Merge branch 'master' into patch-chunk-nobodyrefs/pull/1901/head

7 files changed, 177 insertions, 92 deletions

diff --git a/plugins/Makefile.am b/plugins/Makefile.am
index ab59eb7..49086b7 100644
--- a/plugins/Makefile.am
+++ b/plugins/Makefile.am
@@ -112,7 +112,7 @@ check_tcp_LDADD = $(SSLOBJS)
 check_time_LDADD = $(NETLIBS)
 check_ntp_time_LDADD = $(NETLIBS) $(MATHLIBS)
 check_ups_LDADD = $(NETLIBS)
-check_users_LDADD = $(BASEOBJS) $(WTSAPI32LIBS)
+check_users_LDADD = $(BASEOBJS) $(WTSAPI32LIBS) $(SYSTEMDLIBS)
 check_by_ssh_LDADD = $(NETLIBS)
 check_ide_smart_LDADD = $(BASEOBJS)
 negate_LDADD = $(BASEOBJS)
diff --git a/plugins/check_radius.c b/plugins/check_radius.c
index 984aa37..b1b4938 100644
--- a/plugins/check_radius.c
+++ b/plugins/check_radius.c
@@ -381,7 +381,7 @@ print_help (void)
   printf ("\n");
   printf ("%s\n", _("This plugin tests a RADIUS server to see if it is accepting connections."));
   printf ("%s\n", _("The server to test must be specified in the invocation, as well as a user"));
-  printf ("%s\n", _("name and password. A configuration file may also be present. The format of"));
+  printf ("%s\n", _("name and password. A configuration file must be present. The format of"));
   printf ("%s\n", _("the configuration file is described in the radiusclient library sources."));
         printf ("%s\n", _("The password option presents a substantial security issue because the"));
   printf ("%s\n", _("password can possibly be determined by careful watching of the command line"));
diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c
index 996bd87..fc0ae2c 100644
--- a/plugins/check_smtp.c
+++ b/plugins/check_smtp.c
@@ -42,15 +42,16 @@ const char *email = "devel@monitoring-plugins.org";
 #ifdef HAVE_SSL
 int check_cert = FALSE;
 int days_till_exp_warn, days_till_exp_crit;
-#  define my_recv(buf, len) ((use_ssl && ssl_established) ? np_net_ssl_read(buf, len) : read(sd, buf, len))
-#  define my_send(buf, len) ((use_ssl && ssl_established) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0))
+#  define my_recv(buf, len) (((use_starttls || use_ssl) && ssl_established) ? np_net_ssl_read(buf, len) : read(sd, buf, len))
+#  define my_send(buf, len) (((use_starttls || use_ssl) && ssl_established) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0))
 #else /* ifndef HAVE_SSL */
 #  define my_recv(buf, len) read(sd, buf, len)
 #  define my_send(buf, len) send(sd, buf, len, 0)
 #endif
 
 enum {
-        SMTP_PORT       = 25
+        SMTP_PORT       = 25,
+        SMTPS_PORT      = 465
 };
 #define PROXY_PREFIX "PROXY TCP4 0.0.0.0 0.0.0.0 25 25\r\n"
 #define SMTP_EXPECT "220"
@@ -83,6 +84,7 @@ int eflags = 0;
 int errcode, excode;
 
 int server_port = SMTP_PORT;
+int server_port_option = 0;
 char *server_address = NULL;
 char *server_expect = NULL;
 char *mail_command = NULL;
@@ -103,6 +105,7 @@ double critical_time = 0;
 int check_critical_time = FALSE;
 int verbose = 0;
 int use_ssl = FALSE;
+int use_starttls = FALSE;
 int use_sni = FALSE;
 short use_proxy_prefix = FALSE;
 short use_ehlo = FALSE;
@@ -186,14 +189,27 @@ main (int argc, char **argv)
         result = my_tcp_connect (server_address, server_port, &sd);
 
         if (result == STATE_OK) { /* we connected */
-
                 /* If requested, send PROXY header */
                 if (use_proxy_prefix) {
                         if (verbose)
                                 printf ("Sending header %s\n", PROXY_PREFIX);
-                        send(sd, PROXY_PREFIX, strlen(PROXY_PREFIX), 0);
+                        my_send(PROXY_PREFIX, strlen(PROXY_PREFIX));
                 }
 
