Fix resource leak in crls_http_cb()

Fix resource leak in crls_http_cb()

When the function fails to push the second CRL to the stack, it
incorrectly uses sk_X509_CRL_free() instead of sk_X509_CRL_pop_free().
This destroys the stack container but orphans previously pushed
X509_CRL objects.

Replace it with sk_X509_CRL_pop_free passing X509_CRL_free as the
cleanup routine to ensure deep deallocation of any pushed items.

Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Norbert Pocs <norbertp@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/30372)

(cherry picked from commit 0d2874b37a6b1da258aac81bd647fc02cbdf5547)