Increase to 16 parallel streams

Stream reader read twice for large muxcool packet
Glue mux meta with data in one frame for Datagram
2025-08-23 10:06:48 +08:00 · 2025-04-19 23:50:18 -04:00 · 2025-04-19 23:14:22 -04:00 · 2025-04-19 23:13:16 -04:00 · 2025-04-06 17:27:24 -04:00 · 2025-03-16 23:07:56 -04:00
22 changed files with 824 additions and 80 deletions
--- a/README.md
+++ b/README.md
@@ -85,6 +85,7 @@
  - [X-flutter](https://github.com/XTLS/X-flutter)
  - [SaeedDev94/Xray](https://github.com/SaeedDev94/Xray)
 - iOS & macOS arm64
+  - [Happ](https://apps.apple.com/app/happ-proxy-utility/id6504287215)
  - [FoXray](https://apps.apple.com/app/foxray/id6448898396)
  - [Streisand](https://apps.apple.com/app/streisand/id6450534064)
 - macOS arm64 & x64
--- a/app/proxyman/inbound/worker.go
+++ b/app/proxyman/inbound/worker.go
@@ -324,6 +324,7 @@ func (w *udpWorker) callback(b *buf.Buffer, source net.Destination, originalDest
 			if w.sniffingConfig != nil {
 				content.SniffingRequest.Enabled = w.sniffingConfig.Enabled
 				content.SniffingRequest.OverrideDestinationForProtocol = w.sniffingConfig.DestinationOverride
+				content.SniffingRequest.ExcludeForDomain = w.sniffingConfig.DomainsExcluded
 				content.SniffingRequest.MetadataOnly = w.sniffingConfig.MetadataOnly
 				content.SniffingRequest.RouteOnly = w.sniffingConfig.RouteOnly
 			}
--- a/common/crypto/chunk.go
+++ b/common/crypto/chunk.go
@@ -1,11 +1,13 @@
 package crypto

 import (
+	"context"
 	"encoding/binary"
 	"io"

 	"github.com/xtls/xray-core/common"
 	"github.com/xtls/xray-core/common/buf"
+	"github.com/xtls/xray-core/common/errors"
 )

 // ChunkSizeDecoder is a utility class to decode size value from bytes.
@@ -117,6 +119,7 @@ func (r *ChunkStreamReader) ReadMultiBuffer() (buf.MultiBuffer, error) {
 	}
 	r.leftOverSize = size

+	errors.LogInfo(context.Background(), "StreamReader read ", size)
 	mb, err := r.reader.ReadAtMost(size)
 	if !mb.IsEmpty() {
 		r.leftOverSize -= mb.Len()
--- a/common/mux/reader.go
+++ b/common/mux/reader.go
@@ -1,6 +1,7 @@
 package mux

 import (
+	"context"
 	"io"

 	"github.com/xtls/xray-core/common/buf"
@@ -33,6 +34,7 @@ func (r *PacketReader) ReadMultiBuffer() (buf.MultiBuffer, error) {
 	}

 	size, err := serial.ReadUint16(r.reader)
+	errors.LogInfo(context.Background(), "PacketReader read ", size, r.dest)
 	if err != nil {
 		return nil, err
 	}
--- a/common/mux/server.go
+++ b/common/mux/server.go
@@ -120,7 +120,7 @@ func (w *ServerWorker) handleStatusKeepAlive(meta *FrameMetadata, reader *buf.Bu
 func (w *ServerWorker) handleStatusNew(ctx context.Context, meta *FrameMetadata, reader *buf.BufferedReader) error {
 	// deep-clone outbounds because it is going to be mutated concurrently
 	// (Target and OriginalTarget)
-	ctx = session.ContextCloneOutbounds(ctx)
+	ctx = session.ContextCloneOutboundsAndContent(ctx)
 	errors.LogInfo(ctx, "received request for ", meta.Target)
 	{
 		msg := &log.AccessMessage{
--- a/common/mux/server_test.go
+++ b/common/mux/server_test.go
@@ -90,7 +90,8 @@ func TestRegressionOutboundLeak(t *testing.T) {
 	}

 	{
-		b := buf.FromBytes([]byte("hello"))
+		b := buf.New()
+		b.Write([]byte("hello"))
 		common.Must(muxClientDownlink.Writer.WriteMultiBuffer(buf.MultiBuffer{b}))
 	}

@@ -102,7 +103,8 @@ func TestRegressionOutboundLeak(t *testing.T) {
 	}

 	{
-		b := buf.FromBytes([]byte("world"))
+		b := buf.New()
+		b.Write([]byte("world"))
 		common.Must(websiteUplink.Writer.WriteMultiBuffer(buf.MultiBuffer{b}))
 	}

--- a/common/mux/writer.go
+++ b/common/mux/writer.go
@@ -1,8 +1,11 @@
 package mux

 import (
+	"context"
+
 	"github.com/xtls/xray-core/common"
 	"github.com/xtls/xray-core/common/buf"
+	"github.com/xtls/xray-core/common/errors"
 	"github.com/xtls/xray-core/common/net"
 	"github.com/xtls/xray-core/common/protocol"
 	"github.com/xtls/xray-core/common/serial"
@@ -75,10 +78,10 @@ func writeMetaWithFrame(writer buf.Writer, meta FrameMetadata, data buf.MultiBuf
 	if _, err := serial.WriteUint16(frame, uint16(data.Len())); err != nil {
 		return err
 	}
-
 	mb2 := make(buf.MultiBuffer, 0, len(data)+1)
 	mb2 = append(mb2, frame)
 	mb2 = append(mb2, data...)
+	mb2 = buf.Compact(mb2)
 	return writer.WriteMultiBuffer(mb2)
 }

@@ -106,6 +109,7 @@ func (w *Writer) WriteMultiBuffer(mb buf.MultiBuffer) error {
 			mb = mb2
 			chunk = buf.MultiBuffer{b}
 		}
+		errors.LogInfo(context.Background(), "MuxWriter write ", chunk.Len(), w.dest)
 		if err := w.writeData(chunk); err != nil {
 			return err
 		}
--- a/common/protocol/http/sniff.go
+++ b/common/protocol/http/sniff.go
@@ -63,7 +63,7 @@ func SniffHTTP(b []byte, c context.Context) (*SniffHeader, error) {
 	ShouldSniffAttr := true
 	// If content.Attributes have information, that means it comes from HTTP inbound PlainHTTP mode.
 	// It will set attributes, so skip it.
-	if content == nil || content.AttributeLen() != 0 {
+	if content == nil || len(content.Attributes) != 0 {
 		ShouldSniffAttr = false
 	}
 	if err := beginWithHTTPMethod(b); err != nil {
--- a/common/session/context.go
+++ b/common/session/context.go
@@ -42,7 +42,7 @@ func ContextWithOutbounds(ctx context.Context, outbounds []*Outbound) context.Co
 	return context.WithValue(ctx, outboundSessionKey, outbounds)
 }

-func ContextCloneOutbounds(ctx context.Context) context.Context {
+func ContextCloneOutboundsAndContent(ctx context.Context) context.Context {
 	outbounds := OutboundsFromContext(ctx)
 	newOutbounds := make([]*Outbound, len(outbounds))
 	for i, ob := range outbounds {
@@ -55,7 +55,15 @@ func ContextCloneOutbounds(ctx context.Context) context.Context {
 		newOutbounds[i] = &v
 	}