+#ifdef HAVE_SSL
+                if (use_ssl) {
+                        result = np_net_ssl_init_with_hostname(sd, (use_sni ? server_address : NULL));
+                        if (result != STATE_OK) {
+                                printf (_("CRITICAL - Cannot create SSL context.\n"));
+                                close(sd);
+                                np_net_ssl_cleanup();
+                                return STATE_CRITICAL;
+                        } else {
+                                ssl_established = 1;
+                        }
+                }
+#endif
+
                 /* watch for the SMTP connection string and */
                 /* return a WARNING status if we couldn't read any data */
                 if (recvlines(buffer, MAX_INPUT_BUFFER) <= 0) {
@@ -205,7 +221,7 @@ main (int argc, char **argv)
                 xasprintf(&server_response, "%s", buffer);
 
                 /* send the HELO/EHLO command */
-                send(sd, helocmd, strlen(helocmd), 0);
+                my_send(helocmd, strlen(helocmd));
 
                 /* allow for response to helo command to reach us */
                 if (recvlines(buffer, MAX_INPUT_BUFFER) <= 0) {
@@ -218,14 +234,14 @@ main (int argc, char **argv)
                         }
                 }
 
-                if(use_ssl && ! supports_tls){
+                if(use_starttls && ! supports_tls){
                         printf(_("WARNING - TLS not supported by server\n"));
                         smtp_quit();
                         return STATE_WARNING;
                 }
 
 #ifdef HAVE_SSL
-                if(use_ssl) {
+                if(use_starttls) {
                   /* send the STARTTLS command */
                   send(sd, SMTP_STARTTLS, strlen(SMTP_STARTTLS), 0);
 
@@ -489,6 +505,8 @@ process_arguments (int argc, char **argv)
                 {"use-ipv6", no_argument, 0, '6'},
                 {"help", no_argument, 0, 'h'},
                 {"lmtp", no_argument, 0, 'L'},
+                {"ssl", no_argument, 0, 's'},
+                {"tls", no_argument, 0, 's'},
                 {"starttls",no_argument,0,'S'},
                 {"sni", no_argument, 0, SNI_OPTION},
                 {"certificate",required_argument,0,'D'},
@@ -510,7 +528,7 @@ process_arguments (int argc, char **argv)
         }
 
         while (1) {
-                c = getopt_long (argc, argv, "+hVv46Lrt:p:f:e:c:w:H:C:R:SD:F:A:U:P:q",
+                c = getopt_long (argc, argv, "+hVv46Lrt:p:f:e:c:w:H:C:R:sSD:F:A:U:P:q",
                                  longopts, &option);
 
                 if (c == -1 || c == EOF)
@@ -527,7 +545,7 @@ process_arguments (int argc, char **argv)
                         break;
                 case 'p':                                                                       /* port */
                         if (is_intpos (optarg))
-                                server_port = atoi (optarg);
+                                server_port_option = atoi (optarg);
                         else
                                 usage4 (_("Port must be a positive integer"));
                         break;
@@ -632,10 +650,14 @@ process_arguments (int argc, char **argv)
 #else
                         usage (_("SSL support not available - install OpenSSL and recompile"));
 #endif
-                        // fall through
+                case 's':
+                /* ssl */
+                        use_ssl = TRUE;
+                        server_port = SMTPS_PORT;
+                        break;
                 case 'S':
                 /* starttls */
-                        use_ssl = TRUE;
+                        use_starttls = TRUE;
                         use_ehlo = TRUE;
                         break;
                 case SNI_OPTION:
@@ -694,6 +716,14 @@ process_arguments (int argc, char **argv)
         if (from_arg==NULL)
                 from_arg = strdup(" ");
 
+        if (use_starttls && use_ssl) {
+                usage4 (_("Set either -s/--ssl/--tls or -S/--starttls"));
+        }
+
+        if (server_port_option != 0) {
+                server_port = server_port_option;
+        }
+
         return validate_arguments ();
 }
 
