From e05f6f8830b01d52cc21cd5f97cef6616a5334b9 Mon Sep 17 00:00:00 2001
From: Sergey Matveev <stargrave@stargrave.org>
Date: Mon, 4 Dec 2023 17:27:50 +0300
Subject: [PATCH] Ability to work without ECDSA

---
 tls.go | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/tls.go b/tls.go
index 0451b03..b2ad433 100644
--- a/tls.go
+++ b/tls.go
@@ -67,12 +67,17 @@ func GetCertificate(chi *tls.ClientHelloInfo) (*tls.Certificate, error) {
 			return cert, nil
 		}
 	}
-	if CHIHasEdDSA(chi) {
-		if cert := HostToEdDSACertificate[chi.ServerName]; cert != nil {
-			return cert, nil
+	var cert *tls.Certificate
+	if len(HostToECDSACertificate) == 0 {
+		cert = HostToEdDSACertificate[chi.ServerName]
+	} else {
+		if CHIHasEdDSA(chi) {
+			if cert := HostToEdDSACertificate[chi.ServerName]; cert != nil {
+				return cert, nil
+			}
 		}
+		cert = HostToECDSACertificate[chi.ServerName]
 	}
-	cert := HostToECDSACertificate[chi.ServerName]
 	if cert == nil {
 		return nil, errors.New("no certificate found")
 	}
@@ -84,7 +89,7 @@ func GetConfigForClient(chi *tls.ClientHelloInfo) (*tls.Config, error) {
 	if CHIHasGOST(chi) {
 		pool = HostGOSTClientAuth[chi.ServerName]
 	}
-	if pool == nil && CHIHasEdDSA(chi) {
+	if pool == nil && (CHIHasEdDSA(chi) || len(HostECDSAClientAuth) == 0) {
 		pool = HostEdDSAClientAuth[chi.ServerName]
 	}
 	if pool == nil {
-- 
2.44.0