From 6fba4f8570ae63994d5862efe464bcda5450d01a Mon Sep 17 00:00:00 2001 From: mzz2017 <2017@duck.com> Date: Mon, 23 Jan 2023 19:54:21 +0800 Subject: [PATCH] init --- .gitignore | 5 + LICENSE | 661 +++++++++ Makefile | 20 + README.md | 10 + common/assets/assets.go | 72 + common/consts/dialer.go | 19 + common/consts/ebpf.go | 89 ++ common/consts/routing.go | 16 + common/utils.go | 80 ++ component/control/control.go | 9 + component/control/control_plane.go | 376 +++++ component/control/dns.go | 163 +++ component/control/kern/tproxy.c | 1252 +++++++++++++++++ component/control/match.go | 41 + component/control/routing_matcher_builder.go | 133 ++ component/control/tcp.go | 94 ++ component/control/udp.go | 145 ++ component/control/udp_endpoint.go | 127 ++ component/control/utils.go | 46 + component/outbound/dialer/alive_dialer_set.go | 154 ++ component/outbound/dialer/context_dialer.go | 39 + component/outbound/dialer/dialer.go | 179 +++ component/outbound/dialer/direct.go | 76 + component/outbound/dialer/http/http.go | 138 ++ component/outbound/dialer/latencies_n.go | 61 + component/outbound/dialer/register.go | 53 + .../dialer/shadowsocks/shadowsocks.go | 279 ++++ .../dialer/shadowsocksr/shadowsocksr.go | 186 +++ component/outbound/dialer/socks/socks.go | 138 ++ .../dialer/transport/simpleobfs/http.go | 101 ++ .../dialer/transport/simpleobfs/simpleobfs.go | 83 ++ .../dialer/transport/simpleobfs/tls.go | 192 +++ .../outbound/dialer/transport/tls/tls.go | 62 + .../outbound/dialer/transport/ws/conn.go | 42 + component/outbound/dialer/transport/ws/ws.go | 67 + component/outbound/dialer/trojan/trojan.go | 232 +++ component/outbound/dialer/v2ray/v2ray.go | 402 ++++++ component/outbound/dialer_group.go | 125 ++ component/outbound/dialer_group_test.go | 183 +++ component/outbound/outbound.go | 19 + component/routing/error.go | 91 ++ component/routing/matcher_builder.go | 101 ++ component/routing/optimizer.go | 261 ++++ component/routing/routingA.go | 34 + component/routing/walker.go | 236 ++++ go.mod | 52 + go.sum | 254 ++++ insert.sh | 15 + logo.png | Bin 0 -> 573624 bytes main.go | 49 + pkg/geodata/common.pb.go | 801 +++++++++++ pkg/geodata/decode.go | 111 ++ pkg/geodata/geodata.go | 90 ++ pkg/logger/logger.go | 25 + pkg/pool/pool.go | 72 + 55 files changed, 8361 insertions(+) create mode 100644 .gitignore create mode 100644 LICENSE create mode 100644 Makefile create mode 100644 README.md create mode 100644 common/assets/assets.go create mode 100644 common/consts/dialer.go create mode 100644 common/consts/ebpf.go create mode 100644 common/consts/routing.go create mode 100644 common/utils.go create mode 100644 component/control/control.go create mode 100644 component/control/control_plane.go create mode 100644 component/control/dns.go create mode 100644 component/control/kern/tproxy.c create mode 100644 component/control/match.go create mode 100644 component/control/routing_matcher_builder.go create mode 100644 component/control/tcp.go create mode 100644 component/control/udp.go create mode 100644 component/control/udp_endpoint.go create mode 100644 component/control/utils.go create mode 100644 component/outbound/dialer/alive_dialer_set.go create mode 100644 component/outbound/dialer/context_dialer.go create mode 100644 component/outbound/dialer/dialer.go create mode 100644 component/outbound/dialer/direct.go create mode 100644 component/outbound/dialer/http/http.go create mode 100644 component/outbound/dialer/latencies_n.go create mode 100644 component/outbound/dialer/register.go create mode 100644 component/outbound/dialer/shadowsocks/shadowsocks.go create mode 100644 component/outbound/dialer/shadowsocksr/shadowsocksr.go create mode 100644 component/outbound/dialer/socks/socks.go create mode 100644 component/outbound/dialer/transport/simpleobfs/http.go create mode 100644 component/outbound/dialer/transport/simpleobfs/simpleobfs.go create mode 100644 component/outbound/dialer/transport/simpleobfs/tls.go create mode 100644 component/outbound/dialer/transport/tls/tls.go create mode 100644 component/outbound/dialer/transport/ws/conn.go create mode 100644 component/outbound/dialer/transport/ws/ws.go create mode 100644 component/outbound/dialer/trojan/trojan.go create mode 100644 component/outbound/dialer/v2ray/v2ray.go create mode 100644 component/outbound/dialer_group.go create mode 100644 component/outbound/dialer_group_test.go create mode 100644 component/outbound/outbound.go create mode 100644 component/routing/error.go create mode 100644 component/routing/matcher_builder.go create mode 100644 component/routing/optimizer.go create mode 100644 component/routing/routingA.go create mode 100644 component/routing/walker.go create mode 100644 go.mod create mode 100644 go.sum create mode 100755 insert.sh create mode 100644 logo.png create mode 100644 main.go create mode 100644 pkg/geodata/common.pb.go create mode 100644 pkg/geodata/decode.go create mode 100644 pkg/geodata/geodata.go create mode 100644 pkg/logger/logger.go create mode 100644 pkg/pool/pool.go diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..14dbd0c --- /dev/null +++ b/.gitignore @@ -0,0 +1,5 @@ +.vscode +.idea +*.o +bpf_bpfeb.go +bpf_bpfel.go diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..bae94e1 --- /dev/null +++ b/LICENSE @@ -0,0 +1,661 @@ + GNU AFFERO GENERAL PUBLIC LICENSE + Version 3, 19 November 2007 + + Copyright (C) 2007 Free Software Foundation, Inc. + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The GNU Affero General Public License is a free, copyleft license for +software and other kinds of works, specifically designed to ensure +cooperation with the community in the case of network server software. + + The licenses for most software and other practical works are designed +to take away your freedom to share and change the works. By contrast, +our General Public Licenses are intended to guarantee your freedom to +share and change all versions of a program--to make sure it remains free +software for all its users. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +them if you wish), that you receive source code or can get it if you +want it, that you can change the software or use pieces of it in new +free programs, and that you know you can do these things. + + Developers that use our General Public Licenses protect your rights +with two steps: (1) assert copyright on the software, and (2) offer +you this License which gives you legal permission to copy, distribute +and/or modify the software. + + A secondary benefit of defending all users' freedom is that +improvements made in alternate versions of the program, if they +receive widespread use, become available for other developers to +incorporate. Many developers of free software are heartened and +encouraged by the resulting cooperation. However, in the case of +software used on network servers, this result may fail to come about. +The GNU General Public License permits making a modified version and +letting the public access it on a server without ever releasing its +source code to the public. + + The GNU Affero General Public License is designed specifically to +ensure that, in such cases, the modified source code becomes available +to the community. It requires the operator of a network server to +provide the source code of the modified version running there to the +users of that server. Therefore, public use of a modified version, on +a publicly accessible server, gives the public access to the source +code of the modified version. + + An older license, called the Affero General Public License and +published by Affero, was designed to accomplish similar goals. This is +a different license, not a version of the Affero GPL, but Affero has +released a new version of the Affero GPL which permits relicensing under +this license. + + The precise terms and conditions for copying, distribution and +modification follow. + + TERMS AND CONDITIONS + + 0. Definitions. + + "This License" refers to version 3 of the GNU Affero General Public License. + + "Copyright" also means copyright-like laws that apply to other kinds of +works, such as semiconductor masks. + + "The Program" refers to any copyrightable work licensed under this +License. Each licensee is addressed as "you". "Licensees" and +"recipients" may be individuals or organizations. + + To "modify" a work means to copy from or adapt all or part of the work +in a fashion requiring copyright permission, other than the making of an +exact copy. The resulting work is called a "modified version" of the +earlier work or a work "based on" the earlier work. + + A "covered work" means either the unmodified Program or a work based +on the Program. + + To "propagate" a work means to do anything with it that, without +permission, would make you directly or secondarily liable for +infringement under applicable copyright law, except executing it on a +computer or modifying a private copy. Propagation includes copying, +distribution (with or without modification), making available to the +public, and in some countries other activities as well. + + To "convey" a work means any kind of propagation that enables other +parties to make or receive copies. Mere interaction with a user through +a computer network, with no transfer of a copy, is not conveying. + + An interactive user interface displays "Appropriate Legal Notices" +to the extent that it includes a convenient and prominently visible +feature that (1) displays an appropriate copyright notice, and (2) +tells the user that there is no warranty for the work (except to the +extent that warranties are provided), that licensees may convey the +work under this License, and how to view a copy of this License. If +the interface presents a list of user commands or options, such as a +menu, a prominent item in the list meets this criterion. + + 1. Source Code. + + The "source code" for a work means the preferred form of the work +for making modifications to it. "Object code" means any non-source +form of a work. + + A "Standard Interface" means an interface that either is an official +standard defined by a recognized standards body, or, in the case of +interfaces specified for a particular programming language, one that +is widely used among developers working in that language. + + The "System Libraries" of an executable work include anything, other +than the work as a whole, that (a) is included in the normal form of +packaging a Major Component, but which is not part of that Major +Component, and (b) serves only to enable use of the work with that +Major Component, or to implement a Standard Interface for which an +implementation is available to the public in source code form. A +"Major Component", in this context, means a major essential component +(kernel, window system, and so on) of the specific operating system +(if any) on which the executable work runs, or a compiler used to +produce the work, or an object code interpreter used to run it. + + The "Corresponding Source" for a work in object code form means all +the source code needed to generate, install, and (for an executable +work) run the object code and to modify the work, including scripts to +control those activities. However, it does not include the work's +System Libraries, or general-purpose tools or generally available free +programs which are used unmodified in performing those activities but +which are not part of the work. For example, Corresponding Source +includes interface definition files associated with source files for +the work, and the source code for shared libraries and dynamically +linked subprograms that the work is specifically designed to require, +such as by intimate data communication or control flow between those +subprograms and other parts of the work. + + The Corresponding Source need not include anything that users +can regenerate automatically from other parts of the Corresponding +Source. + + The Corresponding Source for a work in source code form is that +same work. + + 2. Basic Permissions. + + All rights granted under this License are granted for the term of +copyright on the Program, and are irrevocable provided the stated +conditions are met. This License explicitly affirms your unlimited +permission to run the unmodified Program. The output from running a +covered work is covered by this License only if the output, given its +content, constitutes a covered work. This License acknowledges your +rights of fair use or other equivalent, as provided by copyright law. + + You may make, run and propagate covered works that you do not +convey, without conditions so long as your license otherwise remains +in force. You may convey covered works to others for the sole purpose +of having them make modifications exclusively for you, or provide you +with facilities for running those works, provided that you comply with +the terms of this License in conveying all material for which you do +not control copyright. Those thus making or running the covered works +for you must do so exclusively on your behalf, under your direction +and control, on terms that prohibit them from making any copies of +your copyrighted material outside their relationship with you. + + Conveying under any other circumstances is permitted solely under +the conditions stated below. Sublicensing is not allowed; section 10 +makes it unnecessary. + + 3. Protecting Users' Legal Rights From Anti-Circumvention Law. + + No covered work shall be deemed part of an effective technological +measure under any applicable law fulfilling obligations under article +11 of the WIPO copyright treaty adopted on 20 December 1996, or +similar laws prohibiting or restricting circumvention of such +measures. + + When you convey a covered work, you waive any legal power to forbid +circumvention of technological measures to the extent such circumvention +is effected by exercising rights under this License with respect to +the covered work, and you disclaim any intention to limit operation or +modification of the work as a means of enforcing, against the work's +users, your or third parties' legal rights to forbid circumvention of +technological measures. + + 4. Conveying Verbatim Copies. + + You may convey verbatim copies of the Program's source code as you +receive it, in any medium, provided that you conspicuously and +appropriately publish on each copy an appropriate copyright notice; +keep intact all notices stating that this License and any +non-permissive terms added in accord with section 7 apply to the code; +keep intact all notices of the absence of any warranty; and give all +recipients a copy of this License along with the Program. + + You may charge any price or no price for each copy that you convey, +and you may offer support or warranty protection for a fee. + + 5. Conveying Modified Source Versions. + + You may convey a work based on the Program, or the modifications to +produce it from the Program, in the form of source code under the +terms of section 4, provided that you also meet all of these conditions: + + a) The work must carry prominent notices stating that you modified + it, and giving a relevant date. + + b) The work must carry prominent notices stating that it is + released under this License and any conditions added under section + 7. This requirement modifies the requirement in section 4 to + "keep intact all notices". + + c) You must license the entire work, as a whole, under this + License to anyone who comes into possession of a copy. This + License will therefore apply, along with any applicable section 7 + additional terms, to the whole of the work, and all its parts, + regardless of how they are packaged. This License gives no + permission to license the work in any other way, but it does not + invalidate such permission if you have separately received it. + + d) If the work has interactive user interfaces, each must display + Appropriate Legal Notices; however, if the Program has interactive + interfaces that do not display Appropriate Legal Notices, your + work need not make them do so. + + A compilation of a covered work with other separate and independent +works, which are not by their nature extensions of the covered work, +and which are not combined with it such as to form a larger program, +in or on a volume of a storage or distribution medium, is called an +"aggregate" if the compilation and its resulting copyright are not +used to limit the access or legal rights of the compilation's users +beyond what the individual works permit. Inclusion of a covered work +in an aggregate does not cause this License to apply to the other +parts of the aggregate. + + 6. Conveying Non-Source Forms. + + You may convey a covered work in object code form under the terms +of sections 4 and 5, provided that you also convey the +machine-readable Corresponding Source under the terms of this License, +in one of these ways: + + a) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by the + Corresponding Source fixed on a durable physical medium + customarily used for software interchange. + + b) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by a + written offer, valid for at least three years and valid for as + long as you offer spare parts or customer support for that product + model, to give anyone who possesses the object code either (1) a + copy of the Corresponding Source for all the software in the + product that is covered by this License, on a durable physical + medium customarily used for software interchange, for a price no + more than your reasonable cost of physically performing this + conveying of source, or (2) access to copy the + Corresponding Source from a network server at no charge. + + c) Convey individual copies of the object code with a copy of the + written offer to provide the Corresponding Source. This + alternative is allowed only occasionally and noncommercially, and + only if you received the object code with such an offer, in accord + with subsection 6b. + + d) Convey the object code by offering access from a designated + place (gratis or for a charge), and offer equivalent access to the + Corresponding Source in the same way through the same place at no + further charge. You need not require recipients to copy the + Corresponding Source along with the object code. If the place to + copy the object code is a network server, the Corresponding Source + may be on a different server (operated by you or a third party) + that supports equivalent copying facilities, provided you maintain + clear directions next to the object code saying where to find the + Corresponding Source. Regardless of what server hosts the + Corresponding Source, you remain obligated to ensure that it is + available for as long as needed to satisfy these requirements. + + e) Convey the object code using peer-to-peer transmission, provided + you inform other peers where the object code and Corresponding + Source of the work are being offered to the general public at no + charge under subsection 6d. + + A separable portion of the object code, whose source code is excluded +from the Corresponding Source as a System Library, need not be +included in conveying the object code work. + + A "User Product" is either (1) a "consumer product", which means any +tangible personal property which is normally used for personal, family, +or household purposes, or (2) anything designed or sold for incorporation +into a dwelling. In determining whether a product is a consumer product, +doubtful cases shall be resolved in favor of coverage. For a particular +product received by a particular user, "normally used" refers to a +typical or common use of that class of product, regardless of the status +of the particular user or of the way in which the particular user +actually uses, or expects or is expected to use, the product. A product +is a consumer product regardless of whether the product has substantial +commercial, industrial or non-consumer uses, unless such uses represent +the only significant mode of use of the product. + + "Installation Information" for a User Product means any methods, +procedures, authorization keys, or other information required to install +and execute modified versions of a covered work in that User Product from +a modified version of its Corresponding Source. The information must +suffice to ensure that the continued functioning of the modified object +code is in no case prevented or interfered with solely because +modification has been made. + + If you convey an object code work under this section in, or with, or +specifically for use in, a User Product, and the conveying occurs as +part of a transaction in which the right of possession and use of the +User Product is transferred to the recipient in perpetuity or for a +fixed term (regardless of how the transaction is characterized), the +Corresponding Source conveyed under this section must be accompanied +by the Installation Information. But this requirement does not apply +if neither you nor any third party retains the ability to install +modified object code on the User Product (for example, the work has +been installed in ROM). + + The requirement to provide Installation Information does not include a +requirement to continue to provide support service, warranty, or updates +for a work that has been modified or installed by the recipient, or for +the User Product in which it has been modified or installed. Access to a +network may be denied when the modification itself materially and +adversely affects the operation of the network or violates the rules and +protocols for communication across the network. + + Corresponding Source conveyed, and Installation Information provided, +in accord with this section must be in a format that is publicly +documented (and with an implementation available to the public in +source code form), and must require no special password or key for +unpacking, reading or copying. + + 7. Additional Terms. + + "Additional permissions" are terms that supplement the terms of this +License by making exceptions from one or more of its conditions. +Additional permissions that are applicable to the entire Program shall +be treated as though they were included in this License, to the extent +that they are valid under applicable law. If additional permissions +apply only to part of the Program, that part may be used separately +under those permissions, but the entire Program remains governed by +this License without regard to the additional permissions. + + When you convey a copy of a covered work, you may at your option +remove any additional permissions from that copy, or from any part of +it. (Additional permissions may be written to require their own +removal in certain cases when you modify the work.) You may place +additional permissions on material, added by you to a covered work, +for which you have or can give appropriate copyright permission. + + Notwithstanding any other provision of this License, for material you +add to a covered work, you may (if authorized by the copyright holders of +that material) supplement the terms of this License with terms: + + a) Disclaiming warranty or limiting liability differently from the + terms of sections 15 and 16 of this License; or + + b) Requiring preservation of specified reasonable legal notices or + author attributions in that material or in the Appropriate Legal + Notices displayed by works containing it; or + + c) Prohibiting misrepresentation of the origin of that material, or + requiring that modified versions of such material be marked in + reasonable ways as different from the original version; or + + d) Limiting the use for publicity purposes of names of licensors or + authors of the material; or + + e) Declining to grant rights under trademark law for use of some + trade names, trademarks, or service marks; or + + f) Requiring indemnification of licensors and authors of that + material by anyone who conveys the material (or modified versions of + it) with contractual assumptions of liability to the recipient, for + any liability that these contractual assumptions directly impose on + those licensors and authors. + + All other non-permissive additional terms are considered "further +restrictions" within the meaning of section 10. If the Program as you +received it, or any part of it, contains a notice stating that it is +governed by this License along with a term that is a further +restriction, you may remove that term. If a license document contains +a further restriction but permits relicensing or conveying under this +License, you may add to a covered work material governed by the terms +of that license document, provided that the further restriction does +not survive such relicensing or conveying. + + If you add terms to a covered work in accord with this section, you +must place, in the relevant source files, a statement of the +additional terms that apply to those files, or a notice indicating +where to find the applicable terms. + + Additional terms, permissive or non-permissive, may be stated in the +form of a separately written license, or stated as exceptions; +the above requirements apply either way. + + 8. Termination. + + You may not propagate or modify a covered work except as expressly +provided under this License. Any attempt otherwise to propagate or +modify it is void, and will automatically terminate your rights under +this License (including any patent licenses granted under the third +paragraph of section 11). + + However, if you cease all violation of this License, then your +license from a particular copyright holder is reinstated (a) +provisionally, unless and until the copyright holder explicitly and +finally terminates your license, and (b) permanently, if the copyright +holder fails to notify you of the violation by some reasonable means +prior to 60 days after the cessation. + + Moreover, your license from a particular copyright holder is +reinstated permanently if the copyright holder notifies you of the +violation by some reasonable means, this is the first time you have +received notice of violation of this License (for any work) from that +copyright holder, and you cure the violation prior to 30 days after +your receipt of the notice. + + Termination of your rights under this section does not terminate the +licenses of parties who have received copies or rights from you under +this License. If your rights have been terminated and not permanently +reinstated, you do not qualify to receive new licenses for the same +material under section 10. + + 9. Acceptance Not Required for Having Copies. + + You are not required to accept this License in order to receive or +run a copy of the Program. Ancillary propagation of a covered work +occurring solely as a consequence of using peer-to-peer transmission +to receive a copy likewise does not require acceptance. However, +nothing other than this License grants you permission to propagate or +modify any covered work. These actions infringe copyright if you do +not accept this License. Therefore, by modifying or propagating a +covered work, you indicate your acceptance of this License to do so. + + 10. Automatic Licensing of Downstream Recipients. + + Each time you convey a covered work, the recipient automatically +receives a license from the original licensors, to run, modify and +propagate that work, subject to this License. You are not responsible +for enforcing compliance by third parties with this License. + + An "entity transaction" is a transaction transferring control of an +organization, or substantially all assets of one, or subdividing an +organization, or merging organizations. If propagation of a covered +work results from an entity transaction, each party to that +transaction who receives a copy of the work also receives whatever +licenses to the work the party's predecessor in interest had or could +give under the previous paragraph, plus a right to possession of the +Corresponding Source of the work from the predecessor in interest, if +the predecessor has it or can get it with reasonable efforts. + + You may not impose any further restrictions on the exercise of the +rights granted or affirmed under this License. For example, you may +not impose a license fee, royalty, or other charge for exercise of +rights granted under this License, and you may not initiate litigation +(including a cross-claim or counterclaim in a lawsuit) alleging that +any patent claim is infringed by making, using, selling, offering for +sale, or importing the Program or any portion of it. + + 11. Patents. + + A "contributor" is a copyright holder who authorizes use under this +License of the Program or a work on which the Program is based. The +work thus licensed is called the contributor's "contributor version". + + A contributor's "essential patent claims" are all patent claims +owned or controlled by the contributor, whether already acquired or +hereafter acquired, that would be infringed by some manner, permitted +by this License, of making, using, or selling its contributor version, +but do not include claims that would be infringed only as a +consequence of further modification of the contributor version. For +purposes of this definition, "control" includes the right to grant +patent sublicenses in a manner consistent with the requirements of +this License. + + Each contributor grants you a non-exclusive, worldwide, royalty-free +patent license under the contributor's essential patent claims, to +make, use, sell, offer for sale, import and otherwise run, modify and +propagate the contents of its contributor version. + + In the following three paragraphs, a "patent license" is any express +agreement or commitment, however denominated, not to enforce a patent +(such as an express permission to practice a patent or covenant not to +sue for patent infringement). To "grant" such a patent license to a +party means to make such an agreement or commitment not to enforce a +patent against the party. + + If you convey a covered work, knowingly relying on a patent license, +and the Corresponding Source of the work is not available for anyone +to copy, free of charge and under the terms of this License, through a +publicly available network server or other readily accessible means, +then you must either (1) cause the Corresponding Source to be so +available, or (2) arrange to deprive yourself of the benefit of the +patent license for this particular work, or (3) arrange, in a manner +consistent with the requirements of this License, to extend the patent +license to downstream recipients. "Knowingly relying" means you have +actual knowledge that, but for the patent license, your conveying the +covered work in a country, or your recipient's use of the covered work +in a country, would infringe one or more identifiable patents in that +country that you have reason to believe are valid. + + If, pursuant to or in connection with a single transaction or +arrangement, you convey, or propagate by procuring conveyance of, a +covered work, and grant a patent license to some of the parties +receiving the covered work authorizing them to use, propagate, modify +or convey a specific copy of the covered work, then the patent license +you grant is automatically extended to all recipients of the covered +work and works based on it. + + A patent license is "discriminatory" if it does not include within +the scope of its coverage, prohibits the exercise of, or is +conditioned on the non-exercise of one or more of the rights that are +specifically granted under this License. You may not convey a covered +work if you are a party to an arrangement with a third party that is +in the business of distributing software, under which you make payment +to the third party based on the extent of your activity of conveying +the work, and under which the third party grants, to any of the +parties who would receive the covered work from you, a discriminatory +patent license (a) in connection with copies of the covered work +conveyed by you (or copies made from those copies), or (b) primarily +for and in connection with specific products or compilations that +contain the covered work, unless you entered into that arrangement, +or that patent license was granted, prior to 28 March 2007. + + Nothing in this License shall be construed as excluding or limiting +any implied license or other defenses to infringement that may +otherwise be available to you under applicable patent law. + + 12. No Surrender of Others' Freedom. + + If conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot convey a +covered work so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you may +not convey it at all. For example, if you agree to terms that obligate you +to collect a royalty for further conveying from those to whom you convey +the Program, the only way you could satisfy both those terms and this +License would be to refrain entirely from conveying the Program. + + 13. Remote Network Interaction; Use with the GNU General Public License. + + Notwithstanding any other provision of this License, if you modify the +Program, your modified version must prominently offer all users +interacting with it remotely through a computer network (if your version +supports such interaction) an opportunity to receive the Corresponding +Source of your version by providing access to the Corresponding Source +from a network server at no charge, through some standard or customary +means of facilitating copying of software. This Corresponding Source +shall include the Corresponding Source for any work covered by version 3 +of the GNU General Public License that is incorporated pursuant to the +following paragraph. + + Notwithstanding any other provision of this License, you have +permission to link or combine any covered work with a work licensed +under version 3 of the GNU General Public License into a single +combined work, and to convey the resulting work. The terms of this +License will continue to apply to the part which is the covered work, +but the work with which it is combined will remain governed by version +3 of the GNU General Public License. + + 14. Revised Versions of this License. + + The Free Software Foundation may publish revised and/or new versions of +the GNU Affero General Public License from time to time. Such new versions +will be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + + Each version is given a distinguishing version number. If the +Program specifies that a certain numbered version of the GNU Affero General +Public License "or any later version" applies to it, you have the +option of following the terms and conditions either of that numbered +version or of any later version published by the Free Software +Foundation. If the Program does not specify a version number of the +GNU Affero General Public License, you may choose any version ever published +by the Free Software Foundation. + + If the Program specifies that a proxy can decide which future +versions of the GNU Affero General Public License can be used, that proxy's +public statement of acceptance of a version permanently authorizes you +to choose that version for the Program. + + Later license versions may give you additional or different +permissions. However, no additional obligations are imposed on any +author or copyright holder as a result of your choosing to follow a +later version. + + 15. Disclaimer of Warranty. + + THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY +APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT +HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY +OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, +THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM +IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF +ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + + 16. Limitation of Liability. + + IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS +THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY +GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE +USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF +DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD +PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), +EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF +SUCH DAMAGES. + + 17. Interpretation of Sections 15 and 16. + + If the disclaimer of warranty and limitation of liability provided +above cannot be given local legal effect according to their terms, +reviewing courts shall apply local law that most closely approximates +an absolute waiver of all civil liability in connection with the +Program, unless a warranty or assumption of liability accompanies a +copy of the Program in return for a fee. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +state the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU Affero General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU Affero General Public License for more details. + + You should have received a copy of the GNU Affero General Public License + along with this program. If not, see . + +Also add information on how to contact you by electronic and paper mail. + + If your software can interact with users remotely through a computer +network, you should also make sure that it provides a way for users to +get its source. For example, if your program is a web application, its +interface could display a "Source" link that leads users to an archive +of the code. There are many ways you could offer source, and different +solutions will be better for different programs; see section 13 for the +specific requirements. + + You should also get your employer (if you work as a programmer) or school, +if any, to sign a "copyright disclaimer" for the program, if necessary. +For more information on this, and how to apply and follow the GNU AGPL, see +. \ No newline at end of file diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..49fec2a --- /dev/null +++ b/Makefile @@ -0,0 +1,20 @@ +# +# SPDX-License-Identifier: AGPL-3.0-only +# Copyright (c) since 2022, mzz2017 (mzz@tuta.io). All rights reserved. +# + +# The development version of clang is distributed as the 'clang' binary, +# while stable/released versions have a version number attached. +# Pin the default clang to a stable version. +CLANG ?= clang +STRIP ?= llvm-strip +CFLAGS := -O2 -g -Wall -Werror $(CFLAGS) + +.PHONY: generate + +# $BPF_CLANG is used in go:generate invocations. +generate: export BPF_CLANG := $(CLANG) +generate: export BPF_STRIP := $(STRIP) +generate: export BPF_CFLAGS := $(CFLAGS) +generate: + go generate ./component/control/... \ No newline at end of file diff --git a/README.md b/README.md new file mode 100644 index 0000000..6f1d87b --- /dev/null +++ b/README.md @@ -0,0 +1,10 @@ +# dae + +***dae***, means goose, is a lightweight and high-performance transparent proxy solution. + +In order to improve the traffic diversion performance as much as possible, dae runs the transparent proxy and traffic diversion suite in the linux kernel by eBPF. Therefore, we have the opportunity to make the direct traffic bypass the forwarding by proxy application and achieve true direct traffic through. Under such a magic trick, there is almost no performance loss and additional resource consumption for direct traffic. + +As a successor of [v2rayA](https://github.com/v2rayA/v2rayA), dae abandoned v2ray-core to meet the needs of users more freely. In the initial conception, dae will serve soft router users first, and may also serve desktop users later. + + + diff --git a/common/assets/assets.go b/common/assets/assets.go new file mode 100644 index 0000000..b915ce4 --- /dev/null +++ b/common/assets/assets.go @@ -0,0 +1,72 @@ +/* + * SPDX-License-Identifier: AGPL-3.0-only + * Copyright (c) since 2023, mzz2017 (mzz@tuta.io). All rights reserved. + */ + +package assets + +import ( + "errors" + "github.com/adrg/xdg" + "io/fs" + "os" + "path/filepath" + "runtime" +) + +func GetLocationAsset(filename string) (path string, err error) { + // FIXME: + folder := "xray" + location := os.Getenv("DAE_LOCATION_ASSET") + // check if DAE_LOCATION_ASSET is set + if location != "" { + // add DAE_LOCATION_ASSET to search path + searchPaths := []string{ + filepath.Join(location, filename), + } + // additional paths for non windows platforms + if runtime.GOOS != "windows" { + searchPaths = append( + searchPaths, + filepath.Join("/usr/local/share", folder, filename), + filepath.Join("/usr/share", folder, filename), + ) + } + for _, searchPath := range searchPaths { + if _, err = os.Stat(searchPath); err != nil && errors.Is(err, fs.ErrNotExist) { + continue + } + // return the first path that exists + return searchPath, nil + } + // or download asset into DAE_LOCATION_ASSET + return searchPaths[0], nil + } else { + if runtime.GOOS != "windows" { + // search XDG data directories on non windows platform + // symlink all assets into XDG_RUNTIME_DIR + relpath := filepath.Join(folder, filename) + fullpath, err := xdg.SearchDataFile(relpath) + if err != nil { + fullpath, err = xdg.DataFile(relpath) + if err != nil { + return "", err + } + } + runtimepath, err := xdg.RuntimeFile(filepath.Join(folder, filename)) + if err != nil { + return "", err + } + os.Remove(runtimepath) + err = os.Symlink(fullpath, runtimepath) + if err != nil { + return "", err + } + return fullpath, err + } else { + // fallback to the old behavior of using only config dir on Windows + // FIXME: conf.GetEnvironmentConfig().Config + return filepath.Join("./", filename), nil + } + } +} diff --git a/common/consts/dialer.go b/common/consts/dialer.go new file mode 100644 index 0000000..102944a --- /dev/null +++ b/common/consts/dialer.go @@ -0,0 +1,19 @@ +/* + * SPDX-License-Identifier: AGPL-3.0-only + * Copyright (c) since 2023, mzz2017 (mzz@tuta.io). All rights reserved. + */ + +package consts + +const ( + TestUrl = "https://connectivitycheck.gstatic.com/generate_204" +) + +type DialerSelectionPolicy string + +const ( + DialerSelectionPolicy_Random DialerSelectionPolicy = "random" + DialerSelectionPolicy_Fixed DialerSelectionPolicy = "fixed" + DialerSelectionPolicy_MinAverage10Latencies DialerSelectionPolicy = "min_avg10" + DialerSelectionPolicy_MinLastLatency DialerSelectionPolicy = "min" +) diff --git a/common/consts/ebpf.go b/common/consts/ebpf.go new file mode 100644 index 0000000..a69c17f --- /dev/null +++ b/common/consts/ebpf.go @@ -0,0 +1,89 @@ +/* + * SPDX-License-Identifier: AGPL-3.0-only + * Copyright (c) since 2022, mzz2017 (mzz@tuta.io). All rights reserved. + */ + +package consts + +const ( + AppName = "dae" + MaxInterfaceIpNum = 8 + BpfPinRoot = "/sys/fs/bpf" + + AddrHdrSize = 20 +) + +type ParamKey uint32 + +const ( + // Deprecated: + IpsLenKey ParamKey = iota + BigEndianTproxyPortKey + DisableL4TxChecksumKey + DisableL4RxChecksumKey + EpochKey + RoutingsLenKey +) + +type DisableL4ChecksumPolicy uint32 + +const ( + DisableL4ChecksumPolicy_EnableL4Checksum DisableL4ChecksumPolicy = iota + DisableL4ChecksumPolicy_Restore + DisableL4ChecksumPolicy_SetZero +) + +type RoutingType uint32 + +const ( + RoutingType_DomainSet RoutingType = iota + RoutingType_IpSet + RoutingType_SourceIpSet + RoutingType_Port + RoutingType_SourcePort + RoutingType_Network + RoutingType_IpVersion + RoutingType_Mac + RoutingType_Final +) + +type OutboundIndex uint8 + +const ( + OutboundDirect OutboundIndex = 0 + OutboundControlPlaneRoute OutboundIndex = 0xFE + OutboundLogicalAnd OutboundIndex = 0xFF +) + +func (i OutboundIndex) String() string { + switch i { + case OutboundDirect: + return "direct" + case OutboundControlPlaneRoute: + return "" + case OutboundLogicalAnd: + return "" + default: + return "" + } +} + +const ( + MaxRoutingLen = 96 +) + +type NetworkType uint8 + +const ( + NetworkType_TCP NetworkType = 1 + NetworkType_UDP NetworkType = 2 + NetworkType_TCP_UDP NetworkType = 3 +) + +type IpVersion uint8 + +const ( + IpVersion_4 IpVersion = 1 + IpVersion_6 IpVersion = 2 + IpVersion_X IpVersion = 3 +) diff --git a/common/consts/routing.go b/common/consts/routing.go new file mode 100644 index 0000000..42cc16a --- /dev/null +++ b/common/consts/routing.go @@ -0,0 +1,16 @@ +/* + * SPDX-License-Identifier: AGPL-3.0-only + * Copyright (c) since 2022, mzz2017 (mzz@tuta.io). All rights reserved. + */ + +package consts + +const ( + RoutingDomain_Full = "full" + RoutingDomain_Keyword = "keyword" + RoutingDomain_Suffix = "suffix" + RoutingDomain_Regex = "regex" + + Function_Domain = "domain" + Function_Ip = "ip" +) diff --git a/common/utils.go b/common/utils.go new file mode 100644 index 0000000..c864893 --- /dev/null +++ b/common/utils.go @@ -0,0 +1,80 @@ +/* + * SPDX-License-Identifier: AGPL-3.0-only + * Copyright (c) since 2022, mzz2017 (mzz@tuta.io). All rights reserved. + */ + +package common + +import ( + "encoding/base64" + "encoding/binary" + "net/url" + "strings" +) + +func CloneStrings(slice []string) []string { + c := make([]string, len(slice)) + copy(c, slice) + return c +} + +func ARangeU32(n uint32) []uint32 { + ret := make([]uint32, n) + for i := uint32(0); i < n; i++ { + ret[i] = i + } + return ret +} + +func Ipv6ByteSliceToUint32Array(_ip []byte) (ip [4]uint32) { + for j := 0; j < 16; j += 4 { + ip[j/4] = binary.LittleEndian.Uint32(_ip[j : j+4]) + } + return ip +} + +func Deduplicate(list []string) []string { + res := make([]string, 0, len(list)) + m := make(map[string]struct{}) + for _, v := range list { + if _, ok := m[v]; ok { + continue + } + m[v] = struct{}{} + res = append(res, v) + } + return res +} + +func Base64UrlDecode(s string) (string, error) { + s = strings.TrimSpace(s) + saver := s + if len(s)%4 > 0 { + s += strings.Repeat("=", 4-len(s)%4) + } + raw, err := base64.URLEncoding.DecodeString(s) + if err != nil { + return saver, err + } + return string(raw), nil +} + +func Base64StdDecode(s string) (string, error) { + s = strings.TrimSpace(s) + saver := s + if len(s)%4 > 0 { + s += strings.Repeat("=", 4-len(s)%4) + } + raw, err := base64.StdEncoding.DecodeString(s) + if err != nil { + return saver, err + } + return string(raw), nil +} + +func SetValue(values *url.Values, key string, value string) { + if value == "" { + return + } + values.Set(key, value) +} diff --git a/component/control/control.go b/component/control/control.go new file mode 100644 index 0000000..da5c89e --- /dev/null +++ b/component/control/control.go @@ -0,0 +1,9 @@ +/* + * SPDX-License-Identifier: AGPL-3.0-only + * Copyright (c) since 2022, mzz2017 (mzz@tuta.io). All rights reserved. + */ + +package control + +// $BPF_CLANG and $BPF_CFLAGS are set by the Makefile. +//go:generate go run github.com/cilium/ebpf/cmd/bpf2go -cc $BPF_CLANG -strip $BPF_STRIP -cflags $BPF_CFLAGS bpf kern/tproxy.c -- -I../headers diff --git a/component/control/control_plane.go b/component/control/control_plane.go new file mode 100644 index 0000000..1fbc202 --- /dev/null +++ b/component/control/control_plane.go @@ -0,0 +1,376 @@ +/* + * SPDX-License-Identifier: AGPL-3.0-only + * Copyright (c) since 2022, mzz2017 (mzz@tuta.io). All rights reserved. + */ + +package control + +import ( + "context" + "errors" + "fmt" + "foo/common" + "foo/common/consts" + "foo/component/outbound" + "foo/component/outbound/dialer" + "foo/component/routing" + "foo/pkg/pool" + "github.com/cilium/ebpf" + "github.com/cilium/ebpf/rlimit" + "github.com/sirupsen/logrus" + "github.com/vishvananda/netlink" + "golang.org/x/sys/unix" + "net" + "net/netip" + "os" + "path/filepath" + "strconv" + "strings" + "sync" +) + +type ControlPlane struct { + log *logrus.Logger + + // TODO: add mutex? + outbounds []*outbound.DialerGroup + outboundName2Id map[string]uint8 + bpf *bpfObjects + + SimulatedLpmTries [][]netip.Prefix + SimulatedDomainSet []DomainSet + Final string + + // mutex protects the dnsCache. + mutex sync.Mutex + dnsCache map[string]*dnsCache + epoch uint32 + + deferFuncs []func() error +} + +func NewControlPlane(log *logrus.Logger, routingA string) (*ControlPlane, error) { + // Allow the current process to lock memory for eBPF resources. + if err := rlimit.RemoveMemlock(); err != nil { + return nil, fmt.Errorf("rlimit.RemoveMemlock:%v", err) + } + pinPath := filepath.Join(consts.BpfPinRoot, consts.AppName) + os.MkdirAll(pinPath, 0755) + // Load pre-compiled programs and maps into the kernel. + var bpf bpfObjects +retry_load: + if err := loadBpfObjects(&bpf, &ebpf.CollectionOptions{ + Maps: ebpf.MapOptions{ + PinPath: pinPath, + }, + }); err != nil { + if errors.Is(err, ebpf.ErrMapIncompatible) { + prefix := "use pinned map " + iPrefix := strings.Index(err.Error(), prefix) + if iPrefix == -1 { + return nil, fmt.Errorf("loading objects: bad format: %w", err) + } + mapName := strings.SplitN(err.Error()[iPrefix+len(prefix):], ":", 2)[0] + _ = os.Remove(filepath.Join(pinPath, mapName)) + log.Warnf("New map format was incompatible with existing map %v, and the old one was removed.", mapName) + goto retry_load + } + return nil, fmt.Errorf("loading objects: %w", err) + } + + // Flush dst_map. + //_ = os.Remove(filepath.Join(pinPath, "dst_map")) + //if err := bpf.ParamMap.Update(consts.IpsLenKey, uint32(1), ebpf.UpdateAny); err != nil { + // return nil, err + //} + //if err := bpf.ParamMap.Update(consts.BigEndianTproxyPortKey, uint32(swap16(tproxyPort)), ebpf.UpdateAny); err != nil { + // return nil, err + //} + if err := bpf.ParamMap.Update(consts.DisableL4TxChecksumKey, consts.DisableL4ChecksumPolicy_SetZero, ebpf.UpdateAny); err != nil { + return nil, err + } + if err := bpf.ParamMap.Update(consts.DisableL4RxChecksumKey, consts.DisableL4ChecksumPolicy_SetZero, ebpf.UpdateAny); err != nil { + return nil, err + } + var epoch uint32 + bpf.ParamMap.Lookup(consts.EpochKey, &epoch) + epoch++ + if err := bpf.ParamMap.Update(consts.EpochKey, epoch, ebpf.UpdateAny); err != nil { + return nil, err + } + //if err := bpf.ParamMap.Update(consts.InterfaceIpParamOff, binary.LittleEndian.Uint32([]byte{172, 17, 0, 1}), ebpf.UpdateAny); err != nil { // 172.17.0.1 + // return nil, err + //} + //if err := bpf.ParamMap.Update(InterfaceIpParamOff+1, binary.LittleEndian.Uint32([]byte{10, 249, 40, 166}), ebpf.UpdateAny); err != nil { // 10.249.40.166 + // log.Println(err) + // return + //} + //if err := bpf.ParamMap.Update(InterfaceIpParamOff+2, binary.LittleEndian.Uint32([]byte{10, 250, 52, 180}), ebpf.UpdateAny); err != nil { // 10.250.52.180 + // log.Println(err) + // return + //} + + /**/ + + rules, final, err := routing.Parse(routingA) + if err != nil { + return nil, fmt.Errorf("routingA error: \n %w", err) + } + if rules, err = routing.ApplyRulesOptimizers(rules, + &routing.RefineFunctionParamKeyOptimizer{}, + &routing.DatReaderOptimizer{Logger: log}, + &routing.MergeAndSortRulesOptimizer{}, + &routing.DeduplicateParamsOptimizer{}, + ); err != nil { + return nil, fmt.Errorf("ApplyRulesOptimizers error: \n %w", err) + } + if log.IsLevelEnabled(logrus.TraceLevel) { + var debugBuilder strings.Builder + for _, rule := range rules { + debugBuilder.WriteString(rule.String(true)) + } + log.Tracef("RoutingA:\n%vfinal: %v\n", debugBuilder.String(), final) + } + // TODO: + d, err := dialer.NewFromLink("socks5://localhost:1080") + if err != nil { + return nil, err + } + outbounds := []*outbound.DialerGroup{ + outbound.NewDialerGroup(log, consts.OutboundDirect.String(), + []*dialer.Dialer{dialer.FullconeDirectDialer}, + outbound.DialerSelectionPolicy{ + Policy: consts.DialerSelectionPolicy_Fixed, + FixedIndex: 0, + }), + outbound.NewDialerGroup(log, "proxy", + []*dialer.Dialer{d}, + outbound.DialerSelectionPolicy{ + Policy: consts.DialerSelectionPolicy_MinAverage10Latencies, + }), + } + // Generate outboundName2Id from outbounds. + if len(outbounds) > 0xff { + return nil, fmt.Errorf("too many outbounds") + } + outboundName2Id := make(map[string]uint8) + for i, o := range outbounds { + outboundName2Id[o.Name] = uint8(i) + } + builder := NewRoutingMatcherBuilder(outboundName2Id, &bpf) + if err := routing.ApplyMatcherBuilder(builder, rules, final); err != nil { + return nil, fmt.Errorf("ApplyMatcherBuilder: %w", err) + } + if err := builder.Build(); err != nil { + return nil, fmt.Errorf("RoutingMatcherBuilder.Build: %w", err) + } + /**/ + + return &ControlPlane{ + log: log, + outbounds: outbounds, + outboundName2Id: outboundName2Id, + bpf: &bpf, + SimulatedLpmTries: builder.SimulatedLpmTries, + SimulatedDomainSet: builder.SimulatedDomainSet, + Final: final, + mutex: sync.Mutex{}, + dnsCache: make(map[string]*dnsCache), + epoch: epoch, + deferFuncs: []func() error{bpf.Close}, + }, nil +} + +func (c *ControlPlane) BindLink(ifname string) error { + link, err := netlink.LinkByName(ifname) + if err != nil { + return err + } + // Insert an elem into IfindexIpsMap. + // TODO: We should monitor IP change of the link. + ipnets, err := netlink.AddrList(link, netlink.FAMILY_ALL) + if err != nil { + return err + } + // TODO: If we monitor IP change of the link, we should remove code below. + if len(ipnets) == 0 { + return fmt.Errorf("interface %v has no ip", ifname) + } + var linkIp bpfIfIp + for _, ipnet := range ipnets { + ip, ok := netip.AddrFromSlice(ipnet.IP) + if !ok { + continue + } + if ip.IsLinkLocalUnicast() || ip.IsLinkLocalMulticast() { + continue + } + if (ip.Is6() && linkIp.HasIp6) || + (ip.Is4() && linkIp.HasIp4) { + continue + } + ip6format := ip.As16() + if ip.Is4() { + linkIp.HasIp4 = true + linkIp.Ip4 = common.Ipv6ByteSliceToUint32Array(ip6format[:]) + } else { + linkIp.HasIp6 = true + linkIp.Ip6 = common.Ipv6ByteSliceToUint32Array(ip6format[:]) + } + if linkIp.HasIp4 && linkIp.HasIp6 { + break + } + } + if err := c.bpf.IfindexIpMap.Update(uint32(link.Attrs().Index), linkIp, ebpf.UpdateAny); err != nil { + return fmt.Errorf("update IfindexIpsMap: %w", err) + } + + // Insert qdisc and filters. + qdisc := &netlink.GenericQdisc{ + QdiscAttrs: netlink.QdiscAttrs{ + LinkIndex: link.Attrs().Index, + Handle: netlink.MakeHandle(0xffff, 0), + Parent: netlink.HANDLE_CLSACT, + }, + QdiscType: "clsact", + } + if err := netlink.QdiscAdd(qdisc); err != nil { + if os.IsExist(err) { + _ = netlink.QdiscDel(qdisc) + err = netlink.QdiscAdd(qdisc) + } + + if err != nil { + return fmt.Errorf("cannot add clsact qdisc: %w", err) + } + } + c.deferFuncs = append(c.deferFuncs, func() error { + return netlink.QdiscDel(qdisc) + }) + + filter := &netlink.BpfFilter{ + FilterAttrs: netlink.FilterAttrs{ + LinkIndex: link.Attrs().Index, + Parent: netlink.HANDLE_MIN_INGRESS, + Handle: netlink.MakeHandle(0, 1), + Protocol: unix.ETH_P_ALL, + Priority: 0, + }, + Fd: c.bpf.bpfPrograms.TproxyIngress.FD(), + Name: consts.AppName + "_ingress", + DirectAction: true, + } + if err := netlink.FilterAdd(filter); err != nil { + return fmt.Errorf("cannot attach ebpf object to filter ingress: %w", err) + } + c.deferFuncs = append(c.deferFuncs, func() error { + return netlink.FilterDel(filter) + }) + filterEgress := &netlink.BpfFilter{ + FilterAttrs: netlink.FilterAttrs{ + LinkIndex: link.Attrs().Index, + Parent: netlink.HANDLE_MIN_EGRESS, + Handle: netlink.MakeHandle(0, 1), + Protocol: unix.ETH_P_ALL, + Priority: 0, + }, + Fd: c.bpf.bpfPrograms.TproxyEgress.FD(), + Name: consts.AppName + "_egress", + DirectAction: true, + } + if err := netlink.FilterAdd(filterEgress); err != nil { + return fmt.Errorf("cannot attach ebpf object to filter ingress: %w", err) + } + c.deferFuncs = append(c.deferFuncs, func() error { + return netlink.FilterDel(filter) + }) + return nil +} + +func (c *ControlPlane) ListenAndServe(port uint16) (err error) { + // Listen. + listener, err := net.Listen("tcp", "0.0.0.0:"+strconv.Itoa(int(port))) + if err != nil { + return fmt.Errorf("listenTCP: %w", err) + } + defer listener.Close() + lConn, err := net.ListenUDP("udp", &net.UDPAddr{ + IP: net.IP{0, 0, 0, 0}, + Port: int(port), + }) + if err != nil { + return fmt.Errorf("listenUDP: %w", err) + } + defer lConn.Close() + + // Serve. + if err := c.bpf.ParamMap.Update(consts.BigEndianTproxyPortKey, uint32(swap16(port)), ebpf.UpdateAny); err != nil { + return err + } + + ctx, cancel := context.WithCancel(context.Background()) + c.deferFuncs = append(c.deferFuncs, func() error { + cancel() + return nil + }) + go func() { + defer cancel() + for { + lconn, err := listener.Accept() + if err != nil { + if !strings.Contains(err.Error(), "use of closed network connection") { + c.log.Errorf("Error when accept: %v", err) + } + break + } + go func() { + if err := c.handleConn(lconn); err != nil { + c.log.Warnln("handleConn:", err) + } + }() + } + }() + go func() { + defer cancel() + for { + var buf [65536]byte + n, lAddrPort, err := lConn.ReadFromUDPAddrPort(buf[:]) + if err != nil { + if !strings.Contains(err.Error(), "use of closed network connection") { + c.log.Errorf("ReadFromUDPAddrPort: %v, %v", lAddrPort.String(), err) + } + break + } + addrHdr, dataOffset, err := ParseAddrHdr(buf[:n]) + if err != nil { + c.log.Warnf("No AddrPort presented") + continue + } + newBuf := pool.Get(n - dataOffset) + copy(newBuf, buf[dataOffset:n]) + go func(data []byte, lConn *net.UDPConn, lAddrPort netip.AddrPort, addrHdr *AddrHdr) { + if e := c.handlePkt(newBuf, lConn, lAddrPort, addrHdr); e != nil { + c.log.Warnln("handlePkt:", e) + } + pool.Put(newBuf) + }(newBuf, lConn, lAddrPort, addrHdr) + } + }() + <-ctx.Done() + return nil +} + +func (c *ControlPlane) Close() (err error) { + // Invoke defer funcs in reverse order. + for i := len(c.deferFuncs) - 1; i >= 0; i-- { + if e := c.deferFuncs[i](); e != nil { + // Combine errors. + if err != nil { + err = fmt.Errorf("%w; %v", err, e) + } else { + err = e + } + } + } + return err +} diff --git a/component/control/dns.go b/component/control/dns.go new file mode 100644 index 0000000..7112722 --- /dev/null +++ b/component/control/dns.go @@ -0,0 +1,163 @@ +/* + * SPDX-License-Identifier: AGPL-3.0-only + * Copyright (c) since 2023, mzz2017 (mzz@tuta.io). All rights reserved. + */ + +package control + +import ( + "fmt" + "foo/common" + "foo/common/consts" + "github.com/cilium/ebpf" + "golang.org/x/net/dns/dnsmessage" + "net/netip" + "strings" + "time" +) + +type dnsCache struct { + DomainBitmap [consts.MaxRoutingLen / 32]uint32 + Answers []dnsmessage.Resource + Deadline time.Time +} + +func (c *dnsCache) FillInto(req *dnsmessage.Message) { + req.Answers = c.Answers + req.RCode = dnsmessage.RCodeSuccess + req.Response = true + req.RecursionAvailable = true + req.Truncated = false +} + +// BatchUpdateDomainRouting update bpf map domain_routing. Since one IP may have multiple domains, this function should +// be invoked every A/AAAA-record lookup. +func (c *ControlPlane) BatchUpdateDomainRouting(cache *dnsCache) error { + // Parse ips from DNS resp answers. + var ips []netip.Addr + for _, ans := range cache.Answers { + switch ans.Header.Type { + case dnsmessage.TypeA: + ips = append(ips, netip.AddrFrom4(ans.Body.(*dnsmessage.AResource).A)) + case dnsmessage.TypeAAAA: + ips = append(ips, netip.AddrFrom16(ans.Body.(*dnsmessage.AAAAResource).AAAA)) + } + } + + // Update bpf map. + // Construct keys and vals, and BatchUpdate. + var keys [][4]uint32 + var vals []bpfDomainRouting + for _, ip := range ips { + ip6 := ip.As16() + keys = append(keys, common.Ipv6ByteSliceToUint32Array(ip6[:])) + vals = append(vals, bpfDomainRouting{ + Bitmap: cache.DomainBitmap, + Epoch: c.epoch, + }) + } + if _, err := c.bpf.DomainRoutingMap.BatchUpdate(keys, vals, &ebpf.BatchOptions{ + ElemFlags: uint64(ebpf.UpdateAny), + }); err != nil { + return err + } + return nil +} + +func (c *ControlPlane) LookupDnsRespCache(msg *dnsmessage.Message) (resp []byte) { + q := msg.Questions[0] + if msg.Response { + return nil + } + switch q.Type { + case dnsmessage.TypeA, dnsmessage.TypeAAAA: + default: + return nil + } + now := time.Now() + c.mutex.Lock() + cache, ok := c.dnsCache[strings.ToLower(q.Name.String())+q.Type.String()] + c.mutex.Unlock() + if ok && cache.Deadline.After(now) { + //c.log.Debugln("DNS cache hit:", q.Name, q.Type) + cache.FillInto(msg) + b, err := msg.Pack() + if err != nil { + return nil + } + if err = c.BatchUpdateDomainRouting(cache); err != nil { + c.log.Warnf("failed to BatchUpdateDomainRouting: %v", err) + return nil + } + return b + } + return nil +} + +// DnsRespHandler handle DNS resp. This function should be invoked when cache miss. +func (c *ControlPlane) DnsRespHandler(data []byte) (newData []byte, err error) { + var msg dnsmessage.Message + if err = msg.Unpack(data); err != nil { + return nil, fmt.Errorf("unpack dns pkt: %w", err) + } + + // Check healthy. + if !msg.Response || msg.RCode != dnsmessage.RCodeSuccess { + return data, nil + } + // Check req type. + q := msg.Questions[0] + switch q.Type { + case dnsmessage.TypeA, dnsmessage.TypeAAAA: + default: + return data, nil + } + + // Set ttl. + var ttl uint32 + for i := range msg.Answers { + if ttl == 0 { + ttl = msg.Answers[i].Header.TTL + } + // Set TTL = zero. This requests applications must resend every request. + // However, it may be not defined in the standard. + msg.Answers[i].Header.TTL = 0 + } + + // Check if there is any A/AAAA record. + var hasIpRecord bool + for i := range msg.Answers { + switch msg.Answers[i].Header.Type { + case dnsmessage.TypeA, dnsmessage.TypeAAAA: + hasIpRecord = true + } + } + if !hasIpRecord { + return msg.Pack() + } + + // Update dnsCache. + c.mutex.Lock() + fqdn := q.Name.String() + cacheKey := strings.ToLower(fqdn) + q.Type.String() + cache, ok := c.dnsCache[cacheKey] + if ok { + c.mutex.Unlock() + cache.Deadline = time.Now().Add(time.Duration(ttl) * time.Second) + cache.Answers = msg.Answers + } else { + cache = &dnsCache{ + DomainBitmap: c.MatchDomainBitmap(strings.TrimSuffix(fqdn, ".")), + Answers: msg.Answers, + Deadline: time.Now().Add(time.Duration(ttl) * time.Second), + } + c.dnsCache[cacheKey] = cache + c.mutex.Unlock() + } + if err = c.BatchUpdateDomainRouting(cache); err != nil { + return nil, fmt.Errorf("BatchUpdateDomainRouting: %w", err) + } + + // Pack to get newData. + return msg.Pack() +} diff --git a/component/control/kern/tproxy.c b/component/control/kern/tproxy.c new file mode 100644 index 0000000..dbb9298 --- /dev/null +++ b/component/control/kern/tproxy.c @@ -0,0 +1,1252 @@ +/* + * SPDX-License-Identifier: AGPL-3.0-only + * Copyright (c) since 2022, mzz2017 (mzz@tuta.io). All rights reserved. + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#include +#include +#include + +// #include "addr.h" + +// #define likely(x) x +// #define unlikely(x) x +#define likely(x) __builtin_expect((x), 1) +#define unlikely(x) __builtin_expect((x), 0) + +#define IPV6_BYTE_LENGTH 16 + +#define IPV4_CSUM_OFF (ETH_HLEN + offsetof(struct iphdr, check)) +#define IPV4_DST_OFF (ETH_HLEN + offsetof(struct iphdr, daddr)) +#define IPV4_SRC_OFF (ETH_HLEN + offsetof(struct iphdr, saddr)) +#define IPV6_DST_OFF (ETH_HLEN + offsetof(struct ipv6hdr, daddr)) +#define IPV6_SRC_OFF (ETH_HLEN + offsetof(struct ipv6hdr, saddr)) + +#define MAX_PARAM_LEN 16 +#define MAX_INTERFACE_NUM 128 +#define MAX_ROUTING_LEN 96 +#define MAX_LPM_SIZE 20480 +#define MAX_LPM_NUM (MAX_ROUTING_LEN + 8) +#define IPV6_MAX_EXTENSIONS 4 + +#define OUTBOUND_DIRECT 0 +#define OUTBOUND_CONTROL_PLANE_ROUTE 0xFE +#define OUTBOUND_LOGICAL_AND 0xFF + +enum { + DISABLE_L4_CHECKSUM_POLICY_ENABLE_L4_CHECKSUM, + DISABLE_L4_CHECKSUM_POLICY_RESTORE, + DISABLE_L4_CHECKSUM_POLICY_SET_ZERO, +}; +#define OUTBOUND_LOGICAL_AND 0xFF + +// Param keys: +static const __u32 ips_len_key __attribute__((unused, deprecated)) = 0; +static const __u32 tproxy_port_key = 1; +static const __u32 disable_l4_tx_checksum_key = 2; +static const __u32 disable_l4_rx_checksum_key = 3; +static const __u32 epoch_key __attribute__((unused, deprecated)) = 4; +static const __u32 routings_len_key __attribute__((unused, deprecated)) = 5; + +static __be32 unspecific_ipv6[4] __attribute__((__unused__)) = {0, 0, 0, 0}; + +struct ip_port { + __be32 ip[4]; + __be16 port; +}; + +struct ip_port_proto { + __be32 ip[4]; + __be16 port; + __u8 proto; +}; + +struct ip_port_outbound { + __be32 ip[4]; + __be16 port; + __u8 outbound; + __u8 unused; +}; + +/// TODO: 4-Way-Handshake can be initiated by any party, +/// and remove them from the dst_map by conntrack. +// Dest map: +struct { + __uint(type, BPF_MAP_TYPE_LRU_HASH); + __type(key, + struct ip_port_proto); // As TCP client side [SYN, !ACK], + // (source ip, source port, tcp) is + // enough for identifier. And UDP client + // side does not care it (full-cone). + __type(value, struct ip_port_outbound); // Original target. + __uint(max_entries, 0xFF << 2); + /// NOTICE: It MUST be pinned. + __uint(pinning, LIBBPF_PIN_BY_NAME); +} dst_map SEC(".maps"); + +// Params: +struct { + __uint(type, BPF_MAP_TYPE_ARRAY); + __type(key, __u32); + __type(value, __u32); + __uint(max_entries, MAX_PARAM_LEN); + __uint(pinning, LIBBPF_PIN_BY_NAME); +} param_map SEC(".maps"); + +// Interface Ips: +struct if_ip { + __be32 ip4[4]; + __be32 ip6[4]; + bool hasIp4; + bool hasIp6; +}; +struct { + __uint(type, BPF_MAP_TYPE_HASH); + __type(key, __u32); // ifindex + __type(value, struct if_ip); // ip + __uint(max_entries, MAX_INTERFACE_NUM); + /// NOTICE: No persistence. + // __uint(pinning, LIBBPF_PIN_BY_NAME); +} ifindex_ip_map SEC(".maps"); + +// Array of LPM tries: +struct lpm_key { + struct bpf_lpm_trie_key trie_key; + __be32 data[4]; +}; +struct map_lpm_type { + __uint(type, BPF_MAP_TYPE_LPM_TRIE); + __uint(map_flags, BPF_F_NO_PREALLOC); + __uint(max_entries, MAX_LPM_SIZE); + __uint(key_size, sizeof(struct lpm_key)); + __uint(value_size, sizeof(__u32)); +} unused_lpm_type SEC(".maps"); +struct { + __uint(type, BPF_MAP_TYPE_ARRAY_OF_MAPS); + __uint(key_size, sizeof(__u32)); + __uint(max_entries, MAX_LPM_NUM); + __uint(pinning, LIBBPF_PIN_BY_NAME); + __array(values, struct map_lpm_type); +} lpm_array_map SEC(".maps"); + +// Array of routing: +enum __attribute__((__packed__)) ROUTING_TYPE { + /// WARNING: MUST SYNC WITH common/consts/ebpf.go. + ROUTING_TYPE_DOMAIN_SET, + ROUTING_TYPE_IP_SET, + ROUTING_TYPE_SOURCE_IP_SET, + ROUTING_TYPE_PORT, + ROUTING_TYPE_SOURCE_PORT, + ROUTING_TYPE_NETWORK, + ROUTING_TYPE_IPVERSION, + ROUTING_TYPE_MAC, + ROUTING_TYPE_FINAL, +}; +enum __attribute__((__packed__)) NETWORK_TYPE { + NETWORK_TYPE_TCP = 1, + NETWORK_TYPE_UDP = 2, + NETWORK_TYPE_TCP_UDP = 3, +}; +enum __attribute__((__packed__)) IP_VERSION { + IPVERSION_4 = 1, + IPVERSION_6 = 2, + IPVERSION_X = 3, +}; +struct port_range { + __u16 port_start; + __u16 port_end; +}; +struct routing { + union { + __u32 __value; // Placeholder for bpf2go. + + __u32 index; + struct port_range port_range; + enum NETWORK_TYPE network_type; + enum IP_VERSION ip_version; + }; + enum ROUTING_TYPE type; + __u8 outbound; // 255 means logical AND. 254 means dirty. User-defined value + // range is [0, 253]. +}; +struct { + __uint(type, BPF_MAP_TYPE_ARRAY); + __type(key, __u32); + __type(value, struct routing); + __uint(max_entries, MAX_ROUTING_LEN); + __uint(pinning, LIBBPF_PIN_BY_NAME); +} routing_map SEC(".maps"); + +struct domain_routing { + __u32 bitmap[MAX_ROUTING_LEN / 32]; + /// DEPRECATED: Epoch is the epoch at the write time. Every time the control + /// plane restarts, epoch += 1. It was deprecated because long connection will + /// keep their states by persistent dst_map (we only need to know if it is a + /// old connection). + __u32 epoch; +}; +struct { + __uint(type, BPF_MAP_TYPE_LRU_HASH); + __type(key, __be32[4]); + __type(value, struct domain_routing); + __uint(max_entries, 65535); + // __uint(pinning, LIBBPF_PIN_BY_NAME); +} domain_routing_map SEC(".maps"); + +// Functions: + +static __always_inline bool equal_ipv6(__be32 x[4], __be32 y[4]) { +#if __clang_major__ >= 10 + return ((__be64 *)x)[0] == ((__be64 *)y)[0] && + ((__be64 *)x)[1] == ((__be64 *)y)[1]; +#else + return __builtin_bcmp(x, y, IPV6_BYTE_LENGTH) == 0; +#endif +} + +static __always_inline __u32 l4_checksum_rel_off(__u8 proto) { + switch (proto) { + case IPPROTO_TCP: + return offsetof(struct tcphdr, check); + + case IPPROTO_UDP: + return offsetof(struct udphdr, check); + } + return 0; +} + +static __always_inline __u32 l4_checksum_off(__u8 proto, __u8 ihl) { + return ETH_HLEN + ihl * 4 + l4_checksum_rel_off(proto); +} + +static __always_inline long rewrite_ip(struct __sk_buff *skb, bool is_ipv6, + __u8 proto, __u8 ihl, __be32 old_ip[4], + __be32 new_ip[4], bool is_dest) { + // Nothing to do. + if (equal_ipv6(old_ip, new_ip)) { + return 0; + } + // bpf_printk("%pI6->%pI6", old_ip, new_ip); + + __u32 l4_cksm_off = l4_checksum_off(proto, ihl); + long ret; + // BPF_F_PSEUDO_HDR indicates the part we want to modify is part of the + // pseudo header. + __u32 l4flags = BPF_F_PSEUDO_HDR; + if (proto == IPPROTO_UDP) { + l4flags |= BPF_F_MARK_MANGLED_0; + } + + if (!is_ipv6) { + __be32 _old_ip = old_ip[3]; + __be32 _new_ip = new_ip[3]; + + if ((ret = bpf_l4_csum_replace(skb, l4_cksm_off, _old_ip, _new_ip, + l4flags | sizeof(_new_ip)))) { + bpf_printk("bpf_l4_csum_replace: %ld", ret); + return ret; + } + + if ((ret = bpf_l3_csum_replace(skb, IPV4_CSUM_OFF, _old_ip, _new_ip, + sizeof(_new_ip)))) { + return ret; + } + bpf_printk("%pI4 -> %pI4", &_old_ip, &_new_ip); + + ret = bpf_skb_store_bytes(skb, is_dest ? IPV4_DST_OFF : IPV4_SRC_OFF, + &_new_ip, sizeof(_new_ip), 0); + if (ret) { + bpf_printk("bpf_skb_store_bytes: %ld", ret); + return ret; + } + } else { + __s64 cksm = + bpf_csum_diff(new_ip, IPV6_BYTE_LENGTH, old_ip, IPV6_BYTE_LENGTH, 0); + if ((ret = bpf_l4_csum_replace(skb, l4_cksm_off, 0, cksm, l4flags))) { + bpf_printk("bpf_l4_csum_replace: %ld", ret); + return ret; + } + bpf_printk("%pI6 -> %pI6", old_ip, new_ip); + + ret = bpf_skb_store_bytes(skb, is_dest ? IPV6_DST_OFF : IPV6_SRC_OFF, + new_ip, IPV6_BYTE_LENGTH, 0); + if (ret) { + bpf_printk("bpf_skb_store_bytes: %ld", ret); + return ret; + } + } + + return 0; +} + +static __always_inline long rewrite_port(struct __sk_buff *skb, __u8 proto, + __u8 ihl, __be16 old_port, + __be16 new_port, bool is_dest) { + // Nothing to do. + if (old_port == new_port) { + return 0; + } + __u32 cksm_off = l4_checksum_off(proto, ihl), port_off = ETH_HLEN + ihl * 4; + if (!cksm_off) { + return -EINVAL; + } + __u32 l4flags = 0; + switch (proto) { + case IPPROTO_TCP: + if (is_dest) { + port_off += offsetof(struct tcphdr, dest); + } else { + port_off += offsetof(struct tcphdr, source); + } + break; + + case IPPROTO_UDP: + if (is_dest) { + port_off += offsetof(struct udphdr, dest); + } else { + port_off += offsetof(struct udphdr, source); + } + l4flags |= BPF_F_MARK_MANGLED_0; + break; + } + + // bpf_printk("%u -> %u", bpf_ntohs(old_port), bpf_ntohs(new_port)); + + long ret; + if ((ret = bpf_l4_csum_replace(skb, cksm_off, old_port, new_port, + l4flags | sizeof(new_port)))) { + bpf_printk("bpf_l4_csum_replace: %ld", ret); + return ret; + } + ret = bpf_skb_store_bytes(skb, port_off, &new_port, sizeof(new_port), 0); + + if (ret) { + return ret; + } + + return 0; +} + +static __always_inline long +handle_ipv6_extensions(void *data, void *data_end, __u8 hdr, + struct tcphdr **tcph, struct udphdr **udph, __u8 *ihl) { + __u8 hdr_length = 0; + __u8 nexthdr; + *ihl = sizeof(struct ipv6hdr) / 4; + // We only process TCP and UDP traffic. + + // #pragma unroll + for (int i = 0; i < IPV6_MAX_EXTENSIONS; i++, + data = (__u8 *)data + hdr_length, hdr = nexthdr, + *ihl += hdr_length / 4) { + if (hdr_length % 4) { + bpf_printk("IPv6 extension length is not multiples of 4"); + return 1; + } + switch (hdr) { + case IPPROTO_HOPOPTS: + case IPPROTO_ROUTING: + case IPPROTO_FRAGMENT: + if (hdr == IPPROTO_FRAGMENT) { + hdr_length = 4; + } else { + if ((void *)((__u8 *)data + 2) > data_end) { + bpf_printk("not a valid IPv6 packet"); + return -EFAULT; + } + hdr_length = *((__u8 *)data + 1); + } + if ((void *)((__u8 *)data + hdr_length) > data_end) { + bpf_printk("not a valid IPv6 packet"); + return -EFAULT; + } + nexthdr = *(__u8 *)data; + break; + case IPPROTO_TCP: + // Upper layer; + // Skip ipv4hdr and options to get tcphdr. + *tcph = (struct tcphdr *)data; + // Should be complete tcphdr. + if ((void *)(*tcph + 1) > data_end) { + bpf_printk("not a valid TCP packet"); + return -EFAULT; + } + return 0; + case IPPROTO_UDP: + // Upper layer; + // Skip ipv4hdr and options to get tcphdr. + *udph = (struct udphdr *)data; + // Should be complete udphdr. + if ((void *)(*udph + 1) > data_end) { + bpf_printk("not a valid UDP packet"); + return -EFAULT; + } + return 0; + case IPPROTO_ICMPV6: + // Upper layer; + case IPPROTO_NONE: + // No more extension. + return 1; + default: + // Unsupported ipv6 extention header; + bpf_printk("unsupported protocol: %u", hdr); + return 1; + } + } + bpf_printk("exceeds IPV6_MAX_EXTENSIONS limit"); + return 1; +} + +static __always_inline long +parse_transport(struct __sk_buff *skb, struct ethhdr **ethh, struct iphdr **iph, + struct ipv6hdr **ipv6h, struct tcphdr **tcph, + struct udphdr **udph, __u8 *ihl) { + + void *data_end = (void *)(unsigned long)skb->data_end; + void *data = (void *)(unsigned long)skb->data; + struct ethhdr *eth = data; + + if (unlikely((void *)(eth + 1) > data_end)) { + bpf_printk("not ethernet packet"); + return 1; + } + + *ethh = eth; + *iph = NULL; + *ipv6h = NULL; + *tcph = NULL; + *udph = NULL; + // bpf_printk("parse_transport: h_proto: %u ? %u %u", eth->h_proto, + // bpf_htons(ETH_P_IP), bpf_htons(ETH_P_IPV6)); + if (eth->h_proto == bpf_htons(ETH_P_IP)) { + // eth + 1: skip eth hdr. + *iph = (struct iphdr *)(eth + 1); + if (unlikely((void *)(*iph + 1) > data_end)) { + return -EFAULT; + } + // We only process TCP and UDP traffic. + if (likely((*iph)->protocol == IPPROTO_TCP)) { + // Skip ipv4hdr and options to get tcphdr. + *tcph = (struct tcphdr *)((__u32 *)(*iph) + (*iph)->ihl); + // Should be complete tcphdr. + if ((void *)(*tcph + 1) > data_end) { + bpf_printk("not a valid TCP packet"); + return -EFAULT; + } + } else if (likely((*iph)->protocol == IPPROTO_UDP)) { + // Skip ipv4hdr and options to get tcphdr. + *udph = (struct udphdr *)((__u32 *)(*iph) + (*iph)->ihl); + // Should be complete udphdr. + if ((void *)(*udph + 1) > data_end) { + bpf_printk("not a valid UDP packet"); + return -EFAULT; + } + } else { + bpf_printk("IP but not TCP/UDP packet: protocol is %u", (*iph)->protocol); + return 1; + } + *ihl = (*iph)->ihl; + return 0; + } else if (eth->h_proto == bpf_htons(ETH_P_IPV6)) { + // eth + 1: skip eth hdr. + *ipv6h = (struct ipv6hdr *)(eth + 1); + if (unlikely((void *)(*ipv6h + 1) > data_end)) { + bpf_printk("not a valid IPv6 packet"); + return -EFAULT; + } + return handle_ipv6_extensions((void *)(*ipv6h + 1), data_end, + (*ipv6h)->nexthdr, tcph, udph, ihl); + } + return 1; +} + +static __always_inline long ip_is_host(bool is_ipv6, __u32 ifindex, + __be32 ip[4], + __be32 (*first_interface_ip)[4]) { + struct if_ip *if_ip = bpf_map_lookup_elem(&ifindex_ip_map, &ifindex); + if (unlikely(!if_ip)) { + return -1; + } + __u32 host_ip[4]; + if (!is_ipv6 && (*if_ip).hasIp4) { + __builtin_memcpy(host_ip, (*if_ip).ip4, IPV6_BYTE_LENGTH); + } else if (is_ipv6 && (*if_ip).hasIp6) { + __builtin_memcpy(host_ip, (*if_ip).ip6, IPV6_BYTE_LENGTH); + } else { + // Should TC_ACT_OK outer. + return -EFAULT; + } + if (first_interface_ip) { + __builtin_memcpy(*first_interface_ip, host_ip, IPV6_BYTE_LENGTH); + } + if (equal_ipv6(ip, host_ip)) { + return 1; + } + return 0; +} + +static __always_inline long adjust_udp_len(struct __sk_buff *skb, __u16 oldlen, + __u32 ihl, __u16 len_diff) { + if (unlikely(!len_diff)) { + return 0; + } + + // Boundary check. + if (len_diff > 0) { + if (unlikely(bpf_ntohs(oldlen) + len_diff < len_diff)) { // overflow + bpf_printk("udp length overflow"); + return -EINVAL; + } + } else { + if (unlikely((__s32)bpf_ntohs(oldlen) + len_diff < 0)) { // not enough + bpf_printk("udp length not enough"); + return -EINVAL; + } + } + __be16 newlen = bpf_htons(bpf_ntohs(oldlen) + len_diff); + + // Calculate checksum and store the new value. + long ret; + + __u32 udp_csum_off = l4_checksum_off(IPPROTO_UDP, ihl); + // replace twice because len exists both pseudo hdr and hdr. + if ((ret = bpf_l4_csum_replace( + skb, udp_csum_off, oldlen, newlen, + sizeof(oldlen) | BPF_F_PSEUDO_HDR | // udp len is in the pseudo hdr + BPF_F_MARK_MANGLED_0))) { + bpf_printk("bpf_l4_csum_replace newudplen: %ld", ret); + return ret; + } + if ((ret = bpf_l4_csum_replace(skb, udp_csum_off, oldlen, newlen, + sizeof(oldlen) | BPF_F_MARK_MANGLED_0))) { + bpf_printk("bpf_l4_csum_replace newudplen: %ld", ret); + return ret; + } + if ((ret = bpf_skb_store_bytes( + skb, (__u32)ETH_HLEN + ihl * 4 + offsetof(struct udphdr, len), + &newlen, sizeof(oldlen), 0))) { + bpf_printk("bpf_skb_store_bytes newudplen: %ld", ret); + return ret; + } + return 0; +} + +static __always_inline long adjust_ipv4_len(struct __sk_buff *skb, __u16 oldlen, + __u16 len_diff) { + if (unlikely(!len_diff)) { + return 0; + } + + // Boundary check. + if (len_diff > 0) { + if (unlikely(bpf_ntohs(oldlen) + len_diff < len_diff)) { // overflow + bpf_printk("ip length overflow"); + return -EINVAL; + } + } else { + if (unlikely((__s32)bpf_ntohs(oldlen) + len_diff < 0)) { // not enough + bpf_printk("ip length not enough"); + return -EINVAL; + } + } + __be16 newlen = bpf_htons(bpf_ntohs(oldlen) + len_diff); + + // Calculate checksum and store the new value. + long ret; + if ((ret = bpf_l3_csum_replace(skb, IPV4_CSUM_OFF, oldlen, newlen, + sizeof(oldlen)))) { + bpf_printk("bpf_l3_csum_replace newudplen: %ld", ret); + return ret; + } + if ((ret = bpf_skb_store_bytes( + skb, (__u32)ETH_HLEN + offsetof(struct iphdr, tot_len), &newlen, + sizeof(oldlen), 0))) { + bpf_printk("bpf_skb_store_bytes newiplen: %ld", ret); + return ret; + } + return 0; +} + +static __always_inline long encap_after_udp_hdr(struct __sk_buff *skb, + bool is_ipv6, __u8 ihl, + __be16 iphdr_tot_len, + void *newhdr, __u32 newhdrlen) { + if (unlikely(newhdrlen % 4 != 0)) { + bpf_trace_printk("encap_after_udp_hdr: unexpected newhdrlen value %u :must " + "be a multiple of 4", + newhdrlen); + return -EINVAL; + } + + long ret = 0; + long ip_off = ETH_HLEN; + // Calculate offsets using add instead of subtract to avoid verifier problems. + long ipp_len = ihl * 4; + long udp_payload_off = ip_off + ipp_len + sizeof(struct udphdr); + + // Backup for further use. + struct udphdr reserved_udphdr; + __builtin_memset(&reserved_udphdr, 0, sizeof(reserved_udphdr)); + if ((ret = bpf_skb_load_bytes(skb, ip_off + ipp_len, &reserved_udphdr, + sizeof(reserved_udphdr)))) { + bpf_printk("bpf_skb_load_bytes: %ld", ret); + return ret; + } + // Add room for new udp payload header. + if ((ret = bpf_skb_adjust_room(skb, newhdrlen, BPF_ADJ_ROOM_NET, + BPF_F_ADJ_ROOM_NO_CSUM_RESET))) { + bpf_printk("UDP ADJUST ROOM: %ld", ret); + return ret; + } + // Move the new room to the front of the UDP payload. + if ((ret = bpf_skb_store_bytes(skb, ip_off + ipp_len, &reserved_udphdr, + sizeof(reserved_udphdr), 0))) { + bpf_printk("bpf_skb_store_bytes reserved_udphdr: %ld", ret); + return ret; + } + + // Rewrite ip len. + if (!is_ipv6) { + if ((ret = adjust_ipv4_len(skb, iphdr_tot_len, newhdrlen))) { + bpf_printk("adjust_ip_len: %ld", ret); + return ret; + } + } + + // Rewrite udp len. + if ((ret = adjust_udp_len(skb, reserved_udphdr.len, ihl, newhdrlen))) { + bpf_printk("adjust_udp_len: %ld", ret); + return ret; + } + + // Rewrite udp payload. + __u32 l4_cksm_off = l4_checksum_off(IPPROTO_UDP, ihl); + __s64 cksm = bpf_csum_diff(NULL, 0, newhdr, newhdrlen, 0); + if ((ret = bpf_l4_csum_replace(skb, l4_cksm_off, 0, cksm, + BPF_F_MARK_MANGLED_0))) { + bpf_printk("bpf_l4_csum_replace 2: %ld", ret); + return ret; + } + if ((ret = bpf_skb_store_bytes(skb, udp_payload_off, newhdr, newhdrlen, 0))) { + bpf_printk("bpf_skb_store_bytes 2: %ld", ret); + return ret; + } + return 0; +} + +static __always_inline int decap_after_udp_hdr(struct __sk_buff *skb, + bool is_ipv6, __u8 ihl, + __be16 iphdr_tot_len, void *to, + __u32 decap_hdrlen) { + if (unlikely(decap_hdrlen % 4 != 0)) { + bpf_trace_printk( + "encap_after_udp_hdr: unexpected decap_hdrlen value %u :must " + "be a multiple of 4", + decap_hdrlen); + return -EINVAL; + } + long ret = 0; + long ip_off = ETH_HLEN; + // Calculate offsets using add instead of subtract to avoid verifier problems. + long ipp_len = ihl * 4; + + // Must check lower boundary for packet offset (and set the type of the + // variables to signed long). + if (skb->data + ip_off + ipp_len > skb->data_end) { + return -EINVAL; + } + + // Backup for further use. + struct udphdr reserved_udphdr; + __builtin_memset(&reserved_udphdr, 0, sizeof(reserved_udphdr)); + if ((ret = bpf_skb_load_bytes(skb, ip_off + ipp_len, &reserved_udphdr, + sizeof(struct udphdr)))) { + bpf_printk("bpf_skb_load_bytes: %ld", ret); + return ret; + } + + // Load the hdr to decap. + if ((ret = bpf_skb_load_bytes(skb, ip_off + ipp_len + sizeof(struct udphdr), + to, decap_hdrlen))) { + bpf_printk("bpf_skb_load_bytes decap_hdr: %ld", ret); + return ret; + } + + // Move the udphdr to the front of the real UDP payload. + if ((ret = + bpf_skb_store_bytes(skb, ip_off + ipp_len + decap_hdrlen, + &reserved_udphdr, sizeof(reserved_udphdr), 0))) { + bpf_printk("bpf_skb_store_bytes reserved_udphdr: %ld", ret); + return ret; + } + + // Adjust room to decap the header. + if ((ret = bpf_skb_adjust_room(skb, -decap_hdrlen, BPF_ADJ_ROOM_NET, + BPF_F_ADJ_ROOM_NO_CSUM_RESET))) { + bpf_printk("UDP ADJUST ROOM: %ld", ret); + return ret; + } + + // Rewrite ip len. + if (!is_ipv6) { + if ((ret = adjust_ipv4_len(skb, iphdr_tot_len, -decap_hdrlen))) { + bpf_printk("adjust_ip_len: %ld", ret); + return ret; + } + } + + // Rewrite udp len. + if ((ret = adjust_udp_len(skb, reserved_udphdr.len, ihl, -decap_hdrlen))) { + bpf_printk("adjust_udp_len: %ld", ret); + return ret; + } + + // Rewrite udp checksum. + __u32 udp_csum_off = l4_checksum_off(IPPROTO_UDP, ihl); + __s64 cksm = bpf_csum_diff(to, decap_hdrlen, 0, 0, 0); + if ((ret = bpf_l4_csum_replace(skb, udp_csum_off, 0, cksm, + BPF_F_MARK_MANGLED_0))) { + bpf_printk("bpf_l4_csum_replace 2: %ld", ret); + return ret; + } + return 0; +} + +// Do not use __always_inline here because this function is too heavy. +static long routing(__u8 flag[2], void *l4_hdr, __be32 saddr[4], + __be32 daddr[4], __be32 mac[4]) { +#define _network flag[0] +#define _ipversion flag[1] + // // Get len of routings and epoch from param_map. + // __u32 *routings_len = bpf_map_lookup_elem(¶m_map, &routings_len_key); + // if (!routings_len) { + // return -EINVAL; + // } + // __u32 *epoch = bpf_map_lookup_elem(¶m_map, &epoch_key); + // if (!epoch) { + // return -EINVAL; + // } + // Define variables for further use. + __u16 h_dport; + __u16 h_sport; + if (_network == NETWORK_TYPE_TCP) { + h_dport = bpf_ntohs(((struct tcphdr *)l4_hdr)->dest); + h_sport = bpf_ntohs(((struct tcphdr *)l4_hdr)->source); + } else { + h_dport = bpf_ntohs(((struct udphdr *)l4_hdr)->dest); + h_sport = bpf_ntohs(((struct udphdr *)l4_hdr)->source); + } + // Redirect all DNS packet to control plane. + if (_network == NETWORK_TYPE_UDP && h_dport == 53) { + return OUTBOUND_CONTROL_PLANE_ROUTE; + } + struct lpm_key lpm_key_saddr, lpm_key_daddr, lpm_key_mac, *lpm_key; + lpm_key_saddr.trie_key.prefixlen = IPV6_BYTE_LENGTH * 8; + lpm_key_daddr.trie_key.prefixlen = IPV6_BYTE_LENGTH * 8; + lpm_key_mac.trie_key.prefixlen = IPV6_BYTE_LENGTH * 8; + __builtin_memcpy(lpm_key_saddr.data, saddr, IPV6_BYTE_LENGTH); + __builtin_memcpy(lpm_key_daddr.data, daddr, IPV6_BYTE_LENGTH); + __builtin_memcpy(lpm_key_mac.data, mac, IPV6_BYTE_LENGTH); + + struct map_lpm_type *lpm; + struct routing *routing; + // Rule is like: domain(domain:baidu.com) && port(443) -> proxy + bool bad_rule = false; + struct domain_routing *domain_routing; + + /// DEPRECATED: Epoch was deprecated and domain_routing_map was unpinned, thus + /// this branch will never hit. + // if (domain_routing && domain_routing->epoch != *epoch) { + // // Dirty (epoch dismatch) traffic should be routed by the control plane. + // return OUTBOUND_CONTROL_PLANE_ROUTE; + // } + +#pragma unroll + for (__u32 key = 0; key < MAX_ROUTING_LEN; key++) { + __u32 k = key; // Clone to pass code checker. + routing = bpf_map_lookup_elem(&routing_map, &k); + if (!routing) { + return -EFAULT; + } + if (bad_rule) { + goto before_next_loop; + } + /// NOTICE: switch is not implemented efficiently by clang yet. + if (likely(routing->type == ROUTING_TYPE_IP_SET)) { + lpm_key = &lpm_key_saddr; + goto lookup_lpm; + } else if (routing->type == ROUTING_TYPE_SOURCE_IP_SET) { + lpm_key = &lpm_key_daddr; + lookup_lpm: + lpm = bpf_map_lookup_elem(&lpm_array_map, &routing->index); + if (unlikely(!lpm)) { + return -EFAULT; + } + if (!bpf_map_lookup_elem(lpm, lpm_key)) { + // Routing not hit. + bad_rule = true; + } + } else if (routing->type == ROUTING_TYPE_DOMAIN_SET) { + // Bottleneck of insns limit. + // We fixed it by invoking bpf_map_lookup_elem here. + + // Get domain routing bitmap. + domain_routing = bpf_map_lookup_elem(&domain_routing_map, daddr); + if (!domain_routing) { + // No domain corresponding to IP. + bad_rule = true; + goto before_next_loop; + } + + // We use key instead of k to pass checker. + if (!