fix: stabilize rk3588 wifi provisioning
This commit is contained in:
298
lib/network.js
298
lib/network.js
@@ -10,6 +10,7 @@ const AP_IP = '10.42.0.1';
|
||||
const AP_PASSWORD = '12345678';
|
||||
const AP_IFACE = process.env.CLAWD_WIFI_IFACE || '';
|
||||
const CON_NAME = 'clawd-hotspot';
|
||||
const AP_RETRY_TOKEN_FILE = '/run/clawd-ap-retry.token';
|
||||
|
||||
/** 产品 RJ45 在 sysfs 中的默认名;等价于检测 `cat /sys/class/net/end0/carrier` */
|
||||
const DEFAULT_ETH_IFACE = 'end0';
|
||||
@@ -92,28 +93,15 @@ function hasLanCableCarrier() {
|
||||
return hasWiredCarrier();
|
||||
}
|
||||
|
||||
function _tryPingInternet() {
|
||||
function _tryPingDefaultInternet() {
|
||||
try {
|
||||
run('ping -c 1 -W 3 8.8.8.8');
|
||||
return true;
|
||||
} catch (_) {}
|
||||
|
||||
// 开热点时默认路由可能走 wlan,无 -I 的 ping 会误判;指定有线口再试
|
||||
const wired = getWiredIfaceWithCarrier();
|
||||
if (wired) {
|
||||
try {
|
||||
run(`ping -c 1 -W 3 -I ${wired} 8.8.8.8`);
|
||||
return true;
|
||||
} catch (_) {}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* 仅经有线口 ping 公网(不依赖默认路由)。
|
||||
* AP 开启时 hasInternet() 易误判;维持 WS / 网络监视时用此兜底。
|
||||
*/
|
||||
function hasWiredInternetProbe() {
|
||||
function _tryPingWiredInternet() {
|
||||
const wired = getWiredIfaceWithCarrier();
|
||||
if (!wired) return false;
|
||||
try {
|
||||
@@ -124,18 +112,31 @@ function hasWiredInternetProbe() {
|
||||
}
|
||||
|
||||
/**
|
||||
* 检测是否有互联网连接(nmcli 连通性 + ping 兜底)
|
||||
* 仅经有线口 ping 公网(不依赖默认路由)。
|
||||
*/
|
||||
function hasWiredInternetProbe() {
|
||||
return _tryPingWiredInternet();
|
||||
}
|
||||
|
||||
/**
|
||||
* 检测是否有真实互联网连接。
|
||||
* 注意:NetworkManager 的 limited/local 可能只是 AP 本地网络或 captive 状态,不能当公网可用。
|
||||
*/
|
||||
function hasInternet() {
|
||||
const wifiSta = isWifiStaConnected();
|
||||
const wired = getWiredIfaceWithCarrier();
|
||||
|
||||
// 物理层快检:无 WiFi STA 且无任何有线 carrier → 立即 false(nmcli 有缓存,不可信)
|
||||
if (!isWifiStaConnected() && !hasWiredCarrier()) return false;
|
||||
if (!wifiSta && !wired) return false;
|
||||
|
||||
try {
|
||||
const out = run('nmcli networking connectivity check').trim();
|
||||
if (out === 'full' || out === 'limited') return true;
|
||||
if (out === 'full') return true;
|
||||
} catch (_) {}
|
||||
|
||||
return _tryPingInternet();
|
||||
if (wifiSta) return _tryPingDefaultInternet();
|
||||
if (wired) return _tryPingWiredInternet();
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -265,6 +266,7 @@ function nmcliAsync(args, timeoutMs = 60000) {
|
||||
* @returns {Promise<{ success: boolean, error?: string }>}
|
||||
*/
|
||||
