The Open1X project is dedicated to bringing a free, open source 802.1X/WPA/WPA2/IEEE802.11i implementation to as many target platforms as possible.

Project News


*25 Sept 2010
Today, we are announcing an updated development release of XSupplicant. XSupplicant version 2.2.2 is a minor step toward a stable release that will support Linux (x86 and x64) along with Windows XP, Vista, and 7. The biggest change in this release is the release of the x64 version for Windows Vista, and Windows 7. Beyond that, there are a few minor bug fixes that come along with this version.

As usual, please report all bugs you find.

*16 Aug 2010
We are pleased to announce the latest development release of XSupplicant 2.2.1. There are a lot of new features and enhancements in this version. Among the the more interesting enhancments are the inclusion of support for Windows Vista and 7 (x86 for now, an x64 version will be out soon). This also includes support for IETF's Network Endpoint Assessment (NEA) standard.

The purpose of this development release is to get feedback on bugs so that we can work toward a new stable release with all of the new features. So please be sure to file bugs on when you find them.

*29 Jan 2010
Version 2.2.0 is now available. This is the latest stable release offering support for Windows XP, and Linux (both x86 and x64, with source available for building on other platforms). There were only minor changes between the 2.1.9 and 2.2.0 releases, so if 2.1.9 worked for you, 2.2.0 should as well. As usual, please report any bugs you find.

*05 Jan 2010
It has been a horribly long time since the last development release. But, it is time to get things rolling again for the new year. Development release 2.1.9 is now available, and contains bug fixes found since version 2.1.8. Please report any bugs you find. If no bugs are reported in the next week or two, this will be the next stable release.

*08 Jul 2009
Today marks the release of the 2.1.8 development version. This version has all of the features that will be in the 2.2.0 stable release. Since no new features will be added, all future code for this release will be bug fixes.

We need the help of everyone that has a few minutes to hammer on the code. Please, try it out, and file a bug for anything that breaks, so that we can have a really stable 2.2.0 release!

*08 May 2009
We are pleased to announce the release of the 2.1.7 development version. This version includes a lot of bug fixes and a few new features. Notable features include the ability to internationalize the UI using QT's linquist program, and the ability to build the supplicant on Linux again. The Linux version has a way to go before it has all of the same features that the Windows version has, but we hope to have that resolved within the next month or so. Please download the latest development version, try it out and file bugs for any issues you find!

If you will be attending Interop Las Vegas, please be sure to visit the booths of OpenSEA members. You can find Nortel in booth 1139, Tipping Point in booth 433, and Trapeze in booth 1275.

*10 Feb 2009
It has been a few months since the last development release, but hopefully it has been worth it. Today the development version of 2.1.6 is released! There are a huge number of fixes and feature additions in this version. Some of the more notable features include Machine Authentication, GINA integration (using pGINA), EAP-TLS support, and per user configurations. The complete list of feature additions and fixes is fairly long, so please look at the changelog or SVN log for complete details on what has changed. If you like to be on the bleeding edge, please download this version try it out, and report any bugs you find!

*10 Nov 2008
The 2.1.5 development version of XSupplicant has been released today. The only new feature is basic support for EAP-FAST. The EAP-FAST support is not fully interoperable yet, so its main purpose is to give a preview of the support, and to allow people to comment on it. Beyond that, this release fixes some bugs that were in the 2.1.4 release. Please see the change log, and release notes for more information.

*30 Jun 2008
Today brings a new development drop. The major new functionality in this drop is an almost complete redesign of the UI. The new UI has a lot of features that will make the supplicant easier to use. Among them is a configuration wizard, an "at-a-glance" list of available SSIDs, and a quick connect option from the tray icon. This is just a few of the new features the UI redesign will expose. Please give it a try, and let us know what you like, don't like, etc.

*09 Jun 2008
Work on the supplicant has been progressing at a reasonable pace. Since the last release, we have discovered and fixed a few more bugs, added some new features, and changed some of the underlying engine to work better across a range of machines. It is finally time to release a new development version that can be used to see the work that has been going on. To that end, we are proud to release the development (a.k.a. Unstable) version 2.1.1.

There are a couple of new features that are worth pointing out. First, we have enabled support for EAP-GTC. In our test environment, we have been able to successfully do a PEAP-GTC authentication using RSA SecurID tokens. Second, is network prioritization. The supplicant will now try to automatically connect to the best network that is currently available. Third, is the ability to have the supplicant disconnect the sessions when the user logs off. Fourth, is opportunisitic key caching. (Sometimes also called Proactive Key Caching) This will allow the supplicant to roam to new access points in a shorter amount of time, since a reauthentication may not be needed. And last, but certainly not least, is removal of the reliance on WMI. This last feature is something that most people won't notice. But, if you had problems running the older supplicant versions, this change will probably resolve those problems.

*04 Feb 2008
XSupplicant version 2.0.1 has been released. This release fixes bugs that have been found since the 2.0.0 release. It does not contain any new features.

