traffic-selector: Avoid out-of-bound array access when calculating range

[people/ms/strongswan.git] / README.md

diff --git a/README.md b/README.md
index f26e59780ecb8ed5094c5fa667628b5f51b9baf4..b7e9841d23ff32afe06c5245516fbb321aeca3cb 100644 (file)
--- a/README.md
+++ b/README.md
@@ -8,8 +8,9 @@ This document is just a short introduction of the strongSwan **swanctl** command
 which uses the modern [**vici**](src/libcharon/plugins/vici/README.md) *Versatile
 IKE Configuration Interface*. The deprecated **ipsec** command using the legacy
 **stroke** configuration interface is described [**here**](README_LEGACY.md).
-For more detailed information consult the man pages and
-[**our wiki**](http://wiki.strongswan.org).
+For more detailed information consult the man pages, our new
+[**documentation site**](https://docs.strongswan.org) and the legacy
+[**wiki**](https://wiki.strongswan.org).
 
 
 ## Quickstart ##
@@ -57,7 +58,7 @@ Configuration on gateway _moon_:
                         local_ts  = 10.1.0.0/16
                         remote_ts = 10.2.0.0/16
                         start_action = trap
-                   }
+                    }
                 }
             }
         }
@@ -87,7 +88,7 @@ Configuration on gateway _sun_:
                         local_ts  = 10.2.0.0/16
                         remote_ts = 10.1.0.0/16
                         start_action = trap
-                   }
+                    }
                 }
             }
         }
@@ -116,7 +117,7 @@ connections we will use the default IPsec tunnel mode.
     | 192.168.0.1 | === | 192.168.0.2 |
          moon                sun
 
- Configuration on host _moon_:
+Configuration on host _moon_:
 
     /etc/swanctl/x509ca/strongswanCert.pem
     /etc/swanctl/x509/moonCert.pem
@@ -167,7 +168,7 @@ Configuration on host _sun_:
                 children {
                     host-host {
                         start_action = trap
-                   }
+                    }
                 }
             }
         }
@@ -215,7 +216,7 @@ Configuration on roadwarrior _carol_:
 
     /etc/swanctl/swanctl.conf:
 
-         connections {
+        connections {
             home {
                 remote_addrs = moon.strongswan.org
 
@@ -315,7 +316,7 @@ Configuration on roadwarrior _carol_:
 
     /etc/swanctl/swanctl.conf:
 
-         connections {
+        connections {
             home {
                 remote_addrs = moon.strongswan.org
                 vips = 0.0.0.0
@@ -378,16 +379,16 @@ Configuration on gateway _moon_:
 The  `swanctl.conf` file additionally contains a `secrets` section defining all
 client credentials
 
-       secrets {
-           eap-carol {
-               id = carol@strongswan.org
-               secret = Ar3etTnp
-           }
-           eap-dave {
-               id = dave@strongswan.org
-               secret = W7R0g3do
-           }
-       }
+        secrets {
+            eap-carol {
+                id = carol@strongswan.org
+                secret = Ar3etTnp
+            }
+            eap-dave {
+                id = dave@strongswan.org
+                secret = W7R0g3do
+            }
+        }
 
 Configuration on roadwarrior _carol_:
 
@@ -395,7 +396,7 @@ Configuration on roadwarrior _carol_:
 
     /etc/swanctl/swanctl.conf:
 
-         connections {
+        connections {
             home {
                 remote_addrs = moon.strongswan.org
 
@@ -416,12 +417,12 @@ Configuration on roadwarrior _carol_:
             }
         }
 
-       secrets {
-           eap-carol {
-               id = carol@strongswan.org
-               secret = Ar3etTnp
-           }
-       }
+        secrets {
+            eap-carol {
+                id = carol@strongswan.org
+                secret = Ar3etTnp
+            }
+        }
 
 
 ### Roadwarrior Case with EAP Identity ###
@@ -461,16 +462,16 @@ Configuration on gateway _moon_:
             }
         }
 
-       secrets {
-           eap-carol {
-               id = carol
-               secret = Ar3etTnp
-           }
-           eap-dave {
-               id = dave
-               secret = W7R0g3do
-           }
-       }
+        secrets {
+            eap-carol {
+                id = carol
+                secret = Ar3etTnp
+            }
+            eap-dave {
+                id = dave
+                secret = W7R0g3do
+            }
+        }
 
 Configuration on roadwarrior _carol_:
 
@@ -478,7 +479,7 @@ Configuration on roadwarrior _carol_:
 
     /etc/swanctl/swanctl.conf:
 
-         connections {
+        connections {
             home {
                 remote_addrs = moon.strongswan.org
 
@@ -499,12 +500,12 @@ Configuration on roadwarrior _carol_:
             }
         }
 
-       secrets {
-           eap-carol {
-               id = carol
-               secret = Ar3etTnp
-           }
-       }
+        secrets {
+            eap-carol {
+                id = carol
+                secret = Ar3etTnp
+            }
+        }
 
 
 ## Generating Certificates and CRLs ##
@@ -570,7 +571,7 @@ RSA or ECDSA private key. For details, refer to the TPM 2.0
 In a next step the command
 
     pki --req --type priv --in moonKey.pem \
-              --dn "C=CH, O=strongswan, CN=moon.strongswan.org \
+              --dn "C=CH, O=strongswan, CN=moon.strongswan.org" \
               --san moon.strongswan.org --outform pem > moonReq.pem
 
 creates a PKCS#10 certificate request that has to be signed by the CA.