16 files changed, 172 insertions, 189 deletions
diff --git a/plugins/check_dbi.c b/plugins/check_dbi.c
index 826eb8d..ced13d0 100644
--- a/plugins/check_dbi.c
+++ b/plugins/check_dbi.c
@@ -35,6 +35,7 @@ const char *email = "devel@monitoring-plugins.org";
 #include "common.h"
 #include "utils.h"
+#include "utils_cmd.h"
 #include "netutils.h"
diff --git a/plugins/check_dns.c b/plugins/check_dns.c
index f206163..d4d0b88 100644
--- a/plugins/check_dns.c
+++ b/plugins/check_dns.c
@@ -56,6 +56,7 @@ char **expected_address = NULL;
 int expected_address_cnt = 0;
 int expect_authority = FALSE;
+int all_match = FALSE;
 thresholds *time_thresholds = NULL;
 static int
@@ -168,8 +169,8 @@ main (int argc, char **argv)
      temp_buffer++;
      /* Strip leading spaces */
-      for (; *temp_buffer != '\0' && *temp_buffer == ' '; temp_buffer++)
+      while (*temp_buffer == ' ')
-        /* NOOP */;
+        temp_buffer++;
      strip(temp_buffer);
      if (temp_buffer==NULL || strlen(temp_buffer)==0) {
@@ -228,16 +229,27 @@ main (int argc, char **argv)
  if (result == STATE_OK && expected_address_cnt > 0) {
    result = STATE_CRITICAL;
    temp_buffer = "";
+    unsigned long expect_match = (1 << expected_address_cnt) - 1;
+    unsigned long addr_match = (1 << n_addresses) - 1;
    for (i=0; i<expected_address_cnt; i++) {
+      int j;
      /* check if we get a match on 'raw' ip or cidr */
-      if ( strcmp(address, expected_address[i]) == 0
+      for (j=0; j<n_addresses; j++) {
-           || ip_match_cidr(address, expected_address[i]) )
+        if ( strcmp(addresses[j], expected_address[i]) == 0
-        result = STATE_OK;
+             || ip_match_cidr(addresses[j], expected_address[i]) ) {
+          result = STATE_OK;
+          addr_match &= ~(1 << j);
+          expect_match &= ~(1 << i);
+        }
+      }
      /* prepare an error string */
      xasprintf(&temp_buffer, "%s%s; ", temp_buffer, expected_address[i]);
    }
+    /* check if expected_address must cover all in addresses and none may be missing */
+    if (all_match && (expect_match != 0 || addr_match != 0))
+      result = STATE_CRITICAL;
    if (result == STATE_CRITICAL) {
      /* Strip off last semicolon... */
      temp_buffer[strlen(temp_buffer)-2] = '\0';
@@ -401,6 +413,7 @@ process_arguments (int argc, char **argv)
    {"reverse-server", required_argument, 0, 'r'},
    {"expected-address", required_argument, 0, 'a'},
    {"expect-authority", no_argument, 0, 'A'},
+    {"all", no_argument, 0, 'L'},
    {"warning", required_argument, 0, 'w'},
    {"critical", required_argument, 0, 'c'},
    {0, 0, 0, 0}
@@ -414,7 +427,7 @@ process_arguments (int argc, char **argv)
      strcpy (argv[c], "-t");
  while (1) {
-    c = getopt_long (argc, argv, "hVvAt:H:s:r:a:w:c:", long_opts, &opt_index);
+    c = getopt_long (argc, argv, "hVvALt:H:s:r:a:w:c:", long_opts, &opt_index);
    if (c == -1 || c == EOF)
      break;
@@ -462,6 +475,9 @@ process_arguments (int argc, char **argv)
    case 'A': /* expect authority */
      expect_authority = TRUE;
      break;
+    case 'L': /* all must match */
+      all_match = TRUE;
+      break;
    case 'w':
      warning = optarg;
      break;
@@ -530,14 +546,16 @@ print_help (void)
  printf (" -a, --expected-address=IP-ADDRESS|CIDR|HOST\n");
  printf ("    %s\n", _("Optional IP-ADDRESS/CIDR you expect the DNS server to return. HOST must end"));
  printf ("    %s\n", _("with a dot (.). This option can be repeated multiple times (Returns OK if any"));
-  printf ("    %s\n", _("value match). If multiple addresses are returned at once, you have to match"));
+  printf ("    %s\n", _("value matches)."));
-  printf ("    %s\n", _("the whole string of addresses separated with commas (sorted alphabetically)."));
  printf (" -A, --expect-authority\n");
  printf ("    %s\n", _("Optionally expect the DNS server to be authoritative for the lookup"));
  printf (" -w, --warning=seconds\n");
  printf ("    %s\n", _("Return warning if elapsed time exceeds value. Default off"));
  printf (" -c, --critical=seconds\n");
  printf ("    %s\n", _("Return critical if elapsed time exceeds value. Default off"));
+  printf (" -L, --all\n");
