From 84cf3bce1cfe0a936b40ca196e0e338736bfdfeb Mon Sep 17 00:00:00 2001 From: spb <1661003+spbsoluble@users.noreply.github.com> Date: Tue, 7 Apr 2026 11:38:39 -0700 Subject: [PATCH] fix(management): guard against IndexOutOfRangeException in HandleRemove for K8SNS/K8SCluster alias parsing (#77) * fix(management): guard against IndexOutOfRangeException in HandleRemove for K8SNS/K8SCluster alias parsing HandleRemove accessed splitAlias[^2] without a bounds check for both K8SNS and K8SCluster store types. A bare alias without the expected '/' delimiter produced a single-element array, causing 'Index was outside the bounds of the array'. Added Length < 2 guard for K8SNS and Length < 3 guard for K8SCluster; returns a clear FailJob with an actionable error message describing the expected alias format. * Update generated docs * chore(changelog): add 1.2.3 release notes * Update generated docs * chore(changelog): add K8SNS management add fix entry to 1.2.3 release notes * chore(changelog): update 1.2.3 release notes to reference 1.1.4 hotfix fixes * chore(changelog): fix 1.2.3 and add 1.1.4 release notes * Update generated docs --------- Co-authored-by: Keyfactor --- CHANGELOG.md | 11 + .../K8SCluster-basic-store-type-dialog.png | Bin 45194 -> 45192 bytes .../images/K8SNS-basic-store-type-dialog.png | Bin 44504 -> 44502 bytes .../K8STLSSecr-basic-store-type-dialog.png | Bin 45789 -> 45787 bytes .../Jobs/Management.cs | 12 + .../bash/curl_create_store_types.sh | 785 ++++++++++++----- .../bash/kfutil_create_store_types.sh | 43 +- .../powershell/kfutil_create_store_types.ps1 | 58 +- .../restmethod_create_store_types.ps1 | 811 +++++++++++++----- 9 files changed, 1228 insertions(+), 492 deletions(-) mode change 100644 => 100755 scripts/store_types/bash/curl_create_store_types.sh mode change 100644 => 100755 scripts/store_types/bash/kfutil_create_store_types.sh diff --git a/CHANGELOG.md b/CHANGELOG.md index f643ebb4..527541c9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,8 @@ +# 1.2.3 + +## Bug Fixes +- fix(management): `K8SNS` and `K8SCluster` Management Remove jobs no longer throw `IndexOutOfRangeException` when alias does not contain the expected `/` delimiter. + # 1.2.2 ## Bug Fixes @@ -22,6 +27,12 @@ on missing or invalid secret field name. ## Features - feat(client): Retry interrupted connections to k8s cluster. +# 1.1.4 + +## Bug Fixes +- fix(management): `K8SNS` Management Add job no longer throws `IndexOutOfRangeException` when alias does not contain the expected `/` delimiter. +- fix(management): `K8SNS` and `K8SCluster` Management Remove jobs no longer throw `IndexOutOfRangeException` when alias does not contain the expected `/` delimiter. + # 1.1.3 ## Bug Fixes diff --git a/docsource/images/K8SCluster-basic-store-type-dialog.png b/docsource/images/K8SCluster-basic-store-type-dialog.png index be0b7ece3a3ee931843907c234e29c8e5f79bb1d..0519073be72c383c399225c0061d1c491e52ea66 100644 GIT binary patch delta 27038 zcmagFbx<5#*Y-=2n+OsT2%bO!0RjweK?V{uxXa)^xJ%FuAwclJAipCin9`-+R8QQ+58JYHHKHdw2KlwSVhc*A7{{|9$a(nF<)#^F3==xIL}e(3cb! ze};wig<))E4%SnqIYknPy$m_e^MhvJi5#PfM#Ord`y+u|G20~?WdU<;% zn>nW0VVbYf9i{(m>`d2d@x4iaroO>k#6dACDvF4R$kdS}c1mbq8LEeAJnLZZTe8>x zdX;_;=4U|)&^0*L{n5TEQD^4k)lKl7hRW*HIb{{^QTPxx&e}}n>CtJyEUjAz@mL6t z-KplQIMf@QI#d;^!s=0lN()Rc4tl@ac>j?pXB_YQrKZs4Yd3FNAWIZ42qxF5( zIwhw8M5+^~vQ*;6;p8UzeovM$&$YwJ$yKg#xvACRaLY9}5f8Fo z%sU!7N2}JDD}BhOk~V)7(2A;j=+48JG*R@7{+!LAnO;^lYeW8R1rKEvbBS)P=+RN) z0yPj*+%x-$d4%~bvxXJlH0t<-XKz^Md&`LSG%GWB#3qMlhnQKTWXi(MqQ#*zy83J1 zc&vXs0lZ(M_GV|QP-ADaQIcWgo1z{a?33wqrCzlHFt}jXQ~lo8)qJ8;j#4jC<{vi)+g$sAA}ifKW%<0mW=%o@Yh4iszg11|a_=Jul{KM_mB zg~JtmCC|+lh+rEEOaRF;XBcKiVo8gCRP(MIso(tS5&vUZT$IoASDM@T;p$pA=Y1@! z{aVOjA4x&w8kgo*!k*dMSPORu!at5QE6sB=ABx}4>1??s6Z~T}0Y3$55qfTfEU6@I zISMD%)=nX*Z}Fcf!KUNXzMvQrHQ;7GN%@91h(Q<2=wjjn=3eHlIgd< zfW{hSw?sy$3amy*zHEo*R|HMbWA2`|W+j0I5(*QY9=d0=VFmjzJD_arO z`ojtqRc4(8#zZhwN$0aciQd882m|(}y%61br~ACkm53%QF8&E&#nK`xA?A~4#zFk% z5qtm;;@0W__0Fo(1it(Jl@spTPpj%5-~udrd(Nj9@qhL{AL>KpjZPodlUh<%xRXxs zH-+k1{+U%oxbu0~LGULutDK?o)M$6D3YMpL$!7O=o#*tg!75l-S}L+hQ^^e_lf&F` zKMj1AM)Nm?mJfdk$a-vvj)W2%dym$ie_jP{P)@SyiY}5h$Y!m5!P_HVuk7PFX(`S(7^I^pSNulBGyQd2rrrkX8T|~JKa5Hj29S6j5-v0c?zqT+>JrY?1Vm+q z<`I?Gg#z6Ad*q1O&rr9wT)PEr+Vnsvr->D^GF5M~Xj=8PZNUy1-tmig-H3)mX8IbZ z0fBs_lNwS|L07Z!ut7V_XCsuCQv`MPXJvy~4EC)tL|NelnofDYkw_|y|N${i9nlfQ*Xbtr6(bjC8KP#;L*d}_64?w8+}p=yjomj6XhB;O2p>xThcCu znl}RjdqJI$nMu+=mlU?ed|_r%3RH|-PN$wywbIE)Pb28o)YHyq!1Z6Us(YN{J&!r- z-Z0QArzRUz14+`d4^tNB{eaeVB-_}Q>0=u#tk0ihe@+Q?4P6$7=~*yw;7#1&cJZ@y zb&s!