tnnl 0.0.1

data/.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in tnnl.gemspec
+gemspec

data/LICENSE

@@ -0,0 +1,22 @@
+Copyright (c) 2012 David Stamm
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,61 @@
+# Tnnl
+
+Tnnl is a command-line utility for wrangling SSH tunnels.
+
+Unlike most SSH tunnel utilities I've come across, Tnnl will not clutter your 
+filesystem with a preferences YAML file. Instead it will try to make use of your 
+native SSH config (at `~/.ssh/config` for most folks).
+
+__This project is still in an early/alpha state. You have been warned. :)__
+
+## Usage
+
+### Open an SSH tunnel
+
+Open an SSH tunnel between local port 1234 and port 5678 on the remote host 
+`mysql.spatula.grommet`. If local port 1234 is unavailable, Tnnl will increment 
+by 1 until it finds an open port.
+
+    $ tnnl 1234:admin@mysql.spatula.grommet:3306
+
+You can omit the local port number, and Tnnl will try to use the same port for 
+the local and remote hosts.
+    
+    $ tnnl admin@mysql.spatula.grommet:3306
+    
+If you have defined a host alias in your SSH config, you can save yourself some 
+keystrokes by referencing that alias.
+
+    $ tnnl db:3306
+
+### Find and close open tunnels
+    
+Use `tnnl list` to list all open SSH tunnels that were created by Tnnl.
+
+    $ tnnl list
+    1. localhost:3307  ==>  mysql.spatula.grommet:3306
+    2. localhost:3000  ==>  123.45.67.89:3000
+    3. localhost:666   ==>  chunkybacon.gov:666
+
+You can use the index numbers referenced in `tnnl list` to close 1 or more 
+tunnels.
+
+    $ tnnl close 2
+    $ tnnl close 1 3
+
+Or close all tunnels created by Tnnl.
+
+    $ tnnl close all
+
+## Known Issues
+
+- The list feature relies on renaming processes via $0, which does not work 
+properly on Ruby 1.9.3-p0 on OS X. This appears to be an issue with this 
+particular build of Ruby on this platform 
+(https://groups.google.com/forum/#!topic/urug/zfmEGqjX47M). 1.9.3-p0 users on OS 
+X are encouraged to upgrade to a newer build.
+- Tnnl uses Net::SSH under the hood, and Net::SSH currently supports only a 
+subset of OpenSSH configuration options. The `StrictHostKeyChecking` preference 
+is not supported, so Tnnl errs on the safe side and prompts you to update 
+~/.ssh/known_hosts when a modified host key is detected. Feel free to open an 
+issue and/or submit a pull request if this is ruining your day.

data/Rakefile

@@ -0,0 +1,2 @@
+#!/usr/bin/env rake
+require "bundler/gem_tasks"

data/bin/tnnl

@@ -0,0 +1,7 @@
+#!/usr/bin/env ruby
+
+$:.unshift File.join(File.dirname(__FILE__), '..', 'lib')
+
+require 'tnnl'
+
+Tnnl::CLI.run!(ARGV)

data/lib/tnnl.rb

@@ -0,0 +1,6 @@
+require 'net/ssh'
+
+require 'tnnl/ssh'
+require 'tnnl/cli'
+require 'tnnl/process'
+require 'tnnl/version'

