From cb0b44341647f855b0ee1971558d3034694f74d5 Mon Sep 17 00:00:00 2001 From: Dan Aschwanden Date: Fri, 5 Dec 2025 13:07:20 +0000 Subject: [PATCH 1/4] Updates credentials config --- .../fleetspeak-server/components.textproto | 2 +- .../config/fleetspeak.textproto | 2 +- .../cleartext-header-mode/docker-compose.yaml | 4 +- .../fleetspeak-server/components.textproto | 2 +- .../config/fleetspeak.textproto | 2 +- .../cleartext-xfcc-mode/docker-compose.yaml | 4 +- sandboxes/createConfig.sh | 27 +++++ .../fleetspeak-server/components.textproto | 2 +- .../config/fleetspeak.textproto | 2 +- .../direct-mtls-mode/docker-compose.yaml | 4 +- .../fleetspeak-server/components.textproto | 2 +- .../config/fleetspeak.textproto | 2 +- .../https-header-mode/docker-compose.yaml | 4 +- .../fleetspeak-server/components.textproto | 2 +- .../config/fleetspeak.textproto | 2 +- .../passthrough-mode/docker-compose.yaml | 4 +- sandboxes/sandboxes/README.md | 96 +++++++++++++++ .../sandboxes/cleartext-header-mode/README.md | 83 +++++++++++++ .../config/fleetspeak-client/communicator.txt | 1 + .../config/fleetspeak-client/config.textproto | 9 ++ .../textservices/hello.service | 8 ++ .../fleetspeak-server/components.textproto | 19 +++ .../fleetspeak-server/services.textproto | 10 ++ .../config/fleetspeak.textproto | 25 ++++ .../cleartext-header-mode/config/hello.py | 41 +++++++ .../cleartext-header-mode/config/hello.sh | 2 + .../cleartext-header-mode/docker-compose.yaml | 65 ++++++++++ .../envoy-https-http.yaml | 110 +++++++++++++++++ .../sandboxes/cleartext-xfcc-mode/README.md | 76 ++++++++++++ .../config/fleetspeak-client/communicator.txt | 1 + .../config/fleetspeak-client/config.textproto | 8 ++ .../textservices/hello.service | 8 ++ .../fleetspeak-server/components.textproto | 18 +++ .../fleetspeak-server/services.textproto | 10 ++ .../config/fleetspeak.textproto | 25 ++++ .../cleartext-xfcc-mode/config/hello.py | 41 +++++++ .../cleartext-xfcc-mode/config/hello.sh | 2 + .../cleartext-xfcc-mode/docker-compose.yaml | 63 ++++++++++ .../cleartext-xfcc-mode/envoy-https-http.yaml | 77 ++++++++++++ sandboxes/sandboxes/createConfig.sh | 65 ++++++++++ .../diagrams/cleartextHeaderMode_355.png | Bin 0 -> 38835 bytes .../diagrams/cleartextXfccMode_355.png | Bin 0 -> 35686 bytes .../sandboxes/diagrams/directMode_355.png | Bin 0 -> 28166 bytes .../diagrams/httpsHeaderMode_355.png | Bin 0 -> 37799 bytes .../diagrams/passthroughMode_355.png | Bin 0 -> 37088 bytes .../sandboxes/direct-mtls-mode/README.md | 58 +++++++++ .../config/fleetspeak-client/communicator.txt | 1 + .../config/fleetspeak-client/config.textproto | 8 ++ .../textservices/hello.service | 8 ++ .../fleetspeak-server/components.textproto | 13 ++ .../fleetspeak-server/services.textproto | 10 ++ .../config/fleetspeak.textproto | 25 ++++ .../direct-mtls-mode/config/hello.py | 41 +++++++ .../direct-mtls-mode/config/hello.sh | 2 + .../direct-mtls-mode/docker-compose.yaml | 53 ++++++++ .../sandboxes/https-header-mode/README.md | 81 +++++++++++++ .../config/fleetspeak-client/communicator.txt | 1 + .../config/fleetspeak-client/config.textproto | 9 ++ .../textservices/hello.service | 8 ++ .../fleetspeak-server/components.textproto | 19 +++ .../fleetspeak-server/services.textproto | 10 ++ .../config/fleetspeak.textproto | 25 ++++ .../https-header-mode/config/hello.py | 41 +++++++ .../https-header-mode/config/hello.sh | 2 + .../https-header-mode/docker-compose.yaml | 63 ++++++++++ .../https-header-mode/envoy-https-https.yaml | 114 ++++++++++++++++++ .../sandboxes/passthrough-mode/README.md | 59 +++++++++ .../config/fleetspeak-client/communicator.txt | 1 + .../config/fleetspeak-client/config.textproto | 8 ++ .../textservices/hello.service | 8 ++ .../fleetspeak-server/components.textproto | 13 ++ .../fleetspeak-server/services.textproto | 10 ++ .../config/fleetspeak.textproto | 25 ++++ .../passthrough-mode/config/hello.py | 41 +++++++ .../passthrough-mode/config/hello.sh | 2 + .../passthrough-mode/docker-compose.yaml | 65 ++++++++++ .../envoy-https-passthrough.yaml | 27 +++++ sandboxes/sandboxes/shared/envoy/Dockerfile | 98 +++++++++++++++ .../shared/fleetspeak-client/Dockerfile | 34 ++++++ sandboxes/sandboxes/shared/greeter/Dockerfile | 34 ++++++ sandboxes/sandboxes/shared/greeter/greeter.py | 60 +++++++++ 81 files changed, 1987 insertions(+), 20 deletions(-) create mode 100644 sandboxes/sandboxes/README.md create mode 100644 sandboxes/sandboxes/cleartext-header-mode/README.md create mode 100644 sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-client/communicator.txt create mode 100644 sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-client/config.textproto create mode 100644 sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-client/textservices/hello.service create mode 100644 sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-server/components.textproto create mode 100644 sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-server/services.textproto create mode 100644 sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak.textproto create mode 100644 sandboxes/sandboxes/cleartext-header-mode/config/hello.py create mode 100755 sandboxes/sandboxes/cleartext-header-mode/config/hello.sh create mode 100644 sandboxes/sandboxes/cleartext-header-mode/docker-compose.yaml create mode 100644 sandboxes/sandboxes/cleartext-header-mode/envoy-https-http.yaml create mode 100644 sandboxes/sandboxes/cleartext-xfcc-mode/README.md create mode 100644 sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-client/communicator.txt create mode 100644 sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-client/config.textproto create mode 100644 sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-client/textservices/hello.service create mode 100644 sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-server/components.textproto create mode 100644 sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-server/services.textproto create mode 100644 sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak.textproto create mode 100644 sandboxes/sandboxes/cleartext-xfcc-mode/config/hello.py create mode 100755 sandboxes/sandboxes/cleartext-xfcc-mode/config/hello.sh create mode 100644 sandboxes/sandboxes/cleartext-xfcc-mode/docker-compose.yaml create mode 100644 sandboxes/sandboxes/cleartext-xfcc-mode/envoy-https-http.yaml create mode 100755 sandboxes/sandboxes/createConfig.sh create mode 100644 sandboxes/sandboxes/diagrams/cleartextHeaderMode_355.png create mode 100644 sandboxes/sandboxes/diagrams/cleartextXfccMode_355.png create mode 100644 sandboxes/sandboxes/diagrams/directMode_355.png create mode 100644 sandboxes/sandboxes/diagrams/httpsHeaderMode_355.png create mode 100644 sandboxes/sandboxes/diagrams/passthroughMode_355.png create mode 100644 sandboxes/sandboxes/direct-mtls-mode/README.md create mode 100644 sandboxes/sandboxes/direct-mtls-mode/config/fleetspeak-client/communicator.txt create mode 100644 sandboxes/sandboxes/direct-mtls-mode/config/fleetspeak-client/config.textproto create mode 100644 sandboxes/sandboxes/direct-mtls-mode/config/fleetspeak-client/textservices/hello.service create mode 100644 sandboxes/sandboxes/direct-mtls-mode/config/fleetspeak-server/components.textproto create mode 100644 sandboxes/sandboxes/direct-mtls-mode/config/fleetspeak-server/services.textproto create mode 100644 sandboxes/sandboxes/direct-mtls-mode/config/fleetspeak.textproto create mode 100644 sandboxes/sandboxes/direct-mtls-mode/config/hello.py create mode 100755 sandboxes/sandboxes/direct-mtls-mode/config/hello.sh create mode 100644 sandboxes/sandboxes/direct-mtls-mode/docker-compose.yaml create mode 100644 sandboxes/sandboxes/https-header-mode/README.md create mode 100644 sandboxes/sandboxes/https-header-mode/config/fleetspeak-client/communicator.txt create mode 100644 sandboxes/sandboxes/https-header-mode/config/fleetspeak-client/config.textproto create mode 100644 sandboxes/sandboxes/https-header-mode/config/fleetspeak-client/textservices/hello.service create mode 100644 sandboxes/sandboxes/https-header-mode/config/fleetspeak-server/components.textproto create mode 100644 sandboxes/sandboxes/https-header-mode/config/fleetspeak-server/services.textproto create mode 100644 sandboxes/sandboxes/https-header-mode/config/fleetspeak.textproto create mode 100644 sandboxes/sandboxes/https-header-mode/config/hello.py create mode 100755 sandboxes/sandboxes/https-header-mode/config/hello.sh create mode 100644 sandboxes/sandboxes/https-header-mode/docker-compose.yaml create mode 100644 sandboxes/sandboxes/https-header-mode/envoy-https-https.yaml create mode 100644 sandboxes/sandboxes/passthrough-mode/README.md create mode 100644 sandboxes/sandboxes/passthrough-mode/config/fleetspeak-client/communicator.txt create mode 100644 sandboxes/sandboxes/passthrough-mode/config/fleetspeak-client/config.textproto create mode 100644 sandboxes/sandboxes/passthrough-mode/config/fleetspeak-client/textservices/hello.service create mode 100644 sandboxes/sandboxes/passthrough-mode/config/fleetspeak-server/components.textproto create mode 100644 sandboxes/sandboxes/passthrough-mode/config/fleetspeak-server/services.textproto create mode 100644 sandboxes/sandboxes/passthrough-mode/config/fleetspeak.textproto create mode 100644 sandboxes/sandboxes/passthrough-mode/config/hello.py create mode 100755 sandboxes/sandboxes/passthrough-mode/config/hello.sh create mode 100644 sandboxes/sandboxes/passthrough-mode/docker-compose.yaml create mode 100644 sandboxes/sandboxes/passthrough-mode/envoy-https-passthrough.yaml create mode 100644 sandboxes/sandboxes/shared/envoy/Dockerfile create mode 100644 sandboxes/sandboxes/shared/fleetspeak-client/Dockerfile create mode 100644 sandboxes/sandboxes/shared/greeter/Dockerfile create mode 100644 sandboxes/sandboxes/shared/greeter/greeter.py diff --git a/sandboxes/cleartext-header-mode/config/fleetspeak-server/components.textproto b/sandboxes/cleartext-header-mode/config/fleetspeak-server/components.textproto index 915d61b5..a6fbfbe8 100644 --- a/sandboxes/cleartext-header-mode/config/fleetspeak-server/components.textproto +++ b/sandboxes/cleartext-header-mode/config/fleetspeak-server/components.textproto @@ -1,4 +1,4 @@ -mysql_data_source_name:"fleetspeak-user:fleetspeak-password@tcp(mysql-server:3306)/fleetspeak" +mysql_data_source_name:"fleetspeak-user:FS_PASSWORD@tcp(mysql-server:3306)/fleetspeak" https_config: { listen_address: "0.0.0.0:9090" certificates:"FRONTEND_CERTIFICATE" diff --git a/sandboxes/cleartext-header-mode/config/fleetspeak.textproto b/sandboxes/cleartext-header-mode/config/fleetspeak.textproto index 4df1919f..ab47c9ba 100644 --- a/sandboxes/cleartext-header-mode/config/fleetspeak.textproto +++ b/sandboxes/cleartext-header-mode/config/fleetspeak.textproto @@ -2,7 +2,7 @@ configuration_name: "Example" components_config { - mysql_data_source_name: "fleetspeak-user:fleetspeak-password@tcp(mysql-server:3306)/fleetspeak" + mysql_data_source_name: "fleetspeak-user:FS_PASSWORD@tcp(mysql-server:3306)/fleetspeak" https_config { listen_address: "fleetspeak-server:9090" diff --git a/sandboxes/cleartext-header-mode/docker-compose.yaml b/sandboxes/cleartext-header-mode/docker-compose.yaml index 792fb441..7d07c0b3 100644 --- a/sandboxes/cleartext-header-mode/docker-compose.yaml +++ b/sandboxes/cleartext-header-mode/docker-compose.yaml @@ -7,8 +7,8 @@ services: environment: MYSQL_DATABASE: 'fleetspeak' MYSQL_USER: 'fleetspeak-user' - MYSQL_PASSWORD: 'fleetspeak-password' - MYSQL_ROOT_PASSWORD: 'password' + MYSQL_PASSWORD: 'FS_PASSWORD' + MYSQL_ROOT_PASSWORD: 'FS_SQL_PASSWORD' ports: - '3306:3306' expose: diff --git a/sandboxes/cleartext-xfcc-mode/config/fleetspeak-server/components.textproto b/sandboxes/cleartext-xfcc-mode/config/fleetspeak-server/components.textproto index 29759876..c656384d 100644 --- a/sandboxes/cleartext-xfcc-mode/config/fleetspeak-server/components.textproto +++ b/sandboxes/cleartext-xfcc-mode/config/fleetspeak-server/components.textproto @@ -1,4 +1,4 @@ -mysql_data_source_name:"fleetspeak-user:fleetspeak-password@tcp(mysql-server:3306)/fleetspeak" +mysql_data_source_name:"fleetspeak-user:FS_PASSWORD@tcp(mysql-server:3306)/fleetspeak" https_config: { listen_address: "0.0.0.0:9090" certificates:"FRONTEND_CERTIFICATE" diff --git a/sandboxes/cleartext-xfcc-mode/config/fleetspeak.textproto b/sandboxes/cleartext-xfcc-mode/config/fleetspeak.textproto index 4df1919f..ab47c9ba 100644 --- a/sandboxes/cleartext-xfcc-mode/config/fleetspeak.textproto +++ b/sandboxes/cleartext-xfcc-mode/config/fleetspeak.textproto @@ -2,7 +2,7 @@ configuration_name: "Example" components_config { - mysql_data_source_name: "fleetspeak-user:fleetspeak-password@tcp(mysql-server:3306)/fleetspeak" + mysql_data_source_name: "fleetspeak-user:FS_PASSWORD@tcp(mysql-server:3306)/fleetspeak" https_config { listen_address: "fleetspeak-server:9090" diff --git a/sandboxes/cleartext-xfcc-mode/docker-compose.yaml b/sandboxes/cleartext-xfcc-mode/docker-compose.yaml index 459401ed..cf9d0180 100644 --- a/sandboxes/cleartext-xfcc-mode/docker-compose.yaml +++ b/sandboxes/cleartext-xfcc-mode/docker-compose.yaml @@ -7,8 +7,8 @@ services: environment: MYSQL_DATABASE: 'fleetspeak' MYSQL_USER: 'fleetspeak-user' - MYSQL_PASSWORD: 'fleetspeak-password' - MYSQL_ROOT_PASSWORD: 'password' + MYSQL_PASSWORD: 'FS_PASSWORD' + MYSQL_ROOT_PASSWORD: 'FS_SQL_PASSWORD' ports: - '3306:3306' expose: diff --git a/sandboxes/createConfig.sh b/sandboxes/createConfig.sh index 329946d6..011b4a9c 100755 --- a/sandboxes/createConfig.sh +++ b/sandboxes/createConfig.sh @@ -36,3 +36,30 @@ cp cert.pem key.pem ./cleartext-xfcc-mode/ cp cert.pem key.pem ./direct-mtls-mode/ cp cert.pem key.pem ./https-header-mode/ cp cert.pem key.pem ./passthrough-mode/ + +MYSQL_PASSWORD=$(LC_ALL=C tr -dc 'A-Za-z0-9@%*+,-./' < /dev/urandom 2>/dev/null | head -c 16) +FLEETSPEAK_PASSWORD=$(LC_ALL=C tr -dc 'A-Za-z0-9@%*+,-./' < /dev/urandom 2>/dev/null | head -c 16) + +sed -i 's@FS_SQL_PASSWORD@'"$MYSQL_PASSWORD"'@' ./cleartext-header-mode/docker-compose.yaml +sed -i 's@FS_SQL_PASSWORD@'"$MYSQL_PASSWORD"'@' ./cleartext-xfcc-mode/docker-compose.yaml +sed -i 's@FS_SQL_PASSWORD@'"$MYSQL_PASSWORD"'@' ./direct-mtls-mode/docker-compose.yaml +sed -i 's@FS_SQL_PASSWORD@'"$MYSQL_PASSWORD"'@' ./https-header-mode/docker-compose.yaml +sed -i 's@FS_SQL_PASSWORD@'"$MYSQL_PASSWORD"'@' ./passthrough-mode/docker-compose.yaml + +sed -i 's@FS_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./cleartext-header-mode/docker-compose.yaml +sed -i 's@FS_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./cleartext-xfcc-mode/docker-compose.yaml +sed -i 's@FS_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./direct-mtls-mode/docker-compose.yaml +sed -i 's@FS_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./https-header-mode/docker-compose.yaml +sed -i 's@FS_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./passthrough-mode/docker-compose.yaml + +sed -i 's@FS_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./cleartext-header-mode/config/fleetspeak-server/components.textproto +sed -i 's@FS_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./cleartext-xfcc-mode/config/fleetspeak-server/components.textproto +sed -i 's@FS_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./direct-mtls-mode/config/fleetspeak-server/components.textproto +sed -i 's@FS_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./https-header-mode/config/fleetspeak-server/components.textproto +sed -i 's@FS_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./passthrough-mode/config/fleetspeak-server/components.textproto + +sed -i 's@FS_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./cleartext-header-mode/config/fleetspeak.textproto +sed -i 's@FS_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./cleartext-xfcc-mode/config/fleetspeak.textproto +sed -i 's@FS_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./direct-mtls-mode/config/fleetspeak.textproto +sed -i 's@FS_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./https-header-mode/config/fleetspeak.textproto +sed -i 's@FS_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./passthrough-mode/config/fleetspeak.textproto diff --git a/sandboxes/direct-mtls-mode/config/fleetspeak-server/components.textproto b/sandboxes/direct-mtls-mode/config/fleetspeak-server/components.textproto index fc272df1..e692cc75 100644 --- a/sandboxes/direct-mtls-mode/config/fleetspeak-server/components.textproto +++ b/sandboxes/direct-mtls-mode/config/fleetspeak-server/components.textproto @@ -1,4 +1,4 @@ -mysql_data_source_name:"fleetspeak-user:fleetspeak-password@tcp(mysql-server:3306)/fleetspeak" +mysql_data_source_name:"fleetspeak-user:FS_PASSWORD@tcp(mysql-server:3306)/fleetspeak" https_config: { listen_address: "0.0.0.0:9090" certificates:"FRONTEND_CERTIFICATE" diff --git a/sandboxes/direct-mtls-mode/config/fleetspeak.textproto b/sandboxes/direct-mtls-mode/config/fleetspeak.textproto index 4df1919f..ab47c9ba 100644 --- a/sandboxes/direct-mtls-mode/config/fleetspeak.textproto +++ b/sandboxes/direct-mtls-mode/config/fleetspeak.textproto @@ -2,7 +2,7 @@ configuration_name: "Example" components_config { - mysql_data_source_name: "fleetspeak-user:fleetspeak-password@tcp(mysql-server:3306)/fleetspeak" + mysql_data_source_name: "fleetspeak-user:FS_PASSWORD@tcp(mysql-server:3306)/fleetspeak" https_config { listen_address: "fleetspeak-server:9090" diff --git a/sandboxes/direct-mtls-mode/docker-compose.yaml b/sandboxes/direct-mtls-mode/docker-compose.yaml index 81ccb81f..1c3a52ad 100644 --- a/sandboxes/direct-mtls-mode/docker-compose.yaml +++ b/sandboxes/direct-mtls-mode/docker-compose.yaml @@ -7,8 +7,8 @@ services: environment: MYSQL_DATABASE: 'fleetspeak' MYSQL_USER: 'fleetspeak-user' - MYSQL_PASSWORD: 'fleetspeak-password' - MYSQL_ROOT_PASSWORD: 'password' + MYSQL_PASSWORD: 'FS_PASSWORD' + MYSQL_ROOT_PASSWORD: 'FS_SQL_PASSWORD' ports: - '3306:3306' expose: diff --git a/sandboxes/https-header-mode/config/fleetspeak-server/components.textproto b/sandboxes/https-header-mode/config/fleetspeak-server/components.textproto index 9c122eba..d74c0d32 100644 --- a/sandboxes/https-header-mode/config/fleetspeak-server/components.textproto +++ b/sandboxes/https-header-mode/config/fleetspeak-server/components.textproto @@ -1,4 +1,4 @@ -mysql_data_source_name:"fleetspeak-user:fleetspeak-password@tcp(mysql-server:3306)/fleetspeak" +mysql_data_source_name:"fleetspeak-user:FS_PASSWORD@tcp(mysql-server:3306)/fleetspeak" https_config: { listen_address: "0.0.0.0:9090" certificates:"FRONTEND_CERTIFICATE" diff --git a/sandboxes/https-header-mode/config/fleetspeak.textproto b/sandboxes/https-header-mode/config/fleetspeak.textproto index 4df1919f..ab47c9ba 100644 --- a/sandboxes/https-header-mode/config/fleetspeak.textproto +++ b/sandboxes/https-header-mode/config/fleetspeak.textproto @@ -2,7 +2,7 @@ configuration_name: "Example" components_config { - mysql_data_source_name: "fleetspeak-user:fleetspeak-password@tcp(mysql-server:3306)/fleetspeak" + mysql_data_source_name: "fleetspeak-user:FS_PASSWORD@tcp(mysql-server:3306)/fleetspeak" https_config { listen_address: "fleetspeak-server:9090" diff --git a/sandboxes/https-header-mode/docker-compose.yaml b/sandboxes/https-header-mode/docker-compose.yaml index b92cbd07..722548a9 100644 --- a/sandboxes/https-header-mode/docker-compose.yaml +++ b/sandboxes/https-header-mode/docker-compose.yaml @@ -7,8 +7,8 @@ services: environment: MYSQL_DATABASE: 'fleetspeak' MYSQL_USER: 'fleetspeak-user' - MYSQL_PASSWORD: 'fleetspeak-password' - MYSQL_ROOT_PASSWORD: 'password' + MYSQL_PASSWORD: 'FS_PASSWORD' + MYSQL_ROOT_PASSWORD: 'FS_SQL_PASSWORD' ports: - '3306:3306' expose: diff --git a/sandboxes/passthrough-mode/config/fleetspeak-server/components.textproto b/sandboxes/passthrough-mode/config/fleetspeak-server/components.textproto index fc272df1..e692cc75 100644 --- a/sandboxes/passthrough-mode/config/fleetspeak-server/components.textproto +++ b/sandboxes/passthrough-mode/config/fleetspeak-server/components.textproto @@ -1,4 +1,4 @@ -mysql_data_source_name:"fleetspeak-user:fleetspeak-password@tcp(mysql-server:3306)/fleetspeak" +mysql_data_source_name:"fleetspeak-user:FS_PASSWORD@tcp(mysql-server:3306)/fleetspeak" https_config: { listen_address: "0.0.0.0:9090" certificates:"FRONTEND_CERTIFICATE" diff --git a/sandboxes/passthrough-mode/config/fleetspeak.textproto b/sandboxes/passthrough-mode/config/fleetspeak.textproto index 4df1919f..ab47c9ba 100644 --- a/sandboxes/passthrough-mode/config/fleetspeak.textproto +++ b/sandboxes/passthrough-mode/config/fleetspeak.textproto @@ -2,7 +2,7 @@ configuration_name: "Example" components_config { - mysql_data_source_name: "fleetspeak-user:fleetspeak-password@tcp(mysql-server:3306)/fleetspeak" + mysql_data_source_name: "fleetspeak-user:FS_PASSWORD@tcp(mysql-server:3306)/fleetspeak" https_config { listen_address: "fleetspeak-server:9090" diff --git a/sandboxes/passthrough-mode/docker-compose.yaml b/sandboxes/passthrough-mode/docker-compose.yaml index 3fabf2d3..23b2cfa4 100644 --- a/sandboxes/passthrough-mode/docker-compose.yaml +++ b/sandboxes/passthrough-mode/docker-compose.yaml @@ -7,8 +7,8 @@ services: environment: MYSQL_DATABASE: 'fleetspeak' MYSQL_USER: 'fleetspeak-user' - MYSQL_PASSWORD: 'fleetspeak-password' - MYSQL_ROOT_PASSWORD: 'password' + MYSQL_PASSWORD: 'FS_PASSWORD' + MYSQL_ROOT_PASSWORD: 'FS_SQL_PASSWORD' ports: - '3306:3306' expose: diff --git a/sandboxes/sandboxes/README.md b/sandboxes/sandboxes/README.md new file mode 100644 index 00000000..e4909a3a --- /dev/null +++ b/sandboxes/sandboxes/README.md @@ -0,0 +1,96 @@ +# Frontend mode Sandboxes + +We have created a number of sandboxes using Docker Compose that set up +environments to test out Fleetspeak’s frontend mode features and show sample +configurations. + +These can be used to learn about Fleetspeak's frontend mode options and how to +model your own configurations. The sandboxes use a containerised version of the +Fleetspeak demo setup described in the +[guide documentation page](https://github.com/google/fleetspeak/blob/master/docs/guide.md). + +Before you begin you will need to install the sandbox environment. + +## Setup the sandbox environment + +- [Install Docker](#install-docker) +- [Install docker compose](#install-docker-compose) +- [Install Git](#install-git) +- [Clone the Fleetspeak repository](#clone-the-fleetspeak-repository) +- [Create Configurations](#create-configurations) +- [Build test app](#build-test-app) + +## The following sandboxes are available + +- [Direct mTLS mode](./direct-mtls-mode) + - end-to-end mTLS + - Fleetspeak's original design +- [Passthrough mode](./passthrough-mode) + - TCP proxy passthrough +- [HTTPS header mode](./https-header-mode) + - L7 proxy terminates mTLS connection + - Proxy passes client side certificate and checksum via HTTP headers + - TLS connection from proxy to Fleetspeak +- [Cleartext header mode](./cleartext-header-mode) + - L7 proxy terminates mTLS connection + - Proxy passes client side certificate and checksum via HTTP headers + - Cleartext connection from proxy to Fleetspeak +- [Cleartext xfcc mode](./cleartext-xfcc-mode) + - L7 proxy terminates mTLS connection + - Proxy passes client side certificate and via HTTP header + - Cleartext connection from proxy to Fleetspeak + +## Setup instructions + +### Install docker + +Ensure that you have a recent versions of `docker` installed. + +You will need a minimum version of `19.03.0+`. + +Version `20.10` is well tested, and has the benefit of included `compose`. + +The user account running the examples will need to have permission to use Docker +on your system. + +Full instructions for installing Docker can be found on the +[Docker website](https://docs.docker.com/get-docker/). + +### Install docker compose + +The examples use +[Docker compose configuration version 3.8](https://docs.docker.com/compose/compose-file/compose-versioning/#version-38). + +You will need to a fairly recent version of +[Docker Compose](https://docs.docker.com/compose/). + +### Install Git + +The Fleetspeak project repository is managed using [Git](https://git-scm.com/). + +You can +[find instructions for installing Git on various operating systems here](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git). + +### Clone the Fleetspeak repository + +If you have not cloned the Fleetspeak repository already, clone it with: + +``` +git clone https://github.com/google/fleetspeak +``` + +### Create configurations + +``` +cd fleetspeak/sandboxes +./createConfig.sh +cd - +``` + +### Build test app + +``` +cd fleetspeak/sandboxes/shared/greeter/ +docker build -t greeter . +cd - +``` diff --git a/sandboxes/sandboxes/cleartext-header-mode/README.md b/sandboxes/sandboxes/cleartext-header-mode/README.md new file mode 100644 index 00000000..3f5ae5c7 --- /dev/null +++ b/sandboxes/sandboxes/cleartext-header-mode/README.md @@ -0,0 +1,83 @@ +# Cleartext Header Mode + +## Introduction + +This sandbox demonstrates how to run Fleetspeak in 'cleartext header mode'. + +The Fleetspeak frontend (the server) is using the Fleetspeak client's +certficiate to identify it by deriving the client id from the certficiate. + +In cases where the mTLS connection is terminated on a load balancer between the +Fleetspeak client and the Fleetspeak server the client certificate has to be +forwarded by other means. + +This sandbox demonstrates how this can be achieved by adding the certificate +into an additional header (the `client_certificate_header` in the diagram +below). + +Furthermore, this sandbox also demonstrates how the client certificate checksum +(the `client_certificate_checksum_header` in the diagram below) that the load +balancers provide can be used to verify that the certificate received in the +additional header is the same that the load balancer received during the mTLS +exchange. \ +Additional information on how the checksum is derived from the certificate can +be +[found here](https://datatracker.ietf.org/doc/html/draft-ietf-oauth-mtls-17#section-3.1). + +The setup in this sandbox with the Fleetspeak frontend running in cleartext mode +would be useful for cases where the Fleetspeak server is operated in a Service +Mesh environment. + +![Cleartext Header Mode](../diagrams/cleartextHeaderMode_355.png "Cleartext Header Mode") + +## Setup + +Before you run the commands below make sure that you successfully executed the +steps outlined in the [setup instructions](../../sandboxes#setup-instructions). + +## Bring up the test environment + +``` +docker compose up --build -d + + ✔ Network cleartext-header-mode_default Created 0.1s + ✔ Container cleartext-header-mode-front-envoy-1 Started 0.1s + ✔ Container cleartext-header-mode-mysql-server-1 Healthy 0.1s + ✔ Container cleartext-header-mode-fleetspeak-server-1 Healthy 0.0s + ✔ Container cleartext-header-mode-fleetspeak-client-1 Started 0.0s +``` + +## Find the client id + +``` +docker logs cleartext-header-mode-fleetspeak-client-1 +# The output should look similar to the below + +# config.go:44] Read 1 trusted certificates. +# manager.go:103] initial load of writeback failed (continuing): open /fleetspeak-client.state: no such file or directory +# manager.go:165] Using new client id: **768dbfef556d2341** +# client.go:175] No signed service configs could be read; continuing: invalid signed services directory path: unable to stat path [/config/fleetspeak-client/services]: stat /config/fleetspeak-client/services: no such file or directory +services.go:146] Started service hello with config: +# name:"hello" factory:"Daemon" config:{[type.googleapis.com/fleetspeak.daemonservice.Config]:{argv:"/venv/FSENV/bin/python" argv:"/config/hello.py"}} +# system_service.go:251] Unable to get revoked certificate list: unable to retrieve file, last attempt failed with: failed with http response code: 404 + +# Run the test app container +docker run -it --name greeter --network cleartext-header-mode_default -p 1337:1337 --rm greeter bash +``` + +## Run the test app + +``` +# In the above find the client id and export it in a variable +export CLIENT_ID=**768dbfef556d2341** + +# Start the test app, when it runs add your input and hit enter. You should see the string being ecohed. +/venv/FSENV/bin/python ./greeter.py --client_id=$CLIENT_ID --fleetspeak_message_listen_address="0.0.0.0:1337" \ + --fleetspeak_server="fleetspeak-server:9091" --alsologtostderr +``` + +## Bring down the test environment + +``` +docker compose down +``` diff --git a/sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-client/communicator.txt b/sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-client/communicator.txt new file mode 100644 index 00000000..758ec85e --- /dev/null +++ b/sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-client/communicator.txt @@ -0,0 +1 @@ +prefer_http2: true diff --git a/sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-client/config.textproto b/sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-client/config.textproto new file mode 100644 index 00000000..bfbabd54 --- /dev/null +++ b/sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-client/config.textproto @@ -0,0 +1,9 @@ +server: "fleetspeak-frontend:10000" +client_certificate_header: "client-certificate" +trusted_certs:"FRONTEND_CERTIFICATE" +client_label: "" +filesystem_handler: { + configuration_directory:"/config/fleetspeak-client" + state_file:"/fleetspeak-client.state" +} +streaming:true diff --git a/sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-client/textservices/hello.service b/sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-client/textservices/hello.service new file mode 100644 index 00000000..dd8305da --- /dev/null +++ b/sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-client/textservices/hello.service @@ -0,0 +1,8 @@ +name: "hello" +factory: "Daemon" +config: { + [type.googleapis.com/fleetspeak.daemonservice.Config]: { + argv: "/venv/FSENV/bin/python" + argv: "/config/hello.py" + } +} diff --git a/sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-server/components.textproto b/sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-server/components.textproto new file mode 100644 index 00000000..45d8d3b9 --- /dev/null +++ b/sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-server/components.textproto @@ -0,0 +1,19 @@ +mysql_data_source_name:"fleetspeak-user:FLEETSPEAK_PASSWORD@tcp(mysql-server:3306)/fleetspeak" +https_config: { + listen_address: "0.0.0.0:9090" + certificates:"FRONTEND_CERTIFICATE" + key:"FRONTEND_KEY" + frontend_config: { +cleartext_header_checksum_config: { + client_certificate_header: "client-certificate" + client_certificate_checksum_header: "x-client-cert-hash" + } + } +} +admin_config: { + listen_address: "0.0.0.0:9091" +} +health_check_config: { + listen_address: "0.0.0.0:8080" +} +notification_use_http_notifier:false diff --git a/sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-server/services.textproto b/sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-server/services.textproto new file mode 100644 index 00000000..2d698d0a --- /dev/null +++ b/sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-server/services.textproto @@ -0,0 +1,10 @@ +services { + name: "greeter" + factory: "GRPC" + config: { + [type.googleapis.com/fleetspeak.grpcservice.Config] { + target: "greeter:1337" + insecure: true + } + } +} diff --git a/sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak.textproto b/sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak.textproto new file mode 100644 index 00000000..7234434f --- /dev/null +++ b/sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak.textproto @@ -0,0 +1,25 @@ +configuration_name: "Example" + +components_config { + + mysql_data_source_name: "fleetspeak-user:FLEETSPEAK_PASSWORD@tcp(mysql-server:3306)/fleetspeak" + + https_config { + listen_address: "fleetspeak-server:9090" + } + + admin_config { + listen_address: "fleetspeak-server:9091" + } +} + +public_host_port: "fleetspeak-server:9090" + +trusted_cert_file: "/config/fleetspeak-server/ca.pem" +trusted_cert_key_file: "/config/fleetspeak-server/ca-key.pem" + +server_cert_file: "/config/fleetspeak-server/server.pem" +server_cert_key_file: "/config/fleetspeak-server/server-key.pem" + +server_component_configuration_file: "/config/fleetspeak-server/components.textproto" +linux_client_configuration_file: "/config/fleetspeak-client/config.textproto" diff --git a/sandboxes/sandboxes/cleartext-header-mode/config/hello.py b/sandboxes/sandboxes/cleartext-header-mode/config/hello.py new file mode 100644 index 00000000..a60b85bb --- /dev/null +++ b/sandboxes/sandboxes/cleartext-header-mode/config/hello.py @@ -0,0 +1,41 @@ +# Copyright 2023 Google Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +from absl import app +from fleetspeak.client_connector.connector import FleetspeakConnection +from fleetspeak.src.common.proto.fleetspeak.common_pb2 import Message +from google.protobuf.wrappers_pb2 import StringValue + + +def main(argv): + del argv # Unused. + + conn = FleetspeakConnection(version="0.0.1") + while True: + request, _ = conn.Recv() + + data = StringValue() + request.data.Unpack(data) + + data.value = f"Hello {data.value}!" + + response = Message() + response.destination.service_name = request.source.service_name + response.data.Pack(data) + + conn.Send(response) + + +if __name__ == "__main__": + app.run(main) diff --git a/sandboxes/sandboxes/cleartext-header-mode/config/hello.sh b/sandboxes/sandboxes/cleartext-header-mode/config/hello.sh new file mode 100755 index 00000000..dd1ef13c --- /dev/null +++ b/sandboxes/sandboxes/cleartext-header-mode/config/hello.sh @@ -0,0 +1,2 @@ +#!/usr/bin/env bash +/venv/FSENV/bin/python /config/hello.py diff --git a/sandboxes/sandboxes/cleartext-header-mode/docker-compose.yaml b/sandboxes/sandboxes/cleartext-header-mode/docker-compose.yaml new file mode 100644 index 00000000..13fe75f4 --- /dev/null +++ b/sandboxes/sandboxes/cleartext-header-mode/docker-compose.yaml @@ -0,0 +1,65 @@ +services: + + mysql-server: + image: mysql:8.2 + restart: always + hostname: mysql-server + environment: + MYSQL_DATABASE: 'fleetspeak' + MYSQL_USER: 'fleetspeak-user' + MYSQL_PASSWORD: 'FLEETSPEAK_PASSWORD' + MYSQL_ROOT_PASSWORD: 'MYSQL_PASSWORD' + ports: + - '3306:3306' + expose: + - '3306' + healthcheck: + test: ["CMD", "mysqladmin", "ping", "-h", "localhost"] + timeout: 5s + retries: 10 + + front-envoy: + build: + context: . + dockerfile: ../shared/envoy/Dockerfile + args: + ENVOY_CONFIG: ./envoy-https-http.yaml + hostname: fleetspeak-frontend + ports: + - "10000:10000" + + fleetspeak-server: + build: + context: . + dockerfile: ../shared/fleetspeak-server/Dockerfile + hostname: fleetspeak-server + depends_on: + mysql-server: + condition: service_healthy + entrypoint: ["/app/bin/server", "-components_config", "/config/fleetspeak-server/components.textproto", "-services_config", "/config/fleetspeak-server/services.textproto", "-alsologtostderr"] + volumes: + - "./config:/config" + ports: + - '9090:9090' + - '9091:9091' + - '8080:8080' + expose: + - '9090' + - '9091' + - '8080' + healthcheck: + test: ["CMD", "curl", "http://localhost:8080"] + timeout: 5s + retries: 10 + + fleetspeak-client: + build: + context: . + dockerfile: ../shared/fleetspeak-client/Dockerfile + hostname: fleetspeak-client + depends_on: + fleetspeak-server: + condition: service_healthy + entrypoint: ["/app/bin/client", "-config", "/config/fleetspeak-client/config.textproto", "-alsologtostderr"] + volumes: + - "./config:/config" diff --git a/sandboxes/sandboxes/cleartext-header-mode/envoy-https-http.yaml b/sandboxes/sandboxes/cleartext-header-mode/envoy-https-http.yaml new file mode 100644 index 00000000..64ba5c7f --- /dev/null +++ b/sandboxes/sandboxes/cleartext-header-mode/envoy-https-http.yaml @@ -0,0 +1,110 @@ +static_resources: + listeners: + - address: + socket_address: + address: 0.0.0.0 + port_value: 10000 + filter_chains: + - filters: + - name: envoy.filters.network.http_connection_manager + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager + codec_type: AUTO + stat_prefix: ingress_http + proxy_100_continue: true + access_log: + - name: envoy.access_loggers.stdout + typed_config: + "@type": type.googleapis.com/envoy/envoy.extensions.access_loggers.stream.v3.StdoutAccessLog + log_format: { + "text_format": "[%START_TIME%] \"%REQ(:METHOD)% %REQ(X-ENVOY-ORIGINAL-PATH?:PATH)% %PROTOCOL%\" %RESPONSE_CODE% %RESPONSE_FLAGS% %BYTES_RECEIVED% %BYTES_SENT% %DURATION% %RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)% \"%REQ(X-FORWARDED-FOR)%\" \"%REQ(USER-AGENT)%\" \"%REQ(X-REQUEST-ID)%\" \"%REQ(:AUTHORITY)%\" \"%UPSTREAM_HOST%\" PFP: \"%DOWNSTREAM_PEER_FINGERPRINT_256%\" CERT: \"%DOWNSTREAM_PEER_CERT%\" TLS \"%DOWNSTREAM_TLS_VERSION%\" Issuer \"%DOWNSTREAM_PEER_ISSUER%\"\n" + } + route_config: + name: local_route + virtual_hosts: + - name: app + domains: + - "*" + routes: + - match: + prefix: "/" + route: + cluster: fleetspeak-server + timeout: 0s + idle_timeout: 0s + http_filters: + - name: envoy.filters.http.lua + typed_config: + '@type': type.googleapis.com/envoy.extensions.filters.http.lua.v3.Lua + inlineCode: | + + function string.fromhex(str) + return (str:gsub('..', function (cc) + return string.char(tonumber(cc, 16)) + end)) + end + + local rtrim = function(str) + if str == nil then + return + end + str = string.gsub(str, "=+$", '') + return str + end + + function envoy_on_request(request_handle) + local stream = request_handle:streamInfo() + local headers = request_handle:headers() + if stream:downstreamSslConnection():peerCertificatePresented() then + local peerCertificate = stream:downstreamSslConnection():urlEncodedPemEncodedPeerCertificate() + request_handle:logInfo("Peer Certificate: "..peerCertificate) + + local peerDigest = stream:downstreamSslConnection():sha256PeerCertificateDigest() + request_handle:logInfo("Peer Digest: "..peerDigest) + + local base64Encoded = rtrim(request_handle:base64Escape(peerDigest:fromhex())) + request_handle:logInfo("Peer base64: "..base64Encoded) + request_handle:headers():add("x-client-cert-hash", base64Encoded) + else + request_handle:respond({[":status"] = "403"},"mTLS Required") + end + end + - name: envoy.filters.http.router + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router + transport_socket: + name: envoy.transport_sockets.tls + typed_config: + "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext + require_client_certificate: true + common_tls_context: + validation_context: + trust_chain_verification: ACCEPT_UNTRUSTED + alpn_protocols: ["h2,http/1.1"] + tls_certificates: + # The following self-signed certificate pair is generated using: + # $ openssl req -x509 -newkey rsa:2048 -keyout a/front-proxy-key.pem -out a/front-proxy-crt.pem -days 3650 -nodes -subj '/CN=front-envoy' + # + # Instead of feeding it as an inline_string, certificate pair can also be fed to Envoy + # via filename. Reference: https://envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/base.proto#config-core-v3-datasource. + # + # Or in a dynamic configuration scenario, certificate pair can be fetched remotely via + # Secret Discovery Service (SDS). Reference: https://envoyproxy.io/docs/envoy/latest/configuration/security/secret. + - certificate_chain: + filename: /etc/cert.pem + private_key: + filename: /etc/key.pem + + clusters: + - name: fleetspeak-server + type: STRICT_DNS + lb_policy: ROUND_ROBIN + load_assignment: + cluster_name: fleetspeak-server + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: fleetspeak-server + port_value: 9090 diff --git a/sandboxes/sandboxes/cleartext-xfcc-mode/README.md b/sandboxes/sandboxes/cleartext-xfcc-mode/README.md new file mode 100644 index 00000000..dacce5ea --- /dev/null +++ b/sandboxes/sandboxes/cleartext-xfcc-mode/README.md @@ -0,0 +1,76 @@ +# Cleartext XFCC Mode + +## Introduction + +This sandbox demonstrates how to run Fleetspeak in 'cleartext xfcc mode'. + +The Fleetspeak frontend (the server) is using the Fleetspeak client's +certficiate to identify it by deriving the client id from the certficiate. + +In cases where the mTLS connection is terminated on a load balancer between the +Fleetspeak client and the Fleetspeak server the client certificate has to be +forwarded by other means. + +This sandbox demonstrates how this can be achieved by adding the certificate +into an additional header (the `client_certificate_header` in the diagram below) +by configuring Envoy to do so. See the official +[Envoy documentation](https://www.envoyproxy.io/docs/envoy/v1.28.0/api-v3/extensions/filters/network/http_connection_manager/v3/http_connection_manager.proto.html#envoy-v3-api-enum-extensions-filters-network-http-connection-manager-v3-httpconnectionmanager-forwardclientcertdetails) +for more details. + +The setup in this sandbox with the Fleetspeak frontend running in cleartext xfcc +mode would be useful for cases where the Fleetspeak server is operated behind an +Envoy proxy that terminates the mTLS connection. + +![Cleartext Header Mode](../diagrams/cleartextXfccMode_355.png "Cleartext XFCC Mode") + +## Setup + +Before you run the commands below make sure that you successfully executed the +steps outlined in the [setup instructions](../../sandboxes#setup-instructions). + +## Bring up the test environment + +``` +docker compose up --build -d + + ✔ Network cleartext-xfcc-mode_default Created 0.1s + ✔ Container cleartext-xfcc-mode-front-envoy-1 Started 0.1s + ✔ Container cleartext-xfcc-mode-mysql-server-1 Healthy 0.1s + ✔ Container cleartext-xfcc-mode-fleetspeak-server-1 Healthy 0.0s + ✔ Container cleartext-xfcc-mode-fleetspeak-client-1 Started 0.0s +``` + +## Find the client id + +``` +docker logs cleartext-xfcc-mode-fleetspeak-client-1 +# The output should look similar to the below + +# config.go:44] Read 1 trusted certificates. +# manager.go:103] initial load of writeback failed (continuing): open /fleetspeak-client.state: no such file or directory +# manager.go:165] Using new client id: **768dbfef556d2341** +# client.go:175] No signed service configs could be read; continuing: invalid signed services directory path: unable to stat path [/config/fleetspeak-client/services]: stat /config/fleetspeak-client/services: no such file or directory +services.go:146] Started service hello with config: +# name:"hello" factory:"Daemon" config:{[type.googleapis.com/fleetspeak.daemonservice.Config]:{argv:"/venv/FSENV/bin/python" argv:"/config/hello.py"}} +# system_service.go:251] Unable to get revoked certificate list: unable to retrieve file, last attempt failed with: failed with http response code: 404 + +# Run the test app container +docker run -it --name greeter --network cleartext-xfcc-mode_default -p 1337:1337 --rm greeter bash +``` + +## Run the test app + +``` +# In the above find the client id and export it in a variable +export CLIENT_ID=**768dbfef556d2341** + +# Start the test app, when it runs add your input and hit enter. You should see the string being ecohed. +/venv/FSENV/bin/python ./greeter.py --client_id=$CLIENT_ID --fleetspeak_message_listen_address="0.0.0.0:1337" \ + --fleetspeak_server="fleetspeak-server:9091" --alsologtostderr +``` + +## Bring down the test environment + +``` +docker compose down +``` diff --git a/sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-client/communicator.txt b/sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-client/communicator.txt new file mode 100644 index 00000000..758ec85e --- /dev/null +++ b/sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-client/communicator.txt @@ -0,0 +1 @@ +prefer_http2: true diff --git a/sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-client/config.textproto b/sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-client/config.textproto new file mode 100644 index 00000000..b6643133 --- /dev/null +++ b/sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-client/config.textproto @@ -0,0 +1,8 @@ +server: "fleetspeak-frontend:10000" +trusted_certs:"FRONTEND_CERTIFICATE" +client_label: "" +filesystem_handler: { + configuration_directory:"/config/fleetspeak-client" + state_file:"/fleetspeak-client.state" +} +streaming:true diff --git a/sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-client/textservices/hello.service b/sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-client/textservices/hello.service new file mode 100644 index 00000000..dd8305da --- /dev/null +++ b/sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-client/textservices/hello.service @@ -0,0 +1,8 @@ +name: "hello" +factory: "Daemon" +config: { + [type.googleapis.com/fleetspeak.daemonservice.Config]: { + argv: "/venv/FSENV/bin/python" + argv: "/config/hello.py" + } +} diff --git a/sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-server/components.textproto b/sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-server/components.textproto new file mode 100644 index 00000000..6770bac6 --- /dev/null +++ b/sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-server/components.textproto @@ -0,0 +1,18 @@ +mysql_data_source_name:"fleetspeak-user:FLEETSPEAK_PASSWORD@tcp(mysql-server:3306)/fleetspeak" +https_config: { + listen_address: "0.0.0.0:9090" + certificates:"FRONTEND_CERTIFICATE" + key:"FRONTEND_KEY" + frontend_config: { + cleartext_xfcc_config: { + client_certificate_header: "x-forwarded-client-cert" + } + } +} +admin_config: { + listen_address: "0.0.0.0:9091" +} +health_check_config: { + listen_address: "0.0.0.0:8080" +} +notification_use_http_notifier:false diff --git a/sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-server/services.textproto b/sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-server/services.textproto new file mode 100644 index 00000000..2d698d0a --- /dev/null +++ b/sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-server/services.textproto @@ -0,0 +1,10 @@ +services { + name: "greeter" + factory: "GRPC" + config: { + [type.googleapis.com/fleetspeak.grpcservice.Config] { + target: "greeter:1337" + insecure: true + } + } +} diff --git a/sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak.textproto b/sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak.textproto new file mode 100644 index 00000000..7234434f --- /dev/null +++ b/sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak.textproto @@ -0,0 +1,25 @@ +configuration_name: "Example" + +components_config { + + mysql_data_source_name: "fleetspeak-user:FLEETSPEAK_PASSWORD@tcp(mysql-server:3306)/fleetspeak" + + https_config { + listen_address: "fleetspeak-server:9090" + } + + admin_config { + listen_address: "fleetspeak-server:9091" + } +} + +public_host_port: "fleetspeak-server:9090" + +trusted_cert_file: "/config/fleetspeak-server/ca.pem" +trusted_cert_key_file: "/config/fleetspeak-server/ca-key.pem" + +server_cert_file: "/config/fleetspeak-server/server.pem" +server_cert_key_file: "/config/fleetspeak-server/server-key.pem" + +server_component_configuration_file: "/config/fleetspeak-server/components.textproto" +linux_client_configuration_file: "/config/fleetspeak-client/config.textproto" diff --git a/sandboxes/sandboxes/cleartext-xfcc-mode/config/hello.py b/sandboxes/sandboxes/cleartext-xfcc-mode/config/hello.py new file mode 100644 index 00000000..a60b85bb --- /dev/null +++ b/sandboxes/sandboxes/cleartext-xfcc-mode/config/hello.py @@ -0,0 +1,41 @@ +# Copyright 2023 Google Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +from absl import app +from fleetspeak.client_connector.connector import FleetspeakConnection +from fleetspeak.src.common.proto.fleetspeak.common_pb2 import Message +from google.protobuf.wrappers_pb2 import StringValue + + +def main(argv): + del argv # Unused. + + conn = FleetspeakConnection(version="0.0.1") + while True: + request, _ = conn.Recv() + + data = StringValue() + request.data.Unpack(data) + + data.value = f"Hello {data.value}!" + + response = Message() + response.destination.service_name = request.source.service_name + response.data.Pack(data) + + conn.Send(response) + + +if __name__ == "__main__": + app.run(main) diff --git a/sandboxes/sandboxes/cleartext-xfcc-mode/config/hello.sh b/sandboxes/sandboxes/cleartext-xfcc-mode/config/hello.sh new file mode 100755 index 00000000..dd1ef13c --- /dev/null +++ b/sandboxes/sandboxes/cleartext-xfcc-mode/config/hello.sh @@ -0,0 +1,2 @@ +#!