion of the PKCS12 structure\n\
 \n\
 :param cert: The new certificate.\n\
-:type cert: L{X509} or L{NoneType}\n\
+:type cert: :py:class:`X509` or :py:data:`None`\n\
 :return: None\n\
 ";
 static PyObject *
@@ -86,7 +86,7 @@
 Replace or set the certificate portion of the PKCS12 structure\n\
 \n\
 :param pkey: The new private key.\n\
-:type pkey: L{PKey}\n\
+:type pkey: :py:class:`PKey`\n\
 :return: None\n\
 ";
 static PyObject *
@@ -131,7 +131,7 @@
 Replace or set the CA certificates withing the PKCS12 object.\n\
 \n\
 :param cacerts: The new CA certificates.\n\
-:type cacerts: Iterable of L{X509} or L{NoneType}\n\
+:type cacerts: Iterable of :py:class:`X509` or :py:data:`None`\n\
 :return: None\n\
 ";
 static PyObject *
@@ -191,7 +191,7 @@
 Replace or set the certificate portion of the PKCS12 structure\n\
 \n\
 :param name: The new friendly name.\n\
-:type name: L{str}\n\
+:type name: :py:data:`str`\n\
 :return: None\n\
 ";
 static PyObject *
@@ -221,11 +221,11 @@
 Dump a PKCS12 object as a string.  See also \"man PKCS12_create\".\n\
 \n\
 :param passphrase: used to encrypt the PKCS12\n\
-:type passphrase: L{str}\n\
+:type passphrase: :py:data:`str`\n\
 :param iter: How many times to repeat the encryption\n\
-:type iter: L{int}\n\
+:type iter: :py:data:`int`\n\
 :param maciter: How many times to repeat the MAC\n\
-:type maciter: L{int}\n\
+:type maciter: :py:data:`int`\n\
 :return: The string containing the PKCS12\n\
 ";
 static PyObject *
diff --git a/OpenSSL/crypto/revoked.c b/OpenSSL/crypto/revoked.c
index 8087fca..ed183b7 100644
--- a/OpenSSL/crypto/revoked.c
+++ b/OpenSSL/crypto/revoked.c
@@ -127,7 +127,7 @@
 Set the reason of a Revoked object.\n\
 \n\
 :param reason: The reason string.\n\
-:type reason: L{str}\n\
+:type reason: :py:data:`str`\n\
 :return: None\n\
 ";
 static PyObject *
@@ -299,7 +299,7 @@
 Set the serial number of a revoked Revoked structure\n\
 \n\
 :param hex_str: The new serial number.\n\
-:type hex_str: L{str}\n\
+:type hex_str: :py:data:`str`\n\
 :return: None\n\
 ";
 static PyObject *
diff --git a/OpenSSL/crypto/x509.c b/OpenSSL/crypto/x509.c
index 0ea6542..ab8348f 100644
--- a/OpenSSL/crypto/x509.c
+++ b/OpenSSL/crypto/x509.c
@@ -202,7 +202,7 @@
 Set the issuer of the certificate\n\
 \n\
 :param issuer: The issuer name\n\
-:type issuer: L{X509Name}\n\
+:type issuer: :py:class:`X509Name`\n\
 :return: None\n\
 ";
 
@@ -254,7 +254,7 @@
 Set the subject of the certificate\n\
 \n\
 :param subject: The subject name\n\
-:type subject: L{X509Name}\n\
+:type subject: :FOOBAR:`X509Name`\n\
 :return: None\n\
 ";
 
diff --git a/OpenSSL/crypto/x509ext.c b/OpenSSL/crypto/x509ext.c
index 96c1993..f65fd0f 100644
--- a/OpenSSL/crypto/x509ext.c
+++ b/OpenSSL/crypto/x509ext.c
@@ -54,7 +54,7 @@
 static char crypto_X509Extension_get_data_doc[] = "\n\
 Returns the data of the X509Extension\n\
 \n\
-:return: A C{str} giving the X509Extension's ASN.1 encoded data.\n\
+:return: A :py:data:`str` giving the X509Extension's ASN.1 encoded data.\n\
 ";
 
 static PyObject *
@@ -186,14 +186,14 @@
                 X509Extension instance\n\
 \n\
 :param typename: The name of the extension to create.\n\
-:type typename: C{str}\n\
+:type typename: :py:data:`str`\n\
 :param critical: A flag indicating whether this is a critical extension.\n\
 :param value: The value of the extension.\n\
-:type value: C{str}\n\
+:type value: :py:data:`str`\n\
 :param subject: Optional X509 cert to use as subject.\n\
-:type subject: C{X509}\n\
+:type subject: :py:class:`X509`\n\
 :param issuer: Optional X509 cert to use as issuer.\n\
-:type issuer: C{X509}\n\
+:type issuer: :py:class:`X509`\n\
 :return: The X509Extension object\n\
 ";
 
diff --git a/OpenSSL/ssl/connection.c b/OpenSSL/ssl/connection.c
index ba6da3f..037f2a0 100755
--- a/OpenSSL/ssl/connection.c
+++ b/OpenSSL/ssl/connection.c
@@ -266,7 +266,7 @@
 static char ssl_Connection_set_context_doc[] = "\n\
 Switch this connection to a new session context\n\
 \n\
-:param context: A L{Context} instance giving the new session context to use.\n\
+:param context: A :py:class:`Context` instance giving the new session context to use.\n\
 \n\
 ";
 static PyObject *
@@ -305,7 +305,7 @@
 Retrieve the servername extension value if provided in the client hello\n\
 message, or None if there wasn't one.\n\
 \n\
-:return: A byte string giving the server name or C{None}.\n\
+:return: A byte string giving the server name or :py:data:`None`.\n\
 \n\
 ";
 static PyObject *
@@ -944,8 +944,8 @@
 Get CAs whose certificates are suggested for client authentication.\n\
 \n\
 :return: If this is a server connection, a list of X509Names representing\n\
-    the acceptable CAs as set by L{OpenSSL.SSL.Context.set_client_ca_list} or\n\
-    L{OpenSSL.SSL.Context.add_client_ca}.  If this is a client connection,\n\
+    the acceptable CAs as set by :py:meth:`OpenSSL.SSL.Context.set_client_ca_list` or\n\
+    :py:meth:`OpenSSL.SSL.Context.add_client_ca`.  If this is a client connection,\n\
     the list of such X509Names sent by the server, or an empty list if that\n\
     has not yet happened.\n\
 ";
diff --git a/OpenSSL/test/__init__.py b/OpenSSL/test/__init__.py
index ccb4e9a..9b08060 100644
--- a/OpenSSL/test/__init__.py
+++ b/OpenSSL/test/__init__.py
@@ -2,5 +2,5 @@
 # See LICENSE for details.
 
 """
-Package containing unit tests for L{OpenSSL}.
+Package containing unit tests for :py:mod:`OpenSSL`.
 """
diff --git a/OpenSSL/test/test_crypto.py b/OpenSSL/test/test_crypto.py
index 9f16643..b17a743 100644
--- a/OpenSSL/test/test_crypto.py
+++ b/OpenSSL/test/test_crypto.py
@@ -2,7 +2,7 @@
 # See LICENSE file for details.
 
 """
-Unit tests for L{OpenSSL.crypto}.
+Unit tests for :py:mod:`OpenSSL.crypto`.
 """
 
 from unittest import main
@@ -268,7 +268,7 @@
 
 class X509ExtTests(TestCase):
     """
-    Tests for L{OpenSSL.crypto.X509Extension}.
+    Tests for :py:class:`OpenSSL.crypto.X509Extension`.
     """
 
     def setUp(self):
@@ -296,8 +296,8 @@
 
     def test_str(self):
         """
-        The string representation of L{X509Extension} instances as returned by
-        C{str} includes stuff.
+        The string representation of :py:class:`X509Extension` instances as returned by
+        :py:data:`str` includes stuff.
         """
         # This isn't necessarily the best string representation.  Perhaps it
         # will be changed/improved in the future.
@@ -308,7 +308,7 @@
 
     def test_type(self):
         """
-        L{X509Extension} and L{X509ExtensionType} refer to the same type object
+        :py:class:`X509Extension` and :py:class:`X509ExtensionType` refer to the same type object
         and can be used to create instances of that type.
         """
         self.assertIdentical(X509Extension, X509ExtensionType)
@@ -319,8 +319,8 @@
 
     def test_construction(self):
         """
-        L{X509Extension} accepts an extension type name, a critical flag,
-        and an extension value and returns an L{X509ExtensionType} instance.
+        :py:class:`X509Extension` accepts an extension type name, a critical flag,
+        and an extension value and returns an :py:class:`X509ExtensionType` instance.
         """
         basic = X509Extension(b('basicConstraints'), True, b('CA:true'))
         self.assertTrue(
@@ -338,7 +338,7 @@
 
     def test_invalid_extension(self):
         """
-        L{X509Extension} raises something if it is passed a bad extension
+        :py:class:`X509Extension` raises something if it is passed a bad extension
         name or value.
         """
         self.assertRaises(
@@ -357,7 +357,7 @@
 
     def test_get_critical(self):
         """
-        L{X509ExtensionType.get_critical} returns the value of the
+        :py:meth:`X509ExtensionType.get_critical` returns the value of the
         extension's critical flag.
         """
         ext = X509Extension(b('basicConstraints'), True, b('CA:true'))
@@ -368,7 +368,7 @@
 
     def test_get_short_name(self):
         """
-        L{X509ExtensionType.get_short_name} returns a string giving the short
+        :py:meth:`X509ExtensionType.get_short_name` returns a string giving the short
         type name of the extension.
         """
         ext = X509Extension(b('basicConstraints'), True, b('CA:true'))
@@ -379,7 +379,7 @@
 
     def test_get_data(self):
         """
-        L{X509Extension.get_data} returns a string giving the data of the
+        :py:meth:`X509Extension.get_data` returns a string giving the data of the
         extension.
         """
         ext = X509Extension(b('basicConstraints'), True, b('CA:true'))
@@ -389,7 +389,7 @@
 
     def test_get_data_wrong_args(self):
         """
-        L{X509Extension.get_data} raises L{TypeError} if passed any arguments.
+        :py:meth:`X509Extension.get_data` raises :py:exc:`TypeError` if passed any arguments.
         """
         ext = X509Extension(b('basicConstraints'), True, b('CA:true'))
         self.assertRaises(TypeError, ext.get_data, None)
@@ -399,7 +399,7 @@
 
     def test_unused_subject(self):
         """
-        The C{subject} parameter to L{X509Extension} may be provided for an
+        The :py:data:`subject` parameter to :py:class:`X509Extension` may be provided for an
         extension which does not use it and is ignored in this case.
         """
         ext1 = X509Extension(
@@ -414,8 +414,8 @@
 
     def test_subject(self):
         """
-        If an extension requires a subject, the C{subject} parameter to
-        L{X509Extension} provides its value.
+        If an extension requires a subject, the :py:data:`subject` parameter to
+        :py:class:`X509Extension` provides its value.
         """
         ext3 = X509Extension(
             b('subjectKeyIdentifier'), False, b('hash'), subject=self.x509)
@@ -427,7 +427,7 @@
 
     def test_missing_subject(self):
         """
-        If an extension requires a subject and the C{subject} parameter is
+        If an extension requires a subject and the :py:data:`subject` parameter is
         given no value, something happens.
         """
         self.assertRaises(
@@ -436,8 +436,8 @@
 
     def test_invalid_subject(self):
         """
-        If the C{subject} parameter is given a value which is not an L{X509}
-        instance, L{TypeError} is raised.
+        If the :py:data:`subject` parameter is given a value which is not an
+        :py:class:`X509` instance, :py:exc:`TypeError` is raised.
         """
         for badObj in [True, object(), "hello", [], self]:
             self.assertRaises(
@@ -448,7 +448,7 @@
 
     def test_unused_issuer(self):
         """
-        The C{issuer} parameter to L{X509Extension} may be provided for an
+        The :py:data:`issuer` parameter to :py:class:`X509Extension` may be provided for an
         extension which does not use it and is ignored in this case.
         """
         ext1 = X509Extension(
@@ -462,8 +462,8 @@
 
     def test_issuer(self):
         """
-        If an extension requires a issuer, the C{issuer} parameter to
-        L{X509Extension} provides its value.
+        If an extension requires a issuer, the :py:data:`issuer` parameter to
+        :py:class:`X509Extension` provides its value.
         """
         ext2 = X509Extension(
             b('authorityKeyIdentifier'), False, b('issuer:always'),
@@ -477,7 +477,7 @@
 
     def test_missing_issuer(self):
         """
-        If an extension requires an issue and the C{issuer} parameter is given
+        If an extension requires an issue and the :py:data:`issuer` parameter is given
         no value, something happens.
         """
         self.assertRaises(
@@ -489,8 +489,8 @@
 
     def test_invalid_issuer(self):
         """
-        If the C{issuer} parameter is given a value which is not an L{X509}
-        instance, L{TypeError} is raised.
+        If the :py:data:`issuer` parameter is given a value which is not an
+        :py:class:`X509` instance, :py:exc:`TypeError` is raised.
         """
         for badObj in [True, object(), "hello", [], self]:
             self.assertRaises(
@@ -503,12 +503,12 @@
 
 class PKeyTests(TestCase):
     """
-    Unit tests for L{OpenSSL.crypto.PKey}.
+    Unit tests for :py:class:`OpenSSL.crypto.PKey`.
     """
     def test_type(self):
         """
-        L{PKey} and L{PKeyType} refer to the same type object and can be used
-        to create instances of that type.
+        :py:class:`PKey` and :py:class:`PKeyType` refer to the same type object
+        and can be used to create instances of that type.
         """
         self.assertIdentical(PKey, PKeyType)
         self.assertConsistentType(PKey, 'PKey')
@@ -516,7 +516,7 @@
 
     def test_construction(self):
         """
-        L{PKey} takes no arguments and returns a new L{PKey} instance.
+        :py:class:`PKey` takes no arguments and returns a new :py:class:`PKey` instance.
         """
         self.assertRaises(TypeError, PKey, None)
         key = PKey()
@@ -527,8 +527,8 @@
 
     def test_pregeneration(self):
         """
-        L{PKeyType.bits} and L{PKeyType.type} return C{0} before the key is
-        generated.  L{PKeyType.check} raises L{TypeError} before the key is
+        :py:attr:`PKeyType.bits` and :py:attr:`PKeyType.type` return :py:data:`0` before the key is
+        generated.  :py:attr:`PKeyType.check` raises :py:exc:`TypeError` before the key is
         generated.
         """
         key = PKey()
@@ -539,11 +539,11 @@
 
     def test_failedGeneration(self):
         """
-        L{PKeyType.generate_key} takes two arguments, the first giving the key
-        type as one of L{TYPE_RSA} or L{TYPE_DSA} and the second giving the
+        :py:meth:`PKeyType.generate_key` takes two arguments, the first giving the key
+        type as one of :py:data:`TYPE_RSA` or :py:data:`TYPE_DSA` and the second giving the
         number of bits to generate.  If an invalid type is specified or
-        generation fails, L{Error} is raised.  If an invalid number of bits is
-        specified, L{ValueError} or L{Error} is raised.
+        generation fails, :py:exc:`Error` is raised.  If an invalid number of bits is
+        specified, :py:exc:`ValueError` or :py:exc:`Error` is raised.
         """
         key = PKey()
         self.assertRaises(TypeError, key.generate_key)
@@ -574,8 +574,8 @@
 
