rpc: prefer SHA256 host key fingerprint with new libssh

The host key fingerprint for SSH servers is used in a scenario where
cryptographic strength is important. We should thus be defaulting to
use of SHA256 where available. We only need SHA1 for Ubuntu 18.04
which does not have libssh >= 0.8.1

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

diff --git a/src/rpc/virnetlibsshsession.c b/src/rpc/virnetlibsshsession.c
index 50ace5f41d887ff91daa389b7dfc9c41531a345f..22d54c99beb690e3a7782e00995d66a999695457 100644 (file)
--- a/src/rpc/virnetlibsshsession.c
+++ b/src/rpc/virnetlibsshsession.c
@@ -39,6 +39,12 @@ VIR_LOG_INIT("rpc.netlibsshsession");
 
 #define VIR_NET_LIBSSH_BUFFER_SIZE  1024
 
+#if LIBSSH_VERSION_INT < SSH_VERSION_INT(0, 8, 1)
+# define VIR_SSH_HOSTKEY_HASH SSH_PUBLICKEY_HASH_SHA1
+#else
+# define VIR_SSH_HOSTKEY_HASH SSH_PUBLICKEY_HASH_SHA256
+#endif
+
 /* TRACE_LIBSSH=<level> enables tracing in libssh itself.
  * The meaning of <level> is described here:
  * https://api.libssh.org/master/group__libssh__log.html
@@ -203,9 +209,10 @@ virLibsshServerKeyAsString(virNetLibsshSession *sess)
         return NULL;
     }
 
-    /* calculate remote key hash, using SHA1 algorithm that is
-     * usual in OpenSSH. The returned value must be freed */
-    ret = ssh_get_publickey_hash(key, SSH_PUBLICKEY_HASH_SHA1,
+    /* calculate remote key hash, using SHA256 algorithm that is
+     * the default in modern OpenSSH, fallback to SHA1 for older
+     * libssh. The returned value must be freed */
+    ret = ssh_get_publickey_hash(key, VIR_SSH_HOSTKEY_HASH,
                                  &keyhash, &keyhashlen);
     ssh_key_free(key);
     if (ret < 0) {