update to latest upstream

package/openssh/Makefile

@@ -4,9 +4,9 @@
 include ${TOPDIR}/rules.mk
 
 PKG_NAME:=		openssh
-PKG_VERSION:=		5.3p1
+PKG_VERSION:=		5.4p1
 PKG_RELEASE:=		1
-PKG_MD5SUM:=		13563dbf61f36ca9a1e4254260131041
+PKG_MD5SUM:=		da10af8a789fa2e83e3635f3a1b76f5e
 PKG_DESCR:=		OpenSSH server
 PKG_SECTION:=		net
 PKG_DEPENDS:=		zlib libopenssl libpthread
@@ -20,24 +20,20 @@ PKG_DEPENDS+=		libheimdal libcom-err
 PKG_BUILDDEP+=		heimdal
 endif
 PKG_URL:=		http://www.openssh.com
-PKG_SITES:=		ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \
-			ftp://openbsd.wiretapped.net/pub/OpenBSD/OpenSSH/portable/ \
-			ftp://ftp.belnet.be/packages/openbsd/OpenSSH/portable/ \
-			ftp://ftp.de.openbsd.org/pub/unix/OpenBSD/OpenSSH/portable/
+PKG_SITES:=		ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/
 
-PKG_DESCR_1:=		OpenSSH client
-PKG_DESCR_2:=		OpenSSH client utilities
-PKG_DESCR_3:=		OpenSSH sftp client
-PKG_DESCR_4:=		OpenSSH sftp server
+PKG_DESCR_CLIENT:=	OpenSSH client
+PKG_DESCR_CLIENT_UTILS:=OpenSSH client utilities
+PKG_DESCR_SFTP_CLIENT:=	OpenSSH sftp client
+PKG_DESCR_SFTP_SERVER:=	OpenSSH sftp server
 
 include ${TOPDIR}/mk/package.mk
 
 $(eval $(call PKG_template,OPENSSH_SERVER,openssh-server,${PKG_VERSION}-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION}))
-$(eval $(call PKG_template,OPENSSH_CLIENT,openssh-client,${PKG_VERSION}-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR_1},${PKG_SECTION}))
-$(eval $(call PKG_template,OPENSSH_CLIENT_UTILS,openssh-client-utils,${PKG_VERSION}-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR_2},${PKG_SECTION}))
-$(eval $(call PKG_template,OPENSSH_SFTP_CLIENT,openssh-sftp-client,${PKG_VERSION}-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR_3},${PKG_SECTION}))
-$(eval $(call PKG_template,OPENSSH_SFTP_SERVER,openssh-sftp-server,${PKG_VERSION}-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR_4},${PKG_SECTION}))
-
+$(eval $(call PKG_template,OPENSSH_CLIENT,openssh-client,${PKG_VERSION}-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR_CLIENT},${PKG_SECTION}))
+$(eval $(call PKG_template,OPENSSH_CLIENT_UTILS,openssh-client-utils,${PKG_VERSION}-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR_CLIENT_UTILS},${PKG_SECTION}))
+$(eval $(call PKG_template,OPENSSH_SFTP_CLIENT,openssh-sftp-client,${PKG_VERSION}-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR_SFTP_CLIENT},${PKG_SECTION}))
+$(eval $(call PKG_template,OPENSSH_SFTP_SERVER,openssh-sftp-server,${PKG_VERSION}-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR_SFTP_SERVER},${PKG_SECTION}))
 
 ifeq ($(ADK_COMPILE_OPENSSH_WITH_KERBEROS),y)
 CONFIGURE_ARGS+=	--with-kerberos5="${STAGING_DIR}/usr"