     def test_rsaGeneration(self):
         """
-        L{PKeyType.generate_key} generates an RSA key when passed
-        L{TYPE_RSA} as a type and a reasonable number of bits.
+        :py:meth:`PKeyType.generate_key` generates an RSA key when passed
+        :py:data:`TYPE_RSA` as a type and a reasonable number of bits.
         """
         bits = 128
         key = PKey()
@@ -587,8 +587,8 @@
 
     def test_dsaGeneration(self):
         """
-        L{PKeyType.generate_key} generates a DSA key when passed
-        L{TYPE_DSA} as a type and a reasonable number of bits.
+        :py:meth:`PKeyType.generate_key` generates a DSA key when passed
+        :py:data:`TYPE_DSA` as a type and a reasonable number of bits.
         """
         # 512 is a magic number.  The DSS (Digital Signature Standard)
         # allows a minimum of 512 bits for DSA.  DSA_generate_parameters
@@ -603,7 +603,7 @@
 
     def test_regeneration(self):
         """
-        L{PKeyType.generate_key} can be called multiple times on the same
+        :py:meth:`PKeyType.generate_key` can be called multiple times on the same
         key to generate new keys.
         """
         key = PKey()
@@ -615,7 +615,7 @@
 
     def test_inconsistentKey(self):
         """
-        L{PKeyType.check} returns C{False} if the key is not consistent.
+        :py:`PKeyType.check` returns :py:exc:`Error` if the key is not consistent.
         """
         key = load_privatekey(FILETYPE_PEM, inconsistentPrivateKeyPEM)
         self.assertRaises(Error, key.check)
@@ -623,7 +623,7 @@
 
     def test_check_wrong_args(self):
         """
-        L{PKeyType.check} raises L{TypeError} if called with any arguments.
+        :py:meth:`PKeyType.check` raises :py:exc:`TypeError` if called with any arguments.
         """
         self.assertRaises(TypeError, PKey().check, None)
         self.assertRaises(TypeError, PKey().check, object())
@@ -633,7 +633,7 @@
 
 class X509NameTests(TestCase):
     """
-    Unit tests for L{OpenSSL.crypto.X509Name}.
+    Unit tests for :py:class:`OpenSSL.crypto.X509Name`.
     """
     def _x509name(self, **attrs):
         # XXX There's no other way to get a new X509Name yet.
@@ -650,7 +650,7 @@
 
     def test_type(self):
         """
-        The type of X509Name objects is L{X509NameType}.
+        The type of X509Name objects is :py:class:`X509NameType`.
         """
         self.assertIdentical(X509Name, X509NameType)
         self.assertEqual(X509NameType.__name__, 'X509Name')
@@ -665,8 +665,8 @@
 
     def test_onlyStringAttributes(self):
         """
-        Attempting to set a non-L{str} attribute name on an L{X509NameType}
-        instance causes L{TypeError} to be raised.
+        Attempting to set a non-:py:data:`str` attribute name on an :py:class:`X509NameType`
+        instance causes :py:exc:`TypeError` to be raised.
         """
         name = self._x509name()
         # Beyond these cases, you may also think that unicode should be
@@ -682,8 +682,8 @@
 
     def test_setInvalidAttribute(self):
         """
-        Attempting to set any attribute name on an L{X509NameType} instance for
-        which no corresponding NID is defined causes L{AttributeError} to be
+        Attempting to set any attribute name on an :py:class:`X509NameType` instance for
+        which no corresponding NID is defined causes :py:exc:`AttributeError` to be
         raised.
         """
         name = self._x509name()
@@ -692,7 +692,7 @@
 
     def test_attributes(self):
         """
-        L{X509NameType} instances have attributes for each standard (?)
+        :py:class:`X509NameType` instances have attributes for each standard (?)
         X509Name field.
         """
         name = self._x509name()
@@ -712,8 +712,8 @@
 
     def test_copy(self):
         """
-        L{X509Name} creates a new L{X509NameType} instance with all the same
-        attributes as an existing L{X509NameType} instance when called with
+        :py:class:`X509Name` creates a new :py:class:`X509NameType` instance with all the same
+        attributes as an existing :py:class:`X509NameType` instance when called with
         one.
         """
         name = self._x509name(commonName="foo", emailAddress="bar@example.com")
@@ -733,7 +733,7 @@
 
     def test_repr(self):
         """
-        L{repr} passed an L{X509NameType} instance should return a string
+        :py:func:`repr` passed an :py:class:`X509NameType` instance should return a string
         containing a description of the type and the NIDs which have been set
         on it.
         """
@@ -745,7 +745,7 @@
 
     def test_comparison(self):
         """
-        L{X509NameType} instances should compare based on their NIDs.
+        :py:class:`X509NameType` instances should compare based on their NIDs.
         """
         def _equality(a, b, assertTrue, assertFalse):
             assertTrue(a == b, "(%r == %r) --> False" % (a, b))
@@ -820,7 +820,7 @@
 
     def test_hash(self):
         """
-        L{X509Name.hash} returns an integer hash based on the value of the
+        :py:meth:`X509Name.hash` returns an integer hash based on the value of the
         name.
         """
         a = self._x509name(CN="foo")
@@ -832,7 +832,7 @@
 
     def test_der(self):
         """
-        L{X509Name.der} returns the DER encoded form of the name.
+        :py:meth:`X509Name.der` returns the DER encoded form of the name.
         """
         a = self._x509name(CN="foo", C="US")
         self.assertEqual(
@@ -843,7 +843,8 @@
 
     def test_get_components(self):
         """
-        L{X509Name.get_components} returns a C{list} of two-tuples of C{str}
+        :py:meth:`X509Name.get_components` returns a :py:data:`list` of
+        two-tuples of :py:data:`str`
         giving the NIDs and associated values which make up the name.
         """
         a = self._x509name()
@@ -862,14 +863,16 @@
     """
     def signable(self):
         """
-        Return something with a C{set_pubkey}, C{set_pubkey}, and C{sign} method.
+        Return something with a :py:meth:`set_pubkey`, :py:meth:`set_pubkey`,
+        and :py:meth:`sign` method.
         """
         raise NotImplementedError()
 
 
     def test_signWithUngenerated(self):
         """
-        L{X509Req.sign} raises L{ValueError} when pass a L{PKey} with no parts.
+        :py:meth:`X509Req.sign` raises :py:exc:`ValueError` when pass a
+        :py:class:`PKey` with no parts.
         """
         request = self.signable()
         key = PKey()
@@ -878,8 +881,8 @@
 
     def test_signWithPublicKey(self):
         """
-        L{X509Req.sign} raises L{ValueError} when pass a L{PKey} with no
-        private part as the signing key.
+        :py:meth:`X509Req.sign` raises :py:exc:`ValueError` when pass a
+        :py:class:`PKey` with no private part as the signing key.
         """
         request = self.signable()
         key = PKey()
@@ -891,7 +894,7 @@
 
     def test_signWithUnknownDigest(self):
         """
-        L{X509Req.sign} raises L{ValueError} when passed a digest name which is
+        :py:meth:`X509Req.sign` raises :py:exc:`ValueError` when passed a digest name which is
         not known.
         """
         request = self.signable()
@@ -902,8 +905,8 @@
 
     def test_sign(self):
         """
-        L{X509Req.sign} succeeds when passed a private key object and a valid
-        digest function.  C{X509Req.verify} can be used to check the signature.
+        :py:meth:`X509Req.sign` succeeds when passed a private key object and a valid
+        digest function.  :py:meth:`X509Req.verify` can be used to check the signature.
         """
         request = self.signable()
         key = PKey()
@@ -924,18 +927,18 @@
 
 class X509ReqTests(TestCase, _PKeyInteractionTestsMixin):
     """
-    Tests for L{OpenSSL.crypto.X509Req}.
+    Tests for :py:class:`OpenSSL.crypto.X509Req`.
     """
     def signable(self):
         """
-        Create and return a new L{X509Req}.
+        Create and return a new :py:class:`X509Req`.
         """
         return X509Req()
 
 
     def test_type(self):
         """
-        L{X509Req} and L{X509ReqType} refer to the same type object and can be
+        :py:obj:`X509Req` and :py:obj:`X509ReqType` refer to the same type object and can be
         used to create instances of that type.
         """
         self.assertIdentical(X509Req, X509ReqType)
@@ -944,7 +947,7 @@
 
     def test_construction(self):
         """
-        L{X509Req} takes no arguments and returns an L{X509ReqType} instance.
+        :py:obj:`X509Req` takes no arguments and returns an :py:obj:`X509ReqType` instance.
         """
         request = X509Req()
         self.assertTrue(
@@ -954,8 +957,8 @@
 
     def test_version(self):
         """
-        L{X509ReqType.set_version} sets the X.509 version of the certificate
-        request.  L{X509ReqType.get_version} returns the X.509 version of
+        :py:obj:`X509ReqType.set_version` sets the X.509 version of the certificate
+        request.  :py:obj:`X509ReqType.get_version` returns the X.509 version of
         the certificate request.  The initial value of the version is 0.
         """
         request = X509Req()
@@ -968,9 +971,9 @@
 
     def test_version_wrong_args(self):
         """
-        L{X509ReqType.set_version} raises L{TypeError} if called with the wrong
-        number of arguments or with a non-C{int} argument.
-        L{X509ReqType.get_version} raises L{TypeError} if called with any
+        :py:obj:`X509ReqType.set_version` raises :py:obj:`TypeError` if called with the wrong
+        number of arguments or with a non-:py:obj:`int` argument.
+        :py:obj:`X509ReqType.get_version` raises :py:obj:`TypeError` if called with any
         arguments.
         """
         request = X509Req()
@@ -982,7 +985,7 @@
 
     def test_get_subject(self):
         """
-        L{X509ReqType.get_subject} returns an L{X509Name} for the subject of
+        :py:obj:`X509ReqType.get_subject` returns an :py:obj:`X509Name` for the subject of
         the request and which is valid even after the request object is
         otherwise dead.
         """
@@ -1000,7 +1003,7 @@
 
     def test_get_subject_wrong_args(self):
         """
-        L{X509ReqType.get_subject} raises L{TypeError} if called with any
+        :py:obj:`X509ReqType.get_subject` raises :py:obj:`TypeError` if called with any
         arguments.
         """
         request = X509Req()
@@ -1009,7 +1012,7 @@
 
     def test_add_extensions(self):
         """
-        L{X509Req.add_extensions} accepts a C{list} of L{X509Extension}
+        :py:obj:`X509Req.add_extensions` accepts a :py:obj:`list` of :py:obj:`X509Extension`
         instances and adds them to the X509 request.
         """
         request = X509Req()
@@ -1020,9 +1023,9 @@
 
     def test_add_extensions_wrong_args(self):
         """
-        L{X509Req.add_extensions} raises L{TypeError} if called with the wrong
-        number of arguments or with a non-C{list}.  Or it raises L{ValueError}
-        if called with a C{list} containing objects other than L{X509Extension}
+        :py:obj:`X509Req.add_extensions` raises :py:obj:`TypeError` if called with the wrong
+        number of arguments or with a non-:py:obj:`list`.  Or it raises :py:obj:`ValueError`
+        if called with a :py:obj:`list` containing objects other than :py:obj:`X509Extension`
         instances.
         """
         request = X509Req()
@@ -1035,7 +1038,7 @@
 
 class X509Tests(TestCase, _PKeyInteractionTestsMixin):
     """
-    Tests for L{OpenSSL.crypto.X509}.
+    Tests for :py:obj:`OpenSSL.crypto.X509`.
     """
     pemData = cleartextCertificatePEM + cleartextPrivateKeyPEM
 
@@ -1061,14 +1064,14 @@
     """
     def signable(self):
         """
-        Create and return a new L{X509}.
+        Create and return a new :py:obj:`X509`.
         """
         return X509()
 
 
     def test_type(self):
         """
-        L{X509} and L{X509Type} refer to the same type object and can be used
+        :py:obj:`X509` and :py:obj:`X509Type` refer to the same type object and can be used
         to create instances of that type.
         """
         self.assertIdentical(X509, X509Type)
@@ -1077,7 +1080,7 @@
 
     def test_construction(self):
         """
-        L{X509} takes no arguments and returns an instance of L{X509Type}.
+        :py:obj:`X509` takes no arguments and returns an instance of :py:obj:`X509Type`.
         """
         certificate = X509()
         self.assertTrue(
@@ -1093,7 +1096,7 @@
 
     def test_get_version_wrong_args(self):
         """
-        L{X509.get_version} raises L{TypeError} if invoked with any arguments.
+        :py:obj:`X509.get_version` raises :py:obj:`TypeError` if invoked with any arguments.
         """
         cert = X509()
         self.assertRaises(TypeError, cert.get_version, None)
@@ -1101,8 +1104,8 @@
 
     def test_set_version_wrong_args(self):
         """
-        L{X509.set_version} raises L{TypeError} if invoked with the wrong number
-        of arguments or an argument not of type C{int}.
+        :py:obj:`X509.set_version` raises :py:obj:`TypeError` if invoked with the wrong number
+        of arguments or an argument not of type :py:obj:`int`.
         """
         cert = X509()
         self.assertRaises(TypeError, cert.set_version)
@@ -1112,8 +1115,8 @@
 
     def test_version(self):
         """
-        L{X509.set_version} sets the certificate version number.
-        L{X509.get_version} retrieves it.
+        :py:obj:`X509.set_version` sets the certificate version number.
+        :py:obj:`X509.get_version` retrieves it.
         """
         cert = X509()
         cert.set_version(1234)
@@ -1122,7 +1125,7 @@
 
     def test_get_serial_number_wrong_args(self):
         """
-        L{X509.get_serial_number} raises L{TypeError} if invoked with any
+        :py:obj:`X509.get_serial_number` raises :py:obj:`TypeError` if invoked with any
         arguments.
         """
         cert = X509()
@@ -1131,8 +1134,8 @@
 
     def test_serial_number(self):
         """
-        The serial number of an L{X509Type} can be retrieved and modified with
-        L{X509Type.get_serial_number} and L{X509Type.set_serial_number}.
+        The serial number of an :py:obj:`X509Type` can be retrieved and modified with
+        :py:obj:`X509Type.get_serial_number` and :py:obj:`X509Type.set_serial_number`.
         """
         certificate = X509()
         self.assertRaises(TypeError, certificate.set_serial_number)
@@ -1152,7 +1155,7 @@
 
     def _setBoundTest(self, which):
         """
-        L{X509Type.set_notBefore} takes a string in the format of an ASN1
+        :py:obj:`X509Type.set_notBefore` takes a string in the format of an ASN1
         GENERALIZEDTIME and sets the beginning of the certificate's validity
         period to it.
         """
@@ -1191,7 +1194,7 @@
 
     def test_set_notBefore(self):
         """
-        L{X509Type.set_notBefore} takes a string in the format of an ASN1
+        :py:obj:`X509Type.set_notBefore` takes a string in the format of an ASN1
         GENERALIZEDTIME and sets the beginning of the certificate's validity
         period to it.
         """
@@ -1200,7 +1203,7 @@
 
     def test_set_notAfter(self):
         """
-        L{X509Type.set_notAfter} takes a string in the format of an ASN1
+        :py:obj:`X509Type.set_notAfter` takes a string in the format of an ASN1
         GENERALIZEDTIME and sets the end of the certificate's validity period
         to it.
         """
@@ -1209,7 +1212,7 @@
 
     def test_get_notBefore(self):
         """
-        L{X509Type.get_notBefore} returns a string in the format of an ASN1
+        :py:obj:`X509Type.get_notBefore` returns a string in the format of an ASN1
         GENERALIZEDTIME even for certificates which store it as UTCTIME
         internally.
         """
@@ -1219,7 +1222,7 @@
 
