pop3: AUTH command handling improvements

[victorjulien]

Better track the state so it's known when to expect a base64 request message. Also better validate the base64.

Ticket: #7994.

No SV as the only PCAP I have is very private and also requires the sslproxy work.

[codecov]

Codecov Report

❌ Patch coverage is 8.16327% with 45 lines in your changes missing coverage. Please review.
✅ Project coverage is 84.42%. Comparing base (93c0409) to head (4151db1).

Additional details and impacted files

@@            Coverage Diff             @@
##             main   #14035      +/-   ##
==========================================
- Coverage   84.43%   84.42%   -0.02%     
==========================================
  Files        1011     1011              
  Lines      272251   272285      +34     
==========================================
- Hits       229876   229866      -10     
- Misses      42375    42419      +44     

Flag	Coverage Δ
fuzzcorpus	63.39% <8.16%> (-0.02%)	⬇️
livemode	19.45% <0.00%> (+0.10%)	⬆️
pcap	44.78% <6.12%> (-0.04%)	⬇️
suricata-verify	65.17% <6.12%> (-0.03%)	⬇️
unittests	59.44% <0.00%> (-0.01%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[suricata-qa]

Information: QA ran without warnings.

Pipeline = 27991

[catenacyber]

No SV as the only PCAP I have is very private and also requires the sslproxy work

Could you not craft one ? (with ./libhtp/htptopcap.py or similar)