package/openssh/patches/patch-auth2-jpake_c

@@ -1,79 +0,0 @@
---- openssh-5.3p1.orig/auth2-jpake.c	2009-06-21 11:50:08.000000000 +0200
-+++ openssh-5.3p1/auth2-jpake.c	2009-12-05 12:10:19.000000000 +0100
-@@ -173,7 +173,7 @@ derive_rawsalt(const char *username, u_c
- 		fatal("%s: not enough bytes for rawsalt (want %u have %u)",
- 		    __func__, len, digest_len);
- 	memcpy(rawsalt, digest, len);
--	bzero(digest, digest_len);
-+	memset(digest, 0, digest_len);
- 	xfree(digest);
- }
- 
-@@ -198,10 +198,10 @@ makesalt(u_int want, const char *user)
- 		fatal("%s: want %u", __func__, want);
- 
- 	derive_rawsalt(user, rawsalt, sizeof(rawsalt));
--	bzero(ret, sizeof(ret));
-+	memset(ret, 0, sizeof(ret));
- 	for (i = 0; i < want; i++)
- 		ret[i] = pw_encode64(rawsalt[i]);
--	bzero(rawsalt, sizeof(rawsalt));
-+	memset(rawsalt, 0, sizeof(rawsalt));
- 
- 	return ret;
- }
-@@ -355,7 +355,7 @@ auth2_jpake_get_pwdata(Authctxt *authctx
- 	debug3("%s: scheme = %s", __func__, *hash_scheme);
- 	JPAKE_DEBUG_BN((*s, "%s: s = ", __func__));
- #endif
--	bzero(secret, secret_len);
-+	memset(secret, 0, secret_len);
- 	xfree(secret);
- }
- 
-@@ -396,12 +396,12 @@ auth2_jpake_start(Authctxt *authctxt)
- 	packet_send();
- 	packet_write_wait();
- 
--	bzero(hash_scheme, strlen(hash_scheme));
--	bzero(salt, strlen(salt));
-+	memset(hash_scheme, 0, strlen(hash_scheme));
-+	memset(salt, 0, strlen(salt));
- 	xfree(hash_scheme);
- 	xfree(salt);
--	bzero(x3_proof, x3_proof_len);
--	bzero(x4_proof, x4_proof_len);
-+	memset(x3_proof, 0, x3_proof_len);
-+	memset(x4_proof, 0, x4_proof_len);
- 	xfree(x3_proof);
- 	xfree(x4_proof);
- 
-@@ -448,8 +448,8 @@ input_userauth_jpake_client_step1(int ty
- 	    &pctx->b,
- 	    &x4_s_proof, &x4_s_proof_len));
- 
--	bzero(x1_proof, x1_proof_len);
--	bzero(x2_proof, x2_proof_len);
-+	memset(x1_proof, 0, x1_proof_len);
-+	memset(x2_proof, 0, x2_proof_len);
- 	xfree(x1_proof);
- 	xfree(x2_proof);
- 
-@@ -463,7 +463,7 @@ input_userauth_jpake_client_step1(int ty
- 	packet_send();
- 	packet_write_wait();
- 
--	bzero(x4_s_proof, x4_s_proof_len);
-+	memset(x4_s_proof, 0, x4_s_proof_len);
- 	xfree(x4_s_proof);
- 
- 	/* Expect step 2 packet from peer */
-@@ -504,7 +504,7 @@ input_userauth_jpake_client_step2(int ty
- 	    &pctx->k,
- 	    &pctx->h_k_sid_sessid, &pctx->h_k_sid_sessid_len));
- 
--	bzero(x2_s_proof, x2_s_proof_len);
-+	memset(x2_s_proof, 0, x2_s_proof_len);
- 	xfree(x2_s_proof);
- 
- 	if (!use_privsep)

package/openssh/patches/patch-channels_c

@@ -1,29 +0,0 @@
---- openssh-5.3p1.orig/channels.c	2009-08-28 03:02:37.000000000 +0200
-+++ openssh-5.3p1/channels.c	2009-12-05 12:10:19.000000000 +0100
-@@ -411,7 +411,7 @@ channel_free(Channel *c)
- 		if (cc->abandon_cb != NULL)
- 			cc->abandon_cb(c, cc->ctx);
- 		TAILQ_REMOVE(&c->status_confirms, cc, entry);
--		bzero(cc, sizeof(*cc));
-+		memset(cc, 0, sizeof(*cc));
- 		xfree(cc);
- 	}
- 	if (c->filter_cleanup != NULL && c->filter_ctx != NULL)
-@@ -2449,7 +2449,7 @@ channel_input_status_confirm(int type, u
- 		return;
- 	cc->cb(type, c, cc->ctx);
- 	TAILQ_REMOVE(&c->status_confirms, cc, entry);
--	bzero(cc, sizeof(*cc));
-+	memset(cc, 0, sizeof(*cc));
- 	xfree(cc);
- }
- 
-@@ -2943,7 +2943,7 @@ channel_connect_ctx_free(struct channel_
- 	xfree(cctx->host);
- 	if (cctx->aitop)
- 		freeaddrinfo(cctx->aitop);
--	bzero(cctx, sizeof(*cctx));
-+	memset(cctx, 0, sizeof(*cctx));
- 	cctx->host = NULL;
- 	cctx->ai = cctx->aitop = NULL;
- }