async function connectWifi(ssid, password) {
|
||||
cancelHotspotRadioRetry(`准备连接 WiFi: ${ssid}`);
|
||||
const iface = getWifiIface();
|
||||
log.info('network', `尝试连接 WiFi: ${ssid}(ifname=${iface})`);
|
||||
try {
|
||||
@@ -272,14 +274,36 @@ async function connectWifi(ssid, password) {
|
||||
await nmcliAsync(['connection', 'delete', ssid], 15000);
|
||||
} catch (_) {}
|
||||
|
||||
try {
|
||||
await nmcliAsync(['device', 'set', iface, 'managed', 'yes'], 8000);
|
||||
} catch (_) {}
|
||||
await _resetWifiRadioForSTA(iface);
|
||||
|
||||
const args = ['device', 'wifi', 'connect', ssid];
|
||||
if (password) args.push('password', password);
|
||||
args.push('ifname', iface);
|
||||
await nmcliAsync(args, 120000);
|
||||
if (password) {
|
||||
// 显式创建 STA profile,并固定为 WPA2-PSK only。
|
||||
// RK3588/Broadcom DHD 对 NetworkManager 默认生成的 SAE/FT/WPA-PSK-SHA256 混合参数不稳定,
|
||||
// 可能表现为一直 associating -> disconnected,最后误报“需要密钥”。
|
||||
await nmcliAsync([
|
||||
'connection', 'add',
|
||||
'type', 'wifi',
|
||||
'ifname', iface,
|
||||
'con-name', ssid,
|
||||
'ssid', ssid,
|
||||
], 15000);
|
||||
|
||||
await nmcliAsync([
|
||||
'connection', 'modify', ssid,
|
||||
// 连接成功前先禁止自动连接,避免失败恢复 AP 时 NM 又自动抢占 wlan0。
|
||||
'connection.autoconnect', 'no',
|
||||
'802-11-wireless-security.key-mgmt', 'wpa-psk',
|
||||
'802-11-wireless-security.proto', 'rsn',
|
||||
'802-11-wireless-security.pairwise', 'ccmp',
|
||||
'802-11-wireless-security.group', 'ccmp',
|
||||
'802-11-wireless-security.pmf', 'disable',
|
||||
'802-11-wireless-security.psk', password,
|
||||
], 15000);
|
||||
|
||||
await nmcliAsync(['connection', 'up', 'id', ssid, 'ifname', iface], 120000);
|
||||
} else {
|
||||
await nmcliAsync(['device', 'wifi', 'connect', ssid, 'ifname', iface], 120000);
|
||||
}
|
||||
await _ensureActiveWifiAutoconnect();
|
||||
|
||||
const deadline = Date.now() + CONNECT_WIFI_STA_WAIT_MS;
|
||||
@@ -299,11 +323,201 @@ async function connectWifi(ssid, password) {
|
||||
}
|
||||
return { success: false, error: '超时:网卡未进入已连接状态' };
|
||||
} catch (e) {
|
||||
try { await nmcliAsync(['connection', 'modify', ssid, 'connection.autoconnect', 'no'], 8000); } catch (_) {}
|
||||
log.error('network', `WiFi 连接失败: ${e.message}`);
|
||||
return { success: false, error: e.message };
|
||||
}
|
||||
}
|
||||
|
||||
function _newHotspotRetryToken() {
|
||||
const token = `${process.pid}:${Date.now()}:${Math.random().toString(36).slice(2)}`;
|
||||
try {
|
||||
fs.writeFileSync(AP_RETRY_TOKEN_FILE, token, { mode: 0o600 });
|
||||
} catch (e) {
|
||||
log.warn('network', `写入 AP retry token 失败: ${e.message}`);