-	return ContextWithOutbounds(ctx, newOutbounds)
+	content := ContentFromContext(ctx)
+	newContent := Content{}
+	if content != nil {
+		newContent = *content
+		if content.Attributes != nil {
+			panic("content.Attributes != nil")
+		}
+	}
+	return ContextWithContent(ContextWithOutbounds(ctx, newOutbounds), &newContent)
 }

 func OutboundsFromContext(ctx context.Context) []*Outbound {
--- a/common/session/session.go
+++ b/common/session/session.go
@@ -4,7 +4,6 @@ package session // import "github.com/xtls/xray-core/common/session"
 import (
 	"context"
 	"math/rand"
-	"sync"

 	c "github.com/xtls/xray-core/common/ctx"
 	"github.com/xtls/xray-core/common/errors"
@@ -75,8 +74,8 @@ type Outbound struct {

 // SniffingRequest controls the behavior of content sniffing.
 type SniffingRequest struct {
-	ExcludeForDomain               []string
-	OverrideDestinationForProtocol []string
+	ExcludeForDomain               []string // read-only once set
+	OverrideDestinationForProtocol []string // read-only once set
 	Enabled                        bool
 	MetadataOnly                   bool
 	RouteOnly                      bool
@@ -92,10 +91,6 @@ type Content struct {
 	Attributes map[string]string

 	SkipDNSResolve bool
-
-	mu sync.Mutex
-
-	isLocked bool
 }

 // Sockopt is the settings for socket connection.
@@ -104,22 +99,8 @@ type Sockopt struct {
 	Mark int32
 }

-// Some how when using mux, there will be a same ctx between different requests
-// This will cause problem as it's designed for single request, like concurrent map writes
-// Add a Mutex as a temp solution
-
 // SetAttribute attaches additional string attributes to content.
 func (c *Content) SetAttribute(name string, value string) {
-	if c.isLocked {
-		errors.LogError(context.Background(), "Multiple goroutines are tring to access one routing content, tring to write ", name, ":", value)
-	}
-	c.mu.Lock()
-	c.isLocked = true
-	defer func() {
-		c.isLocked = false
-		c.mu.Unlock()
-	}()
-
 	if c.Attributes == nil {
 		c.Attributes = make(map[string]string)
 	}
@@ -128,24 +109,8 @@ func (c *Content) SetAttribute(name string, value string) {

 // Attribute retrieves additional string attributes from content.
 func (c *Content) Attribute(name string) string {
-	c.mu.Lock()
-	c.isLocked = true
-	defer func() {
-		c.isLocked = false
-		c.mu.Unlock()
-	}()
 	if c.Attributes == nil {
 		return ""
 	}
 	return c.Attributes[name]
 }
-
-func (c *Content) AttributeLen() int {
-	c.mu.Lock()
-	c.isLocked = true
-	defer func() {
-		c.isLocked = false
-		c.mu.Unlock()
-	}()
-	return len(c.Attributes)
-}
--- a/core/core.go
+++ b/core/core.go
@@ -19,7 +19,7 @@ import (
 var (
 	Version_x byte = 25
 	Version_y byte = 3
-	Version_z byte = 3
+	Version_z byte = 6
 )

