Replaced RAND_bytes() and random() based $request_id
generation with SipHash-2-4. The previous implementation
used RAND_bytes() when built with OpenSSL, which is
50-100x slower than needed for a non-security identifier,
and fell back to random() which produces poor 128-bit
random numbers.
The new implementation calls SipHash twice with a secret
key and a monotonic counter, producing 128 bits with good
statistical distribution at a fraction of the cost.