Use salted SHA passwords for LDAP

They are believed to be the most secure password storage scheme
supported by slapd. See:
https://www.openldap.org/doc/admin24/security.html#SSHA%20password%20storage%20scheme
diff --git a/ldap.php b/ldap.php
index dcc2e46..c323324 100755
--- a/ldap.php
+++ b/ldap.php
@@ -158,7 +158,9 @@
 
         if ($ENCRYPT_PASSWORDS) {
                 # $newEntry = ['userPassword' => "{crypt}" . crypt($new_password, '$6$' . generateSalt(10) . '$')];
-                $newEntry = ['userPassword' => "{SHA}" .  base64_encode(sha1($new_password, true))];
+                # $newEntry = ['userPassword' => "{SHA}" .  base64_encode(sha1($new_password, true))];
+                $salt = generateSalt(10);
+                $newEntry = ['userPassword' => "{SSHA}" . base64_encode( sha1( $new_password . $salt, true) . $salt )];
         } else {
                 $newEntry = ['userPassword' => "{CLEAR}" .  $new_password];
         }