* getkey.c (get_pubkey_direct): Renamed to...

(get_pubkey_fast): this and made extern.
(get_pubkey_byfprint_fast): New.
* import.c (import_one): Use get_pubkey_fast instead of
get_pubkey.  We don't need a merged key and actually this might
lead to recursions. --> There is still a problem, though.
(revocation_present): Likewise for search by fingerprint.

* g10.c (main): Try to create the trustdb even for non-colon-mode
list-key operations.  This is required because getkey needs to
know whether a a key is ultimately trusted.

g10/encode.c

@@ -291,13 +291,18 @@ encode_simple( const char *filename, int mode, int compat )
        messages. */
 
     if( filename && !opt.textmode ) {
-	if( !(filesize = iobuf_get_filelength(inp)) )
-	    log_info(_("%s: WARNING: empty file\n"), filename );
-        /* we can't yet encode the length of very large files,
-         * so we switch to partial lengthn encoding in this case */
-        if ( filesize >= IOBUF_FILELENGTH_LIMIT )
-            filesize = 0;
+        off_t tmpsize;
 
+	if ( !(tmpsize = iobuf_get_filelength(inp)) )
+          log_info(_("%s: WARNING: empty file\n"), filename );
+        /* We can't encode the length of very large files because
+           OpenPGP uses only 32 bit for file sizes.  So if the the
+           size of a file is larger than 2^32 minus some bytes for
+           packet headers, we switch to partial length encoding. */
+        if ( tmpsize < (IOBUF_FILELENGTH_LIMIT - 65536) )
+          filesize = tmpsize;
+        else
+          filesize = 0;
     }
     else
 	filesize = opt.set_filesize ? opt.set_filesize : 0; /* stdin */
@@ -516,12 +521,18 @@ encode_crypt( const char *filename, STRLIST remusr )
     }
 
     if( filename && !opt.textmode ) {
-	if( !(filesize = iobuf_get_filelength(inp)) )
-	    log_info(_("%s: WARNING: empty file\n"), filename );
-        /* we can't yet encode the length of very large files,
-         * so we switch to partial length encoding in this case */
-        if ( filesize >= IOBUF_FILELENGTH_LIMIT )
-            filesize = 0;
+        off_t tmpsize;
+
+	if ( !(tmpsize = iobuf_get_filelength(inp)) )
+          log_info(_("%s: WARNING: empty file\n"), filename );
+        /* We can't encode the length of very large files because
+           OpenPGP uses only 32 bit for file sizes.  So if the the
+           size of a file is larger than 2^32 minus some bytes for
+           packet headers, we switch to partial length encoding. */
+        if ( tmpsize < (IOBUF_FILELENGTH_LIMIT - 65536) )
+          filesize = tmpsize;
+        else
+          filesize = 0;
     }
     else
 	filesize = opt.set_filesize ? opt.set_filesize : 0; /* stdin */

g10/g10.c

@@ -1983,13 +1983,6 @@ main( int argc, char **argv )
       case aEnArmor:
       case aFixTrustDB:
 	break;
-      case aKMode:
-      case aListKeys:
-      case aListSecretKeys:
-      case aCheckKeys:
-	if( opt.with_colons ) /* need this to list the trust */
-	    rc = setup_trustdb(1, trustdb_name );
-	break;
       case aExportOwnerTrust: rc = setup_trustdb( 0, trustdb_name ); break;
       case aListTrustDB: rc = setup_trustdb( argc? 1:0, trustdb_name ); break;
       default: rc = setup_trustdb(1, trustdb_name ); break;

g10/getkey.c

@@ -96,7 +96,6 @@ static int uid_cache_entries;	/* number of entries in uid cache */
 
 static void merge_selfsigs( KBNODE keyblock );
 static int lookup( GETKEY_CTX ctx, KBNODE *ret_keyblock, int secmode );
-static int get_pubkey_direct (PKT_public_key *pk, u32 *keyid);
 
 #if 0
 static void
@@ -376,8 +375,8 @@ get_pubkey( PKT_public_key *pk, u32 *keyid )
 /* Get a public key and store it into the allocated pk.  This function
    differs from get_pubkey() in that it does not do a check of the key
    to avoid recursion.  It should be used only in very certain cases.  */
-static int
-get_pubkey_direct (PKT_public_key *pk, u32 *keyid)
+int
+get_pubkey_fast (PKT_public_key *pk, u32 *keyid)
 {
   int rc = 0;
   KEYDB_HANDLE hd;
@@ -908,6 +907,58 @@ get_pubkey_byfprint( PKT_public_key *pk,
     return rc;
 }
 