     def test_get_notAfter(self):
         """
-        L{X509Type.get_notAfter} returns a string in the format of an ASN1
+        :py:obj:`X509Type.get_notAfter` returns a string in the format of an ASN1
         GENERALIZEDTIME even for certificates which store it as UTCTIME
         internally.
         """
@@ -1229,8 +1232,8 @@
 
     def test_gmtime_adj_notBefore_wrong_args(self):
         """
-        L{X509Type.gmtime_adj_notBefore} raises L{TypeError} if called with the
-        wrong number of arguments or a non-C{int} argument.
+        :py:obj:`X509Type.gmtime_adj_notBefore` raises :py:obj:`TypeError` if called with the
+        wrong number of arguments or a non-:py:obj:`int` argument.
         """
         cert = X509()
         self.assertRaises(TypeError, cert.gmtime_adj_notBefore)
@@ -1240,7 +1243,7 @@
 
     def test_gmtime_adj_notBefore(self):
         """
-        L{X509Type.gmtime_adj_notBefore} changes the not-before timestamp to be
+        :py:obj:`X509Type.gmtime_adj_notBefore` changes the not-before timestamp to be
         the current time plus the number of seconds passed in.
         """
         cert = load_certificate(FILETYPE_PEM, self.pemData)
@@ -1251,8 +1254,8 @@
 
     def test_gmtime_adj_notAfter_wrong_args(self):
         """
-        L{X509Type.gmtime_adj_notAfter} raises L{TypeError} if called with the
-        wrong number of arguments or a non-C{int} argument.
+        :py:obj:`X509Type.gmtime_adj_notAfter` raises :py:obj:`TypeError` if called with the
+        wrong number of arguments or a non-:py:obj:`int` argument.
         """
         cert = X509()
         self.assertRaises(TypeError, cert.gmtime_adj_notAfter)
@@ -1262,7 +1265,7 @@
 
     def test_gmtime_adj_notAfter(self):
         """
-        L{X509Type.gmtime_adj_notAfter} changes the not-after timestamp to be
+        :py:obj:`X509Type.gmtime_adj_notAfter` changes the not-after timestamp to be
         the current time plus the number of seconds passed in.
         """
         cert = load_certificate(FILETYPE_PEM, self.pemData)
@@ -1273,7 +1276,7 @@
 
     def test_has_expired_wrong_args(self):
         """
-        L{X509Type.has_expired} raises L{TypeError} if called with any
+        :py:obj:`X509Type.has_expired` raises :py:obj:`TypeError` if called with any
         arguments.
         """
         cert = X509()
@@ -1282,7 +1285,7 @@
 
     def test_has_expired(self):
         """
-        L{X509Type.has_expired} returns C{True} if the certificate's not-after
+        :py:obj:`X509Type.has_expired` returns :py:obj:`True` if the certificate's not-after
         time is in the past.
         """
         cert = X509()
@@ -1292,7 +1295,7 @@
 
     def test_has_not_expired(self):
         """
-        L{X509Type.has_expired} returns C{False} if the certificate's not-after
+        :py:obj:`X509Type.has_expired` returns :py:obj:`False` if the certificate's not-after
         time is in the future.
         """
         cert = X509()
@@ -1302,7 +1305,7 @@
 
     def test_digest(self):
         """
-        L{X509.digest} returns a string giving ":"-separated hex-encoded words
+        :py:obj:`X509.digest` returns a string giving ":"-separated hex-encoded words
         of the digest of the certificate.
         """
         cert = X509()
@@ -1327,7 +1330,7 @@
 
     def test_extension_count(self):
         """
-        L{X509.get_extension_count} returns the number of extensions that are
+        :py:obj:`X509.get_extension_count` returns the number of extensions that are
         present in the certificate.
         """
         pkey = load_privatekey(FILETYPE_PEM, client_key_pem)
@@ -1351,7 +1354,7 @@
 
     def test_get_extension(self):
         """
-        L{X509.get_extension} takes an integer and returns an L{X509Extension}
+        :py:obj:`X509.get_extension` takes an integer and returns an :py:obj:`X509Extension`
         corresponding to the extension at that index.
         """
         pkey = load_privatekey(FILETYPE_PEM, client_key_pem)
@@ -1384,7 +1387,7 @@
 
     def test_invalid_digest_algorithm(self):
         """
-        L{X509.digest} raises L{ValueError} if called with an unrecognized hash
+        :py:obj:`X509.digest` raises :py:obj:`ValueError` if called with an unrecognized hash
         algorithm.
         """
         cert = X509()
@@ -1393,7 +1396,7 @@
 
     def test_get_subject_wrong_args(self):
         """
-        L{X509.get_subject} raises L{TypeError} if called with any arguments.
+        :py:obj:`X509.get_subject` raises :py:obj:`TypeError` if called with any arguments.
         """
         cert = X509()
         self.assertRaises(TypeError, cert.get_subject, None)
@@ -1401,7 +1404,7 @@
 
     def test_get_subject(self):
         """
-        L{X509.get_subject} returns an L{X509Name} instance.
+        :py:obj:`X509.get_subject` returns an :py:obj:`X509Name` instance.
         """
         cert = load_certificate(FILETYPE_PEM, self.pemData)
         subj = cert.get_subject()
@@ -1414,8 +1417,8 @@
 
     def test_set_subject_wrong_args(self):
         """
-        L{X509.set_subject} raises a L{TypeError} if called with the wrong
-        number of arguments or an argument not of type L{X509Name}.
+        :py:obj:`X509.set_subject` raises a :py:obj:`TypeError` if called with the wrong
+        number of arguments or an argument not of type :py:obj:`X509Name`.
         """
         cert = X509()
         self.assertRaises(TypeError, cert.set_subject)
@@ -1425,7 +1428,7 @@
 
     def test_set_subject(self):
         """
-        L{X509.set_subject} changes the subject of the certificate to the one
+        :py:obj:`X509.set_subject` changes the subject of the certificate to the one
         passed in.
         """
         cert = X509()
@@ -1440,7 +1443,7 @@
 
     def test_get_issuer_wrong_args(self):
         """
-        L{X509.get_issuer} raises L{TypeError} if called with any arguments.
+        :py:obj:`X509.get_issuer` raises :py:obj:`TypeError` if called with any arguments.
         """
         cert = X509()
         self.assertRaises(TypeError, cert.get_issuer, None)
@@ -1448,7 +1451,7 @@
 
     def test_get_issuer(self):
         """
-        L{X509.get_issuer} returns an L{X509Name} instance.
+        :py:obj:`X509.get_issuer` returns an :py:obj:`X509Name` instance.
         """
         cert = load_certificate(FILETYPE_PEM, self.pemData)
         subj = cert.get_issuer()
@@ -1462,8 +1465,8 @@
 
     def test_set_issuer_wrong_args(self):
         """
-        L{X509.set_issuer} raises a L{TypeError} if called with the wrong
-        number of arguments or an argument not of type L{X509Name}.
+        :py:obj:`X509.set_issuer` raises a :py:obj:`TypeError` if called with the wrong
+        number of arguments or an argument not of type :py:obj:`X509Name`.
         """
         cert = X509()
         self.assertRaises(TypeError, cert.set_issuer)
@@ -1473,7 +1476,7 @@
 
     def test_set_issuer(self):
         """
-        L{X509.set_issuer} changes the issuer of the certificate to the one
+        :py:obj:`X509.set_issuer` changes the issuer of the certificate to the one
         passed in.
         """
         cert = X509()
@@ -1488,8 +1491,8 @@
 
     def test_get_pubkey_uninitialized(self):
         """
-        When called on a certificate with no public key, L{X509.get_pubkey}
-        raises L{OpenSSL.crypto.Error}.
+        When called on a certificate with no public key, :py:obj:`X509.get_pubkey`
+        raises :py:obj:`OpenSSL.crypto.Error`.
         """
         cert = X509()
         self.assertRaises(Error, cert.get_pubkey)
@@ -1497,7 +1500,7 @@
 
     def test_subject_name_hash_wrong_args(self):
         """
-        L{X509.subject_name_hash} raises L{TypeError} if called with any
+        :py:obj:`X509.subject_name_hash` raises :py:obj:`TypeError` if called with any
         arguments.
         """
         cert = X509()
@@ -1506,7 +1509,7 @@
 
     def test_subject_name_hash(self):
         """
-        L{X509.subject_name_hash} returns the hash of the certificate's subject
+        :py:obj:`X509.subject_name_hash` returns the hash of the certificate's subject
         name.
         """
         cert = load_certificate(FILETYPE_PEM, self.pemData)
@@ -1519,7 +1522,7 @@
 
     def test_get_signature_algorithm(self):
         """
-        L{X509Type.get_signature_algorithm} returns a string which means
+        :py:obj:`X509Type.get_signature_algorithm` returns a string which means
         the algorithm used to sign the certificate.
         """
         cert = load_certificate(FILETYPE_PEM, self.pemData)
@@ -1529,7 +1532,7 @@
 
     def test_get_undefined_signature_algorithm(self):
         """
-        L{X509Type.get_signature_algorithm} raises L{ValueError} if the
+        :py:obj:`X509Type.get_signature_algorithm` raises :py:obj:`ValueError` if the
         signature algorithm is undefined or unknown.
         """
         # This certificate has been modified to indicate a bogus OID in the
@@ -1562,13 +1565,13 @@
 
 class PKCS12Tests(TestCase):
     """
-    Test for L{OpenSSL.crypto.PKCS12} and L{OpenSSL.crypto.load_pkcs12}.
+    Test for :py:obj:`OpenSSL.crypto.PKCS12` and :py:obj:`OpenSSL.crypto.load_pkcs12`.
     """
     pemData = cleartextCertificatePEM + cleartextPrivateKeyPEM
 
     def test_type(self):
         """
-        L{PKCS12Type} is a type object.
+        :py:obj:`PKCS12Type` is a type object.
         """
         self.assertIdentical(PKCS12, PKCS12Type)
         self.assertConsistentType(PKCS12, 'PKCS12')
@@ -1576,7 +1579,7 @@
 
     def test_empty_construction(self):
         """
-        L{PKCS12} returns a new instance of L{PKCS12} with no certificate,
+        :py:obj:`PKCS12` returns a new instance of :py:obj:`PKCS12` with no certificate,
         private key, CA certificates, or friendly name.
         """
         p12 = PKCS12()
@@ -1588,8 +1591,8 @@
 
     def test_type_errors(self):
         """
-        The L{PKCS12} setter functions (C{set_certificate}, C{set_privatekey},
-        C{set_ca_certificates}, and C{set_friendlyname}) raise L{TypeError}
+        The :py:obj:`PKCS12` setter functions (:py:obj:`set_certificate`, :py:obj:`set_privatekey`,
+        :py:obj:`set_ca_certificates`, and :py:obj:`set_friendlyname`) raise :py:obj:`TypeError`
         when passed objects of types other than those expected.
         """
         p12 = PKCS12()
@@ -1609,8 +1612,8 @@
 
     def test_key_only(self):
         """
-        A L{PKCS12} with only a private key can be exported using
-        L{PKCS12.export} and loaded again using L{load_pkcs12}.
+        A :py:obj:`PKCS12` with only a private key can be exported using
+        :py:obj:`PKCS12.export` and loaded again using :py:obj:`load_pkcs12`.
         """
         passwd = 'blah'
         p12 = PKCS12()
@@ -1636,8 +1639,8 @@
 
     def test_cert_only(self):
         """
-        A L{PKCS12} with only a certificate can be exported using
-        L{PKCS12.export} and loaded again using L{load_pkcs12}.
+        A :py:obj:`PKCS12` with only a certificate can be exported using
+        :py:obj:`PKCS12.export` and loaded again using :py:obj:`load_pkcs12`.
         """
         passwd = 'blah'
         p12 = PKCS12()
@@ -1716,7 +1719,7 @@
     def test_load_pkcs12(self):
         """
         A PKCS12 string generated using the openssl command line can be loaded
-        with L{load_pkcs12} and its components extracted and examined.
+        with :py:obj:`load_pkcs12` and its components extracted and examined.
         """
         passwd = 'whatever'
         pem = client_key_pem + client_cert_pem
@@ -1734,7 +1737,7 @@
 
     def test_load_pkcs12_garbage(self):
         """
-        L{load_pkcs12} raises L{OpenSSL.crypto.Error} when passed a string
+        :py:obj:`load_pkcs12` raises :py:obj:`OpenSSL.crypto.Error` when passed a string
         which is not a PKCS12 dump.
         """
         passwd = 'whatever'
@@ -1745,9 +1748,9 @@
 
     def test_replace(self):
         """
-        L{PKCS12.set_certificate} replaces the certificate in a PKCS12 cluster.
-        L{PKCS12.set_privatekey} replaces the private key.
-        L{PKCS12.set_ca_certificates} replaces the CA certificates.
+        :py:obj:`PKCS12.set_certificate` replaces the certificate in a PKCS12 cluster.
+        :py:obj:`PKCS12.set_privatekey` replaces the private key.
+        :py:obj:`PKCS12.set_ca_certificates` replaces the CA certificates.
         """
         p12 = self.gen_pkcs12(client_cert_pem, client_key_pem, root_cert_pem)
         p12.set_certificate(load_certificate(FILETYPE_PEM, server_cert_pem))
@@ -1766,8 +1769,8 @@
     def test_friendly_name(self):
         """
         The I{friendlyName} of a PKCS12 can be set and retrieved via
-        L{PKCS12.get_friendlyname} and L{PKCS12_set_friendlyname}, and a
-        L{PKCS12} with a friendly name set can be dumped with L{PKCS12.export}.
+        :py:obj:`PKCS12.get_friendlyname` and :py:obj:`PKCS12_set_friendlyname`, and a
+        :py:obj:`PKCS12` with a friendly name set can be dumped with :py:obj:`PKCS12.export`.
         """
         passwd = 'Dogmeat[]{}!@#$%^&*()~`?/.,<>-_+=";:'
         p12 = self.gen_pkcs12(server_cert_pem, server_key_pem, root_cert_pem)
@@ -1805,7 +1808,7 @@
 
     def test_removing_ca_cert(self):
         """
-        Passing C{None} to L{PKCS12.set_ca_certificates} removes all CA
+        Passing :py:obj:`None` to :py:obj:`PKCS12.set_ca_certificates` removes all CA
         certificates.
         """
         p12 = self.gen_pkcs12(server_cert_pem, server_key_pem, root_cert_pem)
@@ -1815,7 +1818,7 @@
 
     def test_export_without_mac(self):
         """
-        Exporting a PKCS12 with a C{maciter} of C{-1} excludes the MAC
+        Exporting a PKCS12 with a :py:obj:`maciter` of C{-1} excludes the MAC
         entirely.
         """
         passwd = 'Lake Michigan'
@@ -1863,7 +1866,7 @@
 
     def test_export_without_args(self):
         """
-        All the arguments to L{PKCS12.export} are optional.
+        All the arguments to :py:obj:`PKCS12.export` are optional.
         """
         p12 = self.gen_pkcs12(server_cert_pem, server_key_pem, root_cert_pem)
         dumped_p12 = p12.export()  # no args
@@ -1873,7 +1876,7 @@
 
     def test_key_cert_mismatch(self):
         """
-        L{PKCS12.export} raises an exception when a key and certificate
+        :py:obj:`PKCS12.export` raises an exception when a key and certificate
         mismatch.
         """
         p12 = self.gen_pkcs12(server_cert_pem, client_key_pem, root_cert_pem)
@@ -1888,11 +1891,11 @@
     """
     Internal method for quoting a single command-line argument.
 
