Merge branch 'master' into dev/check_ssh-patches

40 files changed, 530 insertions, 261 deletions

diff --git a/plugins/Makefile.am b/plugins/Makefile.am
index ab59eb7..49086b7 100644
--- a/plugins/Makefile.am
+++ b/plugins/Makefile.am
@@ -112,7 +112,7 @@ check_tcp_LDADD = $(SSLOBJS)
 check_time_LDADD = $(NETLIBS)
 check_ntp_time_LDADD = $(NETLIBS) $(MATHLIBS)
 check_ups_LDADD = $(NETLIBS)
-check_users_LDADD = $(BASEOBJS) $(WTSAPI32LIBS)
+check_users_LDADD = $(BASEOBJS) $(WTSAPI32LIBS) $(SYSTEMDLIBS)
 check_by_ssh_LDADD = $(NETLIBS)
 check_ide_smart_LDADD = $(BASEOBJS)
 negate_LDADD = $(BASEOBJS)
diff --git a/plugins/check_curl.c b/plugins/check_curl.c
index c51914a..d0871c4 100644
--- a/plugins/check_curl.c
+++ b/plugins/check_curl.c
@@ -244,7 +244,7 @@ void curlhelp_freewritebuffer (curlhelp_write_curlbuf*);
 int curlhelp_initreadbuffer (curlhelp_read_curlbuf *, const char *, size_t);
 int curlhelp_buffer_read_callback (void *, size_t , size_t , void *);
 void curlhelp_freereadbuffer (curlhelp_read_curlbuf *);
-curlhelp_ssl_library curlhelp_get_ssl_library (CURL*);
+curlhelp_ssl_library curlhelp_get_ssl_library ();
 const char* curlhelp_get_ssl_library_string (curlhelp_ssl_library);
 int net_noopenssl_check_certificate (cert_ptr_union*, int, int);
 
@@ -297,6 +297,7 @@ main (int argc, char **argv)
 
 int verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx)
 {
+        (void) preverify_ok;
   /* TODO: we get all certificates of the chain, so which ones
    * should we test?
    * TODO: is the last certificate always the server certificate?
@@ -321,6 +322,8 @@ int verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx)
 
 CURLcode sslctxfun(CURL *curl, SSL_CTX *sslctx, void *parm)
 {
+        (void) curl; // ignore unused parameter
+        (void) parm; // ignore unused parameter
   SSL_CTX_set_verify(sslctx, SSL_VERIFY_PEER, verify_callback);
 
   return CURLE_OK;
@@ -375,8 +378,12 @@ void
 handle_curl_option_return_code (CURLcode res, const char* option)
 {
   if (res != CURLE_OK) {
-    snprintf (msg, DEFAULT_BUFFER_SIZE, _("Error while setting cURL option '%s': cURL returned %d - %s"),
-      option, res, curl_easy_strerror(res));
+                snprintf (msg,
+                        DEFAULT_BUFFER_SIZE,
+                        _("Error while setting cURL option '%s': cURL returned %d - %s"),
+                        option,
+                        res,
+                        curl_easy_strerror(res));
     die (STATE_CRITICAL, "HTTP CRITICAL - %s\n", msg);
   }
 }
@@ -516,9 +523,13 @@ check_http (void)
   // fill dns resolve cache to make curl connect to the given server_address instead of the host_name, only required for ssl, because we use the host_name later on to make SNI happy
   if(use_ssl && host_name != NULL) {
       if ( (res=lookup_host (server_address, addrstr, DEFAULT_BUFFER_SIZE/2)) != 0) {
-        snprintf (msg, DEFAULT_BUFFER_SIZE, _("Unable to lookup IP address for '%s': getaddrinfo returned %d - %s"),
-          server_address, res, gai_strerror (res));
-        die (STATE_CRITICAL, "HTTP CRITICAL - %s\n", msg);
+                                snprintf (msg,
+                                        DEFAULT_BUFFER_SIZE,
+                                        _("Unable to lookup IP address for '%s': getaddrinfo returned %d - %s"),
+                                        server_address,
+                                        res,
+                                        gai_strerror (res));
+                                die (STATE_CRITICAL, "HTTP CRITICAL - %s\n", msg);
       }
       snprintf (dnscache, DEFAULT_BUFFER_SIZE, "%s:%d:%s", host_name, server_port, addrstr);
       host = curl_slist_append(NULL, dnscache);
@@ -618,7 +629,7 @@ check_http (void)
 
 #ifdef LIBCURL_FEATURE_SSL
 
-  /* set SSL version, warn about unsecure or unsupported versions */
+  /* set SSL version, warn about insecure or unsupported versions */
   if (use_ssl) {
     handle_curl_option_return_code (curl_easy_setopt (curl, CURLOPT_SSLVERSION, ssl_version), "CURLOPT_SSLVERSION");
   }
@@ -646,7 +657,7 @@ check_http (void)
   }
 
   /* detect SSL library used by libcurl */
-  ssl_library = curlhelp_get_ssl_library (curl);
+  ssl_library = curlhelp_get_ssl_library ();
 
   /* try hard to get a stack of certificates to verify against */
   if (check_cert) {
@@ -816,9 +827,13 @@ check_http (void)
 
   /* Curl errors, result in critical Nagios state */
   if (res != CURLE_OK) {
-    snprintf (msg, DEFAULT_BUFFER_SIZE, _("Invalid HTTP response received from host on port %d: cURL returned %d - %s"),
-      server_port, res, errbuf[0] ? errbuf : curl_easy_strerror(res));
-    die (STATE_CRITICAL, "HTTP CRITICAL - %s\n", msg);
+                snprintf (msg,
+                        DEFAULT_BUFFER_SIZE,
+                        _("Invalid HTTP response received from host on port %d: cURL returned %d - %s"),
+                        server_port,
+                        res,
+                        errbuf[0] ? errbuf : curl_easy_strerror(res));
+                die (STATE_CRITICAL, "HTTP CRITICAL - %s\n", msg);
   }
 
   /* certificate checks */
@@ -861,15 +876,19 @@ check_http (void)
           }
 GOT_FIRST_CERT:
           if (!raw_cert) {
-            snprintf (msg, DEFAULT_BUFFER_SIZE, _("Cannot retrieve certificates from CERTINFO information - certificate data was empty"));
-            die (STATE_CRITICAL, "HTTP CRITICAL - %s\n", msg);
+                                                snprintf (msg,
+                                                        DEFAULT_BUFFER_SIZE,
+                                                        _("Cannot retrieve certificates from CERTINFO information - certificate data was empty"));
+                                                die (STATE_CRITICAL, "HTTP CRITICAL - %s\n", msg);
           }
           BIO* cert_BIO = BIO_new (BIO_s_mem());
           BIO_write (cert_BIO, raw_cert, strlen(raw_cert));
           cert = PEM_read_bio_X509 (cert_BIO, NULL, NULL, NULL);
           if (!cert) {
-            snprintf (msg, DEFAULT_BUFFER_SIZE, _("Cannot read certificate from CERTINFO information - BIO error"));
-            die (STATE_CRITICAL, "HTTP CRITICAL - %s\n", msg);
+                                                snprintf (msg,
+                                                        DEFAULT_BUFFER_SIZE,
+                                                        _("Cannot read certificate from CERTINFO information - BIO error"));
+                                                die (STATE_CRITICAL, "HTTP CRITICAL - %s\n", msg);
           }
           BIO_free (cert_BIO);
           result = np_net_ssl_check_certificate(cert, days_till_exp_warn, days_till_exp_crit);
@@ -886,9 +905,12 @@ GOT_FIRST_CERT:
           }
 #endif /* USE_OPENSSL */
         } else {
-          snprintf (msg, DEFAULT_BUFFER_SIZE, _("Cannot retrieve certificates - cURL returned %d - %s"),
-            res, curl_easy_strerror(res));
-          die (STATE_CRITICAL, "HTTP CRITICAL - %s\n", msg);
+                                        snprintf (msg,
+                                                DEFAULT_BUFFER_SIZE,
+                                                _("Cannot retrieve certificates - cURL returned %d - %s"),
+                                                res,
+                                                curl_easy_strerror(res));
+                                        die (STATE_CRITICAL, "HTTP CRITICAL - %s\n", msg);
         }
       }
     }
@@ -927,8 +949,11 @@ GOT_FIRST_CERT:
 
   /* get status line of answer, check sanity of HTTP code */
   if (curlhelp_parse_statusline (header_buf.buf, &status_line) < 0) {
-    snprintf (msg, DEFAULT_BUFFER_SIZE, "Unparsable status line in %.3g seconds response time|%s\n",
-      total_time, perfstring);
+                snprintf (msg,
+                        DEFAULT_BUFFER_SIZE,
+                        "Unparsable status line in %.3g seconds response time|%s\n",
+                        total_time,
+                        perfstring);
     /* we cannot know the major/minor version here for sure as we cannot parse the first line */
     die (STATE_CRITICAL, "HTTP CRITICAL HTTP/x.x %ld unknown - %s", code, msg);
   }
@@ -948,9 +973,16 @@ GOT_FIRST_CERT:
   /* make sure the status line matches the response we are looking for */
   if (!expected_statuscode(status_line.first_line, server_expect)) {
     if (server_port == HTTP_PORT)
-      snprintf(msg, DEFAULT_BUFFER_SIZE, _("Invalid HTTP response received from host: %s\n"), status_line.first_line);
+                        snprintf(msg,
+                                DEFAULT_BUFFER_SIZE,
+                                _("Invalid HTTP response received from host: %s\n"),
+                                status_line.first_line);
     else
-      snprintf(msg, DEFAULT_BUFFER_SIZE, _("Invalid HTTP response received from host on port %d: %s\n"), server_port, status_line.first_line);
+                        snprintf(msg,
+                                        DEFAULT_BUFFER_SIZE,
+                                        _("Invalid HTTP response received from host on port %d: %s\n"),
+                                        server_port,
+                                        status_line.first_line);
     die (STATE_CRITICAL, "HTTP CRITICAL - %s%s%s", msg,
       show_body ? "\n" : "",
       show_body ? body_buf.buf : "");
@@ -986,7 +1018,7 @@ GOT_FIRST_CERT:
         }
       } else {
         /* this is a specific code in the command line to
-         * be returned when a redirection is encoutered
+         * be returned when a redirection is encountered
          */
       }
       result = max_state_alt (onredirect, result);
@@ -1023,23 +1055,55 @@ GOT_FIRST_CERT:
 
   if (strlen (header_expect)) {
     if (!strstr (header_buf.buf, header_expect)) {
+
       strncpy(&output_header_search[0],header_expect,sizeof(output_header_search));
+
       if(output_header_search[sizeof(output_header_search)-1]!='\0') {
         bcopy("...",&output_header_search[sizeof(output_header_search)-4],4);
       }
-      snprintf (msg, DEFAULT_BUFFER_SIZE, _("%sheader '%s' not found on '%s://%s:%d%s', "), msg, output_header_search, use_ssl ? "https" : "http", host_name ? host_name : server_address, server_port, server_url);
-      result = STATE_CRITICAL;
+
+                                char tmp[DEFAULT_BUFFER_SIZE];
+
+                                snprintf (tmp,
+                                        DEFAULT_BUFFER_SIZE,
+                                        _("%sheader '%s' not found on '%s://%s:%d%s', "),
+                                        msg,
+                                        output_header_search,
+                                        use_ssl ? "https" : "http",
+                                        host_name ? host_name : server_address,
+                                        server_port,
+                                        server_url);
+
+                                strcpy(msg, tmp);
+
+                                result = STATE_CRITICAL;
     }
   }
 
   if (strlen (string_expect)) {
     if (!strstr (body_buf.buf, string_expect)) {
+
       strncpy(&output_string_search[0],string_expect,sizeof(output_string_search));
+
       if(output_string_search[sizeof(output_string_search)-1]!='\0') {
         bcopy("...",&output_string_search[sizeof(output_string_search)-4],4);
       }
-      snprintf (msg, DEFAULT_BUFFER_SIZE, _("%sstring '%s' not found on '%s://%s:%d%s', "), msg, output_string_search, use_ssl ? "https" : "http", host_name ? host_name : server_address, server_port, server_url);
-      result = STATE_CRITICAL;
+
+                        char tmp[DEFAULT_BUFFER_SIZE];
+
+                        snprintf (tmp,
+                                        DEFAULT_BUFFER_SIZE,
+                                        _("%sstring '%s' not found on '%s://%s:%d%s', "),
+                                        msg,
+                                        output_string_search,
+                                        use_ssl ? "https" : "http",
+                                        host_name ? host_name : server_address,
+                                        server_port,
+                                        server_url);
+
+                        strcpy(msg, tmp);
+
+                        result = STATE_CRITICAL;
     }
   }
 
@@ -1050,27 +1114,48 @@ GOT_FIRST_CERT:
       result = max_state_alt(STATE_OK, result);
     }
     else if ((errcode == REG_NOMATCH && !invert_regex) || (errcode == 0 && invert_regex)) {
-      if (!invert_regex)
-        snprintf (msg, DEFAULT_BUFFER_SIZE, _("%spattern not found, "), msg);
-      else
-        snprintf (msg, DEFAULT_BUFFER_SIZE, _("%spattern found, "), msg);
-      result = STATE_CRITICAL;
-    }
-    else {
-      regerror (errcode, &preg, errbuf, MAX_INPUT_BUFFER);
-      snprintf (msg, DEFAULT_BUFFER_SIZE, _("%sExecute Error: %s, "), msg, errbuf);
-      result = STATE_UNKNOWN;
-    }
+                        if (!invert_regex) {
+                                char tmp[DEFAULT_BUFFER_SIZE];
+
+                                snprintf (tmp, DEFAULT_BUFFER_SIZE, _("%spattern not found, "), msg);
+                                strcpy(msg, tmp);
+
+                        } else {
+                                char tmp[DEFAULT_BUFFER_SIZE];
+
+                                snprintf (tmp, DEFAULT_BUFFER_SIZE, _("%spattern found, "), msg);
+                                strcpy(msg, tmp);
+
+                        }
+                        result = STATE_CRITICAL;
+                } else {
+                        regerror (errcode, &preg, errbuf, MAX_INPUT_BUFFER);
+
+                        char tmp[DEFAULT_BUFFER_SIZE];
+
+                        snprintf (tmp, DEFAULT_BUFFER_SIZE, _("%sExecute Error: %s, "), msg, errbuf);
+                        strcpy(msg, tmp);
+                        result = STATE_UNKNOWN;
+                }
   }
 