+
+/* Get a public key and store it into the allocated pk.  This function
+   differs from get_pubkey_byfprint() in that it does not do a check
+   of the key to avoid recursion.  It should be used only in very
+   certain cases.  PK may be NULL to check just for the existance of
+   the key. */
+int
+get_pubkey_byfprint_fast (PKT_public_key *pk,
+                          const byte *fprint, size_t fprint_len)
+{
+  int rc = 0;
+  KEYDB_HANDLE hd;
+  KBNODE keyblock;
+  unsigned char fprbuf[MAX_FINGERPRINT_LEN];
+  int i;
+  
+  for (i=0; i < MAX_FINGERPRINT_LEN && i < fprint_len; i++)
+    fprbuf[i] = fprint[i];
+  while (i < MAX_FINGERPRINT_LEN) 
+    fprbuf[i++] = 0;
+
+  hd = keydb_new (0);
+  rc = keydb_search_fpr (hd, fprbuf);
+  if (rc == -1)
+    {
+      keydb_release (hd);
+      return G10ERR_NO_PUBKEY;
+    }
+  rc = keydb_get_keyblock (hd, &keyblock);
+  keydb_release (hd);
+  if (rc) 
+    {
+      log_error ("keydb_get_keyblock failed: %s\n", g10_errstr(rc));
+      return G10ERR_NO_PUBKEY;
+    }
+  
+  assert ( keyblock->pkt->pkttype == PKT_PUBLIC_KEY
+           ||  keyblock->pkt->pkttype == PKT_PUBLIC_SUBKEY );
+  if (pk)
+    copy_public_key (pk, keyblock->pkt->pkt.public_key );
+  release_kbnode (keyblock);
+
+  /* Not caching key here since it won't have all of the fields
+     properly set. */
+
+  return 0;
+}
+
+
+
+
+
 /****************
  * Search for a key with the given fingerprint and return the
  * complete keyblock which may have more than only this key.
@@ -1520,7 +1571,7 @@ merge_selfsigs_main( KBNODE keyblock, int *r_revoked )
 
 		    ultimate_pk=m_alloc_clear(sizeof(*ultimate_pk));
 
-		    if(get_pubkey_direct(ultimate_pk,sig->keyid)==0 &&
+		    if(get_pubkey_fast(ultimate_pk,sig->keyid)==0 &&
 		       check_key_signature(keyblock,k,NULL)==0 &&
 		       get_ownertrust(ultimate_pk)==TRUST_ULTIMATE)
 		      {

g10/import.c

@@ -626,7 +626,7 @@ import_one( const char *fname, KBNODE keyblock, int fast,
 
     /* do we have this key already in one of our pubrings ? */
     pk_orig = m_alloc_clear( sizeof *pk_orig );
-    rc = get_pubkey( pk_orig, keyid );
+    rc = get_pubkey_fast ( pk_orig, keyid );
     if( rc && rc != G10ERR_NO_PUBKEY && rc != G10ERR_UNU_PUBKEY ) {
 	log_error( _("key %08lX: public key not found: %s\n"),
 				(ulong)keyid[1], g10_errstr(rc));
@@ -1401,8 +1401,8 @@ revocation_present(KBNODE keyblock)
                          itself? */
 		      int rc;
 
-		      rc=get_pubkey_byfprint(NULL,sig->revkey[idx]->fpr,
-					     MAX_FINGERPRINT_LEN);
+		      rc=get_pubkey_byfprint_fast (NULL,sig->revkey[idx]->fpr,
+                                                   MAX_FINGERPRINT_LEN);
 		      if(rc==G10ERR_NO_PUBKEY || rc==G10ERR_UNU_PUBKEY)
 			{
 			  /* No, so try and get it */
@@ -1417,7 +1417,7 @@ revocation_present(KBNODE keyblock)
 						      MAX_FINGERPRINT_LEN);
 
 			      /* Do we have it now? */
-			      rc=get_pubkey_byfprint(NULL,
+			      rc=get_pubkey_byfprint_fast (NULL,
 						     sig->revkey[idx]->fpr,
 						     MAX_FINGERPRINT_LEN);
 			    }

g10/keydb.h

@@ -190,6 +190,7 @@ int classify_user_id( const char *name, KEYDB_SEARCH_DESC *desc);
 void cache_public_key( PKT_public_key *pk );
 void getkey_disable_caches(void);
 int get_pubkey( PKT_public_key *pk, u32 *keyid );
+int get_pubkey_fast ( PKT_public_key *pk, u32 *keyid );
 KBNODE get_pubkeyblock( u32 *keyid );
 int get_pubkey_byname( PKT_public_key *pk,  const char *name,
                        KBNODE *ret_keyblock, KEYDB_HANDLE *ret_kdbhd);
@@ -201,6 +202,8 @@ int get_seckey( PKT_secret_key *sk, u32 *keyid );
 int get_primary_seckey( PKT_secret_key *sk, u32 *keyid );
 int get_pubkey_byfprint( PKT_public_key *pk, const byte *fprint,
 						 size_t fprint_len );
+int get_pubkey_byfprint_fast (PKT_public_key *pk,
+                              const byte *fprint, size_t fprint_len);
 int get_keyblock_byfprint( KBNODE *ret_keyblock, const byte *fprint,
 						 size_t fprint_len );
 int get_keyblock_bylid( KBNODE *ret_keyblock, ulong lid );