-    :type: C{str}
+    :type: :py:obj:`str`
     :param s: A single unquoted string to quote for something that is expecting
         cmd.exe-style quoting
 
-    :rtype: C{str}
+    :rtype: :py:obj:`str`
     :return: A cmd.exe-style quoted string
 
     @see: U{http://www.perlmonks.org/?node_id=764004}
@@ -1905,14 +1908,14 @@
 def quoteArguments(arguments):
     """
     Quote an iterable of command-line arguments for passing to CreateProcess or
-    a similar API.  This allows the list passed to C{reactor.spawnProcess} to
-    match the child process's C{sys.argv} properly.
+    a similar API.  This allows the list passed to :py:obj:`reactor.spawnProcess` to
+    match the child process's :py:obj:`sys.argv` properly.
 
-    :type arguments: C{iterable} of C{str}
+    :type arguments: :py:obj:`iterable` of :py:obj:`str`
     :param arguments: An iterable of unquoted arguments to quote
 
-    :rtype: C{str}
-    :return: A space-delimited string containing quoted versions of L{arguments}
+    :rtype: :py:obj:`str`
+    :return: A space-delimited string containing quoted versions of :py:obj:`arguments`
     """
     return ' '.join(map(cmdLineQuote, arguments))
 
@@ -1937,19 +1940,19 @@
 
 class FunctionTests(TestCase):
     """
-    Tests for free-functions in the L{OpenSSL.crypto} module.
+    Tests for free-functions in the :py:obj:`OpenSSL.crypto` module.
     """
 
     def test_load_privatekey_invalid_format(self):
         """
-        L{load_privatekey} raises L{ValueError} if passed an unknown filetype.
+        :py:obj:`load_privatekey` raises :py:obj:`ValueError` if passed an unknown filetype.
         """
         self.assertRaises(ValueError, load_privatekey, 100, root_key_pem)
 
 
     def test_load_privatekey_invalid_passphrase_type(self):
         """
-        L{load_privatekey} raises L{TypeError} if passed a passphrase that is
+        :py:obj:`load_privatekey` raises :py:obj:`TypeError` if passed a passphrase that is
         neither a c{str} nor a callable.
         """
         self.assertRaises(
@@ -1960,7 +1963,7 @@
 
     def test_load_privatekey_wrong_args(self):
         """
-        L{load_privatekey} raises L{TypeError} if called with the wrong number
+        :py:obj:`load_privatekey` raises :py:obj:`TypeError` if called with the wrong number
         of arguments.
         """
         self.assertRaises(TypeError, load_privatekey)
@@ -1968,7 +1971,7 @@
 
     def test_load_privatekey_wrongPassphrase(self):
         """
-        L{load_privatekey} raises L{OpenSSL.crypto.Error} when it is passed an
+        :py:obj:`load_privatekey` raises :py:obj:`OpenSSL.crypto.Error` when it is passed an
         encrypted PEM and an incorrect passphrase.
         """
         self.assertRaises(
@@ -1978,7 +1981,7 @@
 
     def test_load_privatekey_passphrase(self):
         """
-        L{load_privatekey} can create a L{PKey} object from an encrypted PEM
+        :py:obj:`load_privatekey` can create a :py:obj:`PKey` object from an encrypted PEM
         string if given the passphrase.
         """
         key = load_privatekey(
@@ -1989,7 +1992,7 @@
 
     def test_load_privatekey_wrongPassphraseCallback(self):
         """
-        L{load_privatekey} raises L{OpenSSL.crypto.Error} when it is passed an
+        :py:obj:`load_privatekey` raises :py:obj:`OpenSSL.crypto.Error` when it is passed an
         encrypted PEM and a passphrase callback which returns an incorrect
         passphrase.
         """
@@ -2005,7 +2008,7 @@
 
     def test_load_privatekey_passphraseCallback(self):
         """
-        L{load_privatekey} can create a L{PKey} object from an encrypted PEM
+        :py:obj:`load_privatekey` can create a :py:obj:`PKey` object from an encrypted PEM
         string if given a passphrase callback which returns the correct
         password.
         """
@@ -2021,7 +2024,7 @@
     def test_load_privatekey_passphrase_exception(self):
         """
         An exception raised by the passphrase callback passed to
-        L{load_privatekey} causes L{OpenSSL.crypto.Error} to be raised.
+        :py:obj:`load_privatekey` causes :py:obj:`OpenSSL.crypto.Error` to be raised.
 
         This isn't as nice as just letting the exception pass through.  The
         behavior might be changed to that eventually.
@@ -2036,7 +2039,7 @@
 
     def test_dump_privatekey_wrong_args(self):
         """
-        L{dump_privatekey} raises L{TypeError} if called with the wrong number
+        :py:obj:`dump_privatekey` raises :py:obj:`TypeError` if called with the wrong number
         of arguments.
         """
         self.assertRaises(TypeError, dump_privatekey)
@@ -2044,7 +2047,7 @@
 
     def test_dump_privatekey_unknown_cipher(self):
         """
-        L{dump_privatekey} raises L{ValueError} if called with an unrecognized
+        :py:obj:`dump_privatekey` raises :py:obj:`ValueError` if called with an unrecognized
         cipher name.
         """
         key = PKey()
@@ -2056,8 +2059,8 @@
 
     def test_dump_privatekey_invalid_passphrase_type(self):
         """
-        L{dump_privatekey} raises L{TypeError} if called with a passphrase which
-        is neither a C{str} nor a callable.
+        :py:obj:`dump_privatekey` raises :py:obj:`TypeError` if called with a passphrase which
+        is neither a :py:obj:`str` nor a callable.
         """
         key = PKey()
         key.generate_key(TYPE_RSA, 512)
@@ -2068,7 +2071,7 @@
 
     def test_dump_privatekey_invalid_filetype(self):
         """
-        L{dump_privatekey} raises L{ValueError} if called with an unrecognized
+        :py:obj:`dump_privatekey` raises :py:obj:`ValueError` if called with an unrecognized
         filetype.
         """
         key = PKey()
@@ -2078,7 +2081,7 @@
 
     def test_dump_privatekey_passphrase(self):
         """
-        L{dump_privatekey} writes an encrypted PEM when given a passphrase.
+        :py:obj:`dump_privatekey` writes an encrypted PEM when given a passphrase.
         """
         passphrase = b("foo")
         key = load_privatekey(FILETYPE_PEM, cleartextPrivateKeyPEM)
@@ -2092,7 +2095,7 @@
 
     def test_dump_certificate(self):
         """
-        L{dump_certificate} writes PEM, DER, and text.
+        :py:obj:`dump_certificate` writes PEM, DER, and text.
         """
         pemData = cleartextCertificatePEM + cleartextPrivateKeyPEM
         cert = load_certificate(FILETYPE_PEM, pemData)
@@ -2111,7 +2114,7 @@
 
     def test_dump_privatekey(self):
         """
-        L{dump_privatekey} writes a PEM, DER, and text.
+        :py:obj:`dump_privatekey` writes a PEM, DER, and text.
         """
         key = load_privatekey(FILETYPE_PEM, cleartextPrivateKeyPEM)
         self.assertTrue(key.check())
@@ -2131,7 +2134,7 @@
 
     def test_dump_certificate_request(self):
         """
-        L{dump_certificate_request} writes a PEM, DER, and text.
+        :py:obj:`dump_certificate_request` writes a PEM, DER, and text.
         """
         req = load_certificate_request(FILETYPE_PEM, cleartextCertificateRequestPEM)
         dumped_pem = dump_certificate_request(FILETYPE_PEM, req)
@@ -2150,7 +2153,7 @@
 
     def test_dump_privatekey_passphraseCallback(self):
         """
-        L{dump_privatekey} writes an encrypted PEM when given a callback which
+        :py:obj:`dump_privatekey` writes an encrypted PEM when given a callback which
         returns the correct passphrase.
         """
         passphrase = b("foo")
@@ -2170,8 +2173,8 @@
 
     def test_load_pkcs7_data(self):
         """
-        L{load_pkcs7_data} accepts a PKCS#7 string and returns an instance of
-        L{PKCS7Type}.
+        :py:obj:`load_pkcs7_data` accepts a PKCS#7 string and returns an instance of
+        :py:obj:`PKCS7Type`.
         """
         pkcs7 = load_pkcs7_data(FILETYPE_PEM, pkcs7Data)
         self.assertTrue(isinstance(pkcs7, PKCS7Type))
@@ -2180,11 +2183,11 @@
 
 class PKCS7Tests(TestCase):
     """
-    Tests for L{PKCS7Type}.
+    Tests for :py:obj:`PKCS7Type`.
     """
     def test_type(self):
         """
-        L{PKCS7Type} is a type object.
+        :py:obj:`PKCS7Type` is a type object.
         """
         self.assertTrue(isinstance(PKCS7Type, type))
         self.assertEqual(PKCS7Type.__name__, 'PKCS7')
@@ -2197,7 +2200,7 @@
 
     def test_type_is_signed_wrong_args(self):
         """
-        L{PKCS7Type.type_is_signed} raises L{TypeError} if called with any
+        :py:obj:`PKCS7Type.type_is_signed` raises :py:obj:`TypeError` if called with any
         arguments.
         """
         pkcs7 = load_pkcs7_data(FILETYPE_PEM, pkcs7Data)
@@ -2206,7 +2209,7 @@
 
     def test_type_is_signed(self):
         """
-        L{PKCS7Type.type_is_signed} returns C{True} if the PKCS7 object is of
+        :py:obj:`PKCS7Type.type_is_signed` returns :py:obj:`True` if the PKCS7 object is of
         the type I{signed}.
         """
         pkcs7 = load_pkcs7_data(FILETYPE_PEM, pkcs7Data)
@@ -2215,7 +2218,7 @@
 
     def test_type_is_enveloped_wrong_args(self):
         """
-        L{PKCS7Type.type_is_enveloped} raises L{TypeError} if called with any
+        :py:obj:`PKCS7Type.type_is_enveloped` raises :py:obj:`TypeError` if called with any
         arguments.
         """
         pkcs7 = load_pkcs7_data(FILETYPE_PEM, pkcs7Data)
@@ -2224,7 +2227,7 @@
 
     def test_type_is_enveloped(self):
         """
-        L{PKCS7Type.type_is_enveloped} returns C{False} if the PKCS7 object is
+        :py:obj:`PKCS7Type.type_is_enveloped` returns :py:obj:`False` if the PKCS7 object is
         not of the type I{enveloped}.
         """
         pkcs7 = load_pkcs7_data(FILETYPE_PEM, pkcs7Data)
@@ -2233,7 +2236,7 @@
 
     def test_type_is_signedAndEnveloped_wrong_args(self):
         """
-        L{PKCS7Type.type_is_signedAndEnveloped} raises L{TypeError} if called
+        :py:obj:`PKCS7Type.type_is_signedAndEnveloped` raises :py:obj:`TypeError` if called
         with any arguments.
         """
         pkcs7 = load_pkcs7_data(FILETYPE_PEM, pkcs7Data)
@@ -2242,7 +2245,7 @@
 
     def test_type_is_signedAndEnveloped(self):
         """
-        L{PKCS7Type.type_is_signedAndEnveloped} returns C{False} if the PKCS7
+        :py:obj:`PKCS7Type.type_is_signedAndEnveloped` returns :py:obj:`False` if the PKCS7
         object is not of the type I{signed and enveloped}.
         """
         pkcs7 = load_pkcs7_data(FILETYPE_PEM, pkcs7Data)
@@ -2251,7 +2254,7 @@
 
     def test_type_is_data(self):
         """
-        L{PKCS7Type.type_is_data} returns C{False} if the PKCS7 object is not of
+        :py:obj:`PKCS7Type.type_is_data` returns :py:obj:`False` if the PKCS7 object is not of
         the type data.
         """
         pkcs7 = load_pkcs7_data(FILETYPE_PEM, pkcs7Data)
@@ -2260,7 +2263,7 @@
 
     def test_type_is_data_wrong_args(self):
         """
-        L{PKCS7Type.type_is_data} raises L{TypeError} if called with any
+        :py:obj:`PKCS7Type.type_is_data` raises :py:obj:`TypeError` if called with any
         arguments.
         """
         pkcs7 = load_pkcs7_data(FILETYPE_PEM, pkcs7Data)
@@ -2269,7 +2272,7 @@
 
     def test_get_type_name_wrong_args(self):
         """
-        L{PKCS7Type.get_type_name} raises L{TypeError} if called with any
+        :py:obj:`PKCS7Type.get_type_name` raises :py:obj:`TypeError` if called with any
         arguments.
         """
         pkcs7 = load_pkcs7_data(FILETYPE_PEM, pkcs7Data)
@@ -2278,7 +2281,7 @@
 
     def test_get_type_name(self):
         """
-        L{PKCS7Type.get_type_name} returns a C{str} giving the type name.
+        :py:obj:`PKCS7Type.get_type_name` returns a :py:obj:`str` giving the type name.
         """
         pkcs7 = load_pkcs7_data(FILETYPE_PEM, pkcs7Data)
         self.assertEquals(pkcs7.get_type_name(), b('pkcs7-signedData'))
@@ -2287,7 +2290,7 @@
     def test_attribute(self):
         """
         If an attribute other than one of the methods tested here is accessed on
-        an instance of L{PKCS7Type}, L{AttributeError} is raised.
+        an instance of :py:obj:`PKCS7Type`, :py:obj:`AttributeError` is raised.
         """
         pkcs7 = load_pkcs7_data(FILETYPE_PEM, pkcs7Data)
         self.assertRaises(AttributeError, getattr, pkcs7, "foo")
@@ -2296,18 +2299,18 @@
 
 class NetscapeSPKITests(TestCase, _PKeyInteractionTestsMixin):
     """
-    Tests for L{OpenSSL.crypto.NetscapeSPKI}.
+    Tests for :py:obj:`OpenSSL.crypto.NetscapeSPKI`.
     """
     def signable(self):
         """
-        Return a new L{NetscapeSPKI} for use with signing tests.
+        Return a new :py:obj:`NetscapeSPKI` for use with signing tests.
         """
         return NetscapeSPKI()
 
 
     def test_type(self):
         """
-        L{NetscapeSPKI} and L{NetscapeSPKIType} refer to the same type object
+        :py:obj:`NetscapeSPKI` and :py:obj:`NetscapeSPKIType` refer to the same type object
         and can be used to create instances of that type.
         """
         self.assertIdentical(NetscapeSPKI, NetscapeSPKIType)
@@ -2316,7 +2319,7 @@
 
     def test_construction(self):
         """
-        L{NetscapeSPKI} returns an instance of L{NetscapeSPKIType}.
+        :py:obj:`NetscapeSPKI` returns an instance of :py:obj:`NetscapeSPKIType`.
         """
         nspki = NetscapeSPKI()
         self.assertTrue(isinstance(nspki, NetscapeSPKIType))
@@ -2324,8 +2327,8 @@
 
     def test_invalid_attribute(self):
         """
-        Accessing a non-existent attribute of a L{NetscapeSPKI} instance causes
-        an L{AttributeError} to be raised.
+        Accessing a non-existent attribute of a :py:obj:`NetscapeSPKI` instance causes
+        an :py:obj:`AttributeError` to be raised.
         """
         nspki = NetscapeSPKI()
         self.assertRaises(AttributeError, lambda: nspki.foo)
@@ -2333,7 +2336,7 @@
 
     def test_b64_encode(self):
         """
-        L{NetscapeSPKI.b64_encode} encodes the certificate to a base64 blob.
+        :py:obj:`NetscapeSPKI.b64_encode` encodes the certificate to a base64 blob.
         """
         nspki = NetscapeSPKI()
         blob = nspki.b64_encode()
@@ -2343,11 +2346,11 @@
 
