* get random uncompact proofs from instead of always starting at the earliest uncompact
* Broadcast the messages from full_node to bluebox all at once instead of in multiple requests
* Fix lint issues
* Log when proof replacement is successful
* Remove old "batches_finished" logic
* Added migrate_keyring daemon RPC support.
Passphrase requirements (min length, empty allowed) are now communicated to callers of the keyring_status RPC.
Refactored the keyring migration code to support interactive and non-interactive modes.
* Minor fixes for error handling during migration
* Cleaned up checking passphrase requirements
* Added a comment explaining why a failure is returned early in migrate_keyring if the keyring is already migrated
* Support for notifying the GUI and daemon when keyring status changes occur, including migration
https://github.com/Chia-Network/chia-blockchain/issues/8234
The warning that is being output by `chia version` is causing confusion
when trying to parse the version. This change ignores the warning by
only trying to parse the last line of the output as the version. Other
changes should be considered such as not outputting the warning for
small commands like `--help` and `version`.
```
$ chia version
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED SSL FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0664 for '/home/altendky/repos/chia-blockchain/mozilla-ca/cacert.pem' are too open. Expected 0644
One or more SSL files were found with permission issues.
Run `chia init --fix-ssl-permissions` to fix issues.
1.2.5.dev0
```
* server|util: Refactor `verify_ssl_certs_and_keys`
Let it take two lists instead of one with an tuple holding optional
paths.
* util: Introduce `get_ssl_perm_warning`
* util: Drop some redundant brackets
* util: Introduce `get_all_ssl_file_paths`
* util: Print warnings for CLI only
* cmds|util: Call `check_ssl` for all CLI commands
* Swap back to non-chia notarize-cli
* Update node for mac to 14.x - newer syntax in PRs on notarize-cli require the new version
* Have cleanup script get rid of our other global node packages so that 12->14 transition works
* add --paginate/--no-paginate to chia wallet get_transactions
The default remains to paginate if sys.stdout.isatty(), otherwise it
defaults to not paginating. This addresses cases such as piping and
output redirection to a file where the command previously just hung
while waiting for the user to press c for the next page.
* shorten lines for linting
* avoid BrokenPipeError such as with head
* stop using click's undocumented PacifyFlushWrapper
* fix issue where the cost of the mempool TX cache (for spend bundles that can't be included in a block yet) would not be reset when the cache was emptied
* factor out the Pending TX cache from mempool, to allow unit testing
* Create directories with 755 permissions, SSL certs with 644, and keys with 600.
* Check SSL file permissions during chia_init(). Exits if permissions are incorrect.
* Overwrite certs/keys instead of failing to write
* Skip SSL file permission checks on Windows (requires checking ACLs)
* Check SSL file permissions when creating an ssl_context
* Skip check_ssl on Windows.
Handle some SSLInvalidPermissions exceptions.
* Added a few comments
* Added chia init --fix-ssl-permissions option to attempt to fix SSL file permission issues.
Update imported cert permissions when using chia init -c.
Code cleanup/restructuring.
* Return a tuple instead of a list
* LGTM and other minor fixes
* Fixed SSL test breakage when calling ssl_context_for_client. The ca_crt param was being passed in as both the cert and private key, triggering the permission check failure.
* Don't exit if SSL file permissions issues are found
* Tweak the exception types that are raised from traverse_dict
* agg sig conditions always take two args
* extend test a bit, add comment
* unit test agg sig parser where args list is not null terminated
* fix formatting
* harvester|plotting|tests: Introduce `PlotManager` class
This moves all plots related and plot-directory related stuff from the
harvester into the class `PlotManager`, adjusts all related code
accordingly and adds some extra wrappers there.
* harvester|plotting|tests: Return how many new plots were loaded
* plotting: Fix `failed_to_open_filenames` re-try interval
With `< 1200` it just tries it on the next refresh.
* plotting: Fix and improve duplicates handling
* harvester|plotting: Thread locks for `PlotManager.plots`
* chia|tests: Load plots in batches
* chia|tests: Move plot refreshing into a separate thread
* plotting: Properly handle removed plots
And fix tests accordingly. It seems like this fix https://github.com/Chia-Network/chia-blockchain/pull/3350 wasn't really a fix, rather adjusting to allow for a bug?
