Fix output token and GSS context leaks in TKEY/GSS-API error paths

Fix output token and GSS context leaks in TKEY/GSS-API error paths

In dst_gssapi_acceptctx(), rename outtoken to outtokenp (matching BIND
convention for output pointer parameters) and free the allocated output
token buffer on error in the cleanup path.

In process_gsstkey(), route the empty-principal error path through
cleanup via CLEANUP() instead of returning early, so that the output
token, GSS context, and TSIG key are all freed consistently by the
existing cleanup block.

(cherry picked from commit 6c46c85d02849fb659584275313529794039f433)