169c3a
diff -up openssl-1.0.1e/doc/ssl/SSL_COMP_add_compression_method.pod.env-zlib openssl-1.0.1e/doc/ssl/SSL_COMP_add_compression_method.pod
169c3a
--- openssl-1.0.1e/doc/ssl/SSL_COMP_add_compression_method.pod.env-zlib	2013-02-11 16:02:48.000000000 +0100
169c3a
+++ openssl-1.0.1e/doc/ssl/SSL_COMP_add_compression_method.pod	2013-02-19 16:32:51.000000000 +0100
169c3a
@@ -47,6 +47,13 @@ Once the identities of the compression m
169c3a
 been standardized, the compression API will most likely be changed. Using
169c3a
 it in the current state is not recommended.
169c3a
 
169c3a
+It is also not recommended to use compression if data transfered contain
169c3a
+untrusted parts that can be manipulated by an attacker as he could then
169c3a
+get information about the encrypted data. See the CRIME attack. For
169c3a
+that reason the default loading of the zlib compression method is
169c3a
+disabled and enabled only if the environment variable B<openssl_default_zlib>
169c3a
+is present during the library initialization.
169c3a
+
169c3a
 =head1 RETURN VALUES
169c3a
 
169c3a
 SSL_COMP_add_compression_method() may return the following values:
169c3a
diff -up openssl-1.0.1e/ssl/ssl_ciph.c.env-zlib openssl-1.0.1e/ssl/ssl_ciph.c
169c3a
--- openssl-1.0.1e/ssl/ssl_ciph.c.env-zlib	2013-02-11 16:26:04.000000000 +0100
169c3a
+++ openssl-1.0.1e/ssl/ssl_ciph.c	2013-02-19 16:37:36.163545085 +0100
04b41a
@@ -455,7 +455,7 @@ static void load_builtin_compressions(vo
169c3a
 
169c3a
 			MemCheck_off();
169c3a
 			ssl_comp_methods=sk_SSL_COMP_new(sk_comp_cmp);
169c3a
-			if (ssl_comp_methods != NULL)
04b41a
+			if (ssl_comp_methods != NULL && __secure_getenv("OPENSSL_DEFAULT_ZLIB") != NULL)
169c3a
 				{
169c3a
 				comp=(SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP));
169c3a
 				if (comp != NULL)