Channel state contains un-obfuscated user data

[lukebakken]

Related to #3803

See https://groups.google.com/g/rabbitmq-users/c/Toq7BRq2Npk

The mailing list user reports a case where an LDAP password is logged as part of mfargs to rabbit_channel:start_link.

It appears that the impl field of the #auth_user record could be obfuscated to prevent scenarios like this.

In addition, the user information is stored in the channel state which could be logged at some point -

https://github.com/rabbitmq/rabbitmq-server/blob/master/deps/rabbit/src/rabbit_channel.erl#L531