From a2f2523b99ff0ce27bd83558db40496b0528ecf6 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Wed, 8 Jan 2025 18:19:49 +0100 Subject: [PATCH] Remove the default keyserver. --- NEWS | 1 + configure.ac | 2 +- dirmngr/server.c | 6 ++++-- doc/dirmngr.texi | 4 +--- 4 files changed, 7 insertions(+), 6 deletions(-) diff --git a/NEWS b/NEWS index 8c6faafb2..57735f35e 100644 --- a/NEWS +++ b/NEWS @@ -19,6 +19,7 @@ Noteworthy changes in version 2.5.3 (unreleased) renamed to --deprecated-supervised as preparation for their removal. [rGa019a0fcd8] + * There is no more default for a keyserver. See-also: gnupg-announce/2024q4/000xxx.html Release-info: https://dev.gnupg.org/T7442 diff --git a/configure.ac b/configure.ac index e8d5122a9..6252d57e6 100644 --- a/configure.ac +++ b/configure.ac @@ -1930,7 +1930,7 @@ AC_DEFINE_UNQUOTED(TPM2DAEMON_SOCK_NAME, "S.tpm2daemon", AC_DEFINE_UNQUOTED(DIRMNGR_SOCK_NAME, "S.dirmngr", [The name of the dirmngr socket]) AC_DEFINE_UNQUOTED(DIRMNGR_DEFAULT_KEYSERVER, - "hkps://keyserver.ubuntu.com", + "hkps://none", [The default keyserver for dirmngr to use, if none is explicitly given]) AC_DEFINE_UNQUOTED(GPGEXT_GPG, "gpg", [The standard binary file suffix]) diff --git a/dirmngr/server.c b/dirmngr/server.c index 710317e5e..ed8e3caf6 100644 --- a/dirmngr/server.c +++ b/dirmngr/server.c @@ -2209,8 +2209,10 @@ ensure_keyserver (ctrl_t ctrl) if (!opt.keyserver) { /* No global option set. Fall back to default: */ - return make_keyserver_item (DIRMNGR_DEFAULT_KEYSERVER, - &ctrl->server_local->keyservers); + /* return make_keyserver_item (DIRMNGR_DEFAULT_KEYSERVER, */ + /* &ctrl->server_local->keyservers); */ + err = gpg_error (GPG_ERR_NO_KEYSERVER); /* No more default. */ + goto leave; } for (sl = opt.keyserver; sl; sl = sl->next) diff --git a/doc/dirmngr.texi b/doc/dirmngr.texi index d986eaafa..9683ea5ab 100644 --- a/doc/dirmngr.texi +++ b/doc/dirmngr.texi @@ -345,9 +345,7 @@ service (.onion), Dirmngr selects the keyserver to use depending on whether Tor is locally running or not. The check for a running Tor is done for each new connection. -If no keyserver is explicitly configured, dirmngr will use the -built-in default of @code{https://keyserver.ubuntu.com}. To avoid the -use of a default keyserver the value @code{none} can be used. +There is no default keyserver since version 2.5.3. Windows users with a keyserver running on their Active Directory may use the short form @code{ldap:///} for @var{name} to access this directory.