IRC: simplify detection (#2423)

IRC has its best times well behind, but there are still some servers using it. We should try to simplify the detection logic, still based on OpenDPI logic. Let's start with some easy changes: * try to detect TLS connection via standard hostname/SNI matching, removing an old heuristic (we have never had any trace matching it); * add some basic server names; * once we detect that the flow is IRC, we don't have to perform anything else; * remove HTTP stuff; real HTTP flows never trigger that data path * use `ndpi_memmem()` when possible
author: Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> 2024-05-11 14:12:13 +0200
committer: GitHub <noreply@github.com> 2024-05-11 14:12:13 +0200
commit: 8c5e6e9761e2cd490245fddf6327440bf8cff135 (patch)
tree: 9648b45a9e9b950a18eab332efe78c240b5f03fc /src/include/ndpi_typedefs.h
parent: 70c4920184f98d0e17339520fcdbbd93638799b9 (diff)
1 files changed, 0 insertions, 3 deletions
diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h
index 08b8e490f..17275b60e 100644
--- a/src/include/ndpi_typedefs.h
+++ b/src/include/ndpi_typedefs.h
@@ -820,9 +820,6 @@ struct ndpi_flow_tcp_struct {
 
   /* NDPI_PROTOCOL_IRC */
   u_int32_t irc_3a_counter:3;
-  u_int32_t irc_stage2:5;
-  u_int32_t irc_direction:2;
-  u_int32_t irc_0x1000_full:1;
 
   /* NDPI_PROTOCOL_USENET */
   u_int32_t usenet_stage:2;
author	Ivan Nardi <12729895+IvanNardi@users.noreply.github.com>	2024-05-11 14:12:13 +0200
committer	GitHub <noreply@github.com>	2024-05-11 14:12:13 +0200
commit	8c5e6e9761e2cd490245fddf6327440bf8cff135 (patch)
tree	9648b45a9e9b950a18eab332efe78c240b5f03fc /src/include/ndpi_typedefs.h
parent	70c4920184f98d0e17339520fcdbbd93638799b9 (diff)