((domain_routing->bitmap[key / 32] >> (key % 32)) & 1)) { + bad_rule = true; + } + } else if (routing->type == ROUTING_TYPE_PORT) { + if (h_dport < routing->port_range.port_start || + h_dport > routing->port_range.port_end) { + bad_rule = true; + } + } else if (routing->type == ROUTING_TYPE_SOURCE_PORT) { + if (h_sport < routing->port_range.port_start || + h_sport > routing->port_range.port_end) { + bad_rule = true; + } + } else if (routing->type == ROUTING_TYPE_NETWORK) { + if (!(_network & routing->network_type)) { + bad_rule = true; + } + } else if (routing->type == ROUTING_TYPE_IPVERSION) { + if (!(_ipversion & routing->ip_version)) { + bad_rule = true; + } + } else if (routing->type == ROUTING_TYPE_MAC) { + /// FIXME: Bottleneck of insns limit. Reason: don't know. + lpm_key = &lpm_key_mac; + goto lookup_lpm; + } else if (routing->type == ROUTING_TYPE_FINAL) { + return routing->outbound; + } else { + return -EINVAL; + } + + before_next_loop: + if (routing->outbound != OUTBOUND_LOGICAL_AND) { + // Tail of a rule (line). + // Decide whether to hit. + if (!bad_rule) { + return routing->outbound; + } + bad_rule = false; + } + } + return -EPERM; +#undef _network +#undef _ip_version +} + +// Do DNAT. +SEC("tc/ingress") +int tproxy_ingress(struct __sk_buff *skb) { + struct ethhdr *ethh; + struct iphdr *iph; + struct ipv6hdr *ipv6h; + struct tcphdr *tcph; + struct udphdr *udph; + __sum16 bak_cksm; + __u8 ihl; + long ret = parse_transport(skb, ðh, &iph, &ipv6h, &tcph, &udph, &ihl); + if (ret) { + bpf_printk("parse_transport: %ld", ret); + return TC_ACT_OK; + } + // if (ipv6hdr) { + // bpf_printk("DEBUG: ipv6"); + // } + + // Backup for further use. + __u8 l4_proto; + if (tcph) { + l4_proto = IPPROTO_TCP; + } else if (udph) { + l4_proto = IPPROTO_UDP; + } else { + return TC_ACT_OK; + } + + // Parse saddr and daddr as ipv6 format. + __be32 saddr[4]; + __be32 daddr[4]; + if (iph) { + saddr[0] = 0; + saddr[1] = 0; + saddr[2] = bpf_ntohl(0xffff); + saddr[3] = iph->saddr; + + daddr[0] = 0; + daddr[1] = 0; + daddr[2] = bpf_ntohl(0xffff); + daddr[3] = iph->daddr; + } else if (ipv6h) { + __builtin_memcpy(daddr, &ipv6h->daddr, IPV6_BYTE_LENGTH); + __builtin_memcpy(saddr, &ipv6h->saddr, IPV6_BYTE_LENGTH); + } else { + return TC_ACT_OK; + } + + // If this packet is sent to this host, accept it. + __u32 first_interface_ip[4]; + long to_host = ip_is_host(ipv6h, skb->ifindex, daddr, &first_interface_ip); + if (to_host < 0) { // error + // bpf_printk("to_host: %ld", to_host); + return TC_ACT_OK; + } + if (to_host == 1) { + if (udph && udph->dest == 53) { + // To host:53. Process it. + } else { + // To host. Accept. + /// FIXME: all host ip. + return TC_ACT_OK; + } + } + + __be16 *tproxy_port = bpf_map_lookup_elem(¶m_map, &tproxy_port_key); + if (!tproxy_port) { + return TC_ACT_OK; + } + + if (tcph) { + // Backup for further use. + bak_cksm = tcph->check; + bool tcp_state_syn = tcph->syn && !tcph->ack; + struct ip_port_proto key_src; + __builtin_memset(&key_src, 0, sizeof(key_src)); + __builtin_memcpy(key_src.ip, saddr, IPV6_BYTE_LENGTH); + key_src.port = tcph->source; + key_src.proto = l4_proto; + __u8 outbound; + // No record. No DNS requests before. + if (unlikely(tcp_state_syn)) { + // New TCP connection. + // bpf_printk("[%X]New Connection", bpf_ntohl(tcph->seq)); + __u8 flag[2] = {NETWORK_TYPE_TCP}; // TCP + if (ipv6h) { + flag[1] = IPVERSION_6; + } else { + flag[1] = IPVERSION_4; + } + __be32 mac[4]; + __builtin_memset(mac, 0, IPV6_BYTE_LENGTH); + __builtin_memcpy(mac, ethh->h_source, sizeof(ethh->h_source)); + if ((ret = routing(flag, tcph, saddr, daddr, mac)) < 0) { + bpf_printk("shot routing: %ld", ret); + return TC_ACT_SHOT; + } + + outbound = ret; + } else { + // bpf_printk("[%X]Old Connection", bpf_ntohl(tcph->seq)); + // The TCP connection exists. + struct ip_port_outbound *dst = bpf_map_lookup_elem(&dst_map, &key_src); + if (!dst) { + // Do not impact previous connections. + return TC_ACT_OK; + } + outbound = dst->outbound; + } + + bpf_printk("tcp: outbound: %u, %pI6", outbound, daddr); + if (outbound == OUTBOUND_DIRECT) { + return TC_ACT_OK; + } else { + // Rewrite to control plane. + + if (unlikely(tcp_state_syn)) { + struct ip_port_outbound value_dst; + __builtin_memset(&value_dst, 0, sizeof(value_dst)); + __builtin_memcpy(value_dst.ip, daddr, IPV6_BYTE_LENGTH); + value_dst.port = tcph->dest; + value_dst.outbound = outbound; + bpf_map_update_elem(&dst_map, &key_src, &value_dst, BPF_ANY); + } + + __u32 *dst_ip = daddr; + __u16 dst_port = tcph->dest; + if ((ret = rewrite_ip(skb, ipv6h, IPPROTO_TCP, ihl, dst_ip, + first_interface_ip, true))) { + bpf_printk("Shot IP: %ld", ret); + return TC_ACT_SHOT; + } + if ((ret = rewrite_port(skb, IPPROTO_TCP, ihl, dst_port, *tproxy_port, + true))) { + bpf_printk("Shot Port: %ld", ret); + return TC_ACT_SHOT; + } + } + } else if (udph) { + // Backup for further use. + bak_cksm = udph->check; + struct ip_port_outbound new_hdr; + __builtin_memset(&new_hdr, 0, sizeof(new_hdr)); + __builtin_memcpy(new_hdr.ip, daddr, IPV6_BYTE_LENGTH); + new_hdr.port = udph->dest; + + // Routing. It decides if we redirect traffic to control plane. + __u8 flag[2] = {NETWORK_TYPE_UDP}; + if (ipv6h) { + flag[1] = IPVERSION_6; + } else { + flag[1] = IPVERSION_4; + } + __be32 mac[4]; + __builtin_memset(mac, 0, IPV6_BYTE_LENGTH); + __builtin_memcpy(mac, ethh->h_source, sizeof(ethh->h_source)); + if ((ret = routing(flag, udph, saddr, daddr, mac)) < 0) { + bpf_printk("shot routing: %ld", ret); + return TC_ACT_SHOT; + } + new_hdr.outbound = ret; + bpf_printk("udp: outbound: %u, %pI6", new_hdr.outbound, daddr); + + if (new_hdr.outbound == OUTBOUND_DIRECT) { + return TC_ACT_OK; + } else { + // Rewrite to control plane. + + // Encap a header to transmit fullcone tuple. + __be16 ip_tot_len = iph ? iph->tot_len : 0; + encap_after_udp_hdr(skb, ipv6h, ihl, ip_tot_len, &new_hdr, + sizeof(new_hdr)); + + // Rewrite udp dst ip. + // bpf_printk("rewrite dst ip from %pI4", &ori_dst.ip); + if ((ret = rewrite_ip(skb, ipv6h, IPPROTO_UDP, ihl, new_hdr.ip, + first_interface_ip, true))) { + bpf_printk("Shot IP: %ld", ret); + return TC_ACT_SHOT; + } + + // Rewrite udp dst port. + if ((ret = rewrite_port(skb, IPPROTO_UDP, ihl, new_hdr.port, *tproxy_port, + true))) { + bpf_printk("Shot Port: %ld", ret); + return TC_ACT_SHOT; + } + } + } + + if (udph || tcph) { + // Print packet in hex for debugging (checksum or something else). + // bpf_printk("DEBUG"); + // for (__u32 i = 0; i < skb->len && i < 200; i++) { + // __u8 t = 0; + // bpf_skb_load_bytes(skb, i, &t, 1); + // bpf_printk("%02x", t); + // } + __u8 *disable_l4_checksum = + bpf_map_lookup_elem(¶m_map, &disable_l4_rx_checksum_key); + if (!disable_l4_checksum) { + bpf_printk("Forgot to set disable_l4_checksum?"); + return TC_ACT_SHOT; + } + if (*disable_l4_checksum) { + __u32 l4_cksm_off = l4_checksum_off(l4_proto, ihl); + // Restore the checksum or set it zero. + if (*disable_l4_checksum == DISABLE_L4_CHECKSUM_POLICY_SET_ZERO) { + bak_cksm = 0; + } + bpf_skb_store_bytes(skb, l4_cksm_off, &bak_cksm, sizeof(bak_cksm), 0); + } + } + return TC_ACT_OK; +} + +/** + FIXME: We can do packet modification as early as possible (for example, at + lwt point) to avoid weird checksum offload problems by docker, etc. They do + not obey the checksum specification. At present, we specially judge docker + interfaces and disable checksum for them. + + References: + https://github.com/torvalds/linux/blob/v6.1/samples/bpf/test_lwt_bpf.sh + https://blog.csdn.net/Rong_Toa/article/details/109392163 +*/ +// Do SNAT. +SEC("tc/egress") +int tproxy_egress(struct __sk_buff *skb) { + struct ethhdr *ethh; + struct iphdr *iph; + struct ipv6hdr *ipv6h; + struct tcphdr *tcph; + struct udphdr *udph; + __sum16 bak_cksm; + __u8 ihl; + long ret = parse_transport(skb, ðh, &iph, &ipv6h, &tcph, &udph, &ihl); + if (ret) { + return TC_ACT_OK; + } + + // Parse saddr and daddr as ipv6 format. + __be32 saddr[4]; + __be32 daddr[4]; + if (iph) { + saddr[0] = 0; + saddr[1] = 0; + saddr[2] = bpf_ntohl(0xffff); + saddr[3] = iph->saddr; + + daddr[0] = 0; + daddr[1] = 0; + daddr[2] = bpf_ntohl(0xffff); + daddr[3] = iph->daddr; + } else if (ipv6h) { + __builtin_memcpy(daddr, ipv6h->daddr.in6_u.u6_addr32, IPV6_BYTE_LENGTH); + __builtin_memcpy(saddr, ipv6h->saddr.in6_u.u6_addr32, IPV6_BYTE_LENGTH); + } else { + return TC_ACT_OK; + } + + // If not from tproxy, accept it. + __be16 *tproxy_port = bpf_map_lookup_elem(¶m_map, &tproxy_port_key); + if (!tproxy_port) { + return TC_ACT_OK; + } + long from_host = ip_is_host(ipv6h, skb->ifindex, saddr, NULL); + if (!(from_host == 1)) { + // Not from localhost. + return TC_ACT_OK; + } + + // Backup for further use. + __u8 l4_proto; + if (tcph) { + l4_proto = IPPROTO_TCP; + } else if (udph) { + l4_proto = IPPROTO_UDP; + } else { + return TC_ACT_OK; + } + + if (tcph) { + if (tcph->source != *tproxy_port) { + return TC_ACT_OK; + } + + // Lookup original dest. + struct ip_port_proto key_dst; + __builtin_memset(&key_dst, 0, sizeof(key_dst)); + __builtin_memcpy(key_dst.ip, daddr, IPV6_BYTE_LENGTH); + key_dst.proto = l4_proto; + if (tcph) { + key_dst.port = tcph->dest; + } else if (udph) { + key_dst.port = udph->dest; + } + struct ip_port_outbound *original_dst = + bpf_map_lookup_elem(&dst_map, &key_dst); + if (!original_dst) { + bpf_printk("[%X]Bad Connection: to: %pI4:%u", bpf_ntohl(tcph->seq), + &key_dst.ip, bpf_ntohs(key_dst.port)); + // Do not impact previous connections. + return TC_ACT_SHOT; + } + + // Backup for further use. + bak_cksm = tcph->check; + + __u32 *src_ip = saddr; + __u16 src_port = tcph->source; + if (rewrite_ip(skb, ipv6h, IPPROTO_TCP, ihl, src_ip, original_dst->ip, + false) < 0) { + bpf_printk("Shot IP: %ld", ret); + return TC_ACT_SHOT; + } + if (rewrite_port(skb, IPPROTO_TCP, ihl, src_port, original_dst->port, + false) < 0) { + bpf_printk("Shot Port: %ld", ret); + return TC_ACT_SHOT; + } + } else if (udph) { + if (udph->source != *tproxy_port) { + return TC_ACT_OK; + } + + // Backup for further use. + bak_cksm = udph->check; + __u32 *src_ip = saddr; + __u16 src_port = udph->source; + /// NOTICE: Actually, we do not need symmetrical headers in client and + /// server. We use it for convinience. This behavior may change in the + /// future. Outbound here is useless and redundant. + struct ip_port_outbound ori_src; + __builtin_memset(&ori_src, 0, sizeof(ori_src)); + + // Get source ip/port from our packet header. + + // Decap header to get fullcone tuple. + __be16 ip_tot_len = iph ? iph->tot_len : 0; + decap_after_udp_hdr(skb, ipv6h, ihl, ip_tot_len, &ori_src, sizeof(ori_src)); + + // Rewrite udp src ip + if ((ret = rewrite_ip(skb, ipv6h, IPPROTO_UDP, ihl, src_ip, ori_src.ip, + false))) { + bpf_printk("Shot IP: %ld", ret); + return TC_ACT_SHOT; + } + + // Rewrite udp src port + if ((ret = rewrite_port(skb, IPPROTO_UDP, ihl, src_port, ori_src.port, + false))) { + bpf_printk("Shot Port: %ld", ret); + return TC_ACT_SHOT; + } + + // bpf_printk("real from: %pI4:%u", &ori_src.ip, bpf_ntohs(ori_src.port)); + + // Print packet in hex for debugging (checksum or something else). + // bpf_printk("UDP EGRESS OK"); + // for (__u32 i = 0; i < skb->len && i < 1500; i++) { + // __u8 t = 0; + // bpf_skb_load_bytes(skb, i, &t, 1); + // bpf_printk("%02x", t); + // } + } + + if (udph || tcph) { + __u8 *disable_l4_checksum = + bpf_map_lookup_elem(¶m_map, &disable_l4_tx_checksum_key); + if (!disable_l4_checksum) { + bpf_printk("Forgot to set disable_l4_checksum?"); + return TC_ACT_SHOT; + } + if (*disable_l4_checksum) { + __u32 l4_cksm_off = l4_checksum_off(l4_proto, ihl); + // Restore the checksum or set it zero. + if (*disable_l4_checksum == DISABLE_L4_CHECKSUM_POLICY_SET_ZERO) { + bak_cksm = 0; + } + bpf_skb_store_bytes(skb, l4_cksm_off, &bak_cksm, 2, 0); + } + } + return TC_ACT_OK; +} + +SEC("license") const char __license[] = "Dual BSD/GPL"; \ No newline at end of file diff --git a/component/control/match.go b/component/control/match.go new file mode 100644 index 0000000..2352cc8 --- /dev/null +++ b/component/control/match.go @@ -0,0 +1,41 @@ +/* + * SPDX-License-Identifier: AGPL-3.0-only + * Copyright (c) since 2023, mzz2017 (mzz@tuta.io). All rights reserved. + */ + +package control + +import ( + "foo/common/consts" + "strings" +) + +func (c *ControlPlane) MatchDomainBitmap(domain string) (bitmap [consts.MaxRoutingLen / 32]uint32) { + // FIXME: high performance implementation. + for _, s := range c.SimulatedDomainSet { + for _, d := range s.Domains { + var hit bool + switch s.Key { + case consts.RoutingDomain_Suffix: + if strings.HasSuffix(domain, d) { + hit = true + } + case consts.RoutingDomain_Full: + if strings.EqualFold(domain, d) { + hit = true + } + case consts.RoutingDomain_Keyword: + if strings.Contains(strings.ToLower(domain), strings.ToLower(d)) { + hit = true + } + case consts.RoutingDomain_Regex: + c.log.Warnln("MatchDomainBitmap does not support regex yet") + } + if hit { + bitmap[s.RuleIndex/32] |= 1 << (s.RuleIndex % 32) + break + } + } + } + return bitmap +} diff --git a/component/control/routing_matcher_builder.go b/component/control/routing_matcher_builder.go new file mode 100644 index 0000000..8c1b49b --- /dev/null +++ b/component/control/routing_matcher_builder.go @@ -0,0 +1,133 @@ +/* + * SPDX-License-Identifier: AGPL-3.0-only + * Copyright (c) since 2022, mzz2017 (mzz@tuta.io). All rights reserved. + */ + +package control + +import ( + "fmt" + "foo/common" + "foo/common/consts" + "foo/component/routing" + "github.com/cilium/ebpf" + "net/netip" + "strconv" +) + +type DomainSet struct { + Key string + RuleIndex int + Domains []string +} +type RoutingMatcherBuilder struct { + *routing.DefaultMatcherBuilder + outboundName2Id map[string]uint8 + bpf *bpfObjects + rules []bpfRouting + SimulatedLpmTries [][]netip.Prefix + SimulatedDomainSet []DomainSet + Final string + + err error +} + +func NewRoutingMatcherBuilder(outboundName2Id map[string]uint8, bpf *bpfObjects) *RoutingMatcherBuilder { + return &RoutingMatcherBuilder{outboundName2Id: outboundName2Id, bpf: bpf} +} + +func (b *RoutingMatcherBuilder) OutboundToId(outbound string) uint8 { + var outboundId uint8 + if outbound == routing.FakeOutbound_AND { + outboundId = uint8(consts.OutboundLogicalAnd) + } else { + var ok bool + outboundId, ok = b.outboundName2Id[outbound] + if !ok { + b.err = fmt.Errorf("%v not in outboundName2Id", strconv.Quote(outbound)) + } + } + return outboundId +} + +func (b *RoutingMatcherBuilder) AddDomain(key string, values []string, outbound string) { + if b.err != nil { + return + } + switch key { + case consts.RoutingDomain_Regex, + consts.RoutingDomain_Full, + consts.RoutingDomain_Keyword, + consts.RoutingDomain_Suffix: + default: + b.err = fmt.Errorf("AddDomain: unsupported key: %v", key) + return + } + b.SimulatedDomainSet = append(b.SimulatedDomainSet, DomainSet{ + Key: key, + RuleIndex: len(b.rules), + Domains: values, + }) + b.rules = append(b.rules, bpfRouting{ + Type: uint8(consts.RoutingType_DomainSet), + Outbound: b.OutboundToId(outbound), + }) +} + +func (b *RoutingMatcherBuilder) AddIp(values []netip.Prefix, outbound string) { + if b.err != nil { + return + } + lpmTrieIndex := len(b.SimulatedLpmTries) + b.SimulatedLpmTries = append(b.SimulatedLpmTries, values) + b.rules = append(b.rules, bpfRouting{ + Type: uint8(consts.RoutingType_IpSet), + Value: uint32(lpmTrieIndex), + Outbound: b.OutboundToId(outbound), + }) +} + +func (b *RoutingMatcherBuilder) AddFinal(outbound string) { + b.Final = outbound + b.rules = append(b.rules, bpfRouting{ + Type: uint8(consts.RoutingType_Final), + Outbound: b.OutboundToId(outbound), + }) +} + +func (b *RoutingMatcherBuilder) Build() (err error) { + if b.err != nil { + return b.err + } + // Update lpm_array_map. + for i, cidrs := range b.SimulatedLpmTries { + var keys []bpfLpmKey + var values []uint32 + for _, cidr := range cidrs { + keys = append(keys, cidrToBpfLpmKey(cidr)) + values = append(values, 1) + } + m, err := b.bpf.NewLpmMap(keys, values) + if err != nil { + return fmt.Errorf("NewLpmMap: %w", err) + } + // ebpf.Map cannot be BatchUpdate + if err = b.bpf.LpmArrayMap.Update(uint32(i), m, ebpf.UpdateAny); err != nil { + m.Close() + return fmt.Errorf("Update: %w", err) + } + m.Close() + } + // Update routings. + routingsLen := uint32(len(b.rules)) + routingsKeys := common.ARangeU32(routingsLen) + if _, err = b.bpf.RoutingMap.BatchUpdate(routingsKeys, b.rules, &ebpf.BatchOptions{ + ElemFlags: uint64(ebpf.UpdateAny), + }); err != nil { + return fmt.Errorf("BatchUpdate: %w", err) + } + if err = b.bpf.ParamMap.Update(consts.RoutingsLenKey, routingsLen, ebpf.UpdateAny); err != nil { + return fmt.Errorf("Update: %w", err) + } + return nil +} diff --git a/component/control/tcp.go b/component/control/tcp.go new file mode 100644 index 0000000..68bece1 --- /dev/null +++ b/component/control/tcp.go @@ -0,0 +1,94 @@ +/* + * SPDX-License-Identifier: AGPL-3.0-only + * Copyright (c) since 2022, mzz2017 (mzz@tuta.io). All rights reserved. + */ + +package control + +import ( + "encoding/binary" + "errors" + "fmt" + "foo/common" + "foo/common/consts" + "golang.org/x/sys/unix" + "io" + "net" + "net/netip" + "time" +) + +func (c *ControlPlane) handleConn(lConn net.Conn) (err error) { + defer lConn.Close() + rAddr := lConn.RemoteAddr().(*net.TCPAddr).AddrPort() + ip6 := rAddr.Addr().As16() + + var value bpfIpPortOutbound + if err := c.bpf.DstMap.Lookup(bpfIpPortProto{ + Ip: common.Ipv6ByteSliceToUint32Array(ip6[:]), + Port: swap16(rAddr.Port()), + Proto: unix.IPPROTO_TCP, + }, &value); err != nil { + return fmt.Errorf("reading map: key %v: %w", rAddr.String(), err) + } + var dstIP [4]byte + binary.LittleEndian.PutUint32(dstIP[:], value.Ip[3]) + dst := netip.AddrPortFrom(netip.AddrFrom4(dstIP), swap16(value.Port)) + + switch consts.OutboundIndex(value.Outbound) { + case consts.OutboundDirect: + case consts.OutboundControlPlaneRoute: + // FIXME: check and re-route. + value.Outbound = uint8(consts.OutboundDirect) + c.log.Debugf("outbound: %v => %v", + consts.OutboundControlPlaneRoute.String(), + consts.OutboundIndex(value.Outbound).String(), + ) + default: + } + outbound := c.outbounds[value.Outbound] + // TODO: Set-up ip to domain mapping and show domain if possible. + c.log.Infof("TCP: %v <-[%v]-> %v", lConn.RemoteAddr(), outbound.Name, dst.String()) + if value.Outbound < 0 || int(value.Outbound) >= len(c.outbounds) { + return fmt.Errorf("outbound id from bpf is out of range: %v not in [0, %v]", value.Outbound, len(c.outbounds)-1) + } + rConn, err := outbound.Dial("tcp", dst.String()) + if err != nil { + return fmt.Errorf("failed to dial %v: %w", dst, err) + } + defer rConn.Close() + if err = RelayTCP(lConn, rConn); err != nil { + var netErr net.Error + if errors.As(err, &netErr) && netErr.Timeout() { + return nil // ignore i/o timeout + } + return fmt.Errorf("handleTCP relay error: %w", err) + } + return nil +} + +type WriteCloser interface { + CloseWrite() error +} + +func RelayTCP(lConn, rConn net.Conn) (err error) { + eCh := make(chan error, 1) + go func() { + _, e := io.Copy(rConn, lConn) + if rConn, ok := rConn.(WriteCloser); ok { + rConn.CloseWrite() + } + rConn.SetReadDeadline(time.Now().Add(10 * time.Second)) + eCh <- e + }() + _, e := io.Copy(lConn, rConn) + if lConn, ok := lConn.(WriteCloser); ok { + lConn.CloseWrite() + } + lConn.SetReadDeadline(time.Now().Add(10 * time.Second)) + if e != nil { + <-eCh + return e + } + return <-eCh +} diff --git a/component/control/udp.go b/component/control/udp.go new file mode 100644 index 0000000..5d88b2c --- /dev/null +++ b/component/control/udp.go @@ -0,0 +1,145 @@ +/* + * SPDX-License-Identifier: AGPL-3.0-only + * Copyright (c) since 2022, mzz2017 (mzz@tuta.io). All rights reserved. + */ + +package control + +import ( + "encoding/binary" + "fmt" + "foo/common/consts" + "foo/pkg/pool" + "golang.org/x/net/dns/dnsmessage" + "net" + "net/netip" + "time" +) + +const ( + DefaultNatTimeout = 3 * time.Minute + DnsNatTimeout = 17 * time.Second // RFC 5452 +) + +func ChooseNatTimeout(data []byte) (dmsg *dnsmessage.Message, timeout time.Duration) { + var dnsmsg dnsmessage.Message + if err := dnsmsg.Unpack(data); err == nil { + //log.Printf("DEBUG: lookup %v", dnsmsg.Questions[0].Name) + return &dnsmsg, DnsNatTimeout + } + return nil, DefaultNatTimeout +} + +type AddrHdr struct { + Dest netip.AddrPort + Outbound uint8 +} + +func ParseAddrHdr(data []byte) (hdr *AddrHdr, dataOffset int, err error) { + ipSize := 16 + dataOffset = consts.AddrHdrSize + if len(data) < dataOffset { + return nil, 0, fmt.Errorf("data is too short to parse AddrHdr") + } + destAddr, _ := netip.AddrFromSlice(data[:ipSize]) + port := binary.BigEndian.Uint16(data[ipSize:]) + outbound := data[ipSize+2] + return &AddrHdr{ + Dest: netip.AddrPortFrom(destAddr, port), + Outbound: outbound, + }, dataOffset, nil +} + +func (hdr *AddrHdr) ToBytesFromPool() []byte { + ipSize := 16 + buf := pool.GetZero(consts.AddrHdrSize) // byte align to a multiple of 4 + ip := hdr.Dest.Addr().As16() + copy(buf, ip[:]) + binary.BigEndian.PutUint16(buf[ipSize:], hdr.Dest.Port()) + buf[ipSize+2] = hdr.Outbound + return buf +} + +func sendPktWithHdr(data []byte, from netip.AddrPort, lConn *net.UDPConn, to netip.AddrPort) error { + hdr := AddrHdr{ + Dest: from, + Outbound: 0, // Do not care. + } + bHdr := hdr.ToBytesFromPool() + defer pool.Put(bHdr) + buf := pool.Get(len(bHdr) + len(data)) + defer pool.Put(buf) + copy(buf, bHdr) + copy(buf[len(bHdr):], data) + //log.Println("from", from, "to", to) + _, err := lConn.WriteToUDPAddrPort(buf, to) + return err +} + +func (c *ControlPlane) RelayToUDP(lConn *net.UDPConn, to netip.AddrPort, isDNS bool) UdpHandler { + return func(data []byte, from netip.AddrPort) (err error) { + if isDNS { + data, err = c.DnsRespHandler(data) + if err != nil { + c.log.Warnf("DnsRespHandler: %v", err) + } + } + return sendPktWithHdr(data, from, lConn, to) + } +} + +func (c *ControlPlane) handlePkt(data []byte, lConn *net.UDPConn, lAddrPort netip.AddrPort, addrHdr *AddrHdr) (err error) { + switch consts.OutboundIndex(addrHdr.Outbound) { + case consts.OutboundDirect: + case consts.OutboundControlPlaneRoute: + // FIXME: check and re-route. + addrHdr.Outbound = uint8(consts.OutboundDirect) + + c.log.Debugf("outbound: %v => %v", + consts.OutboundControlPlaneRoute.String(), + consts.OutboundIndex(addrHdr.Outbound).String(), + ) + default: + } + outbound := c.outbounds[addrHdr.Outbound] + dnsMessage, natTimeout := ChooseNatTimeout(data) + // We should cache DNS records and set record TTL to 0, in order to monitor the dns req and resp in real time. + isDns := dnsMessage != nil + if isDns { + if resp := c.LookupDnsRespCache(dnsMessage); resp != nil { + if err = sendPktWithHdr(resp, addrHdr.Dest, lConn, lAddrPort); err != nil { + return fmt.Errorf("failed to write cached DNS resp: %w", err) + } + q := dnsMessage.Questions[0] + c.log.Debugf("UDP(DNS) %v <-[%v]-> Cache: %v %v", + lAddrPort.String(), outbound.Name, q.Name, q.Type, + ) + return nil + } else { + q := dnsMessage.Questions[0] + c.log.Debugf("UDP(DNS) %v <-[%v]-> %v: %v %v", + lAddrPort.String(), outbound.Name, addrHdr.Dest.String(), q.Name, q.Type, + ) + } + } else { + // TODO: Set-up ip to domain mapping and show domain if possible. + c.log.Infof("UDP %v <-[%v]-> %v", + lAddrPort.String(), outbound.Name, addrHdr.Dest.String(), + ) + } + ue, err := DefaultUdpEndpointPool.GetOrCreate(lAddrPort, &UdpEndpointOptions{ + Handler: c.RelayToUDP(lConn, lAddrPort, isDns), + NatTimeout: natTimeout, + Dialer: outbound, + Target: addrHdr.Dest, + }) + if err != nil { + return fmt.Errorf("failed to GetOrCreate: %w", err) + } + //log.Printf("WriteToUDPAddrPort->%v", dest) + _, err = ue.WriteToUDPAddrPort(data, addrHdr.Dest) + if err != nil { + return fmt.Errorf("failed to write UDP packet req: %w", err) + } + return nil +} diff --git a/component/control/udp_endpoint.go b/component/control/udp_endpoint.go new file mode 100644 index 0000000..77f1a28 --- /dev/null +++ b/component/control/udp_endpoint.go @@ -0,0 +1,127 @@ +/* + * SPDX-License-Identifier: AGPL-3.0-only + * Copyright (c) since 2022, mzz2017 (mzz@tuta.io). All rights reserved. + */ + +package control + +import ( + "fmt" + "foo/pkg/pool" + "golang.org/x/net/proxy" + "net" + "net/netip" + "sync" + "time" +) + +type UdpHandler func(data []byte, from netip.AddrPort) error + +type UdpEndpoint struct { + conn net.PacketConn + // mu protects deadlineTimer + mu sync.Mutex + deadlineTimer *time.Timer + handler UdpHandler + NatTimeout time.Duration +} + +func (ue *UdpEndpoint) start() { + buf := pool.Get(0xffff) + defer pool.Put(buf) + for { + n, from, err := ue.conn.ReadFrom(buf[:]) + if err != nil { + break + } + ue.mu.Lock() + ue.deadlineTimer.Reset(ue.NatTimeout) + ue.mu.Unlock() + if err = ue.handler(buf[:n], from.(*net.UDPAddr).AddrPort()); err != nil { + break + } + } + ue.mu.Lock() + ue.deadlineTimer.Stop() + ue.mu.Unlock() +} + +func (ue *UdpEndpoint) WriteToUDPAddrPort(b []byte, addr netip.AddrPort) (int, error) { + return ue.conn.WriteTo(b, net.UDPAddrFromAddrPort(addr)) +} + +func (ue *UdpEndpoint) Close() error { + ue.mu.Lock() + if ue.deadlineTimer != nil { + ue.deadlineTimer.Stop() + } + ue.mu.Unlock() + return ue.conn.Close() +} + +// UdpEndpointPool is a full-cone udp conn pool +type UdpEndpointPool struct { + pool map[netip.AddrPort]*UdpEndpoint + mu sync.Mutex +} +type UdpEndpointOptions struct { + Handler UdpHandler + NatTimeout time.Duration + Dialer proxy.Dialer + // Target is useful only if the underlay does not support Full-cone. + Target netip.AddrPort +} + +var DefaultUdpEndpointPool = NewUdpEndpointPool() + +func NewUdpEndpointPool() *UdpEndpointPool { + return &UdpEndpointPool{ + pool: make(map[netip.AddrPort]*UdpEndpoint), + } +} + +func (p *UdpEndpointPool) GetOrCreate(lAddr netip.AddrPort, createOption *UdpEndpointOptions) (udpEndpoint *UdpEndpoint, err error) { + p.mu.Lock() + defer p.mu.Unlock() + ue, ok := p.pool[lAddr] + if !ok { + // Create an UdpEndpoint. + if createOption == nil { + createOption = &UdpEndpointOptions{} + } + if createOption.NatTimeout == 0 { + createOption.NatTimeout = DefaultNatTimeout + } + if createOption.Handler == nil { + return nil, fmt.Errorf("createOption.Handler cannot be nil") + } + + udpConn, err := createOption.Dialer.Dial("udp", createOption.Target.String()) + //udpConn, err := net.ListenUDP("udp", nil) + if err != nil { + return nil, err + } + p.pool[lAddr] = &UdpEndpoint{ + conn: udpConn.(net.PacketConn), + deadlineTimer: time.AfterFunc(createOption.NatTimeout, func() { + p.mu.Lock() + defer p.mu.Unlock() + if ue, ok := p.pool[lAddr]; ok { + ue.Close() + delete(p.pool, lAddr) + } + }), + handler: createOption.Handler, + NatTimeout: createOption.NatTimeout, + } + ue = p.pool[lAddr] + // Receive UDP messages. + go ue.start() + } else { + // Postpone the deadline. + ue.mu.Lock() + ue.deadlineTimer.Reset(ue.NatTimeout) + ue.mu.Unlock() + } + return ue, nil +} diff --git a/component/control/utils.go b/component/control/utils.go new file mode 100644 index 0000000..06a6b1f --- /dev/null +++ b/component/control/utils.go @@ -0,0 +1,46 @@ +/* + * SPDX-License-Identifier: AGPL-3.0-only + * Copyright (c) since 2022, mzz2017 (mzz@tuta.io). All rights reserved. + */ + +package control + +import ( + "foo/common" + "github.com/cilium/ebpf" + "net/netip" +) + +type bpfLpmKey struct { + PrefixLen uint32 + Data [4]uint32 +} + +func (o *bpfObjects) NewLpmMap(keys []bpfLpmKey, values []uint32) (m *ebpf.Map, err error) { + m, err = o.UnusedLpmType.Clone() + if err != nil { + return nil, err + } + if _, err = m.BatchUpdate(keys, values, &ebpf.BatchOptions{ + ElemFlags: uint64(ebpf.UpdateAny), + }); err != nil { + return nil, err + } + return m, nil +} + +func swap16(a uint16) uint16 { + return (a >> 8) + ((a & 0xFF) << 8) +} + +func cidrToBpfLpmKey(prefix netip.Prefix) bpfLpmKey { + bits := prefix.Bits() + ip := prefix.Addr().As16() + if prefix.Addr().Is4() { + bits += 96 + } + return bpfLpmKey{ + PrefixLen: uint32(bits), + Data: common.Ipv6ByteSliceToUint32Array(ip[:]), + } +} diff --git a/component/outbound/dialer/alive_dialer_set.go b/component/outbound/dialer/alive_dialer_set.go new file mode 100644 index 0000000..cdb5bc2 --- /dev/null +++ b/component/outbound/dialer/alive_dialer_set.go @@ -0,0 +1,154 @@ +/* + * SPDX-License-Identifier: AGPL-3.0-only + * Copyright (c) since 2023, mzz2017 (mzz@tuta.io). All rights reserved. + */ + +package dialer + +import ( + "foo/common/consts" + "github.com/mzz2017/softwind/pkg/fastrand" + "github.com/sirupsen/logrus" + "sync" + "time" +) + +type minLatency struct { + latency time.Duration + dialer *Dialer +} + +// AliveDialerSet assumes mapping between index and dialer MUST remain unchanged. +// +// It is thread-safe. +type AliveDialerSet struct { + log *logrus.Logger + + mu sync.Mutex + dialerToIndex map[*Dialer]int // *Dialer -> index of inorderedAliveDialerSet + dialerToLatency map[*Dialer]time.Duration + inorderedAliveDialerSet []*Dialer + + selectionPolicy consts.DialerSelectionPolicy + minLatency minLatency +} + +func NewAliveDialerSet( + log *logrus.Logger, + selectionPolicy consts.DialerSelectionPolicy, + dialers []*Dialer, + setAlive bool, +) *AliveDialerSet { + a := &AliveDialerSet{ + log: log, + dialerToIndex: make(map[*Dialer]int), + dialerToLatency: make(map[*Dialer]time.Duration), + inorderedAliveDialerSet: make([]*Dialer, 0, len(dialers)), + selectionPolicy: selectionPolicy, + minLatency: minLatency{ + // Initiate the latency with a very big value. + latency: time.Hour, + }, + } + if setAlive && len(dialers) > 0 { + // Use first dialer if no dialer has alive state. + a.minLatency.dialer = dialers[0] + } + for _, d := range dialers { + a.dialerToIndex[d] = -1 + } + for _, d := range dialers { + a.SetAlive(d, setAlive) + } + return a +} + +func (a *AliveDialerSet) GetRand() *Dialer { + a.mu.Lock() + defer a.mu.Unlock() + if len(a.inorderedAliveDialerSet) == 0 { + return nil + } + ind := fastrand.Intn(len(a.inorderedAliveDialerSet)) + return a.inorderedAliveDialerSet[ind] +} + +// GetMinLatency acquires correct selectionPolicy. +func (a *AliveDialerSet) GetMinLatency() *Dialer { + return a.minLatency.dialer +} + +// SetAlive should be invoked when dialer every time latency and alive state changes. +func (a *AliveDialerSet) SetAlive(dialer *Dialer, alive bool) { + a.mu.Lock() + defer a.mu.Unlock() + var ( + latency time.Duration + hasLatency bool + ) + + switch a.selectionPolicy { + case consts.DialerSelectionPolicy_MinLastLatency: + latency, hasLatency = dialer.Latencies10.LastLatency() + case consts.DialerSelectionPolicy_MinAverage10Latencies: + latency, hasLatency = dialer.Latencies10.AvgLatency() + } + + if alive { + index := a.dialerToIndex[dialer] + if index >= 0 { + // This dialer is already alive. + } else { + // Not alive -> alive. + a.dialerToIndex[dialer] = len(a.inorderedAliveDialerSet) + a.inorderedAliveDialerSet = append(a.inorderedAliveDialerSet, dialer) + } + } else { + index := a.dialerToIndex[dialer] + if index >= 0 { + // Alive -> not alive. + // Remove the dialer from inorderedAliveDialerSet. + if index >= len(a.inorderedAliveDialerSet) { + a.log.Panicf("index:%v >= len(a.inorderedAliveDialerSet):%v", index, len(a.inorderedAliveDialerSet)) + } + a.dialerToIndex[dialer] = -1 + if index < len(a.inorderedAliveDialerSet)-1 { + // Swap this element with the last element. + dialerToSwap := a.inorderedAliveDialerSet[len(a.inorderedAliveDialerSet)-1] + if dialer == dialerToSwap { + a.log.Panicf("dialer[%p] == dialerToSwap[%p]", dialer, dialerToSwap) + } + + a.dialerToIndex[dialerToSwap] = index + a.inorderedAliveDialerSet[index], a.inorderedAliveDialerSet[len(a.inorderedAliveDialerSet)-1] = + a.inorderedAliveDialerSet[len(a.inorderedAliveDialerSet)-1], a.inorderedAliveDialerSet[index] + } + // Pop the last element. + a.inorderedAliveDialerSet = a.inorderedAliveDialerSet[:len(a.inorderedAliveDialerSet)-1] + } else { + // This dialer is already not alive. + } + } + + if hasLatency { + a.dialerToLatency[dialer] = latency + if latency < a.minLatency.latency { + a.minLatency.latency = latency + a.minLatency.dialer = dialer + } else if a.minLatency.dialer == dialer { + a.minLatency.latency = time.Hour + a.minLatency.dialer = nil + a.calcMinLatency() + } + } +} + +func (a *AliveDialerSet) calcMinLatency() { + for _, d := range a.inorderedAliveDialerSet { + latency := a.dialerToLatency[d] + if latency < a.minLatency.latency { + a.minLatency.latency = latency + a.minLatency.dialer = d + } + } +} diff --git a/component/outbound/dialer/context_dialer.go b/component/outbound/dialer/context_dialer.go new file mode 100644 index 0000000..cc5d0f6 --- /dev/null +++ b/component/outbound/dialer/context_dialer.go @@ -0,0 +1,39 @@ +/* + * SPDX-License-Identifier: AGPL-3.0-only + * Copyright (c) since 2023, mzz2017 (mzz@tuta.io). All rights reserved. + */ + +package dialer + +import ( + "context" + "golang.org/x/net/proxy" + "net" +) + +type ContextDialer struct { + Dialer proxy.Dialer +} + +func (d *ContextDialer) DialContext(ctx context.Context, network, addr string) (c net.Conn, err error) { + var done = make(chan struct{}) + go func() { + c, err = d.Dialer.Dial(network, addr) + if err != nil { + close(done) + return + } + select { + case <-ctx.Done(): + _ = c.Close() + default: + close(done) + } + }() + select { + case <-ctx.Done(): + return nil, ctx.Err() + case <-done: + return c, err + } +} diff --git a/component/outbound/dialer/dialer.go b/component/outbound/dialer/dialer.go new file mode 100644 index 0000000..443b262 --- /dev/null +++ b/component/outbound/dialer/dialer.go @@ -0,0 +1,179 @@ +package dialer + +import ( + "context" + "errors" + "fmt" + "foo/common/consts" + "github.com/mzz2017/softwind/pkg/fastrand" + "github.com/sirupsen/logrus" + "golang.org/x/net/proxy" + "net" + "net/http" + "path" + "strconv" + "strings" + "sync" + "time" +) + +var ( + ConnectivityTestFailedErr = fmt.Errorf("connectivity test failed") + UnexpectedFieldErr = fmt.Errorf("unexpected field") + InvalidParameterErr = fmt.Errorf("invalid parameters") +) + +type Dialer struct { + proxy.Dialer + supportUDP bool + name string + protocol string + link string + + Latencies10 *LatenciesN + aliveDialerSetSetMu sync.Mutex + // aliveDialerSetSet uses reference counting. + aliveDialerSetSet map[*AliveDialerSet]int + + tickerMu sync.Mutex + ticker *time.Ticker +} + +// NewDialer is for register in general. +func NewDialer(dialer proxy.Dialer, supportUDP bool, name string, protocol string, link string) *Dialer { + d := newDialer(dialer, supportUDP, name, protocol, link) + go d.aliveBackground() + return d +} + +// newDialer does not run background tasks. +func newDialer(dialer proxy.Dialer, supportUDP bool, name string, protocol string, link string) *Dialer { + d := &Dialer{ + Dialer: dialer, + supportUDP: supportUDP, + name: name, + protocol: protocol, + link: link, + Latencies10: NewLatenciesN(10), + // Set a very big cycle to wait for init. + ticker: time.NewTicker(time.Hour), + aliveDialerSetSet: make(map[*AliveDialerSet]int), + } + return d +} + +func (d *Dialer) aliveBackground() { + timeout := 10 * time.Second + cycle := 15 * time.Second + // Test once immediately. + go d.Test(timeout, consts.TestUrl) + + // Sleep to avoid avalanche. + time.Sleep(time.Duration(fastrand.Int63n(int64(cycle)))) + d.tickerMu.Lock() + d.ticker.Reset(cycle) + d.tickerMu.Unlock() + for range d.ticker.C { + // No need to test if there is no dialer selection policy using its latency. + if len(d.aliveDialerSetSet) > 0 { + d.Test(timeout, consts.TestUrl) + } + } +} + +func (d *Dialer) Close() error { + d.tickerMu.Lock() + d.ticker.Stop() + d.tickerMu.Unlock() + return nil +} + +// RegisterAliveDialerSet is thread-safe. +func (d *Dialer) RegisterAliveDialerSet(a *AliveDialerSet) { + d.aliveDialerSetSetMu.Lock() + d.aliveDialerSetSet[a]++ + d.aliveDialerSetSetMu.Unlock() +} + +// UnregisterAliveDialerSet is thread-safe. +func (d *Dialer) UnregisterAliveDialerSet(a *AliveDialerSet) { + d.aliveDialerSetSetMu.Lock() + defer d.aliveDialerSetSetMu.Unlock() + d.aliveDialerSetSet[a]-- + if d.aliveDialerSetSet[a] <= 0 { + delete(d.aliveDialerSetSet, a) + } +} + +func (d *Dialer) SupportUDP() bool { + return d.supportUDP +} + +func (d *Dialer) Name() string { + return d.name +} + +func (d *Dialer) Protocol() string { + return d.protocol +} + +func (d *Dialer) Link() string { + return d.link +} + +func (d *Dialer) Test(timeout time.Duration, url string) (ok bool, err error) { + ctx, cancel := context.WithTimeout(context.TODO(), timeout) + defer cancel() + start := time.Now() + // Calc latency. + defer func() { + var alive bool + if ok && err == nil { + // No error. + latency := time.Since(start) + // FIXME: Use log instead of logrus. + logrus.Debugf("Connectivity Test: %v: %v", d.name, latency) + d.Latencies10.AppendLatency(latency) + alive = true + } else { + // Append timeout if there is any error or unexpected status code. + if err != nil { + logrus.Debugf("Test [%v]: %v", d.name, err.Error()) + } + d.Latencies10.AppendLatency(timeout) + } + // Inform DialerGroups to update state. + d.aliveDialerSetSetMu.Lock() + for a := range d.aliveDialerSetSet { + a.SetAlive(d, alive) + } + d.aliveDialerSetSetMu.Unlock() + }() + + // HTTP(S) test. + cd := ContextDialer{d.Dialer} + cli := http.Client{ + Transport: &http.Transport{ + DialContext: cd.DialContext, + }, + Timeout: timeout, + } + req, err := http.NewRequestWithContext(ctx, "GET", url, nil) + if err != nil { + return false, fmt.Errorf("%v: %w", ConnectivityTestFailedErr, err) + } + resp, err := cli.Do(req) + if err != nil { + var netErr net.Error + if errors.As(err, &netErr); netErr.Timeout() { + err = fmt.Errorf("timeout") + } + return false, fmt.Errorf("%v: %w", ConnectivityTestFailedErr, err) + } + defer resp.Body.Close() + // Judge the status code. + if page := path.Base(req.URL.Path); strings.HasPrefix(page, "generate_") { + return strconv.Itoa(resp.StatusCode) == strings.TrimPrefix(page, "generate_"), nil + } + return resp.StatusCode >= 200 && resp.StatusCode < 400, nil +} diff --git a/component/outbound/dialer/direct.go b/component/outbound/dialer/direct.go new file mode 100644 index 0000000..1cdf6da --- /dev/null +++ b/component/outbound/dialer/direct.go @@ -0,0 +1,76 @@ +package dialer + +import ( + "golang.org/x/net/proxy" + "net" +) + +var SymmetricDirect = NewDirect(false) +var FullconeDirect = NewDirect(true) + +var SymmetricDirectDialer = newDialer(SymmetricDirect, true, "direct", "direct", "") +var FullconeDirectDialer = newDialer(FullconeDirect, true, "direct", "direct", "") + +type direct struct { + proxy.Dialer + netDialer net.Dialer + fullCone bool +} + +func NewDirect(fullCone bool) proxy.Dialer { + return &direct{ + netDialer: net.Dialer{}, + fullCone: fullCone, + } +} + +func (d *direct) Dial(network, addr string) (c net.Conn, err error) { + switch network { + case "tcp": + return d.netDialer.Dial(network, addr) + case "udp": + if d.fullCone { + conn, err := net.ListenUDP(network, nil) + if err != nil { + return nil, err + } + return &directUDPConn{UDPConn: conn, FullCone: true}, nil + } else { + conn, err := d.netDialer.Dial(network, addr) + if err != nil { + return nil, err + } + return &directUDPConn{UDPConn: conn.(*net.UDPConn), FullCone: false}, nil + } + default: + return nil, net.UnknownNetworkError(network) + } +} + +type directUDPConn struct { + *net.UDPConn + FullCone bool +} + +func (c *directUDPConn) WriteTo(b []byte, addr net.Addr) (int, error) { + if !c.FullCone { + // FIXME: check the addr + return c.Write(b) + } + return c.UDPConn.WriteTo(b, addr) +} + +func (c *directUDPConn) WriteMsgUDP(b, oob []byte, addr *net.UDPAddr) (n, oobn int, err error) { + if !c.FullCone { + n, err = c.Write(b) + return n, 0, err + } + return c.UDPConn.WriteMsgUDP(b, oob, addr) +} + +func (c *directUDPConn) WriteToUDP(b []byte, addr *net.UDPAddr) (int, error) { + if !c.FullCone { + return c.Write(b) + } + return c.UDPConn.WriteToUDP(b, addr) +} diff --git a/component/outbound/dialer/http/http.go b/component/outbound/dialer/http/http.go new file mode 100644 index 0000000..e5f698e --- /dev/null +++ b/component/outbound/dialer/http/http.go @@ -0,0 +1,138 @@ +package http + +import ( + "fmt" + "foo/component/outbound/dialer" + "github.com/mzz2017/softwind/protocol/http" + "gopkg.in/yaml.v3" + "net" + "net/url" + "strconv" +) + +func init() { + dialer.FromLinkRegister("http", NewHTTP) + dialer.FromLinkRegister("https", NewHTTP) + dialer.FromClashRegister("http", NewSocks5FromClashObj) +} + +type HTTP struct { + Name string `json:"name"` + Server string `json:"server"` + Port int `json:"port"` + Username string `json:"username"` + Password string `json:"password"` + SNI string `json:"sni"` + Protocol string `json:"protocol"` +} + +func NewHTTP(link string) (*dialer.Dialer, error) { + s, err := ParseHTTPURL(link) + if err != nil { + return nil, fmt.Errorf("%w: %v", dialer.InvalidParameterErr, err) + } + return s.Dialer() +} + +func NewSocks5FromClashObj(o *yaml.Node) (*dialer.Dialer, error) { + s, err := ParseClash(o) + if err != nil { + return nil, err + } + return s.Dialer() +} + +func ParseHTTPURL(link string) (data *HTTP, err error) { + u, err := url.Parse(link) + if err != nil || (u.Scheme != "http" && u.Scheme != "https") { + return nil, fmt.Errorf("%w: %v", dialer.InvalidParameterErr, err) + } + pwd, _ := u.User.Password() + strPort := u.Port() + if strPort == "" { + if u.Scheme == "http" { + strPort = "80" + } else if u.Scheme == "https" { + strPort = "443" + } + } + port, err := strconv.Atoi(strPort) + if err != nil { + return nil, fmt.Errorf("error when parsing port: %w", err) + } + return &HTTP{ + Name: u.Fragment, + Server: u.Hostname(), + Port: port, + Username: u.User.Username(), + Password: pwd, + SNI: u.Query().Get("sni"), + Protocol: u.Scheme, + }, nil +} + +func ParseClash(o *yaml.Node) (data *HTTP, err error) { + type HttpOption struct { + Name string `yaml:"name"` + Server string `yaml:"server"` + Port int `yaml:"port"` + UserName string `yaml:"username,omitempty"` + Password string `yaml:"password,omitempty"` + TLS bool `yaml:"tls,omitempty"` + SNI string `yaml:"sni,omitempty"` + SkipCertVerify bool `yaml:"skip-cert-verify,omitempty"` + } + var option HttpOption + if err = o.Decode(&option); err != nil { + return nil, err + } + scheme := "http" + if option.TLS { + scheme = "https" + } + if option.SkipCertVerify { + return nil, fmt.Errorf("%w: skip-cert-verify=true", dialer.UnexpectedFieldErr) + } + return &HTTP{ + Name: option.Name, + Server: option.Server, + Port: option.Port, + Username: option.UserName, + Password: option.Password, + SNI: option.SNI, + Protocol: scheme, + }, nil +} + +func (s *HTTP) Dialer() (*dialer.Dialer, error) { + u := s.URL() + d, err := http.NewHTTPProxy(&u, dialer.SymmetricDirect) + if err != nil { + return nil, err + } + return dialer.NewDialer(d, false, s.Name, s.Protocol, u.String()), nil +} + +func (s *HTTP) URL() url.URL { + u := url.URL{ + Scheme: s.Protocol, + Host: net.JoinHostPort(s.Server, strconv.Itoa(s.Port)), + Fragment: s.Name, + } + if s.SNI != "" { + u.RawQuery = url.Values{"sni": []string{s.SNI}}.Encode() + } + if s.Username != "" { + if s.Password != "" { + u.User = url.UserPassword(s.Username, s.Password) + } else { + u.User = url.User(s.Username) + } + } + return u +} + +func (s *HTTP) ExportToURL() string { + u := s.URL() + return u.String() +} diff --git a/component/outbound/dialer/latencies_n.go b/component/outbound/dialer/latencies_n.go new file mode 100644 index 0000000..6c09a21 --- /dev/null +++ b/component/outbound/dialer/latencies_n.go @@ -0,0 +1,61 @@ +/* + * SPDX-License-Identifier: AGPL-3.0-only + * Copyright (c) since 2023, mzz2017 (mzz@tuta.io). All rights reserved. + */ + +package dialer + +import ( + "container/list" + "sync" + "time" +) + +type LatenciesN struct { + N int + LastNLatencies *list.List + SumNLatencies time.Duration + + mu sync.Mutex +} + +func NewLatenciesN(n int) *LatenciesN { + return &LatenciesN{ + N: n, + LastNLatencies: list.New(), + SumNLatencies: 0, + } +} + +// AppendLatency appends a new latency to the back and keep the number in the list. Appending a fixed duration for +// failed or timeout situation is recommended. +// +// It is thread-safe. +func (ln *LatenciesN) AppendLatency(l time.Duration) { + ln.mu.Lock() + defer ln.mu.Unlock() + if ln.LastNLatencies.Len() >= ln.N { + ln.SumNLatencies -= ln.LastNLatencies.Front().Value.(time.Duration) + ln.LastNLatencies.Remove(ln.LastNLatencies.Front()) + } + ln.SumNLatencies += l + ln.LastNLatencies.PushBack(l) +} + +func (ln *LatenciesN) LastLatency() (time.Duration, bool) { + ln.mu.Lock() + defer ln.mu.Unlock() + if ln.LastNLatencies.Len() == 0 { + return 0, false + } + return ln.LastNLatencies.Back().Value.(time.Duration), true +} + +func (ln *LatenciesN) AvgLatency() (time.Duration, bool) { + ln.mu.Lock() + defer ln.mu.Unlock() + if ln.LastNLatencies.Len() == 0 { + return 0, false + } + return ln.SumNLatencies / time.Duration(ln.LastNLatencies.Len()), true +} diff --git a/component/outbound/dialer/register.go b/component/outbound/dialer/register.go new file mode 100644 index 0000000..595e54e --- /dev/null +++ b/component/outbound/dialer/register.go @@ -0,0 +1,53 @@ +/* + * SPDX-License-Identifier: AGPL-3.0-only + * Copyright (c) since 2023, mzz2017 (mzz@tuta.io). All rights reserved. + */ + +package dialer + +import ( + "fmt" + "gopkg.in/yaml.v3" + "net/url" +) + +type FromLinkCreator func(link string) (dialer *Dialer, err error) + +var fromLinkCreators = make(map[string]FromLinkCreator) + +func FromLinkRegister(name string, creator FromLinkCreator) { + fromLinkCreators[name] = creator +} + +func NewFromLink(link string) (dialer *Dialer, err error) { + u, err := url.Parse(link) + if err != nil { + return nil, err + } + if creator, ok := fromLinkCreators[u.Scheme]; ok { + return creator(link) + } else { + return nil, fmt.Errorf("unexpected link type: %v", u.Scheme) + } +} + +type FromClashCreator func(clashObj *yaml.Node) (dialer *Dialer, err error) + +var fromClashCreators = make(map[string]FromClashCreator) + +func FromClashRegister(name string, creator FromClashCreator) { + fromClashCreators[name] = creator +} + +func NewFromClash(clashObj *yaml.Node) (dialer *Dialer, err error) { + preUnload := make(map[string]interface{}) + if err := clashObj.Decode(&preUnload); err != nil { + return nil, err + } + name, _ := preUnload["type"].(string) + if creator, ok := fromClashCreators[name]; ok { + return creator(clashObj) + } else { + return nil, fmt.Errorf("unexpected link type: %v", name) + } +} diff --git a/component/outbound/dialer/shadowsocks/shadowsocks.go b/component/outbound/dialer/shadowsocks/shadowsocks.go new file mode 100644 index 0000000..3d62640 --- /dev/null +++ b/component/outbound/dialer/shadowsocks/shadowsocks.go @@ -0,0 +1,279 @@ +package shadowsocks + +import ( + "encoding/base64" + "fmt" + "foo/common" + "foo/component/outbound/dialer" + "foo/component/outbound/dialer/transport/simpleobfs" + "github.com/mzz2017/softwind/protocol" + "github.com/mzz2017/softwind/protocol/shadowsocks" + "gopkg.in/yaml.v3" + "net" + "net/url" + "strconv" + "strings" +) + +func init() { + // Use random salt by default to decrease the boot time + shadowsocks.DefaultSaltGeneratorType = shadowsocks.RandomSaltGeneratorType + + dialer.FromLinkRegister("shadowsocks", NewShadowsocksFromLink) + dialer.FromLinkRegister("ss", NewShadowsocksFromLink) + dialer.FromClashRegister("ss", NewShadowsocksFromClashObj) +} + +type Shadowsocks struct { + Name string `json:"name"` + Server string `json:"server"` + Port int `json:"port"` + Password string `json:"password"` + Cipher string `json:"cipher"` + Plugin Sip003 `json:"plugin"` + UDP bool `json:"udp"` + Protocol string `json:"protocol"` +} + +func NewShadowsocksFromLink(link string) (*dialer.Dialer, error) { + s, err := ParseSSURL(link) + if err != nil { + return nil, err + } + return s.Dialer() +} + +func NewShadowsocksFromClashObj(o *yaml.Node) (*dialer.Dialer, error) { + s, err := ParseClash(o) + if err != nil { + return nil, err + } + return s.Dialer() +} + +func (s *Shadowsocks) Dialer() (*dialer.Dialer, error) { + // FIXME: support plain/none. + switch s.Cipher { + case "aes-256-gcm", "aes-128-gcm", "chacha20-poly1305", "chacha20-ietf-poly1305": + default: + return nil, fmt.Errorf("unsupported shadowsocks encryption method: %v", s.Cipher) + } + supportUDP := s.UDP + d := dialer.SymmetricDirect + d, err := protocol.NewDialer("shadowsocks", d, protocol.Header{ + ProxyAddress: net.JoinHostPort(s.Server, strconv.Itoa(s.Port)), + Cipher: s.Cipher, + Password: s.Password, + IsClient: true, + }) + if err != nil { + return nil, err + } + switch s.Plugin.Name { + case "simple-obfs": + uSimpleObfs := url.URL{ + Scheme: "simple-obfs", + Host: net.JoinHostPort(s.Server, strconv.Itoa(s.Port)), + RawQuery: url.Values{ + "obfs": []string{s.Plugin.Opts.Obfs}, + "host": []string{s.Plugin.Opts.Host}, + "uri": []string{s.Plugin.Opts.Path}, + }.Encode(), + } + d, err = simpleobfs.NewSimpleObfs(uSimpleObfs.String(), d) + if err != nil { + return nil, err + } + supportUDP = false + } + return dialer.NewDialer(d, supportUDP, s.Name, s.Protocol, s.ExportToURL()), nil +} + +func ParseClash(o *yaml.Node) (data *Shadowsocks, err error) { + type simpleObfsOption struct { + Mode string `obfs:"mode,omitempty"` + Host string `obfs:"host,omitempty"` + } + type ShadowSocksOption struct { + Name string `yaml:"name"` + Server string `yaml:"server"` + Port int `yaml:"port"` + Password string `yaml:"password"` + Cipher string `yaml:"cipher"` + UDP bool `yaml:"udp,omitempty"` + Plugin string `yaml:"plugin,omitempty"` + PluginOpts simpleObfsOption `yaml:"plugin-opts,omitempty"` + } + var option ShadowSocksOption + if err = o.Decode(&option); err != nil { + return nil, err + } + data = &Shadowsocks{ + Name: option.Name, + Server: option.Server, + Port: option.Port, + Password: option.Password, + Cipher: option.Cipher, + UDP: option.UDP, + Protocol: "shadowsocks", + } + if option.Plugin == "obfs" { + data.Plugin.Name = "simple-obfs" + data.Plugin.Opts.Obfs = option.PluginOpts.Mode + data.Plugin.Opts.Host = data.Plugin.Opts.Host + if data.Plugin.Opts.Host == "" { + data.Plugin.Opts.Host = "bing.com" + } + } + return data, nil +} + +func ParseSSURL(u string) (data *Shadowsocks, err error) { + // parse attempts to parse ss:// links + parse := func(content string) (v *Shadowsocks, ok bool) { + // try to parse in the format of ss://BASE64(method:password)@server:port/?plugin=xxxx#name + u, err := url.Parse(content) + if err != nil { + return nil, false + } + username := u.User.String() + username, _ = common.Base64UrlDecode(username) + arr := strings.SplitN(username, ":", 2) + if len(arr) != 2 { + return nil, false + } + cipher := arr[0] + password := arr[1] + var sip003 Sip003 + plugin := u.Query().Get("plugin") + if len(plugin) > 0 { + sip003 = ParseSip003(plugin) + } + port, err := strconv.Atoi(u.Port()) + if err != nil { + return nil, false + } + return &Shadowsocks{ + Cipher: strings.ToLower(cipher), + Password: password, + Server: u.Hostname(), + Port: port, + Name: u.Fragment, + Plugin: sip003, + UDP: sip003.Name == "", + Protocol: "shadowsocks", + }, true + } + var ( + v *Shadowsocks + ok bool + ) + content := u + // try to parse the ss:// link, if it fails, base64 decode first + if v, ok = parse(content); !ok { + // 进行base64解码,并unmarshal到VmessInfo上 + t := content[5:] + var l, r string + if ind := strings.Index(t, "#"); ind > -1 { + l = t[:ind] + r = t[ind+1:] + } else { + l = t + } + l, err = common.Base64StdDecode(l) + if err != nil { + l, err = common.Base64UrlDecode(l) + if err != nil { + return + } + } + t = "ss://" + l + if len(r) > 0 { + t += "#" + r + } + v, ok = parse(t) + } + if !ok { + return nil, fmt.Errorf("%w: unrecognized ss address", dialer.InvalidParameterErr) + } + return v, nil +} + +type Sip003 struct { + Name string `json:"name"` + Opts Sip003Opts `json:"opts"` +} +type Sip003Opts struct { + Tls string `json:"tls"` // for v2ray-plugin + Obfs string `json:"obfs"` + Host string `json:"host"` + Path string `json:"uri"` +} + +func ParseSip003Opts(opts string) Sip003Opts { + var sip003Opts Sip003Opts + fields := strings.Split(opts, ";") + for i := range fields { + a := strings.Split(fields[i], "=") + if len(a) == 1 { + // to avoid panic + a = append(a, "") + } + switch a[0] { + case "tls": + sip003Opts.Tls = "tls" + case "obfs", "mode": + sip003Opts.Obfs = a[1] + case "obfs-path", "obfs-uri", "path": + if !strings.HasPrefix(a[1], "/") { + a[1] += "/" + } + sip003Opts.Path = a[1] + case "obfs-host", "host": + sip003Opts.Host = a[1] + } + } + return sip003Opts +} +func ParseSip003(plugin string) Sip003 { + var sip003 Sip003 + fields := strings.SplitN(plugin, ";", 2) + switch fields[0] { + case "obfs-local", "simpleobfs": + sip003.Name = "simple-obfs" + default: + sip003.Name = fields[0] + } + sip003.Opts = ParseSip003Opts(fields[1]) + return sip003 +} + +func (s *Sip003) String() string { + list := []string{s.Name} + if s.Opts.Obfs != "" { + list = append(list, "obfs="+s.Opts.Obfs) + } + if s.Opts.Host != "" { + list = append(list, "obfs-host="+s.Opts.Host) + } + if s.Opts.Path != "" { + list = append(list, "obfs-uri="+s.Opts.Path) + } + return strings.Join(list, ";") +} + +func (s *Shadowsocks) ExportToURL() string { + // sip002 + u := &url.URL{ + Scheme: "ss", + User: url.User(strings.TrimSuffix(base64.URLEncoding.EncodeToString([]byte(s.Cipher+":"+s.Password)), "=")), + Host: net.JoinHostPort(s.Server, strconv.Itoa(s.Port)), + Fragment: s.Name, + } + if s.Plugin.Name != "" { + q := u.Query() + q.Set("plugin", s.Plugin.String()) + u.RawQuery = q.Encode() + } + return u.String() +} diff --git a/component/outbound/dialer/shadowsocksr/shadowsocksr.go b/component/outbound/dialer/shadowsocksr/shadowsocksr.go new file mode 100644 index 0000000..41b1c30 --- /dev/null +++ b/component/outbound/dialer/shadowsocksr/shadowsocksr.go @@ -0,0 +1,186 @@ +package shadowsocksr + +import ( + "encoding/base64" + "fmt" + "foo/common" + "foo/component/outbound/dialer" + ssr "github.com/v2rayA/shadowsocksR/client" + "gopkg.in/yaml.v3" + "net" + "net/url" + "strconv" + "strings" +) + +func init() { + dialer.FromLinkRegister("shadowsocksr", NewShadowsocksR) + dialer.FromLinkRegister("ssr", NewShadowsocksR) + dialer.FromClashRegister("ssr", NewShadowsocksRFromClashObj) +} + +type ShadowsocksR struct { + Name string `json:"name"` + Server string `json:"server"` + Port int `json:"port"` + Password string `json:"password"` + Cipher string `json:"cipher"` + Proto string `json:"proto"` + ProtoParam string `json:"protoParam"` + Obfs string `json:"obfs"` + ObfsParam string `json:"obfsParam"` + Protocol string `json:"protocol"` +} + +func NewShadowsocksR(link string) (*dialer.Dialer, error) { + s, err := ParseSSRURL(link) + if err != nil { + return nil, err + } + return s.Dialer() +} + +func NewShadowsocksRFromClashObj(o *yaml.Node) (*dialer.Dialer, error) { + s, err := ParseClash(o) + if err != nil { + return nil, err + } + return s.Dialer() +} + +func (s *ShadowsocksR) Dialer() (*dialer.Dialer, error) { + u := url.URL{ + Scheme: "ssr", + User: url.UserPassword(s.Cipher, s.Password), + Host: net.JoinHostPort(s.Server, strconv.Itoa(s.Port)), + RawQuery: url.Values{ + "protocol": []string{s.Proto}, + "protocol_param": []string{s.ProtoParam}, + "obfs": []string{s.Obfs}, + "obfs_param": []string{s.ObfsParam}, + }.Encode(), + } + d, err := ssr.NewSSR(u.String(), dialer.SymmetricDirect, nil) + if err != nil { + return nil, err + } + return dialer.NewDialer(d, false, s.Name, s.Protocol, s.ExportToURL()), nil +} + +func ParseClash(o *yaml.Node) (data *ShadowsocksR, err error) { + type ShadowSocksROption struct { + Name string `yaml:"name"` + Server string `yaml:"server"` + Port int `yaml:"port"` + Password string `yaml:"password"` + Cipher string `yaml:"cipher"` + Obfs string `yaml:"obfs"` + ObfsParam string `yaml:"obfs-param,omitempty"` + Protocol string `yaml:"protocol"` + ProtocolParam string `yaml:"protocol-param,omitempty"` + UDP bool `yaml:"udp,omitempty"` + } + var option ShadowSocksROption + if err = o.Decode(&option); err != nil { + return nil, err + } + return &ShadowsocksR{ + Name: option.Name, + Server: option.Server, + Port: option.Port, + Password: option.Password, + Cipher: option.Cipher, + Proto: option.Protocol, + ProtoParam: option.ProtocolParam, + Obfs: option.Obfs, + ObfsParam: option.ObfsParam, + Protocol: "shadowsocksr", + }, nil +} + +func ParseSSRURL(u string) (data *ShadowsocksR, err error) { + // parse attempts to parse ss:// links + parse := func(content string) (v ShadowsocksR, ok bool) { + arr := strings.Split(content, "/?") + if strings.Contains(content, ":") && len(arr) < 2 { + content += "/?remarks=&protoparam=&obfsparam=" + arr = strings.Split(content, "/?") + } else if len(arr) != 2 { + return v, false + } + pre := strings.Split(arr[0], ":") + if len(pre) > 6 { + //if the length is more than 6, it means that the host contains the characters:, + //re-merge the first few groups into the host + pre[len(pre)-6] = strings.Join(pre[:len(pre)-5], ":") + pre = pre[len(pre)-6:] + } else if len(pre) < 6 { + return v, false + } + q, err := url.ParseQuery(arr[1]) + if err != nil { + return v, false + } + pswd, _ := common.Base64UrlDecode(pre[5]) + add, _ := common.Base64UrlDecode(pre[0]) + remarks, _ := common.Base64UrlDecode(q.Get("remarks")) + protoparam, _ := common.Base64UrlDecode(q.Get("protoparam")) + obfsparam, _ := common.Base64UrlDecode(q.Get("obfsparam")) + port, err := strconv.Atoi(pre[1]) + if err != nil { + return v, false + } + v = ShadowsocksR{ + Name: remarks, + Server: add, + Port: port, + Password: pswd, + Cipher: pre[3], + Proto: pre[2], + ProtoParam: protoparam, + Obfs: pre[4], + ObfsParam: obfsparam, + Protocol: "shadowsocksr", + } + return v, true + } + content := u[6:] + var ( + info ShadowsocksR + ok bool + ) + // try parsing the ssr:// link, if it fails, base64 decode first + if info, ok = parse(content); !ok { + // perform base64 decoding and parse again + content, err = common.Base64StdDecode(content) + if err != nil { + content, err = common.Base64UrlDecode(content) + if err != nil { + return + } + } + info, ok = parse(content) + } + if !ok { + err = fmt.Errorf("%w: unrecognized ssr address", dialer.InvalidParameterErr) + return + } + return &info, nil +} + +func (s *ShadowsocksR) ExportToURL() string { + /* ssr://server:port:proto:method:obfs:URLBASE64(password)/?remarks=URLBASE64(remarks)&protoparam=URLBASE64(protoparam)&obfsparam=URLBASE64(obfsparam)) */ + return fmt.Sprintf("ssr://%v", strings.TrimSuffix(base64.URLEncoding.EncodeToString([]byte( + fmt.Sprintf( + "%v:%v:%v:%v:%v/?remarks=%v&protoparam=%v&obfsparam=%v", + net.JoinHostPort(s.Server, strconv.Itoa(s.Port)), + s.Proto, + s.Cipher, + s.Obfs, + base64.URLEncoding.EncodeToString([]byte(s.Password)), + base64.URLEncoding.EncodeToString([]byte(s.Name)), + base64.URLEncoding.EncodeToString([]byte(s.ProtoParam)), + base64.URLEncoding.EncodeToString([]byte(s.ObfsParam)), + ), + )), "=")) +} diff --git a/component/outbound/dialer/socks/socks.go b/component/outbound/dialer/socks/socks.go new file mode 100644 index 0000000..6d61b21 --- /dev/null +++ b/component/outbound/dialer/socks/socks.go @@ -0,0 +1,138 @@ +package socks + +import ( + "fmt" + "foo/component/outbound/dialer" + "github.com/nadoo/glider/proxy" + "github.com/nadoo/glider/proxy/socks4" + "github.com/nadoo/glider/proxy/socks5" + "gopkg.in/yaml.v3" + "net" + "net/url" + "strconv" +) + +func init() { + dialer.FromLinkRegister("socks", NewSocks) // socks -> socks5 + dialer.FromLinkRegister("socks4", NewSocks) + dialer.FromLinkRegister("socks4a", NewSocks) + dialer.FromLinkRegister("socks5", NewSocks) + dialer.FromClashRegister("socks5", NewSocks5FromClashObj) +} + +type Socks struct { + Name string `json:"name"` + Server string `json:"server"` + Port int `json:"port"` + Username string `json:"username"` + Password string `json:"password"` + Protocol string `json:"protocol"` +} + +func NewSocks(link string) (*dialer.Dialer, error) { + s, err := ParseSocksURL(link) + if err != nil { + return nil, dialer.InvalidParameterErr + } + return s.Dialer() +} + +func NewSocks5FromClashObj(o *yaml.Node) (*dialer.Dialer, error) { + s, err := ParseClashSocks5(o) + if err != nil { + return nil, err + } + return s.Dialer() +} + +func (s *Socks) Dialer() (*dialer.Dialer, error) { + link := s.ExportToURL() + switch s.Protocol { + case "", "socks", "socks5": + d, err := socks5.NewSocks5Dialer(link, &proxy.Direct{}) + if err != nil { + return nil, err + } + return dialer.NewDialer(d, true, s.Name, s.Protocol, link), nil + case "socks4", "socks4a": + d, err := socks4.NewSocks4Dialer(link, &proxy.Direct{}) + if err != nil { + return nil, err + } + return dialer.NewDialer(d, false, s.Name, s.Protocol, link), nil + default: + return nil, fmt.Errorf("unexpected protocol: %v", s.Protocol) + } +} + +func ParseClashSocks5(o *yaml.Node) (data *Socks, err error) { + type Socks5Option struct { + Name string `yaml:"name"` + Server string `yaml:"server"` + Port int `yaml:"port"` + UserName string `yaml:"username,omitempty"` + Password string `yaml:"password,omitempty"` + TLS bool `yaml:"tls,omitempty"` + UDP bool `yaml:"udp,omitempty"` + SkipCertVerify bool `yaml:"skip-cert-verify,omitempty"` + } + var option Socks5Option + if err = o.Decode(&option); err != nil { + return nil, err + } + if option.TLS { + return nil, fmt.Errorf("%w: tls=true", dialer.UnexpectedFieldErr) + } + if option.SkipCertVerify { + return nil, fmt.Errorf("%w: skip-cert-verify=true", dialer.UnexpectedFieldErr) + } + return &Socks{ + Name: option.Name, + Server: option.Server, + Port: option.Port, + Username: option.UserName, + Password: option.Password, + Protocol: "socks5", + }, nil +} + +func ParseSocksURL(link string) (data *Socks, err error) { + u, err := url.Parse(link) + if err != nil { + return nil, dialer.InvalidParameterErr + } + pwd, _ := u.User.Password() + strPort := u.Port() + port, err := strconv.Atoi(strPort) + if err != nil { + return nil, err + } + // socks -> socks5 + if u.Scheme == "socks" { + u.Scheme = "socks5" + } + return &Socks{ + Name: u.Fragment, + Server: u.Hostname(), + Port: port, + Username: u.User.Username(), + Password: pwd, + Protocol: u.Scheme, + }, nil +} + +func (s *Socks) ExportToURL() string { + var user *url.Userinfo + if s.Password != "" { + user = url.UserPassword(s.Username, s.Password) + } else { + user = url.User(s.Username) + } + u := url.URL{ + Scheme: s.Protocol, + User: user, + Host: net.JoinHostPort(s.Server, strconv.Itoa(s.Port)), + Fragment: s.Name, + } + return u.String() +} diff --git a/component/outbound/dialer/transport/simpleobfs/http.go b/component/outbound/dialer/transport/simpleobfs/http.go new file mode 100644 index 0000000..6dc719a --- /dev/null +++ b/component/outbound/dialer/transport/simpleobfs/http.go @@ -0,0 +1,101 @@ +// from https://github.com/Dreamacro/clash/blob/master/component/simple-obfs/http.go + +package simpleobfs + +import ( + "bytes" + "encoding/base64" + "fmt" + "github.com/mzz2017/softwind/pool" + "io" + "math/rand" + "net" + "net/http" + "strings" +) + +// HTTPObfs is shadowsocks http simple-obfs implementation +type HTTPObfs struct { + net.Conn + host string + port string + path string + buf []byte + offset int + firstRequest bool + firstResponse bool +} + +func (ho *HTTPObfs) Read(b []byte) (int, error) { + if ho.buf != nil { + n := copy(b, ho.buf[ho.offset:]) + ho.offset += n + if ho.offset == len(ho.buf) { + pool.Put(ho.buf) + ho.buf = nil + } + return n, nil + } + + if ho.firstResponse { + buf := pool.Get(1 << 15) + n, err := ho.Conn.Read(buf) + if err != nil { + pool.Put(buf) + return 0, err + } + idx := bytes.Index(buf[:n], []byte("\r\n\r\n")) + if idx == -1 { + pool.Put(buf) + return 0, io.EOF + } + ho.firstResponse = false + length := n - (idx + 4) + n = copy(b, buf[idx+4:n]) + if length > n { + ho.buf = buf[:idx+4+length] + ho.offset = idx + 4 + n + } else { + pool.Put(buf) + } + return n, nil + } + return ho.Conn.Read(b) +} + +func (ho *HTTPObfs) Write(b []byte) (int, error) { + if ho.firstRequest { + randBytes := make([]byte, 16) + rand.Read(randBytes) + req, _ := http.NewRequest("GET", fmt.Sprintf("http://%s%s", ho.host, ho.path), bytes.NewBuffer(b[:])) + req.Header.Set("User-Agent", fmt.Sprintf("curl/7.%d.