How do I know which server I am calling?

[jecarr]

Hello,

I am running these lines of code from this file:

from taxii2client import Collection (Line 4) collection = Collection("<url>") (Line 41)

In Python 3.7, this works!

Unfortunately with Python 3.9, it errors. Using the guidance of the error message, I tweaked the import statement and

from taxii2client.v21 import Collection still error'ed from taxii2client.v20 import Collection worked!

I initially thought it would be .v21 because by debugging the if-statement here, I saw my self.version was 2.1.

My question is therefore how can I tell which server I am using (to ultimately decide which import statement I should use)? Is this mainly down to server config in code I am using? Or does it default to 2.0?

Why did the upgrade in Python 3 break the original lines of code? (I assume because of later releases of taxii-client but I'm asking in case there's something I should be mindful of here)

Apologies if there are basics on requests I am missing, thanks!

[emmanvg]

Hi @jecarr, based on what I can see from that project. Their requirements.txt calls for taxii2client==0.5.0 (from 2018) which likely will make the tool crash if running any other version without additional changes. In that version, support for TAXII 2.1 was not existent therefore it is likely that adding the lines from taxii2client.v21 import Collection would make the tram tool error out. By design, the from taxii2client import Collection statement will import the latest supported spec version by the client. The recommendation is to determine TAXII specification the Server supports, then you can import from the client accordingly using the taxii2client.v20 or taxii2client.v21. Based on the information you provided, it is likely that the tool is trying to contact a TAXII 2.0 Server (not the default).

We do have tests for Python 3.9 on our CI harness, and none have reported an error with interpreter support. Could you provide more information if there is an interpreter level issue with Python 3.9? Otherwise can you provide what part of taxii2client lines broke? As for the library itself, two major releases (backwards incompatible) have happened since 0.5.0 (https://semver.org/). Therefore if support for a specific feature is desired or to prevent API code from breaking versions should be pinned to a known to work version. Either == or <= which seems like the tram tool already took take of. Hope this helps!

[jecarr]

Hi @emmanvg - thanks so much for the quick reply and explanation!

You asked for more info: I re-ran the lines from my original post and can conclude it's not a Python version issue. My original results were where

• My Python 3.7 interpreter had taxii-client v0.5.0
• My Python 3.9 interpreter had taxii-client v2.2.2

so I re-ran the lines where both my Python (3.7 and 3.9) interpreters used taxii-client v2.2.2. For both interpreters, I got the following behaviour:

>>> from taxii2client import Collection >>> collection = Collection("https://cti-taxii.mitre.org/stix/collections/95ecc380-afe9-11e4-9b6c-751b66dd541e/") >>> collection.title ERROR:root:Server Response: 406 Client Error If you are trying to contact a TAXII 2.0 Server use 'from taxii2client.v20 import X'. If you are trying to contact a TAXII 2.1 Server use 'from taxii2client.v21 import X' Traceback (most recent call last): File "<input>", line 1, in <module> File "/home/jen/venv/3.7/lib/python3.7/site-packages/taxii2client/v21/__init__.py", line 233, in title self._ensure_loaded() File "/home/jen/venv/3.7/lib/python3.7/site-packages/taxii2client/v21/__init__.py", line 317, in _ensure_loaded self.refresh() File "/home/jen/venv/3.7/lib/python3.7/site-packages/taxii2client/v21/__init__.py", line 331, in refresh response = self.__raw = self._conn.get(self.url, headers={"Accept": accept}) File "/home/jen/venv/3.7/lib/python3.7/site-packages/taxii2client/common.py", line 309, in get raise e File "/home/jen/venv/3.7/lib/python3.7/site-packages/taxii2client/common.py", line 299, in get resp.raise_for_status() File "/home/jen/.local/lib/python3.7/site-packages/requests/models.py", line 940, in raise_for_status raise HTTPError(http_error_msg, response=self) requests.exceptions.HTTPError: 406 Client Error: Not Acceptable for url: https://cti-taxii.mitre.org/stix/collections/95ecc380-afe9-11e4-9b6c-751b66dd541e/

>>> from taxii2client.v20 import Collection >>> collection = Collection("https://cti-taxii.mitre.org/stix/collections/95ecc380-afe9-11e4-9b6c-751b66dd541e/") >>> collection.title 'Enterprise ATT&CK'

As your CI tests are passing, this error could be because of my environment? (Maybe a combination of taxii-client v2.2.2 with another dependent package of a different version in my environment?) Or a misunderstanding on my part on using taxii-client?

Either way, I understand the use of .vX in the import statements and my code is working, I'm happy for this issue to be closed or will reply further if you need me to check anything in my environment. Thanks!

[emmanvg]

@jecarr, I will close the issue since it sounds like it was simply an oversight on your local setup. You have the proper knowledge in terms of the usage of the taxii2client and how the .v2X imports work. It seems the from taxii2client.v20 import Collection is the correct statement for your use case or the tram tool.

[jecarr]

Thanks @emmanvg!