439 files changed, 0 insertions, 9920 deletions

diff --git a/security/Makefile b/security/Makefile
index 8a8872adcb39..81cc9189ac82 100644
--- a/security/Makefile
+++ b/security/Makefile
@@ -17,21 +17,17 @@
     SUBDIR += acmetool
     SUBDIR += aescrypt
     SUBDIR += aespipe
-    SUBDIR += afl
     SUBDIR += afl++
     SUBDIR += afterglow
     SUBDIR += age
     SUBDIR += aide
     SUBDIR += akmos
-    SUBDIR += amap
-    SUBDIR += amavis-stats
     SUBDIR += amavisd-milter
     SUBDIR += amavisd-new
     SUBDIR += apache-xml-security-c
     SUBDIR += apg
     SUBDIR += apkid
     SUBDIR += archlinux-keyring
-    SUBDIR += arirang
     SUBDIR += arpCounterattack
     SUBDIR += arti
     SUBDIR += asignify
@@ -42,10 +38,8 @@
     SUBDIR += aws-c-cal
     SUBDIR += aws-iam-authenticator
     SUBDIR += aws-vault
-    SUBDIR += axTLS
     SUBDIR += barnyard2
     SUBDIR += barnyard2-sguil
-    SUBDIR += base
     SUBDIR += base-audit
     SUBDIR += bastillion
     SUBDIR += bcrypt
@@ -58,10 +52,8 @@
     SUBDIR += bfbtester
     SUBDIR += binwalk
     SUBDIR += boringssl
-    SUBDIR += botan110
     SUBDIR += botan2
     SUBDIR += bruteblock
-    SUBDIR += bruteforceblocker
     SUBDIR += bsdsfv
     SUBDIR += bsmtrace
     SUBDIR += bsmtrace3
@@ -84,7 +76,6 @@
     SUBDIR += chntpw
     SUBDIR += chroot_safe
     SUBDIR += chrootuid
-    SUBDIR += cisco-torch
     SUBDIR += ckpass
     SUBDIR += cksfv
     SUBDIR += cl-md5
@@ -106,7 +97,6 @@
     SUBDIR += courierpasswd
     SUBDIR += courieruserinfo
     SUBDIR += cowrie
-    SUBDIR += cp2fwb
     SUBDIR += cracklib
     SUBDIR += crackpkcs12
     SUBDIR += create-cert
@@ -126,7 +116,6 @@
     SUBDIR += cyrus-sasl2-sql
     SUBDIR += cyrus-sasl2-srp
     SUBDIR += d0_blind_id
-    SUBDIR += dcetest
     SUBDIR += dehydrated
     SUBDIR += denyhosts
     SUBDIR += destroy
@@ -135,7 +124,6 @@
     SUBDIR += dirmngr
     SUBDIR += distcache
     SUBDIR += doas
-    SUBDIR += doscan
     SUBDIR += dotdotpwn
     SUBDIR += dropbear
     SUBDIR += dsniff
@@ -161,7 +149,6 @@
     SUBDIR += fcrackzip
     SUBDIR += ffuf
     SUBDIR += fiked
-    SUBDIR += find-zlib
     SUBDIR += fizz
     SUBDIR += fl0p
     SUBDIR += flawfinder
@@ -200,7 +187,6 @@
     SUBDIR += gopass
     SUBDIR += gorilla
     SUBDIR += gost-engine
-    SUBDIR += govpn
     SUBDIR += gpa
     SUBDIR += gpg-gui
     SUBDIR += gpg-tui
@@ -208,9 +194,7 @@
     SUBDIR += gpgme
     SUBDIR += gpgme-cpp
     SUBDIR += gpgme-qt5
-    SUBDIR += gputty
     SUBDIR += greenbone-security-assistant
-    SUBDIR += gringotts
     SUBDIR += gsasl
     SUBDIR += gss
     SUBDIR += gstreamer1-plugins-dtls
@@ -218,8 +202,6 @@
     SUBDIR += gvm
     SUBDIR += gvm-libs
     SUBDIR += gvmd
-    SUBDIR += gwee
-    SUBDIR += hackbot
     SUBDIR += hardening-check
     SUBDIR += hash
     SUBDIR += hashcat
@@ -231,7 +213,6 @@
     SUBDIR += hexl
     SUBDIR += highwayhash
     SUBDIR += hitch
-    SUBDIR += hlfl
     SUBDIR += hockeypuck
     SUBDIR += honeytrap
     SUBDIR += honggfuzz
@@ -244,20 +225,14 @@
     SUBDIR += iaikpkcs11wrapper
     SUBDIR += idea
     SUBDIR += identify
-    SUBDIR += ike
     SUBDIR += imds-filterd
-    SUBDIR += integrit
     SUBDIR += intel-ipsec-mb
-    SUBDIR += ipfilter2dshield
     SUBDIR += ipfmeta
-    SUBDIR += ipfw2dshield
     SUBDIR += ipguard
     SUBDIR += ipsec-tools
     SUBDIR += ipv6toolkit
-    SUBDIR += isakmpd
     SUBDIR += isal-kmod
     SUBDIR += isnprober
-    SUBDIR += jbrofuzz
     SUBDIR += john
     SUBDIR += kbfsd
     SUBDIR += kc24
@@ -285,14 +260,11 @@
     SUBDIR += krb5-119
     SUBDIR += krb5-appl
     SUBDIR += krb5-devel
-    SUBDIR += kripp
     SUBDIR += kstart
     SUBDIR += ktls_isa-l_crypto-kmod
     SUBDIR += kuku
     SUBDIR += kwalletmanager
     SUBDIR += l0pht-watch
-    SUBDIR += l0phtcrack
-    SUBDIR += l5
     SUBDIR += lasso
     SUBDIR += lastpass-cli
     SUBDIR += lego
@@ -320,10 +292,7 @@
     SUBDIR += libotr
     SUBDIR += libotr3
     SUBDIR += libp11
-    SUBDIR += libprelude
-    SUBDIR += libpreludedb
     SUBDIR += libpwquality
-    SUBDIR += libpwstor
     SUBDIR += libressl
     SUBDIR += libressl-devel
     SUBDIR += libreswan
@@ -365,10 +334,8 @@
     SUBDIR += mailzu
     SUBDIR += makepasswd
     SUBDIR += maltrail
-    SUBDIR += manipulate_data
     SUBDIR += masscan
     SUBDIR += mate-pam-helper
-    SUBDIR += matrixssl
     SUBDIR += mbedtls
     SUBDIR += mcrypt
     SUBDIR += md5deep
@@ -384,7 +351,6 @@
     SUBDIR += modsecurity3-nginx
     SUBDIR += monkeysphere
     SUBDIR += munge
-    SUBDIR += mussh
     SUBDIR += n2n
     SUBDIR += ncrack
     SUBDIR += ncrypt
@@ -442,7 +408,6 @@
     SUBDIR += openvpn-auth-radius
     SUBDIR += openvpn-auth-script
     SUBDIR += openvpn-devel
-    SUBDIR += openvpn-mbedtls
     SUBDIR += ophcrack
     SUBDIR += ossec-hids
     SUBDIR += ossec-hids-agent
@@ -453,7 +418,6 @@
     SUBDIR += ossec-hids-server-config
     SUBDIR += osslsigncode
     SUBDIR += otpw
-    SUBDIR += outguess
     SUBDIR += owasp-dependency-check
     SUBDIR += p11-kit
     SUBDIR += p5-Alt-Crypt-RSA-BigInt
@@ -754,7 +718,6 @@
     SUBDIR += passh
     SUBDIR += passivedns
     SUBDIR += pbc
-    SUBDIR += pbnj
     SUBDIR += pcsc-tools
     SUBDIR += pdfcrack
     SUBDIR += pear-Auth
@@ -809,7 +772,6 @@
     SUBDIR += php80-sodium
     SUBDIR += php81-filter
     SUBDIR += php81-sodium
-    SUBDIR += phpsecinfo
     SUBDIR += picocrypt
     SUBDIR += picosha2
     SUBDIR += pidgin-encryption
@@ -830,19 +792,16 @@
     SUBDIR += pkcs11-tools
     SUBDIR += pkesh
     SUBDIR += pks
-    SUBDIR += pktsuckers
     SUBDIR += plasma5-kscreenlocker
     SUBDIR += plasma5-ksshaskpass
     SUBDIR += plasma5-kwallet-pam
     SUBDIR += please
     SUBDIR += poly1305aes
     SUBDIR += portsentry
-    SUBDIR += ppars
     SUBDIR += proftpd-mod_clamav
     SUBDIR += protonvpn-cli
     SUBDIR += proxycheck
     SUBDIR += proxytunnel
-    SUBDIR += pscan
     SUBDIR += pssh
     SUBDIR += pulledpork
     SUBDIR += pure-sfv
@@ -1039,27 +998,13 @@
     SUBDIR += qtkeychain
     SUBDIR += quantis-kmod
     SUBDIR += racoon2
-    SUBDIR += radamsa
     SUBDIR += ratproxy
     SUBDIR += rats
     SUBDIR += razorback-api
-    SUBDIR += razorback-archiveInflate
-    SUBDIR += razorback-clamavNugget
-    SUBDIR += razorback-fileInject
-    SUBDIR += razorback-fsMonitor
-    SUBDIR += razorback-fsWalk
     SUBDIR += razorback-masterNugget
-    SUBDIR += razorback-officeCat
-    SUBDIR += razorback-pdfFox
-    SUBDIR += razorback-scriptNugget
-    SUBDIR += razorback-swfScanner
     SUBDIR += razorback-syslogNugget
-    SUBDIR += razorback-virusTotal
-    SUBDIR += razorback-yaraNugget
     SUBDIR += rcracki_mt
     SUBDIR += reop
-    SUBDIR += retranslator
-    SUBDIR += revealrk
     SUBDIR += rhash
     SUBDIR += ridl
     SUBDIR += rifiuti2
@@ -1197,7 +1142,6 @@
     SUBDIR += sancp
     SUBDIR += sasp
     SUBDIR += scanlogd
-    SUBDIR += scanssh
     SUBDIR += scrypt
     SUBDIR += seahorse
     SUBDIR += seal
@@ -1208,23 +1152,16 @@
     SUBDIR += sedutil
     SUBDIR += sequoia
     SUBDIR += setaudit
-    SUBDIR += sha
     SUBDIR += sha1collisiondetection
     SUBDIR += sha2wordlist
     SUBDIR += shibboleth-sp
-    SUBDIR += shimmer
     SUBDIR += shishi
-    SUBDIR += shttpscanner
     SUBDIR += sig2dot
     SUBDIR += signify
     SUBDIR += signing-party
     SUBDIR += silktools
     SUBDIR += sks
-    SUBDIR += slurpie
-    SUBDIR += slush
-    SUBDIR += smtpscan
     SUBDIR += smurflog
-    SUBDIR += sniff
     SUBDIR += snoopy
     SUBDIR += snort
     SUBDIR += snort-rep
@@ -1244,7 +1181,6 @@
     SUBDIR += spass-qt5
     SUBDIR += spectre-meltdown-checker
     SUBDIR += spm
-    SUBDIR += spybye
     SUBDIR += sqlmap
     SUBDIR += sqlninja
     SUBDIR += srm
@@ -1259,9 +1195,7 @@
     SUBDIR += ssllabs-scan
     SUBDIR += sslproxy
     SUBDIR += sslscan
-    SUBDIR += sslsniffer
     SUBDIR += sslsplit
-    SUBDIR += sslwrap
     SUBDIR += sssd
     SUBDIR += ssss
     SUBDIR += sst
@@ -1271,9 +1205,7 @@
     SUBDIR += step-certificates
     SUBDIR += step-cli
     SUBDIR += stoken
-    SUBDIR += strobe
     SUBDIR += strongswan
-    SUBDIR += stud
     SUBDIR += stunnel
     SUBDIR += subversion-gnome-keyring
     SUBDIR += sudo
@@ -1281,7 +1213,6 @@
     SUBDIR += super
     SUBDIR += suricata
     SUBDIR += swatchdog
-    SUBDIR += symbion-sslproxy
     SUBDIR += tailscale
     SUBDIR += tang
     SUBDIR += tclsasl
@@ -1294,7 +1225,6 @@
     SUBDIR += tinc-devel
     SUBDIR += tinyca
     SUBDIR += tls-check
-    SUBDIR += tlswrap
     SUBDIR += tor
     SUBDIR += tor-devel
     SUBDIR += totp-cli
@@ -1303,25 +1233,20 @@
     SUBDIR += tpm2-tools
     SUBDIR += tpm2-tss
     SUBDIR += trezord
-    SUBDIR += trinokiller
     SUBDIR += tripwire
-    SUBDIR += tripwire-131
     SUBDIR += trousers
     SUBDIR += tthsum
     SUBDIR += u2f-devd
     SUBDIR += uacme
     SUBDIR += ubuntu-keyring
     SUBDIR += unhide
-    SUBDIR += unicornscan
     SUBDIR += vanguards-tor
     SUBDIR += vault
     SUBDIR += vaultwarden
     SUBDIR += veracrypt
     SUBDIR += vigenere
-    SUBDIR += vinetto
     SUBDIR += vlock
     SUBDIR += vm-to-tor
-    SUBDIR += vnccrack
     SUBDIR += vouch-proxy
     SUBDIR += vpnc
     SUBDIR += vuls
@@ -1330,7 +1255,6 @@
     SUBDIR += wapiti
     SUBDIR += wazuh-agent
     SUBDIR += webfwlog
-    SUBDIR += webscarab
     SUBDIR += weggli
     SUBDIR += whatweb
     SUBDIR += wipe
@@ -1357,7 +1281,6 @@
     SUBDIR += yubikey-personalization-gui
     SUBDIR += yubioath-desktop
     SUBDIR += zaproxy
-    SUBDIR += zebedee
     SUBDIR += zeek
     SUBDIR += zeronet
     SUBDIR += zxid
diff --git a/security/afl/Makefile b/security/afl/Makefile
deleted file mode 100644
index 76554e4ebb44..000000000000
--- a/security/afl/Makefile
+++ /dev/null
@@ -1,92 +0,0 @@
-# Created by: Fabian Keil <fk@fabiankeil.de>
-
-PORTNAME=	afl
-PORTVERSION=	2.52
-DISTVERSIONSUFFIX=	b
-PORTREVISION=	4
-CATEGORIES=	security
-MASTER_SITES=	http://lcamtuf.coredump.cx/afl/releases/
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Fast instrumented fuzzer
-
-LICENSE=	APACHE20
-LICENSE_FILE=	${WRKSRC}/docs/COPYING
-
-DEPRECATED=	Abandoned upstream, no new release since 2017. Please consider using security/afl++ instead
-EXPIRATION_DATE=2022-03-31
-
-# In theory afl supports other architectures with the LLVM plugin.
-# It has to be compiled with AFL_NO_X86=1 in that case.
-ONLY_FOR_ARCHS=	amd64 i386
-ONLY_FOR_ARCHS_REASON=	uses binary instrumentation
-
-USES=		gmake tar:tgz
-
-ALL_TARGET=	all libdislocator
-TEST_TARGET=	test_build
-
-OPTIONS_DEFINE=		DEBUG DOCS LLVM
-OPTIONS_DEFAULT=	LLVM
-OPTIONS_SUB=		yes
-
-LLVM_DESC=	LLVM-based instrumentation
-
-LLVM_BUILD_DEPENDS=	clang${LLVM_DEFAULT}:devel/llvm${LLVM_DEFAULT}
-LLVM_RUN_DEPENDS=	clang${LLVM_DEFAULT}:devel/llvm${LLVM_DEFAULT}
-LLVM_MAKE_ARGS=		LLVM_CONFIG=llvm-config${LLVM_DEFAULT}
-LLVM_ALL_TARGET=	llvm_mode
-LLVM_TEST_TARGET=	test_llvm_mode
-LLVM_VARS=		CC=clang${LLVM_DEFAULT} \
-			CXX=clang++${LLVM_DEFAULT}
-
-.include <bsd.port.options.mk>
-
-.if ${LLVM_DEFAULT:C/[1-5]./&0/:S,-devel,990,} >= 90
-LLVM_DEFAULT=	80
-.endif
-
-.if ${ARCH} == "i386"
-# Clang i386 emits .cfi_sections which base as(1) doesn't understand
-BUILD_DEPENDS+=	${LOCALBASE}/bin/as:devel/binutils
-RUN_DEPENDS+=	${LOCALBASE}/bin/as:devel/binutils
-.endif
-
-post-patch:
-# Disable the instrumentation tests to make sure building packages in
-# jails works by default.  afl needs shmget() which usually isn't
-# available in jails.
-	@${REINPLACE_CMD} 's@^\(all.*\) test_build@\1@' \
-		${WRKSRC}/Makefile ${WRKSRC}/llvm_mode/Makefile
-.if ${ARCH} == "i386"
-	@${REINPLACE_CMD} 's@\(  as_params\[0\] = afl_as ? afl_as : \)\(.*\)@\1(u8*)"${LOCALBASE}/bin/as";@' \
-		${WRKSRC}/afl-as.c
-.endif
-	@${CAT} ${FILESDIR}/Makefile.extra >> ${WRKSRC}/Makefile
-
-post-patch-LLVM-on:
-	@${REINPLACE_CMD} \
-		-e 's|"clang"|"clang${LLVM_DEFAULT}"|g' \
-		-e 's|"clang\+\+"|"clang\+\+${LLVM_DEFAULT}"|g' \
-		${WRKSRC}/llvm_mode/afl-clang-fast.c
-
-post-install:
-.for script in afl-cmin afl-plot afl-whatsup
-	${INSTALL_SCRIPT} ${WRKSRC}/${script} ${STAGEDIR}${PREFIX}/bin
-.endfor
-	@${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/afl/afl-as
-.for prog in afl-analyze afl-fuzz afl-gcc afl-gotcpu afl-showmap afl-tmin
-	@${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/${prog}
-.endfor
-	${INSTALL_LIB} ${WRKSRC}/libdislocator/libdislocator.so \
-		${STAGEDIR}${PREFIX}/lib/afl
-	${INSTALL_DATA} ${WRKSRC}/libdislocator/README.dislocator \
-		${STAGEDIR}${DOCSDIR}
-
-post-install-LLVM-on:
-	@${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/afl/afl-llvm-pass.so
-	@${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/afl-clang-fast
-	${INSTALL_DATA} ${WRKSRC}/llvm_mode/README.llvm \
-		${STAGEDIR}${DOCSDIR}
-
-.include <bsd.port.mk>
diff --git a/security/afl/distinfo b/security/afl/distinfo
deleted file mode 100644
index 14343c5af84c..000000000000
--- a/security/afl/distinfo
+++ /dev/null
@@ -1,3 +0,0 @@
-TIMESTAMP = 1510063235
-SHA256 (afl-2.52b.tgz) = 43614b4b91c014d39ef086c5cc84ff5f068010c264c2c05bf199df60898ce045
-SIZE (afl-2.52b.tgz) = 835907
diff --git a/security/afl/files/Makefile.extra b/security/afl/files/Makefile.extra
deleted file mode 100644
index b8664858dc50..000000000000
--- a/security/afl/files/Makefile.extra
+++ /dev/null
@@ -1,10 +0,0 @@
-.PHONY: libdislocator llvm_mode test_llvm_mode
-
-libdislocator:
-	$(MAKE) -C libdislocator
-	
-llvm_mode:
-	$(MAKE) -C llvm_mode
-
-test_llvm_mode:
-	$(MAKE) -C llvm_mode test_build
diff --git a/security/afl/pkg-descr b/security/afl/pkg-descr
deleted file mode 100644
index b3ecc30f65e0..000000000000
--- a/security/afl/pkg-descr
+++ /dev/null
@@ -1,7 +0,0 @@
-American fuzzy lop is a fuzzer that employs a novel type of compile-time
-instrumentation and genetic algorithms to automatically discover clean,
-interesting test cases that trigger new internal states in the targeted
-binary. This substantially improves the functional coverage for the
-fuzzed code.
-
-WWW: http://lcamtuf.coredump.cx/afl/
diff --git a/security/afl/pkg-plist b/security/afl/pkg-plist
deleted file mode 100644
index 3f19f4ab60e7..000000000000
--- a/security/afl/pkg-plist
+++ /dev/null
@@ -1,87 +0,0 @@
-bin/afl-analyze
-bin/afl-clang
-bin/afl-clang++
-%%LLVM%%bin/afl-clang-fast
-%%LLVM%%bin/afl-clang-fast++
-bin/afl-cmin
-bin/afl-fuzz
-bin/afl-g++
-bin/afl-gcc
-bin/afl-gotcpu
-bin/afl-plot
-bin/afl-showmap
-bin/afl-tmin
-bin/afl-whatsup
-lib/afl/afl-as
-%%LLVM%%lib/afl/afl-llvm-pass.so
-%%LLVM%%lib/afl/afl-llvm-rt-32.o
-%%LLVM%%lib/afl/afl-llvm-rt-64.o
-%%LLVM%%lib/afl/afl-llvm-rt.o
-lib/afl/as
-lib/afl/libdislocator.so
-%%DATADIR%%/README.dictionaries
-%%DATADIR%%/README.testcases
-%%DATADIR%%/archives/common/ar/small_archive.a
-%%DATADIR%%/archives/common/bzip2/small_archive.bz2
-%%DATADIR%%/archives/common/cab/small_archive.cab
-%%DATADIR%%/archives/common/compress/small_archive.Z
-%%DATADIR%%/archives/common/cpio/small_archive.cpio
-%%DATADIR%%/archives/common/gzip/small_archive.gz
-%%DATADIR%%/archives/common/lzo/small_archive.lzo
-%%DATADIR%%/archives/common/rar/small_archive.rar
-%%DATADIR%%/archives/common/tar/small_archive.tar
-%%DATADIR%%/archives/common/xz/small_archive.xz
-%%DATADIR%%/archives/common/zip/small_archive.zip
-%%DATADIR%%/archives/exotic/arj/small_archive.arj
-%%DATADIR%%/archives/exotic/lha/small_archive.lha
-%%DATADIR%%/archives/exotic/lrzip/small_archive.lrz
-%%DATADIR%%/archives/exotic/lzip/small_archive.lz
-%%DATADIR%%/archives/exotic/lzma/small_archive.lzma
-%%DATADIR%%/archives/exotic/rzip/small_archive.rz
-%%DATADIR%%/archives/exotic/zoo/small_archive.zoo
-%%DATADIR%%/gif.dict
-%%DATADIR%%/html_tags.dict
-%%DATADIR%%/images/bmp/not_kitty.bmp
-%%DATADIR%%/images/gif/not_kitty.gif
-%%DATADIR%%/images/ico/not_kitty.ico
-%%DATADIR%%/images/jp2/not_kitty.jp2
-%%DATADIR%%/images/jpeg/not_kitty.jpg
-%%DATADIR%%/images/jxr/not_kitty.jxr
-%%DATADIR%%/images/png/not_kitty.png
-%%DATADIR%%/images/png/not_kitty_alpha.png
-%%DATADIR%%/images/png/not_kitty_gamma.png
-%%DATADIR%%/images/png/not_kitty_icc.png
-%%DATADIR%%/images/tiff/not_kitty.tiff
-%%DATADIR%%/images/webp/not_kitty.webp
-%%DATADIR%%/jpeg.dict
-%%DATADIR%%/js.dict
-%%DATADIR%%/json.dict
-%%DATADIR%%/multimedia/h264/small_movie.mp4
-%%DATADIR%%/others/elf/small_exec.elf
-%%DATADIR%%/others/js/small_script.js
-%%DATADIR%%/others/pcap/small_capture.pcap
-%%DATADIR%%/others/pdf/small.pdf
-%%DATADIR%%/others/rtf/small_document.rtf
-%%DATADIR%%/others/sql/simple_queries.sql
-%%DATADIR%%/others/text/hello_world.txt
-%%DATADIR%%/others/xml/small_document.xml
-%%DATADIR%%/pdf.dict
-%%DATADIR%%/png.dict
-%%DATADIR%%/sql.dict
-%%DATADIR%%/tiff.dict
-%%DATADIR%%/webp.dict
-%%DATADIR%%/xml.dict
-%%PORTDOCS%%%%DOCSDIR%%/ChangeLog
-%%PORTDOCS%%%%DOCSDIR%%/QuickStartGuide.txt
-%%PORTDOCS%%%%DOCSDIR%%/README
-%%PORTDOCS%%%%DOCSDIR%%/README.dislocator
-%%LLVM%%%%PORTDOCS%%%%DOCSDIR%%/README.llvm
-%%PORTDOCS%%%%DOCSDIR%%/env_variables.txt
-%%PORTDOCS%%%%DOCSDIR%%/historical_notes.txt
-%%PORTDOCS%%%%DOCSDIR%%/life_pro_tips.txt
-%%PORTDOCS%%%%DOCSDIR%%/notes_for_asan.txt
-%%PORTDOCS%%%%DOCSDIR%%/parallel_fuzzing.txt
-%%PORTDOCS%%%%DOCSDIR%%/perf_tips.txt
-%%PORTDOCS%%%%DOCSDIR%%/sister_projects.txt
-%%PORTDOCS%%%%DOCSDIR%%/status_screen.txt
-%%PORTDOCS%%%%DOCSDIR%%/technical_details.txt
diff --git a/security/amap/Makefile b/security/amap/Makefile
deleted file mode 100644
index 60ae2954c64d..000000000000
--- a/security/amap/Makefile
+++ /dev/null
@@ -1,66 +0,0 @@
-# Created by: Yonatan <onatan@gmail.com>
-
-PORTNAME=	amap
-PORTVERSION=	5.4
-CATEGORIES=	security
-MASTER_SITES=	PACKETSTORM/groups/thc
-
-MAINTAINER=	onatan@gmail.com
-COMMENT=	Application mapper
-
-LICENSE=	AMAP GPLv2
-LICENSE_COMB=	multi
-LICENSE_NAME_AMAP=	amap license
-LICENSE_FILE_AMAP=	${WRKSRC}/LICENCE.AMAP
-LICENSE_FILE_GPLv2=	${WRKSRC}/LICENSE.GNU
-LICENSE_PERMS_AMAP=	dist-mirror dist-sell pkg-mirror pkg-sell
-
-DEPRECATED=	Abandoned upstream, no new release for 10+ years. Please consider using security/nmap or security/rustscan
-EXPIRATION_DATE=2022-03-31
-
-USES=		ssl
-HAS_CONFIGURE=	yes
-CONFIGURE_ARGS=	--prefix=${PREFIX}
-CONFIGURE_ENV=	SSL_PATH=${OPENSSLLIB} \
-		CRYPTO_PATH=${OPENSSLLIB} \
-		SSL_IPATH=${OPENSSLINC}
-
-MAKE_JOBS_UNSAFE=	yes
-
-OPTIONS_DEFINE=	DOCS
-PORTDOCS=	README TODO CHANGES AMAP-LIB-INTERFACE
-
-LOCAL_CONF_FILES=	appdefs.resp appdefs.rpc appdefs.trig
-
-post-patch:
-	@${REINPLACE_CMD} -e \
-		's|/usr/local|${LOCALBASE}|g; \
-		 s|\(-DAMAP_PREFIX\)=\(\$$PREFIX\)|\1=\\\\\\"\2\\\\\\"|' \
-		${WRKSRC}/configure
-	@${REINPLACE_CMD} -e 's|-O2|${CFLAGS}|; s|^CC=.*||' \
-		${WRKSRC}/Makefile.am
-	@${REINPLACE_CMD} -e 's|etc/|etc/amap/|g' ${WRKSRC}/amap-lib.c
-
-do-install:
-	${INSTALL_PROGRAM} ${WRKSRC}/amap ${STAGEDIR}${PREFIX}/bin
-	${LN} -s amap ${STAGEDIR}${PREFIX}/bin/amap6
-	${INSTALL_PROGRAM} ${WRKSRC}/amapcrap ${STAGEDIR}${PREFIX}/bin
-	${MKDIR} ${STAGEDIR}${PREFIX}/lib/${PORTNAME}
-	${INSTALL_DATA} ${WRKSRC}/amap-lib.o ${STAGEDIR}${PREFIX}/lib/${PORTNAME}
-	${MKDIR} ${STAGEDIR}${PREFIX}/include/${PORTNAME}
-.for i in amap.h amap-inc.h amap-lib.h
-		${INSTALL_DATA} ${WRKSRC}/${i} ${STAGEDIR}${PREFIX}/include/${PORTNAME}
-.endfor
-	${MKDIR} ${STAGEDIR}${ETCDIR}
-.for i in ${LOCAL_CONF_FILES}
-		${INSTALL_DATA} ${WRKSRC}/${i} ${STAGEDIR}${ETCDIR}/${i}.sample
-.endfor
-	${INSTALL_MAN} ${WRKSRC}/amap.1 ${STAGEDIR}${MANPREFIX}/man/man1
-
-do-install-DOCS-on:
-	${MKDIR} ${STAGEDIR}${DOCSDIR}
-.for i in ${PORTDOCS}
-		${INSTALL_DATA} ${WRKSRC}/$i ${STAGEDIR}${DOCSDIR}
-.endfor
-
-.include <bsd.port.mk>
diff --git a/security/amap/distinfo b/security/amap/distinfo
deleted file mode 100644
index 8f428e18f5b6..000000000000
--- a/security/amap/distinfo
+++ /dev/null
@@ -1,3 +0,0 @@
-TIMESTAMP = 1473776829
-SHA256 (amap-5.4.tar.gz) = a75ea58de75034de6b10b0de0065ec88e32f9e9af11c7d69edbffc4da9a5b059
-SIZE (amap-5.4.tar.gz) = 263331
diff --git a/security/amap/files/patch-amap-lib.c b/security/amap/files/patch-amap-lib.c
deleted file mode 100644
index 4741dd2bce84..000000000000
--- a/security/amap/files/patch-amap-lib.c
+++ /dev/null
@@ -1,60 +0,0 @@
---- amap-lib.c.orig	2011-04-20 15:10:17 UTC
-+++ amap-lib.c
-@@ -125,10 +125,8 @@ int amap_webupdate_file(char *webfile, c
-   int len = strlen("http://");
-   int wlen = strlen(webfile);
-   int port = 80, s, result = 1, datalen = 0, version = -1, fck;
--int xx = 0;
-   unsigned long int ip;
-   time_t epoch;
--  struct in_addr in;
-   struct hostent *target;
-   struct sockaddr_in addr;
-   struct tm *the_time;
-@@ -404,8 +402,8 @@ amap_struct_triggers *read_file_triggers
-   char *ptr;
-   char *only_trigger = NULL;
-   int i;
--  int a;
--  int b;
-+  int a = 0;
-+  int b = 0;
-   int count;
-   int count_triggers = 0;
- 
-@@ -577,7 +575,7 @@ amap_struct_responses *read_file_respons
-   char *proto;
-   char *length;
-   char *string;
--  char *ptr;
-+  char *ptr = NULL;
-   int errptr;
-   int i;
-   int count;
-@@ -740,7 +738,7 @@ amap_struct_targets *read_file_nmap(char
-   char *portinfo;
-   char *proto;
-   char *ptr;
--  int ip_prot;
-+  int ip_prot = 0;
-   int count = 0;
- 
-   f = amap_open_file(filename, "nmap", "", opt->verbose);
-@@ -1613,7 +1611,7 @@ int amap_scan(int scanmode, amap_struct_
-   amap_struct_targets *target = (amap_struct_targets*) targets;
-   amap_struct_ports *port;
-   amap_struct_identifications *ids;
--  amap_struct_identifications *ids_save;
-+  amap_struct_identifications *ids_save = NULL;
-   amap_struct_coms coms[AMAP_MAX_TASKS];
-   amap_struct_scaninfo scaninfo;
- //  struct sockaddr_in target_in;
-@@ -1621,7 +1619,7 @@ int amap_scan(int scanmode, amap_struct_
-   char *rpc_ptr = NULL;
-   int todo = 0;
-   int ready_for_next;
--  int i;
-+  int i = 0;
-   int ii;
-   int s;
-   int ret;
diff --git a/security/amap/files/patch-configure b/security/amap/files/patch-configure
deleted file mode 100644
index 88889d20ed1c..000000000000
--- a/security/amap/files/patch-configure
+++ /dev/null
@@ -1,27 +0,0 @@
---- configure.orig	2005-06-03 13:34:19 UTC
-+++ configure
-@@ -22,14 +22,11 @@ echo
- echo "Starting amap auto configuration ..."
- rm -f Makefile.in
- PREFIX=""
--SSL_PATH=""
--SSL_IPATH=""
--CRYPTO_PATH=""
- NSL_PATH=""
- SOCKET_PATH=""
- MANDIR=""
- LIBDIRS=`cat /etc/ld.so.conf 2> /dev/null`
--PREFIX=`echo "$1"|grep prefix=|sed 's/.*prefix=//i'`
-+PREFIX=`echo "$1"|grep prefix=|sed 's/.*prefix=//'`
- echo
- 
- echo "Checking for openssl ..."
-@@ -80,7 +77,7 @@ if [ "X" = "X$SSL_IPATH" ]; then
-     CRYPTO_PATH=""
- fi
- if [ -n "$SSL_PATH" ]; then
--    echo "                     ... found"
-+    echo "                     ... found: $SSL_PATH"
- fi
- if [ "X" = "X$SSL_PATH" ]; then
-     echo "                     ... NOT found, SSL support disabled"
diff --git a/security/amap/files/patch-pcre-3.9_chartables.c b/security/amap/files/patch-pcre-3.9_chartables.c
deleted file mode 100644
index 80a040e588bc..000000000000
--- a/security/amap/files/patch-pcre-3.9_chartables.c
+++ /dev/null
@@ -1,11 +0,0 @@
---- pcre-3.9/chartables.c.orig	2011-04-20 15:10:17 UTC
-+++ pcre-3.9/chartables.c
-@@ -10,7 +10,7 @@ This file is #included in the compilatio
- character tables which are used when no tables are passed to the compile
- function. */
- 
--static unsigned char pcre_default_tables[] = {
-+unsigned char pcre_default_tables[] = {
- 
- /* This table is a lower casing table. */
- 
diff --git a/security/amap/pkg-descr b/security/amap/pkg-descr
deleted file mode 100644
index b64f835f6156..000000000000
--- a/security/amap/pkg-descr
+++ /dev/null
@@ -1,5 +0,0 @@
-Amap is a next-generation scanning tool, it identifies applications
-and services even if they are not listening to the default port
-by creating a bogus-communication.
-
-WWW: http://thc.org/thc-amap/
diff --git a/security/amap/pkg-plist b/security/amap/pkg-plist
deleted file mode 100644
index e2e6bd57f00f..000000000000
--- a/security/amap/pkg-plist
+++ /dev/null
@@ -1,11 +0,0 @@
-bin/amap
-bin/amap6
-bin/amapcrap
-@sample %%ETCDIR%%/appdefs.resp.sample
-@sample %%ETCDIR%%/appdefs.rpc.sample
-@sample %%ETCDIR%%/appdefs.trig.sample
-include/amap/amap.h
-include/amap/amap-inc.h
-include/amap/amap-lib.h
-lib/amap/amap-lib.o
-man/man1/amap.1.gz
diff --git a/security/amavis-stats/Makefile b/security/amavis-stats/Makefile
deleted file mode 100644
index c47905623fe4..000000000000
--- a/security/amavis-stats/Makefile
+++ /dev/null
@@ -1,51 +0,0 @@
-# Created by: Mantas Kaulakys <stone@tainet.lt>
-
-PORTNAME=	amavis-stats
-PORTVERSION=	0.1.12
-PORTREVISION=	5
-CATEGORIES=	security
-MASTER_SITES=	LOCAL/feld
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Simple AMaViS statistics generator based on rrdtool
-
-DEPRECATED=	Abandoned, upstream is dead and last release was back in 2005
-EXPIRATION_DATE=2022-03-31
-
-RUN_DEPENDS=	rrdtool>=0:databases/rrdtool
-
-USES=		perl5 php shebangfix
-USE_PERL5=	run
-SHEBANG_FILES=	amavis-stats
-perl_CMD=	${PERL} -w
-USE_PHP=	pcre
-
-NO_BUILD=	yes
-NO_ARCH=	yes
-
-PORTDOCS=	README
-
-AMAVISUSER?=	amavis
-AMAVISGROUP?=	amavis
-USERS=		${AMAVISUSER}
-GROUPS=		${AMAVISGROUP}
-PLIST_SUB+=	WWWOWN=${WWWOWN} WWWGRP=${WWWGRP} USERS=${USERS} GROUPS=${GROUPS}
-
-SUB_FILES=	pkg-message
-
-OPTIONS_DEFINE=	DOCS
-
-do-install:
-	${INSTALL_SCRIPT} ${WRKSRC}/amavis-stats ${STAGEDIR}${PREFIX}/sbin
-	${INSTALL_MAN} ${WRKSRC}/amavis-stats.1 ${STAGEDIR}${MAN1PREFIX}/man/man1
-	${MKDIR} ${STAGEDIR}${PREFIX}/www/amavis-stats
-	${MKDIR} ${STAGEDIR}${PREFIX}/www/amavis-stats/img
-	${TOUCH} ${STAGEDIR}${PREFIX}/www/amavis-stats/img/.keep
-	${INSTALL_DATA} ${WRKSRC}/amavis-stats.php ${STAGEDIR}${PREFIX}/www/amavis-stats
-	cd ${STAGEDIR}${PREFIX}/www/amavis-stats && ${LN} -s amavis-stats.php index.php
-
-do-install-DOCS-on:
-	${MKDIR} ${STAGEDIR}${DOCSDIR}
-	${INSTALL_DATA} ${WRKSRC}/${PORTDOCS} ${STAGEDIR}${DOCSDIR}
-
-.include <bsd.port.mk>
diff --git a/security/amavis-stats/distinfo b/security/amavis-stats/distinfo
deleted file mode 100644
index dadd9f459cc4..000000000000
--- a/security/amavis-stats/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (amavis-stats-0.1.12.tar.gz) = 0c802f43a0107cd094c422c9771133bef6d4a2b36e5676ed7d02f2e91787be1b
-SIZE (amavis-stats-0.1.12.tar.gz) = 60626
diff --git a/security/amavis-stats/files/patch-amavis-stats b/security/amavis-stats/files/patch-amavis-stats
deleted file mode 100644
index 3af94925c0ac..000000000000
--- a/security/amavis-stats/files/patch-amavis-stats
+++ /dev/null
@@ -1,80 +0,0 @@
---- amavis-stats.orig	Sat Mar 27 23:25:27 2004
-+++ amavis-stats	Mon Jul 10 22:55:19 2006
-@@ -28,6 +28,7 @@
- # ########################################################################
- use strict;
- use warnings;
-+use diagnostics;
- use Getopt::Std;
- use Time::localtime;
- use Time::Local;
-@@ -83,8 +84,8 @@
- $version   = "0.1.12"; # this value is auto-updated by packing system
- $pkg       = "amavis-stats";
- $locale    = "C";
--$lockfile  = "/var/lock/$pkg";
--$statedir  = "/var/lib/$pkg";
-+$lockfile  = "/var/tmp/$pkg";
-+$statedir  = "/usr/local/www/$pkg";
- $statefile = "$statedir/$pkg.state"; # last read position of the logfile
- $namesfile = "$statedir/$pkg.names"; # stores the virus name to id mappings
- $countfile = "$statedir/$pkg.count"; # per virus totals
-@@ -212,7 +213,7 @@
- sub semlock {
-     open (LOCKF, ">$lockfile") or do_exit(1, "Could not open $lockfile: $!");
-     unless (flock(LOCKF, LOCK_EX | LOCK_NB)) {
--        err("warning: Could not lock $lockfile: $!");
-+        print_err("warning: Could not lock $lockfile: $!");
-         sleep 2;
-         unless (flock(LOCKF, LOCK_EX | LOCK_NB)) {
-             do_exit(1, "Could not lock $lockfile: $!");
-@@ -680,8 +681,8 @@
-     if (defined($rotlogfile)) {
-         parseFile ($rotlogfile, $spos, (stat $rotlogfile)[7]);
-     } else {
--        err("Could not open rotated logfile.");
--        err("  Tried extentions .0, .1, .01, -$today, -$yesterday");
-+        print_err("Could not open rotated logfile.");
-+        print_err("  Tried extentions .0, .1, .01, -$today, -$yesterday");
-         do_exit(1);
-     }
- }
-@@ -707,7 +708,7 @@
- 
-     my $err = RRDs::error;
-     if ($err) {
--        err("createRRD: $err");
-+        print_err("createRRD: $err");
-         return -1;
-     }
- 
-@@ -736,7 +737,7 @@
-     $last = RRDs::last($rrdfile);
-     $err = RRDs::error;
-     if ($err) {
--        err("updateRRD: $err");
-+        print_err("updateRRD: $err");
-         return -1;
-     }
- 
-@@ -750,8 +751,8 @@
- 
-         $err = RRDs::error;
-         if ($err) {
--            err("updateRRD: $err");
--            err("Attempted to update $rrdfile at $epoch count $count");
-+            print_err("updateRRD: $err");
-+            print_err("Attempted to update $rrdfile at $epoch count $count");
-             return -1;
-         }
-     }
-@@ -769,7 +770,8 @@
-     print "$me: @_\n" if ($verbose);
- }
- 
--sub err {
-+sub print_err
-+{
-     print STDERR "$me: error: @_\n";
- }
- 
diff --git a/security/amavis-stats/files/patch-amavis-stats.php b/security/amavis-stats/files/patch-amavis-stats.php
deleted file mode 100644
index 52386d7b543f..000000000000
--- a/security/amavis-stats/files/patch-amavis-stats.php
+++ /dev/null
@@ -1,11 +0,0 @@
---- amavis-stats.php.orig      Sat Mar 27 17:25:27 2004
-+++ amavis-stats.php   Sun Jun  6 01:21:35 2004
-@@ -286,7 +286,7 @@
- function asLoadStats () {
-     global $as_libdir, $virus, $pid, $psid, $iid, $bid,$nid,$nsid, $lastupdate, $maxi;
-
--    $as_libdir    = "/var/lib/amavis-stats";
-+    $as_libdir    = "/usr/local/www/amavis-stats";
-     $as_statefile = $as_libdir . "/amavis-stats.state";
-     $as_namefile  = $as_libdir . "/amavis-stats.names";
-     $as_seenfile  = $as_libdir . "/amavis-stats.seen";
diff --git a/security/amavis-stats/files/pkg-message.in b/security/amavis-stats/files/pkg-message.in
deleted file mode 100644
index 20fb5bc1b78c..000000000000
--- a/security/amavis-stats/files/pkg-message.in
+++ /dev/null
@@ -1,18 +0,0 @@
-[
-{ type: install
-  message: <<EOM
-To view the statistics via you browser you must:
-create a symlink, like:
-cd /usr/local/www/data ; ln -s ../amavis-stats amavis-stats
-
-or modify your Apache httpd.conf including this line:
-Alias /amavis-stats %%PREFIX%%/www/amavis-stats
-
-You can view then the statistics in http://your-site/amavis-stats
-
-To update the statistics every 5 minutes, you also
-can setup cronjob for amavis-stats by putting this line to /etc/crontab
-*/5 * * * * amavis %%PREFIX%%/sbin/amavis-stats /var/log/maillog 2>&1 > /dev/null
-EOM
-}
-]
diff --git a/security/amavis-stats/pkg-descr b/security/amavis-stats/pkg-descr
deleted file mode 100644
index a314d6498cd4..000000000000
--- a/security/amavis-stats/pkg-descr
+++ /dev/null
@@ -1,7 +0,0 @@
-amavis-stats is a simple AMaViS statistics generator based on rrdtool.
-It produces graphs of clean emails, spam emails and infected emails
-broken down by virus, from amavis log entries. RRD files are created
-and updated by a perl script run from cron. Graphs are generated by
-a php script and viewed with a web browser.
-
-WWW: http://rekudos.net/amavis-stats/
diff --git a/security/amavis-stats/pkg-plist b/security/amavis-stats/pkg-plist
deleted file mode 100644
index 576eedd9864c..000000000000
--- a/security/amavis-stats/pkg-plist
+++ /dev/null
@@ -1,7 +0,0 @@
-man/man1/amavis-stats.1.gz
-sbin/amavis-stats
-@(%%USERS%%,%%GROUPS%%,) www/amavis-stats/index.php
-@(%%USERS%%,%%GROUPS%%,) www/amavis-stats/amavis-stats.php
-@(%%USERS%%,%%GROUPS%%,) www/amavis-stats/img/.keep
-@dir(%%WWWOWN%%,%%WWWGRP%%,) www/amavis-stats/img
-@dir(%%USERS%%,%%GROUPS%%,) www/amavis-stats
diff --git a/security/arirang/Makefile b/security/arirang/Makefile
deleted file mode 100644
index 025c1aaa461c..000000000000
--- a/security/arirang/Makefile
+++ /dev/null
@@ -1,44 +0,0 @@
-# Created by: Roman Shterenzon <roman@xpert.com>
-
-PORTNAME=	arirang
-PORTVERSION=	2.03
-PORTREVISION=	1
-PORTEPOCH=	1
-CATEGORIES=	security www
-MASTER_SITES=	http://monkey.org/~pilot/arirang/
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Powerful webserver security scanner for network
-
-LICENSE=	BSD3CLAUSE
-
-DEPRECATED=	Abandoned upstream and last release was back in 2011
-EXPIRATION_DATE=2022-03-31
-
-LIB_DEPENDS=	libruby${RUBY_SHLIBVER}.so:${RUBY_PORT}
-
-USES=		compiler:c11 ssl
-USE_RUBY=	yes
-USE_RUBY_EXTCONF=	yes
-
-CFLAGS+=	-fdeclspec
-CFLAGS+=	-I${LOCALBASE}/include/ruby-${RUBY_VER} -I${LOCALBASE}/include/ruby-${RUBY_VER}/${RUBY_ARCH}
-CFLAGS+=	-DRUBY_19
-
-.include <bsd.port.pre.mk>
-
-.if ${SSL_DEFAULT} != base
-CFLAGS+=	-I${OPENSSLINC}
-LDFLAGS+=	-L${OPENSSLLIB}
-.endif
-
-post-patch:
-	${REINPLACE_CMD} -e 's#cc#${CC}#g' ${WRKSRC}/extconf.rb
-
-do-install:
-	${INSTALL_PROGRAM} ${WRKSRC}/arirang ${STAGEDIR}${PREFIX}/sbin
-	@${MKDIR} ${STAGEDIR}${PREFIX}/share/arirang
-	${INSTALL_DATA} ${WRKSRC}/scanrule/*.uxe ${STAGEDIR}${PREFIX}/share/arirang
-	${INSTALL_DATA} ${WRKSRC}/script/*.rb ${STAGEDIR}${PREFIX}/share/arirang
-
-.include <bsd.port.post.mk>
diff --git a/security/arirang/distinfo b/security/arirang/distinfo
deleted file mode 100644
index 0b4689e7bf48..000000000000
--- a/security/arirang/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (arirang-2.03.tar.gz) = aecc1069c6bcb2be20c11680b299d1d09ddf64821912e8f4fec61259f9671074
-SIZE (arirang-2.03.tar.gz) = 87187
diff --git a/security/arirang/files/patch-proxy.c b/security/arirang/files/patch-proxy.c
deleted file mode 100644
index 0eecd20e0ba0..000000000000
--- a/security/arirang/files/patch-proxy.c
+++ /dev/null
@@ -1,24 +0,0 @@
-Do not attempt to close the sock we never opened. Use herror() to report
-a DNS-failure, not perror().
-
-	-mi
-
---- proxy.c.orig	2011-05-18 02:19:11 UTC
-+++ proxy.c
-@@ -94,15 +94,13 @@ proxy_connect(char *scanhost, unsigned i
-     struct hostent *he;
- 
-     if ((he = gethostbyname(proxyhost)) == NULL) {
--        perror("proxy host not found");
--        close(sock);  
-+        herror("proxy host not found");
-         exit(0);
-     }
- 
- 
-     if ((sock = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
-         perror("socket");
--        close(sock);
-         exit(0);
-     }
-     http.sin_family = AF_INET;
diff --git a/security/arirang/pkg-descr b/security/arirang/pkg-descr
deleted file mode 100644
index a37a12229d97..000000000000
--- a/security/arirang/pkg-descr
+++ /dev/null
@@ -1,4 +0,0 @@
-Powerful webserver security scanner.
-Supports rule scan, virtual hosts, network ranges and more.
-
-WWW: https://www.monkey.org/~pilot/arirang/
diff --git a/security/arirang/pkg-plist b/security/arirang/pkg-plist
deleted file mode 100644
index b99629df9850..000000000000
--- a/security/arirang/pkg-plist
+++ /dev/null
@@ -1,55 +0,0 @@
-sbin/arirang
-share/arirang/account.uxe
-share/arirang/against-snort.uxe
-share/arirang/all.uxe
-share/arirang/apache.uxe
-share/arirang/bof_dos.uxe
-share/arirang/cfusion.uxe
-share/arirang/codered.uxe
-share/arirang/frontpage2k.uxe
-share/arirang/idstest.uxe
-share/arirang/iis.uxe
-share/arirang/iiscgi.uxe
-share/arirang/inject.uxe
-share/arirang/ncbook.uxe
-share/arirang/nes.uxe
-share/arirang/network.uxe
-share/arirang/nimda.uxe
-share/arirang/nottest.uxe
-share/arirang/nt.uxe
-share/arirang/nt_head.uxe
-share/arirang/request.uxe
-share/arirang/rule.uxe
-share/arirang/server.uxe
-share/arirang/ssltest.uxe
-share/arirang/unix.uxe
-share/arirang/unix_bin.uxe
-share/arirang/unix_cgi.uxe
-share/arirang/unix_head.uxe
-share/arirang/allow.rb
-share/arirang/allow_relay.rb
-share/arirang/auth.rb
-share/arirang/arirang.rb
-share/arirang/caching.rb
-share/arirang/chunk.rb
-share/arirang/csv.rb
-share/arirang/file.rb
-share/arirang/ftp.rb
-share/arirang/iframe.rb
-share/arirang/iisver.rb
-share/arirang/link.rb
-share/arirang/multi.rb
-share/arirang/multiport.rb
-share/arirang/nginx.rb
-share/arirang/null.rb
-share/arirang/proxy.rb
-share/arirang/robots.rb
-share/arirang/robots_relay.rb
-share/arirang/rubysock.rb
-share/arirang/script.rb
-share/arirang/server.rb
-share/arirang/server_relay.rb
-share/arirang/server11.rb
-share/arirang/server11_relay.rb
-share/arirang/size.rb
-share/arirang/ssh.rb
diff --git a/security/axTLS/Makefile b/security/axTLS/Makefile
deleted file mode 100644
index b121a2325542..000000000000
--- a/security/axTLS/Makefile
+++ /dev/null
@@ -1,141 +0,0 @@
-# Created by: Hirohisa Yamaguchi <umq@ueo.co.jp>
-
-PORTNAME=	axTLS
-PORTVERSION=	1.4.9
-PORTREVISION=	2
-CATEGORIES=	security devel net
-MASTER_SITES=	SF/${PORTNAME:tl}/${PORTVERSION}
-
-MAINTAINER=	umq@ueo.co.jp
-COMMENT=	SSL/TLS client/server library implementation
-
-LICENSE=	BSD3CLAUSE
-
-DEPRECATED=	Very outdated and abandoned, current version in tree was released in 2013 and last by upstream in 2019
-EXPIRATION_DATE=2022-03-31
-
-OPTIONS_DEFINE=	COMPAT_OPENSSL HTTPD TLSWRAP X509 PERL DOCS DEBUG TEST
-OPTIONS_SINGLE=	MODE PROT
-OPTIONS_SINGLE_MODE=	SERVER_ONLY CERT_VERIFICATION ENABLE_CLIENT \
-			FULL_MODE SKELETON_MODE
-OPTIONS_SINGLE_PROT=	PROT_LOW PROT_MEDIUM PROT_HIGH
-OPTIONS_DEFAULT=	FULL_MODE PROT_MEDIUM
-COMPAT_OPENSSL_DESC=	OpenSSL compatible API
-TLSWRAP_DESC=		Build TLS wrapper like sslwrap
-X509_DESC=		Generate X.509 Certificate
-PERL_DESC=		Perl bindings or support
-DOCS_DESC=		Build and/or install documentation (require doxygen)
-TEST_DESC=		Build test suite when available
-MODE_DESC=		SSL Library mode
-PROT_DESC=		Protocol Preference
-SERVER_ONLY_DESC=	Server only (no verification)
-CERT_VERIFICATION_DESC=	Server only (with verification)
-ENABLE_CLIENT_DESC=	Client/Server enabled
-FULL_MODE_DESC=		Client/Server enabled with diagnostics
-SKELETON_MODE_DESC=	The smallest library with least performance (experimental)
-PROT_LOW_DESC=		Use the fastest cipher(s) but at the expense of security
-PROT_MEDIUM_DESC=		Balance between speed and security
-PROT_HIGH_DESC=		Use the strongest cipher(s) at the cost of speed
-
-CONFIG_SUB=	PREFIX=\"${PREFIX}\" WWWDIR=\"${WWWDIR}\" \
-		HTTP_PORT=${WITH_HTTP_PORT} SSL_PORT=${WITH_SSL_PORT}
-NO_OPTIONS_SORT=yes
-USES=		cpe gmake
-CPE_VENDOR=	${PORTNAME:tl}_project
-USE_LDCONFIG=	yes
-WRKSRC=		${WRKDIR}/${PORTNAME}
-STAGE=		${WRKSRC}/_stage
-
-WITH_HTTP_PORT?=	80
-WITH_SSL_PORT?=		443
-
-PERL_BUILD_DEPENDS=	swig:devel/swig
-PERL_USES=	perl5
-DOCS_BUILD_DEPENDS=	doxygen:devel/doxygen
-
-OPTIONS_SUB=	yes
-PORTDOCS=	*
-
-.include <bsd.port.options.mk>
-
-.for i in SERVER_ONLY CERT_VERIFICATION ENABLE_CLIENT FULL_MODE \
-	SKELETON_MODE PROT_HIGH PROT_MEDIUM PROT_LOW COMPAT_OPENSSL \
-	HTTPD TLSWRAP X509 PERL DEBUG
-.  if ${PORT_OPTIONS:M${i}}
-CONFIG_SUB+=	${i}=""
-.  else
-CONFIG_SUB+=	${i}="\# "
-.  endif
-.endfor
-
-.if ${PORT_OPTIONS:MTEST}
-. if ${PORT_OPTIONS:MCERT_VERIFICATION} || \
-	${PORT_OPTIONS:MENABLE_CLIENT} || \
-	${PORT_OPTIONS:MFULL_MODE}
-CONFIG_SUB+=	TEST_PERF=""
-. else
-CONFIG_SUB+=	TEST_PERF="\# "
-. endif
-. if ${PORT_OPTIONS:MFULL_MODE} && empty(PORT_OPTIONS:MX509)
-CONFIG_SUB+=	TEST_SSL=""
-. else
-CONFIG_SUB+=	TEST_SSL="\# "
-. endif
-.else
-CONFIG_SUB+=	TEST_PERF="\# " \
-		TEST_SSL="\# "
-.endif
-
-_CONFIG_SUB_TEMP=	${CONFIG_SUB:S/$/!g/:S/^/ -e s!%%/:S/=/%%!/}
-
-post-patch:
-	${REINPLACE_CMD} -e '/^CC/s|gcc|${CC}|; /^HOSTCC/s|gcc|${CC}|' \
-		${WRKSRC}/config/Rules.mak
-
-do-configure:
-	@${SED} ${_CONFIG_SUB_TEMP} \
-	-e '/^\([^#]*\) is not set$$/s//\1=y/' \
-	${FILESDIR}/data-.config.in > ${WRKSRC}/config/.config
-	${DO_MAKE_BUILD} -C ${WRKSRC} oldconfig
-
-post-build:
-.if ${PORT_OPTIONS:MDOCS}
-	${DO_MAKE_BUILD} -C ${WRKSRC} docs
-.endif
-
-do-install:
-	${INSTALL_DATA} ${STAGE}/libaxtls.a ${STAGEDIR}${PREFIX}/lib
-	${INSTALL_LIB} ${STAGE}/libaxtls.so.1.2 ${STAGEDIR}${PREFIX}/lib
-	${LN} -s libaxtls.so.1.2 ${STAGEDIR}${PREFIX}/lib/libaxtls.so.1
-	${LN} -fs libaxtls.so.1 ${STAGEDIR}${PREFIX}/lib/libaxtls.so
-	${INSTALL_PROGRAM} ${STAGE}/axssl ${STAGEDIR}${PREFIX}/bin
-.if ${PORT_OPTIONS:MHTTPD}
-	${INSTALL_PROGRAM} ${STAGE}/htpasswd ${STAGEDIR}${PREFIX}/bin/axhtpasswd
-	${INSTALL_PROGRAM} ${STAGE}/axhttpd ${STAGEDIR}${PREFIX}/bin
-.endif
-.if ${PORT_OPTIONS:MTLSWRAP}
-	${INSTALL_PROGRAM} ${STAGE}/axtlswrap ${STAGEDIR}${PREFIX}/bin
-.endif
-.if ${PORT_OPTIONS:MPERL}
-	@${MKDIR} ${STAGEDIR}${PREFIX}/${SITE_ARCH_REL}/auto
-	${INSTALL_SCRIPT} ${STAGE}/axssl.pl ${STAGEDIR}${PREFIX}/bin
-	${INSTALL_SCRIPT} ${STAGE}/axtlsp.pm ${STAGEDIR}${PREFIX}/${SITE_ARCH_REL}
-	${INSTALL_LIB} ${STAGE}/libaxtlsp.so ${STAGEDIR}${PREFIX}/${SITE_ARCH_REL}/auto
-.endif
-	@${MKDIR} ${STAGEDIR}${PREFIX}/include/axTLS
-	${INSTALL_DATA} ${WRKSRC}/crypto/*.h ${STAGEDIR}${PREFIX}/include/axTLS
-	${INSTALL_DATA} ${WRKSRC}/ssl/*.h ${STAGEDIR}${PREFIX}/include/axTLS
-	${RM} ${STAGEDIR}${PREFIX}/include/axTLS/cert.h
-	${RM} ${STAGEDIR}${PREFIX}/include/axTLS/private_key.h
-	${RM} ${STAGEDIR}${PREFIX}/include/axTLS/os_port.h
-	${INSTALL_DATA} ${WRKSRC}/config/config.h ${STAGEDIR}${PREFIX}/include/axTLS
-.if ${PORT_OPTIONS:MDOCS}
-	@${MKDIR} ${STAGEDIR}${DOCSDIR}
-	cd ${WRKSRC}/docsrc/html && ${COPYTREE_SHARE} . ${STAGEDIR}${DOCSDIR}
-.endif
-
-regression-test: build
-	${DO_MAKE_BUILD} -C ${WRKSRC} test
-	cd ${WRKSRC} && ${MAKE_CMD} test
-
-.include <bsd.port.mk>
diff --git a/security/axTLS/distinfo b/security/axTLS/distinfo
deleted file mode 100644
index 21c9b9cb6d67..000000000000
--- a/security/axTLS/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (axTLS-1.4.9.tar.gz) = 9bc08f4c7a6bda3079af8e3f5ceee6b2ee92af34e8efbc9acfeee6c27b1f7cc3
-SIZE (axTLS-1.4.9.tar.gz) = 1300593
diff --git a/security/axTLS/files/data-.config.in b/security/axTLS/files/data-.config.in
deleted file mode 100644
index 80ab237ee964..000000000000
--- a/security/axTLS/files/data-.config.in
+++ /dev/null
@@ -1,126 +0,0 @@
-#
-# Automatically generated make config: don't edit
-#
-HAVE_DOT_CONFIG=y
-CONFIG_PLATFORM_LINUX=y
-# CONFIG_PLATFORM_CYGWIN is not set
-# CONFIG_PLATFORM_WIN32 is not set
-
-#
-# General Configuration
-#
-PREFIX=%%PREFIX%%
-%%DEBUG%%CONFIG_DEBUG is not set
-# CONFIG_STRIP_UNWANTED_SECTIONS is not set
-# CONFIG_VISUAL_STUDIO_7_0 is not set
-# CONFIG_VISUAL_STUDIO_8_0 is not set
-# CONFIG_VISUAL_STUDIO_10_0 is not set
-CONFIG_VISUAL_STUDIO_7_0_BASE=""
-CONFIG_VISUAL_STUDIO_8_0_BASE=""
-CONFIG_VISUAL_STUDIO_10_0_BASE=""
-CONFIG_EXTRA_CFLAGS_OPTIONS=""
-CONFIG_EXTRA_LDFLAGS_OPTIONS=""
-
-#
-# SSL Library
-#
-%%SERVER_ONLY%%CONFIG_SSL_SERVER_ONLY is not set
-%%CERT_VERIFICATION%%CONFIG_SSL_CERT_VERIFICATION is not set
-%%ENABLE_CLIENT%%CONFIG_SSL_ENABLE_CLIENT is not set
-%%FULL_MODE%%CONFIG_SSL_FULL_MODE is not set
-%%SKELETON_MODE%%CONFIG_SSL_SKELETON_MODE is not set
-%%PROT_LOW%%CONFIG_SSL_PROT_LOW is not set
-%%PROT_MEDIUM%%CONFIG_SSL_PROT_MEDIUM is not set
-%%PROT_HIGH%%CONFIG_SSL_PROT_HIGH is not set
-CONFIG_SSL_USE_DEFAULT_KEY=y
-CONFIG_SSL_PRIVATE_KEY_LOCATION=""
-CONFIG_SSL_PRIVATE_KEY_PASSWORD=""
-CONFIG_SSL_X509_CERT_LOCATION=""
-%%X509%%CONFIG_SSL_GENERATE_X509_CERT is not set
-CONFIG_SSL_X509_COMMON_NAME=""
-CONFIG_SSL_X509_ORGANIZATION_NAME=""
-CONFIG_SSL_X509_ORGANIZATION_UNIT_NAME=""
-# CONFIG_SSL_ENABLE_V23_HANDSHAKE is not set
-CONFIG_SSL_HAS_PEM=y
-CONFIG_SSL_USE_PKCS12=y
-CONFIG_SSL_EXPIRY_TIME=24
-CONFIG_X509_MAX_CA_CERTS=150
-CONFIG_SSL_MAX_CERTS=3
-# CONFIG_SSL_CTX_MUTEXING is not set
-CONFIG_USE_DEV_URANDOM=y
-# CONFIG_WIN32_USE_CRYPTO_LIB is not set
-%%COMPAT_OPENSSL%%CONFIG_OPENSSL_COMPATIBLE is not set
-%%TEST_PERF%%CONFIG_PERFORMANCE_TESTING is not set
-%%TEST_SSL%%CONFIG_SSL_TEST is not set
-%%TLSWRAP%%CONFIG_AXTLSWRAP is not set
-%%HTTPD%%CONFIG_AXHTTPD is not set
-
-#
-# Axhttpd Configuration
-#
-# CONFIG_HTTP_STATIC_BUILD is not set
-CONFIG_HTTP_PORT=%%HTTP_PORT%%
-CONFIG_HTTP_HTTPS_PORT=%%SSL_PORT%%
-CONFIG_HTTP_SESSION_CACHE_SIZE=5
-CONFIG_HTTP_WEBROOT=%%WWWDIR%%
-CONFIG_HTTP_TIMEOUT=300
-
-#
-# CGI
-#
-CONFIG_HTTP_HAS_CGI=y
-CONFIG_HTTP_CGI_EXTENSIONS=".lua,.pl,.php"
-# CONFIG_HTTP_ENABLE_LUA is not set
-CONFIG_HTTP_LUA_PREFIX="/usr"
-# CONFIG_HTTP_BUILD_LUA is not set
-CONFIG_HTTP_CGI_LAUNCHER="/usr/bin/cgi"
-CONFIG_HTTP_DIRECTORIES=y
-CONFIG_HTTP_HAS_AUTHORIZATION=y
-CONFIG_HTTP_HAS_IPV6=y
-CONFIG_HTTP_ENABLE_DIFFERENT_USER=y
-CONFIG_HTTP_USER="www"
-CONFIG_HTTP_VERBOSE=y
-# CONFIG_HTTP_IS_DAEMON is not set
-
-#
-# Language Bindings
-#
-CONFIG_BINDINGS=y
-# CONFIG_CSHARP_BINDINGS is not set
-# CONFIG_VBNET_BINDINGS is not set
-CONFIG_DOT_NET_FRAMEWORK_BASE=""
-# CONFIG_JAVA_BINDINGS is not set
-CONFIG_JAVA_HOME=""
-%%PERL%%CONFIG_PERL_BINDINGS is not set
-CONFIG_PERL_CORE="/usr/local"
-CONFIG_PERL_LIB=""
-# CONFIG_LUA_BINDINGS is not set
-CONFIG_LUA_CORE=""
-
-#
-# Samples
-#
-CONFIG_SAMPLES=y
-CONFIG_C_SAMPLES=y
-# CONFIG_CSHARP_SAMPLES is not set
-# CONFIG_VBNET_SAMPLES is not set
-# CONFIG_JAVA_SAMPLES is not set
-%%PERL%%CONFIG_PERL_SAMPLES is not set
-# CONFIG_LUA_SAMPLES is not set
-
-#
-# BigInt Options
-#
-# CONFIG_BIGINT_CLASSICAL is not set
-# CONFIG_BIGINT_MONTGOMERY is not set
-CONFIG_BIGINT_BARRETT=y
-CONFIG_BIGINT_CRT=y
-# CONFIG_BIGINT_KARATSUBA is not set
-MUL_KARATSUBA_THRESH=0
-SQU_KARATSUBA_THRESH=0
-CONFIG_BIGINT_SLIDING_WINDOW=y
-CONFIG_BIGINT_SQUARE=y
-%%DEBUG%%CONFIG_BIGINT_CHECK_ON is not set
-CONFIG_INTEGER_32BIT=y
-# CONFIG_INTEGER_16BIT is not set
-# CONFIG_INTEGER_8BIT is not set
diff --git a/security/axTLS/files/patch-Makefile b/security/axTLS/files/patch-Makefile
deleted file mode 100644
index 159bc7336543..000000000000
--- a/security/axTLS/files/patch-Makefile
+++ /dev/null
@@ -1,13 +0,0 @@
---- ./Makefile.orig	2011-01-07 22:16:40.000000000 +0900
-+++ ./Makefile	2013-04-11 08:38:38.000000000 +0900
-@@ -118,7 +118,9 @@
- 	-@rm `perl -e 'use Config; print $$Config{installarchlib};'`/axtlsp.pm > /dev/null 2>&1
- 
- test:
--	cd $(STAGE); ssltest; ../ssl/test/test_axssl.sh; cd -;
-+	cd $(STAGE); [ -e ./ssltest ] && LD_LIBRARY_PATH=".:$${LD_LIBRARY_PATH}" ./ssltest ;\
-+		[ -e ./perf_bigint ] && LD_LIBRARY_PATH=".:$${LD_LIBRARY_PATH}" ./perf_bigint ;\
-+		../ssl/test/test_axssl.sh; cd -;
- 
- # tidy up things
- clean::
diff --git a/security/axTLS/files/patch-samples__c__axssl.c b/security/axTLS/files/patch-samples__c__axssl.c
deleted file mode 100644
index 9dfb5f2c8473..000000000000
--- a/security/axTLS/files/patch-samples__c__axssl.c
+++ /dev/null
@@ -1,25 +0,0 @@
---- ./samples/c/axssl.c.orig	2012-07-01 09:49:36.000000000 +0900
-+++ ./samples/c/axssl.c	2013-04-10 16:59:23.000000000 +0900
-@@ -45,6 +45,7 @@
-  */
- #include <string.h>
- #include <stdio.h>
-+#include <signal.h>
- #include <stdlib.h>
- #include "os_port.h"
- #include "ssl.h"
-@@ -54,6 +55,14 @@
- #define STDIN_FILENO        0
- #endif
- 
-+/* enable features based on a 'super-set' capbaility. */
-+#if defined(CONFIG_SSL_FULL_MODE) 
-+#define CONFIG_SSL_ENABLE_CLIENT
-+#define CONFIG_SSL_CERT_VERIFICATION
-+#elif defined(CONFIG_SSL_ENABLE_CLIENT)
-+#define CONFIG_SSL_CERT_VERIFICATION
-+#endif
-+
- static void do_server(int argc, char *argv[]);
- static void print_options(char *option);
- static void print_server_options(char *option);
diff --git a/security/axTLS/files/patch-ssl__Config.in b/security/axTLS/files/patch-ssl__Config.in
deleted file mode 100644
index 28c7aa6154ef..000000000000
--- a/security/axTLS/files/patch-ssl__Config.in
+++ /dev/null
@@ -1,11 +0,0 @@
---- ./ssl/Config.in.orig	2011-06-25 06:12:07.000000000 +0900
-+++ ./ssl/Config.in	2013-04-11 08:38:38.000000000 +0900
-@@ -318,7 +318,7 @@
- config CONFIG_PERFORMANCE_TESTING
-     bool "Build the bigint performance test tool"
-     default n
--    depends on CONFIG_SSL_CERT_VERIFICATION
-+    depends on CONFIG_SSL_CERT_VERIFICATION || CONFIG_SSL_ENABLE_CLIENT || CONFIG_SSL_FULL_MODE
-     help
-         Used for performance testing of bigint.
- 
diff --git a/security/axTLS/pkg-descr b/security/axTLS/pkg-descr
deleted file mode 100644
index 5eba59bc63db..000000000000
--- a/security/axTLS/pkg-descr
+++ /dev/null
@@ -1,5 +0,0 @@
-The axTLS project is an SSL client/server library using the TLSv1
-protocol.  It is designed to be small and fast, and is suited to
-embedded projects.  A web server is included.