+  printf ("    %s\n", _("Return critical if the list of expected addresses does not match all addresses"));
+  printf ("    %s\n", _("returned. Default off"));
  printf (UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT);
@@ -549,5 +567,5 @@ void
 print_usage (void)
 {
  printf ("%s\n", _("Usage:"));
-  printf ("%s -H host [-s server] [-a expected-address] [-A] [-t timeout] [-w warn] [-c crit]\n", progname);
+  printf ("%s -H host [-s server] [-a expected-address] [-A] [-t timeout] [-w warn] [-c crit] [-L]\n", progname);
 }
diff --git a/plugins/check_hpjd.c b/plugins/check_hpjd.c
index f159f5a..6546556 100644
--- a/plugins/check_hpjd.c
+++ b/plugins/check_hpjd.c
@@ -67,6 +67,7 @@ void print_usage (void);
 char *community = NULL;
 char *address = NULL;
 char *port = NULL;
+int  check_paper_out = 1;
 int
 main (int argc, char **argv)
@@ -240,7 +241,8 @@ main (int argc, char **argv)
                        strcpy (errmsg, _("Paper Jam"));
                }
                else if (paper_out) {
-                        result = STATE_WARNING;
+                        if (check_paper_out)
+                                result = STATE_WARNING;
                        strcpy (errmsg, _("Out of Paper"));
                }
                else if (line_status == OFFLINE) {
@@ -325,7 +327,7 @@ process_arguments (int argc, char **argv)
        while (1) {
-                c = getopt_long (argc, argv, "+hVH:C:p:", longopts, &option);
+                c = getopt_long (argc, argv, "+hVH:C:p:D", longopts, &option);
                if (c == -1 || c == EOF || c == 1)
                        break;
@@ -347,6 +349,8 @@ process_arguments (int argc, char **argv)
                                usage2 (_("Port must be a positive short integer"), optarg);
                        else
                                port = atoi(optarg);
+                case 'D':                                                                       /* disable paper out check*/
+                        check_paper_out = 0;
                        break;
                case 'V':                                                                       /* version */
                        print_revision (progname, NP_VERSION);
@@ -420,6 +424,8 @@ print_help (void)
        printf ("    %s", _("Specify the port to check "));
        printf (_("(default=%s)"), DEFAULT_PORT);
        printf ("\n");
+        printf (" %s\n", "-D");
+        printf ("    %s", _("Disable paper check "));
        printf (UT_SUPPORT);
 }
@@ -430,5 +436,5 @@ void
 print_usage (void)
 {
  printf ("%s\n", _("Usage:"));
-        printf ("%s -H host [-C community] [-p port]\n", progname);
+        printf ("%s -H host [-C community] [-p port] [-D]\n", progname);
 }
diff --git a/plugins/check_http.c b/plugins/check_http.c
index 856e1e9..de59a06 100644
--- a/plugins/check_http.c
+++ b/plugins/check_http.c
@@ -1155,6 +1155,8 @@ check_http (void)
      xasprintf (&msg,
                _("Invalid HTTP response received from host on port %d: %s\n"),
                server_port, status_line);
+    if (show_body)
+        xasprintf (&msg, _("%s\n%s"), msg, page);
    die (STATE_CRITICAL, "HTTP CRITICAL - %s", msg);
  }
diff --git a/plugins/check_pgsql.c b/plugins/check_pgsql.c
index 5cd4709..11ce691 100644
--- a/plugins/check_pgsql.c
+++ b/plugins/check_pgsql.c
@@ -34,6 +34,7 @@ const char *email = "devel@monitoring-plugins.org";
 #include "common.h"
 #include "utils.h"
+#include "utils_cmd.h"
 #include "netutils.h"
 #include <libpq-fe.h>
diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c
index 0fcf4c6..d37c57c 100644
--- a/plugins/check_smtp.c
+++ b/plugins/check_smtp.c
@@ -293,6 +293,7 @@ main (int argc, char **argv)
                    printf("%s", buffer);
                }
+                n = 0;
                while (n < ncommands) {
                        xasprintf (&cmd_str, "%s%s", commands[n], "\r\n");
                        my_send(cmd_str, strlen(cmd_str));
diff --git a/plugins/common.h b/plugins/common.h
index 6bf4fca..0f08e2f 100644
--- a/plugins/common.h
+++ b/plugins/common.h
@@ -225,4 +225,18 @@ enum {
 # define __attribute__(x) /* do nothing */
 #endif
+/* Try sysconf(_SC_OPEN_MAX) first, as it can be higher than OPEN_MAX.
