From f283a8a4c6d16ba3091519bfbf4a0740d1e31bf2 Mon Sep 17 00:00:00 2001
From: hotyue <52734432+hotyue@users.noreply.github.com>
Date: Tue, 21 Apr 2026 06:47:02 +0000
Subject: [PATCH] =?UTF-8?q?fix(master):=20=E5=AE=8C=E5=96=84=E5=90=91?=
 =?UTF-8?q?=E4=B8=8B=E5=85=BC=E5=AE=B9=E6=9C=BA=E5=88=B6=EF=BC=8C=E5=AF=B9?=
 =?UTF-8?q?=E6=9C=AA=E5=8D=87=E7=BA=A7=E8=80=81=E8=8A=82=E7=82=B9=E8=87=AA?=
 =?UTF-8?q?=E5=8A=A8=E9=99=8D=E7=BA=A7=E5=9B=9E=E9=80=80=E8=87=B3=20HTTP?=
 =?UTF-8?q?=20=E9=80=9A=E8=AE=AF=EF=BC=8C=E7=A1=AE=E4=BF=9D=E7=A7=81?=
 =?UTF-8?q?=E6=9C=89=E5=8F=B8=E4=BB=A4=E9=83=A8=E5=B9=B3=E6=BB=91=E8=BF=87?=
 =?UTF-8?q?=E6=B8=A1?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 core/tg_report.sh   |  2 +-
 master/tg_master.sh | 29 +++++++++++++++++++++++++----
 2 files changed, 26 insertions(+), 5 deletions(-)

diff --git a/core/tg_report.sh b/core/tg_report.sh
index 7c577eb..c3538f0 100755
--- a/core/tg_report.sh
+++ b/core/tg_report.sh
@@ -170,7 +170,7 @@ fi
 LOCAL_VER="${AGENT_VERSION:-未知}"
 
 # 极轻量级探针: 抓取 GitHub 云端的 version.txt (超时 3 秒，KV解析法)
-REPO_RAW_URL="https://raw.githubusercontent.com/hotyue/IP-Sentinel/main"
+REPO_RAW_URL="https://raw.githubusercontent.com/hotyue/IP-Sentinel/v3.6.3-dev"
 REMOTE_VER=$(curl -s -m 3 "${REPO_RAW_URL}/version.txt" | grep "^AGENT_VERSION=" | cut -d'=' -f2 | tr -d '[:space:]')
 
 # 构建底部引擎状态块
diff --git a/master/tg_master.sh b/master/tg_master.sh
index 14f7785..b481dd9 100755
--- a/master/tg_master.sh
+++ b/master/tg_master.sh
@@ -237,7 +237,7 @@ while true; do
                         send_msg "$CHAT_ID" "📢 **司令部指令下达：正在唤醒全舰队执行 OTA 升级...**%0A*(节点升级成功后会主动发回新的入库确认，请注意查收)*"
                         echo "$NODE_DATA" | while IFS='|' read -r NNAME AIP APORT; do
                             TARGET_URL=$(generate_signed_url "$AIP" "$APORT" "/trigger_ota")
-                            curl -k -s -m 5 "$TARGET_URL" > /dev/null &
+                            { curl -k -s -m 5 "$TARGET_URL" || curl -s -m 5 "${TARGET_URL/https:\/\//http:\/\/}"; } > /dev/null &
                             sleep 0.3  # 严格流量削峰
                         done
                     fi
@@ -296,9 +296,9 @@ while true; do
                     else
                         send_msg "$CHAT_ID" "📢 **司令部指令下达：正在召唤所有哨兵回传简报...**"
                         echo "$NODE_DATA" | while IFS='|' read -r NNAME AIP APORT; do
-                            TARGET_URL=$(generate_signed_url "$AIP" "$APORT" "/trigger_report")
-                            curl -k -s -m 5 "$TARGET_URL" > /dev/null &
-                            sleep 0.2  # [新增] 流量削峰：每秒最多并发下发 5 个，保护 Master 网络栈
+                            TARGET_URL=$(generate_signed_url "$AIP" "$APORT" "/trigger_run")
+                            { curl -k -s -m 5 "$TARGET_URL" || curl -s -m 5 "${TARGET_URL/https:\/\//http:\/\/}"; } > /dev/null &
+                            sleep 0.2  # [新增] 流量削峰：防止瞬间 fork 导致句柄耗尽
                         done
                     fi
                     ;;
@@ -437,6 +437,12 @@ while true; do
                         TARGET_URL="${TARGET_URL}&mod=${MOD_NAME}&state=${TARGET_STATE}"
                         
