Replaced random() with arc4random().

mastoapi.c

@@ -21,10 +21,10 @@ static xs_str *random_str(void)
         fclose(f);
     }
     else {
-        data[0] = random() % 0xffffffff;
-        data[1] = random() % 0xffffffff;
-        data[2] = random() % 0xffffffff;
-        data[3] = random() % 0xffffffff;
+        data[0] = arc4random();
+        data[1] = arc4random();
+        data[2] = arc4random();
+        data[3] = arc4random();
     }
 
     return xs_hex_enc((char *)data, sizeof(data));

snac.c

@@ -123,7 +123,7 @@ d_char *hash_password(const char *uid, const char *passwd, const char *nonce)
     xs *hash;
 
     if (nonce == NULL) {
-        d_nonce = xs_fmt("%08x", random());
+        d_nonce = xs_fmt("%08x", arc4random());
         nonce = d_nonce;
     }
 

utils.c

@@ -198,10 +198,9 @@ void new_password(const char *uid, d_char **clear_pwd, d_char **hashed_pwd)
 {
     int rndbuf[3];
 
-    srandom(time(NULL) ^ getpid());
-    rndbuf[0] = random() & 0xffffffff;
-    rndbuf[1] = random() & 0xffffffff;
-    rndbuf[2] = random() & 0xffffffff;
+    rndbuf[0] = arc4random();
+    rndbuf[1] = arc4random();
+    rndbuf[2] = arc4random();
 
     *clear_pwd  = xs_base64_enc((char *)rndbuf, sizeof(rndbuf));
     *hashed_pwd = hash_password(uid, *clear_pwd, NULL);