Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Detect vpn service is not launched in runtime and fallback to DoH #28195

Closed
spylogsster opened this issue Feb 1, 2023 · 7 comments · Fixed by brave/brave-core#17013
Closed

Detect vpn service is not launched in runtime and fallback to DoH #28195

spylogsster opened this issue Feb 1, 2023 · 7 comments · Fixed by brave/brave-core#17013
Assignees
@spylogsster
Labels
feature/vpn OS/Desktop OS/Windows QA Pass-Win64 QA/Yes release-notes/exclude
Milestone
1.50.x - Release

Comments

@spylogsster
Copy link

spylogsster commented Feb 1, 2023
edited by bsclifton
Loading

Test plan

See brave/brave-core#17013

Description

If brave vpn helper service was not launched by some reasons we have to detect it in runtime and fallback to DoH to protect users from DNS leaks
@spylogsster spylogsster self-assigned this Feb 2, 2023
@spylogsster spylogsster mentioned this issue Feb 6, 2023
Merged
25 tasks
@spylogsster spylogsster added this to the 1.50.x - Nightly milestone Feb 6, 2023
@LaurenWags
Copy link
Member

@spylogsster @bsclifton is this Windows only?

@spylogsster
Copy link
Author

@spylogsster @bsclifton is this Windows only?

yes, added label

@stephendonner stephendonner added the QA/In-Progress Indicates that QA is currently in progress for that particular issue label Mar 23, 2023
@stephendonner
Copy link

stephendonner commented Mar 23, 2023
edited
Loading

Verification PASSED using

Brave 1.50.99 Chromium: 111.0.5563.64 (Official Build) beta (64-bit)
Revision c710e93d5b63b7095afe8c2c17df34408078439d-refs/branch-heads/5563@{#995}
OS Windows 11 Version 21H2 (Build 22000.1696)

Steps:

  1. installed 1.50.99
  2. launched Brave
  3. restarted (to pick up Griffin changes and enable VPN button)
  4. loaded account.brave.com
  5. logged in using my stephen-prod@mailinator.com account
  6. clicked on Refresh Brave VPN button to obtain new credentials
  7. clicked on the VPN button in the browser toolbar
  8. toggled from Disconnected to Connected
  9. confirmed I saw the modal dialog about Windows' Smart Multi-Homed Name Resolution and our Brave-helper-service workaround
  10. pressed ctrl + alt + del to open Task Manager
  11. context-clicked on the Name column and checked Command line
  12. looked at the list of Apps and Background processes
  13. confirmed I saw no Brave VPN Helper service (brave_vpn_helper.exe in the background-processes list
  14. loaded https://www.browserleaks.com/dns
  15. compared results to those using the helper service
  16. opened brave://settings/security
  17. compared fall-back settings to those using the helper service

Confirmed the following:

  • While connected -- and without the helper service active -- we fall-back to DNS-over-HTTPS support, via Cloudflare
  • The above Use secure DNS settings is locked by BraveVPN while it is connected
  • We don't leak the user's ISP DNS servers
  • While disconnected, defaults for Use secure DNS / With your current service provider are used

Brave VPN, Connected

Helper-service modal dialog brave://settings/privacy
image image

Brave VPN, Disconnected

browserleaks.com/dns brave://settings/privacy
image image
Windows 11 Windows 10
image image (2)
Windows 11 Windows 10
image image (1)

@stephendonner stephendonner removed the QA/In-Progress Indicates that QA is currently in progress for that particular issue label Mar 23, 2023
@stephendonner
Copy link

Leaving QA/Pass-Win64 as this should also be tested on Windows 10.

@GeetaSarvadnya
Copy link

GeetaSarvadnya commented Mar 27, 2023
edited
Loading

Verification PASSED on

Brave | 1.50.101 Chromium: 111.0.5563.116 (Official Build) beta (64-bit)
-- | --
Revision | ade86b9472831e26d87fd569e04b404be01e1e2b-refs/branch-heads/5563@{#1209}
OS | Windows 10 Version 21H2 (Build 19044.2728)
  • confirmed I saw the modal dialog about Windows' Smart Multi-Homed Name Resolution and our Brave-helper-service
  • open Task Manager and ensured Brave VPN Helper service is running Details tab in task manager VPN is connected
  • ensured BraveberaVpnService is listed under the Service tab in task manager
  • ensured Brave VPN Helper is running under background apps when VPN is connected

Brave VPN helper

Connected to BraveVPN Task Manager Details Services panel
image image image image

Brave VPN, Connected

Confirmed the following:

Helper-service modal dialog brave://settings/privacy
image image

Brave VPN, Disconnected

Confirmed the following:

  • While disconnected, defaults for Use secure DNS / With your current service provider are used
browserleaks.com/dns brave://settings/privacy
image image

@GeetaSarvadnya
Copy link

GeetaSarvadnya commented Mar 27, 2023
edited
Loading

Verified the issue on Windows 11 x64 - 1.50.106, I saw some discrepancies which are listed below:

  1. When VPN is connected I have observed the below:
    • confirmed I saw the modal dialog about Windows' Smart Multi-Homed Name Resolution and our Brave-helper-service [ I saw this modal twice in clean profiles, this modal is not shown everytime when VPN is disconnected and connected in win 11, but in win 10 the modal is shown everytime when VPN is disconnected and connected ]
  • open Task Manager and ensured Brave VPN Helper service is running under Details tab in task manager when VPN is connected
  • ensured BraveberaVpnService is listed under the Service tab in task manager
  • ensured Brave VPN Helper is running under background apps when VPN is connected
  1. When VPN is connected, the https://www.browserleaks.com/dns doesn't leak the user ISP DNS server as expected
  2. When VPN is connected, open brave://settings/security, the Use secure DNS settings is NOT locked by BraveVPN

@GeetaSarvadnya GeetaSarvadnya mentioned this issue Mar 27, 2023
Closed
@stephendonner
Copy link

This has been verified on both Windows 10 and Windows 11; marking as QA Pass - Win64.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@spylogsster spylogsster

Labels
feature/vpn OS/Desktop OS/Windows QA Pass-Win64 QA/Yes release-notes/exclude
Projects
None yet
Milestone
1.50.x - Release
Development

Successfully merging a pull request may close this issue.

Added runtime check for service launch and fallback to DoH brave/brave-core
5 participants
@stephendonner @spylogsster @rebron @LaurenWags @GeetaSarvadnya