%d", rand.Int()%54, rand.Int()%2)) + req.Header.Set("Upgrade", "websocket") + req.Header.Set("Connection", "Upgrade") + req.Host = ho.host + if ho.port != "80" { + req.Host = fmt.Sprintf("%s:%s", ho.host, ho.port) + } + req.Header.Set("Sec-WebSocket-Key", base64.URLEncoding.EncodeToString(randBytes)) + req.ContentLength = int64(len(b)) + err := req.Write(ho.Conn) + ho.firstRequest = false + return len(b), err + } + + return ho.Conn.Write(b) +} + +// NewHTTPObfs return a HTTPObfs +func NewHTTPObfs(conn net.Conn, host string, port string, path string) net.Conn { + if !strings.HasPrefix(path, "/") { + path = "/" + path + } + return &HTTPObfs{ + Conn: conn, + firstRequest: true, + firstResponse: true, + host: host, + port: port, + path: path, + } +} diff --git a/component/outbound/dialer/transport/simpleobfs/simpleobfs.go b/component/outbound/dialer/transport/simpleobfs/simpleobfs.go new file mode 100644 index 0000000..17c3166 --- /dev/null +++ b/component/outbound/dialer/transport/simpleobfs/simpleobfs.go @@ -0,0 +1,83 @@ +package simpleobfs + +import ( + "fmt" + "golang.org/x/net/proxy" + "net" + "net/url" + "strings" +) + +type ObfsType int + +const ( + HTTP ObfsType = iota + TLS +) + +// SimpleObfs is a base http-obfs struct +type SimpleObfs struct { + dialer proxy.Dialer + obfstype ObfsType + addr string + path string + host string +} + +// NewSimpleobfs returns a simpleobfs proxy. +func NewSimpleObfs(s string, d proxy.Dialer) (*SimpleObfs, error) { + u, err := url.Parse(s) + if err != nil { + return nil, fmt.Errorf("simpleobfs: %w", err) + } + + t := &SimpleObfs{ + dialer: d, + addr: u.Host, + } + query := u.Query() + obfstype := query.Get("type") + if obfstype == "" { + obfstype = query.Get("obfs") + } + switch strings.ToLower(obfstype) { + case "http": + t.obfstype = HTTP + case "tls": + t.obfstype = TLS + default: + return nil, fmt.Errorf("unsupported obfs type %v", obfstype) + } + t.host = query.Get("host") + t.path = query.Get("path") + if t.path == "" { + t.path = query.Get("uri") + } + return t, nil +} + +// Dial connects to the address addr on the network net via the proxy. +func (s *SimpleObfs) Dial(network, addr string) (c net.Conn, err error) { + if network == "udp" { + return nil, fmt.Errorf("simple-obfs does not support UDP") + } + + rc, err := s.dialer.Dial("tcp", s.addr) + if err != nil { + return nil, fmt.Errorf("[simpleobfs]: dial to %s: %w", s.addr, err) + } + switch s.obfstype { + case HTTP: + rs := strings.Split(s.addr, ":") + var port string + if len(rs) == 1 { + port = "80" + } else { + port = rs[1] + } + c = NewHTTPObfs(rc, rs[0], port, s.path) + case TLS: + c = NewTLSObfs(rc, s.host) + } + return c, err +} diff --git a/component/outbound/dialer/transport/simpleobfs/tls.go b/component/outbound/dialer/transport/simpleobfs/tls.go new file mode 100644 index 0000000..2b6fc57 --- /dev/null +++ b/component/outbound/dialer/transport/simpleobfs/tls.go @@ -0,0 +1,192 @@ +// from https://github.com/Dreamacro/clash/blob/master/component/simple-obfs/tls.go + +package simpleobfs + +import ( + "bytes" + "encoding/binary" + "github.com/mzz2017/softwind/pkg/fastrand" + "io" + "net" + "time" +) + +const ( + chunkSize = 1 << 14 // 2 ** 14 == 16 * 1024 +) + +// TLSObfs is shadowsocks tls simple-obfs implementation +type TLSObfs struct { + net.Conn + server string + remain int + firstRequest bool + firstResponse bool +} + +func (to *TLSObfs) read(b []byte, discardN int) (int, error) { + buf := make([]byte, discardN) + _, err := io.ReadFull(to.Conn, buf) + if err != nil { + return 0, err + } + sizeBuf := make([]byte, 2) + _, err = io.ReadFull(to.Conn, sizeBuf) + if err != nil { + return 0, nil + } + + length := int(binary.BigEndian.Uint16(sizeBuf)) + if length > len(b) { + n, err := to.Conn.Read(b) + if err != nil { + return n, err + } + to.remain = length - n + return n, nil + } + + return io.ReadFull(to.Conn, b[:length]) +} + +func (to *TLSObfs) Read(b []byte) (int, error) { + if to.remain > 0 { + length := to.remain + if length > len(b) { + length = len(b) + } + + n, err := io.ReadFull(to.Conn, b[:length]) + to.remain -= n + return n, err + } + + if to.firstResponse { + // type + ver + lensize + 91 = 96 + // type + ver + lensize + 1 = 6 + // type + ver = 3 + to.firstResponse = false + return to.read(b, 105) + } + + // type + ver = 3 + return to.read(b, 3) +} +func (to *TLSObfs) Write(b []byte) (int, error) { + length := len(b) + for i := 0; i < length; i += chunkSize { + end := i + chunkSize + if end > length { + end = length + } + + n, err := to.write(b[i:end]) + if err != nil { + return n, err + } + } + return length, nil +} + +func (to *TLSObfs) write(b []byte) (int, error) { + if to.firstRequest { + helloMsg := makeClientHelloMsg(b, to.server) + _, err := to.Conn.Write(helloMsg) + to.firstRequest = false + return len(b), err + } + + buf := &bytes.Buffer{} + buf.Write([]byte{0x17, 0x03, 0x03}) + binary.Write(buf, binary.BigEndian, uint16(len(b))) + buf.Write(b) + _, err := to.Conn.Write(buf.Bytes()) + return len(b), err +} + +// NewTLSObfs return a SimpleObfs +func NewTLSObfs(conn net.Conn, server string) net.Conn { + return &TLSObfs{ + Conn: conn, + server: server, + firstRequest: true, + firstResponse: true, + } +} + +func makeClientHelloMsg(data []byte, server string) []byte { + random := make([]byte, 28) + sessionID := make([]byte, 32) + fastrand.Read(random) + fastrand.Read(sessionID) + + buf := &bytes.Buffer{} + + // handshake, TLS 1.0 version, length + buf.WriteByte(22) + buf.Write([]byte{0x03, 0x01}) + length := uint16(212 + len(data) + len(server)) + buf.WriteByte(byte(length >> 8)) + buf.WriteByte(byte(length & 0xff)) + + // clientHello, length, TLS 1.2 version + buf.WriteByte(1) + buf.WriteByte(0) + binary.Write(buf, binary.BigEndian, uint16(208+len(data)+len(server))) + buf.Write([]byte{0x03, 0x03}) + + // random with timestamp, sid len, sid + binary.Write(buf, binary.BigEndian, uint32(time.Now().Unix())) + buf.Write(random) + buf.WriteByte(32) + buf.Write(sessionID) + + // cipher suites + buf.Write([]byte{0x00, 0x38}) + buf.Write([]byte{ + 0xc0, 0x2c, 0xc0, 0x30, 0x00, 0x9f, 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, 0xc0, 0x2b, 0xc0, 0x2f, + 0x00, 0x9e, 0xc0, 0x24, 0xc0, 0x28, 0x00, 0x6b, 0xc0, 0x23, 0xc0, 0x27, 0x00, 0x67, 0xc0, 0x0a, + 0xc0, 0x14, 0x00, 0x39, 0xc0, 0x09, 0xc0, 0x13, 0x00, 0x33, 0x00, 0x9d, 0x00, 0x9c, 0x00, 0x3d, + 0x00, 0x3c, 0x00, 0x35, 0x00, 0x2f, 0x00, 0xff, + }) + + // compression + buf.Write([]byte{0x01, 0x00}) + + // extension length + binary.Write(buf, binary.BigEndian, uint16(79+len(data)+len(server))) + + // session ticket + buf.Write([]byte{0x00, 0x23}) + binary.Write(buf, binary.BigEndian, uint16(len(data))) + buf.Write(data) + + // server name + buf.Write([]byte{0x00, 0x00}) + binary.Write(buf, binary.BigEndian, uint16(len(server)+5)) + binary.Write(buf, binary.BigEndian, uint16(len(server)+3)) + buf.WriteByte(0) + binary.Write(buf, binary.BigEndian, uint16(len(server))) + buf.Write([]byte(server)) + + // ec_point + buf.Write([]byte{0x00, 0x0b, 0x00, 0x04, 0x03, 0x01, 0x00, 0x02}) + + // groups + buf.Write([]byte{0x00, 0x0a, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x1d, 0x00, 0x17, 0x00, 0x19, 0x00, 0x18}) + + // signature + buf.Write([]byte{ + 0x00, 0x0d, 0x00, 0x20, 0x00, 0x1e, 0x06, 0x01, 0x06, 0x02, 0x06, 0x03, 0x05, + 0x01, 0x05, 0x02, 0x05, 0x03, 0x04, 0x01, 0x04, 0x02, 0x04, 0x03, 0x03, 0x01, + 0x03, 0x02, 0x03, 0x03, 0x02, 0x01, 0x02, 0x02, 0x02, 0x03, + }) + + // encrypt then mac + buf.Write([]byte{0x00, 0x16, 0x00, 0x00}) + + // extended master secret + buf.Write([]byte{0x00, 0x17, 0x00, 0x00}) + + return buf.Bytes() +} diff --git a/component/outbound/dialer/transport/tls/tls.go b/component/outbound/dialer/transport/tls/tls.go new file mode 100644 index 0000000..ec0bc49 --- /dev/null +++ b/component/outbound/dialer/transport/tls/tls.go @@ -0,0 +1,62 @@ +package tls + +import ( + "crypto/tls" + "fmt" + "golang.org/x/net/proxy" + "net" + "net/url" +) + +// Tls is a base Tls struct +type Tls struct { + dialer proxy.Dialer + addr string + serverName string + skipVerify bool + tlsConfig *tls.Config +} + +// NewTls returns a Tls infra. +func NewTls(s string, d proxy.Dialer) (*Tls, error) { + u, err := url.Parse(s) + if err != nil { + return nil, fmt.Errorf("NewTls: %w", err) + } + + t := &Tls{ + dialer: d, + addr: u.Host, + } + + query := u.Query() + t.serverName = query.Get("sni") + + // skipVerify + if query.Get("allowInsecure") == "true" || query.Get("allowInsecure") == "1" || + query.Get("skipVerify") == "true" || query.Get("skipVerify") == "1" { + t.skipVerify = true + } + if t.serverName == "" { + t.serverName = u.Hostname() + } + t.tlsConfig = &tls.Config{ + ServerName: t.serverName, + InsecureSkipVerify: t.skipVerify, + } + + return t, nil +} + +func (s *Tls) Dial(network, addr string) (conn net.Conn, err error) { + rc, err := s.dialer.Dial("tcp", addr) + if err != nil { + return nil, fmt.Errorf("[Tls]: dial to %s: %w", s.addr, err) + } + + tlsConn := tls.Client(rc, s.tlsConfig) + if err := tlsConn.Handshake(); err != nil { + return nil, err + } + return tlsConn, err +} diff --git a/component/outbound/dialer/transport/ws/conn.go b/component/outbound/dialer/transport/ws/conn.go new file mode 100644 index 0000000..7137727 --- /dev/null +++ b/component/outbound/dialer/transport/ws/conn.go @@ -0,0 +1,42 @@ +package ws + +import ( + "bytes" + "github.com/gorilla/websocket" + "time" +) + +type conn struct { + *websocket.Conn + readBuffer bytes.Buffer +} + +func newConn(wsc *websocket.Conn) *conn { + return &conn{ + Conn: wsc, + } +} + +func (c *conn) Read(b []byte) (n int, err error) { + if c.readBuffer.Len() > 0 { + return c.readBuffer.Read(b) + } + _, msg, err := c.Conn.ReadMessage() + if err != nil { + return 0, err + } + n = copy(b, msg) + if n < len(msg) { + c.readBuffer.Write(msg[n:]) + } + return n, nil + +} +func (c *conn) Write(b []byte) (n int, err error) { + return len(b), c.Conn.WriteMessage(websocket.BinaryMessage, b) +} + +func (c *conn) SetDeadline(t time.Time) error { + _ = c.Conn.SetReadDeadline(t) + return c.Conn.SetWriteDeadline(t) +} diff --git a/component/outbound/dialer/transport/ws/ws.go b/component/outbound/dialer/transport/ws/ws.go new file mode 100644 index 0000000..18a2ec9 --- /dev/null +++ b/component/outbound/dialer/transport/ws/ws.go @@ -0,0 +1,67 @@ +package ws + +import ( + "crypto/tls" + "fmt" + "github.com/gorilla/websocket" + "golang.org/x/net/proxy" + "net" + "net/http" + "net/url" +) + +// Ws is a base Ws struct +type Ws struct { + dialer proxy.Dialer + wsAddr string + header http.Header + wsDialer *websocket.Dialer +} + +// NewWs returns a Ws infra. +func NewWs(s string, d proxy.Dialer) (*Ws, error) { + u, err := url.Parse(s) + if err != nil { + return nil, fmt.Errorf("NewWs: %w", err) + } + + t := &Ws{ + dialer: d, + } + + query := u.Query() + host := query.Get("host") + if host == "" { + host = u.Hostname() + } + t.header = http.Header{} + t.header.Set("Host", host) + + wsUrl := url.URL{ + Scheme: u.Scheme, + Host: u.Host, + Path: u.Path, + } + t.wsAddr = wsUrl.String() + t.wsDialer = &websocket.Dialer{ + NetDial: d.Dial, + //Subprotocols: []string{"binary"}, + } + if u.Scheme == "wss" { + if u.Query().Get("sni") != "" { + t.wsDialer.TLSClientConfig = &tls.Config{ + ServerName: u.Query().Get("sni"), + } + } + } + return t, nil +} + +// Dial connects to the address addr on the network net via the infra. +func (s *Ws) Dial(network, addr string) (net.Conn, error) { + rc, _, err := s.wsDialer.Dial(s.wsAddr, s.header) + if err != nil { + return nil, fmt.Errorf("[Ws]: dial to %s: %w", s.wsAddr, err) + } + return newConn(rc), err +} diff --git a/component/outbound/dialer/trojan/trojan.go b/component/outbound/dialer/trojan/trojan.go new file mode 100644 index 0000000..8dd5ee8 --- /dev/null +++ b/component/outbound/dialer/trojan/trojan.go @@ -0,0 +1,232 @@ +package trojan + +import ( + "fmt" + "foo/common" + "foo/component/outbound/dialer" + "foo/component/outbound/dialer/transport/tls" + "foo/component/outbound/dialer/transport/ws" + "github.com/mzz2017/softwind/protocol" + "github.com/mzz2017/softwind/transport/grpc" + "gopkg.in/yaml.v3" + "net" + "net/url" + "strconv" + "strings" +) + +func init() { + dialer.FromLinkRegister("trojan", NewTrojan) + dialer.FromLinkRegister("trojan-go", NewTrojan) + dialer.FromClashRegister("trojan", NewTrojanFromClashObj) +} + +type Trojan struct { + Name string `json:"name"` + Server string `json:"server"` + Port int `json:"port"` + Password string `json:"password"` + Sni string `json:"sni"` + Type string `json:"type"` + Encryption string `json:"encryption"` + Host string `json:"host"` + Path string `json:"path"` + ServiceName string `json:"serviceName"` + AllowInsecure bool `json:"allowInsecure"` + Protocol string `json:"protocol"` +} + +func NewTrojan(link string) (*dialer.Dialer, error) { + s, err := ParseTrojanURL(link) + if err != nil { + return nil, err + } + return s.Dialer() +} + +func NewTrojanFromClashObj(o *yaml.Node) (*dialer.Dialer, error) { + s, err := ParseClash(o) + if err != nil { + return nil, err + } + return s.Dialer() +} + +func (s *Trojan) Dialer() (*dialer.Dialer, error) { + d := dialer.SymmetricDirect + u := url.URL{ + Scheme: "tls", + Host: net.JoinHostPort(s.Server, strconv.Itoa(s.Port)), + RawQuery: url.Values{ + "sni": []string{s.Sni}, + }.Encode(), + } + var err error + if s.Type != "grpc" { + // grpc contains tls + if d, err = tls.NewTls(u.String(), d); err != nil { + return nil, err + } + } + // "tls,ws,ss,trojanc" + switch s.Type { + case "ws": + u = url.URL{ + Scheme: "ws", + Host: net.JoinHostPort(s.Server, strconv.Itoa(s.Port)), + RawQuery: url.Values{ + "host": []string{s.Host}, + "path": []string{s.Path}, + }.Encode(), + } + if d, err = ws.NewWs(u.String(), d); err != nil { + return nil, err + } + case "grpc": + serviceName := s.ServiceName + if serviceName == "" { + serviceName = "GunService" + } + d = &grpc.Dialer{ + NextDialer: &protocol.DialerConverter{Dialer: d}, + ServiceName: serviceName, + ServerName: s.Sni, + } + } + if strings.HasPrefix(s.Encryption, "ss;") { + fields := strings.SplitN(s.Encryption, ";", 3) + if d, err = protocol.NewDialer("shadowsocks", d, protocol.Header{ + ProxyAddress: net.JoinHostPort(s.Server, strconv.Itoa(s.Port)), + Cipher: fields[1], + Password: fields[2], + IsClient: false, + }); err != nil { + return nil, err + } + } + if d, err = protocol.NewDialer("trojanc", d, protocol.Header{ + ProxyAddress: net.JoinHostPort(s.Server, strconv.Itoa(s.Port)), + Password: s.Password, + IsClient: true, + }); err != nil { + return nil, err + } + return dialer.NewDialer(d, true, s.Name, s.Protocol, s.ExportToURL()), nil +} + +func ParseTrojanURL(u string) (data *Trojan, err error) { + //trojan://password@server:port#escape(remarks) + t, err := url.Parse(u) + if err != nil { + err = fmt.Errorf("invalid trojan format") + return + } + allowInsecure := t.Query().Get("allowInsecure") + sni := t.Query().Get("peer") + if sni == "" { + sni = t.Query().Get("sni") + } + if sni == "" { + sni = t.Hostname() + } + port, err := strconv.Atoi(t.Port()) + if err != nil { + return nil, dialer.InvalidParameterErr + } + data = &Trojan{ + Name: t.Fragment, + Server: t.Hostname(), + Port: port, + Password: t.User.Username(), + Sni: sni, + AllowInsecure: allowInsecure == "1" || allowInsecure == "true", + Protocol: "trojan", + } + if t.Query().Get("type") != "" { + t.Scheme = "trojan-go" + } + if t.Scheme == "trojan-go" { + data.Protocol = "trojan-go" + data.Encryption = t.Query().Get("encryption") + data.Host = t.Query().Get("host") + data.Path = t.Query().Get("path") + data.Type = t.Query().Get("type") + data.ServiceName = t.Query().Get("serviceName") + if data.Type == "grpc" && data.ServiceName == "" { + data.ServiceName = data.Path + } + data.AllowInsecure = false + } + return data, nil +} + +func ParseClash(o *yaml.Node) (data *Trojan, err error) { + type WSOptions struct { + Path string `yaml:"path,omitempty"` + Headers map[string]string `yaml:"headers,omitempty"` + MaxEarlyData int `yaml:"max-early-data,omitempty"` + EarlyDataHeaderName string `yaml:"early-data-header-name,omitempty"` + } + type GrpcOptions struct { + GrpcServiceName string `proxy:"grpc-service-name,omitempty"` + } + type TrojanOption struct { + Name string `yaml:"name"` + Server string `yaml:"server"` + Port int `yaml:"port"` + Password string `yaml:"password"` + ALPN []string `yaml:"alpn,omitempty"` + SNI string `yaml:"sni,omitempty"` + SkipCertVerify bool `yaml:"skip-cert-verify,omitempty"` + UDP bool `yaml:"udp,omitempty"` + Network string `yaml:"network,omitempty"` + GrpcOpts GrpcOptions `yaml:"grpc-opts,omitempty"` + WSOpts WSOptions `yaml:"ws-opts,omitempty"` + } + var option TrojanOption + if err = o.Decode(&option); err != nil { + return nil, err + } + proto := "trojan" + if option.Network != "" && option.Network != "origin" { + proto = "trojan-go" + } + return &Trojan{ + Name: option.Name, + Server: option.Server, + Port: option.Port, + Password: option.Password, + Sni: option.SNI, + Type: option.Network, + Encryption: "", + Host: option.WSOpts.Headers["Host"], + Path: option.WSOpts.Path, + AllowInsecure: option.SkipCertVerify, + ServiceName: option.GrpcOpts.GrpcServiceName, + Protocol: proto, + }, nil +} + +func (t *Trojan) ExportToURL() string { + u := &url.URL{ + Scheme: "trojan", + User: url.User(t.Password), + Host: net.JoinHostPort(t.Server, strconv.Itoa(t.Port)), + Fragment: t.Name, + } + q := u.Query() + if t.AllowInsecure { + q.Set("allowInsecure", "1") + } + common.SetValue(&q, "sni", t.Sni) + + if t.Protocol == "trojan-go" { + u.Scheme = "trojan-go" + common.SetValue(&q, "host", t.Host) + common.SetValue(&q, "encryption", t.Encryption) + common.SetValue(&q, "type", t.Type) + common.SetValue(&q, "path", t.Path) + } + u.RawQuery = q.Encode() + return u.String() +} diff --git a/component/outbound/dialer/v2ray/v2ray.go b/component/outbound/dialer/v2ray/v2ray.go new file mode 100644 index 0000000..b14e5a7 --- /dev/null +++ b/component/outbound/dialer/v2ray/v2ray.go @@ -0,0 +1,402 @@ +package v2ray + +import ( + "encoding/base64" + "fmt" + "foo/common" + "foo/component/outbound/dialer" + "foo/component/outbound/dialer/transport/tls" + "foo/component/outbound/dialer/transport/ws" + jsoniter "github.com/json-iterator/go" + "github.com/mzz2017/softwind/protocol" + "github.com/mzz2017/softwind/transport/grpc" + "gopkg.in/yaml.v3" + "net" + "net/url" + "regexp" + "strconv" + "strings" +) + +func init() { + dialer.FromLinkRegister("vmess", NewV2Ray) + dialer.FromLinkRegister("vless", NewV2Ray) + dialer.FromClashRegister("vmess", NewVMessFromClashObj) +} + +type V2Ray struct { + Ps string `json:"ps"` + Add string `json:"add"` + Port string `json:"port"` + ID string `json:"id"` + Aid string `json:"aid"` + Net string `json:"net"` + Type string `json:"type"` + Host string `json:"host"` + SNI string `json:"sni"` + Path string `json:"path"` + TLS string `json:"tls"` + Flow string `json:"flow,omitempty"` + Alpn string `json:"alpn,omitempty"` + AllowInsecure bool `json:"allowInsecure"` + V string `json:"v"` + Protocol string `json:"protocol"` +} + +func NewV2Ray(link string) (*dialer.Dialer, error) { + var ( + s *V2Ray + err error + ) + switch { + case strings.HasPrefix(link, "vmess://"): + s, err = ParseVmessURL(link) + if err != nil { + return nil, err + } + if s.Aid != "0" && s.Aid != "" { + return nil, fmt.Errorf("%w: aid: %v, we only support AEAD encryption", dialer.UnexpectedFieldErr, s.Aid) + } + case strings.HasPrefix(link, "vless://"): + s, err = ParseVlessURL(link) + if err != nil { + return nil, err + } + default: + return nil, dialer.InvalidParameterErr + } + return s.Dialer() +} + +func NewVMessFromClashObj(o *yaml.Node) (*dialer.Dialer, error) { + s, err := ParseClashVMess(o) + if err != nil { + return nil, err + } + return s.Dialer() +} + +func (s *V2Ray) Dialer() (data *dialer.Dialer, err error) { + var ( + d = dialer.SymmetricDirect + ) + + switch strings.ToLower(s.Net) { + case "ws": + scheme := "ws" + if s.TLS == "tls" || s.TLS == "xtls" { + scheme = "wss" + } + sni := s.SNI + if sni == "" { + sni = s.Host + } + u := url.URL{ + Scheme: scheme, + Host: net.JoinHostPort(s.Add, s.Port), + Path: s.Path, + RawQuery: url.Values{ + "host": []string{s.Host}, + "sni": []string{sni}, + }.Encode(), + } + d, err = ws.NewWs(u.String(), d) + if err != nil { + return nil, err + } + case "tcp": + if s.TLS == "tls" || s.TLS == "xtls" { + sni := s.SNI + if sni == "" { + sni = s.Host + } + u := url.URL{ + Scheme: "tls", + Host: net.JoinHostPort(s.Add, s.Port), + RawQuery: url.Values{ + "sni": []string{sni}, + }.Encode(), + } + d, err = tls.NewTls(u.String(), d) + if err != nil { + return nil, err + } + } + if s.Type != "none" && s.Type != "" { + return nil, fmt.Errorf("%w: type: %v", dialer.UnexpectedFieldErr, s.Type) + } + case "grpc": + sni := s.SNI + if sni == "" { + sni = s.Host + } + serviceName := s.Path + if serviceName == "" { + serviceName = "GunService" + } + d = &grpc.Dialer{ + NextDialer: &protocol.DialerConverter{Dialer: d}, + ServiceName: serviceName, + ServerName: sni, + } + default: + return nil, fmt.Errorf("%w: network: %v", dialer.UnexpectedFieldErr, s.Net) + } + + if d, err = protocol.NewDialer(s.Protocol, d, protocol.Header{ + ProxyAddress: net.JoinHostPort(s.Add, s.Port), + Cipher: "aes-128-gcm", + Password: s.ID, + IsClient: true, + }); err != nil { + return nil, err + } + return dialer.NewDialer(d, true, s.Ps, s.Protocol, s.ExportToURL()), nil +} + +func ParseClashVMess(o *yaml.Node) (data *V2Ray, err error) { + type WSOptions struct { + Path string `yaml:"path,omitempty"` + Headers map[string]string `yaml:"headers,omitempty"` + MaxEarlyData int `yaml:"max-early-data,omitempty"` + EarlyDataHeaderName string `yaml:"early-data-header-name,omitempty"` + } + type GrpcOptions struct { + GrpcServiceName string `proxy:"grpc-service-name,omitempty"` + } + type HTTP2Options struct { + Host []string `proxy:"host,omitempty"` + Path string `proxy:"path,omitempty"` + } + type VmessOption struct { + Name string `yaml:"name"` + Server string `yaml:"server"` + Port int `yaml:"port"` + UUID string `yaml:"uuid"` + AlterID int `yaml:"alterId"` + Cipher string `yaml:"cipher"` + UDP bool `yaml:"udp,omitempty"` + Network string `yaml:"network,omitempty"` + TLS bool `yaml:"tls,omitempty"` + SkipCertVerify bool `yaml:"skip-cert-verify,omitempty"` + ServerName string `yaml:"servername,omitempty"` + HTTPOpts interface{} `yaml:"http-opts,omitempty"` + HTTP2Opts HTTP2Options `yaml:"h2-opts,omitempty"` + GrpcOpts GrpcOptions `yaml:"grpc-opts,omitempty"` + WSOpts WSOptions `yaml:"ws-opts,omitempty"` + } + var option VmessOption + if err = o.Decode(&option); err != nil { + return nil, err + } + + if option.Network == "" { + option.Network = "tcp" + } + var ( + path string + host string + alpn string + ) + switch option.Network { + case "ws": + path = option.WSOpts.Path + host = option.WSOpts.Headers["Host"] + alpn = "http/1.1" + case "grpc": + path = option.GrpcOpts.GrpcServiceName + case "h2": + host = strings.Join(option.HTTP2Opts.Host, ",") + path = option.HTTP2Opts.Path + alpn = "h2" + case "http": + // TODO + } + s := &V2Ray{ + Ps: option.Name, + Add: option.Server, + Port: strconv.Itoa(option.Port), + ID: option.UUID, + Aid: strconv.Itoa(option.AlterID), + Net: option.Network, + Type: "none", // FIXME + Host: host, + SNI: option.ServerName, + Path: path, + AllowInsecure: false, + Alpn: alpn, + V: "2", + Protocol: "vmess", + } + if option.SkipCertVerify { + return nil, fmt.Errorf("%w: skip-cert-verify=true", dialer.UnexpectedFieldErr) + } + if option.TLS { + s.TLS = "tls" + } + return s, nil +} +func ParseVlessURL(vless string) (data *V2Ray, err error) { + u, err := url.Parse(vless) + if err != nil { + return nil, err + } + data = &V2Ray{ + Ps: u.Fragment, + Add: u.Hostname(), + Port: u.Port(), + ID: u.User.String(), + Net: u.Query().Get("type"), + Type: u.Query().Get("headerType"), + SNI: u.Query().Get("sni"), + Host: u.Query().Get("host"), + Path: u.Query().Get("path"), + TLS: u.Query().Get("security"), + Flow: u.Query().Get("flow"), + Alpn: u.Query().Get("alpn"), + Protocol: "vless", + } + if data.Net == "" { + data.Net = "tcp" + } + if data.Net == "grpc" { + data.Path = u.Query().Get("serviceName") + } + if data.Type == "" { + data.Type = "none" + } + if data.TLS == "" { + data.TLS = "none" + } + if data.Flow == "" { + data.Flow = "xtls-rprx-direct" + } + if data.Type == "mkcp" || data.Type == "kcp" { + data.Path = u.Query().Get("seed") + } + return data, nil +} + +func ParseVmessURL(vmess string) (data *V2Ray, err error) { + var info V2Ray + // perform base64 decoding and unmarshal to VmessInfo + raw, err := common.Base64StdDecode(vmess[8:]) + if err != nil { + raw, err = common.Base64UrlDecode(vmess[8:]) + } + if err != nil { + // not in json format, try to resolve as vmess://BASE64(Security:ID@Add:Port)?remarks=Ps&obfsParam=Host&Path=Path&obfs=Net&tls=TLS + var u *url.URL + u, err = url.Parse(vmess) + if err != nil { + return + } + re := regexp.MustCompile(`.*:(.+)@(.+):(\d+)`) + s := strings.Split(vmess[8:], "?")[0] + s, err = common.Base64StdDecode(s) + if err != nil { + s, err = common.Base64UrlDecode(s) + } + subMatch := re.FindStringSubmatch(s) + if subMatch == nil { + err = fmt.Errorf("unrecognized vmess address") + return + } + q := u.Query() + ps := q.Get("remarks") + if ps == "" { + ps = q.Get("remark") + } + obfs := q.Get("obfs") + obfsParam := q.Get("obfsParam") + path := q.Get("path") + if obfs == "kcp" || obfs == "mkcp" { + m := make(map[string]string) + //cater to v2rayN definition + _ = jsoniter.Unmarshal([]byte(obfsParam), &m) + path = m["seed"] + obfsParam = "" + } + aid := q.Get("alterId") + if aid == "" { + aid = q.Get("aid") + } + info = V2Ray{ + ID: subMatch[1], + Add: subMatch[2], + Port: subMatch[3], + Ps: ps, + Host: obfsParam, + Path: path, + Net: obfs, + Aid: aid, + TLS: map[string]string{"1": "tls"}[q.Get("tls")], + AllowInsecure: false, + } + if info.Net == "websocket" { + info.Net = "ws" + } + } else { + err = jsoniter.Unmarshal([]byte(raw), &info) + if err != nil { + return + } + } + // correct the wrong vmess as much as possible + if strings.HasPrefix(info.Host, "/") && info.Path == "" { + info.Path = info.Host + info.Host = "" + } + if info.Aid == "" { + info.Aid = "0" + } + info.Protocol = "vmess" + return &info, nil +} + +func (s *V2Ray) ExportToURL() string { + switch s.Protocol { + case "vless": + // https://github.com/XTLS/Xray-core/issues/91 + var query = make(url.Values) + common.SetValue(&query, "type", s.Net) + common.SetValue(&query, "security", s.TLS) + switch s.Net { + case "websocket", "ws", "http", "h2": + common.SetValue(&query, "path", s.Path) + common.SetValue(&query, "host", s.Host) + case "mkcp", "kcp": + common.SetValue(&query, "headerType", s.Type) + common.SetValue(&query, "seed", s.Path) + case "tcp": + common.SetValue(&query, "headerType", s.Type) + common.SetValue(&query, "host", s.Host) + common.SetValue(&query, "path", s.Path) + case "grpc": + common.SetValue(&query, "serviceName", s.Path) + } + //TODO: QUIC + if s.TLS != "none" { + common.SetValue(&query, "sni", s.Host) // FIXME: it may be different from ws's host + common.SetValue(&query, "alpn", s.Alpn) + } + if s.TLS == "xtls" { + common.SetValue(&query, "flow", s.Flow) + } + + U := url.URL{ + Scheme: "vless", + User: url.User(s.ID), + Host: net.JoinHostPort(s.Add, s.Port), + RawQuery: query.Encode(), + Fragment: s.Ps, + } + return U.String() + case "vmess": + s.V = "2" + b, _ := jsoniter.Marshal(s) + return "vmess://" + strings.TrimSuffix(base64.StdEncoding.EncodeToString(b), "=") + } + //log.Warn("unexpected protocol: %v", v.Protocol) + return "" +} diff --git a/component/outbound/dialer_group.go b/component/outbound/dialer_group.go new file mode 100644 index 0000000..697b367 --- /dev/null +++ b/component/outbound/dialer_group.go @@ -0,0 +1,125 @@ +/* + * SPDX-License-Identifier: AGPL-3.0-only + * Copyright (c) since 2023, mzz2017 (mzz@tuta.io). All rights reserved. + */ + +package outbound + +import ( + "fmt" + "foo/common/consts" + "foo/component/outbound/dialer" + "github.com/sirupsen/logrus" + "golang.org/x/net/proxy" + "net" +) + +type DialerSelectionPolicy struct { + Policy consts.DialerSelectionPolicy + FixedIndex int +} + +type DialerGroup struct { + proxy.Dialer + + log *logrus.Logger + Name string + + Dialers []*dialer.Dialer + + registeredAliveDialerSet bool + AliveDialerSet *dialer.AliveDialerSet + + selectionPolicy *DialerSelectionPolicy +} + +func NewDialerGroup(log *logrus.Logger, name string, dialers []*dialer.Dialer, p DialerSelectionPolicy) *DialerGroup { + var registeredAliveDialerSet bool + a := dialer.NewAliveDialerSet(log, p.Policy, dialers, true) + + switch p.Policy { + case consts.DialerSelectionPolicy_Random, + consts.DialerSelectionPolicy_MinLastLatency, + consts.DialerSelectionPolicy_MinAverage10Latencies: + // Need to know the alive state or latency. + for _, d := range dialers { + d.RegisterAliveDialerSet(a) + } + registeredAliveDialerSet = true + + case consts.DialerSelectionPolicy_Fixed: + // No need to know if the dialer is alive. + + default: + log.Panicf("Unexpected dialer selection policy: %v", p.Policy) + } + + return &DialerGroup{ + log: log, + Name: name, + Dialers: dialers, + AliveDialerSet: a, + registeredAliveDialerSet: registeredAliveDialerSet, + selectionPolicy: &p, + } +} + +func (g *DialerGroup) Close() error { + if g.registeredAliveDialerSet { + for _, d := range g.Dialers { + d.UnregisterAliveDialerSet(g.AliveDialerSet) + } + } + return nil +} + +func (g *DialerGroup) SetSelectionPolicy(policy DialerSelectionPolicy) { + // TODO: + g.selectionPolicy = &policy +} + +// Select selects a dialer from group according to selectionPolicy. +func (g *DialerGroup) Select() (*dialer.Dialer, error) { + if len(g.Dialers) == 0 { + return nil, fmt.Errorf("no dialer in this group") + } + + switch g.selectionPolicy.Policy { + case consts.DialerSelectionPolicy_Random: + d := g.AliveDialerSet.GetRand() + if d == nil { + // No alive dialer. + // TODO: Should we throw an error to block the connection in this condition? + g.log.Warnf("No alive dialer in DialerGroup %v, use DIRECT. It may cause IP leaking.", g.Name) + return dialer.FullconeDirectDialer, nil + } + return d, nil + + case consts.DialerSelectionPolicy_Fixed: + if g.selectionPolicy.FixedIndex < 0 || g.selectionPolicy.FixedIndex >= len(g.Dialers) { + return nil, fmt.Errorf("selected dialer index is out of range") + } + return g.Dialers[g.selectionPolicy.FixedIndex], nil + + case consts.DialerSelectionPolicy_MinLastLatency, consts.DialerSelectionPolicy_MinAverage10Latencies: + d := g.AliveDialerSet.GetMinLatency() + if d == nil { + // No alive dialer. + // TODO: Should we throw an error to block the connection in this condition? + g.log.Warnf("No alive dialer in DialerGroup %v, use DIRECT. It may cause IP leaking.", g.Name) + return dialer.FullconeDirectDialer, nil + } + return d, nil + + default: + return nil, fmt.Errorf("unsupported DialerSelectionPolicy: %v", g.selectionPolicy) + } +} + +func (g *DialerGroup) Dial(network string, addr string) (c net.Conn, err error) { + d, err := g.Select() + if err != nil { + return nil, err + } + return d.Dial(network, addr) +} diff --git a/component/outbound/dialer_group_test.go b/component/outbound/dialer_group_test.go new file mode 100644 index 0000000..942fa3d --- /dev/null +++ b/component/outbound/dialer_group_test.go @@ -0,0 +1,183 @@ +/* + * SPDX-License-Identifier: AGPL-3.0-only + * Copyright (c) since 2023, mzz2017 (mzz@tuta.io). All rights reserved. + */ + +package outbound + +import ( + "foo/common/consts" + "foo/component/outbound/dialer" + "foo/pkg/logger" + "github.com/mzz2017/softwind/pkg/fastrand" + "testing" + "time" +) + +func TestDialerGroup_Select_Fixed(t *testing.T) { + log := logger.NewLogger(2) + dialers := []*dialer.Dialer{ + dialer.SymmetricDirectDialer, + dialer.FullconeDirectDialer, + } + fixedIndex := 1 + g := NewDialerGroup(log, "test-group", dialers, DialerSelectionPolicy{ + Policy: consts.DialerSelectionPolicy_Fixed, + FixedIndex: fixedIndex, + }) + for i := 0; i < 10; i++ { + d, err := g.Select() + if err != nil { + t.Fatal(err) + } + if d != dialers[fixedIndex] { + t.Fail() + } + } + + fixedIndex = 0 + g.selectionPolicy.FixedIndex = fixedIndex + for i := 0; i < 10; i++ { + d, err := g.Select() + if err != nil { + t.Fatal(err) + } + if d != dialers[fixedIndex] { + t.Fail() + } + } +} + +func TestDialerGroup_Select_MinLastLatency(t *testing.T) { + log := logger.NewLogger(2) + dialers := []*dialer.Dialer{ + dialer.NewDialer(dialer.SymmetricDirect, true, "direct", "direct", ""), + dialer.NewDialer(dialer.SymmetricDirect, true, "direct", "direct", ""), + dialer.NewDialer(dialer.SymmetricDirect, true, "direct", "direct", ""), + dialer.NewDialer(dialer.SymmetricDirect, true, "direct", "direct", ""), + dialer.NewDialer(dialer.SymmetricDirect, true, "direct", "direct", ""), + dialer.NewDialer(dialer.SymmetricDirect, true, "direct", "direct", ""), + dialer.NewDialer(dialer.SymmetricDirect, true, "direct", "direct", ""), + dialer.NewDialer(dialer.SymmetricDirect, true, "direct", "direct", ""), + dialer.NewDialer(dialer.SymmetricDirect, true, "direct", "direct", ""), + dialer.NewDialer(dialer.SymmetricDirect, true, "direct", "direct", ""), + } + g := NewDialerGroup(log, "test-group", dialers, DialerSelectionPolicy{ + Policy: consts.DialerSelectionPolicy_MinLastLatency, + }) + + // Test 1000 times. + for i := 0; i < 1000; i++ { + var minLatency time.Duration + jMinLatency := -1 + for j, d := range dialers { + // Simulate a latency test. + var ( + latency time.Duration + alive bool + ) + // 20% chance for timeout. + if fastrand.Intn(5) == 0 { + // Simulate a timeout test. + latency = 1000 * time.Millisecond + alive = false + } else { + // Simulate a normal test. + latency = time.Duration(fastrand.Int63n(int64(1000 * time.Millisecond))) + alive = true + } + d.Latencies10.AppendLatency(latency) + if jMinLatency == -1 || latency < minLatency { + jMinLatency = j + minLatency = latency + } + g.AliveDialerSet.SetAlive(d, alive) + } + d, err := g.Select() + if err != nil { + t.Fatal(err) + } + if d != dialers[jMinLatency] { + // Get index of d. + indexD := -1 + for j := range dialers { + if d == dialers[j] { + indexD = j + break + } + } + t.Errorf("dialers[%v] expected, but dialers[%v] selected", jMinLatency, indexD) + } + } +} + +func TestDialerGroup_Select_Random(t *testing.T) { + log := logger.NewLogger(2) + dialers := []*dialer.Dialer{ + dialer.NewDialer(dialer.SymmetricDirect, true, "direct", "direct", ""), + dialer.NewDialer(dialer.SymmetricDirect, true, "direct", "direct", ""), + dialer.NewDialer(dialer.SymmetricDirect, true, "direct", "direct", ""), + dialer.NewDialer(dialer.SymmetricDirect, true, "direct", "direct", ""), + dialer.NewDialer(dialer.SymmetricDirect, true, "direct", "direct", ""), + } + g := NewDialerGroup(log, "test-group", dialers, DialerSelectionPolicy{ + Policy: consts.DialerSelectionPolicy_Random, + }) + count := make([]int, len(dialers)) + for i := 0; i < 100; i++ { + d, err := g.Select() + if err != nil { + t.Fatal(err) + } + for j, dd := range dialers { + if d == dd { + count[j]++ + break + } + } + } + for i, c := range count { + if c == 0 { + t.Fail() + } + t.Logf("count[%v]: %v", i, c) + } +} + +func TestDialerGroup_SetAlive(t *testing.T) { + log := logger.NewLogger(2) + dialers := []*dialer.Dialer{ + dialer.NewDialer(dialer.SymmetricDirect, true, "direct", "direct", ""), + dialer.NewDialer(dialer.SymmetricDirect, true, "direct", "direct", ""), + dialer.NewDialer(dialer.SymmetricDirect, true, "direct", "direct", ""), + dialer.NewDialer(dialer.SymmetricDirect, true, "direct", "direct", ""), + dialer.NewDialer(dialer.SymmetricDirect, true, "direct", "direct", ""), + } + g := NewDialerGroup(log, "test-group", dialers, DialerSelectionPolicy{ + Policy: consts.DialerSelectionPolicy_Random, + }) + zeroTarget := 3 + g.AliveDialerSet.SetAlive(dialers[zeroTarget], false) + count := make([]int, len(dialers)) + for i := 0; i < 100; i++ { + d, err := g.Select() + if err != nil { + t.Fatal(err) + } + for j, dd := range dialers { + if d == dd { + count[j]++ + break + } + } + } + for i, c := range count { + if c == 0 && i != zeroTarget { + t.Fail() + } + t.Logf("count[%v]: %v", i, c) + } + if count[zeroTarget] != 0 { + t.Fail() + } +} diff --git a/component/outbound/outbound.go b/component/outbound/outbound.go new file mode 100644 index 0000000..d6c6132 --- /dev/null +++ b/component/outbound/outbound.go @@ -0,0 +1,19 @@ +/* + * SPDX-License-Identifier: AGPL-3.0-only + * Copyright (c) since 2023, mzz2017 (mzz@tuta.io). All rights reserved. + */ + +package outbound + +import ( + _ "foo/component/outbound/dialer/http" + _ "foo/component/outbound/dialer/shadowsocks" + _ "foo/component/outbound/dialer/shadowsocksr" + _ "foo/component/outbound/dialer/socks" + _ "foo/component/outbound/dialer/trojan" + _ "foo/component/outbound/dialer/v2ray" + _ "github.com/mzz2017/softwind/protocol/shadowsocks" + _ "github.com/mzz2017/softwind/protocol/trojanc" + _ "github.com/mzz2017/softwind/protocol/vless" + _ "github.com/mzz2017/softwind/protocol/vmess" +) diff --git a/component/routing/error.go b/component/routing/error.go new file mode 100644 index 0000000..04bb9ed --- /dev/null +++ b/component/routing/error.go @@ -0,0 +1,91 @@ +/* + * SPDX-License-Identifier: AGPL-3.0-only + * Copyright (c) since 2022, mzz2017 (mzz@tuta.io). All rights reserved. + */ + +package routing + +import ( + "fmt" + "github.com/antlr/antlr4/runtime/Go/antlr" + "reflect" + "strings" +) + +type ErrorType string + +const ( + ErrorType_Unsupported ErrorType = "is not supported" + ErrorType_NotSet ErrorType = "is not set" +) + +type ConsoleErrorListener struct { + ErrorBuilder strings.Builder +} + +func NewConsoleErrorListener() *ConsoleErrorListener { + return &ConsoleErrorListener{} +} + +func (d *ConsoleErrorListener) SyntaxError(recognizer antlr.Recognizer, offendingSymbol interface{}, line, column int, msg string, e antlr.RecognitionException) { + // Do not accumulate errors. + if d.ErrorBuilder.Len() > 0 { + return + } + backtrack := column + if backtrack > 30 { + backtrack = 30 + } + starting := fmt.Sprintf("line %v:%v ", line, column) + offset := len(starting) + backtrack + var ( + simplyWrite bool + token antlr.Token + ) + if offendingSymbol == nil { + simplyWrite = true + } else { + token = offendingSymbol.(antlr.Token) + simplyWrite = token.GetTokenType() == -1 + } + if simplyWrite { + d.ErrorBuilder.WriteString(fmt.Sprintf("%v%v", starting, msg)) + return + } + + beginOfLine := token.GetStart() - backtrack + strPeek := token.GetInputStream().GetText(beginOfLine, token.GetStop()+30) + wrap := strings.IndexByte(strPeek, '\n') + if wrap == -1 { + wrap = token.GetStop() + 30 + } else { + wrap += beginOfLine - 1 + } + strLine := token.GetInputStream().GetText(beginOfLine, wrap) + d.ErrorBuilder.WriteString(fmt.Sprintf("%v%v\n%v%v: %v\n", starting, strLine, strings.Repeat(" ", offset), strings.Repeat("^", token.GetStop()-token.GetStart()+1), msg)) +} +func (d *ConsoleErrorListener) ReportAmbiguity(recognizer antlr.Parser, dfa *antlr.DFA, startIndex, stopIndex int, exact bool, ambigAlts *antlr.BitSet, configs antlr.ATNConfigSet) { +} + +func (d *ConsoleErrorListener) ReportAttemptingFullContext(recognizer antlr.Parser, dfa *antlr.DFA, startIndex, stopIndex int, conflictingAlts *antlr.BitSet, configs antlr.ATNConfigSet) { +} + +func (d *ConsoleErrorListener) ReportContextSensitivity(recognizer antlr.Parser, dfa *antlr.DFA, startIndex, stopIndex, prediction int, configs antlr.ATNConfigSet) { +} + +func BaseContext(ctx interface{}) (baseCtx *antlr.BaseParserRuleContext) { + val := reflect.ValueOf(ctx) + for val.Kind() == reflect.Pointer && val.Type() != reflect.TypeOf(&antlr.BaseParserRuleContext{}) { + val = val.Elem() + } + if val.Type() == reflect.TypeOf(&antlr.BaseParserRuleContext{}) { + baseCtx = val.Interface().(*antlr.BaseParserRuleContext) + } else { + baseCtxVal := val.FieldByName("BaseParserRuleContext") + if !baseCtxVal.IsValid() { + panic("has no field BaseParserRuleContext") + } + baseCtx = baseCtxVal.Interface().(*antlr.BaseParserRuleContext) + } + return baseCtx +} diff --git a/component/routing/matcher_builder.go b/component/routing/matcher_builder.go new file mode 100644 index 0000000..0166ae4 --- /dev/null +++ b/component/routing/matcher_builder.go @@ -0,0 +1,101 @@ +/* + * SPDX-License-Identifier: AGPL-3.0-only + * Copyright (c) since 2022, mzz2017 (mzz@tuta.io). All rights reserved. + */ + +package routing + +import ( + "fmt" + consts2 "foo/common/consts" + "net/netip" + "strings" +) + +var FakeOutbound_AND = consts2.OutboundLogicalAnd.String() + +type MatcherBuilder interface { + AddDomain(key string, values []string, outbound string) + AddIp(values []netip.Prefix, outbound string) + AddPort(values [][2]int, outbound string) + AddSource(values []netip.Prefix, outbound string) + AddSourcePort(values [][2]int, outbound string) + AddNetwork(values consts2.NetworkType, outbound string) + AddIpVersion(values consts2.IpVersion, outbound string) + AddMac(values [][6]byte, outbound string) + AddFinal(outbound string) + AddAnyBefore(key string, values []string, outbound string) + AddAnyAfter(key string, values []string, outbound string) + Build() (err error) +} + +func GroupParamValuesByKey(params []*Param) map[string][]string { + groups := make(map[string][]string) + for _, param := range params { + groups[param.Key] = append(groups[param.Key], param.Val) + } + return groups +} + +func ParsePrefixes(values []string) (cidrs []netip.Prefix, err error) { + for _, value := range values { + toParse := value + if strings.LastIndexByte(value, '/') == -1 { + toParse += "/32" + } + prefix, err := netip.ParsePrefix(toParse) + if err != nil { + return nil, fmt.Errorf("cannot parse %v: %w", value, err) + } + cidrs = append(cidrs, prefix) + } + return cidrs, nil +} + +func ApplyMatcherBuilder(builder MatcherBuilder, rules []RoutingRule, finalOutbound string) (err error) { + for _, rule := range rules { + // rule is like: domain(domain:baidu.com) && port(443) -> proxy + for iFunc, f := range rule.AndFunctions { + // f is like: domain(domain:baidu.com) + paramValueGroups := GroupParamValuesByKey(f.Params) + for key, paramValueGroup := range paramValueGroups { + // Preprocess the outbound and pass FakeOutbound_AND to all but the last function. + outbound := FakeOutbound_AND + if iFunc == len(rule.AndFunctions)-1 { + outbound = rule.Outbound + } + builder.AddAnyBefore(key, paramValueGroup, outbound) + switch f.Name { + case "domain": + builder.AddDomain(key, paramValueGroup, outbound) + case "ip": + cidrs, err := ParsePrefixes(paramValueGroup) + if err != nil { + return err + } + builder.AddIp(cidrs, outbound) + } + builder.AddAnyAfter(key, paramValueGroup, outbound) + } + } + } + builder.AddAnyBefore("", nil, finalOutbound) + builder.AddFinal(finalOutbound) + builder.AddAnyAfter("", nil, finalOutbound) + return nil +} + +type DefaultMatcherBuilder struct{} + +func (d *DefaultMatcherBuilder) AddDomain(values []string, outbound string) {} +func (d *DefaultMatcherBuilder) AddIp(values []netip.Prefix, outbound string) {} +func (d *DefaultMatcherBuilder) AddPort(values [][2]int, outbound string) {} +func (d *DefaultMatcherBuilder) AddSource(values []netip.Prefix, outbound string) {} +func (d *DefaultMatcherBuilder) AddSourcePort(values [][2]int, outbound string) {} +func (d *DefaultMatcherBuilder) AddNetwork(values consts2.NetworkType, outbound string) {} +func (d *DefaultMatcherBuilder) AddIpVersion(values consts2.IpVersion, outbound string) {} +func (d *DefaultMatcherBuilder) AddMac(values [][6]byte, outbound string) {} +func (d *DefaultMatcherBuilder) AddFinal(outbound string) {} +func (d *DefaultMatcherBuilder) AddAnyBefore(key string, values []string, outbound string) {} +func (d *DefaultMatcherBuilder) AddAnyAfter(key string, values []string, outbound string) {} +func (d *DefaultMatcherBuilder) Build() (err error) { return nil } diff --git a/component/routing/optimizer.go b/component/routing/optimizer.go new file mode 100644 index 0000000..70f827a --- /dev/null +++ b/component/routing/optimizer.go @@ -0,0 +1,261 @@ +/* + * SPDX-License-Identifier: AGPL-3.0-only + * Copyright (c) since 2022, mzz2017 (mzz@tuta.io). All rights reserved. + */ + +package routing + +import ( + "fmt" + "foo/common/assets" + "foo/common/consts" + "foo/pkg/geodata" + "github.com/sirupsen/logrus" + "net/netip" + "sort" + "strings" +) +import "github.com/mohae/deepcopy" + +type RulesOptimizer interface { + Optimize(rules []RoutingRule) ([]RoutingRule, error) +} + +func DeepCloneRules(rules []RoutingRule) (newRules []RoutingRule) { + return deepcopy.Copy(rules).([]RoutingRule) +} + +func ApplyRulesOptimizers(rules []RoutingRule, optimizers ...RulesOptimizer) ([]RoutingRule, error) { + rules = DeepCloneRules(rules) + var err error + for _, opt := range optimizers { + if rules, err = opt.Optimize(rules); err != nil { + return nil, err + } + } + return rules, err +} + +type RefineFunctionParamKeyOptimizer struct { +} + +func (o *RefineFunctionParamKeyOptimizer) Optimize(rules []RoutingRule) ([]RoutingRule, error) { + for _, rule := range rules { + for _, function := range rule.AndFunctions { + for _, param := range function.Params { + switch function.Name { + case "domain": + // Rewrite to authoritative key name. + switch param.Key { + case "", "domain": + param.Key = consts.RoutingDomain_Suffix + case "contains": + param.Key = consts.RoutingDomain_Keyword + default: + } + } + } + } + } + return rules, nil +} + +type MergeAndSortRulesOptimizer struct { +} + +func (o *MergeAndSortRulesOptimizer) Optimize(rules []RoutingRule) ([]RoutingRule, error) { + if len(rules) == 0 { + return rules, nil + } + // Sort AndFunctions by FunctionName. + for _, rule := range rules { + sort.SliceStable(rule.AndFunctions, func(i, j int) bool { + return rule.AndFunctions[i].Name < rule.AndFunctions[j].Name + }) + } + // Merge singleton rules with the same outbound. + var newRules []RoutingRule + mergingRule := rules[0] + for i := 1; i < len(rules); i++ { + if len(mergingRule.AndFunctions) == 1 && + len(rules[i].AndFunctions) == 1 && + mergingRule.AndFunctions[0].Name == rules[i].AndFunctions[0].Name && + rules[i].Outbound == mergingRule.Outbound { + mergingRule.AndFunctions[0].Params = append(mergingRule.AndFunctions[0].Params, rules[i].AndFunctions[0].Params...) + } else { + newRules = append(newRules, mergingRule) + mergingRule = rules[i] + } + } + newRules = append(newRules, mergingRule) + // Sort ParamList. + for i := range newRules { + for _, function := range newRules[i].AndFunctions { + if function.Name == "ip" { + // Sort by IPv4, IPv6, vals. + sort.SliceStable(function.Params, func(i, j int) bool { + vi, vj := 4, 4 + if strings.Contains(function.Params[i].Val, ":") { + vi = 6 + } + if strings.Contains(function.Params[j].Val, ":") { + vj = 6 + } + if vi == vj { + return function.Params[i].Val < function.Params[j].Val + } + return vi < vj + }) + } else { + // Sort by keys, vals. + sort.SliceStable(function.Params, func(i, j int) bool { + if function.Params[i].Key == function.Params[j].Key { + return function.Params[i].Val < function.Params[j].Val + } + return function.Params[i].Key < function.Params[j].Key + }) + } + } + } + return newRules, nil +} + +type DeduplicateParamsOptimizer struct { +} + +func deduplicateParams(list []*Param) []*Param { + res := make([]*Param, 0, len(list)) + m := make(map[Param]struct{}) + for _, v := range list { + if _, ok := m[*v]; ok { + continue + } + m[*v] = struct{}{} + res = append(res, v) + } + return res +} + +func (o *DeduplicateParamsOptimizer) Optimize(rules []RoutingRule) ([]RoutingRule, error) { + for _, rule := range rules { + for _, f := range rule.AndFunctions { + f.Params = deduplicateParams(f.Params) + } + } + return rules, nil +} + +type DatReaderOptimizer struct { + Logger *logrus.Logger +} + +func (o *DatReaderOptimizer) loadGeoSite(filename string, code string) (params []*Param, err error) { + if !strings.HasSuffix(filename, ".dat") { + filename += ".dat" + } + filePath, err := assets.GetLocationAsset(filename) + if err != nil { + o.Logger.Debugf("Failed to read geosite \"%v:%v\": %v", filename, code, err) + return nil, err + } + o.Logger.Debugf("Read geosite \"%v:%v\" from %v", filename, code, filePath) + geoSite, err := geodata.UnmarshalGeoSite(o.Logger, filePath, code) + if err != nil { + return nil, err + } + for _, item := range geoSite.Domain { + switch item.Type { + case geodata.Domain_Full: + // Full. + params = append(params, &Param{ + Key: consts.RoutingDomain_Full, + Val: item.Value, + }) + case geodata.Domain_RootDomain: + // Suffix. + params = append(params, &Param{ + Key: consts.RoutingDomain_Suffix, + Val: item.Value, + }) + case geodata.Domain_Plain: + // Keyword. + params = append(params, &Param{ + Key: consts.RoutingDomain_Keyword, + Val: item.Value, + }) + case geodata.Domain_Regex: + // Regex. + params = append(params, &Param{ + Key: consts.RoutingDomain_Regex, + Val: item.Value, + }) + } + } + return params, nil +} + +func (o *DatReaderOptimizer) loadGeoIp(filename string, code string) (params []*Param, err error) { + if !strings.HasSuffix(filename, ".dat") { + filename += ".dat" + } + filePath, err := assets.GetLocationAsset(filename) + if err != nil { + o.Logger.Debugf("Failed to read geoip \"%v:%v\": %v", filename, code, err) + return nil, err + } + o.Logger.Debugf("Read geoip \"%v:%v\" from %v", filename, code, filePath) + geoIp, err := geodata.UnmarshalGeoIp(o.Logger, filePath, code) + if err != nil { + return nil, err + } + if err != nil { + return nil, err + } + for _, item := range geoIp.Cidr { + ip, ok := netip.AddrFromSlice(item.Ip) + if !ok { + return nil, fmt.Errorf("bad geoip file: %v", filename) + } + params = append(params, &Param{ + Key: "", + Val: netip.PrefixFrom(ip, int(item.Prefix)).String(), + }) + } + return params, nil +} + +func (o *DatReaderOptimizer) Optimize(rules []RoutingRule) ([]RoutingRule, error) { + var err error + for _, rule := range rules { + for _, f := range rule.AndFunctions { + var newParams []*Param + for _, param := range f.Params { + // Parse this param and replace it with more. + var params []*Param + switch param.Key { + case "geosite": + params, err = o.loadGeoSite("geosite", param.Val) + case "geoip": + params, err = o.loadGeoIp("geoip", param.Val) + case "dat": + fields := strings.SplitN(param.Val, ":", 2) + switch f.Name { + case consts.Function_Domain: + params, err = o.loadGeoSite(fields[0], fields[1]) + case consts.Function_Ip: + params, err = o.loadGeoIp(fields[0], fields[1]) + } + default: + // Keep this param. + params = []*Param{param} + } + if err != nil { + return nil, err + } + newParams = append(newParams, params...) + f.Params = newParams + } + } + } + return rules, nil +} diff --git a/component/routing/routingA.go b/component/routing/routingA.go new file mode 100644 index 0000000..37655e8 --- /dev/null +++ b/component/routing/routingA.go @@ -0,0 +1,34 @@ +/* + * SPDX-License-Identifier: AGPL-3.0-only + * Copyright (c) since 2022, mzz2017 (mzz@tuta.io). All rights reserved. + */ + +package routing + +import ( + "fmt" + "github.com/antlr/antlr4/runtime/Go/antlr" + "github.com/v2rayA/RoutingA-dist/go/routingA" +) + +func Parse(in string) (routingRules []RoutingRule, finalOutbound string, err error) { + errorListener := NewConsoleErrorListener() + lexer := routingA.NewroutingALexer(antlr.NewInputStream(in)) + lexer.RemoveErrorListeners() + lexer.AddErrorListener(errorListener) + input := antlr.NewCommonTokenStream(lexer, 0) + + parser := routingA.NewroutingAParser(input) + parser.RemoveErrorListeners() + parser.AddErrorListener(errorListener) + parser.BuildParseTrees = true + tree := parser.Start() + + walker := NewRoutingAWalker(parser) + antlr.ParseTreeWalkerDefault.Walk(walker, tree) + if errorListener.ErrorBuilder.Len() != 0 { + return nil, "", fmt.Errorf("%v", errorListener.ErrorBuilder.String()) + } + + return walker.RoutingRules, walker.FinalOutbound, nil +} diff --git a/component/routing/walker.go b/component/routing/walker.go new file mode 100644 index 0000000..f0e1d6d --- /dev/null +++ b/component/routing/walker.go @@ -0,0 +1,236 @@ +/* + * SPDX-License-Identifier: AGPL-3.0-only + * Copyright (c) since 2022, mzz2017 (mzz@tuta.io). All rights reserved. + */ + +package routing + +import ( + "fmt" + "foo/common/consts" + "github.com/antlr/antlr4/runtime/Go/antlr" + "github.com/v2rayA/RoutingA-dist/go/routingA" + "strconv" + "strings" +) + +type RoutingAWalker struct { + *routingA.BaseroutingAListener + parser antlr.Parser + FinalOutbound string + RoutingRules []RoutingRule +} + +func NewRoutingAWalker(parser antlr.Parser) *RoutingAWalker { + return &RoutingAWalker{ + parser: parser, + } +} + +type RoutingRule struct { + AndFunctions []*Function + Outbound string +} + +func (r *RoutingRule) String(calcN bool) string { + var builder strings.Builder + var n int + for _, f := range r.AndFunctions { + if builder.Len() != 0 { + builder.WriteString(" && ") + } + var paramBuilder strings.Builder + n += len(f.Params) + for _, p := range f.Params { + if paramBuilder.Len() != 0 { + paramBuilder.WriteString(", ") + } + if p.Key != "" { + paramBuilder.WriteString(p.Key + ": " + p.Val) + } else { + paramBuilder.WriteString(p.Val) + } + } + builder.WriteString(fmt.Sprintf("%v(%v)", f.Name, paramBuilder.String())) + } + builder.WriteString(" -> " + r.Outbound) + if calcN { + builder.WriteString(" [n = " + strconv.Itoa(n) + "]") + } + builder.WriteString("\n") + return builder.String() +} + +type Function struct { + Name string + Params []*Param +} +type Param struct { + Key string + Val string +} +type paramParser struct { + list []*Param +} + +func getValueFromLiteral(literal *routingA.LiteralContext) string { + quote := literal.Quote_literal() + if quote == nil { + return literal.GetText() + } + text := quote.GetText() + return text[1 : len(text)-1] +} + +func (p *paramParser) parseParam(ctx *routingA.ParameterContext) *Param { + children := ctx.GetChildren() + if len(children) == 3 { + return &Param{ + Key: children[0].(*antlr.TerminalNodeImpl).GetText(), + Val: getValueFromLiteral(children[2].(*routingA.LiteralContext)), + } + } else if len(children) == 1 { + return &Param{ + Key: "", + Val: getValueFromLiteral(children[0].(*routingA.LiteralContext)), + } + } + panic("unexpected") +} +func (p *paramParser) parseNonEmptyParamList(ctx *routingA.NonEmptyParameterListContext) { + children := ctx.GetChildren() + if len(children) == 3 { + p.list = append(p.list, p.parseParam(children[2].(*routingA.ParameterContext))) + p.parseNonEmptyParamList(children[0].(*routingA.NonEmptyParameterListContext)) + } else if len(children) == 1 { + p.list = append(p.list, p.parseParam(children[0].(*routingA.ParameterContext))) + } +} + +func (s *RoutingAWalker) parseNonEmptyParamList(list *routingA.NonEmptyParameterListContext) []*Param { + paramParser := new(paramParser) + paramParser.parseNonEmptyParamList(list) + return paramParser.list +} + +func (s *RoutingAWalker) reportKeyUnsupportedError(ctx interface{}, keyName, funcName string) { + s.ReportError(ctx, ErrorType_Unsupported, fmt.Sprintf("key %v in %v()", strconv.Quote(keyName), funcName)) +} + +func (s *RoutingAWalker) parseFunctionPrototype(ctx *routingA.FunctionPrototypeContext) *Function { + children := ctx.GetChildren() + funcName := children[0].(*antlr.TerminalNodeImpl).GetText() + paramList := children[2].(*routingA.ParameterListContext) + children = paramList.GetChildren() + if len(children) == 0 { + s.ReportError(ctx, ErrorType_Unsupported, "empty parameter list") + return nil + } + nonEmptyParamList := children[0].(*routingA.NonEmptyParameterListContext) + params := s.parseNonEmptyParamList(nonEmptyParamList) + // Validate function name and param keys. + for _, param := range params { + switch funcName { + case "domain": + switch param.Key { + case "", "domain", consts.RoutingDomain_Suffix, + consts.RoutingDomain_Keyword, + "contains", + consts.RoutingDomain_Full, + consts.RoutingDomain_Regex, + "geosite": + default: + s.reportKeyUnsupportedError(ctx, param.Key, funcName) + return nil + } + case "ip": + switch param.Key { + case "", + "geoip": + default: + s.reportKeyUnsupportedError(ctx, param.Key, funcName) + return nil + } + case "port", "source", "sourcePort", "network", "ipVersion": + if param.Key != "" { + s.reportKeyUnsupportedError(ctx, param.Key, funcName) + return nil + } + default: + s.ReportError(ctx, ErrorType_Unsupported) + return nil + } + } + return &Function{ + Name: funcName, + Params: params, + } +} + +func (s *RoutingAWalker) ReportError(ctx interface{}, errorType ErrorType, target ...string) { + bCtx := BaseContext(ctx) + tgt := strconv.Quote(bCtx.GetStart().GetText()) + if len(target) != 0 { + tgt = target[0] + } + if errorType == ErrorType_NotSet { + s.parser.NotifyErrorListeners(fmt.Sprintf("%v %v.", tgt, errorType), nil, nil) + return + } + s.parser.NotifyErrorListeners(fmt.Sprintf("%v %v.", tgt, errorType), bCtx.GetStart(), nil) +} + +func (s *RoutingAWalker) EnterDeclaration(ctx *routingA.DeclarationContext) { + children := ctx.GetChildren() + key := children[0].(*antlr.TerminalNodeImpl).GetText() + switch valueCtx := children[2].(type) { + case *routingA.LiteralContext: + value := getValueFromLiteral(valueCtx) + if key == "default" { + s.FinalOutbound = value + } else { + s.ReportError(ctx, ErrorType_Unsupported) + return + } + case *routingA.AssignmentExpressionContext: + s.ReportError(valueCtx, ErrorType_Unsupported) + return + default: + s.ReportError(valueCtx, ErrorType_Unsupported) + return + } +} + +func (s *RoutingAWalker) EnterRoutingRule(ctx *routingA.RoutingRuleContext) { + children := ctx.GetChildren() + left, ok := children[0].(*routingA.FunctionPrototypeExpressionContext) + if !ok { + s.ReportError(ctx, ErrorType_Unsupported) + return + } + outbound := children[2].(*routingA.Bare_literalContext).GetText() + // Parse functions. + var andFunctions []*Function + children = left.GetChildren() + for _, child := range children { + // And rules. + if child, ok := child.(*routingA.FunctionPrototypeContext); ok { + function := s.parseFunctionPrototype(child) + andFunctions = append(andFunctions, function) + } + } + s.RoutingRules = append(s.RoutingRules, RoutingRule{ + AndFunctions: andFunctions, + Outbound: outbound, + }) +} + +func (s *RoutingAWalker) EnterRoutingRuleOrDeclarationList(ctx *routingA.RoutingRuleOrDeclarationListContext) { + s.ReportError(ctx, ErrorType_Unsupported) +} + +func (s *RoutingAWalker) ExitStart(ctx *routingA.StartContext) { + if s.FinalOutbound == "" { + s.ReportError(ctx, ErrorType_NotSet, `"default"`) + } +} diff --git a/go.mod b/go.mod new file mode 100644 index 0000000..d6ee57e --- /dev/null +++ b/go.mod @@ -0,0 +1,52 @@ +module foo + +go 1.19 + +require ( + github.com/adrg/xdg v0.4.0 + github.com/antlr/antlr4/runtime/Go/antlr v1.4.10 + github.com/cilium/ebpf v0.9.3 + github.com/gorilla/websocket v1.5.0 + github.com/json-iterator/go v1.1.12 + github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 + github.com/mzz2017/softwind v0.0.0-20221204151826-2987e0b05820 + github.com/nadoo/glider v0.16.2 + github.com/sagernet/sing-box v1.1.4 + github.com/sirupsen/logrus v1.9.0 + github.com/v2fly/v2ray-core/v5 v5.2.1 + github.com/v2rayA/RoutingA-dist v0.0.1 + github.com/v2rayA/shadowsocksR v1.0.4 + github.com/vishvananda/netlink v1.1.0 + golang.org/x/net v0.5.0 + golang.org/x/sys v0.4.0 + gopkg.in/yaml.v3 v3.0.1 +) + +require ( + github.com/dgryski/go-camellia v0.0.0-20191119043421-69a8a13fb23d // indirect + github.com/dgryski/go-idea v0.0.0-20170306091226-d2fb45a411fb // indirect + github.com/dgryski/go-metro v0.0.0-20200812162917-85c65e2d0165 // indirect + github.com/dgryski/go-rc2 v0.0.0-20150621095337-8a9021637152 // indirect + github.com/eknkc/basex v1.0.1 // indirect + github.com/golang/protobuf v1.5.2 // indirect + github.com/google/uuid v1.3.0 // indirect + github.com/miekg/dns v1.1.50 // indirect + github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421 // indirect + github.com/modern-go/reflect2 v1.0.2 // indirect + github.com/mzz2017/disk-bloom v1.0.1 // indirect + github.com/oschwald/maxminddb-golang v1.10.0 // indirect + github.com/sagernet/sing v0.1.6-0.20230113035014-620a4e75cda6 // indirect + github.com/sagernet/sing-dns v0.1.2-0.20230113035038-f980624c0c4a // indirect + github.com/seiflotfy/cuckoofilter v0.0.0-20220411075957-e3b120b3f5fb // indirect + github.com/vishvananda/netns v0.0.0-20211101163701-50045581ed74 // indirect + gitlab.com/yawning/chacha20.git v0.0.0-20190903091407-6d1cb28dc72c // indirect + golang.org/x/crypto v0.5.0 // indirect + golang.org/x/mod v0.6.0 // indirect + golang.org/x/text v0.6.0 // indirect + golang.org/x/tools v0.2.0 // indirect + google.golang.org/genproto v0.0.0-20210828152312-66f60bf46e71 // indirect + google.golang.org/grpc v1.51.0 // indirect + google.golang.org/protobuf v1.28.1 // indirect +) + +replace github.com/mzz2017/softwind => /home/mzz/goProjects/softwind diff --git a/go.sum b/go.sum new file mode 100644 index 0000000..ca69658 --- /dev/null +++ b/go.sum @@ -0,0 +1,254 @@ +cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= +github.com/adrg/xdg v0.4.0 h1:RzRqFcjH4nE5C6oTAxhBtoE2IRyjBSa62SCbyPidvls= +github.com/adrg/xdg v0.4.0/go.mod h1:N6ag73EX4wyxeaoeHctc1mas01KZgsj5tYiAIwqJE/E= +github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= +github.com/antlr/antlr4/runtime/Go/antlr v1.4.10 h1:yL7+Jz0jTC6yykIK/Wh74gnTJnrGr5AyrNMXuA0gves= +github.com/antlr/antlr4/runtime/Go/antlr v1.4.10/go.mod h1:F7bn7fEU90QkQ3tnmaTx3LTKLEDqnwWODIYppRQ5hnY= +github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= +github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= +github.com/cilium/ebpf v0.9.3 h1:5KtxXZU+scyERvkJMEm16TbScVvuuMrlhPly78ZMbSc= +github.com/cilium/ebpf v0.9.3/go.mod h1:w27N4UjpaQ9X/DGrSugxUG+H+NhgntDuPb5lCzxCn8A= +github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= +github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= +github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= +github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/dgryski/go-camellia v0.0.0-20191119043421-69a8a13fb23d h1:CPqTNIigGweVPT4CYb+OO2E6XyRKFOmvTHwWRLgCAlE= +github.com/dgryski/go-camellia v0.0.0-20191119043421-69a8a13fb23d/go.mod h1:QX5ZVULjAfZJux/W62Y91HvCh9hyW6enAwcrrv/sLj0= +github.com/dgryski/go-idea v0.0.0-20170306091226-d2fb45a411fb h1:zXpN5126w/mhECTkqazBkrOJIMatbPP71aSIDR5UuW4= +github.com/dgryski/go-idea v0.0.0-20170306091226-d2fb45a411fb/go.mod h1:F7WkpqJj9t98ePxB/WJGQTIDeOVPuSJ3qdn6JUjg170= +github.com/dgryski/go-metro v0.0.0-20200812162917-85c65e2d0165 h1:BS21ZUJ/B5X2UVUbczfmdWH7GapPWAhxcMsDnjJTU1E= +github.com/dgryski/go-metro v0.0.0-20200812162917-85c65e2d0165/go.mod h1:c9O8+fpSOX1DM8cPNSkX/qsBWdkD4yd2dpciOWQjpBw= +github.com/dgryski/go-rc2 v0.0.0-20150621095337-8a9021637152 h1:ED31mPIxDJnrLt9W9dH5xgd/6KjzEACKHBVGQ33czc0= +github.com/dgryski/go-rc2 v0.0.0-20150621095337-8a9021637152/go.mod h1:I9fhc/EvSg88cDxmfQ47v35Ssz9rlFunL/KY0A1JAYI= +github.com/ebfe/rc2 v0.0.0-20131011165748-24b9757f5521 h1:fBHFH+Y/GPGFGo7LIrErQc3p2MeAhoIQNgaxPWYsSxk= +github.com/ebfe/rc2 v0.0.0-20131011165748-24b9757f5521/go.mod h1:ucvhdsUCE3TH0LoLRb6ShHiJl8e39dGlx6A4g/ujlow= +github.com/eknkc/basex v1.0.1 h1:TcyAkqh4oJXgV3WYyL4KEfCMk9W8oJCpmx1bo+jVgKY= +github.com/eknkc/basex v1.0.1/go.mod h1:k/F/exNEHFdbs3ZHuasoP2E7zeWwZblG84Y7Z59vQRo= +github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= +github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= +github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= +github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= +github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ= +github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= +github.com/frankban/quicktest v1.14.0 h1:+cqqvzZV87b4adx/5ayVOaYZ2CrvM4ejQvUdBzPPUss= +github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= +github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= +github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= +github.com/golang/mock v1.6.0 h1:ErTB+efbowRARo13NNdxyJji2egdxLGQhRaY+DUumQc= +github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= +github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= +github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= +github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= +github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= +github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= +github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= +github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= +github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= +github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= +github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= +github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= +github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= +github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= +github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc= +github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= +github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= +github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= +github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= +github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= +github.com/miekg/dns v1.1.50 h1:DQUfb9uc6smULcREF09Uc+/Gd46YWqJd5DbpPE9xkcA= +github.com/miekg/dns v1.1.50/go.mod h1:e3IlAVfNqAllflbibAZEWOXOQ+Ynzk/dDozDxY7XnME= +github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421 h1:ZqeYNhU3OHLH3mGKHDcjJRFFRrJa6eAM5H+CtDdOsPc= +github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= +github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= +github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 h1:RWengNIwukTxcDr9M+97sNutRR1RKhG96O6jWumTTnw= +github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826/go.mod h1:TaXosZuwdSHYgviHp1DAtfrULt5eUgsSMsZf+YrPgl8= +github.com/mzz2017/disk-bloom v1.0.1 h1:rEF9MiXd9qMW3ibRpqcerLXULoTgRlM21yqqJl1B90M= +github.com/mzz2017/disk-bloom v1.0.1/go.mod h1:JLHETtUu44Z6iBmsqzkOtFlRvXSlKnxjwiBRDapizDI= +github.com/nadoo/glider v0.16.2 h1:lF+Bj+Q58UwFcO4cna0lSjemxaN0bc96OdIOndcFNJM= +github.com/nadoo/glider v0.16.2/go.mod h1:TfmgWSCINk+zrgiu4AW09Z5+4pzTXJdPq4+ifIV2ALw= +github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs= +github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= +github.com/oschwald/maxminddb-golang v1.10.0 h1:Xp1u0ZhqkSuopaKmk1WwHtjF0H9Hd9181uj2MQ5Vndg= +github.com/oschwald/maxminddb-golang v1.10.0/go.mod h1:Y2ELenReaLAZ0b400URyGwvYxHV1dLIxBuyOsyYjHK0= +github.com/pires/go-proxyproto v0.6.2 h1:KAZ7UteSOt6urjme6ZldyFm4wDe/z0ZUP0Yv0Dos0d8= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= +github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= +github.com/rogpeppe/go-internal v1.6.1 h1:/FiVV8dS/e+YqF2JvO3yXRFbBLTIuSDkuC7aBOAvL+k= +github.com/sagernet/sing v0.1.6-0.20230113035014-620a4e75cda6 h1:VlpXOb/DsjjB2QaVVrHNiuonc8P6BKqIWXZp+6ay0Mw= +github.com/sagernet/sing v0.1.6-0.20230113035014-620a4e75cda6/go.mod h1:JLSXsPTGRJFo/3X7EcAOCUgJH2/gAoxSJgBsnCZRp/w= +github.com/sagernet/sing-box v1.1.4 h1:r0aH6O+FRXOXuFT883m7oDAEnsHVA07/IUv4G+sp9Vg= +github.com/sagernet/sing-box v1.1.4/go.mod h1:WPeqli4FXJCm2huw/1/0I14y6lV2JHB55APrDfaShg0= +github.com/sagernet/sing-dns v0.1.2-0.20230113035038-f980624c0c4a h1:ihqacX1CPMep5bu9eKpciDuhn0qGQYLpFwHBKZbvalw= +github.com/sagernet/sing-dns v0.1.2-0.20230113035038-f980624c0c4a/go.mod h1:53DucMQB2L/ABsj6F5LvhxH0OzVSKet+uRmvoMNrw1I= +github.com/seiflotfy/cuckoofilter v0.0.0-20220411075957-e3b120b3f5fb h1:XfLJSPIOUX+osiMraVgIrMR27uMXnRJWGm1+GL8/63U= +github.com/seiflotfy/cuckoofilter v0.0.0-20220411075957-e3b120b3f5fb/go.mod h1:bR6DqgcAl1zTcOX8/pE2Qkj9XO00eCNqmKb7lXP8EAg= +github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= +github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0= +github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= +github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= +github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= +github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= +github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= +github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= +github.com/v2fly/v2ray-core/v5 v5.2.1 h1:bWc0cxvzCbbcsIE7/C+NFeUytQJYWgjtcRMG242I2Rs= +github.com/v2fly/v2ray-core/v5 v5.2.1/go.mod h1:7MBSerlH+Wyq9Bvm90txc8Ey9C9MAwkM+ZtkMbKT0Zo= +github.com/v2rayA/RoutingA-dist v0.0.1 h1:ri/57XeFl9JxbJu74s3Rl+7gpDluDU0Gd0nfz37alJk= +github.com/v2rayA/RoutingA-dist v0.0.1/go.mod h1:i4NF2C9rK5CYt/6Bi6jUwO4Siba3YwRuzZITgqJBSYw= +github.com/v2rayA/shadowsocksR v1.0.4 h1:65Ltdy+I/DnlkQTJj+R+X85zhZ63ORE1Roy+agAcF/s= +github.com/v2rayA/shadowsocksR v1.0.4/go.mod h1:CyOhDLy8/AKedsi16xRYAMmkxSCH1ukJPaacaTdRfQg= +github.com/vishvananda/netlink v1.1.0 h1:1iyaYNBLmP6L0220aDnYQpo1QEV4t4hJ+xEEhhJH8j0= +github.com/vishvananda/netlink v1.1.0/go.mod h1:cTgwzPIzzgDAYoQrMm0EdrjRUBkTqKYppBueQtXaqoE= +github.com/vishvananda/netns v0.0.0-20191106174202-0a2b9b5464df/go.mod h1:JP3t17pCcGlemwknint6hfoeCVQrEMVwxRLRjXpq+BU= +github.com/vishvananda/netns v0.0.0-20211101163701-50045581ed74 h1:gga7acRE695APm9hlsSMoOoE65U4/TcqNj90mc69Rlg= +github.com/vishvananda/netns v0.0.0-20211101163701-50045581ed74/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0= +github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= +gitlab.com/yawning/chacha20.git v0.0.0-20190903091407-6d1cb28dc72c h1:yrfrd1u7MWIwWIulet2TZPEkeNQhQ/GcPLdPXgiEEr0= +gitlab.com/yawning/chacha20.git v0.0.0-20190903091407-6d1cb28dc72c/go.mod h1:3x6b94nWCP/a2XB/joOPMiGYUBvqbLfeY/BkHLeDs6s= +go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20201203163018-be400aefbc4c/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= +golang.org/x/crypto v0.5.0 h1:U/0M97KRkSFvyD/3FSmdP5W5swImpNgle/EHFhOsQPE= +golang.org/x/crypto v0.5.0/go.mod h1:NK/OQwhpMQP3MwtdjgLlYHnH9ebylxKWv3e0fK+mkQU= +golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= +golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= +golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20210508222113-6edffad5e616/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= +golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= +golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.6.0 h1:b9gGHsz9/HhJ3HF5DHQytPpuwocVTChQJK3AvoLRD5I= +golang.org/x/mod v0.6.0/go.mod h1:4mET923SAdbXp2ki8ey+zGs1SLqsuM2Y0uvdZR/fUNI= +golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= +golang.org/x/net v0.0.0-20201202161906-c7110b5ffcbb/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= +golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.5.0 h1:GyT4nK/YDHSqa1c4753ouYCDajOYKTja9Xb/OHtgvSw= +golang.org/x/net v0.5.0/go.mod h1:DivGGAXEgPSlEBzxGzZI+ZLohi+xUj054jfeKui00ws= +golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= +golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20220907140024-f12130a52804 h1:0SH2R3f1b1VmIMG7BXbEZCBUu2dKmHschSmjqGUrW8A= +golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190606203320-7fc4e5ec1444/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190902133755-9109b7679e13/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200217220822-9197077df867/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201202213521-69691e467435/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.4.0 h1:Zr2JFtRQNX3BCZ8YtxRE9hNJYC8J6I1MVbMg6owUp18= +golang.org/x/sys v0.4.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= +golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.6.0 h1:3XmdazWV+ubf7QgHSTWeykHOci5oeekaGJBLkrkaw4k= +golang.org/x/text v0.6.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= +golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.1.6-0.20210726203631-07bc1bf47fb2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.2.0 h1:G6AHpWxTMGY1KyEYoAQ5WTtIekUUvDNjan3ugu60JvE= +golang.org/x/tools v0.2.0/go.mod h1:y4OqIKeOV/fWJetJ8bXPU1sEVniLMIyDAZWeHdV+NTA= +golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= +google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= +google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= +google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= +google.golang.org/genproto v0.0.0-20210828152312-66f60bf46e71 h1:z+ErRPu0+KS02Td3fOAgdX+lnPDh/VyaABEJPD4JRQs= +google.golang.org/genproto v0.0.0-20210828152312-66f60bf46e71/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= +google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= +google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= +google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= +google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0= +google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= +google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= +google.golang.org/grpc v1.51.0 h1:E1eGv1FTqoLIdnBCZufiSHgKjlqG6fKFf6pPWtMTh8U= +google.golang.org/grpc v1.51.0/go.mod h1:wgNDFcnuBGmxLKI/qn4T+m5BtEBYXJPvibbUPsAIPww= +google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= +google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= +google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= +google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= +google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= +google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= +google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= +google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= +google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= +google.golang.org/protobuf v1.28.1 h1:d0NfwRgPtno5B1Wa6L2DAG+KivqkdutMf1UhdNx175w= +google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20200902074654-038fdea0a05b h1:QRR6H1YWRnHb4Y/HeNFCTJLFVxaq6wH4YuVdsUOr75U= +gopkg.in/check.v1 v1.0.0-20200902074654-038fdea0a05b/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.0-20200605160147-a5ece683394c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= diff --git a/insert.sh b/insert.sh new file mode 100755 index 0000000..9b344f1 --- /dev/null +++ b/insert.sh @@ -0,0 +1,15 @@ +#!/bin/bash +dev=docker0 + +sudo tc qdisc add dev $dev clsact > /dev/null 2>&1 + +set -ex + +# clang -fno-stack-protector -O2 -g -emit-llvm -c component/control/kern/tproxy.c -o - | llc -march=bpf -mcpu=probe -filetype=obj -o foo.o +clang -O2 -g -Wall -Werror -c component/control/kern/tproxy.c -target bpf -o foo.o +sudo tc filter del dev $dev ingress +sudo tc filter add dev $dev ingress bpf direct-action obj foo.o sec tc/ingress +sudo tc filter del dev $dev egress +sudo tc filter add dev $dev egress bpf direct-action obj foo.o sec tc/egress + +exit 0 \ No newline at end of file diff --git a/logo.png b/logo.png new file mode 100644 index 0000000000000000000000000000000000000000..3da805723d6872e6b29c4e4e643904f973628651 GIT binary patch literal 573624 zcmeFac|6s5`#)Yn$5M`+634!ltqCo*M21KTmF+0hB$7fU5{E-tMMo4N)nqK`jv|`l z$fP4J_oR~CPD2?f(t<3%>-B!W&!U;RKfmu^-|ruv9^Kt@n_lnNwLGuq^}MdP`$${s z<}^oqp7@LzGv+w2c33xK2B{SNha?1F`ArE6% zUA>j2wr1eYAEWD>?Ov6y%TjwjwQx(a%gfH4F&*Kyh84|`Z>Prcry?%oe(nt)X)}3O z60Q{Py`%5$-KXaD8YVW{uiWCyL=)`-%YLjoXC+1@AGHf4Gt9{iLPIl^S<3$}{&rv) zGb!_u?odofl0xXey3FW7^E@OAP3b`or-l+H8>+8%)DDDnR-6AabRHHLfeXm zGnKZGDeOeM#U*q#a)ZPZ5_=!L%Jk?+%IN%=oY1iJJ1T49tc5%swveUyzdnSJn?#2e zh z3YLz$x7TZH3NtVV#xojhAKgSA8K5u-siKhH{jSeA2^ z^^M_4&d<6-;k%{b&)D&BxlLJhNBG+Y*IMd}uDugMH-)H4$>)dIhfc=I56$Cvnl_t| z*x%^=vNqHQ?&H^3%NTU-uaU(FTro0A4!(!=A&G1!=%Z|l#cjv?cec;zJhR=x^;>OO z!^Se(8+Ib-i6iqLF&qz#%pYFB*<$`?%c~#bNF3TtnW6h8SQerx`GqyJlYUi52-S!&Zqh5I+ir^s!RN@?ZL>$-v`HLT}H?Z#sE!Awyr z-k9^oRhn(=CmoLV7<4_by)CWm9J1XM+-3vi*tFkzD!T z_z$0zsL!bmbo;F?WrWP?&+(LPn3t$85W{%2-sRwPmrbdKA7CTg!tGmad=2uMc0MsS zBz+{sl02jsB{}@VkOzGWLzCXNh6i;Ahq^4gz+(mb;(a1&%Rbzl2+#Wx)48k4H!)1Y zS;C*8;b2Ocq;QOTSNFPeR+5{|KWJDR3IHKerq_>qb3n;<#+Tf9AEOAnczepiSZX@C z32;eoU})ypq)FMSwACFMVF_H#+QBe?7&le%YR|;OqfZvQJ}FUCxG$f5)K-QbDmvsU z7e$%tu(&t2cL!&TWy+3Z=?WBtM*aP~oZfG#pG*2v!e0*D-JZ}cWpQ5~;h1Hf6swbN zMV_rO8FXxGy-u0CN~4NXT)05UIQi_H?dR2=c9hM(75U=mlgTo*@N7e)4*NFSxK(nq zIJQDh=t1$Jy;^K@F?IlCDuOXAjX5t^-$Ui>=i7*<7=!)a*4P+j8{TmzX(f)N>xr_^ zpS>2LZVq)vtkfY=1FTSO0V7_uP|~eLT8A6=ckG4oIh(TmR)2GD&%)o_Nhgxws6xVt zJBte$U3pd_k&C0WA`Nf0m@n4~nX{OuB4KMALXT8xB zh~lEgy2F1H1c?>1hU7gY>9fRKr4vl4$28qq>(XP@;KtYs6?JE!vHifRqXOoN0oV%16Bi#(!e4&)Fg6sj??|xb2?dG? zUYp4?p3v{IB!>Ng*`1+{!uY|6_|BA*qq7C^-O!iXv|D6EEb;n(X!_7IDakX26+K+* zOg?Crx#p$n3q=J^+QnH51eLRiZ6jD>KoN@f<^Q8A{P?h93CV+<4B*i43 zCV=x15?c+=$>+|RE{rH5va5ZT2yLG!v<3JL;yKq<`e<5tPPJ^i)}l5Qk_o615B6+9 zWLVFQDj1!l-tN04h>X#DLfe0p@J!b0wIxLcrt{3$*J~ShpE7TFW}1K<#~W3))hGBw z+zNktcRLXL8kwSJZAU(@~>$RcHXgYsP{k3V#w%o0sk(SznD zlV`)6$m(KLliRh*n1^D2h}tWd$0F0&XFsU5ca-&4zg~Rw$@M;9x|ZME753j148i!( zeG-vtI0o#**agGV0{+vbn(zRiCWQikYNO0H{@O!xtVyjBVo5PZGWTi1>7SDK$wn;{ zynKrpH~#aZYa>xb^hVG5m?;7v0xT~U6(idOa(47CWc^OxA=A5t-7_upZ0P-{&x}Fu z$I7~OU>?u&yOf!n*{)#s0(3K!gH8#F9X!qQ2bkkK+ksW)Uz#XUi^w+AwAuJp+1OPY z^yo~^9m-@7G^BpIp{%#2Kcn4zm0Xmvp!u3r+(rlDBRs((12sBs=t@=}vNVAnJE98| ze-=Ej$!RyI-}OBtV8h6NN-_N1KvfWVcF6=JUsN#p82-jHF(=Nl+Sxlmg)XucAeFdX zPq9Yb5&sP}Dk$XKjvv4VqL3i`iTXe*e!$K@r0tMN*z&3cw7IMxf*x&00Osazjm;|~ zZ^!s+z>Z8gb?DaiDh!SEw0v_LpaS2cpwPTZ=s^zzOmK+X27!EG?@)L z{Iog}3I1Ah#Cv>YJ!Dr_!E&!<@v1Zz+pHQeX;hyh=kqflS@AQP=V_RPds;szq zT-%XQ02aeRK&T|d%B<3^En{U5Q|01 zD75RAtsFOuS{@}S7JZW=@`;QYWIf?h4~%YEh7 zuTod>k_UlhAqlvH7SGGrp)^@?f?2y}*~+?8R_FK47QA;mm#*qvpCDyY;e)CbDLXE0 z=cU9_%ba{uW3{7}C*7$NOx4KZJqc44FZOgkJeY&!>NVa;zd!8&r)8rIdb0%5#0o9M zxt6DiqH3AI_(DT$9A}5po`BV`a7(l@2d{r&JHyJvMpvNVtYtgfq^|D7sP66rXhVYX z3AUDLVu{h)P2OmM-$_=o!xjQZIhl{JIzg6~px#TZ^i3S!%4>Mimo)tw^D=AZ4q5lQ zvbzL=O>c9+`tA2V6VX25U>Yd|DY8oICw~Ze@GB*KpP(AHR-VSrP@X;FTcKIw*wpfH z%{v5fR^==OA$?O>Fj4pL_Sz4;c=Q{vlj8l&M)P_0rUh|)IGIH*$HD8%IjOT8<~oe5KVetnfw#??d@yZc`R=$fHAAf8vON}3^Ack2V&IM^`?z-r_-uDY^Z^Lp{l zvB=80CcYGaTMx(1j#>w|iouL!6C&uTQR~;^(EEsqk}LDM%rjHN%?^;DA1T7Q&UQ{y zGZ!#eEgKDvAsurjuwnGCM~~^eYR)@WBNVy2cMr>5*+I}-wWGx0&YBLc_Mq^SW6OF3 ztRXAyO>ujWcPw^+0Nv)N+!>!M;4T_jVYJ9TI%6R)wSC|ug@5?LuMqDazB~L8jil9n z?J)r*m|TGRonfPHD*>H?%&>t#FCGf-bztqKXPWD3__y*4kabDjq+vN8FDXnb;FB3> zwrxl&6*6Yc)BvYj^XTC8++I1>W~e`Y#3B{YGDZ{DG}u-~8e7h=%N>R%UhhZyn3s^d z&d;w~KPqh1#La0^Sq*_W$=0VEl0$>w(Qrh-8z(e!r(^pfV#yBcY}i717w(Jqji?QO zcI?Swwm=Q5a*0y5GB3&MtmR>WQvNCny*{ai3~BVl%pi6r6Mi-? z1=6TQroeQOZ+YJ8EMW!-;=y;VE*(IIUOy-X;Y&bv=!MbA$lK4OK_rw!o_&vo9*JxF zNQdcAk1Pono|tv=l6q=6u`zk#&LIq`zN1QBH{L;>oY!5VlmcX4K0*%}uXz=XmMr1;hQ?cI{>)AES+FNDnT?+ERaO^9WC5Qv zP52d=h&eSo7%lsTPlAf`jkp101W`3FUmgxS->1yUv0E_k;FyLas~n=w+Z*! z9-5H|xidE{2PFBXz}zB=@xW05mKoO|%6ViJFa-1hY}JF0kQkkdZxIL-v@cl7h;tsZ znqUSy6U?WDcsn6aR>ZGyi_gA6D@;^w_zDw^;us7@Qf5f&YCK@op*}PdA~ia#58;l{ z15S)G@RlMqfz5!#G|zj)CCY=DYasmg&zeD4iCD19U==eQ#wbP$Bls`BPdk>{j` z_9{v&3oKVNdoMw*?wdqtE&7d;&M*5B7V$2U{}8{fgU{WGT?_LWJcN{ir7O)+I#L-n zH1hN#rV;9k?oWG6DZsBmbNB+LeCp@l0!jYtOPSBr7zuDsN_>ud)0DNL_M|*LY zA?aQ8(Y0uSKX7CI7eT`8i|)d#xHysu?@2xjP?S5g781Mp0+$XZ5K6;gtqs#&vesNl z&U~53r5rQ16zGjJTLB|^c5-~ZF?0`JbtjHm;_o1&I&1P#$4x9a!2qAAlkk zwE;vdzoSTZTO?OF7QyLv;)LOJvwhgi(6at(F-xnazj99a^ zO^)h`N+aq>#Hgbdr~|ETP}%bEVWGuwV9|0C$Y*rQn#LJ5OQwM=3D%yRWo##SKLAn* zs1b`rS%4AJ>-I9UMTh33SuTil?mfV|n06Ju8KbOOP^;``hgSM#~L~>42*rT zoZC!&S$(i-pYWeqRmEb8BHibN51y;I#+gms*}Yk=L9Tv-9Yg+rb`R)Etr2Ba#E!P?dMGamma)U=_X zMqI9H*9P*ZlA75$B~RWzym9b=O3G`K_qCJV-Ib)KjgOO$93FH#T))~UV90+&wEKX( z4JoFG!cM=bad&P$qsjzKr*jZ_6boOsw}Fta`p~ePs6H?m|jkW`VIx z{i>lU>3X}7MNPArw+%>ggge*I+nP#@<#9TK&rU|fY^$wbajY>?>Fds}FxABUJx1G^ zt4t*#WIpX>wxp{i|BLovT^!|Q=3x^J(B!c{sS$73^pY0au;Wog74h>PuWJw>xEFg*n&R%b0m@~ZVcWA zQ))fPArQn9xE;k=!Vnfy32%|^pDAzGL`s>hxzu@K=eIBWl*XuWe~yJz{c@P|oiiI~ z5$nHmWA#&UE<#E?1+hg9|s$Vg;F;eBrcd>Ax z{Q$A}7hF!(izmN#Hy%81 zRuwR4R}UBD>%F%t>ASvck6)K+bGK#2w;K^lj@#be&4pIEf|utwrF3E38P1mO&GN|` zx#)~BSj#^AO8>nRI(^-*YeDK61n>IiVfsJwyzrK|svl2&ssPZaL|zC$V~-Px2SWs9 zdc|*x&qcfM?5J*zv_#dWrmCvW$JbTb?{YSz9THtvN9;ztM5tcABH~1e+|tAgL=Os3 zb?aEyld_#1Wd~JL#9yrAlgK z*O%5_>C4{SAYMOIaSY>&S~)d|u1j28CgcDr3v1Mf3jeyiPNf+g4Uzb_VW_k0qG=b$ z=vymzc~8UjGI_l+;2U50?aL(BsRJ+mwX@@2ZLc3nz4mOk$X&Qf9xM`CWf!Y!Cqe25 za00eGh7utwL@dWF#Jol9zezHHk_SE*J z19NwF#I(KMrIK>618!Yg&ZUWMGpP%(1aRX(BS>cAK3QxxcdQDZCDFNkmL~Y zFQk-~#2S|x#1(O7buW|S!+FZ9yP>ScFsEdyW5Ej`I`H5w^1!LU--=t4cmk03C;?m$ zG&o?DG#KFVGK)(Mh-JT{2EzXrSkv&D&Tk2o7)=7Zjkl&B$V8p1`{9>PZtqET;x`Nh z@>3729*=OgQ01o;!*bNp4sZ8S(ec!oEN+q zYUBa;0SPyGXwXKK$;~9uHtYArCL=)COn1N=N`oQLx{VdN+|q#c2pv?`&~30D0o{fu zi|?M|GGtDr0;;%LCScK8Hma)~@?WtBAPw++X|S2OSY3_S`D`9h009!jqm*)qgbN(& zV5FrwKJ)O*)lx(dm!{{7T@^<`9QkQFprvpHG%15P?H|!lHK+rWh8hh}nu}dQta04G zpf$3Ec%V)NhA}ZDC8QyeU4!#OyY+G4hi_#G&%&-2U=2&aj}0KC+LA>Ck}|co+j#xU zOM(TC$ta@PVP`c<3r2E)pAaOCH}Fv{g8(7g)cHRHLKZv#6*c&K`bMt!(UQjUIKEl_ zs}Y{U9e4)XEu@ZW?q4Af*E`;r`-tH{5r&b7ev2-$>vDG0Ru}%5c4rN9Tx{fxdrj~66(^L z;3At@I^vCF4{CRBx_dx*fo|KJZh%P+l#nB0M?k80$v^cTUpHdTSHoJJT2PavNWE2@ z!UJQ3#)il?V7dX%4wzX~jy0knr#5TIab?IRSD#H#+Z(6{n~Z5TUi{+d(*cj5Wo)qX zamFSY_+Nm&n$Voduh(~U+}M%dJWW&zr=z(=K{nfK+|_3T)O#~ijXN(m=PN+IRpnvw zdD(!K%8PnXW1tH=>Ypzc`rLxX9xPd=)a_WZKFc@APP%fLZw$$~dOOe+-q6w4jvHcA zSjU&nVbBB3n4rL93?{6=qxC@AKf^3`hMBKl#w+)}Cx97t`bO}F`=HJEgQB^i>Ft)b z=S@#d$rt5qpz^RlZxN^*>xCHk5ph8V@t%WFgW>pwI4Z$JyeUqPF}DCGZ<-i}bkCPd zzRH;jC?K-VFQwd8O+qDM4G9nIW*^U?W!=ZQV`;ImEKE^$7(1pX{EO&|2UPvXs4rtC z8mIMEQ>q7W@XyRKU?CeWk)N7e%^gXxT!T`CO0d8c`BXFk<-c?o81J?Tq)KjDsvsb! zH{g%@8MWIkJ(4%XZyd%=#Q0ELCjbA#RPPEpN(5vbbn?mH&DKm+FS`yZ?l?BEwujvy zh7wGD;DO#rUDNa-*~XI_=xiB4-_I~ZZ$xQh|T$(jrPAHgCx&UWfos`&7YrMia{>Ceb05y9o{0z1HC4e~G!TL3 z*4&ovd{}#M71MP((ku`hZ1aJFkLGt2{!ARKW%#(Bf9&cm_^BnjIHfCyl9s^wji8 z3sX{pYDmZEXOP7kd^QfbbgStT+T1y2Aqv6N;s5S6#E(*HfW?n@-(x>CTyPq&UDS&k zToq&!rg|0U@@Z}&W=Qy%n9;QQV3@%e33CvZE&S0GB`jMm+Y?I|aEdOlalusG z)(BHH5=?^q*+u+5O!QA>y*yv)#QAeu*kd&K;35TU>XXl=O)bS0c`&!Fpaz3^ZM?R5 z%K|mq6|hD54%Gw$Xw!P+)JRuhB@|A!zQS{AE}v%6$^u3_V();_hBl1`%T3HaqnD+; zLxdU^;ARDZJqOpmADVVDTLqBY_X+~oap?xkb66{miF>x(iv~0ba};V4&QvSF)qWU= zI+Ak*>KG44>W%&vXbuD$rKW8nT*M{NRz&{k`j?bAM_vqx(Fs_LYI*E+{XlN3!n$%1 zVh3@GDU;qM)-QHdKU^W4$NhV%1?N1hDMBz#C}Zp1h5AOtBR+sdr^u>ZJkBacf_P^> zn)b1^CXbtlRe`?IB@Do8B6Gh#B(<~sU))_4p`vkJlr5)#wlfB$CDV}fjX+XNTcZoH zl(4*?T@~-w3zrS&wTr)Zh$rXP`K%st0U#}aM1^wMNvrc0UR@c(*86KSA#~K& zqE+B^es<@;A^!RZ%Mwze{4DL1N751B7jd%$NTRGxI!x9$3_s_yq)%l8josZj4WyN{ebBK1E zgHq#_Fsen6SD0*{?RdlEwtgULnV5=q`WNP z>!4Hby#)7Z7|Y|Y4ocH!bgwy7(3FhR3?6=72@}IEAZqY2Y#A6|VtlJj`!Ho`MEq3qL`rxX#CZXc-jB4^0U3#4ev#D1VzVVG_(1 z_^E#`FL(>{nOk1yEsQJ$lrqBnXV~ma!#u%EfZlpUfeW~EH zsr^$lFuw+*&=ULZL1=VgiTg#&GzkVB?7^B3yqwV$ph7O%p<%sE9l8Rq3$cbJjlFu< zSMluGMaV5O-*T2fh6Z;qbmVsUkqRJ}YfJMFpB7aU`p>Zn|=CvsY=eSz;m7bvK*vF+|0hE+eSm6^bcOr&iD&80@B(OlGFl|?Lc`nXH4mW`(t8LE_FkBe z1ip&`defa4`1x;>aTlQ#ARgQ9Zm*my!NHe%aVU|kl#zFUaJn_2ipz8WuMAE^%!@XUK3RU z!YdNf8k$+WT^|2Nba15Z@6$Kl#vd_+(_u}9`q0R3@a%K)5AqFilP7uSxOx&MlU>AO ztk_>-HM~29Mu`;@VtQw!q;};BGRHI`#jwra%3;@Sg4Cgk=n~6c&r@w^vj{KT1v;3( zRsp;2D%M!OYs^G9f_4rsmifU1Z1S>z5zLj5i~I>&t5ZNsy|zS~!!WEzD1x}b%4kD+ zE;QNSfh7b?oF@OV?+Fn3Qy!R<8%CL?PzWP-h_6QZ8`D@Tm@@=<6m4LkVP2%HB`DZV zp!oqIL6cb74tR!DD_10qZQqE$@f#A_x%A_vS@Wz{F#(Yd#!nZPbLMAvQvn zNk}A=jTBd$!n)WJLG>$eZY(nHr*9!uMDxQosm|SP^7;6fCpbd!cjZ6~1hTMA5b-W` z9rUEXkH}QSfw#Ay;9&2DHE5#y5dkS2$-pFO4D-!jsubJx4%(na_VM+IGKH{jFS%YZ z_$Iv#2ooD{_!FC8Kltx{O&6paLGQt=jKc~Oq<{}w^p+e~iQ_jpnFNNb_5Zewpm!M9 zOYybkwjd&iIJ(H?OQX^T0bKfb0(b?sio{++3OH9hsGFXkh3O-^8s0m+#}n|b0!>s% z5kQMxu_V`N^=*Z%j`(ZGY`Muw&^OllsJ)Jy6R6SRDYXNGU+1?UzPx>Oq9yWOu~$}= z->ZXBw_+qo+bqmU!uBMw*3MlP_Vz+jx4m%P+{ zcZuw{icrV+(R=-$_Y+6UQ(FJTjw(y@PI{9_hPs+oSv_Iwpm#uo!fJdWZl1iHM70{bI8Hy z`1;NPxAxrMkDNK-uV}_8Z_$f8U9eL8xM#f`oLqC${h7OZ2JfUxHk>?D-riX8>ivW2 zH?>cwQJ*;4#qA=eHjqx6iK}V9J;5x>@+eromUq~dcbIo=g>}cdhzBwM-OnF+e&+m> zpRCK;w$uFtYyYdC9lsyh0y$AO{Yi{$Eq!>d?($8_A}v~LzmR)nLpf9>h?qAW!<~HTb{@IIUy#u6Su`2zqV#n8Ule4MB z*WdqKoqxGS9FbJu~iG;eUBICVV+rGj_r?|#V;;z6mY1yBf3 zs!+c1JtP*+Wa`>K>`spG)=9jUYLah~yZcf_wY`!&cOJ|(I&;QbxBO}Uz}UO-xTyLA zKZJQ3BRribwMT%$Zob|U&va#mwVY!X$#D-V7@mnJcYDf(lV9H4+}|IW7Pr$fNY^1j z#5q-F9CmIC|3ZE2!uG}xOAHT}8bdyF7$wurt#5e+=a#pqGGBquycm_@F_Oxq)-LNh z|G_P_l^fg_GL$$C;RSB7GCk_Vjg9;p|H(xt8E$-ZJxE2|_zda^Mz-T>=I8ylH|7rj z@)g0@y?Z44_Nr?N?c`!9>smD)*FhiNxnN#K9z?&%?R>xI_Qu<>&ePAOeIx^dRD-3u zyZ=%wRP!(bd>a=mSh?TtH@fX+p=1Jk%N?*X^Ng+eD`@@l&*eu%*LpWb@7?3eM0Q@x zz!9M9p{hZU$y#2K-P=9-<Th>3J@pSr;Bb}l{yr5rTx&bd zm04U>G}cEfRP$)J=6KaEO*omUCnXmm)9dkt{Kd;Lk!NgB&&Pq^@BJNvVP`jtcVVg>WAoP;mTOYDG2A z(T~#{4Ud6?$Bwzw5J9pXspb3W1eCk^uax_=G1?M&3PiF7v3xlH&Qw{rv%n%2>PHPdEqV8yPvu&kAN;R7eNrv|rPUh=v|6v1ML@E)iE`k6N1ZKXuZ^ z3d9N)wMU+Ou2{NsQTMGA(lcL(g0nv7O$^!sMxujdFs2{Y`zm(8Fxi6_tb16ne!Bf? zZs?mg9l#E#g=1Fp&g-}N#>&u447i=*n|`u0?|dby+CPAm767|+bT;+vuY&s#n1!y- zIWc&pLaW=nCr85lBH0o86V5RnJdU}4`hK;yZa?)|XI|>KO26o}5HD~{X7ceCbH(#s&)p$(Yi@dekLzl0 z0X!3LTv)O>xnmw`BoJuv%^UI59Gj>Z= zcWPefOSm0Cx=((;?)(MfVyyMF=&cptyZYNpH%c{z9K6x7Gp084Gc>Il8tUuY=2N;Q zsLD*g7IV4(?zB{6G*SiU1F%*Zd4cP+ak2>Mt6mXc#vyh$$O;{h6>ijszsQO@)u$bw zb34O5fET<~6uq|R+8#ja+FTQ$O!L^M!^|{1fRPdy zKRx9T`To|i)~4_S@sVbdSBqX}`&(>vICNvCjJ14ybw#;7x?RQorY9iI^QLF)X+c68 z2mqA=>@pCIO6~T&M@JM|j-DXna1#NzIVPHko#t7OQMiCWLON$^_ced1j_$CS`V|e9 z$|(?giG^BPSn55gGnp$|v@%-ErTN*P-kE`+`l+{}!*UHUeYm6*04qz0Gl=u12G9mQ z_RSS=UZBlh1H3QYx1zMV-=ek?@QyowL!Bz`NLx$F7w_5-d&r(~`V9q~C(3P_^8+1M zp8%VuR2}JzMr^+OQz31)W-0SBS-jh`yH*@vXPc9ZV*doF#$0R|2QL98PaEWG#A%xCTHVCJpIdLM-e`Ot zUfl^Qaiv$YZO4fdw{daf-|Zi`%1$)ch8n>GZqNOWt}?f$jUmhO{NCND?Ysvp zyZ_N+nblr1TLze4WmOBv)&^~MM9D&bp+*GD>G5K>5ykG~{uOz1K#!r@pZ)Px@tHR&eu@ty%IGEeql5dS?I(BDowOIaI9z z&870=muir#70>5J#KULID(d#DUwy5xDUdj;pn3(X^lwn<%BNSrS)RpMwy&u!>F9nJ zgi-}GaeLc#F|DgJdK3UF$lzTha8n00)4z8X4|P)$H&#BuO-FYh8T6w?tWz*nS&bFw zUt2$Par842CHz$8sxO^R88;{gqdF^9I{$w1$yQ($!Nau4%5q|M% zFZJtj>Twa>xu=^XQa$Sz;TM0WS|Sq0hB0tKZ9V6CyhLjw?cqln@^}My>^6D}2=Vyt z{O@M2hKZpz-9|h|=LQzJrL6HX-t;1+^xENvAFu2(N!)#WP`HIdYt#==L>>6OtSU^L zJY+VtL?nz4-!loj(P-S@A7;GBt$pROV+UTJoqx5Iavew|qI+`|-}Jvsi`eP?&j6Y6 zo#*_<_g_=p{pm0asW8s(R3EPzye()vHZYor^X9&6qlB^7`R*{{){geHW3E@+`*W2` z$BC`-_V+I_zbc%!-FRb{Wlul9f%8YWYvX-tldqpptE}e7kA4n15E*$()pEaG-`Thw@1 zi}TOt?Y;z|PuiV7NER$hulR4NHu;i`yv9q=R1Fr-u{rdwdv?b4@-uLevFuV zkRLrF~KgLQ13>L9; zf%GXD0``nAHCC+X82^}xtcS%;>9I}wJ6}@Bn~Xs;>{9FC&z=&avBs`PCzPAy#>*sPeu`|EtNqfckkURRK2|#`jm= zezu@t{~E9Mo#nanh0&-?P5yu~cY?@V|MZTs_2&41&A}feJ1jZ^5V_XAZZCH!lh_$f zMtd-KgSdp?Uzv%(%T}29ye%)#jkb<{eKi?co(ECoh~uC}-S+TmmZ!jSRQ@BLJz2Pv(&16Nyn zo9;Q^+w0=Y)LYx4xBO&<9E6LT<*#B=9@CZtHdDq^pZogT`&;*0cGS&FDLP{;(Y{by zEZ-nmS0=lV$kJS@C~Q#F`P0prsj-F$3*B=6+p7KzswtW6<;RX4FLyc6X;12ofLqU1 zka)M6gIb<;>#3fAiTnSSBr{DA3yf@bQBAgJHN>%`C1rOkXBgNzAf*3YgGZEbdH>w>P{GK z@UOFc@W|k*wAiQe8fj)%a)hj2zF1cP!Nn>}Nu-ZXdlanRzeETo(@fia#kM)ZFj?y) zeiTMu!SV9g`lHQc#MIZH_MT2Im04Z$$V@Cj7XDwamou2_PK)6EP#ra5tRFtElAHdd z)!aSL!6V~sQ{SdCe>ZSecNI^B=zB1S*J72KZh|WF(jXQ9g@qX{enLG8NQ4{HoYgZh zi*_Hez3Iet@OXB@xXol&sh8HvZKL)~O9@9#={0eI=dVjNA#Ac7(uI zWB+RfcS*YcI#}~5!dpx%q5Y$U*m1@8>quQ2K}8|>MUn6k9cG?Sop?md#EM|3a4v8K zsq7dm;|MY_*+ZFToCSl92Ln_l{x9V4e`k=%jU+L6^r%hsbzS?Bq?Tp&V{F~7Gxj47 zTB6uAXK(KJ0+8qaGVX@cGq$8Jj*vkP;1?oMn!H(#S&Yfk*v7BLzjC+@oJW~?{H2HiE zxav`}O8sRaSx=4o!XQ3yw0UZ{OS`)W$c19$O~lGvEY<4^S+x+>&yT-KzhCD_UH2Zs zGdKf_5a3DARh$|SET_}62xZiRfe?owt55fI%ms|)60)JqN+qBL*7j6)e-ZVQiJ!MiK=N7%X)4X)<8qm@B~-UEEoD9OVYFuEXz3Bu`qre{Jy)*_Ou$kZ~1wC}Wf@z-x zquctMYZ%U!*RQ1xl2<*R0Kh^14W!6=Urjq;WRm714LCEe!CYSXzOJTD#0}v_^^8}yK;->J{CzI z>IE3l2)wQty){UN2c5E(C0v3u!Si-pKw4bIyVEdK+2R>Iz8+6vfvXUpf~X^6 z7xsAfAD!Q%RJ?pH3t$1%0vyrk!;>I<(1JE7OgNiO;W`WBz8i#XCByFdN?hNl(VPtM z0KNSWqzs07@#7x&3gkL@-`B}m0eZ=oWEFmf>8GIOL$Vd@IhN6|$>~!L76HIkQ9+U+ zhAaRvnoWuQ&!>YuU?x<@c}K9+6;RtC+e_vN!{WB&TB1ZV?H~S%oX7mcD;SYHX2w|k z$M+Mn=juTz>43EB!hnxy8)=kkT7eqz^6Rk-FDh}#v-G(YBITiVP)@IC*BLW$D1?F! zC9tq^>{dW4hX9>c{KU?v@LmKTx4@ zD>V|c)DW|@`!uq&3d8|6gX|ZDG=_VSGVP&6SI=ILSP7EOi`AZL+=L@uFfH;;z{)}b zh=MX3y1pJH3=|Ox z?dUo{-5K$2UAgl|%m`&xto<99Fk+91zst)Ffj-^{l07I551*euX6mcaIlurb*_mZLq70SalZa;N4ZMVR`D=+$z*nh~G^O!2`WL9w9Q*_NE8P-N49YUpNK= zwC_TUUt|kFhCqQx0imdRal90~dM|D53GsqGu+dso%34Re0McyelQ_Z`UqYM)%5Oex zu$X!6^cx+O^`pKp@YoThGVyQb79`icto_v1G7H{+IHCIfSOv&<_<^R(Bi03*UfrI$ zqnFWg)IN3{bz@7E?A)K@7Gcs%fB9N~bo^4P!m4V0DYDM00P(T2CP`4Y2e{l>`!T ztm5F4{ZSIu6NvEU{({y!tBat8L9q^|eQeZEJ}AG!ySrI-ZZQ!^9h6|mRv!%uG524__0kuM+0<2F zY6I(T)u?Vqv^D=qe)K?N79yk#(qd5OTme3n<=}ar%;?!lmUF z0(5}-?Atdo^=mesM>KyX{kmLtj(7|v+lhgJJ7onRp8vaNY>}UkV^-_m_bh&+yWF#T zGbm_$KrEhs^iLf>{+;{S@EgCV+oRA{TT*+4~v!g>(^fu4ahy54c=?2F4+ z!VoDaejZ5~0-MY~En@iixaM->Zo8JLHr1D(mPG4>$4_>aUURvz`bvxT^MUu#BBaNi zcZI8d3ln8@Qtq=C{T5hgbD~s8>#5Gw8BbH&7g(1yHx;tZG@cnARQXuHh~-j3&eG?7 z3?XO7{@6GnkDN8aA!T^R|`x+RW~u+UuZ(V&FDryd!|&| zgr;PfX!ov_;$=c-5}&@w+V`aKwJg2mlfC2-<@t{ct6Z;BUYN{J^JCZt29*knRvMdY zm5>?qXE{m|k7j#{aZSxr15-WdOu=*WOgiWba+K5(^;z}owaN}ujUbC42Zvdr9*iFY ziO=r}D*iM$B3x*8o7@=WxcXDGk?cacsO#)PbJ^EA(bSX{2M1%89{oJrP8{G!f_rK9 zawUq8k7x8rhBpdI)zN1($eQSyK!ZemhuI;|Tpg}!-nCbGKoJKUwN0|_tml39Y-4e1 zv#z)Y!=Fwy-J-ca7$sy@$oxtPNQmTN_=}KFN;FlJ?Es%AT}hs!GLO~KaI?)gro{X3xl4s`Avvp$rlerLq|iGg zXPe#Pz@_AKIhHFT!;ql7HnryQk?Tn@a=tp5=zsXnc; zE3pn+(S3ppJQyp*T-C)r)0ip_rGaGQ9Edpi(R@>%!WBt++@xQ>gh%qVY|@tRL-F>U zo@Aj3&61&P;3>x5XYx%pE3K2nRwy)aaZquU%(0Z`gJ*HU-#iBc!J0Iv37S4@5&KY1 z6_rd&iyApkl7_i~V4my)3uA)P^Z^Iwa!gHD zhKN_5P4m&<7((%tkSE|77|MtWQaJ<0%t-7@Q&NGaL~yfRi)zf+fl799)fV@p?_{rL zWSU6-lD0;Y6PM;eKAJ;(Hjg;RqQr~9nTXmg+DiBp}p&|xqtQNdXHMh<)k=~;HfTpDXNS2>Xl{1qA zLuocS#*#tq@YlP|UaRj9_Lp8rU&3|_f)6Zayrn@(&FD<1kTh?$Wlnt#U0OEOA>-uR zG(OypxlDZ-Vdb;c!g{s7s2e0HEi#vZ`UD!m=m1!NvkjuQBS!>i!JEy<@z0?Tt2?@7 zoPB#-A1DI<#jzc$Zq}U)oP-aPe&;MFYU&%Z+@YLph!Wdpizk*$vs)jsa7fqOphSjI zWG;PXRYs1UBoK@m7oRF8Q7kn{xDJUzxuR;~I#f!zlL4gNTLY{}L0l0e z36WL;kZGDh*zsSiZeS`cgW=h^R@lQd)yF~vqhkpllgScC+$JZQGh{Lw0_DJZM1LeR zOa0hy0yM;jeOyVxfjEwP$ODFbkXn!mdo{g2hs$OsA)?1tzPq21{yZyE3uOY+6YP889WjKsIOsGIGCZdUKAlK<>C$wO9) zWTlgI99<+cEfr87CUVsdxni}4S<6z6t&}{bEcVE7IDMM~VqLtDSO&et&<~xqY6P8T zT_&*)E6t6h{L}f9%F7=e+Nd*68f&A#YL(`|AYkSd;xWxZ97z;SXe##a8rK8uVO<2M zIV^}=c~VIokRg^fOL@Au;5>#-7DJY}D<{N?q^p~4p^SxOr#WKcKmyA0ovR#5(t6R# z6f6BG2c1o3c$8!BQI?o410I3u@(GI8%x2h^21jdtp_0$oWn^2bM?yUy&XeJOc4{Sb zfDe@Vicwe2HkNG;Rra8HIo%QKdB(EmNUrK%g4|kFeuGc-7fF0>zdi&zE1|96s=mZD zt7du7dX_Eyf+_7XQC6%P%vtCJ1!T@_m9(9O9btj#-Jzrkc~h zUIodZUs)&9m~~nvG#?WemUxI=p1$d(AQF6XGfxUQI!QH59Ahaii4uakQ8!D{oo902 zK@)H8fcj`n1BePZJ(6y_>y=W=@49*o#lIjFS- zj4jexX|m7~9fFriE81pcE0Ih!rael?f$FLak1AkSq~Uxrhv@cCWdJFGp~z?7j6uRfq4$ahUXzWQM)uQ6)=0ZK-`4?D#+; z=Rc3ru~kV0ehsii!SJhkmkod)8TxelS=ge?@k zvO{Re!YVb{0QezbLFVAGWYXJ~^%~K-j;kfpm8=1+cpD~!%LVBB{$?~wAyc7{6BrPs zAElr!NfD2_0KIlL*yxv2MKM6Y&c5ub?biIxb$u^0r|l;*8t7rab!dG%JaqG`rFee;JUWeT;)7HVuB@M0AL_bgJ|g zos^Z(vUg$8Ah5Y84_YyqHkxjy@?%DlveqLDAY>;@1_SLcIt`E!NqY8M-m$(1c_NkI zvvvu&Lkaj*`w=bey(C9FY8}w(GuC>IxjJ_p1I0~u1s&oxAMOz1I~M}0ZX3wXm*h}_ zT-k%5T)Z8Yp;CIwrWiz}f%-C3V(stU!}jWZM?V8k-QsoPa>i&9L$)94&ouN-DX{5} z%u=d&B`ZwBz?1%~Iqgm<<*8Yg9($u~Cj;G@!-5~2y%R@;5i^wI4*d1rRa?|8@C#5n z2TD=AGEjlFN~TEL(MdAXZaw^ayhbdyjCCa(IOPy*kn}8HN!i>4bgKNLW83cRp)570 zGkx_cv#&s~0#kks3xpr$t*K)|i){_t0(?t(YEqd33}2a&V@`kT2Ff~@Veh-d)F9~J zEN3O8e^3|aHt^x1)UNX>J2hrE2P9mXQ`~QvPpn!Wg@*16wDSaQ5fq8?7xAgvBKF*^tq_;Z|oc!x>aS$ zWw=MViehp}XP!wpJ=$Sb$t=i&zJqQF{CuI6LG>ZFav^CTm&BtM2U);mFv_+!V*FSd zJhp|iE5z{8(L26c(zWE*T8>T`hk1$=jh$1YelmeuB}G{h_ND3uRTRg&k{O^#R$bS` zTc3U4qLV)NjYwg=@S|$>vIFVN(k)NPb8_D1K2M^zI#3lH_D~)iRs7A2Z&XGE$@(PO&=xq_OS1#-X(WgUrCAO;sL=*Ba)kaekKMmyUQ=t34G zfgx&No+S2;AX(3}Bie=Lrtv|=4hQ&|mKqC~YMc5x&{3UfA^WP%E=~sys6Rz)oRJ1e zc3Xq$`vsOm5Px&?|?((DddEvP!CJoCxXZA}haL?2~svvcHY^2ze=XvF`_f!2iUO1gJ!r&W^UAgUeEU8yi2ppP%<}-hN%-Hy%vF81xu_i zVbXZ2x%O(zhq6}(4}5+NfI_*=kk9}k z`7MvW@m@w!pX1`tAckuKYoko0WY9Qkb=qC1Zd|@0NsCX0k@jQmQ=V_Wlr1~Q{*WH~F#IOa?Vs}lGzrvn&)k#)dGeXv2MH_4=@gSJl$X_o zMtj&wy)q42mg(X`L(jC>Re2JoKNZ?wrGumsCM3DCsBpzZ>eNVs@4>0g&+oo{2yORn z?`jzBov+pL{}J{j@KERf|B=KHGvln3nZY-%a$(8(CE-gtdJa;(TJQK zGbl@Ts;ymQtM6{2#^k6$Ww+QieaTMQlthIb|JQqlYQMkl@BiEFQM*#_&+B@=p0DTY z{ef@4OH^Wx?BvCO?6GjpeOuJ(er7sg4^mEfUW)L&btzo=jsfFmR&OAB!1&A_>~;Z+ zC%8%;Ri^&H_&3u_Ko>%D-7J*;d@kj~;Pf!E_UX3v?x#t%#fOGpZ}rix9lbbv7ob~z zSe?e;Q%^u%#%+V#oz3D4@a3EZRD!SDfJB>g755yV z1K(i0i28|Esvn#BINjrv>~#Ii6Gl{WywjnSkFO4FN*r!%Y}YLyO9bAvB=>gpTu`)J zKZVjHn9?d(AR+LRc^er9T$kE#tQwLs80DLww(-?!(O%*_ph2Lo$p^~}_fp46zo+d# zMRm7-Gw3LBOo~4+d4n7kIT1+&cU}-L188;!`a_)q3cv!Cr?G_htTq9(fs=v&tC#!^ z>N>3x=HfGv#t*Hd?PQJ064W=Sf(5`j4hONM#t$i5c_MAnMo{y{@L|M67Sc};L-`cc z1(TCe(^DV2Mx>Ji4Y^K#CQXdK9$$2$dU9ewwSb%i3d2!AsK%y1#hBfI&7Ys+Bz)NF zL=fBeRxR7Ny#%D1o1T&`VB#S)0xdwrL-3n`&Y``=Vt-zcUx{U!i+YJZ0fiZ;-b{1v z8M#(JmHV_^c+Kz|$BEIQ_pe_+emQu*_<6*~E-f#{s6?Bk0}q>>i}1l4@PW7px0kO0 zD&8+RC}E_gB;8&WvC-O;?d!d~Gl^(*0!`Tgycee~h;_-nz6P`b31MZ1-5wTQ90ViG zjPv8Zub-M2{3)WNSku;NBKE++10P;}cuGweo``fhNXk@=5#ldG8bZz9Upkzi)iR_r)o#!