In addition to the new release, there has been a lot of work taking place on the next version. First, the project management committe (PMC) decided to rename the codename from SeaMonkey to SeaAnt and to accept a letter ordering for all future codenames. So, along with SeaAnt, the two releases that will follow it are "SeaBadger", and "SeaCow". Second, the roadmap for SeaAnt has been approved by the PMC. Two versions are available. The "executive summary" version can be found here, a longer version with (really) rough timelines can be found here. Third, we have started to work on various pieces of documentation. All of the documentation will be included in future source drops, in addition to the documentation links in the SourceForge project.

Last, but not least, we have also decided to move away from CVS to Subversion. HEAD development (SeaAnt and beyond) is now using subversion. While making this cut over, we also took the opportunity to rearrange the source tree a little. There are now three main modules :

The 2.0.x code will continue to come out of the older CVS branches.

*14 Dec 2007
The Open1X group is pleased to announce the release of the 2.0.0 version. The 2.0.0 release marks the point that we have frozen the development on this branch and find it stable for our use. All new development will now be taking place on the next release with is code named "SeaMonkey". We do expect to release additional versions of 2.0, but they will only be bug fix releases, there will be no additional functionality added to 2.0.

That said, there were a couple of new features added between the 1.9.8 release and the 2.0 release. They were generally small additions that addressed usability and clarity issues. Some of these additions include a plug-in that can be used to gather data to help us solve problems that people may have. By right-clicking the tray icon, you can new select "Create Trouble Ticket". This will create a zip file that contains information that you should attach to any bugs that get filed. Another addition is the ability to import trusted root certificates in to the proper certificate store, and some fixes to how certificate chains are handled. We have also added a significant number of wireless utilities that we are able to detect and help users disable.

Because the work in this development cycle has been focused on getting a working version for Windows, we suggest that Linux users continue to use the 1.2.8 version. However, Linux users should also be aware that getting the Linux version caught up with the changes that were added to Windows is at the top of our priority list. Once we have something that is working for us, we will start to put out development releases again.

*03 Dec 2007
XSupplicant 1.9.8 has been unleashed. As with the other 1.9 versions the latest development release comes complete with a bunch of bug fixes. Notable bugs that have been fixed include a protocol driver fix that could cause a blue screen when used with really old network interface drivers. And removal of the EKU restrictions on root CA certificates. (In English : You can use ANY root CA certificate now. Even if it doesn't have the special attributes that the Microsoft supplicant requires.) The on-line help file has also been finished. Other issues that have been resolved are listed in the changelog.

*21 Nov 2007
It has been a few weeks since the last development release. But, it is time for another one. Along with the usual set of small bugs that were fixed, there are a few larger more noteworthy bugs that are fixed in this version. This development release brings us a fix for running on Windows XP Home, control over how and when log files get rolled, and better support for hidden networks. Check out the change log for a better list of what has changed.

*29 Oct 2007
There have been a few changes over the last week, all leading up to this latest release. First, we added the ugly button at the top of the web page to help people get to the download area more easily. Our web designer is working on something that blends in to the over-all look of the site, but until then the ugly button should do the trick. Second, the new version has a VERY important fix in it. This version should be able to properly do PEAP authentication again the Microsoft IAS server that is included with Windows 2003 Server. So, if you have had problems authenticating against IAS, please give this latest build a try and let us know if you have any problems.

*15 Oct 2007
A new development release was put out on the servers a couple of days ago, but I am just now getting around to updating the web site. This release includes several bug fixes for issues that people have reported, and one new feature. The new feature is a change in how priorities work on different types of adapters. Wired adapters are no longer listed in the priorities window, since the priorities didn't do anything on wired anyway. An a new option is available in Advanced Settings. The "Wired Default" setting allows you to select a wired Connection to always try to connect to whenever the service is started. You should check out the changelog to see most of the bug fixes that were made.

There has also been a lot of work going on in CVS HEAD on the next version. The next version is code named "Sea Monkey". The feature set for Sea Monkey is still unclear. But, there has been work done already to port the UI to Linux, and Mac OS X. There are still some issues to hammer out before it is usable on those platforms, but we are getting there.

Which brings me to one of the things we are working on behind the scenes. We are starting work on developing a wish list of features. We will be soliciting feature requests from OpenSEA members directly, but we also want to hear from the rest of the community. What features would you like to see added to the supplicant? We plan to compile the list of requested features on a web site, and then scratch them off the list as we go.

*07 Oct 2007
We have started to get feedback on the various development releases that we have put out so far. As a result, we have some additional work to do. To this end, we have decided not to put out a new release this week. However, today we released the source code to the UI. We plan to resume weekly releases next week.

About 802.1X


IEEE 802.1x is a port based authentication protocol. It can be used in *any* scenario where one can abstract out the notion of a port. It requires entitie(s) to play three roles in the authentication process: that of an supplicant, an authenticator and an authentication server. The diagram below shows the basic scenario.

A Port Access Entity (PAE) is an entity that has access or is capable of gaining or controlling access to some port which offers some services. When applied to IEEE 802.11, the Access Point acts as an authenticator, while a wireless station (laptop etc) is the supplicant which is authenticated by the RADIUS server (Authentication Server).