block/ssh: add support for sha256 host key fingerprints

Currently the SSH block driver supports MD5 and SHA1 for host key fingerprints. This is a cryptographically sensitive operation and so these hash algorithms are inadequate by modern standards. This adds support for SHA256 which has been supported in libssh since the 0.8.1 release. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20210622115156.138458-1-berrange@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Acked-by: Richard W.M. Jones <rjones@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
author: Daniel P. Berrangé <berrange@redhat.com> 2021-06-22 12:51:56 +0100
committer: Kevin Wolf <kwolf@redhat.com> 2021-06-30 12:45:32 +0200
commit: bf783261f0aee6e81af3916bff7606d71ccdc153 (patch)
tree: 5759aec7d24a5cfa48ecf27830ac60c7bd461f8c /qapi
parent: 7170170866f74f3ee9e3a143c959c97c2bc5897e (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/qapi/block-core.json b/qapi/block-core.json
index a54f37dbef..3114ba69bb 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
@@ -3190,11 +3190,12 @@
 #
 # @md5: The given hash is an md5 hash
 # @sha1: The given hash is an sha1 hash
+# @sha256: The given hash is an sha256 hash
 #
 # Since: 2.12
 ##
 { 'enum': 'SshHostKeyCheckHashType',
-  'data': [ 'md5', 'sha1' ] }
+  'data': [ 'md5', 'sha1', 'sha256' ] }
 
 ##
 # @SshHostKeyHash:
author	Daniel P. Berrangé <berrange@redhat.com>	2021-06-22 12:51:56 +0100
committer	Kevin Wolf <kwolf@redhat.com>	2021-06-30 12:45:32 +0200
commit	bf783261f0aee6e81af3916bff7606d71ccdc153 (patch)
tree	5759aec7d24a5cfa48ecf27830ac60c7bd461f8c /qapi
parent	7170170866f74f3ee9e3a143c959c97c2bc5897e (diff)