From: Shivani Bhardwaj <shivanib134@gmail.com>
Date: Sat, 6 May 2023 11:43:03 +0000 (+0530)
Subject: smtp: add test for cmd after long line w LF
X-Git-Tag: suricata-6.0.16~46
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4a32eadee0bdecc452757760072da8ebebb16e7c;p=thirdparty%2Fsuricata-verify.git

smtp: add test for cmd after long line w LF
---

diff --git a/tests/smtp-bug-5989/README.md b/tests/smtp-bug-5989/README.md
new file mode 100644
index 000000000..c42af5627
--- /dev/null
+++ b/tests/smtp-bug-5989/README.md
@@ -0,0 +1,12 @@
+# Test Description
+
+This test shows that currently the command followed by a long line (>4k) is skipped even
+if it has LF. This is incorrect.
+
+## PCAP
+
+Locally modified.
+
+## Related issues
+
+https://redmine.openinfosecfoundation.org/issues/5989
diff --git a/tests/smtp-bug-5989/input.pcap b/tests/smtp-bug-5989/input.pcap
new file mode 100644
index 000000000..5b7ac08c2
Binary files /dev/null and b/tests/smtp-bug-5989/input.pcap differ
diff --git a/tests/smtp-bug-5989/test.yaml b/tests/smtp-bug-5989/test.yaml
new file mode 100644
index 000000000..45a2ffe96
--- /dev/null
+++ b/tests/smtp-bug-5989/test.yaml
@@ -0,0 +1,12 @@
+min-version: 7
+
+args:
+- -k none
+- --simulate-ips
+
+checks:
+- filter:
+    count: 1
+    match:
+      event_type: smtp
+      smtp.helo: "Percival"