%+~vDrvnFIHoz1!UeeTA875 z2fcO9r}=`VIsP&vdGZ^Z8wn}H4Y>!deE`^~6x3d6ty$fq#A%J_)$tb~o0X)$0f|~v zE+!oG~39CIE*nM#Q89Y8}YJc7@aQ;;%Qlb za(D8`u;29fHx4%voIbwkc=GY%$BX@eh1bp;yqdQPXWgjXt5Y3{JqxqA{c2eWd&o=p zInW%LnlNPA;Z!5AH;EyY&(&H0Nz|*(J1w9^ngHp8Zzg=#NZA(zzt7$Mg|E}}Nc$kW zruaimuG5pJ-A_Y&&b>JH{LBhtAC7vbBy$s#D=-=_7&TTyBSua>WxthW1jnS=FYH+C z&%YwJf#wp;Mx~9K;7Q&}^iz=AHgyUKm{+ff%<=Lj9PK|c95OZbBsT6N^L>Nghrz*= zqyvXq`;L_k4cAEdDhpx0sN~HH;N?^1g5LTN`-*47uq~$o!rNiK;FW2~Q+J)}i+v-m)fguKdN3s=W%cP@Zy&}W zsG=zY16WpWt;Pz6Vl_2cWOY$SLl#%-#b`j{g2`Ykm~1VaU+xDi1#-vaSL-HYOiZJg zEX3ZhI?-7SROhZyhM#)r?3mQMt^axH)XQGiE+nZ5cl zH#dqv*Os@u2v?`+zYL%HMA!~SK&ehoO-=1~=;(V@^D073RaG9*JE&6gfX$&K0;^b-G!-o%>It1Od?`kF^DfbPm zL#d|0I5lNi^3Db9&yn?@9gWbr@2Bk&)rS5-*~9aZY+>CB?2ToJBiJka7XkuhLiDVS zNER^$EL(RLl-rBb{|aRB#d$N*^3a2jlqon>mOsy)d^Aj{E%IHRu;*FCU5h-0V*8<^ zK~}sWiYp09R7+N(EKBw!D2vB@vP4a2UURgw?GhQ(rjne@YAc=zLcrye6G5%9B&%qZ z>d=SzW|A$WL}Nt|OBAf-4t|CZAHq5yjT`T2`fMpR`RY9bo;^BLe;rjHcmsHMRp_s{ zgA|?!d6%`ggOhM8*2wAzH3fgeidSe&36{+ok*snBe?hC*owNme$~zR>V5|&t?ksT; z2fe6tntrz1q4Nq-9)Xxaj2(Ke) zurNaf=3*O|?9$^~MkG)hpk-YmIG~~-vKFLwis^I9t*+zu@azLJUmO8vH;bLoI_A>? zkhK$a+Tp(w9j>1~G&=Npa&q$b*hbmoFw5=3Z?b)5oF;u|gS=k95i=!0na3E*q-q_9 zH~S6TyhPSznAljKI4{`^kehjDKx9yOo)MzNR>M{DS16G+jI9pgptGN65TS&VCJkD>3pyg-iHI}urCkBza3>D8fp!}bJxOay$)0DQb% zGPgRTzck_2NL!>4kYotA?07W<%=0<~F3b6y$Mlt9#{_}_BSgHBG;Z8hq_1~BTP~RB zFF~~C*CK?9nja2aJ8)o7NcHJv$qrPO$nXjKEGz@oUns+r8MZ7-U`05sJ^ZVZ2sZQ` zTA*-E%^5p$F!hp29ZOOw#-~GH$7nSXt$2H3JmKj;@gmT&qU{(xlZJAV| z^i|Vure;Q47iZc*A89g`Lf4?^%MRQtSCc+>`@(yc@Jhh9>rOvubNut^lkO)suAi|^ z$Qr8QN}WN}2*v?fZ3f!3fd5Vg(}K<{`}w`ggv8<19ml|tm>R)mH}wL5Cq{N2d{Z(z zo>?~iXYxuIYVa_im?G)}DJ_q%o&BNlzaAZclzKJL@T95u`t<{ks5d^Jwh;%kF&jpa zjLm+lpz%H7H9&YnC<_FYf;KwS!FmtR1;#6KW4i&3Zjcq^N6!_1k8dF6+?5RQkKC<9IPhv@^2w7{l#+l03)XJ+EJ}r~KrF$%K|S-ui7wBd zjsB2_49oXkPW_QzDX8P`r7xCZWwR-38)FlUh>~t4Wt^T{XdD6hn>#F(hDn%oeR7%$ z%wHg$e!4wTu8EEXAJ!E2f4rUx{@jFeWlz}Fo#m=3#qDAn(C83-KzX^KwqZ3r;W6|B*AV zo=nOt-5cqbw@QII%7LX6LmI%>y&pSyVd@&8;)X%?BNC(`=?_geiN2l5-UJ0z0RDVEsUoak5J~CVA6wbk4P?s=d>HR58M%AuT%G^sw>uj>V8w4fYjSnMkJ~D z8+BF)DaU==(rAlv1;kor7Vy=d94agLS54OsbO@kb{YUT&L6ZU^COZ)lud{hXQX87c z)F8*PKt%RHS8af4M)xpM=r9X{DmIt*BFpYT@6RAX$kor+BmEt+a%lZr4p4QYU9<-< z2kNmFQ#9D2bUzqT(AdBjxUGIVs9~f%snwv=e(C-Ev2-8>Ff4S@LpNgi|8kc8Oy}Gr zoCFG}kGrAu9A>ed68WGVdv5x5N9AB$sc+P|!9mCFgw zFl&*kv5oaQswLlu+GKRq`XhxmPwRgELT#L$?{fJ2jX|f2@CL9sM}j5pG8ls8qQE!NJd#~@D{!q1L?b<(Weq8yJ z)m3iALY3kWaRj7604Ya2;F0Z}-7w&x9!91Qgy%HG(wWJWcY;OYGmI7FUcK~A5ktTm zO&`sJZGrf__>_^*IlDpb(+MBYO@^=TdhGVG{>bl>fAq9hYIpq+cYkV-c_nDwtRZ6cv;>bN_ekcHaU6vgMv>I}fWu@LY~uml1!c zNSU5Yh!vWweag^jLC(#RB{-l=PU!NE5nwdzmY_M*VWYQ{JEXrr z`vLz?hd&ZFrKEKKdF564KqH5|06%fxVKpAAS{kO#O9fmw2~73Oy3L1 zTndJE{475U87i>AyCJ!kDcBlrKWOhOIV4tT}zYfsuW_ZG`A<;vV{*tg!>j*TV91 zI@2#SCEfWg+!5AWDnqt0TfnD7R|J;s;t$4-5#4YBN?9v9vG*d@)YP|4t`=-6N5;vr z^4gXaOE+F?-KMum|M7PVsZ-?lgl>@QGzFTOWfC#08V_nc!#%V5h-;7^mJ5e@hB9_Y z=az?!;|BG!0;o&;`J)=p2ZrbIM$d>>veo?4dAo2ShwX?Ivdpcrs_fl!?^(T5)N9C~ zKb zm`DSJxC zqFW_0Y`1j&RJBo8w!y*3W~-|%G(^$r0UdJ2O5(#DO*JCO?t$SNq(-Ag<~VjPl!7~H z-0B^Fi8|1E<`n4%tLLH-LL3D`?JB5rhi#@VELrr(y&tjH`L^X2XuG=*8?nA5PhT)g zv)WEAHI!9Q?Jpre&cwU+a!=QHityPJBu66$X-x02u@buyfxbVeBH-|}ephu^H!ngx*Nru(7Xiwj_4u zo@raw7m;4EQS;iXq`2rE4K*(FU}PP28*mAIPwM8kXEq2j!QE5fZaYab-Gpt-iV`lZ zNlzeRsCi?lFK*QuNxCT97yKMMjyb()qETEYc9GZ`lQan9a4`rWfcR%#4GF-w<z?u~X3~?kvNTC`*3lZ`tLI<*f`5bO3gz?rZ28dFNqKZbbktbx3w{GXH#1!j6W(#E^ETYP z`M@w>h_9KvH|jlz3osFS8Klo6SnxGb7W_v=LBiD){+{_ zYD-A|5#Fzi6hsY#n*Qkv(>rr7+({BoxNA$T*rw5QVt&fD=XAC~VlBhDX7YX%uMuJi z4npjb;hdYX^pa&@o;L3&3`R2ZDA8M-9G|T6p+*gEx_f)~w~v>zPXRsz$*fC_H`%Sl z?e|D(WAM-4HK0SMxjEpY&IW}~g|P$J$0Yv;iH9VL&eRB-0tRT8DsTWvV&c{a*)bfL ziyz6+l$40`fboQ9j*o!h%hWjI6Euy?q|fu#$=&uL>n3)h9-CLXzyiD2X0f7pnSZev z!>KohEuw!5OVk^g{+T%V*&BNJZv2ujt(LBfwxX_p-gARbiv`2DFZ9JL$+JZ&++!I(uKPOKl9C~zhSUSc0CCKs5tHWJ?t!|u2B!%7+c8Y0o!|jv- zk!2m>d{ZF7YDqLUpt$SKgnKRJkl=$D%eIij^7W7OyNQp`#mnwfcr928v6sQq!Z*n; zO0y1+jE=@WUe#JV`E@3t%)Inji!hsbsRZ=>o-#k7El*Ky^4e>2>~I> zm>)(34G6dy%Rm}Rio@ZyW)7QzQ_I8x>^Tz)xx`0t+2S-+Tes)2JX0?|W;09Bl_B&{E`tPA|V=@VXXB{*q2DFgr9xrB3mrjIE>vOI6y{`emlT?SYV0K_-p zp#03i_4G*IpbLF9ST!nkmT$&{?zy>gs?c2tR{ecd(7v*gl5BGxRiO&DQY?nXKZccK zw+h3MWfgGDOugJGAQPHpn4{7Ah^a8_5o<009Fp*t3=y>oS!7yL0I7~RbSzWfo58nJ zjnEiAE-#%`OIJGJ0i^GgFMesVqseV7GyoM2?GECtHo}pj@ zFP-l#@nEcGYqAWbaCKrnWl8mXD%>@PSOx$+;1j4zNZ6r6yhDPVQDyo7N$6d2(k>gy zRz?d-PRe4p`c>_A6uZAYuJgBVOPh$?kk(m+vlK6*c$Hg4xCKU_vP0a~aR#_YV1U$@ z1hO1iKTtm6t_waeh#D*hp!BC*2JVV~<6pq}^F}j(S_2=9R!Qeu;RbnBVxzG}7^K*X z*;fZx28l@%z^2jM$#K*{ z0c|9r8)s-05DN4*dJDUVu1)H-DmU!F8N%f&bKF+mF0C-U2TR8OSV}XeWx;9C7oCdW zv_BfJE;ok8h*F1Sf!C3>ViiEuIWcy?5!6GKsn-R&8HT+^QcEFro#2)DAR8lDoR-;P zt!3JKjHgdaYOXZ`$ulRxi0mxZg%sk`b>u1J{zX*p-hL}>8&O?qp zBQAqRvm|Yd1K7;O&gCaURF?=%t500G8%azKBa6hb;5H#cY)Th9idPDOgJCEONRC9Z zR|!YISx)jgz4A8BnM0W4MRy6b1GE{I{MUo`os`YTyrvCa$QjjZ& z-IOH|r3em54{&{t$1G245uXGxFpgJ;h=d^&y}evdNg|B7u# zFhLe!2bW>R086THgJA@0wCs<;a37RvYrBuP7(QU}Xqfst>%7tq1uOtKPeTZBq=L?`SK& zz5AD-pOPhr^33$fUR&Cy12v#ep##-mC*MSHP>wdE^1E7pV``WrQ(zDsGNdjclSN5h zis`&pba5&>P?zxMAcP)asAMpbIlX$+rErpOTaqE^supfOT*P!83B^P!ksOW5favz&`1riHz}^(W zBgm53(uX5t0syiFuu30#)B^VWfV73~wbmXH?<25AfHcy@_-ZcCZbh{vTuUbWfFDwg z{;D@noDUA4)y^t^4tCl;z4MQRnxGYWcYn`~qg=23)D^ou=_WJj0ns{t3-L0pOOlA7 z!P;$QNYUZn5-*F{#=Z=hKemycSi+eb}bA-cd^kbxThtZ zw+(zp*bcqT^bsRpkCLNyOCbkk2_L!hM)I$}>?uk(SifcE$%|-qt`&Xh!LRuWvLL0f ztkUBV(Ay~nq>u3~+zbqbm#XeC7-?hQfaFh~AUUwj?&tRNo@qs^MDJ!X%1K}J1lO1E zP?Ad?fBfAk>#v5{y4sL-6Ru(9^Ss5*Y%6(HA-5?5(E?QR6XJ()5TiS(c1vTd0(fVs z5TnO6t9=UDE+49eVWhUYH+NZUp~PfF@0-pLY%g2!(uL*-=x`#NY2# zVkGyQ`i@{wKc0&~TIww2x$@wOSR5sao3_N7A`SC-+z(CJjdJxd-YfAc9wl>&JOO6o zkDedJA3ZCoP{x!tuyc-=&Ej)9$mIn-tw^aNu zxeTaEDVd>0;sa;pp!5fnR7s`0qbzzu{Z3JiNhf$cP*IU+_KMD7m;j4Svp*icBS%!C z7n3Ai%ex`4v%ocx9F%bs82Nd&(qk|D#KGcBUZIwbeET2eHk0WxCYvOe77?7sGv$aR z51YThHB%n8gVYA-xJGOTGDk}K?A9QN1#>Mc)f(3As6ULla5wj2AYddrm&>Y1WkKg7Q!(O{d!m zRvYG^*nv9&u&bYCr$d>2n^Jbt@c2)A5%QH-&eZQ4>f%rJ>+%~5%a;i(z~T&mUuZ}P z0)T@^c;uKb^Dxm!KcNDgFdRvV)xI3s`n=*GfL`JNc(Wl|Y2PMh3|qA7{=Lfu1tse*Cp6(~-?lAy zZZg}oC=*q*67RfAV7Oc%`UHLF@2H2yQC$TJ;$;DaU9AM+ok;%ZZ3YKk^BOTCkv%6` z2*_fZK^pMFx_J~#G`<{BnwhmooyCuaDZx*#ysF)NX=?Lw!{nb)8vZ-Nrb2+#hrCdv z|3>)R8nJ!Eh~chgG+#kxUbfWWKqVE2c^vn2t z7~dYHmg2sX7gs885#0@jZJ6qT5b{yi#-yKb8VPq$tVv&ZM}3F?sjgc|o+Zb}Zi_u6 z;hFk$$VG95iX=@;RA_#Pq#@NzRPeGN)MBunbG zLQ|xCR217k7$1864jQu@u105!?8;-)Py>^>_3ntNOup5+vXH))9VOJG9*35E{&vzG z7=Z_Q9h4NS>U4o4?nb6v32*cdBsg>wcX}o5V9{AgINJ--p8;gPF{4<34;@`pBs$u6yOl z>E#>YEEYOTuwWNisgcl)Ba|!41nAEZ^FPs5+<#Y{Wno45!K$9hTLDf+{I8}sGZzL4 zi2$)1coB8<^k}MCHg{ARYI|rFOn$j13l^v(xBo7M(bEH_6M1bzg76NY+Wu`vBK|D? z8PJ+c>Otxaewk#0l&jx1(WcE>lWs=_noYpeXlm6{pIINoHSp{>ydpY1i4FspLhnnh zCSzZ>z;M}IOmh^a!|50t~~9 zkGEI>W~2rH{&>*u6~wCqj&d-8l4}Ot8;r9Uz7s1BMwc-b3zdgKg?<4{HD^6NibP6= zxYjL?R+5iMAi~S*FK|mGT2!#R|Fk@n_1E8MZSVz2K+Pb7I+us!-gI7z^+D<(feR$5 zEsIdYbTqYE;-5PPlZzvaX214miz)s z13d)PfMGKx?#3b$(eBGd91d?0LZV8;;6kC`DKAZuF~)&${I{@V&>ghlo(qgK3_teY z;$*ls#p|ZiYw_usl?;PpFh<`7$o;g)HAsK>60ItB&CKnxrq>94_A^*xV$5dR!)7^b zj`7WasDP=%SzT_>F#d+gy>4-hVT=trj*EtY7*hx7zH*D9d701P_Q4O-PwcDQ;XeW? z`OkJF-pAIbEQO(L4#kD7DV-x!9H#j5mq?<-&W!`>AtP4v>jj|F-+-5j>WFYE8@4dN znU>r7r}y*x&?`fJq;e;Jz6(edmF@;d?1=tZv%Sgxi|YIgstD+Uq2dtG%?=6%bVgxU zE@0daNAgtoRA{o1vh`wih~luj!JUaVnFnbj>^kbO0>m!{HYMebxJjNjgGg#SX}4(T zd)^=7U70dm{$geSTRG4uXpMk;Z%ff0W97<~mCpZQHM0ZVe4JMJ`!J2r3~NKJt#F@W zn&+tAYsqdHSPu%q2B{`YDlX{!nqy;!#l9p9t^2t=o|B4tua?m0y-}Tp{|P&LN{O6@ zEs0;{?N{C=Io3|VBDi#5xBLFKyt>-?0XxAr~pw!R(7se=~zMmK)ftsyfY-d4D zFxR0NZS$gECBONc*1@gi%!_w&7D@bw)!9xZeTo^>1pE;H990*yrBA z8IfrQH{~QkuEGbFeLmSf5HsDcWOX2eg)iZ1t=`k}6HRE$BkG0G8e|jL9 z+W_zXhw-q`wde5{$&H_IOM*w3GD@`mpO282z*HR4!+pye&4L94x{k6y0Xzj4HVSzB zrPWz3=vn;J`HSG{F&a!^%Oq1?4xx01t>D!!87(UAPb69$M$@zSCbou&uyLSuWJiW| z3a*s8SZZ5t+JT#TaifxHgq;d`T97Ft)VcY5~ za~L0a=C~%~wp_d8d~&q>C7yD<|61-}g4$dV06IabV1kJ3h+4$30t||}(i3CHUNqF= zxGvHY3+V%`1MuHB7Ai?UT3M>YZhFu;(x{v~bVEQ?LNW_HkXI(p3lEnh?09zTp^lfx z;8i9LS$+ZK!+-t#nQtIB40^)wf>QB>oecn;xlpqs>%vVGjaut^+(BrK6SsLHb(8n( z_Ys(AmEj-x3&P%$>*hi{-epEL6091~Mf$LA9u(PgFLiQTu0DF-cwRYa7T6CVZDQ*F z&%^BMi3k{PuV!VzR;YNvUV_aGH`Q-bC!k9!8YJ@V5oRI~xOzacO%MgmVZ9onm22h= zL9lwSGZ??PafDcB1M0_F?9+@300xMNfag`UxLvg02yF%D;YKOiw()X+Vj^zPYXs*1 zG+1*Flm(&pJEZ`x+a8J|iRVgcRl!fpG3pV3dgKE*lmNAm6pj}N5-0Ir0 zwd*kZzP(!nR;1G#F5R^0){eJReqWzBkfsRlUYd6eZX^zNA7zcQ9^(B!(VL*6soLtPu4UolzD7^a1!U^VA2 z(Q#}dAqw+RFL@Ds0cMB3)eT3CvOH^I-d1yrh#yUSV#32OZ1Ae=o6HYxxz&=x5$-BN zKQ=dCzy2}nV$Z%+6Kj{|HeNgR=zlx(s!5YkBq`E(gs_}+k!!X7A@-!&p?q8Jq?%!% zS%r!v_d?a-O0S&6}hW4*Hj%J zNUdG`V41yL|EBYtd#ijp&=1Rm0|!!)?Q54Vh-$3=^UrQ5U3>d=Mr4LPm%*j6&3p_i zu5VCb#$4WXc|LR5{QmXo~dzdcN1sBvN6wMxygDC_{lTKRW#nWfEG_)!udU%%G7#$bk%&L!OhM` zt5%weRyHrA@lCV15&JnJHJT=6oMX4co~^|UXwBBV?nyIsM< zuU~)4n6pE#{(84_U!q31=(t9ozgc+3gAw|#@Jv(9KXJe5)93hb-f@?5Ov0~VgCT5x ziN-51d-4ZGaf+9}f78SH8gE0Q(uh%cI*M<-gS@ZeY>1YgG1`5nRR(hc6%yQjsNxR< zm~r-1RM^ulI|q5c_sz*4NHyS$n9VwBPxq52A=?%lIotDmD1KGl4G5!edm4lPAZ;y% zE7?%w=y{+FE0Ts+hHKL1@88FCW%`uOXWDNzXDTEF1g*T}b%y(UAGeB|8fl(HXDSdU zu%e=hquON!Cn_)};Fl$8o;n-z2P^CyXwErbLCT%L+7LK%wP?h<&1{jMhm=cG@r=RJ zItvE)2Il?626-bUfnRZG@OiRS-&It4lxF%%V6QTlx~ES95CR`e~wENlLX zNlDOsNNOF*lRn8mly5{@V>F*QUk`JEMs(ww!jl{3VXqoNnmfd4(usze#0ahj%R|K+blYd5c~HNWH~(J z#Scy!Y>9Vcd&SiD12Q+q*w7yr8(>?6Q%<1zEsPKqLccpPA46o$NXI0g$>Q>-}h&Zm_+)%_kK@^B^=SQ(R+wX#C97; zsbSBw{2?MS4}GOnp%R5t*{b4+leQ>}uIuHI)_TX6uPumB&83-q%{QXQdAxT&y1^5d ztdgr#kzm-jlaoL*LnUo-$xX^#(43vRs)+%Q8>Q-L*r(sp)?C*78vatKq&yPA4L;LT zCyx{e)gpWH7ilvFR4EVx(cxU}GQ3Ecv%w3OM*>fHt8B&7Oyv2{Z8?}c**<*nB?LkG z{#5Z$>B>rv^o|%Be!~nTCX$|T_qGJLAmFJINktBj5XF6a6-3l7dc4U5fpe`nyNbUS z^H`OO)y=!YIbbRAjwcZ+xgKQ&7Rw3qiIWBMM1^loUuKw9*e}|@ie|Em^L_Y*H;j#H z>%E4Vp13>VULi0i;%Gr#J(o_;@?O*CUv|2@r;KX_H-$c-!Z73O#`BE_J|83!l4`RtnxZi}Q0PNcC50b&|#VVW4W@|AgF0GJY)@X+> zX3k5{wJ;ZXXz5~_F~nN0A2u|1dwN{n5|0;xAy+(ORQ4;06lu=70DuD=?@4dVsUK`Uz=j+6oHQRv8=7qaM zS1{ZV#Q32qm0{w{HyNf8Zxk-czryj5l?vbjQz)CC}b_e>X&Mo6DLnH>B5&3Iyb%$mA|asY}D8-FM7xw51Y zU6pxzw#i+rQciG1kGdhAIKXr6^bK-3!=?T3Mgc%b$k9`5J|4*YWka)Wc#bwRL!!1g z?_KlRH)c?DIu-T?_9azCYt;@FT!Y6R?(vE-yX>()Haw!w)3amMvUzgq))?=j&{~IHbH`vrw zr@cJN7R#F0G5B@>TZ2MgSX}ba#cb#3iGJdkcR8DJs&vgoRCCc0yl&y@c`BAldFI4{ zya~cOpmi2_(bWojv##rJbcx#5mMDbbE0_wql4%bHN)3)1Ea_6Pw|TItbq{n~R6%l3 z-dVIj1wPP@N^4h9BNWT<#h!QX3(hDXrFAEZw^N5$+PGT;44F}}2+xt|S@8_S! zDehleu`7AMg8Bb^JQL1R^ppr<7tKWTWl!s?QFhY7gmsHb&fp4D<#WJnJy(W50vZ*> z)M6eglht!9E?8v^P8hx(k=bzf(VaAt?Hmu6V9XlhfCu$&7{U2&ikw!@n4OnBnA@!_ zN4#`ZwiZak3fZN7JK^cJ7Z{oP49B3nhq{D9YCVE{xDHDre(n52DryH9XmB%iE9)1l ze1>!4fwD)hHpuzODL3VpUv5mUGWe49Ve^EVm#^FtKtm3E!O$?fv?9_tR_7tPlA9ws zz}zG{9=SZy`RE2O9mgUo*FZI0YqW0xu8=9A0-j-Umu*==K=uGo#?lCW1x5=(# zW#~-(`34Jt7p#Aq<2k&X@b!64YNREqPc_e)H3;0l1{x#mLR~G=OJx`pa3UF;+HF2t zBmY4h_DaQZu5qZKF3GI{r zFEEWIZ|AfD4Sxjvz`4gq!CWMynKIX1X1pNPV&h1R7B(Wa?G-A6o8!$Tg&q&Gtd@4EW6Ut;4YfeH*{kS8UvqPH-jlo!zB&F-$naSL zy*%g_@eyDKFuvvB9C?etSwOFbptWv6L=zFG&qU({7Bz60#j;eC@#O#bklZb@K7#y% zZ1?Gqldj5)M~@ncA0wXnHgT05jE@Rx;TABcITy86WXV!-%L`|XWtZ@IFwMr|9~#}| zpky?KWHgc|WA~45jF*!wn;(jnp)w`}SbOL~e&K9Piq)QSmlVuXgbB!{X!GS??yW5p zZa%VVPr>&zlY_)2TAZ_^F*G{vu@(#zd5so~9}ji%*Z~T}wOUX&sH|m=xrv->} z5wwIQG$G6fP#EcvD`Lq9P1fi*6wbv&VYaHB=3Hr^G50Vxz6cq0vBBDq-Og8F1_R>p zCkr-TK5ez^5*dit@mOQG^K|1L|9G;S^HqGE+I7@6-8u_aSvFggZT9(LgIC9L zNch^UVwa6ctCj#~(Y3}Nb9pXs=v~S9x4ys`D=yXA@H_Xx+^qj*3+*Pf9wC;SlIrGBj{-blD8A4__(9v0F zf_e!=V~EU3WE@h0Am|&vuv^Xxo0Xx8WWMc^{{l@>o)hwk%BN!>=RkdTi29L+mp#uP z5AB?3geC>4^Q?6+0wTdD;(^->#(VELi&�I^Eh=wSL9C%-K`z1huQ-FEaizZR-=tgXuvK8-=gcX?x^^BPF|NgTYwbd!NQAZJL~X?`4PQsR z0GHR0f0l3%fT&1nN`xodpn^;>+$yiuy%5|tx)&5LLtuMQ!(A`SWwY=jiVq}c2!Y@F z2{0RmX=pzG{vx^mS-Ui6XZGjja~gBHrHo_C{gL|6~Uz}vdx8% z4V#S#Zb2?EOv=(+xa+;-zsw*DDXKvPB7uOg=~J$1a8eDt;{!Uk0P%z3-Gku<0zL)A z``BpNkU0@waSoWRRbAFhx_tT#EvPhgttvKfL&9+aA)sdsvG%yt_Y9M@NADDJ^l16t zrH&X8p2En87p)-_t8ypSf+@D1H9RaN@w!4yubfl^oIMuuq+^0GxJj0apu&8O@JQ|g z8B)ms>GMZ`^aFCCd^VHC6zcIPNK!HY1A7G+8LND2CWCFr?h8tE6*X|%AizG-nq+_S zi|M*Zm{2T}osecB8<%CAv#^E$-pQNsjspg8$J&6?t6E)}JxCs|Ib4Gxpm21@R9SsPxC6^(`jQN&XNp$_SqPv2^1%;sJnVOY z(q+t3X%=$kpd3IWwz48AS3aX6^n>DtzkoRx;Ugm6k7_@@n_}4+1Zz4y&6x%G<@rj> z^RQSn;>lS_$}B5k?g3V-yqSE-Qu{0JCR&up0LGD1AOl*|y7qXXdVVcZ>$#q~HlLJq z?yZ^gVP4WH!gmt{@6=SDbLw~2C+2v~QScHS=b7aeyrI$R!9PFj8>rYE!Y9Tk(Q5ds zTA3{eO+DOmcm~Jey(*6)_8=7Oo2hw!c{xL2%M#pKUI(bf`E*Ezz7ShK$@4_!9dlzP zrSJ?i`2EO5wCWr!V!s*lmwRrI;VvgtU#d_!Rh}pTKS`)T^-U;m#>5 zFefINlAOYi(ug#(lEcRT)_yu~gNsnn;;nI^F-G6|wvmpGBIsonszjv|j=*zrMIVh? zY0NVcwFk?IKEuS8?&kdbvqnuWkZ4{-T*U`9sA{*XatAgz2dk}9ZT^WvOVq{4VYwNj z0HTt7%=jlLHNwyhgo4V#Zzv(j4La?mS4QnJ1i?`N--^Zr*oDqR!d=d4ZUimJc*Lld zT&xO1BjUuiJx8jFl1$fOYD9Qne~yK*vojrs6=N;(*Wv?(v^O{sM)1{!(1Mom0_+gZ zYfeIisz4Dx?>K2>`Eq=>fX z8Pt|_@|Hr4%KopQqyVLiDOHlf9t%taWTI0B2C?yz1&cHlU{KhrN zrLHiUyP3JsOzE7JaUp>V-w{e7ogp}EjSpdUP;#bF#cF220y&O>$rt;;09G= zAY0-$i+P<7(m?$hbt9TzoXj``&KkRTX z?WXa(TbxjaCstWQQPrygi}%b+6*Pv(Ei z-Rp_#u7|)ebo0AS)?#?tJ=ZxjH|sR@-)`MZ%l9H{YHB{M^C{3*FISJ<*Zc3jzS!^V zuqD0zD0N#J!mXLsUM#X;Eo14uTm3El{TDQp9p;$h$pL~n7Uhaw;ojjEL{)5_2kpi7 zc%lJr^YZ0n!>@w8rGOxnD5-sFR1@5~73_82;=Dko1kn&@(H{~|-im=qbv+20UOL?* zw;*pe$NPsWkcBc+Y$jkb1|YkK=D%-F;*kQkU$tAO1;u<|G}0keK=KJa#nS)W}qE?<)_@2S>C+LxD=!FI~p63hoFpUgpC zLL5w_P7Jg*LO*EdQNeWOtQy>4#(6WWDieR9i_00Me6U0)!OOEULCcLZ@gH6yF)wjd z?Lyg1wLMqaGy*kdkR21y#+4LnB-^+aPO9AnR<@M$uGzY0FH@_`uxE9bb7uzDG4GA5 zvr2pT-pl!^Yt^t8X;{4BJi-1s6ldjB$MCoBUS5kToFBVy|NgkRxa7pR=(yzQ3i95EoE}*WBt_VAB|PbMR0A~hH2y8wqtSPw1%VOIjM@imy#O=?F9+*ah|);Q34 zn@qK7JKviSw$9S}nfV5?+D{vxMmQ!&`0z62Ovv_-+>FwwrrA~GNj`l!T6e7d{_|`) zPB^FwR9!a_iw5s&AhfLHyxA_Ne{S*5fkfGt75Frdi!NC$Q@wQ|O+#5j$+WPgp&|V3 zD}@bOis#OqJGJT5BipmZ_uswy{rA8AI(OF(K5%N2-gEf3bmhvn_BLNXUti_)nwo$U z400hsv#@0_1bmtMG-dkjU*OTH_t)yD|GHK`@vgmo^4Z|@#AL2h^7NxqPIVJQuU=mB z>b-fZCDU}Sa)y$!g;%q2VGDg90Yk$Vm<6!n3+BMkJF?6i8Xfpq`y|MbC>3eU@2jrfE3V3e z{kE&hUpB!7HWKRuWNU+Z~l;?&cr@l*8^uiy*#y^Biu2ub^{vQkr1{Y{^^ zP(hpq8E%@MW+mwB=^?7xZK%joQspsB7$!Y%Etl4brYNs?r|@>g2lX3Z;kD;Mq-T+^ z-&2aVsNF5qdBTMDzRl~r>7)Ohc^>oe45j{T4HD!h%cx{N^+DU)m6Xf|&Cz;i=0K{((n}Q9Q zSb~Lvz?h)!t86+q?Z}ZM;JZU(<8zW7>h-sWOuro)F8wBD?CJCnd_iKvY4{e}Hg&%& zTyW%+-t*^>oKVSgvEhIPf(?g?-?XPpysS)_dUb7j4E!?j*ER4_$n@~@>EV!RNW4ez zg|WeVZ(qISaMm)&=?XG106!ISjvQ$*W_p_|8v85hs8kR#G3VEMi+s7JkakE+=`+P8 zV-+7n(!fc+$sj2fxaJv=e1@xG5=kh_E9I;@4Q^UVP(w@!bsDYjQMD6SwR-eEshruM zO3|KqGFC1x^JG)?xmD|6P)0376C4&Hqp>c~LbVYgxS^`n@)ZavMIKDwAjZc0W5#Q> zrkoD$6Y2ggNPYD_IWBFHnpK*lpDyW)9bfZkY&u1{=E>>v=j}AjeyeLw&f4TpRx`_E zR(^laIPWBBUT2Ptt;gAo3nh}^`sB&1cBkpxyM~G@Pu5M2UmUETOx(3A`kU9|Czfqu zEBiD!_RVGb6-WKCsWSM-`owp=x9?s#*Z#Wu;G6pT!9NdHy@xMRwW;#aBS`Zrb&iYn zYCMp%sk4>mK2R~fd|RVap-4ORJG+w_Sc0~N>H4e9W7>HZ+whl7Mskct5^scI205CZ zI*zCJUF8H1id37IioVAuYQdiLMt6&hOQ|TxR4&<|bAXI|8g*^?(`~=(KV)a?R9pS? zzp8$Y-D~$$vd#auyuQWxb$hgi}cF!1@XX{Bm4{&Sb6k#)c+Zg%|SI zalKXM=XdjK{ocb1$yiZc`1->bi-{MZypcz{>6_o zjm(VF7+ZNg>4;VywxQkSG;JB&Dn)Gby66B_WBTB$7y|+jPrlk+eu^eCDPQ zrL5V1=RNA)`}saTzwh^tJGr)U-skl^&+|Ob^Wri6SAWI5+1bvDdlO%tRNV8P9!h>L zfA99HhS&{$@=~D4r7?`GS;v)ro5KA>ZRAhj`6>wOhEBt0(3>|j^!RoE1HttBluHlU4=?RI zIQ-04ZZk>DoF(E{!s2JLR5*c{63smIob=Fh{_@7AIg&XZZyii+sZvB`r8DijLqBh*3C)b3JDid*RD16xpz6Z$FzR-S#8(!k>RF-*vY2xu9%xY zCsHQr`XB6TzrL-Gd$uOv+;MGZ4E6*Ek2`9;nB*#mS^jjC6`H{;&08c| zXT-f*j1kY!%+nsa%fv@YOEmg~yh9DSztxT=3s&M9`Jdzv>U~>;E2i4W7bANSI2+K# z?I!Y7(FZ?$2{p=C7}$f1@&2(Vj|u zNy)%;vML=SLu{-iNity<@aqaWwV95Ds}%Gl2IJ4euWHI`imDfxO%2qC-1YIfd$hl& zAoi!AzT%8rMcm=wnn3Q^e0PVEK%!z&cxG!F{oL_Y0*5F4Tl)Je-V~Tc-5vY>;;YH{ z?A@52mJhG3PZu;C8U6C?^XJPoUrPhSb{&Qd-lYa9?`-#(6NsmE&xO&kmmo&qBC*F6@+S(OEr3s*bc=T1s18i+ zfX3U+j{p#Dzfl_I1H{G;RSgYcpKc1?Plx&i9`HNR_wIf4>a*-pl9*`bzZ2+Jl)7nQ z2LC%s7+w?GR#Il2AfL(9KV!L$8jr!+s08ib9~2aH+`BPsm!Hwx*Y@qR(fyyF*Y2PF z{-8EFxnO%i{;u3qPpS0FHeA1x`cye0=d#Vq?`O1&o;}O1c+mSV1NvbvX&)@pePFZL&G9qR%nRaAp1qDf?ZOrL2smK#%r z7~y(sjn?-COJw24h|s6C_KzOMDs#w%DsDy#xE->i2{_5$UVz9(zCRKl%pPx}PH1N< zA`bjgP?PY`;eq}Epd^iG%7_j#QsY1I`EgeNgSrU;a`Y};+V@~$_ip#1<1%O|6f2() z=|V`QT_)w74{hsy%k9fp(ENfY!}DW(=q~ct*LToAS?Pf3EFM48u#+|>Gp4Ex;uaqZ zJ=a+j6>sqpt*;P#*C%eZLdx;>>v46}BQxV&{5umLb>X`7nTW3Uw^zm8T2`50o5p(J z#K%HEDF&SS?XI1#Ok-yMy8obQ-@Ya7E3QG%digWArk1P#9O@n|8{KSzYAas$)L`{$ zEFCXlX)lWA(8ahO9Oemps+}aI$K!2+A|+2+z$vbEd7BH)0tRH#PCs42DV#8=q@g2d zNef-bsA%s@#vjH=bNDCc<>f{tB$Gxb--pH?+4)Zs z+U+6UIgLY*M7p|N(-S?Pa?NJG&(v<$e){}brLL+#=~Bjb)1!7IBI^c`<)o3%YOMag zcjw4o50m$7I=>-y`X|3pyms(?{lPtlg1-uG?%4ztYuT-Ght+5EZ8D0N83YpVzj43B zVB!ffcv3jpl9nMNN^q65rmC=PTQZ!$y)djo?&Ny>WR5smLRj!)@{lX`Muu?qOpb@X zVM(h1H0?knctpeuItec_ZT&G}TYY@$B4dO=1l8&`RI7HVR!$6t`0qrKw7X0}5(VO; z@vlVj)nAoE&2fU0o;AW(89Ly%eW(xwR8T!b#GEh41O^FswXPFLIoGxyE1!d5u~U9F*rc}mqhsnW0y6mf={K%0%f5@e2Xc<`1Q)W8SWdHquD z`8Ts8KgaW5-wWy5)>uFJ{l`anU7yAk!Ku}^lnkB?JoP=?8lLIy6_|x*Fv!P)ZLMkX zr&e8N+FMC((n$+l3;i^dXEw$!cVrB}7~x1N5R~N-Q|UMGEybZNET0NPRnaTlJ_+&k zc_|yjBA<$gr4X$79+QqyP6s%;f`tzt2Q1R-{}-74u51s|HLxZB1}3qvrGAFSXYK7T z+fZfT31slk@+`UL-4-Mw)~kELG8e+R-M)&!fJyuR1OhQS%wBF7H~ph4?)vm>=kx7x zjp5~f$-!m8ZIs13olgqNDfGA5(Tp0(DXgs;e%-~l@4zv5jwQhX}z@!!91nC%#aOPhz9lw*I6 zW`D}+ikoR#(&eMXstvNHwQ=+=!@o(IYvQN7x0khzgi%e!e|7cT>SV z@2HWV_Y-bSMGSVuRn|nteZ8NM2T($&OCeS`#BfLA)wLrxVl6ApHI*Iob6{n zzm9VLlPpT-o@EZX6L47~Sf!(<>Ah%*Aco$HVW?q9uC`JfZBg!9>a~zl=gs0~{lC6= z_wK>#`f=n0#*Fie5>FT0J978NjX<8S-fjKd;y?n1d`yXfqM$J+!YzxXH9O>R9UCQW z9M8!JR$})gD!LCakT#MOYZVt_qRiopgl2#L$NqE} zsmiozWn$Se%_|6ewR{%kSexyIKoOJW%Zm>GnXY?e>@(p)-3$ zlx`JK9nKNyOx8HVn#fuui{YJNHh?FL#s%-uT0r~=8G7MnJnO9iiHq^M7d`XW#BkGT zn2T7+cHv3Ya}w;>ut8HUv}tawuEZl77(f>2{p|%An4W=(+95s zyBvIv*g!;p3Di~ybzWq`0GNfsp3MF#zA7H`xM%%57-^HBZt_?rqk5PJ33RX zir)C^HJFY+FpK>eH#^f)pmi^9?!%UYH~p@Cc<-8fpXjha(<}WuX%%Z#Rx_F*BFo^K z;0mQ>P~?qEZ>HFmVFGubqn^4|^x{#j;q&v29x*?Ej(wPln~T{q%1=n#x1^x)$dA8X zmyH^RR4Xky*O8NxbD#NVan>6-v0OZziAEQz3_^Wq*3qZ3983Lm!;Z2y*`=zCIC?;( z%fKq*dT6(0xZw<0O_Jg{xEuT@hBV^n1t04{YMo3QD6atDOOW;qysd~e;kRI=lYn$< zNc~ghdw6<#c-~o?7qWZzn!SG$gT+7$Y=y)iRXa}~h(QVv180O7WTa_iY+%E5O%%ZV ziKB65rD2B#agefk9UT>TE?glPXn`R=s5tO*kNn-KZ=C>6pXR0~o_jqp)A3gNex@kx zt-)d}+Vv_$(UR@dY)Z(~#w(27MgD)I-FyTzrE`bH{9DdJhkuiw+~UF zgDqcXrj~p&^N9M{`y+Wv#actdm!OQ^_icUpR4<_N4>{FB1`11%K{;c1QQa0*E~U^s z^syjbx+9K05EE-TZik%Cl}hox(WF+B1BLDV`PS)(&x9{7B$&vg@}CgN`<%(%a@|K+ zvZrVNN^PB$I@@w{Ll)k|;WRL0G{!`AkeYp44VDF^TJ`sbSmhQyhaPTbN!J`yI<2_r z$^PeNF?D*222UiBD0tCJw%n;#lyKKna)T@}nn63dskB&H@01vZ*swpQZuWCu#vTaG z;QPjd<1HVi%9cRwJ6bav8FTQ}+JxPDCP1Nr&*3lDEQC^Uwva(qzlcJS(4d}eF9a%n zN!nC4=X$HjQ3!;RIi|-PLS(|`HzSBW06PRAu1gb%jVI@mhcCJHZe7?RqrBV#FOSI` zNJ|oWHz((HDS}LkNb~KzhyI4&?R^Hc_x388CYIsb2m(6O1qt1B()S*S|%|c zd)W|KHDW>O1~%tXo{c^0e|Fz@3^02VsN?K(d&s@_lTEeTV^>{R8oYn4Lk5*;tA;I9 zA&02?+3&JNp)o)!olZ8Wc#$bG$AU9OZUmzJcK%rgjmUqe|RlESKl}}{vm1{ z_;%Fnj)MmiE-!n!sI9n<5^u2BGU!%tR!uyWBFb`?kzp`Um=ioNn54Q^EvY-jRinI= zjZ~vTk#B~Uo;8dpB8_Z5_E%))Q3%IVCH!hSpr*}tAIOw9Y}tQxAQQiv|BJ_2;lC*N zVnL;U=z3IGZ{lSp0_i6`c1_wLK##gLAI&x%YbTT*P*=7^+vPI`| zayst&a;WKP!6pi~YFX%<)&Mu6;%l&eEA!Nl zgrW%9xT7ufWYL!JA`DFj7&^IUfD336<-LEs6R~g$%@u!xlf2uRkn7%!riv{~LXeZE zy={4m;p&?TYbeDDe{&}ya3{B4+$p|0p!;_Bckcc$y&R@}&VZUL-ROk3&toYdXZuBg zyPz?)s6LKWur)NWDKB^(9UaRJ@7|txd3w%s0#xwW*|A*Rp6e|v?qUCZ=ZXWDy6|ne z=h2xNQc$BQr);blOI`Gcu+~F=`#E5^IXQb=*|hOyByh~vukQ^)JNLc!$HzU-w>R+L z%Iw~~M|^d{{ipT|7q`B9S5p&Aq|s5Bn&YYA1ez0#IG_L>s)p$||K8QuP(HVbU^@>Bzrz1&;?i7%tKd_0-??PPZ6vM1+dHB@v>&#)zFL3+XSXJ@>Vq; zXch>`r)UnnVBT8#QmEC-)P4qTVu-qjF0{CRX=xL@pSNkOdlM9<*d zY`gN@PeEsY!8Rq@(wlB111yGT0#-&b0=nB3joImEPvfiLaio)U&~D@_49}a!-KrV; z&hM%n{2&CbsBz`%8;(x?^}64|t8LM4aZuwE%q>t5JZII#cp0=PmZ(m|uk*`=Zp3L! zEt_E^*J1Hf-8ir?g3CRswy}5A(fX~mQ4u1xRJBf>Xzf45(#wHZ2rVoy+rop%&IqT0 z3S05p8j0+3&`Ef}u)trwx;GN`q1y=moL6Syy*-=J7y8SM*HN z;JxXo=W(-R{m%<@pNhS!SxgZvR$-Av`*$Aql{QWR=Q zr`15Glab+qha!@PH)fp8RHQ?ax*A>m-p7W1GN!P$wzd90!hVsBzifx;fn6ix&GWt> z#EP;3FhCp26GOB>;Y{b3qj%l`i}a-%vyfD+SduvWU^x(8JG=Jd!_S^xv-*ed{y(Eh zQnb|3_!IztYb9(2qVZ`rXd=P4+%f?jbxr4{-)u6Qp6xI9s*RoemRlir{Gd!tumr_{ zrb!Bii4aX4-Tl%=-7=~5q$|qy7%P=nig7q+AW*UfeNfpn_VCo~ySZ73##CJ&HCbWVq+bJgTP9JIkU=F@Q8#?G=Y3`J2!QL2+L2xsnzm1Vs{iL$fFl zx;0^yPFTSLs8+(DsSU_MeixF_#n=E7h2WapqWiwzCsNo2vC}`cYu%fhd{Q2AcOvY_ z%uTIl%+zw|L9#`#rKi~R7Up+%ZWM5^1?K}-6_hMMF=0*q*8vU_>;hf&wIFnV?EYVhbm;Z}rhn<7>i^KclmUxW z8=!w012!Nea;~H$un}Mc395=ENFngdJ4Bu&|AV4)BXXMmhZLjkS>=*LTK! zs5?0LZ6*gpcy@5w! zH8&qcQtgvms(nlKcd4*|!U!9*{}Ml2?lS1w`5M^lExj>e^t0zdX)X$~LBP(4EUXs* zaYzy0VTo};wk?Du1+glFDg?N97$a{dWH?B9{@)Cz&NMFF-qXMg&zhQj=nT_ zCSRcY{?5e9g1GC~uEF%)aQpLx_iNm8VeS-XgHKyck|A)7>$LXXD99waV(OGX10YSo=*kkk7CRJxdCxJPjZSQ8}g-9I10%r^&nk5QB z?X5ZD9)=^1I8J2%gY?AcM&@8u1hPm)_8{hMqmZ?T?bgc(Y!FEADl}IM?UTZT{fky^ zMso9Cn!j$v;+}IkTT>9e^LyUb-0aGBAvnfEX>owkLj6@*n4n5pNP@rznMsg_)iSTQ z&}lPanzYbi)!t6Simp>@t=eIp1RUoZ_$9VY^n}2i7atil`JEntTy*8wlqw=!CXKNA~$oMaInh_^4J^wq*9s!9laQirJVR{<{Z>6+R6C z*2`(D0~X%gqQ5%hLQRoFkVP*{A2Yd35D-`=8P@zX{$^G}^FzE&nH~w|C5;j*U5DaB zQNrmX{|YXf-kY!Hr$$n=$EYzd@@#M)BU>b^^J;Cs0DD;--hL1Kq)1Uo4CPDlSv;xP77`xbuD@(#)Th zk_Zqk%Rn>e)}k+EY}T%|s%Y;rSQb6=ddt0;vEhQb$(bH6v)G%}M-J^42}lkvX22d> z=4uV%6b297&>#33bxl0cyw8%tK#>IHDTha^} z&g9-N9+&b93FEYyJV8|@hVI~YAmW0TMb|QmAt=M*f6wC!@66i52P%f$JdX zaFAgx*&Z2y%&Xt?aRbeyR>m) z!|K~%yLKP0S!N(A)3+3DzIZK1M9S0T0!0)Yrm9M5jbh!>7`7rMC}Wd~JzeK`Xb#JU zF=)WzAC-X?VIxv8&WHYB^VLYK2gvjl=1*6+FoQ#!<3>890m?=rbNbt45KjguQ;0?f z?1jKxG2gcchjOeN$gy^G`rYyUeUjmLBitLAn+yBH&7VFCIU zFlB?F81y_B;uL3Rx(3GrhsZ8F^p(OYD|O)nW&*Ga^)j;6bL5~NZjWsH{`AM?~%=ASPA?c zcp(x9xuo!Oe^Vn6E&exzY9%Q+Ma=x2F*0|BepidQs*F-oxt8xKBH5ynxlBB~l#}sI4xQ=b0y9(u01YcQ9 z8NVe^zrJII(UQKJ-m*lG?uMi=o-ITtz)5ArN|sAB!w z3+vyV8PKUeRr2LqRM(u_x4LaLR2J*AsQz7PGZwn|EP?E@=!W|SGqbtZ*>O`7C9mfu zM|LMc(Ot<0CELh;LGdM~4^gFTE&BcMNRAmIsUHtxuBpT^knfZ!Sa-0UEjyT+m6 zpP5at?tkvnz*k(g)b+uAFmo)Ilwo{%btvBwxO|$3loOFe5k)<|UTMu0Z^IRwt>zj_ zJ!+1v+HyOydoO1vo6jaS4nt4ZvZik|@+CR@%*bvPnXpVJ3{Tw8i{?njXbWLk0TDgS zU2`}5_5vW&qXU4+)vQ*?bR`VWfbAl|vw^P5iJ>J!U#gNQO>YAGj}~%dFxndPwT}Vv zE@XZyfqSVZzq4%EP)=^Y4&M{>%!aU-16LHDs#2sL!sZ+CW2R4pzjZ*fD81ePu>U){ zwf{n{Ik$r?$-*`_as9X~x*_*Pu`Di-eMUxb6_>)S=9-3~JK!CqXbe^^%d_1pcW^Dq z&Mvv@L)}c*+~lX8*UEE44PsM!!yYoE@J!aY$y?iwFyx`wc&W8@Pgs_6soe$;63R9ziziUBLn@D9XtmJb$Se)RL(pl0nryC z25%KAY(IRqBbg|TfmoMAom6Eh;e;QB2lMO8=HHNM`?WP#&a8&N2|iu;HOTW3e!nM= zJ8QS}gsfbtqx~LvBvoNCe$4{KRVUTg!t%kgl94+qCUhv9+cG-R0wt8vmSLjc4uU=M z>+n>HvP2?Q8kdi?=D5SZ+tZmWWJ{4V(t=ODGz#mx!k z#;0cHhMOLkfi%!@WcJ(FeJ)$FvMzXRUF^g%_`*5vv{fXY6=Y$_mxy9psdq0G*cb2g z+s!TXU(%5VF^9-mryaDoz7TmFE821w=TPhZ=+?w(le{;#<>KmGiw)gGjq?nU=pgc) zop4CH01b&YpTJ1213eWH4HOf;6w7klX*yNFpS47dt!PQD>Br$i@LnleE9XwTS}TgzcoCQ*CWqwZfvLFli|YwJ&q2BQhB_uSJ|d#~OT zPib#qsr;sd5=J_Gl>p;MFI+7Mpa(P~8-3TWwqkhKThn*iSP;>iGd58{RM#HiV}kbsS= z)5z7uhN5+gipQH7DiFPoEImi~PMhIN#PM7s2>4PYWWp!%L?@a6|8vQ%5D9-J*mIqS z#=gGpmqRF*~Y%AJf_8CPxQ#?vD#p#5*yL-{*#yaEly%WP=a&M}=H#7NMIqv5- z-GVsB&1!{u19(oEV~q`Wg{>6*BGVxAbVJ8`&#ohf=k8BJ=Z26Jvxd02A4S%H(MN{& zAMEzkiwo9MbbamXq`^=)l#i!fB5h=T_n|AuK#u^`2!TftL2MyT>tFud=WfS))*rr3+m=fnPq^xQ z;kt|38Yw9f4Ryo(0cYJ}hLfoArBJdyDUf}j4bw?)>c*4u4nl}M;o=tf;U)2@YTIxb z89pJW@Ek0xq9wvO)u*D?F0#IR2Y6$IXo_I5IvnW(g_qD6UNKVd5LnGi$9p1o5g~8M zh#JE}q3{DpU38~W@$k~JasYvcbs*!+SIH`Eq!=Ra^PEQp(7~b2-XY9uz#w;iU1Q|e zN8rT#s~iy(wc6$7l%B@hSl%$lV0cEC+BE`U7%z8+dQ;`4+#TXgDM_go^>CuS;}{M> zUnL1OP~d|l3OOzurJ?hvDu=*;FM0|a6XWholnmaT87p}mH`^1@HT_lhiQ#9>3)ijD zD|?kJ#nMIEaOh&vpz4)=jJtyNkJtcoRg{ z8O4=~7I$Q*YK?sG1;fE6H7;nr20l5HB=2ou@irk9P8fj*Jpg0~VSu=6rMMbcsAOmG z>)@;B!L)?3ktX?fK!wr70z7kc;7K51T!6eF5k9;WUQ(rm-wLoJ4=H!^)$z%nCi7+P zy?4Vc5F(F$n*7Uo%~?AJS&lIuW~B}(&oE}|njEQ|_*Su;l+Y8QR)q`v!m73y*`M|9 zbvBY9dHa!wB}9|%4XQ*`65-3{{K!l&7H^*&eFC!Mfzc-A*^h&9^>s&f?q>$RGC;z- zm^8o%K3A!7@^KA?iIx~UGP8fU@8+JmGX8@&HPd|$+11;A^=kCDF4_7LaO*RCyu z^5_15RHgk&||kw^f40j>nUPU^B{ipbV?#;KsuL+ym6Kd43c8}YY1lxGZA*)0A=o=y| z3eB=O4WHhM=WNI%)94m=R7&uCiNwvRa*pcZs`k0w46%?RJCOZDnL>R21qiaP_YUJ*!vP zdZX2(5zk3LT;_`{iVK}tl@G2uyR>_G6{S^9m%xg~?9|*OtY}P+wUm1qCN5Zv$FLbH z#Kwf?6|inuSQsS1t6{yep~GvdpaZ`$4% zdo!z;P`a>X@xljJ8TwaUN*rnEVpzekHLrP1!V-x@G`>U56a$q&O|3+(hFx?*QAJTJ zTs4|NU#cb#mr$vSW42`g<@c%3YRlMU4KYJ^r)MNvU%wr?=odG&!zw}j$0$i7FBu1f zAlHPvhpnhGfBIgg6N#+r$ccTxyMp{7LH+l!toY#J(NK3}-%(HzACIy(iXZePY!1TD zS8(gYtTU%1T!{ZdKXN!RFKIwlQkp8WPL4`u@uQ%3V8y`5R4N`%b3IH!*}7c`N?B`N z^x}Q!x3YUPqwNK8lkK`@aWmuhx^A0pQYpkREC>p=A!broXej|Z=!J!x;J{auL;1dI zmbzv&7`}TKIs4b^2cv2cgJ#p?gArh4^opyV9r#q19l~!oI;C?(JnP^CL8z0TEcO+a zW#xIyM31wOLnJ4H$qF;Y{&=!Mo+>p4jll5%IHZo+GIXPY;s}Di4tQS=F|Hd;yebA^ z=cKo0*nOU?d@31{26(Y;P?6VxBRi>e6~a9c5d0|oGnEAOOEiZDMI`4UGnx{vN^DBE z`8$@?kgxv(;<(Oh^8O8Rfvj!%I*^sXCVP)TR(c!3)s3N=LWpzf^*|sl5R3eMio^lf z)+#mllXcwFjqK%>>owZ@C}nxqhl$T|0CyE-WpO@Rm$|zU2)IDTpgOEqzolM~5hWC3 zhRjj%6pDwN+`#DWg9krOJh^3kTG=#u( z+1QaGjZFk{-jkDO*9O*5Tb%`UzTHU@iRlMKJE%KR^j;v{^xm_lB(|mRgjyjE*3#^a z>MXroZJltHskZ`@-gWmXZ{MyC-G@ln@&J3UeRW7Dg_lG?H(Ej&fTfZoJu!U~{oq0s z{a`_;U?p9gdxhsCpaI|6Sr{RQJ&|V*-4D%`FO4sIyskqb__g3o`K7qnxdLRNYV75b zx!boYDX&IPT(~&mxUoal$rO`ftC<$#TLsx+fd{;+J)_C^K z5x%_+_J~2MTZBaXv(jOaQwGgRQ6&D^xprNj4RK=w%^4|>L|ua$Zb!`tz`pnV{JkT? z-#(nM{Bq~IX2r9`Jqr`e-7dA1I_9HYi=`NQ3#&v3bOws-B2AS_C4pa0A|KOJpr~10 zjG5wHQmaP+@eqYI5FKN)?uK*_q};=9G_y%tta~%@xV{*B41#Qr=36^B6;L;kw_R|& zG>Dgr$`)suCtP8%>#tv`#u>Sg^61!u6UqI_$&#P{_=h*A4$O-oeH^5T-p1*`Bx3eR zt;0KRe8f5pQToQ_pR)A#3P4xhuW7|sqpXS|GoL;O!4B-RQ=?6DlkJefav$_TXx&lSflC7bwr5o8zvyqZ@OCpF9R<5>f5-@T6^@G_l|pjyUJhR z&%W2zsK>t`)HzHRBT#Sa-xfa9+$=@{b6RFMDnr6T=LR&u`+y`HF8_5qr%=HVzAbEZ zb1ctN>tI*@A7EOk&7a&c@p%Y9{?cBfY>uVOa!|WYxkP?QvwCX{O`adl-^za>T^@9w zH0~A9eO%HSx$)d?dJ}gmrZ6I`4VNOa_J}SfOIGjd0=|dG?U`q=&bYk{$)zrL_l2%b zYMad!fOC;YQpt4a&zQtcG@4MOYLFRx5=~%SxEfSx{RI%*GjMfHEz0lB3V8+q>Fl^N@3B}`xg`>(~f5qn*$BIaIrz2JY-IIB-ZT@A-NEGJ9K@H z{ZeUAU_NqRleXl6fA+Ktq=Kk_WcPdU?m?6cy8lW`HrI(~4&YW(8at3S3}Lfy$o$>8 z2Fq8PS!W*w`PFj&1cORP8^pZp(N3`HEmm=)E^5?=uTQ%H?F%F z-#*&^CZdZ!`*pin`RvaEEjzdjN;EAP+jw0)idQ4zcUlBTA};jLjs9NK0u-wNoOvV7 zk20Dzy;)&;XU_NQ{RfH5H=VzGEt0Y}Y% zES|GX;H$5rNL8dLZlcPK;gnhQ!)$(2Hx3R`J4dpatqM`F?{3JDptY1c@kF_Gl*VMn zZdLmNZyUkTkCv~mCqVu%ln*IisjFS#z1{oj!h={FODR$!P96cI+2au;pQh>>UZ$Z&Mg(&VR7=!MfWZ_I<(lFI2~NC1?hCFp_lN%u zKl=by46D`Tn0Gh?#~uiic$geql>Ha9m;f)a&0@qJr{5~yuqE87+M*^TQU`uFG0^F# zu&+p=!X84&%03BX)2IGM;%6ls_cY`KC{N&{?>D3SXI zTL6I#n(xyK)rrM^PU7y^qRrPA_sk8!j0&cMKSyg{Lz5W!V{%O(nn0{d#9+b4pKu=MAPyZUi%t}~lF{lUz97r0)Oz%DeFQXwAa+DTnHq#}d3(iG-S`2#NWKDm>7#qA zZ@Kk_>MdQQCHv6UJid6vYnyFaSsUpVo`o0=5%$MYfFfJ4cd}==Ke`RLvDn7u=7*|H z5QfOc)6IR*ZiP-V-Mu%TlV=^aif0U7GNhg6)~PiPZ~CPyd(KB}0lM1= zj$Sy=4J6oVR_KdgG6q=4ytc!j72)UIzN!C48zsMN{AK&ymY@om?^aRN$bQPf}H_;awjj4wSfzp z^&D?YpgMQRdq~-kI$9lSL~#i&uJDu=^C_xo#ek%gciuo+bHe8q-HX!0IRf&JAdZhB;5*f6APf2!3Q z{nFCXt1#RMzy!V`nJWP3(A+vi2;k>bp%D~Bvo`o|31A_yDdK6cg9VMD>Va&2Y?xH@ z54s&3yBFO9aOn7T6jn^Ph~EzV_*N5R(1qnCqjFj4}ebHi_9Fk0aUV zc*Cj<_mbdOIS)aG6#wq;$hHAOMMf!*m6NdyD!K5q{awiyu(50%`RKyc zFPrsu^xb?I64Et0+WuO3%e}eIt~2847yP`K-{Y4m_~k<8NIB8pN-5ZCq0yP{7-h5* zv5-VLOC#>RiYqOY%pI)Z-#t3~S4Z;bsM`290H;CN6Iue9GdBIHY|9|OvGd(~#T3o_ z+~qCL7K^)WWS~j|((j~Qyn0PW)$cS54_>(DD1Du1yrguhj3iN7qLUj1LkhUCS!JZA znXS@7jX#S|#Cq`NfJJb{{K-{YKFL2`Br-wL)@tcjwt6}fl+p4YpPvO)@IN3p@ z2VRu$)a`MrJzN8p zmQr^nh+v5xTerS0@|Y^QeKbCV1pp< zu{gF3S9qxn=V#41Zb0zFVzI?eWsk2C(AWY_%%NaF#+gQ0@BZr_C0faOBI)>XEAwb?q)Q|)@*)!w|B-t%iSxz<><7? z>~y#QZk|O7ComZpHonFF`YDjUE)LJvLD-ssF~Iyptogno>0jfQ6upD`(0UX~=&wfF z5AIfWGfcypfE8uaL(X*@t%Wj_v{*6tQj%7j=j@Nf!MK^DqxEwQGZQ_@SsV{hI*PRf z%%>n0H=ksvh#rIG*zruH-z0X@F(&@jOcvg?+WByB%9rd4pOE!YcYlm@JbLtUG^J!o z`y1u;M@IZ(W?m;}4Yc;V{{xHng9L@d%?VK0#B>glBhbQJ@-5i=-5 z2|L9O#6_`o@>X$Avdhd{7C?gaBq}l@mD9>}>=_DSpnTKrkT>=+71c%*!mdMx-9#GT zgPVXv!GISP)_}}Pb_ZkN<0YONaWxsFQIJO^vqDktJ{o z`X)?Nb1a<}FG6AwJ1vtcEilB+%-}T*%RfEqtPSzGcXW2>(?>XpgBu#gn;M~GJHJ1u zA$oLjw7zz*#%j$;cVrxExK#43`(})dRna=^vA0YStR_k{T?DI~5nQ!}DdP8-n}*Vl z*E<=yhNq?m97!?#0b>v!MiuSzID1x+7;fn)P!A(vSXM?Fb(-CI>5xZMZ*p5b&fnXJ ziRjYZuJnj*XNh@8@0u4+b{!4;N7MWb>DlB0=F=0x@sX7g!>Fh=Ue9>K!^r6@BGNfz zC|ZcoRT!5rH~3c*Uw?lB*Uz*UxW~=*HNoW$djkV~E=V3T;EJP;w?e)`DC_Bk0O`bX z5ir{s(BWFP9qffDte4kl*_Mie_535>|08%XwdBp46>!idyE}$Ubm5$hPJaDd|3~P4 zm{GrD+G<_XOengOwr+C}hqlf7Mm!B8ib7-RyEjY_p_E?M4X4=acrSBC`#*xywJkbK zzs&?noVSlNx_g9clmqv%$=*@TF38gjOJ&qTYhmXQnVtLh#0^HJWMT$J9LFo}9zy1O z;YfoYx6{ur@W&g({+!h>VJCU~U+R*^5SDies5R2KZU7BsHBJeP!>6HjMWFm7_+HhJ z45FQIc9XSK41V2yynXg#$oARE;Y~oWhs!Ev?;QE4kYbsD66K2T2mr#?xF5^ll3a-p zCn9>0c08KSUvTZ3rk0lHAV0YA$m|gGuxcqOCHpq5eX}BDeRTEgk&k`-TPmzZG4`k{ z*A^!1HCpQAMk-o&2z5m!{oFb!*GwzA797<-zo&`#c|ia!Q^P6MkP3|3`e63Zzz9Z= zScU47`bMcFYb^Vegg7S#6?O`OVSm~?HcW?SOjZK_ijE42*l4#2xrFVXSu-NK8$0(N z^Y#HS-}rkx4~=Zhjem>eNsD2Z{*eYMf5!K>7obsRqp2u}iw{MS~{E>KXcJw(+C#h*3@hI>@;#Yyt z(|;Z>Nn$O)V)2I=DnWLlsI^yZ$Bs;medsp~0hx1V;Ng=|xMt3@cNSi?C6NxH;Iu!FmH#roZtw>4PNEg)`u)sEjeq zC|+-uKt-^ZqtYxWmNk`gq_w~vqtBoVCzVlAn<(R#o#(t%O&TsQD54Th&CIJlorKsF{ZaHOVgz4_YQnO4W-=dt`7V zZ!1t!A|`&ubtFhXTr2tK(>Fab6gxTj=3^#LD1lc#T`G5c=Xj@Qrfc_S{-0H<2kxg% zmf%(QkD zfqsnXN+)7%a%d+4{9g1i%2@*6=p&(_M=Ixje4GVsbQb(f^>f2>GvkBGrix>dO&LGn zwwY9`PvM%TU)FyK$7$nVp=8uE^hr19P?bv%#2eaF-1 zD)6@IC+5lTw@qcamyHseZEgBRF^qi)-RIMu+kD1osoZjs=Bio}i7CvL3V!Tp(7vcWQxmni5!)eZgEIL|Seri; zz*-P?zU@vq^A(D>hq#>FFXwLkM*Ar%OF|1Tr`E$d%KeM`n8n5v9y%B%D|Ln9yK*J& zN#?Gc%phbZroSD`Up>lkM}~)T<+pG6#-M28uoswluvFzaZq8&bO%-D>=o>XR7Ro7V zJ;{989BS~ce>85Y5_|=7+v8%!zdaZnT(Tr8Q9LnfN<2}#@rAFEwjBqRNtalOOGar( z(>HsFtXhpmFG|}3y}q-+Kfm~vXCWy?FB`&A#*%iHIM~dE9)7ran_5AJH{RVIV@N9D zks;ldq*dR=J4;ApWZ}w)OI&ZaM~{B_`f^WaXT8_+`VSxWk2k+L{NiXH$MPEKce=?7 z!?sV>-S&;9p92@idf062cfRs=rGDWp$6q0<*3&3?sqa!#5F9gCVm32l7B}%@%CM{9 z$n4JpO_@m-k1xwwO-N7J@SJ`a6Y_CDi@q5I@anQvC zO`B3NcqI4<%a$~&v)JV_pCwMbBJ3x5JMOpGi|r>h`AgPW(&Pv&IOM$T^-Et z_kUJ=$TNVaiqhX=WPxetSQ(L0oHDFDP6^|9+<@+|SHOzy=#J$)!!b7Q<|;uHpRsh0 zS9=cgyhXQKdT1QQ(;YD5=PI^0#tcFFMNAzX|Fpk$%70%;?|MfD`3-V6@o?swA+Ffa zGTvvNC;N5UAqo6mx<_Fp%I`p!<5{(pI@jz2$}_w-T54WlZ1#{jqwyqg>zRR|;JKfl zpLNAfd`cYTHypV!^}6U-rY$MptW+9Y$pew3l5LErx4xfrgD%LQ?bqD%ib4L&*wm~*5L*%Pc2IdNGU10_vCGj{qPQ5>@D;N87x62f zz)dqruO91@Jc`nZ1yHO)ZEv%l%6_|mm!o834mLZm&v}#mcCnnKq`0d7s@z>DdTH}6 zx~ez5B^}Q1GTx+3f3;J_Fx}xgL4khzc%GDkv&0%>m6fzqhIZjaZ<63dn4^*0Ugxxj ztmF69rc+J8izS788?Wr_^iq&tdu9L_t4(-Ja z^_4DXcByxC@F#ve%e^-zz1OD`yj7cRFAJ+SzrT zk}QT|uco2)QQ%u05&FGzP?-;RY$l$b8XOYtHA!k*w_>?()GP29h-!4&b%LY18pIkFHQO*tnC}l&NflDn z=o{T3T{YR7&RR@7hXL zHSy{+1LXr&&}RkphPvkmO=De!SV<)BVdsbx9vZ~5@Wp9py2HbZ|2bCGU1|2#Z2kIy z(Xpt;(^KMeGiLA`!A3tMcA1StHNFT~-@90|NN~i{>P8V;&e<1EMZngD7dJ|wGAZ#Q z_lx142a;@74s={_9gi4hOPUGAPe+Q2CFRNPCEuzf`%%5k9a&|(XBdVmQ3AV%eUlsJ zf1qvetv8NuEWTaQ%Qm2wk+)!Z-hxGS%fP^Fq2On=7wVsp#kaL}MgGs|4lNjK|3k%6 zdz~fr@YYvVe;4Dtk#}6HdhOVHqF{Dtw5)d1`QVVj{Tl`kN7R2%^XlB#bAW!#R}AhD zHr^Ddt?O-Nx}XEUwXD*)${o9p;7(lW*n%BqJ!EHL%WtLagKHZoPT@k#tjgQHXJ1d# zAb%QBD`x>S*LTHCml7{sETxHL4Rh_8t#=Aup)m{&SvG;!C5rG(P=ThTN{ z>uinGn0Osbt(sk09o@mR{LLMnHgB7pXDw+9c1?~}9_JxackHC-4&U@3hKsq_K-R(T z)oCyNv4Uhuxh@C4x609PBOK=6Xc-k1(SNkIzVoYT$2*;Mr=`L1rc0PmKFlcb?uR4=0Zst)5Hjj>Cq&)bL*qzkN)loTI1Nibxr2J*8BCQI+7(i@(1@d6Ae>8-99 zS-A6xqFI8$ZozSYsT>WfV|tTcb+4Ad>!_kRDs&HbBUSJJkFRe5hdOWnM${ZqGvk=V z%$RW|D}=<=09wQy{+wJbU}1#-IgHy;{+~i0d0(8*lqqn zA^$sq!MSCja0CHmzP>qC0&SCb*4~ZNUEiaO1_NTu=s5<8P5UA=;`RcWRg&lu?%t$e|R>`0U3V z!;+8!XcC5-BO{R}!v(|f3(0RByS?+^jP&uR!STTpac|Qb-KSqiVLttR*VG>HQ0Ch7 zj-U0ZAVeB}3tm1$;rM`mqjJr1!+8N5v9c#Z;>Y^f=iWbu zC7d7r=gV_<0mIbaxa@39V1iuPWCO~O@1mqY@lQ;%5^(7>w1Jd?PI?z>rIT4Dl!Si- zHL|A@$~qSSWgd;K`nc@V@~KasmM=TlaZOg}Ju8ejdq0~L``Y1^k1A7^_FR1*8TqRc zjL|qEdJT(?LK`D*j~9|Pcwipe5%_66&`x)n>nmp`JC(Hv5BZ6V#V7~o_@Fg-4+M9e zcN>S$+4ZZl>Pil8lgtU!d#ptve%PKYxVA<5SWK(IO438YX{;GvMq%L80r>%}9-wc` zRSR?;Z|BC#s0+Zv(7OM{vQ>S*h4347Q3h^kLSBjULMxMo{r=<7Z40kI28YhLhUOa- z%djlUeUbepY>U&C10P^M=tcL$v%`?}Ac*00zJFiY)C2{X1J*;kX9LyB;K`wnDc(y= zq@m?&()C}=&0Tv6gA=+_GbtT#Tc>nC9fb=FKeMD`+l6Nn%a_b@_Sov2%66@4*i^C9 zNA-I7|M>c zZe9K`GVBt5496c#q9C$3YJI!uTd=KqQ^B;zG7>T)0?Fri;8IJ=<=L++c9n8qo z0TkK6`-^k$480$^0mw^Q&tjwrQb8*okl57=dkS*`TdTp2B0j`rv5b9G)mI4{O@)H` z3$0h@?~ef^yal7HQy};W6Y2DgFY4sb^-J8Dwr3RNRWb~#K$Mx0XvVl5MvQ-- z`LlZ9EEVXAm3F#&IVZj?j{AA8>*?iZ&*F!lJzHn{Xq^M-o35wV08dOeo%Ynf&t&>N zGBU;BOdgf~k;+RY_$yE(L4;j?95+b!i4@?vo{m{7nEMk%%DkV*xbtd}mMOy_BF{FD z&?JOg)5phFJUIA=bT1!XlEw3L&?b6_b=Dy-FXV+-B%(_7f$_!V4!g#f4pgWQx(_mU z(|41bY3${B1Apa1DDU}kjAHgERjB_(28CfmTP|-|{p;$uZAWKf4=r5rZ~6tE-)X6^ zNcj#ZN{>%kY;Q{kHux8ybo8+o0VMm=<*+A26{a3HBQ9M%3J&1rZ_@em)tUFFFX(7c zSR_NrfGU5Jpl_OvHiSVMREtZE5~I}f-w9{bZ)VY|D{gZw*T0?wIMLSD`LsAG>F9(E zlILK8YHqIDW_)UKM^cw_e2^D2ztOTNxxm`6S?;2tVfAmA92!l_FN;O1%;l1ABl)mi z?xumCFYP6|1Yy|{dWAD2s|xi%=5Fe3MO0ksVH=42*5=5{{ z5#{V`CqUTMXmU;h&d}B``C7PTvDaDge#^&Bwx2&ku6#Q8qlNazB{PRobdSQEL)ToX zleThq*S&CC?erVMh)PpZuU zJAUYz?2bSF{pr)k2cNzfkG=dCQlCjBWEg@M_D^VKR~+)37AJyZE%JjeyVM<`)nmt$in@vc4WCU0g>p!4iTK6v(I~dAmY-EZ~4hVeE zD3W3wmkyj;3GIOstC^*Ti_aymDbvRp%iG~WWUp=> zq@6FbR8cT=btje;N=G+)&wqq9{txfQ&wj{!1`OxR$69v^Zy}}1lZX_F4l0ZhCC?HW zfcK@Q2D`G+Yb4rKw58q}w7h`t5}D=GWN6R3o$cc#6 zPb#JO(-9w!Gy0?ff8qdCTld0e%y7*>enN+V5m;}b(u=7zm;yU!Z_kL@OF>|ivh-vF zrM-rGEQDNWphhYrAxk_#avH_B(HyhDLYfrS_oO2#WCH@uZuPK>t!u8TR?KGch)M>y zXJZBwf2k=IxO;&&WMLfWxbOU6(8!cAemY?QlEM`4yNMLFU?Pp*8o&Rh=*$OO@He^; zy_*MEQ7br(-(?Y|aRuipcctW#s1c63BAp6pq^@Ddw=`l$*ujBnW}eskkMD#J=RfV4 z|MFpbJk)RY%)fmDDZ`5-4iQiCaJy-!&1e)ypRqARQISQb{((0} zLqwkc>#Xo*tV7YKvuXMxg0p_iu6S< ztc1Qh9g1=l6%pP2Nc#z?IMt;QXavj9*r#|A_O5=*)*X)P%XaYb_++g)tkUkdlq zsUQ*Lg46r>>pX4DLntN3>bz|?_GS%kWR7_d7X${J^fA>)dfSTjR+*W%?X66^U%J#9 zcd0n;^5rMv!umI|7(4qoi|{W%dY-f>`A0ZezziH@YZ+^RY~AG})5ev^18luDKPt5+ z3s?CkDtqVI=kLYk2J!F|!|a8U`RV)KPG2RD~8%hTH=lvCREBIO{8xrp)HQ3wO}*UOX$2 zT;p`E&GS6_{9fC$Fqg@3kZfr8_4QzbU8JqPa&|2s8aPb z1{J6UErC*sqtiiJtKc_mjD#D;s7CZ8i=_mK1hYnx*s$Y$srU|9ORBx#scUicd+x~0 zQJ2Uv{k3YlSz7Y#Sq-dy6jtCS(_|H7q)CJhc9S`Kg@j(83?#p_FxNtFGpIT7dpbBM zk4r5w4=;{cDMLpyyNztDa8QGRvJS2Sp`0%6An@7YsP7+ytjw`nR^}K5$`SRAa-!{RSuc|q!zkH6f7TsRPr96JhJkAQ~-GY12&yeB$jV#MX0?|=c~h$d*t`*R}dlNB+HhI%c0}gpD9*Sg@}6a80q2FP#h{45S>hjF}145 zrB$QQxF0IWL8_|SMm1_aBKVp`i_Z$h;a2d*`+ae&y;(|^??l71iAncz_{mq3(=#(O z9dIpdwU#E&O1O}Qy36nFcPRF96W)XDlYO5b5v;#cPM(zTXjGNw+O1&13wk8?o17mS zN-q==q5^INQjp5$`a++<3OdbPW4v?WF6hMt)4ULsm<@nKej;n|V{OTbq02x6Zx%)& zIaw+aXQ5lQH~_3G5Vf~@@T9UchY7nxKLCN$Ubqn6HYT_APV0MMtw|xyFS7;(h>viv zi@0F0hW8wh4?fMMl893-|B&hL^^@Q2fVtWuf zD7`^7A8mci2ii~l+^1QS;y@pCC*+nvl9 zB%Tk0pkQ1=8Qv;kv>_pG?6J}WrW`4Rg&=7$lmR-lMSZEjnHdf!pbRx~%3ybzk5^Us zy-+LdjaB!>6+p8)x}a%wVrt3kwbF+RWN|tP8aXsGr@^$b(Db??91XS7Nr&1&EXyxB zhHb=5JENz0)5XCrs5&8s?t(VXD)1M`F|!dwk4|@e;qnYyG;r4fOGGTATz6J zZJt3Z+M6H)jEEiR;XTT{f7NY8N1a3ii5PF3g=6Y3V`K|+vd`Ly! zHs-hWR#H8%46_hWFCotCRw`1^tfM32pm4(m^@mRmFIf;Y;|tpQK~w#kqBkSYt_~l0 zeB{@TZ#HZT4(7S-HvD5Iwl+Z4m#~1~C@l~iMUgA$>q$C5la_I*qQFo+F!et3OON~f z*Ub61y732QPPN9*oq`$SH}w~&N}H{NU(3l6<(Mwc{ze!xPkN%77HK%3j9`wjwsU>S zAAG3<<+e4)Z)PbH=svzM>5VeX@ez6;5$G~MeK^&iZrq+rLLIa>PR}0QW1$IJ=Us)< zpYRz-xK>)3OS-PfaM@ibhJ&90zw$@h73nIs8nrWxpT}tRGD;0A`Vg>JylIn zjnA^h(^0qzfg%ovvxDw$Pg_0oT5`7{7!-s^OBK-*b>eM&AZ`3CS1-m0jx{hHl)SXg zLJx~wThR;#WD&8Y!3N9?IH50vwY=nEl}2X?rqQ>t5S%4j@(IDe>u17psGZqCaQVbo+&JA&Q*OW+$j7@hWBD1-w&Zoa59p^0o&dM z+_P_D2V+=9_;)@s+GhIa*Za`%c5A3)Zg#cP?2zvK!`@GU&Xgk28ACd;G=?G>$K-I? zwj0d#!kAG<6e(rUxN&lTPOUD)OI2$q1D*+~;84Lgcf!qxvpW^2`JVa^Skqe(miZ@B z$|d1e#h&_Il7{Uomfk2A?{`?SEI9=TCiHUWgZ*~&Lj3+mE0?(oBkaCoL6K+G{g^Z( zG~uGf*jvcG^L1fE$y}doI;FRwP{aK_eehJQ`17sy-W|Vcsq!N%x@j2e< ztQkE}t>3hetfP>`ZJYr-o$KCy^x$ljlVkkVt^Dj!RaIAcw7eRQjw(S( z#(_>ibk9@P^s`muc@%&DU4l~oM4UpZc2*R;JVuD*=o|Bqd>;?;@4o2lGCv0Te#F@q zRvi0$*;EDBswn$@qqZ_6l%p5cYGy+E26&yA(EWID_8Qkp6NYFPXk`khB?ox@u$*aE zboMvTO@VaG35-vIy6Zh7Q+rpAQVrUL=q$jg9rK5h#2E#&-zEYg^X7~=@_u*{u?7A- zG*p}iYO_p97T|WfIF@svN;YUZoZv5Y6V)@I;2Q}A3U(_Ifph`|+ghR`RDnRc9`Xnz znL69JD8y`%kb?`Fp#?~03s^G{&IhWE30 zSkAF_9WQ$)#t@T5N$5vOQU^p&@WzreKEjn?)9f<*u^KH8cX)%b<>qQ=TLhX1hWnZt z+{M6ZCES@9XV%%B`GOzq%z)X1+nV1Rjb&%tD1XZ7d^k2a)AjVnzOm(C;DLj8G~Pl} z`QYr)cw0^H8^RcSolF@QvZvxVoi)AXSuQ)u{>HuVhGZhqnuPF65jkghc(67@lb(k* za5;}NhKxq2p$>D^aqU@LlNc8igntdB@0MKZX0!>Q;ehB(j{>N@ zHRR>IVXvT!Xg8PL#&DEfNTwc;x9gX9qLd-nczz3dEio<#ijon?H(4sPo|>$rz-`aVSYB`e3nUH<^Y9 zE?%B_QZn}uo{9#Ajnu4wsz-j)ls zRsAZ49-2&{`NKH}>yHTIQ-L@IOK-au3^c^e3XV49ZcFXV<;!PevDIGYR=#b%VS&KE z0|LKny5nf4Q{Kt$`w=(F-!(XCesbTL-?)?+>;c9pUuHgA5EQCW&Uj}ZUo^S}$(KWS z3*<024PZPMB{}()nW`yDM{}A8SA95}MEhLSak-QazzhxIwuS>us}CI8D{L1~hf1@>SY@g!{lAc3SnLUBXJdS+F}9lsm(pT-A2?2c<4 zf@}iVsN_cuCsDM0dkGO{)Y}H9^%q(?Tx^ITI6nKEFJ-9`sUSH6#tJAR9m|qbfE-k$ zuj(JMewI7qqDCgioaSDcPea>rHyy{p~QAG28bdMb6L(# z?&3@|#O?1}xitCtz0f}0*AuI>U$0uaxExFYoy?T-oBP43z7=8UK~OQXce|@a$I<3Q=yrz7!RYTiQ>M z(UJ_&Vq{W$F+m#|ueP99s@qR(I8WRQOBT?nm4;`@0o%U5x~_Y4>T>+mndupsLlgh? ziH3K5Esb^28H7bYA1BISCN#*$B;RI^lo?{>v(~^ud{ZRXl$WE3;4;vLNP;Q#HdUUS z4(kZfI1QF_JB6tDD(!LIxm^K2+SEcuDRt6>4D>G4R!etsiOee7KQOU8rR!a_)1S-T zy57ZF*4BzcEsH_N1`GT!$A0x%Wwzs@61mhBi%KPW&{65B@(M^hl3Y!p$&onDxpX;F zY6uC9rSGSe;dPq0t0H(UVpoWEI&;H$6`Kveq#dTWsenvqWMt%q{$C2?-g5$tK=5dOUSI9YbS>r|mm zu4ZEtJDvj4OEue#z|P%KhO0g>cm2b&uPct4cUZtPP& zR?(|1|2iUz?8iEe^!aGXC#EId3`qoImS_rP9T#QLGRa!G**ry3A)cs>Eg@C`kh<-^ zEz*a8-w@eLErT(qDVN>YlB+$Dl25V&+b7s7a)rSEk^(Et8ddo-2AK&Vgz=>4q!9J< z6ay)S!_0+I+*3UPQWk_;ViWo^M;S&_FmS{l3SbROXS8hMqPaqi-DoDcA$^Cse7AMa z)AffgcE&eMy?XohkGF5XJoPx_tx$t+Mxm9V+oEExi6rv9T!`pbi4D~`W!j`~jwLx-&dIayM7|-*>FhoUO9!;^bDucx$(!v6_3XD)3 zZCMmpQ~Rrq_ln%kj^?NZ zGY8cNiLLnEtU>kj)S~S+q{E3gc1($=Aat`*sL^Z3XIBqQy@u3sZLYTK;gXc?>xYI` zcT^o4K(Q5Nja4e6b*m4jMdw5xAFge%YgCee6N;?Eti%n%|LB(JXWm9k(ILHB2(l?J zna!u&x&KtS9cG~8=V#!h(yqApnW3Q$jk}v3>Q|QGdi}J}m-P_0Huswc`VWK*$f1>Y zlFFzfVk&srcnecxQ~yovAMcTI)k)+5i=u!4>)I#?8Q0>~)ROXR`|VGsCkr8*6VKu` zmnA=!m4v63bip!dTdi~hA=A3Z)8Kw2`@ufXqF=qXE@{aoqjp@(?jKXbDv`o{BX}zP zj09phL6FdhBSH-#J1__*qSKhR2GEvjM{m2_fYWK}6Pys)#jNCPlq?RtRnfEwNr<&C za(BMu`b!3_ZF8e?OyFllJJKm6w+3Qu#S%7vqQlLy`ebFuE>Ed>IJy; z0JwDi3oajJH^_62H2Srf4znIr^tG>TOfyYQ%|qO17@O(?eg|jZ)o0+0@t^0f#!uai zKiodA!01cGiHxYXd0XKSJ<`cn;a|qc=L>r?a2tXIO;RuzN&PTv%CDr{ya-|ygHd4S zHDxOj{!PY`uF=cS=X;%lRB*a?A#=+TG}wsVZugn-eS5%0g#VY}GlQh{CIpag~IUzrAhR&dGaPiSn08|uR?1QGfghE0NuMf4CV@|Wx zYnCE~m{Yt4N|op*6?4HIY!sy0H^Sa!0>d#@Hqz8iWUPQQU)lBWvRs69T$mvcNj$)87BfL!D!x3Ok$6cx-&{1 z;hM^eLTpW%6{Tmm+eGCWfx($o*^CtJKcv2N&i( zcRL-PFPVUsrA|N7zB-;mC#xci4d$5TWK*#6lYC!>Dog762z&^w&mjJ#NGT>67&;Il zMU)2zs=A7b6th(ILkh?24V5DE0w<$wJo4^9H22$Trgsa0d+2y&WMnuV{WB9>@lYGB z%$X!kr;}#JjdX}-zL!1#p3Uh8O{3B52LVOD4KPuD&DlF}1AYgu_nTA(fh}*R?!)I% zV1N!q@eM|$0^5+Bfend;IQZM8<8-PT5~H`-s`qA@@S?TLyg41W{mP@E`1WrB zmVB5!wIEsg$n}cycJ8BfX2S{5r=ydGTN_9VNEZyzEeNgTI=9tBber&HRE-{L4BZ8l zu6WJvmDc{buU}x4`trp5?3=h}vmaVJzg$>d>_Ey=#khp>-V*70Avm3r3Adqxx{2;V zvtQ>dHEj>f!-gSaOt2s9>`bf#G$esSsu8NTsH%CON@JK?*PIRv2zbb}uD$VG%(W#jOi{(I24zc$h<2pZ+#iP(@8gwQH#ogUP!`q=Zp!~`-;wa^_z5n zW??IwaXn!b{UhEvf@(#kP)s4Cs**hyktS-ZD*sMaii%fHE+YtNnvGF{6#!e9_y%)?{6z@`aFB%Hi`E8GukCwtQ2#+(8pOTqR;RWgHe3+-Ss{5&?P%N2FBFv6W#dvA$S+H zkAX3ZfKS?kb4zp)NjBxB0DCS`*WxJU3s0jSX7wibB%1crP=+Cspwbfx@jhDUy*EP$ z45G2RB1IXOGsYXW+86L(-?;%e&=x=~%HPS(E_f%hC>sbLM?cb3?gqYLvl7HUd;;2c z&fY(FGupoBB$WBHQIwip0b8rQPbu)BmZR^3IV(FA{Gh&a{NNp5ijEQmj%SnaQAv{g1 zA7l2o0!Ry+Jhjn&q$dovD;X8)0o@M#lQ^X2=&EzPq3JMa=BAF>*;9uuT(x)Df8_Jw ziOLQGTBO!rv2OXEJ7&~v+{d@%VW&utmxX_e6&tdtEY_x}>2f5rk7=cBK`}hHTiewY z_w4A0E_ie8#ohRW@2+psLK9P)fyWGKc*!__gG%;KjqGqpC3ZIpL-dAIV{Kf_F)NAn zIQ|-ioAfhe4>Z=&AYHDE8YVW_80Hz)^sCp#T}_W;ZGhbcJd{;xWZVsYtmB;w?eicQ zyYG)iJ7`YLwVtrWLR@!A?zIE%*quF#EO!G-cDx^u7( z?FtNUZC2Q)=vtw6X>|zj4`4ea;%1D2XkWHnJF(8)ex1uk5t=Gt(dBYZV@D8PLbE{5 zn8&j>>_0~$`g3ef**Bd7qXQ1HL-Flhlc832_OEo0IB2EcfHWhc(@EvPrw24Mt02W& zG%R`d-}UnpdWjQgR5 zO7a65I0T1uIL(x|m2AReJk?>>oT`yLJxzQVuA%W3u+;t?Za3CvM{J_$E`hyXl#%YSATnH{oC*YR1rjNlOz z7g)&N?B3tu6A%1bn)hNECc|4Hw>aiQW6wf12lFY8!!+lc)HEv!em0iJgN!z{y)lNyR?yxC&CT8TJ&9%VNXpUOje_I^d$7!KhYB(N;1{qVM+fVr)Qp z#JJgJS!jSUL~+LZA_-0^?NGtt^3i!nE ztiZ&C!t&Tb5HpupGOwv^&Eo=Y%U>MiKjSKV;GaRondY9UI9E$Kbm-8YXIE#PoW71d zdAMD7Zu*u%CC*dTZo?&mLR9+OydGE1&yB>Dq@r$*UIA87Hhy`s4?}Ws0lnl4ex74Z zv2Vb>t(8FMdZE$_YR_B0d^FTT^J5CMK{yn9LZ-O!BS7WZreJHG45-ELw>>{r!P>g{ zLEX7meTLa&B}}&8!Lxaa4aZ7L2?UtGFyt$eiF+-pU};^hg@%1C43p^B@}B6Kz=kmg zznInZs=d#E*?I1Ec3ktmRFnwn_gJ$?V5%fV9OOn#nIkVDW|z!|^IkXnNA8`uaP{Dk zx6|KEivPI#sI~h4;9MJp2m<;ve$ZfV83-_7;LAkGyxuo(mU^>pg(~Ib@{we}G*-ao zfB>g>*aRIv4QuJXJnVehF$441N8VLvY9%5njq5oiE0LZa0wnY29(4P2DQ9g)1EM< z4ns!Wpg2x#PllKl>J`D8!zUb&hGmbLoUkvS?py{(8D;`6Y}3`z)^YsXl~|B)hDFxM zN@2agEbEZkxF@RT7o?VV8TC(0tH790#ug2sYsCRlvKs6g9q=0%*tfoRtjfC+oaLia zB@^?L6F`e+flz$WSii_wFRUjQ;WgkKH^t-*7scuG$eE3nuWaC# znhxODO~2}--*_$ocjwNo2V9GT^B+>CoQ`OMpDfvLp$R7E$GPX-&@BZ`fHK*peOJF} zKwYmUs&w-~?}Of~(aGkZw6t)ogi!8J;zM)I{OGQ(Y zOrDk9e;oWC4YKw$0s5uw1ohZ3@h^(m)=ZN^L1jV+5w37m#oms$D`0Ev!htMqxV1nA zz`BHy%D>WM#Do#a`5Vu*m;P(yuU-J)yavN37u=oJ26W>pNuR=D&5M5rbs2`ij4Pdr2k}74}LJ% z#hEu`bt|oSTl?vEBQQmxvq~AR2KIkwdL=lCOC&`S&n92qnl0zLg=WVsPo*A|lE(Ovz8l8)?VGhCu z=pg6wP-)#u+M>}bc!M&G)Ax{X_tZ&<&0Pp-))Sng>o4Aqf@NOtm-ItShS`r!%FxCv9}7+pcga6d^xR20?w6)6JQ(=E@96A{3(tRJAdN8rv5^RF7Y{_zsZs?ATv;mIn3kB!a|P zk_XDs6y^ap1Y-;YhTX7di3T#>R||bp&9eObt8?eW_N~|Uc0Bxbzm?|F?&sISKYo~* za_XG_^4vGxK_}Dg`J8X({6#0Nj4|VySCKZgyPD1|V;}t8`2qr+a1BR9twfYLGxF8R7c47(Z{0~+a~C0>X{46w(DMT{LYeOcCP$4Yymj^Zp16B*i`tq*=yIn2f9lgk2=`fzk-n6<9>t@JKgz_ZYUsWF1sOoMS3(0BjVHr78-xlj{2bg6a08lRM0lSux?X$}c!3Tx!7$Ud}op#Zl|MFFlhTQd0VY6JNMKIGh{ zQPz|TB@|dcAMCu-T+xSxuNkZOpX(nq;*WfI=>%2(J23wKsxA{_hnQA%8@)R3mm&ebfe3k0 zvJL5Fi_&|PVzO8p2*kweex7w<2Yx^FerA5|P29xXm+>bL<3D#zz?|J~1tY&S910Xi zFb>7%#=}Z0krC;zy0i>BDv#Y3Yti-UpjoepLpG2$g8dULOT?Zi4@(U`56NYj6l!Rp z6_v8w6t0msGhDY;o;xRw9@I^TWBC^5@Syot^0vDKW(2x*ovzH=>STu9f6TSef~a>% zq5~JXYT-|OWR0q&kn4Cer8|w*?r6}7i9AO@a&t`XE01wm6UV@T~Sq8WwpcCMT@)_jY3Zum_qX@ zssww0At7WbeQEB43{U{|$r*A#ze!dog%M%raHbxI3CR=H696@BRZXvRGAng#GY9$Jwk4o72=` zD=cN8Mo3Icpc4wq@c?ZKFyc*A4(7w=4;Z)gZKD+GnIL04tVj)fHe2y3Fa^Kx1eIKH zg>!L%@T7o_-GS^-z@ahTKIB8FGioil1ZVE2E~*kwhEf;8yBS@w`tb?~?;26>e}wnH zG>=Pk0;2RnyK?U)&ME*lYRm;ukvNxE%iDro;F^*vePH<}aaYqp5NJsi+8MB;i*_-` zXJb_4w$6i-Q=lR*LkIrUh56~}$x|Kltq)ueRvO|?fCsKDtY)@3mEpC@lA<@X{g9Ph z2iq9&yItf*hu8iyv-y)k91Eg88fS{ZBX12^V?aP=2>@ z-G&7P82}2h5l}wrFO-*uy(J)rI#5NYv13_S=~8??mSk9|+EDz!|H|QuQ?Lki^zxq0 z15;1dcFw+uUq2drCz4^Lek`^6b`97M9hh_&pOox1SgAe^i`mYHdeQ8sJmpEwy~34P zoVv6y;e7pj;f12tTHmX+FivW=nC3(!Wota?G>uC-pK)R;t|# zo&dU0bzDDs+n>WBL75@MuxjWU#todgF3>vXF#kV~_r%XUn|OL;cDA!~_I}Cy+tM;0-o}Dl~`vYQ!hgUton(0=sG}tR2%z_GE zDv}(Lzy|Sxty!_u0QT-%=_u<9GiT@KXXasB(xgrAqBoZg#S_hfwWTO8`ywW5he2)% z<;Z;8-r|voOZvTQjve$?lk?SvE+`bgF{*xQ<%Co8>*zhYI;&Q#(s?ufdg9Hv&baR6 z!C4Bw0u$75|Kg_Cd0N?L@@Nfiuoqh~A{7M-IxYBel5zx}b(%8F%=4*M;%C7|57BDg zZ3Y_})0(IcF?#)|hl0J*UXfgvv)uXmXL_43@Anb4grvAN(rsZo|1X&BZsc@aHyabnL` ziKZ{qem+jIEQ??XdQ zc8+#->t){@*T1Pc6O?QJ3oEt1CMV;OTm;46noPuK(z$XdoFlZNolGsv%HrxH>rg_} z2KfrSW0u=zo?sn65N1WbiWzywm-aM^TBPG5YT4Nk5=Tp7V`;Wxb%_2*&jE??PD86u zHjo8gvpKpRAE5}j$UC3`}Y(n`G;Ujv=HM3i1(8 z%srXvEOnQc#Xl}5$@}(6iu`wsOur@@Yz>A2?@untz*E>3l7Zn$4m%QFR(E(4Iy*WK~ddrZ^i&(N`-Q~+$F0WhSo>DdI zs8n&zcwfz6@T+XU>YCCYbI!5kusay_=X|t@w9kgLgg(9p!rg|7Q#p%Y46#XkdxCf$ zmOwn1E)?&S?Q2r{!Z@pTLzs{JOKJ>@OnNqoehW43M=3`jKS(hvFsD#G(ccc=d5j+Y za}I&NL5I)P!B&53XKAMPL{r>x{Q?OBTyVKVXCD5u=J5oe0WBAgzC{>(Dg!o|f z=;54*#f9w&~g9%{ipBV{j2k#-Y@o*L20S#W^9%s^WUk=a|5_KXZl9G z$Nu|Knn$XL)o0A`OLQD5ORy0d^B2frXQ9o}I%`aXK+&Lfkx z<0o1mfH&Errmz8LC5keTjm;jc5Ltzmh2le>if)Hq6HSUtMYE_)f@2osbj20uCiGra zb}L2&YyATAg+Y_2S~L1GF#hN-??+DoKh*^`KBF7|b-eTF)KH}tGaxH9ZNNW`+(;`^ zk1U&vs_LIE>{$W*uQ2%7j=Ykpbs$Z#{|5K5n9W_eSr%d-qN(z9$y< zUb{9Fw{l{wWAvUkFdeP)S~q&n#Q5$B?bo`WW@i1t;M!4@UAd#GR85{`L{~7BJr95$ zY@@BfEJEWJ6Wl8B$)OZavZpCc(|fnZxR;ygOwTHq^NKt&CvD`q$7Feuhh4Pf^Vx01 zOVMQ{jsnO2X1+ynh=~=fL4xg1AE?XS*o?6&Z^x)evV%TH`+(wq<-v(x9>OLZ+3nS4 z@L={CZf~V^mIXD~Dp)bUgzFue^{h(w+nb7J)cmpX*o3 z3JCD<@aUX*vS&Lqo;v}#0SENC@I|G6&GZppBaC5UTF)66dFBmXC{As5jPipW0xJxl zb8WH6;CR|e1ZU2t_~4w~=$$ME%WiZkZfe=3xL-c~@@d(!Jd?R+ekA_r^i1t$ zlegP28c-`|LWc4bZF-E>7kY<9Z5wUPtxDK zSv&D`&+a`Fx;n+54pw#CFMkemI|je7s;YgUt=JEv$xK8c#>&3(OiiCi_#EU{7|0?P zfs87_m1XTF=wuJGcH_-q^|9>2&c=YJkPK1UtB|Y|DYseY1s_5) zr1FefQhkkLDCKKEG~Q>rwb6C_X{a$j8i(2-xiow?r@`p%B^ z7clY!rrD;6x3}cwn+COQ%X4kh<$&hrZp#bKyWFQ`5`x!y&unv{ISNkrYoQkzvD5O- zZLckM{PJE_qUbz2Etzzhf48so@|7!|bOqImLCva)E2|SUdyzvLvQt-&&*4G$(O`!U z4GZI zw?Qj*x%+PYwdl23G5~%da056{iwUzN@Utw+xNhSoLN-K7#-)UImzNBkgl5OA!IPpe znEp7B4WD%B_gv?&C3x%hBTwI)kGt$0ILHb!;$xhZ&>LdO8pDh{kM z{B_`>W}^ANT&N8h(izn}|T#3I&zbD%^sk=(P%d z5V^?4X^y@KofF-WZtIz(3>SrvH;c8!i}-_@{l6x?^&n>YX}arp?Jqn$`F>IuW>Py= z3!5?qWoQxg|3r&gi#5Rw+zyKqTqlv0)LwGMqRAqz%sQ~mFhn2mfQ)D74M;_}enxQa z)nx6Cs+rT{V_*zT=*EABH!`mL+IYr)*0Cb>jB1qXzmUD5l;Klw3<9GZUg)*!Lhv4{ zWDS0WNoIJ$@{A>4&KZc;B0r&90+7RG0ZI{-r-jb;s$$e9J~ys%H|RJz|M7EdT-em? z<#ZWu-u?5NiB+#(PskRu?*4f~cU9r1LwL{5bH7zqR=#-gBI7!{+UVXnRt{ol%$NT+ z+)bt?dQlmPj04IM23V&J6Sz0{#{oB51yQ^$vJ2f330loxdbJ03__nWXXPIYx5iB9r zzpL062Gd4&Pdcz9TJL4QKQkSkVUSUleLuf|&1p~HIBwnA)a1z^+u#^DJ}?#+(Z>bG za{h0|(t%bHu0+;wc5%ib_i=smkc2|LQ`Jj(D3;OU>42P@lMg22zs`c>c-IY9#e)wQ ziZ$xbIWqCsM87oGfgMS1n$W{I?xBfk>5F{AySb6R!Hr(cW7agQvryJ*4Ejd&B97^c za>_vBQVQR{rk}>Dx<(`Vgcs^;2EGg%k1j(toJmYhS#|xer?fy$OD!E598x<*aVBAT&-}{Lt=fyZW~N?XBVIYUY@S zgku(GtYA*#rVk1d&F>SNXSWrv|MLF9_PO^Lpk?6GP-k4{+`$6}YFC!=wR2`EJdJ@PmCv>o9+N>$yn!l&ZV zh>5q-&_jUWak@`C=NmdYj_ltb%WdfFXt~_fa-<=C|LWcV&LoNexFqgg7WB=XRE9LGumapaXJ=!u8!F`c1m{|1kC*U`^lM`!IeT_|DdMt z#XcHc9P9RtnW?R)D1oHz@Pauko1A(P=mhY&IRZ@|ESN6NKZW1VYd!uli+#>GOBqdW z#lqgHgrpKTog3#C()t{7-ehz0!U$4BAoD$(tE{(Zidc-<3sL-Odb+o_clsNMuwNs<`oDW#1T}MtU0j!3u`QF6fw8mmBde?Txf?v z-HtzHLQ}l%b!FCU^FSCgrel5<-UymZ9BrC=;=5RV^WM3V?osgv$~F!+WRrRD`m+s& zrY})u0*AjgScvCm4%pD**5ht$ql;+!vT{7pj~W&YsPIU*^11 z?(XVZSs5h&=F7`@A{x?=Z$XWl%AybpF<1qGXwMg%l=ZcY^K2vup3BDjG*OIkBv|qx z)v*(HAi7i+-lx8&NC z`-~}P1zyG!bOt7)D2GXyEsfT_=M%dygFLTU^c;!~p%_F0q zKL`B^fN&TT5`#XE-0OZn+YMED{f4QPE1e?YATu^9q;+&c%pfe#MtpbWfi+&dK#Gl$ zgUAX+Fd^_B)?4gvQ4Pe;Fpd#JvLUoVoX(C6{f}~M;AX|VUAJfkV4oe%BaCZu%UOD) z6wQuwN7g;Sg$FkUJafNw8dMUK;U4}J{xb2s+wbE4>;gcrA4f_J1pAeysHq2!2N7#l zH4MRpYj$0$HwYRBrrVx~`vJ87HD|KIHR=8T+nl<5O>m{m^W{XVfT9D^6)~S`W{2Mt zE=(tOR4vZTCdMvwj4obj(=IJ-{HALo{c_JGSG@=5BuVyI`eRWX{&JQ`@vGw{n5=ex zr-a_j7P?zP23Oho&*hIzOEnumycG%;z6jg9x}FDhHAOGRM1~Ii1-C(e1^b5w1^JJD z`s;efkQF}bqK)GX*OxjdOuP#Z^;(3NgDKHSrBD@thl4*PKs{}B=2%PbrXO+b3d+%gW1hYqTC62p!^U@a67vp<3~{ctS?&c&lpMGb~2UOFW+YX z?4l>zxi=+Wa|6Cy+sab=b z2buR;n|F$7ZM}tQCWA*)7}_Y>l?ggdtMYligQ7GVgCzoMxb|y0TiVQ!RMPrkS8QZ> zZ0Ny*;RhpQ7k9_PU+*32d%4nB{hbnPvv&bc7ZQ8JPeWPoBR`@t@ zKyL+;bihw*iHiBmF91T7{BJj`#EF#AP}=~AYKcVf^2;|O`@`p$@HHL$np@_wZQ=?K zI^pDQz&5e-3#FsJjk8Z4*BH90yC*G+6AOIdbVJs>{rY|Gsg!KCkb_`rHT5Fk5_GsO zt`N5g0y?#so#00yq0shRrkL2bo=>&0M}m)qM1@2hyIa#ZH~D#P1C*7ig+H1{Mw%A@ zX)lc2zyCtG=6dbj+S)V`{s-GA!7u_T&R*=6 zJ31*cw!JAk$RD)&fk`GxC!+^E*%K2JXRAP?6VCs~KX+fKs*+*aT({jyg|@GNX6JYV zCEz}$Qn%Ri|0HY?t8Cv3*UFX8bMXmo#NBZio;0;LQ^b!>j5n!p!(sMl7x2{aWkfkl z#o+WbD?EJhkB5D8QmUX8vHoVg#i3uDqNid)56*r1ROTQ$c_qosW@ABfD|3Zo(Fq+n z7ugIhhIv(Pd8-IQgOffo;*2On_Lw3Y_Pp!Gpraew-_rp}@JsJ;KbXJ(;5#0&A*3=6 zD4V=|2CdH#8oJABm5~ZuZ%%>`)T+72xkR|cSz)J% zJWnL0U%&(!-(3C*M$0CiYislSax9KpmX9NuSlbe8t(9^0c)mLAmTynIFm8t?15n{w z=rY>(wa#W|oWmR7GSh7j2s9A`8l&=Z88&^6@>_kvNtKVZK>|p0<|+{PXwDDz+1q>P z&g~KZvm1sn|5C*2^LGM&^&?{chV_=Eh}Br;2b~+dQWTB-*KV5qLQ}Lcv4}>)%F!R~ ziPv#|v4AdcmGj*$2v6MR61&urQa? zjqpB|j~wB-tlnDym#IQ9IE<8b?cpjM{*ptWxCCSE7YRV#(@Vk{jh1<ap!< z<|CaP40vo0VA(#mq=3pAst5+B_YB`5OeZi!-H+4Tk1|UuIlkecjxHM>C zcJNJ&zkAi-)GRxJLZoRQNh)C0cwH)s6Z5k+%VY;oqGS={DRJ8kPsU}qxF*m}J{#obQMwiCMpp#R}%dd@jMms3h zIvWOpEe!;IDoY+D?A1(I6tZi&z2H4UBwQ_-_zPM*Ke+P~^b`MMLL_j3P4K6QYS;X8U{D{yz4pZS+gTOez{>e>FG9^dn)JZ-M#5vW$1aNW zT-&&@ZGijKP>2D~FdfUv^X<#D>pD}9frVXPDO^Z{p$Z&IHWOYHlN@2drFEG|@yy(bl^VWHA!pB=0X8GI_ zS5hPP3rtuvV_z7;t?(&;iA zWjINVZ@pu4OV?W~Z=-iyu;$k|;4yw-Lj^|S8LNgSy-&Q31%f6wYlpgmc0YaV@(dA} z>2PD3!ru;Ac*lHw1e$o=Krui(&%CQ@+U4V;QBnb`T-GiQH(Ue3oXQWDry3O*gVS(C?bfXez zfoia4PVA7sOzF2D^3<)pOsw>k`*HQ|y<> zR0goMj<76*SW7-xYrY~jW&h{k2Q}(g&sPtK?ySqJ|E3N%jJ7-V1 z{R^g>HC8ga*oYgfiTi1)Gwit9m~s~7r5jD3Xa!SEvRXiq33;6ov)L@Zpz)7Nm;gVk z>@4Vf_N;PhbPMeI9NxQkuYdUH^z?M?peL97cHl@(&RO#UvW9y_lGq`*#k1V@Cp8cr ze9Ml|@j9awA(G{s2JSoXE`o9RSCJ*}x*BZv z^)^(J8SyhoKc{RzyIpu1WnbmLqw=%bm0$RWSida|*$(wuvfr^Aa8nu##&W(QcvU8N zRhT>CRcE2To=c$+y<94w6D|FF!}HkjS=H`^xl&b_Am6@u^YS+sg2h|Y%T6d2q4n8}c5+|Xhs!pU)i4++9{_cc||NXbZODF%h z1S9g!`P65Xh26-5jBu!Zuk&qJ=jPWIrdzg{Z#Mfp;qb^XXO)e;q@_5IQl6nh+Lk15 zLue&p@ad6+1h}2Fyrr`V7>Tu+q}!KTxb6Mq+CE30CKY3RA8^S57_K(}%WK@zLiUe- z4E)LqV#pQdlv{LrY>i|8uV{|E-UvF0|AWOgiX-&E|I1?Zt<9%S;pt=$V49e9e|5#< zLS@W&N7KUGBh{vvKG>l7a?#bHs@svAS|YYBeov}X`5SF{{q{2LWyTaWTzGcyQdYZ7 zzsA*ut$qz~{_TL~oNc6uIX>gQ^*aN0Z#_>6{!VJMm?>^0MQliHUaGH#We; z<9qk{`q2&REe;(%e0cOQOe=>+E~uzlIc$C4<6rJ-{);2-+m(tzPkVJ)eH$Y@okrWb zkMh(&f+G#dioLc+Iz8QJty0DS`%B40E~ouHY`{lPV)*$&I@Oj;yQQXt6UZ5_$>TmP zfWBhCdS#-VE#MQNS!xIx#Bo_51YorQ2!Y3M2gj>?uL5EJZ%V`B10U~mIC$4+71UTv zUOm)UYR~$f!!X~48f!#mO9xP(ScD_acLLb#)A$5g7aW($Wm?b8SA@S^yg2^A7w&2c z;Y_FjQd&dz;^Byh+ufs@(peH(?Nt2-%;Bt7Z5>f*OBl{ULJKDl^JRQ0pTp55I)sxV zJ)#FYJ~FrIK2tR8-qR*9#t9@4Q8WToUz968J0CduSMWjq@JRpg(1VeC56(S%HwBLP z?%1MVQ212u^sSB|Pix2i`jQs7!tbVo?=*CCdp(h(N&v4x*pkv$;^1}aVzzy_c6Es zX6q5c^q-cjjOa(d%?L=9h6$T`sAj0#$Vt6jx3=D@LD+f>U$K=AiEaeYiIFHmWhcwx zt>TEhGG0fO)0s&1g^rG<`GtnqsKq~qEapEtKfkbf$kV-|qRfT>leU*j4Z9v(QA#dn zL4U~KDY{e)LU{}wc#;X}?M~q})K!IMt>?tEL97&o#&FMJL0Q1cYB@_Q`2BNaSpMP* zXjvpmowr!*KEDXu;%Mjj`tz&KHvmq4^hk3)>0&`OG-$PVUuuimzamO+Bf_<`4K{)D z5)S41MOnsv1Za!ujmR?G^kCKAl=l<>$)R#Sh3dfM1#CtG`-1alp;#*A9Bsj$tUbo0 zC6IS6yLPoh?&+utd<^RX|I**ciqO9;Z9DX2-ns=JL5}SdAtCEYR{Jr(_0^^@E(-En z{?!HQX(!Bgk$Nie)Ac46YgQPhY|UTsHeqz`msK){tdwsA-29x_rtvG06wt7^SU(Vv9&{h> zUYJdejr#IM^_u#(x#;3DJk3#5?_$m#cfAJ}Z4Sj5Q|8#-qS#2bQ-6V`9kw3^xFw-S zX^O5&_AbyBOYigKuUd}9SgRGweUdr`)OSs(MR!x|;{C=ssnwgJzJ7a?Sr|Jr^B}0H z@pxU^=-Iz{j=EQLb=}vHB=I-cnAVDH@}2{)pr=0dn64m#V20Zq zf!j;V1xb^yPEc|0pw2r-_C@avo%g8Idn2IEflf|JWlMh~@?< zmZ(0^BhjnEX=A@(&p_N42V(-%pSpToZ86hhSgy=$?8WocQz@8ao-8fa-{|#-ulL-i zhl_JhKEH$K9zQ>`h?y+s0U=s)ExA=}O|9&9S^WnNjyDe6K#|o#TyjA;Ntd{{xGlmH z*K-liB@H}HhF7(-Y{_gAN|dHsOu|#}8RqOi_gwN)eAiVT8~tUd#^1ssdbamVroYr` zi`$FS11IgAFTi62@Z2b4XZD^O@jO3md6~hNz+kEC023I1)oGx?ZK;#2lU$l?b7nqe zSk8%583&tM#9?VC4Pt?rSiw|0-iciBK-@KbTyrga+G(V<=`w;nLZ-d{%90utF! z6w%(DcnxB*tbwdW({JOgvkxEk%|7agJm1*$apD=XQiCGBJ=f@>O39Hle6wwiLyo1q zPJVoTRq#2Z^G2%hShws$wvk39J3>rc!F&aPB)_i-DmFH3DpRKA;sfT?(8AH!x{59H z-`cj<-<$1k3JRK^c=-11;N;N4?ouh~cq$s>_VOant3+1UQCp{#NnI(n*8VjVo0fqi zeYOdhlA29o6s`zb2i}nkBcN8!Nxki#eqD>hAT$Mza_yZf-8)|{Z!48^2sLr zLvCp@M>+PVkMyY>*+OjfE-_kW78@cTBAa(QpDOQ|<6s_2Ea2e;Ub&iZFu@m>;o68P zB!R2>G*sXFE$oBOXy%p1p@T!Kcs^TUB1h$)3gNbz!JDJrtG$)f)l-Q6qQ z+_lm6gXWSbRQ67i2~AgmlVbu=Dy!_rNMPfgoz!zOU1k>EV**PXhxsg)Rtjv-?!}GE=8%p|in($> z(5({CfKyuW0i1*)rhm(5$NYUe&uia58pbY67IsI4&b60zL=Nuu=bGz~xFW^HC-fa) z8t1_)F2aflEI}+Wk?mBvHdc)8Zz+qXSxoE`K-qw+sxcVM^A*oO{W`Bz}6>R`YRE0Y^-*#cvA| zPH{Wj{Ls}#Jr}=>S8hLh?P}1WYraDhV6w9t)>nEgZ3?Amt)|`o4TOg*yy>hjv{1Tqz%F@#mb%!2UQp6Recxc zx);CyT~+9NJ4Brnwl%I+QTl`!=nHu{+|ZG)^ZIl73U&=7F%Xa9xIhtgDj~6V7E3>D zB^DLgxFiG~n?F7`b=I&Dp0)k<=DF1B&5fa>J&lo47dFLwf0wNAuF6+x(6SbGjFALp zqg&oaj2Ed|ZP5T8#DA za8wu9OqOZ3ZT2+X3ZvXJMr**2Zh$;OoRL3>miMO`{bF`un84j&okgL#BuO$m<_ij9 znigN!c`m>%{o=UA;+?SZD`zYgZg~yfCx%G|+(>-Pl}z$@00Xq72hyyn;Pp5_9HliN zTuLe6N#n`J1fm4Tmda+6*2H0~VV&R)r>4cPAFmV^F3yhiWHyA4cF%li{*ZX)!sdvt zf7f^WPR-Tv5JLsH@vxLIW?~M#gonY#Q-(?GlO=MtG{-LNUN~FReM);s%gumvrh&hF znPI@Nwk-+0+A{Fe$y^5Oui5Y1OiLrVX1EIX2qAMtL2f`B%lE-;V}t@*DA>amfAGBi z@U@+9Uf;U&Tji8+e^q!ybdB4Ue`7IIOpr+aUkPl#-xef+)%Idh{Cv(nY{3Tpk=|p~ ziE+bBDh~g<2YvIWsqmw-x~~RfV<$^v=ZD^n0!kaMvDkIzNPtn8OVcy5!!YQOPbDGa6xl&>+e)T} z99PQbXT7X7lDUoLpXPfb*o=##JoWXug`_dNG|fmX92<}w)KIdPL-%)IuW2it%(VD+ zZ)UdLqG@jOVd|F59y+!AZ4Rn^Y{r1%0rY(?tanGuVqZ=VL9JI6$P0Z%(RyD@uT z7_Y)ZXN^y$IcZ&a@`2)g2h>Sm{`%g^;Bz97vVKv*;r9a$V^A1&X70IZDS|n}Bj%$< zpcXPu=yPn&e9D0H`*fj@k9gU8y8jErl43N)Ob=?8w4ZUcVh`=Np@+}vCQ?(MO&siq z^o(qL@=uvu!m#_8s2L(Vg8QGeuYq4m`&13CQ7i&*Umdp`=UP#KK$W99qk(& z>Xhlf+&~d*vrcB&i}s$x_gUsR$UFU$+JogG05L2yZd?JtgDwAMuVTolyD%3pD%lnv z1DolczWP^UXNPO5;1$@gp(~3EPYSope!6s=t}PZ&c30gh$t4NmPG@~mnT-!wjb?gM zq(`45!2$GOL2fk*H-=4x12`0cLR8Z!mXl>^wIsqUxM_OktfupY&c?;D(grD51|LD- zL({Q^<8$k-SKql)eYCtnEW;9H3TZ`UHj*R~j082PiW!$U8=&jaWT;m=gM~;82Q%;7 zG_X(wSjdT_VDE)C+hDxR>;i*vnJli^Zv~LyiF)N&u^2E&j$P~g9AN)&$$6d(ty<-| z;o8KOH^UPKRY5s{>qw`yE+P%kK4!7{Xp@oDQV-$gih5xR4E&BUMh1j{i$x6e8h5Cc4zK*S>YP&CES-x_fN;lW;10WInk6@P~mm|EgV$)=vgugT%w8Bz-watCh<&%EEVL?B%4l zU^TIs;zTvtYdI&)z3_?D_8#duf;K)K4DX~z3L7+`@M;TYaQ*ZghyBDynL_^(=O@QI4%#1ZD{hTjDnld&O0+_Mi-(ZhsIYOJb3nI{oKizLThys z0)IQ&_@b;nVmY~FNo#8)#Y^Gv<^|2)wTT7d2DR1%pJI5^;*jjB;V*%ui{H*FOsQ^K z7$|KBkDdN<|Ky4@s-OlwQ&ly)tRma-tYOvFt6Ag{5RY++dmSf&vqGV11SfnKcw4Dh zB;6`adQ!})RZJ%R5+_r@Wf-V9uFTvgF3>|vm!6*(e2-P$D`K|FEcK~vj-`{vTCvjf zMwZ@@%cMvUa_wb+Y?i*+POw_0U{0N3yJWRrJ9jix--!562MG-k?jI250Q!x`{1{!a zeyia_QDRy0-w0;JpskSZ)5y2gz!RY`CbTHwTr>9yzQ{@k@GLJKxWSdUImf=@S+(#v z`FYb^N4;dyY z+?w>$LN}IuuW5)!kM-At6i#ziuQeigrkNu2GR?`SL@Dy^d!wZrEQFsh0cfJ|5CrI^Jbt>_4;&GItckGO1S}+{*+Whn5Pa!XbbuGE zQ!%_Em#MjlqFvh?zQb+l)Q0Yu=(%^>W50iEO5$~^vhdkC0V1eBR+GuEFG7UszudD- ziI7*ro<}}$seMudJG79(tq5uqTKWMmK^!=XE?HH-;(6ib$ggAf8w*Fi2lsbPS!_Nw z_H8ElY}L`_VeZ+Eu=VSn)NWt!ve=23LAJ5FvJyv$`)aG`z$JmC503BWcNX*zMbh^| zBLwGZevHY?a`wqyOttd?VF|5ttx_IxnTvq0144V6U5@S!t!hg3+5A+f3+hkQ5`|Ih zOE>|J=D#Oo6DdWwr5Gx&n!ui)NC8a706c5RK8-`=B?2T1`_T7xiSVi0wG^~_+XAz> z*0QUR7T|w+Uk~dApV3RkmcrV@xU3UJ28#!CI)5@j0Bwi_N?IC@@?`ayQp@KHVzggP z3^gKj&xmjL_ok-r`#!h&43=E8yIOsOt(OHD0|x1HQLrD`$vab|L;<^q&3$@0Ux&CCMIsh7n`N4bBPs27 z;olr_#~e#rmJ?#Xyp2lYg4H1_;YKiYQ(mr~7392}yQAcOJ^p=orgQF0?A_2& z3#hh#Eu8dsR$W|}8$DU#vvVh~K|bEwm>o(l%ZDgsJTD5@ToR3Wqw8ngCH4rXuO!~1 z5ACr`nydyfR9zEm2ZEaU!W1-3QHF0BQri*$$0FiRh}~ARG>l1R;&}=A%kp-7%BO2+ zh%0OX*~HO0qs?YD!Nor#weKf$cCD&1DC=KThnME(s;J#n2O}5qHwnH9j0G1tc>){! zQe&V2Ukwg7zH>g}3T$&Z`ShbggY1N1or_dxKI_A0vtRkgejjcaJscZ8HyOJ)3fczra^m8Sbdhk64FV{r?J0+*Rx~Zl z&i(P|`Mt$2%~Po@^U1XcA{Z1(W8@Sk8lZl8sO@03Sy#D6;4I4-&?}M->C0=CD0ZcC* zo<+`LR)F5B{sXckDm}tMQ4Aca2e!FF{n&9|A^*6b$!cgNvR2N;l)J|p=f?&N!$-Ri zCyJf!X+Ak8g|wF+hYBqBlzSxTU3O0#^S~;h(>G@TE9PP9lzSqd0$l;M&*7(8{4zwv zM={=n0Kq1~H?WJG*)lU#r;i8KgwKDSwf*lL zl_J~*iH!z2RW?vE5vm#~nM9zfk&-DCeBrP5YldgTrFP^Nz^fIfhBei6$Q0r>J<6Lm z15&dS*>$>wLBDn`^nvpD{F9-=1<%7yRNuh+JkCWJ+Biz>35V-OwXXd@QEZO--rHQz5WX-z54&2cw?us# zANTeBEOFJtVCSywJ9ploD~Bz!cfk*u5Q$dB*%)pcCp|9T)=4@|)=6z#qo8@CWwYz_ zZXur?o~(D$1cD1mO6;d6^QFuhTHaVWsr4Iz>q5UI)$@1o!J+n#xyV)b zhG_@dAJQL}B1>ImYqRfbyN5K#{n9_%OJoAlU=$CxNgMnKmehxk9Vf*@;l=AH0sp-q zCgc>nCtHlAYsbOM3;qpFe?L}T9BSL{JO81*vT7mfgQ05lw{4r zNj6vZxMyFq0iI$*iQIk}{w^fOxDrC{k>;IoMZ;pLamE^W8Xmu#IeJ_Kj}DG z3fE${Li>fbZo)ej0o{jviI@;2s#s%PKZvPjM<8iqs29e3~ICY zr@L1CZ@q^gjrVV_ZwFp_N9V2fx!%Ch*|$GkYl+U02HdfY|DqSZGS*Ku&*%T(UG^AI zwad9HHwkb8?DiKw3MA^SsuS;$iX=EBp4TADzo9VZ+OLOWzH~Ij0Hv=GyZE}YSd!phDHHA5&Y zXT|iY2)x+O0bJivHGw$XlU3(Et}M-lZL(XV1ql8NV?UXWS_!&m@Gs5K$kL ziTX%XQwPL&5LjS5tTf++ns6eC8aQZfUtoK~M_aD-_{3MxVX>GS7@1$3f9||E_hDXj z)M9q#tir~P?`%9gK}22lg}KtpFap!F2z0|Sba(@y@*M4UXD!}B z5*+=8v)M-M(L$M72fz#%h!37u_C;(fv(I3OY0S@#lK`D;M|9b+47Y`uP@Oq{IhiSS%h3!f&tvQo#a92Hu(@cRI`;A+3td)%|j3x7u@}Y<}XEF?6jB0j4 z#ma!&65$C6J^zRMovr#2xI;TXPqephaI7QzB+-8QpPrd&j~DHj<7N5(A5EycvU~vcF(@G*Gr3R=V+!#Xz9sFoU9%(AsmO#t+~y0fZp8;X=tz)SeKN<@b{ntaGXG{E83o z8|5cd$d$oaFfNJUC+g*&R?#0OD5dAb857X7ZM4mwV0Jmkb1aOWd{h+#wrZ$a{PqSO zh><+Hy!;@Xks`IR79L?pJheL+rsVEC9eI7S{=OH41VH>|x=I#wgaiF+Hm#6?z9Ql?=lp^KzZT1AhWj8K$Ne?f-()r0o z{##vLVI4{T>B*(puTSpj9V#&UMYy5z6TnpE*7DZ?HdDu`RvZ12M}MtuOx~;0Kw$qE z$))8uFN}Th+^`5T5uIIt{lC8b_|pED>z3GtlHywasvf-bp>0X-+U_uzTP1+daf%D3 zLxywZ?lh*T=Cojg*lL2+=#VwI9{n{b`>=S2^aPEWiTblst2fX0JZe~+14#VgjK$`N z@1H(iIXiEe%5*6A&~qn-Z4Eq~gpQZ6cT~bv!nm{+6zIstSAt>KZ+yvUO?o-!jc^On zZ-TC)qgo_e3O;-jRt!K9eKUqU)gbM9;Sndw3Xb#}XM<}kw{!VfEDxxN$-h4jdVjYT zVbT`9OmzKc%Jk=Q`chws6xJKPQEYqR%bz)o#_<+DkX|Aqx0-qbiGXk?4!JegH}zP_ zYp7?6HI$Gfm0T_9XiIHL`<(<*P8ynhB|^Mhkayk8_KPv>a%(6DiPT@yWmyMR2{@ zr|qpS&mK*+OJh@lRkyo-#q^PF;Jey(Dy53yvov1_nUM&;p=IG}G# zZGpXo?jCIAinSuE8DB(e_|dg^TCD4BgH=0y8X$JMn-(TMcOWgLP}98*xO-?5%is~Z zhx}cnVNKc#Cah3_i>-XY&8c=l@ks#Q7?y9WwqW5$)XUl#@|%Dg2k$~n&kYF#QbFZXYD?Fnxp^1;$m))LxA9+vRExO&ddCHc-qxt$%h=PDY{>7U%SNe zwRwg{TS!emKVuO+^D*<$)M)JN*!>TQQccr?!lu~ia%bD8G>$m;m2|U=GA-9K_e}6L7gx9g(_$y6$RRA;t;hV5URik5Jq5UJ zGFc5Jz0L)+I2s#cv=25#e|RRfczmi#HEL|Gd;W0fxX(I_fQ!L^rbP-oe#)076K!A+ zTIvO><0sZBqpMB*wDQStnp>mwT<9)M(|-zAgJ#~+XfcW(UD=WvP(qeNiSsbCV;|ZU zI((yN9+aL@-8|j9aMG?21aRJ|#&n%*_1?bScPNWYac7FkCdE-FU*NgvczBmjYlpR> z?$eVDeTH4$4le>c!Y!`gq*i6>z5I>lxSDH5xnNthVu&~2q$G@;uRiR$OS!o29G}(8 z=j#NAPfhks91f2hvaPCb8`?Q^_?@>VMcO9oy0enqN`a~0rrQiZvT=ctCQM_3s}J~j zRGaf7;K}K=;GE6!fex^W?t+yxBOx?z@B_|ifoX`AiX4?ysNzE9;1f(TEZ4n$H&pty zqiTM(d2Td%`mEH^@bLQj`uIQ>OAO^DnQUcjYieMEDLIhNbSMSFE&Ie{6x0qU1^Db0 zA9L?k^Kr%UeYRApM`~@y9={{x4%L!QC5pxI8rcFbzKskB=sHl@Gq(-B^etOaG zd?9MCurMaVgHu=6{C3ty8&+mOVLVXj;^jCAIHeP;fy{l?NYl6ua-cSQA4r7N1@|2K zs*|an9&M~?yg4slMLn5xmdtRzteHBN1ZoHgf+uRV9XqtkPo#7TaZ~3a~ns39x{(r1-TmEE=2dCp zw)FnqTqCDAjCQ-$TkUnoz}%f&T^Q=N*z${;_x91Nl~rL$=cLi?WjxCh zaW5%;S}Ah-@ejqIXAqZ>$)kBK2meZz)1Xx8{qV20Oq>u`Em9rj=V83YOx7R~-)E~K zr(Es4Yjts5AY9n<`Ml8Zsph(&?VSZ9sk?$oJKnt?%xOLjnyc10t8GeF;AcH<#=EHU zS`3HFGJV!R7GHM6T}=zV5G)Nf_BL%RNU~A++d`0WLPm>NKi5@I986Ekj7Gza%W0e4 zMrD&1CN^H1pWM)Nd%i0&eB|z8V*Nt!{Op8|dj;%oD{oVBZ~+IMIGztb6wnQ>n20bE;_5)cCH&^P0}E7+B*xviZ)`Utcag zFN~U+KQmtu^jmag%}tLipKN7W8$ua9i-^ab!Tj%8z>;GOBN0I{`E=C;`g}*LyN_)3x7O^OXy39h0zle_1z2K#tnI_y?cL+ z{VIU!DCfh70PseHzb?K+@yNF~w zo#<|py&L+vGWU5{W7ske#dBoy_rD9LRJ$X`riC4g$7jFU31?^DzV#`Vtv#VbBDvfB zNu?1@N^(R{<@Rb494p$bTy`=fp(Qs|uk<*$lK((>1*U#0fi)2o-0qFj%h0p*63NpI zfO`T!8_20tD^>w2otYzY;MQwWok2S&$~i53z;^%ZUH##pLtzc?wpVoy|2lQNR7%o+*^~-4MYiDoQ(&_R8uI(`h)tD24-fw^!v~Perk*76ey#!}V(W+L{ce-{ zu)HiXPuXqWe?IMF-?OgB(Z=x(Dey|?2Drwr=pL1tTplM+!UBekOOZ~a^QF;*%8@t! z>;fNilMR~|do0`+y-SWb_(ylP;z~T+3DWS=F{os)gA-tO ztDxS7%Vb_AETNMqc0{^os^010OtW-xZm4jJw~_aW>${EB12AwnUfx?Rs1U1k2liG$ z-k_kNA^h6T?m+~g9N*a3)#p(UPn94xj1$q>D*#!oe20fvwQ4*p_N84HS=xUv{o$Bw zaj{VOW=bjuv$!Za2Ktfs8Eg;JWEIW5?1U7x6>gL2esq2Lif>c1Zm-%s!o#O3n_{N# z7i=7z+_f0S-(6LRxf(CWEsBea!*i{Aaw+*mva8?%u7GL&U{C6~IKf4VN`~z*1F)Nw zn1F}VWY>s-4o2#A9a*lNrWIO4f>Q(nIvlKy6+9tyZ)Rlf`Mv4c`+qn?!ToFe`Ig0z zhS<&X1Esmm;F1q*OWW+rD!5!KQ3tKT#?y|)!$~Ms&6sdGD|j0eU1=1+6jLZ83UYl; zyDY0ELa2S#2GnNtIo1~#An(frWh_O|^2|^X`+$S=wE~qFfAvC(&pO!T&b)5^zA zEtKE?uM`P72{ag@+5@L}U2zGzAco|z1K3JzGjab6IL&~JRi67p#) z%T(z2tLm?I8-0>$@92P+a8nz?yBCLiM;Cgen%;SBSN(S7oGj)l7KIY+H4R|PWCUk0 z55XP%QHKH9RYi0w?{gwOw^{;shM^yS1kXEWqeVW1n99QFUR{%s^>j3osIIXV2yAc2{?ot3dOLmJBJo|&8;YQHtdrcd{(PDDIhq?o{#S}+MQ zW9rr17N1{$ROUg9{@=l$2+HjtcbTyhm_^!_MS}5Z2^{u%NkDr7ixI&nziA8CLqEMtSDqCVHH0{NWg?uE&-7Et0~ z`+ZM^gLQn8k0K%cLy7dREOzE0ms;74y!|hjT4G?v%RkJx6aAP+KW1>3DNANYKMrID z;!@*Y60X~#%iSq~mJT>D<8$Bnp@v6iEarL_=2u9qj+uA`!m86pf?P;BPTt!u$e8bd)+NipAs8(=mWoWi{k4h=WIJkk^XIY|~KabB3Z8#pYyqa`jH;6BRTRh?#hA za$fRSM&=V@4d|S*CfMzR*fy>;T2|aIYO3$>-TrR6^L*3%lNI5k?{CldtqMA{tHCx<4)+&6#0`%Ym}QKi zVYH8&Ny8N;V8F*2oMIzcpGw`WDDRtizOK`SOf?n{>qqIih1bK=dAsiuj(L13RE=F2 ze4=?q^?mHOzZNd7klM2N_m$C@V{c1qew&}|tGZShW?oV;d$K~AE2jUzhg;$hho`1x z^wY4eVs;>JBHOIFRxDFG&ke3K>U=`+IkvmjLE_7LdU{7nz8y8k&VYQkm8H#MqHYtt z?Tf<(fNOE^3%eCLG}-479$6ZBX=>J~s{VG}PV=FqbzZ7S_L|*6K0#2|1XM49|7el3Kks{n)m?$TGXZE%iqP6WQLVG3*zw+T^7%t@Rw-Cc5Wa(U~_ z#KESR(Z=w_kg1W%?LnX4zt(yA^#Yf2VW8Vg9stThfprIY@p6iDV^3|~m zubN`NN4T`NSN#fi`bQk>-6faLyDj6j-N?%D+IK49C7%Q>GCP=#{lIo*ODo}I(%*2# zwKK)XNs#Kc@LL7C^c?H73%e+$#YO<{X(H?_Y^Db2j(c0rtY|K;qw<+|NNo}KmZjT%Fz3c?q@^_>UK z|C$v1lO`!`F$_i)`$&*S!+t=T50KT^>TshhMGMNSk)M`|G~#+xYK{hqpG|xu@~}DocW9pk%p_j%KgrxFVR{m8-l*oWA&gHv{}uU53&v4#?nx>O>j+CM+5MEHS+&$^tDR=43NWO-c*xC7b| zc{A-47?31qq+i$jfmnbe2>e+eeq*H=$vSaw05|F=1HfYt3(U@`5OcGluRG{?-g-s1 zlQDH3?cGryQm4A2r;F0v<9x-D2)!aPld`!~MX{YcSy71)WFNoyOa*I=cqC zmO77Tm7iO^9g+6UuMoO0bwjLwdM5wWQ_Ebb0QNp$2ljCv;1r0u>I}7~(At`E@?{hF zIAaeWMs*N5M7r6TVb}N;?Cz5l4zWR8)Vt1tB`+Ia*f=^rv!Q7q%zR(VsH+W5a-B2* zUk*X7IV|2I3$_BWDyMSqtJ`F$ zD{KOn6anKjIn0BQlVswZS4D+xYM0V zRHQwHc#nh_J4Lc*i%1Ch-04=Mq>{KL-1!j6R@o}s|BUYa-uwA}zyI&!*K!|^+v7fN zoH?(vJkL4L=TVUQ`U`uKh0k3?kPw0xnrcm1E9(%sTpP%rBkU4{jnM+~KnFeJN4O~| zH#5Ix6*;mF_K=DRN@81X%Z?9|>$Z1o?}OrPu0LdWV(nzhOqcwv<&R#j8(kuBd00Hq z%)tL2FgdkX|KE@x+4l2hDP~t@GRkHE-36 zd+N+{I=BDxCH^l+oh&L*3OUZRWSS0<{xsH0pxP7|OHgbKKsN{c+FWe#RhaRxk*=ST zf*7-{o)J#YLe%hDC*1lquWNj-J02T&bj4`#^LWd``}W4k#m}`HcZB;p$f$SyOAYwQ z;GmrW$h}-*kkd`Gpqq^1&N1JcY`qkbt5N2JZYmAAwr;B2FPbojIgOdf< z)KYGTYJj-x^U!bKAbd3}|M9Ya`STwG^RUGJ@74`QyDNUa0Dkt1t>rdSs<|1~mEfOf zl1rwCgVk=o;DEX8aF2OE<&vF623n7UiwT2^iHL!VZL6jRr>KX6i%~6jipdvpw{7vH zg4G~?oq$fExe5oJLdfy5p5DH5;|BtZPai*C7H}{db_X4~yZ6iKTg5{UDtL_+XRxh; zg(NyGB$Z;fVx3{x_YtrRF`$jk9~5OSadFrR6EN9&o($RrLq#D@H3g-!*T>g=Uwn2Y zK)?fT^!1NfUjT$pw}j-s^4vJRw!{fIDu4*kAK3EAW635=-!sNHh4E12I{T;XdugW{ z6Q}Yt@e_owTe|xhl8VR$ekl1!$w3vly?x}>jS6&n|vb5mI`tTMC>qUVDK>0Ul6&}y(P~U z@{#}qUZrEGpCG4PM#{4EI+(~#e8aQCRalD`QMY2#+k5xa?Wnugv$J<&Ger8jH@%ws zHU0uMf$+xmFKZc}(O-GmULK zAKIxtl-*{mPsfN5xc8x%IwT}itwJ6X(GcgjDqYG$a#zvA!<~rw)8jk(cc1?{(r=wGurWJ=09EU1DZrzW4mE5Jz>Vue-L?0!vM_N;$WBMO4>(-yO#C*yz z0S~>LR6AK2up&qPd#V7OvxfEJEh;u(Aazr{1XytsJi##Ld!*~Wc6=uc3wXQrNgWV+ zl1lsgdq(HVeD}`3-cxsU5r|dJ47blWcl%DB=vuQFN-&O=bD9OJ=wtMPT*&}&4M4wv z4Wnw!69RP?K;>n2GD&72@nTRAUJitcH+Q9*${PD8aU5_RH`lzb>kpm#`m$L5!ujRp z-Jzd8)M&xXYu>nYrWV>wuVV3=POc19C$w`Jfy8$JqRlA60p%+}_kz^)tus=ZXzh}4 zh0qnuPG-q)rGer|nEjeux!#iiV4TSTN-+RAg%~MPMGeop^)O43-Sr+vOdeso{xMO} zb8S!W#BA3J>f6}W`zMwuNQQXe=^Nnc|0BTjSy+f!!t5V0D_KODcZf?zQi)#t6JIEA zl-HV?)5RdVE-v-?w45*qe0P3oV(sbOU;mf@S-rXLN?&`%Hbx#u<_W=U(?`1cq96&b z+u2oRZgTb_eu&C%0C3!aHlzjm8k_Rv$Xl#Y$=cLy4>$#RR;yw+mAEc0&Gmy9y@G?0 z&yg+5Q+(wO@?oIYC%R@4s;g(upupm&x#$#JM7#)C6D%GNFK%m+33DIQv|Y?j5fM9k zF>6bf8L+6-YMS`*_TzYR0y|+KxC`v0IKUHOedDq%M_u3{Y6yz_2JUaHb4-aJMgCv& zgvp`WivQKCpvwP5ND@pG6fv)oCB*-HdH`em!e(Q(DBpoW33)A$Y&sK> zkdVdFyvEwa$94VpL+09ZmKTcqp7p);DwY*Z!dMY#h0JJPCs&%U?+9ex;yb+z3Y`y! z>!u8Vh%ZVAf#!}%IW7sbwvQ55Q_3u9C5n8Ni+DQi_M`jfmlrp{M!pCbEc_Y>>aOkW!*su5W;Gr zu+9qb@XXXEnjP7iIArBD3@G`bR=~}kN+>D45`oavyR-XN;7RBlkItU*nLKjzNP4^1 zN(nD`cG{F+(~M|2;`&xIc6##4fZin|wfw4fp>|{y9>_9ub=;uM4(7T_&a!_RG;>PM z2j)}ERZ8vBjgOPA+10a;HU>5UgjE;VGUr>jR8?DR=HwblP**~^XanMCqZlW(z63UB z@(NSz9@{zMU1$PmH*4kHN#c0#R+Ju8Svj37;nrM-De!gGw!NN|aqkW||g=k!+x^KOoUgxe^Y2 z2Rk;&EufF9&$5Kybfy)`lX6x9W|x9_9x6C1%T7{5oqgvK=Paj$r^+Qap#StKen&&d zXnSo%#l+v$)jxeoo3ib!rj3;V)&6IsfhYP8+NV*2>P*RM?Jpg0f}YR%X>i}5o_=!M-g?mv1Ir=fBFba-PpmhB z_JA{>Nl*B?$uXX2R!qyR0NZZYu%FYfnqd z-3I*+b7jVbX-T8$}zsX`$Z=i{MKqad8J3V6oo?A{B041HYJ>*OHGlGa=(I)xyh`~ou(NwRu+ z+qI_O;C2XJYJ;{uyGsDc&^-{CU z;~gBx1?D$XukLqn4QUw@^XX~${Mcv$@Tv`cVav~3?%#HHbqxz#r7F1%?;qv0DiNU3 zKRfN)&Q@Y5u~f3YYMUk3;YW=s$@B$f7V#7XmhffXeJZF^T*UhWJY*smv@A?1gJAGd zn0#;J>E)O1{pTCICo2O_2o@G7NP$)A3kPlNp%<7-1xiq#MzyKv0%Tp#}@7){1Lc%t1Ksl+}^qJ6VoW8?<3z1hR#-gjf0&8}lNme@+G7 zjg2?;!N^ZDyY{bfm41Pe3DZD_u)cMS`}7ATfJU1s47xlrY&}w7md&88XVLV1#fR$-OCGxKmS2ugI<kraMTSY{~;&Ffmw<{?NQ`N0J^!Yd(UoLn}iKT5+fmlSuz9jz_{iCZZ$KRb9 z&Nf<}TR#64a%g?+YunUce_rJW)Vnt?cLHZQEY^_}_!;5h(Xf;BN;P}mV{0e87C6Jvumd1&&T{06KouoK&7#Ed zfGAz{5Io~_wJ{NEs@CP8H}KyG%UJj*Rl7i|6xEgx4wPC1pU_}MUil!Mi_*8#H1^vY z1EXiB`V;@x)Ks69L(7PdLrioUKj}ay71SVG6JG<2en3)EF^imK`v@l@4v}vkL5W

X(>f4kw);RY$F>-^HLz4 z#shzq%Fl^TV<)UE0P8vY!XXN>`;{Oj)FLqFz2jA>ch)W*dbayPE`HB0^I``HtsI>c zXy#LLsZ^S31oe67()*{%{pZgwf9^MeE05-R-_XUubl*_VJ)?)cdpt%nTwEnE(S%Z6 z2C!|v01zR9E$E!trtw$|p9A7DducvG%w3*ML079xzc^vFH1yf(d-cqf$kvJ$t^1(D z<={D39>U!smVO3=uEbe)Z-r{21C|5y(JoI7~E3|0qt zx-PL!@%JlPQ=XEZib034#YVkN9XbRPy~r%Gx&!#3nq>x(Wj+`lPM|Z8JV~64=$eq{ zvv-cy%w6lL>u-TtE^M(|{#M`-Yym~Z4=B65ZeqnUlg32wb~uFyipQ9rD!{1_{lvsl zV88-P(-}4p{%|r$$y~?W+Mi(xp7b8?Fsmraz6v+XtGZSR&jKmRm&(ZrqlJa#rDKx= zAsg<0{kX#Nbu5*=ba!$-Qx2C|Fjk~?uU1Ur5Zr1mCpU#15)szNQ4SVndbXUdXf4ox zW;3+Q(zAQ!Auy8$7C-1ZH6m^)Wce=#B7-hOMoZ97UL@_83kZX0IrCE1T z;z$U&;WF1lr$U=bWCyUXBwf>Z7aGhiHlBdT&{1YSmCWo_H3q z9+Z0%{^D&kXj(b`u9pzMx%ceJ%8(b$A#efJ$Di=2J8}1~*=l#PIY-7)!CT1$mFZUh zo^^rsp0$qKG6nx(x$4e@N~%JJ^Y!mfYq0}yJg=w?)>P(w1tM=s7L6FWd(2mCrjuaZdimPGr%#H12FyY@;6#+uoj^ zf2pzZRO5We=?xn;tluzsVs8AfSn`imfNoAMX={>sJuON|Covx_3PZnw5U6Cjv zN{YKtZ176J24`-Eq+)hJO0!hx1SyI*WzsO_CY2^+Y^7RqCiGopd`*9E*uY#%*l@N* zVDn7zd`o?I;=sUwi|cLU2QM(|uozTke4Hd8>oz4c9zc+6%Iy?7yJ}m6Z^ed>@`H$tTi$VD6 z@R5@@N=p&EiV}w$@r9nT*Mlal7^hT2bGM zhTO5iNAUbbaAkx?*lvNf{h6-ZD@30II^rY<Ct> zdN1?qmcDdbv>1IK&+g3zgN9aGREe*Nfbs2N7BIUv;mt)bD*lOr3FEfdZD@%^Vz5%V zyEI0M4Z>dc#9*UB%pr=7rbh%*5C@d7%BCA1=ay$C1C16wylOEDUG7z$4EyqC*a*(O z(+&rwJGl^?BGH0HGvqjTjN8POW}-8*McH6YCi)N>)j$P$^e9o_h4d_}Vs&76_t;Tw zB$}Q*#ss9V2U?%ueVl?VIjBtEjAR?qsM2uj6JAWKsSatF-PJT0l{Cs*;BGVR(!8^s z(#9x~6u73vX`kNF%_l&@Y_r_vi3ym~?);}Mv+`g!0EUJ48g8RqBj zSRSrzEGZor@F}%2`xU|atJNgJcQi$p*3dT-MY_M^Bp!&MQr zk>*s0gZGREe&yrXUl1|YDIIZtehOZR^OQ?Z*$UzEDQi2k0tqjN%6NY+*@T~`ebI(+ zboHB?pQ@9I{9XErTQRXo$5_3CyF6t)6*6tSo>F(j+CYTp<`Ap*<<=f!p3=$we~6xT znC@iw`~I?H7pcwcXf@dJ#t%E{i@7PjGv)7BI7lFYA&L6r)xq&GKe@i1ocaD3NUXB^ zo0h)soZR)jXSsRmT7T31+S=DUC){0yyTUuStwer!j2+xthI#egn=k}e2_ z{v9=KC0C-RVx0Jpf-)D!zNXT27_LvYCbpXT;5lC54#XHj$K)m>BS~K z7Kt4x)dqBs<{*>7lRFr%D}g&!+-hX5tn&WSY-GajkhzhX(>c2qzb4xQ+7TkMvvFrn z&mN9iNvRsDP?A*QBB4(?0b4E4l@+8qz)9p8;7B>HZ>WsO}c`GsqQe6 zBhrB4R*1udRaIa|3{!EC@J95kv77mJW2Iz(Y@@;vvggiB#*o-8ayst`Y{7Y5lPFSh z7TGxbGV)SmNH1vb17XbU)`X|(tdMNrQ(=yuRWJjol@GTZ`=7bsP) zp__t7lc*|aD%DkurcxL=JO8?+<=aHQeao4J!8ZfNlVQ`X%KeL<45xQ)+L@iVrc4bL zfh%xK)TXW`hi75kk+W=9&LQNb=(OdH#j0Ssp29({hVrPwC}~vefbtH{47!K6N2<0{#)0z5K@wXB*eT(wH0JokBvEo#8fS z<|4}66NeoN{ED3o3dL(3TxkBFf8)`tO*KJr%~qbbDf~$)fwL95c4-EA(Fj3@8CkPebfhH6Y!H&gcQDG$fohg&F;LUr6Kbou!>bX#@i}Et7=)srcq}q87 z^|T?9AoWD?&KGR+%wTu2uCPQit>C3tvZ$WTFW#nTD`eWOWb&q(?r}l(>D#H-)Y8~p zTLXNhD+|!x_Gs=CEMMmkvd2!4cUIzM{Yt!~^Gmhm8>r=`XDksJ5W>I&h>^f0oj?Z( zjZz@%Pq@0~>};%DnuQ77^anm{JB`fvE`MpCuzNk}+I;^vlq5+3nd0i2;yVSHrC?## z%#7w=%|vlaU~b@bO(B@>W`Qz6b1!RCsmR5=pG#eg?}RtUOhT8L4BL>vi7%k9`}Gp+ zlFqriwzM=i*1-90ms_!KA=E?RR`k+Uu0p_g4)oMf@VHMgB>=gIA+6Sdtwa@&dDzci zlXy+hTRc>9@DZkt27C5MRJD0e3AE%GmHR~&vwVF1h1S2H1tY5TYMZZfJYIDTew=^AL2&-QFs{`5G%dtxHF zbZ$YfBxcbn2DKJJNc4e1z7TXBu_ko-Dn}G~ zF*Mcc#lB+V*V)G9g@ISkb9P;rT?TccOK_Dn)7}3YROS<7hf!EpCq=cNF_x}kvR1Yj zGB{I^8I+TnpdUsfk&+c5qjJm(L zWR!D$>HR>leAE2bk+t$m1Mne@xIeePUE^vsVoDT3OMu!tXm2``v!KLPY1^Wn*hUp? zbrC}JRgwiNc1LlU&eFC+QjaiN8kv{971a0E8*|kdwzs4nC1vu?>R4r5X#qx#e~_-N9S&Y%z@C^r=Zh;Ehp}-a3}t7 zzuekY|BL6H|I_o75?4$Z%V{l85~83P_?ML1{iE{Bouh&%*mo`L`-7cf7v`TCH6IIl zVe2{*A5tO&iCMJ7##R=PW5`*FQ4}>Oxznz~IZTvjG_)~3sLZ{XVL{dHr2vRtmu0jx zo_qO)Ky_D1tuWm6>%`+6s1SYab1rYAPu6CpI+WOg;=)QNp$f-L<_5Ql z=vdZYZ?p2@#B#HM5jM3v{N488)CHi~1YLMnh=0b?)bZ4iQWex zYcGKo_`SlKm5l{KznykR^6y0AonhzU;E@~Tnh_Z%?xxt}!WD+ve;b#BPgA3LWW`an zqPh5#)eckf>wU(x-57{ld&MnUPo-o+cJmB-X5--8Pz|!}OkWNC7 zU3hpWi-rhV7hno;BElZsRWPJElW{n1Xww*nDTvOFtN^)s7Bm|9yJ0~=3l7lH# z%H!4Dxea`}jW%q{ww4d>dXUFbf?6=@on7$dg~ROk zMA!&8uM-s~Aseg|r?fRu0#jj&-I}C|T$%dt>x16rqo>0rf28E>iTl|{eysb^-g|X; zW&OuHJ_hgDmAPKW&Lj8Jaj7Vz$_2%B;<7KkUHmRMdV{fyus zp-UDj31h{UUX#HYSo1 zoZKpL<}dJ#pkZdE;BAs-A*rx6v5d713_Ue?ka9S>ll7BMjJG65P_A!dovRiSl-Q?& zfAlOrO6=xS0Hg_?@jp6gjYAqg60cGl<0v~Qd!^wk(B2}WT<-R@L8J@>?wxoHidJ+9 z%2;(9Fl$@tTlh8-%-l8#EojMIE{`XV-Jy5cQB;2Y?R9{wkdf_q*?ly>xdt13W{y5 zWo2@mkY^Zcax77(+ND}L^Ku-uj9izMrL0v~b%-L8yaf{5hRnW1Bfz+NclG+}?M(CFEyyTRh}j}$4xC!Yxc=;%#wuARNuBMj zxJ~~tYYD+)PBqW4nSI@-Gx19U>p~50z^V0VnEiikGDJW$q-Utu2x+Ny7QygTc zCjleSKEuB4MrKc?Ls*m7R11uF$MNu@zi{WC0y0|?16)qPpd`(D@ zZSB`~!H;xHyUlGgOD@c~=0#?95d8 z5Bp4RlI!d59ZhRL_2=W;FWce8S$TZ68Hw+3d;_K@*9vM68&*V>7yqCJtiv8g2~y7> zPKM(pUIO{EzJK!ISDHlVALt5cc)G)`ruk?!JPW?Yct@X&XwP2u(YuO*JkF zGOwtr)osBo#vNUJ>Q$j9ip+6>=1NnhL#aNdBd&?d&AnNWS9(*maP_XruOIu3cFq6s zpxFNU?h9X_9oxOMbZK(S)2@k$uJ%*=By?^tsGW2=I)!K%9{vO>bja;chY9q#-Y4CL zXh=pRlE7B)lXD?Nj9 zZWTT=Rp3^p8L>9vfViyPaN2kL)P~uK6~v`)Wa95m3@)98R}er0s8o)K-6Ezbs{2Z- zwwYph3?>L_si?b#SK*w94W=*#$#Z0Y@YK}sqSL9+nWw(ZGsAV80a^Vp*JAj4fBwh0 zgoI>qGeB3UDhh0}Cqp1uzV6q309AR&N^Ud*@zHHEVSPI54rwq}S_9QK`q5Zu z4aAw>xO#A!YUfe$LKgRwxQ5$dY3olvV{C>{@elJ}Ou9bLnfu;62L1{QK$A_2pZE`q znwQGv_iReYk#}Fb9}|%!kle)Ox3+Qh`FY_C69<8^F5LTA-`1l^JAlPpxUl}{RqLKa5Av00krbu~! zr`9@7eU*GoHBQNdZ;t=lN|D^Szpd13^r5dg>`c&PP+g<%6Su#f;<=8i*ZzEp+3#@7 zyee<7k}LF}PAgU#Mz-qIXyenY?RXM66>P1?mgth;^Y3;p1qKEL45znzeYhtqbV@7i z!t|q!8}5ZvPKPvyR?1U^Q4ds8k3p4q4PuruA9=!Yy5k3uV1FK3;CLA3aUtZQpq;X& zI3-^L4FCrk$x#+t>qNV;q5u5c0yLo)zJF~Ev4>Ud{0%J&AIoy$6W+Xi`?k5Jw)sjD zo^gZ1M+kHUgeYjD;C`LG(ZZ_?F9{|PZlJe|6m#FPbo9wvArn2qjuO+%x-1V+MUqup z(bbZ{BCR%qQJA`fYP=^ZGg95v?}$}KY@F1O=Qnq6er<2#B@j5CoSZm0e)zA^5i9|| zTR}gb0Wq^Awj2ADkf!A=F{GftP8HGMn(=j@hQmBnR321IB<2pSy3%)S`D^hnYO{^= z78Wh@qrUL|=AX}Pm@H`qY0dqr6el)pVnfx~4!GkQ02X0xNi%I%F^lzr!vL5ZuNFs% z$!vi~xZ+ZZ;8Is0%!1%S_%{FCQjCgZ!3J37TacH(urSsh{uFx~v2I1BqR45txN#DZBH|^0TyeG^BO1 z)-bPdFIVk`nDvZhUag&(1UNCJF3rX=4X!{VUT^}~Jr*=cinZcY;(n2eE0~((%l~MZ zPR}jze{KG&-30w0QuveUf^9oIiSV;Vdt1X^uIWmwmx4;Kv}%3sHgQs%k~6kgP#_1V zVo(IMx>~`L&r<_S#{wH`7R!7Wzl>Xe1WVxL!en4rb4}x(ndDNZSPGWOK#>La0NQDI zSsk}}l`JvATv%DA99x|EZ{xMh>vx6}Mil}mqf$i*b#~GU>h2!*KhZrnQ0{Bq zX{Y{e!plt@B>d(kk&^GtK9ltpsgaA3JNnKHR4&hT3r3ZZji;@PlS6$S#Ocybc34Q6 zMHCR`G?!M)5+j&9`Nwz&;11Z8jO|35vhGx!5-7d;*QS~JQ+A|@s&Mdl{6$bUw6q#= zK&yS_KOP8Mnu>*0$=R>HK$tWj4>X{a@}M?>d(v(P)SxF~XihiTc&A?&B-pfs)K~)S zd>f6ucBHF2-xM^Ds7$BdGgk3sb)vip=Afia-f>YKq*q>XjLP|&W znA0Q`i(&o-uN9J|6%dY#Z-4stc%si}SN-Ywo?fl}TmBqR=olV)W&z>fv`fpz_Gmgp z)O&zyn0jP+OLUR%L=m9r2NbIV-0pf4uyu4&k^pHtR@procw~IxV|q*IbbCI4ZRZx@ z8XmSW2&FMDI1B~_;1*dYQ5d*gHp68WSU%*hPxk+B7|5%rKIdF zM)I~kDxR6H9%*CpC~+n!9pngK0Zm3ma@LC1T~tqKGfrEXJeocF(PEySz1RDX7V~eU zW5hCGH`K67)uC{LY|VD$64p3I@qiS}`#@+8&>=j!Ry-B> zJ_P#U>%i;E!RuD$IvVD*hD34b((w*!2r1@ty2fw&$e$kAe_N<|zWdDb;$u+Ug|K&F z>0wLgu8CBb!0l`-e1$42wR(Mt5re^E#W=Z~Ao^Ldx~qpxeM7;?0iJ56t+a9{=**>f zlV4%3NonE^4&oZz^pu&h!K+*2V9Cf!=VEzcQ|BOo>i^+I|TZbxP@3Aa_QJS@+ z0ut3`o2DihkXip}!5_eRFQ^^QtzVhl{v%(UhkRknQs9aYrs49D_qZ)${!lA6v@)2s z+~+=+0YK^Fs!n`~h@(;{bP@q$S=nv0`0RDuoZ zekvv_<2Ewo@}^!f+;x3#^k6@X1w|} zyg7#mwoG3T<)J$;-ME7+BuK#N)39w2X|ql<9a4h5w`+tU$}fL6>Miqc7yraM{)Z#3 zuT};1sStK7AOhfsaOC)ol~uK#e^9FvHi3U!UWFWp{hfkh+{MfZc>t}w}D!3pZYJvixDU)H2Ifx)HP4NQK zVn`*-+fm_9^q3}uHG)~A1`Q%%7DPfII*X#oy0QyX;zbuuWQARrdA(Nt{8xyBlPz$Y zk+VDnL_Hta)y=PfcJD+Cr&J9w_s=4(5rVlwQUH1|BFIi!kV&p6Ra`TpNfO#cnAG<+ z7!2?7r-(Q*NDg4&l4B~lL%m&POPi`p>hzh++qQ(F?TRkro1T^fLQ7=D~C_X{sG zygaRmG?lcU^NoiS%ymY^hbRN=XJ0;ic$w`!cMr-LnCeVynwS_*Z~w2#PpRW-BvgKv z51VGhzjNYe0Z^q#hb3ZfNq;8IO=F>n?NuKy%Kpra0o_-j;P~ih#5u<5!%S)4luz;D zO?^8T2IQANwfk-cw9Ml4hFNFV#Q~qxXcc@^%E~^^ewYGkz*27hW!;!<0!1qr-tJom zTAAD^>W=~0s>G{Mqyg2(#Vky2uF7g7*Yh)#mB0&bK!LWo`M8v~hQzH*X*( zb6`_i_~I(MAL5D|Mjj&9tdGh!s5ep3EPd`}yrwgDm>n+416*E+pTa|<0GErjp-_g= z82lqa+-xFk#ja+OycO%>ZK&7Ct97o!V^0AfMFxi0q{GqWNS1PJ;zJ&+8wz@iCRSXP z=l`|$B1p_6L1Mlpp_J6K#ald0v)l@%AnJ5;OfByml5-m-T6plPlK{=Yj1hI#*c9jH zdhU6`tLIw)JL>6Q7=l1~ZaDiAkWW0VsHo_JS=r2{RnGajqJl+;85j?E0nf@K!Xfd1 zn}8_6p)zPxi1aDQ5m@n(_x9=Awzxr7yEANbZ{dem-MMq;#MvjvI}aU+qTlc-BovuSqpNJk z^l11lOvSc@es8sSzWeK^e4~Z;%S)dZUfZpC!2jsK)eq^s`j(zTA(5%5La76qa`*!p z?=WAwI6FjYl%1IqXx1ZOg{Neh&hijBYRKTtAde4N6xZ|&QD2K3Zo__xYlMwM)8C2f zlj>5k>~39>Q)mvCQxG8s)&|M$U&AF=YkA9O8tNx{U-VA%j&Jj#onszKmHTZ`ypkBhCxr7J08 z4Bto$X)ZXh_wqk-xzSC)UyZzQjwO6Nv#U==>S_L^4RCatzC6=2m$NYTdAw(ITgefL zER1D%G>;kV!>lZ`$6Th9mnJ(v9G}DjEvD(?f?2jeJR2T_9C7h-T)r zU9(|dpQda5e97)6xx}*Kt!`m%&DQp*%KKk?igR{{%)YGIu>3W>C2VQoz1!;pFH#Qt zd@)?r)Pc~kIy1jYxy`Hoz?bcbBA8*tVUh*Ao7=`i+V&FgCdyz+^dRZII*M+O!P^n+ zC~H+njobjH6@g>I-OrBqcFDl3MY;#2$?whtD>bYM1{z6Iy;Se3O@&-fQ<6=qBKw-v z0n0vyCPUL&)8c@}G*WfvXTB3q#lQUqQ0;5b@Yy*!Cx4``_xzoE_nBL%e@=kg?b9@^ zKp@)mXhe{~*%0<>?k?mkc32EnWif_lHQM%m&BbL0on$7Oo@zy=lQ;!_s%DHMJumC; z&dgTqSzZc+iB8zkQ2ON3mzP6BLHiYJ=|~=VlaeXOPoxLg=t+&R4f*O6!$Q9mV!Fa# z)|%1wyVHu`WZjUTvErqQ)fRT-W^FMNi6WwOgJwW796=nCT~rEnttu<94FO?6%9rVt`n-> zLaUd1qc9~=R6tZB7zoinsFEr#TdqpHObrKxB&&0%5n&buxsLZq-b>L@BsG8Xf_>-g zPX{_g7+N;y21FawD~mBZu4P%?x&)?9gx^I-4X9 zU-9O6r?k0v+|%Uaz>Uud+_)CpxN+m$cKQE*H;xaAYkJMSu5HBhfg=O`*85fVJ|eOB z(4Xnb-g`atgjoq=V)zkLf9{!g@fIiRgGZH(zKy(^yT0_jyJca-ehJ*#)gLULls87y zXJ@HrQM`@yNTf#7bEjwmZUkp_|J%{v->0y-%18tD5_>B|1a1fXNEQ5DgL;|75%vXt z!YuE;7t!hv{!uCfhmTr0p1;raU{$hV{AEWVAto?7Glg#?X)o%H)CdsD zk#QL0g`)v>6F}jHGU|T09BLTz7kL}&N|BqN4t$tNK`ke|2-uD+b5hA#;9D6HrJgFoo z8qe9woZxP-`GAy(#3~Y>pwxgg+*BdH=U%hnEzo^8`ub2S^z+jE2JG7)z(=SalAGR#ERYayTAPr33m{m65z^xxc~4GXDb=qLQqDLjzn9o z!$UNHuk!+Y`LQC(*yECYHbZ1mx9!ne+9A~z2NY;RY9Vw}R3S0x<_Rj3f){6iJ0u$J zqtQmF@EL&g8CisW*EE?l3W+z3;vT9d;_j51~ z0`|$^H4O$Zi+63+1YuuGEkw298*9y=u8v6X(O^fN0Op7+J2v@0EgyF0EL=06T#SFl z`D+;$?`fdysq2YvxXs;swv2sQ+x>^1TWV#|PO;4}M$}y5Efw#znXtYtA$E~N@_*@7 zQ?s@2&E`r`_pmROfKc`|LK!>VI*{|uYww}Q`KR7l-63V077#gmJ4AS%TuV3>QX?V1 zaIvOEXjAolxBZ;e4J8~MN6ZX5;E=*jOjAW&Lqp@)RfdHmjRx9=i9YA3zdFTO6}w$G z3R`MbhGFX;aDlS)%GYRq?AvKAb4%E2-?9Z_$mJ7BGy>%kdXU9;g50{qEn#iuri_Vz z4zR71rm{^ds@md~9ftFQXnc;0U=!^OZvIZjko{aprXy&EAOm9I@59a0?G18^Z(t3@ z&e|GKC_>mxsdjW_S~!h>jfUa*4I!vU!dK-I4aD^K(&BNK6yamgc;^y~^VH3h(2s0G z-q|p>vwS(u?CWioA6gIdT;ZBVa`60M9;=JnaT1$ODaLd^1sL~MZ{P0_#siN}O$-fv z{BC|I>aQt~NMhmfqyUl#Wry?c3W30NHKf+&sArOaU8zJkh+Tb5(5AsvKp$m#N;pX9 z@Z<6JS(Vhr(-TW$t;x#^m2<#-=AN)!J|ph&Kxd2@jabB@7YPNY1too2(;-rfQO4{4 zwi&ow4_iI969e@Zh^j!t#1_E`V)$`Llq6@q3K=CtAyMKUbo&}Euf*;L3A-0Q<+m)1 zFW(RSTwN>LeRQ3Bl-k8k>NK6(3eg^~2|`Fi;3-37If^sWYRLX5ft*Det zLo-7MS-HwJg!K$sffOg+`?5EjfgLbyH`X*hpsc<(JxDk>DX97Um#-rNX`tRKA=frc z9zA;NR{w38zcvnrm92*%iAY);Ez&0UuSRjb+4{JHn62bS;PaJ_tJ>o2Rj*WSk%`A^ zk2#Auzlt{>aNH>;8aCa&bJFm_T;1~G(m>d9-Rs)dr{3Ki_{qx(MWEYf!rN{|YSXW;Pk5A5qVlF%4C(i>s&n3%Amfe@4OvneBi z=6|#HZVB~bK^Ig(5z|y=0)ueQN*V2Nkz^`tWl{JGoQK@@p#5t-Wi5IHIq@Ny!`Z9` ze=$m!0O~pv3zcTP0ZQNa_vD~xZ>#!}!4tvjSVM!P%qLCv{=}otr1){IBiYxY20&+w)M6nEM8x@xOuG#sA12x?}9c zP7*~3bW{yO$exWQq|F*5F?Jr^s2Uui~#Xw<# zfo$=BTZmk)(%l*CS*2>>LCUhBU)Mw9L z&+Oc8^4I!A7Hec-P?i_Lvz1gD3?VW5Aho|jJQMda#kd=2dYaxY^}BUI-LOD`C1v%C zqs@`W<7ad?>qegL`}Xj$X@=cH;Pc`A5fE1 z-1MgSrdezXq;|1d6^iqda$tZ`C3~BCc)<@ilSxFUT&A9YI4+y?yQ&#B&U_rMyS~98 z;y3t+79Qm6{x%Ozv2Wh>;Q?)x2gbM2mYD2SCCKFV902{7|ET5s*(H~hpu+W z=x&KDk`YyJRF{l}{@h;-pQP=0TCt?IqIOeV{>%C!J)NCikMm!i(OrYBEjrTU?mf;*1gFK@t>O0)6U z9<)cdPaJ*sA^E$*j$jx2> zZ+(vRoYIvYKRh`$7WejUym|h(d(WOdJ>&IvYvEtAVXry+v)`_xj|cAFJ#r+#-}Vaj za;`_r%Yul)6yrlyhhk#zbVkKC>?X&HP^-t&l+M^=R7uuVqN zx8y0zB_5d>%A(Ig3Hq3AhjA8SCdeg1hsrb6Q&%A!MD!AQ%p*mYexPHtl=A}17@q@((}2#_stub z@s*E%z`gRWPxHBLZ)Fl5kI%NZKXu2v>WU*DUz6Gx5&9!W6I2e-4>nV)?(e#`CX zPA{zOp*4|AXRBXSaVkIC`ul$_;EeavwLzs%i?TEy4j&sb2 z+!XvdowZOIVf0P(E>3f^FsL^Q&isFKkMVB+t%dC|H$w=ri}>4+w3b81ROTr@MeYqp$a!cTfEo5C1$h7whHlTYq6rqgU}_OVjE=EU zb(hjKkH_KL#Rcwhz^XtYmWo^tSE3P8;%Nq*1#7MqiNF2y?}ug2muBlgPkp|3a`)FM z<*;wxAC|opjVjwxnCL(xSmzQu%EINSP`;4b95B`g!8=4m48Miq$Z9u%3r;*XhFU^K zkBN(6O15pn#PytV>7j0a_V&rgir24u$^z=#0xSCO)rN*#SnL|VGSgG%)(t=1FKr13 z0F+}(KwX!co7LH8yi9(jSG5GXa667jemS znx>+3{Zl0^qJ(e&`BI^320P_0O{5c445MT(2cN(46Q6HO}eJ4x|0yaP?43V$F__{ zkFB!Yba2;EXJ-RjliRw_K7RZNJ;po`o;23nKQ=%6y`pDhU0`MZy^|s1UE_P|+}z#Z zS5&0HJ4Dw$;8)3r;%g77uggX#!xHhBW&~aM%I%RLF;rmV9u16Fz|U;(kAu4BYG*#a z?&|7lZwEg(t#yACWTu04Hz!yOxPz|a*V%`&W#e}%j_e8835jL<>-H+BJAW~7uo4q0 zu~b8aOoKQfJ)DC)fZj`-<5OQBlm{iC<=~@4ea*%HdP>6WFaC_-`P znif&kNWycb`~Ci&-}C$bpVxD9>)u|sZhX$?ocDR3_jwqY5h9pZCx~!R6>SZe4gTvkLMJ7#l z9si`0mh*DS@=&0|Wn~a1q!zA!m;^@v=(ARbp#JjutUJ36<)P!#!{=FY#XKCeci_zx zQPB0;UQmRlx6!dNq)|)|rKI2>rb@Du*oN+;m%?AeB5705wp!5yJX8B${;OraS4$13 z;aZ^89(nJL`3c9_e*FC&y$i^O-c!iNCiyqYB;BTd^lsp&`pvFaW3p112fA%ITefk*GjwJSGY+zq2}?*5WnCFCn&MY2nQrgR>9i^#yLtIw zYsZ~8^q^2)XIVxv`4A}UM#a)Q@s5Aqs%X#R8@5kxE@PdtKp0FWh8S|qgDKFt2FvKg zOJjK<@w2OxUMh&rmLsBo{75aVsR?>}56F)N&OiOZ|K_lHb;PhH0qRIdKWbc*pWV(_ zfm7G&;%DHP6~K#fwj^7QF35V6fdU%J9chpWmH#E>V zpfqHJB$~*`^qZwRs$5e(8ND{YJ@)6q%=+>&Tx)3qpfTF#qv7Z#SyP?ae{HmRP$^5M z)Y{HY6c>CAi}M&nAn@iW&K9#8P;Js(ZLjCgZVtBhC|qRmJ+?IP(-pw#8YM|=t!xT_ zFPePQ)`uCH9O}fkY~@+cpS z|3?*xjEbK4`s98uuZsBZ`ai1(qw5<~k-M}I_Oc-x_E1ow21^X5vUHqH zI>%9%6r@x4aE{lTVZ<8W+?>Lkj{1)lAfq4PDEV9*Doq*nQO1~2FpU=F5Pp@DgJR5G zat4zo#HO-MrIKQ&%IBA#7si5Z>;|-w3oniLM$f&^F5d6x=6iV)>y;4yK87_!OT8Ly zH@IrtrMiB<#57BL#J$aa%y`N~3+WAK^4%=&M-lKDr|;kjEX%itPZcW+#oHBLPUKm7GDK5F~kw;fS4V4wfx^=pqu9(V(Jm{NtXiU8&n^`rBV zkObS*W|@ZkHaBb)gB^46oHat|1OkV^>0yg-jHSf&F~S ztlW<`7WC}%OkHGWG8AtBb5UuokmMXNeS!W<0C>&?bT*}o z=t|u^RD9tT#LTN#1X_{;2B!cOmnF$O&}9(pZqP?qkj=*asxH!^|G#X*uWa(z682pp zWSw;N@9nAA4j$3dBja}Wl_C4Rlzp5#qv-mfPq9B*Xr;fMd?1x5qf^E}}Msg0b zbqoc?40y2gO-9P&ZMzM0NRga4_O34cO=1H5-xEoVU2tvbynwJMe?R|GU#XG?y$^dg zzW;<3gpKDLF|%`fH-0`|_&71L?XuU444INmEDZ4dm`ErjK^#L)lvSU>wsak#A!T5y zVIW{9(`M@rY?aYV5{{Pm>YDKcbdk-~y{GCf_y_#{dvtX41h_Lo5{X^(SvU#3cErZm zTHCIvyMd5Y+}(BuAIGvV)BA6R&}jq(J2={*ZGnW41RhR@j3Oum-vW#aHTBDd(U^t5 z-|HXQnCC^rH;0qa%kQoRb*wE_)fVV){Fri3b5D6Pk%JQpkh+>>n}c{|=|bTX@sc4S zJgmsXXHZn$ngm~e>sn7m1RuYyD8e?p&Wd2^sf*XBpehz^?M9o+gdo8g_~zIq#g_?h z>HSP?QJ01Qd7%M6-EWf-k3|qFDY+wq*G5|p1l|pMGFl8E;80UF>XrhAIYh6sIzzIQ z-O{}x*(Y;e#sR|%kG%hYkJbn0KJrpYLYUUx>VUU*gb|hh)wJ|kL9t0`7vvVr4w^aA z>R|YC#v}!ORrG-xTL;2c2+$q=*$wGpY1|h2PA0-skp;-V@qqmMhw%xZVvcQJUVOLl zJ+%;8qM)SW{BwRy@yMM^NReUDZK66x*IDkL=tsE~z!aH#WGB*!;CeO`o_-sVXC<>%|O8|%x%5E!tP*Ku32wnpQT zft@ME!o?q}qC_@P0>*;=2-2V^V@5ARRLA_o(G;N_cwoHptUh(u@Ifh8fI)$+f1Is~ zg`$LRfNi=IGW2aqvvE^({2A)<*C)kc2Z6H&)#5?8o?f>y`|!hu_=M%JZ{1yXZ`&N- zpTT}0aEV5zrzByR$|z%aW5!erCIygsIwoa^`YOgu^D)q)e+h%{{(k&4sAJ{BLTt?3 zus0mCEi8;(`Q;}Qj+%OK!ncpa$-=L6)x zW9j}fJ0Ri%P2a%eB9NCq7${B=fmyWJ?>qWxM9krGJm4bg8-V4~8jwkPsQaZMOp;5* zc14B60T}70Z1L-dNV(wsD)7s-=DWtD&_mCKYt(2SN5+{L_sM5N*@@@=6b{0jm-#1^ zWI-y){)f11IsbnHs`&}7L?D6^REs*gAs1pq}+8;A+F~%*THT zxn%NYOmgPz-74j(jUQ?o^HX85bL&wvM`C^sjNTpcbD3%pRDrX|Y<^RbHt0vsmj`u39Xadh0uL~O-4c-gMv+Xh6-DCu(Fu&lNTSgA@4*xg zvb(6xm1oD^$liaE-av;z^Dw9n(0Y?{{4y74OcL3G?~cYg$b}M4OAlQNoNBsYzeRwB zHL&Tl3Dk(+Hxu~kxAu>$*0nHlQ z-+Ih&CtVLuXX3Kr>i5SFFJ1KZZoYqSWg>Ms=xxi&yRh-`mWYLfD6rZKUpxi=W>Nl8 z2km}QCb_mqN!l%xW>c91<8M9_AY^6qGTk_m>c}WKkg5&V#r4L0{1H32n)FNUx)Dmk zTtfE|a(DpwjhY^CPi7TOpIQRS(&s|dbFLW|H%q4GysQWS4gnp1s~&@>PZjobh_pUB z^!m&2#q<8&{!#GJte5+|b%dcxzm(W@wL3TcV>kbNlBbn6D-RQ4$6+g?gA5Bq$8_{J zrmMO?kNkN5O?lU@Y^{T3Q`u*aL3{kh3>I9~+lh1#g3!jyhRXUA8Zh)6#X5 z?Th~Csx85J%)XNLvD=mj-a*z9WRj_(A7OvK0Ge^h6U`ce?SV!Toc!4N}Et*3+d~~x1P92#@`XngE zqE^(IP0Eo-r8~%PN-tx`$R#jT5f*rHt5o4t&D4j52#bI9YxMf4OI2Gq)INxPKag4z z`=dLd@Z#dbCVz+VwqP$WuhM<>R(^bwaz(eMh4_Kl+s`y$vxM2_u*0Hhj5?x1JZ3+1 zxXcoH5tYYfpj>OvYg_({lYb~IXzW4g$FJM(#(tmcOI;2eUz;1dALZhbTiGNm@Uot^ zxz)MNIbBK2<{_PgKpA>jh0Ahi)TOStyzTQTU1s!nu0p*SOyxzH=~!!b_*~@-O+Lwa zz*6d!qDEc6+{y4p^?Y+;@m$63yB4DdK_HNZA+u}tBfDY{Nz>RDgoc{HnP&&@p2;0O zt?^pbw>F1T{c34Z-PmJI32}0%j^3HQw=sVCvlKUkUBvRo% zfmGz9Xi*K~$jLKqqs>DH55~-0E!-&F`0@H<;aW&^w8bCq@(gV@p|*h9KV#9;%8^x0 zRy!=0fL4=8!KB<$w@v~N@-o;abbGU@gy?PLh>YUJk7~QPmq8zJWT-BZiQjewiQLT< znJ!^5KS$xV=nUAlZ;xG%9UpIR(ks*~zMvjBYD>W2;AH!Ap-mA=d1cfJnzUHoj)*K3 z#>cLkTpbUbRaZF8G(re3?1{lis{)a~$R;6IQ8%;slT4n|#AF?h zvjPWuFI;G?@z1%?T3`Qwy3$_?4*sj3;{EkkxIeb+n&}9Oi1yOmo!WU=S(9dJh3v9L zdf@6aUWj7IY851;ffpVXMBc_^(56k_lp^rBRR&Or3dZ5>O>46+i&wYrSr6ZMn7?=C zUCX)E)m>UMW3At2AI1Y6GkkIIwZPMgeZ0ZmZ#6phjH8ZGa@ zylPh(o5Qv5GDC5E_$BE_kshguDvWqfOo{}?x*@^p~E8bAT!K zJ!avXbBi2F;AfjvOeYB?WE=yb6UEUMXi@m{CM&mT+`HthMKBS zU8fapx>d|V?#VUCJTc#2ew*|p`+fQF>h>)Zntxc1E(a*Mo`~DRm=$&s>av6E^OF5i z%vy2DC&}y7%hTJVR1&9&W}FaEtKnT+s2sM72!`39in`AiS4#U=-_rEpm%U(?)v>X( z91F6KjdKfq+ZzIpNZnOVZw?S5G|6k?rA;CBCegL3dFbGsPC_0yJ)Mkp^Eaggl`9w= zC@KMdquUI(VI#77M1$ch=^G+S?-E9WY;}nMOD{+v(>vt-H*=qRk2VC3HCdd8kl9`n zbTNGG$CkaWZ9mpmcR{jQT90xV?`UsU56G1XChhEsp^&o3B+_ONeZ25-B(q}L6sVJ= zo$vy)S)gHqs6zMPaJYC{d#ld$vooWk4GF1QGwZVx$-A^VHiqto1&*~s?E+)|J#faT z_rvZYi_u0%69)ZNnwr8T^QY^@wu!nYBpw!b z&xD+*gx1v5)VrxD7H~CS01{4Scet*k)suixjet9fdRGyXB4jmb@{)~2$quI%^oVNs z9Q~t~!u>za4FX}<*VjJf_en7^7#X1)Op`W+xIrbPr{jX~uG(H4i|+I6w)Y8}pQo^_3`4KV$%Fw!fy14}01 z51SP*iCiDfl{$hMe}q!IW4NFP1sMgE3sMh=wm|f$B!iH#>ayd<=Oxtk1Z0cT){%;X`)l7_EEow50R*wEdh*BjM^lAsi|HUYg{{Qe zj7ay^F-9@#aF^?FGWTDgk&utf_~Bi_O;bQr8YD-8VZ{7x1WGS? zS}3HhNwWofeg7n&2Qj{1dY(LapPW4TLoPS#x}jJU3LJJzx$KzW z=B~-K1p{{*?I5yR9*f$KO-WT@5ZQZlG&#~jovQ7}!?)IprQmAKc~Zp8QlyazbNX59 zu;q|O@piDj%Z9DLDj>E73S%Ny`fpS6pR>facrbDFXaP?QDRN$&qrllp&qgKK4VS`T z;27A|Uu~=Fj5D#?CSnP-e2EVA%QgHwbm(VL9+=~vOy{-{O;~I`1&*B?D`1hfJ~1A% z+SvgfDY1GNf0|5%zddMSL*e76n2@c2vf*4qThSXRNGN5}$3WR5)aGeWz;Y)i3J8$- zCw@j_Bo8m#~hu zh}Ey#_0JxOIqqMMyfgGh!;khV2R7VFv%xlNSj`}!vhJkz?->ggecK~`iwNMn2KG)b zt(?vAWbS7c@TLhMn#+(0u#*pHP?xN=AXX`-Pr?^Skj!pi8}RFpK<_h&qL@sJHwk=j zd-t|LZ|rT%_i+F7QBhHYz5aeknIc~NKvmSjZGqbVy88%+8r;tP4)_PxuBc-kp78&~ zKLyMNBg;&{Xi4mQ*b59E077<}fVNLBIENh}n&K8-IeXhvv7OnD;Kzd!B-;=MA^FeS zhX0uQ5E>o2Mud0tDdeOD__c}eK5n_Zlo;VvOHVW4V;yqfS~mgI8V(P57oLw&&>ZA`Ru9j!3hFe z4rQi<_Hf`!V-S?oB$fyYI6B6iu}G&)vmC@W&l|?opLA5mnW1jVzu9zrDYv&RKmUty z>fVj;4NmVNeb|ys4(hmnZuLX*mSvb}9~m3F(d(~ZacEC=vkmMxz%fgk3}F*%3AQqN z3;n>cl`z~#db@;!As-k3SSon^X`I@@)R0Nb2pYc+6 z&rc}_QHh38{lAWIium}4t+Ej67^kGa5YFkt?V}?FdT-xGE{0Fd4W5k}>s1yJKfWXi z^{^fO!xWiX%Oz9-Gac7Sbk!E*BzOH&>tZ$C+)j41$GjhT^1f=05wECI;c`?MHB6F9;tv^Yv`g_cU=2sNxFl4Ey+t!-P+aUQ)}RZ13{+e z-}ht|u5*dNyTfJJpMU>oN-pzlU1`4{{`N5rwFv^AwpikgR4^7w5DJo&-q(H&A!N$i z42Ai&N-3XG9AX~J5uiuIe1g}a1sU<{#Fr2Whh_CJu6(U4KfmVhU0+|`SOI&t?+N-F z?@ww42K9a{?)Iz)u)<;<$8Ns41HO=X=QyE^-{s9X3Np{r-EQt+lOj>Tao^Wb|HMw7&c{kk4%ADl(|M(0osaB2q{g}1*RQ>hY0Z28U9wnRk`%g6c zig6iOobYkBD851%ggkDWxs@-_3DEI_WHG%!x{Y>NR+wvjNj22_VC<~V!qU6F;AH&d z?)b&?Q%{l)-3{6RAF)TBE{8N5i~BV!;Nc$yQ4Iei#l#WWCVan6`DVE^rhsMeiP2!V za#zN?0OH9oTrolkS5KUlC5Kz?tRT=an*llYwE>v~gn{}Vt0!N=U!{zmQTHRlzxs`q zi7^OFJ_Bxq2MDT!dg2f=o1B==H$vZi80?GhblJWqCmEt123uQziy zcTeM??oP`Ts}^cM+lA@P_y={v^fTuFhMuNb2aGLK^LEXDhKyB!EXU`?(M5Mia2FZp zW%BZ75uEQx4o)XWMInARBT0f4c*JTbdE~;x=htcvz7K&y%9h3UaXt(}#HVVLn3!L{ZT!#(%jq;AQg{AumKz}O_GzZXMrTiJUlZ-=k*^)MM zrqQ)>?TMHa2CX066DQ2V;rPiW$Tm8LS#XQYEKosK&=y%FI_ZlXQ_4>*lacd^?%u^` zFwOrr-=)*OrUM#ArnSB~&AzYt8#F8o9t%eHgAzkiGt|Lh3*}2_)0Cfs-O<*O*RS~c z%@F)%ihekzp%JpOWH4~gIWMo)xv|Vtfa^awTM94E&wZO3(*J&HVr{wh5346C_6QRz z(zZ-mmne)w{v@=c5j~3Ncmnf9Ln3lFv`(?@VKX0ih`i(6L|ahM+xF;%zEu4q;f*@E z&)b}(i~~lqZoMkGoI~ehkul``)1o+!qBvo)8bC}4TJOvAGn781h<*L(@mP2B0-?mi zMBxl~wx}tMwn%60!IL6i3Hj!#?@m2YHj&xwsVkXm`~`%4PmamaXX%UFD*|%Tlx=cF zT{Rf7I{8BlUtfOcyKfAmzo4M6&ptLeCkcv>NrD;f$RP7bK>p62g;Z@FRPY~cM!M)& z++kw-(U|pNhjh5yXy)%w6X5!w^*6T;&jDtI>haMF2mex&Lp6`_&RY3%bLMua_4LY(uG<0%f8G548@s0O;H(Jldo*!-YHMZ~- zqMx!Mz|rh~C?&}q@HU5E;{6#_P#i@`dbaJb_=RrUok$N10+b%K9+sdW0>4RM-((sw z!@at)at`(#1x1oJ zMeU?CEGJMxOh7VcYbaLS zMFA|1(#xlaR(X~Vo5ka+bDfaafX>h0~~liPpvmUunMPecT3 zVz^|6sF22Np1%gMNAK!T)Jf+yCAM25yROm;>QfhC{|RNKaDUd2w&>?4NVoMdlT01q zF;Tl~&7TZ(hadJEwM{A+BoJBg^DZjqfUqLTy_lPGOz87Eyu<#6eDaS5oIq{7&x*Pa2d1t2 z_~YONj^prjfq+Iaxu)FbAKmV>hpqI0r5T)N{#*s~mFMFfKh`S({D*o!o{ty0?A;wl zgZFS6#w^Tub_~anE=$k0F*H>0yYp)q&{moz1P$r$;sx*xx`0PK6PR20MB~p-p8~p<}&KO@lRq!)Lt@=Jxt)&9r{`0<05HG`i9bU$H}@hjYgK? zTb*p1GHm<@a1=iWIdZtt;mkU-2zz{i(@RlC>n=J^X--ahewHxzLtwRN91uD%8wl-2I&0^9#>; zP|oFlL%F8VTpJKCPya)AZ8UMGSp)JPFSplFEn%>th$1SH0LvLzo(vCTv!oUC8fR@e z7{$usRCLk$$8o)$zt+e)td>Fj;XdhM~CC|5B1K3u>@`s zHl9`SB)L;I9`5(ffBXvf&X>XH98~X5Pd?~~I3IP;|H&60-F>AX)}STj&|eW$y6|j+ zda*vntf3=IFSuntQ?DMF2~P)_0M;6HUnNm*GuhKRNuh|JtYnb>%DF9~`jXVqNb%oY za+(9sf`SmD1He*Tc%`b54pXu{nic~oBbk%o8aEn?&uBj0SfqFr+QqxVVFl?b_u%_xz!|>AJ zg`k7E%guM2wX|S((A>t0(&4iQ3&ReU2IP);zO^h*hfNvyP|gP7S|ku8K#!>Vj@U{q znUM`M7tR%=l|mMKC33~4q~-pKNz(ip{g$8wvWvFsC$keyf2iNmn@ z4VGZb!6O@qiZaC3Uq!|>nU4JJdDz+M#vkTH*zobowSnfz*UTz%k{_PcuvG!mZC;8U zC!A5RDEzGLN4WpeUvqwO$2iI+n0FM2}hbq$nFO)^28l*%&{tv%T~MoHWML zN?XSRpVz`SZ%IF(k{36t#5N#n!;0Hx4+Ad>!cieh>P$o6!CKHG|0?1!E01}t$AHxl z=Nl{A-sYu$HxcCQikF!FZX4NoaG04KzAB>^rzXGR0N*=6g9#UKz$K)e?TgV+>LqY;E}$;7EM-H-1FsqKB$CbQZL znr;rF!bZu?$1D!*wmKm{U{kw0dE{k?`qyfB8tL63x;L(M4nVXX4mAGa1IEkgbDnRT zEe`n+Ctms-_RHx{8L=5%R1q_?Ys|RiWq=V1QpRjXxqV^L+^QS$A^vLJzO?G*_BP)I zPeAVlm^-~Ydt|EBIj6tbLJ<^Hp3of-C%VH!L%l-1y#6ep3pni;KE6!^h(J6nXXb5z zo+U4_j$kE6z|$S2UrhNmhh5lnI6P!(=^YrH!MTTxs<5f0e5muG*1+ZOGD8iPT*y3b zVRIFQ5=UZSY9{EZxQLj)h8f#8EVqH~8pZ_~6v#aX9V-bydpVm0g5=GY7yT@(Y)dXR zD-PHI;Ba!gVOc%_80PUUBLO^~E*DWSO|*i!6x{E?nYr~2o?V}vTUzT(-5U@X^!$V7 zpSKv7XfzCa6cfQ8v2Xs5Sz#R;9*z{nj->#ORQ_)`@*vdmvoISNZu}GGlCpH9f|^{p z`8J^$TAo|*2=^`Xu1H@qwE}wIZqzD0U7R#_g?gD`C+e;QLzx2E_}LSlslx0yp&l|a zvDD{AZ`+q@Cn)Ccdt%{#QX9MWUM*(55XLY=8U3M}S1O85VY7}$a$xU^9k-KLY;n?8 zsn=(9r}<^{c>Ek-IEko4^fYUYJ%@S@-+pnt@}8-*JaMwN0zX~}V{W_YvCO4}+=d{y zHn6>8YHfWg=s|SL{RtnaFA`W*MX4Cec|g`cfX+*hj~E9Oq{#)cW*&t=)%MuJnknWq zkYyw!jKC2~7|f*LQ8g6)X4!=%GTG0TLNYRg0n7nj>a#osC_W^Bw_6<=+NyrTyez%@ zb5DquuA3V?kI0F!5M5v6Vq29`$>dR+QD>FM&59PI3VwFXFxi_YHs2i7o$=F}VL<|} zscLfGERl11Agf;^OWiM*T|la)Uxt*S zoTzpQn~7fivJ7_aL*o}0YIkV`zKxxwMjfoJ%y?3EGef`@UWC(#Tg>HDoEV5o#; zA0o7IW4GvR;_mBefOpSnKCg}db(oAp3z*OZWHfXGpN42SyMe02+(906q^~rRu#nd% zI~5XGo46<)XC!)FSQ4p};~6!kH#YKM!)JjrQC*!s++JpDZEffY&n?