* plotting|harvester|tests: Introduce `PlotRefreshResult`
* tests: Expand `test_farmer_harvester_rpc.py`
* chia|tests: Move some stuff from `plot_tools.py` into new file `util.py`
* refactor: Rename `plot_tools.py` to `manager.py`
* chia|tests: Use pure dataclass for `PlotsRefreshParameter`
With `uint16` as type saving to config doesn't work, this is a
preparation for the next commit.
* harvester: Adjust deprecation message, use `info` instead of `warning`
* plotting: Fix typo
* refactor: Rename `filename` to `file_path`
Fits better and does avoid shadowing with filename from outer scope.
* chia|tests: Move some methods from `plotting.manager` to `plotting.util`
* plotting: Make `refresh_callback` mandatory
* refactor: Introduce `parse_uint32` in `streamable.py`
* refactor: Introduce `write_uint32` in `streamable.py`
* tests: Add `test_uint32` in `test_streamable.py`
Adds tests for `write_uint32` and `parse_uint32`
* Moved keyring handling into a KeyringWrapper class
* Update click to 8.0.x for prompt_required support
* Renamed KeyringWrapper to _KeyringWrapper
* Expose password management options on Linux
* CLI support for setting/removing a password
* Global option for specifying the master password
* Cache the password instead of setting on the context
* Password bootstrapping during chia init
* Tidying up _KeyringWraper's interface
* Initial pass migrating the legacy keyring contents
* Encryption/decryption of keyring.yaml contents
* FileKeyring backend encrypts with ChaCha20Poly1305
* Tightened up keyring migration and initialization
* Fixed issues identified by linters
* Remove root_path from Keychain
* Prevent double-migration if setting master passwd
* KeyringWrapper tests are mostly complete
* FileKeyring will now honor the service param
* Tests for get/set/delete password
* Formatting/commenting updates
* Writer lock support with tests - WIP
* keyring.yaml is now watched for modifications
* Reader/Writer lock for get/delete password
* Fixed linter issues
* Reader lock tests
* Formatting update
* Hook up CHIA_ROOT support for KeychainWrapper
* Quick fix to address test failures
* Fixed failures when existing legacy keyring exists
* Fixed test failures caused by reusing the same temp dir
* keyring.yaml now lives in ~/.chia_keys by default. Can be overridden with CHIA_KEYS_ROOT or --keys-root-path
* Fixed migration failure when setting a password (not using the default)
* KeyringWrapper now uses supports_keyring_password to determine if a FileKeyring should be used. Patched tests to work regardless of whether supports_keyring_password return False
* The daemon now takes a --have-gui option that will prevent calling check_keys() during startup. If the keyring is locked, we want the GUI to prompt for the password.
* Added is_keyring_locked RPC call
* Added 'unlock_keyring' RPC command
* Added KeychainProxy and KeychainServer to handle RPC messages related to keyring operations. WalletNode no longer directly accesses the Keychain class.
* Turn on macOS support for testing keyring passwords
* Fixed get_key_for_fingerprint to use the ocal keychain if the platform doesn't need to remotely access the daemon's keychain.
Fixed key reconstruction when sent over RPC.
* Farmer now accesses the keychain over RPC
* Fixes for linter issues and some restructuring to support tests that use setup_nodes.py
* Couple of fixes to unblock the GUI from launching when a keyring password is set
* Added a keychain RPC call for add_private_key()
* Added remaining keychain proxy RPC calls for delete_key_by_fingerprint and delete_all_keys
* Check for None when inspecting request arguments
* Run check_keys after unlocking the keyring when the daemon is launched via GUI
* Added check_keys RPC method.
Fixed deserialization of key entropy in get_all_private_keys. This was preventing the GUI from being able to show key details.
* Added get_first_private_key to keychain_server/proxy.
create_plots now uses the keychain proxy when launched from the daemon.
* Added a comment about KeychainProxy in chia plots check
* Workaround import conflict when importing from 'tests.*' due to fasteners name conflict
* Simulator now uses KeychainProxy if launched by the daemon.
KeychainServer/Proxy now takes keychain user/testing params for testing scenarios.
* Added "set_keyring_passphrase" RPC message
* Reworking KeychainProxy usage to handle local keychain tests and RPC keychain tests.
* Replace my prior usage of asyncio.run() with asyncio.get_event_loop().run_until_complete()
* Silencing file_keyring logging for the moment.
* Updated tests to use test keychains and appropriate BlockTools construction
BlockTools should now be created with create_block_tools(_async) to handle async scenarios.