@@ -851,6 +881,9 @@ print_help (void)
 #ifdef HAVE_SSL
   printf (" %s\n", "-D, --certificate=INTEGER[,INTEGER]");
   printf ("    %s\n", _("Minimum number of days a certificate has to be valid."));
+  printf (" %s\n", "-s, --ssl, --tls");
+  printf ("    %s\n", _("Use SSL/TLS for the connection."));
+  printf (_("    Sets default port to %d.\n"), SMTPS_PORT);
   printf (" %s\n", "-S, --starttls");
   printf ("    %s\n", _("Use STARTTLS for the connection."));
   printf (" %s\n", "--sni");
diff --git a/plugins/check_snmp.c b/plugins/check_snmp.c
index 04dc6c6..2acada2 100644
--- a/plugins/check_snmp.c
+++ b/plugins/check_snmp.c
@@ -65,6 +65,7 @@ const char *email = "devel@monitoring-plugins.org";
 #define L_RATE_MULTIPLIER CHAR_MAX+2
 #define L_INVERT_SEARCH CHAR_MAX+3
 #define L_OFFSET CHAR_MAX+4
+#define L_IGNORE_MIB_PARSING_ERRORS CHAR_MAX+5
 
 /* Gobble to string - stop incrementing c when c[0] match one of the
  * characters in s */
@@ -159,6 +160,7 @@ char* ip_version = "";
 double multiplier = 1.0;
 char *fmtstr = "";
 char buffer[DEFAULT_BUFFER_SIZE];
+bool ignore_mib_parsing_errors = false;
 
 static char *fix_snmp_range(char *th)
 {
@@ -306,42 +308,55 @@ main (int argc, char **argv)
         }
 
         /* 10 arguments to pass before context and authpriv options + 1 for host and numoids. Add one for terminating NULL */
-        command_line = calloc (10 + numcontext + numauthpriv + 1 + numoids + 1, sizeof (char *));
-        command_line[0] = snmpcmd;
-        command_line[1] = strdup ("-Le");
-        command_line[2] = strdup ("-t");
-        xasprintf (&command_line[3], "%d", timeout_interval);
-        command_line[4] = strdup ("-r");
-        xasprintf (&command_line[5], "%d", retries);
-        command_line[6] = strdup ("-m");
-        command_line[7] = strdup (miblist);
-        command_line[8] = "-v";
-        command_line[9] = strdup (proto);
+
+        unsigned index = 0;
+        command_line = calloc (11 + numcontext + numauthpriv + 1 + numoids + 1, sizeof (char *));
+
+        command_line[index++] = snmpcmd;
+        command_line[index++] = strdup ("-Le");
+        command_line[index++] = strdup ("-t");
+        xasprintf (&command_line[index++], "%d", timeout_interval);
+        command_line[index++] = strdup ("-r");
+        xasprintf (&command_line[index++], "%d", retries);
+        command_line[index++] = strdup ("-m");
+        command_line[index++] = strdup (miblist);
+        command_line[index++] = "-v";
+        command_line[index++] = strdup (proto);
+
+        xasprintf(&cl_hidden_auth, "%s -Le -t %d -r %d -m %s -v %s",
+                snmpcmd, timeout_interval, retries, strlen(miblist) ? miblist : "''", proto);
+
+        if (ignore_mib_parsing_errors) {
+                command_line[index++] = "-Pe";
+                xasprintf(&cl_hidden_auth, "%s -Pe", cl_hidden_auth);
+        }
+
 
         for (i = 0; i < numcontext; i++) {
-                command_line[10 + i] = contextargs[i];
+                command_line[index++] = contextargs[i];
         }
 
         for (i = 0; i < numauthpriv; i++) {
-                command_line[10 + numcontext + i] = authpriv[i];
+                command_line[index++] = authpriv[i];
         }
 
-        xasprintf (&command_line[10 + numcontext + numauthpriv], "%s:%s", server_address, port);
+        xasprintf (&command_line[index++], "%s:%s", server_address, port);
 
-        /* This is just for display purposes, so it can remain a string */
-        xasprintf(&cl_hidden_auth, "%s -Le -t %d -r %d -m %s -v %s %s %s %s:%s",
-                snmpcmd, timeout_interval, retries, strlen(miblist) ? miblist : "''", proto, "[context]", "[authpriv]",
-                server_address, port);
+        xasprintf(&cl_hidden_auth, "%s [context] [authpriv] %s:%s",
+         cl_hidden_auth,
+         server_address,
+         port);
 
         for (i = 0; i < numoids; i++) {
-                command_line[10 + numcontext + numauthpriv + 1 + i] = oids[i];
+                command_line[index++] = oids[i];
                 xasprintf(&cl_hidden_auth, "%s %s", cl_hidden_auth, oids[i]);
         }
 