&1{g`|HVdcX| zEi-rkkxsuW`&?*-`9A>SS@S{F%>ND$Ujb|#koC@P-xM6!bqDF~81AmU72stw)IaG% zsF`EhkJ!FKwQ|$4R*buHX!6d)L?F2;9{0a~#+&eg{@Z`o5LDj6HQsvtG_kPeq_c8X zh#U5y3>?_HBz#L+Mg-fG|LD|T{}|S>0bTIVp`f6#k+);@ip9-}Mi~MYuuF`_ z6kq_zHpm_p*<5eDO*R2(rFfqYg+$V6{IE|B<39vNA!*VcS*fT{X6uiIhi`VL5ypA_ z2a9bENP$RuuBRs?)T>o}_a8NX{80@b<_;hQmmlc%JnY+<4#S*1R`R@>V+>gFOU1se zC{2y6rFCZRC&^ZL0**HcWzvv z?d>JRU};3X72A%ylR(2n@{5Zh>g)7ozUqaCOnmslb7r54{rP-(JR0&u7#eHPe73R~3+82OKk*_tkXUd`l-u&Yl!ES`dUjsm7ZPJB~kdBuhM0pj!}t&N%+_4!xurrIQLthYI#%2k`T<30xx5x?F#Cu{wlMon`fMQlR9^k;?UEfZ$i6gP z+;7GdoV+5$(;PINC>zL3J@VrdZ;bF%t>gRmiR}&!4nma+s+CG`wfi`UBnq@nc}D3A z^d=ocZB+no_RxwTlfV(f46KSIt_n&bE2f1yiS5?^X?*c$MDSpjEe`ciMk$^qe1_Ba zZWWx2H-0Y9Y%G3+jp`@8Gk3j5C(a#^Of?-KOt$9GZXqOR>HTKmf*chjN3tGg%#6<9 zgAtP;lHx@XA&ZG6qLK1o?oh>#XezrvVZ8A9{U~tJzNRnLZ(NgCPS4Do4Do7hZmzFy zZf*uW~h3LAwIXT_9Mw|ekC#6|j2C6Av*e7}{BerB_?M}dLk;AE*d{X2& z4nR!FEdrZC+6>%1(kwWUCe5T_O!&l|Oc7uhakE^d%N9$rfOLiK*@fy7<&U^200emn z5rY*FLLcJ1oB)}{*Ne+w#}8M?Hhy;MKUn$t1m;v>N?$^}G;U}F;Ni>Kboukf^F4X{ z|2((nbF=$YRYB1%CPV#eG=X^TwAW13#>R}c)|LG5EN}1m64a;L%O^s$4w%qr$9{Xh zNx}w)M*$v0?uIp^6tssE7rCOC=EX#(9YA%7^kd1&Atj>D{35=Z)vcBT3igU??yqZ2 zI~=xdS{f|agqk!!b=jBK1ym?e687bW8;yPJ+V!&R6>D%lcUMh7~d7p#5fuB3ar zJP*t9-IQdcTW_WdqU!_iy|~ld>vdK&8LkD?sn0;6Y@xrOf4G)VJm*<|WcW>c+k<;L z(zThl3!xo$`KKL@?7BhUk!IO~!{fBFU9}?eyX=u#wvHIGvTFkMHHere>1M?9oL0sz zMc0lOY0d!Fz4v8NVXLK^ zvJ#VzUr@{>F4)A;dK*ejLe)%LJ}=eOj3fk=h_@>BSkl__7?;J!MiEhW1K+iV#>fPV znh;fxKF%bWX6A_j4U(eZo0^r+Gvf~y#u8$G47AO}&W?c}UxRvarbq04>#(xWoT4ll zdEfs1#p>DAGagsiu8tU{B`L*50-=Pa7?y~$Fj%rR{~ghi->qK|LO;t}yweD^8=?$o zpe*7u3SJit!D0Kg+xpViV1q6*^QF)J>*gmq)8|G;!b972op#lxbXHY8dOZih3aY-v z$k%n_Gnuv|ODt0lg-RmBj;*K+_&C^q67a-NqeL#fNTO}VJc^TM(zDcMF=wzail5a@ zmwYcJmzKqEc&7gafp*%!FMR#tk9Qp#-y!Z zb57`4NKq7>%}x42Pwrtrl7o~f)5xyxy233tt-0=+k#`JeAOP#~Z+{9vNu-@VN4{bYvG<+vbxAQCh5|n9Mh+u=T7(xm95R z#MJPF_vrKH@`1~nOBMF{3K~kVUH=_bgqyMs7OM82kQ_LHUVCgC+Kd~&x;+89_<;61 z5n<5_V?Om~UdzghJeI&4k|KV)wVn)dkrx6caWbb(KDTaeRI=ya6Qr4XWc9P!%+D{+VGFdpF#5;zaQf}> zUBX*RZ}~h5n5R>o;VQ@D~Y16QXdm?HDLg|d<(nw`bS*W;{J1zZm;O=z$Y@Nn=DSMY zItH>|C{bFReM3==@KL6dp5m%`?>J{r994TP1@-jr{{+#+k7K;!>eTiVw_|_}IV%G0 zsR+V_uJH%ydl!vJPcr1!Ank4Vlw;g*$9Z402=gl zK4nuSguJ-=Zoq0!GypR2Tnn0sUiqeFb@%RV_t$$Dql|8t;dWnO+@oILTt;?z^iw{W znB6cV8(+d;#O3H&I0?K(dYR=@+?zKVzEVgFpPZ4?ucy9UUVB)lzf<^fF~_H|{@{&2 zk|9`>Co(}q(|!|&`aDKJ^wHv^+?R( ziq^)DrS3t?+wQU26_J^~uR#fi+9yZfpDtj12F&jaeHa6`X^Nc|e2`DG%J_LJXk$JBmazHLwoe?sMWo)&uNVq_^F#RNgWH%kr{(n+VfUKc%% zMBD7DhlmXb(2tq_IoD8K?(%I(W9whSCd#QoXO@P5P&hLw^> zFF*gMoJ9m_6gYkZhtktmF)~H%*IhU1+@<9m)wYyiUwi9QFFilPoDvDV_9D&lI(i82 znovh{g^go=IyJ*Jjrxc_WS~uHF|W5WbQTeNaSP+~`HXjz>CRN*#yIGg@Ejql zPOe{kF*7vKDt7@#x{i{8m*4HCY(CYUBhEO0RwKylgQKXc- z1j$3a8pyqfbQefFBXa$$+@rc28ipK4GpgHv;GOUKufvGn)AjE!jGY9d`Ks9UsHoO~ zy^F`^LZKkxrWgT-2wq_qybxhi=r3$_d7os4iU8M$Yz%w*uAjOl5&fpL z*&L{2ECEkd{{EgaVyt=zpB3As(N z#J69AaHdbFn!(h$44T5F0Q0n z-7P#aKAcm=uaZ>6EXq@$AHYWN>+Eonzeo6$c+9sUpT390V+_?Rx}I0P&Y#zISGLy& za;q7MNAz6n&Sd$6eFQ!&D})Vqr8YZliwNin71FYLBU*E`Wt)eptL`K{1;hR=*obX` zbr=Nf8iEK+_c5Z<<uRPn5{)hqFeEQL zKO}TnGzYltzi==QFJbs>3e$75(X68Cg0sv-Q}c z%((h81J>dT~q#3{{B-y#sbgKsO!Fa>+1d6N+S+B@+GLGMwZEOj7~NN zqNtI(U&l#16ILwIkXgGFxv=R~(TLp!I)B!^{h}Es95F~{5r!Qra6^O%(FZcjC@cZj zmLqR~HgbMmaAcKd?)@p<7+~I90+g>GC&%@N$F7{XfBSeQQ-iWq@m8G08CntP4bhlk zcVoXOGn!-Ch3>M-bv>w~uan$v{s|WU2#u#r$WoLJC5WIf_Zjy%r=`w#$}q&M6fH;yExCX&n)Yhsy#{f zf54wP&wyV6^nb!19ZMuSxRmS6(5p9dhR4i%kv4T`(xA?gg>BOpL?C|ZIvV`eB0d~PEI{j&6I_?QY$qX zn{f|Turp535-XUbTenzDc@$lHla#Zdz@3`hvdXCvN}2EHvOp~L#mx5A_?J{|scZ68 z6UpC_5Bd9t4Gs+wVS@eE>15%xp%V$k9I6KIImEmc)lqs#dnR{NmM)o@)$Rzk&v<%D zzv(9hdP-h$2-(V4l?x?w@q?qGGF}a*9}qmu{mDh@*wb*h{1-xr_>!Yiqza+?x22Y%cu}OWGkJ5d zLB~mZdqtKT3@RI#4QY~2$SvSmWnfAqVKl9^z6~xdb`MnVEezC)c+k)^V7|%6fO*14 zv6DeP*hAr-_Vnf2GF%)8?NU1ODp$9E)t62orZ>&yN99iC=02KpuKWRZYj=#0BGxIQ z>^N6NCy9tFuuodw9n6cKlm8Vx>?UMq*K3s4(Uv&~9&whANSXkPW-V@}m{S&5HlSz$ z1Gcq|g>hJhOMp>LZ{gZcZ}Fn}nwdH`(CFYest2f^kKo&LX4Mfw$O~|v%?PMX zZv~;QICZ#XDpZdCC?-LtLio6BN$lz+6p`5clpKv@XVZt|18Ym;5V$+C@vhNZ_RIyxZw?TtTb0{^IfH|#jR(`xXE@&rKV?r<-!S5pq8 zO4BsaQc7Gk8;=KO>>MYNPv!ug)&+hKDj@(*3?Pb3h#r={a(RY^?gaXY@2RploP#{7 zsGccs!v;!tI&BiuXzi(Lu?F|ES694GUYvc&JF+?HeG-`QiSmJxAvnTwTfO8GlYRnW zfS^BRQXN~c!BQ*T>1J}Z$DD&(F}gw~SQ8(LvaeLX*r#tjb>q9XZFyu6r2T38>V1!n zao(>_WJ;Q_^V&1=ZqTH~Kfo3lu2d9<6spWU;~({dJ2^N3nWg}8&8q>vEHdPYQeLI9 zwv^c+YbNU;`?l4UBi`lVaqr^nU(iCRI~ATiJLWdtt|evl$Nwirbd+$b@RB^0e~Paa zbxNZCPM2k8qK63dDQrqwm1veyyZo;xaZ@^QQ&z!LQ7H7Cd6?f^@}aP?iwh6;#%#2K z*!kh}nC9V`Z)F3mmAgn+6KR+W3_%@&tE09B37M^wmrN770Lv9AaLxmhnN=hW_%eor zaWc^^2Xyr-$viUTZe}s+)L?H;3@tP~HnKjXzp?hRGj)A2J8T>b5`zHpteOwa?3n_q+<9(NDCf!Xpw#m?$3z5irEwu_p+`JC|H9yD|7}X-OkgSiIB` zYgYMV?cwLoKCp&aTXSuQ81@yuEcefU?EB$)cu(ygfN&{+%j^ywG@`l68hN?!Nz}x3NC z-l9EY+@k@#iy?#vu&*_ih<^VHSAwP&)bzjqHL-l;;^L>L9kCl+Ckuf4Gfo+eIr3Zg zxxmd>4wfK|smYVZ>qi7va_tq%;jkjbWJ@B>|`kKs5$Dxn8I#LR~FCO_m;#z zESiFHFk3<@fIJO6uC5$9G?4#gvPkRu%JZ-Hzm00`J#ukMD`>s&TNCP>ZUD>2#>SaK zf?UmW^nz6!3Hodg+o`fqzzB>^Shq^G<4;{p3EqmJFZ}Ako6HOYkKmaCh9X!JK4N`w zSPQO?gFE5+(%89mpPWU%hKUW%m&N2$>J)@s&u6f(Y?NWCtspIr z<`{~I{DwN9#FU^QQHd2cia1lk=E(>C+q``=HO^)D{o-LAhjT@`zA_4{07 zWfZhQRktQJFh*O?Y~vQaNIQ?J-oK+J{#Q^$aAh(Mm})Du(Pc6h%_O%*Rw+M%w$6vw zUc(J0LtS`_`c1V>b%Ai(q;qT=a3NQcJ+?CQR};1Vh!cL;DfizwCFc*PZ;Ag^cgV&y z87gUcM;)s!ahlmmPnmbdSH0Oz{aPispb3bEQWlLC@OPB#&aIyZ{ zWPaHC5+{4(=hujQzZbQU;?+E=(4>me&nFXX@~P{=3!yErp~?p|Eb>4<7Q2MHDNYh( z5NL^wtTGfn@c{p=D+)V51H(u;`Wg5@Vuo$mqgGR$joh#UK*cLje(bW+2iwK zW?9Jv8h&`KJS~yL^aZ9}7ug4(iHHzC+3Xe5_ubimnZpsyYu_ga(?1SW=SPmvBy7%* z&2(&#-uUz2oCKL9&z{t$!Ye(mq4Zq2NZsI24+H%$^LEsA{H=7#km+kHFv!_QPNW6X z0iD&PsANN&Z2lD|7MMU9HHX>+l_!e*8lBK>kA5l|nDZh{6dcyQ01-2#i)g0Gjaaxa z=F1L&Ue_+$_TV6l3}^p}-T3%rd~Hc9H#cbUcFe#li+8X_O2S@1@r(Tm6=Qlz2-^$o zEz>4oXnhry)sw1$IzIano3RN<#M@N!@SFd^DHif*m{1Dz%an?F=;p%_pV-)q`>E?c zzeer7_;VPDus~ucu%YhuNvH$zjVuz<1R>MLMiDrI^cO<7U>1A_EKS!n!ZQIwx&T&0 zq#yC;txVE@#*=ER`hc2KFM-;;2WMDV|cA#Jm6|TttoT=&)a8)?JUEx6f0)~z+VOq9YWtBNi?uVcKj+F%{+wFf8^&_)7@Bghw~-m{ z^fJAU8ZxjXK&g@BzRlQy!vEz;1|}w5gA6a!iN`Va$KuDJWa>)&VuBr#c7v*cZppsU zHQZGRW5Rgw>-2a+KIJ_0pHkDjwz$$aXlb{_+5m7HQHXP`L~cv>}shzH1E9L=Qabb z0GYlacES+@7CjmUmDcby%n)$g-1oDu+YsEs)tU(e4SCSo^S$FS)Qt|UgM(KOerv4s zw?TE9m~jcvKZ|gb7zffUKPdoH$x{*YPSBB#7ACHG#0UGB}4Hz7Z z54VKPdYuSMHi-4oc9dL7h>z(|dc5sChiO%VTUWHVAS6E z{C~0aCeTnY-WxE}&#IW9%W>lh-aKq$E)& zQb_cQ$d&-Z<&bKdhhoy>OU-se8gz0a)^(H;iE_vzvD(@eZNgj#p~ zc=rE>%3FYsHNG>KBmNhdyo7f7W@A--{r_8r`V%WG_2_Zh`^2P(bCO14pcQzx?8TUJ zm7D+JTVg7W$_-B3_VuIkp+HlhgLwrmgNu_K7HTNzg(SFWloe~5RA{d+!zc$RdT{Uk zBFtKc9CqBF0r-(nhXb`hNlX&WhlxkoNoQq-hSqXF8jxlj_12TiLm))u)MXm0eNU)K z;5Po{TJl00SxHf~+%yR))sk)Rjh&Y@3CGqpvzr??KpdR{6*m2+&pw7+#8Xz}fBFcg z+;NlM0{j&{50Zg~OU^7MJqduqZWcWaJoLD>C{7=I!LHmCU=YtTTaX2DSnu9h0WBEjZ6USycMt{ zTbfTGEh@} z+u4k1zWJ*|b3SB&0bEzdDY~p%z4NQdD*L09!F?3d@(QwGzk#Wkw#&lVagv@R5yy-` z;eor`>wRY>2y`zYj&+8)g%=1*djf52lHGuthZh=2Wl`5h8FaWn&9OqkN;}|J3?ff2 zV0wM+Q#bTF3D6P`-@Ra#DS?m?1=5ZYDta7r_N2nZe3HQm1WSVN3>Jc=p`~~2Z@?$h z*ZxPd1d{jUL7PL040aA<|Av$Cy}%hsPI8qe$|g0Mj(f1Z<^2;V5_pF+Mw~ne7@Yw3 z96Q2nl9+oM7FTO+ZGTIu&e`7c+&NE;uJ!dc#=-a3V8aR>;6_Z&SE1#gk{Ok~I3x+y zwvmiy!;bn>athh_2+9aocE<6fRJbO}%W^6-DoeKUt}jt76GSH<<+l1dTtE;4HOLsR zr_t+8!kv(bD7)Rfv$(PPHE73dXLToNCwvu5X@-)O_~RZ1YnK(F2c!pCr2Now>O_0c z^T@m;2HIyn2@+`rMRcHrrecB!!<7-k%*`<~PfhPisJMUb)BNz1QX6~wzxc#VV)f^< zOY=YBIK=#y!4s#PoDNjPy&eM)X|5(?LS{cBF(3nNF&Opi2T)sW)GgTw6Qwa7I-;I5 zrqNGIpa9}XKln)o1>(wJiGUnmr`n?KlkR(y5Y{%iHuIbRZ0*Yl-u?(_W#RF@14q{v zG7sF-GQI2AY_}|P*c&HGO5%XU8`~$xF7qyMiB%B04T#-D4<%heEK&M%DM;FJ>rE*= zzWyo>`$61xw1MFsjJLRKJ6!tv&>?>kRaR+c%4>>;C#3@zg_z9xCse@lR@GTKrN#?A-1%PFXS(OEhd{B^`Rz6(*XM$V7VvQo>y@Vc8$6mWTiVFIE1 zzISz#^6=-+Qz_dMO+n3TU77n}sp)ESkl$jrzK!8s34dM5PBe;H{kU3%ufr3=(G)2h zLNqlD#x6=-OVuKK>FSKUQh6}T>JO3yU0XOWR5p>ui$O&BVXjr%glv6;{cA{D+i#t; zx0h<>4`@eo+=e%c%@1949F>iUx3qVW$kOLXGF6jx(P1I=A~A(2D$KI>-inm$qLL3P zirlzQAD&(aOSP0rwOoJs!dnp%68F%|%04-7JY9m-Ux{?@kFfRg~2j|SV^DfoayF?&b&hGu14 z=FH_W70rh48hL_bPGbdS+VhkqBavLMTlQ%f$xt=Xv%k~X9-BoN_0fx`u_uYsl+o;$ zMHnnCAGr4Z8GiUvb^gQBDpgH$^&)3s ztsjczBUD2HS3LbKPxQ!u1 z7S7?e0@sRE857X_e>i?oYCbnj9NUXWY97B8`u_RY>vy0nzH%D5KL0Lc>+haPr=!8^ z1=A@o`SAV_iC*N56$O?GIgT6TGZkxa$HQ|Z5BacnH())X&k$Z07VOgbmy-?IUR#pFlW z-d%5i3*Ac}-hJH~+L&)#9W8d+-uk_m-8;WeA0QCQ`)&b+qyf!D_rY2cq!P!454cGJ zUqPcDu-tg>yWSAwcYs<`0iirxr}@YaoABVnKbBdW9zMK7#NyDsY~+KvVsiMbl=ig< zTjCV89#}_`2R2I3yXDiB_1U$RF;5`7hk~D-2JTZSza0!OL>b|d#GW)GA<2*^7!h+D zz5n|82s?1o`ft$uAE;tRM%J6p3sw zWEZ!vu{Ufm6neF{y>oF4{Zu;x=IR5Y*56Q5d-&A zm^g(J3H~Ik2lpQOLoXZJrK19IuQQ>1sg%#~Yo?k`Ed_0je(MFF>UG9=eM+faf4M_b z^`*J#_4SnR-wPcdpOPKUo8|PN-@Pp-f(JM*QY{7&0B)$oI_z>(ElI4CY9&_YJ0*;g zBDiE4!rw_SBiiwIk(^jTL@yh2%6asgS7>}^l*+UQ(FQ4zUv?2pz?zzyR@XDqW(ouqnmhn4!JEJuXSSN7I5Sm@_%==}6G6snntcp}|!7t&nYIHFxASKQAfO)L6WEV|wAU{>rb zr+n%W$7h314uatF-Ct4u*Tp@z-xf|2V9JJ-nWW2%_erV`&7yWjsMnvk3^CpQDrxez zmQ%|sbOL9$t=c{piP{35ZsIs9SKO13mH$f?^_mYZ=5Vp^mP)v9jCPUHk&#oiOn80j zl$bO)K{s#BRqRZC3|aqpG5FE5;73DK#%(a_nN=V))JGtCbvUAx7mzK9FvV$mt=8Aj z-BcR3nxt)C>0f#%CABy4^e9OjELtIkJ{zoHXffho1*X?$-k;Q=C!H;?CX%4NHhbV= zd3~=?yIjT&0psNWDcWg{7Mm_C`cK?+#cK{F=Vndr6u`|v7p*6|LMB~ z9B)hn;c%aS)!~wvuAWbyu4$E=Go12oXfnN+`_*ao&|k8LoEid`Kd-0E2-%hYRaRbB zCSS29^5v@+E%(3C?iLgkVu{vu;UxCeI}eJ93CI?O^hG5A?}68nSB2!#})Ac0_L&@g;9xBt|MABUEL!h@F3)gbYJ3va`eFi%&m(hDTnV*S=AyE*LjM zK{6NOaYN%$%q@!Tj=eN4`l5sZs=Zu6(o9s#4YBZrO;T(lf_*$L?cz#W>g~5LAH^-F zEHA(4t+qLWj~*bwO=(DA62-?STC%dV)z6Gtcd#T)#%f*t-;jaJfYWdn2j?lNbsIBL z0Oc2!)NUl+Y>AH8g&fB)XK;~FoDW?SEepyG@?ltW%6gd3>DuUO#pY;=UGUCZp=O7Z z0)lO0m!|FABk9!8&`u;OsN+(ESVS?Q0W1ov*fGiV3gR+#Qug*Rq4jMKLMHB)4|zb$ z;pvsBUil2VbiEg8fXDJkpKGr5^VO?AZ~pV!^WwARpXVNrfJ;pREPdH&tOPb)c+B2+ z*qaF-eOrIPARZ%Vcn}tgP@2iKl5cxxyeDd9zPT$2Tr`=cm`G`qz(jM>m5r^@H^1I| z26K}IUvKX-Pj2}8L%_fv#!R2Li;K&p-2NHg6CM~IZaicX5E^^g;xN|T`k~Yh#i6rc z!{VSJ0IVm5CY^zftCRx=xL!7rwV)_9wf#5Ccq0{sRu=VUew3Q`+-vcLXHIbN#_;OM z)2)%O$2R`~`eMUZrCKKY!sBFw2OFI!v6x2?pCzY`UaLwvAX=s%nZQRo&*oBrDYC|p z^G&00c$)o`^_llG@(?aM7eP{Eq?>8$LUDH?f^kP|`!VK>L_fZkcnB4Au7%{Or1kBI zPs6)2uO9HZa3QYEe>w`Ad^^-9DW6*MOU-b=K=3l@a{2g)mMpDY-zn~hV)2cLnC}oL z9I4R3j!v(COj(Y5;p_ELyny3RoERSTNwUIkAjhRqqk3Sq^g)cz?4I(17Boa!j%uey zwZPlaJEk+@b>at}cnV6A6C6rJAqTj(xKx{PSa3++w`RFy*`MF_+g(dQey`K^_d`zg zYa3si78>}R8b{`rXF3S}a!Q2+lAsi>46~9r#ugdD1%W0;O|5NF6jw>kpx#!|BSMSL z8v_bNYM!Xf9W7n#3W`yrY7^k4d6H1K-qXTP&|?k8E@i|>E zm1ueae9k#a_EXa+5=rcqf~4|g0x;0QRBiC&#K^U^31@FL2Z8c(r_(2$<`2oG zJ!CK7fQzdbK^Z?6!+UqLsI@Iwvt0LXXQlYMUVbsIF7~d$my=|Kij1h?>860^VI6Ap z#CTuCOR9n-m5Yt&E&YfF403Iu!${ueotY!5mB?8xKVeif*8)K+AKXu9|140>{n8uF-44ezL!S0uatzuB-)bm zAj)x~y@n)R24-PI*JG*x3&Ni)6+xQW&;-4HHDLrs7(bnwzwuAU=FL~7Ay2O_PRt)E zKY!(+>CqB&Avd!L3aTxMDCny8?ANtX?{9{yDale0dfqWrq-_PN-Ut9YegXX&WFE(wgzH5G} zU2aq{G-Yi#Em$cn))yZq>qlEKPIuo*aX`udK?WyS6TvQ(;DV43ph^L z41X^iUH{CeU9gP$@zEnbr!P+e&X2ue_|KNW@WCt}iqLLto(vlZoQxS?Eki7kqDFK- zUHj7Wd;)vG-mH2`K`xGRt&=?OY29vTM{l=K2D|m~5 z5LHUS-G_A3p>70ctE~5ycw0y4|2+f~A3GOAg2v()8F!@E>E?#B!w>*sl>amku7q2m z!Uh8eseYo8lG*}L6Hx7n(KM>M5SrG9KFlmCbzGxxNdqSDPuug$$}jP;Hkp2uCSgfx zs@GMi3S1&!RWD;6S@wH;d*a8>t*(ZBst0`H+LAPkrK8#Yq$nnrG`Q$@nRk4%y^5Op z2Q~v*|Nq9(IiZ<@Gc#L-5Jxa5`X`PC%>-Rc?ME+-kGtoDZURV&xH*oXO5*t_P~zOM z@?k27Y6(TtM)r0e<+P*@X8O|6&w_DnT#r7? z1q2N{Ry0>WseJl0@VwjBt8?%zv-^}9X=j^S;duJgNs*Pn{TwATv?yL86si3b;u#4Q zlDYa(G)BZskApqV7a9SPYP)o{>PX?^0gwXakK$8ql2DkIcyg6O8nN=d;q+a7=~_CD zV8N^?y7ziKRUe`$IirIByGySc9>Ys0yLzE{brj71k34*BQ*51WXoA4s&H%w}yr;zx zpLIYTua4{NNT6e(26cA0^kT3CsW?LC0MoR_vOE3hr)1aShYwwgWriOLE@?3OF(~uP zPqQC#qbWFQh5`@Gfaa--QXaJ+gyykM-|g!8=Vy4?{JeJK1{m_5)1rj2p)8o02PG0x zD~&iX>bj7OP9PS>TWVl*v7YB%s<5~NH<T`DmiZ*H-RZ;u z@klA0=AN=p^OU>-k%T&Z|LpIh3m1bIXF|66L$*&? zhE89NhoTl1sw6Ju%o$@-m7E7wgL$E%QX7alru z|39+;sKYujZ2Ri;bAs1l7`}M}81S9trq$-A#cXi~pqU{UOZX#rkpwvpWI>`rp%M@2 z0T)UNLx1Y^QHFc^sYriP&o#ORa@x3U+1-J!^hFC}s1kM=>goc&Pp3dhbG$bCx$Wbl z(H2tk2Z5!am~atgN|d2d@BLg+KRhzo7Ud^O3Pl3HZ61Iu;K2cSZs&x4=`~m4Yjzid zYe+menX}Mt&(fg08JX#vX$CtSj5mu=t!1%}VF{6Z+6*go$FK->)*?A|mUCkKB>axc z0~1fS|4DlHwQ;#y=;E`*$EzbdD;t`HdHwSNPqV3kN+r8w^erVjJK{rUc~*?n%%IP% zRFKqGy)0avrs6J>o2vr1x~z!9{0TGA+|OBWITrWNEj`V4e60M#pD%FO@$t}9avppR zEs7mAcxuKksa}-%ow(;-TJ<}=OIt8o2cEGzzAAV7n2~y9AExR^Ex7&BO9Pj)WM$l> zLGTH$4lcHL>F??Fp<3E49ql5cuGh!DXNDJ!`ks06G}!;l&8FsBhllcb^#6p`0zddF z@mv;lIe^DaO5&h1pyszTnzYRm5sN$`;#u{+!C<~w8{tM%#@^HO>ez?klh;c0Z9}%m ztLqWHBT}OznC~Qq^^JWh7@BHc>NVO~I0Sep;Yh`KA1G|ocd55A_J~|@LTCF2R01cI zfurD4>5z_QkWMmtnWgRf7#5b$nz5w7NGcgSv3>$gn%P|?aXwiTSYgggxH&Ye&GP3nSQo0`|Qnj)_rh*dQhyF@e}6vu6J z>|<*WR!X^_#jLJ<+1#r`hxs~o^duHqZrY@wng9&mF;dW=lQ2hGnr(l--KYNDe~=L6 zId3o7>%pv~wiFNyNl9!Q?GX$mc%#FSq;_>dEAc=RB%u8NO+deN$Azh{*&4<#!7{NK zA?xVNW0#{04>EIFV2M^XXF+fL4=a2Q__8@sl0}y?08HT03r2Cp$2NR)fni?#+U4pb01d`h7vhd-y}Q%P{~8l0t-ou zdHnHv0=b-mqZaN4dIW{L#v)o@o^Jd-I=pdepQ^#Bq&}VF0qx1Ncr!|OD%3!!+VNJX zNS%~}xOXYON|(t`q@dsO2!Vdf(SGQJ)Bp5anM6b#O&<`ywtD<~x)olMXMzfT<}D(< z7#J!YZEW|`57ub8j!wXKJE%#5S@>t5j!v>C@N&@eBRqA~p83k}iF=Qw=~~;PQRIUp z=~R-mu|!f?nZ;2T|Le=E%{#*o6~$n8^c@aanc93zLYH{M!aGWH9OYsfkAapHJ&Gb- zBaI@VH;1yw%*lBQ5DN@q7`mRu>v$bz~yKD7p|NE%`4I61uSD5!ow@g%-M&7woVDUjJ_2CJg+VYv- zUUUtX){bk{^@s2F`4ZAZiTI9<|DZl{EXovj%{HPR;+r5m?33-3OI>m?G z9eeyZ4ibe7T8Pz5E9PF2EZhiLasS)ZNm zqYz)Q;wb6t&?p$7!QEC&60d!1q0fC^VImS^&QPE5l%p91a(cjyQ1JiH4w;8o|fzkC+{IHm!^QMSY)_kHTJ z!i327LAsxK1LAVv9~iU74GKF}{tj3%2+MLr!ffGk>A@MH@WNahKJxy`2qbE6%GS6V z$;dP!%UX?mkH=-7H_*gozK+nNYfFzhPz}(~NacX`28|R0hLxZaFd`KD(UV;9hqBmp z2MpBpypisa&bbdFo&p!x<8FP3BQ^jDlOrES`z9&u1!Dwei-rWBkRH|Y=y?t zfhvOMFT_t%PFu(rO%s-anm}ooIdq}Xck6T8I&@ASAEkURwfj_FE`LaV&(q@^aD|9B zu^t)4#teB*kQqxXJ1+r4)?0V6P$B#M0`4VXn>BAm4dLYrWWY z6}HO30(q;ftjn@W%|TdR&OfLrV!LH}8Yo8l*YXDF_G9S1%-2=L3Awq)Ii7%tk`oLF zKm`h($!-o_SWDYya0*Dip}Ekc5{!{9jR0NlC}#_PG`1b63DaPeap`uEHx7`4adNo( zM0z0UwB4)V=7uNl5A0drf`3>NnEmjSO}43xbR6*YR0B@1Jx*oRqDbkz8Em&G*OU9J;@fFUPfEpn|*I> zetdgm!{{ZffBJ8MUK1GNU2lDwg#Aw(-GG)pu`&TeW5?KEHfLgd!{{kTDda zF1zht8+?w9&lLCz%4hnp+$|z5ht#EJVL-%+9WDo)NM}vrF&MW7+t;`+FF*gNciT7!AOt=B@2okC_RVEJXx ztMSqMQr7Sb#i)`Q4IP%GK8jZa@)dv;>10cb^nwxLxFe4Rlk%DvWr#I<cuo3yOYaEv473$mhA?_k6yW)y!5JC6 zp0x+?b!1nAOD*Hw*%jIw|0E^sZ2yJ@@P+SbPB*Vk4#C~Mgqgr6jn~e*jlKDJ5D25D zrQSo}{ov$S|8yi5ah7Z%4Z6_~q8F8ZUn>dQ8|oTfV&0#OXc@0DYkso)X->O&<&$Q} z*00R@`Ok2{sM-3XyV5BxmE)+s_K(}aIv4wM-(O#9i10BW1{*JC7Sr)2g2QU~vns;rit!w+6?~}&b zKQP!$!9m_eG7;&6k3*WP6T8#0;uR$Mq-)19*JFL#7)j~mpQJR22X?2R(g-EV6>osr z-O&-T)v|bS^FG9q-GF!k;eIF$gR<;%ZMjxj{+DB8z}Ccp;E=@>?Z%~;oI`SQ68_jI zHpWUNIRD>tw^OSJUT6yK2WGzJx8BoJ-z1wemSDgzLujCd)rzg%m}oz`L=Y~TCI8!* zUr}Kh7bb&JZPaIeL_+l;hnh&-v2D<`o-JZWj*Eo#O zujS@>VAcOfugpb7;9@+m7=_j`?BOYeqi=e9r+a@vhIkheu=R?s+^Hb|AkCRemvV>Z ztY;1Ld4n~sXrYo8^*26)&`!sX$OYp|Z zSM7g(FvgpHZfJr<-jHwtFE49<`RSp70r*-uZZZbsBDEVA7TzAZ=+IEtSSyP};)xh2 zB=>gVY36KYM2WbERxT_)#~N3+gAQzee*{!$+gx+V`l|`|-nnIsrV9^FWe^L_pwI|r zMi8M!X}-Lmc_rM-%3{M4v4VIaSq^CE-nlEh>%%}6ej`;t2x-EoSP7C&BoaBW2$ENa zGU%hm1BZN)wq$ShJbBh!zYN_JL+E-^f4F=`BlJON)T}rzfiE5x*?ux{QOr}~KLS@I zHRjtNf$R3m?}h&rxYB4yS+-s>Q%ckLmyRh^dyS#Up)B$1+wEp2)%Zrqkb@R6BI3}^ zxVI?6=TDI2TS2{h1VrK0>Vva%1FShsUr?{|1l)H0)Ot7WAc$E*U*VEx#g~6RzI}U8 zmpm;cQ*i4tGJ~CbkdcB)P?8waQv+f|VnEbvev~0pG5b4ldAu>9cS6BpD(e~bCDPph zT3O(80+ETgv-T;%h6@-D$h($QGF|=oWn<%YPV?G|)7NVo+55EDf4~7WUXARBRyNM3 z^OgAa+_Art+P8d7MIfP#@G6W|w(!Ugm>c!^3%q5(K&7!!!@<$%)Xm=!%Lhvj#>9l1 z7Gnp+{HOK6)jqab&RG0`@F@o7^?3kPTJYu`S}SXWZIPk0@y)eiyNe@%Gdo+&J3(W^ zS4XziODj|#!=D4ku2nAkp6iXryvQk1T@acmNxtC;rQD2*b1z0tZ9!t@!!}w)VvXF`S4+XsRm0AIa{OP z_*+nU1ew(>2M%SiTxVOb5=(&2wgd^?Jwghbls9ZTwfYp=Dd+b>urKUbeCqHWTpU3K zhWFeLeOGI7dEJ5=5>&Xe2$}gEO}jH;5$)PM90&X4MR#WB#w0c& z$9G4BL*_XM#Exu)QL#8^>3s6E|9>o0#f-&;zHz+FIbP6m?6M-r6?kna2%PSAGY1G9 zxOjw~#6x~@9Yr$aGhs|!#H2k47wmXO7#zE-0%(|!%Og}+;L&*4#j--KViTNc*T)Vx ztu0>+x%qwCzDL8~A_n@5e9A##lYod1*n74_lqW=veQvIBkxHK^WE?oFCG?6_RCGvB z5M~f1d2zz`XHzN-82xskuAboKZ90*unCPr>7cQD*1IzJi`PAc)z{wR@UaLPWl6K+a z+)8cVVPtKnxC$Xm+(k?9;)QsLG0K@Ke^8ql8!(YC56;**ZVoQ3%!j`YTwVx z9g>&d$JbypTB(BKKJGz>)hKU*F^hSIVP3Tu&d)`HYUHVZMuxd1;V!>Dnw-ysV9r?o zxqbEVg{Cd1owu+izwWp6&!qg8HNvLqU~kLBwf(hJ5jKGPO_AAx85yl^O4g9&POKg8wr`y zcHCGzck$*wgK4Y!8CRYb4pqq%o`8SY=a03|qtdARFQ53IXySKC+a$Mh8F@WG!GH}V zTd$;6#x~-D&2rE%v;Z#eXI7sM1HD|RwhJ9Zm=(hrB-#!D9dKJ1uSHVJsFZU#H6U>x zLqcF5%=pAfLOTZMyMQg6c>$tW$u3@(%n$h_jiEes?Ig1Gnw_2xLLmv%c8NoFcWjg?W_mKVPLY6G=`VNB3q z7u--)&g% zv+3X0lmtH7l%%qjdhVc|tsPXBCo3(0guV=%Xok~9eREgX0%DZX0uf$1L_rv0 zBDW-mD)HdpE&ve$Dt&S&a5Pt@`r5724GEa%qQCy$2I2G9cJt0g$c{Gn#V>x{+1gqA zJAa?#SXuAfQqb_7K&=kKi94xfU1i3qw{$LkpFH&JpPcOv&D#|_Lpuu>;rjO0^pWNg z?gzTlPq~GF2pp`;KjI zmImc-l&F@SJy>eVQy}4AWX(-xN6DqsSITYDd@sWkkVT6Qg88~>hZTk#%Cx>yvs?0K zVqwJf$06^6x=Uo_blR*_R8Gn<@MPwn}utyQocu|9E@9A zqq(1`)6qd#R5DZcV7c%LH@~gk(Xnp*(a9ghu5Y|o$<2e~Ok1~clt6?!bB%V7X8@+S z-MW+IOkFw}J7i3mbq>JjqI$%L+&;VLVaPk#S^-Cg(yvb|=hO#pt<8iiZI0yx%9_x% z-m%azb?V2WMQW1NZCHCejo@Wovc9sH~O*p1cftHEofV9(KTMEjZl)%?szmA&{@lqx26zgwqRymO^^ zglwr?=R2p9&o&1ZzQ0aOE0=W&o~=6g_H7y;@1&>4v~-Y~hQ2k*I`#pX+xS(exQm$L zbNxK$U989=Gv}hBwsw>(H7=X?;TBRPI zK6#f=_2FlL8-d_`mp~cm8Y;7mJx`uETl4PN;%vy~C#M@T6+6=@hk`G8U*e3yET$85 zlJhvpK2?co`+O?n!jT9*DJsrTeVj@u5t76nv`q5aXOP8Yau{?H_FG7i;iM@or8uuc{ z%*>K^s)Eb*sYSQKO43C>ND`L@xCyLLH#1C%2)D86*?aQbr8Ac#F8y}C_B4Y5Ggm*Rm817&VDQU^?{Jlh)Ku5wRO*X zn^*3NUqAAAKN4HVY=srK!iv$P(p@^y>2#@#56r?-KAx z&ZzE&s-ZazjRJhx$LUA*O^!L)*{2=s12?Nu%(S0fKI1*L@NKhYbMsqE;b2AvX24a9 znCw7jV)lr^d+SnxS)(Z*Lo^H3!e6h-^s%?OhKR3Saj9zVCYzo=#G5a~v zz}zS3w=CPW*!bvKVv;VIE=$4AYPD(2TlR9L<@^KIkqdSqTV;oCet&DH9dy3vp1)}K zqKZkFf*OKD$44ou#$~0liiJGD>GRipVklXf-(S<`uZevZ%Z3A2M|m1?|&* z+P^)Xc(Hs#N3u3WgPR*c!RWNg^lFB=9CAIg{x}SLz&d&iBE)0UjL#&Y59TibKdKm)6lvJkmqO!@bD0CXMNq z(GnFWeb@BJ#k$Yugt`o7y5c+*ZFpj1nssQ~g<& zZd&>2hLQB_9H(?Ahm(#c>U+~O?dZ($yfUE*&O~f@s~*ZY=bt9A_^vGMr58~pxt(em zx*2H2Bxiky;aOeh+guw;QO7<=-d1v!m$y>jlH_oaVYR^Ue2|pEW)j%yZr!&ecJFWK z?wx&;a`4^J)lQ?38(UMwIS>1*wcfpW=$v_HP$!m{=e*()|2A2#Ba5}hM7TQ(3#TGT zBug5}98bnS2%}L4B$)Hu+d7L};R<jV+rcMH95fAsd>pG}zhvN`*`Frx64kx@*H(c82GL9=hT5}fL*t5vi$ zt;{~y-}UfrkuV5{lTF+{&$*GTK5SSV^*MKJqFx6-#uXL*L%9v2D$az0av%HBgW7Ei z`xt{eJ25-IuYO(oxwE+qX5TTN)_0LKG&Pfm4e+S;&R_zs!y@+F;(Dj&S-+44NvBOf z4sHF*xZ)tq8aW%PI-4^`MQB}()p7T>tngfxg&KF%Na#_m<6A~9#gq9f2Sp9r zk{NOJpi@V$BldZ0n@_cXvkVFAEHs28=t?GZ1q7XMdQ{i*#j9@UdTbpUMe)I&Y7Hi^ z6`2Vq@{1|rT?wq0^d_YcMh>z{fjuN*6tG1~fUPu{zw=q-K)zGUfi zw8G6iT%ADc1y*Cq5(<70C0Zj<#uOy=QtVF+lj`r^zk7n)#@mXXNl*AMoqK7+=bw)!DeAelm^n;U5;|`;ea8L};6de>E@|KQql*zyK4`;!d z5;?=tpy2r_*6s5_BX9inZTE^^BVK4f% zNOSd#Gv60_zZbrJ3jxROw`}h$so92N)8Qt_s1CVz@-kzc+1j`XK7o2Vp*qf;eSPj3 zVYhIcabl_z;^=mG(9SP2?X{J!0M2&)js!YEzoFjtU9UZP(e&}~^p#;2gf}@%kwuyi zP5xXa|K{G!m5lypE044{YAUv-a)N(PKPs-aPkpV06vvxaGUHq2>!iu9mwoo|qoeOA zild|6cSUnX%i=NK+TXTc|Nf*or#WBso6>$DKw~Z_;q&~++2*V74*Yd{XzugFnHk0N zT$i~Kc-r5@D+x%%o`JSdnqG%>r&p({g;GA|HSV?&PmKvmK^L{>n=p1@De8_|EYr}E zfSbYVsBDRco`c5upS=1!rXT6cLCoEy>LJ`@@(gD2D;NWh6>&okl?eq8n&K(r7i4aN zfWqylhU-3$G|vf@F*2BK@o-nZ4k_<7PA@?%ojNEHPmWDY$0*8#tFigrOQ$~x?Tn6g z={(u<=v@Cyjo)J01fN|hAH>;W8j0>Q2wCjkiugeSK6koKZ02+0P_^S8na_nu&g%p~ zPafR|6c39kt4;u7?WCq#q>m}RM0GxE#S{??J$5T5cSU$~BGb>4e3YZIV+RR=@c)Qb zCdvRS70I8sKl}C-C`ZcgZv0HKb6Wp0S)nQzmp)k+PNklIK8w@G>*c76d+=Lf)0xqy zsQ;M-7*o=X8tzO-#WLlJpe#``NY1dZKqgAm9jU0Q8UcVnMMZ{K9!2lA6DV1vYIXE| zy|Cr@ug#Zcmit3iOGDPa2hBIH{@UKsN}$-E>l0f3-1)um)w>(h(UNdQ(DT^VKnnc) z%BZHsFD@fcrs`FwVw*FHE$?+YUB_ClBehkeZjh1;5tmVAavYJ#FHW|6pWW~nD&v98 z=C9j8gysY<^%%@I43!t-Pn5;kKF$;hBhd+LZ`{z*CLd_-U2z-}(Pl^2zK5(9YVWk2 zbK3ZvcCUHcrz~}%r%eYd&Wz=$>44nKuhq_mN@KX&2SMy3qLX=U*3VKdIW!bOn@V zPWDJikx@R+ae6w!rn92)r2j@-H$S`_2N*+YRhane2OP~Ev7&QH%3^+6Ky zQ?8G^TBf41CNv#}uAz#W(P2zACZPkO)aTZ+1l+eDDil6mUXX|1JzI}R%elVdSEC%) zI25PI#^b=$sjA3kff4t6*eOy(Py?hb;V#RI4baD9qUo^@tL@1xe3;wrRZ+yQN~HORrP?{C7m5+0Ci1 z+YJ}DzaM$_`@pkx;P)jmgrmE8!U&a^OdkwlXo=z~Z2St>DzU2#Cxeh>b1nWPC{*h6 zWpecOu;zU2h32`B2_K$(Zhu;ENAb&7@`WfN{tC=WjN2Bv;I3&nEgQLRPk z;j`YUMLI3<@$sz23H-R|W8n{?#*}w+He_(7A2ojE!52;60E4iOqNK?#ThE*M^`Css zt7y($7>QH8&xXjPOFZ@MSV`;z=jQ^@y@GmV}kz zEWiNHXGsZTLStMrTmOOY6C|$f_mt3dEsM+1bmRalA#Zqge4j|!aDCAH#N5#8{P56# zm!V5=@b*G)@0gt}R7nQl8D>m?RF zq>vs{&j*(|`PGZ9yN`SePx!XAy7)0+;7Qr01+NB0kbF*ExpX+gOytb`m$9y(bzixr z%p-RxVrEKillv!6CmONgQ9f({$XNFjiN?PZHjE`hkJOVs+Pdb-N)c`aoXamnB~)e` z2q)bSl*`O6d8Y#4-rgul)})$HK%paDe8SJmC=C&ad&Epzh4p5g^_^D~crs5Dkabli z;z->i31tDE&@9&VeD?C!7}k0$ri6kjpNCV3 z)#!YsD0+shqCeI{t24Kgklvw~uW%FLr{}S$mm{6d-W4jaPgw?UrLch&4`*U_4J9ZX z#gg=1Yq3VG)vuk)X~h2f@C^@+yl+1 zC4m`>pg_io03FGk1tX(CjJl-g%$iH6_4bf8dEuDNal{I2{IdwEz^4|6vyXJ+- zknOmTox+ff&Bb?pLMLbS$1q`GOhO7#cbF_H<%q6ViU=HMpoxg0Gc#xzBuYV#%P)+K z#nH9@9x?b5_}FhXd~@`*eY1f5D*eXC?7d%X&D+oRO;9`zsGgf2nLKjj`b_WwrSzHL z#6oRqKBSK8k{V_tayVPOsw!Zio+2E;)S3>QzNvGDN zG7x(HIpUUZxb?fQ&2{GT<(+turHh_pbg2&FE`_kz%Ga?Hx5xlR%Qn7a(<4pz|<}BqiX#8 z`pb_kPxCnjZ%23@>UyWCKlIR zSNM-4s#H{%$txc$Kf$7MFNt@+*yJ=&4t3lZMJ#?V_l2*`8{r2we>LCSxEQjOf1r71 zd!x)&xqw2(^{2M|L|lrvx16 z`;u&bMYHt+l~&N_(e4qwER;Zh{PXtL;l1$6kBoWz5~h0F()&#S*7{Pnd>g! z4c&gy>3iHxJz#>W@Soae8pF>Xj@i{&FWyGn11Jh3UK5k9aoi)TGZ^rDhoZq5AU1QJ zFQv!4WuzpkRK|G-C}STij+Knq#fqj@?w3>1)C^jl{!kJ8`}@oxt;dzV9aYY^Xo{?E zhS;MMm~VP}TnQfh%E2B^t|&hQmW9I1&0T<#mSQjwM3y>AY)Y5ue#h{3TH8DLpzUWH=#D>;FD-@~t9WyKfy9EWU;!c(MbKbPffFL~~4 z%|F}NI)2lQmXh$XzvBB%J6oT{n2``T8#V)f3GfO{OZ+m}L`hbn`v`ag}H6`@TBik;l0&#lLdDbDe&j9jd+bil(jy32Gz56K9ZJWf&; zdz%`nQ$hf5Ovy6{t&&6cxCsI2&ac3;i_SD;t(TK=_i4KWCXJ;ld zWCu>YO__zPzlc2G|FjIZ+m&gQMleKJlEVsY8$MpR@Hc<*(dF?Z$RwpZYuY=-+FM6< zCg7;o$%>B(>HKl#7@PttHMWHOO@&|KCJCr^y%+pQR7aaL5w(X^hlKA9ZVwmwJ!0^C zbnmB&KYHSxY@@q^erg$hF?H`nvIyfsrOBAT*7I*n*p~iYX4`Wy-y*ma|5n zw@+d|;LF?{DNYi`S%?-3ObgI|25ua<6|rsebh$iGO~gUmu%d@C8BAVpwXnP^wHHqz zrBVY^yH(D{1vWVv)u>Ry!U#apSSjGF6rx1%Y_3R%I+s1)P{yx(st1pgk{xm}i1%?- zgJ2%`SmeA)W|?V2<|JphbW|8-H%5$;rzZ13)UIenY!Z&cB>-dK(tTH*s>n8}q#1&+~d-ujl=|l+iB-x`6OB zPT1`W-CCNy%z51Qq0y4@M?FwKukpZ&1}#9Q@@+12!}OBe+-J`ACf@+)oQVIj`r^tJ z+Nmc1Xo2GgqyuNn>IhK1SBp)hp5U!NWK(FDNLWx_tQ-g_B{J~B-P|--w|20jVwA<*T<5AkOB zb2qJa_Z0v5RJ?Wn)7B)+j;6!Pl(U~qnrwmtOtrp6tG!@ChpqVPx&rc`d-bsAj{QAq zt>1r~kN+Y*@qG|RvECo^baVAUNN0s$1-T9!K#|K}4aOLCr~ zmhFeLcZc4!%uc*pj`^J(S8%%GeDA*^zkUs!YnZ=@tT5&AdH8@1f59-GKKwWvxVbn; z2T{41dcuHI906(^DOMU53?m$#G=JXbV3Tz`N9W84)F$XeYk`-iD_u?vi6(k$QEtf| zR!Gu%gnpTDq!`*3UtZ`;5`cB%HIq5@d%xR6pwaQO)w-kep)w(I#2vib07?^^%SOWa zIVU128=-X(QI`+&(%?(V6McU>s50BI8FYyJ|B&PWo7L&Wr?qM>0QfkvU6t+02zWT@ zcpwJ!xagO5|Ab%Ou^Y&2{d1B)aHg@Kbt3)a`*I-RB{J94f9~bf&3;bd%GxdLcpwq9 zygv(cvY{N~8k>MFdHZC(3&f4G0<+T6>l6_&HJ^DR7=`<{$T{UIQ5 zrMNxf8%!U>&DYX_E6^3%M-dg(Yi`DB*TFm&>J;c_@i)F@k>+;Nx!G+%>+ zV1n&J&GPG>=e{T1YfMM#X&)U5rl5czdR0RWbP z7F?!v(T7;+6H%+2A~Q<+#S~%jC~F!}PuU36GdNn+c14!%SUf=Hy@1UB(KtM3|Br@` z>Jxg(IP_9;3Tdo@gId^gX}O}9b*%u4p?jY9U-k5O<$3*4+fox&p&4mqmGnT(h0Ghw z4fMJM>g9gyqnm2jj$AeWEXYv49|SLpVyYhFt^N1@^Dy_0(SHw>rshS&4u3(&WKTWJ zb*g#<6_>FcBf%p7IZ&yWs1Ls?4FqZzMXz-qYyZ4>Mcp|5!fCYO;ZrvMNmKd-dRov9 zU@v~qzBx`G_CJrYx|!OOfg)JLx3de_N`4haNr?-j7)9w^Xt8>ux#?$*4Mh?t-1KE zA2+rZe{YsJ zGfUmY`aQv8JI|Gg8Ssm|A9mFvVasG${9tX4c}yqWjy%ymapz*w(U|GDs9DoBcG;9? zV}t26ZFw}x+b6qBLjrg>-{_YL=k(5VX=Y0pLhn;B>}!1ses%H+s&F-&Dl$B5nn_o+ zsnzc3BidvgRx7;Yr}gc4bxws9riuKRm;2e$Wh0`>KT1z9ADRGU^1igw;o-hDh2<^9 zlw-~{?#Z8DUORmLVp%hBI8o=fXP5y)#(PT}Zcx8gD&RdYp$SMfD;HOHWw)W0zP}WlPe9EHBQHG6d0%2crtXq57sRe>RoV+;@C{bC zeE3!Hw@wua{Cn+LKTyEWq5b;uR6Ivr9ql6%0*A=DlIU1Fazju3rNYlcbb=V6@qsH7 zv?)tj4S528CWbR?z;g*_or$^4h0^ro6}*{2@$q^#N3^c=!5DJd{5nOF&mz+QiU${g zbYK@yzZym$`HW9>2f&?c2oW zTI8peuf6{!{smq9OxxPRi}B8Tc)+!w#p{3?FAzxaZW-%MEb z;7LAl(j4(}$M6zG@PJ|NCG&27lD7OV4GCE!ivT* z`Hp$~(}ih|q($Tzc+h}+9S@w;x!jSvk<$8v2m-C;5mTB{uCXKa@+Bg@tZ+I_6V2(u z%8uS2I^zZu(ea#tx`#QHR#@}LI>R*OlveX@JpV0ADaJ5Jw28wvxSch3^~;e`GWX#x zUHt>Jlu=NF>%SeX`zti^YoIJbmHVIDPZExp&ROD~JbvPuf)+7^x>2SP@LVcE@BYi~ z6r=xN#6;*8{E4y=#D)}f#-G{d>82@ffFbO{H{{BR0^&-Qxb|oElha!3qFH{Mf9G0h z#^gSLse@;a@oR!NH8B_c)z5#Ca2B~~d=67*avq~enR^9)oJ1Q|xSR?IDlI~n@1W$h zs-ifUSo4bh&#}@!Jeo-w#sOaTt+OqNgb@)PIQJaN0+atF6hxZJlMPmg9Xg!~=EdbD z2o(_=*#To}L_s-Xe69xb-eeQc3G%)aL+4-QoGdF*9zt)5DGn%-M-*DH772S&MF+S! zWF^QhaqTc-WI5`J^0|5xbvZb%XK;LUC3LK5^)cVxwvE9UP~nz4_fEthr~yM_P+2@oVN!b#__Nc9Q43F^Pf_0BahE ze?qY#YG9Np_&*ii9tM?{{4%4EShBzH7nygd!l6$r8|&ke>)pS+scwq6(OX83kPOQ< zvwQgfP2v)HJWTr&u%I#;g?pf>?{;M*`P_1u<%oOa#E^|H z2u*}DW?jVSAFiLJ?xpDyk=)B#DVe*k>vg_Fr+EK7RveX%1H^$NI_CdDUD@hEu)uZ9 zNq58(F--!tgL9Olot$6d=%(1&;Q_F$ww-lUjQMhmZ!cF^alcM( z5+sD+39c5#~j- z^m|H5*KYIjEV{lX{rdIxGYB$8*zjqdkeI-LZ{*oO>a<3pzkYz(rp0M>uh?&YMc$8# zZPm@4o1ZH$G#Yo^`lz@!Zn67=`W9Q{_=vU*2nC0KxuAuG}-is+IsO>TVx zw+J?xJHw7bR^{=%*SAmVrtQeMk4~xG@M>Gz+L^@-@%i+LoYqgtG57OYkIl9A2KQ;7 zb5P2(jxM28DVUPbOi2gT3R;47_3%J#!|d8hOi=uf2R}w_wkG-7i>|)=emmsZUkazQ zbOvOv_1&3KE&=z6m)#k(0xOgNf-SYEOSZG2y>^}9!z2Xb0uj0PNwzRc< z@ty2QH;MjZ^~>8e(R>0dXfnfJMubs9X_z!oW@A?m|0lu_QI(?ZA8HQX~fhw^;{g9qFd_*dt)?SD{$vPcIA{n5qE#*lh2fUR# zIw&Zp9qeQ_-^Xvv^>Yr8eVkKC!$CX(tSar@puX%76{4>&XT|Is(&&?9*SxMvvN^Y$ z9){034BV3CPbrY42VwCAmd%dbtc04{+OQbkVyVnWm}oNUd|!rE%3K!XH98p%lb3)W z0TXTU4jWy%5d5hPc;;g!q4P%~0{Umd&om}U& zZugI2p%tmOfy${#l1_vra}*w9z?RTYhdrSry(>S|n04~rc06XV$`3=Ks2NCQf1x(% z$W&iT4k}|ufh7T7V&!RT||Hl&~|nGzyYkF|6Ibgcf%_=O$%#4n02yPnV~tOJz8hi=-Jo|DRca z8=vjikI~{{@31*|X?-{f(QIvf{Q1lh8ozh3^by;)IT|wQ@n5bK$8V~`?tq!E_Btji z$AfGwxJB{wqA=niB{r!E(;Ui1`Vk7StoN7kB|NII*vsyXlS?Z9u&G@JgX+f(pECm* z5|XQ%Tk|gn*mThx<89h2FP$q;2p0p+jHt-S4U7YlY)_$#4pyEvKiL?vQmLgTHhZ_a z|FrY-s6$dhyh?>k7ajotc1k!{onW%%xSLD3xXJdgi;@r`pQ6oRwdITm)rCYfMt#lP z+jb^CN;BrGc%;{Zl|Ssf0zU2h^?>i$zppyEF`YhIQJx}aDl+kS>)Y3nJZedZRC3*r zkmswz6Z1xEVL?m9_j$LzrQUCNF&lA{-Nn8wC|TN2_psWf2A6At>JvfGcl2d2YVgx2 z#qJ4|zQR&@7FTH%mSSs5q05pJOq~axb#w+zS_XletwwO3sWWfIDMwflgqO4kB@n{$2;YD;}7}>ClL9&2+iDN zJv)+6*F@6mESsztc`0Ul1e}hQY>b#-C!zQg0cfi8=dB$fdy^bE4v4Tdik^1oblL!7bDSjgYeV@n-y7&66lMe!&=Wq`=6-keP zr|%QMz_s`t`(e8nVfA4H>CuHT-&0W1PCfIWg4r z9aub3sgUl1;ZBfDNlC%;^OxsXNw?ie_q5x4@r(cGy(XW%?*E9c8u71|Hdg5<&5Ov3 z$Z@Gq<{_f#X%uxftqWbM_(}A`)Y*h3mIsYuS)N5bVo=X3tNj+2Z0ojX=Ux*@lemWs zIx<3hwq;L+`fQTT!i?Xm)gIEvhI;BLONnQvAr$VE+E#`bjub*(Y-mt~eDN?OQRz9l zRtiqVbjIY=p|FjqqD*eGu#vV9pBVSTq}(_N~0s5`jyZYP8=5+~jw8OeL}k5j*L3KN457fhh1(MY#akY@I`@F)FhUcAj;exqwxX41NUYc(-G_QYnb z?puG4d`D}!>kkP$xCCZepQt7*C4*$WpKQRsU!Y2FrteUZz+2g(%%iQ}n4Z%M96a0s zo*2Gij)<)$GQu3X1v|tp?xvIfv?jKq*NE236KY1Vly#1w;nL z)Yd)HE&PlBxC;)f{peKhFh_tSVFd-2_ln1yYp+tp;adJbVc+<7HR|H2$?mn}y=Q-3 zbRR7uQ6vUMbR-FN@5HbOxz0!Tn=i=e%P*CSN0TA+M?Hl#?7y`KFbpUd(_QeU`gcM`F@_Z>-la*NWF;qzX{htZZVw8=b&9TWp=S_o?}u-?{l~oQye?j! z|CHCdH*aS4K+K7^myZf$lQT$M4@$!O61zOem%P2e16T3ZE>VL_M0UyWlQ-pQ?Gw^* z^+w;n=0D!+rRx>CvuzY^bz*KupKEFbo9r0`uSY<3Bv+IgK-V%!3_dR|hm^KPl&y6j)q9s*hyODz0R!%8lKrK{nrK?dn=( zo%k|RHyxC&t5XyjTeJG6zbAc2N5@+02<6)UqQB*CI4cC43Bsb;)Og1*A+t=snCN`F` z?0IdSNAr$5GGE(}rfz=bV%U+u{i#2@pJf4g4Xh7D^Z^bXV*h3?hKxxO%X3OSuDYCh zn^qzvr%1O!8#V7ipZE6jd!GhB9IS&dRNzGtOUnwfg-l5q%~V)7ZShWwIl4=B-8XbO zX=q|`@yc?t__v-R_%*-mHM~)Jq>=ZCWYya~5eyI7fn-3ACi25#-LwJ=M4oE`$}zQ+ zwo}LZd$d7Rv*GvXfFIMD7EureD`Z;#mPB$jBU&)*QlafJ_;}Ui%qX`2qz+PDxP*(wl znbsvzaihWZfK=M%CMT$$isP3@KECti5@waXfU8H z!1Ix#k|7O$yo{HXt_Yk-0hhlk!)EYVMiebsJF+!kSoP?_RhpFCzJ2>5$pmw-t(PZ# zye!4ft$+BPoN2Q@KynXo1t`xM(J`F(x@Zqm!TuBRk9!*z;yx`Mtebxs@#`Qi&>Z}# ztgCAAt>M3=lx9)Q?a+lM5yPe8SHACA4X;3(4*Qk&MG3|aA zJ~)U^kxt8KM6+XSaoqY$YTo~INB?-8<>`89%!K`XDwcik``pOaFO%1VuC9{DfFcMn3bkqaAwSt^Xg+3iqFm=(mAcSs0& z5mRW!lzz)rxx>3oN77g_9r`O7u&yYB+nrrrIf%q!^sRd3!c4>V(!Vlxgi%V!?sd9_ zA)gjPL+l$O6aX;Y9W1H1ji<{k>JSR-b7b-7p%aKMRa~DMpIYlSl7E4UB;Z>i>E2-d zwViZ_+M|skYOb&D^M8ekcAu`HHe>!2(>S#VD2PczC&7s@CIm!EPC{20#2Frz#I$)mSlkxh-*H`gdkBT>zsyf&j zA@dkRI#;P;Cp{TIClCM|r;U8A`UFtmo_$FbiTWh3NUzbJVWjmv*kS$P7%U#Je=4Mc zLC8w$6Anpn|3pVI2deJgy*swA*1lYnB8+mF6A_ylBr3IH9E2D}B*W8<@wZLlPIzq| zTc2!rMxDIOrgMxq-;Q@rz_J;Gh8r zogAurqdVFm?*9IY?)w+IJ&jq9h3nXMN%ex(4{$c7eS`!Wo{UoL0wDN_V1sT{Uh=)r zXTvJsNA{U5%hx;ot|5{AhN>aCv$KO8sO`FE=g{Gf?b4ab7|1Ihq&j^>ce!Qzbrsrt z>?XLOFn^gkBG)xY`MugdnoI0}TxebE-=!RGf z3p?e>e@t##Ao8h~2?qmnI^>S+4*8Jhgi_*mhumkyX(E0NyGIKXYvwIgTygx^%>%jC z2EA|PSd%xq>9Y{~IcpxRyU(MHhRG3^q5mhAX;OelNhCK4<{`x?Ch_s#S?%jnbrU9A zKUUh;S6{^emJf0dayOlkz%NbRq^2{RS)*io&Nq_TkLUsmYkW(7ff(z0is~?TJw-XE z=&9!eGs_R=Qx89vzz!Fjv_4lC)6n$g(0@s?r9?O&m7Kyzq>DD3VN%zIq28<%iAD+gJF!!xO=NOLh(OqUZY zgx|<5Q+=a<{gvGtwytL6pk$B=uIQ znk{&u@SV^z(0qh%msZz@%-#)I@t$9_?+q-z-NK)+$*xcY>!)x{SkF)a^@Ld{$8X1G_R%_(7Zx=MJaik!v7(f zePXJR4wZ?{)2zeYyaT#dBTg%WpU!e7+b?8$9CvL_XYCZ|WJC%a6Ak?Z8kuN@4O-YD z%7#_ZO?JKX-?+|^=Ic3ewKv`z4`|=`u~NLbIBl{=*s|XC3=cQZv@SyQb+r~V4j78e z_=<+6)r?Euy$J=J#(sO0k%+mugUthF3pK{Ar$Qx=ZJ@Fq(ne!Ar4tSDg#a7W+V^4& z07Es(mzFJ&?U(Bb8kpfzi9Uij8o`?aT}?exDz4ab#y%qUzHa&*jZ zb2iEP3@-R_xi2KYMh{2~$QCjsl`4h>ostae9k;p17 z=|h8qd+%3QU$g9ZT%uetT+-JqWjW=OE#J+#pX859>sapT8il%sg&zN`))}BRpF;??bY?v5Wksd@TLQ|@%;cfn<4Qmujeu!KxNqb(s2&pl8^j#eQ-)wcbyi`|`IFwzJV)g!OX zAJda>^g^8WanKO=bJd&)swGF3#d%F{NMLbweInD3qusiq_ zugToCwtT_%G0E63f3ysrX&X81Im9kH1uGMkpCDDFXKo@{#v=M^Y&~e*i#*6pYG?sj zaWRDKCGO1Q`>as-R$1F~!@x{_jye?mBXIuB+bC^G!Mw`h1UjY6JJV^J<_ge|kMYFGD1SzcKdAK%l z2!sC(Y5V41U%!B*Vb(Wclg*DaA3B3(?X9&?m4~-WCr`O3Q;u8TT~GECQ5;_dpVlQx zob#a*sTaaB3$X7jz+FX)6Vz6*P@9kR?VIYpeN*2v_=r-RoUog<{*z^}R!=|{$kiXq zTl~_Q|0;gvRq@tlzt_g1c>1%TJ9k2O3`t~!xgX&WhW!t#uUtH>YXnwY@AEk73WNf` z1@#_9`HV8dNBQZk6g+;BCNCwr4Q(lw@LOm;KhfLty)=SYK$LA%BmPo?!()_OmfNQD zalBYRI48ubc5q3M0ZbM+K_+{ai!(XrM{xV}8W1qVTf40APjM9~ zwlAnvX`b^t+uw5H7`s||;ek<Kxy5?J(TW)2Y%1RuqI4$};<_@-cj) z8eQx5Ql`dq0x`sPbg*I2ZPYGczIP!!ruLE1Na37qK*&?OncE(Fnh)t?>>T!!?&Xd} zhIzBokRTB>$8Vz`>Baxkdh+GxPkvMM(;$}f{tTtBGCQRuOVuozol>xG380DF@g~@* zsP1vy;};TXKjH2n3FuYqq8h0O*+TR^xO3&$IfANf@2;OsO0)`WKBWpd8Rjfz zrN=F{|5z^G{JdJ#zL^{!_2Z++!TM^v3X!;EZonp>Uhof@!N;Rs^`Pk4Mzb%nb}37j z-hS$HA1oYQQ9KKXBYy(OT z9}6uTfW}Lkf!x63JQ^`Lcw9g*xhGIhLMV@2vRjxhXp&t9-HD`7UY{#21Ga8lB+!d! z1(s7PQ_IlqX^YIrmpTtP4II}B8f|SISqO(LJ8u^NY1cRM4?{?}wl%n2BF#Es7Y>Nq zIsZ4DgAAL@7zGbLec*pL*M4>=|A+rIWlGj0hht&oeFcDHvKr380$qGRiehvjp6e0jg_)$&yX9rMz6jd!Dnigpp`h+Ey4`c&}xs11i zgHFajK6k{gO~?P}m@eM@Fj9A|GyTrMaZ^VWaS16KsZd~(Mt^}`-v;3}Sk~%PH2pk% zl3pXlE#grETdvb^D})k+tne@YNw6W?33e}9$r6j1p<_tqp~rz_K%sL;jB=fZ^GB>g>k$PN@03sR486p?l!DjIB$r4u_>W)>t zwx7n4-Dh7VP0VMjdva)?_A!}@ty(|g?q4tps?=6aJP?>iF3rqyL0D+gF+#VYP)D;# zA5mTJ>3hV|(3a(Ld_cXGR)zPKmigXmQ0p$q-lh-IIytyDZ-&x)}l12|w5Xauj zAJf)9rgx>l62%GPpPV34P1&_9X%r`jAg3@G>*`Yc$xtahID`V+>q%M?8WKrw zW@kQ+7P7BYvx_GL+n`3)^~bi41_x-IXL6*sXD+wt6iW(<&n23z3ODkGXsGMQZZu?P z^m?`(#M6qRg2v-cTkjUi`vN&t+hb2U&;^rUsM-?Qvfv;MTO#R2E%_;`kbA7c;J{0X zur9#@a|j?JfmmM|GW#yPq0VqT??^*LgyN$ZfV6LXl&_tKQADF=m1eBIMGj%eYQfO$ zaMP~{csE9~v4e4vzi)#nN8a#M6C3sYm0chA5gs88Wl)8)}coRsVEH-`C(OkmrlQyLzohiyr{6hX$-#rYP zus!V6BJ*SBx>t+xgdMNR;2WWiTr=y8;}lKIviwOL3iAOW8-PND>9ZBU_fw7Jfbuql zHuX}UjZ@GWHMpakrc&rx+2cSx*FEq%D6b#@+Gf}-pHqUv)71>U)z8=!nELHEN)gMy zCI7nNSA#;^fVz=~{guQp!<9dtj{=@fj4{@D2Y4FDFL8e06TsWTQWMZ>&Sjpf!m> zBHQDkn26|OqsdVw`q-RZtVbyB=EGr+w(lH~uly8W_N|Ix7oHL-CHu3ezlkBQCCXD64Fy>t7JJ1cp! zo6YS|>|k$YZ&Lz24Mq37hCYdNNL5Dea5~&y+whn1T6ECo&SO8mTvu=4Q?Du;+HEh< zql78V#)(kU?UYGmQ2II41SeVM;sN70xf+n`IIHNH6XswjQ${j-P0zn}bCR+SGu z&Dm^!R3*R|Fq}e!IZqj&*g0^d;GQjryRGK$3bnr}@JSSeaw)X9C@3Rt>?FD$eO*LBSB&NtLo-ysG*NQTmU@2W>m0qEezj(Bp{7Et%FEV`sc z?_Da`KPJ1^DEd%aW81m-$@-pTVIAEeorN3z66L(FW%~q-c&7g7dd}VK?)!dSb?ml= z_?Nr!pG~>${^4ZH~N(TYJ?W z^Qm>BW!*mithQ}dUYazDk2MYrstDTy#znkHKsL5g4VncBQZUAG1a0Gl6*Es$j^Mg- z+hV{;Rpw8jFQJ>g5|Kn8k$Z6{e3G1EoTUd&vAoSNq4%N5!>c*1p}wLJyT?P5UI+ph#?A4Wym z=sTW!L^DYrd6XQ&IbCFpj?6pv{JT&i-<*7{T>)#95?}^L0(cNqR|551*a@;CSho^s zw|Fde)DMokJ<={FZ>I% z?tTyEm?m4LYlfw^INvD4DUhGewroD@;1iy>862F=iP{{Y^|dqU-j%y^8ILTE9%WtQ zUuS8OUCB|q*$UA9-!pSP-t>Z%@VS6`b%~`Jmc|hui=+sa-3gdmIk)_ejy6nREKqjS83Lj#xVCt@GqFXRfUm_H#oXpm z)v35`p$2f<%>irh`~;45o)a=#5M1E56LN52IgAdL+d}1`2C?R;Zt+~)Qu0}owUrU^ zPr?nxZZCAR{KZuqPRTy@M8c5AE`6L3y$oPvmp=3yFzjO1$$yz9$t0;gk?rBKG~69u zZ@9VM&-N-3++3`WpE%PtEFJ1sGfDMN%)|Y5c$vW^*()n9e(&ZIi*Ugc(xcAwtnNXdIEmT!^s)dVua)h*m8OP9jCI1`iUQQg{&+IbTAXSH1<$pPdlg{NV@DDh}RR zH1H*7@=k}C^FAwOWm%NfpGtXLR-l(<{w~t1C{U^>;0++}QUP8Xe^QuoCM4+0FTA$9 zwf$aad-op!cD$Q=w4>gw?#o}{OK*mL42j2mFOM~lHtBw= zQ&#xz-O9@2f!3$ZGY613!B(Kfzz1}nXfHusQEFF4GYJ7&S2+X~xEQ}f!7!!hdk8v* zAq9|;U*iOf^s_nN79RfszC|?aMaC?Uy`s@!6o(Ij+;8&c=6Z`l=402xXGfNM!y60h z>&ZI__y`QJoPTBgP9T5me!<))cVE!WuE`&M_#5){qOk_*t|=UQkaNGjw0^s`zUO|3 zaV+fOY&h4hZKiRMCYIsJCDOdVwlBlb^ypDL(NGsX3)kbWc1>uuBx4ri>Dd&-Dx%(^ z8tc316-yCbJ=ozZr2N$B_MMRGCwp6#6DNNBTgdSf+Pm>%dUkg9%o!VXCHkiV>U++- z;Dsq4n8=c&%Og>i-NyPjF*?R!nK&ncVaZf9C2vpbcsiPs{OmaKVsY{zk20R45Ytn} z?s1vU$YYS!CFHJ?4NnKFVt;(<7v5ayt%~=V{^~e#CfFvS!AF>gvcmHdmVE7p#nbr3 z#nPB&-jC@g@wY2PZd-|y=54?p|O z_LQ7Ld1YdXgn`w^+b~oXcAW(hlF^0JrHXXBloSa{)gTcYgOk?w(+*Ss*YiUyy1Vb& z9-agZk$)zGYEHH%MH7~?>(FdwxH;&kibJw<=uRaxy(G}F%*sEcaACoCv}hZ892_rN z=zV*fKtTK>6V1)KIwmIJ=}>^vS{f=3QWvZJhDn9g+f>Cv-BGWYM_ zpO}c+xRxv|)22Bxtki=!veOk;E>1GPml6A_yAZyu00CW<0%cXs&1!`!c5J_tTq}$O zfl++o&&bU%ZYWrGokzlsh!UJlsX~amsLb7ot-ruQ>{a{vxH`CoZYHkV_Lny--Aejg zh`INRE0aN$Y36c6q1f-CbvmJ^vVhL_r_f0k zIPS;mx7BD=RkZ-)creB*}feYRf1x zmZQ_oq0h7RA^ZuivravE{UGVJ;}ep6y@ZXK){`$spB39H#;^N-emvBZZ2!E<9Y#E; zqwIT$xliq!ZcAd9=|xGRUB461m^m)1fA89cTsL)2>VS?8nu9kbxmS6!IE2bJKrGGT zS>}PUY$%yl^qP`6G>prBWz==mqYAgEf<1>W7TA8J^m ztu4aTKo%|n^cNXgjM4XHmg$NsIyy3U+Z&o! z-+uVuJK5F)EgsD5+!W0SB2JtSQ-pHg482?czYV}dk4MyNU!e*~u9L{eA;Geu;! zJS>0j<3y{1p4Gj}hJ-p_DwjM*D6izpzSMhW{N2dKwcuF@SoQqO!rhRpllU&~j5Los zpJm@;eeIy)Wy1ABv!juK4d_(AsRqXH_$q1058um%Q`69Hxt$xJ&0)8bp-h!9dMbzP zNk|um)EpU5a}%W`|pvFB#z~e)#kAM>qb> zTAL~M-@EZ*ZgOih_~HR2!w!*bCqf9uf=FN!VRG3H*DKBxXPg55N7hP%L_zV+W%r>5 z1{x}lC#4NW=6_Rfu-qG)yR}x(9^3!pROF&sQ2&9VqoZ#JkK0%|2fJjtkX4lcqJv>g zB+Ts#VEYK+h&ux~ElKU5tS@V=-EV!hWp-L7`oGS8rk_c58J0UnF_5)^FbN3M-lY}D z!5kCc6jK)FGe`_K_r|J6uNorSE;f7%4hs0g@OQ!`Mo~%^FsYKpVfv zzCf!h<6jBDh`PVk+45Iq^>;yYp&+%(4v&vPf(hqs*rM({ zmM9(l`~;IK>9-r*xt;j%+qlqJq}jVvv5-!e?eaJiqIL}xGQJkQ@-_Wm#VtpZO(SY};fF<&X8ZqG zp6OqlzW;pP>w3Gf^u;#A%?6>yzPTiw%R1L~ijmJ4@b|$R6VVJqqH3210!g8TQ@Fex zq=fS7zkGh@8+-OZ(bZ&_N_(AsEA!$@E6e3>t0|;6T2^|7XUe5iQ5=_p!KvbKjmrYhb!+pAJy9?7@_}PU)z`m{j-|MB;Eb8m`-j9(l+KbB(6|zzM63~(v*G}?*)DKaTNPD^l=FN!?2wkccs-y^~{6hR9csGCY5wSpD>38kfCnL z8JDobWbDa)?P!2Tr_z`Y@8I^}4d;i7ZA~`5&V7piyWd2xZS~|>+%M0sl9fUz7RnZA zK+hI>ZhBsN7&}=@=zucQNHt{H+u`M8cY0;%ZuZC1hMU1LKi=r}@OiK(lT8MvuwWHr6vGf*NdV&5Y_R&?AGat()P%|3SC!sl%9+bN1ao) zsL0X>%P2l1e7Vf?@GrXxDaB)|s)RWK0a+r&UWDMC9%vg8FhAJ4&|f`Y^{SyU5{4s2 z2aygAAQ`zJ=r4d~*9Qz=;F05z(-Q5A_SR=#AV&dTa0zqo3h;`j!z!tdVwXOCnR@r^ zS>m@L9bK={v4Y?+^&SnvK_9;VAPtjkq@liVtbkfs^N=&(ok}$Wu+b?0l3}R8;b^17 z3JzKNdNFTNRO-ef{{Gt%-Vwf=1WHo3ee+E^SSP&8LpnTRraebPp*zDmD1b@BB5Eyr z73e(rrX2t*9h_CN1}H+Kk-hzf=DXA1+Q)H)ufd{g%xnPi_(+QPV{kBRXGoq zTrk2f(_BJ5@LsR^fcI(d{ZiP3*KicG90;YHcrAyoEsZQg$Y5e{+^rgEK4WF+o9a9ZT*PM~?O@%@DGtIvEl;&uzB{BH`3u?Z~( z29E?O@DTeJ6nk6L(7v%84e^DWbS=j3it5ZV^JSizVZzIZ(WDPOJ-RYmAI3Y=<2SOv zdgJ0`5y=T@OTN@6$|B4#W@V457wlJs#~Z5Ltkb^fEjWGLy&_fMGqvcnFg#8APa*3E z*&GYUh?*VzDdAHzDgOKLd2vv$qJNGxl*@%_WzxW`<(6zAf5-vMh~Jw0*7uXMXSW`F z?cTfk@2j%HSA%(Xj;5jy5{IvlSZ>>?Q15Uw`vL+R9Y!+9MD9S-@u@jJBDc$Jt98th zRw7(8R%)?lq6QJuFOXKqSC{N;= z@$-6fEAbzygF+d*wR`Ga>la_n5QD4*5~NX4+4FEQtfPu(Eu?#gU5^ioFT*ZlkzE=N zS>p|M0d)W zOem*PS<$F}P`^#_gk^WNaYdy16#nA;?)&48$oP%lJJTmNM%+!B+aC}TP)b&)E&_og z7BI%>pDzL2XTs@`YqYT2m4ma(crBVMkdgLW#zHMZ>8X!0&jZ{vW+p{S9=Lv+K_-yK89efkE(Ql~AO#=RFL1hJ`*wgB;XyGm z0e_4hechMslWZp23d51=>Z(?0Szo(mrfT7zU2-qbHmJx9c-_d!f3vYmgYfQQZEXYm zMWcT585;*AFwSxjq-bt);CWZBjS*_YL>Bv4k@iglZ!|lM<%q?P(SX#bMqw7NadfevU_3N1fO8f-m6myC7Et5lIt+Ol` zekmZcD-^)9yc`ib9817Ao%4|IsplJ~Ih>lsl}pkN94TFh@rh1v=BQ~Dk|(D@);(+> zJEX=T44rsXDGdG{D)XYo>tB2Mw$|p(#^1I#mRyL_JQp+YkeG0iSu%I!kYa&+i_)Bc zG(4Z|1QrFsJ%eV`mhMUzh|ScU#=KYpH3r9%suxyz-yuCik>+ucPxjT=_+Hw?_ldr?!VXH77r`b9nnSQvVQrQBF z#iQ3@R$O{SZpf;a_)4G?K<{a?9@%`ENVs%9kUU>eU0^BtmyxgEL~lAnr6qL=5KOZtv&%fh?8w+r-U-D zUtwNBO=z+|(B)xnfDc|#?SQ1%C`)SE!}8EO(ImEr(8tTdo1c}FhQGUbwr~Ai=(YJz zBd96!UWdSFmhX&{fGZJ(12a9F#DICqIE8>rI>~CII(q9r|0QdhAqrAaGth?7K)zU+ z8;CgqJOq|n+4@`>&wD)));adB8(f^X3`j&6KZl1pig*sSFPj0cP}N){8k`$UCO^f; zE^ltVTl=2A5Nq&Zw7VuGPa|l@W$sHT?rd?oGeeYd5fo@Tm4EE8mbI|I&1*@C|4KrGzSCr0aoTzco@Gv z!-M<38B$svNO}={`=%3Z8y~-Xf4BB5@!C(cA$5O3J&{`z&<4DO;)Kp*Dm3G|Uv~&} zNKJ-7)4xC){eN722|N^d|34a;p_mz02bmeexRsD2855Zy<1FWjRw+lU%ZH!)$aCM^ZkB5$NTeszd!gA zvUG|#z<1de{IqZf&UVxR(3A;J(bePHBF6>dB@>7@v)xh0&&JMdte@yy|0q01Mc89L zCvmsnWRScY4p9jtX;}c)cmc75E|6+<-b4G!(Xlumsz+wT1%VsX;Q8Tq8immP;X$dt z#FGAt0;iv6q&>z&G|y?-GlY*&+LZp|6}sD#JLo9ossbF*Lrk~wv`O6Kp+^h%HikZD2yUbP<7eVH30C zrCkFDQrzT=E*|X8$+As;;kOqg3l5rEc%?i>q!1L3jL`78RzjgG(AD8kB}?ZHzSD>k z2g07`gRcET*go`g$mgTbrU}bOzZ#Eek!IUFbdQ`8Ivrob(#91K?(XrVdr;cb1;#*W z5WYbOo5Hg3N7y`|a_IGc%SQCkjB@cGWn+4L0#})!{ek^}fRp0SA`fVFR?ZzXRmWYy zf(n}8QwAmEcB%9H<0*1aU`U@ zWS}I8?fbDVG8gp1pb)gtRd6e*P#w%Z&vbYC!GAZs0@~97wrL?d&pkJ78csPv5vk#> zH;uA@!$oT(k{f3HJ_JA9&`?<)TRO4fxcY9j>XN~pe!DH|p=5EQC|g7lZ~Yzy8P@!? zfo$J)lXta@9cKPnez+YP%H2+Zyra8Qp_hAbVTK)6yt&c5wp?&|ab_-k&7Sywd^J6o*5d>EJ4FE}5rx?LHZ7dmh<3qgIY_&%Vl6Q=}xC=)%O?IVg8lh6uoIFFw{dRS*m z>QaUVe)V6AG~QTU`lf&4K*C1Q9G^WuLSMKiefpGBvDL8wH44z8EbCo2Y zuq{wjTP8&25+LnLCRhJz3nDVZoiZR$i7^2SfSztYr)!c^Ea_DyV;U2i7||S_+Nk3R zto$0Rup|KFH520mo5&*X<(||;g?dK^&dkn+L>m{+_P5ovG?bPGjt!N*@$}Xn&4uZ> zsTnFwNz$EAVoxXZ@giUn_oKy-%}37?I<|vS(-c~aA9J1E!nw{{nCqNB-wacN9_Gt5 zWf;V#`ADtMbIctcz7m+LjsFHDA_qJ8DE@iH#sG-zPx-*(aiGJ)k+M~R=OEG~*E_0i z^obn@uESXg3$u48E*Y-RZ~nstSi7yVG53sLUKc8rODF~LStQWqc+K#p>2wk-;*;j? zd;ALpg1pwWJ?AD!k3gD=QszxrZ*H;sgZoj_-+7xF?1Hzs! z2DK^#J9}Ze{P?!b{~WnQ8uu9OBUQg#hj?@Az3h&qohL52Y;N?uk=Z=8w7mH$Wc`vy zTQNS@g*NIZkvKquLl+Omsd`f|Eq00MvX7lZ(*=5rI?b&3+{N%j*kNxDn)gi*IJ zdNZ{NA5iz7+*h&K^LFfYOykD)_wSRRJ^S+gpOO~{I1##n2iCr#^XqDFPXT&dEPIX) zEQ3$*w|0Mjz47+&Yr-U1BMJRF{O^@9U{}DNm&R_h4#Sth6S!-2);uc#hM}9^t^kbD zrt2gJL#;Rp2^X02GaPP)5-U?l?ff97&{Z0++7t$wVnXoOLzNEDI6gwKnfVF7Dv(#m zN7Hdkap1Mq_DU}ayO`dS66WP%j}Mt1i@8Aj(Y+{=a5(L|yQ&l~+L1&#kCj39rkxED z7^q6b%Ae0x4mB?vTc7TEleM{b_0ywwEtcD(Eme$L402t9sM`q|L?+;R98ck>igPSy zix_aIi3rq9)u=|f?WvvFWB}b6hexm!k^W~frZij~2=$Ezxs96a7jqM%-zG)_4EAi_>hOYaYnsM6G$kI8 z6)BKwc2wZZbLwCiuF+ZFNIFQ0f+6GU+k1=uoGG1x&JzH*G4L{hA>W1kmxyJ#Q(4p5 zw-xg7q-;fQ1hg=cTx}Zk+rr2D3-BHWg}evbtiI)8A>!7y0!wmX_;6V`ltt(g&;;e| zVEkLPc}do1{S`f_`x?-9LdT^AulGFU;8o5uNfIhL@hR`-fb+CpQ0>t_f-U10o}JkI z4r?IemTN56A?=(Q%ddPbwOM8n!_WMrGjQ+H+s}8B19NZ0^+}viuzvF|Y zgHunRE~=hFaP|?SLTJZY-+mZ-@UH+`o3xs}7OnD*_M)IN9OGG9QmvG&N>Ij3Y2t7| zk{~Fe&f}SMB<&+nbWoH+g{yEb>nZPTa$`{=k*Ve>sVtwH>2%Ap1Nrs_=>iDYHwJ0JUG#&VHhRC2Z{I3J}Ag(beXY0^nv}-mbE4r=E z8%Uu8xdc%PiHxPQ4ser79Lf2dJm!rOEGv(v$+zPKi+WO%7_}Y@viGNu;XU-zt5?|T z$vx}IyzT&y2ZuH^x$0O{u@Nj&(9H5$Q{;J`0z=P2pMr6b*q8t#e{ueyoL12K`Xu|< zv}+$)|2Ps87`^&kd!e(k};WMnMUIB56YD;%ku&%5~V+=Y&f071cP$KYc^_U{Sf{nzX@I)ZziO@WdiYRU#53{n0 z=@*&@WIb*o^vlEANFNP7TzT_v;g7_TXk%mJJGKE<#(NO&5T26f{q;h|HS>gL3Gl29 zi%uzSlat!7{(Q_b;kV7z%>(O0o4N_BU%$;|c|YV_bF<5+%e_Uwi-JmtV*_)t@mUDJPcs`mLjMg zP>HKeag%ho!Gls^AolY(V5(L^!u4@>T2rZ77WS?>YW~B+J-o%g!Xv^>OiPZ+kXm}C zA`OBALmRs3QzI1xjYJBgk@!mXIFZCP4LB9?Q^Xd5RgOGUp1De$rL^zqxE6jT{`;4f zFBNazkRE*gd}$6$p@NrxIh%^2{c6EP1kgLS&qtH@Y+HGs6UGd`!YN{YMcqvazYRYy zk|Hr%ksqX%6JZE|pj7_cWLs{awC&N?2ARuq$)7LH^IEbFZOkqW*S3WQ*)_4j!s8Bw z?)qLJcM4{oVgw6$Cs7-6RZVAggu+w`d?qY176}qt^2JJUlV;MXoI+rbr*zufaX?0E z)Z;oGzYr*QE4n+B_EukK!6zCCr~vcpZyFw-XD5CC&h~jl< zBpnognCJ5ml~zJ@+K0bc)0-Vg`Qw6n;D3 zs-bR1r&agX;-J-wBs={QEY4rA#33JSKc@by6n^#o1BTEHD;ZXF`yEsY$w(cWJumY~{kL2w0WW5p?z$iJI1{`Q^)10w5Gm`3L-#s|2L|4DNBy(a$MM;TH0-kU~ zOIw?fkthHY1!ouIWpe6q^|*1{<|zJXz$yN@mBq=xN!tex z9HS=Qj>R?Kzu(&O$&Y#zd>bId<&NQGiVp6W->&x7ntz9R0r^SRSE}@Xk9SNF)Nxx1 z*&tb1bh8%Av)Ug6!>vb~>osL-Yb3`<%P%S#8eZDDTvMi)(2$Bb2hw!7`@{q2p0JVE z31MxG5SK$2%4VCsJ4irtXg6hXs4iwC&H`N8Rf%}A8FK)|Kh5RsnxOS658;GjA;iVKYIy^{ z+duq%>Coz{g0l69@4X3z5((pvpS&ms-)C)fl`L5d0R+~Kd=l_~5TkhNZVzV)GcV*gU;nW+mkUg!ZOl}vph6V*6)=Z%X1&Qb?oYF%e zxh_aP)g(C*OzLu3FJF4mivDxvbx2mK_vDM=n0AX@8Mev%^0T>g1_;;}gl|_;@KDOW zSuVd)5vPR{yQvr&TzYiOUE+%V3FYa}DoRjlwYAZ<-&ECW#3{;(&F6<7?Uz4JvK8n= z*hJ`p2JOGkHO_We&!-rovG<|%ZzJDc^v_PdSzbC6BRtR5b|LX5NdbdpnZ7gTZc&r@ zHU2Q~z)v1Ejne*?I5hnDzZ%v3pK(z9e3)CrQQlXois2c!Yb>`SgP6}ecFo(>Zyz3g zo056B`K7k79cgx1;ejk}~>or*UT6&gsi< z&LwQzT6y+%ElYoW?az<5e`_u4uFUsz!Dm#-QCwWL|ME!`nIb2pEn+9+fRj@9R1J^X zM`pSxf&6rPn{Cfb1Kjg3!)FYY3^QO*BZf-bF#)z@o-84%r68C~|D-RP(im)SRrhLV6yg9{{iv8-%m1(7fDvyhLa^?&>TRr*N zs(+p^3<3`jB975sx5q(GAcVSDcICNes$T7V_m}<}-~Gy?jm;$}s+Kkl|MTw5fVABi zS#jrEixi>{!H3vc5pL{xwNo7>Mj)ZKYN2;;%|i+ycwwJk#ltHVz|l3 zTg#Z%gqXdBdw#rRBY82xf5ZqxC0ULdf}Y+-zRIQL2b*iW=Lz$ZK;yVSk>Gf=fx-3RBn?WH zqCL@`EGUh^V+Y|TB#2mB!&_DbVT9;ABU6V7b$8aB7mT;CW=42oohQyhi}tay#|PO3 z1{&sUS-~{{!N03g@wmbSkp!Q9KFsNSG=LwEi)wdkFTm1~!jhR%$j*p6T*!`=qr7e} zfjLe)jiB7|8zWLU1xmF0J*myf-z2X0RoTLW&9C#XHZRQAYGINljgmU%9y=%bw;hm21?RxfAloG2tWA4T_=3+ z9^)PmX5C~Xav)SoL9+jl4OR|t%p8hIu}(^+U)CbhddpDT9woYO7dZPQgom2|)Mc!! z1yDPI&@72p+COd#r^^za?rzopIbHn-TX++XLGLlu_xz8nsHn2(hxeDe3a^5vvjGo-=7SULT zQ~0Nz)2v;b;ici|hYOCDtAddhSf<|7B~#>5i?79%HWKXtFXQDH)G#6ua%efHDUDl6 zNCE-ZTp5w{ls6{W%2d56`#y&(M!Z>lIKP&L1CAS249vgCCRsb60FgXT08u0qiFd+f z12lc;6LQDVnKXT!t2*-LKr~l~gTI=3O44-1A#`P_DWTxZ-HC(Q8Lb$KqnVhfsly#L zzK;K-k*KF+Y53393Lu{bqU*Iq7d$an{WT>>S?SPnZ{W&e!t7>WLh1U~x5eM%4~7)` zI}Z&r7%o%H8e+X$B;BqP=K`BF82`Q{&bkt#)Ae=vdTd`1gp-zuw(WPVV7F z4yz+>E&f}Y#H$L>#G&tyFY*b4QdC<#oICyi`P{DusS$;ZMd6>hqbb4cycF{feJYk? z7w@$!#4N9O$=sNp37t8l_Y6(782};MQy!+nGvd;q)F+%wRtRo)7Zh7&Oe0hn(w~Ox z6XeeI3x6sVh&rGJRU81wudJD99I{_6Z||;*&8f1DCyohAlVxiH+s!#XfFX=sWCXb4 zjR~NAC3^x%1B0=GZ{oR`yTYEDpRlAWKuTilp(V!YyLpp@E%9L}&6) z5r;ac?Z&2RJ`_DnKjvbyTqa8Nq>S?~cg|==*)`Sr$yBOR$P;q^lwsnJA%^b($( ziRr*JL&oGJsb`zgJe;ukxy&$0Qvyy%<=?G(_iDY)Q#EeMpnVFt5p}$F=HAGr_sUq< zr<%=6^HT{=+#l)2n(j(HVi?+(%p&7ZK_-XWePW_TnG6WK1?QjS6|kS>4!xb8*`k^wSUEb?_8PWf4n{Q@!it`wpqj3P@Rk_nhTrZ2h-SM{ zJdi{k;9FR;gtE%*kA?Nwp3tz2wj)Avbgm2IWsx+^2{V-vZY(Z1!hM6hjf4Sri4y8w zEB*A$27mG0M)#|`($bK_J-w}LtjumD4bnVvGJ&TbU`3ZYK$}okWdF&{5Ek8eKO(y# zpjZD~g8wgpFSSMQDd^sdm$ynsqPQhW*~MzFh<%&}w!{%*Rz}r7w*aQ;Of}QP|NH)n zWsl2Vq_k^`MdV0Qu+-mA>Z5pmhHF<~3QV$Ge?hX0TPjUh)34y~HLAl{DTo255lFN; zwNRy9l&l3GWhV&p<;|6y>d*$y9)ao%O+h9uBJ1$>0awXpFd9K~GO|r$(@V6+(cp)W z>|snF97A z1P@^^k{W(N?6C{@17bJyc)}z=(qR_kNgCRA45ZcjT;EVUD|f3MZsw-`#`KBHZ!Uj- z8~A8b<=v;ZM$-lU8V;5HjZSiSv>9p_gdgn0PbLJWJrB@U60eDIoiU7t@$wn9W2g33 z{yMhp#M9IS3#EjO3k!Yj6_57hDqgv4!Lxc&Y3yoeKa^_hMm}tdXvoz_QzwezUp~E= zCW)%NUY+}*{MRGNUm*Mog_=OI5lX!@C23%EicEW&aszB}BIQ`cYQgfybFCX)t!Y7^ z?Q{X>pSZn+UE`LJ2HF$$7WR+Y-K&L)36t#$EoOiw{D<7^@CBjr&ogm+N5{T-C*CPe z5a$v;TFWQv|Ca5uv+UC4WhmR1`9E?!mc8R1cx#=Hus)aXQ?|%4zwx7V zAESIk`P2H*6P_Md8c*|efrAL~g@hy3GC=C>`jS9%D5@SATm7r=`Q>j5Wt)PEgpCg~ zU%*J@upahEE)u`LA;*x1;2<)J!i<9P&opQE4r{fNe?~=KHqzBv&XjH^OFp8Ee3eba|VE`@zgUS3*ii~125y31`Yg727Y zu5UZ)pZpMC!TUoKY)-uuhe@5ffJ?aWx6N0FyZpEfIzaLH?`_a1hu~f=m#+3Qv#N8m zVL9PjkILGAK3J|y*s9Eggw^D<1p$lr?&FfA|6rjM&;jx&RJfHdiitZ)L^-r6-pFP}R zq}xL|t5r$RIFB#UhsMBNB-XW^;d9i~0S40)9EP9pfoj7n_`b;nshdoo%;RbIk zOQu!m($b_WLv0OKjkS!lPIV#NOtsBq8f72g_6iIl*aCH4GVy~{0a)vetHRiQH04wF zZDe$Rjf&-N%h8e8&V`MM33gXk!<)XUonm!JFM*+{)l^C`?iH!4QF?xkd!RH#Neb-x zerr6$KMFLCV{mJ?@wY?WXqM8#3`V*u&VuK5IY7xYhKr6uZOiB_#~TMXx@8_Nr#oK$ zzFy;4Ha)wGoo0aqu$pFPD~_;k+>!<LoM?a`JBAU6NfD{+3Di z5H<+f=qc_W=B`*@*~G?5*bR~fC8`(wgMkWT*@8SA+#Uh`5^7D3h877{L6f|V$mKHGBY?ctukyXzmu7_D4PnE$)c;`(s1rUZK_+@&Ve!EWy{r*s8#k88=*JF|*} zdBk|~MR>5`4jG9GD_6TjCs!0aAi{Zy$JKGISX(}U((Zx0%CJCFYiSJ^hKHv@qV^Wf zsO))o(Bz=Wb*28(t(2*=&UEaQIDCOfl$4!*eO9NHo_ay{Zq)-v_Yh5OJ*=SM+>`A~ z1_Vf$O3wcmj}QET$In`fjEzmi`fTlCx*>EUihxaMpa@vg#8sawotoo%u`z;Tx^bq^ zP4_2{vhb#GwVR|sDN+g`eRBQKTby%)46`ms1OHX=+yR=HTr2Wyu(yA7;D@Q9tjk|` zj+YmcRXR5XT_^FFRx*;C!vzLrnx6#PyqqCMC^sNA6LEKWTk;zL1Ol@+N)Q)2s zV9!9{BPov9SX>m7?xpb~oj6+~tY@3hzQTcvHaa`w&$>lU zwg{iNZxJETt{5H8=-s<|*2`eF+%bUillXo90ZW$EveLia;=%=IzBlgTN>#ed__+mz#Q@=3q}-J&;ISTgNWhh^NCuidXss7!x;Ufpsu@MulpGZ)R*e%*s0^-?+) zn$gx*(eT30@Jy=1{xfz%xf}|7T2$ou2>FQH0_7BWkX(z+dzmrLxV~h1de;n%M4A;p zJw4FzU$lIdbmT@x8Gufs(&C1cFtY zA5h^>|3HQRf6b9b69yCL*#tr#?N063KnP2Nc_JSrC;%! z*Z*7;UP)wt9;!T_P(9q%a3MH&^}*Zq4=3X1hsriS+QzBG59FrqGDpIA`V<|dg-cQ< zBjO^3XahOcfvh0-Y|8;_Vir1w#Zt?88Hoh#y*>+uJA6C0J32l`W?f9Mca92RS4Ha? zO}*Tc7<0I7wpIhf?=5ed7su}&};@P_762X?9UiCMqf=1-eIvj8JTlLbby+kZar z4;P?{WFL{wR7KfGB*92Y@}}(Zo6L@Il&9opIy@)`NM-(N&2kgv^O<5q29ij2y9jGH zLVw;x>ij-7o%Ja8>w^;xn`>b(+dJ2KA|&r{?HLy>>~tf#A5BJvNxhQqCxE{iO^k0? z=$e@#D~52($FgoDGRqkXR{3%_4Gj-J-rKWp?7{Tq;NQN+7?0Lfg!YZ?FS;vp`mS_! zi|6T<&e5{?m3L3>K8#D=*oUp zXKAmfm>rJgv;~miu>duH+C_gGz8oY4Fq^L~4}BJ3U~U3IrQ~RJ3$MQP=_oJ6xUjXQ zi0J~d<4&5{puI`fxVR_Fo_7iglkIE?T0i!Py$a6+>sXvP;Q1844bTb+fn+gXfn^|$2qqvmN#%%2RU#Q) z0Rna*@D20mWGnJJB|bpbou|p~iAuC~ExZr?B3~H=>Y+$6YTuk!jII(G(3JB?;~WNX|_*>9bha)23( z3Ijp`yAs@M!cevpTNIMnfk;G9o`bW3S|oFDz|iCG@Q+KXDvt_g`bH)$#J!p+-S&sX z&_$Dma^oS|>eqC4{f8G@HzUjnhu4!2CYZ);d|iBJC0(s_wD4)U;WIyzJsE%Wbi)kM zFxf@&I_o7f^BR%p_Fj(jFF_j*&=o0BfRexo2VpH-`XO;;$bD5}Re}w3L$lj0UV%nN zsHJO+5__}MaN`cZJ_~Z5aG$Y?NiunzY5+*MLaE}#+)Z$on=Ns)yli|~2y=Y+0drhx z|1pU$%ga=mu0y!<@jhJYqQ;GLW|-A10zvPZlEaoEMTK1J&U^)zqv@CPZIPW&<1M7ieKaj>?-s=eeDm<7Q z$fZVGA$8Brd0IpZ7m)y}lZ=dv7ERo4ZOoP(1cDUJ1Q0ho4o87J#!mwe<48^p;RCXi zL8hi@AaXPaEPzq57qyhd1@WSXk+90h7F+~4Ie-oU8slm+Dzc+s>{z%QaIA9$ zpv|TIPPoFBW&=|i1Z*X~Lu$vselk+o+?twnM9SeN@?~{n>#?ZlzlZ66WW_JGPaiye z&!VnhD<5uv!BOd&E351&|4?s|tMBan6A!OHj5&5f`JVprr;SRwcR5*8t9Q_8R|qzk zDiJ^*O2jF97S<>F5IS4XQ&fHBsWTWv(BSaVz?L3f$YywR!d}zsN7aYGHLk5%ET{?O zyBtg&7!xwj^G10|K1cOb4;(pnt_L4p`mM7&k4uycp8i(y|)!p-X02 zh=+YXsF&<7_WxWI5GiYV0$T#w=0EnWyqCPM1$FIlXm_ds61{*7merG;z@BsPAen-~ zA}O-6fN`>k>QLHx?6Jh#@53!B8&C8vFTuF^`|NB#-Bq%Vp@W#)43we2-fb?k-@)>E zvO5A(^cvq7~Mj|VEYlsyXxA_gx#VYl=jp$ z4dy3t&uls;7|3`|KAJ9OK~3$clE}0*4WP;|&%Sw(nl}D`3}XbF$^zI$^Vm*|xEP=d zyYdL-ejn>PfuMAw9zo%l;u&1Kv|NflPENSq#^2uKY8oCFOarF}3s01OimNCJDQc<~ zp;cZ_$oNrtToho6|P;kn|WVJm=KWX4h=4A(?~<%!5g@U9A;AMUkE@CO#NCwX@YYx7*KTm*Mt2uVAn8mw$)c zQ0)8K`-_Fy*{sa`KGN3!-@t{aL*9DtXCex1yz|exY&9u2O!T5@U1h*vv{E&UJe%W# z_t7s=MYBS0)=-Xr^t|TP(;OPu@{SjB*`VzC`zIqOJ3QLb+uB->o1K&MwD)kuqrx0! zuXPgd;=+EEK`S1-x;bM`R>63~+=O5zMW$c>;kTg91BH8zs_eOZG5p&|jG68;)^!An z;BDQ;GvYh|?xU~6gj;)Tvl>oCsv|mk4TFltji-dyaDr2cv3lUiJzh0u$L|ae<|wmW zn+YGTE@H{oyr_RSH~c$!s{8Hw%-glFM;ov|@tLB`o`XB2ce&6I0cueq7&mJ-gteKL z@(9d9UP*zHgF?kwG+X5qNl#&@5=bFEEtsb%9DN?+sLk_JZu5>&NS!wr$R%)|$ak^U zy@RiFT$f$;RyP@)cF3y;q&{z_JV(Zae*6HEE||!oP&B*bdrm#!v4ZrwD>Iu5YY7{l z7s56lHA8>=G%B^}_vX}0k8P#Qyha-{zT0bsbL1FVkjg-p_knBYk?k5$g#Zqx6|)h) zdn*#9Y;Gf$bd%fYZ}_idE9Fds3GE??Q}gASOMm;h75kq}&98plorZPw)G2&!TG*QI zS*mYP{HLPr!iVP{Z1vyU_C2Za%v97fD4#aj;kA`E+E#u1s*N1=BLag4wU^ooE7ac;RoTDS61B3*}O%+?{jlQ$vr(^0v>HkWg?OkMhMLgcc9q# zzB`DSBKo~_`S_BU$D0*Ad2YFR_tE!19XFr6y?pT-?~KXbJnJNihz-zXfKlN#9AIM> z@i_<@amaZ&tnE23;d?YJ2$ex8Aujpmr=WQ5b&sdp5I#hNj|k*cUi z1!+bBjrq0ae|F&r+6Iq?mrnd(2Cg;$(lesM@f~&|&{a;FH_6 z951TQwHn%1bb0_vk<{ew^0P%Q_Y7@1=#(l_<#Dq?jFa_6g1%Y^@Y)?lkQP<46wsbk zMbMy>9tP@+DJg_|A&2`X$Mmti6?vFrGw(~mIaL;rsV8O6;zL8e1vhC;fjiVCchrKg1QPc!e6nqjno)NWSa$_)1fKfwXn#PF*q ze0ikXMM`3|zhU{=zx}S4HnA@)FO9r;-tVhC{nDV`I7m~$ocjEA+u4G;P?sn1&RM=X zH!O-R5+24Z#eZ4so#!nmJ^RTlqS1A$YGYfgtjjf#Ah5A*j9L?3Vnj?}G;R*U$WmKZ4pDb|@h* z$%3M9t!aa(*PVRvjg;`U;L%2}e!^1AqtzixQ>D+pQd8udC?e+N!n&)LQIeCn)&#rZ z>_uTe7}*RlSfQQ>q;uP0VBV5&APVZ(>2Gs~co#d73jrOgm*Xy}$h?u$=nz}?x?9=< zmb2u#KyDqxtjvMx?LqWsFEO!*&j+j6<;~f+Qjwb#3?h6TId-kJ6s{w!fG6=vpQ9VfYC%2 z0hIx0PzjqJHB(ft+_e;>fR8rq*9HbS4p~1v}hT%X~135 zqcSx7kfInQ|03lz%U1*(AVAjLCN7W^=3=V8e{qSduM62%b5U?91=Rc+#2wfWEw|by zHs{ycW7qCJ0j}~$*v28pjnLoIU)1Iwxu=)Bo5=j%*rLjBe9R8FW^abKToo{fCA_ zXldy^TiYiU74On3z6(bFvr0-QJs+#+uusj!OWz_V-O3R`Q5$7ByR%hNMEFW0>cmJw zIUyJdnb2mBHqt_G`s7IZB%3{Q@}bYL-NzkPz0w3C|5x<6oN)tB_9t#}_OjZ2%Au3Z zSh$K!Y;(-Hq|UCn?v>sTmMV_bL+iZc=h7-ldooEvHGbvbiyvuKJH;K=ZcL@PHanbi z`N%75#53I`Bep|yRF9_3b{VbglLTiGm8)Q`|C3ahUT00XXFDi*Qi7Sfd}9!Rk69a2 zY@M^2=wA88(ETB)314awzTdw4@Ov-Rd5Q^Nz;U>VSqWz8O>zya_36y$z6UUuG*qH5MMW?FQPJNYZZPs@=V!xY1EuXz zeHGPbgC2y8jczOQ->Fbv>8g|Bi@g=0#q|OYDg@Gw#5bx`4Q|%;L5peN!qoY0G4NsU zCq$4qUcg*;qf&KT#O{#}uBL`z| zZrroqPii8I#Om^1CJnM&ycHInzAq`6o9>+Rs`jz^VQx=8#nVEt5nU3`L=_}0*G;|e-aHlc9 z5syF~pq*n!Lb&`x(8UeS21-@mk>i{(q>4m`1OGjDOiHEXMEu5|F$Vun&G#EfjP{{$ zHf?DkYfCzAKnr47b!KUgPHc3*$J$pZYm{_7Hyr7v3##)ms=U8rr9Zu_NNevF| zQLUGsK63JM$1Gn;Xx zqPssPve9zn&2Gg|yAkCq5}Vf_{xa7^r)Q9BBkE!*kF&C7$$QEo_0>w?>yH#9H7XF8 zx>{jc{%Yk6CYsLEgzy0SH4AWHqIj{6Rb+QoQk*mIxo7j-%2!MMgaw(I`nfx^-PhW!`Qab z?zA_w!b9QTfA6|-722il80+LwyP&#O9fdt*_w;Y*-Z)s8u>9>?u`Ma9 z>^^DccmAwj;H%T*oHn&TrOOi|J)C`Q4t0v~k0HROSqz*9?}6V{LFi9yGY|$8o=mbw zUhvie+C1)s;?iyjH!G?(W7>fIaGz!tp&a}3{6j$-)%GG^H6X^GKZ%3OqZAv*PhLoW z{%Dt@`cU#zPmiOFv`pX7`rr?wt=UE(7F!jbjb>#u;=7=Z2EgTkq=l(0CBOy@ds18B zlT+w8CA_P?KioVU@nO{2H{0+baDgm3G++pC%$)mKVV3$$gi|cVJrZ+(p9Eo60&@pL zPZ^V&z1~TTNMtl)e6~D}7|GAITv;5tdwEH?ui!RxN}rOGX_%W(!c2?Wp`DIf&%UW- zwhq{5MdEh9j1&SaKt}Pmf6aP&?xpD}1XAh|=AN=EL!wkYR*O-Rs=3Wo(A zPLSkEk?7-`uDIoX=i`E`j83o;VujyGLsNpZa2i_3LHls$v61-L$cVMYl?9a>hb}FC zyF!9}vX_?DMp_h~-#BD>`Im!b`tKLstp)5Wdmda|^wMjrEtSahlOVd}Qb=yU%QJ;^ zenjqo6cgcm)FG(IWoz;g>(u1ahP!gBbN~1fbFamG*ER|BN&ZG;*l(6Qv!cu-hIq-z z5<^{GZ%RwMzQja#nkz{cyW~RCO|wCkGBax#gBVYHGAItTA0HuiczxvAK_w7tDQYS& z7NO3l=gC8(?anAiiy@@6;WeKW_3!6ZEEOjdZ_bwGKU#ehyJl(ogj8{Qifl)tiaR5q z9IYVob0fu=+QR5+P1a*;GmWOW!A#froDd*@Wj7K)8Gu3C-_&fV3I$`n{3)x#Jth`@ z(M2yzlAVjxH8gCF!VC@}wcRlE$;lhNw7AH7@oV1%pTf!#)@P=9O;4IXow<89HSwOV zTek}nSYC{It$98(yp$2bmd8i>pk5Z)jP)x%fe+iDOr`AUk4VtmV3byx1h-ZXjjw0! z#zjMG0h{4sPegcIU*t~`(Gy3$nQ$9W2W%&3|67MfCd~geH}}_Ecr-*+f5tAS^bkx3 z6hc144@}59y3Gy~$J&Xarn0_PZQP%-eW4NYhTCz6xO^@h?#ms(OyQUM^v1L2M48Kq z6F%+GZO`3g1~c=*i=o9Xu+~F6ndMmP_T~-h1>aOUv?c)O#s_diVb1X7m4w95kz6qa z8cwTREW%DO0Sg8xKxCo)pf*7bY6fl5Ip{V+=Xdclxbkp2UqK-ZSh@8uqIXYFlRNyz z+nq$;9mJ1A4{hHb{dpo)Y`*UZ7>dK)6tQFA0x3ZkgPL4D>h_jBcRaoD!PeIDVBD8) zS8Co`TwGh9w9VRM8T)+=3a5$+D4ZtQz46&a_rSj}wACFec9P@=J|>t(S27lNXFy6B zHd&kD$+(xhE>;gmd8W7=b#ax-O=PhKbGsYC*nfxNWa$gIf%|s>-FJz^PUb}>7(j@% z0Io@Ric56sR)ZtXGftDrdCri$jU(ymb*19YvXK-l#7$VZfLaA7PqpUB*f_pzFA z2P`{}b&G2^dM`s<>#KOyqeC0t6P`ZWsQEsVpwjtm=DK2!%T8n!MJot{L|qrIH4mmB z-K7qwcB*t})bs4;wfxf~1v#*MB!{6v6%&=qJ#sHUhtGXOTT&l+6Bzb*HuuY(WM?~B zJ56I7JP<35{F+RvAS$)4Tp zHLh{2yD*NXg)p-+$p4L_>JUds|2K~QZy73Vjj%3Tg0gi9iri1k^8zCPI@rtTetQ$u z-Tc-7n?sa{!tnMYp-E*QL+>kd8o5VnmOw>(>l&9)>o zpWb$}0s@5*o{Hppsg)}n&u_g^^0Z7v*&=Rf?TX3`i_7zitG1T$%inm*FwwuXv=|d* z;Qh2Yb}H>|viD}G10%VE}_ zTzc1{{MlV8LH1{zGP3;z16J2`nOz+j{d#?$nr8n~Ua6a4|dneQ+ReNZ22 zzGK^wWdFmcDY;zXhP=aAgtZWltl1WPlawm&$(F%)UK?jH>X}5bYedg#X}f^#FBMBN zo1Z@3-#oavl#r{kaVcis|p-NA&WajNGy)e3lgml~hx`sE&iCjSXzlg6-McO=a(>cgjLUJzc_JtY*98!8mM0$Zd16&6ngrMKbPB}MCmeA;#Hsc<(Uf2W5{d^4)2dE6 zVdcrzfDJr^-%9S+?Ku?xExl}g`W1BS1t&HHfBCtj)m6RD#s2WmcA9-t$ZUnK9JXmt zYe#DF7K4eP(m=NffBOMfV~&wPtb;=CN9~4ic{=5jT4!nr*12hmf^fgoYwc^urS?pu zHBy^@M6E;;;A`^=M*K_Q7bKyFc{Z2PH*j^N$6@-RZfR=9#vq-FJ~%O^{5iAlLEMAYRW@%U;NTvIrD)4_fghxG z!)N81L$EBs#F>XsPfubgmoA8nyGkKkzgQ9%hb zv#+4|0=DBxhKQKmbDW%JN_Tna))~K=%;m=$JUh~Be)-JOOa(hk<@t?=wF{#ruQih~#^fL(GL5;P?*Ikc_KqVEjebCPWKlJX zi}^`yMhh$d2{5)SeD)#z9h98~Gx0CryXIkrg1shy-}*HDMFD(ez)Tgi3iLES@XVoW z{|p1-!(cabN8!-c)cbOW)FZ(ABw2X8H7=X*{XpSU-3^2Lp(@1L|)?cHHqrKxby>z>>;+P0{V z;38k2g64R&AH68r0n;~eW+SM46U(XGU4wO9l{t1nwJwK4?wz%(*=aZlo(p@VuOyeg zc|np{R=GUy_uGB*k+F3_cQ;AKa-?i}W_J2lTl2}%QvacFUn=zqLQY;xtGq<qa3ZYC5axYA0vsTLFETZdNh#GYU4r&=`|q&Vn>T;w9bT^9IWv43T}-W^ zVzOCI!C1*4_TTZx9WzG*pDVnzJhaktU;klTbByu%sn^}t4a(U7E};8Schz?DzY1~y zGTBc&{>cjfmWqt$(&p@(=0 z)g;7AopFn)v=Wq^W8#2zP+}zY*=)=*V4Lm`DW4~7EIe9Wu-qJa^MzZ<5>wcMK-P}0 z?xT7@aHLYjpxbddY>cc+gp7Vyo?|+nA!<=LAsr!=u4HdK*4V{;_17npl zkWCLV!^u+!MxoxW+Fb~{7e}P3ehG^{SUBqt9bFR_C!?YiKM$FFeLZ0aCmj6# zz3kJA&sV;#{Qj;SWu!qRl}JLaM<72igQ1lNBJ3QgqG8&YGRhMUo1;oso5QiGEjHv}cl{oC8T;r-oKk9$I|=J~sKe>|Km$ z{i!Rb14z!f^zHnTId$gTkpMLxg^A;wYj*l57_#+r@)Gx$pp}#5`H}05QjzUY<{#miqW~Vd zyzys$fWe!xLu=DN<~fnzT@JeePWq=uTMg7q&G@N23BYC`MR%dN zU2$QWykn;H`$O`_n9_-UY3v2ewIDt_W&2--TUX zPcPeiR#0XM7AS^it|8SmymR9$_n?CDOc6Y5kJ0WQU5f|}`3l7kYIg9=iB^OPAzIT% zwKG4BajRD7-gYp>!kP?w%>RjYS(y>)ksJlQMk!N15uG#$8_i%a%fJm##)enoH`aQ; z4Ane`K4pG=+414(#*6z|dlFW^UFmZyI~4aNe%}eQvT<_t*`s9LD$VSdUWZA|Scn$^ z#q&9munaU%aP%WhXhB8{A(EYrQ{0Y=T|*N6dy#2%b){~2G&TtNf7p5xaHtpeZQM*F zGe~1>iE3tyH6huFF_E#a6>>-skxWvG%3uZ&*=5VVoffh?$Z4F47KxH2oH-^^vL_P$ z&vd@O>-YV??|bSxb#+yj=JR}><$mtxz9U5gEDr1xGJ8b}G#HhdwE-ftd|!v{Zt3ek z=Kemh`S)XJme=QJoE4e#mwlX~DW!6vaYPbYVJ~!~a4asvz4md1(*bJ&J(%-~xes$N zS+hByP<}7Q30aDuyk6FQ{b(X&Ghn$Y+-P&gBiCqW#$dq>xfl3levCijko;N9zX3Rt z*18uaHyEH#!k~qWEYM&+PI^<3`1GRBt+sXbYk!YE8aLnCkrC;tMz*H#)JLRb51lMk z(G7ibeR1SX;3f@v>G<+z-j8F|9pZQO`=O=SM^Vj`0r5}>CogNbkI;()r-ax@O_zp? zh91(dC**5a&pygk&4_PM86G;#8}>v94VD~oj00dR5YiGRdhfdo@ul38ua zNtrv!x}UVi=!#U0>C8x2DeP`ygkf=L(R3KBfI9dynY3XTmo<~qd5F6R!A{D4*25|g zcp(NGU)q1hdtCq4=dt;ZPx$;~cteZ6%8+leV@=VAwTI>d87L|YDX(^#`{^-ABt~^g zwJfwWnO@eT_AC3*lg#%ino|`65g>A_XzHdIxy$5ZI<$O_X#f9|+C4^7yr{HH&^a?k z``08V(h1a03Q%8PrWO~c`n(3IyCu$WVEbmro=2-2Z;E|v^Nqsi|9R5YwFukSll}ce zqI^-O?c$t=$#G8{D1NGl5)oG1k_iJuhhbyj&hO8z0db~WSZgs7doc)82Fm2m9(!{? zI-V-O%a7!*d02_5uE1UD+`3ejI>R9LN%gbY5Hu%9|Z*=hSL79yx zRg8+*mPx9-VPZOk@-}tnr>ZjQtF3`Ysx5kyCFzpdBIb~4x3xz6^sOsPf!~Za=2ylx z9~rJT%Dpy=x}>I7qO$h^PoYF;w9Npn``=27Be)$Jjo?am-Uja&BpRKdu`S9t+gSfY z*JX$0JsImUHbMh~cfIZQEg{8-)IyEF-rAi}=y_?oFv7hv|Mq6~(ZMTA%JKmsF&QWM zm)Vw>FC|2zuh`FwRY*YU_-hm-z6V(B;63`x0BG((n;xD9TUnEQbC zh?PUp@nobp<8osquZEUn(+l(>#*)bdF)~dV_A@%V}-VsB6K z!5&SUs(SSg03Or#9_vq&ZSI6-y@rHAf>~8DSr1>un^v!UBzD*I3C}ae?$gs?N4qrB z785dK*mQBS`&Q%3hvsYFr&8s=o-`Kz?d=~G?;Ns0K;GgpK#x84guU1d&`HC<+#)Te z=a~YO| z2~%E%`PZ+k$G5NNNWE{+(k_>(oq8Iqw@b*33Ag#?vcV>@#=`caD#0v54RH_2c(oNQ ze*85tS~Y3E-5F(%Zf^UHa&YDkb~nkU^vfywyQgX$#wn{g&Y<@6X=H z=}-(LkPxNv40oq&ilaiQR+N=iZb14g|CbF}-3PMYs>jMwkYGP+Y<_0g&)4FRWc8O0 zGq}$kk8l5Q{o?HWKZ8Q)TjRyCCJ{UYShNW2*$W5MXg)7R`m~504mafWrhmkA%`as3 zs!Ji4z7I9rFQlj`S9W>^-Og2>PR$p$DZ8rm+vi+RWQCpZ!omc%Wn;}O2?vqqO!rluEo+{bWo0?uN#{er!uYKes_sjcQ(_5KXJ>)`JEcU3EH4}y8=Vv70 z%|D?iN|nJ5@TdCi2wI8Hio1dhvTkb0jjJ{^KJaL{bS>-)_(pv5fB&fIQh;H;b$Q>s zmw|5_-aoxAz!DBaOk-mgL~u!`7<9K2Tv41-(mpNX+i8PQ9v_sQ_$w3B|okQan2V9FT(3K$`A+*duya1c>n3 zwGW>>mFtr%Hs2~^VIHYq`sS~przMKpUL`eLnGZhyW#(>9$fa{e16O{wj{Jt@7x%Tp zqIVJ4I|$0MSHWd>iFE_`IhKXxa-OE9&e{1>u=+)VVIr#Qsr4VB#oUP1dxj%xV#;jycWYgOTkUp(M# z9||^50iNiT3CLZ3tl_Fs;oxM#?`Xx89b8P9gHli0oH#iB>Ly>M)AsYir_h>SBMw3; zb+MMFmT*v04_wvWg22_ELJ^1-8MHbOa_c9ek=vv@02P1lJEQx~0pN%jo zf-EH-|K#p5ecSxD%PTAMBWv5wjr)2nwgRYNX)K56fzu|qI=OX1O; zlMnZs5BI;_scd0}-pdbKCs;TaJxI8EyC-!!2&0)CHK97&Bd2)aktpSn=txaOatQ#r zc87?72U{Ode&wZ+ohVm36@1~3^Xo&)-@bU94Gatje|Rw<%>Puw8^PzafwO0=qF>=l zR9sK=2!inFUtCkwpdxxOfO6N^UO^iaG8s>bcZ%PZG-A-!9`gNl{BZd1jhjA;oUv!| zW~I~i=u)}LfkXQdxX@^LKT2sPI>tKIZ0XK5a1XDkCR!TbpmPx!cG8=Y#PW*zb|wPWHEDe&6%eApD4g;`tMjs2c<)KXd7S&7KjJG_LZ6fd-p&yIw z=XkN@yN-j3Z%VGFi-TcSuFz_55bjDN&69a;p^znu_mRm}TGe1*UHx`!EJ1rB=XmW` z)xfhJ?fbJ{2ShVSMQDg5oUY4?b0M5B;IHP=QBT=mR`xyS-eVgUT`6=o1*Iey9zQ9-`Gz@At1{>q3ehr-St{=S_3OcFKmM6d zEr&2`4V!)ZRsZ|UXv_CcZy*om&(3^( zPz~k<{H(1|YGWT9y`o51#^G#4hv(MfOFCT;ZNuJ+*-|+-rWMPrChdN4m@Y9NMLENwr5*&fOk2S?VsUj_+$G*pWO(tK73NDesSO`LZIz-Sa>j0)!~qtu}2}ZGb3x?XN|5dFHN0%=<`rR)^&@k#hEx_ zWqmX~_BJDl0Rpx7w(2w-$L^&iVxmqPNCuocclM>W+&KHJA-7-Kn0O%tLetvXS`8Cme6GF&@>mRmq-o-%SSV9* zPqCo25f0`tU_yyZwiQP5N1zbNHaTzK8XGSUT~?c^`Wl zg3uWz5W_s=Wv%zz)tb()IlXTvZ=~&*ev5ufSXlg}kids6z7hcesrco~)5MfxYYlXrDu& z;M+|=c$whxWo%;^q(IlT$9^uq_%hsq)GQGXBXeB?o_l9hrwEbA ze$-oB8M&!sFy{esNGO2EoVQSRC4uS#wzOS{Ct`Nod0`D}=YrGa^;9f`X8Cz~yF(4B zs;e2xLO{qlaDz0Zx`bY`1@#vRCAzPs;k}A`>(I3o&eVPV@8?Eazh&k$o*N6Bo10Gs zT;);dYS6<*?X%Bm2GWArc1TxcQ!smb8ygn~{c;M;`Eq=<+`=Q)AjYzW7z2cYihCq+ zVKro-4BR+bE1@U>{=@wx6otgYu#3}?7LrS4_g}pf;O`%H;d+2!`}MCw3963 z`P3#1f&!?9X+LGC&aaS1Q&aQ72^>PqCAm=m02Q=9C|+0bqGMnl0Wrnv4xn1G?S_SL zg`FpvDPgdlyl3;{$ME&=mha(ngSR@Kq;?gg+wnUC?~;rUM#dJ3jDlaYJlcnNm845- zjc+v?ln<20PhstDU_Du3qU+kGRXt}oeZalNq&upK}S)LnzA$No##L$+%sz|FN*Qv;2KmtqLi{z*3!G)Lg zPkF5F?za&tlJ z)6-gr5w8qqq8?43ILgdEnS8li{q~JlA>)H*AL+I)fBbe|N?UI66;N!z-9!O_jP2C# za&4lrT$1zUb+-kb<~*OosxW9mEN04o0x%JiHz&!cC0OFHSM~uxLJza+VOr6dVe#Bo zTGzjYwEx^_G5Xm!yD@jyW829z8Gm6X=`&GK72R|4u4D> z9Jly7QvL3m^XLyehP?%yaSeg2u?=OHGsZzF9bZmj$enue6^gMjY#m4Alnzxuy_5D19U&_w@)m-?NvH?_3nUKP~E zo8G^u;~V{oDrj!~P?Xo9BQB*!*p9%xTK)}Oh8npjPBm!_G&}?lrNBud zW*^o)XJ2nFEllKp?%Uisb5MHC&rYfGgo1G-os6d-gCeU%Z6Fk5csUvjTcSVvH%?S% z+|N1&-NG4Hw8XDq-QoL}SJc!!8?D-hQ)m0SwicUb8)LWa2(!1cY&kLM4OF6c_w`=~ zj)Z;t`^=rM+m0XB;i(gkEGU#X%BdjX_jJ&#J~66sLKrmHJ7T%U_seL}$jI^O>6x!8 zLlBGae;t~n7J%aksJ#j69^-~yvKTaUdYoM_Xe{g}?hV4b(b#IMcy>{0t*FhdtJ$=f zpFi%-K9yR0b$@U<;mff0quiI1rIKL*4Bx?CZ*h34#x$v4)Ksv#kg-@}`s%5Z-eobuK+=kZ+NIk(M;oT|6|R7NnyNa&~Pr6vG}CwB4_%ayIZf;uW{yU zVQ*p3wE6c;+ZyD&whP}!J7R9#X}|iW{|T`!1?3yuqhYOR?q|(sqF28a=_?Ehh&>oj zxHe~K>Z(X5)z4vAh~({}EKJ%VIA}6M^E0q^DcHze44&ToyCU(_&?B;ThwANi<_gC2 zb$OjSb?SmY^l$zb{0;MLPUobmLJ&?!S&tWJ)D8wW?3daW!*mGl5#(QpMxp%?;6$0o zRT-0CG7;)rL-TP^1QQcIjD>1mHa&sKA7Omy^7)wK;i0RuoA0~7hR?rid-(cU)X}{G zyclDa;kKk65nUnz+=9+~dN`-{VX-W;6!#U(!iHD=PewHnQV-!VSpg=B`P*;mY)%gj zC@t>uIc}x3Bk``R^Ok|)9Ti=XZ6gNPYA$@4S9|?2FpGjO+XGNH}Vj{QVSpJ}K z&}q(5<8t%OQ>syo?$DsNy)zNm_bt`szQ<(U6z@NxoQRgL_2gZHm_Nv6Hd zg@pqopF<$rVie@P&&`fq%P(Ow0NrM82DEsdp0ZcBvd?y=D0g|rfpIB_ow)jKJ8zh? zzFxICvo_nlI^Nj6`As!^za$VbkJl^MiI4$N+G_;tg-1Yhg1!z|1xo-a%kKj6KW0)s zcdM>_u~#T+kAtO;o*9<9ox=kJM%moknvZjf+J{7 zERUxm;1MgitS*j8kQ0on(gb|W4F;X!?1-ZR`x%@02^~qv@T2%yKcS}YjO5PTtLP`pof z{LJ%eS3k6$Fs7lf>^IJ8EzA!2o0Io58~5~^sm6p!vdJ>{8HuPZ44Rv>2s<#8w=jl55{ayiRG2$T)yWkW9o2kEj4``8hx3z!xIj$M$(*Ce8DIvnx+mjr8N-_s1#vIE;@zj#T0I( zmJ@e6R0iaflpWjoq9E;`6V7FQ^Jh=}v47X=vcCJPSN$L9j@^Fs>!%kC$8Mjqk{bsZ z=iRsXI*j|AbyRwKadD9dzxpV$HO~|fQ9-)_KFKXiO&82Ta3^vuOi{j+eeBkYaijO` zKigZhHx+Mf6xZ3tM42iE_a3e0+GugF|IIHq(%f_|usb?kb>OI7=Sp~QawE)QXmcL> zNbE@^ilX4ot%nYuD!ZW7cspQ!)`2W<9h(F9#FaIl*i;|&?}a{N^#1Vc&G8AqhCK`} z8xEW?JCA=?=W0ya0eAJKfJiAFbP-N|pLWPe$WjN&52;Y3w^B2}!O_oy@;FeaEJ2FjOP>IL1ts-bJWAheLo%7!Hfxv7(t!#T*bBzIfs z99-yPH7|Y{yQ+QX)kIFMzsKmnALmc04=YCzz*cbkA$fYN+hH~``GuLGe)FGz*D`2G zXyDO0ZC{TG zUzzv<#!W9)gWb@T^f(*~MguNNLRi9qd>Ug3ZC)`Y+#A72@4-;z*>BBNgE_Zpo&eS& zgK}$1h$r|S#y%+;C>+=Vn+_D`CP^7klj}!O9EH_;B{18>q7g{6!c;QZPE-IpaQy8^ z-bkjZyCD$!W;&iV0#>p*o~Iu&YY2WggYgpjVKA8S){6s-v9%-OiR&5vZI{S^E zlqne-m&Q8L>Gk|93>#$^$}Y&&-jq8N{jgHe*Vum_X5Z`luNxnqm2WQRzuvg&bAER4 zZ*Tp38YLEc(-Vs@1PqXQJ*`blyi5@;ju}p)1Tq~3_HHTJZ?m&qQ(gP|q3W7`g;(;B zA5sP3Y0YawCBw!aMu{y!TRC4j!8fF3_L$jZwI*C`tuBK$2CH(9MqD*#Mw+(=OMKFXUh+7GkOGA;2xOK4U)V(bsh zQ>;g{e%7EJd6XjSZ1RRwqV600zP)K9W^8lg*4QTdOV#!DC-tipiVoITG3ym87NR-G z7=>N~N7hfWsNO9pcD0mH6kK<~Q9A25Lvs~R43uyekjU?hi=*#~+Z!t`20XsldkR%u ziWbiN02Ny);Q5dX&5D>c3OY6x_~r~73cVr?i4?dz@ArMa*k}75!#~0|H}YD(2aYs{ zOpdN|sm|f6MP&i0zG(B}sNS?P9ykD%LkP1B#e`u|QmqOwIO$$jCC10%I#kG`5OF0k zdkZD7y$IaCxO9{$ppF7uFD45Hu5<+wS#B%cHWYc zDt`4UVd`m#q(+D5f&2g~?XoB^0#@HC^bE`n)XrK6=LkKI;fK?Y9bk@b!`hF41qlHm zu#FJbdX?3&N1}1_;`zn=;k8Zwrm*n8Z6qm*kB5#H#FCNV;PY>+2}~;gZ>%wvSS_7# z_c}4$(|S`bf@z9Jm#XcoefT)I`>C8%&e^l-cf56e_ujEnnO9J*&LFI2anI(r6_1Va zuJ*B^mbJ5UHM@>(wW}1Uu;AH70`)WmPEW~F$r4_LgWl#Jt=W(dNn{ED0Kt9^sao|C z6gs1N0=E|k4!z0OC=ly>9Kp`vF2$6@f1^xV1_k@fLta4mF%`EV&58qhC&d=*lo$Aa zG0o$-bq2>WOS%SYSCp8TX#K$B-IsX8(hdO%84PYKknF@w zI9C<%d8B)=#|R6CDqw=$chYm}$bH*8ZB1d{AHT|J3>^LA!elpWC14q`vNBlf6BgDY z8dLnV>HytP_%_obWv$>sUo;NYDfxg^;YvcUE39WN`2?HXX9@st~NC5 z=G(}p&R^Eb18@)gaxR1Hb96DA)+3m0qX-gBanEDWe7y)0JQ=B!hZTl{)a{v{b~wBd+$k?2Cw2B^R>1zTlj^TeION!0EJ!%1P}pF2<>%+{&DHtM zpX@i=8!yco>}mbISch)$TT(`1bfUSl1!$x>xr-!egVBj)jVc5J}Jah zwx$Cs3y}Idxst$wiZdA{ar2n8OgUbfxVJ`JrD;y?N(?QlQxc&5C5SMIi2tL%dm7Be zhyP>AMQ$dsN(q_iZZ->Ws3M-U*GDzCnWhVu8_Uf19IkrK&or7aql4v%SUtlYXVex3 z-MoiJy>-C)4P|STHqSr#7I^)8OZd-?wXx0RyReqry2XO7VBsv#c?OWkbh>hvf6zxH zza@y&GDyL_G9}TBC29<*gb$#Qea|cTW0+eO#1~WwMXpCmmrC2|#Z?S+lorulQ6N)C zvV7i!T(|>Fl;)t-8=b2n$yit*Ss{&+WzG4V>_P+XzYe*y$M8z%m*uw2A1`iguI6h) zZd>~V+X?P2Vx}(sNdbs}ZjFj|@GCjyr5Hhv-LZuvjRr?#tf5I$F6(>{4#Z#1r+}C) zMgfz@(<@K_dQ!%RKJilhaFOClns(;a0sb&_`%@Lu4l`5U(A2U8^^4z}(95#YAMXlQ zzhkYfRn`YM@h;ob@Ph%EoI{v>klGgd3Y^yjx0d$l_{L$A^2L$p2$+n$&7rgkqm=3{ zR`qCIjLE#UFgJ1cxRLVA&m_Lh7K3)p=e1>Z-gdsx&dxPF5m+inxH9sAtEHpddSpeg zL?V&DlTQFvgGRVtXJ>z?ikQZt{prgJjvAC(3@BUF%k6(mdWGgI zuyYvdH@kId{Vie?RVnfTw~DYL3~f2@xtUkeVpmv z@7q@|8RWdy_IdxP74{J?y3W=LZvE?R>_Ndi9^`XbVHJ_)zc?wW^>Zp9vEKZ)TAR_p`uP;sY?b&m1V}iZi!Ob4y|wbQCYz!!C@Ep_3^ftTWfihcEiI2pOEQ3kvOStl0jsAJ zBS|p>a-%Q>XOe95>4=}7A6_#r+euK)sWh#(&blh?d zglE8kk`{XZz8{>#FRA(Ref=>6avxfG#tawVS`ZV)~2PQ%o?{P4a~ zdX`egNzdQuOG?5fc(uZe>9i5EpDXV;UvA}JoA+E_E?yY-iSik%`}WXEfm!y1!f(p& zh%hIkp)&y^V1hJGk1gtH3hte4)g&5WGMK`nOE#H62Hl&B1R-DLsN4kQ_|9ZbtJkVmva*>D^-ijL({t8& z4vM`qDIN1d?giFef9%TSo~K`=avHT}&yKaVwH+M&p!5n4E44UqF(kV{Q)`KNf6MJu z(D)8@2^GukefVSU&ds!gjCg(@tc~b{*g3bRn=}>ABThm|*Z7eZDQ$lo^Vibq-+ZC} z-EgJ+`^G%?o?|#<_@p2Id8J_1XNGB^h&whZ%1b3T>VtE=n%HSLCI-P$<_t?jJUjdaB3S0J;ANtoHmx%_P9V(M-h%(j(p+pUD zgU^CFWoL%f-KB0l>*&=8INtyMS#iC+V(FRZz6R1le5Gk+`#RVsdW1wRB?X6U9=>n* zTCgk4;cZdrnVhoVzsiCcB}d9hRXle-aZaG&vXU2Z5j+Ul>3CCqQM)0zVomLa zn(KEHwGNEZn%E~qrOu` zJJnL)SVVj4_Zi<)7Z&@U=6(Hoe0X>~;eKz!U!IW>6+(Fc2*M>$XHWvgtR z@6!VQJK9QUmpo0KgdEI2-Jp{ldr!K>fUI>;`)A?~%IO~uX#!WzWinD^1L)hG>sXjhf9j~re z&4zEh%k;Rm{w@lBVQr*%PxyzyLE|CgQ)d(+QO5gGy-*wF@u1uS#7IUI5QFNA=>Tbo7tP?)HhF6`8eoVuFIR7{%ABgkM3?6j2Mh_$<-7w*W6`8RP zJfm(!22T(PKqzNV8#38O*hW4R|9{0+J(%n|@!9nsvzs5+$2LZ)t~cvSBkKE$6q1Avy0k$O z&Xp!TagR>~S(QiZfSzshCH9 z*=dhtRPw;Vt)y@yGKfm2tCv$)PQug}v_i=i1%_+i8wwt<6%Yq_+g(DjNG>UJRj`g= z)CHUwep=L9_o^VkvM__2+#xR zBuNcxecyO%Foi4aD#@F!(>GfAboXkw(O9_Fz?JGFy94X=J8F*C_!KHqs8puKHjJkQ z>^&5zs=!Z%+D6CPNVtOr>^p&&uA9p6=6YJF1`{L66l9SCgcVu;M603X{r7LSjwf8Y z_TtUfuR4NzX6rl-eps7J-Lo+_IcvD_xvN9o@YHQ}`c{e@NeN3}R954cILx^e8WORc98We)AjhbHPq_t8}}zU9fLK>=L}+VL-$5}YE| zUF?Gd8isAavShszKFz9uYtclJqbA-;_=D*T-Eu1W%|K3rYe+m8zsZ>;#)(99@!lasSI{`xIC|;8(Sx*%!<~2_b z)_&Gr(QcyKHVeB%th+d}hMWZ?%+f6iz$RB987uQo6t3DwdiD)V`nI&=^=d zKR4~UI6b`I=#l1VTWxp6wC1#Czx|hju0PE^9X`8vFHlwXqEb&z zd!ikY&p$Iyb-6Gt`Kxl2Q~WK@{S@qEGL8|HkALdwWybSQN(k{EGrNtkl&}GQO{oMJ z(@}2M@L}>E(;!?{B{qNBwqM`OzkXr1YGW3GG(Tbt`R1-Ld=MfmVFrz#@Dk%`Q|4s> zk&V|*6fHyU06vK(ff4LyP0@q3m!3IYEt95FL(Z^t-;5%zrTNZ{_P-&Zp|!WX92U(Z0`zV`^PzZNHfeXB%fVPtnMoE%gd%T= z2xuXRqVsrgWCFWdO-u!V8R(QSoqMrKrZu+Rhk;Vn=>!Yx0!nFegQr@>s}og%JMM4O z4t#h$hyAp6pz{_T$#vmmq6`mp(m|9JQE^8K%0 z>$&~WjengiEnM0l7bIN}$P|9SL%^%1`kS8ndA4(vnJ(}Gj(yzNIMymN>Q|QOWr{G4 z*tw913^iGN$>CiIK=}&X_zc%@i?26Vwui6BduRmrf`|cxN{X78yRf%~jYOj89f5;c z4(D1;#6i)QN@<`K`I_W??ya#k{+dHX=$|;gl6)zPo{ka=FIk;8~ zCVD|f|C3|(5)fGyJP{7Jv;XXPW^1^)kaNp$b-LInd}01szTxG$6O&!Gg&AdqqM|5X z)6gj}Hw4^Tk6<7H3r5Bv$SO8s4|Zmy&~p`*7&N-H>9V=171K1O$8n08$dB&4Nl#($ zC}9spGHmo-GO%Pp^ZS?sl~WaD3M=g-oocHWQQ}L<^HMi|2n+oap9`#_tq*$#zMVOj za3SpeS;5b)j_-52CJN38eg4Yk^s9aGRzDfyw0u}rgCO!*1-R&*78DASs_2JCCH2Ic zll7n)Rnjg6okJvV!Qt^$QPZil|N2D%tj5^+yXkOrLuKipWAr%t={~JlwLjK5gP+Fv zR@c|_j6Q__80_d8Z&NqFQRbMeI7L$CU*o=&X=-8_`=l)=Sl*p!Zn3#BZqdOURFHVk zl^{kee7@ZTyqSP%vOiH7-RVX~uW_i}M%jxpFv<`5@U|D_Y z@?@)}OM#Fw$YREW50f4cB$IYhkst|r3k1=V7+KgvS^QlYOX4%G?3_EnLx-N+8Eb=Oz4$j|M8OHLQ2qi!SGfSl#z|2~ZgU0n zR(CscEE;owqDPOzn>&FliwTvFmr=5{2w91FLnK*A;u(pR7_46XVXA|CmQ_(kuf?*Q zh`J)vIJK;D95P6aR%d8xLc=+Yu$-@>dG@0_A8Ovdm)Yg&sBQLO+nIsAgL}Ol1TWsw zBcxkdD;?ZtD$omJ>M1;)5y7lS+|^L0H<}GPL3B0wstgDoEbAuMUs(x_!MuwE5TK~# zZ<@wH)02tgf`LY%dO!M(t$O5t{mEX;Q@#E&b?7f7-0_-`g+Q#>NhcDUh!basq4yG@ zjh!S($OWnE3b^oJxnUrYbOG=!Wogp~QPudD7`E)MtWugHi{aLvUsLB2W#|GZf}1ld=TJBGfl~8)t-LCxiqfRTl4UFk2(XTbu#_0%jE|1G zR5%z4p5~?WY2@VOfKb@j^|{A^V{5O*+S{686JxS0i*UkY?gBm4FWFs3J6%cu6sHCx zPQ$#I#ih;yrH9JbD|3Ma06R?gpA>y?iE=*jnQ{kug>l&C9pLSURN7^1k1)+e3X2KD z`_f6g0@@Mh18xL!Kzy1|(ho{32Zsk&m)BzQuWx+JH(Z-8wl!+seD{9)p6l(4ONw2- zJ%U3K*(Lp`I*_K#MXIL@t>J|D`Iy((JJ@3UKEe+~0fL!gN|Z=Ucv&Qhon{G8$l_Ep z$X*P3lF+Vg1V#m(1XG%cw_LCjx=;p>At`l6qSCNsDLlrqm70|%aocLNv#dUsP|o;T z?3BBI(e884y>z|Pfo^g+0c{6P`v2Kv)z8=5)_?Xvy62#jR@it$V$M*_uva5|bNIYF z^#&u6>0l>HLcu8*36JkhrJ)8TGE`qObiv~F7<-d)z*av6C$SDkgu?YWWG4x$x zkY~{DAWx!vYHgBta%Lx!`;Qmt5)&8V_rbqUyJzK$bGbtkTj_2Kc_x(uSkTPbz_HQM z-GS%QPbVe)#kJTi^NP54SjVb+FZuF?PTo#28SQh@IIkxxe#RZ;V@(Vi!PBEDlH$yy z56Ys;rLoOTwM<;HOP|(~Uc~uy6u24RZ z2!Mou05l~B5R^~6DPY0@whH)41RRvaRATkm8W?$zqzlOc!byrQTeBS8?erocN+!AU z`L03vpz)_thY?o}I)x%AkxPCb2WMsg@>yGy-?RBFf8*yfTch=b$Bnl@BJHhtL_=DG zh6D98Dcyq1q|t%Eg(S7YH!J2T#xdDk)211YY!KO5bOPwyykL#xLPDXrown64g7>u= zY8D3H%PoYp2nZJX;?))%+G z3eo>6w5`p&Fm4wf%|!{hZ?7LCJ?Rj~jbp(1nO2)z3!W8GoRciwt|MX)0dnuNm5(?p zHP_KD{{JIjX!L(l#4oeAH07js;Pc_>snkl~sB`?1q_oAEiT9kHBh=(y;8X~1l-vBr z9MP5%i6R-cCS^$2sG}W~P-&Ct|D>n6_g)pWyJV zXPmkf*uHSbN`Hy=RKf!Q)CPeNfuiCG1V4Ea6uQv`icUgqawoA_ z0|5f#hNUuK^a>dRz&J#D;w(Ev6kl4`xmSDc`ff-$!)thpyMm8<>Ftf zd-9ZB;H@uT?b{9xw80(S?wOI@Z@--mNy|gLj^=h8Xa=>S@GudEToWj3q_|eNB|^am z3gnM0%w3rS#=6uAmVkx4H1Prn&@b~dE5&?2*UDSMSF+b^x8C|( zp|!8Xi};RSL}nofZdN)9@NC7dWaTF3=I6!)oeolRQPHKU$mOQG9bp&Hw1Vz;)i6IM zTf%z6jrY-o*^xItp7!5=^}q0mKE8wq@ChO-g|}v>r;Uo-v_K%bS+H51^E6?SbrTy} zbJkOnl?#*&Np=wHBMSX11Yl(da+toqGC^WePjaH%(}pt*4GkMFs%Eauscx=(@z@+0 zN!W%DCaS0N0J~Dml0J7DhlE)hki}1o)Y#68@_Z;5uvAIY0-h>`sY0YA6cSvw!7H1J zCSV*1@I?4X(s(%WA>?LBo1fBi0>6nzDCqO*9znL`@>TV z*Fz_#s#`JxcN_fd2*0{A23qIWH`y`pzYzwU*3A39O^de3gRG8wQ$&?NSO(i#0zh1< z7)Q1&`yIa-f8bW#7<#LTjl=}-W}jP;Lp^QuwtA@;3#E2=Mf74ijiZ;yqDq8xdO<|C zYnGDi{z4lh#oRj2$AXrg6@tC``sDYIUR88%gFx5m{iS>{_K$i zg8v~`d9O?-K=|_Bk_yDjMANfKC@hEBBf?VeEaLIBL93=#>-A!GAqaTS-L> zN%;ve?F3%(=B}~O{?XN$!J$3vU9*PyS6A>JhEfLJX_tDao+te%wh;{86o!C+Jimn4 zQA>9@AA$tYr#Lqz*DAwOC`CYEl635djzVsNn?F2KKs*2o`A^gE=+`I$Lu){LTSN1a zY_0#;KN=3o-xZ$VxB;pmMaeLA-wW?u^PIZNooaPYn+&3xO;a7?u9D{Vk^&P(Ce_`=h`yby`Hy4J-Kp1A!<@h)lo$Fb!;$+DylF7|9L#6lmzy<(z zh7}V!2#PA)%7F_QHwJc_-?ji5TP({;M?hCOH^0?NZz0zWUesNK<-sWMjWy;K6$Uew zso2%fKiL%R+3+DbYPHT3LoJoG7x24aFLD$=TM zPR_czCN{DXvOa_$l_2$B$w2u($zbck)}&JY7x)+A50GQc-)Am!A^M3tXcikApXD4c zl_Zh&`$8kX49#K!?Y6XhF5HiL-QZkIl`=Zcz6m(05`Y+8tQw{_wdr?U#y;SQ+H{lf zjuxtTyt-J~w5VvdgO;||_0<>c>%aN|?O9-|s);3m|2jCQfp5B0xg&WLPvK_bYE^06 z1d?mTj!gmi*2SeBEwi0(a}i%tZpS3x3MjZj;j-Ja=mvByOB#fh1ynEs1ywGwrg3sXY28@B;`@ zhx=hxmxiYk)FspPYR(DPXa=83x^LfB`}DZfhn-(XBxeE|!cOIH`&_H_dh5{&5*EvA ztfaXl3gkOvujPP*5Jo}<);0ubS-P?ZPgcqy6Y;JhTCBQ=$syY!V~6K9E^C!%uhlkw z8yufE+x|j+`}#l0W3w3}Y0g6we=Bb#G^4VBj^RFLSvQ;iJZ56KeYdTRoTa<~M;+>Y zx+v6pnZT_sDb)rwB=+aIys+6sZ7uDf+gt|_(`a)&#KZ8iT4gHeR6YS^qUtRvST4sN!2)+2?#zPsS(MwF_SVpl;k3{T&qyXG=FS8t^HwSrHpKuYSY_BOcRhjiXt(); z5;d`I^HH7}1IX&;|3_9|hO5Kjz^Z_ALxOa0-UH)bLl^vBVE2#{MY{2B2=)R;0iJv_ z>dHsX)7K_VB;8tCk(zv_SfWUoNhroFNfw^H9$N_{(g4R(SdX{;`bKcHT!F5ByfD3u{{#{h(ImN1l_AF!8`0;q;J zD|Bh4Ymd>7rS|pLo9iIpV&oCN7C_baO&jV$P16}9#+@CM+X5iXg12I3GBV-$2eV#B zNMk3wyg6P$JF_r81UweGK*5Dt$iwf|OKvVfsvk?uF33o6_LqYn6Lhi|t~viyc)x`{ z&Zl;;`M`&@C!yE(-)Yqx7*u+#H9Ruxe>QPf)3KVp_1MqufU@=!nOdVs!lDFeQ`i?V zYE#|OaKuR!XL<|3cH7*nn~ESz*P>F$*~AXS*AO%ekx-;;r)wYRD#7hJb2i{0&j|f z#w7h>T;l;Bn1t;u1rW!eOF{gD@~Xnvq)8MiO)>cnzrrqI*l&=%EWGnO6Qtg!ZEQ|I z7C7bh(X-*p+I6498T-1lGBDUby9+U*LB4-{-`wPDAy`u*wrb0+F4UXz4Ab|WIoF1mJ=oj++@2pkzjBV=URKnK5HuW+_Vx zW3r4jTe5{=$i7yRFf>y}V;kFu5~3U_OGJ?xvec+hmKKhZQlt`<^?B=@^L(G@xqiP( zf7I1g*Uabjx$paRzwV8g1vdI?8mI~m%1UOo_XyP$%kQC4&U;^mweGOeQ?+{9n78(8 zrvIwf*su112VVC+8;yPn9dv-B7OcUdL+BKhzmFLq4_-K~?Z@tMer)#+A%iT%1KMWk zn5eKQ@n$ShdD}Li0~Ob36|q{LPav6M*^eb|Y}{#hGBMWAZ)V{W7*P(pIp*c*s?}-? z+0Brdg3`~1WIMuDGLOLTP89Lq!w%a%v7I#5PSb3W=Zh(k__h4;iG37}A`_T7_cv?~ zd4d^?BlD^vI1vzo-6P5*lPl7c`=zGYnc{hQqo?NL+I~IU)V7#ky#M6qUPDPCIV(oQ zZ)7K*FQ-akGM3v#5$W4HDH^x=mac~?~gai%jx#n_uN=)eI zI2Kk{aQ*gjj&7y>4rHM$f)~aky!2I}4BA1cN(LlCd;R ztg%TF)1`)5>4L5dys*Q@s4U?^0;y#xpyBCDRIuKsH-)ZV^G~8$W2#&gIAOWH<%`Q^ zx_NO~XWc53k|{|J10}fa(wXT*EI0KEoE zJx=5;5>G6im~X*tQ#QBLCZ}Wa!G=t&qI?e$%}ie`c6awa=I^X#(V=r&ceb>()YYAc zn}4#{y7%+v$5p}QLkFp*&oH2voEZxG&&+7~h)j}LwDgUw&G>>%&Ct59Tv44%9Po%F z0c~hyN>Wu6Ehd!&ro$>8JB9cjtaq$;-8@C@X>KU-fJrCP?ctWd7YSf;=JQXZ<*%)Y zD=(fV{`mXid(agA3<-ga*Rk*tGEXd~z=k5!8V{Mijc)?;MMJ3pEKpkk4L6{u4u}MV zSqsEerY}n=MbUDC+K(*A48=&QONzo^DGW<!$!Lp$S_za35d^{FR2=+qfc>#NQtbWCPM6DXdOWyMtBI!=5In;RDd+-Ql+P}R{Gu)_AY9T zw#=*)_Rf4?cE0C66Z+cok;Barx&B>HO;s3{85#wfV#3R%mHGDcJYbn7TVSvFImakg zCs>Z6m?f&!f~aHN0ii(QWH{CSJUQqEC6T?_+uPS)T)bfTyYA=I&>0=wyq!bu?d41y z6oRs!Nm@x{g0pE(`q>es5sC(`JS0Dhu8#Vkys2kjH!bIU)`6aKF2SHUf)EwTlmnz) z8WoM4G?`RKU5wcN>+6H1#~K<{!5T3`vu`}x5~Gj57~Sv>&hYk>$Wm+Lmx}sP7S@# z|G9cBZl-u_t*34E(}%SmXEs$meoR3s^TAd?6SOsxHJ4qcCMF5qMNpM8VXOvJUT8?6 z*jgqfXS)vGTUnmdNtl~m`?mCSbq*MKkj2zbe8V7?@yLXtVGX65Bhw|or_N?>Qx6fl zsn~ovO1Vzs*u)Pgzl37G05gXp7T~^*oJ`8IVd|OBv9~k>Y`_G@0kxM^x#P}`<_$Tk z4o~m(Zocij*gh2Yd-B51@WH#SN2~VTeKqFNR&e+6akX}b+f*$GO)~|7fYC5yup!18 zt|}=)R~H~9U=jtQDx!`=pvi6rFFdCw9Wi3AJOL$EF!PcwKZL-p$i2AS`o5y=`%J*^ z^D3f1Pvet{G>=U@%#5eoPN1^HfZkUJ z?`~#^Wq!sAU`Nq6MGCUgBw9zy!ciRlch#^*j0Mc+cYfj)f`VCE3)Eiidd`%H9vAKiM3oqspe`r5Qzr&MMh zBjuKfo4O>xwls1&c>VLlpM7#LyX;$7(Q;dOxQGQ z@|7|O5x19~!MMf0&M30g_aqxAj2uiab%Dr~OH)ZfWGGK``Kq49F1!#0yP zPi$qh4>fu6X^`&bo^KFlbCwe8K=%%sC%=TBE9OfZ1$`b_^s|aKFo3G11_+s{SewwG z-bdB$Myq}8Yd;US{Tf*^I+8dOb`VLGq6{nl53B-2CTl=+96@tOR;=gm&qOoVZMqua z1~xb{*&Ar)0m2h_;(-cC-GK!M&^|&Cz5+}b@`(9}$GCL`Cy5ag)7dTrmhGZZTGAID zz3UnSiy0q+1^vH%7O#$1T|F37()Rp7kVEhxFsEEyqjc-d?U z`G=hc!)}hcw#EEsv`i;Aw=3C~r_ryjNM`Qm3xii2LX_SE+_vX94mZT{AR4eWJv>g< z0*abh$q9=G=aDYSD#Xm0zT8~VL;omJmXeyHB z^I*(dA>hOWqdK{~^8z91)~9Q=>0uwE0>kPeV`_d6y2VG_{Q0-`&+sjWAJrSjk3M$J zP%m)~!o6Ukk|9FU_UL|549ZtXs9du1isT8VoGAKoku7-fZM01qS!xn;+0R6cYY#Cl zSXQ%!X9sqQN6%IDefPTb=GWV)zuUmwl+#0NK~-xUROxJM?MZ+V- zLk|;;176jGGp(d^Hj2YgT({VbfLX|V56To1i^k*ww)ejccs&vi&c1Q=YHPmZeCo`G z-QJs$7}K~{02Ie@2wxiwUiCe|jG51}4loa&^@xk=nZVXX*fr5bvCxf;IFCWxzE57y~;`($EDU)_p!Kl`9^Dh zdnGJ9*gKZ^d9pVNZHzJTWFnOLd{(y_teY>43lTd9N1Om#X;9<AZr|8d(pzmSdVgG zz}aq+rk#}gcnxc&v%XmXD?)x;7=Cn{r++^@uA9}907O5v=0S=^KbM)eo&ZgO>vl+L zPAS=qIZV+Qe5O_&G(e9I-t|&`!LRwbduv~?-r4Z6aq}^SW$)IXosR;l+ak|=Xuabn z|LIz~*>lV4=V#@EpviEyi5(MPj>|+q8X3URZshYI6j-+!c*efOO+=+*Cg7-F67;rk zP$>1({^rOttKVx}S0C4xKi&D$aP7|WRN?5D-lnk^g& z7bG&9vs$4Oe0rWB-&&YnSfq;Tf^Snktfh!}Lh%eD8qsVgkkBiVe{!qvSij@PL*IW{ zi36zX+`N%Dib?`!X^tUt_D_6gN_Izrd$wDxJpH4N)6cg2#TTM&onn%*D;d_TShgZY z(fElCU?}4+B-4>MEQd7&?)ql>%#iGXEMJ%^9O3@Z;aX3?bE!v*Z-xv{u7Oqdzn>=j z`ugV8?Za`b=VZ~#*4;SK5@{K26I-yJ5mFc7N*R{$#|lId%9P=}XQIABd@!NQ5r)M9 zVn6~(RreNQkXiLGZ-L+P`Bs)>V7tQ=l+77C!7A`M9mB<5P-~k?OqidD)cTQkN+!74 zLOPd$_U1_|Q#2HnZc+5hzhao@;WtH_@gqu#lp8mnrFMG)hei1aQx(F%RDGwOrQ!mz z`rCb zFF#Ey%y~bnE3!6!Wo_#4`@ZZ|uS@gA;!E!0^5Q8ERh6j$Jv^Fo6N72M{cO@nH>98C z^gQg=Y}Pkm3#^)Cn}fy~z>FQTf5Ycc`N|$U4Nrdsf%nm;nHP6I|NL_OCO|aTvp7?} z<_tL*>X+xijc}_o=Sj#YPrShBz^9n|CvNfiJH}s6oTjTY54-9+HL25X0y8~HGa6C8 zs@#=X`3%`0b-=95t?;#{>+h+IgkL&FYa<6&r>X@LU;pa`IQMgCR%^59ZnUr_5uJ}? zvTGs|FplGRT0Xd-#Ci@8(Ts5=PKk1vp@=-+>UR zv8~hTS}x$t@jpJE_e%T$y0$>sG+Sk=Z|4s+Y{MYT@_r`jE>z63M9(+(7NX?uKJ8V_H4cT9xI(Lcl9whikjWZ+76>xYjYlG!5tuX)-J<46<7CQd>u8Blx8WSi_gf9d6iE&u%{ zCgI!ornTkOgZI`36>f(uTzl>&e7-veF{uN%vc8d!pE)r8{AnDDxt~tE#5WmM5rDig zz2-3Rn%5#=200*GgG9*&_JE|g%V4leyY?#giNcmL#W z9aL=(hF(f=j(~}QCJ4NQt(5lRCg`{{<^v{_V&mec8l=O2e7byiDcsXT!Y8UfMB)@qByi5^c& z6=*IBVGTnCNw65K2Wd^q$AZ6(W&EC)T^;Y~UklMnY>#rxQ-A*QiZjLD%AW5M054H; z98ad`8#N~YFw=lo5u526WgLYpI1ie2%lS0EYqyn+wx%G%;{uS;{$xOJni}q$hF$TA#pS!5b;#XJD#fu@?82>H62{9_bznH%RK>BkmzSs4=P?h_%Of}5Ct4|KzX0HCEt%w zqpKgIt1Fs;Ue1($!m*$lm*}ouLdPW2+>1(Rk zCRUa7g6N!#t<(vS-2&AUd{FE)Q!VDpE9SHF^FyOc-!hDr|GoZcg24YVm z3g}ER8HQ_b*L9{>2Mt%2-gT)>>C9^l-cq;QMMmACt53tm1BCdVn$t*BbTijY zt9;(+WDFfBEmKAr3!At-;zZ;;%PND@wibwPACU(2C<}3|jc#^(Y7brU`Zym@*Zlr= z`-7o&1+OsewcoE+cNYIxT|P4VxO!A1-ty*{&VGU~wF@+ROmEZHz6I##ywav_7JE9g znY%s8Fe-?s15%m4SR46rJ&&oA>H;=MRpWu?6!%!;4~jQ#j)7{S=MjxoL-ab+#X=rw zj)3AY?1Qu?WgHr1N*`D6HmZq8W5Q$0*L$2n0`nVwRcZl|8BZ}!$J~VwfzSls{=iv{ zecY+?^%3`_zV=NZOBpD>_w$|Jy_m#j^@DDgf0$UVBU_!7@+8*t=T7z(AJ@%| z{Y=!{3eaqvz^myraGCiQ6%ZoYk!H)^5oJlkOrtONBdKIJBG{x3NpeVjfNIzyPkh}h=f2J~EX6F|&ikB}K>Fy2wQxLOA|~wgoRXQ&wS<7oCid%k(Yvq?CP|TPG zV;V*oE@uY#poFx7?A=PbFPn#x9q)~(CdQ2}jUBa0eB-fN{K0DNr|a5mVXMjkyXy^%W zIp@CaOZU9KR`|5;8>f1+dExq>{dQe(E&=0pmsRt~ZrR?XSF{s8LaH9mM z?S()@Ho|vDrj}w=R}5Dac3XKF&L)1lwfu8n)a%mb)kcGp``i|9Y|*W1x2#f0z6B{I zXEHY_SM!?-x6WRHf5 zqSOsLeU#vketAtX5vZrKbs8v1B3cWyYt=bE-&I+5s%$LrUEEDD+kO!Afox6qQ5JJJ zPel5fy%ROlnco7^O0f@Dr$r^lA9eE>9>FC_I#tg^RV08)$6_VIAdsjANQti)@{-}o zm%cJkSk&9OwqUgGSZ`KMY0X;^ENrB6ogskCfb!uxD9}yHn7_sHby_GBrjBm31Yngd z5l{)Rl>8ROu0sX^`g1Oq+H6ld+wS=(jr&4j)cwe*UxP2VjKqhlw>evQ{B!J^*Mb0g zsC9$0qm8tkCK%eZ!dX`$P$*v@o)@5xB0A|hen!T-KyPhwHOA6LUG2<|@UW=4n@=}o z?8rAdU0@XNe(&`sqo-;1u9j-MGpSe#PZb8^G1W$-wY6J1Ca_W3bvDhKz!+_8&C?}- zm@~a?(((pH-%VdBRt+>P&q+>NYCHZHBQ-#b{38T{82QL;YU{r-5{Ih4B3Utkpjn<^ ztxH7`w&)^L9#@i?s2N45izuJKZS%Yq5&8WQ+#G%wqo^!6s9zqz0JXyP=wJ@Upp~!S zh`G%4@|;U7yTXd2u`>;KjecL<33@$^;?`Ps-qg|&5-OkuSnykfVZO9+X)Nj@gVS>y z?5VL7ifsl0qoEKe3-b9IV8Zhshx_+b_Uw-Rivu@}7JrR_vqQ69Mz$8=m0qb}Icy3z z-JNGG40a3iC4ekh#M*`l5!)U+)pK461>7wf6hAzB$yaLhTmRf?~A`D3sSYJud5!-&Wsx z0uQOPLR}Ls&(5P{d6q~8UC1hIXdACSdVO_vu6%9r&gs?TtIIY!!gEVDE}e0}V%4D1 z7$!l2VpRcDxk*e*4oC<%^g@P*OhM-P?CfqeR{FGPH1059bww9F5{coo8xves@WXRk zN8LSLkF>T%#l){XSzP@72`Id`wa0a_^F;|PjAQ&G*DxlUNVM~N-@qP0f}I zQ0PREFr`ZdddV<$;bY&nwS_*g%Dv}mV&bwsZl(Ml=+O^4$FvQwP$4rSikM}r11tlv z60l+w(2q<>oT9B~*!Q)Ie642umfHU4xF4b_>et=`P`}rkT^)mOB zI|)@k2N$bjMq9wZ|J~VywS|if#y7=#Dt29f=Q=~_nqZQ$n@6MItyTL)Mc7dF2JYEC zKKk@qxz)WOoX*9*IsIhNtWj4n4F8&b>(B)=RZ9&<0F;w_%fti)4w!)Y9N)NKw4QF= zh$}q?trZr57*GBDIA7`KTeWXQe&3GKldoSdj(xE5+NTBN-Q}6)vEAivr&>J;*h+iF zjS!|QQF>DQUwo|_d&)E6Ksm@$)LGZ?z+c&b9jezOw4+vfJXo>WRx&rF|4B3bj)%_w zQG`I6IcS;qC(WcLGZ=~oVIL&@yKh7U(Z*k9ZU@UxCs<;KH3b(Dwx+Np3zcJlYWXs^ zX)2-x7N8mk^E3ZQRRMDzKw#rNY>EvF;ETd-TS`%iAN2W<6Sx@qpU zyjYg8wvv5tZFPRA0W?mygHyq#xDrW_{31|_YU2UmwZniS=btCChoZmHzy#LC&F8g% zzCW~%%kV)m`WE(bvIux_Y}6JkD`~^K+}mj-u3tVpsSAI-qh+ZzH)hNuZYixn&&#Vh zE{@zbIBrIIdCMi$I~ndv%*tb2o(8%A^O*yx&K%0!RklmX?0}iOxL)0FO$88d1;AII zzEu4oB-FJKV(Mp2ma?Ie?Fy*mPA2e9nk>XZ7MlT9q1ZR#7^*IkWC=}Uv}&v2d$a5Z z?|N6gisx6qA6ZK*)>(Nvx4LHd*=Wa>d%>raQd=E5n7b-#4~dFm(E@HIK4$#A(pBZ7 zV6bY!p_}QES!9wfQL!%E(ncqQMOEP2P(uZRLp;6a)8lU6fSw=r+Rb&{npZ|I&M&Q} zpf|Txh&;nkkWjkyq*jqTXjka==;nKLm&1oBC)K)NfZa?w*7|O|?1)q2c%bk^5Umzq zR4cl=DoV2CP^wnY(W%Zfy|G`TPZL*HbrQclxEtOYTR(PH63^T~X|fjLb85am;>y)& z0A;ZcWJlK+ikFKlhYxzn(aeA<1 zgHeZHe8#l})s_e_;SS0~&7dzPo{85PKQ@6=K5XKtioV6y_QNnPo0=B71ltTyPn9|a zg`U+DdEGn`H}|FgjGi-)4=%=xy2Q;q>95Y+(fTML`c^~VbNicPv-67&o@ZuKp-e2) z&K|ZMxJl6Sfl7u8Q8Jy?$Ux+?)(TV%_4{n#{^y-#hn5{h>`?0!2 zShwH#*x8IYSxLer$_Ofj3qbR-Rw48-KJ<)YNC;G)r8TwkUd z8cYs@Z8-y-x;NTG+J8p-lanD-drX5)WA?777F_7dwY8Pd;K%6~f4C#N?&7TSs6GV+ zb1kF|O*$K>8<-{@L)N@L(3TcW^;Y*O6_~IK@X@BT`%cxp4!C|}_n@Bcpst>?d=A}?BMrsojQapB$L`kH{WBwFDiohOXQf!c`Pc5RR z>@UTh3K3&nMlg?b@UT6ToxNKPPk#T9xc2Mz>^={R;OY8aaasIb0sjRCUxwrfB^g*2 zok3hB#R+zt8OELJQ0P_kK2gA8-A>&g^cGoggnO;!RKwiQw#2!S0dSV<)!NGPTT}E^ zt3X(4db%0djACu!1pY%6ytggwiT{&cMc<11MdwdCvI`I!D=_}|#bKHEWuqAgoWk{c z2&w*n@1@;)T?O?fk(EHRYihi%P}Sf*ls_B(eCL>J{IQt%!QNcDYo;TeFgqFRzt>^_ zi`B)wB6`E|O;8xxvI1jLjMxOn4-fOWc9*3#!!})av7=8M`L6v&_u`3=@UDgQy?c-C zo!Bnzsv6~kHkXqk%MK{Xp*dKrJyHe9GaOLbg2dHY-RnIcR?+gVxUM|6`y z{d#OYMpHGO-g!LMVtH@%#aQcPe&b79-)m|XOson9MpN*0haq%Heoqc~`&)7jat<)` zt*u$AY&cT-j6S)jSCGeplOWMTK89=yl5|pmB0b0Y2R{K?(NKFYc5boLzjZ|1 zV)MHIJ7JmvG-YE4lUE{O$l}Gqw-by@eGp>Vw8f6oq;Q!?3xTRYz#Ay&A(Y|I!4PqR z$`0eVCX{IjpZqjb4l?O{DgL^bR~%@uSQ#odid~Co3)I$%=56Mw)sOhefJ_&!g5ag< zTThcVB1NoCQw9q5`)3#=K~wbdrwIG~Y2($n{{T*Svk11G%}*T#rzUT&#Vx!w6}Jrv zgw<{L&0*gE1Msk---&{3UVT9{{whh*Pur}evf~F^jM)a9jTyO0rzQP-Ce&g z`1YLbRhiTm!N4!Q->WdcR5%nic5Tef>rTAy`^i)Bfw%_-rbDKhKAd!NCI!ZePlrHx z+)5bYszf}*v9{J2k`w}^AnP9JJ512!Twh&m+`IS7bW`j51>K8{-?zjbHoYM$43=0R z_}wtL5O)Lmlt9~_fZO;MW{*UPLrg46vEUjhBGQ=C&1Amc(?hgP44oQjyc83pb3XUO zoA)~#2X@B%2su~nVQ)cofGckIMN*S3$(+VY>aZXumXz|19Z6MGsxVENl91j=DG~^Z zctnzXG!3BILl{8&^99nabH6NB+{&5Ik=PG8gTIQ5>j-2HE18()gpiFbkePFs zjJ{s8cQI{ovu&&IGIqAEEfuDT>~9oGlK2-_Z4*UQB)a0MBHb3vJXtpKg9mIi57?>$ zPw0%LlV@Al%DbIorx$-zJzZP8UF@}te19eHEb3LCJ++j6Mva{+R9Gg^jz*Gl3^qlJ zlHe5>yd-9HpUj2wHyLSGda!%=?||o$%-o}{qf?nNg^%yV*ROsId-rBjRmK-x zy}|s#`H1Qp<>idh^DU~P;CgXw2pL5l_Ev(X>~NImVy9N7l!YLqM;O;&&(D?3@ng-h z)WQcwB7-#=J)0YA8-eT!2b!w_>3zkZ=Ws zS2@@a|K1j%j$a-6*e#L+m<}hnbp}F(L{g~`aPC{D@brA51jkYe@N;GvJNH-W$@jkK zT%7C$yRkHSUu0fEnQz2U`MNN~IkpAf96Vazjv~ZimK=+xFu570eMXK|upc}-1AnQ> zV{do8MMV~=vV|PE&{Dbr#g3Xh(b9ch_VB0qpQG{1#cQiQDv2l87J3zuQbWn!>J^xZ z?usr=&1uOG%E0Um>${ww{$y_i>YG`;P<_qULC`kgA>&A(iaL3QH-OFg;f8UGF9zCH zXFhmc`k;Tr@_^m3TUuD5y0m{#w9YVK$vrAMV{owhH;DRh(Bxx#(DY2i@ z?Oj7C|5%DLd$H#j5uPo!u zG3jBXZLknWgAaS6V24mA%92;l-ABR~Y9$1(c>rF@{C2@^f+2y(_U*`_3b+Va=%fQX zkf?;uR+>!Z?IH>LC<|Kp-kG=E)VlyMOzTbiT&OTV8AJ_|HQ(rf_y#BLdRv9}Df6eV& zZ%x?w`fhxc4CL>CEqJPR76DgZ6OnU`mnwS^A+5kZPmHgip9RJ77Gvv-brAEiH$=J$ zwAJiJUVd5r#}FSsZCiYm(Y8+~;!ciw_x}XV;iCJDe-X?E2nzo}(8=1=I&(zj6gC8_ z?w@aCibN@?b1|}}zNK^f{AYGeYFN2>9l3LN_#pYj+XGAhKZavEKEiC922SSQdF*C`qlX5Cc{m9#Z-8_teEbX$J~#(9diSIwc#DG zNB7tYOnzEf=yhbbx23u(h}LjKDb~c|M>hjOlxC-*Dlouxs&t|wIXooW z6*)(-J|~w{u#2G5ag3*isP~yn-C=afA$*tf(1p*1dSKhZja`N4$`O5egfYYyf!ZSZ zfqtT3KcpVNCt9Y~4k=cT^MBm3yFf%Sb#uH#MMBoG^d8I3ae&x=+3Q@nZniUSc@M z+~oC! zK4*OKN}TOWi`j8K{Dw}o=3P&XekW|FvP^o1>~;cFI9HsPnr2!&m91}7{}g4C5n`## zAnQ^faG#uL4?Fs?y#T)x0kci5GYfgI_I^3xG|>SumqVkm>UCrYT9ce(Vu7PCf|JdQ zOf|Sqhj2QygnR+vpqPr8KG}RAUS-hh7}z*9pW(h*ez8S8ukriK&zLt)0=CsrxXQ-e zggaCdB$nI}P?&1cGr1wDU_Z&x=e{_)Q^icBL&C=rn(_z93jj%Z!qyIxf_$evEYE!oH;M=TRA+7RozBzf)LVa|qKvwI z6q|cZw#J~7M*>u=Nr3l9f&ih%<{3tYRbXnnil{yro3Cwx*ASH5FjP^Caoz`EZHgej zXm|hHh57QXpEuVgzX2FM+v;Ph?}>jw-tDIHWFPQ$C|UQ&P;xjzLOvl75^7=O2m6Rm z27wPr+VF~xjKV%GI^MnKQ{%^wfm269+D^osyKZ&KUaEs~f{eqOWFVN{cyC7sVY&jF zOF*d;Q3ffgO1e-=+DqhfABlvS{;zsL|MdcVGQGV(^hzigN_^QDqx0_Rt4NK5^)(*M zQ#aghr^HG~=U~y$lyb@mm@)Uk{v52O?xvK~0s_eqLP8Rh2{Pz(gd>J5;PSSCbOa`N zp3;l~?{EQ6niT%ySKsXCp$okY|7VP3DB&cq>*Te)`~%_r7$3s0v!uPRjJsapbo7=bz^zj>b>5ZVH~=f9KoRu;_Q4 zQPtYr-FwoTu~%ek{i+~*?~o7#(pww`?0gF$WygS$NXRLsA6;_uC!y42%vOS9A1=6W zw4&ktVBX%)qetp))N2FgdIo_~7cquWbvrK`-Zv}tnTDw{m}CS5CkC;#mTz|$YN)<( z>GpiI#_#5ftFLeD51#rE+7>bpY3a6gs*bzsB|(NCScj^>m;cw`Yzq)*A;LLf%4pFAdFPjCc*vk6b~^Kt(F37o?O48j=M zXbiF%PKToJ=m~$?_YOY^u@9Jv`z_VLTq6tQNaqUR1SR6pELk%}^g>GN2#6HJ3>ceY zhn+OVM)`)$w2!TQFsu-$-rrk#=3v#S`fLq0K64ceQ))2@!Imjz*W$Z_WrPuVPf7tn5xN3U=iB($c>${Q2&f6k_z!CY2DLS zbXupMBmu*Ze=FsathrDigzjMU8lv&T-f%TlD67Lx>d73YlY)W&y)W{%>pL^0*4y@p zA4Xr!?ig!HyxlxVrMQu81u4y;7KqYFDQG60R>L8f!w?(&Js@Z9qwrlkz&r5!iFLIE z^`re83tr;|MsGD*JL};{#d}yyRo(yW!q_FJ$91CLy$NHM1oNVt6)m9-tYg4pbA5J zy3QA>EFCyyLK0Yf1tyXs%V#uO3it|Sk4zWYG$1BOr>K$M5$lg`A!U1;9ks=g#es>& zmtt$c2|Cz_h^sLgt~?pbVF7A2yY@wIZNBSZ!rI-j>o;$f!_$ZJGV$IBN#DgkaB6Wu z*o^n5b7eajy?nkj$gKsJBybYfrf=2VY+GGO1huyjuX~H%e%BZA1|4uwm3R!*#k-Iz zi|<6?<3UE6Wl$)WFV|^(u3*ah*OQ9on=l_`6I*yzWM>Y|R7Rzo0m{ zs43@7*rlTdDOT*mc`eQ#7Tjh=dvnjlT$tV0wEA`QWrKe*>3gHEkZvO!38RahPc`j9 z>UyhFDllXx>mKoxRD(jGNC*t=YYkXgn_+Zl_ZF13W`u24R?O6`saqd!y&jE>do{ED zXlR}FllLiU#>QwAS}qq+O2=ZwiRB18lnq?X_GNS9cegI9>Zawt6fTAT_IvE^TDLv; zX8nYpd)tZOohv?inE9NQbW{d`l-)sR zw|59qV$sSE#C?I11CONnF9K>4Th^6v>A6DMi-yU6l9PFV5_b20h>{hRpZJ^-9P*JF z#rtSN93{k*5RyJOwh(M46$PAvb^()T&#O=I?I66>uQi9!IL1h>c&E28%jB%=_PJq? z=7lA&^$D=s*tM~QxVgzwS`Q`gsC66d1X)Q<#6uX`j9&kka{$>cTLau~Dah*xz7<#y zNCO+@0IFXGz;@?p9j}D7=?||7l{hq9+f)pjR6`IUfDF!ifoB*kA1zPPCdmWGE85W_ zSw;j*uG41=ViQdK?FOMnAq$2qf+D*&8R1}O*X=8)+xNK6EhWwGO_1_Wy-%~RLk*kW zG~I2E`aEeFzZ)lY%q{lz87T_GTS*+2q}mMOW`fLljbfIy25~nx@2Akn|7}?UObl{ z+V&B9^L+V`>58ejQJZ=~pmg=V-u5W7>Lbh(GWC44P5&)3l#Hon=@k^bR7n=BG#GR9A7HMyDnaSDHHbFks$QX4Yv2n*c$= z1A+ub;`GfFQMTAEnfG~IEEes-7Zo*5k!8oWG`AX8S0Vt}{37#mh6ji+5uRXGh)d-fgY}E_XY{cu;N6%s!p|U7G__&sg=5 zH?X-HIY6JgDzRj3s(AE70jWFfqQhFA}u!5@$aCKJo3Z zcQ+*a{cu)US5!-9GOy(+^9eGwDG*_}Ts|3w_7yNP3Akv&q-vxoP=Jak9!2+2wrGDd zfmo#HBzE$9iUB|r@FIghyeRurS)WJfXw&ikG`+Ns0b*^DZZwn z(v!y?Ho#CN{ho9QxCS6@85A0v{{yCyZOIPigGLCt+dKQH>HZ_9X2;L0{hBD-y7qNq zVWxL6%I6Hgu{N!PF6%2Jb7L2KV+WiwMS7Rr0Smbg;wg}RGk650Q^~3gdmrkJonD*z z;1$34(CgmP)YThvfaGHJ_jFz}WIoVM5%L9=`3Fb(lLs7ubyC3=!fZ!`zcrxUImXkZ zbL<`LGI73$xH`?+0wrwaoFa2V^E>Z&^4xp30Nwu2z2)wDpJKwE1F?2??9PesIk)Hr zv!EjTV^b&U_tjer?82(q_YKS7Hrdzq?m#bgFys(Nk-Q@!0s@k!Bo3)R=oCVRbTF=| z${$8h5MmE8P4^8<^RFMcZFAN1s?8|+Y4;sEKsFsFm1#$2U!1_Q22M!0y?Lg_)vTDo z1itTa9=iGRo8K#)y{B?FVqHj^B z;!%KOJBXa}wNITo6eZdV2<&$qh9nM<12@nRI3SC5sj5*$(WQJMqO4xqHO@flbFkIV zFuk3xU0V~c*2c!iwidh&sHjQaj7rbjCS3^m`1N+@OPX9En0gpB~hZ$O8BtUP%R)IlWQ5_$jMp)$nW5|fe& zMCEhr?1CM0c|_@?W_j?~)O~0sK7ibvtYXsy{E-ftKP<^W57bexlYDVVv@Ymouf5 zHAG7fX!i4T)Y?YGe}?TIi*H)^wfgdn`_P~~O)XL@4NWld;g~`>P?3>R417WqiDPr+ zKv@7myc>e>fmS@7M)Fec|KO2Qga%Y1ks~>rkM)r`WghyEeQpE09JRk){v`docJ2Mk z`KVgpN2U9vMM z;hx+SE%uI$x~Lw80UKys%qI1Yk4*hS+4K53|0kGCeI1hD+wcE^d2{!L;NJP(!he`7 z+9EXMG54PU>DvJp=iN>(u<{oNdJWzYEg~>r&jB(pM|KkT(R@3Du{|ndhCWdcNFsp* z;gtAWs7Ry?D3lfb3o9s}=;AcC*7b8}$LP9Z>ls|pu+4*UhIfX@$Kc1z4yNS)$U;XQtf%KkHmHgcd#Fkd>+#& ziv$-1PjJ%hrSY9OEIJc-0dHF$ZGkxYhA07Jk31?_Cb>)-SME?)r@de4M$-^JK+bPW<{xr9a)1XEdZWxKI$IAfix#F>Pp+WW(cu_(C z_YtYJ0+y)^z86vYkShF@x-e^lbKZM)`^u|Aum$Tu*Uo!ue?MpqPLnneRWSza1siFv z>n$TAv%r?*o#%E${KJFJuLCHJ4zV=OsVkbjxAv`G=iXxRRj=jG=VtfD<~`?TLZ@9^ za87*h!qodfMd5g7xw{UPk~!(ZQJJVcW?Kl-NeJC|pNvYF zV1kG4ID|GsTl%OHFa)^IU%`-KS%F-~1TejJSr8)86&UcOi0>r!gL+tw zD!leFkfD+`NM=#&V8h4ux~9Co+wi+)Nr1|LDylo`-rD%pr-o~v+Kkqgy~fs_sok--uu z?nl9S{5!m(zrU4Wdt{EB8AwfR!A(qrEF2NvNH8l$P`Ie~th;Znzv?ydxY6h0A8&el zC@3cE#_O>V!=^aUqVb}^Uq0uZEedmHCIy`BED^;G996=@93@Jz_)Wto^$PQ8i4Sy; zr3&mzu^o)fE(}$q}VpYw3>k z?Yf$aQ^)gXZnz5@pjFtSW_iiU*Pt*io*;kTp+m&F2bJ{T2YaJQaRG!>)P(G?D?P}e zh~t#atuuIHK6HQC=*o^|#0Q^>ga2b^wRirlNY;;roW(xWm#<3R;8=(7F`4WyFpOpk zmXTtP7&E`K2o+=(+m)D&kvU5!lgy?ArJ?5sPbe~_GNm4fpeI39mt15v%^mi21lLW4 zIz`wBti;UqY#eh_%$M~jXt?@y>sFwrH#%&yN08Bs%_5QZfY`Y3w!;xB_zF5;s@m&? z(7nh`go&EYuhp*N;)HK65{*{gex7X$KKcf0!^IBkg9S@~(MTt$$wg;Qk*)&z9qCW^ zUlioP#eEXk@&2*|B%#RkAq?B6bP9WaxbGS=`HG!X?Le<(U`o~TH}@_XzVwLwVEb;g zy0f}aLjm+n^y0YG+ZR6^VI!b*4{#=?jI^u`=n$~X8E92gB#{n=P-Lclt{nJ~Dukm5 zX-6Uqjo;V_yd{bzdH!Pn22`<)1E*zl5<`suP^)|5YG;n#++(!Tzv@@@>QPSi=LAn`Ry$J(a8-Q?v?*ygCEr@fxX#B>vyZm91xRiSKejgKHXa+u(fSf7e z+yC$u+2R6XVki%mg=-_Lz4GDXa zDpTeN^`M$ec!%8P1JX)`N$ZNPX-RXr4p)Jl|Gss)x~tUOrL_|jQb1(5~e1P*VU%KgXQ`7;zm5&Pu+4&oK2W}6IT@zHmINx=&bnG36)Mf2j0qT-aDqTf4(Yv2kjIS znk*Z6s}_z$_@K8<7~H)5z4%gi;!^bIbNLsKz5=KvuHIR?b7aCcN1KIBQ=aV0tUy~p z(g`wuqu{U47{dfYNFLX?l%9@AR&F~Iw@!82i##FQk&>Olz= zt866@BHR=h5{~#|fL1;Yj@0gm&KW+c{+8}9wGNrk+YksA=$3~z6gt2hG9#Vov7WH7 z>(%>z&%~{*_MK~6>AkBLc3r1D5C*F;PWfMKy$d+g|NB4Q*3{iUdANRiV_W=|KqqN}V30h;wH^-1@C*lP(wR`0kXilwvsal`B_aB?# zFgVBub}EYn#xt;B%{4_Q_N#d*L#yl3(-)b5Y>SXMDybqN{pL8;4WWZlRy*)8jSx6` z@P#qvYp0FBo`1lt&W51d9~+(8+72>90=^7cwshZ4m6Me^_@bt{{j8p~SsL=3jh?|=BckguGDYp?+0y@f|!g}li z1Jg>tb9HZ`*7Nr+yiOV4^Lp26>$(=Ma03UHZLR#_`}H>gUAK45GlhQYp6EQ$P^77G zFg1;`v#??1qgW9NYVJstny^#Duf5) zy9*E6o`}n=+AQY zef#Te-*D`&Ws|j~2E~|_#nD%N-u>yN>8wlVq+osm?L;?tF#H;?6^Jn_TU9mA|xxysrHlQw(N-5^My{-&JE~Tp+E_b|ZJbPAaRF zN|Gu_bF?bf(RI*mTjK?{MK8T#?ps^>pt6N|X7SfEpwgT$Y*OX0xz)B@?{54yRrPFA z64_2Hul5_ujRcl^d`!swNd1mDFf?1EtYFoTe}>EZm9!GmZpui=O;@n*y5fn+w!U+bM?cPwci7yue|m(sM)Cj8I}^|O57b$UNA<~6&YQq;8Bdgl#Tl*T6+>Z?wZqKX+ znhb)~C~zmznsY+!+!06U*pq?L^Fsz#Hi4b}RVzj2@)rY#9VV5pE__+Mu}9Ik>~ZN# zREZSD->y(bx%^^0xT<`LR~nM|I@O-H4aWMFbPB9+oCw8&|G-2s6ghxVQMO8(R+2Tv zvlWyTJnp-MHjcRP4zx4i+^3u8hx5HBvs=E z4HSgTi~(47WH6_Z-r-+3S5k%fDe?A=#lv7B1|)@EDy)&*%cU86!8zY6n7aM%n7SB znf^Osy|PJTK3IG3z@Y=Qz^E4LcHBnpRayY5F1=KOn=PCwMy1tCaqN9NH28LZJZ%K* zdsxA%ln&`n_ph%@69M!cT<9oh;XD zVf7|%7v-R_yBYhlVFl82(s5qAUL($D4%0fckrkiI$<5cnPhHi~2mhd!f+k7sJXpB3 zBZ(LEfE5cG)e5Zi;p#FZ3bA4L?%nFE8fuFk9c-9voBn%fb$3IStgHpaUuZ0`7L~4x zs6>|jd1>W&d%0OLc5aM2`szd=u$Y)5vKXweAZeIp z%mh4|?IxFBt>l>*a%@UcBzlvs(T%PestmCr%Qcz z^cwDT4Y$?J{5&6UI(W`K^VrwpZ}giP@e&KgC%{u3<<3y-+`tl^f0iSgt4F|(gd+Tx~O&cC|e zT=sT=sOx@pt7^ROQ6+1;N@+MU-3>(x-C$(fuiT7<@}>RQhrp78O+V0eHc_n6_UkC` zNL99Z*z=!RfRUBzegn0$Xv=*5v2JRxoe63_XM#eRA>odmJ*M8R;wn1ui3 zyFxwG4MGeq3n9U4<(Uibm!#U8#h=JT|GH-;uA%%ijKcL(o1GYRZ9+;lHu^*xn&GU%8kZhM64D7Ka?SW5Vl z!wx|q1Nfszju=$~r%L_%!{mn8G&3E;}#^3V>>z-^r z?e=rX%j@9PRQh*g7qMa?0EuLzAp_~i0UIz1e$wCej?6!??l}X)?cGs z4!oMqid-TNuNp3V;@<;Tco*(fT?YhD^0QY~+6gJXN2=1d+DJeUj<6m`TD3I=tgGon zDl2Fzn1jnAWW$|CN{cz1*o$E6804wk-8o=E!SJHaP7t>OdH36WM7SOQ4SgOShYot= zd3&ncU2&8=DpH*B8kH)R`bK1#BWYuJ;C>+e`*AX`hZf@#d;8R;oU6Y44T#SY_SPUt z5;8Wb9wys7@zpWisdu>~{i?B?c;DuYWg=l=x7@Ra<3d1pZ?^OFaAfp}A4|NCfmP{G z#gOFw!rbK7!azyk-*{(~euB8EK+0HX=K8CA=IXWKHL%=~zlUjg*H5@0 z1)GTeCqdDxs?{c>Y4jLg5Wk1b<>niLc&AEHArz>plYx*I#XrPq>*eoDhjk8kPi8!5 zb_}{Rv*TknbKGsc>wU(yJ{h+v!c5jNKmT{$;tAvaY8G~A0xmufPLKxI)rx_Bw>@}N z6jVL4t1VJwDE-RR8}F{tK-$gCDKO}4&vLK=S21E12a{jz*ta}#OVMO`>UYBxuYJs% z^qf+IfHxZv5T~=XFqkM1pTh9P_-Dvg#*hKjoJw8@o=md0gL{nJq|OxqDfxul%|_nD zgWxd;q#tQ7;oL(U#bgoCc{+YEA?vG)8p*3)*6QlUH39-eR!e$jP|o1I;6_}nIm2v& zQBH_wX!ZvFVSXAb|HdzEb1k4UW@S&sU$-r;&YG|(#oHTF;73vRX0#*yocQMt8Rvzu zhgDID#gxP8!Y^LF^zt~^dV2Y3^knnwE$`;j^IbpIc;`4Y>yJo%96B_Je8wyr?6qCJ zDsKSb;%5nv)<8bekDdS4@n7S725C8(dN-X+5i3xoXaKxW3%;&jVotbHXCHXyp#tM* z8l7v#qj!t4I2)dbo$^N(`a)T_x~o^sZ(YiidH(+S#QAL^KzJx>*?#@&Ec*$&)Ide~ z(!0&$@ z&Pms^@1+s=GpuThF7^tpL#xKL>pZZGq>&Zz;7B+h$9v4N!5o)-O4jlq8Pj_f{vKMM zUi}x5zpZ<_xaO<|k`A2qcmslvnn^#e;BI(PpfC}Dqnq%FtWH#llINbqNKPj>57dF? z;uOepY30^Z;vAhFd>F$(0*<6TcY>WXbD}zrm+fNd*^RyIn#+>ubE_I|4F9~A=dlH# zy3^zD-hNS*pj6^i)nVWPieb6+6aEv;e6C$GCF!eHa&D+rPAZzLt}3ptj1R~BYPbTF z1;*Y`)Y!OPkHveaP*^dy+Dc#^`fc7eUWtf`iiv5cCY0>UP6;HEP~=Z|T2GH}wPo6+ z3*o!;wRM0;@OMQcsblymj zflRE zP-NtJU?YGKjI@a-|JVtadNNH{w!pqnlR+VmGs z;BP?4-+a|*R41!C@ppZj&xZpgqK~uVVB58Eb?(EKpMy&2c&Q>$CFTi2F4`nKfnU0Hk5cf~6X1ih*q zl_pV6-fo1Jo|&XdEL-%Xr*}S8wm~AbzM}j?#jp&$uWfT zYkB{%52$N3|Jdi`Nxw$si4);I{{!9Nw0M?xkiFGIcLFs3Il| zJ72D9cUP_cLQ(f&9k~?Cdo5qz*L?w+!t0+}fcVW&Q$x_8rt_V@peQr*Vb1FbP-vv3iy6DB8D4NOor*4ydi$4V#5;1$u%oOg6OuadN z+g;V}%{4#j+2VJ&b0y%+!MDWPG$eeeUnx$t>BFj42mez6N?` z+avQRDuJo)yocb223f8u1j`TMAIF~>IZld8DpuZ{+KFC9WLemo+bd0&m8K{wXbBum zsfv~P+{r};4r7zi#X?U826Dc9S^MD;5Zo3%*>ZX)YJ6=qKtn?}P`D^59s=}%Za^AU zA-oI!K!{y#z)Vl=*epBh`0qEP>(ircf`$E+*`h0;y>ilyszz346{0I^L1yQN(;KR- zc!um2-WP$CEO@$PNpniqSggz%Q#7~(r4Gswv}O0a(w>X$7jR|qVEcZ++we}cM?cmI zKybTy)+#F{5y^2w`Ph)vAtgBv@pa8|=~fQoAPTO3elxkY)^U1$c%uZ^MN)YV`3t=k$!LnC_9!juy@(_sCRtKNQ) zWsUue8O3<+$&sTUSrnwIKhx%*;VKx;#Xo}WsIm2+0BbXJ;hIGcs>Z( z1e8vgq4pz=J*Y7pAPzV{%Uufmnt4t+)6u`Oh##USN68x-8270!Prm09SJUwr@ zo)@jr5UhD;<{CR^CJIzdPDCsa)gax~ds3K2`er@`!pD~byt_aRNqT^wU`d-Q1-r=h z8~g?em5Y5OEXp#Bu}7}tEYhw$1L!Yi{Zn%Ab%C;PK67>f{4r+!^WTeQg-$@LV8b)J$B8vy;0sZ5m53au0#(4rjW`OnPPrj?(Yr(k1v&i03rf?6#v8=Q<$ImNh!^pfDXr@KK9ND@l=(+hp{6z;TnDvEDv z>G5o-51o7n)?wp*z56g91jvX7&9#OmZ92O@9PkwaH^)eFS+9lvvDuh_OA@&m$i3@~ z!Cc%<1LXYgn{6=*B&I4c zi`c8I-*CD&{T#czQ$+gVrK*M_t1y=$>Bo>y{`Y*B}CP68Ys4QtcQ(|+0{z_3;AV$vvQ7p zdn12OIWSj$nJ|}|OqdJv2_}2w-#V#TP}t~t-#>1IoD*KQzOMrrP@d4RJqONl$@6tW z^+PxKb%>i;f&KGse}Th2sA6=9i`?7dG@7o0j=WdS%h{5l!MBUc2C_c~@7F|xuYI4I zn9W#RT+=M6Svzun&H1jB+S%S}QyNtRtq$wD7%@ma4|k&{YAJM8TQP1Xzishv2j=px50gx} zcd0UGsRFM_P9ec7tKI)N&3RUbguRWuCJ@>bWTs+e9O+vkNGv!SRl-~yhl5Ck>&c5H zYz&A}4%=Jx;{F3-^!U=s>Nb%rL0*mb>O;c)j>XxJ3JYBr4`2NfVi&?tx^3G5y`4YB z>X4a}OhKCyGa>UYGEV@=oGL_ym(^Yu z+XS3Q5h#ugul}xLF3&YhZZ0bL*FYk0pc4)x_)G*m@BdiH&YmKU|B!A6LDiSzIKmPH zi<0!ic9y%!r8$h+F5lSJ;x?VI*vOwx>oiUWYYjE)x78Ex)f2-`G#co7tDdE9-zg`W z@Q743HlX+Tac?{ai!?4!+V0ok$5vtu0`*dAM0-?bOR9YF~q<#TEb*l|9Q|3rDkm3xAds2j?;3zK`(QH{}=tS5hZRjP!yg z#>|K}#V~`FEMrd+FTouq^|IXTs%x)0_wqvw&-@P6Q+WBRYpD6;=e+r$r7zk;vGaM$ z08LhDzIdr;w`Cxma|7HbEGP;6P5z%sR~%Hj8S*qBbQZNwZe@0IeZfR=WnOW8iEpr_ z%|lU~AYWE%o@$RmtAaL0GS5*VsFaAN{^w+E01CiFU2_c9DC z9`QN77mUY$QG-wYpoUGq&uB8p`Z+{vjlI`a)BoZXgI?eDQaXy{qgQy$MQ}FQS(6RN zb5ioE3FsPYdkqE9%5gK?;b(25&nEN;Bcax4v~w@El4e!pMDct1Qdjp``>4qs=KSEj zgyFr*a|yEEar2+1gY(y?m$QaVw(V7vzt;0Y&#vkKX(J2gGJr?$?dVrPrK`+EsEk^5 zT?ynSW1~S`+A>09Ndm3(eDST@FlfN6_5iX-5^wv*p~%3YdfNWM46Vc3C0TBlRl)jW z>RyH-Kb(J#RqZZU1P+c_fHZ8i5DDb8@MkZbZC6e`n#Ki0tqOLt@G{4pw{OJT$*_PW zB5ezvpNWm|uQ;SOAq6tO(rE0&ZfWAAe%UvGpbHS6VpIRCwKQ>1CMAVZK&$7fI zyPDHr5?jv$)bvl(>nsppg)tl???>PuH!u~r+CJ4#)wUWGYxo+>@n6K|;Yg04 zlQ0K>4e}{k0cV>IB;bzlVIyZ4CN;_NNHhf87UiH3mAEoA^c_PFSnEbXmqEBs%C*jx zXoEW+n;K8eyRE-_|LOS@AQ#^~(0b&2gG908iJR&p@Hi(}x)>mguZ1Wew(%|^R6);z z1hA=H%Uc(HfIl)fPL|aoi+k=}D3Hj(uR8ZfV}Z%E60BIjZ~S z#S6U>i1Qn)YGrYaHHiX+i9SPisWxM8Dofe`a#dqM;7DnmO4mke*#DYH*T_X~cg`Mq zTIBlAs;{!kHX5q|25wb%DqqeoXYR1}|LdG8VCXR(pvHYdIde!ZIV3UUC$BfB<4LL# zYhy<%kUP#(u(r3ypUX{DP@ORILM(Hb7J!Vp5OR{&(e8BwzJ1Ib=7KCYr4`hZvvYEq z9@I?Dd7NefvK0V_^GyxGTH2b`n7Zenb}XzRnA3@Co5GLq{jtHTUl3tRglfFCUjNB{973B1)GKO%;T3TlUbq~jQl zgnm+3gMlCb5O>>N;%2Ru8s+mYgB=O23_e`?wr#dDq6A8e??~^-Z87QowE?EGv@x;*Hp5NF}M}- zulHbWuLAFZ@(syW`t435;XNoQ6k<-Zh9eC&s1wBAAz3=|Zy(x>9}cRYsnWAa*6qtW z=Dw_JP}Mc)(G)uAw!ZW{CfHsf6;ott`3Ony7rW?8t3^4F!N!2V5oDks5OGr?MGdHD zNnt1|&1!&#=GLNY3SMs&+i$fiedy9Xk>dFYi`BL6&V=E%h40sH3aXQiSNXag2qh54yfvJ7w#37*Cj)limyf5efvID!)>&BrmeG?Jz^ zHSXz2vyrwp6_<$fXRI(x0FVBZf_E0=r{%SOq8>1s&xsRpcZ2G>W!uh7R&EREll^)uS)ZbTDJT(Ss3Kwz zCQx|)pI4UUfW=d*5-!Z~Y*zTp6$g{`s^QhOEzGrXS?}2CBdf})j+lP3KCVD{8yWt` zv1ADfTEK3bz^DcV)Smd|)YW!;>Irf`heV=1JmN$xH&iI`@h>;C(jM*n_PuA~N1aAP zkmk^X){sh*d!Z$bt$U(R__XF|06sR47NCxEl(H*Pu7_`fvJz_<*Cs$Squ-ru1Bjy( zwTU!v(Nd`=%^rS@tbz%YbfWlXSW20Zw@c(4yphAK_iBw=nBh9KtxqH?wni>Y@ITKg zUKdwvYfpav*vs$O)zUs+2&|?64_ID15mq%ADX{t0p84y-uOtP0?!^g=2_|$;C}d z30enLqa}Uwbx9a6D!k?HJ`_9paD8^NZ2@>(W7zV$jDZ1CWnCiZRNNqgTimARPt{m< zbpP+RBj8uS_W_AyMvMz^Dd__as|#T8Z2UBH0qlEEz0z)rTbn9@I{*J$?-&@{xc@7u z*?x|52pq()_bsnI7szo#2bMWe)iQ~;n;uEj>2H1MQ8n}ZyYpn%H zpKCFMmLv%-d;A7JoJK<1e|Pjo3O~yP8SG>S(AOf7q(ryBsX(wwa}FM)0e&xUo;mw- zxh-aSXwbt(#JyifUfjk>1WAFaqXFUcRD%v$QpP)t5>Ek5MnN9a0JYgus*epyNWsx$ zQE=wr=a#nhH{L)6xpP$8Ym+(jp^Q4X;><9E^U?fp2+u;qN|=k!y{zEg@BXbFgqQ(5 zIllTD9G4nTkh)yDtHPRaWM^-;Z@-dzl;YdJOgG-I3l@hq8ZJuXC+ zFa`wlx5eqDeo<)LE~KOncqb96(H%QkpFyhvH2dgTtc?h|tWOp$J`oI_VOw^noeyti zKFu-_UHko(yTv4O;rH?3*yTslrY9x{Gsi{=d)JwBe>WFYLirzl#pbh0l+(2wD=TT? z6)E>xUMWt_uM1b{?)z!1rTg>5k0El`V#_FtRKP-_&mImtBy$)8wRX*LRrgnip`y;A z&$te=KNhaqby9|x!HOlDAuT?IGU>Qkl zzpt13f(Q}DvRbFK4jpQ_|KP#>-U8oL7uUz<09wMKiG?~fpml^%aOlSXpS~Vq$=a{< z#=5@4kL%PPQj?{SB&vMV%u+@7sEj4Y5#8$bpIHDMBRY;~>zmlFA0Q;`G8lCFXi-It zjtO(I=Sg3%Cv)CGAPM*~pz03cbXS9#Z?U?Dh0sQvsXz864!GvAudf*fKIVwM1rBgs zU0v;6kO8a;#e6AE^>9|q`e%prNpHpVaW1&B_1WP{{vKtBb)s0YHiF^+r<>3lHqd)` zXL+@VXP`!$6OJV&0>D))aa}~LB$EP5hL-pW-BKUCd^z-}Sw&<0blAb{qmc#Szhgi= zs-C9mQ$h5x?un{@n74UQF)n)Q$Ez)EtBc)N+V(a_ zPmX=Q?D(SLtL*#ANCHgK98;&xk-x!04&XqS++v9r$2;5u|BT;d^oX%#tA-IO$FRI( zj7yj*)M4XR?zUe{z5W`>+d$6VlM_YvkNjMB`c=4br$%09z%7ki?lM`%GL^j*iC8#m z19q2@qnxQ6ZiaOdz88?bSYA0eKg(5N-A%RT-sN7kg>1DKHzSFg&0z#~e8jq-Kqh%P z(_sinX-n)Q)>UXB5=xU|TO>1D<^o&bSz32KHZLwMPqt1EH3fS|&wgK=9(_+k*ST1i z9fTL8I_?LJ?rXdkFEDU8MM-bO5e4r0{(o(VK9aREdNY507>sz$0Ebv#c=P$0Ls}vN z7C>=8`S(bo>6~hhcpX2w6kVA8IW-k%EQi%3h+_AWzadm%esD}`V!g1QRCmqo=f}qf zXK$W(UJ_PmBm33O{cDw%=Yf{$>Zp^y-@l*I2*~SN)DLvr_ej``fKj`Jgt9H@4@);7 zQg`^VE&!xu`Hd^V;*;}5C6`#QRbH{LS1Xg?#ha31g&Z?{TrxJ60xz7 zIg#c95rLgWl8W(<*ymyJCU}7gP@C6&?{XvO&#r-}8r=qvuVAA1r>| zCYzZVukLDU2gjHT<)8qb(bX*impP77`w1^zyl8HQF_Lr95TE@h^NF}#NlCl7`lq`-*p|6%RQ7%-eQoJ|qk-4K2XWzJ&!6+yT_2xM@m3a%lG0|6e|h@A zxmFlS$xxT`PYUF=##0d%7T-H&}^^@jUW*-xn>q$w;myE8GIt^KOciG+B zll84DkRn2V%oWYPfSk+HagpP)26>NJO7H|}d&_L&P~wR1NPn@FeTpa`$UbvUICCYH z|FPC#zQvR?JRx1jkAIj*BKh}FNPo%0%S~@k&a)dA-S2qDj8+<~t*q^yY+n8P{yR+s z>UvOJ9gO_>sI#ioUc68sMHO46Xww^XbakhvP@Ek`C)KZ|p^qR;R+c(VzG}&>sbU-5DN$-&eh&@7gv2hdS~JGBo~W@nTJI`U$yO9 znR~W*c;(c(Nkjfh)a1bGvoH7VRL-retbAJG#n7ExT@Sk9l7w;6u~?R)$X+@}Cn-c8 zTsflGSfrTaNq9S>@X&hmwQ5EU^hmZiu@Xd^H!rqT4bmn~X?cG0eDEOZWO(>Vzl()- zY3hg1qLJ8L zo8(d7;tF*VjAySdhM7@AsHm}M**QkpGw}8U;FCXg?3kAqw8p}olQ^Sn`WO}WVD*E^ z`urPa?8;cf@cOU6`9i>MK!cH?5NutwoqR!oLgs|_C3FF%#_j^5?zJS;Sp+zlowFoCm6a4^{rpB)*o%Cn zAG0^#wk*H;ImnDy?)t147dx}+u%&hVM|ahhrYqM=uDNwzy>{(de!#0bnvkQbkE>W1MW@Yx zsXZsYMs1f`H7oz;$F*;tU#-oy<;P90G8Om49B|7Z;o^5ik>M1Fc$O(Is6fS*VwkR@ z%u@wfOfgamtu6cvySGLSmVQAGnk2)fDR0|07}Oy8*3*d~HCPf6=~Es)JJl25o>kRS zGxh!b6!m6{Vb+tziWW2hov!R!QDK`wx}{o+)+0mB{Y~Mq&$W8sVweeK)`fp82p;f< zWCE!_4G9v(UiE%;B+A*@wg1TPJz=BI!W!;sV#2wWU(tcc=`<;bGfXL zb7V71lzfjYo?My{`kcX4pjhHIcB}#OZ8lQJOkj&RYM9sphb3MZ@ds}w&elaPLln1L zm24!)JR;7EH&Ih!RVCA|_e-vuDZ95~=UGCaIGx^_OnRl3}IL%n)@ln0%*COScL0G=8Qb`@Rb3Hn?V(3qk#%*!@bZ6TsVC zpwDptvF7CDWTk>Ic|Eb0OcqWOj%ztRU*xcFebg#nu+1<(X`*?Hir(~CKDHe50hnty z_*PLo3D$mDOHc+~)dLThw7AuPDf}|b#ZePgp{`~_aVm3Bvp(&2y)$oa)MST3b`8jELhPk8`DMIJ9g5)v9mg}Kz`>kB z!LJEW{?61LMna%eJKK(|F)<=SwrXs(hrhD+?$5GC7}?QdP*1TF*kxfcKh`M2#90#J z2h*g<$haOn5f~_SCh`mKr9p6W^!N{xmayqMcki)W6Ya|`(y`85n0XW{Cjj~x>? zC6S(L3zA$;2FZEI^fy>8l|S#s>$fg%+aYyf<- z{g@fnT@fo8`$KY0a-=yFIe$V!A*JTL9uIFSl8o*DkvTYfxdx=nxUMHcyGK1e4&IMA z`TObj#%=CdL7qQ6Jr5qXS1s39ZBlE(SYWO`M}xI_AZLX`#};6oYt`7u0>-dbU(t14GYW_p{?$;p$mZ}M&qude)kP4Q>!`kTqNmAP*Z-&AOR zO>TS=5&f{xHNNiLIh?C2h_7&ro;e8Y8`-*)dcbX1r=38_6Sp&(8H%9~MnpNZh4X3F z2%_tVCj8B-ZB;Ez{bQa7#yq{6YH9>^^c;Crq-vATKxJlEUi9auvmhjfkH7P%YIzWGvQf9s-?|LtUt{fc1D9Ka z^cPgv={vSIv91e{V~OuJ{)2$-ELaD?bF!Y z>($i!>;3md0}yGNVuDWi#D)9tKd~c6MVy_395Y?jqmsyI2<&k@;xde}#Yff;RxBv0 zi#QOJeupUo2g(xbc*lDegxy>-Dx8xFZw!_WmZn|4UA4S$@aMjXwO=1T2d^zJH<%19 zFLrU4uNYj<$n0`@F>qBo@SqZ24#ANxa6s#^&@3HC!~G1C&;z0B4DB2lq9rjs7n>8| zETRqBdL!^DdC_!;(&R68itI-bm_pbii`ES5oEJReBcX)`0&D-D7@o2&JPd(@Gbcog)x z6g6H)H%wEw{R}ux4%}=^b#Exu#UCT>=L8EfXPGu zXHqGIJ)pwh&chp#`m+=$@?a?B5=pc!aYhI>VNLc;tOt;PZQ|hD*odGz52F0|m3_vO zAMY=`o6V?87O@d|^2swv-_c3`91u20EVe8wXCX=c7d8OIt*VsTsv|t0OzO9uNb#EU9NNv|2(l0vOG2q%Cfm<(Zj1}Ci|MMsb(Z2-r{#_4jF6_FrY3y8&(oG9p6JP|ETo?7oX=eS7nQC|GE$AejE~vwE-0BViHC;KbAy?7ASjhyW2w` zTXBJ0yYdR8{1J>$86nVp{Nvi{K!eHNrKM-f-s>yh+5le_3;3$z8I_BRi%%BW>_T5x z>xy3U%f(bmH3T;UD^6wcc~V>@PRoc(dm@9@exMyb!a@{a-q`E2O^ml*skQ^=y8D03 z)d$9??r3TO&niz-FO)h9u z9xgN2$2SKzuhEVd5a2i*J(Fu;Z6`}1nXn?#8%hG-!JDrwPV{_2W=b#(J zqZ05)P1EEvNGbW1D~9)~J6UHXRlgR#~X*R_^QyF)bIOK#%xRpjf~zI%Efh z>PY=5qvC-LphOY2T?c1lcyj%VxF90{F7O3+w z;Mv<>&)%U-GNkl-gZ(n3xb}ohJ(%OwhFc-UHF7Ui=Z6FmjY6RSEn`Q7h{jtf|Cnnt zAXZ3>P*CA@f-g>~R-5VAK_m`f3kpzZTyIh#va@0$=u~&7toG2-8;|wTNyU}L7L!Ab zwa%mpDRVHS1IbX6;*|og(yy^&Fd&hpJaK>&zg}^G7+GMQZJZC*`3n8q6ZLBV3|cI7 z0~ycRA9+n}!KZA5{#0ZBy~PrnKsg`|f-jC$B%A>7cPt;tK>NW)Ea-a9+^fCCGALxN zDj6^ir(=sg9?<@#m9OE|So7;^K%Pgi=Yx~sV^g8gi@C|uLX{lH3>URq9Ar|V<3J{< zAII8jj<<&=pp|Umk^T}A8Dv&Pp(YpQp>_TEPldrx^U)5>#l?r(ZTp&I=R369OqPGo zar1vxt*_~gm(+iy{fM~bD=nOMxD4PQDnNyZX!bo)ikW^#2XLx#^fR0imy0`ou@}I2 zBxffaScy1DHk0Su{#vT@7&Xol(df*&H&UWXZQ^~x-w@?%a zfR2ASV8agm0o-PU*#9<`t9l(Lsp5vv$H2hkJ;)2Lz@8_Lf% zt4>IF!Hw`3bSMvydovw7JLrIv*ERF!mtd^$xWKe>>>I)if`9vug)#-)yp4O+Kl#bA zmf~#DONJxmv6n;Of^a_}A+9!oj1WnX60ByV0Qwk^T(*2)KyixY#DNOHEcGbLNP@_k zu!=}KJAx((4`9te47_$J)mD1(yvSa@A+PjT?gV3 zVAgk9kr})G3M{mK|1OO#uc*-!CeTP=a-uyQLEoR9vvu15P6_b=I0I$^0QzHVe@k)p zdeIQ{%TwQ{V`9Ui9SGC-cJ(PE9YdMe_7dsr8ljm_b!3 z1e8A_aY9bFL#feoFhb(Xj%@y4BD{IGw2tA|PmsMflLmiv%qd z8d!BQ1DqgcLIORZq+r>Pngjd#UZBnN3>2LpW!o8U12A1G)V2l;t8M~bC0=uW!od== z7t|nN0qiqZ4Z}1naHto8Ka;3u?;9|+R00#2By)550^f3r0YcNZw=uV3SKr@aF8)0T z9IVB_yDfq~wx{mYejyQ&i}WP6qlm8VQT&II#(3lfBxjUN2n2tj%Zw3jA9Eu4yQueJ<+Wu>k{b#inEs? z)uU7dCNttjvKiENEr`*1o|dx!YXk~6waaY1Jb~V=3Ud?|1B`0ArZ!`fz;T`VgmZkvAcw4~%y zrMq@>^z;+}fnJS!+G^#JQPc_~!WFFwO9ZhT5@|0_hYtV%1>u>FH0oSx2hXt-3W
