Add flag MaskSensitiveInfo

src/HttpHeader.cc

@@ -669,16 +669,15 @@ HttpHeader::parse(const char *header_start, size_t hdrLen, Http::ContentLengthIn
 
 /* packs all the entries using supplied packer */
 void
-HttpHeader::packInto(Packable * p, bool mask_sensitive_info) const
+HttpHeader::packInto(Packable * p, MaskSensitiveInfo masking) const
 {
     HttpHeaderPos pos = HttpHeaderInitPos;
     const HttpHeaderEntry *e;
     assert(p);
-    debugs(55, 7, this << " into " << p <<
-           (mask_sensitive_info ? " while masking" : ""));
+    debugs(55, 7, this << " into " << p << (masking == MaskSensitiveInfo::on ? " while masking" : ""));
     /* pack all entries one by one */
     while ((e = getEntry(&pos))) {
-        if (!mask_sensitive_info) {
+        if (masking == MaskSensitiveInfo::off) {
             e->packInto(p);
             continue;
         }

src/HttpHeader.h

@@ -11,6 +11,7 @@
 
 #include "anyp/ProtocolVersion.h"
 #include "base/LookupTable.h"
+#include "base/MaskSensitiveInfo.h"
 #include "http/RegisteredHeaders.h"
 /* because we pass a spec by value */
 #include "HttpHeaderMask.h"
@@ -96,7 +97,9 @@ class HttpHeader
     /// \returns 0 when needs more data
     /// \returns -1 on error
     int parse(const char *buf, size_t buf_len, bool atEnd, size_t &hdr_sz, Http::ContentLengthInterpreter &interpreter);
-    void packInto(Packable * p, bool mask_sensitive_info=false) const;
+    /// Serialize HTTP Fields using HTTP/1.1 syntax in RFC 9112 section 5.
+    /// Optionally redact credentials in HTTP Authentication headers.
+    void packInto(Packable *, MaskSensitiveInfo) const;
     HttpHeaderEntry *getEntry(HttpHeaderPos * pos) const;
     HttpHeaderEntry *findEntry(Http::HdrType id) const;
     /// deletes all fields with a given name, if any.

src/HttpReply.cc

@@ -87,7 +87,7 @@ void
 HttpReply::packHeadersUsingFastPacker(Packable &p) const
 {
     sline.packInto(&p);
-    header.packInto(&p);
+    header.packInto(&p, MaskSensitiveInfo::off);
     p.append("\r\n", 2);
 }
 

src/HttpRequest.cc

@@ -334,19 +334,19 @@ HttpRequest::swapOut(StoreEntry * e)
 {
     assert(e);
     e->buffer();
-    pack(e);
+    pack(e, MaskSensitiveInfo::off);
     e->flush();
 }
 
 /* packs request-line and headers, appends <crlf> terminator */
 void
-HttpRequest::pack(Packable * const p, const bool maskSensitiveInfo) const
+HttpRequest::pack(Packable * const p, MaskSensitiveInfo mask) const
 {
     assert(p);
     /* pack request-line */
     packFirstLineInto(p, false /* origin-form */);
     /* headers */
-    header.packInto(p, maskSensitiveInfo);
+    header.packInto(p, mask);
     /* indicate the end of the header section */
     p->append("\r\n", 2);
 }
@@ -358,7 +358,7 @@ void
 httpRequestPack(void *obj, Packable *p)
 {
     HttpRequest *request = static_cast<HttpRequest*>(obj);
-    request->pack(p);
+    request->pack(p, MaskSensitiveInfo::off);
 }
 
 /* returns the length of request line + headers + crlf */

src/HttpRequest.h

@@ -204,7 +204,9 @@ class HttpRequest: public Http::Message
 
     void swapOut(StoreEntry * e);
 
-    void pack(Packable * p, bool maskSensitiveInfo = false) const;
+    /// Serialize HTTP Request using HTTP/1.1 origin-form syntax in RFC 9112 section 3.
+    /// \copydoc HttpHeader::packInto()
+    void pack(Packable * const, MaskSensitiveInfo) const;
 
     static void httpRequestPack(void *obj, Packable *p);
 

src/adaptation/ecap/MessageRep.cc

@@ -94,7 +94,9 @@ Adaptation::Ecap::HeaderRep::image() const
 {
     MemBuf mb;
     mb.init();
-    theMessage.packInto(&mb, true);
+    // XXX: libecap does not provide for header masking
+    // we are forced to trust the library does not leak
+    theMessage.packInto(&mb, true, MaskSensitiveInfo::off);
     return Area::FromTempBuffer(mb.content(), mb.contentSize());
 }
 

src/adaptation/icap/ModXact.cc

@@ -961,7 +961,7 @@ void Adaptation::Icap::ModXact::prepEchoing()
 
