Sodium error when running queuednotification using cron without activated sodium extension

[viktor-sc]

Describe the bug

On a system that uses an outdate libsodium with the sodium extension disabled in PHP, it seems still to be used when running cron.php when there are emails in the queue to send. This leads to an error and the queuednotification task is in 'running' state forever:

`PHP Warning: Use of undefined constant SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES - assumed 'SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES' (this will throw an Error in a future version of PHP) in /volume1/web/glpi/inc/toolbox.class.php on line 287

Warning: Use of undefined constant SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES - assumed 'SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES' (this will throw an Error in a future version of PHP) in /volume1/web/glpi/inc/toolbox.class.php on line 287 PHP Warning: mb_substr() expects parameter 3 to be int, string given in /volume1/web/glpi/inc/toolbox.class.php on line 287

Warning: mb_substr() expects parameter 3 to be int, string given in /volume1/web/glpi/inc/toolbox.class.php on line 287 PHP Warning: Use of undefined constant SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES - assumed 'SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES' (this will throw an Error in a future version of PHP) in /volume1/web/glpi/inc/toolbox.class.php on line 288`

To reproduce

Steps to reproduce the behavior:

1. Use a system with an outdate libsodium and PHP 7.3. Disable the sodium extension in PHP. Like on a synology NAS.
2. Notice that all is fine and emails can be sent fine when executing the task queuednotification from the UI.
3. Make sure there's an email in the queue that should be sent. Also, make sure the queuednotification task is configured to run in CLI mode.
4. Run the cron.php from the command line (like '/usr/local/bin/php73 /volume1/web/glpi/front/cron.php').
5. It fails with the error mentioned above. The task will remain in the 'running' state forever.

Expected behavior

Running the queuednotification task from the UI (setup > automatic actions > queuednotification > Execute) and running it from cron should behave equally.

Logs

[2020-08-18 13:44:11] glpiphplog.WARNING:   *** PHP Warning (2): Use of undefined constant SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES - assumed 'SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES' (this will throw an Error in a future version of PHP) in /volume1/web/glpi/inc/toolbox.class.php at line 287
  Backtrace :
  inc/glpimailer.class.php:68                        Toolbox::sodiumDecrypt()
  inc/notificationeventmailing.class.php:118         GLPIMailer->__construct()
  inc/queuednotification.class.php:564               NotificationEventMailing::send()
  inc/crontask.class.php:847                         QueuedNotification::cronQueuedNotification()
  front/cron.php:83                                  CronTask::launch()

[2020-08-18 13:44:11] glpiphplog.WARNING:   *** PHP Warning (2): mb_substr() expects parameter 3 to be int, string given in /volume1/web/glpi/inc/toolbox.class.php at line 287
  Backtrace :
  inc/toolbox.class.php:287                          mb_substr()
  inc/glpimailer.class.php:68                        Toolbox::sodiumDecrypt()
  inc/notificationeventmailing.class.php:118         GLPIMailer->__construct()
  inc/queuednotification.class.php:564               NotificationEventMailing::send()
  inc/crontask.class.php:847                         QueuedNotification::cronQueuedNotification()
  front/cron.php:83                                  CronTask::launch()

[2020-08-18 13:44:11] glpiphplog.WARNING:   *** PHP Warning (2): Use of undefined constant SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES - assumed 'SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES' (this will throw an Error in a future version of PHP) in /volume1/web/glpi/inc/toolbox.class.php at line 288
  Backtrace :
  inc/glpimailer.class.php:68                        Toolbox::sodiumDecrypt()
  inc/notificationeventmailing.class.php:118         GLPIMailer->__construct()
  inc/queuednotification.class.php:564               NotificationEventMailing::send()
  inc/crontask.class.php:847                         QueuedNotification::cronQueuedNotification()
  front/cron.php:83                                  CronTask::launch()

[2020-08-18 13:44:11] glpiphplog.WARNING:   *** PHP Warning (2): mb_substr() expects parameter 2 to be int, string given in /volume1/web/glpi/inc/toolbox.class.php at line 288
  Backtrace :
  inc/toolbox.class.php:288                          mb_substr()
  inc/glpimailer.class.php:68                        Toolbox::sodiumDecrypt()
  inc/notificationeventmailing.class.php:118         GLPIMailer->__construct()
  inc/queuednotification.class.php:564               NotificationEventMailing::send()
  inc/crontask.class.php:847                         QueuedNotification::cronQueuedNotification()
  front/cron.php:83                                  CronTask::launch()