-        command_line[10 + numcontext + numauthpriv + 1 + numoids] = NULL;
+        command_line[index++] = NULL;
 
-        if (verbose)
+        if (verbose) {
                 printf ("%s\n", cl_hidden_auth);
+        }
 
         /* Set signal handling and alarm */
         if (signal (SIGALRM, runcmd_timeout_alarm_handler) == SIG_ERR) {
@@ -708,6 +723,7 @@ process_arguments (int argc, char **argv)
                 {"ipv6", no_argument, 0, '6'},
                 {"multiplier", required_argument, 0, 'M'},
                 {"fmtstr", required_argument, 0, 'f'},
+                {"ignore-mib-parsing-errors", no_argument, false, L_IGNORE_MIB_PARSING_ERRORS},
                 {0, 0, 0, 0}
         };
 
@@ -974,6 +990,8 @@ process_arguments (int argc, char **argv)
                                 fmtstr=optarg;
                         }
                         break;
+                case L_IGNORE_MIB_PARSING_ERRORS:
+                        ignore_mib_parsing_errors = true;
                 }
         }
 
@@ -1307,6 +1325,9 @@ print_help (void)
         printf (" %s\n", "-O, --perf-oids");
         printf ("    %s\n", _("Label performance data with OIDs instead of --label's"));
 
+        printf (" %s\n", "--ignore-mib-parsing-errors");
+        printf ("    %s\n", _("Tell snmpget to not print errors encountered when parsing MIB files"));
+
         printf (UT_VERBOSE);
 
         printf ("\n");
diff --git a/plugins/check_users.c b/plugins/check_users.c
index f6f4b36..2a9ee98 100644
--- a/plugins/check_users.c
+++ b/plugins/check_users.c
@@ -1,33 +1,33 @@
 /*****************************************************************************
-* 
+*
 * Monitoring check_users plugin
-* 
+*
 * License: GPL
 * Copyright (c) 2000-2012 Monitoring Plugins Development Team
-* 
+*
 * Description:
-* 
+*
 * This file contains the check_users plugin
-* 
+*
 * This plugin checks the number of users currently logged in on the local
 * system and generates an error if the number exceeds the thresholds
 * specified.
-* 
-* 
+*
+*
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
-* 
+*
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
-* 
+*
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
-* 
-* 
+*
+*
 *****************************************************************************/
 
 const char *progname = "check_users";
@@ -48,6 +48,11 @@ const char *email = "devel@monitoring-plugins.org";
 # include "popen.h"
 #endif
 
+#ifdef HAVE_LIBSYSTEMD
+#include <systemd/sd-daemon.h>
+#include <systemd/sd-login.h>
+#endif
+
 #define possibly_set(a,b) ((a) == 0 ? (b) : 0)
 
 int process_arguments (int, char **);
@@ -85,6 +90,11 @@ main (int argc, char **argv)
 
         users = 0;
 
+#ifdef HAVE_LIBSYSTEMD
+        if (sd_booted () > 0)
+                users = sd_get_sessions (NULL);
+        else {
+#endif
 #if HAVE_WTSAPI32_H
         if (!WTSEnumerateSessions(WTS_CURRENT_SERVER_HANDLE,
           0, 1, &wtsinfo, &wtscount)) {
@@ -156,6 +166,9 @@ main (int argc, char **argv)
         if (spclose (child_process))
                 result = possibly_set (result, STATE_UNKNOWN);
 #endif
+#ifdef HAVE_LIBSYSTEMD
+        }
+#endif
 
         /* check the user count against warning and critical thresholds */
         result = get_status((double)users, thlds);
@@ -163,7 +176,7 @@ main (int argc, char **argv)
         if (result == STATE_UNKNOWN)
                 printf ("%s\n", _("Unable to read output"));
         else {
-                printf (_("USERS %s - %d users currently logged in |%s\n"), 
+                printf (_("USERS %s - %d users currently logged in |%s\n"),
                                 state_text(result), users,
                                 sperfdata_int("users", users, "", warning_range,
                                                         critical_range, TRUE, 0, FALSE, 0));
diff --git a/plugins/t/check_smtp.t b/plugins/t/check_smtp.t
index aa6dae4..1a1ebe3 100644
--- a/plugins/t/check_smtp.t
+++ b/plugins/t/check_smtp.t
@@ -8,12 +8,14 @@ use strict;
 use Test::More;
 use NPTest;
 