-
-WWW: http://axtls.sourceforge.net/
diff --git a/security/axTLS/pkg-plist b/security/axTLS/pkg-plist
deleted file mode 100644
index b909f6649ac1..000000000000
--- a/security/axTLS/pkg-plist
+++ /dev/null
@@ -1,20 +0,0 @@
-%%HTTPD%%bin/axhtpasswd
-%%HTTPD%%bin/axhttpd
-bin/axssl
-%%PERL%%bin/axssl.pl
-%%TLSWRAP%%bin/axtlswrap
-include/axTLS/bigint.h
-include/axTLS/bigint_impl.h
-include/axTLS/config.h
-include/axTLS/crypto.h
-include/axTLS/crypto_misc.h
-include/axTLS/os_int.h
-include/axTLS/ssl.h
-include/axTLS/tls1.h
-include/axTLS/version.h
-lib/libaxtls.a
-lib/libaxtls.so
-lib/libaxtls.so.1
-lib/libaxtls.so.1.2
-%%PERL%%%%SITE_ARCH%%/auto/libaxtlsp.so
-%%PERL%%%%SITE_ARCH%%/axtlsp.pm
diff --git a/security/base/Makefile b/security/base/Makefile
deleted file mode 100644
index 5903c26691d1..000000000000
--- a/security/base/Makefile
+++ /dev/null
@@ -1,59 +0,0 @@
-# Created by: Linh Pham <question+fbsdports@closedsrc.org>
-
-PORTNAME=	base
-PORTVERSION=	1.4.5
-PORTREVISION=	1
-CATEGORIES=	security
-MASTER_SITES=	SF/secureideas/BASE/${PORTNAME}-${PORTVERSION}
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Basic Analysis and Security Engine - analyzing Snort alerts
-
-LICENSE=	GPLv2+
-LICENSE_FILE=	${WRKSRC}/docs/GPL
-
-DEPRECATED=	Broken with PHP 7+, forked here https://github.com/NathanGibbs3/BASE/
-EXPIRATION_DATE=2022-03-31
-
-RUN_DEPENDS=	${ADODB_DIR}/adodb.inc.php:databases/adodb5 \
-		${LOCALBASE}/share/pear/Image/Graph.php:graphics/pear-Image_Graph@${PHP_FLAVOR} \
-		${LOCALBASE}/share/pear/Mail.php:mail/pear-Mail@${PHP_FLAVOR} \
-		${LOCALBASE}/share/pear/Mail/mime.php:mail/pear-Mail_Mime@${PHP_FLAVOR}
-
-USES=		php
-USE_PHP=	gd gettext pcre session zlib ctype
-
-ADODB_DIR=	${LOCALBASE}/share/adodb
-
-NO_ARCH=	yes
-SUB_FILES=	pkg-message
-DOCS=		docs/CHANGELOG docs/CREDITS docs/README docs/README.mssql \
-		docs/TODO docs/UPGRADE docs/GPL docs/base_faq.rtf
-
-OPTIONS_DEFINE=	PGSQL PDF DOCS
-
-PGSQL_USES=	pgsql
-PGSQL_USE=	PHP=pgsql
-PDF_RUN_DEPENDS=${LOCALBASE}/share/fpdf/fpdf.php:print/fpdf
-
-do-build:
-	@${REINPLACE_CMD} -e 's,DBlib_path = "",DBlib_path = "${ADODB_DIR}",' \
-		${WRKSRC}/base_conf.php.dist
-
-do-install:
-	@${MKDIR} ${STAGEDIR}${PREFIX}/www/base/includes/templates/default
-	${INSTALL_DATA} ${WRKSRC}/*.php ${WRKSRC}/*.dist ${STAGEDIR}${PREFIX}/www/base
-.for dir in admin help includes languages setup
-	@${MKDIR} ${STAGEDIR}${PREFIX}/www/base/${dir}
-	${INSTALL_DATA} ${WRKSRC}/${dir}/*.php ${STAGEDIR}${PREFIX}/www/base/${dir}
-.endfor
-.for dir in images sql styles
-	@${MKDIR} ${STAGEDIR}${PREFIX}/www/base/${dir}
-	${INSTALL_DATA} ${WRKSRC}/${dir}/* ${STAGEDIR}${PREFIX}/www/base/${dir}
-.endfor
-
-do-install-DOCS-on:
-	@${MKDIR} ${STAGEDIR}${DOCSDIR}
-	cd ${WRKSRC} && ${INSTALL_DATA} ${DOCS} ${STAGEDIR}${DOCSDIR}
-
-.include <bsd.port.mk>
diff --git a/security/base/distinfo b/security/base/distinfo
deleted file mode 100644
index 66e283550a53..000000000000
--- a/security/base/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (base-1.4.5.tar.gz) = 23910f5277ceb43398442074e444182941bf7f6da85efd84ecdd0cf62c4b8935
-SIZE (base-1.4.5.tar.gz) = 958567
diff --git a/security/base/files/patch-base__conf.php.dist b/security/base/files/patch-base__conf.php.dist
deleted file mode 100644
index 149b68de63b2..000000000000
--- a/security/base/files/patch-base__conf.php.dist
+++ /dev/null
@@ -1,11 +0,0 @@
---- base_conf.php.dist.orig	2016-10-13 08:46:30 UTC
-+++ base_conf.php.dist
-@@ -393,7 +393,7 @@ $external_port_link = array('sans'     =
- 
- /* Signature references */
- $external_sig_link = array('bugtraq'   => array('http://www.securityfocus.com/bid/', ''),
--                           'snort'     => array('http://www.snort.org/search/sid/', ''),
-+                           'snort'     => array('http://www.snort.org/rule_docs/', ''),
-                            'cve'       => array('http://cve.mitre.org/cgi-bin/cvename.cgi?name=', ''),
-                            'arachnids' => array('http://www.whitehats.com/info/ids', ''),
-                            'mcafee'    => array('http://vil.nai.com/vil/content/v_', '.htm'),
diff --git a/security/base/files/patch-base_graph_display.php b/security/base/files/patch-base_graph_display.php
deleted file mode 100644
index 104a52fb7c17..000000000000
--- a/security/base/files/patch-base_graph_display.php
+++ /dev/null
@@ -1,35 +0,0 @@
---- ./base_graph_display.php.orig	2010-03-05 16:06:17.000000000 +0100
-+++ ./base_graph_display.php	2010-04-11 23:52:13.000000000 +0200
-@@ -320,27 +320,27 @@
- 
-       // special case '"I0" => "private network (rfc 1918)"' and
-       // '"** (private network) " => "private network (rfc 1918)"'
--      if (ereg("rfc 1918", $tmp, $substring) || (ereg("[*][*] \(private network\) ", $tmp_lower, $substring)))
-+      if (preg_match("/rfc 1918/", $tmp, $substring) || (preg_match("/[*][*] \(private network\) /", $tmp_lower, $substring)))
-       {
-         $Dataset->addPoint("private network (rfc 1918)", $xdata[$i][1]);
-       }
-       // special case '?? (Not Found) ' => 'unknown'
--      elseif(ereg("[?][?][ \t]+\(Not Found\)[ \t]*", $tmp, $substring))
-+      elseif(preg_match("/[?][?][ \t]+\(Not Found\)[ \t]*/", $tmp, $substring))
-       {
-         $Dataset->addPoint("unknown", $xdata[$i][1]);
-       }
-       // anything inside parentheses, following a 2-letter TLD:
--      elseif (ereg("^[-a-zA-Z0-9]{2}[ \t]\((.+)\)[ \t]*$", $tmp, $substring))
-+      elseif (preg_match("/^[-a-zA-Z0-9]{2}[ \t]\((.+)\)[ \t]*$/", $tmp, $substring))
-       {
-         $Dataset->addPoint($substring[1], $xdata[$i][1]);
-       }
-       // anything after two-letter top level domain names and after one space or tab:
--      elseif (ereg("[ \t]*[-a-zA-Z0-9]{2}[ \t]([-a-zA-Z0-9]+[-a-zA-Z0-9 ]*)", $tmp, $substring))
-+      elseif (preg_match("/[ \t]*[-a-zA-Z0-9]{2}[ \t]([-a-zA-Z0-9]+[-a-zA-Z0-9 ]*)/", $tmp, $substring))
-       {
-         $Dataset->addPoint($substring[1], $xdata[$i][1]);
-       }
-       // two-letter top level domain names right at the beginning:
--      elseif (ereg("[ \t]*([-a-zA-Z0-9]{2})[ \t]", $tmp_lower, $substring))
-+      elseif (preg_match("/[ \t]*([-a-zA-Z0-9]{2})[ \t]/", $tmp_lower, $substring))
-       {
-         $Dataset->addPoint($substring[1], $xdata[$i][1]);
-       }
diff --git a/security/base/files/patch-base_qry_common.php b/security/base/files/patch-base_qry_common.php
deleted file mode 100644
index 67197295ce57..000000000000
--- a/security/base/files/patch-base_qry_common.php
+++ /dev/null
@@ -1,16 +0,0 @@
---- ./base_qry_common.php.orig	2010-03-05 16:06:17.000000000 +0100
-+++ ./base_qry_common.php	2010-04-11 23:52:13.000000000 +0200
-@@ -773,10 +773,10 @@
-            }
-         }
-         /* if have chosen the address type to be both source and destination */
--        if ( ereg("ip_both", $tmp) )
-+        if ( preg_match("/ip_both/", $tmp) )
-         {
--           $tmp_src = ereg_replace("ip_both","ip_src",$tmp);
--           $tmp_dst = ereg_replace("ip_both","ip_dst",$tmp);
-+           $tmp_src = preg_replace("/ip_both/","ip_src",$tmp);
-+           $tmp_dst = preg_replace("/ip_both/","ip_dst",$tmp);
-            
-            if ( $ip_addr[$i][2] == '=' )
-              $tmp = "(".$tmp_src.') OR ('.$tmp_dst.')';
diff --git a/security/base/files/patch-base_qry_sqlcalls.php b/security/base/files/patch-base_qry_sqlcalls.php
deleted file mode 100644
index 92623d38aab7..000000000000
--- a/security/base/files/patch-base_qry_sqlcalls.php
+++ /dev/null
@@ -1,14 +0,0 @@
---- ./base_qry_sqlcalls.php.orig	2010-03-05 16:06:17.000000000 +0100
-+++ ./base_qry_sqlcalls.php	2010-04-11 23:52:13.000000000 +0200
-@@ -259,9 +259,9 @@
-            $line = split (" ", $current_sig_txt);
-            foreach ($line as $ps_element) 
-            {
--             if ( ereg("[0-9]*\.[0-9]*\.[0-9]*\.[0-9]", $ps_element)  )
-+             if ( preg_match("/[0-9]*\.[0-9]*\.[0-9]*\.[0-9]/", $ps_element)  )
-              {
--                $ps_element = ereg_replace (":", "", $ps_element);
-+                $ps_element = preg_replace ("/:/", "", $ps_element);
-                 qroPrintEntry("<A HREF=\"base_stat_ipaddr.php?ip=".$ps_element."&amp;netmask=32\">".
-                               $ps_element."</A>");
-              }
diff --git a/security/base/files/patch-base_stat_ipaddr.php b/security/base/files/patch-base_stat_ipaddr.php
deleted file mode 100644
index 5ea59c016279..000000000000
--- a/security/base/files/patch-base_stat_ipaddr.php
+++ /dev/null
@@ -1,38 +0,0 @@
---- ./base_stat_ipaddr.php.orig	2010-03-05 16:06:17.000000000 +0100
-+++ ./base_stat_ipaddr.php	2010-04-11 23:52:13.000000000 +0200
-@@ -135,7 +135,7 @@
-    print "</PRE><BR>\n";
-    */
- 
--   if(ereg($ip, $contents)) {
-+   if(preg_match("/$ip/", $contents)) {
-      $total++;
-      if( $total % 2 == 0 ) {
-         $color="DDDDDD";
-@@ -143,7 +143,7 @@
-         $color="FFFFFF";
-      }
- 
--     $contents = ereg_replace("  ", " ", $contents);
-+     $contents = preg_replace("/  /", " ", $contents);
-      $elements = explode(" ", $contents);
- 
-      echo '<tr bgcolor="'.$color.'"><td align="center">'.
-@@ -183,7 +183,7 @@
-      print "</PRE></TD>";
- 
-      /*
--     ereg("([0-9]*\.[0-9]*\.[0-9]*\.[0-9]*):([0-9]*)",$elements[3],$store);
-+     preg_match("/([0-9]*\.[0-9]*\.[0-9]*\.[0-9]*):([0-9]*)/",$elements[3],$store);
-      $source_ip = $store[1];
-      $source_port = $store[2];
-      if (empty($source_ip))
-@@ -197,7 +197,7 @@
-      echo '<td align="center">' . $source_ip  . '</td>';
-      echo '<td align="center">' . $source_port . '</td>';
- 
--     ereg("([0-9]*\.[0-9]*\.[0-9]*\.[0-9]*):([0-9]*)",$elements[5],$store);
-+     preg_match("/([0-9]*\.[0-9]*\.[0-9]*\.[0-9]*):([0-9]*)/",$elements[5],$store);
-      $destination_ip = $store[1];
-      $destination_port = $store[2];
-      if (empty($destination_ip))
diff --git a/security/base/files/patch-includes__base_db.inc.php b/security/base/files/patch-includes__base_db.inc.php
deleted file mode 100644
index 895b2697b002..000000000000
--- a/security/base/files/patch-includes__base_db.inc.php
+++ /dev/null
@@ -1,11 +0,0 @@
---- ./includes/base_db.inc.php.orig	2010-03-05 16:06:18.000000000 +0100
-+++ ./includes/base_db.inc.php	2010-04-11 23:52:13.000000000 +0200
-@@ -209,7 +209,7 @@
-      /* ** Begin DB specific SQL fix-up ** */
-      if ($this->DB_type == "mssql")
-      {
--        $sql = eregi_replace("''", "NULL", $sql);
-+        $sql = preg_replace("/''/i", "NULL", $sql);
-      }
- 
-      if ($this->DB_type == "oci8")
diff --git a/security/base/files/patch-includes__base_net.inc.php b/security/base/files/patch-includes__base_net.inc.php
deleted file mode 100644
index 4f81782e4498..000000000000
--- a/security/base/files/patch-includes__base_net.inc.php
+++ /dev/null
@@ -1,11 +0,0 @@
---- ./includes/base_net.inc.php.orig	2010-03-05 16:06:18.000000000 +0100
-+++ ./includes/base_net.inc.php	2010-04-11 23:52:13.000000000 +0200
-@@ -391,7 +391,7 @@
-         $line = explode(" ", $response_l[$i]);
-         for ($j=0; $j < sizeof($line); $j++ )
-         {
--          if ( eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $line[$j]) )
-+          if ( preg_match("/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/i", $line[$j]) )
-           {
-              if ( $email == "" )
-                 $email = $line[$j];
diff --git a/security/base/files/patch-includes__base_signature.inc.php b/security/base/files/patch-includes__base_signature.inc.php
deleted file mode 100644
index b32aa7925846..000000000000
--- a/security/base/files/patch-includes__base_signature.inc.php
+++ /dev/null
@@ -1,11 +0,0 @@
---- ./includes/base_signature.inc.php.orig	2010-03-05 16:06:18.000000000 +0100
-+++ ./includes/base_signature.inc.php	2010-04-11 23:52:13.000000000 +0200
-@@ -139,7 +139,7 @@
-       {
-          if ($tmp_ref_system_name == "snort")
-          {
--           if (ereg("([0-9]+):([0-9]+)", $ref_tag, $backref))
-+           if (preg_match("/([0-9]+):([0-9]+)/", $ref_tag, $backref))
-            {
-              if ($backref[1] == "1")
-              {
diff --git a/security/base/files/patch-includes__base_state_citems.inc.php b/security/base/files/patch-includes__base_state_citems.inc.php
deleted file mode 100644
index 40755eb24643..000000000000
--- a/security/base/files/patch-includes__base_state_citems.inc.php
+++ /dev/null
@@ -1,11 +0,0 @@
---- ./includes/base_state_citems.inc.php.orig	2010-03-05 16:06:18.000000000 +0100
-+++ ./includes/base_state_citems.inc.php	2010-04-11 23:52:13.000000000 +0200
-@@ -963,7 +963,7 @@
-       for ( $i = 0; $i < $this->criteria_cnt; $i++ )
-       {
-         if ( (isset ($this->criteria[$i][3])) &&
--             (ereg("([0-9]*)\.([0-9]*)\.([0-9]*)\.([0-9]*)", $this->criteria[$i][3])) )
-+             (preg_match("/([0-9]*)\.([0-9]*)\.([0-9]*)\.([0-9]*)/", $this->criteria[$i][3])) )
-         {
-            $tmp_ip_str = $this->criteria[$i][7] = $this->criteria[$i][3];
-            $this->criteria[$i][3] = strtok($tmp_ip_str, ".");
diff --git a/security/base/files/patch-includes__base_state_common.inc.php b/security/base/files/patch-includes__base_state_common.inc.php
deleted file mode 100644
index d39b08ef196c..000000000000
--- a/security/base/files/patch-includes__base_state_common.inc.php
+++ /dev/null
@@ -1,11 +0,0 @@
---- ./includes/base_state_common.inc.php.orig	2010-03-05 16:06:18.000000000 +0100
-+++ ./includes/base_state_common.inc.php	2010-04-11 23:52:13.000000000 +0200
-@@ -181,7 +181,7 @@
-    if ( ($valid_data & VAR_SCORE) > 0 ) 
-       $regex_mask = $regex_mask . "\-";
- 
--   return ereg_replace("[^".$regex_mask."]", "", $item);
-+   return preg_replace("/[^".$regex_mask."]/", "", $item);
- }
- 
- /* ***********************************************************************
diff --git a/security/base/files/patch-includes__base_state_criteria.inc.php b/security/base/files/patch-includes__base_state_criteria.inc.php
deleted file mode 100644
index 9e6018a9f7f6..000000000000
--- a/security/base/files/patch-includes__base_state_criteria.inc.php
+++ /dev/null
@@ -1,11 +0,0 @@
---- ./includes/base_state_criteria.inc.php.orig	2010-03-05 16:06:18.000000000 +0100
-+++ ./includes/base_state_criteria.inc.php	2010-04-11 23:52:13.000000000 +0200
-@@ -252,7 +252,7 @@
-    if ( isset($_POST['current_view']) ) $query_string .= "&amp;current_view=".$_POST['current_view'];
-    if ( isset($_POST['submit']) ) $query_string .= "&amp;submit=".$_POST['submit'];
- 
--   $query_string = ereg_replace("back=1&", "", CleanVariable($query_string, VAR_PERIOD | VAR_DIGIT | VAR_PUNC | VAR_LETTER));
-+   $query_string = preg_replace("/back=1&/", "", CleanVariable($query_string, VAR_PERIOD | VAR_DIGIT | VAR_PUNC | VAR_LETTER));
- 
-    ++$_SESSION['back_list_cnt'];
-    $_SESSION['back_list'][$_SESSION['back_list_cnt']] =  
diff --git a/security/base/files/pkg-message.in b/security/base/files/pkg-message.in
deleted file mode 100644
index 1e7a3f915ea0..000000000000
--- a/security/base/files/pkg-message.in
+++ /dev/null
@@ -1,28 +0,0 @@
-[
-{ type: install
-  message: <<EOM
-Please read the README file located at:
-
-%%DOCSDIR%%/README
-
-for how to configure %%PREFIX%%/www/base/base_conf.php after
-installation.
-
-
-To make BASE accessible through your web site, you will need to add
-the following to your Apache configuration file:
-
-    Alias /base/ "%%PREFIX%%/www/base"
-
-In order for the graphing functions to work in BASE, make sure you
-include PEAR in your %%LOCALBASE%%/etc/php.ini configuration file, like:
-
-    include_path = ".:%%LOCALBASE%%/share/pear"
-
-If you built BASE with PDF support, make sure you include the FPDF
-path in your %%LOCALBASE%%/etc/php.ini configuration file, like:
-
-    include_path = ".:%%LOCALBASE%%/share/pear:%%LOCALBASE%%/share/fpdf"
-EOM
-}
-]
diff --git a/security/base/pkg-descr b/security/base/pkg-descr
deleted file mode 100644
index e9a8c51ab7f2..000000000000
--- a/security/base/pkg-descr
+++ /dev/null
@@ -1,11 +0,0 @@
-BASE is the Basic Analysis and Security Engine. It is based on the code
-from the ACID project. This application provides a PHP-based web front-end
-to query and analyze the alerts coming from a Snort IDS system.
-
-BASE is a web interface to perform analysis of intrusions that Snort has
-detected on your network. It uses a user authentication and role-base
-system, so that you as the security admin can decide what and how much
-information each user can see. It also has a simple to use, web-based
-setup program for people not comfortable with editing files directly.
-
-WWW: https://sourceforge.net/projects/secureideas/
diff --git a/security/base/pkg-plist b/security/base/pkg-plist
deleted file mode 100644
index 3ed88005bb9c..000000000000
--- a/security/base/pkg-plist
+++ /dev/null
@@ -1,119 +0,0 @@
-%%PORTDOCS%%%%DOCSDIR%%/README
-%%PORTDOCS%%%%DOCSDIR%%/README.mssql
-%%PORTDOCS%%%%DOCSDIR%%/CHANGELOG
-%%PORTDOCS%%%%DOCSDIR%%/CREDITS
-%%PORTDOCS%%%%DOCSDIR%%/TODO
-%%PORTDOCS%%%%DOCSDIR%%/UPGRADE
-%%PORTDOCS%%%%DOCSDIR%%/GPL
-%%PORTDOCS%%%%DOCSDIR%%/base_faq.rtf
-www/base/admin/base_roleadmin.php
-www/base/admin/base_useradmin.php
-www/base/admin/index.php
-www/base/base_ag_common.php
-www/base/base_ag_main.php
-www/base/base_common.php
-www/base/base_conf.php.dist
-www/base/base_db_common.php
-www/base/base_db_setup.php
-www/base/base_denied.php
-www/base/base_footer.php
-www/base/base_graph_common.php
-www/base/base_graph_display.php
-www/base/base_graph_form.php
-www/base/base_graph_main.php
-www/base/base_hdr1.php
-www/base/base_hdr2.php
-www/base/base_local_rules.php
-www/base/base_logout.php
-www/base/base_main.php
-www/base/base_maintenance.php
-www/base/base_payload.php
-www/base/base_qry_alert.php
-www/base/base_qry_common.php
-www/base/base_qry_form.php
-www/base/base_qry_main.php
-www/base/base_qry_sqlcalls.php
-www/base/base_stat_alerts.php
-www/base/base_stat_class.php
-www/base/base_stat_common.php
-www/base/base_stat_ipaddr.php
-www/base/base_stat_iplink.php
-www/base/base_stat_ports.php
-www/base/base_stat_sensor.php
-www/base/base_stat_time.php
-www/base/base_stat_uaddr.php
-www/base/base_user.php
-www/base/help/base_app_faq.php
-www/base/help/base_help.php
-www/base/help/base_setup_help.php
-www/base/images/button_delete.png
-www/base/images/button_edit.png
-www/base/images/button_exclamation.png
-www/base/images/greencheck.gif
-www/base/images/greencheck.png
-www/base/images/redcheck.gif
-www/base/includes/base_action.inc.php
-www/base/includes/base_auth.inc.php
-www/base/includes/base_cache.inc.php
-www/base/includes/base_capabilities.php
-www/base/includes/base_constants.inc.php
-www/base/includes/base_db.inc.php
-www/base/includes/base_include.inc.php
-www/base/includes/base_iso3166.inc.php
-www/base/includes/base_log_error.inc.php
-www/base/includes/base_log_timing.inc.php
-www/base/includes/base_net.inc.php
-www/base/includes/base_output_html.inc.php
-www/base/includes/base_output_query.inc.php
-www/base/includes/base_setup.inc.php
-www/base/includes/base_signature.inc.php
-www/base/includes/base_state_citems.inc.php
-www/base/includes/base_state_common.inc.php
-www/base/includes/base_state_criteria.inc.php
-www/base/includes/base_state_query.inc.php
-www/base/includes/base_template.php
-www/base/includes/base_user.inc.php
-www/base/index.php
-www/base/languages/czech.lang.php
-www/base/languages/chinese.lang.php
-www/base/languages/danish.lang.php
-www/base/languages/english.lang.php
-www/base/languages/finnish.lang.php
-www/base/languages/french.lang.php
-www/base/languages/german.lang.php
-www/base/languages/index.php
-www/base/languages/indonesian.lang.php
-www/base/languages/italian.lang.php
-www/base/languages/japanese.lang.php
-www/base/languages/norwegian.lang.php
-www/base/languages/polish.lang.php
-www/base/languages/portuguese-PT.lang.php
-www/base/languages/portuguese.lang.php
-www/base/languages/russian.lang.php
-www/base/languages/simplified_chinese.lang.php
-www/base/languages/spanish.lang.php
-www/base/languages/swedish.lang.php
-www/base/languages/turkish.lang.php
-www/base/setup/base_conf_contents.php
-www/base/setup/index.php
-www/base/setup/setup_db.inc.php
-www/base/setup/setup1.php
-www/base/setup/setup2.php
-www/base/setup/setup3.php
-www/base/setup/setup4.php
-www/base/setup/setup5.php
-www/base/sql/acid2base_tbls_mssql.sql
-www/base/sql/acid2base_tbls_mysql.sql
-www/base/sql/acid2base_tbls_pgsql.sql
-www/base/sql/create_base_tbls_mssql.sql
-www/base/sql/create_base_tbls_mssql_extra.sql
-www/base/sql/create_base_tbls_mysql.sql
-www/base/sql/create_base_tbls_oracle.sql
-www/base/sql/create_base_tbls_pgsql.sql
-www/base/sql/create_base_tbls_pgsql_extra.sql
-www/base/sql/upgrade_0.9.x_to_1.0-mysql.sql
-www/base/styles/base_black_style.css
-www/base/styles/base_red_style.css
-www/base/styles/base_style.css
-www/base/styles/acid_style.css
-@dir www/base/includes/templates/default
diff --git a/security/botan110/Makefile b/security/botan110/Makefile
deleted file mode 100644
index e066b0db61b7..000000000000
--- a/security/botan110/Makefile
+++ /dev/null
@@ -1,68 +0,0 @@
-# Created by: Ying-Chieh Liao <ijliao@FreeBSD.org>
-
-PORTNAME=	botan
-DISTVERSION=	1.10.17
-PORTREVISION=	1
-CATEGORIES=	security
-MASTER_SITES=	http://botan.randombit.net/releases/
-PKGNAMESUFFIX=	110
-DISTNAME=	Botan-${PORTVERSION}
-
-MAINTAINER=	lapo@lapo.it
-COMMENT=	Portable, easy to use, and efficient C++ crypto library
-
-LICENSE=	BSD2CLAUSE
-LICENSE_FILE=	${WRKSRC}/doc/license.txt
-
-DEPRECATED=	Deprecated upstream, users are recommended to migrate to 2.x
-EXPIRATION_DATE=2022-03-31
-
-BROKEN_riscv64=		fails to build: Unknown or unidentifiable processor "riscv"
-
-OPTIONS_DEFINE=		SSL GMP DOCS
-OPTIONS_DEFAULT=	SSL GMP
-
-USES=		compiler cpe gmake python:build shebangfix tar:tgz
-CPE_VENDOR=	${PORTNAME}_project
-HAS_CONFIGURE=	yes
-CONFIGURE_SCRIPT=	configure.py
-CONFIGURE_ARGS=	--prefix=${PREFIX} --cc ${CHOSEN_COMPILER_TYPE} \
-		--with-tr1-implementation=system --with-bzip2 --with-zlib
-MAKE_ARGS=	CXX="${CXX}" CHECK_OPT="${CXXFLAGS}" LIB_OPT="${CXXFLAGS}"
-USE_LDCONFIG=	yes
-PLIST_FILES=	bin/botan-config-1.10 lib/libbotan-1.10.a lib/libbotan-1.10.so lib/libbotan-1.10.so.1 \
-		lib/libbotan-1.10.so.1.17 libdata/pkgconfig/botan-1.10.pc
-SHEBANG_FILES=	configure.py
-TEST_TARGET=	check
-
-DOCSDIR=	${PREFIX}/share/doc/${PORTNAME}-${PORTVERSION}
-PORTDOCS=	*
-
-SSL_USES=		ssl
-SSL_CONFIGURE_WITH=	openssl
-
-GMP_USES=		localbase:ldflags
-GMP_LIB_DEPENDS=	libgmp.so:math/gmp
-GMP_CONFIGURE_WITH=	gnump
-
-.include <bsd.port.pre.mk>
-
-.if (${OPSYS} == FreeBSD && ${OSVERSION} > 1200084) || ${SSL_DEFAULT:Mopenssl} || ${SSL_DEFAULT:M*-devel}
-EXTRA_PATCHES+=	${FILESDIR}/extra-patch-openssl11
-.endif
-
-post-patch:
-	@${REINPLACE_CMD} -e "s|#!/usr/bin/env python|#!${PYTHON_CMD}|" \
-		${WRKSRC}/configure.py
-
-post-patch-DOCS-off:
-	@${REINPLACE_CMD} -e '/DOCDIR/d' \
-		${WRKSRC}/src/build-data/makefile/unix_shr.in
-
-post-install:
-	@(cd "${STAGEDIR}${PREFIX}"; ${FIND} -s include/botan-1.10 -not -type d) >> ${TMPPLIST}
-
-post-test:
-	cd ${WRKSRC} && ${SETENV} LD_LIBRARY_PATH="." ./check --test
-
-.include <bsd.port.post.mk>
diff --git a/security/botan110/distinfo b/security/botan110/distinfo
deleted file mode 100644
index 6404cca0542d..000000000000
--- a/security/botan110/distinfo
+++ /dev/null
@@ -1,3 +0,0 @@
-TIMESTAMP = 1507819766
-SHA256 (Botan-1.10.17.tgz) = 6847ffb64b8d2f939dccfecc17bd2c80385d08f7621e2c56d3a335118e823613
-SIZE (Botan-1.10.17.tgz) = 2706678
diff --git a/security/botan110/files/extra-patch-openssl11 b/security/botan110/files/extra-patch-openssl11
deleted file mode 100644
index 584e7aa309e8..000000000000
--- a/security/botan110/files/extra-patch-openssl11
+++ /dev/null
@@ -1,262 +0,0 @@
---- src/engine/openssl/ossl_bc.cpp.orig	2017-10-02 06:00:00 UTC
-+++ src/engine/openssl/ossl_bc.cpp
-@@ -8,10 +8,6 @@
- #include <botan/internal/openssl_engine.h>
- #include <openssl/evp.h>
- 
--#if OPENSSL_VERSION_NUMBER >= 0x10100000
--  #error "OpenSSL 1.1 API not supported in Botan 1.10, upgrade to 2.x"
--#endif
--
- namespace Botan {
- 
- namespace {
-@@ -44,7 +40,7 @@ class EVP_BlockCipher : public BlockCipher
-       size_t block_sz;
-       Key_Length_Specification cipher_key_spec;
-       std::string cipher_name;
--      mutable EVP_CIPHER_CTX encrypt, decrypt;
-+      mutable EVP_CIPHER_CTX *encrypt, *decrypt;
-    };
- 
- /*
-@@ -59,14 +55,15 @@ EVP_BlockCipher::EVP_BlockCipher(const EVP_CIPHER* alg
-    if(EVP_CIPHER_mode(algo) != EVP_CIPH_ECB_MODE)
-       throw Invalid_Argument("EVP_BlockCipher: Non-ECB EVP was passed in");
- 
--   EVP_CIPHER_CTX_init(&encrypt);
--   EVP_CIPHER_CTX_init(&decrypt);
-+   if ((encrypt = EVP_CIPHER_CTX_new()) == NULL)
-+      throw Invalid_Argument("EVP_BlockCipher: EVP_CIPHER_CTX_new failed");
-+   EVP_EncryptInit_ex(encrypt, algo, 0, 0, 0);
-+   EVP_CIPHER_CTX_set_padding(encrypt, 0);
- 
--   EVP_EncryptInit_ex(&encrypt, algo, 0, 0, 0);
--   EVP_DecryptInit_ex(&decrypt, algo, 0, 0, 0);
--
--   EVP_CIPHER_CTX_set_padding(&encrypt, 0);
--   EVP_CIPHER_CTX_set_padding(&decrypt, 0);
-+   if ((decrypt = EVP_CIPHER_CTX_new()) == NULL)
-+      throw Invalid_Argument("EVP_BlockCipher: EVP_CIPHER_CTX_new failed");
-+   EVP_DecryptInit_ex(decrypt, algo, 0, 0, 0);
-+   EVP_CIPHER_CTX_set_padding(decrypt, 0);
-    }
- 
- /*
-@@ -83,14 +80,15 @@ EVP_BlockCipher::EVP_BlockCipher(const EVP_CIPHER* alg
-    if(EVP_CIPHER_mode(algo) != EVP_CIPH_ECB_MODE)
-       throw Invalid_Argument("EVP_BlockCipher: Non-ECB EVP was passed in");
- 
--   EVP_CIPHER_CTX_init(&encrypt);
--   EVP_CIPHER_CTX_init(&decrypt);
-+   if ((encrypt = EVP_CIPHER_CTX_new()) == NULL)
-+      throw Invalid_Argument("EVP_BlockCipher: EVP_CIPHER_CTX_new failed");
-+   EVP_EncryptInit_ex(encrypt, algo, 0, 0, 0);
-+   EVP_CIPHER_CTX_set_padding(encrypt, 0);
- 
--   EVP_EncryptInit_ex(&encrypt, algo, 0, 0, 0);
--   EVP_DecryptInit_ex(&decrypt, algo, 0, 0, 0);
--
--   EVP_CIPHER_CTX_set_padding(&encrypt, 0);
--   EVP_CIPHER_CTX_set_padding(&decrypt, 0);
-+   if ((decrypt = EVP_CIPHER_CTX_new()) == NULL)
-+      throw Invalid_Argument("EVP_BlockCipher: EVP_CIPHER_CTX_new failed");
-+   EVP_DecryptInit_ex(decrypt, algo, 0, 0, 0);
-+   EVP_CIPHER_CTX_set_padding(decrypt, 0);
-    }
- 
- /*
-@@ -98,8 +96,8 @@ EVP_BlockCipher::EVP_BlockCipher(const EVP_CIPHER* alg
- */
- EVP_BlockCipher::~EVP_BlockCipher()
-    {
--   EVP_CIPHER_CTX_cleanup(&encrypt);
--   EVP_CIPHER_CTX_cleanup(&decrypt);
-+   EVP_CIPHER_CTX_cleanup(encrypt);
-+   EVP_CIPHER_CTX_cleanup(decrypt);
-    }
- 
- /*
-@@ -109,7 +107,7 @@ void EVP_BlockCipher::encrypt_n(const byte in[], byte 
-                                 size_t blocks) const
-    {
-    int out_len = 0;
--   EVP_EncryptUpdate(&encrypt, out, &out_len, in, blocks * block_sz);
-+   EVP_EncryptUpdate(encrypt, out, &out_len, in, blocks * block_sz);
-    }
- 
- /*
-@@ -119,7 +117,7 @@ void EVP_BlockCipher::decrypt_n(const byte in[], byte 
-                                 size_t blocks) const
-    {
-    int out_len = 0;
--   EVP_DecryptUpdate(&decrypt, out, &out_len, in, blocks * block_sz);
-+   EVP_DecryptUpdate(decrypt, out, &out_len, in, blocks * block_sz);
-    }
- 
- /*
-@@ -134,19 +132,19 @@ void EVP_BlockCipher::key_schedule(const byte key[], s
-       full_key += std::make_pair(key, 8);
-       }
-    else
--      if(EVP_CIPHER_CTX_set_key_length(&encrypt, length) == 0 ||
--         EVP_CIPHER_CTX_set_key_length(&decrypt, length) == 0)
-+      if(EVP_CIPHER_CTX_set_key_length(encrypt, length) == 0 ||
-+         EVP_CIPHER_CTX_set_key_length(decrypt, length) == 0)
-          throw Invalid_Argument("EVP_BlockCipher: Bad key length for " +
-                                 cipher_name);
- 
-    if(cipher_name == "RC2")
-       {
--      EVP_CIPHER_CTX_ctrl(&encrypt, EVP_CTRL_SET_RC2_KEY_BITS, length*8, 0);
--      EVP_CIPHER_CTX_ctrl(&decrypt, EVP_CTRL_SET_RC2_KEY_BITS, length*8, 0);
-+      EVP_CIPHER_CTX_ctrl(encrypt, EVP_CTRL_SET_RC2_KEY_BITS, length*8, 0);
-+      EVP_CIPHER_CTX_ctrl(decrypt, EVP_CTRL_SET_RC2_KEY_BITS, length*8, 0);
-       }
- 
--   EVP_EncryptInit_ex(&encrypt, 0, 0, full_key.begin(), 0);
--   EVP_DecryptInit_ex(&decrypt, 0, 0, full_key.begin(), 0);
-+   EVP_EncryptInit_ex(encrypt, 0, 0, full_key.begin(), 0);
-+   EVP_DecryptInit_ex(decrypt, 0, 0, full_key.begin(), 0);
-    }
- 
- /*
-@@ -154,7 +152,7 @@ void EVP_BlockCipher::key_schedule(const byte key[], s
- */
- BlockCipher* EVP_BlockCipher::clone() const
-    {
--   return new EVP_BlockCipher(EVP_CIPHER_CTX_cipher(&encrypt),
-+   return new EVP_BlockCipher(EVP_CIPHER_CTX_cipher(encrypt),
-                               cipher_name,
-                               cipher_key_spec.minimum_keylength(),
-                               cipher_key_spec.maximum_keylength(),
-@@ -166,16 +164,16 @@ BlockCipher* EVP_BlockCipher::clone() const
- */
- void EVP_BlockCipher::clear()
-    {
--   const EVP_CIPHER* algo = EVP_CIPHER_CTX_cipher(&encrypt);
-+   const EVP_CIPHER* algo = EVP_CIPHER_CTX_cipher(encrypt);
- 
--   EVP_CIPHER_CTX_cleanup(&encrypt);
--   EVP_CIPHER_CTX_cleanup(&decrypt);
--   EVP_CIPHER_CTX_init(&encrypt);
--   EVP_CIPHER_CTX_init(&decrypt);
--   EVP_EncryptInit_ex(&encrypt, algo, 0, 0, 0);
--   EVP_DecryptInit_ex(&decrypt, algo, 0, 0, 0);
--   EVP_CIPHER_CTX_set_padding(&encrypt, 0);
--   EVP_CIPHER_CTX_set_padding(&decrypt, 0);
-+   EVP_CIPHER_CTX_cleanup(encrypt);
-+   EVP_CIPHER_CTX_cleanup(decrypt);
-+   EVP_CIPHER_CTX_init(encrypt);
-+   EVP_CIPHER_CTX_init(decrypt);
-+   EVP_EncryptInit_ex(encrypt, algo, 0, 0, 0);
-+   EVP_DecryptInit_ex(decrypt, algo, 0, 0, 0);
-+   EVP_CIPHER_CTX_set_padding(encrypt, 0);
-+   EVP_CIPHER_CTX_set_padding(decrypt, 0);
-    }
- 
- }
---- src/engine/openssl/ossl_md.cpp.orig	2017-10-02 06:00:00 UTC
-+++ src/engine/openssl/ossl_md.cpp
-@@ -8,10 +8,6 @@
- #include <botan/internal/openssl_engine.h>
- #include <openssl/evp.h>
- 
--#if OPENSSL_VERSION_NUMBER >= 0x10100000
--  #error "OpenSSL 1.1 API not supported in Botan 1.10, upgrade to 2.x"
--#endif
--
- namespace Botan {
- 
- namespace {
-@@ -28,12 +24,12 @@ class EVP_HashFunction : public HashFunction
- 
-       size_t output_length() const
-          {
--         return EVP_MD_size(EVP_MD_CTX_md(&md));
-+         return EVP_MD_size(EVP_MD_CTX_md(md));
-          }
- 
-       size_t hash_block_size() const
-          {
--         return EVP_MD_block_size(EVP_MD_CTX_md(&md));
-+         return EVP_MD_block_size(EVP_MD_CTX_md(md));
-          }
- 
-       EVP_HashFunction(const EVP_MD*, const std::string&);
-@@ -44,7 +40,7 @@ class EVP_HashFunction : public HashFunction
- 
-       size_t block_size;
-       std::string algo_name;
--      EVP_MD_CTX md;
-+      EVP_MD_CTX *md;
-    };
- 
- /*
-@@ -52,7 +48,7 @@ class EVP_HashFunction : public HashFunction
- */
- void EVP_HashFunction::add_data(const byte input[], size_t length)
-    {
--   EVP_DigestUpdate(&md, input, length);
-+   EVP_DigestUpdate(md, input, length);
-    }
- 
- /*
-@@ -60,9 +56,9 @@ void EVP_HashFunction::add_data(const byte input[], si
- */
- void EVP_HashFunction::final_result(byte output[])
-    {
--   EVP_DigestFinal_ex(&md, output, 0);
--   const EVP_MD* algo = EVP_MD_CTX_md(&md);
--   EVP_DigestInit_ex(&md, algo, 0);
-+   EVP_DigestFinal_ex(md, output, 0);
-+   const EVP_MD* algo = EVP_MD_CTX_md(md);
-+   EVP_DigestInit_ex(md, algo, 0);
-    }
- 
- /*
-@@ -70,8 +66,8 @@ void EVP_HashFunction::final_result(byte output[])
- */
- void EVP_HashFunction::clear()
-    {
--   const EVP_MD* algo = EVP_MD_CTX_md(&md);
--   EVP_DigestInit_ex(&md, algo, 0);
-+   const EVP_MD* algo = EVP_MD_CTX_md(md);
-+   EVP_DigestInit_ex(md, algo, 0);
-    }
- 
- /*
-@@ -79,7 +75,7 @@ void EVP_HashFunction::clear()
- */
- HashFunction* EVP_HashFunction::clone() const
-    {
--   const EVP_MD* algo = EVP_MD_CTX_md(&md);
-+   const EVP_MD* algo = EVP_MD_CTX_md(md);
-    return new EVP_HashFunction(algo, name());
-    }
- 
-@@ -90,8 +86,9 @@ EVP_HashFunction::EVP_HashFunction(const EVP_MD* algo,
-                                    const std::string& name) :
-    algo_name(name)
-    {
--   EVP_MD_CTX_init(&md);
--   EVP_DigestInit_ex(&md, algo, 0);
-+   if ((md = EVP_MD_CTX_new()) == NULL)
-+     throw Invalid_Argument("EVP_HashFunction: EVP_MD_CTX_new failed");
-+   EVP_DigestInit_ex(md, algo, 0);
-    }
- 
- /*
-@@ -99,7 +96,11 @@ EVP_HashFunction::EVP_HashFunction(const EVP_MD* algo,
- */
- EVP_HashFunction::~EVP_HashFunction()
-    {
--   EVP_MD_CTX_cleanup(&md);
-+#if OPENSSL_VERSION_NUMBER >= 0x10100000
-+   EVP_MD_CTX_free(md);
-+#else
-+   EVP_MD_CTX_cleanup(md);
-+#endif
-    }
- 
- }
diff --git a/security/botan110/files/patch-src_build_data_makefile_unix_shr.in b/security/botan110/files/patch-src_build_data_makefile_unix_shr.in
deleted file mode 100644
index 6dfb643d1ddf..000000000000
--- a/security/botan110/files/patch-src_build_data_makefile_unix_shr.in
+++ /dev/null
@@ -1,22 +0,0 @@
---- src/build-data/makefile/unix_shr.in.orig	2013-12-29 19:30:46.000000000 +0100
-+++ src/build-data/makefile/unix_shr.in	2014-01-29 12:56:53.163471296 +0100
-@@ -14,13 +14,13 @@ VERSION       = %{version}
- SERIES        = %{version_major}.%{version_minor}
- 
- # Installation Settings
--DESTDIR       = %{prefix}
-+PREFIX        = %{prefix}
- 
--BINDIR        = $(DESTDIR)/bin
--LIBDIR        = $(DESTDIR)/%{libdir}
--HEADERDIR     = $(DESTDIR)/%{includedir}/botan-$(SERIES)/botan
--DOCDIR        = $(DESTDIR)/%{docdir}/botan-$(VERSION)
--PKGCONF_DIR   = $(LIBDIR)/pkgconfig
-+BINDIR        = $(DESTDIR)$(PREFIX)/bin
-+LIBDIR        = $(DESTDIR)$(PREFIX)/%{libdir}
-+HEADERDIR     = $(DESTDIR)$(PREFIX)/%{includedir}/botan-$(SERIES)/botan
-+DOCDIR        = $(DESTDIR)$(PREFIX)/%{docdir}/botan-$(VERSION)
-+PKGCONF_DIR   = $(DESTDIR)$(PREFIX)/libdata/pkgconfig
- 
- CONFIG_SCRIPT = %{botan_config}
- PKGCONFIG     = %{botan_pkgconfig}
diff --git a/security/botan110/files/patch-src_ssl_tls__record.h b/security/botan110/files/patch-src_ssl_tls__record.h
deleted file mode 100644
index 52fb1cb46dfd..000000000000
--- a/security/botan110/files/patch-src_ssl_tls__record.h
+++ /dev/null
@@ -1,31 +0,0 @@
---- src/ssl/tls_record.h.orig	2016-04-28 13:27:08 UTC
-+++ src/ssl/tls_record.h
-@@ -17,8 +17,15 @@
- 
- #if defined(BOTAN_USE_STD_TR1)
- 
--#if defined(BOTAN_BUILD_COMPILER_IS_MSVC)
-+#if defined(_LIBCPP_VERSION) || defined(BOTAN_BUILD_COMPILER_IS_MSVC)
-     #include <functional>
-+    #if defined(_LIBCPP_VERSION)
-+    namespace std {
-+      namespace tr1 {
-+        using std::function;
-+      }
-+    }
-+    #endif
- #else
-     #include <tr1/functional>
- #endif
-@@ -31,7 +38,11 @@
- 
- namespace Botan {
- 
-+#if defined(_LIBCPP_VERSION)
-+using namespace std::placeholders;
-+#else
- using namespace std::tr1::placeholders;
-+#endif
- 
- /**
- * TLS Record Writer
diff --git a/security/botan110/pkg-descr b/security/botan110/pkg-descr
deleted file mode 100644
index e9c30d31e055..000000000000
--- a/security/botan110/pkg-descr
+++ /dev/null
@@ -1,14 +0,0 @@
-Botan is a crypto library written in C++. It provides a variety of
-cryptographic algorithms, including common ones such as AES, MD5, SHA,
-HMAC, RSA, Diffie-Hellman, DSA, and ECDSA, as well as many others that
-are more obscure or specialized. It also offers X.509v3 certificates
-and CRLs, and PKCS #10 certificate requests. A message processing
-system that uses a filter/pipeline metaphor allows for many common
-cryptographic tasks to be completed with just a few lines of code.
-Assembly optimizations for common CPUs, including x86, x86-64, and
-PowerPC, offers further speedups for critical tasks such as SHA-1
-hashing and multiple precision integer operations.
-
-Botan is licensed under the same permissive terms as FreeBSD itself.
-
-WWW: https://botan.randombit.net/
diff --git a/security/bruteforceblocker/Makefile b/security/bruteforceblocker/Makefile
deleted file mode 100644
index e2ae05f69c2f..000000000000
--- a/security/bruteforceblocker/Makefile
+++ /dev/null
@@ -1,41 +0,0 @@
-# Created by: Daniel Gerzo <danger@rulez.sk>
-
-PORTNAME=	bruteforceblocker
-PORTVERSION=	1.2.6
-PORTREVISION=	2
-CATEGORIES=	security
-
-MAINTAINER=	danger@FreeBSD.org
-COMMENT=	Checks for SSH bruteforce and blocks given IPs
-
-LICENSE=	NONE
-
-DEPRECATED=	Abandonware, please consider using security/sshguard
-EXPIRATION_DATE=2022-03-31
-
-RUN_DEPENDS=	p5-Unix-Syslog>=0:sysutils/p5-Unix-Syslog \
-		p5-Sys-Hostname-Long>=0:sysutils/p5-Sys-Hostname-Long \
-		p5-libwww>=0:www/p5-libwww \
-		p5-Net-DNS>=0:dns/p5-Net-DNS
-
-USES=		perl5 shebangfix
-USE_GITHUB=	yes
-GH_ACCOUNT=	dgerzo
-USE_PERL5=	run
-
-NO_BUILD=	yes
-
-OPTIONS_DEFINE=	DOCS
-
-SUB_FILES=	pkg-message
-SHEBANG_FILES=	${PORTNAME}.pl
-
-do-install:
-	${INSTALL_SCRIPT} ${WRKSRC}/${PORTNAME}.pl ${STAGEDIR}${PREFIX}/sbin/${PORTNAME}
-	${INSTALL_DATA} ${WRKSRC}/${PORTNAME}.conf ${STAGEDIR}${PREFIX}/etc/${PORTNAME}.conf.sample
-	@${MKDIR} ${STAGEDIR}${DOCSDIR}
-.for FILE in INSTALL CHANGELOG CREDITS
-	${INSTALL_DATA} ${WRKSRC}/${FILE} ${STAGEDIR}${DOCSDIR}
-.endfor
-
-.include <bsd.port.mk>
diff --git a/security/bruteforceblocker/distinfo b/security/bruteforceblocker/distinfo
deleted file mode 100644
index 3de52312044c..000000000000
--- a/security/bruteforceblocker/distinfo
+++ /dev/null
@@ -1,3 +0,0 @@
-TIMESTAMP = 1541358471
-SHA256 (dgerzo-bruteforceblocker-1.2.6_GH0.tar.gz) = 965f608cb2c2ba6f36f74c9d27dfa3f0c0089841e8121b70c1b741e988f1465b
-SIZE (dgerzo-bruteforceblocker-1.2.6_GH0.tar.gz) = 5301
diff --git a/security/bruteforceblocker/files/patch-bruteforceblocker.pl b/security/bruteforceblocker/files/patch-bruteforceblocker.pl
deleted file mode 100644
index 556070e4a5bb..000000000000
--- a/security/bruteforceblocker/files/patch-bruteforceblocker.pl
+++ /dev/null
@@ -1,22 +0,0 @@
---- bruteforceblocker.pl.orig	2018-12-18 11:17:19 UTC
-+++ bruteforceblocker.pl
-@@ -79,13 +79,13 @@ my $res   = Net::DNS::Resolver->new;
- while (<>) {
-     if (/.*Failed password.*from ($work->{ipv4}|$work->{ipv6}|$work->{fqdn}) port.*/i ||
- 	/.*Failed keyboard.*from ($work->{ipv4}|$work->{ipv6}|$work->{fqdn}) port.*/i ||
--	/.*Invalid user.*from ($work->{ipv4}|$work->{ipv6}|$work->{fqdn})$/i ||
--	/.*Did not receive identification string from ($work->{ipv4}|$work->{ipv6}|$work->{fqdn})$/i ||
--	/.*Bad protocol version identification .* from ($work->{ipv4}|$work->{ipv6}|$work->{fqdn})$/i ||
-+	/.*Invalid user.*from ($work->{ipv4}|$work->{ipv6}|$work->{fqdn}) port.*/i ||
-+	/.*Did not receive identification string from ($work->{ipv4}|$work->{ipv6}|$work->{fqdn}) port.*/i ||
-+	/.*Bad protocol version identification .* from ($work->{ipv4}|$work->{ipv6}|$work->{fqdn}) port.*/i ||
- 	/.*User.*from ($work->{ipv4}|$work->{ipv6}|$work->{fqdn}) not allowed because.*/i ||
--	/.*error: maximum authentication attempts exceeded for.*from ($work->{ipv4}|$work->{ipv6}|$work->{fqdn}).*/i ||
--	/.*error: PAM: authentication error for.*from ($work->{ipv4}|$work->{ipv6}|$work->{fqdn}).*/i ||
--	/.*fatal: Unable to negotiate with ($work->{ipv4}|$work->{ipv6}|$work->{fqdn}).*/i) {
-+	/.*error: maximum authentication attempts exceeded for.*from ($work->{ipv4}|$work->{ipv6}|$work->{fqdn}) port.*/i ||
-+	/.*error: PAM: authentication error for.*from ($work->{ipv4}|$work->{ipv6}|$work->{fqdn}) port.*/i ||
-+	/.*Unable to negotiate with ($work->{ipv4}|$work->{ipv6}|$work->{fqdn}) port.*/i) {
- 
- 	my $IP = $1;
- 	if ($IP =~ /$work->{fqdn}/i) {
diff --git a/security/bruteforceblocker/files/pkg-message.in b/security/bruteforceblocker/files/pkg-message.in
deleted file mode 100644
index 8543c7f4f99e..000000000000
--- a/security/bruteforceblocker/files/pkg-message.in
+++ /dev/null
@@ -1,8 +0,0 @@
-[
-{ type: install
-  message: <<EOM
-Configuration of BruteForceBlocker is done via main configuration file
-located at %%PREFIX%%/etc/bruteforceblocker.conf
-EOM
-}
-]
diff --git a/security/bruteforceblocker/pkg-descr b/security/bruteforceblocker/pkg-descr
deleted file mode 100644
index 5b0c2a8499dc..000000000000
--- a/security/bruteforceblocker/pkg-descr
+++ /dev/null
@@ -1,11 +0,0 @@
-BruteForceBlocker is a Perl script that works along with pf - OpenBSD's
-firewall (which is also available on FreeBSD since version 5.2 is out).
-Its main purpose is to block SSH bruteforce attacks via firewall.
-When this script is running, it checks sshd logs from syslog and looks
-for failed login attempts - mostly some annoying script attacks, and
-counts number of such attempts. When given IP reaches configured limit
-of fails, script puts this IP to the pf's table and blocks any further
-traffic to the that box from given IP (this also depends on
-configuration done in pf.conf).
-
-WWW: http://danger.rulez.sk/index.php/bruteforceblocker/
diff --git a/security/bruteforceblocker/pkg-plist b/security/bruteforceblocker/pkg-plist
deleted file mode 100644
index 346fc0c0216c..000000000000
--- a/security/bruteforceblocker/pkg-plist
+++ /dev/null
@@ -1,5 +0,0 @@
-%%PORTDOCS%%%%DOCSDIR%%/CHANGELOG
-%%PORTDOCS%%%%DOCSDIR%%/CREDITS
-%%PORTDOCS%%%%DOCSDIR%%/INSTALL
-@sample etc/bruteforceblocker.conf.sample
-sbin/bruteforceblocker
diff --git a/security/cisco-torch/Makefile b/security/cisco-torch/Makefile
deleted file mode 100644
index c3bd4d63d03f..000000000000
--- a/security/cisco-torch/Makefile
+++ /dev/null
@@ -1,52 +0,0 @@
-# Created by: Rihaz Jerrin <rihaz.jerrin@gmail.com>
-
-PORTNAME=	cisco-torch
-PORTVERSION=	0.4
-DISTVERSIONSUFFIX=	b
-CATEGORIES=	security
-MASTER_SITES=	http://www.hackingciscoexposed.com/tools/
-
-MAINTAINER=	rihaz.jerrin@gmail.com
-COMMENT=	Mass Cisco Vulnerability Scanner
-
-LICENSE=	LGPL21
-
-BROKEN=		Unfetchable
-DEPRECATED=	Abandonware, dead upstream
-EXPIRATION_DATE=2022-03-31
-
-RUN_DEPENDS=	p5-Net-Telnet>=0:net/p5-Net-Telnet \
-		p5-Net-SSH2>=0:net/p5-Net-SSH2 \
-		p5-Net-SNMP>=0:net-mgmt/p5-Net-SNMP \
-		p5-Net-SSLeay>=0:security/p5-Net-SSLeay
-
-USES=		perl5 shebangfix
-SHEBANG_FILES=	${WRKSRC}/cisco-torch.pl
-
-NO_BUILD=	yes
-NO_ARCH=	yes
-
-PORTDOCS=	README.txt  TODO  CHANGELOG.txt  LICENSE
-FILELIST=	brutefile.txt \
-		community.txt \
-		fingerprint.db \
-		password.txt \
-		tfingerprint.db \
-		users.txt
-
-OPTIONS_DEFINE=	DOCS
-
-do-install:
-	${INSTALL_SCRIPT}   ${WRKSRC}/cisco-torch.pl ${STAGEDIR}${PREFIX}/bin/cisco-torch
-	${MKDIR}	    ${STAGEDIR}${DATADIR}/include
-	${MKDIR}	    ${STAGEDIR}${DATADIR}/tftproot
-	${MKDIR}            ${STAGEDIR}${ETCDIR}
-.for i in ${FILELIST}
-	${INSTALL_DATA} ${WRKSRC}/${i} ${STAGEDIR}${DATADIR}
-.endfor
-	(cd ${WRKSRC} && ${COPYTREE_SHARE} include ${STAGEDIR}${DATADIR})
-	${MKDIR}  ${STAGEDIR}${DOCSDIR}
-	${INSTALL_DATA}	${WRKSRC}/torch.conf  ${STAGEDIR}${ETCDIR}/torch.conf.sample
-	${INSTALL_DATA} ${PORTDOCS:S|^|${WRKSRC}/|} ${STAGEDIR}${DOCSDIR}
-
-.include <bsd.port.mk>
diff --git a/security/cisco-torch/distinfo b/security/cisco-torch/distinfo
deleted file mode 100644
index 219be196f69a..000000000000
--- a/security/cisco-torch/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (cisco-torch-0.4b.tar.gz) = a23b90858d17bb85164e210c46b4411e4184f9eb9229ad0dcc30655f23f1023e
-SIZE (cisco-torch-0.4b.tar.gz) = 27126
diff --git a/security/cisco-torch/files/patch-cisco-torch.pl b/security/cisco-torch/files/patch-cisco-torch.pl
deleted file mode 100644
index 6d840f12a8bf..000000000000
--- a/security/cisco-torch/files/patch-cisco-torch.pl
+++ /dev/null
@@ -1,33 +0,0 @@
---- cisco-torch.pl.orig	2016-02-15 10:53:28 UTC
-+++ cisco-torch.pl
-@@ -5,14 +5,14 @@ eval ("use sigtrap;");die "[error] sigtr
- eval ("use Net::hostent;");die "[error] Net::hostent  perl module is not installed \n" if $@;
- eval ("use Getopt::Std;");die "[error] Getopt::Std perl module is not installed \n" if $@;
- eval ("use Net::Telnet;");die "[error] Net::Telnet perl module is not installed \n" if $@;
--eval ("use Net::SSH::Perl;");die "[error] Net::SSH::Perl perl module is not installed \n" if $@;
-+eval ("use  Net::SSH2;");die "[error]  Net::SSH2 perl module is not installed \n" if $@;
- eval ("use Net::SSLeay qw(get_https post_https sslcat make_headers make_form);");die "[error] Net::SSLeay perl module is not installed \n" if $@;
- eval ("use MIME::Base64 qw(encode_base64);");die "[error] MIME::Base64 perl module is not installed \n" if $@;
- eval ("use Net::SNMP;");die "[error] Net::SNMP perl module is not installed \n" if $@;
- eval ("use POSIX;");die "[error] POSIX perl  is not suported \n" if $@;
- 
- 
--eval{require "torch.conf"};
-+eval{require "/usr/local/etc/cisco-torch/torch.conf"};
- 
- if($@) {
-    print "Failed to load config file:torch.conf\n";
-@@ -23,11 +23,11 @@ print "Using config file torch.conf...\n
- 
- # Plugins
- print "Loading include and plugin ...\n";
--opendir(DIR, "include");
-+opendir(DIR, "$datadir/include");
- while($in=readdir(DIR)) {
-     next if ($in=~/^[.]{1,2}/);
-     next if !($in=~/\.pm$/);
--    require "include/$in";
-+    require "$datadir/include/$in";
- }
- closedir(DIR);
- 
diff --git a/security/cisco-torch/files/patch-include_Banner.pm b/security/cisco-torch/files/patch-include_Banner.pm
deleted file mode 100644
index d8d4052561db..000000000000
--- a/security/cisco-torch/files/patch-include_Banner.pm
+++ /dev/null
@@ -1,28 +0,0 @@
---- include/Banner.pm.orig	2016-02-13 16:02:14 UTC
-+++ include/Banner.pm
-@@ -1,8 +1,8 @@
- 
- sub usage
- {
--	print( " version $version\nusage: ./cisco-torch.pl <options> <IP,hostname,network>\n\n");
--	print("or: ./cisco-torch.pl <options> -F <hostlist>\n\n");
-+	print( " version $version\nusage: cisco-torch <options> <IP,hostname,network>\n\n");
-+	print("or: cisco-torch <options> -F <hostlist>\n\n");
- 	print("Available options:\n");
- 	print("-O <output file>\n");
- 	print("-A\t\tAll fingerprint scan types combined\n");
-@@ -21,10 +21,10 @@ sub usage
- 	print("-c\t\tCisco Webserver with SSL support scan\n");
- 	print("-b\t\tPassword dictionary attack (use with -s, -u, -c, -w , -j or -t only)\n");
- 	print("-V\t\tPrint tool version and exit\n");
--	print("examples:\t./cisco-torch.pl -A 10.10.0.0\/16\n");
--	print("\t\t./cisco-torch.pl -s -b -F sshtocheck.txt\n");
--        print("\t\t./cisco-torch.pl -w -z 10.10.0.0\/16\n");
--	print("\t\t./cisco-torch.pl -j -b -g -F tftptocheck.txt\n");
-+	print("examples:\t cisco-torch -A 10.10.0.0\/16\n");
-+	print("\t\t cisco-torch -s -b -F sshtocheck.txt\n");
-+        print("\t\t cisco-torch -w -z 10.10.0.0\/16\n");
-+	print("\t\t cisco-torch -j -b -g -F tftptocheck.txt\n");
- }
- 
- sub banner
diff --git a/security/cisco-torch/files/patch-torch.conf b/security/cisco-torch/files/patch-torch.conf
deleted file mode 100644
index e1ac223083a5..000000000000
--- a/security/cisco-torch/files/patch-torch.conf
+++ /dev/null
@@ -1,26 +0,0 @@
---- torch.conf.orig	2005-03-10 13:38:34 UTC
-+++ torch.conf
-@@ -1,14 +1,15 @@
-+$datadir="/usr/local/share/cisco-torch";
- $max_processes=50; #Max proces 
- $hosts_per_process=5; #Max  host per process 
--$passfile= "password.txt"; #Password word database
--$communityfile="community.txt"; #SNMP community database
--$usersfile="users.txt"; # Users word database
--$brutefile="brutefile.txt"; #TFTP file word database
--$fingerprintdb = "fingerprint.db"; #Telnet fingerprint database 
--$tfingerprintdb = "tfingerprint.db"; #TFTP fingerprint database 
-+$passfile= "$datadir/password.txt"; #Password word database
-+$communityfile="$datadir/community.txt"; #SNMP community database
-+$usersfile="$datadir/users.txt"; # Users word database
-+$brutefile="$datadir/brutefile.txt"; #TFTP file word database
-+$fingerprintdb = "$datadir/fingerprint.db"; #Telnet fingerprint database 
-+$tfingerprintdb = "$datadir/tfingerprint.db"; #TFTP fingerprint database 
- $tftprootdir ="tftproot";   # TFT root directory
- $tftpserver ="192.168.77.8"; #TFTP server hostname
- $tmplogprefix = "/tmp/tmplog"; #Temp file directory
- $logfile="scan.log"; #Log file filename 
- $llevel="cdv"; #Log level
--$port = 80;    #Web service port
-\ No newline at end of file
-+$port = 80;    #Web service port
diff --git a/security/cisco-torch/pkg-descr b/security/cisco-torch/pkg-descr
deleted file mode 100644
index 6bbc296d8c0b..000000000000
--- a/security/cisco-torch/pkg-descr
+++ /dev/null
@@ -1,11 +0,0 @@
-Cisco-torch is a mass Cisco Vulnerability Scanner.
-
-The main feature that makes Cisco-torch different from similar
-tools is the extensive use of forking to launch multiple scanning
-processes on the background for maximum scanning efficiency. Also,
-it uses several methods of application layer fingerprinting simultaneously,
-if needed. We wanted something fast to discover remote Cisco hosts running
-Telnet, SSH, Web, NTP and SNMP services and launch dictionary attacks
-against the services discovered.
-
-WWW: http://www.hackingciscoexposed.com/?link=tools
diff --git a/security/cisco-torch/pkg-plist b/security/cisco-torch/pkg-plist
deleted file mode 100644
index 8868ddde3d92..000000000000
--- a/security/cisco-torch/pkg-plist
+++ /dev/null
@@ -1,24 +0,0 @@
-bin/cisco-torch
-%%DATADIR%%/include/HTTP-brute.pm
-%%DATADIR%%/include/Banner.pm
-%%DATADIR%%/include/SSH-finger.pm
-%%DATADIR%%/include/Ntp.pm
-%%DATADIR%%/include/SNMP.pm
-%%DATADIR%%/include/TFTP.pm
-%%DATADIR%%/include/HTTP-bugs.pm
-%%DATADIR%%/include/log.pm
-%%DATADIR%%/include/SSL-brute.pm
-%%DATADIR%%/include/Telnet-SSH-brute.pm
-%%DATADIR%%/include/HTTP-finger.pm
-%%DATADIR%%/include/SNMPDOWNLOAD.pm
-%%DATADIR%%/include/IPmask-utils.pm
-%%DATADIR%%/include/SSL-finger.pm
-%%DATADIR%%/include/Telnet-finger.pm
-%%DATADIR%%/fingerprint.db
-%%DATADIR%%/password.txt
-%%DATADIR%%/tfingerprint.db
-%%DATADIR%%/community.txt
-%%DATADIR%%/brutefile.txt
-%%DATADIR%%/users.txt
-@dir  %%DATADIR%%/tftproot
-@sample %%ETCDIR%%/torch.conf.sample
diff --git a/security/cp2fwb/Makefile b/security/cp2fwb/Makefile
deleted file mode 100644
index 1caad266320f..000000000000
--- a/security/cp2fwb/Makefile
+++ /dev/null
@@ -1,26 +0,0 @@
-# Created by: Christian Brueffer <chris@unixpages.org>
-
-PORTNAME=	cp2fwb
-PORTVERSION=	0.6
-PORTREVISION=	1
-CATEGORIES=	security
-MASTER_SITES=	SF/${PORTNAME}uilder/${PORTNAME}uilder/${PORTNAME}-${PORTVERSION}
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Checkpoint FW1 to Firewall Builder ruleset converter
-
-DEPRECATED=	Abandonware, used with deprecated software Firewall Builder.
-EXPIRATION_DATE=2022-03-31
-
-RUN_DEPENDS=	p5-XML-Writer>=0:textproc/p5-XML-Writer
-
-PLIST_FILES=	bin/cp2fwbuilder
-USES=		perl5 shebangfix tar:tgz
-NO_BUILD=	yes
-
-SHEBANG_FILES=	cp2fwbuilder
-
-do-install:
-	${INSTALL_SCRIPT} ${WRKSRC}/cp2fwbuilder ${STAGEDIR}${PREFIX}/bin
-
-.include <bsd.port.mk>
diff --git a/security/cp2fwb/distinfo b/security/cp2fwb/distinfo
deleted file mode 100644
index 99bcf3e267a5..000000000000
--- a/security/cp2fwb/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (cp2fwb-0.6.tgz) = dfa8951634c8f704f20048e497888dec7ff6a35af742e48cca1c2665eb8a5691
-SIZE (cp2fwb-0.6.tgz) = 17342
diff --git a/security/cp2fwb/pkg-descr b/security/cp2fwb/pkg-descr
deleted file mode 100644
index 1096744d4262..000000000000
--- a/security/cp2fwb/pkg-descr
+++ /dev/null
@@ -1,4 +0,0 @@
-This program can convert your Checkpoint FW1 rulesets into
-XML files which can then be processed by Firewall Builder.
-
-WWW: http://cp2fwbuilder.sourceforge.net/
diff --git a/security/cp2fwb/pkg-message b/security/cp2fwb/pkg-message
deleted file mode 100644
index c5c38cb6c18f..000000000000
--- a/security/cp2fwb/pkg-message
+++ /dev/null
@@ -1,17 +0,0 @@
-[
-{ type: install
-  message: <<EOM
-  In order for cp2fwb to work, you need the following
-  files from your Checkpoint FW1 installation:
-
-   - Rulebase.W
-   - objects.C
-
-  You can then run the program like this:
-
-   cp2fwbuilder --objects=objects.C \
-			--rules=Rulebase.W \
-			--output_xml=Rulebase.xml
-EOM
-}
-]
diff --git a/security/dcetest/Makefile b/security/dcetest/Makefile
deleted file mode 100644
index 493e4a4191e3..000000000000
--- a/security/dcetest/Makefile
+++ /dev/null
@@ -1,26 +0,0 @@
-# Created by: Yonatan <onatan@gmail.com>
-
-PORTNAME=	dcetest
-PORTVERSION=	1.2
-CATEGORIES=	security
-MASTER_SITES=	PACKETSTORM/UNIX/scanners
-
-MAINTAINER=	onatan@gmail.com
-COMMENT=	Utility to dump MSRPC endpoint information from Windows systems
-
-DEPRECATED=	Targets deprecated protocol by Microsoft in favour of .NET
-EXPIRATION_DATE=2022-03-31
-
-USES=	dos2unix
-DOS2UNIX_GLOB=	*.c
-
-ALL_TARGET=	dcetest
-MAKE_ARGS=	CC="${CC}"
-WRKSRC=		${WRKDIR}/${PORTNAME}
-
-PLIST_FILES=	bin/dcetest
-
-do-install:
-	${INSTALL_PROGRAM} ${WRKSRC}/dcetest ${STAGEDIR}${PREFIX}/bin
-
-.include <bsd.port.mk>
diff --git a/security/dcetest/distinfo b/security/dcetest/distinfo
deleted file mode 100644
index d7ff1f5e5803..000000000000
--- a/security/dcetest/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (dcetest-1.2.tar.gz) = ffbb04526ee0bf44a9473b3dcc612da556022d5a3544d152f88fba267258ba75
-SIZE (dcetest-1.2.tar.gz) = 23366
diff --git a/security/dcetest/files/patch-Makefile b/security/dcetest/files/patch-Makefile
deleted file mode 100644
index 30349d5cd210..000000000000
--- a/security/dcetest/files/patch-Makefile
+++ /dev/null
@@ -1,10 +0,0 @@
---- Makefile.orig	2001-08-20 20:40:40 UTC
-+++ Makefile
-@@ -1,6 +1,6 @@
- .SUFFIXES: .a .o .c
- CC              =  gcc
--CFLAGS          =  -Wall -funsigned-char -c -fPIC -ggdb
-+CFLAGS         +=  -Wall -funsigned-char -c -fPIC -ggdb
- 
- BINS = dcetest
- ALL = $(BINS)
diff --git a/security/dcetest/files/patch-dcetest.c b/security/dcetest/files/patch-dcetest.c
deleted file mode 100644
index d5bc9b507c0e..000000000000
--- a/security/dcetest/files/patch-dcetest.c
+++ /dev/null
@@ -1,11 +0,0 @@
---- dcetest.c.orig	2016-06-20 15:23:56 UTC
-+++ dcetest.c
-@@ -359,7 +359,7 @@ dce_parse_enum_response(const unsigned c
-   int tint;
-   char annotation[EPT_MAX_ANNOTATION_SIZE+1];
-   int floor, floors;
--  int address_type;
-+  int address_type=0;
- 
-   char tmp_address[200];
-   char tmp_address2[200];
diff --git a/security/dcetest/files/patch-tcpstuff.c b/security/dcetest/files/patch-tcpstuff.c
deleted file mode 100644
index 4abe4a655478..000000000000
--- a/security/dcetest/files/patch-tcpstuff.c
+++ /dev/null
@@ -1,32 +0,0 @@
---- tcpstuff.c.orig	2016-06-20 15:23:56 UTC
-+++ tcpstuff.c
-@@ -229,6 +229,7 @@ make_tcp_listener(unsigned short localpo
- 
- 
- /* this function takes in a listenFd and returns an acceptedFd */
-+/* This is not used and gives a security warning in FreeBSD ports
- int
- tcp_accept(int listenFd)
- {
-@@ -242,12 +243,14 @@ tcp_accept(int listenFd)
- 			 (struct sockaddr *)&clientAddr,
- 			 &addrLen)) < 0)
-     {
-+*/
-       /* This is always an error, looping or not */
-+/*
-       return -1;
-     }
--  
-+*/  
-   /* Set the "don't linger on close" option */
--  
-+/*  
-   lingerVal.l_onoff = 0;
-   lingerVal.l_linger = 0;
-   if (setsockopt(clientFd, SOL_SOCKET, SO_LINGER,
-@@ -260,3 +263,4 @@ tcp_accept(int listenFd)
-   return(clientFd);
-   
- }
-+*/
diff --git a/security/dcetest/files/patch-tcpstuff.h b/security/dcetest/files/patch-tcpstuff.h
deleted file mode 100644
index 152ac0e6d1fb..000000000000
--- a/security/dcetest/files/patch-tcpstuff.h
+++ /dev/null
@@ -1,10 +0,0 @@
---- tcpstuff.h.orig	2001-08-20 20:29:56 UTC
-+++ tcpstuff.h
-@@ -42,5 +42,7 @@ make_tcp_listener(unsigned short localpo
- int
- write_uint32(int fd,uint32 data);
- 
-+/* This is not used and gives a warning in FreeBSD's ports system
- int
- tcp_accept(int listenFd);
-+*/
diff --git a/security/dcetest/pkg-descr b/security/dcetest/pkg-descr
deleted file mode 100644
index 29099b8bb2c9..000000000000
--- a/security/dcetest/pkg-descr
+++ /dev/null
@@ -1,8 +0,0 @@
-This little utility dumps MSRPC endpoint information from Windows
-systems. Similar to the rpcdump program from Microsoft, but does not
-need a DCE stack and so runs on Unixes. dcetest can be very useful
-once inside a DMZ to fingerprint Windows machines on the network.
-dcetest operates over TCP port 135. (Think of it as rpcinfo -p against
-Windows)
-
-WWW: http://www.atstake.com/research/tools/info_gathering/
diff --git a/security/doscan/Makefile b/security/doscan/Makefile
deleted file mode 100644
index cff42b6d4ee9..000000000000
--- a/security/doscan/Makefile
+++ /dev/null
@@ -1,40 +0,0 @@
-# Created by: Janos.Mohacsi@bsd.hu
-
-PORTNAME=	doscan
-PORTVERSION=	0.3.3
-PORTREVISION=	1
-CATEGORIES=	security net
-MASTER_SITES=	http://static.enyo.de/fw/releases/doscan/
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Tool to quickly scan your network for machines listening on a TCP port
-
-LICENSE=	GPLv2+
-LICENSE_FILE=	${WRKSRC}/COPYING
-
-DEPRECATED=	Abandonware, last release in 2014. Please consider using security/masscan or sysutils/pnscan
-EXPIRATION_DATE=2022-03-31
-
-LIB_DEPENDS=	libpcre.so:devel/pcre
-
-GNU_CONFIGURE=	yes
-USES=		gmake
-USE_CXXSTD=	gnu++98
-
-PORTDOCS=	README
-PLIST_FILES=	bin/doscan man/man1/doscan.1.gz
-
-OPTIONS_DEFINE=	DOCS
-
-post-patch:
-	@${REINPLACE_CMD} -e 's|ony o|on yo|' \
-		${WRKSRC}/doc/doscan.1
-
-post-install:
-	@${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/${PORTNAME}
-
-post-install-DOCS-on:
-	@${MKDIR} ${STAGEDIR}${DOCSDIR}
-	${INSTALL_DATA} ${WRKSRC}/README ${STAGEDIR}${DOCSDIR}
-
-.include <bsd.port.mk>
diff --git a/security/doscan/distinfo b/security/doscan/distinfo
deleted file mode 100644
index 978ae49ad3ea..000000000000
--- a/security/doscan/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (doscan-0.3.3.tar.gz) = ae8f1f0669ff8cb168914dc5a855e4c132a272d82d4161d3b146af04e47a686f
-SIZE (doscan-0.3.3.tar.gz) = 133457
diff --git a/security/doscan/files/patch-Makefile.in b/security/doscan/files/patch-Makefile.in
deleted file mode 100644
index a16aafae27ce..000000000000
--- a/security/doscan/files/patch-Makefile.in
+++ /dev/null
@@ -1,17 +0,0 @@
---- Makefile.in.orig	2014-10-22 17:14:35 UTC
-+++ Makefile.in
-@@ -85,12 +85,12 @@ stamp-dir :
- 	echo timestamp > stamp-dir
- 
- src/%.o : $(srcdir)/src/%.cc
--	$(CXX) $(CFLAGS) $(PCRE_CFLAGS) $(INCLUDES) \
-+	$(CXX) $(CXXFLAGS) $(PCRE_CFLAGS) $(INCLUDES) \
- 		-MMD -MF $(patsubst %.o,%.d, $@) \
- 		-c -o $@ $<
- 
- src/%.o : src/%.cc
--	$(CXX) $(CFLAGS) $(PCRE_CFLAGS) $(INCLUDES) \
-+	$(CXX) $(CXXFLAGS) $(PCRE_CFLAGS) $(INCLUDES) \
- 		-MMD -MF $(patsubst %.o,%.d, $@) \
- 		-c -o $@ $<
- 
diff --git a/security/doscan/files/patch-src__proto_http_proxy.cc b/security/doscan/files/patch-src__proto_http_proxy.cc
deleted file mode 100644
index 2eaba60faedb..000000000000
--- a/security/doscan/files/patch-src__proto_http_proxy.cc
+++ /dev/null
@@ -1,10 +0,0 @@
---- src/proto_http_proxy.cc.orig	2014-10-22 20:12:56 UTC
-+++ src/proto_http_proxy.cc
-@@ -37,6 +37,7 @@
- #include <string>
- #include <sys/types.h>
- #include <sys/socket.h>
-+#include <time.h>
- 
- static bool proxy_start(subnets&);
- static void proxy_open(scan_host_t *);
diff --git a/security/doscan/pkg-descr b/security/doscan/pkg-descr
deleted file mode 100644
index 56ca74b100c1..000000000000
--- a/security/doscan/pkg-descr
+++ /dev/null
@@ -1,22 +0,0 @@
-Doscan is a tool to quickly scan your network for machines listening on a
-TCP port, opening thousands of TCP connections in parallel.
-Features
-      High scanning rate: five to ten minutes per 100,000 addresses (which
-are sparsely populated with hosts), with rather conservative timeouts.
-      Load distribution: doscan scans the addresses in a seemingly random
-order. If your scan host is connected to a central router, this ensures
-that the load is distributed across your network, and you are
-stress-testing just a single router, and not your edge devices.
-      Low memory consumption: memory usage is proportional to the number
-of hosts which have responded so far, and to the number of parallel
-connections. The total number of addresses does not influence memory usage
-in any way.
-      Can collect responses: doscan optionally records data which is sent
-by the hosts which are being scanned. You can even specify a regular
-expression to extract part of a server banner, and a message to send to
-trigger a response (great for determining HTTP server versions).
-      Extensibility: It is possible to add special handlers for TCP-based
-protocols, using a straightforward interface.