[2020-08-18 13:44:11] glpiphplog.CRITICAL:   *** Uncaught Exception Error: Call to undefined function sodium_crypto_aead_xchacha20poly1305_ietf_decrypt() in /volume1/web/glpi/inc/toolbox.class.php at line 289
  Backtrace :
  inc/glpimailer.class.php:68                        Toolbox::sodiumDecrypt()
  inc/notificationeventmailing.class.php:118         GLPIMailer->__construct()
  inc/queuednotification.class.php:564               NotificationEventMailing::send()
  inc/crontask.class.php:847                         QueuedNotification::cronQueuedNotification()
  front/cron.php:83                                  CronTask::launch()

Your GLPI setup (you can find it in Setup > General menu, System tab)

[code]

GLPI 9.5.1 (/glpi => /volume1/web/glpi)
Installation mode: TARBALL

Server

Operating system: Linux ds216 3.10.105 #25426 SMP Wed Jul 8 03:10:30 CST 2020 armv7l
PHP 7.3.16 fpm-fcgi (Core, PDO, Reflection, SPL, SimpleXML, Zend OPcache, apcu, bcmath, bz2, calendar, cgi-fcgi, ctype, curl,
    date, dba, dom, exif, fileinfo, filter, ftp, gd, gettext, gmp, hash, iconv, imap, intl, json, libxml, mbstring, mysqli, mysqlnd,
    openssl, pcntl, pcre, pdo_dblib, pdo_mysql, pdo_pgsql, pdo_sqlite, pgsql, posix, readline, session, shmop, soap, sockets,
    standard, sysvmsg, sysvsem, sysvshm, tokenizer, wddx, xml, xmlreader, xmlrpc, xmlwriter, zip, zlib)
Setup: max_execution_time="240" memory_limit="128M" post_max_size="80M" safe_mode="" session.save_handler="files"
    upload_max_filesize="80M" 
Software: Apache/2.4.43 (Unix) ()
    Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36
Server Software: Source distribution
    Server Version: 10.3.21-MariaDB
    Server SQL Mode: 
    Parameters: root@127.0.0.1:3307/glpi
    Host info: 127.0.0.1 via TCP/IP

PHP version is at least 7.2.0 - Perfect!PHP version is at least 7.2.0 - Perfect!
Sessions support is available - Perfect!Sessions support is available - Perfect!
Allocated memory > 64 Mio - Perfect!Allocated memory > 64 Mio - Perfect!
mysqli extension is installedmysqli extension is installed
ctype extension is installedctype extension is installed
fileinfo extension is installedfileinfo extension is installed
json extension is installedjson extension is installed
mbstring extension is installedmbstring extension is installed
iconv extension is installediconv extension is installed
zlib extension is installedzlib extension is installed
curl extension is installedcurl extension is installed
gd extension is installedgd extension is installed
simplexml extension is installedsimplexml extension is installed
intl extension is installedintl extension is installed
ldap extension is not presentldap extension is not present
apcu extension is installedapcu extension is installed
Zend OPcache extension is installedZend OPcache extension is installed
xmlrpc extension is installedxmlrpc extension is installed
CAS extension is not presentCAS extension is not present
exif extension is installedexif extension is installed
zip extension is installedzip extension is installed
bz2 extension is installedbz2 extension is installed
sodium extension is not presentsodium extension is not present
Database version seems correct (10.3.21) - Perfect!Database version seems correct (10.3.21) - Perfect!
Timezones seems not loaded, see https://glpi-install.readthedocs.io/en/latest/timezones.html.Timezones seems not loaded, see https://glpi-install.readthedocs.io/en/latest/timezones.html.
The log file has been created successfully.The log file has been created successfully.
Write access to /volume1/web/glpi/config has been validated.Write access to /volume1/web/glpi/config has been validated.
Write access to /volume1/web/glpi/files has been validated.Write access to /volume1/web/glpi/files has been validated.
Write access to /volume1/web/glpi/files/_dumps has been validated.Write access to /volume1/web/glpi/files/_dumps has been validated.
Write access to /volume1/web/glpi/files/_sessions has been validated.Write access to /volume1/web/glpi/files/_sessions has been validated.
Write access to /volume1/web/glpi/files/_cron has been validated.Write access to /volume1/web/glpi/files/_cron has been validated.
Write access to /volume1/web/glpi/files/_graphs has been validated.Write access to /volume1/web/glpi/files/_graphs has been validated.
Write access to /volume1/web/glpi/files/_lock has been validated.Write access to /volume1/web/glpi/files/_lock has been validated.
Write access to /volume1/web/glpi/files/_plugins has been validated.Write access to /volume1/web/glpi/files/_plugins has been validated.
Write access to /volume1/web/glpi/files/_tmp has been validated.Write access to /volume1/web/glpi/files/_tmp has been validated.
Write access to /volume1/web/glpi/files/_cache has been validated.Write access to /volume1/web/glpi/files/_cache has been validated.
Write access to /volume1/web/glpi/files/_rss has been validated.Write access to /volume1/web/glpi/files/_rss has been validated.
Write access to /volume1/web/glpi/files/_uploads has been validated.Write access to /volume1/web/glpi/files/_uploads has been validated.
Write access to /volume1/web/glpi/files/_pictures has been validated.Write access to /volume1/web/glpi/files/_pictures has been validated.
Write access to /volume1/web/glpi/marketplace has been validated.Write access to /volume1/web/glpi/marketplace has been validated.
Web access to files directory is protectedWeb access to files directory is protected