   /* make sure the page is of an appropriate size */
-  if ((max_page_len > 0) && (page_len > max_page_len)) {
-    snprintf (msg, DEFAULT_BUFFER_SIZE, _("%spage size %d too large, "), msg, page_len);
-    result = max_state_alt(STATE_WARNING, result);
-  } else if ((min_page_len > 0) && (page_len < min_page_len)) {
-    snprintf (msg, DEFAULT_BUFFER_SIZE, _("%spage size %d too small, "), msg, page_len);
-    result = max_state_alt(STATE_WARNING, result);
-  }
+        if ((max_page_len > 0) && (page_len > max_page_len)) {
+                char tmp[DEFAULT_BUFFER_SIZE];
+
+                snprintf (tmp, DEFAULT_BUFFER_SIZE, _("%spage size %d too large, "), msg, page_len);
+
+                strcpy(msg, tmp);
+
+                result = max_state_alt(STATE_WARNING, result);
+
+        } else if ((min_page_len > 0) && (page_len < min_page_len)) {
+                char tmp[DEFAULT_BUFFER_SIZE];
+
+                snprintf (tmp, DEFAULT_BUFFER_SIZE, _("%spage size %d too small, "), msg, page_len);
+                strcpy(msg, tmp);
+                result = max_state_alt(STATE_WARNING, result);
+        }
 
   /* -w, -c: check warning and critical level */
   result = max_state_alt(get_status(total_time, thlds), result);
@@ -1654,6 +1739,7 @@ process_arguments (int argc, char **argv)
       break;
     case 'R': /* regex */
       cflags |= REG_ICASE;
+                        // fall through
     case 'r': /* regex */
       strncpy (regexp, optarg, MAX_RE_SIZE - 1);
       regexp[MAX_RE_SIZE - 1] = 0;
@@ -2051,7 +2137,7 @@ print_usage (void)
   printf (" %s -H <vhost> | -I <IP-address> [-u <uri>] [-p <port>]\n",progname);
   printf ("       [-J <client certificate file>] [-K <private key>] [--ca-cert <CA certificate file>] [-D]\n");
   printf ("       [-w <warn time>] [-c <critical time>] [-t <timeout>] [-L] [-E] [-a auth]\n");
-  printf ("       [-b proxy_auth] [-f <ok|warning|critcal|follow|sticky|stickyport|curl>]\n");
+  printf ("       [-b proxy_auth] [-f <ok|warning|critical|follow|sticky|stickyport|curl>]\n");
   printf ("       [-e <expect>] [-d string] [-s string] [-l] [-r <regex> | -R <case-insensitive regex>]\n");
   printf ("       [-P string] [-m <min_pg_size>:<max_pg_size>] [-4|-6] [-N] [-M <age>]\n");
   printf ("       [-A string] [-k string] [-S <version>] [--sni]\n");
@@ -2217,11 +2303,10 @@ curlhelp_parse_statusline (const char *buf, curlhelp_statusline *status_line)
   if( strchr( p, '.' ) != NULL ) {
 
     /* HTTP 1.x case */
-    char *ppp;
-    ppp = strtok( p, "." );
+    strtok( p, "." );
     status_line->http_major = (int)strtol( p, &pp, 10 );
     if( *pp != '\0' ) { free( first_line_buf ); return -1; }
-    ppp = strtok( NULL, " " );
+    strtok( NULL, " " );
     status_line->http_minor = (int)strtol( p, &pp, 10 );
     if( *pp != '\0' ) { free( first_line_buf ); return -1; }
     p += 4; /* 1.x SP */
@@ -2308,37 +2393,67 @@ check_document_dates (const curlhelp_write_curlbuf *header_buf, char (*msg)[DEFA
   server_date = get_header_value (headers, nof_headers, "date");
   document_date = get_header_value (headers, nof_headers, "last-modified");
 
-  if (!server_date || !*server_date) {
-    snprintf (*msg, DEFAULT_BUFFER_SIZE, _("%sServer date unknown, "), *msg);
-    date_result = max_state_alt(STATE_UNKNOWN, date_result);
-  } else if (!document_date || !*document_date) {
-    snprintf (*msg, DEFAULT_BUFFER_SIZE, _("%sDocument modification date unknown, "), *msg);
-    date_result = max_state_alt(STATE_CRITICAL, date_result);
+        if (!server_date || !*server_date) {
+                char tmp[DEFAULT_BUFFER_SIZE];
+
+                snprintf (tmp, DEFAULT_BUFFER_SIZE, _("%sServer date unknown, "), *msg);
+                strcpy(*msg, tmp);
+
+                date_result = max_state_alt(STATE_UNKNOWN, date_result);
+
+        } else if (!document_date || !*document_date) {
+                char tmp[DEFAULT_BUFFER_SIZE];
+
+                snprintf (tmp, DEFAULT_BUFFER_SIZE, _("%sDocument modification date unknown, "), *msg);
+                strcpy(*msg, tmp);
+
+                date_result = max_state_alt(STATE_CRITICAL, date_result);
+
   } else {
     time_t srv_data = curl_getdate (server_date, NULL);
     time_t doc_data = curl_getdate (document_date, NULL);
     if (verbose >= 2)
       printf ("* server date: '%s' (%d), doc_date: '%s' (%d)\n", server_date, (int)srv_data, document_date, (int)doc_data);
-    if (srv_data <= 0) {
-      snprintf (*msg, DEFAULT_BUFFER_SIZE, _("%sServer date \"%100s\" unparsable, "), *msg, server_date);
-      date_result = max_state_alt(STATE_CRITICAL, date_result);
-    } else if (doc_data <= 0) {
-      snprintf (*msg, DEFAULT_BUFFER_SIZE, _("%sDocument date \"%100s\" unparsable, "), *msg, document_date);
-      date_result = max_state_alt(STATE_CRITICAL, date_result);
-    } else if (doc_data > srv_data + 30) {
-      snprintf (*msg, DEFAULT_BUFFER_SIZE, _("%sDocument is %d seconds in the future, "), *msg, (int)doc_data - (int)srv_data);
-      date_result = max_state_alt(STATE_CRITICAL, date_result);
-    } else if (doc_data < srv_data - maximum_age) {
-      int n = (srv_data - doc_data);
-      if (n > (60 * 60 * 24 * 2)) {
-        snprintf (*msg, DEFAULT_BUFFER_SIZE, _("%sLast modified %.1f days ago, "), *msg, ((float) n) / (60 * 60 * 24));
-        date_result = max_state_alt(STATE_CRITICAL, date_result);
-      } else {
-        snprintf (*msg, DEFAULT_BUFFER_SIZE, _("%sLast modified %d:%02d:%02d ago, "), *msg, n / (60 * 60), (n / 60) % 60, n % 60);
-        date_result = max_state_alt(STATE_CRITICAL, date_result);
-      }
-    }
-  }
+                if (srv_data <= 0) {
+                        char tmp[DEFAULT_BUFFER_SIZE];
+
+                        snprintf (tmp, DEFAULT_BUFFER_SIZE, _("%sServer date \"%100s\" unparsable, "), *msg, server_date);
+                        strcpy(*msg, tmp);
+
+                        date_result = max_state_alt(STATE_CRITICAL, date_result);
+                } else if (doc_data <= 0) {
+                        char tmp[DEFAULT_BUFFER_SIZE];
+
+                        snprintf (tmp, DEFAULT_BUFFER_SIZE, _("%sDocument date \"%100s\" unparsable, "), *msg, document_date);
+                        strcpy(*msg, tmp);
+
+                        date_result = max_state_alt(STATE_CRITICAL, date_result);
+                } else if (doc_data > srv_data + 30) {
+                        char tmp[DEFAULT_BUFFER_SIZE];
+
+                        snprintf (tmp, DEFAULT_BUFFER_SIZE, _("%sDocument is %d seconds in the future, "), *msg, (int)doc_data - (int)srv_data);
+                        strcpy(*msg, tmp);
+
+                        date_result = max_state_alt(STATE_CRITICAL, date_result);
+                } else if (doc_data < srv_data - maximum_age) {
+                        int n = (srv_data - doc_data);
+                        if (n > (60 * 60 * 24 * 2)) {
+                                char tmp[DEFAULT_BUFFER_SIZE];
+
+                                snprintf (tmp, DEFAULT_BUFFER_SIZE, _("%sLast modified %.1f days ago, "), *msg, ((float) n) / (60 * 60 * 24));
+                        strcpy(*msg, tmp);
+
+                                date_result = max_state_alt(STATE_CRITICAL, date_result);
+                        } else {
+                                char tmp[DEFAULT_BUFFER_SIZE];
+
+                                snprintf (tmp, DEFAULT_BUFFER_SIZE, _("%sLast modified %d:%02d:%02d ago, "), *msg, n / (60 * 60), (n / 60) % 60, n % 60);
+                                strcpy(*msg, tmp);
+
+                                date_result = max_state_alt(STATE_CRITICAL, date_result);
+                        }
+                }
+        }
 
   if (server_date) free (server_date);
   if (document_date) free (document_date);
@@ -2380,7 +2495,7 @@ get_content_length (const curlhelp_write_curlbuf* header_buf, const curlhelp_wri
 
 /* TODO: is there a better way in libcurl to check for the SSL library? */
 curlhelp_ssl_library
-curlhelp_get_ssl_library (CURL* curl)
+curlhelp_get_ssl_library ()
 {
   curl_version_info_data* version_data;
   char *ssl_version;
diff --git a/plugins/check_dbi.c b/plugins/check_dbi.c
index ced13d0..c24ca24 100644
--- a/plugins/check_dbi.c
+++ b/plugins/check_dbi.c
@@ -141,21 +141,28 @@ main (int argc, char **argv)
         if (verbose > 2)
                 printf ("Initializing DBI\n");
 
-        if (dbi_initialize (NULL) < 0) {
+        dbi_inst *instance_p;
+
+        if (dbi_initialize_r(NULL, instance_p) < 0) {
                 printf ("UNKNOWN - failed to initialize DBI; possibly you don't have any drivers installed.\n");
                 return STATE_UNKNOWN;
         }
 
+        if (instance_p == NULL) {
+                printf ("UNKNOWN - failed to initialize DBI.\n");
+                return STATE_UNKNOWN;
+        }
+
         if (verbose)
                 printf ("Opening DBI driver '%s'\n", np_dbi_driver);
 
-        driver = dbi_driver_open (np_dbi_driver);
+        driver = dbi_driver_open_r(np_dbi_driver, instance_p);
         if (! driver) {
                 printf ("UNKNOWN - failed to open DBI driver '%s'; possibly it's not installed.\n",
                                 np_dbi_driver);
 
                 printf ("Known drivers:\n");
-                for (driver = dbi_driver_list (NULL); driver; driver = dbi_driver_list (driver)) {
+                for (driver = dbi_driver_list_r(NULL, instance_p); driver; driver = dbi_driver_list_r(driver, instance_p)) {
                         printf (" - %s\n", dbi_driver_get_name (driver));
                 }
                 return STATE_UNKNOWN;
@@ -426,6 +433,7 @@ process_arguments (int argc, char **argv)
                         else
                                 timeout_interval = atoi (optarg);
 
+                        break;
                 case 'H':     /* host */
                         if (!is_host (optarg))
                                 usage2 (_("Invalid hostname/address"), optarg);
diff --git a/plugins/check_disk.c b/plugins/check_disk.c
index bd84c82..05e5502 100644
--- a/plugins/check_disk.c
+++ b/plugins/check_disk.c
@@ -131,9 +131,6 @@ bool stat_path (struct parameter_list *p);
 void get_stats (struct parameter_list *p, struct fs_usage *fsp);
 void get_path_stats (struct parameter_list *p, struct fs_usage *fsp);
 
-double w_dfp = -1.0;
-double c_dfp = -1.0;
-char *path;
 char *exclude_device;
 char *units;
 uintmax_t mult = 1024 * 1024;
@@ -587,7 +584,7 @@ process_arguments (int argc, char **argv)
 