-      It supports scanning the vulnerable Microsoft DCOM implementation.
-
-WWW: https://www.enyo.de/fw/software/doscan/
diff --git a/security/find-zlib/Makefile b/security/find-zlib/Makefile
deleted file mode 100644
index 836e27c8ebd5..000000000000
--- a/security/find-zlib/Makefile
+++ /dev/null
@@ -1,34 +0,0 @@
-# Created by: trevor
-
-PORTNAME=	find_zlib
-PORTVERSION=	1.9
-CATEGORIES=	security
-MASTER_SITES=	http://zlib.net/
-DISTNAME=	find-zlib
-EXTRACT_SUFX=
-EXTRACT_ONLY=
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Scans files for statically linked zlib (libz) code
-
-DEPRECATED=	Deprecated, no longer relevant
-EXPIRATION_DATE=2022-03-31
-
-LICENSE=	GPLv2
-
-NO_BUILD=	none
-
-USES=		perl5 shebangfix
-USE_PERL5=	run
-
-PLIST_FILES=	bin/find-zlib
-SHEBANG_FILES=	find-zlib
-
-do-extract:
-	@${MKDIR} ${WRKSRC}
-	@${CP} ${DISTDIR}/${DISTNAME} ${WRKSRC}
-
-do-install:
-	${INSTALL_SCRIPT} ${WRKSRC}/${DISTNAME} ${STAGEDIR}${PREFIX}/bin
-
-.include <bsd.port.mk>
diff --git a/security/find-zlib/distinfo b/security/find-zlib/distinfo
deleted file mode 100644
index 9a9e4bad39f1..000000000000
--- a/security/find-zlib/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (find-zlib) = 2836e1d5a37858576539152e622ff6a69686bacdf27419786a643735bc06c418
-SIZE (find-zlib) = 6680
diff --git a/security/find-zlib/pkg-descr b/security/find-zlib/pkg-descr
deleted file mode 100644
index 65b59f40de9f..000000000000
--- a/security/find-zlib/pkg-descr
+++ /dev/null
@@ -1,5 +0,0 @@
-This is a script to scan files for statically linked zlib (libz)
-code.  Programs which contain such code may be affected by the
-double free() security bug.
-
-WWW: http://zlib.net/
diff --git a/security/govpn/Makefile b/security/govpn/Makefile
deleted file mode 100644
index 6945de2fd7b3..000000000000
--- a/security/govpn/Makefile
+++ /dev/null
@@ -1,33 +0,0 @@
-# Created by: Sergey Matveev <stargrave@stargrave.org>
-
-PORTNAME=	govpn
-DISTVERSION=	7.5
-PORTREVISION=	2
-CATEGORIES=	security net-vpn
-MASTER_SITES=	http://www.govpn.info/download/
-
-MAINTAINER=	stargrave@stargrave.org
-COMMENT=	Simple secure, DPI-resistant VPN daemon
-
-LICENSE=	GPLv3+
-LICENSE_FILE=	${WRKSRC}/COPYING
-
-BROKEN_aarch64=	fails to build: golang.org/x/sys/unix/cap_freebsd.go:18:23: undefined: CAP_RIGHTS_VERSION_00
-
-DEPRECATED=	Deprecated upstream, reference: http://www.govpn.info/
-EXPIRATION_DATE=2022-03-31
-
-USES=		go:no_targets tar:xz
-MAKEFILE=	BSDmakefile
-MAKE_ENV=	${GO_ENV}
-
-PORTDOCS=	AUTHORS INSTALL NEWS NEWS.RU README README.RU THANKS
-INFO=		govpn
-INSTALL_TARGET=	install-strip
-
-PLIST_FILES=	bin/govpn-server bin/govpn-client bin/govpn-verifier \
-		share/govpn/newclient.sh
-
-OPTIONS_DEFINE=	DOCS
-
-.include <bsd.port.mk>
diff --git a/security/govpn/distinfo b/security/govpn/distinfo
deleted file mode 100644
index 45d7097c34d3..000000000000
--- a/security/govpn/distinfo
+++ /dev/null
@@ -1,3 +0,0 @@
-TIMESTAMP = 1535482365
-SHA256 (govpn-7.5.tar.xz) = b0d303138a41083109b42576f52888ef17de3bc7a8016d062f43a34f795a8c80
-SIZE (govpn-7.5.tar.xz) = 690372
diff --git a/security/govpn/files/patch-common.mk b/security/govpn/files/patch-common.mk
deleted file mode 100644
index cbd661672b74..000000000000
--- a/security/govpn/files/patch-common.mk
+++ /dev/null
@@ -1,11 +0,0 @@
---- common.mk.orig	2018-08-28 18:46:05 UTC
-+++ common.mk
-@@ -3,7 +3,7 @@
- LDFLAGS = -X cypherpunks.ru/govpn.Version=$(VERSION)
- PREFIX ?= /usr/local
- BINDIR = $(DESTDIR)$(PREFIX)/bin
--INFODIR = $(DESTDIR)$(PREFIX)/info
-+INFODIR = $(DESTDIR)$(PREFIX)/share/info
- SHAREDIR = $(DESTDIR)$(PREFIX)/share/govpn
- DOCDIR = $(DESTDIR)$(PREFIX)/share/doc/govpn
- 
diff --git a/security/govpn/pkg-descr b/security/govpn/pkg-descr
deleted file mode 100644
index 098188353d7b..000000000000
--- a/security/govpn/pkg-descr
+++ /dev/null
@@ -1,14 +0,0 @@
-GoVPN is simple secure free software virtual private network daemon,
-aimed to be reviewable, secure, DPI/censorship-resistant, written on Go.
-
-It uses fast strong passphrase authenticated key agreement protocol with
-augmented zero-knowledge mutual peers authentication (PAKE DH A-EKE).
-Encrypted, authenticated data transport that hides message's length and
-timestamps. Optional encryptionless mode, that still preserves data
-confidentiality. Perfect forward secrecy property. Resistance to:
-offline dictionary attacks, replay attacks, client's passphrases
-compromising and dictionary attacks on the server side. Built-in
-heartbeating, rehandshaking, real-time statistics. Ability to work
-through UDP, TCP and HTTP proxies. IPv4/IPv6-compatibility.
-
-WWW: http://www.govpn.info/
diff --git a/security/gputty/Makefile b/security/gputty/Makefile
deleted file mode 100644
index de72d792f0ec..000000000000
--- a/security/gputty/Makefile
+++ /dev/null
@@ -1,29 +0,0 @@
-# Created by: Olivier Cochard-Labbe <olivier@FreeBSD.org>
-
-PORTNAME=	gputty
-PORTVERSION=	0.9.10
-CATEGORIES=	security
-MASTER_SITES=	http://www.defora.org/os/download/download/3381/
-
-MAINTAINER=	olivier@FreeBSD.org
-COMMENT=	Frontend to the SSH client, using the Gtk+ toolkit
-
-LICENSE=	GPLv3+
-LICENSE_FILE=	${WRKSRC}/COPYING
-
-BROKEN=		Unfetchable
-DEPRECATED=	Unfetchable, dead upstream
-EXPIRATION_DATE=2022-03-31
-
-LIB_DEPENDS=	libSystem.so:devel/deforaos-libsystem
-
-PLIST_FILES=	bin/gputty
-
-MAKE_ARGS=	PREFIX=${PREFIX}
-USES=		gnome pkgconfig
-USE_GNOME=	gtk20
-
-post-install:
-	@${STRIP_CMD} ${STAGEDIR}/${PREFIX}/bin/${PORTNAME}
-
-.include <bsd.port.mk>
diff --git a/security/gputty/distinfo b/security/gputty/distinfo
deleted file mode 100644
index 37386c1ded2a..000000000000
--- a/security/gputty/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (gputty-0.9.10.tar.gz) = 361252591e5db8d03c2332bf8fac9853068529dd63947d4d9c2859067f30c307
-SIZE (gputty-0.9.10.tar.gz) = 20272
diff --git a/security/gputty/pkg-descr b/security/gputty/pkg-descr
deleted file mode 100644
index d5380cb7a226..000000000000
--- a/security/gputty/pkg-descr
+++ /dev/null
@@ -1,3 +0,0 @@
-GPuTTY is a frontend to the SSH client, using the Gtk+ toolkit.
-
-WWW: https://www.defora.org/os/project/334/gputty
diff --git a/security/gringotts/Makefile b/security/gringotts/Makefile
deleted file mode 100644
index e6fb03592460..000000000000
--- a/security/gringotts/Makefile
+++ /dev/null
@@ -1,46 +0,0 @@
-# Created by: Anders Nordby <anders@FreeBSD.org>
-
-PORTNAME=	gringotts
-PORTVERSION=	1.2.10
-PORTREVISION=	5
-CATEGORIES=	security
-MASTER_SITES=	BERLIOS
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	GTK application to securely store sensitive data
-
-LICENSE=	GPLv2+
-LICENSE_FILE=	${WRKSRC}/COPYING
-
-DEPRECATED=	Abandonware, upstream dead and last release in 2009
-EXPIRATION_DATE=2022-03-31
-
-LIB_DEPENDS=	libpopt.so:devel/popt \
-		libgringotts.so:security/libgringotts \
-		libfontconfig.so:x11-fonts/fontconfig \
-		libfreetype.so:print/freetype2
-
-USES=		cpe gettext gnome localbase pkgconfig
-USE_GNOME=	cairo gdkpixbuf2 gtk20
-GNU_CONFIGURE=	yes
-
-OPTIONS_DEFINE=	DOCS
-
-post-patch:
-	@${REINPLACE_CMD} -e \
-		'/^install-data-am:/s|install-DsktpDATA|| ; \
-		 /^install-data-am:/s|install-docDATA|| ; \
-		 s|@md5sum|@md5|' ${WRKSRC}/Makefile.in
-	@${REINPLACE_CMD} -e \
-		'/^install-exec-am:/s|install-exec-local||' ${WRKSRC}/src/Makefile.in
-
-post-install:
-	${INSTALL_DATA} ${WRKSRC}/${PORTNAME}.desktop ${STAGEDIR}${PREFIX}/share/applications
-
-post-install-DOCS-on:
-	@${MKDIR} ${STAGEDIR}${DOCSDIR}
-.for file in AUTHORS BUGS ChangeLog FAQ NEWS README TODO
-	${INSTALL_DATA} ${WRKSRC}/${file} ${STAGEDIR}${DOCSDIR}
-.endfor
-
-.include <bsd.port.mk>
diff --git a/security/gringotts/distinfo b/security/gringotts/distinfo
deleted file mode 100644
index 9d126b29f272..000000000000
--- a/security/gringotts/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (gringotts-1.2.10.tar.gz) = 19784f68f76b211d076124c74d2f5ca5a156e4af7ed32d72a1ba45547782179d
-SIZE (gringotts-1.2.10.tar.gz) = 251963
diff --git a/security/gringotts/files/patch-src_grg__attachs.h b/security/gringotts/files/patch-src_grg__attachs.h
deleted file mode 100644
index e2091e595775..000000000000
--- a/security/gringotts/files/patch-src_grg__attachs.h
+++ /dev/null
@@ -1,11 +0,0 @@
---- src/grg_attachs.h.orig	2008-01-04 13:08:44 UTC
-+++ src/grg_attachs.h
-@@ -24,7 +24,7 @@
- 
- #include <gtk/gtk.h>
- 
--gint current_attach_ID;
-+extern gint current_attach_ID;
- 
- gint grg_attach_file (gchar * path, GtkWidget * parent);
- void grg_remove_attachment (void);
diff --git a/security/gringotts/files/patch-src_grg__entries.h b/security/gringotts/files/patch-src_grg__entries.h
deleted file mode 100644
index fa0b5b4b772a..000000000000
--- a/security/gringotts/files/patch-src_grg__entries.h
+++ /dev/null
@@ -1,11 +0,0 @@
---- src/grg_entries.h.orig	2008-01-04 13:08:43 UTC
-+++ src/grg_entries.h
-@@ -24,7 +24,7 @@
- 
- /* current element. */
- /* MUST BE USED ONLY BY grg_attachs.h !!!! */
--GList *current;
-+extern GList *current;
- 
- /* Appends a new entry to the list */
- void grg_entries_append (void);
diff --git a/security/gringotts/files/patch-src_grg__menus.c b/security/gringotts/files/patch-src_grg__menus.c
deleted file mode 100644
index 35f317c68c9a..000000000000
--- a/security/gringotts/files/patch-src_grg__menus.c
+++ /dev/null
@@ -1,15 +0,0 @@
---- src/grg_menus.c.orig	2008-01-04 13:08:44 UTC
-+++ src/grg_menus.c
-@@ -31,6 +31,12 @@
- 
- #include <gdk/gdkkeysyms.h>
- 
-+GtkWidget *bnew, *bopen, *bsave, *bsas, *brev, *bclose, *bquit;
-+GtkWidget *badd, *brem, *bcut, *bcop, *bpaste, *bfind, *bfinda, *bpwd, *bpref;
-+GtkWidget *bmfirst, *bmback, *bmfor, *bmlast, *bmind;
-+GtkWidget *bwipe;
-+GtkWidget *babo;
-+
- #define NEW_MENU_ITEM(var, text, cb, data, parent, img, key, mod) \
- 	var = gtk_image_menu_item_new_with_mnemonic(text); \
- 	gtk_menu_shell_append (GTK_MENU_SHELL (parent), var); \
diff --git a/security/gringotts/files/patch-src_grg__menus.h b/security/gringotts/files/patch-src_grg__menus.h
deleted file mode 100644
index 2b152325c4c9..000000000000
--- a/security/gringotts/files/patch-src_grg__menus.h
+++ /dev/null
@@ -1,27 +0,0 @@
---- src/grg_menus.h.orig	2008-01-04 13:08:44 UTC
-+++ src/grg_menus.h
-@@ -25,19 +25,19 @@
- #include <gtk/gtk.h>
- 
- /* menu File */
--GtkWidget *bnew, *bopen, *bsave, *bsas, *brev, *bclose, *bquit;
-+extern GtkWidget *bnew, *bopen, *bsave, *bsas, *brev, *bclose, *bquit;
- 
- /* menu Edit */
--GtkWidget *badd, *brem, *bcut, *bcop, *bpaste, *bfind, *bfinda, *bpwd, *bpref;
-+extern GtkWidget *badd, *brem, *bcut, *bcop, *bpaste, *bfind, *bfinda, *bpwd, *bpref;
- 
- /* menu Navigation */
--GtkWidget *bmfirst, *bmback, *bmfor, *bmlast, *bmind;
-+extern GtkWidget *bmfirst, *bmback, *bmfor, *bmlast, *bmind;
- 
- /* menu Tools */
--GtkWidget *bwipe;
-+extern GtkWidget *bwipe;
- 
- /* menu Help */
--GtkWidget *babo;
-+extern GtkWidget *babo;
- 
- /*Makes a menubar, within a handlebox, and returns the GtkWidget */
- GtkWidget *grg_menu_create (GtkWidget * window);
diff --git a/security/gringotts/files/patch-src_grg__pix.h b/security/gringotts/files/patch-src_grg__pix.h
deleted file mode 100644
index a6ff64b0580f..000000000000
--- a/security/gringotts/files/patch-src_grg__pix.h
+++ /dev/null
@@ -1,23 +0,0 @@
---- src/grg_pix.h.orig	2008-01-04 13:08:43 UTC
-+++ src/grg_pix.h
-@@ -22,13 +22,13 @@
- #ifndef GRG_PIX_H
- #define GRG_PIX_H
- 
--const char *red_xpm[58];
--const char *yellow_xpm[58];
--const char *green_xpm[58];
--const char *optimal_xpm[94];
-+extern const char *red_xpm[58];
-+extern const char *yellow_xpm[58];
-+extern const char *green_xpm[58];
-+extern const char *optimal_xpm[94];
- 
--const char *splash_xpm[180];
-+extern const char *splash_xpm[180];
- 
--const char *wait_xpm[82];
--const char *clip_xpm[17];
-+extern const char *wait_xpm[82];
-+extern const char *clip_xpm[17];
- #endif
diff --git a/security/gringotts/files/patch-src_grg__prefs.h b/security/gringotts/files/patch-src_grg__prefs.h
deleted file mode 100644
index 7a1f5c9f3487..000000000000
--- a/security/gringotts/files/patch-src_grg__prefs.h
+++ /dev/null
@@ -1,27 +0,0 @@
---- src/grg_prefs.h.orig	2008-09-01 16:06:36 UTC
-+++ src/grg_prefs.h
-@@ -24,15 +24,15 @@
- 
- #include <gtk/gtk.h>
- 
--gboolean grg_prefs_warn4overwrite;
--gboolean grg_prefs_bak_files;
--gboolean grg_prefs_splash;
--gboolean grg_prefs_tray;
--gboolean grg_prefs_clip_clear_on_close;
--gboolean grg_prefs_clip_clear_on_quit;
--gint grg_prefs_xpire;
--gint grg_prefs_wipe_passes;
--gint grg_prefs_mainwin_width, grg_prefs_mainwin_height;
-+extern gboolean grg_prefs_warn4overwrite;
-+extern gboolean grg_prefs_bak_files;
-+extern gboolean grg_prefs_splash;
-+extern gboolean grg_prefs_tray;
-+extern gboolean grg_prefs_clip_clear_on_close;
-+extern gboolean grg_prefs_clip_clear_on_quit;
-+extern gint grg_prefs_xpire;
-+extern gint grg_prefs_wipe_passes;
-+extern gint grg_prefs_mainwin_width, grg_prefs_mainwin_height;
- 
- gchar *get_pref_file (void);
- void set_pref_file (const gchar * newval);
diff --git a/security/gringotts/files/patch-src_grg__recent__dox.h b/security/gringotts/files/patch-src_grg__recent__dox.h
deleted file mode 100644
index 9c95f9662dd7..000000000000
--- a/security/gringotts/files/patch-src_grg__recent__dox.h
+++ /dev/null
@@ -1,11 +0,0 @@
---- src/grg_recent_dox.h.orig	2008-01-04 13:08:43 UTC
-+++ src/grg_recent_dox.h
-@@ -24,7 +24,7 @@
- 
- #define GRG_RECENT_LIMIT 	6
- 
--GSList *grg_recent_dox;
-+extern GSList *grg_recent_dox;
- 
- void grg_recent_dox_init (void);
- void grg_recent_dox_deinit (void);
diff --git a/security/gringotts/files/patch-src_grg__safe.c b/security/gringotts/files/patch-src_grg__safe.c
deleted file mode 100644
index ed9ad6323df1..000000000000
--- a/security/gringotts/files/patch-src_grg__safe.c
+++ /dev/null
@@ -1,37 +0,0 @@
---- src/grg_safe.c.orig	2008-01-04 13:08:43 UTC
-+++ src/grg_safe.c
-@@ -33,6 +33,7 @@
- 
- #include <stdlib.h>
- #include <string.h>
-+#include <sys/types.h>
- #include <errno.h>
- #include <regex.h>
- #include <unistd.h>
-@@ -44,7 +45,6 @@
- #include <sys/fsuid.h>
- #endif
- #include <sys/time.h>
--#include <sys/types.h>
- #include <sys/resource.h>
- #ifdef linux
- #include <sys/utsname.h>
-@@ -96,9 +96,6 @@ gboolean
- grg_mlockall_and_drop_root_privileges(void)
- {
-     /* drop eventual group root privileges */
--    setgid(getgid());
--    setgid(getgid());		/* twice for counter "saved IDs", cfr. */
--				/* Secure Programming HowTo */
- #ifdef HAVE_SYS_FSUID_H
-     setfsgid(getgid());
-     setfsgid(getgid());
-@@ -148,8 +145,6 @@ grg_mlockall_and_drop_root_privileges(vo
- #endif
- 
- 	/* drop root privileges */
--	setuid(getuid());
--	setuid(getuid());
- #ifdef HAVE_SYS_FSUID_H
- 	setfsuid(getuid());
- 	setfsuid(getuid());
diff --git a/security/gringotts/files/patch-src_grg__widgets.h b/security/gringotts/files/patch-src_grg__widgets.h
deleted file mode 100644
index e3e36cf56bdd..000000000000
--- a/security/gringotts/files/patch-src_grg__widgets.h
+++ /dev/null
@@ -1,11 +0,0 @@
---- src/grg_widgets.h.orig	2008-01-04 13:08:43 UTC
-+++ src/grg_widgets.h
-@@ -25,7 +25,7 @@
- #include "grg_defs.h"
- #include <gtk/gtk.h>
- 
--gboolean mapIsUTF;
-+extern gboolean mapIsUTF;
- 
- /* Shows and manages a dialog that asks for a string. */
- gchar *grg_input_dialog (gchar * title, gchar * qtext, gchar * preset,
diff --git a/security/gringotts/files/patch-src_gringotts.h b/security/gringotts/files/patch-src_gringotts.h
deleted file mode 100644
index 79bdd3d53a80..000000000000
--- a/security/gringotts/files/patch-src_gringotts.h
+++ /dev/null
@@ -1,16 +0,0 @@
---- src/gringotts.h.orig	2008-09-01 16:20:06 UTC
-+++ src/gringotts.h
-@@ -24,10 +24,10 @@
- 
- #include "grg_defs.h"
- 
--GList *garbage;
-+extern GList *garbage;
- 
--GRG_CTX gctx;
--glong pwdbirth;
-+extern GRG_CTX gctx;
-+extern glong pwdbirth;
- 
- 	/*callbacks for menu items */
- 
diff --git a/security/gringotts/pkg-descr b/security/gringotts/pkg-descr
deleted file mode 100644
index 2fa298ff1035..000000000000
--- a/security/gringotts/pkg-descr
+++ /dev/null
@@ -1,20 +0,0 @@
-Gringotts is an application to store sensitive data like passwords, pincodes,
-credit card numbers, etc. Features:
-
-* Fast, light GTK2 interface.
-* Good integration with GNOME, as well as all the other window managers.
-* High stress on safety & security.
-* Not only "normal" string passwords can be used, but any file can be the
-password to your data.
-* 8 encryption algorythms are available through the mcrypt library:
-RIJNDAEL-128 (AES), RIJNDAEL-256, SERPENT, TWOFISH, CAST 256, SAFER+, LOKI97,
-3DES.
-* 2 160-bit hash algorythms, used to generate the key: SHA1, RIPEMD160.
-* 2 compression types, with 4 compression levels each: ZLib, BZip2.
-* Complete & easy management of entries' order.
-* Complete Search function.
-* Very intuitive usability, you won't need any manual.
-* It comes with a thread-safe C library, libGringotts, that can be used in any
-other project to save data in files in a simple and safe way.
-
-WWW: http://gringotts.berlios.de/
diff --git a/security/gringotts/pkg-plist b/security/gringotts/pkg-plist
deleted file mode 100644
index b7d0a62bc975..000000000000
--- a/security/gringotts/pkg-plist
+++ /dev/null
@@ -1,16 +0,0 @@
-bin/gringotts
-share/applications/gringotts.desktop
-%%PORTDOCS%%%%DOCSDIR%%/AUTHORS
-%%PORTDOCS%%%%DOCSDIR%%/BUGS
-%%PORTDOCS%%%%DOCSDIR%%/ChangeLog
-%%PORTDOCS%%%%DOCSDIR%%/FAQ
-%%PORTDOCS%%%%DOCSDIR%%/NEWS
-%%PORTDOCS%%%%DOCSDIR%%/README
-%%PORTDOCS%%%%DOCSDIR%%/TODO
-share/locale/de/LC_MESSAGES/gringotts.mo
-share/locale/fr/LC_MESSAGES/gringotts.mo
-share/locale/it/LC_MESSAGES/gringotts.mo
-share/locale/pl/LC_MESSAGES/gringotts.mo
-share/locale/ru/LC_MESSAGES/gringotts.mo
-share/pixmaps/gringotts.xpm
-share/pixmaps/gringotts-32.xpm
diff --git a/security/gwee/Makefile b/security/gwee/Makefile
deleted file mode 100644
index 855430c93ebd..000000000000
--- a/security/gwee/Makefile
+++ /dev/null
@@ -1,29 +0,0 @@
-# Created by: chinsan <chinsan@mail2000.com.tw>
-
-PORTNAME=	gwee
-PORTVERSION=	1.36
-CATEGORIES=	security www
-MASTER_SITES=	PACKETSTORM/UNIX/utilities
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Tool to exploit command execution vulnerabilities in web scripts
-
-DEPRECATED=	Abandonware, last release 15+ years ago and dead upstream
-EXPIRATION_DATE=2022-03-31
-
-USES=		perl5 python ssl
-
-LDFLAGS+=	-L${OPENSSLLIB} -lssl -lcrypto
-CFLAGS+=	-I${OPENSSLINC} -DWITH_SSL
-
-PLIST_FILES=	bin/gwee man/man1/gwee.1.gz
-
-do-build:
-	${CC} ${CFLAGS} ${LDFLAGS} ${WRKSRC}/${PORTNAME}.c \
-		-o ${WRKSRC}/${PORTNAME}
-
-do-install:
-	${INSTALL_PROGRAM} ${WRKSRC}/${PORTNAME} ${STAGEDIR}${PREFIX}/bin
-	${INSTALL_MAN} ${WRKSRC}/${PORTNAME}.1 ${STAGEDIR}${MANPREFIX}/man/man1
-
-.include <bsd.port.mk>
diff --git a/security/gwee/distinfo b/security/gwee/distinfo
deleted file mode 100644
index 31be23f76377..000000000000
--- a/security/gwee/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (gwee-1.36.tar.gz) = 5b057dc779cbc8e9e663251dac2448b253002f74a9570a2e50b915bf2bed149b
-SIZE (gwee-1.36.tar.gz) = 313562
diff --git a/security/gwee/files/patch-gwee.c b/security/gwee/files/patch-gwee.c
deleted file mode 100644
index 3fc6641f7fcf..000000000000
--- a/security/gwee/files/patch-gwee.c
+++ /dev/null
@@ -1,14 +0,0 @@
---- gwee.c.orig	Thu Jul  5 10:41:27 2007
-+++ gwee.c	Thu Jul  5 10:41:48 2007
-@@ -2767,8 +2767,8 @@
-             #endif
-             return 1;
-         }
--        (uint32_t)binary_ip = ((uint32_t *)he->h_addr_list[0])[0];
--        (uint32_t)xored_ip = ((uint32_t *)he->h_addr_list[0])[0] ^ XOR;
-+        binary_ip = ((uint32_t *)he->h_addr_list[0])[0];
-+        xored_ip = ((uint32_t *)he->h_addr_list[0])[0] ^ XOR;
- 
-         /* save ip in ascii dot notation form */
-         snprintf(ascii_ip, sizeof(ascii_ip), "%u.%u.%u.%u",
-
diff --git a/security/gwee/pkg-descr b/security/gwee/pkg-descr
deleted file mode 100644
index 0cbdd0fac758..000000000000
--- a/security/gwee/pkg-descr
+++ /dev/null
@@ -1,3 +0,0 @@
-gwee (Generic Web Exploitation Engine) is a small program written in C designed
-to exploit input validation vulnerabilities in web scripts, such as Perl CGIs,
-PHP, etc.
diff --git a/security/hackbot/Makefile b/security/hackbot/Makefile
deleted file mode 100644
index cdd63c135a4b..000000000000
--- a/security/hackbot/Makefile
+++ /dev/null
@@ -1,32 +0,0 @@
-# Created by: mich@freebsdcluster.org
-
-PORTNAME=	hackbot
-PORTVERSION=	2.21
-CATEGORIES=	security
-MASTER_SITES=	http://freebsdcluster.org/~mich/software/ \
-		http://hackbot.stream-portal.org/
-
-MAINTAINER=	mich@FreeBSD.org
-COMMENT=	Host exploration tool and bannergrabber
-
-DEPRECATED=	Abandonware, last release in 2003. Please consider using security/nmap or security/rustscan
-EXPIRATION_DATE=2022-03-31
-
-USES=		perl5 shebangfix tar:tgz
-NO_BUILD=	yes
-WRKSRC=		${WRKDIR}/${PORTNAME}
-
-SHEBANG_FILES=	hackbot.pl
-
-pre-patch:
-	@${REINPLACE_CMD} -e 's|/usr/local/etc|${DATADIR}|' ${WRKSRC}/hackbot.pl
-
-do-install:
-	@${MKDIR} ${STAGEDIR}${DATADIR}
-	${INSTALL_DATA} ${WRKSRC}/google.db ${STAGEDIR}${DATADIR}
-	${INSTALL_DATA} ${WRKSRC}/fingerprint.db ${STAGEDIR}${DATADIR}
-	${INSTALL_DATA} ${WRKSRC}/cgi.db ${STAGEDIR}${DATADIR}
-	${INSTALL_SCRIPT} ${WRKSRC}/hackbot.pl ${STAGEDIR}${PREFIX}/bin
-	${INSTALL_MAN} ${WRKSRC}/hackbot.1.gz ${STAGEDIR}${MANPREFIX}/man/man1
-
-.include <bsd.port.mk>
diff --git a/security/hackbot/distinfo b/security/hackbot/distinfo
deleted file mode 100644
index 0870d70bdbb9..000000000000
--- a/security/hackbot/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (hackbot-2.21.tgz) = 6e02864a2d4607c4018203e1b194937963931c1110839442c34f41bf1a20afdf
-SIZE (hackbot-2.21.tgz) = 42688
diff --git a/security/hackbot/pkg-descr b/security/hackbot/pkg-descr
deleted file mode 100644
index d8eb04734773..000000000000
--- a/security/hackbot/pkg-descr
+++ /dev/null
@@ -1,4 +0,0 @@
-Hackbot is a host exploration tool and bannergrabber. It scans numerous
-services and vulnerabilities.
-
-WWW: http://hackbot.stream-portal.org/
diff --git a/security/hackbot/pkg-plist b/security/hackbot/pkg-plist
deleted file mode 100644
index 1253b0a4dc84..000000000000
--- a/security/hackbot/pkg-plist
+++ /dev/null
@@ -1,5 +0,0 @@
-bin/hackbot.pl
-man/man1/hackbot.1.gz
-%%DATADIR%%/google.db
-%%DATADIR%%/fingerprint.db
-%%DATADIR%%/cgi.db
diff --git a/security/hlfl/Makefile b/security/hlfl/Makefile
deleted file mode 100644
index a47b2afc89cb..000000000000
--- a/security/hlfl/Makefile
+++ /dev/null
@@ -1,35 +0,0 @@
-# Created by: Arnaud Launay <alaunay@hlfl.org>
-
-PORTNAME=	hlfl
-PORTVERSION=	0.60.1
-PORTREVISION=	1
-CATEGORIES=	security
-MASTER_SITES=	ftp://ftp.cusae.com/pub/hlfl/
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	High Level Firewall Language
-
-LICENSE=	GPLv2+
-LICENSE_FILE=	${WRKSRC}/COPYING
-
-DEPRECATED=	Abandonware, last release in 2003
-EXPIRATION_DATE=2022-03-31
-
-GNU_CONFIGURE=	yes
-
-PORTDOCS=	services.hlfl sample_1.hlfl sample_2.hlfl test.hlfl syntax.txt
-PLIST_FILES=	bin/${PORTNAME} man/man1/${PORTNAME}.1.gz
-
-OPTIONS_DEFINE=	DOCS
-
-do-install:
-	${INSTALL_PROGRAM} ${WRKSRC}/src/hlfl ${STAGEDIR}${PREFIX}/bin
-	${INSTALL_MAN} ${WRKSRC}/doc/${PORTNAME}.1 ${STAGEDIR}${MANPREFIX}/man/man1
-
-do-install-DOCS-on:
-	@${MKDIR} ${STAGEDIR}${DOCSDIR}
-.for i in ${PORTDOCS}
-	${INSTALL_DATA} ${WRKSRC}/doc/${i} ${STAGEDIR}${DOCSDIR}
-.endfor
-
-.include <bsd.port.mk>
diff --git a/security/hlfl/distinfo b/security/hlfl/distinfo
deleted file mode 100644
index 4ff33aaa1b1e..000000000000
--- a/security/hlfl/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (hlfl-0.60.1.tar.gz) = 5572b42ae5d13fe15b230ff23541c031f4b4ddb5e0082ff772a85e94a5046549
-SIZE (hlfl-0.60.1.tar.gz) = 104913
diff --git a/security/hlfl/pkg-descr b/security/hlfl/pkg-descr
deleted file mode 100644
index bfe49b39508a..000000000000
--- a/security/hlfl/pkg-descr
+++ /dev/null
@@ -1,10 +0,0 @@
-hlfl stands for "High Level Firewall Language". It permits writing
-firewalling rules using a high level language, and transforms them into
-rules for real software, like ipfilter, ipchains or cisco rules.
-
-You could make contact with the developers by subscribing to
-<hlfl@hlfl.org>. There is also an announce ML at <hlfl-announce@hlfl.org>.
-These lists are managed by majordomo (write to <majordomo@hlfl.org> with
-"help" in the body of your mail).
-
-WWW: https://www.cusae.com/hlfl/
diff --git a/security/ike/Makefile b/security/ike/Makefile
deleted file mode 100644
index 8ca8c07eae19..000000000000
--- a/security/ike/Makefile
+++ /dev/null
@@ -1,58 +0,0 @@
-# Created by: mgrooms@shrew.net
-
-PORTNAME=	ike
-PORTVERSION=	2.2.1
-PORTREVISION=	3
-CATEGORIES=	security net
-MASTER_SITES=	https://www.shrew.net/download/ike/
-DISTNAME=	${PORTNAME}-${PORTVERSION}-release
-
-MAINTAINER=	mgrooms@shrew.net
-COMMENT=	Shrew Soft IKE daemon and client tools
-
-DEPRECATED=	Abandonware, last release in 2013 and IKEv1 is considered to be insecure
-EXPIRATION_DATE=2022-03-31
-
-ONLY_FOR_ARCHS=	amd64 i386 powerpc powerpc64 powerpc64le
-
-USE_RC_SUBR=	iked
-USES=		bison cmake:insource libedit localbase:ldflags tar:tbz2 ssl
-USE_LDCONFIG=	yes
-WRKSRC=		${WRKDIR}/${PORTNAME}
-
-CMAKE_ARGS=	-DETCDIR:PATH="${PREFIX}/etc" \
-		-DBINDIR:PATH="${PREFIX}/bin" \
-		-DSBINDIR:PATH="${PREFIX}/sbin" \
-		-DLIBDIR:PATH="${PREFIX}/lib" \
-		-DMANDIR:PATH="${PREFIX}/man"
-
-OPTIONS_DEFINE=	NATT LDAP DEBUG
-OPTIONS_SUB=	yes
-
-NATT_DESC=	Enable NAT-Traversal
-LDAP_DESC=	Enable LDAP XAuth daemon support
-
-DEBUG_CMAKE_ON=	-DDEBUG=YES
-
-LDAP_USE=	OPENLDAP=yes
-LDAP_CMAKE_ON=	-DLDAP=YES
-NATT_CMAKE_ON=	-DNATT=YES
-
-post-install:
-	@if ! ${SYSCTL} -a | ${GREP} -q ipsec; then \
-	${ECHO_MSG} "===> -------------------------------------------------------------------------"; \
-	${ECHO_MSG} "===> WARNING: You need IPsec support in your kernel, please see:"; \
-	${ECHO_MSG} "===>   http://www.freebsd.org/doc/en/books/handbook/ipsec.html"; \
-	${ECHO_MSG} "===> -------------------------------------------------------------------------"; \
-	fi ;
-
-post-install-NATT-on:
-	@${ECHO_MSG} "===> -------------------------------------------------------------------------"
-	@${ECHO_MSG} "===> WARNING: To use NAT Traversal ( NAT-T ) support, please be sure to"
-	@${ECHO_MSG} "===> include the following line in your kernel config file."
-	@${ECHO_MSG} "===>   options IPSEC_NAT_T"
-	@${ECHO_MSG} "===> -------------------------------------------------------------------------"
-
-.include <bsd.port.mk>
-
-PATCH_ARGS+=	-l
diff --git a/security/ike/distinfo b/security/ike/distinfo
deleted file mode 100644
index 97a9c69f94da..000000000000
--- a/security/ike/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (ike-2.2.1-release.tbz2) = 05c72f1ef1547818f5af367afa3f116f4b511a4a19ce723a22f8357a98ab7b57
-SIZE (ike-2.2.1-release.tbz2) = 670872
diff --git a/security/ike/files/iked.in b/security/ike/files/iked.in
deleted file mode 100644
index 73d8f38cb025..000000000000
--- a/security/ike/files/iked.in
+++ /dev/null
@@ -1,29 +0,0 @@
-#!/bin/sh
-#
-# rc.d script for iked
-#
-# $Id$
-
-# PROVIDE: iked
-# REQUIRE: DAEMON
-# BEFORE: LOGIN
-# KEYWORD: shutdown
-#
-# Add the following line to /etc/rc.conf to enable iked:
-#
-#  #required
-#  iked_enable="YES"
-#
-
-. "/etc/rc.subr"
-
-# defaults
-iked_enable=${iked_enable:-"NO"}
-
-name=iked
-rcvar=iked_enable
-load_rc_config $name
-command=/usr/local/sbin/iked
-command_args="-p /var/run/iked.pid > /dev/null"
-
-run_rc_command "$1"
diff --git a/security/ike/files/patch-source-iked-conf.parse.yy b/security/ike/files/patch-source-iked-conf.parse.yy
deleted file mode 100644
index 4a8241a41221..000000000000
--- a/security/ike/files/patch-source-iked-conf.parse.yy
+++ /dev/null
@@ -1,20 +0,0 @@
---- source/iked/conf.parse.yy.orig	2013-04-03 07:10:43 UTC
-+++ source/iked/conf.parse.yy
-@@ -41,7 +41,7 @@
- 
- %skeleton "lalr1.cc"
- %defines
--%define "parser_class_name" "conf_parser"
-+%define api.parser.class {conf_parser}
- 
- %{
- 
-@@ -56,7 +56,7 @@
- %lex-param   { IKED & iked }
- %locations
- %debug
--%error-verbose
-+%define parse.error verbose
- 
- // Symbols.
- %union
diff --git a/security/ike/files/patch-source_iked_crypto.cpp b/security/ike/files/patch-source_iked_crypto.cpp
deleted file mode 100644
index a00d955e6af1..000000000000
--- a/security/ike/files/patch-source_iked_crypto.cpp
+++ /dev/null
@@ -1,100 +0,0 @@
---- source/iked/crypto.cpp.orig	2012-12-11 06:56:33 UTC
-+++ source/iked/crypto.cpp
-@@ -376,10 +376,6 @@ bool dh_init( long group, DH ** dh_data, long * dh_siz
- 	if( dh == NULL )
- 		return false;
- 
--	dh->p = NULL;
--	dh->g = NULL;
--	dh->length = 0;
--
- 	//
- 	// set p ( prime ) value
- 	//
-@@ -387,49 +383,50 @@ bool dh_init( long group, DH ** dh_data, long * dh_siz
- 	unsigned char * p_data = NULL;
- 	size_t			p_size = 0;
- 
--	dh->p = BN_new();
--	if( dh->p == NULL )
-+	BIGNUM *p = BN_new();
-+	BIGNUM *g = BN_new();
-+	if( p == NULL || g == NULL )
- 		goto dh_failed;
- 
- 	switch( group )
- 	{
- 		case 1:
--			if( !BN_bin2bn( group1, sizeof( group1 ), dh->p ) )
-+			if( !BN_bin2bn( group1, sizeof( group1 ), p ) )
- 				goto dh_failed;
- 			break;
- 
- 		case 2:
--			if( !BN_bin2bn( group2, sizeof( group2 ), dh->p ) )
-+			if( !BN_bin2bn( group2, sizeof( group2 ), p ) )
- 				goto dh_failed;
- 			break;
- 
- 		case 5:
--			if( !BN_bin2bn( group5, sizeof( group5 ), dh->p ) )
-+			if( !BN_bin2bn( group5, sizeof( group5 ), p ) )
- 				goto dh_failed;
- 			break;
- 
- 		case 14:
--			if( !BN_bin2bn( group14, sizeof( group14 ), dh->p ) )
-+			if( !BN_bin2bn( group14, sizeof( group14 ), p ) )
- 				goto dh_failed;
- 			break;
- 
- 		case 15:
--			if( !BN_bin2bn( group15, sizeof( group15 ), dh->p ) )
-+			if( !BN_bin2bn( group15, sizeof( group15 ), p ) )
- 				goto dh_failed;
- 			break;
- 
- 		case 16:
--			if( !BN_bin2bn( group16, sizeof( group16 ), dh->p ) )
-+			if( !BN_bin2bn( group16, sizeof( group16 ), p ) )
- 				goto dh_failed;
- 			break;
- 
- 		case 17:
--			if( !BN_bin2bn( group17, sizeof( group17 ), dh->p ) )
-+			if( !BN_bin2bn( group17, sizeof( group17 ), p ) )
- 				goto dh_failed;
- 			break;
- 
- 		case 18:
--			if( !BN_bin2bn( group18, sizeof( group18 ), dh->p ) )
-+			if( !BN_bin2bn( group18, sizeof( group18 ), p ) )
- 				goto dh_failed;
- 			break;
- 
-@@ -441,13 +438,11 @@ bool dh_init( long group, DH ** dh_data, long * dh_siz
- 	// set g ( generator ) value
- 	//
- 
--	dh->g = BN_new();
--	if( dh->g == NULL )
-+	if( !BN_set_word( g, 2 ) )
- 		goto dh_failed;
- 
--	if( !BN_set_word( dh->g, 2 ) )
--		goto dh_failed;
--
-+	DH_set0_pqg(dh, p, NULL, g);
-+
- 	//
- 	// generate private and public DH values
- 	//
-@@ -456,7 +451,7 @@ bool dh_init( long group, DH ** dh_data, long * dh_siz
- 		goto dh_failed;
- 
- 	*dh_data = dh;
--	*dh_size = BN_num_bytes( dh->p );
-+	*dh_size = BN_num_bytes( DH_get0_p( dh ) );
- 
- 	return true;
- 
diff --git a/security/ike/files/patch-source_iked_ike.cpp b/security/ike/files/patch-source_iked_ike.cpp
deleted file mode 100644
index 242b2aa89de3..000000000000
--- a/security/ike/files/patch-source_iked_ike.cpp
+++ /dev/null
@@ -1,90 +0,0 @@
---- source/iked/ike.cpp.orig	2009-02-12 02:35:43 UTC
-+++ source/iked/ike.cpp
-@@ -391,11 +391,11 @@ long _IKED::packet_ike_decrypt( IDB_PH1 * sa, PACKET_I
- 	// init cipher key and iv
- 	//
- 
--	EVP_CIPHER_CTX ctx_cipher;
--	EVP_CIPHER_CTX_init( &ctx_cipher );
-+	EVP_CIPHER_CTX *ctx_cipher;
-+	ctx_cipher = EVP_CIPHER_CTX_new();
- 
- 	EVP_CipherInit_ex(
--		&ctx_cipher,
-+		ctx_cipher,
- 		sa->evp_cipher,
- 		NULL,
- 		NULL,
-@@ -403,11 +403,11 @@ long _IKED::packet_ike_decrypt( IDB_PH1 * sa, PACKET_I
- 		0 );
- 
- 	EVP_CIPHER_CTX_set_key_length(
--		&ctx_cipher,
-+		ctx_cipher,
- 		( int ) sa->key.size() );
- 
- 	EVP_CipherInit_ex(
--		&ctx_cipher,
-+		ctx_cipher,
- 		NULL,
- 		NULL,
- 		sa->key.buff(),
-@@ -419,12 +419,12 @@ long _IKED::packet_ike_decrypt( IDB_PH1 * sa, PACKET_I
- 	//
- 
- 	EVP_Cipher(
--		&ctx_cipher,
-+		ctx_cipher,
- 		data + sizeof( IKE_HEADER ),
- 		data + sizeof( IKE_HEADER ),
- 		( int ) size - sizeof( IKE_HEADER ) );
- 
--	EVP_CIPHER_CTX_cleanup( &ctx_cipher );
-+	EVP_CIPHER_CTX_free( ctx_cipher );
- 
- 	log.bin(
- 		LLOG_DEBUG,
-@@ -595,11 +595,11 @@ long _IKED::packet_ike_encrypt( IDB_PH1 * sa, PACKET_I
- 	// encrypt all but header
- 	//
- 
--	EVP_CIPHER_CTX ctx_cipher;
--	EVP_CIPHER_CTX_init( &ctx_cipher );
-+	EVP_CIPHER_CTX *ctx_cipher;
-+	ctx_cipher = EVP_CIPHER_CTX_new();
- 
- 	EVP_CipherInit_ex(
--		&ctx_cipher,
-+		ctx_cipher,
- 		sa->evp_cipher,
- 		NULL,
- 		NULL,
-@@ -607,11 +607,11 @@ long _IKED::packet_ike_encrypt( IDB_PH1 * sa, PACKET_I
- 		1 );
- 
- 	EVP_CIPHER_CTX_set_key_length(
--		&ctx_cipher,
-+		ctx_cipher,
- 		( int ) sa->key.size() );
- 
- 	EVP_CipherInit_ex(
--		&ctx_cipher,
-+		ctx_cipher,
- 		NULL,
- 		NULL,
- 		sa->key.buff(),
-@@ -619,12 +619,12 @@ long _IKED::packet_ike_encrypt( IDB_PH1 * sa, PACKET_I
- 		1 );
- 
- 	EVP_Cipher(
--		&ctx_cipher,
-+		ctx_cipher,
- 		data + sizeof( IKE_HEADER ),
- 		data + sizeof( IKE_HEADER ),
- 		( int ) size - sizeof( IKE_HEADER ) );
- 
--	EVP_CIPHER_CTX_cleanup( &ctx_cipher );
-+	EVP_CIPHER_CTX_free( ctx_cipher );
- 
- 	//
- 	// store cipher iv data
diff --git a/security/ike/files/patch-source_iked_ike.exch.config.cpp b/security/ike/files/patch-source_iked_ike.exch.config.cpp
deleted file mode 100644
index 1d40f14fc080..000000000000
--- a/security/ike/files/patch-source_iked_ike.exch.config.cpp
+++ /dev/null
@@ -1,48 +0,0 @@
---- source/iked/ike.exch.config.cpp.orig	2013-04-07 16:28:06 UTC
-+++ source/iked/ike.exch.config.cpp
-@@ -2481,15 +2481,15 @@ long _IKED::config_chk_hash( IDB_PH1 * ph1, IDB_CFG * 
- 	BDATA hash_c;
- 	hash_c.size( ph1->hash_size );
- 
--	HMAC_CTX ctx_prf;
--	HMAC_CTX_init( &ctx_prf );
-+	HMAC_CTX *ctx_prf;
-+	ctx_prf = HMAC_CTX_new();
- 
--	HMAC_Init_ex( &ctx_prf, ph1->skeyid_a.buff(), ( int ) ph1->skeyid_a.size(), ph1->evp_hash, NULL );
--	HMAC_Update( &ctx_prf, ( unsigned char * ) &msgid, 4 );
--	HMAC_Update( &ctx_prf, cfg->hda.buff(), cfg->hda.size() );
--	HMAC_Final( &ctx_prf, hash_c.buff(), NULL );
-+	HMAC_Init_ex( ctx_prf, ph1->skeyid_a.buff(), ( int ) ph1->skeyid_a.size(), ph1->evp_hash, NULL );
-+	HMAC_Update( ctx_prf, ( unsigned char * ) &msgid, 4 );
-+	HMAC_Update( ctx_prf, cfg->hda.buff(), cfg->hda.size() );
-+	HMAC_Final( ctx_prf, hash_c.buff(), NULL );
- 
--	HMAC_CTX_cleanup( &ctx_prf );
-+	HMAC_CTX_free( ctx_prf );
- 
- 	log.bin(
- 		LLOG_DEBUG,
-@@ -2543,15 +2543,15 @@ long _IKED::config_message_send( IDB_PH1 * ph1, IDB_CF
- 	// create message authentication hash
- 	//
- 
--	HMAC_CTX ctx_prf;
--	HMAC_CTX_init( &ctx_prf );
-+	HMAC_CTX *ctx_prf;
-+	ctx_prf = HMAC_CTX_new();
- 
--	HMAC_Init_ex( &ctx_prf, ph1->skeyid_a.buff(), ( int ) ph1->skeyid_a.size(), ph1->evp_hash, NULL );
--	HMAC_Update( &ctx_prf, ( unsigned char * ) &cfg->msgid, sizeof( cfg->msgid ) );
--	HMAC_Update( &ctx_prf, packet.buff() + beg, end - beg );
--	HMAC_Final( &ctx_prf, hash.buff(), 0 );
-+	HMAC_Init_ex( ctx_prf, ph1->skeyid_a.buff(), ( int ) ph1->skeyid_a.size(), ph1->evp_hash, NULL );
-+	HMAC_Update( ctx_prf, ( unsigned char * ) &cfg->msgid, sizeof( cfg->msgid ) );
-+	HMAC_Update( ctx_prf, packet.buff() + beg, end - beg );
-+	HMAC_Final( ctx_prf, hash.buff(), 0 );
- 
--	HMAC_CTX_cleanup( &ctx_prf );
-+	HMAC_CTX_free( ctx_prf );
- 
- 	memcpy( packet.buff() + off + 4, hash.buff(), hash.size() );
- 
diff --git a/security/ike/files/patch-source_iked_ike.exch.inform.cpp b/security/ike/files/patch-source_iked_ike.exch.inform.cpp
deleted file mode 100644
index 694e2e9c5474..000000000000
--- a/security/ike/files/patch-source_iked_ike.exch.inform.cpp
+++ /dev/null
@@ -1,48 +0,0 @@
---- source/iked/ike.exch.inform.cpp.orig	2010-12-02 16:06:10 UTC
-+++ source/iked/ike.exch.inform.cpp
-@@ -399,15 +399,15 @@ long _IKED::inform_chk_hash( IDB_PH1 * ph1, IDB_XCH * 
- 	BDATA hash_c;
- 	hash_c.size( ph1->hash_size );
- 
--	HMAC_CTX ctx_prf;
--	HMAC_CTX_init( &ctx_prf );
-+	HMAC_CTX *ctx_prf;
-+	ctx_prf = HMAC_CTX_new();
- 
--	HMAC_Init_ex( &ctx_prf, ph1->skeyid_a.buff(), ( int ) ph1->skeyid_a.size(), ph1->evp_hash, NULL );
--	HMAC_Update( &ctx_prf, ( unsigned char * ) &inform->msgid, 4 );
--	HMAC_Update( &ctx_prf, inform->hda.buff(), inform->hda.size() );
--	HMAC_Final( &ctx_prf, hash_c.buff(), NULL );
-+	HMAC_Init_ex( ctx_prf, ph1->skeyid_a.buff(), ( int ) ph1->skeyid_a.size(), ph1->evp_hash, NULL );
-+	HMAC_Update( ctx_prf, ( unsigned char * ) &inform->msgid, 4 );
-+	HMAC_Update( ctx_prf, inform->hda.buff(), inform->hda.size() );
-+	HMAC_Final( ctx_prf, hash_c.buff(), NULL );
- 
--	HMAC_CTX_cleanup( &ctx_prf );
-+	HMAC_CTX_free( ctx_prf );
- 
- 	log.bin(
- 		LLOG_DEBUG,
-@@ -439,15 +439,15 @@ long _IKED::inform_gen_hash( IDB_PH1 * ph1, IDB_XCH * 
- {
- 	inform->hash_l.size( ph1->hash_size );
- 
--	HMAC_CTX ctx_prf;
--	HMAC_CTX_init( &ctx_prf );
-+	HMAC_CTX *ctx_prf;
-+	ctx_prf = HMAC_CTX_new();
- 
--	HMAC_Init_ex( &ctx_prf, ph1->skeyid_a.buff(), ( int ) ph1->skeyid_a.size(), ph1->evp_hash, NULL );
--	HMAC_Update( &ctx_prf, ( unsigned char * ) &inform->msgid, sizeof( inform->msgid ) );
--	HMAC_Update( &ctx_prf, inform->hda.buff(), inform->hda.size() );
--	HMAC_Final( &ctx_prf, inform->hash_l.buff(), 0 );
-+	HMAC_Init_ex( ctx_prf, ph1->skeyid_a.buff(), ( int ) ph1->skeyid_a.size(), ph1->evp_hash, NULL );
-+	HMAC_Update( ctx_prf, ( unsigned char * ) &inform->msgid, sizeof( inform->msgid ) );
-+	HMAC_Update( ctx_prf, inform->hda.buff(), inform->hda.size() );
-+	HMAC_Final( ctx_prf, inform->hash_l.buff(), 0 );
- 
--	HMAC_CTX_cleanup( &ctx_prf );
-+	HMAC_CTX_free( ctx_prf );
- 
- 	log.bin(
- 		LLOG_DEBUG,
diff --git a/security/ike/files/patch-source_iked_ike.exch.phase1.cpp b/security/ike/files/patch-source_iked_ike.exch.phase1.cpp
deleted file mode 100644
index 518d2a83f45d..000000000000
--- a/security/ike/files/patch-source_iked_ike.exch.phase1.cpp
+++ /dev/null
@@ -1,347 +0,0 @@
---- source/iked/ike.exch.phase1.cpp.orig	2012-02-08 05:09:35 UTC
-+++ source/iked/ike.exch.phase1.cpp
-@@ -1044,14 +1044,14 @@ long _IKED::process_phase1_send( IDB_PH1 * ph1 )
- 								BDATA psk_hash;
- 								psk_hash.size( ph1->hash_size );
- 
--								HMAC_CTX ctx_prf;
--								HMAC_CTX_init( &ctx_prf );
-+								HMAC_CTX *ctx_prf;
-+								ctx_prf = HMAC_CTX_new();
- 
--								HMAC_Init_ex( &ctx_prf, ph1->skeyid.buff(), ( int ) ph1->skeyid.size(), ph1->evp_hash, NULL );
--								HMAC_Update( &ctx_prf, ph1->tunnel->peer->psk.buff(), ph1->tunnel->peer->psk.size() );
--								HMAC_Final( &ctx_prf, psk_hash.buff(), NULL );
-+								HMAC_Init_ex( ctx_prf, ph1->skeyid.buff(), ( int ) ph1->skeyid.size(), ph1->evp_hash, NULL );
-+								HMAC_Update( ctx_prf, ph1->tunnel->peer->psk.buff(), ph1->tunnel->peer->psk.size() );
-+								HMAC_Final( ctx_prf, psk_hash.buff(), NULL );
- 
--								HMAC_CTX_cleanup( &ctx_prf );
-+								HMAC_CTX_free( ctx_prf );
- 
- 								//
- 								// add the notification payload
-@@ -1557,7 +1557,7 @@ long _IKED::phase1_gen_keys( IDB_PH1 * ph1 )
- 	{
- 		BDATA prv;
- 		prv.size( ph1->dh_size );
--		BN_bn2bin( ph1->dh->priv_key, prv.buff() );
-+		BN_bn2bin( DH_get0_priv_key( ph1->dh ), prv.buff() );
- 
- 		log.bin(
- 			LLOG_DECODE,
-@@ -1656,25 +1656,25 @@ long _IKED::phase1_gen_keys( IDB_PH1 * ph1 )
- 		case XAUTH_AUTH_INIT_PSK:
- 		case XAUTH_AUTH_RESP_PSK:
- 		{
--			HMAC_CTX ctx_prf;
--			HMAC_CTX_init( &ctx_prf );
-+			HMAC_CTX *ctx_prf;
-+			ctx_prf = HMAC_CTX_new();
- 
--			HMAC_Init_ex( &ctx_prf, ph1->tunnel->peer->psk.buff(), ( int ) ph1->tunnel->peer->psk.size(), ph1->evp_hash, NULL );
-+			HMAC_Init_ex( ctx_prf, ph1->tunnel->peer->psk.buff(), ( int ) ph1->tunnel->peer->psk.size(), ph1->evp_hash, NULL );
- 
- 			if( ph1->initiator )
- 			{
--				HMAC_Update( &ctx_prf, ph1->nonce_l.buff(), ph1->nonce_l.size() );
--				HMAC_Update( &ctx_prf, ph1->nonce_r.buff(), ph1->nonce_r.size() );
-+				HMAC_Update( ctx_prf, ph1->nonce_l.buff(), ph1->nonce_l.size() );
-+				HMAC_Update( ctx_prf, ph1->nonce_r.buff(), ph1->nonce_r.size() );
- 			}
- 			else
- 			{
--				HMAC_Update( &ctx_prf, ph1->nonce_r.buff(), ph1->nonce_r.size() );
--				HMAC_Update( &ctx_prf, ph1->nonce_l.buff(), ph1->nonce_l.size() );
-+				HMAC_Update( ctx_prf, ph1->nonce_r.buff(), ph1->nonce_r.size() );
-+				HMAC_Update( ctx_prf, ph1->nonce_l.buff(), ph1->nonce_l.size() );
- 			}
- 
--			HMAC_Final( &ctx_prf, skeyid_data, NULL );
-+			HMAC_Final( ctx_prf, skeyid_data, NULL );
- 
--			HMAC_CTX_cleanup( &ctx_prf );
-+			HMAC_CTX_free( ctx_prf );
- 
- 			break;
- 		}
-@@ -1704,14 +1704,14 @@ long _IKED::phase1_gen_keys( IDB_PH1 * ph1 )
- 				nonce.add( ph1->nonce_l );
- 			}
- 
--			HMAC_CTX ctx_prf;
--			HMAC_CTX_init( &ctx_prf );
-+			HMAC_CTX *ctx_prf;
-+			ctx_prf = HMAC_CTX_new();
- 
--			HMAC_Init_ex( &ctx_prf, nonce.buff(), ( int ) nonce.size(), ph1->evp_hash, NULL );
--			HMAC_Update( &ctx_prf, shared.buff(), shared.size() );
--			HMAC_Final( &ctx_prf, skeyid_data, NULL );
-+			HMAC_Init_ex( ctx_prf, nonce.buff(), ( int ) nonce.size(), ph1->evp_hash, NULL );
-+			HMAC_Update( ctx_prf, shared.buff(), shared.size() );
-+			HMAC_Final( ctx_prf, skeyid_data, NULL );
- 
--			HMAC_CTX_cleanup( &ctx_prf );
-+			HMAC_CTX_free( ctx_prf );
- 
- 			break;
- 		}	
-@@ -1730,15 +1730,15 @@ long _IKED::phase1_gen_keys( IDB_PH1 * ph1 )
- 	// compute SKEYID_d
- 	//
- 
--	HMAC_CTX ctx_prf;
--	HMAC_CTX_init( &ctx_prf );
-+	HMAC_CTX *ctx_prf;
-+	ctx_prf = HMAC_CTX_new();
- 
--	HMAC_Init_ex( &ctx_prf, ph1->skeyid.buff(), ( int ) ph1->skeyid.size(), ph1->evp_hash, NULL );
--	HMAC_Update( &ctx_prf, shared.buff(), shared.size() );
--	HMAC_Update( &ctx_prf, ph1->cookies.i, ISAKMP_COOKIE_SIZE );
--	HMAC_Update( &ctx_prf, ph1->cookies.r, ISAKMP_COOKIE_SIZE );
--	HMAC_Update( &ctx_prf, ( unsigned char * ) "\0", 1 );
--	HMAC_Final( &ctx_prf, skeyid_data, NULL );
-+	HMAC_Init_ex( ctx_prf, ph1->skeyid.buff(), ( int ) ph1->skeyid.size(), ph1->evp_hash, NULL );
-+	HMAC_Update( ctx_prf, shared.buff(), shared.size() );
-+	HMAC_Update( ctx_prf, ph1->cookies.i, ISAKMP_COOKIE_SIZE );
-+	HMAC_Update( ctx_prf, ph1->cookies.r, ISAKMP_COOKIE_SIZE );
-+	HMAC_Update( ctx_prf, ( unsigned char * ) "\0", 1 );
-+	HMAC_Final( ctx_prf, skeyid_data, NULL );
- 
- 	ph1->skeyid_d.set( skeyid_data, skeyid_size );
- 
-@@ -1753,13 +1753,13 @@ long _IKED::phase1_gen_keys( IDB_PH1 * ph1 )
- 	// compute SKEYID_a
- 	//
- 
--	HMAC_Init_ex( &ctx_prf, ph1->skeyid.buff(), ( int ) ph1->skeyid.size(), ph1->evp_hash, NULL );
--	HMAC_Update( &ctx_prf, skeyid_data, skeyid_size );
--	HMAC_Update( &ctx_prf, shared.buff(), shared.size() );
--	HMAC_Update( &ctx_prf, ph1->cookies.i, ISAKMP_COOKIE_SIZE );
--	HMAC_Update( &ctx_prf, ph1->cookies.r, ISAKMP_COOKIE_SIZE );
--	HMAC_Update( &ctx_prf, ( unsigned char * ) "\1", 1 );
--	HMAC_Final( &ctx_prf, skeyid_data, NULL );
-+	HMAC_Init_ex( ctx_prf, ph1->skeyid.buff(), ( int ) ph1->skeyid.size(), ph1->evp_hash, NULL );
-+	HMAC_Update( ctx_prf, skeyid_data, skeyid_size );
-+	HMAC_Update( ctx_prf, shared.buff(), shared.size() );
-+	HMAC_Update( ctx_prf, ph1->cookies.i, ISAKMP_COOKIE_SIZE );
-+	HMAC_Update( ctx_prf, ph1->cookies.r, ISAKMP_COOKIE_SIZE );
-+	HMAC_Update( ctx_prf, ( unsigned char * ) "\1", 1 );
-+	HMAC_Final( ctx_prf, skeyid_data, NULL );
- 
- 	ph1->skeyid_a.set( skeyid_data, skeyid_size );
- 
-@@ -1774,13 +1774,13 @@ long _IKED::phase1_gen_keys( IDB_PH1 * ph1 )
- 	// compute SKEYID_e
- 	//
- 
--	HMAC_Init_ex( &ctx_prf, ph1->skeyid.buff(), ( int ) ph1->skeyid.size(), ph1->evp_hash, NULL );
--	HMAC_Update( &ctx_prf, skeyid_data, skeyid_size );
--	HMAC_Update( &ctx_prf, shared.buff(), shared.size() );
--	HMAC_Update( &ctx_prf, ph1->cookies.i, ISAKMP_COOKIE_SIZE );
--	HMAC_Update( &ctx_prf, ph1->cookies.r, ISAKMP_COOKIE_SIZE );
--	HMAC_Update( &ctx_prf, ( unsigned char * ) "\2", 1 );
--	HMAC_Final( &ctx_prf, skeyid_data, NULL );
-+	HMAC_Init_ex( ctx_prf, ph1->skeyid.buff(), ( int ) ph1->skeyid.size(), ph1->evp_hash, NULL );
-+	HMAC_Update( ctx_prf, skeyid_data, skeyid_size );
-+	HMAC_Update( ctx_prf, shared.buff(), shared.size() );
-+	HMAC_Update( ctx_prf, ph1->cookies.i, ISAKMP_COOKIE_SIZE );
-+	HMAC_Update( ctx_prf, ph1->cookies.r, ISAKMP_COOKIE_SIZE );
-+	HMAC_Update( ctx_prf, ( unsigned char * ) "\2", 1 );
-+	HMAC_Final( ctx_prf, skeyid_data, NULL );
- 
- 	ph1->skeyid_e.set( skeyid_data, skeyid_size );
- 
-@@ -1821,15 +1821,15 @@ long _IKED::phase1_gen_keys( IDB_PH1 * ph1 )
- 
- 		// create extended key data
- 
--		HMAC_Init_ex( &ctx_prf, skeyid_data, skeyid_size, ph1->evp_hash, NULL );
--		HMAC_Update( &ctx_prf, ( unsigned char * ) "\0", 1 );
--		HMAC_Final( &ctx_prf, key_data, NULL );
-+		HMAC_Init_ex( ctx_prf, skeyid_data, skeyid_size, ph1->evp_hash, NULL );
-+		HMAC_Update( ctx_prf, ( unsigned char * ) "\0", 1 );
-+		HMAC_Final( ctx_prf, key_data, NULL );
- 
- 		for( long size = skeyid_size; size < key_size; size += skeyid_size )
- 		{
--			HMAC_Init_ex( &ctx_prf, skeyid_data, skeyid_size, ph1->evp_hash, NULL );
--			HMAC_Update( &ctx_prf, key_data + size - skeyid_size, skeyid_size );
--			HMAC_Final( &ctx_prf, key_data + size, NULL );
-+			HMAC_Init_ex( ctx_prf, skeyid_data, skeyid_size, ph1->evp_hash, NULL );
-+			HMAC_Update( ctx_prf, key_data + size - skeyid_size, skeyid_size );
-+			HMAC_Final( ctx_prf, key_data + size, NULL );
- 		}
- 	}
- 	else
-@@ -1839,7 +1839,7 @@ long _IKED::phase1_gen_keys( IDB_PH1 * ph1 )
- 		memcpy( key_data, skeyid_data, key_size );
- 	}
- 
--	HMAC_CTX_cleanup( &ctx_prf );
-+	HMAC_CTX_free( ctx_prf );
- 
- 	if( proposal->ciph_kl )
- 		key_size = ( proposal->ciph_kl + 7 ) / 8;
-@@ -1860,22 +1860,23 @@ long _IKED::phase1_gen_keys( IDB_PH1 * ph1 )
- 	unsigned char iv_data[ HMAC_MAX_MD_CBLOCK ];
- 	unsigned long iv_size = EVP_CIPHER_iv_length( ph1->evp_cipher );
- 
--	EVP_MD_CTX ctx_hash;
--	EVP_DigestInit( &ctx_hash, ph1->evp_hash );
-+	EVP_MD_CTX *ctx_hash;
-+	ctx_hash = EVP_MD_CTX_new();
-+	EVP_DigestInit( ctx_hash, ph1->evp_hash );
- 
- 	if( ph1->initiator )
- 	{
--		EVP_DigestUpdate( &ctx_hash, ph1->xl.buff(), ph1->xl.size() );
--		EVP_DigestUpdate( &ctx_hash, ph1->xr.buff(), ph1->xr.size() );
-+		EVP_DigestUpdate( ctx_hash, ph1->xl.buff(), ph1->xl.size() );
-+		EVP_DigestUpdate( ctx_hash, ph1->xr.buff(), ph1->xr.size() );
- 	}
- 	else
- 	{
--		EVP_DigestUpdate( &ctx_hash, ph1->xr.buff(), ph1->xr.size() );
--		EVP_DigestUpdate( &ctx_hash, ph1->xl.buff(), ph1->xl.size() );
-+		EVP_DigestUpdate( ctx_hash, ph1->xr.buff(), ph1->xr.size() );
-+		EVP_DigestUpdate( ctx_hash, ph1->xl.buff(), ph1->xl.size() );
- 	}
- 
--	EVP_DigestFinal( &ctx_hash, iv_data, NULL );
--	EVP_MD_CTX_cleanup( &ctx_hash );
-+	EVP_DigestFinal( ctx_hash, iv_data, NULL );
-+	EVP_MD_CTX_free( ctx_hash );
- 
- 	ph1->iv.set( iv_data, iv_size );
- 
-@@ -1903,29 +1904,29 @@ long _IKED::phase1_gen_hash_i( IDB_PH1 * sa, BDATA & h
- 
- 	hash.size( sa->hash_size );
- 
--	HMAC_CTX ctx_prf;
--	HMAC_CTX_init( &ctx_prf );
-+	HMAC_CTX *ctx_prf;
-+	ctx_prf = HMAC_CTX_new();
- 
--	HMAC_Init_ex( &ctx_prf, sa->skeyid.buff(), ( int ) sa->skeyid.size(), sa->evp_hash, NULL );
-+	HMAC_Init_ex( ctx_prf, sa->skeyid.buff(), ( int ) sa->skeyid.size(), sa->evp_hash, NULL );
- 
- 	if( sa->initiator )
- 	{
--		HMAC_Update( &ctx_prf, sa->xl.buff(), sa->xl.size() );
--		HMAC_Update( &ctx_prf, sa->xr.buff(), sa->xr.size() );
-+		HMAC_Update( ctx_prf, sa->xl.buff(), sa->xl.size() );
-+		HMAC_Update( ctx_prf, sa->xr.buff(), sa->xr.size() );
- 	}
- 	else
- 	{
--		HMAC_Update( &ctx_prf, sa->xr.buff(), sa->xr.size() );
--		HMAC_Update( &ctx_prf, sa->xl.buff(), sa->xl.size() );
-+		HMAC_Update( ctx_prf, sa->xr.buff(), sa->xr.size() );
-+		HMAC_Update( ctx_prf, sa->xl.buff(), sa->xl.size() );
- 	}
- 
--	HMAC_Update( &ctx_prf, sa->cookies.i, ISAKMP_COOKIE_SIZE );
--	HMAC_Update( &ctx_prf, sa->cookies.r, ISAKMP_COOKIE_SIZE );
--	HMAC_Update( &ctx_prf, sa->hda.buff(), sa->hda.size() );
--	HMAC_Update( &ctx_prf, sa->idi.buff(), sa->idi.size() );
--	HMAC_Final( &ctx_prf, hash.buff(), NULL );
-+	HMAC_Update( ctx_prf, sa->cookies.i, ISAKMP_COOKIE_SIZE );
-+	HMAC_Update( ctx_prf, sa->cookies.r, ISAKMP_COOKIE_SIZE );
-+	HMAC_Update( ctx_prf, sa->hda.buff(), sa->hda.size() );
-+	HMAC_Update( ctx_prf, sa->idi.buff(), sa->idi.size() );
-+	HMAC_Final( ctx_prf, hash.buff(), NULL );
- 
--	HMAC_CTX_cleanup( &ctx_prf );
-+	HMAC_CTX_free( ctx_prf );
- 
- 	log.bin(
- 		LLOG_DEBUG,
-@@ -1945,29 +1946,29 @@ long _IKED::phase1_gen_hash_r( IDB_PH1 * sa, BDATA & h
- 
- 	hash.size( sa->hash_size );
- 
--	HMAC_CTX ctx_prf;
--	HMAC_CTX_init( &ctx_prf );
-+	HMAC_CTX *ctx_prf;
-+	ctx_prf = HMAC_CTX_new();
- 
--	HMAC_Init_ex( &ctx_prf, sa->skeyid.buff(), ( int ) sa->skeyid.size(), sa->evp_hash, NULL );
-+	HMAC_Init_ex( ctx_prf, sa->skeyid.buff(), ( int ) sa->skeyid.size(), sa->evp_hash, NULL );
- 
- 	if( sa->initiator )
- 	{
--		HMAC_Update( &ctx_prf, sa->xr.buff(), sa->xr.size() );
--		HMAC_Update( &ctx_prf, sa->xl.buff(), sa->xl.size() );
-+		HMAC_Update( ctx_prf, sa->xr.buff(), sa->xr.size() );
-+		HMAC_Update( ctx_prf, sa->xl.buff(), sa->xl.size() );
- 	}
- 	else
- 	{
--		HMAC_Update( &ctx_prf, sa->xl.buff(), sa->xl.size() );
--		HMAC_Update( &ctx_prf, sa->xr.buff(), sa->xr.size() );
-+		HMAC_Update( ctx_prf, sa->xl.buff(), sa->xl.size() );
-+		HMAC_Update( ctx_prf, sa->xr.buff(), sa->xr.size() );
- 	}
- 
--	HMAC_Update( &ctx_prf, sa->cookies.r, ISAKMP_COOKIE_SIZE );
--	HMAC_Update( &ctx_prf, sa->cookies.i, ISAKMP_COOKIE_SIZE );
--	HMAC_Update( &ctx_prf, sa->hda.buff(), sa->hda.size() );
--	HMAC_Update( &ctx_prf, sa->idr.buff(), sa->idr.size() );
--	HMAC_Final( &ctx_prf, hash.buff(), NULL );
-+	HMAC_Update( ctx_prf, sa->cookies.r, ISAKMP_COOKIE_SIZE );
-+	HMAC_Update( ctx_prf, sa->cookies.i, ISAKMP_COOKIE_SIZE );
-+	HMAC_Update( ctx_prf, sa->hda.buff(), sa->hda.size() );
-+	HMAC_Update( ctx_prf, sa->idr.buff(), sa->idr.size() );
-+	HMAC_Final( ctx_prf, hash.buff(), NULL );
- 
--	HMAC_CTX_cleanup( &ctx_prf );
-+	HMAC_CTX_free( ctx_prf );
- 
- 	log.bin(
- 		LLOG_DEBUG,
-@@ -2569,14 +2570,14 @@ long _IKED::phase1_gen_natd( IDB_PH1 * ph1 )
- 	// hash for remote address
- 	//
- 
--	EVP_MD_CTX ctx_hash;
--	EVP_DigestInit( &ctx_hash, ph1->evp_hash );
--	EVP_DigestUpdate( &ctx_hash, ph1->cookies.i, ISAKMP_COOKIE_SIZE );
--	EVP_DigestUpdate( &ctx_hash, ph1->cookies.r, ISAKMP_COOKIE_SIZE );
--	EVP_DigestUpdate( &ctx_hash, &ph1->tunnel->saddr_r.saddr4.sin_addr.s_addr, 4 );
--	EVP_DigestUpdate( &ctx_hash, &ph1->tunnel->saddr_r.saddr4.sin_port, 2 );
--	EVP_DigestFinal( &ctx_hash, natd.buff(), NULL );
--	EVP_MD_CTX_cleanup( &ctx_hash );
-+	EVP_MD_CTX *ctx_hash;
-+	ctx_hash = EVP_MD_CTX_new();
-+	EVP_DigestInit( ctx_hash, ph1->evp_hash );
-+	EVP_DigestUpdate( ctx_hash, ph1->cookies.i, ISAKMP_COOKIE_SIZE );
-+	EVP_DigestUpdate( ctx_hash, ph1->cookies.r, ISAKMP_COOKIE_SIZE );
-+	EVP_DigestUpdate( ctx_hash, &ph1->tunnel->saddr_r.saddr4.sin_addr.s_addr, 4 );
-+	EVP_DigestUpdate( ctx_hash, &ph1->tunnel->saddr_r.saddr4.sin_port, 2 );
-+	EVP_DigestFinal( ctx_hash, natd.buff(), NULL );
- 
- 	ph1->natd_hash_l.add( natd );
- 
-@@ -2585,13 +2586,13 @@ long _IKED::phase1_gen_natd( IDB_PH1 * ph1 )
- 	// hash for local address
- 	//
- 
--	EVP_DigestInit( &ctx_hash, ph1->evp_hash );
--	EVP_DigestUpdate( &ctx_hash, ph1->cookies.i, ISAKMP_COOKIE_SIZE );
--	EVP_DigestUpdate( &ctx_hash, ph1->cookies.r, ISAKMP_COOKIE_SIZE );
--	EVP_DigestUpdate( &ctx_hash, &ph1->tunnel->saddr_l.saddr4.sin_addr.s_addr, 4 );
--	EVP_DigestUpdate( &ctx_hash, &ph1->tunnel->saddr_l.saddr4.sin_port, 2 );
--	EVP_DigestFinal( &ctx_hash, natd.buff(), NULL );
--	EVP_MD_CTX_cleanup( &ctx_hash );
-+	EVP_DigestInit( ctx_hash, ph1->evp_hash );
-+	EVP_DigestUpdate( ctx_hash, ph1->cookies.i, ISAKMP_COOKIE_SIZE );
-+	EVP_DigestUpdate( ctx_hash, ph1->cookies.r, ISAKMP_COOKIE_SIZE );
-+	EVP_DigestUpdate( ctx_hash, &ph1->tunnel->saddr_l.saddr4.sin_addr.s_addr, 4 );
-+	EVP_DigestUpdate( ctx_hash, &ph1->tunnel->saddr_l.saddr4.sin_port, 2 );
-+	EVP_DigestFinal( ctx_hash, natd.buff(), NULL );
-+	EVP_MD_CTX_free( ctx_hash );
- 
- 	ph1->natd_hash_l.add( natd );
- 
diff --git a/security/ike/files/patch-source_iked_ike.exch.phase2.cpp b/security/ike/files/patch-source_iked_ike.exch.phase2.cpp
deleted file mode 100644
index 72ff56d65349..000000000000
--- a/security/ike/files/patch-source_iked_ike.exch.phase2.cpp
+++ /dev/null
@@ -1,153 +0,0 @@
---- source/iked/ike.exch.phase2.cpp.orig	2010-12-22 21:35:36 UTC
-+++ source/iked/ike.exch.phase2.cpp
-@@ -1008,14 +1008,14 @@ long _IKED::phase2_gen_hash_i( IDB_PH1 * ph1, IDB_PH2 
- 
- 	hash.size( ph1->hash_size );
- 
--	HMAC_CTX ctx_prf;
--	HMAC_CTX_init( &ctx_prf );
-+	HMAC_CTX *ctx_prf;
-+	ctx_prf = HMAC_CTX_new();
- 
--	HMAC_Init_ex( &ctx_prf, ph1->skeyid_a.buff(), ( int ) ph1->skeyid_a.size(), ph1->evp_hash, NULL );
--	HMAC_Update( &ctx_prf, input.buff(), input.size() );
--	HMAC_Final( &ctx_prf, hash.buff(), NULL );
-+	HMAC_Init_ex( ctx_prf, ph1->skeyid_a.buff(), ( int ) ph1->skeyid_a.size(), ph1->evp_hash, NULL );
-+	HMAC_Update( ctx_prf, input.buff(), input.size() );
-+	HMAC_Final( ctx_prf, hash.buff(), NULL );
- 
--	HMAC_CTX_cleanup( &ctx_prf );
-+	HMAC_CTX_free( ctx_prf );
- 
- 	log.bin(
- 		LLOG_DEBUG,
-@@ -1048,14 +1048,14 @@ long _IKED::phase2_gen_hash_r( IDB_PH1 * ph1, IDB_PH2 
- 
- 	hash.size( ph1->hash_size );
- 
--	HMAC_CTX ctx_prf;
--	HMAC_CTX_init( &ctx_prf );
-+	HMAC_CTX *ctx_prf;
-+	ctx_prf = HMAC_CTX_new();
- 
--	HMAC_Init_ex( &ctx_prf, ph1->skeyid_a.buff(), ( int ) ph1->skeyid_a.size(), ph1->evp_hash, NULL );
--	HMAC_Update( &ctx_prf, input.buff(), input.size() );
--	HMAC_Final( &ctx_prf, hash.buff(), NULL );
-+	HMAC_Init_ex( ctx_prf, ph1->skeyid_a.buff(), ( int ) ph1->skeyid_a.size(), ph1->evp_hash, NULL );
-+	HMAC_Update( ctx_prf, input.buff(), input.size() );
-+	HMAC_Final( ctx_prf, hash.buff(), NULL );
- 
--	HMAC_CTX_cleanup( &ctx_prf );
-+	HMAC_CTX_free( ctx_prf );
- 
- 	log.bin(
- 		LLOG_DEBUG,
-@@ -1093,14 +1093,14 @@ long _IKED::phase2_gen_hash_p( IDB_PH1 * ph1, IDB_PH2 
- 
- 	hash.size( ph1->hash_size );
- 
--	HMAC_CTX ctx_prf;
--	HMAC_CTX_init( &ctx_prf );
-+	HMAC_CTX *ctx_prf;
-+	ctx_prf = HMAC_CTX_new();
- 
--	HMAC_Init_ex( &ctx_prf, ph1->skeyid_a.buff(), ( int ) ph1->skeyid_a.size(), ph1->evp_hash, NULL );
--	HMAC_Update( &ctx_prf, input.buff(), input.size() );
--	HMAC_Final( &ctx_prf, hash.buff(), 0 );
-+	HMAC_Init_ex( ctx_prf, ph1->skeyid_a.buff(), ( int ) ph1->skeyid_a.size(), ph1->evp_hash, NULL );
-+	HMAC_Update( ctx_prf, input.buff(), input.size() );
-+	HMAC_Final( ctx_prf, hash.buff(), 0 );
- 
--	HMAC_CTX_cleanup( &ctx_prf );
-+	HMAC_CTX_free( ctx_prf );
- 
- 	log.bin(
- 		LLOG_DEBUG,
-@@ -1555,7 +1555,7 @@ long _IKED::phase2_gen_keys( IDB_PH1 * ph1, IDB_PH2 * 
- 		{
- 			BDATA prv;
- 			prv.size( ph2->dh_size );
--			BN_bn2bin( ph2->dh->priv_key, prv.buff() );
-+			BN_bn2bin( DH_get0_priv_key( ph2->dh ), prv.buff() );
- 
- 			log.bin(
- 				LLOG_DECODE,
-@@ -1817,56 +1817,56 @@ long _IKED::phase2_gen_keys( IDB_PH1 * ph1, IDB_PH2 * 
- 	// K3 = prf( SKEYID_d, K2 | [ g(qm)^xy | ] protocol | SPI | Ni_b | Nr_b )
- 	//
- 	
--	HMAC_CTX ctx_prf;
--	HMAC_CTX_init( &ctx_prf );
-+	HMAC_CTX *ctx_prf;
-+	ctx_prf = HMAC_CTX_new();
- 
--	HMAC_Init_ex( &ctx_prf, ph1->skeyid_d.buff(), ( int ) ph1->skeyid_d.size(), ph1->evp_hash, NULL );
-+	HMAC_Init_ex( ctx_prf, ph1->skeyid_d.buff(), ( int ) ph1->skeyid_d.size(), ph1->evp_hash, NULL );
- 
- 	if( ph2->dhgr_id )
--		HMAC_Update( &ctx_prf, shared.buff(), shared.size() );
-+		HMAC_Update( ctx_prf, shared.buff(), shared.size() );
- 
--	HMAC_Update( &ctx_prf, ( unsigned char * ) &proposal->proto, 1 );
--	HMAC_Update( &ctx_prf, ( unsigned char * ) &proposal->spi, 4 );
-+	HMAC_Update( ctx_prf, ( unsigned char * ) &proposal->proto, 1 );
-+	HMAC_Update( ctx_prf, ( unsigned char * ) &proposal->spi, 4 );
- 
- 	if( ph2->initiator )
- 	{
--		HMAC_Update( &ctx_prf, ph2->nonce_l.buff(), ph2->nonce_l.size() );
--		HMAC_Update( &ctx_prf, ph2->nonce_r.buff(), ph2->nonce_r.size() );
-+		HMAC_Update( ctx_prf, ph2->nonce_l.buff(), ph2->nonce_l.size() );
-+		HMAC_Update( ctx_prf, ph2->nonce_r.buff(), ph2->nonce_r.size() );
- 	}
- 	else
- 	{
--		HMAC_Update( &ctx_prf, ph2->nonce_r.buff(), ph2->nonce_r.size() );
--		HMAC_Update( &ctx_prf, ph2->nonce_l.buff(), ph2->nonce_l.size() );
-+		HMAC_Update( ctx_prf, ph2->nonce_r.buff(), ph2->nonce_r.size() );
-+		HMAC_Update( ctx_prf, ph2->nonce_l.buff(), ph2->nonce_l.size() );
- 	}
- 
--	HMAC_Final( &ctx_prf, key_data, NULL );
-+	HMAC_Final( ctx_prf, key_data, NULL );
- 
- 	for( long size = skeyid_size; size < key_size; size += skeyid_size )
- 	{
--		HMAC_Init_ex( &ctx_prf, ph1->skeyid_d.buff(), ( int ) ph1->skeyid_d.size(), ph1->evp_hash, NULL );
--		HMAC_Update( &ctx_prf, key_data + size - skeyid_size, skeyid_size );
-+		HMAC_Init_ex( ctx_prf, ph1->skeyid_d.buff(), ( int ) ph1->skeyid_d.size(), ph1->evp_hash, NULL );
-+		HMAC_Update( ctx_prf, key_data + size - skeyid_size, skeyid_size );
- 
- 		if( ph2->dhgr_id )
--			HMAC_Update( &ctx_prf, shared.buff(), shared.size() );
-+			HMAC_Update( ctx_prf, shared.buff(), shared.size() );
- 
--		HMAC_Update( &ctx_prf, ( unsigned char * ) &proposal->proto, 1 );
--		HMAC_Update( &ctx_prf, ( unsigned char * ) &proposal->spi, 4 );
-+		HMAC_Update( ctx_prf, ( unsigned char * ) &proposal->proto, 1 );
-+		HMAC_Update( ctx_prf, ( unsigned char * ) &proposal->spi, 4 );
- 
- 		if( ph2->initiator )
- 		{
--			HMAC_Update( &ctx_prf, ph2->nonce_l.buff(), ph2->nonce_l.size() );
--			HMAC_Update( &ctx_prf, ph2->nonce_r.buff(), ph2->nonce_r.size() );
-+			HMAC_Update( ctx_prf, ph2->nonce_l.buff(), ph2->nonce_l.size() );
-+			HMAC_Update( ctx_prf, ph2->nonce_r.buff(), ph2->nonce_r.size() );
- 		}
- 		else
- 		{
--			HMAC_Update( &ctx_prf, ph2->nonce_r.buff(), ph2->nonce_r.size() );
--			HMAC_Update( &ctx_prf, ph2->nonce_l.buff(), ph2->nonce_l.size() );
-+			HMAC_Update( ctx_prf, ph2->nonce_r.buff(), ph2->nonce_r.size() );
-+			HMAC_Update( ctx_prf, ph2->nonce_l.buff(), ph2->nonce_l.size() );
- 		}
- 
--		HMAC_Final( &ctx_prf, key_data + size, 0 );
-+		HMAC_Final( ctx_prf, key_data + size, 0 );
- 	}
- 
--	HMAC_CTX_cleanup( &ctx_prf );
-+	HMAC_CTX_free( ctx_prf );
- 
- 	//
- 	// separate encrypt and auth key data
diff --git a/security/ike/files/patch-source_iked_ike.idb.exch.cpp b/security/ike/files/patch-source_iked_ike.idb.exch.cpp
deleted file mode 100644
index 5b53d375221d..000000000000
--- a/security/ike/files/patch-source_iked_ike.idb.exch.cpp
+++ /dev/null
@@ -1,22 +0,0 @@
---- source/iked/ike.idb.exch.cpp.orig	2011-01-15 22:09:32 UTC
-+++ source/iked/ike.idb.exch.cpp
-@@ -134,12 +134,13 @@ bool _IDB_XCH::new_msgiv( IDB_PH1 * ph1 )
- 	unsigned char iv_data[ EVP_MAX_MD_SIZE ];
- 	unsigned long iv_size = EVP_CIPHER_iv_length( ph1->evp_cipher );
- 
--	EVP_MD_CTX ctx_hash;
--	EVP_DigestInit( &ctx_hash, ph1->evp_hash );
--	EVP_DigestUpdate( &ctx_hash, ph1->iv.buff(), ph1->iv.size() );
--	EVP_DigestUpdate( &ctx_hash, &msgid, 4 );
--	EVP_DigestFinal( &ctx_hash, iv_data, NULL );
--	EVP_MD_CTX_cleanup( &ctx_hash );
-+	EVP_MD_CTX *ctx_hash;
-+	ctx_hash = EVP_MD_CTX_new();
-+	EVP_DigestInit( ctx_hash, ph1->evp_hash );
-+	EVP_DigestUpdate( ctx_hash, ph1->iv.buff(), ph1->iv.size() );
-+	EVP_DigestUpdate( ctx_hash, &msgid, 4 );
-+	EVP_DigestFinal( ctx_hash, iv_data, NULL );
-+	EVP_MD_CTX_free( ctx_hash );
- 
- 	iv.set( iv_data, iv_size );
- 
diff --git a/security/ike/files/patch-source_iked_ike.idb.phase1.cpp b/security/ike/files/patch-source_iked_ike.idb.phase1.cpp
deleted file mode 100644
index 07be9b392d49..000000000000
--- a/security/ike/files/patch-source_iked_ike.idb.phase1.cpp
+++ /dev/null
@@ -1,11 +0,0 @@
---- source/iked/ike.idb.phase1.cpp.orig	2011-02-01 07:21:32 UTC
-+++ source/iked/ike.idb.phase1.cpp
-@@ -676,7 +676,7 @@ bool _IDB_PH1::setup_dhgrp( IKE_PROPOSAL * proposal )
- 	}
- 
- 	xl.size( dh_size );
--	long result = BN_bn2bin( dh->pub_key, xl.buff() );
-+	long result = BN_bn2bin( DH_get0_pub_key( dh ), xl.buff() );
- 
- 	//
- 	// fixup public buffer alignment
diff --git a/security/ike/files/patch-source_iked_ike.idb.phase2.cpp b/security/ike/files/patch-source_iked_ike.idb.phase2.cpp
deleted file mode 100644
index e49a1562020b..000000000000
--- a/security/ike/files/patch-source_iked_ike.idb.phase2.cpp
+++ /dev/null
@@ -1,11 +0,0 @@
---- source/iked/ike.idb.phase2.cpp.orig	2012-11-19 23:28:52 UTC
-+++ source/iked/ike.idb.phase2.cpp
-@@ -438,7 +438,7 @@ bool _IDB_PH2::setup_dhgrp()
- 		}
- 
- 		xl.size( dh_size );
--		long result = BN_bn2bin( dh->pub_key, xl.buff() );
-+		long result = BN_bn2bin( DH_get0_pub_key( dh ), xl.buff() );
- 
- 		//
- 		// fixup public buffer alignment
diff --git a/security/ike/files/patch-source_iked_ike.keyfile.cpp b/security/ike/files/patch-source_iked_ike.keyfile.cpp
deleted file mode 100644
index db7cadf90d7a..000000000000
--- a/security/ike/files/patch-source_iked_ike.keyfile.cpp
+++ /dev/null
@@ -1,82 +0,0 @@
---- source/iked/ike.keyfile.cpp.orig	2012-12-15 22:14:32 UTC
-+++ source/iked/ike.keyfile.cpp
-@@ -663,15 +663,19 @@ static int verify_cb( int ok, X509_STORE_CTX * store_c
- 	{
- 		long ll = LLOG_ERROR;
- 		char name[ 512 ];
-+		int error, error_depth;
- 
--		X509_NAME * x509_name = X509_get_subject_name( store_ctx->current_cert );
-+		X509_NAME * x509_name = X509_get_subject_name( X509_STORE_CTX_get_current_cert(store_ctx) );
- 
- 		X509_NAME_oneline(
- 			x509_name,
- 			name,
- 			512 );
-+
-+		error = X509_STORE_CTX_get_error(store_ctx);
-+		error_depth = X509_STORE_CTX_get_error_depth(store_ctx);
- 
--		switch( store_ctx->error )
-+		switch( error )
- 		{
- 			case X509_V_ERR_UNABLE_TO_GET_CRL:
- 				ok = 1;
-@@ -683,9 +687,9 @@ static int verify_cb( int ok, X509_STORE_CTX * store_c
- 			ll,
- 			"ii : %s(%d) at depth:%d\n"
- 			"ii : subject :%s\n",
--			X509_verify_cert_error_string( store_ctx->error ),
--			store_ctx->error,
--			store_ctx->error_depth,
-+			X509_verify_cert_error_string( error ),
-+			error,
-+			error_depth,
- 			name );
- 	}
- 
-@@ -857,7 +861,7 @@ bool prvkey_rsa_load_pem( BDATA & prvkey, FILE * fp, B
- 	if( evp_pkey == NULL )
- 		return false;
- 
--	bool converted = prvkey_rsa_2_bdata( prvkey, evp_pkey->pkey.rsa );
-+	bool converted = prvkey_rsa_2_bdata( prvkey, EVP_PKEY_get0_RSA(evp_pkey) );
- 	EVP_PKEY_free( evp_pkey );
- 
- 	return converted;
-@@ -883,7 +887,7 @@ bool prvkey_rsa_load_p12( BDATA & prvkey, FILE * fp, B
- 	if( evp_pkey == NULL )
- 		return false;
- 
--	bool converted = prvkey_rsa_2_bdata( prvkey, evp_pkey->pkey.rsa );
-+	bool converted = prvkey_rsa_2_bdata( prvkey, EVP_PKEY_get0_RSA(evp_pkey) );
- 	EVP_PKEY_free( evp_pkey );
- 
- 	return converted;
-@@ -939,7 +943,7 @@ bool prvkey_rsa_load_pem( BDATA & prvkey, BDATA & inpu
- 	if( evp_pkey == NULL )
- 		return false;
- 
--	bool converted = prvkey_rsa_2_bdata( prvkey, evp_pkey->pkey.rsa );
-+	bool converted = prvkey_rsa_2_bdata( prvkey, EVP_PKEY_get0_RSA(evp_pkey) );
- 	EVP_PKEY_free( evp_pkey );
- 
- 	return converted;
-@@ -976,7 +980,7 @@ bool prvkey_rsa_load_p12( BDATA & prvkey, BDATA & inpu
- 	if( evp_pkey == NULL )
- 		return false;
- 
--	bool converted = prvkey_rsa_2_bdata( prvkey, evp_pkey->pkey.rsa );
-+	bool converted = prvkey_rsa_2_bdata( prvkey, EVP_PKEY_get0_RSA(evp_pkey) );
- 	EVP_PKEY_free( evp_pkey );
- 
- 	return converted;
-@@ -1010,7 +1014,7 @@ bool _IKED::pubkey_rsa_read( BDATA & cert, BDATA & pub
- 	if( evp_pkey == NULL )
- 		return false;
- 
--	bool result = pubkey_rsa_2_bdata( pubkey, evp_pkey->pkey.rsa );
-+	bool result = pubkey_rsa_2_bdata( pubkey, EVP_PKEY_get0_RSA(evp_pkey) );
- 
- 	EVP_PKEY_free( evp_pkey );
- 
diff --git a/security/ike/files/patch-source_libike_manager.file.cpp b/security/ike/files/patch-source_libike_manager.file.cpp
deleted file mode 100644
index 7cd3daee1000..000000000000
--- a/security/ike/files/patch-source_libike_manager.file.cpp
+++ /dev/null
@@ -1,26 +0,0 @@
---- source/libike/manager.file.cpp.orig	2011-02-06 16:40:00 UTC
-+++ source/libike/manager.file.cpp
-@@ -679,11 +679,11 @@ bool _CONFIG_MANAGER::file_pcf_load( CONFIG & config, 
- 			BDATA pwd;
- 			data.get( pwd );
- 
--			EVP_CIPHER_CTX ctx_cipher;
--			EVP_CIPHER_CTX_init( &ctx_cipher );
-+			EVP_CIPHER_CTX *ctx_cipher;
-+			ctx_cipher = EVP_CIPHER_CTX_new();
- 
- 			EVP_CipherInit_ex(
--				&ctx_cipher,
-+				ctx_cipher,
- 				EVP_des_ede3_cbc(),
- 				NULL,
- 				key,
-@@ -691,7 +691,7 @@ bool _CONFIG_MANAGER::file_pcf_load( CONFIG & config, 
- 				0 );
- 
- 			EVP_Cipher(
--				&ctx_cipher,
-+				ctx_cipher,
- 				pwd.buff(),
- 				pwd.buff(),
- 				( unsigned int ) pwd.size() );
diff --git a/security/ike/pkg-descr b/security/ike/pkg-descr
deleted file mode 100644
index 0137165dd6db..000000000000
--- a/security/ike/pkg-descr
+++ /dev/null
@@ -1,8 +0,0 @@
-This port contains the Shrew Soft IKE daemon and client tools. The
-software supports IKE V1 communications with an emphasis on client
-functionality. It was originally designed to complement a gateway
-running the ipsec-tools racoon daemon. The latest version offers a
-high level of compatibility with Cisco, Juniper, Zywall, Fortigate
-and many other commercial IPsec VPN gateways.
