From 25d29bbff5d3270b9f986504c9602a32514da375 Mon Sep 17 00:00:00 2001
From: Tim Kimber <tkimber@mobius.org.uk>
Date: Tue, 20 Jul 2021 16:09:13 +0100
Subject: [PATCH 1/3] Use setup_file so setup code only runs once

---
 test/2-simple-dns01-dig.bats | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/test/2-simple-dns01-dig.bats b/test/2-simple-dns01-dig.bats
index f8f0cb4e..a0d70a2f 100644
--- a/test/2-simple-dns01-dig.bats
+++ b/test/2-simple-dns01-dig.bats
@@ -5,7 +5,7 @@ load '/bats-assert/load.bash'
 load '/getssl/test/test_helper.bash'
 
 
-setup() {
+setup_file() {
     if [ -z "$STAGING" ]; then
         export CURL_CA_BUNDLE=/root/pebble-ca-bundle.crt
     fi
@@ -18,7 +18,7 @@ setup() {
 }
 
 
-teardown() {
+teardown_file() {
     if [ -f /usr/bin/host.getssl.bak ]; then
         mv /usr/bin/host.getssl.bak /usr/bin/host
     fi

From 278988b76d27afa97429669f581a5f1d079037cd Mon Sep 17 00:00:00 2001
From: Tim Kimber <tkimber@mobius.org.uk>
Date: Tue, 20 Jul 2021 16:09:38 +0100
Subject: [PATCH 2/3] Enable the stale issue workflow

---
 .github/workflows/stale2.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/stale2.yml b/.github/workflows/stale2.yml
index 9d5511bf..94d36866 100644
--- a/.github/workflows/stale2.yml
+++ b/.github/workflows/stale2.yml
@@ -13,4 +13,4 @@ jobs:
           days-before-stale: 60
           days-before-close: 30
           any-of-labels: 'needs more information'
-          debug-only: true
+          debug-only: false

From 622b4b32376d91d427639dffd63a8e9c72564b7b Mon Sep 17 00:00:00 2001
From: Tim Kimber <tkimber@mobius.org.uk>
Date: Tue, 20 Jul 2021 16:10:44 +0100
Subject: [PATCH 3/3] Update version and change log

---
 getssl | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/getssl b/getssl
index 6069ed6e..81fe187f 100755
--- a/getssl
+++ b/getssl
@@ -260,7 +260,9 @@
 # 2021-02-18 Add FULL_CHAIN_INCLUDE_ROOT
 # 2021-03-25 Fix DNS challenge completion check if CNAMEs on different NS are used (sideeffect42)(2.35)
 # 2021-05-08 Merge from tlhackque/getssl: GoDaddy, split-view, tempfile permissions fixes, --version(2.36)
+# 2021-07-07 Request new certificate if SANs have changed (#669)(#673)
 # 2021-07-12 Do not redirect outputs on remote commands when the debug option is used (atisne)
+# 2021-07-20 Use +noidnout to enable certificates for IDN domains (#679)(2.37)
 # ----------------------------------------------------------------------------------------
 
 case :$SHELLOPTS: in
@@ -269,16 +271,16 @@ esac
 
 PROGNAME=${0##*/}
 PROGDIR="$(cd "$(dirname "$0")" || exit; pwd -P;)"
-VERSION="2.36"
+VERSION="2.37"
 
 # defaults
 ACCOUNT_KEY_LENGTH=4096
 ACCOUNT_KEY_TYPE="rsa"
-CA="https://acme-staging-v02.api.letsencrypt.org/directory"
 CA_CERT_LOCATION=""
+CA="https://acme-staging-v02.api.letsencrypt.org/directory"
 CHALLENGE_CHECK_TYPE="http"
-CHECK_REMOTE="true"
 CHECK_REMOTE_WAIT=0
+CHECK_REMOTE="true"
 CODE_LOCATION="https://raw.githubusercontent.com/srvrco/getssl/master/getssl"
 CSR_SUBJECT="/"
 CURL_USERAGENT="${PROGNAME}/${VERSION}"
@@ -291,6 +293,7 @@ FULL_CHAIN_INCLUDE_ROOT="false"
 GETSSL_IGNORE_CP_PRESERVE="false"
 HTTP_TOKEN_CHECK_WAIT=0
 IGNORE_DIRECTORY_DOMAIN="false"
+OCSP_MUST_STAPLE="false"
 ORIG_UMASK=$(umask)
 PREFERRED_CHAIN=""              # Set this to use an alternative root certificate
 PREVIOUSLY_VALIDATED="true"
@@ -301,7 +304,6 @@ REUSE_PRIVATE_KEY="true"
 SERVER_TYPE="https"
 SKIP_HTTP_TOKEN_CHECK="false"
 SSLCONF="$(openssl version -d 2>/dev/null| cut -d\" -f2)/openssl.cnf"
-OCSP_MUST_STAPLE="false"
 TEMP_UPGRADE_FILE=""
 TOKEN_USER_ID=""
 USE_SINGLE_ACL="false"