gpg: Emit STATUS_FAILURE for --require-compliance errors

* g10/misc.c (compliance_failure): Do not fallback to CO_GNUPG.  Print
compliance failure error and status for CO_DE_VS.
* g10/mainproc.c (proc_encrypted): Call compliance_failure in the
require-compliance error case.
* g10/encrypt.c (check_encryption_compliance): Ditto.

g10/encrypt.c

@@ -567,10 +567,8 @@ check_encryption_compliance (DEK *dek, pk_list_t pk_list)
       && opt.compliance == CO_DE_VS
       && !compliant)
     {
-      log_error (_("operation forced to fail due to"
-                   " unfulfilled compliance rules\n"));
+      compliance_failure ();
       err = gpg_error (GPG_ERR_FORBIDDEN);
-      g10_errors_seen = 1;
       goto leave;
     }
 

g10/mainproc.c

@@ -944,9 +944,7 @@ proc_encrypted (CTX c, PACKET *pkt)
       && opt.compliance == CO_DE_VS
       && compliance_de_vs != (4|2|1))
     {
-      log_error (_("operation forced to fail due to"
-                   " unfulfilled compliance rules\n"));
-      g10_errors_seen = 1;
+      compliance_failure ();
     }
 }
 
@@ -2625,8 +2623,7 @@ check_sig_and_print (CTX c, kbnode_t node)
       else if (opt.flags.require_compliance
                && opt.compliance == CO_DE_VS)
         {
-          log_error (_("operation forced to fail due to"
-                       " unfulfilled compliance rules\n"));
+          compliance_failure ();
           if (!rc)
             rc = gpg_error (GPG_ERR_FORBIDDEN);
         }

g10/misc.c

@@ -1405,8 +1405,12 @@ compliance_failure(void)
       break;
 
     case CO_DE_VS:
-      ver="DE-VS applications";
-      break;
+      /* For de-vs we do not allow any kind of fallback.  */
+      write_status_failure ("compliance-check", gpg_error (GPG_ERR_FORBIDDEN));
+      log_error (_("operation forced to fail due to"
+                   " unfulfilled compliance rules\n"));
+      g10_errors_seen = 1;
+      return;
     }
 
   log_info(_("this message may not be usable by %s\n"),ver);