-
-WWW: http://www.shrew.net/
diff --git a/security/ike/pkg-plist b/security/ike/pkg-plist
deleted file mode 100644
index 4c30b02075c1..000000000000
--- a/security/ike/pkg-plist
+++ /dev/null
@@ -1,18 +0,0 @@
-@sample etc/iked.conf.sample
-bin/ikec
-sbin/iked
-lib/libss_idb.so
-lib/libss_idb.so.2.2.1
-lib/libss_ike.so
-lib/libss_ike.so.2.2.1
-lib/libss_ip.so
-lib/libss_ip.so.2.2.1
-lib/libss_ith.so
-lib/libss_ith.so.2.2.1
-lib/libss_log.so
-lib/libss_log.so.2.2.1
-lib/libss_pfk.so
-lib/libss_pfk.so.2.2.1
-man/man1/ikec.1.gz
-man/man5/iked.conf.5.gz
-man/man8/iked.8.gz
diff --git a/security/integrit/Makefile b/security/integrit/Makefile
deleted file mode 100644
index ba12f4dfcd5b..000000000000
--- a/security/integrit/Makefile
+++ /dev/null
@@ -1,31 +0,0 @@
-# Created by: Ying-Chieh Liao <ijliao@csie.nctu.edu.tw>
-
-PORTNAME=	integrit
-PORTVERSION=	4.1
-PORTREVISION=	1
-CATEGORIES=	security
-MASTER_SITES=	SF
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	File integrity verification program
-
-DEPRECATED=	Abandonware, last release in 2003
-EXPIRATION_DATE=2022-03-31
-
-USES=		makeinfo
-GNU_CONFIGURE=	yes
-ALL_TARGET=	${PORTNAME} utils
-
-PLIST_FILES=	bin/i-ls sbin/i-viewdb sbin/integrit man/man1/i-ls.1.gz \
-		man/man1/i-viewdb.1.gz man/man1/integrit.1.gz
-INFO=		integrit
-
-post-patch:
-	@${REINPLACE_CMD} -E 's,[\({](infodir|MANDIR)[\)}],(DESTDIR)$$&,' \
-		${WRKSRC}/doc/Makefile.in
-	@${REINPLACE_CMD} -E 's,(BIN|SBIN)DIR),DESTDIR)$$(&,' \
-		${WRKSRC}/Makefile.in \
-		${WRKSRC}/utils/Makefile.in
-	@${ECHO_CMD} ".PHONY: utils" >> ${WRKSRC}/Makefile.in
-
-.include <bsd.port.mk>
diff --git a/security/integrit/distinfo b/security/integrit/distinfo
deleted file mode 100644
index 0cb496a8f4e8..000000000000
--- a/security/integrit/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (integrit-4.1.tar.gz) = 2a09b670ee025d6fae756e044f780ccaca90688a97183a350927e3885174223e
-SIZE (integrit-4.1.tar.gz) = 271626
diff --git a/security/integrit/pkg-descr b/security/integrit/pkg-descr
deleted file mode 100644
index 98090ed944d5..000000000000
--- a/security/integrit/pkg-descr
+++ /dev/null
@@ -1,5 +0,0 @@
-Integrit is an alternative to file integrity verification programs
-like tripwire and aide. It helps you determine whether an intruder
-has modified a computer system.
-
-WWW: http://integrit.sourceforge.net/texinfo/integrit.html
diff --git a/security/ipfilter2dshield/Makefile b/security/ipfilter2dshield/Makefile
deleted file mode 100644
index 727ed05689cb..000000000000
--- a/security/ipfilter2dshield/Makefile
+++ /dev/null
@@ -1,44 +0,0 @@
-# Created by: Joe Barbish <fbsd_user@a1poweruser.com>
-
-PORTNAME=	ipfilter2dshield
-PORTVERSION=	1.0
-PORTREVISION=	2
-CATEGORIES=	security
-MASTER_SITES=	http://www.dshield.org/clients/
-DISTNAME=	dshield-freebsd.pl
-EXTRACT_SUFX=	.txt
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Official DShield client for ipfilter firewall logs
-
-DEPRECATED=	Abandonware, no word of it on upstream web site
-EXPIRATION_DATE=2022-03-31
-
-RUN_DEPENDS=	p5-Net-Netmask>=0:net-mgmt/p5-Net-Netmask
-
-USES=		perl5 shebangfix
-SHEBANG_FILES=	${DISTNAME}
-
-PKGMESSAGE=	${WRKDIR}/pkg-message
-PKGDEINSTALL=	${WRKDIR}/pkg-deinstall
-
-NO_BUILD=	yes
-NO_ARCH=	yes
-NO_WRKSUBDIR=	yes
-
-do-extract:
-	@${MKDIR} ${WRKSRC}
-	${CP} ${DISTDIR}/${DISTFILES} ${WRKSRC}/${DISTNAME}
-
-pre-install:
-	@${SED} -e "s=%%PREFIX%%=${PREFIX}=g" \
-		-e "s=%%DISTNAME%%=${DISTNAME}=g" \
-		pkg-message > ${PKGMESSAGE}
-
-do-install:
-	@${MKDIR} ${STAGEDIR}${ETCDIR}
-	${INSTALL_DATA} ${WRKSRC}/${DISTNAME} \
-		${STAGEDIR}${ETCDIR}/${DISTNAME}.sample
-	${INSTALL} -m 760 ${WRKSRC}/${DISTNAME} ${STAGEDIR}${PREFIX}/sbin
-
-.include <bsd.port.mk>
diff --git a/security/ipfilter2dshield/distinfo b/security/ipfilter2dshield/distinfo
deleted file mode 100644
index fb851d7a12a6..000000000000
--- a/security/ipfilter2dshield/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (dshield-freebsd.pl.txt) = cff5fbf1b344e6f466d11d58cf05f77ddab0b8f180dfb87f5d0d81205ad7fa2d
-SIZE (dshield-freebsd.pl.txt) = 15458
diff --git a/security/ipfilter2dshield/pkg-descr b/security/ipfilter2dshield/pkg-descr
deleted file mode 100644
index 67a1ce626980..000000000000
--- a/security/ipfilter2dshield/pkg-descr
+++ /dev/null
@@ -1,17 +0,0 @@
-This perl script is an official DShield client who's purpose is to
-read your FreeBSD ipfilter firewall ipmon log file and convert the
-log records to the standard DShield reporting record format, and
-imbed the converted log records into the body of an email that gets
-sent to DShield for automatic addition to their database and abuse
-reporting to the offenders ISP if you are an subscribed DShield member.
-
-Script contains user customable defaults which can be overridden with
-command line flags. (visit http://www.dshield.org for details).
-
-Script is installed into /usr/local/sbin where you can edit the
-defaults to meet your requirements. Issue rehash command to enable.
-
-WWW: http://www.dshield.org/linux_clients.php#freebsd
-
-Joe Barbish
-fbsd_user@a1poweruser.com
diff --git a/security/ipfilter2dshield/pkg-message b/security/ipfilter2dshield/pkg-message
deleted file mode 100644
index 04cdfe125fc9..000000000000
--- a/security/ipfilter2dshield/pkg-message
+++ /dev/null
@@ -1,26 +0,0 @@
-[
-{ type: install
-  message: <<EOM
-Installer instructions.  This port has installed the
-%%DISTNAME%% script into %%PREFIX%%/sbin directory.
-
-You have to edit the script and change the default email address in
-the script source. Script contains comments explaining what needs to
-be changed. You also have to create an exclude file, follow
-instructions in the script about the syntax of the exclude file
-content.
-
-To receive feedback reports and see your submitted log data online
-at dshield.org you have to sign up for free membership. See
-www.dshield.org for details.
-
-This script is part of the "proactive probing abuse reporting
-system"  port ppars-1.0 which has scripts that report abuse to your
-ISP and to the owning ISP from which the probe packets came from.
-Also contained in the ppars-1.0 port is instructions on how to auto
-launch the scripts only when the ipfilter log is rotated by
-newsyslog, which you may find useful for launching the dshield
-script installed by this port.
-EOM
-}
-]
diff --git a/security/ipfilter2dshield/pkg-plist b/security/ipfilter2dshield/pkg-plist
deleted file mode 100644
index 93a8b194b3e0..000000000000
--- a/security/ipfilter2dshield/pkg-plist
+++ /dev/null
@@ -1,2 +0,0 @@
-@sample etc/ipfilter2dshield/dshield-freebsd.pl.sample
-sbin/dshield-freebsd.pl
diff --git a/security/ipfw2dshield/Makefile b/security/ipfw2dshield/Makefile
deleted file mode 100644
index 786668f66a19..000000000000
--- a/security/ipfw2dshield/Makefile
+++ /dev/null
@@ -1,32 +0,0 @@
-# Created by: Frank W. Josellis <frank@dynamical-systems.org>
-
-PORTNAME=	ipfw2dshield
-PORTVERSION=	0.5
-CATEGORIES=	security
-MASTER_SITES=	http://www.dynamical-systems.org/ipfw/
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	DShield client for ipfw logs
-
-LICENSE=	GPLv2+
-LICENSE_FILE=	${WRKSRC}/COPYING
-
-DEPRECATED=	Abandonware, no word of it on upstream web site
-EXPIRATION_DATE=2022-03-31
-
-PORTDOCS=	CHANGES README.html README.txt
-
-OPTIONS_DEFINE=	DOCS
-
-post-patch:
-	@${REINPLACE_CMD} -e 's|%%PREFIX%%|${PREFIX}|g' ${WRKSRC}/ipfw2dshield
-	@${REINPLACE_CMD} -E -e '/^(CC|CFLAGS|prefix)/ s|=|?=|' \
-		-e 's|bindir)|DESTDIR)$$(&|' \
-		${WRKSRC}/ipaddr/Makefile \
-		${WRKSRC}/strpdate/Makefile
-
-post-install-DOCS-on:
-	@${MKDIR} ${STAGEDIR}${DOCSDIR}
-	${INSTALL_DATA} ${PORTDOCS:S|^|${WRKSRC}/|} ${STAGEDIR}${DOCSDIR}
-
-.include <bsd.port.mk>
diff --git a/security/ipfw2dshield/distinfo b/security/ipfw2dshield/distinfo
deleted file mode 100644
index c95ddebf237b..000000000000
--- a/security/ipfw2dshield/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (ipfw2dshield-0.5.tar.gz) = 823ec295d6a18b258a3e71d2423c869307e6bb45711e43eaf63599f716c77486
-SIZE (ipfw2dshield-0.5.tar.gz) = 17225
diff --git a/security/ipfw2dshield/files/patch-Makefile b/security/ipfw2dshield/files/patch-Makefile
deleted file mode 100644
index 03af926e3fe1..000000000000
--- a/security/ipfw2dshield/files/patch-Makefile
+++ /dev/null
@@ -1,29 +0,0 @@
---- Makefile.orig	2004-05-29 14:27:21 UTC
-+++ Makefile
-@@ -4,7 +4,8 @@
- RMCMD	= rm -f
- INSTALL = install
- 
--prefix	= /usr/local
-+prefix  = ${PREFIX}
-+etcdir	= $(prefix)/etc
- sbindir	= $(prefix)/sbin
- 
- SUBDIRS	= ipaddr strpdate
-@@ -28,13 +29,13 @@ $(RC):
- install: $(RC)
- 	@for subdir in $(SUBDIRS); do (cd $$subdir && make install) ; done
- 	@[ -d $(sbindir) ] || mkdir -vp $(sbindir)
--	$(INSTALL) -c -m 700 -o root $(PROGRAM) $(sbindir)
--	$(INSTALL) -c -m 600 -o root $(RC) $(HOME)/.$(RC).sample
-+	$(INSTALL) -c -m 700 $(PROGRAM) $(DESTDIR)$(sbindir)
-+	$(INSTALL) -c -m 600 $(RC) $(DESTDIR)$(etcdir)/$(RC).sample
- 
- uninstall:
- 	@for subdir in $(SUBDIRS); do (cd $$subdir && make uninstall) ; done
- 	-$(RMCMD) $(sbindir)/$(PROGRAM)
--	-$(RMCMD) $(HOME)/.$(RC).sample
-+	-$(RMCMD) $(etcdir)/$(RC).sample
- 
- clean:
- 	-$(RMCMD) *~ *.bak
diff --git a/security/ipfw2dshield/files/patch-README.html b/security/ipfw2dshield/files/patch-README.html
deleted file mode 100644
index c2124e646d7d..000000000000
--- a/security/ipfw2dshield/files/patch-README.html
+++ /dev/null
@@ -1,27 +0,0 @@
---- README.html.orig	2004-06-01 21:52:15 UTC
-+++ README.html
-@@ -38,11 +38,24 @@ This will install the following files:
- /usr/local/bin/ipaddr<br>
- ~/.ipfw2dshield.rc.sample
- </dd></dl>
-+<b>Note:</b> For the FreeBSD ports version the sample configuration file is
-+instead
-+<dl><dt><dt>
-+<dd>
-+/usr/local/etc/ipfw2dshield.rc.sample
-+</dd></dl>
- Copy or rename the sample configuration file to <em>~/.ipfw2dshield.rc</em>
- and edit this latter file to fit your local demands. Please read section 2
- below for an explanation of the configuration entries.
- <p>
- 
-+<b>Note:</b> The FreeBSD ports version does also accept
-+<nobr><em>/usr/local/etc/ipfw2dshield.rc</em></nobr>
-+as its configuration file. However, the preference is for
-+<nobr><em>~/.ipfw2dshield.rc</em></nobr>
-+in case that both these files exist.
-+<p>
-+
- The script creates a stampfile in <em>/var/tmp</em> where it stores date 
- and time information which will be accessed on a subsequent run to prevent
- multiple submission of log records. 
diff --git a/security/ipfw2dshield/files/patch-README.txt b/security/ipfw2dshield/files/patch-README.txt
deleted file mode 100644
index 0df4b6e3995f..000000000000
--- a/security/ipfw2dshield/files/patch-README.txt
+++ /dev/null
@@ -1,21 +0,0 @@
---- README.txt.orig	2004-06-01 21:52:15 UTC
-+++ README.txt
-@@ -21,10 +21,18 @@ This will install the following files:
-       /usr/local/bin/ipaddr
-       ~/.ipfw2dshield.rc.sample
- 
-+NNoottee:: For the FreeBSD ports version the sample configuration file is instead
-+
-+      /usr/local/etc/ipfw2dshield.rc.sample
-+
- Copy or rename the sample configuration file to ~~//..iippffww22ddsshhiieelldd..rrcc and edit
- this latter file to fit your local demands. Please read section 2 below for an
- explanation of the configuration entries.
- 
-+NNoottee:: The FreeBSD ports version does also accept //uussrr//llooccaall//eettcc//iippffww22ddsshhiieelldd..rrcc
-+as its configuration file. However, the preference is for ~~//..iippffww22ddsshhiieelldd..rrcc in
-+case that both these files exist.
-+
- The script creates a stampfile in //vvaarr//ttmmpp where it stores date and time
- information which will be accessed on a subsequent run to prevent multiple
- submission of log records. Hence this file should remain untouched for correct
diff --git a/security/ipfw2dshield/files/patch-ipfw2dshield b/security/ipfw2dshield/files/patch-ipfw2dshield
deleted file mode 100644
index 46060f66f9a6..000000000000
--- a/security/ipfw2dshield/files/patch-ipfw2dshield
+++ /dev/null
@@ -1,12 +0,0 @@
---- ipfw2dshield.orig	2004-10-09 08:54:10 UTC
-+++ ipfw2dshield
-@@ -279,7 +279,8 @@ else
- fi
- 
- # Suck in the config file.
--rc=~/.$prog.rc
-+rc=%%PREFIX%%/etc/$prog.rc
-+[ -e ~/.$prog.rc ] && rc=~/.$prog.rc
- [ -r $rc ] || bye "Permission denied: $rc"
- . $rc
- _logdir=$logdir
diff --git a/security/ipfw2dshield/pkg-descr b/security/ipfw2dshield/pkg-descr
deleted file mode 100644
index ee8398945c34..000000000000
--- a/security/ipfw2dshield/pkg-descr
+++ /dev/null
@@ -1,4 +0,0 @@
-ipfw2shield is a DShield client for ipfw logs, i.e., it inspects
-the firewall logs and can mail security reports to dshield.org
-
-WWW: http://www.dynamical-systems.org/ipfw/
diff --git a/security/ipfw2dshield/pkg-plist b/security/ipfw2dshield/pkg-plist
deleted file mode 100644
index 448b46f5435b..000000000000
--- a/security/ipfw2dshield/pkg-plist
+++ /dev/null
@@ -1,4 +0,0 @@
-bin/ipaddr
-bin/strpdate
-etc/ipfw2dshield.rc.sample
-sbin/ipfw2dshield
diff --git a/security/isakmpd/Makefile b/security/isakmpd/Makefile
deleted file mode 100644
index f40af1983e5e..000000000000
--- a/security/isakmpd/Makefile
+++ /dev/null
@@ -1,52 +0,0 @@
-# Created by: Martti Kuparinen <martti.kuparinen@iki.fi>
-
-PORTNAME=	isakmpd
-PORTVERSION=	20041207
-PORTREVISION=	3
-CATEGORIES=	security net
-MASTER_SITES=	LOCAL/simon
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	OpenBSD IKE daemon
-
-# this is not compatible with cross build - there's no other way
-.if !exists(/usr/include/netipsec/ipsec.h) && !exists(/usr/include/netinet6/ipsec.h)
-BROKEN=		requires IPsec support
-.endif
-
-DEPRECATED=	15+ years old and broken on multiple versions
-EXPIRATION_DATE=2022-03-31
-
-# If keynote is in use, bring the dependency
-.if defined(USE_KEYNOTE)
-BUILD_DEPENDS+=	keynote:security/keynote
-.endif
-
-USES=		uidfix ssl
-USE_RC_SUBR=	isakmpd
-MAKE_ENV+=	BINDIR=${PREFIX}/sbin MANDIR=${PREFIX}/man/man
-
-MAKE_JOBS_UNSAFE=	yes
-.include <bsd.port.pre.mk>
-
-.if ${SSL_DEFAULT} == base
-BROKEN_FreeBSD_12=	variable has incomplete type 'X509_STORE_CTX' (aka 'struct x509_store_ctx_st')
-BROKEN_FreeBSD_13=	variable has incomplete type 'X509_STORE_CTX' (aka 'struct x509_store_ctx_st')
-BROKEN_FreeBSD_14=	variable has incomplete type 'X509_STORE_CTX' (aka 'struct x509_store_ctx_st')
-.endif
-
-OPENSSLINC?=	/usr/include
-OPENSSLLIB?=	/usr/lib
-MAKE_ENV+=	OPENSSLINC="${OPENSSLINC}" OPENSSLLIB="${OPENSSLLIB}"
-
-post-extract:
-	@${MV} ${WRKDIR}/${PORTNAME} ${WRKSRC}
-
-post-patch:
-.for f in conf.h ike_auth.c isakmpd.8 isakmpd.conf.5 isakmpd.policy.5 policy.h
-	${REINPLACE_CMD} -e "s!/etc/!${PREFIX}/etc/!" ${WRKSRC}/${f}
-.endfor
-	@${REINPLACE_CMD} -e "s!netinet6/ipsec.h!netipsec/ipsec.h!" \
-		${WRKSRC}/sysdep/freebsd/sysdep-os.h
-
-.include <bsd.port.post.mk>
diff --git a/security/isakmpd/distinfo b/security/isakmpd/distinfo
deleted file mode 100644
index 8f8bc22d3692..000000000000
--- a/security/isakmpd/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (isakmpd-20041207.tar.gz) = 22c6a8c24b576fc0aae4a962eaf0c105ab5ac916302838da9deb441132bc3af9
-SIZE (isakmpd-20041207.tar.gz) = 374718
diff --git a/security/isakmpd/files/isakmpd.in b/security/isakmpd/files/isakmpd.in
deleted file mode 100644
index d8478863b55c..000000000000
--- a/security/isakmpd/files/isakmpd.in
+++ /dev/null
@@ -1,19 +0,0 @@
-#!/bin/sh
-
-# PROVIDE: ike isakmpd
-# REQUIRE: root mountcritlocal
-# BEFORE:  DAEMON
-# KEYWORD: nojail
-
-. /etc/rc.subr
-
-name="isakmpd"
-rcvar=isakmpd_enable
-command="%%PREFIX%%/sbin/${name}"
-extra_commands="reload"
-
-load_rc_config $name
-
-: ${isakmpd_enable="NO"}
-
-run_rc_command "$1"
diff --git a/security/isakmpd/files/patch-Makefile b/security/isakmpd/files/patch-Makefile
deleted file mode 100644
index 2e4d67d8473c..000000000000
--- a/security/isakmpd/files/patch-Makefile
+++ /dev/null
@@ -1,33 +0,0 @@
---- Makefile.orig	Tue Dec  7 21:06:56 2004
-+++ Makefile	Mon Dec 13 12:06:21 2004
-@@ -38,9 +38,9 @@
- 
- # openbsd means OpenBSD 2.5 or newer. freeswan is the name for Linux with
- # FreeS/WAN integrated, freebsd/netbsd means FreeBSD/NetBSD with KAME IPsec.
--OS=		openbsd
-+#OS=		openbsd
- #OS=		netbsd
--#OS=		freebsd
-+OS=		freebsd
- #OS=		freeswan
- #OS=		bsdi
- 
-@@ -133,9 +133,9 @@
- 
- .ifdef USE_KEYNOTE
- USE_LIBCRYPTO=	yes
--USE_LIBDES=	yes
- LDADD+=		-lkeynote -lm
- DPADD+=		${LIBKEYNOTE} ${LIBM}
-+POLICY=         policy.c
- CFLAGS+=	-DUSE_KEYNOTE
- .endif
- 
-@@ -181,7 +181,6 @@
- ${PROG} beforedepend: ${GENERATED}
- 
- .include <bsd.prog.mk>
--.include <bsd.subdir.mk>
- 
- debug:
- 	(cd ${.CURDIR}; ${MAKE} DEBUG="-g -Werror")
diff --git a/security/isakmpd/files/patch-Makefile.sysdep b/security/isakmpd/files/patch-Makefile.sysdep
deleted file mode 100644
index cae8990e6f77..000000000000
--- a/security/isakmpd/files/patch-Makefile.sysdep
+++ /dev/null
@@ -1,28 +0,0 @@
---- sysdep/freebsd/Makefile.sysdep.orig	Sat Jun 26 00:40:57 2004
-+++ sysdep/freebsd/Makefile.sysdep	Sat Sep 29 16:36:41 2007
-@@ -40,12 +40,11 @@
- LIBSYSDEPDIR=	${.CURDIR}/sysdep/common/libsysdep
- .endif
- 
--LDADD+=		-lgmp ${LIBSYSDEPDIR}/libsysdep.a -lipsec -L/usr/local/lib
-+LDADD+=		${LIBSYSDEPDIR}/libsysdep.a -lipsec -L${OPENSSLLIB}
- DPADD+=		${LIBGMP} ${LIBSYSDEPDIR}/libsysdep.a
- 
--CFLAGS+=	-DHAVE_GETIFADDRS \
--		-I${.CURDIR}/sysdep/common -I/usr/include \
--		-I/usr/local/include -I/usr/local/include/openssl
-+CFLAGS+=	-DHAVE_GETIFADDRS -DHAVE_PCAP \
-+		-I${.CURDIR}/sysdep/common -I${OPENSSLINC} -I${OPENSSLINC}/openssl
- 
- IPSEC_SRCS=	pf_key_v2.c
- IPSEC_CFLAGS=	-DUSE_PF_KEY_V2
-@@ -58,9 +57,6 @@
- GENERATED+=	sysdep-target
- sysdep-target:
- 		cd ${.CURDIR}/sysdep/common/libsysdep; ${MAKE} ${.MAKEFLAGS}
--
--# Kludge around much strange behaviour in /usr/share/mk/bsd.*/mk, don't build certpatch
--SUBDIR=		
- 
- .if make(clean)
- SUBDIR+=	sysdep/common/libsysdep
diff --git a/security/isakmpd/files/patch-crypto.c b/security/isakmpd/files/patch-crypto.c
deleted file mode 100644
index 2a10b2b31c08..000000000000
--- a/security/isakmpd/files/patch-crypto.c
+++ /dev/null
@@ -1,82 +0,0 @@
---- crypto.c.orig	2004-06-14 11:55:41.000000000 +0200
-+++ crypto.c	2015-02-28 13:23:13.232107608 +0100
-@@ -100,7 +100,7 @@
- 
- /* Hmm, the function prototypes for des are really dumb */
- #ifdef __OpenBSD__
--#define DC	(des_cblock *)
-+#define DC	(DES_cblock *)
- #else
- #define DC	(void *)
- #endif
-@@ -109,8 +109,8 @@
- des1_init(struct keystate *ks, u_int8_t *key, u_int16_t len)
- {
- 	/* des_set_key returns -1 for parity problems, and -2 for weak keys */
--	des_set_odd_parity(DC key);
--	switch (des_set_key(DC key, ks->ks_des[0])) {
-+	DES_set_odd_parity(DC key);
-+	switch (DES_set_key(DC key, &ks->ks_des[0])) {
- 	case -2:
- 		return EWEAKKEY;
- 	default:
-@@ -121,14 +121,14 @@
- void
- des1_encrypt(struct keystate *ks, u_int8_t *d, u_int16_t len)
- {
--	des_cbc_encrypt(DC d, DC d, len, ks->ks_des[0], DC ks->riv,
-+	DES_cbc_encrypt(DC d, DC d, len, &ks->ks_des[0], DC ks->riv,
- 	    DES_ENCRYPT);
- }
- 
- void
- des1_decrypt(struct keystate *ks, u_int8_t *d, u_int16_t len)
- {
--	des_cbc_encrypt(DC d, DC d, len, ks->ks_des[0], DC ks->riv,
-+	DES_cbc_encrypt(DC d, DC d, len, &ks->ks_des[0], DC ks->riv,
- 	    DES_DECRYPT);
- }
- 
-@@ -136,14 +136,14 @@
- enum cryptoerr
- des3_init(struct keystate *ks, u_int8_t *key, u_int16_t len)
- {
--	des_set_odd_parity(DC key);
--	des_set_odd_parity(DC(key + 8));
--	des_set_odd_parity(DC(key + 16));
-+	DES_set_odd_parity(DC key);
-+	DES_set_odd_parity(DC(key + 8));
-+	DES_set_odd_parity(DC(key + 16));
- 
- 	/* As of the draft Tripe-DES does not check for weak keys */
--	des_set_key(DC key, ks->ks_des[0]);
--	des_set_key(DC(key + 8), ks->ks_des[1]);
--	des_set_key(DC(key + 16), ks->ks_des[2]);
-+	DES_set_key(DC key, &ks->ks_des[0]);
-+	DES_set_key(DC(key + 8), &ks->ks_des[1]);
-+	DES_set_key(DC(key + 16), &ks->ks_des[2]);
- 
- 	return EOKAY;
- }
-@@ -154,8 +154,8 @@
- 	u_int8_t        iv[MAXBLK];
- 
- 	memcpy(iv, ks->riv, ks->xf->blocksize);
--	des_ede3_cbc_encrypt(DC data, DC data, len, ks->ks_des[0],
--	    ks->ks_des[1], ks->ks_des[2], DC iv, DES_ENCRYPT);
-+	DES_ede3_cbc_encrypt(DC data, DC data, len, &ks->ks_des[0],
-+	    &ks->ks_des[1], &ks->ks_des[2], DC iv, DES_ENCRYPT);
- }
- 
- void
-@@ -164,8 +164,8 @@
- 	u_int8_t        iv[MAXBLK];
- 
- 	memcpy(iv, ks->riv, ks->xf->blocksize);
--	des_ede3_cbc_encrypt(DC data, DC data, len, ks->ks_des[0],
--	    ks->ks_des[1], ks->ks_des[2], DC iv, DES_DECRYPT);
-+	DES_ede3_cbc_encrypt(DC data, DC data, len, &ks->ks_des[0],
-+	    &ks->ks_des[1], &ks->ks_des[2], DC iv, DES_DECRYPT);
- }
- #undef DC
- #endif				/* USE_TRIPLEDES */
diff --git a/security/isakmpd/files/patch-crypto.h b/security/isakmpd/files/patch-crypto.h
deleted file mode 100644
index c0f26b65b1f3..000000000000
--- a/security/isakmpd/files/patch-crypto.h
+++ /dev/null
@@ -1,11 +0,0 @@
---- crypto.h.orig	2004-05-14 10:42:56.000000000 +0200
-+++ crypto.h	2015-02-28 13:01:05.491296206 +0100
-@@ -108,7 +108,7 @@
- 	u_int8_t        iv2[MAXBLK];
- 	u_int8_t       *riv, *liv;
- 	union {
--		des_key_schedule desks[3];
-+		DES_key_schedule desks[3];
- #ifdef USE_BLOWFISH
- 		blf_ctx         blfks;
- #endif
diff --git a/security/isakmpd/files/patch-ike_quick_mode.c b/security/isakmpd/files/patch-ike_quick_mode.c
deleted file mode 100644
index e57047df5f01..000000000000
--- a/security/isakmpd/files/patch-ike_quick_mode.c
+++ /dev/null
@@ -1,16 +0,0 @@
---- ike_quick_mode.c	2004/08/14 13:29:50	1.86
-+++ ike_quick_mode.c	2004/09/17 13:53:08	1.87
-@@ -1739,8 +1739,11 @@
- 			    "strdup (\"%s\") failed", name);
- 			goto cleanup;
- 		}
--	} else if (ignore_policy || strncmp("yes", conf_get_str("General",
--	    "Use-Keynote"), 3)) {
-+	} else if (
-+#ifdef USE_POLICY
-+	    ignore_policy ||
-+#endif
-+	    strncmp("yes", conf_get_str("General", "Use-Keynote"), 3)) {
- 		log_print("responder_recv_HASH_SA_NONCE: peer proposed "
- 		    "invalid phase 2 IDs: %s",
- 		        (exchange->doi->decode_ids("initiator id %s, responder"
diff --git a/security/isakmpd/files/patch-isakmpd.c b/security/isakmpd/files/patch-isakmpd.c
deleted file mode 100644
index 55efea2cfd6b..000000000000
--- a/security/isakmpd/files/patch-isakmpd.c
+++ /dev/null
@@ -1,11 +0,0 @@
---- isakmpd.c	25 Jun 2004 20:25:34 -0000	1.67
-+++ isakmpd.c	7 Dec 2004 19:41:01 -0000
-@@ -386,7 +386,7 @@
- 		if (fcntl(n, F_GETFL, 0) == -1 && errno == EBADF)
- 			(void) open("/dev/null", n ? O_WRONLY : O_RDONLY, 0);
- 
--	for (n = 1; n < _NSIG; n++)
-+	for (n = 1; n < NSIG; n++)
- 		signal(n, SIG_DFL);
- 
- 	/* Log cmd line parsing and initialization errors to stderr.  */
diff --git a/security/isakmpd/files/patch-pf_key_v2.c b/security/isakmpd/files/patch-pf_key_v2.c
deleted file mode 100644
index 605175707e31..000000000000
--- a/security/isakmpd/files/patch-pf_key_v2.c
+++ /dev/null
@@ -1,34 +0,0 @@
---- pf_key_v2.c.orig	2004-12-08 04:07:00.000000000 +0800
-+++ pf_key_v2.c	2008-04-13 21:00:05.000000000 +0800
-@@ -2204,13 +2204,13 @@
- 		goto cleanup;
- 	addr->sadb_address_exttype = SADB_EXT_ADDRESS_SRC;
- 	addr->sadb_address_len = len / PF_KEY_V2_CHUNK;
--#ifdef LINUX_IPSEC
-+#if defined(LINUX_IPSEC) || defined (__FreeBSD__) 
- 	addr->sadb_address_proto = tproto;
- #else
- 	addr->sadb_address_proto = IPSEC_ULPROTO_ANY;
- #endif
- 	addr->sadb_address_reserved = 0;
--#ifdef LINUX_IPSEC
-+#if defined(LINUX_IPSEC) || defined (__FreeBSD__) 
- 	pf_key_v2_setup_sockaddr(addr + 1, laddr, 0, sport, 0);
- #else
- 	pf_key_v2_setup_sockaddr(addr + 1, laddr, 0, IPSEC_PORT_ANY, 0);
-@@ -2238,13 +2238,13 @@
- 		goto cleanup;
- 	addr->sadb_address_exttype = SADB_EXT_ADDRESS_DST;
- 	addr->sadb_address_len = len / PF_KEY_V2_CHUNK;
--#ifdef LINUX_IPSEC
-+#if defined(LINUX_IPSEC) || defined (__FreeBSD__) 
- 	addr->sadb_address_proto = tproto;
- #else
- 	addr->sadb_address_proto = IPSEC_ULPROTO_ANY;
- #endif
- 	addr->sadb_address_reserved = 0;
--#ifdef LINUX_IPSEC
-+#if defined(LINUX_IPSEC) || defined (__FreeBSD__) 
- 	pf_key_v2_setup_sockaddr(addr + 1, raddr, 0, dport, 0);
- #else
- 	pf_key_v2_setup_sockaddr(addr + 1, raddr, 0, IPSEC_PORT_ANY, 0);
diff --git a/security/isakmpd/files/patch-sa.c b/security/isakmpd/files/patch-sa.c
deleted file mode 100644
index 06105110b0ab..000000000000
--- a/security/isakmpd/files/patch-sa.c
+++ /dev/null
@@ -1,31 +0,0 @@
---- sa.c.orig	Tue Aug 10 17:59:10 2004
-+++ sa.c	Sun Dec 12 02:40:45 2004
-@@ -427,8 +427,8 @@
- 	    decode_32(sa->cookies + 8), decode_32(sa->cookies + 12)));
- 	LOG_DBG((cls, level, "%s: msgid %08x refcnt %d", header,
- 	    decode_32(sa->message_id), sa->refcnt));
--	LOG_DBG((cls, level, "%s: life secs %llu kb %llu", header, sa->seconds,
--	    sa->kilobytes));
-+	LOG_DBG((cls, level, "%s: life secs %llu kb %llu", header, (long long unsigned) sa->seconds,
-+	    (long long unsigned) sa->kilobytes));
- 	for (proto = TAILQ_FIRST(&sa->protos); proto;
- 	    proto = TAILQ_NEXT(proto, link)) {
- 		LOG_DBG((cls, level, "%s: suite %d proto %d", header,
-@@ -1217,7 +1217,7 @@
- 		seconds = sa->seconds * (850 + sysdep_random() % 100) / 1000;
- 		LOG_DBG((LOG_TIMER, 95,
- 		    "sa_setup_expirations: SA %p soft timeout in %llu seconds",
--		    sa, seconds));
-+		    sa, (long long unsigned) seconds));
- 		expiration.tv_sec += seconds;
- 		sa->soft_death = timer_add_event("sa_soft_expire",
- 		    sa_soft_expire, sa, &expiration);
-@@ -1232,7 +1232,7 @@
- 		gettimeofday(&expiration, 0);
- 		LOG_DBG((LOG_TIMER, 95,
- 		    "sa_setup_expirations: SA %p hard timeout in %llu seconds",
--		    sa, sa->seconds));
-+		    sa, (long long unsigned) sa->seconds));
- 		expiration.tv_sec += sa->seconds;
- 		sa->death = timer_add_event("sa_hard_expire", sa_hard_expire,
- 		    sa, &expiration);
diff --git a/security/isakmpd/files/patch-samples__Makefile b/security/isakmpd/files/patch-samples__Makefile
deleted file mode 100644
index 516941d79013..000000000000
--- a/security/isakmpd/files/patch-samples__Makefile
+++ /dev/null
@@ -1,11 +0,0 @@
---- samples/Makefile.orig	Tue May  2 16:33:55 2000
-+++ samples/Makefile	Wed Jan  9 22:08:47 2002
-@@ -31,7 +31,7 @@
- #
- 
- FILES=		VPN-* policy singlehost-*
--TARGETDIR=	/usr/share/ipsec/isakmpd
-+TARGETDIR=	${PREFIX}/share/examples/isakmpd
- 
- # The mkdir below is for installation on OpenBSD pre 2.7
- install:
diff --git a/security/isakmpd/files/patch-sysdep-common-libsysdep-sha1.c b/security/isakmpd/files/patch-sysdep-common-libsysdep-sha1.c
deleted file mode 100644
index 17ce0e83989d..000000000000
--- a/security/isakmpd/files/patch-sysdep-common-libsysdep-sha1.c
+++ /dev/null
@@ -1,67 +0,0 @@
-diff -rpu8 sysdep/common/libsysdep/sha1.c sysdep-FIXED/common/libsysdep/sha1.c
---- sysdep/common/libsysdep/sha1.c	Sun Jan 28 23:38:48 2001
-+++ sysdep-FIXED/common/libsysdep/sha1.c	Sat Mar 25 02:48:19 2006
-@@ -46,22 +46,22 @@ A million repetitions of "a"
- #define R1(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk(i)+0x5A827999+rol(v,5);w=rol(w,30);
- #define R2(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0x6ED9EBA1+rol(v,5);w=rol(w,30);
- #define R3(v,w,x,y,z,i) z+=(((w|x)&y)|(w&x))+blk(i)+0x8F1BBCDC+rol(v,5);w=rol(w,30);
- #define R4(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0xCA62C1D6+rol(v,5);w=rol(w,30);
- 
- 
- /* Hash a single 512-bit block. This is the core of the algorithm. */
- 
--void SHA1Transform(unsigned long state[5], unsigned char buffer[64])
-+void SHA1Transform(UINT4 state[5], unsigned char buffer[64])
- {
--unsigned long a, b, c, d, e;
-+UINT4 a, b, c, d, e;
- typedef union {
-     unsigned char c[64];
--    unsigned long l[16];
-+    UINT4 l[16];
- } CHAR64LONG16;
- CHAR64LONG16* block;
- #ifdef SHA1HANDSOFF
- static CHAR64LONG16 workspace;
-     block = &workspace;
-     memcpy(block, buffer, 64);
- #else
-     block = (CHAR64LONG16*)buffer;
-@@ -118,17 +118,17 @@ void SHA1Init(SHA1_CTX* context)
- }
- 
- 
- /* Run your data through this. */
- 
- void SHA1Update(SHA1_CTX* context, unsigned char* data, unsigned int len)
- {
- unsigned int i;
--unsigned long j;
-+UINT4 j;
- 
-     j = context->count[0];
-     if ((context->count[0] += len << 3) < j) context->count[1] += (len>>29)+1;
-     j = (j >> 3) & 63;
-     if ((j + len) > 63) {
-         memcpy(&context->buffer[j], data, (i = 64-j));
-         SHA1Transform(context->state, context->buffer);
-         for ( ; i + 63 < len; i += 64) {
-@@ -140,17 +140,17 @@ unsigned long j;
-     memcpy(&context->buffer[j], &data[i], len - i);
- }
- 
- 
- /* Add padding and return the message digest. */
- 
- void SHA1Final(unsigned char digest[20], SHA1_CTX* context)
- {
--unsigned long i, j;
-+UINT4 i, j;
- unsigned char finalcount[8];
- 
-     for (i = 0; i < 8; i++) {
-         finalcount[i] = (unsigned char)((context->count[(i >= 4 ? 0 : 1)]
-          >> ((3-(i & 3)) * 8) ) & 255);  /* Endian independent */
-     }
-     SHA1Update(context, (unsigned char *)"\200", 1);
-     while ((context->count[0] & 504) != 448) {
diff --git a/security/isakmpd/files/patch-sysdep-common-md5.h b/security/isakmpd/files/patch-sysdep-common-md5.h
deleted file mode 100644
index a0879723f012..000000000000
--- a/security/isakmpd/files/patch-sysdep-common-md5.h
+++ /dev/null
@@ -1,32 +0,0 @@
-diff -rpu8 sysdep/common/md5.h sysdep-FIXED/common/md5.h
---- sysdep/common/md5.h	Sun Jan 28 23:38:47 2001
-+++ sysdep-FIXED/common/md5.h	Sat Mar 25 02:47:19 2006
-@@ -7,24 +7,26 @@
-      function argument prototyping.
-    The following makes PROTOTYPES default to 0 if it has not already
-      been defined with C compiler flags.
-  */
- #ifndef PROTOTYPES
- #define PROTOTYPES 1
- #endif
- 
-+#include <sys/types.h>
-+
- /* POINTER defines a generic pointer type */
- typedef unsigned char *POINTER;
- 
- /* UINT2 defines a two byte word */
--typedef unsigned short int UINT2;
-+typedef u_int16_t UINT2;
- 
- /* UINT4 defines a four byte word */
--typedef unsigned long int UINT4;
-+typedef u_int32_t UINT4;
- 
- /* PROTO_LIST is defined depending on how PROTOTYPES is defined above.
-    If using PROTOTYPES, then PROTO_LIST returns the list, otherwise it
-      returns an empty list.
-  */
- 
- #if PROTOTYPES
- #define PROTO_LIST(list) list
diff --git a/security/isakmpd/files/patch-sysdep-common-sha1.h b/security/isakmpd/files/patch-sysdep-common-sha1.h
deleted file mode 100644
index a32edba5d495..000000000000
--- a/security/isakmpd/files/patch-sysdep-common-sha1.h
+++ /dev/null
@@ -1,26 +0,0 @@
---- sysdep/common/sha1.h.orig	Sun Jan 28 19:38:47 2001
-+++ sysdep/common/sha1.h	Sat Sep 29 16:27:50 2007
-@@ -6,13 +6,20 @@
- 100% Public Domain
- */
- 
-+#include <sys/types.h>
-+
-+/* Check if already defined by md5.h */
-+#ifndef PROTOTYPES
-+typedef u_int32_t UINT4;
-+#endif
-+
- typedef struct {
--    unsigned long state[5];
--    unsigned long count[2];
-+    UINT4 state[5];
-+    UINT4 count[2];
-     unsigned char buffer[64];
- } SHA1_CTX;
- 
--void SHA1Transform(unsigned long state[5], unsigned char buffer[64]);
-+void SHA1Transform(UINT4 state[5], unsigned char buffer[64]);
- void SHA1Init(SHA1_CTX* context);
- void SHA1Update(SHA1_CTX* context, unsigned char* data, unsigned int len);
- void SHA1Final(unsigned char digest[20], SHA1_CTX* context);
diff --git a/security/isakmpd/files/patch-sysdep-os.h b/security/isakmpd/files/patch-sysdep-os.h
deleted file mode 100644
index 5643589a3167..000000000000
--- a/security/isakmpd/files/patch-sysdep-os.h
+++ /dev/null
@@ -1,25 +0,0 @@
---- sysdep/freebsd/sysdep-os.h~	Fri Jan 25 14:55:21 2002
-+++ sysdep/freebsd/sysdep-os.h	Tue Nov 26 14:40:03 2002
-@@ -56,7 +56,7 @@
- /* FreeBSD 4.2 */
- #define SADB_X_EALG_BLF			SADB_EALG_BLOWFISHCBC
- #define SADB_X_EALG_CAST		SADB_EALG_CAST128CBC
--#else if ( SADB_EALG_MAX == 12 )
-+#elif ( SADB_EALG_MAX == 12 )
- /* FreeBSD 4.4 */
- #define SADB_X_EALG_BLF			SADB_X_EALG_BLOWFISHCBC
- #define SADB_X_EALG_CAST		SADB_X_EALG_CAST128CBC
-@@ -79,6 +79,13 @@
-   memcpy ((o), (i), BLOCKSIZE); \
-   CAST_decrypt ((CAST_LONG *)(o), (k)); \
- }
-+#endif
-+
-+#ifndef CPI_RESERVED_MAX
-+#define CPI_RESERVED_MIN	1
-+#define CPI_RESERVED_MAX	255
-+#define CPI_PRIVATE_MIN		61440
-+#define CPI_PRIVATE_MAX		65536
- #endif
- 
- #endif /* _SYSDEP_OS_H_ */
diff --git a/security/isakmpd/files/patch-x509.c b/security/isakmpd/files/patch-x509.c
deleted file mode 100644
index 8e1837d394b2..000000000000
--- a/security/isakmpd/files/patch-x509.c
+++ /dev/null
@@ -1,17 +0,0 @@
---- x509.c.orig	2004-08-11 03:21:01.000000000 +0800
-+++ x509.c	2008-04-13 21:00:05.000000000 +0800
-@@ -910,7 +910,13 @@
- 	X509_STORE_CTX_init(&csc, x509_cas, cert, NULL);
- #if OPENSSL_VERSION_NUMBER >= 0x00907000L
- 	/* XXX See comment in x509_read_crls_from_dir.  */
--	if (x509_cas->flags & X509_V_FLAG_CRL_CHECK) {
-+	if (
-+#if OPENSSL_VERSION_NUMBER >= 0x00908020L
-+	    x509_cas->param->flags
-+#else
-+	    x509_cas->flags
-+#endif
-+	                    & X509_V_FLAG_CRL_CHECK) {
- 		X509_STORE_CTX_set_flags(&csc, X509_V_FLAG_CRL_CHECK);
- 		X509_STORE_CTX_set_flags(&csc, X509_V_FLAG_CRL_CHECK_ALL);
- 	}
diff --git a/security/isakmpd/pkg-descr b/security/isakmpd/pkg-descr
deleted file mode 100644
index b99f05a5c210..000000000000
--- a/security/isakmpd/pkg-descr
+++ /dev/null
@@ -1,5 +0,0 @@
-This is isakmpd, a BSD-licensed ISAKMP/Oakley (a.k.a. IKE)
-implementation.  It's written by Niklas Hallqvist and Niels Provos,
-funded by Ericsson Radio Systems AB.
-
-WWW: http://www.openbsd.org/
diff --git a/security/isakmpd/pkg-plist b/security/isakmpd/pkg-plist
deleted file mode 100644
index 29cde1d21a8c..000000000000
--- a/security/isakmpd/pkg-plist
+++ /dev/null
@@ -1,15 +0,0 @@
-sbin/certpatch
-sbin/isakmpd
-share/examples/isakmpd/VPN-3way-template.conf
-share/examples/isakmpd/VPN-east.conf
-share/examples/isakmpd/VPN-west.conf
-share/examples/isakmpd/policy
-share/examples/isakmpd/singlehost-east.conf
-share/examples/isakmpd/singlehost-east.gdb
-share/examples/isakmpd/singlehost-setup.sh
-share/examples/isakmpd/singlehost-west.conf
-share/examples/isakmpd/singlehost-west.gdb
-man/man5/isakmpd.conf.5.gz
-man/man5/isakmpd.policy.5.gz
-man/man8/certpatch.8.gz
-man/man8/isakmpd.8.gz
diff --git a/security/jbrofuzz/Makefile b/security/jbrofuzz/Makefile
deleted file mode 100644
index 0dd7275b3a9e..000000000000
--- a/security/jbrofuzz/Makefile
+++ /dev/null
@@ -1,42 +0,0 @@
-# Created by: Niels Heinen
-
-PORTNAME=	jbrofuzz
-PORTVERSION=	2.1
-CATEGORIES=	security www java
-MASTER_SITES=	SF/${PORTNAME}/${PORTNAME}/${PORTNAME}-${PORTVERSION}/
-DISTNAME=	${PORTNAME}-jar-21
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Web application fuzzer
-
-DEPRECATED=	Abandonware, no word of it on upstream web site and last release was 10 years ago
-EXPIRATION_DATE=2022-03-31
-
-USES=		zip
-USE_JAVA=	yes
-NO_BUILD=	yes
-NO_ARCH=	yes
-WRKSRC=		${WRKDIR}/${PORTNAME}
-
-SUB_FILES=	${PORTNAME}.sh
-SUB_LIST=	JAVA_CMD=${JAVA} JBROFUZZ=${PORTNAME}
-
-PORTDOCS=	*
-
-OPTIONS_DEFINE=	DOCS EXAMPLES
-
-do-install:
-	@${MKDIR} ${STAGEDIR}${JAVASHAREDIR}/${PORTNAME}
-	${INSTALL_DATA} ${WRKSRC}/JBroFuzz.jar ${STAGEDIR}${JAVASHAREDIR}/${PORTNAME}/${PORTNAME}.jar
-	${INSTALL_SCRIPT} ${WRKDIR}/${PORTNAME}.sh ${STAGEDIR}${PREFIX}/bin/${PORTNAME}
-	( cd ${WRKSRC}/fuzzers/ && ${COPYTREE_SHARE} . ${STAGEDIR}${DATADIR}/fuzzers/ )
-
-do-install-EXAMPLES-on:
-	@${MKDIR} ${STAGEDIR}${EXAMPLESDIR}
-	( cd ${WRKSRC}/examples/ && ${COPYTREE_SHARE} . ${STAGEDIR}${EXAMPLESDIR} )
-
-do-install-DOCS-on:
-	@${MKDIR} ${STAGEDIR}${DOCSDIR}
-	${INSTALL_DATA} ${WRKSRC}/README ${STAGEDIR}${DOCSDIR}
-
-.include <bsd.port.mk>
diff --git a/security/jbrofuzz/distinfo b/security/jbrofuzz/distinfo
deleted file mode 100644
index 297af8f23da7..000000000000
--- a/security/jbrofuzz/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (jbrofuzz-jar-21.zip) = 802262d355c87033df6c21ca751c15a129b447bce3ab922b9d668d84f2d81366
-SIZE (jbrofuzz-jar-21.zip) = 3790481
diff --git a/security/jbrofuzz/files/jbrofuzz.sh.in b/security/jbrofuzz/files/jbrofuzz.sh.in
deleted file mode 100644
index fb70010f0e6f..000000000000
--- a/security/jbrofuzz/files/jbrofuzz.sh.in
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/bin/sh
-
-exec %%JAVA_CMD%% -jar -Xmx256m %%JAVASHAREDIR%%/%%JBROFUZZ%%/%%JBROFUZZ%%.jar "$@"
diff --git a/security/jbrofuzz/pkg-descr b/security/jbrofuzz/pkg-descr
deleted file mode 100644
index e05777ca2298..000000000000
--- a/security/jbrofuzz/pkg-descr
+++ /dev/null
@@ -1,5 +0,0 @@
-JBroFuzz is a web application fuzzer for requests being made over
-HTTP or HTTPS. Its purpose is to provide a single, portable application
-that offers stable web protocol fuzzing capabilities.
-
-WWW: http://www.owasp.org/index.php/Category:OWASP_JBroFuzz
diff --git a/security/jbrofuzz/pkg-plist b/security/jbrofuzz/pkg-plist
deleted file mode 100644
index bb1e499784d7..000000000000
--- a/security/jbrofuzz/pkg-plist
+++ /dev/null
@@ -1,11 +0,0 @@
-bin/jbrofuzz
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/example-01-http-version.jbrofuzz
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/example-02-http-methods.jbrofuzz
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/example-03-charset-buffer-overflow.jbrofuzz
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/example-04-mobile-symbian.jbrofuzz
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/example-05-chrome-version-fuzz.jbrofuzz
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/example-06-user-agents-google.jbrofuzz
-share/java/jbrofuzz/jbrofuzz.jar
-%%DATADIR%%/fuzzers/fuzzers-file-extensions.jbrf
-%%DATADIR%%/fuzzers/fuzzers.jbrf
-%%DATADIR%%/fuzzers/headers.jbrf
diff --git a/security/kripp/Makefile b/security/kripp/Makefile
deleted file mode 100644
index 558994a2adbb..000000000000
--- a/security/kripp/Makefile
+++ /dev/null
@@ -1,27 +0,0 @@
-# Created by: Jim Geovedi <jim@corebsd.or.id>
-
-PORTNAME=	kripp
-PORTVERSION=	0.6.1
-CATEGORIES=	security
-MASTER_SITES=	PACKETSTORM/sniffers \
-		http://konst.org.ua/download/
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Lightweight network password sniffer
-
-DEPRECATED=	Abandonware, upstream returns 404 and last release was back in 2007
-EXPIRATION_DATE=2022-03-31
-
-USES=		perl5 shebangfix
-USE_PERL5=	run
-
-NO_BUILD=	yes
-
-PLIST_FILES=	bin/kripp man/man1/kripp.1.gz
-SHEBANG_FILES=	kripp
-
-do-install:
-	${INSTALL_SCRIPT} ${WRKSRC}/kripp ${STAGEDIR}${PREFIX}/bin
-	${INSTALL_MAN} ${WRKSRC}/kripp.1 ${STAGEDIR}${MANPREFIX}/man/man1
-
-.include <bsd.port.mk>
diff --git a/security/kripp/distinfo b/security/kripp/distinfo
deleted file mode 100644
index 81127159a223..000000000000
--- a/security/kripp/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (kripp-0.6.1.tar.gz) = d9109f90c943f3dad9cc4dd96265f52164a54bcf21fa430a94d5e2f3db63ad40
-SIZE (kripp-0.6.1.tar.gz) = 11179
diff --git a/security/kripp/pkg-descr b/security/kripp/pkg-descr
deleted file mode 100644
index 4a690ef9de9b..000000000000
--- a/security/kripp/pkg-descr
+++ /dev/null
@@ -1,6 +0,0 @@
-KRIPP is a very simple and extremely lightweight network passwords
-sniffer written in Perl, which uses only the tcpdump utility as an
-underlying traffic interceptor. Supported  protocols are ICQ, POP3,
-FTP and HTTP.