data/lib/tnnl/cli.rb

@@ -0,0 +1,145 @@
+module Tnnl
+  module CLI
+    class << self
+
+      # This is the entry-point for all command-line operations. It parses 
+      # arguments and delegates to the appropriate methods in Tnnl::CLI and 
+      # Tnnl::SSH.
+      def run!(args)
+        command = args.shift || 'help'
+
+        if command == 'help'
+          help
+        elsif command == 'list'
+          list
+        elsif command == 'close'
+          close(args)
+        elsif command.include? ':'
+          open(command)
+        else
+          help
+        end
+      end
+
+      def help
+        # Shamelessly stolen from https://github.com/holman/boom
+        puts %{
+          tnnl (v#{Tnnl::VERSION}) - a utility for managing SSH tunnels
+
+            tnnl [local-port]:[host]:[remote-port]
+              open an SSH tunnel between a port on localhost and port on a remote machine
+
+            tnnl list
+              print a numbered list of open SSH tunnels
+
+            tnnl close [num] [num...]
+              close 1 or more tunnels using the number(s) provided by list
+
+            tnnl close all
+              close all SSH tunnels opened by this program
+    
+            For more detailed documentation, please see:
+              https://github.com/whylom/tnnl
+        }.gsub(/^ {10}/, '') # strip the first 10 spaces of every line
+      end
+
+      # Display a numbered list of SSH tunnels opened by this utility.
+      def list
+        processes = Tnnl::Process.list
+        abort 'There are no SSH tunnels open at this time.' if processes.empty?
+
+        processes.each_with_index do |process,i|
+          puts "  #{i+1}. #{process}"
+        end
+      end
+
+      def close(args)
+        if args.first == 'all' && args.size == 1
+          Tnnl::Process.kill_all
+        elsif args.any?
+          Tnnl::Process.kill_several(*args.map(&:to_i))
+        else
+          abort "Usage:\n tnnl close all\n tnnl close [index] [index...]"
+        end
+      end
+
+      # Open an SSH tunnel. After parsing the user's command-input input, find
+      # the closest available local port. Rescue from common SSH errors, and 
+      # provide appropriate feedback to the user.
+      def open(connection)
+        host, user, local_port, remote_port = parse_connection(connection)
+        local_port = Tnnl::SSH.find_open_port(local_port)
+
+        puts "Opening SSH tunnel... "
+        Tnnl::SSH.open(host, user, local_port, remote_port)
+        puts "localhost:#{local_port}  ==>  #{user}@#{host}:#{remote_port}"
+
+      rescue Tnnl::SSH::HostNotFound
+        puts 'ERROR: could not resolve host'
+      rescue Tnnl::SSH::TimeoutError
+        puts 'ERROR: connection timed out'
+      rescue Tnnl::SSH::AuthenticationFailed
+        puts 'ERROR: authentication failed'
+      rescue Tnnl::SSH::HostKeyMismatch => e
+        handle_host_key_mismatch(e)
+      end
+
+      # Parses input from command-line and returns an array of SSH connection
+      # parameters suitable for passing to Tnnl::SSH.open. Raises ArgumentError
+      # if any of the required parameters are missing.
+      def parse_connection(connection)
+        parts = connection.split(':')
+
+        if parts.size == 3
+          # 1234:host:5678
+          local_port, host, remote_port = parts
+        elsif parts.size == 2
+          # host:5678
+          host, remote_port = parts
+          local_port = remote_port
+        end
+        
+        if host.include? '@'
+          # user@host:5678 -> parse manually
+          user, host = host.split('@')
+        else
+          # host:5678 -> look up user & actual hostname in local SSH config
+          config = Net::SSH.configuration_for(host)
+          
+          # TODO: Make this a custom exception handled by Tnnl::CLI.run!
+          abort "Could not find host '#{host}' in your SSH config." if config.empty?
+
+          user = config[:user]
+          host = config[:host_name]
+        end
+
+        parts = [host, user, local_port.to_i, remote_port.to_i]
+        raise ArgumentError if parts.any? { |a| a.nil? }
+
+        parts
+      end
+
+      # Prompt user to save the new host key in their known hosts file.
+      def handle_host_key_mismatch(error)
+        valid_responses = %w(y n)
+        response = nil
+        
+        while !valid_responses.include?(response)
+          puts "\nWARNING! The remote host key has changed."
+          puts "Someone could be eavesdropping on your SSH connection."
+          puts "It is also possible that the RSA host key has just been changed."
+
+          puts "\nThe fingerprint for the RSA key sent by the remote host is:"
+          puts error.fingerprint
+
+          print "\nAccept this new key in the known hosts file? (y/n): "
+          response = gets.strip.downcase
+        end
+
+        # Record this host and key in the known hosts file if the user wishes.
+        error.remember_host! if response == 'y'
+      end
+
+    end
+  end
+end

data/lib/tnnl/process.rb

@@ -0,0 +1,51 @@
+module Tnnl
+  class Process
+    attr_accessor :name, :pid
+
+    class << self  
+      # Returns an array of instances of Tnnl::Process representing each of the 
+      # currently open SSH tunnels created by Tnnl on this machine.
+      def list
+        # Grep the process list to get processes with "tnnl" somewhere in the 
+        # name. Format the output from ps for easier parsing.
+        list = `ps -eo pid,comm | grep tnnl`.split(/\n/)
+
+        # Transform each string into an instance of Tnnl::Process.
+        processes = list.map do |line|
+          pid, name = line.strip.split(' ')
+          self.new(pid, name)
+        end
+
+        # Remove any processes we might have found that don't conform to our 
+        # naming convention.
+        processes.select { |p| p.name =~ /^tnnl\[.*\]$/ }
+      end
+
+      def kill_several(*to_kill)
+        list.each_with_index do |process, i|
+          process.kill if to_kill.include?(i+1)
+        end
+      end
+
+      def kill_all
+        list.each(&:kill)
+      end
+    end
+
+
+    def initialize(pid, name)
+      @pid = pid.to_i
+      @name = name
+    end
+
+    def kill
+      ::Process.kill('INT', pid)
+    end
+
+    def to_s
+      metadata = name.scan(/\[(.*)\]/).last.first
+      local_port, host, remote_port = metadata.split(':')
+      "localhost:#{local_port}  ==>  #{host}:#{remote_port}"
+    end
+  end
+end

