fptn-project · brightsunshine54 · May 1, 2026
diff --git a/app/src/main/java/org/fptn/vpn/enums/BypassCensorshipMethod.java b/app/src/main/java/org/fptn/vpn/enums/BypassCensorshipMethod.java
@@ -1,19 +1,6 @@
 package org.fptn.vpn.enums;
 
 public enum BypassCensorshipMethod {
-    SNI_SPOOFING,   // deprecated
     TLS_OBFUSCATION,
-    SNI_REALITY,  // deprecated
-    /* Chrome */
-    SNI_REALITY_CHROME_147,
-    SNI_REALITY_CHROME_146,
-    SNI_REALITY_CHROME_145,
-    /* Firefox */
-    SNI_REALITY_FIREFOX_149,
-    /* Yandex Browser */
-    SNI_REALITY_YANDEX_26,
-    SNI_REALITY_YANDEX_25,
-    SNI_REALITY_YANDEX_24,
-    /* Safari */
-    SNI_REALITY_SAFARI_26
+    SNI_REALITY
 }
diff --git a/app/src/main/java/org/fptn/vpn/enums/SniSpoofingMode.java b/app/src/main/java/org/fptn/vpn/enums/SniSpoofingMode.java
@@ -0,0 +1,16 @@
+package org.fptn.vpn.enums;
+
+public enum SniSpoofingMode {
+    /* Chrome */
+    SNI_REALITY_CHROME_147,
+    SNI_REALITY_CHROME_146,
+    SNI_REALITY_CHROME_145,
+    /* Firefox */
+    SNI_REALITY_FIREFOX_149,
+    /* Yandex Browser */
+    SNI_REALITY_YANDEX_26,
+    SNI_REALITY_YANDEX_25,
+    SNI_REALITY_YANDEX_24,
+    /* Safari */
+    SNI_REALITY_SAFARI_26
+}
diff --git a/app/src/main/java/org/fptn/vpn/services/speedtest/NativeSpeedTestTask.java b/app/src/main/java/org/fptn/vpn/services/speedtest/NativeSpeedTestTask.java
@@ -1,9 +1,8 @@
 package org.fptn.vpn.services.speedtest;
 
-import android.util.Log;
-
 import org.fptn.vpn.database.entity.ServerEntity;
 import org.fptn.vpn.enums.BypassCensorshipMethod;
+import org.fptn.vpn.enums.SniSpoofingMode;
 import org.fptn.vpn.services.websocket.NativeHttpsClientImpl;
 import org.fptn.vpn.services.websocket.NativeResponse;
 import org.fptn.vpn.vpnclient.exception.PVNClientException;
@@ -22,14 +21,15 @@ public class NativeSpeedTestTask implements Callable<NativeSpeedTestResult> {
     private final ServerEntity serverEntity;
     private final NativeHttpsClientImpl nativeHttpsClient;
 
-    public NativeSpeedTestTask(ServerEntity serverEntity, String sniHost, BypassCensorshipMethod censorshipStrategy) {
+    public NativeSpeedTestTask(ServerEntity serverEntity, String sniHost, BypassCensorshipMethod censorshipStrategy, SniSpoofingMode sniSpoofingMode) {
         this.serverEntity = serverEntity;
         this.nativeHttpsClient = new NativeHttpsClientImpl(
                 serverEntity.getHost(),
                 serverEntity.getPort(),
                 serverEntity.getMd5ServerFingerprint(),
                 sniHost,
-                censorshipStrategy
+                censorshipStrategy,
+                sniSpoofingMode
         );
     }
 

diff --git a/app/src/main/java/org/fptn/vpn/services/speedtest/SpeedTestUtils.java b/app/src/main/java/org/fptn/vpn/services/speedtest/SpeedTestUtils.java
@@ -4,6 +4,7 @@
 
 import org.fptn.vpn.database.entity.ServerEntity;
 import org.fptn.vpn.enums.BypassCensorshipMethod;
+import org.fptn.vpn.enums.SniSpoofingMode;
 import org.fptn.vpn.vpnclient.exception.ErrorCode;
 import org.fptn.vpn.vpnclient.exception.PVNClientException;
 
