Debian OpenSSH source package handling
======================================

The Debian package of OpenSSH is maintained in Bazaar
(http://bazaar-vcs.org/, or the 'bzr' package in Debian). You will need at
least version 1.16.1; the version in Debian testing as of the time of
writing (2009-12-21) is fine, or you can use the version in lenny-backports.
URLs are as follows:

  Anonymous branch: http://anonscm.debian.org/bzr/pkg-ssh/openssh/trunk
  Web browsing:     http://anonscm.debian.org/loggerhead/pkg-ssh/openssh/trunk
  Authenticated, for developers with commit access only:
                    bzr+ssh://bzr.debian.org/bzr/pkg-ssh/openssh/trunk

Although it's possible that I may use something like bzr-loom in the future
to better manage things like the Kerberos/GSSAPI patch, right now there's no
funny business and all that developers need to do is:

  # To check out:
  bzr co bzr+ssh://bzr.debian.org/bzr/pkg-ssh/openssh/trunk openssh

  # To update:
  bzr up

  # To edit:
  # hack hack hack, and 'bzr add' any new files
  debcommit # or bzr commit
  # note that this pushes automatically; you can use 'bzr unbind' to
  # temporarily prevent this, or 'bzr branch' to create a local branch which
  # you can merge later

  # To release:
  dch -r && debcommit -r

If you have lots of branches, you'll probably want to use a shared
repository to save space. Run 'bzr init-repo .' in an ancestor directory of
all your OpenSSH working directories. For example, I have a shared
repository in ~/src/debian/openssh/, upstream checkouts in
~/src/debian/openssh/upstream/, and my own working trees in
~/src/debian/openssh/trunk/.

Patch handling
--------------

This package uses quilt to manage all modifications to the upstream source.
Changes are stored in the source package as diffs in debian/patches and
applied automatically by dpkg-source when the source package is extracted.

To configure quilt to use debian/patches instead of patches, you want either
to export QUILT_PATCHES=debian/patches in your environment or use this
snippet in your ~/.quiltrc:

    for where in ./ ../ ../../ ../../../ ../../../../ ../../../../../; do
        if [ -e ${where}debian/rules -a -d ${where}debian/patches ]; then
                export QUILT_PATCHES=debian/patches
                break
        fi
    done

After unpacking the source package, all patches will be applied, and you can
use quilt normally.

If you check out the source code from bzr, then all patches will be applied,
but you will need to inform quilt of this manually.  Do this by running:

    debian/rules quilt-setup

To add a new set of changes, first run quilt push -a, and then run:

    quilt new <patch>

where <patch> is a descriptive name for the patch, used as the filename in
debian/patches.  Then, for every file that will be modified by this patch,
run:

    quilt add <file>

before editing those files.  You must tell quilt with quilt add what files
will be part of the patch before making changes or quilt will not work
properly.  After editing the files, run:

    quilt refresh

to save the results as a patch.

Alternately, if you already have an external patch and you just want to add
it to the build system, run quilt push -a and then:

    quilt import -P <patch> /path/to/patch
    quilt push -a

(add -p 0 to quilt import if needed). <patch> as above is the filename to
use in debian/patches.  The last quilt push -a will apply the patch to make
sure it works properly.

To remove an existing patch from the list of patches that will be applied,
run:

    quilt delete <patch>

You may need to run quilt pop -a to unapply patches first before running
this command.

You should only commit changes to bzr with all patches applied, i.e. after
'quilt push -a'.

Merging new upstream releases
-----------------------------

(Most developers will not need to read this section.)

Thanks to the import from Portable OpenSSH CVS provided by Launchpad
(https://code.launchpad.net/~vcs-imports/openssh/main, accessible by the
shortcut 'lp:openssh' from the bzr client), the Debian branch is a true DVCS
branch from upstream. This is a worthwhile property, but preserving it does
take a little bit of work.

Launchpad only imports CVS HEAD, but upstream sometimes produces releases
from a branch. We use the same software used by Launchpad to import the
branch as well, but a few small hacks are necessary to do good branch
imports. In Bazaar, it's important that the same file in different branches
should have the same file-id, otherwise merge attempts will try to delete
and re-add the file which usually doesn't work out very well. Occasionally a
file is added to CVS HEAD and then also added to a branch, and cscvs isn't
quite smart enough to spot this and copy over the file-id. We need to help
it out.

