[BUG] No network available for apps relying on VPN to use tor

[pmaziere]

Describe the Bug
Apps relying on VPN to use Tor do not resolve domain names, hence they think they do not have network connectivity.
Apps allowing to define a proxy url and port to use Tor, such as F-droid, works flawlessly.

To Reproduce
Steps to reproduce the behavior:

1. install and run orbot
2. install app that does not offer UI to define a proxy, ie Breezy Wheather 5.2.3_freenet from F-droid repository
3. add the app to the applications handled by orbot
4. launch the app and add a location
5. get a "no network available" type of message

If it is of any relevance, this behavior still occurs after a reboot.

Expected Behavior
App handled by orbot resolves domain name and has access to the network.

What Custom Configuration Do You Use?
none

Smartphone (please complete the following information):

• Device: Samsung galaxy A5
• OS: up to date lineageos 18.1
• Version: 17.2.1-RC-1-tor-0.4.8.7 from the guardian project repository

Thanks for taking the time to look into this issue.

[graphener]

@pmaziere Same thing on GrapheneOS. They suspect that this is an Orbot issue. It seems like fast Tor circuits, when one stumbles upon one of them at random (maybe 5% of the time) can work fine as a VPN. Other 95% of the time Orbot effectively disables DNS. I conclude from this that there is a constant timeout somewhere which just gives up on DNS resolution (which by default would occur at the exit node) if it takes too long.

The previous Orbot worked maybe 20% of the time (1 in 5 random circuits), which was at least better than 5%.

If you're using a proxy URL for Tor then maybe it's working because DNS is resolved outside of Tor and therefore won't usually time out. Not great from a security perspective but it adds weight to the timeout theory.

[graphener]

GrapheneOS/os-issue-tracker#3615