As per "Network Security with OpenSSL":
my $ctx = Net::SSLeay::CTX_new()
my $ssl1 = Net::SSLeay::new($ctx);
my $session = Net::SSLeay::get1_session( $ssl1 );
Net::SSLeay::set_fd($ssl1, $fileno1);
Net::SSLeay::connect($ssl1);
my $ssl2 = Net::SSLeay::new($ctx);
Net::SSLeay::set_session( $ssl2, $session );
Net::SSLeay::set_fd($ssl1, $fileno1);
Net::SSLeay::connect($ssl1);
When called, get1_session() increases the reference count of the $session structure so that it is not lost when $ssl1 is discarded. This function is missing from Net::SSLeay, you need to add it yourself to SSLeay.xs (use the prototype for get_session) and recompile.
To test your SSL session performance, create a fake SSL server:
<VirtualHost 127.0.0.1:443>
SSLEngine on
SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key
SSLCACertificatePath /etc/httpd/conf/ssl.crt
SSLCACertificateFile /etc/httpd/conf/ssl.crt/ca-bundle.crt
SSLLogLevel trace
SSLLog logs/ssl-log
</VirtualHost>
This will create a trace for you, point IE 6.0 to the web server and observe how multiple requests and refreshes behave in terms of keep-alive and ssl-sessions. Then try the same with your script. It should look like this:
[03/Jul/2004 23:58:52 04343] [trace] Inter-Process Session Cache: request=SET status=OK id=1234 timeout=299s
[03/Jul/2004 23:58:52 04342] [trace] Inter-Process Session Cache: request=GET status=FOUND id=1234
This is one OK entry for the first connection and then one FOUND entry for the second connection. If you get two OK entries, you are not reusing your sessions.