- Added DEFLATE compression support as per RFC3749 (requires zlib)

diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h
index 1d7e7fd..40a57a7 100644
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h
@@ -43,6 +43,10 @@
 #include "pkcs11.h"
 #endif
 
+#if defined(POLARSSL_ZLIB_SUPPORT)
+#include "zlib.h"
+#endif
+
 #if defined(_MSC_VER) && !defined(inline)
 #define inline _inline
 #else
@@ -86,6 +90,7 @@
 #define POLARSSL_ERR_SSL_MALLOC_FAILED                     -0x7F00  /**< Memory allocation failed */
 #define POLARSSL_ERR_SSL_HW_ACCEL_FAILED                   -0x7F80  /**< Hardware acceleration function returned with error */
 #define POLARSSL_ERR_SSL_HW_ACCEL_FALLTHROUGH              -0x6F80  /**< Hardware acceleration function skipped / left alone data */
+#define POLARSSL_ERR_SSL_COMPRESSION_FAILED                -0x6F00  /**< Processing of the compression / decompression failed */
 
 /*
  * Various constants
@@ -99,6 +104,7 @@
 #define SSL_IS_CLIENT                   0
 #define SSL_IS_SERVER                   1
 #define SSL_COMPRESS_NULL               0
+#define SSL_COMPRESS_DEFLATE            1
 
 #define SSL_VERIFY_NONE                 0
 #define SSL_VERIFY_OPTIONAL             1
@@ -108,9 +114,17 @@
 
 /*
  * Allow an extra 512 bytes for the record header
- * and encryption overhead (counter + MAC + padding).
+ * and encryption overhead (counter + MAC + padding)
+ * and allow for a maximum of 1024 of compression expansion if
+ * enabled.
  */
-#define SSL_BUFFER_LEN (SSL_MAX_CONTENT_LEN + 512)
+#if defined(POLARSSL_ZLIB_SUPPORT)
+#define SSL_COMPRESSION_ADD          1024
+#else
+#define SSL_COMPRESSION_ADD             0
+#endif
+
+#define SSL_BUFFER_LEN (SSL_MAX_CONTENT_LEN + SSL_COMPRESSION_ADD + 512)
 
 /*
  * Supported ciphersuites
@@ -253,6 +267,7 @@
 {
     time_t start;               /*!< starting time      */
     int ciphersuite;            /*!< chosen ciphersuite */
+    int compression;            /*!< chosen compression */
     size_t length;              /*!< session id length  */
     unsigned char id[32];       /*!< session identifier */
     unsigned char master[48];   /*!< the master secret  */
@@ -374,6 +389,11 @@
     unsigned long ctx_enc[134];         /*!<  encryption context      */
     unsigned long ctx_dec[134];         /*!<  decryption context      */
 
+#if defined(POLARSSL_ZLIB_SUPPORT)
+    z_stream ctx_deflate;               /*!<  compression context     */
+    z_stream ctx_inflate;               /*!<  decompression context   */
+#endif
+
     /*
      * TLS extensions
      */
@@ -445,8 +465,10 @@
  *                 pointers and data.
  *
  * \param ssl      SSL context
+ * \return         0 if successful, or POLARSSL_ERR_SSL_HW_ACCEL_FAILED or
+ *                 POLARSSL_ERR_SSL_COMPRESSION_FAILED
  */
-void ssl_session_reset( ssl_context *ssl );
+int ssl_session_reset( ssl_context *ssl );
 
 /**
  * \brief          Set the current endpoint type