@@ -23,7 +24,7 @@ public class SpeedTestUtils {
     private static final long SEARCH_BEST_SERVER_MAX_TIMEOUT = 30L;
     private static final String PREMIUM_KEYWORD = "premium";
 
-    public static ServerEntity findFastestServer(List<ServerEntity> serverEntityList, String sniHostName, BypassCensorshipMethod censorshipStrategy) throws PVNClientException {
+    public static ServerEntity findFastestServer(List<ServerEntity> serverEntityList, String sniHostName, BypassCensorshipMethod censorshipStrategy, SniSpoofingMode sniSpoofingMode) throws PVNClientException {
         Log.d(TAG, "SpeedTestUtils.findFastestServer() start: " + Instant.now() + ", Thread.Id: " + Thread.currentThread().getId());
 
         if (serverEntityList != null && !serverEntityList.isEmpty()) {
@@ -33,7 +34,7 @@ public static ServerEntity findFastestServer(List<ServerEntity> serverEntityList
 
             ExecutorService executor = Executors.newFixedThreadPool(selectedServers.size());
             List<NativeSpeedTestTask> nativeSpeedTestTaskList = selectedServers.stream()
-                    .map(fptnServerDto -> new NativeSpeedTestTask(fptnServerDto, sniHostName, censorshipStrategy))
+                    .map(fptnServerDto -> new NativeSpeedTestTask(fptnServerDto, sniHostName, censorshipStrategy, sniSpoofingMode))
                     .collect(Collectors.toList());
             try {
                 NativeSpeedTestResult bestResult = executor.invokeAny(nativeSpeedTestTaskList, SEARCH_BEST_SERVER_MAX_TIMEOUT, TimeUnit.SECONDS);

diff --git a/app/src/main/java/org/fptn/vpn/services/vpn/FptnConnection.java b/app/src/main/java/org/fptn/vpn/services/vpn/FptnConnection.java
@@ -21,6 +21,7 @@
 import org.fptn.vpn.enums.ConnectionState;
 import org.fptn.vpn.enums.NetworkType;
 import org.fptn.vpn.enums.PerAppVpnMode;
+import org.fptn.vpn.enums.SniSpoofingMode;
 import org.fptn.vpn.services.websocket.DnsServers;
 import org.fptn.vpn.services.websocket.WebSocketAlreadyShutdownException;
 import org.fptn.vpn.services.websocket.WebSocketClientWrapper;
@@ -80,6 +81,7 @@ public class FptnConnection extends Thread {
 
     @Getter
     private final AtomicInteger reconnectCount = new AtomicInteger(0);
+    private final SniSpoofingMode sniSpoofingMode;
 
     @Setter
     private PendingIntent configureVpnIntent;
@@ -114,6 +116,7 @@ public FptnConnection(final FptnService service,
                           final int delayBetweenAttempts,
                           final String sniHostName,
                           final BypassCensorshipMethod censorshipStrategy,
+                          final SniSpoofingMode sniSpoofingMode,
                           final PerAppVpnMode perAppVpnMode,
                           final List<AppInfo> appInfos) throws UnknownHostException {
         this.service = service;
@@ -123,6 +126,7 @@ public FptnConnection(final FptnService service,
         this.currentNetworkType = currentNetworkType;
         this.sniHostName = sniHostName;
         this.censorshipStrategy = censorshipStrategy;
+        this.sniSpoofingMode = sniSpoofingMode;
         this.perAppVpnMode = perAppVpnMode;
         this.appInfos = appInfos;
 
