Skip to content

Add IRC module? #745

Description

@agathanon

If you're open to it, I'd like to contribute an IRC module. Per the "Adding New Protocols" guidance, opening this first to check before submitting the PR.

The implementation is already written and tested against a list of common networks, and individual EFnet servers (https://www.efnet.org/#servers), since their list is often stale I personally wanted something to quickly run to validate what's live.

What it collects

Only what an unauthenticated client sees from the standard registration handshake:

  • pre-registration NOTICE banner
  • welcome numerics (001-004), incl. parsed server name / software version / user & channel modes
  • RPL_ISUPPORT (005) feature tokens
  • LUSERS network statistics
  • MOTD
  • advertised IRCv3 capabilities (CAP LS)
  • a best-effort server daemon guess (e.g. InspIRCd, UnrealIRCd, Solanum, ircd-hybrid)
  • structured error/rejection details (433/464/465, ERROR)

Ethical-scanning compliance

The module sends CAP/NICK/USER (no credentials), answers PING, and QUITs before anything resembling authentication. It never sends PASS; if a server requires a password or bans the client, that rejection is simply recorded. It only collects information available to any standard client without authenticating.

TLS

  • --ircs — implicit TLS before registration (port 6697), with the standard zgrab2 TLS log.
  • --starttls — the IRCv3 STARTTLS extension. It's deprecated in favor of implicit TLS and rarely deployed, but is included for completeness and for older/private InspIRCd networks. On servers that don't offer it, the scan reports unsupported/failed and does not downgrade to plaintext registration.

Implementation notes

  • Follows the current module conventions (mirrors the recent omronfins module): TypedModule, BaseScanner, DialerGroupConfig with a separate L4 dialer + TLS wrapper.
  • Unit tests (parsers + scripted-server registration and STARTTLS flows), fuzz tests (line/ISUPPORT/registration/STARTTLS), and integration tests against three real services: ngircd (plaintext), ngircd behind stunnel (implicit TLS), and InspIRCd (STARTTLS). Output is validated against a zschema schema.
  • make lint and make test pass.

LLM disclosure

Whole thing was written by Claude with me at the wheel. I saw other "co-authored" commits so I figure this is acceptable, but wanted to disclose up front. I do understand any pushback.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions