fetch-pack: redact packfile urls in traces

In some setups, packfile uris act as bearer token. It is not recommended to expose them plainly in logs, although in special circunstances (e.g. debug) it makes sense to write them. Redact the packfile URL paths by default, unless the GIT_TRACE_REDACT variable is set to false. This mimics the redacting of the Authorization header in HTTP. Signed-off-by: Ivan Frade <ifrade@google.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
author: Ivan Frade <ifrade@google.com> 2021-11-10 23:51:28 +0000
committer: Junio C Hamano <gitster@pobox.com> 2021-11-11 10:07:43 -0800
commit: 88e9b1e3fcbd3a8edcf1d54528c49f8237906aba (patch)
tree: 7fdb889a781c5e3b6f57a85a9cde0c4a861eec11 /fetch-pack.c
parent: e9e5ba39a78c8f5057262d49e261b42a8660d5b9 (diff)
download: git-88e9b1e3fcbd3a8edcf1d54528c49f8237906aba.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/fetch-pack.c b/fetch-pack.c
index a9604f35a3..8b8c75f33a 100644
--- a/fetch-pack.c
+++ b/fetch-pack.c
@@ -1653,8 +1653,13 @@ static struct ref *do_fetch_pack_v2(struct fetch_pack_args *args,
 				receive_wanted_refs(&reader, sought, nr_sought);
 
 			/* get the pack(s) */
+			if (git_env_bool("GIT_TRACE_REDACT", 1))
+				reader.options |= PACKET_READ_REDACT_URI_PATH;
 			if (process_section_header(&reader, "packfile-uris", 1))
 				receive_packfile_uris(&reader, &packfile_uris);
+			/* We don't expect more URIs. Reset to avoid expensive URI check. */
+			reader.options &= ~PACKET_READ_REDACT_URI_PATH;
+
 			process_section_header(&reader, "packfile", 0);
 
 			/*
author	Ivan Frade <ifrade@google.com>	2021-11-10 23:51:28 +0000
committer	Junio C Hamano <gitster@pobox.com>	2021-11-11 10:07:43 -0800
commit	88e9b1e3fcbd3a8edcf1d54528c49f8237906aba (patch)
tree	7fdb889a781c5e3b6f57a85a9cde0c4a861eec11 /fetch-pack.c
parent	e9e5ba39a78c8f5057262d49e261b42a8660d5b9 (diff)
download	git-88e9b1e3fcbd3a8edcf1d54528c49f8237906aba.tar.gz