-
-WWW: http://konst.org.ua/kripp
diff --git a/security/l0phtcrack/Makefile b/security/l0phtcrack/Makefile
deleted file mode 100644
index c993ff539768..000000000000
--- a/security/l0phtcrack/Makefile
+++ /dev/null
@@ -1,47 +0,0 @@
-# Created by: trevor
-
-PORTNAME=	l0phtcrack
-PORTVERSION=	1.5
-CATEGORIES=	security
-MASTER_SITES=	http://www.mavetju.org/download/adopted/ \
-		http://mirror.amdmi3.ru/distfiles/${DIST_SUBDIR}/
-#		http://www.cotse.com/sw/WinNT/
-DISTNAME=	lcsrc
-DIST_SUBDIR=	${PORTNAME}
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Cracks SAMBA or Windows NT passwords
-
-DEPRECATED=	Obsolete, Microsoft LANMAN and NT password hashes are deprecated
-EXPIRATION_DATE=2022-03-31
-
-# Converted from RESTRICTED
-LICENSE=	l0phtcrack
-LICENSE_NAME=	l0phtcrack
-LICENSE_TEXT=	uses GNU getopt with BSDish-licensed code from OpenSSL
-LICENSE_PERMS=	auto-accept
-
-USES=		dos2unix perl5 zip
-USE_PERL5=	build
-NO_WRKSUBDIR=	yes
-
-PLIST_FILES=	bin/lc_CLI
-PORTDOCS=	*
-
-OPTIONS_DEFINE=	DOCS
-
-post-extract:
-	@${RM} ${WRKSRC}/*exe
-	@${REINPLACE_CMD} -e 's|ommited|omitted|' ${WRKSRC}/util.c
-
-do-build:
-	cd ${WRKSRC} && ${CC} ${CFLAGS} -DMPU8086 *.c -o lc_CLI
-
-do-install:
-	${INSTALL_PROGRAM} ${WRKSRC}/lc_CLI ${STAGEDIR}${PREFIX}/bin
-
-do-install-DOCS-on:
-	@${MKDIR} ${STAGEDIR}${DOCSDIR}
-	${INSTALL_DATA} ${WRKSRC}/*.txt ${STAGEDIR}${DOCSDIR}
-
-.include <bsd.port.mk>
diff --git a/security/l0phtcrack/distinfo b/security/l0phtcrack/distinfo
deleted file mode 100644
index 12b6c6101478..000000000000
--- a/security/l0phtcrack/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (l0phtcrack/lcsrc.zip) = 14f57340579c3c5f943c2bf94a253bddb4e93176788aa36b777e519b99180a46
-SIZE (l0phtcrack/lcsrc.zip) = 209450
diff --git a/security/l0phtcrack/files/patch-ztest.c b/security/l0phtcrack/files/patch-ztest.c
deleted file mode 100644
index 6bf82a658ef1..000000000000
--- a/security/l0phtcrack/files/patch-ztest.c
+++ /dev/null
@@ -1,11 +0,0 @@
---- ztest.c.orig	2016-03-03 16:20:49 UTC
-+++ ztest.c
-@@ -144,7 +144,7 @@ int issame(char *, char *, int);
- 
- char str_to_crypt[] = "\x4b\x47\x53\x21\x40\x23\x24\x25";
- 
--void main(int argc, char **argv) {
-+int main(int argc, char **argv) {
- 	FILE *pwlist, *wordlist, *outlist;
- 	char dict_word[MAX_WORD];
- 	char *pwfile, *wordfile, *outfile;
diff --git a/security/l0phtcrack/pkg-descr b/security/l0phtcrack/pkg-descr
deleted file mode 100644
index 144b138b1e77..000000000000
--- a/security/l0phtcrack/pkg-descr
+++ /dev/null
@@ -1,11 +0,0 @@
-L0phtCrack 1.5 is a tool for turning Microsoft LANMAN and NT password hashes
-back into the original clear text passwords.  The program does this using
-dictionary cracking and also brute force.  L0phtCrack returns not just the
-LANMAN password but the NT password up to 14 characters in length.
-
-L0phtCrack includes the ability to dictionary attack or brute force the
-network NT server challenge that is used to prevent the OWF (one-way format)
-from going across the wire in its plain-text format.  Sample network sniffed
-challenges are in files sniff.txt and sniff2.txt.  This means you can obtain
-NT passwords without administrator privileges when you have network access
-between the client and the server.
diff --git a/security/l5/Makefile b/security/l5/Makefile
deleted file mode 100644
index ae853516b186..000000000000
--- a/security/l5/Makefile
+++ /dev/null
@@ -1,32 +0,0 @@
-# Created by: andrew@scoop.co.nz
-
-PORTNAME=	l5
-PORTVERSION=	1.2
-CATEGORIES=	security sysutils
-MASTER_SITES=	http://ftp.cerias.purdue.edu/pub/tools/unix/sysutils/l5/
-DISTNAME=	L5
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	File Integrity Assessment Tool
-
-BROKEN_amd64=	incorrect runtime output
-DEPRECATED=	Abandonware, broken on amd64 for 10+ years
-EXPIRATION_DATE=2022-03-31
-
-USES=		tar:tgz
-NO_WRKSUBDIR=	yes
-ALL_TARGET=	freebsd
-
-PLIST_FILES=	bin/l5
-PORTDOCS=	README
-
-OPTIONS_DEFINE=	DOCS
-
-do-install:
-	${INSTALL_PROGRAM} ${WRKSRC}/${PORTNAME} ${STAGEDIR}${PREFIX}/bin
-
-do-install-DOCS-on:
-	@${MKDIR} ${STAGEDIR}${DOCSDIR}
-	${INSTALL_DATA} ${WRKSRC}/README ${STAGEDIR}${DOCSDIR}
-
-.include <bsd.port.mk>
diff --git a/security/l5/distinfo b/security/l5/distinfo
deleted file mode 100644
index a457b6a6254d..000000000000
--- a/security/l5/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (L5.tgz) = 94a860a4742abcce425c4306f97474e1eade240766e69770e8a14e22bbc4cad7
-SIZE (L5.tgz) = 26574
diff --git a/security/l5/files/patch-l5.c b/security/l5/files/patch-l5.c
deleted file mode 100644
index 03968630d2dd..000000000000
--- a/security/l5/files/patch-l5.c
+++ /dev/null
@@ -1,14 +0,0 @@
---- l5.c.orig	1996-01-31 20:43:46 UTC
-+++ l5.c
-@@ -9,11 +9,6 @@
- #include <stdio.h>
- #include <fcntl.h>
- 
--/* architecture dependencies?  XXX: UNTESTED -- someone?  please?? */
--#ifdef __alpha	/* XXX */
--#define long int
--#endif
--
- /* general portability stuff, somewhat sleazed from TW */
- #if (defined(SYSV) && (SYSV < 3))
- #include <limits.h>
diff --git a/security/l5/pkg-descr b/security/l5/pkg-descr
deleted file mode 100644
index 378883f324b3..000000000000
--- a/security/l5/pkg-descr
+++ /dev/null
@@ -1,15 +0,0 @@
-After examining Tripwire and deciding that it was *way* overkill for my
-own purposes...
-
-...L5 simply walks down Unix or DOS filesystems, sort of like "ls -R" or
-"find" would, generating listings of anything it finds there.  It tells
-you everything it can about a file's status, and adds on an MD5 hash of
-it.  Its output is rather "numeric", but it is a very simple format and
-is designed to be post-treated by scripts that call L5...
-
-...Unlike Tripwire itself, this is NOT a complete toolkit -- one is
-expected to use it as a small, reliable part of a larger system...
-
-_H*
-
-Andrew McNaughton <andrew@scoop.co.nz>
diff --git a/security/libprelude/Makefile b/security/libprelude/Makefile
deleted file mode 100644
index c420b67cedef..000000000000
--- a/security/libprelude/Makefile
+++ /dev/null
@@ -1,48 +0,0 @@
-# Created by: Clement Laforet <sheepkiller@cultdeadsheep.org>
-
-PORTNAME=	libprelude
-PORTVERSION=	1.2.6
-CATEGORIES=	security
-MASTER_SITES=	http://www.prelude-siem.org/attachments/download/410/
-
-MAINTAINER=	bofh@FreeBSD.org
-COMMENT=	Sensor support library from Prelude SIEM
-
-LICENSE=	GPLv2+
-LICENSE_FILE=	${WRKSRC}/COPYING
-
-BROKEN_riscv64=		fails to configure: Easybindings require a C++ compiler, but none were found.
-DEPRECATED=	Very outdated, current version in tree was released back in 2015 and upstream is still active
-EXPIRATION_DATE=2022-03-31
-
-LIB_DEPENDS=	libltdl.so:devel/libltdl \
-		libgnutls.so:security/gnutls \
-		libgcrypt.so:security/libgcrypt
-
-OPTIONS_DEFINE=	DOCS PERL
-OPTIONS_SUB=	yes
-
-USES=		charsetfix gettext-runtime gmake iconv libtool pathfix pkgconfig
-USE_LDCONFIG=	yes
-GNU_CONFIGURE=	yes
-CONFIGURE_ARGS=	--without-lua \
-		--without-python3 \
-		--without-swig \
-		--without-valgrind \
-		ac_cv_path_RUBY=
-CPPFLAGS+=	-I${LOCALBASE}/include
-LIBS+=		-L${LOCALBASE}/lib
-INSTALL_TARGET=	install-strip
-
-ETCDIR=		${PREFIX}/etc/prelude
-
-PERL_CONFIGURE_WITH=	perl=${PERL}
-PERL_USES=		perl5
-
-post-install:
-.for f in client.conf global.conf idmef-client.conf tls.conf
-	${MV} ${STAGEDIR}${ETCDIR}/default/${f} \
-		${STAGEDIR}${ETCDIR}/default/${f}.sample
-.endfor
-
-.include <bsd.port.mk>
diff --git a/security/libprelude/distinfo b/security/libprelude/distinfo
deleted file mode 100644
index 3e9bf168cdf9..000000000000
--- a/security/libprelude/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (libprelude-1.2.6.tar.gz) = 37541fc6c0593da09410d74b3801cdc672344bdfd711f689157fd41eac06c9c7
-SIZE (libprelude-1.2.6.tar.gz) = 2926210
diff --git a/security/libprelude/pkg-descr b/security/libprelude/pkg-descr
deleted file mode 100644
index dbaa74427df8..000000000000
--- a/security/libprelude/pkg-descr
+++ /dev/null
@@ -1,13 +0,0 @@
-Prelude is a Universal "Security Information & Event Management" (SIEM)
-system.  Prelude collects, normalizes, sorts, aggregates, correlates and
-reports all security-related events.
-
-As well as being capable of recovering any type of log (system logs, syslog,
-flat files, etc.), Prelude benefits from a native support with a number of
-systems dedicated to enriching information even further (snort, samhain,
-ossec, auditd, etc.).
-
-This library provides functionality for sensors (connection with a manager,
-handling sensor-exported options,...).
-
-WWW: https://www.prelude-siem.org/
diff --git a/security/libprelude/pkg-plist b/security/libprelude/pkg-plist
deleted file mode 100644
index 1aaa008f7880..000000000000
--- a/security/libprelude/pkg-plist
+++ /dev/null
@@ -1,129 +0,0 @@
-bin/libprelude-config
-bin/prelude-adduser
-bin/prelude-admin
-@sample %%ETCDIR%%/default/client.conf.sample
-@sample %%ETCDIR%%/default/global.conf.sample
-@sample %%ETCDIR%%/default/idmef-client.conf.sample
-@sample %%ETCDIR%%/default/tls.conf.sample
-include/libprelude/common.h
-include/libprelude/daemonize.h
-include/libprelude/idmef.h
-include/libprelude/idmef.hxx
-include/libprelude/idmef-additional-data.h
-include/libprelude/idmef-class.h
-include/libprelude/idmef-class.hxx
-include/libprelude/idmef-criteria.h
-include/libprelude/idmef-criteria.hxx
-include/libprelude/idmef-criterion-value.h
-include/libprelude/idmef-data.h
-include/libprelude/idmef-message-helpers.h
-include/libprelude/idmef-message-id.h
-include/libprelude/idmef-message-print.h
-include/libprelude/idmef-message-read.h
-include/libprelude/idmef-message-write.h
-include/libprelude/idmef-object.h
-include/libprelude/idmef-path.h
-include/libprelude/idmef-path.hxx
-include/libprelude/idmef-time.h
-include/libprelude/idmef-time.hxx
-include/libprelude/idmef-tree-data.h
-include/libprelude/idmef-tree-wrap.h
-include/libprelude/idmef-value.h
-include/libprelude/idmef-value.hxx
-include/libprelude/idmef-value-type.h
-include/libprelude/prelude.h
-include/libprelude/prelude.hxx
-include/libprelude/prelude-async.h
-include/libprelude/prelude-client.h
-include/libprelude/prelude-client.hxx
-include/libprelude/prelude-client-easy.hxx
-include/libprelude/prelude-client-profile.h
-include/libprelude/prelude-client-profile.hxx
-include/libprelude/prelude-config.h
-include/libprelude/prelude-connection.h
-include/libprelude/prelude-connection.hxx
-include/libprelude/prelude-connection-pool.h
-include/libprelude/prelude-connection-pool.hxx
-include/libprelude/prelude-error.h
-include/libprelude/prelude-error.hxx
-include/libprelude/prelude-extract.h
-include/libprelude/prelude-failover.h
-include/libprelude/prelude-hash.h
-include/libprelude/prelude-ident.h
-include/libprelude/prelude-inttypes.h
-include/libprelude/prelude-io.h
-include/libprelude/prelude-linked-object.h
-include/libprelude/prelude-list.h
-include/libprelude/prelude-log.h
-include/libprelude/prelude-log.hxx
-include/libprelude/prelude-macros.h
-include/libprelude/prelude-message-id.h
-include/libprelude/prelude-msg.h
-include/libprelude/prelude-msgbuf.h
-include/libprelude/prelude-option-wide.h
-include/libprelude/prelude-option.h
-include/libprelude/prelude-plugin.h
-include/libprelude/prelude-string.h
-include/libprelude/prelude-thread.h
-include/libprelude/prelude-timer.h
-lib/libprelude.so
-lib/libprelude.so.23
-lib/libprelude.so.23.1.0
-lib/libpreludecpp.so
-lib/libpreludecpp.so.8
-lib/libpreludecpp.so.8.0.0
-%%PERL%%%%SITE_ARCH%%/Prelude.pm
-%%PERL%%%%SITE_ARCH%%/auto/Prelude/Prelude.so
-libdata/pkgconfig/libprelude.pc
-man/man1/prelude-admin.1.gz
-share/aclocal/libprelude.m4
-%%PORTDOCS%%share/gtk-doc/html/libprelude/api-index-full.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/ch01.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/deprecated-api-index.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/home.png
-%%PORTDOCS%%share/gtk-doc/html/libprelude/index.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/index.sgml
-%%PORTDOCS%%share/gtk-doc/html/libprelude/left.png
-%%PORTDOCS%%share/gtk-doc/html/libprelude/libprelude-idmef-additional-data.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/libprelude-idmef-criteria.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/libprelude-idmef-criterion-value.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/libprelude-idmef-data.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/libprelude-idmef-message-print.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/libprelude-idmef-message-read.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/libprelude-idmef-message-write.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/libprelude-idmef-path.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/libprelude-idmef-time.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/libprelude-idmef-tree-wrap.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/libprelude-idmef-value.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/libprelude-prelude-async.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/libprelude-prelude-client-profile.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/libprelude-prelude-client.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/libprelude-prelude-connection-pool.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/libprelude-prelude-connection.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/libprelude-prelude-error.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/libprelude-prelude-failover.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/libprelude-prelude-hash.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/libprelude-prelude-ident.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/libprelude-prelude-inttypes.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/libprelude-prelude-io.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/libprelude-prelude-linked-object.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/libprelude-prelude-list.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/libprelude-prelude-log.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/libprelude-prelude-msg.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/libprelude-prelude-msgbuf.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/libprelude-prelude-option-wide.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/libprelude-prelude-option.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/libprelude-prelude-plugin.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/libprelude-prelude-string.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/libprelude-prelude-timer.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/libprelude-prelude.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/libprelude.devhelp
-%%PORTDOCS%%share/gtk-doc/html/libprelude/libprelude.devhelp2
-%%PORTDOCS%%share/gtk-doc/html/libprelude/object-tree.html
-%%PORTDOCS%%share/gtk-doc/html/libprelude/right.png
-%%PORTDOCS%%share/gtk-doc/html/libprelude/style.css
-%%PORTDOCS%%share/gtk-doc/html/libprelude/up.png
-%%DATADIR%%/swig/libpreludecpp.i
-%%PERL%%%%DATADIR%%/swig/perl/libpreludecpp-perl.i
-@dir(,,711) %%ETCDIR%%/profile
-@dir(,,711) /var/spool/prelude
diff --git a/security/libpreludedb/Makefile b/security/libpreludedb/Makefile
deleted file mode 100644
index 49504074b196..000000000000
--- a/security/libpreludedb/Makefile
+++ /dev/null
@@ -1,43 +0,0 @@
-# Created by: Sergei Kolobov <sergei@FreeBSD.org>
-
-PORTNAME=	libpreludedb
-PORTVERSION=	1.2.6
-PORTREVISION=	1
-CATEGORIES=	security
-MASTER_SITES=	http://www.prelude-siem.org/attachments/download/408/
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Library to access Prelude IDMEF database
-
-LICENSE=	GPLv2+
-LICENSE_FILE=	${WRKSRC}/COPYING
-
-DEPRECATED=	Very outdated, current version in tree was released back in 2015 and upstream is still active
-EXPIRATION_DATE=2022-03-31
-
-LIB_DEPENDS=	libprelude.so:security/libprelude
-
-USES=		compiler:c11 gmake libtool
-GNU_CONFIGURE=	yes
-CONFIGURE_ARGS=	--without-swig \
-		--without-python3
-INSTALL_TARGET=	install-strip
-USE_LDCONFIG=	yes
-
-OPTIONS_DEFINE=		DOCS
-OPTIONS_MULTI=		DB
-OPTIONS_MULTI_DB=	MYSQL PGSQL SQLITE
-OPTIONS_DEFAULT=	MYSQL
-OPTIONS_SUB=		yes
-
-MYSQL_DESC=		MySQL plugin
-MYSQL_USES=		mysql
-MYSQL_CONFIGURE_WITH=	mysql
-PGSQL_DESC=		PostgreSQL plugin
-PGSQL_USES=		pgsql
-PGSQL_CONFIGURE_WITH=	postgresql
-SQLITE_DESC=		SQLite3 plugin
-SQLITE_USES=		sqlite
-SQLITE_CONFIGURE_WITH=	sqlite3
-
-.include <bsd.port.mk>
diff --git a/security/libpreludedb/distinfo b/security/libpreludedb/distinfo
deleted file mode 100644
index a0d5a3832e97..000000000000
--- a/security/libpreludedb/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (libpreludedb-1.2.6.tar.gz) = e855358b90811132c5e2e9fecf168eedee3c2bda03cd8eb4ae34a6e31f1540b1
-SIZE (libpreludedb-1.2.6.tar.gz) = 1230637
diff --git a/security/libpreludedb/pkg-descr b/security/libpreludedb/pkg-descr
deleted file mode 100644
index 4aa12dcc7c97..000000000000
--- a/security/libpreludedb/pkg-descr
+++ /dev/null
@@ -1,12 +0,0 @@
-Prelude is a Universal "Security Information & Event Management" (SIEM)
-system.  Prelude collects, normalizes, sorts, aggregates, correlates and
-reports all security-related events.
-
-As well as being capable of recovering any type of log (system logs, syslog,
-flat files, etc.), Prelude benefits from a native support with a number of
-systems dedicated to enriching information even further (snort, samhain,
-ossec, auditd, etc.).
-
-This library provides a framework for easy access to the Prelude database.
-
-WWW: https://www.prelude-siem.org/
diff --git a/security/libpreludedb/pkg-plist b/security/libpreludedb/pkg-plist
deleted file mode 100644
index 44f8d63dae5e..000000000000
--- a/security/libpreludedb/pkg-plist
+++ /dev/null
@@ -1,69 +0,0 @@
-bin/libpreludedb-config
-bin/preludedb-admin
-include/libpreludedb/preludedb.h
-include/libpreludedb/preludedb.hxx
-include/libpreludedb/preludedb-error.h
-include/libpreludedb/preludedb-error.hxx
-include/libpreludedb/preludedb-path-selection.h
-include/libpreludedb/preludedb-plugin-format.h
-include/libpreludedb/preludedb-plugin-sql.h
-include/libpreludedb/preludedb-sql-settings.h
-include/libpreludedb/preludedb-sql.h
-include/libpreludedb/preludedb-sql.hxx
-include/libpreludedb/preludedb-version.h
-lib/libpreludedb.so
-lib/libpreludedb.so.7
-lib/libpreludedb.so.7.0.0
-lib/libpreludedbcpp.so
-lib/libpreludedbcpp.so.2
-lib/libpreludedbcpp.so.2.0.0
-lib/libpreludedb/plugins/formats/classic.so
-%%MYSQL%%lib/libpreludedb/plugins/sql/mysql.so
-%%PGSQL%%lib/libpreludedb/plugins/sql/pgsql.so
-%%SQLITE%%lib/libpreludedb/plugins/sql/sqlite3.so
-man/man1/preludedb-admin.1.gz
-share/aclocal/libpreludedb.m4
-%%PORTDOCS%%share/gtk-doc/html/libpreludedb/api-index-full.html
-%%PORTDOCS%%share/gtk-doc/html/libpreludedb/ch01.html
-%%PORTDOCS%%share/gtk-doc/html/libpreludedb/deprecated-api-index.html
-%%PORTDOCS%%share/gtk-doc/html/libpreludedb/home.png
-%%PORTDOCS%%share/gtk-doc/html/libpreludedb/index.html
-%%PORTDOCS%%share/gtk-doc/html/libpreludedb/index.sgml
-%%PORTDOCS%%share/gtk-doc/html/libpreludedb/left.png
-%%PORTDOCS%%share/gtk-doc/html/libpreludedb/libpreludedb-preludedb-error.html
-%%PORTDOCS%%share/gtk-doc/html/libpreludedb/libpreludedb-preludedb-path-selection.html
-%%PORTDOCS%%share/gtk-doc/html/libpreludedb/libpreludedb-preludedb-plugin-format.html
-%%PORTDOCS%%share/gtk-doc/html/libpreludedb/libpreludedb-preludedb-plugin-sql.html
-%%PORTDOCS%%share/gtk-doc/html/libpreludedb/libpreludedb-preludedb-sql-settings.html
-%%PORTDOCS%%share/gtk-doc/html/libpreludedb/libpreludedb-preludedb-sql.html
-%%PORTDOCS%%share/gtk-doc/html/libpreludedb/libpreludedb-preludedb-version.html
-%%PORTDOCS%%share/gtk-doc/html/libpreludedb/libpreludedb-preludedb.html
-%%PORTDOCS%%share/gtk-doc/html/libpreludedb/libpreludedb.devhelp
-%%PORTDOCS%%share/gtk-doc/html/libpreludedb/libpreludedb.devhelp2
-%%PORTDOCS%%share/gtk-doc/html/libpreludedb/object-tree.html
-%%PORTDOCS%%share/gtk-doc/html/libpreludedb/right.png
-%%PORTDOCS%%share/gtk-doc/html/libpreludedb/style.css
-%%PORTDOCS%%share/gtk-doc/html/libpreludedb/up.png
-%%DATADIR%%/classic/mysql-update-14-1.sql
-%%DATADIR%%/classic/mysql-update-14-2.sql
-%%DATADIR%%/classic/mysql-update-14-3.sql
-%%DATADIR%%/classic/mysql-update-14-4.sql
-%%DATADIR%%/classic/mysql-update-14-5.sql
-%%DATADIR%%/classic/mysql-update-14-6.sql
-%%DATADIR%%/classic/mysql-update-14-7.sql
-%%DATADIR%%/classic/mysql.sql
-%%DATADIR%%/classic/mysql2pgsql.sh
-%%DATADIR%%/classic/mysql2sqlite.sh
-%%DATADIR%%/classic/pgsql-update-14-1.sql
-%%DATADIR%%/classic/pgsql-update-14-2.sql
-%%DATADIR%%/classic/pgsql-update-14-3.sql
-%%DATADIR%%/classic/pgsql-update-14-4.sql
-%%DATADIR%%/classic/pgsql-update-14-5.sql
-%%DATADIR%%/classic/pgsql-update-14-6.sql
-%%DATADIR%%/classic/pgsql-update-14-7.sql
-%%DATADIR%%/classic/pgsql.sql
-%%DATADIR%%/classic/sqlite-update-14-4.sql
-%%DATADIR%%/classic/sqlite-update-14-5.sql
-%%DATADIR%%/classic/sqlite-update-14-6.sql
-%%DATADIR%%/classic/sqlite-update-14-7.sql
-%%DATADIR%%/classic/sqlite.sql
diff --git a/security/libpwstor/Makefile b/security/libpwstor/Makefile
deleted file mode 100644
index 17bf6626baca..000000000000
--- a/security/libpwstor/Makefile
+++ /dev/null
@@ -1,31 +0,0 @@
-# Created by: Matt Harris <mattdharris@users.sourceforge.net>
-
-PORTNAME=	libpwstor
-PORTVERSION=	0.1
-PORTREVISION=	2
-CATEGORIES=	security devel
-MASTER_SITES=	SF/kageki/${PORTNAME}/${PORTNAME}-${PORTVERSION}
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Password storage library for C programmers
-
-DEPRECATED=	Abandonware, last release in 2008
-EXPIRATION_DATE=2022-03-31
-
-USES=		ssl tar:bzip2
-USE_LDCONFIG=	yes
-GNU_CONFIGURE=	yes
-
-.include <bsd.port.pre.mk>
-
-CFLAGS+=	-fPIC -DPIC
-
-.if defined(WITH_DEBUG)
-CONFIGURE_ARGS+=--enable-debug
-.endif
-
-post-install:
-	${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/pwtool
-	${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/libpwstor.so
-
-.include <bsd.port.post.mk>
diff --git a/security/libpwstor/distinfo b/security/libpwstor/distinfo
deleted file mode 100644
index f62e656a7ed6..000000000000
--- a/security/libpwstor/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (libpwstor-0.1.tar.bz2) = 5cdc05d6e94cd97a87bc1cd98d330f6231faed9f38ab5d15c490140a18de5abf
-SIZE (libpwstor-0.1.tar.bz2) = 48583
diff --git a/security/libpwstor/files/patch-Makefile b/security/libpwstor/files/patch-Makefile
deleted file mode 100644
index f79b7aa2a194..000000000000
--- a/security/libpwstor/files/patch-Makefile
+++ /dev/null
@@ -1,47 +0,0 @@
---- Makefile.in.orig	2014-06-11 10:26:46.076091805 +0800
-+++ Makefile.in	2014-06-11 10:28:02.217095566 +0800
-@@ -24,25 +24,25 @@ all:	$(OBJ)
- build:	all
- 
- install:
--	$(INSTALL) -m 0755 pwtool $(TARGET)/bin/pwtool
--	$(INSTALL) -m 0644 pwstor.h $(TARGET)/include/pwstor.h
--	$(INSTALL) -m 0644 libpwstor.so $(TARGET)/lib/libpwstor.so.0.1
--	$(INSTALL) -m 0644 libpwstor.a $(TARGET)/lib/libpwstor.a
--	$(LN) -fs $(TARGET)/lib/libpwstor.so.0.1 $(TARGET)/lib/libpwstor.so
--	$(INSTALL) -m 0644 man1/pwtool.1 $(TARGET)/man/man1/pwtool.1
--	$(INSTALL) -m 0644 man3/pwstor.3 $(TARGET)/man/man3/pwstor.3
--	$(INSTALL) -m 0644 man3/pwstor.3 $(TARGET)/man/man3/pws_version.3
--	$(INSTALL) -m 0644 man3/pwstor.3 $(TARGET)/man/man3/pws_version_int.3
--	$(INSTALL) -m 0644 man3/pws_rand_get.3 $(TARGET)/man/man3/pws_rand_get.3
--	$(INSTALL) -m 0644 man3/pws_memnuke.3 $(TARGET)/man/man3/pws_memnuke.3
--	$(INSTALL) -m 0644 man3/pws_base64_encode.3 $(TARGET)/man/man3/pws_base64_encode.3
--	$(INSTALL) -m 0644 man3/pws_base64_decode.3 $(TARGET)/man/man3/pws_base64_decode.3
--	$(INSTALL) -m 0644 man3/pwsencoder.3 $(TARGET)/man/man3/pws_passwords_encode.3
--	$(INSTALL) -m 0644 man3/pwsencoder.3 $(TARGET)/man/man3/pws_passwords_encodemulti.3
--	$(INSTALL) -m 0644 man3/pwsencoder.3 $(TARGET)/man/man3/pws_passwords_len.3
--	$(INSTALL) -m 0644 man3/pwscheck.3 $(TARGET)/man/man3/pws_passwords_check.3
--	$(INSTALL) -m 0644 man3/pwscheck.3 $(TARGET)/man/man3/pws_passwords_checkmulti.3
--	$(INSTALL) -m 0644 man3/pws_passwords_converttomulti.3 $(TARGET)/man/man3/pws_passwords_converttomulti.3
-+	$(INSTALL) -m 0755 pwtool $(DESTDIR)$(TARGET)/bin/pwtool
-+	$(INSTALL) -m 0644 pwstor.h $(DESTDIR)$(TARGET)/include/pwstor.h
-+	$(INSTALL) -m 0644 libpwstor.so $(DESTDIR)$(TARGET)/lib/libpwstor.so.0.1
-+	$(INSTALL) -m 0644 libpwstor.a $(DESTDIR)$(TARGET)/lib/libpwstor.a
-+	$(LN) -fs libpwstor.so.0.1 $(DESTDIR)$(TARGET)/lib/libpwstor.so
-+	$(INSTALL) -m 0644 man1/pwtool.1 $(DESTDIR)$(TARGET)/man/man1/pwtool.1
-+	$(INSTALL) -m 0644 man3/pwstor.3 $(DESTDIR)$(TARGET)/man/man3/pwstor.3
-+	$(INSTALL) -m 0644 man3/pwstor.3 $(DESTDIR)$(TARGET)/man/man3/pws_version.3
-+	$(INSTALL) -m 0644 man3/pwstor.3 $(DESTDIR)$(TARGET)/man/man3/pws_version_int.3
-+	$(INSTALL) -m 0644 man3/pws_rand_get.3 $(DESTDIR)$(TARGET)/man/man3/pws_rand_get.3
-+	$(INSTALL) -m 0644 man3/pws_memnuke.3 $(DESTDIR)$(TARGET)/man/man3/pws_memnuke.3
-+	$(INSTALL) -m 0644 man3/pws_base64_encode.3 $(DESTDIR)$(TARGET)/man/man3/pws_base64_encode.3
-+	$(INSTALL) -m 0644 man3/pws_base64_decode.3 $(DESTDIR)$(TARGET)/man/man3/pws_base64_decode.3
-+	$(INSTALL) -m 0644 man3/pwsencoder.3 $(DESTDIR)$(TARGET)/man/man3/pws_passwords_encode.3
-+	$(INSTALL) -m 0644 man3/pwsencoder.3 $(DESTDIR)$(TARGET)/man/man3/pws_passwords_encodemulti.3
-+	$(INSTALL) -m 0644 man3/pwsencoder.3 $(DESTDIR)$(TARGET)/man/man3/pws_passwords_len.3
-+	$(INSTALL) -m 0644 man3/pwscheck.3 $(DESTDIR)$(TARGET)/man/man3/pws_passwords_check.3
-+	$(INSTALL) -m 0644 man3/pwscheck.3 $(DESTDIR)$(TARGET)/man/man3/pws_passwords_checkmulti.3
-+	$(INSTALL) -m 0644 man3/pws_passwords_converttomulti.3 $(DESTDIR)$(TARGET)/man/man3/pws_passwords_converttomulti.3
- 
- clean:
- 	rm -f $(OBJ) $(ARLIB) $(SOLIB) pwtool
diff --git a/security/libpwstor/pkg-descr b/security/libpwstor/pkg-descr
deleted file mode 100644
index 9acf213b0a99..000000000000
--- a/security/libpwstor/pkg-descr
+++ /dev/null
@@ -1,13 +0,0 @@
-libpwstor is a library implementing a password storage format
-for C programmers.  This format provides a reasonable level of
-security by utilizing SHA-256 in addition to a random salt to
-mitigate dictionary and rainbow table attacks.
-
-In addition to the core functionality, libpwstor also offers
-some additional functions such as Base64 encoding and decoding.
-All functionality is implemented and designed in such a way as
-to be easy to use for C programmers of varying skill levels,
-while preserving reasonable security in the underlying storage
-format.
-
-WWW: https://sourceforge.net/projects/kageki/
diff --git a/security/libpwstor/pkg-plist b/security/libpwstor/pkg-plist
deleted file mode 100644
index f1dfd5a05c57..000000000000
--- a/security/libpwstor/pkg-plist
+++ /dev/null
@@ -1,19 +0,0 @@
-bin/pwtool
-include/pwstor.h
-lib/libpwstor.a
-lib/libpwstor.so
-lib/libpwstor.so.0.1
-man/man1/pwtool.1.gz
-man/man3/pws_base64_decode.3.gz
-man/man3/pws_base64_encode.3.gz
-man/man3/pws_memnuke.3.gz
-man/man3/pws_passwords_check.3.gz
-man/man3/pws_passwords_checkmulti.3.gz
-man/man3/pws_passwords_converttomulti.3.gz
-man/man3/pws_passwords_encode.3.gz
-man/man3/pws_passwords_encodemulti.3.gz
-man/man3/pws_passwords_len.3.gz
-man/man3/pws_rand_get.3.gz
-man/man3/pws_version.3.gz
-man/man3/pws_version_int.3.gz
-man/man3/pwstor.3.gz
diff --git a/security/manipulate_data/Makefile b/security/manipulate_data/Makefile
deleted file mode 100644
index 8fb465a971a3..000000000000
--- a/security/manipulate_data/Makefile
+++ /dev/null
@@ -1,39 +0,0 @@
-# Created by: Vaida Bogdan <vaida.bogdan@gmail.com>
-
-PORTNAME=	manipulate_data
-PORTVERSION=	1.3
-PORTREVISION=	1
-CATEGORIES=	security
-MASTER_SITES=	PACKETSTORM/groups/thc
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Search/extract/write raw data
-
-DEPRECATED=	Abandonware, unsupported upstream
-EXPIRATION_DATE=2022-03-31
-
-SBIN_PROGRAMS=	read_data replace_data search_data write_data
-
-PORTDOCS=	CHANGES README
-PLIST_FILES=	${SBIN_PROGRAMS:S,^,sbin/,}
-
-OPTIONS_DEFINE=	DOCS
-
-post-patch:
-	@${REINPLACE_CMD} -e \
-		's|^CC=|CC?=| ; \
-		s| -O2 | $$(CFLAGS) | ; \
-		/strip/s|^|#|' ${WRKSRC}/Makefile
-
-do-install:
-.for i in ${SBIN_PROGRAMS}
-	${INSTALL_PROGRAM} ${WRKSRC}/${i} ${STAGEDIR}${PREFIX}/sbin
-.endfor
-
-do-install-DOCS-on:
-	@${MKDIR} ${STAGEDIR}${DOCSDIR}
-.for i in ${PORTDOCS}
-	${INSTALL_DATA} ${WRKSRC}/${i} ${STAGEDIR}${DOCSDIR}
-.endfor
-
-.include <bsd.port.mk>
diff --git a/security/manipulate_data/distinfo b/security/manipulate_data/distinfo
deleted file mode 100644
index 6798b02f10bd..000000000000
--- a/security/manipulate_data/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (manipulate_data-1.3.tar.gz) = 12e88c8cdb102daca79c783fd147b8c94413b17e76d8675374dec07de2fc3c0f
-SIZE (manipulate_data-1.3.tar.gz) = 6593
diff --git a/security/manipulate_data/files/patch-read_data.c b/security/manipulate_data/files/patch-read_data.c
deleted file mode 100644
index 2742af848b8d..000000000000
--- a/security/manipulate_data/files/patch-read_data.c
+++ /dev/null
@@ -1,11 +0,0 @@
---- read_data.c.orig	2004-07-07 15:00:30 UTC
-+++ read_data.c
-@@ -32,7 +32,7 @@ int main (int argc, char *argv[]) {
-     if (sizeof(start) < 8)
-       start = atol(argv[2]);
-     else
--      start = atoll(argv[2]);
-+      start = strtoll(argv[2], (char **)NULL, 10);
-     bytes = atol(argv[3]);
- 
-     if ((bytes < 1) || (bytes > MAX_SIZE)) {
diff --git a/security/manipulate_data/files/patch-write_data.c b/security/manipulate_data/files/patch-write_data.c
deleted file mode 100644
index 1fb59f20ba95..000000000000
--- a/security/manipulate_data/files/patch-write_data.c
+++ /dev/null
@@ -1,11 +0,0 @@
---- write_data.c.orig	2004-07-07 14:58:54 UTC
-+++ write_data.c
-@@ -49,7 +49,7 @@ int main (int argc, char *argv[]) {
-     if (sizeof(start) < 8)
-       start = atol(c_ptr2);
-     else
--      start = atoll(c_ptr2);
-+      start = strtoll(c_ptr2, (char **)NULL, 10);
-     bytes = atol(c_ptr);
-     if (sizeof(start) < 8)
-       sprintf(tmpbuf, "%lu.%lu", (unsigned long) start, bytes);
diff --git a/security/manipulate_data/pkg-descr b/security/manipulate_data/pkg-descr
deleted file mode 100644
index ff88d874f781..000000000000
--- a/security/manipulate_data/pkg-descr
+++ /dev/null
@@ -1,4 +0,0 @@
-Search data on a harddisk/partition/file, extract the part you are interested
-in, and write it back after you modified it.
-
-WWW: http://www.thc.org/
diff --git a/security/matrixssl/Makefile b/security/matrixssl/Makefile
deleted file mode 100644
index 8c662f1ef964..000000000000
--- a/security/matrixssl/Makefile
+++ /dev/null
@@ -1,69 +0,0 @@
-# Created by: arved
-
-PORTNAME=	matrixssl
-PORTVERSION=	3.3
-PORTREVISION=	1
-CATEGORIES=	security
-MASTER_SITES=	CPAN
-MASTER_SITE_SUBDIR=	CPAN:CDRAKE
-DISTNAME=	Crypt-MatrixSSL3-3.3.0.1
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Small alternative SSL implementation
-
-LICENSE=	GPLv2+
-
-DEPRECATED=	Abandonware, dead upstream
-EXPIRATION_DATE=2022-03-31
-
-WRKSRC=		${WRKDIR}/${DISTNAME}/${PORTNAME}-${PORTVERSION:S/./-/g}-open
-
-USES=		cpe gmake tar:tgz
-MAKE_ARGS=	CC="${CC}" DFLAGS="${CFLAGS}" STRIP="${TEST}"
-USE_LDCONFIG=	yes
-
-OPTIONS_DEFINE=	DOCS EXAMPLES
-
-.include <bsd.port.pre.mk>
-
-.if ${ARCH:M*64*}
-CFLAGS+=	-DPSTM_64BIT
-.endif
-
-post-extract:
-	@cd ${WRKDIR}/${DISTNAME} \
-		&& ${TAR} -xf ${PORTNAME}-${PORTVERSION:S/./-/g}-open.tgz
-
-pre-patch:
-	@cd ${WRKDIR}/${DISTNAME} \
-		&& ${CAT} ${PORTNAME}-${PORTVERSION:S/./-/g}-open.patch | \
-		${PATCH} -d ${WRKSRC} -p1 --quiet
-
-post-patch:
-	@${REINPLACE_CMD} -e \
-		's|^LDFLAGS|#LDFLAGS|' ${WRKSRC}/Makefile
-
-do-install:
-	${INSTALL_DATA} ${WRKSRC}/libmatrixssl.a ${STAGEDIR}${PREFIX}/lib
-	${INSTALL_LIB} ${WRKSRC}/libmatrixssl.so ${STAGEDIR}${PREFIX}/lib
-	@${MKDIR} ${STAGEDIR}${PREFIX}/include/matrixssl
-	${INSTALL_DATA} ${WRKSRC}/matrixssl/*.h ${STAGEDIR}${PREFIX}/include/matrixssl
-	@${MKDIR} ${STAGEDIR}${PREFIX}/include/matrixssl/core
-	${INSTALL_DATA} ${WRKSRC}/core/*.h ${STAGEDIR}${PREFIX}/include/matrixssl/core
-	@${MKDIR} ${STAGEDIR}${PREFIX}/include/matrixssl/crypto
-	${INSTALL_DATA} ${WRKSRC}/crypto/*.h ${STAGEDIR}${PREFIX}/include/matrixssl/crypto
-
-do-install-DOCS-on:
-	@${MKDIR} ${STAGEDIR}${DOCSDIR}
-	${INSTALL_DATA} ${WRKSRC}/doc/* ${STAGEDIR}${DOCSDIR}
-
-do-install-EXAMPLES-on:
-	@${MKDIR} ${STAGEDIR}${EXAMPLESDIR}/apps
-	${INSTALL_DATA} ${WRKSRC}/apps/Makefile ${STAGEDIR}${EXAMPLESDIR}/apps
-	${INSTALL_DATA} ${WRKSRC}/apps/*.c ${STAGEDIR}${EXAMPLESDIR}/apps
-	${INSTALL_DATA} ${WRKSRC}/apps/*.h ${STAGEDIR}${EXAMPLESDIR}/apps
-	@${MKDIR} ${STAGEDIR}${EXAMPLESDIR}/sampleCerts
-	${INSTALL_DATA} ${WRKSRC}/sampleCerts/*.h ${STAGEDIR}${EXAMPLESDIR}/sampleCerts
-	${INSTALL_DATA} ${WRKSRC}/sampleCerts/*.pem ${STAGEDIR}${EXAMPLESDIR}/sampleCerts
-
-.include <bsd.port.post.mk>
diff --git a/security/matrixssl/distinfo b/security/matrixssl/distinfo
deleted file mode 100644
index f495081032c6..000000000000
--- a/security/matrixssl/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (Crypt-MatrixSSL3-3.3.0.1.tgz) = 4693155e64041c8c81cf53f084b502d0238d539676001856d05b6a19855769ff
-SIZE (Crypt-MatrixSSL3-3.3.0.1.tgz) = 4142631
diff --git a/security/matrixssl/pkg-descr b/security/matrixssl/pkg-descr
deleted file mode 100644
index 42907357df26..000000000000
--- a/security/matrixssl/pkg-descr
+++ /dev/null
@@ -1,6 +0,0 @@
-PeerSec Networks MatrixSSL is an embedded SSL implementation designed for
-small footprint applications and devices. PeerSec Networks offers a fully
-supported, commercial version as well as an open source version that is
-available for download.
-
-WWW: http://www.matrixssl.org/
diff --git a/security/matrixssl/pkg-plist b/security/matrixssl/pkg-plist
deleted file mode 100644
index 29128d3e4256..000000000000
--- a/security/matrixssl/pkg-plist
+++ /dev/null
@@ -1,42 +0,0 @@
-include/matrixssl/core/coreApi.h
-include/matrixssl/core/coreConfig.h
-include/matrixssl/core/list.h
-include/matrixssl/core/osdep.h
-include/matrixssl/core/psmalloc.h
-include/matrixssl/crypto/cryptoApi.h
-include/matrixssl/crypto/cryptoConfig.h
-include/matrixssl/crypto/cryptolib.h
-include/matrixssl/matrixsslApi.h
-include/matrixssl/matrixsslConfig.h
-include/matrixssl/matrixssllib.h
-include/matrixssl/version.h
-lib/libmatrixssl.a
-lib/libmatrixssl.so
-%%PORTDOCS%%%%DOCSDIR%%/MatrixSSL_3-3-OpenReleaseNotes.pdf
-%%PORTDOCS%%%%DOCSDIR%%/MatrixSSL_API.pdf
-%%PORTDOCS%%%%DOCSDIR%%/MatrixSSL_DevelopersGuide.pdf
-%%PORTDOCS%%%%DOCSDIR%%/MatrixSSL_GettingStarted.pdf
-%%PORTDOCS%%%%DOCSDIR%%/MatrixSSL_PortingGuide.pdf
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/apps/Makefile
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/apps/app.h
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/apps/client.c
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/apps/http.c
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/apps/server.c
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/sampleCerts/CAcertSrv.h
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/sampleCerts/CAcertSrv.pem
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/sampleCerts/CAcertSrv2048.h
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/sampleCerts/CAcertSrv2048.pem
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/sampleCerts/CAcertSrv512.h
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/sampleCerts/CAcertSrv512.pem
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/sampleCerts/certSrv.h
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/sampleCerts/certSrv.pem
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/sampleCerts/certSrv2048.h
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/sampleCerts/certSrv2048.pem
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/sampleCerts/certSrv512.h
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/sampleCerts/certSrv512.pem
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/sampleCerts/privkeySrv.h
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/sampleCerts/privkeySrv.pem
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/sampleCerts/privkeySrv2048.h
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/sampleCerts/privkeySrv2048.pem
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/sampleCerts/privkeySrv512.h
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/sampleCerts/privkeySrv512.pem
diff --git a/security/mussh/Makefile b/security/mussh/Makefile
deleted file mode 100644
index 908cddee0109..000000000000
--- a/security/mussh/Makefile
+++ /dev/null
@@ -1,43 +0,0 @@
-# Created by: Yen-Ming Lee <leeym@leeym.com>
-
-PORTNAME=	mussh
-PORTVERSION=	1.0
-PORTREVISION=	1
-CATEGORIES=	security
-MASTER_SITES=	SF
-
-MAINTAINER=	farrokhi@FreeBSD.org
-COMMENT=	Tool for easily running the same commands on multiple hosts
-
-LICENSE=	GPLv2
-
-DEPRECATED=	Abandonware, last release in 2011 please consider using security/teleport
-EXPIRATION_DATE=2022-03-31
-
-RUN_DEPENDS=	bash:shells/bash
-
-USES=		shebangfix tar:tgz
-
-WRKSRC=		${WRKDIR}/${PORTNAME}
-
-SHEBANG_FILES=	${WRKSRC}/${PORTNAME}
-NO_BUILD=	yes
-NO_ARCH=	yes
-
-PORTDOCS=	BUGS CHANGES EXAMPLES README
-PLIST_FILES=	bin/mussh man/man1/mussh.1.gz
-
-OPTIONS_DEFINE=	DOCS
-
-do-install:
-	@${MKDIR} ${STAGEDIR}${PREFIX}/bin
-	${INSTALL_SCRIPT} ${WRKSRC}/${PORTNAME} ${STAGEDIR}${PREFIX}/bin/${PORTNAME}
-	${INSTALL_MAN} ${WRKSRC}/${PORTNAME}.1 ${STAGEDIR}${MANPREFIX}/man/man1
-
-do-install-DOCS-on:
-	@${MKDIR} ${STAGEDIR}${DOCSDIR}
-.for f in ${PORTDOCS}
-	${INSTALL_DATA} ${WRKSRC}/${f} ${STAGEDIR}${DOCSDIR}
-.endfor
-
-.include <bsd.port.mk>
diff --git a/security/mussh/distinfo b/security/mussh/distinfo
deleted file mode 100644
index 75668dc196e0..000000000000
--- a/security/mussh/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (mussh-1.0.tgz) = 6ba883cfaacc3f54c2643e8790556ff7b17da73c9e0d4e18346a51791fedd267
-SIZE (mussh-1.0.tgz) = 15430
diff --git a/security/mussh/pkg-descr b/security/mussh/pkg-descr
deleted file mode 100644
index 5ca1ec8008d6..000000000000
--- a/security/mussh/pkg-descr
+++ /dev/null
@@ -1,6 +0,0 @@
-Mussh is a shell script that allows you to execute a command or script
-over ssh on multiple hosts with one command. When possible mussh will use
-ssh-agent and RSA/DSA keys to minimize the need to enter your password
-more than once.
-
-WWW: https://sourceforge.net/projects/mussh/
diff --git a/security/openvpn-mbedtls/Makefile b/security/openvpn-mbedtls/Makefile
deleted file mode 100644
index 2914263db048..000000000000
--- a/security/openvpn-mbedtls/Makefile
+++ /dev/null
@@ -1,17 +0,0 @@
-# Created by: Matthias Andree <mandree@FreeBSD.org>
-
-PKGNAMESUFFIX=		-mbedtls
-
-COMMENT=		Secure IP/Ethernet tunnel daemon, mbedTLS-based build
-
-DEPRECATED=		mbedTLS only has a minimum viable TLSv1.3 implementation, and OpenVPN-mbedtls does not work on FreeBSD 14-CURRENT
-EXPIRATION_DATE=	2022-03-31
-
-CONFLICTS_INSTALL=	openvpn openvpn-beta openvpn-devel
-
-OPTIONS_EXCLUDE=	OPENSSL PKCS11 X509ALTUSERNAME
-OPTIONS_SLAVE=		MBEDTLS
-
-MASTERDIR=		${.CURDIR}/../../security/openvpn
-
-.include "${MASTERDIR}/Makefile"
diff --git a/security/outguess/Makefile b/security/outguess/Makefile
deleted file mode 100644
index 4fa188c277bb..000000000000
--- a/security/outguess/Makefile
+++ /dev/null
@@ -1,41 +0,0 @@
-# Created by: trevor
-
-PORTNAME=	outguess
-PORTVERSION=	0.2
-CATEGORIES=	security
-MASTER_SITES=	http://www.outguess.org/ \
-		http://www.internet2.edu/~shalunov/mirror/ \
-		http://cimarron.river.com/mirrors/www.outguess.org/ \
-		http://munitions.vipul.net/software/steganography/ \
-		http://the25200-1.gw.connect.com.au/security/steganography/ \
-		PACKETSTORM/crypt/stego
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Steganographic tool
-
-LICENSE=	BSD4CLAUSE
-
-DEPRECATED=	Abandonware, dead upstream and last release in 2001
-EXPIRATION_DATE=2022-03-31
-
-CONFLICTS_INSTALL=	csound libextractor # bin/extract
-
-GNU_CONFIGURE=	yes
-WRKSRC=		${WRKDIR}/outguess
-
-PORTDOCS=	ChangeLog README STIRMARK-README TODO
-
-OPTIONS_DEFINE=	DOCS
-
-do-install:
-	${INSTALL_PROGRAM} ${WRKSRC}/outguess ${STAGEDIR}${PREFIX}/bin
-	${LN} -sf outguess ${STAGEDIR}${PREFIX}/bin/extract
-	${INSTALL_MAN} ${WRKSRC}/outguess.1 ${STAGEDIR}${MAN1PREFIX}/man/man1
-
-do-install-DOCS-on:
-	@${MKDIR} ${STAGEDIR}${DOCSDIR}
-.for i in ${PORTDOCS}
-	${INSTALL_DATA} ${WRKSRC}/${i} ${STAGEDIR}${DOCSDIR}
-.endfor
-
-.include <bsd.port.mk>
diff --git a/security/outguess/distinfo b/security/outguess/distinfo
deleted file mode 100644
index daff3678d6f2..000000000000
--- a/security/outguess/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (outguess-0.2.tar.gz) = 2f951ed7b9b9373fae8fe95616d49c83ae246cf53a2b60a82814228515bfa7d6
-SIZE (outguess-0.2.tar.gz) = 470638
diff --git a/security/outguess/pkg-descr b/security/outguess/pkg-descr
deleted file mode 100644
index 82cfb9c6ef22..000000000000
--- a/security/outguess/pkg-descr
+++ /dev/null
@@ -1,13 +0,0 @@
-from the README:
-
-OutGuess is a universal steganographic tool that allows the insertion
-of hidden information into the redundant bits of data sources.  The
-nature of the data source is irrelevant to the core of OutGuess.  The
-program relies on data specific handlers that will extract redundant
-bits and write them back after modification.  In this version the PNM
-and JPEG image formats are supported.
-
-The histogram utility is not installed by this port/package because
-it crashes.
-
-WWW: http://www.outguess.org/
diff --git a/security/outguess/pkg-plist b/security/outguess/pkg-plist
deleted file mode 100644
index 94cb9ba5c56f..000000000000
--- a/security/outguess/pkg-plist
+++ /dev/null
@@ -1,3 +0,0 @@
-bin/extract
-bin/outguess
-man/man1/outguess.1.gz
diff --git a/security/pbnj/Makefile b/security/pbnj/Makefile
deleted file mode 100644
index 184bcdaec24c..000000000000
--- a/security/pbnj/Makefile
+++ /dev/null
@@ -1,32 +0,0 @@
-# Created by: Joshua D. Abraham <jabra@ccs.neu.edu>
-
-PORTNAME=	pbnj
-PORTVERSION=	2.04
-PORTREVISION=	2
-CATEGORIES=	security
-MASTER_SITES=	SF/${PORTNAME}/${PORTNAME}/${PORTNAME}-${PORTVERSION}
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Suite of tools to monitor changes on a network
-
-DEPRECATED=	Abandonware, last release in 2006 and reported broken upstream in 2017 upstream
-EXPIRATION_DATE=2022-03-31
-
-LICENSE=	GPLv2+
-LICENSE_FILE=	${WRKSRC}/COPYING
-
-BUILD_DEPENDS=	p5-DBD-SQLite>=0:databases/p5-DBD-SQLite \
-		p5-File-HomeDir>=0:devel/p5-File-HomeDir \
-		p5-File-Which>=0:sysutils/p5-File-Which \
-		p5-Nmap-Parser>=0:security/p5-Nmap-Parser \
-		p5-Text-CSV_XS>=0:textproc/p5-Text-CSV_XS \
-		p5-XML-Twig>=0:textproc/p5-XML-Twig \
-		p5-YAML>=0:textproc/p5-YAML
-RUN_DEPENDS:=	nmap:security/nmap \
-		${BUILD_DEPENDS}
-
-NO_ARCH=	yes
-USES=		perl5
-USE_PERL5=	configure
-
-.include <bsd.port.mk>
diff --git a/security/pbnj/distinfo b/security/pbnj/distinfo
deleted file mode 100644
index 3b80a6bbc1e3..000000000000
--- a/security/pbnj/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (pbnj-2.04.tar.gz) = 3df88ea306bd47401766d69f32e5cd1fdc1f015e6a06c66a7fa7aba7dfd0f3b9
-SIZE (pbnj-2.04.tar.gz) = 86080
diff --git a/security/pbnj/pkg-descr b/security/pbnj/pkg-descr
deleted file mode 100644
index b7491d858125..000000000000
--- a/security/pbnj/pkg-descr
+++ /dev/null
@@ -1,7 +0,0 @@
-PBNJ is a network suite to monitor changes that occur on a network
-over time. It does this by checking for changes on the target
-machine(s), which includes the details about the services running on
-them as well as the service state. PBNJ parses the data from a scan
-and stores it in a database. PBNJ uses Nmap to perform scans.
-
-WWW: https://sourceforge.net/projects/pbnj/
diff --git a/security/pbnj/pkg-plist b/security/pbnj/pkg-plist
deleted file mode 100644
index 494bc7b4fe40..000000000000
--- a/security/pbnj/pkg-plist
+++ /dev/null
@@ -1,6 +0,0 @@
-bin/genlist
-bin/outputpbnj
-bin/scanpbnj
-%%PERL5_MAN1%%/genlist.1p.gz
-%%PERL5_MAN1%%/outputpbnj.1p.gz
-%%PERL5_MAN1%%/scanpbnj.1p.gz
diff --git a/security/phpsecinfo/Makefile b/security/phpsecinfo/Makefile
deleted file mode 100644
index 7c9bb8c887f2..000000000000
--- a/security/phpsecinfo/Makefile
+++ /dev/null
@@ -1,32 +0,0 @@
-# Created by: chinsan
-
-PORTNAME=	phpsecinfo
-PORTVERSION=	0.2.1
-CATEGORIES=	security www
-MASTER_SITES=	LOCAL/chinsan
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	PHP environment security auditing tool
-
-DEPRECATED=	Abandonware, last release in 2006
-EXPIRATION_DATE=2022-03-31
-
-LICENSE=	BSD3CLAUSE
-LICENSE_FILE=	${WRKSRC}/LICENSE
-
-USES=		php:web zip
-USE_PHP=	pcre
-NO_BUILD=	yes
-NO_ARCH=	yes
-
-WRKSRC=		${WRKDIR}/${PORTNAME}-20070406
-TEMP_PLIST=	${WRKDIR}/temp-pkg-plist
-
-PLIST_SUB=	WWWOWN=${WWWOWN} \
-		WWWGRP=${WWWGRP}
-
-do-install:
-	@${MKDIR} ${STAGEDIR}${WWWDIR}
-	${CP} -R ${WRKSRC}/ ${STAGEDIR}${WWWDIR}
-
-.include <bsd.port.mk>
diff --git a/security/phpsecinfo/distinfo b/security/phpsecinfo/distinfo
deleted file mode 100644
index 3e39e8545f9b..000000000000
--- a/security/phpsecinfo/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (phpsecinfo-0.2.1.zip) = 4490a9c81a910de6db5535df368cb18cdb339e86bca7003bc7f91ea7bf975fb7
-SIZE (phpsecinfo-0.2.1.zip) = 302058
diff --git a/security/phpsecinfo/pkg-descr b/security/phpsecinfo/pkg-descr
deleted file mode 100644
index 045280eb956a..000000000000
--- a/security/phpsecinfo/pkg-descr
+++ /dev/null
@@ -1,18 +0,0 @@
-### WHAT IS PHPSECINFO?
-PHPSecInfo is a PHP environment security auditing tool modeled after the
-phpsecinfo() function.  From a single function call, PHPSecInfo runs a
-series of tests on your PHP environment to identify potential security
-issues and offer suggestions.  It can be useful as part of a multilayered
-security approach.
-
-
-#### WHAT IS PHPSECINFO NOT?
-* It is not a replacement for secure coding practices
-* It does not audit PHP code
-* It is not comprehensive test for either your hosting environment
-  or your web application
-* It is not the "final word."  PHPSecInfo identifies *potential* problems
-  and offers suggestions for improvement.  Your environment may _require_
-  certain settings that trigger cautions or warnings.
-
-WWW: http://phpsec.org/projects/phpsecinfo/
diff --git a/security/phpsecinfo/pkg-plist b/security/phpsecinfo/pkg-plist
deleted file mode 100644
index 62c73bcb0713..000000000000
--- a/security/phpsecinfo/pkg-plist
+++ /dev/null
@@ -1,154 +0,0 @@
-@owner %%WWWOWN%%
-@group %%WWWGRP%%
-%%WWWDIR%%/CHANGELOG
-%%WWWDIR%%/LICENSE
-%%WWWDIR%%/PhpSecInfo/PhpSecInfo.php
-%%WWWDIR%%/PhpSecInfo/Test/CGI/force_redirect.php
-%%WWWDIR%%/PhpSecInfo/Test/Core/allow_url_fopen.php
-%%WWWDIR%%/PhpSecInfo/Test/Core/allow_url_include.php
-%%WWWDIR%%/PhpSecInfo/Test/Core/display_errors.php
-%%WWWDIR%%/PhpSecInfo/Test/Core/expose_php.php
-%%WWWDIR%%/PhpSecInfo/Test/Core/file_uploads.php
-%%WWWDIR%%/PhpSecInfo/Test/Core/gid.php
-%%WWWDIR%%/PhpSecInfo/Test/Core/magic_quotes_gpc.php
-%%WWWDIR%%/PhpSecInfo/Test/Core/memory_limit.php
-%%WWWDIR%%/PhpSecInfo/Test/Core/open_basedir.php
-%%WWWDIR%%/PhpSecInfo/Test/Core/post_max_size.php
-%%WWWDIR%%/PhpSecInfo/Test/Core/register_globals.php
-%%WWWDIR%%/PhpSecInfo/Test/Core/uid.php
-%%WWWDIR%%/PhpSecInfo/Test/Core/upload_max_filesize.php
-%%WWWDIR%%/PhpSecInfo/Test/Core/upload_tmp_dir.php
-%%WWWDIR%%/PhpSecInfo/Test/Curl/file_support.php
-%%WWWDIR%%/PhpSecInfo/Test/Session/save_path.php
-%%WWWDIR%%/PhpSecInfo/Test/Session/use_trans_sid.php
-%%WWWDIR%%/PhpSecInfo/Test/Test.php
-%%WWWDIR%%/PhpSecInfo/Test/Test_Cgi.php
-%%WWWDIR%%/PhpSecInfo/Test/Test_Core.php
-%%WWWDIR%%/PhpSecInfo/Test/Test_Curl.php
-%%WWWDIR%%/PhpSecInfo/Test/Test_Session.php
-%%WWWDIR%%/README
-%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo.html
-%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test.html
-%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Cgi.html
-%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Cgi_Force_Redirect.html
-%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core.html
-%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Allow_Url_Fopen.html
-%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Allow_Url_Include.html
-%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Display_Errors.html
-%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Expose_Php.html
-%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_File_Uploads.html
-%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Gid.html
-%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Magic_Quotes_GPC.html
-%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Memory_Limit.html
-%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Open_Basedir.html
-%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Post_Max_Size.html
-%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Register_Globals.html
-%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Uid.html
-%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Upload_Max_Filesize.html
-%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Core_Upload_Tmp_Dir.html
-%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Curl.html
-%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Curl_File_Support.html
-%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Session.html
-%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Session_Save_Path.html
-%%WWWDIR%%/docs/PhpSecInfo/PhpSecInfo_Test_Session_Use_Trans_Sid.html
-%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_PhpSecInfo_php.html
-%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_CGI_force_redirect_php.html
-%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_allow_url_fopen_php.html
-%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_allow_url_include_php.html
-%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_display_errors_php.html
-%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_expose_php_php.html
-%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_file_uploads_php.html
-%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_gid_php.html
-%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_magic_quotes_gpc_php.html
-%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_memory_limit_php.html
-%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_open_basedir_php.html
-%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_post_max_size_php.html
-%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_register_globals_php.html
-%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_uid_php.html
-%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_upload_max_filesize_php.html
-%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Core_upload_tmp_dir_php.html
-%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Curl_file_support_php.html
-%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Session_save_path_php.html
-%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Session_use_trans_sid_php.html
-%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Test_Cgi_php.html
-%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Test_Core_php.html
-%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Test_Curl_php.html
-%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Test_Session_php.html
-%%WWWDIR%%/docs/PhpSecInfo/_PhpSecInfo_Test_Test_php.html
-%%WWWDIR%%/docs/PhpSecInfo/_branches_0.2.0_index_php.html
-%%WWWDIR%%/docs/PhpSecInfo/_index_php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoPhpSecInfo.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCGIforce_redirect.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCoreallow_url_fopen.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCoreallow_url_include.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCoredisplay_errors.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCoreexpose_php.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCorefile_uploads.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCoregid.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCoremagic_quotes_gpc.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCorememory_limit.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCoreopen_basedir.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCorepost_max_size.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCoreregister_globals.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCoreuid.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCoreupload_max_filesize.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCoreupload_tmp_dir.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestCurlfile_support.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestSessionsave_path.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestSessionuse_trans_sid.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestTest.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestTest_Cgi.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestTest_Core.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestTest_Curl.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__PhpSecInfoTestTest_Session.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__branches0.2.0PhpSecInfoPhpSecInfo.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__branches0.2.0index.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__index.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__trunkPhpSecInfoTestCGIforce_redirect.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__trunkPhpSecInfoTestCoreallow_url_fopen.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__trunkPhpSecInfoTestCoreallow_url_include.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__trunkPhpSecInfoTestCoredisplay_errors.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__trunkPhpSecInfoTestCoreexpose_php.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__trunkPhpSecInfoTestCorefile_uploads.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__trunkPhpSecInfoTestCoregid.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__trunkPhpSecInfoTestCoremagic_quotes_gpc.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__trunkPhpSecInfoTestCorememory_limit.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__trunkPhpSecInfoTestCoreopen_basedir.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__trunkPhpSecInfoTestCorepost_max_size.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__trunkPhpSecInfoTestCoreregister_globals.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__trunkPhpSecInfoTestCoreuid.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__trunkPhpSecInfoTestCoreupload_max_filesize.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__trunkPhpSecInfoTestCoreupload_tmp_dir.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__trunkPhpSecInfoTestCurlfile_support.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__trunkPhpSecInfoTestSessionsave_path.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__trunkPhpSecInfoTestSessionuse_trans_sid.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__trunkPhpSecInfoTestTest.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__trunkPhpSecInfoTestTest_Cgi.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__trunkPhpSecInfoTestTest_Core.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__trunkPhpSecInfoTestTest_Curl.php.html
-%%WWWDIR%%/docs/__filesource/fsource_PhpSecInfo__trunkPhpSecInfoTestTest_Session.php.html
-%%WWWDIR%%/docs/blank.html
-%%WWWDIR%%/docs/classtrees_PhpSecInfo.html
-%%WWWDIR%%/docs/elementindex.html
-%%WWWDIR%%/docs/elementindex_PhpSecInfo.html
-%%WWWDIR%%/docs/errors.html
-%%WWWDIR%%/docs/index.html
-%%WWWDIR%%/docs/li_PhpSecInfo.html
-%%WWWDIR%%/docs/media/banner.css
-%%WWWDIR%%/docs/media/stylesheet.css
-%%WWWDIR%%/docs/packages.html
-%%WWWDIR%%/docs/todolist.html
-%%WWWDIR%%/index.php
-@dir %%WWWDIR%%/PhpSecInfo/Test/CGI
-@dir %%WWWDIR%%/PhpSecInfo/Test/Core
-@dir %%WWWDIR%%/PhpSecInfo/Test/Curl
-@dir %%WWWDIR%%/PhpSecInfo/Test/Session
-@dir %%WWWDIR%%/PhpSecInfo/Test
-@dir %%WWWDIR%%/PhpSecInfo
-@dir %%WWWDIR%%/docs/media
-@dir %%WWWDIR%%/docs/PhpSecInfo
-@dir %%WWWDIR%%/docs/__filesource
-@dir %%WWWDIR%%/docs
-@dir %%WWWDIR%%
-@owner
-@group
diff --git a/security/pktsuckers/Makefile b/security/pktsuckers/Makefile
deleted file mode 100644
index 09b166ba07ae..000000000000
--- a/security/pktsuckers/Makefile
+++ /dev/null
@@ -1,25 +0,0 @@
-# Created by: Warren Toomey <wkt@cs.adfa.edu.au>
-
-PORTNAME=	pktsuckers
-PORTVERSION=	1.2
-CATEGORIES=	security
-MASTER_SITES=	ftp://minnie.tuhs.org/pub/NetSecurity/
-DISTNAME=	${PORTNAME}${PORTVERSION:S/./_/}
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Log contents of unwanted UDP packets and TCP connections
-
-DEPRECATED=	Abandonware, last release from somewhere around 1999
-EXPIRATION_DATE=2022-03-31
-
-PLIST_FILES=	libexec/tcpsuck libexec/udpsuck
-
-post-patch:
-	@${REINPLACE_CMD} -e \
-		's|^void main|int main|' ${WRKSRC}/tcpsuck.c ${WRKSRC}/udpsuck.c
-
-do-install:
-	${INSTALL_PROGRAM} ${WRKSRC}/tcpsuck ${STAGEDIR}${PREFIX}/libexec
-	${INSTALL_PROGRAM} ${WRKSRC}/udpsuck ${STAGEDIR}${PREFIX}/libexec
-
-.include <bsd.port.mk>
diff --git a/security/pktsuckers/distinfo b/security/pktsuckers/distinfo
deleted file mode 100644
index 4e4d6312a805..000000000000
--- a/security/pktsuckers/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (pktsuckers1_2.tar.gz) = f0dcc87f6b34c2e22a21de799c82dd555d8342c7db24a6d99048f88f1a6fb871
-SIZE (pktsuckers1_2.tar.gz) = 4105
diff --git a/security/pktsuckers/files/patch-Makefile b/security/pktsuckers/files/patch-Makefile
deleted file mode 100644
index 634ffb9ba72f..000000000000
--- a/security/pktsuckers/files/patch-Makefile
+++ /dev/null
@@ -1,26 +0,0 @@
---- Makefile.orig	Mon May 31 20:32:49 1999
-+++ Makefile	Tue Jun  1 13:17:49 1999
-@@ -3,8 +3,8 @@
- # $Date: 1999/06/01 03:32:48 $
- #
- 
--DESTDIR= /usr/local/libexec
--CFLAGS= -Wall
-+DESTDIR= ${PREFIX}/libexec
-+CFLAGS?= -Wall
- LDFLAGS= -static
- 
- all:	tcpsuck udpsuck
-@@ -16,10 +16,10 @@
- 	@echo ''
- 
- tcpsuck: tcpsuck.o dump_pkt.o
--	cc -o tcpsuck $(LDFLAGS) tcpsuck.o dump_pkt.o
-+	${CC} ${CFLAGS} -o tcpsuck $(LDFLAGS) tcpsuck.o dump_pkt.o
- 
- udpsuck: udpsuck.o dump_pkt.o
--	cc -o udpsuck $(LDFLAGS) udpsuck.o dump_pkt.o
-+	 ${CC} ${CFLAGS} -o udpsuck $(LDFLAGS) udpsuck.o dump_pkt.o
- 
- clean:
- 	rm -f *.o *.BAK *.core tcpsuck udpsuck
diff --git a/security/pktsuckers/pkg-descr b/security/pktsuckers/pkg-descr
deleted file mode 100644
index 5994b1db9b7b..000000000000
--- a/security/pktsuckers/pkg-descr
+++ /dev/null
@@ -1,5 +0,0 @@
-The two programs tcpsuck and udpsuck run out of the Inetd daemon on
-unused ports. They log the contents of packets or connections to these
-ports. This allows you to read the contents of the network strobe
-attacks on your machine. It also slows the strobes down, as they think
-you're actually running a service on several ports when you aren't.
diff --git a/security/pktsuckers/pkg-message b/security/pktsuckers/pkg-message
deleted file mode 100644
index 2779da08d75d..000000000000
--- a/security/pktsuckers/pkg-message
+++ /dev/null
@@ -1,7 +0,0 @@
-[
-{ type: install
-  message: <<EOM
-You need to edit your inetd.conf to enable the suckers
-EOM
-}
-]
diff --git a/security/ppars/Makefile b/security/ppars/Makefile
deleted file mode 100644
index 1436eaa2e307..000000000000
--- a/security/ppars/Makefile
+++ /dev/null
@@ -1,24 +0,0 @@
-# Created by: Joe Barbish <ppars1@a1poweruser.com>
-
-PORTNAME=	ppars
-PORTVERSION=	1.2
-CATEGORIES=	security
-MASTER_SITES=	SF/${PORTNAME}
-
-MAINTAINER=	ppars1@a1poweruser.com
-COMMENT=	Proactive Probing Abuse Reporting System
-
-DEPRECATED=	Abandonware, no word of it on upstream web site
-EXPIRATION_DATE=2022-03-31
-
-RUN_DEPENDS=	p5-Net-Netmask>=0:net-mgmt/p5-Net-Netmask
-
-USES=		perl5 shebangfix tar:bzip2
-NO_BUILD=	yes
-
-SHEBANG_FILES=	*.pl
-
-do-install:
-	${INSTALL_SCRIPT} ${WRKSRC}/*.pl ${STAGEDIR}${PREFIX}/sbin
-
-.include <bsd.port.mk>
diff --git a/security/ppars/distinfo b/security/ppars/distinfo
deleted file mode 100644
index 48465d1277e1..000000000000
--- a/security/ppars/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (ppars-1.2.tar.bz2) = d576a8cac0e643526b0beac4a27e078479eed92060bad80751e4a97290bc9438
-SIZE (ppars-1.2.tar.bz2) = 11964
diff --git a/security/ppars/pkg-descr b/security/ppars/pkg-descr
deleted file mode 100644
index fe9b61b19033..000000000000
--- a/security/ppars/pkg-descr
+++ /dev/null
@@ -1,24 +0,0 @@
-Welcome to the Proactive Abuse Reporting System.
-
-In an effort to be proactive in doing my part to stop the massive
-quantities of internet traffic probing for open ports or more
-specifically the probing for known ports that Windows spy ware,
-Trojans, and what ever other Windows ports are commonly probed
-which result in increasing my bandwidth usage changes, I wrote this
-perl application for reporting that abuse to the senders ISP, with
-the hopes they will monitor the abuser and terminate the abuser's
-internet account and or take legal action.
-
-Script is installed into /usr/local/sbin where you can edit the
-defaults to meet your requirements. Issue rehash command to enable.
-Run abuse.Reporting.system.pl script for complete overview description
-of system.
-
-6/1/2004 Author: Joe Barbish, I bequeath these perl scripts to public
-domain. It can be copied and distributed for free by anyone to anyone
-by any manner.
-
-WWW: http://www.dshield.org/linux_clients.php#freebsd
-
-Joe Barbish
-fbsd_user@a1poweruser.com
diff --git a/security/ppars/pkg-message b/security/ppars/pkg-message
deleted file mode 100644
index dedbce170eb8..000000000000
--- a/security/ppars/pkg-message
+++ /dev/null
@@ -1,10 +0,0 @@
-[
-{ type: install
-  message: <<EOM
-First issue rehash command and then run  abuse.Reporting.system.pl
-it contains an overview of how the system works and how to setup the
-ipfilter log so when it's rotated all the abuse scripts will be auto
-launched.
