http: handle both "h2" and "h2h3" in curl info lines

When redacting auth tokens in trace output from curl, we look for http/2
headers of the form "h2h3 [header: value]". This comes from b637a41ebe
(http: redact curl h2h3 headers in info, 2022-11-11).

But the "h2h3" prefix changed to just "h2" in curl's fc2f1e547 (http2:
support HTTP/2 to forward proxies, non-tunneling, 2023-04-14). That's in
released version curl 8.1.0; linking against that version means we'll
fail to correctly redact the trace. Our t5559.17 notices and fails.

We can fix this by matching either prefix, which should handle both old
and new versions.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

diff --git a/http.c b/http.c
index 8a5ba3f47769424e8315658b1f14903cc4957ecf..f30bd0bca9bf2aa0574cf0e1738d2454d24b19e7 100644 (file)
--- a/http.c
+++ b/http.c
@@ -630,7 +630,8 @@ static void redact_sensitive_info_header(struct strbuf *header)
         *   h2h3 [<header-name>: <header-val>]
         */
        if (trace_curl_redact &&
-           skip_iprefix(header->buf, "h2h3 [", &sensitive_header)) {
+           (skip_iprefix(header->buf, "h2h3 [", &sensitive_header) ||
+            skip_iprefix(header->buf, "h2 [", &sensitive_header))) {
                if (redact_sensitive_header(header, sensitive_header - header->buf)) {
                        /* redaction ate our closing bracket */
                        strbuf_addch(header, ']');