adding some unit tests to some code being written,
searched randomly on the internet for an IPv6 test
suite and found one in php *shudder*
# https://github.com/gws/ipv6-address-test/blob/master/Tests/Ipv6TestCase.php

converted it to python, and was surprised to find that
there are two cases which the ipaddress.IPv6Address
module accepts, that it should not!

attached is a quick-and-dirty hacked together unit test
which shows the issue.  the full suite may be found
here (over 400 ipv6 addresses to test):

https://github.com/threefoldtech/jumpscale_core/blob/development_dynamic/tests/jumpscale_test/test10_j_data_types.py

Hi Ikcl, are you working on the fix? I'd like to work on it.

> Hi lkcl, are you working on the fix? I'd like to work on it.

hi prudvi, i'm not: i'm simply making people aware that there's
an issue that needs to be addressed (pun intended)

Hi lkcl, can you help me understand why exactly the below IPv6 addresses are invalid?
('1111:2222:3333:4444:5555:6666:00.00.00.00', False)
('1111:2222:3333:4444:5555:6666:000.000.000.000', False)

I pulled the above addresses from your git testcase.

But, below 2 IPv6 addresses are given as valid
('1111:2222:3333:4444:5555:6666:123.123.123.123', True)
('1111:2222:3333:4444:5555::123.123.123.123', True)

I don't see any difference between both. Both of them have IPv4 styled suffixes. According to the code, they are getting converted at runtime. Can you please clarify? 

Thanks

hi prudvi: i have absolutely no idea.  i am simply running test
validators online, which show and confirm that they are correctly
INVALID.  a google search shows a number of IPv6 validators:
https://www.google.co.uk/search?q=ipv6+address+validator

i have absolutely no actual knowledge of what constitutes a valid IPv6
address or not, nor know of any "official" resources.

all i know is: consensus tends to agree that these two addresses
are accepted by the python ipaddress module when they should not.

According to the RFC ( https://tools.ietf.org/html/rfc4291#section-2.2 ), last four bytes can be an address in the format of IPv4 address. The latter doesn't specify whether leading zeros are permitted or not. For illustration let's look at the implementation of the POSIX function `inet_aton` from Fedora 28, as documented by manual:

> In  all  of the above forms, components of the dotted address can be specified in decimal, octal (with a leading 0), or hexadecimal, with a leading 0X).

But notice that if you prefix a 0 with 0, the value stays the same, so it doesn't hurt not to raise errors if given either of 

1111:2222:3333:4444:5555:6666:00.00.00.00
1111:2222:3333:4444:5555:6666:000.000.000.000

If however you try

1111:2222:3333:4444:5555:6666:000.000.010.000

then the address is ambiguous, so appropriately you get 

AddressValueError: Ambiguous (octal/decimal) value in '010' not permitted in '000.000.010.000' in '1111:2222:3333:4444:5555:6666:000.000.010.000'


I believe the issue is handled correctly.

that's interesting, michael: it means that all of the
IPv6 validators online are wrong, like this one!
https://formvalidation.io/guide/validators/ip/

I think Michal is right

The point is that the specification is not complete and thus left for the implementations to decide. Python's version hits the sweet spot between inclusive and correct - as long as a version is unambiguous, it is accepted.