@@ -135,7 +139,8 @@ public FptnConnection(final FptnService service,
                 this::onMessageReceived,
                 this::onConnectionFailure,
                 this.sniHostName,
-                this.censorshipStrategy
+                this.censorshipStrategy,
+                this.sniSpoofingMode
         );
 
         this.maxReconnectCount = maxReconnectCount;

diff --git a/app/src/main/java/org/fptn/vpn/services/vpn/FptnService.java b/app/src/main/java/org/fptn/vpn/services/vpn/FptnService.java
@@ -37,6 +37,7 @@
 import org.fptn.vpn.enums.ConnectionState;
 import org.fptn.vpn.enums.NetworkType;
 import org.fptn.vpn.enums.PerAppVpnMode;
+import org.fptn.vpn.enums.SniSpoofingMode;
 import org.fptn.vpn.services.tile.FptnTileService;
 import org.fptn.vpn.utils.NetworkUtils;
 import org.fptn.vpn.utils.NotificationUtils;
@@ -243,6 +244,11 @@ public int onStartCommand(Intent intent, int flags, int startId) {
                     String sniHostname = SharedPrefUtils.getSniHostname(getApplicationContext());
                     BypassCensorshipMethod bypassCensorshipMethod = SharedPrefUtils.getBypassCensorshipMethod(this);
 
+                    SniSpoofingMode sniSpoofingMode = null;
+                    if (bypassCensorshipMethod == BypassCensorshipMethod.SNI_REALITY){
+                        sniSpoofingMode = SharedPrefUtils.getSniSpoofingMode(this);
+                    }
+
                     int serverId = intent.getIntExtra(SELECTED_SERVER, SELECTED_SERVER_ID_AUTO);
 
                     // Process startService from TileService
@@ -272,7 +278,7 @@ public int onStartCommand(Intent intent, int flags, int startId) {
                             updateNotificationWithMessage(getString(R.string.connecting_auto), "");
 
                             List<ServerEntity> serverEntities = appDatabase.serverDAO().getServerList(false);
-                            ServerEntity server = SpeedTestUtils.findFastestServer(serverEntities, sniHostname, bypassCensorshipMethod);
+                            ServerEntity server = SpeedTestUtils.findFastestServer(serverEntities, sniHostname, bypassCensorshipMethod, sniSpoofingMode);
                             setSelectedServer(server.getId());
 
                             connect(server, sniHostname);
@@ -451,6 +457,11 @@ private void connect(ServerEntity serverEntity, String sniHostname) throws Unkno
 
         BypassCensorshipMethod bypassCensorshipMethod = SharedPrefUtils.getBypassCensorshipMethod(this);
 
+        SniSpoofingMode sniSpoofingMode = null;
+        if (bypassCensorshipMethod == BypassCensorshipMethod.SNI_REALITY){
+            sniSpoofingMode = SharedPrefUtils.getSniSpoofingMode(this);
+        }
+
         PerAppVpnMode perAppVpnMode = SharedPrefUtils.getPerAppVPNMode(this);
         List<AppInfo> appInfos = new ArrayList<>();
         if (perAppVpnMode == PerAppVpnMode.ONLY_ALLOWED || perAppVpnMode == PerAppVpnMode.EXCEPT_DISALLOWED) {
@@ -478,6 +489,7 @@ private void connect(ServerEntity serverEntity, String sniHostname) throws Unkno
                 delayBetweenAttempts,
                 sniHostname,
                 bypassCensorshipMethod,
+                sniSpoofingMode,
                 perAppVpnMode,
                 appInfos
         );

diff --git a/app/src/main/java/org/fptn/vpn/services/websocket/NativeHttpsClientImpl.java b/app/src/main/java/org/fptn/vpn/services/websocket/NativeHttpsClientImpl.java
@@ -3,6 +3,7 @@
 import android.util.Log;
 
 import org.fptn.vpn.enums.BypassCensorshipMethod;
+import org.fptn.vpn.enums.SniSpoofingMode;
 