To fetch the necessary code:

  bzr branch lp:~cjwatson/launchpad-cscvs/openssh-branch-imports
  # or 'bzr pull' in the appropriate directory to update this, if you
  # already have a copy

To import a branch, V_5_3 in this example:

  export PATH="/path/to/cscvs/openssh-branch-imports:$PATH"
  export PYTHONPATH=/path/to/cscvs/openssh-branch-imports/modules:/path/to/cscvs/openssh-branch-imports
  # in a CVS checkout of :ext:anoncvs@anoncvs.mindrot.org:/cvs module
  # openssh:
  cscvs cache -b
  # or 'cscvs cache -u' if you've done this before and want to update
  cvs up -rV_5_3

  # Now we need to get a few bits of information from cscvs' cache.
  sqlite CVS/Catalog.sqlite
  sqlite> select csnum,log from changeset where branch = 'V_5_3' order by startdate;
  # There will be a solid block of "Creation of branch V_5_3" changesets at
  # the start; look for the first revision *after* this. Substitute this in
  # the following wherever you see "CSX".
  sqlite> select revision,filename from revision where branch = 'V_5_3' and csnum >= CSX and revision not like '%.%.%' order by filename;
  # Anything listed here will need to be added to the openssh_ids dictionary
  # in modules/CVS/StorageLayer.py in cscvs. Please send Colin Watson a
  # patch if you do this.

  # Next, look up the branchpoint revision in the main bzr import (bzr
  # branch lp:openssh). It's usually easiest to just look it up by commit
  # message and double-check the timestamp. Substitute this revision number
  # for "BPR" in the following. /path/to/openssh/main is wherever you've
  # checked out lp:openssh.
  bzr branch -rBPR /path/to/openssh/main /path/to/openssh/5.3
  # If you're using Bazaar signed commits with a GPG agent, make sure that
  # your agent has seen your passphrase recently. Now you can start the
  # actual import!
  cscvs -D4 totla -SC V_5_3.CSX: /path/to/openssh/5.3
  # If this fails at the end with a "directories differ" message, you may
  # have forgotten to switch your CVS checkout to the appropriate branch
  # with 'cvs up -r...' above. Otherwise you'll have to debug this for
  # yourself. It's also worth double-checking that any files added to the
  # branch have file-ids matching those on the trunk, using 'bzr ls -R
  # --show-ids'.

Now we have a Bazaar branch corresponding to what's in CVS. Previous such
branches are available from Launchpad, for reference purposes:

  https://code.launchpad.net/openssh

However, upstream releases involve a 'make distprep' step as well to
construct the tarball, and we need to import the results of this as well to
get a clean package.

Start by unpacking the upstream tarball (remember to check its GPG signature
first!). Copy the .bzr directory from the upstream branch you prepared
earlier. Now we have another branch, but with a working tree corresponding
to the upstream tarball. Modifications and deletions are handled
automatically, but we need to handle additions explicitly to make sure
file-ids are correct (see above). Run:

  bzr add --file-ids-from=/path/to/openssh/debian/trunk
  bzr st --show-ids
  # compare this with 'bzr ls --show-ids' in the Debian trunk to make sure
  # the result will be mergeable
  bzr ci -m 'Import 5.3p1 tarball'

Add a parent revision for the previous tarball branch, to make it easier for
bzr to compute accurate merges.

  bzr log -n0 /path/to/openssh/debian/trunk | less
  # find revision number for previous tarball import, hence 'PREVIOUS'
  bzr merge -rPREVIOUS /path/to/openssh/debian/trunk
  # merge history only, no file changes
  bzr revert .
  bzr ci -m 'add 5.2p1 tarball parent revision'
  bzr tag upstream-5.3p1

Next, merge this into the gssapi branch
(bzr+ssh://bzr.debian.org/bzr/pkg-ssh/openssh/gssapi/). For this branch, we
want to ignore the normal results of merging and take only the patch from
http://www.sxw.org.uk/computing/patches/openssh.html; of course such a patch
needs to exist first! To do this, run this in the gssapi branch:

  bzr merge /path/to/openssh/tarball/branch
  bzr revert -rrevno:-1:/path/to/openssh/tarball/branch .
  patch -p1 </path/to/openssh/gssapi/patch
  bzr add --file-ids-from=/path/to/openssh/debian/trunk
  # you may need to deal with applying configure.ac changes to configure
  # here
  bzr ci -m 'import openssh-5.3p1-gsskex-all-20100124.patch'

You should now be able to 'bzr merge' from the gssapi branch into the Debian
trunk, resolve conflicts, and commit. If you see lots of "Contents conflict"
messages, you may have got the file-ids wrong. Once you've committed the
merge, you can throw away the tarball branch, as all its history will have
been incorporated.