     /* Awful mistake where the range values do not make sense. Normally,
        you alert if the value is within the range, but since we are using
-       freespace, we have to alert if outside the range. Thus we artifically
+       freespace, we have to alert if outside the range. Thus we artificially
        force @ at the beginning of the range, so that it is backwards compatible
     */
     case 'c':                 /* critical threshold */
@@ -626,21 +623,36 @@ process_arguments (int argc, char **argv)
       if (! strcasecmp (optarg, "bytes")) {
         mult = (uintmax_t)1;
         units = strdup ("B");
-      } else if ( (! strcmp (optarg, "kB")) || (!strcmp(optarg, "KiB")) ) {
+      } else if (!strcmp(optarg, "KiB")) {
         mult = (uintmax_t)1024;
-        units = strdup ("kiB");
-      } else if ( (! strcmp (optarg, "MB")) || (!strcmp(optarg, "MiB")) )  {
+        units = strdup ("KiB");
+      } else if (! strcmp (optarg, "kB")) {
+        mult = (uintmax_t)1000;
+        units = strdup ("kB");
+      } else if (!strcmp(optarg, "MiB")) {
         mult = (uintmax_t)1024 * 1024;
         units = strdup ("MiB");
-      } else if ( (! strcmp (optarg, "GB")) || (!strcmp(optarg, "GiB")) ) {
+      } else if (! strcmp (optarg, "MB")) {
+        mult = (uintmax_t)1000 * 1000;
+        units = strdup ("MB");
+      } else if (!strcmp(optarg, "GiB")) {
         mult = (uintmax_t)1024 * 1024 * 1024;
         units = strdup ("GiB");
-      } else if ( (! strcmp (optarg, "TB")) || (!strcmp(optarg, "TiB")) ) {
+      } else if (! strcmp (optarg, "GB")){
+        mult = (uintmax_t)1000 * 1000 * 1000;
+        units = strdup ("GB");
+      } else if (!strcmp(optarg, "TiB")) {
         mult = (uintmax_t)1024 * 1024 * 1024 * 1024;
         units = strdup ("TiB");
-      } else if ( (! strcmp (optarg, "PB")) || (!strcmp(optarg, "PiB")) ) {
+      } else if (! strcmp (optarg, "TB")) {
+        mult = (uintmax_t)1000 * 1000 * 1000 * 1000;
+        units = strdup ("TB");
+      } else if (!strcmp(optarg, "PiB")) {
         mult = (uintmax_t)1024 * 1024 * 1024 * 1024 * 1024;
         units = strdup ("PiB");
+      } else if (! strcmp (optarg, "PB")){
+        mult = (uintmax_t)1000 * 1000 * 1000 * 1000 * 1000;
+        units = strdup ("PB");
       } else {
         die (STATE_UNKNOWN, _("unit type %s not known\n"), optarg);
       }
@@ -874,7 +886,7 @@ process_arguments (int argc, char **argv)
   if (crit_usedspace_percent == NULL && argc > c && is_intnonneg (argv[c]))
     crit_usedspace_percent = argv[c++];
 
-  if (argc > c && path == NULL) {
+  if (argc > c) {
     se = np_add_parameter(&path_select_list, strdup(argv[c++]));
     path_selected = TRUE;
     set_all_thresholds(se);
@@ -1115,7 +1127,7 @@ get_path_stats (struct parameter_list *p, struct fs_usage *fsp) {
   p->available_to_root = fsp->fsu_bfree;
   p->used = fsp->fsu_blocks - fsp->fsu_bfree;
   if (freespace_ignore_reserved) {
-    /* option activated : we substract the root-reserved space from the total */
+    /* option activated : we subtract the root-reserved space from the total */
     p->total = fsp->fsu_blocks - p->available_to_root + p->available;
   } else {
     /* default behaviour : take all the blocks into account */
@@ -1130,7 +1142,7 @@ get_path_stats (struct parameter_list *p, struct fs_usage *fsp) {
   p->inodes_free_to_root  = fsp->fsu_ffree; /* Free file nodes for root. */
   p->inodes_used = fsp->fsu_files - fsp->fsu_ffree;
   if (freespace_ignore_reserved) {
-    /* option activated : we substract the root-reserved inodes from the total */
+    /* option activated : we subtract the root-reserved inodes from the total */
     /* not all OS report fsp->fsu_favail, only the ones with statvfs syscall */
     /* for others, fsp->fsu_ffree == fsp->fsu_favail */
     p->inodes_total = fsp->fsu_files - p->inodes_free_to_root + p->inodes_free;
diff --git a/plugins/check_dns.c b/plugins/check_dns.c
index 9de6caf..7ffce98 100644
--- a/plugins/check_dns.c
+++ b/plugins/check_dns.c
@@ -75,7 +75,7 @@ main (int argc, char **argv)
 {
   char *command_line = NULL;
   char input_buffer[MAX_INPUT_BUFFER];
-  char *address = NULL; /* comma seperated str with addrs/ptrs (sorted) */
+  char *address = NULL; /* comma separated str with addrs/ptrs (sorted) */
   char **addresses = NULL;
   int n_addresses = 0;
   char *msg = NULL;
diff --git a/plugins/check_fping.c b/plugins/check_fping.c
index db43316..23a9e99 100644
--- a/plugins/check_fping.c
+++ b/plugins/check_fping.c
@@ -73,7 +73,7 @@ int wrta_p = FALSE;
 int
 main (int argc, char **argv)
 {
-/* normaly should be  int result = STATE_UNKNOWN; */
+/* normally should be  int result = STATE_UNKNOWN; */
 
   int status = STATE_UNKNOWN;
   int result = 0;
@@ -354,6 +354,7 @@ process_arguments (int argc, char **argv)
       break;
     case 'I':                 /* sourceip */
       sourceif = strscpy (sourceif, optarg);
+                        break;
     case '4':                 /* IPv4 only */
       address_family = AF_INET;
       break;
diff --git a/plugins/check_hpjd.c b/plugins/check_hpjd.c
index c4b4417..c34bb08 100644
--- a/plugins/check_hpjd.c
+++ b/plugins/check_hpjd.c
@@ -353,6 +353,7 @@ process_arguments (int argc, char **argv)
                                 usage2 (_("Port must be a positive short integer"), optarg);
                         else
                                 port = atoi(optarg);
+                        break;
                 case 'D':                                                                       /* disable paper out check*/
                         check_paper_out = 0;
                         break;
diff --git a/plugins/check_http.c b/plugins/check_http.c
index 8dda046..718c8ee 100644
--- a/plugins/check_http.c
+++ b/plugins/check_http.c
@@ -198,7 +198,7 @@ test_file (char *path)
 
 /*
  * process command-line arguments
- * returns true on succes, false otherwise
+ * returns true on success, false otherwise
   */
 bool process_arguments (int argc, char **argv)
 {
@@ -498,6 +498,7 @@ bool process_arguments (int argc, char **argv)
       break;
     case 'R': /* regex */
       cflags |= REG_ICASE;
+                        // fall through
     case 'r': /* regex */
       strncpy (regexp, optarg, MAX_RE_SIZE - 1);
       regexp[MAX_RE_SIZE - 1] = 0;
@@ -1278,7 +1279,7 @@ check_http (void)
 
   regmatch_t chre_pmatch[1]; // We actually do not care about this, since we only want to know IF it was found
 
-  if (regexec(&chunked_header_regex, header, 1, chre_pmatch, 0) == 0) {
+  if (!no_body && regexec(&chunked_header_regex, header, 1, chre_pmatch, 0) == 0) {
     if (verbose) {
       printf("Found chunked content\n");
     }
@@ -1391,7 +1392,6 @@ char *unchunk_content(const char *content) {
   // https://en.wikipedia.org/wiki/Chunked_transfer_encoding
   // https://www.rfc-editor.org/rfc/rfc7230#section-4.1
   char *result = NULL;
-  size_t content_length = strlen(content);
   char *start_of_chunk;
   char* end_of_chunk;
   long size_of_chunk;
@@ -1885,7 +1885,7 @@ print_usage (void)
   printf (" %s -H <vhost> | -I <IP-address> [-u <uri>] [-p <port>]\n",progname);
   printf ("       [-J <client certificate file>] [-K <private key>]\n");
   printf ("       [-w <warn time>] [-c <critical time>] [-t <timeout>] [-L] [-E] [-a auth]\n");
-  printf ("       [-b proxy_auth] [-f <ok|warning|critcal|follow|sticky|stickyport>]\n");
+  printf ("       [-b proxy_auth] [-f <ok|warning|critical|follow|sticky|stickyport>]\n");
   printf ("       [-e <expect>] [-d string] [-s string] [-l] [-r <regex> | -R <case-insensitive regex>]\n");
   printf ("       [-P string] [-m <min_pg_size>:<max_pg_size>] [-4|-6] [-N] [-M <age>]\n");
   printf ("       [-A string] [-k string] [-S <version>] [--sni]\n");
diff --git a/plugins/check_ldap.c b/plugins/check_ldap.c
index 845a4f5..a1bfe1b 100644
--- a/plugins/check_ldap.c
+++ b/plugins/check_ldap.c
@@ -222,7 +222,7 @@ main (int argc, char *argv[])
         /* reset the alarm handler */
         alarm (0);
 
-        /* calcutate the elapsed time and compare to thresholds */
+        /* calculate the elapsed time and compare to thresholds */
 
         microsec = deltime (tv);
         elapsed_time = (double)microsec / 1.0e6;
diff --git a/plugins/check_load.c b/plugins/check_load.c
index 00f7c87..313df8a 100644
--- a/plugins/check_load.c
+++ b/plugins/check_load.c
@@ -107,7 +107,7 @@ main (int argc, char **argv)
         int i;
         long numcpus;
 
-        double la[3] = { 0.0, 0.0, 0.0 };       /* NetBSD complains about unitialized arrays */
+        double la[3] = { 0.0, 0.0, 0.0 };       /* NetBSD complains about uninitialized arrays */
 #ifndef HAVE_GETLOADAVG
         char input_buffer[MAX_INPUT_BUFFER];
 # ifdef HAVE_PROC_LOADAVG
diff --git a/plugins/check_mysql.c b/plugins/check_mysql.c
index 0cba50e..91e150f 100644
--- a/plugins/check_mysql.c
+++ b/plugins/check_mysql.c
@@ -138,7 +138,10 @@ main (int argc, char **argv)
                 mysql_ssl_set(&mysql,key,cert,ca_cert,ca_dir,ciphers);
         /* establish a connection to the server and error checking */
         if (!mysql_real_connect(&mysql,db_host,db_user,db_pass,db,db_port,db_socket,0)) {
-                if (ignore_auth && mysql_errno (&mysql) == ER_ACCESS_DENIED_ERROR)
+                /* Depending on internally-selected auth plugin MySQL might return */
+                /* ER_ACCESS_DENIED_NO_PASSWORD_ERROR or ER_ACCESS_DENIED_ERROR. */
+                /* Semantically these errors are the same. */
+                if (ignore_auth && (mysql_errno (&mysql) == ER_ACCESS_DENIED_ERROR || mysql_errno (&mysql) == ER_ACCESS_DENIED_NO_PASSWORD_ERROR))
                 {
                         printf("MySQL OK - Version: %s (protocol %d)\n",
                                 mysql_get_server_info(&mysql),
@@ -551,7 +554,7 @@ print_help (void)
   printf ("    %s\n", _("Exit with CRITICAL status if slave server is more then INTEGER seconds"));
   printf ("    %s\n", _("behind master"));
   printf (" %s\n", "-l, --ssl");
-  printf ("    %s\n", _("Use ssl encryptation"));
+  printf ("    %s\n", _("Use ssl encryption"));
   printf (" %s\n", "-C, --ca-cert=STRING");
   printf ("    %s\n", _("Path to CA signing the cert"));
   printf (" %s\n", "-a, --cert=STRING");
diff --git a/plugins/check_nt.c b/plugins/check_nt.c
index 59c135d..d73d83c 100644
--- a/plugins/check_nt.c
+++ b/plugins/check_nt.c
@@ -341,7 +341,7 @@ int main(int argc, char **argv){
 
                 2) If the counter you're going to measure is percent-based, the code will detect
                  the percent sign in its name and will attribute minimum (0%) and maximum (100%)
-                 values automagically, as well the ¨%" sign to graph units.
+                 values automagically, as well the "%" sign to graph units.
 
                 3) OTOH, if the counter is "absolute", you'll have to provide the following
                  the counter unit - that is, the dimensions of the counter you're getting. Examples:
diff --git a/plugins/check_ntp.c b/plugins/check_ntp.c
index 8b776ba..3614650 100644
--- a/plugins/check_ntp.c
+++ b/plugins/check_ntp.c
@@ -10,7 +10,7 @@
 * 
 * This file contains the check_ntp plugin
 * 
-* This plugin to check ntp servers independant of any commandline
+* This plugin to check ntp servers independent of any commandline
 * programs or external libraries.
 * 
 * 
@@ -79,7 +79,7 @@ typedef struct {
 /* this structure holds data about results from querying offset from a peer */
 typedef struct {
         time_t waiting;         /* ts set when we started waiting for a response */
-        int num_responses;      /* number of successfully recieved responses */
+        int num_responses;      /* number of successfully received responses */
         uint8_t stratum;        /* copied verbatim from the ntp_message */
         double rtdelay;         /* converted from the ntp_message */
         double rtdisp;          /* converted from the ntp_message */
@@ -100,7 +100,7 @@ typedef struct {
                                 /* NB: not necessarily NULL terminated! */
 } ntp_control_message;
 
-/* this is an association/status-word pair found in control packet reponses */
+/* this is an association/status-word pair found in control packet responses */
 typedef struct {
         uint16_t assoc;
         uint16_t status;
@@ -575,7 +575,7 @@ double jitter_request(int *status){
                         }
                 }
         }
-        if(verbose) printf("%d candiate peers available\n", num_candidates);
+        if(verbose) printf("%d candidate peers available\n", num_candidates);
         if(verbose && syncsource_found) printf("synchronization source found\n");
         if(! syncsource_found){
                 *status = STATE_UNKNOWN;
@@ -597,7 +597,7 @@ double jitter_request(int *status){
                                 /* By spec, putting the variable name "jitter"  in the request
                                  * should cause the server to provide _only_ the jitter value.
                                  * thus reducing net traffic, guaranteeing us only a single
-                                 * datagram in reply, and making intepretation much simpler
+                                 * datagram in reply, and making interpretation much simpler
                                  */
                                 /* Older servers doesn't know what jitter is, so if we get an
                                  * error on the first pass we redo it with "dispersion" */
diff --git a/plugins/check_ntp_peer.c b/plugins/check_ntp_peer.c
index 6842842..49cb100 100644
--- a/plugins/check_ntp_peer.c
+++ b/plugins/check_ntp_peer.c
@@ -86,7 +86,7 @@ typedef struct {
                                 /* NB: not necessarily NULL terminated! */
 } ntp_control_message;
 