-my $host_tcp_smtp      = getTestParameter( "NP_HOST_TCP_SMTP", 
+my $host_tcp_smtp            = getTestParameter( "NP_HOST_TCP_SMTP",
                                            "A host providing an SMTP Service (a mail server)", "mailhost");
-my $host_tcp_smtp_tls  = getTestParameter( "NP_HOST_TCP_SMTP_TLS",
+my $host_tcp_smtp_starttls   = getTestParameter( "NP_HOST_TCP_SMTP_STARTTLS",
+                                           "A host providing SMTP with STARTTLS", $host_tcp_smtp);
+my $host_tcp_smtp_nostarttls = getTestParameter( "NP_HOST_TCP_SMTP_NOSTARTTLS",
+                                           "A host providing SMTP without STARTTLS", "");
+my $host_tcp_smtp_tls        = getTestParameter( "NP_HOST_TCP_SMTP_TLS",
                                            "A host providing SMTP with TLS", $host_tcp_smtp);
-my $host_tcp_smtp_notls = getTestParameter( "NP_HOST_TCP_SMTP_NOTLS",
-                                           "A host providing SMTP without TLS", "");
 
 my $host_nonresponsive = getTestParameter( "NP_HOST_NONRESPONSIVE", 
                                            "The hostname of system not responsive to network requests", "10.0.0.1" );
@@ -22,7 +24,7 @@ my $hostname_invalid   = getTestParameter( "NP_HOSTNAME_INVALID",
                                            "An invalid (not known to DNS) hostname", "nosuchhost" );
 my $res;
 
-plan tests => 10;
+plan tests => 16;
 
 SKIP: {
         skip "No SMTP server defined", 4 unless $host_tcp_smtp;
@@ -42,22 +44,38 @@ SKIP: {
                 local $TODO = "Output is over two lines";
                 like ( $res->output, qr/^SMTP WARNING/, "Correct error message" );
         }
+
+        $res = NPTest->testCmd( "./check_smtp -H $host_tcp_smtp --ssl -p 25" );
+        is ($res->return_code, 2, "Check rc of connecting to $host_tcp_smtp with TLS on standard SMTP port" );
+        like ($res->output, qr/^CRITICAL - Cannot make SSL connection\./, "Check output of connecting to $host_tcp_smtp with TLS on standard SMTP port");
 }
 
 SKIP: {
-        skip "No SMTP server with TLS defined", 1 unless $host_tcp_smtp_tls;
-        # SSL connection for TLS
-        $res = NPTest->testCmd( "./check_smtp -H $host_tcp_smtp_tls -p 25 -S" );
+        skip "No SMTP server with STARTTLS defined", 1 unless $host_tcp_smtp_starttls;
+        # SSL connection for STARTTLS
+        $res = NPTest->testCmd( "./check_smtp -H $host_tcp_smtp_starttls -p 25 -S" );
         is ($res->return_code, 0, "OK, with STARTTLS" );
 }
 
 SKIP: {
-        skip "No SMTP server without TLS defined", 2 unless $host_tcp_smtp_notls;
-        $res = NPTest->testCmd( "./check_smtp -H $host_tcp_smtp_notls -p 25 -S" );
-        is ($res->return_code, 1, "OK, got warning from server without TLS");
+        skip "No SMTP server without STARTTLS defined", 2 unless $host_tcp_smtp_nostarttls;
+        $res = NPTest->testCmd( "./check_smtp -H $host_tcp_smtp_nostarttls -p 25 -S" );
+        is ($res->return_code, 1, "OK, got warning from server without STARTTLS");
         is ($res->output, "WARNING - TLS not supported by server", "Right error message" );
 }
 
