11 files changed, 36 insertions, 8 deletions

diff --git a/hwdb/60-evdev.hwdb b/hwdb/60-evdev.hwdb
index 569b4cb771..5142ef16c3 100644
--- a/hwdb/60-evdev.hwdb
+++ b/hwdb/60-evdev.hwdb
@@ -267,6 +267,13 @@ evdev:name:AlpsPS/2 ALPS DualPoint TouchPad:dmi:*svnDellInc.:pnPrecisionM4700*
  EVDEV_ABS_35=0:1960:24
  EVDEV_ABS_36=113:1436:30
 
+# Dell XPS13 9360
+evdev:name:SynPS/2 Synaptics TouchPad:dmi:*svnDellInc.:pnXPS139360:cvr:*
+ EVDEV_ABS_00=::42
+ EVDEV_ABS_01=::60
+ EVDEV_ABS_35=::42
+ EVDEV_ABS_36=::60
+
 # Dell XPS15 9550
 evdev:name:SynPS/2 Synaptics TouchPad:dmi:bvn*:bvr*:bd*:svnDellInc.:pnXPS159550*
  EVDEV_ABS_00=::41
diff --git a/src/basic/fileio.c b/src/basic/fileio.c
index 623e43e4ca..a9c0fd20e1 100644
--- a/src/basic/fileio.c
+++ b/src/basic/fileio.c
@@ -930,10 +930,10 @@ int warn_file_is_world_accessible(const char *filename, struct stat *st, const c
 
         if (unit)
                 log_syntax(unit, LOG_WARNING, filename, line, 0,
-                           "%s has %04o mode that is too permissive, please adjust the access mode.",
+                           "%s has %04o mode that is too permissive, please adjust the ownership and access mode.",
                            filename, st->st_mode & 07777);
         else
-                log_warning("%s has %04o mode that is too permissive, please adjust the access mode.",
+                log_warning("%s has %04o mode that is too permissive, please adjust the ownership and access mode.",
                             filename, st->st_mode & 07777);
         return 0;
 }
diff --git a/src/libsystemd/sd-network/sd-network.c b/src/libsystemd/sd-network/sd-network.c
index a3c0542d7a..8ff9382d90 100644
--- a/src/libsystemd/sd-network/sd-network.c
+++ b/src/libsystemd/sd-network/sd-network.c
@@ -229,6 +229,10 @@ _public_ int sd_network_link_get_timezone(int ifindex, char **ret) {
         return network_link_get_string(ifindex, "TIMEZONE", ret);
 }
 
+_public_ int sd_network_link_get_dhcp4_address(int ifindex, char **ret) {
+        return network_link_get_string(ifindex, "DHCP4_ADDRESS", ret);
+}
+
 _public_ int sd_network_link_get_dns(int ifindex, char ***ret) {
         return network_link_get_strv(ifindex, "DNS", ret);
 }
diff --git a/src/network/netdev/macsec.c b/src/network/netdev/macsec.c
index cf281e75a6..d1d65a69bf 100644
--- a/src/network/netdev/macsec.c
+++ b/src/network/netdev/macsec.c
@@ -981,6 +981,8 @@ static int macsec_read_key_file(NetDev *netdev, SecurityAssociation *sa) {
         if (!sa->key_file)
                 return 0;
 
+        (void) warn_file_is_world_accessible(sa->key_file, NULL, NULL, 0);
+
         r = read_full_file_full(sa->key_file, READ_FULL_FILE_SECURE | READ_FULL_FILE_UNHEX, (char **) &key, &key_len);
         if (r < 0)
                 return log_netdev_error_errno(netdev, r,
diff --git a/src/network/netdev/netdev.c b/src/network/netdev/netdev.c
index 7735b455b7..7853e197f1 100644
--- a/src/network/netdev/netdev.c
+++ b/src/network/netdev/netdev.c
@@ -844,7 +844,7 @@ int netdev_load(Manager *manager) {
         STRV_FOREACH(f, files) {
                 r = netdev_load_one(manager, *f);
                 if (r < 0)
-                        return r;
+                        log_error_errno(r, "Failed to load %s, ignoring: %m", *f);
         }
 
         return 0;
diff --git a/src/network/netdev/wireguard.c b/src/network/netdev/wireguard.c
index 913ee2a058..a40b32d148 100644
--- a/src/network/netdev/wireguard.c
+++ b/src/network/netdev/wireguard.c
@@ -901,6 +901,8 @@ static int wireguard_read_key_file(const char *filename, uint8_t dest[static WG_
 
         assert(dest);
 
+        (void) warn_file_is_world_accessible(filename, NULL, NULL, 0);
+
         r = read_full_file_full(filename, READ_FULL_FILE_SECURE | READ_FULL_FILE_UNBASE64, &key, &key_len);
         if (r < 0)
                 return r;
diff --git a/src/network/networkctl.c b/src/network/networkctl.c
index 3100a2e04e..a7cccbc690 100644
--- a/src/network/networkctl.c
+++ b/src/network/networkctl.c
@@ -678,6 +678,7 @@ static int dump_addresses(
                 int ifindex) {
 
