In addition to being unlocked, wallets now require their password to reveal their private keys.

RPC endpoint changes:
/v1/wallet/get_public_keys -- No change. This endpoint prints all public keys from all unlocked wallets.
/v1/wallet/list_keys -- This endpoint now requires two strings: the name of an unlocked wallet and its password. It will then reveal the public and private key pairs of that wallet. Be aware this means a slight change in behavior in that it is now impossible to query private keys from all unlocked wallets.

cleos changes:
wallet keys -- This command has been changed to print all public keys from unlocked wallets (corresponds to the get_public_keys endpoint). Be aware that there is a change in behavior due to different behavior in how get_public_keys works vs previous behavior: if there is no open wallet or all wallets are locked, wallet keys will now return a "no available wallet" or "locked wallet" error. Previously an empty list would be returned.
wallet private_keys -- This is a new command that maps to the list_keys endpoint. It will take the wallet name and password as arguments before printing the public/private key pairs.