Document PING/PONG message differences

[Herringway]

Modern day implementations of the PING/PONG messages differ from what is described in RFCs 1459 and 2812.

Some observations:

• Some implementations use a pre-registration PING/PONG with random strings as an anti-spoof measure
• Some implementations just echo PING parameters in PONG responses
• One client I've seen sends PONG server :param1 to all PING param1 messages

[DanielOaks]

Some also do a CTCP PING/PONG and block reg on that, iirc? Take a look into that and see whether we need to mention that at all.

[Herringway]

Relevant bits:

• ircd2's reasoning behind the RFC deviation
• A relevant discussion
• Another relevant discussion
• Before ircd 2.11, the first parameter was labelled as "origin" internally and would trigger an ERR_NOORIGIN response if omitted.
• After ircd 2.11, the origin label was dropped and omitting the parameter would not cause an error - instead the PONG response has an empty parameter
• In every version, the first parameter is just echoed back if present.

[DanielOaks]

also test and illustrate PING with no params at all and see how that works.

[Herringway]

I haven't been able to compile the server, so I'm just basing this off of reading the code, but... pre 2.11: :server 409 nick :No origin specified post 2.11: :server PONG server :

[progval]

• Some implementations use a pre-registration PING/PONG with random strings as an anti-spoof measure

• Some implementations just echo PING parameters in PONG responses

These should be handled in #99.

• One client I've seen sends PONG server :param1 to all PING param1 messages

What client is it?

From what I can tell, this behavior would result in:

• an immediate kill from Inspircd default config (or ignored with a non-default config): https://github.com/inspircd/inspircd/blob/v3.10.0/src/modules/m_conn_waitpong.cpp#L71
• immediate kill from Unreal https://github.com/unrealircd/unrealircd/blob/d9b80d889fcb4f051f580cc3601c80e608796dfa/src/modules/pingpong.c#L119
• being ignored by Solanum https://github.com/solanum-ircd/solanum/blob/f8838806ef332738fd17e725c9e7d5b1418a9756/modules/m_pong.c#L107

with random strings as an anti-spoof measure

FYI, this is not a protection against connection spoofing, as it is commonly believed (TCP already does it, and TLS does it even better). The motivation (at least for Unreal) is to prevent non-IRC clients (eg. browsers that don't blacklist the port) from being tricked into sending stuff to IRC.