Welcome to the LimeSurvey Community Forum

Ask the community, share ideas, and connect with other LimeSurvey users!

Survey crashes when "send"-button pressed, starting with 4.1.6

More
4 years 2 weeks ago #195137 by edv
Hello,

i had a LS installation 4.1.4 which i used to create some surveys. This worked fine until i updatet to 4.1.6. After the update all surveys crashed at the point where the send-button is pressed. Users can see the survey and can give answers to all questions, but when they click send at the end, it crashes with Error 500 "invalid signature".

From 4.1.6 on this even happens if a make a little survey with only one question (yes/no...).
The same happens for me in 4.1.8.
When i go back to 4.1.4 all works fine.

I am on Centos 7.7 with PHP 7.3.15 (cli) (built: Feb 18 2020 09:25:23) and mysql Ver 15.1 Distrib 5.5.64-MariaDB, for Linux (x86_64) using readline 5.1

In debug-mode i see:
"throw new SodiumException('Invalid signature');" but even Google was whithout real help here.

return ParagonIE_Sodium_Core_Ed25519::sign_open($signedMessage, $pk);

Does anyone know what to do now?

Thanks!

best regards
Jörg
The topic has been locked.
  • DenisChenu
  • DenisChenu's Avatar
  • Offline
  • LimeSurvey Community Team
  • LimeSurvey Community Team
More
4 years 2 weeks ago #195138 by DenisChenu
I think you must report this as an issue.

Best is to export lss, set your debug mode on, have the html error produced. Send the 2 files to our mantis.

Cyheck if you activate encryot some of data, and disable it for testing.

Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
The topic has been locked.
More
4 years 2 weeks ago #195143 by jelo

edv wrote: After the update all surveys crashed at the point where the send-button is pressed. Users can see the survey and can give answers to all questions, but when they click send at the end, it crashes with Error 500 "invalid signature".

From 4.1.6 on this even happens if a make a little survey with only one question (yes/no...).
The same happens for me in 4.1.8.
When i go back to 4.1.4 all works fine.



The error messages show a relation to cryptofunctions (sodium) for data fields.
Can you check if 4.1.6 and 4.1.6 are running the same PHP versions as 4.1.8?

Perhaps the compatibility layer for PHP 7.2. is triggered. You state Centos 7 using PHP 7.3.
It's not the shipped version. Your OS is using an additional repository for PHP 7.3.
You might check if the php-sodium package is installed.

If you create a simple survey without any encrypted fields, the sodium library shouldn't be triggered.

As DenisChenu already suggested: Open a bugticket and attach a simple LSS export which causes trouble.

Post the link to the bugticket here.

The meaning of the word "stable" for users
www.limesurvey.org/forum/development/117...ord-stable-for-users
The topic has been locked.
More
4 years 2 weeks ago #195145 by edv
As requested i filed a bug.
Here is the ticket: bugs.limesurvey.org/view.php?id=15965

I never used encryption. I dont need it.
The following user(s) said Thank You: DenisChenu
The topic has been locked.
  • DenisChenu
  • DenisChenu's Avatar
  • Offline
  • LimeSurvey Community Team
  • LimeSurvey Community Team
More
4 years 2 weeks ago #195197 by DenisChenu

edv wrote: I never used encryption. I dont need it.

In my opinion : if you don't want Encryption, you don't have to setup Sodium.

Like we do for LDAP :)

We must just disable Encryption part/system if Sodium is not present.

Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
The topic has been locked.
More
4 years 2 weeks ago #195200 by edv
> We must just disable Encryption part/system if Sodium is not present.

If i switched encryption on it was not with intention. Where could i switch it off?
In LS? Searched for it without success.

Tried to install "sodium" ,

unning transaction
Installieren : php73-php-sodium-7.3.15-1.el7.remi.x86_64

but still get the "500" error.

regards
Jörg
The topic has been locked.
More
4 years 2 weeks ago - 4 years 2 weeks ago #195201 by jelo

DenisChenu wrote: We must just disable Encryption part/system if Sodium is not present.

Correct, but the root cause is unknown and no workaround in sight.

There are more sodium issue posts coming in.
www.limesurvey.org/forum/installation-a-...m-not-defined#195198

The meaning of the word "stable" for users
www.limesurvey.org/forum/development/117...ord-stable-for-users
Last edit: 4 years 2 weeks ago by jelo.
The topic has been locked.
  • DenisChenu
  • DenisChenu's Avatar
  • Offline
  • LimeSurvey Community Team
  • LimeSurvey Community Team
More
4 years 2 weeks ago - 4 years 2 weeks ago #195202 by DenisChenu

edv wrote: > We must just disable Encryption part/system if Sodium is not present.

If i switched encryption on it was not with intention. Where could i switch it off?

For me you have it in
Each question settings :

Each token attribute

Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
Last edit: 4 years 2 weeks ago by DenisChenu.
The topic has been locked.
More
4 years 2 weeks ago #195203 by jelo

edv wrote: If i switched encryption on it was not with intention. Where could i switch it off?
In LS? Searched for it without success


Then encryption is per question. If you look in the advanced options of a question, you can find an option to encrypt the data captured by that question.

It looks like an introduced bug, which is not depending on any activated encryption.
The only workaround for you might be to switch to PHP 7.2, cause there is the sodium lib not bundled but an alternative routine in LS is in place. Perhaps the bug is not raised in that scenario. But that is just a guess.

The meaning of the word "stable" for users
www.limesurvey.org/forum/development/117...ord-stable-for-users
The topic has been locked.
  • DenisChenu
  • DenisChenu's Avatar
  • Offline
  • LimeSurvey Community Team
  • LimeSurvey Community Team
More
4 years 2 weeks ago #195204 by DenisChenu

jelo wrote: It looks like an introduced bug, which is not depending on any activated encryption.

This muts be fixed : no Encryption set : no Sodiuym call.

2nd issue : No Encyoption enable : must show all encryotion disable and deactivated :)

Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
The topic has been locked.
More
4 years 2 weeks ago #195207 by edv
Hello DenisChenu,

thanks for your advise. I never noticed this encryption option for questions.
Probably because i dont needed it. Sorry....

But in fact it is "off" (aus == german "off")




Double checked the options on my test user. They are "off" also.

Thank you for your support :-)

regards
Jörg
Attachments:
The following user(s) said Thank You: DenisChenu
The topic has been locked.

Lime-years ahead

Online-surveys for every purse and purpose