Remove phpass and migrate to new Hasher interface

This PR removes phpass and migrates to the new Hasher interface.

Please notice that due to https://github.com/owncloud/core/issues/10671 old hashes are not updated but the hashes are backwards compatible so this shouldn't hurt.
Once the sharing classes have a possibility to update the passwords of single shares those methods should be used within the newHash if block.

2 files changed, 2 insertions, 5 deletions

diff --git a/lib/base.php b/lib/base.php
index d365a4a306f..d7e4c379dbd 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -464,8 +464,7 @@ class OC {
 		// setup 3rdparty autoloader
 		$vendorAutoLoad = OC::$THIRDPARTYROOT . '/3rdparty/autoload.php';
 		if (file_exists($vendorAutoLoad)) {
-			$loader = require_once $vendorAutoLoad;
-			$loader->add('PasswordHash', OC::$THIRDPARTYROOT . '/3rdparty/phpass');
+			require_once $vendorAutoLoad;
 		} else {
 			OC_Response::setStatus(OC_Response::STATUS_SERVICE_UNAVAILABLE);
 			OC_Template::printErrorPage('Composer autoloader not found, unable to continue.');
diff --git a/lib/private/share/share.php b/lib/private/share/share.php
index b7b05dab8ef..0cd715c6dd1 100644
--- a/lib/private/share/share.php
+++ b/lib/private/share/share.php
@@ -627,9 +627,7 @@ class Share extends \OC\Share\Constants {
 
 				// Generate hash of password - same method as user passwords
 				if (!empty($shareWith)) {
-					$forcePortable = (CRYPT_BLOWFISH != 1);
-					$hasher = new \PasswordHash(8, $forcePortable);
-					$shareWith = $hasher->HashPassword($shareWith.\OC_Config::getValue('passwordsalt', ''));
+					$shareWith = \OC::$server->getHasher()->hash($shareWith);
 				} else {
 					// reuse the already set password, but only if we change permissions
 					// otherwise the user disabled the password protection