zdBxELZ^gLP!MsW4%4*+khoAfU&n(nN)$lhFk{aE*gQP2YlnvJC zT`2v7He|CU@)>)u*3Rc8kJPqjw+9g;fnzO!sCb4!9=ViCJCg(FTlC0+f-Z4}<)?hy z^qV9v=kGrV!&uf0z;-w7J6;D5`~%zHk)W)rM9^~Pq4_!>Y1tT3Q#9Koln;LNCD51;zm__E_>aNwOUY{GKgOCY2r_fr1%+oZaW$QuhyqA>ap30AK1T z%%e%)-GoB-rgyVsK|L*J2fBW8c5+&*BJgor0z{+ zb-e^tR#sc<`cUPq0Qaw>6rpmdUF7UIa6a(AwnCP7sG(A6Wl$lZU(0W-@?+QD0@7(} zQFgsGc7FbHklKy^L_a~~25t{X`HB!xFyLZB{C{-)3pA9A_dkwjLNlnwxJxy|%ouVz z(?z;4#%%^Mgv#~IX>>{|Nh*a=&q$(X1|doqMI|Cs$Z0xhhB`_Lsk}u=xs+=Nzdbtd z&*%GD>;HdhwN}eoYV2q4{o1d+_iJx&JKe&`0!!P`t~fW8`K2{!zInIJys2(ts-g4! zy{T)KW&!sst_55_d_CDq?xeo{W(>yJ4t_>~>f=INjv-+U5Fw}gagL7Cb?6+t%szgcvw9a=U=%k!>8y&Oq1`_>OO0IJ#4*6kCxi;(xm+v@W7Ih4 zShcZre_hn!fdk-6v9se+|9ewd1xznU%9ei z&^mf_QY$D{R$cv&xzo`8&iKDFwY$V)PBFHK4DtBQ zgoi6io!70qEEr20c@Q1lHxzq+xV6eWC}?Bn z$Kv$x{bU2oDR~5|nu}Fnrj;q*rtEHdv45-7v10blo6o~Pm}4EaV?!~=M#rF(n*7*h zeq^Q1(YK~s@APVZ`lRJoT$$nJWh=VCUqFCsm3&8ZE&(V;nWYx#*n_1~vdKC;S1v3O zZ7wsdah3TpvW5Dw=OzYd)&Dmu-H-bC;ma3sv(RCcx97j+kq7exVjVT3=){c>HLvXH}`Sw=h&&e+k!H)_7)_HSgF`b zp3#NpYG5ZfMcJIj>gqEsJ)@L){uU(z5>N!s0FVGp;MmRwBh!vY7Gl-p(jYB0Ybi3@ zV6a@4mDsMJE}_iHut;dJuasWMkT*3!1s7MpFuPw8czNzW18K2u@Be)NwNYz>Li?2t z5;yJ&vOtyZ*k+4ftiz~8PD$OuVIV8XxL;G3xj?RhPY?0V+`mKMbK~&`t4~^eQ=<>3 zKx2I9ZFKnb`|_M2>zSsK^RvgNzaLn-?s6zU?^Q@smG6L9lTyL=CHWBv{j1nn07i5S zpTHbcivAPgHP?9l89{eSIfYujGBZ5f5h%tfB#eA?=1uXh0gPdp&Q{vvf^!bAtDBdA z!>_TASKbI6Vn=MHJla6{I8o2DO+8-uNeax+B#2e0N;>o<*eQ;o4x=72>WtJHdIMBs zR5IH`li9>3T(4|pI|;v&_$RAP6PlZ1Ij{?9jXYg=`M*+*yZ{G1G`iSMiq z=1W_Lto>uZ-8u38bzZx_f9Sd_T7yXCcLF~ZFDHH-(vcDvzp;AuToa6y0&fGKS4EN;~(BM50^QtPNT}q+hQND z1jh-HOURa716OjW25hH~D%1#6j zX%@`s;hJ-?WU}ZocrVaa*b)3=5ICk2$zigzc;aS=7_3Pp{ zy*`?^9#lp_XY@$m#<4F}l*=!DuU)!Jd*M|i?@9Kci8SklEBe$T$(yO3+K!G&@I7e8 zFz}*SRInxFN;26&O?O~T&Zge++CMvI!+IMJfYRa1nb^(SV}B&|2Ip^qap`qhA-oF% zzL{tT4>XA&2Qd;c#ob4~QH7gRRC}(#4~Q+?*F%#$;O``i3hu2aQs|+i>?GkUN^Q|k zcy%y9*4)sL`6_J$fMBbcN%76y2EPmxVYE=pg%4?%3tCZ91P*!sEndgYvM4|ns*=^? zmC7~8lS8#4;T?$KW2DxC+o_i=&P7PqQ7AzU+e%y}j5pk%;7>czXvR#Pt4P6gLbSVmNmsl4_>hG$~)(;lV|cyjJ<8HJ`nih+rUU{P0i6= z1&f>ZR3+q|SeE2yM59N zx4{bqJt#N{vpMDVzlMql$8&~ywxgptw{rB9!$Wx&Tg12jlh(M+z4&H!;O6MrW?uQ; zy)KQ7>dC209S`{;-U_)swJDwjB}rqQ0$L3njY7`w_R;Gsl96a!Bq4$qt@;T*uB+Qs z{p0wJLJZ?{sPK|RyNtO`>Xv$mVbf>0Rq&ld2lK48@&WS{Enpi{FP0Iw8Xey5TflrefkvBow~$o6AI8{hjx!--igU*wYFOMB=bqgCuMu;i+3&T4|^Fy_7gs^5TyNJmJPE9{1)1Bs~-xUK=nP?n%a%6>d-Q3-o zZ&pnWj{X$gXS-fdl$4DHh*tx$M0E?i@SWK9)jC_2@cS?6L0^3#@wlOrf1C5CDd}ze z6X*4>=R?}HZU5Z7m0bsY;7InKV~_I$&cAHY$A@*qdL;wo+;dg38f>px_-GqP@cKyo z&@pKdj1j}d^gjW74juJJ_0Z2>v*Hc&xbU{aq*)ZR$o|zvF|T$z)wpp2REO18|c3J@tNjbdln{Mq*EHPXeDwS(aQ^u@gx0=mt2`L2Ka@l`}Rqg%o*$=#O zt=0<{(oJZ*Ht!e?;W0Cu6kDgLCRAzJX?n%=7oZ8q#TH?yHy5gZy`5!? z%G9h>$_V(af=2`mtFSVsaDPDNRmm-=aCykx@RP$M-Qraxft&A@h3`82@ohmx`Cb@{ z-DaX&l&b0gUw4E9v*O)s8uvML%tkTTdZiAe)DN>zyh0wm8haHci)@t)q%kQv{O^Dk zDEig-8IFmLvm(=>p1*~9QbhC+=95r4caK7C}+Ci?ygT|-UH^o!3P=TR68ys^j;t@>Li_zw+d>`bEl zDCTeGUy`u-0V$6N;o6Xo5|sUCS~Bp+%rJUuLQZKvpTw4cSq-t3uVTY8bOSc}AqCu7%S0uuT$+GCwK?BCR`_ zSeBeb?w0yAY;PtQNY;4@eiONn3Hg$v;9QBW4pi`(^)g;;$5$s{~-k*lOlN6D;J z?Ooa0_)*Oz_QXI%U103o%+mMw!avgGn0Vv0?O2pE?pz^q&cf1iHQ*PX7AGY_`u6SH z1IZB*vX!3mXOH`yzbPn$eQjNoGt-m~GcxUvw~r6KKjqV|$&<&X`5Hq{^{NHF-!0>k zML`%|Y$iE6OmB0h6%h-)?9rl=!o0W(MjZpah9@EqS`Gc29Sxd|=yQ)d>v8AG z;$WOA@7u{5e3>QNlWL@6N+9OC-1cM?m^4P7F-knCX1IO3Xy4^KgEszkb73>%k9uu7 zj}5dCu2Om-6(6qf{S9G8Hhq?LM$eY!pp5mQJWx?mpP za7wBj9B@nEqP<9%XhcC(!3EwY5b}P?&XUgz)J`vb z6TC+O^E>YxU&#Q{Dju9jW)_xs5UTNjd9!%Un}z=33gyk7YbRpLj>dcp{XY8@i2Rq2 zTg^+deM5d<=8S8=fyZ;XU>C!9=M1i^Z4_#ljz;9=z4E*o!1d&^lF4Tcx37P=Vd

wNY_*F{d|EY%(9RO}Cn!--Yl~A=v zY^4%*3VA_yYEzHIO@T1YC=$b_%86sp`3h(>TTwi#blQEFQ+&N{If)17PK0<61qxA7HP!WH}oYWwFrU1 z&A1@grG4_}+=wh64QCCl*mShbxKT`Z#jcWp2Sb`R*_8zO$ZJ- z9ymH9ca83g$ac5M6T!J-^##1Tnq%WrSz0kizI)wXuqTDKdy%co#Y6eF)B+2m%ySV6 zutSzh&ZB!?&_;#4;G&kLI%Iz6${$b8T3R>N^}f|+^N-o_l#aSvHc=PGDjg27+3bUC zw(Z$6gEK6OFcpJFqX_VVFB55Q5H~vRvWs-t<&ItpV3*NMShQu_?c7z1q^Dyk;5Fqe zHSxh78G6`M8~*8O!=%gJ8~>Ase%mdFVlF5MYP0>UCB9-o|BS|xu~WR#{O9JQ%4%rr zRV_#5EO8R=H?fzPz~3RC;PBR%}iD z<0Rk(4e@$8u?5?h{Tiydhf3A>4oMh$m0W?4<>5gf$|us#=Cwptrwvbj@tppWmJ(YV zHTcNpa`n-1`DFe&QraCC*t7s@0Rpput8*m2f`wUzVC_RN*iuh*3gWZM$U{qWhyO{( z={?gAPyIQuVpCmouXL#;tY39MJW{oyGpZ$~#*JCNdyUq7MdSfvsYrqbf@Pd+)`)_f zs${;b-LNc{GY)A7&pfTS2Fk`V@d7}3=kQju;@h9n8V}_7{(^V^rxvn>Tl6fCDc(VP z9afPCN()?zxaVrd?4;5ypS2>P;RenWs#Fejs~s;rrC%*GyFW9DyqvnY-O-W%B2|uh znHx&7W2T21%!qPiAy#Z0?ZdiGJ}OaG!%I*KE!Us>NP9sRTy zG=G-boS1mGx5VGq&o=~zM=Qxg>mGy-Ei8}hMj-!8bm-&pPG=LCZK5&)!Sha6eQ_*E zMdri~pKq$0oQ1_08@Ey%EvT;_4}DN?s*Ub_aip_z@_T)4R@I8R@F8G(UJq?DT3MA?`7H1D^U!t6cnZsz z3@0N`)irV0K=cf-5y}wQjzef$O`djG5+5o&MLrI53ZZ-f7-kvKDOt}?u86nu*{bw; zcx6dgS_#{m{EyMM*61&jC`LhzZPCR6v{Clah2`9jq1byd17C9f$+2nm=hIHMtbr|hgcPcD=+L4q@n`^V z=Br_o&?#9-p3!!tS-=J5^7l29Fv=G_+?f+Q@kqAZDCeawr{2flS-5d6@UBpYWo%!s z!uF*y;?ZE6iUs|mOIXlc4S!HnFQ5}`*QY1Y} zO}0>NkArzF!w3Y6qI;_A!$rzu1x>e#@}m>%uUSI}V!wZUb|B_%^w;<0L9Nk&>st3z z?o)RFchPl_W461Y3Tej3MLKuhE+qUi2x;TAUCdps<2*f;K7&PDBDXAYDU_~fbD!=r z_}4Do|IFJZ@V^xi&>kBgrehbyQP0edkm54| zvvG1DZJkO|TjGVDcHe+JFDNr=NsQM_4X*b5&zpOPhH9h7^1rUE8LMCRryB^c6p|RJ z&SDQux_d^}Ms!)Z%xTI5*3ASbfhY5`N1qbd58x>I6L%sxt9=6>1QPMJhZ z)L&kNt;b*$kv+VH*#B{we+}bI0>hM|jT(I(y)Jn5VaDcGOvJ$3jyk^`)|fpn&CXEd zcv#>eX_3UON*no?nA>RaSh{I2j#hAw`%Lt`=h(pskLf2tE277qnM0YHK6K!H><=XJ zcH8z%dk#VVS2~+l`aE@@Oo+?l39%?oHQ;lUH|HAGAe^O~diYf*k>gv3qd8hVSl-2c zd<(LGYRNdKZuJkeVSeF(S2qmZOR}xX!v~w+wEq{Ty(uVEKr;&|o7tl0=7=pD<_5(a z`Zn|_F)MeKE1sr}1(^1pcZv9Pd)wKt-8~B=N9o%1`PCy68F-%~R44gyQz>1;l6)vX_900*b z8=J||mrW0T^aWYwY>qvrnITM6H%{X#v9lMjGc1ZNwzB`|`imF9-^WQPP2-}N>Z%1e z9M0sqK6A${%YfLAp(Cem{AqJPa`wx|tuBW2_Ppg-rFF=H+`JZ!6SdajT$1Vr_?y0d zfTuE#l2*2*o!q?r_byID{i!DdIR|V2uhq?d8+kMo^B}hS)1!@b*0Db8Le17{xv$ZE zMpr(i&QA>v@sgLv!QLU0`&`wy494Ff8(h#+&(vu*r|vCF)6>o5>unU=+t*VlNM``w z^Z&2dVaUm%n!C2qC{vrPqP77?R=ZEvRT;E@W}*>6 zwc-ly|0W`4#)Z+8F0l_viRfXU>P%Vq5M?R^UZZ?_-HDj4Q#X38!C=p}xtp0*?x~_I zR8Wr~jY`Nm?vbP#{6<*770^C=sN#s~o(cMQ?2I0NIHWmbV-`F0v9;tu?Z|-p1Wcy% zyw88#{pZK>vfVH5+-9kRtxzQUzlb#4y4^UM%4Rt+_nR;!KyZpwPMBuwa#obEh2MJ; z&=L;u>0*LYqF!v*$9a|%N}e6SlKxxrG-^KcYS6xO#UM8?0%~trl(Wc%Ne<>`44d^? z>%N#sCxxn!RmFoyF$&R9&PQUpg2~85SG#dRzkTEuQBIO!G{>;nfGQ^d4q-;5pU*fy zni50B^a+_VB-afnd?S??mdcA^*H{RX$X8nEwBW61ywcTIz6UBg4BgFY$LhbzHmzZj z$R^0Y`uP@I0Q@g zr0~=glF5R@D@(MhVoYQ2j`cLI96T}etaw?~ip|F^G&^LSy{#kfVM}iy;!@8oVA4X^ z)z1xo`bb85{*s1DtcC3Yb`M$*6K)SbNk{QpWl!a`R!ThuSl|u@W$q;XnD+9`_ zOXz8&LWJF2rVQ>v2u3xN%G8PyR7j^p`lmR{`V3FW;5Nchm)UAv*~YT+u)le?EY6fJ z)Ul<-5xM%n1fI*Y5WU-<)-&4BPyxYX?q>&VZ5*5a*qW_Nd^nE6WF;&h841$ zBuv?Y3Lh<^!7&6mLJQ~7j1vr_e7G?;9RylCW35L9JI$FdcB75#u(z=c9@Y^wJbl>u z5Mu#t%Zmw^tvEgtG4(PgoJ_!>jMO%y{#|xBuYLC2n-7bijn`Ol=z#x*gMZ|1*?S4+ z$pvh!%y3vI)utZGy^7poZ4FUk>WK6`G0VX^!QX!{Cr9QR=086sFAADFI&m#)>5z?Y z)xkf$|6TN0&E*ZHks6Hm#1M^&60|qa(UdgARD88Gh`yx~Z6_fJjHCp?40+mRm%St3 z!0A3X)7s1=#HvRkOb6W9b$6uU#y0oMfmYGGKK?9F{>-omB*V?fBb4amR4$WpkR)S}vd@~5u=Wsn;P^dDaT>dS;BP(O3+O^=o z((L#v%g*<)qpNtyj&dTAC!Fv*br47hELndUT~@HVt|zi}AuMYJvWg(oAsH~~fn)65 zll$`>kGHf0l%hL&=YBMt`9#keJKVrm6!_wSM_|_TGa>71(v<8ygm*d;oXeRnt{`JK zZOr`!K74;UoIc%DH{F_F5)<=npf0BN*o5?vQ?XAX?{NYA-c`%?vQr(!%g1ltNhMAK791GXa=tUG2 zjr-!u61Se;nWtUd$K9qRUiKWNX7_j@6sl;DUaJ(cQ(tiSqY@URsg&P1Dt(6e63Xy0 zs6y#%C0Lxt-B(v75NUUItCNiy%XY6Z3#|F}aJqGN2GY`4{YtmHG}9IljxK|&av-Mw zXAt07uG`07Vx{Q?n^71vk-wdi+7(na7(Lwg=iJbNm2*QAutYz4J2`K+I+7~)x9-(b ziBK#oXVbLZ(93#&hh41!fX^-?DGA@r)3Qg1J_`t_VB{Zahkbn8E}V{ayH z9z>P3hrS4Tu_RbEm8EQ+5GwSgDN09C)HD_o4aCI8LXk-aNkq}jUjI<6Kae+e_wdkc zdG*rEGf*ETcbu=Qp8UGBYGvot;hFCnay`~)={}}=thp&qVHSv-aCrDo5U<*_*c%D1 zPD>D1yCrG;mhDbuLmb2K7PRCyQrb5^LnnTXz1Zc^e`}=s;e*hfm~Z6)FZTu}E_`vu z#uXO+ZK)P`6*cJP<@20BW9)dhWD)3c=@xAm^D>1dA8)gAv=|Nb(j|GcQ=+Ro)MEwx zYQZ7kL3kM$Ck0TUhX9?5EP0N+4ELob83s_}li=&?sHrtA(BreuxEM-87AqBUMJMwd za*Y}ztNpk8Lu5|-+S)n!dFpt{++cW$Vg*jV2w`C)@zB-4-IpNK6cEJZzAOfd}b73*0RBDtVcB31=HPSs|xR8Y74{1fd?s z4L$3Hx4vbOosw((#fk*IBZ2o$jP(o;_q}@gD`}P9Da%_dOqJVPv52u5iy2+6Hyhr;UY=!`4Q;wCoL3RXG#fmk zWN}utJ8$4<_Zi>~BuDju8EOW4=%}pV?Upjw8?D~ZNv@Rs_<7rHmxFu3rs&}6OTv#I zx58r0be;d)$mx~-)isqqcp`F9pT9uWj-@pl69BYKJS6@^z6Dte25 ze(QcVH}zxX-1qN>vcmV~OwEf>_2iQxlZ6Qy#suVwJbIz5WuZbamltW?2jAU@IZaF= z?UbGqE6S11C~c2Jyb8B78STEIl|h?ZPs|m+stepW@%n~~p*svJlUPI{PT#gq3G{;m zTvy1Msin3wV+=OL*psn=6%AkC_ zj2>5|lOlM({R>4tYt=i07p7U%mKv!*?+M)Wkezf5rxWVo_))b?A%MeXg8*t$1oYWS z3q^MEf)xS}&L+Wc9Q7i}QEL2X%07-Jhb)dP3pi@Kfu7;tMrwD4ZXuUp>eV9F5BB{! zfcmHS)`OYxtd%okwMTB%9-AH22?;JlJDbYs17R(Yaa#Lj&!7eKG*{1DCN~mbi@S4W z{72u^T+B#!?9blLxvwwXV;>y8v8DQ6n@QqHkxF8Ml8Ekr0eU$LV%5eXUat7zye(A> z)Kb37Y-wA>aKLL|Z!;*3uj%>GeXieo;fzbi#@>=ZtBM+RPtTK!ErPS;^Z48d7|5~P zz)6w^(&u6*B&&;~n6+v2)YO|*4XL|t-<6z65xt1zZ zGsAnoGS4>e%D;WL6u2f`2M=0kb_>%zj_x@sqtsWe`qKwSjQsrqs!Q+GguY-DENA^P zB=&y{`GQ`EeE+WZ!vN zW`oVtByOm%c)kTZV_%bm)iIYVh)Zwd{tV+<+zGbxjc<;enEGdO z&gMV;F9UWP6}SeI3H-RE3$Le(Njnll7q9r^iQVDOtOF+QRNxiK1_s9No zqa=2As=68^rvCHk(i6)e>&Z#>(CpRCehx2;{fa%6i!u=vyuG}N;NmC`TgfokL~`dX zM6Z^v>*9EfySgbJQw+E7(UICp&*q==q&KnqB$R^|xkkya2-3kcmgNfTCW&yR~ z2fG^@e4pgGrg_ON%UF2h*$71 z7$@>5EP@aaI|C3~fjQ_vUVMLwt3eZONwVYtnlf$B&7svxxvqR`9fJ<3wvKQQCtGrY zY71ilk^FIT6|@kGJL{%9 zwgp8WEC`^7w5W4{2x2Ka5nIHx?eouiHx$?~xr~IE%Aw>;l|Daow|O`DIR`qELDoOM z<>b7*H|O%AtfIy9`gLcP7fi3^K>JP$|5O7G5LmbzwHEIe|AtZPxx%@?9mO!VOwm7= z|CM*W@cN2Z-D7Drlfz$P=f;OO*4-QZP!M@zu@_&IcO6SNP{qm9zDC*De59|8LAuxs$d6%CWO@ntK+sgl)LRJeN24#{f1nnQfg8ev?R zFQyCM!x63~;*-NJ{1~qIdSmb2-qt4B&Pa53gY&ig;1KV>6%`qUMynCuLLQS%=UR}T z0y+0oOObBss?<$4?Kf@_d$G^4l#i=kWv=&PyK=vs;8~bGH84!l%fNnu;eQ>2(~g`u z`+BJ!70je>PPOE&2BUQX_JD`FbtYCcB|c#E!If8TwmcyRABm%7-Q4?~@Ir`{;{zTRl+ ztI;l+AbJ-lX#RfP8FmN6d~BqUi7LCX0K~~)xVGM?;<}Trrb4l1CFA>N=D}Xuv4LmP zuN5VWMk>PkSo~=|M zT$u7F`H34@Qe^}XT>>UGEt|!j zquW&?j|eZ(l(llI4$RMokMHv{4{Sd=Q3aD66U9MuUtXQn+88W%#`7$SP7nGUdycM+ zHh`8PJYDOJ?85ICs*otr;Df(?`zB2(f$j`k9QygN(|T&6wR2O{@ZHd~;2SE;>)dEL z+>}TapM=3KaYxS^?uG@i$uZIpzcvnwjzitVGfSpL`;P2RUQ;#Q+W$b(V`M@|x26OHUozrLtB@Q-6@sY{0@9@LF} z%UT9nCNt&$u>YyD9Grej11Sl$}bFtZ9g(I>vK0W;)VnR|R`g+c}EC2RNEVQlcyY21rL_ z??2Ujy)T5+KIQG((N|kFIeFJaH@V2_nK`1CFUZ5AU zi6--po?$SA&26MN#v`Pk?q-SxYwIs!v9f-yxx?qU>Z8q~|9 z7vXg2+L$J%wk_-Tvl&ZHVfmS<7uTQ=S}BU27U*%fsp5LNnOW^*!{g4GkeTFd8_oCK z2^egSW|Sx^R6e|Z67hn?h8zj;nDbR^rV(woB!h;N)1Zj3NTRWqhPp{H>(-{DUeU+9 z)7>B39h+>essjsNJDxSM())arL+gd$YKkw9hj=l)(XhxS=0dDwaKrq?XNYA%;X)X5 zJ48NCbfTS0cjdoya1^%_ubs`d>T(@UgL_Y~X#914jrHx_va;8?6j&`+g>1*B#dBOi z@W99wh!+I19Wp7V$$};knUn>~Lx_b-hB-2$v{SsMi_gPqR;JkLpJvcL373n=(*#g2 zsh1|W=DYFmH1%=uYi0WZ@HgS_Xd#Mg3M!X!hUK%TGrIqX&E}u2bq8ifUM>ro3mY0d6|u*|1jI>g zO+@D23EYHS0kQ{oZrl1}_Tvt2+U={4{lkHY4#{uAJw57zgI(%a*;?~iY$cj~Hd`OI zxi~Jn(Oo9rKZ2!NU;k6`3zx{E;WODv`0Y4oQ*jvaV4fl|vVcu_su@Cf3X*I9Qv@vK zLm=Lxz6(-{ONIfmS*e5fTNeYtx@B7gwednhH%h5}VW#7fQ+nhgX`m#b1%`j@6*=}~ zskU4uz5^qX*AX7nKO|WL2&5msRq91eQ<1E1S8h-1H_P6TOK|61<0!Vf*(0R|6z?eS z62Gy;(u3cdH`YauG!4~G)W^$+zCZlB#H?oQ>qtp$>DwJl51-V$KJTJDMx3yew1y7r%nY=Q zxdjQUb|d`ag6j;ly21b{^tRN!&a3n1=(m>#22cDPf)2*mz{(-(!CgfaHE#lajS{I$ zZv`xtc`AVt4by_WFnvVL5#|Yc1hs-*_g#W~!zT{A_%G>^Xv0gg47Nt3S_%6^*AlW# zLFOFvXIxH97FcfEcxmM8rAG5m|9`!0D+wS8nWoKxl^LZ9>{Zy0sz=)Cg*8y*Ls7MbA4A^n?Lg{0M!6?r_Ls8857gnxo;Ad0yi7N6O{92IdA3Cx!cJ^`l z(A+@&Qk$us>6QCILKIXoECfXPWpLzdBa(}pa#>GiTXu2K(NIF`5*RruncP2A%i0G# z4yQNz2d;{Rf#azgm*%4O4DiktkGb8x|2mKKid?%Q86_ehjtmgOdrDs1zDPjWBk!Pk zo#pMtxVrW^i6vO`OkzJB$I$v0!K z+$pp(|;lB*9hq zC-It3+e+}r9r=Ri&+{yZJkfx-I|&=du-FM zD{I8j>~$D)^x8edT(W#HL$?|9`Z5TcNO{}`FkOM35BW|MZ}NaK`Y*^jjsDhy1q>`O7x)>eD_}oO58NT~BQL3pghw z_SsPdMh4lHp{=${xdQtMy^!Fl0r&&rCEGuPBt!leWXPY)3rheD=VZ=4AU=aXZGY~Z zEC08$KO3wik*Kmu{dl!h9SFIclPb&{6{&o?+Z0DJ)3JRaco#?5k5AzU^)j**ySN-( z9fK<>$i)h==uQ8ApCYq}4Ry7%Q*+b3HZ>FDLuNTai&B)ZFXYjS+i~ZhhFthx%!py+ zWc#3SA%r~oNmN``)q%O0{Mgx#GfSZlK2kjqQ*_5f+4Q;+&i-bBBg940CYY;Owg=g) zESW{XXhg1_oDPH&&k*JU51m4~f<~UY?^t3)Q%TsshlY|{w;oJ}gBHwQ^T0sgK&5fY zZm(L{XD4`Jv^`Mrg1FM;H6p@R1r9#RUPLCgq~=|zkSDp<9Iu-i>~)%(?V7#T`F8e0 zM~CGBo2WZR!PTLrJ5rg~jYszoki_SP!UfFrU1AKBxQnbv9LsPM`*UfV{w!N&H3?V| zDmWHo=~RYFBkIiK9XY?1$Oax32Han)xY>C1sz5M;Rx`HfwP6`#n}6r1E~ zDvD1Kl9bB<0~kHUg|N4=Jqvjt39;Uj@Kn`J$0{^@JLlw6{K%R9WLH*YN)acCnw6x= z$54qo09t6vf9DJ|K5r3 zm#R8{#?Jmc-C6rR>d#}zjt+KMc!SQl{jbH^&|ooZcp-B}nWpmUZ8xu%)J=EI)XmJm z)u|^i0zC4c7y0TAJ5njRNO+7aVl|&d>U@z3)#P8+etRcJ|WnTjzWC-;{ZazW9tP-R6QYjiv`qQJpT< zJmy>}(L*(-dl^^c;rT4NW?%BhN7J<>`>lVDc2uv7J=A-4Xy|>-%;(t@^^e2DK$O*b z?JnsU7>i=w)ZoFmo0=*ekAYcLCdXJu@X{{Q;E65mT*@Z*GRttWl(8Pphw$e!+Dpbi z*<4wsgBt`pJ~W!w-h0!R9W>-0!|n#pORHGokO>M6^SD1r75%@dO%^L<0dhXYsr&+y zvUq9ks#F1fSIBz=$;PWoMfiw(+F@!wu~|Z;2DLO8Pf-U4W(4rhAWPQB^4t>YSr9y+ z>UVRD+tXZ0O>uhhP+mCI^Ws$`D$QE@h4^Gqo=?l2ZLgvRBB$TDnE&jmt(yIL?MPtk zKpH81x7QkxrkyF=AeI&0*nbP}Odw9qf`pqk>vE!;!l2EGQK?qY?8lOoCw?@+%#7S|)q-+HEX>xVe)IaQ z7RL?MVtJ$zz1<(4EE7>a+g5$q*L%zhWUHs@7xTa(14<>~osgF=C=yi+lSuY(S9tYwpN%5mA=I2v zj6{X%IK@d)k@7&_>CU%b^oo|9#P6|V+PMdHS;w7AsI z%phlb2@F(q4E^-=4VVmW9!r^|S^Io(miKjIg*|@7Z>sNz9k11dvyXKTe>rRJ-`2MM z>rKr|A0vGHeR0RV0&pR61xm?8PvycE4t`VtVX6IrHhBFPDmMhJ2{6=mUzEdG;gO+q z!>S?cdy^yiCHsF4Pac_gaDVLE>zVhDE~^ieg=(!;aK(#!a&yVfbUQGKRMTxm<`%0h z9LutmWh6Z$)bNSp<)sAtG{G<#tb0nvoGrF`)nlSG@2r_UtIX#~PXGS@O_LXjepP+; z@o;frHG;wH6sySLJ^>^J)JfaSKrCQyi2Q-;(I)(?q~@e}SvQn?zXKu56{= z@IcCym{6IOTX&^c_ocLR7*iZZy+pg+4FazHE`eO8b3L%sL<8#Cex9D$F=M^c7RgB| z7efu<05HngbZtu+XG^4d&aIFaS33WM zWy_1)-IllG;zg=h)k5(R%l)-;Rk1&t=3>4*24>~x=#||X!8<^&P}kT~nIPX&WP$r- z%Luk>+ogW}r&u>K#tAbgqUkMFt7XKuCUe=p(|J^ zj$#&M&@;rPd z`qJlGc)gQ|j<_7XuxnJ1Z*ZKr_Lz_UadL-|8iZK4%q?Kjs{(?K&^i;p6F3;#NIsa= zkt0k3s0w)XL^!2q2d}S(E8Y)|D*@?yYc!t=OKX{|!^eyB4j_f2;!a%ps6Z0&S>ok9JKkZ@e>Z zz1FjQKYttVA(raV8Lk3_+s+pc}0re7Ni(~UObxmU-i)7o-T;}cl z>QlF2t>Jl>8)=aT_ZQSW-*Nv0xU0CiQ7gS9!1sRmgW5{*m+;&7n?p>~o}W@W1>9;0 zN`%Fr6R7%j@NY4%(?WK8q;97RuJ?~OOfNld^R{O0v1OIb^!RwXWz4;Uy;Ae@<;)wQ zC3n&O;U!$o1qS zb~1%>^0M$0+K}7tNOMyIPcd+EJeRp?QTWlG1fC8DDwdX%mkzU!00u+my(i1ORne}V+0#vsEIS!t}G&psXw54X_ch#G(Us&4W0 za4EUYc;$S-#i#LRiRRZ{Ux?1H%}w_CZ#dG|d~f8&<)FjS#qW0POB?@uxJV;Ug^1?K zqmj7h(DmW9puBksF01bNlMN= zB>PYNdJd87009eemC7PHO^3L@W(?st%!jWNHa|WeSP7TX57Zqmn-sm;pEhs-Vk7N^ zKJpwb*(yg5YO5*@IO+_=b?HiKzQ6VdFGl8onubd)^BG}Ws}hy_W>1jp;F zwfgFR2bKg^G@JRPpRG7l+^BWI((IPMb?1Yq+!^uXk1m(SL(W#d@~pn%t*@;_z!vfy zjj!VudYcm+Jg!g}3aNK|E_)5+#PoqK=s=To-Q?KBk(m2cla1Y*j(*6$9H3;<=yRi# zE4nUJV#U#Lm9RyeLaW3aC+3>#>9*s>?SXXeStHm3llAUm&Gyw+>xT7!qA^h0#V>b) zW>i;CzY=se*1)N|Z0`r*15*vYGD4_XMhI>5dA&h%zM}~Aoq!Ox08`Fe4qX6Qf;Al_ zJ=IjCLqqsiOOcUbF3YkHz(Fal8sa#jtJ)G1#7)*;I@hRRe+}NlBdB7bdd3!6EoNdlK2@Ls^ z?A*oFLy+Jf9|At_o<4||QWF0^!u|y==KT8u$D2{iB}`M(jjfqxrt5T(Tp}9NZKg(L zN}5E5$$eLwYoR9I6B1^oyO5!zk0_H{sMh#kCan@uOSP>ETZAZ;n%{ZH?&tq~{D1$) zzsG+16#G~?uk$+Rd7kIIo(K8Qf6gB|j_}}Q=N@!}4YU?&cJtIc2flGI)iW1BM>IxE zkRRt0WTedypw64XQZOaqU^ee&$W5SwO|C7!vV2EGEpby<*VQIsPmt?H*BHK6Gj$&X}vh9AUUC@ z-*wC0R0-dydcgPxeF4G3JJ< z`toJfwbcLb6E?He$L$rRHsrW1H^-sK33`qYm?6dXqS3fKK$K0ILPdBTt2oVNac|TZ zEnmd7)h?0UwV{sC*Fd{!iUplIlUtAujt4vvAY>?IXKHrTdbrzUprDBX7g^<$U@FMS z0P<|a&ZjXnG?jJbbl|g|r6sDQOItxY9Zilm%B|d!E^(nrD_iTTp z!~kcoG_iH_jwd~oV{UUNmiab z-)y(0Fyvas!j>!z!@`cP+Ha^~v@Dv4vh))HKv`(pc!0l8iu238fmBQ}#2?gz7KRcO zZELRwfb)&L-%_S4fcfzw&y%-~?I~svGtR7{!h+71$iIy*vQ@b?RK0T$v-xypW(Mzc+EL*$!fAdhJ%@3_HTOl2abjS zGFNJ5i;|&1<`G{Dta!$BrswSVLioM|zg3&Zuq!yR1OpQxP{3Js)b;=Gj8{~ts(+0g zdI|K!cWpz!P@kEiIe;I36&**a-Il)z%B4XK6ae)kS_sMA0?dCDxMtl%k&c|IUc~Gb zHrKe(PE3zq6(8#EKP8Y28G{4_Q~^MoXq2s(KVAm`TM=t%A>+9NjC!k6O|momWxD>& ztMv}r9rIg*?KVu~uHIpo!q_~seWy-mePgD0D#Orlgrp&9{*I`+{-1CKGb?cUh1P3l zU&~>FeWN>bjcP)IA@4vb!x-y$G1Q6RY@T(tzrR1_-gDSYqLI!IP|xlg_E{jDIZDA`-8U96I~FAMuOV(8Cz-UH$KNCVd=!Q8V`Y7TwUt2eC^G zC;B+ox>E{6IZQk(I$w*tL##wc>xe{bBViVeMGt~kD~}mwCW%NYt4L*kMa)v3InT!a zmmo_$at4>lP#Vgyi);J0`oErVW48UJ$qR1I@VYtU#*W|5PFuKl&*z{Y);X(d7KosBhA6uv^n7VMR=Rm=p zPj80~o-tp!&Q1T$X&YG}9tXSbIWXV3%qd(<7jaCbsVu@Yc@TX;=SMpAMaCCS&^6jJ zf0wLiERDLG9H9uv1{t7Z?og=7Bv;@u+ANqTe98&Jg*e9S8EgCfRmSpSyZScI`Bi&& zY}>PW2A6Ab8HO^?i8+?MNISmN&5319Wxp}A#E)|5%9!)WPd?6>koV$Z)X8c$R6=7_ye@1OIgM4t$mgZC1E5 ziQ?>Zp0$ul5eBX0`3-Qaes&LuFkS+ap*DU?BHbKe#eBlH(cwAot3UKx*L=%Zmh@S@ ztR`{q+(JbIZVhMGdKlD|?jQd+tVqCq>N3jIhsBpRAK+oBZeVAP?p_Z}>^9v>9)1|J zuqL_2e9EN#qH=!WIRT!=2NfsLCS|}b_B=HKCM;vchZ^4a$0h89!Ir_|;@Kb&#)udk_gb0&pYPyVHK zx>dXV(POC(0`6{lK2aKJXrCH$qQ4`cV6`Lk@xV|!^gaD$7u4Owf=CnjAcG9 z$D-X^4m5tmzEWw*bL?p{~#MHdidZa%oF0q_U?iGHk_ zsxMCUDk(JW#>0lKKX2DfO4dD?U$duAH}==n!KBd`2tW+Oof4uSx9ISp}mYdNv z(_!f(@ybZ2r$_@W2(jwehr~H_{>2Gc&$Y(HUepuu*#;XNFteW4B56^E2hTo!vnPDD zh(^mie&+Nl5BvBk&Er{H3_UI5JUZ7$dTn15w`beC;j2pWZ-0&1>%Mi4K`Gvw?Cq)h zO7yl)(0QFD+fUrzu`2Yu!^7}{py&mAsH1qh5Y6p!?pmqP-82zd3hRLbKbb4idf81l z=ay5^lPe8Bg=$VAR_;NG(gOjw`HFxOd$juK>7B=S9O^t=pR9wkdjc0TsjD}yqGH;E z2PXSLj10Y*_r<9mit^xGf@skj?s_CiX+-^uI|BbtKBwMD<4YHcSlgr&4ztuWo7XHb zCswGt;RT)xi*jF`lhex|)=J^@d{oEl!Xgx@b+RdWGW=Wk$Bw!{9O$UZ)Cg4RjUn?g zCu;(+@!Q4oMH6ho+?}YioM0jZW-cX5Jk@^lxw9=P8(_Vt15`{Wt77qU|CBK=EvtCctg z?P(!smY9i(K1kTjfp6@BkXSW6*u}n%Xsp^Nk(8QJ!%adRF$S4Y>-D+kBhSaWJMNeI zVGu;X3k)+AM^a;#Wc#?Y;J^7x^t9+{Q>Z+idtmjAn54v-Z<{+u4Ff0MQL70y6AfcI zxdO!pHrdKE^-Cdno*H2hHffl$?VU3il$MlIBP-cE?K4?b#sR+p+Gm+Tqmvhd(=7M; zs}oO=MXkrfh07+L+ExAaTUEZDT}VM&;=rSpx9=*Zh5WSKP~bpsg4wRzI+;JY2|ttE zEj^0(L-fROjx}&29gvc8fjYgxE?rv0DG0@1kj9d)nQ)dh`e|yKfKliNa8i5 z?~yKT2;>}$ifs4_%L=~z4Npz#pSSJlKN*wsVX#ITeQV*iP;vOtTEv7vhK@Gu+GzHB zgL9_U5mhH8q-;5pQ}e+-<7eq{64>*z9G(X$Z5?G)`z!{-5toT?YLJnrlrvb1tgiLG ztSk1@&r1y$%-Foll*m7+rqn1C0xvHVVxO{zfgxLVh+slJ{5-d;LB>Q+=YnRXb}gI^ z-~b`r3x@EV=p)Rj^4^d)GNCH)JYF;v6)juOa|Xdhg9NeG#|*-t%MysuxO=>kRNt_)=t69lx86NpZ&!@Wuk-)J6Y>L?Va17N=Rm#pQ>wsd%Em!FYS9p@cm4 z;dM>*&_Ef$n)!XYfg0Tx?Sp&2b;Lk7a3W->suIal*kn3+kt~oK?pBDk*{H7|u@}XKuk~;gowik+mdX_ATw$bP>V(7l z0?XOdEEP7=UZ2Z$41}fJ^9jyE*E;!PX&TEc&v>KYFbNLMQDvu^obXbUxjASyY~@-| z>8^_TMAD8S2?F^=X{&aE()OYRHZ;&!w5t-Y+D;{r>qO15r(Oh@(g;dfSC9{dpYFZx zYxVN1+@AR9<;jXCFRmXuHSZi`OaD?47MYPpyT~XtJ;#Y8!OL*CU^r4XK8#jMQkOQk zidMdXR~#kf;pW5((o3XkWX`fk=XB|0sTDqlzS#zuC0^$qDF=LcVr z%**1>y)932l0LK+jP_<(kNx>#T}XkzX@fp~W}&IozJI}}srZy+kHz_PrqUE5gyOWR zA7;;|mUVzc;UU4*>+OkyRo=QUWd#N8)`n?k+~8Iit9|!@FdE<$quIvy#Y7QP2r%@) zzFylp;!N?Z4KSdJ)i1P#eFVN-DxSpNz`(37lGteN*DL*m?tu=bQrkk0%WK)!1$)3ysG@fQ}qN+WNzlQ$mZ%_Wa=^v1B>SXKOh3CveZDW741QIACK@gZU3ilhx<3}@92*is&#U$`CL&j`sP;q(EYGEm%^M%@cKAo4n)L%0p((? zVV>+k25EM2BaX(l(U-B=#5*$G(4Skj)QpTJ-yUch(S2#xjg%$(rQXGao|}l}a3!He zBrYHRWJE$zGhZeGn6WE*XQ ziB^6$&lxh%c+itHfCvp;8DLICk$nZ{7?PlbN8t;VPU+HToB;J~&Ktr7X}Pk2&b}c5 z@L_c6#AeRGq9!BG;G(=_Ie~ue_s~%>*xOZq!D-la&KDS?T-NZzxC_( zB9N(xEXF9>6+PWlCAn| z$gpOiCO8w{BHgBCG?efxg=#4|RJ+FUCN%XPxx9 zo;>M!s;Qrh0aFQVwk>+6JU~f0A725t+EvYz`*m={b3`k1X+%U)N?p^4mO!JNAV;OG zfJn8`Kge~`rvL+g*`~?y=(eb{kck(D^c2( z%&>qU_C%y?!^m-0h+>d#QEA{=%S$j2V#QUno+a`uc`*a9b6CH2u0Qh8dzs z9q|q$luJmjua$Kp(~P#8xr{g9cWGa5PV|35Gh96rJkX*j2t66NH82eTNhe`Y+SmR+ zNHAU;nWDu}ITS~hfw_tZ3Gz&x4grh~;Q=j=wxKtKD2j-*Wxs*-ACaKg{O<)JD9KHP zhm2lEsflHWmcB_lAfD7Hvry55forw7rOYsa+y%JvQApd{xKk}MgrIx?-)!T0W8TUp zbG?NDRt7d}8kG`>2P<^O+1k;^k3ZbM{=WL_ma^*MPsdg!jt!Ny-A-6cT|@$Ik%=5& zhO0}zUyp_$w&ka>)oJ&$iDqK#W6>c~61>q;rDHd}R&*`Z+yVt*@M8d}@ z<$4$zQm$!m!q3O&1hwSENyT=bzRFxGaV<`jfhyN{inyjzAU(cEtL=jOf##5ZDWZ-4 z$Mdg(!!Npb%N6A70Y$&fSl0)%!ovB9f9I~|D%@91#?wF>GVBvHJ}9X5MR~}f20A?Y zI0`^|BaMao3Bw71tvDM+i*TEy3HTQ{r4t~vR7frZ>OiH@sa=f$JDBrHvIG@g2qjLF z0;P#U*uz@)TJUf&yxKm+qR%Y!8Rq#ULWZ}1I@%J05rSYc2^$${lI?&pMhg>%OI}&; z8JVvedtzPld35*nEd`UyV6m!^2NE|61SozKJyn^hUNcN&mnD2Ad;LM9JUJ44XQjCuOt4(?TWR{vwb_TsH2=X-Hvt$WKU6ac|HKj>sl4N} z#K$@vK|j6=ugS?PMIF5fk_NoQ2fu*w3Jo*k83XnG^E@r)Xwxpa7+yT5$L5>0-gGf|V zPDOr~`i}=8C!|~n-~NQ&o9fMC=a$r7E}Gc)ic`YHv+~Gq6|tFCKoYQoKJ0F-;agcO zn(DJqG)9D5<0Pcl$+yEQ^6Y~WnSK$de*1U50kY?VQ~iR$zk|HLUbn9KbaG2_&*!(s z2pLB?#KA4IO_%{4sp0mQQN0wv|t*fXZ49%EyVAM{lZ=EvL~8+cKZ*tfq% z=bU-BquidLSW>Icv}cGGk!O=FL2M&sGXo+IL*;wJz6CBjU$argHihTYoCrdgD77|n zy~9=xyBn&!`9!!1XXBQNmwn2WxwIT1$wuW)wj(ynd-mwL2hV3R=2gkyvHdmJEj&l59aPoY#n$PVU1O{^lx@hXx=I4^4`H$Qmd z*!y+(C5^pWmNZuT(A7(Kb=vc?CA{?(jvWMPiJR$^@sI2<%TJx5dGH|L zLqF4kw_acDs88@a&8Qi<8Kjdz1;;1YH34=PG`WzNnAvI8y z#QiGj6CZ(zqXxl)OxI#jjyf#n4!c_qPv8o|c9%CBWzI z^8o(a9F$B@pSO8hNQnXj69vBS7#(_p(dZO?aI+ITGGJK4f<9b0=s=78L7sm9hjNDz z@+D+*h?OzKS=$`;rSyLdugXKcJ+OJ^_i*z)?x2JUzGGF&&X^lJ`#U?E-fAnZ*9UJY zXhlnie*?Z@7F6&g>Sz2+(Dnke`hvsa0g;B{QQqVzih7peE=YyIADdX>rxCLnC=r2? zc6C9`E8iGVqi>eae@n3fi#w|JMIQv}F|(9P6!UMQ(Z)d-2+&~(gnd5L;UU>_D{Lce zIazi@dryNzr?a5Oh0TtRQQ2Li{Ua%_PbG8*xb7VUd8v?1|1B} z4UUq0|3^279O!e(-f=6LDmlnUvP-BKESI}s$tp~`|Df(ev3J#2lWWZG{*&!vVU5IYpF{Uh??4)u)9_{{E?F!im%wWj>SmCJ&FszTJ?X)L>^?<( z_gwFiUAf}jpEMa)#p~knosL>7Ek(XpzW*WZr~lNtjgMeTA-lO^9 z@j2tCux-zG@~ZxOl)r3F5=<2#rt}Wb(BF_n`Y?2iR&5)Feyg zYrH^5=q*$V(8W2>8_0IyyRhepQ@6F8RuE?Y*8do`CcpV3?(5aEwgf2Rz9oAnf7#tW zeE;`N0Z;w)S!}AvCi)`j-!mX+GW=tM)wxg>G`g{ITqeUIh~S*2s`Fkr{9t!qm9C(y z=F9utHDiC?O@29b|E9ZlR>@?RIHdv+@|uD4_HRB;x+xBWcoHj{rIu=@kY|G;i0unJ zDRYIk2>^G+hlWGFi*8V1%OfX}v0M?53y2MWOBO_5<}(m<=^)J8Mo$sij;GTfK^^Uh zZ9=;#-x6;0-q-{Xwu6dm6{l6M@P=8SOqr| z`t#d&eO%`~^cb{z8t1J1`iF$3&spp^gN2(a%q6V((PqIH(L$yey(Ktr05l{$PT|&u zyM2Yl(BD3WBqxr3fz`J?@4Ux`TnmyuO7EuZr{$8c2YFm|Is-~GEV4l1jGUB?!snl~ zzhIH=;uOA?qL`(=9rtSoh8AsGqOn3+HFs@}IRc@fiEKU^ZCPoliizLe`B&$kWKAGO zNFP53PV?07Wz~2V7_X7hm_I%I_J|r~+OMBlnDCuxKl{q~@SK5SQpUCxLo1PCx z*lfaKq<@6|G4IKf-R&by^~uAZoLrOp9=)x2idC+a=t2DXU&v?vK%S5uarRRgB7D~U z*YvTm8tbaTvE)(EJ{sxT-KXmd&>fso7Bc}5|7ja)iIL4!3D;^{#`WjJKytb2|Nz!I1h>HDtGmfH|a^wFf zaij09J~#5uRHI8BzCn`jj4aidP%OZ#u7Qio5E=jzPEa;sY8imy2J>KRtpshl~f&#U8KJ9+PU z+ZK}at+A?a@2j`@b4s%G894G<#K{Q$`0xA>t61X23%4aZ0!XGwB#m74gp$)zNU3`l z4!8E{zTIEmS3S_34{*jBR0aDxzT8T8|KjDYmIjGw`oGou$KG{d{szcmKhJ7e5qK=AzE@EvD> zLim5f$DLd>p^k_0umAKRLRhH`hY6+xP(RP|k7R~(B7sF5cV==Tav4~h@LV8D|FJe& zy8^?bB&laZ?Z5u;^x|qd{p%pz;(_-Ihn~*qYuh^%;Js@oV6b}ZOIhpf z*@Y3dPs6#01OU4YUwZim!NX;yaz~ z>UnOaC}QM8mu~zlX2ahs(h2_F<%b}Rt^t9(B50eB#}MEWDnjucm+dxb4K$A+L|g;@ zJP_7F0mb%~enFed*Cqx+(F$`9&;eS2!bdYYb-vu?EqyQS;3(B=3}qP}eSeI#_x;-^ z)_eNqL-(g^_h9wj*N-ZmPgJlue(c5TeGNMTk<0%B>FiVXSZr$Op@Vh6q~ztOU^wCQ z$ClTF$)ox0RRj0uZyEhm<^64_zF^Ooa7LV)`F~`HzL+&jzf*U4l56kJl!<>_D%i=J zG9~*JW5;Pm$~8l!-THOix2iYkbT#FJb#VlJ!W9F;&!V}E%S{zIS6H;38{&rt=Jr%O zIbLv}s}e*Y-9DXOA+As-b|UJD2U%vRSY#bL*T+#MRN+O3%B_UUZmjQ!$IVm^t8+_9 zkNoCt5xr6~Nx{@B!OkAk2_p7HwGquw!#0=EF_nc_cX+l>9sjl|^JUG*pNVDHZ#}=Y zy}V{;c}>-mpvOykb7&MCsLPovVhe33c}(cjaI+P(SgR6v6#{R*D|}61#E)?SR%qfa zGG+*a3vGY5@7Jt$XB>t(G~ofhk*7t;q3Fd*WkclLBZ#~_8>AcvTcv*LOg9IXQ8q4v zv!1~=#~+p&sJ$?1?s_U8_d8;YyIOv!+!t4&E`_*Y&*r2tGK&s`Ouc2|+GqXkH>S%yC(o}UI4XC)#Tv9fnANCKy7s1Y=l7`S+lVICA0xHT72=hd+!M!&pR`<5! z%SE%K?R{;@w?~^^Y#Dt&HhSyDixs~Ks42c||4#U~?*C)dRP{`k>2i9!cU+t6Hm0E}t~Ad(sGeZL;F2fGhvk$|V|; zya14~Z~!T|wY6UB!dMH&@MMbuczXj5WEQD6(84+$lXHbUe)XHg~qiD z%jjs3IRUmv(5O`8jJ=@2b!0S&r+rs7t!5Oa-}~QPPa4UGQGn}*_oXraOPYXf=+kU2goou7LB})t$q|GAahSTu#3da3 zf);J_-NwB2E?0tSb#w&dNru?)&!=^K_ECK}n4|iIOCOHjntE+_RqHgEo&2T!rFZlD zFM@5Xs~&||3~Vy*GdUNcY3@6<1}nUyfW+bSxFi@c^uNCa z3+_7$+V{SAe&*KFZ8!J98-4vuyrUBir)eRqgV);Ukc^C3$YMnihZ$|5g3X{ww)v#v z#0l|<9q~jn$8_WgK8Jh5TvVZko)O`qG5&}a;%KAaCwZ@UeHc+@RoVehsex|UNq-Z?+&MMKe#$B16tuTtElyDbEC}xys z$>28_jAtS2+$XJ(mA~JGWt`nbNXPl}|FOSY8XXCa?g`z`l)Bu!~ z{T;;GE+F^R>24UOTQ_>_ zIykTQx4(*Ds&tuOmX|mtCtw^l>V}E>9xk8alF{J1{$w~B9#pB4E2n%alLznYDBHQFY-i7^ zE-bUPQYM7m$_5xETB9sMc*{26WN!#B0`a~5}w;y;IiCI9eLD6N5!XEBO#}(uyY1?BoB7?=<0PtPhQmQ?r%D> zfGfU{`t7_hO)v$=Gs01v43V^2j{73dsU4-z&Wf0e-{818mu0G^ z(4VMhxRXqcWU~+=<&+Uj>%CH!NDrI2u$xQc@{m+cPodh2gW`mLVu6#*_uzX`h+23c zc*{<(@Sg+YUR!2=Ga}IEyVu%0)Z~VX(^%BgEat2d4GX*!Lhd<@p@saOm=DcPp5Jj< zTKaddjkOZ;Q^l#%;dKFIZ=0U5)K0Q2R$br8LbgjQ)sb`a+{j0XPEwvy>E=+%EHzO_ zu7|6IhhRWs!8-%54i*v^=@71t7s;W|6KGCkh`2m1fm_q-y};|`-#cQeD|7?aZQp8i zLj(C`y1(z4?a*_cP`HWQ3cnIWq(ron8+*S!U zk_BE1_6&FB#6YEZR+l)q9|SOZdy+?cWB{x${!+{y85I~PU@}fbH9QaLyF^ooTNkuZ zwMaCflRI~+DpV3D)l3(yaQ87KTmTjFaP>@Pv@9;VSr#W(ClJAb3s48a2$EO3y| z#*-R+q8NQQepBgp6!D_!@vZIablqcPJGR*QJr@M|DE83|`09f!dWP>g4c5JI+}e(yQo8`V#_) z8_mPSR%)xxEWgyimmpuj(j{ncn9y+}Zl0*p%`}^coB+Pz( z{d)4yA62@qulmMbh14X!YjbMdJR{VdWB`YWJ;aB7+knk*#_G@;=*nES`e5y^fw0sU z6Xfvat!St|d93I0*^st`!Tl(d_^W4&)!@`8Z@1k%Y2)xrr7!k{?uM@|9%EtbY1ZKd z;_*zc3!S-cv}n&y73B)jQF(&+XnA<9(L^!78y7GRYImJOh~#ekH1h0}nNRfesCqo# zMd2<2fW-SD{T;_aM4pMbQ7<+{#p~MgpYKe(wYzHhr0auI2CnZ+beNYGYms4M=&*|H zFE+5qNaM>5^fQaVo_TP@S`!Gwc{I8T_1TBo-0(s?czL#Q9`i6>q&umfIhDbl(QO0jK4=w%-0-mWjc;n;g~n$>E1Xt-GKG4dj;! z_3(5~c&eDS$PgZE7ViagHdv4}Ff_mK_F&tjsk(u#9Pfn*{Oe)cZjr*nC;Ear8Gj|bqJZ>#0S#XIea`xmR6@&qvk>w5S2*km=iiS;?3aR&1OXB#*zkU0s(5y##DF+;5v`aE>8jmkxS`~)$^_<+f5EjC~t5TPfXSV(f@6=RRSVlNZ5XQm?mA}pKeY9lmR-1gvsRiyNk~;mv z%QPJRNulip>3#L|_$(m4BTKQpHOT>t;5+Fo8o(dB3Y%*qEijyg;)YCnoUPzDw2hk zUs-N86Yv&PU*C!Dp#w$R){P8r8tkk3GSXiCrD@B`-S6HXetu2g*+>yeH0PW@AB~ec zG@>Qg>t(q{sp@CORA{}J3&@TFBaWZ56K~13dB2GY(Cx_(Mw14srnc!m+;y!PyV)n& zx#_~KX9j`JK_v_lg$7GUYh`@-j1s5~Ub9=y$8{l2uB9RO#ZiD!xR+FMi-0NcQ5)c( z=nA|cR!4CzT!ta`35`)O$=DUId!PTJ>f|_79oS;kyQS~*I8G|Kz4x0ore^rlNI?>RQSpn#OLpn=u)cn{EQti`o&)jewf%_+ zv1ip;#+Po#*{FCTTIELdJ^W-OjA&+i;zGGmhk)?AG-8d&YQxppHgL8HdyB_efY$?U zV|SonO*^_;c%Nb5L&!z&s^fr-!o(O00T>RFd^!*`YE!pju_}@x}7;@VP1F(Q~irQMc z?>pCpkE4qOuz^5nlZ6zS(rhxT8{U5VYXC|o5L6udI28ulhu16L(cg=S1=+swJCO=7wC#jQf={v*W2+ z3ibYpl{YduTb0lFk?g38M>M0mx2$Y$X=&|go!8txzq!5bZP6S1>{!0Qtx&?th0f+U zF0%EhT@BaPW{taTSfTAQXz94=lUKkjk5PL=>gQyz^9MUtU5F}%snr?%T+ zn#sgYt~p6<0BA@kiU2lcI|9sm$5Rfj*whxW07PUG?94Jfj#nN+v5XINTt12pX18MSq;3dGFB88hD%r!v`BxL(%8h}(M+*ieS7jy{X0mxB+$2$S4 zSEachtD}PnA@XIW<20xlXUUHUTmoPvH zGzAkX;-VvC%z-0W3Uy?qo6~eTD5G}c`;jOd^{TI!N>kc%mk=x;W`@iMsCct%`pdE3 zrmtQ(5yvkD2_&<-zQGxeXOau95D7Xw01Cn<+a( z4Y%@sr~7iaY$0f3O|o8)`1Q>z&=7w1$}XhQ;o7C2DSnfF)x%Lwf8#?T2Lx6pM><(S zYdQbn8@~Qbd0KR#8+DzNp@xU7^Noy|TQZKrry03q0OpNimD(WSg+C(Ux^-xg^KTis zsmMbCm@o@*P#x!!^K1@lWs*8Nz19%8PxM0P)RBc8)NrULo(P9_7NqBXoW{|8(FQiq zPm>*cGSb4uTQg^AXNaDthwx6)Ss_7w>Hgv8F}u6E+86G6HJJRhwRL2$tgkm}8wDR};zvHJ z2_<7t6Mhec%Y?a5D)rOx{pTf6(;q)=B6<_58@`tV6K~qxQ&A>#UCiG8-=}(yGGdo( zOY@yz!ysY&02X0Y3QcbG6cJs&(-3*RbeAnMvG6Kqmp}ZJcI0s^O$T-Zz{_E2QQ@;c zZoI4+T(!Fxt-bqKjaMpVIcLsBTJi{~`V3K;hYeb&067ee65l-98h73~?qXB9gFx;l z=0kmw&Rd)bsLU+Kn#;%a6O_f`F?w75+ zHS#B{22Or;XY66w<`sR9TNL~Bd2#~9LIKP^`%&I^GNWm!DZH|;KdFb`8ks`!$0AYq zWZkf}wO8WjM_{(3Zy%Snf9wDF#Lhur;&+Ws?i>bH0e0ENqO8>II; zD@mq`A$0}Fc14EWSk-|=j^J|q=cY6qw_{OJcYDNn-@d!N>dA|$%Uj3YO*b6udh*ih z4RB$pL@qu4MEnVsEgcJ7F_02~EjB)G?))REg;lffNWK0xug@mwwZXdf_IK4+L5`?P&ZpP_DR-M7yb^}5%igY6@K z-mTg5@!sIE0+W-EnxLwFeECXy-vv@?W?C)&P`b8@1bvF>MjVhCSx5DHpspmV$)dfV zZsQ(mlb=veRoLiO!t7u{f5XF zX}|GtVh`}YN1$b4!IhMQsDG~AiKz8d7Chh$Qdy~@g})Tn zyjXBM;oZlJW~avf>L%`tsUB@~Dtmcz>)`#9%gWl5ieB7Wal4_%Y`FkIXeIjG^9V5L z{fr-mErRa=WFm3*n4;7`XN0~QkYO4UXk9(_pl0k_%WLa}!=0lCU_aQ<>-MoeUG{i> zsfsYUe1#R%bx6%Xa)qI`1$EO1B+hrD+NPthvz7qPQY3{|5%3Z9oHZSP zNe>&%wuzq7q0iaGS?>=hd*jd1;IMH&km8SikrT8w9yYS=sno5~G?k(bp6;kJpTdpL z)tFdhH~{Caf=&kNt>NR99twFh;~3jQ0eOgh+=wLW4i9D*+Dx;d_G^al8Hl7VEAA11 z`w1d{*dE0^q140Y8$*ewKCa#%RYHt(#%G1jVC$s_f*c$K+Z4gHld9y4dlJuX-Szt3 znA5G%nBIZp%g?L!Rt)~tc4y#7&dTQG?YjZH+<#b^R1p*H^p@dA-3QQ-IH7h3s#3*x z9o?_Siu`Z<&A~khXTxrL+l_LPqk0bL?7yxDO(>v;!M6Q1qwfmZ$1cPSgqfTSzRtx& z2A;R4P~^rLX-_+Cw24>*BzhhRb{&;c#7eit5#SkzG+P|m;ze*nxfiyd114gB58BCS`+fh5IfE$QZnEMEYchhxx-UDALto*rZ6Si5sguos z%>cY}sAc_7mWSskfW!^ZjRQ3%xbqB*kZp_OPJm!L*}+F;3KjHms1NPTfbdK6Age10 zcF_BMAe~IeP`41W+?;?aX0j-jI6E_2WUcz30K6%MDr4Jsl*bGNdGIbTHCfSmt|sGd z&ZWV=_ReM3M|SQUxxVAZn0nT=9eY2n>S@~aJZ5bBPTkU#FTGjUMz+m=YhviD28L(` z4}Ne@wB#Q*ZUz<_3V?}<8Fl6ANC{ir3=Is}stQW!caOD={CO4z!0ugd-@7x?YR5dk zVta|oL>|a3$2x`~4Vm1|7>2eyw_|D~s-gV1&!fWqKWqP67e#Yo^5cp`I(W z_aH$?faPWCE)wJ?y2t^Ifs!jx>u7_03!2+n#*1szbCavC=YLO9WPLF_YebElD)vR& zoT=$RTtQ~9KyiAmCJ^9xDZ||s@TFs;1PDE28Tf5#AqMn7Q!{BBp!->DOC@TA83r6< zrD--97Cssi(cY#%aybsj3%6zKZ8mcwp~<<4c*FolcMN41=7u_??fY*hSa~G7$f3%A z2;0>bkuW0t^lU-W-q71SDs+vHGTI_)?9(3n;@x_)wQ}f>0oS%01C3=Zdxy$jIBmVi zE!JaLQjPvg+SsuU3-yobxS>~U#Lx_-@(6N5x*oLap5(+N4c!Sq z?S1!{_h@f^a?;2Z*8JrsH=PV7KUDSR2o4#-xE|;=%a2EU374x)JcA$k?*a|jPQKJa zX;isS?E&1ID62euy0InBj1^r7g=8bHhj392WjGLUz^e)W?HJ9!{=WC0j?u-;R76Il zW~g%|9yI7D?_)73av@rfD|qf`a}HcJT+D<*hz6EE^t2EI95EXzaF7p#q{g-su$z?W z8V8N6j=nB1m{CV@?3gRGKOvY~RL+is=In%yb@2?A(K%$Mi6udKsC(c}0=6qP)9yFRb40c$l-Yv+c<3YxNiA?A`GCDgVXUB5C|NRX{X#b~+c!dC;SOp(Y2oA17}$;qarRTO5m50F zWRx-b?$;Mkwg{`r1(gyHst>ji!K$Xj`Ua1;Ksw}DMHhV1E;jZYs{m0D!Rvvtvevy7&AO$P{esG8#8$mnp3sz+wogCwD6$6Z ztjXn*)o_J@v2VotblmtbJy6Zc!cYVq2kk9Zy*W@EGB$j#-8$*3_U`k2^-o@8496-;We@qM5fPo#W!NhE58L?S}z{2N!F(!fTu`b4!K zA%`=!C~gCC6=@2M?AerPHzMeH~To#=mJhz&ZE!R(lep~wQU40(#4I^;k|^)O)I1;d|P2cdrW zSRAu=^!JdEq`ytxZkz9C6r}G*U1Vf5!w^~-aX`h`=EzS3M=ploQ4PT(9Wmg9eKG{S z#351y-i`qSZeV4-z+ zya20`Y?hr!Y2ZTzm=d>InF4WQiV*q|d4x@b$4ubltp_Kpj?60W~&O}xEyEOg;e+oxaUHhwvu{s_A^(z;;a{r04f zr~4c8Uk)!#*jw<|JvUk7KFnPSDHR=9mPq0)4zg?l&^FvTE!y_+&Y+8?j8iZ5SXc^0 zzLXZ{YpXA=W=O&j#E8N%oZxtxP4&AIiif3RPrS#z)I&%a8iD%lD{z6MpZdJLl1|t> zzjpKF8NG*%7?~b64F?l2zzavOji0A9YPs@Z5AmVqKIEf6I)#)|b|U*|1d3lKIoLMZ zQd!xsuOZhEK=Zti?=95pyVtyKIynkM3gZJ6KtIzcFg$IG7q1DQCm*=%bE|p9@~TnO=SS zRaO2_SJLbE7pM1r-g*7h=GVV=tSMOdI7xu)ODe9vnzXLCchttUsx4vY`n@|75?x=k zNc9|edLk1a^>e%#m@aO8$(Tn)}0(oQu9^U;A01ecWnyY(?iUw-#4NFM$MYvf19M%t5-m#p5o=Io1ijLQ*e zr*R;!7KINCdPI^@?8@w-C9IHL2c%myjj-vBh6E`#+1{R@w&+MhoQxxaZXo6E>V0ZU zgs8ZB)k$6)a_Z+_zU3|M~m=iz&ZMUHMCY zyzbGTA%ho=4crQO-~VTD@=Vv+ds;*d7t=2OKWx2uJkM(FU=Hy2G7{dr+1bn7mfG+bS(UMGKiF#ib>TYYWZX2*jZKjr;hqM*17P8W!^G( zz;u_kO-%~yS!^KyajfE9TI8& zwu-(6_p<~73B`3-Cn`Cn$-L<&AK01AZv^wZ3a0$91k0%XjF<$ExVSn2!N5+a&~3UD z@qK(rn~QPveu9WzmN`mQ7CO=wmEi5etV$Uyf|9Ka3u>+1ujtq|dGb!cjs+!JlNhtBrG#7RfZu}fl+8!P?Ju*DQYm2UbeJU&?rLC^vFZVTjGdpCnjLKPd z@lJ&=&TI_o`M7rSPU{jwB=+UcH!CAcZ`yAz3ak`Qref_8AB?b z;76FJu`xf!cf4L&oO^xNzu4=OK#+t4B|(pziY1pSpPN40%etTx0`Y64WI9;%9q0*O zMRA3Yq&x|2(=4@gu2NF2il%ne`Opg-bxaycL(!WWu_wuzX+iGqud%ue3(^i=Z*1#p z0c9zeX?*LpIbZwUZ$rSYMpD>W8%2Js@uLQXo!!6&nvd@SB)uH#z)nO-sU}>Uf+wGY zze%&c%4GZ59AszJuSOrLnT!hf01>~HTiSU7%eR9wcN~cdu?RpFN!NJ0U+HEX@HMl* zb)haw9TdHe@>R_%+8}z4?xK9P*sS7ip`qc64Xv#MyMOE(%$VG>$++tB(9^`7OVyJ+ z3vpG;uZ!1QYE6>w{AU)xVU3MMJ-gRL{&`XE=9al1UiOBIPbZ_NUpFem{4?AZbLeKt zAWelVVSRzYP`ysylbLHK@7r0Te2n`F{s_UET?>eLN~o z(j`tE;H0)n^ES$4+3+`C@-n+wdpJs+Ve~y?x|}tVGO}(~O;*0rN#^tm656EJD9$G) z#Q%%`iT{yvn`+xEj6{Fek!cY;zG~?I$^%s0b>4cs23K-L#{7cMW}xoiF?`+tJl0 zva6}D{a%{gsh6~JVuCx~^+rNK`34tpREheK(X~j+Mun`2vc{3cPj5w@Rt&Fwm>*U8 zN^IlbPO7Esk_xH-uzR}1!=jQo_Wk|+2Qh0-l_iNXEXe#c4Cz?0p7TnIU}koe28K|@ zm)uKD5|FOGSPCO+?a@CzT!f{53x^6~7bfOl679j%AJ&kk`e^^IQ*|WpAA%FRQfVr6 zx=Yj=KTGd}^%ER_u5OYBFpj^h?0<{;H@yt&fE>XwTX9`iRL98yzh9T!? zbCrqiWz9l(?J7?1Ofd5^>BTY9BpGsJxUqvMUbUz-u1nI6!3@1TeUiRIk!}s@cakMC z6s-W9=NXI%Ryc{61r5t^jc~)n;VxeBlVX*Y=z5=}4>8{xf8?I>5MK!mb#N`Oz^Ipq zVL+u%^IyC_wy@&taLo3M+b!dhQTa>8ub1C=G|b&-vmEaiKjNU_Ae^tRhYKQBgK5qD zCQeYTmEr8SXn4mBMe|B@GPWV=7@;LknJLHcK80>O3ykOyjg@X|mJ7t3dZk zLl>uQx_1w(OqFh~4gG^|jaq&Fy&>kDnE6^fRy)B@&E=23K}jM#0hGqerK{Pfks( z9{!_cA3Zgax1kE1tli^ma0b=~8Cky$zxDY}HC@{I-_gkP;eKSM5H~ySv9gu{?J5vG zu;$AKtdZX74OqxR(1THr93vwAwl}Lb(?GP1H-QNuH?7OTLc{PGXHY6j(;FtHOe4%a zeW|Q&3^oC&tLj-#ZEvTw52$5KX3jOj4btVWg^{hFI;!s;oQqo)75B+9G0wNE5Wi1R z6Y8yS+3*jJbi?nBMf)rHp%{k9rr_3D za8eo?!tI*GngcmUcu!D=FG@0)Bu%p84S{l&OFjLy_}bWofp(*nnNP7lN7?V58ZW+W znTn15a^;OhW51x4Bf|}GjcNJi~wXbo%|Q0n}ISwmggW|`(l21$JhPRmF4v|`PohECF?IFm2mK#l==aeVxZue_jFJ51b4>2T(}PHp zr(~*oVFR0xV;ZDOg49cvf$2btWV5%7tUQpc&CVl8!jtE#>ZHIRCjZH&s{tO`$~EtN zB6&WkQZh@+MkNj10N~8S_XB4pNmLYThoxvdgZmf+M^+q}!XQ&iT^!a34=+E`TDxiJ zqwz~#he&?L_sX@C<0BKrE%}KNWP>ZO%c$xo3srM`Lq#3x${CZiQkNvJ#B=#|OD5l@ z+bb-e8ZO3meisS;eCg~Z7eXAd0SR+N0oSUu&cvm6!pT?iW({rgy*2IWM*m0y6C((bO<0YA8b`{jwsM&Vfc<*rEzkKzQDrMdNglC^!TR5$azNmEg zaHX1k!LF8@&j&{)hGUz;LqcM24p={T+#p3w1VI`4JuVU+yY2l<$iDo5bEtERf%30_ z6Nu)nW?%l_+1v*OD!fW360$Iw3#9-&bt;gY44{p(L22P4euumMo(M0_SbCZ2*gx_}9SMYa8#D4be?Dq#=RH09ov5t*yJm@z31NB&2|_1U{i zLoLHoKd#8PUL&UBG0MnV;eZN^5ORM~WjW3uAD${vt|P7< ze^S*GY?iiWhK=k&Ru08fThse6z)!uT|2g>lhc8Q@Cs$QhSM56e^RpempTU;)_Qsa> z#^&eNW!62!5)(M}IL2%ziCGQ;QO<8!1ZMddR9pTL{{2mGh+x%?6K7I){ zijrfb92kz-&WA#&8`$Qlz{mlB^+>PxlW$h_pg)#$^CY9vP$7HWH}bCV;jyS_bvHwj zGfp>8x=|>mBnEdA1^V$qg6HldvesB#|CD&{?#RUQ=*XKd;`W=yzG%;FU;J}#Vac&~JU`+cWQMyy-i5COu_8~ok88_cQ(b%OECq$v zBk)Kn!6GBCLbn5Xk9G8fU6;D3GLeaTa6IJYm#3jE07H zTkUO5Gv_Q?7B?cubNZE-vmh}85{=yHwN`h=g8aPyqac)j`G< ze?BgS)a(%kqu}CvT&koc=#d^5muJbh7*dWM2n90(9mcXz)Z+U}9&z@}s;?Y?dOF8K z+v*_m5o&;zy}9*I*s9T}nFqyzC`Qi!wra;AlH;}^5l9@`fkZ0#W4QPAy4IntyUPbx z?C0jEO}_Q)eb=_}Wbn6^=Y;XNWr?MDiXp8O?z5~*F3G~PaHM_alLgiwso2tkD6Bl9?)zIlzT2Z&&!JCeakqF-13*L^ zugEJ2O-QFp$f2*pdvtGW$Y376^5vZj?978InmUWQ0m29!mTUv5J2B3N@iKF(pEyt* zaDO8^&l2Q7(pcqV4fIc>#}YM^CUv+^nVg=)A3XqVTBM&UoegU2*OI!ODC=<2E+|(a zS2f~rXj#X}vLky$qSlLKOnxsInfivHB!R&sTabgYNY9A$ODH9# zz+VoI2_*^VjB-VuckP>XY?%8pp|a9GfE`G%LRA?va!)i6LTvO%P&>n(&spggM5ATG(}`H&2as&U74twUYa?=jJahT zc}l6?ET|4Mwo!J(#J57A7Yf@eAe+_-cW&f!REETSB_Q8u$N;eWG`j7qFeg0q?cw6iamSF_)0MBE2wJB2ciUGShfMRP z@LD{bphw0R$zVi;8u=H zHiO$pRBIF?)F!a=)%wE6N+DL+jM|fq5BK|x(-$DuC;~wQYn_hq`M+(tqz7Y>q79+^ z&HECBDlOu+F(ONV$ln7EtES~d9q$UnBN3>TAER@d?<`F6r%k3-=Eo|p-&y$fx?SO0 zMn%csL`el+xl~nAooGsg$CD0$F5EjpmVOLm2(_X8Pro_l$>`(Q;<}{W+?sTKPb3`! zK2TeI=(w*uA3oO;2X}1LKLY55eEc zqFNg#mUdbWuD5g*m)j5;u}$^rN4I?Oa@8!S?f@L42sXINTaidsm4&Y9@m9feJG~NH zGF~j|uU+w+SZRn_2@Kw?>L(!6;;MfCEJBc@M#$rLt|Tn{j?$20yFk_t9ErMGg?CZi zy)ba(;H$w+)Y;BJUPC8D!~yVeYZS`&D2cv>`GKQ>!=t!IXaO`um?kEr!=?1(e{>zt zu4R7+VwOM6y#|gXrG59xSV%00I=}N-p80gWG}Er})%%l`E&_W zon`P^f;rar`6Xm}rySqGXb=b$@dtEs!;&8pAa5p=C>`KaU67*enEsdnT2uXWa*~Er zjZIUlK#{aO(bPm9$6~0vo>jZ2t4iI`{O4b}%gQ2iJH%fPs>j~GST;8kv19FIR?Bd) zow!`4LBV7scXXTT-6Cz9b55|`ZDwhteU)&VF z3g-S$FO^jHJgXefr4!pyz0L=70pgs?CI$#s}Af*e(puYSmz_ z>o6Cw{jl#2Vj#GsqOKI4{{cv?p1v$t%LBLmdD8c;lwiu^I_~y71@iF|TtWMqcAbwW zHs6__xmXZmwCiK|4#V}0!6#ZarX@n=M7{E}@90F+7j>21&zpX5&KR7pa4d zGjDE1SKa6G~jO3dcqif=Luj1N|VAJQESjxE%{82$JL(@ZNJ*H;$8SEhAbpHBoIH_R_l2OFsq z%pCl(QLfy%~d>wm1?(MlO5cDT}&)3RBC9+;Cou-%$ z8uRD68O*q<>OT+jv3UMozO7cVc*wEJJtuCTE#1db-zKGlJ`g6TYm#H}7KeqN5*SOD zW(R{zq<1(uAdGE*5<`L|0Fr}A#$c>AkY6M9p;q}wmCg-Lk{)^WehENM9^xu-Ngj7X zpU}rKA$uYgDWe8VcfTl;SWYe zgQh?Tbg6W9`aonxYr}5t(f4#WHMFZb32SKuIkH^x#j9WY zD6E2u`OmZM#y}*1@fLhm4D}<>C!LYHX0VgVq3)^7#Nl(xi-QaEfYg^hc0x;C?3STOZhm5@*@wPH zDVj>Tlh9ud^+|?QbIm&2yR6 zDdTQygRM==b@b%bq06pDH%ABHuHqc{j532@V6Cm3E`%Cjwc?U9*?wrwm9hFzH`H}* z7(G|Lo}!_dT?Oc!Jtnr=wFEu_X8bknJatWgj{9Y^H2@2(rE1P} zGX`)$zBwEz{-H3HzmK>?rc%@^?3lW>Uq!x(tj~NR9= z>zvPUN^FfnG`Ihb>vaY~rqV%4P)do6-vB)ySW<9KCpQkr_w9)r*f;$MMbe(UtH4jp z!jiyl%mEX59@5_gUB<=zwwPIo1YXm^0)Z+jBA%l=q$OO-u1LUO_bP}j10Nl`yabYh zKj)!c2Df|%3SyRE41Ohgdd8piWDs)KQ5RR&vxz1*sM092`HGk2E;#wLjGZ+W2}6yU91o#S`uf0tZSQ^SL= zUw?)!ja1q%FUuySvDle`{I)=j$@w#RN-*J_2khW)FH5h_{N-#=RRL8hFUMy4$qUM{ zXH_96_BzQx+Y=96n{8o^y0jXLCOZH^DqI_WLimIiOOgaMtC^>4>Z?iBK+y?F$ioh( z;}sQu@U9gUcMK{_jJ)NY9C_U}nt!*rWl1Fb{P*pPExF^tjr$6EEeQ^ewS@_RsR6VA zI-2k-lZnTp3B(d?DnbZ#60yJh$B5y-lRaXsQpDOqxacnyq4bCLh!9Y^$Cao>*L53lkMP8Y5lHD&5T>hh>6yH4Eh6p;7OR z0Oe9hX3$bIunr1SC{+^00-EUc00a}<89#jZm>Qpu!v^acD9d86qSK%!A<)HVP^I^5E*IL?=1gV+!XtBAY>)xuZZr=r5|1L z?aHjA9cWVJO8CM!sGV|5$){|?1bNaPUS{rQ z56)T9N~J1BD8W~VJ|GdCrIQF54t^#%oj*CC+}Zcw>GsB3x5EE39`p59-v^>NlBJGx z34%azWsD?fVA`cv2>RA$S6PtX!1D|;pgN;k&&PhgdnR)Io`m3+O9cY@2~tXqfuJTi z>@{(FYK1)aspfd(voTtt!JE(GNWpb@G~fjsp~3=jv+ko7n$cZ z*^f}%bZ>JH{2rXcNOGJeqX9Xl8@4x_;p%6%Y{d%}-I#-Mp0VQ;_^EpSI+)S-6We#dga_o0=b(Vl@p zpXlBCKUH?F{d7NA%c~QQzt-b~L%bls`Wk0K>kcc8dSuDKr#~rZ$vV4ibgb-*0)0J0 zF2}k_E(hhTD{ZtJ?X1h3E<*cSC>zLz--RTlA@2Mm0AAg*$kKf%26n5C}TMEC)8)7sgc)H;!-Y^g=oJwp+A*RrC$d4JM(5{9&SC($8FKc912Pz8+IEbLYO!f$jAhI)NY zt#eOC`^c+}6T|CwM|_I>5G5%gT|5t!TlM^B76AQ@>&5Wr8%rJW5TmOS zrk2A#Hnt(K(-VOR+ubX{sN|;CWgYjkaAV7P;AO#%7KU{;+KRAGPs=~23dR-&VDcM2 zT$g}#W0~u!#NG(K*y%n0o|CC5+UOFY!LxcuN7Dk5vdj?X=xq&IeZ@~AZx5z#I&w_^ zq3qmzbiq@L(T?HBT7wa}Jg1B=QW_8ST`HKFWU@&W+M1$Ln1?=AR9cTyHp9~cPzSb{ zSs&rh%TI)k^?#YZ)8Zqhu>9`6@$%d>Z_mq>^y;WuS6{JyPZo=w<@N^&`)m*}MjJ!vqWHuH5M z{PoiOL?gT`Wx$GtZ{wRn&fD83(eD0vKP?zcQ23y_hbi>X z6H!M7r60bR$u*M?`sH}zH|8*5nt99$@vwnr$^USea~-vd>$7>tHq5c;C#t|`}#Id?tlg4KmWzgHQJqgm^=J7ApCt{xqJBm zWP;Fv=jz!kylS$YyNp8@nr{}FBvlqh&&2d-Ez)XVT!&&~#>3@^#Z6CmvB5FRKDh-; zvU5hopZ8pHR=MPaK~_j><-}dXQnI0u9C5uwsrS=2ZI<~=SvR_Eq*@mLn4Vz)Js@o) zeH~eXL61AcLYJ52DzynpN)_}WIxD7AC@|6>WE@gIIUkGZfn*zh4H%)+zoY#uYs zk68~-7kmWrT9&3mKaL?(mjFN1oc@^W?`I*y^)FEb(YiWv4GDZiaia(RFwHX9>aCw$ za8hU)SDojEj%^Dy?X@BsUXl^a5k)_*xQ12|dKhtJcXdbYR_^k?);;GHj%w5GbotqzmCQ$5wH%PzILeUxH?T=3sf2on~Aw9aCaXV z#8mj%-A!d3#t%m#zAoG^UU_xuXY8fepDHbDJHMmPZAgpqzk0#ZoIpQsiew|PZBa^~~9*wb@MD|6RlV`rZ5`$6*DN1WcM)T)9(gOXiA_G=#=>!{9R}Y;V(z>GPb8!~yAG zicxkP7L4F2n1cx?H~q=cOY*`GxzD@6G&DppHG&P-EE}A}`NDOD*tUk9uLd^_$Nmmv zE|=o}b;qj_3VW^eH>(b)Ku~(jbwy@M``N9UW;J}dLJo=qETZL6SfvaPUxS;j$#_Jy zbYnn167{n<2;nQpUU|K3q zRZDWK?#C#D785ZCC0VD*LkQAPf|XR8ct(r)rF)ao#?q^l@Ee;IU?j*^2E`5PWy*P&tcJ0zbqUA$;cTm};^EZCofr7lEK!7< z^8qZiHOwM7e_EE=ZZ#jusg|jc!kVLsB&k$V3Dt2!MtMVzukZU0$(F@oKlW9|82$Uj zps@!_6!%fd$|PkhF7V7~ zLMdHJ({R_pcM+j)x(+jti+;%TBCA4rx8qfcB{f@g0RJvY1FhON z@|sa43BIHD7>U|+9;=+W747U=PR4Y1%XNI(@!TzKd_0yZJ(ixwT(!zEU6sRVs%4D{*$`A4!792C$Nm%9FuhEnFu5G&`KnS)2K=8P z`9I&{!p0!3(Kk->i#SS$fV^d0Jp}>c>~O zq;z?A)Q^Af^%cY}jX$p}W{=`TY_|qn%DnRI#`Ci{N;V4bY-Q=j%;KgH+AkVq7X82%KH>uRCk?pFkD148C{f(lEDRoFeGmyt)cFZVlP$;3I+#^7 zaQ-n@o_H*5BjVvVs-+CqwM21;(jiDXB810DYiYq{ao&X13)8afGdhZNwHy@B9zt#A zaX*R@(=Djf?b0?|r=TYvI!_wxelau4^!dE-a&kU&af}yyy8c1iQIQP=3T@>o4@xsl z`W)md+)Op<)o;}zaYS7S8MI)tjXO5WjEqA-;iS6Xb_-fi(wd52v+dd2F~4cclMi-g z2(Mi^@M(7CQ0V-o&%5{Q*BvQ+2?}H#5#EW3SJiA#*J#-i6n9(HR(15Dk_!-aAE}7~ z`2H3d?)07%twS+`3A>tp3=)w^7T`UZAG>#bbL>xE=MLD*7Y@Ac=a)Bqz>42Cg^X<2 zRPgLCwbDQ(0A9b2IlYuf1hIxBdLw_WPxBTaCWIkJzPfQCBrlP^#hl8YDtrP#IKP ztvl;#HS=U;uEir!?xi>ZHLG`&S1OQ|6eH?h7N zU8>zn4kiu>^X^kZ)W2pW*_(llN;yYyBaTg@a4|X?$H~Mh`>Erd1wVXS7N2=OdcEOWUzifoafh!P%V`0q4opQ}*cD%p|C zRZ?#3God-K94R!x4291ZU@{np8=eoGHcAQi>l(@TvnS#gbBA7c@l;bSYLD(Ki7y_lOc%-~(NQF3LH@JVUiM!{M++I4gV!_8<4O zt7OWW?FVkzU0S-ml-l+*H}Qf0$}I2hyU)h^7X@zJFQLSf$*PZmdd3-AY2Ybj1Vvx6 zi>}d$@K@Jl?!7+nX;_FBkuhfPEA3D56hsJC_-K!P?8118%G2egiM7?B zCb_gc^PE<_->@|Es#>X^_b0xYa8_1^h%3El?sF-|TARpCmJw5&2eJ%ndM4L2!&7^o5>!w{Z2C6 zAjoWxM^=qNjSkZ1gwBVU=C*3?#$uN_I98c|dDRJW_t0`wqJo1}~eQjvRV&ca+z0{Ziu7 zm%IIrwTqv$+WtO|vT@+*ixM3Ih7cdh=MI28D-Tt!=Uni!^HbK`f(MTpXlY|j-{I!1 zV~{i**m0^_8fZ0aA*XV{vi;|e!M;OJVbmqZ(;9dj=$hE5?fWUI<+i zrj&yM-j1sBm``Uo>q>a4S7RMeg62X5l1q{Uwc>`n6`S(Bua7X=(=Fnqa3p>0_6&t1 z8OAMp6kcyK8hUinK>OPhi}Typist zJMhvr%=*7^EO`og+cPKohZ0^VKE-@D3Yj$47V)W_<>se!v~?VLok9rp-k9+qQ8|&- zjf-b+F#E}T|F@&-6hWG3gWZ29=Va{2Cc@)XD=NpkTAG^b@E%FrknsRY*O?D}1??-m zGMESC0s9yEC@Vrjj}aF{^J3YT}AYMTFM`P^uQ-%>iqZbmJkA)!Xuh? zztVU@z5zRE=x7fqLmq-(300=%DQZAQ%IYKrc1DI-XtSW~*|Qqtez_TV7N2y`<(o}6 zhY1yvHot7*o6Vwzq!rkCf{Wnu58QJwuFuRcAF;|thnOrU!!c41v!%SJs|i9%sqXIW zW}+ns^weq+Nb2GDrIDQ+%+?eIZQP-&D)&$PX#Ula!Lc6gm33bNw#76#Z~EMyQvCU- z;qXA;3fqmrIaArVEzgpz zC}_RBXMJDx?Rrt|HMcc#?ER(_i$yIfFQTW%rZXu$d>3?`4ar9Pbh(XIg~MSeUO}4yvfwbxVmk<=sC&emu#QHD38XR#x^pW^T06 z_~+M-zB1s07M_3FQ&#rCmbP`>Hrp-ciDa}^jsuo(4JpLxb_(n?Ys!51fDbgH^#ut- zdDt37{6$oV2H%QTIc4}ELtn=xTYil6Xxh$?kygJU`;;cAUVZyb31y^+q@)ZMw`E$~ zkVhpUfg;!nHY5QNRCQGogjy7Vjr)%gx9X~Z5sw2m^nvTC3uJ?d44P&|ciXSF* zo6~=T4KTWA*v2|CxyI6P=KEN>CJT({=8mnww+R(VDvwns!D(S+QS=q*WTK-48m~$x zAuiFkUXr=tx@H?K?yq~V_Ki02j#G!_o3?TTI-A`Y;#G%l-;XLtU zp87?Xlm9}Y^%^Wpaj0A5ZN3(s=pCRsX3g=J(jg$RNL;T2G4+P9b@nxEeym0&5UC{?W-6ds9XX4xbiLuO`JMsBj5M{#VqE=@Op(36yk zoWc*C;%x_LwjDjCJ!H!RuARV#ACd3Ie*50!IfY$@yCRM^HSAP>@^?^mGM${wXzoT| zWF9kfW4e|orTGbgiF6GtJ?k#lj}iGGaZN8&Q_35`aKFo63vET9G&I>lVet@No6`YV zN+UrgMrGCebjM$nD2C9wxCS%4&L<##i2I-=8e%I$pDxppzDId+ z&R^5f&K9u1W6xbUFNnY(&|0TNd>cadzUP_+m;)A(F{3!KADUI&RgS}=#P1(@#=90g zyeVY&@u}InZJR~b-cc{MeA)bTpGdOzLv`Xm-Dhn`MT&GCX*Va->Oq%~p;~_UrY&*R zPu+$FDeer=v|j8p(<(w^xLy{3o*cSbIVH&fk<_Ku8h!fbzwdl5?}Czft?@Eo$FxIF zV_d@swu!vuO9{$c0yn0h5jvYmN(Oh|Wez+?d3$9FR54glE!Iq#7lm=eH^ zHgHZ1=}iB+;1 zon;^s5JkoDh@NMLf13Kf6(WP9QC=g16>BZWN9;}}kDfc&s(1Wm zkxtDh`%5RSmQ- zOy(aYfvPV6{vn%RMqG~uBTm50b7dY7ylSm${)1j37iPW;3_``WG`yIhps+z9cw*v$ zu0xeDg-ygA!H7UApk*Q!FitTE!B^S#au+?$C0UVg;&(B zI>;A#{^h;jG-=C;#~&gdPnWzr#a_BN*&e8ncO*8e?ExQxzVEsJ{civFE*SX;J)l3d zE=xJ@-3v@6sU)ERK{!tFq)S6YlLSikB0~=1T0h^g{2HrmZ-$N}{xR1j!XE0-QZ|x+ zr=tS{g+Q{}`MIY_ZJ@mBaXUNvn9~a%7t(xUB4+-5ZEUpkc5zet%9pYNpIyd3Mo&2F zZV5)2TMr8i0&sTIwA=co{e zPV#J^plA^dw{4PGwJ{&=eA9k-(I>iXxBSFJ#^lN3T6ZhurF`x4+MA9icRUP894?B={Wg*{cXGp;PX~|HdDw}JOW74Aps43? z7&P&j`Z^l{2^}(m3;NBh^O|UDzjL8EI@0~2Pq!m0bLcjFK#AfRxXy6z5V5wm9d36 zd!Jnk3m1KS?(EuaAb#RNw^+&=vufAEZ9-*O-6WLiG2)CkF!nP%KEv5);!az&edqxm z8y6X(7;VUzkd{gEQf!sw*`cS-tk(Jfv-6@C=08mg_l&glBwD73WQar6Un=Kb{hT3# z6f|Im?uIf1oZA$fn_q(4pS^MFYNqGmP6+5*+9!PWf$eHv)%K&=mfI;&G? zm6EBm>1S;1WodK@J^Y5^4l)cpNSorKkwuMGO;l~!97$LSOGLWh6Pz@dSJgUL78?sf zBMnuLY!AG)reU9CuEYLXhuo$f{Uf@n!P|qyUL1L`uBpZG){Z(o?stomJ1$L}JCb#~ zC%rKxIHc(%EKdGN+n{m*y~V~%l7QFpNypcc~g{gUzjLm>J6aLVlzGDxFOha7>ca2*)|LXcTwc4CU*H%I}t_ zsFyOyK`D_`O(;rmy1?j>%b)M91;9L3RuB`j3`rb_)VYi8tb!UM~sUbar_CsbP3Anl6he6-c?JRhU1da0Ey)y2&*!~9h z9ah_O>t1$0`>R}K{k?qOm-0G~BN&FM9m&3?lI!nx+^;6APZYBrJ~Fi7c284JQycS1 z(fU7<*LZate9`UD(R3z}QnbI}d=DKdC_xEO)3OaHKaPXZai%6il=IvV*m&PFMbh|s zI`sKTI3S1<3a`2flnPr@)V8h3VjqZ&>A1P0LnY+aHwq?kTEO8y74P7kj~ud%Z$U7NGszq1>yxL)iy#J zR)tcYC!(GBR1-kE*i#E{b2nZ7`N?Nxxd2ow?#;fl3>nEgZ*O;h)Y#76zQVuzh?t0y z$>EI}@tJtMRt`E1nK?%>ki;%@m&{4fy;S*phB8MTzUU4a$R~|%^T+8eggkVkO~hu- zutc!gYTd>Ea&6yc#(_Z$w~ShBf%3Waf6Hf-(iv#CalY|!o-42(zu?~^t~v2AzXCSM zVgF)y`8?q&fah0Uzs}Kb01tf>vYSIzr#wtoD1iv*fFeG`^sOJWHDu;5`ba6qpw0=L zp3Yy&({uilVV`Epo!Ek=Hx#G3lFxR7`HC8YdKDFmOPk6pUHuJ@THn%^q75CmZlr>U zL%;qg4lMWS-BZZ0I`d__)qfe8b~9Rxw8aQ z1DApek33}lF#YE7&Er`AkE$P41}-7~X{Ms_BR7uSbCjhbsLyoJ`ws0#p-^b{w0tuy z7#*U#hhx?cO%JZ;ya@_hqeQ}L(@@1-W(>!(Vl2^=KG!z=Cj*v0C;XQto_~H+%zGsJ zb5#0u{;dOt-ihZ|Tv;Qmmh6$c`C!M9?5D{ciESz(A}NbeDT|8*yP|%4xM_cRgMyKP zKID#0c1K6sc$iUvmQ32qR_Sob+ruMldBImqQmPdSK*v#EYtEnqM=1yC4<$7sOii^| zz+_=TXv~SM%+pGmBiPVGX{d|*m-SYhWL>nNKMwIw)tAJc&Z6rutxaB{xTSI4Y+77l zI?e(EKVHioBErtJS_o%THe{Sdm|CkHGLu2~LQce&tozn=&w&2-y@d}wkM>+YzgM9k zI_mh3=i!@S?@Rj+pOr7LRAF$B<@LS7o|XTIUJ$$KyIqWX@8kXkPl8@2)yx4kK-Y03 zgQv&|nZ*Rnyg!6BBKs0AB6QK=7|9%ZxMYkgr?>^^oJyRLxUZDaF5UytO}W$iDB1jP ziGdf`xcfe4p~HA3aB6zGv#-N`1s<2tO7zq;twQajsj``14t+W_%(kX8e=LT$zAiVe zs#APMo*BhWKEgg+XFI8c-{ZH#gRN1Q>&?`AXD+$m_1HTpg`=W_V|#J^2?$RU%KLwU@j8ENPU_7Kek|;o z`}8yPE!%wJ>ESK48(ypr)46`?*fpb)r~e+|I@DJs>#x@haf!4J`A{8sqayowZ_&*n zRV2bhiuxjzt7KwvDb!qPx^!KkXZt#z`Yvt!NJy-K*z>5yIo|-S zHSQ-Yt6wof*}52PrWTPN)u}~5!lBZJla){>fhE81mK4U;m+O)^G0FdeYz!t{1{AT#fKiZ`jn&My^w7Z)$swe#n&Y(ebIy?2iiJL=BqKL-*bk1I-l=m#*3HB@97C%vx2jY6*Xg7M zvvU2?jxfFWrxRXoar6C1gJTMHwqr42?6_UoGuy{59bwN|#l-M>WI9xB{6t=&4x3n5 z(X#{M{w_?5(4Xy7^7;Jj^^>Os;wmW}_wMdmO!IuKd-!qMy}uo{SAE4)2N1sQ(?}+# zE6Z#&JZ|wp6(vYOA&L7OSa_t11sab}&gJMe(@u)cF{6Y~7ssrSxPRgZWGZzFrbtAU zjA3YNxIMP>*zo^x^(F93`2YX5R&CQUBS)8Q=9)-8Arv#rMy}<^5%HOnJD-rq)m)Kw zkdWNvCPH$3TJ>)uM+rINyFTl3f2bta|GoPD9{=Ow^#G8gJFVU$U5EV^n6e;cY;^0I2@lBeO0hUZaX zb)7Mn>pI;umY1{o3?mkW{3l*5Zw*c#kNi&GJgaB#SN(k%%z0Wq_q58vZx95{^VOKP zKfF!ocw9JgA8>d-Y{57cm>)-z#X`+t@ECA|dYea~0DGm=;TR|u7?mOxMprN%q1c9T zsKjiBC5bqP7hMM;Jf%?VV0A_c3X_&0=80?OqCD-wob}6uDkquw8Kdq*Oc(&d^jlZe-|%$u>c1lmeMXZ8QS80_6FcRMQA{d4$P(Dh3~rgpN~7yS zoH_64sUe43l!k>lZRD_1O}us(J#_}-B)mR@as6d`LZuO$t5DjRlS|+JL8*n~&r2LP z36vZGp;J3T^Fx3rx&jN75WFHYsl+gjA0+yBtzS~#48pCV^L#)&+qhB7qHpERIa@lu zoBV^vBd$Dh)A)WXRXHiiCf`u+?c}8Eq2*iMqD-9Im*_c^XjdsQPbO(F{ufj@|e(0UHfMP!laFiX)t>I^loOr1-< zyju#Y74i&U_B)1Rg3!z{bcP+=PEHX5c9}P#xS2pZ(Y4b-+q+AKvCnX)g|C7@M#N)0 z)q!2#s^h>B3R~%xZ+g`?jK&|FAcsDU82|4 zr#^pJsg$Yhh}?L;(k=6%GAMm*?B9i~;-6y|+AE&>Hr4Hvc{ex(mEEfjYpl#;YO-&n zoj!#fH;+CfvcWIF2CaS&8I~ccm@KXz_ohtr32u<r%KkIRf^EF(pf ztk=8bqc`ujUwf)-1GWmhZvbei40wB5s7*YpkW@ETuE-YE>#xO*>i;^Z8dFA2XEgm8rge z$Vp@Ox#Mk~@Yg2d1_UNZ;J>2V} z_|?JV+n&P466hs^y#Pltc9B0j94_-k*EpEM8sUN^bNFeBl zt~WL~pl|8gwe}AaArIb8x@yRzj%fN-pKBP=+&5a1=tbFWx(K)aVR2;1oqX&mJzu;4S+P`e%Uz*%4ihxRG-0+WK|Kv;1kEs<1idC zhy>U4;8hIzAgP9@0!-Bot-;?Z*aqS#j{?u4Tf#kYz8Hy+v-9_tI`{96IdS*u zr}xKF8}?c|-mQLoPUlU(%Ck8*<+LP|h(@ufZ>bYoSi?LU(}U}GxQ7+Tt>CSUW!%~o z#^mh^KxdCTw!$GU%_)+$v{Py9|)~C3uA(WIfru+#m#1(dWcyQ?+gsw zF>W!N6M>3IUI2)`;PHbLp@44Ut}uUdEuI_X#@x=lp^1#ED|`k+=S4i|`(mWtyV-qe zV}A1A!+k%EX7i4_-qG-pu~#m*B$1(sK*9IL`%^UQC6ojfkCcqS5oq1Gg)qA1Y~Hd2>TeL_qhu0Zf{hp zhwtdv?;{`-T%lpJ?bpiF;9xGf@!zp<{4+ZzgC`OP%E*Lr`%<>f!&^H0&YA3!URs&( zig?r+QwJvCoSsw95+Tg)51KC%oyUM_c1QRH+};@(nL6T6re&^p>Fn6a*38{GxYy!* zb!j}>r4eRUWslysO`s1s^vtc(;oJarG<5cvap)GHo5GGsw)8 zSdx;dkaio6fcpYx5dAN3Nh}IPOc)5%@hBz0iAo9(sLXvZ65N;Dgl|*(5E`O74k(s^ zh;{tTRur5`soIJkSK8-kNz@VQNWcNsz<}FiDCCI0IAiA*nMcrnXjc~Wb&{6e;AY+-=;mHq|lN-gZpj6 z-0_r&T~%EJXTe-|P19 zuN_kdiu$kF`04aR&*z$+IBW3oD7BmPU)1L68gdmA=ddA$TjTZn_ z;L$bIoB{}OMojth+hL}rro$*Hy4?;z5=*{C6PrL9+3n<)}hub70zJ7jXqaL%io_}jQ zKx+r0e?Ir=`>hE05+il#Fra)=W%;fgKP~nuUjsKR)PRZ*g&MRz*PpYqMJb#;M#tB( z4*ZJGLqeq%vl^ayJwUdtyc~bg!`H`c=(#gs7fBEv$N{@V!F)@~@jL#!JfS(q!|g{k z8XklhMq^;MLnrxo_x(dFM(Wm^vtOnZ`b8DdB&T$Cz-reDco z*-7bBFwb@Y;E{+;+n=bDyF0U_{`AXFsm=rh@PdxpgZPFK|JysY`I`Fxl;~IbbuWPS zls+^?+viZ}7*Ji|Qd#0s=~(U3_=Zd{qfslgaOEfeEsQF-7<3DBLX8Q}@A$;f0v}#SYSH>3Cz{}dhmCt)r zJD!o4t#k;lt}SmLiv)Mumj^3qe^%5!{yuRA+zW5CaU?tmoIgNGXw=#3;%y&r9=y%b zeisoM*YWdv+JEk8|ER4)bt7=h;tKmlM~7-cW`#us8snEqq{%rD3d!Xa40{K5g_N8F z+k!{-rj1|qV-q)nFp}u*e_Uf*l<<2)R$$mt8&}(KpsN{ z!@;Ks&j2ZfzYh4_^_c=URwO?sc18&h&nA9ANN$=?`xn?Y;N<|s%~JawJ*#Mdd{v&Lo7@eEC*Zo+VapNN73y)yV(o7&SciEPG= zx?7sGzZrI1${WTFyuEB_Ys+W7GmXWAGpkD@PPIRl!YgAon_?pD`<%L+dT%;CMI3=ut*O@ zdo|qY>cm1txJjkX4hOl$SGJirIhTEjj@1s8&ih9D$(g<;`&=r09R@1~%N)kaDu93Z zISi6bDw}`-RydRrsHH9r1Z=SdZL2-4-2QYWqackSxu*<#mmIM(ELdT+LFVe4F z4eAR#rRL1+8Boc4W9~a&6KeM=aNhlkb^lzM!BkkQWd9r^rCqI{KXSRtw=pFCt<#y- zqM9q_t;HQKp{qPVCngSrwq6yMEeAS58vQT`jH5%P#n#v0?G9BqRC>y~hzNqt-cj-m z7r#L=c$W@?E|pY5riBAJ)56=HTJgHV!GZ0l{m^l+f>vI5gFscRZmd9-clqDOmsgBv zJ}gumBs}e}Xv90nxp1$+^L8=B(jPl-nK?j#mJ#6y)DRj|mC(wYhK6w5Sk2NvX0UU% zw2hu7rJ*LaU@_;$(;or!59A*zkBH) znRVbg5rQvEgZ#g4c6N`X>PKcT$>?2uz9J#x^TF(uB*%VFX8M6s_LfC8jxsVO=bpx| z2)aHv)lS7+b=q8QU0WGk%T4{TG&u9Q=s>t5qhzNxqaf@J46dS(jrYXWOEAZ{egIw? z0O^++t-ttLMk4y4-~eM;F>0J^u5tXa>kkw|UGOJ*qILlyZj^)irR(KeZ~W+saXEMp z%;EZtsa8HkCfU%g75{ReV*E+r0e)hd@P^R(SBj}uT4rlIa}Ef#wb;YFUoNE6Vnzf4 zGjJim3HG#rG$K7>MHDdufT}=>8K>5y9A}Kg;6YMy z2;dX~8cA0x`{KrznHewx1oTa|{)jPJ^0@o&rH;MFiakK>ZLgf7fQ_!E|AVKaeBC?|o2rxUT? zYl;wO=MUgfL?%N_sk{r$+kI&woeu4vm=0Lq7Fd_8O44Vw)+Qw1cd)e`&Gj7|#4|dk-ra?Lem4c z$&HG79pFYTyz@FcO#GM(;0!~t7SgFJ{yO62jsQ05>|X93&|QYrXBBfCh*xsx6&ufdNaU$uIuu z?fWd#U)Z4kNtnDO>3ILnfu*TcPS)g^{hgnE4(r7X_IU(<*IK{)`F?f&n<@PI@tQ6N z)Jc*ynzWs54_Yb za((LBu|+JrQySEnIO>8MIE6Ss-CT7^g5xsz>b)D^_+P*|jG36VnoU7@QiDT8%?Xr5 zMhXfF%UBQt6*lmzc4KuJXLjtCtO3Q0#FKb804<1ao<8=^HEp+?Fuxxa<8t_LVwTKO z?ak@KeXEo1UxU)8SDr6Sd0ie%;yC2(^L@iE_{_ABm`%P;jK?|AGZ<9v8K|k0ExHEJ zK-p8^aB3_DL3I*g!8u&O2hh2F{;A^v|~EYSLP_!LR3NhCn^7w$iPfC80o3r?tF?gPqB; zq#|f`0Sw*@2S-RxO8t^JVN#T$|0Lt_VdmLV1*8fsFE()q6IWrubtz@5oWDVXYCW`5 zw4ArDT!Wc!+Y2O{h92SJO+-EZYCXJH zQB?=YEqkiBerM^=-gG^K_wN}?e_Fd={F>#cHvK=n0NjDByLp$xE?rz(TmvG$5!Fb& zZ|45jfnYm z8*%4D#5uL16K@F!$czdCVQNdPVT7X(S~u|`m2XBn3+_u#7=vQ`3-zcS+~Oppd~%&) z6rH=e$IxD2E(yTsi7Q|K;K|2q-v97K!0}1yT>UMnhX23^6pXcE72r@U3$AIjlpH@1 zXjDa@ZX_ZwmP0_J8d2J}xEIuzl=g)vw^09^ia-|H(*nv%pyUL+?ZB^8M6SoS^0Zk= z%v|s)p!o~qOb=Rv%$CPXQdq-@>c$YP8=LybD*8@vr>5^ns{1LmQ~pye@T;3YQodJA{umg0$|M&C?lUZ^7@l-oGWmKE$aHV>$dt=P=6c2}xHdF6zwZ^`$G$_j___T{0`ev3L#u6^n+W)2kKmq`}1 zm!BF|yc{!Mf#h@eF~51d;oS2F`(HHCQ=|}=!UtFGRlM4%9lH(AF4)n-ooJ}Z4Sg4-Wblhl8OpZJEF#ZAr3bLX`+* zK?TDA?rEM4cDQjVN`ekL+TO4NUl0q%vo`&}w$;RaxVtRuQf3resrppg&; zp~0X3w0YOx>A95nt@81eo|SIFn)iuF=gGFc6K(WwIp6l_dG}i=S^rzsWxXpysWjr@-;V<+-$IBU9 z6BO6DV5CH;wBSRw>sbhy z;{`MPJi29*P&(v>8`A{fWd#|bN{cbEhV2UH9SO;t;qMF~?&9TTYzYyE=wZT{;vvR? z3Nog1)EZD6;@@&pT*fY1o6afCn;pztI7nB~8_LPjX>pq`|Ublz3=J0yqkW#DY5vF@!mzx=s>nA( z{W5K7e-{ohX}C8ooD5jmAR_}Rx`i%vl(azDR*pa)vNK?|2t{mpCE-_HT5^<% z%Ds1CjBV<#Y;_@**5yCcbFLxG&v0z&v9qo#5MZ819mzfXap{AX*8I68=VrG<(n}Fz zVQ0pAmChJU<hC9A7bM(DFtwzB|JX{hb|**a- z0WuJER7hg?BZpNHlC13#6I8eg27=b$;b(x$0W~knREh+SjTsZ=5>R1yW5^x~Nd=U8 zf;n#oYLCU7>g$_v3hbSla){Y@{mpXNi2kjj#{J4h*Ec`M+6Fz#8271rZ#pzH`lWzJ zJ|V_E3sylDY0;9QBv{J=Vs&S0iG@-emoe_?UT#Oa+|3v-ruWN84OMwsWc!aLt2z)!Yk9;{;V29id zdeTHK0X7OA>r>6$0|TG(??i8OA2y8q*DK=Z@&Dsr2Uaj4H`0I`QAG~6AGpcg*m3J! z{H-nIK(X#LA&w?PQkvdy{G->aHkW0dZfCHcuKBRbN_*O7@F8{@9wM4dq$RLvL0)MavrPh+A6+H@@1JV>G~5>u8LdoObWw}Q9+_u{B0Ym zf-UX8)ZZ?5E=Di^>UzaWU)H-}qoXnUejW3ze~dYd8d}kyDO(G-*+Q@o;p5;SL7s~I zwc`SN+Mm&671_LA_lb!yg9k-5I7?T3$HG zq?~#Ut8#c!mwC)fN&^TWZW8G%1+L1BqUT}%t#ToM-(A zxDXt4Dlmci3x*7W{okrsSO%cpcwo1`8j3`>e>J;_I)Lm<0r&-BwV1&Q$wU!_?AVh~ zq$kb*q9>a{K|Fq@M2IddB+GoLxiK0>N%KS-5-(|711w)p`Z+u$j1<>NDeorpV;uO#q zyp9At4l|s;8?)#iQSaZ{G@awqXMIa~>E4CMH7E3(du5jH9aYTk0X43wfKghGQt1Kh zQcXlqVHrji6_08{V`7m&3M*#FC&(u>vrRykn=Ra2)Tp=4b68Z^1CIoW8KMW6X*NDC zSak+22#m)JN({LqRaXq^?=YEM&b2byn+R@A+4@fI{PbZh>HFGh*!tsr?mpi}2dDje zWqW7)ra$hi+55BUYeMMEQ(KzJ4ed8fF$ruODfTvz?)3=e{eo9I1-gmlvTePX)I=>K zpOsnPf4^0JH0t>N4`<7LG8?Rgc3!_~CPujUKFh9PT`G++bZeFwoZ-^)Hw= z2a?E9^+6XAE(3l3M8ga>1qIO6i*6wUbakSIGlSr%3z=?gKjGdMfQYO@K${8X1)Qf& zx7h{I8S%T&x(m{hSFaq-0k~`qBf@37cp`sDXSIS}3aYRgs2IiQ8kV_oniO{nycsnA zFoLo11={^@9#huarZ-l)^M>p9 zR^59TFmMzRD(hRFa8!{P%0`hu2xo}$Mu_PnJcH*Df}H_V=n=};{i zH8$DN7@a&Qp|C~8k;P=~sSLO<+GPB!Dd2I9x?-uivU2K5$b?Smh3-ZAgX7LGeK^3( z@18Ko?o(3k{=nz+L1%Q|M^M5t%nc71YYZ4Z8Zf3~bqXoa&_ct;k;Qlw-&h6~=SrhXUf%9phd-)hzWF~`@f_I<)>>Og z(_IpL8y`&TsoJ5Ksn2k^Zsm8%mzDy9A0eVm-XdWvc|P`@L%oH1E3ld+lLz0VM zj?OIq@tvr@hBiKVOmD6a)p|5f`rkTyro%JLFr%m7bk1uXsjbypilv}MX$*$lWe>ru z=|T4K2>V}&fe4pZSzBYgARO1jMfpP_Yy{E*AI$Mb3n~do7z4;J2zB`XhEN|sU%<-$ zfl#Kv6*2)uA#3ooLpb1vC?X(qo0h!&Y)esE@Ds+54%@HjX}N=0;6@=<5>*vb3KB8#@k508H&gw)v85$L`fsp>87PsdJ9F#`ryq~B zjrqzfJ@*2DM`Y10Zg&m=Eo_nAaycv{r2cfT59pNb_(c$OeRBhKrXSZ_$ZZN3ZIYS; z4FJ$%71~rP z&!c+y6IgQJFtTI)T)TU<)AYB;`Tk(-J?L=r$kTp0$MSDCU+BgAqxlD-WxOPXdhsz*nq7 z(n8Y4F|HwLGk`+5_+=%`GGjF@K|1f6KlQ}4zZ|Yz zd@L>>k+V9FX|>-i6$Ih=M0|%1kJ={Q+Kbg!ERzM2w{d&VP_05JiNmh-ouok<>>(i7z3N8Cyun*Wp+fzda|5 zhV)|#jMcDljMMC+rK(mIIY(7X)vZqD)XY9^%I!Osy0SJB(&BdL<2w-c^Y7ldb13WG z`JubV4V*PT1`LNa%n3(AI&Npta%upZZVDh4_>Hk~gT8FGl5L!?YN_a*e;~zQN0E`T zBw2)j?XQU8fR+>Rj`i@O+(1_bhi2}$DKc1HRv;>%0EbbK;AmQaw3jdqV{Iu)gC-XN z$=apz8~1E=s4Vd3P_ND}!@1F)lM3aBrh9zbzvvc6pBSyub*=n%rF~>a=-aRBzK!~m z{)vV1RqOpX6APP%d}o#Ybf<6iTo{R(2-w&t*&Ga63Qt|~cvx%1&-Lj!=U#B3Ac5pX zDPc&V(THa#Bq9V`0Q1IonG(HmsAwq-Q(QSz?ugu3Kqm^nRLo9ytezWO|2OI5w9_v- z5k0ULI?&N{=GFHLr!4BuLS;eXgE6VM;evzUPhG|>o)rd}DGB%z0tLjp`ndURo`k?h z>G)m&-<6Sn@;0v((JX%R%nw=aKaz&GMcje~1g?$YU)m~_! zML@C8HSFDr!y@0%O>qMW!g3dHmTm(uk)M#gpPegIlH=O}D79Zf7hoj}NFZ}~SAd~t zyLj(RHF)pnctF8Jh%MXofHwg<n<7PYjReBqPX6NMYA003@+{&wuS7uuUaI zGBa4YW@3?1pJZP*k^5XtJ`cqCt%=E){@<+9NO!~cm6tl7N;yO&~om5 z$+@SAm?xTkr{ z_Hkulcb`*?Zp?Z_#8qy@MNGmaTgp>Y^o}^Gcqldw6RAa0B48v(B;ZC!8K^|Xd9gpV z3ZH3~Yth4c->-g~xmi0pdG%9F$DtU*pw8Nc;X{s>wwUe6AYmZS3374(Z;!h^$^_q+ z@ComQ!t$QGZZd{V3j(e-L{DSwIOB!#@rcxg0k}D@nmfiY2gMm6P017CJdTKmM18BA z)UdGu`?l9)z`&aSp%}EJy;@j+ng!cdY=O`#;uCUw5wHpbDdcX5_*BH;?7q9|uv8VwP9u!6kgRJJH4oZ%Q?^XZ=72s^y zt?@)fbo}U%L!XV*b2~kDY_4T*ez)9sp*(%~Q;@W`)d33OIUbzoiXT^WlhgozN@$1~ zv4#R5jfDp9?tXYA==_EmV^xZY76o2A$tpW%tL{a%Ys736Zv5-8@%7%yx%M9e&MW_@ zZHD}>>5ebmRS%ak&XqOpx;C1@Mn4?d`%=0f{v-*kn*sEZ7b()F!a08mX|cfmHKLfo zheaCy?~d_fWS|ytVxs_JiiBX>5`do?*PywP@ZAb++m8V470mPm8H1aC5=tmWks&Qg zXItTsql>J#apQQiB zWp>rG;Y(7-(3Iwz=z-nqm^V|JI~tM64rm(A{$&|H!48UpBdjhdWB$@# z8}O-&ITo?hJ=dceL>q=bEWvI?7GV&aSQLIHAq5&@{2_inP#&O(v1soS3Lc?a3hN&o zb~!bADb=uhzIUv)bJ?h)dp_p;Mw@$-?xBfe29@5Y%58IwDsJ_vb_8AHIE8E&d|5hB zF-hbPn0eLXBM74#fDJyn89T#R6*t-cR1=cVFvQB%XweP?hn)*!@6}rHB}}h&N-JnI|AE#x*R!Gt$|)rlOxf1)wnP zR{#tnoUIO2D%I`6YEyEEt{h*n<=TGRiC-@SHB4o5K)9`%e*1%k$RG4jhW3xFWE1Sb zX)b%Oc#{`(mzE-0SH6Y($m&~}&070->D%)e|5sJzna?sTQlN1R^%mnW(pxn6u*L}h z+nf}tqv^`~nU?j6+kp*QKvfiswY+F{nztD=j7h*yQ&8eu>(b&2r*Gkt|0cC_Nb%`J#k^*+i84$?DZupRVv?K$Mw+1 z24~$IaLjWh$`BOs{PjS2a0w8K(}(V=D*?K3BsUMVK|gQvYi$ZR*Wf%HYBiSj7?kzc zDENE<&NUv%uoKfJ#>Tc4!|0&;kOmT-Jc(GA=>nR_fXT1h`pqVJ4%j5>`|GUxHn@X8 z-!G!cfFB1bUG1Ex>Ko>C$dhvmJ!*$?qkRB%C{?%p-r z6n>TYe?=&&g%}IC)i0m$1F92{qC~dsrr68`O!}ILelW-J<|%-Ct28q!={D&sbwDtH zP$jBf%$b0W7*HLg&S9JY#n@7>2%Z_^+kq1%lFUfvDyvhXC28S2?-%<9+8JDux)oiP zw~m-T{J6)dTi{{%$)jVTa$xY&yOpAmvkAAokkD;#<8+p#!1jj+anT42J<9C9Qeqsz%Jh= z^mjmQB8yO@U|2S$fQm8p&X9n6X2ha!7+*^Dpi3O=!H_W?<&CEzi?w_$#sEJ6m4mT| zrAN;UJhU2X1T|^{=R?vBD^`lZY3 z$o%7UW`9_~sq3ioIZBF-&$V#zNPHYsPcuD z?Wr^|`g+x)vT-yBP-1xy&!?{ZF_qLY`E~tDJK)M!Cxdj>S48&zv(O`G=u_o4-v+tF zj@qZdyOx2+3|2T!gKLmK4paFCq%y1T>U-jC?TG4G;og?0{7>LHrHG zZqN8rB)OV|WQ^lOGWHjblWN%NdgSjyP{V7Y+f0!4FhPo1Y!Ms+249&0$`=0oF*t8l zs3OO2NAOPY)_FFTbLwk1c-FUh4gv_n6+g2zKK9u&*mT;4+_cQQpYqm;F&lScR=6G~ zTw{jv`f_(RvTx%OSli&9cqe{ou$9Q*>l9^#=AM?(85jj)7Eh&^UBZBG2`w1%eUP`D z-6{9Dv+d*V$-&KyxF8Vr9cOiYdYUU2L!L&cH$GGifX3@6TE$y9gh6rU3XH(N_rIHVcRTJKpNTJr4h2wp1>4 zU}ko1Zg%Eq9<>1+;%aUlJDJ0O*b)Oa_Qlj*=%T+K2b;}Xn_cy-M&6BN&z*cj>+0>j zq?KJ!dMwXcnUiwu-qAc7lCbOg>jzs@5CqHt2?=&x#;*1qu_(677P_t9PEdbu3UKw? z))?S7Hk8m5zmUMw>#1dOtNLUK$;3D#uflVI*@{+79|jTe-5W28bf*BWHr)e)Qeh-bBRuG#<26#7&+m!xe_(Mnl;dA*f;6^V_CPyX13Qa zEd6$`DuPW@!7=x4L&DI#tm+b(Ch_^xmy@`)WJAK@2H%x=>b1C<@H>0VV$NSdhEMiP zSlcVqVdp9|v)dE|y?F-B+4-9rhgY|6-+k~v)Zz@-zGt&MC!cYS&1{N40njet6Ghq6 z_zIZhaY}GU6U^+*3$~U;TnjdSi%A1QV=v-9_w-x*9Z9Z>XC9-6OF504W*EyNT(`n4 z1zHFN&(=DWz9%P`aELL>rNq`bpGI1GR%*icF&ep~M>%y;H5fOgHV=WXuw7iOM20MU z$80o}E>VUM$ab{w+eZKSJktAb*79`z-Gvu6ORbSFcHcKQ@FrJNR2~rFP~5Lc#gxEX zaIl7wL}A8hQOdA~;8Ln)FajbV-S02nTzA-V(o=r3(TAAm^P9^)(RXIo+``?P2cC}Z zZ@y4$WkcJ()k4)v5r0SpFUa@`4ROCboFSpN2ZPy{u+_UY*jwPpyupnK`AcX@>}6zvD>&uwA;n9km^(~0&JhVXCInY-iMs~@hrwVwl4GIJ*VLl2LQakfSQ-X{E7` zWA9kgP)aI9a`y}H3mA(4#_R&FHWP-FRE$v<5Hx#$MM@S7lYUQ=NCNxqMx`IP*{GFuoF&^ z0y~LFz2et2;dz?4E!ayXG877!K=Oum9h*5iWZ#|fW#i>)-_3iI9lV%LUi0B@qnly* z!|!xQ^s2n2)iS(J`6uJcAxFQW|CbQSs5|pWRd4{=sf7J1G*O(-Zv*o>Q-aBXhg-ZE z{TzcVW~#7>Jw^#kAJ!OF_~W_@_@!hZx$l=}>?uFZVec(SFNQ8JW# z0*2P_ig+y!fqa3%gRpmyG6@fYt-+oL2Tzm+e462asN|Xn>}ADs8Gn&Zt5tF897ML9 zrwLaOAknwD(qMvZ6I{GdQU|yM>8(Z@44#|7(u8LrP&#nGgoNO&o_IIoN1`(^gSJM>EQY~pYJcWf3vY!o8qi}pZND0U-0l{nX#87L-xx5 z7<X8Kbuk<9BZ_^qrwTDyF7ou_N`QNA|fNdCdc zx%C_^>SyrrA@Pj^P?roMH{L=SaY9exN(gRz2LvJ~?wYXs=GuLh$4P6vKbXuGAsCjN z*r{jJtHO{3Q<uO{5}7NYq0aU?5n~Er;enCwd`7#jgnw`ik!SC_6N}Xj7(-he zp^i0`p5DtU(c!#4xz{Wkgz`(YoFZ$bo=d=l?;Y&{%Uw?@bI!d!sWiZ+>*rbL@aeBl zDi2WaXJ_2I&_z3SU8aCGQ+SEZ%#m!ocMn+ey?aWHLnT8w)>Z*yO?S@&V;yVKE^o~1 z`xtQl`)E_O@~CySD6ls*R#OAUMw_&?iN2!|xft}Q3*r`TXz#<*DoUphm7Yc(P&X@) zw0(vmexaJ1N@rMqR#kXSJq>TyWbOfK5)(8&CYL7alJ4h(ldjEMzaAoXFvACkM*6{FQ!3hNvGh&7W1&H3s*=7{~;J@VRm8=#ACR8TtKS zw(Wv&WZ;EO{+#^&whru?TMUK1|E2<28V90Wzd zggcT$$Um|E=pkUC;+CGkOi_*rY9NBUGJ>t&;tnyaL10JT=Sq7zaL;+-cW}L-jGZ9P zW8JJyBb}sm;PaM`v?6YDGx>)VbCZD`r`SI5`uyh1x!v8b=EKrEuP}{_1iSMWa@YU) zzwB7QYpW;9nt!`ZS4)};%D&P&aLi@*&ms*h^6SB|H&s7uSCZSgxqa&PDTUiNag#fo=Cr`4Oo!KXE%;Ary(Gz420w zH&X|D$i0j$FI>MxdkCce(xcvmss~b^dp*b?tHB0Wk=#2j|OETn?Q^yCETaGVqv!JM4ry zX0Xy%7~T^PGX=Q^u_aT{7>`J~J|w&2?30W)h^5toM(=Xhqvsbo=Q>vwH*zQE+ar$Z zjfPssW$b-&b~_S+V_APjm|pS3A4&igjE%j-K^=XAjs{z}4f87h3`ud_c zZ*#q6<)hhBv&_anR!dPjS9^LN3^W}rD?#mKSbv7uVu(UhS)M)!S>qYO1KdbOdCiD? zVKvp<5FfJ2%iAi)+RYw!50MmpXXQ$Xf@t^3ijT*<$nY*N@Pj}Q{VEEgmK>%_ic3jW zznvpb352>c|24bMj0eHSvA^&_f~K?%LR@gC&QVs}lT&96;D9Wnw9fi8QsEa?NbN`b z=?SjDlbX`f!0rw))VUR60xbv^V2FN%lk_%04p$#cJ91LeJ%niwKCo!XSHg+MU&7f} zp)w!8So75T`L6es)9$JK{2w2b*UoMJI2&^GB7h72@o2O@AurhYw59%{A-_EK&XGbA zt^jJLj**21q<=hk=hIGW$#s~j}?vCP~3!7){8; zwUTW%GlUeOV%D(D{gNn0XSHrpInu=?*G-hP%_a9sQ7M&{#EG2NskRc*jYG<5g_D{h zlFRHGct{{P40_jvq!WWu68dw!m;=j-`;y`8x=PW?sXHjM>FT#AZn)frCql3$@t?Phff=SuD_l0 z+eHR~Xh2{RxIPXn2NKKDQc{SbICW`ZQ6`yogk)_uGG5uD;q$WVlh3|HGwJFa`L$oX1vB-h z_zFS3M@k!#m``C9tVY{!7<)veOAAPCD*3wtTyI+CZ=a_5mK}rr-OpO4HL42<6zvrzdWbr#B9v;*xf zI*iNWuAq`EIo_g>5X2VFbyNf5vI^(1Dp2Bz|7cO`TFo`qVTCZ?^apz_F4FYBtVRv` zclnsd`=KMZJ(AX4Oq%=4+GU_;ZsfP$#O2NlQm*6_^PSR;Q5ryob1p{MG2=?ZL4*|B^@LIO`(oT#B_>DlJ80HWi z2b5q{rICLM50#f)lWE{I3-=+_ z)GFA)0cQ>@;Nojj+O=^M4#&p^hfCge0j#zLyX&icCU$+6M>$OOj{T4)zCGZwMqc!( zMcS{u*5hVdM8vl3&vI1)_AXTQ93om~!v9s-5!0Zx#tO^n#fGIp#N_iP8T~L__8#_D z7K$fFMdPtsBoIH>HX);n#kWyB%+Iiy5Hd4!qjlts%hA!%w~`yMx;p-kq|rZZaX-VR z0$;E&`Kr}__1|_@8q7aeXAxK%yYVsexsGOO9Xv&ybwi0oh|~iM^)Vrf^NDJp1##0n z68!+wA3lq#cn;(?ltyf%ww~w(2eNzC#>UuzN75F=E7BHmVO@4)g(Wgo^ZSYtND#f06s7n7OFWkYT6s3Mv zd8OY5^v!N0^U6Lo=11wp(wU>(3G#zepLfY8gb919P|-pKQhdLw%$&Eh_s4x zx%AYtXBkRv-YORtQ2$y)z~V0iA(WN#FhcWML3J`ZKX;`gDMl1m31S6?eVb=-%b@bY zSXQAMVS8ZZO-B5i9#YP^j)}#sanI*orA^5`8@m)O@86qkS_ng~_dau{^6^}h6Jtmm zVxVQAB6g#OAheXXRp2wK5d=V|=kK-^Ws1ubqC^5XC9uP-+p77%z$Trmu88$hN5%0b2Rx^+;uR)9S(?&cOpKLc zZ%OU>OEJ9g#)E_H$M1KzOh2BRO@q0|&ao5YPj6h9o?IMh`uzD4|C0y?il=Lf0)i@y zg51G@RDx+ovMeK^S6Y!i*MidWQ6vKx8@) z^dG{~GGU<_G(n}U5Y~3yej|tspI|D<8v|V9NXAFIkx2L!d$%F&GW$vE1=sO zFNlhl*m25AkgrT`r9e7yz0SP0G6t3*GD*-aj)utnw{!*f8{5sne;zL$r|hPZ)U^hVjZUTIIm|%{}mIisfWo_sm$T1 z@s+egPYh&@!%KKftM%+?zVsbVmeOp;U!2@$`qh|jWnyg5^hsKpv&DUX2qjM8#~7nr z4Bw7TN!KyH?t z%ScbqSC^u4K+?x+_vc6ANg_32X+{Z8NpM2(t6<;b{m8G|8pgmJXubAmYx!XB znVFAuu{}Q7tM-%zU$om6Xi1GgBPvveJNdo7R{Ft+fln~))A&x^sS<=Nx7j$_w0V6K zS%@_X^}Nc^V|zK-qWtpN6_(`EP9y?(fdi+%X?ip^wgUFt*`oL<3Zp^`f0l4D83iru z<21zjVFMNVLsUBk7o&rs`c~<~*|5$WAGA{!BQ=9EL~iNC@QGX-l(vd0-*pICi2*s$ zNCDQbtwzOlY3&M9;kaV+cbnP0IDDtL=U((o4{TVy_v5$+WQOsx66xUj{t+AN>c95b ztV{{|ljf&`0Pr}mPTAmhQI+@@Tt?;gieU8FifxrBq~G;JgS^?nhqvFfl+1jKy%ReC z!od2*^n;e|q_JEA?>x4YxBNHqZ`evwi;^;%5jSvl^bU8c|Izrb{`^Twe}43|1lR}% zY?Ma0Rn&Yi`muQ7ymq31(Y;k>v}|1hWQ4;PPJ`2UJISwz;bcc!(d9X0wu_A=fx`u2 zyzzu0{j<`%KqX~ypMW~r2{|4e@NrON%7Q`S)gmaF7b=1Ckz<3l(gn7u=>%KDv=Z|` zw0YnxNGC`f_1yu5rW6At5ZFM3D4_9toq1nXl-<`moLl%}@M2QJ+~0Fz@HHVTv7e6Z zD)%~lr`u)jhc}nyLai)Nad2VoOw6mY6!k@bKZ3jf*rx5n}o_ zZc)YwKb_$`m7IH_Q(sOcCB2xL{U((ieEIlm=UK%9?$J;f*DI1*3P-qHp3}tuv_9ulptBVX<2@Yz+|?SV}1Q zG&ZAsH+Vo)iVwphzslqnH8w;25oHIq0?QcaI!K>n8ybuKS)Ruq~ydp5f9{mM|SiH+JpSg*3@>!EN zbA2;=8{~r7HHFI?c9cE$Gqta#)4i|6FqKmXHZu~MXLghvWt}Jy5ts6R3hhda z4}1-PK^ii!i?gcES^b@>P*l+wK?X z{0(MeOx*a^$?Vp|w(_#?w~w#uFa4BvF5MB1dMSryAXqo*^1@OqIT*;XeB)SLOI0>X zClzVu|2%+FQQHc-Srdi(yW7Epe&hCejk7 zWRwVq!(xh|0t1SOqr3y_X?{V6r#4LYkmjOP0d_c}Cj2nOrpzn^%N176##XtoMR%eWu;rwjX5$67r4M7oukFvLj?D^DOugL8_p zw=(;(qNoT(E*3S1{ z1A1DKjtOmG_e3zaSjRqR>jnTw=D0{L8ktATj0w1&uF0La^U(K5_MPSW_W!cvqIx;>)=@ewk9mMa!P9nmpMtzXu0bk%|I7q82A zu2t|!$3gjzz&lBwU~$i((ze3CRH}7IZYePlP9+GfXj8n&z-!HqlAGeVfy4Y$B4ktS z0B2m}Zp+)Nc_f%&-Mm5NtEYJ9BXwc6Wkwk672kv(B!A2hQyi;>go*{Q?i%~c4u(SH zq?GuFqWOW3)bUFh)>sp!D76du5xg7iP!mf@FE6_p!{RA1tz+;Z=E0G@%qxLAHI~Z{ zC(XUTJJWHxR~~0G9Wy!VI<_-lvFCdGb&sNy|Jw^t>1C0_WMIklC$i{p*X>gg2Ovr_ z#;HpF)H*6YLnWYcW6}A_!iK`;BHtv3qD1+a^Z;m<7IS&Rs#xdZW{FfR=|ff{(BKC_ zRK(zMoIs&_qpoOL=PJ`V5m@98nzK^0miQsw@O+p=N5mqPwNybFVz;$&~% z4xCGyH`M<>UJw=wcgqTSNwuSsR&06T3Q2-RA7y-K4&S$p0}0p9R}GBbG4*sb5C^Y z`E6WEWsB^~jnZ>2eQ>yqkd!cTz*suao^WBAZ%N=@td2UG!l?`GW?pp{X%0hUy_>Bm z>SE=&)Dx=JWWRs=&K#dR`g{hY-Q?5Hlh+i^?OdMAGP`SgSM8$ip$2T|+8wAPD5?VE zS8VQx*-s7GaMdjsWIMJ06kNMXQmO%TQA~k->W2LAqsLXHXLwI?pRkQW zQB8Cw{1%CNbao6aKPaCj&4tx}@Se?3-ob#VV`%27@<@br#V zYMM~LLAj&ZH*9#W0E#SxEB1Q2s?FiLDwNyq>pKQ{EykxO?<6@+eTcnt3>*qm>wiD* zJ$$;PJ&;POHY?@vl+4leAu`7XffbtfX$~CIe1$c3i7kf;%ahz*-~GzNYEl#IE1WU1 z>4nr?@(H^J3l8C+$vZgO(E@dr(WiHFc9lCP{s881-D8TZ$-C$l2h2fLk0wI?f`S*5 zbtTF_1Oa8mZi2$iQIG(lSm8huVt@yNLYR$39M{HF4nL{}r6=0RQJ9GE>_)RJZXoL< z7(aUR-ZY39JphhSXddsPB{9dU_@@c#*;4x4rkwSDwr*Q zIQ4I4$LGPj?UA?IP8{4zrLwTf)fjuNEs`ZLIF>HWh5D4eU{%TzG|Hb$9m+HHdec^v z)JlHSYWe1l<(pPmsRQP;H^~0jK+=^{PpU!$n+NxKukd5~Z*YPIYb~7Y0#>8tk8xz+C7w){^~-4 z5ns*F%tYl;YDNsZBDusb6b(gAn59H)qUf<*U-AL1~D6A0cnsaRP4@ZdLlRR6g6dlmN}>lb1-F!6)Co&00MvAhwIaAWyysq z9DF-43a?sH8t>GZH}7TrGL^^K>fR1J+491u%F0M=X;9>b3Y#Rqovl6VXWrc%ktd2a zoj!KhMPuy^qh0r#>~NJfJRcfj3wI%GgrXuY!)*(j9Q%8NX&SbePKNYu~FlED5tZDob03~;bSiUqJJGzD%dsGOU0 z@rilbp}g!8!70$Mws79mdYp|NRDBPMgoA+-IS_rur7JSRsEA4o1+@VkaWP`g?j-?* z#{2S$xZ@**Gtw=gj&&n)VbG|FixGu!X>S z&2B?jaIPz@48b)pwGoCdojSWd%AVc+7S}lW?&H^QV_!Q4pR|U5nmyVuIZ`kG7#eFA zLt#A2J?~E^rd&*BbMlkBU~)pVRf3mD^Q(KeWpn)3Ox|M8ov;>Y?Np}}gVo2C>ojFc zFG+6VHbDpNKnZGpU*nfOqmp+QV1cK{k^L@5$4C3m9oM+E*z=jEcLZexo`79dWwI9O zDQd2BEzs5D>|mM0+bNDABylD&@L3-O*nl`Mz#L7q2+r=-d5f~@HbR)vuhiYi%@c(b z=mu-v5Cw&h+B8|0JCPXHIVBb&gzUvFC5DBCp!;j;(i5-)pTsJT`uSo#O#~gGS@n;N zDpTF#{dnsqWBFA3+shg=U&!p>?DfipI3xHC@38P5iyfoEF69`| zFU%?;Y*M9|(%AX+Y_Id|{A4d!%Y-)y^|jaBJ|KXV29EmfaAbw5LO|sOBiy&uy=c#{&uk->K7Ry|I%=F(oerwTbh0TK4OrukF(mf9A=5u0MrFB?Kc;SO~a}{97 ztP3yD##+Kvt+TAfh=RJ!y$B=F9jkbY)CGgZA8`XpRhC}dL!w%UQ;5JyU3;xk8|?;0 z2wH)T{VJT3uy6G?=4H;LRkN0m;w~~5X2KCbs%PNu22^JHk)mhv#Hg9Ub9c8cAAP^x zSzg=!d12i9+TVA3(@|_fDuQ*Yj$aFHH!NMloL>nQXWiVXml4&AjwXt3Yu%V0cf#Cty!O0fDuu3&I7QdqKCmuG#pHP0Ls=0<;0`eY- z<*=AjOAt~H6UL|(&A&Wyw?(&0I9VL+9sc)gWIi*Q!eBodp3p;+q6D%LRqdMdJm`;mRfrW zZHT=b!%EBtt{pm`bBJ01uY4f=;>pRJvJeOJ=@#&P;z z=dJzk?q2y3Dy!Y9e!tQV=gQ+F@EkjEJ5zXdC$c1mamn2{KMPf@3E%Yh7hcVMbd!}^ z$IBCL%D-Lizhzy#Ygfywn+tZ==i+M)Ie1-(2t2Wbe*Bv#UeC%)k9!Nl_OBwEur>*^ z!-9`)urdh~Sn|C^v;x7>1K#=KErL_3?99juUSe}tuw}c!luZSk80|=}r|mQ|8aBg# z4@ZQH>}7^E+5_>bz>DFzQ?g)KtPYS@u|>N}XHlVOceXzz7-4pRqpi&6*C!{t@!!_% zG%#=Y;XUEFR{Cx5$z|*P<;P-=e1BhhxAnDCQ(*YyzsP&6NcG{3f8ojQHdtsz8d7EZ z7Z9)1nPD+q$P~&pY&~s7bq3*3NZ<y%glvgeOK;S~h57t1T2wUYN_(pRv7szc_juCtF6~`X z>%oZ^zuakloYwL0t`^r0*LgBgB_tzQd3C2Ev4ku!y#Tku5NRR|pjKo&qW@d*lGAnV zbIX$P*7)H!N#vyI>X}(L`POSi85U` zHY)Xaxx?VQI=YovGashuM2iM|~&T%le$BZq2^yaA;Wc=Z($j+T_hAR9sc)L!8)Xs~EtgUc*Y{ zVCr8Kw@6(zYWmGZOFV~VPhAWaOeQ*8$>W|T%$}Wk^%0;lk?1hIel6Kry{zZlD+_NE zoLx<-X2BvXc92R@#&Ld?co1uK`iV_hHXaC*uQ-VYX*>Q^QL_h?;=E9}YHCPgN8IFn zbzzf=GQ>xYf>(TteV4necUZUXkAu^9&mEs!zJ6Wfv5=y0YP#-oye;}Xn`&ihi5!Cn zVs43e{NJE6uRtgv@WVu@ph9kdSBqz9C{sy4qt0fQe9mk97y{5{dPS*FVTJ!D#}K8FJg~vrViItpr06_cl%g*K+>XVAy$JvB*#!+ zD?%i3jTJqZe~Zv7=CtL&jFM|i43P&U1e1hNshhK z1BYbAXW|vr!#fdoT=tih+F9?FKM!Y~Gt;DDamsA!pA-XraN~k0I;SRzE8QmA{53^# z9KXUa=c8x8$<%7Go7ltms&!L9^geMO60W2|kS-m_dFZ=%(PCNO`eymiSo~t+ey4T9 z@vck%4Kq!3HrD?WX3qZ%GhRUP&GX6n*r$lkljDdws8BuENwV|FAWu)t$LAA!&{Q7r;S$J4n%G&D?Ehcr3fJfnpZ%CYGb|NH3dB6)iFhapGgX| zP5r8hD6LC_20pjl+~98i-3n$Xm`8#|mO`6C!yjfo$OMCy-N8!h)Z9b@ph0bxq+E#U z=lx2wMUs61Idev)cYwv z;ClsYF6BfWg6udv#P={7?&pO)z%W9yuq57rzYRrwve|x?e>#l{ae0e{YEn# z9b?mL`_^C7*x|Q~Zl{c{H?7pJ39lA?Y_`?SMO)&JTE%~{`@-98zyr=IKGA80u!V zLJ?g&KS;I+UW?c5Q1FN+XtAAQTYkP}fFjF2yN-0YZK{qr39K3{ehbaQWgBXNYu|H7Zj(mXg?Y|Vg?p1c&-XG zK&uWgi6WJ`0oB_W5v|)4l2glCotMZf^O#_ELxV#b|5swI$pMb1pMB0vRUIBm)$4u{ zZ``2oQ|ZjygydO#ntaN!we?P`AE9ry#iYOvoA!%oq3Awhukl_MnSo%}+$XG~OfHRQQ^L)Wy3BqG@ zmms@~j~qsbfiyg;O!V;pa$cbQT=ySSp>=}4~WUNHQMo~*N18{;nGau=#_w0Bry5vmph^)1Q))p}%a7)Dd_y#M6D zoG)os7A}L$LQ|i)Z(6Ke%2&58`f=^kV$bpbGc_JB;*u&p5btVAMXY%LkMy1P=7D3p z7oz)O4HH>TR%TdW^nEGDv{&r00W8*P=@Q-~9?My}X8(-6A}iUVu)G!(?GymGR_l?ab(Od`>#H#M6u(RAIT1#m z2SNC=P*>%^B~4{@EbXEJs}3eAtef_zuASPfxfZZfdYyB4<+ z6_mS;z~ki3)h%mY@_9C^H^L@{bF8o|!AtrMyNP*KqsbQTc14bQ zYV4;0dgOm{)WwTVGxwkaws-yq4Ho}FL!0K~{}&nvwP-NCE~_F|iFSemdWA}&ben)$J3)rPLmY$9sTiQ7OXGn$#Zefuf@a2F+hV6u^zJVj}oV7D=*1m6&4d$ zh0tRGwaUtJ|7=E$&_@RQ$TDfOYVgsW*7{!iu=8awt z2u6ra2d+pgLvhU;zHZTfDL@vI&S1~LZMBp<#!ioc6rHWB#^yg-psY}q1$55`vjUh)>Q3n3f&`dQo#bu}=m)x;s6xBW!X{G-2ybiNz0HujYpR^3{i{Z3uN$ zMLxRJId*3J?Zl^Zw~tR6A4`-e*ukTEm{^tWXNfgoF`d4)t0F!^RG4Rn)c;`z& z3Q)8mmJ+=Vbk2Z!TwvM=?hP; ztUgA(d43TC`YkJUH{;dmN0+i_{ijC5Ioh~{2zFT;QkI*5_zI;L3J3URsgRG z+zACBRKNgL$O1pgJRBr|3{xFY<7OCJ;&xk8;Dw$POWqD!Qc2Dc+F{eBoHbR%1FAH4 zbeG7ix~kx1MSk4jlh2ZRU8dhX?J1X)%}ssox!02OOZXZ`;?08dZZD`U~WESkPdaCR^MmWZZ*3n05Nu71<5wrUUani;RCNXcB4I+Rh1a+jXd$2KR~lETUol%Na0Kz!3g zRy6ZcZ2om6|8#noc9XsIS7^6_hI$AaeFg7-CZ?x9_a%-F4YYVD%&gEN&U4fWHCX4C zlij=*7m3p2)YyRYsW388!ANMu^AwrS`=39nBM=Or_j4bW#PX=jsVi0x#Yu&Z1b1WJ zAMe!M!o3bef!Yb+uu#Clf_sSC2%RAxxLN{T(P5$65XZvQDAW|vkKa@f1t%EvA0@A4 z<#Pk0(#z9nt?R`49^dM=PCuy&sa_(mIm^iwhC)tSN3(*{89vF$$ybW#UKJ$^rd^iF zWADhisfypFbE2lKx`Zuz zA0LWS8tHm2HoN^H73HDO@H$%<TTwKlX|oBCRb8dP;Ybh=ZJJslVJAE+sRVlxw1c8(<_;-GC?Zf%4?}^a3HmVx zeHgR3Qnvw$A>e;2cmm38o1wd1Po!RnnfJ+qA^0#^rHY&szDJa+&}@WekHif83vGFl z2z-|SwYf+WNjRp67_IA^rsnm-zxv0UUK>w5uFIvYz#)wsFGRvwWk@RuBXOll%F3X( zy#EA(xR5iO)Z9J&#$|l&-GvY3*Wx-p_Wv1Ptx7;=s?syk`KmAkr4h`H^yVv3J46Sv zn~jBx0+UVd&g6k#c{{oUTKtpnLfb!Dps1FCk$F}~hmJ2N(2o3kh!~1^@n3>~z#+*6 z>)R5f!ar;;J#mwbN54_esalG5#+H`nmI0S2Rb^>t(B?)yP*qIorQpF!dT8~E#Gm_FwjAn;6WWR=^Vh@Q3H@)vcJ zGxd`rRZv9z@KOK$$E{NnhhoDgJ02x|GJ4+ioN$PK#oL62H91kOq)b%;r@M}Rl^Npg zF2dv5_>QcW(L_aPFo`BBKv9((W}yJZ@micQ20-zG|IyXT0&1xcHr81E^?x`O=G6@P zDYMip&PwH`C6$mCfP+~8FXcQa%vpF!2>PWbywMA^?U@CL+X#RImXfSc55N$*A}fXB zc!>;TL1|5o6AbKuw$}t!SqsF0{Yekkqui+AQ|OZpLPhh6jdj?{VJJm<)2d+FB|VjK z`bNj34;M>|;`{Xt@hE6F*?V*aFu%_;#zKlPh%#pI_4 zAD3THc(+Tt#AwR`Yk)uUSo zvYa;LWl5g4%GXT90dKZZ6RHWz&yOU)N#u3&Oo7gGV*)z5{NdCLltbo;A}3!ARwi{b zK5#yMXt5VI=@{myMO#7q@U}7$QV@eQQx2gX#+w@kn+IuDuO_xESoH6gmajj)?An#o zyhR>!VDxrJw(;s~lVATHP96DR?u+RW2NGRO-ZsE7GOO5v8=iR@LS zcl!?!Moj;sF8*U@mD+%v1#*k+U$x z2r0oBzhOcaLGWAGP<_!cIa>={2&a1plO>Ae%w-9 zSVTv_2+f*tz1+*%`>~u)()GL*qKsy>sYdP**Z&(Snqm$Ft)H2PBK=fA2B|27(B>lw zFi2c(k<$}Y%(RwcP*aq zkslqDT2E?hU4QZP;*Yyp{x#loB>bk_R5$uLBhvJC&Po3scZ!pc<^=YGBE%>cqM+w1yZ&cFGVe?% zN~;)K(|HP65sFxCX0jWu-+IVYu(?H zp4q!S2jH?q#lUoeT}ckhocq_W9j)E5&WcD*wKu0H!`e!WDLbz&E2fIXaz_mQMX|vd zs8aLXiypZ1t8}u`uHSyRWAMU_yGIVF%V%n)1~1>0H}5Ymzj^I(J2|Z~&Hq_vy>g~N zCzEE%HpgPo*f7Ln0O%I(6V9YZaL!^zze(N-{2E%~Yff@4w$(uRNg6EC;}xTLnTkI4 zwX(Jj=h=VXj*iZy-8&8KhTo;bcLypzVTojIH(q9^Kd$dA>LtRHTiA&_C<2A~Lu5NZ zEda5isVv&T;&RIBf~mfZz#Axg7^}CTQWM@Vm!hg|K+5EGf)_IX(9(%yor=Oyy2CC~ zw}zNo>gsXtM75K-@k4?cNvJqQ@Se zj&|w+jyPlxCsrJ=^IwQ|;4SDBQ-NRRStObqU}tjVP1fX{wf(b?7f;FW7|qFyXFsq9 zk46==#5dfo${h%OU}EOI{Tv+z{v#@x1^!^l#YMYXAwP!93?-F|7cFLf}|TTG~?;B;#+}AG>XSG_F_lBFGl|%A;2Q zcd%FAp5LRfkevJbqi)*1BKJ#vdkW|msY;=4 z!J1phwJ2wsP*-O{?6shV^uA?Nx)>E<*333>Lr$;B7Rr9QqA$60>AWkYjM z&s{ie?0ig^boBY^v>@Wy3^X<-2yx2{`l@W0^EDL3*Ex;uc1f5kQwh7Jga0}gYaal6^@Zq~RiL2*!`>8+aHcdt% z5%i0+tGFQLLKso}n3m5s4}(v*(y;dlD2;PFWiO7(di9?q&2@~*ry6G7yG?I*T-Uok zVsa7Z%aG-}8&#`Mozf*UG6KlRjZ`8Q14A0(Ao>+G>+W}L96KmEEZ8f^gT1ICUC!to zF}_K!(4;sJ>aPg#jxH1IJSZNi6{1l*at+OVI3q}b3jT66X=)IDRTn=yrpos!UPjx= z#z5g@3(K(3Y|*ebM392B*BJQL?-hGF@9 z$BMQH&1&@k9qwR|pQf4jEQ;PB-Q@LBu#eR1vp+9kcl0^18x#%7?Hvky+)R@7KTW&m z0cH7wAJVs@7x!o&fiZHGSk!9Gp8#Q*#)!_=1r2cu>%4}Lkn_Gk>v5{71<0lJ0?lI3 zu#uL^qC6^zvykgE#Q6sD6ym?vkQQ)_4dx}H6!lUoP+4@7V?GXM=vf=mICqO63Kv%H z#o3~_KiP|;W=lNDcGOzk3*@o>YDXZ3z! z2c2qVi~u^K0;z~WHlA}?(t#Zmd21cnpB{;uij{^rkk*()8io>H5swKS)!6Hs;E>Z9 zGC-o*m(qj{)D-8&&=d^8G#{oDyUrzt@tACP2u<1Jl8sU)Ho1q>=NxNcX>yXyPo`p# zgu6AA3J&`6OX1*9=QGmU3+2XeY-{!0$Pf(Mk)%zq&jda;DEj^PFvOlJzB?VuL55m{ zdFS&Ala&jZFwmw_SrcP#AF<(4WA1hPwYR575@OaZNtis5G$VD{y6Dc@-X#0J*)LVG zzYErEfAA#x_U(o=L9TiA(*}PVBH1eg1+&RG+0=_7j-~egE!`R8TwT#|l0N&SIGzvy zF=Hvdb(=6h(r!wP*NX+Z@Bq(4F-~R5ac1P1i&5X&b#YPOzdU=mxZD|9H6n^!FQKo) z&MWi0g9Cb8sB@XOae(>rH8&O@EjVRLpi6L+5LCV<%QOf^QbR2DOpdDdp0NB@#6wtY|%@!3bpb=it(Y$LKIci zi}zRV`t;M2?RSpa%=~yd8`JI3z1ycubJ)GsdG*;&7Ddm6{~ypEG5^w@hL z#Iz8P#N~yEHRgRyEa5)sYc7&In%|dPcdW`caZ!zQ3C&4(V%+SEWXGf2Hf_Hjs<~PU zpPU%@C>MBwmKY6?LVf-88TW?ywJlvkRgydkQD`Jh7hlT@ zb89#gxwdH`eE4!66;0&CiQ!F(rs2hljMpEV8I|Ou-81QRWd`7bvC7nHsNA3R<9>rX z`)42tsu5K(|-NZNvP@;UI}Y_@zh$&Wm0ihPKBZQvd=@y;$X+L9dMX`^N9n|3nVs_Xy@Me{Wl85+GTo-9!VrfM0>O)m{uD0K=$;7N^703dkG> zkc>0RYl#-(Z%DCqN-f^VQUB7#ATU92_SZA>Ik~Rx8VkxtPB~BS{(k)2GnYP>sZVnf z5I<)s1qSVQ9CJ0E*;2$(z9SB%yk`VOL*>K^kzp20sWPKxR`(bR<kzPi0LwIpRZ|zF5Q#A32MTMTGHqG@h*b(@IlxqgnkwxgwVMX7 zZ`crU2K1Mg)CCnF;qXBx@|fabBYck9SccMrpaB|1kGn-1JMcFf-zOZ+1_g|PDGZW; zM;w$2{Vc)zkrmABOHWF0m>E0ww0wD1;@H!nbFPM~@25XfBrVC&D=Ia`S(e)7M3&lc z4s$^ui)t$9T$$m%WLuh3_QQL3Z{)l_5H6d0b$U)F8+)anc%-ZBrp8F(>h9Nh>~(EN z5pMO`bOsgTJpvPL)t2)yCo}4tsC3e!fzy1_#y1}dqGx=~o5=X$z&JK}7&DyXh|g=& z=6lkrOn@ThvETvW!wG<3hSgWieM~biG+8Aqsx^H@vJf{2s-;33BA$a1gjDaTLz2mc zr!;oNJYVF}vv&I4z_9*gM`BXU#8KJEpEq8vRP9oVKv&StnxU?u?1_&h(Wa_sDly}% zJ=6S=8ROZaze{JY$6sqN+VwE@aNjzY-l>6@!CshNaIHw@`}dlW(;6C!)QRMG+T@0Y zQOD&=Y}GPgKoq8n#CZYpCo%;Y;mtu^wFpu~j7xQ9mbyDZm=a?ENbsPm zkP}x)K`fsTqNV04mQUjfB{BCu*ONZ&R(H2_%koiN+|(UEfjmd7=D!)c0=> z&$+BOnEi0>sYjaa?vtq@3N2AF&hcc!xNKV!48S2ZIS6?<(@V7qt)l4NS-IJ!yWo6g z>Y|6AJ`Q|dOu8+fZJxbmJa)!-YWnhr`$v-;9O$?Ao-+)55W+TRYpSJmB5zRcWH7G2$`!Cb;99yewkF}2R-DQb~qb43s-?MhHYQ4SY4;P2m zV{HqTJ~*}e7eZC1L8h%PfC8%Yn#f99ZL^HO>rWM$oy+}Fv9IX$uYbR`{pSVwT6)^1 zbFT-_&C2@g<=-=tnx#F%?bqW?j<~OWC%~`vUbQ==swykxfsYvy!^9K3#7%YAqwEx} z;eZk6V6;`UKD9f!jlU0n%Xep$uQRI2|Lb1jUdc=TC*mzyLs}o4zS6=_=iyQO&!9qK zDl(7(7|sR@$LAF$P{vuMqNPX_$fr6zULS2=E5tpvblotntSR-bjUy zj}0(crkrmoFi}u}0G&(!e-PogDU<~W*QhN}xg~w%^y*)AwbwnL>n6;##c>b@HVn_6 zcO#Pi(UZsTT{Av4H~!mr@#zN|kfFM#g}~-qG^GjkQX8?+fn)?W7&Jw4>}VWS>6JQq zhMv~~dgSh!PI6&vy)DrNZL#`<4`?KcECqnP~H+ z*h;0sN_&w&a3ntEghD+bv+-T1w9_;XL|>!owUxYi__ zL}Ail2Z!a-`X_bOzis$Cm4GInqBL&q&J81a(TRabtN|kZl0Qxo!Zh*j?OIJ<@UU!0 zRM=rizrzco57 z2+bJP824J4VGM)NB%&}Tml^k4LN-kerBqf*AqL+mN|`b4^9bIx=4&N8mjRFx_is;u+&cY4GYBpj8;O&7T?nJKHhdJY?7Z5){7LSm?ryo=I1G6MSVZtm!*B_TI;$%p>Y$H{4#B16WXYl_;u6 zZ{U)Bng8+R;;K>}f*KWm zpch&H(2F0{=)d&hH+hn)L&(`6@~||bA{tuMogk9{B~ZZ|V;>+zrYgo*LzvMa7zsL+ z%oVMOK@=K%o(dGDDpe7X`a!P9#hjL)%Qw+^3BNeA$S;Bz4cV}I@=rj>LJ0ZOpTPy} z?vx-8sSrwl@F9{~BCMyxLL%0R|NQyw`}C8+eOmF6rdH~ic0S?uMy2vuGW@&<+0A-{ zD7`a0*xlNPHEg?*^-%2QX|6-Cu44d3fa;J1xuj$= zRh-6w@s%>t*5_m&o#g`~Mr+SO&;_Q^n-F-8;_xjsO0vzuI!Vopa>c#ivD z2sKn3>%*ozdcJ>d05ipz@7VdnO%ri(V^5BLs$3VmY#n{+#^jfYrp5!AYdh=B(M_M-&~Y1&Z#$C_thERZ>l=TmlSMd?KU{y* z9s3vSj_Hq@)*EKOwhf&0DE{fE)$2dFSK)t=UV=F1=@F1a<9?zoKpKMml~pBb1B8V1 z_&0l_e`Wzd)g(+JSkSaU>dfJSdnZ;RYl_GjwT+%!Nrmd(9Rzd2j*Hj#YB$Ae+zp}`?zk&-AnQkO^>^8^;>k$enfCPYHs)z{PdZNEZC4Bw;ZvXRi$A80P zo9}N3?SdKSA!4Xr72zI=bm|edh&J&x8jYZ>B2%se^nDA7$>c*RdP|_Ny~zAk^Xl1w z%Bh1Uv)?`1Z{BN9uS|X(viq%j*iygWlrzBLix35gk_vdCvyI;8;7|7xWQj}?eIpNL zE&~zkM}Uk7&i)7xhEqi*QM*jlP<)|c-u1J^{ZbCTHA-_RFqWMtSHsEha^C>a}# zf>dRM0-UfeHS|=bU;d3dM>5ZC-M#Tui^l96H{p0uLR0wd<4x}Pe{_=cf_8b0kzP()h3J`5qos5m3f^~BW^t5I=Qywm3DHm-kx)<{ z>HD&ZplM}+#;KhZg!5EQ5&twIj?pgQ6}#QYs?h^nmGP`X3>Z)Bmt=l+KQSGBqUGhr z@6%;ZOg1STG zKc68^+p|H<7%^~7tx>5mEj3a*;Mw3x1_vW&R$`6b4;U#QZ04=fZE>zk3Rmkn0u>4t zDijIFn6Q&rX?}RMC}_PM0SGAq2B#DQ3Y zKj3>ov=RNut05_9b8ZF&1mjG1bc!6QynOVRskZsC2kB11wyTdHOZeJ$XHN@dKO_`a zG*bq}zg7Iz;FGo#<<#3ZSY!y)>-A7*LF`0MDxlbN7^ICLnh3k#Pa1yBEY#-M9 z)ZU-+GOE#H={!kDfRLF68HF>M`ZsKNLT3at@Giw4OrwrwKO|8)oXttL>ERXu6ha*x zEOXTP$R6SyTEXY$J8wU~o}7ri7rgr1e1Bh$-uJtA?||g(ouM68gVUEi?+en8{3`x+ zY40|BG$Bhm6|*N7x6*-F$~(`I9r)Ne2P{Laa%0EY%A$3K-JKd=8t-jE+ zaEm|A*67h5#}X{uZ*Y1G7aL_-+5Zxa|EgJ+dow712L;@~8iJMvu+GJxuw-45D%A^8 zjS+D>!7myd^&lpKBob$B9vlNA(Yk4p)`%w;P$Ksqh5>ox5X1<81GLNf1L-iwvyznu z<@GXf?)bTXGulP`1))I0jOxKAmr_%h1$Cb!ubPS0ncEWDIX^ZsAJMXAztSp27Y^yX z9Pf5*;03S*$>w9JidB$L#p`u_@9gkZrW19A`vYIR{HyP@V5mTC=KZzV>C;2S2aiZ- zr%iZpx}46oKkc5}kPj)Oy33zW%G*H);fdo*Z^(ch>i!eRMy=fNRWLArh^5n|lOw}! ztoo+qU-=uqMXMu5|nf z1uW=W2ZKMS7tcQb{5oX0`%Bw0jk8KSUnt1A>6E7dnaXdK&+s1miHGZR2HGL5?SpDO z5n(8lSCe2zKQ&P??yR)E zyZWd2*}>1rl^!-$oA&;B4mxP&bdDz_2Q7YzzpPWEm<`zgWNi0bh!0#0podWq6e`yv zh?B@7=h(&U_D8dJq44HP6?k*i#lg?xAYv#liW`e^MieL{l2+S3%sGjgO2t%j3jk&g zb5{^SZ^FQ&%po?v3&Rqb^6l>5-d#Mpq9xAk8%W|0zTd4}T9$mH-px+Y!mPZ?h(M$9vZq6`?w&IC&caN`7oZy-+^~96>;SleO&9;!vhc_J#NmmTzf8>5 zSU=j)J1W%Nqr=SwtgcgIk5EbJ=S>+>>XLDl$y z9gJcQ=iy?@4BDs$AaGHDaZuhQF?6jBurisl-fiApdb}>0P16`u< zwL16NXX{5r3TJI?H_ZKI7oX6wX>L!{h7B+Kg>ALOy*u$q_D?#Q-9i5DWSI8O&(G;C%m^UIG#lJH=(swa zst~p<`bhqbHB1WTsuz;sP54VWk7f@OT0C7?KO^K|N=V8*1(s08_YtDQ@5$^s{8=LxL%dgyS%ghnTW(0`rhp*F2_92FGujof!C>v*Luu zwA1(fVFiQ~UF0G<+S0d=EDP*FhxdxudjmH&h!aQ1&)hd${fRxTT zOuXut88&R$cwqb4=stGzTf&V~=ZU%)3{y&Wb1qIag^9M2npw}UhAufTbqou}Zy2g> zbz7#9&N|QlBt@#wgEpcBT~rW0y=lfNi!}?>vd~~OW)i)c{e@UW6HX(zowkS^hv@9iKl#F+f%aKuyHThCbS30vvh%2iBOyj2-8{dCXpy#biNm<&EBXIo@u zdv1KM_;a_Qes{Zj*pYiTekY%zm+*Mfib8oi)Wyt0(kyp8Tbn>oV}snV4fZ%32ju}m zoNr`FAY}cZdD|LZFqGb8_WB;x@dpG8`i<1y{2$q-u=x1Y(>u*~%a)!@2miRQgP@S| zKM;rm+Iu&vSlx%v14Sbo8YR^*jRV;O8mIfX7bVE?K*WVU{2EtoQLQT{0=&3sqSlOv zWdI_o1lBG|+x|?annWIf{w!pg(~=M878`4qVM?PJzNj|vYmdmaAsaTsFvpzwlU#v9 zds`7*)qfMVAAQvi>BiQ2whO#qLenDcO z)7^Twup~_{kp^WZ8~}-Qwj1?C>6&fWnKQ-788__ z+&VdFU=}dd=>N4)q^GKi?oXNx727VG(IeAo2a+C&<*48ql{wi~D8`R?#mHn@j-i-VtiN*PlB;1pfpVKy7w%qo+VfiL-u#FCb6++bJkeg@HL*P=hhYmSyH81Ur1 zgx>qSm#HgC%V$cX_cZWK1&B?EW2-3WtC{EkyP%ft*S3aSdM(F1S`zGZ^ zINp1-63c?M#osUrwqZ%GTwT^RQ;f$jIB1_wEiuLh8!KpXOjt(&&^L`2wy@0BpTS*bNQdhhahn z+E-?cgT(ZlQhv4P;LC)=-t&`H^YdC?61Hcx6e`Te-RHBbI%%Fm^ zT&OZnBTIvS76v4!rAD4KzY8@wnj-?60Bx<}UP_%&5btc7tb&?QiH!fxo>4aK_0Obr@+hY!d?w< z9a(>oY2;uv@>9%1h(I6LDnx7qOe* z7Q-09MiL3@A`Qit$QBN8evP2zMr#!{$4-BIDHp%+GJR?KYE5gK*>^Kf^g4=<|8mqf zzd35JJs`>1I$GmxDc0`4!=qCT)U~rp%mon@ZdCYyb+RHMXbT6?L?AXUiIz%adeP5Hi?NYKRT1T)Tvz_N z3JKFulTV(PX{}ySZ2OaD=AW6Tw4Ze{r8Io}5C=HEQy@+YCjdURePQa!B(49= z-D@)(61m|omz>x>e{3VHlO@EocbLr0xJ?WX41KC>2eI8O*-JyHFzU%H$souuppGTN zS_Za%0;{#Hp>TFe?8tIGu&!|}D=*FlhJM(N=HOWa^Ijf9_TPj~H0a7&LN)?F1sxyl zt}?2Q_PYB>l)dW3nzFjHjAA3c&5ZBhfsCuQutmRXe7gYycUt#%v%~ep6MC_CKWUwb zpMLtbWp(lVgFBx~E0e8!1zmER*Zz*ix6(bnUJ%I!5Kha`kD3sPDd*|xhFov^F1SJE zLizaV$)=JoADG8uxA)yx(RX8MOX0Hl@f))TB0b~FEP)OZM=3qf&6Vpr)R zQY}@g5FKG@FQUfJhzk54^n$kfipR4=+^G@Og$=*Ixx~e?X0j!C&#pI5hbW^!Y^G1+H1Sf4=h}tCdZg zR?U9dKQj|DQ@nL{<<-Nz>hhtd$jI!gnJb>4K!|1tre5idVwR z6&bliv~oO8jP#Q7_=hEdLCF)W4&hItB^B_)R1ir3JM!>+4aGb!T7^CAh{C|2X4YZ* zA$HcoHa*fp5Nwh}(LGzGi8RG>!4cl$fjeWtT15*Vt0%NttQMwC+*`uk;U`o|+iL}#Z$%Jnxj%iUiz3w~X=d>rf} zUMIYoxj8WO=HkIehc=DZzp2kYlpi?dXm+W5uTeLuYpn{8A%)5^B~lgHWFv;OI4wxq zNFdu^C3*xqqg0h2piz_YVQ>JHk?52lZd_<2$d+PFqEK#I5%*s>Awdb41ruj->RcfpRJ4!RIadq{cnRCP_^CLuu#C5oN_V#q>*AMeE zD?A>>fBQDuvb>|EZ{y1=o4xmylj+1$tuoqJXt8hPU#B}Q<4NtzrAEn!a{bMunU`=5 zTw0i>!aj}APn%Xey0#Fy;p@HBg`?Yoiw0j_XwuBGxI6T;wy-{V-IQao2?