[BUGFIX] Apply additional encoding on the encrypted password for transport safety

Author: vertexvaar

Classes/Authenticator.php

@@ -97,8 +97,9 @@ public function authUser(array $user)
         }
 
         // prevent error output which would show the plain text password
-        if (true === @openssl_public_encrypt($this->login['uident_text'], $encrypted, $pubKeyArray['pubKey'])) {
-            $encodedPassword = base64_encode($encrypted);
+        $publicKey = base64_decode($pubKeyArray['pubKey']);
+        if (true === @openssl_public_encrypt($this->login['uident_text'], $encrypted, $publicKey)) {
+            $encodedPassword = urlencode(base64_encode($encrypted));
 
             try {
                 if ($this->client->authUser($user['username'], $encodedPassword, $pubKeyArray['encryptionId'])) {

ext_emconf.php

@@ -10,7 +10,7 @@
     'author' => 'Oliver Eglseder',
     'author_email' => 'php@vxvr.de',
     'author_company' => 'in2code GmbH',
-    'version' => '1.0.0',
+    'version' => '1.0.1',
     'constraints' => [
         'depends' => [],
         'conflicts' => [],