Although faked DNS replies are not too severe (other layers need to ensure that the correct service is accessed) we should make sure that at least srandom() is once used in dirmngr to make random() output an not easy to guess stream of integers.

Given the somewhat complicated way to use a portable random function in dns.c it might actually be easier to use gcry_create_nonce here. But that one is slower.

Reported-by: David Nyström