Apply `sensitive` in some info-level log messages.

This specifically applies the `sensitive` wrapper in the places
where we're logging target addresses at level "info" or higher.

Cargo.lock

@@ -86,6 +86,7 @@ dependencies = [
  "notify",
  "once_cell",
  "rlimit",
+ "safelog",
  "serde",
  "tokio",
  "tor-config",
@@ -135,6 +136,7 @@ dependencies = [
  "once_cell",
  "pin-project",
  "postage",
+ "safelog",
  "serde",
  "tempfile",
  "thiserror",
@@ -3374,6 +3376,7 @@ dependencies = [
  "pin-project",
  "rand 0.8.5",
  "retry-error",
+ "safelog",
  "serde",
  "static_assertions",
  "thiserror",

crates/arti-client/Cargo.toml

@@ -31,6 +31,7 @@ error_detail = []
 experimental-api = []
 
 [dependencies]
+safelog = { path = "../safelog", version = "0.2.0" }
 tor-basic-utils = { path = "../tor-basic-utils", version = "0.2.0" }
 tor-circmgr = { path = "../tor-circmgr", version = "0.2.0" }
 tor-config = { path = "../tor-config", version = "0.2.0" }

crates/arti-client/src/client.rs

@@ -7,6 +7,7 @@
 use crate::address::IntoTorAddr;
 
 use crate::config::{ClientAddrConfig, StreamTimeoutConfig, TorClientConfig};
+use safelog::sensitive;
 use tor_circmgr::isolation::Isolation;
 use tor_circmgr::{isolation::StreamIsolationBuilder, IsolationToken, TargetPort};
 use tor_config::MutCfg;
@@ -675,7 +676,7 @@ impl<R: Runtime> TorClient<R> {
             .get_or_launch_exit_circ(&exit_ports, prefs)
             .await
             .map_err(wrap_err)?;
-        info!("Got a circuit for {}:{}", addr, port);
+        info!("Got a circuit for {}:{}", sensitive(&addr), port);
 
         let stream_future = circ.begin_stream(&addr, port, Some(prefs.stream_parameters()));
         // This timeout is needless but harmless for optimistic streams.

crates/arti/Cargo.toml

@@ -23,6 +23,7 @@ static-native-tls = ["arti-client/static-native-tls", "native-tls"]
 journald = ["tracing-journald"]
 
 [dependencies]
+safelog = { path = "../safelog", version = "0.2.0" }
 arti-client = { package = "arti-client", path = "../arti-client", version = "0.2.0", default-features = false }
 tor-config = { path = "../tor-config", version = "0.2.0" }
 tor-error = { path = "../tor-error", version = "0.2.0", default-features = false }

crates/arti/src/socks.rs

@@ -7,6 +7,7 @@ use futures::future::FutureExt;
 use futures::io::{AsyncRead, AsyncReadExt, AsyncWrite, AsyncWriteExt, Error as IoError};
 use futures::stream::StreamExt;
 use futures::task::SpawnExt;
+use safelog::sensitive;
 use std::io::Result as IoResult;
 use std::net::{IpAddr, Ipv4Addr, Ipv6Addr, SocketAddr};
 use tracing::{error, info, warn};
@@ -162,7 +163,7 @@ See <a href="https://gitlab.torproject.org/tpo/core/arti/#todo-need-to-change-wh
     info!(
         "Got a socks request: {} {}:{}",
         request.command(),
-        addr,
+        sensitive(&addr),
         port
     );
 
@@ -202,7 +203,7 @@ See <a href="https://gitlab.torproject.org/tpo/core/arti/#todo-need-to-change-wh
                 }
             };
             // Okay, great! We have a connection over the Tor network.
-            info!("Got a stream for {}:{}", addr, port);
+            info!("Got a stream for {}:{}", sensitive(&addr), port);
             // TODO: Should send a SOCKS reply if something fails. See #258.
 
             // Send back a SOCKS response, telling the client that it

crates/tor-circmgr/Cargo.toml

@@ -19,6 +19,7 @@ repository = "https://gitlab.torproject.org/tpo/core/arti.git/"
 experimental-api = []
 
 [dependencies]
+safelog = { path = "../safelog", version = "0.2.0" }
 tor-basic-utils = { path = "../tor-basic-utils", version = "0.2.0" }
 tor-chanmgr = { path = "../tor-chanmgr", version = "0.2.0" }
 tor-config = { path = "../tor-config", version = "0.2.0" }