From 898349d22e72884206e017d24b5c1c4d5fda3c08 Mon Sep 17 00:00:00 2001
From: hotyue <52734432+hotyue@users.noreply.github.com>
Date: Fri, 17 Apr 2026 13:06:44 +0000
Subject: [PATCH] =?UTF-8?q?feat(core):=20Webhook=20=E9=80=9A=E8=AE=AF?=
 =?UTF-8?q?=E5=BC=95=E6=93=8E=E6=96=B0=E5=A2=9E=20/trigger=5Fota=20?=
 =?UTF-8?q?=E9=AB=98=E5=8D=B1=E8=B7=AF=E7=94=B1=EF=BC=8C=E5=AE=9E=E8=A3=85?=
 =?UTF-8?q?=E6=9C=AC=E5=9C=B0=E4=B8=8E=E7=BD=91=E5=85=B3=E5=8F=8C=E9=87=8D?=
 =?UTF-8?q?=E7=86=94=E6=96=AD=E6=A0=A1=E9=AA=8C=EF=BC=8C=E5=B9=B6=E6=94=AF?=
 =?UTF-8?q?=E6=8C=81=E5=90=8E=E5=8F=B0=E5=89=A5=E7=A6=BB=E4=BA=A4=E4=BA=92?=
 =?UTF-8?q?=E7=9A=84=E9=9D=99=E9=BB=98=E7=83=AD=E9=87=8D=E8=BD=BD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 core/agent_daemon.sh | 45 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 45 insertions(+)

diff --git a/core/agent_daemon.sh b/core/agent_daemon.sh
index 133db7ba..8714294f 100755
--- a/core/agent_daemon.sh
+++ b/core/agent_daemon.sh
@@ -340,6 +340,51 @@ class AgentHandler(http.server.BaseHTTPRequestHandler):
                 self.end_headers()
                 self.wfile.write(f"500 Internal Error: {str(e)}\n".encode('utf-8'))
 
+        # ================== [v3.6.0 新增: 零信任 OTA 远程静默升级路由] ==================
+        elif req_path == '/trigger_ota':
+            try:
+                # 动态读取最新 config 内存态
+                config_mem = {}
+                config_path = '/opt/ip_sentinel/config.conf'
+                if os.path.exists(config_path):
+                    with open(config_path, 'r', errors='ignore') as f:
+                        for line in f:
+                            line = line.strip()
+                            if '=' in line and not line.startswith('#'):
+                                key, val = line.split('=', 1)
+                                config_mem[key] = val.strip('"\'')
+                                
+                # 🛡️ 熔断校验 1: Agent 本地是否开启了 OTA 授权
+                if config_mem.get('ENABLE_OTA', 'false').lower() != 'true':
+                    self.send_response(403)
+                    self.end_headers()
+                    self.wfile.write(b"403 Forbidden: OTA Upgrade Disabled locally\n")
+                    return
+                    
+                # 🛡️ 熔断校验 2: 是否处于官方公共网关下 (强行硬编码拦截)
+                if config_mem.get('TG_TOKEN', '') == 'OFFICIAL_GATEWAY_MODE':
+                    self.send_response(403)
+                    self.end_headers()
+                    self.wfile.write(b"403 Forbidden: OTA strictly disabled under Public Gateway mode\n")
+                    return
+                    
+                # 校验通过，立即返回 200 回执，释放 Master 连接池
+                self.send_response(200)
+                self.send_header("Content-type", "text/plain")
+                self.end_headers()
+                self.wfile.write(b"Action Accepted: trigger_ota\n")
+                
+                # 挂起异步升级进程 (注入 SILENT_OTA 旁路变量跳过所有 read -p 交互)
+                # 注意：这里我们写死拉取 dev-v3.6.0 分支的安装脚本进行覆盖测试，未来正式版上线时会改回 main
+                repo_url = "https://raw.githubusercontent.com/hotyue/IP-Sentinel/dev-v3.6.0"
+                ota_cmd = f"export SILENT_OTA='true'; curl -sL {repo_url}/core/install.sh | bash > /opt/ip_sentinel/logs/ota_upgrade.log 2>&1 &"
+                subprocess.Popen(['bash', '-c', ota_cmd])
+                
+            except Exception as e:
+                self.send_response(500)
+                self.end_headers()
+                self.wfile.write(f"500 Internal Error: {str(e)}\n".encode('utf-8'))
+
         else:
             self.send_response(404)
             self.end_headers()