diff --git a/shadowsocks/obfsplugin/obfs_tls.py b/shadowsocks/obfsplugin/obfs_tls.py
index 7f1f233..69ae42a 100644
--- a/shadowsocks/obfsplugin/obfs_tls.py
+++ b/shadowsocks/obfsplugin/obfs_tls.py
@@ -35,10 +35,15 @@ from shadowsocks.obfsplugin import plain
 from shadowsocks.common import to_bytes, to_str, ord
 from shadowsocks import lru_cache
 
+def create_tls_obfs(method):
+    return tls_simple(method)
+
 def create_tls_ticket_auth_obfs(method):
     return tls_ticket_auth(method)
 
 obfs_map = {
+        'tls_simple': (create_tls_obfs,),
+        'tls_simple_compatible': (create_tls_obfs,),
         'tls1.2_ticket_auth': (create_tls_ticket_auth_obfs,),
         'tls1.2_ticket_auth_compatible': (create_tls_ticket_auth_obfs,),
         'tls1.2_ticket_fastauth': (create_tls_ticket_auth_obfs,),
@@ -51,6 +56,78 @@ def match_begin(str1, str2):
             return True
     return False
 
+class tls_simple(plain.plain):
+    def __init__(self, method):
+        self.method = method
+        self.has_sent_header = False
+        self.has_recv_header = False
+        self.raw_trans_sent = False
+        self.send_buffer = b''
+        self.tls_version = b'\x03\x01'
+
+    def client_encode(self, buf):
+        if self.raw_trans_sent:
+            return buf
+        self.send_buffer += buf
+        if not self.has_sent_header:
+            self.has_sent_header = True
+            data = self.tls_version + os.urandom(32) + binascii.unhexlify(b"000016c02bc02fc00ac009c013c01400330039002f0035000a0100006fff01000100000a00080006001700180019000b0002010000230000337400000010002900270568322d31360568322d31350568322d313402683208737064792f332e3108687474702f312e31000500050100000000000d001600140401050106010201040305030603020304020202")
+            data = b"\x01\x00" + struct.pack('>H', len(data)) + data
+            data = b"\x16" + self.tls_version + struct.pack('>H', len(data)) + data
+            return data
+        if self.has_recv_header:
+            ret = self.send_buffer
+            self.send_buffer = b''
+            self.raw_trans_sent = True
+            return ret
+        return b''
+
+    def client_decode(self, buf):
+        if self.has_recv_header:
+            return (buf, False)
+        self.has_recv_header = True
+        return (b'', True)
+
+    def server_encode(self, buf):
+        if self.has_sent_header:
+            return buf
+        self.has_sent_header = True
+        # TODO
+        data = self.tls_version + os.urandom(32)
+        data = b"\x02\x00" + struct.pack('>H', len(data)) + data
+        data = b"\x16" + self.tls_version + struct.pack('>H', len(data)) + data
+        return data
+
+    def decode_error_return(self, buf):
+        self.has_sent_header = True
+        if self.method == 'tls_simple':
+            return (b'E'*64, False, False)
+        return (buf, True, False)
+
+    def server_decode(self, buf):
+        if self.has_recv_header:
+            return (buf, True, False)
+
+        self.has_recv_header = True
+        if not match_begin(buf, b'\x16' + self.tls_version):
+            return self.decode_error_return(buf)
+        buf = buf[3:]
+        if struct.unpack('>H', buf[:2])[0] != len(buf) - 2:
+            return self.decode_error_return(buf)
+        buf = buf[2:]
+        if not match_begin(buf, b'\x01\x00'): #client hello
+            return self.decode_error_return(buf)
+        buf = buf[2:]
+        if struct.unpack('>H', buf[:2])[0] != len(buf) - 2:
+            return self.decode_error_return(buf)
+        # (buffer_to_recv, is_need_decrypt, is_need_to_encode_and_send_back)
+        return (b'', False, True)
+
+class obfs_client_data(object):
+    def __init__(self, cid):
+        self.client_id = cid
+        self.auth_code = {}
+
 class obfs_auth_data(object):
     def __init__(self):
         self.client_data = lru_cache.LRUCache(60 * 5)