     // write the virgin message into a memory buffer
     httpBuf.init();
-    packHead(httpBuf, oldHead);
+    packHead(httpBuf, oldHead, MaskSensitiveInfo::off);
 
     // allocate the adapted message and copy metainfo
     Must(!adapted.header);
@@ -1615,15 +1615,15 @@ Adaptation::Icap::ModXact::encapsulateHead(MemBuf &icapBuf, const char *section,
     }
 
     // pack polished HTTP header
-    packHead(httpBuf, headClone.getRaw());
+    packHead(httpBuf, headClone.getRaw(), MaskSensitiveInfo::off);
 
     // headClone unlocks and, hence, deletes the message we packed
 }
 
 void
-Adaptation::Icap::ModXact::packHead(MemBuf &httpBuf, const Http::Message *head)
+Adaptation::Icap::ModXact::packHead(MemBuf &httpBuf, const Http::Message *head, const MaskSensitiveInfo masking)
 {
-    head->packInto(&httpBuf, true);
+    head->packInto(&httpBuf, true, masking);
 }
 
 // decides whether to offer a preview and calculates its size

src/adaptation/icap/ModXact.h

@@ -281,7 +281,7 @@ class ModXact: public Xaction, public BodyProducer, public BodyConsumer
     template<class Part>
     bool parsePart(Part *part, const char *description);
 
-    void packHead(MemBuf &httpBuf, const Http::Message *head);
+    void packHead(MemBuf &httpBuf, const Http::Message *head, const MaskSensitiveInfo);
     void encapsulateHead(MemBuf &icapBuf, const char *section, MemBuf &httpBuf, const Http::Message *head);
     bool gotEncapsulated(const char *section) const;
     /// whether ICAP response header indicates HTTP header presence

src/base/Makefile.am

@@ -48,6 +48,7 @@ libbase_la_SOURCES = \
 	JobWait.h \
 	Lock.h \
 	LookupTable.h \
+	MaskSensitiveInfo.h \
 	OnOff.h \
 	Packable.h \
 	PackableStream.h \

src/base/MaskSensitiveInfo.h

@@ -0,0 +1,17 @@
+/*
+ * Copyright (C) 1996-2025 The Squid Software Foundation and contributors
+ *
+ * Squid software is distributed under GPLv2+ license and includes
+ * contributions from numerous individuals and organizations.
+ * Please see the COPYING and CONTRIBUTORS files for details.
+ */
+
+#ifndef SQUID_SRC_BASE_MASKSENSITIVEINFO_H
+#define SQUID_SRC_BASE_MASKSENSITIVEINFO_H
+
+#include "base/OnOff.h"
+
+/// Flags for explicit decisions on handling of sensitive information.
+using MaskSensitiveInfo = OnOff;
+
+#endif /* SQUID_SRC_BASE_MASKSENSITIVEINFO_H */

src/client_side.cc

@@ -327,22 +327,22 @@ prepareLogWithRequestDetails(HttpRequest *request, const AccessLogEntryPointer &
     if (Config.onoff.log_mime_hdrs) {
         MemBuf mb;
         mb.init();
-        request->header.packInto(&mb);
+        request->header.packInto(&mb, MaskSensitiveInfo::off);
         //This is the request after adaptation or redirection
         aLogEntry->headers.adapted_request = xstrdup(mb.buf);
 
         // the virgin request is saved to aLogEntry->request
         if (aLogEntry->request) {
             mb.reset();
-            aLogEntry->request->header.packInto(&mb);
+            aLogEntry->request->header.packInto(&mb, MaskSensitiveInfo::off);
             aLogEntry->headers.request = xstrdup(mb.buf);
         }
 
 #if USE_ADAPTATION
         const Adaptation::History::Pointer ah = request->adaptLogHistory();
         if (ah != nullptr) {
             mb.reset();
-            ah->lastMeta.packInto(&mb);
+            ah->lastMeta.packInto(&mb, MaskSensitiveInfo::off);
             aLogEntry->adapt.last_meta = xstrdup(mb.buf);
         }
 #endif
@@ -724,7 +724,7 @@ clientPackRangeHdr(const HttpReplyPointer &rep, const HttpHdrRangeSpec * spec, S
 
     httpHeaderAddContRange(&hdr, *spec, rep->content_length);
 