         _cleanup_free_ struct local_address *local = NULL;
+        _cleanup_free_ char *dhcp4_address = NULL;
         int r, n, i;
 
         assert(rtnl);
@@ -687,6 +688,8 @@ static int dump_addresses(
         if (n < 0)
                 return n;
 
+        (void) sd_network_link_get_dhcp4_address(ifindex, &dhcp4_address);
+
         for (i = 0; i < n; i++) {
                 _cleanup_free_ char *pretty = NULL;
 
@@ -700,6 +703,15 @@ static int dump_addresses(
                 if (r < 0)
                         return r;
 
+                if (dhcp4_address && streq(pretty, dhcp4_address)) {
+                        _cleanup_free_ char *p = NULL;
+
+                        p = pretty;
+                        pretty = strjoin(pretty , " (DHCP4)");
+                        if (!pretty)
+                                return log_oom();
+                }
+
                 if (ifindex <= 0) {
                         char name[IF_NAMESIZE+1];
 
diff --git a/src/network/networkd-network.c b/src/network/networkd-network.c
index 2b8d0eb2fb..fe81f1b720 100644
--- a/src/network/networkd-network.c
+++ b/src/network/networkd-network.c
@@ -506,7 +506,7 @@ int network_load(Manager *manager) {
         STRV_FOREACH(f, files) {
                 r = network_load_one(manager, *f);
                 if (r < 0)
-                        return r;
+                        log_error_errno(r, "Failed to load %s, ignoring: %m", *f);
         }
 
         return 0;
diff --git a/src/systemd/sd-network.h b/src/systemd/sd-network.h
index c78f7c86bb..1cf4c2ec9d 100644
--- a/src/systemd/sd-network.h
+++ b/src/systemd/sd-network.h
@@ -110,6 +110,10 @@ int sd_network_link_get_network_file(int ifindex, char **filename);
  * IP addresses */
 int sd_network_link_get_dns(int ifindex, char ***ret);
 
+/* Get DHCP4 address for a given link. This is string representations of
+ * IPv4 address */
+int sd_network_link_get_dhcp4_address(int ifindex, char **ret);
+
 /* Get NTP entries for a given link. These are domain names or string
  * representations of IP addresses */
 int sd_network_link_get_ntp(int ifindex, char ***ret);
diff --git a/tools/oss-fuzz.sh b/tools/oss-fuzz.sh
index 6d9010ce16..5e48a7e0c6 100755
--- a/tools/oss-fuzz.sh
+++ b/tools/oss-fuzz.sh
@@ -48,7 +48,6 @@ zip -jqr $OUT/fuzz-dns-packet_seed_corpus.zip $df/packet
 
 install -Dt $OUT/src/shared/ $build/src/shared/libsystemd-shared-*.so
 
-wget -O $OUT/fuzz-json_seed_corpus.zip https://storage.googleapis.com/skia-fuzzer/oss-fuzz/skjson_seed_corpus.zip
 wget -O $OUT/fuzz-json.dict https://raw.githubusercontent.com/rc0r/afl-fuzz/master/dictionaries/json.dict
 
 find $build -maxdepth 1 -type f -executable -name "fuzz-*" -exec mv {} $OUT \;
diff --git a/travis-ci/managers/fuzzit.sh b/travis-ci/managers/fuzzit.sh
index 0c168fde85..45fd784a39 100755
--- a/travis-ci/managers/fuzzit.sh
+++ b/travis-ci/managers/fuzzit.sh
@@ -36,7 +36,7 @@ fi
 
 # Because we want Fuzzit to run on every pull-request and Travis/Azure doesnt support encrypted keys
 # on pull-request we use a write-only key which is ok for now. maybe there will be a better solution in the future
-FUZZIT_API_KEY=af6992074353998676713818cc6435ef4a750439932dab58b51e9354d6742c54d740a3cd9fc1fc001db82f51734a24bc
+export FUZZIT_API_KEY=af6992074353998676713818cc6435ef4a750439932dab58b51e9354d6742c54d740a3cd9fc1fc001db82f51734a24bc
 FUZZIT_ADDITIONAL_FILES="./out/src/shared/libsystemd-shared-*.so"
 
 # ASan options are borrowed almost verbatim from OSS-Fuzz
@@ -46,8 +46,6 @@ FUZZIT_ARGS="--type ${FUZZING_TYPE} --branch ${FUZZIT_BRANCH} --revision ${TRAVI
 wget -O fuzzit https://github.com/fuzzitdev/fuzzit/releases/latest/download/fuzzit_Linux_x86_64
 chmod +x fuzzit
 
-./fuzzit auth ${FUZZIT_API_KEY}
-
 find out/ -maxdepth 1 -name 'fuzz-*' -executable -type f -exec basename '{}' \; | xargs --verbose -n1 -I%FUZZER% ./fuzzit create job ${FUZZIT_ARGS} %FUZZER%-asan-ubsan out/%FUZZER% ${FUZZIT_ADDITIONAL_FILES}
 
 export SANITIZER="memory -fsanitize-memory-track-origins"