 var (
--- a/go.mod
+++ b/go.mod
@@ -22,12 +22,12 @@ require (
 	github.com/vishvananda/netlink v1.3.0
 	github.com/xtls/reality v0.0.0-20240712055506-48f0b2d5ed6d
 	go4.org/netipx v0.0.0-20231129151722-fdeea329fbba
-	golang.org/x/crypto v0.35.0
-	golang.org/x/net v0.35.0
-	golang.org/x/sync v0.11.0
-	golang.org/x/sys v0.30.0
+	golang.org/x/crypto v0.36.0
+	golang.org/x/net v0.37.0
+	golang.org/x/sync v0.12.0
+	golang.org/x/sys v0.31.0
 	golang.zx2c4.com/wireguard v0.0.0-20231211153847-12269c276173
-	google.golang.org/grpc v1.70.0
+	google.golang.org/grpc v1.71.0
 	google.golang.org/protobuf v1.36.5
 	gvisor.dev/gvisor v0.0.0-20240320123526-dc6abceb7ff0
 	h12.io/socks v1.0.3
@@ -51,11 +51,11 @@ require (
 	go.uber.org/mock v0.5.0 // indirect
 	golang.org/x/exp v0.0.0-20240531132922-fd00a4e0eefc // indirect
 	golang.org/x/mod v0.21.0 // indirect
-	golang.org/x/text v0.22.0 // indirect
+	golang.org/x/text v0.23.0 // indirect
 	golang.org/x/time v0.7.0 // indirect
 	golang.org/x/tools v0.26.0 // indirect
 	golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20241202173237-19429a94021a // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20250115164207-1a7da9e5054f // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
--- a/go.sum
+++ b/go.sum
@@ -79,24 +79,26 @@ github.com/vishvananda/netns v0.0.4/go.mod h1:SpkAiCQRtJ6TvvxPnOSyH3BMl6unz3xZla
 github.com/xtls/reality v0.0.0-20240712055506-48f0b2d5ed6d h1:+B97uD9uHLgAAulhigmys4BVwZZypzK7gPN3WtpgRJg=
 github.com/xtls/reality v0.0.0-20240712055506-48f0b2d5ed6d/go.mod h1:dm4y/1QwzjGaK17ofi0Vs6NpKAHegZky8qk6J2JJZAE=
 github.com/yuin/goldmark v1.4.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
-go.opentelemetry.io/otel v1.32.0 h1:WnBN+Xjcteh0zdk01SVqV55d/m62NJLJdIyb4y/WO5U=
-go.opentelemetry.io/otel v1.32.0/go.mod h1:00DCVSB0RQcnzlwyTfqtxSm+DRr9hpYrHjNGiBHVQIg=
-go.opentelemetry.io/otel/metric v1.32.0 h1:xV2umtmNcThh2/a/aCP+h64Xx5wsj8qqnkYZktzNa0M=
-go.opentelemetry.io/otel/metric v1.32.0/go.mod h1:jH7CIbbK6SH2V2wE16W05BHCtIDzauciCRLoc/SyMv8=
-go.opentelemetry.io/otel/sdk v1.32.0 h1:RNxepc9vK59A8XsgZQouW8ue8Gkb4jpWtJm9ge5lEG4=
-go.opentelemetry.io/otel/sdk v1.32.0/go.mod h1:LqgegDBjKMmb2GC6/PrTnteJG39I8/vJCAP9LlJXEjU=
-go.opentelemetry.io/otel/sdk/metric v1.32.0 h1:rZvFnvmvawYb0alrYkjraqJq0Z4ZUJAiyYCU9snn1CU=
-go.opentelemetry.io/otel/sdk/metric v1.32.0/go.mod h1:PWeZlq0zt9YkYAp3gjKZ0eicRYvOh1Gd+X99x6GHpCQ=
-go.opentelemetry.io/otel/trace v1.32.0 h1:WIC9mYrXf8TmY/EXuULKc8hR17vE+Hjv2cssQDe03fM=
-go.opentelemetry.io/otel/trace v1.32.0/go.mod h1:+i4rkvCraA+tG6AzwloGaCtkx53Fa+L+V8e9a7YvhT8=
+go.opentelemetry.io/auto/sdk v1.1.0 h1:cH53jehLUN6UFLY71z+NDOiNJqDdPRaXzTel0sJySYA=
+go.opentelemetry.io/auto/sdk v1.1.0/go.mod h1:3wSPjt5PWp2RhlCcmmOial7AvC4DQqZb7a7wCow3W8A=
+go.opentelemetry.io/otel v1.34.0 h1:zRLXxLCgL1WyKsPVrgbSdMN4c0FMkDAskSTQP+0hdUY=
+go.opentelemetry.io/otel v1.34.0/go.mod h1:OWFPOQ+h4G8xpyjgqo4SxJYdDQ/qmRH+wivy7zzx9oI=
+go.opentelemetry.io/otel/metric v1.34.0 h1:+eTR3U0MyfWjRDhmFMxe2SsW64QrZ84AOhvqS7Y+PoQ=
+go.opentelemetry.io/otel/metric v1.34.0/go.mod h1:CEDrp0fy2D0MvkXE+dPV7cMi8tWZwX3dmaIhwPOaqHE=
+go.opentelemetry.io/otel/sdk v1.34.0 h1:95zS4k/2GOy069d321O8jWgYsW3MzVV+KuSPKp7Wr1A=
+go.opentelemetry.io/otel/sdk v1.34.0/go.mod h1:0e/pNiaMAqaykJGKbi+tSjWfNNHMTxoC9qANsCzbyxU=
+go.opentelemetry.io/otel/sdk/metric v1.34.0 h1:5CeK9ujjbFVL5c1PhLuStg1wxA7vQv7ce1EK0Gyvahk=
+go.opentelemetry.io/otel/sdk/metric v1.34.0/go.mod h1:jQ/r8Ze28zRKoNRdkjCZxfs6YvBTG1+YIqyFVFYec5w=
+go.opentelemetry.io/otel/trace v1.34.0 h1:+ouXS2V8Rd4hp4580a8q23bg0azF2nI8cqLYnC8mh/k=
+go.opentelemetry.io/otel/trace v1.34.0/go.mod h1:Svm7lSjQD7kG7KJ/MUHPVXSDGz2OX4h0M2jHBhmSfRE=
 go.uber.org/mock v0.5.0 h1:KAMbZvZPyBPWgD14IrIQ38QCyjwpvVVV6K/bHl1IwQU=
 go.uber.org/mock v0.5.0/go.mod h1:ge71pBPLYDk7QIi1LupWxdAykm7KIEFchiOqd6z7qMM=
 go4.org/netipx v0.0.0-20231129151722-fdeea329fbba h1:0b9z3AuHCjxk0x/opv64kcgZLBseWJUpBw5I82+2U4M=
 go4.org/netipx v0.0.0-20231129151722-fdeea329fbba/go.mod h1:PLyyIXexvUFg3Owu6p/WfdlivPbZJsZdgWZlrGope/Y=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
-golang.org/x/crypto v0.35.0 h1:b15kiHdrGCHrP6LvwaQ3c03kgNhhiMgvlhxHQhmg2Xs=