 class RevokedTests(TestCase):
     """
-    Tests for L{OpenSSL.crypto.Revoked}
+    Tests for :py:obj:`OpenSSL.crypto.Revoked`
     """
     def test_construction(self):
         """
-        Confirm we can create L{OpenSSL.crypto.Revoked}.  Check
+        Confirm we can create :py:obj:`OpenSSL.crypto.Revoked`.  Check
         that it is empty.
         """
         revoked = Revoked()
@@ -2360,8 +2363,8 @@
 
     def test_construction_wrong_args(self):
         """
-        Calling L{OpenSSL.crypto.Revoked} with any arguments results
-        in a L{TypeError} being raised.
+        Calling :py:obj:`OpenSSL.crypto.Revoked` with any arguments results
+        in a :py:obj:`TypeError` being raised.
         """
         self.assertRaises(TypeError, Revoked, None)
         self.assertRaises(TypeError, Revoked, 1)
@@ -2371,7 +2374,7 @@
     def test_serial(self):
         """
         Confirm we can set and get serial numbers from
-        L{OpenSSL.crypto.Revoked}.  Confirm errors are handled
+        :py:obj:`OpenSSL.crypto.Revoked`.  Confirm errors are handled
         with grace.
         """
         revoked = Revoked()
@@ -2394,7 +2397,7 @@
     def test_date(self):
         """
         Confirm we can set and get revocation dates from
-        L{OpenSSL.crypto.Revoked}.  Confirm errors are handled
+        :py:obj:`OpenSSL.crypto.Revoked`.  Confirm errors are handled
         with grace.
         """
         revoked = Revoked()
@@ -2411,7 +2414,7 @@
     def test_reason(self):
         """
         Confirm we can set and get revocation reasons from
-        L{OpenSSL.crypto.Revoked}.  The "get" need to work
+        :py:obj:`OpenSSL.crypto.Revoked`.  The "get" need to work
         as "set".  Likewise, each reason of all_reasons() must work.
         """
         revoked = Revoked()
@@ -2431,9 +2434,9 @@
 
     def test_set_reason_wrong_arguments(self):
         """
-        Calling L{OpenSSL.crypto.Revoked.set_reason} with other than
+        Calling :py:obj:`OpenSSL.crypto.Revoked.set_reason` with other than
         one argument, or an argument which isn't a valid reason,
-        results in L{TypeError} or L{ValueError} being raised.
+        results in :py:obj:`TypeError` or :py:obj:`ValueError` being raised.
         """
         revoked = Revoked()
         self.assertRaises(TypeError, revoked.set_reason, 100)
@@ -2442,8 +2445,8 @@
 
     def test_get_reason_wrong_arguments(self):
         """
-        Calling L{OpenSSL.crypto.Revoked.get_reason} with any
-        arguments results in L{TypeError} being raised.
+        Calling :py:obj:`OpenSSL.crypto.Revoked.get_reason` with any
+        arguments results in :py:obj:`TypeError` being raised.
         """
         revoked = Revoked()
         self.assertRaises(TypeError, revoked.get_reason, None)
@@ -2454,14 +2457,14 @@
 
 class CRLTests(TestCase):
     """
-    Tests for L{OpenSSL.crypto.CRL}
+    Tests for :py:obj:`OpenSSL.crypto.CRL`
     """
     cert = load_certificate(FILETYPE_PEM, cleartextCertificatePEM)
     pkey = load_privatekey(FILETYPE_PEM, cleartextPrivateKeyPEM)
 
     def test_construction(self):
         """
-        Confirm we can create L{OpenSSL.crypto.CRL}.  Check
+        Confirm we can create :py:obj:`OpenSSL.crypto.CRL`.  Check
         that it is empty
         """
         crl = CRL()
@@ -2471,8 +2474,8 @@
 
     def test_construction_wrong_args(self):
         """
-        Calling L{OpenSSL.crypto.CRL} with any number of arguments
-        results in a L{TypeError} being raised.
+        Calling :py:obj:`OpenSSL.crypto.CRL` with any number of arguments
+        results in a :py:obj:`TypeError` being raised.
         """
         self.assertRaises(TypeError, CRL, 1)
         self.assertRaises(TypeError, CRL, "")
@@ -2514,7 +2517,7 @@
 
     def test_add_revoked_keyword(self):
         """
-        L{OpenSSL.CRL.add_revoked} accepts its single argument as the
+        :py:obj:`OpenSSL.CRL.add_revoked` accepts its single argument as the
         I{revoked} keyword argument.
         """
         crl = CRL()
@@ -2525,10 +2528,10 @@
 
     def test_export_wrong_args(self):
         """
-        Calling L{OpenSSL.CRL.export} with fewer than two or more than
+        Calling :py:obj:`OpenSSL.CRL.export` with fewer than two or more than
         four arguments, or with arguments other than the certificate,
         private key, integer file type, and integer number of days it
-        expects, results in a L{TypeError} being raised.
+        expects, results in a :py:obj:`TypeError` being raised.
         """
         crl = CRL()
         self.assertRaises(TypeError, crl.export)
@@ -2543,9 +2546,9 @@
 
     def test_export_unknown_filetype(self):
         """
-        Calling L{OpenSSL.CRL.export} with a file type other than
-        L{FILETYPE_PEM}, L{FILETYPE_ASN1}, or L{FILETYPE_TEXT} results
-        in a L{ValueError} being raised.
+        Calling :py:obj:`OpenSSL.CRL.export` with a file type other than
+        :py:obj:`FILETYPE_PEM`, :py:obj:`FILETYPE_ASN1`, or :py:obj:`FILETYPE_TEXT` results
+        in a :py:obj:`ValueError` being raised.
         """
         crl = CRL()
         self.assertRaises(ValueError, crl.export, self.cert, self.pkey, 100, 10)
@@ -2554,7 +2557,7 @@
     def test_get_revoked(self):
         """
         Use python to create a simple CRL with two revocations.
-        Get back the L{Revoked} using L{OpenSSL.CRL.get_revoked} and
+        Get back the :py:obj:`Revoked` using :py:obj:`OpenSSL.CRL.get_revoked` and
         verify them.
         """
         crl = CRL()
@@ -2580,8 +2583,8 @@
 
     def test_get_revoked_wrong_args(self):
         """
-        Calling L{OpenSSL.CRL.get_revoked} with any arguments results
-        in a L{TypeError} being raised.
+        Calling :py:obj:`OpenSSL.CRL.get_revoked` with any arguments results
+        in a :py:obj:`TypeError` being raised.
         """
         crl = CRL()
         self.assertRaises(TypeError, crl.get_revoked, None)
@@ -2592,8 +2595,8 @@
 
     def test_add_revoked_wrong_args(self):
         """
-        Calling L{OpenSSL.CRL.add_revoked} with other than one
-        argument results in a L{TypeError} being raised.
+        Calling :py:obj:`OpenSSL.CRL.add_revoked` with other than one
+        argument results in a :py:obj:`TypeError` being raised.
         """
         crl = CRL()
         self.assertRaises(TypeError, crl.add_revoked)
@@ -2626,8 +2629,8 @@
 
     def test_load_crl_wrong_args(self):
         """
-        Calling L{OpenSSL.crypto.load_crl} with other than two
-        arguments results in a L{TypeError} being raised.
+        Calling :py:obj:`OpenSSL.crypto.load_crl` with other than two
+        arguments results in a :py:obj:`TypeError` being raised.
         """
         self.assertRaises(TypeError, load_crl)
         self.assertRaises(TypeError, load_crl, FILETYPE_PEM)
@@ -2636,27 +2639,27 @@
 
     def test_load_crl_bad_filetype(self):
         """
-        Calling L{OpenSSL.crypto.load_crl} with an unknown file type
-        raises a L{ValueError}.
+        Calling :py:obj:`OpenSSL.crypto.load_crl` with an unknown file type
+        raises a :py:obj:`ValueError`.
         """
         self.assertRaises(ValueError, load_crl, 100, crlData)
 
 
     def test_load_crl_bad_data(self):
         """
-        Calling L{OpenSSL.crypto.load_crl} with file data which can't
-        be loaded raises a L{OpenSSL.crypto.Error}.
+        Calling :py:obj:`OpenSSL.crypto.load_crl` with file data which can't
+        be loaded raises a :py:obj:`OpenSSL.crypto.Error`.
         """
         self.assertRaises(Error, load_crl, FILETYPE_PEM, "hello, world")
 
 
 class SignVerifyTests(TestCase):
     """
-    Tests for L{OpenSSL.crypto.sign} and L{OpenSSL.crypto.verify}.
+    Tests for :py:obj:`OpenSSL.crypto.sign` and :py:obj:`OpenSSL.crypto.verify`.
     """
     def test_sign_verify(self):
         """
-        L{sign} generates a cryptographic signature which L{verify} can check.
+        :py:obj:`sign` generates a cryptographic signature which :py:obj:`verify` can check.
         """
         content = b(
             "It was a bright cold day in April, and the clocks were striking "
@@ -2697,7 +2700,7 @@
 
     def test_sign_nulls(self):
         """
-        L{sign} produces a signature for a string with embedded nulls.
+        :py:obj:`sign` produces a signature for a string with embedded nulls.
         """
         content = b("Watch out!  \0  Did you see it?")
         priv_key = load_privatekey(FILETYPE_PEM, root_key_pem)
diff --git a/OpenSSL/test/test_rand.py b/OpenSSL/test/test_rand.py
index 00fc6d1..cacd79c 100644
--- a/OpenSSL/test/test_rand.py
+++ b/OpenSSL/test/test_rand.py
@@ -2,7 +2,7 @@
 # See LICENSE for details.
 
 """
-Unit tests for L{OpenSSL.rand}.
+Unit tests for :py:obj:`OpenSSL.rand`.
 """
 
 from unittest import main
@@ -16,8 +16,8 @@
 class RandTests(TestCase):
     def test_bytes_wrong_args(self):
         """
-        L{OpenSSL.rand.bytes} raises L{TypeError} if called with the wrong
-        number of arguments or with a non-C{int} argument.
+        :py:obj:`OpenSSL.rand.bytes` raises :py:obj:`TypeError` if called with the wrong
+        number of arguments or with a non-:py:obj:`int` argument.
         """
         self.assertRaises(TypeError, rand.bytes)
         self.assertRaises(TypeError, rand.bytes, None)
@@ -44,7 +44,7 @@
     def test_add_wrong_args(self):
         """
         When called with the wrong number of arguments, or with arguments not of
-        type C{str} and C{int}, L{OpenSSL.rand.add} raises L{TypeError}.
+        type :py:obj:`str` and :py:obj:`int`, :py:obj:`OpenSSL.rand.add` raises :py:obj:`TypeError`.
         """
         self.assertRaises(TypeError, rand.add)
         self.assertRaises(TypeError, rand.add, b("foo"), None)
@@ -54,15 +54,15 @@
 
     def test_add(self):
         """
-        L{OpenSSL.rand.add} adds entropy to the PRNG.
+        :py:obj:`OpenSSL.rand.add` adds entropy to the PRNG.
         """
         rand.add(b('hamburger'), 3)
 
 
     def test_seed_wrong_args(self):
         """
-        When called with the wrong number of arguments, or with a non-C{str}
-        argument, L{OpenSSL.rand.seed} raises L{TypeError}.
+        When called with the wrong number of arguments, or with a non-:py:obj:`str`
+        argument, :py:obj:`OpenSSL.rand.seed` raises :py:obj:`TypeError`.
         """
         self.assertRaises(TypeError, rand.seed)
         self.assertRaises(TypeError, rand.seed, None)
@@ -71,14 +71,14 @@
 
     def test_seed(self):
         """
-        L{OpenSSL.rand.seed} adds entropy to the PRNG.
+        :py:obj:`OpenSSL.rand.seed` adds entropy to the PRNG.
         """
         rand.seed(b('milk shake'))
 
 
     def test_status_wrong_args(self):
         """
-        L{OpenSSL.rand.status} raises L{TypeError} when called with any
+        :py:obj:`OpenSSL.rand.status` raises :py:obj:`TypeError` when called with any
         arguments.
         """
         self.assertRaises(TypeError, rand.status, None)
@@ -86,8 +86,8 @@
 
     def test_status(self):
         """
-        L{OpenSSL.rand.status} returns C{True} if the PRNG has sufficient
-        entropy, C{False} otherwise.
+        :py:obj:`OpenSSL.rand.status` returns :py:obj:`True` if the PRNG has sufficient
+        entropy, :py:obj:`False` otherwise.
         """
         # It's hard to know what it is actually going to return.  Different
         # OpenSSL random engines decide differently whether they have enough
@@ -97,8 +97,8 @@
 
     def test_egd_wrong_args(self):
         """
-        L{OpenSSL.rand.egd} raises L{TypeError} when called with the wrong
-        number of arguments or with arguments not of type C{str} and C{int}.
+        :py:obj:`OpenSSL.rand.egd` raises :py:obj:`TypeError` when called with the wrong
+        number of arguments or with arguments not of type :py:obj:`str` and :py:obj:`int`.
         """
         self.assertRaises(TypeError, rand.egd)
         self.assertRaises(TypeError, rand.egd, None)
@@ -109,7 +109,7 @@
 
     def test_egd_missing(self):
         """
-        L{OpenSSL.rand.egd} returns C{0} or C{-1} if the EGD socket passed
+        :py:obj:`OpenSSL.rand.egd` returns :py:obj:`0` or C{-1} if the EGD socket passed
         to it does not exist.
         """
         result = rand.egd(self.mktemp())
@@ -121,7 +121,7 @@
 
     def test_cleanup_wrong_args(self):
         """
-        L{OpenSSL.rand.cleanup} raises L{TypeError} when called with any
+        :py:obj:`OpenSSL.rand.cleanup` raises :py:obj:`TypeError` when called with any
         arguments.
         """
         self.assertRaises(TypeError, rand.cleanup, None)
@@ -129,16 +129,16 @@
 
     def test_cleanup(self):
         """
-        L{OpenSSL.rand.cleanup} releases the memory used by the PRNG and returns
-        C{None}.
+        :py:obj:`OpenSSL.rand.cleanup` releases the memory used by the PRNG and returns
+        :py:obj:`None`.
         """
         self.assertIdentical(rand.cleanup(), None)
 
 
     def test_load_file_wrong_args(self):
         """
-        L{OpenSSL.rand.load_file} raises L{TypeError} when called the wrong
-        number of arguments or arguments not of type C{str} and C{int}.
+        :py:obj:`OpenSSL.rand.load_file` raises :py:obj:`TypeError` when called the wrong
+        number of arguments or arguments not of type :py:obj:`str` and :py:obj:`int`.
         """
         self.assertRaises(TypeError, rand.load_file)
         self.assertRaises(TypeError, rand.load_file, "foo", None)
@@ -148,8 +148,8 @@
 
     def test_write_file_wrong_args(self):
         """
-        L{OpenSSL.rand.write_file} raises L{TypeError} when called with the
-        wrong number of arguments or a non-C{str} argument.
+        :py:obj:`OpenSSL.rand.write_file` raises :py:obj:`TypeError` when called with the
+        wrong number of arguments or a non-:py:obj:`str` argument.
         """
         self.assertRaises(TypeError, rand.write_file)
         self.assertRaises(TypeError, rand.write_file, None)
diff --git a/OpenSSL/test/test_ssl.py b/OpenSSL/test/test_ssl.py
index f7ce67f..2ea3892 100644
--- a/OpenSSL/test/test_ssl.py
+++ b/OpenSSL/test/test_ssl.py
@@ -2,7 +2,7 @@
 # See LICENSE for details.
 