|
||||
}
|
||||
return token;
|
||||
}
|
||||
|
||||
function cancelHotspotRadioRetry(reason = 'cancel') {
|
||||
try {
|
||||
fs.unlinkSync(AP_RETRY_TOKEN_FILE);
|
||||
log.info('network', `已取消后台 AP retry: ${reason}`);
|
||||
} catch (_) {}
|
||||
}
|
||||
|
||||
async function _resetWifiRadioForSTA(iface, reason = '准备连接 STA 前重置 WiFi radio') {
|
||||
log.warn('network', `${reason}: ${iface}`);
|
||||
|
||||
try { await nmcliAsync(['connection', 'down', CON_NAME], 8000); } catch (_) {}
|
||||
try { await nmcliAsync(['connection', 'delete', CON_NAME], 8000); } catch (_) {}
|
||||
try { await nmcliAsync(['device', 'disconnect', iface], 8000); } catch (_) {}
|
||||
|
||||
try {
|
||||
await nmcliAsync(['radio', 'wifi', 'off'], 10000);
|
||||
} catch (e) {
|
||||
log.warn('network', `关闭 WiFi radio 失败: ${e.message}`);
|
||||
}
|
||||
|
||||
await _delay(2500);
|
||||
|
||||
try {
|
||||
await nmcliAsync(['radio', 'wifi', 'on'], 10000);
|
||||
} catch (e) {
|
||||
log.warn('network', `开启 WiFi radio 失败: ${e.message}`);
|
||||
}
|
||||
|
||||
await _delay(5000);
|
||||
try { await nmcliAsync(['device', 'set', iface, 'managed', 'yes'], 8000); } catch (_) {}
|
||||
try { await nmcliAsync(['device', 'wifi', 'rescan', 'ifname', iface], 15000); } catch (_) {}
|
||||
await _delay(1500);
|
||||
}
|
||||
|
||||
function _resetWifiRadioForAP(iface, reason = '准备 AP 前重置 WiFi radio') {
|
||||
log.warn('network', `${reason}: ${iface}`);
|
||||
|
||||
try { nmcliSync(['connection', 'down', CON_NAME], 8000); } catch (_) {}
|
||||
try { nmcliSync(['connection', 'delete', CON_NAME], 8000); } catch (_) {}
|
||||
try { nmcliSync(['device', 'disconnect', iface], 8000); } catch (_) {}
|
||||
|
||||
try {
|
||||
nmcliSync(['radio', 'wifi', 'off'], 10000);
|
||||
} catch (e) {
|
||||
log.warn('network', `关闭 WiFi radio 失败: ${e.message}`);
|
||||
}
|
||||
|
||||
sleep(2500);
|
||||
|
||||
try {
|
||||
nmcliSync(['radio', 'wifi', 'on'], 10000);
|
||||
} catch (e) {
|
||||
log.warn('network', `开启 WiFi radio 失败: ${e.message}`);
|
||||
}
|
||||
|
||||
sleep(5000);
|
||||
try { nmcliSync(['device', 'set', iface, 'managed', 'yes'], 8000); } catch (_) {}
|
||||
}
|
||||
|
||||
function _spawnHotspotRadioRetry(ssid, iface) {
|
||||
const token = _newHotspotRetryToken();
|
||||
const script = `
|
||||
set -u
|
||||
log() { logger -t clawd-ap-retry "$*"; }
|
||||
check_token() {
|
||||
if [ ! -f "$TOKEN_FILE" ] || [ "$(cat "$TOKEN_FILE" 2>/dev/null || true)" != "$TOKEN" ]; then
|
||||
log "AP retry canceled"
|
||||
exit 0
|
||||
fi
|
||||
}
|
||||
log "AP retry started: ssid=$SSID iface=$IFACE"