+ * If that fails and the macro isn't defined, we fall back to an educated
+ * guess. There's no guarantee that our guess is adequate and the program
+ * will die with SIGSEGV if it isn't and the upper boundary is breached. */
+#define DEFAULT_MAXFD  256   /* fallback value if no max open files value is set */
+#define MAXFD_LIMIT   8192   /* upper limit of open files */
+#ifdef _SC_OPEN_MAX
+static long maxfd = 0;
+#elif defined(OPEN_MAX)
+# define maxfd OPEN_MAX
+#else   /* sysconf macro unavailable, so guess (may be wildly inaccurate) */
+# define maxfd DEFAULT_MAXFD
+#endif
 #endif /* _COMMON_H_ */
diff --git a/plugins/popen.c b/plugins/popen.c
index 592263f..116d168 100644
--- a/plugins/popen.c
+++ b/plugins/popen.c
@@ -78,7 +78,6 @@ RETSIGTYPE popen_timeout_alarm_handler (int);
 #define min(a,b)        ((a) < (b) ? (a) : (b))
 #define max(a,b)        ((a) > (b) ? (a) : (b))
-int open_max (void);                                            /* {Prog openmax} */
 static void err_sys (const char *, ...) __attribute__((noreturn,format(printf, 1, 2)));
 char *rtrim (char *, const char *);
@@ -86,7 +85,6 @@ char *pname = NULL;							/* caller can set this from argv[0] */
 /*int *childerr = NULL;*//* ptr to array allocated at run-time */
 /*extern pid_t *childpid = NULL; *//* ptr to array allocated at run-time */
-static int maxfd;                                                               /* from our open_max(), {Prog openmax} */
 #ifdef REDHAT_SPOPEN_ERROR
 static volatile int childtermd = 0;
@@ -187,13 +185,11 @@ spopen (const char *cmdstring)
        argv[i] = NULL;
        if (childpid == NULL) {                         /* first time through */
-                maxfd = open_max ();                            /* allocate zeroed out array for child pids */
                if ((childpid = calloc ((size_t)maxfd, sizeof (pid_t))) == NULL)
                        return (NULL);
        }
        if (child_stderr_array == NULL) {       /* first time through */
-                maxfd = open_max ();                            /* allocate zeroed out array for child pids */
                if ((child_stderr_array = calloc ((size_t)maxfd, sizeof (int))) == NULL)
                        return (NULL);
        }
@@ -273,15 +269,6 @@ spclose (FILE * fp)
        return (1);
 }
-#ifdef  OPEN_MAX
-static int openmax = OPEN_MAX;
-#else
-static int openmax = 0;
-#endif
-#define OPEN_MAX_GUESS  256                     /* if OPEN_MAX is indeterminate */
-                                /* no guarantee this is adequate */
 #ifdef REDHAT_SPOPEN_ERROR
 RETSIGTYPE
 popen_sigchld_handler (int signo)
@@ -311,22 +298,6 @@ popen_timeout_alarm_handler (int signo)
 }
-int
-open_max (void)
-{
-        if (openmax == 0) {                                             /* first time through */
-                errno = 0;
-                if ((openmax = sysconf (_SC_OPEN_MAX)) < 0) {
-                        if (errno == 0)
-                                openmax = OPEN_MAX_GUESS;       /* it's indeterminate */
-                        else
-                                err_sys (_("sysconf error for _SC_OPEN_MAX"));
-                }
-        }
-        return (openmax);
-}
 /* Fatal error related to a system call.
 * Print a message and die. */
diff --git a/plugins/runcmd.c b/plugins/runcmd.c
index 1a7c904..c382867 100644
--- a/plugins/runcmd.c
+++ b/plugins/runcmd.c
@@ -67,19 +67,6 @@
 * occur in any number of threads simultaneously. */
 static pid_t *np_pids = NULL;