 """
-Unit tests for L{OpenSSL.SSL}.
+Unit tests for :py:obj:`OpenSSL.SSL`.
 """
 
 from gc import collect
@@ -192,10 +192,10 @@
 
     def _interactInMemory(self, client_conn, server_conn):
         """
-        Try to read application bytes from each of the two L{Connection}
+        Try to read application bytes from each of the two :py:obj:`Connection`
         objects.  Copy bytes back and forth between their send/receive buffers
         for as long as there is anything to copy.  When there is nothing more
-        to copy, return C{None}.  If one of them actually manages to deliver
+        to copy, return :py:obj:`None`.  If one of them actually manages to deliver
         some application bytes, return a two-tuple of the connection from which
         the bytes were read and the bytes themselves.
         """
@@ -241,12 +241,12 @@
 class VersionTests(TestCase):
     """
     Tests for version information exposed by
-    L{OpenSSL.SSL.SSLeay_version} and
-    L{OpenSSL.SSL.OPENSSL_VERSION_NUMBER}.
+    :py:obj:`OpenSSL.SSL.SSLeay_version` and
+    :py:obj:`OpenSSL.SSL.OPENSSL_VERSION_NUMBER`.
     """
     def test_OPENSSL_VERSION_NUMBER(self):
         """
-        L{OPENSSL_VERSION_NUMBER} is an integer with status in the low
+        :py:obj:`OPENSSL_VERSION_NUMBER` is an integer with status in the low
         byte and the patch, fix, minor, and major versions in the
         nibbles above that.
         """
@@ -255,7 +255,7 @@
 
     def test_SSLeay_version(self):
         """
-        L{SSLeay_version} takes a version type indicator and returns
+        :py:obj:`SSLeay_version` takes a version type indicator and returns
         one of a number of version strings based on that indicator.
         """
         versions = {}
@@ -270,12 +270,12 @@
 
 class ContextTests(TestCase, _LoopbackMixin):
     """
-    Unit tests for L{OpenSSL.SSL.Context}.
+    Unit tests for :py:obj:`OpenSSL.SSL.Context`.
     """
     def test_method(self):
         """
-        L{Context} can be instantiated with one of L{SSLv2_METHOD},
-        L{SSLv3_METHOD}, L{SSLv23_METHOD}, or L{TLSv1_METHOD}.
+        :py:obj:`Context` can be instantiated with one of :py:obj:`SSLv2_METHOD`,
+        :py:obj:`SSLv3_METHOD`, :py:obj:`SSLv23_METHOD`, or :py:obj:`TLSv1_METHOD`.
         """
         for meth in [SSLv3_METHOD, SSLv23_METHOD, TLSv1_METHOD]:
             Context(meth)
@@ -293,7 +293,7 @@
 
     def test_type(self):
         """
-        L{Context} and L{ContextType} refer to the same type object and can be
+        :py:obj:`Context` and :py:obj:`ContextType` refer to the same type object and can be
         used to create instances of that type.
         """
         self.assertIdentical(Context, ContextType)
@@ -302,7 +302,7 @@
 
     def test_use_privatekey(self):
         """
-        L{Context.use_privatekey} takes an L{OpenSSL.crypto.PKey} instance.
+        :py:obj:`Context.use_privatekey` takes an :py:obj:`OpenSSL.crypto.PKey` instance.
         """
         key = PKey()
         key.generate_key(TYPE_RSA, 128)
@@ -313,7 +313,7 @@
 
     def test_set_app_data_wrong_args(self):
         """
-        L{Context.set_app_data} raises L{TypeError} if called with other than
+        :py:obj:`Context.set_app_data` raises :py:obj:`TypeError` if called with other than
         one argument.
         """
         context = Context(TLSv1_METHOD)
@@ -323,7 +323,7 @@
 
     def test_get_app_data_wrong_args(self):
         """
-        L{Context.get_app_data} raises L{TypeError} if called with any
+        :py:obj:`Context.get_app_data` raises :py:obj:`TypeError` if called with any
         arguments.
         """
         context = Context(TLSv1_METHOD)
@@ -332,8 +332,8 @@
 
     def test_app_data(self):
         """
-        L{Context.set_app_data} stores an object for later retrieval using
-        L{Context.get_app_data}.
+        :py:obj:`Context.set_app_data` stores an object for later retrieval using
+        :py:obj:`Context.get_app_data`.
         """
         app_data = object()
         context = Context(TLSv1_METHOD)
@@ -343,8 +343,8 @@
 
     def test_set_options_wrong_args(self):
         """
-        L{Context.set_options} raises L{TypeError} if called with the wrong
-        number of arguments or a non-C{int} argument.
+        :py:obj:`Context.set_options` raises :py:obj:`TypeError` if called with the wrong
+        number of arguments or a non-:py:obj:`int` argument.
         """
         context = Context(TLSv1_METHOD)
         self.assertRaises(TypeError, context.set_options)
@@ -354,8 +354,8 @@
 
     def test_set_timeout_wrong_args(self):
         """
-        L{Context.set_timeout} raises L{TypeError} if called with the wrong
-        number of arguments or a non-C{int} argument.
+        :py:obj:`Context.set_timeout` raises :py:obj:`TypeError` if called with the wrong
+        number of arguments or a non-:py:obj:`int` argument.
         """
         context = Context(TLSv1_METHOD)
         self.assertRaises(TypeError, context.set_timeout)
@@ -365,7 +365,7 @@
 
     def test_get_timeout_wrong_args(self):
         """
-        L{Context.get_timeout} raises L{TypeError} if called with any arguments.
+        :py:obj:`Context.get_timeout` raises :py:obj:`TypeError` if called with any arguments.
         """
         context = Context(TLSv1_METHOD)
         self.assertRaises(TypeError, context.get_timeout, None)
@@ -373,8 +373,8 @@
 
     def test_timeout(self):
         """
-        L{Context.set_timeout} sets the session timeout for all connections
-        created using the context object.  L{Context.get_timeout} retrieves this
+        :py:obj:`Context.set_timeout` sets the session timeout for all connections
+        created using the context object.  :py:obj:`Context.get_timeout` retrieves this
         value.
         """
         context = Context(TLSv1_METHOD)
@@ -384,8 +384,8 @@
 
     def test_set_verify_depth_wrong_args(self):
         """
-        L{Context.set_verify_depth} raises L{TypeError} if called with the wrong
-        number of arguments or a non-C{int} argument.
+        :py:obj:`Context.set_verify_depth` raises :py:obj:`TypeError` if called with the wrong
+        number of arguments or a non-:py:obj:`int` argument.
         """
         context = Context(TLSv1_METHOD)
         self.assertRaises(TypeError, context.set_verify_depth)
@@ -395,7 +395,7 @@
 
     def test_get_verify_depth_wrong_args(self):
         """
-        L{Context.get_verify_depth} raises L{TypeError} if called with any arguments.
+        :py:obj:`Context.get_verify_depth` raises :py:obj:`TypeError` if called with any arguments.
         """
         context = Context(TLSv1_METHOD)
         self.assertRaises(TypeError, context.get_verify_depth, None)
@@ -403,9 +403,9 @@
 
     def test_verify_depth(self):
         """
-        L{Context.set_verify_depth} sets the number of certificates in a chain
+        :py:obj:`Context.set_verify_depth` sets the number of certificates in a chain
         to follow before giving up.  The value can be retrieved with
-        L{Context.get_verify_depth}.
+        :py:obj:`Context.get_verify_depth`.
         """
         context = Context(TLSv1_METHOD)
         context.set_verify_depth(11)
@@ -429,7 +429,7 @@
 
     def test_set_passwd_cb_wrong_args(self):
         """
-        L{Context.set_passwd_cb} raises L{TypeError} if called with the
+        :py:obj:`Context.set_passwd_cb` raises :py:obj:`TypeError` if called with the
         wrong arguments or with a non-callable first argument.
         """
         context = Context(TLSv1_METHOD)
@@ -440,7 +440,7 @@
 
     def test_set_passwd_cb(self):
         """
-        L{Context.set_passwd_cb} accepts a callable which will be invoked when
+        :py:obj:`Context.set_passwd_cb` accepts a callable which will be invoked when
         a private key is loaded from an encrypted PEM.
         """
         passphrase = b("foobar")
@@ -460,7 +460,7 @@
 
     def test_passwd_callback_exception(self):
         """
-        L{Context.use_privatekey_file} propagates any exception raised by the
+        :py:obj:`Context.use_privatekey_file` propagates any exception raised by the
         passphrase callback.
         """
         pemFile = self._write_encrypted_pem(b("monkeys are nice"))
@@ -474,7 +474,7 @@
 
     def test_passwd_callback_false(self):
         """
-        L{Context.use_privatekey_file} raises L{OpenSSL.SSL.Error} if the
+        :py:obj:`Context.use_privatekey_file` raises :py:obj:`OpenSSL.SSL.Error` if the
         passphrase callback returns a false value.
         """
         pemFile = self._write_encrypted_pem(b("monkeys are nice"))
@@ -488,7 +488,7 @@
 
     def test_passwd_callback_non_string(self):
         """
-        L{Context.use_privatekey_file} raises L{OpenSSL.SSL.Error} if the
+        :py:obj:`Context.use_privatekey_file` raises :py:obj:`OpenSSL.SSL.Error` if the
         passphrase callback returns a true non-string value.
         """
         pemFile = self._write_encrypted_pem(b("monkeys are nice"))
@@ -521,7 +521,7 @@
 
     def test_set_info_callback(self):
         """
-        L{Context.set_info_callback} accepts a callable which will be invoked
+        :py:obj:`Context.set_info_callback` accepts a callable which will be invoked
         when certain information about an SSL connection is available.
         """
         (server, client) = socket_pair()
@@ -556,7 +556,7 @@
     def _load_verify_locations_test(self, *args):
         """
         Create a client context which will verify the peer certificate and call
-        its C{load_verify_locations} method with C{*args}.  Then connect it to a
+        its :py:obj:`load_verify_locations` method with C{*args}.  Then connect it to a
         server and ensure that the handshake succeeds.
         """
         (server, client) = socket_pair()
@@ -593,7 +593,7 @@
 
     def test_load_verify_file(self):
         """
-        L{Context.load_verify_locations} accepts a file name and uses the
+        :py:obj:`Context.load_verify_locations` accepts a file name and uses the
         certificates within for verification purposes.
         """
         cafile = self.mktemp()
@@ -606,7 +606,7 @@
 
     def test_load_verify_invalid_file(self):
         """
-        L{Context.load_verify_locations} raises L{Error} when passed a
+        :py:obj:`Context.load_verify_locations` raises :py:obj:`Error` when passed a
         non-existent cafile.
         """
         clientContext = Context(TLSv1_METHOD)
@@ -616,7 +616,7 @@
 
     def test_load_verify_directory(self):
         """
-        L{Context.load_verify_locations} accepts a directory name and uses
+        :py:obj:`Context.load_verify_locations` accepts a directory name and uses
         the certificates within for verification purposes.
         """
         capath = self.mktemp()
@@ -635,8 +635,8 @@
 
     def test_load_verify_locations_wrong_args(self):
         """
-        L{Context.load_verify_locations} raises L{TypeError} if called with
-        the wrong number of arguments or with non-C{str} arguments.
+        :py:obj:`Context.load_verify_locations` raises :py:obj:`TypeError` if called with
+        the wrong number of arguments or with non-:py:obj:`str` arguments.
         """
         context = Context(TLSv1_METHOD)
         self.assertRaises(TypeError, context.load_verify_locations)
@@ -651,7 +651,7 @@
     else:
         def test_set_default_verify_paths(self):
             """
-            L{Context.set_default_verify_paths} causes the platform-specific CA
+            :py:obj:`Context.set_default_verify_paths` causes the platform-specific CA
             certificate locations to be used for verification purposes.
             """
             # Testing this requires a server with a certificate signed by one of
@@ -680,8 +680,8 @@
 
     def test_set_default_verify_paths_signature(self):
         """
-        L{Context.set_default_verify_paths} takes no arguments and raises
-        L{TypeError} if given any.
+        :py:obj:`Context.set_default_verify_paths` takes no arguments and raises
+        :py:obj:`TypeError` if given any.
         """
         context = Context(TLSv1_METHOD)
         self.assertRaises(TypeError, context.set_default_verify_paths, None)
@@ -691,9 +691,9 @@
 
     def test_add_extra_chain_cert_invalid_cert(self):
         """
-        L{Context.add_extra_chain_cert} raises L{TypeError} if called with
+        :py:obj:`Context.add_extra_chain_cert` raises :py:obj:`TypeError` if called with
         other than one argument or if called with an object which is not an
-        instance of L{X509}.
+        instance of :py:obj:`X509`.
         """
         context = Context(TLSv1_METHOD)
         self.assertRaises(TypeError, context.add_extra_chain_cert)
@@ -726,10 +726,10 @@
 
     def test_add_extra_chain_cert(self):
         """
-        L{Context.add_extra_chain_cert} accepts an L{X509} instance to add to
+        :py:obj:`Context.add_extra_chain_cert` accepts an :py:obj:`X509` instance to add to
         the certificate chain.
 
-        See L{_create_certificate_chain} for the details of the certificate
+        See :py:obj:`_create_certificate_chain` for the details of the certificate
         chain tested.
 
         The chain is tested by starting a server with scert and connecting
@@ -770,7 +770,7 @@
 
     def test_use_certificate_chain_file(self):
         """
-        L{Context.use_certificate_chain_file} reads a certificate chain from
+        :py:obj:`Context.use_certificate_chain_file` reads a certificate chain from
         the specified file.
 