+SKIP: {
+        skip "No SMTP server with TLS defined", 1 unless $host_tcp_smtp_tls;
+        $res = NPTest->testCmd( "./check_smtp -H $host_tcp_smtp_tls --ssl" );
+        is ($res->return_code, 0, "Check rc of connecting to $host_tcp_smtp_tls with TLS" );
+        like ($res->output, qr/^SMTP OK - /, "Check output of connecting to $host_tcp_smtp_tls with TLS" );
+
+        my $unused_port = 4465;
+        $res = NPTest->testCmd( "./check_smtp -H $host_tcp_smtp_tls -p $unused_port --ssl" );
+        is ($res->return_code, 2, "Check rc of connecting to $host_tcp_smtp_tls with TLS on unused port $unused_port" );
+        like ($res->output, qr/^connect to address $host_tcp_smtp_tls and port $unused_port: Connection refused/, "Check output of connecting to $host_tcp_smtp_tls with TLS on unused port $unused_port");
+}
+
 $res = NPTest->testCmd( "./check_smtp $host_nonresponsive" );
 is ($res->return_code, 2, "CRITICAL - host non responding" );
 
diff --git a/plugins/t/check_snmp.t b/plugins/t/check_snmp.t
index f2f218f..576cc50 100644
--- a/plugins/t/check_snmp.t
+++ b/plugins/t/check_snmp.t
@@ -26,22 +26,22 @@ $res = NPTest->testCmd( "./check_snmp -t 1" );
 is( $res->return_code, 3, "No host name" );
 is( $res->output, "No host specified" );
 
-$res = NPTest->testCmd( "./check_snmp -H fakehostname" );
+$res = NPTest->testCmd( "./check_snmp -H fakehostname --ignore-mib-parsing-errors" );
 is( $res->return_code, 3, "No OIDs specified" );
 is( $res->output, "No OIDs specified" );
 
-$res = NPTest->testCmd( "./check_snmp -H fakehost -o oids -P 3 -U not_a_user --seclevel=rubbish" );
+$res = NPTest->testCmd( "./check_snmp -H fakehost --ignore-mib-parsing-errors -o oids -P 3 -U not_a_user --seclevel=rubbish" );
 is( $res->return_code, 3, "Invalid seclevel" );
 like( $res->output, "/check_snmp: Invalid seclevel - rubbish/" );
 
-$res = NPTest->testCmd( "./check_snmp -H fakehost -o oids -P 3c" );
+$res = NPTest->testCmd( "./check_snmp -H fakehost --ignore-mib-parsing-errors -o oids -P 3c" );
 is( $res->return_code, 3, "Invalid protocol" );
 like( $res->output, "/check_snmp: Invalid SNMP version - 3c/" );
 
 SKIP: {
     skip "no snmp host defined", 50 if ( ! $host_snmp );
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -w 1: -c 1:");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -w 1: -c 1:");
     cmp_ok( $res->return_code, '==', 0, "Exit OK when querying uptime" );
     like($res->output, '/^SNMP OK - (\d+)/', "String contains SNMP OK");
     $res->output =~ /^SNMP OK - (\d+)/;
@@ -51,111 +51,111 @@ SKIP: {
 
 
     # some more threshold tests
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -c 1");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -c 1");
     cmp_ok( $res->return_code, '==', 2, "Threshold test -c 1" );
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -c 1:");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -c 1:");
     cmp_ok( $res->return_code, '==', 0, "Threshold test -c 1:" );
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -c ~:1");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -c ~:1");
     cmp_ok( $res->return_code, '==', 2, "Threshold test -c ~:1" );
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -c 1:10");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -c 1:10");
     cmp_ok( $res->return_code, '==', 2, "Threshold test -c 1:10" );
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -c \@1:10");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -c \@1:10");
     cmp_ok( $res->return_code, '==', 0, "Threshold test -c \@1:10" );
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -c 10:1");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -c 10:1");
     cmp_ok( $res->return_code, '==', 0, "Threshold test -c 10:1" );
 
