Smtp server detection 1125 v12

[catenacyber]

Link to redmine ticket:
https://redmine.openinfosecfoundation.org/issues/1125

Describe changes:

• smtp : adds server side detection
• ftp : adds server side detection
• protocoldetect: use stricter max depth

The most special trick is that the (server) probing parser waits for the client side to have seen some data to take a definitive positive decision.
So that If it looks like a SMTP server (it could be a FTP server), let's see if the client looks like SMTP or FTP or something unknown...

Modifies #8327 by rebasing to rerun rebased QA

I wonder if SMTP parser should also relax its condition to set state->parser_state |= SMTP_PARSER_STATE_FIRST_REPLY_SEEN;

[codecov]

Codecov Report

Merging #8448 (7f3f653) into master (416f752) will increase coverage by 0.08%.
The diff coverage is 80.00%.

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #8448      +/-   ##
==========================================
+ Coverage   81.85%   81.93%   +0.08%     
==========================================
  Files         963      963              
  Lines      278400   278487      +87     
==========================================
+ Hits       227890   228191     +301     
+ Misses      50510    50296     -214     

Flag	Coverage Δ
fuzzcorpus	64.20% <84.44%> (+0.25%)	⬆️
suricata-verify	59.55% <68.88%> (+0.01%)	⬆️
unittests	63.45% <46.40%> (-0.01%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

[suricata-qa]

WARNING:

ERROR: QA failed on SURI_TLPW1_files_sha256.

field	baseline	test	%
	SURI_TLPW2_single_stats_chk
.tcp.ssn_from_cache	264554	339167	128.2%
.tcp.ssn_from_pool	628437	553824	88.13%
	SURI_TLPW2_autofp_stats_chk
.tcp.ssn_from_cache	298547	378708	126.85%
.tcp.ssn_from_pool	594444	514283	86.51%
	SURI_TLPW1_stats_chk
.tcp.ssn_from_cache	63596	79173	124.49%
.tcp.ssn_from_pool	139220	123643	88.81%
.tcp.rst	128116	113690	88.74%
.app_layer.tx.ftp	647	222	34.31%
.app_layer.error.ftp.gap	2	1	50.0%
.app_layer.error.ftp.parser	2	3	150.0%
.app_layer.error.dns_udp.parser	1276	0	-
.ftp.memuse	862	5	0.58%
	SURI_TLPR1_stats_chk
.flow.memuse	580947328	535160896	92.12%
.tcp.ssn_from_cache	3644947	6063284	166.35%
.tcp.ssn_from_pool	8484810	6066445	71.5%
.tcp.synack	7538139	10192852	135.22%
.tcp.rst	5264608	6723331	127.71%
.app_layer.error.ftp-data.gap	0	1	-
.app_layer.error.dns_udp.parser	28003	0	-
.http.memuse	16440	2104	12.8%
.ftp.memuse	13827	2669	19.3%
	IPS_AFP_stats_chk
.tcp.segment_from_pool	17089689	15758309	92.21%
.app_layer.flow.ftp	33480	1080	3.23%
.app_layer.tx.ftp	131760	99360	75.41%
	TREX_GENERIC_stats_chk
.app_layer.flow.ftp	18444	0	-
.app_layer.tx.ftp	73776	55332	75.0%

Pipeline 12051

[catenacyber]

@ct0br0 could you provide me with a pcap with one (or more) flows that are recognized as FTP by master, and not by this PR ?

[catenacyber]

Replaced by #8512