data/lib/tnnl/ssh.rb

@@ -0,0 +1,83 @@
+module Tnnl
+  module SSH
+
+    class HostNotFound         < SocketError                    ; end
+    class TimeoutError         < Timeout::Error                 ; end
+    class AuthenticationFailed < Net::SSH::AuthenticationFailed ; end
+
+    # Wraps & forwards method calls to an instance of Net::SSH::HostKeyMismatch
+    class HostKeyMismatch < Net::SSH::Exception
+      def initialize(error)
+        @error = error
+      end
+
+      def method_missing(method, *args)
+        @error.send(method, *args)
+      end
+    end
+
+
+
+    TIMEOUT = 15
+
+    class << self
+
+      # Returns an available port on localhost, starting with the provided port 
+      # and incrementing by 1 until a port is found.
+      def find_open_port(port)
+        while true
+          begin
+            # Attempt to bind to the requested port.
+            socket = Socket.new(Socket::Constants::AF_INET, Socket::Constants::SOCK_STREAM, 0)
+            sockaddr = Socket.pack_sockaddr_in(port, '127.0.0.1')
+            socket.bind(sockaddr)
+            
+            # If an exception wasn't raised, the current port is available.
+            # Close the socket now (so we can use the port for realsies) 
+            # and exit the loop by returning the port.
+            socket.close
+            return port
+          rescue Errno::EADDRINUSE
+            # If the current port is in use, increment by 1 and try again.
+            port += 1
+          end
+        end
+      end
+
+      # Opens an SSH tunnel from the specified local port, to the requested 
+      # remote host/port.
+      def open(host, user, local_port, remote_port)
+        # Impose an artificial timeout on establishing a connection to the 
+        # remote host.
+        Timeout.timeout(TIMEOUT) do
+          Net::SSH.start(host, user) do |ssh|
+            # Open an SSH tunnel.
+            ssh.forward.local(local_port, '127.0.0.1', remote_port)
+
+            # All of the exceptions we're ready to handle will have already 
+            # been caught prior to this.  Now we can safely fork a new process
+            # to keep the tunnel open.
+            fork do
+              # Rename the forked process so it can be easily located later.
+              $0 = "tnnl[#{local_port}:#{user}@#{host}:#{remote_port}]"
+
+              run = true
+              trap('INT') { run = false }
+              ssh.loop(0.1) { run }
+            end
+          end
+        end
+      rescue SocketError
+        raise Tnnl::SSH::HostNotFound
+      rescue Timeout::Error
+        raise Tnnl::SSH::TimeoutError
+      rescue Net::SSH::AuthenticationFailed
+        raise Tnnl::SSH::AuthenticationFailed
+      rescue Net::SSH::HostKeyMismatch => e
+        raise Tnnl::SSH::HostKeyMismatch.new(e)
+      end
+    
+    end
+
+  end
+end

data/lib/tnnl/version.rb

@@ -0,0 +1,3 @@
+module Tnnl
+  VERSION = '0.0.1'
+end

data/tnnl.gemspec

@@ -0,0 +1,19 @@
+# -*- encoding: utf-8 -*-
+require File.expand_path('../lib/tnnl/version', __FILE__)
+
+Gem::Specification.new do |gem|
+  gem.authors       = ['David Stamm']
+  gem.email         = ['whylom@gmail.com']
+  gem.description   = %q{A command-line utility for wrangling SSH tunnels.}
+  gem.summary       = %q{Tnnl is a command-line utility for wrangling SSH tunnels.}
+  gem.homepage      = 'https://github.com/whylom/tnnl'
+
+  gem.files         = `git ls-files`.split($\)
+  gem.executables   = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
+  gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
+  gem.name          = 'tnnl'
+  gem.require_paths = ['lib']
+  gem.version       = Tnnl::VERSION
+
+  gem.add_dependency 'net-ssh', '~> 2.3.0'
+end

metadata

@@ -0,0 +1,69 @@
+--- !ruby/object:Gem::Specification
+name: tnnl
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+  prerelease: 
+platform: ruby
+authors:
+- David Stamm
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2012-04-24 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: net-ssh
+  requirement: &70332409473040 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 2.3.0
+  type: :runtime
+  prerelease: false
+  version_requirements: *70332409473040
+description: A command-line utility for wrangling SSH tunnels.
+email:
+- whylom@gmail.com
+executables:
+- tnnl
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- bin/tnnl
+- lib/tnnl.rb
+- lib/tnnl/cli.rb
+- lib/tnnl/process.rb
+- lib/tnnl/ssh.rb
+- lib/tnnl/version.rb
+- tnnl.gemspec
+homepage: https://github.com/whylom/tnnl
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.11
+signing_key: 
+specification_version: 3
+summary: Tnnl is a command-line utility for wrangling SSH tunnels.
+test_files: []