tests: add pgsql cancel request tests - v1

tests/pgsql-cancel-request/README.md

@@ -0,0 +1,19 @@
+# Test Description
+
+Showcase Suricata output and behavior when it inspects PostgreSQL traffic where
+a `CancelRequest` message is sent.
+
+A CancelRequest message is sent by the FrontEnd (client) when it wants to cancel
+a Query. It is sent to a new port, so this creates a new transaction. No direct
+message is sent to confirm that the CancelRequest was processed, but if it is,
+the transaction/process waiting for the Query will receive an Error Message
+indicating that the Query was canceled (cf
+https://www.postgresql.org/docs/16/protocol-flow.html#PROTOCOL-FLOW-CANCELING-REQUESTS).
+
+## PCAP
+
+Shared by Jason Ish, sample of a local query to a sample local database.
+
+## Related issues
+
+Task for adding pgsql message: https://redmine.openinfosecfoundation.org/issues/6577

tests/pgsql-cancel-request/test.yaml

@@ -0,0 +1,144 @@
+requires:
+   min-version: 7
+args:
+- -k none
+- --set stream.midstream=true
+
+checks:
+- filter:
+    count: 1
+    match:
+      dest_ip: 100.96.199.113
+      dest_port: 5432
+      event_type: pgsql
+      pcap_cnt: 7
+      pgsql.request.message: SSL Request
+      pgsql.response.ssl_accepted: false
+      pgsql.tx_id: 1
+      proto: TCP
+      src_ip: 100.88.2.140
+      src_port: 39704
+- filter:
+    count: 1
+    match:
+      dest_ip: 100.96.199.113
+      dest_port: 5432
+      event_type: pgsql
+      pcap_cnt: 10
+      pgsql.request.protocol_version: '3.0'
+      pgsql.request.startup_parameters.optional_parameters[0].database: rules
+      pgsql.request.startup_parameters.optional_parameters[1].application_name: psql
+      pgsql.request.startup_parameters.optional_parameters[2].client_encoding: UTF8
+      pgsql.request.startup_parameters.user: rules
+      pgsql.response.authentication_md5_password: "\\xee\\xeb\x06\\x97"
+      pgsql.tx_id: 2
+      proto: TCP
+      src_ip: 100.88.2.140
+      src_port: 39704
+- filter:
+    count: 1
+    match:
+      dest_ip: 100.96.199.113
+      dest_port: 5432
+      event_type: pgsql
+      pcap_cnt: 12
+      pgsql.request.password_message: password log disabled
+      pgsql.response.message: authentication_ok
+      pgsql.response.parameter_status[0].application_name: psql
+      pgsql.response.parameter_status[10].time_zone: Etc/UTC
+      pgsql.response.parameter_status[1].client_encoding: UTF8
+      pgsql.response.parameter_status[2].date_style: ISO, MDY
+      pgsql.response.parameter_status[3].integer_datetimes: 'on'
+      pgsql.response.parameter_status[4].interval_style: postgres
+      pgsql.response.parameter_status[5].is_superuser: 'on'
+      pgsql.response.parameter_status[6].server_encoding: UTF8
+      pgsql.response.parameter_status[7].server_version: 13.6 (Debian 13.6-1.pgdg110+1)
+      pgsql.response.parameter_status[8].session_authorization: rules
+      pgsql.response.parameter_status[9].standard_conforming_strings: 'on'
+      pgsql.response.process_id: 28954
+      pgsql.response.secret_key: 889887985
+      pgsql.tx_id: 3
+      proto: TCP
+      src_ip: 100.88.2.140
+      src_port: 39704
+- filter:
+    count: 1
+    match:
+      dest_ip: 100.96.199.113
+      dest_port: 5432
+      event_type: pgsql
+      pcap_cnt: 23
+      pgsql.request.simple_query: select pg_sleep(9)
+      pgsql.response.code: '57014'
+      pgsql.response.field_count: 1
+      pgsql.response.file: postgres.c
+      pgsql.response.line: '3211'
+      pgsql.response.message: canceling statement due to user request
+      pgsql.response.routine: ProcessInterrupts
+      pgsql.response.severity_localizable: ERROR
+      pgsql.response.severity_non_localizable: ERROR
+      pgsql.tx_id: 4
+      proto: TCP
+      src_ip: 100.88.2.140
+      src_port: 39704
+- filter:
+    count: 1
+    match:
+      dest_ip: 100.96.199.113
+      dest_port: 5432
+      event_type: pgsql
+      pcap_cnt: 27
+      pgsql.request.message: termination_message
+      pgsql.tx_id: 5
+      proto: TCP
+      src_ip: 100.88.2.140
+      src_port: 39704
+- filter:
+    count: 1
+    match:
+      dest_ip: 100.96.199.113
+      dest_port: 5432
+      event_type: pgsql
+      pgsql.request.backend_key: 889887985
+      pgsql.request.message: cancel_request
+      pgsql.request.pid: 28954
+      pgsql.tx_id: 1
+      proto: TCP
+      src_ip: 100.88.2.140
+      src_port: 39706
+- filter:
+    count: 1
+    match:
+      app_proto: pgsql
+      dest_ip: 100.96.199.113
+      dest_port: 5432
+      event_type: flow
+      flow.age: 0
+      flow.alerted: false
+      flow.bytes_toclient: 216
+      flow.bytes_toserver: 232
+      flow.pkts_toclient: 4
+      flow.pkts_toserver: 4
+      flow.reason: shutdown
+      flow.state: closed
+      proto: TCP
+      src_ip: 100.88.2.140
+      src_port: 39706
+- filter:
+    count: 1
+    match:
+      app_proto: pgsql
+      dest_ip: 100.96.199.113
+      dest_port: 5432
+      event_type: flow
+      flow.age: 2
+      flow.alerted: false
+      flow.bytes_toclient: 1035
+      flow.bytes_toserver: 736
+      flow.pkts_toclient: 10
+      flow.pkts_toserver: 11
+      flow.reason: shutdown
+      flow.state: closed
+      proto: TCP
+      src_ip: 100.88.2.140
+      src_port: 39704