K 10
svn:author
V 4
kris
K 8
svn:date
V 27
2000-10-09T06:08:00.000000Z
K 7
svn:log
V 391
String buffer safety cleanup. I don't think any of these were exploitable
remotely, but they would be if e.g. it happened to call the logging
function using a DNS hostname.

Also replace random() by arc4random() - only one of these is arguably
required since it's directly used in the protocol, but we might as
well replace both to avoid using two different PRNGs.

Reviewed by:	green, alex

END