From 6401870244333537a396fee20abe90cc1efc0861 Mon Sep 17 00:00:00 2001
From: Litrop <litrop@live.cn>
Date: Sat, 29 Apr 2023 10:12:39 +0000
Subject: [PATCH] ServerName is also used by StartTLS.

---
 internal/auth/ldap/ldap.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/internal/auth/ldap/ldap.go b/internal/auth/ldap/ldap.go
index acf5683d..04cfe9f9 100644
--- a/internal/auth/ldap/ldap.go
+++ b/internal/auth/ldap/ldap.go
@@ -147,8 +147,8 @@ func (a *Auth) newConn() (*ldap.Conn, error) {
 			return nil, fmt.Errorf("auth.ldap: invalid server URL: %w", err)
 		}
 		hostname := parsedURL.Host
+		a.tlsCfg.ServerName = strings.Split(hostname, ":")[0]
 		tlsCfg = a.tlsCfg.Clone()
-		a.tlsCfg.ServerName = hostname
 
 		conn, err = ldap.DialURL(u, ldap.DialWithDialer(a.dialer), ldap.DialWithTLSConfig(tlsCfg))
 		if err != nil {