                         RESPONSE=$(curl -k -s -m 5 "$TARGET_URL" || echo "FAILED")
+                        # [向下兼容补丁] 若 HTTPS 拒绝或超时，回退 HTTP 试探老节点
+                        if [ "$RESPONSE" == "FAILED" ] || [ -z "$RESPONSE" ]; then
+                            TARGET_URL_HTTP="${TARGET_URL/https:\/\//http:\/\/}"
+                            RESPONSE=$(curl -s -m 5 "$TARGET_URL_HTTP" || echo "FAILED")
+                        fi
+                        
                         if [[ "$RESPONSE" == *"Action Accepted"* ]]; then
                             # 下发成功，更新 DB，原位重绘
                             db_exec "UPDATE nodes SET enable_${MOD_NAME}='$TARGET_STATE' WHERE chat_id='$CHAT_ID' AND node_name='$TARGET_NODE';"
@@ -537,6 +543,11 @@ while true; do
                         TARGET_URL="${TARGET_URL}&b64=${ALIAS_B64}"
                         
                         RESPONSE=$(curl -k -s -m 5 "$TARGET_URL" || echo "FAILED")
+                        # [向下兼容补丁] 若 HTTPS 拒绝或超时，回退 HTTP 试探老节点
+                        if [ "$RESPONSE" == "FAILED" ] || [ -z "$RESPONSE" ]; then
+                            TARGET_URL_HTTP="${TARGET_URL/https:\/\//http:\/\/}"
+                            RESPONSE=$(curl -s -m 5 "$TARGET_URL_HTTP" || echo "FAILED")
+                        fi
                         
                         if [ "$RESPONSE" == "FAILED" ]; then
                             send_msg "$CHAT_ID" "❌ 指令下发超时！请检查节点连通性。"
@@ -577,6 +588,11 @@ while true; do
                         
                         TARGET_URL=$(generate_signed_url "$AGENT_IP" "$AGENT_PORT" "/trigger_ota")
                         RESPONSE=$(curl -k -s -m 5 "$TARGET_URL" || echo "FAILED")
+                        # [向下兼容补丁] 若 HTTPS 拒绝或超时，回退 HTTP 试探老节点
+                        if [ "$RESPONSE" == "FAILED" ] || [ -z "$RESPONSE" ]; then
+                            TARGET_URL_HTTP="${TARGET_URL/https:\/\//http:\/\/}"
+                            RESPONSE=$(curl -s -m 5 "$TARGET_URL_HTTP" || echo "FAILED")
+                        fi
                         
                         if [ "$RESPONSE" == "FAILED" ]; then
                             TEXT_RES="❌ OTA 指令下发超时！请检查节点公网连通性。"
@@ -618,6 +634,11 @@ while true; do
                         # 🛡️ [v3.0.4] 动态签名生成与触发 (防重放与防篡改)
                         TARGET_URL=$(generate_signed_url "$AGENT_IP" "$AGENT_PORT" "/trigger_${ACTION_TYPE}")
                         RESPONSE=$(curl -k -s -m 5 "$TARGET_URL" || echo "FAILED")
+                        # [向下兼容补丁] 若 HTTPS 拒绝或超时，回退 HTTP 试探老节点
+                        if [ "$RESPONSE" == "FAILED" ] || [ -z "$RESPONSE" ]; then
+                            TARGET_URL_HTTP="${TARGET_URL/https:\/\//http:\/\/}"
+                            RESPONSE=$(curl -s -m 5 "$TARGET_URL_HTTP" || echo "FAILED")
+                        fi
                         
                         # 结果判定
                         if [ "$RESPONSE" == "FAILED" ]; then