From 31958a27f3395e9256ef579dc91e5f1a6c29609e Mon Sep 17 00:00:00 2001
From: Tim Kimber <tkimber@mobius.org.uk>
Date: Tue, 14 Jul 2020 21:40:51 +0100
Subject: [PATCH] Check error message shown if ACL has a leading space

---
 test/16-test-bad-acl.bats                  | 23 +++++++++++++++++
 test/test-config/getssl-http01-bad-acl.cfg | 29 ++++++++++++++++++++++
 2 files changed, 52 insertions(+)
 create mode 100644 test/16-test-bad-acl.bats
 create mode 100644 test/test-config/getssl-http01-bad-acl.cfg

diff --git a/test/16-test-bad-acl.bats b/test/16-test-bad-acl.bats
new file mode 100644
index 0000000..d953951
--- /dev/null
+++ b/test/16-test-bad-acl.bats
@@ -0,0 +1,23 @@
+#! /usr/bin/env bats
+
+load '/bats-support/load.bash'
+load '/bats-assert/load.bash'
+load '/getssl/test/test_helper.bash'
+
+
+# This is run for every test
+setup() {
+    export CURL_CA_BUNDLE=/root/pebble-ca-bundle.crt
+}
+
+
+@test "Test behaviour if ACL= line has a space" {
+    if [ -n "$STAGING" ]; then
+        skip "Using staging server, skipping internal test"
+    fi
+    CONFIG_FILE="getssl-http01-bad-acl.cfg"
+    setup_environment
+    init_getssl
+    create_certificate
+    assert_failure
+}
diff --git a/test/test-config/getssl-http01-bad-acl.cfg b/test/test-config/getssl-http01-bad-acl.cfg
new file mode 100644
index 0000000..461d3a3
--- /dev/null
+++ b/test/test-config/getssl-http01-bad-acl.cfg
@@ -0,0 +1,29 @@
+# Uncomment and modify any variables you need
+# see https://github.com/srvrco/getssl/wiki/Config-variables for details
+# see https://github.com/srvrco/getssl/wiki/Example-config-files for example configs
+#
+CA="https://pebble:14000/dir"
+
+# Additional domains - this could be multiple domains / subdomains in a comma separated list
+SANS=""
+
+# Acme Challenge Location.
+ACL= ('/var/www/html/.well-known/acme-challenge')
+
+#Set USE_SINGLE_ACL="true" to use a single ACL for all checks
+USE_SINGLE_ACL="false"
+
+# Location for all your certs, these can either be on the server (full path name)
+# or using ssh /sftp as for the ACL
+DOMAIN_CERT_LOCATION="/etc/nginx/pki/server.crt"
+DOMAIN_KEY_LOCATION="/etc/nginx/pki/private/server.key"
+CA_CERT_LOCATION="/etc/nginx/pki/chain.crt"
+DOMAIN_CHAIN_LOCATION="" # this is the domain cert and CA cert
+DOMAIN_PEM_LOCATION="" # this is the domain_key, domain cert and CA cert
+
+# The command needed to reload apache / nginx or whatever you use
+RELOAD_CMD="cp /getssl/test/test-config/nginx-ubuntu-ssl ${NGINX_CONFIG} && /getssl/test/restart-nginx"
+
+# Define the server type and confirm correct certificate is installed
+SERVER_TYPE="https"
+CHECK_REMOTE="true"