libjob: fix leak, improve error from unwrap_string()

Problem: When built with flux-security support, unwrap_string() leaks
the security context object when flux_security_create() succeeds, but
flux_security_configure() fails. Also, the error message is generic
so the specific error from flux_security_configure() available from
flux_security_last_error() is suppressed.

Fix these two issues by handling failure from flux_security_configure()
separately from flux_security_create().

Author: grondo

src/common/libjob/unwrap.c

@@ -76,12 +76,16 @@ char *unwrap_string (const char *s,
     int64_t userid64;
     int flags = verify ? 0 : FLUX_SIGN_NOVERIFY;
 
-    if (!(sec = flux_security_create (0))
-        || flux_security_configure (sec, NULL) < 0) {
+    if (!(sec = flux_security_create (0))) {
         errprintf (errp,
-                   "failed to initialize security context: %s",
+                   "failed to create security context: %s",
                    strerror (errno));
-        return NULL;
+    }
+    if (flux_security_configure (sec, NULL) < 0) {
+        errprintf (errp,
+                   "failed to configure security context: %s",
+                   flux_security_last_error (sec));
+        goto done;
     }
     if (flux_sign_unwrap_anymech (sec,
                                   s,