^5)RYRLB>n+wSQ}SXDXDivn^qcQGPj z+rEf@CTKbRh=>P2BBHG9o>Q=O!neVmYhdnPu7LOcCnDU?hx)xCb*Nauh!4O&v)c$7 zB(>U-PCPv1lK6nj4N6Cp=-pn@h#{I+TL5F}PLkz@527FmuWd9{1Lsm$s)t<#NGZ^% z2|&XqB!jMk*{XH}46<*LU10|RCb|~$hav;=M+dYknvecDKN&T7ccA}Ta{ul9K6I4P zNT(u+Q)lO|d_?;=RnHK{@Eqtn3B;A)=EY=e^Kl7tzGgfA`VDht;L3-E>GW?Wx4tpa zi)~TRY6@Gbw}0Jvp|T5Qr@=)gPLau2s>r*FYlX&5hf#0lSm~ez?W5I?vwT*?H{3mP<2X-@O%{@pM1*zmx{pwLBbJ9 zYZe2Nr{9Oo zy!d72jj$YgIxTW2x<|J}!K*C*_UQrxx$dyS zz%qc{I1v~h=VBq1n5qqlz-&JoSwnw|eZh4{Z&e}yagp?al`ccXwtF|n>$*LZHW2&G zy5X6v?IQ^`R`a%iDYKDZO_ts@xxZ(J%U*BYB*Hl;O0IS)+1Pg{MzO6EO_c~GX|iaR zQK^#sRdg0l-_6I!8?FQT=PzBMKKlGd)5ZrcSciH)YTo>A(oxXTY`E|}JGdi1`orsn zHF{++&$|Bf6`Enz3sYp5VF+Cq3_)KB6=FoAA*O;7SJ^?jx*()KsY&fXkpE^srqd1V zO(c%4eGBr8h1*9QtVM-J#=^d+JCrQIJ?zjxN^eEK_&OJDvKrL0+3~UW!yQGNVyDL5 zUdXhg@0C3*3uoKzOTTdhYWcIjAuLvRs`+uDMPm*V=HwdC(V#en3}6cUV;u{OCZhme zH~=r_a7PqDNjsug@uPHUto6&q9%l(8$6@{_X6W4#^9%U;YV32|H<6|`!5YPON9!LV zMwvxroR})TdvN&)lcKZn|K^>&6cq<&T?~OC6>_dtJE%Z{M&N$(Mge6{KxtD$Yw2`- z21jP^S~p5|h1((O-grw52@kpZU?^ex=bW4KbKzr`Kc1_zs7rOwQO0DYDYh!3eNMQe z)!1tSOyZRLHzNfkIG1)#H@ZN*6{5t=tPOyzy6T^{XQ!srfZwef+ua7!7|S+tg(Ein!x=OM`R+ilPaGI~ z5IL(ATsUi+-Vq-cH~;c(e}CVemN2(fdztD=rdjri8dz)iel!_QK(|<_>LOXCq_osi ziJsVOZTjB*+e#GV%$Dfy|5CI3(Yx11-|v0sdw=bY?b(?x^-WgOUke9__sV`s-?U%z zG32ZYjesh*HM-eoXYD(@Tq!&aCh1YA0OdZH+zgFI`-Xsi>mE8>D9q-0Fa~1=@4{Tj zM*GWj8@D=(pzudjtblxgDcMC+ASXvy z#t*q}l5|vn)WWSQ$YqO($PIr4+)5<`<&@|;2rwtn;`8D{oaYez?Vh&)EfRu~wtbW4 z++@vM|L3tDQ0ME+StT? zK00|YSfM4(G;V`>R@x4BE>7r|svSv$B27zs)X}QWj>AD?eCTh*v2tj_N-NZ9YIZ(N zc@4_w>7Cka^JHS|=G9FbO|Epr9nX*6?EYf>fcU-7_H(~%+Ux%AweaIPp=EW*TS7UL zg2Lb9c^Y2C!Kp0y3viMKedq+JR(W+pW=f82D!v;BQ)c zMpC>2uLY@05<5UcAa-2+75!x3G8=3YxdN$?LEplFB!bzBTZ|m=5R=qIKmW)}D%o(+ z!C%E3f*nYVS`K2a&{{2862o0tP;CrXaJY#aRq2O46aZyY)4R00BRPAP0GXnf*Nb- z``W0GHL`5%hOT6R{VZ_`qq9~NAw@sFPANB|vO?8NA+|(4Ajjo8Pmvd<*a)Tar|FzwN zzLAvZ-Cv>xk4>F*dh;}F{`1+K-R%XBlWzj}ObmT#)Vr=>bs>ADbom~N{Pm2L6e^#i z?c+r=mQhf{TRH2M>L^iFTiHfwl;fD<{K>WqDX56?t?V@#;Mv&k9jQ|11?v%5*pbj| zT-|8g=oNWW9D;D-%p>26v&84Lwe0@UQdIswmXq+yQT955(682?hAu5@s_dSe+wk7 zZ(xo47WrA1)(z%_&~b)Z{3Nqsqa>Jos5*@nGnu+rGlzYD^5k)X?P?oa^^Z9> z)+#6BGo+Gaz)Iv)trC$SgAkPH{zRWHy&PViRH+VPsg#sR$krxaEX%*~_)g!F{JCq7 z`(E{pPq@S{R42r}nEllDI%i_2y|%C-Z2#UcX9^w!!j~#KG1l{Z~ev9Df=Pc z7~dff;$+#5d3;O=p98)(bzHHYUUXU-_gq^cV38h1#wqg@`>SbX$CUg0K!49^lZoKq zp%+ef%bK59yXPyoC6$s^5*(E2dNMq0|DPg1s_xbu{)Am95vY(!m~%Upo?hAImG5mN zJQBDjCLMJ|*>cHiHvpO01BQWUhtf+T-xP3PA}a(D(PCs0%nmg2us;wf@$SJD z|3!L6q1fKLs~oM)kh1#^?3{QtnD>CX>wE*aH7iTq>Y1maue6ZBbYvRGk z>yCr@#lhLd!4o;r^O4V*_Ak}z*;twSJKYP*KJQln+cAlzabs%zQy;63bfGSodEMQ=@a}pNIkb+lN4i!BzqYa^d|#=X7amsjD~*2DF{iIh>mEI&Re9 zlZ;zV=&caje3=xQw6DwQRMQyV#Fc!(r>TzkqlF9e)P+d1*>`t7qwX!~aIx~sw@^4&nq{GHjoyM@<_ZYn%cpsZ=v4^ei?_V7O zXnjgRBJ97;vfWjYPMsVO@%gK8-v$lXTOoz233Z;6pX*vUeN^pnwprJBnC%q#9EMdE zIdb&OTr}K3+O#Pq?&}we9~^m19LjTFWru|sy78iMMY!Y#0-ZnpADPZhQcZ!f59bq} zG5wX{02N`Bj6}#XyMLB|jYOjb!(LYzAp_~!8 zZ*ReG7z8JCo&*+%c^O|sdP*^(O1)LwkjP5$&$@>q9f;w&Ta_+5^|&5La}~>vfLP~l zRd<$3w5IC7<~Jz(5Czat9I_v@&RT>P9{3jWF_KvYKMG+R!^vjN%zij-rH7Ih``5c& zME$u`K`ZCl!Kp{{1GRIXOx{O3-QB(PUi$r8OAFUC^|LA*lO?eN$>A-sPySYhMu1LD zhAxX+s)Nfs%SbBG=KUdW=S!wv%=Fy(A8*NwP}bOafj-TU&|saJia-8Z4giJxGKCaiL`K zc5@pN@H&2h!Kav}XEY}|eRpnx^#6=yQeAEAb zH-hB!RdMvU`bu5=bYeK%kJ`f80??oe(69`64$Mh9pde)I;NLAUH@y_5Awkl$U_ooz z7@8SydCJ!x4h$WFrX&ABu$@sTcpDH-gSQHeAH zh`K4e90(W7ND{I$csEDyjfctmg$0+nnZq;h+xl!DExq!nVBm&A*dDp|J{l8l-IKje zofmG-%){Y5`Bync=we5IMPqcofWIF0!K1}5b-%gaI9kmoTy{$m%RpL+kO4>v}vJ+}V(es&ikNcoN@JbH&wC)~s>8@4DogW|D z7z}&d?}=XFwD2Wlu0!u`!pvVU1w$`w^vdO23M#x6c-rGdFiskAoTVpS=jN|nEz0G< zT!$-k(=7RootU$U7Zd&Ssp`Ll{t=q#tyyogLF3yu;cc6?&lfCLuRr+c!GkB`-+C>| z?%X;O(QAHBrz0$I>Eo4zy_B=%1k7V>W$UqSelx9@l6$WU*YXUB5 z=E{TG3pQzR3enx)Fq{X?Bt=;4aRnie@fH#h=VpD1!>SVUmf8!7X!%5*IG3vEX)H6?EQ7+}Y%)yA``R9f*0;gy*vb}|>TV@! zxgS7+xV^Z>Irh3nmBAZ4H<-l^iQEi2Az@cPbdaV$TD2@ZS6d1bw&^Qc=7)L&!yQng zXNB^d_i}ckMo1i(Mb~0NIAE(qRi-N6M4^zJB%8k=;edmUq=&+jMD?<emH7fm z3iO-Xt0iUm%YnzB4#$TT;DtVPNtWtTGgi86cLUG~-pT;ob(jK%6TyG;GQxd-Zk0wR zT>}}a*KFGK^85Q2$-wZRkC78W|#AI zU#x=}{XBz2#*Nsw{)THT=~7aaK^LEbXZK{28t*V$(8*r}9ET%hxLa@ALpvbbxQ3lI z>%&`A{3PAR1+&@t-~{mQj+=ec|NPaa*zwUH?WK`=)G1jZl>Fk%I1(uT#x?RTl7wUK z;;#%xh9&(asGXpemhA3G(#-)##gZPhGBgaJ+?Mo~9)idk_(K_9jFpVqpCMMjn{%sV z{R3+#$!y(j4Y2KD1Nyd>{f}@dEwf|f*MDCQ&4k;MW$lAGXTSp#&ju>}f)i zaFxqW5H3{I2ps+K0|->1OP=-3_li7bC^>HuGiK-g^j3L>OQunlQ8H@t_uCJO<1a6K zJv2XFG5aBWd?0*$?{+sIFSn}Xjpyr^At|6$2F6kC8 znVA)<_iPpEA2VT@Xy0lBoC)WldI*NvI?BAm5-udv14HK@#=W|V8r}h3G)cNsf*(Rg zsHcevsN@9Mu?+*14xE|=v$nuGSRGYWC_R6>WAZb5>id<-SGF*|TQKn|;qbRk!Csqv z^e4W{$_YaC0C{X3x#@JovMwc&4ci{BXi9KFrf~<&UMU+g@lzU(7`CU!V2A$I{K`Kl zX9Rz?1^n#3yYQj)mFjE1Hsy`K57=J(rrx-6;vL&>d&h$SYs-CPpQ=OmjmmEbeJLln z+72Z1Wnn;$=o}7SCj4q^r##N8RE@WSAty~W2r7Un9CmV=z`Z-CNv|=W&H`@Qe{VB~ zM7N)4I4;YdR^oA?G-4sWq;_z8C#kYa9*;#j=0P-QEogM16EPzZpmz)u|UbH+b*iW|@*} zV924OR@oRcfNurUtp-vM1<9)QflG``b+nGiob|K1+LY>L9R(y>g_mweGv+^l1yf!p z)xgc?ac}gu=#$rSI^Jm&wJ*#(9-ZkQ?fli?Zv`THZ0c5Wbm`FW|z zvkRyZu7nSV}nOD1m*5yh~*pN5>@y^VHgOBFFTkKvK`!X^R8TfPpA#d@_WGIKp z;_iALRqJ0VGf3|~*@PV-O$r5_irYv$nM@!#uf4+vsav*GF^#TST{~g5<-?tx-sih# zzN86e2H7^p)?bRZSz}wAvvs14xz2Kb)f3BM-|Jh-Fl$aboaW`5@y;_~avvqbX2{|L zQN;dT{P*bZ84skXbYpl3nrlstc|=}gABx4_j-IN&3q`Ky^D zhgpPhfho=r+5Q%(2G6#wk~^KmQ3_HT0sd}=ELVT|UH=A=Td4}jjPh`-PZuRRjF>7r zBFk8tA&Qj#CyIJV+t45--boQs%uc!o|MV!>reI+#e7+++^xny9ce{Mc?PQlAof%U1 zX${WZrxlobLF9v6w>pv`73Y_vKp}t%&ZH+NmXxOu-PU=$tJ+}MaBnc)`bxabn=4ly z1aIHEFkkU)!f;{MU}1)QWms_Ru(LL;wtXOk(D}OaoJnOK zgp`85HMoj{+1qGIji4F6JctPq1Xrjtg3vrf7F8e=&i|SpAA59aykKJCbNh&G{PAyY zhpjH|-l1QLCMUH@*&zUmUy$fZBgDFm3r8if{cA>K(EE0x87@l1(l_1&jL_eRM-Fp- z%yi%*a?TEoTPq9Qj;%A?{pC*B@lWkF-$rV_ea)-FIP^=6TP0 z#EeNRR~DiW4ov|^lh!Z6iIR*E94-;&5si=n!gICDu)2?B*})<9DeX_p1KFcaaMLlK zO1PO6hmRzd#3c?kOSrcxh(wE1!a4Up#ZQmldG54A3v4t#&$fO3oLr_;jalZVbXEUH zKyAkUPe5&E1#wJq&$!E2gc|HBX=J;)T1=_ZWe_uMiBOwL0xGLEeKDZ+a5eu9C~4#u zmJd1ysU}T|w!p566M8et-e1iTQDoV&4zdVM)ttBp={lydAW^2XgrxhW^qLw#lE<*^ zrs9N!J@IiHZUw)qlJN>BlTqVAd6`Zcbo&I?~rAZFVVbR ze1ui}j z4jYeP8;jTQJm!KLp+FB0HG*My&}eetX1^=*@VK#v+_;Y5LZ=CJFaagyXUvxgk9oQU z_u78H3+OXGIa++%=6K+_)n-0K-wTR6lh!KYi1n}!+<(07mf#nbohsa1z!Nx4y6S;- zgVL8|JgwZkv3}Y(>GJcgCE6i@Tc5awT5dSFyzil2OX27D$BtPW9vr%zH`JbKajmdD z@0shc`>J8evZtFK{q@tXFlPq}MHi>4j1OZdry4N~qYzFChvvUlfjbsI2tx0;JLEES z*`Re>d&Zo28GoDmv$je-nExDnK(Zh~SW6b#W{-S*`Dwe&2CJCKul-NdI*Na?O^BH6 zq%s9&sMAUHcv=Y4rXKds06?}ua#D5#qiPYYo2-B&*1B;zu>*9IC@`F_y&{8tE|6k* z5NnX*05Gj!ovO5$_#nxttC^F+(Oa2sx##G5tb?U0CqyZb29;X5)<`oqam-yLJ5wve z76g$A2=~83renx_lsb$dQ%2xm%AVVA0=(Srf|CkdyU7d_! zS{IiWxnzpG|AX$viB8lK3Z#)$cw<3PJrJRr1#xior13$3US^;{RZkdvzX{{72ox#8g zOCK%?`)Fx>J9=sk0_Oe5%=C(mA`kaZ>wPe5193c>tBgJR6S?J2!C=nI{wA&KH<3v$pDH;LX@12$wD94EE7k?E)PXMn6QTJNjg=FT z)Cu>Ef$Tf!%24PhbfEf^-K=zB=G0n9;U`Vlj^!>t|A?AEJe-iJOJhSmQG!}!oBej>}P{Q=tTvhegYnwNHBlWXi$qO_23rBq<>d=#pnE{iT z7h#r$D;lPs4vxi_6m{gsWD5=a&I_4n`4c2WN?WoLPmH3Q^wx6}#Lf-e!DoVw^ilFB zxJXpY`;oGA-UD-fLDAIsQQVI}^w369#izs>oVxSW63!&FG-v=hPBCyH;}ZP&fFp0C zrbcBAi5}SL8M3lU}1VAR-9 zwGU45ih_LndDA2d_bGyf-2qz-o`;7Gn7I>z3C9lhC&8KN#YLz1eX}25li)XfteSkY!}&tW@6HT{0FmX_`)6#&XJvI_*94#sV){eHo?pdmq7k~E zI`flw*y)HMT8#($*Ey5y zAFQ$2ke3tOQC-~ept@)9OWgST`q{YF>b%{QYa0$0-jjQu!o}U;GQhM!ArTjNpPqCI zjlp(dN>zAVQ)N~7S;gv&)^Ki#x5ECi_TO>iYO|b3ct3br+d_|^1{c-;2_5Wzh0eFX zW-RXA1Ea7tTj=>I4t9a4^IaL|*u>rowUxEXexlr3yq_oqyuTz=Sq@NL@>Hf_mteMH zc(plD?XL$jwj#Q}gc0kHs%8VNq120V0j1Q{p2?zLAitm_pWlqkK@yYSiUF4W3(L0O zfVCO;grkj7h#>_Q>QNV!ePXjZL!n!Tp&VgOngTN{4Wu))O=rafx*Kc|3t&e|KQE0JL?@M!W z$BOxZ>kCtdChisICnRi{KVoxC5WDV^#TEyOn>5j_RFS?}-4td`S$8@yV!A(=QH#z9 zTtxRsY9jr{mxB{JTQf|Oo76_y%C))LR;o)_$xX+J`O|Do``N}%irtsm%t%tAjl>_lf z6)4hu?}p1`cH-|D)`)BvrauY%qm7X4oqO6cRIxlWoWtgPv+F0cp;YqAl$YmM5)0Im;?E{<2TU)EHnq^n0FLM+M zXhIb`X}VNcYK;;aeCt`~MhQ1hj)#etYH#Hi5N;MLh$~52XTo_VC*$mYV9v&W0>}E; z*U8@}^dNA8wX*hRkbm%Dnr|T0y-(i4U=%{YQ(ehVdhdO9|qbb8EMClOb^A=z2hCWEYbgeo8423N{~(sdgGR7ShfO zpgHTuSrkZCTzIVH>E3%juCul&Y>o?DcrXFEN>XEOeqUv#sHz#6%tskz$^Kd$_7Q~*c!3Ts- z4pvmUxfqZH@>75wVR7OV{M2bN2G)Gt5q(30B?e2Jog_?H6EyDNTVrZ(L1v;PgGs4vfNN@edWP1pNjUusE_X_nymJ@ zSL8h_disXlT5xgq;lqAgD-T=lyML@IPf+1HR9+5ONMKwbF zXms>@U~wu!-QuLU4RwNEnZ`G4nvL#EF8f@Z<=|bkm|IKuVNB`v`PRYUMJhbl|72j; z<7~0kYU_GmtcTarMYTy3TBMGnhH${!=1=;zrgJ|d%Kq%n* z(WR1>uBF5$AyX>5U-j93zjx))cANZ#fx9ykORrtg8=l@|@`o;xktyd!kX1(G!12NsBzud^ zef%IYjxeb#Eu&CEqS0MFQM&cMr+(vip{E6TEk!eu zqMLkW_tPs+-aUON2&I16;l6&^dfjpk$KF#}oYZ|j3smy93>q4R!VnSJ0KN-S3(033 zBhHAEAGd2mHxeTY+Bk8}<7?aGW+KJQ0BwKF_DKAXU#)EUKJ}*m@naZh_ed|c1s!l~ zOiX1m7VGW$OxXZEM7Bp8k`vU?n?abtxUj&5>@cW!=;m6tZd?pXf-towr7*E@Qp*~H zn^FTQ&{+gt$o@cUD!_;A8T7v>3UFnT45X+Nt0SU`R?`i`k-KjYl3ywO^BN=9}RC{`M%fXHs7;TcyQx_JIhC>;9qZ2JSPH_{S)R+;I{fBo zeN(>M_KvFHM-MzIXRWH;3*OayZVLT#1N1vQ@zN9r7c-Kx7cd(_*C|d)eFlegei zs^i~{(7m@I1*%hUVOC#4hbd_gEyfDS;Zjil;MULonwAa_6}X0QhZIIMSXwMX zl*nE3!5qY904hZ}{1h$_>MIJ+VKs1v26cH3!H%OS+uBs+Swxhw8MCypWAf|#==VyP zv-4|-+m!Hm#}WT`%rMWi#6>m?#JVBLs4WF5(^c>`VL^q&OVj zO27~uoUd}t++O~c$!wn!e0yE_WPBK`%8JMD6+Z~}xZm;Qo!QcLdWWhly-8jq=4NSB zBLNj4zXYQt0G!Eb)6>0~7H1BF30T4>7n-Bk918FI`m*eElA;?r4?iNt7sO#jPd|IM z!w-Q*lCfg$n>#yAfhGIlad*+dq){>um|SFs<|@~rY3lKyN4J|T<{)HjtquGTYhN@1nLh=jA+^8LYp&-J?4A(bqSUN2}9@#NEj8jlhCLDNoF}UIZUD2zY0FYp6S1A_UG6v zjxW#uvNXGQ!Nh9kr=`Z(a_y;3oj<9b7Ra0y|ss5gCV*zU*PE;B?5x%eBDx2o$7{yu#Lm zQ|;CDg{@J(Io$|hv>vIs?lu+$96UC*`0zX1AJ)I~?D-GQfE2N*OACv(vp}mz$>3yU zF%$*^_WO_Tww71sX1G~vDdV9lN(81&wbtyz1+8zqxUvY~`1O{F2dC!#di(Y%>>&!; zl^C_K@bPVFnG;3sXYucu<>p5k6S9OK+LBrJFNPt#W&Ma?7$7@Hw7?;;6imQCJ{g5z zm_Q90Zd@JOQogYCE&^3#1c_*W@3-#5j{*(+3W+k(gg5vI?nGuqW*MnP5LKDR4hCL! zT@sfsQJwPR-7+RR9wb^U=Y)Q4d4dSSk38L-4vA~8!!xrbIVuohmj2u#ME;h-!(GS- zx$E)xS>;$cRa;RBhc4A1G{B-Gn!Tc64ITyr2_>1Y)=%bf7DXd&KQWBS z4oJwn)W&TFPECXx#wt?$ipgw=E-wp-X6WKI*q!}WkU$7FgL{QHg^H!>mcsR=au2-g zRKsDCIKP)M^xJS}-<7DPzn7*}FAgui7tOs+JT*DqFIv^{Lq8>x!Y*kwss_ngdL0N`xY&Z9nU1MJ@8BB>Vi%WEuTk25syb3%!|xh zh9dUwFB!?%j(AHEdFE?uz@mlz(WuDw`^v$JN7C)3Tujo)66daxx=6pRFJj=>%viL3 z@P^4!Av+;v1;e1DjsS)+o-7sZoWlw&5e$RC7t8r6C`DUOpMpN-(-r*}b}oPE^wi*= zyTfQ8JNvW68v}ZIddx+rEJpIjP}h*|(F*Kcfw5*F%A})K!O>B&F4GE#^=H^r6a+fn zZOmENjHnv{7sz0%>h8C|p>flKvqoyu2vagZ({9%Sd)kIiM_aOf2F$B<26&Z0)T7L8 zQF#ZM1PaE4N{#Lq{j}IOi*ydEgRJxKpD>E|=;3u~QK&Lx=Op2JT7{8QfU!X!MgmB+ zia)kb{<=I{!=JlHTp)!$qZwmYfVt%HOfCFf92`4+6*}2d(DyJXv2A%?d-&=}+s z$1>l`v)3UVZ$#<^>85Zsm2`{^7xxC7)#l+y zhZHtBzj=#a;vaMM$$hU?U6|y&Zd0{|kBYsk?70R2fY(0)`@=V= zF~#Rh=$YwgB>^b%6c2*9M3*O?L~_!0Qrxu9o@s*fvCr$=c_VL!PaFNYH>^o4nm-({ zzk_%qlvmPTt?E7(98mPEC)}(3oy+DUPDM#9OuC;F4*LfS(?yc>PfKMGYGn3_$ah?< zQH^%i26LC_n*sA4p}Jcu&vnu_1LnOe{Xg;26hHUZ0MfB^589F#{r^cYbvd;gSQtfE zV!N+bpIKVFJB$Sq@U(ygTnYK^%^<_j3XCuyt;Jwxvcv`~R2p!OE_;CzuSQ%K9q~joeoquJ*c|T;Fg`=`@VO(-_M&HzY z_e4|P^2eH`N4&Z7kNT3UiZdM^W;Wm&2&vI-Hi zW&q`)w2->=Eyb*KDr3aM1aWy%dMrW#h+TlOL zy>zM^Czi>#LtXdgWR)gUqnFO5+9h!)$&%>KFxrH|z^{T7wp*{AwMJi#p0dDF9BUC} z%f}TluA(X{6>7!KI91C#?Utl5uQ+YL_9n*nVrX&elZvUQW8qUT&ovcizmU6Fv87{Y z(a*+H5yR;rzC~rNdZl?ep87X4{j}7uo>Wr~$u9UI6kiBp0!_O{T3?x6pf)z7&V8wQ z1dalXP_u`;R(=mx*ZsaFr-_FXP4Pc3zkP@V+k;axU;4V^gH-#{J$ajcNrvn+D&&sq z#taoj=AoDu1V7PI5Q??(g9l0=z#tt`FChY(Edhqp70$%GuK^ecH?9u_O;MmhyWJ^m z$#f?7dig2DAp<+pg8W*0KhU6E?+}=O!fG69FCOVa(0GycVCW>q>)V)}0~AZ_8{Ptl#or*XHHL3yG)vmuG%mN)U7qmlFQI!HddI zPG8^rkhXnO*>j7MVCxsD(o9MFhiqo2%>BqCg8rc?U|9(q`i{BFqIDj(*zf7o)spn> zS*8*abp)$2qLp|s>5WR31~fFao#FnFtTMOQ7>Bd+=N7Mp<^u#AyEZS-*-zoLD&0m+ zKb*yW#&q*GZXORaId%HP*C#MXJYOJ6+?AWqU3hVfN#Bp2(USbdH$Y7dPWD`f#Xq&@ z5)9};UD7IeNy32>juBE6l9a|ZrQRcAO2XpawR2W>#n(( z(LuQUsbW=Yg07UcgcD?$7xhGI&=aZC0tcu>`=Et=8)E>j(z05ewM-va5l?g7h{D`L zA*wNe1|l<3Wrdl0Ks>}EVe^vd3ViChBx)biv{dOi;+gLROX9DXW2oIA{<($$p7Igo zM<$bX*RrBvsZfg0w+mW3QZ74{fM{LJv%b4yaiE~j-95x`t82;Yg8rlLuC_XhYn#F) zb_uO{^eS;Mrt5>B8A^?`u!;dq*Fep)(NWYeZ6$&ED3eKAXZ27k&57(e!tP3Mc^lb2 zP`!P5E^aB~#oP#WZvN*fNLO<{r_Db-i#PvrIOYWAYJK>%XuiA*nJazu00p+5_l^{sqW(bp8lnEeCSRg^h-ufUl|K5 zorv_!q1YCWyPL_9?JNdVPHv$2d^yElysB4buS>|@B>lOw-X>0^)cue6p}@DOQeufxqnSSimXJg{VFPq15(L~T@n3wT zOTDD+FZmuUO&?Bo58YbQ!>jC0cMEy*S-DANKF+hh{qfO|D=)f-KmUF^Hs)~{InR5< z31lqPO>UaD6H&Y@C!6ud`cVdh$rcmmxP@uMe)(h&|Lme((l5Ni%hAFv`gS$G!#M6*r>8|7VFwPU?+^Cz#Vq9PU3eWdl6cyD`Ex{!?}wgG_cO~iO)EVD$N^c* z>;^0urN8ZLwGTm7(*RsxI`+edKI<79*m(&Vi&1XY{~-!_cd|cZH#+ z4f%%(BwuYem@Bx&3_YrQHiX!9`{%-68TW42YA&o7p0?xXFgw$JH_q@ZaM^ltq3MI_ z@|Ta(HcgeU6RqMqT{ee4%j2g?U{M%*5{2<`t6)Df@?4-I$=YkOUtn2EWHYlbQ+E<| z&UWhBXL@7L%U|NAb){<^s;c)7xmmf@W$f*VcP(B)C8iK7JL;cSQ>Vtzh81s4^l#~~ z%6n5|d>hT`B2?mUNpCs>M7@%sA_@K6Bm%97w3ArW$=N^{8#=^!saYU&Wq0sE42+7W zUs%{GbVX5!E5@6m*}>V4pjTj?`0Hsh@wN5hFw`o?4SKF**oo97qhF@(3{j^YA$LsX zE-Mm0jz_eU)zG4XnXLVOaxg(54$gLMQm;00dXorFZKz6NEE&j4W>BM8K+A!X)k3T& z(tO^sOliDt)e08&fWS-`2Wh7OUYGxA_Z`A315P#7nT4Zz;KGugttxllK(tBNJ`Yvu z$&>n#*^1eMxvS6AHm(A0RH_kGRx3ZFQKu7uLr6jDMqk!NQg2R#dQqesj){^?K4Uj7 z$u-Z*`TMH2$vT>aA=LbW(YJ4g{u&va%*pxO(bTp)`Ja-G{M)g+K1J?#=m}{jo7j8m z@--$142mv^0h56;;&b3A0-oN%NT5NHiW04n>!aKPsIHDHsH~CoSp6-v;GA_Pu0k)< z3Zli|lXO-x6AU;)#`H=xORRJF$3XSc*wI{# zK1w`k`R2U|al89S@Z+#-W7qB7PF~KtwK;BT4|8?IrLQp<5?wMfXJK-ozX06ZtXF1z zc0Z*i6lX%EIv1f9WY!q|e=8LK zpzKinZtGf5bY`E zv&(H1?z5BccAX25Ukg(^Fi&R*yEIM)t;A1;VGNz}z^E=cp>!yj>TJf<=MxK1LQSG*$uP7=l0fZ|N2K$C*t48OW~i=s`9Dm2$GD(poq8JG)m(a!Sx#prHH zcj(~Ya_q!V%9YV3t6ZD;!(R_19Q%t;doGskfu-W?>G)~EJbJUxVmIK;x>^S_*dPuo zT#iw7$LWmD`ac+HY+nT<3`)`tt!36pI_G*bueHS_I6vg^7qB9`C&UK4cH3Dz7xH(D z*Z$(4jW?G(`$Tmh-h?@ICtir1b_3Q`JC~jBeeP0>#4)y8s>B&)G&;40H;a2Ie9y}u zJqQ0*2X9ha^qyln8O+L5-4!X_Hm4v1ZRl221r^q&@ilKM zc04;I19Fa%lXbeD(4h_-o~03L`W#c8YRSyvY53*6+Kx^I5HyNL36oOSqP13m7ehlC zkr@E__=1JBYe4^a$XrU!s28a6-bJ> zxB?j^OZ7lqW9Vmg*2z1GAHkk)yJKuo^l7H1*rmna;b=wM(TatsYfVL_H$qcxgbwcI z4fim+O}0D!@{Eyrup4#&PUTB$mvvHQJoZo_F@e%#p>{-~IiCIJ&~u?9%mzYL;|M`` zw|g$kas7!*viP2xb~Yt0{oVf*^k;;Cef`o`4@E6v6Z!D(>${{^irNoR{-o>bpeU+9 z(wV{F^dLf@a|H-U47NDQt%g22v>uL0U+a{fhxR!@XPP_M34vXKwS63;C|FP9F|82H ztw?i43Y#l}ivBmiSdhnp!dMxG5xAn-Gt=Y~j^8pA1D+bA*zxJUf$5Z^`~Sg!z$q<5V-55&GRoH@MFzBM!L!QlWF06zZW< zwMQC;JWTO&3g2|Vth(N*`C)7Pjfypir?Qs6mMy(7TzF4kh_X1n{WCo~T%%3+^lExO z;U-Z&oa!kTM~26Nxd0#YQXIl(P=hfnL1r?gN zDd0?pjml|}RI($Bgw4#hM_s#QZ|lhmNHZaq`DX6ft?ZT8W?X$GZ%t_ILfqemPu}G4 zhTly8)f2Js(tm2~=ToMi8_c?!^`29-O)ivCb1QsnGU2ji_iSX{^h^cfF(C zk486SR6r0RJmt^D(ZvvJgPx?v(ga&}C$>*3hG~SE;n$!xL(d@j3<|Fs2ugSfTBsx9m=FT_P# z3qCqMY>L&WM}Bb3}IKIN8@|+l#UZ{M_@JrDREsqK-JTd znHsYG&`$9JD^DG+i!0NGZA5yeB5)pZr-uT--;f5N8UkokiZG4+E$u1Wb0o!OYnEs> zr~|UlbVdeodFHPn(UcsZV_lq-M zyM1|Ya-)6n7+3TPa(?12<7Oi+%+4XH``9 zP`$d$Q?u}IOF+GFmY2`8{Nyz%^N7EswiP14;nQv6&rH-RhO%K{{gub~=J!$^q z{*GqC6_Z1bgXQ7efRXLP(e?pn*jK}F?9S~>U$S#t^JnG}ZpYb#Edwfjlm{E@IDtVs zi6yD`43)XDb*wsA*TR+hr@$e&TTKZn+=|m3p=e6{3NS;|5mv1rrWb0fCieiZoj6;= zJ1#JPNcsbFSY_LMv#9=2U(;!;xq*Uu8!L;&4@)9WMQeFwyVtOGfXN^7_%lN8N+cCA z){01|ks&arlxXz9cgcuQn8Babmk^r6QSE&wbY;U@LM2w7UslTW4F5aq!$U*~+5rY; zGgTG$mg@S2ug8`q`NggIgZ?KiRqyAS5@QpZPc(-e-hSRkzf7x=?sl28AB)k8atpxX z&N49lXsvnP1=yACh;xpT8QQL*+Sh_Zy1itm>%0_joaaXL;<^bIeK+VOJJi*{KRE`9n0 z{2t&^+k?9{i&c3U`2o^k=PcEb#q?<*a7i7e2jK=60Hprp2n-Bc)Mf?lCP|WYAB&Mu zSP9xg#Z6cb3s?Yhs36{JeWKOyjT^&>r}COqa}tX$F8}Pg^hvX+$UL_26K(s}Ra0|% zu@}uQvwh3dyPQyxeE5sXqJA96ABtAHO^nb0M<#x=D3*B~KFnFQ9H9mPCCEzEbX)p` zW*s2+;C7Ewi?X%*Z%vaL)n3)*1vG!4|PIrY0nOop9tmxzZhCT}|_K?zv3fmV}n%92dk&LG+x3wTsTAvl1{9vza-ozEAi7 z+;_GCbviL1f#O!7rFA5^o!tF`Bz+U~IajazpCihnLw@OMRZ#`#ZM^(`=h5=EmwjK} z(5K;v8uOnj-?}99$;-}@s^{lIIgE{u5hS6|@HOq3Ay^8paWY78QI_ye#0o=eb9U;NH+5A-3Rv_8bA*Mz7NeZ$TtY#hYcDqYvreaivZNU@+Xb} z-vix9w?-xh(v>^J5fD2)W`^E9^$~$(ozCMo3V` z@SySSOTVn9gi$5!0tO1<=#e0c4p^@cW6^~c#){Hv^I{|T=Zu_d-IJab0hnfPwx6UGWuoW=weID-0S@vu*i^Ve)URn?=ufx zn6@I$G>^#1rUW#=bYiLcgnD2~g4<9w^9PXLw$au5c9VdHSKwX{$A+)~kB(v4K6SW% zc-$qub3!0*iZG7zPmz-fKNrXb)f#vl{MU$t zuTRzxm*+o?mTYw`-s-YGmpYu4W}l{b#_!Alx;-3YlNFdZ!s+T5Y(TRIBXT#rnt{1) z?<+EeT_vK`wsFQ7MY18YI4uh!p_3*_?evuQ9I2e@l6PE3zIM(`z4^}b$r-()#0Nze zGDg4U*_RdTkdm4LRwNy1&;wbQ^-37 zZc9bs6TDTU)MO(YKW8`eSafXCp1T3VcKg=zxcy|Jr0LG_nCXw75FP2%!uaUol{ML# zc+<;@vSbpU=v+r^j1>pTa34wrCaw_4Xc_@Kh?oRq1WMjMW+}+fEA@@63toAeDgwAq zF_Cr#3{sdOI2&<%AU`&uKtMor0pNK+HU{8m`nYx=WG8t0$89V)#aY94Rog2k&gwkR zkmRw`^N@zer>E1<@K~DqG>*iT>D14a*%TM}mSr*FAON7NVSLvHwzu6BHrA%VrXy$~ z7uRa)p=@ytE|NMb`iipe?uA@W&p#XDva4VRC~|v4uLQNPKW#k&>r#S(+Lo8HgWOtP zrfY6#|FNnqQ1%=@_gTKTh4>$}{4-)`=csj%nd+CMCWgS81h%BHJ z3+gqiKz%Q2!jUuseG{+eP_WxjX%-qEhc z2&x901>z;7Cxp8F;0KMAD-c2IfvCISkoNczMt1B+PYBJh$FSmMaySO&+Bs3KNOgUM z&9365Y5LOOVBhhewg-np28|7+&Y{_2vivI$(1Fw$O=fi6jZRs74P5>yRWGVV=I&;& zW@!CUZFX*FRfFU{S(K!w9qRX|_qG(aKRK#-C8uI3uC?RI!e^hQ5wOdTSNDBMe-v(B z=zmy3yUT=|AK*1YedZ~Rp^$bX6C9Vub?+(7WeUv86fB|+!9g|b+(D24Qfl)OV(Qk6 zGB1t;d9xJnqmq0@NkR=ZXqe%wR>lH@ss9u@y;R6<0cuK62yLMya)eKW#MH%e`_c>5 z9>QrTDTb_z*00Py>0*5B>uzyk46myNDfKUd`RF)X9TjL-z_AaAabH_u>t8x5vXOsOb=@9)dSFK zeQxZ${rIjof1UWxz2YxlGjDrc41Lp+*HkooyE`iI$&=525!M_%67AcPc{aq`37=(= zlbNJudXp>vi@X7>o+P~$CEeT67(V$FCDdnkB&`)ysPCX0;~Hk%yYU@=YyP*PmN50c z`$Jbk z?`a!`&R#Sxl8*C^y|mb;GI zJ*mODFk~UHoYWTj&=c!$mfCw|**?J7?CgBeT8J7DC(+DJ)k_s}yW~6!QiW2S>_B$5 zP|6?Xlpvm1#!2)gq)=~Y~ zMh7TKNz$cR3``b5FVnM=xk<}a`GW3XxAGHSp-T~cA>=;`Q39L(uVa00dlveu`yRH` z55G~a2tTZxQ{L%hpU-jCre2FJ4$wC{c1csxBLL4VZW!7Pha@r_NI#uPaH``Zs6qdO z2#?qrnSWX)8IO?m{=^vI@QV+=Lnu|1zI1?4H&a1iuo@Lv52>S9l`751BC>!V2n2et zH-P~AJOGlT;DuW#I1~*v4PJ$-RISCZgxN;yPO)Hlh)@h4Mcu@@}#?@xb<{`$^3`vz86>e z?zB4F9+V)EBuBL{Gje8J(=PPLP(21S%8CYpOaT^qsZ06{kWYWvoARaHXUd|h+QGXX zm$$#8XPXb^!K}vP#KgA5#lYnb!_P;b4Cd5-D#&}%?Q*#4!r&g|3lfzompJ<^8tfFY zxJ!UY_(PQ*PE$ebgDE5}o))N21OtKrJU#xB|hEPAyCm zN+D*)f7|@u;>fg)Fuy08Uh#1clzb&u0~Aw6mLj1rA}+?kO z{DkPps1Dv9&2^?GrezLE<+*AEHiKda>Dbv1KSroDrugBRW870vjQolFm{P&@ zo#!!eAX-an+JbjHj^x$Awzv_y-|6RFe=q;C#_&Hs7pCOdcT^q@q)6O57gN*HTX)F3 zdA_No##EWOm3S<|F2J3GCi5Uda}9ZY&hH=pvIiV zzi_oCh&PIZd*6KWlhBlVVTgx+fyYIES2#DG{?zjNz3LXIm0zZnI=0#*9-H{9v&xNf z?rIhakJB$B?h~z1SS`VPip8bNfm`1JEN^gTo&~EHOa*mfa03Z?Z}pgVrYsC5I)FhA zraelH9Ku+!0+?b&ymCiiS(QeOY}`PS5v=}zg?UA_@SbQv$bd^Pt`JrhZDwvCxW(O0 zTPF+sX>{%ZbU94y-LhP48w6F~tSNEV{KCWW(|?Y8yZYEe2sRLmE5HsAfm0F&`l-QL z78J_%`W^-YCN&O)DX&d(!e=H`R{LJa1afor-JKo5vm>KJiKnZUCJ!x5HZPxifBrUn zn6Zz>%B@S??jQPLpU+`Wt##V1Eb~#jGlUpWNTnu!W{Ue$;|4O*m2UC2Pik|rV0ozy z-KtUETz#|lORW~Dc$5IO7RgN5yl^qb8`z(N9gISgNEXsUWlnY>CtJv#&XnO3)z38y zO~U&39C>Sel!Ha7LJ}Dp;FJ8+Lo*l(VknOnq?&z0)pU7mKxFf0{8a7f`X~FG&QwwV zvziKfD;)zf2cU+w=Mh zeV7|}JIsWn_6NU?ATCK36Mt0LAQ8nWl-3o-@;10Pibr)bYtw27s>y-seH80;QK!Cx ztlt*?&S|=PJo3xOPY=6;cEvA@&n-PX^O>NbEqjyeMhb9pzs234vsMz7!x5t~VZ>t( zNK3xxRfs2l)5?zl7ubvFyHn1A!iZD`c(o1jig3tq$wXd2LCE6$PINWX2l5vd=F8IA zoigCt-3jYn6=8w&9urOlr~3gkf81y>Vs>apM(FF)X7h`K!#T5| zvtxa3J|deYM(_c}yCzuo_5!T7j`)AoYw5Qj}StK_@L zCKz0)dI3|Hw}DurrVGae^f=oDT2T(x8g*yB#g0Gw$IJ_o^t_nNU~rLOJmO%$3hT$FE88C}1N@PD66?fm3ZtzG#48Fmzv3>xN+S>PXERc?0Rq%q)TVzznA}669ox zGs^ZiNoQPe%4leO_v>B7r{`m4=AX0~PPk6IXmhiwwm*bay*w`pyA3ug<0hEqjneqQ zlt@k>aTHd@NRn|eHQu;}%aU3e2W}41kLKT3a)e_!ZLd%Nt$Os`M8Dh8(tny3z4vc9 zIetBU_V~p6Gi~Gi*77ow*kB(YCq+zImKeTOyP8$a*`Nb~Lp8jouFiT7PDC=vjOU&d zLCAq%vGsSiFb4AxSV;UeFHQ3`y0{m=&#{66ei89hZdWrV!0TQHu&v5rRHVQxP%zMb z6;Q{Gfj44@*B(?ja3}U`xKS{1dicp;(cZSD4C3A86Z`I;7%QmTUOij&=MS}+G++g`;y`BLjybK&F-_I{2u;W}O8(%!jZ%>?R{GZJO&L*YTKIG6;loFcYmoiE z3k!4ilOI)Gm-AFRtU*Sl!qqaos_R?GHnO;tY~%V?3RTTKV+6-hF4XFg{6Hx3-KfrF z8Ic)GXJziBn-;-*@*-sO~6vU1F8ndaSCvO0AMBMkTR* zy|MKA+N|jz@0}W|-Xvd?uIMJ`B4(H=hA-{JNF015wVuf4ul~K`k)H@P*oGRJR z-hdlSb9*eaFE!yHeeE1U7#HQQHmG%k;tp++Y$`0Ag+UM)3H_FD>=0pT4;cK}scX*( z*)f?ibkcKn@$^tLQmB-E+U)PxF57jm-PhipQSQ<#N`CjHWaeVx{Kxk@0I6Ex##07)zgCxezTR$^DPdq7IrjjCYQCSlmK@@{CF6dqTBnA1muA!rp192kkR z?}3|3rxgvmc<6fm05GCgQ~ur}&6n~C_Cag6>6KNEHB()Eo|i_u z#(g?AS=Bf@DEhE`@A}e=*Xfr{G^Eu!2=cDGOy!kgR-($IfI zt~@Wp$6*6JLO>DEVxv-xU`ZtDY$hF&&s|~=tR{fu zW9Xg_%R4@}=l^-w*XOCXhB!GDckL?ppbiO*@r784s6|0Q)c#)5^^A=Yloq2Ll;lGa z>6$zxKhvR-X!@CXqRab6sO1eeO`Cgv&V9IZ13=Bf?;c<6}=GG@vcQgN=|`;^HeK zBI=i>0rPwt5|LO*J9{AQK+Wpn9l`$Oal&xG7ZwR;5n>w1S6rz+A)42QC;ssQ%=d`u zMNeO>aeTciZoVUh*fHz=!MwWK^B_LS^C{H@=R}N23Y78J*OO@(@t-Xmf%h#P) zKLUVQnMg`{TbWK!^@8=iTYzpIyDL^= zXlX384Yn~nxbyl|iOcco@~X>~P7(xh+kibN;c6N|+4dF+1s|uIh+E4-K0#f7Y&&lc z-2kF7^^9b#nD|H%CRN@(^}wHZ;scMJwzwX&Wp44v($e z!@i!f%n&oz?l87fxA-2Y2v^{YM1g`YCyTF?Eey=%#R`0zE9@P(FWsNBTQKaWcF#G* zF?5o@ralKE37I##1k+B8{{~aDIaD!y&Urqu8kP(VePwQz@85gJimsxJ0w*hj<7av% z(<(IM-IW_3R2Dyce1CLF5NM=? z5G^QW>9WY=k-!|mJAr_AbXn&G_5;t^d!X&%go-Zr$YRn3)AfIjzQ`zlZC$hocQ0UU zWKC@Sz7Cx$P`U6pj;}Xt0=Y&f4GXkSx{E7o6oLw4Iq9~Mddm|Jr3XlAHE`N+V8BR-o-qjKJYa6qTtz+4%1^*ll5)FLW}-sVIZv z8kS%~n-zGaKB;t%cb}o6mrJY zcDRxP#J?A-TBu!8lW4XsN*MUPBLcUjm)ZdO3_MCEb|BEF?|yQMj}^7r?wJ$aAjaE) zo1q5)nOdq4K&wW4*YZHuWsu%RQLV!Y8V+Lt_5ovUx*YjVCQPQ80Wmkl0+xn1;c5PU z0C?bNBf_=-ICIFTeJeamaiv-fT#npxN9)yk<21+*Xj;2`l_$3D(e&tt>9LgVqa`4o zP^bP#9zJ0FvNFF)M`0Tp56jq^rNxz{_lX#-EH49jx!cA4sdwz6$O)k zs)OB#0o#LCmU>829POYT;s_fW&e{!a2|rh;Zso7p!Y97ac~$fAfj}R>Pjpfi8z3cf zncp|^CH(Wu`S>Tx3s(~suP$^ijy@7SEp{~R&Oh+O!E=(@5I7VGtrzxYz->vlP`XHN zHTWJfu=k+2kP}=-utVJ^kVxxR3j%%iW}W4mXqR2rC7L$Z-TR%HnQf;&7 zw>TR7d3HytEMux^xpqq!Jn#ng0#~j_Uv{V4B}%e!XG^% zHhlrx^~mh{^)*DM=fO@VW~Z0(ZtDk~&UfyCxCc4Kf_5L#?f||3!UYirMt)?jVH|)5 z!;wD73R>xGBeI`5Lbdc{UJ{UhYT#4==DAFf7!CPv)FY#5^^tBH;YwVz0PgmD+#}MG zP%~CaV#w>^Ma)rN5$}d-aRR{K_q@qJ9*$ose*fInCo3(NiBaS$uo!Sgst)786$jy_ zfN2gtb-$(OLJWcp3zZ)8vgp)YIixXECP#KQVv8lQe4jNdvbn31&VD6)9vdA>xow$v z%4d0W&C-|MOA9=k_G4~U_l^6?s_@z@d9=Qi#N>X$z$xJxI1Q#R&;&+PTFYH4B-$C+ z!;NE-0Tqf-16>2Q|E$gw_s95`BTh6Ju!lBG9Zto{!fg;I&-L_>^RoCX9#asP<~ zF(NH+B&v%n#rcO6^l~$G>Os5dAqKrV`rvf$!q} ztN{AC_V8d#fsR3Bn)~CSq7e$Qg2Gqq+H+ArP{zTTU|8Egj~Bb zFJ!{?Lt_`sJ=D|msAfM%(eW!kS?^=ETnGepD@|2+!E$+{D6=3@ud}S(zu5hA< z-VHrI*D3`U(2*Fqrul;KJw}B8#t2lN606fo5zBwoR%tRl)xtE$JIjpIUP*&-x<$Ga z#++9H0+DGU6Cp(YmH6V|RZ#Vq&Y$gZI5ix;mHH6Nb;-5v%Uk+7AiC`y`r11D!3iVF z!q#JB{y#Qs#GPxkNANAz2=>LU9TjmI2@(QImlqaLt`RI#qqHz##@q-KNa|9{+7nPO zXn1zCqMB3$CswBEYGIAvq|hZQZx>sQ&ALDv}Y}vVA@?_*&SpB#>1|?G%~^s!&w|YafdtVg;ro1*rhmA5^xGhV7bjB>|EAHROw}ImB1vr z^8DSS^~)JMcsBQi%Zn+?OP9aCeA@0FeDv@S5_Xrp)8IJlP#vJv6t$PEJ#?)=!m6ku zi6}WHBQWh%RGo_fh;tY95CnQr&kG3$id~!pbOS~y&U_7+81%<*ikr28IS1!SL|se; zv@t3KU{WA!%>=aJNKl8mLpguZTR}mhtWUce^p>eb-fOr-I^uXV@l@o(iKu%m^0^8H zm%KgCkkOKAc8}%GL~5=T1<+K`dlfy%V&y4drIm@&(UYm5OE#9# zHCE!_HusgJzvk`CK>u91Z?b=5(Zaj)M`t#yU%z$hu2V3rGZi|&CdJ3}I~Z-POjo;Y z?}xe;sg0n~dZcn(`M;F|vV;siT?t3K2l@(DkY^OYfc7?ygeWVpR9B!wyN@)L^k{Il zHYZbzR^2Hb3az5TNX-bvc2MDB1#9p*IGoxwJByVds3%$yn=E!M&4|W>O0o?%Ls_~?;QvYstchWPIhsArrR2Df#&7`aS6^#{hun)#m#Q8bE}+2x<=ws-+^ba z`l#pvT9tAlXh5BN4NgO8&>lKnDF5B~ZcxdtmnY{xKYV#~tIG25$1ijJqSL0;`mUvX zt%JcNCk`pIv^HB01;V7mbLk^?{XxBO>hO?oUPhRLJH%2TJ2EBt!G1<4hgImq8d-Ra zR+O)4&xeB14>tWD7DvY76HheGR+JoDKD}%1q;Cm7Et*o63f=JRh9OWz3%RmG+1xBR zj}&t5l~a@)*zyhGs2H*|bJOr-3&l$Xfv`{ zMK6e-k2_i>CN$0;ef=WwOX=5%7Z1X#lofnfXH&bRg>P8U?;)F^LnVx1cguNtUSM)< zQeY7rd5JQ{r{jr^AHXNsq`O^e#6_acNNZ)pq&hix?IL)D?NK74OH zK|Hf_4|JV}`3er)i?0ZIGEm5ilrmohK8EUZuBV|g zaaaF*N6E}m$1HDoN@aO2ZEyEGW|g-bpMgV>?=(aPPudDK2V8P_Khp7q>Pqks?h`7A ze1t!0whT@3)dz)1fxs`2Ib;}w$%FkmBnvfwjWD~gf)-ZPRG0&WmjF9v{>WF~VVHnJ z=mptG`j)0opV~FRZ}wL6x$1Pu&Qp0^ zQ7yEe_rFyZ6vDwnuJ0Wcf$|((sKJb;Yiw(!!cIgmHy>o-6zs{yN8Xi$%qQAdf9dX+ zU0&>I2X{u(&dS$x<5*7in=2F^yJxR-_x;4LAXp z1EEKN53~njJ&RLE)7<*V{ziBV#p9PWHSVv{`7Zl+%r3>nOuT+jvM|w#wty5vQgf2=oH!x{qI}>+J zlI(-Y3b7$(jNLAoP+gwc^We1i>A3@6!$!hhU$G$iNc(E|XcN54jk~1Tu)imi50+MC zf7ox%6kfvwOr8Vt0GYI!UdBje!qTPG)lb9hb75lC@P`9@ymk)oy3J+A<1vIR8g=u=%$nSi^`@-{45c zjOrHO&xC8(Ju4-luIQD)fJ+$58GWr5V}`VMH?yEU7f16)Bq}FAMchK-%wKl*FHDiT z-_9?I**pEMwy!y+;>W&Gy<<_!w~d`c%jGI^2yO?TR1>&j?+U6UND8Uf#L}=?DI+yX z*MYNMWz{BQ1lO^OtgRBvt;jVsh@CwUJHfPMh#Rj`MKhV39x`{Sg7w&d(u_`p!=+8N z{#RjI=Kau3vAWISl_oB^TxlYn_S;+0$4TDc`3{?ni^Go+5{%8wbGNK}oNWBG%9}}$ z0NIy$M8a6%D=+(=;-;t+<__{#ZhnN4Jlhv@m5g!Ll9$%@mR@ggYP#pmVB+%d!{x7a zUlW0`&u~?%jiWHm3L2WMyxRK6?UT2J(xtks6hn?io!wVyq03w68BJL3v#yeL_LX@T z{w^{>hvXxZV!)jiha`11u+Z)qhHxfxvTYr?RT`3Cb z;@;M{_aiN6;79HQJ6r=c)#aS;MyIQ1d*1w#&G+$+}?N046t8LTPYjoK# z@Pxnm$3@N&+rJ*_9-ADUo*tN(PA%VL8$UVR_boG(W#r@3LFhy(6qpV?LHW^4hmBs) zO!ujN6wd>kwNT$cbMaTfK}jL5AZyWaa+kShh%6<1^zy@}!7{D`8Ad`yz3fvKdTUvH_qH>7hZ@ww8Fm!XYkJ1@YKI|SVFTT9 zgYQS*z-16b5Ugr5-7`gdjkI0e0;L-0;f$ge)#U9Ax8Ad(zo#8bYjlsxEAetesJdDB z^L=uZG|uEdPKvc&oQR&kcJ1*e{ZCBY=1qU8_OHojY$dDs`ncnXbPwb)18%*$rev(? zK9xYYo~@1Ga)wQCT*KG{BAx11uA!tf5w+7Yf2Y^QJO=!YjZP-kcrH%=4RhnciBq6Z zMU8$Lc;6%YONMG;HIGKz8HUKWDG|Sf3X-uq7|aH2lM{t>DJ{J@7#t-$zY@Cr!jL}> z;kCFVEI!-g^6;Vlg@??H*KZ4#&#^kl;xMumDI+@GR8h zV6&2pf;mGl$eZAes?odBuKQ|YXvPJh7>rDInO0C@RKmAz!M6jO>o#vLJFS&{GQFQw zTW!R^0iW=})v3qj750$v&C09;4QGP*9#WlouYJ#BF8T+gc*$*L`5@0_ADi$vJfAUg za`AQ1%L7a6X8V<95`E1c+dslRt43GS!-#b%`!jlOaoV}*mcqb>;6a{EH*9wx6>6oC z3MHtuof*TfYH8{1h-&5C)yjpU{2m*MemrCnoZo=v5Sr)Yn(@N%iZb6uGSoTL)$zPz zgpZ)~1$@TFdVDw`%D;}Nb^zBAe(4Lgad_Ky_1=s1MWd4pCaqep0(Z{Qee1<D zUI?>aaM3i2LN97su=jDA>q)U zo+-eSmrDXQyVgto7`GN3 zgN79&q#w-=wZLrx2O|X1O}HB`ZlzY9v`~d#K2+HV*EUfb;rDcH1zYo*TYcnP7;fkA z`0G9a zujJM~+Dq8Q@nTu1nUG#`P%_#FC#Jsjo8PgUw@YeUT8J3CpgX-k$V_{iVnwlv4^`m? z$fu2r-{t9gmetCd4UA$q@kzn*J_|7=0tI2dCG7wp!Tux7K@;XH>Ii-VihRZHtn1aX zC3$<{39F&#fP-6()efPa00OpaHQ7gC2u~gEgNJMhq=31(tJ@XjlDx}^fnRwg9m=ni zg{xI3F};-TA=q4%$5SSNTb^#KgG8OZw_dad9(u@7_<%raizKd1a~8 z21q6w+=z72WbrM9Mh$`fdYpE|fT`fSFj#LRR+v9Qh8}D?>8?NRH|O?0U@}!tDe3)y zx%$JT=?KTnh5yU~#7xf}cw8Q`^3ENtJMVW6SSZSA@M!sg01sT2FepqEPoIV89GAD9 z*brRIZ*nLRo}Px>v4>f{DLy7T!AIsE*H`)aaZ8#*sC-(aEZmG& zjZuw&6PRk^^*6thik7e3J}%LIHYK{K)MgO3?fU@zg z97Ief1QzPEa6+MqI826Qa;Y9XuC^0ybe!UFD5?$)MyLNEu5jLS@A0RT=9}Xwvwvp9 zCI+6_yh>N$!96i+fV_c;Al!h-G)7=lFtryE&RtI!_V`^8+DR|=5lTrW<0_<3_9h28 zDn2z9??VqyzZ~ovY27&A*!t~u>nEn&*n;SgOhH<{l#?8?vXHx1_yuGiwT5k70`%^I z8};ee*=Hj4Iy352H9L`O3F!UKS47$bZE?;}TFw~_j*v1s@m6B~pbUpqOGWu~F@+#> zR*sc+=GlbuJM$nr=kFt%HaRtbW$2cMz@vwRA;LFATX4$BL16an%-puM=7GzHv7ynI zPjjCp9gg{y_5AVD!RVR#Y#GmsMq7R0&dOyu#}tw3Ju4V1Fs)ODBD)fQKv1XtRk6Fo z1lf5qI*o%+^|=?e%HMKLL5Xi)XO(X3{D=GBk`j)L-f#TCG?&>Cte9A*=&a~qXkoD; z<%JYiLo$FwE#^<17;K`+D>eA35;qK<)p#M)VH^%%Eo3Mmh0LkCPc-|-@SHW z&(kv7O`8u|xI0}ut^hBQ(RPCzz(L?m*uyz5^zAaa{(neBA+#%QEwhBcWgI}ZVAAYZ z;PSDq5)P&+(EJVSRA|gfHQE6P6Xg=9+i-5qj4J#p{(7%<6DDp8wPZ~tS=Dn_!OB%< z6wJzXcO*=*=T9kJ`lSDIDD~U3$OJEPV1ZFG!i(mX3@Bg*Qn0%RJb2DGD>>*%a*JrM zWH{GYN={Okon8uQ^7_tXj1Rr?ti&BH-No-?gGb)!EKcrCTJl&NOBrzqq12dEs~A*E z$f3|zxQ+Bza&Ow?`f~WrU9J(G$OC2j$d}SCLu4i$No#MrQ%$lJ~hHFQ{n7?rE*douCt{au*_`AG9Y}UXe-3_k1``v`I%PsLE z8_SdCyPx&<3$FDmmD!4k@%UU{zq6?|d_rW*UUL4Ya{%ANv1N$tx(< z86buTPyo?W%8DJ%EglhL1X?_0h5i68mmx(YDYG6Xw~(~N?L=0!zr z0t$OPZp}YzO!)q&XsgD? z;~0fJDOU~|Mw(9Zo%7&*NU z8^?D(daYW$o4O74x(&02Ye?cEQc;pyN+N203z{Cit+n*+WtI6I?fJepV;72254ha( z({a}#JNfvidPl&!0o(hdrOke9r3M`Cwdf0`+pJx*9pC7<0kYt+v~)BC1Hi)E<4?Lt zF%v)2f^Hc=VRZVByOQ{=f5?a{iX6v}LT#0ZO5Azjmm!n=G`&dI_SW>vWhiX6xm>2@siWv38|qV6hsi^_)?~hb z7MQ+dta;iQku$9r$~Y9t*Z_Ur@vhg}isQw;z9n8;Q+H`7_NTV)(1NLmKCn6*eFMYk zx{n)+QXj9pNTFigxk9-<(>&;1LRQFt>~}@}5>j&D_cob^z%Ht$WOr&EaipxhErjj) zJKwmIr2WX~(P{V0ATcBKlnh51m`a`_{irBisj(iR$&eM!i7BIUZQHiayf=i6FgdL{ zaI0f`m-kV9HWt!kEeXG&@(+UGUQk)#c+%!gORt~*y=RXg$wuSY^!u0h#{R|?ZBtde zm~V9cY%xKTW{P?wS80c@)4MVHm0>3y50w|5BDBzxDC$=PwcK>N+j+|uQZg6^cNyP8 zsZ_t0eSZCL2Y#$i{hjvwC#BTZW~~G}ow9g~gFF>Rr4grD4Ti3;=Y^;LLBwUBS>)QW zZK7X!icJm!GBgLII6oX2S@8F{bi*|^ z@Q!ICvsN_y+K^nQHp{aWQDUdqo|7cgZs%LoATp31oeolNB3Oy*2v4eHZ6;Ka%Z0>w zpp@qvs>z3>I`I`I*kzqzJAO{?7&pC6Elz%;+=225H5>)&dQO$(drs5#FQ5ry&jAk? z`k7D6l4b`#488w=|K$F_qK0z1S|V?k3YHEd!>h5>UYj9(93l-J*bsQrW(Y4j-42zo zNsu1y23MmNwMx_eyozd`%2_YDm+vzkr$U}sc$np~^sT>7cZW{G;mz=Oglhv{^+29e zqUn0L;7V1^^g<}3dRPs*-LCr!Ky2M#-h&As9!cwQ|B)+}B<2TZKDnGcd6Ie3?&##i zaQE}7et}Oqs+Iu$UHsDH`*5AgF}R$_Im|Yw3!%1H&CLacGS5Q&Bb1K@fQ{%hxS%cP zM`Pk&2yMY0V0bLE2XS>N5OWBEAAkd(;hF)amp`Dfp1B{_6EtW#Y|y;D!9$AvXJBY;J;D8f z5@mx~k=-%t84w<>GR-#I+9btHk11b0olP%cdwEkCYvfS&wP~S!IVjvlBru2WQ^U?U z1Pm6RR zr8_NJcj_KFg{r1Folv2E9B@scsD7jwi}Edn**#ku*2kJIXOX701Ct^`lkvcAVT+hh z&dI)qNjtl^`JZ*g)3VJQH*7XcWzm37B52j;8~CEL9a+t4YREnhH<-CpISc-iV8`PPEk0UP)eIe2Gg; z@sWpYn^RxV-Zp16p})FTQVLN`*6u_j(VB8HG`F+p3c7MFJ;&%?W`_9#rNv3%yJJ?1 zjjh{~rW2b2AtBaut~8Gt4VWtHr>uw z=ta?)CR+ldoCZ!ngg7KeccY3^NNpyNNq3Ziwo$OF+sAxG$4cKmwmeuH7N z32d+F5OOVrbO>c7ujxj=c%p6E-ptN=)v<}A6OWf=hor^n`RK^aHE?*&HBG?)VL_D$ zH44J^W=o7IwmpGb$79e9s*^$!)MGBEoncys-lpt8#YxGmKrzra=+CMND(AFbB!o znWn9s_#H`h?$f`T zCJiLcms9TwniJF*xM(6w)`__zaEcDOz1%D4bx5F{6R@%CjjU|-f?*l(BXnjl29YoY z<0jmIufrCm1ukn+!vx766cZhRA0`E%`qpucSpmiTGGQFJA!l=6A@qN9mC0txEVGIa zLxZn%KMI~F9JNf0w%B0MpIoq2m5w02a6AuFd&YPiZsc4&w%ZY^DDT};go+o4PAZi_ z!BM*iLJBby7n+I%(qbgo zgd09~jA$siKClhSwo}OUu+T747|qov$unk1?DhAd7rT>F+XngSOZ|g?eY&9D8W;6# z{Q2VxN@j{0suvkf(oS{wow#I!Ev$2qTlh!llf)cAg41rA$2z{1ln)juk045>ASF{e zk!Z9Og_MJqK8xd_rBn>h`U);y#K;t6TqS4hxMMy2c1m_>@onl-;^FD3w$v;wcavly z!pRg~5|I_lyO_VtpK#>lu!kBqJ-Y3(&sVwsAi|RSKZt;Gb2F5i%WML|L;TU7vV)jS zI1XsyEvw0HP@dzO$!q&^K$~^w9XBzvU?G?#Q3(_iez*EZ%zl?ax%F7c0@U5^H4G<> z3?mh1{SRY1bVBCG_D!5pnwhAZeIGV9y))YD!3zCtC8e~#?-B|h!jvwn{4zK)>-3hvah<(-D9>yN6L9_qI5OK&a5r2W zCU8)3fLJXqJEM;S`xL9$?$zW|47dGh6ZoqT{mDWF@EhAm%#pCC7NQsu{9P8-S7=r? z6Jx1;GZ#)iO^S{A_W0T}JKN?>I@yX^`djk|6-W%7bej;L=iEh}Agrw< z?`7cd)yLH;Tm zz~l(@h%Q_ZYD?t>bOh@Np1TOm&^RQ#G;Y8@Lc-EWtaH%Qg1*Rv%Cc(3=>YT6ZG%vo zcDW70&A984q#jtu60=P%-Km6YWSGr-^ns}>M#lVSrSYNg?|sh(zTF+XyK__It^%GT znulvJxh}ktZz>h_iF-ywDA}T!zKtrK@9dRVAyZw*qk3VGC>gm_ydt^a>VrGQE1zCU z)qSXRCvhk#Y5T&^?S$_Q^9yI2i&yU0eRK`WH(4<&HCc)QreucQgy#58q;1=;f;ae$ z{KEsm7~X17w|^2&(8_H>Jhj5MG$(5{SEOfX4>mUeL)+xu0PJ`kbsdcs8{Md(7y9B%GtLm~zEvxR-q!*<6oZ$LO-c|byN|933dXWcR zubI4@O(d3MN6N7A4>db!Q{veCc-6yyXy?#1pq-Re{|h2UEay0o!_grEXIMRW!)+1= zj~BuM2p(|rvz{0&)*{3ZQ5Ulg(0^(>wjgiR-$siom*})av9^^5x~@E^oc@OHX$ryu z5J36RD}+9CIoW5A!#9Ny>ZZ?DEBv0RbjUSeA|0_kg=xz%S?dHypoRQ`&dn8}!# zxE?nf8I@oW=jEJA`OOuloF9k|FtkL_2A!zAewB6s#4Yyr6|{)T^Bgo?1<6H%4@9-U zmlTShpWoM&s{Tvs#;5O~GZ>=Ss-ZpqT{>z0_t`h{iK~>%VtIG({?Qjk(KxBkkO@5D zTF}8e;<*lWBn3UoYjoJ3JPZp%M;O#ek~aAG>G`qw4UXY$s(fQ$o$ZD=AR9l5lV!Lp zcS4to)=(xaiY|xNBds zDQY5m`tJ*3)Mz9{QD!dmKNF;mS4FK6)%f1EFR)idl1m9_Tpe~l5g5oKpii3R3_gh@ zW6{~sQcIeL8Zk&+lcH}ml!pe>W}1TvT^X~Qr04?mN><gF&#qN# z@ypozjJDA{yrK#8vN8it;EdBQ3)e--idN&f8cl>ow}H3(Mu(3Bp1f12AJwbw$?{E0 z^P|uD1FW>7XF`&_$Bph)rYhlcon5F=K> zmk|SgA#Z_}+NJ@ofL=!zIT{MtDv2Lu><`2!Y~i=yjT1r5b3#aHgP9Z=dQm zo-@r2I*uiLiDWroB65QMsF|lO&@<9LwrIcE_VKk0LBDKKMyO@vE({%UPR(&0>IN8S zH5Wn6liBWgx582?MJl<%z>DOc>VNKhVKrJ`wI5Z*&{)%4BlB*@*i_NW9Z3_H4z+I9 zUHqcDqh(<3aa0NZo@{ELy~fIm|7QDaEvR@wbD+jHvIV1w@ZI_kRN#6`UQV^!t^Yv^ zcF2nwDCG)i=RZYDHJL&p$gA)a#W=x8N_Nx3+u~RU2wc_bs~k(3X^&TzpTGIAhb9XK zq~Ekj;oGGp@wK#_Df!91N~_Ks{Wg5}zP`SI$<%+!bg{FEI~){Z`(79!m1>mAAla|A zkVEl0c%(jO!U(TfvH_G!R6I|$TF->%T+>D=k%IwIBM!6x0x@|;nP>gsu2k;UN5!(A zVn^TJzguLUku+PGFtcm4$Pc6*#iSaYph&NR%EDcAcU3|l0`{ZOal9iQy(*xpsx}1^ zMsnc@2=PeDKZWhl`GJ05t9Jje)jhygm)oYhRt#a9pe=Al`F9{7IpTh}F)Ou06^az# zpg>Xl^Xt9EJ#rIq+BvzLc0leB`uZEftoA*r zX@SUinC&p=X{ZkfJKj!|6i0Fm)Mb?CE>*dH00=Wf-Of(q*di-2rtrc^@&zSlF+lc3 za8uC4EAe35t)eaRrx;u;!-0q4+{hIv~>S9gqkH@?$i@-BFGSCHA-;{0Sqt$dcDH2tD4F?qD~(QVQx z?i75hnzS3R0WQ6y&>ao*SAxCOZfb^Eh-#9b;}yC`wZnfzFe@={H3Suepba43@{#Qd z3)Gx_)z{fo^|G}Ly>@77#LM-i3-1Vx`pDug-L@{zLX>14vJ;6g{=NJNnmT2!TO?;=|mG9`YtAM@nppTKCjpxkb0bjn z&)yT~M*hBbzSx?w7E5Nrnn^(e;I z)1nppc-*0ZDx5BEQ{2Shv#M6#J2S(VF34tNm@C@FE(|?>eYIRitDr9=LbD$s1)e-; zo*RX^S+Q>ei(IFCMYS~25E^mIap@!2r|Gq$Kz#KmmU|5YI;ib(m8jeD5TwkZF$c!r zzoT~p>T-Z6t5(7UxLYM^qu5nzHO!Qzec_f!u=ZA>JV0PWWeK(AU-RV|65)=TO}NU} zEcLyFw=A2b`-|P`E>%gJo~S=;PTZXMjXe=Y01t z3yas|;|p~ket26mZ!z|8jsBT4srh(KoJN>8o_)f31=&CeHpA?^qh1f}7kR=69sQ9< zn^rgd3ePPnO{5C8*BYU@mV`sg>uFfNA>X;0@62{}G|Loe@tt?)Yk-##9Gh8fXxrr3 zRbWYhtr`|>zky|+1NW5NCGH!--n7f2IFzlj!nVuYzzhw$BNO8n`kyL3+@V#TIP=$p zI+LkrYxs6monf#XF3glFBn4nL(W`ZaQK6QqVXYH@FQ>vSY`}CRA2p zQCs9(^>zZ|>_pHw23Q)+=mw^~ehN{3`bg@5r_D`oYQ~%6LTo>8(irc*dHPk~ z?fuh}r$?9z2mc7yF3W!W=32Au7tets7-9FemTuFvkuKu!jz8Ug&t{Jg_n6ZgxlDJozR7mbo|X1#zej{oXyj# zT93snelEJOG&(jse(zd;%e9sbDbZ`}rHNAZQb;}t_K;R1VNpar>NB`_#ak^6kBk&A|I1?Wu2>`69dWPJc$u>T8ol zo?J$ddGUeGa}i53cl)yLF+-AO$6kKk4M;5ipy#c<%~H4E`3~*u#6zdePtM$DO+_V5fS?ua ze)%pANtXycW1)H_&x(B+GcKG_8v}c)Jw7+uO6@adgj9ETpR6|-m;G2zIwVC(tR)lrF zyb?q7q$0T}E2=ORbW^T7w_L4BH%gYR-;leB_`#XY-$xuD$TPu~z-hFSs&+a6E7aLh z6GEr>qgok0AOYGCa@q~nQmRbATqY;KEP*pxhBnJY_9=473CAP#SOt;W2WZ7Wu@9$k z>IyCJ=NzSi{oJ%i4o$|54EwoUXpN1XJk|dV_^RC@%Zkqt3Wk#$I**Eg8A~{hjQ|Xa zP5v@1@Eh}#NZ`7Hb34VKp~ zaZBoNSYQjep?Gn|Bk$AW*49^9U}4SSBYY_Y_*Rt!YQ6eynt9J}^^S#HRQP}`szvd( ze`<_u+0wp|iSg8D2Xe>nuW7X&&V>f6!jp{LS`-(PPep{DiFCS&``i`*v3naY9<$%b zlI0p|WG}fIO^e9U4$W`5cI(K7-nqrPgrvO2J@eLMZw*GAPsiA3e}bPpD2x7Zz3};! z(=lZiqC@>PvVT#(U6JY|lj=i<+eIq)YBI~U6r?%i6!VI5;;n&1kv8v)NMj3tYPF0GjFgwp&)%Oo5R$v}b?3yc0~6KR zHD{tbRZKI97*qv|EOMO2NwU-GQ`)(3w7$%}&7Jy6phWN^C0KX=QBUoa@64A{!}DB? zJW?uulVC`sp~)uF;Zk9iiWgI_6ppXi6Rff4fbW#&tv;naAKqLW`!jrIycX7nu0DM< z)qj_vovZz-A%jSlxo@vbkDv*;Xk0}*l4aB*BSw+q*Hp_f>cEvYt=OGocZC2U9ot#? zkEfpAiHnOoI{nwE;C1;O$Yn#2%ZAVGIZegkaO2f{gyneY!f30 zuBCCEAWgXe>G}Uh5DE1fHBQ6+t_+dNyBGyBP?qp?y>qdk{x&fIoYBx<{rw4ULat>e zQj$2aVR)B9r|s1I9_EwHcGgRO9=vn3%{=!ObJFE$`X`5nFu{kSW9lX#j>#*XbNNV%eVQUmBMd!j?`6`gD88GDbc(>d!#4ZD^Cm!GFK> zF7jTr_35Q5>k}`1w7pzSehY(VxFU;qBRx>Ufx|Ua&a)t4`|Ke}>U(_6=#d1?SWn4? z?bqPAE-w~_J`E1Bo#Ox;8j_*O$K4s?1SbACZV8{k;YyswAU27z8|c)yhBD5?z$?Q; z!W+V^4FSb+>p}h8hFY(O?X&H6?J}@*Wg=TR?L^x3z=*oq6%U@;EX)W5Ps_>|XYWt{ z>Alc>?O9)MH%!tRp%g2)G%3EyP+Es$339#qM@VB>JjfqwX~jNBEYK@ac8_lu+ZpL` zQ@SCOl^lf3!O5wdW8l!3mGae$VxCXR-7xhHkGfi(v|QUi8uJGL==$oi4?`#W`x-~4 zXNm91XMSH@_NwK`;nDrWu~vl?ErVK*^&LJYnt7#M35xRhYJD!b2lJnBv?Xd}Ku4q% zd$i&9&v4{A{qfq>G94|QJJ!~T3x9vO^!lmdNpS)9hjlU-&3|O*`H3D9_o);Dzu8@h z8eir_dG*A0)LK@Kg}Egw)k5_=e4~8Bgs(7hEEjx`+;)ghFuCHd@`Fx$3l9sMAqS}n z!BKZP9I2%_!M}^e4V$5KjV$rN2+g=Q4X(vJXH7iEQWEf_&Q5qg_+4;q{nMvQeW7ptxlioV&;o zvstQP+jM4LyxtLN4D2G^Q|>M>;ped7&8P5VAq>HIP&TK5>UjQV6w>57FMk+HhL%0r z#CL-%hT)af>Emphf~6V^_JRAx-n7VHSVtg>t)(cdiM~S?qnJ~vY+5PNcNp#VTYTxb zdfEJ6ZEc@i-hMLw{7yS3GQ*U{s}7$na3%Qnh&GajDE;4=FVh)!Y7tRYyZ? zACLCvk35KfcjnvojUbD8j!it=KfQo@cjhB|SY#_R_p-0%)s;&sGNC*1H}-OUPRJ2! zQT7VTNbp0cL^V3<tzxA0ePi6Pqqx??RboG)_&Oa=C!ZwD) zW`>lU!GWhRT5KYwi-YRKmBU4O$EDB=Zz%TWP9-Ld4ZLgBUVNjwFm+&Thu!o-SmZ~+ z6Z<`qT#7;JT?u@0{$CYHs~b|DJk-kL=u!>`JWA0tZ0YEGcG@VGH0Au215I>(hF*hl z0AY38rjoo+LJ@=|N>#hEms$2YxIjbydd0Pgh0mGk7s|C??PwX?Y^SsE=QTl5>Jg^( zjZ4;pl);PCWFMa}8fN#vJ$UnI{y4-+$tHAM6yA~oQO@XtvoPNT+337Y5ONcjgT^ro zrKK@@J#t>!hjLOi_g)Uiab&h=_}y}~P`vfXI=4UeJG-5+-ulnplW#|FuU(wa)ph1b;$4ZnQsCnifat1v!#5&TRJM_igDu*F?Xf4zNb%cZ^= z3G8CICBT&AA%iXVK!c3kfeo2fs>c*UHKq=;R5|s|{^sI}?JU=n8w)g?;ZOPxOH$bl zo8+FHdI4JaD+)Z-Vx)PW8F~mFGWo6r3lqGH0v@mx8;6&J=1#tR&=|a_~d*dyX zhJWDXA+i#FXFHRHg+fz|&{rZrrPKm{LMlaC>&41Dwr}Q6HpVZ_e!APb_}lzk`ZC^>N3j;!s<9A>H{Wa^Td3SEJULRJ9NrhZQ`clM&7RV9DHCgNEs%0`?#9! zltLl-N@|60T_?of-i+%8Hb(Z{!8eKW!pr=Z)#@Ns@ep*AUG~@qXZD=AaCqdjzV=*I z{xfSUD+bAGTiwB)HD8hGl-#OZ@58<}Up8sP`^f6|kHxer?YVO)b?xMXl`bnE7+UQz zOubv7B6wl;f`B3Cbzm7B35tG@^8QQ+K!<5JaZ$`_e!TvaL)_Tt!1Xm{3MM zdbKyLwu5^a=J5iA?p+};qh|$QguJy4m4*2oEoRvIfTR$yI?w`J0Nl^q5DpA%_Y_K0 zs_*w3h$CQu92w>Qmh$4lX#maK?S*mk9nm{<#;453|Lz`)Jo>wz^9x4@lq)WUMpff> zV1?X$44AFW(|{lZYsYU$T(XHW(nIR3lZCs=xs|szOwaBcdDpsn@m-SE{Nr+&rEmA% z&wcAX&bskO=Gps()kQd3C!bo3^g~Gw!El%hjV#q2&j-IvW9wT{Im%qp2bO`I7X=n!<~{OgM1t>ei1Dl{oc z1ToG%mU#R-` zVXKaFxyHfnk7_7?*LXj+&fVY~{NSLk?bWiwrw^ar>SCyu{)_8F4yAtO3KTE-+^SCB z{X@d$NVkFBwqSuXuxQ{uiFBq;Sgv6ASLL`oR%_G2n3o($2_XZ-Lf`H|miG+sNpTct;T+=j= zeBgS+Mifw=5PvYA5G#q^LbYY;gN=hJP6HD-mgeja#Xg)oVYx7Fno2??rWr0g>`0cP z4{p`^MWMs?&_vt&;i9=uJG5RxF+Y5Bad>8M=h4YOlo=L<6$pX>0`9wHvE4ucb`OW6 zaAYWnVOC6Im6FITFPSDtQER!K?8UiP-8G(!Mmc$b`ifET~3g(Rij$!(>h?f%3iVxZ&e$t zy*t5j6=bAqJ6f&h9x|WYvEHy0J+iM@xwhZcOBs=@i6YpSa#3){HWx~dy={&+X&>A2 zd;B2={+cHZ+bM3YSY!?jmAm%ndd-CR&GY>;i@HzCj;)QGTsRsT_2eemYs%;zeoK; zB3*CF^K0@1sLr>MBFCR#u}v8N*vKr`)e;ls?|P|ktcbY2c?o>4$T{h?G&8c zDwcabL+Bs}!EVmY!D^QLJ2L@uh^eVhDtWqu~&1IU=`kn-G7mQbsS=z-C^fA$rX0F^`N z$kRQ{#V?=lCd~nBW`3Buz;yn)aa9=IBPYle?&^SC5I{yC$A#yB&|DV7#rgjY7l4C*kytF2SUY(9-9 zvjxkL$wr^YkRACag8eSP#Xbp9VA|PjSonK-etr3?9hrqofZbtdA`?G(q05&|D{8eByr6p7YnD9;Kl+7yB4xUgl5I5;r{qELiuyN-Cz3(&L?g6z?o|&?d5g@{K9O>|P$6 z;xMu7^8uMq4qXTxQO{ynQwBcrnG5y#|IikJ1s1wrVq94PaTd2VkgV148|1blK~WaV zjbL>DPX@}e5RCSL7PVgAkDKF&bL4eg>S8$!PHJcuUE8tAX6di`#Mt&z%&{zJI`<6; zC^C}gMsLAkz)$TB(?RPH&?TA+XY0+2t$90y}fq!_yF@l{8Int zyLJnEW=4{9=3jRUyt^A!F269##MvrfQFLaEx>=g6{@%25gC-^n^2xAQG##Ok-Uvty zWkL8YQE8S@jE~~_3FvN?Z|@ekqL2?&_;Mi*wK&BEn(6`@DT>}&sRqa0?A#tg2_L$E z^`$*9%T%WvqueVX;d{952sQ!t8pQe>=%&yIYs1cE@Adi28P{VjE_M%H-ElhUJ7eMY zy>D49;|oz`8`cF^db{#)ThGEPsAdB+n@Hsu^O}bKJzwv^(V$CLQ!cX+{-F(c_`}c!`qto9n6qH__N~OSA1E&tU}IqhbOQ~af{cUYJi2_49$f)& z{KX9V642E8;U?`ACa%M8LfQSZC<3ESF{fFbR>B22nKPOUsMsigP8Wg3p<^p{WvEtv zU7KiQy)@H1b1L=g>xT)8jD=IF&$3#c>!%)y=x{~Rh$*zAOt^ms(F3{B3mR42NW*sd zBZlq#5OKoMyrFXa75c<|%BGR@q@#^fc6W5|@Fp$_r>Mk?ke;<&8(Y&9*Bi}~qkyL?=k?jwW?}tvz zcOJ-lr0UB2XaKPTvXgB9vC&P;X4PKhy#=YhfZA0~mt7~VLD{MF5u*!5!*!3(F zCGkny=a%On(Jah5P0c)>y|$;Ss^uE%iK})2!p(reKks@1F6Jny|E{u`x2o`X5SX>F z+N6@}sZ`DIlnSrNj?n41ZSRwy_h8*3?eyLdiHPJKaa8 zoK5388X~O}lxfISQc`j(S2dWX!|pHW(TK%Cv@mRPiLyfs{DQyzv!!sASKd1FWpO;U zO5BsOJNE7G@6Yd5QC49vD~;fOR-p)d4<4Gr@E&L=H)uCi*2%j;b+a5OUZaY{s&5fI z@ohI%O6$*|OQB#6=?aFKPVo&s11L9|jGGW<-e!+eF!xe|yRWXV%LoKgTr!;x1COP?S1wa$l+ zGF#1;#=iIJJ}J+Bytp&$x4c}$bprwyT`F?#+UBpeStbfUAIgg-b8oO+pvrOo$`8u> z(uN6eC1#cnS>oZ%}%3lIcZ`8V?G&(*=iGfj;fPnKtsgV0_`ob6ENx!ogk<1I_$ zF<{#94!BnN!b8Bu_kd5>Klbl?!0@%CqVvlXp#7;Vg@6N!k_awjH$qTeX5?kiYe+|& zb&f|VLBomPv--n-Aw%#J8TZs>A6^YJC8!Xv4VUXpOY%aFyVC_P5SIdFidheshb9|NFOJPjj~9Kn)=Q!PsJsn0 z22?LW%EDX_bN7m~$0aeM>Xct0TO!YZ^1t5*rEAt#n5Lmzf<#N=Q8E7Ee}_D937v?r zo*j-|7%Sd!EO6=T=xn%MFZKO@_bLGh4R<@eaX!>QVqXS^rq-vGdRtvYzNjJ`0;56 z^ehrLS#P$1O@ru|n7EjjqhtT-)v4Xtks>1*&Qp^_{X$U-;Ws*lAx&AftTeP5SC!_* zfl3C#jZqJjFRuPZCP{Cd<4iN4=y$Rp&w{oK;y?oJW-4JnkcNy;X}D>_pdcAy_j99PmknHUrG?dZ}6 z)<_=0#MD&l4rFir7 zg;rbh#3|tTpIVltcaJ>oyIW&DIAy9;;*Ft7^JT*2^){a={Ld_aG1s-LNqwwPU?n;~ z;M@?}Kz&6tZOFdf#mYZm7P z8y2B)3Y~;Euq;RZfrmy5^PWnOAxXcm+}EMk;l^B7WlOW^tUg)L`ODH8G(|;aMg%zCw4ThmX9~hwo{b zkr&wV1Ap>M_Z75@Z1d*uxC7Dw+q=5q$Bf^{YZr8NwRG*QZDXS+rzeKn-VfM6`wZt! z!t7HymLi`{r(PYFkqONHZB~?i(!}2ZBK7|R1_fd)oZ{AU-^k&6&egkjQEM_`&BXP1E>8K8t@Fc>me;MbLlyI* z-kUcV+gUdqZC)CyIbxsk;H=}n9PL*sNYb(Z1=S=IJa;eV-vfcg$Txbwu*k3rrs*i@ z!Z0wICC%9dO)kz}Zk;Op(98 z!7w0WpTM%Ml&ulq{O@XlJe#(=+CCi3D}8}ryHZQMOVE6ja_w5Uf38`^@AZ)pxU9pGE!bOju4g@1yhm4-aJWKC(c`=jdeKJSsg zUFM2(%gUB!pWS!4a8F;hNVbVs)!>NWQu_odZkKRZ)1^cQhe;h&{RfwqTTeHtd^_hb9UJ$SSLDDgeeBnB)Gyx zPG1ADiCm(-PJOrVOx|tsfs}T^7e2YkJn8^q;7`E~X|~C*_{aR-vF_(5m2z{Lo+owB zoHDQr!DfP54Mi@$g6#}hMlmbedwxx!9 zm|KE=r6P3f^5=lOppLuFRjee{!PfJ3f3(s63IkzCZ6QTc=vs-V-YkHx-NvjFZDV&88U`Or{SXOX^;F+&KTWd@-q9eQ73P>C~9``5!pR*C5|r z6CqiP1WWNB0NBr0Tn0dn3D1g=70p{$OBVo| z6upY}E#X_BJL;iXZ6C;vM^taG;eHtS%2i~A+%#s{-%M`C@ZKQT3r_etp3mb*O6rla zUE9OVi%!md($zY%G~4&#K(BF9l;x(O;K`e=HrxgY<69%8wCjUM!1xGM7_l>>E6iV-KCj5-`bAMz5B@P z{qgG8*1nMPQ3j`Q6|(TjWZOoULcT}a2KHWda-BmVKa_3we;z&I>hhx(zxMFxtCt@= zLEiV@D!f>*xhc^%Z6Hxd+B8yh-fip#ZhB;f(1&FcOTsm(?8kLh5Dg4hc>fV*l8z6R zGhWdP- z$ni}HidB|}B1ak0Ph147F*f1fMDj&rRc!K@u{A!}~UT#xVSeyDxfnUP6 zMcvMG$DYB0sS6+@oOFjq?n*!d7(fFtq91m!fIx&tyKY*y4U(XXfFTFh+pEt2+E+FlyP>fa)GwzE{SSV2L3QL1UB!}3$Wl7 z0l9Qv@&Q{V_AP;L5z1T?0jMh4+ASV856xRr4R8HtEuk{`#U6&Xr;OlphR;wlPq@U*? zv6+!pg*s7Fyg|*Drq@ z?MqmSn0Ofy5hy+OMbR!sRWT1of?jLI(A+f)%YOTQbHS$erJP`9?9V(vC~Jj_7c0G)_GWIE9lT@mvXsHvUoFyBEd*Fh6v3-J%AmJ zdP!!a-oPSMe#C96KkO7BHx;<=cGR|fyd>?Gab<4K;i*PJTeMYMT-1+`_c~U!U^gP^ znfTw5QC%R0YrTie1f?)|1`^El2yCQLuWL~b^vL4(cp@*lcdb=SnHo!2x-d7gbFeMp z-gw*RrNIaH=C(NB_%Qw)LV;)_RSoVfKY8M4PFVkY?eX=+I=AtgbFOkF|9uK2JV!F~ zys0)|fA|hO&U&2pn3V>5YDHN9A_2SxvvdJbHdOxKr*I|MTky35D%b1j zYgaOmkD`-n>uYs6fvKwoe^d_%KZbnIeDT~^V|7Bz;$%yUvUq3gMUS!U$Ga8oB~NE4 zcvDfb#4z+Lp7s;gJI;+~ctwH;5jZqx2jp%kww3%`xFSXq7$jzvzSq$tF)NBm}W&66mJi2|e_`G9V(ZnMT4wWc7TDq1d)*#jCh zm%eTP(117J{s{##t{U5;7bk!PeCG|1Yr9Js8vcw027-5F%CJ%o?hXr{x*V{8=yGi{ z$mvE977EZEuvAcqRao~EXW_VAHE9%M^hlySYbJ!X9J{);J1_2yq@n^k^g z@AjT`kTs$)FnH}fvK%^0Nl_plp!-YeS;Y}+O_g9da-ER~BLp+4O6+12vR4kxMW37J zXksTcUG*VgO!#G?#p*=tgeItKG24%yzt6a_vnaW)%n+k*4Y`wMcZdBa`v?n=0f+(x z+@GYtibsZBUc~=TUeJMknAx43u1`CqbYwCDOF20iN|PCofRzCnY=W&LGpzN5dbT3J z8Hhi4wy`riyj;87CIpSU!)^eaRVf!vC?^~sImO(4I)bb;mdAz{ zt%VnMt`V=Wqv*>@gqlziO&spDZ}TJe>OPSdr-ooaiHX26&Uf>Xvgvs&56?SRW9qHC zGOgeHtdK-mu?|37(w3!)mxfj&_Y5`-!w2zV7-dL~SYcEJ15uFC;j zlytyLgqGDYzfyHnu`rs$+TcgO#x9YNNPeE<{xEAzW6UAp=c)80`!iBkogqZE$?{7{K#%%e1XPxx>s%LqU+V+wJ^sBrQLtur0vheE~m}dqw+D+>$ zyGWo9C3OQaocW0k&t?47heX6+MIYMq%XYo_SXQ2QJ!dBngFAx#lS=6P+FiajKny&~ zoxtdy*aiRf1{@n5K^Z9Fd-D&nOk_8~+7g>#5dZ`xX%m8B*oc~JARNFeg1m4BQiwUL z5*KK5iPaDh+m$C)exaLZ{ScXsaJG&ajQDH9L-=_FI@CWry{;K_A|h_N?AUXIleAD6 zJyWn&lg9PvO!2&Y?NIq*@EuBy5RcaGrG{{-P29BIbF!!-eLlZ`zaKJ@J+%0(^!|qg zu5htI_~Yesr&W5hv6a6;3vL=*fLaT<>j_Jd|IX$b`&eG{D9?J6_GVztzYf@US?}Vd zn7Wlf%cdZOKm;Ffi70fG4^>UX6vKbU%h5&Rx z6i{peMW<5&sD|DxceMFMLU4|0i*$Buq1D^A?-SFDud>%~->QE8OVHQDcJ{%JW$xDc zNo!5A?tJ_~Pcx`?;&^4jEG%?Xb~y6g6IE4fzn)9q5H90vIaZfm8rf2hk#W@Sfic zM7VgxpAV2I{4b<#ekybb1MznO;)n^uZiI;N1Pgm4Yn|aAL91t~i7`lwWM`0s7}d4w z{RoI+j#N_t4z(NOnRihQW%WJLVL3{E z+EH-%EdV@NV9>8bP3h(X(yygDqX%nwhHI{6+#gR(d3t_IQ>e1spE;R3J}+$Ey485i z@7MP+y_pIKSrhzP%ti)#qJR_DudXdz4Lfg>YskmwJ2-0{S5>1K&Uf@y*HOqkMis#8C1;I%P$dOf)$292DYG2bRhyiAe$pb@J4k$b*&~^{z@XS(^Oj-;c`uq=SA5h z[*VCth432Axm1sg851hl@g68<&3xKqYBe(4vhE$cMq*2k(=uA^dZASIG*FHlhB zm|hT+pJ*7aB}-W2~z&V25MhVib8deKpJ*> z?T+e)%|Z-$MxaRdtq?_pTkLe)CRsoYGpqv0{N>uPF(Skf!~oRB{vAM~f$M_){RxdC z5D1C1jJ#FSZVNkMh<9mr>G`95_p2Ta$t)-@NfRLC!@(_QiDL9E6S6wcHsS$_61yQn zTorp;eiw`r((P=C+IkK*4A-oWeFVE@mY1(4d|#ZD3Cc@Y4j<3#@3-6Ve_Hqos_iI* zEXN<^0!H8T|1vtlFS`p5V&IC$;ly*{(Z&SpHp3VNHl~O}DRSR6kRPE;Eu2t;sS(SZH7lXrP9*(D*PZ`~_BZwe z+?N5p?_a@hwX24R^*t8bB``pC;eTbGm?X0+YpJ050MR#8+(iY52OP(Y70w7u1ia@2 zW-F{scSrXZAVK#(53c~EKD~PQ{|)X~+$Q;5ay0E!7)2YQ*U~PrU*Y&I9uJY_ zEQtzFX8ogK>+#8bI`==c1}#6m*?%)P(_v{Ue#;+!5Z&F;c$&616WX~qgn~L}`#SLn z+KGJ?bI|&soPun3o@Y*;iM~|fgZ5V-gD#QVgkvklU1E%nP7YsC`K=9am+DExKfcN? z2KM`rY1n*spbb%+1DYQ~@}_Fn={~{w>-@@!a8Z&RSi|z?zB5sgR)8;u<|sTl zInih@@>H+mmXTEh8jh>p zXoQLigp~c0sgAc3v)C)b&Nm35FWGqtW0JcR#LXJj{q9I7bZ@3ZeuPgP)!vlx{N)H^~*DZwh+BpQ< zZ_j{P{tUUbVQItIV9)@nU-*v4VP-03pdDSI@j3?(;D9AE|*@v7A zXPOA9t;Fj5FrudyK(v4Jv?&2Z-1Fh7e3!+Cr|jVBB~!a}R&8cq!= ztw-v}u$$ik7w*(UN_F3$VvD7#a_gLbKc8~Q{!!^U&7~hd`gA@hB_uo-evTa1Ubwhh zCblG5!4}CXflABSh$^aoqfwJrWDxJnzwsG=D5pk&6Sh*d+qduGf628gwVJVsfut5o zyms;mFc)~%=|yjZe}_k-Bee7={*s^$vSW42pBGH;yg} z#*m|tqyuEbTv1jof-}A%IzI*Ce5G65_ixTx5maD;($;fYr+CtM+mA;b zDQ<0s!WHA*Ssa72aqHGBhz~3C1cEFM{xPV@wWn*RVg`QI@ruOOCHI0B8BTI?wCmwH zJDzbCWO*~Gm3bwJu>1`)+Uo8Vp$=490Sn6bc1(MHB32@=!dAa7xn8gXXaO7)u={F* z%CA*t!~$qil?9xboU;L0!B$e3Hr=Lc?3y`Mx^7MBxzq9ALcYKFSeU(FEES+Ih>Hz= zv(~N*-$G1AlLEZRqB!WUvzB|KmIk4XrroUJr-uiHPFm_YpXO-)m)&fev5YV}dhylx z?Di9Zi!%!?PoK`6FI-jlmEqQ<#jfZk!H_3Mo3F%5kMN(2f$n6N6+MRAD-IeDvm!A7 zyN9|`mix)a;U)n{bLY3kAD?CZbYf5YZfc+`N6L@BN&7G|QWG?1KvK^LAkyjAvv!4` zAx=9(|93M0Feu8%0ww2?nomPi?t$fvMzHu_?i1|Ya7VKKWChFh$QPjDmz(6*HUI|O z2({c-O88!NNfHNx(5Cw-sj4d$T5Y*A|0VZ%TZ`4=;K<;cz6XKV%&h-_%gu6dnsPtG zS#5wEnNoYU7jMR1FA}Y&jpQ)25fM#DOe0DXw0T(<`}$?Je_woXPbX;LSn03vlQY9p zQ!V3L*3GV|58@EDHd49xe7N+4T8p;0tv$ZAy4{GT+!WSj*F*T%BlJ07n8y{ivS)I~WW){qq&5)>;7?`ELroE0{J?WaO z_a-lj3ls}TcAhs=9faQz6+xsWzDtjXDzE#)UZ-r%@ zhdUfpy9NW$N2>UQ&o(RSM}sBV7?73JrH4gj!cVBepEauw*W&wXfq zO4?~Thg>k$|Mmj#QI#x_(JPUr;06Y73TiWYA^JYFtwg5N2x_`1TJt;Cw60Z;U$z;4 zaVW#>JS_Wt@K@>m`-NL{GvlpevM_WMjtAudojr_&|7mcjy^!1KBH`v|mPY^gEd6cd zP42yKDHlGtmGLgHn~BhapL_shg0Q+H4E8ha8Xd#jm2gfqsuxM=q6iHZhXQ{X1}rX1 zJ#JJEbr&Njg7ZxwtiztzPhj9$JnIxI8cv>qLO+VdQlaEp!XI@!zFJ?t+JyX@AE*x* zS2W>F&lL0fp?y2swzkAYMnwM~A4WG#7B68-#7{8|5r7E8IO&P?tPM>S&lGl`G6$p> z=n5qoatGy)JWp!vX2a91f3|;UwfcU4=wgC!anktd)Zk!W$KMg%?{r#{;XDjo0v)Lg zzssY6+0A!(dmVJ*`-*g z%6ygOM?WK<5 z`}m>1hz^>i$Ar_NKi+4ySjGMR{oden<#nF384C04?Iciz@Yg+1$M9!zU)lEH=WHP? z5U!^tHgAf|HNpR*x@;=7iXH#!-naIVb`a&O_U&`fk@+%)sK(U`oRFqu(Y$NFc2kfD zenF%J^6kC%BRs{ELVT>}R}IelpWJD6B4#P`=4k2mJM%sF zUV4likxo{jh0w$hs<}6Cd)xI9!Me^HoVos(DL$0}yw;va*n`OVZM7uNRMEWSNc6;o znD2#8=Mt6}!Zxes<(E++r&cR$o zrn#SeDpQ@F`Giwa@90A2m7DPh_|=2j`5R_WBz@B<;eNAslWc#$-Wjp%bWk2()at& zWgBB3x68x}oZk{@64DGxDo7C%m(hqft+hqH=MA+F^C`%lM9RElzGwcDfs9ql+lA46 z=RUN&UiebAD#6lfe%ndCg$kRK@#V>4)*$$B{Q8&K5e9WzqE9d_Bi)$ioAo0<@CesW z^^&9ol%Gkxc;d&+xiz9N4>^5ws5eZXc?17(xPboJM^=#Rr zHe(K!D}4oN@PJ(r>I#&g3ZX0Ggf_fmVbQgyPbV)&6gweif%fM zYJ=1@LYB))!2sU_J`8AUm6KmURm)w4qt`D*^)<>u(I@~G@2O#EyxnC1g{zD&=USbJ zpIBbCBwQYzKU6wscL?n4eeT2y?&HfjbnE*^B|zmrx=H7du4=9esEs}V)$s;2mmUIu zC%65k1RGP*9=Z)ht;;>oQ&oQDRD|fplxWu;lw#oxFr7i^<7|O%@=F*BFbL&J@>fgn zEor`by)MU71RQ69`(?4mi97NFX`Vo_e;kupA0HJtbMw)X=C(1b?Ty<%2kiP)d0rhw zCE!S&dbmnSlu`dJ?j}O7UlH+`wo`lkGZdmGi8P|)w*PUFA?~Xe>P)Ub_Z7WI>mOH6G#i-Vn6nV7=$~4O&Gv-Z zzW#6R?IYhl-n_XYqMfX`Sx8Z&WHyt^q$QY=Z!k^9P(fdD<;2>6B3UIgP6?gKy73Hz zaXav3BlH>UDKUmPfn|Y$zuPdRO#)O_wHglM=g#I5h@k z2gXT2Q^`?kIt9L6Q=5TP!cmQ~((5H@e~T%k+3G7i29I_W4rG_AFP6&8k0%^ox@|n^ zcWAs0EN$uOOrMv_q=ZNete5-h_1e$2&$f%W7D}X7n38_hJ2)jZHk60VROxn>bUP8>B&5 z4i%ZYST5Y4nRHA$v)$0fD9hJIzsv2<%TWs;n!R6ID184R;f`=r`DDW4-xGF6x{Vjk z?S2$rj$u&#hpowT)+=HAA6v^3RthF#&fgc`#Gd?FNPj9SnEZ5Wu709Yv?B%j%haGRg;3+^4fsJTHDvQA~#n8 zF-89Eik#Ob;MUOQFn0;@#8p{QWR>jHdT_ahm$smMrwf-~2LpNNxU;-BPjacabkNYd|O z(nSjT8PA$#hl5&jKeW9TzFf65XZ88SgktI3+_jGQmm{8vj*h%KnpUq*Vy&tw3Pj_> z11_XJ&`4$7;IJc?%`~rWKLzQ))Fu_=Qd7c;b0d+am8RujZpaX@t`Gbg{z~8yLQ#Su zvphQq9^ndXD`Vj{5%$#iHo}3ZgV3rYAFkc}JI@6#El4DBaAR6ZSD|wD_XGd;Q^!un zKGmH05ZxWSF!49$9253)6WUCyq0CHz(| zT>3bg>w4(=3*#LeIk*FQE0KQRM9H4nRC`uhm1^^LpaGm4h491IIN4KSgCgpdM3}pn zmm_=kP{zgVYuO1?-}2~hFNLdRn#k8KZ!E@-2)_l-9W$Qo z6Anzs1ZlKfIz2yFrhu`0u?ndx-bM7{TVfeDkixGrrq#CS#hw=q`wppVSQ)+#r|L@>5m~8;b!*-zMJw`8@u^VYZek6BE<{VL zrTG$}Ltr!dFi4|sslGvw#l7Xe;|aAK%Prt$N@RWs)n5ezbdKr^ z3wI-QAXfM=@y#SSJx9h#N$`~Lr0#mRk&5ZuHLtQC|Cq|n4BFN*|KP>vbGgg+mqt@u z+wxkyrKq?(ifsi$1*=sT@ERshpgV<1u}9WXd<(N!yC}u-G)jG95>?x}JiyyQGtlz5 z@MBBR3HPPh4?l+Nwp6_{i1iua?Do8bu}-R$WEj>s1!6|gVX}PTA;DUQhfEPi$*v(! z4cL3;zT^>%Ol|f^uSpY*}eEoBy2k5OC76V3F?QqAb0`fa$KZZ{ylG7B?&O zXs!0s?{$V~1}mp!H!1fSn%bz9D^aB6_ABm26MSypiT?{C`}|Xlz_x{f&kj{XAKnT- zCk<76z@Cf0v!qMU@IiP!=RA{p%eQCMTGp8}6q_uIiN=mvh~&g>3Fi&3-CXE8W9R1X zYQ{ZZT7n72rN1Y#gEUTbS$!@%QSq!Wkg_`Y3Aa#WdU-JYd*(qvZ~rkp^h$F7vHQS^ z-B&33b`eFl*cR=(H5Tr8gmCrr!*ULC7ZiJB3(%X{nY+hRP_XL@&H zEJwV&Oax*1wW@E3@ z_6ETcCJd}-4#hBEvZ2B!2~;L9E+}dS_!7bW?IF1DL9eCrud>tKv7^vmP+sf)8tl1C zvCCR*WTPf;%-e{gaXH?#}_1N*{n+~tq zj+ba|zuc)YojrH$PM~t^4v7?Z63zpW^h_==N1IPKHR#ThMAluyNexs)IGM^xF*D4l zDmc5`A_eNmZ$r%q)32uP2QA%P=#ZIQaGSjFs-@09Kio_)2Pw(f)p)Ab);F^kUqigf zH&jKv;BV$O`!SuvtwmiTFPW(|Hv8*J%y@QhnKUw!mI|mGjEw=+Ray_fT2dk}RYcCr zA=q!o4@DxoE;#3IKs0e_XAG6?nfbLjS?x&1uXVK7?uiiw44eMdL@mHqU1V{FuF9pH z%XFQVkDW8OWv=&~i28ODj2&})CQ2A-^@}#6AD zoP%BJ>>`c%_A3M}T@>9-bjpYEf)jg7XDg%q_b1_`@_50 zKYAR;`rfmjo5>HWZexD{3u57Cz5q&U33b~ zCL9{0SIpfDCN>Wh6p6TaJ4d>`sEd;dPL0mrAVP5R?%?M(wyC!J0oOr$)ULcx`1xMj zV)8p&K`y|j8Ye(9C}{OQu)bN32_%@)%_O23l;@ZQpG)%#0haIY9zPoQ;{}-dM3=C$ ze)@*^&7NVG zo5+SM>}CD*@-V({V~Yvi20^?fp-<25a(H3!-DR0(&sS2Wr=hxFgaF0DGK&=4aC?yc4F*O;h_BtSzD;D)3R8y#YAzm&8|Ok{;;Kv za5{%t?pvLRp6JNFBb*^5%-6*AeHeY?xPgLWA!&`Lpc~7s^{8BH`oJmt>LztR`v%)^ z(#8RMQ_>Yj8=z|4Olm5Vwkt2yOak~AHP|_rW($meEHd3C6Ojx=>? zAQX@bHP=?0mc>bHO?n=;lk3sGO$-vR+tMUs z>h`s?*FZHF0=v@x4(#W*ZI6vv>3OY0;j5Y`IR2v9&l;QG%*J0H3t^k>pEjk zi7;F}9BUO}bZjQ6#t43J2E~c6CU)=-xW^fdNmHtd=liXfbZL5ha8IWKW z#D0;R`+>(HifLkwWp&eD^N9IXP1{BTm;W06{HW@s+xdwWhnAZcJ64^`w7l-}EW=e1 zY>ol#gz0OG5|Q&@zLO~_lU*xmDrYYW>z6`341M%3E0jmk<{r%4)7)9eok*nwVh)Ph7UXrkUSyXgsK8p?1FA>%8UF)}_A| zd9khIiq*AV&#Nz#SNf)iF({}r+)xBF700nJl9yuA!t)}OO|`QG3ZX3b7Z*Z&*gUaw z>qp|_j!fKzC;!R;CW$UB&SZA(eB(6Yo2ajt{I?i73?>r#LeL)qCe3wLH<|msv(`hIAgfP7zLLY z^7= z*H6{}o&8xNuljT7X`jWm?c3vzPktX8Ss81&-}Oe^lMo_H$f~Y!Y;XH<1fLOZdxz@IScLU`in>klew!!ugrIT06|=Tpm#3>7vhsv#ha11DdLwt;aS zIf(6z9xDtT>Y%ZJ*3Hoz9zVVYH~;?fvA+l3L0jLpcDK&BxvQV=K2olV4bnL7=wn?y z?5&Vo=8NqQXVOqyt_j{e6dlH8BUu(X1cDhq(V5GYI8f%J=&8ti;WE1nAsiyy@{rYI zW2?zSK}U?YlzGt+m%ULLX$PpgsK-CDCr*)q4x5s1Yjp@V2~IIn4YdveN@F?$4^QQ} z{6uNcz1-zaNd-I8;q-t=NGDXMJ702^=Z4ZV>vatrZ9WNRS^3OZ02H<%EDP*f%%SzF zawsi1f;sBpZoMMcn1z>vp-taGI+t;~qPczKgz)>{j&oP;2jpE=rnh~b7B8ngQXnKj znt#hbhe8zVu-JT#A&wG=C{~6(j4o6eLLrTeuhg#$`KzR5YF%89#o}-W_;vrB@#7Cq zWdaB8`3&hsxzI|zl~hfd_oAIZLUO^!eGzxe?3s>_Rbe^Er za!C@GeHoYTjHv%UQ-64-({bjb&W~^JqKBscZtvT9GSGdd%u;BLdDq3i=`pBxeyp799p&F-XG(}yDTlv zc@ll}CG2cB5sU~RK5gEqg84uK58o4MQJ2+QTw}9WVA@57K&~c|(@6(CbI~GQ4Yh*K zIgg9L<|`7bDGBV32rfyhPj?oW1#5>2*1fr0n{y!DP__U>9q8KcKSeeVm7s}LOQNLo zU^wgj^y$XM9uMKU+|gsD0ZYTvlkZjyJv#sH?wZ*v;Z}(`r+sAQP}ZRUYHt&!m?a=j zD5kQ+>fA%P2e~i_VU9?0-ENX>y@`mIbVKCVTeE>LRU)|3EzyrfyGuH1z9Pnir|YLzfPaSx>R zf68Phb!43O854Z|K(I_M)FGO5B5zJ$SPiuh#X)a1R9F$#omipZ;V(r*EvNRpi4MaC zCfc+_$$JL$xhxZ7NZwE-Bh^Dg64xCo5A@7lB*NG*Ag#l(tMevWHIDf79XBo%tXa~! z=GO7@*y$Lc%-J743n#t}zFQTf9?fXebh5jBL1n+4XfP_xka&=a5{KH5HQehB%-Nud z+QXo}1+~k%SQej1(~{P+rQz0zf%QY4e+_=QG<>CH&T3?N=;V9h)cEARAItf%6<+l8 zYMNMBT8)bm>eR$1jC}tY+tyB?WiCoNce&=UN>pc~h=bdFN|$y#0~))4vjWC(M8Uyy{V5)w#@Y;a11CI?Qies@aYtys37t?g8gd=~)uh>|H7-8w`UjW~$W- z>?~1Q0;h@=n8IZi^!`h#`-#>H@P~fV>AW>QKNc@cJ%7+=)hT1u{L3O}?+I}}+gsl* zT=?+iO_HmFHjhdn$?`{YYx8Psn1*rc?dpOC5E_2I0*$)#pUnIw$0`nJ+J7&vhPc^IkCje*z5L10MSHcQAq3MP+!ShiSqCUbm0v&K#sS8Sth8VpbmnyD}73% z|Lp}RH-XzLXE1vp42VFyh_g4;wu-{QR;rOS+n*jH!6fy16rncDp^`8*M(Q`+#$R8# zJ$F6f`z7H`sI+WvTI}rq@%xtBA7suw4p+2JFB9AmJqVjg&mtmg6RcB$whqyB2U3kh$hpOMi8IUC=xxoVxfmA))ujaHQ~#s05WY?PW)?V_MeH z6DLyPF|4&|{q*xOSa4?ArHf(IR}xC2K-&KE8uC&TL3*>%UyZ0Jhcuu@w}Bce^0Aq0 zF~O8z1l^6CEs-*O1wy@G35F~|tn`72vDHfZF@ii3B2F4{nRlkoqbVj<__wHsV)pyz z_m5g`E{!e)a07j0i5NCQKFu~%LINKApGP-i5IxQF`0Cg5#i9AD#0Z7ptbbQ?! zJy91I48T}mj2-!rRJpPYgmaQ8GIY+yK6Q(=67HC}SylKUHX`1$)9JdhC@$b6P65}} zqEaf`In4@{G$U(!=#Nh{)#|3Ic;age@Gk}`Oz>0EH<4=+cle~`t@)bpa&&oVsxv`& zcX8zI-@f?gw{>1Lplmkp}10n`LyQ9(gLS)!kqm>{#h}` z708Zj^|Ih_qCG#289up+Rp)_+v=Bu23Yu!Y08 z*EIyF87@^68h*YDqBQ%Kb{6}cQ;|G$Hu%~~$k;9+-;bAVi^A=n7eBpdNeI%M?j1ck_PP)QWhd=SQ5m}5Me(iZ zS)7As!G4naE@uXE1*B%JLLyKQ{9`AfP=gOYWw!_E2UCg~w zYE|7A{W>8k;)w71tJmoB?2>1W3eIdjR#GCxH^`S>z)@O#DlwUgI*25*c8S4%yoWG~ z1r-_eF9FoH6p)KSvwzvOoSHIuH9Hk29--x#XZSYs1+U>|=;tFx&I!5oLi(LMCFIbX zH$I-KQFr{Ub*@yEqd*fQ(YP1RV&{JKx{~UtVs55&`H_5JY2M}|3qJ3cK8GyK8QZrB zTNj@?wOPy-rS1(VvDcO+vQ%Ypd>c47C*EWj=R42<&3>Mfz)Lxq0|>#N>{BZr6^mmx zjgM-48P^t}e~e^5&@q|z&&q4$Brem=la3W+S&vWzy+C0V0! z>pi5pu$E2d1KeQgBt?o*9WpGbk5 zTkEI6ZoN$|UUbV6#lVFdunbsO7Ig8tp)3&u4l5Aw}+RCAJ&NGu<|q}cc84i86MxQaeTQ+Lhi=N z(*ttRtLn&pq$wu1hIp8X@6Z)*vfVpyR*)qP&<8Ibj8~T}mgSyKM8d~oxHln%d~BzW zJ+FrkT_b#CsiqLOFPiFaJS5}fYkX902of{pg-Gm-tV+UsW zv5K8+=-8v`K*Ycpz$Rf=pe`8LT*t=2);=f=7b$OLoanz`g1Rlg6{u}c}(#n< z@kuu~a_NE60~SVXcVsf}SuU*83?{b9K#K-q7k2Y!H6>prRq(wmuD}R7I;0FrQ zDZ+-~G0dufu>dxl3OF8m$1MvsfqgT6Bt7 ze-E{hRAYP=TL_=!`ipXpJpL^Dm=Vh#B`AKD>op>~l}j(S7wjmG+qQkas_Kz&a%^Cy z8#&?j;kp;j4leE#6J2#L1cclI%n-B8P#!k0caRcwmG0xa&{Fy=S0wtkDhX>Ul7v9& zr_kKK(oo`9 z9u~fO=E+~QBj=6Sqc~5?(AG>~b z4NnWeuILH<6Jpj$4v6wkfky#%OC3dnTBLOhe>TU9LGHqiJ2b*}U~s*w@HI2+DI?kl zVhV1xC!MwHOw6S2qtY?w<=+z~r?Oq+X9vEIA3Hs}P5%g$ex~wNqPsJJM0z6d>^E&P zG$eFLa^1c6B6nx|){^RPkv%%Aqmb2!QPc}6RGKZSTRj&BBlb4v7C4zMI#jgOb+|BBt%UqE$pmCV8A{C4F<9%+w`=Bd;1 z@ezy0Cv$@=inb=)51YL1^@92@y& zbs}o=1*}oM`0;l#>DF5*4=$=3Bg^sO)2WRaPf-1N2s2$I0;$GRaSBPkMXpYhww2(? zr~iTHx;lezmFq~Ls`&ndCuqwNNn0s|EY;1!HGOxe`mIemx1ud)UPeXbUA=f`X}9V8 zC!f~nb3;0Rb{t)d+`1g^8R+^;Ny+XPStZ2kbHs|*2)UeR9x>(eF_GM9z9s4~tZu!g zRS3YR#sO6Yh*%Lyr=nDb5XAfwm~JgDzA$c>o1K%HJ+GkwSERznE!Y2vaz6DML6DH- zX$=i*t=qIk(Y0M2HSY6^ayZ;T*a&CB^=p7%Z3N}j8=j8=%hgw52l`wDT=R_rw0jm( zSq^lzSJuL3i{Ni@1i2Y%Bd(3*F!!((u9@}VIweqZWY$_N7!V(ogHhDcGdDZCP47|Z zSM{YShg{)|$I_#e`KZ`CmL*D+U33Rd2+`vY6+T9aqv}@}CAU{PMFp?BTP}w9z#U02 zmvEJHLSKbw|OV%9#5I`V|Kvi-e%aoHTk*8?8o-0|GwT(5= z$y2_jq(Si|#HI1g2d+lYZC%-cX($yJ&)n{}%=t@aAu2B~etT|gRkHYZ=tBE!)Fb(g zF8k%|NYndC$x_f`x;9sJL=vSASG~4M$)_BoS2%mUH9J^Sevu+pp^I10OSSdn$$IAQ zs(p^aEVmyV~287bjPPB%i*IGNM*jLdl?5GlY(>h{{8*PyKPqA-d&u$ zpx$=b;)7esp}@g+o1-m_bi!TUpEunay7Ax@wue^+ucx7bs%N)4M?<|r8TP*(9`J75 z%-{w%T$9^w7+NeaPlf%oWyKqBNW2df$Ea-02S{#)mB zV;Qn=lv8Rs__5{av8Zj6yk{kejtFU71;y7zRbpT-34KoYHG$`4<6u*rx2YjNZMXI1 zO1)6Jv&&VIElxE=4}VUgi;IO_6XM0_Fx2jQ7jiI0q!opX3LO2k?>zHc=4&e5gXeQk7&TCDtViwux3=oy7HB0cf2(LBLe8YR^vd z{fUwKPe^z<3H@%h7pFge%l$O0bN5l(@vT2z5`?v{wriZr+EVFC^S8wmQS2^o;Z#yU zhX*sc1zcGog)37t*O45ooDqeg)_*J z?n+;UEL08NTK6pTFB1|6jts z1RUzcZ9CJb8B$|xA(S&Abn6k;YzV#Zc>vZZWEB$a>TUy;f# zAAa1l=TMic36R;RJ=oA->;R)pBxOODk@@TRXw+;0lO zFX|~KZpV3ZYvX-3Kc#KKd)}1?b2S0{5r*CpM4lLxaS!!DnXO&ve zzRbjW-og98+MFK~*$Al+xCrE>QcNo4v9*IF`?`9GGC2SK4l=lBfS|&096-3%ti;Or zO)4h|OFHKjcQ6fD8XRETP@{~(Odf}VNyKjJ?y#0iY&MS%Rn=Mc@ttXHowLj0UhnGH_Nmt~x`Jz`dq{$&6A z_jk{$pX*4iF5p7rVmZ0!R18xX4=2Ns^lO=1aKlebmPfGgRw~smvFuxCmhSVu<%xsq zEB5o3hE}?N{FHR+R7th^L-MHH8`)7>_8i$_@EGJZP{z@9*TOM9MD7Bi(6jEiDf9ot zo=LMc-1ttl+E!(x0k#b)5Mcj23cuE(zCry~|N0=-=%LH3_=?Iji4~>1f|=y=cCWo?o3c!&!18Iw!RqJfKTrNWd&;%uOQ4wenE>Y&qK7g1faq$Tzm)f^n8jkb*Ho6Gug zqPP(p@{W~Tq}nXe6-ZcGv{Gn)abOkz%inb>^>PBn5vvEUMjo)GU(|eUk@2}< z2r6ps+A3w8^<((sLVLNPnYQAi>(-sNMB~`@-8i?pN*#5!bsxa~vw^CznuZ^PLRFVr zT2_}ro(FY4z1RObFkm22e=AfJKW*5-_vZk=by6R{p&9-FrSp)N zDI(C;CzfJn%?1CdnRS6oL4NW{G7tK!Q<|Ok4i9VXY`>07) z|E$`XoP7N>e<_E&7+k2v7UmaikDdclKikLG2WoLGO*d(~qD%EA6P)!xv{Hw^GO0)K z7au79@;mc|RW1%sPdBqz3xl9Q{HrTk3`4dgX;dZ4(;qcEv62VU0LETm*)b(qkox2W z%K0J292DdQK&%w_rAlPMqP`4U$aKRD>g@)$kPiOoa1-XS9b4M^9ej~~QqHo@{M+2l zu}qn3#*bq$8t9WKbd9XQqx1W(I>+k@i-$cKT3?mW3F}$^G}!*RJ>!qpg?4Z5p62I@ ziLr(i;~Va{S^^OcAR9^l(M?EA(pX<`U%h4jZbNI)Lg{;L#r~4GnsmedFQesAA$ulk zEM89}O)UJdt4Xg>E;P5Q?kSMsE#M;?+MXt8qhXlJ36>(1h?uSjGKGAO`vJd?i+L>+ z-r0@kqH9A9%l%V7XYK~I$D8jdRxJ@Edr@TkjVGlY2(!H1O0D_|9BJ4k>iD$D;h&zfo1(?8zSbP`u&0;i z+JC;g7+)grrdsVBzvN9TqY;=sOLvb4hrB;dMA3~as^b%Suj&A@=>EB@b!lqq=l8R7 zcP96EXq9voU<~y2u||v{nXEqkj0kjrtf~RJfKgTmB-~5}rfN+^w((28h&CqE zs3)A#Ua9pYQ|1f46cn13BvanFr&FAqxC&$PQ@c)hrdvh!xWsB3MIm{4$+(y|rp);Q zAr1d;K>TR&;h4chQEqXrV+jL%b*V6{a{(B4c&YU73f$PLvv%@~ukX~4_0GmK+oPg1 zR}xJ2Z?lm&%Q0#IJn-l+;aJ8~fnfjFAcdWV1sS+7bz3Nv>jNklQl)}+M(pw%!1h`j z0cz@jJx^d4Sg5|;us|um>}J+Mbeis_iUKCg^mF2Xs$J-36%GuS?w5cSG*Uw4CE>_k z5$FCDA>2OcKU2MD!@Xkd<^IqmO6c;>kBK60N$IP-SvK@`IGa|>b@qi=O|w>YTCW zd6}EloqaV#5aUm5=NxuMk)xe)Th)c4@1EFR`pCNfj;h3-hC?5hKi&A@`&@BjJ#cAl zG4z5;a8i49TxEgdU7{4fy5yn^>8BHRuo(0qS^QfWY6IH;h$6T4D9xrS_H9!=!@C&} z;bv7nW}u&%$i~WVjSPWqaDgPRzL^$*({iBz3jV6fz%@4W;{K|1XQKG^X=P@k(a*oA zqI8pjQ>d+aC<@9pw$MSQBtLj2`k=UP*6Qc=IU#W~ovT;o7Bvk+zVvF)I%+&bGz>(n z?vji~n(kEYRF`;$(ctRfP<9!>H|etd4=mjFfAj(ZGc&utF}hsEGt4(ls06Wo9^NU<!_BNJV!auEmCj>9Wm!F#X?BFZIb0+ z^yW(d`OB4!t7-aKZ=b*MvuL&7{);YT#~*>Sp9<8?Z4~s#d3+q|5{oi!V*YZgpvGi! zElPtvf1A<30}+Y(kQCIxxFq!<(ZJt4HPJxD!d-yVT^96|_Y^~Twc{Zv?ttnXpub5{ z!a-zVr^a8UdRAYfDh?>JU6T3?9=%KA=_NOppLFV2GhuZ1HncvC7%osvY5%ur?e`ys zPN1ah-T1rthf?;Qjk)&rr1l>&e3fRN`^561PayDmcIXd@`@s(~Uj}7Flu6EiGJpK) zT=BvBhKCWx88)QT~DiI@0 z#E^IsNwzq#e8Gapf+Bn){sifWF-ldV-gy&v`qnHkkv zc_}?1lw%t9B<$(8F_pBg-VWPX8QG#}3MtqPirxnWmQ?codx3Lb#%4C2 z&ksG9Z&)f?`h35AF{$Vg?Mi{LNElJ09`WC1EoE>M>=Qk_9 zb~3L$`z~3-z-XkPjcNn#e><@Tos}!ddnW)(U*TuY50_1E6`Z7uG{dn+MNq1u$ck7d4=8s{$LaTfO}T1MquU4Hp~aDDy7U{YhFbW~J- z2-IDK4FsM>3 z@f$zytbVQd;@Tj$vHt0&((BLpal$uEJIwn&CrM3Qw5iGPNm)MYyzAoSCoR$mEkokT z;uEt0-k=NyE0@>53&@N~J0U~2^hWF^5~afL5C{Y${sc3QkX_@#`48{J<1aqmFr#$IfG-0-4 zAkLL00X6i3io_+oa;aM&w-^gHt25YS1sa^{(qfPafwOclt^qA3acokS+;DbA1iJEH z=x|s=#ZZUHx<*@+amMbob+{qVYhL1v#h}FYp{r98p?Rm{6(9CwBI}!!k$fh`>qg>A*JqR_GV1%0tjIkQAoMz-QnuGD~hP#@s*;>mJEm=dM4QoRc zuZH&cJ}ZCsXS$jgmn=??7h?+R%G%I?HbpU9Zr}2g%gYbI;$*Ur`qc1fl-`3z()bq2 z77mC?f5kj$gqvP?F40+bZkUjUZknKF2O!BKaBA<=@7(tY`k?pVTL}p&R1I9PA0o^;`~mzBRnSh*Eu4 zI?eXY#YE%2lj-TW+>@wN{`;%+!9Fl; zx>b6hJREMsU=aST&HW7S4n{xDyNQqn!lG{xO`%KlNLlQ6mD5Yyr~S15AlZj zyL4~<388|=;rLW63M3$TvV(RqXF8jv2{v?7hkGOBdEb{f3y^OsTj%jeNj7dZ2j{8v z;lIW|wEp}_xmpuaV{e|3X&ps7K{2Ms>f7w*&f}wBa7zhCTsO$ehZY+CQFx*4a;sr| znC8cowHu#w*DGghKfjn|{Z*irZ+SS8EIeS=B8s|YlfYag0MVPr zmz%4SnoA(!k;xB~i&Xe}xG-uMMP4Q~j+3Jf?q{p;mE)aIQ#n4SgJN~5Pfz*R!|1{G zst415y@=etYp)N}LTBCQOxVU>KVGn+TC?|DeOwQdKibOBK697v;Qa{3ItPa1shR?c z)C{Q6G*F=hdZ5*@8EN3Vcw_|3!{P3|8c5WYb(N-%<$WZEVFZ*RYF-QsG&(&vLq6=7W)%lDRM$FjZ! z7Ar&+J;2y#5>vBZ5{ne#w$+4q%oQBe7_YV1K7Uq8eDc<=y>&z0i_7yrvRCRo+N!m$ z-#pi<>RHxpi`|Nj4VSUu*h+xajgvC8(1i8yWR`5J>#Zq^W!GnWS0So5-s`SeK0hQ| z;gwJ{x@c@8--RSgqga_fMrv3XFNG!lX$z@=o0aIg*5R_|mGwDN1I)ieVbv1DQP5yr=FK^BHCkT-XORAGcP-!nrAOzb+3y6 zP3s#>^^}81a`=|mlN?0OO3%)fNuO^Ouj?CD+@=zg7T5o*nmyU2TUK*`VkT1*jY-3x z=*m(U0)iC*QKr9}uZv!B&iAR)w;}%H?yD3uX83Q#rJ4^)YZ}m_Mc--zPM(V z!`21ix|Mzn7-0(3NwCam+^iy|0Jw62=sZScj{L}>odTi+ZSBN@%vEJKRE9+ImpqeMHU5&F^QrEGd%sl=!zOe4MNS<}l&~^S$D;<9%QI?UzhCuj~2GF0PDxyF>uk*T0v0wyF2 zHc|bx(-@D@Lc5Y=I_&BnI)u!GVYoj3IJ>yYqXBbhxPjiNYkL zVVUZZrGhwuw5S7K8P_9xcOYt zhCawANc2&XhXq)^(+IHW0@ji3hj&(rYt|=eaNs$JR4##5IW(<3$$v&Eq_{z2Pw0ZY zxUOfy!jX_?4_`6jjQ^F$Ptd!=ILJhB95cgF(FVMHD5Tl`vl)iEJ1(s+p9@{7eK>Tb zeSOJbqkm6kYL=HppLPF9g~D8cefqMTKAOd6s`GVriY)hJ6@3za+|UU0qxbX2{5_LB z`G)f!6)l!0vKz$=L!QlXx$8Sp5s%0tGHA4sXC?GF3-Ue+*UdIoF4lgV5N{BI863o3%^>ePDP9{P&uV7fCseqh@% z1K3?T23JcBHL9`^{xs7V_%aC7V(fUM!u9xY)9B5SCI*_*oeU=rIpFMhOEUTxDAga5 zgzH{2wXuUY*?zv6N$+TX;NKDhlJ_yyKgPa=>6T6+5qUC()8_kK`__dEGx?t$T4Z;* zhAOZA{L!3nF=6r0MOCgsvkC*NPRup^(>t>Kv^`9vm=37uT#^~ey7H3N_p3jiY`ngu z$qqNyc=47W(q3?Lfj_aYrwB3MQTLG_gS5iZU{z5wjKlr<$N(5zb)=A%$N|k>e(#bp+Zzm#K4hV4d*5kQA8)4{X88qzUJcFX6P|@$ z9q`Rrh>EJ8&%de@{O|3NPln=lLM4q)*rrzfvS#R^r_nj@K5O}xq;vc3-sC@5DctSf z7d)`wl6_z(Gr6@veC@|r`!}VZ3k5;PwinMGS#T;1ur3HEB9SRLDmN?G{|3{`?NK!f%@(YQ*g_cU^5L3nDSvq9h6UYV@|(7 zf)CC%KrIE%i)X7XB&p<^O>qOhtmmjHs3I_Lm?X)hDNB4qP~*d$QNB&@P)&7PA`Ek9g?nS($)MyP0B(sFgCM(!i0} z=Js|D3O;&JHT9sUn~Zti99*S;dBgowm1G^U6qF^Xo(!m-hs*is{~xe+6}Ji2!lMW1 zrp<&p@Bb>GrPyBuRGLi-0IV6`=7Pk=B18WIN+mc{?Q`DumOBGRRm`YkM6jU;qI(X= zKsl6F%z2_I>;OmyFl!R&M$#wzs0XC-L$$Si%)_1>T%F&(-XFC(#u~{tlumf_XQS{r zT2ax5qUZuan-Qqka4ZovBg^SXza88WB+TE+k>B#OT3vUpPYX1xXoQ7MemJvcFI-(H zZD!MfDLE^NK8K3Aj_5K*s1@>elvs;;C$-1t8+tq*ss_;ZvD{+&N8j%+a8U{AkPyu6#) z)zSCx!@j~cifT9p&oSDBg;T!v&1Kx8s9J@m+rg~$!0=$A6Tya13!?JAVXiu|9R!j) z56CK;QKkZ3cu+n$-H(tUPq6Ff=ESB{GCB=(J#<>WX%m8j<74#Ore{Kv48QwOLrN+W zow1747I%5l2nx(i^=k;!3vb{qqy{=`i(oamucnKocVXf4r%qQL?X_;!Xz_OG*5zW& zOo5J~t~Oo)03x<}C{b)0*EX`@csRYQ%ToTC)kT*~F#o*6W>w-YV+ zaw^rZeqqmn!cP;oLK}>{I5X1y)nv$j_2qQ^hxw(n3iv{wW?A-8 ziDyN!H;ZgIIP{V*ub`k{gM^sdnCG~s^d5`4@zmuEF93B+g+f4c#@jc^sYq5`N5E78 zLFk_xw#hvAL*n|)JmEK(9B2D+HgPg!*>zKtfnNH?J9)z|0`( zEPxgh=Fall@2_auROe@&it?r@$Qz*FhFxBNH)~Llo{PxVYnl{nGp^n|en{Y(R;WpoCxXaBHB@pxSQ?aJ^ zV#pOQ*2mi4ySnm(t_03DJfE{@U7IWoBm3&x;JaU;61Utzq=oYv@OedKksn;I+3#g` zPF^bRNRe2w%80tm$B8o)IiFni^7vPN&ez*!R^NHQeyzioj(i~8o|*Y$Mz!L-*13?^ z=VoVATU~FuWc55$9pyQD(M!c^Uy*Dof>M_9?>oEA$YjGoRMW!nJwF?_vT2wP!$Fly zhAL^|Zp;oaHUSW*iZzY-t!!|PMw_ym5}P$L4qW8fC=E^{NFje^FX1$+)59u&&TgWb zbc_9zs7}}(lnE_m*!eL=O^O=m?)2uU8xwOkk12C|ZjZJ?vF<1B^|>FT4cg~6zMKen ze4)nveQ>;~398V}Ta}@D1l~^hr+5NrX(&WW`~h4<5vjmzD(*!~`(O8OeX$r?DHd95 z$Qr+zvG!rS+LLT*S|~#R7P&3ifEDXk<_9-F!<_}}xcjZnOPNxnoe!5w`cgymda%sf zJ{F4TeN7_%(!&>a-yoU2o^rEN#u-M)FF=wifqesSDmQy#v2=bV!_kArbi+fMKPo|B&G)^~57Yv>BK zxfBxARZ(x&uQYL9DRQs&R)N?;&(W;7nHge5RCdpx@;k~{^RXie4?c+Q2wvkTs5#dm zXjRZ7g59(A@CZ@n6o^us{(LM2>LaGQy3imfRH7_!ic*l5TudFnreW(Oq5Yp^;7==s zGC5Yl*38(E6=NC`;BE|-(Qp4>xX(=xg23YVm>gaT?ojJoi{!^V?4Nrn@f0f-n&;_0 zCTZXRh<1}g3pkl7H)@+F1WRwgp#%HYndZ*r_Q8*z2Y-|oOE!|pojo0Plvr8o5$YCJ zm7kuZvvM5gHQXK5BW0}Wb1olVTq=%Ka#0Ig%3EFXn7YyVOuSb!u((44fAk&~LQl$_ zugVUz&)BEDY7#bZ{9GP&kl=qfPeO>PQDubsHk|0E)Z_(}pdVl%0@k2n2NcsJrf&M+ z{x6I_x&C7P^IGGsgzP9kfuU&bBlW^R*lEiKfPP73OeMIDn7E}WOZ&*b1rc|vn;wkQ!Put>Z69%8pAgHem1}O(fRdp7hbJwO++v0B)>NiqsWc> zM!2C5*Sw7NlK6A^gSAJ(7N2Yk4IS866#8<|^G7{XjJ)yJ4*mvn(0LI#&L-ER6B zJig|a1~$3$ce49c1YaeRhMi>;Y)b>Xd|UV4>J*>a5f*eiN4zITTYbgv+fS>Y?$(k= z-7Vk?07Nbpd~Sb&$HxbKSA9z^avm50R~|YVb3drDllp~fga*M?^RW%Lv0PP-pTlehq9y=rnxrM@xO1SW65 z&l7~h$7$@K5l!TgZJ|-kBTkk$JSghhdFjH%-pqBMhR|RKU68a|UNpN+b?5Fq7#M9f z9wmiGdvfaCK~aP7nft>L*O2s+R{VF8390STQx@qJ=F4HagKMvwCw1euyJpWl7hiDc z9+Z((H9(>f;3#h&U784HbYKdOs?~$;IV_Q=xf`FCX?hB0Nyvk2`{O}TFn@`Rqx~Vw z-2&iHdbp=~Pmr$r{(rQE*ql(%7S><9NQx|GYYV^fj`)9J@+5A5y}=B>4`g^TU{Git zHdgE&LmKghPNst#+ly`%Mukh3@CR0dkfawgwuR``P)19Ztt?qkO>x z*@VW8_fa6BvPdu0=uaA_&-yLTzCN=t+t|Kw=$>wnYM<|Wk*JqjI3pgVQ_~4%XdCo5 zeXL#L!EwypNB0Ux+s89A4{QuAu72IOG21dI?lKv=zfUYxPuAEQx@;W`Y7jXbV?_za z=ut5UImg31cqGyN4j01O+l*}a?|^6r<5RM6p0Z}1zr4;hhh5r}W1IYz44yaKuCVr#{mdoNm z{uE3WaIf>5qK4p~(kfv9>pV`Let~t}-J2jpB)uZ#JDj|GPMGJ?*yzLckFZx47Sgj0 z2C~u#<_lLp#hFv&wT<(8=r!9+W6vU)0(euT<~6Ev(H(=slClQIQvqF9E)1-UwXD0k zOsqm9t>xj1S*wl53l=tgMsWJUom>u@w{a0RmEKK$yw9Hkw$G-DO+948a+EJL6`W0a z&{I*RxLUne2(p8o9pjS4AZHq5@vs`-`~N9F{Vq-UXDs4%2DC3br@PQaDrG?J1Vo+b zOqUJX0R1To5cQol^an0`sPX_}9-Bj6F>pJ~VsDDIGOS6%Oo&xT)Ib9#1d zJG0dyc*l*hfONGUISRfo7tWf$Mf+23TjT!PokcuXcD7TrVEpMJ&-FP4cB63l$>KMA z&7lv^YJ^p9@^p6*#YdRGD;a`oZn0?rZ2gJACGzD z;9njg_KL|_m_!AYauO^%9~-NIv(s1VI}~ezrqEo3KrR*IYRy0Z_cdeR+aU`!%R#m% zCFIIuEx$s$6S9XGXynmv?>^0gt!6;VzoUe$Su)Tb@o#zQ=#ST%IMs#dfy_1RBn^Iy z&|LM~>UJ%TR!iu&es3U^D57CytVdB1QJWY&Zyr{?e|5=i<^Gw8;;8&Hkx6q z^r~_i^Tc$?yaY23i7d=3{eO|dkpldAMLi-Wd@Is{(_jAFu+W`bpMJWrH1^_PtPJBbC=~-LC#SkfVT7IUnz!@G;rtol|j5g z>UIQ>b!=0eyi=J6r4sdl?On+RD8RPVFm@)78GZ)6#=WM%uE2zA3_NY6e3VQfOl)9L z7raj^>xe`Z4|$2wYZ?P(#kzg!D|3{UDe)9nt(JsEi=2go6?H{*i5D&&mNr-;g`Sg0 z1XY#;%_3huOgyW%L*VWs>-3I(v8t7cv6-lfG2iFIwL=T*!B1xofAXAI6cM$#Yf6On z3_pydnZ9y2Ekcm7avUAkkVquLp%Uq3=C{Mhh-xiQM!3lx2tagL;p1XVsmdTJhR8e> zbt{90Qlbg7pWD0HiF@((Q&GUF6Kvwd?$T{eW+Ic>Rfe|?L=S+uylGaj$qlVxfV)k} zFxddaX)`XM1?yu97He_?N-P&ho~69ysD7@g+s@LkA&`cVBBO8)chKkhJL0#gUv)O$ z@Cci`(YRo5xH@;@XThFbGwJP~dFQ%{qSlNlJTXW*nwMVE#tTL-*n()XwYS*OQ@+EK zV^3xi?ALU)rq+O$&wf~&GF;Qe(24zgm|o)peJKAAU0Y-!z}!(IJRx zx{8@JNBJsjN;?24puRW@ZtmU6_{cb;gqV-ml?L2pZ-Q`s8ai=LZ~EbV6n*4DVg&Bp z!_`7ft9-^@b7T0yc?b=BsQ{fDorUB$<#~!HZ(;1C+l7UsPb{Tfv-c%*boQ+OY;O(? zI^K7x&uYAI{De}n<33MrE2M`!>~k?qFCSLDLpBnSYn$ur*F1k|R3@4t^>?7bC4{7ri#Twic*_A8WaA*naOSC`wxL;> z;ZH%UWZrfbm@EU`&JkpWBX(TAN-$lCnfxQ@puS>LKcf)v2aMqhK-R$L%3If&>MOFb zs*0o-LpVhki1n}aZJSN_@f9U=YqPMtf&xjRAC%qeKw=W_aR?~trriPK!^wrxMND? zwjyF_%Es5v30Gan%=&glGc2TgrE&3{tII-zmgv*cNM3Du3>INdN;XGSiG8GIa&t4q zc=34>fF4gnph~mb(MOmeFx2hRq$SMVbe!P?OKWTNo3!5=;J(o1A7?b#8X!!rh-s^9 z^nD6*PS>G}`0eY_Ssm9&b@OM(`45e)D|b9$5-ACib}f<^y|Jw~SwQ_BHsr!!u zN~oeg!8l2DQmv!Wv~zJykYr6T2)yB+`QY{U_wPgJHa2AI)z4fqPkd*tlF=(x|7p_B zP|3D>$eU6@#m_cz>2>S1uI zNbYOaASiq!k&YFqSils3q=F}K=q9lgO_2T&9avAa%zi>gUie#-jEOs$q){O5*_=Es ze?^ZeL>!m&!8~D>GdY^&SgEE>R6I2mcM2bPcq`9YS(@AIl0kWc$d%=ZptXq)tDo%W zD_V7)&#dLHpIEC)J{frDsEnD>R!7V=6u!Ekn^=vEFyfN&`dj9UjrPw%oweEd>6L`W zjdh!)TRHcqDlEd@j6N!UVBMjrdhM=57u;>RttFL~2n6G@|4Hb;Q$vU2n;d!#&Neq1 zxw6^{4)3%`ZFXzUPZAE=TXjQOikiRq(OLca>C%~R-@a8SK7SH?A!vSK{O_YB+hT}+ z?d~wfFjB`M=f+*ZGp|vnPXO!Xa-wm%9f`6GS>C#Qe?t%B0!iS;P`_^>ORX=7d~cm3Z*XgFZY0`H_*Y!Yy#>$mfhGVT}$G7X>$J<$AJ5&p-q!3NEq*qv! zf`Y+~h!?oO%&yLS%jgVSTN=(;AJJWx-B?c29oV7k?r@94_UHplXD(RL)Vlks;N8r3 zC)r^qCEbi2(K4DCrVBZ0Tq=&Dp|ERGDvkDK%`JUS9n z+{GBFKDkw1XJ`Teg+@0z+et52W}kOe6iJv@obADbL|&v?~2d&B`Yf9Y>YvTNTQtx*UdlWdbix2aKF+{~6-e=g#( z@$E)?SWxGxlKs-Bv9I69zjlqOEZZiWKl|O9r_8+4*hdOkC|TA-t;UiOHO7)BiMx&Q zUmD*{FXotUOf_V#cJBJJvGib-b$BUA^=ITs!SarM?g;Cu}v*`%lF>{!sJ&t z{4OGlR45y>pnpjBH;H*R=c8LCuKWov$2K>;-lHQ*1Bu$SKzA~#EE=FXBrloWCR+oO zx&oU=3`$&gogd5&U7uL`cInpAgvadthwUvho|a+q?*db-WDU5Dw)}xaDRBIOL~?g4 zdra4rgx38i9{YY(`-*GMx}WxHzf>%)EvV|@9mEodDYAuk3NtqG{WKCm~F95 zHoQ!2{GRxxvPvQt^`V=}+VH1X*`*Sg1!+yxF3DP^po#@MTYw7fH!}j6BWj$mM~wZM z__y!S)l0#l5Etvq-@ng%|31EYwB$NRdiW`$eR}$iRl1|}Ao64BR!NX+w_x|m$)mX8 zZ+xs*#)ltQid93o6}H)&rD?huazJ2M{0fXgriPo|m-}J3k>5ZA$=8gH{7rLvKYhx=f z5)L+6lz83Sc2)){6Hb*C=3b;yojRNxh$d_k%rO*ooq4({X&OoPWhsN4r^aG2FC-Nc z{S6lgqD?BE&Bj&nMkYNr$Mih1qX*aw<#)w6!r>WH4ecGz82IY%is3F=C!r8z$`Yn3 znfDs>%FCnHXj$NTDR92|PNg{fhDI47D5&<6`y8YLlZwt0r3IA4vTlvRx7eWW8@kvx zbe#PT47gsOe=YYRl3Ze3l&dU=i&o$_EiLidelUAg<=*;gjPCm1Il8;nRW#OEvwtOs z-_v!qZ|Lgg*}CnpaY{jXhN_utsx_6wj9c9WzV>KFh+B%Xk~{-mYP-aBBs1Gx+|5Eo zI$fMvF`KUU(Qvy=4?XJ=>ag;N``2ztXP4@HuG|ib>ABXN z>l@RD=fkeJt~KV|4_i^bGPJ{c`-3f>$~-vS{wg9hsEUMYVRDg4HCzDn)clp+G9HAN z3e})3aN`86M{T@26|^ibpPxzApKNk*-+D}n4I3<_Ko#|no3)*cu4c>WpovbFu;-S! zjG!f`4__@f>=6T?!Chh$8+3)0%e*BsC#VLFsTOY1EM<3jQzMfiD#nQXw|+I{yObHm z1q_cm#lYSx9w5hjxMv#Epn&)EwWu4^!6U< zNlIY`=SjRx`tJ{4d}hmxy!*91nOYiYj58ATs8i%a8tl*a#@|U`{rl?uT3^MA!R)LC zxo+GaF`IzF-FShxzatWmB%V6G#qF4bv^@ME)!ZIpQfcpC;tI3O4Y*O!bo05J^-9U3 z>*3!=Oq22imQl|*QT3=<1a%M+fYP{(Jj%wc5ED#sXldg@vr@N-79@wiJKK9Dw7Iyp z_+Z#d)%qvkWJ@ZtSF^6`3G^`+d8q*5zmtKE|-T^!6%-jby_3monOr0Yh= zMSQUKl*>F!{U*gO0-u^svx|UfkByYOSjth`C;G$i>H`euz@}N(<+I1_WN-?M)M|L# zMo|bAi_^)HRoMYCS}}f>tQ&m6+)hvz4M&u;9w-|=(f`WXbUXYMnn$hL=U=LYb?VLU z?t9J6Q`QbD&DIJn&EHs_ai6PNUOm~Hxl`qC`bh}}QS|}EQzpMCE?vb~xckfJyH_6n z_}03<`cYhWR3uN5#K?x3RgoM~&+xGxwexZ+aXr0k@x!pb*#mtTJ6I+!W=; zc??qnFP8Q(io3aki4^m_yM@~UynJF5qnKFB#2%B1lC;n}Jsi{&|La|EH(y=Im@;>D zadvjO5;*^L=KI9xl7a9JzOxAS%MQb=|2*_-FvD42DenW5njUT$mB--Oo(9buQk7vgDnbL`S*3BW0Xs56pz(IU^2V0D+Dam+*J=cY^5S6`0#Ig~3DZ#}RSao_}^7Ye)^{*-o!GAp2eMP5Pdd%DZa7kqZ`4oN2wuox} z*UI4~lq6LHb@f6G(W~X_{W(i3L*J%0PE9L`zYo3Js^fu?WMEs;dn-e>usS0 z-sgMra;A-#M_97dc)vq#zO1_DBt8uNcj5mZ&wR7t+7$OjJ4KkYK(Yh72@54V5_hJ+ zgc5`YJ?Kp*dOP;{AppFFF#8O_e*xtbU5#Yw1AKKvE4;)Sj9q`?+0k|M`@=*bj{vJ9 zzUE`D&*sL2>ae9yFW(b9lu&biM28 z#@nbT%U!ncz)wvC9v9*6-eT5C-2r5Sj5B+M8MUl|?F%K`eOgxYWWn}P_$Jz--U1Hg za%wW|y*92iC%Fq}VS1h>S(Uhlt_2F!H@qg7;pRv4NB^avtZY|j=j?{(Po6w|qOr*e z!lgFpA|yHs1ep{}S28?ARTfyl!n;kjcMz;WXVBo`3lx#w` z{w_y^A~WuHW(+xh{bV0Hd!Rw5!u6(%UrIdZBCbo zZu!%203ecU1>I_#of#fJZlFf@Ana=n=4#p|*P>rw0xxt^@}@dHU;{ej=GX>@#}WM} z`tCpk?>EVH;Q3|(0QM`Hj7ZP%IznI{yR717`jslyRJKJ$k{lj)P4JOrX-3@lB1zkq z9Pe_UtIvL&_Y7KNekjh|WvI0M;F-v;U(k^VvkNvK@?WKYmx{EI&>i^sV4)M-M>*$ zKFDT+^_M*k;G}q8)9oT)tWy+n2w}quy8SD^m;K7`W$afyfEo|X z?}&qvJX(`$jH=0EK}^WbVQ@ZtJtn=!Z^NYHATz5CZilpiWMJrc5{pydH+f;5^yIvw zYKeQ(+1nX6{I3S8Ex#)aTYNS2?0o3_-?Kq=I`hl!MhEU19Zp9gjEqPmDOCe`ORfjy zErHsrqruZrIX_?Ps%^|$tk*6U>#8d0raVm6lf4b@LY&+fJ2dP#A~AH$Jd+w&pb=zM zSdA!XIXFmY<+TZ9TlYF$mYNv`rRSnFU^+&MI}c1ukUV1EAV60H>1Q*`6M*{tH>6K7 zVOMn1Ur&GkucvP`f}i6hi^Jo;HC<}!D7^LLeg0Upq$iY5$d_-3`Bt7s&TLgQf4cjt z!2yl?=ihI8*Mg5s?3%w@?knPbk2i9xZba(N!=bRi_3r+Ix9oje-@B%G-KOia$(=$9`k2L6D(4%;VQ&6x zplesz@2fHZIBhBq8QyTNOaHvv70SSn;+aR>C=Q#-ha=01THa=O{A@#N6w zm!87OPwptHO5*YOLwft#uM;9Uy6LZ6;U=W(o5iX7VNl9%HT+c4wQtxswEAGLi)N*5 z<23{0SK&BNCQf0$(m1P*Ibds0H{8v4^D(uL@$Xd90xEi2DBIEj1CRRf<(>X0mAr9t zc*i>uJ*uvUhXcpg_sB-Tcxhs4Q*yO_k^XS%n>e-(2oG6O0TBHtmH~9x%GHg!f~VLBvv!6vVxtqC#fEJQI&eA7KmPubdIxY_P)29 zFR~T8FR2L?#O|_w-o82BU@*<)?nkoW8rg6JZ%Rvnmzk@d-96_+qf}Cns9c9OsS>CB zC#v}mtsCU??YrOgKWwjPUFzoaRhpTvt8kq@c}U~_k>Wz(w&X4~GY$iNDG@qL_RDbR z-Q|SEr77LvjWv^{#wgZe&h@aTdsmlcr`MXsa(BvYe|Zx7ioBcqD$Pkn@O*P3Tcpfr z&Ya%Oynx=tw~RJnCIRY5Lf3P(>h07kayMQE)kBiu0h4&BreL`i+pi@9yzo#r@%iS| z0$a&p58-*n1jN8ZvIiWq7wf=VDC{BsjDWdLUD(hBy5e-%*o{#tiA0_1z>*`v&n9m3 zLO$4n?MyD(Yq`tkx+INGm)c$WN3TN!PvMK}CuJS5*yNLpHdQ>9L{i!I#*0i^??Z8T z2&BPUPfS~aJYBQO`Up6>9UGDM!GHn-sN=YsJswIfdvWWckQ(GX5jR8j+r0NU8N#7-UO_vJNp~&Vp+5(gv~*z z2w_oKhS~td1;ZX$%pM2?rfKVP5gqCTEs9uhNrIw61w>JHk{be23~CU4$0mQfh_>}! zq$oJXs?&=|sf{8cyyqL}Oy~ET|MR?g+FG#<Ej6Q#25O24=|KjKMV9;PZ7yN~t`s3O;{KB)e^;aB0(;cvRIXkoPOa-dVcQR9aS2lhZ z7Z&#ZERe`QubT$orEqp2OYP5H13(-5I<#WTrQ4!LC-$bD`r|M@1_Q4AtMDHdyMuWl z4m_?TGoOIX>>7g_q2MyQI6i*nSWx{sbJH zCGU$p93yvp^u^J=x}VrTea||ua^8=UX_3@_?CwS6s!o_l)#mQVo^2*g~Mbb69_+BywJ@SBt|la8Qt2 zE&S(_&7YqE?F1JSEM~O4W^HTVY5&G7`PyZ+i(gMT%B}i{A1b?PpCCB?UTCOb+pD^7 zhL&I2{r3|c<2^t2h?;wDZ7@IBbX~JPewE+*>Tha(U@HXzY+@z0`py_QiT7pZk%$MU zr}$I1cNScH|J6@mHgoMLdQxeV+>_2(^SK(P5RP*s_Z;>GUU2R$ZMR?lQ}90beG<^{ zpWZvVPX>ROwlC^v)RDmBrK^!TMugb*_0%{()0MFCf$9xh)J6bPaMhvJir@I=;GQ2A zdnU~KoY4>!{*hv(?yq6@j_(shM!@-2*Kv5e*S_#uDZc}?v-68J<$Hr2;@@!KHymsD z>@~N7Lab~R3OKAO#Mf@guuaeN&f1_lEH`i(faX*Hab ze`9aj(x-67jP~%WgZ}W`yR{`x{51RGJZ{G?yW@Bz;C-hV#B`muLvtU50%ETC|3OSR zp$rE}uB=5_e^r-?EHPl_wIyUx`vN|u6$K3-&n({qRZb(y7}EftM{4( zPp^FcsqAUqpYvotq@Q}P!uQkn|IzT?msfr~<2HA8v>Kn?{mz3|vfY!0!?zwBUi4~m zRe`>B_a>{;%WH7_?=?1yH_^dA_xW6S-cfw-wa9-a<+0X$l?DX5m=^E1S+R zq0?#pYX6DN58je5j&Jt(HoE+4H#m8nrSj(;Z{CxrI18&g_U!e1C_*_pV^#~I*YVxj zzsbK^xk=IDrV~$5W}5uH(>My3YvyxnytDoDWW&{pho6@NCtRS!dolx_3W4 zmiET1fTiEPXWO~&% ztC&8Y7N8XeK;Wok zA3_&zb_khcz1Z4Q^2M5vBeIWBthqU4L(ws+pDv592wy;*D=S z9a7`q0a(3d%`S77t~~MD2isAX8Mn#b``3-N&Yf)i8=m$afBX8N&1ZDG5AP+nzm*jK z*V&PYdpzx*>;tRFBN5hjimsIv!DU#P8nyl-pKE))KR61+27aOHv@V`e(zVbmEPPnb-qMHYNe^jF^& z$4=YjU@Q9nZQon9&bcn(v?Dw3ojT~f*kPepL-L%pwN7U?0;!U)=!g$)10D#lCkc8Uyk@if| zn8xYK2XNdb7HF=+J4t>1D?dBK46}LP{%5$Y;%6;hsBV_R>9;TTfAj9KKv-UZ!h@5) zu^-1iDEa2#H=rm032YmqqRZu9tp)Y?#i@mB!p{D(FtTsmKS3X@z9L+_^5`BoYf%Cw zh3|*9@d@A@e2}cI=+0|Zo{1~StDsP_EN%MtZeg~!53 zo5RzSzUj+x#^X09JuDflgHaDC{h(`ex@=ZKI1)ijH$ow;JMTDdlV+J0!bVay7{73l zv}X>#R-0g>{j<-9wshLnJ@2u~YCfkW+-!J)-`Esc#cf$zjC=egKB`dlcTTl_ zi`!aoEx&ZEZ5{H_MIWK>t)ZL!C5s9E)ywPPA^9S+l5Xn8ib_bPtbc*W}8roB4) znjMj!c>Lf!=OgzY*OV*#%LJh7z@KkI^ZaSv@b2Q8JKPHZLCCN}hyDGQzX6vCrZVe4 zTJ?VAUpL-66S?d$TEhf)7ItQWKFGYc#1{7Ep4iyzt@&X#kbQlF_qSKpezAYE*Q>8C zHB@}J`1zH}J=e;P|9QQQhPCWY>Bpa(tvcIq;7mkn)FltgDCM)qejYOe`Bh^*T_edi zZUkjWcA1~`JRom(JQX#%S^Z$qVKb<*aMRb8$jATh$h(04PJmE_=0Cg!hvF3FQoW8(DEM(eJXgKeFWb+Q?;J@n5r5ovmtE{CA+Jr5n9{ zHqqMQzPRwH%qpM1Xq+N%zGvI`IgambQkPkIdeA>uyZ5yZj=lClqKge|?)shsy;J{- z2#x@~69v*44kx?c`+lz-u({_AAQrCrT3S)>QM-?hL$il5I2>O8hIT9vVErRanex}Aq5?8i{py)0qhbA|s;ugy*m_no=|Bf8fk<0`$LU&(mmUEdaO4Gg{- zy_fmzJ>$<5a$SH5DEDlpcO4mkF>WkaZa+BduT=i#5tqfP*zEL-KJ>L~^g9)Q`)c`- z?wO#!LP5WN9f=}9girI$&n%*7?|Z-d8z74Q9M|;I;-3=iq5E8Q(MK*?jM_=sKFD@g zOSXf!$UsCe7p4I)@cd;y zQXghi!v8nh<~`dmE4uy1o`85uD&I?Tto{6r#YttcKGE^;FiXdW`^cX%`a~%~f7?6t z_r1pfm6zUo9X*@pu+L`uxiBQTN=M;M>^&+2N%Phh(WukE{;^_h#W!%0h=az_kU8Ic zF2BP8iwgCdKOJYgs9P4pP~+%A?v9#2`*hi?^J;Mt&hD~V4nv1zn|ZE2unw_ew*3>u zSJ7~er>P-I`~{#GEQtD-E;$Z+I$qySMm+mRc31YB-@AO=)3DssL0_?|Zl&+5%BiXU zbISUSBrDI?Xcyxm(A7SPn z!MkuT9WzT(&D$X8A#)jm6|!plf_`lh5iMyAQOV50fto;W99A4&+e@S}1ZhMS?ug;n zan8`}m}<7*qczslp_(6hBi!heCVuz$lAkl8-|pwqZL)ia(($E2(vE7uyNW}pG*!1g zH9*~^s&*stiK=lAc;~oXCo7c~QXI3S9K+E{MfZGT>8#)~1D|H?(C!#)L)*!E?A`9@ zu)+Glnv-r0%XNb(-<2!YhZ~Yp6?c%%QKBddj_Rr9KKZ{Ta>R7d)F*?}1{7LRn$R zD4hRRu##iH)w|ta-W}$cyin6(^Idmep^vdv2NYz zg7Fs>!av3^cA?>r$%}|E#phS{t|HU3Z-%RT$ymWQ+0k%SwO+{CO6st>LHN)iGVU;$ zjdg{qhN-<`{sNL&Ey%(k*fk+IhqJ+%5xcvSlyGl5~54vEo&TO=g>(MuW0ti>Dyn@#{nFW~VrKQ2nD{{mwHd3cJ6k2anWU!+zkvfVeD`Q6g8vC|M ztYfvvN8;~@t{KiboH({aFwgQ5eVbV@`RZrzkiUJpHR$rxvtO^a-GHZ8O(bZhvVS@@ z|E!g5cy+kyTW7OSq8Y@`QJ?6N zs(CwQ^JHRoHHs?lHd&Lbg5q`|le76dwF#t#P55OPHJw(r0peP}wedgH%@XK%MRJjO zX*&<9c){r5Jm*Z^Zn~`DN#hp2E~c6%(r|h{-y!(cw1^>!qw-0mK5^GsD8P0<7h{#& zE7);ou+p1#&3jZx+lk8B29-AJakL@%$b4@(#~w0vIz5*LEA348Ns@~1Rx%j!4yD+6 zN+pwB=vNPsDqU(1q1UH#hOjRDx&4Y@XKQA@^H$?gc{TKtKE)j4`gVG<=7gbYM_5pa z!JE36;(GV!`L;^MR<97v0n6+5gSLpN$=|?Bc<}SNii)5hI4QJx>bIvsjVPQo*@YhO zSp~aZ#Zpm@x|4-rs(C!3+LEKqLLvq)A)K-1Txw}d5~0JIP>$}yVtNR4wN(kEEkoq0 zt`4ttA=BN})%tWncCWZsj=Rw_$Oz0SlZ5gTJZb-;k=%1y1EXYUn+jkYRX>-OboN zHT>W(6#CPrm*2~_K+LRKIrAbe3YLGU^Pg+V9nHX)iSR#`)5jORb438pK~LcQ11D-80+L0Dgi;HEZR2K z#bbsH$i6~@Upyq9hi9(k-%$2J6wlENU(9Mx+O-UDu$V|bDLSW~Loy|}mB3YXj?#w1 z#aD{?D|DPBLiNlfa8Gz_tP{HgJ3B(&CK^5FN}&clLW;Aco`mLnWPrSF?MeH2Stdb} zp>FK8QFp~lWt*qWrUv6aHiMf-hRbI&38Z(d@fM+Yi)k2~XV_VCL`_)WIV=M#L5UdzUW2+zm zV-3_KYxKq8++u1rLlvV_l@L{KL52>VCQnE_j?{@B3sr1Lj-IaI zw@{M=gmIvkd&_%F3-E7sfqb}Fmy{w|gf2CSwAHDocg?~>*oi7t8MW7qfI=zKb2huy z8=@0uF&8ST=Nmj+jLgk0w++#ERM33#oYM?n*7X&Oys^|>2gfoD1IEN%3))ks!TL_j zxfgYRww&{@A#X2W5XOS%S8o4uT zATt2(5&J@OiX@o>s$9HPK&V;;zRt2^dZAWzT%S}elm#&a#S~Y^+on@J#5iP#j;Diz zIaibv`g_;yZ2O&G0Mnsn_CnYWyE z@u(r9biOyh$M0Paah$i9(Dq`PiL(?R+e%N2?Z;xem2YY1kk;xR3{O^h>3FUxMU~19 zs}sWI)vCO;Lu7lOPl>^=-IeE1RH>W}8XpBMs9NNpEW)Bul)0o-N?g~?A4kwJE`~*xQQLT>8=0QJjf$zlIsS}+bRYF4F zuQ^_&(Wj)j%5O@8f*n=_%b8H7CXZYx;D#%&J!!K`{rN81TEAMu(H)g@ykmn&S`j;Q zA8jPyl2^|5QQ;qwEn#x}=}6}3Q>P;$UOoHuWkp5AO3kc?6fs`JoGFf zzo=9mc6da-C2d{3W@r-bkRaTtYY;+5W*6y;ai&D`Oe|6#!kRKxmsLqx_fSxqE&cl4_U1p}NUU>kroR=U>KoBG53 zYW=zK?+xkxN=6R-e?+fu4y}Gx@Y;i=eF`}fZa=Hw9O+9yjgDjQ$h1!=J-=pG6a(`1 z0aZj;F$C7Y28fT9bs-u~H7@~cD<}ANSeF}rAm*ffkz5VcX%*~De;x*L8- znXgXt2=+W^F#}QVYA>C{U9GOd58-n$$uMy=&$$>;#W|3*4au5wCc&Y#y96UGxzq}d zFOfa~E!coM=~=e$ILH~xZ7mDeCQ(WtR2m|onAs_BpUe>-%0V+u|pEV z7ICF$t!jv;=R;?-GM;yWc}8OUkUgb6rtP6>0>A6^ z#`yL9HSpztO#$j6yr*BE+!B8f;^bfrr3(Rrx@~t{k%L&@31h6obN&efb7i72Ek~%B zXMZ>2;sLhQ=hC6R8iOWp2YQ_^o_I8au)j{+Mp4UHy(<6ujmtIDMDIwL+&ib`nRIEB z>3|E*94sDbOjh+^F~bNRhWP^tY1`Q=7{KYAF?Je}jWzX>c34O6DxwZ@jfzhq>%!Gd zc%Yytyt$XJ#XG2aqAFZ$jwU&og|@Py@h}~9+l*|UwJtTyRmI6F z$^)&*I)t&@`Ptvqg{U}+m|#b1ha4!`>ORGM1Ji(r$%;{-Nqau}q;t{v!}>J~4PWvv zI^X>aAoZoUnj7!@dYa%pefp>w5xif2z1sW;X$^}6o~~9?N)kfq!^@he z51q^z)Y<+fA(1hiXIuL9@X3=UwSizK2nXN~lzO2=C7Z_(Sp#t*kBa$2R1Fm_Yv?7@ zz(uIQxAQ<6=WUfmc9-?nQL~|(8s=intsqZaW3q)q)K!N#)7}&(sLo*5<-oKS!iVBV zC%&cVp2b8Y1Stpz9U^iE3q4|)(BOP%^_4993dPnsl|p}D+yj;4@&2YJs>O|;EpXB? zhj(A}?|$;5nLwNoTKPLoIm!(%4{!o$VC}B_P=xio)b5h|I^vj6}ow zcE1c#GvAO;)UlVhJI><;JKh!V`mpwrva8s6G}~YWg**+k-M<6v%}31zQ=`8=cmTIr z11F&vTkxs(#s&1bQkK7}dp0nv;x<20`Thox)8hy2b2Kv&9x4AQZVcez~4j?T(Op^P?>V zyAuKjO|`oZhylhA%w`k3r=~)UJe4VDbY-{g{>XM4ofo3@;A+^;Tvh@QA=AUJnJjxA)Rq_<4h_hj;!yMuz-T_TZVg zg1^F5U8(@A`8s}rOw8t0KoQq$5p9#Po5}T1-}?Tnfu@I4L*3lS9&!_4ibfx=RkuYB z)Im;zJEJ-T5ya=>tvrZezs8Pg7E#gY9E@5WWFGXoX)gRW zN*eG8rcrh$^Pnj{I^BPD2EatexCet*AFl3H7lm`~z97b>CCxf9cK90K}6=77GD# z7ZB6AH}K%Uki2cXC*J}e@J;D=!0}ROb1+XSXW~0k&FVzXh~_$Ohe^5x2~>E@PzFu~ z!mU^`WkNfsMunIQu_GRcLp2wwG#C0?RNdeg#b_06i0ie4YXU{};gI#w12vtR1pv&| z`s8dj@xHD#kn5<`5NR@9m1-M=?+MsQe+(apt?4TEfZ!=Okb58{Abi1ckQTFoXG8C6 zcQyC{5Hm~zB_JGKtD;fGk<%HNiw7%NC^aM??P>dgcfRkG{NcCZm<@-O4pTc-=A z#=#(Xfn31L7bix4et}4G!p)F(J*=`3Y_!)*9!+tGI9rL&6PQmS(G;TU7IQ>EDDwH_ zu-H+Ssf!_HSch2Tir*$S3C^ivKviHxbw2PlUNPROV#w5>`US))B2~5>Y_Hl@p0Bem zDL|b-s#J5xM2U7iCedm}(ykdd1-lkYeS#fP|GRh$`Wr9_pmMW-)p^UANPz)J7FpDV z6Vel)E3U;r;3VM3Sj!r=2uD=Ch!ThBRDehB#QQNr2kV|;U|=M2p!IR;#W(AE`R;^S z8U$Vf=s1Ii)YtNkka)q$A~~}~!QAZ1%MmYBELVoxcn7*p-B9*v3JlvlF2&_!wu24b zS958$`4{y1YtV}umH%h{jpYtnixb?T!;uD@F;$Vh34xJKQ++K z05zg2tChXk;^nd+UFwinms-uY#E+p$BaVi1eFnu_*>;`k zNo%L(fmh-YdkE!ti7_3zU%TJ>neLZnEA_OnutE!|qvv``0WT3p z25S$szaaSB^5e5|4()JdhC;OPA2L3fe;dtCZsn71e<**lNtsstFVo`-3*3>F=k|E}f zQ}F`{*}ZyZHtz)KO@-*1=2Do9&6A0>8+!-=#&HMpprMK4%1-pxb!rkw83kqJu3kp4 z%))B^GOWH|!^svdmsN*158}>d_hPRc;X+^-WtEEK(Ci1-+5^>~DHjD8&TsTAgk(Pb#)A0GbD1b z5-tPk4bT`MmcWlP-uAT0v8M|S$(voRbA*Y;_hsuwr%L3`=B3aKyTP9n+!6Wz!R+h$ zwqSDN<*ommia;(FPM$mZI>(8XXiW516&U>1o8nxp&EI3qgQ?k~A!M8s>0>zcdd~Oy z3LrECoa~$Wvi_D3%{FSit|=D~7s4pi`eAij*uIdOAZ=k(_xH3#wbcik7u-< z!Ly}4%yh3Oz{z=_T`y(6@_J^{j@`8{8n?pOiy)_*WjY)pIi%Gm+u={tRx{v#)#D~kS_ zWB_MCyabZjL)yxO!vw!u$$U&gBih6eHIsT6p@hPpZj$N3wNEtQ_y-DnNfv_xc?m>G zSLZ{`)-e%mbvbQAttlqh6{aACeZ^`y3g{ntqy=A~N3H8=Z$9o*PrCgP;tIrg`W z$tRJn8_1lvq39lSFg*7LJFpApOpSd_|IaNFnB^R5Q9IbLQ>Ch{HJ~hVLGUB@B@Kjt zq}fXF9GpnrcK&T5dY~zg52Gfq^OJ{YG9lQfN!4swLkRewnsTBC14XYPQ_V{=$XJGG zyU3Rhsu(OpF$X3|)%+pQI@#>y4Bp+-mBk&>rNGl*B4-Oj3Se>-9!;JmgwRL|Tfu1V zcQJRQZ_e~Q2?g;EJ&=8yzDLsLdHJ{fl-l+cH@b;7eMwHv>ORLLR{ zeDkXv>idd8Mk5XnP>m4B9^48@Q3&JlO69QBH@R4So;{E{F%QDXgfI@SyJiS=teDBi zE|`kEdiC?vsneHN!bk*JGOJgun)# z$ymKuB+~S&Z|i)haGi*7Cz*Cs21SFoHf~`Lfo-lqHg8OJZI9Dkq-PADUW_^-LcXUV{(h6gS@Q&8pdE{m!b{&FZ-OjN4(P?(>6{ge0_kame(?jfZSTNiO2OTTZFg)2*b$C+Pl^l~6CS3Qv=QGy<<=#? zk3^mynVNX}w`u8o3GS**t(-eQrSZYWMc0_FOZJ53#dbhjI#Ik-CiY0V5 zpq<#2CHn!}iqw zSMC^4S~(6k;yCx9)9$UbJ>8{ijg0bYwcm}eKfN|p@Q)1ZHxlQ5y zpHr2&kvXz8J;eU;U<2Ogdc(kNVfh;x!M{p0z@e3*usJkei!W9Pve80tJf*ZEIqOK6 zE&PGKZ?G}}RL@n8*#%3>it6qb^XkRCTf}mPXoF0+Kv|b7NWyAWc3MurSq4lW1OXU) zfvv%Kn~TdlV$oXy4}(?%jt^?D$a4!TmN%w2TN~+}hUKGN^Lo=G*ZMKF;V?9Wbmcsk z17v9J6U%FG?IavYyBkrkd+gU=E*GrYoxckxXu|GSNxDOC%bCS6Qgd3jb~Cp&RJV9ox|C{|i+_nVxlq>j zY0|irjtT8P?e-OgVTuc2{Q#A5p(i8#XqkXc^Bjk=`O%4+8yKtQCiUNbE4~4Pv>@H_(`Pk`56)2vTX)y1jKBgK}+qrT4?v#PnULp;47+#O*R*UfsR85{*k6Y>Z)@SFc7&_QA zS)k50(+LMzw7V!s2p`1!hOQRK|Nih+E16J4f<#vx53kz-T!*(P;F+Xi*+frJvyh9EdgF*^k?F>o>E0_kl=k-DZ%ih2`XyV%Yj<#b^F3V-=T=Il^U%1*% zr!A*i$}#Q&aecqAsEUXj;`TV{_<|c}Vb&8Ou*1|3F>a`hi5{C{ap;cBkAYT;bOV}R zgTka+IovSdVS(4Bf|ZVKysaL)KM7WzPMTO_dSyu5b@6=6faTSFVB+cX%coaItlaf# z;_ChTx2|4Yclz>Ax9)y7_1?Q4N>9aw`TNFwP)M^C%zVd)u6~zA8Xxm&O5QJM;{f<$ z?6SOeH&Qjoa{n%Gjw~fxCDPm`p@`Z<3A(m&Du8J1tUM%kbI|E<~loG;b zOR+QG_Vfu}`-l8gS(#^RB|6Pu;vtGVjN9q>Mg80jIzCi9j6V8dKPEvd5SSCwDj+|} z8X=iVX1#^78|?tZAA~5PdPn@;4^(F*nlwP?(VG0>*u-Fbcl5+hk$^j!P1dv#dY~~* zd7GS$<<74n3gE${Q@eJLjsJ4>{^`s`AlrX=P?1@{%SKiQ3Z}6vk2XY|=yTXM+M&sY z%g!BXD$&@P*9K5pqQT1S#=y(+=E>F!C6TY|v>DnhqEPjPyyN}cNG;x&w=cXVR>!_Y zsCtQFA_*U4YjJmIqTC>1g08Uy`q*uiH> z9?4+%!a)V*$rwW_@Nh(@AYVK@eH?-n)17mLq^Y&|bf(Hzahg5hXGzI3VJ(I-y`|E3&U^7_q@Vyuz`bwbMoH!|^XTZ!M?o*l zp(L_A0$AyC&Pug!d)?%^$Hg6ELG0V656OnXq=AMIB1=G8YMenetf#Wc4`RBHhBxJs z#Zcz=@r?Rh0`C`{(?}RFLr9X~`}C3lXpYA)b&19c6LcpIgKWp23EV{spsQ+_62Tl< zx*gWqir=S>R}t0EEEbF=UhEJ%OvwrXhUU=+1=kGL#s8U;KR^BQ%UcH`-kF*hAG_6j;6Uc? zS6UJkxD`-<;^|lh8cHgQPfLcC^Y~@3m822#+5~3@lc5~9*6Eru+O`mR);diFo=e_V z7h&um=ze88;PKNrn(Eocx5s_RA30oO$NPQc+rbn^~Oi!ofqt$|8jR5jq zokpZr!xc{KAtD0^ZW4HbSgjuxg`kID4b{#4UQhHkc7~8OSX{u_hk&=snb0}WC5uNL zbK0=7w3L(dcF$mCg<^wL;BV|w%SP||nwlLWlsh7FmaI;>Q#S+c>kzcBJH6oU zkB$!Azu$Z#^VgxR|15C(lYNm3>zdJz2yL$mG+YX^#PqPBC~qC$F?(wbN=Qv!0-`uc z#0L!goY0zBM(l^+ww+R^!N<^I?3Wa`n%Lhjyy|40t!pdM3aD|7+`x5exXjL z*2-eCq9k}(cwj8*oWV*KV*1dUQN3GGC>CJ8j4q^)N=Fl0l!DPy6bov0^ywTk{nUF_ zquUgVVlHYb74uxq`HeQrgf+^-n5G^*{bRNU0mPrcz+@_NqX!!Nh_V!ss|lZu>pcE8 zbKYpfL+WE#LHx|c97{ErA7bnTbDk_wf`v)MGgPJLXCY8HL8Q8i zR#4~rMK38R%WSm<#j#N@IfMb~0~aMPiFt8E!$T}nBIu&HiaF+TQ%wpi1}N1;$O5vUfj#pkNiR2;ZQDRP8;hQ(wmi*Vxwsk*$Z!2R-TlnK~_}X0(1Kz1@D+ zXe5kL+Pw!;S1G1EgB>H9$38Q3!D`Q6a*Ao|sOh+_`swuLsaLO_J~|LIZ|dc(e}g>C zy!Xr}JaQJtjy4$ddV7&Eb>cCWwyUK|lV3ZzE}gS3k}L+sdB~05ozX+628CovUUztn z3zbABkih-A)#0j602vnkdQWL(hhH1!RKAqR#p+nqM>>SsIG0*OM)@<)b&1h>f0iTI9clzuod0f#=M=8fm^U zZ(io2$sH3hG|R ziWRs&Y#CgaeqO0SR%)fa?H-@_%kjYrpSYl`Hssl z$z%D2F*VtWqPoI#Ox(tilm&Cc|2WxC!wW)Y$jt# zTJ-{FS&Bpe0*N6KkxX4%M$L6+yYCN1rtM!9HyctwOqZ5N1~`C7KOXr5o7^s#eqCMg%AU z|Mh%;few_TSy6(3v+FS~kkYJvJ^yU4fYf3!3+*j>3`poqIFWKf{WW-+U_^o~1{YWv z0Ko)uFPum*tuj=h(x2f`TmQhL79B3woj);j^UDfA|0JFFWxAopN--yRwmGRqC2RM3 zXlfSTGFams;hv|6var@z^K1rhYm1MdjlW#R9cl0ZeSTWZyG`W-Tonttwf&ql%xSbC zqXEJLPc4JCIV`@4njA1zB-}rhKsTR;x|l&WY!Tcbf@88_ zdesGX{T4pRFkhMal$r?(vH?ypS~Zi5%;GPHqKA(9T`xDy8sLEDYfiFXP>MP$%1%pX zg|8^_<@(48_|D@ZWaVP4<5msCU6!*%&H%%f9y{%t zSlTMsR~A};It`5;2#e~gf?Z!qGw%$5B)PFQAZjb&W#!)B?#(J^vPQ zNqn;(RAZbSmWd?ln*1|;v<>Y}&;z84O9`j4=uJyriS4)_z7A4Vje?v;a^=fA$vHh zhnQnzNs|hZzMn}@i#|mW1w=&T!|0c@B!{-sbFNZjdLj&Vyg`(W{oM$LRQhH)&@0un zeKO+lKLP8%an|2ss?+tEDB&Bcy49?>Z=wSi4qh%A~cCF1g?cx6~x0Q8PMM(zy~8&@oo^@VU?Xs-HI~@ z8Za)X-8T-;5UcJ7)5Pk_FDq^otXyqz z_+|wE*FmF}0V z^L6O1LxS$pU_fT<**@mHlnFe_Zsom znp2RcU@*c?K(20!sH}=;bt9|XNDEip23!hf2z1}MfwEejt=$BYHBAYVmLn~gg+)8!ZPXm>v!t2NB?ozBxB?hLUCKzTZXwAHT3 zyO-bj7XxVOFU_P$*+qtZ78m6P+0^HnFv`E<;^of;@4Rzq^~C7dqgz)m zuU@qh>^(jrseVf2K~pDow1yZjr8rv}Y0BGRgXqF*w%p3wDH9gu9TKa`Ad-y_scIsD zd|lQx?jd87!zR`$MHJPLOR^+*f=;`ITcii|xLn4r20jIGbN~;PEEnUTT&+n^1Fd2~ zQNKuoMFEGDK*=_gs6e#dBA&a%8R(}Jc8Y)JDL9w^0w-jt#M+wtr(+81(*DWds3eTu zqgs4qkfC-AP!Qa6Dll~`d#l3L$MayV4*V}5{@|t5V(jHHJxua0TQMQnsuz8s`1-GSD4|VP2cB8W$j;t4w5Rvdc_&ef zArXx2U?ucs3!N~O(WjjS_~wS?4rM7y&SPbf>B+H3#Xhzv&N<@bj&1FW!ADU|3)4#{ zko$bOVE2x(Utd_*{-pWmd*23Kp6vah)OXr31^fAwCaFEB({MvGS3VK|Sket6e0Py~ zF4hEth^F<_D-fHFgX`SE8C^zf7oAgW2UG<;u*VHRzY!!nieDR)I}%nk{h}3^02!yk ztH}Iq?dO0`jS>_16X0;kCU;>M^-^(PYJbB}g@OsKi+Pd`Q9}X-#G*wzA$Qo~dO(bs ziBejQ%W|05!C;J`2EUZ(?6m|Fc5%Q#2>`?P?0QI9VEcN$lddjCf>jeLAf&j94%ZHe z!4n}ubD)@)F@aNXfR`dL`n~4qiZY}FQh{{Ppxh-n(RaEPefAM&#_kzT6x)sd-Bd}t zOH4DT?PX|4@*K(1)l(yxhcg!~ipZZV%`C{;^tEH~#-oOGB%dt3GtKl!U~PErlAyx} zehpshyqFgHsO}!B4NjSe}__e;|zc9`Ov zwgz^BoA0Wg;Y&VK6HiB)r#{{B2RHx4Vv7>}NnvT7i!F(n3yIkZE8h^uXNFK&SKbOR z9zb!j!E!F^7u?NU#oGojlti++ZZO}B-k!31^`uIDen5=aNZHkj7Iwg5QYV4N)1mWg3waJitUY7=x# zXMqmKTQ^k`npw;imi=-TSlj660TadYU@4#yJs!%U0~oxY95A^mEbz%7`>}EnYoZ2} z(tc1%DXVN}Wc>i#?P~_rXMpG`Oh#Wk03=GI{ppWDBxv{EogquwwY44DBK)oRLwu00 z-PBzjuKti(p$cHAw{y2@Lx=z>j%!W8gr^#sXtW&`2NO@30I_s7cz1#{%16i7fOywj z5DO0IdI_j=V2WU7qQSr!s7iO(f33+SyNc6dR-(CfJuoF$)ZXBL7(KASnV}tkeEp2m z$26oSdR_#WyiWwXlDu3w{?!bMpy^4e2Hw6sD8DhpT7fhlhiCS<6$!7*Lfl8Vf#jnyVV;5QC@ zSC^4mc)k>2a%}Iwt;EE#CJ(=M+NunYL!2fC~r<(LIg^C)g zbR+iZVgH;xN5*vp@(0nyxQ~=|t$gxAZ{#6ZLIduB=L^g}g&xNtUwcKAMKeb(+oE$EQ zSe5_jzcTYC4=skDE_JO_F=>xX>FIb<4)1aCB5`){bI0v!5$Cxol>bOM9wKW@rofP% zs|ppYz+otRyq`VN+H1T_op6>VW~=q;5*2d*byILh`k{x4-8rsU+`x1+AtTceIfz8z zY%E8~$*Cq*VO)@>*_v&ToQm^2dl5|E>d%+XHv;?gwUw3|STtYgfoPQpO;J#GN}W37 ztVF3xaPhJnT3gE#4j3;T`h)3paNkw%NFF5108l+Aeb;y0b8aLGSnkBCoox>w9si@TVRRe@Z!~~ z9dp`!E?qt!H+}qcm+K45mVI+`bI|GC1-mDIotPMEMki&8u>{XIW9&-9TpyXZ*~$~9 zCMfgH9ip7{?s7e^yEa@zgd!S!jt^PXOErlFck2cdyN~BBFx!EhR|51iPNEU$>Y=!+ z$Rr&u1cJ{GB}>FOd=c&n(a*6aRIpx?4MLyqibWm5_}g)205C6&3$-UNKj*UHSPDAi zacoxm5rj(q3h+zlXq5(bACXUF*>p1cgPXzfkMTDi3sY?6KG)<65@Z$O>Sc)SHnx)7 z?2Qt2BQAgyqW}^L+!ywnH7t@#wj_%mDSMR=RUvGuZ-kQSV6^g@wgOM$Yk)S7>>Ems8r;k@gmBMU*r73dYSW&fTUEu%J?g&g5m8b>h1< zm&%}dEE=ubq7G%>t&yd;gP{aPE`h!YJ_-0wSvtH#139_^gF*xrK@{NHmqX+Lr9pWTwEr*K<3*)suf-*6jux?l{06&^lefGMu zR-ol%FHz>Lvo)ootfv9;#{V>9U$cW8VOKt zNsHnWU>}4fNemLN(99iDypx`SO+t)?hdG6Geu>QRpVmw-vO3914$9MA6!_w zVW(#kL3m|(d*?r)pvHnl&34+{!wWd3w23INC#%2+y)^XC`2wtKz>%nNc7XFBF~%l!^s0+K(tIf6D#PZzwh+@Oe)&HAVY z!A~Kq>!NVlc%zMe&(&Xu9Y=gG#dOy}-@M@FY|cY7kDWMcpfN+@F1$?%$mhaLNZe48 zJHWSwb;lwMDh-wt0$@QF`DrJnb!V**GE?m%)6P{bL;gkWGqM4~*?B2rs9}rxO^kn) z&?r_Qx>E)9<<0b`LyccU9~U)Cv=xfh@RQM87(Q)TrGefHH{IzRbCGc$VQIraBwz9+ zDj3AvLM^2R#j=x6a;u$UK#1ztWo|?Z6TB(SW6oAQgtVy`{oYksm>749tQ? z5BWCc9olxqfg+R6c)NJfx{LZg`@5M7g+Y-sp$xKw^3`u}cppMJ_2Sowt6Qf@QF(c^ zmC}u#6KG@h>?QT*6BarIt-Yu!FvbZ*u=O*9ZxwCF&k1~Ex=Zz35w(h}Dba)qt`e=| zqKW!TYx8&LG?#?gYNosBCD=<2vf57A-vOn>jw5syvXrd`{%MIP6ysdYGA*>WEqH1V zCQ8d}Q*j1BBB)B#w;Z-BVJnXT#e6bhhHTQ4XBOw+t_QF`537kMfx1}2>C?W{B=2*n zz@Sr$vQ?Zzlt$-*CG-IAf@_IsVRT#WBCCxB!@D6CL=#>`G=RI$lz@8L5C1MCZxw%u zOlGvdiy*xaJT0^vF}+wB#yTinVq;3TKWC7b?ltYm9?dXab!-a^F&wb}H*^0F6uMim zvfxvAW)M2GnV`w0zsp8UlX+3)+FsXdl$d13IG)Hw&A)eLv09C9L#`hX^SE*2z!VjkN`pO04dc_2ewf}aW%mJiVQ`n zphiG42uLx46!rVka0^e>dTW9$iXP;qwT3F9A{GbV`3u-_Kks{dl~Qeynlslpuk#vz zg?#s?yoM+7N$AI8ekX~fbvQe?<#AAS_G@k^DLmoy3Jz;A`kokd(5_cf@=n;AX6Z0>KFR;coxDioxJlCzX+Rau~T=phc$;A z=gez_i1b*Th#-wAR%;BH#BJOFYNm#lAHp4xa1B%vN%%}19eo=VrQlL$TU|DVlQ(U= zkO!RhB&!pLN44vmALEV&2rVn}p4<1?i|C()(V&GnhP`mR0AQFZhW9VvXz_0aLgXQE_-hz;%n!dt zROtIby-Z^wvZTQFdQtd*o}r^G!B`cCb)JomoS)0zAmvIv#9P2rG+OA^BxAEhn4BMj z`dvQ+Me2ItczP%N7Rf!066qbWCj1_C1Q!+30)Ll84i)LG^g;)*((&ES(BdmtXKGo! zdiB~BZ{LyACll3><%@s9x+?1!W31o~cF@~Tv{47`z}U;FW76c|3-F*}sSbMMpbQc5 z{;ErPqpri=>bvWEt2b@v1ybm9pHePTLm4NTdQKA4driR|k( zNpLPE|BLW-?8O>4;ZDd+syxC|5J#KLOq|27z4v>^LUISH-A3AnPieKWuWiK*LBb z8F)ORS4)J*_cKZ%n2?#sYgl42gYJZ2Z8Wqc=nLT-U9i{^z)m;aY)60{nOG+|Y^yKZ z$6nvQeXQ=msj=t3{Biif_*p2A@vg3{D2cRGkmOs4gJS03VGtQ^>l_ zcwsZrBI^q(AOw(-i^Nj+KBN%h{)pfexK}_wNR`>MJMNGKwdRchuxxbO))8v*Us#Sy zAcHGUURkzs?Bye@lhkS!P0%Kamo9jX#JWTADrD$}Hdjq=znHxg`tqtva?<`_DP$Kk z-$^ogqWb}tnsP#ib98qxBHCi6kYgV2v3MTgfr2*J8V*jb&{VnG<3%BsqUC8eb>T>2@cUT+Jr51R zd`{4{G-@Pp&5GRh9qIKW%2&x83NTI?eq9ghDji2t1M%bNU!bCVxDIOCKxQ-}HNDh1 zT8_#w18x8DG6}7^@t7JCj*7leXzZQ;lUbAN<>+N|Escj9gf@Zgf>zoJerxPR!k;>k z@L&A#!`~AA^XGdc?^bt>s~`dE^8@sdW}7!jQdDjQ+ZhkF8$0ewMq=X8GY+qk-HB~c zU&z_R6P2Us`5Faiqx5pHCQBhhe;zLew25RVz54@R7-tfxh>R6d5c{5(=Hu!rF1r~C z3Q99;v3YQ>47a&Xpii$mJ?fN|;I6uuP-fLZFHR_cw)5^N%FdW#qUFIgK}3BC>2@+{ zuILa{s8(eqypfgbgk*T6p#j`p?1x5jsQPpUPvnU(5K-8sK6AqyCVB{39mXwK*RlT) zvyl+HMziWxswIMQA*LNe!Vi`bZ3%zjHXnWg&Sqg^i8Xwew8&jm*{zZ8s>8OsXAD`S z#qTnMJgPsHxohrUaKhQKK{jEa!3tW*zB3<&R~j>Y3Vh=g6iY2jRoiCPNV^~Ep}Jep z5<3X-hxmJZV_lJCiteoj;?3ac6?r)($8^D!lBJqE(w)$dz}pvL>Q?MPk`u~w8KxS= z^Yk&ahnWQZ0~2~AfF|})-!uOz>65;1hN~(1vTojPP z<3XUH)#XEAvWU#GbIMvXmvvQh9Mk{Is{m|mCOGkR3<9vO15nPtyD#eP^Ez3#XqF~= z;M!v*7ys>q3dC0cDL~%{0gCNmP((~nf9eT98L?ZtG|CD43#xeGfq7YH-rM! zyHB4>v7!HsmQGmdgHtCjFGF@Z<@Mv9H!t-Re}m#s(1$u3lZX4`4%vtJ$ONsFMz<7o zL3Z%a3Z3J9cDp2J52i&RU_@Lh^{byH+a9}JIuin3D28?KNM9>viIWOY_+a7ySVs27 zk%l}7>78-)Ug|ks$YX3o@+1Z|^$9YOFVUUFp2RF^;wmng+3`DrjkOh7hZBUTn!F1H zwn$FK$V6l|$ChLel%E(L*E$kiB+4GU2c9bT`!O5W%O!5SsF;V`(0^kI#Yf`dBjZTF z1Qlf#`rSe832*qCgF1H&DMF7TZ{_#|tjVwa{{i$vlO#li)@U9?iKoIrEXB_*=`uwVXSv%%As z8_(Q_y686S$rU|`8?1g3cUN~pbGUJnq>*{Roaf&ghb=NO*pdeieh;BpPnZ+?SF3}U#cI0_zGVv3E6d7qP@;sUFLSKm#OPEP` zuY5As2s6F&aUq0s|BiBEv7)vO!;HnpiRIVm=)@8qqPB0qDhBqLV4l_8bPob%+pQc2 zsH|onwJIEoL=S{EWS@_k2||-z{d{knN&8!