-golang.org/x/crypto v0.35.0/go.mod h1:dy7dXNW32cAb/6/PRuTNsix8T+vJAqvuIy5Bli/x0YQ=
+golang.org/x/crypto v0.36.0 h1:AnAEvhDddvBdpY+uR+MyHmuZzzNqXSe/GvuDeob5L34=
+golang.org/x/crypto v0.36.0/go.mod h1:Y4J0ReaxCR1IMaabaSMugxJES1EpwhBHhv2bDHklZvc=
 golang.org/x/exp v0.0.0-20240531132922-fd00a4e0eefc h1:O9NuF4s+E/PvMIy+9IUZB9znFwUIXEWSstNjek6VpVg=
 golang.org/x/exp v0.0.0-20240531132922-fd00a4e0eefc/go.mod h1:XtvwrStGgqGPLc4cjQfWqZHG1YFdYs6swckp8vpsjnc=
 golang.org/x/mod v0.5.1/go.mod h1:5OXOZSfqPIIbmVBIIKWRFfZjPR0E5r58TLhUjH0a2Ro=
@@ -105,12 +107,12 @@ golang.org/x/mod v0.21.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.35.0 h1:T5GQRQb2y08kTAByq9L4/bz8cipCdA8FbRTXewonqY8=
-golang.org/x/net v0.35.0/go.mod h1:EglIi67kWsHKlRzzVMUD93VMSWGFOMSZgxFjparz1Qk=
+golang.org/x/net v0.37.0 h1:1zLorHbz+LYj7MQlSf1+2tPIIgibq2eL5xkrGk6f+2c=
+golang.org/x/net v0.37.0/go.mod h1:ivrbrMbzFq5J41QOQh0siUuly180yBYtLp+CKbEaFx8=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.11.0 h1:GGz8+XQP4FvTTrjZPzNKTMFtSXH80RAzG+5ghFPgK9w=
-golang.org/x/sync v0.11.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
+golang.org/x/sync v0.12.0 h1:MHc5BpPuC30uJk597Ri8TV3CNZcTLu6B6z4lJy+g6Jw=
+golang.org/x/sync v0.12.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -119,14 +121,14 @@ golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.30.0 h1:QjkSwP/36a20jFYWkSue1YwXzLmsV5Gfq7Eiy72C1uc=
-golang.org/x/sys v0.30.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.31.0 h1:ioabZlmFYtWhL+TRYpcnNlLwhyxaM9kWTDEmfnprqik=
+golang.org/x/sys v0.31.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
-golang.org/x/text v0.22.0 h1:bofq7m3/HAFvbF51jz3Q9wLg3jkvSPuiZu/pD1XwgtM=
-golang.org/x/text v0.22.0/go.mod h1:YRoo4H8PVmsu+E3Ou7cqLVH8oXWIHVoX0jqUWALQhfY=
+golang.org/x/text v0.23.0 h1:D71I7dUrlY+VX0gQShAThNGHFxZ13dGLBHQLVl1mJlY=
+golang.org/x/text v0.23.0/go.mod h1:/BLNzu4aZCJ1+kcD0DNRotWKage4q2rGVAg4o22unh4=
 golang.org/x/time v0.7.0 h1:ntUhktv3OPE6TgYxXWv9vKvUSJyIFJlyohwbkEwPrKQ=
 golang.org/x/time v0.7.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
@@ -141,10 +143,10 @@ golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2 h1:B82qJJgjvYKsXS9jeu
 golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2/go.mod h1:deeaetjYA+DHMHg+sMSMI58GrEteJUUzzw7en6TJQcI=
 golang.zx2c4.com/wireguard v0.0.0-20231211153847-12269c276173 h1:/jFs0duh4rdb8uIfPMv78iAJGcPKDeqAFnaLBropIC4=
 golang.zx2c4.com/wireguard v0.0.0-20231211153847-12269c276173/go.mod h1:tkCQ4FQXmpAgYVh++1cq16/dH4QJtmvpRv19DWGAHSA=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20241202173237-19429a94021a h1:hgh8P4EuoxpsuKMXX/To36nOFD7vixReXgn8lPGnt+o=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20241202173237-19429a94021a/go.mod h1:5uTbfoYQed2U9p3KIj2/Zzm02PYhndfdmML0qC3q3FU=
-google.golang.org/grpc v1.70.0 h1:pWFv03aZoHzlRKHWicjsZytKAiYCtNS0dHbXnIdq7jQ=
-google.golang.org/grpc v1.70.0/go.mod h1:ofIJqVKDXx/JiXrwr2IG4/zwdH9txy3IlF40RmcJSQw=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20250115164207-1a7da9e5054f h1:OxYkA3wjPsZyBylwymxSHa7ViiW1Sml4ToBrncvFehI=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20250115164207-1a7da9e5054f/go.mod h1:+2Yz8+CLJbIfL9z73EW45avw8Lmge3xVElCP9zEKi50=
+google.golang.org/grpc v1.71.0 h1:kF77BGdPTQ4/JZWMlb9VpJ5pa25aqvVqogsxNHHdeBg=
+google.golang.org/grpc v1.71.0/go.mod h1:H0GRtasmQOh9LkFoCPDu3ZrwUtD1YGE+b2vYBYd/8Ec=
 google.golang.org/protobuf v1.36.5 h1:tPhr+woSbjfYvY6/GPufUoYizxw1cF/yFoxJ2fmpwlM=
 google.golang.org/protobuf v1.36.5/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
--- a/infra/conf/transport_internet.go
+++ b/infra/conf/transport_internet.go
@@ -18,6 +18,7 @@ import (
 	"github.com/xtls/xray-core/transport/internet"
 	"github.com/xtls/xray-core/transport/internet/httpupgrade"
 	"github.com/xtls/xray-core/transport/internet/kcp"
+	"github.com/xtls/xray-core/transport/internet/quic"
 	"github.com/xtls/xray-core/transport/internet/reality"
 	"github.com/xtls/xray-core/transport/internet/splithttp"
 	"github.com/xtls/xray-core/transport/internet/tcp"
@@ -332,6 +333,22 @@ func (c *SplitHTTPConfig) Build() (proto.Message, error) {
 	return config, nil
 }