-/* Try sysconf(_SC_OPEN_MAX) first, as it can be higher than OPEN_MAX.
- * If that fails and the macro isn't defined, we fall back to an educated
- * guess. There's no guarantee that our guess is adequate and the program
- * will die with SIGSEGV if it isn't and the upper boundary is breached. */
-#ifdef _SC_OPEN_MAX
-static long maxfd = 0;
-#elif defined(OPEN_MAX)
-# define maxfd OPEN_MAX
-#else /* sysconf macro unavailable, so guess (may be wildly inaccurate) */
-# define maxfd 256
-#endif
 /** prototypes **/
 static int np_runcmd_open(const char *, int *, int *)
        __attribute__((__nonnull__(1, 2, 3)));
diff --git a/plugins/t/NPTest.cache.travis b/plugins/t/NPTest.cache.travis
index 6ee4505..9b9f805 100644
--- a/plugins/t/NPTest.cache.travis
+++ b/plugins/t/NPTest.cache.travis
@@ -50,5 +50,5 @@
  'NP_SNMP_USER' => '',
  'NP_SSH_CONFIGFILE' => '~/.ssh/config',
  'NP_SSH_HOST' => 'localhost',
-  'NP_SSH_IDENTITY' => '~/.ssh/id_dsa'
+  'NP_SSH_IDENTITY' => '~/.ssh/id_rsa'
 }
diff --git a/plugins/tests/certs/server-cert.pem b/plugins/tests/certs/server-cert.pem
index 549e4f7..b84b91d 100644
--- a/plugins/tests/certs/server-cert.pem
+++ b/plugins/tests/certs/server-cert.pem
@@ -1,21 +1,24 @@
 -----BEGIN CERTIFICATE-----
-MIIDYzCCAsygAwIBAgIJAL8LkpNwzYdxMA0GCSqGSIb3DQEBBAUAMH8xCzAJBgNV
+MIIEBjCCAu6gAwIBAgIJANbQ5QQrKhUGMA0GCSqGSIb3DQEBCwUAMIGXMQswCQYD
-BAYTAlVLMRMwEQYDVQQIEwpEZXJieXNoaXJlMQ8wDQYDVQQHEwZCZWxwZXIxFzAV
+VQQGEwJERTEQMA4GA1UECAwHQmF2YXJpYTEPMA0GA1UEBwwGTXVuaWNoMRswGQYD
-BgNVBAoTDk5hZ2lvcyBQbHVnaW5zMREwDwYDVQQDEwhUb24gVm9vbjEeMBwGCSqG
+VQQKDBJNb25pdG9yaW5nIFBsdWdpbnMxGzAZBgNVBAMMEk1vbml0b3JpbmcgUGx1
-SIb3DQEJARYPdG9udm9vbkBtYWMuY29tMB4XDTA5MDMwNTIxNDEyOFoXDTE5MDMw
+Z2luczErMCkGCSqGSIb3DQEJARYcZGV2ZWxAbW9uaXRvcmluZy1wbHVnaW5zLm9y
-MzIxNDEyOFowfzELMAkGA1UEBhMCVUsxEzARBgNVBAgTCkRlcmJ5c2hpcmUxDzAN
+ZzAeFw0xOTAyMTkxNTMxNDRaFw0yOTAyMTYxNTMxNDRaMIGXMQswCQYDVQQGEwJE
-BgNVBAcTBkJlbHBlcjEXMBUGA1UEChMOTmFnaW9zIFBsdWdpbnMxETAPBgNVBAMT
+RTEQMA4GA1UECAwHQmF2YXJpYTEPMA0GA1UEBwwGTXVuaWNoMRswGQYDVQQKDBJN
-CFRvbiBWb29uMR4wHAYJKoZIhvcNAQkBFg90b252b29uQG1hYy5jb20wgZ8wDQYJ
+b25pdG9yaW5nIFBsdWdpbnMxGzAZBgNVBAMMEk1vbml0b3JpbmcgUGx1Z2luczEr
-KoZIhvcNAQEBBQADgY0AMIGJAoGBAKcWMBtNtfY8vZXk0SN6/EYTVN/LOvaOSegy
+MCkGCSqGSIb3DQEJARYcZGV2ZWxAbW9uaXRvcmluZy1wbHVnaW5zLm9yZzCCASIw
-oVdLoGwuwjagk+XmCzvCqHZRp8lnCLay7AO8AQI7TSN02ihCcSrgGA9OT+HciIJ1
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKgV2yp8pQvJuN+aJGdAe6Hd0tja
-l5/kEYUAuA1PR6YKK/T713zUAlMzy2tsugx5+xSsSEwsXkmne52jJiG/wuE5CLT0
+uteCPcNIcM92WLOF69TLTSYon1XDon4tHTh4Z5d4lD8bfsGzFVBmDSgWidhAUf+v
-9pF8HQqHAgMBAAGjgeYwgeMwHQYDVR0OBBYEFGioSPQ/rdE19+zaeY2YvHTXlUDI
+EqEXwbp293ej/Frc0pXCvmrz6kI1tWrLtQhL/VdbxFYxhV7JjKb+PY3SxGFpSLPe
-MIGzBgNVHSMEgaswgaiAFGioSPQ/rdE19+zaeY2YvHTXlUDIoYGEpIGBMH8xCzAJ
+PQ/5SwVndv7rZIwcjseL22K5Uy2TIrkgzzm2pRs/IvoxRybYr/+LGoHyrtJC6AO8
-BgNVBAYTAlVLMRMwEQYDVQQIEwpEZXJieXNoaXJlMQ8wDQYDVQQHEwZCZWxwZXIx
+ylp8A/etL0gwtUvRnrnZeTQ2pA1uZ5QN3anTL8JP/ZRZYNegIkaawqMtTKbhM6pi
-FzAVBgNVBAoTDk5hZ2lvcyBQbHVnaW5zMREwDwYDVQQDEwhUb24gVm9vbjEeMBwG
+u3/4a3Uppvt0y7vmGfQlYejxCpICnMrvHMpw8L58zv/98AbCGjDU3UwCt6MCAwEA
-CSqGSIb3DQEJARYPdG9udm9vbkBtYWMuY29tggkAvwuSk3DNh3EwDAYDVR0TBAUw
+AaNTMFEwHQYDVR0OBBYEFG/UH6nGYPlVcM75UXzXBF5GZyrcMB8GA1UdIwQYMBaA
-AwEB/zANBgkqhkiG9w0BAQQFAAOBgQCdqasaIO6JiV5ONFG6Tr1++85UfEdZKMUX
+FG/UH6nGYPlVcM75UXzXBF5GZyrcMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcN
-N2NHiNNUunolIZEYR+dW99ezKmHlDiQ/tMgoLVYpl2Ubho2pAkLGQR+W0ZASgWQ1
+AQELBQADggEBAGwitJPOnlIKLndNf+iCLMIs0dxsl8kAaejFcjoT0n4ja7Y6Zrqz