package/openssh/patches/patch-cipher_c

@@ -1,6 +1,5 @@
-$Id: update-patches 24 2008-08-31 14:56:13Z wbx $
---- openssh-5.2p1.orig/cipher.c	2009-01-28 06:38:41.000000000 +0100
-+++ openssh-5.2p1/cipher.c	2009-05-01 13:39:23.000000000 +0200
+--- openssh-5.4p1.orig/cipher.c	2009-01-28 06:38:41.000000000 +0100
++++ openssh-5.4p1/cipher.c	2010-03-17 16:24:25.000000000 +0100
 @@ -69,21 +69,30 @@ struct Cipher {
  	{ "none",		SSH_CIPHER_NONE, 8, 0, 0, 0, EVP_enc_null },
  	{ "des",		SSH_CIPHER_DES, 8, 8, 0, 1, EVP_des_cbc },

package/openssh/patches/patch-clientloop_c

@@ -1,20 +0,0 @@
---- openssh-5.3p1.orig/clientloop.c	2009-08-28 03:21:07.000000000 +0200
-+++ openssh-5.3p1/clientloop.c	2009-12-05 12:10:19.000000000 +0100
-@@ -488,7 +488,7 @@ client_global_request_reply(int type, u_
- 		gc->cb(type, seq, gc->ctx);
- 	if (--gc->ref_count <= 0) {
- 		TAILQ_REMOVE(&global_confirms, gc, entry);
--		bzero(gc, sizeof(*gc));
-+		memset(gc, 0, sizeof(*gc));
- 		xfree(gc);
- 	}
- 
-@@ -769,7 +769,7 @@ process_cmdline(void)
- 	int cancel_port;
- 	Forward fwd;
- 
--	bzero(&fwd, sizeof(fwd));
-+	memset(&fwd, 0, sizeof(fwd));
- 	fwd.listen_host = fwd.connect_host = NULL;
- 
- 	leave_raw_mode();

package/openssh/patches/patch-jpake_c

@@ -1,29 +0,0 @@
---- openssh-5.3p1.orig/jpake.c	2009-03-05 14:58:22.000000000 +0100
-+++ openssh-5.3p1/jpake.c	2009-12-05 12:10:19.000000000 +0100
-@@ -104,7 +104,7 @@ jpake_free(struct jpake_ctx *pctx)
- #define JPAKE_BUF_CLEAR_FREE(v, l)		\
- 	do {					\
- 		if ((v) != NULL) {		\
--			bzero((v), (l));	\
-+			memset((v), 0, (l));	\
- 			xfree(v);		\
- 			(v) = NULL;		\
- 			(l) = 0;		\
-@@ -132,7 +132,7 @@ jpake_free(struct jpake_ctx *pctx)
- #undef JPAKE_BN_CLEAR_FREE
- #undef JPAKE_BUF_CLEAR_FREE
- 
--	bzero(pctx, sizeof(pctx));
-+	memset(pctx, 0, sizeof(pctx));
- 	xfree(pctx);
- }
- 
-@@ -437,7 +437,7 @@ jpake_check_confirm(const BIGNUM *k,
- 	else if (memcmp(peer_confirm_hash, expected_confirm_hash,
- 	    expected_confirm_hash_len) == 0)
- 		success = 1;
--	bzero(expected_confirm_hash, expected_confirm_hash_len);
-+	memset(expected_confirm_hash, 0, expected_confirm_hash_len);
- 	xfree(expected_confirm_hash);
- 	debug3("%s: success = %d", __func__, success);
- 	return success;