/usr/bin/env bash +/venv/FSENV/bin/python /config/hello.py diff --git a/sandboxes/sandboxes/cleartext-xfcc-mode/docker-compose.yaml b/sandboxes/sandboxes/cleartext-xfcc-mode/docker-compose.yaml new file mode 100644 index 00000000..ff8440ad --- /dev/null +++ b/sandboxes/sandboxes/cleartext-xfcc-mode/docker-compose.yaml @@ -0,0 +1,63 @@ +services: + + mysql-server: + image: mysql:8.2 + restart: always + hostname: mysql-server + environment: + MYSQL_DATABASE: 'fleetspeak' + MYSQL_USER: 'fleetspeak-user' + MYSQL_PASSWORD: 'FLEETSPEAK_PASSWORD' + MYSQL_ROOT_PASSWORD: 'MYSQL_PASSWORD' + ports: + - '3306:3306' + expose: + - '3306' + healthcheck: + test: ["CMD", "mysqladmin", "ping", "-h", "localhost"] + timeout: 5s + retries: 10 + + front-envoy: + build: + context: . + dockerfile: ../shared/envoy/Dockerfile + args: + ENVOY_CONFIG: ./envoy-https-http.yaml + hostname: fleetspeak-frontend + ports: + - "10000:10000" + + fleetspeak-server: + image: ghcr.io/google/fleetspeak:latest + hostname: fleetspeak-server + depends_on: + mysql-server: + condition: service_healthy + entrypoint: ["/fleetspeak/bin/server", "-components_config", "/config/fleetspeak-server/components.textproto", "-services_config", "/config/fleetspeak-server/services.textproto", "-alsologtostderr"] + volumes: + - "./config:/config" + ports: + - '9090:9090' + - '9091:9091' + - '8080:8080' + expose: + - '9090' + - '9091' + - '8080' + healthcheck: + test: ["CMD", "curl", "http://localhost:8080"] + timeout: 5s + retries: 10 + + fleetspeak-client: + build: + context: . + dockerfile: ../shared/fleetspeak-client/Dockerfile + hostname: fleetspeak-client + depends_on: + fleetspeak-server: + condition: service_healthy + entrypoint: ["/fleetspeak/bin/client", "-config", "/config/fleetspeak-client/config.textproto", "-alsologtostderr"] + volumes: + - "./config:/config" diff --git a/sandboxes/sandboxes/cleartext-xfcc-mode/envoy-https-http.yaml b/sandboxes/sandboxes/cleartext-xfcc-mode/envoy-https-http.yaml new file mode 100644 index 00000000..46551027 --- /dev/null +++ b/sandboxes/sandboxes/cleartext-xfcc-mode/envoy-https-http.yaml @@ -0,0 +1,77 @@ +static_resources: + listeners: + - address: + socket_address: + address: 0.0.0.0 + port_value: 10000 + filter_chains: + - filters: + - name: envoy.filters.network.http_connection_manager + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager + codec_type: AUTO + stat_prefix: ingress_http + forward_client_cert_details: APPEND_FORWARD + set_current_client_cert_details: + cert: true + proxy_100_continue: true + access_log: + - name: envoy.access_loggers.stdout + typed_config: + "@type": type.googleapis.com/envoy/envoy.extensions.access_loggers.stream.v3.StdoutAccessLog + log_format: { + "text_format": "[%START_TIME%] \"%REQ(:METHOD)% %REQ(X-ENVOY-ORIGINAL-PATH?:PATH)% %PROTOCOL%\" %RESPONSE_CODE% %RESPONSE_FLAGS% %BYTES_RECEIVED% %BYTES_SENT% %DURATION% %RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)% \"%REQ(X-FORWARDED-FOR)%\" \"%REQ(USER-AGENT)%\" \"%REQ(X-REQUEST-ID)%\" \"%REQ(:AUTHORITY)%\" \"%UPSTREAM_HOST%\" PFP: \"%DOWNSTREAM_PEER_FINGERPRINT_256%\" CERT: \"%DOWNSTREAM_PEER_CERT%\" TLS \"%DOWNSTREAM_TLS_VERSION%\" Issuer \"%DOWNSTREAM_PEER_ISSUER%\"\n" + } + route_config: + name: local_route + virtual_hosts: + - name: app + domains: + - "*" + routes: + - match: + prefix: "/" + route: + cluster: fleetspeak-server + timeout: 0s + idle_timeout: 0s + http_filters: + - name: envoy.filters.http.router + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router + transport_socket: + name: envoy.transport_sockets.tls + typed_config: + "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext + require_client_certificate: true + common_tls_context: + validation_context: + trust_chain_verification: ACCEPT_UNTRUSTED + alpn_protocols: ["h2,http/1.1"] + tls_certificates: + # The following self-signed certificate pair is generated using: + # $ openssl req -x509 -newkey rsa:2048 -keyout a/front-proxy-key.pem -out a/front-proxy-crt.pem -days 3650 -nodes -subj '/CN=front-envoy' + # + # Instead of feeding it as an inline_string, certificate pair can also be fed to Envoy + # via filename. Reference: https://envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/base.proto#config-core-v3-datasource. + # + # Or in a dynamic configuration scenario, certificate pair can be fetched remotely via + # Secret Discovery Service (SDS). Reference: https://envoyproxy.io/docs/envoy/latest/configuration/security/secret. + - certificate_chain: + filename: /etc/cert.pem + private_key: + filename: /etc/key.pem + + clusters: + - name: fleetspeak-server + type: STRICT_DNS + lb_policy: ROUND_ROBIN + load_assignment: + cluster_name: fleetspeak-server + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: fleetspeak-server + port_value: 9090 diff --git a/sandboxes/sandboxes/createConfig.sh b/sandboxes/sandboxes/createConfig.sh new file mode 100755 index 00000000..e4a2d43b --- /dev/null +++ b/sandboxes/sandboxes/createConfig.sh @@ -0,0 +1,65 @@ +#!/bin/bash +openssl ecparam -list_curves + +# generate a private key for a curve +openssl ecparam -name prime256v1 -genkey -noout -out key.pem + +# optional: generate corresponding public key +openssl ec -in key.pem -pubout -out public-key.pem + +# create a self-signed certificate +openssl req -new -x509 -key key.pem -out cert.pem -days 365 -subj "/C=AU/CN=fleetspeak-frontend" -addext "subjectAltName = DNS:fleetspeak-frontend" + +FRONTEND_CERTIFICATE=$(sed ':a;N;$!ba;s/\n/\\\\n/g' cert.pem) +FRONTEND_KEY=$(sed ':a;N;$!ba;s/\n/\\\\n/g' key.pem) + +sed -i 's@FRONTEND_CERTIFICATE@'"$FRONTEND_CERTIFICATE"'@' ./cleartext-header-mode/config/fleetspeak-client/config.textproto +sed -i 's@FRONTEND_CERTIFICATE@'"$FRONTEND_CERTIFICATE"'@' ./cleartext-xfcc-mode/config/fleetspeak-client/config.textproto +sed -i 's@FRONTEND_CERTIFICATE@'"$FRONTEND_CERTIFICATE"'@' ./direct-mtls-mode/config/fleetspeak-client/config.textproto +sed -i 's@FRONTEND_CERTIFICATE@'"$FRONTEND_CERTIFICATE"'@' ./https-header-mode/config/fleetspeak-client/config.textproto +sed -i 's@FRONTEND_CERTIFICATE@'"$FRONTEND_CERTIFICATE"'@' ./passthrough-mode/config/fleetspeak-client/config.textproto + +sed -i 's@FRONTEND_CERTIFICATE@'"$FRONTEND_CERTIFICATE"'@' ./cleartext-header-mode/config/fleetspeak-server/components.textproto +sed -i 's@FRONTEND_CERTIFICATE@'"$FRONTEND_CERTIFICATE"'@' ./cleartext-xfcc-mode/config/fleetspeak-server/components.textproto +sed -i 's@FRONTEND_CERTIFICATE@'"$FRONTEND_CERTIFICATE"'@' ./direct-mtls-mode/config/fleetspeak-server/components.textproto +sed -i 's@FRONTEND_CERTIFICATE@'"$FRONTEND_CERTIFICATE"'@' ./https-header-mode/config/fleetspeak-server/components.textproto +sed -i 's@FRONTEND_CERTIFICATE@'"$FRONTEND_CERTIFICATE"'@' ./passthrough-mode/config/fleetspeak-server/components.textproto + +sed -i 's@FRONTEND_KEY@'"$FRONTEND_KEY"'@' ./cleartext-header-mode/config/fleetspeak-server/components.textproto +sed -i 's@FRONTEND_KEY@'"$FRONTEND_KEY"'@' ./cleartext-xfcc-mode/config/fleetspeak-server/components.textproto +sed -i 's@FRONTEND_KEY@'"$FRONTEND_KEY"'@' ./direct-mtls-mode/config/fleetspeak-server/components.textproto +sed -i 's@FRONTEND_KEY@'"$FRONTEND_KEY"'@' ./https-header-mode/config/fleetspeak-server/components.textproto +sed -i 's@FRONTEND_KEY@'"$FRONTEND_KEY"'@' ./passthrough-mode/config/fleetspeak-server/components.textproto + +cp cert.pem key.pem ./cleartext-header-mode/ +cp cert.pem key.pem ./cleartext-xfcc-mode/ +cp cert.pem key.pem ./direct-mtls-mode/ +cp cert.pem key.pem ./https-header-mode/ +cp cert.pem key.pem ./passthrough-mode/ + +MYSQL_PASSWORD=$(LC_ALL=C tr -dc 'A-Za-z0-9@%*+,-./' < /dev/urandom 2>/dev/null | head -c 16) +FLEETSPEAK_PASSWORD=$(LC_ALL=C tr -dc 'A-Za-z0-9@%*+,-./' < /dev/urandom 2>/dev/null | head -c 16) + +sed -i 's@MYSQL_PASSWORD@'"$MYSQL_PASSWORD"'@' ./cleartext-header-mode/docker-compose.yaml +sed -i 's@MYSQL_PASSWORD@'"$MYSQL_PASSWORD"'@' ./cleartext-xfcc-mode/docker-compose.yaml +sed -i 's@MYSQL_PASSWORD@'"$MYSQL_PASSWORD"'@' ./direct-mtls-mode/docker-compose.yaml +sed -i 's@MYSQL_PASSWORD@'"$MYSQL_PASSWORD"'@' ./https-header-mode/docker-compose.yaml +sed -i 's@MYSQL_PASSWORD@'"$MYSQL_PASSWORD"'@' ./passthrough-mode/docker-compose.yaml + +sed -i 's@FLEETSPEAK_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./cleartext-header-mode/docker-compose.yaml +sed -i 's@FLEETSPEAK_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./cleartext-xfcc-mode/docker-compose.yaml +sed -i 's@FLEETSPEAK_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./direct-mtls-mode/docker-compose.yaml +sed -i 's@FLEETSPEAK_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./https-header-mode/docker-compose.yaml +sed -i 's@FLEETSPEAK_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./passthrough-mode/docker-compose.yaml + +sed -i 's@FLEETSPEAK_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./cleartext-header-mode/config/fleetspeak-server/components.textproto +sed -i 's@FLEETSPEAK_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./cleartext-xfcc-mode/config/fleetspeak-server/components.textproto +sed -i 's@FLEETSPEAK_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./direct-mtls-mode/config/fleetspeak-server/components.textproto +sed -i 's@FLEETSPEAK_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./https-header-mode/config/fleetspeak-server/components.textproto +sed -i 's@FLEETSPEAK_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./passthrough-mode/config/fleetspeak-server/components.textproto + +sed -i 's@FLEETSPEAK_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./cleartext-header-mode/config/fleetspeak.textproto +sed -i 's@FLEETSPEAK_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./cleartext-xfcc-mode/config/fleetspeak.textproto +sed -i 's@FLEETSPEAK_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./direct-mtls-mode/config/fleetspeak.textproto +sed -i 's@FLEETSPEAK_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./https-header-mode/config/fleetspeak.textproto +sed -i 's@FLEETSPEAK_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./passthrough-mode/config/fleetspeak.textproto diff --git a/sandboxes/sandboxes/diagrams/cleartextHeaderMode_355.png b/sandboxes/sandboxes/diagrams/cleartextHeaderMode_355.png new file mode 100644 index 0000000000000000000000000000000000000000..fdeae118fb7a00a3da3ff1b344e1f559503619fe GIT binary patch literal 38835 zcmeFYRa9I}v@V+9614H)G>tn1C%86FaP2@Kkl+?HIE}jncL;95y^#bB5E3*HG`MTv zEdKm^kFn3Vci(Xz&Kc+7JoV`6>Qz;9eKqGd4X&Z4fP+PW_2|(f93@3rtw)cLK#v|h zeu;qwjD)?0djcPiU9=RWA61P}Za;cN`$$PvO2^Z5Hw)F%NRTx2`Je?mUvb=V1REdU zRI8hvw!WTzdiovj+r0=QJ$t=Zrs?S{EGKiJS!DN{L$$wZK=aXAl;S%H-xI1%l`np` zDJUe!7EIc72VinPhIFH(Jp!2{4TEVdc;cbXnNj~ah>xNVbyP4%g1-Md1f}nW^@4pe z)BbaYIZu!8zdr&G;f70Q!sw03VOqtRLa$MFX+sJ+RK60*4WxWoA66cO|FaJ8FmTv= zS^9vWAen~3+J4#aThKJc3+LlaehB`d>*s`uY2I{pgKZ%KU{en(2doh~I>GOdC{>`r zpP$PVX+i}3)l#8I?2rV^m_(j`4$!T~)D2tx$RM~M$PS76)nEH}DcW_+nl#0$XW{iI z?2w8Ei)Q`5N5PML6p6{UNAzC?fwSpe1LH=oSvZ;gu3cl*t9+!Qpf}Z8}8X zo0!0_F?@T~tGLF-7<%JuhuDzf`EG;HGNtw_Ur z>8kfStcY(MZH_nJOp@62C@SX#Kn^pZu+_;vre^;G0>j4F<)oAYz3R-_XW{VUX7@8K z{`hD1wT3o$J=d%u~U_eGYohr!hBIUY6rjhWI zEQz7gs4X?|&U^l4Ku^G32?k2Y}l5W8aVIGU2YSU=YCm`a~8KP9}fA{zDOM(N4 zKp;K)tibx9Z@hULZ1^N3#iXE@@=%hT3!3jw?erXa!|?7c#sbTPJT?diVlt!7jC5C* z7Q@nbEl4;`g=0WW>ILfKJ^Ia_XskNykz;$_xfTT?Hj7olBA@nR5MMUCmk-EasTt88 zS7>$6xBA~>w_fZ<#4I-sjJ!TM+MXhPLV1k+%wZvvDfag0rcRhl(2Lc1b2x;gGQ<3L zzrj!(5Av(A^k5ij7jX*Q$YVd(V(**h>1_s?*eH3095ji==&_)K@r+*d-0Rz5xEIfg zcA?PSwF~3%+Hg?Qp2*MYF5P_n$$Xn12|byG)2Co6b+@Q7gj^E0XN2Fe& zootTF^&l;6O}Aj{R_TY{UY!Jeb~+uRqdT{qt_Yg{R7Gdh^rn~B>3jt9$x{ieySuwf z>o1Tdt+e_AXVZUl(IWuS{R{GzTSq5&TN^hW_@HsqW%(|r{FM!_e(z58!XYJ z2m85&>Mz8++))Dpdg#|LsJvlc8#GIGI*}qSb-G7ytPxLLJ2E&9wJ$igE=``sm1S>i zUL1%=`N!t;?7lP1Tisp@Fm8!l-TxKIoK*6JTC4*pL>luLUaDWrIc6q~gpQ6L92~s5 zIDave!h!vJ);@av(|DdnPo0pHJ&iJHC0duBpe*?)6(H}mFJ}1m_EoUfaJ1hy7xpi= zYF4D7-{(cm$CrG`p1Ic4;I{i*5&GWXcGtcPL%jDp9g>=)Ui+d|6Ne}9=Yrb%d>2vl zMUUHWfy}~0tNZV5-3XvqE8ZF8K4X+omtjA5di=%f&7NMCme-(CN zVVaQl6^5~KLkec2VNiHDMn@WLPDDoIM`=|C{lf9Sig$^ct@;A|_PS>Guatr=@t(U& zuVYOjP;j7Aknw>|@i4?A&)sQz%I_X1${~athJpmMg+h$Jtk{zpWpBi%%gkg%RSAS` z)N%x<|M*d(d6yBX8uIst)TcTf_mdm9xnqT3CkGi81u9n#%os7PY^~Xxk6CiS@}cR+ z&F@Y!{4!+9bfg7Goi6spcYn0ew76^%o{=7F(D$6a*4FswF0NB$tTY~ic5`*I@$+zn z!HY-AtkeIVnn6BhAiiLb+qT~^F37rewJ5lI!oWLQ!Z$)HC~UQDEUU(4)82A4MZmDL z-g;EBM_P`@@0Kht=Kju`0}Y4b{kKX(I)_dqX2XW?8rMuwmk27J(IstRnFm53iDd{` zJxTXGzb3)jV2MmU*ryYtr*zj6-JN&C7&Uw*9gjrpxP9$(R1CFP&X%!Rs^c-HGCobg zq}Yw26p7gw{UBMUYku=hT&Ve;EaREOdqkwJ`F(t)G{1&ej?enf`)d+sE6#{intiy~ zFt5}d=!{~Tgd|eXftrDtUZX;y%%}jhYFUV*zke@m)A9UN?#ZqoA!!vA-wmx5AUW6c zOJB&>B9$B_jM9eRvlLdnsC2DUe#XK

=;3HXXO6hGyuho`c5A9caQWgd z!7zV?#PV!3J`Q;U{;P!NXDY#Et+(}?#k!}_6tjr_vI2Z+YR(D}l}KaHo{>kt>tNZ* z4MNnZN6ad2S(Gc~z7fBRLqBwiX>29TKC9ODisH>;3);oL1pYVp&a8c&Qazgf#l$n(BQo5|^OxV7zIsbxgb!NwyWyB?JP23MktlGl%(%2WTNZM@q;2mw`8EDr z@8zUJ*Gk)g$ji|Tx2@$aF0YH%~MJo=tXim-J-J`&O{CIjac2x@m@LI<{OG< z2*U?ircYFERNnn&?u=WN9J@h$saBpCG$Y9EZ^E;PPA_U-4y& z`v)i|v&u)R_;8xFMzOy5h(VBtos@k`HN+IcPAKTGM95|vLBheBAD2d(cLd15g5~oE z!Rlrb)X#iiFiI@7xO6h>i__TxF(t*g?mTe?<_Q6uFX~REYG7sIzqb4R6-Hrr8n@X| z^te(u{Jo^>U1!G;T#LI{ARL}lDj}?qkk;&al<7FI_Akr-rcOH=4rhw}gZLds$k^!6 z^^N*#c^Ykr%G{^k*-szjbcgl5+gz^xq0dczP^im%Txrgm#msN?0)rZ)nCz^f@- zW&xG+?zArlp1?|!`dqX|fvqS_i|;h5Pu;tV zcJ5*8bzSk|3c3w%rieP)@cNgZra;IAa6+vj^!m=)tSeS4=f3s#H@%&&eS3rJBwdoz z_1v(*hQqx$s)Z0djMInt*Ny1@jrlz|&GY1%BV*bjRy3A#D;0y#zz{+~!r9l`q7s~D zvs@PaT|F?9U5T>Y^A1a|$~f$kheT4fhT)skKZiY_OCpZ&`VvlQ5)ue58biHU*4dGE zs)YWh*TNAb7X;hdyx%j@Y`(QK7OSO4eJ$!D_+I*QI~aunA@=S!zj0=kX8kL-+FG47 zXsG(VFX0z{n&*D(?qwqhjMxhc3$k7rp8-nsID+Viz}wfj-IE|Yo4VAvrS3BOS$Y0m zJB^sn`qSm4%kE>vq74iA#AnkUqBuX1UHsX0@v*HukgvVh~{3h{GpuA{mO{8x3rrduMomak00&#HqWV2u$%T9B^=AX;)p&NKkzlpO zW|c{rphKRJf8W%U_M317jJ~WR>eoMj8r0%5YMhlfN>4O!1|CX=@u=e`1)j#ORwzd|EvNU0e`j*ACVn&o@U%1k*hkQ10KU#hMbAKOF%)TWS6NG*aul&UKs<7#6 z%E*`+>)32=7X$s;)`Y~qMEru6qsZUTfuhLc5BQ+d4MQO_gN1jlns3}Hsgl6W&f6jp zsq7I&UDaPj%qjFC$Lq}SO^1W<$1$r*&3@QLUy`IpKS$TP%~Du?&V(amzuu^1ve+nx zt8KP>U!)vH=1#2NRFR2TazoU!BQQaOd8dMgW)Y-ZX7uX&0AW9Y08UM8qg_EiO5+QF z7HagDV32TTG8J>pd29uTU~j->x|kPQeV-O7r}S4Xwjr*lsOIJeVv1i$kN)^ac~&I6 zR}IIczgQl;*QkY>=zP>9CuU6{mLOPzzB@Y~)`zY3OtGy>R#QJeS6DXlUb+2&?Rl|* zd`|TvkRo}N1cXb7zBc><>FoDx|H!+=*HGk&%%#SLQ!&&D4io z`YvAMta8_gdtcP0DNa&h}hz!NGlGApB4P9Pvgb{De%SsUw#P{Md-6b zwB-1l83`G?Vf31^L;;9k%`~9|Cm`TRHpud#AI1~Uni0#6&UCJ_-lDoCf-%?yMWqx$-%DCM1275`a?sCb%yMF5Ujq!p6eZElkr zkebT0yEodV6fa*OrJwc$@QBL_j;3@tfFsN-C}nQMDS|PcJdyYG6f!n3`MI)!+p3;G zX!Ei)I05h`=zP7Z!J8kFcpZ(u-~-1XuhLDovn2q{RxJ&b5=f{0tFm*cLW#qTj5gp^Fk+=<8CjApqHl-k0srxjGOQ8YnVb8W9;Bd@n!=SM& zf2r-S2+ej+i_GU9#4&0yX+p2VHB<8yU8?~)O0wu9D#IGx(Gp+Kfjsx=Alm=V;BgCY z@0O2nzT3lwsP+zDD92Ouqu}gveDLTCklB&^hPfycu@twJQ_#VtmL-hiaNskPA&_{< zF2syN&Q~}XUr?e^Vk%IY#46@>O5|TT7hd}d9cw2@x~ls}eX3@?uGPd-vZBN<#E$On z(vFT8nVFf6E4?qKD@|~mi`=ncgkV931*xpL89Kesc^b@g$;wU#`!YoANoIxXafA=h zkQ2v*!7e9Qw$4s2n01DX7M_Bi1O`e27K=5wr@o~6aDUNTr&5d9*(&XB$>;32G5kU` zeKkBhu0Y`voqmlCA+Mz(o`Sc6al0!H;LPeU>lrS{7~17xOG{fS9wg&3sb_`6s!Lf8 zrK#z_zh;WKJbrhwAss_$AZNgQ4<+Y~Xnyh0_si;X>42a=m;|(8ZQCeZjK))IHD#|; zs*iScvKfO&N4qB(_3LlH0y$kCD*4?aD;dAtH%y$TGtw40NNFPP9;;=} zg;LGq{p<~~JKUQj|KmpEsh=kDexSPRdUa@J z3Ii8Y?n6^FkNYXqb$1%cq|+fXX3zWOT50DcA%1Z5Q+HV3HKWb<8a`aAxj;IZ!Ic%{ z=OfvoxW5L+29jPg{M^ezceC^84wOrDT3vSWyt^eP;m8EM9lzkjL=Bn)JBdpVmszJ&WD3qHEMF?9>ASxp zM`e-BN0P-Fj{`KF@@d7jO0BY^qhJ2bKHHGbFPKA8xt4z3(99Y7TPw~mS^`o#0i>qG zO6=uI6Ctoe65uEJgx5gm)!l&yG=mqak164I8|=2zRN%bs-0X2d(0bz@SkS@ud)6VA zLE%}R-RxuiRv*aj-W~vB$NgPmi!-BIA1d8H0(hez?wI@gy8{Y%EWYAf2mn+kzUG|e z1*^@pZ4!qOp=!tAvDtSo!3vqN5P3w{!){Yh%=8+9TRC1ki0;3JS_0I+^mEl=B|w~<0V*C*a!DA zaK`_wRM*{NKjW~J%SP1lWWJS*6ODkq7JAINTB%tVat!5DUKNEE?7%Vu8YTiw8E;Re0Cx6uK z*1jhtJN#IkCRl0E!J(GD6dHOaI!Fj=aar%abgHj4Ujd))2%@=c#E?2Df(AzA{SL%z zW?D6oU@-CPbE+84f*S_!7TgJ}SV6F9@wMe=yE=}{N6833LTTSD6N!jYU9aK}}7?s0~p?;g4=l6%=();ZB zrJJO~=@t*ZO3IzO82ilyRZx+NHJl|@Drlf*`5v`gr}Di;-_6g37Pj6eMzvZ7A8juh z^vD35G`=Hb2PK)=C^DnrW`=jar?vc&joS4`;sr+J;UUKDS8JkP>As0dZzg_Q^!`9%K@4SV``lp{8;zb{|{qXnY@hnoYe=CQ(8^3%3*KQ~eTL-d(2E>eA*#x(kFk{nPdf|=v)26JtVU9JBe=KY? zI0Ex?;y$SLU`v8$fs3ByB6dH!;5NbKKK#b00F6U$-CP{7R{H8j`t9H{Rp2#}nRUxQ zfTMgRfesS&IhCPE33$?1jr#gDMVaWV;*XzUy`>x00L_8KSW-UF94BSsT776?#H%%B zurk1)^TYcyQFBHuh?rt5iGT_67Rprdz=Rn0HA66<9Asg^{TBcjdI2s25T9NlwK95= zNVv{qlrdcPAqh%E0MH|RC-AR_ePkz(4gy;4M0JRm`++z8;y&UJ)65h~&_vN{Ov_yl zXt4UoqkQu0_I|SYox3~XcmET7-)1`dvl7uTLr7^POsBk_q&lLb4Q!U9d#c8kb=u5G>2 zaS}>c$0*ftmSvWRP`zd+)~Za4`?8LKtxKyObDILQPVrgC5?=B-RS1nDA4xEiPA?ST zkqS(3UpN^X7u7OscOiFr{QTZ-D4p%Ycgm5v2kPm=!43%wlK#1yNo-$5El(WAU=Z`j zAS_VE%ur{f#E^%8fKEa2{gbN`qB>*jbUN!6F{EmVOFHdWdn*DdPhP7-OAmK{s1UIj z4=3mgJ1}61dAdHnI$pQnu>f;LD%97cVPIece{^wgZaYazM9lNXV>2f^qlB~vx3#TT z$d(yGQT*e3M61st;i*7u!X;&d{dr~8z{6{UopRmpN z=l-Su5NfVjHQCuAK(P1yM-_L^W^do*--mLmOp-8q?n_27F?}ewB`3}*5FzXO2B78( z(Lw>_4;Wy8x>zD$y_7_6>G4QF5Pnc3{QIFkG;JbJsB9R3Z(7tuJ2^0qOPy^j8WD^c z-3JRqps2f~IU*a-vP5EHOA0WmkbsIO>dP9~Ay6A2LCy{V{`UX&^UHpe%AjJ#!jvZs zol7$Uca3Ka89`LskIQ7ZA2k|$=rx9|9=^3|Ul;My!&DMuqcWjlB%A$wd=r*NoPo** zFd3=l;o%H~taIrPONxgL8^K_!%l`L>DwDR(Kx^SR316=$Dp3+JI}D8kWJv#w9pY}R z**_1uSk~#~bgz%Nv{xe>*;#!f&823dWB}DS@UBa%sY9zZb^>a5kEX`!?6(ap-?YO^$azh%LPE7IK#P09 zH=&8FWW4C>meKClQ+!|D0(qQF5jR$)bya5GNX+^?esy_W2&9zjtIKhY|6M>=SJze_ zIo~T3%(eD+ClS_eTF7TkMZC5d3CD$YA?~~11ExyU2ieHB zilR{DawL2cTw^AIlxoQL;szpK>#-;x%d)bHhy+-3;v}uo)|=%{lfp(>&#Pm`7%I`w z9KY*f!XH5ZHuVjl{h@<5P;j+OQQ^3(4=j+nb7f^^3phf9GJ*&+o-N)7KqVRz1PS+a z*%*;Zgs5sXJ6ik+y6K056jM2=bgPV6e7x(dzCc#Lm1(07#?q)$HwbCfJ`mFrOG{K3 zJv}`Vu-Pyugs)X?vCTsvo?b30LOnmN_|NtE-p5$=i~b^&)QLP9^rIh*cC!yjcuz0+ zw>PTvV19lgLTzxefv3?Etlo(apDwe zhAvaBq_in1^TGTlhn=aZ3-Cgl`(Alhc39Ze7(bv>bUfgqgprs4stiYue!J|xfT*2! zPiGN$KFyU+_c<>$VL#_NK6jUV=P-ra7@-dB7epn{hTdLn=Jd|RiF>eRQ_ zJJr1h9L&s$;qQOcTVvCQRaDb zUWrfO`j$}M5*57p8yOupZ87Ho@`B(81OVQEPN~LY5f>)mgm?jfrCm>=1X-xeRvPJv zp|DJRSO${G{YJ#%rCWJ&SCjKZ;#-PI6Q`lEv3TXWl@S2uA_c1|4C+?_K(DIq0Obpi zg^5V~iTiXr-#a9jXo*m2bjP_`MXNPT{uTEOyawUwW z#(mE)9uJO>1&&ipiaU_IyS>t^g~`!T+Q^aoxj7o7K{Ns^l%Abo;|XA3a))8`d*PT0 z-jdXVom#-b(;Ts7Rg@j%!MsoO?D1)^c=TK*`d(aU@XwyH&;XaC@O5bW2rUGuZ#Qnq zB)a((E1`&h>qM@Uqhq*)fFgYgn!&L!EzbwQi1FA=bt|u402*tORrOCg`A0uSTVz000enpJ#99_*WdH0<%-jr-<_GTlfudl%NyE!9bx0!8d8= z-(Y_XLJ*iju`uz3F9gV|stP%NoyIju4gL(II1$sBS8p^-`Awv`P}ZVej{!^#1qh6O z4Naq^({zf$#(FhnzTrVIw5tTsdb?=wU#%%$I6U#9kgRc%ASi=%B0rOGEJm`>;>i&l z4me2Wfb=GPkQ8?lk^|73vaD3~1g>L>(N^oEb;`6*D-9bXQhPt@RR`1H8{oPIprEM= zH@x|wbqQhDuaOM5Ui9MxqYa5jY7<%_7*uFO%Ct+cEF{077@}TY9=+rdmm-n)oKryw zh7Qera{477ANpJRo5bhDP9}5}!ktrc1B&6;z-(=BZs|Uis5=qcJ=zm8+Th3sWe-xE zOGvvsyn^f3S#JLXk0w;8loAhk8#3)6#dVL-#o2dQf@gC-d+O2AZtXFHjRR@ym?xU@ z3E%Ot933915S>kW88b0bc6{uORG$;PXbzlK3;g9lyxNn_7es|+6}ddARfOg>?JO(y z)Cy9h|BPyO{6MVzWHX?j^SYB{qdE!2HiYS`*r9BXt+_Q#l1)W0eP**=7|(}BKWs~? zkq=5i*>1!(8p@&_ogu_2jF#0$h?t*q680VI^1G6dl{NS)80>&Cw?`j z61U0KQTe%FD!tc!M|Sh_3Y_Xcxq`9ao6OI3a><#mgUse@a!Qg2CWRz}OZg8)cEwMS z2vqwos6`|svSTmGr03Y6?)L>ViPEd)E8S6eRwkI3Hl2nUraQ*S+i;6y- zqO5VJk3oeW?V!aq`^LbF(-ifTkR;p&!ie8i@NFrV=?5xD^i~dPGrn;sv%zl2Wv+ti zwRz#J+-em_{bXe&r3w1T9k(YA{419$W22OJiE&P)bQ(8p;u+ElUn0+I{&y+xD|Gt9 zpB#W8KOelo7!GYUFd_Y7l`73}u%s8?8@6i}OLu|z|kC1a8se$b$1DAU@Z02dB3!H;PZYC=m; z2gC^1^k}0C0f$9eW%`n5A^NqJ@N0gBvZv)u9vbcrW%BBVVQGCKEQS z3kZY1o}wAhF;ArIuazo}#Wrvu?*S#9d{Re>nf;_dObTO;C$U(=rYjjxQsFb8*BlR& z6JY=?#Nmn8AXUPF1&R&3joCD$PXqS#R|PNCwcOHHgJ@18z?gNv@xHID;ph1e{kE(a|*7=(}SJ#91nV|jWi+4o2 z-@f`h3uD0n{5yoK76PS1|Efa|TVa?lR_E|Oci^MCZO2R=RD#9k=^maG#dj6P@1CYH zB{b8_X`{GS$I1x9Brn9?(QbiZdr>@S?wk$l=#xDK*h5~FNX>j*VMLd2;jznn(_2`F zsIPoLO5EhTN0#Tl_jeuNQ4~E!I#xW0^gN`Qg)6qlNOH%wrBv~3`o@_#vjimZv`r?m zIu%dmc`k~$&n2vQEZEDciMT@gQD$ONj44F4weIu%RKH=0%mz~Om)%d=CpN^Q7%&Xg znUgW&ROT!0X5xNMbuWFh)ZXIP7-CPVPsjt-QpA{W)*##m^2dbpBU9M~4Kre>eN-IV znNM4-Z3I>4R07XaY4g;#w-=tOWJ_l)WcQ@N*AhT3j?VvhhYorAEo9VEYEP3UTFq5Z zS`A#=+9v^jI}Ci3o9fgd%Q=}K2?v29oHuDi_O5M8-OD?lil;0# z-ZM9+VIzACCD%`NFluYs)wJ28Dc|&Hn&4pER@@|eaJp{mGI0t zUqaze{OTZOq0*zBCb)VO;hELkT?RX40}sjD$jT4M2s%oo2#V>|n zQr=1vrljDl?WO!WK-vcEuNf_*FY*M?AFiO9G%T<^V3_UFF7$HaTpwy<6o8Oj=!jnm zAEJ=jFu=OGIG9x^93N_la$hb$&&sn3>@2u~MW_!_OpST14arMgq{zX7V|9S}P-!Jmd7lM}?>MeN|F91-4TFK29ic!lWj}BlRb7tXpyS4NiH(er8NsZ_w8r zwdQC%+(qP2?@Nv4lAvarUo3U>TgOa0=!;CDQ{k?(WSI7I5q0HKq1~Ong4Vmb8q<$oLaI=h66Kv%{aV1aX$@yy1%z^t%!`}etAe;`V_~Df6 zDXy+t`lfS60!fH2A*kVuyMrU%la@|O7b8O9Xxki&)jB1)U6Y??ce*X5ko`m+9JC&Lcsr(9!CO-4WSxuhw>7Nu@d+=B*PpgX|wfd37}!GClj>i@;~7I$uGkc z`59S3Y#EZ9#WKv2bQ=x322XOPTRzU)#?3&=+r}d#O^Wg1vB7(C9fd&2)tYdAbHaJ^ zEYpv;R~_`ye_G?px|H9EvN%qET(S3p2LRh}T=_I=#sy>SDmorDm~OUEfpJ~cAv*L! z!^Eh}e76?RU;yjY=gF%tjV}ree)OlX?1?kDp#G6fMqo;Jykl+|j>vvm%D2fMNKSA} znJ@jxYI zwhlUhMU*s5VBOm75%KBCr!8h3cT7;!R?p#`!bGj(an^d45Ay(G$Hn$I@&d|yJ;RuuuVXK7Sd=}CkzY66a9*$C2O&)^ipDoPF zp9SLTNPhnxfvx|gKhr^wEDy&(H`5xRIstF37U>v0n%g+Q%dX#~;_GW@&iI9h)H`I+ znOuEyg#-tAUS84zo^|pr!w9G=kTVp8HKgQda>^Ep9SQI5rfn9o3ThMmB&Y1bGZ#n; z-W6C_G~v)q((!(Vp2c){j9@$B5;L~vd0%V^owv3Aob(tK>s{ZXNt;z2ql_U4)PTJ< z7@PC+;GUAMCoe_z%R46N?!GB1Anhr&F+!f`R-^s(5s>JQNDV>A0vT~2ynqP1xR)xc z*)@R5&j{kk=U1KpHJxz+-mi#Qla@=h4HF|-W+E_=2&t**nyiW{172ndq!^pNQdO9z z5)~Eh8(o~)s*F`-kpvd+kC0_NLr(rIa`T>L?={=&ZFAAGXJO6MWzE(nA{ zw^~#JrAZ+5pEs*DqqL;J6xPPZCO?1whH28}lp|2iknM;FLjUjy4<0~1`IpG?#2f2o zj-~t)n?D2o?rK$YZe62U@kZ?HESa?y(64bMVg79uI24=O*of^v^Imr*0Fiul%Ha** zYt0pezw;q0V2$8;oBmLOU>N(~)-vQ{{Qrv5H`wzK$nMuY8&6|1$3fZ6^{sJIjC*7R zX%0$@2Ug?jZ8)!}Fn~@tOW;Dg#ZdHqFyoBG=U_t3)kI`REOTi@4LGcDi#*6KbK z5eh$~*U{z1g8tS?rAbl%dXOGRP(m;3-;w`$%80W094>iAij(BF&-ts-RKEHr07Oz& zKDY4xE$YQYDLzQD7$+8{+zm)*+2hH}!mjiDksimu)ChiXidIpY=cz8LXb`SVxcVp8kj|Kc${o{tnSnymadHETor$$6fL@E!pHp6W_u2aOHSX1TNYG(n%!o9FH~ zPfz(^mJ=5Z(S#j7t#=ip0_Dc7P2Xl;3~J1$|FR(b!S2-1Rdugm=kH4s^(&j3J@(EI zUM{+5M+k4?Q?N5~dc5}{Uz`DUI=JtfT*kp39^kCsL%EN<5xPo^*#{=h*)J~FXPM~vIN^pEnII8ine z4-$J>IE8=@b5VRDTPIp3D7Tr7HF1AS&hR3TEV+?fZup5w%af;CH{KOZGn+4k#N>-3 zZJUPh8Zupx3pqXBW}{`gCdW{;!4_RY_eg~YWZ6D2+p$Z8%1BxI<~JGoWTS)Z z>Qj>hTEvS%-a5w9S>E>bmrK;GDu{4UM~*^uHQlqx9QvEwrhEC2v`nBWp+9m!PRZsLR2UvzfP3vdj;|DD`ZQ9(_@Y{BJ%4#{k`JVWQ!8u7+xL`de^WO}a^{Z2&BLx{ zGlNnvy9_u$u&{BS)Oy@%t{Wz_kK{_lDt@jLO34gEIh@$xbC;7Q?@(yaK za;4PR6Zgx4u&2E5z9Z~>pS>gy`UnQtM?8u?W%A$oowxzyqJ1?tV>SPhK@03t3+5S^i8&9yCghDALb`(hY+!Ow=oI7)gsi%!4IEGY=CXb#8J%V zuuRq@F-U~jOjyd}b3)Gom2oO0$OG&fGZS{>To015w41)vI7xop(e!qvb;mgiF8TNl z=%cy8GWN;uui0pi5o7TU`Sp)>(n^plCjrp}3FtSQLC}8msG7u$sUpen)Sm00_?51J zFAq8(gIylP(w45(mBeJCoN~Ex!c5R5YP3c)viUhwHC#gW=M*tndTTaj!vu@A2rhZ* zcFmP)|Gt%d`kv-zRoCtk?g|0Ov+K-hs;rce%oC4(Cz`N1ikX0i)>wKR(EC=5<}r&- z<{3VuQrUNDP(4%Co^_(Y=vcP(SwHt(mIULTCgr#viY2?r#U~& zd1=Pf;}J6_$grYJmzd*h>?UIdd@YM$@GCFl7^G3?UAa&T8L*<%{1hzH?wi=(KbDuR zUtM4)LVxsqrsl+Bm=-d``+xQ=Tf?yCx}*hv{cX81>w%nW4T!_RW&? zY8cvhkRY+Xt43(Z^H$8qJdSS6?l>2+`oU<85cJhU8?I&{B)1Y2*oh<_WmkcuqEN7- z!I^`Q;>ZLMVrj>jU5vJmrgNV;MVqyP3YnrUSIr6i^qvi+==ghqLtisOD~lz-F;2PW zZ4LVE^HOftw`91nNByIlr`{On(WkvT9Qgi%wV4#$;R!kuwh^RbI6p?iJ!%8rcF zYeNy^Gd%YTU zs14}{{%z0KN|7ul1})xU^fahd4aG}bo4>TF#Lt}mk6M8A2{@cSsPpHVELZJCL{J9` z6)8$&K@ zj=R%T^MG4|NsQGmLAE(cDq!lXMQ29BVmOXTaz?8uW7nd0;Y11xNqf6hJ(}pAYIoa3 z`-fj;BqGiV2Cr^2g%VRyzP~y7nzwRF`-WyUV8U?^jh{bSdNtSG3H_F|BJ|$7u_on` z6Ptj({JLLqmwX@Y8b8JObX@-DjJ1G>o>TAbA6|1coMpCEcBvvb{>#l+ur za3-B@3N=+SecBMDQ8efg0XU^kTeMp zA{6cCQl@L*y2lJTd;YQuU>>+A|o+wSa5SCceO{{gjmvFc%TUC2A~b;jGze zT@K;>l6I~uHA|C8LcyCmW((QI-!I0=UkspPvEiZrYYcFa%5VN@2|7d)6YW}(KGZ9f+boY#9 zn#r$nPlE4bE&{a+Uw!v|5ks<0$>U%q#7dHcm4jiTSe|yd=@WdociGvh`)I+ZO7@Oj zi$9BCu{ZalARJyc-&a$W;~t`js10Zq60nUcE`uwFtV-Moa`HHNxQjGof}#+Mi>I9w zV2nAxop91GOZZ?#$d#@#Hc6l^xg^-;REDd(FO zVcz>RwY=AiB%p6chd;IcDS3BA0jhv_9q4Ryze!!1##JL-N%b>A(5f&I(Iv_}ZkmWeYCAPKbH6qI z!L_%%w^YKTlg{onX{=6h(onv&F-vq0Ys{)EHYZqMs$&9}CT5_B3US_GDImmWz(!H7 ziXkhaCkiMBx(d{`s-emDih}Ux7wCe&5dCqF7P7O{E**8KXu=~xc8|^@Da@n=Xm{|g zUQbMGq}r;%3_gBHL{S*J4m!foN5v+#5wjhZJ6#g0va{mRHn zCH~IcO%+nFk_V#qdHR>3zjwn|oPh=6cVTPDl%Y9Wh3|_J%-&(~Pk39$_l_y%bULE` zq`VJApX?pK*N&Va-(JjD7oUiLFQgYbM%^IHmPJc<&*f7TQn$3j(Rz4sj;&&pfs8cQ z^Vd5}{V_cOV!SPAobeH&;>_WcwWjEeUc{gyE_e{5av_< zsptYlld76dX_Nf6wGMX=O{)!A_5AC|m=hqCnL_o0Go*^wniW4XKS740d-bW|telYw zNLx41E~p93v)%n6kR z94|_cs2q`$!u9ztP5QT2Wz+7joAU^yC02k>Q3y!o9f&;1=LU;zCN)pnAq zOn$VtCxu?cC;Y95E6 z8-6s3a-%#uUJ2td`66SS<6v!uJCKzSQ0+mjeSzdU@Ohj~h8Av@6s5_6!yjJ@hP|t@ zkFWC7mG>hQn3MO|74R&V-zfJ^_`Qla^YB?lD2TqI4m~2gR=e+yWqSD*=NB%fFX_qk z(R%#%vzG$F)FnfjASILhMTSr`mbYc4F9hbKROka_E0n&aNHqxlAx-agG@pu(I5$`e zn{!2b7vA20Iu6rWPkd_CoZ}G)LAq|Kc4U`p&9X@orx)WLjm{ z1YA|6ts-v44Nb4dpL`*nktx7Aj%Pn}n@p870t!Urmz3xTC~6fnc5?&d8Ki=>f>PEg zC-dq+5&bUm36&DsZ)z8S7LeMR<`HN&22!gOZ&m3e^<-;y?DdRI zww@lN4W(E9kYj<%Uoqet5Ns*y;})F^iEkYse@T|J3f*kr7ETOgSG*x}{ei$VGrBuKgm{hw$x?z@W^`V_{<^QFAeqhdE#x%FOL z`2N|;{>om>5lJAjNKWfa@-Jphk)}L?EtcKn3g0TSz37Mcjv9}6(~XU?Ka|&@GFbQi z57z!Vs;aPS8%G6cklJ*IY#KI5cZ0a;QhF0gNP~1YNY|#MyOmbD5u_9l5Rj0P6iI<| z^E~f6#&>@Iedqkf9)mFi*IIksYp#3FdChBH^S@^I>oLrs4DY&bM2n|OGNQ#jx+%6n zv~IvVQyrXc2T$~WwszQ)VBb1jw)D@94mab*kH7Gs0Nkn77ZzNn(Cs{X#c48K{CN_G zG%H&OPnFc1H(X?T`FpU*jvDG%bfydkknUk36@(fLh+*qe(nqN>j4NSiL z@|0)$oxQ6ryH&zlx^(eB;a`xVu13M>o3x6T+sI4G+#mhe^{447ocgZTsTNN?g+HOX*YL@Ocfx{R(d(^k ztSU;kWio%X@%DQn@j&=h$rIns97YK2akoXt^+O2k3Ce)kf>y4ztK~s*G zbdu@e7O$yaZG6sY{hkqz6h7N9>N`P;v=3W-@nc9*pKr(O>ZLWU){?@9KZ#8R$mt%^ zTJ>KIc9Rv|5A`E0KFbi?B!5AMCyelS3Naj$M!9#z22wDBf)U(KI2R~Tlz%b86-ba{O12o5KbnLS^ zG2J0IKi5w6#3BODoi!SMbq-WBl-oeKNM%B=zZB3Ro8=>(X{08y3zYv_4_av-xHe7ON*a(NTLtl6NHkp&|EB)Q9x$6l62&C?+vTJa_54?< ze47@EbK_j?N|zKfZA2~ZKwX>(%twcUu2Vmn#V2d{Z$e{jpo3YBVE&g>1`(BDf?&Ib zzsD1Qa}={~<~Dni<$8CADKzlR=rP175>AG5pT;0Ag!>YZk>VGrB@@K))HsNAr zY(hfUe0~8|?3ogD#=!8hk)Wr)hF`*`DkSA0AxUY^vCBJW*TmIjPL=>;;+Wq%EEgoz zo3dq>)2EMK=x;Y(w*=c=%)TN1D?kG2s>UJu^Ot*6wBW}-bKw6Xh4a46OH4lW=3glI zn`8c)qO#`hLxLTbBnL#F#?Ia@FbiM1QsDXWXIg0<>|nVH+2f_Ni|dSeIkoIaoF{L> z*9V`llg#R$uK)#p6b2sGuDJ`LN?Y$x`uh`}6g7(RHzuvbsa$CNOHWjgX zj5XELIbxsigdnvyM#0*SpIHTK+|%r9Z^iM)N_C2lqIk#$P>}lxbxF!G3tap>Cj=2QyrS;8qvsQA9F3S#|*Xo!{FY3&x? zsGFR)0VCF#NlM>cDAf(MZJEEyQDfaUh?3T8ElV2up>|XjYto4AnQlrD>hFwSEb@#F ztV)$vJc%K|?(Xp3>3={?Tr0ajBHJqQ1NR#%TC@*&+|qXW_>#F6c`lNoO^fqW`GG)G zOYLeHaa&2^h~U*u=F2Cc^}??8fmd2_1Cdt9KONMSZ*lwE*cbTK7kT=QeQ{{0tE|l| zEg00*-uhC7_bb$G7WfpvEHmIoMJ0*gB5S9Q9ol&dsNApR7d_v7(kU<(;;y3n*sJ*w z`S8RlIcBHaq_1)A({7zYO9^AEASZ46EnNtL+eDK;*{SI`cwTxGGUGW+$fmPSu+kd- z#h~5)f?w!IZHH?q~)YCVIt| z5f)6YX6O|>|NG%11)-9FXS8Qo7we(kyq^%N3vs_UWlS1sT>@Z2?f%KJK%5*&2mIE)wuiDrqi$ajdeHVe5!3&d8;9jh3~0;Eusw#p zJj5PaQ>l9J!kMm1hxrwTc%luHJp}zq8ZaA$jNS;)aK=Z*HjnRGN9vR2goO|PptLbI z+&h;m7#n_ouw`1oCXN8f93z8nsC3{P^1lvR%S3uO%0gj(m$Z$Esqe+)BB)|x?S7yQ zyVrhrK#?v`iqxzSXx%7N$h&Hw<=f#ldNmjig@VL4D*f09YWlBiuv(J;ADtym|6zwJ z9+{4~5;>)=R9}k?u*7yA$IpQITeuJ=lN0S{Kl?4S)K`ThDJ`NmGg9?;8wa^QF?bj= zbfH-yu@#a1z5C=G_euZgvSC5d9}NbCf_L%+8ag9XJp#82&qv;DjMVBs-z z_)2aD`<7l0xxg4h86DH59@aM?8`3jwTo@f~Kao1`43&Eh9ZkURPTMhLJefdmt3TUb z5ar`TYzKL-)uL)FSA{ED&9q^0UGTMc`y3gDPi6PjOKK}<<>vn0Pvp);>kljCbuZ|j ze6W<6g0F~)xqAC)z7qoAk^*aVWnG?r3#NvE;guncpaHaVe5g4Tm6jZ%=toPujoEkX zJb3{dK~@!HlVuFHs|D8+CYdqI8Kccg$j=MH@}BZ^o?a{Z3}ik#?qRj|#jI=0xpR?^ zPH25~88wbo8qP|XsIT?BG2SLqA${kkU-3vy>}G z55;GNLsG`xuTs@*u}6Q(`JV2*w%a~c_TWfaF^!5oHtOwP3~ck$zVO%V^R$gx4%5() z7D$8SrLbmR&z=2|=^T4=pGcApG1b3s$#$lSV~1`tlq=og5;IkPYLNsW8#X7wrOqS? z>ZRIS+kK|x=@Eml<)x=^ngru?%xqHC z%nUX?F)q%XTikXA~pBpH`<^B z{=<%n>Baqp;T_bh_1mfh@!7m+nM>5OqY)l-?!MnmOlSf@DKpfM3Q2|;wS+y@0toIF zDWRq4Z2#&-&<0#pEi*Zz9v)>=9_@G0*Fdy?r$szYxMhNFDMfaABgUc-^gZ5t9?&|lx2TFqrUdV z!tAp2B5tzLrUnK-okgra!bLdGoHjyySZohiZzt`& zqmHhJGZZ;W(Qa{P&1Vl_W4ndixR-W`lN3~KoBY_1?#?+j#;qb*Bn$meZ$)T$MmKi3 zdSc!k9J!|joj@a>;t0%N0d!{OK`Q18FPl+>;>Njvzkp>KTtqtg?|O?oKc3wh6UN2g zo2FSp!Of2&T#sUdX@qs}_d@{~T{}a2wD7<%@4NCbHShd&z`;`1(ce zQobE&wl_Oiuf;Ut)8B0Cf2J(>NhQFs&#=&TSgAQRROIb6&G);4O79Z3c6{ zU6!JBJEOgrIF}eskL-HwJ2s4O~5!Y}y|yRI0Q|4{YOcL9{WwKT?W4T}!Xc9hy`(2$r?Xs?YD(bfO zn8?}FGxCGmG(nK+w4w(ME&$o&(6+3f5P9KOky=STbk;{%j zPHXiq*OlD1isZ}(@$vD)$tjejz zO?AnOpsxb6?~xZACagbWLB%^nX_W~UEC9OF`sbXy0He#wQQ2s10IN7;$IVEyFP(=q zHrnb9m--;6J&vGpF+zu@RqyZ~O8+Uc0atn1!u_IBKq~N-*js`C6y|~EA031JS&rBF znO?G6NzctdY{qb|c*eliCFl=NX%$ebn=Yy^-xkA^iQ}Xy`RY^PTK}wp+sGZZtCRc6VOSu;*Khl zzg5diy?6}8A?3m8VkJoNct{cY_W$v1oK^yW@Ewly-O@8ND^^zJ3ljF=p@f6Iyb`O9 zsEOkzzdWr+b-R<8F_YMJ2Cbz3tba5eYbdgx%Y(h1CrsrUvFM$bI@j}qHd?F+7#kO+ zOHsvO+nEE27!m(pcpUow$oA%Hrg-%XJ1to5m2k!~pRE7ROv&%*@Ys9P>c54rO2!+^ z68J9ykCHz>AaoFj6{3rI9z;Ebu&#pkq(s&I2KVo-IpUt6rtWnOl1r{ZC4*?2sm~K$C9}DGpZUN^Nx4>$ zn3((a+dW}N2B6`x{o^C+LW@&m@I%b??jCtI<5n2{@0HNiRYE)}2{gSb-N6m^8O=fk zm*4Z9dI|PGdko3%LB;=aEXY!spl^I!4c?@YBS5(~=cE7#TR?SDwza*zR}(%t{k_v4 z)BJOKoW)z1viWBPe)eSK^G0VW35mwCourBwD&1F^0R4sSe~WzqK16TV+VPIhr=G+cjst^~Geq%`&?_1fb#rF?#c@E-9Krx)^TgpoxKLf(EVvGalwu6-=l+N|>IRQJq1P+TqzDA!UScSLZh2s9B2Nnl2O>O5 zGdjgQ_ACeQN{eJroKo3dPz@!}Dt*ZjZFn_dx)gZyK&K2oSTXa;`R}gYF`U<+fOs&0 zHtyiZN1(CvL(chLsOD|vhyG^FD*al*Dz=ymwm9Lsy!De!&Q_N{P@n@B4QP9XFKfiS z&Q7CE;a=V)@_kBbtLGPt8%a7sPdBLz{J;iLtYT59Q-<&S#+6u9xB9sj-uz==GJf$) ziqFh9qJCP8hE$WJl&OcVtYfm7u2I7&q}APpaI%G*20`PO)<=DAk~8)QUr(oK0n4Gd zp^lH|;S3c3J0Rpnzpf# z?1V+90D(1~n*8S-O8u;SeEth0ptBjf#mPkY8iN-Qz`i$#+{?^CA@!;Ewr+@E$(KpD zrdr);Q?n?vYofB5ZDhCkAcX@&b(ALFb+*2_!C3y}9jcu)gIl-q3FT6i%j^tuG@~v` zKJp9~w-+KU?f(0M7T9Gt&x!}x#J~DUO+TGdiFXnK`FUa$x@}bW^h*gCaasA1PM(rg zf2oBm&Z;TPwM+Q*Yp)=n=Sl&za{#ddsT?T}R7syxInbNb|Cv1+*X^(e$U0^I5Gt_6 zCx$fbeeJtj6vwTvOcsj2)9N|sWrhS6O6jX za&Wkn(rplom7yf^6%jJ#17s@6xDDU>UlT-WVSwg7zTe+!?8y;=`#ew2FP2(k2Gz29 ze(ZapvgHeWPOoC);O_YnNswf-+^f~CFrsa3{_q?hy_6%c85mjQHg-MO96gtdx3v>O#2d;t$W zr(0A!Y9X{xV~qTlH9l*h8k7soH`t)hi=+rQgV&q&IYRC**^G=wsk!>azzvDb>GjoL zPG=X&F#9>DsGS2GQqFFVC8QM_2W=Wc&ag9AJpviB`Ak zbR_wo^K<1nM@b^D&l=TVfczjTTum*!0}}Wy%#3U-()yU#>r4PIPimlhZjJ!#8le+$ z_NdUPH_?d>oO%!!0YT5w2aL;&9N~JgPL}A;gLOIb36MwuTO1C($}ph25gXvU+enEN z^56$=Y=ZS?1M``|M@$B+8t+0%O3+o)xuO?5b}jEZe*le7w%e<{u-01l#A=-ulrK3_ z(Kw`4QJ&bBvs(0OlX9HLHYAqYlZ@piA4|QK^LykQ9QW-S9p+GC$?rmvSyWdyKN~Ow zZ1*wX(QJnx`XUOoiX!UY^MqF!@L;dttD#3klW;ucwG8aa9!^*D7gWYOA!mE*>14(T zx+XpL1WEo_v^b($oYzWg)tQ?7{P(;rfcfY4#l?sv9=#CWy2(%sW0|_T3F!1-X;9rj z*p!!Z3EJsm3gQKt(dV3;cK0PlK5z7@D37}P_lKa?>?5k>I^2tlDER6xb&$k{< zB!WT*D?4)!N;-3|jI&}cq#kXad^ud9+<1a8sKR%|#E9z5l~MRH_fz?hc>3ApL4G5t zzm!8cMP2)y@?rgkUCrAGSd#YUDM0L}KlxviN&2|Y_06Q5t3*U^>U7C^1C<=GLQbX}v3vi{7Is2IByZI%J?slxdKR^BiH>K0A|H%R z)q~Ya8l`Hu(4?Ir7=(~Zv2!)#K&ODV^4FtQ2X&IbNRX2m0qov9eG00&>%Nak&5?;5rO?cw3%NP36mW zki00}pOHziBk5DnPFwQ=7L{*{e)#}Yc(y<;?QUP|~@d zMV@3uM@K*3eflf`_&H8|PsUxnl?zoPiC3Yr-0!;5D zQT|?^3ey_All*A$3cg!rYlfvWBUdSvTdQSkc=ojD^QkcRzHWf#bh+T)<5aSnv$X*? zm#F8ux{Vxa3%?Ts3_9rrYASSn@F3baw%eX!npMvm3Z30wXWGPoUULX+s?%RQwSe}s z9Np^i`p{YsvQ&*~y|j)V1i4|ywd*j~4I7{;LhE_BG;lqv;xhc%yY5MT-+;|W2g6u6 zwV77Qv;lay87KdY^@B(!S>Y6vC~;K65S?!j*0<#JzM~zCA))e<(+y1&!Dq+EL}lUA z!N!d*NF6ju2??VpXUZ(bo*U$d?LdP5{5Ucl11ZLJ+J~bkFHWRchNW1oEQXjVcI3Cs@)2{E)>sIj{K2EhCiP^ zFFz{D7l_Gx5#x5>3XM^OM_KRpoj8dscS2S?XX-os=ICOKZA!n;*J)XOy##O*B@6$! zz)ffx$mGFf-&hIp^{kbAu75f1lggooDt`CxVVmn_NT#<7pM@-M!0yZ+a@fG1DAscQ z4zj^G+J~%V@l4c=1oRfOW8dfBTc=#G73&o5_~H9tN_f*$wy*R~8@{e_F!+E!TW1!^ zFC@fd;(zh#-g+L@ns$(Z&M?{a!MJ2JNC5#TBniHK%U`}WQ=gGBXIpLBgmEudp8|~= zaB?4>J998HcXWit^OdQV?LdAeb3*zQTuIk2?%xvj`?q8i^gqc@&ioND9@3Br>f+tr z)ZqPb;iag)bEGIn+*9F3ezE+iAnPpuHoJKzfQ~30=omzYwrw{~Up=ABsIT_rJ{nAxrQY!e1_}|-J0*(bPu4(-do6+Q zTYmNY-<_r>sVDq9cXk9np(l6&EUHq;sb10 zdfNWzbeaE$eJ5VIBP}y{)NOVqQ9(PNyrwgj&}}DO3RHts$}xpiO+ix=rj$S#2{hb` zRKM-sg+v3riz5B~_OpkG8LNK+>`nCJuxuV>|tG!vp)GA&xdb+S8(n@JQxvHrRg#)&2f#i@tKa z&f5R=={GyQsUlxtmkDfP&v{`7re&5Z9EtG)-pxn<+VCJ4rrkM``Z9w!+tg4iuDDsa zC2}&WaYq~x5q)ZMo8zl5lZOM$-}J`)Aw*wa-^c7{{`K0o706Dx`-x3yoSq2q9KfQV zp<_YIC+5zHy-j|-SeYo?$pTuL!@bg4I);yrG8xRqz(d&i7AT`b`OJQ2VNjPY>w-ecHOfj~ydVI3^ITDyqF>O(kRmChKL~J<(9oKHe z@8)q;&LM~Cr`9iz^6S?6J3CW@ z_18XhZzW}>7ONXbnoPh@f)Grif?M{+CVl-t3E=0>PW0-kxr-rPcsjSy8jvAbyOWOu z5_cdx6lKgmIysTMx%xXGXlAyefLH_8VgvMNfYL~;TDDM$Of>yUFRVaI)Fb)1VGuTz zKT^;>eKK@c^qbMESFcbWs3M4I+_SH7S_h(g4f z!EyN$c3@y2U$~-&0X9dY+W`=z(7S>V-U~ed!4jR4CqAb(Tt>}!LPA0euasieS63f+ zdU}@26MTP0y-zFREW^54u^$P8%j9T}!wSl6@gVFrF6|M~M9fO7Eh_;KT2eLH=g*&G z5tk0aHGls41(j$>%Wis13T4~VDN`Tl4aZevHLTEPL7~gS0^z2nR*UU0Ewo%+>xLDX zPZXtJV~Aa5oh7B&izbWq=wqIAARR~n`zECCxRe&R(KU2P1;&-Tcwf9ntF5hFy9z>i zSP!%bXru#Z04Qo<$?UPhXh)8Mf>Qag087AzB;kNjvjRjEI9%oXf;N*f-JggpLPA0` zfwTqKHXS@>M`kFXog-tgq!5lWUSxiJLVmDVJ5aWXsiWC_VASHsEhe*h^xD;2F4O=Ww3q)&$rn{pi%n+t%t z{u(Q)likoR?6}Al%gD&cW$b~P+awA3{-2MdRLlVW|i4>#Xl+mU)Qe@)mfk+UxAJm2_G=~cSOI-Tqleoq^A7#F*3P{S%gp#B( zL+;QaqZJA<8h^7&1#L!?`~^RA0|oi{b1CS`*%E;e+6 zq940-=zq9!R`=Rar?PM&_UB@iOx(yg2(R8W>2CeS*9^d{p{g zmrl6)U)=8kdlEKUAN(GjTH`ii8j8nhmtSjt<@+dm7~OCpYuWcou5i#xxbtjrIFsa~ z%g4TETqQevrPHRGMulrGm)}Zz9X$}V``Qg)T*WuoG&W)J|Jc}CTU(>r)o$@OoD_m- zSa(dPku-c2l1UG@fLk7T76{%Y=~TzzL`I9vULdE0);ji1(nv&chWIDg-D6Jxe4gjr znlXZB>Ml@2si^36?Sf>7eC5CUU)XQ8|kIBSav4251l$o8pfgF zAnuqcKv=^CSd6lP_EdF?wO-{G?*4ZKqPP;k&%XojqBGe#$?=`?~P>( zdUoGOjdRfOfoJKx3!_xDVvXeI9>2e$=ZbqOAZB{!KYB_7Q7oQX0(w3i++P!F?vca& z95j7l?oZ&@aFNE>;U4yLkAtG2YFHHURZ1+gwMKOp#IzfQ{2`;xIeT7jDJ508z85)f zPa-ZZG0g{0E7qK@BsJcBD&%=f!-w(i-ND*be;z9W;J=mE#jfdg$oXSdCZ>0mKm)&0 z8AN%QAcYAlDzezV`ThaR-E|lB@Xt#6<7p47FLw^#sJKiD=c&UUaJ;Jh3NiHZ!H9YZmKan*vlW+eZk#VopK+BnnW3BnhoG$vFbUZBBRh zxjN5=*L}Y23L>Tap<-`-gLypxPiH5c{r-`^KJ$w`P>W%3dc%y^G84Ac{E*6bvZeXY ze^i?6(v7O1QV)83zR#LRbo%?rg6`YA)7nS2X_s`q9GPun12H^}&swQ!y5_`RmcR~VQZm%$=T8#X2(DwM zIG%6cCuqRq6V-XMdx_^u5~JKuVs6G*)Jk)Eh0C)XD_>?9bCU2jeklDz9&G8S5v}nd z(IfI}r@%TX%D95@uA7ciFOrCsVbm0Oj9AOxC06$e%Mh-?n67iKdC;s7)MN)j_CL9o) zjWLE~&p&aB!Nx15UxN{OE_dHw{W~S4lk!7d`e!kDycc`ruPbq8av9bcM?yPRHt$vK zo)BTb=frDw<*N|uL_6tpFjZKjAHgzI1Z%Y=(~CUW3fCwMWlwyDm@(_*D|d8wD`$r2 z?UN>Jdr#R@TZ{@lkhp!@&6+n=QCb)p9fJ~o+26gh_jyC!UE<6*UUo%E6&W>z(_-^h zqkk|p4&FGJJb;Tp6g(f&V20EzHV##!uxg`0q&2cavYPCe48G(PKGa&7%~g7QuyRMe zAGpir$DcZpx@#_g0!g3?NAw>RfIap{3w^knnhqKyJQi7i=);hsM_t!9D^o2#Nt!=I zgAiD%7I-TT;BJpp@g8-ONAj4NeMN(GoKC%h)h#gdEBERe{(xUjm z&j}~d!^{2>Aa~xrvWnOm(6|`kdGg-xCig*Wh$2QRXKAbRUs*1x!3S}p?4}_aEB)*G z&uOy!{n?3)bJ}QQ9nH)_&~{FVY1S`lOsd5w;}CX1e>&n~O>S>Zvr*@cvvJ;sRjrd5$o*MteBW)42LJf;sKLxp;ziltaQ>K6m~uR5Gyvex42`|>}{ZpNoPw@vjvz+`7=z6vdZ zktCIcU*kAXhC#Zt&J(PC>=N_g?utB~rXtY4aj|9ke!7gBHKexXJ~`kgTnIBb}TThy=fD)BqW{CF*S@#gZA#wFDn9xWBDD+hNL8*l7m?T`kwUm}vmo(YU4VVoj zRK|C_d*Ugjn#L8)W0FJM=txCu+VPT`jK`QOeX+@Q#?Wh+RS*VO;Y=e&mK$|3-p)6Z z>g&hMJh#m%0!XUykyKgMujj{ms>h4vNzB9)vPHNl0q^p&>{-k|dC!pl*7F_P|8HLp(Y_)P^!1N>r{Pp+uYSq8Cmusq2RWfAdVZ+u8 zAUWr#)w;6>(5RzvS91OjI>|S1E_$=ZBXXhyrFY|FHH4?Dj_+w}QVe4x_!(!CqKnD$ zOV`+2=GAJIr9nV|U5o}T*7;`qHZ|Sf4k70zI_akhGT*tci8@~~;KhO+|H+>8UQt4e zH&evnDq9T46d>2ri$8oK016mhS@Ip~pY5`kYXpQMuy>LzkcqP@j(lELa*ixaPQL$} zd?|s$(XIabHwx&6KGR8aBq9WSn9>|lL7h`30^2rjgDe#B|My|;_z?Hy5JvQnXuvQk z^l}*pz@oXW2_lAqLgyn@I*w~li+n61-mS?`0a7G>>ro2THzM?g`a$Mv->MAQH1mVf z^B%8k>`Y3H2FBCG{0WKz!_6&3tZ{9#k2Zab1Tw9u%f?NoJnoKp|gxZ%;! z(Zu&9Q=izBp<&^v1T#EfCvSvrRXAu}Apc1x`gzaxoFL3I&DG*uk_i%(A)rTM| zCEnW#RV*0$?+jInj;3qeXDP@uOCR__HNuT?4Ii#i*l-}YhSyJo`8={ls>u3UBNNF$ zHQSK6Z2;7ijG~7Z=_0VfCt9~z3oJSccrb#=MtBj}ZD~=T_7O;P@KLd*zCSGS|LQQ9 z3NoKX44~l(#>P3bMhtynjs5Lm*e2;6wHl8~#MJ((k#j0jK#TVThb~HkIuUZ;4=U7l z3qd4%=7)AEtT!F@@E0K79M565pjq3#&cUXhty45!dWE)()1PWPLqvIr!lL@za&dM% z-yh!;R9!(*%XIKLS@elgJWVi2GfUc~!5yY+>cD<(deAL4-zBXEgCwRN(I?j5-@gi= zBnl}DfqRYwz}Z$4_7{&fKfkgX&mskh71?I~^!1V^e zTbiz+1C!lRP*P%&_{VMxqW>**^yiZc0CC$gzY7jM67$3Wj65JsN|+_+*&nxOpjECZ zJDCt%hqUCPt$n@ZyGM-uw+P8waIx|KoI#AMqI$~boM&I z2a-MrQ1CA|ZsP})KFtm#2QI_b2Oyma2W*2@zY%Jey!E55?`}Wc{y;xX8mB&3|MBcTX<>fk@7 zuZVR?t~gjO80_}fm*|0dKNEJlX`8Dcn35{0H^T@#k(#y+tiW%2=G6pX#bMD%)N7qSDv)%iZPr@vo8hG;V(fWXIDV6LerJBeP#e*vl)FM3tZ{qUVt>!p`zoi|5!9Iq|7x( z!U&NR(g>z@&%Fo^Jr34|WNauf*{Bb%B>EHQfWJQ88%=W-cahLDa{>29Th@%Q*m+M{ zuJe)1?ptMMIp66t3o;*6=`>MM9TAhO1*j4_PgwFDkoi9ZGk8qm0d@;DR8E7**2}_V zy+8118FpiOysN;*gH&ko-u$Q{K#I6;!~7ht?iobUIO;I1T8W;1+9@d;-8${fT`-Tj zImkr~GXnczaCEJSuld2!9kz5d0Q408ki~~MR?L))Dx`5V^_l!<@qrO&c+yG}J-j*( zjZ@p9?+r`yVAuN|cyT1_*HPB|8>~@hXQznw^g{@=^%iDU;xLK|LnTb`JY;s6TEtb1 zAxY;Ui3UEaA{}PJ0_ZBwKfIwm+4>y$B{w$!3nJiJu(X`@AiGpnO|8kT7}V{9yZc91 z^rJ;Tka1^$VfAR2I+~jJz9r2APe52uu7+fQ{d3#m@r#d@uQQdrbF&I5m1RqmtU$+B zRbGS<5gi-Dw`fG_g|&Qbt$LSwaRB8*p>xf`lBlYH6b|m_Zjto7_&re|5fL-Pzr}dwocQ_yTTI$qcqR zeeFe-LP6&R81kqHQ1T>Rvt=~k5y)7%BbpH*yH4YV9t|g;>nanD zE%Vhy+LsK)XfXzWn#nIcrY-p3kJVV?OEkeZl7*>B$$=HWH(Su;O=jCM9o0|waA{uKXt5I_tx&5t^~X#tK5>XUEmuVk+lB0$@|x358k z;X@!GtyFVpCouou0lDN;1zFv!H%CWD{h|2`7uS~zpvGfM3}rJzBWzBqECeukeTx&0 zbk~C%>BC2de_m;}yW2)!OMbHrcrAy1iUP4hsTnJ(kV4%XjH6nc-mGd3xDn&=$_oXB zy}qz_9ClgrujDEo`Fkgaj-T5{jO>AU5&x4v=6LpZTwbp$*OH5k&1|Z}oBq*oWoWT| zRVgB5G}+Ir)3dOU*E@@<)ny$6NW(uqL*&0N3w-h6rL4RAsDb0-^k-@bfP6gs>oAv< zz3Y^VKtm&y(+EF3os45>s(L}Sr|o_;_E#(N*f zs>kO;urZOBhX{#(5>+N#l#ZG!tdSNsJf4WE;ii%S1wZZ=O=A4Niz+eRGefg0n2KOR z-@j+w3H-knjoud?{@;y#d(F*z`}!b<%N?LLCtV<~%&PfHrKhy1bK^Zt;&^Sdu`lNV*(~e|Nt$Aas;{F>(3T zi23IC1>{)Du8i%h-tKlgN2VTtK*A_c5!WE z%}nXg*T3j_cr>Gt>wNYWlPzJZgV%g?Biifk_92Z?Q%}gH+dZ3a2USHD4^Yyg(&L?` zFyWJ(iZzS3VVoJC052Ixf$NiilGGqj9{)M{UND|k5=}=(CpQfTY;e8(ht#v!$b6Xf zuDko*f+DAxD_Bkky*U`4vw7gWel;7O5lH>MRv8d{tJF^t63FCpe*{@3=dl>w$O}&+ zke6?8-Q?ghd9T7*!~_u0YP=nZb{g~Ev1%}J+<{4T?ZS-Jd1u;s>~e)GHx0nC;EIDQ z!ri^S#_o+EFaUt-qsx=c8L$5YXu9CCAj5m@z}Y)Ij792D)jhs1f@A*^S8)#J@^g&^ zp3DCfYq@1bM!;#71XRz`d4fp#L9i2SvvWZv+KuKfv9Ksiq%1V4dk%=kTAjwC|G7() zUbIIj(q4p*@pDI#n8kmMU()~1{%&8Q4R(^xmCukAk}qkNerVt%f=POu0k__$V&Wdt zqjMi?5f;OfKjmIm&Yhj9-TRZMxVW_c?@NLabGT?Klaw;*>a=_wqgFMI*Yu=M`od6p z72GhD0crjb8QIH=f0wux78Z@OV<7b?`NjfIoajILDX-O*%-!i1jVWnlBn$5Ea#U|D zhmX`f1fTX@>3H`&W9bpEgJ^e{2ev(*VcGth39z>XJ{m>Q`SD6lY>zzwY>+j%wFo)z z&xQ8Xp-Dk_`8B+F3E1t(|Jp4$x_u%{>fQn1SzGmv(>kqm%HOk5W(!$_9G~+7Xo41O z!lbk4_sXfX5Y~2!izqE;N)Z|0b;Y+)pTga$9lVFP3O0{`UFqKnl1)|Ee7Gxhn6Ne zo;E!xohJDW#b?T1+=d!jF7;|88C^?Dt5+lBJC7|K$H_^Z)wZGVj*KeM5mx>DwGNt3|6~kkg-R zP4F^Tx!dD(V6xqbx^7JFhgx3<)QFi+fJpPzoXXWMjxU+>7G0EUj{XpZv#9wrkDP%0ZO zWA&{6o+gM?g#i4fI8ytU#QXm}%up9_LSxrlr~l_P)iOSsfSe(j%DBjvg>p-yLk@ZvzV{~T1wIX`9k%m?Ydwp`CDwdb6(^H;UAp5^>ue!h%~ND z?HK#w8!--!n7@Fwjq;x_=U&-;{xN_bzO8#pFZ~uF2Sx9B`9J4T;pm1jvL^+A!rivA zX8^~4?yXwp1kh4dI$w&l0i1@F|Bw9toJb)5L0=e#!dE3?@G@wo%~<{S3X>72_y5*= zXv+_`kx@_&`R|>`u--G56n$z#2%mKa&C;Seq&Sel@{g7$5*- zveG78$p$a@ObFt`|6KF71Y8r&37iKUH)7o4zgJ9@1`J9{#QK%P_Te=3@$qpq*$dEn zWS-iCmABs5<0#C^OlFJ}kLVB=Pk%JvT>`w6`;ZkhIwaqO z!87@To1^Zu%o2a2-K|GlpWj7vbxDhP?3OoJHCf*QbO{E!0RFuU1*f(g(0LX+z4{z+`TpK|Qc?Lqfr{C&=IRnkOm_;0Ct%87SM z`OZW-poU2A(%`~oR=@>TqTX{3vDA7Hik+eqyYj>e*4vi|BU&ka%??H;>1-dL+M=EO z8i@-El9~Tj%@e?DWk}e9dca^m%frC=3tth3@ z?em8-z2WW)Hk43p!;(uWe|DMNr?%Pev5wC5deE9`07%qx$qAptl2=i|lJdKVN@jT` z^BqMCa98DzPd1+c$|x})FZ6?HLwu9gu$=2tB``W?U|7lBT>uOUN_z5&XMR4F%zMY3+c$$nTLTY)0qqY8N?GE3Z|gZP`CCXt7(3E#kK- zazZ{FY0bH{UU*Ilr;^5H9>gQQD;xY2FjGe%Y=`sZ-C0DarOwz3n3{l>2|BPn_VJ0S zR8$-!+dbK`D!Djx>*bdmZu8#hY1B7OyZLTq>TKG@u$N;w;h!^jy1#xU;ifezQcW8z ze_jyM8gMa*f`+j?`1@|0ly{BlTU9I(&P?w>z4@(#M8F9eV8QpSoF4*vdtx>5jy8o= zL%~@S3!hdrCR?~R=FG6b!WxfSjN-f7MmLE1h*q~^Uw{7)?MrscZzeNdIPmOfq5 zq@x)_r<5O@LF?Vc^-AyEuQ9;&5kwdiVYqI73C|Yx=W{x^J33xhMl6m~&n1d$IC2>` zQvCY$%jRo6%I;T(AlsSJ)thUTe`kw!OC6B^bliDlpWSmVcE8rfjidxBG0qf%;@EOW zWS*E9WA_B+O5Rd=#rsY7=P2yxR*xVa`&pJh4*x$@oqIgf`ya>cNSKlt(b>8jimmAk z)j?{mbDLZ$mmJQF`AHYYEg92DVNq1%60$@{%B53ghZ*Kl&9#$QVda)Emk|xW&#K?= z_xSCP@BZ2M^2c}Iy$&#}=OWJlGB0P_Z?3PEkb;EOgzJLtW=!Tme|-=drDXMN z9csPdm1qqjc{u1rB&@$n(#5!MWpo76u@Gjx-SUdC?vvIUFUv^ws_MSD{FXXh>dq(DmLIvE(?g4a^=VeC~-Ky;w>j)P3 z83YSCFU&b#c|o@B$D1jw#|~>S;O` zf=9>tv8+l};m}NNBApI9ceB4T3m@!RAGu8is-i>``?fIe`4MEnjviFe(nQbi_oF_g z$?_-^Qu{|+jrSSYyMT5L2T&-;=v-rOz(Df?CNT*!@9P`yT~Sa@wo*jUoMj~)f7C7tb9l+&@v3|mj)Nbeje;A6O)RQV2|&NpXvIwA6S?f zbYpkleuV&d%~AeBO?;#XK^pkyD9W`g(`NE9JP;IZl&kzZEDN}c!lijwhpR)V=igM= zxq%BxOCjDe3neiu(mktC&n2UzEq8I8K0|oB$G|Ti877O{59@gQjOMf%K3`WK<#}9A z&eBJRso?I+KA)y3;uX@YzL+ctm*>?WaMg3C>60oUWS*kJ{M_^N>-uNQN;QdVtkMwO zpMv_oqHy>YxlF@Pf8B}JS~y8qej8v88ELf~+GpYt#mJ}$$@c9TeFbLeWvZ7xFvW(2 zhVHKpoJs^k1GK-C7EQz?sj)f>2?ohKj@Yq2qXE!$WmwaSj*VJb0V@%z#Bs+R30D_T zIk?b`Eh)LCC&E-f^R|rXP@e(nI0JtL#$PEs2r5LFB4s|GUqPNV*Ap2{Agb>ff+9)^-b_#_DKjD?xCtAvCSL#+UtG zxLDc<2T^Wy8q`2fi)Cm!SYFB#((+-sK>PnP_wG!3kAayqM9vH_9yBD5YRZOsX|Jnf zckkK73|`gu@d=wjOrzS4_>y!77XBlsf?}L8Z!DaR)F8T zOFTkrY+6mgfqQ@J77i8fZ@S&fCJ3dIbmxQUp}{8jp^|v9l7*9LyT5>R3gr-$$IUUS zk~!N+m<8o1pLQSCq$Scg+}*PPmI(M$%|G9>#$UhK=F3HSUz(=O?MAw~Hsg_#%7rjw z7|}lZ%kq1rHMs>&o-Rol*tO&_>>s<<2!{b(h+f&4y*K|WpYI?L6cXHZY31tIf~Jk7 za&r&KXM(R#vifqqn&@p+UTenEfHgP88_WS-@mUyYy%7g~PgoJLhbeRU)*ZN@RVe%f zSKE=oZW${QB2GRFKe)0b$V_zFg%n7N1>i5ktWm44)?XW{x_5VJ6MBmy(lE%WtbhCi ze~YyuCJ)4|I5>8l9y9rcj!HE#;il|-aJ>Fki{h#r*;nXPEt1A=F)aI^GjTiqHuhb7 z*>L)?i6BU<})u4`EW5+{JSV7R4yYABM(jPLSYr~7(D_HI$6_Ky)dds~OM4t>) zj&Hm6^TDRa^=t8<5Z3whjQ?l;Qv`xGcsYD(pux|ZHhfDjlp8kNopUfsG4IG`3%&gc z!>LB3OPJ}w+7ysFB$jN5oVbno6XSZ*-97UIEp&9aud5N|abK?VbupT%#mf_!w>Bzm z8Xt6IH{H;*t_Yh@hU`D^$h1K2x1?YL$+l8Fzj z1FG;_?8${vQ;@EQ z7l>!Y(MM?MFG|UMnF~b{l~2eanHR}4{;SOalAYJt96nI_!Vu8}ZM6aJYny636TJzp zzfb+Qr0@P>hzR^eYxOb7#=B3#BuVUBJiYputh!dWooz+#55pl@4nHKhg8#XS2(reb z-fy2hc2@hl>5)nS$5H(MgMkaH6=XG^JV69Md4gbu z@*MbNJ=g~s_=Di4DKGt`a+G}c$rI`)in3BKyj~wo-yLze^8@TL)K#d^Y8zB)c?NI z6W${+O(dFw7w}m_62Wu3o`H{=o*qe*)Cwfb-t(s+W5iR*cR6~Fj*cyK^0?r03&}Ji zQQj!*QgB`_O zT()o4T!YqZ!+GjIjVnvKBC^8h<(UmbSYd@`1AJWnx%AyVYBeOGCPp{8e_rqh@8725 zvz|nO1`=R8G*O^kU00QVqY3~TFt?{81atFa3B>%h06innlWXDR%YL}5aEbxmUmNu2 z0u7KXhC?HwW4cw${+earPfz5f?gX`vgjn$0zd@h1B0YT@b7&@g9loWj@~mi-3moc6qp|@UvtX_~7ucS505>^XzN=wZTL4KV79Mb?(78 zJKDlH9VU%hJd$vPTy2TuFet;Ac>2C}O>`Byxw?2rDOiUqTEwu)VsA5G`uF~R{7gg5 zJ3hbud^Lc^u^MO6$532A5H`1m-EY_2NLI3M1$?YBs;p?D!IC`c_T`ooz0r+Hxv z8jDV8>`?0HVsbq9c2+a%9|Lr1qv#qYAN*)1`fY@Gs()3PfZeDbaK7_{>KCC}SV2L- z#DT(mp;8XI|L?eHb~_jX2t32W*BRm_ze+`V6VG2%N%bKi6T`nOj0xu7#P@} zHh|}Uyqrc4J6gWz+ncfDa#%1gJ?+({a(JQJq~Idz@16^dcp3gn>Oa#RiWg3#aW;DO zwB^#8sOZBjyr=g&iC+L2V!-1Q<#cgECQXL9EwO+jkmZ=cJ6k^H0;}Uu(;ef(Pb$QG zz90q_s*nu6vdH@|Y|3x7y#WRO-MQnRWmsrD_#J*k8j(Ik$2$1Xdgf#iOV}Vu%XG^w zZQ79VnIck(dquAmJg4!bQC=f?$9(b<`^#r+ULZHzTd$c&kmmbY7Y6Z6Jw(^}O39wmuU zMLLBw{q$^0$^OQ(30`0RLF`wrW9arJ%a>hT0 zzweCaQ|vt&VAm({fkC8(UoIqD+;?S39PU1{iTPZFMn$0$vZpcb#j?X3ms>;h8yyQ& zGPOgE__C7z`Z%jJ^=sLPV||J9oh3y#Y1?oC`wEDQtE=>peJ|IqD#iXJMn>U=J4`!% zb}6hX`!rsE!lUKOzGM=!YQKF-R>M|OwcMqiAKprw4rlflRD3uWWV2m?e)7)e{ffX` zkk(nTzhAk-zP9RS_S#~7@4h=_+?A*|-*LrBIBJA-ET7tQioVSjw}N~wdGYGyc;g(7 z`_7N&Dj9r|&6*A4MLs?+%Cr$4?qVb#o=fCw%^4MhCmy7utxexN^k;#S3gr?DAT(-< zx@mIBA79wY%F6D@4qWUDjOS|+mFqPiR=w_!Dp55&9liPxP6SKhe_E`Z9(=Ynn6H18 zv-6|$>EH*Js0%WF)5qUI*B5iMJ2M3$lZ8XU7D_~PPRpX!KMG0Mvm}D(m5G|{#EBN`o4tM$LC?6U%tJ~ZsgawL%sh02H?&+@U2vsUcjA~FxW9nLqp~y0wDwBcrkd|ZD?SVLvMyJ); z!$rVIPZ?CmIa--)CM|m|>{8=}+!)p@Xq@^1kFK%5K|5GzHoRA%4U6?&*=C1*V2{ca zsHCx(q=z3>=r^wY4nn?eGcpns5!u+CDmgh(h;>->q}JC~ONM9|geO`krRMp><#;)- zEEbwD4#bQQaQ_Wr>(FFhuSZlvpZdAA5}GF!C54`GT_{*+v8JT1UpO9ouwVqGk+e|s zyXpe=j)R(p;~ z2?`6Z?yPA!d#aHZsXQJTMAd@rsEvM$LNsb2u@pifbtN3D&BqkeAAjIDz3vFCi$eD} zTnvv+=T=zG-eiE)bAexJ$Wt;@lx%Kv3V$CG znI|1`W~vYadKgY(6nJ~}8?!emRXXlyDR@5Lgcc;8+$cN1t&sEM>G4WHXI)7g97A5w zQMNMvuTNqy;Bde<<+;E^spWxXnJmKYwrr|jySgZ`E@P{MC|tK7q4IH6bey~jzE{h~ zbebiKOqB2SCJ8#roN_>KWn#lo!eAA0#*&=OsTDzY;+r-D$hqHi-0R%mUJ(ZukC4%t z^_}ZBn~D{W5|{Z@PjKK*X>!gz2BYK)oU7%E7bvu!dEJcahbQup5z@WcdjZjC;&!~r zO1h8HkA>5JP6M4KCvzB~5^?0smHKUz8AK+l%2q+oOMJ~D7`XJXiTf{Dc{Uf46$FRe}+jqEtA5k2OngfCM~3U; zGa+08!`WobJ2@mXE*k#;GE<-|7*=b^f^z(g2p89pY)V2e*}5_#Tg1b3 z<@bYbtyh9F2c09~Uo@;BMLiJ?dT$Z)U|Yx;`5B84ObRmXpbxP$#Q&E`#5<$XGi#XI zS(*dC2sbYO?#u6lknCZ}z;3>_@F5cg4NY$OzIp8^M;S@P|ACZtx!BMk>vZ)u-R5A0 z9_{jM5?d6gHms_OgHpo#y|4GLuR-tAg#NC)CwSKg2${Ix`c#!i@otTJU7F3|?5CNt zPBN9EujhSMsaW-@K?9YH+JjHO`igpW4232=>8drxAQn$C+A?MAsLc_I_d` z%y<{xv38VzF`~~O`o+!lI?SKYd&gnv`vA$g^W2JTtoC)`Zoz1*YPdR6uP~T5#%rzB z0%A~@m!_?(6}Tbt{S(CH%^RscWxdn0UahWd;qSS1kJ42+V!>8Q^IMDch8eV#D)qIM znx&wXiS5fvkCqwFkP!-UoZk*{q!|lJ{B(;pR}~ZfYFh*C=M?|$x|#y9mI#cW1uOe_ zbnApy>($q~wsZzA3xU|o!f{(`@q3eW1fc5sYJ3^1rv)YJYcro^lrTt^v40!gPZZ`` zhOMV^ypEtSKNfEdMtBG{TR94%v%mx_sG^<0Y zRqD+!J}!It&+rEi1#9i{7tfLyRB@szXUg@Sx@`}qOp+TA{dG0nw08&4h^RXBvrR}K za$FUSAn#s|;4A)HIK5kjuh&Bt^2Rr1qNsY69C4Wa@|D&|@wMBLd7*MT`G>*T-jFi+ z_-Qew-`|@IF&@b!zF?zovqRV5A?nSV-r4efU+)8S+bSYK!lmQmoYR%Rl5~+A&I(a? zrb`P>GRpNEDVMK&In8cgtf7|bS0Tv7kw&oUaTlCF4sPtMJq18=98T~JIzD0M(FCHE zxcJpXqfx-Yqf?x2$i>W%7429Q5r@WSgJ-7#hc-z}T5<=AU-a!IRNx{1a>{uugzr%x z*WRhxU$;KXvfs!IlUr}RsCv=0rPFJ{!JPTBEHw)vg2uap9qNtRZZ)+m&DXn9dSx)W ztd?r3UzQwlYo;OUHJW;Qy5lKORD?nkQqc2?#rm$hD=L@EVMX))orp++Av#6SNM(CH zVtG;>kL5@jLrOpi4V6O%*Dtl;VBg-42?2TjL2^J?X3CKW2sB#!OjOpPN$WIJs#Vha znjadO(s}9d7&&A5Z{@u^#Eox*&=m5O-M`1BL(a2}foY&Dip2r0M4BB0k ziOAr3`(LqO7D#(Dj)8TlSZEp`LQ;l3D-BwQZ85h?^1;-pa1l~a!5Vq4k7qoOr?^3z zuM{J!pZ#1cqC2r@5O7Z9mQeNW^TBlFILcdUog?48ktbuh9q+(OscU0;33nJ1qzp`& zg|elS7B0q*lwMxe{O240Qt;2vP6k=jXY!MwK15X%&`;A$(CGJ>b!2E;98r8^L>to) zbuDS2!;_KYwy-W9JHm6SX(e6r+hn0XIi2gzLCP|S9&dmUx7BEHF4=5?J2sitm*9%G zu#Z|6r^D>BNWJgJR~8KYN>nog3l)>#YEChRzn5AF(zz}1W%wtcsD3Nu-byt$uTzH8 z$Lp-Haa%J4jHFuqFAOmD)mas1Z26qmuQl*FG%}zOrP(n<|Jl>bCI8&B3#~vvR3C-Q z#h{8;6C*(#_jAnSD9Scrldc~Y(#iFbwEZJ|@FNeSAcgtybqhL1>o$p)x26m# zl9Eq=WRZivuV5{OkWGK%e3!@B-Ca6?Hl*6@j=weFn9)?hccnejRZrCK7Jq9{=W9uv zzjUy=u*ZSm!sp}gXcF$#i~Tvlx0^U;KSzQ947$D4uomJkz)QqS}@XD7g}q=HmMYaQ`3E36)3ZOf-}5tGx; z-lMk?J8_7U*+#pM6<3SyV!s9EN7woGmtP{JHFksdNRylEIY{GxYmtUxO#d=7dLUyB zTBSN`(q4dy>02xQM-6Qv=_V`0zGy+yOIG-nX!q~p8$94*GqM_hHF9aP`9}>2ArOKS z={{6S6M`peHZ%S)PQQT$`sd~TutwyLr2m4U>N{w}rb1C!JT$_cwVB~xK$QR*;QovY zutsEInSFonH}OwTLYlkG0FOnXRQWFz+*AV^h<51tzqk6ov+6j%Yy_IeCCy|u?_6>} z3S?c>s9}N9_JdZ|ji3xYLWm(Tex$S9S0rV6oU1pba68RIW7CHkBD24Su1D2?hrer+ ziFaol;RBN*+VbUv-z_tGLAu32m_$sf)1%_VXd;AQ&1z-)H^lyi%y}4|spQ!I53=x# z&iHyH4jNH2Yo=k!$~9UAHokr{0H>e0ASDDxjBZBk1!H#H)IhjCn^i-&Qi!*$G`{*# zs{-8Ox@-@LeHy?V4v_%g-ajoR7OOPTHG0WLmvidi9>#+u0*SWS6yj zKIJUY>F`%VWqhc_K(iXA<%ZD&U=E|!u2rdxwf#FvDXFfV@fsl@4Z~&rF!)g>;QpGV zRI@1j^lh&Ze&e@FGHk8g$QE>M7(sD;$zyfk+$3}%33k!PuwYSJAnc3`Qh z#=bvG`Zksz8iK4@$m!TSiqH|)Rmjx6wzmf=XxMqK@EF}zI@og_0VfGvxd$w|NE3|< zHWI%pu!zbLbTvo+N^9-?)_CoHW@oOd?0Rv0bJaMmK4jt$;*y$i`S|#_sF2=) zOs&ZTb8nC^I@tA+)6^FGY!$5G=7XEw9}P>;0BY_$8+>qp55!HL6pocAA|Vu^7>6Ob z`*WS^A$F_je0Y|l1{la9KKApiI72Cw-zMm+;^`w;-d@_qx$jOIkLR5NbcEc)^9IiK zxb`N$JIdGXUNLYey6H+g-Taqr6o4LySoRan_Y1Rhu5OgC%IS95Pr()y<1yX(^gSq{M)>?+g~r7t?dg>?CWsv+iP$O+2(rd>h9c06`z zz8(!8DyH-CP;)=x#UWrx>HGBZk^1Ez{(O@+Zp#~zU;(G)uJ64hcC({h6Wt|TcC#RW zVLRVlL}k$&$1C~$1Er5+nDQ8TJ`Ub98IMK)baEQM&&cL@4MS&E(fevrp!(Z;E> zjO#1YadO$|RJ31eAsQVWov(dUS|cdff&15<#DRP!<|+#C;8wzHVT{g&26SA)(+iQO zOC68IUpy(kc1kUUgcbNS(xmZv6VH|}zsDe%DzF%O?(FI;wLRKlHc)G`v!b@aluu?M zDH(rK4{(6Sy|tLu6SXvy;%}K{6-qUsAw$>KrxhqsDDoG!Y|c9;a?vC_=yY=DxH*I^ zryd96R72Xsvc0YytHU?h>vDrmZYgcC82?$vv!KvO5Hd3Ii_&Q%MpZ|smu!z`7>R@< z|6nRd#2z2>`?J}KspofBPEvK26kMj}68MmKva2Jpo)I$7iDDJAd;0d3=<0Bs>-Gzo zTMQc$E32^Lm@lSxmkq=cF2WhSH>d#V_Vs8fjMH-&NpL|V-*rn)(8UzlcFrd7>B^wd z7a%89HInN#vdy>KmJ)pH&O-abWPM@NTnI7LD3uk)YV|CAHY;8hmF8$^ADi_RHvz2Z zOk~|meyr#CX$y_F>&SC8wcPfe^eLj#%L*#tH;zoQ$e54y))N%_{KN8({smk%XU45{YAwOSqw6pt014# zb-v0a!C*_3mbKh~)c$&T`f^K>zYBf~lK|}AmdvsE#A@vLy(S5te{j3qbTyvG@#_Mz zK0VF=f=@4)&_OJVja8uajf?%pYtJF^bE=Z}~HMWclgx3B)jLCz*@AnAJ^L5$U88_0G9D>_#ot1tWGs|s>%s{u%~$J+f%7ky#3 zTTNb#$)|v2rXoPto}MpCCy~CzJ+g?>Y&tM$(i`DxNV9JYXocFyDsD^Zwz_9n9^9=y zH_T&QinqBg_MSSLZ?&j#@FXX*X#+NLLU3Qkw7Q1$1?BZIaeHX!daBXh4pxD7sfm?S z7}lZxx7&-T;Oo5Us$+<94!41q*adW8mhJB3OAZ9#V7%SWiPcC*DcNpmPr!bjlS=Cx zIxtsdJuYdKd?5RQSz=@Uluft_bBXbFyKhjD(yZCnp059O*rsG~SyZ1e$sj2w-42So zN0HE@a7X|M?PW* zu;VPWR3xoT0J|-(fw0#&(#My~)1M5XUW_TMuUJGA2eg_BEPmx&o0&`eX!D^;X~?NiDiHzH}`Y)=~8~S^#b{BErjIwP@H{XTmkpsb0 zH>@wsY3WR^4`Vk$SOu1lYKdcQx$+UJUgpu76-%MI)zPpqUHS{6_vzzFqWa{FQ(=YR z7Ym>w$Q4_~1(((58HpD1x#Z@yRE{gxn9!E7#F z+`|rg9~6}ELo5t+vnjj?_4@WE+%Hn$qdpyg=VEL5WFtBPo@kZ~TNrc;Hoin@J#7n0 zX3~0feXE=Y51zhUY;5n(Yzu!G4epi7X+M>U#2;X@cV0+@VPbE)Gw|K)&mDWN^OeGz z(3qn2EyXMM>Q|CdH@olR`qT2?$KboHKEH8WP~G-FKVt{@_-7%Gae71Nb-=Iy zu98OS=hu|Lp@t0TYV4Je`B)B=mCP~bkF^E?YjGI0hw5B{{&hid%yV)!I10GM!X}gV z!!72SPYonuG!BXy1=6ZyvP%Z$8*{Ljs+$?U*~{X!1+jTc*Id~9#~YrqMJ3L!)j)tN z`id+j;6Q+ioI4lxYKU-+f zI^F5EykUh6Q`?6_^s0>!a>V^?Pv1!G@B+1WX6^EDBmW!lY~4Cj*IR4WCe;XhF7O)6 zc&y<>*WqSbEyTyklnAUOtmmH~%EO-P#WDz|UmhoOHzou>H-S~B>n5j}EHudu1U^M} z-t5Qai8c1sK&w4iZWD3+IZR?^LI?&H#O_Og8Ip^m6vJQ#;o}FB2{`5%G`l`ez0r{S zG&D4Xu9(E|p-}u&Ff_s(!lntNkWt1B=`g^aCZC#Q6+8SNRuAm`h=i9q<>M$v;PmW^ zKu*9e{ZX%u0gFPoa7cb=+jDPPv5|Cdf3B*=YK)RzF;RB&^w+QMj>q3o0I=-SYosCh zSP9fY|8U8n<^m8P;R)jG)n{mqOpK4m`O)r226zX){m!%a*T2s;2c9xAGA4OJWo0{8 zR*ZB~K8yb;N$&`|xw-L_swxrQUY{1|A}%LJKqE-pH$Y&3_6sa4E8A)1u^i^yP;eo_ z#K7peKHY%I3IA+z*#I(|kQk_H<&|#VVPh_cyA%qoU)k^uDsg=qChKKca7QtgTioadp%Up$Z3fjR2#41D?q3gLI2fJ3D> z)!$wnWnZWBJG?TaJX^TFy+x~v{PIO)=Qsk7G187vr_w-rIN*33sm~ zO%`kodvSaECb&>S?k_eY;=l-7dkGr5ObS{6SHS?TcBMY zE;262QVycxF&NK$dik|mw_KMCfb()*1S~H<(FachWze1mnK`^Rr11u2)8N*4WNgZw zOaZ5p?c9KMz+cw4-ixNaK=%HDjt`+`P#Kqv0ltBTAp31<8CyYNVtfxMYpn}I3p#)e ziMO^N2vmSYWIIV&T4pmyk&4jPS56Z$ys(rC=Vej71$HdAc6NwMAT~dmxIQ~977xh_ z^fIVq825zZrtw(CItxsxoG&!kH3dA1-(DSK13w7?Q^hLOsa!rVRue<-Steu+X>1=5 zMsYFo%TMo+pav1Kr+3F4`=NgQcM5fk16q@xUb4{q)chkrBX{$kE31VUSrEBwZm*KQVrot>SQ!`r2Q|KmmcbfqB~;7M|Tr9u=?(b4e^ z^EMJ!Q7|zHI4~C8T2DS-!dB=X=Tpv6Q=$hpRCNnr+ok7*mMSD6wj5owHFe>H52w}Nw}TFCAc<3Yc7CJI()id%WCMx*h>B0w2MiqZy| z_1yxS2+girk?gaP3tAu5Y1SU7t573QV4KkVeOW+WvkfGrJ-{S}ScUY6HGEj86ywOi zkm{CG$>b-X1jJ@w(!GIH4k`s|4e!XJo5RMH9;N;LqyznVgJlG|fn7_9^mMGwX}D=uFW=fX z3iMV|3&&G=jxQpt*=;-WnvwKp9N>m6?