|
||||
check_token
|
||||
nmcli connection down "$CON_NAME" >/dev/null 2>&1 || true
|
||||
nmcli connection delete "$CON_NAME" >/dev/null 2>&1 || true
|
||||
nmcli device disconnect "$IFACE" >/dev/null 2>&1 || true
|
||||
check_token
|
||||
nmcli radio wifi off >/dev/null 2>&1 || true
|
||||
sleep 2.5
|
||||
# If canceled while radio is off, always turn it back on before exiting.
|
||||
nmcli radio wifi on >/dev/null 2>&1 || true
|
||||
sleep 5
|
||||
check_token
|
||||
nmcli device set "$IFACE" managed yes >/dev/null 2>&1 || true
|
||||
check_token
|
||||
if ! nmcli connection add type wifi ifname "$IFACE" con-name "$CON_NAME" ssid "$SSID" >/dev/null 2>&1; then
|
||||
log "AP retry failed: connection add failed"
|
||||
exit 1
|
||||
fi
|
||||
args=(
|
||||
connection modify "$CON_NAME"
|
||||
connection.autoconnect no
|
||||
802-11-wireless.mode ap
|
||||
802-11-wireless.band bg
|
||||
802-11-wireless.channel 1
|
||||
802-11-wireless-security.key-mgmt wpa-psk
|
||||
802-11-wireless-security.proto rsn
|
||||
802-11-wireless-security.pairwise ccmp
|
||||
802-11-wireless-security.group ccmp
|
||||
802-11-wireless-security.pmf disable
|
||||
ipv4.method shared
|
||||
ipv4.addresses "$AP_IP/24"
|
||||
ipv6.method ignore
|
||||
)
|
||||
if [ -n "\${AP_PASSWORD:-}" ]; then
|
||||
args+=(802-11-wireless-security.psk "$AP_PASSWORD")
|
||||
fi
|
||||
check_token
|
||||
if ! nmcli "\${args[@]}" >/dev/null 2>&1; then
|
||||
log "AP retry failed: connection modify failed"
|
||||
exit 1
|
||||
fi
|
||||
check_token
|
||||
if nmcli connection up "$CON_NAME" >/dev/null 2>&1; then
|
||||
if [ ! -f "$TOKEN_FILE" ] || [ "$(cat "$TOKEN_FILE" 2>/dev/null || true)" != "$TOKEN" ]; then
|
||||
log "AP retry canceled after connection up; tearing hotspot down"
|
||||
nmcli connection down "$CON_NAME" >/dev/null 2>&1 || true
|
||||
nmcli connection delete "$CON_NAME" >/dev/null 2>&1 || true
|
||||
exit 0
|
||||
fi
|
||||
log "AP retry success: $SSID"
|
||||
rm -f "$TOKEN_FILE"
|
||||
else
|
||||
log "AP retry failed: connection up failed"
|
||||
exit 1
|
||||
fi
|
||||
`;
|
||||
|
||||
const child = spawn('/bin/bash', ['-lc', script], {
|
||||
detached: true,
|
||||
stdio: 'ignore',
|
||||
env: {
|
||||
...process.env,
|
||||
SSID: ssid,
|
||||
IFACE: iface,
|
||||
CON_NAME,
|
||||
AP_IP,
|
||||
AP_PASSWORD: AP_PASSWORD || '',
|
||||
TOKEN_FILE: AP_RETRY_TOKEN_FILE,
|
||||
TOKEN: token,
|
||||
},
|
||||
});
|
||||
child.unref();
|
||||
}
|
||||
|
||||
function _createHotspotProfile(ssid, iface) {
|
||||
nmcliSync([
|
||||
'connection', 'add',
|
||||
'type', 'wifi',
|
||||
'ifname', iface,
|
||||
'con-name', CON_NAME,
|
||||
'ssid', ssid,
|
||||
], 15000);
|
||||
|
||||
const modifyArgs = [
|
||||
'connection', 'modify', CON_NAME,
|
||||
'connection.autoconnect', 'no',
|
||||
'802-11-wireless.mode', 'ap',
|
||||
'802-11-wireless.band', 'bg',
|
||||
'802-11-wireless.channel', '1',
|
||||
'802-11-wireless-security.key-mgmt', 'wpa-psk',
|
||||