+type QUICConfig struct {
+	// Header   json.RawMessage `json:"header"`
+	// Security string          `json:"security"`
+	// Key      string          `json:"key"`
+
+	Fec bool `json:"fec"`
+}
+
+// Build implements Buildable.
+func (c *QUICConfig) Build() (proto.Message, error) {
+	config := &quic.Config{
+		Fec: c.Fec,
+	}
+	return config, nil
+}
+
 func readFileOrString(f string, s []string) ([]byte, error) {
 	if len(f) > 0 {
 		return filesystem.ReadFile(f)
@@ -502,6 +519,7 @@ type REALITYConfig struct {

 	Fingerprint string `json:"fingerprint"`
 	ServerName  string `json:"serverName"`
+	Password    string `json:"password"`
 	PublicKey   string `json:"publicKey"`
 	ShortId     string `json:"shortId"`
 	SpiderX     string `json:"spiderX"`
@@ -610,11 +628,14 @@ func (c *REALITYConfig) Build() (proto.Message, error) {
 		if len(c.ServerNames) != 0 {
 			return nil, errors.New(`non-empty "serverNames", please use "serverName" instead`)
 		}
+		if c.Password != "" {
+			c.PublicKey = c.Password
+		}
 		if c.PublicKey == "" {
-			return nil, errors.New(`empty "publicKey"`)
+			return nil, errors.New(`empty "password"`)
 		}
 		if config.PublicKey, err = base64.RawURLEncoding.DecodeString(c.PublicKey); err != nil || len(config.PublicKey) != 32 {
-			return nil, errors.New(`invalid "publicKey": `, c.PublicKey)
+			return nil, errors.New(`invalid "password": `, c.PublicKey)
 		}
 		if len(c.ShortIds) != 0 {
 			return nil, errors.New(`non-empty "shortIds", please use "shortId" instead`)
@@ -679,8 +700,8 @@ func (p TransportProtocol) Build() (string, error) {
 		return "httpupgrade", nil
 	case "h2", "h3", "http":
 		return "", errors.PrintRemovedFeatureError("HTTP transport (without header padding, etc.)", "XHTTP stream-one H2 & H3")
-	case "quic":
-		return "", errors.PrintRemovedFeatureError("QUIC transport (without web service, etc.)", "XHTTP stream-one H3")
+	case "quic", "datagram":
+		return "quic", nil
 	default:
 		return "", errors.New("Config: unknown transport protocol: ", p)
 	}
@@ -835,6 +856,7 @@ type StreamConfig struct {
 	XHTTPSettings       *SplitHTTPConfig   `json:"xhttpSettings"`
 	SplitHTTPSettings   *SplitHTTPConfig   `json:"splithttpSettings"`
 	KCPSettings         *KCPConfig         `json:"kcpSettings"`
+	QUICSettings        *QUICConfig        `json:"quicSettings"`
 	GRPCSettings        *GRPCConfig        `json:"grpcSettings"`
 	WSSettings          *WebSocketConfig   `json:"wsSettings"`
 	HTTPUPGRADESettings *HttpUpgradeConfig `json:"httpupgradeSettings"`
@@ -926,6 +948,16 @@ func (c *StreamConfig) Build() (*internet.StreamConfig, error) {
 			Settings:     serial.ToTypedMessage(ts),
 		})
 	}
+	if c.QUICSettings != nil {
+		qs, err := c.QUICSettings.Build()
+		if err != nil {
+			return nil, errors.New("Failed to build QUIC config").Base(err)
+		}
+		config.TransportSettings = append(config.TransportSettings, &internet.TransportConfig{
+			ProtocolName: "quic",
+			Settings:     serial.ToTypedMessage(qs),
+		})
+	}
 	if c.GRPCSettings != nil {
 		gs, err := c.GRPCSettings.Build()
 		if err != nil {
--- a/main/distro/all/all.go
+++ b/main/distro/all/all.go
@@ -53,6 +53,7 @@ import (
 	_ "github.com/xtls/xray-core/transport/internet/grpc"
 	_ "github.com/xtls/xray-core/transport/internet/httpupgrade"
 	_ "github.com/xtls/xray-core/transport/internet/kcp"
+	_ "github.com/xtls/xray-core/transport/internet/quic"
 	_ "github.com/xtls/xray-core/transport/internet/reality"
 	_ "github.com/xtls/xray-core/transport/internet/splithttp"
 	_ "github.com/xtls/xray-core/transport/internet/tcp"
--- a/transport/internet/quic/config.pb.go
+++ b/transport/internet/quic/config.pb.go
@@ -0,0 +1,137 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.35.1
+// 	protoc        v5.28.2
+// source: transport/internet/quic/config.proto
+
+package quic
+
+import (
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+type Config struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// string key = 1;
+	// xray.common.protocol.SecurityConfig security = 2;
+	// xray.common.serial.TypedMessage header = 3;
+	Fec bool `protobuf:"varint,4,opt,name=fec,proto3" json:"fec,omitempty"`
+}
+
+func (x *Config) Reset() {
+	*x = Config{}
+	mi := &file_transport_internet_quic_config_proto_msgTypes[0]
+	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+	ms.StoreMessageInfo(mi)
+}
+
+func (x *Config) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Config) ProtoMessage() {}
+
+func (x *Config) ProtoReflect() protoreflect.Message {
+	mi := &file_transport_internet_quic_config_proto_msgTypes[0]
+	if x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Config.ProtoReflect.Descriptor instead.
+func (*Config) Descriptor() ([]byte, []int) {
+	return file_transport_internet_quic_config_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *Config) GetFec() bool {
+	if x != nil {
+		return x.Fec
+	}
+	return false
+}
+
+var File_transport_internet_quic_config_proto protoreflect.FileDescriptor
+
+var file_transport_internet_quic_config_proto_rawDesc = []byte{
+	0x0a, 0x24, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x2f, 0x69, 0x6e, 0x74, 0x65,
+	0x72, 0x6e, 0x65, 0x74, 0x2f, 0x71, 0x75, 0x69, 0x63, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x1c, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x74, 0x72, 0x61,
+	0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x2e,
+	0x71, 0x75, 0x69, 0x63, 0x22, 0x1a, 0x0a, 0x06, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x10,
+	0x0a, 0x03, 0x66, 0x65, 0x63, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x52, 0x03, 0x66, 0x65, 0x63,
+	0x42, 0x76, 0x0a, 0x20, 0x63, 0x6f, 0x6d, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x74, 0x72, 0x61,
+	0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x2e,
+	0x71, 0x75, 0x69, 0x63, 0x50, 0x01, 0x5a, 0x31, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63,
+	0x6f, 0x6d, 0x2f, 0x78, 0x74, 0x6c, 0x73, 0x2f, 0x78, 0x72, 0x61, 0x79, 0x2d, 0x63, 0x6f, 0x72,
+	0x65, 0x2f, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x2f, 0x69, 0x6e, 0x74, 0x65,
+	0x72, 0x6e, 0x65, 0x74, 0x2f, 0x71, 0x75, 0x69, 0x63, 0xaa, 0x02, 0x1c, 0x58, 0x72, 0x61, 0x79,
+	0x2e, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x49, 0x6e, 0x74, 0x65, 0x72,
+	0x6e, 0x65, 0x74, 0x2e, 0x51, 0x75, 0x69, 0x63, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_transport_internet_quic_config_proto_rawDescOnce sync.Once
+	file_transport_internet_quic_config_proto_rawDescData = file_transport_internet_quic_config_proto_rawDesc
+)
+
+func file_transport_internet_quic_config_proto_rawDescGZIP() []byte {
+	file_transport_internet_quic_config_proto_rawDescOnce.Do(func() {
+		file_transport_internet_quic_config_proto_rawDescData = protoimpl.X.CompressGZIP(file_transport_internet_quic_config_proto_rawDescData)
+	})
+	return file_transport_internet_quic_config_proto_rawDescData
