From acad2bc34baa9c582b16130204b45517085b4c26 Mon Sep 17 00:00:00 2001 From: qnorsten Date: Sat, 27 Jun 2026 22:02:13 +0200 Subject: [PATCH] fix(v6): raise HoleAuthenticationError for invalid password on HTTP 200 Pi-hole v6 returns HTTP 200 with {"session":{"valid":false}} when a wrong password is supplied, rather than HTTP 401. The previous code raised a plain HoleError("Authentication unsuccessful: Invalid session") for this path, inconsistent with the HTTP 401 path which raises HoleAuthenticationError ("Authentication failed: Invalid password"). This inconsistency breaks Home Assistant's determine_api_version() helper, which calls authenticate() with a deliberately wrong password to probe whether the instance is v6. It catches HoleError and checks the message string for "Authentication failed: Invalid password" to confirm v6. The mismatched message caused version detection to always fall through to the v5 path, making the integration fail to set up on any instance where the HTTP 200 response completes faster than the timeout (including after the timeout was fixed in recent versions). Change the HTTP 200 / valid=false path to raise HoleAuthenticationError with the same message as the 401 path (status=200) so all "wrong password" cases are handled uniformly regardless of the HTTP status code Pi-hole returns. --- hole/v6.py | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/hole/v6.py b/hole/v6.py index c0587be..8e76d2d 100644 --- a/hole/v6.py +++ b/hole/v6.py @@ -115,8 +115,11 @@ async def authenticate(self): session_data = data.get("session", {}) if not session_data.get("valid"): - raise exceptions.HoleError( - "Authentication unsuccessful: Invalid session" + # Pi-hole v6 returns HTTP 200 with valid=false for wrong passwords + # rather than HTTP 401. Raise the same exception as the 401 path so + # callers can treat both cases uniformly. + raise exceptions.HoleAuthenticationError( + "Authentication failed: Invalid password", status=200 ) self._session_id = session_data.get("sid")