`U5*%uYrpQ|n;C!?ubRQ2nvX)0yV-mw|Ai@v?s1Ggq^I^@gdPE@PL0EKC* z;B}Rqbh)n~!6+k7;QP6yzLUky?MVARB zg?4k5>s#+kzxF>(XVPMzkp;}o7;4(x-Q63H)sVhN!+{Y&ewJv^^~yN7dq)rN!GZ`362x9gs((cEvkl94Aps{gTUU+& z8vrKDWcRDg9ZEGWBHm=_?s#4|@LM>Ie8#D?4C#y4M&t2TLGR_Z;uVs|)iurqIfd#~ zIxqpeQ60_}nb>=G)GY>OhDZisrzqPt3DOtnJ;+hfiyH7~+ujt0X8VOJhUE*?Fo}?_ z75dCiji?5`7?`%!6h^%G)ghPR9-{KeXEhYZ7xi}_bH0mt8>#@ks(-R;QC;`=?a#3u zu3d9;UF*@GQ3}~zc$b&68n(;?99K@t0_yW2QV3#mpY$B#&{-SD3ApyZ$txT?iSxuuQ-m*sg zf!Db6-EpYC^-rRa!hGFGY%1~a(wbLJD7|Uw@k}Gm`JI}izbDkZfBhubKXc~J0=QBP zs|!O_eSC17(GqlTy52hWloDe@y>#s;YqW`W#q}G$xuqu51z!`ATcCt0ey_+y-9?O?9}Abj}eZ8N}jjw$PWC4{0n z^_N&V^Ju$+H8f44Sx7%xrN;IqgY~i=Xfe>4vU`;vDI=d8^^WLd54A*m3qj` zg06>$0LXvK3NsB$B?fNO1Wq+mRg?fwT8H0dhZLq3sg}|L@NGKmzjNa*aa@_dR0F_& z!IvO>crX@hIWcX$V&@isBI7US>a5207L-kcEYsBCBwY1qpW09I>}1FUq(#i9@QoiV z=4{wsB@7n?ExRGvuSWyO|Y|@5_y!ZX@Nv zo$9N-$OM$vpW=hho)Ev7Lp8ze%udY^Mab{`@C~NE#IA~l8*pZ2M`Y++Nn>afkna6T zsusvDOt~0tvk6_`WR)JCwtgDYxf6Sp^<$Vz#5S$jj?27X0+%5JhZQRI<5NJnxJR{X zp@F(TTSduXYUNxAEX>{zHk*)ltgHg${a~wX*Hb3gPL8Uy^p}>>%Vph&NI4$UA{ zrtI1pN{!0hq$!Nqho??l)%M86_K2&@fSn@zC0Q#9VJj22kaHn60kt{O3SVV(49lSu z74lp{jshC0L8bk)aX#slDK)g=qF?#Yc?fZ8rOd09p7^cf3bWm`I3T6OxOIsDEto5Q zIet9TViskyXZHgV4T%7wGIhYS4n#c(*&O~RovE;umXmb`_anR(O9h~VhX zwy(s-a_l^Xo%Z@-FsZ*ZQSISH(-ng&hL1a)RdDE2fp%0PW}l;cO@X#F*@4N?O1Tih zDa@o`q@{BO1@&sGr97KB%!Rx6%L~>64zJV|Szrp~@x=L=5S1eOMqWQP=@7yocxjS5 z51323Oj(nfW=Wxx++j_%tbGzuwO(0(ZA%4RAOR=em$xFpQdFH%3kc>~19~L}zJP2& zX0NLLt;1b5KVpc_j0{DS))Re?42u*7G(8+*(>w=a7u6DxpFT{+^Qv*&;aw|7E=V*c#D*neovP2}j;Cd%+&1Mgdk^l9Fhif@H2MUK=6 z`2so*8&m37&EyRcf9Mi3?T-^g;Cid)OOOFEWgolvRq8Gk=@9~HvK%rp>;jHII#W4}daxGp>7>6Ej~rX4alhG{{wgCqhlEKn(NL1xPgZ)I0LWSe zD_^%US5ly9mfZfK6sV}Eyh%l0mCb9JhNhc>z?;H6P{YiLXevT5fr^M8zyKlO0d>p+ zkEJi3L^6lruds1Ocr}aUm$Ma$VaaZptGFs^GshEUY$|dK43+0JN-uB9D zP31bT`mRsB(=rx2KR>fvJg9qfV4FHlp`WAHwOje`gfCMYe0 zq#`z$DYR{KPDYX#+Z;Xk`IGlPaS!aG-3;p&AB z>gF1m*nWS%mh_ZI+;U8o-!CA?#=fvzQMNBm_j7yD+dRm$I)2$yC2(h{`_w8pux6&H{8<5a%Dt?(`(arCY$#U54G39^icC5bIn$2*KLV z+3ULhP-@iwvf$+2so|YagJ}gIEsjRA+&W-|m17uKh5=RHP^mx6-XG%c8NM1+FS!TL z>nS!6+9lOddC36#VGO~8|2QHKd!83FK$Ycml6mO@RM~r2-uFLL8Swf~CuuGSy;>T; zp(CW_&hA#YU0Q% z7kYV+Bggj45sS;BDNLvr&rr`UJW+?kh)(_z6cJm&mUXh^V--&)?@_aszom(|bQfx= z2hbY`fkx7+#>XfGhnO7Qh3b;5c)!7`fR@fOSl)G4fHu;9A;KHRS#y29i=HFq7jxqL z>P90pn--Tp;_}|bwN`%cg<=Ae+jI1lb6SKt2v=pDo=o!fjo-URqJ?MkSgZR}f=~6B z8>JB@Y1k{7&HLj=zh=%e05zk}sFer{85!lH1bAwq z60577eSe>m1WI+Om(uE(GzfZ$OO_)kq>D=zV^0CF!MaC))%%4 z?>T$oaEt=f48|;fm=59m;r4axB0w9jdYkbG0rx^3%6XoJ83lSu?UEuZ^`~lJY5D(B z!NFcSSrXGnJ|Oewa7?NILc;>;ClnoT0Zq#aEy!1sZ5;YKZ5KBX2;sxzGusbQnO&(n{&?n@8QZ$B=bMZfpxeu=6`+!TtM|d-~IpKfnWHcu}j2CcD$5YFQ2hBULC8nHdsJK zn`Nv$Mg{0ACt649zl)PtW_7Xv<-YwD9ZXVM7Bd+7q?u>F!0wIJi-BWnpR>J&^82MEp&9sig~xU#$9i`6frk(A@6OR$m@L~d_J!AEPj)|YyW;%I+( z2=Wy^{@N%CzZZxL`WpL5T~fd5Qhni;U}bNPJoe0Q3UwiOWiQgczE1ulC2W>v zz)^f>@D29iGUbyu%D7d+Sf-PJEZ^46r8jQ_wYZL5j@ruWTlawdy5hG565VierKk;t6XJ9J`KgS9JUk0E1zAy-t@Vc`t+$K?*O#6c+f@NaEp9UuO5M?v9vQv~ z7|%E;%KLv!I@K*R?S7|wrC*OcBO%eY5#UoRFVcQVLu6w&62w`X*#E1fBx~;(fH_;x z&n%PIh(9%S&3B#x#pZVjO%Z=(oyLNJJmPB#dvM8wa;#9I^{iTI02&cmuFC!Q^s_Ml za+M)+iH*1n7Ddod8gOK)XMaN!?PoAzdXeW`04DP7 zZ;Eh>rNj(##y_W}JL7;N`x@m}r1gZ(h%fZ8Y3tXssNar5Gh6+?#txY{e@6Ca{%L+% z$Hcde&aN^Wj`LV$>x-q?&C?)P^n&;olu`YtO`F!vR-{RogoEw25>2{8nEeFi)LNa^ zu+8Gnycc{=2m*Ihq4gwI0`=MDiR&j3iBF;uWond@ytAC$uZRU zA_4~}zScHVj90WMm6s3^!{x@dq^`-!zy82dOc1M(Q$`B=G~u9!^Obg5cb*AV^NXFh zkuxWf%8+1w_gBdSioMt(d70`|VcLM}#@Ogrs*P=(7i#_D-m~R~DZ} z2eSk+6lKRV6%|*~><2ktM1aI>oAP!adDnN9s!7FCkZA?+)26skYl}X2$10iVdb8rc z-aSwkEE5yfp2$+0D+=^FuIfAIckKT_<543G4;BUcREDDF3lyj%LJ%!_ij55d2m=G( z7;3bsZ_>Vc;keSk$;-MM+%92rAi4XS4E($jQ;vxP8N+5Z(*G^oeEB!dK?^9?0|D{7$~uLW*>Lmw0xcRSrORd9TsBr9n6p%#Y&hWyL6XWn7$_4 z^5#;!3%L8TQJSl{&BVle&Eq(tfR#H3JJ-bxf71cRlPAv@uTuep$~{7}@_ws#S9@ANe_bnZd|i8WUU z_|Syl=Tt`3rAC_cZ?y9+S|x|CXE1x~L{bC5*Hb5BX~m8oxlYlw zuV4&>sdhX9IOt#KanU`Lmrn`!(1qZVgg*F}?vgboxizIm+=W-_t5-8!JL=zsBJ;+N zvFa}Udw4ji?kkYWWeR_$N7oSSu&(G z_IlfZ__HBeZw}3ot{?4-a4caXi2%Om<)|R(SWz&h71HV)O!cGTykdBIc4~KZjT1MG z+~{&#=Y6c=37<0C-X^g0-kAWwfVeNhjSHa;1)t)Ugz?+k&LzG*_0aYbSr%BvJ;}R~ zheW9h2ZB;F&#$Lr&FbYl3HS{RHyf)|M=hVngIu;(&DXnj&9SGMNbgQmmP&u?&I>Ws z7TplyoK>WxxFH66Lhnx8tDi2gqjcVi52zcjTK&jL7ah!@IX9LNk>c@n+x#q-tZaA4 zK=^3O(4)H%h_yY*mKzhjHciffl=DSmdU*?iXz2L!x(PsN4oR8sl+CwVV z{ZiM19zR`^S-l|s=a2p};OzQzWf~|V@jm^a7YD1TNM2fndz@ogSO!6@0Pcu2ynwYqx=iq4i#SS>eoNQ)iECZbn=5li8oX*& zAd5-a8fxG{kb1X#V6)T5lKu1W`&eXt+IYWlV<^!{| z7wl8?)wk1$1lr^8J|9pHiq^;o!Mt|2I+-;gll=z4QMV_Ezhphha!me@Awa-aJc1qr<7gX;F8`t->j}XPf zkCVba?+uf7wk|~0WYo&*IpF~27dKsV0iC0(MLgp=4iFM}WA_(GN;T``%JvBP%5Z@( zi|?Y=qQB}s+Ye!8L1@V&Oea9WMDqIz+SUntjy?;)K$&N)=flMhMgM!?f= z%HKl@NFF<+UZ}sfMk%g`on>!BeMV~{5?z}qCM;i5|1b=M-B8pVN~f*Pw1uLRj-Ja0 z4r4(wW+;_ngVDM?9N#17bm-)tmOoiT$j4mnkEMG066j)jVMO|;jf4U5U`6yOSY|Rv_}9_$Er|eXHQYdB08w5mhpm>X7(b z5rg4X#oT+J&puTl`L5#fOBhTt3!UBostQjBXssiXzi0?}p36H{V5Sp7NSbh!C4~`3 z9?@|2vvwFsFVj|-Oe#_*yj`dvu`&`9^+p-ZJ%5g?ECN(g5C36bh2_5|!^E!w4JbM@ zY~lSoO~YWE3GAoy#Y;^y|Lp}t9tZ)Xyn@8QQ$J9T=p7D&HA_@6MILMrK6@bkcnu&p zkZ7Ri@iO?@tv&=#Ig`JFjdyC5A2|39919OAD`O!iU(czuKEV|%&_H_s{{8Cu`upJ7 ziRky8>FH1K;>8dEE^!O2Hk z_osG(0FQUZ`0h4h=FPAqAjbMW(Ig0@8`?C+Od6mEJt;<+G4$K4T(X2>3k_2_0SW(m zBtrIA7!|2%6`Cef#TRM(4$nieDC}J^(0e<4A8u!&Q%GJTeEL8r21qQs z9liT^@>@>`qzTU+SwFve7fNcpS!tpl@g5cT0z=W;2M1 z`&X+X366x88WfR^=8AL!%DeVXDA2b8F%l~c43fiT^jjKuvcjE+!uQ(ko`NuO2Gl5r zMUU0-{BGTP>-LwcNf0K(VshZ*JV4bctZSnJ)yDtP+FM6O*?w)qf`YVkcgO$&(nyGu z2nY;~q<~6ymvjsb4k1Vk9nvL@bcdv*bV_%AC--yz-e-N!^Vj#SSJqiky-5GYY2KAS;iT_596 zO9V%zlsOM9K$IHj5$#cS!*Xmtz_rtRXwjK8>Kr)GEtZN*s~y0gR*$J9>K4V5k|shg{ZT zcNIwT-@ikSCuX|Tx2@CM4vS51q3ypuQu@%Ji05^6JkbbIX{tS1Ydb6Ayga_ZrlzJo zzrMiCd7Bc-mQZ4J9)ieIZmdgO6!bWyY&be1n0Gf}X7;>3N2jARz#}9K=d+m15Wl&E z=+(ikyWixi0a7~48^9pBJib+6j_j`IaqCqBatbUe?l&TA8DX)2S+d-hz?la{G<2};7Kjh|+1^TgQpeGHo^l0hj#9E8GD_I{{T8I| zWHHX^n!SM0+{m_>8H#1*x39O<@}E0S;Q~G%37>^p*Tx9Ly&=iiMLzY~P_lpSP^w{j zNQ~?H6*(d6S5X=3{$v4}h8-Mg5j9tb?&ZuAxNf66HoHz0o)w&X7G&XMRLN33KED2V zq@;}IbcuVO2Ae@Pr!<0ScrNAdQ+FZnD%{W+J`KfSDp89Kd!@Fq)sPzW$1-95GU@ko zu`z({1z}Nf2#o@U#H$S7Ae}s8=!FC<*5zjB)p zxw-62!P0ZLFe+}Z<=cyfO^&g;Q<$5(H4BdKY&VzO z^csyj!~KD-9TjJTvw^-+AI2u;T-;%U6G5RQ|x+liBh1JA9+SIFPX2l*t?3^iUM&0ep`IX#Zh35lE*F0f*=y{ z-D|U?kbQTnw3Q_|3wpjVPl~Q=&fm$mp}L-L;1%oEvhLnZOU;LE1CdLrIC#@SquUW` zL^5yNOwArpV(5fZ2y2JLnhfcu1NWqiA9*#(1UvIpdajbcvSbNX69KEM_0q|rU7jrv zZ5TQN*q9@whF<+iFC;^l$x&z*9oCM~dyM5lcVnb*Ih5shnF9%jUR^lZXl`iat0gHm z;>uL~t@N=MW-OlEyx7f96Iv2-CY8dKrp$66&y_Nv4}6;%+ZDCDJ^M*AIO5efYg`P6 zmk^*5lNfh}|8jaI^c0pm>vo79g^r%<-G;O5Rf@ZNwoUmBebs>D8B~5sQndSRkx-O;;64Q6Ivg!|bABp~P$~?GYM~ zzdYv`cU?QpJ*>Z(b@sO(* zYW$2wNX9VAa`#_Y#D_?}a9>GBOJyRVM5jB1Z#=Gxq~t?g86XpI4*y?)jV2?2`jA&@ zv_YB;NME#OlPxB`Gl(o#u87Xn1CuV=r(%v9Qz+ST@h#mk47Pwge?46-%KzOUOd=4Y zmCZ!|y8a`By{j9-`EQ+(hN3ML7Zry*6zA^@;$z?1#!QKr?l-+s%il)d#Jt7ZsifCTOvo@q&Ex zb=T*sQ+D887R^^^0@nu4Uoi0X=zC~xEE7cwKHHPUnTBns5Y6K6);}rjdtyot4tsq; zuC&=e(A3m4Rps$SyULR8(W8!Rpt<>sw>?szF0X9Tbd6%S-}3pHZYA0~QPGhyBr?w#L+U8v7?FVc;>PFq#W5BJnvPY(IOxA^*@ zV1_JGT)y=7MV_iKDfzKJdQdsP4_efQbC)L)TEisB3ZTxNl76>xSSomisDSw3JYj}#X8nngN!wc{yn-f zz52}C{B=OPmgslfqjrkVV{v+y3A8U3(D-vwM!8DmiJb4q5IYB~f=FqYc%tCF@x#Ge zS_BOLuyUcnN&dTs5hkD^v1_pe@y8YpsPtWHBZF?KJakp)KCw-DB|*S6E$U+V(VGfL zl+R3yIbYwy4deSf2J;bq5~K`e?a~Uc)0K!BlpZULMueb|IE+>~470qJ681VjO5ikN z{}K=lgg}qj4qrU?4N!Uoc-No)JVHf%?e>z<^D@av4Y)o;&el3G=Z#kN&I{z=XXYEQ zYgfOHr2O5{#8eMuS3ksk(j|Kx%fed5iHWTNE86^4T+IonzH< z>fjL77;CA)xp^l03Mb>k?{XqiVe5v(G7u;^zUx)U^(V?=fuoHpdb=G>$e}{XnJPA7 zl`f+nn=_zobd+-fvPv#fuP^cJIw66h$0XAT6gyL0s91cvA_BLtHFjP4ii*r>zTv_s zDg{UvdgxDqKq5|){4Z$T;_xilWbqwBrBP?I>3tt0|L0zpYI7GM>aFAE5Ovl$ zlW7y5&kcyrl(5_NV_{L|jdvLXnK!9h6L+(WA)g41l#NhDjKlDE=%wY+4q}*h*&u)SjN8Wfug4p73g$Y+ALm!7~K9C=|xB^7MbY5#-ivPHNQ3vBdPo8 zHMYmuUlL3^9BN+N6d@G+O6QY&=fSmW7Od*NC3)r!Bbh;aNMz(P_U(@%F#?u3XoA$QHFT208JyA>* zWOYu88Uoa#&|`FG;8wzAvuglR&2fY?jJjlbW_rlIfv@cM`X8+;Zb`u;#8Z0k6curR z$efx(Uyxai*Q!7b7_@#9a{*dCqQAYt0A|xJ;zs*JF7_860^_V~f4SrnQSVb=8g>+t z;#SovdGyTIr=o(VK)n!FsL8o$gtqAx-TdD0+;u^G!t%wz-*VD)R#f} zOfm>d0v^pA=!_kCzni_sW+)odx;^XjRCqKJ5&@rM6SaQ4rv~YCRv60&&H|v-W2+Zv zh$l}Z73FGvzoxijQzZw|mr!*$G~HtG+lzxyB`3k*@m~J5HsHJQzW&jY4t$u$R|@Sf zp_1etqo7KT9GkOiE`oSEILE8r0Oe2B_C)5J#a5%>GeB~s-o1BGoU3!j8~XY>;xpcS z0x}Bba#Pf&BTe_yN{a=&z65shQ_2_b;98|Kz3y`R!BI5IHP&8$Ur7$+x+Kehn$Axs ze8B;Xop!0Ijd)&eg`|l!KE}QpCLTpXx86;90{pm zubZQFB`9R49djq}$OIs6X0-xcYylhHh(mn$-D|f>n+5br%(97kV3DW+Y#>Pi^|-@7 z_({9tGRA5jgN`%jqLUIRd3<=LkRKunBnn^Bv80t%+a2G$$%p?h|q-3t(ezuyPpfWd?Y z^1b;BI)$XMx+_sH#UbP*H(AM3(>xgBYB~s;23tCGL2uEVWfi07CweFnqOTspIE0$dBl{ED z-*c%+@ZhaXEkwL9sI%T|lG-MCM-S8_dfy+J55^w?WGvx}i~`M7q>|_5n%`#Rl<$SJ zEH_fwn?BG}9n+lJ&MFI1my(_M{*GWpA<5brq$qK#3YS36Vl(&z(s11>YLxuCO(YegJTt!7i z2|jo;Co6joC2*!GBo6_q(AGko6C1gJwIw%mL8jN$saBPFT#r+CEiEiIz@6rKd_6zM zKSVC$t3j8GWl8ujg?=Cg(Y^F-tWZ-aZyP8LGtEYGemJa0lExyOv@6YSuP-)6bCux1 zD?n)n${A`(WkwygzzS6@U!}wH

al0xO(CO;h=dEOCESLEAq*TB?2x^o*Sy$%(1C z0YO}{Qom+c*)0Wq z!gL#ER$-w00juKPI0xQ*OQiR;kglwS{M{Oxg{9U&%=FXU*;-XsnGNzBC;mK~%a;fy zVx}0t=EJXYsmN^)FBE+#g|63soFgYN2!a~MPjSrln8bVK8W3!eNa(UblONC59EKAVNP}j~laP08QZ2scI_k%r?e%w>Ng6(xO(PuSY__2ju_v@*U4&1%S?f z0`+7Jnx*?S0_Edc4 zgijT}L4uGxfN1D508Q&i>K!8;2hF^g)XQi8(Mjd;r7} z#CD98JORbE?k5FWDu_8tmGt(J5xmL<$&aHV;^HNQ*Ox#tiP1v$2T>-?iFIO*TxX(U55RA~laL@h`bsy@wqv_0*&D?_i7%wz=8JPv+Qz;UWld~?#tqrEI(fT)p zPE1UsSz)n8^=3;g+aIkB7_rF2p~*pZ0~(SFqJr_i50k1{se_VS%KlPbZ}+T5!rd+w z6Bd&@3KQXn9BqH5ww^gM((@;}dWH0~w76-h>*{$>LlL*ba{~}g`_71VcI1}(zg9ed zo-Wy9pAJCkn>Xj_6aLim73wIUV8!!LZY7QSR*$~%=SVTK`xiJ*_G39C zV`ICcr&jgVn#mH|ck6>FKL?7E(0H%Mz8nn*1h!vr!C*bRwslke&zd)$5Hi2AGBGuM zB-}Cd8Th1!4 z6Lh&e>#^!FgC@rox|9LQKe6^YPfysUUwlcmdqw>wsYc}~GH$tK?}So0-A9AyX??kY z5^M-8)Ez|M)LbD=n2}4j@oP@Q%C^l>sTSF4&w{er+7}xO7e^%RN1anskH!mX3)V4S zIIZ5_*sRtUK|(UvQPYBMOL@~O+8*p5je|od3^#sN)o;8yhL)GHFwOIWQ_O(yH-91sF{b&H(t@waUta@J#PJp z2zT`v%TuO8LPAq_V`1AJ!f9sb3h7>QP=khm^ynvc<;pyi@QCmO0Kjyc z>`~}`Cj7cd9~FR%{5TNIR3sWkg+D?`Avro1EaBR!8^%;fuKsJsx58cLyiKRC7)2%Q zyEQ(C!W&7-g;nwChQ1T8u|Wu4CNuAO@#l9b5-9P9)t!)M*ncD`>sR3H#3bpLoU3#C zFdmAKib616U-Atn^JHrjO}ALglB(T&AOq!Bvn7Sm(F#Pj%oA#dFryI9%Qx3z3WtiT zZ1m4~AF1oj?JNB;6K{S*y12NwB!Z-13?Y@vicqLUtPK7|bJD4;^?2Wr=H2p>>twTT zuI{AWB}FL1jzP)rnS#{#ta;0x+AsV#LClQk7t~^PQ4)dd2RoaRjGmstOf5{MJ86=#?Kxr$N#!AczEoq)9W(A5OA5x=-paIiK5%<&muoBs1t+L-4L$c7I{lyZpr! z8@*OYSzZ$r0GO^B@IfYP9a_6qXX(G2!2l#1#g{mVF|&74q7w zXjoBQ^O$ytWBjuIi9e)%D7glvr+pD?(Qx?1_AL>v+nG*eGg7RrIOhD8)p+RQOl$p& z+5&Z5eKLD7d{XewNu29ww0pk@yC$#MwC<}+R2_1=}*2*jvaUL^W zWp1=J*0Z$EW!z;5qDQN-^ZD>gMn*>SX(}mi6|3=h3|>cq!)Zb`Yj(xUw`2lDR8;<@ z!+#vbWivY!MoPuK64wUU{P=3DW+EvT5wT0;Dj2qBgI32g?_&yR##1iIWmHZoCbjO2 z^$EG;x4shyG)cO#F;v>|DW4U7_HO7X@Rjvikwk_%&B}jE{yIA}-S6ek-WI$5U{7HW z3Q0ryYzpTcv=+JaQEu8(So{kWGv5O}X(2ObcrIjwC9p$?@zR zvgxzbuQ8qq5wH?lbNj=gqP2#fC3;6KId6Vx>6J30+8E(KZ*n@+vJ&3I=D&km7WPeL zm9e%?J#f^c3~WYS2^{IdB`|2#3J|^ak+u5LoBks6C?ij)bIXGAM3K6ln!v!&P)Sv- zQjy$*SFvO^qN{sN)|l_oi$3p`rOSNWu0&-(((7|nEA5bO-upPUPWNW5okr4J>&KUK zxkos0c9u(;-NvzMUw!X9!j#$V+v=dPIpPA#WosXvtvSi3x{wdJV&CQWkh>4MM%?K4 zI3e8f^V={Ti*?>Cmu1Vo_QQ7{;pLJQiV9NE)&2FDdlZwYc)Y-Psuc0&JlZF&P-8Lp zr~h!ayoo~ph~N`RS@V2CGF6od4ZTG_#jo5;EOah&Q(T$SJK|2j0<1udD^4>2M_b5s zAGhvoBSPlMF74Vf{z!s5k$BHdy?~+WW#0la9qq4U|N3K6_}NSY{kPZE+}ZHB^7+j` z{5{y0cKiTVyl8l}OZ%K7$HLTaVWa(YUu5KN9*KHhu%eDK$;TUBKe7?|;Vokv1*3#Y z*cd6LiM&O@t}>r&L->1)qA;aKBxQVVtOGv7HG+@6JFF{`VN6_&sb-iPuy`%WFUy^{ zuzZy3xyrthXOWki=bSqmb(jCj^NUp{)XRRBQ$hIU*SprX;tbP+p*{UyYPm{BcyP)W z_Jjma!&UEKFDYIb(>6jS^gRy0sf26RJ6ly9aw!Mli~7V?BI}KAv&fRE#+F}ZcDXJl zyz6-!b+U6J>h8E5s$FGa#>*j?BgODlrJ*WoNHta?y^yj`fW_ju$7u=a3;Q3JnhMEP zElrK}<0iG9`PKH~vf94IWDzVEu{TNADG4^b%CI9(StPG;mJ5}XUso;wKHwuBAfdQ@ zxIEpA&=>Wf-TJGemcJE*xjrPdS^JrPf;H%|lL6OhWgWTQW3ZC!uN-)_w=@22G8<0k0;516g9UHC zHZ*j$HP#6y@hJ$Mhg5?s&m<@@(IpN0gVkIP6^HJRfb(-f%jqBbJG0=Xf}0kosWcrw zTY#odmo74tSy}vgjLI@X#z^RLd?=koP72v~N-22)iqgrwdDT|JU?zpN>HPQnbI~Hs z1orjtFcP$vs>~Srg@Y@XIIcGVL} zs;>JMrlBJi(aMq&@JHHdr7nm6`TfCOBBZ9NR(ceem+;|P*Tk@=OeTbKytOi))(s&& zJH*}OXOpP#jY97GEV}$eF9_dEC8tZ3{x8ngtJ;Xzb`#JY23lk?KEfC@6{!(_ck z<<%O<3esw6~}nFMyVZ6;imkJc_K_>H04J0O6Xn>!nc@D z{_uH?_-}RH=ox6s0}PnUSUC7lMNLywa!NJ!dy-;$K;+h7s7(~5D*eav?7c)cGnek! zSx;B(wXGqSNg5Qv9LCzB^Zm-Pn|K7{!{tP9mRu<}SQR*#*4AEW{`YCpDESEKX>t7o zE*$m07Y-o>E6VWZ=Yl^6KcmPQpUUUf;G)2Kq4f8g z{RB}qD%?m@xW8Ahn6yc2z(tV)H^l$E*p0#Xl9FxSLI8a)$Kc%KuxvO`eUi8w)`S z4-rk8uGp_v>LfxB*BowAF6+L{d;z<4;x>5WhEj>m#M1Sn*H5X-4+cZW!m_93;CMOS z5MysG`y$P>klpP}!TjUN)8Q&$Wofs0xT-eM47dS?2)ZTOTwp+M_`7@okAfmh_l1Me zSYFJ%U;MewU!jxz%M%JacG0}k-QO@|6pRl)qPXC1zCbx3h+wCpX{T|kg7OU41EX_~ z8RCQIX?zy^o)ed$x6xq4#@jT0qJbnnycYf($s2d<3-1pd*{g#a}PXJlrgB#z}RMy~e7V@#Qk<*}rSc(E2U0qdUW2W)I^ zgF%Lnn2GflHM@v_&R4(f2fG1fsv!C7qDcUl6R~wlg%K~%Uw2|7T^M-9kvx8~MsOvTBe1m@wwuz%}SF2E#86#?!Vb9-_0IrVWG zG^w;^SDcbE;{dMX7Hcs5;=8=|qPO?$!3aYvT2zu#nPZO;oWm;2Zy|BnYD_*x3?OvC z(dhEOs>xPgE)_7ytb9l5jXA zjg=|Wva`4rGT{fzHrBOZU@g^>sX-N>kKMW46*W?>PVr5c0#f{y*Nqi)2vC|;nLnHe z=IlHI1qKWz)(V5>&k?|=*J!cTZAtTNZ=oxiP7Ju6MWj*f@EQ`p0g4cB;8VRc?1u6l zT803Bvk#_z@4;i2_6?d*cXYVw{imZZft1HRi=3O7{Sq6P<0w{$d8&3(0&)_RCT<=f z$^6}*nZHdYw-23(b(w)74WWM%^uu-W+xa+ffqHLZKpaIgCtoF%->bxr3y;{ztvm}Gtn*u$%{ye_%Dd9RUddFHWv)vJoX z`@q(#()5B|@hS};H&)n%gOL4GM7@i3K^l#{0Ij4fu|NJ{Y&f+jezAJtEi*hiH(=s1 zI%BV}W^4YJt^ge|1{k>P?sY!+0xnOkn><;*ee1nphBvrhyuD5_iVaN!9-gt`pNFJL zp!RD!FDQlGu^41cd z(;9IH7{k@Zn_wK9o>jFE$A#-QxZ2<6#ER7sd+HvF(xLa<7M$O zi6|4?SLkU6Rd)=4()oE-5IT#?C!_%Y*pF1nuk&6>_JWZ}soAr&^hK}p9k!9du(!Iv zpZ>vU`ZZgMzOv&=2>gSU!j#*m&jPZllIF+RlSW*KF(qMr;H6GwL<-HxqpWlF&3-#Duj4tD!uH>-LhT*Hwb;Ag<5X8W@7-wta_J70a&`heZ^dAi4$wd>`vSwSMcUM2oN zcU8e47-BV?W#(`#xbj#q&ZV{1K|K9IccX`MOHU8DsYn>){XI62<+{Vu(~nFi8kk;( zlcEN5;{e%nduX$U5uhtVbS9Kb5CK~<^HKJSM9>;*Dqiaq*cEt^XFRxpbzAzp*B9<# zb^n|ZK}-)h-uO_S+hF9cC``xnn}0>ow*@Ty&K_|leqAMzc?@lS3PsEbusqar8VLc< zI1Upp-Dq1x_1m1c$5$4U5_Y{qG<>4wAw_8gZMmj1`?($ys~eU(EHOD5AX~$EiHzTI z!NWp;k{=ip^mAy41`PBHC@P8&ijH$G%^PHi(eS?;EW%cTnP03r+?;iUkxT*N*!S<> zp_z5{f+b)M5Ee^_aHem4S|Lb(zKK4)iqB?)Aj)3NtcfWQ{sE>Ncp~n{TJ0piPTh$1 zNBO2*^|QvO|JhGD@=mb!YD-c;=?9Siu1%oAO(%^uvw7feCc{h4Ymn>w@V$mpL0%?R z{rP_JmIKSJI}4Y9Bn)3i`p(h_B5TcapOpQ6{T!qOEdM+40{L8_z(SMqQYlF0CRqP> z_H|!zx9bC&R{NiuHiQ^LMp}Q|CyK29-|`J^Y`NC9wkmslKb0W5lwd;}n-W3?LaWE( zJp;)C6^`EN4$_r&FGEzwz7aqJ4T zV;tRa6*}ufD)BdHIfC#9co`tDkdWctpC6OnrO)YtZi4@BG{thGrQ1{@9rZIOdL`Ia z3-{cD-aD5pt`2DI>{IPPeEJs94+|q;u2^Cm=o9#bD!{q$PXg<9@%o<}>fjKYbK%4E zA+{v!R)KW79He17y<5e)LHKiKDRF!EiR%5S!W&Heznc91|2_R5-a!yWo%eK5fdx;0 zP;#bcWtAJ_Q%V&nEiHXzY59HP^)qnM%$$&zl$CApXlSCYF9vYQ$Y3BY7-oTV0t2`% z-sTj2c>n&vC6*fupQ*AMCAIqZg7^M|jxZtulME5>TV1uT_I9aRO?3mS@tFJb@u|d~ z2UG6e;|lnU(w%~=1rWMpcX^#nEkC}_c+oaE82Lo$3eq&6rYbSa<+x${Os|e~G-s$C z3@&^B;X??pXq1wXSqA0DBGC{KL9q?>UcvV2PJWQt5r7_=bo1>)J78$YbpRA zH>yTkk-joBVO8cbq&WOLi0Qi=EP=$m%_;DzqxDdN!2F^d#bg|LOnG2AD4DcKzBY&j z`CaQk63?ka|168)I)5-2XLoYCy%(BcX!6JMF5gEbePw=5XK6KVEySp!$nN?aPfJ^C zqw<7Qt{fc><;!0_+qe)#et2EUEeoD^iu$kUOdmFZLcmst7FTTO8^?exHt6NShugKw zREQpZdzsCr$twv9O7X4OB!Wkm?T(9Q7zIPN{;T zNCTT|tb9Qj)5t*sM^pX@6%Ke0I4>NM{#;b7lk&QvSdVO=0S0(&lT$*^n_5ITy<3=V8i;7cs;wkycXz!`Vk6^ZB2xi6!oyU8WM z{`r28DJf^x31fKP@HH@p6Cn9a%YlFcALoOES!x|+WaQ+nt-tUI8oT^o;^!B^$)McE zmv7a+Ya!JtC~)<7h=5@=g+*I1dosC7R-0-TT^8uCA2GR!1O=KdGQj+@atRcFGr8d( z>>$b=aL;^(?gLP%Fk=PRNu?A1rh?b27W8|-U$chH%``!pKN{xXt&f!b3dWkl$TM>f zZ>6elyZ#eKy*SQt>upHoxQki9$VwDaxmZ3ENRJUzVx9YVTL8CEqp0N^ecsm5Rtiu8 zoVa_z{o3;#6S%RP^R>3wyq_NHxzF`K8#H0L9j?TGG8J;zZdJu6yTHPUT)m$@YI)@$ zTx~rU#8;@9GitP%P?jrI_sO%PnW+02#B8{f>pmC8;_frREin)!skhX!^`8 zG9wd{$4O#>NZJuBvTxr?xw^W>Pu2qV)4Qffd$s2Pq>7B0(taA3@_Jb~8TAyZ`2E#u zLa?~32Jg!tnGKd!RecnFxrI;%$ye^G#XBSoAENgtT1XnS9xN@;*v9E(i$07}pBz%6BIl6unN(ZHn2! zHvZXEx)%5t;S8@O>3?2{ZX|pU>Cyi?Q1$Wt%kMu(2x?_8qvRlLO^)sR^r|iFuxw{y=xD(r}Nh=BS z)V7!X_r1NEKHzOu?a+)rora_T?(v8F7oBBS*`g6rFWGAu|2>tfY~YOi;WvUP+b)-y z{kws3@FIPE7MKVLrB933#s7EL4#BP|+fs1BAwTSmqNZz3oqe5E_)p<~iBW*F9pDJ|b5*22*g`E>A2D7A4DX zH}k~|+AvI2?{_7Ie8Bd+J@PI9KTUo6;MNOx!)|6MSV{fPy+P(O-V)iFtZeFpGo@* zK4gmyLJkeYx8I}|cE>0l*L`kr>8a*u_jaMRr=d$h61{LKZzi31OCXPZHn#Bg zu;avHabvDTSWb(Gpjr6G9R!TS443`#3Gum2yW5}z>*6SRaYu~AcBdQtdS6xSzAI~H znsIRQJ4Bwu??5l18lp3Zv^Otpe7RzPONtwytS{DDp)8v6*1ez_uoR+ZzUMp;?-~57 zqYQ?RIE`arW2=gz--wtUs)5|ZIOFV5yXUb_^qJ$(d?T1(Mw-NDbzk8QZMOPdM|8Bt z-roOp^uCp&%yBa~w8tw{X%h^5#h3LQd5iTLQHAS&C5n7xoh?w8oT;`N(|>rV^7bn? z_Uq2qqyo-ZOE29G72dwx@8fjXU)fZ}qB$kNAimb_Ct^V`9{%RJ_pd$K9#@^*Z0!ik z`?G_!;IxhB$wYdenxu-jwJ+rNcQmvAyzw~WG97*ZFeqt_^+M+lJA(IyhQ6H}4Dr#xoz$(x52u&L$b=#!mQ1|8y^&|%kw18Vu`eqnt_IrLlCI|WvdQgwq`^VO z4WL=LXCa}-uECQ~*pxYtg=UcbetdLq~c0wS;lx_>c{%~^oq3X8xWTX*X)7Zof z(jV&94|M8P61nFv#c(M7-BYXnD34MZ%P30p#A?{uR(7qJ87mh^p;THeAX5of{ftJ+ z95#9N#Bu8vj`Kv^du#niRKhjB5mvIGa?%!bGBaGLq^YHyWITn-`R&p~41=&c3bjh- zXHz&kD)y#7-9wp7hm=cp+Aj5mP>a^nk~*e&Dy?xyd2zJumLyx7NIQg0Il@c@u)8O#5|Wz-Hi zzqr8cPJC&FFY6O5qyoIyP;D7+B{$%0DAf;^iJ5#f`=Ys!8 z9OQR~w+*$RCnJE0P3>o)S%T(T`b-;{$K);Om$F};(D)GDT@e7W2_Dq`Zr%zEc_-zw z81IPKx5$szL&c&DI9lg?|7}uBO1iNFWIlFR8b7pB%gd|9hf?Q88s703j>aw!FM8=x z0uT!WZrqu=wdIMtBNQJgd+Cm~OY) z;{5&ggjL87ydbax##fOk-8S(wAA6^aTLbLOA%OEkp2TkhtFK{bF(8<<_Fn&$&6aKo z$zM~UnY2ljakS*kn3qDht1IcEW40v4ZMPpP0QdYqF08l?CY+tVUNchf^N`*u_jckK z3i!QO|NgA{uXY$Wj)<-jSa1E(j)(Kx80ouD8lH)Vj$V@Iy0E>jZUba^bqy@ z(t=GS1goQG`8JWy7^(X2VN9_#Y6)1J(tSK@mk86D0@jDp3KMX5c6Qp!!^|&or28iB zg{J%5&^o7W;AP+%Mu|bQ_}#6Scq&B!jW~KX(!b=k zT)LrBQl_+56$r-QG03!Kt4JgE4A?Z6r$!`^jnw)Cnt?=fSJZv+R|jp!2{wNS5iJVg z6Q-Y&4?BD^y*U)CY+oEZvO?YodcT+`o<|#vDpoFlBM?Z6k11atWZ($W*sC-uDnN}a zY#8DVAw}n-k2^x&(Q6ieBNg>DV&yWm7xp^EjieIofwme45=F}*9m03!Yem)HqO(`w z!-v~a8Xm?I6IZHB&Bom7RB9<7;FhS?yzKAqAB!g?C#8KpOaow_vLtK^Nw?XTxwW+z z$Zd_lvh{>o)IFeV`RV(UUZSmSP$TsN&h*Cf*MZ0?DxH~xY}$l?;~X4U#m=e*dE&>6 zj6spC0*D+0p~MyVM<^)S`cE(~5`-QxIjmi0=$DfTIg)pp+ZOE}Mr;~JN*>cCabnw|hHzXVQ}9p0~^ z^iu%&0{vN1GuDht2|?>{or87eY)E8OP>MR!wE6=t}lMnwqu&@A9MR$e~U^P|zZP%?<7+ z7@+@a2&%wFEFlf7tKV4ZkEe-F8kt>3e^v7Vb`mZ=z8@gT<{<*&BU&XS_m_taA=+d3 z3_(vubBo)mKM|lDT{IFLUmwcO3DMj=38yp35CGo(nUopjcRWW zuk-E{Do@3=>2N6?P(%{3>+pi%>0MD&ct}-%0Yu0}^N1-hOe-`I-`JQzP%|$)5Ob|{ zfZgmOSVbEu;al!}8c8ZPj|r-Re{u~O-kY0;ihVW+`tt`Di_l@|y)HJ-Zx)Ycgw0nV)FXPtP%u=ABQ!h>C>nJ=frb@zN7I@aI*D|zP#BUHa z=Mcvv)4E$-y%agrAKwq@P#qqeBWV-LS!1QhCgJULwgO@pvk{7Iw`(I0ncFC4xyN{>;H8QwK9 z2!38++;W=`|0~2dwmU0N;%|4Mf>!68%R^k*yb2vR0LVkceyY-u<-Vvu^sO&fUtloi zVea*Hdn74&UnRSSWt7(ihF-n1IAFE4H+E;*UboBc{B9(%wk|fEZ^+*dh1Pu*rTlz* zyD?Xo3o%|Vo@-@T{9Q_CKJnex<7^l9VB&Xkzu(YwRh~*Mn5b@(Gw&uL{CDE~oc7R+ z5wNYp@tNd8>=_ss%C67E46W3Wfpu)#1ttk}z6YIIF*QIYf}DQn>dX#Jh$g_ixY%65 z)J1;tS9R;CB+IjBSp59_OD2~!Zb!u5gh>K4inK8vC{vMc?s=1+?Jmf4;r#8;m7H81 zN;B9QMi5fs`(?z(FS)?GbsR4pAKc!01Z#aVpDZpqzX9^={ZlJA+OYa+X1Si;mo?Q( z;f~*VpA|KY52e5R5EBB-VTy=!*I|@|&GS=H6hBAVU1*N-_5a**+FZlh&&?kUK$^-u z+WT{R{|n%tV>w@NSr8^A^Ma1H&HBFwI?IuND*(`lQX>eU6-BVZs4$A@JDG&O5_e`? zihc~ptNZ`tmC%0r{C^-G&|A_|xxfHmUP+z<_Fs_n)dj}=+akafoE5Yr{}(dtfET+t z@;y)ST7okmn1%P4A z0Cq(HC;4A+OIwd@CV?IuQnP2!{aKO&nuMJ5R90q5UZFs#TD~#zsN%oyVJR?5d*Fqu z8fVW~@UkWP-Ne4v|AE2)zNIUDY690Lvx4qHK9S{)7!-W~XBj)nq^a8#c;13%#1 z)a4}MD#t1J;oxZD6r?3Iy^W8uk=+T0h{K+n!4e2axV6nv&X^~a(XGpz#48~qTjN_N zjYwYT3i83NqDT=VqD>c85nZ|yg`Zsyvnb^uzaR%y2USk%Jawg|rOeKskagj;1BtkO zkVi>jvg=`nFP}ake?!1>KS3*pW9!67iva#lU?X3N0(_`O=ztSxo!wpKA9ZInwy-Ev z-WPrgjK7XUu(GlO=bD6igK*KGgEk^gq1a@R8jFRlI^+Y&Hrr^tyl$~&l%%A$%Q$&1 zVOcL7f1d*x+JPIU3l1zmU1#(_bl=_1xK^qvU_Zg-Y zM1f$D2So!$Mj>EbN+%lS3R;2>HH^kHi4y97XA^FU)3!7R+c8ownIS8IfVget_ z3!+i(f$Lg%U>4CQ@JNeCJu3yG5!<2=9@{4bj6n=oy_#-0?{{kw?zI)Q9>;#ryefCx zI7V6wLM=QbHkRMjg7w>vpX#iA*f==-HA%kJK7A-VTxqx*`uubHw`XV0y1Kfgeu5H^ z&-?jWF6Vav+=BCdsM2F>qo8?1-kxHxm|C8hB@z-+FXTM(Id1#${)SY@8tqB+tMsAd zB=KPV;hWWggs$OXj8(`D=&#k7YMm9f)LO>rRRFRDk~>AALJE}^wMlrtsdZRP53DdX%N2tj%?o^_|}>TAfu313kUup&#EzdC=*? zPfYzr>o^e)Tf2;`ZAEZkdEiL`yQuN+)<*(ZV72W)Oh!JE$m7%bHq*N=mxRiCSqXGf zK1Eo6{#f1Kp7THVoB$5dT2y}mlLU&&ZeCoN6mp@MUph8S&0K;LZp`Q~(8u0Mt>QP|BY@oBnbLO!V zhaHwIw?Bae1qHBYLRj?8e%)uZTk^n_7B@P};U8O1Z-Xkmwf7H~*Vc@yGF<;mVhrNI zs>IhqL#HI;ISUbB4$DoQ_BS#MjbBJuH92vg4W8t)-|#mc>$7cf=vPxx%sa@1ez4r! z^QHJ>WhLZi#$>By7uDpn*40JF|DCak#4&4V`}5WU9xmR^=su=1ivj*KduFIT8D_pr z*&BNQ6#I0S>ltLFj6Y$2I4B}h6=yN765qAFcikC{(_oq~pUa9Y)#!LbE$$PA(qNFM zA3J<|`$WKL^c!Q{H&t3r2X1w07{4bxHoPjHCN68Ci0Lpgi1Q}g0RED<|=1GK%LD+eq#Rfvn+Zj&6B^pkZA`j;~6Z(Q*rp+lAOJ4Z_ zJYS|m;(LA6bB4#TdF+AM*x2amM4ZH&TOOG6_9L~$*mp7(by+Xh+CV{j{jiQ_awhgm z@`hhsMY=7DI_q^DeXjzI&ago`$8d?l_cl)g+$a2%PV5)Hy6bn6PazKCgP}{w(2LDv#KZ^ z?{Y$xONY*GT4F;6ylC0kl~kxAf-0Fz8Anp?b@sbzlP@4mf zoH%T=N3Q$ukB8b+zHb^D&9qPErdsagtLbU4iES_$M9Siu&>S|{tN?xjfoe>5R zd}P;>gx#F?pNV6r#n8vcg@5o`wtsz$x=0>2n_E#pfJw<=fr^HAr6FytxRJN~wwki@ zIaF%DE%0>p^ytGiOb!1E$7-?^pnm?zE8qa7W>`fr|8t4#ef~hCUMNpjnVz1xxfvoS zbWlT~oX(s7d0wK~bGNuU?n5dI4ut_l`C>Jx%tf-?qijQs*Sy5-YDfNq{j3TBFZ8OQ z%)Ny*u-)`ALs#sQU9Xmz&)o=o(dv*&o^)8l=fZSwFI8JkHS4-U-|S35mX zo>o~SY_<;7@y^?Pc6fF$g~Pzz1oiBC)!-5~iRgcS*$n7)zfpFRgfx@ z`FthfLYu$1r~Psuv-JJH(N96#-)Na%lYTsG=&4SeB=)ICc0#wqWTO=FMp7iMkac!O zQ_dC+EKk4K9xY<%epc?9>z8e|FK&+Ss~>XX_8C>xbY>|dOgX_LJx7c^Y?AVr|3G?v z^GTWxgKfTiz$X4L0!-$w4oG>=zVweinXe~x@6cb=OEeD@$gpwlAl}S*9*wXcT5_2t z0cT2c(8KoCfnc}8v%z^~qNv63l85)@?b~9NXcUn)B(#kkeZ5+DG92o6-%3=d^FL_m z94)nAlkrI3cwk&n@b#CfF>D+k$9kQvnHS$*>fS^|#q{R1-B)`Lse5M$aaO+fyM6UB zvoSD!;^R5L^YjR&+uo>b$+(fr^O^(V*vW?-+2o<)SPWQf#*9qYJ4=`CIXxkfVj`*{ zubVtlK^LJ~3s1>8C1jWVyMV!jAw1$ge_+#Yq;Hg{BWHeU|RV-o)-@G?)u>UbVOZiITDSLJYu@qUo_eNfkvFKe3e{f{nm6g>Pl$W1?Sn( zi0;q8GEK@aqQ&`GAYalU%S?R7XEHugPK{llv%*(j)c?l117>Lx?;2;any0$@ibr#RZ-f`pg=|_1qSN7wa8PxETU= zaXUjA%q8;pog>Lr5puYvLG6x196Q^)=mw$&=d+6~ih|{aHCQ7$<@j|jDV+c0tR?5} zDzjT%j+ZRmVNi4;Hf>NUXZBmyADN^vMm2svsf}X3^G7RKyk-M0X9#a?-!Pq9wZxDL zP=`kC$lc>qR69+WVo?Z@TaKiLHKlTWNal=dph%7ArxhHomT+V?sN{R_dsHiRmat!{ z!Bq1GBK*HB#qItIUU?$(@izB1Aed&S+zmwrDp$9A zZ`zkjs6jHTs%RjdhjC>(oSV}nDy3=#0z6j3-x4-HZ5j)ETr{7BbbR?s>~SzhGUs6} zk0vQ8Qm!)L>^lQ%Xn7nHG*qBNkPKnz1Tr$*y0| zteh

g(l%Ij@{4P@&rK_5EhtP?Dgyl~OM2SDjJ9>G)q+Y%H`C;OX*C&BmX2uPzvk zM-~tv#0>`Atd+1we z7>g+D80*>PrNsG`Oz(R6Sj9QR4yyW6p)_c4LgqD#gE}4eRx4@scQK%1nAg0c-0v#j z>T6D5SkQRJ!oa{6Eb`_Hk-^gaGg$fHJ8IY1C@`4LTXI3Zt6-AD#~YS|+ZVVumTBzl zuEbT$ImIg_c8Q33O>eYRZ}vth5}(m*S7ib%*8Gd_J*^JsXEl_*-=23Jsi{qAoCx$S_Qbt7Ecy)ZI&Ziz39u-2e^Z#a6n#{e70 zJY%V8{Vy(AD5pzErg5=b&QpHc+S*?6kb!-TZ~7xT`nQ36)T}3OzG@Au(d3!-M~oN` zFOm626Z->=VIORhz-0%D?)@)!{w~P-?;on8Bl|19W7T<1pbpcL5H2p+y~3v8$D77C zY4eF)YxDUu{6pc5ecE6R(T>TRB)Gd-HbH2+mY4lv4GIyPOx4!I^`j`n6BaIvS={wj zN`#P26;I5Ib8BR;%KKu6EQ*k$)SfCMM`ly!ufUhx>Rk$^FeSvD=W%*Ds5%L^b})#1>;2GUKk?`{+OYn~U%xmXh$=e#IHdQKHtg6m$rAG*C*!f|oncA(MkjSL z^pQfaz$HnRl-Ki}KA#hc&isMv_lS{;0OS~Im`Mi;ST_j6`)=v9>ArwD@GFohDdqBz z+~YXmv5DPZJzxyWa7a)e<~f5S@W*}hc3-5E`nGAv1zYCIZm4mgclFse5% z8MmJN9lAjCC*BYF{Ai!SQmjWVCb%t|>h5wMIklFkSJt2&LzCbpHjAIXua@jRbSU3> zT%AzGD+qsbb{|DiS+DCR&%=2aFph7EeMK`v z!0?))Wi*s?g&>jRM)M7g)(Ae8uQRdptW;t)@}$Fpcr$?;n|Y$M^Xi_|E}g zA8%)5p?6=RSBHtXo-DRGRZ@k`h*5D`?*3Cu;rL=bAr0M@Uzp)g`- z5sR{;$odgL)IOJJ#KBqy57KgjDs7y$Zhh1OSE72J?kEoDE7UlV?oNBrfm{!@&G+Wp za#{^|`-m|58=<+}B^UhTP{Dl-PWsv9??}@C?156eo*IV%oN~Q3{3??UiHfDGjnln~ z@(_BOrNHQ*%GBcIcNzt#A}o@7G7H@g@$2)3-9ARP_n?Z|$RU{2%K_gaK0U?f#rg>0uElq$jCjHeqUtri%R z!(4m#w;0Ra|JTTuIs{kkz#z`OxyfJlSnd@T+tTHM=*&RO4w8*ALjL~=rKQJ>$}nVj zNh2x%{MC*zGmD@m6tH2lwg%x&Gcc%9#e;y+3B@OWa9q$5*#ZoQXoM0=>wrfJn>rY3 zsX^#3fJ0pMUivWhod-a8qY7#e-jo0%I~hNM99=&S6PY2;yv$Op+D{N0iX5K7*dWdj*$w(?gvfj#^HH;y-~0Fx4`y{o81vT(*^K#><%}&iG#2s?pY^v5 z{OZa@=1{{c9rtTS!Ha=z|#NxvEx^$ z0X$Q7N|wfVVA`C*jAeP&5s={bur0IUj{qFLqW^6~>aUrGZb^80dP~0<5;C$)mh3vZ zH#MZ4=+8qkun}8$2UXxvL>eMPi$ZndEKqpA$w||GI7Vj3Xew>_ayi1w!=wJUH%n3s zxOR7%*bqMyL4g96l9G}pWQsGM(-JKHYidez+wo%OoVUTpu)P_Ytz$chR@^Xnn6oVN(tK z^b7^5mg^TSv4$;fooj2#1#xCpR$+|M^LZ9O>4BoLS=L6l77y6ig59#b|LB<=f;=oC-h|D6?e^(oYXxoKM#nD1{ppsw(M{PVXSv2|<-* z!CA&W$lp1kL-^};d(3Z??=bQ3@XiZkBVwcr?y{Y4VX`jAvt@#?X}j0gCnnJ%4NIo~ zhSLWV8Q9i-e~Hfv88APLv(&wq5c$EXg;X>`C~x%@f+W9e zZs8w`(Xq7|XN$YQ20OOa&7U3cxPrl*wC+dTXuj7KUHPG9YPA-4KU`Qi%l9I;_cksp zRfL2J@oyHI|ItvsJIlp~ab#R|c7;6C^SvXyIep)s!r?plTgD&jNE{^;2K8y*QYe4{EasoG-E z{rp+1EsVjuI3`WN|MlG!S*T9cTE0Y2hWFi$@Jc^Uze4=q?%gf@0(_K9nvi5Rt4N8( zf%sg^1zhqKqtVC`_-TL^VNjv|+&tk*fcTSY3AZ!D!)^C}-da`xHbd!F)@%dRRQ-j=f8QOt#`pxh1*IhKHjn?kiJaz@({h(1yllO0- zN!C4X4cNbc0kA96Y9=t?xa>BD{o?zb^_liXfdTiwZoAlpzyL^+>1vr9n&gAKaYrEu zctbkPKfY(zEi0(H@Q5z~E^yEfa}7899**r3+Do`qO+W1-7P*1f?t}xJT?4+}C_`Mt zH!}7ZTPBeVH_Axvn(Dsld-rNwqp~>J)?zs|lY$;rKJjCPWnWj3pM(*?>0g8h!(-)> z53Bx~g6+!RzW)TQg;dIA3%@d3IFdL*2OakVo4tKGwk{L{1wodK4 zITfQfn4@2My~oF+y7AOgHkiR59aQd)0_p##>}&rn;F=OZo#%uqDDnM(^eo8KB;kN$ zAa%ba2Fu;Soe|vO^ADvZOVRef?}zUYCE3X04PUsBcn%7xtm&7HKtyPg^7zRD8F8W9Y~l7H<=3WPxqP- zm`pId2JZ2Ed!RYsS*#Ry>LS*Ce+mHUr+oCnDuv4Ry*xg$p`t(%5g&I)Qqu&Tenga5 z{jU}v$J-jMocHrM-(cHUS`-e77h<$!1?B@6;h19X6K1 z-?P@{+rU~<97zfTCcBS`m;lXx5U9W(!h=}|CA6wcgNW~8lLea_8(>d$k3cbZn5wt0 zFQyJ|a%{f`Gj#s2D+IOg`T6dU3!wB!K4$QB0aPmTXp_S-ih+Rv{AzVIccFZuWakYq z2|f0%j0tr*@8|w7Y>M9X;NW2C2Pjk(F92W=yQ_tLui4)yrO{rDWeRcu^b~7WfYk^Y^K@o&8`~W!we{yiH_~`^IK{w$Zh9YO$Gg_{MIo zoSvhNdC*^Kf3DIf+G6N?*T@K_Of)eO2q3z|;;2N6`93{8-k6l@)*xt=X%o%w%bXo8 z^2U(!V`K_A;BygvP&A$Wr6r#&(h%5!0J}WxjU-TOb~bG|sQCCA1vmhiUweol+P`d4 z<&{B9B$#^D5D4oaB%Akhoc@Uff=G)T#C@M0slKL0O)}k(lizMm8bEH7dE3yo9334O znq3$M2XXKUD z-PK_oAoVHAwdR0D zh!C@bDj}(_Uxjc0CB-yrqG6yinEb8Tw?K`RSCo`7LrF}SBfg!1@ZHIY0IIghRRTZw z4IwD)t0uA*CrRxf`mGCMm;3G6<_k^r+YVsEo4xnOsqk_SKxa%H{_~YaeU?7({6J|4 zu(Wtw#J@~N&#n%25=3R*%KPq5F{(LDNYu20q5o0)!{sYd4J5WU*%UGFYmEz zyyt&5r~>-snSAF3$w26@C9%{MT#MO$YzugT-#``30g@wThv#rusz-PN{%kQ-YN=?S z9xc{s>F@svRBm@bI0K{%-}*joFdk;HJ7q-5R1yH%3=e{k+Qquhauxaw-%drpTG-_g+s7HN#`P1She;eC|ml)4~jg#HU@%+cCAgaJS*5B4e@H#A(7vKu(%#a=0htp z{7va|>VX%iq^n;c>CNUqJWb63$YxORqucoY(K0}O?e5^vt-Gw$|6mG=@4Rhw{xeGU z+y7o5r#0VYyWgysDAaN!1>Fm+MR72>fYkkU!uRLw6B*32!RL=bhOC!f7ttjzsDVN0 z1K(|n)fl-;cDqQU<0?jNyOE)xG!?UIcIgV2@$Xk$96n#5BT>fQNIn-8Nr$0^+=TI$ zc|wGP;VM3=i&sD$2b7w3$!|co`3$h9(}9@-EAlr{l7#9Dh2iPMO!L!ND37_=g?gdv z&x@!> z%@5d~Lj|bCSOoc>987U}V<#z#41b%Yx&Cq^;Y~9@V)(EP>77_!!CLU2RSz^o@{yC4 zp`)L|qBHG03!@v%{X-N*6p?d5!kb_hR6fz{NKh+_J~&@x5*{Cq`%CjD0w5eQWl6eH zLW~APC0&5T=4^kO>3k}J%&eVoMy*HH#hMuNqr>Zw)ii{c!=n|TMFMNb6*s%ibE>Z4 zeGP?ob7QM`MT$rEQ%j^mT2nCbOY>`DNIKcZb2sH?O`2`k;2?8hZM@{-J3MQxOBReB z4!kN0J~xZWe3_ajW#z#Wa^mHX=1*Xgdi`YkDoQ*n{}myA zkPg>6ZK|6>L!j~;|Jdzd0v)2~(ZabRc-oAjcE(0E@nQ3Ag&zv!FX93MELCDlSwlw{WNJ&u6`^&uS{*DCr+rLqfa`NPy&PR zePYTJTQ_i8W!j@EkV?xhLqWVLgGEwYIcZ$9IuIq?FEMhI3P;sIaJx4^>dI|q5`g7q?-*)SO{ z`lAJ(IZY+16jQ_(`B@Gs{FJC*MkruW2Lm20P2R-A}k{ z7QBPW)clLU8k#K7nZJr%qLRz0T|AXf18FkrNPcVHAEA}6k}F2Urf+k_gd8l|rb-xI z-3)<59oFY-)s)fql^M3wlGZ;0iIiHNBr?3eIVP4n1FDFg^`ann+7$wnqy!W|88+?j{kl0t=tI01$3t{YK;p>y8M$VlKO@ejB-9LUd?Q= zFjLTp{Ic4b{9C?x=T~GmR&E1WMx*z`tt$eg`#a;{cdberFdsm!$MBc_WR0IK)7b{X zmYF$QhL}RidxuQLkZL4%U|$DSPMf{a-ytM{xo4NV28&bqNCY)^Xi-hBX&Il3;L zL;?L-x+6rVpPFIoRkcDLFXer!JG4^IwDJ}HLu7&_Q3hSp5d2hTf-OdapB zSEf!~RFLyolK8wS+&(1>oYK>X7agv(wK8k3=<#Kw@W0)z8|gzc;&g{#=n=YNMHw9v zY5*cyNYi)9pvqFBV{Z8;d)K}PTkf0{UcRJnpDNG14l6PC5)uHn$bjs#vTyFXzlP*~ z;l%?jvcnTbG*VOK;kNGljv`}Y7M1gJal5VFO15fKnB*G21_ z5#JA5#Imf2+vnNQnPt81hjU-G8xod(LHN*uIAwY$SaAVQ`GNO;>kyz2YN!G}rKSc| zwuUJ%qQ2xWRsKMPX#EY8P5er%!v9l59sYk&L;=&zw*v*3kuhKd`I}@)Kw1oUNityq zKBFm$sa5%UcYzm_mz&6=^#L(O9D}8Nx@UCMaNBo^MbH&94EfGr$CZ;#5WV@GEvxhW ziOkMm;wos_=C5P4t-#2Hb^XP~^uUDo0}Q?WD|&?2L3BSEId@P+EXR~cv5fNGQFYVv zRZ7YfNhBahEv~Ow3dhZLett6l9dIM@MW9sRiwk)VE68`EL@^cR%kv=P6MrwA;BWuR z6bDLj{3tGy4ti#8`4+N{6g@INGLKrI0HXgAwS#i-DeB-Yw7~)P>cB3yW8*#^BrRjp z{=TyDX4f6U0unV|T4o9fkz!p~T7spdFa2DU)G_$gj7LO4ZIdlQ|GH3FHYFIcT=qdn z8U@0s|GlVk%yG*@)yysA36#6=qYS7-|vp**Zb<`Xb7uk-*g-XSSNl13h0bhv`@in^NFvsV*TA zHgG8LOAhJn*BLKY8}cf5VOalygI`U+M44sF&0ejV|D7f?Ih;dE$IK3An%H%)J6eOU z06&c&!m+W@i7}`Vr0e}d29FF@YmLH!X=)2fRi_w_CgOGgz>YWb?O5(fcIuU{*ucfW z*YJn(oJw+V!0{drCuzh+5 zi~vIL8FoPH{V`97ob8hk02BoO zUxxtpmYe2(Edjdl=`SphO^ERtwI^sfv55m-FCU!?y@`?W#Ez*Ac;aT~J#Hw~W_Ej1KSUm)jX zRQ`+!i+8fKiw06|@~8ec?gN5OYqa$A-QR32GPG)HYl8vVvyHa$mVO_C4}fG-i}|6U zqM}AR^(-pIJ1Q?LC1vfM_;0U{@ z`?G?S^0`=0AU>?T(AjAP?V1-X2lWMP!cIg)G~!JrgJtY9MlS#kH4{L>TEoHyfgkC^ zD9Dh|P-N{YJwysS3QLwA26||{0>SOSfAk+S>IajUnymOE@Rp~h)UjO2d{k5Ystp?L zWe(>mu(skY!FH=MKhUqR-46&vJx`={t#!-01#G5}>O;@d>poA`E0|ZXNph+|!t+o) z_S>1>y-Q%yakLmq(K@^+%LFKdO7+QeEDU!F3JO4tNsNe!69|wqAWd)G=3D={qeW)T zYTBhnhXOrpv)&vb7ask3>#$&COxx^m0rY*DWI&VW?fa#>Tk_c)7eMFqSv<-85wri( z`sOI5A;yPO=^RIpvF2QZ!8jZwIt%-|&^ChG4M*hv0T43Ep6 z{AGy=fItS*JLCfZj`AkGD=6okjO}mVd-9YN;^FV#i{AQNk`l6O!Z|EUBW4S@;6C7? z-CJCv;o!tsdQ9_^6DsArYq=nQtgsprAr*AQV%7S^Tuv(^1`iJ}53EyphguHb6&E-6 ztLy9QVY?q;<*$7Hef#z;BEXy)L!x6Ei{M}Z2|0sI8rLZ(SZ2fHZx}vIGpBiXuH5D; zRVJ`r-@_09g(6b|yB?2a(0)5myu(&YXvTAd8K0E>qrgfgX){e``m64-UrU|o9_$c6Z{?y0hs>`&_wimF-+L9xQ{R(c*+HC~RbL%F zJ;y*#sYE>_Mu^9fK_%_V8%3Wb4gg23G${>#w=Bpdv!{iGV66o9^}UZ!CLkt`+t{F0 z$`m0xUTz|wx(6VX+d3(xZ%E-AhfPjte5RBDb`t~W?C9xv5a8k0H`2u3`}wyy|GTh! zSj?;Q7KYB0?2e>>9aonIb33?++0(+Q-}_=Re;!W51NND83cFr!55L=-{bH)>VI9C09#L1BnAd85A7KU`&$n2wz1i;1ICc zGJ|t3Z*hl`o{>b7-@SpN2Loc(SN>605ph&cy+B6PUu;j{E9r?DhmKfU1%h zy512GpV4q&)^pdutY06obE1p_vGQNt0I3`&-~e(a%)^Xese>8oSqNhoE)5I&<@NCr zoq^})2d@XTC_yCt6#*`LcNLcg{QaN)-sAgvy zh=DGSSODzA7_=HnArN#jlxnos1BgAum1Y-201=YCrfk_bI*I|5+Grb&s}St%{*Rq) zzD+g0H`JqjUZhd2N3opQc!ym7PJGD&>yyRKEy8)&nOl-l(l4*de-Hjyp5*QwF- zV~5RtyBJFihj8l#Yu)5iasa+w`HL>l_?Nq$`|*_UT>T)YkqF=?TP~8h{cgGI?Usr0 zHaD$ji>X*OnQ>jmG^>m?K)+RTjl0w6q>BAoTwzNMn80QLL^Q@|nAuqQ<3^A?$5j#7 zObsGJ2ttinAM548B4RSDPTzbWoMEf0!e~o}`#vB&vkd`6x9HL0CQp*he*3@SuK(_F zeanRXtCQOrNxmR`yTx@eYSuTbCFFhf>iTp!#Pe7b4YN&iU!B>YkzT-QDX`Yk=yK~0 zU_R#N36NnH!n*o01~8lHLK&bB;|Hjzu8xFwa6#G1eLR3V=0?r^A>|D9>? zSx0jA-r!^bu&T`c&9RapD6wz-ZcR!JTfUQWAI!Bey~xqO`ui5RY|Cy<{}3aqvlxrp z9*Cp$I)TCKB6y|q>{i<^;*UD#vS@$$E^cxz{LY~t3s`5;maOa=hkG2#_dZy2+H+=b z^UDLMFDhi*{)=5jXp5Vmx9{pJM@oM{>2NYkjsPoCOqEG`6Km@5_xa0-ni{EydjvjA zE}l|067XxDF`3olEPg-X3M}P^th!$0=i`3LSvlD} z*ZTSFmbs7o zNAu19JqAoPclTaSX8)i+2Qg9=RaLpivxLKeGr%kwncgB?`*{L|i;L@Mr3Ljp#7pbz z(j>p!z$LSBxh^|c&P&xT;of}u5642?XBq%m51uTL?F4!~fP>DQrzkd5Jf0uk~4Tp1^fQC}H<7=#Qi{I0OjQayXub6Fp zbIEAE)9bd(Q7SH`O@p!l2B#1=_>38qh;0p6|Bem`Qb7%Gaa2ouF`P4 zbRGQm&uDriG(lAjlSh3p)u_UjsNArHl^D7oJu^RnyWHq7a4>5ZswTx1dO^gxIk*`j zpGY67j!r&P$TbTfxSRXapRHGz@1iwUdR7cC{auk8Y*&dX1S`X{E2ub4+JkpTbTWv6F@BP2A z>$#yd-|Vky1nS*RX4h^GZQrMfIG{`wDTbR$p<*5emfrx4VrYXp<(fnkb5#<+!^^bX zT^@4{%YSu8xLf39N(8X`o#AX;oysh^JNJElJ8XV)AcY}35S+w9zFhwYeXmR@w6MS~YeVz>aAxr^uYQX{AvP-PhfUdrN*ANSV_H%%$d;jInEj`)|Vs>2+ z)>D#ro9?+f&;Tg@qQ(bA-H}yrzv?O~Vqv*Cf|Xl~fA?ThEfkf;ZLd#MP=Lme`^kD6 zg64^=P=N3?J@}!JU#0QX6ZVL$GGW&pu58k@-4DsLZ6NQ?a9Xdd*m-hmgz}&6)gt-~ z;7|c|v)8*X7lZ)u7F<$7(&)4vWFRJp%--sG9Q1i2H&1bIyu16>Yx~Vg%W=5H&{2); z75UpclL}j{(X_WjvqpAwmQjSTnHC1+ToG(8CmKVDw=!ItYF;qVAR~UU_ly{w$}Rsaxm62(U!ol1h}#0hjdB`gOY2M!-vo2K$Fe zh(ArdpV$0l8q=utsuO4w*NL8XFtcB%#@QW)pm`}o6IX2+s+uZUBC*D=QJ zSx&Lm;TwM}>e;Jnf1MX7$4Ai@H==rI0+J zZxRIb;K_VpQEjO->WF)O`U}FIx4qqt7Y7wQ@O6IRBFT8JT!2MhFm@D~o$1tB{qwg6 z9Ix#GAY8x&TF(-I-UIJ@`bjL}i}1aPRF%tAAe3&yYPP$DN;O(j($r*j3!aq1umQ~O z5@4nx?JN?f8-Nb9&YKjj7dEBx{_YO2kXJNMBIK@nOub#wl2Xha^kWxb@0>k6WQM*o z{_xMfpgX)@Y5B`+*qq=kYwZ_3EHh1ib0SJ>$n9}3(;b3}+vg_vT&%E7Ym5|iVW6kS zpqMiH-C!Tfee4b*5mc!+nU88i$eGw|6W|pqqBlC5KV!4+bw?K<44*9~Y@?$v%*4aP zYCK8!N!faqW%u)7AEgWC0BF9RsV~0D32dj|y?!OAHE(uvl{FcbMxfsLSk*8K)JAFBaEnZ+DKhA;X%UKWl-hfL!?lGgtOcyE?7}KZsnSl@2Xk8H@ zC;U;lh!PnnR`E2V_Vos4z&(d#3OKOWxc(PYtZL?~s6bAv$E3pSsSYPHo4FFcQ^_~? zg7K7BF)0A)d*TCdi-%KEA%gpA@`n`w@yXZ+=vyT&yR)~R@XRYw8rwHbe1MCG95U;Glh*Ht0hCaSXG})$QX2|k zV{>?!;gXLPAO)fp>-MC%AkM?Diz%mO%I$QxBK4>JbTjT(o16mP5=Cn_*tDAPeY7c* z(9q9gZ30qi0I5ZBziiI{M|3D zvbOSDOzg z*Z6aeX)zj*sQj-MV7I+aVU z${6vymRYS9OTWo65=d0G09d+IeO9ZP#RffKpJ%ss_{d1qE5c6L)neYrn#v6bw*(`(H2hR6QF3A*84OPJ$a`(8T%(TkO5uT@$*kc(2c=L_+ zt0)r`IceenIAJ&x`MI)|9^ zxC6TAH?0Z@AXB1N-2f}y+r>#pxNHD@lBtcZEj+TW)m3ZyoQ;;s9}y zE`*0&rX2Kkv3iYZ^9ETbWQ_~Pw0#UVRR_peUO;5#0DrbS$ z`cq9@Zvl1_KwN|+v!zBN^85KYvU+{}Ar%5xYKIIovHXLh;Ioe*9?L8+9}qXkR%gXQ zp@lJ7)t5p4(W+T`z8ZkfVY{-?%$N&M|^ZN6{Sz>{Z z^9C&nHYIJG;_t7=wNpOY<#3Fc?>M19V*xQ_2vGjz1$2mcKX0}PF~-D|ux+a=XSElR z!gR7S6**IFXYHblJ`x%H8_uf$V4Q|vH8`VlGKJh|K!ej4f!AYd?!e)h&!AZNF;g2z zT3z3PlW_gJx@CZ@m+SgyjpYX!pLgj3yvx-uqEh`?ehKh&OH@5geaE^3AhppuidW_$ zYC*crJ6yweMHHEh@LK@-XQq15Z?8E(_RqiF_s#h1RZTimDkmeQkqkxH+)uLf%yjwy zvLht-2TdC@%vze9fqo?0?{vrPXs&`SSSq+LQnsGaX;TszaGhRd(i2_Qft7)Gy$VS# zw`XdmF4H)!(a(CX8z+mP)oKKkBF!fDd98kZAJ~m9;ulQgo;pl>I=WeH*2>9b;|dv$ z@_U72+-Im9d=)nr&bQ4JjhZG4@;{^0pVC@&WQpw4;b12y0=W!eK9b1QEYMdSd7QT& zJ?(HQU*l14mZ~ZO`xmzNaZ}&r{}lI~;c&I@w~SsBy#-OC*XSjP-fNWTy#~Rk(FHSV zlpyNpC5aXhUGyMibWtPPAP5Yt~sDVmNsAy}YI1uRMRy${cik4781Gceec_Uzz=Ek8w0p>BA zb+eJ~Mp1uEIMO2c5Jt(aoJwKXo@d4rYLAIuRkq26>x?SL z*y-wO1g757Inm_mq6~Xbed?iuo;#sK(0GAh0BStC)=x z{Q#09i1c}_-N6qEc8`t`OFhw^i|e#O(6XgIN7sdK4MkX99dw!dv!f?evY3u7;-={Nn=EGqn9NeYZ>?Lm7(d*2bJ4_jin5h`U1SoI$Q_|*ecRhhdwIYO8eoVt_( z_>eZ%OF|Sh6|7GpO;me(JCnu3h{qyGV~EaD#AhT7`;Mt z*$)sdbv`ql_5wW4e7zmk<<-@I-u31Az^WLIbSqDdXAmJfhR z4X~bNVn`sz;NtTm1Sps0ojvg0B!K}ps=>HyG#4C*7H*q+a#>Oj7~JUKhD6IjbK8Os zS00p0i~fqYrrcOy8O^T{^;&4s_!xHjLa8T)OS5kX#`@ zX}M)HhFO7yftt>K4tdCSfY!*>V)Wxw9m&Rph&YX~9~AEhBtvZ+7%9ukX943x=|yc$ z|95kgW=$~A$A_#tqnU|`iOZ&|L((<}GA6~zo4>>%oIRP5$Kl1LkBFRaj=bCieS9DI z(ZmXN0qv3Mx_qUy1__j229eEh;-R9C_MgnJoud5M5_Pdv*DR=xl0vvuBw*Qa3GS|f zyb0y|e>Q-}mU%C?w%!i0SA%fgaRMZJ*^S3PX~#(6wm$Z5Brq)wuB)A;@t!e5ghWN6 zw?e0edC|9*+V^g4TLup>O<;S6u;_E@7RfOlEO#b1Zt^7b1?(K65t&>DciIEIXwHNF zEGg!R@AqH&n6K>`RuBVy3(uB?2YC_|DtB6#d*~%OYWmRi?=hgvU~IP|PW>&)0-@x1 zvVt}Z5b!_BY{N?3SV5Z-)9PB_VRslz=>sNCTTcfPUM;Q5-(+0GEFr3@?a5S}%oB%b zMFi&la(e*m7dGl^wOMry>P)^XLhV4d^=S2|G`)a#L_y*Q1?w}!)P&zu1v#>`a)_HR zL0k9nKvXkfVyuZ%7OxFK*M|;!Zgs|&q_Gu#N-}}FT(uK+R02-C_FpFlxXkJ!>$_aW zb7O$E;)Y8F@h{f-^y|CkRvmZT=W64@Ri5yRQ4Bb;bf)ijwHRWB?al5>My#Wx{Kwp%1Iy)1UQ*2}@7h-M|n zN9-M5A*Dv!wcqm%q#ImO$R5|3nsU^hQrvYcXevtpL76U!k7Y$pH#6Sv7zs*Dpq)P_ zHgp$>jV6s~*1L^Dt2KJnJbEiYS|XrdkKg=c1=bN<8W>di#kO%=Y}paynFPp-j=G~)fTEi$kMwL5HGj{;_|vPxSaSxBe)VCuJx`UmI;zWa zF#vFH42j=cEPc0!1ubDm{Lqsq>)I#5P}J?t^RFP|MZZ;3ENvTj5Dng$Fg|)?M&{?- z-UrB<-aa;VkGr^Sj)pZa(=MY{TDYw{f(W!mi{eEy7&cG#BpNIQav`1eq z1Kn38EE#EOP8Z6N~bUjOqVU4J{k?j!U;` zN3j?@Eg+B7$|zmNp~S7disEw{6Yem8w!Nt5qP*B6Iv5L#{Q7s*mNT@k{`3*PILYtF z6)B0`#YR*XEz}pm0nRHuMJiU5XBJP{@w>jTH8i^1-@LLM3>{cY<4zL~hHjNTEO5h= zlsIyE<@|%FxAM>+=c`;upAg|VmfZSf*`uevFeaGnIy3Is)k9W6!V8RxvSFjN`@;{GoSEi5S^E+1m}=n(nz;}S9K z$QrBsUBi7N^CN=t(onw7WA^1lgvkYg&{r6Fs53ZuV-~e@{qMhJ2~}LMKLh*}Grc^j z(g_Y8RDar84_2!Lu)SUv9lElcRlrae+@qAFX1Pj_IWC?pLG8#eUd~ACzEbxd7>%AB z;5Sm-;qtCYWM$l;q&|8VZioelDH;LmBrz_{umTPY6e0TZ{J7Mry}3j{RO9YJZDm52 zoc{vUNBso!U}C#_-Mvf}sJJi|S{&pI9pwxqN*GVYK~tBpUS+hoC1@>aQd24fEjjzf zDjp2AJVe9N!ccMhpX0jnJ}aA>l%mt+9Cl{jYQsT zL3Q77OswVl&h#jzzGKcEw}X%YP2>LbQ@W`Ne53U6!>^_7z8sNlKpt;u%DtZC@tTfucsNX)_ z%c^_YiauPW0W*Th-xNSo5UwUVm;-9=udTO|f!DHGeAZ=|F&81ZO)2&XcDvIP4s6pA zZ#~ml*ndCkcr0Mi>@@&*Zk1IN;tfE*-3IAl4~J4F{%rLVZCR2 zpZkd&?EUafQ@fQVhNQ4yjb*l4^aZLD<8jGJpoH$PZLrTRnYN&L7wa{j1^gHW-neZ{ z11}%WR$xQJhKCjAvKtAuft8|k1y~dkcw=sm1_MAn{|hmR=vx2hCo-aH)xb z6$ilUpYqFHN)~S3d)XbRjUpiVfydmJ%qfImLvy>|N@{*VyH`C+Mt!7{uHpa!@HQ79 z)p_*MRspCGi_QGGXXHkCJUC+To77_>3t5zK=`!OI@4kmL9m2mq=d1oD{_+wSKWQ(-$86}Qt5_oq26er-}1_FqVGeFKM&UOQ?E?Xp)q7RLK_H*0=D@N_bsrJ*0Dx88?!N=QJp-L{r!fW7We%`-^cr+A zQ3B<;;FQ#Gci)_=#pnN?s~lOR+Xy8iERWXjTd@A4ky@Va4nVM}*rX;UDXt}(;BF-C-40WQ$2 z+YSqa>&2mWrb@%wn{Q}YA;%Rk>h)Y~R+Hy7P*{;|ov89*!^Xqgv$~JlwsJ4UAFCAS z0!$!|E>0Ni!oIwcxfO#)g8ex%1cX&QJAFdCFHQ{xKtmfE>o}jQOH&!-G1=5e)rwX+ z>uq~jK@brgNP{9T2nTi9b*Ay2YBD`bcs45l{rU!7!L)=ZIXStOpq=}mUJCn6K1yQV zj)Q$tf5c@&I*>>+^!=XJnw%fCYAQXvBl!5+etRGoZ1WQ52z!;TZEvTZMg%C+$vT+{m5Xok^GH zsUJA++_}T<1_q|=_eaDjlpqDl_07$SjT_ZR>wio!p^#7z=_cgc|1^`=^fX(VJ2HIj zlFligkm|MVT5mAddl%TPuBcJ`=FL5|1r{p# zeQGK8N8ihXPSGsAedRua*SlN9(7u3Gb`rGzo&>Dm_S-jn6Nral(48fX-y7wGH!kW- z7dc;y5Z!HAN&n;S)dQ3Ubx20VSQ@7u)0!^`WW$alVT3GLXsm)l=N;>??d_{jxw|=@ zaSIHE6%UqLzel9!ydsETZ?%NPL<6^H8LTwbE&1kCot0Mk8=`a%2EoL?*kZ1>>hY9V zPnT{NGXBWG~F)laQF7DNpUd(pl&RJ{eTc~cdu$Lu_3iL##2 zC9d9=yq3+qctso{KvhF6X&(#QU_owE(N)j&5zH$}?BjhxDpbl{{XU`qStV?I&>*-u15(iea0aBXA5@h7ew(Q(aEl>y7Eh!gR$lbLdcVjD>fi3z ze=e{8kLxZiC8|lr(*84EwxN*DaS6Y!+u@0*+oWrH(mFjHf{ngOi8VK;*MO7QXivtU z<`3rxm#%piVjsE+A>@O8-qq-_oXB=nlUbNZi`n5;Pymcu`;M{pclxgj3*bz=A>SVP zdao?9CsH>LpKJ;6!C8*x-+|odNpap&4_-@wYNJZ=HS=AQ_dq`n7tsSwOdU0UBZfOD zAhg=e8bhrg$wEuLdsj^&!QQl({r_)+x}jhG17^s;zUaEb)Bm9BiG0}VGG5sC!5dRi z#Js_zB*;fnTAJQ5jpB=MTI1^xK|v{uW#GN5X1sHgISGO*ahT=8Z!1ph&P3x7f}DXL zu%sky(Ia5`eYwIORX8PeOBRTHaz#mRGIk~_wc?3WQt$~#dO)^cgZ;VT^qaMsz;dt| zXG)(7*@->KXk8dz|7Y3JMsS z*#hw{Uzmi!g+Hf#;N^=Qk~jMn2kAy3yFi?pl(#o0kocEV)fT~E;-7&R(x<9}EYomk zF{w*=@xm6UXK*}tJ%GkS+f3+!_(}1e(Q^M6ixh=A!`AzNGvl!oNW4DB1F67$X?=L) zI((pWE|&;KNVqRie(*YH1!Np#z`D`Y6UCbd&o4&Y%$sz9He4%p}T3?}4aM+tTa*Sv_@9K)~>t9`J;!DJ;DR zyE0u60pE)^0~_gZfh6G;#9Dsg&TwrFzN9vD+Zq)-LJb^|1*p?%o#0$in&RF7Cke>E zz)4600mwH@0Re&f#>RdfLBWmBX;^R{d|;;j7XV?P|C}AN1t(B`$`ob;q-UD21Mbb3 zK-~UjH7P+2?bH0d*Dj3QoFu>Cj=vLGTa>Gjz4v!P=2jI~Du2q~ooLwI1Vkijzkr!O zrUk26hM8jYy`vnMRZ$hZp`*Xn;F0o^NLn_YDlYdYTsqtj`QWNTa6x4UOiBZ`yN1*& ztx8#VC?e0O<;`)a{JsMTKbNftm+;lAgAafBv8)2jP5Q~PI$3#)8%VJ_6MDJTMQ}sT zQ|uAhb!mJaK#E)KOlLuirl&L|)fPdH212kpLz5jJ0|=-kMu!puK>L+5BKwd6yoi3d z5fGGF0DpVv>zs>>DG07|5~GjB(w#_f+xP%sIETnRcFB#h?$V=0ZF;be(i1};*9bMyffAT`tG%ac zX@1>9xHvjaC$^fnq=$rr2#Jf=rVw~pJj8J)L7}yHfTOnNTYY9_Zc0kZv38t`p(bVs zhKbH!^@RKCx?k)onX}gne-Td8BR#@-mazWGGe5Dw#0|MRmH$!*#L1cJK+{Yv1;)J~ z>HPopGf{Jqg#~Aj*7PSo&)PNu?I=rbhnTDC8yLKuyj#Bdbi@15SVPXMpK!Vw(iCBA zYzz=a%-rCSDq@>zy1NcFR~^r@9Lz%RCjOclxwq~>%fl}sVT-fz2$OISXy|wIM{XrX zSqG1`;P4`DBBQoHN52y$~#URK%!;S5yRb8oudKPiZ^ z9*y=3d=qI2tOnVNnHYKX-+|BaFj+Nk9#^Py>S>iRQK-F1oOvlzBSVWD;!m}4`X-VUXz@)Q4}D0j zsyl`<>~LycNA_YokVHKb^>l_|9-?s`y!-Z-N=!@)c?-V1tyS|{r+mS~-TkhFU~1Q* zQG6^L^f5eQbJzHeY*1BZYqR(Jft&^bv+i+5CMJfoj0~gA15q)tw7fiv%~NB~po?ib zb;5hJQuh7w2c#^dJ4?F`G$4mRMGCqxNMIIsNgrpr3U~ zlnK_8U&l8gy+>oYPM3FP10BS3IvZpIz< zd5P~uXQ+l8At7OLd2y_)1`|6ufvBk1iz2l{8rTJUR;{y=>{uvnm{pkLrXyTuqUE6x z6g5p{;NwzUR~i2!zbynthh;_GZa|2B@xt%t$@1eT>7fPb>CtP4DO|YHR%C{cG@o*Q z$_#CJg{JLP8!F?(fD~0f_K({SY>ORXM z&Os#Kor{Z$@~xSgm-m1(o+eClh`W=VrNC8pvI~D)^f0|mRzpv1ihTX$cnp-4(H{z} z4?RyXRH$s2wEW%UtCD00i}%xDgU(eK*?#{`hjN-@TO9IZ%-bHVbIBAk-l|2E(HsSW> zRnk|=|B&aO^&_rw`{f+ud-V!O>s@V2c5Wo^k-Ysx^d>7IXM2#tn&ABBWS>oYl4^y9NKWlx zRGFmW>P7=yHwY4J_FQJ2wcCj0`dlEx3@4DNw;#}y4a!N{U+hp8db&3&7<71*_WR4e zjk5A;&3h`Zdn=J`ZPH-s6tlc~&~wI_0vDsd6G~jFnyjp?%~zpQ1lRHrW+ms~l9nck zd%ee=#4JJWyhRP`rX=$7^AjF4C@l~MJ1jAsEbZDF8Li|`M!O=!Tyd$`wfY4~VWBky z#hWFlR5>m_-{gaZON=tr6o-V&c{Rh@Xrq8|cztK8617rFlg_--H( z>~rc(PBa+N$ZCdhZK*i$xVsRGi5b(1dBZu~xWCgD$hwBR=tkUPV`C$xlfEO<>`lcz z`GrHL=l$z!Wo+HshbyI=DLBlr)oxnzr%g(z^V>Ojc`P=pJs19aI7m*t0IGFq+8~VP z<_Ei6u=Ih1i~^Ea>uQ?PF+MWqNi|Y7R;Z)=r;b!cmZRu@T^tup$2;L&#&72C`7+YyHqdi@}q>o$W_2 zL6Fx1Tt5Av7etfE&b)XMU)YY(eb`~^u}Ct@$atHai8zMiqVbn*IlnNHm;WmRy}EaY z=g~r(AkAkQF)l_4+m9HIjvZXMZAwMgLZVL~qvBa5q~&UtXZw9``-|2t*J#N+HT{M& zoAIT6DNO~22y)1NbKTPG!7LYF2t*Nca;kmK+v8x>NmwC3fxA|GtTy6Im^*y$A)j#8 zWqsi-DbsHIBS*O8!OPW*bYz=9Z_ty4yVpez7In&0e(Z;^Z7c=%4=UTu3CO#;y0Z%X zyj!8`L&X{2$bA1UNZ&o{N#2uBa4kX$x!G}i>-JuzeB=lSw@foCT{ zfxm_HM`9zrrkB*qjPh|wdT`H9Sd;HBdI~&whE`x8BGS(JDQs?GwsxUsDr~>uYB03W zrqv)(Qc}_|+(&_lcX@Owqx<`4!AY3fjkLf}0W%6uIQW>I@Ar4VxbxK!ZVu#-cF&Ji zBfG_S7Gy|ocKen50a%ipF(HcbA=Jww9+^0#C1q)>LKUZz_i?0yp|I>KibjgAmlSi^ zb5`-WS^*_PLgdPL4W1%f>U!Qx-o)}OZcJQgVPrM=!%SP3srPu{uulBlR18n= z)mukL4fF3kBm&O&<35~`0%?X(eyD3vCZCGJA+N2L+dXdN6jS9l8^0wG5{u)qJyE_O z>a}E6mZb?P;Q4_*C958H`BDhiD@PwJYbpQjQH!Z}ogfE1CLB7oriAJG^*BPBgM-6< z_K5@t*M(p);;oHrYT5H)qk$F}&YL^)+Qfcr!MopB&)8dkbT~cZt57B>P=NjZ-gD*n z#@~jAnicaZ{&lhIw7MxQ>*WbKNK#W+3^1X>4N;#ruuOufsH;mtNdFMbPbHfaF|OK` z>`9_r-TK;$nDa?wSPcdIO(hkxV^68ZivN0yTju1wvK!BT%o<%O`f;W6k5KrfnRelQ z5+H$~Y_)}uZBBy$!(HF8g#{8@=M~)Ur8aKckh6m#R({1asgnmT8Ww0fv-=(&kU+7YeiC9{`RpoL!V;q6<2iK;WLb16&2w|-+rscbhB(J052e4_ z^P+e-9A2-{dVKKUi5%*;7b}U?3n!|BMVByjfp3Y zf4%3zx*I`(jA#pIREs8EdtH~sdSbwH8E~F}-_=D^juo<7I`ni`0#fi+#@+^TE1kLG z+j5Tp?e)rCSJ$fb{)TswbiTKpw<=yj+JbqF>^RxjDA-g<`rzM0Tqh>6F&~E8lcj`v z%T7)e!6^o6A6WZC2|g)g55(1SAqg^P#g`{Q8JIsgAov@GC*(IM`Z-@p>Ej0nPLB?d z@C3q?SnvLPq3->;P)tc7KV^bMYvg4Fx>$rOOzAHJYHz*0^IE+n7|X}U$E?*|%+SzK z*ylU8@^iKC;4U((z7+`jy1#O7EVffp<(c9ayO#%V`5d+QToIzt=p&QG)2F`B=Ww_% zDI+QQp0G5JA%+#}@KA{gkxG-+I%hp8v)miAw!bvRMuqu5B&A8nu7H;X=u?VrhuwML zYu5Dl$)uxCccfS2}t_iXz+V>l)Ip+GN`CyMH2RBk!H22Y>932LAlC&ntH!; zCUuQcUA3U}^|xy!;A+Amy$b33ROMFP%srfnSX8G82~jb{dT#?d*2(-5_Y2-u>N1by zS<_*EB?-dArB*gC#Ys+G&00=rRkD_hDFvTCJ@ZfEDkE80p8e((d11xdO2su5aSwG< z?2`>i!`^LEW8?l%Q~wlvw39tvAVXF6tWhORM&&Eip~=HE&u}Ug2BVbV;64+y+MDDu z$#pKC6U|Eh#lq%vruubmcz76=*p3aPvq#m1>3+I8I#i~-nbBznY76p{ay#yEx;##Q z*z<&iN>eUh*gBDp^_9rSoI~*S1K?mFcw>BegTW?DZ1gm^ZBjR2+oq3eA zWjWJLlgG0yf_ynrAWLV0NC%A}FLzF;sS9HCLqrhtjlvi(5Z65p^Y|)_)tQB}ePD*! z3Iaz3Ob@CKY-v$5#xEA%K@vcasa0C%*}^>C|4H-eEfmZ3ywF*ss_N0c%h+#Io0>}b z56(Ed=23)L54!Kt;KZuPFAu87QE_qcMP`L49VO}*b7Mn8bm3?^DdUD7PvBlgcu~HP zt3KBG(qzER_hivHRqUPjuoMM*#+!XoS6Y2Zo*%0R$B z^;wvrQ0x-6eLp@=SNUrqf*wRKu_W}|3}i|jpN09{7>KHu0uzN&vBAgTMhMz*+0^>G zmeY5rHPGv}FLWz0G9k3eWD$QCn3xU|1*LTiymp)b_aKpmM)m#O3m23cXic|j_kU|- z1s~>P1MT5D8{B`_3}XnkuX%3jmR$#P{oP5!|2w?`9rVCW_DiV9#nbBPTIC(;wXW|E z*L+^YWX|$be8fjXWyT^$t9RLa3;a&z+A6B?-o@LYZ>Y+sjK(UeIDBOT(zNtJz@+FT}*?&tL2K}eF#6#ZyHbJ z6UhrHz3OX_8H>t#IjqXKgX>AK*ivR7!ox5%tdN_jFoi zdRV0M4*mP@qSRaDC9_`o!3N(x#O_pe_MR1%PBpxjzPvAHG2lCh)~#NpQu?mEP-l+0 z)Od)driN`XoQhbXTiF|2syo@@XqU|Rnk?5>yt{W4K2zZE>&jr-&)wZX|1QklOkF39 z0t=1%4sRMPvc*WU*1AI9Jp)GL0u*km;Shp=hv4=&4lpC<0u|WNs6CWY_&$16K+VA2 z`FR6<7dVrdi}66b>NA0rM4)D;HOXZU^2yJyNsU@gt8qv-2Vz0sD!nsJ>$Og{)i3YS za~Z@0-|Y)#@H+%m%zs|bbn5K>loDV%oMZS= zR;E?_0S6SWb_nTRs&c*<5VFQWB?gR}nq$aSa)ydhOjMS(LH#T2;+Kof+W@PdCq#iR zg(YU))A}2B0&W@iUcZ0y8?6|D$nfD9802`%*9f$O*kUO~KCr)TH$P0D zVl@7eEXXNo8IMhOcNp-8mV35J`Co%p6OD^`}XmI;rHQ6crWrF8mTJ6 z)JVmYiuHjjmZ21p+#1$h>EC3nXNP;{zy!O;#>l(7sVA*x%QWh-#&d+2Abq1mVvJfX zf>;zk!tM3z4eCA$ay)w)iAaWcTJVQH7=7f+5=(AzWJE-CP_4(NiS<&AbaYsL_x?Zaq!xSxH2x<}G$jxD12OPWpj+F?|LK@wV7cb0iW3prC?&^v#9!q%w^PG=EB-7uqB9 z;W|nt&8@X|Pe@6A@SU><_6iV;-L(nMY{{do{e5Og-)8uqcm}7S7mrA^KaYQO27S3f z>+Y9f5M@-){FWs|u9E2+?u&@Felx>Ra3n7{TQv`pD|VCbag>oR?!^9f;t_szu|BE= ze>aDgaJ9oPluYQN&pC&V%j;rCJDN<0WH6RoE?cHRBcD>)k;>wl+7kK3>dR?uvf6}!NNiavs*U7d` zwFAL4(SmW$BdCx^bvbe)_@^5O8P?%78Vyt`jT^}TM~81DPu14mj>?ta3<(Jhjo_Eh z-QZo(fI4W<7{N-tu0lqUES-FCLDBe zcZYDP_oHS%^Hv#+KQZ23QN&&urf$yXB1@tFyc<9InKFXcbw%=lhQX7{>N8oH{*B0N zaiB*daK1u?K9OQktg%<(-?$|Y zz~{1rl@lvnV*7wVA|8i*UvAL3T(_L>|EvY1iw97DHffI*a9YiKTh(@L{`;wKKA`In z-sNIIyB3W>E>`pf&s%)|>wG+tfO%zQ%Le-?G9Ifj*>Des_07#->G0S*k0S#{jRHX= zERx7tbAP!)SnT@ z17U8JW+U61%oY>E_6-{!hjXMW&UL&i2a(78)e>MHHRgHz^_(yBhr#WWH!ic_F z8iup`JtbbJ6+Jzc41ViynbEhsgTI6*#Lv4u$4F3qDWP4``918b7~TIt+ZU(|u3Y4f zx|<@q`>rCAz@zJtT%nE>1S=_@EljZb#V?#ypF5(V!JxN$3YLPR%?4Kq!4L$xEI!#z zQM^vxg|GEK??V=HwIDha_dV_ZeYC7m^G0%=s@$Yl>XmxC$5B{&yU6}*6+DC7YYK}X zDu!>Lv@4)3v`FkGoze6vop>ywJLB2mv*oV}-S?&i-F8?rcx|GiiFrttp0-ER7V51i zJDFaQtR=IveU^ii)w<2I$1B>eeqmyaZEhCG5%Y^YTzt1(L|3epYrk0czwM_yGbjOn zO98@aB&<}qP;>Q$1q@~q9Lp4-G&VNAe!NpvaPjG6_={ZAC8!iwLG;NJW*W$Up2($T zFQsoU_gGU)8@UyS!DcfhV?Ewed6Is1>;DCTr4Tfup;SCyIt1s6EkOCXSX@?04(KoO z{sV^PY2(cxArK0F5F1?-N~SdoJHp?wU?qx z@8x4fpd{tAc8|TyoSLBZep9~b645>m{Gn1*#Pew2&huod#YMW7jSu;+(a5hN9Lhpi zv%1L8AB`eycm{)1A4FSDP_PcgBYB9h3zq+MaCv!A);9O%2Cxq7995{~w6(b2v@JLl z`1dX;tZw|K2V3vwtFN2A;Il2#Yn*C4h+C+8|1y$@BWH`X73MF5fAbQ~gBrYhA3AWg zw6S0HipztwX!}D0om-k}2d9@FB|e*u-XUt9IQ8_@Fv!WcOQuAb7<1mbwLp;oR=WjF zbv!lT}#c;oK#QNNP{@u3PNp07+{hET93Kwy^)f9X>Ot4MqzrVaSX9^FL&q`8L*HrB70&@MB(y1JZOW-0%u&JW#6k{Z4D_BJ?z z%oQCX`#L>uOkfpW&3lk!u*Sszd9C%Hy~R+nm~oCbNb*kda`&F}H~Hd+#sH_Dg7>5S zk67W@6oX5cN*WCi)2$&b{KYTz8_Va#F6)PM_m@h#_{_hh0NAiJIgS-dVE7UqK>L91M@>pe1Nuga#271w{R(=0SwF`WOJi2L#WJgPXW;bb7} z>OkU`;}_pEEqhfN8@HVimZmnx?_cQd#crtO#>p1iJ;i-zokue}lMjUkg<(+wS$5pF)1CbhL^FCdV8t?O1hlfxff#`XyhJ7dyiAXqx1 zcrJ4+Q9mD2As(XsP!_oaVHM_D1&w3-{%dE$x40n!?kA8R@YyH;eVX^cC^1FZXR@SUaS6N zPv&s^9N;0`sY(rGRzo2oo0(#T1zZpv`0YgIhm-y0!lYdHGfN3;`4_(8FC}jqTF-ti zYR3!aixYo2|Cw^~l1$u#gd?|0YLIe?_C0p39Eh6im5r`OE7@o&+u(}NpUHeb!v?!G zrm$;tOw8WWxRZDR6G>5D=XqyF9d&gagGR@wLOCqdAjvM3kKCAUzsBNRz6qsv|NY}3q5=N{MVeDq^g7V{h#0V zl8_FtZY1NKq#xlz&7ml^G{WaTe?A|T>2^^+b~s~+cpUfay|Uu;yTz9lNt{3=|Dz%m zJl_BF|C$>+1Y!N7kRSW^rw+uKM*%FG>5_qjV20B_`7=)qwQhsPSwin%eX#69Jj0~UBBAY1D}yzXo0Au5pRFfbR1-6Xj>d2$;R0FF z@fc#|aztCt?oJA)I(&2+9A=Q_>}F*z-m3Hm89Y_KMm8}qsWdv%B~wCZJWHUFn+o{( zhD^9dH!DptnV?Q#3^e?qxOE!Y0@vcm-Q{NNC}@$7)oJ!WNf;8G2MyR=PP}U{ zs6*~_qn~BAOrLn0C6yrfCHeOh8aaNK#GMrpZ1n;yjatRc*@$|xi~`q`^D={uM5xcs z?0c;;Ege0EUF`mHBW+LT+3hIZv-53IUYqZMG9eMzs6xe#D{YwAlrITOT?twBB=jhU zbT@wHOSfE~(9KpEB5#kR5X?_xi*R5aPFFWg8b+&Ti_wI95L3T(SZ>-p?zp@D>>`cN zqzNe!@_ZC!){c&~GIJ3U{+H?h)PRj>$R#<^M z`;jXXg2|6Y^eJ?ON+nkQ4?h0&2v+54B(RftLgu@ zy=weGAe-RX7WpO_3Hp3N%?`bD`Z`a2R=#4bYEQE@j`aHr1lM`ubyLJ)T-n(O;A z)W-EPrli1-Ahn7>*`oyRvvhU4(BLlAS|QsJy3=hdRlIdn2}cbGE0{HMhWq1U9Wk@lQA}Gpz=sD zL)!5Yz^4%8?IZr%pvhT~J^-t7dR#u8o+e-`rm}uOO$z%uHa1rzi-w6B8dah6#U@#i zF2jEwF|(OHRQc`A%7QX8qa1(2^EAII*Fq+FYJC2f0w4yLSsTIs_y*pf$(C`OKTOb| ziVy^{6%-ck%RFA~kX!iTA|M;PZ>QNwCbS3KGx=NoYi2rmcJRh+qsaBeL|2XV8E;E# z%lgWlXZlM!CVFLx5ArIs0H?RbEd-tgePHQ;*+bmP(~?4Go3)LBzN%70&l2lEXMUFs z{Z-~3C`*bOBTF-F)ZvOwr$i8B#4ZQ$YS*vH%VjMrF0mZj>`2Z;5L>el!ZFZ!c2Er{f^I!%AH1J(s)DFJQAlmi5vN)zOiCp}~>~4nDZX{cNqpeGe%s zE33wLo7KOZPC?BIM2*<41p)!oY5Eiom&5Il*WJbadzM<`MrDmtF z>}70}Q8_(5K_txm2wOg8iNXj-JO4`%2}xK6AB*YFpE-gxPcK}zhQfm22hG2w!(KPp zD==yQ5+tPm3hwEVaNuj-q6Ys^uXxLIC~~bv_AOS?YPNiaBpk~@mR2iW&>w4mt~z$P z`GlI47eoB&o+6G?yf@b2j?2rLWA@V=l3c8PxFUIU5(7t`_Z6D@$cje02OgQ&7u0tL zP5qx=R!mkZ=qhK3V)QHF4}3}?jTiA$^}RmT@D*xwd?2@ODm2cti}@K~ zQ1TN?huy=eSkUUQn#AQx2gtNAlTnJ_()iu-di}nn!y*@scsoY==Eme;veD46!TLM7 z)%Z~enQJo3GEV8Zquf!3gUk6Azja=B&rOB;7cc5B0Vh#0q#kCyVRRZgQeu5-ipz$= zSWzfSc#Tu{iQ!OZ$?cICm&3jtK@*u~rxp0IiYDvw%!+qfZTaStwCje z$9TNv6FnH`SL1NtZ#|@}^oo@GV~uU)atlsxxbi@y_&^;ZSRwb>F`gL1W< z=>SQ2dB(PPdvUWinv&%ClHF48r>cBJ?i-aEz&jJKgQm=pp*Dlx*#de>*p$@ky;%T~ zT}4@cnnw-{_RJw0`Z!A3A4!m?X&Gxy2l&iNgzw+$8ZAN8NflJDd~fj8GMaY(EHk?A ztzywB;uAvmmZ~y66T|}?F-SPE+;&v(=S@TdVq!==!LOHQ%PeWZZ^!kZ5lP|slF3l7 z-{*8X>}!GRGQVt2#Nx`cnW`|L7V~>NSlIsoJjsjv6b3^gf*IZ0ZE>QNR!6 ze>8&$pl!nD!|$!)sqDECsbk)6)RLhKEv7_@$&4XDIixT7XC8G2r`2ywUOQt-0KiMA zzri77*Nbs{xn$mI4Ebglp<#Y|0D(kN)|y_J@!DL%|2|=uqQnY~&f;lY`0|d(b$cYX zpdU@KoO_TfI562NRwjh_%@J3GLlg?%R^%H6y}e>tx55UJLe&-9g%+2zYpIVft;qb3 z_@u6Rl3BI2(pBRqmZL34A3$sH)=`) z$lJ;7<|hV+@qV5C$zZdd`UKh;*N^qPdm1=i36BT37JPFMb@6Z&VYp1l+~ktZz_1Kt zw+fq&wqcRTZI0*FQQy}T4Jc`grkr-h^n=b%=78hdc> zELyw>_ul*6?YyjeZxuwQ2(j+zcPo1exctN@g7#71St~Xe%&OQkYsiM(V)@A z()>j-iIQZ5py51FD;n-IK7om7?nwPVihB|pp_Al?X6=UgBYB}lpRbu2WJ$cR7y(N=R^LOiiA4CbI+O74J2Wt!7X!Mxq!*RZa?b zk1ft*+~a0@s+Wm_x0x#h+!gUb?l@@}$IhxxIme&@hgX=8d$0VB|NI)9dcVTBUsG;K13^r7F@|P**QCK zF9HPbCT}2CF56<;rS8mSiU346UlhtK>g6OlAQifVZ&BVuW(6zfTduSKb~ZXc`$Hd+ zuK3M=vmVM>f20TLLl{g&;Ss@Qs7C=J31PQ&tuj!&#wZ@M0`T%TdNWWr_yZg0t(d5e zJdm@YspBQkML{87>+6evT+N=75X1`B8!*s{{Erp@l74flM@<}s!XlvpNo57&!cL4Q z)&XO6>jAjGCIs5@potl3MCinUfq`i37a1Tx-iTzauVeG}M8$s?$k%i->!3ANziZyw z=t0sI{wRSr&bLRe?@qcTNpbagCKH=Hj+XL$Z_dwF!*s1+xLc2ebsPmLVFxFygPI== zjQl=DG{2VCHmE!vu8_KP2G(-HX70TTY=PC=Y9`>5i>{~-C?L!Sm zu4(MA)r;g41RG6(^=`Pm_C5GsWxdo;zSTkCakxOeVF<1?Y{oiTZf=I?fU$vnlD0{R z2EL6@_}Zce*r&IO@{s$B3Go*Hhc;@frPO(n?(1)1mwPkjr$4({!5gq+snBbmHEi+w zz^=zzbS$hkHan9p|Ck6ohRCiN|7*|VAKd^)fDzID?jQ`{bq$MH1njwF8<@ka}6iXz?qM*%0}WM=J=L*YR&p77NR_c4PLA2)Q{BW^$}QE!Qh z3*wED%ueaKKHFSBw9j@(5cj z7mx%2|AOW!bT?PpJ$HY!^3+)jgEuGzoncDVa%Br;V=!JhU{i>~=u>^tD*pf!TL7o? zL-RM$lnw+UFOSj$6#p}fJ=~*xn$V8?KT=C0x$jQGuCA`q2YuEm$L)OhZ8*vQ1OM^< zLM@r;6%w%X+)R{p1~c{6m}io31pvK}_iNE0NG9Z?1pxmv3T3-{dwajN(`Fq4%uNDrdJoP$tJ%ourUc=L}4&mxn8Ss6} z6{lSDy@>JBm`LZ6h9cwQ!6RWnO}FI_;d^F?Bj~IbFPo^qpI^7rm!w>!Hig*AOXW$0 zqFFE26Y%24Zw7Mb|E2R;-?CMkJtGtRjK5h%X zcU=8~TE}WNl8j30x=WLAj*5aJ@pyk@{v)mr^wMM?2%?-X75Z~$hn|&&T*RYqsnJd* zIWLc@*N;~B5*-9wPK87nh_dsS#pL(odx!9t8zRT+Bj$Xoh}LJbx>3_Yn>on&ns!`y zk{ejscUe#>4T-m_i9j@B1XGClG8(6^1w3^?gj2`;!?;~_v`pXj@t8pqpK|K`G zI`HH>Tzrcw8Wu{_Gt=I%ATiB7<4Z1u8J??yc_K5v--nCVt6zjj1RU*gKw2E$$MQc6 zxoe=DN%T=Dz^wE(Zd#A$T_jOfuWi=zV18r2@pTL~;d zrtCroMM{bw$%ptp`@`Oa%TCzZC(2A1)U}h&yW^-g)|~WHk~dSiDw+HdlDQ##`n-f} z2DG>0s2_kbjCuD5#2#)rmto=QLOE>Hpu8ZzA$36WY|znouOz-BN2*y;!4~A!Q5}$@rUk(xquGV|qr(yr z5#h5N>4`>dh5y-~V=?P7 zqf|Ho&Xu*@=MOs?A?u5iSCSWX0~}VjZTS*zU$%0kA3>Mgh0a&|+RxRHM!R{!8M3XS zy^|A;dsgdDA;v#08!gL$;HXKXJ3N-?S#917$Id~+Yhu_C5 zq#VXypzsk{tH57I9bDq-*t~LtbIVCXsoP#!k?cbehkU7_x6^s|IM`m}|?fe}loRcb!4X#7MdV z2gi=`u_;)t97#5^A>nY}7iD|ZQ~N5%^*pp9v>C|q=HR;5xf?3VWHZrhw}xLt2%Lyf zr&wVLiewJ(b81B;{o&<8P_TE-e2S4!PbWkpK9wer>qX}k`zljEoba-096v*|H#q!P z0#9l4R!sf3ouU-!!lrRsmikePU{pK+xiMV3(!9>of@$b)uP7uGpVuhVVB*V4Cb<^% zi@AS4+E*^b<|eS(6@;YX%3m}m)o_`EWcF~vt4_pWY^2;c^(mCgeBi|`HY&kLlnw!% zWgcv9h-$0rc4FNN)YVKNa;cbefHw}SJky&DF+&S&;Iqs1Eb^X|DTmCQ7R>hjiu>o` z>aHj9t~I?$hJt&{zANFO7P%lRT0RDH9o2oEQn2btBQf@k?rU*azy6j$tXa?1cc4B6 zJBLNf$LN(G@RI!Pk*%*oM)RldD{^EJDq-UKMayjZSQ>t@+zM zq3rcf8gIT4JO&?w2jHHkiK0dT@hnfb+Sp8u9Ia3;j<6F6sQC8WaQ$wFdce|)2Nz-R z(n&qa@H&`QJV#+RU@cP3NAF%38C9`>6Ay4F2nJL1{1QFfi-$ex~>=66@TY(V(HsA*iu?8n`C)8iz`d zkly~ehHA@KwY0h*Nioo9oDh{A37bKRcA3K_P}MJdhz| z@)Gf=z@Su>+%zJuI9^q??Lqqz{2|MKFDmz(4+}^`u5bxK(}MjG{a`SC;ubSlbwxWb z-II3O$9B^z((n}|dI2A4jROj$7?tW*N|iwXJiCdxj?!CHkjuF^A~Vq}=3#vLN$Z=V~xNW*pV6*GfbuL!424u9O3JI*#+p64{i;_LGI!KmyfU$jI33fx9 z+4Kp)sS*hds+yoCRxM0)Rg>;gpkov3e$!-ZR6%+L?k9Y3~ z9umk1Z1##D*LcSym+MH8_v^R3KC0)vRJRTY=e3#c!=Y>l!bin3;8x764h;)KGr?FA z3H@D?cQ-Yyf_C}iXr-NKt50EX2sL?nT2pn2`3}H`8&3_tdVl?Ps@23(98Z-AvC!h8 zQ6vD(PJQ#^@-Me;=x1_ZmdZ|1JG&RH>SH}qF2htN0EIi2_t&YQZ5`CyeOjt<=P3-w zFgFx7KPX07|0S_r)kUbAYYQP0W^^`Vu@ZgA>t+#uP0`S1KEcjmTh0 zmV+1VvY;T1T%?~h4>`Q{mWITlj<48WBO&$ybVO@Zc-OpTY< zvf0vx*ie-`%J?WuilH^s;$?qOE&zMvl}9Wf8}`Ra7o?3>%BdyChX1HsoW(j3CE7bAOC(od~%y5O_Nd7%^>jJT%X5@`|DL z<6eE#?JCSUW6Gmtm6xCKSQ=iVWW$2WxXqoQsm@hcb|2>2Jk z*E3FHeQsbtj5q}}KvA7)?H$udTDKCNWDNoc#q+t>OpT%@B0vRegs0{w}hdnLm+GeSgw0fRr>zR(AkIjsTOmn=nj z9RP@BZm3V5Y{CwOYx!W zn}c!my3v*Bn&WAw7Z-R1dQR`IAO5Uyd7ZwYu2jH}mq5kF79bm!(GdjzpVU;nE}&tl z#pH9aE?