1 files changed, 13 insertions, 5 deletions

diff --git a/lib/curl_schannel.c b/lib/curl_schannel.c
index ef6b1adb0..8cb3af80f 100644
--- a/lib/curl_schannel.c
+++ b/lib/curl_schannel.c
@@ -156,14 +156,22 @@ schannel_connect_step1(struct connectdata *conn, int sockindex)
       infof(data, "schannel: disable server certificate revocation checks\n");
     }
 
-    if(Curl_inet_pton(AF_INET, conn->host.name, &addr) ||
+    if(Curl_inet_pton(AF_INET, conn->host.name, &addr)
 #ifdef ENABLE_IPV6
-       Curl_inet_pton(AF_INET6, conn->host.name, &addr6) ||
+       || Curl_inet_pton(AF_INET6, conn->host.name, &addr6)
 #endif
-       !data->set.ssl.verifyhost) {
+      ) {
       schannel_cred.dwFlags |= SCH_CRED_NO_SERVERNAME_CHECK;
-      infof(data, "schannel: using IP address, disable SNI servername "
-            "check\n");
+      infof(data, "schannel: using IP address, SNI is being disabled by "
+                  "disabling the servername check against the "
+                  "subject names in server certificates.\n");
+    }
+
+    if(!data->set.ssl.verifyhost) {
+      schannel_cred.dwFlags |= SCH_CRED_NO_SERVERNAME_CHECK;
+      infof(data, "schannel: verifyhost setting prevents Schannel from "
+                  "comparing the supplied target name with the subject "
+                  "names in server certificates. Also disables SNI.\n");
     }
 
     switch(data->set.ssl.version) {