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o .1.3.6.1.2.1.1.3.0 -w 1: -c 1:");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o .1.3.6.1.2.1.1.3.0 -w 1: -c 1:");
     cmp_ok( $res->return_code, '==', 0, "Test with numeric OID (no mibs loaded)" );
     like($res->output, '/^SNMP OK - \d+/', "String contains SNMP OK");
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysDescr.0");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysDescr.0");
     cmp_ok( $res->return_code, '==', 0, "Exit OK when querying sysDescr" );
     unlike($res->perf_output, '/sysDescr/', "Perfdata doesn't contain string values");
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysDescr.0,system.sysDescr.0");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysDescr.0,system.sysDescr.0");
     cmp_ok( $res->return_code, '==', 0, "Exit OK when querying two string OIDs, comma-separated" );
     like($res->output, '/^SNMP OK - /', "String contains SNMP OK");
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysDescr.0 -o system.sysDescr.0");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysDescr.0 -o system.sysDescr.0");
     cmp_ok( $res->return_code, '==', 0, "Exit OK when querying two string OIDs, repeated option" );
     like($res->output, '/^SNMP OK - /', "String contains SNMP OK");
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w 1:1 -c 1:1");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w 1:1 -c 1:1");
     cmp_ok( $res->return_code, '==', 0, "Exit OK when querying hrSWRunIndex.1" );
     like($res->output, '/^SNMP OK - 1\s.*$/', "String fits SNMP OK and output format");
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w 0   -c 1:");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w 0   -c 1:");
     cmp_ok( $res->return_code, '==', 1, "Exit WARNING when querying hrSWRunIndex.1 and warn-th doesn't apply " );
     like($res->output, '/^SNMP WARNING - \*1\*\s.*$/', "String matches SNMP WARNING and output format");
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w  :0 -c 0");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w  :0 -c 0");
     cmp_ok( $res->return_code, '==', 2, "Exit CRITICAL when querying hrSWRunIndex.1 and crit-th doesn't apply" );
     like($res->output, '/^SNMP CRITICAL - \*1\*\s.*$/', "String matches SNMP CRITICAL and output format");
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o ifIndex.2,ifIndex.1 -w 1:2 -c 1:2");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o ifIndex.2,ifIndex.1 -w 1:2 -c 1:2");
     cmp_ok( $res->return_code, '==', 0, "Checking two OIDs at once" );
     like($res->output, "/^SNMP OK - 2 1/", "Got two values back" );
     like( $res->perf_output, "/ifIndex.2=2/", "Got 1st perf data" );
     like( $res->perf_output, "/ifIndex.1=1/", "Got 2nd perf data" );
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o ifIndex.2,ifIndex.1 -w 1:2,1:2 -c 2:2,2:2");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o ifIndex.2,ifIndex.1 -w 1:2,1:2 -c 2:2,2:2");
     cmp_ok( $res->return_code, '==', 2, "Checking critical threshold is passed if any one value crosses" );
     like($res->output, "/^SNMP CRITICAL - 2 *1*/", "Got two values back" );
     like( $res->perf_output, "/ifIndex.2=2/", "Got 1st perf data" );
     like( $res->perf_output, "/ifIndex.1=1/", "Got 2nd perf data" );
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrStorage.hrMemorySize.0,host.hrSystem.hrSystemProcesses.0 -w 1:,1: -c 1:,1:");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrStorage.hrMemorySize.0,host.hrSystem.hrSystemProcesses.0 -w 1:,1: -c 1:,1:");
     cmp_ok( $res->return_code, '==', 0, "Exit OK when querying hrMemorySize and hrSystemProcesses");
     like($res->output, '/^SNMP OK - \d+ \d+/', "String contains hrMemorySize and hrSystemProcesses");
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w \@:0 -c \@0");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w \@:0 -c \@0");
     cmp_ok( $res->return_code, '==', 0, "Exit OK with inside-range thresholds");
     like($res->output, '/^SNMP OK - 1\s.*$/', "String matches SNMP OK and output format");
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o enterprises.ucdavis.laTable.laEntry.laLoad.3");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o enterprises.ucdavis.laTable.laEntry.laLoad.3");
     $res->output =~ m/^SNMP OK - (\d+\.\d{2})\s.*$/;
     my $lower = $1 - 0.05;
     my $higher = $1 + 0.05;
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o enterprises.ucdavis.laTable.laEntry.laLoad.3 -w $lower -c $higher");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o enterprises.ucdavis.laTable.laEntry.laLoad.3 -w $lower -c $higher");
     cmp_ok( $res->return_code, '==', 1, "Exit WARNING with fractionnal arguments");
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0,host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w ,:0 -c ,:2");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0,host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w ,:0 -c ,:2");
     cmp_ok( $res->return_code, '==', 1, "Exit WARNING on 2nd threshold");
     like($res->output, '/^SNMP WARNING - Timeticks:\s\(\d+\)\s+(?:\d+ days?,\s+)?\d+:\d+:\d+\.\d+\s+\*1\*\s.*$/', "First OID returned as string, 2nd checked for thresholds");
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w '' -c ''");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w '' -c ''");
     cmp_ok( $res->return_code, '==', 0, "Empty thresholds doesn't crash");
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrStorage.hrMemorySize.0,host.hrSystem.hrSystemProcesses.0 -w ,,1 -c ,,2");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrStorage.hrMemorySize.0,host.hrSystem.hrSystemProcesses.0 -w ,,1 -c ,,2");
     cmp_ok( $res->return_code, '==', 0, "Skipping first two thresholds on 2 OID check");
     like($res->output, '/^SNMP OK - \d+ \w+ \d+\s.*$/', "Skipping first two thresholds, result printed rather than parsed");
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrStorage.hrMemorySize.0,host.hrSystem.hrSystemProcesses.0 -w ,, -c ,,");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrStorage.hrMemorySize.0,host.hrSystem.hrSystemProcesses.0 -w ,, -c ,,");
     cmp_ok( $res->return_code, '==', 0, "Skipping all thresholds");
     like($res->output, '/^SNMP OK - \d+ \w+ \d+\s.*$/', "Skipping all thresholds, result printed rather than parsed");
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -c 1000000000000: -u '1/100 sec'");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -c 1000000000000: -u '1/100 sec'");
     cmp_ok( $res->return_code, '==', 2, "Timetick used as a threshold");
     like($res->output, '/^SNMP CRITICAL - \*\d+\* 1\/100 sec.*$/', "Timetick used as a threshold, parsed as numeric");
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0");
     cmp_ok( $res->return_code, '==', 0, "Timetick used as a string");
     like($res->output, '/^SNMP OK - Timeticks:\s\(\d+\)\s+(?:\d+ days?,\s+)?\d+:\d+:\d+\.\d+\s.*$/', "Timetick used as a string, result printed rather than parsed");
 