'802-11-wireless-security.proto', 'rsn',
|
||||
'802-11-wireless-security.pairwise', 'ccmp',
|
||||
'802-11-wireless-security.group', 'ccmp',
|
||||
'802-11-wireless-security.pmf', 'disable',
|
||||
'ipv4.method', 'shared',
|
||||
'ipv4.addresses', `${AP_IP}/24`,
|
||||
'ipv6.method', 'ignore',
|
||||
];
|
||||
if (AP_PASSWORD) {
|
||||
modifyArgs.push('802-11-wireless-security.psk', AP_PASSWORD);
|
||||
}
|
||||
nmcliSync(modifyArgs, 15000);
|
||||
}
|
||||
|
||||
function _activateHotspot(ssid, iface, timeoutMs = 8000) {
|
||||
_createHotspotProfile(ssid, iface);
|
||||
nmcliSync(['connection', 'up', CON_NAME], timeoutMs);
|
||||
}
|
||||
|
||||
/**
|
||||
* 启动 WiFi AP 热点
|
||||
*/
|
||||
@@ -313,29 +527,24 @@ function startAP(clawId) {
|
||||
|
||||
log.info('network', `启动 AP 热点: ${ssid} (${iface})`);
|
||||
|
||||
// 关闭已有热点
|
||||
// 关闭已有热点,并在重新拉起 AP 前真正 power-cycle WiFi 芯片。
|
||||
// RK3588/Broadcom DHD 在 LAN 断开后切 AP 时,单纯 ip link down/up 不一定清掉固件残留状态。
|
||||
stopAP();
|
||||
_resetWifiRadioForAP(iface, '准备 AP 前重置 WiFi radio');
|
||||
|
||||
try {
|
||||
// nmcli 创建热点(开放网络)
|
||||
const cmd = [
|
||||
'nmcli device wifi hotspot',
|
||||
`ifname ${iface}`,
|
||||
`con-name ${CON_NAME}`,
|
||||
`ssid "${ssid}"`,
|
||||
'band bg',
|
||||
];
|
||||
// 如果需要密码
|
||||
if (AP_PASSWORD) {
|
||||
cmd.push(`password "${AP_PASSWORD}"`);
|
||||
}
|
||||
run(cmd.join(' '));
|
||||
// 显式创建并激活热点,固定为 WPA2-PSK only。
|
||||
// 避免 NetworkManager 自动生成 WPA-PSK-SHA256/SAE 混合配置,部分 3588 Broadcom DHD 驱动重启 AP 时会拒绝该 RSN 参数。
|
||||
try {
|
||||
nmcliSync(['connection', 'modify', CON_NAME, 'connection.autoconnect', 'no'], 8000);
|
||||
} catch (_) {}
|
||||
_activateHotspot(ssid, iface, 8000);
|
||||
} catch (firstError) {
|
||||
log.warn('network', `AP 启动未在短超时内完成,后台再次重置 WiFi radio 后重试;避免阻塞 watchdog: ${firstError.message}`);
|
||||
_spawnHotspotRadioRetry(ssid, iface);
|
||||
return { ssid, ip: AP_IP, iface, pending: true };
|
||||
}
|
||||
|
||||
// 等待 AP 启动
|
||||
sleep(2000);
|
||||
sleep(1000);
|
||||
log.info('network', `AP 已启动: ${ssid}, 网关 ${AP_IP}`);
|
||||
return { ssid, ip: AP_IP, iface };
|
||||
} catch (e) {
|
||||
@@ -348,6 +557,7 @@ function startAP(clawId) {
|
||||
* 关闭热点,恢复普通 WiFi 模式
|
||||
*/
|
||||
function stopAP() {
|
||||
cancelHotspotRadioRetry('停止 AP');
|
||||
try {
|
||||
run(`nmcli connection down ${CON_NAME}`);
|
||||
} catch (_) {}
|
||||
@@ -454,6 +664,7 @@ async function _ensureActiveWifiAutoconnect() {
|
||||
* clawd 只做调度;真正的认证、DHCP、重连细节仍交给 NM。
|
||||
*/
|
||||
async function connectSavedWifiConnections() {
|
||||
cancelHotspotRadioRetry('准备连接已保存 WiFi');
|
||||
const iface = getWifiIface();
|
||||
const profiles = listSavedWifiConnections();
|
||||
if (profiles.length === 0) {
|
||||
@@ -574,6 +785,7 @@ module.exports = {
|
||||
connectWifi,
|
||||
startAP,
|
||||
stopAP,
|
||||
cancelHotspotRadioRetry,
|
||||
AP_IP,
|
||||
getLocalIps,
|
||||
getLocalNetworks,
|
||||
|
||||
Reference in New Issue
Block a user