From 379f04cdd1773c9efad413a583c18b8587b54f73 Mon Sep 17 00:00:00 2001
From: Shivani Bhardwaj <shivanib134@gmail.com>
Date: Mon, 30 Jun 2025 14:28:56 +0530
Subject: [PATCH] smtp: revert ab01a1b

to build the correct behavior. As a part of ab01a1b, in order to match
the behavior in master, the calls for triggering raw stream inspection
were made when communication in one direction for a transaction was
completed. However, it was incorrect to do so. Reliable inspection
requires any request line/response line to be completed.

Bug 7783
---
 src/app-layer-smtp.c | 18 +++++++-----------
 1 file changed, 7 insertions(+), 11 deletions(-)

diff --git a/src/app-layer-smtp.c b/src/app-layer-smtp.c
index bf94d71c5a..82dbc0a535 100644
--- a/src/app-layer-smtp.c
+++ b/src/app-layer-smtp.c
@@ -706,13 +706,11 @@ static void SetMimeEvents(SMTPState *state, uint32_t events)
     }
 }
 
-static inline void SMTPTransactionComplete(SMTPState *state, Flow *f, uint16_t dir)
+static inline void SMTPTransactionComplete(SMTPState *state)
 {
     DEBUG_VALIDATE_BUG_ON(state->curr_tx == NULL);
-    if (state->curr_tx) {
+    if (state->curr_tx)
         state->curr_tx->done = true;
-        AppLayerParserTriggerRawStreamInspection(f, dir);
-    }
 }
 
 /**
@@ -749,7 +747,7 @@ static int SMTPProcessCommandDATA(
                         FileFlowToFlags(f, STREAM_TOSERVER));
             }
         }
-        SMTPTransactionComplete(state, f, STREAM_TOSERVER);
+        SMTPTransactionComplete(state);
         SCLogDebug("marked tx as done");
     } else if (smtp_config.raw_extraction) {
         // message not over, store the line. This is a substitution of
@@ -934,7 +932,7 @@ static int SMTPProcessReply(
                 SMTPSetEvent(state, SMTP_DECODER_EVENT_FAILED_PROTOCOL_CHANGE);
             }
             if (state->curr_tx) {
-                SMTPTransactionComplete(state, f, STREAM_TOCLIENT);
+                SMTPTransactionComplete(state);
             }
         } else {
             /* decoder event */
@@ -955,7 +953,7 @@ static int SMTPProcessReply(
     } else if (IsReplyToCommand(state, SMTP_COMMAND_RSET)) {
         if (reply_code == SMTP_REPLY_250 && state->curr_tx &&
                 !(state->parser_state & SMTP_PARSER_STATE_PARSING_MULTILINE_REPLY)) {
-            SMTPTransactionComplete(state, f, STREAM_TOCLIENT);
+            SMTPTransactionComplete(state);
         }
     } else {
         /* we don't care for any other command for now */
@@ -1096,14 +1094,12 @@ static int SMTPParseCommandRCPTTO(SMTPState *state, const SMTPLine *line)
 }
 
 /* consider 'rset' and 'quit' to be part of the existing state */
-static int NoNewTx(SMTPState *state, Flow *f, const SMTPLine *line)
+static int NoNewTx(SMTPState *state, const SMTPLine *line)
 {
     if (!(state->parser_state & SMTP_PARSER_STATE_COMMAND_DATA_MODE)) {
         if (line->len >= 4 && SCMemcmpLowercase("rset", line->buf, 4) == 0) {
-            AppLayerParserTriggerRawStreamInspection(f, STREAM_TOSERVER);
             return 1;
         } else if (line->len >= 4 && SCMemcmpLowercase("quit", line->buf, 4) == 0) {
-            AppLayerParserTriggerRawStreamInspection(f, STREAM_TOSERVER);
             return 1;
         }
     }
@@ -1154,7 +1150,7 @@ static int SMTPProcessRequest(
     if (line->len == 0 && line->delim_len == 0) {
         return 0;
     }
-    if (state->curr_tx == NULL || (state->curr_tx->done && !NoNewTx(state, f, line))) {
+    if (state->curr_tx == NULL || (state->curr_tx->done && !NoNewTx(state, line))) {
         tx = SMTPTransactionCreate(state);
         if (tx == NULL)
             return -1;