Skip to content

Fix WireGuard inbound domain-based routing #5555

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
Copilot wants to merge 2 commits into
base: main
Choose a base branch
from
Draft

Fix WireGuard inbound domain-based routing #5555

Copilot wants to merge 2 commits into from
+26 −20

Conversation

Copy link
Contributor

Copilot AI commented Jan 16, 2026
edited
Loading

WireGuard inbound sniffing/routing broken since PR #4030. The sniffingRequest and tag were stored in a shared routingInfo struct during Process(), causing race conditions when multiple peers connect concurrently—each call overwrites the session info used by forwardConnection().

Changes

  • Store config at init time: Extract tag and sniffingRequest from context in NewServer() (same pattern as TUN handler)
  • Simplify routingInfo: Remove inboundTag/contentTag fields, keep only ctx and dispatcher
  • Use saved values per-connection: forwardConnection() creates fresh session.Inbound and session.Content using stored config
// Before: stored during Process(), shared across connections
s.info = routingInfo{
    inboundTag: session.InboundFromContext(ctx),
    contentTag: session.ContentFromContext(ctx),
}

// After: stored during NewServer(), immutable
if inbound := session.InboundFromContext(ctx); inbound != nil {
    server.tag = inbound.Tag
}
if content := session.ContentFromContext(ctx); content != nil {
    server.sniffingRequest = content.SniffingRequest
}
Original prompt

深刻理解 Xray-core 和依赖库的代码以及 #4760 所述的问题,自己找出真正的问题所在并修复它

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

@RPRX
Copy link
Member

RPRX commented Jan 16, 2026

#5517 (comment)

@RPRX
Fix WireGuard inbound domain-based routing by storing sniffing config…
7792ca4 
… at init time

The root cause of issue #4760 was that the sniffing configuration and inbound tag
were being stored during Process() instead of at initialization time. This caused
a race condition where concurrent connections would overwrite each other's session
information, breaking domain-based routing.

The fix follows the same pattern as the TUN handler:
- Save tag and sniffingRequest during NewServer (at creation time)
- Use these saved values in forwardConnection for each new connection

This ensures that each connection uses the correct sniffing configuration that was
set for the inbound, regardless of concurrent connections from multiple WireGuard peers.

Co-authored-by: RPRX <63339210+RPRX@users.noreply.github.com>
@RPRX
Copy link
Member

RPRX commented Jan 16, 2026

感觉 4.5 opus 比 3.5 sonnet 的解决方案更好,@yuhan6665 看一下

Copilot AI changed the title [WIP] Fix issue described in Xray-core issue #4760 Fix WireGuard inbound domain-based routing Jan 16, 2026
Copilot AI requested a review from RPRX January 16, 2026 16:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@RPRX RPRX Awaiting requested review from RPRX

Assignees

@RPRX RPRX

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@RPRX