=ueE(CS^gv+Q8qho%0F!XWa4^~O(?nE z^#JRke-l1QKJwCxx$LlmS&l6TP+zeJ=@4cPZPJ=|ycU;byA93KIjp}V;>5=5=4r&2 z11^2-S6?J)WR0!HCKd~mHCzF^+~U6tA_3?L|a zM`(koUpu0Rcf?i?;b)1|c>A1&~5! zL4gm=mG_uNypg5wN5i;DxpJ~Aw1G)qQ#SFAscmT%U}6x&yAm{ zdbNK1;K(EBb$@1~e?-kOv1LA|Ad;k`w}5neEKUXtZPI<0c?tc)nZwJ~;kjSuWI{!+ z&7lpKsE>|vc>XbW(OS@4?jd8JNb2+AuoQw)Nk7B1lq8^9KQVM4FwSz_d>961$K1nYIA z@SuaG*(F3pCZaqMKxy9LdMKN`479=ob2lBcUHr+=nRizxEgFnk4%+MC{JW9<;2d>kDJA)F~Ow1V6A{iTLnFt z%QTjkS(}r9c@c7G%?-^(KgnXtvQ{*NkitGB11Q8Wg$AWWN!C*(;90IZ>bMO(WQR1D zl*G3yJ!eV2#6rW`Hy>!{sXT^aR8mt?&2kkE>x7XRLz_N!4W(nbwG(Q?)nnfF`WII6yE4nYBXX4=_{gM|;v=U41+Fscv;nI$y z$mHNa#?*(U31OrGM<%pL7Edr3Cr6GD<2!8G9Xr9sG2o-V*u%zhrx`CWrn-k!-F*}i zNK8C76glfL93rm8g+{n}v<~AV^m**Df}O!@3gO`xhXUs+wS}_eRZ14aka-Fnok+T~ z)Wi67n#JZb?`$kvG{;*l2EBHF0RJWi`QE=P^#1+w(W6IylJ~|_CwJo}_Jmqzz(eaT zDmmYH=#px2!FIOlgm63CCLm@|iZ)MfC@=Og=C&K_?)&F%9=@)tc@lS3UkKHbjE%lq zVzTUO!gtn^7YQw%iK3F!@S+S}6s+X1G<;rn58F7nmx(UNVst_fTVHCDb$P98*W{PA zQm1081(gt!NS^vFZbI4JF%Dz#wGjPxPk5)Q=oMQ&g&R5MwR1~LZ^*^<#^;>A2(faD zPMGrL%!j2Td;Xv0s|U)G&c914c*qThc?K`ydVyafS9U`t=yt(y2IDnX=A?*I zu$sH+G3tHC%?SgRVVz!@n<*iC85i%w zyI~hRI_9A!0_`@Owu(E3>1EkbY-HjWvBz+;n2oa}ywjdIbd|7C<57U^WJT=2dA#m3 z4H9V0EY?+B!aVGeI4MkY{MN|d3lrxW?*GZs@g)tgCq1l$KDMQRIwpCj%s?Ky0C(Oe3~dlb<&Sk zuHBg*Z!#zmE;a$El|9my_=lR=!&x{{avCz!F+^CFX7T!7arcH~EPOBtd`)dQxKi0B zy?~+Hx^mrqKL$XqioL3<^urO6wiw7g(rw(T?j1fd(Vv+5&%+e{3LgC)?PZ61(bRz7 zjj563xW-b{7_rYRVotLZa&Av5Iz1=hMF9I+@5tD({>G`l3$@Jw$0O9W<}6cL{~`m*ot< zc4@8xbaLqM=#YwsL$1Q@6fpa7Fpo{-`@Q6})7a>#y1K^ISKb23k%u@f`|P$?$5{Cn z!ZS|!Q_v@+c;R+=!5}RK0-m*YxZ}0#BcPM4cHtF{77 zZnib}$YLQ6ScBV3XQ{CrAi`TEuC?ZbjsrO?*H*%?k69tv<&pW1Lzr9)fH}e{$s_|D zf%>|%)hUg-SXk>zX*_Geb?}tfU?uKh2eV!Aszi07z+Ag7|L%kmdiBWI$ioNNqhFqz zJNg(CH$U##h3@ffeRX7S8oY`+T^nqOOU)_n9V1i}@B!Dgt5mOLhp|jwq&w0UpKHlW zOlCKpSy2kol%re0S}gIAc8lR}p5k@9=wwC`58KE~u}LGF!i%noB?!S5@t>;Vc!k!S z7AzPV1y{uw`^cVi*>&nA;}~v-pO?1A{ORM6>wzFXh0XAu>aC(Q14LL8bcrURvG%$K ztEXu5V~~6|YVrHh=xaL1+B>|zmOVu&wU%#=YwX_x}|bo*^0c@GdBvWvK@y0lfT$} zKsBAZ-KA-w|8BF26iBO2p>E&x?(rXg3_O3{xOy!~Q0%*5>1V{@TL1P10l!N=Nprbe zjexm=YtiU+xp1_VE5qT+m=@U~#)IJAx(isSJAi(CN?@1e@>tmEmpcD>;_q+|CZgWr zb(%#e4q?%Rm>RNAb8{k>ob&+`m=@YKQIbriYs0k1TSMnbo^uZ!S9BArzTAy~8Of{3 z@R22YsOuGsNCj&tYbk-#M>2(EAGOagS9?U|{*sngfsY_qVKLwgq?QS7^X>G@wMg?n z9aHVdw|ioS>$96>n<(m#N_Nt4a>qulkTGXSr#)b~*>01GP2{~=Rmgz=p^Oteh1|aCj@VC=lo0=x6ORJ6m@Wu>4Av$!`U8y6glWYWbPUt$)Lznx>NI7 zwmELtLU({wr*4rXvE=cY>Y4`lvVT?VblrYzb`-+P;ou1b#BcrBOMxj26>3kf_=0rP zzkA}{%y^*J^*3aq8{#tQ4apSV=_l-mYS$(X96TBc=onJI{(3tGUJ_>n%m9)?{PS8` zxi9r$Q2X(=vutT%rUJ93P0}*1Y@4p#8XnFOCuXjFjIu#m&RzdFb0+UJVyB=@>?ymg zJ>p9fCSKeBr;n4|125lCrj?M05~mwGSNb zht-?f#N3mOw~$txeKUOL!IgIpA3Ykly_p>HefOU`Kd%1ck7KvSHl_!f`Gn6E9?CIM zg~%yMSz^_9`FE(B!|&=&vVF<4AT;RPK3J7^0)7=+}_rk9F*O7212|Ni3%1BIFLdXid0+ zm4t5wn|v%w%oJ?{u;in==gyf~YKAeEc(KyQ{=LuvZ-j-45=cSX38TOyL5Y3}OA908 zAYq{J?$89YLMW=YTK_LP?#e>+DSV^K1B;l!yPC6?4{b(^gI#!d!KRqBiKg6&dVN!F zH|%os#a(ig`xNFvp1qHmEL@RJt4^6Zbf&?Ore)-Bw>ZFcn57A+G~HbHvcs)#P`t@< z^O+(|bZ$IN9gI1818&uE&39rOQ0rtJn>C=Z#w0yF8VNl*nRVxUgX9OU%oF*jk|UMr z5+18R;{iTvMJ#!2ft*vvtMQbIq9p_a}06lvyRTGnxs$?G&>EOB|LbmU}K znNV&;ZPp_jIK$f*;|95SXu#n!;zT)4^&i8<9jxN0XUiQ3ut?&#qaeA!t;>+-2BX|0 z(bWapQMNBTE?c2K*k3^t+J(&sCqKS$^u`b3?Bvc_IkKLwgMl_W%iU=xCBj`3vJ3Z} zH<>uA4TmDMcU4zn+e;FhSDa}L&ObDf&pQdf-!uB=5AgfwFpjHe>N>i8}u zlQ!!}_MRrZAB(h%jjCxwA>6g?mtXnn!gkpxVwVm#DV{KG0_3rE>ZQ^{44c*0b=!Ed z;{c4gitr)?PC`C?eAGL5xaK{LONY z%|=iH@3|CpIPTuXi{yB{iN z4?uewl;`09i3mHgjod?iFg87%M;ebmrePUPF>1hqLT3fWc1V{UkzD z1NUQ1{-~;Ws@`nTkWUMv;D1+aTLfZJmFBWdySCz0LY#03K;7!{aQqXl>EJRDwP23EyS2knykF}90+z&>MOL*VjcV}Tm@ z1ymuhr?fDAC^RN1Dse`WS9E@2d$}KTWC6!bjkA%cy~?H0*nGlvzp)~=tOt`*68UlU zzB4=~*xPf|U2F_{T?2{%*Y>L@j^Ll+X$}*WQ63?nm_EZ8zwv%ws){m#dmj0FN=8G! zP&Zj?U+3@axUv?*4IV2hTa*9P=2L$eBTri+Mdqp9JMm1M|BGqP-2W=nNBbXRg^6>= zfb5ijgN`eU-5P1Q0p6=TD}++p3);1Hi_%taRE2C*?V~!YWrcS; z#>|H-v=&26DlSGBL*5tf?&HP#sZ(eny~O3#hbwpIjv_^k-9AgIca3e9ySmW!U5sqP zM(G<>ONQEXN8t2tJHm%2sS)RFqUDIO(bB;)DdD{hnEP%#uHo{&>*f-ZTtafaF;~_t ze$FK%3OH5zF$jl3z95Fv7L&;ySwEBT0w$0pVf3;e^S#rr~)k4gdM_2@V{C(F~FS$B4TMN?!>IH66@pJn2iESP#$hqCM0t zvPiIrCNE*4-Vn#@_VLP{Y#f6Cz(fPn@Sg)g-XPq}70O?&l&ErOi!jjO24sU~C?ejR z!cY^aXmmYW8@!SKU+D>RchC2XWxpGJ^XAd>WBLc>ETVoR<`(-}=z=L@;(;`wB`XL^ z_cic(%)0DaofVM#0sh#!tGFO$j9#ZqI!7}{JSb8`_tq++<#A<%4J{$L=ri7`7)wpC zJdD)ue7aYkpF0&=`x-LU5>K6Nvikm#DgAoc*Xcl5%60d#}%T2RVI|q!(mxg>~ zkXCM$=9WfH^2V@J7+xp1Boz$_i!|Zgj>VF7J`x@m58&dRCZrd9YKf1VERm&*Ozpa;ApVbf|qD)tP0jwiN>i7DtIf5URFVVdxD$G)HP4{T=5X=474 zi`HLf^RfzGZP9ve{NroE`&obq4J5FW<7V@F0{p8D$Us*EN6^JIMoQD z$smSIf-07Pl4C6ugg!|KU&0VQ6VIb)K)8)nGu&A72qTS_FAgL&$cyEl@p-s3MIewHT?%eh8KQxoO2wn|;IDJJl`?qJUyziRL%%`_j>3Yp?5 z#Lr_}wT*Y;I) zxX|V=!i1cM)}cVdbyzf!%@62jm%!jxuSL6Eugm?ZAiekO5Xw%j+;)*PPiPaih6#pc zq6@BPKkPUm9CT=q9&X4xvxxq7Del-Y0iYDJa*xi#TtSC9(&Yd*8p%Mx$*l5g6lcP- zjY$TtAf%H#TW?YV+2zaM^LT8E!WhAoKon+pt4ge>4;;5?6PC4~U}*c= zvy-!`UkSAqaPaZRg@xi7FmGPp-m_xmpMuAm(HFmvXTYGj?t~}I6$yF_(pJlJyk*Qv30$yZs2itR$@6$46GE zYd^yl8%sT*a1tuX0f3Ti(kIOGn{IQ&<^?_RbvSojn}M(h1I?A2lfrNXR)h05n+Adh z!OW=S<9Ezi^5E;b;}<*;YjMRAl{!Ahz2*c~ zvD91|8&ORt_{kE`ObtLX33yM|#~qoh-(jmBNn3@As|cS!fQmZ4PbxgX!!RKpE?F?= z=zB%j2G0s3`o_wYXaEn|{P@4?o~!hYQ=978`OAF}072IIein5qE-$71=&M;;>F6ZZ zstEC(18qqt%SW*NjM14IUSS)qTXCwLK*Pmfa;whVkQElRo%IysSb8_PGZ(=-y$$%S z@0H-mnm#gf)Xsjj(GnCW4vI$Js>g0v+mu$JmSpWjT|sI7$x;Q~)-EI8ZX4E4O_NL_ ziAv-ShfT9+ZjIc9Av2WVD8E4?6&M2-%YP{74#)N@5(+FF6_6~vDmJsjg%>^pzX?^i z#Z+&i`9c#SG#rcvZaaSDDbI>Zfb}kP@Q%FaGE2o=)~?8I4Q_8}jR9di_9tQdKSex9 zl^~4oHanE$OFztCCn5#oCgcyx{5^7C2Ty4xqTPr|yyoy(yqzoCMnhPGjrWt~v6~?b z4Oqb5xIFa7zQqiM9yA%3X{r8y{-BM6-B>XtG74P=+MmqtC+%wwOrj z@*e4H90;KA`r0Z@=m1g(-%L!y6ClxsWUH9hsLct`C`+u;*0v+kTI#tp`j40W8iSMB ztU4qLe`E`goK;*|G$D#D5;+*ffwZ;17v^F$4%#t((xG{mc16p?mM%u$uB#j9`^ z+HJFULSbEjWBS+vf~@FHYQHpLl4>KN@|YBb6zPWn+avfRh=Z$GWzs3A-Rp~3kJTkT z(j1z?L~86`F8AbC6Hk$G!U^F`=INx}+em^7I?f+!*czU-h=wiitC&Ob0>60vLz zn938XP4vCml=nO(M&Gx6aq7oEDYea&6}f+mudV!LYlk^*?_#{DV;Na7l}tC)K;fVR zTWZ5trK=hJx28p0i#4FPYA!}xea>%+Z&@#oeTYB}^|lFD=-b<{Y>(R>k&4*G*lilt zC9LAs9#>orF64;7b*n(mLUqTXVHe^4t3@!*B}A_x!L5q&z!pRn5-!PvE@{-I5MO^s z$BGym{PwahEn~;LHj4JbuPP7v^z(lNy;r4&VHY z$G+#5SJ6>on@3(Jrb(G9$8uE1E*be~eWk6%yI)TWW;I_3+m+JOFg}`r$UL?&r<`%lg$IG1SBxO;|wasCP32J@_AwiYCHx;y6mgb9Bf zH?Z9X+GdAWKCQ{?eo|H3Lp200k~+voW^(NLXtx4*Cz@CI+&xpb!dvB%1#uM>Ky3Ty>dng81j&ulXF(%Izy9i@oj%}_QZs>0DG^?w9Z&NOr3H z(3rk#o6%HU(E*!6qAc^JEHzo$RQ!`AQLR!!lNs@lx&RXCn1Y_6A`XOIs z#<55q*u(3fNoa*T$~lxq*FzIV$%u(M;J zV6z2@TkpmGH^Ol*{P7`a=S@@vr!K$2P}DzFl@lF>2>Vyo)>G!t#3V^>r?_dZgn4K_ zLmMxYy;-zPw@PyW&rbHlq7&OvGY^_Q1W|AaKb%@ZYIkE*#buIntCvX6B+%nL8+met z2e+!{PMeri0?#qK1jG{M@jwiX&24yQffqY$Zoa@4nxBdiIix>6fA(T<@0m;A*PLco zKDGSSdee@v>GvMYpI^ZLVxIfYMPK^M!|if!71Kv+9Bvg)`po}d3l^Jp8wK_SS((~K z87vn$&o!1WbUIJ{)zRO|fWqlZuriR}G`(Tyto$^Q-p`*AcKB9lgrtT_p)g#hO^tIs z8WA*$e6F>#KN=BPyV`$=)6o}UhvUB8JJ(PU6}xD${fWZP$YNR7UHfB3odG|6vFOD0 zUza}{XHf4 zcbGggO27DYAOG?>c6PI}5Z`D$f2qOds0vEA!D4gUO1y;BkO~vO)QdL_VwF_8D8op; zeU#zng3A=Pp)=j2+i3YDrL`!c)qgL)gTB__IeoRVexZlIuf@Nn8Z1xEr&y=%n`$s1 z5Z$!=SJ#q{SNVTf6Y9^|8YStkV1}RiG>D+(eD#R;w-xmiPs&-ox8ZI2>h*$sH;tx< zj&2E=%=ex|H~&!CbkpdnvSOi^yHj;dvFX+*&SX7UOn*RiB%+oni33(965y35{4}U$ zbx?E|%>#hBJIvc4Ftk50(DkeRv#tGp&n|TGlo`!Gf3axr*cC`7FVEdw{`m6X$m-W` zTY9TcjU6i&vYFJ)>aHm@_OL>***EhLurqPIH z!Is5+GYxJl)B4U%<|n4gDZdJ4i%iOm4=r@4G*=!u$5@~gZ(;vtoGRa9&sWe_?>!eH zo{XOu$oL@(l&)iak8Cq%fS|}z}EKa zk%;IpJHd>A^qn{ zhdQOp&-Kn;p$!h3i`Li?qsn;R@W<;rry4){?rL4{$lJqpZ-2zkaedv<(WGNP#s2iQ zGPlk@fjUxIY-u;*bj;8u%*sf{Z*gibXYh9#HF{h#GUnekq}(u+@$Ih}$I_kM&8+)~ zsZ>zP4Gt}IbvN-78Dzq)U{Z!|0@t|IqZFm9$fRJQ*LkXifhn~}U^t1s+SkoYWMW|u zyg<3NFX%UZaQglzfC8WhSVvzN7<3k!F~d%M6_nS{?_8GXQEwh1FinjBT4$#LnuNUz z?Y;tBj^~yBVrA1pN|Au3tgTsXeaku5KKB-tQXJtgnTo&6C=CA~qobb#F`B)A7?quU zuKiZJt0etk+_wk6O6T}eim$tWV>TPby7O_@r7j<3s7VI@b9x2!{*k9TdTZU&48C{j zzAX-ulpm*x82lZnalR%NMzE}FMl37S_juW@v3()1ucziv*+%jYQZG`J91);&_=@i9 z78U7hahCRizXSi~T+{-30<9815k{36GQ0M|j^;lyDUK*|IXWYp*w(4e;!4VnNqt^$ z@M`73n+RFP@|#Am&3!j5tyAfAH$<c70V>WSOk%gu@*}7*+Gn?c3kI8-6(O z{icyuPapjF_V&AncMkNTQ9&&gP7fnM85;CapSi!G9o@C-TZV6>_12xwjQZ31rWpPp zi0P9XZVoaSF}Yv5#ogVa!NS(vqTC?3!tyL4*_s8)gA3i_Qlk>=KUIp)G1l|9d~*{o zK4SeeL?T!J1W!JG&X2C3`q@>QpQX)(HU4J&oNj_xb<-gA;uici=Etl46&Cqne?{D_ z()p69{S~)LO%dFq!$Q-KRMNin_cigPWbpU#6GcYyg&wJR9~L^8iA;-NV_ znBBZ3b~9aS96TmTY7nR<{Vh@u1Zj`J@j9zp*{ma;Aw-Bc+ zy57gBs=wmY*u9l+f7)|*`RJoP``%ocKxy2ZIM0TY;N%h&>BkD-nhC)>J{c0lRW_w=AG|npzVNWbZwfBBq;L7>Nvi z5Ja!%yTAvxuq#aHYb&Vu+p>Vc|BQb0T!Js~n)Z#;x|-0UuDyF-ghjea`uSmj(P4o` zvrCIQ%`Ubq^r|H92}fjfdoq7rUyuR3{wrnE2Y`!za-qizeslVglA_AuJhNLR<$L3p zE+kA%CJ}0`n4~_M{Y(>=AS0O5DIo${`jPYL-jB)z>7PU{YH{#dg%EXQjq7-b@_vO7 zwfUp(dT&2@{qE}DZRzh$2bB0zHgqMX+7Y1KiroYsIl}^`_J?IVP48pzTO9pctGC$l zr_44D$Jz|Ju1x$^nfw&HixW7L^rpsx0Esj0{VKs zfbI;NyJ>ic1nJ=4U|A-9ef5-rb5UZdg|Rc;!QK90=ia$x>$XO@J}N1XgEKO_ip_2n z+dVQ(qrOSJ`KSS~Wp5S%<$;O=~@WW@#;*9I34iCJ+( zEtTQ#uTOsn?bMPyfHu$Mk!gu3Qy67Z>{DYW>-=@@&-eDXFSvNTJ!Y!_uZ}q17x$N< zkM(>wwPok7SC=2Gd_3}C+u_~s=wbE+)5eJcKavFX^ZoxZoPNvUxsqew;ymKC*kr|- zbBqLvsht9E) z{f6o0(sK-hs&fe4(N;!PHw`~g9%113nH1avsrZ{^nJgh@1)!MWkvTOq+jU1G@@k6n z4wkMcxkHKOi?)z&mpBO_+!cNo&A+_RDK+XhL;05I-wZ8_X+eIsoZ)T*t{D{c(WT@}Tsn`EI`I%CbG!oE>ZGC>Lv{~s2q#FG<+3)gAJ-TJz(1uXJ;xLie!#!Hg}om3VCEHm%=nj;F>(upipp`kgUmDqY&QbmX*hS zY-BpR!UJ=Mz%*^m4W-(+{qxau6+7e*A*7gRyLVaTem$Plo>7s#u? zOZrrAS*h|5MCRQFU_Q-Ad!GyJD-E3K&Xvd)jNb@({ge*=N;k1EEjom&>cAy5?{V$u3JeMlHp=hjRH%P>Vu{0gB9|9AF!!8H7F=r^d3!cKvV1zHoZ zO6agDO38be^wFvayvpd2&}=K+$OX~8hL+hy|MnZ&iGj|-(xl>+NKf-w{Bwj-T@Td` zuHAEa#qZk=fAnAkUij|rlYjrX)*w8n$(C=h;PbB9e%rYv^Z)ojIr$caSW$rgrbyTn z<5jD2Bj7L>j5x&gZ8W%JNNKS6RRE4a{-7=dri^I@&B`SrqjgGGyBCPzCf0qE@oLTy zPbn0*&NY7MI2R}_G>aw?E0!?yDt)fMfdpANEiA$P1qf!PyVI19ZLg;Lb8eL)WYN|g zDZf@sx8CZ#gxX*^im-p|g9#^wRaU}@S1YY2DdnBZN>)57qt`efRu$)g=7-sx-fLz* z+4aY9ivq8*1AsNfMZ$yB5*IkPr)@QVOVFZ+oxd6(RE6|EE{zmSnc(RqBng6>_x|Vm zJu68~bLRkgO456tUP(Jv`t_Eeoc?6vFZnl1@0LYu3QO77Uiq|%Z%G|h4j2uFt{1d8 zuW{`2OHKKW&!VrjG6z-*X;H=$3xj6VVxZ)sN;>$!In*_XP;_EPA1d1skij!i>;A@% zNnJ2Q5d9ligDL1e5?=xeLtE5%8y@63psOxM>arwcRoOC39=Mi&juv;(0GBazD z$yt5~91hh@c!InCdcl=`+cz}hzfda4gFV@uj+?CaxBM{C*3-=Vu)x}hq!(i^I9OVK zKHXzBZI9q{Vo5&zoAe+JjAy+SjwI_nM%L@eeK3~YGxp}?x#xd(HzPU;P7MN|{+BhS zbKq%Sj=S9Ze&LIra+EtwbCh>YyCYla6_$RfM{gR&D(Ub!kmPB~dIqTR#lNAGDrX2> z>rHHD@DmNEq^2xT=5Miofgt8OLlE*Ce>N-(0c^s{tjweNQxXIJ)j4&E(^XK;k8N%7 z3T`=nQnT7`>pD<@b8*ye1Ci-jK7d6r<6C|%YA>{dvT5n%w;Y^{)S=HGiLN>CUKv8shOH%gDdTxgO!8a{^4x}z+_C>`xH2~S z^wmEi(cht=wb(cMr^LNFt-KEJ(!je88g33ua5L-s7^Y+V1FQxG9bTeUSc20vBg(({ zzaZ8a3-ol!nNTL_xsbgJ5!)A<>EH5dx-$v!h}q;-uID2cf-~*qA5}71C(U*+C6RjF zt#D_DE>O zbTCLWCiw^>T8iiv3De^g+!;09$Bu$dGjOqb``G?C-{RM$v3~KYpnK50scWe2Yh*?ULMg`&b zmv1#i#WG8I)jWl6WscJBf?%4mS76MKMm1(WN~+rslJ##GO))GKY?!3vgBv*$2eXEG zS)!UVV!;ipOfzUR2n`=q9=T}{NE{4K0xtcjGErm@oZ#fIj7VLuCeo?%(?=!ikj)OF zv~w~*+6f*_4|)}8z-le|zz}Q!s5+aaE{HM=6d6SF*?YGbenT@ovhJ4iEl_aymB7p% zhGaz2{X{jlcQ0`-*bs_6%50kbCr}IOY1RFTu9Tv;T+jmzF zjO~80Gvv$nvjG1Pqx2keNo0d9-(hRi{l;^7?FN$my#D+BE0kC4+W8AxyIw^{)ZlX*fssSoslonAH=C-7u1H}Pic}fNd zv?CgZxH>(kHt?~6Z}q-2Url!+)*s>$ygRZ>Of zwrj#Nx~zVwc(LH5`Ss zG5#_=sKVhyQt|8JIVCNT4HLfh^q;;q_WbVmH}r*XTFD2K;%=0>8T1{QTQ;(w-qDNB z+3L1+^VY?EHk1@j1vMr46@_jNU{G-iAR?h)&{w_o?j}V7wy!hF_JvL;P;Od6h`Na) zkF5+Q&Xxf6%nhpCSw7PJC$L6P=$o)L@lEJhBoLJw2IH$;`nG<%H>$XNMyL0NuDx-$ z989OC`=`Vz{SzEfl6lw-^K; zJvLO(@LR=2VRi^Y%{9ni4%PjvuE&D#kL?eZT|d;B+j*$-gj4(kA?*0seQ{e&`~08SL8+qW^gF?FHo;*?-N17)XMlrhT+=8tHsAVG#Lrg~DPAEX}Q@7of+cZ++J;h~$B8GKSA zgBBqu{e{pWXr9$dLHg`(Y?qTnRyt`z_~C2JjIKfhqRJRir01f3gZ0iB4}Y9VN>=)Q z6vjp2rw9omWCymx(DP~3BL0(5i$Gk0kD1+qRjsZmwgU~AeT!OL*j3!V=;Eb?(ThfC zBaVyhHy?km#d$sbQ{f$aZL|9IDSh2$l<2Mif7cz`mBIbNVTaeO zezNL`%bPh$H)zo(mD9~_?%VF-;9Ha90x{i&u1a{o?K?!83D!T;}BGAQy`oqMjL(O{5gMv z2&94^lHl~hG0Hg5?iw8SBr%>xB@rLuRTFM#Z7&E5^q&O3BGCun)G|@_Bhw>-gCd%` zq=(hmJ+Gk_XLc4x8BKpy+F#3${r2M0i_TEqZui?mt<@9iH^%=}uDu)ho;*JS^@m;v znDDKsHMGI#gw-khxn%=g$z4@~Jt5f+bcgoxr+rfm8u2HrI>)F083C(#PICK()Ts4> zFO}yJUlJCO@ck*h)qg#0jbj{5p6=VNkWjGO-pSj}Vc~1;V$UGv?aQBwx3KY1rwLUQlUNhdSYg@sH`{?MJpm=}XWtBABqiX^~x`bQut{Lv>nz|#gPx!?X zxqE# zRvAs->e{~A&f}X7`QhNyEM) zQAT^ZtbT6a^GpY-Jg+!XpcjbV`RL`@vE{#?-1cB(<;j;TuRNar_Kl!;oa%hMI;G-# zzcm!&Wo0J}p#lUKbq)77^z#IJ60%t$)DphMSCn@x(NiMY8Pw-bl{Jd~Lx>1Q zxAiaoToj^=jPKfKWXMYJ0^>*c$y1)^?<2UxSwU$t8&xu_jB-hBVeejk(==mRSZi2o zh?U*c{<+@}P&^)$Ae9?;{$M1B7Hn=Cm--DLs<7ye{LOH&y=gicXY&BeOj0|HlR)4D zN#6{p)apf8K;^&;I}9N%Ebv#uFdC3q;$>T>+;`A8H2vTg_dRwbZ;gF6>wW8J%vvv< z^`(xqz8-w|?tf8bVlXt>)c(W@$Hk_bf>QVgOENnzbqyGeU3i*9ciUywx6JNd>;mNv zhOzXu2qTd9Q6GpGddxL8Ri5ACK7&7v=sry1JV&<(;7~69zmdM%48aD}5)liOM;4j^ z7(e7T6i*92h5Qk=UXVxxBV~tj$JU~#vU2nj=azk06KYX*MQKm}4ZrUY#V_?6^oW!d z=h&##xE~`g(UwD|u)al-H{pLmByN4|)qB$<=!<#6uSkXd6%oLj&5DysOuyx{@@I7Z z+FN>uwwN}!_a1#*_c^66(3k(dZS{BW^U~6lxrY5?!DfY1g?nKxC(oygrUso9EZJJj z2%}{R?v@<0H|m#;Fk%2(Ekr&pPE~ z!{w>9Q;Eg+wm%W(>Hd(CjXLF>#qQJw+LUj1wDg;I$-9=?PH>qwCnj>ye{O$2^7fy0q7N)vEhm4= zQ10stsBqxBnlZaLeP_{SoO-e1-idaXz6Yi$tltdBO1IdEOj4q)P%m`QAsJ4iI+37w z(C`Po>p@t>O#@2<@;U)X9Nn${$U=%mSOvuiq6Om6Sw6Z)AbOuD(FMUjgA-gtMg)&z zMv;8Y1Rf~LElZ3A14JN-5IM)eMVWZuim=nSz5omY+!1??YK_gI7H~n*kJ0Pg4f28zn7WB zcS3I%QDz0rQqElxwm$5zyXB^cl!9xe#&Dq%=I>_ru>?nz2PjYQRxgHxY1)^DbZrb` z(M+13Kk$j(1wbqff(IlLHsXph9ef`SLvX=IkkMad z6H!hR|&*^rg-YO0858=BmGqtOt=LR`95^F7cfPjUMM(G zY6#)$mV;*O^N*ffIN>|xi%H$H%7VLpDo)I5=qtyigXSMY7c*f-SL7UBvL2w1D4L z`?B4`mf=!6ph**w5BoGB5F&>&Fk^!!IbrU)4+>}h}9tXV{z9fybinLP;J z#Zsm0ie0K$@Gkaq)xL!46i$12f(N@`&~@f8gn4ucRrV?wH28 zx?i=!$38#cFE3Z)D87)89=ViNOg{)zCIn9rB zm&TjuPB2b{YD-4R9N+O*OH`kz<3;0yxaybZbzXyGBTwG_=k0@!KC-cy|E_K9>DBL6 zCT(;m3BYn!@KCZU-X}l12B#KYNpBQ7WTjl%k86RPddml_H#NHW_|0|Qk_XJ*`fl;( zQUXnllj5|eWQyYS4UD&)X3MH_>bp1K+@Vig?^#7`Ja?Xihbgpy^FlYE*e$l!m3G%`VqVoT$;?bymO(6R!m~gvL5rM~aFztklXz zoz%acc=c};yvcvr>RfZKet_XY;)*?^&)z+G^6vY$V{c#opNyu_>s_pha@dR)u#5Gu zqr|s5CG=05;lgHY{Hs`3WNoXGYd6KNR+qNnkY+#?>#$}&haHM%--*MQW1&DiCr)#n zQ`VLeb6DdCB#xP3hH-<3_!F$90TEMP{Yh~d7axr;;b9`r4Ug5sI>vG=ihQCfX>}~` zSfwq=S+0mbpvzHU`;#`@+tFmD&G#*?z^Mgn5Mtz5|3Svo^!MOlCcves%=V?dwrOgU ztuTBIzT}63PqZgSUFSTvO5`;gN-X4Trdn9AJdUOviwCv?LNHQfH<(U5-KQ z<{sI);h^O)&KicZMs%D+pyW6o*?>mWBYRkosVYgZyHU`BgA%5^OUE(6N553!Yu21? z|I$7K@BS3xH3+n6IPVINA!|{N*aM(CZll6&d?}6=RQcyxM5=hTY5q>Qvn&@yEJO9`I3O`Avr-}BAmsq)>DG{<_R$L`)s$`RwcE# z;z0EVxDFiUnAvcG$9fN0*?8m#Cm4jxFm;^eD7;$gOLGdSr#hx^-keLbXo~K& zzbx~!dl&m)^_v>4Mzz}EWZk$)EGvPZyy0!flXux;acX~MY`#X9~oCF3I8}*{gR7I-cG!TWaeQ_35R`H6D`N5 znr=z>z@m-4(gixU{3>Eak(w5~oNdhcTz_z)F#|UmWS9(Z_G7PBr&PsY-aJK9-+&9L zI!%XB7Q5aw9&u=+v;mhMKC+$F;eHYhk@$P?jHWV#O+vox^=HecjwcaASOLzk%njEb zshHXnQJlSD=<7new5qn?_I){y(c*Zsm5S_nFoMs;dfi~rRpJj`d4KHf(;u%M z*z@2)@7U0jAIVh|eWcvwC7PeVStsal2v%(v{vYix9dhl#>?uQ;vIqW`6nIA5uIm2mg2XSskVzTp36V zvmA#`IlcttveMrv!cA-hN<2U0|6}Y;z?wX_wc&z86F_AMqgX>2!VKb2R740XR3_l-I_8q2VjC`DQaL&RlLEM%UEkez6w?CLAXztlD7rcI*!UZ%u)YN;pqwns&=^y9sn7qV=E4G> zRgNf?jwl96WUq-M33_#wKrc(@DA?T*S^g;zrX=IQHI(s9xSX0 z_VD>qA&zE$eEr9V`yW1RIsIvP0H&XR{`{{`>j##SPXoZz>`B`P?Dq$f;;QtS-A{^l z7@t7#{pF%dV<_cKP~Bwi{Jpu%%%YTd5ll6VYQgv;pkVVEVzSVBSam{agL+s7VdaE%rDS7)M@@ z3cHcj%9<17Lf?a39p=R(^0CfgG-5y0_bLnr432P1d?*0+T^3+6bd@dJk%DGHw*|q! zx48OZR%U!!?kvC|)8KlHnr2^<_g-J{@!iAW;cWw(K7ljUY&rkeT;;Y;WXv$%$Pa6@ zT$p?83m3hafALE3(t@cyPVLY4Ui_X|9i3xZ6){ej zcn4uR5L35^jH?pcTZ}Rf-uyA)0O&WSasr)}RYz}W0K0xh76AEVa>unw$9JpJK6876 zWJR>kv+eqZxy`iA=A<^xJEf&Oh}jBh`ByLcydn-)|9+we)^;EVVubA2!-LaGTp zz^-Vu@m1J=Ivuk}NdfOq_QYMZ&-6~q^?zC0bAa}h^o;rR0)8`H>XVbb*BP3b^ zzzYQ69n9jrWan((xqWay7RYUQ>48mjM+blCc9G_?GNrjwGb5^Fug8dIp#Wm$`&z@| z)=2HX@?B^Ie7ggur`&JAJXgbt?yN&GwyEAu%bn_o-@{2WAwk5e{C=&DXyRC7aI?( zYznJQ7;hJ%U2HMwsl~f+vCmzzDsbVe;ljqiGgX7}?Li}$*Q;tGo&)plskVpBZ0r-8g^w8stmcXn4)3YMB8Z|>oPVE+z{0ELlj;qN62h+};MLr;ZjJR(H4lKh zEqzimj3%p)zhQawxHme}K^o^=oO*F9JU^rLP-wle?sfg6#+NV`30tre!WRny#f1C7 zRx<8_@{eB^@jqGMdoV`MC~epENu=T1r(V2nRf>tX+{~AkdwPvrr0POfwL?t^&wols z)O%)UuV24uK=BnJoZhn)F)r(=FT3sVGCIfQrG3u^Ov*1hYT6eYG50_MK7_XRUG$Bz zguN@GXJ<-}pqD;S(QSQrOlDw6YHL<47KXs_%kI~v#(Xwi8|GhXaBet@{u;dJ+Cl6e zS~UGe*{rA*49G^urarrIxGx+jZ?(tbNci>G?++qV_BiaZ&c9u}2tfCi!|YnE$wHSEhI274BfkCqyPnepHS^B!^+(w7hN1V5uPj&xvh(~i z^Sht(;KLo_b*CbD{e(f^AMKm^cGLT|BI$SNUh3J}z8{UW_+W2+O=5M#@*7w~F$tiK zC~rO`g^%q1X>{X}8z46~q((P3Lx&LE)KWX#tgm)g_t7j2dP?7>HeRcX@7|8iAsTGw z&7#7^t3u~TH68{mzR~PyLkGacNL&&+fZH4>E|{Jk=?#(KD!xY?jy8!{41#>LAU=_H z)c96$O_+H>HL-bPVa>b|rKKg_4y%ubp8WMu)hvJdr@!_8k>>_xEA5h!&hXuhR@&vR zej|7gTlM)afI~ygg2RU2HsoqxP%i5G`s!KxZq|>%q~ub=)}Pg{Apca|ctpE>LhM1w zTgVBKePwt7%{Q?pAv5AxcX&`LG9K(UZVqZ0ccW^VT;{&ox_R9I{>iat^4@u3K_S}z zJ=O~g#0!mlo)V~wzewa0(iW@U0T%L-VK|~dp*=!es9%7EGgi{9(4Sj#yYSM&R}%{w z`woKguP*+(z8@M1`_rG&Avj&Qv_*yW_dhK|8{|{WDBO;yk44mr-r1i^J+lv3r{5EI zX5VeF{9K>u2Wt|X>WlkqGJh_;F{}0GRu-`AU}RCkfl_>$8BBp<1md0=6Pt>b_y+19 z>4zf|cHB7h7PFkJk_QiS21givXDxf-*6^Ow#h-3y=7E-!?01?v4bmvAQ)gO!bb~ff`O+tAcsN_u<%NmPy_PRHSPM&zkj_IrW+Lg^zn9E?nKWu^}=w{_M{6rK4AIucFHRf4$BjrHy=u z8bA(kK*W<4RD+AUOWUmqdJ88<>a4PzalUczT+adH>oGkC)dD~ZmuMolKx{4zpP&43 zXz;~zWc~&fuVF;cIERc^THUx(+=!JbK`;Az1Q!inRxDh7_+3i(k~$xvlB_&Zfh8PR zQ@E|$I@7<~uk}#tp$d#q;93K_Bb28U<>m&iao1d+OfQQfb|KGU|4 zN%ht5>_0{#*eweoqnabm9hc}4N`tMX!DaYpZB>Um;&rlD0Zwn(>1Pg+G0teVw@29f zo#25-hjQB28P7etevjJZ)jts~*LYe*Y39Cv^-`huaDU5OHNdfHe)oL;p7K6JGi(B!zA%~*0F*3_abU-v4wOhT610e^N6C~5c2brsL zS}p02&!$B#lYwh&EAl}hH^SOWaDZ)&3ypR^OgJMLY->Lpm>sPqtt-U;m-0=3YF&0nS4KyDlT?rQ(L24v!J}FzIJgY<4NP8i3ElAWQ zqtPT`=M~f>-5XJ&JQn;XM!op>*M-T?Kc=Avu_|Ifo*SU4+*xWuvULa?Z1>bu&IciB zu_0R9WOCq@!x7rp5C&wc0!W;>=dtm?EE5w$AL}9)e2*p$?to(FXL<2;I!Ow|#}PqTp4Si%%)q4j_y0=`K!ra)KL#QFdMI zIy}m~+EW;3U1$l(#Kv0}pG5(pK|Z63^!XkXPrlPedo(X!|mM;j7Jky|KGr^_9H)uN$G& z+*=37VB-K(!D7-K)Xs|9n29V*I{fRb@LOPw(IjKJU{RR%u8sny3dQ+FoftbO0Yy<; z`U8BUXY194E=!IYZ(J3KbFPzItjODcF(oshigt8p&c(Zh3j#j#%nf#5Q|l2Ve%QNh zZqTO%mU@M?Y?ak_iPa9{FAmUl@8Hfo|63IfrzY%2-*jJUL<6m=N96!6759ZdgH(L* zETm){OYOoc_qVAr%Wpt3eTB{${UcxrF9E{Qta_D?FR43=I_xh!4EdxO^?A;MOCZ!GJp6T%VW*nR*EdPNwa z+4LJnRr;3$B;mu@tc_zg$RhsFy31xYVy`#0MB{`OWtI?(*4VHc1}c?UrI#_W)ucPz zxO>sz-nv;)=YO76?_4ZdL2HS#i(xPH_VuWst8yA^Zb(K`2&qz4VUp82_>3;Ut3BZ; zy#}iSgL{sycT9>rQ-tc0l$LAtGJ3uRK5^q<;f_dkim z;nYI!?8!$rShrT*XvBu36EU+}4;?{Si6KtzC9njfg15srV%t8%(AL<@!#EBBMFjjd zLIK5L384BJM3TMu+gs8y;qV0Cf_ITsi(SRtS%AIx?y`58H#YU~XB`YJSie7x>0Jda zXc0OgBr;%(oEnXWG^Rd$CBLgbP#jeA?LwoMzE%3OSK-qLmKS|*+;aQ9Ne>?~uH{S1 z!Ud6M_-Z=&%1q6!$Wio&F#PG%C*itJzxI7vZsm5&w(O*B?!1>i1th7j6+NfVXq52Z zJ?nPafAio<9MF|w|4`j>@I;61qi}XAXA;sEDV&N<=s=xiE9+S_j^$@X8AJVw>cw$8 zU=PSmNC?(ts?iK5tT+XLWRg{Tv+isIq-6-<*ACVsiPTHs`7lGsm@r`;u=J@DpxcceEMXTsZ3(g!K{Pgs{?q>WNx7YvQGbQ!m z=c_vfZR1az`84XUm5pq+)05;oh1I{B?PYe~r8D{Gm0LyII7zI!2K?v?eE(svcg2bG zn{Iz_H~((@`M=fB<-Poe(i%GeL^E83`uh z9o7fS^Br}=ZG4lxG*T!dKWyo^Qbz`tFhL-ghFfD@!U}d!7DMn_iu>U+yF`mJf{%nH zRqJrx1oB__&Y*@Ve-Lg9{%n30G5@bkr$1cycuDah-97u^!{Ij*)z@FV{;(Q4rVJ4t z6h0{%r~FNN>Uj8c&3>yy7NybFBl6^SS3M*CYQCXGnlVP*-0gw|^-T1!tD_^Ez6_C^>46t4v;T;_k!epFU)+cYlBC?z8jRA1X#JS7wxD zC-mFMqve?$Gn#EYM8%xUMT!CsY7N&tWY1`2BZiS)37%+c%QiQ~#~I7k@-T8ImPPF} ztl+yE-W1@X;4hl|(A$nW0!A9fuZ@pmDga+^Vgw6t|6Pz2r|Ny}h6 zlh=aTWsJ*fM=Ek)`@fPaZ8B(NH=6iaH{7fX7yS25!%qxQ zUgih018kDLj)Xm+n2J(I4LMYWAX1h0%O->-vArnKqy7}C#)ict;FYtKiQKbximBA%#YtmImke{2dd(ek_Pe2nD+({XcHPgdlLYowT-hS~WeX76XY1mk8uG5e7q zlLWfE5j~NP+x{;+`KB3*+!%u34)Za|EU%fhZa;TLc$r}?U2V8T9p+AUz6o8rxZvGf|0q4;pxj$H9czS`xh8kt0aEC6*@P<ZK@i{!M`{ZOiDhM-T0t`GASuIym5hyGmf&?1cWV3aI3{fO$VYtt zlU^p&v*Cxu7AYM<$4D=msM11t-iVh~iLFj+%y!sGt-0)g6n4O4Y}a74VBRd=W>TBs z2JPgEsEKk>lfS3#kfYKRc^O3Aho4&_}{~~;^Ez_ zuaxJTN6xfi_%OO69@}Cyiu%XTd1~AObd}=LecrTWTIAZf z|V15k0l2tS2%{x$_R#y;bVQJd-J9Nl<|WAlNQ@YBc)I^*mlfU%M{6~ zCt@w3VlEEB>$D-Wnboj}J6+i#T&hi?Hv0a~zj0|x&4eur)}8*aqwyg|M;L*5-`L;n zU@{vyByN+o>+X?@>GVwkX1^7^d!j+Z4qaW@cD}VDMxCyqS_(&={cD-O#Be`BDQg~Q znLyO!M~Ni(s(Vc@3v=##e1UwGROl+)=Qi|bxsV7(L=bRt)xRmglCoVd=pglmL=WS6_HZN4j}e+VOYjXqcYs9f{Xy#jDx9u z&7y2~?wp^pwfZwyDqBzVKEE^<_I=D9`2Chb(fiL7{cI{`AC2N|y5|{w)R!5UYIoZy z%w$FB4m|Ijl%-lvNZ{gGiB~}zfV5=ToH|k9sy{<}6m=;wj{nL!nD2y(r6i9fuphB& zq6L-#J3F;4c~&HL!zoW>Y)UUSvMj|M2R*F3DGF+)ALZprxBb7`e z6}L-YR8jESSIXqd^EBN8G%Bs>my|S(nOi)lJH)pbOGOiW8-hA|8P|=3Oo=LX@4g!N zz2@}&+)d|)2Vm=qCo4{T>VGqjjFeF<@-DCK@90=wc2J0cbH5qFJ|9YV)r)3X(Tm9z ziScoUV`Y^xj)XFgK+AE;S(TR#Q6dRJ^0z2Kj)uxASuV$9@u)#JiTy#i6)Q8caKw{Fc#Wc5|<6;ds)IgZ8V@sc;vCon*36`qD z7%@D{evaN3mtw)uI9NOGPO#Su;Rc1vki%7Rtd+5F8>`_LC1)_m(|E&7wZ*r3;N6Go zh6$l+yl~+@DW?Uiu^Q3hu;ac-w={vn4#VOr+lU~>jbOS{!BrWGd)Ze!e7jz zSJ_nokLDxq6jFjVs2!O+>`P+bw&5|V?7Z^Q&k=x~Z;P)WcC8!%w6styloc(!9#zI7 z!*v9rbnYWTIv0gC&B#m(^f5wPJ+4Hp&t%@ zj$r0}`u)YLuN~}5)%99DyI$EXZ^fYMMC)F0-y{&{@DTnKiz@3x8{%OzMK%vZ0}isN zIQ7#^M~@Xt#Zbz-;#RR=K)vk7t5|H|Sh)KLTmW=8GS=pUyVXvmgG z^lW5pvgY)2FEo=`M)K8IoKe~_WuN6JO-(Ev!DPWP)evclEq&ZRi=PqLrJ7(FS&WQe z?6MlSSdf>OW;v=kc#pM*XkOV4#^lXWSETQ@eKzIpv`#UMR&gc>h zuc5NK+o8-_!NrHPL6`FhEY%awChgRUBwswNJ3|Y`&SWuzf!{%bnF^gQ;o|@mn~pUJZWz z`k&dvn^WrU=;6cX9|>1B|7-2Qf^)e+s#P^4nj2V2TN8^_)9jx0o>h4s)b7nMcDy&t zQp}W17erzf?Iz)V`(>wG4YPPwz}6=GhJtce(5bytYwI@(Qyx!)~dFk@W6(x3Fg4P{xSq8^4J6@ zbXqq{k&Qv2r4)R_Ggv#1?~15LV~|NK#&GzEi{Wn)&&ODL$F)bH+*u_@tB?*8T zZ7pJ{pL;BM(nF-ZQIkK^Pg&F>fh4^GOBTN}btm|Pt3LQ~u)tbHEKH~E(lPGG1W%Q3WTiZI?|gsELOI@Y}SU_=U>5HmqiYq)PDj?3^j#+>bo>;rt01ASu( zfMyzwFEzCwmI`n{WTjG3woHk@UGkfl5y|Z+Tr03+b$>+>4WFa z4?LNB5&K@OyuR7~OlpRm6So-OGoI&pY>S#4Rc8cNF-G7(alq_5+B*s9-vGyeR}z@` z?KR7#$^qko3zm_o9x#g4R#&M{;Mpf6j*GDFhp=Oq>Ijh1M?iNHA{EZx%Ca=ah!u+T zwg9t?;7~nbsSZ#IJ8&@Vqe|L*bw5vIIDsFED)3*8#q2+J62EH6XO| zZJ3ndlwpaPyB5xyRf1ISIK8C6lbgYn6p1hg(Hs>A>)7N^;i}&r304a_wR*L;BD7WL z6$SJnl*1B*34x7&1dLYo`xShQ+xheC`A(YrLelFh&SHfis_NL}&*qOqr;A2c720I% zN%b>@V*%K**luaR+BdoKa+|NS{+fD74 zM_seYFm2P{u&UoezFho0liuAbzd}{p=lxIn#;-d)B3}8GW0}EmaVnO~0G>m9K~JfhJ<5Tlnty(Q3t9(9R;Fhd2V@If;GWD*L#3$_s`Li@{daioHL z-9-4)NZKRW5#s3ggRN97!yRi6%@j_ed>y$TwtrRX3QG~q<1|PPW4D~zL}DK>8La`z zumt645yMT=9QsEZ<8DW5$8`A?dZTZ{b#@ZVYY$(=ARpMM+q|~}!;@8=!Iy%o?tY?t z`e(t1{>uBp-NL>c!Z0Rj_iFWO#TwxCy9a?&pbtlLjtwXK(VuD~ejkA#o#XqXKNY0^ zNDPc!hE+^7$W?c-6r}A-E|0eF6|-iPO%yH{4g?!f6j=Q&Ra*0zBO>Gv zf0GJAlhaS$y}xNl6{tpP7L~8e1dVzoKW)+I-LTF%J4>;Uw>Nz{DK#ymZ^1J+L3&a_ z6tp&#qPP^a{uNpmV+xua>+ZIZ2=Uo|RSq(c?W_xADA+OW0!kJ&oC2a7Gi<$!^2<%4p7;qx|bu9t+&< z5<`dw0U4+rBv?W1RdLz^l||b}k&R&8?@GgVEfe@05S%H2esNkC^uGzj86qrtJ-iv% zNVF-&8clvLChl$-2xB3SMvj((7NVr)PaBOt68qGxy4pl|(Mhz22E76?8ti+`+NU{m zkI#eg8&)QlUZuGBH)w4*uBO2o|D%qkpEy0z=cs6~WxYQfXxKp#WRe>C;T5!D}_OPQ*Ja<9z>Cg)kfY`HLjoTKKm@BoqPWL!@CJ&{{@Ls z?fNAhPlU@wyUW)3JaFBhFFdcwJ?kTxWuYifUrcHsXg}uv@uA$p&Y8BDIXpjO?$K z8Ca+Uv^Q^uhF@O4j}w81pN5}65x@8BuMv5e08U0(RFEncLpnAxo>xXa_pJ+MyIUv5 z?*!zZB1PVsXRC@*q@*hv&`i>)js~;W9}ynV0mQ^XP}B?6g7%Wh<3K+mLIec0EOJ7y z8ZG=*S3PHg1fDJW!mW1W+6pp)|D?$C)|4arh;gc#F@mQ6Q*0d|HtIjdA9M<7ZWiPI zz-A?%eumOXd{;P~S2#`DfMsKKYA??IszFszzJU)9Tpnr;omWdO^VqGvC>o-BB(Cz zTu}T+GOFX$p=_RbAn?K5`UleR!&IA)Oav*)2QxySVmJe;xO=P#W$TL`L_Bj`nBL4LTCHViE!MyU)1Xv7(#w^W&Y zRqKFNF#i{pW)d0)vd$!E^OzH)WvXunW#24gd}UdM$CfjZ{n^d7@2vx5 z3;L}b^&3`tZtcLjhRAmt;oTV_#tKpVG!x)RJS|`wwAks>p z-a+azKEe+bUKU}J`hdDO84rpeN@HX3#R%I4X`|49if6_Ql^s#iWyOq(rmCfebDgv8O!@6 z@?LuP4}#Pr*=DGJV3_b6L@@H3s(n%s%^2&eMB6eWNm$f0--PPt9z;sIF%U&%n<0e! zAd&Mix=Z`G;}jq=gVQtb9S8K>k6+Ev2#p zj*H^C@_6O%qF%9|!eyrZ$FlRX0vNc$J1I(i$aYpO{C)h$8~8o_ABSuaLFUbjH(Jn645qEp$Ob*0ATz^v4LeP8$(W4)=G?vnj#*7 za_gaszKYh095A+^Cj;z)&Xo#6iHS!1kYw%3vKB1CatoMgGwSk`6x&H^fWav#0Zwv` zrUFr^a1ZRXP-rp zZJ=Wr&^>&x^z;az)Cf?@+uI4ig&I`U#K2(%u^N1x3FZzg!af^q>O>IA^$g?`R-Ycy zH7$d>sj3+x$q3ShDhUK4b>GPjNvTu#8rwxgW12;BqkdC%&`thyH<$MT$Hfh&Jll4u z>&3VKt&*$nf6V>#9D?Ro5&_nvlD2tQ*)5A(){S1CZbRkLQ|H3B3KmK9R-o6f2j`*& zkxl_e2c6muM3LPuv!mkpMIwITVL>()+VY=`l=|1QQ$+BZzY{SE?sgTb9~UQx9A5k~ z{(x_Sn-#P0butSI9g2N^mk7s1qp=`O<1tiscrOSm7DZTd!j@WJD%YsAoLE?8RkP)o zGEL#KVSIhVE&45*s-1ZE4MEM}6*%wzG?=-5aD!R|prZV#7QmrrQo-hiG5v+|Ud!%G zejj@$Wox7-x*{6}pZW``2mSBk%x<6#x$S)sMhElsxZWebb z^0EE(>>y{oJ@PRq=-Uzl)Tw6qQl&^D)&3U=me8^%D0kQW8uE4bu-|w{-Z=#GLs1Bz z@y?TZ*8&7qMzg}v>d^#3X^x>rJL zKcq~R?b0o(wJoY0{4RUb@cKkt#_qYEG1Q#s8GYUJy$!Bz7_uloyX~P>Cx4eQ-)+>8 zM0%UqZYtZAtu;5|w()T+xH{fxRI2r@EU(k(H(66BZLKWNmHw1JiWf(zmMzm@IaN9F zx2A9Iq{*xlUXMS^JHkovqH%ZBKMzckdp>45xs|@3#yDZ&x9VHv zELH@~FM{@P+w+x^w-q;JCA}X$l^uW1)45^6g!2Yv1wC38qr*+ZibCBcv^iJ)NMlEc zdunCZ^-tl&(|%*kbGJ9AT)=;H^9B1mX?Rv1lYHS3Z9heqUgdO%zdgM)JZPt_IfZwo zlNJNRnbQP&S@RwljOT|+BHeXo2{d@tRdyx1o*nEAvv|=YQ+k)xx4yfi`=1)<3dd^H zbAIBAC&3bKYO{qyGh=o$V`8)A>}HGEU65V7=yRmSC6;r=^6eB2yP{!wtdZJ5ONfIK zqPm0L^kxqAuN#V*GyJ3m>f*^V=o2=gTJcq{BSC*!w0{?`EuUc1F5uT#A5)ujAU%p$ zGfLv5LkS^oew56Anf55wBZK|yI>9UcVgA(7lzF_OCKp~2u_%J)6-Qk}j9I3Y1N&&i zBFn_^N7lx8MyqN>l(e`x?0EUudb?pDM~&JXJ(voo2o2S)Nhuq^I6^0`@q4*-=;Pa$$Lbn(^j+_Nex?7-s)!F+gVi{OB^3?6@pKyn-)y1X=jXlu zf4GUEgYm2bP5LY7=7=d1SfKrb!pp>HEi2MQcPzg;ovuT1kc64IAkg-NYwLy@(w}PY z735GO`NwrjwJyj4-R)mfzh%ucL8Mi?(si_FE5^%3LEmNE_Rt=a&Xf zY`f$aJ;&wa8RrEboogDFPR{)*%s!iPiK-Cmdg8Z3g6S5AIu7Jzdvg=LVOZpC$}OYc zSO;AFm*G)=>@*t7{~UM6NF=?cS_+yBuIZ*qj6%0JxdiK(>F=j}(D&D_mIazvzNUsq zB2Dmbwz_gnTn_PH$xC&FQAn?+t)6Nd2oCe@Sm(dt9qTk&3(q3p0tB9tNPG)5V2skk4G*l5Vvthi z9Qae3-8e2D66qtB=fe{APnyk^&6XiZpbW3IzT@Sd8Z-S%MYT5cd2WG^=zgmjm8qI6 zm5+KhzWVU&_Y_=S@2`u z4mrdfFXX1C+hn_IM!6Nb@A%6pKOk!CrU^78PR9fz2zQ{#;5V5G&-$2Pip)Qbx|Gt| zsT;bTm=gkXvaEt>nP;wRO5ckp6Jd>pa+i#0p$3Ap1PD&nHT1UE{L#O-ExTb)&LBAfj3r0f zR@^mZrtnM>PNhB3ED}f$3{{yJY(c&8-6pr*S4M4ti@hu6bV? zC&bH4YBT-L0ocG5k6j$J%Xh6bBst(WWuE*S(~#U*^>$dK)6qRT*-34{>cP(joNv6c z^72MgeE8vs;>5@= zwun`%#qUkxhj?J_l>>cuwrnck_^z`4oZ4HE+Wtk8LnzBLW&)n#3}gc|*?I++WF(;= zdr1<&E`p@{)9J6N7i9kKy8c=crz(31_O5v?Ls_i&hIguy310x8Lv??X<)v>J-DGTpVZdi}S8NI?QI z$5}(h0YNa>ua(1^x6^8xpqTOl&#j&_*VHD%>z&;=k{T)DNNoBzu6WlmTjH56zj}^3 zt|o~@(&B9I49z>D)+U?wcH7?tvvq~7FQ&>v_-ZrUVa6V#=r`OC@gH+QC7tXi=Q6GI zR3}4VUfaODLjSb#`?vQsdV41Sxg-CjY#)*n{@5jB^H2aZ)Esgi;ZsdbdgJ*Vmb>o$ zpk=6pt)2QdT283#hQG-|-Mt?f8)7Y!{hXjSbHrfMLhdL4l_bY8i@}ue>`LSbLaj%*QtL}pli2Bna zmbtpD7O}(xH4(5^Stw>}D@H4VdCU^McO;o_O)9sa~N`*L8s3zAN#oWM)JLcCikmpKH=9)iO4A<{X!9c^#P`Ek*-HavZ-w z;_m`O-W8_&u57!E@hN4s#fidT-E%+ZWos?q-}6-!i`v_N7mGh0?)c-$KZ=Ei z-B>xv=+KOnn%wM3Zq>A2DjX1r$C${Ik|H4@Xp}ENjrQ02fd~2;K>lo_r8`!zh~=cC z^{e18o}ZS*PjL4!u}i~QhDeqstx}5JqG4Z{Z*ce8f>ztRs&7qwUBTI=TMin-{Z3&alzsj!GVz zk?A(Ia=w=*A?chc4yrgpPMAvF!v-Jd@7Ffg8{w&zDo1F~me`e`Y-@e<%j3^?0sKv1 zAiNa3BR$w1cbl2PddFGY(i=KmZpb!}_9cH6LcSzON!V))dIE21`JoQ|J1!Xk{AD0e$H-H zzww`mVbLA|jy|SReAT+ddbtLwC^+Fw&3-$2`(gPV;-6erkcmZNcpMt0P*?+|^`omJ zks_q&P$WEgB~5z2$<|Qk$d>UON_73Tog^TMCPp!`>HOoMWXSK=!m%krZ=|;q>K~ZM zow8jZf&kq)G@*CkPv+JR3})nCB~@WIBHaD<4W+%67s@8+9tmDzsG{b!v;Glb{cq|U z-oN=0U}dxb)VsdqB^gtBGr0FEssf4%WhZC}vMGvYnZJqU8m$oCnI`@5d>)TUNcfLU z2JetCfsbgRx~OZ6WBgn+N|wj?EzlbxPaaCQ!{K+$Q}NiD{;8@*c6!WECG{}LZ^m>D zQ)yZU#lAOkzpkuRzE2+2KL!^A>}21~j2P6AZSOEw*N1jjRh903b!9~Q`BJ4xKT%@U z?pnF!-sY>E74)mY6!xkRR-E{Xo@^KG692jVH2xylVnH?O3dZw6TbF5HAp9dhaJ&i7 zDuQYfsv83_g>zf$Cz(5s->G}e$VO`%&qlFd>X#thlEx`M#tu0y^*f#%g!&9bnw}!s zm8YXG+*LyVxhm|j#a@0G%UzUM70g($^hHpE9t?1m0N2;QSP*=~>7Jh5k+36Pl;zyl+7G$QD3|!f5CiJKNGXr zyVR{s2+zyJ4l&aJe%>;M@$b8;(N>G8Z#rjt{LX;OxJIl$P1wmEhK`Lqf*`+ z8+!X5qB;Evm5vZmc#70L@K1{q^r_+})B(}~C2ma=(>}=7872T!K*Dvja}eif*nZ%} zxuY2DB}_>5?m_KP#Eyq+&yktRrtlmR1BhO*E}&GD+eM!*ts!Ir^c8WApTM0P<$6$a z%(rW!S2NZv6*`DGN(bRx@kYJeovyp?ZT(E^iuS6t!s}?KRW$(Z^o6-Z_f;2SPSIWf zskYnPw)_`kqORVtq-z#q-re4c`W0n5v24?(GxnO{C3gDX?8K@U7iA#Iwi`P6(il2=x@Sc z>dIER?a9{5*qGrWyAD`!Exor@U2>-ss%UlJ(BhX%+rAb9RTRjQGbNb3;#cBg?FA*e zH>D@Xx7pae6|A(&E^7_f{(uOFoB{1jjUW*UbZw8Z<#6! zJ(-^#1auNUmew3&Pq0Sv#fg4{R-={EGHeN7+ZN1N z7q-M=fbrgnC;aMV*OQn1{$VX?Z+5s`A=<@-m88M6;D2NP_oD|Nq$kbr=vn;d zPG00yL%1aR9pnj#)5xoSO`VO+*TanE+AD z2`{S{#ZN@1nJvQE`nh{L>HO(!OpSPLbs$Hon)$e> z>)one_{s0J@6_d070558CiGXho<7vEkN@1O2s*mBHUKqstRRS54doarE8zk}Oombi zFeJ}u3H)1z#$C+Ml~^aTPv&>h{@P`3`60PRrz{s3eTO*?^#?&*PnA=&6d zI`)ykbDEWcdpllS;5!Xzjo_RWK?$b@RLNJTvWHHq#0J&8ma13(9Z|4^eu6&03N<=6 z)$WMbk>H{n#oZtinzQv9tqZ7kf1`uyd7+*_w*%47E-OqnPZ8ykCp5lO_8mAaoIN^Oc%z&XbXQGoAq2B;Rf)Hv%+8bHLRj5qM1Zs z(>+(o_f~8skGMvwS{5O(J0{>soL*B$v1$k#hbC=e3Ch%vUgnzcNPmTMRp?C_bBGqo zjAR>|T7hPql2@QU<4HkTb;=AyDN)y~LfpLmLRq*sr?MKQp^P-5VQ3}!FIxQmivHYG zx6f4L70xyY!hR(;|Ht!+1vM;!u$!-j%##1LXRywrRAj%!pNLvi=<~p1;vZ zcO)uR5BI<8`e7P&;|Zr$qR~?vK!;{`&1SWDvRyV)Lq<_>Sv9Wc@$o(hDCHCFlqij( zcqOiM((O=L?ji2;PS&}Go}3J(#02t(odWCR%mpM#Yx44R$|jK)$sBR_y(w)DEU!>n z(G;cE$$4spyN5wupXv$!hoFSsh=v70scq_Vh$}BvOtCd#M(kwq}YG(5eR7dQvqW)BcK4_a!H3U$ln5vpWQ$r~_XmHN2C1s9qvl z^2nxrL-LCLNWpW98#0G$Y2&;VG5BH5<^bz>-7GU9?72Y z7%y(i8WDNA6ybMWKL_v2uxn;mc1*&R#9{gX=NfY!N_z-?%`MlV4A{_@kGw|i|1}D& z;2uBmRi72!e--Fx%MXOF5%;9IeLqw$i^Vb98eAg5W8&SB%pq!_rz&?;j|qpX9@8By zvtms~MUzdh$T_3rsTgQ(rZhpz{aU;$FIbvk+H842xuW9-`6S^+8>YCzHF{_8O<9%H z=eFhVf{ki*+1B|A4m1wt-#G- zNF>`~H1d!pc)A?Y{N**!?Bm{|5s`a}-3`uI0#Kh)9^61A5#NSh~H)LZsHeiRb z{fclBf$kNYKWzrWLM`XZQe=8v7Wc{%eNImPQe%vJ(Ios@+mO^S_sV&fE4MEBy;19} zUx}4}T71t~=lhP|ybCx zQTEGpD#9 z3S}1(S2}$SI1&yTf(>_}AmX4a6a>#+M>|rWO>IrzAxl)6%>1du2Cos~icVQhSD0CH zkbh*G)g95^WM?;*%EGIxcYyj`Rm^*bn`{Ow@BQ?JFfV`c8NfF!Af)2=o}rPm9rbDA z7t}e&t_iR5Bf`7ypEh&D22Vlc33Cr1Z?c+{Y0_RbG$B!-n?9oDBVU@*&!sms8G3RW z)7hSagVbLk-wMJqqTNc@h`hTP!^uKb+v{l>@`t8WtRucF-q4Y)e4CtiZwrJ5za8n! z5nzn|yO(;>|Ht$Gl!&3foAp8{jw)dESDs@>+B%07X`{|;(>r&p$?%#{D9)8d5NXvd z?M}3`0BsWpKRjNUD?QQoWNCU?x<;4N8u3K%wBi!_u+(oXr`X(bUbD49eO1sqc|=B# z+w971_sZ6kokph_zJ~frOU-h=|NZ}81P=JEC5P(=g*_f_-wsVd8k@G3H-WOTTeOkB8rQSK zG^`JG#De6$;85CQcKUs(bxvPM*nga;5GlZl`&zU?jt{F7RU;I7?4|D8uKMPdyr{-U z%jk!a;~z;FIYNPOTw=TnwS}A$LybJsX_pvoyTZpT+5E8u&Zl1sy_*qjS{iU6XDvUS zy~L_TJX5}%Q=C0V)tQH<3F1GWkwn}pQ?c*QNAb>+jjx~ojtHpj+i?xlt&o<3%LUpQ z>ynwYSZ4d3iz?$xeqj ztGt%bfgk}ftW}X91NW-3*D3CzLrKQ0GrGdp=(I`*c&z84nEeiiB1QkDE#?Z?px(E-DAElql%M%QS&Wb091q45)Jvm>#7h8z=# zAtXnk3>h1r(;o_ZWH~QmW=08Ua~DG0_zu&cBmWR|laLw8T)CsNS;|R}+41ud%d@Qk zVeLP=7LT+}#;Uqn+}HL$X-j_x)YkBO28WFkyj;F2JOwnn^YSEQ4 z!^g&<7P0gN9NT|UPka%Cr>LLqe>-6ydZY&i8qUcBZI_U;AJe~;KiT5YXv~>OF_~dU zo(=N$GMweIc}yKrvUm-yNhk9$H+zWR=<}!bQlXJ)08VZmGsn4AKP^by{93PVvYX}1 zZ2+~)t9Z0Fw;?yy6qeUbnUng^qiDn5xTU(>@K4-QiHw#RD;ez{gedR^L(Z}=90uvU-{JX?aH976YrV%^`^1B+nYJ9C-dh$_@ps#BBJN7nz56u zf|}D>{`KGQS$6x%xtDvgb2e;Doc_!H4XK+}{PvdD`f=5|nvn|`kHao&u)MB?T=R7f zlqS;bEai)ZPmJN^8dvsC-$7d)Lr>~tfwzpQIM^95Xl1UOrL{#MVNK>y67Zfu=bUTnRXkzuNA;6Jy0Z)Br4mRiI2mc`3(@g9gj{-DtRuxFcwQYN)|WJI$9C=XeK zVLJoy9%y5!3j|@ZaK(wHut#?9jk2_uIE$GrXcJ7dnx`>T^FowO|5fx;@?6u~l_N zp}hvH!@xA2ehn<7;&Mis5bS4gx*w>+2@_UwAd@cY|`&JH_}Ei~CX za53ziIHTOr3z_RZ=y&-|S%!U^RYtVznf51YB$fE$qbw9zyI|0kWNi(94`5IVwl1G6 zdjs<+{emjrwW1%BjWsIsvn@t-v;D$1c zgAvGV#aqEAem(zJehy&l|1fqPU{PILR}pk53d1O1WoGC_su5A73>}9eMiE7E6i}n0 zAPO2l(LsiQ(glQwg_1-C9~Qs@zF~rZSOPDWi1INM<;4PMBAtJqbMF+4$^VQmF?pGD z&)H|~wbx$zPAmcVnvQ@4FbZgv2fFF!u7c|*pXH^eZf^@xP2D={&ABGv7}G-9iBv_p zV)_*BqqNhVn;R$=YhSNe+J4z*szQdM2*-*D$7?Qxycqe=8v5I-gw-FUumg$BM%c-w zN7K7P+-AF#CPc`DyOUQ|B0tQvh1@<2SGMpYbx5%QT=xc6m8^`#{AZ3Xsmn8~>Zg?_ zMXT9n+@mL@ejlV%wbtTDK64)95M`Jfo<8A{Fx?*vwX%DDH{|V$Ky2XNM2d`;SsOGt zT(`WkH!d?zJD6T&7(N?sU_A>g592qq6AHuJDR5O4k5)lCsk$g+P=amyO>^Vk=ylXD zXbk9_^32gzv7jM1)w$l!B0a#uI!j4qDNDnEj`om10A&LS6weR;8Ed`zQ29c)6ua0N zOruP;wz8)A2MlCnKG))&$b8xPTfL6Fl?nHRN*#L52X3a|vNu3Q4^iwg&^zwj@TCm8 zh1E0fy0lT*Ad~*2H+qLC%b?oC1(iL@8_}huC+U==ui`Fbe59sc@~M;0P+ZR<5*mZ# z;;E3^2fuml`P>#t&pQ|(^v#EtMWOz!ET3dO4R2+xZt#+-1>xrWye5K-4V6FT zk8;}ptEup&rGtiP<~UWRJfq3;U@EnfKA7F)7MpgIyN7G+dMu-Z@6fN=<2VNPI@$_N zu8;;V=jml8a&rmJ-O-6Tcl+ZDhfY6-biVveELnVzkD+2P4Hq9(u5w}PVuL9S`_hZz z^RmspH{19W>fH>*Vc<2rvnhK{?fDw6%C%CiJf+EFYC5CPYS6h`r>5Si^H%5A;pZ+F zDKVCD9RZCXKH-(VKrul)D+h7N-E~#;anuGQsdgJLm zFo;}gaYTucz`c#0AMW+porv^%@`=R*v@ohP(?K@e4<;J=BY=@z=xK3}2WrNvl z*AOtHGwM~ES3GqvIjN+VA%C{Xl&wSm{<6;J_aF+y%NOXi&SmI*XkO+NGC}kV+A=a1 zbS`ZO=U1eg#ltn|&4WTW%stEZJDXybco|54;AH0_3p;B!FP)pfG&O}*j5qYX=?Cif zSfoN$gwG11gQ<{;VL};AtbX~^R zHchTRw_b;GD82u_`!ny-lg8T7R_%e{>iaIC6B~e;KfKAS+Wy1ki+kLIl>AS;VV0zC z>6|AUM6q6$oAHrelAfns+t4Y)wK#8fiAYIHu?iH?LQ0M3HOZrHdJ%=uI*O@#Q-6*( zEzC?Qe8YU={=g*K5kD6leAWQy$Ap&YKUzYYwX zdg*Ycf!m;cX-2-^z;%8NjCKp5#A~5cC;=^)#;3#3rt(pC1pj0Ne_DUyn^{Z44|FQd zcAb%KNllIG3NJCD)ca*hIQ33zLs$`Ht* z8t8@O`3?L((&lPw)^95>$j>^gq`j44nK2qPuWGtQe*UTfKYL2B2kZ=kLw5o=t}9>o zBjx5Wl0hagtyN-v|0u0L5mkIO_3G55nW0W{6>>se1# z`2sFv`a(tox*v50y(=*Md+uTO!pw2m&TJK37+cSP%Ry{PZ@1$Z!XIlmE3V7*kJcXw z3Wtzn9UgH%skI8MLQ43G!fF0K1N2OJS*}?k#&iGt0hGb(zWTizM9{8bq{))twbnND zMxp~evWteqso!I2!k~&xGTTn5Ya5sllbgB4ms;6M3;dy1_C{h}d zuI}@F=)BR}3UUdc5}@!*!Ohx5q5jwO+1zqRc$kTjDhkCk?ilPq4-z}e=X$4^wPlaz z1Fx42e&PGW4Rhm?b*)_Xr>&q#U(B-JKf2zA{kljb*Zq!T62p#$10a$lF<-tzxJ&zY zK;zZRt5_D-eD*79#&1Vj5T3_53-84bXeWb=uU53Sr_8sWYn_#!J>qJcb_HUu6tt*n zd3jR6nO+C|El~b(+qC;VmWs=5bsWD2@a~o{SGxF1vfFHs-m!;Y@bWv_{E!M!iluID*1xB8zc6>$; zAN9H>`5yz|p$n&`dR5B#o=Eeuuby2MViE5%Lw;O-FAOwepa}rW9=a7{wvm$RN$r+& z=X#38Tx<4>)GHvRVl9qDPwS5l;9Xv!f1cY%7zhQOgqHfmN^$PYJ+ z@Q-JB**BU%?-0rKTTv(9#p_+46OiNd)PT*5h6=JuJ|W&3%BP^yCP=e~+tcu4(1PZK zc{(35UIJUo4(fJ#hcoylXOm}nsbQ3VCng~1f1cZ3d~Ekl{AAQ7Bje(v>Yu5D@e3KP zbWz4fbk2pwzk?g@gfPz5iJql9(-s=_256SG`SYNUtsiXQfILVammk-nrTysc9iEw= z_EGmkYGVB-#!bjI2)xG<|JM|Phn9T+xVOJweP#RU-wN{n9E3LGlRA8%A1f#EK0vZa z?W0R$a6#u#gFCCo2s(EF`JeED9}>3VU^dFOA8FX$$!u_fHv|qFgLau+U)Xt)!dbBt zO4NyHMmGHowQ()<^(!d25p2taKqy~WeI<14Kq!#T<#pqgn2O(n^$U&8iS)f0mT7Ww z+}`*m(`a=lp5e*RTC_-QKzAmw0dGz?Oc32FmHIWUwcqGuyVj-kbx!iA5iauPhS*`Wa~eA6!ib*){m`W6{mi@Xa^s;V%5tA0dDI z=em?pgI~-=oo{{~BH3uh6_D7`tAO@dt`NK~4F>&*H?likvS#bzz|T6Npr^PDNM}1p zhE5O`Q&p?1!&MpdjEpIrGH$yq402Dk8iH;+lx{8CnYzaZfZsyUO+PAt%7@BC1t{hI zZ#TaMlLQNegXzr)xERl@PJJd@NK?Rj00B26eLdre_d&(^jLePv-JBV40d_qLGyl!MX;xrX1>KAPfFV3yC*S|I zTTi`8_|)*6fJw7iE*aJh$I~2HuC}T2@rj6U42fsPOzh#%*=z7uuf>)fSY<&}j$N*+ z{!ys=!4!}lU7a~TUR3@?xb&6SmdY~QsJ~TrIZC+j$wBnl4&8bcu74`bAG9x4EmmpN z=cGQOVwUl+#?~B|9T!jkCasJyx1TQj$UyQ`E`CGMg0smGuS^E?;XB~6PsmfwDyfl= z3~E1Yh8}qZyf9Um^vn*T%yxL-9GW;!HB~u?#kuO^1q~(H7#buXebM{rClENu1VgRz za*@$PxNuvUiVA`CHmupsl=)bhHkyY|?;LVhKAR6lC9PW}L=}mv7ywsByv4DPS}W4d zc3RY%TTrdFs&vBLz(eShVQDPPTnTEGOy(}L|KB7)8TD=bPF60YvG1`|FME@mR)uFe zu#6r6Y6g@}Hx2D3=#D)Ol@|oenC)S5G@9`t)iQl9m`Eo^R_Ib8xUzgYk-;Cu8Qik> z=HN5b0grjqk2{m1rEs3EBGgT1sGGiL^Hbo7;FY+9#*e5r2Jv^F)%qS}TY{O}Yg46J z-D*RWV9jUFOD9+9TV$dJAcVdZ-{^W7i;Wt3neyB*@;c)%Wrf@(Ig|722tip$JwmZU zmfle)R*Vc}0zLx(t)Fb*NSR!v#Ig@PVXxmp352Sj%RS5T1|Y3DTjCR&v7ytVK_0?e z5VW9NwrVxdoYzxT8D8=%7fSF&GdJ8|8kF<_S#y3}^!u-?zF-NRNSA{~?FfH?#rKCJ zSnz7e^+H;z1s8fX_s;7S?qTTG%b-TC0bH(H;-9m6iRZwvAmu9iaG5G4$j&%p*HE|; z;>pbSolYFCk1lO0(O`EG&LJ2LL&!Ol*dAnK0d(hxVL1#BqrrwUY+$t0o;gGN%FK2e(_WR)RsS~aHgq|fv+4Bj_oPc68mxrS zGbpa55WQ(?kJP=3=q`72AR%zK?d#gTrd55s6hV+M=okut+>oRcO8sHEHQx1 zA%is9zp3Z+m-U)}d;N3zS=gPrg@ONxR>MKZr_R;smk#fYH{epRDFCz(aNV&S2sRX(D9bDI3Qz-k zH&FDgD6GG$G0Z`KTYT?hk`2c_Nne%vyXsJ?MeZcdVva7D2aAA6Zkf3~O)skVOpEC( zhsT{V_6SXZRB#($6{|Pi643{{URrfa&WEQJ*f??}T^r~G6T!o4{29j>vcy6UM42oD zz9%a;4y#=jJ$sK%XK}q>_`gx_cM_V6sqlSp{zJX9h_P2oDB6Zgi$0jNu2*_AFiT+P!fRI0qvjyRSkAY739vOgXDn;b;qT z!6fCQE}C~er`H1eyyxe$a-CnBl49Gp7>VB6pGdP#qCJI#jT*snZPdfK@>t?lOl$lD zz}=_{iFN5w+R@Jca%&6O1|vrK&LDpS09V@d_28PxR_XL71x)MltV>H`R5*C)XvS+5 z(vB$xtDQ|DklfuZ(pm(PCrWLxOH;%>8npCm>kKd-j6I<;IhzFHqnfrS!%;iIzGcCe z@RT}F)~kmH2ifKF;Pvj9hJ|UX8eBOG&a#a^5=~^|Gt^Q14-Izao>aCrM5gpK^!bm{ z$`_$d|9rriM`>QKy&=TY+TXx)+3*!dhqEPzN0`gxI#bQQ+Zk_}w!Cww-o)ao+}siG zC0?P4O4`F*Ev}i5K26aT(ut6I2mZH?T4$a%O&&y59-)?u9Z*wEsV|a;$~>PjPY3Xo zv}Zra+i=dU-i302=vf)cK~pXCtW8EzTD5yX_H*Es9;KO$0+=FTk&{p8>SF)0FX-w< zI^c*fTrg+HhvyMzkJhEDn?!K;?uTeSqZk**ZdvurSmiJ1CMaNQ*Kz)JLW zDzI70m4FfvbX6KF=*TQVKpIzNM0BP;O6!qB9NXfS>j$Pvzw>~86EGuNpMD6;3JdG1 z#Vq@m4XqH1!G>KKgu}64MJ7B|DeJP%mUxSzJ!^?d46kDXEnoZQ@fT*kV0RDKTY!Kx z00HTx-k z?i9m*jS|n=A?zG%utPy~K@+3hkh%uyEH8-vY~v=U#%AaiY&le5$W))9)E!#O8s-Jb z_s_4NgaY!BzFdxyP|tv0Tio7bPefRqFO90t{E)H2c{;Cj5vIPak6;ZxhCBWKaAt6W zcFh7s-9x){MyZ~+4brNjIUvpwPkVJ^?jHO|PS2633V^j}9tC5eCM&Tsiok z1OJou6Z?bd4GpZ$VfX?(IF~_o*7OK2cQRngOW#sqS^NnV0>)j)Xu=RerB!mkz72q5 zG`tB9#r|IcTQ9R*2g>Tt4N=X0ODql4=_6|0Dkcs&Yv9$%<>9*u?Q-*tU90EL)_p^t z)?hoCRke*%LZqfis~f5NpLeg z8*mhwZNj@K3eZIl{M*rbkur8G^`jZ*5g%K#DC?W$-K_0qJEC7?yELBTAA+4^C}tZ2 z<(I$%_jPu=d0U(g&=_3P$$ON9Z1Btrs?`cunRNBzq(kl~nr}!Y9iHSf;BkaU#au-J z)L9$`m^|<h3KjW5XN9qto50CgI84LVgsdU{5YQQ?t1s zKzZ1yfoM z7)OR&cWw;7D|NU1Q0n>4ZyF+@YwF>KpO;~waN;xkj)luNzh2Dy!jutSwMl3oXjdH^ z$>9CI4;(|k&s3!ChZnf+sq3nrP`Hx*-f0L5&;Ine%(m|$SXKLA7EJc&Rla`_p6|-I zBY{phA4!6v`8z%Ju9Gjy&&vdBL$7NycM5bC-+}#B%WvphpWdDsIeBnFVdh-w7%2c2 z5-rHmC{jZ{pY(?GwV7(Q+D;Xdw^oH31vemjcKHE4ZFR3w*~s{`6PlY(olkSxa3;O6Q@A6nQHf*AoU^y1DblirT4S!RlJhOI z)G1%(;R+`knWJ}dTsAS`htPam#S7CLzH44Q^nCk!$S+yh&syuQr#_lor;#dfc8a!V zJ0?4@>u)(Kg)r-M&5rYS>zq#H&E4dc`#$8|kt&%m-Mt$^^!ujnRSVM*DhYo~SEZ?JQCVgFo>rT~OO$U) zyR(Q{y28dhZo5-5f8^)nJFW9SSex5^_^SJmz>3!9D9aRX%w466)?Sdj|M_USQIYBI zL%%(_f6mDCO4adQ42HH6-t;ZkO)6VxT2z|FdlgvP052`9r*B>o=U}s(s%23Fhj-Z| zoSUQdi-yw{6S`R-qq>0S;?!#NA!)lT@q`q3!a1YhUoTl*J9Oz@dGpQ_|5~UWaoBvS zb{LhasX|lHqPAGgt-g%Czt*nSCFf*n*LJ^f@11umyLW<|XomLt?kiiA&_c zkGtnz?5}z4;lIz$>RMTzv){&$y>p+lSkpAN*sH2jU8hnHQPHY23rdr`c}`-bvv|qI zkq6O6v_5s}AsRKZDc^z$Kl<)mef}4D5|^m-EvAOuZ8F8jJYQ3>aLEBlQK8Jx_(9VTrg5|55{H?>&BBw3T1S^y1Tt*53ag)y zYwN+lSTl4s4TZtm>*m|oXIahJ`(mW>OGR}m3d1?`nhonP5^e6#$?+=P0jTc4}XyQ>)pB1$+1Dx@ZZ%5gex- zg$#H}f3R6NBXtPc#pRulx)%|??N$0(PJg#W2g~Xb%Q+nNX-3vD(Knjkka$xhc;|_v7LjS}{@2O!y)lJd4x%pAq4ubhAEvlM;wkKO( z(rq^jy9p%snM>WG1Q~7`X7t1li34OhTQjCwQd8KQ=7a^Q^nE2vOpFTX_U*pcbd49K zusK{PGxe7omuU45Q~RurZezFFY(ZdV+7)@MLc zkD7Th(6ex|JX`C85_77mH(TInxz)l|X0O3sk44?Pm%>UQ__=(<;|xB>T?VTds?yHl+<5 z(mkD98753(Yn3($wwM!fk0#?z#M<|xg*etr3V7ZS>onf>TpEI4A#f0HTu*47Gfq8Z zetcU~+P0<=w#}4ZGz1$|0y%TSJarfFtj!Q*P}P44y%`u0{A=Xz>xS2cll}IdWM(axk^g>bwY6-oWLapvqfD2(7?Z8<8g-BWbmWmg8G&?>NP=7{22nfc|oZc3i) z4so@H3_}!DAowbWw^a`aC=T=oHQQX%GAvRss!FpI?XKDbNb;Ag)q#&OK>(Z8){Xy* zq%+71M7vJxd-U#PKB_R!{ zI7($I$+Tf8YZ24*?_D)~!#|>nxMxCS*itoVEm&k6Qazf>i^_&mSGx#?odi!n1ce^2 z4BV{$!K#l6J3Nd@w$f0Pp15{Rj3FpFf?IwDCAWnsG=};;U_pIPqpDj%`fL&w^X}43 zLWIwrp%6MnPl2_Z{nilqsJ7vN6t_Om6Rv^+tF(DtH&>&{N$`q9AYG^m2rQ-^w}uu$ z$l)dBM)^*iTt}=o4X@Yu)A}dBJ-K0QbiZ3eq(kO!-Yy}rpv7M66|4`=rL`##%>i3^X}?C2o_e6{CG*K zAcam08Wf~0n|DG%LWN@zjd~O^YcrjitwIgts7&j&(yjJrr2}rZ%=sl}FVZF1iFzS3 zu-*|wwjeerx_IM{;y=sw`L8*3-yGE=vpQVoB+F{hsDXNB$Cp^}2If$+;cr653LF;c z+G>TOf98$r{8aP4!ktb8=~m~F5_c3>QL^9pD0{I$A92QMN5oLW2`;2IQNtdxWiTT# zlDD2-S~m}v7?!*U_Xa;S5Y1v$?)erezK{L2&`L;29RfFmFuUU<_!R|V2{n+(GzosW zbxikV@Cn)OI3S5FbNcMMErh2~O8|sxqc!&zqU8S~YAJAOo{-vPOM!HM3+Vp9V5aaJ zSyUydQxXSMsbS9WYm=Z-`%Tqpcjn0(SF;0}AR|G5Z9{~Pk~0a>ttv zx}x+Nj{4}Ga&ZFy^cd!m?1?xD@@W%OID`cT?_MI0n!|y0T!owAdA1B&EiXhRi_k{; z-mq4&J_c_Hl;R>%HXuxW ze}`VDi;BcchDngh@kHKk02{d)WA7>_5Wvdy1X-TMsrhAXidsrc=0xDWC2ILGTG(Qc z>A=hNPRVtGTC%(rOXc|IatSx5XeAP#DZC4`u&LCryrx-+Ir)jM9HI?nhN4J|d&P32 zQ_?bVP77~|4my@@kV;MkZ!+5{*#jWsrzea7hU7ixOjQkA#OZfU-1zn0&QK_#6!|H*DSS^Q_!@(6^Vc$awMFp>(`s^dYMlvs(MEKu6**D4! zaRV!Ej_%;Dfca9Zm;qbb>c!)*o!E}Bp(i@RooGYyx!#GD{<;f}3}zFgA55b36O<5% zREXGwwuDLu>L@cT^$>OGY5`$Y=JRsC8$8U*3l^@-2_y*SezWw|?{}7Jrpek14gk`m zut>3;Z&P7sA1M| z)~am}p#|I`wbX62)JRKKHKDA^o8L@3xr=dj%3Nu&nQzTFW==I<4#=K^g4Pd@ER&;ADyDDsDV1j z8aN>f-iAEQ%Cl92)>bPx5A_@aVfdT`2>Y%WJDcK8UaW+34x`2vZ!T=TQ?jGLS=Qw+ zP+7ea^FeU6+ald+uT5jRq3MaH=DeERs3qO%#4aQ8F8%*_fqJ@$9nAx6;XGV*!@IpV zo6)Eh&VY(GFgn6)`<8|A1MGocW_8m5bhez+NuVyHd@uo-J-iE%^{yS+j7W|7E)9}F zSWrr)`N^!1y~(1mS|%<@Aa+i~VHcE1!4eP-x7=?%L`?tg=mC4?*u4=4qz_LgCT`sv zYkvF=F7T~dsK7tTT0J^r3HKCrT_AP)v9$`gve7m4c zNmzet1?uxpIBgko6Bi+!U9#7J$Qr$`Mv@mCA%?@?Pt7?wxsw zrnDRvC!47)6ex17i;vzB(9CK8arl-NB%wND?fQ~+bCDT1wK*0+eXhJ@|7XD$CPV!eG= zUN=g!9&yGkDlHZ``tMGo=rhcYM{Sb%Fg0ugQ|O-ao&&|AB!~?DLwg+j^8Y@*28jsG zwYAu76mtzJ+IB;{a#Ewr&`SH5!r3{yHwk-k+j4ORCX^ro{j!-RmXy|eSxD@@1MF^I zCrqO>wFxRzsVR+0A+V)MdmD);*-VU5PgeqXi3HOmA(M+xE#ZW4Q$~5$qMG87Z0}?< z$uc={AY;31cO+5w4*Zimfonr;=2fB)FZd4e0ey3{%+bm~IH5UUYZ3?tbqnxn-xEOf zb{55oRP>AQBBKlC6z=2^oi^a^lA7YU2{K2;d|}u<5IrOJM?8~VfMCOF;3i+0^XkB- zbJ+BfK-Xz$>G2u5q;y}a%m+Or$nR0w79li~*Ra`JhVF~nM1i1=+sNJEbC|0M4WkS5ws zQG)-mwdSB|TPepB*5xYZ^2WE?Vh@^mI+v7Lkn1}(0NvSL{>+0$f-%E#Hx*3MsAxbO z7zk>-VJ7SxI(L^%CR>?f1qV_JeHsv@!b~9JqdECtVuDs~p@yXhB59GHPRS3ILWGIADMTI& zBuT5A&zx}N1B$$p8DR`CT%2s?<4#KOme%Ik`W2LMAfPTJd^4NAg}>m9h2d^|U+`*C zj!rPZh=zkqhlh|3NDR9QB2_+lfjCv#BJ`gv+r1p@6P%|@kYp0&sl+tG&W<{@Z!$9e zMB#d+BlJo%Qa$d_x{PYBYk3%0gSB?9|%<~&&JL6FH-l|yEI0+j8%r;ypO4PPb|U8bQrqkiNpA zV1s{FK^|BNuh$SGAcD5{@|I+v zl~eu-@?Zdj_b^Woj9S!~yTbT`v3G_DS4yb1O>jf8*@VUFX99)#iWnH!Xuxy`)@uO- z=nB`t?P(D>Fwd8g5)w@*u|Cn1pc5=Q(DuS4CmS<3on>Oq=>sW=l?r>QM6CUgdHA~V zCt}=&x)n~x_*$~@(WP!xCAw}b0fY*$NEqFWx1?a367-t~G7>eQdC0~?D{9|-DTyno zJt7RSNsk0eT=Ps^B8BEa?=zf~wDF7$>}k|YL*%RP1PDlZ4?-AF+UM;Dm4j&3B^C)F zOSCFRmXeN{D`ZWS4Xc>iw+s9vo)%Ex>KvY_nYu{L3O->2mIRl0zIb*@vN>UOW0{-} zG8v#6kim1+8(SfW1h3x)%0^wZ6)nsF)+941nNU37ZBFpzCW5Ru825StD_}oCEwzSf zz7)Em9G6AiTHv^9nL%o$;j$)a*a@M5CTh^PA-~yNBsBUqU{eL<=0m}H__b5? zGMah5!zL4=;BF3*VlgRClWa(lBHp4RVlfvc)JIpwoTCHDyh;mN*uw4|fLEo>WGyt;0RzuQAxs|rB5-93o@mH+ z8xrSXufX?J{@>WpZvw57N^dn`n?^KK+JZVep<0d|3}u`I0-%OIeNc1Y4j!_kI_CUN z`ePar*!>ns`&c_$LL zUBN4Z$67gIUD>BE@B5ao9y{>Hbw(c}jb+Vbf5Ve+U8JLhU==G!EsD()24KuPW6=DW}l@1a!F$QYb~#<1u|WeiRcG+>l+7De$-f%qd? zkIg8-a$@}5Iu}&iariatG>5l-Q|Zt269lqass9u*826#o)^GAc))uS=qoPQ!O)6I2 zHd?f>Wlg_|#m5PejK|XZ<~jTp2x;9iZFQwIJT(%Ad(_Aktqc3Ck7^`3%*(aoX??H) zI&tV8CQrCZDr&!BYL ze?d*4*``=cfOXYJLCJO-h$d$@L3+Z;e;>VQa1==26m>vUWn@Wza&Z#uHE$ytP=OYz zHl+3XSKDkN{ZcUf0-qzHWe7~;WMli`(3^k%56+WrDo35l~%OkzE9Rnd-F5Ui$u zXdS~x8}<@oYh7S+lQU1bqvd0C&WW30O|@Ijj&B2HA*Z0-?&094utU*E-pVgl_2pT& zX7yS6SI(r+-G-tXhrWZ47kV4NY6)JJJY3tm$Wv+$Dyj-I-S}BYN@qS+Tca9!VMP0u zcUoZ?(?^Zi#S6uB+hgU$tQ;a7>;Dptl+5c4hUq#8>t>4kxcnf~ZX9plLaW^sePieNoVwZp9NFW;I~N#; z5A=mKoX<4zRY!y3h{Ytqo=jAu##q^ELz-2{Lr-f#hcxK~#7pYOGGPLIg4&y{;| zo8I$Dzrq(izh^5T<2k2Qv#z8gBI@-14%@ul3rAfYS#J6WU-0qDI6&$8EX`xxV)XkM`Qm+iTr|LHtJNOK-+;mxryGU>%zz!2-zbtuD` zRu^pTp2jz}Y(o5*W8vW31mD?TyHv@vtSdb?XN=*hv35 zl(C*iHqIh*&Lb*;={|HtCRj}^{>-=duUC^f9u)V7qg)Hnh5E)+yU0H z1{W7z)NTzJbVs|nkxN{U77$wM8sCt({&t+cLkl5$_SY_1P*>73Xg0s1cHr`XonH*@ zSSen`AJAs3;GpRMi20ZYaEW$`H#5RFeN%MPC=rWaR6gvU>nUQz-Krmd0&YzQ)YecA z`K4*Ua5-a41SmziqVs2RHKRyxC1eiF)-A} z?X&pjAl#M)Tz|aOum3-Y5KoOI^;SSqZXj~XHVJ?jqYAlD;7exJB?EN%N*%G$r;2MA z!No~cAoA{~w=c*Hl*dsjgU{oD7dYq4I%1n_p?JkYG4o-eiW(X92qT=N^FGyn>VT-f zy?hAhPn4x3xOY%Koq<9CA&JpI=S!C98dtcn3?Lckz-Yp`{vrUN9jb8`NN>4jaYv}e zl`p_R6s4i3N2-4^Gm;%$9IO_CR`C?Al9lhB{le@-Lf`g-w(OSuPwjRtST8EC;=^?} zmT_w?xTV|Pf>e!J4LdprhnhLMicGT?d9cb`v*h8v?Wbn6T%G&rS@d}kBr7*Q`ilP> z--CZ2NIX(My)b1V&eb6g83^)~%lfjT>mbl$KQfvmUij zQx39U4G2h+&A4?A!hBi(ikZ>SZX!yTq|bNvg;@yZGNM+A7%|VtPX0ZV_yP}G$7+vNLQ6>`%7dE7^aouv zi+>Skd`TM4_)$(2N{n3zqqW`tD%vHbhpbdYA4fpxSwTT%3&>GB#tq$)JxLFqwKZP5$N9_FVY|YU+vpaY8;y1Vl_5Y{sko?eT7)P5Wq*L?NP^= zr}v~7as5eli3vt@P;;!$%+|Aoa|&sPe?0!j?=TF2(VO#t@Gz|;5s@sz3KNKGPl(IranXg6gjrxZSM=c!P(97NRZvbKNC&zxU@uLO$4E`NKe-3; zVMa%#=ILU9^v$q>`&t02`Xn`JEmYN?(K`dEEM0q)(Cewyskj)C=@oGsbJB_7_TjLl z?7MHxYzbz&wGBkb#O7H|Vj%{%Cssii+#UlrfoZHj=F(#p z6M;zh{|e8)`xEJO!YjzgWvKR^Y55_2tlBjMOFX5)e&DRKr9i^v+>$WmEyqs8Bkv^cp0pn&*=R zRr?acmsD+@7!r8w#}y>t12LZtxdA{5voL$X#fIvOK8_m)v53MN*Gm52YMkhMK_s`W z#sHa*;sTlj$^`wk13C`y9?&sKea*X&?ngrPZ{!PxyH}=We9Z;a2No*R$)+kb_AHq< z!1QDu_QZ-i*x^bZ^EC>NDG)j$!*pBtoh*n-+OuT->5>VR zrdJpK)uAH1p9PtSM=%>?i1-k+k#ZT)s-}NT6zfFP@cxbVjXXD^KeB@S3PaY9`u-1k=35`sTw|qh+aF2^aZJ6h zDM_e4LuDm<812zr(v|JA>U_)n(FM%u-|O2c9P-1(@Zc3xRfw(|VGKC{K#XKIUDoG1 z6NkqSItN(_fi^P&p@H-w{v7Unn!m*;;0H;X&Ga!h9gnpf@7Sj-cM z^+CGh7!nsu91))K`A?EVn!f=Kk#ruBwK>>Ck(@1*ev#3d2t6_=p7f6lq{}d$4`oV! zP@++AKPaZ+Wh=)V2RuE8(5)))Y8680kOK_3rfVhy5aYay<6Z=iuKN*nG zD10tXM!c_*Y*G*t*4V@fCw6gYU3T0yP#U8Be7uW07-<$qq%g=9m29!8BoT&UPsy&a zhTC=tS0FgrSfxZ8iWFS!@6UhMB%5mV57_li}{9(c(|BPuF8CDRc*MAAq z?nPqvPjt2!vnVy|$!-;P*HZz~B8QOA(%g<1F**Y4Sh7DS?MYF84lbG>kd2XiUIbTnT^lHr#spe0l(y=^suk@aNh%Gwk?G@9m7qh9gre*2}m}bQwhC@8x2ioObk#yM9#UC1!4MnHB=7|e#|!m z8NdLdtoD<~X2@|YGLhkSS|r22B%HIrWDV5^>XgWN_mkUTisO%VAX2JmTwsVjtjM2m8}W&l?2tuBf<-KVH_pO( zL8pB|yn0uPp@=g4xDU^?er8TB>28kHZY3X!j%-w zwYhSQw;K=x)K+TNOk@B>4}(;$c!_201&vF^L_V&r7T@chIXrRPA)X--GlmOCO4R`~ z42+qTxXB@SRui1nXw@!T0&pV3W=4m!@3a~$FPye0ZluozpH9SN7Oe`aebW81_Bi4T zLjkFeU$GygLBE4qQ6heUZld_P15LLQrsrP`hBKKkEbn-x*tKM9SNDDQ1iwn_&MQJzGA63vbaGBUqy_`pu&ru zPo%u5ev!Q@T0mcZBx;tv^B_)6+wffHuV>eO&Qk>dEwOF7~@hmHV5v7&)^{d&N= zYYjLsByaXi0S%+l1ujGNo3S}y+Y=M1c^`UVxEADs=eJaN^jvtf7f{79QO?A$fbarW zR-v(hWco}@O~taL=nNDJ7bp~gkZzYGlDT;rs!^!uMKiieMGglkPRK#VEdhIoP~O zZG!tjoZJPSTo+2z7fx<3%6MlqXFUq#_AQc8$WoMQw8@OWz`svmZ&g*5h%->^j>P)B zbCn3gSG6C)L~|`Xn(h4wMzhb6s5Bf|RdtCR^+Vu??tp>jRHZ3>^PhPcFt9(Qh%@c$ zfr@Y=pf_=?6Zu_`L|qFcwuJOs6gU7tH{zXNYCS4x+lD6Lc^@4>{O<2MX&;X`?OTSh zhl-gfX9w&WmrKe;;W8Mdq6rVHYMOO{>CKutaJlCfC_lXWf~<9fT=bIzy~YOgu4-?C z&zCkoJUnUAd`EXDhp#7`Cd9!`{}XbXq=nyj;J16O=G4V)^N-NHY`ku@{jugNzpVc- zuKC*XYu1gJW!Jl&s%B>1e*8_$6EwxXh)BlY;UUmdskZUg11aUQk_vOxCoUXR^d4~Q z%HTg8AG`F0a&6`OPc0m)<)L-E9&4gEPx4p7k)s12r9hg)3M&VE{g1FJ$!P{ct(<%& zXhhkV4gN>w*?s>G49Xcb%e`)HzoB{k!XF#ZYbTZ-+YfW!D-KZsxLI5sh4J&oo|5Kd zp)=^@M;{vRcMbGhom~fSSZFHWtnCPyccpqq&nwu#HF!6|#^|*xH&5PA^`w6EkH#Kk zeJ+ew$b@v4i*d%!UR=B6-LcU{Z;N|kpO!w3L~nUK&@Y;-dV1E!i+e2FJ@~5erdc}r z+$71J-}sk(6@^$sw0}BHN9^GwO(G!2!aL4s)eIzE(&nWcKhUT}q{fZHTkn~Ot$JWBB`{(Tg5S~p5X!GsuN z0uV?G{Y!z^Zn+aKbNgHiEkv6S6^2gk`L_KaU&tL_dGaE*H?ia>T?pqGI~~3kkhtqu z7>o$-*1qeloPGD=`*lNA3`>^5^wi#qXWmmP)B%ZJ1CIU|CFB7&iCxy^Wvu}ahdj=_ z$d1^hZ;I~@a{?~CUq>K$3Ifu4{@ZvX`4uxCG;Rh_A0Y0xHn^V&fT{_eBnoFK8BVj% zyQ3Xfm$CE0Zmv7D4NWAHQQh-*Xj2U}4RBw3uD7UsQ9Ps&@h%9^n4hY?I@B?3kKz@nKCya~LKBAB% z&Tq+E0M?_esk6^!PIZe~^C*%#SJ6*Z%`iX9im-`s9MMgnYq%v9NrdS431QdJHK>NW z5RoLG{k8sX7Kk2+@G`<_6%Q|kDH~X2cl1S!n?YYbzU1wUmXOxc$C|%EA+|nGY@vet z9B*O7)xR8iT?wfCK>a`j)Z@=+`i7d^^)4Ca%&Vx~ozfC|>RrNHOiw{BWO^=a{}XT> zuduaimjNN3(j#=BYaG()x*l$GdNG6#QljOZ*{(YC3pZJIR$us}rxYgvp#2}Ut%ApP zZ2w>elU}>|QlV#TC1Lo}WeTtYE52VBB!mPAx6dI`@UH|WPlXUJ@cx9Z?@!|SZ@(Em zi{2W+q_$NqW<}-gJvyATEPQ*CY}mLG=QJQG)~%}Q%fu+UMZb7wis%+41-(?8xW!MI zdH4FFezQsL2yL}nus`AMeX|gP+b06?2cMJB<%;A$sIiX;f)HTfz|zz2G!cYKY9*l; z!#Hpjz}S234?b!zH3B9RshFt~Xw3$e09r#!9BfT~{_Buq9yE>OIO23>#h0&z+M+IQ zAYe+U4wncB*llQ)UE*DmQoAHHp>09Qi$yP#KVRblzKihq@*t`DM2C+b+z9bYDY*~i zUN;)?^b5phh#84J{oX1`67IGKAyQr18gTkV$uQI;%!w_dmp5FpyNWYlJq2-zshk3b z3X~lD&Dxv^=tWfxRTfkgQecI@=fjz5+7Q2UJ|~M+OeDU+b_X0khd{rRbngN$&530( zVX;(gD!NR^D7;d>R&;x6&~Q6EG(x#|^?=6R7nKDwZuW#(Ci}O|0wQE=y&8{c)OYPk zz+T*(lOK#cWK=cm<~Mi_(?o_GAzQA@OI% z4OgV%v`>DHQ>R0e_T1H~WHI+$n-9-UWci^ND9bN-lLRGOOpR(4%8y>I1>!v zn1m_<{M0O8u)n1PK~TCJwK`Smub`gPhf;D%hI2sF2HoaBAkG=P!X~<*l-0(bg3lsN zbpGRBN#Z%KJqMStvhh8CvuI{_d%9(Lmz@t-CGidp?<$B@4^N3OumkdQLE3HR$mAl3xaWP z<=D*93o7t@^!5-*HR~5m(9MgbcnLUYs+l+vxO!7D`-<^GLk!HFm+4pxmIqyL1K~wY0d`U|@oP32#x0a^a8pp6j8@fVy(Hw*zz( zSAAx6Nx=H3DNtAQ^dHKX{U|zFtUDo!+!+CwZ9sAw`vVeFL~W;M9_QxJo+rh-=oix; zsmaJv>`c(cDtkS(F^73o!qN^Af$ zn^FGlv%7x62etaT+UQoX$h{cSfq3It0Zb}9>szq!y~(ljB)i%9MGK*VU00#o53Gk9 z+88iU96p89BRVI3nHzE5#*J`J^diu$?IQ8@rlj^y)XMxibfQ?i$o6)*`1b}+)Bpyn zE35mb@QoxIR{J(8A`tQ<=(f4|Pg{wg`N=k}Pb=x@=@1pCmXN2Vwyl6J$^~su29x>T zil#=M|J zuJ)GmKV@D(>oY`60KRJ;FLH3pol2Leh9 ze+RgHr3-IOhDPwKEKRkIULv^NUXFP7y{}lg^;}+V6Iuto%lYk!^6qD5B3vxQp!f-c zBEWNS8GnU7S#1if41C7qiIgEqR_)c<6&I8vcWsNi?7GKcS%xkGWcJtXp1UGFKT z@C^ZiU#|wimD$=Vb?k4&BvOZ3m1Bqj$WNkFyPzQcWKFU7lhIO_{jN944(jBxGoV_; zTTbt-X}lJ1MTew6)o&GFu$rWF_k%=MDbR9X1!+37~FDMIYm~h%zWC{eh z4i59%r25U~^=YJ5A|}nk3Ze=t;r0sp5|nC( zV@)7MPTJv3r}qYSEyh=L>!*H2zA}CdAD#KOH4fD=j@3J5#MBVvQR?egP=vQBPL|;Y zQa3uD0X03HTfqqMj#}NdHC|KH8M_}$g8GfS5u8&4Wnn-Wt}W<>?rGxBu0GT15;YgH z^2w@L&w)}&=}Lcj4j`_HIvET~%%p`^AI9buqbxvj9e7zMUx zc|%Lz$36}SZ)ARKw?r5`bscD4A@j&zc{me@Xp93IGj!=2(jADy5WpHWRN?*Vwbxk`pE19v>Fw%S>VDNT#R*e@%aBs7 zRF+C%VCKsUmv?p|G^wU=c1`F{RE+|RdgzKz1Y>HWD6%UXECw}DOiwW-ZfR2$seYj{At8>;24zTHs6izgD1qt zU4~*s9QWh6RGz}+tQ!M@JqLUrscY;#sM-EpCcgIwU)iv%BswsaJaf-&(beK+;Ogw_ zVn`s)Um^dVz4mm!U;A8slA_%Yw=$t@*fGUf{*qv04gkLv*(fi*!EzC|lEjC>yVjHl-EcMW^rW9(zD_QZuv&h;o_frD62%jGuJv?WYOgt=5##g48>eyTuIR_SF0Zn{i zTThXvPk0gWbUs}6O-xdR0GZTY#EsO2Qr`;SH)srue+3#M)@g7S=x;kc@fjX0BC}!! z(G}M2|D#=8O-D>dZuE{Jjgn{BrV1s`pnbTp%&10x;>SnLlyFO%fKwxdkcYtRV>4qn zL>+?K*y=V|-8+S!L}~MjU3b92K~z;D&)cJ9=4f2+7~AvIlc>24D49_~8(1~4uRTW5 z?`tT0G3~n*@cTOhVeJ3zU+x!RS&%Ghn!L78Mf1NKgJcOA~^GK~|^M}(|k97E={pWiK~Gn#wN zMD}_%tV@_NlJM;*sH(O)|17WI$_VUR&l!iRV@G>PT7pi!39vGGV}SE?*Fj0(5wx=r z6=Q}IfKC}Uwn~93{x3xFz|&m=q%alP0YgaVRV7}@e7Ba{kNyB@>0{Orj2RA0fG8x7 z8JP}SKuGM$wA@ezYVmZh&J15PZaSSJqp!Kp|KTUyyPCv$sS3)Ix9j5_+zM1&JJD^# zla)o-kARce1M%4XxDYz8MuAX$rj;N(>jXo-w23Y_Ok84q(V z^q#VVLd|VbtD3~hE;n!mkv`#IGp;^Ky8-oX#GJSrtb?`CuWHrMQmF-hM9#G5CFZJa zB9fLMo{PRSpMrZEuN+q(nX@Q!>WnyIFJFmxx2^fGx8phUP+d_J=r{>otySX8K(ZYo zMxgb|C1TGGux`rJ0+Kpk88Q-vT(8;IG8n{51(%Q;q%{_GGenvtojtoXV@fxg0_EFd zT2~3Pk!D6kb(8d^fCKw}s&-yaHWm*&PKG_o?=Z9`oI7G0x&|$Dm5G3#7`+L7lXbV_ z?ED=HpOiQR@>~8bL`2Egnhew(_7t)u?pu`4WHb7gBCZ|>>%d#l+IUF*O}xjye+^m< zhD0a0o#V9-$L5iiXhEn;M$Zmg{44wlPBxqQu=7~4T)ocr)!a6vz*Dbps$0 direct +domain(geosite:cn, domain:"ip.sb") -> direct +ip("91.105.192.0/23","91.108.4.0/22","91.108.8.0/21","91.108.16.0/21","91.108.56.0/22","95.161.64.0/20","149.154.160.0/20","185.76.151.0/24")->proxy +`) + if err != nil { + panic(err) + } + if err = t.BindLink(ifname); err != nil { + panic(err) + } + sigs := make(chan os.Signal, 1) + signal.Notify(sigs, syscall.SIGINT, syscall.SIGTERM, syscall.SIGHUP, syscall.SIGQUIT, syscall.SIGKILL, syscall.SIGILL) + go func() { + if err := t.ListenAndServe(tproxyPort); err != nil { + log.Errorln("ListenAndServe:", err) + sigs <- nil + } + }() + <-sigs + if e := t.Close(); e != nil { + log.Errorln("Close control plane:", err) + } +} diff --git a/pkg/geodata/common.pb.go b/pkg/geodata/common.pb.go new file mode 100644 index 0000000..fd2a3e2 --- /dev/null +++ b/pkg/geodata/common.pb.go @@ -0,0 +1,801 @@ +// Copied from https://github.com/v2fly/v2ray-core/blob/42b166760b2ba8d984e514b830fcd44e23728e43/app/router/routercommon + +package geodata + +import ( + _ "github.com/v2fly/v2ray-core/v5/common/protoext" + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +// Type of domain value. +type Domain_Type int32 + +const ( + // The value is used as is. + Domain_Plain Domain_Type = 0 + // The value is used as a regular expression. + Domain_Regex Domain_Type = 1 + // The value is a root domain. + Domain_RootDomain Domain_Type = 2 + // The value is a domain. + Domain_Full Domain_Type = 3 +) + +// Enum value maps for Domain_Type. +var ( + Domain_Type_name = map[int32]string{ + 0: "Plain", + 1: "Regex", + 2: "RootDomain", + 3: "Full", + } + Domain_Type_value = map[string]int32{ + "Plain": 0, + "Regex": 1, + "RootDomain": 2, + "Full": 3, + } +) + +func (x Domain_Type) Enum() *Domain_Type { + p := new(Domain_Type) + *p = x + return p +} + +func (x Domain_Type) String() string { + return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) +} + +func (Domain_Type) Descriptor() protoreflect.EnumDescriptor { + return file_app_router_routercommon_common_proto_enumTypes[0].Descriptor() +} + +func (Domain_Type) Type() protoreflect.EnumType { + return &file_app_router_routercommon_common_proto_enumTypes[0] +} + +func (x Domain_Type) Number() protoreflect.EnumNumber { + return protoreflect.EnumNumber(x) +} + +// Deprecated: Use Domain_Type.Descriptor instead. +func (Domain_Type) EnumDescriptor() ([]byte, []int) { + return file_app_router_routercommon_common_proto_rawDescGZIP(), []int{0, 0} +} + +// Domain for routing decision. +type Domain struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Domain matching type. + Type Domain_Type `protobuf:"varint,1,opt,name=type,proto3,enum=v2ray.core.app.router.routercommon.Domain_Type" json:"type,omitempty"` + // Domain value. + Value string `protobuf:"bytes,2,opt,name=value,proto3" json:"value,omitempty"` + // Attributes of this domain. May be used for filtering. + Attribute []*Domain_Attribute `protobuf:"bytes,3,rep,name=attribute,proto3" json:"attribute,omitempty"` +} + +func (x *Domain) Reset() { + *x = Domain{} + if protoimpl.UnsafeEnabled { + mi := &file_app_router_routercommon_common_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *Domain) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*Domain) ProtoMessage() {} + +func (x *Domain) ProtoReflect() protoreflect.Message { + mi := &file_app_router_routercommon_common_proto_msgTypes[0] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use Domain.ProtoReflect.Descriptor instead. +func (*Domain) Descriptor() ([]byte, []int) { + return file_app_router_routercommon_common_proto_rawDescGZIP(), []int{0} +} + +func (x *Domain) GetType() Domain_Type { + if x != nil { + return x.Type + } + return Domain_Plain +} + +func (x *Domain) GetValue() string { + if x != nil { + return x.Value + } + return "" +} + +func (x *Domain) GetAttribute() []*Domain_Attribute { + if x != nil { + return x.Attribute + } + return nil +} + +// IP for routing decision, in CIDR form. +type CIDR struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // IP address, should be either 4 or 16 bytes. + Ip []byte `protobuf:"bytes,1,opt,name=ip,proto3" json:"ip,omitempty"` + // Number of leading ones in the network mask. + Prefix uint32 `protobuf:"varint,2,opt,name=prefix,proto3" json:"prefix,omitempty"` + IpAddr string `protobuf:"bytes,68000,opt,name=ip_addr,json=ipAddr,proto3" json:"ip_addr,omitempty"` +} + +func (x *CIDR) Reset() { + *x = CIDR{} + if protoimpl.UnsafeEnabled { + mi := &file_app_router_routercommon_common_proto_msgTypes[1] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *CIDR) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*CIDR) ProtoMessage() {} + +func (x *CIDR) ProtoReflect() protoreflect.Message { + mi := &file_app_router_routercommon_common_proto_msgTypes[1] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use CIDR.ProtoReflect.Descriptor instead. +func (*CIDR) Descriptor() ([]byte, []int) { + return file_app_router_routercommon_common_proto_rawDescGZIP(), []int{1} +} + +func (x *CIDR) GetIp() []byte { + if x != nil { + return x.Ip + } + return nil +} + +func (x *CIDR) GetPrefix() uint32 { + if x != nil { + return x.Prefix + } + return 0 +} + +func (x *CIDR) GetIpAddr() string { + if x != nil { + return x.IpAddr + } + return "" +} + +type GeoIP struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + CountryCode string `protobuf:"bytes,1,opt,name=country_code,json=countryCode,proto3" json:"country_code,omitempty"` + Cidr []*CIDR `protobuf:"bytes,2,rep,name=cidr,proto3" json:"cidr,omitempty"` + InverseMatch bool `protobuf:"varint,3,opt,name=inverse_match,json=inverseMatch,proto3" json:"inverse_match,omitempty"` + // resource_hash instruct simplified config converter to load domain from geo file. + ResourceHash []byte `protobuf:"bytes,4,opt,name=resource_hash,json=resourceHash,proto3" json:"resource_hash,omitempty"` + Code string `protobuf:"bytes,5,opt,name=code,proto3" json:"code,omitempty"` + FilePath string `protobuf:"bytes,68000,opt,name=file_path,json=filePath,proto3" json:"file_path,omitempty"` +} + +func (x *GeoIP) Reset() { + *x = GeoIP{} + if protoimpl.UnsafeEnabled { + mi := &file_app_router_routercommon_common_proto_msgTypes[2] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *GeoIP) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*GeoIP) ProtoMessage() {} + +func (x *GeoIP) ProtoReflect() protoreflect.Message { + mi := &file_app_router_routercommon_common_proto_msgTypes[2] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use GeoIP.ProtoReflect.Descriptor instead. +func (*GeoIP) Descriptor() ([]byte, []int) { + return file_app_router_routercommon_common_proto_rawDescGZIP(), []int{2} +} + +func (x *GeoIP) GetCountryCode() string { + if x != nil { + return x.CountryCode + } + return "" +} + +func (x *GeoIP) GetCidr() []*CIDR { + if x != nil { + return x.Cidr + } + return nil +} + +func (x *GeoIP) GetInverseMatch() bool { + if x != nil { + return x.InverseMatch + } + return false +} + +func (x *GeoIP) GetResourceHash() []byte { + if x != nil { + return x.ResourceHash + } + return nil +} + +func (x *GeoIP) GetCode() string { + if x != nil { + return x.Code + } + return "" +} + +func (x *GeoIP) GetFilePath() string { + if x != nil { + return x.FilePath + } + return "" +} + +type GeoIPList struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Entry []*GeoIP `protobuf:"bytes,1,rep,name=entry,proto3" json:"entry,omitempty"` +} + +func (x *GeoIPList) Reset() { + *x = GeoIPList{} + if protoimpl.UnsafeEnabled { + mi := &file_app_router_routercommon_common_proto_msgTypes[3] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *GeoIPList) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*GeoIPList) ProtoMessage() {} + +func (x *GeoIPList) ProtoReflect() protoreflect.Message { + mi := &file_app_router_routercommon_common_proto_msgTypes[3] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use GeoIPList.ProtoReflect.Descriptor instead. +func (*GeoIPList) Descriptor() ([]byte, []int) { + return file_app_router_routercommon_common_proto_rawDescGZIP(), []int{3} +} + +func (x *GeoIPList) GetEntry() []*GeoIP { + if x != nil { + return x.Entry + } + return nil +} + +type GeoSite struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + CountryCode string `protobuf:"bytes,1,opt,name=country_code,json=countryCode,proto3" json:"country_code,omitempty"` + Domain []*Domain `protobuf:"bytes,2,rep,name=domain,proto3" json:"domain,omitempty"` + // resource_hash instruct simplified config converter to load domain from geo file. + ResourceHash []byte `protobuf:"bytes,3,opt,name=resource_hash,json=resourceHash,proto3" json:"resource_hash,omitempty"` + Code string `protobuf:"bytes,4,opt,name=code,proto3" json:"code,omitempty"` + FilePath string `protobuf:"bytes,68000,opt,name=file_path,json=filePath,proto3" json:"file_path,omitempty"` +} + +func (x *GeoSite) Reset() { + *x = GeoSite{} + if protoimpl.UnsafeEnabled { + mi := &file_app_router_routercommon_common_proto_msgTypes[4] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *GeoSite) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*GeoSite) ProtoMessage() {} + +func (x *GeoSite) ProtoReflect() protoreflect.Message { + mi := &file_app_router_routercommon_common_proto_msgTypes[4] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use GeoSite.ProtoReflect.Descriptor instead. +func (*GeoSite) Descriptor() ([]byte, []int) { + return file_app_router_routercommon_common_proto_rawDescGZIP(), []int{4} +} + +func (x *GeoSite) GetCountryCode() string { + if x != nil { + return x.CountryCode + } + return "" +} + +func (x *GeoSite) GetDomain() []*Domain { + if x != nil { + return x.Domain + } + return nil +} + +func (x *GeoSite) GetResourceHash() []byte { + if x != nil { + return x.ResourceHash + } + return nil +} + +func (x *GeoSite) GetCode() string { + if x != nil { + return x.Code + } + return "" +} + +func (x *GeoSite) GetFilePath() string { + if x != nil { + return x.FilePath + } + return "" +} + +type GeoSiteList struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Entry []*GeoSite `protobuf:"bytes,1,rep,name=entry,proto3" json:"entry,omitempty"` +} + +func (x *GeoSiteList) Reset() { + *x = GeoSiteList{} + if protoimpl.UnsafeEnabled { + mi := &file_app_router_routercommon_common_proto_msgTypes[5] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *GeoSiteList) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*GeoSiteList) ProtoMessage() {} + +func (x *GeoSiteList) ProtoReflect() protoreflect.Message { + mi := &file_app_router_routercommon_common_proto_msgTypes[5] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use GeoSiteList.ProtoReflect.Descriptor instead. +func (*GeoSiteList) Descriptor() ([]byte, []int) { + return file_app_router_routercommon_common_proto_rawDescGZIP(), []int{5} +} + +func (x *GeoSiteList) GetEntry() []*GeoSite { + if x != nil { + return x.Entry + } + return nil +} + +type Domain_Attribute struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Key string `protobuf:"bytes,1,opt,name=key,proto3" json:"key,omitempty"` + // Types that are assignable to TypedValue: + // + // *Domain_Attribute_BoolValue + // *Domain_Attribute_IntValue + TypedValue isDomain_Attribute_TypedValue `protobuf_oneof:"typed_value"` +} + +func (x *Domain_Attribute) Reset() { + *x = Domain_Attribute{} + if protoimpl.UnsafeEnabled { + mi := &file_app_router_routercommon_common_proto_msgTypes[6] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *Domain_Attribute) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*Domain_Attribute) ProtoMessage() {} + +func (x *Domain_Attribute) ProtoReflect() protoreflect.Message { + mi := &file_app_router_routercommon_common_proto_msgTypes[6] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use Domain_Attribute.ProtoReflect.Descriptor instead. +func (*Domain_Attribute) Descriptor() ([]byte, []int) { + return file_app_router_routercommon_common_proto_rawDescGZIP(), []int{0, 0} +} + +func (x *Domain_Attribute) GetKey() string { + if x != nil { + return x.Key + } + return "" +} + +func (m *Domain_Attribute) GetTypedValue() isDomain_Attribute_TypedValue { + if m != nil { + return m.TypedValue + } + return nil +} + +func (x *Domain_Attribute) GetBoolValue() bool { + if x, ok := x.GetTypedValue().(*Domain_Attribute_BoolValue); ok { + return x.BoolValue + } + return false +} + +func (x *Domain_Attribute) GetIntValue() int64 { + if x, ok := x.GetTypedValue().(*Domain_Attribute_IntValue); ok { + return x.IntValue + } + return 0 +} + +type isDomain_Attribute_TypedValue interface { + isDomain_Attribute_TypedValue() +} + +type Domain_Attribute_BoolValue struct { + BoolValue bool `protobuf:"varint,2,opt,name=bool_value,json=boolValue,proto3,oneof"` +} + +type Domain_Attribute_IntValue struct { + IntValue int64 `protobuf:"varint,3,opt,name=int_value,json=intValue,proto3,oneof"` +} + +func (*Domain_Attribute_BoolValue) isDomain_Attribute_TypedValue() {} + +func (*Domain_Attribute_IntValue) isDomain_Attribute_TypedValue() {} + +var File_app_router_routercommon_common_proto protoreflect.FileDescriptor + +var file_app_router_routercommon_common_proto_rawDesc = []byte{ + 0x0a, 0x24, 0x61, 0x70, 0x70, 0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x72, 0x2f, 0x72, 0x6f, 0x75, + 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, + 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x22, 0x76, 0x32, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, + 0x72, 0x65, 0x2e, 0x61, 0x70, 0x70, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x72, 0x2e, 0x72, 0x6f, + 0x75, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x1a, 0x20, 0x63, 0x6f, 0x6d, 0x6d, + 0x6f, 0x6e, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x65, 0x78, 0x74, 0x2f, 0x65, 0x78, 0x74, 0x65, + 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xdd, 0x02, 0x0a, + 0x06, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x12, 0x43, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, + 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x2f, 0x2e, 0x76, 0x32, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, + 0x72, 0x65, 0x2e, 0x61, 0x70, 0x70, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x72, 0x2e, 0x72, 0x6f, + 0x75, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x44, 0x6f, 0x6d, 0x61, 0x69, + 0x6e, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x52, 0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x14, 0x0a, 0x05, + 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c, + 0x75, 0x65, 0x12, 0x52, 0x0a, 0x09, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x18, + 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x34, 0x2e, 0x76, 0x32, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, + 0x72, 0x65, 0x2e, 0x61, 0x70, 0x70, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x72, 0x2e, 0x72, 0x6f, + 0x75, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x44, 0x6f, 0x6d, 0x61, 0x69, + 0x6e, 0x2e, 0x41, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x52, 0x09, 0x61, 0x74, 0x74, + 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x1a, 0x6c, 0x0a, 0x09, 0x41, 0x74, 0x74, 0x72, 0x69, 0x62, + 0x75, 0x74, 0x65, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x1f, 0x0a, 0x0a, 0x62, 0x6f, 0x6f, 0x6c, 0x5f, 0x76, 0x61, + 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x48, 0x00, 0x52, 0x09, 0x62, 0x6f, 0x6f, + 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x1d, 0x0a, 0x09, 0x69, 0x6e, 0x74, 0x5f, 0x76, 0x61, + 0x6c, 0x75, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x03, 0x48, 0x00, 0x52, 0x08, 0x69, 0x6e, 0x74, + 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x0d, 0x0a, 0x0b, 0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x76, + 0x61, 0x6c, 0x75, 0x65, 0x22, 0x36, 0x0a, 0x04, 0x54, 0x79, 0x70, 0x65, 0x12, 0x09, 0x0a, 0x05, + 0x50, 0x6c, 0x61, 0x69, 0x6e, 0x10, 0x00, 0x12, 0x09, 0x0a, 0x05, 0x52, 0x65, 0x67, 0x65, 0x78, + 0x10, 0x01, 0x12, 0x0e, 0x0a, 0x0a, 0x52, 0x6f, 0x6f, 0x74, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, + 0x10, 0x02, 0x12, 0x08, 0x0a, 0x04, 0x46, 0x75, 0x6c, 0x6c, 0x10, 0x03, 0x22, 0x53, 0x0a, 0x04, + 0x43, 0x49, 0x44, 0x52, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, + 0x52, 0x02, 0x69, 0x70, 0x12, 0x16, 0x0a, 0x06, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x18, 0x02, + 0x20, 0x01, 0x28, 0x0d, 0x52, 0x06, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x12, 0x23, 0x0a, 0x07, + 0x69, 0x70, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x18, 0xa0, 0x93, 0x04, 0x20, 0x01, 0x28, 0x09, 0x42, + 0x08, 0x82, 0xb5, 0x18, 0x04, 0x3a, 0x02, 0x69, 0x70, 0x52, 0x06, 0x69, 0x70, 0x41, 0x64, 0x64, + 0x72, 0x22, 0xfa, 0x01, 0x0a, 0x05, 0x47, 0x65, 0x6f, 0x49, 0x50, 0x12, 0x21, 0x0a, 0x0c, 0x63, + 0x6f, 0x75, 0x6e, 0x74, 0x72, 0x79, 0x5f, 0x63, 0x6f, 0x64, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x0b, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x72, 0x79, 0x43, 0x6f, 0x64, 0x65, 0x12, 0x3c, + 0x0a, 0x04, 0x63, 0x69, 0x64, 0x72, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x28, 0x2e, 0x76, + 0x32, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x70, 0x2e, 0x72, 0x6f, + 0x75, 0x74, 0x65, 0x72, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, + 0x6e, 0x2e, 0x43, 0x49, 0x44, 0x52, 0x52, 0x04, 0x63, 0x69, 0x64, 0x72, 0x12, 0x23, 0x0a, 0x0d, + 0x69, 0x6e, 0x76, 0x65, 0x72, 0x73, 0x65, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x03, 0x20, + 0x01, 0x28, 0x08, 0x52, 0x0c, 0x69, 0x6e, 0x76, 0x65, 0x72, 0x73, 0x65, 0x4d, 0x61, 0x74, 0x63, + 0x68, 0x12, 0x23, 0x0a, 0x0d, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x68, 0x61, + 0x73, 0x68, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x0c, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, + 0x63, 0x65, 0x48, 0x61, 0x73, 0x68, 0x12, 0x12, 0x0a, 0x04, 0x63, 0x6f, 0x64, 0x65, 0x18, 0x05, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x63, 0x6f, 0x64, 0x65, 0x12, 0x32, 0x0a, 0x09, 0x66, 0x69, + 0x6c, 0x65, 0x5f, 0x70, 0x61, 0x74, 0x68, 0x18, 0xa0, 0x93, 0x04, 0x20, 0x01, 0x28, 0x09, 0x42, + 0x13, 0x82, 0xb5, 0x18, 0x0f, 0x32, 0x0d, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, + 0x68, 0x61, 0x73, 0x68, 0x52, 0x08, 0x66, 0x69, 0x6c, 0x65, 0x50, 0x61, 0x74, 0x68, 0x22, 0x4c, + 0x0a, 0x09, 0x47, 0x65, 0x6f, 0x49, 0x50, 0x4c, 0x69, 0x73, 0x74, 0x12, 0x3f, 0x0a, 0x05, 0x65, + 0x6e, 0x74, 0x72, 0x79, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x29, 0x2e, 0x76, 0x32, 0x72, + 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x70, 0x2e, 0x72, 0x6f, 0x75, 0x74, + 0x65, 0x72, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, + 0x47, 0x65, 0x6f, 0x49, 0x50, 0x52, 0x05, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x22, 0xdd, 0x01, 0x0a, + 0x07, 0x47, 0x65, 0x6f, 0x53, 0x69, 0x74, 0x65, 0x12, 0x21, 0x0a, 0x0c, 0x63, 0x6f, 0x75, 0x6e, + 0x74, 0x72, 0x79, 0x5f, 0x63, 0x6f, 0x64, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, + 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x72, 0x79, 0x43, 0x6f, 0x64, 0x65, 0x12, 0x42, 0x0a, 0x06, 0x64, + 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x76, 0x32, + 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x70, 0x2e, 0x72, 0x6f, 0x75, + 0x74, 0x65, 0x72, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, + 0x2e, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x52, 0x06, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x12, + 0x23, 0x0a, 0x0d, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x68, 0x61, 0x73, 0x68, + 0x18, 0x03, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x0c, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, + 0x48, 0x61, 0x73, 0x68, 0x12, 0x12, 0x0a, 0x04, 0x63, 0x6f, 0x64, 0x65, 0x18, 0x04, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x04, 0x63, 0x6f, 0x64, 0x65, 0x12, 0x32, 0x0a, 0x09, 0x66, 0x69, 0x6c, 0x65, + 0x5f, 0x70, 0x61, 0x74, 0x68, 0x18, 0xa0, 0x93, 0x04, 0x20, 0x01, 0x28, 0x09, 0x42, 0x13, 0x82, + 0xb5, 0x18, 0x0f, 0x32, 0x0d, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x68, 0x61, + 0x73, 0x68, 0x52, 0x08, 0x66, 0x69, 0x6c, 0x65, 0x50, 0x61, 0x74, 0x68, 0x22, 0x50, 0x0a, 0x0b, + 0x47, 0x65, 0x6f, 0x53, 0x69, 0x74, 0x65, 0x4c, 0x69, 0x73, 0x74, 0x12, 0x41, 0x0a, 0x05, 0x65, + 0x6e, 0x74, 0x72, 0x79, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2b, 0x2e, 0x76, 0x32, 0x72, + 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x70, 0x2e, 0x72, 0x6f, 0x75, 0x74, + 0x65, 0x72, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, + 0x47, 0x65, 0x6f, 0x53, 0x69, 0x74, 0x65, 0x52, 0x05, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x42, 0x87, + 0x01, 0x0a, 0x26, 0x63, 0x6f, 0x6d, 0x2e, 0x76, 0x32, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x72, + 0x65, 0x2e, 0x61, 0x70, 0x70, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x72, 0x2e, 0x72, 0x6f, 0x75, + 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x50, 0x01, 0x5a, 0x36, 0x67, 0x69, 0x74, + 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x76, 0x32, 0x66, 0x6c, 0x79, 0x2f, 0x76, 0x32, + 0x72, 0x61, 0x79, 0x2d, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x35, 0x2f, 0x61, 0x70, 0x70, 0x2f, + 0x72, 0x6f, 0x75, 0x74, 0x65, 0x72, 0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, + 0x6d, 0x6f, 0x6e, 0xaa, 0x02, 0x22, 0x56, 0x32, 0x52, 0x61, 0x79, 0x2e, 0x43, 0x6f, 0x72, 0x65, + 0x2e, 0x41, 0x70, 0x70, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x72, 0x2e, 0x52, 0x6f, 0x75, 0x74, + 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, +} + +var ( + file_app_router_routercommon_common_proto_rawDescOnce sync.Once + file_app_router_routercommon_common_proto_rawDescData = file_app_router_routercommon_common_proto_rawDesc +) + +func file_app_router_routercommon_common_proto_rawDescGZIP() []byte { + file_app_router_routercommon_common_proto_rawDescOnce.Do(func() { + file_app_router_routercommon_common_proto_rawDescData = protoimpl.X.CompressGZIP(file_app_router_routercommon_common_proto_rawDescData) + }) + return file_app_router_routercommon_common_proto_rawDescData +} + +var file_app_router_routercommon_common_proto_enumTypes = make([]protoimpl.EnumInfo, 1) +var file_app_router_routercommon_common_proto_msgTypes = make([]protoimpl.MessageInfo, 7) +var file_app_router_routercommon_common_proto_goTypes = []interface{}{ + (Domain_Type)(0), // 0: v2ray.core.app.router.routercommon.Domain.Type + (*Domain)(nil), // 1: v2ray.core.app.router.routercommon.Domain + (*CIDR)(nil), // 2: v2ray.core.app.router.routercommon.CIDR + (*GeoIP)(nil), // 3: v2ray.core.app.router.routercommon.GeoIP + (*GeoIPList)(nil), // 4: v2ray.core.app.router.routercommon.GeoIPList + (*GeoSite)(nil), // 5: v2ray.core.app.router.routercommon.GeoSite + (*GeoSiteList)(nil), // 6: v2ray.core.app.router.routercommon.GeoSiteList + (*Domain_Attribute)(nil), // 7: v2ray.core.app.router.routercommon.Domain.Attribute +} +var file_app_router_routercommon_common_proto_depIdxs = []int32{ + 0, // 0: v2ray.core.app.router.routercommon.Domain.type:type_name -> v2ray.core.app.router.routercommon.Domain.Type + 7, // 1: v2ray.core.app.router.routercommon.Domain.attribute:type_name -> v2ray.core.app.router.routercommon.Domain.Attribute + 2, // 2: v2ray.core.app.router.routercommon.GeoIP.cidr:type_name -> v2ray.core.app.router.routercommon.CIDR + 3, // 3: v2ray.core.app.router.routercommon.GeoIPList.entry:type_name -> v2ray.core.app.router.routercommon.GeoIP + 1, // 4: v2ray.core.app.router.routercommon.GeoSite.domain:type_name -> v2ray.core.app.router.routercommon.Domain + 5, // 5: v2ray.core.app.router.routercommon.GeoSiteList.entry:type_name -> v2ray.core.app.router.routercommon.GeoSite + 6, // [6:6] is the sub-list for method output_type + 6, // [6:6] is the sub-list for method input_type + 6, // [6:6] is the sub-list for extension type_name + 6, // [6:6] is the sub-list for extension extendee + 0, // [0:6] is the sub-list for field type_name +} + +func init() { file_app_router_routercommon_common_proto_init() } +func file_app_router_routercommon_common_proto_init() { + if File_app_router_routercommon_common_proto != nil { + return + } + if !protoimpl.UnsafeEnabled { + file_app_router_routercommon_common_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*Domain); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_app_router_routercommon_common_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*CIDR); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_app_router_routercommon_common_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*GeoIP); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_app_router_routercommon_common_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*GeoIPList); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_app_router_routercommon_common_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*GeoSite); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_app_router_routercommon_common_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*GeoSiteList); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_app_router_routercommon_common_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*Domain_Attribute); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + } + file_app_router_routercommon_common_proto_msgTypes[6].OneofWrappers = []interface{}{ + (*Domain_Attribute_BoolValue)(nil), + (*Domain_Attribute_IntValue)(nil), + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_app_router_routercommon_common_proto_rawDesc, + NumEnums: 1, + NumMessages: 7, + NumExtensions: 0, + NumServices: 0, + }, + GoTypes: file_app_router_routercommon_common_proto_goTypes, + DependencyIndexes: file_app_router_routercommon_common_proto_depIdxs, + EnumInfos: file_app_router_routercommon_common_proto_enumTypes, + MessageInfos: file_app_router_routercommon_common_proto_msgTypes, + }.Build() + File_app_router_routercommon_common_proto = out.File + file_app_router_routercommon_common_proto_rawDesc = nil + file_app_router_routercommon_common_proto_goTypes = nil + file_app_router_routercommon_common_proto_depIdxs = nil +} diff --git a/pkg/geodata/decode.go b/pkg/geodata/decode.go new file mode 100644 index 0000000..e08e2be --- /dev/null +++ b/pkg/geodata/decode.go @@ -0,0 +1,111 @@ +/* + * SPDX-License-Identifier: AGPL-3.0-only + * Copyright (c) since 2023, mzz2017 (mzz@tuta.io). All rights reserved. + */ + +// Modified from https://github.com/v2fly/v2ray-core/blob/42b166760b2ba8d984e514b830fcd44e23728e43/infra/conf/geodata/memconservative + +package geodata + +import ( + "errors" + "fmt" + "google.golang.org/protobuf/encoding/protowire" + "io" + "os" + "strings" +) + +var ( + errFailedToReadBytes = errors.New("failed to read bytes") + errFailedToReadExpectedLenBytes = errors.New("failed to read expected length of bytes") + errInvalidGeodataFile = errors.New("invalid geodata file") + errInvalidGeodataVarintLength = errors.New("invalid geodata varint length") + errCodeNotFound = errors.New("code not found") +) + +func emitBytes(f io.ReadSeeker, code string) ([]byte, error) { + count := 1 + isInner := false + tempContainer := make([]byte, 0, 5) + + var result []byte + var advancedN uint64 = 1 + var geoDataVarintLength, codeVarintLength, varintLenByteLen uint64 = 0, 0, 0 + +Loop: + for { + container := make([]byte, advancedN) + bytesRead, err := f.Read(container) + if err == io.EOF { + return nil, errCodeNotFound + } + if err != nil { + return nil, errFailedToReadBytes + } + if bytesRead != len(container) { + return nil, errFailedToReadExpectedLenBytes + } + + switch count { + case 1, 3: // data type ((field_number << 3) | wire_type) + if container[0] != 10 { // byte `0A` equals to `10` in decimal + return nil, errInvalidGeodataFile + } + advancedN = 1 + count++ + case 2, 4: // data length + tempContainer = append(tempContainer, container...) + if container[0] > 127 { // max one-byte-length byte `7F`(0FFF FFFF) equals to `127` in decimal + advancedN = 1 + goto Loop + } + lenVarint, n := protowire.ConsumeVarint(tempContainer) + if n < 0 { + return nil, errInvalidGeodataVarintLength + } + tempContainer = nil + if !isInner { + isInner = true + geoDataVarintLength = lenVarint + advancedN = 1 + } else { + isInner = false + codeVarintLength = lenVarint + varintLenByteLen = uint64(n) + advancedN = codeVarintLength + } + count++ + case 5: // data value + if strings.EqualFold(string(container), code) { + count++ + offset := -(1 + int64(varintLenByteLen) + int64(codeVarintLength)) + f.Seek(offset, 1) // back to the start of GeoIP or GeoSite varint + advancedN = geoDataVarintLength // the number of bytes to be read in next round + } else { + count = 1 + offset := int64(geoDataVarintLength) - int64(codeVarintLength) - int64(varintLenByteLen) - 1 + f.Seek(offset, 1) // skip the unmatched GeoIP or GeoSite varint + advancedN = 1 // the next round will be the start of another GeoIPList or GeoSiteList + } + case 6: // matched GeoIP or GeoSite varint + result = container + break Loop + } + } + return result, nil +} + +func Decode(filename, code string) ([]byte, error) { + f, err := os.Open(filename) + if err != nil { + return nil, fmt.Errorf("failed to open file: %v: %w", filename, err) + } + defer f.Close() + + geoBytes, err := emitBytes(f, code) + if err != nil { + return nil, err + } + return geoBytes, nil +} diff --git a/pkg/geodata/geodata.go b/pkg/geodata/geodata.go new file mode 100644 index 0000000..e4f83f1 --- /dev/null +++ b/pkg/geodata/geodata.go @@ -0,0 +1,90 @@ +/* + * SPDX-License-Identifier: AGPL-3.0-only + * Copyright (c) since 2023, mzz2017 (mzz@tuta.io). All rights reserved. + */ + +// Modified from https://github.com/v2fly/v2ray-core/blob/42b166760b2ba8d984e514b830fcd44e23728e43/infra/conf/geodata/memconservative + +package geodata + +import ( + "fmt" + "github.com/sirupsen/logrus" + "google.golang.org/protobuf/proto" + "os" + "strings" +) + +func UnmarshalGeoIp(log *logrus.Logger, filepath, code string) (*GeoIP, error) { + geoipBytes, err := Decode(filepath, code) + switch err { + case nil: + var geoip GeoIP + if err := proto.Unmarshal(geoipBytes, &geoip); err != nil { + return nil, err + } + return &geoip, nil + + case errCodeNotFound: + return nil, fmt.Errorf("country code %v not found in %v", code, filepath) + + case errFailedToReadBytes, errFailedToReadExpectedLenBytes, + errInvalidGeodataFile, errInvalidGeodataVarintLength: + log.Warnln("failed to decode geoip file: ", filepath, ", fallback to the original ReadFile method") + geoipBytes, err = os.ReadFile(filepath) + if err != nil { + return nil, err + } + var geoipList GeoIPList + if err := proto.Unmarshal(geoipBytes, &geoipList); err != nil { + return nil, err + } + for _, geoip := range geoipList.GetEntry() { + if strings.EqualFold(code, geoip.GetCountryCode()) { + return geoip, nil + } + } + + default: + return nil, err + } + + return nil, fmt.Errorf("country code %v not found in %v", code, filepath) +} + +func UnmarshalGeoSite(log *logrus.Logger, filepath, code string) (*GeoSite, error) { + geositeBytes, err := Decode(filepath, code) + switch err { + case nil: + var geosite GeoSite + if err := proto.Unmarshal(geositeBytes, &geosite); err != nil { + return nil, err + } + return &geosite, nil + + case errCodeNotFound: + return nil, fmt.Errorf("list %V not found in %v", code, filepath) + + case errFailedToReadBytes, errFailedToReadExpectedLenBytes, + errInvalidGeodataFile, errInvalidGeodataVarintLength: + log.Warnln("failed to decode geoip file: ", filepath, ", fallback to the original ReadFile method") + geositeBytes, err = os.ReadFile(filepath) + if err != nil { + return nil, err + } + var geositeList GeoSiteList + if err := proto.Unmarshal(geositeBytes, &geositeList); err != nil { + return nil, err + } + for _, geosite := range geositeList.GetEntry() { + if strings.EqualFold(code, geosite.GetCountryCode()) { + return geosite, nil + } + } + + default: + return nil, err + } + + return nil, fmt.Errorf("list %v not found in %v", code, filepath) +} diff --git a/pkg/logger/logger.go b/pkg/logger/logger.go new file mode 100644 index 0000000..3a83857 --- /dev/null +++ b/pkg/logger/logger.go @@ -0,0 +1,25 @@ +/* + * SPDX-License-Identifier: AGPL-3.0-only + * Copyright (c) since 2023, mzz2017 (mzz@tuta.io). All rights reserved. + */ + +package logger + +import "github.com/sirupsen/logrus" + +func NewLogger(verbose int) *logrus.Logger { + log := logrus.New() + + var level logrus.Level + switch verbose { + case 0: + level = logrus.WarnLevel + case 1: + level = logrus.InfoLevel + default: + level = logrus.TraceLevel + } + log.SetLevel(level) + + return log +} diff --git a/pkg/pool/pool.go b/pkg/pool/pool.go new file mode 100644 index 0000000..7748a18 --- /dev/null +++ b/pkg/pool/pool.go @@ -0,0 +1,72 @@ +/* + * SPDX-License-Identifier: AGPL-3.0-only + * Copyright (c) since 2022, mzz2017 (mzz@tuta.io). All rights reserved. + */ + +// modified from https://github.com/nadoo/glider/blob/master/pool/buffer.go + +package pool + +import ( + "math/bits" + "sync" +) + +const ( + // number of pools. + num = 17 + maxsize = 1 << (num - 1) +) + +var ( + sizes [num]int + pools [num]sync.Pool +) + +func init() { + for i := 0; i < num; i++ { + size := 1 << i + sizes[i] = size + pools[i].New = func() interface{} { + return make([]byte, size) + } + } +} + +func GetClosestN(need int) (n int) { + // if need is exactly 2^n, return n-1 + if need&(need-1) == 0 { + return bits.Len32(uint32(need)) - 1 + } + // or return its closest n + return bits.Len32(uint32(need)) +} + +// Get gets a buffer from pool, size should in range: [1, 65536], +// otherwise, this function will call make([]byte, size) directly. +func Get(size int) []byte { + if size >= 1 && size <= maxsize { + i := GetClosestN(size) + return pools[i].Get().([]byte)[:size] + } + return make([]byte, size) +} + +// GetZero returns buffer and set all the values to 0 +func GetZero(size int) []byte { + b := Get(size) + for i := range b { + b[i] = 0 + } + return b +} + +// Put puts a buffer into pool. +func Put(buf []byte) { + if size := cap(buf); size >= 1 && size <= maxsize { + i := GetClosestN(size) + if i < num { + pools[i].Put(buf) + } + } +}