matching: multi match support

[securitym0nkey]

Make sure these boxes are signed before submitting your Pull Request
-- thank you.

• I have read the contributing guide lines at
  https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Contributing
• I have signed the Open Information Security Foundation
  contribution agreement at
  https://suricata-ids.org/about/contribution-agreement/
• I have updated the user guide (in doc/userguide/) to reflect the
  changes made (if applicable)

This is an implementation of redmine 2509

Describe changes:

This is a resubmit of pr #37. After reworking to fit the 2023 code base.

It adds support to specify multiple conditions to match a rule.

Syntax:
multi:<match_condition1>;<match_condition2>;...<match_conditionN>;

Examples:
Match all rules including the term "nmap" but just from the "emerging-scan.rules" file.
multi:filename:rule/emerging-scan.rules; re:nmap;

Match all rules with a recent cve reference and a perimeter deployment
multi:re:cve-202[23];metadata: deployment perimeter;

[jasonish]

Sorry for taking so long to get to this. One issue I have is not all valid regex's are supported. For example:

re: sid:\s*2100498;\s*rev:7;

works...

but:

multi: re: sid:\s*2100498;\s*rev:7;

appears to work, but actually fails to properly load as it will only take up to the ;, then silently fail to load the remainder. So I think that would need to be addressed with some test cases.

[jasonish]

#331 (comment)