-    hdr.packInto(mb);
+    hdr.packInto(mb, MaskSensitiveInfo::off);
     hdr.clean();
 
     /* append <crlf> (we packed a header, not a reply) */

src/client_side_reply.cc

@@ -1004,7 +1004,7 @@ clientReplyContext::traceReply()
     http->storeEntry()->buffer();
     MemBuf content;
     content.init();
-    http->request->pack(&content, true /* hide authorization data */);
+    http->request->pack(&content, MaskSensitiveInfo::on);
     const HttpReplyPointer rep(new HttpReply);
     rep->setHeaders(Http::scOkay, nullptr, "message/http", content.contentSize(), 0, squid_curtime);
     rep->body.set(SBuf(content.buf, content.size));

src/clients/HttpTunneler.cc

@@ -152,7 +152,7 @@ Http::Tunneler::writeRequest()
                                               &hdr_out,
                                               connection->getPeer(),
                                               flags);
-        hdr_out.packInto(&mb);
+        hdr_out.packInto(&mb, MaskSensitiveInfo::off);
         hdr_out.clean();
         mb.append("\r\n", 2);
 

src/errorpage.cc

@@ -886,7 +886,7 @@ ErrorState::Dump(MemBuf * mb)
         body << "HTTP Request:\r\n";
         MemBuf r;
         r.init();
-        request->pack(&r, true /* hide authorization data */);
+        request->pack(&r, MaskSensitiveInfo::on);
         body << r.content();
     }
 
@@ -1149,7 +1149,7 @@ ErrorState::compileLegacyCode(Build &build)
             break;
         }
         else if (request)
-            request->pack(&mb, true /* hide authorization data */);
+            request->pack(&mb, MaskSensitiveInfo::on);
         else
             p = "[no request]";
         break;

src/htcp.cc

@@ -865,7 +865,7 @@ htcpTstReply(htcpDataHeader * dhdr, StoreEntry * e, htcpSpecifier * spec, Ip::Ad
             hdr.putInt(Http::HdrType::AGE, 0);
         MemBuf mb;
         mb.init();
-        hdr.packInto(&mb);
+        hdr.packInto(&mb, MaskSensitiveInfo::off);
         stuff.D.resp_hdrs = xstrdup(mb.buf);
         stuff.D.respHdrsSz = mb.contentSize();
         debugs(31, 3, "htcpTstReply: resp_hdrs = {" << stuff.D.resp_hdrs << "}");
@@ -878,7 +878,7 @@ htcpTstReply(htcpDataHeader * dhdr, StoreEntry * e, htcpSpecifier * spec, Ip::Ad
         if (e && e->lastModified() > -1)
             hdr.putTime(Http::HdrType::LAST_MODIFIED, e->lastModified());
 
-        hdr.packInto(&mb);
+        hdr.packInto(&mb, MaskSensitiveInfo::off);
 
         stuff.D.entity_hdrs = xstrdup(mb.buf);
         stuff.D.entityHdrsSz = mb.contentSize();
@@ -904,7 +904,7 @@ htcpTstReply(htcpDataHeader * dhdr, StoreEntry * e, htcpSpecifier * spec, Ip::Ad
         }
 #endif /* USE_ICMP */
 
-        hdr.packInto(&mb);
+        hdr.packInto(&mb, MaskSensitiveInfo::off);
         stuff.D.cache_hdrs = xstrdup(mb.buf);
         stuff.D.cacheHdrsSz = mb.contentSize();
         debugs(31, 3, "htcpTstReply: cache_hdrs = {" << stuff.D.cache_hdrs << "}");
@@ -1579,7 +1579,7 @@ htcpQuery(StoreEntry * e, HttpRequest * req, CachePeer * p)
     HttpStateData::httpBuildRequestHeader(req, e, nullptr, &hdr, p, flags);
     MemBuf mb;
     mb.init();
-    hdr.packInto(&mb);
+    hdr.packInto(&mb, MaskSensitiveInfo::off);
     hdr.clean();
     stuff.S.req_hdrs = mb.buf;
     pktlen = htcpBuildPacket(pkt, sizeof(pkt), &stuff);
@@ -1633,7 +1633,7 @@ htcpClear(StoreEntry * e, HttpRequest * req, const HttpRequestMethod &, CachePee
     if (reason != HTCP_CLR_INVALIDATION) {
         HttpStateData::httpBuildRequestHeader(req, e, nullptr, &hdr, p, flags);
         mb.init();
-        hdr.packInto(&mb);
+        hdr.packInto(&mb, MaskSensitiveInfo::off);
         hdr.clean();
         stuff.S.req_hdrs = mb.buf;
     } else {

src/http.cc

@@ -2399,7 +2399,7 @@ HttpStateData::buildRequestPrefix(MemBuf * mb)
             upgradeHeaderOut = new String(hdr.getList(Http::HdrType::UPGRADE));
         }
 