         The chain is tested by starting a server with scert and connecting
@@ -809,7 +809,7 @@
 
     def test_get_verify_mode_wrong_args(self):
         """
-        L{Context.get_verify_mode} raises L{TypeError} if called with any
+        :py:obj:`Context.get_verify_mode` raises :py:obj:`TypeError` if called with any
         arguments.
         """
         context = Context(TLSv1_METHOD)
@@ -818,8 +818,8 @@
 
     def test_get_verify_mode(self):
         """
-        L{Context.get_verify_mode} returns the verify mode flags previously
-        passed to L{Context.set_verify}.
+        :py:obj:`Context.get_verify_mode` returns the verify mode flags previously
+        passed to :py:obj:`Context.set_verify`.
         """
         context = Context(TLSv1_METHOD)
         self.assertEquals(context.get_verify_mode(), 0)
@@ -831,8 +831,8 @@
 
     def test_load_tmp_dh_wrong_args(self):
         """
-        L{Context.load_tmp_dh} raises L{TypeError} if called with the wrong
-        number of arguments or with a non-C{str} argument.
+        :py:obj:`Context.load_tmp_dh` raises :py:obj:`TypeError` if called with the wrong
+        number of arguments or with a non-:py:obj:`str` argument.
         """
         context = Context(TLSv1_METHOD)
         self.assertRaises(TypeError, context.load_tmp_dh)
@@ -842,7 +842,7 @@
 
     def test_load_tmp_dh_missing_file(self):
         """
-        L{Context.load_tmp_dh} raises L{OpenSSL.SSL.Error} if the specified file
+        :py:obj:`Context.load_tmp_dh` raises :py:obj:`OpenSSL.SSL.Error` if the specified file
         does not exist.
         """
         context = Context(TLSv1_METHOD)
@@ -851,7 +851,7 @@
 
     def test_load_tmp_dh(self):
         """
-        L{Context.load_tmp_dh} loads Diffie-Hellman parameters from the
+        :py:obj:`Context.load_tmp_dh` loads Diffie-Hellman parameters from the
         specified file.
         """
         context = Context(TLSv1_METHOD)
@@ -865,7 +865,7 @@
 
     def test_set_cipher_list(self):
         """
-        L{Context.set_cipher_list} accepts a C{str} naming the ciphers which
+        :py:obj:`Context.set_cipher_list` accepts a :py:obj:`str` naming the ciphers which
         connections created with the context object will be able to choose from.
         """
         context = Context(TLSv1_METHOD)
@@ -877,12 +877,12 @@
 
 class ServerNameCallbackTests(TestCase, _LoopbackMixin):
     """
-    Tests for L{Context.set_tlsext_servername_callback} and its interaction with
-    L{Connection}.
+    Tests for :py:obj:`Context.set_tlsext_servername_callback` and its interaction with
+    :py:obj:`Connection`.
     """
     def test_wrong_args(self):
         """
-        L{Context.set_tlsext_servername_callback} raises L{TypeError} if called
+        :py:obj:`Context.set_tlsext_servername_callback` raises :py:obj:`TypeError` if called
         with other than one argument.
         """
         context = Context(TLSv1_METHOD)
@@ -892,7 +892,7 @@
 
     def test_old_callback_forgotten(self):
         """
-        If L{Context.set_tlsext_servername_callback} is used to specify a new
+        If :py:obj:`Context.set_tlsext_servername_callback` is used to specify a new
         callback, the one it replaces is dereferenced.
         """
         def callback(connection):
@@ -915,8 +915,8 @@
     def test_no_servername(self):
         """
         When a client specifies no server name, the callback passed to
-        L{Context.set_tlsext_servername_callback} is invoked and the result of
-        L{Connection.get_servername} is C{None}.
+        :py:obj:`Context.set_tlsext_servername_callback` is invoked and the result of
+        :py:obj:`Connection.get_servername` is :py:obj:`None`.
         """
         args = []
         def servername(conn):
@@ -948,8 +948,8 @@
     def test_servername(self):
         """
         When a client specifies a server name in its hello message, the callback
-        passed to L{Contexts.set_tlsext_servername_callback} is invoked and the
-        result of L{Connection.get_servername} is that server name.
+        passed to :py:obj:`Contexts.set_tlsext_servername_callback` is invoked and the
+        result of :py:obj:`Connection.get_servername` is that server name.
         """
         args = []
         def servername(conn):
@@ -977,7 +977,7 @@
 
 class ConnectionTests(TestCase, _LoopbackMixin):
     """
-    Unit tests for L{OpenSSL.SSL.Connection}.
+    Unit tests for :py:obj:`OpenSSL.SSL.Connection`.
     """
     # XXX want_write
     # XXX want_read
@@ -999,7 +999,7 @@
 
     def test_type(self):
         """
-        L{Connection} and L{ConnectionType} refer to the same type object and
+        :py:obj:`Connection` and :py:obj:`ConnectionType` refer to the same type object and
         can be used to create instances of that type.
         """
         self.assertIdentical(Connection, ConnectionType)
@@ -1009,8 +1009,8 @@
 
     def test_get_context(self):
         """
-        L{Connection.get_context} returns the L{Context} instance used to
-        construct the L{Connection} instance.
+        :py:obj:`Connection.get_context` returns the :py:obj:`Context` instance used to
+        construct the :py:obj:`Connection` instance.
         """
         context = Context(TLSv1_METHOD)
         connection = Connection(context, None)
@@ -1019,7 +1019,7 @@
 
     def test_get_context_wrong_args(self):
         """
-        L{Connection.get_context} raises L{TypeError} if called with any
+        :py:obj:`Connection.get_context` raises :py:obj:`TypeError` if called with any
         arguments.
         """
         connection = Connection(Context(TLSv1_METHOD), None)
@@ -1028,8 +1028,8 @@
 
     def test_set_context_wrong_args(self):
         """
-        L{Connection.set_context} raises L{TypeError} if called with a
-        non-L{Context} instance argument or with any number of arguments other
+        :py:obj:`Connection.set_context` raises :py:obj:`TypeError` if called with a
+        non-:py:obj:`Context` instance argument or with any number of arguments other
         than 1.
         """
         ctx = Context(TLSv1_METHOD)
@@ -1046,7 +1046,7 @@
 
     def test_set_context(self):
         """
-        L{Connection.set_context} specifies a new L{Context} instance to be used
+        :py:obj:`Connection.set_context` specifies a new :py:obj:`Context` instance to be used
         for the connection.
         """
         original = Context(SSLv23_METHOD)
@@ -1062,9 +1062,9 @@
 
     def test_set_tlsext_host_name_wrong_args(self):
         """
-        If L{Connection.set_tlsext_host_name} is called with a non-byte string
+        If :py:obj:`Connection.set_tlsext_host_name` is called with a non-byte string
         argument or a byte string with an embedded NUL or other than one
-        argument, L{TypeError} is raised.
+        argument, :py:obj:`TypeError` is raised.
         """
         conn = Connection(Context(TLSv1_METHOD), None)
         self.assertRaises(TypeError, conn.set_tlsext_host_name)
@@ -1082,7 +1082,7 @@
 
     def test_get_servername_wrong_args(self):
         """
-        L{Connection.get_servername} raises L{TypeError} if called with any
+        :py:obj:`Connection.get_servername` raises :py:obj:`TypeError` if called with any
         arguments.
         """
         connection = Connection(Context(TLSv1_METHOD), None)
@@ -1093,7 +1093,7 @@
 
     def test_pending(self):
         """
-        L{Connection.pending} returns the number of bytes available for
+        :py:obj:`Connection.pending` returns the number of bytes available for
         immediate read.
         """
         connection = Connection(Context(TLSv1_METHOD), None)
@@ -1102,7 +1102,7 @@
 
     def test_pending_wrong_args(self):
         """
-        L{Connection.pending} raises L{TypeError} if called with any arguments.
+        :py:obj:`Connection.pending` raises :py:obj:`TypeError` if called with any arguments.
         """
         connection = Connection(Context(TLSv1_METHOD), None)
         self.assertRaises(TypeError, connection.pending, None)
@@ -1110,7 +1110,7 @@
 
     def test_connect_wrong_args(self):
         """
-        L{Connection.connect} raises L{TypeError} if called with a non-address
+        :py:obj:`Connection.connect` raises :py:obj:`TypeError` if called with a non-address
         argument or with the wrong number of arguments.
         """
         connection = Connection(Context(TLSv1_METHOD), socket())
@@ -1121,7 +1121,7 @@
 
     def test_connect_refused(self):
         """
-        L{Connection.connect} raises L{socket.error} if the underlying socket
+        :py:obj:`Connection.connect` raises :py:obj:`socket.error` if the underlying socket
         connect method raises it.
         """
         client = socket()
@@ -1133,7 +1133,7 @@
 
     def test_connect(self):
         """
-        L{Connection.connect} establishes a connection to the specified address.
+        :py:obj:`Connection.connect` establishes a connection to the specified address.
         """
         port = socket()
         port.bind(('', 0))
@@ -1149,7 +1149,7 @@
     else:
         def test_connect_ex(self):
             """
-            If there is a connection error, L{Connection.connect_ex} returns the
+            If there is a connection error, :py:obj:`Connection.connect_ex` returns the
             errno instead of raising an exception.
             """
             port = socket()
@@ -1166,7 +1166,7 @@
 
     def test_accept_wrong_args(self):
         """
-        L{Connection.accept} raises L{TypeError} if called with any arguments.
+        :py:obj:`Connection.accept` raises :py:obj:`TypeError` if called with any arguments.
         """
         connection = Connection(Context(TLSv1_METHOD), socket())
         self.assertRaises(TypeError, connection.accept, None)
@@ -1174,8 +1174,8 @@
 
     def test_accept(self):
         """
-        L{Connection.accept} accepts a pending connection attempt and returns a
-        tuple of a new L{Connection} (the accepted client) and the address the
+        :py:obj:`Connection.accept` accepts a pending connection attempt and returns a
+        tuple of a new :py:obj:`Connection` (the accepted client) and the address the
         connection originated from.
         """
         ctx = Context(TLSv1_METHOD)
@@ -1201,7 +1201,7 @@
 
     def test_shutdown_wrong_args(self):
         """
-        L{Connection.shutdown} raises L{TypeError} if called with the wrong
+        :py:obj:`Connection.shutdown` raises :py:obj:`TypeError` if called with the wrong
         number of arguments or with arguments other than integers.
         """
         connection = Connection(Context(TLSv1_METHOD), None)
@@ -1214,7 +1214,7 @@
 
     def test_shutdown(self):
         """
-        L{Connection.shutdown} performs an SSL-level connection shutdown.
+        :py:obj:`Connection.shutdown` performs an SSL-level connection shutdown.
         """
         server, client = self._loopback()
         self.assertFalse(server.shutdown())
@@ -1229,7 +1229,7 @@
 
     def test_set_shutdown(self):
         """
-        L{Connection.set_shutdown} sets the state of the SSL connection shutdown
+        :py:obj:`Connection.set_shutdown` sets the state of the SSL connection shutdown
         process.
         """
         connection = Connection(Context(TLSv1_METHOD), socket())
@@ -1239,8 +1239,8 @@
 
     def test_app_data_wrong_args(self):
         """
-        L{Connection.set_app_data} raises L{TypeError} if called with other than
-        one argument.  L{Connection.get_app_data} raises L{TypeError} if called
+        :py:obj:`Connection.set_app_data` raises :py:obj:`TypeError` if called with other than
+        one argument.  :py:obj:`Connection.get_app_data` raises :py:obj:`TypeError` if called
         with any arguments.
         """
         conn = Connection(Context(TLSv1_METHOD), None)
@@ -1252,8 +1252,8 @@
     def test_app_data(self):
         """
         Any object can be set as app data by passing it to
-        L{Connection.set_app_data} and later retrieved with
-        L{Connection.get_app_data}.
+        :py:obj:`Connection.set_app_data` and later retrieved with
+        :py:obj:`Connection.get_app_data`.
         """
         conn = Connection(Context(TLSv1_METHOD), None)
         app_data = object()
@@ -1263,8 +1263,8 @@
 
     def test_makefile(self):
         """
-        L{Connection.makefile} is not implemented and calling that method raises
-        L{NotImplementedError}.
+        :py:obj:`Connection.makefile` is not implemented and calling that method raises
+        :py:obj:`NotImplementedError`.
         """
         conn = Connection(Context(TLSv1_METHOD), None)
         self.assertRaises(NotImplementedError, conn.makefile)
@@ -1272,7 +1272,7 @@
 
     def test_get_peer_cert_chain_wrong_args(self):
         """
-        L{Connection.get_peer_cert_chain} raises L{TypeError} if called with any
+        :py:obj:`Connection.get_peer_cert_chain` raises :py:obj:`TypeError` if called with any
         arguments.
         """
         conn = Connection(Context(TLSv1_METHOD), None)
@@ -1284,7 +1284,7 @@
 
     def test_get_peer_cert_chain(self):
         """
-        L{Connection.get_peer_cert_chain} returns a list of certificates which
+        :py:obj:`Connection.get_peer_cert_chain` returns a list of certificates which
         the connected server returned for the certification verification.
         """
         chain = _create_certificate_chain()
@@ -1318,7 +1318,7 @@
 
     def test_get_peer_cert_chain_none(self):
         """
-        L{Connection.get_peer_cert_chain} returns C{None} if the peer sends no
+        :py:obj:`Connection.get_peer_cert_chain` returns :py:obj:`None` if the peer sends no
         certificate chain.
         """
         ctx = Context(TLSv1_METHOD)
@@ -1335,11 +1335,11 @@
 
 class ConnectionGetCipherListTests(TestCase):
     """
-    Tests for L{Connection.get_cipher_list}.
+    Tests for :py:obj:`Connection.get_cipher_list`.
     """
     def test_wrong_args(self):
         """
-        L{Connection.get_cipher_list} raises L{TypeError} if called with any
+        :py:obj:`Connection.get_cipher_list` raises :py:obj:`TypeError` if called with any
         arguments.
         """
         connection = Connection(Context(TLSv1_METHOD), None)
@@ -1348,7 +1348,7 @@
 
     def test_result(self):
         """
-        L{Connection.get_cipher_list} returns a C{list} of C{str} giving the
+        :py:obj:`Connection.get_cipher_list` returns a :py:obj:`list` of :py:obj:`str` giving the
         names of the ciphers which might be used.
         """
         connection = Connection(Context(TLSv1_METHOD), None)
@@ -1361,12 +1361,12 @@
 
 class ConnectionSendTests(TestCase, _LoopbackMixin):
     """
-    Tests for L{Connection.send}
+    Tests for :py:obj:`Connection.send`
     """
     def test_wrong_args(self):
         """
         When called with arguments other than a single string,
-        L{Connection.send} raises L{TypeError}.
+        :py:obj:`Connection.send` raises :py:obj:`TypeError`.
         """
         connection = Connection(Context(TLSv1_METHOD), None)
         self.assertRaises(TypeError, connection.send)
@@ -1376,7 +1376,7 @@
 
     def test_short_bytes(self):
         """
-        When passed a short byte string, L{Connection.send} transmits all of it
+        When passed a short byte string, :py:obj:`Connection.send` transmits all of it
         and returns the number of bytes sent.
         """
         server, client = self._loopback()
@@ -1392,7 +1392,7 @@
         def test_short_memoryview(self):
             """
             When passed a memoryview onto a small number of bytes,
-            L{Connection.send} transmits all of them and returns the number of
+            :py:obj:`Connection.send` transmits all of them and returns the number of
             bytes sent.
             """
             server, client = self._loopback()
@@ -1404,12 +1404,12 @@
 
 class ConnectionSendallTests(TestCase, _LoopbackMixin):
     """
-    Tests for L{Connection.sendall}.
+    Tests for :py:obj:`Connection.sendall`.
     """
     def test_wrong_args(self):
         """
         When called with arguments other than a single string,
-        L{Connection.sendall} raises L{TypeError}.
+        :py:obj:`Connection.sendall` raises :py:obj:`TypeError`.
         """
         connection = Connection(Context(TLSv1_METHOD), None)
         self.assertRaises(TypeError, connection.sendall)
@@ -1419,7 +1419,7 @@
 
     def test_short(self):
         """
-        L{Connection.sendall} transmits all of the bytes in the string passed to
+        :py:obj:`Connection.sendall` transmits all of the bytes in the string passed to
         it.
         """
         server, client = self._loopback()
@@ -1435,7 +1435,7 @@
         def test_short_memoryview(self):
             """
             When passed a memoryview onto a small number of bytes,
-            L{Connection.sendall} transmits all of them.
+            :py:obj:`Connection.sendall` transmits all of them.
             """
             server, client = self._loopback()
             server.sendall(memoryview(b('x')))
@@ -1444,7 +1444,7 @@
 
     def test_long(self):
         """
-        L{Connection.sendall} transmits all of the bytes in the string passed to
+        :py:obj:`Connection.sendall` transmits all of the bytes in the string passed to
         it even if this requires multiple calls of an underlying write function.
         """
         server, client = self._loopback()
@@ -1464,7 +1464,7 @@
 
     def test_closed(self):
         """
-        If the underlying socket is closed, L{Connection.sendall} propagates the
+        If the underlying socket is closed, :py:obj:`Connection.sendall` propagates the
         write error from the low level write call.
         """
         server, client = self._loopback()
@@ -1479,7 +1479,7 @@
     """
     def test_renegotiate_wrong_args(self):
         """
-        L{Connection.renegotiate} raises L{TypeError} if called with any
+        :py:obj:`Connection.renegotiate` raises :py:obj:`TypeError` if called with any
         arguments.
         """
         connection = Connection(Context(TLSv1_METHOD), None)
@@ -1488,7 +1488,7 @@
 
     def test_total_renegotiations_wrong_args(self):
         """
-        L{Connection.total_renegotiations} raises L{TypeError} if called with
+        :py:obj:`Connection.total_renegotiations` raises :py:obj:`TypeError` if called with
         any arguments.
         """
         connection = Connection(Context(TLSv1_METHOD), None)
@@ -1497,7 +1497,7 @@
 
     def test_total_renegotiations(self):
         """
-        L{Connection.total_renegotiations} returns C{0} before any
+        :py:obj:`Connection.total_renegotiations` returns :py:obj:`0` before any
         renegotiations have happened.
         """
         connection = Connection(Context(TLSv1_METHOD), None)
@@ -1528,11 +1528,11 @@
 
 class ErrorTests(TestCase):
     """
-    Unit tests for L{OpenSSL.SSL.Error}.
+    Unit tests for :py:obj:`OpenSSL.SSL.Error`.
     """
     def test_type(self):
         """
-        L{Error} is an exception type.
+        :py:obj:`Error` is an exception type.
         """
         self.assertTrue(issubclass(Error, Exception))
         self.assertEqual(Error.__name__, 'Error')
@@ -1541,7 +1541,7 @@
 
 class ConstantsTests(TestCase):
     """
-    Tests for the values of constants exposed in L{OpenSSL.SSL}.
+    Tests for the values of constants exposed in :py:obj:`OpenSSL.SSL`.
 