 public class NativeHttpsClientImpl {
     private static final String TAG = NativeHttpsClientImpl.class.getName();
@@ -17,37 +18,15 @@ public NativeHttpsClientImpl(String serverIP,
                                  int serverPort,
                                  String md5Fingerprint,
                                  String sni,
-                                 BypassCensorshipMethod censorshipStrategy) {
+                                 BypassCensorshipMethod censorshipStrategy,
+                                 SniSpoofingMode sniSpoofingMode) {
         String censorshipStrategyName = "SNI-REALITY-YANDEX-25";
         if (censorshipStrategy == BypassCensorshipMethod.TLS_OBFUSCATION) {
             censorshipStrategyName = "OBFUSCATION";
-        } else if (censorshipStrategy == BypassCensorshipMethod.SNI_REALITY) {  // deprecated
-            censorshipStrategyName = "SNI-REALITY";
-        }
-        /* Chrome */
-        else if (censorshipStrategy == BypassCensorshipMethod.SNI_REALITY_CHROME_147) {
-            censorshipStrategyName = "SNI-REALITY-CHROME-147";
-        } else if (censorshipStrategy == BypassCensorshipMethod.SNI_REALITY_CHROME_146) {
-            censorshipStrategyName = "SNI-REALITY-CHROME-146";
-        } else if (censorshipStrategy == BypassCensorshipMethod.SNI_REALITY_CHROME_145) {
-            censorshipStrategyName = "SNI-REALITY-CHROME-145";
-        }
-        /* Firefox */
-        else if (censorshipStrategy == BypassCensorshipMethod.SNI_REALITY_FIREFOX_149) {
-            censorshipStrategyName = "SNI-REALITY-FIREFOX-149";
-        }
-        /* Yandex */
-        else if (censorshipStrategy == BypassCensorshipMethod.SNI_REALITY_YANDEX_26) {
-            censorshipStrategyName = "SNI-REALITY-YANDEX-26";
-        } else if (censorshipStrategy == BypassCensorshipMethod.SNI_REALITY_YANDEX_25) {
-            censorshipStrategyName = "SNI-REALITY-YANDEX-25";
-        } else if (censorshipStrategy == BypassCensorshipMethod.SNI_REALITY_YANDEX_24) {
-            censorshipStrategyName = "SNI-REALITY-YANDEX-24";
-        }
-        /* Safari */
-        else if (censorshipStrategy == BypassCensorshipMethod.SNI_REALITY_SAFARI_26) {
-            censorshipStrategyName = "SNI-REALITY-SAFARI-26";
+        } else if (censorshipStrategy == BypassCensorshipMethod.SNI_REALITY) {
+            censorshipStrategyName = sniSpoofingMode.toString().replace('_', '-');
         }
+
         this.nativeHandle = nativeCreate(
                 serverIP,
                 serverPort,

diff --git a/app/src/main/java/org/fptn/vpn/services/websocket/NativeWebSocketClientImpl.java b/app/src/main/java/org/fptn/vpn/services/websocket/NativeWebSocketClientImpl.java
@@ -3,6 +3,7 @@
 import android.util.Log;
 
 import org.fptn.vpn.enums.BypassCensorshipMethod;
+import org.fptn.vpn.enums.SniSpoofingMode;
 import org.fptn.vpn.services.websocket.callback.OnFailureCallback;
 import org.fptn.vpn.services.websocket.callback.OnMessageReceivedCallback;
 import org.fptn.vpn.services.websocket.callback.OnOpenCallback;
@@ -39,40 +40,17 @@ public NativeWebSocketClientImpl(
             OnMessageReceivedCallback onMessageReceivedCallback,
             OnFailureCallback onFailureCallback,
             String sniHostName,
-            BypassCensorshipMethod censorshipStrategy) throws PVNClientException {
+            BypassCensorshipMethod censorshipStrategy,
+            SniSpoofingMode sniSpoofingMode) throws PVNClientException {
         this.onOpenCallback = onOpenCallback;
         this.onMessageReceivedCallback = onMessageReceivedCallback;
         this.onFailureCallback = onFailureCallback;
 