GLPI constants

GLPI_ROOT: /volume1/web/glpi
GLPI_CONFIG_DIR: /volume1/web/glpi/config
GLPI_VAR_DIR: /volume1/web/glpi/files
GLPI_MARKETPLACE_DIR: /volume1/web/glpi/marketplace
GLPI_USE_CSRF_CHECK: 1
GLPI_CSRF_EXPIRES: 7200
GLPI_CSRF_MAX_TOKENS: 100
GLPI_TELEMETRY_URI: https://telemetry.glpi-project.org
GLPI_INSTALL_MODE: TARBALL
GLPI_NETWORK_MAIL: glpi@teclib.com
GLPI_NETWORK_SERVICES: https://services.glpi-network.com
GLPI_MARKETPLACE_PRERELEASES: 
GLPI_USER_AGENT_EXTRA_COMMENTS: 
GLPI_AJAX_DASHBOARD: 1
GLPI_CALDAV_IMPORT_STATE: 0
GLPI_DEMO_MODE: 0
GLPI_FORCE_EMPTY_SQL_MODE: 1
GLPI_DOC_DIR: /volume1/web/glpi/files
GLPI_CACHE_DIR: /volume1/web/glpi/files/_cache
GLPI_CRON_DIR: /volume1/web/glpi/files/_cron
GLPI_DUMP_DIR: /volume1/web/glpi/files/_dumps
GLPI_GRAPH_DIR: /volume1/web/glpi/files/_graphs
GLPI_LOCAL_I18N_DIR: /volume1/web/glpi/files/_locales
GLPI_LOCK_DIR: /volume1/web/glpi/files/_lock
GLPI_LOG_DIR: /volume1/web/glpi/files/_log
GLPI_PICTURE_DIR: /volume1/web/glpi/files/_pictures
GLPI_PLUGIN_DOC_DIR: /volume1/web/glpi/files/_plugins
GLPI_RSS_DIR: /volume1/web/glpi/files/_rss
GLPI_SESSION_DIR: /volume1/web/glpi/files/_sessions
GLPI_TMP_DIR: /volume1/web/glpi/files/_tmp
GLPI_UPLOAD_DIR: /volume1/web/glpi/files/_uploads
GLPI_NETWORK_REGISTRATION_API_URL: https://services.glpi-network.com/api/registration/
GLPI_MARKETPLACE_PLUGINS_API_URI: https://services.glpi-network.com/api/glpi-plugins/
GLPI_I18N_DIR: /volume1/web/glpi/locales
GLPI_VERSION: 9.5.1
GLPI_SCHEMA_VERSION: 9.5.0
GLPI_MIN_PHP: 7.2.0
GLPI_YEAR: 2020

