monitoring-plugins/plugins/check_tcp.c, branch v3.0.0-rc3 Monitoring Plugins https://www.monitoring-plugins.org/repositories/monitoring-plugins/atom?h=v3.0.0-rc3 2026-04-08T16:26:03Z added CHECK_EOF to work around warnings about EOF and -1 being the same (#2254) 2026-04-08T16:26:03Z Lorenz Kästle 12514511+RincewindsHat@users.noreply.github.com 2026-04-08T16:26:03Z urn:sha1:1db493092ca6a68ff690251cc428037b54019a73 Co-authored-by: Andreas Baumann <mail@andreasbaumann.cc> Rename USE_OPENSSL to MOPL_USE_OPENSSL (#2253) 2026-04-08T16:06:29Z Lorenz Kästle 12514511+RincewindsHat@users.noreply.github.com 2026-04-08T16:06:29Z urn:sha1:3a6f9292f147de29b21dafa4cf9b7efce3e4cbfd net-snmp uses the same pre processor name "USE_OPENSSL" as we do. To avoid the conflict, this commit renames it on our side to "MOPL_USE_OPENSSL". "MOPL" (better "MoPl"?) stands for Monitoring Plugins. Make IPv6 unconditional (#2219) 2026-02-06T11:59:58Z Lorenz Kästle 12514511+RincewindsHat@users.noreply.github.com 2026-02-06T11:59:58Z urn:sha1:0f0865c910096c95594ac09929708e84934e46df This commits removes the detection of IPv6 availability. The IPv6 code in the plugins is used unconditionally now. OpenBSD: pledge(2) some network-facing checks (#2225) 2026-02-06T11:58:38Z Alvar post@0x21.biz 2026-02-06T11:58:38Z urn:sha1:cef40299a93233f043f5b0821a9ad2c69dd612f7 OpenBSD's pledge(2) system call allows the current process to self-restrict itself, being reduced to promised pledges. For example, unless a process says it wants to write to files, it is not allowed to do so any longer. This change starts by calling pledge(2) in some network-facing checks, removing the more dangerous privileges, such as executing other files. My initial motivation came from check_icmp, being installed as a setuid binary and (temporarily) running with root privileges. There, the pledge(2) calls result in check_icmp to only being allowed to interact with the network and to setuid(2) to the calling user later on. Afterwards, I went through my most commonly used monitoring plugins directly interacting with the network. Thus, I continued with pledge(2)-ing check_curl - having a huge codebase and all -, check_ntp_time, check_smtp, check_ssh, and check_tcp. For most of those, the changes were quite similar: start with network-friendly promises, parse the configuration, give up file access, and proceed with the actual check. Run clang-format again 2025-09-15T10:59:37Z Lorenz Kästle 12514511+RincewindsHat@users.noreply.github.com 2025-09-15T10:59:37Z urn:sha1:802e46f8ea36c344f112d7e1dd8d64d17a4cc939 check_tcp: Actually account for certificate lifetime checks 2025-03-13T13:48:20Z Lorenz Kästle 12514511+RincewindsHat@users.noreply.github.com 2025-03-13T13:48:20Z urn:sha1:0111359c72e2fc13049b5c33a7e1449cd0cdf666 check_tcp: add output if answer matches expectations 2025-03-13T11:25:29Z Lorenz Kästle 12514511+RincewindsHat@users.noreply.github.com 2025-03-13T11:25:29Z urn:sha1:c8014631de0f7927d8c75ff87225b5a24e9b9942 Fix TLS/non-TLS send/recv logic 2025-03-13T11:24:45Z Lorenz Kästle 12514511+RincewindsHat@users.noreply.github.com 2025-03-13T11:24:45Z urn:sha1:a693cc0aa3d79f85115be48bcd81c0ec371e78a0 check_tcp: patch backwards compatibility in again 2025-03-13T10:37:52Z Lorenz Kästle 12514511+RincewindsHat@users.noreply.github.com 2025-03-13T10:37:52Z urn:sha1:be4618bf6429bddbd9208a88f460c028074fe8c0 check_tcp: small cleanup 2025-03-13T10:37:20Z Lorenz Kästle 12514511+RincewindsHat@users.noreply.github.com 2025-03-13T10:37:20Z urn:sha1:4dd024388e1f8be894e50dd0eb74d5c9f86b4233