This is similar to CONC-413.
Support for server certificate verification against subjectAltName (SAN) fields was added in the following Jira issues:
However, I noticed that clients don't necessarily check the server's IP address against the subjectAltName (SAN) fields in the certificate. They only check mysql->host, which can be a host name or an IP address. If the user specifies the server's host as a host name, then I don't believe that the client will verify the certificate using the server's IP address.
Could the IP address of the remote server be fetched in ssl_verify_server_cert() with the socket_remoteN functions by passing vio_fd(vio)?