-NjfV27Rv0y6lYQMTA0lVAU93L1x9reo3FMedmL5+H+lIEpLCxEPtAJNISrJOneZB
+VSIidzz9vQWvy24xKJpAOdj/iLRHCUOG+Pf5fA6+/FiuqXr6gE2/lm0eC58BNONr
-W5jDadwkoQ==
+E5OzjQ/VoQ8RX4hDntgu6FYbaVa/vhwn16igt9qmdNGGZXf2/+DM3JADwyaA4EK8
+vm7KdofX9zkxXecHPNvf3jiVLPiDDt6tkGpHPEsyP/yc+RUdltUeZvHfliV0cCuC
+jJX+Fm9ysjSpHIFFr+jUMuMHibWoOD8iy3eYxfCDoWsH488pCbj8MNuAq6vd6DBk
+bOZxDz43vjWuYMkwXJTxJQh7Pne6kK0vE1g=
 -----END CERTIFICATE-----
diff --git a/plugins/tests/certs/server-key.pem b/plugins/tests/certs/server-key.pem
index eacaeaa..1194755 100644
--- a/plugins/tests/certs/server-key.pem
+++ b/plugins/tests/certs/server-key.pem
@@ -1,15 +1,28 @@
-----BEGIN RSA PRIVATE KEY-----
+-----BEGIN PRIVATE KEY-----
-MIICWwIBAAKBgQCnFjAbTbX2PL2V5NEjevxGE1Tfyzr2jknoMqFXS6BsLsI2oJPl
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCoFdsqfKULybjf
-5gs7wqh2UafJZwi2suwDvAECO00jdNooQnEq4BgPTk/h3IiCdZef5BGFALgNT0em
+miRnQHuh3dLY2rrXgj3DSHDPdlizhevUy00mKJ9Vw6J+LR04eGeXeJQ/G37BsxVQ
-Civ0+9d81AJTM8trbLoMefsUrEhMLF5Jp3udoyYhv8LhOQi09PaRfB0KhwIDAQAB
+Zg0oFonYQFH/rxKhF8G6dvd3o/xa3NKVwr5q8+pCNbVqy7UIS/1XW8RWMYVeyYym
-AoGAfpxclcP8N3vteXErXURrd7pcXT0GECDgNjhvc9PV20RPXM+vYs1AA+fMeeQE
+/j2N0sRhaUiz3j0P+UsFZ3b+62SMHI7Hi9tiuVMtkyK5IM85tqUbPyL6MUcm2K//
-TaRqwO6x016aMRO4rz5ztYArecTBznkds1k59pkN/Ne/nsueU4tvGK8MNyS2o986
+ixqB8q7SQugDvMpafAP3rS9IMLVL0Z652Xk0NqQNbmeUDd2p0y/CT/2UWWDXoCJG
-Voohqkaq4Lcy1bcHJb9su1ELjegEr1R76Mz452Hsy+uTbAECQQDcg/tZWKVeh5CQ
+msKjLUym4TOqYrt/+Gt1Kab7dMu75hn0JWHo8QqSApzK7xzKcPC+fM7//fAGwhow
-dOEB3YWHwfn0NDgfPm/X2i2kAZ7n7URaUy/ffdlfsrr1mBtHCfedLoOxmmlNfEpM
+1N1MArejAgMBAAECggEANuvdTwanTzC8jaNqHaq+OuemS2E9B8nwsGxtH/zFgvNR
-hXAAurSHAkEAwfk7fEb0iN0Sj9gTozO7c6Ky10KwePZyjVzqSQIiJq3NX8BEaIeb
+WZiMPtmrJnTkFWJcV+VPw/iMSAqN4nDHmBugVOb4Z4asxGTKK4T9shXJSnh0rqPU
-51TXxE5VxaLjjMLRkA0hWTYXClgERFZ6AQJAN7ChPqwzf08PRFwwIw911JY5cOHr
+00ZsvbmxY6z0+E5TesCJqQ+9GYTY1V357V7JchvaOxIRxWPqg9urHbru8OCtW/I5
-NoDHMCUql5vNLNdwBruxgGjBB/kUXEfgw60RusFvgt/zLh1wiii844JDawJAGQBF
+Fh5HPUZlgCvlMpjlhyjydIf/oXyVA3RNsXlwe8+2cKuGIrjEzm2j9o3VF0sctTX0
-sYP3urg7zzx7c3qUe5gJ0wLuefjR1PSX4ecbfb7DDMdcSdjIuG1QDiZGmd2f1KG7
+ItP8A9qDmDQN7GIWX0MW6gncojpS1omC2wcFsdjj/xfPyiDal1X4aq/2YqG8351c
-nwSCOtxk5dloW2KGAQJAQh/iBn0QhfKLFAP5eZBVk8E8XlZuw+S2DLy5SnBlIiYJ
+YlM/+6Va0u9WWE/i64gASTAVqpMV4Yg8y0gGycuA0QKBgQDbgI2QeLd3FvMcURiU
-GB5I2OClgtudXMv1labFrcST8O9eFrtsrhU1iUGUOw==
+l3w9qJgw/Jp3jaNC/9LkVGGz4f4lKKB67lPZvI4noMK8GqO/LcXgqP/RY1oJojoA
-----END RSA PRIVATE KEY-----
+/6JKVvzYGASZ7VgMoG9bk1AneP1PGdibuTUEwimGlcObxnDFIC/yjwPFu3jIdqdS
+zZi1RZzyqAogN5y3SBEypSmn9wKBgQDECKsqqlcizmCl8v5aVk875AzGN+DOHZqx
+bkmztlnLO/2e2Fmk3G5Vvnui0FYisf8Eq19tUTQCF6lSfJlGQeFAT119wkFZhLu+
+FfLGqoEMH0ijJg/8PpdpFRK3I94YcISoTNN6yxMvE6xdDGfKCt5a+IX5bwQi9Zdc
+B242gEc6tQKBgA6tM8n7KFlAIZU9HuWgk2AUC8kKutFPmSD7tgAqXDYI4FNfugs+
+MEEYyHCB4UNujJBV4Ss6YZCAkh6eyD4U2aca1eElCfm40vBVMdzvpqZdAqLtWXxg
+D9l3mgszrFaYGCY2Fr6jLV9lP5g3xsxUjudf9jSLY9HvpfzjRrMaNATVAoGBALTl
+/vYfPMucwKlC5B7++J0e4/7iv6vUu9SyHocdZh1anb9AjPDKjXLIlZT4RhQ8R0XK
+0wOw5JpttU2uN08TKkbLNk3/vYhbKVjPLjrQSseh8sjDLgsqw1QwIxYnniLVakVY
+p+rvjSNrNyqicQCMKQavwgocvSd5lJRTMwxOMezlAoGBAKWj71BX+0CK00/2S6lC
+TcNcuUPG0d8y1czZ4q6tUlG4htwq1FMOpaghATXjkdsOGTLS+H1aA0Kt7Ai9zDhc
+/bzOJEJ+jvBXV4Gcs7jl1r/HTKv0tT9ZSI5Vzkida0rfqxDGzcMVlLuCdH0cb8Iu
+N0wdmCAqlQwHR13+F1zrAD7V
+-----END PRIVATE KEY-----
diff --git a/plugins/tests/check_http.t b/plugins/tests/check_http.t
index d6d31de..006f133 100755
--- a/plugins/tests/check_http.t
+++ b/plugins/tests/check_http.t
@@ -4,13 +4,13 @@