W: gsi-openssh-client: copyright-refers-to-versionless-license-file usr/share/common-licenses/GPL
O: gsi-openssh-client: setuid-binary usr/lib/gsissh/ssh-keysign 4755 root/root

drwxr-xr-x root/root         0 2012-09-13 12:19 ./
drwxr-xr-x root/root         0 2012-09-13 12:19 ./usr/
drwxr-xr-x root/root         0 2012-09-13 12:19 ./usr/share/
drwxr-xr-x root/root         0 2012-09-13 12:19 ./usr/share/doc/
drwxr-xr-x root/root         0 2012-09-13 12:19 ./usr/share/doc/gsi-openssh-client/
-rw-r--r-- root/root     29689 2012-04-20 05:01 ./usr/share/doc/gsi-openssh-client/changelog.gz
-rw-r--r-- root/root      3958 2012-09-13 12:17 ./usr/share/doc/gsi-openssh-client/ChangeLog.gssapi
-rw-r--r-- root/root      2747 2010-08-23 22:07 ./usr/share/doc/gsi-openssh-client/README.compromised-keys.gz
-rw-r--r-- root/root      2720 2006-08-05 02:39 ./usr/share/doc/gsi-openssh-client/OVERVIEW.gz
-rw-r--r-- root/root      2715 2012-04-20 04:11 ./usr/share/doc/gsi-openssh-client/README
-rw-r--r-- root/root      1607 2003-10-15 06:07 ./usr/share/doc/gsi-openssh-client/README.dns
-rw-r--r-- root/root       389 2012-09-13 12:07 ./usr/share/doc/gsi-openssh-client/changelog.Debian.gz
-rw-r--r-- root/root     46002 2012-04-21 23:51 ./usr/share/doc/gsi-openssh-client/faq.html
-rw-r--r-- root/root     18348 2012-09-13 12:17 ./usr/share/doc/gsi-openssh-client/copyright
-rw-r--r-- root/root      1291 2012-09-13 11:54 ./usr/share/doc/gsi-openssh-client/README.Debian
-rw-r--r-- root/root      1854 2006-03-31 12:10 ./usr/share/doc/gsi-openssh-client/README.tun.gz
drwxr-xr-x root/root         0 2012-09-13 12:19 ./usr/share/lintian/
drwxr-xr-x root/root         0 2012-09-13 12:19 ./usr/share/lintian/overrides/
-rw-r--r-- root/root        76 2012-08-14 19:44 ./usr/share/lintian/overrides/gsi-openssh-client
drwxr-xr-x root/root         0 2012-09-13 12:19 ./usr/share/man/
drwxr-xr-x root/root         0 2012-09-13 12:19 ./usr/share/man/man5/
-rw-r--r-- root/root      1762 2012-09-13 12:19 ./usr/share/man/man5/gsimoduli.5.gz
-rw-r--r-- root/root     12488 2012-09-13 12:19 ./usr/share/man/man5/gsissh_config.5.gz
drwxr-xr-x root/root         0 2012-09-13 12:19 ./usr/share/man/man8/
-rw-r--r-- root/root      1440 2012-09-13 12:19 ./usr/share/man/man8/gsissh-keysign.8.gz
drwxr-xr-x root/root         0 2012-09-13 12:19 ./usr/share/man/man1/
-rw-r--r-- root/root      2155 2012-09-13 12:19 ./usr/share/man/man1/gsiscp.1.gz
-rw-r--r-- root/root      4868 2012-09-13 12:19 ./usr/share/man/man1/gsisftp.1.gz
-rw-r--r-- root/root      7388 2012-09-13 12:19 ./usr/share/man/man1/gsissh-keygen.1.gz
-rw-r--r-- root/root     13986 2012-09-13 12:19 ./usr/share/man/man1/gsissh.1.gz
drwxr-xr-x root/root         0 2012-09-13 12:19 ./usr/lib/
drwxr-xr-x root/root         0 2012-09-13 12:19 ./usr/lib/gsissh/
-rwsr-xr-x root/root    245064 2012-09-13 12:19 ./usr/lib/gsissh/ssh-keysign
drwxr-xr-x root/root         0 2012-09-13 12:19 ./usr/bin/
-rwxr-xr-x root/root    434024 2012-09-13 12:19 ./usr/bin/gsissh
-rwxr-xr-x root/root    195416 2012-09-13 12:19 ./usr/bin/gsissh-keygen
-rwxr-xr-x root/root    112904 2012-09-13 12:19 ./usr/bin/gsisftp
-rwxr-xr-x root/root     63544 2012-09-13 12:19 ./usr/bin/gsiscp
drwxr-xr-x root/root         0 2012-09-13 12:19 ./etc/
drwxr-xr-x root/root         0 2012-09-13 12:19 ./etc/gsissh/
-rw-r--r-- root/root      1673 2012-09-13 12:19 ./etc/gsissh/ssh_config
-rw-r--r-- root/root    136156 2012-09-13 12:19 ./etc/gsissh/moduli
lrwxrwxrwx root/root         0 2012-09-13 12:19 ./usr/share/man/man1/gsislogin.1.gz -> gsissh.1.gz
lrwxrwxrwx root/root         0 2012-09-13 12:19 ./usr/bin/gsislogin -> gsissh

