openssh: update to 8.4p1, drop keychain patch and hpn variant

update gsskex and macports-config patches

net/openssh/Portfile

@@ -5,8 +5,8 @@ PortSystem          1.0
 PortGroup           compiler_blacklist_versions 1.0
 
 name                openssh
-version             8.1p1
-revision            9
+version             8.4p1
+revision            0
 categories          net
 platforms           darwin
 maintainers         nomaintainer
@@ -29,9 +29,9 @@ long_description    OpenSSH is a FREE version of the SSH protocol suite of \
 
 homepage            https://www.openbsd.org/openssh/
 
-checksums           rmd160  0d9bcaa22b77a8e26fbe4804ea4ae017e45b1568 \
-                    sha256  02f5dbef3835d0753556f973cd57b4c19b6b1f6cd24c03445e23ac77ca1b93ff \
-                    size    1625894
+checksums           rmd160  2d3eec0b56f7edef5d50b8defa2f143ffee5c65a \
+                    sha256  5a01d22e407eb1c05ba8a8f7c654d388a13e9f226e4ed33bd38748dafa1d2b24 \
+                    size    1742201
 
 master_sites        openbsd:OpenSSH/portable \
                     ftp://ftp.cise.ufl.edu/pub/mirrors/openssh/portable/ \
@@ -50,9 +50,7 @@ if {${name} eq ${subport}} {
                         pam.patch \
                         patch-sandbox-darwin.c-apple-sandbox-named-external.diff \
                         patch-sshd.c-apple-sandbox-named-external.diff \
-                        0002-Apple-keychain-integration-other-changes.patch \
-                        macports-config.patch \
-                        patch-openbsd_compat-memmem-bug.diff
+                        macports-config.patch
 
     # We need a couple of patches
     # - pam.patch
@@ -64,8 +62,6 @@ if {${name} eq ${subport}} {
     #   This requires a sandbox profile (which we provide) and the sandbox_init(3)
     #   call before the chroot(2) to privsep-path (${prefix}/var/empty), or it will
     #   fail to load the sandbox description and libsandbox.1.dylib.
-    # - 0002-Apple-keychain-integration-other-changes.patch
-    #   Adds Apple Keychain integration and ssh-agent's launchd mode
     # - macports-config.patch
     #   Changes the default configuration from the upstream-provided one by popular
     #   request.
@@ -148,36 +144,14 @@ if {${name} eq ${subport}} {
         }
     }
 
-    notes-append "
-                    Apple's keychain integration and launchd changes are now\
-                    included by default, not just with the gsskex variant.\
-
-                    The parameters were changed from -m/-M to -A/-K in\
-                    accordance with Apple's changes, because upstream started\
-                    using the former switches themselves recently."
-
     variant xauth description {Build with support for xauth} {
         configure.args-replace  --without-xauth \
                                 --with-xauth=${prefix}/bin/xauth
         depends_run-append      port:xauth
     }
 
-    variant hpn conflicts gsskex description {Apply high performance patch} {
-        # Current location(s):
-        #   https://github.com/rapier1/openssh-portable/
-        #   http://www.freshports.org/security/openssh-portable/
-        #     (is usually quick in updating the HPN patch for new versions,
-        #      take a look there, too.)
-
-        # Formerly taken directly from FreeBSD as a distfile, now copied over
-        # from either upstream at or FreeBSD's ports directory and rebased.
-        set hpn_patchfile       ${name}-${version}-hpnssh14v18
-        patchfiles-append       ${hpn_patchfile}.diff \
-                                ${hpn_patchfile}-openssl-1.1.diff
-    }
-
-    variant gsskex conflicts hpn requires kerberos5 description "Add OpenSSH GSSAPI key exchange patch" {
-        patchfiles-append       openssh-8.1p1-gsskex-all-20141021-mp-20191015.patch
+    variant gsskex requires kerberos5 description "Add OpenSSH GSSAPI key exchange patch" {
+        patchfiles-append       openssh-8.1p1-gsskex-all-20141021-mp-20201216.patch
         configure.ldflags-append \
                                 -Wl,-pie
         configure.cflags-append -fPIE