 #
 # To create the https server certificate:
 # openssl req -new -x509 -keyout server-key.pem -out server-cert.pem -days 3650 -nodes
-# Country Name (2 letter code) [AU]:UK
+# Country Name (2 letter code) [AU]:DE
-# State or Province Name (full name) [Some-State]:Derbyshire
+# State or Province Name (full name) [Some-State]:Bavaria
-# Locality Name (eg, city) []:Belper
+# Locality Name (eg, city) []:Munich
 # Organization Name (eg, company) [Internet Widgits Pty Ltd]:Monitoring Plugins
 # Organizational Unit Name (eg, section) []:
-# Common Name (eg, YOUR name) []:Ton Voon
+# Common Name (e.g. server FQDN or YOUR name) []:Monitoring Plugins
-# Email Address []:tonvoon@mac.com
+# Email Address []:devel@monitoring-plugins.org
 use strict;
 use Test::More;
@@ -194,16 +194,16 @@ SKIP: {
        $result = NPTest->testCmd( "$command -p $port_https -S -C 14" );
        is( $result->return_code, 0, "$command -p $port_https -S -C 14" );
-        is( $result->output, 'OK - Certificate \'Ton Voon\' will expire on Sun Mar  3 21:41:28 2019 +0000.', "output ok" );
+        is( $result->output, "OK - Certificate 'Monitoring Plugins' will expire on Fri Feb 16 15:31:44 2029 +0000.", "output ok" );
        $result = NPTest->testCmd( "$command -p $port_https -S -C 14000" );
        is( $result->return_code, 1, "$command -p $port_https -S -C 14000" );
-        like( $result->output, '/WARNING - Certificate \'Ton Voon\' expires in \d+ day\(s\) \(Sun Mar  3 21:41:28 2019 \+0000\)./', "output ok" );
+        like( $result->output, '/WARNING - Certificate \'Monitoring Plugins\' expires in \d+ day\(s\) \(Fri Feb 16 15:31:44 2029 \+0000\)./', "output ok" );
        # Expired cert tests
        $result = NPTest->testCmd( "$command -p $port_https -S -C 13960,14000" );
        is( $result->return_code, 2, "$command -p $port_https -S -C 13960,14000" );
-        like( $result->output, '/CRITICAL - Certificate \'Ton Voon\' expires in \d+ day\(s\) \(Sun Mar  3 21:41:28 2019 \+0000\)./', "output ok" );
+        like( $result->output, '/CRITICAL - Certificate \'Monitoring Plugins\' expires in \d+ day\(s\) \(Fri Feb 16 15:31:44 2029 \+0000\)./', "output ok" );
        $result = NPTest->testCmd( "$command -p $port_https_expired -S -C 7" );
        is( $result->return_code, 2, "$command -p $port_https_expired -S -C 7" );
diff --git a/plugins/tests/check_snmp.t b/plugins/tests/check_snmp.t
index 73a68b2..85d6bf5 100755
--- a/plugins/tests/check_snmp.t
+++ b/plugins/tests/check_snmp.t
@@ -7,6 +7,7 @@ use strict;
 use Test::More;
 use NPTest;
 use FindBin qw($Bin);
+use POSIX qw/strftime/;
 my $tests = 67;
 # Check that all dependent modules are available
@@ -37,6 +38,7 @@ if ($@) {
 my $port_snmp = 16100 + int(rand(100));
+my $faketime = -x '/usr/bin/faketime' ? 1 : 0;
 # Start up server
 my @pids;
@@ -118,77 +120,81 @@ like($res->output, '/'.quotemeta('SNMP OK - And now have fun with with this: \"C
 "And now have fun with with this: \"C:\\\\\"
 because we\'re not done yet!"').'/m', "Attempt to confuse parser No.3");
-system("rm -f ".$ENV{'MP_STATE_PATH'}."/check_snmp/*");
+system("rm -f ".$ENV{'MP_STATE_PATH'}."/*/check_snmp/*");
-$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 --rate -w 600" );
-is($res->return_code, 0, "Returns OK");
-is($res->output, "No previous data to calculate rate - assume okay");
-# Need to sleep, otherwise duration=0
+# run rate checks with faketime. rate checks depend on the exact amount of time spend between the
-sleep 1;
+# plugin runs which may fail on busy machines.