+}
+
+var file_transport_internet_quic_config_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_transport_internet_quic_config_proto_goTypes = []any{
+	(*Config)(nil), // 0: xray.transport.internet.quic.Config
+}
+var file_transport_internet_quic_config_proto_depIdxs = []int32{
+	0, // [0:0] is the sub-list for method output_type
+	0, // [0:0] is the sub-list for method input_type
+	0, // [0:0] is the sub-list for extension type_name
+	0, // [0:0] is the sub-list for extension extendee
+	0, // [0:0] is the sub-list for field type_name
+}
+
+func init() { file_transport_internet_quic_config_proto_init() }
+func file_transport_internet_quic_config_proto_init() {
+	if File_transport_internet_quic_config_proto != nil {
+		return
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_transport_internet_quic_config_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_transport_internet_quic_config_proto_goTypes,
+		DependencyIndexes: file_transport_internet_quic_config_proto_depIdxs,
+		MessageInfos:      file_transport_internet_quic_config_proto_msgTypes,
+	}.Build()
+	File_transport_internet_quic_config_proto = out.File
+	file_transport_internet_quic_config_proto_rawDesc = nil
+	file_transport_internet_quic_config_proto_goTypes = nil
+	file_transport_internet_quic_config_proto_depIdxs = nil
+}
--- a/transport/internet/quic/config.proto
+++ b/transport/internet/quic/config.proto
@@ -0,0 +1,14 @@
+syntax = "proto3";
+
+package xray.transport.internet.quic;
+option csharp_namespace = "Xray.Transport.Internet.Quic";
+option go_package = "github.com/xtls/xray-core/transport/internet/quic";
+option java_package = "com.xray.transport.internet.quic";
+option java_multiple_files = true;
+
+message Config {
+//   string key = 1;
+//   xray.common.protocol.SecurityConfig security = 2;
+//   xray.common.serial.TypedMessage header = 3;
+     bool fec = 4;
+}
--- a/transport/internet/quic/conn.go
+++ b/transport/internet/quic/conn.go
@@ -0,0 +1,247 @@
+package quic
+
+import (
+	"context"
+	"time"
+
+	"github.com/quic-go/quic-go"
+	"github.com/xtls/xray-core/common/buf"
+	"github.com/xtls/xray-core/common/errors"
+	"github.com/xtls/xray-core/common/mux"
+	"github.com/xtls/xray-core/common/net"
+	"github.com/xtls/xray-core/common/serial"
+	"github.com/xtls/xray-core/common/signal/done"
+)
+
+var MaxIncomingStreams = 16
+var currentStream = 0
+
+type interConn struct {
+	ctx         context.Context
+	quicConn    quic.Connection // small udp packet can be sent with Datagram directly 
+	streams     []quic.Stream	// other packets can be sent via steam, it offer mux, reliability, fragmentation and ordering 
+	readChannel chan readResult
+	reader      buf.MultiBufferContainer
+	done        *done.Instance
+	local       net.Addr
+	remote      net.Addr
+}
+
+type readResult struct {
+	buffer []byte
+	err    error 
+}
+
+func NewConnInitReader(ctx context.Context, quicConn quic.Connection, done *done.Instance, remote net.Addr) *interConn {
+	c := &interConn{
+		ctx:         ctx,
+		quicConn:    quicConn,
+		readChannel: make(chan readResult),
+		reader:      buf.MultiBufferContainer{},
+		done:        done,
+		local:       quicConn.LocalAddr(),
+		remote:      remote,
+	}
+	go func() {
+		for {
+			received, e := c.quicConn.ReceiveDatagram(c.ctx)
+			errors.LogInfo(c.ctx, "Read ReceiveDatagram ", len(received))
+			c.readChannel <- readResult{buffer: received, err: e}
+		}
+	}()
+	go c.acceptStreams()
+	return c
+}
+
+func (c *interConn) acceptStreams() {
+	for {
+		stream, err := c.quicConn.AcceptStream(context.Background())
+		errors.LogInfo(c.ctx, "Read AcceptStream ", err)
+		if err != nil {
+			errors.LogInfoInner(context.Background(), err, "failed to accept stream")
+			select {
+			case <-c.quicConn.Context().Done():
+				return
+			case <-c.done.Wait():
+				if err := c.quicConn.CloseWithError(0, ""); err != nil {
+					errors.LogInfoInner(context.Background(), err, "failed to close connection")
+				}
+				return
+			default:
+				time.Sleep(time.Second)
+				continue
+			}
+		}
+		go c.readMuxCoolPacket(stream)
+		c.streams = append(c.streams, stream)
+	}
+}
+
+func (c *interConn) readMuxCoolPacket(stream quic.Stream) {
+	for {
+		received := make([]byte, buf.Size)
+		i, e := stream.Read(received)
+		if e != nil {
+			errors.LogErrorInner(c.ctx, e, "Error read stream, drop this buffer ", i)
+			c.readChannel <- readResult{buffer: nil, err: e}
+			continue;
+		}
+		errors.LogInfo(c.ctx, "Read stream ", i)
+
+		buffer := buf.New()
+		buffer.Write(received[:i])
+		muxCoolReader := &buf.MultiBufferContainer{}
+		muxCoolReader.MultiBuffer = append(muxCoolReader.MultiBuffer, buffer)
+		var meta mux.FrameMetadata
+		err := meta.Unmarshal(muxCoolReader)
+		if err != nil {
+			errors.LogInfo(c.ctx, "Not a Mux Cool packet beginning, copy directly ", i)
+			buf.ReleaseMulti(muxCoolReader.MultiBuffer)
+			c.readChannel <- readResult{buffer: received[:i], err: e}
+			continue;
+		}
+		if !meta.Option.Has(mux.OptionData) {
+			errors.LogInfo(c.ctx, "No option data, copy directly ", i)
+			buf.ReleaseMulti(muxCoolReader.MultiBuffer)
+			c.readChannel <- readResult{buffer: received[:i], err: e}
+			continue;
+		}
+		size, err := serial.ReadUint16(muxCoolReader)
+		remaining := uint16(muxCoolReader.MultiBuffer.Len())
+		errors.LogInfo(c.ctx, "Read stream ", i, " option size ", size, " remaining size ", remaining)
+		if err != nil || size <= remaining || size > remaining + 1500 {
+			errors.LogInfo(c.ctx, "do not wait for second part of UDP packet ", i)
+			buf.ReleaseMulti(muxCoolReader.MultiBuffer)
+			c.readChannel <- readResult{buffer: received[:i], err: e}
+			continue;
+		}
+
+		i2, e := stream.Read(received[i:])
+		if e != nil {
+			errors.LogErrorInner(c.ctx, e, "Error read stream, drop this buffer ", i2)
+			buf.ReleaseMulti(muxCoolReader.MultiBuffer)
+			c.readChannel <- readResult{buffer: nil, err: e}
+			continue;
+		}
+		errors.LogInfo(c.ctx, "Read stream i2 size ", i2)
+		buf.ReleaseMulti(muxCoolReader.MultiBuffer)
+		c.readChannel <- readResult{buffer: received[:(i + i2)], err: e}
+	}
+}
+
+func (c *interConn) Read(b []byte) (int, error) {	
+	if c.reader.MultiBuffer.Len() > 0 {
+		return c.reader.Read(b)
+	}
+	received := <- c.readChannel
+	if received.err != nil {
+		return 0, received.err
+	}
+	buffer := buf.New()
+	buffer.Write(received.buffer)
+	c.reader.MultiBuffer = append(c.reader.MultiBuffer, buffer)
+	errors.LogInfo(c.ctx, "Read copy ", len(received.buffer))
+	return c.reader.Read(b)
+}
+
+func (c *interConn) WriteMultiBuffer(mb buf.MultiBuffer) error {
+	mb = buf.Compact(mb)
+	mb, err := buf.WriteMultiBuffer(c, mb)
+	buf.ReleaseMulti(mb)
+	return err
+}
+
+func (c *interConn) Write(b []byte) (int, error) {
+	if len(b) > 1240 { // TODO: why quic-go increase internal MTU causing packet loss?
