Merge pull request #12226 from owncloud/remove-phpass

Remove phpass and migrate to new Hasher interface

2 files changed, 2 insertions, 5 deletions

diff --git a/lib/base.php b/lib/base.php
index c97c158a1fb..9353de5588a 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -464,8 +464,7 @@ class OC {
 		// setup 3rdparty autoloader
 		$vendorAutoLoad = OC::$THIRDPARTYROOT . '/3rdparty/autoload.php';
 		if (file_exists($vendorAutoLoad)) {
-			$loader = require_once $vendorAutoLoad;
-			$loader->add('PasswordHash', OC::$THIRDPARTYROOT . '/3rdparty/phpass');
+			require_once $vendorAutoLoad;
 		} else {
 			OC_Response::setStatus(OC_Response::STATUS_SERVICE_UNAVAILABLE);
 			OC_Template::printErrorPage('Composer autoloader not found, unable to continue.');
diff --git a/lib/private/share/share.php b/lib/private/share/share.php
index cd5decf6f71..a8febc9aca7 100644
--- a/lib/private/share/share.php
+++ b/lib/private/share/share.php
@@ -633,9 +633,7 @@ class Share extends \OC\Share\Constants {
 
 				// Generate hash of password - same method as user passwords
 				if (!empty($shareWith)) {
-					$forcePortable = (CRYPT_BLOWFISH != 1);
-					$hasher = new \PasswordHash(8, $forcePortable);
-					$shareWith = $hasher->HashPassword($shareWith.\OC_Config::getValue('passwordsalt', ''));
+					$shareWith = \OC::$server->getHasher()->hash($shareWith);
 				} else {
 					// reuse the already set password, but only if we change permissions
 					// otherwise the user disabled the password protection