This package was debianized by Philip Hands <phil@hands.com> on 31 Oct 1999
(with help from  Dan Brosemer <odin@linuxfreak.com>)

It was downloaded from here:
  ftp://ftp.fu-berlin.de/unix/security/openssh/openssh-2.3.0p1.tar.gz

worldwide mirrors are listed here:
  http://www.openssh.com/ftp.html

The Debian specific parts of the package are mostly taken from the
original ssh package, which has since been renamed as ssh-nonfree.

The Debian patch is distributed under the terms of the GPL, which you
can find in /usr/share/common-licenses/GPL.

In addition, as a special exception, Matthew Vernon gives permission
to link the code of the Debian patch with any version of the OpenSSH
code which is distributed under a license identical to that listed in
the included Copyright file, and distribute linked combinations
including the two.  You must obey the GNU General Public License in
all respects for all of the code used other than OpenSSH.  If you
modify this file, you may extend this exception to your version of the
file, but you are not obligated to do so.  If you do not wish to do
so, delete this exception statement from your version.

The upstream source for this package is a combination of the ssh
branch that is being maintained by the OpenBSD team (starting from
the last version of SSH that was distributed under a free license),
and porting work by Damien Miller <damien@ibs.com.au> to get it
working on Linux.  Other people also contributed to this, and are
credited in /usr/share/doc/ssh/README.

This package contains Kerberos version 5 patches from
http://www.sxw.org.uk/computing/patches/openssh.html; this is Copyright
(c) 2001-2009 Simon Wilkinson and provided under the standard 2-term BSD
licence used elsewhere in OpenSSH.

Copyright:

Code in helper.[ch] is Copyright Internet Business Solutions and is
released under a X11-style license (see source file for details).

(A)RC4 code in rc4.[ch] is Copyright Damien Miller. It too is under a
X11-style license (see source file for details).

make-ssh-known-hosts is Copyright Tero Kivinen <Tero.Kivinen@hut.fi>,
and is distributed under the GPL (see source file for details).

The copyright for the original SSH version follows.  It has been
modified with [comments] to reflect the changes that the OpenBSD folks
have made:

This file is part of the OpenSSH software.

The licences which components of this software fall under are as
follows.  First, we will summarize and say that all components
are under a BSD licence, or a licence more free than that.

OpenSSH contains no GPL code.

1)
     * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
     *                    All rights reserved
     *
     * As far as I am concerned, the code I have written for this software
     * can be used freely for any purpose.  Any derived versions of this
     * software must be clearly marked as such, and if the derived work is
     * incompatible with the protocol description in the RFC file, it must be
     * called by a name other than "ssh" or "Secure Shell".

    [Tatu continues]
     *  However, I am not implying to give any licenses to any patents or
     * copyrights held by third parties, and the software includes parts that
     * are not under my direct control.  As far as I know, all included
     * source code is used in accordance with the relevant license agreements
     * and can be used freely for any purpose (the GNU license being the most
     * restrictive); see below for details.