+		if len(c.streams) < MaxIncomingStreams {
+			stream, err := c.quicConn.OpenStream()
+			errors.LogInfo(c.ctx, "Write OpenStream ", err)
+			if err == nil {
+				c.streams = append(c.streams, stream)
+			} else {
+				errors.LogInfoInner(c.ctx, err, "failed to openStream: ")
+			}
+		}
+		currentStream++;
+		if currentStream > len(c.streams) - 1 {
+			currentStream = 0;
+		}
+		errors.LogInfo(c.ctx, "Write stream ", len(b), currentStream, len(c.streams))
+		return c.streams[currentStream].Write(b)
+	}
+	var err = c.quicConn.SendDatagram(b)
+	errors.LogInfo(c.ctx, "Write SendDatagram ", len(b), err)
+	if _, ok := err.(*quic.DatagramTooLargeError); ok {
+		if len(c.streams) < MaxIncomingStreams {
+			stream, err := c.quicConn.OpenStream()
+			errors.LogInfo(c.ctx, "Write OpenStream ", err)
+			if err == nil {
+				c.streams = append(c.streams, stream)
+			} else {
+				errors.LogInfoInner(c.ctx, err, "failed to openStream: ")
+			}
+		}
+		currentStream++;
+		if currentStream > len(c.streams) - 1 {
+			currentStream = 0;
+		}
+		errors.LogInfo(c.ctx, "Write stream ", len(b), currentStream, len(c.streams))
+		return c.streams[currentStream].Write(b)
+	}
+	if err != nil {
+		return 0, err
+	}
+	return len(b), nil
+}
+
+func (c *interConn) Close() error {
+	var err error
+	for _, s := range c.streams {
+		e := s.Close()
+		if e != nil {
+			err = e
+		}
+	}
+	return err
+}
+
+func (c *interConn) LocalAddr() net.Addr {
+	return c.local
+}
+
+func (c *interConn) RemoteAddr() net.Addr {
+	return c.remote
+}
+
+func (c *interConn) SetDeadline(t time.Time) error {
+	var err error
+	for _, s := range c.streams {
+		e := s.SetDeadline(t)
+		if e != nil {
+			err = e
+		}
+	}
+	return err
+}
+
+func (c *interConn) SetReadDeadline(t time.Time) error {
+	var err error
+	for _, s := range c.streams {
+		e := s.SetReadDeadline(t)
+		if e != nil {
+			err = e
+		}
+	}
+	return err
+}
+
+func (c *interConn) SetWriteDeadline(t time.Time) error {
+	var err error
+	for _, s := range c.streams {
+		e := s.SetWriteDeadline(t)
+		if e != nil {
+			err = e
+		}
+	}
+	return err
+}
--- a/transport/internet/quic/dialer.go
+++ b/transport/internet/quic/dialer.go
@@ -0,0 +1,95 @@
+package quic
+
+import (
+	"context"
+	"time"
+
+	"github.com/quic-go/quic-go"
+	"github.com/xtls/xray-core/common"
+	"github.com/xtls/xray-core/common/errors"
+	"github.com/xtls/xray-core/common/net"
+	"github.com/xtls/xray-core/common/signal/done"
+	"github.com/xtls/xray-core/transport/internet"
+	"github.com/xtls/xray-core/transport/internet/stat"
+	"github.com/xtls/xray-core/transport/internet/tls"
+)
+
+func Dial(ctx context.Context, dest net.Destination, streamSettings *internet.MemoryStreamConfig) (stat.Connection, error) {
+	tlsConfig := tls.ConfigFromStreamSettings(streamSettings)
+	if tlsConfig == nil {
+		tlsConfig = &tls.Config{
+			ServerName:    internalDomain,
+			AllowInsecure: true,
+		}
+	}
+
+	var destAddr *net.UDPAddr
+	if dest.Address.Family().IsIP() {
+		destAddr = &net.UDPAddr{
+			IP:   dest.Address.IP(),
+			Port: int(dest.Port),
+		}
+	} else {
+		dialerIp := internet.DestIpAddress()
+		if dialerIp != nil {
+			destAddr = &net.UDPAddr{
+				IP:   dialerIp,
+				Port: int(dest.Port),
+			}
+			errors.LogInfo(ctx, "quic Dial use dialer dest addr: ", destAddr)
+		} else {
+			addr, err := net.ResolveUDPAddr("udp", dest.NetAddr())
+			if err != nil {
+				return nil, err
+			}
+			destAddr = addr
+		}
+	}
+
+	config := streamSettings.ProtocolSettings.(*Config)
+
+	return openConnection(ctx, destAddr, config, tlsConfig, streamSettings.SocketSettings)
+}
+
+func openConnection(ctx context.Context, destAddr net.Addr, config *Config, tlsConfig *tls.Config, sockopt *internet.SocketConfig) (stat.Connection, error) {
+	dest := net.DestinationFromAddr(destAddr)
+	errors.LogInfo(ctx, "dialing quic to ", dest)
+	rawConn, err := internet.DialSystem(ctx, dest, sockopt)
+	if err != nil {
+		return nil, errors.New("failed to dial to dest: ", err).AtWarning().Base(err)
+	}
+
+	quicConfig := &quic.Config{
+		KeepAlivePeriod:      0,
+		HandshakeIdleTimeout: time.Second * 8,
+		MaxIdleTimeout:       time.Second * 300,
+		EnableDatagrams:      true,
+	}
+
+	var udpConn *net.UDPConn
+	switch conn := rawConn.(type) {
+	case *net.UDPConn:
+		udpConn = conn
+	case *internet.PacketConnWrapper:
+		udpConn = conn.Conn.(*net.UDPConn)
+	default:
+		rawConn.Close()
+		return nil, errors.New("QUIC with sockopt is unsupported").AtWarning()
+	}
+
+	tr := quic.Transport{
+		ConnectionIDLength: 12,
+		Conn:               udpConn,
+	}
+	conn, err := tr.Dial(context.Background(), destAddr, tlsConfig.GetTLSConfig(tls.WithDestination(dest)), quicConfig)
+	if err != nil {
+		udpConn.Close()
+		return nil, err
+	}
+
+	return NewConnInitReader(ctx, conn, done.New(), destAddr), nil
+}
+
+func init() {
+	common.Must(internet.RegisterTransportDialer(protocolName, Dial))
+}
--- a/transport/internet/quic/hub.go
+++ b/transport/internet/quic/hub.go
@@ -0,0 +1,108 @@
+package quic
+
+import (
+	"context"
+	"time"
+
+	"github.com/quic-go/quic-go"
+	"github.com/xtls/xray-core/common"
+	"github.com/xtls/xray-core/common/errors"
+	"github.com/xtls/xray-core/common/net"
+	"github.com/xtls/xray-core/common/protocol/tls/cert"
+	"github.com/xtls/xray-core/common/signal/done"
+	"github.com/xtls/xray-core/transport/internet"
+	"github.com/xtls/xray-core/transport/internet/tls"
+)
+
+// Listener is an internet.Listener that listens for TCP connections.
+type Listener struct {
+	rawConn  *net.UDPConn
+	listener *quic.Listener
+	done     *done.Instance
+	addConn  internet.ConnHandler
+}
+
+func (l *Listener) keepAccepting(ctx context.Context) {
+	for {
+		conn, err := l.listener.Accept(context.Background())
+		if err != nil {
+			errors.LogInfoInner(context.Background(), err, "failed to accept QUIC connection")
+			if l.done.Done() {
+				break
+			}
+			time.Sleep(time.Second)
+			continue
+		}
+		l.addConn(NewConnInitReader(ctx, conn, l.done, conn.RemoteAddr()))
+	}
+}
+
+// Addr implements internet.Listener.Addr.
+func (l *Listener) Addr() net.Addr {
+	return l.listener.Addr()
+}
+
+// Close implements internet.Listener.Close.
+func (l *Listener) Close() error {
+	l.done.Close()
+	l.listener.Close()
+	l.rawConn.Close()
+	return nil
+}
+
+// Listen creates a new Listener based on configurations.
+func Listen(ctx context.Context, address net.Address, port net.Port, streamSettings *internet.MemoryStreamConfig, handler internet.ConnHandler) (internet.Listener, error) {
+	if address.Family().IsDomain() {
+		return nil, errors.New("domain address is not allows for listening quic")
+	}
+
+	tlsConfig := tls.ConfigFromStreamSettings(streamSettings)
+	if tlsConfig == nil {
+		tlsConfig = &tls.Config{
+			Certificate: []*tls.Certificate{tls.ParseCertificate(cert.MustGenerate(nil, cert.DNSNames(internalDomain), cert.CommonName(internalDomain)))},