-EOM
-}
-]
diff --git a/security/ppars/pkg-plist b/security/ppars/pkg-plist
deleted file mode 100644
index 4630bab14d6f..000000000000
--- a/security/ppars/pkg-plist
+++ /dev/null
@@ -1,5 +0,0 @@
-sbin/abuse.Reporting.system.pl
-sbin/abuse.ipflog.rotate.pl
-sbin/abuse.myisp.pl
-sbin/abuse.public.ISP0.pl
-sbin/abuse.public.ISP1.pl
diff --git a/security/pscan/Makefile b/security/pscan/Makefile
deleted file mode 100644
index dc8b5e362448..000000000000
--- a/security/pscan/Makefile
+++ /dev/null
@@ -1,25 +0,0 @@
-# Created by: Kris Kennaway <kris@FreeBSD.org>
-
-PORTNAME=	pscan
-PORTVERSION=	1.3
-CATEGORIES=	security devel
-MASTER_SITES=	http://deployingradius.com/pscan/
-DISTNAME=	${PORTNAME}
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Security C code scanner for misuse of format strings
-
-DEPRECATED=	Abandonware, last release in 2000
-EXPIRATION_DATE=2022-03-31
-
-ALL_TARGET=	#empty
-NO_WRKSUBDIR=	yes
-
-PLIST_FILES=	bin/pscan bin/find_formats
-
-do-install:
-	${INSTALL_PROGRAM} ${WRKSRC}/pscan ${STAGEDIR}${PREFIX}/bin
-	${INSTALL_SCRIPT} ${WRKSRC}/find_formats.sh \
-		${STAGEDIR}${PREFIX}/bin/find_formats
-
-.include <bsd.port.mk>
diff --git a/security/pscan/distinfo b/security/pscan/distinfo
deleted file mode 100644
index 08d90b0f52ea..000000000000
--- a/security/pscan/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (pscan.tar.gz) = 00124fa09150ceffaeed222ffee9959b2dd698336a232567fd536c463441f659
-SIZE (pscan.tar.gz) = 17332
diff --git a/security/pscan/files/patch-Makefile b/security/pscan/files/patch-Makefile
deleted file mode 100644
index 2dbd480bcd9b..000000000000
--- a/security/pscan/files/patch-Makefile
+++ /dev/null
@@ -1,18 +0,0 @@
---- Makefile.orig	Sat Sep  2 17:47:37 2000
-+++ Makefile	Sat Sep  2 17:48:38 2000
-@@ -13,11 +13,14 @@
- #CC=gcc -Wall -g
- #LEX=flex
- 
-+CC ?= gcc
-+CFLAGS ?= -O -pipe
-+
- pscan: scanner.yy.o pscan.o
- 	$(CC) scanner.yy.o pscan.o -o pscan
- 
- scanner.yy.o: scanner.yy.c
--	$(CC) -c scanner.yy.c -o scanner.yy.o
-+	$(CC) $(CFLAGS) -c scanner.yy.c -o scanner.yy.o
- 
- scanner.yy.c: scanner.l
- 	$(LEX) -t scanner.l > scanner.yy.c
diff --git a/security/pscan/pkg-descr b/security/pscan/pkg-descr
deleted file mode 100644
index 783d697995a9..000000000000
--- a/security/pscan/pkg-descr
+++ /dev/null
@@ -1,12 +0,0 @@
-PScan is a C source code security scanner, which looks for misuse of
-libc functions which use varargs and printf-style formatting
-operators. In many situations these can cause security vulnerabilities
-in the application if it runs with privileges (setugid, or listening
-to a network socket, etc).
-
-An example of the kind of situation pscan looks for is the following:
-
-  variable = "%s";                   /* or malicious user input */
-  sprintf(buffer, variable);         /* BAD! */
-
-WWW: http://deployingradius.com/pscan/
diff --git a/security/radamsa/Makefile b/security/radamsa/Makefile
deleted file mode 100644
index 2c743a98ba22..000000000000
--- a/security/radamsa/Makefile
+++ /dev/null
@@ -1,26 +0,0 @@
-# Created by: Jukka Ukkonen <jau@iki.fi>
-
-PORTNAME=	radamsa
-PORTVERSION=	0.5
-DISTVERSIONPREFIX=	v
-CATEGORIES=	security
-
-MAINTAINER=	jau@iki.fi
-COMMENT=	General purpose fuzzer
-
-LICENSE=	MIT
-LICENSE_FILE=	${WRKSRC}/LICENCE
-
-BROKEN=		fails to build: runaway build
-DEPRECATED=	Abandonware, last release in 2017 and marked as BROKEN in late 2020
-EXPIRATION_DATE=2022-03-31
-
-BUILD_DEPENDS=	ol:lang/owl-lisp
-
-USE_GITHUB=	yes
-GH_ACCOUNT=	aoh
-
-PLIST_FILES=	bin/radamsa \
-		man/man1/radamsa.1.gz
-
-.include <bsd.port.mk>
diff --git a/security/radamsa/distinfo b/security/radamsa/distinfo
deleted file mode 100644
index 7f773a0bf07e..000000000000
--- a/security/radamsa/distinfo
+++ /dev/null
@@ -1,3 +0,0 @@
-TIMESTAMP = 1510505781
-SHA256 (aoh-radamsa-v0.5_GH0.tar.gz) = 75a9df441ffe3eb177d1a9420b61a32ec9225179036115aef4ec77a17dc783fe
-SIZE (aoh-radamsa-v0.5_GH0.tar.gz) = 44857
diff --git a/security/radamsa/files/patch-Makefile b/security/radamsa/files/patch-Makefile
deleted file mode 100644
index 9886b7da85a2..000000000000
--- a/security/radamsa/files/patch-Makefile
+++ /dev/null
@@ -1,49 +0,0 @@
---- Makefile.orig	2016-07-20 19:02:29 UTC
-+++ Makefile
-@@ -1,15 +1,15 @@
- DESTDIR=
--PREFIX=/usr
-+PREFIX=/usr/local
- BINDIR=/bin
--CFLAGS=-Wall -O2
-+CFLAGS=-Wall -O3 -pipe
- OFLAGS=-O2
- OWLVERSION=0.1.12
--OWL=owl-lisp-$(OWLVERSION)/bin/vm owl-lisp-$(OWLVERSION)/fasl/init.fasl
--USR_BIN_OL=/usr/bin/ol
-+USR_BIN_OL=$(PREFIX)/bin/ol
-+OWL=$(PREFIX)/bin/ovm $(PREFIX)/share/owl-lisp/fasl/init.fasl
- 
- W32GCC=i586-mingw32msvc-gcc # sudo apt-get install mingw32 @ debian squeeze
- 
--everything: bin/radamsa
-+all everything: bin/radamsa
- 
- build_radamsa:
- 	test -x $(USR_BIN_OL)
-@@ -33,14 +33,13 @@ bin/radamsa.exe: radamsa.c
- 	$(W32GCC) $(CFLAGS) -o bin/radamsa.exe radamsa.c -lwsock32
- 
- radamsa.c: rad/*.scm
--	make get-owl
- 	$(OWL) $(OFLAGS) -o radamsa.c rad/main.scm
- 
- install: bin/radamsa
- 	-mkdir -p $(DESTDIR)$(PREFIX)/bin
- 	cp bin/radamsa $(DESTDIR)$(PREFIX)/bin
--	-mkdir -p $(DESTDIR)$(PREFIX)/share/man/man1
--	cat doc/radamsa.1 | gzip -9 > $(DESTDIR)$(PREFIX)/share/man/man1/radamsa.1.gz
-+	-mkdir -p $(DESTDIR)$(PREFIX)/man/man1
-+	cat doc/radamsa.1 | gzip -9 > $(DESTDIR)$(PREFIX)/man/man1/radamsa.1.gz
- 
- clean:
- 	-rm radamsa.c bin/radamsa .seal-of-quality
-@@ -63,7 +62,7 @@ get-owl:
- standalone:
- 	-rm radamsa.c # likely old version
- 	make radamsa.c
--   # compile without seccomp and use of syscall
-+# compile without seccomp and use of syscall
- 	diet gcc -DNO_SECCOMP -O3 -Wall -o bin/radamsa radamsa.c
- 
- # a quick to compile vanilla bytecode executable
diff --git a/security/radamsa/pkg-descr b/security/radamsa/pkg-descr
deleted file mode 100644
index af08df0023f0..000000000000
--- a/security/radamsa/pkg-descr
+++ /dev/null
@@ -1,6 +0,0 @@
-Radamsa is a generic test case generator for robustness testing, aka a fuzzer.
-It can be used to test how well a program can stand malformed and potentially
-malicious inputs. It operates on given sample inputs and thus requires minimal
-effort to set up.
-
-WWW: https://www.ee.oulu.fi/research/ouspg/Radamsa
diff --git a/security/razorback-archiveInflate/Makefile b/security/razorback-archiveInflate/Makefile
deleted file mode 100644
index 5cebe27931e2..000000000000
--- a/security/razorback-archiveInflate/Makefile
+++ /dev/null
@@ -1,45 +0,0 @@
-# Created by: Tom Judge <tom@tomjudge.com>
-
-PORTNAME=	archiveInflate
-PORTVERSION=	0.5.0
-PORTREVISION=	5
-CATEGORIES=	security
-MASTER_SITES=	SF/razorbacktm/Nuggets
-PKGNAMEPREFIX=	razorback-
-DIST_SUBDIR=	razorback
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Framework for an intelligence driven security - Archive Inflator
-
-LICENSE=	GPLv2
-LICENSE_FILE=	${WRKSRC}/LICENSE
-
-DEPRECATED=	Abandonware, last release in 2012 and listed as alpha quality by upstream
-EXPIRATION_DATE=2022-03-31
-
-LIB_DEPENDS=	librazorback_api.so:security/razorback-api \
-		libjson-c.so:devel/json-c
-BUILD_DEPENDS=	razorback-masterNugget>=0.5.0:security/razorback-masterNugget
-RUN_DEPENDS=	razorback-masterNugget>=0.5.0:security/razorback-masterNugget
-
-RB_LIBDIR?=	${PREFIX}/lib/razorback
-GNU_CONFIGURE=	yes
-USES=		autoreconf libtool pkgconfig
-USE_LDCONFIG=	${RB_LIBDIR}
-CPPFLAGS+=	-I${LOCALBASE}/include
-LDFLAGS+=	-L${LOCALBASE}/lib
-
-OPTIONS_DEFINE=	DEBUG ASSERT
-
-ASSERT_DESC=	Enable Asserts
-ASSERT_CONFIGURE_ENABLE=	assert
-DEBUG_CONFIGURE_ENABLE=	debug
-
-post-patch:
-	@${REINPLACE_CMD} '/CWARNINGS/ s|-Werror||' ${WRKSRC}/configure
-
-post-install:
-	${LN} -sf ${RB_LIBDIR}/archiveInflate.so.2 \
-		${STAGEDIR}${RB_LIBDIR}/archiveInflate.so.2.0.0
-
-.include <bsd.port.mk>
diff --git a/security/razorback-archiveInflate/distinfo b/security/razorback-archiveInflate/distinfo
deleted file mode 100644
index c069c03e5e39..000000000000
--- a/security/razorback-archiveInflate/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (razorback/archiveInflate-0.5.0.tar.gz) = d9edb5faf78daf7de117861f0cb6aec7bc7bd8e9a3bf3f27629478e6862df6e8
-SIZE (razorback/archiveInflate-0.5.0.tar.gz) = 319550
diff --git a/security/razorback-archiveInflate/files/patch-common__m4_api__deps.m4 b/security/razorback-archiveInflate/files/patch-common__m4_api__deps.m4
deleted file mode 100644
index b424f894f261..000000000000
--- a/security/razorback-archiveInflate/files/patch-common__m4_api__deps.m4
+++ /dev/null
@@ -1,11 +0,0 @@
---- common_m4/api_deps.m4.orig	2012-04-16 18:59:44 UTC
-+++ common_m4/api_deps.m4
-@@ -55,7 +55,7 @@ LIBS="$LIBCONFIG_LIBS $LIBS"
- #          [AC_MSG_ERROR("curl header file not found")]
- #     )
- 
--PKG_CHECK_MODULES([JSON], [json >= 0.9])
-+PKG_CHECK_MODULES([JSON], [json-c >= 0.9])
- 
- CFLAGS="$JSON_CFLAGS $CFLAGS"
- LIBS="$JSON_LIBS $LIBS"
diff --git a/security/razorback-archiveInflate/files/patch-common__m4_compiler__options.m4 b/security/razorback-archiveInflate/files/patch-common__m4_compiler__options.m4
deleted file mode 100644
index 8e2572727b90..000000000000
--- a/security/razorback-archiveInflate/files/patch-common__m4_compiler__options.m4
+++ /dev/null
@@ -1,11 +0,0 @@
---- common_m4/compiler_options.m4.orig	2012-01-04 18:17:09 UTC
-+++ common_m4/compiler_options.m4
-@@ -28,7 +28,7 @@ if test "$GCC" = yes ; then
- 
-     CFLAGS="$CFLAGS -std=c99 -fno-strict-aliasing"
-     CPPFLAGS="$CPPFLAGS -fno-strict-aliasing"
--    CWARNINGS="$CWARNINGS -Wall -Werror -Wwrite-strings -Wformat -fdiagnostics-show-option -Wextra -Wformat-security -Wsign-compare -Wcast-align -Wno-unused-parameter"
-+    CWARNINGS="$CWARNINGS -Wall -Wwrite-strings -Wformat -fdiagnostics-show-option -Wextra -Wformat-security -Wsign-compare -Wcast-align -Wno-unused-parameter"
-     if test "x$NOT_PEDANTIC" = "x"; then
-         CWARNINGS="$CWARNINGS -pedantic"
-     fi
diff --git a/security/razorback-archiveInflate/pkg-descr b/security/razorback-archiveInflate/pkg-descr
deleted file mode 100644
index bfa112fe6d8b..000000000000
--- a/security/razorback-archiveInflate/pkg-descr
+++ /dev/null
@@ -1,7 +0,0 @@
-Razorback is a framework for an intelligence driven security solution.
-It consists of a Dispatcher at the core of the system, surrounded by
-Nuggets of varying types.
-
-This nugget handles archive decompression.
-
-WWW: http://razorbacktm.sourceforge.net/
diff --git a/security/razorback-archiveInflate/pkg-plist b/security/razorback-archiveInflate/pkg-plist
deleted file mode 100644
index c45f1aa551f8..000000000000
--- a/security/razorback-archiveInflate/pkg-plist
+++ /dev/null
@@ -1,5 +0,0 @@
-@sample etc/razorback/archive_inflate.conf.sample
-lib/razorback/archiveInflate.so.2.0.0
-lib/razorback/archiveInflate.so.2
-lib/razorback/archiveInflate.so
-lib/razorback/archiveInflate.a
diff --git a/security/razorback-clamavNugget/Makefile b/security/razorback-clamavNugget/Makefile
deleted file mode 100644
index 81cf2adbdc0f..000000000000
--- a/security/razorback-clamavNugget/Makefile
+++ /dev/null
@@ -1,43 +0,0 @@
-# Created by: Tom Judge <tom@tomjudge.com>
-
-PORTNAME=	clamavNugget
-PORTVERSION=	0.5.0
-PORTREVISION=	6
-CATEGORIES=	security
-MASTER_SITES=	SF/razorbacktm/Nuggets
-PKGNAMEPREFIX=	razorback-
-DIST_SUBDIR=	razorback
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Framework for an intelligence driven security - ClamAV Detection
-
-DEPRECATED=	Abandonware, last release in 2012 and listed as alpha quality by upstream
-EXPIRATION_DATE=2022-03-31
-
-LICENSE=	GPLv2
-LICENSE_FILE=	${WRKSRC}/LICENSE
-
-LIB_DEPENDS=	librazorback_api.so:security/razorback-api \
-		libjson-c.so:devel/json-c \
-		libclamav.so:security/clamav
-BUILD_DEPENDS=	razorback-masterNugget>=0.5.0:security/razorback-masterNugget
-RUN_DEPENDS=	razorback-masterNugget>=0.5.0:security/razorback-masterNugget
-
-USES=		autoreconf libtool pkgconfig
-RB_LIBDIR?=	${PREFIX}/lib/razorback
-GNU_CONFIGURE=	yes
-USE_LDCONFIG=	${RB_LIBDIR}
-CPPFLAGS+=	-I${LOCALBASE}/include
-LDFLAGS+=	-L${LOCALBASE}/lib
-
-OPTIONS_DEFINE=	DEBUG ASSERT
-
-ASSERT_DESC=	Enable Asserts
-ASSERT_CONFIGURE_ENABLE=	assert
-DEBUG_CONFIGURE_ENABLE=	debug
-
-post-install:
-	${LN} -sf ${RB_LIBDIR}/clamavNugget.so.2 \
-		${STAGEDIR}${RB_LIBDIR}/clamavNugget.so.2.0.0
-
-.include <bsd.port.mk>
diff --git a/security/razorback-clamavNugget/distinfo b/security/razorback-clamavNugget/distinfo
deleted file mode 100644
index 1ce74656457f..000000000000
--- a/security/razorback-clamavNugget/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (razorback/clamavNugget-0.5.0.tar.gz) = 22889075decf957337856be03bca6d88a259b9c73e4cd874a79bdea00b4602e5
-SIZE (razorback/clamavNugget-0.5.0.tar.gz) = 318507
diff --git a/security/razorback-clamavNugget/files/patch-common__m4_api__deps.m4 b/security/razorback-clamavNugget/files/patch-common__m4_api__deps.m4
deleted file mode 100644
index b424f894f261..000000000000
--- a/security/razorback-clamavNugget/files/patch-common__m4_api__deps.m4
+++ /dev/null
@@ -1,11 +0,0 @@
---- common_m4/api_deps.m4.orig	2012-04-16 18:59:44 UTC
-+++ common_m4/api_deps.m4
-@@ -55,7 +55,7 @@ LIBS="$LIBCONFIG_LIBS $LIBS"
- #          [AC_MSG_ERROR("curl header file not found")]
- #     )
- 
--PKG_CHECK_MODULES([JSON], [json >= 0.9])
-+PKG_CHECK_MODULES([JSON], [json-c >= 0.9])
- 
- CFLAGS="$JSON_CFLAGS $CFLAGS"
- LIBS="$JSON_LIBS $LIBS"
diff --git a/security/razorback-clamavNugget/files/patch-common__m4_compiler__options.m4 b/security/razorback-clamavNugget/files/patch-common__m4_compiler__options.m4
deleted file mode 100644
index 8e2572727b90..000000000000
--- a/security/razorback-clamavNugget/files/patch-common__m4_compiler__options.m4
+++ /dev/null
@@ -1,11 +0,0 @@
---- common_m4/compiler_options.m4.orig	2012-01-04 18:17:09 UTC
-+++ common_m4/compiler_options.m4
-@@ -28,7 +28,7 @@ if test "$GCC" = yes ; then
- 
-     CFLAGS="$CFLAGS -std=c99 -fno-strict-aliasing"
-     CPPFLAGS="$CPPFLAGS -fno-strict-aliasing"
--    CWARNINGS="$CWARNINGS -Wall -Werror -Wwrite-strings -Wformat -fdiagnostics-show-option -Wextra -Wformat-security -Wsign-compare -Wcast-align -Wno-unused-parameter"
-+    CWARNINGS="$CWARNINGS -Wall -Wwrite-strings -Wformat -fdiagnostics-show-option -Wextra -Wformat-security -Wsign-compare -Wcast-align -Wno-unused-parameter"
-     if test "x$NOT_PEDANTIC" = "x"; then
-         CWARNINGS="$CWARNINGS -pedantic"
-     fi
diff --git a/security/razorback-clamavNugget/pkg-descr b/security/razorback-clamavNugget/pkg-descr
deleted file mode 100644
index a48c48275c5f..000000000000
--- a/security/razorback-clamavNugget/pkg-descr
+++ /dev/null
@@ -1,7 +0,0 @@
-Razorback is a framework for an intelligence driven security solution.
-It consists of a Dispatcher at the core of the system, surrounded by
-Nuggets of varying types.
-
-This nugget provides ClamAV integration.
-
-WWW: http://razorbacktm.sourceforge.net/
diff --git a/security/razorback-clamavNugget/pkg-plist b/security/razorback-clamavNugget/pkg-plist
deleted file mode 100644
index f4a89216d91c..000000000000
--- a/security/razorback-clamavNugget/pkg-plist
+++ /dev/null
@@ -1,5 +0,0 @@
-@sample etc/razorback/clamav.conf.sample
-lib/razorback/clamavNugget.so.2.0.0
-lib/razorback/clamavNugget.so.2
-lib/razorback/clamavNugget.so
-lib/razorback/clamavNugget.a
diff --git a/security/razorback-fileInject/Makefile b/security/razorback-fileInject/Makefile
deleted file mode 100644
index 0fef4c90b711..000000000000
--- a/security/razorback-fileInject/Makefile
+++ /dev/null
@@ -1,33 +0,0 @@
-# Created by: Tom Judge <tom@tomjudge.com>
-
-PORTNAME=	fileInject
-PORTVERSION=	0.5.0
-PORTREVISION=	4
-CATEGORIES=	security
-MASTER_SITES=	SF/razorbacktm/Nuggets
-PKGNAMEPREFIX=	razorback-
-DIST_SUBDIR=	razorback
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Framework for an intelligence driven security - File Injector
-
-LICENSE=	GPLv2
-LICENSE_FILE=	${WRKSRC}/LICENSE
-
-DEPRECATED=	Abandonware, last release in 2012 and listed as alpha quality by upstream
-EXPIRATION_DATE=2022-03-31
-
-LIB_DEPENDS=	librazorback_api.so:security/razorback-api \
-		libjson-c.so:devel/json-c
-
-OPTIONS_DEFINE=	DEBUG ASSERT
-
-GNU_CONFIGURE=	yes
-USES=		autoreconf pkgconfig libtool
-CPPFLAGS+=	-I${LOCALBASE}/include
-LDFLAGS+=	-L${LOCALBASE}/lib
-
-DEBUG_CONFIGURE_ENABLE=	debug
-ASSERT_CONFIGURE_ENABLE=assert
-
-.include <bsd.port.mk>
diff --git a/security/razorback-fileInject/distinfo b/security/razorback-fileInject/distinfo
deleted file mode 100644
index a2d2ab39bc79..000000000000
--- a/security/razorback-fileInject/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (razorback/fileInject-0.5.0.tar.gz) = aef94c80e3adf299f4a3f70c3d9ad796273bcddfab8f8e30308630c13e0da4c1
-SIZE (razorback/fileInject-0.5.0.tar.gz) = 315157
diff --git a/security/razorback-fileInject/files/patch-common__m4_api__deps.m4 b/security/razorback-fileInject/files/patch-common__m4_api__deps.m4
deleted file mode 100644
index b424f894f261..000000000000
--- a/security/razorback-fileInject/files/patch-common__m4_api__deps.m4
+++ /dev/null
@@ -1,11 +0,0 @@
---- common_m4/api_deps.m4.orig	2012-04-16 18:59:44 UTC
-+++ common_m4/api_deps.m4
-@@ -55,7 +55,7 @@ LIBS="$LIBCONFIG_LIBS $LIBS"
- #          [AC_MSG_ERROR("curl header file not found")]
- #     )
- 
--PKG_CHECK_MODULES([JSON], [json >= 0.9])
-+PKG_CHECK_MODULES([JSON], [json-c >= 0.9])
- 
- CFLAGS="$JSON_CFLAGS $CFLAGS"
- LIBS="$JSON_LIBS $LIBS"
diff --git a/security/razorback-fileInject/files/patch-common__m4_compiler__options.m4 b/security/razorback-fileInject/files/patch-common__m4_compiler__options.m4
deleted file mode 100644
index 8e2572727b90..000000000000
--- a/security/razorback-fileInject/files/patch-common__m4_compiler__options.m4
+++ /dev/null
@@ -1,11 +0,0 @@
---- common_m4/compiler_options.m4.orig	2012-01-04 18:17:09 UTC
-+++ common_m4/compiler_options.m4
-@@ -28,7 +28,7 @@ if test "$GCC" = yes ; then
- 
-     CFLAGS="$CFLAGS -std=c99 -fno-strict-aliasing"
-     CPPFLAGS="$CPPFLAGS -fno-strict-aliasing"
--    CWARNINGS="$CWARNINGS -Wall -Werror -Wwrite-strings -Wformat -fdiagnostics-show-option -Wextra -Wformat-security -Wsign-compare -Wcast-align -Wno-unused-parameter"
-+    CWARNINGS="$CWARNINGS -Wall -Wwrite-strings -Wformat -fdiagnostics-show-option -Wextra -Wformat-security -Wsign-compare -Wcast-align -Wno-unused-parameter"
-     if test "x$NOT_PEDANTIC" = "x"; then
-         CWARNINGS="$CWARNINGS -pedantic"
-     fi
diff --git a/security/razorback-fileInject/pkg-descr b/security/razorback-fileInject/pkg-descr
deleted file mode 100644
index 5c30a29f4a3e..000000000000
--- a/security/razorback-fileInject/pkg-descr
+++ /dev/null
@@ -1,8 +0,0 @@
-Razorback is a framework for an intelligence driven security solution.
-It consists of a Dispatcher at the core of the system, surrounded by
-Nuggets of varying types.
-
-File Inject is a command-line file submission tool for the razorback
-framework.
-
-WWW: http://razorbacktm.sourceforge.net/
diff --git a/security/razorback-fileInject/pkg-plist b/security/razorback-fileInject/pkg-plist
deleted file mode 100644
index 353697b90425..000000000000
--- a/security/razorback-fileInject/pkg-plist
+++ /dev/null
@@ -1,2 +0,0 @@
-bin/fileInject
-etc/razorback/fileInject.conf.sample
diff --git a/security/razorback-fsMonitor/Makefile b/security/razorback-fsMonitor/Makefile
deleted file mode 100644
index 0ba2b52091b4..000000000000
--- a/security/razorback-fsMonitor/Makefile
+++ /dev/null
@@ -1,34 +0,0 @@
-# Created by: Tom Judge <tom@tomjudge.com>
-
-PORTNAME=	fsMonitor
-PORTVERSION=	0.5.0
-PORTREVISION=	4
-CATEGORIES=	security
-MASTER_SITES=	SF/razorbacktm/Nuggets
-PKGNAMEPREFIX=	razorback-
-DIST_SUBDIR=	razorback
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Framework for an intelligence driven security - File System Monitor
-
-LICENSE=	GPLv2
-LICENSE_FILE=	${WRKSRC}/LICENSE
-
-DEPRECATED=	Abandonware, last release in 2012 and listed as alpha quality by upstream
-EXPIRATION_DATE=2022-03-31
-
-LIB_DEPENDS=	librazorback_api.so:security/razorback-api \
-		libjson-c.so:devel/json-c \
-		libfam.so:devel/fam
-
-USES=		autoreconf libtool pkgconfig
-GNU_CONFIGURE=	yes
-CPPFLAGS+=	-I${LOCALBASE}/include
-LDFLAGS+=	-L${LOCALBASE}/lib
-
-OPTIONS_DEFINE=	DEBUG ASSERT
-
-ASSERT_CONFIGURE_ENABLE=	assert
-DEBUG_CONFIGURE_ENABLE=	debug
-
-.include <bsd.port.mk>
diff --git a/security/razorback-fsMonitor/distinfo b/security/razorback-fsMonitor/distinfo
deleted file mode 100644
index b17ae2f98244..000000000000
--- a/security/razorback-fsMonitor/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (razorback/fsMonitor-0.5.0.tar.gz) = c339b66e73b2d48bb5ff1b581d2de07d8bd1e2da44cdf3a4e28cfeab66981f79
-SIZE (razorback/fsMonitor-0.5.0.tar.gz) = 318887
diff --git a/security/razorback-fsMonitor/files/patch-common__m4_api__deps.m4 b/security/razorback-fsMonitor/files/patch-common__m4_api__deps.m4
deleted file mode 100644
index b424f894f261..000000000000
--- a/security/razorback-fsMonitor/files/patch-common__m4_api__deps.m4
+++ /dev/null
@@ -1,11 +0,0 @@
---- common_m4/api_deps.m4.orig	2012-04-16 18:59:44 UTC
-+++ common_m4/api_deps.m4
-@@ -55,7 +55,7 @@ LIBS="$LIBCONFIG_LIBS $LIBS"
- #          [AC_MSG_ERROR("curl header file not found")]
- #     )
- 
--PKG_CHECK_MODULES([JSON], [json >= 0.9])
-+PKG_CHECK_MODULES([JSON], [json-c >= 0.9])
- 
- CFLAGS="$JSON_CFLAGS $CFLAGS"
- LIBS="$JSON_LIBS $LIBS"
diff --git a/security/razorback-fsMonitor/files/patch-common__m4_compiler__options.m4 b/security/razorback-fsMonitor/files/patch-common__m4_compiler__options.m4
deleted file mode 100644
index 8e2572727b90..000000000000
--- a/security/razorback-fsMonitor/files/patch-common__m4_compiler__options.m4
+++ /dev/null
@@ -1,11 +0,0 @@
---- common_m4/compiler_options.m4.orig	2012-01-04 18:17:09 UTC
-+++ common_m4/compiler_options.m4
-@@ -28,7 +28,7 @@ if test "$GCC" = yes ; then
- 
-     CFLAGS="$CFLAGS -std=c99 -fno-strict-aliasing"
-     CPPFLAGS="$CPPFLAGS -fno-strict-aliasing"
--    CWARNINGS="$CWARNINGS -Wall -Werror -Wwrite-strings -Wformat -fdiagnostics-show-option -Wextra -Wformat-security -Wsign-compare -Wcast-align -Wno-unused-parameter"
-+    CWARNINGS="$CWARNINGS -Wall -Wwrite-strings -Wformat -fdiagnostics-show-option -Wextra -Wformat-security -Wsign-compare -Wcast-align -Wno-unused-parameter"
-     if test "x$NOT_PEDANTIC" = "x"; then
-         CWARNINGS="$CWARNINGS -pedantic"
-     fi
diff --git a/security/razorback-fsMonitor/pkg-descr b/security/razorback-fsMonitor/pkg-descr
deleted file mode 100644
index 3742c9ac8e1a..000000000000
--- a/security/razorback-fsMonitor/pkg-descr
+++ /dev/null
@@ -1,8 +0,0 @@
-Razorback is a framework for an intelligence driven security solution.
-It consists of a Dispatcher at the core of the system, surrounded by
-Nuggets of varying types.
-
-This nugget uses inotify to monitor any number of file system paths
-and send any changed or created files to the dispatcher for collection.
-
-WWW: http://razorbacktm.sourceforge.net/
diff --git a/security/razorback-fsMonitor/pkg-plist b/security/razorback-fsMonitor/pkg-plist
deleted file mode 100644
index a9ea6cb50ad9..000000000000
--- a/security/razorback-fsMonitor/pkg-plist
+++ /dev/null
@@ -1,2 +0,0 @@
-bin/fsMonitor
-@sample etc/razorback/fsMonitor.conf.sample
diff --git a/security/razorback-fsWalk/Makefile b/security/razorback-fsWalk/Makefile
deleted file mode 100644
index 052153dbd340..000000000000
--- a/security/razorback-fsWalk/Makefile
+++ /dev/null
@@ -1,33 +0,0 @@
-# Created by: Tom Judge <tom@tomjudge.com>
-
-PORTNAME=	fsWalk
-PORTVERSION=	0.5.0
-PORTREVISION=	4
-CATEGORIES=	security
-MASTER_SITES=	SF/razorbacktm/Nuggets
-PKGNAMEPREFIX=	razorback-
-DIST_SUBDIR=	razorback
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Framework for an intelligence driven security - File System Walker
-
-LICENSE=	GPLv2
-LICENSE_FILE=	${WRKSRC}/LICENSE
-
-DEPRECATED=	Abandonware, last release in 2012 and listed as alpha quality by upstream
-EXPIRATION_DATE=2022-03-31
-
-LIB_DEPENDS=	librazorback_api.so:security/razorback-api \
-		libjson-c.so:devel/json-c
-
-GNU_CONFIGURE=	yes
-USES=		autoreconf libtool pkgconfig
-CPPFLAGS+=	-I${LOCALBASE}/include
-LDFLAGS+=	-L${LOCALBASE}/lib
-
-OPTIONS_DEFINE=	DEBUG ASSERT
-
-ASSERT_CONFIGURE_ENABLE=	assert
-DEBUG_CONFIGURE_ENABLE=	debug
-
-.include <bsd.port.mk>
diff --git a/security/razorback-fsWalk/distinfo b/security/razorback-fsWalk/distinfo
deleted file mode 100644
index b94cf81882a5..000000000000
--- a/security/razorback-fsWalk/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (razorback/fsWalk-0.5.0.tar.gz) = 044240868fc04bad3c2e0eb2fa69ef9778ba51a479651d9592821b2ef742c1d0
-SIZE (razorback/fsWalk-0.5.0.tar.gz) = 315222
diff --git a/security/razorback-fsWalk/files/patch-common__m4_api__deps.m4 b/security/razorback-fsWalk/files/patch-common__m4_api__deps.m4
deleted file mode 100644
index b424f894f261..000000000000
--- a/security/razorback-fsWalk/files/patch-common__m4_api__deps.m4
+++ /dev/null
@@ -1,11 +0,0 @@
---- common_m4/api_deps.m4.orig	2012-04-16 18:59:44 UTC
-+++ common_m4/api_deps.m4
-@@ -55,7 +55,7 @@ LIBS="$LIBCONFIG_LIBS $LIBS"
- #          [AC_MSG_ERROR("curl header file not found")]
- #     )
- 
--PKG_CHECK_MODULES([JSON], [json >= 0.9])
-+PKG_CHECK_MODULES([JSON], [json-c >= 0.9])
- 
- CFLAGS="$JSON_CFLAGS $CFLAGS"
- LIBS="$JSON_LIBS $LIBS"
diff --git a/security/razorback-fsWalk/files/patch-common__m4_compiler__options.m4 b/security/razorback-fsWalk/files/patch-common__m4_compiler__options.m4
deleted file mode 100644
index 8e2572727b90..000000000000
--- a/security/razorback-fsWalk/files/patch-common__m4_compiler__options.m4
+++ /dev/null
@@ -1,11 +0,0 @@
---- common_m4/compiler_options.m4.orig	2012-01-04 18:17:09 UTC
-+++ common_m4/compiler_options.m4
-@@ -28,7 +28,7 @@ if test "$GCC" = yes ; then
- 
-     CFLAGS="$CFLAGS -std=c99 -fno-strict-aliasing"
-     CPPFLAGS="$CPPFLAGS -fno-strict-aliasing"
--    CWARNINGS="$CWARNINGS -Wall -Werror -Wwrite-strings -Wformat -fdiagnostics-show-option -Wextra -Wformat-security -Wsign-compare -Wcast-align -Wno-unused-parameter"
-+    CWARNINGS="$CWARNINGS -Wall -Wwrite-strings -Wformat -fdiagnostics-show-option -Wextra -Wformat-security -Wsign-compare -Wcast-align -Wno-unused-parameter"
-     if test "x$NOT_PEDANTIC" = "x"; then
-         CWARNINGS="$CWARNINGS -pedantic"
-     fi
diff --git a/security/razorback-fsWalk/pkg-descr b/security/razorback-fsWalk/pkg-descr
deleted file mode 100644
index 3742c9ac8e1a..000000000000
--- a/security/razorback-fsWalk/pkg-descr
+++ /dev/null
@@ -1,8 +0,0 @@
-Razorback is a framework for an intelligence driven security solution.
-It consists of a Dispatcher at the core of the system, surrounded by
-Nuggets of varying types.
-
-This nugget uses inotify to monitor any number of file system paths
-and send any changed or created files to the dispatcher for collection.
-
-WWW: http://razorbacktm.sourceforge.net/
diff --git a/security/razorback-fsWalk/pkg-plist b/security/razorback-fsWalk/pkg-plist
deleted file mode 100644
index 698df32aea89..000000000000
--- a/security/razorback-fsWalk/pkg-plist
+++ /dev/null
@@ -1,2 +0,0 @@
-bin/fsWalk
-@sample etc/razorback/fsWalk.conf.sample
diff --git a/security/razorback-officeCat/Makefile b/security/razorback-officeCat/Makefile
deleted file mode 100644
index 5e96953f535e..000000000000
--- a/security/razorback-officeCat/Makefile
+++ /dev/null
@@ -1,43 +0,0 @@
-# Created by: Tom Judge <tom@tomjudge.com>
-
-PORTNAME=	officeCat
-PORTVERSION=	0.5.0
-PORTREVISION=	6
-CATEGORIES=	security
-MASTER_SITES=	SF/razorbacktm/Nuggets
-PKGNAMEPREFIX=	razorback-
-DIST_SUBDIR=	razorback
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Framework for an intelligence driven security - OfficeCat Detection
-
-LICENSE=	GPLv2
-LICENSE_FILE=	${WRKSRC}/LICENSE
-
-DEPRECATED=	Abandonware, last release in 2012 and listed as alpha quality by upstream
-EXPIRATION_DATE=2022-03-31
-
-LIB_DEPENDS=	librazorback_api.so:security/razorback-api \
-		libjson-c.so:devel/json-c
-BUILD_DEPENDS=	razorback-masterNugget>=0.5.0:security/razorback-masterNugget \
-		wine:emulators/wine
-RUN_DEPENDS=	razorback-masterNugget>=0.5.0:security/razorback-masterNugget \
-		wine:emulators/wine
-
-USES=		autoreconf libtool pkgconfig
-
-ONLY_FOR_ARCHS=	i386
-ONLY_FOR_ARCHS_REASON=	only supported under i386 due to wine requirements
-
-RB_LIBDIR?=	${PREFIX}/lib/razorback
-GNU_CONFIGURE=	yes
-USE_LDCONFIG=	${RB_LIBDIR}
-INSTALL_TARGET=	install-strip
-
-OPTIONS_DEFINE=	DEBUG ASSERT
-ASSERT_DESC=	Enable Asserts
-
-DEBUG_CONFIGURE_ENABLE=	debug
-ASSERT_CONFIGURE_ENABLE=assert
-
-.include <bsd.port.mk>
diff --git a/security/razorback-officeCat/distinfo b/security/razorback-officeCat/distinfo
deleted file mode 100644
index 8eac0f036ab9..000000000000
--- a/security/razorback-officeCat/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (razorback/officeCat-0.5.0.tar.gz) = 4859ae46311b0da42631fec55056a866e06944e30a418c52c9b2b4d6259dc6e8
-SIZE (razorback/officeCat-0.5.0.tar.gz) = 453252
diff --git a/security/razorback-officeCat/files/patch-common__m4_api__deps.m4 b/security/razorback-officeCat/files/patch-common__m4_api__deps.m4
deleted file mode 100644
index b424f894f261..000000000000
--- a/security/razorback-officeCat/files/patch-common__m4_api__deps.m4
+++ /dev/null
@@ -1,11 +0,0 @@
---- common_m4/api_deps.m4.orig	2012-04-16 18:59:44 UTC
-+++ common_m4/api_deps.m4
-@@ -55,7 +55,7 @@ LIBS="$LIBCONFIG_LIBS $LIBS"
- #          [AC_MSG_ERROR("curl header file not found")]
- #     )
- 
--PKG_CHECK_MODULES([JSON], [json >= 0.9])
-+PKG_CHECK_MODULES([JSON], [json-c >= 0.9])
- 
- CFLAGS="$JSON_CFLAGS $CFLAGS"
- LIBS="$JSON_LIBS $LIBS"
diff --git a/security/razorback-officeCat/files/patch-common__m4_compiler__options.m4 b/security/razorback-officeCat/files/patch-common__m4_compiler__options.m4
deleted file mode 100644
index 8e2572727b90..000000000000
--- a/security/razorback-officeCat/files/patch-common__m4_compiler__options.m4
+++ /dev/null
@@ -1,11 +0,0 @@
---- common_m4/compiler_options.m4.orig	2012-01-04 18:17:09 UTC
-+++ common_m4/compiler_options.m4
-@@ -28,7 +28,7 @@ if test "$GCC" = yes ; then
- 
-     CFLAGS="$CFLAGS -std=c99 -fno-strict-aliasing"
-     CPPFLAGS="$CPPFLAGS -fno-strict-aliasing"
--    CWARNINGS="$CWARNINGS -Wall -Werror -Wwrite-strings -Wformat -fdiagnostics-show-option -Wextra -Wformat-security -Wsign-compare -Wcast-align -Wno-unused-parameter"
-+    CWARNINGS="$CWARNINGS -Wall -Wwrite-strings -Wformat -fdiagnostics-show-option -Wextra -Wformat-security -Wsign-compare -Wcast-align -Wno-unused-parameter"
-     if test "x$NOT_PEDANTIC" = "x"; then
-         CWARNINGS="$CWARNINGS -pedantic"
-     fi
diff --git a/security/razorback-officeCat/pkg-descr b/security/razorback-officeCat/pkg-descr
deleted file mode 100644
index 46333295691d..000000000000
--- a/security/razorback-officeCat/pkg-descr
+++ /dev/null
@@ -1,9 +0,0 @@
-Razorback is a framework for an intelligence driven security solution.
-It consists of a Dispatcher at the core of the system, surrounded by
-Nuggets of varying types.
-
-The OfficeCat nugget provides the ability to examine Microsoft
-Office documents to determine the presence of potential exploit
-conditions in the file.
-
-WWW: http://razorbacktm.sourceforge.net/
diff --git a/security/razorback-officeCat/pkg-plist b/security/razorback-officeCat/pkg-plist
deleted file mode 100644
index 402a60abae9c..000000000000
--- a/security/razorback-officeCat/pkg-plist
+++ /dev/null
@@ -1,8 +0,0 @@
-etc/razorback/officecat.conf.sample
-lib/razorback/officeCat.so.2.0.0
-lib/razorback/officeCat.so.2
-lib/razorback/officeCat.so
-lib/razorback/officeCat.a
-libexec/razorback/officeCat/officecat.exe
-libexec/razorback/officeCat/officecat.exe.so
-libexec/razorback/officeCat/officecat.exe.exe.so
diff --git a/security/razorback-pdfFox/Makefile b/security/razorback-pdfFox/Makefile
deleted file mode 100644
index a04b2ea13644..000000000000
--- a/security/razorback-pdfFox/Makefile
+++ /dev/null
@@ -1,44 +0,0 @@
-# Created by: Tom Judge <tom@tomjudge.com>
-
-PORTNAME=	pdfFox
-PORTVERSION=	0.5.0
-PORTREVISION=	5
-CATEGORIES=	security
-MASTER_SITES=	SF/razorbacktm/Nuggets
-PKGNAMEPREFIX=	razorback-
-DIST_SUBDIR=	razorback
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Framework for an intelligence driven security - PDF Fox
-
-LICENSE=	GPLv2
-LICENSE_FILE=	${WRKSRC}/LICENSE
-
-DEPRECATED=	Abandonware, last release in 2012 and listed as alpha quality by upstream
-EXPIRATION_DATE=2022-03-31
-
-LIB_DEPENDS=	librazorback_api.so:security/razorback-api \
-		libjson-c.so:devel/json-c
-BUILD_DEPENDS=	razorback-masterNugget>=0.5.0:security/razorback-masterNugget
-RUN_DEPENDS=	razorback-masterNugget>=0.5.0:security/razorback-masterNugget
-
-RB_LIBDIR?=	${PREFIX}/lib/razorback
-GNU_CONFIGURE=	yes
-USES=		autoreconf libtool pkgconfig
-USE_LDCONFIG=	${RB_LIBDIR}
-CPPFLAGS+=	-I${LOCALBASE}/include
-LDFLAGS+=	-L${LOCALBASE}/lib
-
-OPTIONS_DEFINE=	DEBUG ASSERT
-
-ASSERT_DESC=	Enable Asserts
-ASSERT_CONFIGURE_ENABLE=	assert
-DEBUG_CONFIGURE_ENABLE=	debug
-
-post-patch:
-	@${REINPLACE_CMD} '/CWARNINGS/ s|-Werror||' ${WRKSRC}/configure
-
-post-install:
-	${LN} -sf ${RB_LIBDIR}/pdfFox.so.2 ${STAGEDIR}${RB_LIBDIR}/pdfFox.so.2.0.0
-
-.include <bsd.port.mk>
diff --git a/security/razorback-pdfFox/distinfo b/security/razorback-pdfFox/distinfo
deleted file mode 100644
index 7dce9ae28e2b..000000000000
--- a/security/razorback-pdfFox/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (razorback/pdfFox-0.5.0.tar.gz) = 41dedc45791534d3b62b2915ffa1bea7d9bc6a79f6f4d42100846bb49c525358
-SIZE (razorback/pdfFox-0.5.0.tar.gz) = 340417
diff --git a/security/razorback-pdfFox/files/patch-common__m4_api__deps.m4 b/security/razorback-pdfFox/files/patch-common__m4_api__deps.m4
deleted file mode 100644
index b424f894f261..000000000000
--- a/security/razorback-pdfFox/files/patch-common__m4_api__deps.m4
+++ /dev/null
@@ -1,11 +0,0 @@
---- common_m4/api_deps.m4.orig	2012-04-16 18:59:44 UTC
-+++ common_m4/api_deps.m4
-@@ -55,7 +55,7 @@ LIBS="$LIBCONFIG_LIBS $LIBS"
- #          [AC_MSG_ERROR("curl header file not found")]
- #     )
- 
--PKG_CHECK_MODULES([JSON], [json >= 0.9])
-+PKG_CHECK_MODULES([JSON], [json-c >= 0.9])
- 
- CFLAGS="$JSON_CFLAGS $CFLAGS"
- LIBS="$JSON_LIBS $LIBS"
diff --git a/security/razorback-pdfFox/files/patch-common__m4_compiler__options.m4 b/security/razorback-pdfFox/files/patch-common__m4_compiler__options.m4
deleted file mode 100644
index 8e2572727b90..000000000000
--- a/security/razorback-pdfFox/files/patch-common__m4_compiler__options.m4
+++ /dev/null
@@ -1,11 +0,0 @@
---- common_m4/compiler_options.m4.orig	2012-01-04 18:17:09 UTC
-+++ common_m4/compiler_options.m4
-@@ -28,7 +28,7 @@ if test "$GCC" = yes ; then
- 
-     CFLAGS="$CFLAGS -std=c99 -fno-strict-aliasing"
-     CPPFLAGS="$CPPFLAGS -fno-strict-aliasing"
--    CWARNINGS="$CWARNINGS -Wall -Werror -Wwrite-strings -Wformat -fdiagnostics-show-option -Wextra -Wformat-security -Wsign-compare -Wcast-align -Wno-unused-parameter"
-+    CWARNINGS="$CWARNINGS -Wall -Wwrite-strings -Wformat -fdiagnostics-show-option -Wextra -Wformat-security -Wsign-compare -Wcast-align -Wno-unused-parameter"
-     if test "x$NOT_PEDANTIC" = "x"; then
-         CWARNINGS="$CWARNINGS -pedantic"
-     fi
diff --git a/security/razorback-pdfFox/pkg-descr b/security/razorback-pdfFox/pkg-descr
deleted file mode 100644
index 36931779eb82..000000000000
--- a/security/razorback-pdfFox/pkg-descr
+++ /dev/null
@@ -1,8 +0,0 @@
-Razorback is a framework for an intelligence driven security solution.
-It consists of a Dispatcher at the core of the system, surrounded by
-Nuggets of varying types.
-
-This nugget is an open-source PDF analyzer that does not require an
-external commercial application to function.
-
-WWW: http://razorbacktm.sourceforge.net/
diff --git a/security/razorback-pdfFox/pkg-plist b/security/razorback-pdfFox/pkg-plist
deleted file mode 100644
index e1ca351fc7f2..000000000000
--- a/security/razorback-pdfFox/pkg-plist
+++ /dev/null
@@ -1,5 +0,0 @@
-@sample etc/razorback/pdffox.conf.sample
-lib/razorback/pdfFox.so.2.0.0
-lib/razorback/pdfFox.so.2
-lib/razorback/pdfFox.so
-lib/razorback/pdfFox.a
diff --git a/security/razorback-scriptNugget/Makefile b/security/razorback-scriptNugget/Makefile
deleted file mode 100644
index b5f91e9fd898..000000000000
--- a/security/razorback-scriptNugget/Makefile
+++ /dev/null
@@ -1,45 +0,0 @@
-# Created by: Tom Judge <tom@tomjudge.com>
-
-PORTNAME=	scriptNugget
-PORTVERSION=	0.5.0
-PORTREVISION=	7
-CATEGORIES=	security
-MASTER_SITES=	SF/razorbacktm/Nuggets
-PKGNAMEPREFIX=	razorback-
-DIST_SUBDIR=	razorback
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Framework for an intelligence driven security - Scripting Interface
-
-LICENSE=	GPLv2
-LICENSE_FILE=	${WRKSRC}/LICENSE
-
-DEPRECATED=	Abandonware, last release in 2012 and listed as alpha quality by upstream
-EXPIRATION_DATE=2022-03-31
-
-LIB_DEPENDS=	librazorback_api.so:security/razorback-api \
-		libjson-c.so:devel/json-c
-BUILD_DEPENDS=	razorback-masterNugget>=0.5.0:security/razorback-masterNugget
-RUN_DEPENDS=	razorback-masterNugget>=0.5.0:security/razorback-masterNugget \
-		rubygem-razorback-scriptNugget>=0.5.0:security/rubygem-razorback-scriptNugget
-
-RB_LIBDIR?=	${PREFIX}/lib/razorback
-USES=		autoreconf gnome libtool pkgconfig
-USE_GNOME=	libxml2
-GNU_CONFIGURE=	yes
-CONFIGURE_ARGS=	--disable-ruby
-USE_LDCONFIG=	${RB_LIBDIR}
-CPPFLAGS+=	-I${LOCALBASE}/include
-LDFLAGS+=	-L${LOCALBASE}/lib
-
-OPTIONS_DEFINE=	DEBUG ASSERT
-
-ASSERT_DESC=	Enable Asserts
-ASSERT_CONFIGURE_ENABLE=	assert
-DEBUG_CONFIGURE_ENABLE=	debug
-
-post-install:
-	${LN} -sf ${RB_LIBDIR}/scriptNugget.so.2 \
-		${STAGEDIR}${RB_LIBDIR}/scriptNugget.so.2.0.0
-
-.include <bsd.port.mk>
diff --git a/security/razorback-scriptNugget/distinfo b/security/razorback-scriptNugget/distinfo
deleted file mode 100644
index 12e7cbfe8e27..000000000000
--- a/security/razorback-scriptNugget/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (razorback/scriptNugget-0.5.0.tar.gz) = bbea457e76051a90476169fe2008a84adaf0453d1cce6a0996498779db495d08
-SIZE (razorback/scriptNugget-0.5.0.tar.gz) = 324958
diff --git a/security/razorback-scriptNugget/files/patch-common__m4_api__deps.m4 b/security/razorback-scriptNugget/files/patch-common__m4_api__deps.m4
deleted file mode 100644
index b424f894f261..000000000000
--- a/security/razorback-scriptNugget/files/patch-common__m4_api__deps.m4
+++ /dev/null
@@ -1,11 +0,0 @@
---- common_m4/api_deps.m4.orig	2012-04-16 18:59:44 UTC
-+++ common_m4/api_deps.m4
-@@ -55,7 +55,7 @@ LIBS="$LIBCONFIG_LIBS $LIBS"
- #          [AC_MSG_ERROR("curl header file not found")]
- #     )
- 
--PKG_CHECK_MODULES([JSON], [json >= 0.9])
-+PKG_CHECK_MODULES([JSON], [json-c >= 0.9])
- 
- CFLAGS="$JSON_CFLAGS $CFLAGS"
- LIBS="$JSON_LIBS $LIBS"
diff --git a/security/razorback-scriptNugget/files/patch-common__m4_compiler__options.m4 b/security/razorback-scriptNugget/files/patch-common__m4_compiler__options.m4
deleted file mode 100644
index 8e2572727b90..000000000000
--- a/security/razorback-scriptNugget/files/patch-common__m4_compiler__options.m4
+++ /dev/null
@@ -1,11 +0,0 @@
---- common_m4/compiler_options.m4.orig	2012-01-04 18:17:09 UTC
-+++ common_m4/compiler_options.m4
-@@ -28,7 +28,7 @@ if test "$GCC" = yes ; then
- 
-     CFLAGS="$CFLAGS -std=c99 -fno-strict-aliasing"
-     CPPFLAGS="$CPPFLAGS -fno-strict-aliasing"
--    CWARNINGS="$CWARNINGS -Wall -Werror -Wwrite-strings -Wformat -fdiagnostics-show-option -Wextra -Wformat-security -Wsign-compare -Wcast-align -Wno-unused-parameter"
-+    CWARNINGS="$CWARNINGS -Wall -Wwrite-strings -Wformat -fdiagnostics-show-option -Wextra -Wformat-security -Wsign-compare -Wcast-align -Wno-unused-parameter"
-     if test "x$NOT_PEDANTIC" = "x"; then
-         CWARNINGS="$CWARNINGS -pedantic"
-     fi
diff --git a/security/razorback-scriptNugget/pkg-descr b/security/razorback-scriptNugget/pkg-descr
deleted file mode 100644
index db80a93ea597..000000000000
--- a/security/razorback-scriptNugget/pkg-descr
+++ /dev/null
@@ -1,10 +0,0 @@
-Razorback is a framework for an intelligence driven security solution.
-It consists of a Dispatcher at the core of the system, surrounded by
-Nuggets of varying types.
-
-The scripting nugget uses XML across named pipes to pass registration,
-alerting and logging information back to the system.  This allows the
-use of any scripting (or even compiled) language that can pass XML out
-STDOUT with Razorback.
-
-WWW: http://razorbacktm.sourceforge.net/
diff --git a/security/razorback-scriptNugget/pkg-plist b/security/razorback-scriptNugget/pkg-plist
deleted file mode 100644
index 7956fb8addc9..000000000000
--- a/security/razorback-scriptNugget/pkg-plist
+++ /dev/null
@@ -1,6 +0,0 @@
-@sample etc/razorback/scriptNugget.conf.sample
-lib/razorback/scriptNugget.so.2.0.0
-lib/razorback/scriptNugget.so.2
-lib/razorback/scriptNugget.so
-lib/razorback/scriptNugget.a
-libexec/razorback/scriptNugget/test.rb
diff --git a/security/razorback-swfScanner/Makefile b/security/razorback-swfScanner/Makefile
deleted file mode 100644
index 4b7d4efef11f..000000000000
--- a/security/razorback-swfScanner/Makefile
+++ /dev/null
@@ -1,42 +0,0 @@
-# Created by: Tom Judge <tom@tomjudge.com>
-
-PORTNAME=	swfScanner
-PORTVERSION=	0.5.0
-PORTREVISION=	5
-CATEGORIES=	security
-MASTER_SITES=	SF/razorbacktm/Nuggets
-PKGNAMEPREFIX=	razorback-
-DIST_SUBDIR=	razorback
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Framework for an intelligence driven security - SWF Detection
-
-LICENSE=	GPLv2
-LICENSE_FILE=	${WRKSRC}/LICENSE
-
-DEPRECATED=	Abandonware, last release in 2012 and listed as alpha quality by upstream
-EXPIRATION_DATE=2022-03-31
-
-LIB_DEPENDS=	librazorback_api.so:security/razorback-api \
-		libjson-c.so:devel/json-c
-BUILD_DEPENDS=	razorback-masterNugget>=0.5.0:security/razorback-masterNugget
-RUN_DEPENDS=	razorback-masterNugget>=0.5.0:security/razorback-masterNugget
-
-RB_LIBDIR?=	${PREFIX}/lib/razorback
-GNU_CONFIGURE=	yes
-USES=		autoreconf libtool pkgconfig
-USE_LDCONFIG=	${RB_LIBDIR}
-CPPFLAGS+=	-I${LOCALBASE}/include
-LDFLAGS+=	-L${LOCALBASE}/lib
-
-OPTIONS_DEFINE=	DEBUG ASSERT
-
-ASSERT_DESC=	Enable Asserts
-ASSERT_CONFIGURE_ENABLE=	assert
-DEBUG_CONFIGURE_ENABLE=	debug
-
-post-install:
-	${LN} -sf ${RB_LIBDIR}/swfScanner.so.2 \
-		${STAGEDIR}${RB_LIBDIR}/swfScanner.so.2.0.0
-
-.include <bsd.port.mk>
diff --git a/security/razorback-swfScanner/distinfo b/security/razorback-swfScanner/distinfo
deleted file mode 100644
index 11d3efa6113c..000000000000
--- a/security/razorback-swfScanner/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (razorback/swfScanner-0.5.0.tar.gz) = 4e8baacc0f5e467b9703f5156aebb2e2cbfc2d6dc33f827e5bd75af8b0c3f414
-SIZE (razorback/swfScanner-0.5.0.tar.gz) = 324949
diff --git a/security/razorback-swfScanner/files/patch-common__m4_api__deps.m4 b/security/razorback-swfScanner/files/patch-common__m4_api__deps.m4
deleted file mode 100644
index b424f894f261..000000000000
--- a/security/razorback-swfScanner/files/patch-common__m4_api__deps.m4
+++ /dev/null
@@ -1,11 +0,0 @@
---- common_m4/api_deps.m4.orig	2012-04-16 18:59:44 UTC
-+++ common_m4/api_deps.m4
-@@ -55,7 +55,7 @@ LIBS="$LIBCONFIG_LIBS $LIBS"
- #          [AC_MSG_ERROR("curl header file not found")]
- #     )
- 
--PKG_CHECK_MODULES([JSON], [json >= 0.9])
-+PKG_CHECK_MODULES([JSON], [json-c >= 0.9])
- 
- CFLAGS="$JSON_CFLAGS $CFLAGS"
- LIBS="$JSON_LIBS $LIBS"
diff --git a/security/razorback-swfScanner/files/patch-common__m4_compiler__options.m4 b/security/razorback-swfScanner/files/patch-common__m4_compiler__options.m4
deleted file mode 100644
index 8e2572727b90..000000000000
--- a/security/razorback-swfScanner/files/patch-common__m4_compiler__options.m4
+++ /dev/null
@@ -1,11 +0,0 @@
---- common_m4/compiler_options.m4.orig	2012-01-04 18:17:09 UTC
-+++ common_m4/compiler_options.m4
-@@ -28,7 +28,7 @@ if test "$GCC" = yes ; then
- 
-     CFLAGS="$CFLAGS -std=c99 -fno-strict-aliasing"
-     CPPFLAGS="$CPPFLAGS -fno-strict-aliasing"
--    CWARNINGS="$CWARNINGS -Wall -Werror -Wwrite-strings -Wformat -fdiagnostics-show-option -Wextra -Wformat-security -Wsign-compare -Wcast-align -Wno-unused-parameter"
-+    CWARNINGS="$CWARNINGS -Wall -Wwrite-strings -Wformat -fdiagnostics-show-option -Wextra -Wformat-security -Wsign-compare -Wcast-align -Wno-unused-parameter"
-     if test "x$NOT_PEDANTIC" = "x"; then
-         CWARNINGS="$CWARNINGS -pedantic"
-     fi
diff --git a/security/razorback-swfScanner/pkg-descr b/security/razorback-swfScanner/pkg-descr
deleted file mode 100644
index 27ad72ad832f..000000000000
--- a/security/razorback-swfScanner/pkg-descr
+++ /dev/null
@@ -1,13 +0,0 @@
-Razorback is a framework for an intelligence driven security solution.
-It consists of a Dispatcher at the core of the system, surrounded by
-Nuggets of varying types.
-
-SWF Nugget is a Razorback Detection Nugget that scans Flash files
-collected by Razorback Collector Nuggets. SWF Nugget decompresses
-(as necessary) and parses Flash files to detect attacks exploiting
-known vulnerabilities.
-
-The scan results are sent back to Razorback Dispatcher to correlate
-with other Razorback Nuggets.
-
-WWW: http://razorbacktm.sourceforge.net/
diff --git a/security/razorback-swfScanner/pkg-plist b/security/razorback-swfScanner/pkg-plist
deleted file mode 100644
index 6c04cee01977..000000000000
--- a/security/razorback-swfScanner/pkg-plist
+++ /dev/null
@@ -1,5 +0,0 @@
-@sample etc/razorback/swf_scanner.conf.sample
-lib/razorback/swfScanner.so.2.0.0
-lib/razorback/swfScanner.so.2
-lib/razorback/swfScanner.so
-lib/razorback/swfScanner.a
diff --git a/security/razorback-virusTotal/Makefile b/security/razorback-virusTotal/Makefile
deleted file mode 100644
index 638fc88ee50f..000000000000
--- a/security/razorback-virusTotal/Makefile
+++ /dev/null
@@ -1,42 +0,0 @@
-# Created by: Tom Judge <tom@tomjudge.com>
-
-PORTNAME=	virusTotal
-PORTVERSION=	0.5.0
-PORTREVISION=	6
-CATEGORIES=	security
-MASTER_SITES=	SF/razorbacktm/Nuggets
-PKGNAMEPREFIX=	razorback-
-DIST_SUBDIR=	razorback
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Framework for an intelligence driven security - Virus Total Detection
-
-LICENSE=	GPLv2
-LICENSE_FILE=	${WRKSRC}/LICENSE
-
-DEPRECATED=	Abandonware, last release in 2012 and listed as alpha quality by upstream
-EXPIRATION_DATE=2022-03-31
-
-LIB_DEPENDS=	librazorback_api.so:security/razorback-api \
-		libjson-c.so:devel/json-c
-BUILD_DEPENDS=	razorback-masterNugget>=0.5.0:security/razorback-masterNugget
-RUN_DEPENDS=	razorback-masterNugget>=0.5.0:security/razorback-masterNugget
-
-RB_LIBDIR?=	${PREFIX}/lib/razorback
-GNU_CONFIGURE=	yes
-USES=		autoreconf libtool pkgconfig
-USE_LDCONFIG=	${RB_LIBDIR}
-CPPFLAGS+=	-I${LOCALBASE}/include
-LDFLAGS+=	-L${LOCALBASE}/lib
-
-OPTIONS_DEFINE=	DEBUG ASSERT
-
-ASSERT_DESC=	Enable Asserts
-ASSERT_CONFIGURE_ENABLE=	assert
-DEBUG_CONFIGURE_ENABLE=	debug
-
-post-install:
-	${LN} -sf ${RB_LIBDIR}/virusTotal.so.2 \
-		${STAGEDIR}${RB_LIBDIR}/virusTotal.so.2.0.0
-
-.include <bsd.port.mk>
diff --git a/security/razorback-virusTotal/distinfo b/security/razorback-virusTotal/distinfo
deleted file mode 100644
index 78e24f80ec60..000000000000
--- a/security/razorback-virusTotal/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (razorback/virusTotal-0.5.0.tar.gz) = ecc89bea58b8314ba28642d07a5d923d8e796f5eee8e912e6c3bdd3f87db8255
-SIZE (razorback/virusTotal-0.5.0.tar.gz) = 318982
diff --git a/security/razorback-virusTotal/files/patch-common__m4_api__deps.m4 b/security/razorback-virusTotal/files/patch-common__m4_api__deps.m4
deleted file mode 100644
index b424f894f261..000000000000
--- a/security/razorback-virusTotal/files/patch-common__m4_api__deps.m4
+++ /dev/null
@@ -1,11 +0,0 @@
---- common_m4/api_deps.m4.orig	2012-04-16 18:59:44 UTC
-+++ common_m4/api_deps.m4
-@@ -55,7 +55,7 @@ LIBS="$LIBCONFIG_LIBS $LIBS"
- #          [AC_MSG_ERROR("curl header file not found")]
- #     )
- 
--PKG_CHECK_MODULES([JSON], [json >= 0.9])
-+PKG_CHECK_MODULES([JSON], [json-c >= 0.9])
- 
- CFLAGS="$JSON_CFLAGS $CFLAGS"
- LIBS="$JSON_LIBS $LIBS"
diff --git a/security/razorback-virusTotal/files/patch-common__m4_compiler__options.m4 b/security/razorback-virusTotal/files/patch-common__m4_compiler__options.m4
deleted file mode 100644
index 8e2572727b90..000000000000
--- a/security/razorback-virusTotal/files/patch-common__m4_compiler__options.m4
+++ /dev/null
@@ -1,11 +0,0 @@
---- common_m4/compiler_options.m4.orig	2012-01-04 18:17:09 UTC
-+++ common_m4/compiler_options.m4
-@@ -28,7 +28,7 @@ if test "$GCC" = yes ; then
- 
-     CFLAGS="$CFLAGS -std=c99 -fno-strict-aliasing"
-     CPPFLAGS="$CPPFLAGS -fno-strict-aliasing"
--    CWARNINGS="$CWARNINGS -Wall -Werror -Wwrite-strings -Wformat -fdiagnostics-show-option -Wextra -Wformat-security -Wsign-compare -Wcast-align -Wno-unused-parameter"
-+    CWARNINGS="$CWARNINGS -Wall -Wwrite-strings -Wformat -fdiagnostics-show-option -Wextra -Wformat-security -Wsign-compare -Wcast-align -Wno-unused-parameter"
-     if test "x$NOT_PEDANTIC" = "x"; then
-         CWARNINGS="$CWARNINGS -pedantic"
-     fi
diff --git a/security/razorback-virusTotal/files/patch-src_virustotal.c b/security/razorback-virusTotal/files/patch-src_virustotal.c
deleted file mode 100644
index c8a90a20f4da..000000000000
--- a/security/razorback-virusTotal/files/patch-src_virustotal.c
+++ /dev/null
@@ -1,11 +0,0 @@
---- src/virustotal.c.orig	2012-03-02 14:05:41 UTC
-+++ src/virustotal.c
-@@ -5,7 +5,7 @@
- #include <time.h>
- #include <curl/curl.h>
- #include <curl/easy.h>
--#include <json/json.h>
-+#include <json-c/json.h>
- #include <arpa/inet.h>
- 
- #include <razorback/config_file.h>
diff --git a/security/razorback-virusTotal/pkg-descr b/security/razorback-virusTotal/pkg-descr
deleted file mode 100644
index 2516f0a0640e..000000000000
--- a/security/razorback-virusTotal/pkg-descr
+++ /dev/null
@@ -1,9 +0,0 @@
-Razorback is a framework for an intelligence driven security solution.
-It consists of a Dispatcher at the core of the system, surrounded by
-Nuggets of varying types.
-
-This nugget checks the VirusTotal API for the MD5 of the submitted file.
-If the file is found, the short data of the alert will contain the results
-from the JSON response from VirusTotal.
-
-WWW: http://razorbacktm.sourceforge.net/
diff --git a/security/razorback-virusTotal/pkg-plist b/security/razorback-virusTotal/pkg-plist
deleted file mode 100644
index 0960d3a4b786..000000000000
--- a/security/razorback-virusTotal/pkg-plist
+++ /dev/null
@@ -1,5 +0,0 @@
-@sample etc/razorback/virustotal.conf.sample
-lib/razorback/virusTotal.so.2.0.0
-lib/razorback/virusTotal.so.2
-lib/razorback/virusTotal.so
-lib/razorback/virusTotal.a
diff --git a/security/razorback-yaraNugget/Makefile b/security/razorback-yaraNugget/Makefile
deleted file mode 100644
index 58cd113eea12..000000000000
--- a/security/razorback-yaraNugget/Makefile
+++ /dev/null
@@ -1,44 +0,0 @@
-# Created by: Tom Judge <tom@tomjudge.com>
-
-PORTNAME=	yaraNugget
-PORTVERSION=	0.5.0
-PORTREVISION=	6
-CATEGORIES=	security
-MASTER_SITES=	SF/razorbacktm/Nuggets
-PKGNAMEPREFIX=	razorback-
-DIST_SUBDIR=	razorback
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Framework for an intelligence driven security - Yara Detection
-
-LICENSE=	GPLv2
-LICENSE_FILE=	${WRKSRC}/LICENSE
-
-DEPRECATED=	Abandonware, last release in 2012 and listed as alpha quality by upstream
-EXPIRATION_DATE=2022-03-31
-
-LIB_DEPENDS=	librazorback_api.so:security/razorback-api \
-		libjson-c.so:devel/json-c \
-		libpcre.so:devel/pcre
-BUILD_DEPENDS=	razorback-masterNugget>=0.5.0:security/razorback-masterNugget
-RUN_DEPENDS=	razorback-masterNugget>=0.5.0:security/razorback-masterNugget
-
-RB_LIBDIR?=	${PREFIX}/lib/razorback
-GNU_CONFIGURE=	yes
-USES=		autoreconf libtool pkgconfig
-USE_LDCONFIG=	${RB_LIBDIR}
-
-OPTIONS_DEFINE=	DEBUG ASSERT
-
-ASSERT_DESC=	Enable Asserts
-ASSERT_CONFIGURE_ENABLE=	assert
-DEBUG_CONFIGURE_ENABLE=	debug
-
-post-patch:
-	@${REINPLACE_CMD} 's|-Werror||' ${WRKSRC}/libyara/configure.ac
-
-post-install:
-	${LN} -sf ${RB_LIBDIR}/yaraNugget.so.2 \
-		${STAGEDIR}${RB_LIBDIR}/yaraNugget.so.2.0.0
-
-.include <bsd.port.mk>
diff --git a/security/razorback-yaraNugget/distinfo b/security/razorback-yaraNugget/distinfo
deleted file mode 100644
index 8017e2160990..000000000000
--- a/security/razorback-yaraNugget/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (razorback/yaraNugget-0.5.0.tar.gz) = 6b43e0033aa9f834acdd8aba1c437d7fac47a4d2edac1e9961983d6a019b1fc1
-SIZE (razorback/yaraNugget-0.5.0.tar.gz) = 623917
diff --git a/security/razorback-yaraNugget/files/patch-common__m4_api__deps.m4 b/security/razorback-yaraNugget/files/patch-common__m4_api__deps.m4
deleted file mode 100644
index b424f894f261..000000000000
--- a/security/razorback-yaraNugget/files/patch-common__m4_api__deps.m4
+++ /dev/null
@@ -1,11 +0,0 @@
---- common_m4/api_deps.m4.orig	2012-04-16 18:59:44 UTC
-+++ common_m4/api_deps.m4
-@@ -55,7 +55,7 @@ LIBS="$LIBCONFIG_LIBS $LIBS"
- #          [AC_MSG_ERROR("curl header file not found")]
- #     )
- 
--PKG_CHECK_MODULES([JSON], [json >= 0.9])
-+PKG_CHECK_MODULES([JSON], [json-c >= 0.9])
- 
- CFLAGS="$JSON_CFLAGS $CFLAGS"
- LIBS="$JSON_LIBS $LIBS"
diff --git a/security/razorback-yaraNugget/files/patch-common__m4_compiler__options.m4 b/security/razorback-yaraNugget/files/patch-common__m4_compiler__options.m4
deleted file mode 100644
index 8e2572727b90..000000000000
--- a/security/razorback-yaraNugget/files/patch-common__m4_compiler__options.m4
+++ /dev/null
@@ -1,11 +0,0 @@
---- common_m4/compiler_options.m4.orig	2012-01-04 18:17:09 UTC
-+++ common_m4/compiler_options.m4
-@@ -28,7 +28,7 @@ if test "$GCC" = yes ; then
- 
-     CFLAGS="$CFLAGS -std=c99 -fno-strict-aliasing"
-     CPPFLAGS="$CPPFLAGS -fno-strict-aliasing"
--    CWARNINGS="$CWARNINGS -Wall -Werror -Wwrite-strings -Wformat -fdiagnostics-show-option -Wextra -Wformat-security -Wsign-compare -Wcast-align -Wno-unused-parameter"
-+    CWARNINGS="$CWARNINGS -Wall -Wwrite-strings -Wformat -fdiagnostics-show-option -Wextra -Wformat-security -Wsign-compare -Wcast-align -Wno-unused-parameter"
-     if test "x$NOT_PEDANTIC" = "x"; then
-         CWARNINGS="$CWARNINGS -pedantic"
-     fi
diff --git a/security/razorback-yaraNugget/pkg-descr b/security/razorback-yaraNugget/pkg-descr
deleted file mode 100644
index a8b27d1c8830..000000000000
--- a/security/razorback-yaraNugget/pkg-descr
+++ /dev/null
@@ -1,8 +0,0 @@
-Razorback is a framework for an intelligence driven security solution.
-It consists of a Dispatcher at the core of the system, surrounded by
-Nuggets of varying types.
-
-The Yara nugget allows modified Yara rules to dictate which flags are
-set when they alert.
-
-WWW: http://razorbacktm.sourceforge.net/
diff --git a/security/razorback-yaraNugget/pkg-message b/security/razorback-yaraNugget/pkg-message
deleted file mode 100644
index c608927f42ba..000000000000
--- a/security/razorback-yaraNugget/pkg-message
+++ /dev/null
@@ -1,12 +0,0 @@
-[
-{ type: install
-  message: <<EOM
-After this port has been installed, you will need to copy and edit the
-sample configuration (rzb_yara.conf.sample) to rzb_yara.conf.
-
-Additionally, you will need to provide rules for yara.  The rules should be
-placed in the directory specified in the rzb_yara.conf file.  The rules may
-be placed in subdirectories or symlinked.
-EOM
-}
-]
diff --git a/security/razorback-yaraNugget/pkg-plist b/security/razorback-yaraNugget/pkg-plist
deleted file mode 100644
index 356d53066a1d..000000000000
--- a/security/razorback-yaraNugget/pkg-plist
+++ /dev/null
@@ -1,7 +0,0 @@
-@sample etc/razorback/yara.conf.sample
-etc/razorback/yara/banker.rules
-etc/razorback/yara/packer.rules
-lib/razorback/yaraNugget.so.2.0.0
-lib/razorback/yaraNugget.so.2
-lib/razorback/yaraNugget.so
-lib/razorback/yaraNugget.a
diff --git a/security/retranslator/Makefile b/security/retranslator/Makefile
deleted file mode 100644
index eff36e194fca..000000000000
--- a/security/retranslator/Makefile
+++ /dev/null
@@ -1,38 +0,0 @@
-# Created by: Gvozdikov Veniamin <g.veniamin@googlemail.com>
-
-PORTNAME=	retranslator
-PORTVERSION=	5.0.0
-DISTVERSIONSUFFIX=	-7
-CATEGORIES=	security
-MASTER_SITES=	http://utils.kaspersky.com/updater/retranslator_5.0.0.7/FreeBSD_6.3/ \
-		LOCAL/vg
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	The update utility for Kaspersky applications
-
-DEPRECATED=	Deprecated upstream (EOL)
-EXPIRATION_DATE=2022-03-31
-
-NO_BUILD=	yes
-ONLY_FOR_ARCHS=	i386 amd64
-
-WRKSRC=		${WRKDIR}/${PORTNAME}
-
-LIB_DEPENDS+=	libm.so:misc/compat6x
-
-do-configure:
-
-.for f in 's,./backup/,/var/db/${PORTNAME}/backup,g' \
-	's,./bases/,/var/db/${PORTNAME}/bases,g' \
-	's,./${PORTNAME}.log,/var/log/${PORTNAME}.log,g'
-	@${REINPLACE_CMD} -e ${f} \
-		${WRKSRC}/${PORTNAME}.conf
-.endfor
-
-do-install:
-	@${INSTALL_PROGRAM} ${WRKSRC}/${PORTNAME}.bin \
-		${STAGEDIR}${PREFIX}/bin/${PORTNAME}
-	@${INSTALL_DATA} ${WRKSRC}/${PORTNAME}.conf \
-		${STAGEDIR}${PREFIX}/etc/${PORTNAME}.conf.sample
-
-.include <bsd.port.mk>
diff --git a/security/retranslator/distinfo b/security/retranslator/distinfo
deleted file mode 100644
index f500a5f6560c..000000000000
--- a/security/retranslator/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (retranslator-5.0.0-7.tar.gz) = ad32b535ddf0c13f95cdbba2de0d2d6b157cb6ff62b5a61766a0a93c77f33f97
-SIZE (retranslator-5.0.0-7.tar.gz) = 671996
diff --git a/security/retranslator/pkg-descr b/security/retranslator/pkg-descr
deleted file mode 100644
index 9eb284517f35..000000000000
--- a/security/retranslator/pkg-descr
+++ /dev/null
@@ -1,10 +0,0 @@
-The update utility is designed to download and save updates and modules
-of the Kaspersky Lab's applications into a separate folder.