+# using faketime removes this race condition and also saves all the sleeps in between.
+SKIP: {
+    skip "No faketime binary found", 28 if !$faketime;
-$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 --rate -w 600" );
+    my $ts = time();
-is($res->return_code, 1, "WARNING - due to going above rate calculation" );
+    $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts))."' ./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 --rate -w 600" );
-is($res->output, "SNMP RATE WARNING - *666* | iso.3.6.1.4.1.8072.3.2.67.10=666;600 ");
+    is($res->return_code, 0, "Returns OK");
+    is($res->output, "No previous data to calculate rate - assume okay");
-$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 --rate -w 600" );
+    # test rate 1 second later
-is($res->return_code, 3, "UNKNOWN - basically the divide by zero error" );
+    $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts+1))."' ./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 --rate -w 600" );
-is($res->output, "Time duration between plugin calls is invalid");
+    is($res->return_code, 1, "WARNING - due to going above rate calculation" );
+    is($res->output, "SNMP RATE WARNING - *666* | iso.3.6.1.4.1.8072.3.2.67.10=666;600 ");
+    # test rate with same time
+    $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts+1))."' ./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 --rate -w 600" );
+    is($res->return_code, 3, "UNKNOWN - basically the divide by zero error" );
+    is($res->output, "Time duration between plugin calls is invalid");
-$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 --rate -l inoctets" );
-is($res->return_code, 0, "OK for first call" );
-is($res->output, "No previous data to calculate rate - assume okay" );
-# Need to sleep, otherwise duration=0
+    $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts))."' ./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 --rate -l inoctets" );
-sleep 1;
+    is($res->return_code, 0, "OK for first call" );
+    is($res->output, "No previous data to calculate rate - assume okay" );
-$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 --rate -l inoctets" );
+    # test rate 1 second later
-is($res->return_code, 0, "OK as no thresholds" );
+    $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts+1))."' ./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 --rate -l inoctets" );
-is($res->output, "SNMP RATE OK - inoctets 666 | inoctets=666 ", "Check label");
+    is($res->return_code, 0, "OK as no thresholds" );
+    is($res->output, "SNMP RATE OK - inoctets 666 | inoctets=666 ", "Check label");
-sleep 2;
+    # test rate 3 seconds later
+    $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts+3))."' ./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 --rate -l inoctets" );
+    is($res->return_code, 0, "OK as no thresholds" );
+    is($res->output, "SNMP RATE OK - inoctets 333 | inoctets=333 ", "Check rate decreases due to longer interval");
-$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 --rate -l inoctets" );
-is($res->return_code, 0, "OK as no thresholds" );
-is($res->output, "SNMP RATE OK - inoctets 333 | inoctets=333 ", "Check rate decreases due to longer interval");
+    # label performance data check
+    $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 -l test" );
+    is($res->return_code, 0, "OK as no thresholds" );
+    is($res->output, "SNMP OK - test 67996 | test=67996c ", "Check label");
-# label performance data check
+    $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 -l \"test'test\"" );
-$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 -l test" );
+    is($res->return_code, 0, "OK as no thresholds" );
-is($res->return_code, 0, "OK as no thresholds" );
+    is($res->output, "SNMP OK - test'test 68662 | \"test'test\"=68662c ", "Check label");
-is($res->output, "SNMP OK - test 67996 | test=67996c ", "Check label");
-$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 -l \"test'test\"" );
+    $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 -l 'test\"test'" );
-is($res->return_code, 0, "OK as no thresholds" );
+    is($res->return_code, 0, "OK as no thresholds" );
-is($res->output, "SNMP OK - test'test 68662 | \"test'test\"=68662c ", "Check label");
+    is($res->output, "SNMP OK - test\"test 69328 | 'test\"test'=69328c ", "Check label");
-$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 -l 'test\"test'" );
+    $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 -l test -O" );
-is($res->return_code, 0, "OK as no thresholds" );
+    is($res->return_code, 0, "OK as no thresholds" );
