From: Sergey Matveev <stargrave@stargrave.org>
Date: Mon, 4 Dec 2023 14:27:50 +0000 (+0300)
Subject: Ability to work without ECDSA
X-Git-Url: http://www.git.stargrave.org/?p=godlighty.git;a=commitdiff_plain;h=e05f6f8830b01d52cc21cd5f97cef6616a5334b9

Ability to work without ECDSA
---

diff --git a/tls.go b/tls.go
index 0451b03..b2ad433 100644
--- a/tls.go
+++ b/tls.go
@@ -67,12 +67,17 @@ func GetCertificate(chi *tls.ClientHelloInfo) (*tls.Certificate, error) {
 			return cert, nil
 		}
 	}
-	if CHIHasEdDSA(chi) {
-		if cert := HostToEdDSACertificate[chi.ServerName]; cert != nil {
-			return cert, nil
+	var cert *tls.Certificate
+	if len(HostToECDSACertificate) == 0 {
+		cert = HostToEdDSACertificate[chi.ServerName]
+	} else {
+		if CHIHasEdDSA(chi) {
+			if cert := HostToEdDSACertificate[chi.ServerName]; cert != nil {
+				return cert, nil
+			}
 		}
+		cert = HostToECDSACertificate[chi.ServerName]
 	}
-	cert := HostToECDSACertificate[chi.ServerName]
 	if cert == nil {
 		return nil, errors.New("no certificate found")
 	}
@@ -84,7 +89,7 @@ func GetConfigForClient(chi *tls.ClientHelloInfo) (*tls.Config, error) {
 	if CHIHasGOST(chi) {
 		pool = HostGOSTClientAuth[chi.ServerName]
 	}
-	if pool == nil && CHIHasEdDSA(chi) {
+	if pool == nil && (CHIHasEdDSA(chi) || len(HostECDSAClientAuth) == 0) {
 		pool = HostEdDSAClientAuth[chi.ServerName]
 	}
 	if pool == nil {