    [However, none of that term is relevant at this point in time.  All of
    these restrictively licenced software components which he talks about
    have been removed from OpenSSH, i.e.,

     - RSA is no longer included, found in the OpenSSL library
     - IDEA is no longer included, its use is deprecated
     - DES is now external, in the OpenSSL library
     - GMP is no longer used, and instead we call BN code from OpenSSL
     - Zlib is now external, in a library
     - The make-ssh-known-hosts script is no longer included
     - TSS has been removed
     - MD5 is now external, in the OpenSSL library
     - RC4 support has been replaced with ARC4 support from OpenSSL
     - Blowfish is now external, in the OpenSSL library

    [The licence continues]

    Note that any information and cryptographic algorithms used in this
    software are publicly available on the Internet and at any major
    bookstore, scientific library, and patent office worldwide.  More
    information can be found e.g. at "http://www.cs.hut.fi/crypto".

    The legal status of this program is some combination of all these
    permissions and restrictions.  Use only at your own responsibility.
    You will be responsible for any legal consequences yourself; I am not
    making any claims whether possessing or using this is legal or not in
    your country, and I am not taking any responsibility on your behalf.


			    NO WARRANTY

    BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
    FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.  EXCEPT WHEN
    OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
    PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
    OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
    MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  THE ENTIRE RISK AS
    TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE
    PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
    REPAIR OR CORRECTION.

    IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
    WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
    REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
    INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
    OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
    TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
    YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
    PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
    POSSIBILITY OF SUCH DAMAGES.

2)
    The 32-bit CRC compensation attack detector in deattack.c was
    contributed by CORE SDI S.A. under a BSD-style license.

     * Cryptographic attack detector for ssh - source code
     *
     * Copyright (c) 1998 CORE SDI S.A., Buenos Aires, Argentina.
     *
     * All rights reserved. Redistribution and use in source and binary
     * forms, with or without modification, are permitted provided that
     * this copyright notice is retained.
     *
     * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
     * WARRANTIES ARE DISCLAIMED. IN NO EVENT SHALL CORE SDI S.A. BE
     * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY OR
     * CONSEQUENTIAL DAMAGES RESULTING FROM THE USE OR MISUSE OF THIS
     * SOFTWARE.
     *
     * Ariel Futoransky <futo@core-sdi.com>
     * <http://www.core-sdi.com>

3)
    ssh-keyscan was contributed by David Mazieres under a BSD-style
    license.

     * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
     *
     * Modification and redistribution in source and binary forms is
     * permitted provided that due credit is given to the author and the
     * OpenBSD project by leaving this copyright notice intact.

4)
    The Rijndael implementation by Vincent Rijmen, Antoon Bosselaers
    and Paulo Barreto is in the public domain and distributed
    with the following license:

     * @version 3.0 (December 2000)
     *
     * Optimised ANSI C code for the Rijndael cipher (now AES)
     *
     * @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be>
     * @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be>
     * @author Paulo Barreto <paulo.barreto@terra.com.br>
     *
     * This code is hereby placed in the public domain.
     *
     * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
     * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
     * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
     * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
     * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
     * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
     * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
     * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
     * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
     * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
     * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

5)
    One component of the ssh source code is under a 3-clause BSD license,
    held by the University of California, since we pulled these parts from
    original Berkeley code.

     * Copyright (c) 1983, 1990, 1992, 1993, 1995
     *      The Regents of the University of California.  All rights reserved.
     *
     * Redistribution and use in source and binary forms, with or without
     * modification, are permitted provided that the following conditions
     * are met:
     * 1. Redistributions of source code must retain the above copyright
     *    notice, this list of conditions and the following disclaimer.
     * 2. Redistributions in binary form must reproduce the above copyright
     *    notice, this list of conditions and the following disclaimer in the
     *    documentation and/or other materials provided with the distribution.
     * 3. Neither the name of the University nor the names of its contributors
     *    may be used to endorse or promote products derived from this software
     *    without specific prior written permission.
     *
     * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
     * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
     * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
     * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
     * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
     * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
     * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
     * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
     * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
     * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
     * SUCH DAMAGE.