-/* this is an association/status-word pair found in control packet reponses */
+/* this is an association/status-word pair found in control packet responses */
 typedef struct {
         uint16_t assoc;
         uint16_t status;
@@ -189,7 +189,7 @@ setup_control_request(ntp_control_message *p, uint8_t opcode, uint16_t seq){
 }
 
 /* This function does all the actual work; roughly here's what it does
- * beside setting the offest, jitter and stratum passed as argument:
+ * beside setting the offset, jitter and stratum passed as argument:
  *  - offset can be negative, so if it cannot get the offset, offset_result
  *    is set to UNKNOWN, otherwise OK.
  *  - jitter and stratum are set to -1 if they cannot be retrieved so any
@@ -199,7 +199,7 @@ setup_control_request(ntp_control_message *p, uint8_t opcode, uint16_t seq){
  *  status is pretty much useless as syncsource_found is a global variable
  *  used later in main to check is the server was synchronized. It works
  *  so I left it alone */
-int ntp_request(const char *host, double *offset, int *offset_result, double *jitter, int *stratum, int *num_truechimers){
+int ntp_request(double *offset, int *offset_result, double *jitter, int *stratum, int *num_truechimers){
         int conn=-1, i, npeers=0, num_candidates=0;
         double tmp_offset = 0;
         int min_peer_sel=PEER_INCLUDED;
@@ -306,7 +306,7 @@ int ntp_request(const char *host, double *offset, int *offset_result, double *ji
                                 /* Putting the wanted variable names in the request
                                  * cause the server to provide _only_ the requested values.
                                  * thus reducing net traffic, guaranteeing us only a single
-                                 * datagram in reply, and making intepretation much simpler
+                                 * datagram in reply, and making interpretation much simpler
                                  */
                                 /* Older servers doesn't know what jitter is, so if we get an
                                  * error on the first pass we redo it with "dispersion" */
@@ -585,8 +585,8 @@ int main(int argc, char *argv[]){
         /* set socket timeout */
         alarm (socket_timeout);
 
-        /* This returns either OK or WARNING (See comment preceeding ntp_request) */
-        result = ntp_request(server_address, &offset, &offset_result, &jitter, &stratum, &num_truechimers);
+        /* This returns either OK or WARNING (See comment preceding ntp_request) */
+        result = ntp_request(&offset, &offset_result, &jitter, &stratum, &num_truechimers);
 
         if(offset_result == STATE_UNKNOWN) {
                 /* if there's no sync peer (this overrides ntp_request output): */
diff --git a/plugins/check_ntp_time.c b/plugins/check_ntp_time.c
index 391b2df..46cc604 100644
--- a/plugins/check_ntp_time.c
+++ b/plugins/check_ntp_time.c
@@ -81,7 +81,7 @@ typedef struct {
 /* this structure holds data about results from querying offset from a peer */
 typedef struct {
         time_t waiting;         /* ts set when we started waiting for a response */
-        int num_responses;      /* number of successfully recieved responses */
+        int num_responses;      /* number of successfully received responses */
         uint8_t stratum;        /* copied verbatim from the ntp_message */
         double rtdelay;         /* converted from the ntp_message */
         double rtdisp;          /* converted from the ntp_message */
diff --git a/plugins/check_nwstat.c b/plugins/check_nwstat.c
index e7e8de0..3c9d23e 100644
--- a/plugins/check_nwstat.c
+++ b/plugins/check_nwstat.c
@@ -1668,7 +1668,7 @@ void print_help(void)
 
   printf ("\n");
   printf ("%s\n", _("Notes:"));
-        printf (" %s\n", _("- This plugin requres that the MRTGEXT.NLM file from James Drews' MRTG"));
+        printf (" %s\n", _("- This plugin requires that the MRTGEXT.NLM file from James Drews' MRTG"));
   printf (" %s\n", _("  extension for NetWare be loaded on the Novell servers you wish to check."));
   printf (" %s\n", _("  (available from http://www.engr.wisc.edu/~drews/mrtg/)"));
   printf (" %s\n", _("- Values for critical thresholds should be lower than warning thresholds"));
diff --git a/plugins/check_pgsql.c b/plugins/check_pgsql.c
index c26cd43..6199033 100644
--- a/plugins/check_pgsql.c
+++ b/plugins/check_pgsql.c
@@ -93,7 +93,7 @@ int verbose = 0;
 
 /******************************************************************************
 
-The (psuedo?)literate programming XML is contained within \@\@\- <XML> \-\@\@
+The (pseudo?)literate programming XML is contained within \@\@\- <XML> \-\@\@
 tags in the comments. With in the tags, the XML is assembled sequentially.
 You can define entities in tags. You also have all the #defines available as
 entities.
@@ -517,7 +517,10 @@ print_help (void)
         printf (" %s\n", _("connecting to the server. The result from the query has to be numeric."));
         printf (" %s\n", _("Multiple SQL commands, separated by semicolon, are allowed but the result "));
         printf (" %s\n", _("of the last command is taken into account only. The value of the first"));
-        printf (" %s\n\n", _("column in the first row is used as the check result."));
+        printf (" %s\n", _("column in the first row is used as the check result. If a second column is"));
+        printf (" %s\n", _("present in the result set, this is added to the plugin output with a"));
+        printf (" %s\n", _("prefix of \"Extra Info:\". This information can be displayed in the system"));
+        printf (" %s\n\n", _("executing the plugin."));
 
         printf (" %s\n", _("See the chapter \"Monitoring Database Activity\" of the PostgreSQL manual"));
         printf (" %s\n\n", _("for details about how to access internal statistics of the database server."));
@@ -557,6 +560,7 @@ do_query (PGconn *conn, char *query)
         PGresult *res;
 
         char *val_str;
+        char *extra_info;
         double value;
 
         char *endptr = NULL;
@@ -621,6 +625,12 @@ do_query (PGconn *conn, char *query)
         printf ("|query=%f;%s;%s;;\n", value,
                         query_warning ? query_warning : "",
                         query_critical ? query_critical : "");
+        if (PQnfields (res) > 1) {
+                extra_info = PQgetvalue (res, 0, 1);
+                if (extra_info != NULL) {
+                        printf ("Extra Info: %s\n", extra_info);
+                }
+        }
         return my_status;
 }
 
diff --git a/plugins/check_procs.c b/plugins/check_procs.c
index d672dd4..c17c699 100644
--- a/plugins/check_procs.c
+++ b/plugins/check_procs.c
@@ -273,7 +273,7 @@ main (int argc, char **argv)
                           }
                         }
 
-                        /* filter kernel threads (childs of KTHREAD_PARENT)*/
+                        /* filter kernel threads (children of KTHREAD_PARENT)*/
                         /* TODO adapt for other OSes than GNU/Linux
                                         sorry for not doing that, but I've no other OSes to test :-( */
                         if (kthread_filter == 1) {
@@ -787,7 +787,7 @@ print_help (void)
   printf (" %s\n", "-C, --command=COMMAND");
   printf ("   %s\n", _("Only scan for exact matches of COMMAND (without path)."));
   printf (" %s\n", "-X, --exclude-process");
-  printf ("   %s\n", _("Exclude processes which match this comma seperated list"));
+  printf ("   %s\n", _("Exclude processes which match this comma separated list"));
   printf (" %s\n", "-k, --no-kthreads");
   printf ("   %s\n", _("Only scan for non kernel threads (works on Linux only)."));
 
diff --git a/plugins/check_radius.c b/plugins/check_radius.c
index 96a9555..b1b4938 100644
--- a/plugins/check_radius.c
+++ b/plugins/check_radius.c
@@ -97,7 +97,7 @@ int verbose = FALSE;
 
 /******************************************************************************
 
-The (psuedo?)literate programming XML is contained within \@\@\- <XML> \-\@\@
+The (pseudo?)literate programming XML is contained within \@\@\- <XML> \-\@\@
 tags in the comments. With in the tags, the XML is assembled sequentially.
 You can define entities in tags. You also have all the #defines available as
 entities.
@@ -381,7 +381,7 @@ print_help (void)
   printf ("\n");
   printf ("%s\n", _("This plugin tests a RADIUS server to see if it is accepting connections."));
   printf ("%s\n", _("The server to test must be specified in the invocation, as well as a user"));
-  printf ("%s\n", _("name and password. A configuration file may also be present. The format of"));
+  printf ("%s\n", _("name and password. A configuration file must be present. The format of"));
   printf ("%s\n", _("the configuration file is described in the radiusclient library sources."));
         printf ("%s\n", _("The password option presents a substantial security issue because the"));
   printf ("%s\n", _("password can possibly be determined by careful watching of the command line"));
diff --git a/plugins/check_real.c b/plugins/check_real.c
index 0f1a1ba..fbdb70f 100644
--- a/plugins/check_real.c
+++ b/plugins/check_real.c
@@ -178,7 +178,7 @@ main (int argc, char **argv)
 
                 /* watch for the REAL connection string */
                 result = recv (sd, buffer, MAX_INPUT_BUFFER - 1, 0);
-                buffer[result] = '\0'; /* null terminate recieved buffer */
+                buffer[result] = '\0'; /* null terminate received buffer */
 
                 /* return a CRITICAL status if we couldn't read any data */
                 if (result == -1) {
@@ -436,7 +436,7 @@ print_help (void)
 
   printf ("\n");
         printf ("%s\n", _("This plugin will attempt to open an RTSP connection with the host."));
-  printf ("%s\n", _("Successul connects return STATE_OK, refusals and timeouts return"));
+  printf ("%s\n", _("Successful connects return STATE_OK, refusals and timeouts return"));
   printf ("%s\n", _("STATE_CRITICAL, other errors return STATE_UNKNOWN.  Successful connects,"));
   printf ("%s\n", _("but incorrect response messages from the host result in STATE_WARNING return"));
   printf ("%s\n", _("values."));
diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c
index c1e92df..fc0ae2c 100644
--- a/plugins/check_smtp.c
+++ b/plugins/check_smtp.c
@@ -3,7 +3,7 @@
 * Monitoring check_smtp plugin
 * 
 * License: GPL
-* Copyright (c) 2000-2007 Monitoring Plugins Development Team
+* Copyright (c) 2000-2023 Monitoring Plugins Development Team
 * 
 * Description:
 * 
@@ -42,16 +42,18 @@ const char *email = "devel@monitoring-plugins.org";
 #ifdef HAVE_SSL
 int check_cert = FALSE;
 int days_till_exp_warn, days_till_exp_crit;
-#  define my_recv(buf, len) ((use_ssl && ssl_established) ? np_net_ssl_read(buf, len) : read(sd, buf, len))
-#  define my_send(buf, len) ((use_ssl && ssl_established) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0))
+#  define my_recv(buf, len) (((use_starttls || use_ssl) && ssl_established) ? np_net_ssl_read(buf, len) : read(sd, buf, len))
+#  define my_send(buf, len) (((use_starttls || use_ssl) && ssl_established) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0))
 #else /* ifndef HAVE_SSL */
 #  define my_recv(buf, len) read(sd, buf, len)
 #  define my_send(buf, len) send(sd, buf, len, 0)
 #endif
 
 enum {
-        SMTP_PORT       = 25
+        SMTP_PORT       = 25,
+        SMTPS_PORT      = 465
 };
+#define PROXY_PREFIX "PROXY TCP4 0.0.0.0 0.0.0.0 25 25\r\n"
 #define SMTP_EXPECT "220"
 #define SMTP_HELO "HELO "
 #define SMTP_EHLO "EHLO "
@@ -82,6 +84,7 @@ int eflags = 0;
 int errcode, excode;
 
 int server_port = SMTP_PORT;
+int server_port_option = 0;
 char *server_address = NULL;
 char *server_expect = NULL;
 char *mail_command = NULL;
@@ -102,6 +105,9 @@ double critical_time = 0;
 int check_critical_time = FALSE;
 int verbose = 0;
 int use_ssl = FALSE;
+int use_starttls = FALSE;
+int use_sni = FALSE;
+short use_proxy_prefix = FALSE;
 short use_ehlo = FALSE;
 short use_lhlo = FALSE;
 short ssl_established = 0;
@@ -183,6 +189,26 @@ main (int argc, char **argv)
         result = my_tcp_connect (server_address, server_port, &sd);
 
         if (result == STATE_OK) { /* we connected */
+                /* If requested, send PROXY header */
+                if (use_proxy_prefix) {
+                        if (verbose)
+                                printf ("Sending header %s\n", PROXY_PREFIX);
+                        my_send(PROXY_PREFIX, strlen(PROXY_PREFIX));
+                }
+
+#ifdef HAVE_SSL
+                if (use_ssl) {
+                        result = np_net_ssl_init_with_hostname(sd, (use_sni ? server_address : NULL));
+                        if (result != STATE_OK) {
+                                printf (_("CRITICAL - Cannot create SSL context.\n"));
+                                close(sd);
+                                np_net_ssl_cleanup();
+                                return STATE_CRITICAL;
+                        } else {
+                                ssl_established = 1;
+                        }
+                }
+#endif
 
                 /* watch for the SMTP connection string and */
                 /* return a WARNING status if we couldn't read any data */
@@ -195,7 +221,7 @@ main (int argc, char **argv)
                 xasprintf(&server_response, "%s", buffer);
 
                 /* send the HELO/EHLO command */
-                send(sd, helocmd, strlen(helocmd), 0);
+                my_send(helocmd, strlen(helocmd));
 
                 /* allow for response to helo command to reach us */
                 if (recvlines(buffer, MAX_INPUT_BUFFER) <= 0) {
@@ -208,14 +234,14 @@ main (int argc, char **argv)
                         }
                 }
 
-                if(use_ssl && ! supports_tls){
+                if(use_starttls && ! supports_tls){
                         printf(_("WARNING - TLS not supported by server\n"));
                         smtp_quit();
                         return STATE_WARNING;
                 }
 
