We now use a lot more data for generating the session id which is fed to a hash
to make it impossible to attack specific parts of the input.
Also we now retry generating a new session id in the (improbable) case of
collision with an existing session id.
Thanks a lot to cnu for pointing out the weakness in the old code by stealing my
session cookie, you evil hacker!
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1819 726aef4b-f618-498e-8847-2d620e286838
psychon