-
-With the help of the utility you can download updates for selected
-Kaspersky Lab's applications installed either in your network or at
-a home PC. The utility has a function for saving downloaded updates
-and autopatches in a local folder, a network folder connected as a
-disc to the computer file system, or onto a flash-carrier.
-
-WWW: http://support.kaspersky.com/updater?level=2
diff --git a/security/retranslator/pkg-plist b/security/retranslator/pkg-plist
deleted file mode 100644
index f9516d6f856a..000000000000
--- a/security/retranslator/pkg-plist
+++ /dev/null
@@ -1,2 +0,0 @@
-bin/retranslator
-@sample etc/retranslator.conf.sample
diff --git a/security/revealrk/Makefile b/security/revealrk/Makefile
deleted file mode 100644
index 4e7ee2188a3c..000000000000
--- a/security/revealrk/Makefile
+++ /dev/null
@@ -1,27 +0,0 @@
-PORTNAME=	revealrk
-PORTVERSION=	1.2.2
-CATEGORIES=	security
-MASTER_SITES=	SF/${PORTNAME}/
-
-MAINTAINER=	pi@FreeBSD.org
-COMMENT=	Search hidden procs/rootkits from cron with low false positive rate
-
-LICENSE=	GPLv3
-
-BROKEN_FreeBSD_12=	fails to compile: revealrk.c: 'struct xtcpcb' has no member named 'xt_socket'
-BROKEN_FreeBSD_13=	fails to compile: revealrk.c: 'struct xtcpcb' has no member named 'xt_socket'
-BROKEN_FreeBSD_14=	fails to compile: revealrk.c: 'struct xtcpcb' has no member named 'xt_socket'
-DEPRECATED=	Deprecate, marked BROKEN on 12+ in 2018
-EXPIRATION_DATE=2022-03-31
-
-PLIST_FILES=	bin/revealrk man/man1/revealrk.1.gz
-
-USES=		scons tar:tgz
-
-.if !empty(PREFIX)
-MAKE_ARGS+=    --prefix=${STAGEDIR}${PREFIX}
-.else
-MAKE_ARGS+=    --prefix=${STAGEDIR}${LOCALBASE}
-.endif
-
-.include <bsd.port.mk>
diff --git a/security/revealrk/distinfo b/security/revealrk/distinfo
deleted file mode 100644
index 00035fbf6a91..000000000000
--- a/security/revealrk/distinfo
+++ /dev/null
@@ -1,3 +0,0 @@
-TIMESTAMP = 1477039646
-SHA256 (revealrk-1.2.2.tgz) = 4337788ce4055c11cdba67cafd4f39dbc6a92985a2b58fab4b61dd607575011c
-SIZE (revealrk-1.2.2.tgz) = 38448
diff --git a/security/revealrk/files/patch-SConstruct b/security/revealrk/files/patch-SConstruct
deleted file mode 100644
index 682a18321c96..000000000000
--- a/security/revealrk/files/patch-SConstruct
+++ /dev/null
@@ -1,22 +0,0 @@
---- SConstruct.orig	2016-05-19 16:27:37 UTC
-+++ SConstruct
-@@ -13,7 +13,7 @@ prog_files = Split('revealrk.c')
- pkg_files = prog_files + Split('revealrk.1 SConstruct changelog license.txt README INSTALL cron.example Makefile config.h')
- 
- debug     = not ARGUMENTS.get('debug', '0').lower() in ['0', 'false', 'no']
--prefix    = GetOption('prefix') or '/'
-+prefix    = GetOption('prefix') or '/usr'
- clean_all = not GetOption('clean_all') is None
- static    = not GetOption('static') is None
- build_tgz = not GetOption('tgz') is None
-@@ -152,8 +152,8 @@ if not env.GetOption('clean'):
-         conf.env.Append(LINKFLAGS = ' -static')
-     env = conf.Finish()
- 
--env.Alias('install', env.AddPostAction(env.Install(prefix + '/usr/bin', target), env.Action('strip ' + prefix + '/usr/bin/' + target)))
--env.Alias('install', env.AddPostAction(env.Install(prefix + '/usr/share/man/man1', target + '.1'), env.Action('gzip -f ' + prefix + '/usr/share/man/man1/' + target + '.1')))
-+env.Alias('install', env.AddPostAction(env.Install(prefix + '/bin', target), env.Action('strip ' + prefix + '/bin/' + target)))
-+env.Alias('install', env.AddPostAction(env.Install(prefix + '/man/man1', target + '.1'), env.Action('gzip -f ' + prefix + '/man/man1/' + target + '.1')))
- 
- if clean_all:
-     env.Clean('distclean', Split('config.log .sconf_temp .sconsign.dblite'))
diff --git a/security/revealrk/pkg-descr b/security/revealrk/pkg-descr
deleted file mode 100644
index 2981b545c7f8..000000000000
--- a/security/revealrk/pkg-descr
+++ /dev/null
@@ -1,9 +0,0 @@
-revealrk searches for hidden processes. If you have a kernel mod
-rootkit loaded into memory without hiding any process, don't expect
-to find anything.
-
-Reveal RootKit is intended to run out of cron or similar services
-on a regular basis and avoids verbose output as long as nothing was
-found.
-
-WWW: https://sourceforge.net/projects/revealrk/
diff --git a/security/scanssh/Makefile b/security/scanssh/Makefile
deleted file mode 100644
index 80c4cb42191f..000000000000
--- a/security/scanssh/Makefile
+++ /dev/null
@@ -1,25 +0,0 @@
-# Created by: kris@FreeBSD.org
-
-PORTNAME=	scanssh
-PORTVERSION=	2.1
-PORTREVISION=	12
-CATEGORIES=	security net
-MASTER_SITES=	http://www.monkey.org/~provos/
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Scans networks for open proxies, SSH, web, and SMTP servers
-
-DEPRECATED=	Abandonware, last release in 2005. Please consider using security/nmap or security/rustscan
-EXPIRATION_DATE=2022-03-31
-
-LIB_DEPENDS=	libdnet.so:net/libdnet \
-		libevent.so:devel/libevent
-
-GNU_CONFIGURE=	YES
-PLIST_FILES=	bin/scanssh man/man1/scanssh.1.gz
-
-do-install:
-	${INSTALL_PROGRAM} ${WRKSRC}/scanssh ${STAGEDIR}${PREFIX}/bin
-	${INSTALL_MAN} ${WRKSRC}/scanssh.1 ${STAGEDIR}${PREFIX}/man/man1
-
-.include <bsd.port.mk>
diff --git a/security/scanssh/distinfo b/security/scanssh/distinfo
deleted file mode 100644
index abc8570d7c12..000000000000
--- a/security/scanssh/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (scanssh-2.1.tar.gz) = 057eec87edafbbe5bc22960cbac53e3ada0222400d649a5e2f22cc8981f5b035
-SIZE (scanssh-2.1.tar.gz) = 111481
diff --git a/security/scanssh/files/patch-Makefile.in b/security/scanssh/files/patch-Makefile.in
deleted file mode 100644
index a6e23615904e..000000000000
--- a/security/scanssh/files/patch-Makefile.in
+++ /dev/null
@@ -1,11 +0,0 @@
---- Makefile.in.orig	Sat Apr 23 15:51:17 2005
-+++ Makefile.in	Sat Apr 23 15:51:24 2005
-@@ -79,7 +79,7 @@
- scanssh_SOURCES = scanssh.c atomicio.c exclude.c connecter.c xmalloc.c 	interface.c socks.c http.c telnet.c exclude.h interface.h 	scanssh.h socks.h xmalloc.h
- 
- scanssh_LDADD = @LIBOBJS@ @PCAPLIB@ @EVENTLIB@ @DNETLIB@
--CFLAGS = -O2 -Wall -g
-+CFLAGS+= -Wall -g
- 
- INCLUDES = -I$(top_srcdir)/@DNETCOMPAT@ -I$(top_srcdir)/compat 	@EVENTINC@ @PCAPINC@ @DNETINC@
- 
diff --git a/security/scanssh/pkg-descr b/security/scanssh/pkg-descr
deleted file mode 100644
index fbf559fb454b..000000000000
--- a/security/scanssh/pkg-descr
+++ /dev/null
@@ -1,8 +0,0 @@
-ScanSSH supports scanning a list of addresses and networks for open proxies,
-SSH protocol servers, Web and SMTP servers. Where possible ScanSSH, displays
-the version number of the running services. ScanSSH protocol scanner supports
-random selection of IP addresses from large network ranges and is useful for
-gathering statistics on the deployment of SSH protocol servers in a company
-or the Internet as whole.
-
-WWW: http://www.monkey.org/~provos/
diff --git a/security/sha/Makefile b/security/sha/Makefile
deleted file mode 100644
index b3981ac749b9..000000000000
--- a/security/sha/Makefile
+++ /dev/null
@@ -1,20 +0,0 @@
-# Created by: asaddi@philosophysw.com
-
-PORTNAME=	sha
-PORTVERSION=	1.0.4
-CATEGORIES=	security
-MASTER_SITES=	SF
-
-MAINTAINER=	allan@saddi.com
-COMMENT=	Simple file hash program utilizing SHA-1, SHA-256, SHA-384, SHA-512
-
-DEPRECATED=	Obsolete, we have tools in base
-EXPIRATION_DATE=2022-03-31
-
-GNU_CONFIGURE=	yes
-USES=	gmake
-
-PLIST_FILES=	bin/sha \
-		man/man1/sha.1.gz
-
-.include <bsd.port.mk>
diff --git a/security/sha/distinfo b/security/sha/distinfo
deleted file mode 100644
index d4d23e182b59..000000000000
--- a/security/sha/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (sha-1.0.4.tar.gz) = 36567ddda972250d3a05f865a231b49ddb27c636bd0573e27751a9e6e1c2c369
-SIZE (sha-1.0.4.tar.gz) = 71196
diff --git a/security/sha/pkg-descr b/security/sha/pkg-descr
deleted file mode 100644
index 756c378219ea..000000000000
--- a/security/sha/pkg-descr
+++ /dev/null
@@ -1,7 +0,0 @@
-sha is a simple program that hashes files. It uses the National
-Institute of Standards and Technology's Secure Hash Algorithm.
-It can use SHA-1, SHA-256, SHA-384, or SHA-512, which generate
-respectively, hashes of 160, 256, 384, or 512 bits. sha can be
-used in scripts to do, for example, file integrity checking.
-
-WWW: http://www.saddi.com/software/sha/
diff --git a/security/shimmer/Makefile b/security/shimmer/Makefile
deleted file mode 100644
index 5da79cb7f9ee..000000000000
--- a/security/shimmer/Makefile
+++ /dev/null
@@ -1,32 +0,0 @@
-# Created by: Felippe de Meirelles Motta <lippemail@gmail.com>
-
-PORTNAME=	shimmer
-PORTVERSION=	0.1.0
-PORTREVISION=	1
-CATEGORIES=	security
-MASTER_SITES=	SF/${PORTNAME}/${PORTNAME}/v${PORTVERSION}
-DISTNAME=	${PORTNAME}
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Perl implementation that hides a valuable port on your server
-
-DEPRECATED=	Abandonware, last release in 2008
-EXPIRATION_DATE=2022-03-31
-
-NO_WRKSUBDIR=	yes
-NO_BUILD=	yes
-
-USES=		perl5 shebangfix
-USE_PERL5=	run
-SHEBANG_FILES=	shimmer shimmerd
-
-PLIST_FILES=	bin/shimmer \
-		bin/shimmerd \
-		etc/shimmer.conf
-
-do-install:
-	${INSTALL_SCRIPT} ${WRKSRC}/shimmer ${STAGEDIR}${PREFIX}/bin
-	${INSTALL_SCRIPT} ${WRKSRC}/shimmerd ${STAGEDIR}${PREFIX}/bin
-	${INSTALL_DATA} ${WRKSRC}/shimmer.conf ${STAGEDIR}${PREFIX}/etc
-
-.include <bsd.port.mk>
diff --git a/security/shimmer/distinfo b/security/shimmer/distinfo
deleted file mode 100644
index e6839f546a16..000000000000
--- a/security/shimmer/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (shimmer.tar.gz) = d9ed67b8d15104beee36bbd3e3514bb98a81d6c1b1388ce4b4362a84ecd09ee3
-SIZE (shimmer.tar.gz) = 7488
diff --git a/security/shimmer/pkg-descr b/security/shimmer/pkg-descr
deleted file mode 100644
index a74c5f4213d6..000000000000
--- a/security/shimmer/pkg-descr
+++ /dev/null
@@ -1,5 +0,0 @@
-shimmer is a pair of small programs (a client and a server) that provide an
-alternative to port knocking program such as tumbler and are used to hide a
-valuable port (such as a hidden web server or SSH) on a public IP address.
-
-WWW: http://shimmer.sourceforge.net/
diff --git a/security/shttpscanner/Makefile b/security/shttpscanner/Makefile
deleted file mode 100644
index 1d9bc56dc301..000000000000
--- a/security/shttpscanner/Makefile
+++ /dev/null
@@ -1,36 +0,0 @@
-# Created by: Andrew Pantyukhin <infofarmer@FreeBSD.org>
-
-PORTNAME=	shttpscanner
-PORTVERSION=	0.4
-CATEGORIES=	security www
-MASTER_SITES=	SF/${PORTNAME}/sHTTPScanner/sHTTPScanner%20v${PORTVERSION}
-DISTNAME=	sHTTPScanner_v${DISTVERSION}
-EXTRACT_SUFX=	.zip
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Simple HTTP scanner
-
-DEPRECATED=	Abandonware, last release in 2006
-EXPIRATION_DATE=2022-03-31
-
-USES=		dos2unix
-
-PLIST_FILES=	bin/${PORTNAME} \
-		%%DATADIR%%/requests.txt \
-		%%DATADIR%%/subdomains.txt
-
-post-patch:
-	@${REINPLACE_CMD} -E '/^#define/s!([a-z]*\.txt)!${DATADIR}/\1!' \
-		${WRKSRC}/${DISTNAME:tl}.c
-
-do-build:
-	(cd ${WRKSRC} && ${SETENV} ${MAKE_ENV} \
-		${CC} ${CFLAGS} -o ${PORTNAME} ${DISTNAME:tl}.c -lpthread)
-
-do-install:
-	@${MKDIR} ${STAGEDIR}${DATADIR}
-	${INSTALL_PROGRAM} ${WRKSRC}/${PORTNAME} ${STAGEDIR}${PREFIX}/bin/
-	${INSTALL} ${WRKSRC}/requests.txt ${WRKSRC}/subdomains.txt \
-		${STAGEDIR}${DATADIR}/
-
-.include <bsd.port.mk>
diff --git a/security/shttpscanner/distinfo b/security/shttpscanner/distinfo
deleted file mode 100644
index ecc1912a554f..000000000000
--- a/security/shttpscanner/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (sHTTPScanner_v0.4.zip) = e3a8ea23a534c8fc4c4348634922a601605b90c9e223a0d6c2fd836811ce565b
-SIZE (sHTTPScanner_v0.4.zip) = 19156
diff --git a/security/shttpscanner/pkg-descr b/security/shttpscanner/pkg-descr
deleted file mode 100644
index 948207b88ee0..000000000000
--- a/security/shttpscanner/pkg-descr
+++ /dev/null
@@ -1,5 +0,0 @@
-Simple HTTP Scanner is a creation made for web site pen testing. You can
-check for directories and files on the remote web server and get some
-server information like the webserver running.
-
-WWW: https://sourceforge.net/projects/shttpscanner/
diff --git a/security/slurpie/Makefile b/security/slurpie/Makefile
deleted file mode 100644
index 7d9eae45e321..000000000000
--- a/security/slurpie/Makefile
+++ /dev/null
@@ -1,34 +0,0 @@
-# Created by: David O'Brien (obrien@NUXI.com)
-
-PORTNAME=	slurpie
-PORTVERSION=	2.0b
-PORTREVISION=	1
-CATEGORIES=	security
-MASTER_SITES=	ftp://ftp.openbsd.org/pub/OpenBSD/distfiles/ \
-		http://people.FreeBSD.org/~foxfair/distfiles/
-DISTNAME=	${PORTNAME}
-EXTRACT_SUFX=	.tgz
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Passwd file cracker (supports distributed nodes)
-
-DEPRECATED=	Abandonware, last release around 2000 and dead upstream
-EXPIRATION_DATE=2022-03-31
-
-PLIST_FILES=	sbin/slurp sbin/slurpie
-PORTDOCS=	README
-
-OPTIONS_DEFINE=	DOCS
-
-post-patch:
-# Fix for GCC 4.2
-	@${REINPLACE_CMD} -e \
-		's,(u_char)cfg.ptask_level = ,cfg.ptask_level = (u_int),' \
-		${WRKSRC}/src/slurpie.c
-
-do-install:
-	${INSTALL_PROGRAM} ${WRKSRC}/slurp* ${STAGEDIR}${PREFIX}/sbin
-	${MKDIR} ${STAGEDIR}${DOCSDIR}
-	${INSTALL_DATA} ${WRKSRC}/README ${STAGEDIR}${DOCSDIR}
-
-.include <bsd.port.mk>
diff --git a/security/slurpie/distinfo b/security/slurpie/distinfo
deleted file mode 100644
index 09828c00e616..000000000000
--- a/security/slurpie/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (slurpie.tgz) = 3e88b3a9b84059684075151000fff83f4d5257e7ae7586a821131e7d6ec8e489
-SIZE (slurpie.tgz) = 8085
diff --git a/security/slurpie/files/patch-Makefile b/security/slurpie/files/patch-Makefile
deleted file mode 100644
index 4097dbb336e3..000000000000
--- a/security/slurpie/files/patch-Makefile
+++ /dev/null
@@ -1,12 +0,0 @@
---- Makefile.orig	1999-01-30 21:14:03 UTC
-+++ Makefile
-@@ -1,7 +1,6 @@
--CC = gcc
- all: slurpie slurp
- slurpie: src/slurpie.c src/shared.c src/master.c src/shared.h src/mn.h
--	$(CC) -O3 src/slurpie.c src/shared.c src/master.c -o slurpie
-+	$(CC) ${CFLAGS} src/slurpie.c src/shared.c src/master.c -o slurpie
- slurp: src/slurp.c src/shared.c src/node.c src/shared.h src/mn.h
--	$(CC) -O3 -lcrypt src/slurp.c src/shared.c src/node.c -o slurp
-+	$(CC) ${CFLAGS} -lcrypt src/slurp.c src/shared.c src/node.c -o slurp
- 
diff --git a/security/slurpie/files/patch-src_master.c b/security/slurpie/files/patch-src_master.c
deleted file mode 100644
index 6a2d134dd6b1..000000000000
--- a/security/slurpie/files/patch-src_master.c
+++ /dev/null
@@ -1,11 +0,0 @@
---- src/master.c.orig	1999-01-30 21:08:08 UTC
-+++ src/master.c
-@@ -132,7 +132,7 @@ char *get_time_str( u_int seconds )
-    return timestr;
- }
- 
--int main( int argc, u_char **argv )
-+int main( int argc, char **argv )
- {
-    static unsigned id, init_time;
- 
diff --git a/security/slurpie/files/patch-src_mn.h b/security/slurpie/files/patch-src_mn.h
deleted file mode 100644
index a57635abcc96..000000000000
--- a/security/slurpie/files/patch-src_mn.h
+++ /dev/null
@@ -1,18 +0,0 @@
---- src/mn.h.orig	1999-01-30 21:09:01 UTC
-+++ src/mn.h
-@@ -2,11 +2,12 @@
- #define _MN_H_
- 
- /////////////////////////////////
--#include <stdio.h>
--#include <stdarg.h>
--#include <netinet/in.h>
- #include <sys/types.h>
- #include <sys/time.h>
-+#include <sys/socket.h>
-+#include <netinet/in.h>
-+#include <stdio.h>
-+#include <stdarg.h>
- 
- 
- /////////////////////////////////
diff --git a/security/slurpie/files/patch-src_node.c b/security/slurpie/files/patch-src_node.c
deleted file mode 100644
index 4ebb28504413..000000000000
--- a/security/slurpie/files/patch-src_node.c
+++ /dev/null
@@ -1,11 +0,0 @@
---- src/node.c.orig	1999-01-30 21:10:17 UTC
-+++ src/node.c
-@@ -102,7 +102,7 @@ void clean_up( int exit_status )
- 
- 
- /////////////////////////////
--int main( int argc, u_char **argv )
-+int main( int argc, char **argv )
- {
-    u_int exit_state = 0;
-    global.self.addr.sin_port = 0;
diff --git a/security/slurpie/files/patch-src_slurp.c b/security/slurpie/files/patch-src_slurp.c
deleted file mode 100644
index d573827d79c0..000000000000
--- a/security/slurpie/files/patch-src_slurp.c
+++ /dev/null
@@ -1,11 +0,0 @@
---- src/slurp.c.orig	2016-01-24 14:16:26 UTC
-+++ src/slurp.c
-@@ -194,7 +194,7 @@ int recv_init( u_char *initmsg )
-          return 0;
-    // get file size and divide to determine portion of dictionary to process per task
-       fseek(wl.dictfile, 0, SEEK_END );
--      wl.ptask_size = wl.dictfile->_offset / cfg.ptask_level;
-+      wl.ptask_size = ftell(wl.dictfile) / cfg.ptask_level;
-       pstr += strlen(pstr)+1;
-    }
-    if( cfg.mcl & CL_GDICT )
diff --git a/security/slurpie/pkg-descr b/security/slurpie/pkg-descr
deleted file mode 100644
index d7e1fde2e5b5..000000000000
--- a/security/slurpie/pkg-descr
+++ /dev/null
@@ -1,3 +0,0 @@
-Slurpie is a passwd file cracker similar to CrackerJack and John the Ripper
-except that it can be run in a distributed environment (multiple computers
-aka nodes).
diff --git a/security/slush/Makefile b/security/slush/Makefile
deleted file mode 100644
index 553aec98d15f..000000000000
--- a/security/slush/Makefile
+++ /dev/null
@@ -1,32 +0,0 @@
-# Created by: shipley@dis.org
-
-PORTNAME=	slush
-PORTVERSION=	0.1.1
-PORTREVISION=	1
-CATEGORIES=	security
-MASTER_SITES=	PACKETSTORM/crypt/SSL/slush
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Telnet-like application which uses a secure SSL channel
-
-LICENSE=	GPLv2+
-LICENSE_FILE=	${WRKSRC}/COPYRIGHT.GPL
-
-DEPRECATED=	Obsolete, listed as alpha quality, last release around 2000 and dead upstream
-EXPIRATION_DATE=2022-03-31
-
-GNU_CONFIGURE=	yes
-USES=		ssl
-
-OPTIONS_DEFINE=	DOCS
-
-do-install:
-	${INSTALL_PROGRAM} ${WRKSRC}/slush ${STAGEDIR}${PREFIX}/bin/slush
-	${INSTALL_PROGRAM} ${WRKSRC}/slushd ${STAGEDIR}${PREFIX}/sbin/slushd
-
-do-install-DOCS-on:
-	@${MKDIR} ${STAGEDIR}${DOCSDIR}
-	${INSTALL_DATA} ${WRKSRC}/control.txt ${STAGEDIR}${DOCSDIR}
-	${INSTALL_DATA} ${WRKSRC}/README ${STAGEDIR}${DOCSDIR}
-
-.include <bsd.port.mk>
diff --git a/security/slush/distinfo b/security/slush/distinfo
deleted file mode 100644
index f334c9be06a5..000000000000
--- a/security/slush/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (slush-0.1.1.tar.gz) = 5d0c674600fc098580ab172d1f094d168dade5fada66d108d8e7161e01f01845
-SIZE (slush-0.1.1.tar.gz) = 54087
diff --git a/security/slush/files/patch-Makefile.in b/security/slush/files/patch-Makefile.in
deleted file mode 100644
index e86ed04fde87..000000000000
--- a/security/slush/files/patch-Makefile.in
+++ /dev/null
@@ -1,22 +0,0 @@
---- Makefile.in.orig	1999-04-06 08:05:04 UTC
-+++ Makefile.in
-@@ -9,8 +9,8 @@ MANDIR=/usr/man/man8
- 
- CC=@CC@
- INSTALL=@INSTALL@
--CFLAGS=@CFLAGS@ -Wall -DVERSION=\"$(VERSION)\" -I/usr/local/ssl/include -I/usr/include/ssl
--LIBS=@LIBS@ -L/usr/local/ssl/lib -lssl -lcrypto
-+CFLAGS=@CFLAGS@ -Wall -DVERSION=\"$(VERSION)\" -I$(OPENSSLINC) -I$(OPENSSLINC)/openssl -I$(LOCALBASE)/include
-+LIBS=@LIBS@ -L$(OPENSSLLIB) -lssl -lcrypto $(EXTRA_SSL_LIBS) -lutil
- 
- all: slush slushd
- 
-@@ -38,7 +38,7 @@ $(MANDIR)/slush.8: slush.8
- install: $(SBINDIR)/slushd $(MANDIR)/slush.8
- 
- cert:
--	ssleay req -new -x509 -nodes \
-+	openssl req -new -x509 -nodes \
- 		-out slushd.pem -days 365 -keyout slushd.pem
- 
- clean:
diff --git a/security/slush/files/patch-slush.c b/security/slush/files/patch-slush.c
deleted file mode 100644
index 479ad51d71f0..000000000000
--- a/security/slush/files/patch-slush.c
+++ /dev/null
@@ -1,13 +0,0 @@
---- slush.c.orig	1999-05-07 02:24:09 UTC
-+++ slush.c
-@@ -34,7 +34,10 @@
- #include <signal.h>
- #include <string.h>
- #include <stdlib.h>
-+#include <sys/param.h>
-+#if __FreeBSD_version >= 500000
- #include <getopt.h>
-+#endif
- #include <termios.h>
- #include <pwd.h>
- #include <sys/ioctl.h>
diff --git a/security/slush/files/patch-slushd.c b/security/slush/files/patch-slushd.c
deleted file mode 100644
index b81fc7a81e2d..000000000000
--- a/security/slush/files/patch-slushd.c
+++ /dev/null
@@ -1,112 +0,0 @@
---- slushd.c.orig	1999-05-07 02:24:09 UTC
-+++ slushd.c
-@@ -40,11 +40,19 @@
- #include <ctype.h>
- #include <stdlib.h>
- #include <netdb.h>
-+#include <sys/param.h>
-+#if __FreeBSD_version >= 500000
- #include <getopt.h>
-+#endif
- #include <pwd.h>
- #include <grp.h>
- #include <fcntl.h>
-+#if __FreeBSD_version >= 900007
-+#include <utmpx.h>
-+#else
- #include <utmp.h>
-+#include <libutil.h>
-+#endif
- #include <limits.h>
- #include <paths.h>
- #include <sys/types.h>
-@@ -653,59 +661,42 @@ int process_control_word(const char *tok
- /* exits on error */
- void log_uwtmp(struct passwd *pw, struct in_addr *i, char *tty, int is_logout)
- {
--	struct utmp ut;
--	int wtmp;
--	int lock;
--	
--	tty = strrchr(tty, '/');
--	if (tty == NULL)
--	{
--		syslog(LOG_ERR, "Can't determine basename of tty");
--		exit(3);
--	}
--	tty++;
--	
--	utmpname(_PATH_UTMP);
--	setutent();
--	memset(&ut, 0, sizeof(ut));
-+#if __FreeBSD_version >= 900007
-+	struct utmpx ut;
- 
--	if (ut.ut_id[0] == 0)
--		strncpy(ut.ut_id, tty + 3, sizeof(ut.ut_id));
-+	if (strncmp(tty, "/dev/", 5) == 0)
-+		tty += 5;
- 
--	if (!is_logout)
--		strncpy(ut.ut_user, pw->pw_name, sizeof(ut.ut_user));
--	
--	strncpy(ut.ut_line, tty, sizeof(ut.ut_line) - 1);
--	ut.ut_line[sizeof(ut.ut_line) - 1] = 0;
--	
--	ut.ut_time = time(NULL);
--	ut.ut_type = is_logout?DEAD_PROCESS:USER_PROCESS;
--	ut.ut_pid = getpid();
-+	memset(&ut, 0, sizeof ut);
-+	gettimeofday(&ut.ut_tv, NULL);
-+	strncpy(ut.ut_id, tty, sizeof ut.ut_id);
- 
--	strncpy(ut.ut_host, hostname, sizeof(ut.ut_host) - 1);
--	ut.ut_host[sizeof(ut.ut_host) - 1] = 0;
--	
--	memcpy(&ut.ut_addr, i, sizeof(ut.ut_addr));
-+	if (is_logout) {
-+		ut.ut_type = DEAD_PROCESS;
-+	} else {
-+		ut.ut_type = USER_PROCESS;
-+		strncpy(ut.ut_line, tty, sizeof ut.ut_line);
-+		strncpy(ut.ut_user, pw->pw_name, sizeof ut.ut_user);
-+		strncpy(ut.ut_host, inet_ntoa(*i), sizeof ut.ut_host);
-+	}
-+	pututxline(&ut);
-+#else
-+	struct utmp ut;
- 
--	pututline(&ut);
--	endutent();
-+	if (strncmp(tty, "/dev/", 5) == 0)
-+		tty += 5;
- 
--	lock = open(_PATH_WTMPLOCK, O_CREAT|O_WRONLY, 0660);
--	if (lock == -1)
--		ioerror("open");
--		
--	if (flock(lock, LOCK_EX) == -1)
--		ioerror("flock");
--		
--	wtmp = open(_PATH_WTMP, O_APPEND|O_WRONLY);
--	if (wtmp == -1)
--		ioerror("open");
--		
--	write(wtmp, (char *)&ut, sizeof(ut));
--	close(wtmp);
-+	if (is_logout) {
-+		logout(tty);
-+		return;
-+	}
- 
--	flock(lock, LOCK_UN);
--	close(lock);
-+	strncpy(ut.ut_line, tty, sizeof ut.ut_line);
-+	strncpy(ut.ut_name, pw->pw_name, sizeof ut.ut_name);
-+	strncpy(ut.ut_host, inet_ntoa(*i), sizeof ut.ut_host);
-+	ut.ut_time = time(0);
-+	login(&ut);
-+#endif
- }
- 
- /* Retrieve client X509 certificate and test authentication */
diff --git a/security/slush/pkg-descr b/security/slush/pkg-descr
deleted file mode 100644
index 29b4f72e5ad4..000000000000
--- a/security/slush/pkg-descr
+++ /dev/null
@@ -1,7 +0,0 @@
-slush - SSL remote shell
-
-slush is a simple telnet-like application which communicates over a
-secure SSL channel. It uses X509 certificates for authentication and
-can be compiled with TCP wrappers support (service name "slushd").
-
-slush is *alpha* software. Use it at your own risk.
diff --git a/security/slush/pkg-plist b/security/slush/pkg-plist
deleted file mode 100644
index e66a627e764a..000000000000
--- a/security/slush/pkg-plist
+++ /dev/null
@@ -1,4 +0,0 @@
-bin/slush
-sbin/slushd
-%%PORTDOCS%%%%DOCSDIR%%/README
-%%PORTDOCS%%%%DOCSDIR%%/control.txt
diff --git a/security/smtpscan/Makefile b/security/smtpscan/Makefile
deleted file mode 100644
index fb45be9c8477..000000000000
--- a/security/smtpscan/Makefile
+++ /dev/null
@@ -1,47 +0,0 @@
-# Created by: Hubert Tournier <hubert@frbsd.org>
-
-PORTNAME=	smtpscan
-PORTVERSION=	0.5
-PORTREVISION=	2
-CATEGORIES=	security mail perl5
-MASTER_SITES=	PACKETSTORM/UNIX/scanners \
-		http://www.frbsd.org/dist/
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Remote SMTP server version detector
-
-LICENSE=	GPLv2
-
-DEPRECATED=	Abandonware, last release in 2003 and dead upstream. Please consider using security/nmap
-EXPIRATION_DATE=2022-03-31
-
-RUN_DEPENDS=	p5-Net-DNS>=0:dns/p5-Net-DNS
-
-WRKSRC=		${WRKDIR}/${PORTNAME}
-NO_BUILD=	yes
-
-USES=		perl5 shebangfix
-USE_PERL5=	run
-SHEBANG_FILES=	src/smtpscan
-
-PLIST_FILES=	bin/smtpscan \
-		man/man1/smtpscan.1.gz \
-		%%DATADIR%%/fingerprints \
-		%%DATADIR%%/tests
-
-post-patch:
-	@${REINPLACE_CMD} -e \
-		's|/usr/local/share|${PREFIX}/share| ; \
-		 s|@VERSION@|${PORTVERSION}|' ${WRKSRC}/src/smtpscan
-	@${REINPLACE_CMD} -e \
-		's|@VERSION@|${PORTVERSION}| ; \
-		 s|@prefix@|${PREFIX}/share|' ${WRKSRC}/docs/man/smtpscan.1
-
-do-install:
-	(cd ${WRKSRC}/src && ${INSTALL_SCRIPT} smtpscan ${STAGEDIR}${PREFIX}/bin)
-	(cd ${WRKSRC}/docs/man \
-		&& ${INSTALL_MAN} smtpscan.1 ${STAGEDIR}${MANPREFIX}/man/man1)
-	@${MKDIR} ${STAGEDIR}${DATADIR}
-	(cd ${WRKSRC}/src && ${INSTALL_SCRIPT} fingerprints tests ${STAGEDIR}${DATADIR})
-
-.include <bsd.port.mk>
diff --git a/security/smtpscan/distinfo b/security/smtpscan/distinfo
deleted file mode 100644
index dceb4c706274..000000000000
--- a/security/smtpscan/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (smtpscan-0.5.tar.gz) = fd101022e24513e478b7c8169c469c2fa7f54c516e188f035c355c73619ccc6a
-SIZE (smtpscan-0.5.tar.gz) = 162643
diff --git a/security/smtpscan/pkg-descr b/security/smtpscan/pkg-descr
deleted file mode 100644
index f64b172df580..000000000000
--- a/security/smtpscan/pkg-descr
+++ /dev/null
@@ -1,5 +0,0 @@
-smtpscan is a remote SMTP server version detector. It can be used to
-guess which mail software is used on a remote server, that may hide its
-SMTP banner.
-
-WWW: http://packetstormsecurity.org/UNIX/scanners/
diff --git a/security/sniff/Makefile b/security/sniff/Makefile
deleted file mode 100644
index 2f347aa49d2a..000000000000
--- a/security/sniff/Makefile
+++ /dev/null
@@ -1,32 +0,0 @@
-# Created by: Rick & Samu
-
-PORTNAME=	sniff
-PORTVERSION=	1.0
-CATEGORIES=	security
-MASTER_SITES=	LOCAL/fenner
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Program to sniff logins and passwords
-
-LICENSE=	GPLv2
-
-DEPRECATED=	Abandonware, last release around 2000 and dead upstream. Please consider using net/wireshark
-EXPIRATION_DATE=2022-03-31
-
-GNU_CONFIGURE=	yes
-
-PLIST_FILES=	sbin/sniff man/man1/sniff.1.gz
-
-post-patch:
-	@${REINPLACE_CMD} -e \
-		's|^CC.*|CC=@CC@| ; \
-		 s|^CFLAGS.*|CFLAGS=@CFLAGS@| ; \
-		 s|^PREFIX.*|PREFIX=@PREFIX@|' ${WRKSRC}/Makefile.in
-
-do-install:
-	(cd ${WRKSRC} && ${INSTALL_PROGRAM} sniff \
-		${STAGEDIR}${PREFIX}/sbin)
-	(cd ${WRKSRC} && ${INSTALL_MAN} sniff.1 \
-		${STAGEDIR}${MANPREFIX}/man/man1)
-
-.include <bsd.port.mk>
diff --git a/security/sniff/distinfo b/security/sniff/distinfo
deleted file mode 100644
index d29cf55a9140..000000000000
--- a/security/sniff/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (sniff-1.0.tar.gz) = e2c172ad7e6b2244c7d927bf3d0db2dba17903e4ab14e0add64678d7c656172e
-SIZE (sniff-1.0.tar.gz) = 24893
diff --git a/security/sniff/pkg-descr b/security/sniff/pkg-descr
deleted file mode 100644
index 2e3a1b86387b..000000000000
--- a/security/sniff/pkg-descr
+++ /dev/null
@@ -1,3 +0,0 @@
-This program filters the tcpump raw packet data looking for logins and
-passwords on the most commonly used TCP ports (FTP, telnet, POP3 ...).
-It dumps sniffed data to a file named sniff.log.
diff --git a/security/spybye/Makefile b/security/spybye/Makefile
deleted file mode 100644
index 53cf80995620..000000000000
--- a/security/spybye/Makefile
+++ /dev/null
@@ -1,28 +0,0 @@
-# Created by: pauls
-
-PORTNAME=	spybye
-PORTVERSION=	0.3
-PORTREVISION=	7
-CATEGORIES=	security www
-MASTER_SITES=	http://www.monkey.org/~provos/
-
-MAINTAINER=	bofh@FreeBSD.org
-COMMENT=	Web proxy to detect malware
-
-LICENSE=	GPLv2
-
-DEPRECATED=	Abandonware, last release in 2008 and no upstream development
-EXPIRATION_DATE=2022-03-31
-
-LIB_DEPENDS=	libevent.so:devel/libevent
-
-OPTIONS_DEFINE=	CLAMAV
-CLAMAV_DESC=	Enable CLAMAV support
-
-USE_RC_SUBR=	spybye
-GNU_CONFIGURE=	yes
-
-CLAMAV_LIB_DEPENDS=	libclamav.so:security/clamav
-CLAMAV_CONFIGURE_ON=	--with-libclamav=${PREFIX}/bin
-
-.include <bsd.port.mk>
diff --git a/security/spybye/distinfo b/security/spybye/distinfo
deleted file mode 100644
index 5a26526ed089..000000000000
--- a/security/spybye/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (spybye-0.3.tar.gz) = 00dd7df03c9a37e80854fa27e44eeaaa4a8c49fa3b0597b5e3b1b2a128669432
-SIZE (spybye-0.3.tar.gz) = 160014
diff --git a/security/spybye/files/spybye.in b/security/spybye/files/spybye.in
deleted file mode 100644
index 444eaf0bd003..000000000000
--- a/security/spybye/files/spybye.in
+++ /dev/null
@@ -1,36 +0,0 @@
-#!/bin/sh
-
-# PROVIDE: spybye
-# REQUIRE: DAEMON
-# BEFORE: LOGIN
-# KEYWORD: shutdown
-#
-# Add the following lines to /etc/rc.conf to enable spybye:
-# spybye_enable (bool):       Set to YES to enable spybye
-#                               Default: NO
-# spybye_flags (str):         Extra flags passed to spybye
-#                               Default: -x -p 8080 -l /var/log/spybye.log
-#       
-# spybye command arguments
-# spybye: [-P] [-p port] [-g good] [-b bad] [-l logfile] [-S shareurl] [-x]
-#	 -P disable private IP check; allows the proxy to fetch 127/8
-#	 -p port port number to create proxy server on
-#	 -g good_patterns a file or url containing the good patterns
-#	 -b bad_patterns a file or url containing the danger patterns
-#	 -l logfile a file to log dangerous site interactions to
-#	 -S shareurl host to log dangerous site interactions to
-#	 -x enable proxy mode
-
-. /etc/rc.subr
-
-name="spybye"
-load_rc_config ${name}
-rcvar=spybye_enable
-# set the defaults
-: ${spybye_enable="NO"}
-: ${spybye_flags="-x -p 8080 -l /var/log/spybye.log"}
-
-command=%%PREFIX%%/bin/${name}
-command_args="${spybye_flags} &"
-
-run_rc_command "$1"
diff --git a/security/spybye/pkg-descr b/security/spybye/pkg-descr
deleted file mode 100644
index cdc434d193dc..000000000000
--- a/security/spybye/pkg-descr
+++ /dev/null
@@ -1,13 +0,0 @@
-SpyBye is a tool to help web masters determine if their web pages
-are hosting browser exploits that can infect visiting users with
-malware. It functions as an HTTP proxy server and intercepts all
-browser requests. SpyBye uses a few simple rules to determine if
-embedded links on your web page are harmlesss, unknown or maybe
-even dangerous.
-
-SpyBye analyzes all downloads in the background and provides you
-with a warning notification whenever it encounters content that
-is potentially malicious. At that point, you can click on the link
-in the notification and receive a more detailed analysis of the web page.
-
-WWW: http://www.spybye.org/
diff --git a/security/spybye/pkg-plist b/security/spybye/pkg-plist
deleted file mode 100644
index cb14c576a7d2..000000000000
--- a/security/spybye/pkg-plist
+++ /dev/null
@@ -1,5 +0,0 @@
-bin/spybye
-bin/spybye2html
-%%DATADIR%%/bad_patterns
-%%DATADIR%%/good_patterns
-man/man1/spybye.1.gz
diff --git a/security/sslsniffer/Makefile b/security/sslsniffer/Makefile
deleted file mode 100644
index 01f8a04251ff..000000000000
--- a/security/sslsniffer/Makefile
+++ /dev/null
@@ -1,33 +0,0 @@
-# Created by: Jim Geovedi <jim@corebsd.or.id>
-
-PORTNAME=	sslsniffer
-PORTVERSION=	1.21
-CATEGORIES=	security net
-MASTER_SITES=	http://crypto.stanford.edu/~eujin/sslsniffer/
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	SSLv3/TLS and SSLv2 sniffer
-
-LICENSE=	GPLv2+
-
-DEPRECATED=	Abandonware, last release in 2001. Please consider using security/sslsplit or security/sslproxy
-EXPIRATION_DATE=2022-03-31
-
-USES=		ssl
-CFLAGS+=	-I${OPENSSLINC}
-LDFLAGS+=	-L${OPENSSLLIB}
-WRKSRC=		${WRKDIR}/${PORTNAME}
-
-PORTDOCS=	README
-PLIST_FILES=	bin/sslsniffer
-
-OPTIONS_DEFINE=	DOCS
-
-do-install:
-	${INSTALL_PROGRAM} ${WRKSRC}/sslsniffer ${STAGEDIR}${PREFIX}/bin
-
-do-install-DOCS-on:
-	@${MKDIR} ${STAGEDIR}${DOCSDIR}
-	${INSTALL_DATA} ${WRKSRC}/README ${STAGEDIR}${DOCSDIR}
-
-.include <bsd.port.mk>
diff --git a/security/sslsniffer/distinfo b/security/sslsniffer/distinfo
deleted file mode 100644
index aa7cd18cd110..000000000000
--- a/security/sslsniffer/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (sslsniffer-1.21.tar.gz) = 96f87d5c42e0282db8efbf0254f8c4bec4de15390338240187b68ed752a68809
-SIZE (sslsniffer-1.21.tar.gz) = 23723
diff --git a/security/sslsniffer/files/patch-Makefile b/security/sslsniffer/files/patch-Makefile
deleted file mode 100644
index e7d13dfcc482..000000000000
--- a/security/sslsniffer/files/patch-Makefile
+++ /dev/null
@@ -1,34 +0,0 @@
---- Makefile.orig	2001-10-08 22:11:16 UTC
-+++ Makefile
-@@ -1,26 +1,24 @@
--CC= gcc
- PFLAGS= -cache-dir=/tmp/${USER} 
- PURIFY= purify ${PFLAGS}
--INCS= -I/usr/local/ssl/include
--LIBS= -L/usr/local/ssl/lib -L. -lnsl -lssl -lcrypto -lutl
-+INCS= -I${OPENSSLINC}
-+LIBS= -L${OPENSSLLIB} -L. -lssl -lcrypto -lutl
- SRCS= sslsniffer.c 
- OBJS= ${SRCS:.c=.o}
- BINS= sslsniffer
- UTL_LIB= libutl.a
- UTL_SRCS= general_utilities.c net_utilities.c
- AR= ar
--ARFLAGS= rs
-+ARFLAGS= r
- BINS.PURIFY= sslpure
- 
--CCFLAGS= -g -Wall -O3 -pedantic ${INCS} 
- 
- all: $(UTL_LIB) ${BINS} 
- 
- %.o: %.c
--	${CC} ${CCFLAGS} -c $<
-+	${CC} ${CFLAGS} ${INCS} -c $<
- 
- ${BINS}: ${OBJS}
--	${CC} ${CCFLAGS} -o $@  ${OBJS} ${LIBS} 
-+	${CC} ${CFLAGS} ${INCS} -o $@  ${OBJS} ${LIBS} 
- 
- $(UTL_LIB): general_utilities.o net_utilities.o
- 	${AR} ${ARFLAGS} $@ general_utilities.o net_utilities.o
diff --git a/security/sslsniffer/files/patch-sslsniffer.c b/security/sslsniffer/files/patch-sslsniffer.c
deleted file mode 100644
index 60822ba100eb..000000000000
--- a/security/sslsniffer/files/patch-sslsniffer.c
+++ /dev/null
@@ -1,26 +0,0 @@
---- sslsniffer.c.orig	2001-10-08 22:10:44 UTC
-+++ sslsniffer.c
-@@ -1573,14 +1573,22 @@ PrintCertificateInfo(UTL_CERT_INFO *buf, EVP_PKEY *key
-     
-     if (key == NULL) return;
-     
--    switch (key->type) 
-+    switch (EVP_PKEY_id(key))
-     {
-     case EVP_PKEY_RSA:
-+#if OPENSSL_VERSION_NUMBER < 0x10100005L
- 	buf->keysize = RSA_size(key->pkey.rsa)*8;
-+#else
-+	buf->keysize = RSA_size(EVP_PKEY_get0_RSA(key))*8;
-+#endif
- 	printf("  RSA Public key size %d bits\n\n",buf->keysize);
- 	break;      
-     case EVP_PKEY_DSA:
-+#if OPENSSL_VERSION_NUMBER < 0x10100005L
- 	buf->keysize = DSA_size(key->pkey.dsa)*8;
-+#else
-+	buf->keysize = DSA_size(EVP_PKEY_get0_DSA(key))*8;
-+#endif
- 	printf("  DSS Public key size %d bits\n\n",buf->keysize);
- 	break;
-     default:
diff --git a/security/sslsniffer/pkg-descr b/security/sslsniffer/pkg-descr
deleted file mode 100644
index a4a93a9a5f69..000000000000
--- a/security/sslsniffer/pkg-descr
+++ /dev/null
@@ -1,6 +0,0 @@
-A SSLv3/TLS and SSLv2 proxy server that sniffs SSL/TLS packets and prints
-out the contents of packets in stdout.  It can also serve as a (not very
-efficient) proxy server.  Note that this tool does not decrypt or even
-attempt to decrypt the traffic that is routed through it.
-
-WWW: http://crypto.stanford.edu/~eujin/sslsniffer/
diff --git a/security/sslwrap/Makefile b/security/sslwrap/Makefile
deleted file mode 100644
index 8ee1ee664aeb..000000000000
--- a/security/sslwrap/Makefile
+++ /dev/null
@@ -1,52 +0,0 @@
-# Created by: Zahemszky, Gabor <ZGabor at CoDe dot HU>
-
-PORTNAME=	sslwrap
-PORTVERSION=	2.0.6
-PORTREVISION=	2
-CATEGORIES=	security
-MASTER_SITES=	http://www.rickk.com/sslwrap/
-DISTNAME=	${PORTNAME}
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Another SSL Wrapper application, which uses SSLEay/OpenSSL
-
-# 4th clause is actually different here and does not really apply
-# to FreeBSD, but the license still contains advertising clause
-# making it identical to classic BSD4CLAUSE
-LICENSE=	BSD4CLAUSE
-
-DEPRECATED=	Abandonware, marked BROKEN on 12+ in 2019
-EXPIRATION_DATE=2022-03-31
-
-WRKSRC=		${WRKDIR}/${PORTNAME}${PORTVERSION:S/.//g}
-
-USES=		ssl
-
-PORTDOCS=	README docs.html
-PLIST_FILES=	bin/sslwrap
-
-OPTIONS_DEFINE=	DOCS
-
-.include <bsd.port.pre.mk>
-
-.if ${SSL_DEFAULT} == base
-BROKEN_FreeBSD_12=	incomplete definition of type 'struct dh_st'
-BROKEN_FreeBSD_13=	incomplete definition of type 'struct dh_st'
-BROKEN_FreeBSD_14=	incomplete definition of type 'struct dh_st'
-.endif
-
-post-patch:
-	@${FIND} ${WRKSRC} -name "*.[ch]" | ${XARGS} ${REINPLACE_CMD} -e \
-		's|SSL_OP_NON_EXPORT_FIRST|SSL_OP_CIPHER_SERVER_PREFERENCE|g ; \
-		 s|OPENSSL"|"openssl/|g'
-
-do-install:
-	${INSTALL_PROGRAM} ${WRKSRC}/sslwrap ${STAGEDIR}${PREFIX}/bin
-
-do-install-DOCS-on:
-	@${MKDIR} ${STAGEDIR}${DOCSDIR}
-.for i in ${PORTDOCS}
-	${INSTALL_DATA} ${WRKSRC}/${i} ${STAGEDIR}${DOCSDIR}
-.endfor
-
-.include <bsd.port.post.mk>
diff --git a/security/sslwrap/distinfo b/security/sslwrap/distinfo
deleted file mode 100644
index e92f3043b3fe..000000000000
--- a/security/sslwrap/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (sslwrap.tar.gz) = 596a1bf61a457662e754b9fcfec6b3df7fb2f6c88498bd76ef8027f08c3af336
-SIZE (sslwrap.tar.gz) = 21170
diff --git a/security/sslwrap/files/patch-Makefile b/security/sslwrap/files/patch-Makefile
deleted file mode 100644
index aefd65bfe223..000000000000
--- a/security/sslwrap/files/patch-Makefile
+++ /dev/null
@@ -1,26 +0,0 @@
---- Makefile.orig	2000-11-11 22:01:25 UTC
-+++ Makefile
-@@ -6,16 +6,19 @@ SRC = s_server.c s_socket.c s_cb.c
- 
- # Debug/Optimizations
- #OPT = -g
--OPT = -O2
-+CFLAGS?=-O2
-+OPT = ${CFLAGS}
-+
-+CC?=	gcc
- 
- # Define 
- OPENSSL="\"openssl/\""
- #OPENSSL=""
- 
- all :
--	gcc -o sslwrap ${SRC} ${OPT} -DFLAT_INC -DOPENSSL=${OPENSSL} \
--		-L/usr/local/ssl/lib -lssl -lcrypto \
--		-I/usr/local/ssl/include \
-+	${CC} -o sslwrap ${SRC} ${OPT} -DFLAT_INC -DOPENSSL=${OPENSSL} \
-+		-L${OPENSSLLIB} -lssl -lcrypto ${EXTRA_SSL_LIBS} \
-+		-I${OPENSSLINC} \
- 		${EXTLIBS}
- 
- clean:
diff --git a/security/sslwrap/files/patch-s_server.c b/security/sslwrap/files/patch-s_server.c
deleted file mode 100644
index 64c86f1c3f1f..000000000000
--- a/security/sslwrap/files/patch-s_server.c
+++ /dev/null
@@ -1,15 +0,0 @@
---- s_server.c.orig	2000-11-11 22:11:18 UTC
-+++ s_server.c
-@@ -137,6 +137,12 @@ static RSA MS_CALLBACK *tmp_rsa_cb(SSL *
- , int keylen
- #endif
- );
-+#if defined(OPENSSL_NO_SSL2)
-+#define NO_SSL2
-+#endif
-+#if defined(OPENSSL_NO_SSL3)
-+#define NO_SSL3
-+#endif
- static int sv_body(char *hostname, int sin, int sout);
- static void close_accept_socket(void );
- static void sv_usage(void);
diff --git a/security/sslwrap/pkg-descr b/security/sslwrap/pkg-descr
deleted file mode 100644
index c584f2d4b6da..000000000000
--- a/security/sslwrap/pkg-descr
+++ /dev/null
@@ -1,12 +0,0 @@
-"... sslwrap is a simple Unix service that sits over any simple TCP service
-such as POP3, IMAP, SMTP, and encrypts all of the data on the
-connection using TLS/SSL. It uses ssleay to support SSL version 2 and
-3. It can run out of inetd. It can also encrypt data for services
-located on another computer.
-
-It works with the servers you already have, and does not require any
-modifications to your existing servers. ..."
-
-Of course, it works with OpenSSL, too.
-
-WWW: http://www.rickk.com/sslwrap/
diff --git a/security/strobe/Makefile b/security/strobe/Makefile
deleted file mode 100644
index 0aa76f44d828..000000000000
--- a/security/strobe/Makefile
+++ /dev/null
@@ -1,27 +0,0 @@
-# Created by: proff
-
-PORTNAME=	strobe
-PORTVERSION=	1.06
-PORTREVISION=	1
-CATEGORIES=	security
-MASTER_SITES=	http://ftp.ussg.iu.edu/security/tools/unix/scanners/strobe/ \
-		http://ftp.cerias.purdue.edu/pub/tools/unix/scanners/strobe/ \
-		http://ftp.surfnet.nl/security/coast/scanners/strobe/
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Fast scatter/gather TCP port scanner
-
-DEPRECATED=	Abandonware, last release around 2000 and dead upstream. Please consider using security/nmap or security/rustscan
-EXPIRATION_DATE=2022-03-31
-
-WRKSRC=		${WRKDIR}/strobe
-ALL_TARGET=	strobe
-
-PLIST_FILES=	bin/strobe lib/strobe.services man/man1/strobe.1.gz
-
-do-install:
-	${INSTALL_PROGRAM} ${WRKSRC}/strobe ${STAGEDIR}${PREFIX}/bin
-	${INSTALL_DATA} ${WRKSRC}/strobe.services ${STAGEDIR}${PREFIX}/lib
-	${INSTALL_MAN} ${WRKSRC}/strobe.1 ${STAGEDIR}${MANPREFIX}/man/man1
-
-.include <bsd.port.mk>
diff --git a/security/strobe/distinfo b/security/strobe/distinfo
deleted file mode 100644
index d5c4f8e2e3a1..000000000000
--- a/security/strobe/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (strobe-1.06.tar.gz) = 07ff7b3911d834cdca484c3881dc5646d2c34ba337c38a6cde909a2b06bb85ab
-SIZE (strobe-1.06.tar.gz) = 35674
diff --git a/security/strobe/files/patch-Makefile b/security/strobe/files/patch-Makefile
deleted file mode 100644
index 358253d29192..000000000000
--- a/security/strobe/files/patch-Makefile
+++ /dev/null
@@ -1,51 +0,0 @@
---- Makefile.orig	Thu Jul  3 04:48:00 1997
-+++ Makefile	Tue Dec 29 11:15:04 1998
-@@ -3,15 +3,16 @@
- 
- # Modify the below to suit your filesystem
- 
--INSTALLDIR=/usr/local/bin
--LIBDIR=/usr/local/lib
--MANDIR=/usr/local/man/man1
-+PREFIX?=/usr/local
-+INSTALLDIR=${PREFIX}/bin
-+LIBDIR=${PREFIX}/lib
-+MANDIR=${PREFIX}/man/man1
- 
--#CC=cc
--CC=gcc
-+CC?=cc
-+#CC=gcc
- 
- #FLAGS=-O -nointl		# SCO
--FLAGS= -O -g -Wall
-+FLAGS= -O -Wall
- 
- #LIBS= -lnsl -lsocket		# SYSVR4 / SOLARIS
- #LIBS= -lsocket -lmalloc -lc_s	# SCO
-@@ -31,7 +32,7 @@
-      -DSTROBE_SERVICES='"$(DATA)"'\
-      -DETC_SERVICES='"$(ETC_SERVICES)"'
- 
--CFLAGS=$(FLAGS) $(DEFS)
-+CFLAGS+=$(DEFS)
- 
- $(BIN): $(OBJS)
- 	$(CC) $(CFLAGS) -o $(BIN) $(OBJS) $(LIBS)
-@@ -40,13 +41,13 @@
- $(MAN):
- $(INSTALLDIR)/$(BIN): $(BIN)
- 	-rm -f $(INSTALLDIR)/$(BIN)
--	install -m 755 -s $(BIN) $(INSTALLDIR)/$(BIN)
-+	install -c -o bin -g bin -m 755 -s $(BIN) $(INSTALLDIR)/$(BIN)
- $(LIBDIR)/$(DATA): $(DATA)
- 	-rm -f $(LIBDIR)/$(DATA)
--	install -m 644 $(DATA) $(LIBDIR)/$(DATA)
-+	install -c -o bin -g bin -m 644 $(DATA) $(LIBDIR)/$(DATA)
- $(MANDIR)/$(MAN): $(MAN)
- 	-rm -f $(MANDIR)/$(MAN)
--	install -m 644 $(MAN) $(MANDIR)/$(MAN)
-+	install -c -o bin -g bin -m 644 $(MAN) $(MANDIR)/$(MAN)
- install: $(INSTALLDIR)/$(BIN) $(LIBDIR)/$(DATA) $(MANDIR)/$(MAN)
- strobe.man : $(MAN)
- 	 nroff -man -Tascii $(MAN) > strobe.man
diff --git a/security/strobe/files/patch-strobe.c b/security/strobe/files/patch-strobe.c
deleted file mode 100644
index d837bb999738..000000000000
--- a/security/strobe/files/patch-strobe.c
+++ /dev/null
@@ -1,11 +0,0 @@
---- strobe.orig	2010-03-13 19:26:31.000000000 +0100
-+++ strobe.c	2010-03-13 19:27:06.000000000 +0100
-@@ -1297,7 +1297,7 @@
- 	exit (1);
-     }
-     port_descs=(struct port_desc_s **) Smalloc(sizeof(struct port_descs_s *) * 65536);
--    memset(port_descs, 0, 65536);
-+    memset(port_descs, 0, sizeof(struct port_descs_s *) * 65536);
-     while (fgets (lbuf, sizeof (lbuf), fh))
-     {
- 	char *p;
diff --git a/security/strobe/pkg-descr b/security/strobe/pkg-descr
deleted file mode 100644
index bdbd39315ea3..000000000000
--- a/security/strobe/pkg-descr
+++ /dev/null
@@ -1,10 +0,0 @@
-strobe   is  a  network/security  tool  that  locates  and
-describes all listening TCP ports on a (remote) host or on
-many hosts in a bandwidth utilisation maximising, and pro-
-cess resource minimizing manner.
-
-strobe approximates a parallel finite state machine inter-
-nally. In non-linear multi-host mode it attempts to appor-
-tion bandwidth and sockets amoung  the  hosts  very  effi-
-ciently.   This  can  reap  appreciable gains in speed for
-multiple distinct hosts/routes.
diff --git a/security/stud/Makefile b/security/stud/Makefile
deleted file mode 100644
index d4493b22e5ea..000000000000
--- a/security/stud/Makefile
+++ /dev/null
@@ -1,39 +0,0 @@
-# Created by: Franz Bettag <franz@bett.ag>
-
-PORTNAME=	stud
-PORTVERSION=	0.4
-PORTREVISION=	1
-CATEGORIES=	security
-
-MAINTAINER=	franz@bett.ag
-COMMENT=	Scalable TLS Unwrapping Daemon
-
-LICENSE=	BSD2CLAUSE
-
-DEPRECATED=	Abandonware, marked BROKEN on 12+ in 2019
-EXPIRATION_DATE=2022-03-31
-
-LIB_DEPENDS=	libev.so:devel/libev
-
-USES=		gmake ssl
-USE_GITHUB=	yes
-
-GH_ACCOUNT=	wasted
-
-MAKE_JOBS_UNSAFE=	yes
-
-PLIST_FILES=	bin/stud \
-		share/man/man8/stud.8.gz
-
-.include <bsd.port.pre.mk>
-
-.if ${SSL_DEFAULT} == base
-BROKEN_FreeBSD_12=	incomplete definition of type 'struct ssl_ctx_st'
-BROKEN_FreeBSD_13=	incomplete definition of type 'struct ssl_ctx_st'
-BROKEN_FreeBSD_14=	incomplete definition of type 'struct ssl_ctx_st'
-.endif
-
-post-install:
-	${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/${PORTNAME}
-
-.include <bsd.port.post.mk>
diff --git a/security/stud/distinfo b/security/stud/distinfo
deleted file mode 100644
index 108660d02f02..000000000000
--- a/security/stud/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (wasted-stud-0.4_GH0.tar.gz) = 8753a5015dbc7998e19dd353057d52e67fd203d713d80a0851fe24a21fadad63
-SIZE (wasted-stud-0.4_GH0.tar.gz) = 45621
diff --git a/security/stud/pkg-descr b/security/stud/pkg-descr
deleted file mode 100644
index ccba1b73ffc6..000000000000
--- a/security/stud/pkg-descr
+++ /dev/null
@@ -1,6 +0,0 @@
-stud is a network proxy that terminates TLS/SSL connections
-and forwards the unencrypted traffic to some backend. It's
-designed to handle 10s of thousands of connections
-efficiently on multicore machines.
-
-WWW: https://github.com/bumptech/stud
diff --git a/security/symbion-sslproxy/Makefile b/security/symbion-sslproxy/Makefile
deleted file mode 100644
index 30350cf926eb..000000000000
--- a/security/symbion-sslproxy/Makefile
+++ /dev/null
@@ -1,43 +0,0 @@
-# Created by: Gabor Kovesdan
-
-PORTNAME=	symbion-sslproxy
-PORTVERSION=	1.0.5
-CATEGORIES=	security
-MASTER_SITES=	SF/sslproxy/sslproxy/${PORTVERSION}
-DISTNAME=	sslproxy-${PORTVERSION}
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	SSL proxy for securing insecure connections
-
-LICENSE=	GPLv2+
-LICENSE_FILE=	${WRKSRC}/COPYING
-
-DEPRECATED=	Abandonware, last release in 2009 and inactive upstream
-EXPIRATION_DATE=2022-03-31
-
-USES=		gmake ssl tar:tgz
-CFLAGS+=	-I${OPENSSLINC}
-LDFLAGS+=	-L${OPENSSLLIB}
-
-SUB_FILES=	pkg-message
-
-PORTDOCS=	README
-PLIST_FILES=	sbin/ssl_proxy
-
-OPTIONS_DEFINE=	DOCS
-
-post-patch:
-	@${REINPLACE_CMD} -e \
-		's|^CC =|CC ?=| ; \
-		 s|^LD =.*|LD = $$(CC)| ; \
-		 s|^CFLAGS =|#CFLAGS =| ; \
-		 s|^LDFLAGS =|#LDFLAGS =|' ${WRKSRC}/Makefile.global
-
-do-install:
-	${INSTALL_PROGRAM} ${WRKSRC}/ssl_proxy ${STAGEDIR}${PREFIX}/sbin
-
-do-install-DOCS-on:
-	@${MKDIR} ${STAGEDIR}${DOCSDIR}
-	${INSTALL_DATA} ${WRKSRC}/README ${STAGEDIR}${DOCSDIR}
-
-.include <bsd.port.mk>
diff --git a/security/symbion-sslproxy/distinfo b/security/symbion-sslproxy/distinfo
deleted file mode 100644
index eb9a79179868..000000000000
--- a/security/symbion-sslproxy/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (sslproxy-1.0.5.tgz) = 36d7fcf7789430cacdb9e7e6d054eecbd726f41c0015c83778ddd2befd6777d9
-SIZE (sslproxy-1.0.5.tgz) = 23756
diff --git a/security/symbion-sslproxy/files/pkg-message.in b/security/symbion-sslproxy/files/pkg-message.in
deleted file mode 100644
index 127058547e32..000000000000
--- a/security/symbion-sslproxy/files/pkg-message.in
+++ /dev/null
@@ -1,9 +0,0 @@
-[
-{ type: install
-  message: <<EOM
-This software doesn't have a configuration file.
-You can see the usage information with the -h command line option
-and in %%DOCSDIR%%/README.
-EOM
-}
-]
diff --git a/security/symbion-sslproxy/pkg-descr b/security/symbion-sslproxy/pkg-descr
deleted file mode 100644
index fabe4a8e6f46..000000000000
--- a/security/symbion-sslproxy/pkg-descr
+++ /dev/null
@@ -1,4 +0,0 @@
-The Symbion SSL Proxy listens on a TCP port, accepts SSL connections, and
-forwards them to an other (local or remote) TCP port, or UNIX domain socket.
-
-WWW: https://sourceforge.net/projects/sslproxy/
diff --git a/security/tlswrap/Makefile b/security/tlswrap/Makefile
deleted file mode 100644
index 618ed8e20f31..000000000000
--- a/security/tlswrap/Makefile
+++ /dev/null
@@ -1,37 +0,0 @@
-# Created by: Daniel O'Connor <darius@dons.net.au>
-
-PORTNAME=	tlswrap
-PORTVERSION=	1.0.4
-PORTREVISION=	2
-CATEGORIES=	security
-MASTER_SITES=	https://www.tlswrap.com/
-DISTNAME=	${PORTNAME}-1.04
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	FTP proxy that wraps data and control with TLS/SSL
-
-BROKEN=		Unfetchable
-DEPRECATED=	Abandonware, last release in 2007 and dead upstream
-EXPIRATION_DATE=2022-03-31
-
-USES=		ssl
-GNU_CONFIGURE=	yes
-CONFIGURE_ARGS=	--with-ssl=${OPENSSLBASE}
-CFLAGS+=	-I${OPENSSLINC}
-
-OPTIONS_DEFINE=	DOCS
-
-.include <bsd.port.pre.mk>
-
-post-patch:
-	@${REINPLACE_CMD} -E 's,^(CC|CFLAGS|LDFLAGS).*=,\1?=,g' \
-		${WRKSRC}/Makefile.in
-	@${REINPLACE_CMD} -E 's,pipe([12]),pipe0\1,g' \
-		${WRKSRC}/misc.[ch] ${WRKSRC}/network.c ${WRKSRC}/tlswrap.c
-
-do-install:
-	${INSTALL_PROGRAM} ${WRKSRC}/tlswrap ${STAGEDIR}${PREFIX}/bin
-	@${MKDIR} ${STAGEDIR}${DOCSDIR}
-	${INSTALL_DATA} ${WRKSRC}/README ${STAGEDIR}${DOCSDIR}
-
-.include <bsd.port.post.mk>
diff --git a/security/tlswrap/distinfo b/security/tlswrap/distinfo
deleted file mode 100644
index 2e73e01b44ce..000000000000
--- a/security/tlswrap/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (tlswrap-1.04.tar.gz) = d10b8b45276695f5357d3e46212b8708a6baf42c83c5e4f4a263801890ac34b4
-SIZE (tlswrap-1.04.tar.gz) = 129507
diff --git a/security/tlswrap/files/patch-conf.h.in b/security/tlswrap/files/patch-conf.h.in
deleted file mode 100644
index 0ea13a676be5..000000000000
--- a/security/tlswrap/files/patch-conf.h.in
+++ /dev/null
@@ -1,12 +0,0 @@
---- conf.h.in.orig	2015-04-19 16:22:45.000000000 +0200
-+++ conf.h.in	2015-04-19 16:22:41.000000000 +0200
-@@ -45,6 +45,9 @@
- /* Define to 1 if you have the `RAND_status' function. */
- #undef HAVE_RAND_STATUS
- 
-+/* Define to 1 if you have the `RAND_egd' function. */
-+#undef HAVE_RAND_EGD
-+
- /* Define to 1 if you have the `setproctitle' function. */
- #undef HAVE_SETPROCTITLE
- 
diff --git a/security/tlswrap/files/patch-configure b/security/tlswrap/files/patch-configure
deleted file mode 100644
index 805dcf49a772..000000000000
--- a/security/tlswrap/files/patch-configure
+++ /dev/null
@@ -1,81 +0,0 @@
---- configure.orig	2006-11-25 19:52:04.000000000 +0100
-+++ configure	2015-04-19 15:53:43.000000000 +0200
-@@ -4519,6 +4519,78 @@ _ACEOF
- fi
- done
- 
-+echo "$as_me:$LINENO: checking for RAND_egd in -lcrypto" >&5
-+echo $ECHO_N "checking for RAND_egd in -lcrypto... $ECHO_C" >&6
-+if test "${ac_cv_lib_crypto_RAND_egd+set}" = set; then
-+  echo $ECHO_N "(cached) $ECHO_C" >&6
-+else
-+  ac_check_lib_save_LIBS=$LIBS
-+LIBS="-lcrypto  $LIBS"
-+cat >conftest.$ac_ext <<_ACEOF
-+/* confdefs.h.  */
-+_ACEOF
-+cat confdefs.h >>conftest.$ac_ext
-+cat >>conftest.$ac_ext <<_ACEOF
-+/* end confdefs.h.  */
-+
-+/* Override any gcc2 internal prototype to avoid an error.  */
-+#ifdef __cplusplus
-+extern "C"
-+#endif
-+/* We use char because int might match the return type of a gcc2
-+   builtin and then its argument prototype would still apply.  */
-+char RAND_egd ();
-+int
-+main ()
-+{
-+RAND_egd ();
-+  ;
-+  return 0;
-+}
-+_ACEOF
-+rm -f conftest.$ac_objext conftest$ac_exeext
-+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
-+  (eval $ac_link) 2>conftest.er1
-+  ac_status=$?
-+  grep -v '^ *+' conftest.er1 >conftest.err
-+  rm -f conftest.er1
-+  cat conftest.err >&5
-+  echo "$as_me:$LINENO: \$? = $ac_status" >&5
-+  (exit $ac_status); } &&
-+	 { ac_try='test -z "$ac_c_werror_flag"
-+			 || test ! -s conftest.err'
-+  { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
-+  (eval $ac_try) 2>&5
-+  ac_status=$?
-+  echo "$as_me:$LINENO: \$? = $ac_status" >&5
-+  (exit $ac_status); }; } &&
-+	 { ac_try='test -s conftest$ac_exeext'
-+  { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
-+  (eval $ac_try) 2>&5
-+  ac_status=$?
-+  echo "$as_me:$LINENO: \$? = $ac_status" >&5
-+  (exit $ac_status); }; }; then
-+  ac_cv_lib_crypto_RAND_egd=yes
-+else
-+  echo "$as_me: failed program was:" >&5
-+sed 's/^/| /' conftest.$ac_ext >&5
-+
-+ac_cv_lib_crypto_RAND_egd=no
-+fi
-+rm -f conftest.err conftest.$ac_objext \
-+      conftest$ac_exeext conftest.$ac_ext
-+LIBS=$ac_check_lib_save_LIBS
-+fi
-+echo "$as_me:$LINENO: result: $ac_cv_lib_crypto_RAND_egd" >&5
-+echo "${ECHO_T}$ac_cv_lib_crypto_RAND_egd" >&6
-+if test $ac_cv_lib_crypto_RAND_egd = yes; then
-+
-+cat >>confdefs.h <<\_ACEOF
-+#define HAVE_RAND_EGD 1
-+_ACEOF
-+
-+fi
-+
- 
-           ac_config_files="$ac_config_files Makefile"
- cat >confcache <<\_ACEOF
diff --git a/security/tlswrap/files/patch-configure.in b/security/tlswrap/files/patch-configure.in
deleted file mode 100644
index a8082ef2211f..000000000000
--- a/security/tlswrap/files/patch-configure.in
+++ /dev/null
@@ -1,9 +0,0 @@
---- configure.in.orig	2015-04-19 16:17:12.000000000 +0200
-+++ configure.in	2015-04-19 16:17:24.000000000 +0200
-@@ -113,5 +113,6 @@ esac
- dnl Checks for library functions.
- AC_FUNC_MEMCMP
- AC_CHECK_FUNCS(getopt pidfile inet_aton RAND_status errx strlcpy daemon getnameinfo setproctitle)
-+AC_CHECK_LIB(crypto, RAND_egd, AC_DEFINE(HAVE_RAND_EGD, 1, [Define if the libcrypto has RAND_egd]))
- AC_SUBST(INCLUDES)
- AC_OUTPUT(Makefile)
diff --git a/security/tlswrap/files/patch-tls.c b/security/tlswrap/files/patch-tls.c
deleted file mode 100644
index 4decf9df93da..000000000000
--- a/security/tlswrap/files/patch-tls.c
+++ /dev/null
@@ -1,54 +0,0 @@
---- tls.c.orig	2006-11-25 18:52:08.000000000 +0000
-+++ tls.c	2019-03-22 17:37:16.971621000 +0000
-@@ -73,10 +73,12 @@
- 		printf("egd_sock is %s\n", egd_sock);
- #ifdef HAVE_RAND_STATUS
- 	if (RAND_status() != 1) {
-+#ifdef HAVE_RAND_EGD
- 		if ( RAND_egd(egd_sock) == -1 ) {
- 			fprintf(stderr, "egd_sock is %s\n", egd_sock);
- 			sys_err("RAND_egd failed\n");
- 		}
-+#endif
- 		if (RAND_status() != 1)
- 			sys_err("ssl_init: System without /dev/urandom, PRNG seeding must be done manually.\r\n");
- 	}
-@@ -258,7 +260,7 @@
- 	X509 				*x509_peer;
- 	X509_NAME			*x509_subj;
- 	X509_EXTENSION 		*x509_ext;
--	X509V3_EXT_METHOD	*x509_meth;
-+	const X509V3_EXT_METHOD	*x509_meth;
- 	int					ok, extcount, i, j;
- 	char 				*extstr;
- 	SSL					*ssl;
-@@ -294,15 +296,17 @@
- 			extstr = (char*)OBJ_nid2sn(OBJ_obj2nid(X509_EXTENSION_get_object(x509_ext)));
- 			if (debug) printf("extstr = %s\n", extstr);
- 			if (!strcmp(extstr, "subjectAltName")) {
-+				ASN1_OCTET_STRING *x509_ext_data;
- 				subjectaltname = 1;
- 				if	(!(x509_meth = X509V3_EXT_get(x509_ext)))
- 					break;
--				data1 = x509_ext->value->data;
-+				x509_ext_data = X509_EXTENSION_get_data(x509_ext);
-+				data1 = x509_ext_data->data;
- #if (OPENSSL_VERSION_NUMBER > 0x00907000L)     
- 				if (x509_meth->it)
--					ext_str = ASN1_item_d2i(NULL, &data1, x509_ext->value->length, ASN1_ITEM_ptr(x509_meth->it));
-+					ext_str = ASN1_item_d2i(NULL, &data1, x509_ext_data->length, ASN1_ITEM_ptr(x509_meth->it));
- 				else
--					ext_str = x509_meth->d2i(NULL, &data1, x509_ext->value->length);
-+					ext_str = x509_meth->d2i(NULL, &data1, x509_ext_data->length);
- #else
- 				ext_str = x509_meth->d2i(NULL, &data1, x509_ext->value->length);
- #endif
-@@ -341,7 +345,7 @@
- tls_auth_cont(struct user_data *ud, int data)
- {
- 	int status, sslerr, cert_ok;
--	SSL_CIPHER *cipher;
-+	const SSL_CIPHER *cipher;
- 	char cipher_info[128];
- 	SSL *ssl;
- 
diff --git a/security/tlswrap/pkg-descr b/security/tlswrap/pkg-descr
deleted file mode 100644
index 267f6a4c629a..000000000000
--- a/security/tlswrap/pkg-descr
+++ /dev/null
@@ -1,4 +0,0 @@
-TLSWrap is a TLS/SSL FTP wrapper/proxy for UNIX and Windows, allowing you to
-use your favourite FTP client with any TLS/SSL-enabled FTP server.