 #ifdef HAVE_SSL
-                if(use_ssl) {
+                if(use_starttls) {
                   /* send the STARTTLS command */
                   send(sd, SMTP_STARTTLS, strlen(SMTP_STARTTLS), 0);
 
@@ -225,7 +251,7 @@ main (int argc, char **argv)
                     smtp_quit();
                     return STATE_UNKNOWN;
                   }
-                  result = np_net_ssl_init(sd);
+                  result = np_net_ssl_init_with_hostname(sd, (use_sni ? server_address : NULL));
                   if(result != STATE_OK) {
                     printf (_("CRITICAL - Cannot create SSL context.\n"));
                     close(sd);
@@ -454,6 +480,10 @@ process_arguments (int argc, char **argv)
         int c;
         char* temp;
 
+        enum {
+          SNI_OPTION
+        };
+
         int option = 0;
         static struct option longopts[] = {
                 {"hostname", required_argument, 0, 'H'},
@@ -475,9 +505,13 @@ process_arguments (int argc, char **argv)
                 {"use-ipv6", no_argument, 0, '6'},
                 {"help", no_argument, 0, 'h'},
                 {"lmtp", no_argument, 0, 'L'},
+                {"ssl", no_argument, 0, 's'},
+                {"tls", no_argument, 0, 's'},
                 {"starttls",no_argument,0,'S'},
+                {"sni", no_argument, 0, SNI_OPTION},
                 {"certificate",required_argument,0,'D'},
                 {"ignore-quit-failure",no_argument,0,'q'},
+                {"proxy",no_argument,0,'r'},
                 {0, 0, 0, 0}
         };
 
@@ -494,7 +528,7 @@ process_arguments (int argc, char **argv)
         }
 
         while (1) {
-                c = getopt_long (argc, argv, "+hVv46Lt:p:f:e:c:w:H:C:R:SD:F:A:U:P:q",
+                c = getopt_long (argc, argv, "+hVv46Lrt:p:f:e:c:w:H:C:R:sSD:F:A:U:P:q",
                                  longopts, &option);
 
                 if (c == -1 || c == EOF)
@@ -511,7 +545,7 @@ process_arguments (int argc, char **argv)
                         break;
                 case 'p':                                                                       /* port */
                         if (is_intpos (optarg))
-                                server_port = atoi (optarg);
+                                server_port_option = atoi (optarg);
                         else
                                 usage4 (_("Port must be a positive integer"));
                         break;
@@ -616,11 +650,26 @@ process_arguments (int argc, char **argv)
 #else
                         usage (_("SSL support not available - install OpenSSL and recompile"));
 #endif
+                case 's':
+                /* ssl */
+                        use_ssl = TRUE;
+                        server_port = SMTPS_PORT;
+                        break;
                 case 'S':
                 /* starttls */
-                        use_ssl = TRUE;
+                        use_starttls = TRUE;
                         use_ehlo = TRUE;
                         break;
+                case SNI_OPTION:
+#ifdef HAVE_SSL
+                        use_sni = TRUE;
+#else
+                        usage (_("SSL support not available - install OpenSSL and recompile"));
+#endif
+                        break;
+                case 'r':
+                        use_proxy_prefix = TRUE;
+                        break;
                 case 'L':
                         use_lhlo = TRUE;
                         break;
@@ -667,6 +716,14 @@ process_arguments (int argc, char **argv)
         if (from_arg==NULL)
                 from_arg = strdup(" ");
 
+        if (use_starttls && use_ssl) {
+                usage4 (_("Set either -s/--ssl/--tls or -S/--starttls"));
+        }
+
+        if (server_port_option != 0) {
+                server_port = server_port_option;
+        }
+
         return validate_arguments ();
 }
 
@@ -819,11 +876,18 @@ print_help (void)
   printf ("    %s\n", _("FROM-address to include in MAIL command, required by Exchange 2000")),
   printf (" %s\n", "-F, --fqdn=STRING");
   printf ("    %s\n", _("FQDN used for HELO"));
+  printf (" %s\n", "-r, --proxy");
+  printf ("    %s\n", _("Use PROXY protocol prefix for the connection."));
 #ifdef HAVE_SSL
   printf (" %s\n", "-D, --certificate=INTEGER[,INTEGER]");
   printf ("    %s\n", _("Minimum number of days a certificate has to be valid."));
+  printf (" %s\n", "-s, --ssl, --tls");
+  printf ("    %s\n", _("Use SSL/TLS for the connection."));
+  printf (_("    Sets default port to %d.\n"), SMTPS_PORT);
   printf (" %s\n", "-S, --starttls");
   printf ("    %s\n", _("Use STARTTLS for the connection."));
+  printf (" %s\n", "--sni");
+  printf ("    %s\n", _("Enable SSL/TLS hostname extension support (SNI)"));
 #endif
 
         printf (" %s\n", "-A, --authtype=STRING");
@@ -844,7 +908,7 @@ print_help (void)
         printf (UT_VERBOSE);
 
         printf("\n");
-        printf ("%s\n", _("Successul connects return STATE_OK, refusals and timeouts return"));
+        printf ("%s\n", _("Successful connects return STATE_OK, refusals and timeouts return"));
   printf ("%s\n", _("STATE_CRITICAL, other errors return STATE_UNKNOWN.  Successful"));
   printf ("%s\n", _("connects, but incorrect response messages from the host result in"));
   printf ("%s\n", _("STATE_WARNING return values."));
@@ -860,6 +924,6 @@ print_usage (void)
   printf ("%s\n", _("Usage:"));
   printf ("%s -H host [-p port] [-4|-6] [-e expect] [-C command] [-R response] [-f from addr]\n", progname);
   printf ("[-A authtype -U authuser -P authpass] [-w warn] [-c crit] [-t timeout] [-q]\n");
-  printf ("[-F fqdn] [-S] [-L] [-D warn days cert expire[,crit days cert expire]] [-v] \n");
+  printf ("[-F fqdn] [-S] [-L] [-D warn days cert expire[,crit days cert expire]] [-r] [--sni] [-v] \n");
 }
 
diff --git a/plugins/check_snmp.c b/plugins/check_snmp.c
index aefda3d..2acada2 100644
--- a/plugins/check_snmp.c
+++ b/plugins/check_snmp.c
@@ -65,6 +65,7 @@ const char *email = "devel@monitoring-plugins.org";
 #define L_RATE_MULTIPLIER CHAR_MAX+2
 #define L_INVERT_SEARCH CHAR_MAX+3
 #define L_OFFSET CHAR_MAX+4
+#define L_IGNORE_MIB_PARSING_ERRORS CHAR_MAX+5
 
 /* Gobble to string - stop incrementing c when c[0] match one of the
  * characters in s */
@@ -159,6 +160,7 @@ char* ip_version = "";
 double multiplier = 1.0;
 char *fmtstr = "";
 char buffer[DEFAULT_BUFFER_SIZE];
+bool ignore_mib_parsing_errors = false;
 
 static char *fix_snmp_range(char *th)
 {
@@ -306,42 +308,55 @@ main (int argc, char **argv)
         }
 
         /* 10 arguments to pass before context and authpriv options + 1 for host and numoids. Add one for terminating NULL */
-        command_line = calloc (10 + numcontext + numauthpriv + 1 + numoids + 1, sizeof (char *));
-        command_line[0] = snmpcmd;
-        command_line[1] = strdup ("-Le");
-        command_line[2] = strdup ("-t");
-        xasprintf (&command_line[3], "%d", timeout_interval);
-        command_line[4] = strdup ("-r");
-        xasprintf (&command_line[5], "%d", retries);
-        command_line[6] = strdup ("-m");
-        command_line[7] = strdup (miblist);
-        command_line[8] = "-v";
-        command_line[9] = strdup (proto);
+
+        unsigned index = 0;
+        command_line = calloc (11 + numcontext + numauthpriv + 1 + numoids + 1, sizeof (char *));
+
+        command_line[index++] = snmpcmd;
+        command_line[index++] = strdup ("-Le");
+        command_line[index++] = strdup ("-t");
+        xasprintf (&command_line[index++], "%d", timeout_interval);
+        command_line[index++] = strdup ("-r");
+        xasprintf (&command_line[index++], "%d", retries);
+        command_line[index++] = strdup ("-m");
+        command_line[index++] = strdup (miblist);
+        command_line[index++] = "-v";
+        command_line[index++] = strdup (proto);
+
+        xasprintf(&cl_hidden_auth, "%s -Le -t %d -r %d -m %s -v %s",
+                snmpcmd, timeout_interval, retries, strlen(miblist) ? miblist : "''", proto);
+
+        if (ignore_mib_parsing_errors) {
+                command_line[index++] = "-Pe";
+                xasprintf(&cl_hidden_auth, "%s -Pe", cl_hidden_auth);
+        }
+
 
         for (i = 0; i < numcontext; i++) {
-                command_line[10 + i] = contextargs[i];
+                command_line[index++] = contextargs[i];
         }
 
         for (i = 0; i < numauthpriv; i++) {
-                command_line[10 + numcontext + i] = authpriv[i];
+                command_line[index++] = authpriv[i];
         }
 
-        xasprintf (&command_line[10 + numcontext + numauthpriv], "%s:%s", server_address, port);
+        xasprintf (&command_line[index++], "%s:%s", server_address, port);
 
-        /* This is just for display purposes, so it can remain a string */
-        xasprintf(&cl_hidden_auth, "%s -Le -t %d -r %d -m %s -v %s %s %s %s:%s",
-                snmpcmd, timeout_interval, retries, strlen(miblist) ? miblist : "''", proto, "[context]", "[authpriv]",
-                server_address, port);
+        xasprintf(&cl_hidden_auth, "%s [context] [authpriv] %s:%s",
+         cl_hidden_auth,
+         server_address,
+         port);
 
         for (i = 0; i < numoids; i++) {
-                command_line[10 + numcontext + numauthpriv + 1 + i] = oids[i];
+                command_line[index++] = oids[i];
                 xasprintf(&cl_hidden_auth, "%s %s", cl_hidden_auth, oids[i]);
         }
 
-        command_line[10 + numcontext + numauthpriv + 1 + numoids] = NULL;
+        command_line[index++] = NULL;
 
-        if (verbose)
+        if (verbose) {
                 printf ("%s\n", cl_hidden_auth);
+        }
 
         /* Set signal handling and alarm */
         if (signal (SIGALRM, runcmd_timeout_alarm_handler) == SIG_ERR) {
@@ -708,6 +723,7 @@ process_arguments (int argc, char **argv)
                 {"ipv6", no_argument, 0, '6'},
                 {"multiplier", required_argument, 0, 'M'},
                 {"fmtstr", required_argument, 0, 'f'},
+                {"ignore-mib-parsing-errors", no_argument, false, L_IGNORE_MIB_PARSING_ERRORS},
                 {0, 0, 0, 0}
         };
 
@@ -855,6 +871,7 @@ process_arguments (int argc, char **argv)
                         break;
                 case 'R':                                                                       /* regex */
                         cflags = REG_ICASE;
+                        // fall through
                 case 'r':                                                                       /* regex */
                         cflags |= REG_EXTENDED | REG_NOSUB | REG_NEWLINE;
                         strncpy (regex_expect, optarg, sizeof (regex_expect) - 1);
@@ -973,6 +990,8 @@ process_arguments (int argc, char **argv)
                                 fmtstr=optarg;
                         }
                         break;
+                case L_IGNORE_MIB_PARSING_ERRORS:
+                        ignore_mib_parsing_errors = true;
                 }
         }
 
@@ -1274,7 +1293,7 @@ print_help (void)
         printf (" %s\n", "--rate-multiplier");
         printf ("    %s\n", _("Converts rate per second. For example, set to 60 to convert to per minute"));
         printf (" %s\n", "--offset=OFFSET");
-        printf ("    %s\n", _("Add/substract the specified OFFSET to numeric sensor data"));
+        printf ("    %s\n", _("Add/subtract the specified OFFSET to numeric sensor data"));
 
         /* Tests Against Strings */
         printf (" %s\n", "-s, --string=STRING");
@@ -1306,6 +1325,9 @@ print_help (void)
         printf (" %s\n", "-O, --perf-oids");
         printf ("    %s\n", _("Label performance data with OIDs instead of --label's"));
 
+        printf (" %s\n", "--ignore-mib-parsing-errors");
+        printf ("    %s\n", _("Tell snmpget to not print errors encountered when parsing MIB files"));
+
         printf (UT_VERBOSE);
 
         printf ("\n");
diff --git a/plugins/check_swap.c b/plugins/check_swap.c
index 25d5f21..cd965e3 100644
--- a/plugins/check_swap.c
+++ b/plugins/check_swap.c
@@ -178,7 +178,7 @@ main (int argc, char **argv)
 #  ifdef _AIX
         if (!allswaps) {
                 xasprintf(&swap_command, "%s", "/usr/sbin/lsps -s");
-                xasprintf(&swap_format, "%s", "%f%*s %f");
+                xasprintf(&swap_format, "%s", "%lu%*s %lu");
                 conv_factor = 1;
         }
 #  endif
@@ -205,9 +205,9 @@ main (int argc, char **argv)
                 temp_buffer = strtok (input_buffer, " \n");
                 while (temp_buffer) {
                         if (strstr (temp_buffer, "blocks"))
-                                sprintf (str, "%s %s", str, "%f");
+                                sprintf (str, "%s %s", str, "%lu");
                         else if (strstr (temp_buffer, "dskfree"))
-                                sprintf (str, "%s %s", str, "%f");
+                                sprintf (str, "%s %s", str, "%lu");
                         else
                                 sprintf (str, "%s %s", str, "%*s");
                         temp_buffer = strtok (NULL, " \n");
@@ -552,7 +552,7 @@ validate_arguments (void)
         }
         else if ((warn.is_percentage == crit.is_percentage) && (warn.value < crit.value)) {
                 /* This is NOT triggered if warn and crit are different units, e.g warn is percentage
-                 * and crit is absolut. We cannot determine the condition at this point since we
+                 * and crit is absolute. We cannot determine the condition at this point since we
                  * dont know the value of total swap yet
                  */
                 usage4(_("Warning should be more than critical"));
diff --git a/plugins/check_tcp.c b/plugins/check_tcp.c
index 1365b9c..1d307cf 100644
--- a/plugins/check_tcp.c
+++ b/plugins/check_tcp.c
@@ -128,7 +128,7 @@ main (int argc, char **argv)
                         SERVICE[i] = toupper(SERVICE[i]);
         }
 