(P9^q(=LmY=PM!tmO9O4uzvm|QMj9Ed=bN$t|&sZuz=jc4|4j;?99z8@CA zAHLNNELSCF6gw!JJ9XQ3gQ1nykI}I{bCi8j^Sj%Xx#H&kq~LzzUc$j81iP22+&8P8 zeuiEdNhfgR1`xwviBPI~)_xi;iC<=uN(ro>vj~)1?m`EjVK_$z=%{@76X1q!Uhr=sywY4JLbh!XK3A41DNL?Q`JLqO2y83H9i5F+q|d7)Uy1?5;7EF~PR zeF#l|&u!@gG|xbTl4dPuVekX#eEL0|Jjx_$`sJCGVqODpHfR}H`sAyPqA~vb5BHMQ z!NjxY#4_nQu^fJv3k_)t@3{NlU?m|SS%ZXDHt?=^Yz-y62)9pYDekS1Ul`zbS|(Ik zX2%5Va+#qCN;PADXessfZT7AOZ=9@2l6}Nvegi=+R9e7XSm*c)uHS%{tQzq^v+F== z)KmqJHPbFZ?(UceeX~axcGWniYh@7u#ch(z@Qv$D+%!20-pZ6cBRnC9fA$3oAb(vT z{J5n{LI`@>w3kN4GWPBJ#xQ^$JRl+cq-i|7&*go?YygosG=}pj^@4kp+gQQC@3VUt zJnbY5Nq@_)CR}Jy&}tNs2&aC4mO*;+OkV*Y20M-*5hy^z%|ZY!0}MJnWCdPq@Q_A7 zhh$*D|B>DLpBXJ+Ry)1sp%wtS2Ezx^uY<}Xh>9qUJP-bC$p6#ekdO*#X0JA%j~{#I z6?X2=)IA8l?C(5rJ?TcYn8;!4&PHW>B`w4Y zqDUQPCjMpS0BEiI?Y2hEmzO0OHg{q)8t0v!q%(Ni3MZ;SiARgXpPUH*Y9IuVE=!Vw zV5^Sb$Yi3$s>Tjw(b1f5jafEs4qXwbMu5Szg7|-q#R2Vfb$+Zm{P*`^_Mg-i4NQ0Y zxA*pfq(aZB%}X$Jd=g~l0f?I{_C^IHxvbpfb4THM@>0rKoe_rA_eL?u;+Kmx%UQ#o zX5pLeF8~GGY~YYs13A%sKl0&3$Ip(1Ik-e0F;`1(EfyiaE&ZMC-xH{Pi^p&1`|dtoL%09 zhKFZrvjq<8Kz2#{zKhf}_Dd@gf__gUvp$^H^xt>th$BDu53q|uVGge9@+o$%`y*(w z*{bv#+_NeYR6LT4Tgt=QAA3>D05I`I4c`H}T63h^C8bCKu6VPS^PyfaV!FmQirh_13)Gi5Oi;yEF zO6eOWoaK_9o!uS%5=Oa1s4iRH+Db zPE35XIv)FPuaN#vKTQJOH2uH!%<2CV-}*|#2FeFLLZKK|nkF%UgsO_3f=oY@JI(d< zUNjg~4etrU{*^p&!n&dOYCzJHm`Y9m9wTrPniQ}fQ^hS`8CST){C#%@ydDVzY!+Q& zi}gP*a8RkmpMtY4f z_(RcLMrlT<{paTSgxm7J6*$Vi3nZ*7o0b`zlEJmiQ5n62xHXnt zBqmS}e<|eHS$?2$YfMm&-M5D`JY;Lu1SeGwy!tM`||GNR%Gt@vtUE}Oe(g`_{s9Ua(=Ulg34 z-Iv5s7US*)MNi|`GLx~9Vf^7AKjwMIM@U&~V&rnJ0M&(aVt7zPl;c)s@ME#7(Ag4+Ek$_^!kxd{O@5#ub(}LL>={;(+G825HS-Vw@IHG z#-wv&UhiA#-dXx66Een!N(6m2l6Y6tc&Ife9n9E>pqVpXS~7Z%s_i(qN0lTpYWT0k zDS!PAILn$wLWS<_h@-;94;s#M|6BzRNvi$`=>F!ti+wcF;{sl!Pc=<#S$O6!=DV8+ z5~1nggz;YQ(P*ij#+Lm;$zr%Rg|Cr?_q7FSB4`#GKc~(4{9jXG2v`yCxO+$swg$C` zy-XRt5_Fdi749cjQ7w%?@Mc5rNzDDBqIy@1kRp4x`OT}ELuPaB?>+pAgi@pjO8B}F z$iY7fy`r{$wW=X_>&pbOg>5Ak@HwE2m?D*~y&h}1+%08|&iUwNH;LS|+6R>h6b%c@#?dJFZsT|9W<+LZu%Cjdcq?J*`4&ct2cI!oI7u zi0ZA>cl3+I=zYNewsyAjK`YX0BBbs`(9jm$V96r|oPBl#EaOJi*J3$ah;`tK^vjwn z69Sza6ghxHD|ThBX=`S8JUqShqxILrVI(B@L=!aj@G_n$h3pq)+1aRxr1QH(Y9C>t z?~jDzP7Q!q3D{CVDg`d2<3jC zd|e+!+Cvk#^MsCLStyR~(^6<;OgG?!+P#C$%xEFe>Z{1QzaC4ugS_5N8l(4nu`?0x zme*Ofy6eN~i8P;egmx|x`>rv~Bi{lo*x#5Wgs3wC1!V>tTuQc#ytnUi{T2b~2@k`n z7~_T;k21T_Y$;Z~QivRjp%?=&t<(95wu1wJeR8ow5q)jhlVJPHGNlHh{@P#+3r0vk zv^?<2ZzX{x817Y5IJhv4jK?E1Pf-%NLQfj^LCXc{S(6=vFGU4Zlut^K-)M^H;!jZU zk#jClS`GRTL;A+7Y>j-2K=76+T#tf$s#a0~o2C7`G2Ld)1=Sl4!J>UsH(c^jlxYa2 zqcGSQHw*}Dqe2Dt6qa91?k}&5EaEBIReyiTOu`7tH@Gw;i0<-kD;)3&AS116pI^}> zsT8FMD<}VIaQ zm#sNU>K}Kxa#Q~Wfp4#%1Sup`NXW8Y8Xc@Vto$=^W;AbW94m#W*3MGIz*n>s71s}iK3hiELLsg?MmFX?plYJJO zf>vJw?0^eL2AbD7yJm6{zpjt~b=wyXF}i>tc|;}%=|-*FfLaS{RUOq43ypYWM;q*8AmsWsp2m;_ zk$EdlhuM3FF8nrMoD9}ML;6>77!?D+_Yc?Q)^o{RgUVZkG=}T2-jW~~p2ZQ%jzUxy& z2XjOOEd~j4D|-5^e01ij86*T*G%oN#G6Ep>gNmQ#gAPDuw;Si?d|?7ntxe0~5Eg{k z)usA}L^Nz;yLj<>DQIL^vAYf~+N}qT()iIwmuwjYNCW!`v_}?>#)gu*Q{;KRRNJ`n zP2hrlv)YLNXaOc7-&m-!^`5?MgKZzt3&dIWU zVgt>1g!S}mgo$0nh^?4kQP+7@9&S^2Hl2K#e6zdshD)A^^pJrS>v)`-tdk&UvzaEO zTG}3THZG3q@QBiP#wAQmD+A&E2nsaW7cBHwkeei|#VkcK8+?P!n@Jp4Sm=JEMR62| zm69C-1uAxaCfFLOm{z^De+&?G9t!Zp2D4X2QA~vi zY(^n-o9?s8pjsQPCC~$jaN$N74A+r#5JFF<9kc1jy$;bAd{K;3by;{la|W|7D5*-+ z0LjjeG=ljoAdoH7#M=Y!Byw8#@WUNH0Z;B?yK_$66C%1@=GE1>YLd*i|7d4P1cNaf zw))aUf~8oCi*W8nJC7)X7ADnxNyx*yH}TdXkl)E8Ofp9`9J|_+mnjjIOc(T5N~|C1 z(`MqLw;hzQ?5m=E?M~oggH37*1qw(hr}@_oGMw}cE;7sl#IlYkk`qhgr>ZQ2q+RmL z3na`CY(xX^_rHo|p=24}8bd*$;XO5v_AO;kH6@>0?lgms`LaW*WiOr(3uN@=sF{b# z-S!eV6DG3Q9T^j79_JYPqDr(LcPrZ&guE$Q34$o?gwactGk&8+Q4PK-rXD}vG}ZG1 z8(phLJ8UzPDGz_VkPakt_=NzLD(pWTcYM*xj&N64$>gVtw7K-Ev23&{h+^YuD{t}8 zP_A}1<$p7OHgF;#+gkQt(3mc94v1C32}jG16B4y#Q-Z7~dtq9R-0kRkgF!o4qb^Px0ZqW0`@}K9(dZ>L1W6e~cgxna#j~87%8J zZD?b+LPFf}pf=%YQe7~(tA9o&>*osuu)?oGe=p<}H{e?{Xr5)vJguF2uIMww+Z2wA zPIX~4#t#=vNP@yYN;DUii-l2l?b5cbVU||zT|~DLzO()KXiuO)SamFRt9;e9cb>Y} zL`3j@TBmT}YVtK_U)pd%foz&#t~eb(dvj2b%j>?iE20AZ-A^U$wfR4UquVx!M{xS5 z%F_DY6juk!+az~gTWOIOUPm@f?vI%HzR8|7RUD!A9LN?@?aXaWn7uo=;4daS+sXcl zSr`zx|KdzEJ4}rB_H(}0S>NmfMKfX{iNX982>+AJf%s6qh$A62bCsUrYHc0f7b6uq zOWkV1b|%&+ly)0t_A)lyJRZeVa!ej5%2`IVH}Q13C5pj{<(b-oVDp041m8`eqC05O6*{R{&OMB_ z4COkkmEDp)QN(1A;L>G@4N4oued@}e+3m}AX&+#U0(oveg3wJdO3tp@1?SCDW?ING zw|N1ioRxbpdh1WQVtm^Px+pJkh1fQF{Za$-?Ks^Agv!9&a1T$leZkA{KR_vd;0TH8 zD)4Xxl&0Cd_(Vzn7!oc(%=I-$SNRJE?<@bp2o168Pk`l%6ov+43N0W3=GiobWrX%O zw}$B(@Al3`5$3J&6{9O@^1Q3G{E$z_26R#w%{>|a3wvb|?xh-DoO^Qm+x?6-TRn5? znD}ZR4rG4IHt6iA|4A9!fp-r*pEIJ+?VJ#9KcfvKdwgzrkP1E`>g6iWKAz+@#0KD@ zsopE1UP-GJLd5m1G!mCt-*9pG+GV6Bu~PWU->RllT0E5(TsTXE&T)^%6iPeozDIbWm`Tq4v-ZTsmW%<~W zpw-B4_2jV%NL9i2W%of2J#-+N%)D*BuaE*zh#B!pr1`qK-8-d&9-0O{H^op2J{8LJ zjPXfw6{m9N^&k>MjxckB@IF)?T#yXX?RuAfIjc5r(s}-c&Ew6OtI?%^xTi_XUG?m) z(aK`cxw8fRo9723C6gO1%2cp$e@yIZen%eE_E}GBi}}h9o`7+e(jDV{He?BxLjTW7{I49)3wd@c(BrT>ez zuMCQ->$)UBaDqEQn&2MXt#NmE2<{MqJ2VbKLm*gi4^D6k7J>u`!6jI*;1Za_^FH7F zn6GB4rfR0Tib`(xJ-7SHIeV|Y*4pIshfuTiCbc`gY1AK6BkI&$2%?Bki<33i7JhgH zvi&!-_&b?58I&~YHQ_W&n{#PSKWPb=wsg@#WE|xjcl&z7%-kW%NZ_wi^F?$p(@tjG?zO&DBYJ z+O2sAw$eQns>v;v3SkbS_Gjh$aomUQN=rEKy0ZGA=hLw;eLqQ@@~N1M3FMVLITk^D zHXSAm``;F>Y{C!X@y5DZLvIZdmc0sFR|-Yn2$HvQF{lYg!OsPJ-@&DYq*Gw_p|8mK zU&hmnY|gqZc#4t}oC=vu=5xfkY>bS@n(l?)`H=%8qeYYB2|9M(6aT?+j^8AEA@oNy zlOFm>9EtnVP_s-z?#x8nU!gZC2optZDR16k8R5my$1R|(yLuM;8zBZabp5ANP z(7uMudUkxW8{gG$fAd>@753yBFN%ke8n5v5<88^@SZUeZ}amn>4w?uatfdqBp+D{d!h)kOmZcxe`DsPeZACs?`XeM!KL39(^^6 zKn_}xe=;w$sJUqxq!3JuA8Vz#dV4Kl0au-A8XZ^>nmjI*5Qv#mxBiAdVL7HdJ%j=Y z$89SbsgM^bHpQN?YxuxOz27hdNfX|6$D7^pbE)Jnt(RJirFfRy#ylN`6~x(}Sx_ER z-ht{E@NIkhq$8h)2}83UOzip_bo@g=rJ^uLN?1a&0R(;7Ija%P_sO>W+Fuv|Un9L9 z-Yu{o!>n^1N=(<}HPD4MBZ)$BvxL{2>%eh*WL9~!5n|IxdUnsOrxzzTq)lJTCTW|PrVF5o1-7GeSAvNz?$0qnX1UT2LdT-vs4Mtl)&Me9^zPjglTu;2U+w${fecB7bkjdoW#{ZzR?_> zH_VsN`*Mx4U?5R3w6-o+Hv7-ss0`V&>-I!wxB)Yg?jK{~vmEq=dmI?%U(Z*!xfw{& z63RhiccEeC3`x?>A!@(H;jK?2T*rRndn|;q;G{H1krvB=e4I!g-A3E2h}g>O#Ezqe zbDR=c*0*4`A1?bnwq_-YVn3A_b)4@5LAd6IXV=_&a;k+2kW3qqd)?wX3f4%{(cnlF zSQ(_k^j>q5YcA}E_hOxf^{)&|N*!pLr&6+kti3H9+8?Ll+*>Xla>u2Ta4z|v-Lo?{ zB(0avz#>KwIaapWI|4lr*I_zpK)d4*!~Tivv;H$Vu!WZ=O#&s!I`-Kod+l*lk&LGs z->RK0rWxBV{A_^B%1jhi2dcg`dm~R%)skXj78bHPuN(-YnN#ltNfW+P zyllAQ{iT(VIo?9dR!NUJ%uoxqLKPFg#8BO}hpPPLjCT}RkS!1ZA@&clO zb&7YA8vw&My}c3F6cA!7>yLi>;w5033bB_>h}o0IR^qOurvWPhL>GIZSURhnGP- zP2#HvZFIZm=cKzCP(Iz;B$5d0)-SA)1QqX+L?qt~ay_7YJ zh0tP^i$qwHTGI7knJAyOl$ZI?R*q8HssLJ@0SS z4~R64hN-YjJO(5Sw7$6rloa2x?6#2miLWT%840_JB8o!;jmV98Z?Zb?psafx=PR~f z6gps~rc*e^M2M((U82Iig%Tf>(D0vcMj3Jy3OET9u~kw&y$S05E2e?Ig7ydNs-i?_ z=+k6T*7(bpHm1Z=K11Q!Vg4cu+TV>!UatsuOX(TOIqn3Qvrt2Zh$3IxR3@p;l_kiY zr#PdBaa1=le=3>QXN$qS=qnm7n^+HelDYKbE7ga{d%V!zADb3}ee-2$SH?lbGQ;Ew zAR@`ovv?FlvPh_WL$ozqmdhb&d!;UG2F1E zX*!#&)(B@ctwnZMrth0$8Je+;O@!KZ-8;o6cFsXNZDtK@+u>CY<^5+8748YWoJmLq z?%^K^i0V7N2@-~K07)~238}LoZH>k zOuClTx*daNi1cQ))#XJ~GHj=`o~2T#Lef?5h3|Jy!cHvR+|tRsRGJ}4aRd=%qKTE^ zo|O3{ONfByl$P>ZNMH+DqhR4uw)k1~b|?>hUq9|}u{C*wbVPBGt$paiJAXyntVrlU zmg$lgWW7M)s!5HiEB;-MQS!28bv-ohxNpYp#1JAlhS_gWI74!?i!oAi(GR!z^+l8s z9p1C|R%LC+RPX`1QF&6*#;qEkhY_)sG-lxH;9=QP9!0vV?-$Y5^aKKQ8J-zw=Bv2L zI=1HF>QuP6Gpk$2b(!BpQiAC18HnC~scmp8t#TpyFFPcSXtV7OS-2N)@wSrXBISvF zjCC#)Hk9&UD`8HiOoV52cPrTA^*{2Mr zlV}!g@IaMW$#yo1+$_FtDT5S0t^`ACyPaesJwE)f(0fvN-66vyaw15ZzQ9Cv495u)KmqCG?ivVR7Ae85SLKL6Nd{=qrstiE z*RNhcE_ny9?nP_M`imW-3ZLs};Mz2a}4O#@>tr zF-Kl*i_Fp3>Z%z7z5b1uUr%%(~-tKxgZ|?c~457ELFPTSC=l6UoULxg^?2<30 zTA7CQVrKv{1qB7a{}sar;ZF7u4yzpwAc?>mh#?$kIuLTb7?YPD?jucmf!51;zz{d5B~aU==yiT`i-xz#c6s~CeJ?B_fiwgTP*T^%KC?> z-U#$UpI9A84Uj3U?IcSvsMVqXiB4QzH3@!;kVQNJlGOUrx8# zU3b@gs4;A_hqHJph}oZ!^P}W`!CGD2fq9a=-1s~gk4;Dzx$#AHeG8qE^I0;jML*13 zukpsE()csQ?d1V4vP=7;PAmGQU&0~~x022(?q_Wkpn@owRk zh%=|owa34~dHPwivq}9qbWi! z4~-{V6}?Z^WI{ymV+hz8Md>^?$7q%}Zp1gbW4A^51Mk4h(Ha9L$ljF|N?OG<9Lk~> zEWMI_t2>)0p8_il8p+d`wQ-NOfx?Q$^xj`ix_51r`cA;6Y3Sltl_B_jjIWe(nfeg| z%-%NU`z7Y~BQxoj$U}h-C<%D72QHl6Tj~wsJtfDc%xxF!!-%npesgy$x~aZRJe>;n zu22r@sMn=}aWxoHi4QEK#Fzb_T4K!S=jXQs9VKLb0M=~6gsfTYslQU_MN3!mlGWkwB_T|HR=kK(i626CJ|ltP72$Ctx26s ztBTQO)w>~qN4@`Dl4}35$mhw9+r)XGlCu@JchrD=2Oc-<;oIMGsU!)^GrQaY(-+}y zCg(=2?Ie71BqA!Kf~>5pR)q=P#+UekmJ_^*DhJ&L`x(j9tZ@15@g-m&N{$8y~>FvCNebVgwGXd|5DhiJJM_ae{fK%L+^r~PIuHpiNneta}Vedh$ zc0kQt22=|(#k&n4l2_1n-vn1}qg+@dCK*b}6#;X4^xLW1jD8utH~gJ{n}iRSI-H1+ z<*<{qulu7@z+BICbGeW1Zj*P(gL!wxsi5QhiHV3+2lv5*pWdH^;rGvG)8Acqq=alL z!G8~$O);&8UUs-mzXA^c3D+wnyg4E7-N+*$FZ|2^&0KtGvDTw#rT{Ou1;-@J{k}`n$FQGrbl11<05V`YYl!c zOPSpKJUEm_FIKGb0oE%W1B3(1diB0feIFK(fgK4F7AX~?Ov%ybRbXyKMPSe=N!#G? zlQ4~0w|CL!bU>K2iXz{=+VmljBRQT#h=NuTp9oT*{QmWW%MnX=xxxbfy)3Hb0UI_5{@~q8h$VshKe_s@7Nl1 zRjBN+*2iJ@2Opo&h}d#4PNv2rpg-0Om}9LTby0p%$qs&4UTX2$=LIWa>{?$`PhTNv zOdI}}o5l(W_SCOg&HYP4d=a@&AnD_8!@#d3hCYu8whl&JckE@z?f4eD`Ma zihbXYANoq_Y8y1NS)otS^Ij>dwgdhicl&2=DMWv@H-F9;r%Du~vIRWsOJ&wai6Nd4 z8v0(eT6lY=JSpGe%c8hB zGP0hYUTK;0)FcV`s)gpbWtww}EKiD%Xtuktskax_+UwwpD}p)rw;Rlg|4HBlMF>V$5;=`LI&L~J~8C1h^1r{oNF-+ z@n_f)mI4R2QWY<854X(9!ST(zvuIuBfh2KlXwq_BIBsaj+oJJl)dUc$@QzFb7^SIURR#*Iwo7# zE|lL&QFj~Ht|C#i+6FceRWAQgUeUuA`K3Xh;^*Yauyj&k0Yx_BPbgJ}57e_KZ7uw< zRps@szLqO($;yV)3#V@FOct)2)$mpY@u`)~-4o4YQmSFn3}_|&KCkqFsMs7NjMd7TD+K{h)Sb5%d^GpR)HPZkncSZ*Y- zI_T8-fl_3-YB`5vG>2N@`p;VU%HT>Wi<7rSaw&AIg0F2abI#X(|2Vzs@FF|;TO7YX zFsKD=Z9+l2>~=@H{XMP{Rl3hcvQKcJb)K#xlQhU{ zzjV+lbgIOG1JUaKXH0MkdwRm|udcUE2P9ZVGgy0o&>48yV!E}=g@hrW{0@4ES(@D8 z*SCBciDJq4?b7)J_r|GpKVL+UoXV6HxGu4_hM18HvV$`75EqRTW zw%Tm@p5y(b=V}}?XBl6gnE|nfIJ^=sjXY%c z96=Mk4&R7lCuXC5l5h8ya^%Xu)lg`QIyM6yVX{SC%1zDk7mNNxQN1(Pj7G^5@Q4?t z6S{qg&qYD^@W3FS7aP{{86Cd^( z4tS)(3Df#BKEYRt$LMs=V@p)L9C}bDw>Enf8Tc2uz@sE#XS$j4)wd7Pk{1`zXC2;0 z6vaw8k-z|(xvQiMGw1;Uh$zz6)vD?&W%?$EpJE-Z{5_=g{IgkBTVGFLXidh<0VS66 ziLj)7e!91-FEtiBnQx?B?z;+{#&;(2Q(P;xlx)a_+_A5nem@5O5+A?w%f=B$lxfn( zTDGTz!lrG;SEmL>iTP`D{|p%*5U@`=fd>y`=K2G8@W9#KSu7%B(kTrF0%H`|RaF9! zPPJal{#;m{bp<=&cy25|96BLeuS=r?jiBJ35G>E;Y0jp6dTfP61`Zh!^Wc5uk5AEs z?TizX8&Z)Ny>~w7U~ZcD{dFC;vLxU7E!6KRI^p-es_%+#NwtA7dad6#6SsEeckM%Q z(kdyKq}+omL5bqP5MUsC;RhG}KwS+Y2`?`%3MS@2U18LKgn{R)yA#W(r$!S!`XpS| z1EWL_F@-jY=`3MDo=EfiK(T07vBSuo@;$YrAEv-lonQhrQ!tkxiueKxG}gS3^yACl zlg|TgF9^j?zKL1Z1@_5&tp6lweK`Uwu%9`vbjAanruo+_?PxS1*9mO5JffT?`DcHC zGG5~I>*sFwlEKG?RHo>ET8RZL@X-YDaYyCi3BdV7+$vL7vs66XIdI9?OA1r&ZCSa$ zKd@2wnfX2&T(Erg6IT5vI^x1+lp?+_Oxoi}Y{!b-k|=6X!z>0Cn^)-5blp=w;_>4} zZcg#M(kFq$m32lhzo+hnGN;E5pbZ&4X%!D2v!1fM0IMn!J-rMX2h>%_?5W-pONMT2 z^EWe^n9vCU0&O$n9}m9R`2Ke^`=HXFv#<( zH+KFg8F18=n3gFY_1_U>^-Y@iqp^@>$QE+Z4U3MxW)rg78cL!@7)fW11t~AID@8Lc zEG*33dITu{)hqQlbMP5oyx0_yWz2cuxCym=ig!?MZy&O(5KG8vZ$E&$6@59cdTab6 zi_awiI6D-ola_Y!`ex?Ex3>1k z4^OOm@(&s`{U(H<6H+VyJEAM%(s$U&XQj`|7W68gU-ts@Qj6;vJe^85L*AqG(E_eY zuMRT)LF9cYh3!JjJ;;EAiYK_W5$$AZ#hu>YNaYB6tsWje)790*XEza+hf$f8ns$luIxjMq5ZljH$77Q526u-c z^y9!c5Qy71noN4c4;n_I1XD|f;q**ktCwprj%D$ni;9W@tfq)x&>OgES%`n^IR=^h zh{oCPA9xeWWlT-X_ zv-h1Nsyd9Ckth+)T2Y;yoxmGE`D*VmdnLWBqO}0A?aoS9m%KzR+s|iGh*II7RB0C- z6*A)ErV4g3nxM8d<-L~$z_($(!>^gj%;4w2`Z`b%fJIC4J+D)L{Pz&p?sQ2Za4=bK z8&09O><)giU~|z0A{S4(A_-gz*cBi2plfd+dP5Cq_jc{DmWN89HGd} zL^?_+Od<>^nlYxs@3H{6k-mAj?>P3#TLJJA0zAAIb?EvumAs2F@NK{?mS4z|{!d6x z%7z&UJE9K#zS8VMDd>I3^1434d_TJN!Vk{Yc+(hfM3WQzDTWezgvR%c%&6k}5g zzcK4Kc>AsD2X0R~N)r^$qKx9*(Ts7j83rtmF{(4*c73%ctW>)~2cn4h&X7QHQt&xI_xDNL>p37lDL^Yh&Hw#U}ECz3GZ-6D+-nF`etZ&QLi5^VUr8EBjyNs zYY?v8U8AF5w6i3HQ3}}OkBxOwOyCib#dgUi_5x%Vm*Abh^xbPmDZJcQwG9o>1#Y{^ zPtqQ5<}PuaVkjCg$#`%|dZ$KGgU@VQ`Vaq5;b>FyteQ z#CZN;XBLr9RGHLrqxfrdC;g6Ly)SK6vn}n2^gVM|vtzWciI?=xqIMqp&9Dg~_Er5p z1mN~dgv?S#s(}vDg(wI`Bjydw1I@Fx2v}(;1F%zmLN;5YNvGte3jU2_`6W(f&N(Qc zIoxyb%x-6?M75xfijIy{=r`v>ra z9abru!IBuEYBsFvo1rC%lnl|yRK2s~PrQ#7@lTVv^#qAL`j&q3LAL>V#RY*tlBlJ8 zThbW9Ds-u$fHw{rcp7@^gL3l~2(T8r zyk)l{t?jY%m2DIb4Zx)sNvoLuG(cqeB|(SIXSExkF}@fZgZDJ#@~H4&G0-JHRq;}N z-!XA{hJ6mgaKG0_h&|GSxq*@c3fivgS2!nB2S4hu&=v^0Tk0&$G$$zD^Hxg5lTv^n zG+S*PRrin$l_;JvCXe3M0j*@1S>U0br^?-X&h#&*j946 z6jD*obXx66AX@1$G?ILxINuLPbxY&OdUVsWidA!;5iqrFT-DK7{9rx5ep@uMeo! zz;>S<3>W?P_R@X}I*y$zNiBIo_ikm7kX>Yg6=M|jxa>SOIZ z*;n7Nd4hQs6r)?_u6xo*jfj;G&g~J;IN=87gew?DNN9V=W9@@8|s5dBry5 zS%=Rg?=SfSvn(S4aQf_?kjv%=vlVlJF+s%w?{DUPOk2zPWSC#{px-CGRAy7u?ePz| z?AhP>>aD*;%+*K^Je2*-s8K_eeMYGzN`x=uST3|ouf30f^D+{}R}-Vv120$X3p>w? zSV>M@KJ(}aLnWB&H=>@C%D|zJ6 zxF6=}l3&vJ1tqwn+o#{xzI%pNgbHQRZ^N*>zqXH_Z*?F7{svE#sX~{3*B~1AW_-&% zSzVLjKCw$U-Bz*ehpF?sZ!$z;QAQ$Rw$FshDpLbXgEGA)&uEPUhq-F=711Dbb2TDJ z%;&Vh4OsxxfYIU?y!IfQuL>B=9 znLg{EU-dm*-#)AYpVgh&4&dKchTlH ztwx0=MGL*y{GbsM7~oeZ6?I_&SL{i|V)SBc;4qEZ{KqF+rd#RuME@|P)4<-cN&Qqi zqJ5&sRXhE(T;_O`FZcQHk_7_p@LEsK2T zE}(egb1U50rmA?)v6OV-Rsd{778(yY&E^ ztgmtX-)BkGsbufA4@Z|R<@!8phbe;CB)$vO|toAb?54wThrjZ zsv*7uJdQMZPTD;eV$$}v92`v({GG44{^+*Ny&Zn9qj%Y~LyNH|o1Fak`SCTDK}8eU zR&B+Q2Ik86tC)pI+3pc_%dVjxm8$<$)&FuyNFoL zA+AXGnx#|K$mi^7ig#dl8^uWg)tywfZ3^n>gsXv70k4U>8gVFH0Bg$akZbn+ zwgX8F7D`_uqiIkLzcBeNl8sDL?)ojyc{ERuwMKf~eX5+2$Gu@g^mbUJNayHp>y(VMI%U0Wo0+y8EjbcB$AO$yX(I zNch8Kx!Zvb%Z0KBXSJgQE8lKwd=mdeuue2+v>)!P3{b7=5Dzw9$vePYnbk?h$4$RE z=8Il{i)5~?HHVwL(w3Jwnn`!QJgG22*5a5C~y&Ynj=;D}>; z3ZM2!DGrUDMYP;Fy(At?O%EamU+z$(`#MzjrM>DFlNPRvWH~>zJsQsNHPrT1G(!Zq zD`K*g_1H$c$^aTO2vqgQG&@eG$~^X}x|$5AQek@qlat0yo}dqnc`jD9#v+%|)L1mprfleW zus{OpM;c{*pH#yelm;VVE&&keQi(jsC>7Bv2(P=<3>h|88IbU`?~pg)a8Lsv_>JPO zMn5`8Lu*WNwqUuGN3Q|MJsKoQXz7n_c)xqpmS>X1rIv{iT!h06{Ts;sqcJ zWtG9ekxaRQ8B9%@Hla{W{1EtCI_w=M7XqA+D2wO3=N(GyP0|i7euuBA;)(1VTg$;G`#oq{O}-IJTBXwoPwY>3@rC%fPS?GGA}c+!GF5N( zh_&6j9Z@YEMRauQRtDoNo!i$D6CiabO61O4vGx76SvGxDR7@{g-f|fsDHe&c%lnnH zlPM1!CRZ*}A-GJ>LwHyEP4hwU%`x^!20Q&tRvQ^cpyB1?Y6nZ5P$z+WbdWcOC8F!M{4ZGgM**Zo-6ZqW>keCUXW`6k8~YgM))Ho!wc3trwDreybV^dfSdAAZW==8-|(WSBT7wrv38#dir*T)DJY$WT5qK*C(JBgMG zCnO{+(Dlug;6B~)C)C_W*wcCbT+!K{U185&{Nx-BFhR_Fag%xW=MWsZhd(Y>=eti1 z(m6)Ub-qG@D8*0NP59rOmCa|flwpo-&Z^7|V?BR8n2zFwuejtkjB9RbSvd29gi&8& zfj*Sio2!viB}H&j2%0p1HtVbq5&$k^3i!kGRukhQI!V)MNR0hAUXLhFjLrylzC@5U zEQv6lTGD_u});!;82YCn9iI9W`C-WL~F*BWD@K zid4+`F$|k;AHo{F0s+@Y?K@XQ_}p&!p_dPSi&pE{*RO6jVD_zuga*8xj5u)%g5+b1yp){-IncMlWabv#P1E z&ma8!e0DQ)bG8c`2Hhr>NDPv21mtJ=hL>GxpD${LKpK-kDVDG|Q(?Y1&v|_MGn$0U zhDJ8wH!M1#C#6Ic$Md>i_Wef=s2o;FTQG{EqT-#-7j!~G!WOp;B%|z{lj~8Nu^cYN z-|4!y&AwN}cwu`KGXqk`-63K8UVk#@zfh}+l4-fsu)I`o+Wyw$G*M-!yCwd@IP}PJ z2MuB?e)h+i>Vg#YS!c-lfbqbgx5HeeB!CFkjJt3|{of=4SESXT2fs*QG6`Aj)mQ(8 zOFN2E3R@95<$P@HGoB-8uaOO%;{d3EdAWkPDYnEx){R#r#_m9DzEr*>hoWU<2*Pcl zMFbi#*K6|Ehl`l1-$(&c7TNXiWGtH#6HH3z&jnx0?3}9U8R)Mcyl<{$Gz*)l(Ag<6 zA%wzoxXBQr_!=`nqqod=>YN7#0)!{Ya-8EAdmCpLU@PIN1 zhRpGFAtC#9av^ULjSWS6AOX`lZutBH(cpPShO|KzlCea1fl+D=Bw-vd4xSYh7Cv3Q zy5g3~Y4e&WvqZLT1(_%!mF8W+c=cnBcCTt!Gkp$N8k&PM4UQN%Sxgy%HPb|3S&W3I z1JnW}4-fQ7K0-EwxZvPez2?`AJM8#F_Q1zP@uXnBIzTp#RKUnlQPnay!&?eK4T$ev zT2J}Vaza0Hz|^exsG({bC!mRv-{o(71bdATs`amip)lU{?Im!HxViBUe*P`fF0_Cp zrK{>MLQroEHV$a!=dZOZ_BHK47 zsIV1~tE;Ok=(Pp1%ApRRo-$GO4iJP8vBMnXGeFXaW(-W2OYQ3Vy})xmoUz9?OAlob z53NiJ6!L#Sc*TtG?%E4dM`=@eCTwUNIj531Vh8tYkUVM@D@mra=zE%oVc^ig;cy4H z;d}HoR%E0EBwbw}gy!Z_mTT8UX0V%>Pp%KNyyigx7~6EYIwx2nN>pJj9^21+&kth* z{JiPkColR`a+==}Pu%S`JrAs{YZ|=s@v!2|$samv#+I0EXghCryP61jaVmeZq>w6; zF`m=kz4!Sm(K{~do;I(FB4#KAEEu!6#pQ??m^g?J7ZEY5hdJ+u4VDC7?}fti@-o;O zVuxg~ZH)b>Zy|P7VL$K1HiyTS2(tyH9=F|f0jTU3Rcn7T6o^VTe>5piIXV~LwKBt) z*+K&gnE1}mP;t)aG}@GW7TbJ8^cjY7=*0+Gjo>`cJ@^F)B{+$Qs<05Jn`uLlMqXMo zuP*-3l>fy;0Z}lYug&i@QrvQ9Gtk=Aqcdh6{sPuAnU3$?RdpcZOGo(=&0yL|{%3nM z3QQ|`3IvxgSbf_{StC*Kf>D@y0es{pz<{Ed!J=@+k>B&-*F)$WCgAGAS2+gI71GRV1^Uc0#uxQS0oc z7I?}wrRfec7NCsu&jQ{(fh`eGqw<^`AOg<-w5z6r5TFX2zj*LeY<50>AciO*LTr~S zjII>`BWiG6`gGv#vdQTu=bIsp#ZH2_fZIE~Yv@k7Ik>RQWvZ~e&v*>{pFtc%FscT8 zTTfcmEh+2VqjUrwAvt$x85y*PM4k%We2alU79?B(u*rt8e1zN8)NXpoHbSjLu%fi- zkWU|DOJq%7sjy=O+??Sie8EQo;Tpm%7TWfDQ&5xc4Rq&o0+>x0fR~)7o|2+gr5^R9 z;ljm%P_20%oj)u_vh|ZS$Ez`0^FfH}GO(o02NZ*xCPr{A1-!tuggf}@0#~f^E_DaR z`Q;H7IX5CO*(EwCaF`oEE;Uhxdy2`xoX$SuE8x=mc5eY!!bJ^Cmp#2tJ#fx*n+28< zM--`)wnj2J!}NOPoiYzqJE>CWm9gDCNdRJ8R=itc4Rj5FLdRh{5e)U~Ok!V5Et_@& zT|_hAJplnF!DzN!#4Ko5xjOw36?l{uU7`VWHXr+>Fg<_X_QjeE^u}HuOmZW8xR8&B zGFX-YE^LKw@O**Y@qCR$-Q+v1<%a7ewXFhSfbD8(mK_-cNQI{sfI85V17;goV5SzB zX_c@cA4zlAf^5JlIh}+}okO5D$HtYo9%Fdv7T9M$nro8R5Bj{#heyO|b>9sVLn0wG zwvu-{HU*B6TUpX!TZ%OaY22$*xr|7HS?|cy{_v3D;#xHDEEdl%pBd9F*z^q#%da%A zohd^@fUkOV%1ccT>=INWhNLW7Z0kAZ#|EsZis5A)bzMHENC5lh0*Cp;mqgpUuwalO zPb$Jn%1sHZs}o3hXX*HEa6?80(oq7+9DH}*(uVRHD^^jR-2e5fQ>5#XBSnD#_R=ej z4j2f^D*iW-nLV~5C^6h2KQ-P?qL!SC+2a$5MESetU|+@sAgC-{VkZp%*Nr7lDZDUG~eBLaL7-4cn}tru{yx$y5hDA1xB;0SJ5e2 z2OQ0{;>zDhLB+4o6Nv|we*_GSTeCre1zakL8-#CGd!!&44f=+_v^g1+K``B`7HBbW z%6I$g)(JScp&vQ9`gB&DY-cMOODUb_TjbAt_P7AU3wyL0ljMrwxW>L@XNKgQjJx+! zk>X=g1)vp9k3sGyILtbgxI!^b3oRz>2jEUN&VYPKyi7q@iX#WwxA)=&kXqt7JP9bzG4r9QN99aCn^ZPzf!} z=NJprjSkISwKkV3Ep3FFTyy2pHZV11`UGoo7zZC;RACA_#bOup%cPYys&p0;1`~W_ zOp2I`g9qrPvoWTQ2v|T7aN_G6cP*aaM4$<+gD53bqpGrU^|uCjv&++10wY1P1v0-?*92xksb4&Ya}HJtr5)w;9#=|c1OfT(m>qH71omWwx9OGh(#K2pNlao0 zwdDV5E5HV2<-EWPT7-oZf*Sye8OLFC_rqx|uH1C|yv{8}6p z?W5%mDPUv$k*mlWBft>C@V7*@?Dj9OBqk@}&X16m6(oU~%w zTog+$9`N247~?S={ePKLQa#SZznxr|LekTx`etWmb=bFci52M$y#5@oN#U~^eAm-o zy)EW=`Zz^mz~ii~t-ZOwYn2y~ljA4#^w=7S`2C~4q_*0n*j;ljOzKs)rh(wk6b;u;(dWz8+4u`==E`TO{IlD!A<<+5%CAT0T30wEp?FcIvFJ1U7w=vzc41F zAdGbUQ6DxQozD$|6Sz+%GJxN}cN)I^g@Ixj;4ACi5$A8GP|^Kj9e=ok`t|)SXjfC% z9toFMLP*=W zZDQ|J#R7{h_X161)6WrvRaxDO!mK(~^HiP8wl)Y|B4iVJCd}a-s8Ypa?~YgRr4|ES zacWFDB&LyqRwoPTEsop%uHug1*F^5@5Vy3ot}djRIW9Nhs*Fp!PCPI~V%(8A)5fe> zh+|)nFNQK_)L3p#xD`lmj-?^Usvh)~sGfv<=mc>@C&8~Xuc}~tpw>u51q_IOgv|Sg zt_P96t!}vF_=KD`(Da1Z=g(#jU@^GSTrusN%ptZ{uw(`^O*k@MXMA>^hx=Rh!-z$~ z3C%Vo0d+dklpPZQaEPx#q@VI*d&ZI7Vm(%_G0A4pDn^zA?suk&geb(?=&K*L=2mL0 zr;&tx&rssub4y*jZ@Hc?@Z6oqI-KqQME-k&iEa5a;kl4{orQG6eMb>4Wal#=Y<36b zt_{)~H$PWlw`QhtfYmm??mPVZe)acyIJe!H+DId5^@?b$TVYAQnzlVr_@@0$+=s$w{a-Q@VK5l9>w{FC zTOZo|&(CXXVL~to#L6U8>6|6k^Is$^`VFMXN01ZUZz>}_{n#^KvCUD^t|{8If{}1< zC8fi8#7_o;&K0N@?thr*K_0sv2R-~H=5vnQQS9veiE{(NH#y(Se+Ukl|MZSxybgeh zbdR{yV_-FXN>mBx1-wrkkAW=lF=qSe-@FQ9c35m|L_|apT&$3{GgU%m+U|5;StwHDLc&sIJW zx`n{Q8184QeulGwSypn!p64-q2iPU{g9MD@Z;z^(7;;NJVaw%lvj zePrHiGiRX3t9%fS2#zI6X0~B-TxcgjzBp2};+eGWa5tz7PKEyz1NDT#)YR``v#M!h8)jy`l!gbVr{As zZ=IEfiHY?2&x`)d=)N`M&+mvc@k5sBKu!s3Jtg`g1+5v^5ZpWSjzq~B8IC3qe-c5v z{(ZPmVU;c=Xq)Y1ngme3F~z!!6_6Eui3J4&@_oAZ*m{^Iq zb?#dlkKpy440fGMt{9VUbzB;AI@-Quwea=H=41eE%h)?1EFX{U9-wiFpq0Y0-OC5e zEaI1MsDvG6B|H7Ej{)KF#G7^p_tjWtv{Y2$>T<_zO8~Q;a6cYWDD39EL%m6fL>(!S zR1E#f_S(!%>ls`i1yme7!gPbiK%7f{j|&!=c+z;#Ue)3og&4lK z7mqmRDXU({M}j0CDE_C{QaiEO(7|>*kC1_sVA!taFKUlpN;?y+$_2PGGM!Ri?M+%- zuXnJhExry)!?T4tXKTDRiO{_&x85g#v~1VHGci!{BCEc z{kbZfyyWA+zQ{yzpx$6u1D&i8XUhG0gI1i!GC9#}R@!^!ISbY6Gzd;==^Y{<*ii1$ zqxhFA;?R{qgozHr$96#clK~6|;n)&t8l95XV;@AMx|QG0cJ%?8lXgXm<=IZx+Nv6g zvvUzPF>zi)@Y%i?TvxMw#Q8oSN-$NDns|RIFl*4@}#tq!^s?T-Q*-wSma$&>X7hktE7)L3-k!NL_`Te+-CUvdyyH!1bVn#cKM_Q>12-F!Z| zrNj9*aHmW_NZI`yC6_$~a3Anp>S;HhIR;~pOjM8UjSaJimIvw9T z!FmzTyU|vfF}vk@CMy4Td$5%I#nsjRNgWo&V&Zx+4!~|w z%hwd(5*uJoS$Cr8RfntRwkNV4*^+Q5LG1fkHXh)nR=1ox;lca&nO6UO#p^VGzr)5y z=OVUO8UM?;FErn-PH1lB=eD;QH+OMnba(W=uKB2H2He47dhGf6c!Tt3O2Dm0T)nd^ z7Ur~GI`lsAd0%bDo5#AFd_FITHh=3dIqhp}X!APDx-TMi>z**>W;a`!xPx8FG)tpK_=WW*8_*&n z*ST{7mUda6o4>!oclI`g_$<;o?ONA=z(#26wYBx( zdgpmKI2wRUjEi=@1lEcVo`(8A`FOv6KJZqvrAen2Isdj#%+A(+0xa_m05?hptdEPm zar<^>VfJa@O@;T?td#IRF>#WNr>Gd)r@J?RGemtdwr#*`;T8lR=Ub!$oa7T0NJ>st zzEu0q2Dn6dPs8l!Lf{&oTVFqXTX+1o+lyU+#Z_9G3f3I~n%AqkQcj%BtqWmkPG<_Dz?h2<_)A69Q>oE!72Do9l6`JSae*p9GX*a_@%SWOT4%_6C^<@$tR zgId;%4@D(K2Z1viylJW?wV^v()-+TBds{1(Pj^f*c9C#N+tX@lus_zb zn8CTFu;l;4Sl|i(L{FpfJ+RLIWT| z2AqWlc3gs-bPMI6oj~A??}yER8@mpBJ=B5q9#xf8w=jM-2|JN6(e>?`Pr$`w-p9nD zy~vD(4NFv&`udJONhn}FBXXQ+RbhH**_&YH$i7pso~Fu5hPNAL8Pt@QvAsS969n~1 zwLtz|By>Cx*7u75d*^}ML4+zPP>*k7PK_X}zj*+tsX!XuU5sGt75QNw<*9ar?`Tsm P0}yxuSD~zPN@xNAAnsb_ literal 0 HcmV?d00001 diff --git a/sandboxes/sandboxes/diagrams/passthroughMode_355.png b/sandboxes/sandboxes/diagrams/passthroughMode_355.png new file mode 100644 index 0000000000000000000000000000000000000000..33f397d830a12208e0c13b4b118f40e03cb6dd03 GIT binary patch literal 37088 zcmeFZWmJ{z*Ds2TF6r)W0clAWol?T07a&ps(j`bY(%mV|qNTe#q$C9C20+;|G+>`@V8sbI#vy&UuHbs>ouZk)pxD!C}hFNvXrZfgo^j&rDH} zfR;5LXHMX+XO8N!V7Q7g@?AJMYB+hR*P3pI2N{S?_=AK&kKb_E2WYv|B|ctutiO2e z$9`1(?ZpxB2R0x{6b$>O7Y+B!Pf{+#e5H|qF)biqBp@@#b8A+}bA@i&z~Ewe@2LH_ z^{rX1da>ruE`($_JSa%X2bJp?BQ?o0JVHop)kfI=+K2+{SoiJtU!Ds^g>}RdGi&$% z&o*Bv1j4UogPs=2cTT@^b923$o>%|z zoR`3Bg;I>cHaQ4{n3j$%&Pyz7;J^BWd;k7DthQDOyVn)OCMW{8rbaWO+=rk91$ma9 z584`ASTN7~Cw%zyiS|G9f9)dz(bCdlhhdnBz&c*yD>{h(U5CUV0tCvk;DK73ftct^ z65rhYca$*t4v=EZd&QPX;GL1|B?`uWmZ?hrj1UsWONP!4&qL-K{IoM22pAD?ProyJ z{&!D4HGcTd>s(x*f4V#9e97hS;QH?rVxFcj_2H?p#{S>Njt*dNfrqM*hdVHamW}@& zgETJGw?M9@3TPbZ`%fc0T?gptAzyW!o}r@=%g6 zFU#M*A>CTzgxka1Pm@pfAx9mMfiCDSbg?)Z&VQ|qTEoBNBmVj*8er_-m+iGZ%WRk{ zS4|=#B^8oUuDnxT(T__^9KgD{_j7Cc^C{nX=~yMZwy&9uO=R^Z>(Be!OKyy=t}dAA zt=5N?7R*M6ZK={kL)BibdEJRz%#vOG>MF7D#uSpXEjAy#{zqSbNnJ0))XLt!+y0V~ zn#|YC+$B$;D={NWW6t2 z221D~nY^xXL(UkiJGLhY5J(z3SXE&tTIIUWiOkJ?;}BxX%Q<8sh(kr(9ezcLFVZVQ zV=N3?+*l~DL^>jNr(>;4-es8E+CHEAAoSDghO#<+fa8{zfzq%xkGZr$B)Cm{hrTdB@#Mkf>7IOOEy(Y@SwJDX%i(9l0Ek0`-T zmd@+SaW%-ptx)3+3$-{4)s20PaY2}5ICQX`U>_ei5s!0}-Knp#i6be$KHi*dqJQ%8 zis3JZe`$7u$xG?y=LdT?_)^5{4+h;M=@+NnDOAr^_uqtXGDUFahNEfxzcIQ`Oy$e_ z&s7?QKkDo2N56936EqEZINIJuCL+>aOHlXxzVix;O3bgW4l_L?18QT#@PXV2+Uj|! z5vJV zi)G_)?PBhh)#{UJfZX-#5)J%L)cqX4!Rw*7KPt;a1Y*?fH(6_}_ip$o!m_5%zbAD@ zdKOeFVf9 zZ*6Qa2UO;nYNfw&Cap0al`7ZelX9z)8C|@(;Uh*wC+tY!F`vls@^m^}B;hn_0~ZXv zRV{EJXz{!xoU1VC_rG<88XE&b@bcY2h&wu=N&lCO6ERQH&dyHtw4{C0znUcwJ3665 z;W(ONOhw1o+MMlV(|I@&QPDix`S)0tf5LZe^pdw$C|O^%u}Mf!tsSlLSyc&dpW6kN zM`9`vm4-Eo5#bQxFp3ymJ0x_q`Rf7lAL7tkYC0LF^Km#ywq=H=U=;B&N~}xxjBls( zTVZ)1M|$;EZ-8aq#5Z|S`z7GK*3>FqWVW~YzmHtZwfrq(vGpBWO^sFc3*=#`;H2Xc zt*opJ`poeYDr!JN0z;F_PPlqOc%E%{Dzi~85~WyMn8$@)$M^53)9)iCA&_q>K_Tgg zTBorErwl*Qr@ksO-KdOUQO-v_+#{o5X(heLSX)nppQ|v$&5^8DPI|E%BVb2)zB`R4 zfR5w%os$zpd@e(qFheLvDzWo8rPVveKVOYDYLtGXM{nXmhGW5fO~}eSOa3z5p>-5s{xCh}*NzL{L~* zW?JCcO1mf4_!cI&g#}eSry2!%(m1&7&OJcjUFVWnGLIt;DQ{UM|6xmXy9DLD?mUfw zF459uD?0)nfi;^oKBp$??Q6oC-h{P5`FY^lwGnwi+9Y|pNy3<}42ntJ z{o6E!N}0?73oBl?6Aj03niU7WUnmyyAXT~GS^`#0{4{>MkU{voDy=#Xj*&EB^!ppE zp6RdS(cF?q_LxHmpVs%oO&`f$-(c)c)*B$}H-3_?ZFSmJr{!(5-gcqs0+gB$p!L>| zGRR;xx11l!cqAQr|8;?^LDjgB_>G4=^0Lq424E>odKoM#G=ki=U1rCCqBfJ>>bh_4 zhtCN)(n;W#5Z!*1L(3lc#_D z)h2Los1fpu`Fcgv$dX*Fij1$6w=dN3Hilo?sZFc)3y-vf1>D&tdtizqQ?{}HE3QBm zBrFP4Ha2Ug{e@@JzqKW%2{8eaKwBYXy&|=SIVl}e)1knMT>3tel-Xz!{*4!vS8$NX z+eQajPuMyUuJLeUxzBjFg|Bp=6qkF(pTi$fjlT&|qKMpw(Fk4y)mdxPn13N(7d%sc zdsgJv8%|_$@-v6{r5pB80vp*juG68zrl@MO3uXlAb<&m1?H>wAjSGj%(fpSYo%FT! z^$7c4GNv0v+=8EvFu;w_;T^Jf7vSS8;l{1~0K9 zoukXa-7&snGwrKMk6M3yE0^nB0a!GGm=C*MyELGqL*jf#1deTXj3`G+!Kw1? zcRVbwqprzGf{f;d?hYES08}ihJLFbRjK1>Q?a7*bxEM|G_jg=H*!jU&V||ujD)L^Zz_gse!aw zHDU`K3On_6Av#J|yK8FFs~4z5MgQbvep|v0>~a9&?`;&$o%>s?pK1lHpN>{LHx-j6 zzuJlGw|q3*Fbxcr%?{LN`>;|=d3{FIGnVlqdVEw_zga&}VIW#80~@l-^RBD4Ss+Ht z3u&f&4o*6purp+>TPh?4{jbkU%=AnLmEAFp_v-39=L$QR2ghT7r3PLhiOrWlan5+D zsJKYA7-P)S2z;@Zz-?!LK6CeWc+PZWfQ8wpDnicZvPj?1t$aYw>FOu9)8Pq|eogbw z)!&cMiHR6UgH?^3!dHZgHM-k8jpll}EE-{vwD0|mHAH|@z|z8kkakT^;rV7t^=c*wS9NX^M#vHB$kUN+BTlob$@TomQhl+@h0tPHiXY~(w` z6=_uq>Ilqss0Zi_`Mh+^yhJ6AIJ&o{^0=cIg= zVd+ASVI-ejT1B z>OTm{-0`6$h>Co?9wMlYB^x{bU}MuubcC(Y+rcb-M73S<`LeOxcyx34c}QQXM0W|=68SlhgxH+?3=?i z?bO#dSgD(Gw5Rh`bOUk14KrJtH~%{SGzjnLV9a(b3C^Sl0p2&yGcpn=z;u$P@0WET zx|#ADY5_ZR8KNvU=|5s1ak~{kS5D zLz!=4PLkoj`TKwsED1inxzO7f-wygY@%Y|9=Ig=t(z&biQ=X;eGt^0`z_TjmJJj;_oUUk?>b&0KFUJA%7&58H1-(Kr)XhglgxrAuvd32`htYd^Fh4&Z(q7zc zb$+bZVB5JOR*<|)B)lZkzTD`D?Bc@G^Faa)s|5Z2&ssO~#AAt$hA924MY^hBv;&Oa zZpB9_)cB+g{)Gp)xY3avv9LFT6|8}8(P&^tqHXjobPDXi{2ZY2UBL*meUbZXdwaCO zjP_)IH@HIrfTUq&5Ir`snUb~8NWG+Rk_ZKMb{K90=_p)5icg;GJ%b2D|L@a2s5@bB z=w)v2SPmp>`r>sV(EE7@-kRt{SGl9iUf;XGxze}q+ri4t|{)3c# z=~0Q}JF2UyJDV?$aftB)4pd&Cpxv^H5X7H+Ft=pW()o(uu7RiUQM)2(PgaYM*H_wI zqc#gVTc-1iKAlOZ`Wo)<08mhSv`;5W8D9SwbOVO!_IoP>g1o=ne7Q5(j2HA}Cw%U~ zPOUkWsbcjNdL<#n>1j99-F>_A;0k&)f1Hcc2rVI7f*v=$uk*i)ta`_p^=ud(VbnWmGcof>ns3pWn@0G2W_)ir*;96mA#(1E77XL_^K?}$QLQM(;EcR$tk#94lInV7r$6^2Sr-Uj^IfK zJ(pc>a_(6#FlcfLTcC^H%jC60YjQb^;I*8BZjCIMaH}thnO~jcbk$sMDpI=~Ee3)S z(M<+p3y8(N*{2GXZ}CLeHB$bOmyYD8Ww&~4MwJkd{hamx9lEH@0efK}?wi2I|MMmx zEt%gl9b2*X=JtHy*Xhx{?D-KtcJP-&KTlf$00p7zWK^51&%~IpWxT$ZS>HRH7WCK= zEL2WGuGGquOBkXo|G}U1-HjVKl9jKo{eynapW^K-6~lX69x)JJXeKc#r*_h0z&AM^ z1z68jnm*hie)HTW1Yof*faGZdz0e{^_|#E~44NNh__eiZii%Ws?AP-L1>M()t>%iE z_>*jB%UH(JMZ*ED0@#KXx7$B_djb}In#Jn5pWEA*4O^12Xa4JAS%4)@LHh?Rc1o#S zcz{PaEe9>vZG1LYxzaTs+8xth$GpBlUEIzE1*toQNkilhwEL`?G8v2!xc^XI`j zilZaXOz8p$@9P&oy|$$jW^H6^es;e+4Xp*`O95bwee|5)N7Dqjjo0x3Q-D;i*U)oi zZ`x}ZyE&u{n92r|4=as|0#(b(c`}%)FjX}X_XD~yrW~1D%&AO2SKC$WmE!lKtrLwJ zvTKvHoO3DDOeTB9`i&*?wJEcMtVW%ZGkK+vjeL!-uZjO&QB}rgz364x9n@8GtIM)P zwYU(2rUuE2p~xO@-#u`nNJ{m)t^~#H82&@MZ^xb__=&kmPSZi3q4P%fYDIF-G+!7I zmCkYEgA{FhqY)BcU4{nW20F8OXm-X*hhyX8hpc$r(9(*~B7JsyhcJ}D;qUHfo@Y|P z>bB#^+4oCYZ)t*Y{P))A>!T&17@j0D!zkkJLJ)5A1~N{O||zXd0h% z!fGkHT3_H_CoI{g9s!>dwzHWmuFZ0=(vI_@LdE{(&9#miE5XWDJAn`cpH|Zoc7wSW zT0*e@Yw%a|6)6ez7>@vtY&oLim({so znPHtspQ4<}PVaEi&U}vOV%@RN?-g@X@4QdKx*op{e>AM3vir4p-9C5AdejbpXVKmt z7xy$hY`Qr4BNjz4ob=EzUQon@@9oX0TBnP-)Z}ik&HoGiUp=vgquSCz8+Xn;C0OvW!;^*DBD_WS(c3du}=J26Kr;t&-=HucQ7LsAfaG z&yT0kEvH{GFvHLYU1ZBkGA(|rpdT*Qhb)sy`>y1(_M z&RVN$bQH5{XSH zWBoxR%(0&zpF>wlKksAA`h2T3GC*WPpo37*~8#H<-HYoht=bJ0kL*2`c)@Csi z7pR;Zb7Cc6Y7&Om4%1wV)N?40M4JK%!nJ+h)+;Ox{c)RkA~9p!$~Z9lmOHi?yX&V{_hRJe&&w@ z=~(j)_+4En*xm~k^kY8kz{=S=}r`a z^j`Jo`CmVsITj#~rBfrH8u|azNK6cP7r;Y*pd`t!8-@Sk&ulqh1^AZyPmK%T{%wRp z0rD7lXu%(t!{&eHL<=lRJ%3>yX#D@eL^T^J+410O5L{(55j4*}Bu>_b9XsZ6UvM54 zi5xi+LfW0M%%AKr3+>jF#HE@m4KSRa$4D_!`YN9IbH6 z7tK~&z(5BAwZxE!TJE6=#Z^m! z5q401Wuo;vkhru&;J}HdPY{*CqG1?fVtvm$ZxM9%6ta-CujIh_(bp27v!fb2yp09K zhJi%Ev?v5IksFe7TSWBqzda)$MR2ly!aLwp<%6b(SxtP+FtoPB_5uMZLFKOLh{a~q zW*`BiBQ}ROC=57y|AfXU4;mm?0UiO~4;Xwa|0HGam?Lv&2_bz@v!gsiAd(P^&GWx) zSW{dG5TD`V%OUW58xj%`pit2K{pYT(nwr|H)*$YPH_{g|h=~DP3Yi@*xw(BCQ&Q%) zUn3IG($O+}n7(|Ql9onCOAG!w_j71d3Rp>c8O?1yad=0nm^1em3SoF{ZP}~a_P~@B z7MEkgNLUD0`3EVi6Kicdnl~%tuwuqNzVGK7h=VzPNyuT0pJ_8{TSP0an zbo&>9JTMd5(Lbf6HW(o5zS>?CRLtHJ94`~D>27Y*zH_jJrN+*c3I(#sdGfQX!-n(4 z^r3#zSHLmh>OzEl2}npnSrbI6%x-b*jWlRD&pP4z)$$6FcU*1I+#B|1to;3h1+2U( z_~+J46P}K5iv5q`59=M!emn9el9Y`1BY`4i@vr_dfIxF!_f6+W!%Jk(2!ow`thHT0 zUvT{Pb3M=+1uLp!)l=JeBgFEXZpu^YS9ndw6!F_BWUCi2B_$t8Eem0 zQe=J`!{ltWOcD1W)L&aBhl}nZA!z-Bcq{9ru2b>G%x`n~>urtDWcx?vTW_=71TXi0 zAX2RlZi?VRmo@#=&+h9!h24&5*AX# zHImj0O7R{JIU`Wa)s9-5Z*;_@%>`F^{V)U=dK~9Htw8f%V}c(o;MKpXq?AnrIml%B z*2M!i1nIjzbTW8yM{RmC+Zgj(^Y(oO=DFvpSl&dLyH`B>Ta>NBL_nO`7~fDJiHm>6 zAmM%XNWRJ%pq8f9%4NF6oIf7@oUgQ@XN@imhZ5)cqqg1JMl#}B%-T1PO~QJc<#6s_ zNV&%ME`m-L$bFGntUUm*e+XbvQmdBYNEdEL#$y_hJY7dT^{hkV5~!0o)Ex!ROaEZe z8BVzVxPRr|x~H#m5Y<=#C9QNS8BkA=YNx(V)@dCptk*d&aEWfb1d}^P*5mpL^MWb8 z%#IcsZkio;(4E)(>X_Ae#TDY2*}WTh8)O!$oj?9L5SuBRBu9R33x-HBQ;K^By=CJ! z9g1JGSj{m?$2J~6>h7I$?2CBrc7H?h;QCRtFCvqG4z^f-jhEK&0{3FNd*R0|?%DRR zf1{%|wc}RA`f)t7wXv};PTq~l$iOb7+9}ly=BS4KbR$U>9et&{Ec(uSnboR8P851M z6SwM__38=7GMCwo%viTuD}VNlHZ!aDP;9qy=4c;32UByTw#@e7eT zO=dpht%FHH`#bXV^y=(bSrXI~`?pO@fM{MuVD6wHal+tcDkjlxvC7~B;Z2D=vMcmz zD88tqtf@5~2>6=$o)M6)pBIZ3z5Rjy_@kXh7b@xj?9?x6u#Mq=asklF0FEVFd4C0f zn_T)eLS6VGA#PLY@R8ni+?5wMBD6cZN{3c+oxJhm2%94 zTQwi&Hk$&m>+*(5`YSY#17^sAdlZq-;C$>58Q{y{w??Tr!S;LL953OtcxI!v=PH>i zBs{;4cVebbE}@kMifKChw|8$dfAk&sOg#IwLaa28^0AuS3vx)*&-7mhJ66Ius4lZ8xKK%h40#81kdDNAa8 zI|KHzChz;_2uKJyZ&sfd8CBl9f~?Qtjdv!!1YbFyg1?Yg(6(C*Ok{qv9}KH8e_?Xg zb1nGMO)?j>zqgr|y&zxygZK6C_scM^?UymPb&j{*2%k{#jXL8P$IN{TdORZ#6Z5rr zYOc!cz2Z&zoCfF}2E%V-T6FDJ+hqIy+*i5n;sa4aDxK=PAjV8*3H$rPOoJ+qL-wny ztM#)2GFn%*MSlVg0FF3GM(!ETx0*93DJcaKrHiEx=!w6d!LY9!OA+SB@ihx%j1-10 z4DHT0nQ^v#LY11cwUJnL#oTwrrqXM6p#(Ams+>2S09QpwNAiyiHhm*Ndu6~yhwkJzie|FLI-o}h=skeD=X=4o0$yZb)fQA+%^b= z2FbV+QRHHw1&aLCA|m=5aw@4J7{%%f=#^9Hjl-wolhZI*ZO4I-X$-gNtEF%DL=Cnp z{@TMko0_wg%f2SP=+tjk(!ZS?za7b}BX``2lvGv4M#3cK#9i%=pzv|tcYz*!d%gba z!)PjEGM^_-$=gz&^v3E?Yv*Gzgg8d5KraQ)wd)7ZOPW&}>1zWW3LfL_vB%Cy?(l)} z^;~+uD~o?uZnUChiUYBl*xIUvE81&r;r94Al~htV-N>?3WLOmcAkMLhEzFx!Y`m*~ zvp9R+lsY@ye-C={=mIOsJJgNRkC>XWb~D4;6S+dk6Ic~Q;CWdzqi!G;&*Kcr?w%RtT3YA@l%%AM*ho^q(j2r+#i~Kp1Eb-(=x=C2P2Cf1j z>`ImKgzo793M$}7?_h#F7-**_jx4|h{67=RqpxF6{trGkI=j5RgIO##;C7OYV2#qp19?`mk#K4c^ts)#AniGM168Qp}dI- zfZG{f(3th=NpY$7{NEdv%fVNg?XU!pphE6_eEF`o!3iOl`btXJfgh_NhIbqWPHvWg zN76;h3P*!$ver9N(kYDFnqu2TxFKyxw7p*WmtDYM8#nlnTCQSLb{uJRbIW?E#C)&K zq1e|Q0fuR{-o^+PUXu6tbcB%FXuXc@@sA_PisEGqZ9`uHGrraGO7X3vqw(#?zU1OVpKTv7@ny&%c;Tyv8mB!=J+q>1P&K_D^{(63K?HEGynvNSvLYpJf z6Cr$^m)kRb^i-@wAS$t&?hz4Ue*T;0D5+II`d=ZOGr-!Akm-2m$w_zw6&AfKl*AG4 z3~#8-6cizPdb?|WGVHK{-#>3RSkSiF3XmtJjMf7md6IQxI%mhUZieuRV-ROApH>inRyNu*00}kj|h0EB*z59E6a?NaAa% zQIO&T|5Sb;JB&A{rytfaHBAhtD^UwV2s^BnitkL!A2G4zFwb%y0<}~a`W9vCTflS+ zj7rJ-PZv?7?pd86#g#vkwa!2n3}#FHK>u;~z(lc95ed=R4`m};#sR^$yR}$+MF>fa zeR=c?0^J>a0J=vW1%)Ff{>hVBF$eBJgBPz21vH2wqdpXIv*boZzHWG1)K?w1vZej%O zFVvVrYAtXqtP#8jb*IGj>Obtvmh0svZ92nvt3psm*qxf+s>p>n4f9G#fjlc2#b!s8 ze3z5xpr`QnGv#3nXhOhB-#JZiKP`>n7?}9r4>1QzV3wjfU_4(wx09bnO|r&yR^Lx< zkK38#fclxmfOrwf&h&6$?hGaeou1V2BBkn&n& zJ9~ONfu8RFL-i04(Rg_t*2D$$p2EiBd$BQy$FBd4>pjnANJx*QfI9!e$O!vZ>c(K| zOEWa|vUl+BeG~MZ0DUe6B$HH`4JRU$qM)GxLBsFdUN=thtOTxAhMb(7BU$29mcZCY zo9)8KE3KZ8Ru4YLH<|1@83&!Q_?w*NN~oaldh=$dUEGy6FSg9n+CjH3k&raB09cKp>B`OSGh@hW9e(6kTO@j*&Fc35oq7X-q< zA|NuC4kfTztbN@VK{A;yj~CCb^Ky(^92X)RMM;oZ4kU5)3vEy2NCK&XKt6|TdOMJd z1<~)Hoh4+`uIR~^kBj|LfG`elH2H#`b<7+HA&(EYoDUDTb}?4qHfYMgr^Gbt%1_)zMTwJSqk}CY6~c6>)L#`5!;%-j-h-jpF(OPU`e~x_mZpa ztk3J|u8$91_E`-5LK0(v;6OAlS3B$PT$or#-%E*ZE|0N@i2klXGVkud7`R7F12rh^ z=8Vp?dXZPDgvtnn1ud##4DJ)v=Hp)q6qCaCc8`G}2x%i* zEH+MaqeyVyZ|LORISKGc7@c6c|M`gTLIsj)E>_BAjtP;k7n^Yx6d zNe@a4kNidKK>jvBRDc0Ky*C*D-V2xztq7?e6bK?b|EiMFRc$uRd)TJ+q;}A>&#(Z6 zAu3D=X(E7#R}a{<%bn}vfpB%phjp@TdM$Er+donHOstGK$(Vq`yPn4zC5U->(7=Ga zE+1S5g`P$^Fb(*otB{LYG`m>!ThH{g#)g~P3+*5EHofr4BHuKR4;E^A6+4E86v*Gu zczVE?wyp1E0n5x__i5meT?m!^Oh1xb=w;`}?7}67tq}lmzOr-@3?;b1rooZABv_WE zFQgRppbx;U3l#eZoCf0_U8j^#Bs>y^#6q>1{mr?hz0uKfGf{)xDj}69uVfLtC{PM!4}nz0O}&6#Q(QRLC?}Va4Lz< zJ#|Mhxy@T6Uyi2BrJ|yOn*gvjd*4fgZGP1Eq7>4}ehCQ{aW7WM6bbc(M-KZ93>+!` za3$$h%KYpbkk$#{yKb=25TILzx`N(D=_3$^W_aJ<^txGn4sz%Y!fYRYt5hV`^nPAL)Zs5rq~q03GQpwtL-2qEIiiHM2zsAa(I4M%1Wh3yU}ce&CR%`jA9(=c?z zZOh+h=W{}a*oxKig4`zByzfcl4<6bd@3GG7-mHf^a53{r7`5U1<$q#3^Qg03CZ#`k zq5qA#3w5t@CyR1ql@*GWs7e3XM$`cZ!W%Rw8L!F$XmbnxrpiiA-C7G@_upH_2lG`| z`<3lIvWjqb78b_;Gqc-E)RVXE}Co~5yXj76y8GXc5^r>P`1S7 zaFN!j@`XPVCN3xf{G}=|>BiN$D7uH509SwJMbjlqz58M>=m}eAk0foDVy1b~|I`5I5>_bprM(Eia7ECklaNk$|EHVTw1y zqVEQxUo$D2_!i)mc~ok$`buBETK*lneC+G{8U>YKa!YBI>0O+5ut-(y9ryrD#T;Ln z|7UOFC8pU>JkEMR50<+vvy%+o>vf_VW;OKKo@_=2*ucJGjpLx66!?n+l{^HKN=$!4 z=5Vo2am0|mlKY}4`zx~h>Jv6=y|MvRyn@DD=*FOf-EyihhY z;n=wdk!4Nfz{_3#h*_6>z@tZ!ms1lS@R!cyJ@cEsap!dud-(mjJ zBDFl3`BqO?a-aAHx#0)ZoiFb<)eQ;VLx7|TZkt73d-l-@24ku97eE>>?WLN5Zk<&i zkRuv$A`;4r3!M=|6IOpI9Eiel99EI`(o7-7v%r?=LVB6%Y)Xwdw#Ai0uO9z81Bi6v zT&Szx!;HJ7+7jd9;sk@HKyvxJw3-7Tw(HAeEpyVaj%r0?vire;C=(Nq=kWPp8*XDu z9xaf!-}Z+owPS`Bj&b5ss?(h{LJ;UX<9x>yd5HS6T7%JS596W@LR3A)pVlYib_u^b z#CQK(w?%ffNakd-UzQvZ7O7DmX*=AxOh*qSuAB$|*s~a)J{bcd&4?o$lF_t*PNiek zV0i+w&>|Ev<>#BGywuS5*E;@rv0@vC=6Ew%wj4*71I!(LQwWk|0lAuEa`O<7Q5*eH zC+!<-2CGtZch3QM=}byoLHc;+Nn!87B+je>gIq8;0=&KlHWoTVkZ)uIPvOUk(dLks z<&WQ7$O88|4m17*Y|QYoJ4KciqPu_GE1~vM@%IM$E0YR!1`fu2G7uvdH~M|?UKgED z`SxfaEbN8U>p&PvhfoIEy)|M-CoOhkbu+{5D+4VgrrV_+m3%MEul2AXNwnfE0)-VR z9Zk3GQ^kW;(wwQZz{(3`l+#-=o*ZlBg9)79h2_KEvUCPjRt z**gqR^p5YRx7akB#4)nWE;O7Nf!{p;9I${t;D^ywVu_-&45l%yaqwZ1GSt?xl*wc=iJRyC0bOYtNh$_i z&hCi6j`Bt*N+%!f+x-Z>Jt4GE1QV}=CJ=2@5vhx=-~8QJ>>CY?RSF_KC_{Z)LbS_j zZR|$~<9eMYm88*XT$&DDhA4U&70K3YcT%z^FIuA3&8?~$I(q`EOdXTw!Aa;Of|63f z!cauO%&2*xy#q{>6^PrEM2{H;x@^L$4KV;<=|R9+%LaakE-dS_bPkX1Tv+TP3%-nr zLTfvd`#Fnwsay;#EoZ1hwFTnE6?&XH?yK*eo7(^mzHtvC{hsaQ+nXk8ZL*bRG$_i9 zP{hyuN=h!5!3K?hbu&`xICTwH3kUM|7LzI>gb==$2!Dx+J}>Z$mHZna4Y>tk#)#^G z&|1>(P~jN2KVoP&Y8^9M2b~I5@gJXSsRzWLHpdG=Fbnm%{f;i>s3lnmtcboy&6TXJ zKRl90yM=JIb7pew6OrJ&F-W2h`3mo*6l=i81F?O8cjD=zA zoxdTj5RF6#M&Tn{1wh3w`pdk0d`S70UfzczIgBE*pqcu~wb#zqYO%uZdFxDhaRa$` zEV_kC+y>Q}BnJ zoP5Au$j>UYl&hnb%{^oMs6-YB3ki_i2VD2sMIjEh+!s!7Cakt=@j;_s@)kbDZ>WUs zYg)+A1md#{X3Toh*-Py!^{P00y^S7Iw3;?U6Q24YrMu_z{$jFTb8ta$kxNE$y%hkM zOz2M-vX&dIET5UAq$9U@rZ$$hTv?hE&BI$kw2)_!gtSH_w2OrEDA_;RW%9; z(1~MIHo+aU97Hbh7Yi#=tsvsqAo1i7YBDP3z)z&7k$DvV;9`hD^r%OhMxyXe0B?JHP^o58=|o7-!)2?J4CmxD3bgs5t{jT$ zxxcds;LMa><(W5Kcc%?QIiII>`D)>42vRwut+$Kf>~?*X_qTw89i2Os{%L=47YoUI z)vpU0=a=)Gm>#GTtVgGD?v@mkH@V}<+<8SwJ(QwLyZX8~hH(>vQB6Z2#oKKk^6}^) z{{+p|r`^NQAm;K;j(SkmlbB4^;`QDY#ATzmeF>yhh_u(Xz;iT_80k;0=kMiT^(@L9 zztrt;1WHR*578Bb87ES;@l*3f5iQj;6k0d|Pz0flZ<(pRq}~jkEZN%w8w%*M$G4c* zo{5A?owZF;2F|Pi1rY07qiO5jk({h?CRc2q0b-WvW)Y2Dm-(qt&0M% zP5xUOJl6D$3e?lAHx6(1SO*Cpo)uC|qb0-F!7<#l;qh8(+B~(D7NN^Y-Np|bSs968 z^Ik&WG8<`=h{WjRpO%5qA46K$E-=8UR^IEjQX}n>-EScagZ#7Vc=8vly41adnnaw2 z_(HUf+hYWw-)bpPI56a}7AS;WLQZmYp_3lswL7$d>^o~p=xDLjxk+&MkzFC@FNN&a z10XscrZkIC>=>6&uy@ar4cEL#cEp(~q*Qj)_QD=|AzJUQAZ;D#q0B zy%YW7*Uyr4`5dwHuB7Ga9=UF{%`J8TCLe2b)>laMN}s`diS=KA#yTh*M=%u0i1M*g6J6Qu9TfdLfd zm{RiX@ljyfaJ2i#`u*&3X^SCYF9St2fXjS+IyXl{sW-xAOvpM~Z)QY@nW%1lm0l+o~kgFm3 z4v2)IREt*rXq(Ox-I;%=^XL}|*t9}ga7e!bc$dg%k^Yk$lmh~jKwZAA-&W6JkPk69$w)Xw9woNgXSSRVxcq;goC8m1LoaPwrP*bI1z6TAkDOD)w zWmz~7APX{lusGLa1{B(bzM+=uaCu~4k70BA+9b3qq_!~1!-yC6UA#4zCT1QKPB}&2 zvqR_C_HEa0Y@1s;du5e9&?qL=I`I^O>ti253)LC#diB7M##xQW2ouI zUsA{(Q=hrS?4Y)NSKlVKEJGT70+K z_bPf;(U)vAzS3y}Qy-*nZnP>9r7p=hD&(k0Hlz!6w46j=WxeNCUqJ(A+}D0ePAA|i zy}|N1w7y;bfPr}R)wu$FCD*2yRr41D)UN;^7aBz}l$Cpr^__|xzwj%}D-@SOwZYcl z)b%FK<5ALC*y1HBLudbkuzUY(g#i%XY@(7cnhctZkK0{a%lY=Kj}jmP*@5YBVx^|g z&w<0IiqV0Q%X&cJ%nVFYa$P`Lz#h3&Du)zLc+rF?IFl6@9PhgM>la;H2un&LWmj!J ze0jGdCpxY+!23zAw7B;U2es&F?$9Ws9@a{u5S-ypD`o@bgtYn0ixi}+lt<@N*_@WC z7g9B7EC_VpyE8-~sY|kF;xb=A;YBeLIr7x5M@u+(uK?5hT3JYMgQUW+wdu~7?Hj-z zpTBDf0H{C84OZBWbU#S(M`tI9tr1|^rW8ao5fjxph#Hoka@Dm;TE)(}!8Nx#?kbZw z3Z!4(x!l05<$40w(P>*yG#qQ&Fn~Rd2FA3U@(`1` z1jwD;%qp=8Af7@MpYR#;>Hg6GwD#-Y3P-Cving)Mf6lKl3;bO2M@N9oHdB^-pkk&4^de7epxm*=AWFb$)?s%;I60Oil1K_ zEpHEbyP1=T26J?WWBaXK$`BeqKdPM`y-iYtTaEeRRlr1+cQGksTmjPC~(=EcqCHE;lxE>{n;y<|nvH^;#I2CH<2<#&q(XW(Q z=NA_{G+U#R$0}q9$QnCn5jGmt7qwBmyr$uD9>1F#`z8q5Ft|%x2)*C%E;q8Ls_KaK z*4$BqhRzi#AmZvOc-qOmG0@>F5tyGfD%FARM%6vj2cjX*h+~?mu|Vnm48;`ZEHHW- zLGAY)fJl?T>V4Z*ak+D z4@(B#7i@ef|CH;7kXNPI1saC1kKWJlJ$oC^kn5JCHpm4;F)HjNvE}jWSJ$s~1 zGekVn?WKwT?EXbnE;H|-75i@`LVhv%egvn6HbxF^Q!}#!=&iEmDIpH(b1Vrre2%L@ z=?a8+X4uA1?2muz)|IFmfoU)#r7Mk_`Z8#Af2{d8y|n0`GJePZKfUz-_&nG{1T87J zE;>mJ3}0jCU{Oer*_$KGe{+1}e6&D{DFz!_JpX1RKUMXLAt-6GCMbxFt|k6WCH|)- zMB*9{B$m~nCHVi;0Vzqm2bu;)sF%q9XVd@dPqpDe0HP3qGm?RajbS1^o<*Z;WySCT zbCd9&jA|!2YF1V>z)iYanW8Z*E*XoafoErD&o5E=bJ2qXSzB9kJKwzI37T6lp}&l4mpXMf4Gc#C~DPc-se3G`DCp z0d^MuDf99U6KKE!4R>{s4<}Uy6cm_^gix!^)fO|2r3;1MUH_&r?TZ+s;GJd>uN(X~pS;u-y5V`%B$9yWE+qmXL&L&XC4V4x)Vtvp z7#wK&v*TfBww0;L`7lDgK!IU+EIw|gaux3UXczLW3*a0x|G*{##?uTCB~l$0M8bD8XCnw0gN4#A+(d>BtC zcdBzVt#sJ26j1udaDslIG2eeD^O;ROUy#4dD7?kiy?1r6h}TCRZZa0>TtL^a3y8u3 zrQYiTsWGydl@k*a$){%T-!ry+h>5}B;^vP0O_uTdVqbfHVIkCUS21Xh6R4V{6#s)W zm;C_I(V?Las9?H>nfWq^YE;Ak>odch2=1_&fT7whx3Fej?tzb!T5OMi%21hzj@(OC zRVen;*E8JhidUu2kFqbLZY0ycxH>uYMv`gwu*-R1P2LWSjNq@W#bg&@-79;Exi<~` zkUA#1xRqU|ydk@n+3tT(_Og|bfU|I?^0=Jz{J7e74~CZOS1F;ezsg!MX!?i?Y<6CU z$Kz2QSAJ7;b|?o-B}2@AETg$=X$fR(oRiGs$!IlOM)SP=;~MRv>kbNDGVP8v_WP0K zAQ?=ukk?k$=HVS3)Ek3wWacVa*v8F3^$!hDgOw}+h|BC#eLIk!_63J7Xst3PPfD&* z;+ZRus3jfp3RkuD_PiJP&PUJV_;w=J=f_qJj1$-6l^n|&LZE7p0|>@P)qk$-i`dmT zUHjEf>? zWL%%Fj9?9KfO2!iGQ(C7;?nZ#vkhw6BLwgOyb(hF4lvUi0_(3Ti3 zzk;;5(KKD|1Oky+RMn@CRLpXuodDG$wbrXRDqmCtZ^qR=-Cd!U>(%uZ%EF?q< zD6zA@9ivbq3gp~vB_SpC13n#+XV?A=R#ioK+z&*uvR%qkRXt(YI$20Z1Ys;f0nSFs1AC z=#f_KLxUck41Ci{A;nFMbKy@t6AJ>o>JlK=L7)w<{aig)U*=q2s&Ihqqyg|2QV?=z z5`Lr+eexhnb-@H$Z7qaF%<}Z1Q*ssAeoMbj$(GyZu@$NxjxockE)Y^{?|{|B?_25SmOM}P_?6y-JZMt&iJCA8$r|!7*R@Y zl&zB#fdXj7i!y`8;E_U&r9ag+Ps=~=#f8>-pHY+Z+Xf!3^@q)^i>fzDbDoQyg@Bla z7iN7}doKB}_ga9%C)=1_<)xR05h>Wjbb)r53|Qb*Gu4TDQn_)!ri8zjp3JwEVO~nU zKAA1jl~^2hbA6Ekdd!yYv64EHu6V8xYSH>TuNII|mKCHQmPHV=W6m*)2|CVy+6QF$ z4|2CHzE```b=*!ZwStDih0>^CQ0V9ndYZ_p-N%)=EIf|l^b)n)wL zdLZH>Cm?o}{fr0lGd=_b1r>w_zXA4er_&zRkrFNR-ej+cCr^o-2bEKKA+-UWA@z=f zCJPXHcY7=mk%g7b*+%xR_)`B0QyJ3<1RikIspQMS!52`!Q%4OR1@X$SXi$nxa=X?q zEgYnLy8jkvRpy-|w7n5tr<)IqjEs0~2VTuH?2Rq6YCw)nx5jpAy-wIRN6M~u(o6#C zj#f=)rzh{6Vp-2-XY<=G!)C1}zpdf_H8kYZ1G3?hkCZsM-P%8w99rOPSQjVQv{t}e7*b|&JS8_baovMqL#gN@mmas zFKMMziChLbmHHf@(*xlYK_>?fR$$j8bPVU4PZnabWq@ncd!$H>zFkSKW3?wiqcyTz zzwU#%QcCMf0!2loh2?b?DJ_6Dp?|8`n5bBSHv0yV+5#(|6nwS!6O*0SOYaM4*mE|9 zSj&vvxf=A*qVZOc1q8FOp>V;e7sKRL>0gxvX)3Zg`Om_vhAn=I`iUJR0HYmVg*+$K zDnrIDZa368%+&zR_FxDkue6~_T&~cLnkz@Ptv>-_HXU;bd|4vUYHl#$5 zut&sXOViuwp)aVZlL*(SW(GPsIfa7|BX=zHh~*=#Vu;xIV0Ng~tiz~vwc}BHg5ZJ( zzV_#5*X&s@hx3*G_Fuj=p_?@Z+%R$Y`BHoI>zJ&NgN18!*Ub^4AMflsz^*c|*6(XM zI)qI)+W_48>iJ{6*5{y^W#(;ac0LDbB6x<3ez)T-?2rn_69@0p zT}WfSTbmODB9YU8BhfoddGV4anct4CK@RM>kT|B^{duIp+pg`fldZ8Zq)Z556Wr!; z!~26rd^V#*e|3qvJ`=coa^C`XFN<1MFloW^p%(KuolI6270Ep2G2g7DUE<@*W zvG*Rh#H;m_E}+9|nY}ly57wotG+3AL!#Hr7)t=qjF-Jc@%od(!CI(J8aaY`*>oe*Y z4G00?zNKi6f4tkdBfOQeAu)i^Eu^>v1I~La= z#!VM7>r-jo+crp#4nbZ0Tgl8F69=?6;kPOT2)$~1_6GgUGi_}d63WZ9uqRL+^FHDQ zIcMVSzuwQHX~c^N?zpQYjFQ8Z?#y>-^{SBjoNqiAj)B?4aX#Y7@! z>XPzwPu&0V%pQ&uG@tfJ6>}p8xh+3yE3(xPj%o)GpyVPVZr z8=;Csk$@$z87MCY##q>N#+nIw>_53VYi<-yiUEQ`i+<~}FQ9q|!TS{SGwY+%8A^!M zqA(^iz9tB2YMta^4k=($`xYtdk)K*9>V3Kh+{F^4Nl8iB@6s*+Eb%(&h1o!n8Fq}q zbfE@%?Mg5Ekj83%$^#M-=8@t#*&g}5!N!z{p=jq~7PpWg-E|)x%YD_DkC5=4BNC4G zRi!O81nl*4PuiVDS8|~xJu&>uqV6zZAlF5P*Jdm}Zkn+k z{kUH1aY#RxL47101gpbJ3^PyWBMrUe#j%Mr8rkKX-?RDFa1BTI{?IwUa{RbTNV7qM z2WE##>MMZE?RzJ%abtfTdYV5ch2j-*C=m{HeGFSU6gi4wtQyR-NUlH$!I zCIf4~zlxfx#=uVpGJkm-opKgwm9m*L4(VW4-!6A*?2GvsF8k!VI6fKAT1Em{OoWFJ zmCUWd4_~UkM=S8kf+8vY2iP2ivd*G+PqZ}uGBje*B_C?BVDFo&In0lM^F+>wHouZx zTmv=FB9#n5=3Tms%gaUrpl6B#3cakior^3$d!U&72%_51*bi?sW0l$b6^d)JIv4tp zCYazUAcyF@G&+~uQ-wVhJ(_Lpc0dLbXAG}O$ZTf(gLnJ$#f z6LtG>c0a#bK@oU!Tz>cHs1~KnUL&*0*9_H6iCA3BQ`iPFD7SP}cHq;(M)UcKOmmx9 z;vnl1y%oF*zvS zcsJ~OlUHg=sjvOsaR(ZaN{kv1Fc@G2d1a5HKtgHQd`e=)(xgHyN8L0G@m?D5MCq1A zB_>NYfBR`b-5O9bn%z!6K(N54WPff9jzeuV7PZ1XPGYDu9U`Zx&JW@P{I6(kO-!IC zb!LD)LQ#mGuC^lhM_?QI*~p6nyTm9W{aGK_q9gB6lo)P&D}X_VU~uSB9wUR$J#KG; zz7%H8qNP5PwXqzGpIAqgj1#1g@Akv6o|OQi+sZ|H@YkQ)qBsK$P>(Xt?bX$l$#-oY zTlTA3ci>!oipWz;iw3M}#6~_ae>rW9*@1Yc2m9S1xhNwUwJX*Yf<*h6VoZso@a<6gUbDdthnvaL4tz^=L+wVq#`+@0B zvX;qf)jwq!p76vkFRf6>1*{@~l+GB0pqQAhgH~bTIEm+XGT^1oUAM-RoTO&TsR8Kf zTa9*p0q&vSA^umWW4e*#q7Rv)X_OpAOG0sJS}LtvP|+VffVq=4?rbw&XbTc!g@+0LnaCJozOf~b_4=JWjRY-b2A{|g^$Oj=f_)4NF zuys%i0dF@bFH7R6AXOCrIwr#|@jl!8HC#z%KUZ=DAl1Jl|5`v1Y*TMoioKGKK%wv6V&)qXMy@ zu=%Jt$HoH4I7YmZV#vPMJ$IYMLfY z2mbt#-xeSxBV#=kVd%IYUT&uFIm}&WwI}Iz3iX0y5}55G(Z=drW=&)cvt=GzF(RaI z_)z}NV7J^R(4e58wANLX)7mxFxpgz)F&i~nhfFw!cBT7VWx^xO!Xs?&N{@IyKXtY6V4u`y{)dV8oiTHAE7N=u@YH%y9fix(sNI`-S zq;M#AplpYR8y?wKK|oraq#1rE7=jbe2;;r*;A=tdQ7~^>tw2c|4l|G1vkE z`SZARzcJiw4=ZQ{3yTAYJ`#;sSKK@LB`9SD22~9ts7t^>GNhyaI669pks;n%s-Ik* z-bB6siw*0a`w`rd|H9+<^X1Mo3M%0$0Q4WdiGKD^!0EXsiZc-LMu#^>;VAuNGsvSf zY<$nfADleaK?)VXL=h&%|pzYEC7#t`Ljy=v+iIQt9L$o>HWGJWonG24=3~cfZ@rfW@pD65hM}a#> zvuhUxmcHSSxXqQ*ucB1TY-vL{?AgEVy)e4Kaza#AN)DTI0(w2Gg7o$qQxQ}>Wi0;i z;2@x~va%$$el%#L@s;s{A!9!w>*Z9;;ib>_we?(paLO_}aK z);o{$eZ0*v8~-5mQ(92RPJA}fA98aU`R)Eho>1^Fv^1{` z6jU&SvTgcF1PEz>$M&N?A`RBaSHZ4fD-Er7?KA@0LbUNpY}P2iL>1+CL;jXmiBM9}Rmo!mFU?ixBptzQJIDnk4rn!hYt% zIpsdtEu|<2JF*i+fyo_LAn5MVrVJi!@CGP&GVf*2&p%o2iFp9(f+uj;u){Lx`e0=Z zw3s_RCFKjFY?jsX@4*7CVkY1lr4D6n{B@T=WByZP8DhX?*bw|WD3p$u7ZnYg@aHD@ z%=i$W%Tt-9cAPfhXlGVRx_GCs=QmGjKeLlXzO=6}oe?KjT-MGt9c6E}d9lAver$By zwSUM8m@!jqdra_rY)*J6H?=IN`**%XBIzIn0*d z$T+8!>PFht7a8g_^3z{>X2ms86vKvjWfb46-^EY@1g}~&>Z8S7s3$4m{Vr3ln=8+6 zms0(fU8ak%yaDN+>4SAuC8)h#yorZtKZmqBuCK1%riU@R&BzwzGkKfLNKV~WWb9`K9 z2~&ey+sZL?aQTJTjpJad|19blfNa~6pN89wm3YP_I5C7510gwffSHX=aip{hyC2#8 zs^b4@q`0s>VIbA~0Kd4SWTVv~mid|CL+8N^V4 ztx~cnq7sOH{w>mnqVPimG-U4@c*Q_ANPEGfi=R9eeHi7#09zW&RUjE0CkBZx4(%6f z>5Fr2TVrisMZHY~d(uQmz*Zkl@GS!k6__M6@|D}>kwM%*Z~usbzbC`fdF_k;$Q^^E z6pyAo6p1e!h^Bp5%jijrUBZAz)^;CYH!|RJLX0}IrM?ydg;AKFN(w)Y!e=g`DGjwR z{Q#Q3GI$dJStDdsNBu`x@%#|Rsr#+fvgJUU`%`V4FbIiex2gi>8S_>YcF)LIH*n~; z#yqugBPd%yWn7@1i?s_-krt0)o$_`Xzbjg8=e*~$6{a0hblyO~k|yK!NkAbjn~0FG zb-^l#LT#G15a=o8lUcA!a>y!v%2Q{*O>0Bhy4^`bcO`;Qe3)~UmqppQ&z;E-Kk$Gd z{*}~gFD)-M;UP^_-w2k1W40{U`;hqP2)mopBCEZ&z~3@8-pNHqBpz)dL>Rv?F*nw!N9MQ)Tz3bUj))#}0 z1+0yzyA!a!I{_wEXjQ3LW6@V1blnS4A3E9^yR(hb;%WZ#NI3km{|{k=iZ@;%$_fP@ zUI4&r@5%Nb3fQSu!mK1aua*W3E$@~DIODq;XV5~f9{9YT`sN{gF5ew!(?&_FWmrl5 zan1ywsr9Q7ff|r(_-9*%XgxJU^qVF76Fr7zuM=xvih>umgGbWQT3JuCw-XN0(+q56 z)+PFk1#dGIy{;6#c@^T*&^gA>6DdpyZFc`gce z;>%d+YhqeaAM}w&tzTzETE$)!y%I?2(kfaSYCCe|*bD?2Xc5eAnomrv*1ujg?%)jQE=_GJzq(FAD(=Ae5Rz-mzt! z6a`3`4B!ztH@=yEiD!=NBH)S!pb}_1Fz)A~!436U4cc)5iu;>RC^OT~c;nm37j8SY zuJc5KZ&J6h8tR`?<5AH=>DFf(DOUT9o(c*I3DGgFhLGxi;dgrhd|N>^jSBEkR;=T~ zs@X>Imi%9#m@yPDJy`f{r%{2^>!9<8kc)YyTXABr-k3s1BGiR8Z=llzeMi zIoMD4zQrq95ikE4k^VWHFP=ARv}W!eug$5L-gnEG+%DIThirzDrs`mNz`te$s826x zR`M3j8GLM@3yw&y%_B8al*zP+q1$H%<9p3OpB!RcBbVJo_buEbxN zL6>b9#G-QVr++*HndHx{7InaWPVW2HjZe7BAyh7|iP)QH<%E54gqG%IZKyh98FV1(Ank|PxjG3@%^18^()^?f#Q#-e7G?;g=+5fJz$zh&v*JF`$xl2oiov$tY?Iw*ZJ^2pemq*UvV@b=R|$h>X3S{}*4M%K<_ zzl6!vIomK9b$MYX-!Fgt=XsWeTAG}Kr;5K%Iq{QWpS76|hbbyknK%Ai=SRa+WpjD$ z`|~#I$!Td^0euKjDE`4(5<|%)ZzY#+x>!d#J=OeWQMutIGto71V=EFf$&CEWn{xJD zh18sM(j0FozcBfa4#I$9N$J&*XHAo&p{h~!sL}BDp52gr?98E}mIymO9$xU)N+lO3k}*eVavJ!lNug z+59z7t+{>ile7W3QbhY2Cw7+ZXynnZu_pQKCI8l69tRneER*4Vv(O%Xj3m;il?OWu zJIOJBdpoQwh4>zRHaAZ!T$(2FD38UtXoy3G|B2bm(%oH(={)zf$f^}9kob}G?D>2n zilx5L(v{~09Zq$-l*Pu9=~!!~e-v7iZMx^p$n^`os<__b3+ayB%(f8{jBDYzX9n(9 zbKlzMnaIqt_zQUHumpJfdgneen#{Eka%`q}-c+UG1vv;4Nw?vbzd)C&uhd8zdEcx@ z5&Aj&XQVw@s`{`$8$C}S_Ya+!{jMO*NGK7!H2cNn=DtcDGO z>$AC7RS#>OSGpV+ptE9Tt$LhT&y3m^gK+;WZIv^Hd6Uh!SQhpG+|=pz=0PNd$U^{Q zs?*#m-Gs^@mIryfkXd}tAMSP}zcPw4^p?x&9Uf$3@+H!B*V3bll1uR2UcUgrKA>=RjH z1Ik#9;WmgO5leJhRLI2#MU|}ZPTi%P92Bb!f4fy5989?l#Hg%{U%o4v9nVo-dTA-g zh=91Txy1Jd7dC>nib2`WU%$pE^Elw6VHIJQvpI;^U_%?&B<#(;eap$OQe19*#pA$6 za6Me|Y&4`xDw1_slgavl@VnC&R)=}6;jFrUhx)Y_I}fyGTUp;EIok#;yIPKYR<|g} zP6!V)H~7{;tK7*-cKwQog-Q-CukYNI^2dLu$evfI`nB@4T$O<^EPF6r%BZ^2R%9_f zHo00c3#WwVvPf{YSgedqz$vTh9r;{V-)u)=55vRc9lAam?5ljEx6d?Ak3uhUOQoBC z7kYu>B;BU{Bm!A{$wvH51L;~q}1|XvydJ@6GC5SoPYdDrIyFVNfu^At)$E=T4 z!##ux){W3?ZqIR=nws=9%#lOnL^5yxX$>R&g)qkAm{p!k&r?x~y}xJp^(zPqK+&tQ zf_u9=uzn+kqbV4k@p>VP46~U|cPBZ=WD8N0@Gf+U*og6p_|c=nY9sr_XaWpGYAj~* zkYmKXZ>n1M7bFLt3PRt$b}${#KSe(99umi*@%;Bk}&ZTAlW7FCN zm6*eh#pxgQl)o`13n%nLDNd{0G&c%e4%za2_1h_DkG=%W7t(4Gr|)?kAP{M@`X zknv+o2{`UIgcIEzYUOW;iGay1ng2Jv_SO-}rk;bbz5PNwjII24Ufd>#1lT`3#GivN z?wg}(&P{n$>I+s^5U6_HQk#}P``o{esu>7Lan>smGqFB5Av3@P2@GHI%aceA&>pEi zZES>i01PE3r{N;2^gf$)fn+Q!2I~AtWqxBgKf~{@+&9gvn7K_`2ZxWq*ZzBtBQ+Lt zIp&qK^S24Kv|n481AMH{(&46G0SW*Yb_4>Ek*S*$k@uUC#}F4Uwne-W0h=8V)ex?t z0OnLQ>q;}l>uFiwA7A0$MG)843f|>8G;1bpS)rn8(nDuwXI};;02%W2Hi*{%73Oxi z7g0$T1Rf}smr8?Dj#Mv8kmI*Jjzbk~Mol)%+p`70#qwviCE#XWoU-G9{>|%*%F1eZ zs8CPlfs@Faooa%BbuKX_f!+;2W(*ICsFF4t!qY`4*8f%fz7KjkrH(+x-Y~ER=yeOB zh_}Yw+<4fD&Kyxf%)}g~_Ebll6xfNbQ{P~6JSJcj$ZE3@bLdV$5r%m4tP(31xNEJb zhBE$W3iW>AOaISrfg->eIOjiJ%R#$qBxV0gBT3A0_wR}_Ri7L-3V7`k6p=%=qJYeb zT3V+`le(DJ0B2R`nZdI3=J*Uk@qwV!g|CbW{9E!HfHl#ZHxEg=zT zlAsOxZx#N{qsgu9h27}KRDa;k%uGzi$UqvWlRtcdgsg%5c6#&-Ikfl$1WsUAu$`z? z8~J>Go^S#=BJORSi^t-C%Ev6fKa_Z76bM=CjU=mt={(&US6rtg|J$}EtE5D5DRpzP zWgYy18gEVe)hispd*I5+$t_M_E`*}V`kWxv*4M*;8YMjRl>s`qP{B&t2<`G49Bu%$ zr2Od@FK=ZIdia!)kqF@BK|g+o++n;R0K{bb%b-MUnSNu$UQz&;c%Znj^Hk3kqD+JYrL zk@a`M3E^ISX#z$gNf!kvDJknmn#{t?VwbLhMLOjl3f3)qQiUkAiZ$C?Lc|x#o15l-lu;TCC-e zh}~&-TTW0&c%@>@6W$k?AYfQD!Nd+NQVAc}?T?zZ3*^aH2^&PaxNZr7BiyDQZ%^Fh ze_|e${RNmGpd{sbr+vGgEw(>O{51odo~yG zY;f=tWBu+cYlWmM({!kRu2TTj9nozIc&AdXSx2rMOhu6GmOPyKnG2F((uReBEfSzx zxdt0ci+BCVSDqLiJ6aF(W7ZuV+Ukm|$8mkz# z_E*P3`jiq_q4lf4lU;8m#|zC5u))qlZ8@6hCLaR+u`wa_%s#om(Iiy%oXjvu$x5y= z>RM_~NDQueZ$k2pAa@?_B;oum4$yl>NRwSSEs0!L zBev`Njxg-i?TzKcb7+ikC5$yNhNqMMz7JNS{5N7Qy~u(!HB!D!Y+5M5EG25FMe&@t z^*MDWi!<>{Tr5;Dky(x_U0SYtgV@X}l-;JKN5pAp><$f@6}`%c_4bh}T?Hw9ERyt@ z->j-@fJHVMDbgZv3k-Zkb9v?5GR|VuhYOHtwYOBn04sQGC5z0$routaHMuQSZxzZS zd~ZC_+CNg!2j6@iZ4S@x(O~`vZ_1Gx$OoE`9qf8b5kbKQZA5!C#m97C{ipW#z}ECL z3!(r{i4ki4rkkneh6C!{=~OR33ws2%6?~s9hs}}B#pGCxr${!VOnhJ6Y6*<7U!fnL zyG}UXq#Md`H!Rkl{-(&4*<8vg*6XIfAx8yR?XI>w{5fBpN#|l{|gXBqp&NDsDf%$)8YR z*lC8>$=5uLA8vaQ(&b|?*2bs@|6JwYcpSp-j)+SKsuf5o#Gd6hNoMOaKvM+lkS!tD zBU5B7jZr~h|n=%Gh6E?6lKnCVc3;hzZQu#@Wy45!$ zQeY&Gin}{^-LF9J`YdxR+B#w%AZaG3aNo~UmY+|n$GMoW6W^uYxb(}853i~oTZ=SS z%Vb03KWy6|3g~Tt{CZC5D_fqe=5X-w<^Dc)t;Ytwm+RgK!$vO)-JsmJNi5I6<1}p3 z1r`4Nra+fnwt?5!!J*vuMGp4lr_5g!`}t@S)!r(Je9*2@ULIy2EaJw;%5aOb?MX~= zBcl^Sp~jn;t?XG7`NjQ(0S+64tC|Hdhk@$K%Ulf7AlM+bfZd<(GD$CT+gK7en;`0Z zzE`M^s1GrxXQo>{i|QUK6xqvPr-3>`u95<&-igyFCuno3e{dSo+$;_>4uJ?n9JJ;g z&gK}7M7g0ZNnQ7^&)%Sx04J=0C>U8F;mYtl8Z#j;0kYa!VzO|_(8t++w@oG#K{MW` z$q6vEw7uy%c!uyvtE;5r^@YcNzvT8@GtFM(8JBr~asc4%z$PBQaK`iH$zS2bEj^0(RDPV}y=KSKVi}Yy2cSP@pU&6}&Fa zsL;g8|CCd2L@si7U>M+CsS`u5bYAPwLp5hXsLu-2!V6pA#bN!#QP=1w8V)%s94P{$d)VlSs-V*te&j=S-v^sGA>`CiQ9&svF3vPDEBv~YTD0Zn0s2Ag_ovp! zj~hU_nmTS!?mE-*5)|HuPV7YfQSDx18v>m|!MpNcWQNY&PTn%CNpfW<7bZ9Qrdm9) zOp2{$sS+kv{pi+!1oaUuRQ=@nh|rfeb)e$X<5+86!v-ktYOi_)tdUH-cch*iRGGnD zYj0(d>P`HAR(=QOQZYy8a@;p1q0{)Z$6<`4VJBv@Sice_z!Z9170fOp!`(HYd3RndUj75m;a-#lctqGeQ5xVX4Dzp;T?B!K=G)e=WrT|M^vM%x$jxKX^w1!&oh6cXA# z@q>o$KyY?&>M zi;D|JwJg^ZvFptN32e|?zGk#d@gf}bBZZlr?QJOHP{EW!PE;!pGB>;YN#uS#bp>pt zG<01Fp-JOCHkxmBsBJgXq3tvFv%4EEgP46%v&kuOVXNSascAtzn29%Vg};uOBqrHP z5B;0l7M1-qStFQ3SEvSarXP@iy@3fGT*dB4Hr0$*)Nsq>K~GSo@3c?xvUCi6aapt@ zkF0a+sjo zroz&i-NA&);9yiWcaa|`7+8;_V(3nV=hVLbyZaC$siP6{BFugNzV$`}Jm6bOr)s2P zN;pb^nhq_VZH4|F#kkwR8hHso(8G>0B|;8?I$o?VO`N&N!pb-t1P*1Jv_)j3t+-Kn z#QZ43bh#12d;Sn9FRR!JXw!i_H=6-N{jITb^qKBYj{#Lf%aC(FHcsQwm_K0e22y7D zarpW99bKK3W=o8Aj~wpJ;&1?DocaAs|2 zAcWmFK2Xp6$kweq<8~Sn5Omvo#1{W7G=4<$4sK8PJ7v8%{tI0TEK@-yilTkRI3soGa34Z{Fh#g~%xkDh?S^|gQk(wS{D@bYXI1Bq2Y7MA|`Sx9<% z`Fg6zyY1F(p(BLfoIL{*Q&)B#1neiAPp!xx>4BrUHtw`gr4)WVa1$_7h}jmfSScz# zV$&&%_M@IA5{ce=v95(M?~|~WXS)&bVz?80*iE^^Iu}E-yj+i14-y6JuYIVF_p`b| z!KzT7>TZu32|?WHO{Qw>!!9-PLbE)s)@h*7d*8o*U*CT%({Src;JP<9`V^-#kP-LC zUu^BtR~$y)Kt1?EO#ScKoL{!x6t3gRCZx5)LXm2d4gq788T}NvGCvd$Ei$R;1Nzvf8sDtD^FY#%4U+ z>K7}$h?C|nhhJ|=ozHX1QP{Xcc$F;2RnRP`|a(^{^%$ozkt;TOKyY> zBG_j#4D|I|-wfugI~Di-px%TX8$wjoz(`aGfhZ$GByLMFy^DUDWFvS(;+L}iD8QaL1ALE$vLKXw|}3b@*jdbkbn=W)}I~$NVY0o zhK&Wz*>OBm+^VK^UVQ0u5>`(kr(F)~Hq zme{A@?op;C-JN)k`uIRfn4|BuxG zJvf2Lx4B@44&m&O;(&Hl@UEsp5&wGFfWz2z|JTjm3*tWxiaI|*W~P1NJBa8y2wX(~ zPra1>28xx=miEB5K(kLZ{0Up7sd0sPV1u{kzC$ekm+XN8n;882{}qJ-Re*ol5hxc2hHOGfwQIEFl3k}nqt*=}DA_-Q=a6v)CA_S$6keQf2(|!Ds-@j!mkj$au z1p6l^W>TI{GivO}Wy>sU{#+5R2j@~e3>Bb%l|@cNb8DXDXdU-d73ks*0^U4Ue3g#6 zF1dUBQF0d**z#Z93R?c0$f!w1r$0~H8h{^6xeq-E06<7fQuqM z!J_}~5#D#8ZWRDulipoAZT!Pa|MScA3_kg>Kx*~xne_jM5BAd!m0e7Tyt5E9 z&w$n$jVpVq2ss-F*&32MSi1uF}Wtj)%*bPq$Ed39qrFPM%&QD568S*P& zWG;Rc{%8>sbzNL0CMI-4Lql)#*Mk4!bidq#nVEsFS{W?C?o_?Ft(JdHO3VX(`)1$kS!VrWUs!DFLZ_V0;AU+%;$akl(- zKjiRyR(Sw@$uH; zX#*z0L8%Y@#eEb8CQkFa-HD=m~lYieq;R>pd^M>dAfov%iz`=zdiM%ISi`m9T1JnoM2XuaHA00NVYdx3f@MG>>Sbn1gjUa8o5qDI=Jxp!9P!o^i z{U*TrtDmSUP;lAlENBB&o z2L`33adL2$ej7nTFNr?GF)by3GN5hEwBrm4=5W@#?)igpx3r?1R3Y2gwA(#mRW_42 zI$TBs%zOqIbPj24*)l2vf;l(_^-l<{QL2NiVKem!VP0fG$y(%DkS!)?-FqCbvz_Rl z!hBBW^Jt3OmF^Lt%4YgMjw(3CTxJk+Gk{-4A@l?k}Rm zeEAamj!JLwhn11_FQWs{_D0aJJW~4dDi1cJ@e!uxwmv;ZSW>+;24|JTb;q5qb0?7u zeIM8_M#Z(*naD#b|KUwO`R`2ioB^`#UuRl^9B$H42%a znxAg=qXB5Hfr4s`cc#+n>O_HovhD@Z)SZ{NgbMKWZP>uA`e9(aGV_Nn0eD z2KPqF9>QwLODzw?iDNR|IZNKZM`=+`1=ibPgxi++!R2J-TExq}IX{2pH1SsVIbZtC zb)!PIu6WiUV71NgKC@pRIe1VF8$78uFMSGvwn;_3UB@rui!t4uxa#o;p6ep538%68 z`XCkN*UnCOlzb*A>wjH`mYvS6x8D-Fy=y`AKa7A|Gd4dhnW;j#NnrPEWNV}g~-rH^jscD>}b&}QOsI{J_aAtB+2EsfGYZV1~A z6JYPhL<)PK5`t6wkkuApa#})W;;KMYu9u-wk{r#vm z49%|Mwv7H8pXjw)Y2)4tvwhc7$>Z)HVG5B1e{C;a1jcSF$co1}@KruTwzt(9q&!nU zo@4Lmxk@H|%T>(@YYbDsKUqtp5_CCu=HyhWS3%8XfK5R1LJ}awk}+#baWLCpAI*3DajdyDaj+?Bz<)J{Ex5EAK}w$Q}6Cd_<|9*fj|(G>Ck)wY%d+a zS_-I&3BN?fW!LGVQ547X0pF50&95W7Vz%Gvcl*=Je9W@wr(Peg!7b9pc|z~p)MN%p zx;)-_wv6z-_OcwUPb-*P3F|(;*uvarH&P2*{KCBi%$5qg4zrq~C~i0J1wTB#)QtSC zCi+Z9U-fq9cw?AU#J=GRBa7iQ_SAQKUVo+9htqjILWw)S|=AxC?4aZ-cZduO!tc>zOwCaL@z)m7qE3Tq1l{(1g% zM}+j?Z@z993^3$!bMLVMxaGP#!reVbNlB?%00hmDKXZa+1Sr8(J_gm7(%GUKCK{oT3XaOB%fkZ0I}$wDm!}VIWP=5WR}K{0kzmE z&U}4j1K_@X_kc@QVn?s~TYSu>az~@*(w}0t+9B^WB%+cAu&}rz7_g}kiP7?(^Je5&Z{UqG~ z!+kHytoR*Z*_dRIn}160rX586Jt7IilkBY#bsM4;)L_bxLCNEU`f&slzj++UXH1SY zMbf@z^qx*Sv+HwN$ZrvgHbS}(n{oS$PhW%`LsSmB^f1RZutN_{YFQD_)Jct$DH($! z@+gUKYAI>XHWF!}M4PmW7no@c{H1p3^LQL~a!w6buU=6gv)U$4f+!Y;+8j@gZ*Z}F z??~D}Y29|ezkH|Lv$SJ0gXD#KYq$QdAE1Zbo}IG7eZ1X~-Q5}(LqJi@?Xmy#;FeiA zwH1s*2#5pRP@xogTV}Nqp`}!j!6mNa${~an+I)LM!S+{&&@a1M#iB12l2D|jnk$cU zbu=FhJy#kI%$2`1zNqSyKmZ<)?$oS`6lp!3Q}~3HEsm{08DUwqJ>#A-FLAD`rcIud za{CMA(aqaWUOwcV#vz9*kaw;=>|1XhgQSRdz>^$|y>VE$&g*T{t4!ofhO@TxzWE-e zRsmGH@RwG>%^GX=7?@W60S_+LSfJ@XV)&V%r>1LVGhc-59s_H9Pk)-&VFgf%6 zO2QHwo${q$-y2oy7v2O2PH;lmx1i^odNn#Cs%M*aR;?S0ewM^TSOdFZu<#T^Bxs`_-* zPh6+OAPa3)DTS}?TWD(<84uShh{CbGA94>ocl9fH!WFT^NJ}eOr@&g*ZPM-wkdci-n?!li)hi~*4 zX_u;s&o?UHeZWBgn&~%sDJcpKRWTb-sC*S<+I;ERrCIW(=CxvO*|}%Zxxv}4sMFf6 zC?%$7*m*E2Hx|EfixfcXC;{waa$IOu%zuYo-i`WJO8NejiHSU4`9pZ{p{>(vTUy|#VZ?I2`1xm8iD{E*3*So4(eZE#jhofts zBjT=vGooJl+24~SSj^1mBUq1ApGl}F%YTTnYhTpCa;241$QF2FRs13HRW_^$?VD?A z_vf-juVp1(>**&U*d*#5*)?PibM@He_+L#*ga2pwopg`0pl{>-$jkD=tHHs+i68DX zY&vBOv+suAtA)%`zjR(^L3v;Uhinx!51#nv{jo%fD3J~IFD#He0kbO4<{VIx%{9aO zqPBF}TFz?EJ%WRI32mx11Ii5I#W^4Ooy|z=MpKb_Qr(eLN?Y1=!c-|YgD0v-_3^2x zhv{DC<))|U*;!c#hdE!(Qa!X>`GhX#X}?>a=-^-vH6yH|9jX`KD>_L><(1_Ec8Wiv zYr26s@tBXPUq=4?sb`YIp1)PV*0{=-ayVQP$9=}iML{s|!CwwDk)Nn*&k2wK-njD@ z6choe(y@`Hk^28cb}$2c>7_={>hC}^)vNc8O#3t_WDZ9OPcEekrTs_=K$E=+hR1dH z{P_a@LmppjN{nh56|+jMWv<3rh6-LTX9Qq?IaTn#UjFs3KAH(k{sa#Z&NGRB_tF2k zcdh`RfOgPqA7UgX@v-Ot^Y$GYp?K#xk>jWM`2X{*Lp4E^+b_ge*qI0N zg*}?7g_Z^X9WVAgKoP|gza+kjAtyKgxi~%3r^K%xP{vNbDag(}%=W9|rbGW1DgscD zr+cWD8G)$mHRS@(oZ)c+q5nWk{()0iKm?WocYG?