Index: modules/user/user.module
===================================================================
RCS file: /Users/Shared/code/drupal/modules/user/user.module,v
retrieving revision 1.907
diff -u -p -r1.907 user.module
--- modules/user/user.module	7 May 2008 19:34:24 -0000	1.907
+++ modules/user/user.module	17 May 2008 03:40:29 -0000
@@ -215,8 +215,8 @@ function user_save($account, $array = ar
 
   if (!empty($array['pass'])) {
     // Allow alternate password hashing schemes.
-    require_once variable_get('password_inc', './includes/password.inc');
-    $array['pass'] = user_hash_password(trim($array['pass']));
+    $base = variable_get('password_base', 'user');
+    $array['pass'] = module_invoke($base, 'hash_password', trim($array['pass']));
     // Abort if the hashing failed and returned FALSE.
     if (!$array['pass']) {
       return FALSE;
@@ -1290,10 +1290,10 @@ function user_authenticate($form_values 
     $account = db_fetch_object(db_query("SELECT * FROM {users} WHERE name = '%s' AND status = 1", $form_values['name']));
     if ($account) {
       // Allow alternate password hashing schemes.
-      require_once variable_get('password_inc', './includes/password.inc');
-      if (user_check_password($password, $account)) {
-        if (user_needs_new_hash($account)) {
-           $new_hash = user_hash_password($password);
+      $base = variable_get('password_base', 'user');
+      if (module_invoke($base, 'check_password', $password, $account)) {
+        if (module_invoke($base, 'needs_new_hash', $account)) {
+           $new_hash = module_invoke($base, 'hash_password', $password);
            if ($new_hash) {
              db_query("UPDATE {users} SET pass = '%s' WHERE uid = %d", $new_hash, $account->uid);
            }