vauth: Fix memleak by freeing credentials if out of memory

This is a follow up to the parent commit dcdd4be3 which fixes one leak
but creates another by failing to free the credentials handle if out of
memory. Also there's a second location a few lines down where we fail to
do same. This commit fixes both of those issues.