         String censorshipStrategyName = "SNI-REALITY-YANDEX-25";
         if (censorshipStrategy == BypassCensorshipMethod.TLS_OBFUSCATION) {
             censorshipStrategyName = "OBFUSCATION";
-        } else if (censorshipStrategy == BypassCensorshipMethod.SNI_REALITY) {  // deprecated
-            censorshipStrategyName = "SNI-REALITY";
-        }
-        /* Chrome */
-        else if (censorshipStrategy == BypassCensorshipMethod.SNI_REALITY_CHROME_147) {
-            censorshipStrategyName = "SNI-REALITY-CHROME-147";
-        } else if (censorshipStrategy == BypassCensorshipMethod.SNI_REALITY_CHROME_146) {
-            censorshipStrategyName = "SNI-REALITY-CHROME-146";
-        } else if (censorshipStrategy == BypassCensorshipMethod.SNI_REALITY_CHROME_145) {
-            censorshipStrategyName = "SNI-REALITY-CHROME-145";
-        }
-        /* Firefox */
-        else if (censorshipStrategy == BypassCensorshipMethod.SNI_REALITY_FIREFOX_149) {
-            censorshipStrategyName = "SNI-REALITY-FIREFOX-149";
-        }
-        /* Yandex */
-        else if (censorshipStrategy == BypassCensorshipMethod.SNI_REALITY_YANDEX_26) {
-            censorshipStrategyName = "SNI-REALITY-YANDEX-26";
-        } else if (censorshipStrategy == BypassCensorshipMethod.SNI_REALITY_YANDEX_25) {
-            censorshipStrategyName = "SNI-REALITY-YANDEX-25";
-        } else if (censorshipStrategy == BypassCensorshipMethod.SNI_REALITY_YANDEX_24) {
-            censorshipStrategyName = "SNI-REALITY-YANDEX-24";
-        }
-        /* Safari */
-        else if (censorshipStrategy == BypassCensorshipMethod.SNI_REALITY_SAFARI_26) {
-            censorshipStrategyName = "SNI-REALITY-SAFARI-26";
+        } else if (censorshipStrategy == BypassCensorshipMethod.SNI_REALITY) {
+            censorshipStrategyName = sniSpoofingMode.toString().replace('_', '-');
         }
 
         this.nativeHandle = nativeCreate(

diff --git a/app/src/main/java/org/fptn/vpn/services/websocket/WebSocketClientWrapper.java b/app/src/main/java/org/fptn/vpn/services/websocket/WebSocketClientWrapper.java
@@ -6,6 +6,7 @@
 
 import org.fptn.vpn.database.entity.ServerEntity;
 import org.fptn.vpn.enums.BypassCensorshipMethod;
+import org.fptn.vpn.enums.SniSpoofingMode;
 import org.fptn.vpn.services.websocket.callback.OnFailureCallback;
 import org.fptn.vpn.services.websocket.callback.OnMessageReceivedCallback;
 import org.fptn.vpn.services.websocket.callback.OnOpenCallback;
@@ -29,6 +30,7 @@ public class WebSocketClientWrapper {
     private final NativeHttpsClientImpl nativeHttpsClient;
     private final String sniHostName;
     private final BypassCensorshipMethod censorshipStrategy;
+    private final SniSpoofingMode sniSpoofingMode;
 
     private NativeWebSocketClientImpl nativeWebSocketClient;
 
