transform: luaxform transform script

[jlucovsky]

Continuation of #11940

Add the luaxform transform that uses a Lua script to receive and transform a sticky buffer.

Lua transforms receive arguments

• (always): length of input buffer and input buffer
• (always): number of additional arguments (may be 0)
• (when present): argument array (bounded by argument count)

Arguments are passed to the Lua script as they appear in the rule:

 luaxform:./lua/lua-transform.lua, bytes 4, offset 13, hash sha256;

When the transform is invoked, 3 additional arguments are passed (arg count will be 3)

• bytes 4
• offset 13
• hash sha256

The Lua script is responsible for parsing and using the arguments and returning a tuple: output-buffer, output-buffer-byte-count

I used this Lua script:

function init (args)
  -- Optional, no return value
end

function transform(input_len, input, argc, args)
    SCLogNotice("Input length: " .. input_len .. " arg-count: " .. argc)
    for i = 1, argc do
        print("Argument " .. i .. ":", args[i])
    end
    return string.upper(input), input_len
end

return 0

Example rule using the Lua script:

alert http any any -> any any (msg:"Lua Xform example"; flow:established;  file.data; luaxform:./lua/lua-transform.lua; content: "abc"; sid: 1;)

Link to ticket: https://redmine.openinfosecfoundation.org/issues/2290

Describe changes:

• Luaxform transform changes

Updates

• Rebase

Provide values to any of the below to override the defaults.

• To use an LibHTP, Suricata-Verify or Suricata-Update pull request, link to the pull request in the respective _BRANCH variable.
• Leave unused overrides blank or remove.

SV_REPO= SV_BRANCH=https://github.com/OISF/suricata-verify/pull/2090 SU_REPO= SU_BRANCH= LIBHTP_REPO= LIBHTP_BRANCH=