Libraries

htmlawed/htmlawed version 1.2.5 in (/volume1/web/glpi/vendor/htmlawed/htmlawed)
phpmailer/phpmailer version 6.1.6 in (/volume1/web/glpi/vendor/phpmailer/phpmailer/src)
simplepie/simplepie version 1.5.5 in (/volume1/web/glpi/vendor/simplepie/simplepie/library)
tecnickcom/tcpdf version 6.3.5 in (/volume1/web/glpi/vendor/tecnickcom/tcpdf)
michelf/php-markdown in (/volume1/web/glpi/vendor/michelf/php-markdown/Michelf)
true/punycode in (/volume1/web/glpi/vendor/true/punycode/src)
iamcal/lib_autolink in (/volume1/web/glpi/vendor/iamcal/lib_autolink)
sabre/dav in (/volume1/web/glpi/vendor/sabre/dav/lib/DAV)
sabre/http in (/volume1/web/glpi/vendor/sabre/http/lib)
sabre/uri in (/volume1/web/glpi/vendor/sabre/uri/lib)
sabre/vobject in (/volume1/web/glpi/vendor/sabre/vobject/lib)
laminas/laminas-cache in (/volume1/web/glpi/vendor/laminas/laminas-cache/src)
laminas/laminas-i18n in (/volume1/web/glpi/vendor/laminas/laminas-i18n/src)
laminas/laminas-serializer in (/volume1/web/glpi/vendor/laminas/laminas-serializer/src)
monolog/monolog in (/volume1/web/glpi/vendor/monolog/monolog/src/Monolog)
sebastian/diff in (/volume1/web/glpi/vendor/sebastian/diff/src)
elvanto/litemoji in (/volume1/web/glpi/vendor/elvanto/litemoji/src)
symfony/console in (/volume1/web/glpi/vendor/symfony/console)
scssphp/scssphp in (/volume1/web/glpi/vendor/scssphp/scssphp/src)
laminas/laminas-mail in (/volume1/web/glpi/vendor/laminas/laminas-mail/src/Protocol)
laminas/laminas-mime in (/volume1/web/glpi/vendor/laminas/laminas-mime/src)
rlanvin/php-rrule in (/volume1/web/glpi/vendor/rlanvin/php-rrule/src)
blueimp/jquery-file-upload in (/volume1/web/glpi/vendor/blueimp/jquery-file-upload/server/php)
ramsey/uuid in (/volume1/web/glpi/vendor/ramsey/uuid/src)
psr/log in (/volume1/web/glpi/vendor/psr/log/Psr/Log)
psr/simple-cache in (/volume1/web/glpi/vendor/psr/simple-cache/src)
mexitek/phpcolors in (/volume1/web/glpi/vendor/mexitek/phpcolors/src/Mexitek/PHPColors)
guzzlehttp/guzzle in (/volume1/web/glpi/vendor/guzzlehttp/guzzle/src)
wapmorgan/unified-archive in (/volume1/web/glpi/vendor/wapmorgan/unified-archive/src)
paragonie/sodium_compat in (/volume1/web/glpi/vendor/paragonie/sodium_compat/src)

SQL replicas

Not active

Notifications

Way of sending emails: SMTP+TLS (xxxx@gmail.com@smtp.gmail.com)

Mails receivers

Plugins list

    genericobject        Name: Objects management             Version: 2.9.0      State: Enabled

[/code]

[cedric-anne]

Hi,

Are you sure exention is not loaded in a CLI context ? Which result do you have if you run php -r "echo((extension_loaded('sodium')?'yes':'no').\"\n\");" ?

Regards

[viktor-sc]

Hi. Thanks for the quick reply. The result is 'yes'. So it's a system configuration issue?

[trasher]

`PHP Warning: Use of undefined constant SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES - assumed 'SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES' (this will throw an Error in a future version of PHP) in /volume1/web/glpi/inc/toolbox.class.php on line 287

This means you use a outdated libsodium, this constant has been added for years. You need to update it.

[trasher]

See https://github.com/glpi-project/glpi/issues/7620

[viktor-sc]

Thanks, that was my issue and I understand my libsodium is outdated. That's what I describe in the description. Unfortunately I can't update libsodium as it's a closed system.

[trasher]

The result is 'yes'. So it's a system configuration issue?

Did not see this. Yes, it's a php-cli configuration issue on server.

[viktor-sc]

For all interested in the solution for a Synology NAS. /usr/local/bin/php73 does not read the PHP settings from the web station. But this does: PHP_INI_SCAN_DIR="/usr/syno/etc/packages/WebStation/php_profile//conf.d:/run/php-fpm/conf.d" php73