@@ -42,7 +44,8 @@ public WebSocketClientWrapper(ServerEntity serverEntity,
                                   OnMessageReceivedCallback onMessageReceivedCallback,
                                   OnFailureCallback onFailureCallback,
                                   String sniHostName,
-                                  BypassCensorshipMethod censorshipStrategy) {
+                                  BypassCensorshipMethod censorshipStrategy,
+                                  SniSpoofingMode sniSpoofingMode) {
         this.serverEntity = serverEntity;
         this.tunAddressIPv4 = tunAddressIPv4;
         this.tunAddressIPv6 = tunAddressIPv6;
@@ -53,13 +56,15 @@ public WebSocketClientWrapper(ServerEntity serverEntity,
         // this is SNI spoofing
         this.sniHostName = sniHostName;
         this.censorshipStrategy = censorshipStrategy;
+        this.sniSpoofingMode = sniSpoofingMode;
 
         this.nativeHttpsClient = new NativeHttpsClientImpl(
                 serverEntity.getHost(),
                 serverEntity.getPort(),
                 serverEntity.getMd5ServerFingerprint(),
                 sniHostName,
-                censorshipStrategy
+                censorshipStrategy,
+                sniSpoofingMode
         );
     }
 
@@ -82,7 +87,8 @@ public synchronized void startWebSocket() throws PVNClientException, WebSocketAl
                 onMessageReceivedCallback,
                 onFailureCallback,
                 sniHostName,
-                censorshipStrategy
+                censorshipStrategy,
+                sniSpoofingMode
         );
 
         Log.d(getTag(), "startWebSocket() nativeWebSocketClient.start() Thread.id: " + Thread.currentThread().getId());

diff --git a/app/src/main/java/org/fptn/vpn/utils/SharedPrefUtils.java b/app/src/main/java/org/fptn/vpn/utils/SharedPrefUtils.java
@@ -7,6 +7,7 @@
 import org.fptn.vpn.core.common.Constants;
 import org.fptn.vpn.enums.BypassCensorshipMethod;
 import org.fptn.vpn.enums.PerAppVpnMode;
+import org.fptn.vpn.enums.SniSpoofingMode;
 
 import java.util.Objects;
 
@@ -127,14 +128,31 @@ public static BypassCensorshipMethod getBypassCensorshipMethod(Context context)
                 return value;
             }
         }
-        return BypassCensorshipMethod.SNI_SPOOFING;
+        return BypassCensorshipMethod.SNI_REALITY;
     }
 
     public static void saveBypassCensorshipMethod(Context context, BypassCensorshipMethod method) {
         SharedPreferences sharedPreferences = context.getSharedPreferences(Constants.APPLICATION_SHARED_PREFERENCES, Context.MODE_PRIVATE);
         sharedPreferences.edit().putString(Constants.BYPASS_CENSORSHIP_METHOD_SHARED_PREF_KEY, method.toString()).apply();
     }
 
+
+    public static SniSpoofingMode getSniSpoofingMode(Context context) {
+        SharedPreferences sharedPreferences = context.getSharedPreferences(Constants.APPLICATION_SHARED_PREFERENCES, Context.MODE_PRIVATE);
+        String modeName = sharedPreferences.getString(Constants.SNI_SPOOFING_MODE_SHARED_PREF_KEY, null);
+        for (SniSpoofingMode value : SniSpoofingMode.values()) {
+            if (Objects.equals(modeName, value.name())) {
+                return value;
+            }
+        }
+        return SniSpoofingMode.SNI_REALITY_YANDEX_25;
+    }
+
+    public static void saveSniSpoofingMode(Context context, SniSpoofingMode mode) {
+        SharedPreferences sharedPreferences = context.getSharedPreferences(Constants.APPLICATION_SHARED_PREFERENCES, Context.MODE_PRIVATE);
+        sharedPreferences.edit().putString(Constants.SNI_SPOOFING_MODE_SHARED_PREF_KEY, mode.toString()).apply();
+    }
+
     /* Per-app VPN settings */
     public static PerAppVpnMode getPerAppVPNMode(Context context) {
         SharedPreferences sharedPreferences = context.getSharedPreferences(Constants.APPLICATION_SHARED_PREFERENCES, Context.MODE_PRIVATE);