From 44294514544f1c44b48b4923ccc2ccd119772316 Mon Sep 17 00:00:00 2001
From: heru <github@heruwar.com>
Date: Sat, 25 Nov 2017 18:14:41 +0100
Subject: [PATCH] Dont sent plaintext password in requests and use subsonic
 hex-encoding with legacy auth

---
 lib/libsonic_extra/__init__.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/libsonic_extra/__init__.py b/lib/libsonic_extra/__init__.py
index 488c556..b490a39 100644
--- a/lib/libsonic_extra/__init__.py
+++ b/lib/libsonic_extra/__init__.py
@@ -293,7 +293,8 @@ class SubsonicClient(libsonic.Connection):
             parts = list(urlparse.urlparse(
                 args[0].get_full_url() + "?" + args[0].data))
             parts[4] = dict(urlparse.parse_qsl(parts[4]))
-            parts[4].update({"u": self.username, "p": self.password})
+            if self._legacyAuth:
+                parts[4].update({"u": self.username, "p": 'enc:%s' % self._hexEnc(self._rawPass)})
             parts[4] = urllib.urlencode(parts[4])
 
             return urlparse.urlunparse(parts)