||Awx-03XUp<$s|qAi)E`c7zYR uCPBj0KVZw /tmp/checksum \ + && curl -Ls https://github.com/envoyproxy/misc/releases/download/jaegertracing-plugin/jaegertracing-plugin-centos.tar.gz \ + | tar zxf - -C /usr/local/lib \ + && mv /usr/local/lib/libjaegertracing.so.0.4.2 /usr/local/lib/libjaegertracing_plugin.so \ + && sha256sum -c /tmp/checksum \ + && rm /tmp/checksum + + +FROM envoy-base AS envoy-load-balancing +RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \ + --mount=type=cache,target=/var/lib/apt/lists,sharing=locked \ + apt-get -qq update -y \ + && apt-get -qq install --no-install-recommends -y python3 +COPY ./client.py /client.py +EXPOSE 8001 + + +FROM envoy-base AS envoy-double-proxy-base +COPY --chmod=777 ./certs/ca.crt /certs/cacert.pem + + +FROM envoy-double-proxy-base AS envoy-double-proxy-frontend +COPY --chmod=777 ./certs/postgres-frontend.example.com.crt /certs/clientcert.pem +COPY --chmod=777 ./certs/example.com.key /certs/clientkey.pem + + +FROM envoy-double-proxy-base AS envoy-double-proxy-backend +COPY --chmod=777 ./certs/postgres-backend.example.com.crt /certs/servercert.pem +COPY --chmod=777 ./certs/example.com.key /certs/serverkey.pem + + +FROM envoy-base AS envoy-certs +COPY --chmod=777 ./certs /certs + + +FROM envoy-base AS envoy-lua +ADD --chmod=777 ./lib/mylibrary.lua /lib/mylibrary.lua + + +FROM envoy-base AS envoy-go +ENV GODEBUG=cgocheck=0 +COPY --chmod=777 ./lib/simple.so /lib/simple.so + + +FROM envoy-base AS envoy-ext_authz +COPY --chmod=777 ./config /etc/envoy-config +COPY --chmod=777 ./run_envoy.sh /run_envoy.sh +CMD ["/bin/sh", "/run_envoy.sh"] + + +FROM envoy-base AS envoy-dynamic-fs +COPY --chmod=777 ./configs /var/lib/envoy + + +FROM envoy-base diff --git a/sandboxes/sandboxes/shared/fleetspeak-client/Dockerfile b/sandboxes/sandboxes/shared/fleetspeak-client/Dockerfile new file mode 100644 index 00000000..7c79a8f9 --- /dev/null +++ b/sandboxes/sandboxes/shared/fleetspeak-client/Dockerfile @@ -0,0 +1,34 @@ +# Copyright 2025 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +FROM ghcr.io/google/fleetspeak:latest AS fleetspeakbin +FROM golang:1.22 AS builder + +RUN apt update && \ + apt install -y python3-venv && \ + apt install -y pip && \ + apt install -y git + +WORKDIR / + +SHELL ["/bin/bash", "-c"] + +RUN git clone https://github.com/google/fleetspeak.git && \ + cd fleetspeak && \ + python3 -m venv /venv/FSENV && \ + source /venv/FSENV/bin/activate && \ + pip install wheel pytest && \ + pip install -e ./fleetspeak_python[test] && \ + pip install -e ./frr_python + +COPY --from=fleetspeakbin /fleetspeak/bin/client /fleetspeak/bin/client diff --git a/sandboxes/sandboxes/shared/greeter/Dockerfile b/sandboxes/sandboxes/shared/greeter/Dockerfile new file mode 100644 index 00000000..674665d6 --- /dev/null +++ b/sandboxes/sandboxes/shared/greeter/Dockerfile @@ -0,0 +1,34 @@ +# Copyright 2025 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +FROM golang:1.22 AS builder + +RUN apt update && \ + apt install -y python3-venv && \ + apt install -y pip && \ + apt install -y git + +WORKDIR / + +SHELL ["/bin/bash", "-c"] + +RUN git clone https://github.com/google/fleetspeak.git + +RUN cd /fleetspeak && \ + python3 -m venv /venv/FSENV && \ + source /venv/FSENV/bin/activate && \ + pip install wheel pytest && \ + pip install -e ./fleetspeak_python[test] && \ + pip install -e ./frr_python + +COPY greeter.py . diff --git a/sandboxes/sandboxes/shared/greeter/greeter.py b/sandboxes/sandboxes/shared/greeter/greeter.py new file mode 100644 index 00000000..c0805719 --- /dev/null +++ b/sandboxes/sandboxes/shared/greeter/greeter.py @@ -0,0 +1,60 @@ +# Copyright 2023 Google Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +import binascii +import logging + +from absl import app +from absl import flags +from fleetspeak.server_connector.connector import InsecureGRPCServiceClient +from fleetspeak.src.common.proto.fleetspeak.common_pb2 import Message +from google.protobuf.wrappers_pb2 import StringValue + + +FLAGS = flags.FLAGS + +flags.DEFINE_string( + name="client_id", + default="", + help="An id of the client to send the messages to.", +) + + +def listener(message, context): + del context # Unused + + data = StringValue() + message.data.Unpack(data) + logging.info(f"RESPONSE: {data.value}") + + +def main(argv=None): + del argv # Unused. + + service_client = InsecureGRPCServiceClient("greeter") + service_client.Listen(listener) + + while True: + data = StringValue() + data.value = input("Enter your name: ") + + request = Message() + request.destination.client_id = binascii.unhexlify(FLAGS.client_id) + request.destination.service_name = "hello" + request.data.Pack(data) + + service_client.Send(request) + + +if __name__ == "__main__": + app.run(main) From 244ddd6cbda2216249f2ce23c014371e414d71f2 Mon Sep 17 00:00:00 2001 From: Dan Aschwanden Date: Sun, 7 Dec 2025 18:07:59 +0000 Subject: [PATCH 2/4] Fix cleartext-header-mode docker file --- sandboxes/cleartext-header-mode/docker-compose.yaml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/sandboxes/cleartext-header-mode/docker-compose.yaml b/sandboxes/cleartext-header-mode/docker-compose.yaml index 7d07c0b3..cf9d0180 100644 --- a/sandboxes/cleartext-header-mode/docker-compose.yaml +++ b/sandboxes/cleartext-header-mode/docker-compose.yaml @@ -29,14 +29,12 @@ services: - "10000:10000" fleetspeak-server: - build: - context: . - dockerfile: ../shared/fleetspeak-server/Dockerfile + image: ghcr.io/google/fleetspeak:latest hostname: fleetspeak-server depends_on: mysql-server: condition: service_healthy - entrypoint: ["/app/bin/server", "-components_config", "/config/fleetspeak-server/components.textproto", "-services_config", "/config/fleetspeak-server/services.textproto", "-alsologtostderr"] + entrypoint: ["/fleetspeak/bin/server", "-components_config", "/config/fleetspeak-server/components.textproto", "-services_config", "/config/fleetspeak-server/services.textproto", "-alsologtostderr"] volumes: - "./config:/config" ports: @@ -60,6 +58,6 @@ services: depends_on: fleetspeak-server: condition: service_healthy - entrypoint: ["/app/bin/client", "-config", "/config/fleetspeak-client/config.textproto", "-alsologtostderr"] + entrypoint: ["/fleetspeak/bin/client", "-config", "/config/fleetspeak-client/config.textproto", "-alsologtostderr"] volumes: - "./config:/config" From be864ce3f929f661b012bcf30a0d368e1c0b2034 Mon Sep 17 00:00:00 2001 From: daschwanden Date: Sun, 7 Dec 2025 19:18:56 +0100 Subject: [PATCH 3/4] Update Dockerfile --- sandboxes/shared/envoy/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sandboxes/shared/envoy/Dockerfile b/sandboxes/shared/envoy/Dockerfile index 0a0fa92a..8cf7416f 100644 --- a/sandboxes/shared/envoy/Dockerfile +++ b/sandboxes/shared/envoy/Dockerfile @@ -2,7 +2,7 @@ ARG ENVOY_IMAGE="${ENVOY_IMAGE:-envoyproxy/envoy}" ARG ENVOY_VARIANT="${ENVOY_VARIANT:-dev}" -FROM ${ENVOY_IMAGE}:${ENVOY_VARIANT} as envoy-base +FROM ${ENVOY_IMAGE}:${ENVOY_VARIANT} AS envoy-base ARG ENVOY_CONFIG=envoy.yaml ENV ENVOY_CONFIG="$ENVOY_CONFIG" ENV DEBIAN_FRONTEND=noninteractive From 37d7089e84a6fa1be44bcf31bc3f56f9a3cb54b5 Mon Sep 17 00:00:00 2001 From: Dan Aschwanden Date: Sun, 7 Dec 2025 18:23:32 +0000 Subject: [PATCH 4/4] Remove sandbox subfolder --- sandboxes/sandboxes/README.md | 96 --------------- .../sandboxes/cleartext-header-mode/README.md | 83 ------------- .../config/fleetspeak-client/communicator.txt | 1 - .../config/fleetspeak-client/config.textproto | 9 -- .../textservices/hello.service | 8 -- .../fleetspeak-server/components.textproto | 19 --- .../fleetspeak-server/services.textproto | 10 -- .../config/fleetspeak.textproto | 25 ---- .../cleartext-header-mode/config/hello.py | 41 ------- .../cleartext-header-mode/config/hello.sh | 2 - .../cleartext-header-mode/docker-compose.yaml | 65 ---------- .../envoy-https-http.yaml | 110 ----------------- .../sandboxes/cleartext-xfcc-mode/README.md | 76 ------------ .../config/fleetspeak-client/communicator.txt | 1 - .../config/fleetspeak-client/config.textproto | 8 -- .../textservices/hello.service | 8 -- .../fleetspeak-server/components.textproto | 18 --- .../fleetspeak-server/services.textproto | 10 -- .../config/fleetspeak.textproto | 25 ---- .../cleartext-xfcc-mode/config/hello.py | 41 ------- .../cleartext-xfcc-mode/config/hello.sh | 2 - .../cleartext-xfcc-mode/docker-compose.yaml | 63 ---------- .../cleartext-xfcc-mode/envoy-https-http.yaml | 77 ------------ sandboxes/sandboxes/createConfig.sh | 65 ---------- .../diagrams/cleartextHeaderMode_355.png | Bin 38835 -> 0 bytes .../diagrams/cleartextXfccMode_355.png | Bin 35686 -> 0 bytes .../sandboxes/diagrams/directMode_355.png | Bin 28166 -> 0 bytes .../diagrams/httpsHeaderMode_355.png | Bin 37799 -> 0 bytes .../diagrams/passthroughMode_355.png | Bin 37088 -> 0 bytes .../sandboxes/direct-mtls-mode/README.md | 58 --------- .../config/fleetspeak-client/communicator.txt | 1 - .../config/fleetspeak-client/config.textproto | 8 -- .../textservices/hello.service | 8 -- .../fleetspeak-server/components.textproto | 13 -- .../fleetspeak-server/services.textproto | 10 -- .../config/fleetspeak.textproto | 25 ---- .../direct-mtls-mode/config/hello.py | 41 ------- .../direct-mtls-mode/config/hello.sh | 2 - .../direct-mtls-mode/docker-compose.yaml | 53 -------- .../sandboxes/https-header-mode/README.md | 81 ------------- .../config/fleetspeak-client/communicator.txt | 1 - .../config/fleetspeak-client/config.textproto | 9 -- .../textservices/hello.service | 8 -- .../fleetspeak-server/components.textproto | 19 --- .../fleetspeak-server/services.textproto | 10 -- .../config/fleetspeak.textproto | 25 ---- .../https-header-mode/config/hello.py | 41 ------- .../https-header-mode/config/hello.sh | 2 - .../https-header-mode/docker-compose.yaml | 63 ---------- .../https-header-mode/envoy-https-https.yaml | 114 ------------------ .../sandboxes/passthrough-mode/README.md | 59 --------- .../config/fleetspeak-client/communicator.txt | 1 - .../config/fleetspeak-client/config.textproto | 8 -- .../textservices/hello.service | 8 -- .../fleetspeak-server/components.textproto | 13 -- .../fleetspeak-server/services.textproto | 10 -- .../config/fleetspeak.textproto | 25 ---- .../passthrough-mode/config/hello.py | 41 ------- .../passthrough-mode/config/hello.sh | 2 - .../passthrough-mode/docker-compose.yaml | 65 ---------- .../envoy-https-passthrough.yaml | 27 ----- sandboxes/sandboxes/shared/envoy/Dockerfile | 98 --------------- .../shared/fleetspeak-client/Dockerfile | 34 ------ sandboxes/sandboxes/shared/greeter/Dockerfile | 34 ------ sandboxes/sandboxes/shared/greeter/greeter.py | 60 --------- 65 files changed, 1940 deletions(-) delete mode 100644 sandboxes/sandboxes/README.md delete mode 100644 sandboxes/sandboxes/cleartext-header-mode/README.md delete mode 100644 sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-client/communicator.txt delete mode 100644 sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-client/config.textproto delete mode 100644 sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-client/textservices/hello.service delete mode 100644 sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-server/components.textproto delete mode 100644 sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-server/services.textproto delete mode 100644 sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak.textproto delete mode 100644 sandboxes/sandboxes/cleartext-header-mode/config/hello.py delete mode 100755 sandboxes/sandboxes/cleartext-header-mode/config/hello.sh delete mode 100644 sandboxes/sandboxes/cleartext-header-mode/docker-compose.yaml delete mode 100644 sandboxes/sandboxes/cleartext-header-mode/envoy-https-http.yaml delete mode 100644 sandboxes/sandboxes/cleartext-xfcc-mode/README.md delete mode 100644 sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-client/communicator.txt delete mode 100644 sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-client/config.textproto delete mode 100644 sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-client/textservices/hello.service delete mode 100644 sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-server/components.textproto delete mode 100644 sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-server/services.textproto delete mode 100644 sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak.textproto delete mode 100644 sandboxes/sandboxes/cleartext-xfcc-mode/config/hello.py delete mode 100755 sandboxes/sandboxes/cleartext-xfcc-mode/config/hello.sh delete mode 100644 sandboxes/sandboxes/cleartext-xfcc-mode/docker-compose.yaml delete mode 100644 sandboxes/sandboxes/cleartext-xfcc-mode/envoy-https-http.yaml delete mode 100755 sandboxes/sandboxes/createConfig.sh delete mode 100644 sandboxes/sandboxes/diagrams/cleartextHeaderMode_355.png delete mode 100644 sandboxes/sandboxes/diagrams/cleartextXfccMode_355.png delete mode 100644 sandboxes/sandboxes/diagrams/directMode_355.png delete mode 100644 sandboxes/sandboxes/diagrams/httpsHeaderMode_355.png delete mode 100644 sandboxes/sandboxes/diagrams/passthroughMode_355.png delete mode 100644 sandboxes/sandboxes/direct-mtls-mode/README.md delete mode 100644 sandboxes/sandboxes/direct-mtls-mode/config/fleetspeak-client/communicator.txt delete mode 100644 sandboxes/sandboxes/direct-mtls-mode/config/fleetspeak-client/config.textproto delete mode 100644 sandboxes/sandboxes/direct-mtls-mode/config/fleetspeak-client/textservices/hello.service delete mode 100644 sandboxes/sandboxes/direct-mtls-mode/config/fleetspeak-server/components.textproto delete mode 100644 sandboxes/sandboxes/direct-mtls-mode/config/fleetspeak-server/services.textproto delete mode 100644 sandboxes/sandboxes/direct-mtls-mode/config/fleetspeak.textproto delete mode 100644 sandboxes/sandboxes/direct-mtls-mode/config/hello.py delete mode 100755 sandboxes/sandboxes/direct-mtls-mode/config/hello.sh delete mode 100644 sandboxes/sandboxes/direct-mtls-mode/docker-compose.yaml delete mode 100644 sandboxes/sandboxes/https-header-mode/README.md delete mode 100644 sandboxes/sandboxes/https-header-mode/config/fleetspeak-client/communicator.txt delete mode 100644 sandboxes/sandboxes/https-header-mode/config/fleetspeak-client/config.textproto delete mode 100644 sandboxes/sandboxes/https-header-mode/config/fleetspeak-client/textservices/hello.service delete mode 100644 sandboxes/sandboxes/https-header-mode/config/fleetspeak-server/components.textproto delete mode 100644 sandboxes/sandboxes/https-header-mode/config/fleetspeak-server/services.textproto delete mode 100644 sandboxes/sandboxes/https-header-mode/config/fleetspeak.textproto delete mode 100644 sandboxes/sandboxes/https-header-mode/config/hello.py delete mode 100755 sandboxes/sandboxes/https-header-mode/config/hello.sh delete mode 100644 sandboxes/sandboxes/https-header-mode/docker-compose.yaml delete mode 100644 sandboxes/sandboxes/https-header-mode/envoy-https-https.yaml delete mode 100644 sandboxes/sandboxes/passthrough-mode/README.md delete mode 100644 sandboxes/sandboxes/passthrough-mode/config/fleetspeak-client/communicator.txt delete mode 100644 sandboxes/sandboxes/passthrough-mode/config/fleetspeak-client/config.textproto delete mode 100644 sandboxes/sandboxes/passthrough-mode/config/fleetspeak-client/textservices/hello.service delete mode 100644 sandboxes/sandboxes/passthrough-mode/config/fleetspeak-server/components.textproto delete mode 100644 sandboxes/sandboxes/passthrough-mode/config/fleetspeak-server/services.textproto delete mode 100644 sandboxes/sandboxes/passthrough-mode/config/fleetspeak.textproto delete mode 100644 sandboxes/sandboxes/passthrough-mode/config/hello.py delete mode 100755 sandboxes/sandboxes/passthrough-mode/config/hello.sh delete mode 100644 sandboxes/sandboxes/passthrough-mode/docker-compose.yaml delete mode 100644 sandboxes/sandboxes/passthrough-mode/envoy-https-passthrough.yaml delete mode 100644 sandboxes/sandboxes/shared/envoy/Dockerfile delete mode 100644 sandboxes/sandboxes/shared/fleetspeak-client/Dockerfile delete mode 100644 sandboxes/sandboxes/shared/greeter/Dockerfile delete mode 100644 sandboxes/sandboxes/shared/greeter/greeter.py diff --git a/sandboxes/sandboxes/README.md b/sandboxes/sandboxes/README.md deleted file mode 100644 index e4909a3a..00000000 --- a/sandboxes/sandboxes/README.md +++ /dev/null @@ -1,96 +0,0 @@ -# Frontend mode Sandboxes - -We have created a number of sandboxes using Docker Compose that set up -environments to test out Fleetspeak’s frontend mode features and show sample -configurations. - -These can be used to learn about Fleetspeak's frontend mode options and how to -model your own configurations. The sandboxes use a containerised version of the -Fleetspeak demo setup described in the -[guide documentation page](https://github.com/google/fleetspeak/blob/master/docs/guide.md). - -Before you begin you will need to install the sandbox environment. - -## Setup the sandbox environment - -- [Install Docker](#install-docker) -- [Install docker compose](#install-docker-compose) -- [Install Git](#install-git) -- [Clone the Fleetspeak repository](#clone-the-fleetspeak-repository) -- [Create Configurations](#create-configurations) -- [Build test app](#build-test-app) - -## The following sandboxes are available - -- [Direct mTLS mode](./direct-mtls-mode) - - end-to-end mTLS - - Fleetspeak's original design -- [Passthrough mode](./passthrough-mode) - - TCP proxy passthrough -- [HTTPS header mode](./https-header-mode) - - L7 proxy terminates mTLS connection - - Proxy passes client side certificate and checksum via HTTP headers - - TLS connection from proxy to Fleetspeak -- [Cleartext header mode](./cleartext-header-mode) - - L7 proxy terminates mTLS connection - - Proxy passes client side certificate and checksum via HTTP headers - - Cleartext connection from proxy to Fleetspeak -- [Cleartext xfcc mode](./cleartext-xfcc-mode) - - L7 proxy terminates mTLS connection - - Proxy passes client side certificate and via HTTP header - - Cleartext connection from proxy to Fleetspeak - -## Setup instructions - -### Install docker - -Ensure that you have a recent versions of `docker` installed. - -You will need a minimum version of `19.03.0+`. - -Version `20.10` is well tested, and has the benefit of included `compose`. - -The user account running the examples will need to have permission to use Docker -on your system. - -Full instructions for installing Docker can be found on the -[Docker website](https://docs.docker.com/get-docker/). - -### Install docker compose - -The examples use -[Docker compose configuration version 3.8](https://docs.docker.com/compose/compose-file/compose-versioning/#version-38). - -You will need to a fairly recent version of -[Docker Compose](https://docs.docker.com/compose/). - -### Install Git - -The Fleetspeak project repository is managed using [Git](https://git-scm.com/). - -You can -[find instructions for installing Git on various operating systems here](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git). - -### Clone the Fleetspeak repository - -If you have not cloned the Fleetspeak repository already, clone it with: - -``` -git clone https://github.com/google/fleetspeak -``` - -### Create configurations - -``` -cd fleetspeak/sandboxes -./createConfig.sh -cd - -``` - -### Build test app - -``` -cd fleetspeak/sandboxes/shared/greeter/ -docker build -t greeter . -cd - -``` diff --git a/sandboxes/sandboxes/cleartext-header-mode/README.md b/sandboxes/sandboxes/cleartext-header-mode/README.md deleted file mode 100644 index 3f5ae5c7..00000000 --- a/sandboxes/sandboxes/cleartext-header-mode/README.md +++ /dev/null @@ -1,83 +0,0 @@ -# Cleartext Header Mode - -## Introduction - -This sandbox demonstrates how to run Fleetspeak in 'cleartext header mode'. - -The Fleetspeak frontend (the server) is using the Fleetspeak client's -certficiate to identify it by deriving the client id from the certficiate. - -In cases where the mTLS connection is terminated on a load balancer between the -Fleetspeak client and the Fleetspeak server the client certificate has to be -forwarded by other means. - -This sandbox demonstrates how this can be achieved by adding the certificate -into an additional header (the `client_certificate_header` in the diagram -below). - -Furthermore, this sandbox also demonstrates how the client certificate checksum -(the `client_certificate_checksum_header` in the diagram below) that the load -balancers provide can be used to verify that the certificate received in the -additional header is the same that the load balancer received during the mTLS -exchange. \ -Additional information on how the checksum is derived from the certificate can -be -[found here](https://datatracker.ietf.org/doc/html/draft-ietf-oauth-mtls-17#section-3.1). - -The setup in this sandbox with the Fleetspeak frontend running in cleartext mode -would be useful for cases where the Fleetspeak server is operated in a Service -Mesh environment. - -![Cleartext Header Mode](../diagrams/cleartextHeaderMode_355.png "Cleartext Header Mode") - -## Setup - -Before you run the commands below make sure that you successfully executed the -steps outlined in the [setup instructions](../../sandboxes#setup-instructions). - -## Bring up the test environment - -``` -docker compose up --build -d - - ✔ Network cleartext-header-mode_default Created 0.1s - ✔ Container cleartext-header-mode-front-envoy-1 Started 0.1s - ✔ Container cleartext-header-mode-mysql-server-1 Healthy 0.1s - ✔ Container cleartext-header-mode-fleetspeak-server-1 Healthy 0.0s - ✔ Container cleartext-header-mode-fleetspeak-client-1 Started 0.0s -``` - -## Find the client id - -``` -docker logs cleartext-header-mode-fleetspeak-client-1 -# The output should look similar to the below - -# config.go:44] Read 1 trusted certificates. -# manager.go:103] initial load of writeback failed (continuing): open /fleetspeak-client.state: no such file or directory -# manager.go:165] Using new client id: **768dbfef556d2341** -# client.go:175] No signed service configs could be read; continuing: invalid signed services directory path: unable to stat path [/config/fleetspeak-client/services]: stat /config/fleetspeak-client/services: no such file or directory -services.go:146] Started service hello with config: -# name:"hello" factory:"Daemon" config:{[type.googleapis.com/fleetspeak.daemonservice.Config]:{argv:"/venv/FSENV/bin/python" argv:"/config/hello.py"}} -# system_service.go:251] Unable to get revoked certificate list: unable to retrieve file, last attempt failed with: failed with http response code: 404 - -# Run the test app container -docker run -it --name greeter --network cleartext-header-mode_default -p 1337:1337 --rm greeter bash -``` - -## Run the test app - -``` -# In the above find the client id and export it in a variable -export CLIENT_ID=**768dbfef556d2341** - -# Start the test app, when it runs add your input and hit enter. You should see the string being ecohed. -/venv/FSENV/bin/python ./greeter.py --client_id=$CLIENT_ID --fleetspeak_message_listen_address="0.0.0.0:1337" \ - --fleetspeak_server="fleetspeak-server:9091" --alsologtostderr -``` - -## Bring down the test environment - -``` -docker compose down -``` diff --git a/sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-client/communicator.txt b/sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-client/communicator.txt deleted file mode 100644 index 758ec85e..00000000 --- a/sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-client/communicator.txt +++ /dev/null @@ -1 +0,0 @@ -prefer_http2: true diff --git a/sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-client/config.textproto b/sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-client/config.textproto deleted file mode 100644 index bfbabd54..00000000 --- a/sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-client/config.textproto +++ /dev/null @@ -1,9 +0,0 @@ -server: "fleetspeak-frontend:10000" -client_certificate_header: "client-certificate" -trusted_certs:"FRONTEND_CERTIFICATE" -client_label: "" -filesystem_handler: { - configuration_directory:"/config/fleetspeak-client" - state_file:"/fleetspeak-client.state" -} -streaming:true diff --git a/sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-client/textservices/hello.service b/sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-client/textservices/hello.service deleted file mode 100644 index dd8305da..00000000 --- a/sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-client/textservices/hello.service +++ /dev/null @@ -1,8 +0,0 @@ -name: "hello" -factory: "Daemon" -config: { - [type.googleapis.com/fleetspeak.daemonservice.Config]: { - argv: "/venv/FSENV/bin/python" - argv: "/config/hello.py" - } -} diff --git a/sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-server/components.textproto b/sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-server/components.textproto deleted file mode 100644 index 45d8d3b9..00000000 --- a/sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-server/components.textproto +++ /dev/null @@ -1,19 +0,0 @@ -mysql_data_source_name:"fleetspeak-user:FLEETSPEAK_PASSWORD@tcp(mysql-server:3306)/fleetspeak" -https_config: { - listen_address: "0.0.0.0:9090" - certificates:"FRONTEND_CERTIFICATE" - key:"FRONTEND_KEY" - frontend_config: { -cleartext_header_checksum_config: { - client_certificate_header: "client-certificate" - client_certificate_checksum_header: "x-client-cert-hash" - } - } -} -admin_config: { - listen_address: "0.0.0.0:9091" -} -health_check_config: { - listen_address: "0.0.0.0:8080" -} -notification_use_http_notifier:false diff --git a/sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-server/services.textproto b/sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-server/services.textproto deleted file mode 100644 index 2d698d0a..00000000 --- a/sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak-server/services.textproto +++ /dev/null @@ -1,10 +0,0 @@ -services { - name: "greeter" - factory: "GRPC" - config: { - [type.googleapis.com/fleetspeak.grpcservice.Config] { - target: "greeter:1337" - insecure: true - } - } -} diff --git a/sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak.textproto b/sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak.textproto deleted file mode 100644 index 7234434f..00000000 --- a/sandboxes/sandboxes/cleartext-header-mode/config/fleetspeak.textproto +++ /dev/null @@ -1,25 +0,0 @@ -configuration_name: "Example" - -components_config { - - mysql_data_source_name: "fleetspeak-user:FLEETSPEAK_PASSWORD@tcp(mysql-server:3306)/fleetspeak" - - https_config { - listen_address: "fleetspeak-server:9090" - } - - admin_config { - listen_address: "fleetspeak-server:9091" - } -} - -public_host_port: "fleetspeak-server:9090" - -trusted_cert_file: "/config/fleetspeak-server/ca.pem" -trusted_cert_key_file: "/config/fleetspeak-server/ca-key.pem" - -server_cert_file: "/config/fleetspeak-server/server.pem" -server_cert_key_file: "/config/fleetspeak-server/server-key.pem" - -server_component_configuration_file: "/config/fleetspeak-server/components.textproto" -linux_client_configuration_file: "/config/fleetspeak-client/config.textproto" diff --git a/sandboxes/sandboxes/cleartext-header-mode/config/hello.py b/sandboxes/sandboxes/cleartext-header-mode/config/hello.py deleted file mode 100644 index a60b85bb..00000000 --- a/sandboxes/sandboxes/cleartext-header-mode/config/hello.py +++ /dev/null @@ -1,41 +0,0 @@ -# Copyright 2023 Google Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -from absl import app -from fleetspeak.client_connector.connector import FleetspeakConnection -from fleetspeak.src.common.proto.fleetspeak.common_pb2 import Message -from google.protobuf.wrappers_pb2 import StringValue - - -def main(argv): - del argv # Unused. - - conn = FleetspeakConnection(version="0.0.1") - while True: - request, _ = conn.Recv() - - data = StringValue() - request.data.Unpack(data) - - data.value = f"Hello {data.value}!" - - response = Message() - response.destination.service_name = request.source.service_name - response.data.Pack(data) - - conn.Send(response) - - -if __name__ == "__main__": - app.run(main) diff --git a/sandboxes/sandboxes/cleartext-header-mode/config/hello.sh b/sandboxes/sandboxes/cleartext-header-mode/config/hello.sh deleted file mode 100755 index dd1ef13c..00000000 --- a/sandboxes/sandboxes/cleartext-header-mode/config/hello.sh +++ /dev/null @@ -1,2 +0,0 @@ -#!/usr/bin/env bash -/venv/FSENV/bin/python /config/hello.py diff --git a/sandboxes/sandboxes/cleartext-header-mode/docker-compose.yaml b/sandboxes/sandboxes/cleartext-header-mode/docker-compose.yaml deleted file mode 100644 index 13fe75f4..00000000 --- a/sandboxes/sandboxes/cleartext-header-mode/docker-compose.yaml +++ /dev/null @@ -1,65 +0,0 @@ -services: - - mysql-server: - image: mysql:8.2 - restart: always - hostname: mysql-server - environment: - MYSQL_DATABASE: 'fleetspeak' - MYSQL_USER: 'fleetspeak-user' - MYSQL_PASSWORD: 'FLEETSPEAK_PASSWORD' - MYSQL_ROOT_PASSWORD: 'MYSQL_PASSWORD' - ports: - - '3306:3306' - expose: - - '3306' - healthcheck: - test: ["CMD", "mysqladmin", "ping", "-h", "localhost"] - timeout: 5s - retries: 10 - - front-envoy: - build: - context: . - dockerfile: ../shared/envoy/Dockerfile - args: - ENVOY_CONFIG: ./envoy-https-http.yaml - hostname: fleetspeak-frontend - ports: - - "10000:10000" - - fleetspeak-server: - build: - context: . - dockerfile: ../shared/fleetspeak-server/Dockerfile - hostname: fleetspeak-server - depends_on: - mysql-server: - condition: service_healthy - entrypoint: ["/app/bin/server", "-components_config", "/config/fleetspeak-server/components.textproto", "-services_config", "/config/fleetspeak-server/services.textproto", "-alsologtostderr"] - volumes: - - "./config:/config" - ports: - - '9090:9090' - - '9091:9091' - - '8080:8080' - expose: - - '9090' - - '9091' - - '8080' - healthcheck: - test: ["CMD", "curl", "http://localhost:8080"] - timeout: 5s - retries: 10 - - fleetspeak-client: - build: - context: . - dockerfile: ../shared/fleetspeak-client/Dockerfile - hostname: fleetspeak-client - depends_on: - fleetspeak-server: - condition: service_healthy - entrypoint: ["/app/bin/client", "-config", "/config/fleetspeak-client/config.textproto", "-alsologtostderr"] - volumes: - - "./config:/config" diff --git a/sandboxes/sandboxes/cleartext-header-mode/envoy-https-http.yaml b/sandboxes/sandboxes/cleartext-header-mode/envoy-https-http.yaml deleted file mode 100644 index 64ba5c7f..00000000 --- a/sandboxes/sandboxes/cleartext-header-mode/envoy-https-http.yaml +++ /dev/null @@ -1,110 +0,0 @@ -static_resources: - listeners: - - address: - socket_address: - address: 0.0.0.0 - port_value: 10000 - filter_chains: - - filters: - - name: envoy.filters.network.http_connection_manager - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - codec_type: AUTO - stat_prefix: ingress_http - proxy_100_continue: true - access_log: - - name: envoy.access_loggers.stdout - typed_config: - "@type": type.googleapis.com/envoy/envoy.extensions.access_loggers.stream.v3.StdoutAccessLog - log_format: { - "text_format": "[%START_TIME%] \"%REQ(:METHOD)% %REQ(X-ENVOY-ORIGINAL-PATH?:PATH)% %PROTOCOL%\" %RESPONSE_CODE% %RESPONSE_FLAGS% %BYTES_RECEIVED% %BYTES_SENT% %DURATION% %RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)% \"%REQ(X-FORWARDED-FOR)%\" \"%REQ(USER-AGENT)%\" \"%REQ(X-REQUEST-ID)%\" \"%REQ(:AUTHORITY)%\" \"%UPSTREAM_HOST%\" PFP: \"%DOWNSTREAM_PEER_FINGERPRINT_256%\" CERT: \"%DOWNSTREAM_PEER_CERT%\" TLS \"%DOWNSTREAM_TLS_VERSION%\" Issuer \"%DOWNSTREAM_PEER_ISSUER%\"\n" - } - route_config: - name: local_route - virtual_hosts: - - name: app - domains: - - "*" - routes: - - match: - prefix: "/" - route: - cluster: fleetspeak-server - timeout: 0s - idle_timeout: 0s - http_filters: - - name: envoy.filters.http.lua - typed_config: - '@type': type.googleapis.com/envoy.extensions.filters.http.lua.v3.Lua - inlineCode: | - - function string.fromhex(str) - return (str:gsub('..', function (cc) - return string.char(tonumber(cc, 16)) - end)) - end - - local rtrim = function(str) - if str == nil then - return - end - str = string.gsub(str, "=+$", '') - return str - end - - function envoy_on_request(request_handle) - local stream = request_handle:streamInfo() - local headers = request_handle:headers() - if stream:downstreamSslConnection():peerCertificatePresented() then - local peerCertificate = stream:downstreamSslConnection():urlEncodedPemEncodedPeerCertificate() - request_handle:logInfo("Peer Certificate: "..peerCertificate) - - local peerDigest = stream:downstreamSslConnection():sha256PeerCertificateDigest() - request_handle:logInfo("Peer Digest: "..peerDigest) - - local base64Encoded = rtrim(request_handle:base64Escape(peerDigest:fromhex())) - request_handle:logInfo("Peer base64: "..base64Encoded) - request_handle:headers():add("x-client-cert-hash", base64Encoded) - else - request_handle:respond({[":status"] = "403"},"mTLS Required") - end - end - - name: envoy.filters.http.router - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router - transport_socket: - name: envoy.transport_sockets.tls - typed_config: - "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext - require_client_certificate: true - common_tls_context: - validation_context: - trust_chain_verification: ACCEPT_UNTRUSTED - alpn_protocols: ["h2,http/1.1"] - tls_certificates: - # The following self-signed certificate pair is generated using: - # $ openssl req -x509 -newkey rsa:2048 -keyout a/front-proxy-key.pem -out a/front-proxy-crt.pem -days 3650 -nodes -subj '/CN=front-envoy' - # - # Instead of feeding it as an inline_string, certificate pair can also be fed to Envoy - # via filename. Reference: https://envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/base.proto#config-core-v3-datasource. - # - # Or in a dynamic configuration scenario, certificate pair can be fetched remotely via - # Secret Discovery Service (SDS). Reference: https://envoyproxy.io/docs/envoy/latest/configuration/security/secret. - - certificate_chain: - filename: /etc/cert.pem - private_key: - filename: /etc/key.pem - - clusters: - - name: fleetspeak-server - type: STRICT_DNS - lb_policy: ROUND_ROBIN - load_assignment: - cluster_name: fleetspeak-server - endpoints: - - lb_endpoints: - - endpoint: - address: - socket_address: - address: fleetspeak-server - port_value: 9090 diff --git a/sandboxes/sandboxes/cleartext-xfcc-mode/README.md b/sandboxes/sandboxes/cleartext-xfcc-mode/README.md deleted file mode 100644 index dacce5ea..00000000 --- a/sandboxes/sandboxes/cleartext-xfcc-mode/README.md +++ /dev/null @@ -1,76 +0,0 @@ -# Cleartext XFCC Mode - -## Introduction - -This sandbox demonstrates how to run Fleetspeak in 'cleartext xfcc mode'. - -The Fleetspeak frontend (the server) is using the Fleetspeak client's -certficiate to identify it by deriving the client id from the certficiate. - -In cases where the mTLS connection is terminated on a load balancer between the -Fleetspeak client and the Fleetspeak server the client certificate has to be -forwarded by other means. - -This sandbox demonstrates how this can be achieved by adding the certificate -into an additional header (the `client_certificate_header` in the diagram below) -by configuring Envoy to do so. See the official -[Envoy documentation](https://www.envoyproxy.io/docs/envoy/v1.28.0/api-v3/extensions/filters/network/http_connection_manager/v3/http_connection_manager.proto.html#envoy-v3-api-enum-extensions-filters-network-http-connection-manager-v3-httpconnectionmanager-forwardclientcertdetails) -for more details. - -The setup in this sandbox with the Fleetspeak frontend running in cleartext xfcc -mode would be useful for cases where the Fleetspeak server is operated behind an -Envoy proxy that terminates the mTLS connection. - -![Cleartext Header Mode](../diagrams/cleartextXfccMode_355.png "Cleartext XFCC Mode") - -## Setup - -Before you run the commands below make sure that you successfully executed the -steps outlined in the [setup instructions](../../sandboxes#setup-instructions). - -## Bring up the test environment - -``` -docker compose up --build -d - - ✔ Network cleartext-xfcc-mode_default Created 0.1s - ✔ Container cleartext-xfcc-mode-front-envoy-1 Started 0.1s - ✔ Container cleartext-xfcc-mode-mysql-server-1 Healthy 0.1s - ✔ Container cleartext-xfcc-mode-fleetspeak-server-1 Healthy 0.0s - ✔ Container cleartext-xfcc-mode-fleetspeak-client-1 Started 0.0s -``` - -## Find the client id - -``` -docker logs cleartext-xfcc-mode-fleetspeak-client-1 -# The output should look similar to the below - -# config.go:44] Read 1 trusted certificates. -# manager.go:103] initial load of writeback failed (continuing): open /fleetspeak-client.state: no such file or directory -# manager.go:165] Using new client id: **768dbfef556d2341** -# client.go:175] No signed service configs could be read; continuing: invalid signed services directory path: unable to stat path [/config/fleetspeak-client/services]: stat /config/fleetspeak-client/services: no such file or directory -services.go:146] Started service hello with config: -# name:"hello" factory:"Daemon" config:{[type.googleapis.com/fleetspeak.daemonservice.Config]:{argv:"/venv/FSENV/bin/python" argv:"/config/hello.py"}} -# system_service.go:251] Unable to get revoked certificate list: unable to retrieve file, last attempt failed with: failed with http response code: 404 - -# Run the test app container -docker run -it --name greeter --network cleartext-xfcc-mode_default -p 1337:1337 --rm greeter bash -``` - -## Run the test app - -``` -# In the above find the client id and export it in a variable -export CLIENT_ID=**768dbfef556d2341** - -# Start the test app, when it runs add your input and hit enter. You should see the string being ecohed. -/venv/FSENV/bin/python ./greeter.py --client_id=$CLIENT_ID --fleetspeak_message_listen_address="0.0.0.0:1337" \ - --fleetspeak_server="fleetspeak-server:9091" --alsologtostderr -``` - -## Bring down the test environment - -``` -docker compose down -``` diff --git a/sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-client/communicator.txt b/sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-client/communicator.txt deleted file mode 100644 index 758ec85e..00000000 --- a/sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-client/communicator.txt +++ /dev/null @@ -1 +0,0 @@ -prefer_http2: true diff --git a/sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-client/config.textproto b/sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-client/config.textproto deleted file mode 100644 index b6643133..00000000 --- a/sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-client/config.textproto +++ /dev/null @@ -1,8 +0,0 @@ -server: "fleetspeak-frontend:10000" -trusted_certs:"FRONTEND_CERTIFICATE" -client_label: "" -filesystem_handler: { - configuration_directory:"/config/fleetspeak-client" - state_file:"/fleetspeak-client.state" -} -streaming:true diff --git a/sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-client/textservices/hello.service b/sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-client/textservices/hello.service deleted file mode 100644 index dd8305da..00000000 --- a/sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-client/textservices/hello.service +++ /dev/null @@ -1,8 +0,0 @@ -name: "hello" -factory: "Daemon" -config: { - [type.googleapis.com/fleetspeak.daemonservice.Config]: { - argv: "/venv/FSENV/bin/python" - argv: "/config/hello.py" - } -} diff --git a/sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-server/components.textproto b/sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-server/components.textproto deleted file mode 100644 index 6770bac6..00000000 --- a/sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-server/components.textproto +++ /dev/null @@ -1,18 +0,0 @@ -mysql_data_source_name:"fleetspeak-user:FLEETSPEAK_PASSWORD@tcp(mysql-server:3306)/fleetspeak" -https_config: { - listen_address: "0.0.0.0:9090" - certificates:"FRONTEND_CERTIFICATE" - key:"FRONTEND_KEY" - frontend_config: { - cleartext_xfcc_config: { - client_certificate_header: "x-forwarded-client-cert" - } - } -} -admin_config: { - listen_address: "0.0.0.0:9091" -} -health_check_config: { - listen_address: "0.0.0.0:8080" -} -notification_use_http_notifier:false diff --git a/sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-server/services.textproto b/sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-server/services.textproto deleted file mode 100644 index 2d698d0a..00000000 --- a/sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak-server/services.textproto +++ /dev/null @@ -1,10 +0,0 @@ -services { - name: "greeter" - factory: "GRPC" - config: { - [type.googleapis.com/fleetspeak.grpcservice.Config] { - target: "greeter:1337" - insecure: true - } - } -} diff --git a/sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak.textproto b/sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak.textproto deleted file mode 100644 index 7234434f..00000000 --- a/sandboxes/sandboxes/cleartext-xfcc-mode/config/fleetspeak.textproto +++ /dev/null @@ -1,25 +0,0 @@ -configuration_name: "Example" - -components_config { - - mysql_data_source_name: "fleetspeak-user:FLEETSPEAK_PASSWORD@tcp(mysql-server:3306)/fleetspeak" - - https_config { - listen_address: "fleetspeak-server:9090" - } - - admin_config { - listen_address: "fleetspeak-server:9091" - } -} - -public_host_port: "fleetspeak-server:9090" - -trusted_cert_file: "/config/fleetspeak-server/ca.pem" -trusted_cert_key_file: "/config/fleetspeak-server/ca-key.pem" - -server_cert_file: "/config/fleetspeak-server/server.pem" -server_cert_key_file: "/config/fleetspeak-server/server-key.pem" - -server_component_configuration_file: "/config/fleetspeak-server/components.textproto" -linux_client_configuration_file: "/config/fleetspeak-client/config.textproto" diff --git a/sandboxes/sandboxes/cleartext-xfcc-mode/config/hello.py b/sandboxes/sandboxes/cleartext-xfcc-mode/config/hello.py deleted file mode 100644 index a60b85bb..00000000 --- a/sandboxes/sandboxes/cleartext-xfcc-mode/config/hello.py +++ /dev/null @@ -1,41 +0,0 @@ -# Copyright 2023 Google Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -from absl import app -from fleetspeak.client_connector.connector import FleetspeakConnection -from fleetspeak.src.common.proto.fleetspeak.common_pb2 import Message -from google.protobuf.wrappers_pb2 import StringValue - - -def main(argv): - del argv # Unused. - - conn = FleetspeakConnection(version="0.0.1") - while True: - request, _ = conn.Recv() - - data = StringValue() - request.data.Unpack(data) - - data.value = f"Hello {data.value}!" - - response = Message() - response.destination.service_name = request.source.service_name - response.data.Pack(data) - - conn.Send(response) - - -if __name__ == "__main__": - app.run(main) diff --git a/sandboxes/sandboxes/cleartext-xfcc-mode/config/hello.sh b/sandboxes/sandboxes/cleartext-xfcc-mode/config/hello.sh deleted file mode 100755 index dd1ef13c..00000000 --- a/sandboxes/sandboxes/cleartext-xfcc-mode/config/hello.sh +++ /dev/null @@ -1,2 +0,0 @@ -#!/usr/bin/env bash -/venv/FSENV/bin/python /config/hello.py diff --git a/sandboxes/sandboxes/cleartext-xfcc-mode/docker-compose.yaml b/sandboxes/sandboxes/cleartext-xfcc-mode/docker-compose.yaml deleted file mode 100644 index ff8440ad..00000000 --- a/sandboxes/sandboxes/cleartext-xfcc-mode/docker-compose.yaml +++ /dev/null @@ -1,63 +0,0 @@ -services: - - mysql-server: - image: mysql:8.2 - restart: always - hostname: mysql-server - environment: - MYSQL_DATABASE: 'fleetspeak' - MYSQL_USER: 'fleetspeak-user' - MYSQL_PASSWORD: 'FLEETSPEAK_PASSWORD' - MYSQL_ROOT_PASSWORD: 'MYSQL_PASSWORD' - ports: - - '3306:3306' - expose: - - '3306' - healthcheck: - test: ["CMD", "mysqladmin", "ping", "-h", "localhost"] - timeout: 5s - retries: 10 - - front-envoy: - build: - context: . - dockerfile: ../shared/envoy/Dockerfile - args: - ENVOY_CONFIG: ./envoy-https-http.yaml - hostname: fleetspeak-frontend - ports: - - "10000:10000" - - fleetspeak-server: - image: ghcr.io/google/fleetspeak:latest - hostname: fleetspeak-server - depends_on: - mysql-server: - condition: service_healthy - entrypoint: ["/fleetspeak/bin/server", "-components_config", "/config/fleetspeak-server/components.textproto", "-services_config", "/config/fleetspeak-server/services.textproto", "-alsologtostderr"] - volumes: - - "./config:/config" - ports: - - '9090:9090' - - '9091:9091' - - '8080:8080' - expose: - - '9090' - - '9091' - - '8080' - healthcheck: - test: ["CMD", "curl", "http://localhost:8080"] - timeout: 5s - retries: 10 - - fleetspeak-client: - build: - context: . - dockerfile: ../shared/fleetspeak-client/Dockerfile - hostname: fleetspeak-client - depends_on: - fleetspeak-server: - condition: service_healthy - entrypoint: ["/fleetspeak/bin/client", "-config", "/config/fleetspeak-client/config.textproto", "-alsologtostderr"] - volumes: - - "./config:/config" diff --git a/sandboxes/sandboxes/cleartext-xfcc-mode/envoy-https-http.yaml b/sandboxes/sandboxes/cleartext-xfcc-mode/envoy-https-http.yaml deleted file mode 100644 index 46551027..00000000 --- a/sandboxes/sandboxes/cleartext-xfcc-mode/envoy-https-http.yaml +++ /dev/null @@ -1,77 +0,0 @@ -static_resources: - listeners: - - address: - socket_address: - address: 0.0.0.0 - port_value: 10000 - filter_chains: - - filters: - - name: envoy.filters.network.http_connection_manager - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - codec_type: AUTO - stat_prefix: ingress_http - forward_client_cert_details: APPEND_FORWARD - set_current_client_cert_details: - cert: true - proxy_100_continue: true - access_log: - - name: envoy.access_loggers.stdout - typed_config: - "@type": type.googleapis.com/envoy/envoy.extensions.access_loggers.stream.v3.StdoutAccessLog - log_format: { - "text_format": "[%START_TIME%] \"%REQ(:METHOD)% %REQ(X-ENVOY-ORIGINAL-PATH?:PATH)% %PROTOCOL%\" %RESPONSE_CODE% %RESPONSE_FLAGS% %BYTES_RECEIVED% %BYTES_SENT% %DURATION% %RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)% \"%REQ(X-FORWARDED-FOR)%\" \"%REQ(USER-AGENT)%\" \"%REQ(X-REQUEST-ID)%\" \"%REQ(:AUTHORITY)%\" \"%UPSTREAM_HOST%\" PFP: \"%DOWNSTREAM_PEER_FINGERPRINT_256%\" CERT: \"%DOWNSTREAM_PEER_CERT%\" TLS \"%DOWNSTREAM_TLS_VERSION%\" Issuer \"%DOWNSTREAM_PEER_ISSUER%\"\n" - } - route_config: - name: local_route - virtual_hosts: - - name: app - domains: - - "*" - routes: - - match: - prefix: "/" - route: - cluster: fleetspeak-server - timeout: 0s - idle_timeout: 0s - http_filters: - - name: envoy.filters.http.router - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router - transport_socket: - name: envoy.transport_sockets.tls - typed_config: - "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext - require_client_certificate: true - common_tls_context: - validation_context: - trust_chain_verification: ACCEPT_UNTRUSTED - alpn_protocols: ["h2,http/1.1"] - tls_certificates: - # The following self-signed certificate pair is generated using: - # $ openssl req -x509 -newkey rsa:2048 -keyout a/front-proxy-key.pem -out a/front-proxy-crt.pem -days 3650 -nodes -subj '/CN=front-envoy' - # - # Instead of feeding it as an inline_string, certificate pair can also be fed to Envoy - # via filename. Reference: https://envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/base.proto#config-core-v3-datasource. - # - # Or in a dynamic configuration scenario, certificate pair can be fetched remotely via - # Secret Discovery Service (SDS). Reference: https://envoyproxy.io/docs/envoy/latest/configuration/security/secret. - - certificate_chain: - filename: /etc/cert.pem - private_key: - filename: /etc/key.pem - - clusters: - - name: fleetspeak-server - type: STRICT_DNS - lb_policy: ROUND_ROBIN - load_assignment: - cluster_name: fleetspeak-server - endpoints: - - lb_endpoints: - - endpoint: - address: - socket_address: - address: fleetspeak-server - port_value: 9090 diff --git a/sandboxes/sandboxes/createConfig.sh b/sandboxes/sandboxes/createConfig.sh deleted file mode 100755 index e4a2d43b..00000000 --- a/sandboxes/sandboxes/createConfig.sh +++ /dev/null @@ -1,65 +0,0 @@ -#!