-        /* set up a resonable buffer at first (will be realloc()'ed if
+        /* set up a reasonable buffer at first (will be realloc()'ed if
          * user specifies other options) */
         server_expect = calloc(sizeof(char *), 2);
 
diff --git a/plugins/check_ups.c b/plugins/check_ups.c
index 0de37a2..68737c4 100644
--- a/plugins/check_ups.c
+++ b/plugins/check_ups.c
@@ -89,7 +89,7 @@ char *ups_status;
 int temp_output_c = 0;
 
 int determine_status (void);
-int get_ups_variable (const char *, char *, size_t);
+int get_ups_variable (const char *, char *);
 
 int process_arguments (int, char **);
 int validate_arguments (void);
@@ -189,7 +189,7 @@ main (int argc, char **argv)
         }
 
         /* get the ups utility voltage if possible */
-        res=get_ups_variable ("input.voltage", temp_buffer, sizeof (temp_buffer));
+        res=get_ups_variable ("input.voltage", temp_buffer);
         if (res == NOSUCHVAR) supported_options &= ~UPS_UTILITY;
         else if (res != OK)
                 return STATE_CRITICAL;
@@ -224,7 +224,7 @@ main (int argc, char **argv)
         }
 
         /* get the ups battery percent if possible */
-        res=get_ups_variable ("battery.charge", temp_buffer, sizeof (temp_buffer));
+        res=get_ups_variable ("battery.charge", temp_buffer);
         if (res == NOSUCHVAR) supported_options &= ~UPS_BATTPCT;
         else if ( res != OK)
                 return STATE_CRITICAL;
@@ -253,7 +253,7 @@ main (int argc, char **argv)
         }
 
         /* get the ups load percent if possible */
-        res=get_ups_variable ("ups.load", temp_buffer, sizeof (temp_buffer));
+        res=get_ups_variable ("ups.load", temp_buffer);
         if ( res == NOSUCHVAR ) supported_options &= ~UPS_LOADPCT;
         else if ( res != OK)
                 return STATE_CRITICAL;
@@ -282,7 +282,7 @@ main (int argc, char **argv)
         }
 
         /* get the ups temperature if possible */
-        res=get_ups_variable ("ups.temperature", temp_buffer, sizeof (temp_buffer));
+        res=get_ups_variable ("ups.temperature", temp_buffer);
         if ( res == NOSUCHVAR ) supported_options &= ~UPS_TEMP;
         else if ( res != OK)
                 return STATE_CRITICAL;
@@ -342,7 +342,7 @@ determine_status (void)
         char *ptr;
         int res;
 
-        res=get_ups_variable ("ups.status", recv_buffer, sizeof (recv_buffer));
+        res=get_ups_variable ("ups.status", recv_buffer);
         if (res == NOSUCHVAR) return OK;
         if (res != STATE_OK) {
                 printf ("%s\n", _("Invalid response received from host"));
@@ -388,7 +388,7 @@ determine_status (void)
 
 /* gets a variable value for a specific UPS  */
 int
-get_ups_variable (const char *varname, char *buf, size_t buflen)
+get_ups_variable (const char *varname, char *buf)
 {
         /*  char command[MAX_INPUT_BUFFER]; */
         char temp_buffer[MAX_INPUT_BUFFER];
@@ -507,7 +507,7 @@ process_arguments (int argc, char **argv)
                                 usage2 (_("Invalid hostname/address"), optarg);
                         }
                         break;
-                case 'T': /* FIXME: to be improved (ie "-T C" for Celsius or "-T F" for Farenheit) */
+                case 'T': /* FIXME: to be improved (ie "-T C" for Celsius or "-T F" for Fahrenheit) */
                         temp_output_c = 1;
                         break;
                 case 'u':                                                                       /* ups name */
diff --git a/plugins/check_users.c b/plugins/check_users.c
index f6f4b36..2a9ee98 100644
--- a/plugins/check_users.c
+++ b/plugins/check_users.c
@@ -1,33 +1,33 @@
 /*****************************************************************************
-* 
+*
 * Monitoring check_users plugin
-* 
+*
 * License: GPL
 * Copyright (c) 2000-2012 Monitoring Plugins Development Team
-* 
+*
 * Description:
-* 
+*
 * This file contains the check_users plugin
-* 
+*
 * This plugin checks the number of users currently logged in on the local
 * system and generates an error if the number exceeds the thresholds
 * specified.
-* 
-* 
+*
+*
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
-* 
+*
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
-* 
+*
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
-* 
-* 
+*
+*
 *****************************************************************************/
 
 const char *progname = "check_users";
@@ -48,6 +48,11 @@ const char *email = "devel@monitoring-plugins.org";
 # include "popen.h"
 #endif
 
+#ifdef HAVE_LIBSYSTEMD
+#include <systemd/sd-daemon.h>
+#include <systemd/sd-login.h>
+#endif
+
 #define possibly_set(a,b) ((a) == 0 ? (b) : 0)
 
 int process_arguments (int, char **);
@@ -85,6 +90,11 @@ main (int argc, char **argv)
 
         users = 0;
 
+#ifdef HAVE_LIBSYSTEMD
+        if (sd_booted () > 0)
+                users = sd_get_sessions (NULL);
+        else {
+#endif
 #if HAVE_WTSAPI32_H
         if (!WTSEnumerateSessions(WTS_CURRENT_SERVER_HANDLE,
           0, 1, &wtsinfo, &wtscount)) {
@@ -156,6 +166,9 @@ main (int argc, char **argv)
         if (spclose (child_process))
                 result = possibly_set (result, STATE_UNKNOWN);
 #endif
+#ifdef HAVE_LIBSYSTEMD
+        }
+#endif
 
         /* check the user count against warning and critical thresholds */
         result = get_status((double)users, thlds);
@@ -163,7 +176,7 @@ main (int argc, char **argv)
         if (result == STATE_UNKNOWN)
                 printf ("%s\n", _("Unable to read output"));
         else {
-                printf (_("USERS %s - %d users currently logged in |%s\n"), 
+                printf (_("USERS %s - %d users currently logged in |%s\n"),
                                 state_text(result), users,
                                 sperfdata_int("users", users, "", warning_range,
                                                         critical_range, TRUE, 0, FALSE, 0));
diff --git a/plugins/picohttpparser/picohttpparser.c b/plugins/picohttpparser/picohttpparser.c
index d9680b7..d0bfac6 100644
--- a/plugins/picohttpparser/picohttpparser.c
+++ b/plugins/picohttpparser/picohttpparser.c
@@ -400,7 +400,7 @@ int phr_parse_request(const char *buf_start, size_t len, const char **method, si
     *num_headers = 0;
 
     /* if last_len != 0, check if the request is complete (a fast countermeasure
-       againt slowloris */
+       against slowloris */
     if (last_len != 0 && is_complete(buf, buf_end, last_len, &r) == NULL) {
         return r;
     }
@@ -435,7 +435,7 @@ static const char *parse_response(const char *buf, const char *buf_end, int *maj
     }
     PARSE_INT_3(status);
 
-    /* get message includig preceding space */
+    /* get message including preceding space */
     if ((buf = get_token_to_eol(buf, buf_end, msg, msg_len, ret)) == NULL) {
         return NULL;
     }
diff --git a/plugins/popen.c b/plugins/popen.c
index 9eb49b6..723817d 100644
--- a/plugins/popen.c
+++ b/plugins/popen.c
@@ -14,7 +14,7 @@
 * FILE * spopen(const char *);
 * int spclose(FILE *);
 * 
-* Code taken with liitle modification from "Advanced Programming for the Unix
+* Code taken with little modification from "Advanced Programming for the Unix
 * Environment" by W. Richard Stevens
 * 
 * This is considered safe in that no shell is spawned, and the environment
diff --git a/plugins/runcmd.c b/plugins/runcmd.c
index a7155d2..c1d675d 100644
--- a/plugins/runcmd.c
+++ b/plugins/runcmd.c
@@ -44,6 +44,8 @@
 # include <sys/wait.h>
 #endif
 
+#include "./utils.h"
+
 /** macros **/
 #ifndef WEXITSTATUS
 # define WEXITSTATUS(stat_val) ((unsigned)(stat_val) >> 8)
@@ -203,7 +205,7 @@ np_runcmd_open(const char *cmdstring, int *pfd, int *pfderr)
         }
 
         /* parent picks up execution here */
-        /* close childs descriptors in our address space */
+        /* close children descriptors in our address space */
         close(pfd[1]);
         close(pfderr[1]);
 
diff --git a/plugins/t/check_by_ssh.t b/plugins/t/check_by_ssh.t
index 1d2939e..b6479f1 100644
--- a/plugins/t/check_by_ssh.t
+++ b/plugins/t/check_by_ssh.t
@@ -19,19 +19,19 @@ plan skip_all => "SSH_HOST and SSH_IDENTITY must be defined" unless ($ssh_servic
 plan tests => 42;
 
 # Some random check strings/response
-my @responce = ('OK: Everything is fine',
+my @response = ('OK: Everything is fine',
                 'WARNING: Hey, pick me, pick me',
                 'CRITICAL: Shit happens',
                 'UNKNOWN: What can I do for ya',
                 'WOOPS: What did I smoke',
 );
-my @responce_re;
+my @response_re;
 my @check;
-for (@responce) {
+for (@response) {
         push(@check, "echo $_");
         my $re_str = $_;
         $re_str =~ s{(.)} { "\Q$1" }ge;
-        push(@responce_re, $re_str);
+        push(@response_re, $re_str);
 }
 
 my $result;
@@ -47,7 +47,7 @@ for (my $i=0; $i<4; $i++) {
                 "./check_by_ssh -i $ssh_key -H $ssh_service -C '$check[$i]; exit $i'"
                 );
         cmp_ok($result->return_code, '==', $i, "Exit with return code $i");
-        is($result->output, $responce[$i], "Status text is correct for check $i");
+        is($result->output, $response[$i], "Status text is correct for check $i");
 }
 
 $result = NPTest->testCmd(
@@ -84,7 +84,7 @@ $result = NPTest->testCmd(
         "./check_by_ssh -i $ssh_key -H $ssh_service -C '$check[4]; exit 8'"
         );
 cmp_ok($result->return_code, '==', 8, "Exit with return code 8 (out of bounds)");
-is($result->output, $responce[4], "Return proper status text even with unknown status codes");
+is($result->output, $response[4], "Return proper status text even with unknown status codes");
 
 $result = NPTest->testCmd(
         "./check_by_ssh -i $ssh_key -H $ssh_service -F $ssh_conf -C 'exit 0'"
@@ -108,7 +108,7 @@ my %linemap = (
 foreach my $line (0, 2, 4, 6) {
         my $code = $linemap{$line};
         my $statline = $line+1;
-        is($lines[$line], "$responce[$code]", "multiple checks status text is correct for line $line");
+        is($lines[$line], "$response[$code]", "multiple checks status text is correct for line $line");
         is($lines[$statline], "STATUS CODE: $code", "multiple check status code is correct for line $line");
 }
 
@@ -124,7 +124,7 @@ close(PASV) or die("Unable to close '/tmp/check_by_ssh.$$': $!");
 cmp_ok(scalar(@pasv), '==', 1, 'One passive result for one check performed');
 for (0) {
         if ($pasv[$_]) {
-                like($pasv[$_], '/^\[\d+\] PROCESS_SERVICE_CHECK_RESULT;flint;serv;2;' . $responce_re[2] . '$/', 'proper result for passive check');
+                like($pasv[$_], '/^\[\d+\] PROCESS_SERVICE_CHECK_RESULT;flint;serv;2;' . $response_re[2] . '$/', 'proper result for passive check');
         } else {
                 fail('proper result for passive check');
         }
@@ -144,7 +144,7 @@ for (0, 1, 2, 3, 4) {
         if ($pasv[$_]) {
                 my $ret = $_;
                 $ret = 9 if ($_ == 4);
-                like($pasv[$_], '/^\[\d+\] PROCESS_SERVICE_CHECK_RESULT;flint;c' . $_ . ';' . $ret . ';' . $responce_re[$_] . '$/', "proper result for passive check $_");
+                like($pasv[$_], '/^\[\d+\] PROCESS_SERVICE_CHECK_RESULT;flint;c' . $_ . ';' . $ret . ';' . $response_re[$_] . '$/', "proper result for passive check $_");
         } else {
                 fail("proper result for passive check $_");
         }
diff --git a/plugins/t/check_disk.t b/plugins/t/check_disk.t
index c8f08f5..ca035ce 100644
--- a/plugins/t/check_disk.t
+++ b/plugins/t/check_disk.t
@@ -326,19 +326,19 @@ cmp_ok( $result->return_code, '==', 0, "grouping: exit ok if the sum of free meg
 $result = NPTest->testCmd( "./check_disk -w ". ($free_mb_on_all - 1) ." -c ". ($free_mb_on_all - 1) ." -p $mountpoint_valid -g group -p $mountpoint2_valid" );
 cmp_ok( $result->return_code, '==', 3, "Invalid options: -p must come after groupname");
 
