Randomize session cookie/ID

[dvlemplgk]

Get a random cookie on OS supporting /dev/urandom instead of always the
same 0x78563412.

[lategoodbye]

Why can't we use portable C functions like rand() here?

[ch-aurich]

Yes, I would welcome a portable version as well

[dvlemplgk]

I thought about that, read the man page of rand and refrained from using it. I want a true random value here. Rand() must be seeded to give some reasonable randomness. Where to get a proper seed? Uptime is bad, time of day is bad (We're using open-plc-utils on OpenWrt where there's mostly no hw clock.). I have no idea how to use rand() properly since rand() was designed to give reproducible "randomness" and I definitly don't like this behavior here.
I could however use rand as a fallback when there's no /dev/urandom. But the seeding problem remains.

[dvlemplgk]

I forgot to mention that rand only returns [0..RAND_MAX] and RAND_MAX = 2147483647 (glibc), that's only 31 bits.

[dvlemplgk]

Can we agree on something here to move this pull request forward?

[mhei]

I vote for merging this PR as is: it improves the situation on "real OSes" 😃 and does not hurt on others...