/bin/bash -openssl ecparam -list_curves - -# generate a private key for a curve -openssl ecparam -name prime256v1 -genkey -noout -out key.pem - -# optional: generate corresponding public key -openssl ec -in key.pem -pubout -out public-key.pem - -# create a self-signed certificate -openssl req -new -x509 -key key.pem -out cert.pem -days 365 -subj "/C=AU/CN=fleetspeak-frontend" -addext "subjectAltName = DNS:fleetspeak-frontend" - -FRONTEND_CERTIFICATE=$(sed ':a;N;$!ba;s/\n/\\\\n/g' cert.pem) -FRONTEND_KEY=$(sed ':a;N;$!ba;s/\n/\\\\n/g' key.pem) - -sed -i 's@FRONTEND_CERTIFICATE@'"$FRONTEND_CERTIFICATE"'@' ./cleartext-header-mode/config/fleetspeak-client/config.textproto -sed -i 's@FRONTEND_CERTIFICATE@'"$FRONTEND_CERTIFICATE"'@' ./cleartext-xfcc-mode/config/fleetspeak-client/config.textproto -sed -i 's@FRONTEND_CERTIFICATE@'"$FRONTEND_CERTIFICATE"'@' ./direct-mtls-mode/config/fleetspeak-client/config.textproto -sed -i 's@FRONTEND_CERTIFICATE@'"$FRONTEND_CERTIFICATE"'@' ./https-header-mode/config/fleetspeak-client/config.textproto -sed -i 's@FRONTEND_CERTIFICATE@'"$FRONTEND_CERTIFICATE"'@' ./passthrough-mode/config/fleetspeak-client/config.textproto - -sed -i 's@FRONTEND_CERTIFICATE@'"$FRONTEND_CERTIFICATE"'@' ./cleartext-header-mode/config/fleetspeak-server/components.textproto -sed -i 's@FRONTEND_CERTIFICATE@'"$FRONTEND_CERTIFICATE"'@' ./cleartext-xfcc-mode/config/fleetspeak-server/components.textproto -sed -i 's@FRONTEND_CERTIFICATE@'"$FRONTEND_CERTIFICATE"'@' ./direct-mtls-mode/config/fleetspeak-server/components.textproto -sed -i 's@FRONTEND_CERTIFICATE@'"$FRONTEND_CERTIFICATE"'@' ./https-header-mode/config/fleetspeak-server/components.textproto -sed -i 's@FRONTEND_CERTIFICATE@'"$FRONTEND_CERTIFICATE"'@' ./passthrough-mode/config/fleetspeak-server/components.textproto - -sed -i 's@FRONTEND_KEY@'"$FRONTEND_KEY"'@' ./cleartext-header-mode/config/fleetspeak-server/components.textproto -sed -i 's@FRONTEND_KEY@'"$FRONTEND_KEY"'@' ./cleartext-xfcc-mode/config/fleetspeak-server/components.textproto -sed -i 's@FRONTEND_KEY@'"$FRONTEND_KEY"'@' ./direct-mtls-mode/config/fleetspeak-server/components.textproto -sed -i 's@FRONTEND_KEY@'"$FRONTEND_KEY"'@' ./https-header-mode/config/fleetspeak-server/components.textproto -sed -i 's@FRONTEND_KEY@'"$FRONTEND_KEY"'@' ./passthrough-mode/config/fleetspeak-server/components.textproto - -cp cert.pem key.pem ./cleartext-header-mode/ -cp cert.pem key.pem ./cleartext-xfcc-mode/ -cp cert.pem key.pem ./direct-mtls-mode/ -cp cert.pem key.pem ./https-header-mode/ -cp cert.pem key.pem ./passthrough-mode/ - -MYSQL_PASSWORD=$(LC_ALL=C tr -dc 'A-Za-z0-9@%*+,-./' < /dev/urandom 2>/dev/null | head -c 16) -FLEETSPEAK_PASSWORD=$(LC_ALL=C tr -dc 'A-Za-z0-9@%*+,-./' < /dev/urandom 2>/dev/null | head -c 16) - -sed -i 's@MYSQL_PASSWORD@'"$MYSQL_PASSWORD"'@' ./cleartext-header-mode/docker-compose.yaml -sed -i 's@MYSQL_PASSWORD@'"$MYSQL_PASSWORD"'@' ./cleartext-xfcc-mode/docker-compose.yaml -sed -i 's@MYSQL_PASSWORD@'"$MYSQL_PASSWORD"'@' ./direct-mtls-mode/docker-compose.yaml -sed -i 's@MYSQL_PASSWORD@'"$MYSQL_PASSWORD"'@' ./https-header-mode/docker-compose.yaml -sed -i 's@MYSQL_PASSWORD@'"$MYSQL_PASSWORD"'@' ./passthrough-mode/docker-compose.yaml - -sed -i 's@FLEETSPEAK_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./cleartext-header-mode/docker-compose.yaml -sed -i 's@FLEETSPEAK_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./cleartext-xfcc-mode/docker-compose.yaml -sed -i 's@FLEETSPEAK_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./direct-mtls-mode/docker-compose.yaml -sed -i 's@FLEETSPEAK_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./https-header-mode/docker-compose.yaml -sed -i 's@FLEETSPEAK_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./passthrough-mode/docker-compose.yaml - -sed -i 's@FLEETSPEAK_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./cleartext-header-mode/config/fleetspeak-server/components.textproto -sed -i 's@FLEETSPEAK_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./cleartext-xfcc-mode/config/fleetspeak-server/components.textproto -sed -i 's@FLEETSPEAK_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./direct-mtls-mode/config/fleetspeak-server/components.textproto -sed -i 's@FLEETSPEAK_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./https-header-mode/config/fleetspeak-server/components.textproto -sed -i 's@FLEETSPEAK_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./passthrough-mode/config/fleetspeak-server/components.textproto - -sed -i 's@FLEETSPEAK_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./cleartext-header-mode/config/fleetspeak.textproto -sed -i 's@FLEETSPEAK_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./cleartext-xfcc-mode/config/fleetspeak.textproto -sed -i 's@FLEETSPEAK_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./direct-mtls-mode/config/fleetspeak.textproto -sed -i 's@FLEETSPEAK_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./https-header-mode/config/fleetspeak.textproto -sed -i 's@FLEETSPEAK_PASSWORD@'"$FLEETSPEAK_PASSWORD"'@' ./passthrough-mode/config/fleetspeak.textproto diff --git a/sandboxes/sandboxes/diagrams/cleartextHeaderMode_355.png b/sandboxes/sandboxes/diagrams/cleartextHeaderMode_355.png deleted file mode 100644 index fdeae118fb7a00a3da3ff1b344e1f559503619fe..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 38835 zcmeFYRa9I}v@V+9614H)G>tn1C%86FaP2@Kkl+?HIE}jncL;95y^#bB5E3*HG`MTv zEdKm^kFn3Vci(Xz&Kc+7JoV`6>Qz;9eKqGd4X&Z4fP+PW_2|(f93@3rtw)cLK#v|h zeu;qwjD)?0djcPiU9=RWA61P}Za;cN`$$PvO2^Z5Hw)F%NRTx2`Je?mUvb=V1REdU zRI8hvw!WTzdiovj+r0=QJ$t=Zrs?S{EGKiJS!DN{L$$wZK=aXAl;S%H-xI1%l`np` zDJUe!7EIc72VinPhIFH(Jp!2{4TEVdc;cbXnNj~ah>xNVbyP4%g1-Md1f}nW^@4pe z)BbaYIZu!8zdr&G;f70Q!sw03VOqtRLa$MFX+sJ+RK60*4WxWoA66cO|FaJ8FmTv= zS^9vWAen~3+J4#aThKJc3+LlaehB`d>*s`uY2I{pgKZ%KU{en(2doh~I>GOdC{>`r zpP$PVX+i}3)l#8I?2rV^m_(j`4$!T~)D2tx$RM~M$PS76)nEH}DcW_+nl#0$XW{iI z?2w8Ei)Q`5N5PML6p6{UNAzC?fwSpe1LH=oSvZ;gu3cl*t9+!Qpf}Z8}8X zo0!0_F?@T~tGLF-7<%JuhuDzf`EG;HGNtw_Ur z>8kfStcY(MZH_nJOp@62C@SX#Kn^pZu+_;vre^;G0>j4F<)oAYz3R-_XW{VUX7@8K z{`hD1wT3o$J=d%u~U_eGYohr!hBIUY6rjhWI zEQz7gs4X?|&U^l4Ku^G32?k2Y}l5W8aVIGU2YSU=YCm`a~8KP9}fA{zDOM(N4 zKp;K)tibx9Z@hULZ1^N3#iXE@@=%hT3!3jw?erXa!|?7c#sbTPJT?diVlt!7jC5C* z7Q@nbEl4;`g=0WW>ILfKJ^Ia_XskNykz;$_xfTT?Hj7olBA@nR5MMUCmk-EasTt88 zS7>$6xBA~>w_fZ<#4I-sjJ!TM+MXhPLV1k+%wZvvDfag0rcRhl(2Lc1b2x;gGQ<3L zzrj!(5Av(A^k5ij7jX*Q$YVd(V(**h>1_s?*eH3095ji==&_)K@r+*d-0Rz5xEIfg zcA?PSwF~3%+Hg?Qp2*MYF5P_n$$Xn12|byG)2Co6b+@Q7gj^E0XN2Fe& zootTF^&l;6O}Aj{R_TY{UY!Jeb~+uRqdT{qt_Yg{R7Gdh^rn~B>3jt9$x{ieySuwf z>o1Tdt+e_AXVZUl(IWuS{R{GzTSq5&TN^hW_@HsqW%(|r{FM!_e(z58!XYJ z2m85&>Mz8++))Dpdg#|LsJvlc8#GIGI*}qSb-G7ytPxLLJ2E&9wJ$igE=``sm1S>i zUL1%=`N!t;?7lP1Tisp@Fm8!l-TxKIoK*6JTC4*pL>luLUaDWrIc6q~gpQ6L92~s5 zIDave!h!vJ);@av(|DdnPo0pHJ&iJHC0duBpe*?)6(H}mFJ}1m_EoUfaJ1hy7xpi= zYF4D7-{(cm$CrG`p1Ic4;I{i*5&GWXcGtcPL%jDp9g>=)Ui+d|6Ne}9=Yrb%d>2vl zMUUHWfy}~0tNZV5-3XvqE8ZF8K4X+omtjA5di=%f&7NMCme-(CN zVVaQl6^5~KLkec2VNiHDMn@WLPDDoIM`=|C{lf9Sig$^ct@;A|_PS>Guatr=@t(U& zuVYOjP;j7Aknw>|@i4?A&)sQz%I_X1${~athJpmMg+h$Jtk{zpWpBi%%gkg%RSAS` z)N%x<|M*d(d6yBX8uIst)TcTf_mdm9xnqT3CkGi81u9n#%os7PY^~Xxk6CiS@}cR+ z&F@Y!{4!+9bfg7Goi6spcYn0ew76^%o{=7F(D$6a*4FswF0NB$tTY~ic5`*I@$+zn z!HY-AtkeIVnn6BhAiiLb+qT~^F37rewJ5lI!oWLQ!Z$)HC~UQDEUU(4)82A4MZmDL z-g;EBM_P`@@0Kht=Kju`0}Y4b{kKX(I)_dqX2XW?8rMuwmk27J(IstRnFm53iDd{` zJxTXGzb3)jV2MmU*ryYtr*zj6-JN&C7&Uw*9gjrpxP9$(R1CFP&X%!Rs^c-HGCobg zq}Yw26p7gw{UBMUYku=hT&Ve;EaREOdqkwJ`F(t)G{1&ej?enf`)d+sE6#{intiy~ zFt5}d=!{~Tgd|eXftrDtUZX;y%%}jhYFUV*zke@m)A9UN?#ZqoA!!vA-wmx5AUW6c zOJB&>B9$B_jM9eRvlLdnsC2DUe#XK

=;3HXXO6hGyuho`c5A9caQWgd z!7zV?#PV!3J`Q;U{;P!NXDY#Et+(}?#k!}_6tjr_vI2Z+YR(D}l}KaHo{>kt>tNZ* z4MNnZN6ad2S(Gc~z7fBRLqBwiX>29TKC9ODisH>;3);oL1pYVp&a8c&Qazgf#l$n(BQo5|^OxV7zIsbxgb!NwyWyB?JP23MktlGl%(%2WTNZM@q;2mw`8EDr z@8zUJ*Gk)g$ji|Tx2@$aF0YH%~MJo=tXim-J-J`&O{CIjac2x@m@LI<{OG< z2*U?ircYFERNnn&?u=WN9J@h$saBpCG$Y9EZ^E;PPA_U-4y& z`v)i|v&u)R_;8xFMzOy5h(VBtos@k`HN+IcPAKTGM95|vLBheBAD2d(cLd15g5~oE z!Rlrb)X#iiFiI@7xO6h>i__TxF(t*g?mTe?<_Q6uFX~REYG7sIzqb4R6-Hrr8n@X| z^te(u{Jo^>U1!G;T#LI{ARL}lDj}?qkk;&al<7FI_Akr-rcOH=4rhw}gZLds$k^!6 z^^N*#c^Ykr%G{^k*-szjbcgl5+gz^xq0dczP^im%Txrgm#msN?0)rZ)nCz^f@- zW&xG+?zArlp1?|!`dqX|fvqS_i|;h5Pu;tV zcJ5*8bzSk|3c3w%rieP)@cNgZra;IAa6+vj^!m=)tSeS4=f3s#H@%&&eS3rJBwdoz z_1v(*hQqx$s)Z0djMInt*Ny1@jrlz|&GY1%BV*bjRy3A#D;0y#zz{+~!r9l`q7s~D zvs@PaT|F?9U5T>Y^A1a|$~f$kheT4fhT)skKZiY_OCpZ&`VvlQ5)ue58biHU*4dGE zs)YWh*TNAb7X;hdyx%j@Y`(QK7OSO4eJ$!D_+I*QI~aunA@=S!zj0=kX8kL-+FG47 zXsG(VFX0z{n&*D(?qwqhjMxhc3$k7rp8-nsID+Viz}wfj-IE|Yo4VAvrS3BOS$Y0m zJB^sn`qSm4%kE>vq74iA#AnkUqBuX1UHsX0@v*HukgvVh~{3h{GpuA{mO{8x3rrduMomak00&#HqWV2u$%T9B^=AX;)p&NKkzlpO zW|c{rphKRJf8W%U_M317jJ~WR>eoMj8r0%5YMhlfN>4O!1|CX=@u=e`1)j#ORwzd|EvNU0e`j*ACVn&o@U%1k*hkQ10KU#hMbAKOF%)TWS6NG*aul&UKs<7#6 z%E*`+>)32=7X$s;)`Y~qMEru6qsZUTfuhLc5BQ+d4MQO_gN1jlns3}Hsgl6W&f6jp zsq7I&UDaPj%qjFC$Lq}SO^1W<$1$r*&3@QLUy`IpKS$TP%~Du?&V(amzuu^1ve+nx zt8KP>U!)vH=1#2NRFR2TazoU!BQQaOd8dMgW)Y-ZX7uX&0AW9Y08UM8qg_EiO5+QF z7HagDV32TTG8J>pd29uTU~j->x|kPQeV-O7r}S4Xwjr*lsOIJeVv1i$kN)^ac~&I6 zR}IIczgQl;*QkY>=zP>9CuU6{mLOPzzB@Y~)`zY3OtGy>R#QJeS6DXlUb+2&?Rl|* zd`|TvkRo}N1cXb7zBc><>FoDx|H!+=*HGk&%%#SLQ!&&D4io z`YvAMta8_gdtcP0DNa&h}hz!NGlGApB4P9Pvgb{De%SsUw#P{Md-6b zwB-1l83`G?Vf31^L;;9k%`~9|Cm`TRHpud#AI1~Uni0#6&UCJ_-lDoCf-%?yMWqx$-%DCM1275`a?sCb%yMF5Ujq!p6eZElkr zkebT0yEodV6fa*OrJwc$@QBL_j;3@tfFsN-C}nQMDS|PcJdyYG6f!n3`MI)!+p3;G zX!Ei)I05h`=zP7Z!J8kFcpZ(u-~-1XuhLDovn2q{RxJ&b5=f{0tFm*cLW#qTj5gp^Fk+=<8CjApqHl-k0srxjGOQ8YnVb8W9;Bd@n!=SM& zf2r-S2+ej+i_GU9#4&0yX+p2VHB<8yU8?~)O0wu9D#IGx(Gp+Kfjsx=Alm=V;BgCY z@0O2nzT3lwsP+zDD92Ouqu}gveDLTCklB&^hPfycu@twJQ_#VtmL-hiaNskPA&_{< zF2syN&Q~}XUr?e^Vk%IY#46@>O5|TT7hd}d9cw2@x~ls}eX3@?uGPd-vZBN<#E$On z(vFT8nVFf6E4?qKD@|~mi`=ncgkV931*xpL89Kesc^b@g$;wU#`!YoANoIxXafA=h zkQ2v*!7e9Qw$4s2n01DX7M_Bi1O`e27K=5wr@o~6aDUNTr&5d9*(&XB$>;32G5kU` zeKkBhu0Y`voqmlCA+Mz(o`Sc6al0!H;LPeU>lrS{7~17xOG{fS9wg&3sb_`6s!Lf8 zrK#z_zh;WKJbrhwAss_$AZNgQ4<+Y~Xnyh0_si;X>42a=m;|(8ZQCeZjK))IHD#|; zs*iScvKfO&N4qB(_3LlH0y$kCD*4?aD;dAtH%y$TGtw40NNFPP9;;=} zg;LGq{p<~~JKUQj|KmpEsh=kDexSPRdUa@J z3Ii8Y?n6^FkNYXqb$1%cq|+fXX3zWOT50DcA%1Z5Q+HV3HKWb<8a`aAxj;IZ!Ic%{ z=OfvoxW5L+29jPg{M^ezceC^84wOrDT3vSWyt^eP;m8EM9lzkjL=Bn)JBdpVmszJ&WD3qHEMF?9>ASxp zM`e-BN0P-Fj{`KF@@d7jO0BY^qhJ2bKHHGbFPKA8xt4z3(99Y7TPw~mS^`o#0i>qG zO6=uI6Ctoe65uEJgx5gm)!l&yG=mqak164I8|=2zRN%bs-0X2d(0bz@SkS@ud)6VA zLE%}R-RxuiRv*aj-W~vB$NgPmi!-BIA1d8H0(hez?wI@gy8{Y%EWYAf2mn+kzUG|e z1*^@pZ4!qOp=!tAvDtSo!3vqN5P3w{!){Yh%=8+9TRC1ki0;3JS_0I+^mEl=B|w~<0V*C*a!DA zaK`_wRM*{NKjW~J%SP1lWWJS*6ODkq7JAINTB%tVat!5DUKNEE?7%Vu8YTiw8E;Re0Cx6uK z*1jhtJN#IkCRl0E!J(GD6dHOaI!Fj=aar%abgHj4Ujd))2%@=c#E?2Df(AzA{SL%z zW?D6oU@-CPbE+84f*S_!7TgJ}SV6F9@wMe=yE=}{N6833LTTSD6N!jYU9aK}}7?s0~p?;g4=l6%=();ZB zrJJO~=@t*ZO3IzO82ilyRZx+NHJl|@Drlf*`5v`gr}Di;-_6g37Pj6eMzvZ7A8juh z^vD35G`=Hb2PK)=C^DnrW`=jar?vc&joS4`;sr+J;UUKDS8JkP>As0dZzg_Q^!`9%K@4SV``lp{8;zb{|{qXnY@hnoYe=CQ(8^3%3*KQ~eTL-d(2E>eA*#x(kFk{nPdf|=v)26JtVU9JBe=KY? zI0Ex?;y$SLU`v8$fs3ByB6dH!;5NbKKK#b00F6U$-CP{7R{H8j`t9H{Rp2#}nRUxQ zfTMgRfesS&IhCPE33$?1jr#gDMVaWV;*XzUy`>x00L_8KSW-UF94BSsT776?#H%%B zurk1)^TYcyQFBHuh?rt5iGT_67Rprdz=Rn0HA66<9Asg^{TBcjdI2s25T9NlwK95= zNVv{qlrdcPAqh%E0MH|RC-AR_ePkz(4gy;4M0JRm`++z8;y&UJ)65h~&_vN{Ov_yl zXt4UoqkQu0_I|SYox3~XcmET7-)1`dvl7uTLr7^POsBk_q&lLb4Q!U9d#c8kb=u5G>2 zaS}>c$0*ftmSvWRP`zd+)~Za4`?8LKtxKyObDILQPVrgC5?=B-RS1nDA4xEiPA?ST zkqS(3UpN^X7u7OscOiFr{QTZ-D4p%Ycgm5v2kPm=!43%wlK#1yNo-$5El(WAU=Z`j zAS_VE%ur{f#E^%8fKEa2{gbN`qB>*jbUN!6F{EmVOFHdWdn*DdPhP7-OAmK{s1UIj z4=3mgJ1}61dAdHnI$pQnu>f;LD%97cVPIece{^wgZaYazM9lNXV>2f^qlB~vx3#TT z$d(yGQT*e3M61st;i*7u!X;&d{dr~8z{6{UopRmpN z=l-Su5NfVjHQCuAK(P1yM-_L^W^do*--mLmOp-8q?n_27F?}ewB`3}*5FzXO2B78( z(Lw>_4;Wy8x>zD$y_7_6>G4QF5Pnc3{QIFkG;JbJsB9R3Z(7tuJ2^0qOPy^j8WD^c z-3JRqps2f~IU*a-vP5EHOA0WmkbsIO>dP9~Ay6A2LCy{V{`UX&^UHpe%AjJ#!jvZs zol7$Uca3Ka89`LskIQ7ZA2k|$=rx9|9=^3|Ul;My!&DMuqcWjlB%A$wd=r*NoPo** zFd3=l;o%H~taIrPONxgL8^K_!%l`L>DwDR(Kx^SR316=$Dp3+JI}D8kWJv#w9pY}R z**_1uSk~#~bgz%Nv{xe>*;#!f&823dWB}DS@UBa%sY9zZb^>a5kEX`!?6(ap-?YO^$azh%LPE7IK#P09 zH=&8FWW4C>meKClQ+!|D0(qQF5jR$)bya5GNX+^?esy_W2&9zjtIKhY|6M>=SJze_ zIo~T3%(eD+ClS_eTF7TkMZC5d3CD$YA?~~11ExyU2ieHB zilR{DawL2cTw^AIlxoQL;szpK>#-;x%d)bHhy+-3;v}uo)|=%{lfp(>&#Pm`7%I`w z9KY*f!XH5ZHuVjl{h@<5P;j+OQQ^3(4=j+nb7f^^3phf9GJ*&+o-N)7KqVRz1PS+a z*%*;Zgs5sXJ6ik+y6K056jM2=bgPV6e7x(dzCc#Lm1(07#?q)$HwbCfJ`mFrOG{K3 zJv}`Vu-Pyugs)X?vCTsvo?b30LOnmN_|NtE-p5$=i~b^&)QLP9^rIh*cC!yjcuz0+ zw>PTvV19lgLTzxefv3?Etlo(apDwe zhAvaBq_in1^TGTlhn=aZ3-Cgl`(Alhc39Ze7(bv>bUfgqgprs4stiYue!J|xfT*2! zPiGN$KFyU+_c<>$VL#_NK6jUV=P-ra7@-dB7epn{hTdLn=Jd|RiF>eRQ_ zJJr1h9L&s$;qQOcTVvCQRaDb zUWrfO`j$}M5*57p8yOupZ87Ho@`B(81OVQEPN~LY5f>)mgm?jfrCm>=1X-xeRvPJv zp|DJRSO${G{YJ#%rCWJ&SCjKZ;#-PI6Q`lEv3TXWl@S2uA_c1|4C+?_K(DIq0Obpi zg^5V~iTiXr-#a9jXo*m2bjP_`MXNPT{uTEOyawUwW z#(mE)9uJO>1&&ipiaU_IyS>t^g~`!T+Q^aoxj7o7K{Ns^l%Abo;|XA3a))8`d*PT0 z-jdXVom#-b(;Ts7Rg@j%!MsoO?D1)^c=TK*`d(aU@XwyH&;XaC@O5bW2rUGuZ#Qnq zB)a((E1`&h>qM@Uqhq*)fFgYgn!&L!EzbwQi1FA=bt|u402*tORrOCg`A0uSTVz000enpJ#99_*WdH0<%-jr-<_GTlfudl%NyE!9bx0!8d8= z-(Y_XLJ*iju`uz3F9gV|stP%NoyIju4gL(II1$sBS8p^-`Awv`P}ZVej{!^#1qh6O z4Naq^({zf$#(FhnzTrVIw5tTsdb?=wU#%%$I6U#9kgRc%ASi=%B0rOGEJm`>;>i&l z4me2Wfb=GPkQ8?lk^|73vaD3~1g>L>(N^oEb;`6*D-9bXQhPt@RR`1H8{oPIprEM= zH@x|wbqQhDuaOM5Ui9MxqYa5jY7<%_7*uFO%Ct+cEF{077@}TY9=+rdmm-n)oKryw zh7Qera{477ANpJRo5bhDP9}5}!ktrc1B&6;z-(=BZs|Uis5=qcJ=zm8+Th3sWe-xE zOGvvsyn^f3S#JLXk0w;8loAhk8#3)6#dVL-#o2dQf@gC-d+O2AZtXFHjRR@ym?xU@ z3E%Ot933915S>kW88b0bc6{uORG$;PXbzlK3;g9lyxNn_7es|+6}ddARfOg>?JO(y z)Cy9h|BPyO{6MVzWHX?j^SYB{qdE!2HiYS`*r9BXt+_Q#l1)W0eP**=7|(}BKWs~? zkq=5i*>1!(8p@&_ogu_2jF#0$h?t*q680VI^1G6dl{NS)80>&Cw?`j z61U0KQTe%FD!tc!M|Sh_3Y_Xcxq`9ao6OI3a><#mgUse@a!Qg2CWRz}OZg8)cEwMS z2vqwos6`|svSTmGr03Y6?)L>ViPEd)E8S6eRwkI3Hl2nUraQ*S+i;6y- zqO5VJk3oeW?V!aq`^LbF(-ifTkR;p&!ie8i@NFrV=?5xD^i~dPGrn;sv%zl2Wv+ti zwRz#J+-em_{bXe&r3w1T9k(YA{419$W22OJiE&P)bQ(8p;u+ElUn0+I{&y+xD|Gt9 zpB#W8KOelo7!GYUFd_Y7l`73}u%s8?8@6i}OLu|z|kC1a8se$b$1DAU@Z02dB3!H;PZYC=m; z2gC^1^k}0C0f$9eW%`n5A^NqJ@N0gBvZv)u9vbcrW%BBVVQGCKEQS z3kZY1o}wAhF;ArIuazo}#Wrvu?*S#9d{Re>nf;_dObTO;C$U(=rYjjxQsFb8*BlR& z6JY=?#Nmn8AXUPF1&R&3joCD$PXqS#R|PNCwcOHHgJ@18z?gNv@xHID;ph1e{kE(a|*7=(}SJ#91nV|jWi+4o2 z-@f`h3uD0n{5yoK76PS1|Efa|TVa?lR_E|Oci^MCZO2R=RD#9k=^maG#dj6P@1CYH zB{b8_X`{GS$I1x9Brn9?(QbiZdr>@S?wk$l=#xDK*h5~FNX>j*VMLd2;jznn(_2`F zsIPoLO5EhTN0#Tl_jeuNQ4~E!I#xW0^gN`Qg)6qlNOH%wrBv~3`o@_#vjimZv`r?m zIu%dmc`k~$&n2vQEZEDciMT@gQD$ONj44F4weIu%RKH=0%mz~Om)%d=CpN^Q7%&Xg znUgW&ROT!0X5xNMbuWFh)ZXIP7-CPVPsjt-QpA{W)*##m^2dbpBU9M~4Kre>eN-IV znNM4-Z3I>4R07XaY4g;#w-=tOWJ_l)WcQ@N*AhT3j?VvhhYorAEo9VEYEP3UTFq5Z zS`A#=+9v^jI}Ci3o9fgd%Q=}K2?v29oHuDi_O5M8-OD?lil;0# z-ZM9+VIzACCD%`NFluYs)wJ28Dc|&Hn&4pER@@|eaJp{mGI0t zUqaze{OTZOq0*zBCb)VO;hELkT?RX40}sjD$jT4M2s%oo2#V>|n zQr=1vrljDl?WO!WK-vcEuNf_*FY*M?AFiO9G%T<^V3_UFF7$HaTpwy<6o8Oj=!jnm zAEJ=jFu=OGIG9x^93N_la$hb$&&sn3>@2u~MW_!_OpST14arMgq{zX7V|9S}P-!Jmd7lM}?>MeN|F91-4TFK29ic!lWj}BlRb7tXpyS4NiH(er8NsZ_w8r zwdQC%+(qP2?@Nv4lAvarUo3U>TgOa0=!;CDQ{k?(WSI7I5q0HKq1~Ong4Vmb8q<$oLaI=h66Kv%{aV1aX$@yy1%z^t%!`}etAe;`V_~Df6 zDXy+t`lfS60!fH2A*kVuyMrU%la@|O7b8O9Xxki&)jB1)U6Y??ce*X5ko`m+9JC&Lcsr(9!CO-4WSxuhw>7Nu@d+=B*PpgX|wfd37}!GClj>i@;~7I$uGkc z`59S3Y#EZ9#WKv2bQ=x322XOPTRzU)#?3&=+r}d#O^Wg1vB7(C9fd&2)tYdAbHaJ^ zEYpv;R~_`ye_G?px|H9EvN%qET(S3p2LRh}T=_I=#sy>SDmorDm~OUEfpJ~cAv*L! z!^Eh}e76?RU;yjY=gF%tjV}ree)OlX?1?kDp#G6fMqo;Jykl+|j>vvm%D2fMNKSA} znJ@jxYI zwhlUhMU*s5VBOm75%KBCr!8h3cT7;!R?p#`!bGj(an^d45Ay(G$Hn$I@&d|yJ;RuuuVXK7Sd=}CkzY66a9*$C2O&)^ipDoPF zp9SLTNPhnxfvx|gKhr^wEDy&(H`5xRIstF37U>v0n%g+Q%dX#~;_GW@&iI9h)H`I+ znOuEyg#-tAUS84zo^|pr!w9G=kTVp8HKgQda>^Ep9SQI5rfn9o3ThMmB&Y1bGZ#n; z-W6C_G~v)q((!(Vp2c){j9@$B5;L~vd0%V^owv3Aob(tK>s{ZXNt;z2ql_U4)PTJ< z7@PC+;GUAMCoe_z%R46N?!GB1Anhr&F+!f`R-^s(5s>JQNDV>A0vT~2ynqP1xR)xc z*)@R5&j{kk=U1KpHJxz+-mi#Qla@=h4HF|-W+E_=2&t**nyiW{172ndq!^pNQdO9z z5)~Eh8(o~)s*F`-kpvd+kC0_NLr(rIa`T>L?={=&ZFAAGXJO6MWzE(nA{ zw^~#JrAZ+5pEs*DqqL;J6xPPZCO?1whH28}lp|2iknM;FLjUjy4<0~1`IpG?#2f2o zj-~t)n?D2o?rK$YZe62U@kZ?HESa?y(64bMVg79uI24=O*of^v^Imr*0Fiul%Ha** zYt0pezw;q0V2$8;oBmLOU>N(~)-vQ{{Qrv5H`wzK$nMuY8&6|1$3fZ6^{sJIjC*7R zX%0$@2Ug?jZ8)!}Fn~@tOW;Dg#ZdHqFyoBG=U_t3)kI`REOTi@4LGcDi#*6KbK z5eh$~*U{z1g8tS?rAbl%dXOGRP(m;3-;w`$%80W094>iAij(BF&-ts-RKEHr07Oz& zKDY4xE$YQYDLzQD7$+8{+zm)*+2hH}!mjiDksimu)ChiXidIpY=cz8LXb`SVxcVp8kj|Kc${o{tnSnymadHETor$$6fL@E!pHp6W_u2aOHSX1TNYG(n%!o9FH~ zPfz(^mJ=5Z(S#j7t#=ip0_Dc7P2Xl;3~J1$|FR(b!S2-1Rdugm=kH4s^(&j3J@(EI zUM{+5M+k4?Q?N5~dc5}{Uz`DUI=JtfT*kp39^kCsL%EN<5xPo^*#{=h*)J~FXPM~vIN^pEnII8ine z4-$J>IE8=@b5VRDTPIp3D7Tr7HF1AS&hR3TEV+?fZup5w%af;CH{KOZGn+4k#N>-3 zZJUPh8Zupx3pqXBW}{`gCdW{;!4_RY_eg~YWZ6D2+p$Z8%1BxI<~JGoWTS)Z z>Qj>hTEvS%-a5w9S>E>bmrK;GDu{4UM~*^uHQlqx9QvEwrhEC2v`nBWp+9m!PRZsLR2UvzfP3vdj;|DD`ZQ9(_@Y{BJ%4#{k`JVWQ!8u7+xL`de^WO}a^{Z2&BLx{ zGlNnvy9_u$u&{BS)Oy@%t{Wz_kK{_lDt@jLO34gEIh@$xbC;7Q?@(yaK za;4PR6Zgx4u&2E5z9Z~>pS>gy`UnQtM?8u?W%A$oowxzyqJ1?tV>SPhK@03t3+5S^i8&9yCghDALb`(hY+!Ow=oI7)gsi%!4IEGY=CXb#8J%V zuuRq@F-U~jOjyd}b3)Gom2oO0$OG&fGZS{>To015w41)vI7xop(e!qvb;mgiF8TNl z=%cy8GWN;uui0pi5o7TU`Sp)>(n^plCjrp}3FtSQLC}8msG7u$sUpen)Sm00_?51J zFAq8(gIylP(w45(mBeJCoN~Ex!c5R5YP3c)viUhwHC#gW=M*tndTTaj!vu@A2rhZ* zcFmP)|Gt%d`kv-zRoCtk?g|0Ov+K-hs;rce%oC4(Cz`N1ikX0i)>wKR(EC=5<}r&- z<{3VuQrUNDP(4%Co^_(Y=vcP(SwHt(mIULTCgr#viY2?r#U~& zd1=Pf;}J6_$grYJmzd*h>?UIdd@YM$@GCFl7^G3?UAa&T8L*<%{1hzH?wi=(KbDuR zUtM4)LVxsqrsl+Bm=-d``+xQ=Tf?yCx}*hv{cX81>w%nW4T!_RW&? zY8cvhkRY+Xt43(Z^H$8qJdSS6?l>2+`oU<85cJhU8?I&{B)1Y2*oh<_WmkcuqEN7- z!I^`Q;>ZLMVrj>jU5vJmrgNV;MVqyP3YnrUSIr6i^qvi+==ghqLtisOD~lz-F;2PW zZ4LVE^HOftw`91nNByIlr`{On(WkvT9Qgi%wV4#$;R!kuwh^RbI6p?iJ!%8rcF zYeNy^Gd%YTU zs14}{{%z0KN|7ul1})xU^fahd4aG}bo4>TF#Lt}mk6M8A2{@cSsPpHVELZJCL{J9` z6)8$&K@ zj=R%T^MG4|NsQGmLAE(cDq!lXMQ29BVmOXTaz?8uW7nd0;Y11xNqf6hJ(}pAYIoa3 z`-fj;BqGiV2Cr^2g%VRyzP~y7nzwRF`-WyUV8U?^jh{bSdNtSG3H_F|BJ|$7u_on` z6Ptj({JLLqmwX@Y8b8JObX@-DjJ1G>o>TAbA6|1coMpCEcBvvb{>#l+ur za3-B@3N=+SecBMDQ8efg0XU^kTeMp zA{6cCQl@L*y2lJTd;YQuU>>+A|o+wSa5SCceO{{gjmvFc%TUC2A~b;jGze zT@K;>l6I~uHA|C8LcyCmW((QI-!I0=UkspPvEiZrYYcFa%5VN@2|7d)6YW}(KGZ9f+boY#9 zn#r$nPlE4bE&{a+Uw!v|5ks<0$>U%q#7dHcm4jiTSe|yd=@WdociGvh`)I+ZO7@Oj zi$9BCu{ZalARJyc-&a$W;~t`js10Zq60nUcE`uwFtV-Moa`HHNxQjGof}#+Mi>I9w zV2nAxop91GOZZ?#$d#@#Hc6l^xg^-;REDd(FO zVcz>RwY=AiB%p6chd;IcDS3BA0jhv_9q4Ryze!!1##JL-N%b>A(5f&I(Iv_}ZkmWeYCAPKbH6qI z!L_%%w^YKTlg{onX{=6h(onv&F-vq0Ys{)EHYZqMs$&9}CT5_B3US_GDImmWz(!H7 ziXkhaCkiMBx(d{`s-emDih}Ux7wCe&5dCqF7P7O{E**8KXu=~xc8|^@Da@n=Xm{|g zUQbMGq}r;%3_gBHL{S*J4m!foN5v+#5wjhZJ6#g0va{mRHn zCH~IcO%+nFk_V#qdHR>3zjwn|oPh=6cVTPDl%Y9Wh3|_J%-&(~Pk39$_l_y%bULE` zq`VJApX?pK*N&Va-(JjD7oUiLFQgYbM%^IHmPJc<&*f7TQn$3j(Rz4sj;&&pfs8cQ z^Vd5}{V_cOV!SPAobeH&;>_WcwWjEeUc{gyE_e{5av_< zsptYlld76dX_Nf6wGMX=O{)!A_5AC|m=hqCnL_o0Go*^wniW4XKS740d-bW|telYw zNLx41E~p93v)%n6kR z94|_cs2q`$!u9ztP5QT2Wz+7joAU^yC02k>Q3y!o9f&;1=LU;zCN)pnAq zOn$VtCxu?cC;Y95E6 z8-6s3a-%#uUJ2td`66SS<6v!uJCKzSQ0+mjeSzdU@Ohj~h8Av@6s5_6!yjJ@hP|t@ zkFWC7mG>hQn3MO|74R&V-zfJ^_`Qla^YB?lD2TqI4m~2gR=e+yWqSD*=NB%fFX_qk z(R%#%vzG$F)FnfjASILhMTSr`mbYc4F9hbKROka_E0n&aNHqxlAx-agG@pu(I5$`e zn{!2b7vA20Iu6rWPkd_CoZ}G)LAq|Kc4U`p&9X@orx)WLjm{ z1YA|6ts-v44Nb4dpL`*nktx7Aj%Pn}n@p870t!Urmz3xTC~6fnc5?&d8Ki=>f>PEg zC-dq+5&bUm36&DsZ)z8S7LeMR<`HN&22!gOZ&m3e^<-;y?DdRI zww@lN4W(E9kYj<%Uoqet5Ns*y;})F^iEkYse@T|J3f*kr7ETOgSG*x}{ei$VGrBuKgm{hw$x?z@W^`V_{<^QFAeqhdE#x%FOL z`2N|;{>om>5lJAjNKWfa@-Jphk)}L?EtcKn3g0TSz37Mcjv9}6(~XU?Ka|&@GFbQi z57z!Vs;aPS8%G6cklJ*IY#KI5cZ0a;QhF0gNP~1YNY|#MyOmbD5u_9l5Rj0P6iI<| z^E~f6#&>@Iedqkf9)mFi*IIksYp#3FdChBH^S@^I>oLrs4DY&bM2n|OGNQ#jx+%6n zv~IvVQyrXc2T$~WwszQ)VBb1jw)D@94mab*kH7Gs0Nkn77ZzNn(Cs{X#c48K{CN_G zG%H&OPnFc1H(X?T`FpU*jvDG%bfydkknUk36@(fLh+*qe(nqN>j4NSiL z@|0)$oxQ6ryH&zlx^(eB;a`xVu13M>o3x6T+sI4G+#mhe^{447ocgZTsTNN?g+HOX*YL@Ocfx{R(d(^k ztSU;kWio%X@%DQn@j&=h$rIns97YK2akoXt^+O2k3Ce)kf>y4ztK~s*G zbdu@e7O$yaZG6sY{hkqz6h7N9>N`P;v=3W-@nc9*pKr(O>ZLWU){?@9KZ#8R$mt%^ zTJ>KIc9Rv|5A`E0KFbi?B!5AMCyelS3Naj$M!9#z22wDBf)U(KI2R~Tlz%b86-ba{O12o5KbnLS^ zG2J0IKi5w6#3BODoi!SMbq-WBl-oeKNM%B=zZB3Ro8=>(X{08y3zYv_4_av-xHe7ON*a(NTLtl6NHkp&|EB)Q9x$6l62&C?+vTJa_54?< ze47@EbK_j?N|zKfZA2~ZKwX>(%twcUu2Vmn#V2d{Z$e{jpo3YBVE&g>1`(BDf?&Ib zzsD1Qa}={~<~Dni<$8CADKzlR=rP175>AG5pT;0Ag!>YZk>VGrB@@K))HsNAr zY(hfUe0~8|?3ogD#=!8hk)Wr)hF`*`DkSA0AxUY^vCBJW*TmIjPL=>;;+Wq%EEgoz zo3dq>)2EMK=x;Y(w*=c=%)TN1D?kG2s>UJu^Ot*6wBW}-bKw6Xh4a46OH4lW=3glI zn`8c)qO#`hLxLTbBnL#F#?Ia@FbiM1QsDXWXIg0<>|nVH+2f_Ni|dSeIkoIaoF{L> z*9V`llg#R$uK)#p6b2sGuDJ`LN?Y$x`uh`}6g7(RHzuvbsa$CNOHWjgX zj5XELIbxsigdnvyM#0*SpIHTK+|%r9Z^iM)N_C2lqIk#$P>}lxbxF!G3tap>Cj=2QyrS;8qvsQA9F3S#|*Xo!{FY3&x? zsGFR)0VCF#NlM>cDAf(MZJEEyQDfaUh?3T8ElV2up>|XjYto4AnQlrD>hFwSEb@#F ztV)$vJc%K|?(Xp3>3={?Tr0ajBHJqQ1NR#%TC@*&+|qXW_>#F6c`lNoO^fqW`GG)G zOYLeHaa&2^h~U*u=F2Cc^}??8fmd2_1Cdt9KONMSZ*lwE*cbTK7kT=QeQ{{0tE|l| zEg00*-uhC7_bb$G7WfpvEHmIoMJ0*gB5S9Q9ol&dsNApR7d_v7(kU<(;;y3n*sJ*w z`S8RlIcBHaq_1)A({7zYO9^AEASZ46EnNtL+eDK;*{SI`cwTxGGUGW+$fmPSu+kd- z#h~5)f?w!IZHH?q~)YCVIt| z5f)6YX6O|>|NG%11)-9FXS8Qo7we(kyq^%N3vs_UWlS1sT>@Z2?f%KJK%5*&2mIE)wuiDrqi$ajdeHVe5!3&d8;9jh3~0;Eusw#p zJj5PaQ>l9J!kMm1hxrwTc%luHJp}zq8ZaA$jNS;)aK=Z*HjnRGN9vR2goO|PptLbI z+&h;m7#n_ouw`1oCXN8f93z8nsC3{P^1lvR%S3uO%0gj(m$Z$Esqe+)BB)|x?S7yQ zyVrhrK#?v`iqxzSXx%7N$h&Hw<=f#ldNmjig@VL4D*f09YWlBiuv(J;ADtym|6zwJ z9+{4~5;>)=R9}k?u*7yA$IpQITeuJ=lN0S{Kl?4S)K`ThDJ`NmGg9?;8wa^QF?bj= zbfH-yu@#a1z5C=G_euZgvSC5d9}NbCf_L%+8ag9XJp#82&qv;DjMVBs-z z_)2aD`<7l0xxg4h86DH59@aM?8`3jwTo@f~Kao1`43&Eh9ZkURPTMhLJefdmt3TUb z5ar`TYzKL-)uL)FSA{ED&9q^0UGTMc`y3gDPi6PjOKK}<<>vn0Pvp);>kljCbuZ|j ze6W<6g0F~)xqAC)z7qoAk^*aVWnG?r3#NvE;guncpaHaVe5g4Tm6jZ%=toPujoEkX zJb3{dK~@!HlVuFHs|D8+CYdqI8Kccg$j=MH@}BZ^o?a{Z3}ik#?qRj|#jI=0xpR?^ zPH25~88wbo8qP|XsIT?BG2SLqA${kkU-3vy>}G z55;GNLsG`xuTs@*u}6Q(`JV2*w%a~c_TWfaF^!5oHtOwP3~ck$zVO%V^R$gx4%5() z7D$8SrLbmR&z=2|=^T4=pGcApG1b3s$#$lSV~1`tlq=og5;IkPYLNsW8#X7wrOqS? z>ZRIS+kK|x=@Eml<)x=^ngru?%xqHC z%nUX?F)q%XTikXA~pBpH`<^B z{=<%n>Baqp;T_bh_1mfh@!7m+nM>5OqY)l-?!MnmOlSf@DKpfM3Q2|;wS+y@0toIF zDWRq4Z2#&-&<0#pEi*Zz9v)>=9_@G0*Fdy?r$szYxMhNFDMfaABgUc-^gZ5t9?&|lx2TFqrUdV z!tAp2B5tzLrUnK-okgra!bLdGoHjyySZohiZzt`& zqmHhJGZZ;W(Qa{P&1Vl_W4ndixR-W`lN3~KoBY_1?#?+j#;qb*Bn$meZ$)T$MmKi3 zdSc!k9J!|joj@a>;t0%N0d!{OK`Q18FPl+>;>Njvzkp>KTtqtg?|O?oKc3wh6UN2g zo2FSp!Of2&T#sUdX@qs}_d@{~T{}a2wD7<%@4NCbHShd&z`;`1(ce zQobE&wl_Oiuf;Ut)8B0Cf2J(>NhQFs&#=&TSgAQRROIb6&G);4O79Z3c6{ zU6!JBJEOgrIF}eskL-HwJ2s4O~5!Y}y|yRI0Q|4{YOcL9{WwKT?W4T}!Xc9hy`(2$r?Xs?YD(bfO zn8?}FGxCGmG(nK+w4w(ME&$o&(6+3f5P9KOky=STbk;{%j zPHXiq*OlD1isZ}(@$vD)$tjejz zO?AnOpsxb6?~xZACagbWLB%^nX_W~UEC9OF`sbXy0He#wQQ2s10IN7;$IVEyFP(=q zHrnb9m--;6J&vGpF+zu@RqyZ~O8+Uc0atn1!u_IBKq~N-*js`C6y|~EA031JS&rBF znO?G6NzctdY{qb|c*eliCFl=NX%$ebn=Yy^-xkA^iQ}Xy`RY^PTK}wp+sGZZtCRc6VOSu;*Khl zzg5diy?6}8A?3m8VkJoNct{cY_W$v1oK^yW@Ewly-O@8ND^^zJ3ljF=p@f6Iyb`O9 zsEOkzzdWr+b-R<8F_YMJ2Cbz3tba5eYbdgx%Y(h1CrsrUvFM$bI@j}qHd?F+7#kO+ zOHsvO+nEE27!m(pcpUow$oA%Hrg-%XJ1to5m2k!~pRE7ROv&%*@Ys9P>c54rO2!+^ z68J9ykCHz>AaoFj6{3rI9z;Ebu&#pkq(s&I2KVo-IpUt6rtWnOl1r{ZC4*?2sm~K$C9}DGpZUN^Nx4>$ zn3((a+dW}N2B6`x{o^C+LW@&m@I%b??jCtI<5n2{@0HNiRYE)}2{gSb-N6m^8O=fk zm*4Z9dI|PGdko3%LB;=aEXY!spl^I!4c?@YBS5(~=cE7#TR?SDwza*zR}(%t{k_v4 z)BJOKoW)z1viWBPe)eSK^G0VW35mwCourBwD&1F^0R4sSe~WzqK16TV+VPIhr=G+cjst^~Geq%`&?_1fb#rF?#c@E-9Krx)^TgpoxKLf(EVvGalwu6-=l+N|>IRQJq1P+TqzDA!UScSLZh2s9B2Nnl2O>O5 zGdjgQ_ACeQN{eJroKo3dPz@!}Dt*ZjZFn_dx)gZyK&K2oSTXa;`R}gYF`U<+fOs&0 zHtyiZN1(CvL(chLsOD|vhyG^FD*al*Dz=ymwm9Lsy!De!&Q_N{P@n@B4QP9XFKfiS z&Q7CE;a=V)@_kBbtLGPt8%a7sPdBLz{J;iLtYT59Q-<&S#+6u9xB9sj-uz==GJf$) ziqFh9qJCP8hE$WJl&OcVtYfm7u2I7&q}APpaI%G*20`PO)<=DAk~8)QUr(oK0n4Gd zp^lH|;S3c3J0Rpnzpf# z?1V+90D(1~n*8S-O8u;SeEth0ptBjf#mPkY8iN-Qz`i$#+{?^CA@!;Ewr+@E$(KpD zrdr);Q?n?vYofB5ZDhCkAcX@&b(ALFb+*2_!C3y}9jcu)gIl-q3FT6i%j^tuG@~v` zKJp9~w-+KU?f(0M7T9Gt&x!}x#J~DUO+TGdiFXnK`FUa$x@}bW^h*gCaasA1PM(rg zf2oBm&Z;TPwM+Q*Yp)=n=Sl&za{#ddsT?T}R7syxInbNb|Cv1+*X^(e$U0^I5Gt_6 zCx$fbeeJtj6vwTvOcsj2)9N|sWrhS6O6jX za&Wkn(rplom7yf^6%jJ#17s@6xDDU>UlT-WVSwg7zTe+!?8y;=`#ew2FP2(k2Gz29 ze(ZapvgHeWPOoC);O_YnNswf-+^f~CFrsa3{_q?hy_6%c85mjQHg-MO96gtdx3v>O#2d;t$W zr(0A!Y9X{xV~qTlH9l*h8k7soH`t)hi=+rQgV&q&IYRC**^G=wsk!>azzvDb>GjoL zPG=X&F#9>DsGS2GQqFFVC8QM_2W=Wc&ag9AJpviB`Ak zbR_wo^K<1nM@b^D&l=TVfczjTTum*!0}}Wy%#3U-()yU#>r4PIPimlhZjJ!#8le+$ z_NdUPH_?d>oO%!!0YT5w2aL;&9N~JgPL}A;gLOIb36MwuTO1C($}ph25gXvU+enEN z^56$=Y=ZS?1M``|M@$B+8t+0%O3+o)xuO?5b}jEZe*le7w%e<{u-01l#A=-ulrK3_ z(Kw`4QJ&bBvs(0OlX9HLHYAqYlZ@piA4|QK^LykQ9QW-S9p+GC$?rmvSyWdyKN~Ow zZ1*wX(QJnx`XUOoiX!UY^MqF!@L;dttD#3klW;ucwG8aa9!^*D7gWYOA!mE*>14(T zx+XpL1WEo_v^b($oYzWg)tQ?7{P(;rfcfY4#l?sv9=#CWy2(%sW0|_T3F!1-X;9rj z*p!!Z3EJsm3gQKt(dV3;cK0PlK5z7@D37}P_lKa?>?5k>I^2tlDER6xb&$k{< zB!WT*D?4)!N;-3|jI&}cq#kXad^ud9+<1a8sKR%|#E9z5l~MRH_fz?hc>3ApL4G5t zzm!8cMP2)y@?rgkUCrAGSd#YUDM0L}KlxviN&2|Y_06Q5t3*U^>U7C^1C<=GLQbX}v3vi{7Is2IByZI%J?slxdKR^BiH>K0A|H%R z)q~Ya8l`Hu(4?Ir7=(~Zv2!)#K&ODV^4FtQ2X&IbNRX2m0qov9eG00&>%Nak&5?;5rO?cw3%NP36mW zki00}pOHziBk5DnPFwQ=7L{*{e)#}Yc(y<;?QUP|~@d zMV@3uM@K*3eflf`_&H8|PsUxnl?zoPiC3Yr-0!;5D zQT|?^3ey_All*A$3cg!rYlfvWBUdSvTdQSkc=ojD^QkcRzHWf#bh+T)<5aSnv$X*? zm#F8ux{Vxa3%?Ts3_9rrYASSn@F3baw%eX!npMvm3Z30wXWGPoUULX+s?%RQwSe}s z9Np^i`p{YsvQ&*~y|j)V1i4|ywd*j~4I7{;LhE_BG;lqv;xhc%yY5MT-+;|W2g6u6 zwV77Qv;lay87KdY^@B(!S>Y6vC~;K65S?!j*0<#JzM~zCA))e<(+y1&!Dq+EL}lUA z!N!d*NF6ju2??VpXUZ(bo*U$d?LdP5{5Ucl11ZLJ+J~bkFHWRchNW1oEQXjVcI3Cs@)2{E)>sIj{K2EhCiP^ zFFz{D7l_Gx5#x5>3XM^OM_KRpoj8dscS2S?XX-os=ICOKZA!n;*J)XOy##O*B@6$! zz)ffx$mGFf-&hIp^{kbAu75f1lggooDt`CxVVmn_NT#<7pM@-M!0yZ+a@fG1DAscQ z4zj^G+J~%V@l4c=1oRfOW8dfBTc=#G73&o5_~H9tN_f*$wy*R~8@{e_F!+E!TW1!^ zFC@fd;(zh#-g+L@ns$(Z&M?{a!MJ2JNC5#TBniHK%U`}WQ=gGBXIpLBgmEudp8|~= zaB?4>J998HcXWit^OdQV?LdAeb3*zQTuIk2?%xvj`?q8i^gqc@&ioND9@3Br>f+tr z)ZqPb;iag)bEGIn+*9F3ezE+iAnPpuHoJKzfQ~30=omzYwrw{~Up=ABsIT_rJ{nAxrQY!e1_}|-J0*(bPu4(-do6+Q zTYmNY-<_r>sVDq9cXk9np(l6&EUHq;sb10 zdfNWzbeaE$eJ5VIBP}y{)NOVqQ9(PNyrwgj&}}DO3RHts$}xpiO+ix=rj$S#2{hb` zRKM-sg+v3riz5B~_OpkG8LNK+>`nCJuxuV>|tG!vp)GA&xdb+S8(n@JQxvHrRg#)&2f#i@tKa z&f5R=={GyQsUlxtmkDfP&v{`7re&5Z9EtG)-pxn<+VCJ4rrkM``Z9w!+tg4iuDDsa zC2}&WaYq~x5q)ZMo8zl5lZOM$-}J`)Aw*wa-^c7{{`K0o706Dx`-x3yoSq2q9KfQV zp<_YIC+5zHy-j|-SeYo?$pTuL!@bg4I);yrG8xRqz(d&i7AT`b`OJQ2VNjPY>w-ecHOfj~ydVI3^ITDyqF>O(kRmChKL~J<(9oKHe z@8)q;&LM~Cr`9iz^6S?6J3CW@ z_18XhZzW}>7ONXbnoPh@f)Grif?M{+CVl-t3E=0>PW0-kxr-rPcsjSy8jvAbyOWOu z5_cdx6lKgmIysTMx%xXGXlAyefLH_8VgvMNfYL~;TDDM$Of>yUFRVaI)Fb)1VGuTz zKT^;>eKK@c^qbMESFcbWs3M4I+_SH7S_h(g4f z!EyN$c3@y2U$~-&0X9dY+W`=z(7S>V-U~ed!4jR4CqAb(Tt>}!LPA0euasieS63f+ zdU}@26MTP0y-zFREW^54u^$P8%j9T}!wSl6@gVFrF6|M~M9fO7Eh_;KT2eLH=g*&G z5tk0aHGls41(j$>%Wis13T4~VDN`Tl4aZevHLTEPL7~gS0^z2nR*UU0Ewo%+>xLDX zPZXtJV~Aa5oh7B&izbWq=wqIAARR~n`zECCxRe&R(KU2P1;&-Tcwf9ntF5hFy9z>i zSP!%bXru#Z04Qo<$?UPhXh)8Mf>Qag087AzB;kNjvjRjEI9%oXf;N*f-JggpLPA0` zfwTqKHXS@>M`kFXog-tgq!5lWUSxiJLVmDVJ5aWXsiWC_VASHsEhe*h^xD;2F4O=Ww3q)&$rn{pi%n+t%t z{u(Q)likoR?6}Al%gD&cW$b~P+awA3{-2MdRLlVW|i4>#Xl+mU)Qe@)mfk+UxAJm2_G=~cSOI-Tqleoq^A7#F*3P{S%gp#B( zL+;QaqZJA<8h^7&1#L!?`~^RA0|oi{b1CS`*%E;e+6 zq940-=zq9!R`=Rar?PM&_UB@iOx(yg2(R8W>2CeS*9^d{p{g zmrl6)U)=8kdlEKUAN(GjTH`ii8j8nhmtSjt<@+dm7~OCpYuWcou5i#xxbtjrIFsa~ z%g4TETqQevrPHRGMulrGm)}Zz9X$}V``Qg)T*WuoG&W)J|Jc}CTU(>r)o$@OoD_m- zSa(dPku-c2l1UG@fLk7T76{%Y=~TzzL`I9vULdE0);ji1(nv&chWIDg-D6Jxe4gjr znlXZB>Ml@2si^36?Sf>7eC5CUU)XQ8|kIBSav4251l$o8pfgF zAnuqcKv=^CSd6lP_EdF?wO-{G?*4ZKqPP;k&%XojqBGe#$?=`?~P>( zdUoGOjdRfOfoJKx3!_xDVvXeI9>2e$=ZbqOAZB{!KYB_7Q7oQX0(w3i++P!F?vca& z95j7l?oZ&@aFNE>;U4yLkAtG2YFHHURZ1+gwMKOp#IzfQ{2`;xIeT7jDJ508z85)f zPa-ZZG0g{0E7qK@BsJcBD&%=f!-w(i-ND*be;z9W;J=mE#jfdg$oXSdCZ>0mKm)&0 z8AN%QAcYAlDzezV`ThaR-E|lB@Xt#6<7p47FLw^#sJKiD=c&UUaJ;Jh3NiHZ!H9YZmKan*vlW+eZk#VopK+BnnW3BnhoG$vFbUZBBRh zxjN5=*L}Y23L>Tap<-`-gLypxPiH5c{r-`^KJ$w`P>W%3dc%y^G84Ac{E*6bvZeXY ze^i?6(v7O1QV)83zR#LRbo%?rg6`YA)7nS2X_s`q9GPun12H^}&swQ!y5_`RmcR~VQZm%$=T8#X2(DwM zIG%6cCuqRq6V-XMdx_^u5~JKuVs6G*)Jk)Eh0C)XD_>?9bCU2jeklDz9&G8S5v}nd z(IfI}r@%TX%D95@uA7ciFOrCsVbm0Oj9AOxC06$e%Mh-?n67iKdC;s7)MN)j_CL9o) zjWLE~&p&aB!Nx15UxN{OE_dHw{W~S4lk!7d`e!kDycc`ruPbq8av9bcM?yPRHt$vK zo)BTb=frDw<*N|uL_6tpFjZKjAHgzI1Z%Y=(~CUW3fCwMWlwyDm@(_*D|d8wD`$r2 z?UN>Jdr#R@TZ{@lkhp!@&6+n=QCb)p9fJ~o+26gh_jyC!UE<6*UUo%E6&W>z(_-^h zqkk|p4&FGJJb;Tp6g(f&V20EzHV##!uxg`0q&2cavYPCe48G(PKGa&7%~g7QuyRMe zAGpir$DcZpx@#_g0!g3?NAw>RfIap{3w^knnhqKyJQi7i=);hsM_t!9D^o2#Nt!=I zgAiD%7I-TT;BJpp@g8-ONAj4NeMN(GoKC%h)h#gdEBERe{(xUjm z&j}~d!^{2>Aa~xrvWnOm(6|`kdGg-xCig*Wh$2QRXKAbRUs*1x!3S}p?4}_aEB)*G z&uOy!{n?3)bJ}QQ9nH)_&~{FVY1S`lOsd5w;}CX1e>&n~O>S>Zvr*@cvvJ;sRjrd5$o*MteBW)42LJf;sKLxp;ziltaQ>K6m~uR5Gyvex42`|>}{ZpNoPw@vjvz+`7=z6vdZ zktCIcU*kAXhC#Zt&J(PC>=N_g?utB~rXtY4aj|9ke!7gBHKexXJ~`kgTnIBb}TThy=fD)BqW{CF*S@#gZA#wFDn9xWBDD+hNL8*l7m?T`kwUm}vmo(YU4VVoj zRK|C_d*Ugjn#L8)W0FJM=txCu+VPT`jK`QOeX+@Q#?Wh+RS*VO;Y=e&mK$|3-p)6Z z>g&hMJh#m%0!XUykyKgMujj{ms>h4vNzB9)vPHNl0q^p&>{-k|dC!pl*7F_P|8HLp(Y_)P^!1N>r{Pp+uYSq8Cmusq2RWfAdVZ+u8 zAUWr#)w;6>(5RzvS91OjI>|S1E_$=ZBXXhyrFY|FHH4?Dj_+w}QVe4x_!(!CqKnD$ zOV`+2=GAJIr9nV|U5o}T*7;`qHZ|Sf4k70zI_akhGT*tci8@~~;KhO+|H+>8UQt4e zH&evnDq9T46d>2ri$8oK016mhS@Ip~pY5`kYXpQMuy>LzkcqP@j(lELa*ixaPQL$} zd?|s$(XIabHwx&6KGR8aBq9WSn9>|lL7h`30^2rjgDe#B|My|;_z?Hy5JvQnXuvQk z^l}*pz@oXW2_lAqLgyn@I*w~li+n61-mS?`0a7G>>ro2THzM?g`a$Mv->MAQH1mVf z^B%8k>`Y3H2FBCG{0WKz!_6&3tZ{9#k2Zab1Tw9u%f?NoJnoKp|gxZ%;! z(Zu&9Q=izBp<&^v1T#EfCvSvrRXAu}Apc1x`gzaxoFL3I&DG*uk_i%(A)rTM| zCEnW#RV*0$?+jInj;3qeXDP@uOCR__HNuT?4Ii#i*l-}YhSyJo`8={ls>u3UBNNF$ zHQSK6Z2;7ijG~7Z=_0VfCt9~z3oJSccrb#=MtBj}ZD~=T_7O;P@KLd*zCSGS|LQQ9 z3NoKX44~l(#>P3bMhtynjs5Lm*e2;6wHl8~#MJ((k#j0jK#TVThb~HkIuUZ;4=U7l z3qd4%=7)AEtT!F@@E0K79M565pjq3#&cUXhty45!dWE)()1PWPLqvIr!lL@za&dM% z-yh!;R9!(*%XIKLS@elgJWVi2GfUc~!5yY+>cD<(deAL4-zBXEgCwRN(I?j5-@gi= zBnl}DfqRYwz}Z$4_7{&fKfkgX&mskh71?I~^!1V^e zTbiz+1C!lRP*P%&_{VMxqW>**^yiZc0CC$gzY7jM67$3Wj65JsN|+_+*&nxOpjECZ zJDCt%hqUCPt$n@ZyGM-uw+P8waIx|KoI#AMqI$~boM&I z2a-MrQ1CA|ZsP})KFtm#2QI_b2Oyma2W*2@zY%Jey!E55?`}Wc{y;xX8mB&3|MBcTX<>fk@7 zuZVR?t~gjO80_}fm*|0dKNEJlX`8Dcn35{0H^T@#k(#y+tiW%2=G6pX#bMD%)N7qSDv)%iZPr@vo8hG;V(fWXIDV6LerJBeP#e*vl)FM3tZ{qUVt>!p`zoi|5!9Iq|7x( z!U&NR(g>z@&%Fo^Jr34|WNauf*{Bb%B>EHQfWJQ88%=W-cahLDa{>29Th@%Q*m+M{ zuJe)1?ptMMIp66t3o;*6=`>MM9TAhO1*j4_PgwFDkoi9ZGk8qm0d@;DR8E7**2}_V zy+8118FpiOysN;*gH&ko-u$Q{K#I6;!~7ht?iobUIO;I1T8W;1+9@d;-8${fT`-Tj zImkr~GXnczaCEJSuld2!9kz5d0Q408ki~~MR?L))Dx`5V^_l!<@qrO&c+yG}J-j*( zjZ@p9?+r`yVAuN|cyT1_*HPB|8>~@hXQznw^g{@=^%iDU;xLK|LnTb`JY;s6TEtb1 zAxY;Ui3UEaA{}PJ0_ZBwKfIwm+4>y$B{w$!3nJiJu(X`@AiGpnO|8kT7}V{9yZc91 z^rJ;Tka1^$VfAR2I+~jJz9r2APe52uu7+fQ{d3#m@r#d@uQQdrbF&I5m1RqmtU$+B zRbGS<5gi-Dw`fG_g|&Qbt$LSwaRB8*p>xf`lBlYH6b|m_Zjto7_&re|5fL-Pzr}dwocQ_yTTI$qcqR zeeFe-LP6&R81kqHQ1T>Rvt=~k5y)7%BbpH*yH4YV9t|g;>nanD zE%Vhy+LsK)XfXzWn#nIcrY-p3kJVV?OEkeZl7*>B$$=HWH(Su;O=jCM9o0|waA{uKXt5I_tx&5t^~X#tK5>XUEmuVk+lB0$@|x358k z;X@!GtyFVpCouou0lDN;1zFv!H%CWD{h|2`7uS~zpvGfM3}rJzBWzBqECeukeTx&0 zbk~C%>BC2de_m;}yW2)!OMbHrcrAy1iUP4hsTnJ(kV4%XjH6nc-mGd3xDn&=$_oXB zy}qz_9ClgrujDEo`Fkgaj-T5{jO>AU5&x4v=6LpZTwbp$*OH5k&1|Z}oBq*oWoWT| zRVgB5G}+Ir)3dOU*E@@<)ny$6NW(uqL*&0N3w-h6rL4RAsDb0-^k-@bfP6gs>oAv< zz3Y^VKtm&y(+EF3os45>s(L}Sr|o_;_E#(N*f zs>kO;urZOBhX{#(5>+N#l#ZG!tdSNsJf4WE;ii%S1wZZ=O=A4Niz+eRGefg0n2KOR z-@j+w3H-knjoud?{@;y#d(F*z`}!b<%N?LLCtV<~%&PfHrKhy1bK^Zt;&^Sdu`lNV*(~e|Nt$Aas;{F>(3T zi23IC1>{)Du8i%h-tKlgN2VTtK*A_c5!WE z%}nXg*T3j_cr>Gt>wNYWlPzJZgV%g?Biifk_92Z?Q%}gH+dZ3a2USHD4^Yyg(&L?` zFyWJ(iZzS3VVoJC052Ixf$NiilGGqj9{)M{UND|k5=}=(CpQfTY;e8(ht#v!$b6Xf zuDko*f+DAxD_Bkky*U`4vw7gWel;7O5lH>MRv8d{tJF^t63FCpe*{@3=dl>w$O}&+ zke6?8-Q?ghd9T7*!~_u0YP=nZb{g~Ev1%}J+<{4T?ZS-Jd1u;s>~e)GHx0nC;EIDQ z!ri^S#_o+EFaUt-qsx=c8L$5YXu9CCAj5m@z}Y)Ij792D)jhs1f@A*^S8)#J@^g&^ zp3DCfYq@1bM!;#71XRz`d4fp#L9i2SvvWZv+KuKfv9Ksiq%1V4dk%=kTAjwC|G7() zUbIIj(q4p*@pDI#n8kmMU()~1{%&8Q4R(^xmCukAk}qkNerVt%f=POu0k__$V&Wdt zqjMi?5f;OfKjmIm&Yhj9-TRZMxVW_c?@NLabGT?Klaw;*>a=_wqgFMI*Yu=M`od6p z72GhD0crjb8QIH=f0wux78Z@OV<7b?`NjfIoajILDX-O*%-!i1jVWnlBn$5Ea#U|D zhmX`f1fTX@>3H`&W9bpEgJ^e{2ev(*VcGth39z>XJ{m>Q`SD6lY>zzwY>+j%wFo)z z&xQ8Xp-Dk_`8B+F3E1t(|Jp4$x_u%{>fQn1SzGmv(>kqm%HOk5W(!$_9G~+7Xo41O z!lbk4_sXfX5Y~2!izqE;N)Z|0b;Y+)pTga$9lVFP3O0{`UFqKnl1)|Ee7Gxhn6Ne zo;E!xohJDW#b?T1+=d!jF7;|88C^?Dt5+lBJC7|K$H_^Z)wZGVj*KeM5mx>DwGNt3|6~kkg-R zP4F^Tx!dD(V6xqbx^7JFhgx3<)QFi+fJpPzoXXWMjxU+>7G0EUj{XpZv#9wrkDP%0ZO zWA&{6o+gM?g#i4fI8ytU#QXm}%up9_LSxrlr~l_P)iOSsfSe(j%DBjvg>p-yLk@ZvzV{~T1wIX`9k%m?Ydwp`CDwdb6(^H;UAp5^>ue!h%~ND z?HK#w8!--!n7@Fwjq;x_=U&-;{xN_bzO8#pFZ~uF2Sx9B`9J4T;pm1jvL^+A!rivA zX8^~4?yXwp1kh4dI$w&l0i1@F|Bw9toJb)5L0=e#!dE3?@G@wo%~<{S3X>72_y5*= zXv+_`kx@_&`R|>`u--G56n$z#2%mKa&C;Seq&Sel@{g7$5*- zveG78$p$a@ObFt`|6KF71Y8r&37iKUH)7o4zgJ9@1`J9{#QK%P_Te=3@$qpq*$dEn zWS-iCmABs5<0#C^OlFJ}kLVB=Pk%JvT>`w6`;ZkhIwaqO z!87@To1^Zu%o2a2-K|GlpWj7vbxDhP?3OoJHCf*QbO{E!0RFuU1*f(g(0LX+z4{z+`TpK|Qc?Lqfr{C&=IRnkOm_;0Ct%87SM z`OZW-poU2A(%`~oR=@>TqTX{3vDA7Hik+eqyYj>e*4vi|BU&ka%??H;>1-dL+M=EO z8i@-El9~Tj%@e?DWk}e9dca^m%frC=3tth3@ z?em8-z2WW)Hk43p!;(uWe|DMNr?%Pev5wC5deE9`07%qx$qAptl2=i|lJdKVN@jT` z^BqMCa98DzPd1+c$|x})FZ6?HLwu9gu$=2tB``W?U|7lBT>uOUN_z5&XMR4F%zMY3+c$$nTLTY)0qqY8N?GE3Z|gZP`CCXt7(3E#kK- zazZ{FY0bH{UU*Ilr;^5H9>gQQD;xY2FjGe%Y=`sZ-C0DarOwz3n3{l>2|BPn_VJ0S zR8$-!+dbK`D!Djx>*bdmZu8#hY1B7OyZLTq>TKG@u$N;w;h!^jy1#xU;ifezQcW8z ze_jyM8gMa*f`+j?`1@|0ly{BlTU9I(&P?w>z4@(#M8F9eV8QpSoF4*vdtx>5jy8o= zL%~@S3!hdrCR?~R=FG6b!WxfSjN-f7MmLE1h*q~^Uw{7)?MrscZzeNdIPmOfq5 zq@x)_r<5O@LF?Vc^-AyEuQ9;&5kwdiVYqI73C|Yx=W{x^J33xhMl6m~&n1d$IC2>` zQvCY$%jRo6%I;T(AlsSJ)thUTe`kw!OC6B^bliDlpWSmVcE8rfjidxBG0qf%;@EOW zWS*E9WA_B+O5Rd=#rsY7=P2yxR*xVa`&pJh4*x$@oqIgf`ya>cNSKlt(b>8jimmAk z)j?{mbDLZ$mmJQF`AHYYEg92DVNq1%60$@{%B53ghZ*Kl&9#$QVda)Emk|xW&#K?= z_xSCP@BZ2M^2c}Iy$&#}=OWJlGB0P_Z?3PEkb;EOgzJLtW=!Tme|-=drDXMN z9csPdm1qqjc{u1rB&@$n(#5!MWpo76u@Gjx-SUdC?vvIUFUv^ws_MSD{FXXh>dq(DmLIvE(?g4a^=VeC~-Ky;w>j)P3 z83YSCFU&b#c|o@B$D1jw#|~>S;O` zf=9>tv8+l};m}NNBApI9ceB4T3m@!RAGu8is-i>``?fIe`4MEnjviFe(nQbi_oF_g z$?_-^Qu{|+jrSSYyMT5L2T&-;=v-rOz(Df?CNT*!@9P`yT~Sa@wo*jUoMj~)f7C7tb9l+&@v3|mj)Nbeje;A6O)RQV2|&NpXvIwA6S?f zbYpkleuV&d%~AeBO?;#XK^pkyD9W`g(`NE9JP;IZl&kzZEDN}c!lijwhpR)V=igM= zxq%BxOCjDe3neiu(mktC&n2UzEq8I8K0|oB$G|Ti877O{59@gQjOMf%K3`WK<#}9A z&eBJRso?I+KA)y3;uX@YzL+ctm*>?WaMg3C>60oUWS*kJ{M_^N>-uNQN;QdVtkMwO zpMv_oqHy>YxlF@Pf8B}JS~y8qej8v88ELf~+GpYt#mJ}$$@c9TeFbLeWvZ7xFvW(2 zhVHKpoJs^k1GK-C7EQz?sj)f>2?ohKj@Yq2qXE!$WmwaSj*VJb0V@%z#Bs+R30D_T zIk?b`Eh)LCC&E-f^R|rXP@e(nI0JtL#$PEs2r5LFB4s|GUqPNV*Ap2{Agb>ff+9)^-b_#_DKjD?xCtAvCSL#+UtG zxLDc<2T^Wy8q`2fi)Cm!SYFB#((+-sK>PnP_wG!3kAayqM9vH_9yBD5YRZOsX|Jnf zckkK73|`gu@d=wjOrzS4_>y!77XBlsf?}L8Z!DaR)F8T zOFTkrY+6mgfqQ@J77i8fZ@S&fCJ3dIbmxQUp}{8jp^|v9l7*9LyT5>R3gr-$$IUUS zk~!N+m<8o1pLQSCq$Scg+}*PPmI(M$%|G9>#$UhK=F3HSUz(=O?MAw~Hsg_#%7rjw z7|}lZ%kq1rHMs>&o-Rol*tO&_>>s<<2!{b(h+f&4y*K|WpYI?L6cXHZY31tIf~Jk7 za&r&KXM(R#vifqqn&@p+UTenEfHgP88_WS-@mUyYy%7g~PgoJLhbeRU)*ZN@RVe%f zSKE=oZW${QB2GRFKe)0b$V_zFg%n7N1>i5ktWm44)?XW{x_5VJ6MBmy(lE%WtbhCi ze~YyuCJ)4|I5>8l9y9rcj!HE#;il|-aJ>Fki{h#r*;nXPEt1A=F)aI^GjTiqHuhb7 z*>L)?i6BU<})u4`EW5+{JSV7R4yYABM(jPLSYr~7(D_HI$6_Ky)dds~OM4t>) zj&Hm6^TDRa^=t8<5Z3whjQ?l;Qv`xGcsYD(pux|ZHhfDjlp8kNopUfsG4IG`3%&gc z!>LB3OPJ}w+7ysFB$jN5oVbno6XSZ*-97UIEp&9aud5N|abK?VbupT%#mf_!w>Bzm z8Xt6IH{H;*t_Yh@hU`D^$h1K2x1?YL$+l8Fzj z1FG;_?8${vQ;@EQ z7l>!Y(MM?MFG|UMnF~b{l~2eanHR}4{;SOalAYJt96nI_!Vu8}ZM6aJYny636TJzp zzfb+Qr0@P>hzR^eYxOb7#=B3#BuVUBJiYputh!dWooz+#55pl@4nHKhg8#XS2(reb z-fy2hc2@hl>5)nS$5H(MgMkaH6=XG^JV69Md4gbu z@*MbNJ=g~s_=Di4DKGt`a+G}c$rI`)in3BKyj~wo-yLze^8@TL)K#d^Y8zB)c?NI z6W${+O(dFw7w}m_62Wu3o`H{=o*qe*)Cwfb-t(s+W5iR*cR6~Fj*cyK^0?r03&}Ji zQQj!*QgB`_O zT()o4T!YqZ!+GjIjVnvKBC^8h<(UmbSYd@`1AJWnx%AyVYBeOGCPp{8e_rqh@8725 zvz|nO1`=R8G*O^kU00QVqY3~TFt?{81atFa3B>%h06innlWXDR%YL}5aEbxmUmNu2 z0u7KXhC?HwW4cw${+earPfz5f?gX`vgjn$0zd@h1B0YT@b7&@g9loWj@~mi-3moc6qp|@UvtX_~7ucS505>^XzN=wZTL4KV79Mb?(78 zJKDlH9VU%hJd$vPTy2TuFet;Ac>2C}O>`Byxw?2rDOiUqTEwu)VsA5G`uF~R{7gg5 zJ3hbud^Lc^u^MO6$532A5H`1m-EY_2NLI3M1$?YBs;p?D!IC`c_T`ooz0r+Hxv z8jDV8>`?0HVsbq9c2+a%9|Lr1qv#qYAN*)1`fY@Gs()3PfZeDbaK7_{>KCC}SV2L- z#DT(mp;8XI|L?eHb~_jX2t32W*BRm_ze+`V6VG2%N%bKi6T`nOj0xu7#P@} zHh|}Uyqrc4J6gWz+ncfDa#%1gJ?+({a(JQJq~Idz@16^dcp3gn>Oa#RiWg3#aW;DO zwB^#8sOZBjyr=g&iC+L2V!-1Q<#cgECQXL9EwO+jkmZ=cJ6k^H0;}Uu(;ef(Pb$QG zz90q_s*nu6vdH@|Y|3x7y#WRO-MQnRWmsrD_#J*k8j(Ik$2$1Xdgf#iOV}Vu%XG^w zZQ79VnIck(dquAmJg4!bQC=f?$9(b<`^#r+ULZHzTd$c&kmmbY7Y6Z6Jw(^}O39wmuU zMLLBw{q$^0$^OQ(30`0RLF`wrW9arJ%a>hT0 zzweCaQ|vt&VAm({fkC8(UoIqD+;?S39PU1{iTPZFMn$0$vZpcb#j?X3ms>;h8yyQ& zGPOgE__C7z`Z%jJ^=sLPV||J9oh3y#Y1?oC`wEDQtE=>peJ|IqD#iXJMn>U=J4`!% zb}6hX`!rsE!lUKOzGM=!YQKF-R>M|OwcMqiAKprw4rlflRD3uWWV2m?e)7)e{ffX` zkk(nTzhAk-zP9RS_S#~7@4h=_+?A*|-*LrBIBJA-ET7tQioVSjw}N~wdGYGyc;g(7 z`_7N&Dj9r|&6*A4MLs?+%Cr$4?qVb#o=fCw%^4MhCmy7utxexN^k;#S3gr?DAT(-< zx@mIBA79wY%F6D@4qWUDjOS|+mFqPiR=w_!Dp55&9liPxP6SKhe_E`Z9(=Ynn6H18 zv-6|$>EH*Js0%WF)5qUI*B5iMJ2M3$lZ8XU7D_~PPRpX!KMG0Mvm}D(m5G|{#EBN`o4tM$LC?6U%tJ~ZsgawL%sh02H?&+@U2vsUcjA~FxW9nLqp~y0wDwBcrkd|ZD?SVLvMyJ); z!$rVIPZ?CmIa--)CM|m|>{8=}+!)p@Xq@^1kFK%5K|5GzHoRA%4U6?&*=C1*V2{ca zsHCx(q=z3>=r^wY4nn?eGcpns5!u+CDmgh(h;>->q}JC~ONM9|geO`krRMp><#;)- zEEbwD4#bQQaQ_Wr>(FFhuSZlvpZdAA5}GF!C54`GT_{*+v8JT1UpO9ouwVqGk+e|s zyXpe=j)R(p;~ z2?`6Z?yPA!d#aHZsXQJTMAd@rsEvM$LNsb2u@pifbtN3D&BqkeAAjIDz3vFCi$eD} zTnvv+=T=zG-eiE)bAexJ$Wt;@lx%Kv3V$CG znI|1`W~vYadKgY(6nJ~}8?!emRXXlyDR@5Lgcc;8+$cN1t&sEM>G4WHXI)7g97A5w zQMNMvuTNqy;Bde<<+;E^spWxXnJmKYwrr|jySgZ`E@P{MC|tK7q4IH6bey~jzE{h~ zbebiKOqB2SCJ8#roN_>KWn#lo!eAA0#*&=OsTDzY;+r-D$hqHi-0R%mUJ(ZukC4%t z^_}ZBn~D{W5|{Z@PjKK*X>!gz2BYK)oU7%E7bvu!dEJcahbQup5z@WcdjZjC;&!~r zO1h8HkA>5JP6M4KCvzB~5^?0smHKUz8AK+l%2q+oOMJ~D7`XJXiTf{Dc{Uf46$FRe}+jqEtA5k2OngfCM~3U; zGa+08!`WobJ2@mXE*k#;GE<-|7*=b^f^z(g2p89pY)V2e*}5_#Tg1b3 z<@bYbtyh9F2c09~Uo@;BMLiJ?dT$Z)U|Yx;`5B84ObRmXpbxP$#Q&E`#5<$XGi#XI zS(*dC2sbYO?#u6lknCZ}z;3>_@F5cg4NY$OzIp8^M;S@P|ACZtx!BMk>vZ)u-R5A0 z9_{jM5?d6gHms_OgHpo#y|4GLuR-tAg#NC)CwSKg2${Ix`c#!i@otTJU7F3|?5CNt zPBN9EujhSMsaW-@K?9YH+JjHO`igpW4232=>8drxAQn$C+A?MAsLc_I_d` z%y<{xv38VzF`~~O`o+!lI?SKYd&gnv`vA$g^W2JTtoC)`Zoz1*YPdR6uP~T5#%rzB z0%A~@m!_?(6}Tbt{S(CH%^RscWxdn0UahWd;qSS1kJ42+V!>8Q^IMDch8eV#D)qIM znx&wXiS5fvkCqwFkP!-UoZk*{q!|lJ{B(;pR}~ZfYFh*C=M?|$x|#y9mI#cW1uOe_ zbnApy>($q~wsZzA3xU|o!f{(`@q3eW1fc5sYJ3^1rv)YJYcro^lrTt^v40!gPZZ`` zhOMV^ypEtSKNfEdMtBG{TR94%v%mx_sG^<0Y zRqD+!J}!It&+rEi1#9i{7tfLyRB@szXUg@Sx@`}qOp+TA{dG0nw08&4h^RXBvrR}K za$FUSAn#s|;4A)HIK5kjuh&Bt^2Rr1qNsY69C4Wa@|D&|@wMBLd7*MT`G>*T-jFi+ z_-Qew-`|@IF&@b!zF?zovqRV5A?nSV-r4efU+)8S+bSYK!lmQmoYR%Rl5~+A&I(a? zrb`P>GRpNEDVMK&In8cgtf7|bS0Tv7kw&oUaTlCF4sPtMJq18=98T~JIzD0M(FCHE zxcJpXqfx-Yqf?x2$i>W%7429Q5r@WSgJ-7#hc-z}T5<=AU-a!IRNx{1a>{uugzr%x z*WRhxU$;KXvfs!IlUr}RsCv=0rPFJ{!JPTBEHw)vg2uap9qNtRZZ)+m&DXn9dSx)W ztd?r3UzQwlYo;OUHJW;Qy5lKORD?nkQqc2?#rm$hD=L@EVMX))orp++Av#6SNM(CH zVtG;>kL5@jLrOpi4V6O%*Dtl;VBg-42?2TjL2^J?X3CKW2sB#!OjOpPN$WIJs#Vha znjadO(s}9d7&&A5Z{@u^#Eox*&=m5O-M`1BL(a2}foY&Dip2r0M4BB0k ziOAr3`(LqO7D#(Dj)8TlSZEp`LQ;l3D-BwQZ85h?^1;-pa1l~a!5Vq4k7qoOr?^3z zuM{J!pZ#1cqC2r@5O7Z9mQeNW^TBlFILcdUog?48ktbuh9q+(OscU0;33nJ1qzp`& zg|elS7B0q*lwMxe{O240Qt;2vP6k=jXY!MwK15X%&`;A$(CGJ>b!2E;98r8^L>to) zbuDS2!;_KYwy-W9JHm6SX(e6r+hn0XIi2gzLCP|S9&dmUx7BEHF4=5?J2sitm*9%G zu#Z|6r^D>BNWJgJR~8KYN>nog3l)>#YEChRzn5AF(zz}1W%wtcsD3Nu-byt$uTzH8 z$Lp-Haa%J4jHFuqFAOmD)mas1Z26qmuQl*FG%}zOrP(n<|Jl>bCI8&B3#~vvR3C-Q z#h{8;6C*(#_jAnSD9Scrldc~Y(#iFbwEZJ|@FNeSAcgtybqhL1>o$p)x26m# zl9Eq=WRZivuV5{OkWGK%e3!@B-Ca6?Hl*6@j=weFn9)?hccnejRZrCK7Jq9{=W9uv zzjUy=u*ZSm!sp}gXcF$#i~Tvlx0^U;KSzQ947$D4uomJkz)QqS}@XD7g}q=HmMYaQ`3E36)3ZOf-}5tGx; z-lMk?J8_7U*+#pM6<3SyV!s9EN7woGmtP{JHFksdNRylEIY{GxYmtUxO#d=7dLUyB zTBSN`(q4dy>02xQM-6Qv=_V`0zGy+yOIG-nX!q~p8$94*GqM_hHF9aP`9}>2ArOKS z={{6S6M`peHZ%S)PQQT$`sd~TutwyLr2m4U>N{w}rb1C!JT$_cwVB~xK$QR*;QovY zutsEInSFonH}OwTLYlkG0FOnXRQWFz+*AV^h<51tzqk6ov+6j%Yy_IeCCy|u?_6>} z3S?c>s9}N9_JdZ|ji3xYLWm(Tex$S9S0rV6oU1pba68RIW7CHkBD24Su1D2?hrer+ ziFaol;RBN*+VbUv-z_tGLAu32m_$sf)1%_VXd;AQ&1z-)H^lyi%y}4|spQ!I53=x# z&iHyH4jNH2Yo=k!$~9UAHokr{0H>e0ASDDxjBZBk1!H#H)IhjCn^i-&Qi!*$G`{*# zs{-8Ox@-@LeHy?V4v_%g-ajoR7OOPTHG0WLmvidi9>#+u0*SWS6yj zKIJUY>F`%VWqhc_K(iXA<%ZD&U=E|!u2rdxwf#FvDXFfV@fsl@4Z~&rF!)g>;QpGV zRI@1j^lh&Ze&e@FGHk8g$QE>M7(sD;$zyfk+$3}%33k!PuwYSJAnc3`Qh z#=bvG`Zksz8iK4@$m!TSiqH|)Rmjx6wzmf=XxMqK@EF}zI@og_0VfGvxd$w|NE3|< zHWI%pu!zbLbTvo+N^9-?)_CoHW@oOd?0Rv0bJaMmK4jt$;*y$i`S|#_sF2=) zOs&ZTb8nC^I@tA+)6^FGY!$5G=7XEw9}P>;0BY_$8+>qp55!HL6pocAA|Vu^7>6Ob z`*WS^A$F_je0Y|l1{la9KKApiI72Cw-zMm+;^`w;-d@_qx$jOIkLR5NbcEc)^9IiK zxb`N$JIdGXUNLYey6H+g-Taqr6o4LySoRan_Y1Rhu5OgC%IS95Pr()y<1yX(^gSq{M)>?+g~r7t?dg>?CWsv+iP$O+2(rd>h9c06`z zz8(!8DyH-CP;)=x#UWrx>HGBZk^1Ez{(O@+Zp#~zU;(G)uJ64hcC({h6Wt|TcC#RW zVLRVlL}k$&$1C~$1Er5+nDQ8TJ`Ub98IMK)baEQM&&cL@4MS&E(fevrp!(Z;E> zjO#1YadO$|RJ31eAsQVWov(dUS|cdff&15<#DRP!<|+#C;8wzHVT{g&26SA)(+iQO zOC68IUpy(kc1kUUgcbNS(xmZv6VH|}zsDe%DzF%O?(FI;wLRKlHc)G`v!b@aluu?M zDH(rK4{(6Sy|tLu6SXvy;%}K{6-qUsAw$>KrxhqsDDoG!Y|c9;a?vC_=yY=DxH*I^ zryd96R72Xsvc0YytHU?h>vDrmZYgcC82?$vv!KvO5Hd3Ii_&Q%MpZ|smu!z`7>R@< z|6nRd#2z2>`?J}KspofBPEvK26kMj}68MmKva2Jpo)I$7iDDJAd;0d3=<0Bs>-Gzo zTMQc$E32^Lm@lSxmkq=cF2WhSH>d#V_Vs8fjMH-&NpL|V-*rn)(8UzlcFrd7>B^wd z7a%89HInN#vdy>KmJ)pH&O-abWPM@NTnI7LD3uk)YV|CAHY;8hmF8$^ADi_RHvz2Z zOk~|meyr#CX$y_F>&SC8wcPfe^eLj#%L*#tH;zoQ$e54y))N%_{KN8({smk%XU45{YAwOSqw6pt014# zb-v0a!C*_3mbKh~)c$&T`f^K>zYBf~lK|}AmdvsE#A@vLy(S5te{j3qbTyvG@#_Mz zK0VF=f=@4)&_OJVja8uajf?%pYtJF^bE=Z}~HMWclgx3B)jLCz*@AnAJ^L5$U88_0G9D>_#ot1tWGs|s>%s{u%~$J+f%7ky#3 zTTNb#$)|v2rXoPto}MpCCy~CzJ+g?>Y&tM$(i`DxNV9JYXocFyDsD^Zwz_9n9^9=y zH_T&QinqBg_MSSLZ?&j#@FXX*X#+NLLU3Qkw7Q1$1?BZIaeHX!daBXh4pxD7sfm?S z7}lZxx7&-T;Oo5Us$+<94!41q*adW8mhJB3OAZ9#V7%SWiPcC*DcNpmPr!bjlS=Cx zIxtsdJuYdKd?5RQSz=@Uluft_bBXbFyKhjD(yZCnp059O*rsG~SyZ1e$sj2w-42So zN0HE@a7X|M?PW* zu;VPWR3xoT0J|-(fw0#&(#My~)1M5XUW_TMuUJGA2eg_BEPmx&o0&`eX!D^;X~?NiDiHzH}`Y)=~8~S^#b{BErjIwP@H{XTmkpsb0 zH>@wsY3WR^4`Vk$SOu1lYKdcQx$+UJUgpu76-%MI)zPpqUHS{6_vzzFqWa{FQ(=YR z7Ym>w$Q4_~1(((58HpD1x#Z@yRE{gxn9!E7#F z+`|rg9~6}ELo5t+vnjj?_4@WE+%Hn$qdpyg=VEL5WFtBPo@kZ~TNrc;Hoin@J#7n0 zX3~0feXE=Y51zhUY;5n(Yzu!G4epi7X+M>U#2;X@cV0+@VPbE)Gw|K)&mDWN^OeGz z(3qn2EyXMM>Q|CdH@olR`qT2?$KboHKEH8WP~G-FKVt{@_-7%Gae71Nb-=Iy zu98OS=hu|Lp@t0TYV4Je`B)B=mCP~bkF^E?YjGI0hw5B{{&hid%yV)!I10GM!X}gV z!!72SPYonuG!BXy1=6ZyvP%Z$8*{Ljs+$?U*~{X!1+jTc*Id~9#~YrqMJ3L!)j)tN z`id+j;6Q+ioI4lxYKU-+f zI^F5EykUh6Q`?6_^s0>!a>V^?Pv1!G@B+1WX6^EDBmW!lY~4Cj*IR4WCe;XhF7O)6 zc&y<>*WqSbEyTyklnAUOtmmH~%EO-P#WDz|UmhoOHzou>H-S~B>n5j}EHudu1U^M} z-t5Qai8c1sK&w4iZWD3+IZR?^LI?&H#O_Og8Ip^m6vJQ#;o}FB2{`5%G`l`ez0r{S zG&D4Xu9(E|p-}u&Ff_s(!lntNkWt1B=`g^aCZC#Q6+8SNRuAm`h=i9q<>M$v;PmW^ zKu*9e{ZX%u0gFPoa7cb=+jDPPv5|Cdf3B*=YK)RzF;RB&^w+QMj>q3o0I=-SYosCh zSP9fY|8U8n<^m8P;R)jG)n{mqOpK4m`O)r226zX){m!%a*T2s;2c9xAGA4OJWo0{8 zR*ZB~K8yb;N$&`|xw-L_swxrQUY{1|A}%LJKqE-pH$Y&3_6sa4E8A)1u^i^yP;eo_ z#K7peKHY%I3IA+z*#I(|kQk_H<&|#VVPh_cyA%qoU)k^uDsg=qChKKca7QtgTioadp%Up$Z3fjR2#41D?q3gLI2fJ3D> z)!$wnWnZWBJG?TaJX^TFy+x~v{PIO)=Qsk7G187vr_w-rIN*33sm~ zO%`kodvSaECb&>S?k_eY;=l-7dkGr5ObS{6SHS?TcBMY zE;262QVycxF&NK$dik|mw_KMCfb()*1S~H<(FachWze1mnK`^Rr11u2)8N*4WNgZw zOaZ5p?c9KMz+cw4-ixNaK=%HDjt`+`P#Kqv0ltBTAp31<8CyYNVtfxMYpn}I3p#)e ziMO^N2vmSYWIIV&T4pmyk&4jPS56Z$ys(rC=Vej71$HdAc6NwMAT~dmxIQ~977xh_ z^fIVq825zZrtw(CItxsxoG&!kH3dA1-(DSK13w7?Q^hLOsa!rVRue<-Steu+X>1=5 zMsYFo%TMo+pav1Kr+3F4`=NgQcM5fk16q@xUb4{q)chkrBX{$kE31VUSrEBwZm*KQVrot>SQ!`r2Q|KmmcbfqB~;7M|Tr9u=?(b4e^ z^EMJ!Q7|zHI4~C8T2DS-!dB=X=Tpv6Q=$hpRCNnr+ok7*mMSD6wj5owHFe>H52w}Nw}TFCAc<3Yc7CJI()id%WCMx*h>B0w2MiqZy| z_1yxS2+girk?gaP3tAu5Y1SU7t573QV4KkVeOW+WvkfGrJ-{S}ScUY6HGEj86ywOi zkm{CG$>b-X1jJ@w(!GIH4k`s|4e!XJo5RMH9;N;LqyznVgJlG|fn7_9^mMGwX}D=uFW=fX z3iMV|3&&G=jxQpt*=;-WnvwKp9N>m6?`U5*%uYrpQ|n;C!?ubRQ2nvX)0yV-mw|Ai@v?s1Ggq^I^@gdPE@PL0EKC* z;B}Rqbh)n~!6+k7;QP6yzLUky?MVARB zg?4k5>s#+kzxF>(XVPMzkp;}o7;4(x-Q63H)sVhN!+{Y&ewJv^^~yN7dq)rN!GZ`362x9gs((cEvkl94Aps{gTUU+& z8vrKDWcRDg9ZEGWBHm=_?s#4|@LM>Ie8#D?4C#y4M&t2TLGR_Z;uVs|)iurqIfd#~ zIxqpeQ60_}nb>=G)GY>OhDZisrzqPt3DOtnJ;+hfiyH7~+ujt0X8VOJhUE*?Fo}?_ z75dCiji?5`7?`%!6h^%G)ghPR9-{KeXEhYZ7xi}_bH0mt8>#@ks(-R;QC;`=?a#3u zu3d9;UF*@GQ3}~zc$b&68n(;?99K@t0_yW2QV3#mpY$B#&{-SD3ApyZ$txT?iSxuuQ-m*sg zf!Db6-EpYC^-rRa!hGFGY%1~a(wbLJD7|Uw@k}Gm`JI}izbDkZfBhubKXc~J0=QBP zs|!O_eSC17(GqlTy52hWloDe@y>#s;YqW`W#q}G$xuqu51z!`ATcCt0ey_+y-9?O?9}Abj}eZ8N}jjw$PWC4{0n z^_N&V^Ju$+H8f44Sx7%xrN;IqgY~i=Xfe>4vU`;vDI=d8^^WLd54A*m3qj` zg06>$0LXvK3NsB$B?fNO1Wq+mRg?fwT8H0dhZLq3sg}|L@NGKmzjNa*aa@_dR0F_& z!IvO>crX@hIWcX$V&@isBI7US>a5207L-kcEYsBCBwY1qpW09I>}1FUq(#i9@QoiV z=4{wsB@7n?ExRGvuSWyO|Y|@5_y!ZX@Nv zo$9N-$OM$vpW=hho)Ev7Lp8ze%udY^Mab{`@C~NE#IA~l8*pZ2M`Y++Nn>afkna6T zsusvDOt~0tvk6_`WR)JCwtgDYxf6Sp^<$Vz#5S$jj?27X0+%5JhZQRI<5NJnxJR{X zp@F(TTSduXYUNxAEX>{zHk*)ltgHg${a~wX*Hb3gPL8Uy^p}>>%Vph&NI4$UA{ zrtI1pN{!0hq$!Nqho??l)%M86_K2&@fSn@zC0Q#9VJj22kaHn60kt{O3SVV(49lSu z74lp{jshC0L8bk)aX#slDK)g=qF?#Yc?fZ8rOd09p7^cf3bWm`I3T6OxOIsDEto5Q zIet9TViskyXZHgV4T%7wGIhYS4n#c(*&O~RovE;umXmb`_anR(O9h~VhX zwy(s-a_l^Xo%Z@-FsZ*ZQSISH(-ng&hL1a)RdDE2fp%0PW}l;cO@X#F*@4N?O1Tih zDa@o`q@{BO1@&sGr97KB%!Rx6%L~>64zJV|Szrp~@x=L=5S1eOMqWQP=@7yocxjS5 z51323Oj(nfW=Wxx++j_%tbGzuwO(0(ZA%4RAOR=em$xFpQdFH%3kc>~19~L}zJP2& zX0NLLt;1b5KVpc_j0{DS))Re?42u*7G(8+*(>w=a7u6DxpFT{+^Qv*&;aw|7E=V*c#D*neovP2}j;Cd%+&1Mgdk^l9Fhif@H2MUK=6 z`2so*8&m37&EyRcf9Mi3?T-^g;Cid)OOOFEWgolvRq8Gk=@9~HvK%rp>;jHII#W4}daxGp>7>6Ej~rX4alhG{{wgCqhlEKn(NL1xPgZ)I0LWSe zD_^%US5ly9mfZfK6sV}Eyh%l0mCb9JhNhc>z?;H6P{YiLXevT5fr^M8zyKlO0d>p+ zkEJi3L^6lruds1Ocr}aUm$Ma$VaaZptGFs^GshEUY$|dK43+0JN-uB9D zP31bT`mRsB(=rx2KR>fvJg9qfV4FHlp`WAHwOje`gfCMYe0 zq#`z$DYR{KPDYX#+Z;Xk`IGlPaS!aG-3;p&AB z>gF1m*nWS%mh_ZI+;U8o-!CA?#=fvzQMNBm_j7yD+dRm$I)2$yC2(h{`_w8pux6&H{8<5a%Dt?(`(arCY$#U54G39^icC5bIn$2*KLV z+3ULhP-@iwvf$+2so|YagJ}gIEsjRA+&W-|m17uKh5=RHP^mx6-XG%c8NM1+FS!TL z>nS!6+9lOddC36#VGO~8|2QHKd!83FK$Ycml6mO@RM~r2-uFLL8Swf~CuuGSy;>T; zp(CW_&hA#YU0Q% z7kYV+Bggj45sS;BDNLvr&rr`UJW+?kh)(_z6cJm&mUXh^V--&)?@_aszom(|bQfx= z2hbY`fkx7+#>XfGhnO7Qh3b;5c)!7`fR@fOSl)G4fHu;9A;KHRS#y29i=HFq7jxqL z>P90pn--Tp;_}|bwN`%cg<=Ae+jI1lb6SKt2v=pDo=o!fjo-URqJ?MkSgZR}f=~6B z8>JB@Y1k{7&HLj=zh=%e05zk}sFer{85!lH1bAwq z60577eSe>m1WI+Om(uE(GzfZ$OO_)kq>D=zV^0CF!MaC))%%4 z?>T$oaEt=f48|;fm=59m;r4axB0w9jdYkbG0rx^3%6XoJ83lSu?UEuZ^`~lJY5D(B z!NFcSSrXGnJ|Oewa7?NILc;>;ClnoT0Zq#aEy!1sZ5;YKZ5KBX2;sxzGusbQnO&(n{&?n@8QZ$B=bMZfpxeu=6`+!TtM|d-~IpKfnWHcu}j2CcD$5YFQ2hBULC8nHdsJK zn`Nv$Mg{0ACt649zl)PtW_7Xv<-YwD9ZXVM7Bd+7q?u>F!0wIJi-BWnpR>J&^82MEp&9sig~xU#$9i`6frk(A@6OR$m@L~d_J!AEPj)|YyW;%I+( z2=Wy^{@N%CzZZxL`WpL5T~fd5Qhni;U}bNPJoe0Q3UwiOWiQgczE1ulC2W>v zz)^f>@D29iGUbyu%D7d+Sf-PJEZ^46r8jQ_wYZL5j@ruWTlawdy5hG565VierKk;t6XJ9J`KgS9JUk0E1zAy-t@Vc`t+$K?*O#6c+f@NaEp9UuO5M?v9vQv~ z7|%E;%KLv!I@K*R?S7|wrC*OcBO%eY5#UoRFVcQVLu6w&62w`X*#E1fBx~;(fH_;x z&n%PIh(9%S&3B#x#pZVjO%Z=(oyLNJJmPB#dvM8wa;#9I^{iTI02&cmuFC!Q^s_Ml za+M)+iH*1n7Ddod8gOK)XMaN!?PoAzdXeW`04DP7 zZ;Eh>rNj(##y_W}JL7;N`x@m}r1gZ(h%fZ8Y3tXssNar5Gh6+?#txY{e@6Ca{%L+% z$Hcde&aN^Wj`LV$>x-q?&C?)P^n&;olu`YtO`F!vR-{RogoEw25>2{8nEeFi)LNa^ zu+8Gnycc{=2m*Ihq4gwI0`=MDiR&j3iBF;uWond@ytAC$uZRU zA_4~}zScHVj90WMm6s3^!{x@dq^`-!zy82dOc1M(Q$`B=G~u9!^Obg5cb*AV^NXFh zkuxWf%8+1w_gBdSioMt(d70`|VcLM}#@Ogrs*P=(7i#_D-m~R~DZ} z2eSk+6lKRV6%|*~><2ktM1aI>oAP!adDnN9s!7FCkZA?+)26skYl}X2$10iVdb8rc z-aSwkEE5yfp2$+0D+=^FuIfAIckKT_<543G4;BUcREDDF3lyj%LJ%!_ij55d2m=G( z7;3bsZ_>Vc;keSk$;-MM+%92rAi4XS4E($jQ;vxP8N+5Z(*G^oeEB!dK?^9?0|D{7$~uLW*>Lmw0xcRSrORd9TsBr9n6p%#Y&hWyL6XWn7$_4 z^5#;!3%L8TQJSl{&BVle&Eq(tfR#H3JJ-bxf71cRlPAv@uTuep$~{7}@_ws#S9@ANe_bnZd|i8WUU z_|Syl=Tt`3rAC_cZ?y9+S|x|CXE1x~L{bC5*Hb5BX~m8oxlYlw zuV4&>sdhX9IOt#KanU`Lmrn`!(1qZVgg*F}?vgboxizIm+=W-_t5-8!JL=zsBJ;+N zvFa}Udw4ji?kkYWWeR_$N7oSSu&(G z_IlfZ__HBeZw}3ot{?4-a4caXi2%Om<)|R(SWz&h71HV)O!cGTykdBIc4~KZjT1MG z+~{&#=Y6c=37<0C-X^g0-kAWwfVeNhjSHa;1)t)Ugz?+k&LzG*_0aYbSr%BvJ;}R~ zheW9h2ZB;F&#$Lr&FbYl3HS{RHyf)|M=hVngIu;(&DXnj&9SGMNbgQmmP&u?&I>Ws z7TplyoK>WxxFH66Lhnx8tDi2gqjcVi52zcjTK&jL7ah!@IX9LNk>c@n+x#q-tZaA4 zK=^3O(4)H%h_yY*mKzhjHciffl=DSmdU*?iXz2L!x(PsN4oR8sl+CwVV z{ZiM19zR`^S-l|s=a2p};OzQzWf~|V@jm^a7YD1TNM2fndz@ogSO!6@0Pcu2ynwYqx=iq4i#SS>eoNQ)iECZbn=5li8oX*& zAd5-a8fxG{kb1X#V6)T5lKu1W`&eXt+IYWlV<^!{| z7wl8?)wk1$1lr^8J|9pHiq^;o!Mt|2I+-;gll=z4QMV_Ezhphha!me@Awa-aJc1qr<7gX;F8`t->j}XPf zkCVba?+uf7wk|~0WYo&*IpF~27dKsV0iC0(MLgp=4iFM}WA_(GN;T``%JvBP%5Z@( zi|?Y=qQB}s+Ye!8L1@V&Oea9WMDqIz+SUntjy?;)K$&N)=flMhMgM!?f= z%HKl@NFF<+UZ}sfMk%g`on>!BeMV~{5?z}qCM;i5|1b=M-B8pVN~f*Pw1uLRj-Ja0 z4r4(wW+;_ngVDM?9N#17bm-)tmOoiT$j4mnkEMG066j)jVMO|;jf4U5U`6yOSY|Rv_}9_$Er|eXHQYdB08w5mhpm>X7(b z5rg4X#oT+J&puTl`L5#fOBhTt3!UBostQjBXssiXzi0?}p36H{V5Sp7NSbh!C4~`3 z9?@|2vvwFsFVj|-Oe#_*yj`dvu`&`9^+p-ZJ%5g?ECN(g5C36bh2_5|!^E!w4JbM@ zY~lSoO~YWE3GAoy#Y;^y|Lp}t9tZ)Xyn@8QQ$J9T=p7D&HA_@6MILMrK6@bkcnu&p zkZ7Ri@iO?@tv&=#Ig`JFjdyC5A2|39919OAD`O!iU(czuKEV|%&_H_s{{8Cu`upJ7 ziRky8>FH1K;>8dEE^!O2Hk z_osG(0FQUZ`0h4h=FPAqAjbMW(Ig0@8`?C+Od6mEJt;<+G4$K4T(X2>3k_2_0SW(m zBtrIA7!|2%6`Cef#TRM(4$nieDC}J^(0e<4A8u!&Q%GJTeEL8r21qQs z9liT^@>@>`qzTU+SwFve7fNcpS!tpl@g5cT0z=W;2M1 z`&X+X366x88WfR^=8AL!%DeVXDA2b8F%l~c43fiT^jjKuvcjE+!uQ(ko`NuO2Gl5r zMUU0-{BGTP>-LwcNf0K(VshZ*JV4bctZSnJ)yDtP+FM6O*?w)qf`YVkcgO$&(nyGu z2nY;~q<~6ymvjsb4k1Vk9nvL@bcdv*bV_%AC--yz-e-N!^Vj#SSJqiky-5GYY2KAS;iT_596 zO9V%zlsOM9K$IHj5$#cS!*Xmtz_rtRXwjK8>Kr)GEtZN*s~y0gR*$J9>K4V5k|shg{ZT zcNIwT-@ikSCuX|Tx2@CM4vS51q3ypuQu@%Ji05^6JkbbIX{tS1Ydb6Ayga_ZrlzJo zzrMiCd7Bc-mQZ4J9)ieIZmdgO6!bWyY&be1n0Gf}X7;>3N2jARz#}9K=d+m15Wl&E z=+(ikyWixi0a7~48^9pBJib+6j_j`IaqCqBatbUe?l&TA8DX)2S+d-hz?la{G<2};7Kjh|+1^TgQpeGHo^l0hj#9E8GD_I{{T8I| zWHHX^n!SM0+{m_>8H#1*x39O<@}E0S;Q~G%37>^p*Tx9Ly&=iiMLzY~P_lpSP^w{j zNQ~?H6*(d6S5X=3{$v4}h8-Mg5j9tb?&ZuAxNf66HoHz0o)w&X7G&XMRLN33KED2V zq@;}IbcuVO2Ae@Pr!<0ScrNAdQ+FZnD%{W+J`KfSDp89Kd!@Fq)sPzW$1-95GU@ko zu`z({1z}Nf2#o@U#H$S7Ae}s8=!FC<*5zjB)p zxw-62!P0ZLFe+}Z<=cyfO^&g;Q<$5(H4BdKY&VzO z^csyj!~KD-9TjJTvw^-+AI2u;T-;%U6G5RQ|x+liBh1JA9+SIFPX2l*t?3^iUM&0ep`IX#Zh35lE*F0f*=y{ z-D|U?kbQTnw3Q_|3wpjVPl~Q=&fm$mp}L-L;1%oEvhLnZOU;LE1CdLrIC#@SquUW` zL^5yNOwArpV(5fZ2y2JLnhfcu1NWqiA9*#(1UvIpdajbcvSbNX69KEM_0q|rU7jrv zZ5TQN*q9@whF<+iFC;^l$x&z*9oCM~dyM5lcVnb*Ih5shnF9%jUR^lZXl`iat0gHm z;>uL~t@N=MW-OlEyx7f96Iv2-CY8dKrp$66&y_Nv4}6;%+ZDCDJ^M*AIO5efYg`P6 zmk^*5lNfh}|8jaI^c0pm>vo79g^r%<-G;O5Rf@ZNwoUmBebs>D8B~5sQndSRkx-O;;64Q6Ivg!|bABp~P$~?GYM~ zzdYv`cU?QpJ*>Z(b@sO(* zYW$2wNX9VAa`#_Y#D_?}a9>GBOJyRVM5jB1Z#=Gxq~t?g86XpI4*y?)jV2?2`jA&@ zv_YB;NME#OlPxB`Gl(o#u87Xn1CuV=r(%v9Qz+ST@h#mk47Pwge?46-%KzOUOd=4Y zmCZ!|y8a`By{j9-`EQ+(hN3ML7Zry*6zA^@;$z?1#!QKr?l-+s%il)d#Jt7ZsifCTOvo@q&Ex zb=T*sQ+D887R^^^0@nu4Uoi0X=zC~xEE7cwKHHPUnTBns5Y6K6);}rjdtyot4tsq; zuC&=e(A3m4Rps$SyULR8(W8!Rpt<>sw>?szF0X9Tbd6%S-}3pHZYA0~QPGhyBr?w#L+U8v7?FVc;>PFq#W5BJnvPY(IOxA^*@ zV1_JGT)y=7MV_iKDfzKJdQdsP4_efQbC)L)TEisB3ZTxNl76>xSSomisDSw3JYj}#X8nngN!wc{yn-f zz52}C{B=OPmgslfqjrkVV{v+y3A8U3(D-vwM!8DmiJb4q5IYB~f=FqYc%tCF@x#Ge zS_BOLuyUcnN&dTs5hkD^v1_pe@y8YpsPtWHBZF?KJakp)KCw-DB|*S6E$U+V(VGfL zl+R3yIbYwy4deSf2J;bq5~K`e?a~Uc)0K!BlpZULMueb|IE+>~470qJ681VjO5ikN z{}K=lgg}qj4qrU?4N!Uoc-No)JVHf%?e>z<^D@av4Y)o;&el3G=Z#kN&I{z=XXYEQ zYgfOHr2O5{#8eMuS3ksk(j|Kx%fed5iHWTNE86^4T+IonzH< z>fjL77;CA)xp^l03Mb>k?{XqiVe5v(G7u;^zUx)U^(V?=fuoHpdb=G>$e}{XnJPA7 zl`f+nn=_zobd+-fvPv#fuP^cJIw66h$0XAT6gyL0s91cvA_BLtHFjP4ii*r>zTv_s zDg{UvdgxDqKq5|){4Z$T;_xilWbqwBrBP?I>3tt0|L0zpYI7GM>aFAE5Ovl$ zlW7y5&kcyrl(5_NV_{L|jdvLXnK!9h6L+(WA)g41l#NhDjKlDE=%wY+4q}*h*&u)SjN8Wfug4p73g$Y+ALm!7~K9C=|xB^7MbY5#-ivPHNQ3vBdPo8 zHMYmuUlL3^9BN+N6d@G+O6QY&=fSmW7Od*NC3)r!Bbh;aNMz(P_U(@%F#?u3XoA$QHFT208JyA>* zWOYu88Uoa#&|`FG;8wzAvuglR&2fY?jJjlbW_rlIfv@cM`X8+;Zb`u;#8Z0k6curR z$efx(Uyxai*Q!7b7_@#9a{*dCqQAYt0A|xJ;zs*JF7_860^_V~f4SrnQSVb=8g>+t z;#SovdGyTIr=o(VK)n!FsL8o$gtqAx-TdD0+;u^G!t%wz-*VD)R#f} zOfm>d0v^pA=!_kCzni_sW+)odx;^XjRCqKJ5&@rM6SaQ4rv~YCRv60&&H|v-W2+Zv zh$l}Z73FGvzoxijQzZw|mr!*$G~HtG+lzxyB`3k*@m~J5HsHJQzW&jY4t$u$R|@Sf zp_1etqo7KT9GkOiE`oSEILE8r0Oe2B_C)5J#a5%>GeB~s-o1BGoU3!j8~XY>;xpcS z0x}Bba#Pf&BTe_yN{a=&z65shQ_2_b;98|Kz3y`R!BI5IHP&8$Ur7$+x+Kehn$Axs ze8B;Xop!0Ijd)&eg`|l!KE}QpCLTpXx86;90{pm zubZQFB`9R49djq}$OIs6X0-xcYylhHh(mn$-D|f>n+5br%(97kV3DW+Y#>Pi^|-@7 z_({9tGRA5jgN`%jqLUIRd3<=LkRKunBnn^Bv80t%+a2G$$%p?h|q-3t(ezuyPpfWd?Y z^1b;BI)$XMx+_sH#UbP*H(AM3(>xgBYB~s;23tCGL2uEVWfi07CweFnqOTspIE0$dBl{ED z-*c%+@ZhaXEkwL9sI%T|lG-MCM-S8_dfy+J55^w?WGvx}i~`M7q>|_5n%`#Rl<$SJ zEH_fwn?BG}9n+lJ&MFI1my(_M{*GWpA<5brq$qK#3YS36Vl(&z(s11>YLxuCO(YegJTt!7i z2|jo;Co6joC2*!GBo6_q(AGko6C1gJwIw%mL8jN$saBPFT#r+CEiEiIz@6rKd_6zM zKSVC$t3j8GWl8ujg?=Cg(Y^F-tWZ-aZyP8LGtEYGemJa0lExyOv@6YSuP-)6bCux1 zD?n)n${A`(WkwygzzS6@U!}wH

