Use "multihash" for data download validation

When the Glance "multihash" is available on an image, the
glanceclient should use it instead of MD5 to validate data
downloads.  For cases in which the multihash specifies an
algorithm not available to the client, an option is added
to the image-download command that will allow fallback to
the legacy MD5 checksum verification.

Change-Id: I4ee6e5071eca08d3bbedceda2acc170e7ed21a6b
Closes-bug: #1788323

glanceclient/v2/shell.py

@@ -490,6 +490,17 @@ def do_stores_info(gc, args):
         utils.print_dict(stores_info)
 
 
+@utils.arg('--allow-md5-fallback', action='store_true',
+           default=utils.env('OS_IMAGE_ALLOW_MD5_FALLBACK', default=False),
+           help=_('If os_hash_algo and os_hash_value properties are available '
+                  'on the image, they will be used to validate the downloaded '
+                  'image data. If the indicated secure hash algorithm is not '
+                  'available on the client, the download will fail. Use this '
+                  'flag to indicate that in such a case the legacy MD5 image '
+                  'checksum should be used to validate the downloaded data. '
+                  'You can also set the enviroment variable '
+                  'OS_IMAGE_ALLOW_MD5_FALLBACK to any value to activate this '
+                  'option.'))
 @utils.arg('--file', metavar='<FILE>',
            help=_('Local file to save downloaded image data to. '
                   'If this is not specified and there is no redirection '
@@ -506,7 +517,8 @@ def do_image_download(gc, args):
         utils.exit(msg)
 
     try:
-        body = gc.images.data(args.id)
+        body = gc.images.data(args.id,
+                              allow_md5_fallback=args.allow_md5_fallback)
     except (exc.HTTPForbidden, exc.HTTPException) as e:
         msg = "Unable to download image '%s'. (%s)" % (args.id, e)
         utils.exit(msg)