+		}
+	}
+
+	//config := streamSettings.ProtocolSettings.(*Config)
+	rawConn, err := internet.ListenSystemPacket(context.Background(), &net.UDPAddr{
+		IP:   address.IP(),
+		Port: int(port),
+	}, streamSettings.SocketSettings)
+	if err != nil {
+		return nil, err
+	}
+
+	quicConfig := &quic.Config{
+		KeepAlivePeriod:       0,
+		HandshakeIdleTimeout:  time.Second * 8,
+		MaxIdleTimeout:        time.Second * 300,
+		MaxIncomingStreams:    16,
+		MaxIncomingUniStreams: -1,
+		EnableDatagrams:       true,
+	}
+
+	tr := quic.Transport{
+		ConnectionIDLength: 12,
+		Conn:               rawConn.(*net.UDPConn),
+	}
+	qListener, err := tr.Listen(tlsConfig.GetTLSConfig(), quicConfig)
+	if err != nil {
+		rawConn.Close()
+		return nil, err
+	}
+
+	listener := &Listener{
+		done:     done.New(),
+		rawConn:  rawConn.(*net.UDPConn),
+		listener: qListener,
+		addConn:  handler,
+	}
+
+	go listener.keepAccepting(ctx)
+
+	return listener, nil
+}
+
+func init() {
+	common.Must(internet.RegisterTransportListener(protocolName, Listen))
+}
--- a/transport/internet/quic/quic.go
+++ b/transport/internet/quic/quic.go
@@ -0,0 +1,17 @@
+package quic
+
+import (
+	"github.com/xtls/xray-core/common"
+	"github.com/xtls/xray-core/transport/internet"
+)
+
+const (
+	protocolName   = "quic"
+	internalDomain = "quic.internal.example.com"
+)
+
+func init() {
+	common.Must(internet.RegisterProtocolConfigCreator(protocolName, func() interface{} {
+		return new(Config)
+	}))
+}
--- a/transport/internet/quic/quic_test.go
+++ b/transport/internet/quic/quic_test.go
@@ -0,0 +1,105 @@
+package quic_test
+
+import (
+	"context"
+	"crypto/rand"
+	"testing"
+	"time"
+
+	"github.com/google/go-cmp/cmp"
+	"github.com/xtls/xray-core/common"
+	"github.com/xtls/xray-core/common/buf"
+	"github.com/xtls/xray-core/common/net"
+	"github.com/xtls/xray-core/common/protocol/tls/cert"
+	"github.com/xtls/xray-core/testing/servers/udp"
+	"github.com/xtls/xray-core/transport/internet"
+	"github.com/xtls/xray-core/transport/internet/quic"
+	"github.com/xtls/xray-core/transport/internet/stat"
+	"github.com/xtls/xray-core/transport/internet/tls"
+)
+
+func TestShortQuicConnection(t *testing.T) {
+	testQuicConnection(t, 1024)
+}
+
+func TestAroundMTUQuicConnection(t *testing.T) {
+	testQuicConnection(t, 1247)
+}
+
+func TestLongQuicConnection(t *testing.T) {
+	testQuicConnection(t, 1500)
+}
+
+func testQuicConnection(t *testing.T, dataLen int32) {
+	port := udp.PickPort()
+
+	listener, err := quic.Listen(context.Background(), net.LocalHostIP, port, &internet.MemoryStreamConfig{
+		ProtocolName:     "quic",
+		ProtocolSettings: &quic.Config{},
+		SecurityType:     "tls",
+		SecuritySettings: &tls.Config{
+			Certificate: []*tls.Certificate{
+				tls.ParseCertificate(
+					cert.MustGenerate(nil,
+						cert.DNSNames("www.example.com"),
+					),
+				),
+			},
+		},
+	}, func(conn stat.Connection) {
+		go func() {
+			defer conn.Close()
+
+			b := buf.New()
+			defer b.Release()
+
+			for {
+				b.Clear()
+				if _, err := b.ReadFrom(conn); err != nil {
+					return
+				}
+				common.Must2(conn.Write(b.Bytes()))
+			}
+		}()
+	})
+	common.Must(err)
+
+	defer listener.Close()
+
+	time.Sleep(time.Second)
+
+	dctx := context.Background()
+	conn, err := quic.Dial(dctx, net.TCPDestination(net.LocalHostIP, port), &internet.MemoryStreamConfig{
+		ProtocolName:     "quic",
+		ProtocolSettings: &quic.Config{},
+		SecurityType:     "tls",
+		SecuritySettings: &tls.Config{
+			ServerName:    "www.example.com",
+			AllowInsecure: true,
+		},
+	})
+	common.Must(err)
+	defer conn.Close()
+
+	b1 := make([]byte, dataLen)
+	common.Must2(rand.Read(b1))
+	b2 := buf.New()
+
+	common.Must2(conn.Write(b1))
+
+	b2.Clear()
+	common.Must2(b2.ReadFullFrom(conn, dataLen))
+	if r := cmp.Diff(b2.Bytes(), b1); r != "" {
+		t.Error(r)
+	}
+
+	time.Sleep(1000 * time.Millisecond)
+
+	common.Must2(conn.Write(b1))
+
+	b2.Clear()
+	common.Must2(b2.ReadFullFrom(conn, dataLen))
+	if r := cmp.Diff(b2.Bytes(), b1); r != "" {
+		t.Error(r)
+	}
+}
Author	SHA1	Message	Date
yuhan6665	d218a5e8c5	Increase to 16 parallel streams	2025-04-19 23:50:18 -04:00
yuhan6665	3d7ed5450b	Stream reader read twice for large muxcool packet	2025-04-19 23:14:22 -04:00
yuhan6665	c29af68a2f	Glue mux meta with data in one frame for Datagram	2025-04-19 23:13:16 -04:00
yuhan6665	e4a5344189	Temp: add some logs	2025-04-06 17:27:24 -04:00
yuhan6665	33acf3c2b6	Add multi buffer reader	2025-03-16 23:07:56 -04:00
yuhan6665	7c78408df9	Add some logs for troubleshooting	2025-03-09 22:59:30 -04:00
yuhan6665	129b2be9c1	Use capsulate protocol for large UDP packet - make datagram transport without mux functionality - it is now recommended to always pair with mux-cool (XUDP new tunnel non-zero session id)	2025-03-09 09:48:43 -04:00
yuhan6665	358bdc258e	Update to latest main	2025-03-09 09:48:43 -04:00
yuhan6665	c660bf7e37	Add Datagram transport	2025-03-09 09:48:43 -04:00
yuhan6665	414379ca96	Add config proto	2025-03-09 09:48:43 -04:00
RPRX	2cba2c4d59	v25.3.6 Announcement of NFTs by Project X: https://github.com/XTLS/Xray-core/discussions/3633 Project X NFT: https://opensea.io/assets/ethereum/0x5ee362866001613093361eb8569d59c4141b76d1/1 XHTTP: Beyond REALITY: https://github.com/XTLS/Xray-core/discussions/4113 REALITY NFT: https://opensea.io/assets/ethereum/0x5ee362866001613093361eb8569d59c4141b76d1/2	2025-03-06 13:50:15 +00:00
Happ-dev	306fa51475	README.md: Add Happ to iOS clients (#4465 )	2025-03-06 12:27:25 +00:00
dependabot[bot]	6d6f1c6967	Bump golang.org/x/net from 0.36.0 to 0.37.0 (#4469 ) Bumps [golang.org/x/net](https://github.com/golang/net) from 0.36.0 to 0.37.0. - [Commits](https://github.com/golang/net/compare/v0.36.0...v0.37.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-03-06 10:59:49 +00:00
dependabot[bot]	152959824f	Bump google.golang.org/grpc from 1.70.0 to 1.71.0 (#4463 ) Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.70.0 to 1.71.0. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](https://github.com/grpc/grpc-go/compare/v1.70.0...v1.71.0) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-03-05 09:23:38 +00:00
dependabot[bot]	a977b6357e	Bump golang.org/x/net from 0.35.0 to 0.36.0 (#4462 ) Bumps [golang.org/x/net](https://github.com/golang/net) from 0.35.0 to 0.36.0. - [Commits](https://github.com/golang/net/compare/v0.35.0...v0.36.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-03-05 09:23:31 +00:00
RPRX	16eee1b89c	Mux server: Clone the session.Content attached on ctx as well https://github.com/XTLS/Xray-core/pull/3908#issuecomment-2696911994 Fixes https://github.com/XTLS/Xray-core/pull/3904 for good	2025-03-04 11:01:03 +00:00
RPRX	dde0a4f272	REALITY config: Add `password` as an alias of `publicKey` https://github.com/XTLS/Xray-core/issues/4458#issuecomment-2696181682	2025-03-04 05:29:03 +00:00