[BUG] No network available for apps relying on VPN to use tor
pmaziere opened this issue · 2 comments
Describe the Bug
Apps relying on VPN to use Tor do not resolve domain names, hence they think they do not have network connectivity.
Apps allowing to define a proxy url and port to use Tor, such as F-droid, works flawlessly.
To Reproduce
Steps to reproduce the behavior:
- install and run orbot
- install app that does not offer UI to define a proxy, ie Breezy Wheather 5.2.3_freenet from F-droid repository
- add the app to the applications handled by orbot
- launch the app and add a location
- get a "no network available" type of message
If it is of any relevance, this behavior still occurs after a reboot.
Expected Behavior
App handled by orbot resolves domain name and has access to the network.
What Custom Configuration Do You Use?
none
Smartphone (please complete the following information):
- Device: Samsung galaxy A5
- OS: up to date lineageos 18.1
- Version: 17.2.1-RC-1-tor-0.4.8.7 from the guardian project repository
Thanks for taking the time to look into this issue.
@pmaziere Same thing on GrapheneOS. They suspect that this is an Orbot issue. It seems like fast Tor circuits, when one stumbles upon one of them at random (maybe 5% of the time) can work fine as a VPN. Other 95% of the time Orbot effectively disables DNS. I conclude from this that there is a constant timeout somewhere which just gives up on DNS resolution (which by default would occur at the exit node) if it takes too long.
The previous Orbot worked maybe 20% of the time (1 in 5 random circuits), which was at least better than 5%.
If you're using a proxy URL for Tor then maybe it's working because DNS is resolved outside of Tor and therefore won't usually time out. Not great from a security perspective but it adds weight to the timeout theory.