package/openssh/patches/patch-mac_c

@@ -1,6 +1,5 @@
-$Id: update-patches 24 2008-08-31 14:56:13Z wbx $
---- openssh-5.2p1.orig/mac.c	2008-06-13 02:58:50.000000000 +0200
-+++ openssh-5.2p1/mac.c	2009-05-01 13:34:59.000000000 +0200
+--- openssh-5.4p1.orig/mac.c	2008-06-13 02:58:50.000000000 +0200
++++ openssh-5.4p1/mac.c	2010-03-17 16:24:25.000000000 +0100
 @@ -59,8 +59,10 @@ struct {
  	{ "hmac-sha1-96",		SSH_EVP, EVP_sha1, 96, -1, -1 },
  	{ "hmac-md5",			SSH_EVP, EVP_md5, 0, -1, -1 },

package/openssh/patches/patch-monitor_c

@@ -1,62 +0,0 @@
---- openssh-5.3p1.orig/monitor.c	2009-06-21 10:58:46.000000000 +0200
-+++ openssh-5.3p1/monitor.c	2009-12-05 12:10:19.000000000 +0100
-@@ -2042,8 +2042,8 @@ mm_answer_jpake_step1(int sock, Buffer *
- 	debug3("%s: sending step1", __func__);
- 	mm_request_send(sock, MONITOR_ANS_JPAKE_STEP1, m);
- 
--	bzero(x3_proof, x3_proof_len);
--	bzero(x4_proof, x4_proof_len);
-+	memset(x3_proof, 0, x3_proof_len);
-+	memset(x4_proof, 0, x4_proof_len);
- 	xfree(x3_proof);
- 	xfree(x4_proof);
- 
-@@ -2072,8 +2072,8 @@ mm_answer_jpake_get_pwdata(int sock, Buf
- 	debug3("%s: sending pwdata", __func__);
- 	mm_request_send(sock, MONITOR_ANS_JPAKE_GET_PWDATA, m);
- 
--	bzero(hash_scheme, strlen(hash_scheme));
--	bzero(salt, strlen(salt));
-+	memset(hash_scheme, 0, strlen(hash_scheme));
-+	memset(salt, 0, strlen(salt));
- 	xfree(hash_scheme);
- 	xfree(salt);
- 
-@@ -2112,8 +2112,8 @@ mm_answer_jpake_step2(int sock, Buffer *
- 
- 	JPAKE_DEBUG_CTX((pctx, "step2 done in %s", __func__));
- 
--	bzero(x1_proof, x1_proof_len);
--	bzero(x2_proof, x2_proof_len);
-+	memset(x1_proof, 0, x1_proof_len);
-+	memset(x2_proof, 0, x2_proof_len);
- 	xfree(x1_proof);
- 	xfree(x2_proof);
- 
-@@ -2125,7 +2125,7 @@ mm_answer_jpake_step2(int sock, Buffer *
- 	debug3("%s: sending step2", __func__);
- 	mm_request_send(sock, MONITOR_ANS_JPAKE_STEP2, m);
- 
--	bzero(x4_s_proof, x4_s_proof_len);
-+	memset(x4_s_proof, 0, x4_s_proof_len);
- 	xfree(x4_s_proof);
- 
- 	monitor_permit(mon_dispatch, MONITOR_REQ_JPAKE_KEY_CONFIRM, 1);
-@@ -2159,7 +2159,7 @@ mm_answer_jpake_key_confirm(int sock, Bu
- 
- 	JPAKE_DEBUG_CTX((pctx, "key_confirm done in %s", __func__));
- 
--	bzero(x2_s_proof, x2_s_proof_len);
-+	memset(x2_s_proof, 0, x2_s_proof_len);
- 	buffer_clear(m);
- 
- 	/* pctx->k is sensitive, not sent */
-@@ -2193,7 +2193,7 @@ mm_answer_jpake_check_confirm(int sock, 
- 
- 	JPAKE_DEBUG_CTX((pctx, "check_confirm done in %s", __func__));
- 
--	bzero(peer_confirm_hash, peer_confirm_hash_len);
-+	memset(peer_confirm_hash, 0, peer_confirm_hash_len);
- 	xfree(peer_confirm_hash);
- 
- 	buffer_clear(m);

