ENT-12366: External verifier now sets appclassloader to legacy contra… (#7855)

* ENT-12366: External verifier now sets appclassloader to legacy contracts directory instead of the cordapps directory. * ENT-12366: Now check legacy-contracts exists before start external verifier.
2025-06-22 17:09:00 +00:00 · 2024-10-28 15:28:50 +00:00
parent 7852754ad9
commit 33cf48e04b
10 changed files with 44 additions and 12 deletions
--- a/node/src/main/kotlin/net/corda/node/internal/cordapp/JarScanningCordappLoader.kt
+++ b/node/src/main/kotlin/net/corda/node/internal/cordapp/JarScanningCordappLoader.kt
@ -220,9 +220,11 @@ class JarScanningCordappLoader(private val cordappJars: Set<Path>,
        private fun checkSignersMatch(legacyCordapp: CordappImpl, nonLegacyCordapp: CordappImpl) {
            val legacySigners = legacyCordapp.jarPath.openStream().let(::JarInputStream).use(JarSignatureCollector::collectSigners)
            val nonLegacySigners = nonLegacyCordapp.jarPath.openStream().let(::JarInputStream).use(JarSignatureCollector::collectSigners)
-            check(rotatedKeys.canBeTransitioned(legacySigners, nonLegacySigners)) {
-                "Newer contract CorDapp '${nonLegacyCordapp.jarFile}' signers do not match legacy contract CorDapp " +
-                        "'${legacyCordapp.jarFile}' signers."
+            if (legacySigners.isNotEmpty() || nonLegacySigners.isNotEmpty()) {
+                check(rotatedKeys.canBeTransitioned(legacySigners, nonLegacySigners)) {
+                    "Newer contract CorDapp '${nonLegacyCordapp.jarFile}' signers do not match legacy contract CorDapp " +
+                            "'${legacyCordapp.jarFile}' signers."
+                }
            }
        }

--- a/node/src/main/kotlin/net/corda/node/verification/ExternalVerifierHandleImpl.kt
+++ b/node/src/main/kotlin/net/corda/node/verification/ExternalVerifierHandleImpl.kt
@ -58,6 +58,7 @@ import kotlin.io.path.div
 import kotlin.io.path.fileAttributesViewOrNull
 import kotlin.io.path.isExecutable
 import kotlin.io.path.isWritable
+import kotlin.io.path.notExists

 /**
 * Handle to the node's external verifier. The verifier process is started lazily on the first verification request.
@ -116,6 +117,12 @@ class ExternalVerifierHandleImpl(
    }

    private fun startServer() {
+        val legacyContractsPath = (baseDirectory / "legacy-contracts")
+        if (legacyContractsPath.notExists()) {
+            log.error("Failed to start external verifier because $legacyContractsPath does not exist. Please create a legacy-contracts " +
+                    "directory under $baseDirectory and place your legacy contracts into this directory. See the documentation for details.")
+            throw IOException("Cannot start external verifier because $legacyContractsPath does not exist.")
+        }
        if (::socketFile.isInitialized) return
        // Try to create the UNIX domain file in /tmp to keep the full path under the 100 char limit. If we don't have access to it then
        // fallback to the temp dir specified by the JVM and hope it's short enough.