-
-WWW: https://www.tlswrap.com/
diff --git a/security/tlswrap/pkg-plist b/security/tlswrap/pkg-plist
deleted file mode 100644
index 320016d52c4a..000000000000
--- a/security/tlswrap/pkg-plist
+++ /dev/null
@@ -1,2 +0,0 @@
-bin/tlswrap
-%%PORTDOCS%%%%DOCSDIR%%/README
diff --git a/security/trinokiller/Makefile b/security/trinokiller/Makefile
deleted file mode 100644
index 98a367a5dd64..000000000000
--- a/security/trinokiller/Makefile
+++ /dev/null
@@ -1,28 +0,0 @@
-# Created by: David O'Brien (obrien@NUXI.com)
-
-PORTNAME=	trinokiller
-PORTVERSION=	1.0
-CATEGORIES=	security
-MASTER_SITES=	https://dl.packetstormsecurity.net/distributed/
-DISTNAME=	trinokiller
-EXTRACT_SUFX=	.c
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Remotely kill trino nodes
-
-DEPRECATED=	Abandonware, dead upstream
-EXPIRATION_DATE=2022-03-31
-
-PLIST_FILES=	sbin/trinokiller
-
-do-extract:
-	@${MKDIR} ${WRKSRC}
-	@${CP} ${DISTDIR}/${DISTFILES} ${WRKSRC}
-
-do-build:
-	${CC} ${CFLAGS} -o ${WRKSRC}/${DISTNAME} ${WRKSRC}/${DISTNAME}.c
-
-do-install:
-	${INSTALL_PROGRAM} ${WRKSRC}/${DISTNAME} ${STAGEDIR}/${PREFIX}/sbin
-
-.include <bsd.port.mk>
diff --git a/security/trinokiller/distinfo b/security/trinokiller/distinfo
deleted file mode 100644
index fc7269bc7df0..000000000000
--- a/security/trinokiller/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (trinokiller.c) = f57c15a7388cce60e4861913031d4f77c0bca6be29a00a0a70402e9cde13e7c8
-SIZE (trinokiller.c) = 1006
diff --git a/security/trinokiller/files/patch-trinokiller.c b/security/trinokiller/files/patch-trinokiller.c
deleted file mode 100644
index d8728903ab37..000000000000
--- a/security/trinokiller/files/patch-trinokiller.c
+++ /dev/null
@@ -1,10 +0,0 @@
---- trinokiller.c.orig	Sun Feb 13 19:41:24 2000
-+++ trinokiller.c	Sun Feb 13 19:41:48 2000
-@@ -12,6 +12,7 @@
-  *
-  */
- 
-+#include <sys/types.h>
- #include <stdlib.h>
- #include <stdio.h>
- #include <sys/socket.h>
diff --git a/security/trinokiller/pkg-descr b/security/trinokiller/pkg-descr
deleted file mode 100644
index 082bb3b8f7de..000000000000
--- a/security/trinokiller/pkg-descr
+++ /dev/null
@@ -1,4 +0,0 @@
-This program remotely kills trino nodes on version 1.07b2+f3 and below.
-It abuses the careless coding in trinoo nodes and causes them to exit. It
-requires that you either know the node password or think it's the default
-password.
diff --git a/security/tripwire-131/Makefile b/security/tripwire-131/Makefile
deleted file mode 100644
index 1ab072891a94..000000000000
--- a/security/tripwire-131/Makefile
+++ /dev/null
@@ -1,56 +0,0 @@
-# Created by: Cy Schubert <Cy.Schubert@uumail.gov.bc.ca>
-
-PORTNAME=	tripwire
-PORTVERSION=	1.3.1
-CATEGORIES=	security
-MASTER_SITES=	ftp://ftp.cc.uoc.gr/system/security/tools/tripwire/ \
-		ftp://ftp.uni-potsdam.de/pub/unix/tools/
-DISTNAME=	Tripwire-${PORTVERSION}-1
-PKGNAMESUFFIX=	-131
-
-MAINTAINER=	cy@FreeBSD.org
-COMMENT=	File system security and verification program
-
-# Converted from NO_CDROM
-LICENSE=	Tripwire
-LICENSE_NAME=	tripwire
-LICENSE_TEXT=	Cannot be redistributed for more than the cost of duplication
-LICENSE_PERMS=	dist-mirror pkg-mirror auto-accept
-
-DEPRECATED=	Deprecated, please consider using security/tripwire instead
-EXPIRATION_DATE=2022-03-31
-
-USES=		cpe
-
-NO_PACKAGE=	requires local database to be built
-# XXX should also work on other 32-bit architectures.
-ONLY_FOR_ARCHS=	i386
-ONLY_FOR_ARCHS_REASON=	cannot determine byte order
-
-WRKSRC=		${WRKDIR}/tw_ASR_1.3.1_src
-MAKE_JOBS_UNSAFE=	yes
-
-.include <bsd.port.pre.mk>
-
-TDATADIR=	${STAGEDIR}/var/local/tcheck
-MAKE_ARGS=	BINDIR=${STAGEDIR}${PREFIX}/bin \
-		MANPREFIX=${STAGEDIR}${MANPREFIX}
-NO_DB_BUILD=	yes
-
-TWCONFIG?=	${FILESDIR}/tw.conf.freebsd2
-
-pre-configure:
-	@ ${CP} ${FILESDIR}/conf-freebsd2.h ${WRKSRC}/configs
-	@ ${CP} ${TWCONFIG} ${WRKSRC}/configs/tw.conf.freebsd2
-
-post-install:
-	@ ${MKDIR} ${TDATADIR}
-	@ ${CP} ${TWCONFIG} ${TDATADIR}/tw.config.dist
-.ifndef NO_DB_BUILD
-	# XXX For reference only
-	@ ${ECHO} Creating tripwire database
-	@ ${CP} -i ${TWCONFIG} ${TDATADIR}/tw.config
-	@ (cd /var/adm/tcheck; tripwire -initialize)
-.endif
-
-.include <bsd.port.post.mk>
diff --git a/security/tripwire-131/distinfo b/security/tripwire-131/distinfo
deleted file mode 100644
index 0bb172d9ef28..000000000000
--- a/security/tripwire-131/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (Tripwire-1.3.1-1.tar.gz) = bdc388b24eaf94644f28578a6f01df970885afcf60b8bc588028985157f57c1b
-SIZE (Tripwire-1.3.1-1.tar.gz) = 283196
diff --git a/security/tripwire-131/files/conf-freebsd2.h b/security/tripwire-131/files/conf-freebsd2.h
deleted file mode 100644
index 20b3f331e8bd..000000000000
--- a/security/tripwire-131/files/conf-freebsd2.h
+++ /dev/null
@@ -1,55 +0,0 @@
-/* $Id: conf-freebsd2.h,v 1.1.1.1 1997/04/01 04:44:00 jdp Exp $ */
-
-/*
- * conf-freebsd2.h
- *
- *	Tripwire configuration file
- *
- * Joe Greco
- * sol.net Network Services
- * Derived from the other BSD config.h's
- */
-
-/***
- *** Operating System specifics
- ***	
- ***	If the answer to a question in the comment is "Yes", then
- ***	change the corresponding "#undef" to a "#define"
- ***/
-
-/*
- * is your OS a System V derivitive?  if so, what version?
- *			(e.g., define SYSV 4)
- */
-
-#undef SYSV
-
-/* 
- * does your system have a <malloc.h> like System V? 
- */
-
-#undef MALLOCH 	
-
-/* 
- * does your system have a <stdlib.h> like POSIX says you should? 
- */
-
-#define STDLIBH
-
-/*
- * does your system use readdir(3) that returns (struct dirent *)?
- */
-
-#define DIRENT
-
-/*
- * is #include <string.h> ok?  (as opposed to <strings.h>)
- */
-
-#define STRINGH
- 
-/* 
- * does your system have gethostname(2) (instead of uname(2))?
- */
-
-#define GETHOSTNAME
diff --git a/security/tripwire-131/files/patch-Makefile b/security/tripwire-131/files/patch-Makefile
deleted file mode 100644
index f483f4a8f79b..000000000000
--- a/security/tripwire-131/files/patch-Makefile
+++ /dev/null
@@ -1,50 +0,0 @@
---- Makefile.orig	1999-05-04 01:31:00.000000000 -0700
-+++ Makefile	2014-06-07 22:43:39.000000000 -0700
-@@ -10,11 +10,9 @@
- ###
- 
- # destination directory for final executables
--DESTDIR = /usr/local/bin/tw
--DATADIR = /var/tripwire
- 
- # destination for man pages
--MANDIR  = /usr/man		# This needs to change to reflect the path
-+MANDIR  = $(MANPREFIX)/man	# This needs to change to reflect the path
-                         # on your system
- 
- # system utilities
-@@ -33,7 +31,6 @@
- 
- # you can use ANSI C if you like, but K&R is equally fine.
- #CC     = cc			# common
--CC     = gcc			# also common
- #CC	= /usr/ccs/bin/cc	# Pyramid DC/OSx (SVR4)
- 
- CFLAGS = -O			# common 
-@@ -60,8 +57,8 @@
- #CPP	= /lib/cpp		# on older systems
- 
- # make sure libraries are not linked dynamically (as a security measure)
--#LDFLAGS= -static        # Most systems, Linux / RedHat 5.2 and previous
--LDFLAGS= -ldl          # Solaris 2.x, Redhat 6.0
-+LDFLAGS= -static        # Most systems, Linux / RedHat 5.2 and previous
-+#LDFLAGS= -ldl          # Solaris 2.x, Redhat 6.0
- # common
- #LDFLAGS= -non_shared		# OSF/1
- #LDFLAGS= -Bstatic		# SunOS 4 (cannot statically link tripwire
-@@ -106,13 +103,9 @@
- 		YACC="$(YACC)" LEX="$(LEX)" all)
- 
- install: all
--	$(INSTALL) -d $(DESTDIR)
--	(cd src; make INSTALL=$(INSTALL) DESTDIR=$(DESTDIR) install)
-+	$(INSTALL) -d $(BINDIR)
-+	(cd src; make INSTALL=$(INSTALL) BINDIR=$(BINDIR) install)
- 	(cd man; make INSTALL=$(INSTALL) MANDIR=$(MANDIR) install)
--	(cd configs; $(INSTALL) -m 444 tw.config $(DESTDIR))
--	chmod 555 $(DESTDIR)
--	$(INSTALL) -m 0755 -d $(DATADIR)
--	$(INSTALL) -m 444 tests/tw.db_TEST $(DATADIR)
- 
- test:	all
- 	(cd tests; make HOSTNAME=$(HOSTNAME) DIST=$(DIST) SHELL=$(SHELL) \
diff --git a/security/tripwire-131/files/patch-include-config.h b/security/tripwire-131/files/patch-include-config.h
deleted file mode 100644
index d3ad42fc3b81..000000000000
--- a/security/tripwire-131/files/patch-include-config.h
+++ /dev/null
@@ -1,38 +0,0 @@
-*** include/config.h.orig	Fri Jul 15 06:02:52 1994
---- include/config.h	Sun Dec 31 18:56:20 1989
-***************
-*** 17,23 ****
-   ***	file that corresponds with your operating system.
-   ***/
-  
-! #include "../configs/conf-svr4.h"
-  
-  #ifdef TW_TYPE32
-  typedef TW_TYPE32 int32;
---- 17,23 ----
-   ***	file that corresponds with your operating system.
-   ***/
-  
-! #include "../configs/conf-freebsd2.h"
-  
-  #ifdef TW_TYPE32
-  typedef TW_TYPE32 int32;
-***************
-*** 103,110 ****
-  #endif
-  */
-  
-! #define CONFIG_PATH     "/usr/local/bin/tw"
-! #define DATABASE_PATH   "/var/tripwire"
-  
-  /******* name of Tripwire files **************************************
-   *
---- 103,110 ----
-  #endif
-  */
-  
-! # define CONFIG_PATH     "/var/adm/tcheck"
-! # define DATABASE_PATH   "/var/adm/tcheck/databases"
-  
-  /******* name of Tripwire files **************************************
-   *
diff --git a/security/tripwire-131/files/patch-man-Makefile b/security/tripwire-131/files/patch-man-Makefile
deleted file mode 100644
index cac7cdf230fc..000000000000
--- a/security/tripwire-131/files/patch-man-Makefile
+++ /dev/null
@@ -1,10 +0,0 @@
---- man/Makefile.orig	1999-05-04 01:31:00.000000000 -0700
-+++ man/Makefile	2014-06-01 22:12:53.000000000 -0700
-@@ -5,6 +5,7 @@
- all:	install
- 
- install:
-+	mkdir -p $(MANDIR)/man5 $(MANDIR)/man8
- 	cp siggen.8 $(MANDIR)/man8
- 	cp tripwire.8 $(MANDIR)/man8
- 	cp tw.config.5 $(MANDIR)/man5
diff --git a/security/tripwire-131/files/patch-sigs-sha-sha.c b/security/tripwire-131/files/patch-sigs-sha-sha.c
deleted file mode 100644
index bad090157860..000000000000
--- a/security/tripwire-131/files/patch-sigs-sha-sha.c
+++ /dev/null
@@ -1,16 +0,0 @@
-This patch eliminates a compiler warning about LITTLE_ENDIAN begin
-redefined.
-
-*** sigs/sha/sha.c.orig	Mon Jul 25 08:46:45 1994
---- sigs/sha/sha.c	Mon Mar 31 19:55:23 1997
-***************
-*** 47,52 ****
---- 47,54 ----
-  #include "sha.h"
-  
-  #if BYTEORDER == 0x1234
-+ #undef BIG_ENDIAN
-+ #undef LITTLE_ENDIAN
-  #define LITTLE_ENDIAN
-  #endif
-  
diff --git a/security/tripwire-131/files/patch-src-Makefile b/security/tripwire-131/files/patch-src-Makefile
deleted file mode 100644
index 07d151ecd0ac..000000000000
--- a/security/tripwire-131/files/patch-src-Makefile
+++ /dev/null
@@ -1,13 +0,0 @@
---- src/Makefile.orig	Tue May  4 01:31:00 1999
-+++ src/Makefile	Thu May 11 19:49:21 2000
-@@ -104,8 +104,8 @@
- 	$(CC) $(CFLAGS) -c $<
- 
- install:	tripwire
--	$(INSTALL) -m 555 tripwire $(DESTDIR)
--	$(INSTALL) -m 555 siggen $(DESTDIR) 
-+	$(INSTALL) -f noschg -s -m 555 tripwire $(BINDIR)
-+	$(INSTALL) -f noschg -s -m 555 siggen $(BINDIR)
- 
- clean:
- 	-rm -f $(OFILES) config.lex.c config.pre.c y.tab.c lex.yy.c help.c \
diff --git a/security/tripwire-131/files/patch-src-config.parse.c b/security/tripwire-131/files/patch-src-config.parse.c
deleted file mode 100644
index 1148d21c0890..000000000000
--- a/security/tripwire-131/files/patch-src-config.parse.c
+++ /dev/null
@@ -1,21 +0,0 @@
---- src/config.parse.c.orig	Tue Jun 13 23:24:14 2000
-+++ src/config.parse.c	Tue Jun 13 23:30:35 2000
-@@ -55,7 +55,6 @@
- #endif
- 
- /* prototypes */
--char *mktemp();
- static void configfile_descend();
- 
- #ifndef L_tmpnam
-@@ -105,8 +104,8 @@
-     };
-     (void) strcpy(tmpfilename, TEMPFILE_TEMPLATE);
- 
--    if ((char *) mktemp(tmpfilename) == NULL) {
--	perror("configfile_read: mktemp()");
-+    if (mkstemp(tmpfilename) == -1) {
-+	perror("configfile_read: mkstemp()");
- 	exit(1);
-     }
- 
diff --git a/security/tripwire-131/files/patch-src-dbase.build.c b/security/tripwire-131/files/patch-src-dbase.build.c
deleted file mode 100644
index 8cc8988284fb..000000000000
--- a/security/tripwire-131/files/patch-src-dbase.build.c
+++ /dev/null
@@ -1,32 +0,0 @@
---- src/dbase.build.c.orig	Tue May  4 17:31:00 1999
-+++ src/dbase.build.c	Tue Jun 13 23:40:06 2000
-@@ -60,7 +60,6 @@
- int files_scanned_num = 0;
- 
- /* prototypes */
--char *mktemp();
- 
- /* new database checking routines */
- static void 	database_record_write();
-@@ -135,8 +134,8 @@
- 	    die_with_err("malloc() failed in database_build", (char *) NULL);
- 	(void) strcpy(tmpfilename, TEMPFILE_TEMPLATE);
- 
--	if ((char *) mktemp(tmpfilename) == NULL)
--	    die_with_err("database_build: mktemp()", (char *) NULL);
-+	if (mkstemp(tmpfilename) == -1)
-+	    die_with_err("database_build: mkstemp()", (char *) NULL);
- 
- 	(void) strcpy(tempdatabase_file, tmpfilename);
- 	(void) strcpy(database, tempdatabase_file);
-@@ -814,8 +813,8 @@
-     /* build temporary file name */
-     (void) strcpy(backup_name, TEMPFILE_TEMPLATE);
- 
--    if ((char *) mktemp(backup_name) == NULL) {
--	die_with_err("copy_database_to_backup: mktemp() failed!", NULL);
-+    if (mkstemp(backup_name) == -1) {
-+	die_with_err("copy_database_to_backup: mkstemp() failed!", NULL);
-     }
- 
-     strcpy (database_backupfile, backup_name);
diff --git a/security/tripwire-131/files/patch-src-siggen.c b/security/tripwire-131/files/patch-src-siggen.c
deleted file mode 100644
index 8bc36ac70a0e..000000000000
--- a/security/tripwire-131/files/patch-src-siggen.c
+++ /dev/null
@@ -1,21 +0,0 @@
---- src/siggen.c.orig	Tue Jun 13 23:42:53 2000
-+++ src/siggen.c	Tue Jun 13 23:43:27 2000
-@@ -52,7 +52,6 @@
- 
- extern int optind;
- int debuglevel = 0;
--char *mktemp();
- 
- int (*pf_signatures [NUM_SIGS]) () = {
- 					SIG0FUNC,
-@@ -172,8 +171,8 @@
- 	};
- 	(void) strcpy(tmpfilename, "/tmp/twzXXXXXX");
- 
--	if ((char *) mktemp(tmpfilename) == NULL) {
--	    perror("siggen: mktemp()");
-+	if (mkstemp(tmpfilename) == -1) {
-+	    perror("siggen: mkstemp()");
- 	    exit(1);
- 	}
- 
diff --git a/security/tripwire-131/files/patch-src-utils.c b/security/tripwire-131/files/patch-src-utils.c
deleted file mode 100644
index 3b025e3b07ce..000000000000
--- a/security/tripwire-131/files/patch-src-utils.c
+++ /dev/null
@@ -1,13 +0,0 @@
---- src/utils.c.orig	Tue Jun 13 23:43:01 2000
-+++ src/utils.c	Tue Jun 13 23:43:50 2000
-@@ -856,8 +856,8 @@
-     int fd;
- 
-     (void) strcpy(tmp, TEMPFILE_TEMPLATE);
--    if ((char *) mktemp(tmp) == NULL) {
--	perror("tempfilename_generate: mktemp()");
-+    if (mkstemp(tmp) == -1) {
-+	perror("tempfilename_generate: mkstemp()");
- 	exit(1);
-     }
- 
diff --git a/security/tripwire-131/files/tw.conf.freebsd2 b/security/tripwire-131/files/tw.conf.freebsd2
deleted file mode 100644
index 1f452b2cecd7..000000000000
--- a/security/tripwire-131/files/tw.conf.freebsd2
+++ /dev/null
@@ -1,150 +0,0 @@
-# $Id: tw.conf.freebsd2,v 1.3 1998/07/28 17:54:21 obrien Exp $
-#
-# tripwire.config
-# Generic version for FreeBSD
-#  Will need editing...see comments below
-#
-# This file contains a list of files and directories that System 
-# Preener will scan.  Information collected from these files will be 
-# stored in the tripwire.database file.
-#
-# Format: 			[!|=] entry [ignore-flags]
-#
-# where:	 '!' signifies the entry is to be pruned (inclusive) from
-#				the list of files to be scanned.
-#		 '=' signifies the entry is to be added, but if it is
-#				a directory, then all its contents are pruned
-#				(useful for /tmp).
-#
-# where:	entry is the absolute pathname of a file or a directory
-#
-# where ignore-flags are in the format:
-#		[template][ [+|-][pinugsam12] ... ]
-#
-# 	- :  ignore the following atributes
-#	+ :  do not ignore the following attributes
-#
-#	p :  permission and file mode bits 	a: access timestamp
-#	i :  inode number			m: modification timestamp
-#	n :  number of links (ref count)	c: inode creation timestamp
-#	u :  user id of owner			1: signature 1
-#	g :  group id of owner			2: signature 2
-#	s :  size of file
-#
-#
-# Ex:   The following entry will scan all the files in /etc, and report
-#	any changes in mode bits, inode number, reference count, uid,
-#	gid, modification and creation timestamp, and the signatures.
-#	However, it will ignore any changes in the access timestamp.
-#
-#	/etc	+pinugsm12-a
-#
-# The following templates have been pre-defined to make these long ignore
-# mask descriptions unecessary.
-#
-# Templates: 	(default)	R :  [R]ead-only (+pinugsm12-a)
-#				L :  [L]og file (+pinug-sam12)
-#				N :  ignore [N]othing (+pinusgsamc12)
-#				E :  ignore [E]verything (-pinusgsamc12)
-#
-# By default, Tripwire uses the R template -- it ignores
-# only the access timestamp.
-#
-# You can use templates with modifiers, like:
-#	Ex:  /etc/lp	E+ug
-#
-#	Example configuration file:
-#		/etc		R	# all system files
-#		!/etc/lp	R	# ...but not those logs
-#		=/tmp		N	# just the directory, not its files
-#
-# Note the difference between pruning (via "!") and ignoring everything
-# (via "E" template):  Ignoring everything in a directory still monitors
-# for added and deleted files.  Pruning a directory will prevent Tripwire
-# from even looking in the specified directory.
-#
-#
-# Tripwire running slowly?  Modify your tripwire.config entries to
-# ignore the (signature 2) attribute when this computationally-exorbitant 
-# protection is not needed.  (See README and design document for further
-# details.)
-#
-
-#  First, root's traditional "home".  Note that FreeBSD's root's home (/root)
-#  is protected by R-2 protections in the default config file.
-=/		L
-/.rhosts	R	# may not exist
-/.profile	R	# may not exist
-/.cshrc		R	# may not exist
-/.login		R	# may not exist
-/.exrc		R	# may not exist
-/.logout	R	# may not exist
-/.forward	R	# may not exist
-
-# Unix itself
-/kernel		R
-
-# /bin
-/bin		R-2
-
-# /dev
-/dev	 	L
-
-# /etc
-/etc			R-2
-/etc/aliases	 	L
-/etc/dumpdates		L
-/etc/motd		L
-
-# my passwd database should be static at time of system build.  yours may
-# not be, if not, uncomment the lines below.
-
-# /etc/passwd		L
-# /etc/master.passwd	L
-# /etc/pwd.db		L
-# /etc/spwd.db		L
-
-# /home
-=/home
-
-# /lkm
-/lkm			R-2
-
-# /root
-/root			R-2
-/root/.history		L
-
-# /sbin
-/sbin			R-2
-
-# /stand
-/stand			R-2
-
-# /usr/bin
-/usr/bin		R-2
-
-/usr/include		R-12
-
-/usr/lib		R-2
-
-/usr/libdata		R-2
-
-/usr/libexec		R-2
-
-/usr/local/bin		R-2
-
-/usr/local/etc		L
-
-/usr/local/lib		R-2
-
-/usr/local/libexec	R-2
-
-/usr/local/sbin		R-2
-
-/usr/local/share	R-2
-
-/usr/sbin		R-2
-
-/usr/share		R-2
-
-###########################################
diff --git a/security/tripwire-131/files/twcheck b/security/tripwire-131/files/twcheck
deleted file mode 100644
index a4dffd2b61c9..000000000000
--- a/security/tripwire-131/files/twcheck
+++ /dev/null
@@ -1,3 +0,0 @@
-#! /bin/sh -
-
-./gunzip < tw.db_`hostname`.gz | ./tripwire -dfd 0 -c tw.config
diff --git a/security/tripwire-131/pkg-descr b/security/tripwire-131/pkg-descr
deleted file mode 100644
index 06132f876d9b..000000000000
--- a/security/tripwire-131/pkg-descr
+++ /dev/null
@@ -1,13 +0,0 @@
-Tripwire is a tool that aids system administrators and
-users in monitoring a designated set of files for any changes.
-Used with system files on a regular (e.g., daily) basis, Tripwire
-can notify system administrators of corrupted or tampered files,
-so damage control measures can be taken in a timely manner.
-
-If "TRIPWIRE_FLOPPY" is set to "YES" in the environment or on the
-"make" command line, this port will write the tripwire database to
-a floppy disk, which should then be write-protected and used as a
-reference for future runs.  The diskette should be formatted and
-present in the "A" drive before starting the "make install" step.
-
-Joe Greco <jgreco@ns.sol.net>
diff --git a/security/tripwire-131/pkg-plist b/security/tripwire-131/pkg-plist
deleted file mode 100644
index 1fde64ca2a08..000000000000
--- a/security/tripwire-131/pkg-plist
+++ /dev/null
@@ -1,8 +0,0 @@
-bin/tripwire
-bin/siggen
-man/man5/tw.config.5.gz
-man/man8/siggen.8.gz
-man/man8/tripwire.8.gz
-/var/local/tcheck/tw.config.dist
-@unexec rmdir "/var/local/tcheck" >/dev/null 2>&1 || :
-@unexec rmdir "/var/local" >/dev/null 2>&1 || :
diff --git a/security/unicornscan/Makefile b/security/unicornscan/Makefile
deleted file mode 100644
index 657bcada2ba1..000000000000
--- a/security/unicornscan/Makefile
+++ /dev/null
@@ -1,67 +0,0 @@
-# Created by: Jon Passki <cykyc@yahoo.com>
-
-PORTNAME=	unicornscan
-PORTVERSION=	0.4.2
-PORTREVISION=	5
-CATEGORIES=	security
-MASTER_SITES=	SF/osace/${PORTNAME}/${PORTNAME}%20${PORTVERSION}
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Asynchronous TCP and UDP port scanner
-
-LICENSE=	GPLv2
-
-DEPRECATED=	Very outdated and abandoned, current version in tree was released in 2004 and last release by upstream in Aug 2013. Please consider using security/nmap or security/rustscan
-EXPIRATION_DATE=2022-03-31
-
-LIB_DEPENDS=	libnet.so:net/libnet
-
-USES=		gmake
-CFLAGS+=	-DWITH_LONGOPTS
-
-SUB_FILES=	pkg-message
-
-MAKE_JOBS_UNSAFE=	yes
-
-post-patch:
-	@${REINPLACE_CMD} -e 's|/usr/local/share|${PREFIX}/etc|' \
-		${WRKSRC}/fconf/unicorn.conf
-# Unbreak the build against Clang (it does not like one function being inline)
-	@${REINPLACE_CMD} -e 's|^inline void nop|void nop|' \
-		${WRKSRC}/src/unilib/tsc.c
-
-do-install:
-	@${MKDIR} ${STAGEDIR}${PREFIX}/etc/unicornscan
-	@${MKDIR} ${STAGEDIR}${PREFIX}/libexec/unicornscan/modules
-	@${MKDIR} ${STAGEDIR}${PREFIX}/share/unicornscan
-	@${MKDIR} ${STAGEDIR}${PREFIX}/var/unicornscan
-	${INSTALL_PROGRAM} ${WRKSRC}/src/unicornscan ${STAGEDIR}${PREFIX}/bin
-	${INSTALL_PROGRAM} ${WRKSRC}/src/tools/fantaip ${STAGEDIR}${PREFIX}/bin
-	${INSTALL_PROGRAM} ${WRKSRC}/src/scan_progs/unisend \
-		${STAGEDIR}${PREFIX}/libexec/unicornscan
-	${INSTALL_PROGRAM} ${WRKSRC}/src/scan_progs/unilisten \
-		${STAGEDIR}${PREFIX}/libexec/unicornscan
-	for confs in ${WRKSRC}/fconf/*.conf; do \
-		${INSTALL_DATA} $$confs ${STAGEDIR}${PREFIX}/etc/unicornscan/`basename $$confs`.sample ; \
-	done
-	${INSTALL_DATA} ${WRKSRC}/fconf/port-numbers \
-		${STAGEDIR}${PREFIX}/share/unicornscan
-	for mods in ${WRKSRC}/src/payload_modules/*.so; do \
-		${INSTALL_PROGRAM} $$mods ${STAGEDIR}${PREFIX}/libexec/unicornscan/modules/ ; \
-	done
-	for mods in ${WRKSRC}/src/report_modules/shlibs/*.so; do \
-		${INSTALL_PROGRAM} $$mods ${STAGEDIR}${PREFIX}/libexec/unicornscan/modules/ ; \
-	done
-	for pofs in p0f.fp p0fa.fp p0fr.fp; do \
-		${INSTALL_DATA} ${WRKSRC}/src/report_modules/p0f/$$pofs ${STAGEDIR}${PREFIX}/share/unicornscan/ ; \
-	done
-	${INSTALL_PROGRAM} ${WRKSRC}/src/report_modules/shlibs/libp0f.so \
-		${STAGEDIR}${PREFIX}/libexec/unicornscan/modules
-	${INSTALL_MAN} ${WRKSRC}/docs/unicornscan.1 ${STAGEDIR}${MANPREFIX}/man/man1
-# XXX: shouldn't these files below be installed as PORTDOCS?
-	for files in README misc/UDP_PAYLOADS_NEEDED \
-	TODO_BUGSTOFIX README.database; do \
-		${INSTALL_DATA} ${WRKSRC}/$$files ${STAGEDIR}${PREFIX}/share/unicornscan/ ; \
-	done
-
-.include <bsd.port.mk>
diff --git a/security/unicornscan/distinfo b/security/unicornscan/distinfo
deleted file mode 100644
index 1ae675eaf14a..000000000000
--- a/security/unicornscan/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (unicornscan-0.4.2.tar.gz) = 97d75b4b1bd21590631324583e09fa056619d571a68591f1de160d33fad76225
-SIZE (unicornscan-0.4.2.tar.gz) = 1911126
diff --git a/security/unicornscan/files/patch-Makefile b/security/unicornscan/files/patch-Makefile
deleted file mode 100644
index d29b1cc1a3f8..000000000000
--- a/security/unicornscan/files/patch-Makefile
+++ /dev/null
@@ -1,34 +0,0 @@
---- Makefile.orig	2004-09-30 18:29:05.000000000 +0800
-+++ Makefile	2013-07-27 20:36:38.000000000 +0800
-@@ -1,19 +1,19 @@
--default:
--	(cd libs && make)
--	(cd src && make)
-+all default:
-+	$(MAKE) -C libs
-+	$(MAKE) -C src
- 
- clean:
--	(cd src && make clean)
-+	$(MAKE) -C src clean
- 	find . -name ".*.swp" -exec ls -alh {} \;
- 	find . -name "*core*" -exec ls -lah {} \;
- 
- distclean: clean
- 	rm -f src/compile.h
--	(cd libs && make clean)
-+	$(MAKE) -C libs clean
- 
- dist: distclean
- 	find . -exec touch {} \; -print
--	cd src/parse && make prepare
-+	$(MAKE) -C src/parse prepare
- 	./tarup.sh
- 
- install: default
-@@ -23,4 +23,4 @@
- 	./uninstall.sh /usr/local /var
- 
- src/unicornscan:
--	(cd src && make)
-+	$(MAKE) -C src
diff --git a/security/unicornscan/files/patch-dlerror-bug b/security/unicornscan/files/patch-dlerror-bug
deleted file mode 100644
index 4e4cd66ffc7b..000000000000
--- a/security/unicornscan/files/patch-dlerror-bug
+++ /dev/null
@@ -1,109 +0,0 @@
-diff -ru src/config.h src/config.h
---- src/config.h	2004-09-30 03:29:05.000000000 -0700
-+++ src/config.h	2004-10-05 18:05:17.000000000 -0700
-@@ -87,6 +87,11 @@
-  * XXX
-  */
- 
-+/*
-+ * this really shouldnt matter to much
-+ */
-+#define DL_ERROR_RET const char *
-+
- /* tuneables */
- #define SHLIB_EXT ".so"
- 
-diff -ru src/modules.c src/modules.c
---- src/modules.c	2004-09-30 03:29:05.000000000 -0700
-+++ src/modules.c	2004-10-05 18:02:42.000000000 -0700
-@@ -39,6 +39,7 @@
- 	DIR *moddir=NULL;
- 	struct dirent *de=NULL;
- 	mod_entry_t *mnew=NULL, *last=NULL;
-+	DL_ERROR_RET dl_estr=NULL;
- 
- 	if (s->verbose > 5) MSG(M_DBG1, "Opening dir `%s'", s->mod_dir);
- 
-@@ -87,16 +88,18 @@
- 		}
- 
- 		mnew->dl_init_module=(int (*)(mod_entry_t *))dlsym(mnew->handle, "init_module");
--		if (dlerror() != NULL) {
--			MSG(M_ERR, "Can't find initialization hook for module `%s': %s", mnew->fname, dlerror());
-+		dl_estr=dlerror();
-+		if (dl_estr != NULL) {
-+			MSG(M_ERR, "Can't find initialization hook for module `%s': %s", mnew->fname, dl_estr);
- 			dlclose(mnew->handle);
- 			xfree(mnew);
- 			continue;
- 		}
- 
- 		mnew->dl_delete_module=(void (*)(void))dlsym(mnew->handle, "delete_module");
--		if (dlerror() != NULL) {
--			MSG(M_ERR, "Can't find shutdown hook for module `%s': %s", mnew->fname, dlerror());
-+		dl_estr=dlerror();
-+		if (dl_estr != NULL) {
-+			MSG(M_ERR, "Can't find shutdown hook for module `%s': %s", mnew->fname, dl_estr);
- 			dlclose(mnew->handle);
- 			xfree(mnew);
- 			continue;
-@@ -174,6 +177,7 @@
- 
- int init_payload_modules(void) {
- 	mod_entry_t *walk=NULL;
-+	DL_ERROR_RET dl_estr=NULL;
- 
- 	if (mod_list_head == NULL) return 1;
- 
-@@ -182,8 +186,9 @@
- 	for (walk=mod_list_head ; walk != NULL ; walk=walk->next) {
- 		if (walk->type == MI_TYPE_PAYLOAD) {
- 			walk->func_u.dl_create_payload=(int (*)(uint8_t **, uint32_t *))dlsym(walk->handle, "create_payload");
--			if (dlerror() != NULL) {
--				MSG(M_ERR, "Can't find payload initialization hook for module `%s': %s", walk->fname, dlerror());
-+			dl_estr=dlerror();
-+			if (dl_estr != NULL) {
-+				MSG(M_ERR, "Can't find payload initialization hook for module `%s': %s", walk->fname, dl_estr);
- 				dlclose(walk->handle);
- 				continue;
- 			}
-@@ -209,6 +214,7 @@
- 
- int init_output_modules(void) {
- 	mod_entry_t *walk=NULL;
-+	DL_ERROR_RET dl_estr=NULL;
- 
- 	if (mod_list_head == NULL) return 1;
- 
-@@ -222,8 +228,9 @@
- 				continue;
- 			}
- 
--			if (dlerror() != NULL) {
--				MSG(M_ERR, "Can't find output initialization hook for module `%s': %s", walk->fname, dlerror());
-+			dl_estr=dlerror();
-+			if (dl_estr != NULL) {
-+				MSG(M_ERR, "Can't find output initialization hook for module `%s': %s", walk->fname, dl_estr);
- 				dlclose(walk->handle);
- 				continue;
- 			}
-@@ -245,6 +252,7 @@
- 
- int init_report_modules(void) {
- 	mod_entry_t *walk=NULL;
-+	DL_ERROR_RET dl_estr=NULL;
- 
- 	if (mod_list_head == NULL) return 1;
- 
-@@ -258,8 +266,9 @@
- 				continue;
- 			}
- 
--			if (dlerror() != NULL) {
--				MSG(M_ERR, "Can't find report initialization hook for module `%s': %s", walk->fname, dlerror());
-+			dl_estr=dlerror();
-+			if (dl_estr != NULL) {
-+				MSG(M_ERR, "Can't find report initialization hook for module `%s': %s", walk->fname, dl_estr);
- 				dlclose(walk->handle);
- 				continue;
- 			}
diff --git a/security/unicornscan/files/patch-libs__Makefile b/security/unicornscan/files/patch-libs__Makefile
deleted file mode 100644
index e3df8c0a7b3c..000000000000
--- a/security/unicornscan/files/patch-libs__Makefile
+++ /dev/null
@@ -1,36 +0,0 @@
---- libs/Makefile.orig	2004-09-30 10:29:05 UTC
-+++ libs/Makefile
-@@ -6,30 +6,10 @@ CFLAGS=$(MYCFLAGS)
- default: pcap_test libnet_test
- 
- pcap_test: pcap_test.c
--	($(CC) $(CFLAGS) -o pcap_test pcap_test.c -lpcap $(LDADD) 2>/dev/null || $(MAKE) libpcap)
-+	$(CC) $(CFLAGS) -o pcap_test pcap_test.c -lpcap $(LDADD)
- 
- libnet_test: libnet_test.c
--	($(CC) $(CFLAGS) -o libnet_test libnet_test.c -lpcap -lnet $(LDADD) 2>/dev/null || $(MAKE) libnet)
--	
--
--libnet: libnet/stamp
--
--libnet.tar.gz:
--	wget http://www.packetfactory.net/libnet/dist/libnet.tar.gz
--
--libnet/stamp: libnet.tar.gz
--	zcat libnet.tar.gz | tar -xvf -
--	cd libnet && patch -p1 < ../libnet-nosample.patch && CPPFLAGS="-I`pwd`/../fake/include" LDFLAGS="-L`pwd`/../fake/lib" CFLAGS="$(BASECFLAGS)" ./configure --prefix=`pwd`/../fake && CPPFLAGS="-I`pwd`/../fake/include" LDFLAGS="-L`pwd`/../fake/lib" CFLAGS="$(BASECFLAGS)" $(MAKE) && $(MAKE) install && touch stamp
--	cd ..
--
--libpcap: libpcap-$(PCAPVER)/stamp
--
--libpcap-$(PCAPVER)/stamp: libpcap-$(PCAPVER).tar.gz
--	zcat libpcap-$(PCAPVER).tar.gz | tar -xvf -
--	cd libpcap-$(PCAPVER) && CFLAGS="$(BASECFLAGS)" ./configure --prefix=`pwd`/../fake && CFLAGS="$(BASECFLAGS)" $(MAKE) && $(MAKE) install && touch stamp
--
--libpcap-$(PCAPVER).tar.gz:
--	wget http://tcpdump.org/release/libpcap-$(PCAPVER).tar.gz
-+	$(CC) $(CFLAGS) -o libnet_test libnet_test.c -lpcap -lnet $(LDADD)
- 
- clean:
--	rm -rf fake libnet libpcap-$(PCAPVER) pcap_test libnet_test
-+	rm -rf fake pcap_test libnet_test
diff --git a/security/unicornscan/files/patch-src-scan_progs-Makefile b/security/unicornscan/files/patch-src-scan_progs-Makefile
deleted file mode 100644
index b82ebdb45ece..000000000000
--- a/security/unicornscan/files/patch-src-scan_progs-Makefile
+++ /dev/null
@@ -1,32 +0,0 @@
---- src/scan_progs/Makefile.orig	2004-09-30 18:29:05.000000000 +0800
-+++ src/scan_progs/Makefile	2013-07-27 21:16:15.000000000 +0800
-@@ -32,16 +32,20 @@
- 	$(AR) $(E_LIBNAME) $(E_OBJS)
- 	$(RANLIB) $(E_LIBNAME)
- 
--$(SENDERNAME): $(S_OBJS) $(G_HDRS) $(S_HDRS) $(C_OBJS) $(ENTRY)
--	$(CC) -c $(ENTRY) $(CFLAGS) -DBUILD_IDENT_SEND=1
--	$(CC) $(CFLAGS) -o $(SENDERNAME) $(S_OBJS) $(C_OBJS) entry.o $(G_LDADD) -lpcap -lnet $(LDADD)
--
--$(LISTENERNAME): $(L_OBJS) $(G_HDRS) $(L_HDRS) $(C_OBJS) $(ENTRY)
--	$(CC) -c $(ENTRY) $(CFLAGS) -DBUILD_IDENT_RECV=1
--	$(CC) $(CFLAGS) -o $(LISTENERNAME) $(L_OBJS) $(C_OBJS) entry.o $(G_LDADD) -lpcap $(LDADD)
-+entry_send.o: $(ENTRY)
-+	$(CC) -c $(ENTRY) $(CFLAGS) -DBUILD_IDENT_SEND=1 -o $@
-+
-+entry_recv.o: $(ENTRY)
-+	$(CC) -c $(ENTRY) $(CFLAGS) -DBUILD_IDENT_RECV=1 -o $@
-+
-+$(SENDERNAME): $(S_OBJS) $(G_HDRS) $(S_HDRS) $(C_OBJS) entry_send.o
-+	$(CC) $(CFLAGS) -o $(SENDERNAME) $(S_OBJS) $(C_OBJS) entry_send.o $(G_LDADD) -lpcap -lnet $(LDADD)
-+
-+$(LISTENERNAME): $(L_OBJS) $(G_HDRS) $(L_HDRS) $(C_OBJS) entry_recv.o
-+	$(CC) $(CFLAGS) -o $(LISTENERNAME) $(L_OBJS) $(C_OBJS) entry_recv.o $(G_LDADD) -lpcap $(LDADD)
- 
- clean:
--	rm -f $(OBJS) $(E_OBJS) $(E_LIBNAME) $(L_OBJS) $(S_OBJS) $(C_OBJS) $(SENDERNAME) $(LISTENERNAME) $(ENTRY:.c=.o)
-+	rm -f $(OBJS) $(E_OBJS) $(E_LIBNAME) $(L_OBJS) $(S_OBJS) $(C_OBJS) $(SENDERNAME) $(LISTENERNAME) entry_send.o entry_recv.o
- 
- install:
--	(cd ../../ && $(MAKE) install)
-+	$(MAKE) -C ../.. install
diff --git a/security/unicornscan/files/patch-src__Makefile b/security/unicornscan/files/patch-src__Makefile
deleted file mode 100644
index 21eb9916cb34..000000000000
--- a/security/unicornscan/files/patch-src__Makefile
+++ /dev/null
@@ -1,64 +0,0 @@
---- src/Makefile.orig	2004-09-30 10:29:05 UTC
-+++ src/Makefile
-@@ -19,42 +19,42 @@ compile.h:
- 	./compiledby.sh > compile.h
- 
- unilib_d:
--	(cd unilib && $(MAKE))
-+	$(MAKE) -C unilib
- 
- parse_d:
--	(cd parse && $(MAKE))
-+	$(MAKE) -C parse
- 
--scan_d:
--	(cd scan_progs && $(MAKE))
-+scan_d: unilib_d parse_d
-+	$(MAKE) -C scan_progs
- 
- p_modules:
--	(cd payload_modules && $(MAKE))
-+	$(MAKE) -C payload_modules
- 
- db_module:
--	(cd output_modules/database && $(MAKE))
-+	$(MAKE) -C output_modules/database
- 
- p0f_module:
--	(cd report_modules/p0f && $(MAKE))
-+	$(MAKE) -C report_modules/p0f
- 
- udpstr_module:
--	(cd report_modules/udpstr && $(MAKE))
-+	$(MAKE) -C report_modules/udpstr
- 
--tools_d:
--	(cd tools && $(MAKE))
-+tools_d: unilib_d
-+	$(MAKE) -C tools
- 
- clean:
- 	rm -f $(OBJS) $(TARGETNAME) myversion.h compile.h core core.* *.core
--	cd unilib && $(MAKE) clean
--	cd parse && $(MAKE) clean
--	cd scan_progs && $(MAKE) clean
--	cd output_modules/database && $(MAKE) clean
--	cd report_modules/p0f && $(MAKE) clean
--	cd report_modules/udpstr && $(MAKE) clean
--	cd payload_modules && $(MAKE) clean
--	cd tools && $(MAKE) clean
-+	$(MAKE) -C unilib clean
-+	$(MAKE) -C parse clean
-+	$(MAKE) -C scan_progs clean
-+	$(MAKE) -C output_modules/database clean
-+	$(MAKE) -C report_modules/p0f clean
-+	$(MAKE) -C report_modules/udpstr clean
-+	$(MAKE) -C payload_modules clean
-+	$(MAKE) -C tools clean
- 
- install: default
--	(cd .. && $(MAKE) install)
-+	$(MAKE) -C .. install
- 
- splint: myversion.h
- 	splint -warnposix *.c -I. -I../libs/fake/include  -D__linux__ > warnings
diff --git a/security/unicornscan/files/patch-src__Makefile.inc b/security/unicornscan/files/patch-src__Makefile.inc
deleted file mode 100644
index bbd19260fef1..000000000000
--- a/security/unicornscan/files/patch-src__Makefile.inc
+++ /dev/null
@@ -1,29 +0,0 @@
---- src/Makefile.inc.orig	2004-09-30 10:29:05 UTC
-+++ src/Makefile.inc
-@@ -1,14 +1,13 @@
- # gcc only
--CC=gcc
-+CC?=gcc
- 
--PREFIX=/usr/local
--LOCALSTATEDIR=/var
-+LOCALSTATEDIR=${PREFIX}/var
- TARGETNAME=unicornscan
- SENDERNAME=unisend
- LISTENERNAME=unilisten
- 
- # its fine to do almost anything here, just dont remove the includes
--MYCFLAGS=-O1 -ggdb -Wall -Wshadow -Wcast-align -Wcast-qual -Wchar-subscripts -Wno-deprecated-declarations -Wformat-security -Wimplicit -Wsign-compare -Wuninitialized -Wunused -Wwrite-strings -I. -rdynamic -I../libs/fake/include -I/usr/local/include -L/usr/local/lib -DPREFIX=\"$(PREFIX)\" -DLOCALSTATEDIR=\"$(LOCALSTATEDIR)\" -DTARGETNAME=\"$(TARGETNAME)\" -DSENDERNAME=\"$(SENDERNAME)\" -DLISTENERNAME=\"$(LISTENERNAME)\"
-+MYCFLAGS:=$(CFLAGS) -Wall -Wshadow -Wcast-align -Wcast-qual -Wchar-subscripts -Wno-deprecated-declarations -Wformat-security -Wimplicit -Wsign-compare -Wuninitialized -Wunused -Wwrite-strings -I. -rdynamic -I../libs/fake/include -I/usr/local/include -L/usr/local/lib -DPREFIX=\"$(PREFIX)\" -DLOCALSTATEDIR=\"$(LOCALSTATEDIR)\" -DTARGETNAME=\"$(TARGETNAME)\" -DSENDERNAME=\"$(SENDERNAME)\" -DLISTENERNAME=\"$(LISTENERNAME)\"
- 
- # sometimes you dont have a link to gmake, if your make _is_ gmake, you can use make then, but we need GNU make (for now)
- MAKE=gmake
-@@ -26,7 +25,7 @@ MAKE=gmake
- #LDADD=
- 
- # linux example
--LDADD=-ldl
-+#LDADD=-ldl
- 
- # selinux example
- #LDADD=-ldl -lselinux
diff --git a/security/unicornscan/files/patch-src__config.h b/security/unicornscan/files/patch-src__config.h
deleted file mode 100644
index e9e452f4a8cb..000000000000
--- a/security/unicornscan/files/patch-src__config.h
+++ /dev/null
@@ -1,56 +0,0 @@
---- src/config.h.orig	Mon Dec 13 12:26:43 2004
-+++ src/config.h	Mon Dec 13 12:29:18 2004
-@@ -39,7 +39,7 @@
-  * GNU/Linux and some other (newer) systems might have this, its ok to say no
-  * even if you dont have this, you just wont have the -- options on the command line
-  */
--#define WITH_LONGOPTS
-+//#define WITH_LONGOPTS
- 
- /*
-  * lots of newer bsd'ish systems have this as well as some (newer?) linux systems. youll need this
-@@ -47,7 +47,7 @@
-  * and are not running linux, however it likely will not work arp scanning.
-  * side note: dont use this on linux, its broken!
-  */
--/* #define WITH_IFADDRS */
-+#define WITH_IFADDRS 
- 
- /*
-  * XXX
-@@ -56,13 +56,13 @@
-  * (HINT: define both of none of WITH_IFADDRS and WITH_IF_DL, if you only define one, expect serious compile errors)
-  * if you have solaris, then you need this, and pray things work out for you.
-  */
--/* #define WITH_IF_DL */
-+#define WITH_IF_DL
- 
- /*
-  * bsd'ish boxes with bpf stuff included with the system, otherwise dont use it.
-  * linux people dont need this really even if they think they have this
-  */
--/*#define HAVE_BPF_H */
-+#define HAVE_BPF_H 
- 
- /*
-  * most people these days have this file, if you _dont_ have it, then youll need to put the "full path"
-@@ -80,7 +80,7 @@
-  * with linux, define this (or if you have /proc/net/route)
-  * otherwise use we will make due, remeber to use -i if you dont have /proc/net/route
-  */
--#define HAVE_PROC_NET_ROUTE
-+/* #define HAVE_PROC_NET_ROUTE */
- /*
-  * XXX
-  * you shouldnt have to play with these, most likely
-@@ -128,8 +128,8 @@
- 
- #define MODULE_DIR	PREFIX "/libexec/" TARGETNAME "/modules"
- #define PORT_NUMBERS	PREFIX "/share/" TARGETNAME "/port-numbers"
--#define CONF_FILE	PREFIX "/share/" TARGETNAME "/unicorn.conf"
--#define OUI_CONF	PREFIX "/share/" TARGETNAME "/oui.conf"
-+#define CONF_FILE	PREFIX "/etc/" TARGETNAME "/unicorn.conf"
-+#define OUI_CONF	PREFIX "/etc/" TARGETNAME "/oui.conf"
- #define SENDER_PATH	PREFIX "/libexec/" TARGETNAME "/" SENDERNAME
- #define LISTENER_PATH	PREFIX "/libexec/" TARGETNAME "/" LISTENERNAME
- 
diff --git a/security/unicornscan/files/pkg-message.in b/security/unicornscan/files/pkg-message.in
deleted file mode 100644
index ffc091002b1e..000000000000
--- a/security/unicornscan/files/pkg-message.in
+++ /dev/null
@@ -1,11 +0,0 @@
-[
-{ type: install
-  message: <<EOM
-Check the sample configuration files under
-
-	%%PREFIX%%/etc/unicornscan
-
-and rename or copy without the .sample suffix.
-EOM
-}
-]
diff --git a/security/unicornscan/pkg-descr b/security/unicornscan/pkg-descr
deleted file mode 100644
index 775d995a6743..000000000000
--- a/security/unicornscan/pkg-descr
+++ /dev/null
@@ -1,6 +0,0 @@
-Unicornscan is a new information gathering and correlation engine built
-for and by members of the security research and testing communities.  It
-was designed to provide an engine that is scalable, accurate, flexible,
-and efficient.
-
-WWW: https://sourceforge.net/projects/osace/
diff --git a/security/unicornscan/pkg-plist b/security/unicornscan/pkg-plist
deleted file mode 100644
index d54349cdf0c6..000000000000
--- a/security/unicornscan/pkg-plist
+++ /dev/null
@@ -1,23 +0,0 @@
-bin/fantaip
-bin/unicornscan
-etc/unicornscan/oui.conf.sample
-etc/unicornscan/payloads.conf.sample
-etc/unicornscan/unicorn.conf.sample
-libexec/unicornscan/modules/libp0f.so
-libexec/unicornscan/modules/libudpstr.so
-libexec/unicornscan/modules/ntalk.so
-libexec/unicornscan/modules/rdns.so
-libexec/unicornscan/modules/sip.so
-libexec/unicornscan/modules/upnp.so
-libexec/unicornscan/unilisten
-libexec/unicornscan/unisend
-man/man1/unicornscan.1.gz
-share/unicornscan/README
-share/unicornscan/README.database
-share/unicornscan/TODO_BUGSTOFIX
-share/unicornscan/UDP_PAYLOADS_NEEDED
-share/unicornscan/p0f.fp
-share/unicornscan/p0fa.fp
-share/unicornscan/p0fr.fp
-share/unicornscan/port-numbers
-@dir var/unicornscan
diff --git a/security/vinetto/Makefile b/security/vinetto/Makefile
deleted file mode 100644
index 196782ac8a29..000000000000
--- a/security/vinetto/Makefile
+++ /dev/null
@@ -1,31 +0,0 @@
-# Created by: Aleksander Fafula <alex@BSDGuru.org>
-
-PORTNAME=	vinetto
-PORTVERSION=	0.07
-PORTREVISION=	6
-CATEGORIES=	security
-MASTER_SITES=	SF/${PORTNAME}/${PORTNAME}/${PORTNAME}-beta-${PORTVERSION}
-DISTNAME=	${PORTNAME}-beta-${PORTVERSION}
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Forensics tool to examine Thumbs.db files
-
-LICENSE=	GPLv2+
-LICENSE_FILE=	${WRKSRC}/COPYING
-
-DEPRECATED=	Obsolete, targets deprecated Windows operating systems such as XP and 2003 Server
-EXPIRATION_DATE=2022-03-31
-
-RUN_DEPENDS=	${PY_PILLOW}
-
-USES=		python:3.6+
-USE_PYTHON=	autoplist distutils concurrent optsuffix
-PYDISTUTILS_PKGVERSION=	0.06alpha
-NO_ARCH=	yes
-
-post-patch:
-	@${REINPLACE_CMD} -e "s|/usr/share/vinetto|${DATADIR}|g" ${WRKSRC}/setup.py
-	@${REINPLACE_CMD} -e "s|/usr/share/vinetto|${DATADIR}|g" ${WRKSRC}/vinreport.py
-	@${REINPLACE_CMD} -e "s|/usr/share/vinetto|${DATADIR}|g" ${WRKSRC}/vinetto
-
-.include <bsd.port.mk>
diff --git a/security/vinetto/distinfo b/security/vinetto/distinfo
deleted file mode 100644
index cf5100edd24c..000000000000
--- a/security/vinetto/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (vinetto-beta-0.07.tar.gz) = 1dccf3385e5654d4cb3bbf6a757e3639b142249f8e4badbdc7f8f2388a1f6367
-SIZE (vinetto-beta-0.07.tar.gz) = 15800
diff --git a/security/vinetto/files/patch-vinetto b/security/vinetto/files/patch-vinetto
deleted file mode 100644
index bcf4efe7ae98..000000000000
--- a/security/vinetto/files/patch-vinetto
+++ /dev/null
@@ -1,11 +0,0 @@
---- vinetto.orig	2015-09-16 16:24:54 UTC
-+++ vinetto
-@@ -149,7 +149,7 @@ if outputdir != None :
-     outputdir += "/"
-     
-     try:
--        import Image
-+        from PIL import Image
-         PIL = "imported"
-     except ImportError, e:
-         print >> sys.stderr, ""
diff --git a/security/vinetto/pkg-descr b/security/vinetto/pkg-descr
deleted file mode 100644
index e01f7978a40a..000000000000
--- a/security/vinetto/pkg-descr
+++ /dev/null
@@ -1,16 +0,0 @@
-Vinetto extracts the thumbnails and associated metadata from the Thumbs.db
-files.
-
-The Windows systems (98, ME, 2000, XP and 2003 Server) can store thumbnails
-and metadata of the picture files contained in the directories of its FAT32
-or NTFS filesystems.
-
-The thumbnails and associated metadata are stored in Thumbs.db files.
-The Thumbs.db files are undocumented OLE structured files.
-
-Once a picture file has been deleted from the filesystem, the related thumbnail
-and associated metada remain stored in the Thumbs.db file. So, the data
-contained in those Thumbs.db files are an helpful source of information
-for the forensics investigator.
-
-WWW: http://vinetto.sourceforge.net/
diff --git a/security/vnccrack/Makefile b/security/vnccrack/Makefile
deleted file mode 100644
index 23f028b85f4a..000000000000
--- a/security/vnccrack/Makefile
+++ /dev/null
@@ -1,31 +0,0 @@
-# Created by: Pankov Pavel <pankov_p@mail.ru>
-
-PORTNAME=	vnccrack
-PORTVERSION=	1.0.0
-CATEGORIES=	security
-MASTER_SITES=	http://files.randombit.net/vnccrack/
-DISTNAME=	VNCcrack-${PORTVERSION}
-
-MAINTAINER=	pankov_p@mail.ru
-COMMENT=	Fast offline password cracker for VNC passwords
-
-DEPRECATED=	Outdated and abandoned, last release in 2008. Upstream is at 2.1 while version in ports is 1.0.0
-EXPIRATION_DATE=2022-03-31
-
-USES=		ssl tar:tgz
-GNU_CONFIGURE=	yes
-CFLAGS+=	-I${OPENSSLINC}
-LDFLAGS+=	-L${OPENSSLLIB}
-
-SUB_FILES+=	pkg-message
-
-OPTIONS_DEFINE=	DOCS
-
-do-install:
-	${INSTALL_PROGRAM} ${WRKSRC}/vnccrack ${STAGEDIR}${PREFIX}/bin
-
-post-install-DOCS-on:
-	${MKDIR} ${STAGEDIR}${DOCSDIR}
-	${INSTALL_DATA} ${WRKSRC}/readme.txt ${STAGEDIR}${DOCSDIR}
-
-.include <bsd.port.mk>
diff --git a/security/vnccrack/distinfo b/security/vnccrack/distinfo
deleted file mode 100644
index bc24350f0d20..000000000000
--- a/security/vnccrack/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (VNCcrack-1.0.0.tgz) = af0a1e85e9d10df8f32439a3c084f613eb295464becf9dd61d93de385277d66b
-SIZE (VNCcrack-1.0.0.tgz) = 35072
diff --git a/security/vnccrack/files/pkg-message.in b/security/vnccrack/files/pkg-message.in
deleted file mode 100644
index 4a5d182bfc40..000000000000
--- a/security/vnccrack/files/pkg-message.in
+++ /dev/null
@@ -1,8 +0,0 @@
-[
-{ type: install
-  message: <<EOM
-Additional info on program usage can be found in this file:
-%%DOCSDIR%%/readme.txt
-EOM
-}
-]
diff --git a/security/vnccrack/pkg-descr b/security/vnccrack/pkg-descr
deleted file mode 100644
index 9ebda8a036d7..000000000000
--- a/security/vnccrack/pkg-descr
+++ /dev/null
@@ -1,7 +0,0 @@
-VNCcrack is a fast offline password cracker for VNC passwords.
-By sniffing a VNC challenge-response sequence off the network
-(typically when VNC is used without a decent cryptographic
-wrapper like SSH or SSL), you can recover the password fairly
-easily and quickly by letting VNCcrack pound on it.
-
-WWW: http://www.randombit.net/projects/vnccrack/
diff --git a/security/vnccrack/pkg-plist b/security/vnccrack/pkg-plist
deleted file mode 100644
index 5cf54da149b9..000000000000
--- a/security/vnccrack/pkg-plist
+++ /dev/null
@@ -1,2 +0,0 @@
-bin/vnccrack
-%%PORTDOCS%%%%DOCSDIR%%/readme.txt
diff --git a/security/webscarab/Makefile b/security/webscarab/Makefile
deleted file mode 100644
index fa449baf0d19..000000000000
--- a/security/webscarab/Makefile
+++ /dev/null
@@ -1,51 +0,0 @@
-# Created by: Niels Heinen
-
-PORTNAME=	webscarab
-PORTVERSION=	20090427
-CATEGORIES=	security www java
-MASTER_SITES=	LOCAL/niels \
-		http://people.freebsd.org/~niels/distfiles/
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Framework for analysing HTTP and HTTPS web application traffic
-
-LICENSE=	GPLv2
-LICENSE_FILE=	${WRKSRC}/LICENSE
-
-DEPRECATED=	Deprecated by upstream in 2014
-EXPIRATION_DATE=2022-03-31
-
-USES=		zip
-USE_JAVA=	yes
-NO_BUILD=	yes
-NO_ARCH=	yes
-WRKSRC=		${WRKDIR}/${DISTNAME}-1304
-DATADIR=	${JAVASHAREDIR}/${PORTNAME}
-
-PORTDOCS=	README ChangeLog
-
-OPTIONS_DEFINE=	DOCS
-
-post-extract:
-	${RM} ${WRKSRC}/lib/W32WinInet.dll
-
-pre-install:
-	@${SED} -e 's:%%PATH%%:${DATADIR}/:' \
-		-e 's:%%JAVA_CMD%%:${JAVA}:' \
-		-e 's:%%WEBSCARAB%%:${DATADIR}/${PORTNAME}.jar:' \
-		< ${FILESDIR}/${PORTNAME}.sh > ${WRKDIR}/${PORTNAME}
-
-do-install:
-	@${MKDIR} ${STAGEDIR}${DATADIR}/lib
-	${INSTALL_DATA} ${WRKSRC}/lib/* ${STAGEDIR}${DATADIR}/lib
-	${INSTALL_DATA} ${WRKSRC}/${PORTNAME}.jar ${STAGEDIR}${DATADIR}
-	${INSTALL_SCRIPT} ${WRKDIR}/${PORTNAME} ${STAGEDIR}${PREFIX}/bin/${PORTNAME}
-	${INSTALL_SCRIPT} ${WRKDIR}/${PORTNAME} ${STAGEDIR}${PREFIX}/bin/${PORTNAME}_lite
-
-do-install-DOCS-on:
-	@${MKDIR} ${STAGEDIR}${DOCSDIR}
-.for i in ${PORTDOCS}
-	${INSTALL_DATA} ${WRKSRC}/${i} ${STAGEDIR}${DOCSDIR}
-.endfor
-
-.include <bsd.port.mk>
diff --git a/security/webscarab/distinfo b/security/webscarab/distinfo
deleted file mode 100644
index 2509ca974f6c..000000000000
--- a/security/webscarab/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (webscarab-20090427.zip) = e61a7665aa09d593150a8d3bda6636c169a4883c738d8625f9f16119521471d0
-SIZE (webscarab-20090427.zip) = 3817110
diff --git a/security/webscarab/files/webscarab.sh b/security/webscarab/files/webscarab.sh
deleted file mode 100644
index b6c6daf8a87b..000000000000
--- a/security/webscarab/files/webscarab.sh
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/bin/sh
-
-TEST=`/usr/bin/basename $0`
-OPTIONS="-DWebScarab.lite=false"
-
-if [ "${TEST}" = "webscarab_lite" ]; then
-	OPTIONS=""
-fi
-
-
-cd %%PATH%%
-exec %%JAVA_CMD%% ${OPTIONS} -jar -Xmx256m %%WEBSCARAB%% "$@"
diff --git a/security/webscarab/pkg-descr b/security/webscarab/pkg-descr
deleted file mode 100644
index 77de4e317b36..000000000000
--- a/security/webscarab/pkg-descr
+++ /dev/null
@@ -1,8 +0,0 @@
-WebScarab is a framework for analysing applications that communicate
-using the HTTP and HTTPS protocols. In its most common usage,
-WebScarab operates as an intercepting proxy, allowing the user to
-review and modify requests created by the browser before they are
-sent to the server, and to review and modify responses returned
-from the server before they are received by the browser.
-
-WWW: https://www.owasp.org/index.php/Category:OWASP_WebScarab_Project
diff --git a/security/webscarab/pkg-plist b/security/webscarab/pkg-plist
deleted file mode 100644
index 05caf89e1af1..000000000000
--- a/security/webscarab/pkg-plist
+++ /dev/null
@@ -1,18 +0,0 @@
-bin/webscarab
-bin/webscarab_lite
-%%DATADIR%%/lib/tagsoup-1.0rc2.jar
-%%DATADIR%%/lib/bsh-2.0b1.jar
-%%DATADIR%%/lib/chardet.jar
-%%DATADIR%%/lib/commons-logging-1.0.4.jar
-%%DATADIR%%/lib/concurrent.jar
-%%DATADIR%%/lib/flex-messaging-common.jar
-%%DATADIR%%/lib/flex-messaging-core.jar
-%%DATADIR%%/lib/flex-messaging-remoting.jar
-%%DATADIR%%/lib/help.jnlp
-%%DATADIR%%/lib/htmlparser.jar
-%%DATADIR%%/lib/jcommon-0.8.7.jar
-%%DATADIR%%/lib/jfreechart-0.9.12.jar
-%%DATADIR%%/lib/jhall-2.0_02.jar
-%%DATADIR%%/lib/openamf.jar
-%%DATADIR%%/lib/bsf-2.3.0.jar
-%%DATADIR%%/webscarab.jar
diff --git a/security/zebedee/Makefile b/security/zebedee/Makefile
deleted file mode 100644
index a0009a2ca3cd..000000000000
--- a/security/zebedee/Makefile
+++ /dev/null
@@ -1,50 +0,0 @@
-# Created by: Greg Hewgill <greg@hewgill.com>
-
-PORTNAME=	zebedee
-PORTVERSION=	2.5.3
-CATEGORIES=	security
-MASTER_SITES=	SF/${PORTNAME}/${PORTNAME}-src/${PORTVERSION}
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	Encrypted, secure compressed TCP tunnel
-
-LICENSE=	GPLv2+
-LICENSE_FILE=	${WRKSRC}/GPL2.txt
-
-DEPRECATED=	Abandonware, last release in 2005 and runtime issues reported upstream
-EXPIRATION_DATE=2022-03-31
-
-USES=		cpe perl5 ssl
-USE_PERL5=	build
-
-PORTEXAMPLES=	vncviewer.zbd vncserver.zbd server.key server.id client1.key \
-		client2.key clients.id
-PORTDOCS=	README.txt CHANGES.txt zebedee.html ftpgw.tcl.html
-
-OPTIONS_DEFINE=	DOCS EXAMPLES
-
-post-patch:
-	@${REINPLACE_CMD} \
-		-e 's| gcc| ${CC}|' \
-		${BUILD_WRKSRC}/${MAKEFILE}
-
-do-install:
-	${INSTALL_PROGRAM} ${WRKSRC}/zebedee ${STAGEDIR}${PREFIX}/bin
-	${INSTALL_SCRIPT} ${WRKSRC}/ftpgw.tcl ${STAGEDIR}${PREFIX}/bin
-	${INSTALL_MAN} ${WRKSRC}/zebedee.1 ${STAGEDIR}${MAN1PREFIX}/man/man1
-	${INSTALL_MAN} ${WRKSRC}/ftpgw.tcl.1 ${STAGEDIR}${MAN1PREFIX}/man/man1
-	${INSTALL_DATA} ${WRKSRC}/server.zbd ${STAGEDIR}${PREFIX}/etc/server.zbd.sample
-
-do-install-EXAMPLES-on:
-	@${MKDIR} ${STAGEDIR}${EXAMPLESDIR}
-.for e in ${PORTEXAMPLES}
-	${INSTALL_DATA} ${WRKSRC}/${e} ${STAGEDIR}${EXAMPLESDIR}
-.endfor
-
-do-install-DOCS-on:
-	@${MKDIR} ${STAGEDIR}${DOCSDIR}
-.for d in ${PORTDOCS}
-	${INSTALL_DATA} ${WRKSRC}/${d} ${STAGEDIR}${DOCSDIR}
-.endfor
-
-.include <bsd.port.mk>
diff --git a/security/zebedee/distinfo b/security/zebedee/distinfo
deleted file mode 100644
index 5a28d04de235..000000000000
--- a/security/zebedee/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (zebedee-2.5.3.tar.gz) = 3da34c75f5ce18f66ad172618b80ede55eed7cb0d5de6e27c29753853235705e
-SIZE (zebedee-2.5.3.tar.gz) = 176088
diff --git a/security/zebedee/files/patch-Makefile b/security/zebedee/files/patch-Makefile
deleted file mode 100644
index 272e68a70332..000000000000
--- a/security/zebedee/files/patch-Makefile
+++ /dev/null
@@ -1,99 +0,0 @@
---- Makefile.orig	2005-09-06 05:59:53 UTC
-+++ Makefile
-@@ -5,7 +5,7 @@
- 
- ZBD_VERSION = 2.5.3
- 
--OS = 
-+OS = freebsd
- 
- ###
- ### Locations of tools, libraries and installation directories.
-@@ -14,13 +14,11 @@ OS = 
- 
- # Choose your C compiler
- 
--CC_$(OS) = gcc
--
- CC_win32 = gcc -mno-cygwin
- CC_linux = gcc -pthread
- CC_linux64 = $(CC_linux) -m64
- CC_solaris = gcc
--CC_freebsd = gcc -pthread
-+CC_freebsd ?= gcc
- CC_tru64 = cc
- CC_irix = cc -n32 -woff 1110
- CC_hpux = cc -Ae +DAportable
-@@ -31,7 +29,7 @@ CC = $(CC_$(OS))
- # Optimise/debug compilation
- 
- #OPTIM = -Wall -g
--OPTIM = -Wall -O3
-+OPTIM = -Wall
- 
- # Location of gmp include and library
- #
-@@ -46,25 +44,26 @@ OPTIM = -Wall -O3
- # BFINC = /usr/include/openssl
- # BFLIB = -lcrypto
- 
--BFINC = -I../blowfish-0.9.5a
--BFLIB = ../blowfish-0.9.5a/libblowfish.a
-+BFINC = -I$(OPENSSLINC) -I$(OPENSSLINC)/openssl
-+BFLIB = $(OPENSSLLIB)/libcrypto.a
- 
- # Location of zlib include and library
- 
--ZINC = -I../zlib-1.2.3
--ZLIB = ../zlib-1.2.3/libz.a
-+ZINC = 
-+ZLIB = -lz
- 
- # Location of bzlib include and library
- # Set these empty if you don't want bzib2 support
- 
--BZINC = -I../bzip2-1.0.3
--BZLIB = ../bzip2-1.0.3/libbz2.a
-+BZINC = -I$(LOCALBASE)/include
-+BZLIB = -L$(LOCALBASE)/lib -lbz2
- 
- #
- # Tools needed for Perl "POD"-format documentation conversion.
- #
- PERL_$(OS) = perl
- PERL_win32 = c:/perl/bin/perl	# Avoid Cygwin port
-+PERL_freebsd = perl
- PERL = $(PERL_$(OS))
- 
- BAT_win32 = .bat
-@@ -186,7 +185,8 @@ SERVICEOBJ = $(SERVICEOBJ_$(OS))
- #### You REALLY shouldn't have to modify anything beyond here ...
- ####
- 
--CFLAGS = $(OPTIM) $(DEFINES) -I. $(GMPINC) $(BFINC) $(ZINC) $(BZINC)
-+CFLAGS ?= -03
-+CFLAGS += $(OPTIM) $(DEFINES) -I. $(GMPINC) $(BFINC) $(ZINC) $(BZINC)
- 
- LIBS = $(GMPLIB) $(BFLIB) $(ZLIB) $(BZLIB) $(OSLIBS)
- 
-@@ -196,17 +196,17 @@ ZBDFILES = server.zbd vncviewer.zbd vncs
- 	client1.key client2.key clients.id
- 
- TXTFILES = README.txt LICENCE.txt GPL2.txt CHANGES.txt NOTICE.txt \
--	zebedee.html ftpgw.tcl.html zebedee.ja_JP.html zebedee.iss
-+	zebedee.html ftpgw.tcl.html zebedee.iss
- 
- EXTRAFILES = $(ZBDFILES) $(TXTFILES)
- 
--all : precheck zebedee$(EXE) zebedee.1 zebedee.html ftpgw.tcl.1 ftpgw.tcl.html zebedee.ja_JP.html
-+all : precheck zebedee$(EXE) zebedee.1 zebedee.html ftpgw.tcl.1 ftpgw.tcl.html
- 
- precheck :
- 	@ if test -z "$(OS)"; then echo "Use '$(MAKE) OS=xxx' where xxx is win32, linux, linux64, solaris, freebsd, tru64, irix, hpux, macosx or bsdi"; exit 1; fi
- 
- zebedee$(EXE) : $(OBJS)
--	$(CC) $(CFLAGS) -o zebedee$(EXE) $(OBJS) $(LIBS)
-+	$(CC) $(CFLAGS) -o zebedee$(EXE) $(OBJS) $(LIBS) -lpthread
- 
- huge.o : huge.h
- 
diff --git a/security/zebedee/pkg-descr b/security/zebedee/pkg-descr
deleted file mode 100644
index 9c2a2397d247..000000000000
--- a/security/zebedee/pkg-descr
+++ /dev/null
@@ -1,6 +0,0 @@
-Zebedee is a simple program to establish an encrypted, compressed TCP/IP
-"tunnel" between two systems. This allows TCP-based traffic such as telnet,
-ftp and X to be protected from snooping as well as potentially gaining
-performance over low-bandwidth networks from compression.
-
-WWW: http://www.winton.org.uk/zebedee/
diff --git a/security/zebedee/pkg-plist b/security/zebedee/pkg-plist
deleted file mode 100644
index 7c98246df84e..000000000000
--- a/security/zebedee/pkg-plist
+++ /dev/null
@@ -1,5 +0,0 @@
-bin/ftpgw.tcl
-bin/zebedee
-etc/server.zbd.sample
-man/man1/ftpgw.tcl.1.gz
-man/man1/zebedee.1.gz