-# regex: exit unknown if given regex is not compileable
+# regex: exit unknown if given regex is not compilable
 $result = NPTest->testCmd( "./check_disk -w 1 -c 1 -r '('" );
-cmp_ok( $result->return_code, '==', 3, "Exit UNKNOWN if regex is not compileable");
+cmp_ok( $result->return_code, '==', 3, "Exit UNKNOWN if regex is not compilable");
 
-# ignore: exit unknown, if all pathes are deselected using -i
+# ignore: exit unknown, if all paths are deselected using -i
 $result = NPTest->testCmd( "./check_disk -w 0% -c 0% -p $mountpoint_valid -p $mountpoint2_valid -i '$mountpoint_valid' -i '$mountpoint2_valid'" );
 cmp_ok( $result->return_code, '==', 3, "ignore-ereg: Unknown if all fs are ignored (case sensitive)");
 
-# ignore: exit unknown, if all pathes are deselected using -I
+# ignore: exit unknown, if all paths are deselected using -I
 $result = NPTest->testCmd( "./check_disk -w 0% -c 0% -p $mountpoint_valid -p $mountpoint2_valid -I '".uc($mountpoint_valid)."' -I '".uc($mountpoint2_valid)."'" );
 cmp_ok( $result->return_code, '==', 3, "ignore-ereg: Unknown if all fs are ignored (case insensitive)");
 
-# ignore: exit unknown, if all pathes are deselected using -i
+# ignore: exit unknown, if all paths are deselected using -i
 $result = NPTest->testCmd( "./check_disk -w 0% -c 0% -p $mountpoint_valid -p $mountpoint2_valid -i '.*'" );
 cmp_ok( $result->return_code, '==', 3, "ignore-ereg: Unknown if all fs are ignored using -i '.*'");
 
@@ -347,7 +347,7 @@ $result = NPTest->testCmd( "./check_disk -w 0% -c 0% -p $mountpoint_valid -p $mo
 like( $result->output, qr/$mountpoint_valid/, "output data does have $mountpoint_valid in it");
 unlike( $result->output, qr/$mountpoint2_valid/, "output data does not have $mountpoint2_valid in it");
 
-# ignore: test if all pathes are listed when ignore regex doesn't match
+# ignore: test if all paths are listed when ignore regex doesn't match
 $result = NPTest->testCmd( "./check_disk -w 0% -c 0% -p $mountpoint_valid -p $mountpoint2_valid -i '^barbazJodsf\$'");
 like( $result->output, qr/$mountpoint_valid/, "ignore: output data does have $mountpoint_valid when regex doesn't match");
 like( $result->output, qr/$mountpoint2_valid/,"ignore: output data does have $mountpoint2_valid when regex doesn't match");
diff --git a/plugins/t/check_http.t b/plugins/t/check_http.t
index 1ca52f6..1f2fbdf 100644
--- a/plugins/t/check_http.t
+++ b/plugins/t/check_http.t
@@ -178,13 +178,13 @@ SKIP: {
 
         $res = NPTest->testCmd( "./$plugin -I $host_tcp_proxy -p $port_tcp_proxy -u http://$host_tcp_http -e 200,301,302");
         is( $res->return_code, 0, "Proxy HTTP works");
-        like($res->output, qr/OK: Status line output matched/, "Proxy HTTP Output is sufficent");
+        like($res->output, qr/OK: Status line output matched/, "Proxy HTTP Output is sufficient");
 
         $res = NPTest->testCmd( "./$plugin -I $host_tcp_proxy -p $port_tcp_proxy -H $host_tls_http -S -j CONNECT");
         is( $res->return_code, 0, "Proxy HTTP CONNECT works");
-        like($res->output, qr/HTTP OK:/, "Proxy HTTP CONNECT output sufficent");
+        like($res->output, qr/HTTP OK:/, "Proxy HTTP CONNECT output sufficient");
 
         $res = NPTest->testCmd( "./$plugin -I $host_tcp_proxy -p $port_tcp_proxy -H $host_tls_http -S -j CONNECT:HEAD");
         is( $res->return_code, 0, "Proxy HTTP CONNECT works with override method");
-        like($res->output, qr/HTTP OK:/, "Proxy HTTP CONNECT output sufficent");
+        like($res->output, qr/HTTP OK:/, "Proxy HTTP CONNECT output sufficient");
 }
diff --git a/plugins/t/check_mysql.t b/plugins/t/check_mysql.t
index e426bf5..baf3acc 100644
--- a/plugins/t/check_mysql.t
+++ b/plugins/t/check_mysql.t
@@ -5,7 +5,7 @@
 #
 #
 # These are the database permissions required for this test:
-#  GRANT SELECT ON $db.* TO $user@$host INDENTIFIED BY '$password';
+#  GRANT SELECT ON $db.* TO $user@$host IDENTIFIED BY '$password';
 #  GRANT SUPER, REPLICATION CLIENT ON *.* TO $user@$host;
 # Check with:
 #  mysql -u$user -p$password -h$host $db
@@ -23,9 +23,9 @@ plan tests => 15;
 my $bad_login_output = '/Access denied for user /';
 my $mysqlserver         = getTestParameter("NP_MYSQL_SERVER", "A MySQL Server hostname or IP with no slaves setup");
 my $mysqlsocket         = getTestParameter("NP_MYSQL_SOCKET", "Full path to a MySQL Server socket with no slaves setup");
-my $mysql_login_details = getTestParameter("NP_MYSQL_LOGIN_DETAILS", "Command line parameters to specify login access (requires REPLICATION CLIENT privleges)", "-u test -ptest");
+my $mysql_login_details = getTestParameter("NP_MYSQL_LOGIN_DETAILS", "Command line parameters to specify login access (requires REPLICATION CLIENT privileges)", "-u test -ptest");
 my $with_slave          = getTestParameter("NP_MYSQL_WITH_SLAVE", "MySQL server with slaves setup");
-my $with_slave_login    = getTestParameter("NP_MYSQL_WITH_SLAVE_LOGIN", "Login details for server with slave (requires REPLICATION CLIENT privleges)", $mysql_login_details || "-u test -ptest");
+my $with_slave_login    = getTestParameter("NP_MYSQL_WITH_SLAVE_LOGIN", "Login details for server with slave (requires REPLICATION CLIENT privileges)", $mysql_login_details || "-u test -ptest");
 
 my $result;
 
diff --git a/plugins/t/check_mysql_query.t b/plugins/t/check_mysql_query.t
index 96899ac..c30245b 100644
--- a/plugins/t/check_mysql_query.t
+++ b/plugins/t/check_mysql_query.t
@@ -31,7 +31,7 @@ $result = NPTest->testCmd("./check_mysql_query -q 'SELECT 1+1' -H $mysqlserver $
 cmp_ok( $result->return_code, '==', 0, "Can run query");
 
 $result = NPTest->testCmd("./check_mysql_query -H $mysqlserver $mysql_login_details");
-cmp_ok( $result->return_code, '==', 3, "Missing query parmeter");
+cmp_ok( $result->return_code, '==', 3, "Missing query parameter");
 like( $result->output, "/Must specify a SQL query to run/", "Missing query error message");
 
 $result = NPTest->testCmd("./check_mysql_query -q 'SELECT 1+1' -H $mysqlserver -u dummy -d mysql");
diff --git a/plugins/t/check_nagios.t b/plugins/t/check_nagios.t
index 81fc24d..f38f5e9 100644
--- a/plugins/t/check_nagios.t
+++ b/plugins/t/check_nagios.t
@@ -36,7 +36,7 @@ cmp_ok( $result->return_code, '==', 1, "Log over 5 minutes old" );
 like  ( $result->output, $warningOutput, "Output for warning correct" );
 
 my $now = time;
-# This substitution is dependant on the testcase
+# This substitution is dependent on the testcase
 system( "perl -pe 's/1133537544/$now/' $nagios1 > $nagios1.tmp" ) == 0 or die "Problem with munging $nagios1";
 
 $result = NPTest->testCmd(
diff --git a/plugins/t/check_smtp.t b/plugins/t/check_smtp.t
index aa6dae4..1a1ebe3 100644
--- a/plugins/t/check_smtp.t
+++ b/plugins/t/check_smtp.t
@@ -8,12 +8,14 @@ use strict;
 use Test::More;
 use NPTest;
 
-my $host_tcp_smtp      = getTestParameter( "NP_HOST_TCP_SMTP", 
+my $host_tcp_smtp            = getTestParameter( "NP_HOST_TCP_SMTP",
                                            "A host providing an SMTP Service (a mail server)", "mailhost");
-my $host_tcp_smtp_tls  = getTestParameter( "NP_HOST_TCP_SMTP_TLS",
+my $host_tcp_smtp_starttls   = getTestParameter( "NP_HOST_TCP_SMTP_STARTTLS",
+                                           "A host providing SMTP with STARTTLS", $host_tcp_smtp);
+my $host_tcp_smtp_nostarttls = getTestParameter( "NP_HOST_TCP_SMTP_NOSTARTTLS",
+                                           "A host providing SMTP without STARTTLS", "");
+my $host_tcp_smtp_tls        = getTestParameter( "NP_HOST_TCP_SMTP_TLS",
                                            "A host providing SMTP with TLS", $host_tcp_smtp);
-my $host_tcp_smtp_notls = getTestParameter( "NP_HOST_TCP_SMTP_NOTLS",
-                                           "A host providing SMTP without TLS", "");
 
 my $host_nonresponsive = getTestParameter( "NP_HOST_NONRESPONSIVE", 
                                            "The hostname of system not responsive to network requests", "10.0.0.1" );
@@ -22,7 +24,7 @@ my $hostname_invalid   = getTestParameter( "NP_HOSTNAME_INVALID",
                                            "An invalid (not known to DNS) hostname", "nosuchhost" );
 my $res;
 
-plan tests => 10;
+plan tests => 16;
 
 SKIP: {
         skip "No SMTP server defined", 4 unless $host_tcp_smtp;
@@ -42,22 +44,38 @@ SKIP: {
                 local $TODO = "Output is over two lines";
                 like ( $res->output, qr/^SMTP WARNING/, "Correct error message" );
         }
+
+        $res = NPTest->testCmd( "./check_smtp -H $host_tcp_smtp --ssl -p 25" );
+        is ($res->return_code, 2, "Check rc of connecting to $host_tcp_smtp with TLS on standard SMTP port" );
+        like ($res->output, qr/^CRITICAL - Cannot make SSL connection\./, "Check output of connecting to $host_tcp_smtp with TLS on standard SMTP port");
 }
 
 SKIP: {
-        skip "No SMTP server with TLS defined", 1 unless $host_tcp_smtp_tls;
-        # SSL connection for TLS
-        $res = NPTest->testCmd( "./check_smtp -H $host_tcp_smtp_tls -p 25 -S" );
+        skip "No SMTP server with STARTTLS defined", 1 unless $host_tcp_smtp_starttls;
+        # SSL connection for STARTTLS
+        $res = NPTest->testCmd( "./check_smtp -H $host_tcp_smtp_starttls -p 25 -S" );
         is ($res->return_code, 0, "OK, with STARTTLS" );
 }
 
 SKIP: {
-        skip "No SMTP server without TLS defined", 2 unless $host_tcp_smtp_notls;
-        $res = NPTest->testCmd( "./check_smtp -H $host_tcp_smtp_notls -p 25 -S" );
-        is ($res->return_code, 1, "OK, got warning from server without TLS");
+        skip "No SMTP server without STARTTLS defined", 2 unless $host_tcp_smtp_nostarttls;
+        $res = NPTest->testCmd( "./check_smtp -H $host_tcp_smtp_nostarttls -p 25 -S" );
+        is ($res->return_code, 1, "OK, got warning from server without STARTTLS");
         is ($res->output, "WARNING - TLS not supported by server", "Right error message" );
 }
 
+SKIP: {
+        skip "No SMTP server with TLS defined", 1 unless $host_tcp_smtp_tls;
+        $res = NPTest->testCmd( "./check_smtp -H $host_tcp_smtp_tls --ssl" );
+        is ($res->return_code, 0, "Check rc of connecting to $host_tcp_smtp_tls with TLS" );
+        like ($res->output, qr/^SMTP OK - /, "Check output of connecting to $host_tcp_smtp_tls with TLS" );
+
+        my $unused_port = 4465;
+        $res = NPTest->testCmd( "./check_smtp -H $host_tcp_smtp_tls -p $unused_port --ssl" );
+        is ($res->return_code, 2, "Check rc of connecting to $host_tcp_smtp_tls with TLS on unused port $unused_port" );
+        like ($res->output, qr/^connect to address $host_tcp_smtp_tls and port $unused_port: Connection refused/, "Check output of connecting to $host_tcp_smtp_tls with TLS on unused port $unused_port");
+}
+
 $res = NPTest->testCmd( "./check_smtp $host_nonresponsive" );
 is ($res->return_code, 2, "CRITICAL - host non responding" );
 
diff --git a/plugins/t/check_snmp.t b/plugins/t/check_snmp.t
index f2f218f..576cc50 100644
--- a/plugins/t/check_snmp.t
+++ b/plugins/t/check_snmp.t
@@ -26,22 +26,22 @@ $res = NPTest->testCmd( "./check_snmp -t 1" );
 is( $res->return_code, 3, "No host name" );
 is( $res->output, "No host specified" );
 
-$res = NPTest->testCmd( "./check_snmp -H fakehostname" );
+$res = NPTest->testCmd( "./check_snmp -H fakehostname --ignore-mib-parsing-errors" );
 is( $res->return_code, 3, "No OIDs specified" );
 is( $res->output, "No OIDs specified" );
 
