From dbbd0e43fe1cd980e59b3a29efa0ca91b2b88fc2 Mon Sep 17 00:00:00 2001
From: jon4hz <jonah.zuercher@adfinis.com>
Date: Thu, 13 Nov 2025 19:37:00 +0100
Subject: [PATCH] fix: handle proxy options correctly when deleting accesses

---
 lib/perl/OVH/Bastion/allowkeeper.inc | 32 +++++++++++++++++++++++++---
 1 file changed, 29 insertions(+), 3 deletions(-)

diff --git a/lib/perl/OVH/Bastion/allowkeeper.inc b/lib/perl/OVH/Bastion/allowkeeper.inc
index 86f1656..ba17c3e 100644
--- a/lib/perl/OVH/Bastion/allowkeeper.inc
+++ b/lib/perl/OVH/Bastion/allowkeeper.inc
@@ -692,9 +692,35 @@ sub access_modify {
                 my $found = 0;
                 while (my $line = <$fh_file>) {
                     if ($line =~ m{^\Q$entry\E(\s|$)}) {
-                        chomp $line;
-                        $line = "# $line # $comment\n";
-                        $found++;
+                        # now verify that proxy options match too
+                        my $shouldDelete = 1;
+
+                        if (defined $proxyIp) {
+                            $shouldDelete = 0 unless $line =~ m{\# PROXYHOST=\Q$proxyIp\E(\s|$)};
+                        }
+                        elsif ($line =~ m{\# PROXYHOST=}) {
+                            $shouldDelete = 0;
+                        }
+
+                        if ($shouldDelete && defined $proxyPort) {
+                            $shouldDelete = 0 unless $line =~ m{\# PROXYPORT=\Q$proxyPort\E(\s|$)};
+                        }
+                        elsif ($shouldDelete && $line =~ m{\# PROXYPORT=}) {
+                            $shouldDelete = 0;
+                        }
+
+                        if ($shouldDelete && defined $proxyUser) {
+                            $shouldDelete = 0 unless $line =~ m{\# PROXYUSER=\Q$proxyUser\E(\s|$)};
+                        }
+                        elsif ($shouldDelete && $line =~ m{\# PROXYUSER=}) {
+                            $shouldDelete = 0;
+                        }
+
+                        if ($shouldDelete) {
+                            chomp $line;
+                            $line = "# $line # $comment\n";
+                            $found++;
+                        }
                     }
                     $newFile .= $line;
                 }