package/openssh/patches/patch-openbsd-compat_port-tun_c

@@ -1,21 +0,0 @@
-$Id: update-patches 24 2008-08-31 14:56:13Z wbx $
---- openssh-5.2p1.orig/openbsd-compat/port-tun.c	2008-05-19 07:28:36.000000000 +0200
-+++ openssh-5.2p1/openbsd-compat/port-tun.c	2009-09-18 12:25:49.000000000 +0200
-@@ -67,7 +67,7 @@ sys_tun_open(int tun, int mode)
- 		return (-1);
- 	}
- 
--	bzero(&ifr, sizeof(ifr));	
-+	memset(&ifr, 0, sizeof(ifr));	
- 
- 	if (mode == SSH_TUNMODE_ETHERNET) {
- 		ifr.ifr_flags = IFF_TAP;
-@@ -213,7 +213,7 @@ sys_tun_infilter(struct Channel *c, char
- 	if (len <= 0 || len > (int)(sizeof(rbuf) - sizeof(*af)))
- 		return (-1);
- 	ptr = (char *)&rbuf[0];
--	bcopy(buf, ptr + sizeof(u_int32_t), len);
-+	memcpy(ptr + sizeof(u_int32_t), buf, len);
- 	len += sizeof(u_int32_t);
- 	af = (u_int32_t *)ptr;
- 

package/openssh/patches/patch-schnorr_c

@@ -1,29 +0,0 @@
---- openssh-5.3p1.orig/schnorr.c	2009-03-07 02:01:47.000000000 +0100
-+++ openssh-5.3p1/schnorr.c	2009-12-05 12:10:08.000000000 +0100
-@@ -101,7 +101,7 @@ schnorr_hash(const BIGNUM *p, const BIGN
- 	SCHNORR_DEBUG_BN((h, "%s: h = ", __func__));
-  out:
- 	buffer_free(&b);
--	bzero(digest, digest_len);
-+	memset(digest, 0, digest_len);
- 	xfree(digest);
- 	digest_len = 0;
- 	if (success == 0)
-@@ -451,7 +451,7 @@ hash_buffer(const u_char *buf, u_int len
- 	success = 0;
-  out:
- 	EVP_MD_CTX_cleanup(&evp_md_ctx);
--	bzero(digest, sizeof(digest));
-+	memset(digest, 0, sizeof(digest));
- 	digest_len = 0;
- 	return success;
- }
-@@ -544,7 +544,7 @@ modp_group_free(struct modp_group *grp)
- 		BN_clear_free(grp->p);
- 	if (grp->q != NULL)
- 		BN_clear_free(grp->q);
--	bzero(grp, sizeof(*grp));
-+	memset(grp, 0, sizeof(*grp));
- 	xfree(grp);
- }
- 

package/openssh/patches/patch-session_c

@@ -1,11 +0,0 @@
---- openssh-5.3p1.orig/session.c	2009-08-20 08:20:50.000000000 +0200
-+++ openssh-5.3p1/session.c	2009-12-05 12:10:19.000000000 +0100
-@@ -1859,7 +1859,7 @@ session_unused(int id)
- 		fatal("%s: insane session id %d (max %d nalloc %d)",
- 		    __func__, id, options.max_sessions, sessions_nalloc);
- 	}
--	bzero(&sessions[id], sizeof(*sessions));
-+	memset(&sessions[id], 0, sizeof(*sessions));
- 	sessions[id].self = id;
- 	sessions[id].used = 0;
- 	sessions[id].chanid = -1;

package/openssh/patches/patch-sftp-client_c

@@ -1,11 +0,0 @@
---- openssh-5.2p1.orig/sftp-client.c	2008-07-04 15:10:49.000000000 +0200
-+++ openssh-5.2p1/sftp-client.c	2009-09-18 12:30:56.000000000 +0200
-@@ -273,7 +273,7 @@ get_decode_statvfs(int fd, struct sftp_s
- 		    SSH2_FXP_EXTENDED_REPLY, type);
- 	}
- 
--	bzero(st, sizeof(*st));
-+	memset(st, 0, sizeof(*st));
- 	st->f_bsize = buffer_get_int64(&msg);
- 	st->f_frsize = buffer_get_int64(&msg);
- 	st->f_blocks = buffer_get_int64(&msg);