-is($res->output, "SNMP OK - test\"test 69328 | 'test\"test'=69328c ", "Check label");
+    is($res->output, "SNMP OK - test 69994 | iso.3.6.1.4.1.8072.3.2.67.10=69994c ", "Check label");
-$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 -l test -O" );
+    $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10" );
-is($res->return_code, 0, "OK as no thresholds" );
+    is($res->return_code, 0, "OK as no thresholds" );
-is($res->output, "SNMP OK - test 69994 | iso.3.6.1.4.1.8072.3.2.67.10=69994c ", "Check label");
+    is($res->output, "SNMP OK - 70660 | iso.3.6.1.4.1.8072.3.2.67.10=70660c ", "Check label");
-$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10" );
+    $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 -l 'test test'" );
-is($res->return_code, 0, "OK as no thresholds" );
+    is($res->return_code, 0, "OK as no thresholds" );
-is($res->output, "SNMP OK - 70660 | iso.3.6.1.4.1.8072.3.2.67.10=70660c ", "Check label");
+    is($res->output, "SNMP OK - test test 71326 | 'test test'=71326c ", "Check label");
-$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 -l 'test test'" );
-is($res->return_code, 0, "OK as no thresholds" );
-is($res->output, "SNMP OK - test test 71326 | 'test test'=71326c ", "Check label");
+    $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts))."' ./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 --rate -l inoctets_per_minute --rate-multiplier=60" );
+    is($res->return_code, 0, "OK for first call" );
+    is($res->output, "No previous data to calculate rate - assume okay" );
-$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 --rate -l inoctets_per_minute --rate-multiplier=60" );
+    # test 1 second later
-is($res->return_code, 0, "OK for first call" );
+    $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts+1))."' ./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 --rate -l inoctets_per_minute --rate-multiplier=60" );
-is($res->output, "No previous data to calculate rate - assume okay" );
+    is($res->return_code, 0, "OK as no thresholds" );
+    is($res->output, "SNMP RATE OK - inoctets_per_minute 39960 | inoctets_per_minute=39960 ", "Checking multiplier");
-# Need to sleep, otherwise duration=0
+};
-sleep 1;
-$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 --rate -l inoctets_per_minute --rate-multiplier=60" );
-is($res->return_code, 0, "OK as no thresholds" );
-is($res->output, "SNMP RATE OK - inoctets_per_minute 39960 | inoctets_per_minute=39960 ", "Checking multiplier");
 $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.11 -s '\"stringtests\"'" );
diff --git a/plugins/utils.c b/plugins/utils.c
index 231af92..ee62013 100644
--- a/plugins/utils.c
+++ b/plugins/utils.c
@@ -36,9 +36,6 @@ extern const char *progname;
 #define STRLEN 64
 #define TXTBLK 128
-unsigned int timeout_state = STATE_CRITICAL;
-unsigned int timeout_interval = DEFAULT_SOCKET_TIMEOUT;
 time_t start_time, end_time;
 /* **************************************************************************
@@ -148,33 +145,6 @@ print_revision (const char *command_name, const char *revision)
                 command_name, revision, PACKAGE, VERSION);
 }
-const char *
-state_text (int result)
-{
-        switch (result) {
-        case STATE_OK:
-                return "OK";
-        case STATE_WARNING:
-                return "WARNING";
-        case STATE_CRITICAL:
-                return "CRITICAL";
-        case STATE_DEPENDENT:
-                return "DEPENDENT";
-        default:
-                return "UNKNOWN";
-        }
-}
-void
-timeout_alarm_handler (int signo)
-{
-        if (signo == SIGALRM) {
-                printf (_("%s - Plugin timed out after %d seconds\n"),
-                                                state_text(timeout_state), timeout_interval);
-                exit (timeout_state);
-        }
-}
 int
 is_numeric (char *number)
 {
@@ -708,4 +678,3 @@ char *sperfdata_int (const char *label,
        return data;
 }
diff --git a/plugins/utils.h b/plugins/utils.h
index a436e1c..6aa316f 100644
--- a/plugins/utils.h
+++ b/plugins/utils.h
@@ -29,13 +29,6 @@ suite of plugins. */
 void support (void);
 void print_revision (const char *, const char *);
-/* Handle timeouts */
-extern unsigned int timeout_state;
-extern unsigned int timeout_interval;
-RETSIGTYPE timeout_alarm_handler (int);
 extern time_t start_time, end_time;
 /* Test input types */
@@ -89,8 +82,6 @@ void usage4(const char *) __attribute__((noreturn));
 void usage5(void) __attribute__((noreturn));
 void usage_va(const char *fmt, ...) __attribute__((noreturn));
-const char *state_text (int);
 #define max(a,b) (((a)>(b))?(a):(b))
 #define min(a,b) (((a)<(b))?(a):(b))