al0xO(CO;h=dEOCESLEAq*TB?2x^o*Sy$%(1C z0YO}{Qom+c*)0Wq z!gL#ER$-w00juKPI0xQ*OQiR;kglwS{M{Oxg{9U&%=FXU*;-XsnGNzBC;mK~%a;fy zVx}0t=EJXYsmN^)FBE+#g|63soFgYN2!a~MPjSrln8bVK8W3!eNa(UblONC59EKAVNP}j~laP08QZ2scI_k%r?e%w>Ng6(xO(PuSY__2ju_v@*U4&1%S?f z0`+7Jnx*?S0_Edc4 zgijT}L4uGxfN1D508Q&i>K!8;2hF^g)XQi8(Mjd;r7} z#CD98JORbE?k5FWDu_8tmGt(J5xmL<$&aHV;^HNQ*Ox#tiP1v$2T>-?iFIO*TxX(U55RA~laL@h`bsy@wqv_0*&D?_i7%wz=8JPv+Qz;UWld~?#tqrEI(fT)p zPE1UsSz)n8^=3;g+aIkB7_rF2p~*pZ0~(SFqJr_i50k1{se_VS%KlPbZ}+T5!rd+w z6Bd&@3KQXn9BqH5ww^gM((@;}dWH0~w76-h>*{$>LlL*ba{~}g`_71VcI1}(zg9ed zo-Wy9pAJCkn>Xj_6aLim73wIUV8!!LZY7QSR*$~%=SVTK`xiJ*_G39C zV`ICcr&jgVn#mH|ck6>FKL?7E(0H%Mz8nn*1h!vr!C*bRwslke&zd)$5Hi2AGBGuM zB-}Cd8Th1!4 z6Lh&e>#^!FgC@rox|9LQKe6^YPfysUUwlcmdqw>wsYc}~GH$tK?}So0-A9AyX??kY z5^M-8)Ez|M)LbD=n2}4j@oP@Q%C^l>sTSF4&w{er+7}xO7e^%RN1anskH!mX3)V4S zIIZ5_*sRtUK|(UvQPYBMOL@~O+8*p5je|od3^#sN)o;8yhL)GHFwOIWQ_O(yH-91sF{b&H(t@waUta@J#PJp z2zT`v%TuO8LPAq_V`1AJ!f9sb3h7>QP=khm^ynvc<;pyi@QCmO0Kjyc z>`~}`Cj7cd9~FR%{5TNIR3sWkg+D?`Avro1EaBR!8^%;fuKsJsx58cLyiKRC7)2%Q zyEQ(C!W&7-g;nwChQ1T8u|Wu4CNuAO@#l9b5-9P9)t!)M*ncD`>sR3H#3bpLoU3#C zFdmAKib616U-Atn^JHrjO}ALglB(T&AOq!Bvn7Sm(F#Pj%oA#dFryI9%Qx3z3WtiT zZ1m4~AF1oj?JNB;6K{S*y12NwB!Z-13?Y@vicqLUtPK7|bJD4;^?2Wr=H2p>>twTT zuI{AWB}FL1jzP)rnS#{#ta;0x+AsV#LClQk7t~^PQ4)dd2RoaRjGmstOf5{MJ86=#?Kxr$N#!AczEoq)9W(A5OA5x=-paIiK5%<&muoBs1t+L-4L$c7I{lyZpr! z8@*OYSzZ$r0GO^B@IfYP9a_6qXX(G2!2l#1#g{mVF|&74q7w zXjoBQ^O$ytWBjuIi9e)%D7glvr+pD?(Qx?1_AL>v+nG*eGg7RrIOhD8)p+RQOl$p& z+5&Z5eKLD7d{XewNu29ww0pk@yC$#MwC<}+R2_1=}*2*jvaUL^W zWp1=J*0Z$EW!z;5qDQN-^ZD>gMn*>SX(}mi6|3=h3|>cq!)Zb`Yj(xUw`2lDR8;<@ z!+#vbWivY!MoPuK64wUU{P=3DW+EvT5wT0;Dj2qBgI32g?_&yR##1iIWmHZoCbjO2 z^$EG;x4shyG)cO#F;v>|DW4U7_HO7X@Rjvikwk_%&B}jE{yIA}-S6ek-WI$5U{7HW z3Q0ryYzpTcv=+JaQEu8(So{kWGv5O}X(2ObcrIjwC9p$?@zR zvgxzbuQ8qq5wH?lbNj=gqP2#fC3;6KId6Vx>6J30+8E(KZ*n@+vJ&3I=D&km7WPeL zm9e%?J#f^c3~WYS2^{IdB`|2#3J|^ak+u5LoBks6C?ij)bIXGAM3K6ln!v!&P)Sv- zQjy$*SFvO^qN{sN)|l_oi$3p`rOSNWu0&-(((7|nEA5bO-upPUPWNW5okr4J>&KUK zxkos0c9u(;-NvzMUw!X9!j#$V+v=dPIpPA#WosXvtvSi3x{wdJV&CQWkh>4MM%?K4 zI3e8f^V={Ti*?>Cmu1Vo_QQ7{;pLJQiV9NE)&2FDdlZwYc)Y-Psuc0&JlZF&P-8Lp zr~h!ayoo~ph~N`RS@V2CGF6od4ZTG_#jo5;EOah&Q(T$SJK|2j0<1udD^4>2M_b5s zAGhvoBSPlMF74Vf{z!s5k$BHdy?~+WW#0la9qq4U|N3K6_}NSY{kPZE+}ZHB^7+j` z{5{y0cKiTVyl8l}OZ%K7$HLTaVWa(YUu5KN9*KHhu%eDK$;TUBKe7?|;Vokv1*3#Y z*cd6LiM&O@t}>r&L->1)qA;aKBxQVVtOGv7HG+@6JFF{`VN6_&sb-iPuy`%WFUy^{ zuzZy3xyrthXOWki=bSqmb(jCj^NUp{)XRRBQ$hIU*SprX;tbP+p*{UyYPm{BcyP)W z_Jjma!&UEKFDYIb(>6jS^gRy0sf26RJ6ly9aw!Mli~7V?BI}KAv&fRE#+F}ZcDXJl zyz6-!b+U6J>h8E5s$FGa#>*j?BgODlrJ*WoNHta?y^yj`fW_ju$7u=a3;Q3JnhMEP zElrK}<0iG9`PKH~vf94IWDzVEu{TNADG4^b%CI9(StPG;mJ5}XUso;wKHwuBAfdQ@ zxIEpA&=>Wf-TJGemcJE*xjrPdS^JrPf;H%|lL6OhWgWTQW3ZC!uN-)_w=@22G8<0k0;516g9UHC zHZ*j$HP#6y@hJ$Mhg5?s&m<@@(IpN0gVkIP6^HJRfb(-f%jqBbJG0=Xf}0kosWcrw zTY#odmo74tSy}vgjLI@X#z^RLd?=koP72v~N-22)iqgrwdDT|JU?zpN>HPQnbI~Hs z1orjtFcP$vs>~Srg@Y@XIIcGVL} zs;>JMrlBJi(aMq&@JHHdr7nm6`TfCOBBZ9NR(ceem+;|P*Tk@=OeTbKytOi))(s&& zJH*}OXOpP#jY97GEV}$eF9_dEC8tZ3{x8ngtJ;Xzb`#JY23lk?KEfC@6{!(_ck z<<%O<3esw6~}nFMyVZ6;imkJc_K_>H04J0O6Xn>!nc@D z{_uH?_-}RH=ox6s0}PnUSUC7lMNLywa!NJ!dy-;$K;+h7s7(~5D*eav?7c)cGnek! zSx;B(wXGqSNg5Qv9LCzB^Zm-Pn|K7{!{tP9mRu<}SQR*#*4AEW{`YCpDESEKX>t7o zE*$m07Y-o>E6VWZ=Yl^6KcmPQpUUUf;G)2Kq4f8g z{RB}qD%?m@xW8Ahn6yc2z(tV)H^l$E*p0#Xl9FxSLI8a)$Kc%KuxvO`eUi8w)`S z4-rk8uGp_v>LfxB*BowAF6+L{d;z<4;x>5WhEj>m#M1Sn*H5X-4+cZW!m_93;CMOS z5MysG`y$P>klpP}!TjUN)8Q&$Wofs0xT-eM47dS?2)ZTOTwp+M_`7@okAfmh_l1Me zSYFJ%U;MewU!jxz%M%JacG0}k-QO@|6pRl)qPXC1zCbx3h+wCpX{T|kg7OU41EX_~ z8RCQIX?zy^o)ed$x6xq4#@jT0qJbnnycYf($s2d<3-1pd*{g#a}PXJlrgB#z}RMy~e7V@#Qk<*}rSc(E2U0qdUW2W)I^ zgF%Lnn2GflHM@v_&R4(f2fG1fsv!C7qDcUl6R~wlg%K~%Uw2|7T^M-9kvx8~MsOvTBe1m@wwuz%}SF2E#86#?!Vb9-_0IrVWG zG^w;^SDcbE;{dMX7Hcs5;=8=|qPO?$!3aYvT2zu#nPZO;oWm;2Zy|BnYD_*x3?OvC z(dhEOs>xPgE)_7ytb9l5jXA zjg=|Wva`4rGT{fzHrBOZU@g^>sX-N>kKMW46*W?>PVr5c0#f{y*Nqi)2vC|;nLnHe z=IlHI1qKWz)(V5>&k?|=*J!cTZAtTNZ=oxiP7Ju6MWj*f@EQ`p0g4cB;8VRc?1u6l zT803Bvk#_z@4;i2_6?d*cXYVw{imZZft1HRi=3O7{Sq6P<0w{$d8&3(0&)_RCT<=f z$^6}*nZHdYw-23(b(w)74WWM%^uu-W+xa+ffqHLZKpaIgCtoF%->bxr3y;{ztvm}Gtn*u$%{ye_%Dd9RUddFHWv)vJoX z`@q(#()5B|@hS};H&)n%gOL4GM7@i3K^l#{0Ij4fu|NJ{Y&f+jezAJtEi*hiH(=s1 zI%BV}W^4YJt^ge|1{k>P?sY!+0xnOkn><;*ee1nphBvrhyuD5_iVaN!9-gt`pNFJL zp!RD!FDQlGu^41cd z(;9IH7{k@Zn_wK9o>jFE$A#-QxZ2<6#ER7sd+HvF(xLa<7M$O zi6|4?SLkU6Rd)=4()oE-5IT#?C!_%Y*pF1nuk&6>_JWZ}soAr&^hK}p9k!9du(!Iv zpZ>vU`ZZgMzOv&=2>gSU!j#*m&jPZllIF+RlSW*KF(qMr;H6GwL<-HxqpWlF&3-#Duj4tD!uH>-LhT*Hwb;Ag<5X8W@7-wta_J70a&`heZ^dAi4$wd>`vSwSMcUM2oN zcU8e47-BV?W#(`#xbj#q&ZV{1K|K9IccX`MOHU8DsYn>){XI62<+{Vu(~nFi8kk;( zlcEN5;{e%nduX$U5uhtVbS9Kb5CK~<^HKJSM9>;*Dqiaq*cEt^XFRxpbzAzp*B9<# zb^n|ZK}-)h-uO_S+hF9cC``xnn}0>ow*@Ty&K_|leqAMzc?@lS3PsEbusqar8VLc< zI1Upp-Dq1x_1m1c$5$4U5_Y{qG<>4wAw_8gZMmj1`?($ys~eU(EHOD5AX~$EiHzTI z!NWp;k{=ip^mAy41`PBHC@P8&ijH$G%^PHi(eS?;EW%cTnP03r+?;iUkxT*N*!S<> zp_z5{f+b)M5Ee^_aHem4S|Lb(zKK4)iqB?)Aj)3NtcfWQ{sE>Ncp~n{TJ0piPTh$1 zNBO2*^|QvO|JhGD@=mb!YD-c;=?9Siu1%oAO(%^uvw7feCc{h4Ymn>w@V$mpL0%?R z{rP_JmIKSJI}4Y9Bn)3i`p(h_B5TcapOpQ6{T!qOEdM+40{L8_z(SMqQYlF0CRqP> z_H|!zx9bC&R{NiuHiQ^LMp}Q|CyK29-|`J^Y`NC9wkmslKb0W5lwd;}n-W3?LaWE( zJp;)C6^`EN4$_r&FGEzwz7aqJ4T zV;tRa6*}ufD)BdHIfC#9co`tDkdWctpC6OnrO)YtZi4@BG{thGrQ1{@9rZIOdL`Ia z3-{cD-aD5pt`2DI>{IPPeEJs94+|q;u2^Cm=o9#bD!{q$PXg<9@%o<}>fjKYbK%4E zA+{v!R)KW79He17y<5e)LHKiKDRF!EiR%5S!W&Heznc91|2_R5-a!yWo%eK5fdx;0 zP;#bcWtAJ_Q%V&nEiHXzY59HP^)qnM%$$&zl$CApXlSCYF9vYQ$Y3BY7-oTV0t2`% z-sTj2c>n&vC6*fupQ*AMCAIqZg7^M|jxZtulME5>TV1uT_I9aRO?3mS@tFJb@u|d~ z2UG6e;|lnU(w%~=1rWMpcX^#nEkC}_c+oaE82Lo$3eq&6rYbSa<+x${Os|e~G-s$C z3@&^B;X??pXq1wXSqA0DBGC{KL9q?>UcvV2PJWQt5r7_=bo1>)J78$YbpRA zH>yTkk-joBVO8cbq&WOLi0Qi=EP=$m%_;DzqxDdN!2F^d#bg|LOnG2AD4DcKzBY&j z`CaQk63?ka|168)I)5-2XLoYCy%(BcX!6JMF5gEbePw=5XK6KVEySp!$nN?aPfJ^C zqw<7Qt{fc><;!0_+qe)#et2EUEeoD^iu$kUOdmFZLcmst7FTTO8^?exHt6NShugKw zREQpZdzsCr$twv9O7X4OB!Wkm?T(9Q7zIPN{;T zNCTT|tb9Qj)5t*sM^pX@6%Ke0I4>NM{#;b7lk&QvSdVO=0S0(&lT$*^n_5ITy<3=V8i;7cs;wkycXz!`Vk6^ZB2xi6!oyU8WM z{`r28DJf^x31fKP@HH@p6Cn9a%YlFcALoOES!x|+WaQ+nt-tUI8oT^o;^!B^$)McE zmv7a+Ya!JtC~)<7h=5@=g+*I1dosC7R-0-TT^8uCA2GR!1O=KdGQj+@atRcFGr8d( z>>$b=aL;^(?gLP%Fk=PRNu?A1rh?b27W8|-U$chH%``!pKN{xXt&f!b3dWkl$TM>f zZ>6elyZ#eKy*SQt>upHoxQki9$VwDaxmZ3ENRJUzVx9YVTL8CEqp0N^ecsm5Rtiu8 zoVa_z{o3;#6S%RP^R>3wyq_NHxzF`K8#H0L9j?TGG8J;zZdJu6yTHPUT)m$@YI)@$ zTx~rU#8;@9GitP%P?jrI_sO%PnW+02#B8{f>pmC8;_frREin)!skhX!^`8 zG9wd{$4O#>NZJuBvTxr?xw^W>Pu2qV)4Qffd$s2Pq>7B0(taA3@_Jb~8TAyZ`2E#u zLa?~32Jg!tnGKd!RecnFxrI;%$ye^G#XBSoAENgtT1XnS9xN@;*v9E(i$07}pBz%6BIl6unN(ZHn2! zHvZXEx)%5t;S8@O>3?2{ZX|pU>Cyi?Q1$Wt%kMu(2x?_8qvRlLO^)sR^r|iFuxw{y=xD(r}Nh=BS z)V7!X_r1NEKHzOu?a+)rora_T?(v8F7oBBS*`g6rFWGAu|2>tfY~YOi;WvUP+b)-y z{kws3@FIPE7MKVLrB933#s7EL4#BP|+fs1BAwTSmqNZz3oqe5E_)p<~iBW*F9pDJ|b5*22*g`E>A2D7A4DX zH}k~|+AvI2?{_7Ie8Bd+J@PI9KTUo6;MNOx!)|6MSV{fPy+P(O-V)iFtZeFpGo@* zK4gmyLJkeYx8I}|cE>0l*L`kr>8a*u_jaMRr=d$h61{LKZzi31OCXPZHn#Bg zu;avHabvDTSWb(Gpjr6G9R!TS443`#3Gum2yW5}z>*6SRaYu~AcBdQtdS6xSzAI~H znsIRQJ4Bwu??5l18lp3Zv^Otpe7RzPONtwytS{DDp)8v6*1ez_uoR+ZzUMp;?-~57 zqYQ?RIE`arW2=gz--wtUs)5|ZIOFV5yXUb_^qJ$(d?T1(Mw-NDbzk8QZMOPdM|8Bt z-roOp^uCp&%yBa~w8tw{X%h^5#h3LQd5iTLQHAS&C5n7xoh?w8oT;`N(|>rV^7bn? z_Uq2qqyo-ZOE29G72dwx@8fjXU)fZ}qB$kNAimb_Ct^V`9{%RJ_pd$K9#@^*Z0!ik z`?G_!;IxhB$wYdenxu-jwJ+rNcQmvAyzw~WG97*ZFeqt_^+M+lJA(IyhQ6H}4Dr#xoz$(x52u&L$b=#!mQ1|8y^&|%kw18Vu`eqnt_IrLlCI|WvdQgwq`^VO z4WL=LXCa}-uECQ~*pxYtg=UcbetdLq~c0wS;lx_>c{%~^oq3X8xWTX*X)7Zof z(jV&94|M8P61nFv#c(M7-BYXnD34MZ%P30p#A?{uR(7qJ87mh^p;THeAX5of{ftJ+ z95#9N#Bu8vj`Kv^du#niRKhjB5mvIGa?%!bGBaGLq^YHyWITn-`R&p~41=&c3bjh- zXHz&kD)y#7-9wp7hm=cp+Aj5mP>a^nk~*e&Dy?xyd2zJumLyx7NIQg0Il@c@u)8O#5|Wz-Hi zzqr8cPJC&FFY6O5qyoIyP;D7+B{$%0DAf;^iJ5#f`=Ys!8 z9OQR~w+*$RCnJE0P3>o)S%T(T`b-;{$K);Om$F};(D)GDT@e7W2_Dq`Zr%zEc_-zw z81IPKx5$szL&c&DI9lg?|7}uBO1iNFWIlFR8b7pB%gd|9hf?Q88s703j>aw!FM8=x z0uT!WZrqu=wdIMtBNQJgd+Cm~OY) z;{5&ggjL87ydbax##fOk-8S(wAA6^aTLbLOA%OEkp2TkhtFK{bF(8<<_Fn&$&6aKo z$zM~UnY2ljakS*kn3qDht1IcEW40v4ZMPpP0QdYqF08l?CY+tVUNchf^N`*u_jckK z3i!QO|NgA{uXY$Wj)<-jSa1E(j)(Kx80ouD8lH)Vj$V@Iy0E>jZUba^bqy@ z(t=GS1goQG`8JWy7^(X2VN9_#Y6)1J(tSK@mk86D0@jDp3KMX5c6Qp!!^|&or28iB zg{J%5&^o7W;AP+%Mu|bQ_}#6Scq&B!jW~KX(!b=k zT)LrBQl_+56$r-QG03!Kt4JgE4A?Z6r$!`^jnw)Cnt?=fSJZv+R|jp!2{wNS5iJVg z6Q-Y&4?BD^y*U)CY+oEZvO?YodcT+`o<|#vDpoFlBM?Z6k11atWZ($W*sC-uDnN}a zY#8DVAw}n-k2^x&(Q6ieBNg>DV&yWm7xp^EjieIofwme45=F}*9m03!Yem)HqO(`w z!-v~a8Xm?I6IZHB&Bom7RB9<7;FhS?yzKAqAB!g?C#8KpOaow_vLtK^Nw?XTxwW+z z$Zd_lvh{>o)IFeV`RV(UUZSmSP$TsN&h*Cf*MZ0?DxH~xY}$l?;~X4U#m=e*dE&>6 zj6spC0*D+0p~MyVM<^)S`cE(~5`-QxIjmi0=$DfTIg)pp+ZOE}Mr;~JN*>cCabnw|hHzXVQ}9p0~^ z^iu%&0{vN1GuDht2|?>{or87eY)E8OP>MR!wE6=t}lMnwqu&@A9MR$e~U^P|zZP%?<7+ z7@+@a2&%wFEFlf7tKV4ZkEe-F8kt>3e^v7Vb`mZ=z8@gT<{<*&BU&XS_m_taA=+d3 z3_(vubBo)mKM|lDT{IFLUmwcO3DMj=38yp35CGo(nUopjcRWW zuk-E{Do@3=>2N6?P(%{3>+pi%>0MD&ct}-%0Yu0}^N1-hOe-`I-`JQzP%|$)5Ob|{ zfZgmOSVbEu;al!}8c8ZPj|r-Re{u~O-kY0;ihVW+`tt`Di_l@|y)HJ-Zx)Ycgw0nV)FXPtP%u=ABQ!h>C>nJ=frb@zN7I@aI*D|zP#BUHa z=Mcvv)4E$-y%agrAKwq@P#qqeBWV-LS!1QhCgJULwgO@pvk{7Iw`(I0ncFC4xyN{>;H8QwK9 z2!38++;W=`|0~2dwmU0N;%|4Mf>!68%R^k*yb2vR0LVkceyY-u<-Vvu^sO&fUtloi zVea*Hdn74&UnRSSWt7(ihF-n1IAFE4H+E;*UboBc{B9(%wk|fEZ^+*dh1Pu*rTlz* zyD?Xo3o%|Vo@-@T{9Q_CKJnex<7^l9VB&Xkzu(YwRh~*Mn5b@(Gw&uL{CDE~oc7R+ z5wNYp@tNd8>=_ss%C67E46W3Wfpu)#1ttk}z6YIIF*QIYf}DQn>dX#Jh$g_ixY%65 z)J1;tS9R;CB+IjBSp59_OD2~!Zb!u5gh>K4inK8vC{vMc?s=1+?Jmf4;r#8;m7H81 zN;B9QMi5fs`(?z(FS)?GbsR4pAKc!01Z#aVpDZpqzX9^={ZlJA+OYa+X1Si;mo?Q( z;f~*VpA|KY52e5R5EBB-VTy=!*I|@|&GS=H6hBAVU1*N-_5a**+FZlh&&?kUK$^-u z+WT{R{|n%tV>w@NSr8^A^Ma1H&HBFwI?IuND*(`lQX>eU6-BVZs4$A@JDG&O5_e`? zihc~ptNZ`tmC%0r{C^-G&|A_|xxfHmUP+z<_Fs_n)dj}=+akafoE5Yr{}(dtfET+t z@;y)ST7okmn1%P4A z0Cq(HC;4A+OIwd@CV?IuQnP2!{aKO&nuMJ5R90q5UZFs#TD~#zsN%oyVJR?5d*Fqu z8fVW~@UkWP-Ne4v|AE2)zNIUDY690Lvx4qHK9S{)7!-W~XBj)nq^a8#c;13%#1 z)a4}MD#t1J;oxZD6r?3Iy^W8uk=+T0h{K+n!4e2axV6nv&X^~a(XGpz#48~qTjN_N zjYwYT3i83NqDT=VqD>c85nZ|yg`Zsyvnb^uzaR%y2USk%Jawg|rOeKskagj;1BtkO zkVi>jvg=`nFP}ake?!1>KS3*pW9!67iva#lU?X3N0(_`O=ztSxo!wpKA9ZInwy-Ev z-WPrgjK7XUu(GlO=bD6igK*KGgEk^gq1a@R8jFRlI^+Y&Hrr^tyl$~&l%%A$%Q$&1 zVOcL7f1d*x+JPIU3l1zmU1#(_bl=_1xK^qvU_Zg-Y zM1f$D2So!$Mj>EbN+%lS3R;2>HH^kHi4y97XA^FU)3!7R+c8ownIS8IfVget_ z3!+i(f$Lg%U>4CQ@JNeCJu3yG5!<2=9@{4bj6n=oy_#-0?{{kw?zI)Q9>;#ryefCx zI7V6wLM=QbHkRMjg7w>vpX#iA*f==-HA%kJK7A-VTxqx*`uubHw`XV0y1Kfgeu5H^ z&-?jWF6Vav+=BCdsM2F>qo8?1-kxHxm|C8hB@z-+FXTM(Id1#${)SY@8tqB+tMsAd zB=KPV;hWWggs$OXj8(`D=&#k7YMm9f)LO>rRRFRDk~>AALJE}^wMlrtsdZRP53DdX%N2tj%?o^_|}>TAfu313kUup&#EzdC=*? zPfYzr>o^e)Tf2;`ZAEZkdEiL`yQuN+)<*(ZV72W)Oh!JE$m7%bHq*N=mxRiCSqXGf zK1Eo6{#f1Kp7THVoB$5dT2y}mlLU&&ZeCoN6mp@MUph8S&0K;LZp`Q~(8u0Mt>QP|BY@oBnbLO!V zhaHwIw?Bae1qHBYLRj?8e%)uZTk^n_7B@P};U8O1Z-Xkmwf7H~*Vc@yGF<;mVhrNI zs>IhqL#HI;ISUbB4$DoQ_BS#MjbBJuH92vg4W8t)-|#mc>$7cf=vPxx%sa@1ez4r! z^QHJ>WhLZi#$>By7uDpn*40JF|DCak#4&4V`}5WU9xmR^=su=1ivj*KduFIT8D_pr z*&BNQ6#I0S>ltLFj6Y$2I4B}h6=yN765qAFcikC{(_oq~pUa9Y)#!LbE$$PA(qNFM zA3J<|`$WKL^c!Q{H&t3r2X1w07{4bxHoPjHCN68Ci0Lpgi1Q}g0RED<|=1GK%LD+eq#Rfvn+Zj&6B^pkZA`j;~6Z(Q*rp+lAOJ4Z_ zJYS|m;(LA6bB4#TdF+AM*x2amM4ZH&TOOG6_9L~$*mp7(by+Xh+CV{j{jiQ_awhgm z@`hhsMY=7DI_q^DeXjzI&ago`$8d?l_cl)g+$a2%PV5)Hy6bn6PazKCgP}{w(2LDv#KZ^ z?{Y$xONY*GT4F;6ylC0kl~kxAf-0Fz8Anp?b@sbzlP@4mf zoH%T=N3Q$ukB8b+zHb^D&9qPErdsagtLbU4iES_$M9Siu&>S|{tN?xjfoe>5R zd}P;>gx#F?pNV6r#n8vcg@5o`wtsz$x=0>2n_E#pfJw<=fr^HAr6FytxRJN~wwki@ zIaF%DE%0>p^ytGiOb!1E$7-?^pnm?zE8qa7W>`fr|8t4#ef~hCUMNpjnVz1xxfvoS zbWlT~oX(s7d0wK~bGNuU?n5dI4ut_l`C>Jx%tf-?qijQs*Sy5-YDfNq{j3TBFZ8OQ z%)Ny*u-)`ALs#sQU9Xmz&)o=o(dv*&o^)8l=fZSwFI8JkHS4-U-|S35mX zo>o~SY_<;7@y^?Pc6fF$g~Pzz1oiBC)!-5~iRgcS*$n7)zfpFRgfx@ z`FthfLYu$1r~Psuv-JJH(N96#-)Na%lYTsG=&4SeB=)ICc0#wqWTO=FMp7iMkac!O zQ_dC+EKk4K9xY<%epc?9>z8e|FK&+Ss~>XX_8C>xbY>|dOgX_LJx7c^Y?AVr|3G?v z^GTWxgKfTiz$X4L0!-$w4oG>=zVweinXe~x@6cb=OEeD@$gpwlAl}S*9*wXcT5_2t z0cT2c(8KoCfnc}8v%z^~qNv63l85)@?b~9NXcUn)B(#kkeZ5+DG92o6-%3=d^FL_m z94)nAlkrI3cwk&n@b#CfF>D+k$9kQvnHS$*>fS^|#q{R1-B)`Lse5M$aaO+fyM6UB zvoSD!;^R5L^YjR&+uo>b$+(fr^O^(V*vW?-+2o<)SPWQf#*9qYJ4=`CIXxkfVj`*{ zubVtlK^LJ~3s1>8C1jWVyMV!jAw1$ge_+#Yq;Hg{BWHeU|RV-o)-@G?)u>UbVOZiITDSLJYu@qUo_eNfkvFKe3e{f{nm6g>Pl$W1?Sn( zi0;q8GEK@aqQ&`GAYalU%S?R7XEHugPK{llv%*(j)c?l117>Lx?;2;any0$@ibr#RZ-f`pg=|_1qSN7wa8PxETU= zaXUjA%q8;pog>Lr5puYvLG6x196Q^)=mw$&=d+6~ih|{aHCQ7$<@j|jDV+c0tR?5} zDzjT%j+ZRmVNi4;Hf>NUXZBmyADN^vMm2svsf}X3^G7RKyk-M0X9#a?-!Pq9wZxDL zP=`kC$lc>qR69+WVo?Z@TaKiLHKlTWNal=dph%7ArxhHomT+V?sN{R_dsHiRmat!{ z!Bq1GBK*HB#qItIUU?$(@izB1Aed&S+zmwrDp$9A zZ`zkjs6jHTs%RjdhjC>(oSV}nDy3=#0z6j3-x4-HZ5j)ETr{7BbbR?s>~SzhGUs6} zk0vQ8Qm!)L>^lQ%Xn7nHG*qBNkPKnz1Tr$*y0| zteh

g(l%Ij@{4P@&rK_5EhtP?Dgyl~OM2SDjJ9>G)q+Y%H`C;OX*C&BmX2uPzvk zM-~tv#0>`Atd+1we z7>g+D80*>PrNsG`Oz(R6Sj9QR4yyW6p)_c4LgqD#gE}4eRx4@scQK%1nAg0c-0v#j z>T6D5SkQRJ!oa{6Eb`_Hk-^gaGg$fHJ8IY1C@`4LTXI3Zt6-AD#~YS|+ZVVumTBzl zuEbT$ImIg_c8Q33O>eYRZ}vth5}(m*S7ib%*8Gd_J*^JsXEl_*-=23Jsi{qAoCx$S_Qbt7Ecy)ZI&Ziz39u-2e^Z#a6n#{e70 zJY%V8{Vy(AD5pzErg5=b&QpHc+S*?6kb!-TZ~7xT`nQ36)T}3OzG@Au(d3!-M~oN` zFOm626Z->=VIORhz-0%D?)@)!{w~P-?;on8Bl|19W7T<1pbpcL5H2p+y~3v8$D77C zY4eF)YxDUu{6pc5ecE6R(T>TRB)Gd-HbH2+mY4lv4GIyPOx4!I^`j`n6BaIvS={wj zN`#P26;I5Ib8BR;%KKu6EQ*k$)SfCMM`ly!ufUhx>Rk$^FeSvD=W%*Ds5%L^b})#1>;2GUKk?`{+OYn~U%xmXh$=e#IHdQKHtg6m$rAG*C*!f|oncA(MkjSL z^pQfaz$HnRl-Ki}KA#hc&isMv_lS{;0OS~Im`Mi;ST_j6`)=v9>ArwD@GFohDdqBz z+~YXmv5DPZJzxyWa7a)e<~f5S@W*}hc3-5E`nGAv1zYCIZm4mgclFse5% z8MmJN9lAjCC*BYF{Ai!SQmjWVCb%t|>h5wMIklFkSJt2&LzCbpHjAIXua@jRbSU3> zT%AzGD+qsbb{|DiS+DCR&%=2aFph7EeMK`v z!0?))Wi*s?g&>jRM)M7g)(Ae8uQRdptW;t)@}$Fpcr$?;n|Y$M^Xi_|E}g zA8%)5p?6=RSBHtXo-DRGRZ@k`h*5D`?*3Cu;rL=bAr0M@Uzp)g`- z5sR{;$odgL)IOJJ#KBqy57KgjDs7y$Zhh1OSE72J?kEoDE7UlV?oNBrfm{!@&G+Wp za#{^|`-m|58=<+}B^UhTP{Dl-PWsv9??}@C?156eo*IV%oN~Q3{3??UiHfDGjnln~ z@(_BOrNHQ*%GBcIcNzt#A}o@7G7H@g@$2)3-9ARP_n?Z|$RU{2%K_gaK0U?f#rg>0uElq$jCjHeqUtri%R z!(4m#w;0Ra|JTTuIs{kkz#z`OxyfJlSnd@T+tTHM=*&RO4w8*ALjL~=rKQJ>$}nVj zNh2x%{MC*zGmD@m6tH2lwg%x&Gcc%9#e;y+3B@OWa9q$5*#ZoQXoM0=>wrfJn>rY3 zsX^#3fJ0pMUivWhod-a8qY7#e-jo0%I~hNM99=&S6PY2;yv$Op+D{N0iX5K7*dWdj*$w(?gvfj#^HH;y-~0Fx4`y{o81vT(*^K#><%}&iG#2s?pY^v5 z{OZa@=1{{c9rtTS!Ha=z|#NxvEx^$ z0X$Q7N|wfVVA`C*jAeP&5s={bur0IUj{qFLqW^6~>aUrGZb^80dP~0<5;C$)mh3vZ zH#MZ4=+8qkun}8$2UXxvL>eMPi$ZndEKqpA$w||GI7Vj3Xew>_ayi1w!=wJUH%n3s zxOR7%*bqMyL4g96l9G}pWQsGM(-JKHYidez+wo%OoVUTpu)P_Ytz$chR@^Xnn6oVN(tK z^b7^5mg^TSv4$;fooj2#1#xCpR$+|M^LZ9O>4BoLS=L6l77y6ig59#b|LB<=f;=oC-h|D6?e^(oYXxoKM#nD1{ppsw(M{PVXSv2|<-* z!CA&W$lp1kL-^};d(3Z??=bQ3@XiZkBVwcr?y{Y4VX`jAvt@#?X}j0gCnnJ%4NIo~ zhSLWV8Q9i-e~Hfv88APLv(&wq5c$EXg;X>`C~x%@f+W9e zZs8w`(Xq7|XN$YQ20OOa&7U3cxPrl*wC+dTXuj7KUHPG9YPA-4KU`Qi%l9I;_cksp zRfL2J@oyHI|ItvsJIlp~ab#R|c7;6C^SvXyIep)s!r?plTgD&jNE{^;2K8y*QYe4{EasoG-E z{rp+1EsVjuI3`WN|MlG!S*T9cTE0Y2hWFi$@Jc^Uze4=q?%gf@0(_K9nvi5Rt4N8( zf%sg^1zhqKqtVC`_-TL^VNjv|+&tk*fcTSY3AZ!D!)^C}-da`xHbd!F)@%dRRQ-j=f8QOt#`pxh1*IhKHjn?kiJaz@({h(1yllO0- zN!C4X4cNbc0kA96Y9=t?xa>BD{o?zb^_liXfdTiwZoAlpzyL^+>1vr9n&gAKaYrEu zctbkPKfY(zEi0(H@Q5z~E^yEfa}7899**r3+Do`qO+W1-7P*1f?t}xJT?4+}C_`Mt zH!}7ZTPBeVH_Axvn(Dsld-rNwqp~>J)?zs|lY$;rKJjCPWnWj3pM(*?>0g8h!(-)> z53Bx~g6+!RzW)TQg;dIA3%@d3IFdL*2OakVo4tKGwk{L{1wodK4 zITfQfn4@2My~oF+y7AOgHkiR59aQd)0_p##>}&rn;F=OZo#%uqDDnM(^eo8KB;kN$ zAa%ba2Fu;Soe|vO^ADvZOVRef?}zUYCE3X04PUsBcn%7xtm&7HKtyPg^7zRD8F8W9Y~l7H<=3WPxqP- zm`pId2JZ2Ed!RYsS*#Ry>LS*Ce+mHUr+oCnDuv4Ry*xg$p`t(%5g&I)Qqu&Tenga5 z{jU}v$J-jMocHrM-(cHUS`-e77h<$!1?B@6;h19X6K1 z-?P@{+rU~<97zfTCcBS`m;lXx5U9W(!h=}|CA6wcgNW~8lLea_8(>d$k3cbZn5wt0 zFQyJ|a%{f`Gj#s2D+IOg`T6dU3!wB!K4$QB0aPmTXp_S-ih+Rv{AzVIccFZuWakYq z2|f0%j0tr*@8|w7Y>M9X;NW2C2Pjk(F92W=yQ_tLui4)yrO{rDWeRcu^b~7WfYk^Y^K@o&8`~W!we{yiH_~`^IK{w$Zh9YO$Gg_{MIo zoSvhNdC*^Kf3DIf+G6N?*T@K_Of)eO2q3z|;;2N6`93{8-k6l@)*xt=X%o%w%bXo8 z^2U(!V`K_A;BygvP&A$Wr6r#&(h%5!0J}WxjU-TOb~bG|sQCCA1vmhiUweol+P`d4 z<&{B9B$#^D5D4oaB%Akhoc@Uff=G)T#C@M0slKL0O)}k(lizMm8bEH7dE3yo9334O znq3$M2XXKUD z-PK_oAoVHAwdR0D zh!C@bDj}(_Uxjc0CB-yrqG6yinEb8Tw?K`RSCo`7LrF}SBfg!1@ZHIY0IIghRRTZw z4IwD)t0uA*CrRxf`mGCMm;3G6<_k^r+YVsEo4xnOsqk_SKxa%H{_~YaeU?7({6J|4 zu(Wtw#J@~N&#n%25=3R*%KPq5F{(LDNYu20q5o0)!{sYd4J5WU*%UGFYmEz zyyt&5r~>-snSAF3$w26@C9%{MT#MO$YzugT-#``30g@wThv#rusz-PN{%kQ-YN=?S z9xc{s>F@svRBm@bI0K{%-}*joFdk;HJ7q-5R1yH%3=e{k+Qquhauxaw-%drpTG-_g+s7HN#`P1She;eC|ml)4~jg#HU@%+cCAgaJS*5B4e@H#A(7vKu(%#a=0htp z{7va|>VX%iq^n;c>CNUqJWb63$YxORqucoY(K0}O?e5^vt-Gw$|6mG=@4Rhw{xeGU z+y7o5r#0VYyWgysDAaN!1>Fm+MR72>fYkkU!uRLw6B*32!RL=bhOC!f7ttjzsDVN0 z1K(|n)fl-;cDqQU<0?jNyOE)xG!?UIcIgV2@$Xk$96n#5BT>fQNIn-8Nr$0^+=TI$ zc|wGP;VM3=i&sD$2b7w3$!|co`3$h9(}9@-EAlr{l7#9Dh2iPMO!L!ND37_=g?gdv z&x@!> z%@5d~Lj|bCSOoc>987U}V<#z#41b%Yx&Cq^;Y~9@V)(EP>77_!!CLU2RSz^o@{yC4 zp`)L|qBHG03!@v%{X-N*6p?d5!kb_hR6fz{NKh+_J~&@x5*{Cq`%CjD0w5eQWl6eH zLW~APC0&5T=4^kO>3k}J%&eVoMy*HH#hMuNqr>Zw)ii{c!=n|TMFMNb6*s%ibE>Z4 zeGP?ob7QM`MT$rEQ%j^mT2nCbOY>`DNIKcZb2sH?O`2`k;2?8hZM@{-J3MQxOBReB z4!kN0J~xZWe3_ajW#z#Wa^mHX=1*Xgdi`YkDoQ*n{}myA zkPg>6ZK|6>L!j~;|Jdzd0v)2~(ZabRc-oAjcE(0E@nQ3Ag&zv!FX93MELCDlSwlw{WNJ&u6`^&uS{*DCr+rLqfa`NPy&PR zePYTJTQ_i8W!j@EkV?xhLqWVLgGEwYIcZ$9IuIq?FEMhI3P;sIaJx4^>dI|q5`g7q?-*)SO{ z`lAJ(IZY+16jQ_(`B@Gs{FJC*MkruW2Lm20P2R-A}k{ z7QBPW)clLU8k#K7nZJr%qLRz0T|AXf18FkrNPcVHAEA}6k}F2Urf+k_gd8l|rb-xI z-3)<59oFY-)s)fql^M3wlGZ;0iIiHNBr?3eIVP4n1FDFg^`ann+7$wnqy!W|88+?j{kl0t=tI01$3t{YK;p>y8M$VlKO@ejB-9LUd?Q= zFjLTp{Ic4b{9C?x=T~GmR&E1WMx*z`tt$eg`#a;{cdberFdsm!$MBc_WR0IK)7b{X zmYF$QhL}RidxuQLkZL4%U|$DSPMf{a-ytM{xo4NV28&bqNCY)^Xi-hBX&Il3;L zL;?L-x+6rVpPFIoRkcDLFXer!JG4^IwDJ}HLu7&_Q3hSp5d2hTf-OdapB zSEf!~RFLyolK8wS+&(1>oYK>X7agv(wK8k3=<#Kw@W0)z8|gzc;&g{#=n=YNMHw9v zY5*cyNYi)9pvqFBV{Z8;d)K}PTkf0{UcRJnpDNG14l6PC5)uHn$bjs#vTyFXzlP*~ z;l%?jvcnTbG*VOK;kNGljv`}Y7M1gJal5VFO15fKnB*G21_ z5#JA5#Imf2+vnNQnPt81hjU-G8xod(LHN*uIAwY$SaAVQ`GNO;>kyz2YN!G}rKSc| zwuUJ%qQ2xWRsKMPX#EY8P5er%!v9l59sYk&L;=&zw*v*3kuhKd`I}@)Kw1oUNityq zKBFm$sa5%UcYzm_mz&6=^#L(O9D}8Nx@UCMaNBo^MbH&94EfGr$CZ;#5WV@GEvxhW ziOkMm;wos_=C5P4t-#2Hb^XP~^uUDo0}Q?WD|&?2L3BSEId@P+EXR~cv5fNGQFYVv zRZ7YfNhBahEv~Ow3dhZLett6l9dIM@MW9sRiwk)VE68`EL@^cR%kv=P6MrwA;BWuR z6bDLj{3tGy4ti#8`4+N{6g@INGLKrI0HXgAwS#i-DeB-Yw7~)P>cB3yW8*#^BrRjp z{=TyDX4f6U0unV|T4o9fkz!p~T7spdFa2DU)G_$gj7LO4ZIdlQ|GH3FHYFIcT=qdn z8U@0s|GlVk%yG*@)yysA36#6=qYS7-|vp**Zb<`Xb7uk-*g-XSSNl13h0bhv`@in^NFvsV*TA zHgG8LOAhJn*BLKY8}cf5VOalygI`U+M44sF&0ejV|D7f?Ih;dE$IK3An%H%)J6eOU z06&c&!m+W@i7}`Vr0e}d29FF@YmLH!X=)2fRi_w_CgOGgz>YWb?O5(fcIuU{*ucfW z*YJn(oJw+V!0{drCuzh+5 zi~vIL8FoPH{V`97ob8hk02BoO zUxxtpmYe2(Edjdl=`SphO^ERtwI^sfv55m-FCU!?y@`?W#Ez*Ac;aT~J#Hw~W_Ej1KSUm)jX zRQ`+!i+8fKiw06|@~8ec?gN5OYqa$A-QR32GPG)HYl8vVvyHa$mVO_C4}fG-i}|6U zqM}AR^(-pIJ1Q?LC1vfM_;0U{@ z`?G?S^0`=0AU>?T(AjAP?V1-X2lWMP!cIg)G~!JrgJtY9MlS#kH4{L>TEoHyfgkC^ zD9Dh|P-N{YJwysS3QLwA26||{0>SOSfAk+S>IajUnymOE@Rp~h)UjO2d{k5Ystp?L zWe(>mu(skY!FH=MKhUqR-46&vJx`={t#!-01#G5}>O;@d>poA`E0|ZXNph+|!t+o) z_S>1>y-Q%yakLmq(K@^+%LFKdO7+QeEDU!F3JO4tNsNe!69|wqAWd)G=3D={qeW)T zYTBhnhXOrpv)&vb7ask3>#$&COxx^m0rY*DWI&VW?fa#>Tk_c)7eMFqSv<-85wri( z`sOI5A;yPO=^RIpvF2QZ!8jZwIt%-|&^ChG4M*hv0T43Ep6 z{AGy=fItS*JLCfZj`AkGD=6okjO}mVd-9YN;^FV#i{AQNk`l6O!Z|EUBW4S@;6C7? z-CJCv;o!tsdQ9_^6DsArYq=nQtgsprAr*AQV%7S^Tuv(^1`iJ}53EyphguHb6&E-6 ztLy9QVY?q;<*$7Hef#z;BEXy)L!x6Ei{M}Z2|0sI8rLZ(SZ2fHZx}vIGpBiXuH5D; zRVJ`r-@_09g(6b|yB?2a(0)5myu(&YXvTAd8K0E>qrgfgX){e``m64-UrU|o9_$c6Z{?y0hs>`&_wimF-+L9xQ{R(c*+HC~RbL%F zJ;y*#sYE>_Mu^9fK_%_V8%3Wb4gg23G${>#w=Bpdv!{iGV66o9^}UZ!CLkt`+t{F0 z$`m0xUTz|wx(6VX+d3(xZ%E-AhfPjte5RBDb`t~W?C9xv5a8k0H`2u3`}wyy|GTh! zSj?;Q7KYB0?2e>>9aonIb33?++0(+Q-}_=Re;!W51NND83cFr!55L=-{bH)>VI9C09#L1BnAd85A7KU`&$n2wz1i;1ICc zGJ|t3Z*hl`o{>b7-@SpN2Loc(SN>605ph&cy+B6PUu;j{E9r?DhmKfU1%h zy512GpV4q&)^pdutY06obE1p_vGQNt0I3`&-~e(a%)^Xese>8oSqNhoE)5I&<@NCr zoq^})2d@XTC_yCt6#*`LcNLcg{QaN)-sAgvy zh=DGSSODzA7_=HnArN#jlxnos1BgAum1Y-201=YCrfk_bI*I|5+Grb&s}St%{*Rq) zzD+g0H`JqjUZhd2N3opQc!ym7PJGD&>yyRKEy8)&nOl-l(l4*de-Hjyp5*QwF- zV~5RtyBJFihj8l#Yu)5iasa+w`HL>l_?Nq$`|*_UT>T)YkqF=?TP~8h{cgGI?Usr0 zHaD$ji>X*OnQ>jmG^>m?K)+RTjl0w6q>BAoTwzNMn80QLL^Q@|nAuqQ<3^A?$5j#7 zObsGJ2ttinAM548B4RSDPTzbWoMEf0!e~o}`#vB&vkd`6x9HL0CQp*he*3@SuK(_F zeanRXtCQOrNxmR`yTx@eYSuTbCFFhf>iTp!#Pe7b4YN&iU!B>YkzT-QDX`Yk=yK~0 zU_R#N36NnH!n*o01~8lHLK&bB;|Hjzu8xFwa6#G1eLR3V=0?r^A>|D9>? zSx0jA-r!^bu&T`c&9RapD6wz-ZcR!JTfUQWAI!Bey~xqO`ui5RY|Cy<{}3aqvlxrp z9*Cp$I)TCKB6y|q>{i<^;*UD#vS@$$E^cxz{LY~t3s`5;maOa=hkG2#_dZy2+H+=b z^UDLMFDhi*{)=5jXp5Vmx9{pJM@oM{>2NYkjsPoCOqEG`6Km@5_xa0-ni{EydjvjA zE}l|067XxDF`3olEPg-X3M}P^th!$0=i`3LSvlD} z*ZTSFmbs7o zNAu19JqAoPclTaSX8)i+2Qg9=RaLpivxLKeGr%kwncgB?`*{L|i;L@Mr3Ljp#7pbz z(j>p!z$LSBxh^|c&P&xT;of}u5642?XBq%m51uTL?F4!~fP>DQrzkd5Jf0uk~4Tp1^fQC}H<7=#Qi{I0OjQayXub6Fp zbIEAE)9bd(Q7SH`O@p!l2B#1=_>38qh;0p6|Bem`Qb7%Gaa2ouF`P4 zbRGQm&uDriG(lAjlSh3p)u_UjsNArHl^D7oJu^RnyWHq7a4>5ZswTx1dO^gxIk*`j zpGY67j!r&P$TbTfxSRXapRHGz@1iwUdR7cC{auk8Y*&dX1S`X{E2ub4+JkpTbTWv6F@BP2A z>$#yd-|Vky1nS*RX4h^GZQrMfIG{`wDTbR$p<*5emfrx4VrYXp<(fnkb5#<+!^^bX zT^@4{%YSu8xLf39N(8X`o#AX;oysh^JNJElJ8XV)AcY}35S+w9zFhwYeXmR@w6MS~YeVz>aAxr^uYQX{AvP-PhfUdrN*ANSV_H%%$d;jInEj`)|Vs>2+ z)>D#ro9?+f&;Tg@qQ(bA-H}yrzv?O~Vqv*Cf|Xl~fA?ThEfkf;ZLd#MP=Lme`^kD6 zg64^=P=N3?J@}!JU#0QX6ZVL$GGW&pu58k@-4DsLZ6NQ?a9Xdd*m-hmgz}&6)gt-~ z;7|c|v)8*X7lZ)u7F<$7(&)4vWFRJp%--sG9Q1i2H&1bIyu16>Yx~Vg%W=5H&{2); z75UpclL}j{(X_WjvqpAwmQjSTnHC1+ToG(8CmKVDw=!ItYF;qVAR~UU_ly{w$}Rsaxm62(U!ol1h}#0hjdB`gOY2M!-vo2K$Fe zh(ArdpV$0l8q=utsuO4w*NL8XFtcB%#@QW)pm`}o6IX2+s+uZUBC*D=QJ zSx&Lm;TwM}>e;Jnf1MX7$4Ai@H==rI0+J zZxRIb;K_VpQEjO->WF)O`U}FIx4qqt7Y7wQ@O6IRBFT8JT!2MhFm@D~o$1tB{qwg6 z9Ix#GAY8x&TF(-I-UIJ@`bjL}i}1aPRF%tAAe3&yYPP$DN;O(j($r*j3!aq1umQ~O z5@4nx?JN?f8-Nb9&YKjj7dEBx{_YO2kXJNMBIK@nOub#wl2Xha^kWxb@0>k6WQM*o z{_xMfpgX)@Y5B`+*qq=kYwZ_3EHh1ib0SJ>$n9}3(;b3}+vg_vT&%E7Ym5|iVW6kS zpqMiH-C!Tfee4b*5mc!+nU88i$eGw|6W|pqqBlC5KV!4+bw?K<44*9~Y@?$v%*4aP zYCK8!N!faqW%u)7AEgWC0BF9RsV~0D32dj|y?!OAHE(uvl{FcbMxfsLSk*8K)JAFBaEnZ+DKhA;X%UKWl-hfL!?lGgtOcyE?7}KZsnSl@2Xk8H@ zC;U;lh!PnnR`E2V_Vos4z&(d#3OKOWxc(PYtZL?~s6bAv$E3pSsSYPHo4FFcQ^_~? zg7K7BF)0A)d*TCdi-%KEA%gpA@`n`w@yXZ+=vyT&yR)~R@XRYw8rwHbe1MCG95U;Glh*Ht0hCaSXG})$QX2|k zV{>?!;gXLPAO)fp>-MC%AkM?Diz%mO%I$QxBK4>JbTjT(o16mP5=Cn_*tDAPeY7c* z(9q9gZ30qi0I5ZBziiI{M|3D zvbOSDOzg z*Z6aeX)zj*sQj-MV7I+aVU z${6vymRYS9OTWo65=d0G09d+IeO9ZP#RffKpJ%ss_{d1qE5c6L)neYrn#v6bw*(`(H2hR6QF3A*84OPJ$a`(8T%(TkO5uT@$*kc(2c=L_+ zt0)r`IceenIAJ&x`MI)|9^ zxC6TAH?0Z@AXB1N-2f}y+r>#pxNHD@lBtcZEj+TW)m3ZyoQ;;s9}y zE`*0&rX2Kkv3iYZ^9ETbWQ_~Pw0#UVRR_peUO;5#0DrbS$ z`cq9@Zvl1_KwN|+v!zBN^85KYvU+{}Ar%5xYKIIovHXLh;Ioe*9?L8+9}qXkR%gXQ zp@lJ7)t5p4(W+T`z8ZkfVY{-?%$N&M|^ZN6{Sz>{Z z^9C&nHYIJG;_t7=wNpOY<#3Fc?>M19V*xQ_2vGjz1$2mcKX0}PF~-D|ux+a=XSElR z!gR7S6**IFXYHblJ`x%H8_uf$V4Q|vH8`VlGKJh|K!ej4f!AYd?!e)h&!AZNF;g2z zT3z3PlW_gJx@CZ@m+SgyjpYX!pLgj3yvx-uqEh`?ehKh&OH@5geaE^3AhppuidW_$ zYC*crJ6yweMHHEh@LK@-XQq15Z?8E(_RqiF_s#h1RZTimDkmeQkqkxH+)uLf%yjwy zvLht-2TdC@%vze9fqo?0?{vrPXs&`SSSq+LQnsGaX;TszaGhRd(i2_Qft7)Gy$VS# zw`XdmF4H)!(a(CX8z+mP)oKKkBF!fDd98kZAJ~m9;ulQgo;pl>I=WeH*2>9b;|dv$ z@_U72+-Im9d=)nr&bQ4JjhZG4@;{^0pVC@&WQpw4;b12y0=W!eK9b1QEYMdSd7QT& zJ?(HQU*l14mZ~ZO`xmzNaZ}&r{}lI~;c&I@w~SsBy#-OC*XSjP-fNWTy#~Rk(FHSV zlpyNpC5aXhUGyMibWtPPAP5Yt~sDVmNsAy}YI1uRMRy${cik4781Gceec_Uzz=Ek8w0p>BA zb+eJ~Mp1uEIMO2c5Jt(aoJwKXo@d4rYLAIuRkq26>x?SL z*y-wO1g757Inm_mq6~Xbed?iuo;#sK(0GAh0BStC)=x z{Q#09i1c}_-N6qEc8`t`OFhw^i|e#O(6XgIN7sdK4MkX99dw!dv!f?evY3u7;-={Nn=EGqn9NeYZ>?Lm7(d*2bJ4_jin5h`U1SoI$Q_|*ecRhhdwIYO8eoVt_( z_>eZ%OF|Sh6|7GpO;me(JCnu3h{qyGV~EaD#AhT7`;Mt z*$)sdbv`ql_5wW4e7zmk<<-@I-u31Az^WLIbSqDdXAmJfhR z4X~bNVn`sz;NtTm1Sps0ojvg0B!K}ps=>HyG#4C*7H*q+a#>Oj7~JUKhD6IjbK8Os zS00p0i~fqYrrcOy8O^T{^;&4s_!xHjLa8T)OS5kX#`@ zX}M)HhFO7yftt>K4tdCSfY!*>V)Wxw9m&Rph&YX~9~AEhBtvZ+7%9ukX943x=|yc$ z|95kgW=$~A$A_#tqnU|`iOZ&|L((<}GA6~zo4>>%oIRP5$Kl1LkBFRaj=bCieS9DI z(ZmXN0qv3Mx_qUy1__j229eEh;-R9C_MgnJoud5M5_Pdv*DR=xl0vvuBw*Qa3GS|f zyb0y|e>Q-}mU%C?w%!i0SA%fgaRMZJ*^S3PX~#(6wm$Z5Brq)wuB)A;@t!e5ghWN6 zw?e0edC|9*+V^g4TLup>O<;S6u;_E@7RfOlEO#b1Zt^7b1?(K65t&>DciIEIXwHNF zEGg!R@AqH&n6K>`RuBVy3(uB?2YC_|DtB6#d*~%OYWmRi?=hgvU~IP|PW>&)0-@x1 zvVt}Z5b!_BY{N?3SV5Z-)9PB_VRslz=>sNCTTcfPUM;Q5-(+0GEFr3@?a5S}%oB%b zMFi&la(e*m7dGl^wOMry>P)^XLhV4d^=S2|G`)a#L_y*Q1?w}!)P&zu1v#>`a)_HR zL0k9nKvXkfVyuZ%7OxFK*M|;!Zgs|&q_Gu#N-}}FT(uK+R02-C_FpFlxXkJ!>$_aW zb7O$E;)Y8F@h{f-^y|CkRvmZT=W64@Ri5yRQ4Bb;bf)ijwHRWB?al5>My#Wx{Kwp%1Iy)1UQ*2}@7h-M|n zN9-M5A*Dv!wcqm%q#ImO$R5|3nsU^hQrvYcXevtpL76U!k7Y$pH#6Sv7zs*Dpq)P_ zHgp$>jV6s~*1L^Dt2KJnJbEiYS|XrdkKg=c1=bN<8W>di#kO%=Y}paynFPp-j=G~)fTEi$kMwL5HGj{;_|vPxSaSxBe)VCuJx`UmI;zWa zF#vFH42j=cEPc0!1ubDm{Lqsq>)I#5P}J?t^RFP|MZZ;3ENvTj5Dng$Fg|)?M&{?- z-UrB<-aa;VkGr^Sj)pZa(=MY{TDYw{f(W!mi{eEy7&cG#BpNIQav`1eq z1Kn38EE#EOP8Z6N~bUjOqVU4J{k?j!U;` zN3j?@Eg+B7$|zmNp~S7disEw{6Yem8w!Nt5qP*B6Iv5L#{Q7s*mNT@k{`3*PILYtF z6)B0`#YR*XEz}pm0nRHuMJiU5XBJP{@w>jTH8i^1-@LLM3>{cY<4zL~hHjNTEO5h= zlsIyE<@|%FxAM>+=c`;upAg|VmfZSf*`uevFeaGnIy3Is)k9W6!V8RxvSFjN`@;{GoSEi5S^E+1m}=n(nz;}S9K z$QrBsUBi7N^CN=t(onw7WA^1lgvkYg&{r6Fs53ZuV-~e@{qMhJ2~}LMKLh*}Grc^j z(g_Y8RDar84_2!Lu)SUv9lElcRlrae+@qAFX1Pj_IWC?pLG8#eUd~ACzEbxd7>%AB z;5Sm-;qtCYWM$l;q&|8VZioelDH;LmBrz_{umTPY6e0TZ{J7Mry}3j{RO9YJZDm52 zoc{vUNBso!U}C#_-Mvf}sJJi|S{&pI9pwxqN*GVYK~tBpUS+hoC1@>aQd24fEjjzf zDjp2AJVe9N!ccMhpX0jnJ}aA>l%mt+9Cl{jYQsT zL3Q77OswVl&h#jzzGKcEw}X%YP2>LbQ@W`Ne53U6!>^_7z8sNlKpt;u%DtZC@tTfucsNX)_ z%c^_YiauPW0W*Th-xNSo5UwUVm;-9=udTO|f!DHGeAZ=|F&81ZO)2&XcDvIP4s6pA zZ#~ml*ndCkcr0Mi>@@&*Zk1IN;tfE*-3IAl4~J4F{%rLVZCR2 zpZkd&?EUafQ@fQVhNQ4yjb*l4^aZLD<8jGJpoH$PZLrTRnYN&L7wa{j1^gHW-neZ{ z11}%WR$xQJhKCjAvKtAuft8|k1y~dkcw=sm1_MAn{|hmR=vx2hCo-aH)xb z6$ilUpYqFHN)~S3d)XbRjUpiVfydmJ%qfImLvy>|N@{*VyH`C+Mt!7{uHpa!@HQ79 z)p_*MRspCGi_QGGXXHkCJUC+To77_>3t5zK=`!OI@4kmL9m2mq=d1oD{_+wSKWQ(-$86}Qt5_oq26er-}1_FqVGeFKM&UOQ?E?Xp)q7RLK_H*0=D@N_bsrJ*0Dx88?!N=QJp-L{r!fW7We%`-^cr+A zQ3B<;;FQ#Gci)_=#pnN?s~lOR+Xy8iERWXjTd@A4ky@Va4nVM}*rX;UDXt}(;BF-C-40WQ$2 z+YSqa>&2mWrb@%wn{Q}YA;%Rk>h)Y~R+Hy7P*{;|ov89*!^Xqgv$~JlwsJ4UAFCAS z0!$!|E>0Ni!oIwcxfO#)g8ex%1cX&QJAFdCFHQ{xKtmfE>o}jQOH&!-G1=5e)rwX+ z>uq~jK@brgNP{9T2nTi9b*Ay2YBD`bcs45l{rU!7!L)=ZIXStOpq=}mUJCn6K1yQV zj)Q$tf5c@&I*>>+^!=XJnw%fCYAQXvBl!5+etRGoZ1WQ52z!;TZEvTZMg%C+$vT+{m5Xok^GH zsUJA++_}T<1_q|=_eaDjlpqDl_07$SjT_ZR>wio!p^#7z=_cgc|1^`=^fX(VJ2HIj zlFligkm|MVT5mAddl%TPuBcJ`=FL5|1r{p# zeQGK8N8ihXPSGsAedRua*SlN9(7u3Gb`rGzo&>Dm_S-jn6Nral(48fX-y7wGH!kW- z7dc;y5Z!HAN&n;S)dQ3Ubx20VSQ@7u)0!^`WW$alVT3GLXsm)l=N;>??d_{jxw|=@ zaSIHE6%UqLzel9!ydsETZ?%NPL<6^H8LTwbE&1kCot0Mk8=`a%2EoL?*kZ1>>hY9V zPnT{NGXBWG~F)laQF7DNpUd(pl&RJ{eTc~cdu$Lu_3iL##2 zC9d9=yq3+qctso{KvhF6X&(#QU_owE(N)j&5zH$}?BjhxDpbl{{XU`qStV?I&>*-u15(iea0aBXA5@h7ew(Q(aEl>y7Eh!gR$lbLdcVjD>fi3z ze=e{8kLxZiC8|lr(*84EwxN*DaS6Y!+u@0*+oWrH(mFjHf{ngOi8VK;*MO7QXivtU z<`3rxm#%piVjsE+A>@O8-qq-_oXB=nlUbNZi`n5;Pymcu`;M{pclxgj3*bz=A>SVP zdao?9CsH>LpKJ;6!C8*x-+|odNpap&4_-@wYNJZ=HS=AQ_dq`n7tsSwOdU0UBZfOD zAhg=e8bhrg$wEuLdsj^&!QQl({r_)+x}jhG17^s;zUaEb)Bm9BiG0}VGG5sC!5dRi z#Js_zB*;fnTAJQ5jpB=MTI1^xK|v{uW#GN5X1sHgISGO*ahT=8Z!1ph&P3x7f}DXL zu%sky(Ia5`eYwIORX8PeOBRTHaz#mRGIk~_wc?3WQt$~#dO)^cgZ;VT^qaMsz;dt| zXG)(7*@->KXk8dz|7Y3JMsS z*#hw{Uzmi!g+Hf#;N^=Qk~jMn2kAy3yFi?pl(#o0kocEV)fT~E;-7&R(x<9}EYomk zF{w*=@xm6UXK*}tJ%GkS+f3+!_(}1e(Q^M6ixh=A!`AzNGvl!oNW4DB1F67$X?=L) zI((pWE|&;KNVqRie(*YH1!Np#z`D`Y6UCbd&o4&Y%$sz9He4%p}T3?}4aM+tTa*Sv_@9K)~>t9`J;!DJ;DR zyE0u60pE)^0~_gZfh6G;#9Dsg&TwrFzN9vD+Zq)-LJb^|1*p?%o#0$in&RF7Cke>E zz)4600mwH@0Re&f#>RdfLBWmBX;^R{d|;;j7XV?P|C}AN1t(B`$`ob;q-UD21Mbb3 zK-~UjH7P+2?bH0d*Dj3QoFu>Cj=vLGTa>Gjz4v!P=2jI~Du2q~ooLwI1Vkijzkr!O zrUk26hM8jYy`vnMRZ$hZp`*Xn;F0o^NLn_YDlYdYTsqtj`QWNTa6x4UOiBZ`yN1*& ztx8#VC?e0O<;`)a{JsMTKbNftm+;lAgAafBv8)2jP5Q~PI$3#)8%VJ_6MDJTMQ}sT zQ|uAhb!mJaK#E)KOlLuirl&L|)fPdH212kpLz5jJ0|=-kMu!puK>L+5BKwd6yoi3d z5fGGF0DpVv>zs>>DG07|5~GjB(w#_f+xP%sIETnRcFB#h?$V=0ZF;be(i1};*9bMyffAT`tG%ac zX@1>9xHvjaC$^fnq=$rr2#Jf=rVw~pJj8J)L7}yHfTOnNTYY9_Zc0kZv38t`p(bVs zhKbH!^@RKCx?k)onX}gne-Td8BR#@-mazWGGe5Dw#0|MRmH$!*#L1cJK+{Yv1;)J~ z>HPopGf{Jqg#~Aj*7PSo&)PNu?I=rbhnTDC8yLKuyj#Bdbi@15SVPXMpK!Vw(iCBA zYzz=a%-rCSDq@>zy1NcFR~^r@9Lz%RCjOclxwq~>%fl}sVT-fz2$OISXy|wIM{XrX zSqG1`;P4`DBBQoHN52y$~#URK%!;S5yRb8oudKPiZ^ z9*y=3d=qI2tOnVNnHYKX-+|BaFj+Nk9#^Py>S>iRQK-F1oOvlzBSVWD;!m}4`X-VUXz@)Q4}D0j zsyl`<>~LycNA_YokVHKb^>l_|9-?s`y!-Z-N=!@)c?-V1tyS|{r+mS~-TkhFU~1Q* zQG6^L^f5eQbJzHeY*1BZYqR(Jft&^bv+i+5CMJfoj0~gA15q)tw7fiv%~NB~po?ib zb;5hJQuh7w2c#^dJ4?F`G$4mRMGCqxNMIIsNgrpr3U~ zlnK_8U&l8gy+>oYPM3FP10BS3IvZpIz< zd5P~uXQ+l8At7OLd2y_)1`|6ufvBk1iz2l{8rTJUR;{y=>{uvnm{pkLrXyTuqUE6x z6g5p{;NwzUR~i2!zbynthh;_GZa|2B@xt%t$@1eT>7fPb>CtP4DO|YHR%C{cG@o*Q z$_#CJg{JLP8!F?(fD~0f_K({SY>ORXM z&Os#Kor{Z$@~xSgm-m1(o+eClh`W=VrNC8pvI~D)^f0|mRzpv1ihTX$cnp-4(H{z} z4?RyXRH$s2wEW%UtCD00i}%xDgU(eK*?#{`hjN-@TO9IZ%-bHVbIBAk-l|2E(HsSW> zRnk|=|B&aO^&_rw`{f+ud-V!O>s@V2c5Wo^k-Ysx^d>7IXM2#tn&ABBWS>oYl4^y9NKWlx zRGFmW>P7=yHwY4J_FQJ2wcCj0`dlEx3@4DNw;#}y4a!N{U+hp8db&3&7<71*_WR4e zjk5A;&3h`Zdn=J`ZPH-s6tlc~&~wI_0vDsd6G~jFnyjp?%~zpQ1lRHrW+ms~l9nck zd%ee=#4JJWyhRP`rX=$7^AjF4C@l~MJ1jAsEbZDF8Li|`M!O=!Tyd$`wfY4~VWBky z#hWFlR5>m_-{gaZON=tr6o-V&c{Rh@Xrq8|cztK8617rFlg_--H( z>~rc(PBa+N$ZCdhZK*i$xVsRGi5b(1dBZu~xWCgD$hwBR=tkUPV`C$xlfEO<>`lcz z`GrHL=l$z!Wo+HshbyI=DLBlr)oxnzr%g(z^V>Ojc`P=pJs19aI7m*t0IGFq+8~VP z<_Ei6u=Ih1i~^Ea>uQ?PF+MWqNi|Y7R;Z)=r;b!cmZRu@T^tup$2;L&#&72C`7+YyHqdi@}q>o$W_2 zL6Fx1Tt5Av7etfE&b)XMU)YY(eb`~^u}Ct@$atHai8zMiqVbn*IlnNHm;WmRy}EaY z=g~r(AkAkQF)l_4+m9HIjvZXMZAwMgLZVL~qvBa5q~&UtXZw9``-|2t*J#N+HT{M& zoAIT6DNO~22y)1NbKTPG!7LYF2t*Nca;kmK+v8x>NmwC3fxA|GtTy6Im^*y$A)j#8 zWqsi-DbsHIBS*O8!OPW*bYz=9Z_ty4yVpez7In&0e(Z;^Z7c=%4=UTu3CO#;y0Z%X zyj!8`L&X{2$bA1UNZ&o{N#2uBa4kX$x!G}i>-JuzeB=lSw@foCT{ zfxm_HM`9zrrkB*qjPh|wdT`H9Sd;HBdI~&whE`x8BGS(JDQs?GwsxUsDr~>uYB03W zrqv)(Qc}_|+(&_lcX@Owqx<`4!AY3fjkLf}0W%6uIQW>I@Ar4VxbxK!ZVu#-cF&Ji zBfG_S7Gy|ocKen50a%ipF(HcbA=Jww9+^0#C1q)>LKUZz_i?0yp|I>KibjgAmlSi^ zb5`-WS^*_PLgdPL4W1%f>U!Qx-o)}OZcJQgVPrM=!%SP3srPu{uulBlR18n= z)mukL4fF3kBm&O&<35~`0%?X(eyD3vCZCGJA+N2L+dXdN6jS9l8^0wG5{u)qJyE_O z>a}E6mZb?P;Q4_*C958H`BDhiD@PwJYbpQjQH!Z}ogfE1CLB7oriAJG^*BPBgM-6< z_K5@t*M(p);;oHrYT5H)qk$F}&YL^)+Qfcr!MopB&)8dkbT~cZt57B>P=NjZ-gD*n z#@~jAnicaZ{&lhIw7MxQ>*WbKNK#W+3^1X>4N;#ruuOufsH;mtNdFMbPbHfaF|OK` z>`9_r-TK;$nDa?wSPcdIO(hkxV^68ZivN0yTju1wvK!BT%o<%O`f;W6k5KrfnRelQ z5+H$~Y_)}uZBBy$!(HF8g#{8@=M~)Ur8aKckh6m#R({1asgnmT8Ww0fv-=(&kU+7YeiC9{`RpoL!V;q6<2iK;WLb16&2w|-+rscbhB(J052e4_ z^P+e-9A2-{dVKKUi5%*;7b}U?3n!|BMVByjfp3Y zf4%3zx*I`(jA#pIREs8EdtH~sdSbwH8E~F}-_=D^juo<7I`ni`0#fi+#@+^TE1kLG z+j5Tp?e)rCSJ$fb{)TswbiTKpw<=yj+JbqF>^RxjDA-g<`rzM0Tqh>6F&~E8lcj`v z%T7)e!6^o6A6WZC2|g)g55(1SAqg^P#g`{Q8JIsgAov@GC*(IM`Z-@p>Ej0nPLB?d z@C3q?SnvLPq3->;P)tc7KV^bMYvg4Fx>$rOOzAHJYHz*0^IE+n7|X}U$E?*|%+SzK z*ylU8@^iKC;4U((z7+`jy1#O7EVffp<(c9ayO#%V`5d+QToIzt=p&QG)2F`B=Ww_% zDI+QQp0G5JA%+#}@KA{gkxG-+I%hp8v)miAw!bvRMuqu5B&A8nu7H;X=u?VrhuwML zYu5Dl$)uxCccfS2}t_iXz+V>l)Ip+GN`CyMH2RBk!H22Y>932LAlC&ntH!; zCUuQcUA3U}^|xy!;A+Amy$b33ROMFP%srfnSX8G82~jb{dT#?d*2(-5_Y2-u>N1by zS<_*EB?-dArB*gC#Ys+G&00=rRkD_hDFvTCJ@ZfEDkE80p8e((d11xdO2su5aSwG< z?2`>i!`^LEW8?l%Q~wlvw39tvAVXF6tWhORM&&Eip~=HE&u}Ug2BVbV;64+y+MDDu z$#pKC6U|Eh#lq%vruubmcz76=*p3aPvq#m1>3+I8I#i~-nbBznY76p{ay#yEx;##Q z*z<&iN>eUh*gBDp^_9rSoI~*S1K?mFcw>BegTW?DZ1gm^ZBjR2+oq3eA zWjWJLlgG0yf_ynrAWLV0NC%A}FLzF;sS9HCLqrhtjlvi(5Z65p^Y|)_)tQB}ePD*! z3Iaz3Ob@CKY-v$5#xEA%K@vcasa0C%*}^>C|4H-eEfmZ3ywF*ss_N0c%h+#Io0>}b z56(Ed=23)L54!Kt;KZuPFAu87QE_qcMP`L49VO}*b7Mn8bm3?^DdUD7PvBlgcu~HP zt3KBG(qzER_hivHRqUPjuoMM*#+!XoS6Y2Zo*%0R$B z^;wvrQ0x-6eLp@=SNUrqf*wRKu_W}|3}i|jpN09{7>KHu0uzN&vBAgTMhMz*+0^>G zmeY5rHPGv}FLWz0G9k3eWD$QCn3xU|1*LTiymp)b_aKpmM)m#O3m23cXic|j_kU|- z1s~>P1MT5D8{B`_3}XnkuX%3jmR$#P{oP5!|2w?`9rVCW_DiV9#nbBPTIC(;wXW|E z*L+^YWX|$be8fjXWyT^$t9RLa3;a&z+A6B?-o@LYZ>Y+sjK(UeIDBOT(zNtJz@+FT}*?&tL2K}eF#6#ZyHbJ z6UhrHz3OX_8H>t#IjqXKgX>AK*ivR7!ox5%tdN_jFoi zdRV0M4*mP@qSRaDC9_`o!3N(x#O_pe_MR1%PBpxjzPvAHG2lCh)~#NpQu?mEP-l+0 z)Od)driN`XoQhbXTiF|2syo@@XqU|Rnk?5>yt{W4K2zZE>&jr-&)wZX|1QklOkF39 z0t=1%4sRMPvc*WU*1AI9Jp)GL0u*km;Shp=hv4=&4lpC<0u|WNs6CWY_&$16K+VA2 z`FR6<7dVrdi}66b>NA0rM4)D;HOXZU^2yJyNsU@gt8qv-2Vz0sD!nsJ>$Og{)i3YS za~Z@0-|Y)#@H+%m%zs|bbn5K>loDV%oMZS= zR;E?_0S6SWb_nTRs&c*<5VFQWB?gR}nq$aSa)ydhOjMS(LH#T2;+Kof+W@PdCq#iR zg(YU))A}2B0&W@iUcZ0y8?6|D$nfD9802`%*9f$O*kUO~KCr)TH$P0D zVl@7eEXXNo8IMhOcNp-8mV35J`Co%p6OD^`}XmI;rHQ6crWrF8mTJ6 z)JVmYiuHjjmZ21p+#1$h>EC3nXNP;{zy!O;#>l(7sVA*x%QWh-#&d+2Abq1mVvJfX zf>;zk!tM3z4eCA$ay)w)iAaWcTJVQH7=7f+5=(AzWJE-CP_4(NiS<&AbaYsL_x?Zaq!xSxH2x<}G$jxD12OPWpj+F?|LK@wV7cb0iW3prC?&^v#9!q%w^PG=EB-7uqB9 z;W|nt&8@X|Pe@6A@SU><_6iV;-L(nMY{{do{e5Og-)8uqcm}7S7mrA^KaYQO27S3f z>+Y9f5M@-){FWs|u9E2+?u&@Felx>Ra3n7{TQv`pD|VCbag>oR?!^9f;t_szu|BE= ze>aDgaJ9oPluYQN&pC&V%j;rCJDN<0WH6RoE?cHRBcD>)k;>wl+7kK3>dR?uvf6}!NNiavs*U7d` zwFAL4(SmW$BdCx^bvbe)_@^5O8P?%78Vyt`jT^}TM~81DPu14mj>?ta3<(Jhjo_Eh z-QZo(fI4W<7{N-tu0lqUES-FCLDBe zcZYDP_oHS%^Hv#+KQZ23QN&&urf$yXB1@tFyc<9InKFXcbw%=lhQX7{>N8oH{*B0N zaiB*daK1u?K9OQktg%<(-?$|Y zz~{1rl@lvnV*7wVA|8i*UvAL3T(_L>|EvY1iw97DHffI*a9YiKTh(@L{`;wKKA`In z-sNIIyB3W>E>`pf&s%)|>wG+tfO%zQ%Le-?G9Ifj*>Des_07#->G0S*k0S#{jRHX= zERx7tbAP!)SnT@ z17U8JW+U61%oY>E_6-{!hjXMW&UL&i2a(78)e>MHHRgHz^_(yBhr#WWH!ic_F z8iup`JtbbJ6+Jzc41ViynbEhsgTI6*#Lv4u$4F3qDWP4``918b7~TIt+ZU(|u3Y4f zx|<@q`>rCAz@zJtT%nE>1S=_@EljZb#V?#ypF5(V!JxN$3YLPR%?4Kq!4L$xEI!#z zQM^vxg|GEK??V=HwIDha_dV_ZeYC7m^G0%=s@$Yl>XmxC$5B{&yU6}*6+DC7YYK}X zDu!>Lv@4)3v`FkGoze6vop>ywJLB2mv*oV}-S?&i-F8?rcx|GiiFrttp0-ER7V51i zJDFaQtR=IveU^ii)w<2I$1B>eeqmyaZEhCG5%Y^YTzt1(L|3epYrk0czwM_yGbjOn zO98@aB&<}qP;>Q$1q@~q9Lp4-G&VNAe!NpvaPjG6_={ZAC8!iwLG;NJW*W$Up2($T zFQsoU_gGU)8@UyS!DcfhV?Ewed6Is1>;DCTr4Tfup;SCyIt1s6EkOCXSX@?04(KoO z{sV^PY2(cxArK0F5F1?-N~SdoJHp?wU?qx z@8x4fpd{tAc8|TyoSLBZep9~b645>m{Gn1*#Pew2&huod#YMW7jSu;+(a5hN9Lhpi zv%1L8AB`eycm{)1A4FSDP_PcgBYB9h3zq+MaCv!A);9O%2Cxq7995{~w6(b2v@JLl z`1dX;tZw|K2V3vwtFN2A;Il2#Yn*C4h+C+8|1y$@BWH`X73MF5fAbQ~gBrYhA3AWg zw6S0HipztwX!}D0om-k}2d9@FB|e*u-XUt9IQ8_@Fv!WcOQuAb7<1mbwLp;oR=WjF zbv!lT}#c;oK#QNNP{@u3PNp07+{hET93Kwy^)f9X>Ot4MqzrVaSX9^FL&q`8L*HrB70&@MB(y1JZOW-0%u&JW#6k{Z4D_BJ?z z%oQCX`#L>uOkfpW&3lk!u*Sszd9C%Hy~R+nm~oCbNb*kda`&F}H~Hd+#sH_Dg7>5S zk67W@6oX5cN*WCi)2$&b{KYTz8_Va#F6)PM_m@h#_{_hh0NAiJIgS-dVE7UqK>L91M@>pe1Nuga#271w{R(=0SwF`WOJi2L#WJgPXW;bb7} z>OkU`;}_pEEqhfN8@HVimZmnx?_cQd#crtO#>p1iJ;i-zokue}lMjUkg<(+wS$5pF)1CbhL^FCdV8t?O1hlfxff#`XyhJ7dyiAXqx1 zcrJ4+Q9mD2As(XsP!_oaVHM_D1&w3-{%dE$x40n!?kA8R@YyH;eVX^cC^1FZXR@SUaS6N zPv&s^9N;0`sY(rGRzo2oo0(#T1zZpv`0YgIhm-y0!lYdHGfN3;`4_(8FC}jqTF-ti zYR3!aixYo2|Cw^~l1$u#gd?|0YLIe?_C0p39Eh6im5r`OE7@o&+u(}NpUHeb!v?!G zrm$;tOw8WWxRZDR6G>5D=XqyF9d&gagGR@wLOCqdAjvM3kKCAUzsBNRz6qsv|NY}3q5=N{MVeDq^g7V{h#0V zl8_FtZY1NKq#xlz&7ml^G{WaTe?A|T>2^^+b~s~+cpUfay|Uu;yTz9lNt{3=|Dz%m zJl_BF|C$>+1Y!N7kRSW^rw+uKM*%FG>5_qjV20B_`7=)qwQhsPSwin%eX#69Jj0~UBBAY1D}yzXo0Au5pRFfbR1-6Xj>d2$;R0FF z@fc#|aztCt?oJA)I(&2+9A=Q_>}F*z-m3Hm89Y_KMm8}qsWdv%B~wCZJWHUFn+o{( zhD^9dH!DptnV?Q#3^e?qxOE!Y0@vcm-Q{NNC}@$7)oJ!WNf;8G2MyR=PP}U{ zs6*~_qn~BAOrLn0C6yrfCHeOh8aaNK#GMrpZ1n;yjatRc*@$|xi~`q`^D={uM5xcs z?0c;;Ege0EUF`mHBW+LT+3hIZv-53IUYqZMG9eMzs6xe#D{YwAlrITOT?twBB=jhU zbT@wHOSfE~(9KpEB5#kR5X?_xi*R5aPFFWg8b+&Ti_wI95L3T(SZ>-p?zp@D>>`cN zqzNe!@_ZC!){c&~GIJ3U{+H?h)PRj>$R#<^M z`;jXXg2|6Y^eJ?ON+nkQ4?h0&2v+54B(RftLgu@ zy=weGAe-RX7WpO_3Hp3N%?`bD`Z`a2R=#4bYEQE@j`aHr1lM`ubyLJ)T-n(O;A z)W-EPrli1-Ahn7>*`oyRvvhU4(BLlAS|QsJy3=hdRlIdn2}cbGE0{HMhWq1U9Wk@lQA}Gpz=sD zL)!5Yz^4%8?IZr%pvhT~J^-t7dR#u8o+e-`rm}uOO$z%uHa1rzi-w6B8dah6#U@#i zF2jEwF|(OHRQc`A%7QX8qa1(2^EAII*Fq+FYJC2f0w4yLSsTIs_y*pf$(C`OKTOb| ziVy^{6%-ck%RFA~kX!iTA|M;PZ>QNwCbS3KGx=NoYi2rmcJRh+qsaBeL|2XV8E;E# z%lgWlXZlM!CVFLx5ArIs0H?RbEd-tgePHQ;*+bmP(~?4Go3)LBzN%70&l2lEXMUFs z{Z-~3C`*bOBTF-F)ZvOwr$i8B#4ZQ$YS*vH%VjMrF0mZj>`2Z;5L>el!ZFZ!c2Er{f^I!%AH1J(s)DFJQAlmi5vN)zOiCp}~>~4nDZX{cNqpeGe%s zE33wLo7KOZPC?BIM2*<41p)!oY5Eiom&5Il*WJbadzM<`MrDmtF z>}70}Q8_(5K_txm2wOg8iNXj-JO4`%2}xK6AB*YFpE-gxPcK}zhQfm22hG2w!(KPp zD==yQ5+tPm3hwEVaNuj-q6Ys^uXxLIC~~bv_AOS?YPNiaBpk~@mR2iW&>w4mt~z$P z`GlI47eoB&o+6G?yf@b2j?2rLWA@V=l3c8PxFUIU5(7t`_Z6D@$cje02OgQ&7u0tL zP5qx=R!mkZ=qhK3V)QHF4}3}?jTiA$^}RmT@D*xwd?2@ODm2cti}@K~ zQ1TN?huy=eSkUUQn#AQx2gtNAlTnJ_()iu-di}nn!y*@scsoY==Eme;veD46!TLM7 z)%Z~enQJo3GEV8Zquf!3gUk6Azja=B&rOB;7cc5B0Vh#0q#kCyVRRZgQeu5-ipz$= zSWzfSc#Tu{iQ!OZ$?cICm&3jtK@*u~rxp0IiYDvw%!+qfZTaStwCje z$9TNv6FnH`SL1NtZ#|@}^oo@GV~uU)atlsxxbi@y_&^;ZSRwb>F`gL1W< z=>SQ2dB(PPdvUWinv&%ClHF48r>cBJ?i-aEz&jJKgQm=pp*Dlx*#de>*p$@ky;%T~ zT}4@cnnw-{_RJw0`Z!A3A4!m?X&Gxy2l&iNgzw+$8ZAN8NflJDd~fj8GMaY(EHk?A ztzywB;uAvmmZ~y66T|}?F-SPE+;&v(=S@TdVq!==!LOHQ%PeWZZ^!kZ5lP|slF3l7 z-{*8X>}!GRGQVt2#Nx`cnW`|L7V~>NSlIsoJjsjv6b3^gf*IZ0ZE>QNR!6 ze>8&$pl!nD!|$!)sqDECsbk)6)RLhKEv7_@$&4XDIixT7XC8G2r`2ywUOQt-0KiMA zzri77*Nbs{xn$mI4Ebglp<#Y|0D(kN)|y_J@!DL%|2|=uqQnY~&f;lY`0|d(b$cYX zpdU@KoO_TfI562NRwjh_%@J3GLlg?%R^%H6y}e>tx55UJLe&-9g%+2zYpIVft;qb3 z_@u6Rl3BI2(pBRqmZL34A3$sH)=`) z$lJ;7<|hV+@qV5C$zZdd`UKh;*N^qPdm1=i36BT37JPFMb@6Z&VYp1l+~ktZz_1Kt zw+fq&wqcRTZI0*FQQy}T4Jc`grkr-h^n=b%=78hdc> zELyw>_ul*6?YyjeZxuwQ2(j+zcPo1exctN@g7#71St~Xe%&OQkYsiM(V)@A z()>j-iIQZ5py51FD;n-IK7om7?nwPVihB|pp_Al?X6=UgBYB}lpRbu2WJ$cR7y(N=R^LOiiA4CbI+O74J2Wt!7X!Mxq!*RZa?b zk1ft*+~a0@s+Wm_x0x#h+!gUb?l@@}$IhxxIme&@hgX=8d$0VB|NI)9dcVTBUsG;K13^r7F@|P**QCK zF9HPbCT}2CF56<;rS8mSiU346UlhtK>g6OlAQifVZ&BVuW(6zfTduSKb~ZXc`$Hd+ zuK3M=vmVM>f20TLLl{g&;Ss@Qs7C=J31PQ&tuj!&#wZ@M0`T%TdNWWr_yZg0t(d5e zJdm@YspBQkML{87>+6evT+N=75X1`B8!*s{{Erp@l74flM@<}s!XlvpNo57&!cL4Q z)&XO6>jAjGCIs5@potl3MCinUfq`i37a1Tx-iTzauVeG}M8$s?$k%i->!3ANziZyw z=t0sI{wRSr&bLRe?@qcTNpbagCKH=Hj+XL$Z_dwF!*s1+xLc2ebsPmLVFxFygPI== zjQl=DG{2VCHmE!vu8_KP2G(-HX70TTY=PC=Y9`>5i>{~-C?L!Sm zu4(MA)r;g41RG6(^=`Pm_C5GsWxdo;zSTkCakxOeVF<1?Y{oiTZf=I?fU$vnlD0{R z2EL6@_}Zce*r&IO@{s$B3Go*Hhc;@frPO(n?(1)1mwPkjr$4({!5gq+snBbmHEi+w zz^=zzbS$hkHan9p|Ck6ohRCiN|7*|VAKd^)fDzID?jQ`{bq$MH1njwF8<@ka}6iXz?qM*%0}WM=J=L*YR&p77NR_c4PLA2)Q{BW^$}QE!Qh z3*wED%ueaKKHFSBw9j@(5cj z7mx%2|AOW!bT?PpJ$HY!^3+)jgEuGzoncDVa%Br;V=!JhU{i>~=u>^tD*pf!TL7o? zL-RM$lnw+UFOSj$6#p}fJ=~*xn$V8?KT=C0x$jQGuCA`q2YuEm$L)OhZ8*vQ1OM^< zLM@r;6%w%X+)R{p1~c{6m}io31pvK}_iNE0NG9Z?1pxmv3T3-{dwajN(`Fq4%uNDrdJoP$tJ%ourUc=L}4&mxn8Ss6} z6{lSDy@>JBm`LZ6h9cwQ!6RWnO}FI_;d^F?Bj~IbFPo^qpI^7rm!w>!Hig*AOXW$0 zqFFE26Y%24Zw7Mb|E2R;-?CMkJtGtRjK5h%X zcU=8~TE}WNl8j30x=WLAj*5aJ@pyk@{v)mr^wMM?2%?-X75Z~$hn|&&T*RYqsnJd* zIWLc@*N;~B5*-9wPK87nh_dsS#pL(odx!9t8zRT+Bj$Xoh}LJbx>3_Yn>on&ns!`y zk{ejscUe#>4T-m_i9j@B1XGClG8(6^1w3^?gj2`;!?;~_v`pXj@t8pqpK|K`G zI`HH>Tzrcw8Wu{_Gt=I%ATiB7<4Z1u8J??yc_K5v--nCVt6zjj1RU*gKw2E$$MQc6 zxoe=DN%T=Dz^wE(Zd#A$T_jOfuWi=zV18r2@pTL~;d zrtCroMM{bw$%ptp`@`Oa%TCzZC(2A1)U}h&yW^-g)|~WHk~dSiDw+HdlDQ##`n-f} z2DG>0s2_kbjCuD5#2#)rmto=QLOE>Hpu8ZzA$36WY|znouOz-BN2*y;!4~A!Q5}$@rUk(xquGV|qr(yr z5#h5N>4`>dh5y-~V=?P7 zqf|Ho&Xu*@=MOs?A?u5iSCSWX0~}VjZTS*zU$%0kA3>Mgh0a&|+RxRHM!R{!8M3XS zy^|A;dsgdDA;v#08!gL$;HXKXJ3N-?S#917$Id~+Yhu_C5 zq#VXypzsk{tH57I9bDq-*t~LtbIVCXsoP#!k?cbehkU7_x6^s|IM`m}|?fe}loRcb!4X#7MdV z2gi=`u_;)t97#5^A>nY}7iD|ZQ~N5%^*pp9v>C|q=HR;5xf?3VWHZrhw}xLt2%Lyf zr&wVLiewJ(b81B;{o&<8P_TE-e2S4!PbWkpK9wer>qX}k`zljEoba-096v*|H#q!P z0#9l4R!sf3ouU-!!lrRsmikePU{pK+xiMV3(!9>of@$b)uP7uGpVuhVVB*V4Cb<^% zi@AS4+E*^b<|eS(6@;YX%3m}m)o_`EWcF~vt4_pWY^2;c^(mCgeBi|`HY&kLlnw!% zWgcv9h-$0rc4FNN)YVKNa;cbefHw}SJky&DF+&S&;Iqs1Eb^X|DTmCQ7R>hjiu>o` z>aHj9t~I?$hJt&{zANFO7P%lRT0RDH9o2oEQn2btBQf@k?rU*azy6j$tXa?1cc4B6 zJBLNf$LN(G@RI!Pk*%*oM)RldD{^EJDq-UKMayjZSQ>t@+zM zq3rcf8gIT4JO&?w2jHHkiK0dT@hnfb+Sp8u9Ia3;j<6F6sQC8WaQ$wFdce|)2Nz-R z(n&qa@H&`QJV#+RU@cP3NAF%38C9`>6Ay4F2nJL1{1QFfi-$ex~>=66@TY(V(HsA*iu?8n`C)8iz`d zkly~ehHA@KwY0h*Nioo9oDh{A37bKRcA3K_P}MJdhz| z@)Gf=z@Su>+%zJuI9^q??Lqqz{2|MKFDmz(4+}^`u5bxK(}MjG{a`SC;ubSlbwxWb z-II3O$9B^z((n}|dI2A4jROj$7?tW*N|iwXJiCdxj?!CHkjuF^A~Vq}=3#vLN$Z=V~xNW*pV6*GfbuL!424u9O3JI*#+p64{i;_LGI!KmyfU$jI33fx9 z+4Kp)sS*hds+yoCRxM0)Rg>;gpkov3e$!-ZR6%+L?k9Y3~ z9umk1Z1##D*LcSym+MH8_v^R3KC0)vRJRTY=e3#c!=Y>l!bin3;8x764h;)KGr?FA z3H@D?cQ-Yyf_C}iXr-NKt50EX2sL?nT2pn2`3}H`8&3_tdVl?Ps@23(98Z-AvC!h8 zQ6vD(PJQ#^@-Me;=x1_ZmdZ|1JG&RH>SH}qF2htN0EIi2_t&YQZ5`CyeOjt<=P3-w zFgFx7KPX07|0S_r)kUbAYYQP0W^^`Vu@ZgA>t+#uP0`S1KEcjmTh0 zmV+1VvY;T1T%?~h4>`Q{mWITlj<48WBO&$ybVO@Zc-OpTY< zvf0vx*ie-`%J?WuilH^s;$?qOE&zMvl}9Wf8}`Ra7o?3>%BdyChX1HsoW(j3CE7bAOC(od~%y5O_Nd7%^>jJT%X5@`|DL z<6eE#?JCSUW6Gmtm6xCKSQ=iVWW$2WxXqoQsm@hcb|2>2Jk z*E3FHeQsbtj5q}}KvA7)?H$udTDKCNWDNoc#q+t>OpT%@B0vRegs0{w}hdnLm+GeSgw0fRr>zR(AkIjsTOmn=nj z9RP@BZm3V5Y{CwOYx!W zn}c!my3v*Bn&WAw7Z-R1dQR`IAO5Uyd7ZwYu2jH}mq5kF79bm!(GdjzpVU;nE}&tl z#pH9aE?(P9^q(=LmY=PM!tmO9O4uzvm|QMj9Ed=bN$t|&sZuz=jc4|4j;?99z8@CA zAHLNNELSCF6gw!JJ9XQ3gQ1nykI}I{bCi8j^Sj%Xx#H&kq~LzzUc$j81iP22+&8P8 zeuiEdNhfgR1`xwviBPI~)_xi;iC<=uN(ro>vj~)1?m`EjVK_$z=%{@76X1q!Uhr=sywY4JLbh!XK3A41DNL?Q`JLqO2y83H9i5F+q|d7)Uy1?5;7EF~PR zeF#l|&u!@gG|xbTl4dPuVekX#eEL0|Jjx_$`sJCGVqODpHfR}H`sAyPqA~vb5BHMQ z!NjxY#4_nQu^fJv3k_)t@3{NlU?m|SS%ZXDHt?=^Yz-y62)9pYDekS1Ul`zbS|(Ik zX2%5Va+#qCN;PADXessfZT7AOZ=9@2l6}Nvegi=+R9e7XSm*c)uHS%{tQzq^v+F== z)KmqJHPbFZ?(UceeX~axcGWniYh@7u#ch(z@Qv$D+%!20-pZ6cBRnC9fA$3oAb(vT z{J5n{LI`@>w3kN4GWPBJ#xQ^$JRl+cq-i|7&*go?YygosG=}pj^@4kp+gQQC@3VUt zJnbY5Nq@_)CR}Jy&}tNs2&aC4mO*;+OkV*Y20M-*5hy^z%|ZY!0}MJnWCdPq@Q_A7 zhh$*D|B>DLpBXJ+Ry)1sp%wtS2Ezx^uY<}Xh>9qUJP-bC$p6#ekdO*#X0JA%j~{#I z6?X2=)IA8l?C(5rJ?TcYn8;!4&PHW>B`w4Y zqDUQPCjMpS0BEiI?Y2hEmzO0OHg{q)8t0v!q%(Ni3MZ;SiARgXpPUH*Y9IuVE=!Vw zV5^Sb$Yi3$s>Tjw(b1f5jafEs4qXwbMu5Szg7|-q#R2Vfb$+Zm{P*`^_Mg-i4NQ0Y zxA*pfq(aZB%}X$Jd=g~l0f?I{_C^IHxvbpfb4THM@>0rKoe_rA_eL?u;+Kmx%UQ#o zX5pLeF8~GGY~YYs13A%sKl0&3$Ip(1Ik-e0F;`1(EfyiaE&ZMC-xH{Pi^p&1`|dtoL%09 zhKFZrvjq<8Kz2#{zKhf}_Dd@gf__gUvp$^H^xt>th$BDu53q|uVGge9@+o$%`y*(w z*{bv#+_NeYR6LT4Tgt=QAA3>D05I`I4c`H}T63h^C8bCKu6VPS^PyfaV!FmQirh_13)Gi5Oi;yEF zO6eOWoaK_9o!uS%5=Oa1s4iRH+Db zPE35XIv)FPuaN#vKTQJOH2uH!%<2CV-}*|#2FeFLLZKK|nkF%UgsO_3f=oY@JI(d< zUNjg~4etrU{*^p&!n&dOYCzJHm`Y9m9wTrPniQ}fQ^hS`8CST){C#%@ydDVzY!+Q& zi}gP*a8RkmpMtY4f z_(RcLMrlT<{paTSgxm7J6*$Vi3nZ*7o0b`zlEJmiQ5n62xHXnt zBqmS}e<|eHS$?2$YfMm&-M5D`JY;Lu1SeGwy!tM`||GNR%Gt@vtUE}Oe(g`_{s9Ua(=Ulg34 z-Iv5s7US*)MNi|`GLx~9Vf^7AKjwMIM@U&~V&rnJ0M&(aVt7zPl;c)s@ME#7(Ag4+Ek$_^!kxd{O@5#ub(}LL>={;(+G825HS-Vw@IHG z#-wv&UhiA#-dXx66Een!N(6m2l6Y6tc&Ife9n9E>pqVpXS~7Z%s_i(qN0lTpYWT0k zDS!PAILn$wLWS<_h@-;94;s#M|6BzRNvi$`=>F!ti+wcF;{sl!Pc=<#S$O6!=DV8+ z5~1nggz;YQ(P*ij#+Lm;$zr%Rg|Cr?_q7FSB4`#GKc~(4{9jXG2v`yCxO+$swg$C` zy-XRt5_Fdi749cjQ7w%?@Mc5rNzDDBqIy@1kRp4x`OT}ELuPaB?>+pAgi@pjO8B}F z$iY7fy`r{$wW=X_>&pbOg>5Ak@HwE2m?D*~y&h}1+%08|&iUwNH;LS|+6R>h6b%c@#?dJFZsT|9W<+LZu%Cjdcq?J*`4&ct2cI!oI7u zi0ZA>cl3+I=zYNewsyAjK`YX0BBbs`(9jm$V96r|oPBl#EaOJi*J3$ah;`tK^vjwn z69Sza6ghxHD|ThBX=`S8JUqShqxILrVI(B@L=!aj@G_n$h3pq)+1aRxr1QH(Y9C>t z?~jDzP7Q!q3D{CVDg`d2<3jC zd|e+!+Cvk#^MsCLStyR~(^6<;OgG?!+P#C$%xEFe>Z{1QzaC4ugS_5N8l(4nu`?0x zme*Ofy6eN~i8P;egmx|x`>rv~Bi{lo*x#5Wgs3wC1!V>tTuQc#ytnUi{T2b~2@k`n z7~_T;k21T_Y$;Z~QivRjp%?=&t<(95wu1wJeR8ow5q)jhlVJPHGNlHh{@P#+3r0vk zv^?<2ZzX{x817Y5IJhv4jK?E1Pf-%NLQfj^LCXc{S(6=vFGU4Zlut^K-)M^H;!jZU zk#jClS`GRTL;A+7Y>j-2K=76+T#tf$s#a0~o2C7`G2Ld)1=Sl4!J>UsH(c^jlxYa2 zqcGSQHw*}Dqe2Dt6qa91?k}&5EaEBIReyiTOu`7tH@Gw;i0<-kD;)3&AS116pI^}> zsT8FMD<}VIaQ zm#sNU>K}Kxa#Q~Wfp4#%1Sup`NXW8Y8Xc@Vto$=^W;AbW94m#W*3MGIz*n>s71s}iK3hiELLsg?MmFX?plYJJO zf>vJw?0^eL2AbD7yJm6{zpjt~b=wyXF}i>tc|;}%=|-*FfLaS{RUOq43ypYWM;q*8AmsWsp2m;_ zk$EdlhuM3FF8nrMoD9}ML;6>77!?D+_Yc?Q)^o{RgUVZkG=}T2-jW~~p2ZQ%jzUxy& z2XjOOEd~j4D|-5^e01ij86*T*G%oN#G6Ep>gNmQ#gAPDuw;Si?d|?7ntxe0~5Eg{k z)usA}L^Nz;yLj<>DQIL^vAYf~+N}qT()iIwmuwjYNCW!`v_}?>#)gu*Q{;KRRNJ`n zP2hrlv)YLNXaOc7-&m-!^`5?MgKZzt3&dIWU zVgt>1g!S}mgo$0nh^?4kQP+7@9&S^2Hl2K#e6zdshD)A^^pJrS>v)`-tdk&UvzaEO zTG}3THZG3q@QBiP#wAQmD+A&E2nsaW7cBHwkeei|#VkcK8+?P!n@Jp4Sm=JEMR62| zm69C-1uAxaCfFLOm{z^De+&?G9t!Zp2D4X2QA~vi zY(^n-o9?s8pjsQPCC~$jaN$N74A+r#5JFF<9kc1jy$;bAd{K;3by;{la|W|7D5*-+ z0LjjeG=ljoAdoH7#M=Y!Byw8#@WUNH0Z;B?yK_$66C%1@=GE1>YLd*i|7d4P1cNaf zw))aUf~8oCi*W8nJC7)X7ADnxNyx*yH}TdXkl)E8Ofp9`9J|_+mnjjIOc(T5N~|C1 z(`MqLw;hzQ?5m=E?M~oggH37*1qw(hr}@_oGMw}cE;7sl#IlYkk`qhgr>ZQ2q+RmL z3na`CY(xX^_rHo|p=24}8bd*$;XO5v_AO;kH6@>0?lgms`LaW*WiOr(3uN@=sF{b# z-S!eV6DG3Q9T^j79_JYPqDr(LcPrZ&guE$Q34$o?gwactGk&8+Q4PK-rXD}vG}ZG1 z8(phLJ8UzPDGz_VkPakt_=NzLD(pWTcYM*xj&N64$>gVtw7K-Ev23&{h+^YuD{t}8 zP_A}1<$p7OHgF;#+gkQt(3mc94v1C32}jG16B4y#Q-Z7~dtq9R-0kRkgF!o4qb^Px0ZqW0`@}K9(dZ>L1W6e~cgxna#j~87%8J zZD?b+LPFf}pf=%YQe7~(tA9o&>*osuu)?oGe=p<}H{e?{Xr5)vJguF2uIMww+Z2wA zPIX~4#t#=vNP@yYN;DUii-l2l?b5cbVU||zT|~DLzO()KXiuO)SamFRt9;e9cb>Y} zL`3j@TBmT}YVtK_U)pd%foz&#t~eb(dvj2b%j>?iE20AZ-A^U$wfR4UquVx!M{xS5 z%F_DY6juk!+az~gTWOIOUPm@f?vI%HzR8|7RUD!A9LN?@?aXaWn7uo=;4daS+sXcl zSr`zx|KdzEJ4}rB_H(}0S>NmfMKfX{iNX982>+AJf%s6qh$A62bCsUrYHc0f7b6uq zOWkV1b|%&+ly)0t_A)lyJRZeVa!ej5%2`IVH}Q13C5pj{<(b-oVDp041m8`eqC05O6*{R{&OMB_ z4COkkmEDp)QN(1A;L>G@4N4oued@}e+3m}AX&+#U0(oveg3wJdO3tp@1?SCDW?ING zw|N1ioRxbpdh1WQVtm^Px+pJkh1fQF{Za$-?Ks^Agv!9&a1T$leZkA{KR_vd;0TH8 zD)4Xxl&0Cd_(Vzn7!oc(%=I-$SNRJE?<@bp2o168Pk`l%6ov+43N0W3=GiobWrX%O zw}$B(@Al3`5$3J&6{9O@^1Q3G{E$z_26R#w%{>|a3wvb|?xh-DoO^Qm+x?6-TRn5? znD}ZR4rG4IHt6iA|4A9!fp-r*pEIJ+?VJ#9KcfvKdwgzrkP1E`>g6iWKAz+@#0KD@ zsopE1UP-GJLd5m1G!mCt-*9pG+GV6Bu~PWU->RllT0E5(TsTXE&T)^%6iPeozDIbWm`Tq4v-ZTsmW%<~W zpw-B4_2jV%NL9i2W%of2J#-+N%)D*BuaE*zh#B!pr1`qK-8-d&9-0O{H^op2J{8LJ zjPXfw6{m9N^&k>MjxckB@IF)?T#yXX?RuAfIjc5r(s}-c&Ew6OtI?%^xTi_XUG?m) z(aK`cxw8fRo9723C6gO1%2cp$e@yIZen%eE_E}GBi}}h9o`7+e(jDV{He?BxLjTW7{I49)3wd@c(BrT>ez zuMCQ->$)UBaDqEQn&2MXt#NmE2<{MqJ2VbKLm*gi4^D6k7J>u`!6jI*;1Za_^FH7F zn6GB4rfR0Tib`(xJ-7SHIeV|Y*4pIshfuTiCbc`gY1AK6BkI&$2%?Bki<33i7JhgH zvi&!-_&b?58I&~YHQ_W&n{#PSKWPb=wsg@#WE|xjcl&z7%-kW%NZ_wi^F?$p(@tjG?zO&DBYJ z+O2sAw$eQns>v;v3SkbS_Gjh$aomUQN=rEKy0ZGA=hLw;eLqQ@@~N1M3FMVLITk^D zHXSAm``;F>Y{C!X@y5DZLvIZdmc0sFR|-Yn2$HvQF{lYg!OsPJ-@&DYq*Gw_p|8mK zU&hmnY|gqZc#4t}oC=vu=5xfkY>bS@n(l?)