chore(legacy): 🔄 跨分支融合主干 v3.2.2，并修正 REPO_RAW_URL 强制指向 legacy 分支

Merge branch 'main' into legacy
chore(legacy): 降级 Python 语法并抢修 Debian 9 APT 源，以兼容传家宝老旧系统
2026-06-27 04:11:46 +08:00 · 2026-04-13 02:39:45 +00:00 · 2026-04-13 02:33:22 +00:00 · 2026-04-11 13:51:20 +00:00
3 changed files with 19 additions and 13 deletions
--- a/core/agent_daemon.sh
+++ b/core/agent_daemon.sh
@@ -115,7 +115,7 @@ class AgentHandler(http.server.BaseHTTPRequestHandler):
                return
                
            # 校验 3：HMAC 数据完整性与身份合法性校验
-            msg = f"{req_path}:{req_t}".encode('utf-8')
+            msg = "{}:{}".format(req_path, req_t).encode('utf-8')
            expected_sign = hmac.new(AUTH_TOKEN.encode('utf-8'), msg, hashlib.sha256).hexdigest()
            
            # 使用 compare_digest 防御时序攻击
@@ -201,7 +201,7 @@ class AgentHandler(http.server.BaseHTTPRequestHandler):
                            log_data = html.escape("".join(lines[-15:]))
                
                node_name = subprocess.check_output(['hostname']).decode('utf-8').strip()[:15]
-                text_msg = f"📄 <b>[{node_name}] 实时运行日志:</b>\n<pre><code>{log_data}</code></pre>"
+                text_msg = "📄 <b>[{}] 实时运行日志:</b>\n<pre><code>{}</code></pre>".format(node_name, log_data)
                
                data = urllib.parse.urlencode({
                    'chat_id': config.get('CHAT_ID', ''),
@@ -217,7 +217,7 @@ class AgentHandler(http.server.BaseHTTPRequestHandler):
                urllib.request.urlopen(req, timeout=10)
                
            except Exception as e:
-                print(f"Log transmission failed: {e}")
+                print("Log transmission failed: {}".format(e))
            
        else:
            self.send_response(404)
--- a/core/install.sh
+++ b/core/install.sh
@@ -1,12 +1,12 @@
 #!/bin/bash

 # ==========================================================
-# 脚本名称: install.sh (IP-Sentinel 分布式边缘节点部署脚本 v3.2.3 - Global Nexus)
+# 脚本名称: install.sh (IP-Sentinel 分布式边缘节点部署脚本 v3.2.2 - Global Nexus)
 # 核心功能: 区域选择、模块按需开启、官方机器人一键配置、平滑热更新
 # ==========================================================

 # 你的 GitHub 仓库 Raw 数据直链前缀
-REPO_RAW_URL="https://raw.githubusercontent.com/hotyue/IP-Sentinel/main"
+REPO_RAW_URL="https://raw.githubusercontent.com/hotyue/IP-Sentinel/legacy"
 # 临时改为私库地址用于测试
 # REPO_RAW_URL="https://git.94211762.xyz/hotyue/IP-Sentinel/raw/branch/main"
 INSTALL_DIR="/opt/ip_sentinel"
@@ -18,6 +18,17 @@ echo "========================================================"

 # 1. 依赖检查与安装 (新增 python3 用于轻量级 Webhook 服务)
 echo -e "\n[1/7] 正在安装必要环境依赖 (curl, jq, cron, procps, python3)..."
+
+# ================== [Legacy: Debian 9 APT 源抢修补丁] ==================
+if [ -f /etc/debian_version ] && grep -q -E "^9\." /etc/debian_version; then
+    echo -e "\033[33m⚠️ 检测到 Debian 9 (Stretch)，正在抢修已停用的 APT 档案馆源...\033[0m"
+    echo "deb http://archive.debian.org/debian stretch main" > /etc/apt/sources.list
+    echo "deb http://archive.debian.org/debian-security stretch/updates main" >> /etc/apt/sources.list
+    sed -i '/stretch-updates/d' /etc/apt/sources.list
+    echo 'Acquire::Check-Valid-Until "false";' > /etc/apt/apt.conf.d/99no-check-valid-until
+fi
+# =======================================================================
+
 if [ -f /etc/debian_version ]; then
    apt-get update -y >/dev/null 2>&1
    apt-get install -y curl jq cron procps python3 >/dev/null 2>&1
@@ -486,12 +497,7 @@ if [[ -n "$TG_TOKEN" ]]; then
    elif command -v firewall-cmd >/dev/null 2>&1 && systemctl is-active firewalld | grep -qw active; then
        FW_MSG="firewall-cmd --zone=public --add-port=$AGENT_PORT/tcp --permanent && firewall-cmd --reload"
    elif command -v iptables >/dev/null 2>&1; then
-        # 智能双栈雷达：根据绑定的 IP 属性，动态下发对应的防火墙放行指令
-        if [[ "$BIND_IP" == *":"* ]]; then
-            FW_MSG="ip6tables -I INPUT -p tcp --dport $AGENT_PORT -j ACCEPT"
-        else
-            FW_MSG="iptables -I INPUT -p tcp --dport $AGENT_PORT -j ACCEPT"
-        fi
+        FW_MSG="iptables -I INPUT -p tcp --dport $AGENT_PORT -j ACCEPT"
    fi
    
    echo -e "\033[33m⚠️ 警告：请务必确保本机及云服务商安全组放行了 TCP $AGENT_PORT 端口！\033[0m"
--- a/master/install_master.sh
+++ b/master/install_master.sh
@@ -1,12 +1,12 @@
 #!/bin/bash

 # ==========================================================
-# 脚本名称: install_master.sh (IP-Sentinel 控制中枢部署脚本 v3.2.3)
+# 脚本名称: install_master.sh (IP-Sentinel 控制中枢部署脚本 v3.2.2)
 # 核心功能: 部署/卸载调度中枢、SQLite 资产管理、平滑热更新引擎
 # ==========================================================

 # [新增] 提取仓库直链前缀变量，方便后续在官方库和私库间一键切换
-REPO_RAW_URL="https://raw.githubusercontent.com/hotyue/IP-Sentinel/main"
+REPO_RAW_URL="https://raw.githubusercontent.com/hotyue/IP-Sentinel/legacy"
 # 临时改为私库地址用于测试
 # REPO_RAW_URL="https://git.94211762.xyz/hotyue/IP-Sentinel/raw/branch/main"
Author	SHA1	Message	Date
hotyue	50da8352d4	chore(legacy): 🔄 跨分支融合主干 v3.2.2，并修正 REPO_RAW_URL 强制指向 legacy 分支	2026-04-13 02:39:45 +00:00
hotyue	a55d362be6	Merge branch 'main' into legacy	2026-04-13 02:33:22 +00:00
hotyue	044c7a9937	chore(legacy): 降级 Python 语法并抢修 Debian 9 APT 源，以兼容传家宝老旧系统	2026-04-11 13:51:20 +00:00