Generate better Acct-Session-Id

[Jouni Malinen]

On Thu, Jun 04, 2015 at 06:38:41PM -0400, Alan DeKok wrote:
>     The current code generates Acct-Session-Id based on the current time.  However, some systems without real-time clocks always have the same time when they boot.  So the Acct-Session-Id values were getting re-used.
> 
>   The patch uses os_get_random(), or if that fails, the does an exclusive-or of the time in seconds and microseconds.  There microseconds are likely to vary somewhat, even on systems with no real-time clock.

Thanks, applied. Though, I made this XOR microseconds part in even for
the random value case. Obviously, this should not be needed with a
proper random number, but well, there are likely still some embedded
devices, where /dev/random is broken and only a small set of different
values may be available early after the boot and with that file not even
blocking reads properly..

-- 
Jouni Malinen                                            PGP id EFC895FA