-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

Hi,

attached patch tries to hide any setting that ends in _password (singular) in the output of doveconf by default.

doveconf -n

• -> passwords replaced by "<hidden>" to prevent information leak when submitting bug reports

doveconf -n -P

• -> passwords visible when used by admins locally

doveconf -n -P -P

• -> setting itself is not shown to even hide that a password is set in the config

Warning: doveconf is used by internal programs as well, maybe they won't after the patch. Timo should check out the idea. The passwords are left alone currently, if one queries one setting and if the values are saved to environment.

Kind regards,

Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)

iQEVAwUBUyHQ0nD1/YhP6VMHAQIYkwf/aeiT4MMERJr1abZIHPv5zjvgHlyixwfM huFD2CzbhWUoUlE4auAxUVDP+l/s7jlQzZ04y4vt2BdMauMUDSg8ZcFWxSkj+Veg ZDjTVSP/v386ihH0TlGWXsVp1hCvzJUgylpQYbFwCJ3b58xs7p+8wb2l2Ngj/TTp kmtl8mJ2Z5+MBJqz4IBxye7RXkTndHMC18EjVHxNkIIJ8kEUn7tbs0eljudZXSPD q2gsG0PzvGTOUkuWWvWLVP4nTXBKMIffxX2SDNHmb1gHNV05zL8b5uth3PxUA7d6 NpXsnGHxCfOGf3FPbaTlGPfVpIX5IdTxZTRXHe++tDdlonZInM7V/g== =73ZJ -----END PGP SIGNATURE-----