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o HOST-RESOURCES-MIB::hrSWRunName.1");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o HOST-RESOURCES-MIB::hrSWRunName.1");
     cmp_ok( $res->return_code, '==', 0, "snmp response without datatype");
     like( $res->output, '/^SNMP OK - "(systemd|init)" \| $/', "snmp response without datatype" );
 }
 
 SKIP: {
     skip "no SNMP user defined", 1 if ( ! $user_snmp );
-    $res = NPTest->testCmd( "./check_snmp -H $host_snmp -o HOST-RESOURCES-MIB::hrSystemUptime.0 -P 3 -U $user_snmp -L noAuthNoPriv");
+    $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -o HOST-RESOURCES-MIB::hrSystemUptime.0 -P 3 -U $user_snmp -L noAuthNoPriv");
     like( $res->output, '/^SNMP OK - Timeticks:\s\(\d+\)\s+(?:\d+ days?,\s+)?\d+:\d+:\d+\.\d+\s.*$/', "noAuthNoPriv security level works properly" );
 }
 
@@ -163,14 +163,14 @@ SKIP: {
 # the tests can run on hosts w/o snmp host/community in NPTest.cache. Execution will fail anyway
 SKIP: {
     skip "no non responsive host defined", 2 if ( ! $host_nonresponsive );
-    $res = NPTest->testCmd( "./check_snmp -H $host_nonresponsive -C np_foobar -o system.sysUpTime.0 -w 1: -c 1:");
+    $res = NPTest->testCmd( "./check_snmp -H $host_nonresponsive --ignore-mib-parsing-errors -C np_foobar -o system.sysUpTime.0 -w 1: -c 1:");
     cmp_ok( $res->return_code, '==', 2, "Exit CRITICAL with non responsive host" );
     like($res->output, '/Plugin timed out while executing system call/', "String matches timeout problem");
 }
 
 SKIP: {
     skip "no non invalid host defined", 2 if ( ! $hostname_invalid );
-    $res = NPTest->testCmd( "./check_snmp -H $hostname_invalid   -C np_foobar -o system.sysUpTime.0 -w 1: -c 1:");
+    $res = NPTest->testCmd( "./check_snmp -H $hostname_invalid --ignore-mib-parsing-errors -C np_foobar -o system.sysUpTime.0 -w 1: -c 1:");
     cmp_ok( $res->return_code, '==', 3, "Exit UNKNOWN with non responsive host" );
-    like($res->output, '/External command error: .*(nosuchhost|Name or service not known|Unknown host)/', "String matches invalid host");
+    like($res->output, '/External command error: .*(nosuchhost|Name or service not known|Unknown host).*/s', "String matches invalid host");
 }