Use sha256 for the challenge response.

sha1 is broken and should no longer be used. This commit introduces
the new server feature "sha256". It is announced during the handshake
with the client. The client code is patched to detect whether the
server supports the feature and uses sha256 if it does.

This change is backwards compatible. That is, old clients can still
connect to a new server (using sha1). Also new clients can connect
to an old server (and also use sha1 in this case).