-$res = NPTest->testCmd( "./check_snmp -H fakehost -o oids -P 3 -U not_a_user --seclevel=rubbish" );
+$res = NPTest->testCmd( "./check_snmp -H fakehost --ignore-mib-parsing-errors -o oids -P 3 -U not_a_user --seclevel=rubbish" );
 is( $res->return_code, 3, "Invalid seclevel" );
 like( $res->output, "/check_snmp: Invalid seclevel - rubbish/" );
 
-$res = NPTest->testCmd( "./check_snmp -H fakehost -o oids -P 3c" );
+$res = NPTest->testCmd( "./check_snmp -H fakehost --ignore-mib-parsing-errors -o oids -P 3c" );
 is( $res->return_code, 3, "Invalid protocol" );
 like( $res->output, "/check_snmp: Invalid SNMP version - 3c/" );
 
 SKIP: {
     skip "no snmp host defined", 50 if ( ! $host_snmp );
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -w 1: -c 1:");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -w 1: -c 1:");
     cmp_ok( $res->return_code, '==', 0, "Exit OK when querying uptime" );
     like($res->output, '/^SNMP OK - (\d+)/', "String contains SNMP OK");
     $res->output =~ /^SNMP OK - (\d+)/;
@@ -51,111 +51,111 @@ SKIP: {
 
 
     # some more threshold tests
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -c 1");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -c 1");
     cmp_ok( $res->return_code, '==', 2, "Threshold test -c 1" );
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -c 1:");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -c 1:");
     cmp_ok( $res->return_code, '==', 0, "Threshold test -c 1:" );
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -c ~:1");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -c ~:1");
     cmp_ok( $res->return_code, '==', 2, "Threshold test -c ~:1" );
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -c 1:10");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -c 1:10");
     cmp_ok( $res->return_code, '==', 2, "Threshold test -c 1:10" );
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -c \@1:10");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -c \@1:10");
     cmp_ok( $res->return_code, '==', 0, "Threshold test -c \@1:10" );
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -c 10:1");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -c 10:1");
     cmp_ok( $res->return_code, '==', 0, "Threshold test -c 10:1" );
 
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o .1.3.6.1.2.1.1.3.0 -w 1: -c 1:");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o .1.3.6.1.2.1.1.3.0 -w 1: -c 1:");
     cmp_ok( $res->return_code, '==', 0, "Test with numeric OID (no mibs loaded)" );
     like($res->output, '/^SNMP OK - \d+/', "String contains SNMP OK");
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysDescr.0");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysDescr.0");
     cmp_ok( $res->return_code, '==', 0, "Exit OK when querying sysDescr" );
     unlike($res->perf_output, '/sysDescr/', "Perfdata doesn't contain string values");
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysDescr.0,system.sysDescr.0");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysDescr.0,system.sysDescr.0");
     cmp_ok( $res->return_code, '==', 0, "Exit OK when querying two string OIDs, comma-separated" );
     like($res->output, '/^SNMP OK - /', "String contains SNMP OK");
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysDescr.0 -o system.sysDescr.0");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysDescr.0 -o system.sysDescr.0");
     cmp_ok( $res->return_code, '==', 0, "Exit OK when querying two string OIDs, repeated option" );
     like($res->output, '/^SNMP OK - /', "String contains SNMP OK");
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w 1:1 -c 1:1");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w 1:1 -c 1:1");
     cmp_ok( $res->return_code, '==', 0, "Exit OK when querying hrSWRunIndex.1" );
     like($res->output, '/^SNMP OK - 1\s.*$/', "String fits SNMP OK and output format");
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w 0   -c 1:");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w 0   -c 1:");
     cmp_ok( $res->return_code, '==', 1, "Exit WARNING when querying hrSWRunIndex.1 and warn-th doesn't apply " );
     like($res->output, '/^SNMP WARNING - \*1\*\s.*$/', "String matches SNMP WARNING and output format");
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w  :0 -c 0");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w  :0 -c 0");
     cmp_ok( $res->return_code, '==', 2, "Exit CRITICAL when querying hrSWRunIndex.1 and crit-th doesn't apply" );
     like($res->output, '/^SNMP CRITICAL - \*1\*\s.*$/', "String matches SNMP CRITICAL and output format");
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o ifIndex.2,ifIndex.1 -w 1:2 -c 1:2");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o ifIndex.2,ifIndex.1 -w 1:2 -c 1:2");
     cmp_ok( $res->return_code, '==', 0, "Checking two OIDs at once" );
     like($res->output, "/^SNMP OK - 2 1/", "Got two values back" );
     like( $res->perf_output, "/ifIndex.2=2/", "Got 1st perf data" );
     like( $res->perf_output, "/ifIndex.1=1/", "Got 2nd perf data" );
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o ifIndex.2,ifIndex.1 -w 1:2,1:2 -c 2:2,2:2");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o ifIndex.2,ifIndex.1 -w 1:2,1:2 -c 2:2,2:2");
     cmp_ok( $res->return_code, '==', 2, "Checking critical threshold is passed if any one value crosses" );
     like($res->output, "/^SNMP CRITICAL - 2 *1*/", "Got two values back" );
     like( $res->perf_output, "/ifIndex.2=2/", "Got 1st perf data" );
     like( $res->perf_output, "/ifIndex.1=1/", "Got 2nd perf data" );
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrStorage.hrMemorySize.0,host.hrSystem.hrSystemProcesses.0 -w 1:,1: -c 1:,1:");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrStorage.hrMemorySize.0,host.hrSystem.hrSystemProcesses.0 -w 1:,1: -c 1:,1:");
     cmp_ok( $res->return_code, '==', 0, "Exit OK when querying hrMemorySize and hrSystemProcesses");
     like($res->output, '/^SNMP OK - \d+ \d+/', "String contains hrMemorySize and hrSystemProcesses");
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w \@:0 -c \@0");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w \@:0 -c \@0");
     cmp_ok( $res->return_code, '==', 0, "Exit OK with inside-range thresholds");
     like($res->output, '/^SNMP OK - 1\s.*$/', "String matches SNMP OK and output format");
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o enterprises.ucdavis.laTable.laEntry.laLoad.3");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o enterprises.ucdavis.laTable.laEntry.laLoad.3");
     $res->output =~ m/^SNMP OK - (\d+\.\d{2})\s.*$/;
     my $lower = $1 - 0.05;
     my $higher = $1 + 0.05;
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o enterprises.ucdavis.laTable.laEntry.laLoad.3 -w $lower -c $higher");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o enterprises.ucdavis.laTable.laEntry.laLoad.3 -w $lower -c $higher");
     cmp_ok( $res->return_code, '==', 1, "Exit WARNING with fractionnal arguments");
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0,host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w ,:0 -c ,:2");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0,host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w ,:0 -c ,:2");
     cmp_ok( $res->return_code, '==', 1, "Exit WARNING on 2nd threshold");
     like($res->output, '/^SNMP WARNING - Timeticks:\s\(\d+\)\s+(?:\d+ days?,\s+)?\d+:\d+:\d+\.\d+\s+\*1\*\s.*$/', "First OID returned as string, 2nd checked for thresholds");
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w '' -c ''");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w '' -c ''");
     cmp_ok( $res->return_code, '==', 0, "Empty thresholds doesn't crash");
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrStorage.hrMemorySize.0,host.hrSystem.hrSystemProcesses.0 -w ,,1 -c ,,2");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrStorage.hrMemorySize.0,host.hrSystem.hrSystemProcesses.0 -w ,,1 -c ,,2");
     cmp_ok( $res->return_code, '==', 0, "Skipping first two thresholds on 2 OID check");
     like($res->output, '/^SNMP OK - \d+ \w+ \d+\s.*$/', "Skipping first two thresholds, result printed rather than parsed");
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrStorage.hrMemorySize.0,host.hrSystem.hrSystemProcesses.0 -w ,, -c ,,");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrStorage.hrMemorySize.0,host.hrSystem.hrSystemProcesses.0 -w ,, -c ,,");
     cmp_ok( $res->return_code, '==', 0, "Skipping all thresholds");
     like($res->output, '/^SNMP OK - \d+ \w+ \d+\s.*$/', "Skipping all thresholds, result printed rather than parsed");
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -c 1000000000000: -u '1/100 sec'");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -c 1000000000000: -u '1/100 sec'");
     cmp_ok( $res->return_code, '==', 2, "Timetick used as a threshold");
     like($res->output, '/^SNMP CRITICAL - \*\d+\* 1\/100 sec.*$/', "Timetick used as a threshold, parsed as numeric");
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0");
     cmp_ok( $res->return_code, '==', 0, "Timetick used as a string");
     like($res->output, '/^SNMP OK - Timeticks:\s\(\d+\)\s+(?:\d+ days?,\s+)?\d+:\d+:\d+\.\d+\s.*$/', "Timetick used as a string, result printed rather than parsed");
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o HOST-RESOURCES-MIB::hrSWRunName.1");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o HOST-RESOURCES-MIB::hrSWRunName.1");
     cmp_ok( $res->return_code, '==', 0, "snmp response without datatype");
     like( $res->output, '/^SNMP OK - "(systemd|init)" \| $/', "snmp response without datatype" );
 }
 
 SKIP: {
     skip "no SNMP user defined", 1 if ( ! $user_snmp );
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -o HOST-RESOURCES-MIB::hrSystemUptime.0 -P 3 -U $user_snmp -L noAuthNoPriv");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -o HOST-RESOURCES-MIB::hrSystemUptime.0 -P 3 -U $user_snmp -L noAuthNoPriv");
     like( $res->output, '/^SNMP OK - Timeticks:\s\(\d+\)\s+(?:\d+ days?,\s+)?\d+:\d+:\d+\.\d+\s.*$/', "noAuthNoPriv security level works properly" );
 }
 
@@ -163,14 +163,14 @@ SKIP: {
 # the tests can run on hosts w/o snmp host/community in NPTest.cache. Execution will fail anyway
 SKIP: {
     skip "no non responsive host defined", 2 if ( ! $host_nonresponsive );
-    $res = NPTest->testCmd( "./check_snmp -H $host_nonresponsive -C np_foobar -o system.sysUpTime.0 -w 1: -c 1:");
+    $res = NPTest->testCmd( "./check_snmp -H $host_nonresponsive --ignore-mib-parsing-errors -C np_foobar -o system.sysUpTime.0 -w 1: -c 1:");
     cmp_ok( $res->return_code, '==', 2, "Exit CRITICAL with non responsive host" );
     like($res->output, '/Plugin timed out while executing system call/', "String matches timeout problem");
 }
 
 SKIP: {
     skip "no non invalid host defined", 2 if ( ! $hostname_invalid );
-    $res = NPTest->testCmd( "./check_snmp -H $hostname_invalid   -C np_foobar -o system.sysUpTime.0 -w 1: -c 1:");
+    $res = NPTest->testCmd( "./check_snmp -H $hostname_invalid --ignore-mib-parsing-errors -C np_foobar -o system.sysUpTime.0 -w 1: -c 1:");
     cmp_ok( $res->return_code, '==', 3, "Exit UNKNOWN with non responsive host" );
-    like($res->output, '/External command error: .*(nosuchhost|Name or service not known|Unknown host)/', "String matches invalid host");
+    like($res->output, '/External command error: .*(nosuchhost|Name or service not known|Unknown host).*/s', "String matches invalid host");
 }
diff --git a/plugins/t/negate.t b/plugins/t/negate.t
index d96a109..5ec1c84 100644
--- a/plugins/t/negate.t
+++ b/plugins/t/negate.t
@@ -84,7 +84,7 @@ foreach my $current_state (keys(%state)) {
         foreach my $new_state (keys(%state)) {
                 $res = NPTest->testCmd( "./negate -s --$current_state=$new_state ./check_dummy ".$state{$current_state}." 'Fake $new_state'" );
                 is( $res->return_code, $state{$new_state}, "Got fake $new_state (with substitute)" );
-                is( $res->output, uc($new_state).": Fake $new_state", "Substitued fake $new_state output");
+                is( $res->output, uc($new_state).": Fake $new_state", "Substituted fake $new_state output");
         }
 }
 
diff --git a/plugins/tests/check_snmp.t b/plugins/tests/check_snmp.t
index bc03ec6..bfe42e1 100755
--- a/plugins/tests/check_snmp.t
+++ b/plugins/tests/check_snmp.t
@@ -53,7 +53,7 @@ if ($pid) {
         #print "child\n";
 
         print "Please contact SNMP at: $port_snmp\n";
-        close(STDERR); # Coment out to debug snmpd problems (most errors sent there are OK)
+        close(STDERR); # Comment out to debug snmpd problems (most errors sent there are OK)
         exec("snmpd -c tests/conf/snmpd.conf -C -f -r udp:$port_snmp");
 }
 
@@ -227,7 +227,7 @@ is($res->output, 'SNMP OK - "555\"I said\"" | ', "Check string with a double quo
 
 $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.15 -r 'CUSTOM CHECK OK'" );
 is($res->return_code, 0, "String check should check whole string, not a parsed number" );
-is($res->output, 'SNMP OK - "CUSTOM CHECK OK: foo is 12345" | ', "String check witn numbers returns whole string");
+is($res->output, 'SNMP OK - "CUSTOM CHECK OK: foo is 12345" | ', "String check with numbers returns whole string");
 
 $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.16 -w -2: -c -3:" );
 is($res->return_code, 0, "Negative integer check OK" );
diff --git a/plugins/utils.h b/plugins/utils.h
index 5b54da3..c76b321 100644
--- a/plugins/utils.h
+++ b/plugins/utils.h
@@ -7,7 +7,7 @@
 /* The purpose of this package is to provide safer alternatives to C
 functions that might otherwise be vulnerable to hacking. This
 currently includes a standard suite of validation routines to be sure
-that an string argument acually converts to its intended type and a
+that an string argument actually converts to its intended type and a
 suite of string handling routine that do their own memory management
 in order to resist overflow attacks. In addition, a few functions are
 provided to standardize version and error reporting across the entire