Updated block_tools to be async compatible
Updated fasteners to fix installation of top-level 'tests' in site-packages
* Added 'remove_keyring_passphrase' RPC message to the daemon
Minor tweak to TempKeyring to default to some test params
* Fixed linter issues
* Remove flake8 ignore statement now that the fasteners module has been updated
* Some initial renaming changes: password -> passphrase
* Fixed wallet RPC issue where get_key_for_fingerprint wasn't awaited-upon.
Fixed legacy keyring initialization (for migration scenarios)
* Fixed improperly merged file
* Fixed linter issues.
More renaming.
* Updated spots that were still using an incorrect keychain call
* Renamed use_password_cache, obtain_current_password
* Renamed supports_keyring_password
* Renamed has_master_password
* Renamed has_cached_password, get_cached_master_password
* Linter fixes
* Renamed master_password_is_valid
* Renamed set_cached_master_password
* Renamed set_master_password
* Renamed remove_master_password
* Renamed has_cached_master_password
* Renaming in file_keyring and keyring_wrapper
Updated default keyring payload used for tests
* Renamed get_password
Other renaming updates
* Renamed set_password
Other renaming updates
* Renamed remaining password occurrences (where appropriate)
* password -> passphrase
* Added tests for setting an emoji and Japanese master passphrase
* Attempt to notify the daemon when a keyring passphrase is set/updated/removed
* Missed one password -> passphrase replacement.
* Fixed some file synchronization issues found when running tests on macOS
* Adjusted timeout values for test_writer_lock_reacquisition_failure for macOS.
* Removed logging statements previously added for debugging
* Prompt for keyring passphrase up-front when launching a service.
Changed --have-gui flag to --wait-for-unlock
* Updated set_keyring_passphrase RPC message to fix optional current_passphrase param when the keyring is using the default passphrase.
* Minor test cleanup to deduplicate some code.
* Fixed regression when setting a new master passphrase
* Minor refactoring and docs/commenting updates
* Renaming password -> passphrase went too far. Keyring backends use password terminology for compatibility with third party backends.
* Disabling macOS support (previously added for testing only)
* Disabling passphrase support in preparation for sending out the PR
* Fixed improper merge (vscode didn't save changes during rebase)
* Update chia/cmds/init_funcs.py
Co-authored-by: Adam Kelly <338792+aqk@users.noreply.github.com>
* skip_check_keys -> should_check_keys
* Shuffling some imports around to break cycles reported by LGTM
* Handle unlocking the daemon if it's already launched and waiting for unlock.
* Replaced uses_keychain_proxy decorator in farmer.py. Fixed async usage of get_reward_targets.
Linter/reformatting fixes
* Replaced uses_keychain_proxy decorator with a clearer method.
* Cleanup the temp keyring dir using shutil.rmtree()
* Restored self._root_path (had been changed to self.root_path)
* Minor cleanup
* ensure_keychain_proxy() now throws if connect_to_keychain_and_validate() fails
* Plot key resolution now yields a PlotKeys object which can be passed into create_plots.
De-indented test_invalid_icc_sub_slot_vdf to keep git blame tidy.
* Added 'keyring_status' daemon RPC message to support the GUI
* Minor changes relating to PR feedback
* Addressed more PR feedback (mostly type annotations)
* Commented-out macOS file keyring usage. This can be re-enabled for testing purposes.
* Addressed test failures that require multiple keyrings in the same process. Each TempKeyring will now set a custom KeyringWrapper instance.
* Fixed logic for communicating user_passphrase_is_set in the keyring_status RPC response.
* Updated type annotations and method signature for set_passphrase to expect a string instead of bytes.
* Fixed Wallet RPC tests
* Fixed full_node_store tests. BlockTools should be created using the create_block_tools(_async) function(s)
* Fixed test failures in test_pool_rpc
* Fixed test_daemon. After BlockTools.setup_plots is run, the config file needs to be re-read to refresh stale plot_directories.
* Suppressing LGTM false positives regarding passphrase leakage in CLI error output. Seems that LGTM sees MIN_PASSPHRASE_LEN as sensitive data.
* Second attempt at suppressing LGTM false positives
* Third attempt at addressing LGTM false positives
* Removed test_keyring_wrapper param from Keychain ctor. Test setup now sets the keyring_wrapper property directly.
* Reformatting
* More targeted update of the test config to refresh just the "plot_directories" value
* More LGTM suppressions
Co-authored-by: Adam Kelly <338792+aqk@users.noreply.github.com>
Co-authored-by: wjblanke <wjb98672@gmail.com>