6)
    Remaining components of the software are provided under a standard
    2-term BSD licence with the following names as copyright holders:

	Markus Friedl
	Theo de Raadt
	Niels Provos
	Dug Song
	Aaron Campbell
	Damien Miller
	Kevin Steves
	Daniel Kouril
	Wesley Griffin
	Per Allansson
	Nils Nordman
	Simon Wilkinson

    Portable OpenSSH additionally includes code from the following copyright
    holders, also under the 2-term BSD license:

	Ben Lindstrom
	Tim Rice
	Andre Lucas
	Chris Adams
	Corinna Vinschen
	Cray Inc.
	Denis Parker
	Gert Doering
	Jakob Schlyter
	Jason Downs
	Juha Yrjölä
	Michael Stone
	Networks Associates Technology, Inc.
	Solar Designer
	Todd C. Miller
	Wayne Schroeder
	William Jones
	Darren Tucker
	Sun Microsystems
	The SCO Group
	Daniel Walsh
	Red Hat, Inc
	Simon Vallet / Genoscope

     * Redistribution and use in source and binary forms, with or without
     * modification, are permitted provided that the following conditions
     * are met:
     * 1. Redistributions of source code must retain the above copyright
     *    notice, this list of conditions and the following disclaimer.
     * 2. Redistributions in binary form must reproduce the above copyright
     *    notice, this list of conditions and the following disclaimer in the
     *    documentation and/or other materials provided with the distribution.
     *
     * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
     * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
     * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
     * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
     * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
     * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
     * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
     * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
     * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
     * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

8) Portable OpenSSH contains the following additional licenses:

    a) md5crypt.c, md5crypt.h

	 * "THE BEER-WARE LICENSE" (Revision 42):
	 * <phk@login.dknet.dk> wrote this file.  As long as you retain this
	 * notice you can do whatever you want with this stuff. If we meet
	 * some day, and you think this stuff is worth it, you can buy me a
	 * beer in return.   Poul-Henning Kamp

    b) snprintf replacement

	* Copyright Patrick Powell 1995
	* This code is based on code written by Patrick Powell
	* (papowell@astart.com) It may be used for any purpose as long as this
	* notice remains intact on all source code distributions

    c) Compatibility code (openbsd-compat)

       Apart from the previously mentioned licenses, various pieces of code
       in the openbsd-compat/ subdirectory are licensed as follows:

       Some code is licensed under a 3-term BSD license, to the following
       copyright holders:

	Todd C. Miller
	Theo de Raadt
	Damien Miller
	Eric P. Allman
	The Regents of the University of California
	Constantin S. Svintsoff

	* Redistribution and use in source and binary forms, with or without
	* modification, are permitted provided that the following conditions
	* are met:
	* 1. Redistributions of source code must retain the above copyright
	*    notice, this list of conditions and the following disclaimer.
	* 2. Redistributions in binary form must reproduce the above copyright
	*    notice, this list of conditions and the following disclaimer in the
	*    documentation and/or other materials provided with the distribution.
	* 3. Neither the name of the University nor the names of its contributors
	*    may be used to endorse or promote products derived from this software
	*    without specific prior written permission.
	*
	* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	* ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	* SUCH DAMAGE.

       Some code is licensed under an ISC-style license, to the following
       copyright holders:

	Internet Software Consortium.
	Todd C. Miller
	Reyk Floeter
	Chad Mynhier

	* Permission to use, copy, modify, and distribute this software for any
	* purpose with or without fee is hereby granted, provided that the above
	* copyright notice and this permission notice appear in all copies.
	*
	* THE SOFTWARE IS PROVIDED "AS IS" AND TODD C. MILLER DISCLAIMS ALL
	* WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
	* OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL TODD C. MILLER BE LIABLE
	* FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
	* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
	* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
	* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

       Some code is licensed under a MIT-style license to the following
       copyright holders:

	Free Software Foundation, Inc.

	* Permission is hereby granted, free of charge, to any person obtaining a  *
	* copy of this software and associated documentation files (the            *
	* "Software"), to deal in the Software without restriction, including      *
	* without limitation the rights to use, copy, modify, merge, publish,      *
	* distribute, distribute with modifications, sublicense, and/or sell       *
	* copies of the Software, and to permit persons to whom the Software is    *
	* furnished to do so, subject to the following conditions:                 *
	*                                                                          *
	* The above copyright notice and this permission notice shall be included  *
	* in all copies or substantial portions of the Software.                   *
	*                                                                          *
	* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS  *
	* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF               *
	* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.   *
	* IN NO EVENT SHALL THE ABOVE COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,   *
	* DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR    *
	* OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR    *
	* THE USE OR OTHER DEALINGS IN THE SOFTWARE.                               *
	*                                                                          *
	* Except as contained in this notice, the name(s) of the above copyright   *
	* holders shall not be used in advertising or otherwise to promote the     *
	* sale, use or other dealings in this Software without prior written       *
	* authorization.                                                           *
	****************************************************************************/