package/openssh/patches/patch-ssh_c

@@ -1,13 +0,0 @@
---- openssh-5.3p1.orig/ssh.c	2009-07-05 23:16:56.000000000 +0200
-+++ openssh-5.3p1/ssh.c	2009-12-05 12:10:19.000000000 +0100
-@@ -1280,8 +1280,8 @@ load_public_identity_files(void)
- 		options.identity_files[i] = filename;
- 		options.identity_keys[i] = public;
- 	}
--	bzero(pwname, strlen(pwname));
-+	memset(pwname, 0, strlen(pwname));
- 	xfree(pwname);
--	bzero(pwdir, strlen(pwdir));
-+	memset(pwdir, 0, strlen(pwdir));
- 	xfree(pwdir);
- }

package/openssh/patches/patch-sshconnect2_c

@@ -1,71 +0,0 @@
---- openssh-5.3p1.orig/sshconnect2.c	2009-03-05 14:58:22.000000000 +0100
-+++ openssh-5.3p1/sshconnect2.c	2009-12-05 12:10:19.000000000 +0100
-@@ -922,14 +922,14 @@ jpake_password_to_secret(Authctxt *authc
- 	    &secret, &secret_len) != 0)
- 		fatal("%s: hash_buffer", __func__);
- 
--	bzero(password, strlen(password));
--	bzero(crypted, strlen(crypted));
-+	memset(password, 0, strlen(password));
-+	memset(crypted, 0, strlen(crypted));
- 	xfree(password);
- 	xfree(crypted);
- 
- 	if ((ret = BN_bin2bn(secret, secret_len, NULL)) == NULL)
- 		fatal("%s: BN_bin2bn (secret)", __func__);
--	bzero(secret, secret_len);
-+	memset(secret, 0, secret_len);
- 	xfree(secret);
- 
- 	return ret;
-@@ -966,8 +966,8 @@ input_userauth_jpake_server_step1(int ty
- 
- 	/* Obtain password and derive secret */
- 	pctx->s = jpake_password_to_secret(authctxt, crypt_scheme, salt);
--	bzero(crypt_scheme, strlen(crypt_scheme));
--	bzero(salt, strlen(salt));
-+	memset(crypt_scheme, 0, strlen(crypt_scheme));
-+	memset(salt, 0, strlen(salt));
- 	xfree(crypt_scheme);
- 	xfree(salt);
- 	JPAKE_DEBUG_BN((pctx->s, "%s: s = ", __func__));
-@@ -982,8 +982,8 @@ input_userauth_jpake_server_step1(int ty
- 	    &pctx->a,
- 	    &x2_s_proof, &x2_s_proof_len);
- 
--	bzero(x3_proof, x3_proof_len);
--	bzero(x4_proof, x4_proof_len);
-+	memset(x3_proof, 0, x3_proof_len);
-+	memset(x4_proof, 0, x4_proof_len);
- 	xfree(x3_proof);
- 	xfree(x4_proof);
- 
-@@ -995,7 +995,7 @@ input_userauth_jpake_server_step1(int ty
- 	packet_put_string(x2_s_proof, x2_s_proof_len);
- 	packet_send();
- 
--	bzero(x2_s_proof, x2_s_proof_len);
-+	memset(x2_s_proof, 0, x2_s_proof_len);
- 	xfree(x2_s_proof);
- 
- 	/* Expect step 2 packet from peer */
-@@ -1035,7 +1035,7 @@ input_userauth_jpake_server_step2(int ty
- 	    &pctx->k,
- 	    &pctx->h_k_cid_sessid, &pctx->h_k_cid_sessid_len);
- 
--	bzero(x4_s_proof, x4_s_proof_len);
-+	memset(x4_s_proof, 0, x4_s_proof_len);
- 	xfree(x4_s_proof);
- 
- 	JPAKE_DEBUG_CTX((pctx, "confirm sending in %s", __func__));
-@@ -1701,8 +1701,8 @@ userauth_jpake(Authctxt *authctxt)
- 	packet_put_string(x2_proof, x2_proof_len);
- 	packet_send();
- 
--	bzero(x1_proof, x1_proof_len);
--	bzero(x2_proof, x2_proof_len);
-+	memset(x1_proof, 0, x1_proof_len);
-+	memset(x2_proof, 0, x2_proof_len);
- 	xfree(x1_proof);
- 	xfree(x2_proof);
-