`H=%8qeYYB2|9M(6aT?+j^8AEA@oNy zlOFm>9EtnVP_s-z?#x8nU!gZC2optZDR16k8R5my$1R|(yLuM;8zBZabp5ANP z(7uMudUkxW8{gG$fAd>@753yBFN%ke8n5v5<88^@SZUeZ}amn>4w?uatfdqBp+D{d!h)kOmZcxe`DsPeZACs?`XeM!KL39(^^6 zKn_}xe=;w$sJUqxq!3JuA8Vz#dV4Kl0au-A8XZ^>nmjI*5Qv#mxBiAdVL7HdJ%j=Y z$89SbsgM^bHpQN?YxuxOz27hdNfX|6$D7^pbE)Jnt(RJirFfRy#ylN`6~x(}Sx_ER z-ht{E@NIkhq$8h)2}83UOzip_bo@g=rJ^uLN?1a&0R(;7Ija%P_sO>W+Fuv|Un9L9 z-Yu{o!>n^1N=(<}HPD4MBZ)$BvxL{2>%eh*WL9~!5n|IxdUnsOrxzzTq)lJTCTW|PrVF5o1-7GeSAvNz?$0qnX1UT2LdT-vs4Mtl)&Me9^zPjglTu;2U+w${fecB7bkjdoW#{ZzR?_> zH_VsN`*Mx4U?5R3w6-o+Hv7-ss0`V&>-I!wxB)Yg?jK{~vmEq=dmI?%U(Z*!xfw{& z63RhiccEeC3`x?>A!@(H;jK?2T*rRndn|;q;G{H1krvB=e4I!g-A3E2h}g>O#Ezqe zbDR=c*0*4`A1?bnwq_-YVn3A_b)4@5LAd6IXV=_&a;k+2kW3qqd)?wX3f4%{(cnlF zSQ(_k^j>q5YcA}E_hOxf^{)&|N*!pLr&6+kti3H9+8?Ll+*>Xla>u2Ta4z|v-Lo?{ zB(0avz#>KwIaapWI|4lr*I_zpK)d4*!~Tivv;H$Vu!WZ=O#&s!I`-Kod+l*lk&LGs z->RK0rWxBV{A_^B%1jhi2dcg`dm~R%)skXj78bHPuN(-YnN#ltNfW+P zyllAQ{iT(VIo?9dR!NUJ%uoxqLKPFg#8BO}hpPPLjCT}RkS!1ZA@&clO zb&7YA8vw&My}c3F6cA!7>yLi>;w5033bB_>h}o0IR^qOurvWPhL>GIZSURhnGP- zP2#HvZFIZm=cKzCP(Iz;B$5d0)-SA)1QqX+L?qt~ay_7YJ zh0tP^i$qwHTGI7knJAyOl$ZI?R*q8HssLJ@0SS z4~R64hN-YjJO(5Sw7$6rloa2x?6#2miLWT%840_JB8o!;jmV98Z?Zb?psafx=PR~f z6gps~rc*e^M2M((U82Iig%Tf>(D0vcMj3Jy3OET9u~kw&y$S05E2e?Ig7ydNs-i?_ z=+k6T*7(bpHm1Z=K11Q!Vg4cu+TV>!UatsuOX(TOIqn3Qvrt2Zh$3IxR3@p;l_kiY zr#PdBaa1=le=3>QXN$qS=qnm7n^+HelDYKbE7ga{d%V!zADb3}ee-2$SH?lbGQ;Ew zAR@`ovv?FlvPh_WL$ozqmdhb&d!;UG2F1E zX*!#&)(B@ctwnZMrth0$8Je+;O@!KZ-8;o6cFsXNZDtK@+u>CY<^5+8748YWoJmLq z?%^K^i0V7N2@-~K07)~238}LoZH>k zOuClTx*daNi1cQ))#XJ~GHj=`o~2T#Lef?5h3|Jy!cHvR+|tRsRGJ}4aRd=%qKTE^ zo|O3{ONfByl$P>ZNMH+DqhR4uw)k1~b|?>hUq9|}u{C*wbVPBGt$paiJAXyntVrlU zmg$lgWW7M)s!5HiEB;-MQS!28bv-ohxNpYp#1JAlhS_gWI74!?i!oAi(GR!z^+l8s z9p1C|R%LC+RPX`1QF&6*#;qEkhY_)sG-lxH;9=QP9!0vV?-$Y5^aKKQ8J-zw=Bv2L zI=1HF>QuP6Gpk$2b(!BpQiAC18HnC~scmp8t#TpyFFPcSXtV7OS-2N)@wSrXBISvF zjCC#)Hk9&UD`8HiOoV52cPrTA^*{2Mr zlV}!g@IaMW$#yo1+$_FtDT5S0t^`ACyPaesJwE)f(0fvN-66vyaw15ZzQ9Cv495u)KmqCG?ivVR7Ae85SLKL6Nd{=qrstiE z*RNhcE_ny9?nP_M`imW-3ZLs};Mz2a}4O#@>tr zF-Kl*i_Fp3>Z%z7z5b1uUr%%(~-tKxgZ|?c~457ELFPTSC=l6UoULxg^?2<30 zTA7CQVrKv{1qB7a{}sar;ZF7u4yzpwAc?>mh#?$kIuLTb7?YPD?jucmf!51;zz{d5B~aU==yiT`i-xz#c6s~CeJ?B_fiwgTP*T^%KC?> z-U#$UpI9A84Uj3U?IcSvsMVqXiB4QzH3@!;kVQNJlGOUrx8# zU3b@gs4;A_hqHJph}oZ!^P}W`!CGD2fq9a=-1s~gk4;Dzx$#AHeG8qE^I0;jML*13 zukpsE()csQ?d1V4vP=7;PAmGQU&0~~x022(?q_Wkpn@owRk zh%=|owa34~dHPwivq}9qbWi! z4~-{V6}?Z^WI{ymV+hz8Md>^?$7q%}Zp1gbW4A^51Mk4h(Ha9L$ljF|N?OG<9Lk~> zEWMI_t2>)0p8_il8p+d`wQ-NOfx?Q$^xj`ix_51r`cA;6Y3Sltl_B_jjIWe(nfeg| z%-%NU`z7Y~BQxoj$U}h-C<%D72QHl6Tj~wsJtfDc%xxF!!-%npesgy$x~aZRJe>;n zu22r@sMn=}aWxoHi4QEK#Fzb_T4K!S=jXQs9VKLb0M=~6gsfTYslQU_MN3!mlGWkwB_T|HR=kK(i626CJ|ltP72$Ctx26s ztBTQO)w>~qN4@`Dl4}35$mhw9+r)XGlCu@JchrD=2Oc-<;oIMGsU!)^GrQaY(-+}y zCg(=2?Ie71BqA!Kf~>5pR)q=P#+UekmJ_^*DhJ&L`x(j9tZ@15@g-m&N{$8y~>FvCNebVgwGXd|5DhiJJM_ae{fK%L+^r~PIuHpiNneta}Vedh$ zc0kQt22=|(#k&n4l2_1n-vn1}qg+@dCK*b}6#;X4^xLW1jD8utH~gJ{n}iRSI-H1+ z<*<{qulu7@z+BICbGeW1Zj*P(gL!wxsi5QhiHV3+2lv5*pWdH^;rGvG)8Acqq=alL z!G8~$O);&8UUs-mzXA^c3D+wnyg4E7-N+*$FZ|2^&0KtGvDTw#rT{Ou1;-@J{k}`n$FQGrbl11<05V`YYl!c zOPSpKJUEm_FIKGb0oE%W1B3(1diB0feIFK(fgK4F7AX~?Ov%ybRbXyKMPSe=N!#G? zlQ4~0w|CL!bU>K2iXz{=+VmljBRQT#h=NuTp9oT*{QmWW%MnX=xxxbfy)3Hb0UI_5{@~q8h$VshKe_s@7Nl1 zRjBN+*2iJ@2Opo&h}d#4PNv2rpg-0Om}9LTby0p%$qs&4UTX2$=LIWa>{?$`PhTNv zOdI}}o5l(W_SCOg&HYP4d=a@&AnD_8!@#d3hCYu8whl&JckE@z?f4eD`Ma zihbXYANoq_Y8y1NS)otS^Ij>dwgdhicl&2=DMWv@H-F9;r%Du~vIRWsOJ&wai6Nd4 z8v0(eT6lY=JSpGe%c8hB zGP0hYUTK;0)FcV`s)gpbWtww}EKiD%Xtuktskax_+UwwpD}p)rw;Rlg|4HBlMF>V$5;=`LI&L~J~8C1h^1r{oNF-+ z@n_f)mI4R2QWY<854X(9!ST(zvuIuBfh2KlXwq_BIBsaj+oJJl)dUc$@QzFb7^SIURR#*Iwo7# zE|lL&QFj~Ht|C#i+6FceRWAQgUeUuA`K3Xh;^*Yauyj&k0Yx_BPbgJ}57e_KZ7uw< zRps@szLqO($;yV)3#V@FOct)2)$mpY@u`)~-4o4YQmSFn3}_|&KCkqFsMs7NjMd7TD+K{h)Sb5%d^GpR)HPZkncSZ*Y- zI_T8-fl_3-YB`5vG>2N@`p;VU%HT>Wi<7rSaw&AIg0F2abI#X(|2Vzs@FF|;TO7YX zFsKD=Z9+l2>~=@H{XMP{Rl3hcvQKcJb)K#xlQhU{ zzjV+lbgIOG1JUaKXH0MkdwRm|udcUE2P9ZVGgy0o&>48yV!E}=g@hrW{0@4ES(@D8 z*SCBciDJq4?b7)J_r|GpKVL+UoXV6HxGu4_hM18HvV$`75EqRTW zw%Tm@p5y(b=V}}?XBl6gnE|nfIJ^=sjXY%c z96=Mk4&R7lCuXC5l5h8ya^%Xu)lg`QIyM6yVX{SC%1zDk7mNNxQN1(Pj7G^5@Q4?t z6S{qg&qYD^@W3FS7aP{{86Cd^( z4tS)(3Df#BKEYRt$LMs=V@p)L9C}bDw>Enf8Tc2uz@sE#XS$j4)wd7Pk{1`zXC2;0 z6vaw8k-z|(xvQiMGw1;Uh$zz6)vD?&W%?$EpJE-Z{5_=g{IgkBTVGFLXidh<0VS66 ziLj)7e!91-FEtiBnQx?B?z;+{#&;(2Q(P;xlx)a_+_A5nem@5O5+A?w%f=B$lxfn( zTDGTz!lrG;SEmL>iTP`D{|p%*5U@`=fd>y`=K2G8@W9#KSu7%B(kTrF0%H`|RaF9! zPPJal{#;m{bp<=&cy25|96BLeuS=r?jiBJ35G>E;Y0jp6dTfP61`Zh!^Wc5uk5AEs z?TizX8&Z)Ny>~w7U~ZcD{dFC;vLxU7E!6KRI^p-es_%+#NwtA7dad6#6SsEeckM%Q z(kdyKq}+omL5bqP5MUsC;RhG}KwS+Y2`?`%3MS@2U18LKgn{R)yA#W(r$!S!`XpS| z1EWL_F@-jY=`3MDo=EfiK(T07vBSuo@;$YrAEv-lonQhrQ!tkxiueKxG}gS3^yACl zlg|TgF9^j?zKL1Z1@_5&tp6lweK`Uwu%9`vbjAanruo+_?PxS1*9mO5JffT?`DcHC zGG5~I>*sFwlEKG?RHo>ET8RZL@X-YDaYyCi3BdV7+$vL7vs66XIdI9?OA1r&ZCSa$ zKd@2wnfX2&T(Erg6IT5vI^x1+lp?+_Oxoi}Y{!b-k|=6X!z>0Cn^)-5blp=w;_>4} zZcg#M(kFq$m32lhzo+hnGN;E5pbZ&4X%!D2v!1fM0IMn!J-rMX2h>%_?5W-pONMT2 z^EWe^n9vCU0&O$n9}m9R`2Ke^`=HXFv#<( zH+KFg8F18=n3gFY_1_U>^-Y@iqp^@>$QE+Z4U3MxW)rg78cL!@7)fW11t~AID@8Lc zEG*33dITu{)hqQlbMP5oyx0_yWz2cuxCym=ig!?MZy&O(5KG8vZ$E&$6@59cdTab6 zi_awiI6D-ola_Y!`ex?Ex3>1k z4^OOm@(&s`{U(H<6H+VyJEAM%(s$U&XQj`|7W68gU-ts@Qj6;vJe^85L*AqG(E_eY zuMRT)LF9cYh3!JjJ;;EAiYK_W5$$AZ#hu>YNaYB6tsWje)790*XEza+hf$f8ns$luIxjMq5ZljH$77Q526u-c z^y9!c5Qy71noN4c4;n_I1XD|f;q**ktCwprj%D$ni;9W@tfq)x&>OgES%`n^IR=^h zh{oCPA9xeWWlT-X_ zv-h1Nsyd9Ckth+)T2Y;yoxmGE`D*VmdnLWBqO}0A?aoS9m%KzR+s|iGh*II7RB0C- z6*A)ErV4g3nxM8d<-L~$z_($(!>^gj%;4w2`Z`b%fJIC4J+D)L{Pz&p?sQ2Za4=bK z8&09O><)giU~|z0A{S4(A_-gz*cBi2plfd+dP5Cq_jc{DmWN89HGd} zL^?_+Od<>^nlYxs@3H{6k-mAj?>P3#TLJJA0zAAIb?EvumAs2F@NK{?mS4z|{!d6x z%7z&UJE9K#zS8VMDd>I3^1434d_TJN!Vk{Yc+(hfM3WQzDTWezgvR%c%&6k}5g zzcK4Kc>AsD2X0R~N)r^$qKx9*(Ts7j83rtmF{(4*c73%ctW>)~2cn4h&X7QHQt&xI_xDNL>p37lDL^Yh&Hw#U}ECz3GZ-6D+-nF`etZ&QLi5^VUr8EBjyNs zYY?v8U8AF5w6i3HQ3}}OkBxOwOyCib#dgUi_5x%Vm*Abh^xbPmDZJcQwG9o>1#Y{^ zPtqQ5<}PuaVkjCg$#`%|dZ$KGgU@VQ`Vaq5;b>FyteQ z#CZN;XBLr9RGHLrqxfrdC;g6Ly)SK6vn}n2^gVM|vtzWciI?=xqIMqp&9Dg~_Er5p z1mN~dgv?S#s(}vDg(wI`Bjydw1I@Fx2v}(;1F%zmLN;5YNvGte3jU2_`6W(f&N(Qc zIoxyb%x-6?M75xfijIy{=r`v>ra z9abru!IBuEYBsFvo1rC%lnl|yRK2s~PrQ#7@lTVv^#qAL`j&q3LAL>V#RY*tlBlJ8 zThbW9Ds-u$fHw{rcp7@^gL3l~2(T8r zyk)l{t?jY%m2DIb4Zx)sNvoLuG(cqeB|(SIXSExkF}@fZgZDJ#@~H4&G0-JHRq;}N z-!XA{hJ6mgaKG0_h&|GSxq*@c3fivgS2!nB2S4hu&=v^0Tk0&$G$$zD^Hxg5lTv^n zG+S*PRrin$l_;JvCXe3M0j*@1S>U0br^?-X&h#&*j946 z6jD*obXx66AX@1$G?ILxINuLPbxY&OdUVsWidA!;5iqrFT-DK7{9rx5ep@uMeo! zz;>S<3>W?P_R@X}I*y$zNiBIo_ikm7kX>Yg6=M|jxa>SOIZ z*;n7Nd4hQs6r)?_u6xo*jfj;G&g~J;IN=87gew?DNN9V=W9@@8|s5dBry5 zS%=Rg?=SfSvn(S4aQf_?kjv%=vlVlJF+s%w?{DUPOk2zPWSC#{px-CGRAy7u?ePz| z?AhP>>aD*;%+*K^Je2*-s8K_eeMYGzN`x=uST3|ouf30f^D+{}R}-Vv120$X3p>w? zSV>M@KJ(}aLnWB&H=>@C%D|zJ6 zxF6=}l3&vJ1tqwn+o#{xzI%pNgbHQRZ^N*>zqXH_Z*?F7{svE#sX~{3*B~1AW_-&% zSzVLjKCw$U-Bz*ehpF?sZ!$z;QAQ$Rw$FshDpLbXgEGA)&uEPUhq-F=711Dbb2TDJ z%;&Vh4OsxxfYIU?y!IfQuL>B=9 znLg{EU-dm*-#)AYpVgh&4&dKchTlH ztwx0=MGL*y{GbsM7~oeZ6?I_&SL{i|V)SBc;4qEZ{KqF+rd#RuME@|P)4<-cN&Qqi zqJ5&sRXhE(T;_O`FZcQHk_7_p@LEsK2T zE}(egb1U50rmA?)v6OV-Rsd{778(yY&E^ ztgmtX-)BkGsbufA4@Z|R<@!8phbe;CB)$vO|toAb?54wThrjZ zsv*7uJdQMZPTD;eV$$}v92`v({GG44{^+*Ny&Zn9qj%Y~LyNH|o1Fak`SCTDK}8eU zR&B+Q2Ik86tC)pI+3pc_%dVjxm8$<$)&FuyNFoL zA+AXGnx#|K$mi^7ig#dl8^uWg)tywfZ3^n>gsXv70k4U>8gVFH0Bg$akZbn+ zwgX8F7D`_uqiIkLzcBeNl8sDL?)ojyc{ERuwMKf~eX5+2$Gu@g^mbUJNayHp>y(VMI%U0Wo0+y8EjbcB$AO$yX(I zNch8Kx!Zvb%Z0KBXSJgQE8lKwd=mdeuue2+v>)!P3{b7=5Dzw9$vePYnbk?h$4$RE z=8Il{i)5~?HHVwL(w3Jwnn`!QJgG22*5a5C~y&Ynj=;D}>; z3ZM2!DGrUDMYP;Fy(At?O%EamU+z$(`#MzjrM>DFlNPRvWH~>zJsQsNHPrT1G(!Zq zD`K*g_1H$c$^aTO2vqgQG&@eG$~^X}x|$5AQek@qlat0yo}dqnc`jD9#v+%|)L1mprfleW zus{OpM;c{*pH#yelm;VVE&&keQi(jsC>7Bv2(P=<3>h|88IbU`?~pg)a8Lsv_>JPO zMn5`8Lu*WNwqUuGN3Q|MJsKoQXz7n_c)xqpmS>X1rIv{iT!h06{Ts;sqcJ zWtG9ekxaRQ8B9%@Hla{W{1EtCI_w=M7XqA+D2wO3=N(GyP0|i7euuBA;)(1VTg$;G`#oq{O}-IJTBXwoPwY>3@rC%fPS?GGA}c+!GF5N( zh_&6j9Z@YEMRauQRtDoNo!i$D6CiabO61O4vGx76SvGxDR7@{g-f|fsDHe&c%lnnH zlPM1!CRZ*}A-GJ>LwHyEP4hwU%`x^!20Q&tRvQ^cpyB1?Y6nZ5P$z+WbdWcOC8F!M{4ZGgM**Zo-6ZqW>keCUXW`6k8~YgM))Ho!wc3trwDreybV^dfSdAAZW==8-|(WSBT7wrv38#dir*T)DJY$WT5qK*C(JBgMG zCnO{+(Dlug;6B~)C)C_W*wcCbT+!K{U185&{Nx-BFhR_Fag%xW=MWsZhd(Y>=eti1 z(m6)Ub-qG@D8*0NP59rOmCa|flwpo-&Z^7|V?BR8n2zFwuejtkjB9RbSvd29gi&8& zfj*Sio2!viB}H&j2%0p1HtVbq5&$k^3i!kGRukhQI!V)MNR0hAUXLhFjLrylzC@5U zEQv6lTGD_u});!;82YCn9iI9W`C-WL~F*BWD@K zid4+`F$|k;AHo{F0s+@Y?K@XQ_}p&!p_dPSi&pE{*RO6jVD_zuga*8xj5u)%g5+b1yp){-IncMlWabv#P1E z&ma8!e0DQ)bG8c`2Hhr>NDPv21mtJ=hL>GxpD${LKpK-kDVDG|Q(?Y1&v|_MGn$0U zhDJ8wH!M1#C#6Ic$Md>i_Wef=s2o;FTQG{EqT-#-7j!~G!WOp;B%|z{lj~8Nu^cYN z-|4!y&AwN}cwu`KGXqk`-63K8UVk#@zfh}+l4-fsu)I`o+Wyw$G*M-!yCwd@IP}PJ z2MuB?e)h+i>Vg#YS!c-lfbqbgx5HeeB!CFkjJt3|{of=4SESXT2fs*QG6`Aj)mQ(8 zOFN2E3R@95<$P@HGoB-8uaOO%;{d3EdAWkPDYnEx){R#r#_m9DzEr*>hoWU<2*Pcl zMFbi#*K6|Ehl`l1-$(&c7TNXiWGtH#6HH3z&jnx0?3}9U8R)Mcyl<{$Gz*)l(Ag<6 zA%wzoxXBQr_!=`nqqod=>YN7#0)!{Ya-8EAdmCpLU@PIN1 zhRpGFAtC#9av^ULjSWS6AOX`lZutBH(cpPShO|KzlCea1fl+D=Bw-vd4xSYh7Cv3Q zy5g3~Y4e&WvqZLT1(_%!mF8W+c=cnBcCTt!Gkp$N8k&PM4UQN%Sxgy%HPb|3S&W3I z1JnW}4-fQ7K0-EwxZvPez2?`AJM8#F_Q1zP@uXnBIzTp#RKUnlQPnay!&?eK4T$ev zT2J}Vaza0Hz|^exsG({bC!mRv-{o(71bdATs`amip)lU{?Im!HxViBUe*P`fF0_Cp zrK{>MLQroEHV$a!=dZOZ_BHK47 zsIV1~tE;Ok=(Pp1%ApRRo-$GO4iJP8vBMnXGeFXaW(-W2OYQ3Vy})xmoUz9?OAlob z53NiJ6!L#Sc*TtG?%E4dM`=@eCTwUNIj531Vh8tYkUVM@D@mra=zE%oVc^ig;cy4H z;d}HoR%E0EBwbw}gy!Z_mTT8UX0V%>Pp%KNyyigx7~6EYIwx2nN>pJj9^21+&kth* z{JiPkColR`a+==}Pu%S`JrAs{YZ|=s@v!2|$samv#+I0EXghCryP61jaVmeZq>w6; zF`m=kz4!Sm(K{~do;I(FB4#KAEEu!6#pQ??m^g?J7ZEY5hdJ+u4VDC7?}fti@-o;O zVuxg~ZH)b>Zy|P7VL$K1HiyTS2(tyH9=F|f0jTU3Rcn7T6o^VTe>5piIXV~LwKBt) z*+K&gnE1}mP;t)aG}@GW7TbJ8^cjY7=*0+Gjo>`cJ@^F)B{+$Qs<05Jn`uLlMqXMo zuP*-3l>fy;0Z}lYug&i@QrvQ9Gtk=Aqcdh6{sPuAnU3$?RdpcZOGo(=&0yL|{%3nM z3QQ|`3IvxgSbf_{StC*Kf>D@y0es{pz<{Ed!J=@+k>B&-*F)$WCgAGAS2+gI71GRV1^Uc0#uxQS0oc z7I?}wrRfec7NCsu&jQ{(fh`eGqw<^`AOg<-w5z6r5TFX2zj*LeY<50>AciO*LTr~S zjII>`BWiG6`gGv#vdQTu=bIsp#ZH2_fZIE~Yv@k7Ik>RQWvZ~e&v*>{pFtc%FscT8 zTTfcmEh+2VqjUrwAvt$x85y*PM4k%We2alU79?B(u*rt8e1zN8)NXpoHbSjLu%fi- zkWU|DOJq%7sjy=O+??Sie8EQo;Tpm%7TWfDQ&5xc4Rq&o0+>x0fR~)7o|2+gr5^R9 z;ljm%P_20%oj)u_vh|ZS$Ez`0^FfH}GO(o02NZ*xCPr{A1-!tuggf}@0#~f^E_DaR z`Q;H7IX5CO*(EwCaF`oEE;Uhxdy2`xoX$SuE8x=mc5eY!!bJ^Cmp#2tJ#fx*n+28< zM--`)wnj2J!}NOPoiYzqJE>CWm9gDCNdRJ8R=itc4Rj5FLdRh{5e)U~Ok!V5Et_@& zT|_hAJplnF!DzN!#4Ko5xjOw36?l{uU7`VWHXr+>Fg<_X_QjeE^u}HuOmZW8xR8&B zGFX-YE^LKw@O**Y@qCR$-Q+v1<%a7ewXFhSfbD8(mK_-cNQI{sfI85V17;goV5SzB zX_c@cA4zlAf^5JlIh}+}okO5D$HtYo9%Fdv7T9M$nro8R5Bj{#heyO|b>9sVLn0wG zwvu-{HU*B6TUpX!TZ%OaY22$*xr|7HS?|cy{_v3D;#xHDEEdl%pBd9F*z^q#%da%A zohd^@fUkOV%1ccT>=INWhNLW7Z0kAZ#|EsZis5A)bzMHENC5lh0*Cp;mqgpUuwalO zPb$Jn%1sHZs}o3hXX*HEa6?80(oq7+9DH}*(uVRHD^^jR-2e5fQ>5#XBSnD#_R=ej z4j2f^D*iW-nLV~5C^6h2KQ-P?qL!SC+2a$5MESetU|+@sAgC-{VkZp%*Nr7lDZDUG~eBLaL7-4cn}tru{yx$y5hDA1xB;0SJ5e2 z2OQ0{;>zDhLB+4o6Nv|we*_GSTeCre1zakL8-#CGd!!&44f=+_v^g1+K``B`7HBbW z%6I$g)(JScp&vQ9`gB&DY-cMOODUb_TjbAt_P7AU3wyL0ljMrwxW>L@XNKgQjJx+! zk>X=g1)vp9k3sGyILtbgxI!^b3oRz>2jEUN&VYPKyi7q@iX#WwxA)=&kXqt7JP9bzG4r9QN99aCn^ZPzf!} z=NJprjSkISwKkV3Ep3FFTyy2pHZV11`UGoo7zZC;RACA_#bOup%cPYys&p0;1`~W_ zOp2I`g9qrPvoWTQ2v|T7aN_G6cP*aaM4$<+gD53bqpGrU^|uCjv&++10wY1P1v0-?*92xksb4&Ya}HJtr5)w;9#=|c1OfT(m>qH71omWwx9OGh(#K2pNlao0 zwdDV5E5HV2<-EWPT7-oZf*Sye8OLFC_rqx|uH1C|yv{8}6p z?W5%mDPUv$k*mlWBft>C@V7*@?Dj9OBqk@}&X16m6(oU~%w zTog+$9`N247~?S={ePKLQa#SZznxr|LekTx`etWmb=bFci52M$y#5@oN#U~^eAm-o zy)EW=`Zz^mz~ii~t-ZOwYn2y~ljA4#^w=7S`2C~4q_*0n*j;ljOzKs)rh(wk6b;u;(dWz8+4u`==E`TO{IlD!A<<+5%CAT0T30wEp?FcIvFJ1U7w=vzc41F zAdGbUQ6DxQozD$|6Sz+%GJxN}cN)I^g@Ixj;4ACi5$A8GP|^Kj9e=ok`t|)SXjfC% z9toFMLP*=W zZDQ|J#R7{h_X161)6WrvRaxDO!mK(~^HiP8wl)Y|B4iVJCd}a-s8Ypa?~YgRr4|ES zacWFDB&LyqRwoPTEsop%uHug1*F^5@5Vy3ot}djRIW9Nhs*Fp!PCPI~V%(8A)5fe> zh+|)nFNQK_)L3p#xD`lmj-?^Usvh)~sGfv<=mc>@C&8~Xuc}~tpw>u51q_IOgv|Sg zt_P96t!}vF_=KD`(Da1Z=g(#jU@^GSTrusN%ptZ{uw(`^O*k@MXMA>^hx=Rh!-z$~ z3C%Vo0d+dklpPZQaEPx#q@VI*d&ZI7Vm(%_G0A4pDn^zA?suk&geb(?=&K*L=2mL0 zr;&tx&rssub4y*jZ@Hc?@Z6oqI-KqQME-k&iEa5a;kl4{orQG6eMb>4Wal#=Y<36b zt_{)~H$PWlw`QhtfYmm??mPVZe)acyIJe!H+DId5^@?b$TVYAQnzlVr_@@0$+=s$w{a-Q@VK5l9>w{FC zTOZo|&(CXXVL~to#L6U8>6|6k^Is$^`VFMXN01ZUZz>}_{n#^KvCUD^t|{8If{}1< zC8fi8#7_o;&K0N@?thr*K_0sv2R-~H=5vnQQS9veiE{(NH#y(Se+Ukl|MZSxybgeh zbdR{yV_-FXN>mBx1-wrkkAW=lF=qSe-@FQ9c35m|L_|apT&$3{GgU%m+U|5;StwHDLc&sIJW zx`n{Q8184QeulGwSypn!p64-q2iPU{g9MD@Z;z^(7;;NJVaw%lvj zePrHiGiRX3t9%fS2#zI6X0~B-TxcgjzBp2};+eGWa5tz7PKEyz1NDT#)YR``v#M!h8)jy`l!gbVr{As zZ=IEfiHY?2&x`)d=)N`M&+mvc@k5sBKu!s3Jtg`g1+5v^5ZpWSjzq~B8IC3qe-c5v z{(ZPmVU;c=Xq)Y1ngme3F~z!!6_6Eui3J4&@_oAZ*m{^Iq zb?#dlkKpy440fGMt{9VUbzB;AI@-Quwea=H=41eE%h)?1EFX{U9-wiFpq0Y0-OC5e zEaI1MsDvG6B|H7Ej{)KF#G7^p_tjWtv{Y2$>T<_zO8~Q;a6cYWDD39EL%m6fL>(!S zR1E#f_S(!%>ls`i1yme7!gPbiK%7f{j|&!=c+z;#Ue)3og&4lK z7mqmRDXU({M}j0CDE_C{QaiEO(7|>*kC1_sVA!taFKUlpN;?y+$_2PGGM!Ri?M+%- zuXnJhExry)!?T4tXKTDRiO{_&x85g#v~1VHGci!{BCEc z{kbZfyyWA+zQ{yzpx$6u1D&i8XUhG0gI1i!GC9#}R@!^!ISbY6Gzd;==^Y{<*ii1$ zqxhFA;?R{qgozHr$96#clK~6|;n)&t8l95XV;@AMx|QG0cJ%?8lXgXm<=IZx+Nv6g zvvUzPF>zi)@Y%i?TvxMw#Q8oSN-$NDns|RIFl*4@}#tq!^s?T-Q*-wSma$&>X7hktE7)L3-k!NL_`Te+-CUvdyyH!1bVn#cKM_Q>12-F!Z| zrNj9*aHmW_NZI`yC6_$~a3Anp>S;HhIR;~pOjM8UjSaJimIvw9T z!FmzTyU|vfF}vk@CMy4Td$5%I#nsjRNgWo&V&Zx+4!~|w z%hwd(5*uJoS$Cr8RfntRwkNV4*^+Q5LG1fkHXh)nR=1ox;lca&nO6UO#p^VGzr)5y z=OVUO8UM?;FErn-PH1lB=eD;QH+OMnba(W=uKB2H2He47dhGf6c!Tt3O2Dm0T)nd^ z7Ur~GI`lsAd0%bDo5#AFd_FITHh=3dIqhp}X!APDx-TMi>z**>W;a`!xPx8FG)tpK_=WW*8_*&n z*ST{7mUda6o4>!oclI`g_$<;o?ONA=z(#26wYBx( zdgpmKI2wRUjEi=@1lEcVo`(8A`FOv6KJZqvrAen2Isdj#%+A(+0xa_m05?hptdEPm zar<^>VfJa@O@;T?td#IRF>#WNr>Gd)r@J?RGemtdwr#*`;T8lR=Ub!$oa7T0NJ>st zzEu0q2Dn6dPs8l!Lf{&oTVFqXTX+1o+lyU+#Z_9G3f3I~n%AqkQcj%BtqWmkPG<_Dz?h2<_)A69Q>oE!72Do9l6`JSae*p9GX*a_@%SWOT4%_6C^<@$tR zgId;%4@D(K2Z1viylJW?wV^v()-+TBds{1(Pj^f*c9C#N+tX@lus_zb zn8CTFu;l;4Sl|i(L{FpfJ+RLIWT| z2AqWlc3gs-bPMI6oj~A??}yER8@mpBJ=B5q9#xf8w=jM-2|JN6(e>?`Pr$`w-p9nD zy~vD(4NFv&`udJONhn}FBXXQ+RbhH**_&YH$i7pso~Fu5hPNAL8Pt@QvAsS969n~1 zwLtz|By>Cx*7u75d*^}ML4+zPP>*k7PK_X}zj*+tsX!XuU5sGt75QNw<*9ar?`Tsm P0}yxuSD~zPN@xNAAnsb_ diff --git a/sandboxes/sandboxes/diagrams/passthroughMode_355.png b/sandboxes/sandboxes/diagrams/passthroughMode_355.png deleted file mode 100644 index 33f397d830a12208e0c13b4b118f40e03cb6dd03..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 37088 zcmeFZWmJ{z*Ds2TF6r)W0clAWol?T07a&ps(j`bY(%mV|qNTe#q$C9C20+;|G+>`@V8sbI#vy&UuHbs>ouZk)pxD!C}hFNvXrZfgo^j&rDH} zfR;5LXHMX+XO8N!V7Q7g@?AJMYB+hR*P3pI2N{S?_=AK&kKb_E2WYv|B|ctutiO2e z$9`1(?ZpxB2R0x{6b$>O7Y+B!Pf{+#e5H|qF)biqBp@@#b8A+}bA@i&z~Ewe@2LH_ z^{rX1da>ruE`($_JSa%X2bJp?BQ?o0JVHop)kfI=+K2+{SoiJtU!Ds^g>}RdGi&$% z&o*Bv1j4UogPs=2cTT@^b923$o>%|z zoR`3Bg;I>cHaQ4{n3j$%&Pyz7;J^BWd;k7DthQDOyVn)OCMW{8rbaWO+=rk91$ma9 z584`ASTN7~Cw%zyiS|G9f9)dz(bCdlhhdnBz&c*yD>{h(U5CUV0tCvk;DK73ftct^ z65rhYca$*t4v=EZd&QPX;GL1|B?`uWmZ?hrj1UsWONP!4&qL-K{IoM22pAD?ProyJ z{&!D4HGcTd>s(x*f4V#9e97hS;QH?rVxFcj_2H?p#{S>Njt*dNfrqM*hdVHamW}@& zgETJGw?M9@3TPbZ`%fc0T?gptAzyW!o}r@=%g6 zFU#M*A>CTzgxka1Pm@pfAx9mMfiCDSbg?)Z&VQ|qTEoBNBmVj*8er_-m+iGZ%WRk{ zS4|=#B^8oUuDnxT(T__^9KgD{_j7Cc^C{nX=~yMZwy&9uO=R^Z>(Be!OKyy=t}dAA zt=5N?7R*M6ZK={kL)BibdEJRz%#vOG>MF7D#uSpXEjAy#{zqSbNnJ0))XLt!+y0V~ zn#|YC+$B$;D={NWW6t2 z221D~nY^xXL(UkiJGLhY5J(z3SXE&tTIIUWiOkJ?;}BxX%Q<8sh(kr(9ezcLFVZVQ zV=N3?+*l~DL^>jNr(>;4-es8E+CHEAAoSDghO#<+fa8{zfzq%xkGZr$B)Cm{hrTdB@#Mkf>7IOOEy(Y@SwJDX%i(9l0Ek0`-T zmd@+SaW%-ptx)3+3$-{4)s20PaY2}5ICQX`U>_ei5s!0}-Knp#i6be$KHi*dqJQ%8 zis3JZe`$7u$xG?y=LdT?_)^5{4+h;M=@+NnDOAr^_uqtXGDUFahNEfxzcIQ`Oy$e_ z&s7?QKkDo2N56936EqEZINIJuCL+>aOHlXxzVix;O3bgW4l_L?18QT#@PXV2+Uj|! z5vJV zi)G_)?PBhh)#{UJfZX-#5)J%L)cqX4!Rw*7KPt;a1Y*?fH(6_}_ip$o!m_5%zbAD@ zdKOeFVf9 zZ*6Qa2UO;nYNfw&Cap0al`7ZelX9z)8C|@(;Uh*wC+tY!F`vls@^m^}B;hn_0~ZXv zRV{EJXz{!xoU1VC_rG<88XE&b@bcY2h&wu=N&lCO6ERQH&dyHtw4{C0znUcwJ3665 z;W(ONOhw1o+MMlV(|I@&QPDix`S)0tf5LZe^pdw$C|O^%u}Mf!tsSlLSyc&dpW6kN zM`9`vm4-Eo5#bQxFp3ymJ0x_q`Rf7lAL7tkYC0LF^Km#ywq=H=U=;B&N~}xxjBls( zTVZ)1M|$;EZ-8aq#5Z|S`z7GK*3>FqWVW~YzmHtZwfrq(vGpBWO^sFc3*=#`;H2Xc zt*opJ`poeYDr!JN0z;F_PPlqOc%E%{Dzi~85~WyMn8$@)$M^53)9)iCA&_q>K_Tgg zTBorErwl*Qr@ksO-KdOUQO-v_+#{o5X(heLSX)nppQ|v$&5^8DPI|E%BVb2)zB`R4 zfR5w%os$zpd@e(qFheLvDzWo8rPVveKVOYDYLtGXM{nXmhGW5fO~}eSOa3z5p>-5s{xCh}*NzL{L~* zW?JCcO1mf4_!cI&g#}eSry2!%(m1&7&OJcjUFVWnGLIt;DQ{UM|6xmXy9DLD?mUfw zF459uD?0)nfi;^oKBp$??Q6oC-h{P5`FY^lwGnwi+9Y|pNy3<}42ntJ z{o6E!N}0?73oBl?6Aj03niU7WUnmyyAXT~GS^`#0{4{>MkU{voDy=#Xj*&EB^!ppE zp6RdS(cF?q_LxHmpVs%oO&`f$-(c)c)*B$}H-3_?ZFSmJr{!(5-gcqs0+gB$p!L>| zGRR;xx11l!cqAQr|8;?^LDjgB_>G4=^0Lq424E>odKoM#G=ki=U1rCCqBfJ>>bh_4 zhtCN)(n;W#5Z!*1L(3lc#_D z)h2Los1fpu`Fcgv$dX*Fij1$6w=dN3Hilo?sZFc)3y-vf1>D&tdtizqQ?{}HE3QBm zBrFP4Ha2Ug{e@@JzqKW%2{8eaKwBYXy&|=SIVl}e)1knMT>3tel-Xz!{*4!vS8$NX z+eQajPuMyUuJLeUxzBjFg|Bp=6qkF(pTi$fjlT&|qKMpw(Fk4y)mdxPn13N(7d%sc zdsgJv8%|_$@-v6{r5pB80vp*juG68zrl@MO3uXlAb<&m1?H>wAjSGj%(fpSYo%FT! z^$7c4GNv0v+=8EvFu;w_;T^Jf7vSS8;l{1~0K9 zoukXa-7&snGwrKMk6M3yE0^nB0a!GGm=C*MyELGqL*jf#1deTXj3`G+!Kw1? zcRVbwqprzGf{f;d?hYES08}ihJLFbRjK1>Q?a7*bxEM|G_jg=H*!jU&V||ujD)L^Zz_gse!aw zHDU`K3On_6Av#J|yK8FFs~4z5MgQbvep|v0>~a9&?`;&$o%>s?pK1lHpN>{LHx-j6 zzuJlGw|q3*Fbxcr%?{LN`>;|=d3{FIGnVlqdVEw_zga&}VIW#80~@l-^RBD4Ss+Ht z3u&f&4o*6purp+>TPh?4{jbkU%=AnLmEAFp_v-39=L$QR2ghT7r3PLhiOrWlan5+D zsJKYA7-P)S2z;@Zz-?!LK6CeWc+PZWfQ8wpDnicZvPj?1t$aYw>FOu9)8Pq|eogbw z)!&cMiHR6UgH?^3!dHZgHM-k8jpll}EE-{vwD0|mHAH|@z|z8kkakT^;rV7t^=c*wS9NX^M#vHB$kUN+BTlob$@TomQhl+@h0tPHiXY~(w` z6=_uq>Ilqss0Zi_`Mh+^yhJ6AIJ&o{^0=cIg= zVd+ASVI-ejT1B z>OTm{-0`6$h>Co?9wMlYB^x{bU}MuubcC(Y+rcb-M73S<`LeOxcyx34c}QQXM0W|=68SlhgxH+?3=?i z?bO#dSgD(Gw5Rh`bOUk14KrJtH~%{SGzjnLV9a(b3C^Sl0p2&yGcpn=z;u$P@0WET zx|#ADY5_ZR8KNvU=|5s1ak~{kS5D zLz!=4PLkoj`TKwsED1inxzO7f-wygY@%Y|9=Ig=t(z&biQ=X;eGt^0`z_TjmJJj;_oUUk?>b&0KFUJA%7&58H1-(Kr)XhglgxrAuvd32`htYd^Fh4&Z(q7zc zb$+bZVB5JOR*<|)B)lZkzTD`D?Bc@G^Faa)s|5Z2&ssO~#AAt$hA924MY^hBv;&Oa zZpB9_)cB+g{)Gp)xY3avv9LFT6|8}8(P&^tqHXjobPDXi{2ZY2UBL*meUbZXdwaCO zjP_)IH@HIrfTUq&5Ir`snUb~8NWG+Rk_ZKMb{K90=_p)5icg;GJ%b2D|L@a2s5@bB z=w)v2SPmp>`r>sV(EE7@-kRt{SGl9iUf;XGxze}q+ri4t|{)3c# z=~0Q}JF2UyJDV?$aftB)4pd&Cpxv^H5X7H+Ft=pW()o(uu7RiUQM)2(PgaYM*H_wI zqc#gVTc-1iKAlOZ`Wo)<08mhSv`;5W8D9SwbOVO!_IoP>g1o=ne7Q5(j2HA}Cw%U~ zPOUkWsbcjNdL<#n>1j99-F>_A;0k&)f1Hcc2rVI7f*v=$uk*i)ta`_p^=ud(VbnWmGcof>ns3pWn@0G2W_)ir*;96mA#(1E77XL_^K?}$QLQM(;EcR$tk#94lInV7r$6^2Sr-Uj^IfK zJ(pc>a_(6#FlcfLTcC^H%jC60YjQb^;I*8BZjCIMaH}thnO~jcbk$sMDpI=~Ee3)S z(M<+p3y8(N*{2GXZ}CLeHB$bOmyYD8Ww&~4MwJkd{hamx9lEH@0efK}?wi2I|MMmx zEt%gl9b2*X=JtHy*Xhx{?D-KtcJP-&KTlf$00p7zWK^51&%~IpWxT$ZS>HRH7WCK= zEL2WGuGGquOBkXo|G}U1-HjVKl9jKo{eynapW^K-6~lX69x)JJXeKc#r*_h0z&AM^ z1z68jnm*hie)HTW1Yof*faGZdz0e{^_|#E~44NNh__eiZii%Ws?AP-L1>M()t>%iE z_>*jB%UH(JMZ*ED0@#KXx7$B_djb}In#Jn5pWEA*4O^12Xa4JAS%4)@LHh?Rc1o#S zcz{PaEe9>vZG1LYxzaTs+8xth$GpBlUEIzE1*toQNkilhwEL`?G8v2!xc^XI`j zilZaXOz8p$@9P&oy|$$jW^H6^es;e+4Xp*`O95bwee|5)N7Dqjjo0x3Q-D;i*U)oi zZ`x}ZyE&u{n92r|4=as|0#(b(c`}%)FjX}X_XD~yrW~1D%&AO2SKC$WmE!lKtrLwJ zvTKvHoO3DDOeTB9`i&*?wJEcMtVW%ZGkK+vjeL!-uZjO&QB}rgz364x9n@8GtIM)P zwYU(2rUuE2p~xO@-#u`nNJ{m)t^~#H82&@MZ^xb__=&kmPSZi3q4P%fYDIF-G+!7I zmCkYEgA{FhqY)BcU4{nW20F8OXm-X*hhyX8hpc$r(9(*~B7JsyhcJ}D;qUHfo@Y|P z>bB#^+4oCYZ)t*Y{P))A>!T&17@j0D!zkkJLJ)5A1~N{O||zXd0h% z!fGkHT3_H_CoI{g9s!>dwzHWmuFZ0=(vI_@LdE{(&9#miE5XWDJAn`cpH|Zoc7wSW zT0*e@Yw%a|6)6ez7>@vtY&oLim({so znPHtspQ4<}PVaEi&U}vOV%@RN?-g@X@4QdKx*op{e>AM3vir4p-9C5AdejbpXVKmt z7xy$hY`Qr4BNjz4ob=EzUQon@@9oX0TBnP-)Z}ik&HoGiUp=vgquSCz8+Xn;C0OvW!;^*DBD_WS(c3du}=J26Kr;t&-=HucQ7LsAfaG z&yT0kEvH{GFvHLYU1ZBkGA(|rpdT*Qhb)sy`>y1(_M z&RVN$bQH5{XSH zWBoxR%(0&zpF>wlKksAA`h2T3GC*WPpo37*~8#H<-HYoht=bJ0kL*2`c)@Csi z7pR;Zb7Cc6Y7&Om4%1wV)N?40M4JK%!nJ+h)+;Ox{c)RkA~9p!$~Z9lmOHi?yX&V{_hRJe&&w@ z=~(j)_+4En*xm~k^kY8kz{=S=}r`a z^j`Jo`CmVsITj#~rBfrH8u|azNK6cP7r;Y*pd`t!8-@Sk&ulqh1^AZyPmK%T{%wRp z0rD7lXu%(t!{&eHL<=lRJ%3>yX#D@eL^T^J+410O5L{(55j4*}Bu>_b9XsZ6UvM54 zi5xi+LfW0M%%AKr3+>jF#HE@m4KSRa$4D_!`YN9IbH6 z7tK~&z(5BAwZxE!TJE6=#Z^m! z5q401Wuo;vkhru&;J}HdPY{*CqG1?fVtvm$ZxM9%6ta-CujIh_(bp27v!fb2yp09K zhJi%Ev?v5IksFe7TSWBqzda)$MR2ly!aLwp<%6b(SxtP+FtoPB_5uMZLFKOLh{a~q zW*`BiBQ}ROC=57y|AfXU4;mm?0UiO~4;Xwa|0HGam?Lv&2_bz@v!gsiAd(P^&GWx) zSW{dG5TD`V%OUW58xj%`pit2K{pYT(nwr|H)*$YPH_{g|h=~DP3Yi@*xw(BCQ&Q%) zUn3IG($O+}n7(|Ql9onCOAG!w_j71d3Rp>c8O?1yad=0nm^1em3SoF{ZP}~a_P~@B z7MEkgNLUD0`3EVi6Kicdnl~%tuwuqNzVGK7h=VzPNyuT0pJ_8{TSP0an zbo&>9JTMd5(Lbf6HW(o5zS>?CRLtHJ94`~D>27Y*zH_jJrN+*c3I(#sdGfQX!-n(4 z^r3#zSHLmh>OzEl2}npnSrbI6%x-b*jWlRD&pP4z)$$6FcU*1I+#B|1to;3h1+2U( z_~+J46P}K5iv5q`59=M!emn9el9Y`1BY`4i@vr_dfIxF!_f6+W!%Jk(2!ow`thHT0 zUvT{Pb3M=+1uLp!)l=JeBgFEXZpu^YS9ndw6!F_BWUCi2B_$t8Eem0 zQe=J`!{ltWOcD1W)L&aBhl}nZA!z-Bcq{9ru2b>G%x`n~>urtDWcx?vTW_=71TXi0 zAX2RlZi?VRmo@#=&+h9!h24&5*AX# zHImj0O7R{JIU`Wa)s9-5Z*;_@%>`F^{V)U=dK~9Htw8f%V}c(o;MKpXq?AnrIml%B z*2M!i1nIjzbTW8yM{RmC+Zgj(^Y(oO=DFvpSl&dLyH`B>Ta>NBL_nO`7~fDJiHm>6 zAmM%XNWRJ%pq8f9%4NF6oIf7@oUgQ@XN@imhZ5)cqqg1JMl#}B%-T1PO~QJc<#6s_ zNV&%ME`m-L$bFGntUUm*e+XbvQmdBYNEdEL#$y_hJY7dT^{hkV5~!0o)Ex!ROaEZe z8BVzVxPRr|x~H#m5Y<=#C9QNS8BkA=YNx(V)@dCptk*d&aEWfb1d}^P*5mpL^MWb8 z%#IcsZkio;(4E)(>X_Ae#TDY2*}WTh8)O!$oj?9L5SuBRBu9R33x-HBQ;K^By=CJ! z9g1JGSj{m?$2J~6>h7I$?2CBrc7H?h;QCRtFCvqG4z^f-jhEK&0{3FNd*R0|?%DRR zf1{%|wc}RA`f)t7wXv};PTq~l$iOb7+9}ly=BS4KbR$U>9et&{Ec(uSnboR8P851M z6SwM__38=7GMCwo%viTuD}VNlHZ!aDP;9qy=4c;32UByTw#@e7eT zO=dpht%FHH`#bXV^y=(bSrXI~`?pO@fM{MuVD6wHal+tcDkjlxvC7~B;Z2D=vMcmz zD88tqtf@5~2>6=$o)M6)pBIZ3z5Rjy_@kXh7b@xj?9?x6u#Mq=asklF0FEVFd4C0f zn_T)eLS6VGA#PLY@R8ni+?5wMBD6cZN{3c+oxJhm2%94 zTQwi&Hk$&m>+*(5`YSY#17^sAdlZq-;C$>58Q{y{w??Tr!S;LL953OtcxI!v=PH>i zBs{;4cVebbE}@kMifKChw|8$dfAk&sOg#IwLaa28^0AuS3vx)*&-7mhJ66Ius4lZ8xKK%h40#81kdDNAa8 zI|KHzChz;_2uKJyZ&sfd8CBl9f~?Qtjdv!!1YbFyg1?Yg(6(C*Ok{qv9}KH8e_?Xg zb1nGMO)?j>zqgr|y&zxygZK6C_scM^?UymPb&j{*2%k{#jXL8P$IN{TdORZ#6Z5rr zYOc!cz2Z&zoCfF}2E%V-T6FDJ+hqIy+*i5n;sa4aDxK=PAjV8*3H$rPOoJ+qL-wny ztM#)2GFn%*MSlVg0FF3GM(!ETx0*93DJcaKrHiEx=!w6d!LY9!OA+SB@ihx%j1-10 z4DHT0nQ^v#LY11cwUJnL#oTwrrqXM6p#(Ams+>2S09QpwNAiyiHhm*Ndu6~yhwkJzie|FLI-o}h=skeD=X=4o0$yZb)fQA+%^b= z2FbV+QRHHw1&aLCA|m=5aw@4J7{%%f=#^9Hjl-wolhZI*ZO4I-X$-gNtEF%DL=Cnp z{@TMko0_wg%f2SP=+tjk(!ZS?za7b}BX``2lvGv4M#3cK#9i%=pzv|tcYz*!d%gba z!)PjEGM^_-$=gz&^v3E?Yv*Gzgg8d5KraQ)wd)7ZOPW&}>1zWW3LfL_vB%Cy?(l)} z^;~+uD~o?uZnUChiUYBl*xIUvE81&r;r94Al~htV-N>?3WLOmcAkMLhEzFx!Y`m*~ zvp9R+lsY@ye-C={=mIOsJJgNRkC>XWb~D4;6S+dk6Ic~Q;CWdzqi!G;&*Kcr?w%RtT3YA@l%%AM*ho^q(j2r+#i~Kp1Eb-(=x=C2P2Cf1j z>`ImKgzo793M$}7?_h#F7-**_jx4|h{67=RqpxF6{trGkI=j5RgIO##;C7OYV2#qp19?`mk#K4c^ts)#AniGM168Qp}dI- zfZG{f(3th=NpY$7{NEdv%fVNg?XU!pphE6_eEF`o!3iOl`btXJfgh_NhIbqWPHvWg zN76;h3P*!$ver9N(kYDFnqu2TxFKyxw7p*WmtDYM8#nlnTCQSLb{uJRbIW?E#C)&K zq1e|Q0fuR{-o^+PUXu6tbcB%FXuXc@@sA_PisEGqZ9`uHGrraGO7X3vqw(#?zU1OVpKTv7@ny&%c;Tyv8mB!=J+q>1P&K_D^{(63K?HEGynvNSvLYpJf z6Cr$^m)kRb^i-@wAS$t&?hz4Ue*T;0D5+II`d=ZOGr-!Akm-2m$w_zw6&AfKl*AG4 z3~#8-6cizPdb?|WGVHK{-#>3RSkSiF3XmtJjMf7md6IQxI%mhUZieuRV-ROApH>inRyNu*00}kj|h0EB*z59E6a?NaAa% zQIO&T|5Sb;JB&A{rytfaHBAhtD^UwV2s^BnitkL!A2G4zFwb%y0<}~a`W9vCTflS+ zj7rJ-PZv?7?pd86#g#vkwa!2n3}#FHK>u;~z(lc95ed=R4`m};#sR^$yR}$+MF>fa zeR=c?0^J>a0J=vW1%)Ff{>hVBF$eBJgBPz21vH2wqdpXIv*boZzHWG1)K?w1vZej%O zFVvVrYAtXqtP#8jb*IGj>Obtvmh0svZ92nvt3psm*qxf+s>p>n4f9G#fjlc2#b!s8 ze3z5xpr`QnGv#3nXhOhB-#JZiKP`>n7?}9r4>1QzV3wjfU_4(wx09bnO|r&yR^Lx< zkK38#fclxmfOrwf&h&6$?hGaeou1V2BBkn&n& zJ9~ONfu8RFL-i04(Rg_t*2D$$p2EiBd$BQy$FBd4>pjnANJx*QfI9!e$O!vZ>c(K| zOEWa|vUl+BeG~MZ0DUe6B$HH`4JRU$qM)GxLBsFdUN=thtOTxAhMb(7BU$29mcZCY zo9)8KE3KZ8Ru4YLH<|1@83&!Q_?w*NN~oaldh=$dUEGy6FSg9n+CjH3k&raB09cKp>B`OSGh@hW9e(6kTO@j*&Fc35oq7X-q< zA|NuC4kfTztbN@VK{A;yj~CCb^Ky(^92X)RMM;oZ4kU5)3vEy2NCK&XKt6|TdOMJd z1<~)Hoh4+`uIR~^kBj|LfG`elH2H#`b<7+HA&(EYoDUDTb}?4qHfYMgr^Gbt%1_)zMTwJSqk}CY6~c6>)L#`5!;%-j-h-jpF(OPU`e~x_mZpa ztk3J|u8$91_E`-5LK0(v;6OAlS3B$PT$or#-%E*ZE|0N@i2klXGVkud7`R7F12rh^ z=8Vp?dXZPDgvtnn1ud##4DJ)v=Hp)q6qCaCc8`G}2x%i* zEH+MaqeyVyZ|LORISKGc7@c6c|M`gTLIsj)E>_BAjtP;k7n^Yx6d zNe@a4kNidKK>jvBRDc0Ky*C*D-V2xztq7?e6bK?b|EiMFRc$uRd)TJ+q;}A>&#(Z6 zAu3D=X(E7#R}a{<%bn}vfpB%phjp@TdM$Er+donHOstGK$(Vq`yPn4zC5U->(7=Ga zE+1S5g`P$^Fb(*otB{LYG`m>!ThH{g#)g~P3+*5EHofr4BHuKR4;E^A6+4E86v*Gu zczVE?wyp1E0n5x__i5meT?m!^Oh1xb=w;`}?7}67tq}lmzOr-@3?;b1rooZABv_WE zFQgRppbx;U3l#eZoCf0_U8j^#Bs>y^#6q>1{mr?hz0uKfGf{)xDj}69uVfLtC{PM!4}nz0O}&6#Q(QRLC?}Va4Lz< zJ#|Mhxy@T6Uyi2BrJ|yOn*gvjd*4fgZGP1Eq7>4}ehCQ{aW7WM6bbc(M-KZ93>+!` za3$$h%KYpbkk$#{yKb=25TILzx`N(D=_3$^W_aJ<^txGn4sz%Y!fYRYt5hV`^nPAL)Zs5rq~q03GQpwtL-2qEIiiHM2zsAa(I4M%1Wh3yU}ce&CR%`jA9(=c?z zZOh+h=W{}a*oxKig4`zByzfcl4<6bd@3GG7-mHf^a53{r7`5U1<$q#3^Qg03CZ#`k zq5qA#3w5t@CyR1ql@*GWs7e3XM$`cZ!W%Rw8L!F$XmbnxrpiiA-C7G@_upH_2lG`| z`<3lIvWjqb78b_;Gqc-E)RVXE}Co~5yXj76y8GXc5^r>P`1S7 zaFN!j@`XPVCN3xf{G}=|>BiN$D7uH509SwJMbjlqz58M>=m}eAk0foDVy1b~|I`5I5>_bprM(Eia7ECklaNk$|EHVTw1y zqVEQxUo$D2_!i)mc~ok$`buBETK*lneC+G{8U>YKa!YBI>0O+5ut-(y9ryrD#T;Ln z|7UOFC8pU>JkEMR50<+vvy%+o>vf_VW;OKKo@_=2*ucJGjpLx66!?n+l{^HKN=$!4 z=5Vo2am0|mlKY}4`zx~h>Jv6=y|MvRyn@DD=*FOf-EyihhY z;n=wdk!4Nfz{_3#h*_6>z@tZ!ms1lS@R!cyJ@cEsap!dud-(mjJ zBDFl3`BqO?a-aAHx#0)ZoiFb<)eQ;VLx7|TZkt73d-l-@24ku97eE>>?WLN5Zk<&i zkRuv$A`;4r3!M=|6IOpI9Eiel99EI`(o7-7v%r?=LVB6%Y)Xwdw#Ai0uO9z81Bi6v zT&Szx!;HJ7+7jd9;sk@HKyvxJw3-7Tw(HAeEpyVaj%r0?vire;C=(Nq=kWPp8*XDu z9xaf!-}Z+owPS`Bj&b5ss?(h{LJ;UX<9x>yd5HS6T7%JS596W@LR3A)pVlYib_u^b z#CQK(w?%ffNakd-UzQvZ7O7DmX*=AxOh*qSuAB$|*s~a)J{bcd&4?o$lF_t*PNiek zV0i+w&>|Ev<>#BGywuS5*E;@rv0@vC=6Ew%wj4*71I!(LQwWk|0lAuEa`O<7Q5*eH zC+!<-2CGtZch3QM=}byoLHc;+Nn!87B+je>gIq8;0=&KlHWoTVkZ)uIPvOUk(dLks z<&WQ7$O88|4m17*Y|QYoJ4KciqPu_GE1~vM@%IM$E0YR!1`fu2G7uvdH~M|?UKgED z`SxfaEbN8U>p&PvhfoIEy)|M-CoOhkbu+{5D+4VgrrV_+m3%MEul2AXNwnfE0)-VR z9Zk3GQ^kW;(wwQZz{(3`l+#-=o*ZlBg9)79h2_KEvUCPjRt z**gqR^p5YRx7akB#4)nWE;O7Nf!{p;9I${t;D^ywVu_-&45l%yaqwZ1GSt?xl*wc=iJRyC0bOYtNh$_i z&hCi6j`Bt*N+%!f+x-Z>Jt4GE1QV}=CJ=2@5vhx=-~8QJ>>CY?RSF_KC_{Z)LbS_j zZR|$~<9eMYm88*XT$&DDhA4U&70K3YcT%z^FIuA3&8?~$I(q`EOdXTw!Aa;Of|63f z!cauO%&2*xy#q{>6^PrEM2{H;x@^L$4KV;<=|R9+%LaakE-dS_bPkX1Tv+TP3%-nr zLTfvd`#Fnwsay;#EoZ1hwFTnE6?&XH?yK*eo7(^mzHtvC{hsaQ+nXk8ZL*bRG$_i9 zP{hyuN=h!5!3K?hbu&`xICTwH3kUM|7LzI>gb==$2!Dx+J}>Z$mHZna4Y>tk#)#^G z&|1>(P~jN2KVoP&Y8^9M2b~I5@gJXSsRzWLHpdG=Fbnm%{f;i>s3lnmtcboy&6TXJ zKRl90yM=JIb7pew6OrJ&F-W2h`3mo*6l=i81F?O8cjD=zA zoxdTj5RF6#M&Tn{1wh3w`pdk0d`S70UfzczIgBE*pqcu~wb#zqYO%uZdFxDhaRa$` zEV_kC+y>Q}BnJ zoP5Au$j>UYl&hnb%{^oMs6-YB3ki_i2VD2sMIjEh+!s!7Cakt=@j;_s@)kbDZ>WUs zYg)+A1md#{X3Toh*-Py!^{P00y^S7Iw3;?U6Q24YrMu_z{$jFTb8ta$kxNE$y%hkM zOz2M-vX&dIET5UAq$9U@rZ$$hTv?hE&BI$kw2)_!gtSH_w2OrEDA_;RW%9; z(1~MIHo+aU97Hbh7Yi#=tsvsqAo1i7YBDP3z)z&7k$DvV;9`hD^r%OhMxyXe0B?JHP^o58=|o7-!)2?J4CmxD3bgs5t{jT$ zxxcds;LMa><(W5Kcc%?QIiII>`D)>42vRwut+$Kf>~?*X_qTw89i2Os{%L=47YoUI z)vpU0=a=)Gm>#GTtVgGD?v@mkH@V}<+<8SwJ(QwLyZX8~hH(>vQB6Z2#oKKk^6}^) z{{+p|r`^NQAm;K;j(SkmlbB4^;`QDY#ATzmeF>yhh_u(Xz;iT_80k;0=kMiT^(@L9 zztrt;1WHR*578Bb87ES;@l*3f5iQj;6k0d|Pz0flZ<(pRq}~jkEZN%w8w%*M$G4c* zo{5A?owZF;2F|Pi1rY07qiO5jk({h?CRc2q0b-WvW)Y2Dm-(qt&0M% zP5xUOJl6D$3e?lAHx6(1SO*Cpo)uC|qb0-F!7<#l;qh8(+B~(D7NN^Y-Np|bSs968 z^Ik&WG8<`=h{WjRpO%5qA46K$E-=8UR^IEjQX}n>-EScagZ#7Vc=8vly41adnnaw2 z_(HUf+hYWw-)bpPI56a}7AS;WLQZmYp_3lswL7$d>^o~p=xDLjxk+&MkzFC@FNN&a z10XscrZkIC>=>6&uy@ar4cEL#cEp(~q*Qj)_QD=|AzJUQAZ;D#q0B zy%YW7*Uyr4`5dwHuB7Ga9=UF{%`J8TCLe2b)>laMN}s`diS=KA#yTh*M=%u0i1M*g6J6Qu9TfdLfd zm{RiX@ljyfaJ2i#`u*&3X^SCYF9St2fXjS+IyXl{sW-xAOvpM~Z)QY@nW%1lm0l+o~kgFm3 z4v2)IREt*rXq(Ox-I;%=^XL}|*t9}ga7e!bc$dg%k^Yk$lmh~jKwZAA-&W6JkPk69$w)Xw9woNgXSSRVxcq;goC8m1LoaPwrP*bI1z6TAkDOD)w zWmz~7APX{lusGLa1{B(bzM+=uaCu~4k70BA+9b3qq_!~1!-yC6UA#4zCT1QKPB}&2 zvqR_C_HEa0Y@1s;du5e9&?qL=I`I^O>ti253)LC#diB7M##xQW2ouI zUsA{(Q=hrS?4Y)NSKlVKEJGT70+K z_bPf;(U)vAzS3y}Qy-*nZnP>9r7p=hD&(k0Hlz!6w46j=WxeNCUqJ(A+}D0ePAA|i zy}|N1w7y;bfPr}R)wu$FCD*2yRr41D)UN;^7aBz}l$Cpr^__|xzwj%}D-@SOwZYcl z)b%FK<5ALC*y1HBLudbkuzUY(g#i%XY@(7cnhctZkK0{a%lY=Kj}jmP*@5YBVx^|g z&w<0IiqV0Q%X&cJ%nVFYa$P`Lz#h3&Du)zLc+rF?IFl6@9PhgM>la;H2un&LWmj!J ze0jGdCpxY+!23zAw7B;U2es&F?$9Ws9@a{u5S-ypD`o@bgtYn0ixi}+lt<@N*_@WC z7g9B7EC_VpyE8-~sY|kF;xb=A;YBeLIr7x5M@u+(uK?5hT3JYMgQUW+wdu~7?Hj-z zpTBDf0H{C84OZBWbU#S(M`tI9tr1|^rW8ao5fjxph#Hoka@Dm;TE)(}!8Nx#?kbZw z3Z!4(x!l05<$40w(P>*yG#qQ&Fn~Rd2FA3U@(`1` z1jwD;%qp=8Af7@MpYR#;>Hg6GwD#-Y3P-Cving)Mf6lKl3;bO2M@N9oHdB^-pkk&4^de7epxm*=AWFb$)?s%;I60Oil1K_ zEpHEbyP1=T26J?WWBaXK$`BeqKdPM`y-iYtTaEeRRlr1+cQGksTmjPC~(=EcqCHE;lxE>{n;y<|nvH^;#I2CH<2<#&q(XW(Q z=NA_{G+U#R$0}q9$QnCn5jGmt7qwBmyr$uD9>1F#`z8q5Ft|%x2)*C%E;q8Ls_KaK z*4$BqhRzi#AmZvOc-qOmG0@>F5tyGfD%FARM%6vj2cjX*h+~?mu|Vnm48;`ZEHHW- zLGAY)fJl?T>V4Z*ak+D z4@(B#7i@ef|CH;7kXNPI1saC1kKWJlJ$oC^kn5JCHpm4;F)HjNvE}jWSJ$s~1 zGekVn?WKwT?EXbnE;H|-75i@`LVhv%egvn6HbxF^Q!}#!=&iEmDIpH(b1Vrre2%L@ z=?a8+X4uA1?2muz)|IFmfoU)#r7Mk_`Z8#Af2{d8y|n0`GJePZKfUz-_&nG{1T87J zE;>mJ3}0jCU{Oer*_$KGe{+1}e6&D{DFz!_JpX1RKUMXLAt-6GCMbxFt|k6WCH|)- zMB*9{B$m~nCHVi;0Vzqm2bu;)sF%q9XVd@dPqpDe0HP3qGm?RajbS1^o<*Z;WySCT zbCd9&jA|!2YF1V>z)iYanW8Z*E*XoafoErD&o5E=bJ2qXSzB9kJKwzI37T6lp}&l4mpXMf4Gc#C~DPc-se3G`DCp z0d^MuDf99U6KKE!4R>{s4<}Uy6cm_^gix!^)fO|2r3;1MUH_&r?TZ+s;GJd>uN(X~pS;u-y5V`%B$9yWE+qmXL&L&XC4V4x)Vtvp z7#wK&v*TfBww0;L`7lDgK!IU+EIw|gaux3UXczLW3*a0x|G*{##?uTCB~l$0M8bD8XCnw0gN4#A+(d>BtC zcdBzVt#sJ26j1udaDslIG2eeD^O;ROUy#4dD7?kiy?1r6h}TCRZZa0>TtL^a3y8u3 zrQYiTsWGydl@k*a$){%T-!ry+h>5}B;^vP0O_uTdVqbfHVIkCUS21Xh6R4V{6#s)W zm;C_I(V?Las9?H>nfWq^YE;Ak>odch2=1_&fT7whx3Fej?tzb!T5OMi%21hzj@(OC zRVen;*E8JhidUu2kFqbLZY0ycxH>uYMv`gwu*-R1P2LWSjNq@W#bg&@-79;Exi<~` zkUA#1xRqU|ydk@n+3tT(_Og|bfU|I?^0=Jz{J7e74~CZOS1F;ezsg!MX!?i?Y<6CU z$Kz2QSAJ7;b|?o-B}2@AETg$=X$fR(oRiGs$!IlOM)SP=;~MRv>kbNDGVP8v_WP0K zAQ?=ukk?k$=HVS3)Ek3wWacVa*v8F3^$!hDgOw}+h|BC#eLIk!_63J7Xst3PPfD&* z;+ZRus3jfp3RkuD_PiJP&PUJV_;w=J=f_qJj1$-6l^n|&LZE7p0|>@P)qk$-i`dmT zUHjEf>? zWL%%Fj9?9KfO2!iGQ(C7;?nZ#vkhw6BLwgOyb(hF4lvUi0_(3Ti3 zzk;;5(KKD|1Oky+RMn@CRLpXuodDG$wbrXRDqmCtZ^qR=-Cd!U>(%uZ%EF?q< zD6zA@9ivbq3gp~vB_SpC13n#+XV?A=R#ioK+z&*uvR%qkRXt(YI$20Z1Ys;f0nSFs1AC z=#f_KLxUck41Ci{A;nFMbKy@t6AJ>o>JlK=L7)w<{aig)U*=q2s&Ihqqyg|2QV?=z z5`Lr+eexhnb-@H$Z7qaF%<}Z1Q*ssAeoMbj$(GyZu@$NxjxockE)Y^{?|{|B?_25SmOM}P_?6y-JZMt&iJCA8$r|!7*R@Y zl&zB#fdXj7i!y`8;E_U&r9ag+Ps=~=#f8>-pHY+Z+Xf!3^@q)^i>fzDbDoQyg@Bla z7iN7}doKB}_ga9%C)=1_<)xR05h>Wjbb)r53|Qb*Gu4TDQn_)!ri8zjp3JwEVO~nU zKAA1jl~^2hbA6Ekdd!yYv64EHu6V8xYSH>TuNII|mKCHQmPHV=W6m*)2|CVy+6QF$ z4|2CHzE```b=*!ZwStDih0>^CQ0V9ndYZ_p-N%)=EIf|l^b)n)wL zdLZH>Cm?o}{fr0lGd=_b1r>w_zXA4er_&zRkrFNR-ej+cCr^o-2bEKKA+-UWA@z=f zCJPXHcY7=mk%g7b*+%xR_)`B0QyJ3<1RikIspQMS!52`!Q%4OR1@X$SXi$nxa=X?q zEgYnLy8jkvRpy-|w7n5tr<)IqjEs0~2VTuH?2Rq6YCw)nx5jpAy-wIRN6M~u(o6#C zj#f=)rzh{6Vp-2-XY<=G!)C1}zpdf_H8kYZ1G3?hkCZsM-P%8w99rOPSQjVQv{t}e7*b|&JS8_baovMqL#gN@mmas zFKMMziChLbmHHf@(*xlYK_>?fR$$j8bPVU4PZnabWq@ncd!$H>zFkSKW3?wiqcyTz zzwU#%QcCMf0!2loh2?b?DJ_6Dp?|8`n5bBSHv0yV+5#(|6nwS!6O*0SOYaM4*mE|9 zSj&vvxf=A*qVZOc1q8FOp>V;e7sKRL>0gxvX)3Zg`Om_vhAn=I`iUJR0HYmVg*+$K zDnrIDZa368%+&zR_FxDkue6~_T&~cLnkz@Ptv>-_HXU;bd|4vUYHl#$5 zut&sXOViuwp)aVZlL*(SW(GPsIfa7|BX=zHh~*=#Vu;xIV0Ng~tiz~vwc}BHg5ZJ( zzV_#5*X&s@hx3*G_Fuj=p_?@Z+%R$Y`BHoI>zJ&NgN18!*Ub^4AMflsz^*c|*6(XM zI)qI)+W_48>iJ{6*5{y^W#(;ac0LDbB6x<3ez)T-?2rn_69@0p zT}WfSTbmODB9YU8BhfoddGV4anct4CK@RM>kT|B^{duIp+pg`fldZ8Zq)Z556Wr!; z!~26rd^V#*e|3qvJ`=coa^C`XFN<1MFloW^p%(KuolI6270Ep2G2g7DUE<@*W zvG*Rh#H;m_E}+9|nY}ly57wotG+3AL!#Hr7)t=qjF-Jc@%od(!CI(J8aaY`*>oe*Y z4G00?zNKi6f4tkdBfOQeAu)i^Eu^>v1I~La= z#!VM7>r-jo+crp#4nbZ0Tgl8F69=?6;kPOT2)$~1_6GgUGi_}d63WZ9uqRL+^FHDQ zIcMVSzuwQHX~c^N?zpQYjFQ8Z?#y>-^{SBjoNqiAj)B?4aX#Y7@! z>XPzwPu&0V%pQ&uG@tfJ6>}p8xh+3yE3(xPj%o)GpyVPVZr z8=;Csk$@$z87MCY##q>N#+nIw>_53VYi<-yiUEQ`i+<~}FQ9q|!TS{SGwY+%8A^!M zqA(^iz9tB2YMta^4k=($`xYtdk)K*9>V3Kh+{F^4Nl8iB@6s*+Eb%(&h1o!n8Fq}q zbfE@%?Mg5Ekj83%$^#M-=8@t#*&g}5!N!z{p=jq~7PpWg-E|)x%YD_DkC5=4BNC4G zRi!O81nl*4PuiVDS8|~xJu&>uqV6zZAlF5P*Jdm}Zkn+k z{kUH1aY#RxL47101gpbJ3^PyWBMrUe#j%Mr8rkKX-?RDFa1BTI{?IwUa{RbTNV7qM z2WE##>MMZE?RzJ%abtfTdYV5ch2j-*C=m{HeGFSU6gi4wtQyR-NUlH$!I zCIf4~zlxfx#=uVpGJkm-opKgwm9m*L4(VW4-!6A*?2GvsF8k!VI6fKAT1Em{OoWFJ zmCUWd4_~UkM=S8kf+8vY2iP2ivd*G+PqZ}uGBje*B_C?BVDFo&In0lM^F+>wHouZx zTmv=FB9#n5=3Tms%gaUrpl6B#3cakior^3$d!U&72%_51*bi?sW0l$b6^d)JIv4tp zCYazUAcyF@G&+~uQ-wVhJ(_Lpc0dLbXAG}O$ZTf(gLnJ$#f z6LtG>c0a#bK@oU!Tz>cHs1~KnUL&*0*9_H6iCA3BQ`iPFD7SP}cHq;(M)UcKOmmx9 z;vnl1y%oF*zvS zcsJ~OlUHg=sjvOsaR(ZaN{kv1Fc@G2d1a5HKtgHQd`e=)(xgHyN8L0G@m?D5MCq1A zB_>NYfBR`b-5O9bn%z!6K(N54WPff9jzeuV7PZ1XPGYDu9U`Zx&JW@P{I6(kO-!IC zb!LD)LQ#mGuC^lhM_?QI*~p6nyTm9W{aGK_q9gB6lo)P&D}X_VU~uSB9wUR$J#KG; zz7%H8qNP5PwXqzGpIAqgj1#1g@Akv6o|OQi+sZ|H@YkQ)qBsK$P>(Xt?bX$l$#-oY zTlTA3ci>!oipWz;iw3M}#6~_ae>rW9*@1Yc2m9S1xhNwUwJX*Yf<*h6VoZso@a<6gUbDdthnvaL4tz^=L+wVq#`+@0B zvX;qf)jwq!p76vkFRf6>1*{@~l+GB0pqQAhgH~bTIEm+XGT^1oUAM-RoTO&TsR8Kf zTa9*p0q&vSA^umWW4e*#q7Rv)X_OpAOG0sJS}LtvP|+VffVq=4?rbw&XbTc!g@+0LnaCJozOf~b_4=JWjRY-b2A{|g^$Oj=f_)4NF zuys%i0dF@bFH7R6AXOCrIwr#|@jl!8HC#z%KUZ=DAl1Jl|5`v1Y*TMoioKGKK%wv6V&)qXMy@ zu=%Jt$HoH4I7YmZV#vPMJ$IYMLfY z2mbt#-xeSxBV#=kVd%IYUT&uFIm}&WwI}Iz3iX0y5}55G(Z=drW=&)cvt=GzF(RaI z_)z}NV7J^R(4e58wANLX)7mxFxpgz)F&i~nhfFw!cBT7VWx^xO!Xs?&N{@IyKXtY6V4u`y{)dV8oiTHAE7N=u@YH%y9fix(sNI`-S zq;M#AplpYR8y?wKK|oraq#1rE7=jbe2;;r*;A=tdQ7~^>tw2c|4l|G1vkE z`SZARzcJiw4=ZQ{3yTAYJ`#;sSKK@LB`9SD22~9ts7t^>GNhyaI669pks;n%s-Ik* z-bB6siw*0a`w`rd|H9+<^X1Mo3M%0$0Q4WdiGKD^!0EXsiZc-LMu#^>;VAuNGsvSf zY<$nfADleaK?)VXL=h&%|pzYEC7#t`Ljy=v+iIQt9L$o>HWGJWonG24=3~cfZ@rfW@pD65hM}a#> zvuhUxmcHSSxXqQ*ucB1TY-vL{?AgEVy)e4Kaza#AN)DTI0(w2Gg7o$qQxQ}>Wi0;i z;2@x~va%$$el%#L@s;s{A!9!w>*Z9;;ib>_we?(paLO_}aK z);o{$eZ0*v8~-5mQ(92RPJA}fA98aU`R)Eho>1^Fv^1{` z6jU&SvTgcF1PEz>$M&N?A`RBaSHZ4fD-Er7?KA@0LbUNpY}P2iL>1+CL;jXmiBM9}Rmo!mFU?ixBptzQJIDnk4rn!hYt% zIpsdtEu|<2JF*i+fyo_LAn5MVrVJi!@CGP&GVf*2&p%o2iFp9(f+uj;u){Lx`e0=Z zw3s_RCFKjFY?jsX@4*7CVkY1lr4D6n{B@T=WByZP8DhX?*bw|WD3p$u7ZnYg@aHD@ z%=i$W%Tt-9cAPfhXlGVRx_GCs=QmGjKeLlXzO=6}oe?KjT-MGt9c6E}d9lAver$By zwSUM8m@!jqdra_rY)*J6H?=IN`**%XBIzIn0*d z$T+8!>PFht7a8g_^3z{>X2ms86vKvjWfb46-^EY@1g}~&>Z8S7s3$4m{Vr3ln=8+6 zms0(fU8ak%yaDN+>4SAuC8)h#yorZtKZmqBuCK1%riU@R&BzwzGkKfLNKV~WWb9`K9 z2~&ey+sZL?aQTJTjpJad|19blfNa~6pN89wm3YP_I5C7510gwffSHX=aip{hyC2#8 zs^b4@q`0s>VIbA~0Kd4SWTVv~mid|CL+8N^V4 ztx~cnq7sOH{w>mnqVPimG-U4@c*Q_ANPEGfi=R9eeHi7#09zW&RUjE0CkBZx4(%6f z>5Fr2TVrisMZHY~d(uQmz*Zkl@GS!k6__M6@|D}>kwM%*Z~usbzbC`fdF_k;$Q^^E z6pyAo6p1e!h^Bp5%jijrUBZAz)^;CYH!|RJLX0}IrM?ydg;AKFN(w)Y!e=g`DGjwR z{Q#Q3GI$dJStDdsNBu`x@%#|Rsr#+fvgJUU`%`V4FbIiex2gi>8S_>YcF)LIH*n~; z#yqugBPd%yWn7@1i?s_-krt0)o$_`Xzbjg8=e*~$6{a0hblyO~k|yK!NkAbjn~0FG zb-^l#LT#G15a=o8lUcA!a>y!v%2Q{*O>0Bhy4^`bcO`;Qe3)~UmqppQ&z;E-Kk$Gd z{*}~gFD)-M;UP^_-w2k1W40{U`;hqP2)mopBCEZ&z~3@8-pNHqBpz)dL>Rv?F*nw!N9MQ)Tz3bUj))#}0 z1+0yzyA!a!I{_wEXjQ3LW6@V1blnS4A3E9^yR(hb;%WZ#NI3km{|{k=iZ@;%$_fP@ zUI4&r@5%Nb3fQSu!mK1aua*W3E$@~DIODq;XV5~f9{9YT`sN{gF5ew!(?&_FWmrl5 zan1ywsr9Q7ff|r(_-9*%XgxJU^qVF76Fr7zuM=xvih>umgGbWQT3JuCw-XN0(+q56 z)+PFk1#dGIy{;6#c@^T*&^gA>6DdpyZFc`gce z;>%d+YhqeaAM}w&tzTzETE$)!y%I?2(kfaSYCCe|*bD?2Xc5eAnomrv*1ujg?%)jQE=_GJzq(FAD(=Ae5Rz-mzt! z6a`3`4B!ztH@=yEiD!=NBH)S!pb}_1Fz)A~!436U4cc)5iu;>RC^OT~c;nm37j8SY zuJc5KZ&J6h8tR`?<5AH=>DFf(DOUT9o(c*I3DGgFhLGxi;dgrhd|N>^jSBEkR;=T~ zs@X>Imi%9#m@yPDJy`f{r%{2^>!9<8kc)YyTXABr-k3s1BGiR8Z=llzeMi zIoMD4zQrq95ikE4k^VWHFP=ARv}W!eug$5L-gnEG+%DIThirzDrs`mNz`te$s826x zR`M3j8GLM@3yw&y%_B8al*zP+q1$H%<9p3OpB!RcBbVJo_buEbxN zL6>b9#G-QVr++*HndHx{7InaWPVW2HjZe7BAyh7|iP)QH<%E54gqG%IZKyh98FV1(Ank|PxjG3@%^18^()^?f#Q#-e7G?;g=+5fJz$zh&v*JF`$xl2oiov$tY?Iw*ZJ^2pemq*UvV@b=R|$h>X3S{}*4M%K<_ zzl6!vIomK9b$MYX-!Fgt=XsWeTAG}Kr;5K%Iq{QWpS76|hbbyknK%Ai=SRa+WpjD$ z`|~#I$!Td^0euKjDE`4(5<|%)ZzY#+x>!d#J=OeWQMutIGto71V=EFf$&CEWn{xJD zh18sM(j0FozcBfa4#I$9N$J&*XHAo&p{h~!sL}BDp52gr?98E}mIymO9$xU)N+lO3k}*eVavJ!lNug z+59z7t+{>ile7W3QbhY2Cw7+ZXynnZu_pQKCI8l69tRneER*4Vv(O%Xj3m;il?OWu zJIOJBdpoQwh4>zRHaAZ!T$(2FD38UtXoy3G|B2bm(%oH(={)zf$f^}9kob}G?D>2n zilx5L(v{~09Zq$-l*Pu9=~!!~e-v7iZMx^p$n^`os<__b3+ayB%(f8{jBDYzX9n(9 zbKlzMnaIqt_zQUHumpJfdgneen#{Eka%`q}-c+UG1vv;4Nw?vbzd)C&uhd8zdEcx@ z5&Aj&XQVw@s`{`$8$C}S_Ya+!{jMO*NGK7!H2cNn=DtcDGO z>$AC7RS#>OSGpV+ptE9Tt$LhT&y3m^gK+;WZIv^Hd6Uh!SQhpG+|=pz=0PNd$U^{Q zs?*#m-Gs^@mIryfkXd}tAMSP}zcPw4^p?x&9Uf$3@+H!B*V3bll1uR2UcUgrKA>=RjH z1Ik#9;WmgO5leJhRLI2#MU|}ZPTi%P92Bb!f4fy5989?l#Hg%{U%o4v9nVo-dTA-g zh=91Txy1Jd7dC>nib2`WU%$pE^Elw6VHIJQvpI;^U_%?&B<#(;eap$OQe19*#pA$6 za6Me|Y&4`xDw1_slgavl@VnC&R)=}6;jFrUhx)Y_I}fyGTUp;EIok#;yIPKYR<|g} zP6!V)H~7{;tK7*-cKwQog-Q-CukYNI^2dLu$evfI`nB@4T$O<^EPF6r%BZ^2R%9_f zHo00c3#WwVvPf{YSgedqz$vTh9r;{V-)u)=55vRc9lAam?5ljEx6d?Ak3uhUOQoBC z7kYu>B;BU{Bm!A{$wvH51L;~q}1|XvydJ@6GC5SoPYdDrIyFVNfu^At)$E=T4 z!##ux){W3?ZqIR=nws=9%#lOnL^5yxX$>R&g)qkAm{p!k&r?x~y}xJp^(zPqK+&tQ zf_u9=uzn+kqbV4k@p>VP46~U|cPBZ=WD8N0@Gf+U*og6p_|c=nY9sr_XaWpGYAj~* zkYmKXZ>n1M7bFLt3PRt$b}${#KSe(99umi*@%;Bk}&ZTAlW7FCN zm6*eh#pxgQl)o`13n%nLDNd{0G&c%e4%za2_1h_DkG=%W7t(4Gr|)?kAP{M@`X zknv+o2{`UIgcIEzYUOW;iGay1ng2Jv_SO-}rk;bbz5PNwjII24Ufd>#1lT`3#GivN z?wg}(&P{n$>I+s^5U6_HQk#}P``o{esu>7Lan>smGqFB5Av3@P2@GHI%aceA&>pEi zZES>i01PE3r{N;2^gf$)fn+Q!2I~AtWqxBgKf~{@+&9gvn7K_`2ZxWq*ZzBtBQ+Lt zIp&qK^S24Kv|n481AMH{(&46G0SW*Yb_4>Ek*S*$k@uUC#}F4Uwne-W0h=8V)ex?t z0OnLQ>q;}l>uFiwA7A0$MG)843f|>8G;1bpS)rn8(nDuwXI};;02%W2Hi*{%73Oxi z7g0$T1Rf}smr8?Dj#Mv8kmI*Jjzbk~Mol)%+p`70#qwviCE#XWoU-G9{>|%*%F1eZ zs8CPlfs@Faooa%BbuKX_f!+;2W(*ICsFF4t!qY`4*8f%fz7KjkrH(+x-Y~ER=yeOB zh_}Yw+<4fD&Kyxf%)}g~_Ebll6xfNbQ{P~6JSJcj$ZE3@bLdV$5r%m4tP(31xNEJb zhBE$W3iW>AOaISrfg->eIOjiJ%R#$qBxV0gBT3A0_wR}_Ri7L-3V7`k6p=%=qJYeb zT3V+`le(DJ0B2R`nZdI3=J*Uk@qwV!g|CbW{9E!HfHl#ZHxEg=zT zlAsOxZx#N{qsgu9h27}KRDa;k%uGzi$UqvWlRtcdgsg%5c6#&-Ikfl$1WsUAu$`z? z8~J>Go^S#=BJORSi^t-C%Ev6fKa_Z76bM=CjU=mt={(&US6rtg|J$}EtE5D5DRpzP zWgYy18gEVe)hispd*I5+$t_M_E`*}V`kWxv*4M*;8YMjRl>s`qP{B&t2<`G49Bu%$ zr2Od@FK=ZIdia!)kqF@BK|g+o++n;R0K{bb%b-MUnSNu$UQz&;c%Znj^Hk3kqD+JYrL zk@a`M3E^ISX#z$gNf!kvDJknmn#{t?VwbLhMLOjl3f3)qQiUkAiZ$C?Lc|x#o15l-lu;TCC-e zh}~&-TTW0&c%@>@6W$k?AYfQD!Nd+NQVAc}?T?zZ3*^aH2^&PaxNZr7BiyDQZ%^Fh ze_|e${RNmGpd{sbr+vGgEw(>O{51odo~yG zY;f=tWBu+cYlWmM({!kRu2TTj9nozIc&AdXSx2rMOhu6GmOPyKnG2F((uReBEfSzx zxdt0ci+BCVSDqLiJ6aF(W7ZuV+Ukm|$8mkz# z_E*P3`jiq_q4lf4lU;8m#|zC5u))qlZ8@6hCLaR+u`wa_%s#om(Iiy%oXjvu$x5y= z>RM_~NDQueZ$k2pAa@?_B;oum4$yl>NRwSSEs0!L zBev`Njxg-i?TzKcb7+ikC5$yNhNqMMz7JNS{5N7Qy~u(!HB!D!Y+5M5EG25FMe&@t z^*MDWi!<>{Tr5;Dky(x_U0SYtgV@X}l-;JKN5pAp><$f@6}`%c_4bh}T?Hw9ERyt@ z->j-@fJHVMDbgZv3k-Zkb9v?5GR|VuhYOHtwYOBn04sQGC5z0$routaHMuQSZxzZS zd~ZC_+CNg!2j6@iZ4S@x(O~`vZ_1Gx$OoE`9qf8b5kbKQZA5!C#m97C{ipW#z}ECL z3!(r{i4ki4rkkneh6C!{=~OR33ws2%6?~s9hs}}B#pGCxr${!VOnhJ6Y6*<7U!fnL zyG}UXq#Md`H!Rkl{-(&4*<8vg*6XIfAx8yR?XI>w{5fBpN#|l{|gXBqp&NDsDf%$)8YR z*lC8>$=5uLA8vaQ(&b|?*2bs@|6JwYcpSp-j)+SKsuf5o#Gd6hNoMOaKvM+lkS!tD zBU5B7jZr~h|n=%Gh6E?6lKnCVc3;hzZQu#@Wy45!$ zQeY&Gin}{^-LF9J`YdxR+B#w%AZaG3aNo~UmY+|n$GMoW6W^uYxb(}853i~oTZ=SS z%Vb03KWy6|3g~Tt{CZC5D_fqe=5X-w<^Dc)t;Ytwm+RgK!$vO)-JsmJNi5I6<1}p3 z1r`4Nra+fnwt?5!!J*vuMGp4lr_5g!`}t@S)!r(Je9*2@ULIy2EaJw;%5aOb?MX~= zBcl^Sp~jn;t?XG7`NjQ(0S+64tC|Hdhk@$K%Ulf7AlM+bfZd<(GD$CT+gK7en;`0Z zzE`M^s1GrxXQo>{i|QUK6xqvPr-3>`u95<&-igyFCuno3e{dSo+$;_>4uJ?n9JJ;g z&gK}7M7g0ZNnQ7^&)%Sx04J=0C>U8F;mYtl8Z#j;0kYa!VzO|_(8t++w@oG#K{MW` z$q6vEw7uy%c!uyvtE;5r^@YcNzvT8@GtFM(8JBr~asc4%z$PBQaK`iH$zS2bEj^0(RDPV}y=KSKVi}Yy2cSP@pU&6}&Fa zsL;g8|CCd2L@si7U>M+CsS`u5bYAPwLp5hXsLu-2!V6pA#bN!#QP=1w8V)%s94P{$d)VlSs-V*te&j=S-v^sGA>`CiQ9&svF3vPDEBv~YTD0Zn0s2Ag_ovp! zj~hU_nmTS!?mE-*5)|HuPV7YfQSDx18v>m|!MpNcWQNY&PTn%CNpfW<7bZ9Qrdm9) zOp2{$sS+kv{pi+!1oaUuRQ=@nh|rfeb)e$X<5+86!v-ktYOi_)tdUH-cch*iRGGnD zYj0(d>P`HAR(=QOQZYy8a@;p1q0{)Z$6<`4VJBv@Sice_z!Z9170fOp!`(HYd3RndUj75m;a-#lctqGeQ5xVX4Dzp;T?B!K=G)e=WrT|M^vM%x$jxKX^w1!&oh6cXA# z@q>o$KyY?&>M zi;D|JwJg^ZvFptN32e|?zGk#d@gf}bBZZlr?QJOHP{EW!PE;!pGB>;YN#uS#bp>pt zG<01Fp-JOCHkxmBsBJgXq3tvFv%4EEgP46%v&kuOVXNSascAtzn29%Vg};uOBqrHP z5B;0l7M1-qStFQ3SEvSarXP@iy@3fGT*dB4Hr0$*)Nsq>K~GSo@3c?xvUCi6aapt@ zkF0a+sjo zroz&i-NA&);9yiWcaa|`7+8;_V(3nV=hVLbyZaC$siP6{BFugNzV$`}Jm6bOr)s2P zN;pb^nhq_VZH4|F#kkwR8hHso(8G>0B|;8?I$o?VO`N&N!pb-t1P*1Jv_)j3t+-Kn z#QZ43bh#12d;Sn9FRR!JXw!i_H=6-N{jITb^qKBYj{#Lf%aC(FHcsQwm_K0e22y7D zarpW99bKK3W=o8Aj~wpJ;&1?DocaAs|2 zAcWmFK2Xp6$kweq<8~Sn5Omvo#1{W7G=4<$4sK8PJ7v8%{tI0TEK@-yilTkRI3soGa34Z{Fh#g~%xkDh?S^|gQk(wS{D@bYXI1Bq2Y7MA|`Sx9<% z`Fg6zyY1F(p(BLfoIL{*Q&)B#1neiAPp!xx>4BrUHtw`gr4)WVa1$_7h}jmfSScz# zV$&&%_M@IA5{ce=v95(M?~|~WXS)&bVz?80*iE^^Iu}E-yj+i14-y6JuYIVF_p`b| z!KzT7>TZu32|?WHO{Qw>!!9-PLbE)s)@h*7d*8o*U*CT%({Src;JP<9`V^-#kP-LC zUu^BtR~$y)Kt1?EO#ScKoL{!x6t3gRCZx5)LXm2d4gq788T}NvGCvd$Ei$R;1Nzvf8sDtD^FY#%4U+ z>K7}$h?C|nhhJ|=ozHX1QP{Xcc$F;2RnRP`|a(^{^%$ozkt;TOKyY> zBG_j#4D|I|-wfugI~Di-px%TX8$wjoz(`aGfhZ$GByLMFy^DUDWFvS(;+L}iD8QaL1ALE$vLKXw|}3b@*jdbkbn=W)}I~$NVY0o zhK&Wz*>OBm+^VK^UVQ0u5>`(kr(F)~Hq zme{A@?op;C-JN)k`uIRfn4|BuxG zJvf2Lx4B@44&m&O;(&Hl@UEsp5&wGFfWz2z|JTjm3*tWxiaI|*W~P1NJBa8y2wX(~ zPra1>28xx=miEB5K(kLZ{0Up7sd0sPV1u{kzC$ekm+XN8n;882{}qJ-Re*ol5hxc2hHOGfwQIEFl3k}nqt*=}DA_-Q=a6v)CA_S$6keQf2(|!Ds-@j!mkj$au z1p6l^W>TI{GivO}Wy>sU{#+5R2j@~e3>Bb%l|@cNb8DXDXdU-d73ks*0^U4Ue3g#6 zF1dUBQF0d**z#Z93R?c0$f!w1r$0~H8h{^6xeq-E06<7fQuqM z!J_}~5#D#8ZWRDulipoAZT!Pa|MScA3_kg>Kx*~xne_jM5BAd!m0e7Tyt5E9 z&w$n$jVpVq2ss-F*&32MSi1uF}Wtj)%*bPq$Ed39qrFPM%&QD568S*P& zWG;Rc{%8>sbzNL0CMI-4Lql)#*Mk4!bidq#nVEsFS{W?C?o_?Ft(JdHO3VX(`)1$kS!VrWUs!DFLZ_V0;AU+%;$akl(- zKjiRyR(Sw@$uH; zX#*z0L8%Y@#eEb8CQkFa-HD=m~lYieq;R>pd^M>dAfov%iz`=zdiM%ISi`m9T1JnoM2XuaHA00NVYdx3f@MG>>Sbn1gjUa8o5qDI=Jxp!9P!o^i z{U*TrtDmSUP;lAlENBB&o z2L`33adL2$ej7nTFNr?GF)by3GN5hEwBrm4=5W@#?)igpx3r?1R3Y2gwA(#mRW_42 zI$TBs%zOqIbPj24*)l2vf;l(_^-l<{QL2NiVKem!VP0fG$y(%DkS!)?-FqCbvz_Rl z!hBBW^Jt3OmF^Lt%4YgMjw(3CTxJk+Gk{-4A@l?k}Rm zeEAamj!JLwhn11_FQWs{_D0aJJW~4dDi1cJ@e!uxwmv;ZSW>+;24|JTb;q5qb0?7u zeIM8_M#Z(*naD#b|KUwO`R`2ioB^`#UuRl^9B$H42%a znxAg=qXB5Hfr4s`cc#+n>O_HovhD@Z)SZ{NgbMKWZP>uA`e9(aGV_Nn0eD z2KPqF9>QwLODzw?iDNR|IZNKZM`=+`1=ibPgxi++!R2J-TExq}IX{2pH1SsVIbZtC zb)!PIu6WiUV71NgKC@pRIe1VF8$78uFMSGvwn;_3UB@rui!t4uxa#o;p6ep538%68 z`XCkN*UnCOlzb*A>wjH`mYvS6x8D-Fy=y`AKa7A|Gd4dhnW;j#NnrPEWNV}g~-rH^jscD>}b&}QOsI{J_aAtB+2EsfGYZV1~A z6JYPhL<)PK5`t6wkkuApa#})W;;KMYu9u-wk{r#vm z49%|Mwv7H8pXjw)Y2)4tvwhc7$>Z)HVG5B1e{C;a1jcSF$co1}@KruTwzt(9q&!nU zo@4Lmxk@H|%T>(@YYbDsKUqtp5_CCu=HyhWS3%8XfK5R1LJ}awk}+#baWLCpAI*3DajdyDaj+?Bz<)J{Ex5EAK}w$Q}6Cd_<|9*fj|(G>Ck)wY%d+a zS_-I&3BN?fW!LGVQ547X0pF50&95W7Vz%Gvcl*=Je9W@wr(Peg!7b9pc|z~p)MN%p zx;)-_wv6z-_OcwUPb-*P3F|(;*uvarH&P2*{KCBi%$5qg4zrq~C~i0J1wTB#)QtSC zCi+Z9U-fq9cw?AU#J=GRBa7iQ_SAQKUVo+9htqjILWw)S|=AxC?4aZ-cZduO!tc>zOwCaL@z)m7qE3Tq1l{(1g% zM}+j?Z@z993^3$!bMLVMxaGP#!reVbNlB?%00hmDKXZa+1Sr8(J_gm7(%GUKCK{oT3XaOB%fkZ0I}$wDm!}VIWP=5WR}K{0kzmE z&U}4j1K_@X_kc@QVn?s~TYSu>az~@*(w}0t+9B^WB%+cAu&}rz7_g}kiP7?(^Je5&Z{UqG~ z!+kHytoR*Z*_dRIn}160rX586Jt7IilkBY#bsM4;)L_bxLCNEU`f&slzj++UXH1SY zMbf@z^qx*Sv+HwN$ZrvgHbS}(n{oS$PhW%`LsSmB^f1RZutN_{YFQD_)Jct$DH($! z@+gUKYAI>XHWF!}M4PmW7no@c{H1p3^LQL~a!w6buU=6gv)U$4f+!Y;+8j@gZ*Z}F z??~D}Y29|ezkH|Lv$SJ0gXD#KYq$QdAE1Zbo}IG7eZ1X~-Q5}(LqJi@?Xmy#;FeiA zwH1s*2#5pRP@xogTV}Nqp`}!j!6mNa${~an+I)LM!S+{&&@a1M#iB12l2D|jnk$cU zbu=FhJy#kI%$2`1zNqSyKmZ<)?$oS`6lp!3Q}~3HEsm{08DUwqJ>#A-FLAD`rcIud za{CMA(aqaWUOwcV#vz9*kaw;=>|1XhgQSRdz>^$|y>VE$&g*T{t4!ofhO@TxzWE-e zRsmGH@RwG>%^GX=7?@W60S_+LSfJ@XV)&V%r>1LVGhc-59s_H9Pk)-&VFgf%6 zO2QHwo${q$-y2oy7v2O2PH;lmx1i^odNn#Cs%M*aR;?S0ewM^TSOdFZu<#T^Bxs`_-* zPh6+OAPa3)DTS}?TWD(<84uShh{CbGA94>ocl9fH!WFT^NJ}eOr@&g*ZPM-wkdci-n?!li)hi~*4 zX_u;s&o?UHeZWBgn&~%sDJcpKRWTb-sC*S<+I;ERrCIW(=CxvO*|}%Zxxv}4sMFf6 zC?%$7*m*E2Hx|EfixfcXC;{waa$IOu%zuYo-i`WJO8NejiHSU4`9pZ{p{>(vTUy|#VZ?I2`1xm8iD{E*3*So4(eZE#jhofts zBjT=vGooJl+24~SSj^1mBUq1ApGl}F%YTTnYhTpCa;241$QF2FRs13HRW_^$?VD?A z_vf-juVp1(>**&U*d*#5*)?PibM@He_+L#*ga2pwopg`0pl{>-$jkD=tHHs+i68DX zY&vBOv+suAtA)%`zjR(^L3v;Uhinx!51#nv{jo%fD3J~IFD#He0kbO4<{VIx%{9aO zqPBF}TFz?EJ%WRI32mx11Ii5I#W^4Ooy|z=MpKb_Qr(eLN?Y1=!c-|YgD0v-_3^2x zhv{DC<))|U*;!c#hdE!(Qa!X>`GhX#X}?>a=-^-vH6yH|9jX`KD>_L><(1_Ec8Wiv zYr26s@tBXPUq=4?sb`YIp1)PV*0{=-ayVQP$9=}iML{s|!CwwDk)Nn*&k2wK-njD@ z6choe(y@`Hk^28cb}$2c>7_={>hC}^)vNc8O#3t_WDZ9OPcEekrTs_=K$E=+hR1dH z{P_a@LmppjN{nh56|+jMWv<3rh6-LTX9Qq?IaTn#UjFs3KAH(k{sa#Z&NGRB_tF2k zcdh`RfOgPqA7UgX@v-Ot^Y$GYp?K#xk>jWM`2X{*Lp4E^+b_ge*qI0N zg*}?7g_Z^X9WVAgKoP|gza+kjAtyKgxi~%3r^K%xP{vNbDag(}%=W9|rbGW1DgscD zr+cWD8G)$mHRS@(oZ)c+q5nWk{()0iKm?WocYG?||Awx-03XUp<$s|qAi)E`c7zYR uCPBj0KVZw /tmp/checksum \ - && curl -Ls https://github.com/envoyproxy/misc/releases/download/jaegertracing-plugin/jaegertracing-plugin-centos.tar.gz \ - | tar zxf - -C /usr/local/lib \ - && mv /usr/local/lib/libjaegertracing.so.0.4.2 /usr/local/lib/libjaegertracing_plugin.so \ - && sha256sum -c /tmp/checksum \ - && rm /tmp/checksum - - -FROM envoy-base AS envoy-load-balancing -RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \ - --mount=type=cache,target=/var/lib/apt/lists,sharing=locked \ - apt-get -qq update -y \ - && apt-get -qq install --no-install-recommends -y python3 -COPY ./client.py /client.py -EXPOSE 8001 - - -FROM envoy-base AS envoy-double-proxy-base -COPY --chmod=777 ./certs/ca.crt /certs/cacert.pem - - -FROM envoy-double-proxy-base AS envoy-double-proxy-frontend -COPY --chmod=777 ./certs/postgres-frontend.example.com.crt /certs/clientcert.pem -COPY --chmod=777 ./certs/example.com.key /certs/clientkey.pem - - -FROM envoy-double-proxy-base AS envoy-double-proxy-backend -COPY --chmod=777 ./certs/postgres-backend.example.com.crt /certs/servercert.pem -COPY --chmod=777 ./certs/example.com.key /certs/serverkey.pem - - -FROM envoy-base AS envoy-certs -COPY --chmod=777 ./certs /certs - - -FROM envoy-base AS envoy-lua -ADD --chmod=777 ./lib/mylibrary.lua /lib/mylibrary.lua - - -FROM envoy-base AS envoy-go -ENV GODEBUG=cgocheck=0 -COPY --chmod=777 ./lib/simple.so /lib/simple.so - - -FROM envoy-base AS envoy-ext_authz -COPY --chmod=777 ./config /etc/envoy-config -COPY --chmod=777 ./run_envoy.sh /run_envoy.sh -CMD ["/bin/sh", "/run_envoy.sh"] - - -FROM envoy-base AS envoy-dynamic-fs -COPY --chmod=777 ./configs /var/lib/envoy - - -FROM envoy-base diff --git a/sandboxes/sandboxes/shared/fleetspeak-client/Dockerfile b/sandboxes/sandboxes/shared/fleetspeak-client/Dockerfile deleted file mode 100644 index 7c79a8f9..00000000 --- a/sandboxes/sandboxes/shared/fleetspeak-client/Dockerfile +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright 2025 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -FROM ghcr.io/google/fleetspeak:latest AS fleetspeakbin -FROM golang:1.22 AS builder - -RUN apt update && \ - apt install -y python3-venv && \ - apt install -y pip && \ - apt install -y git - -WORKDIR / - -SHELL ["/bin/bash", "-c"] - -RUN git clone https://github.com/google/fleetspeak.git && \ - cd fleetspeak && \ - python3 -m venv /venv/FSENV && \ - source /venv/FSENV/bin/activate && \ - pip install wheel pytest && \ - pip install -e ./fleetspeak_python[test] && \ - pip install -e ./frr_python - -COPY --from=fleetspeakbin /fleetspeak/bin/client /fleetspeak/bin/client diff --git a/sandboxes/sandboxes/shared/greeter/Dockerfile b/sandboxes/sandboxes/shared/greeter/Dockerfile deleted file mode 100644 index 674665d6..00000000 --- a/sandboxes/sandboxes/shared/greeter/Dockerfile +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright 2025 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -FROM golang:1.22 AS builder - -RUN apt update && \ - apt install -y python3-venv && \ - apt install -y pip && \ - apt install -y git - -WORKDIR / - -SHELL ["/bin/bash", "-c"] - -RUN git clone https://github.com/google/fleetspeak.git - -RUN cd /fleetspeak && \ - python3 -m venv /venv/FSENV && \ - source /venv/FSENV/bin/activate && \ - pip install wheel pytest && \ - pip install -e ./fleetspeak_python[test] && \ - pip install -e ./frr_python - -COPY greeter.py . diff --git a/sandboxes/sandboxes/shared/greeter/greeter.py b/sandboxes/sandboxes/shared/greeter/greeter.py deleted file mode 100644 index c0805719..00000000 --- a/sandboxes/sandboxes/shared/greeter/greeter.py +++ /dev/null @@ -1,60 +0,0 @@ -# Copyright 2023 Google Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -import binascii -import logging - -from absl import app -from absl import flags -from fleetspeak.server_connector.connector import InsecureGRPCServiceClient -from fleetspeak.src.common.proto.fleetspeak.common_pb2 import Message -from google.protobuf.wrappers_pb2 import StringValue - - -FLAGS = flags.FLAGS - -flags.DEFINE_string( - name="client_id", - default="", - help="An id of the client to send the messages to.", -) - - -def listener(message, context): - del context # Unused - - data = StringValue() - message.data.Unpack(data) - logging.info(f"RESPONSE: {data.value}") - - -def main(argv=None): - del argv # Unused. - - service_client = InsecureGRPCServiceClient("greeter") - service_client.Listen(listener) - - while True: - data = StringValue() - data.value = input("Enter your name: ") - - request = Message() - request.destination.client_id = binascii.unhexlify(FLAGS.client_id) - request.destination.service_name = "hello" - request.data.Pack(data) - - service_client.Send(request) - - -if __name__ == "__main__": - app.run(main)