------
$OpenBSD: LICENCE,v 1.19 2004/08/30 09:18:08 markus Exp $

drwxr-xr-x root/root         0 2012-09-13 12:19 ./
drwxr-xr-x root/root         0 2012-09-13 12:19 ./usr/
drwxr-xr-x root/root         0 2012-09-13 12:19 ./usr/share/
drwxr-xr-x root/root         0 2012-09-13 12:19 ./usr/share/doc/
lrwxrwxrwx root/root         0 2012-09-13 12:19 ./usr/share/doc/gsi-openssh -> gsi-openssh-client

WARNING: No copyright found, please check package manually.

drwxr-xr-x root/root         0 2012-09-13 12:19 ./
drwxr-xr-x root/root         0 2012-09-13 12:19 ./usr/
drwxr-xr-x root/root         0 2012-09-13 12:19 ./usr/sbin/
-rwxr-xr-x root/root    529832 2012-09-13 12:19 ./usr/sbin/gsisshd
drwxr-xr-x root/root         0 2012-09-13 12:19 ./usr/share/
drwxr-xr-x root/root         0 2012-09-13 12:19 ./usr/share/doc/
drwxr-xr-x root/root         0 2012-09-13 12:19 ./usr/share/doc/gsi-openssh-client/
drwxr-xr-x root/root         0 2012-09-13 12:19 ./usr/share/doc/gsi-openssh-client/examples/
-rw-r--r-- root/root      3718 2012-09-13 12:17 ./usr/share/doc/gsi-openssh-client/examples/sshd_config
drwxr-xr-x root/root         0 2012-09-13 12:19 ./usr/share/man/
drwxr-xr-x root/root         0 2012-09-13 12:19 ./usr/share/man/man5/
-rw-r--r-- root/root     12653 2012-09-13 12:19 ./usr/share/man/man5/gsisshd_config.5.gz
drwxr-xr-x root/root         0 2012-09-13 12:19 ./usr/share/man/man8/
-rw-r--r-- root/root     11655 2012-09-13 12:19 ./usr/share/man/man8/gsisshd.8.gz
-rw-r--r-- root/root      1844 2012-09-13 12:19 ./usr/share/man/man8/gsisftp-server.8.gz
drwxr-xr-x root/root         0 2012-09-13 12:19 ./usr/lib/
drwxr-xr-x root/root         0 2012-09-13 12:19 ./usr/lib/gsissh/
-rwxr-xr-x root/root     63536 2012-09-13 12:19 ./usr/lib/gsissh/sftp-server
drwxr-xr-x root/root         0 2012-09-13 12:19 ./etc/
drwxr-xr-x root/root         0 2012-09-13 12:19 ./etc/default/
-rw-r--r-- root/root       136 2012-08-15 06:51 ./etc/default/gsissh
drwxr-xr-x root/root         0 2012-09-13 12:19 ./etc/network/
drwxr-xr-x root/root         0 2012-09-13 12:19 ./etc/network/if-up.d/
-rwxr-xr-x root/root       868 2012-08-14 17:18 ./etc/network/if-up.d/gsi-openssh-server
drwxr-xr-x root/root         0 2012-09-13 12:19 ./etc/pam.d/
-rw-r--r-- root/root      1462 2012-05-21 23:19 ./etc/pam.d/gsisshd
drwxr-xr-x root/root         0 2012-09-13 12:19 ./etc/ufw/
drwxr-xr-x root/root         0 2012-09-13 12:19 ./etc/ufw/applications.d/
-rw-r--r-- root/root       172 2012-09-13 12:19 ./etc/ufw/applications.d/gsi-openssh-server
drwxr-xr-x root/root         0 2012-09-13 12:19 ./etc/init.d/
-rwxr-xr-x root/root      4007 2012-08-15 07:08 ./etc/init.d/gsissh
lrwxrwxrwx root/root         0 2012-09-13 12:19 ./usr/share/doc/gsi-openssh-server -> gsi-openssh-client
lrwxrwxrwx root/root         0 2012-09-13 12:19 ./usr/share/man/man5/gsiauthorized_keys.5.gz -> ../man8/gsisshd.8.gz

WARNING: No copyright found, please check package manually.