Don't use Crypt::URandom inside jail: this import file access libraries

lemonldap-ng-common/lib/Lemonldap/NG/Common/Crypto.pm

@@ -64,13 +64,13 @@ sub _getCipher {
 # @param data data to encrypt
 # @return encrypted data in Base64 format
 sub encrypt {
-    my ( $self, $data ) = @_;
+    my ( $self, $data, $low ) = @_;
 
     # pad $data so that its length be multiple of 16 bytes
     my $l = bytes::length($data) % 16;
     $data .= "\0" x ( 16 - $l ) unless ( $l == 0 );
 
-    my $iv = $newIv->();
+    my $iv = $low ? md5( rand() . time . {} ) : $newIv->();
     eval {
         $data =
           encode_base64( $iv . $self->_getCipher->set_iv($iv)->encrypt($data),
@@ -102,6 +102,7 @@ sub decrypt {
     $iv = bytes::substr( $data, 0, 16 );
     $data = bytes::substr( $data, 16 );
     eval { $data = $self->_getCipher->set_iv($iv)->decrypt($data); };
+
     if ($@) {
         $msg = "Crypt::Rijndael error : $@";
         return undef;

lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Jail.pm

@@ -103,7 +103,7 @@ sub build_jail {
 
 # Import crypto methods for jail
 sub encrypt {
-    return &Lemonldap::NG::Handler::Main::tsv->{cipher}->encrypt(@_);
+    return &Lemonldap::NG::Handler::Main::tsv->{cipher}->encrypt( $_[0], 1 );
 }
 
 sub token {