-        hdr.packInto(mb);
+        hdr.packInto(mb, MaskSensitiveInfo::off);
         hdr.clean();
     }
     /* append header terminator */

src/http/Message.cc

@@ -250,10 +250,10 @@ Http::Message::persistent() const
 }
 
 void
-Http::Message::packInto(Packable *p, bool full_uri) const
+Http::Message::packInto(Packable *p, bool full_uri, const MaskSensitiveInfo mask) const
 {
     packFirstLineInto(p, full_uri);
-    header.packInto(p);
+    header.packInto(p, mask);
     p->append("\r\n", 2);
 }
 

src/http/Message.h

@@ -50,7 +50,7 @@ class Message : public RefCountable
 
     virtual void reset() = 0; // will have body when http*Clean()s are gone
 
-    void packInto(Packable *, bool full_uri) const;
+    void packInto(Packable *, bool full_uri, const MaskSensitiveInfo) const;
 
     ///< produce a message copy, except for a few connection-specific settings
     virtual Http::Message *clone() const = 0; // TODO rename: not a true copy?

src/servers/FtpServer.cc

@@ -1310,7 +1310,7 @@ Ftp::Server::handleRequest(HttpRequest *request)
     if (Debug::Enabled(9, 2)) {
         MemBuf mb;
         mb.init();
-        request->pack(&mb);
+        request->pack(&mb, MaskSensitiveInfo::off);
 
         debugs(9, 2, "FTP Client " << clientConnection);
         debugs(9, 2, "FTP Client REQUEST:\n---------\n" << mb.buf <<

src/tests/stub_HttpHeader.cc

@@ -31,7 +31,7 @@ void HttpHeader::update(const HttpHeader *) STUB
 void HttpHeader::compact() STUB
 int HttpHeader::parse(const char *, size_t, Http::ContentLengthInterpreter &) STUB_RETVAL(-1)
 int HttpHeader::parse(const char *, size_t, bool, size_t &, Http::ContentLengthInterpreter &) STUB_RETVAL(-1)
-void HttpHeader::packInto(Packable *, bool) const STUB
+void HttpHeader::packInto(Packable *, MaskSensitiveInfo) const STUB
 HttpHeaderEntry *HttpHeader::getEntry(HttpHeaderPos *) const STUB_RETVAL(nullptr)
 HttpHeaderEntry *HttpHeader::findEntry(Http::HdrType) const STUB_RETVAL(nullptr)
 int HttpHeader::delByName(const SBuf &) STUB_RETVAL(0)

src/tests/stub_HttpRequest.cc

@@ -45,7 +45,7 @@ bool HttpRequest::expectingBody(const HttpRequestMethod &, int64_t &) const STUB
 bool HttpRequest::bodyNibbled() const STUB_RETVAL(false)
 int HttpRequest::prefixLen() const STUB_RETVAL(0)
 void HttpRequest::swapOut(StoreEntry *) STUB
-void HttpRequest::pack(Packable *, bool) const STUB
+void HttpRequest::pack(Packable *, MaskSensitiveInfo) const STUB
 void HttpRequest::httpRequestPack(void *, Packable *) STUB
 HttpRequest * HttpRequest::FromUrl(const SBuf &, const MasterXaction::Pointer &, const HttpRequestMethod &) STUB_RETVAL(nullptr)
 HttpRequest * HttpRequest::FromUrlXXX(const char *, const MasterXaction::Pointer &, const HttpRequestMethod &) STUB_RETVAL(nullptr)

src/tests/stub_libhttp.cc

@@ -38,7 +38,7 @@ namespace Http
 {
 Message::Message(const http_hdr_owner_type owner): header(owner) {STUB}
 Message::~Message() {STUB}
-void Message::packInto(Packable *, bool) const STUB
+void Message::packInto(Packable *, bool, const MaskSensitiveInfo) const STUB
 void Message::setContentLength(int64_t) STUB
 bool Message::persistent() const STUB_RETVAL(false)
 void Message::putCc(const HttpHdrCc &) STUB