Patching a system is one of the things which an admin does not really like to do. But out of a security point of view, it's unavoidable to do so. For this matter I would also suggest you read the OpenBSD FAQ.
Let's now have a look at how to patch something:
First check if you have CVS installed on your system. If not, either get it from Cyclic or consider installing the src package (pkg_add).
Set the shell variables for CVS such that it uses SSH to tunnel your CVS transfers. Ah, let me tell why you need CVS at all. With CVS you are able to obtain your sources for the program you like to patch. More about this later. Okay, back to the shell command:
in CSH use: setenv CVS_RSH /usr/bin/ssh
Now try to find an anonymous OpenBSD CVS-Server. Then set the shell variable accordingly. For example: setenv CVSROOT=anoncvs@anoncvs1.usa.openbsd.org:/cvs
All right. Now go to the patches for your system and download the necessary ones. Then open the tarball and look at each individual patch.
Check the Index-line in those files and obtain the sourcefiles for your package which you want to patch.
Let's have a look at an example. My index-line said: sys/netinet/ipl.h
Now I check out the sources with: cd /usr/src; cvs -danoncvs@anoncvs5.usa.openbsd.org:/cvs co -rOPENBSD_2_7_BASE sys/netinet
(Pay attention. I use OpenBSD 2.7 and my source is in /usr/src. You may have to change that in the above line!). Something else to pay attention to is the fact that, maybe I'm too stupied, but a lot of directories were downloaded under src/.. so I had the structure: /usr/src/src/... which should be a level further up. So make sure your source is at the right place after all.