     These are values defined by OpenSSL intended only to be used as flags to
     OpenSSL APIs.  The only assertions it seems can be made about them is
@@ -1551,7 +1551,7 @@
     if OP_NO_QUERY_MTU is not None:
         def test_op_no_query_mtu(self):
             """
-            The value of L{OpenSSL.SSL.OP_NO_QUERY_MTU} is 0x1000, the value of
+            The value of :py:obj:`OpenSSL.SSL.OP_NO_QUERY_MTU` is 0x1000, the value of
             I{SSL_OP_NO_QUERY_MTU} defined by I{openssl/ssl.h}.
             """
             self.assertEqual(OP_NO_QUERY_MTU, 0x1000)
@@ -1562,7 +1562,7 @@
     if OP_COOKIE_EXCHANGE is not None:
         def test_op_cookie_exchange(self):
             """
-            The value of L{OpenSSL.SSL.OP_COOKIE_EXCHANGE} is 0x2000, the value
+            The value of :py:obj:`OpenSSL.SSL.OP_COOKIE_EXCHANGE` is 0x2000, the value
             of I{SSL_OP_COOKIE_EXCHANGE} defined by I{openssl/ssl.h}.
             """
             self.assertEqual(OP_COOKIE_EXCHANGE, 0x2000)
@@ -1573,7 +1573,7 @@
     if OP_NO_TICKET is not None:
         def test_op_no_ticket(self):
             """
-            The value of L{OpenSSL.SSL.OP_NO_TICKET} is 0x4000, the value of
+            The value of :py:obj:`OpenSSL.SSL.OP_NO_TICKET` is 0x4000, the value of
             I{SSL_OP_NO_TICKET} defined by I{openssl/ssl.h}.
             """
             self.assertEqual(OP_NO_TICKET, 0x4000)
@@ -1584,12 +1584,12 @@
 
 class MemoryBIOTests(TestCase, _LoopbackMixin):
     """
-    Tests for L{OpenSSL.SSL.Connection} using a memory BIO.
+    Tests for :py:obj:`OpenSSL.SSL.Connection` using a memory BIO.
     """
     def _server(self, sock):
         """
-        Create a new server-side SSL L{Connection} object wrapped around
-        C{sock}.
+        Create a new server-side SSL :py:obj:`Connection` object wrapped around
+        :py:obj:`sock`.
         """
         # Create the server side Connection.  This is mostly setup boilerplate
         # - use TLSv1, use a particular certificate, etc.
@@ -1610,8 +1610,8 @@
 
     def _client(self, sock):
         """
-        Create a new client-side SSL L{Connection} object wrapped around
-        C{sock}.
+        Create a new client-side SSL :py:obj:`Connection` object wrapped around
+        :py:obj:`sock`.
         """
         # Now create the client side Connection.  Similar boilerplate to the
         # above.
@@ -1630,7 +1630,7 @@
 
     def test_memoryConnect(self):
         """
-        Two L{Connection}s which use memory BIOs can be manually connected by
+        Two :py:obj:`Connection`s which use memory BIOs can be manually connected by
         reading from the output of each and writing those bytes to the input of
         the other and in this way establish a connection and exchange
         application-level bytes with each other.
@@ -1674,10 +1674,10 @@
 
     def test_socketConnect(self):
         """
-        Just like L{test_memoryConnect} but with an actual socket.
+        Just like :py:obj:`test_memoryConnect` but with an actual socket.
 
         This is primarily to rule out the memory BIO code as the source of
-        any problems encountered while passing data over a L{Connection} (if
+        any problems encountered while passing data over a :py:obj:`Connection` (if
         this test fails, there must be a problem outside the memory BIO
         code, as no memory BIO is involved here).  Even though this isn't a
         memory BIO test, it's convenient to have it here.
@@ -1698,8 +1698,8 @@
 
     def test_socketOverridesMemory(self):
         """
-        Test that L{OpenSSL.SSL.bio_read} and L{OpenSSL.SSL.bio_write} don't
-        work on L{OpenSSL.SSL.Connection}() that use sockets.
+        Test that :py:obj:`OpenSSL.SSL.bio_read` and :py:obj:`OpenSSL.SSL.bio_write` don't
+        work on :py:obj:`OpenSSL.SSL.Connection`() that use sockets.
         """
         context = Context(SSLv3_METHOD)
         client = socket()
@@ -1712,7 +1712,7 @@
     def test_outgoingOverflow(self):
         """
         If more bytes than can be written to the memory BIO are passed to
-        L{Connection.send} at once, the number of bytes which were written is
+        :py:obj:`Connection.send` at once, the number of bytes which were written is
         returned and that many bytes from the beginning of the input can be
         read from the other end of the connection.
         """
@@ -1738,8 +1738,8 @@
 
     def test_shutdown(self):
         """
-        L{Connection.bio_shutdown} signals the end of the data stream from
-        which the L{Connection} reads.
+        :py:obj:`Connection.bio_shutdown` signals the end of the data stream from
+        which the :py:obj:`Connection` reads.
         """
         server = self._server(None)
         server.bio_shutdown()
@@ -1751,13 +1751,13 @@
 
     def _check_client_ca_list(self, func):
         """
-        Verify the return value of the C{get_client_ca_list} method for server and client connections.
+        Verify the return value of the :py:obj:`get_client_ca_list` method for server and client connections.
 
         :param func: A function which will be called with the server context
             before the client and server are connected to each other.  This
             function should specify a list of CAs for the server to send to the
             client and return that same list.  The list will be used to verify
-            that C{get_client_ca_list} returns the proper value at various
+            that :py:obj:`get_client_ca_list` returns the proper value at various
             times.
         """
         server = self._server(None)
@@ -1775,7 +1775,7 @@
 
     def test_set_client_ca_list_errors(self):
         """
-        L{Context.set_client_ca_list} raises a L{TypeError} if called with a
+        :py:obj:`Context.set_client_ca_list` raises a :py:obj:`TypeError` if called with a
         non-list or a list that contains objects other than X509Names.
         """
         ctx = Context(TLSv1_METHOD)
@@ -1786,9 +1786,9 @@
 
     def test_set_empty_ca_list(self):
         """
-        If passed an empty list, L{Context.set_client_ca_list} configures the
+        If passed an empty list, :py:obj:`Context.set_client_ca_list` configures the
         context to send no CA names to the client and, on both the server and
-        client sides, L{Connection.get_client_ca_list} returns an empty list
+        client sides, :py:obj:`Connection.get_client_ca_list` returns an empty list
         after the connection is set up.
         """
         def no_ca(ctx):
@@ -1800,9 +1800,9 @@
     def test_set_one_ca_list(self):
         """
         If passed a list containing a single X509Name,
-        L{Context.set_client_ca_list} configures the context to send that CA
+        :py:obj:`Context.set_client_ca_list` configures the context to send that CA
         name to the client and, on both the server and client sides,
-        L{Connection.get_client_ca_list} returns a list containing that
+        :py:obj:`Connection.get_client_ca_list` returns a list containing that
         X509Name after the connection is set up.
         """
         cacert = load_certificate(FILETYPE_PEM, root_cert_pem)
@@ -1816,9 +1816,9 @@
     def test_set_multiple_ca_list(self):
         """
         If passed a list containing multiple X509Name objects,
-        L{Context.set_client_ca_list} configures the context to send those CA
+        :py:obj:`Context.set_client_ca_list` configures the context to send those CA
         names to the client and, on both the server and client sides,
-        L{Connection.get_client_ca_list} returns a list containing those
+        :py:obj:`Connection.get_client_ca_list` returns a list containing those
         X509Names after the connection is set up.
         """
         secert = load_certificate(FILETYPE_PEM, server_cert_pem)
@@ -1837,7 +1837,7 @@
     def test_reset_ca_list(self):
         """
         If called multiple times, only the X509Names passed to the final call
-        of L{Context.set_client_ca_list} are used to configure the CA names
+        of :py:obj:`Context.set_client_ca_list` are used to configure the CA names
         sent to the client.
         """
         cacert = load_certificate(FILETYPE_PEM, root_cert_pem)
@@ -1857,7 +1857,7 @@
 
     def test_mutated_ca_list(self):
         """
-        If the list passed to L{Context.set_client_ca_list} is mutated
+        If the list passed to :py:obj:`Context.set_client_ca_list` is mutated
         afterwards, this does not affect the list of CA names sent to the
         client.
         """
@@ -1877,7 +1877,7 @@
 
     def test_add_client_ca_errors(self):
         """
-        L{Context.add_client_ca} raises L{TypeError} if called with a non-X509
+        :py:obj:`Context.add_client_ca` raises :py:obj:`TypeError` if called with a non-X509
         object or with a number of arguments other than one.
         """
         ctx = Context(TLSv1_METHOD)
@@ -1890,7 +1890,7 @@
     def test_one_add_client_ca(self):
         """
         A certificate's subject can be added as a CA to be sent to the client
-        with L{Context.add_client_ca}.
+        with :py:obj:`Context.add_client_ca`.
         """
         cacert = load_certificate(FILETYPE_PEM, root_cert_pem)
         cadesc = cacert.get_subject()
@@ -1903,7 +1903,7 @@
     def test_multiple_add_client_ca(self):
         """
         Multiple CA names can be sent to the client by calling
-        L{Context.add_client_ca} with multiple X509 objects.
+        :py:obj:`Context.add_client_ca` with multiple X509 objects.
         """
         cacert = load_certificate(FILETYPE_PEM, root_cert_pem)
         secert = load_certificate(FILETYPE_PEM, server_cert_pem)
@@ -1920,8 +1920,8 @@
 
     def test_set_and_add_client_ca(self):
         """
-        A call to L{Context.set_client_ca_list} followed by a call to
-        L{Context.add_client_ca} results in using the CA names from the first
+        A call to :py:obj:`Context.set_client_ca_list` followed by a call to
+        :py:obj:`Context.add_client_ca` results in using the CA names from the first
         call and the CA name from the second call.
         """
         cacert = load_certificate(FILETYPE_PEM, root_cert_pem)
@@ -1941,8 +1941,8 @@
 
     def test_set_after_add_client_ca(self):
         """
-        A call to L{Context.set_client_ca_list} after a call to
-        L{Context.add_client_ca} replaces the CA name specified by the former
+        A call to :py:obj:`Context.set_client_ca_list` after a call to
+        :py:obj:`Context.add_client_ca` replaces the CA name specified by the former
         call with the names specified by the latter cal.
         """
         cacert = load_certificate(FILETYPE_PEM, root_cert_pem)
diff --git a/OpenSSL/test/util.py b/OpenSSL/test/util.py
index ac9190e..79da76b 100644
--- a/OpenSSL/test/util.py
+++ b/OpenSSL/test/util.py
@@ -27,12 +27,12 @@
 
 class TestCase(TestCase):
     """
-    L{TestCase} adds useful testing functionality beyond what is available
-    from the standard library L{unittest.TestCase}.
+    :py:class:`TestCase` adds useful testing functionality beyond what is available
+    from the standard library :py:class:`unittest.TestCase`.
     """
     def tearDown(self):
         """
-        Clean up any files or directories created using L{TestCase.mktemp}.
+        Clean up any files or directories created using :py:meth:`TestCase.mktemp`.
         Subclasses must invoke this method if they override it or the
         cleanup will not occur.
         """
@@ -52,9 +52,9 @@
 
     def failUnlessIn(self, containee, container, msg=None):
         """
-        Fail the test if C{containee} is not found in C{container}.
+        Fail the test if :py:data:`containee` is not found in :py:data:`container`.
 
-        :param containee: the value that should be in C{container}
+        :param containee: the value that should be in :py:class:`container`
         :param container: a sequence type, or in the case of a mapping type,
                           will follow semantics of 'if key in dict.keys()'
         :param msg: if msg is None, then the failure message will be
@@ -68,9 +68,9 @@
 
     def failUnlessIdentical(self, first, second, msg=None):
         """
-        Fail the test if C{first} is not C{second}.  This is an
+        Fail the test if :py:data:`first` is not :py:data:`second`.  This is an
         obect-identity-equality test, not an object equality
-        (i.e. C{__eq__}) test.
+        (i.e. :py:func:`__eq__`) test.
 
         :param msg: if msg is None, then the failure message will be
         '%r is not %r' % (first, second)
@@ -83,9 +83,9 @@
 
     def failIfIdentical(self, first, second, msg=None):
         """
-        Fail the test if C{first} is C{second}.  This is an
+        Fail the test if :py:data:`first` is :py:data:`second`.  This is an
         obect-identity-equality test, not an object equality
-        (i.e. C{__eq__}) test.
+        (i.e. :py:func:`__eq__`) test.
 
         :param msg: if msg is None, then the failure message will be
         '%r is %r' % (first, second)
@@ -98,9 +98,10 @@
 
     def failUnlessRaises(self, exception, f, *args, **kwargs):
         """
-        Fail the test unless calling the function C{f} with the given
-        C{args} and C{kwargs} raises C{exception}. The failure will report
-        the traceback and call stack of the unexpected exception.
+        Fail the test unless calling the function :py:data:`f` with the given
+        :py:data:`args` and :py:data:`kwargs` raises :py:data:`exception`. The
+        failure will report the traceback and call stack of the unexpected
+        exception.
 
         :param exception: exception type that is to be expected
         :param f: the function to call
@@ -150,14 +151,14 @@
     # Other stuff
     def assertConsistentType(self, theType, name, *constructionArgs):
         """
-        Perform various assertions about C{theType} to ensure that it is a
+        Perform various assertions about :py:data:`theType` to ensure that it is a
         well-defined type.  This is useful for extension types, where it's
         pretty easy to do something wacky.  If something about the type is
         unusual, an exception will be raised.
 
         :param theType: The type object about which to make assertions.
         :param name: A string giving the name of the type.
-        :param constructionArgs: Positional arguments to use with C{theType} to
+        :param constructionArgs: Positional arguments to use with :py:data:`theType` to
             create an instance of it.
         """
         self.assertEqual(theType.__name__, name)