-np&7o|FjgSe<+>F@xno+Sh?$RPLz$Wy?ZnmC(cfcB_1VgT8q^+Fo&BO9Fc0z zrX_zHH8KWq5et*ck2`EP$%yAriA|*!2zN{QDB<0V1#3jFSQau?dICAotBrp9PMmYr zlEtFA!%29Y^XLX(hOdxw{pUw0@I_zxc%+;6b;UibKZ`6zGw<6ghQ1x)UetXtHGYxn zV`ihOidc1}%Cxg-6+w4(ewIYBs}{yqT<_zjg5Vh}`109z>|YzUv5{Au>-wMe zehyp>@Jw&+fSW1X5Ws5vhNc{Y5W<_k{n6*tquNcYt>l~bjMdBuMK(SkuqfZhQvA=t z5wnl*cf_k_r}i|X?OOVNeD8jU^(Ck##&)?#g?8EVrH`|um!q8*Y_6ZfSw;78L;k9I z;B1;&nvh-!(N5*mHo||v0-TTl2}56tc6j`%a))Fl9|(A@;Q?mLP3Xi#3!nL|$}s|Z zl9cOJHsIn6NP?%LTrzwNtyKB!_KUdNpry7id1F#?kySVS*1ZXrz`5t!Yn(Qj1ng}> zS)C0?Wc!BGWwxg{FBTT4Q^lM&YcPrMA|hmo0zNY^q;2aSo>N;M1Xo|EwIFox;?F1$ zoFuyBA)U|zRJCTAj$d$b#!5;SmMnf)mbREoNIVw&mgaMCD=Z~aI?6a1u!~*DL7u%^ zzjQcm$JVcfG7&M&cli87_I@f>uxhW?VvW|*N45v4^-PbC-5)<6@bXI5*T^@$9V0S~ zk)bGaSw5wzkKT7mPTN)app}Ir{xQ6E;q~&#rEnWtCSWhoRiBhN3!z@OdkwM?Zm%OW;z&Ta@$cR7svI9e%qx#x%}wt;9s@oLAml`vdo%`;9av zY5Mf5V~*ZE^V^G!GS(&hSq0VXGoAR(HdcN-5E+u|5k?I}yH)J?DDSQhLgO=4v2SrY z$UP-y5eSonI9}}9B&ZdeWg5N2 z+}8$UP4bpC_NHAxad^7sl{R5o_+-|_*izoqY(}bIW zyXyhFnyUa({c{W&%12_i8=C$dkefxUldKiOK&n)bj~+Xz#}?~DkMyX&K& zp`n&*WXoI3Wg|JXbFR%F7aQr)&IO&==poKgO`eYX!V^&}}M>>@2Ua@SyQj z<>du>w{m)R4L3R+fOi~f1n)n_oJ-XmJ&ur?mhBtUBpP-)v@a!+q9>~%H<6qH*%K#I z&~$;9SHAJ+vHqppvJbKeQ?yOCdPGmI7G}~&1Q&Fn((lT!VK5kGb;P3jtx_GXsL&U@ zh@*!{9?1_Xmc)O>Y&q~TFv$&9cH%w@e@j1pz#bJ{LWj<*QDp8{C(#j)YZe| zk(XHessr%`FW!7h#NC@_?3hBn`r3 zVom1=CfYtI*2bMu;>_LBp5ZP^*K9B5*3Wp0ykM=uX$ zKmHCWN^4l-$5g%3{^4Tf6o6CH0`?j!&`X(EH%;8nFEk|#mP@Kej&BfL&ah08bd{pE zF^g1|>H?E+31zS#j%GCWIKN}Jg7@KHa*T>a)O8-mFRbB%4o^X?Z;aMv;HBi1)v!QbqTzl!Ya zuOj;?&Hf@6;72vpBx{22C6YIniwD-QE4fJ@ea4}5;r7vI&v@@XmweuE;(+cGnYYf% z8kuuu{ZF;^!+baM;i){_$iAEeW;)S0D6dOu2Fp?qOT)1KHHuHe!qQcH{r0JT14&G` z#cGn!`+BqBmYe-WE}z?U@g$$~{SuvMk!bI#?Ba zxxMT-1pm%=bGP5cXH2l}5gEmo{R_#eSAIP5tZ!gh%~8@7rtVxY*u@7&0e>6<%*6js zZs7R@a^OIU31s`?I=y`na-X7z6usa_*OmGPrkf-teV^ETwr%Xso_T~Y1%mKl9v^|1 z&*C@{bOkKq?nDnk_BN>llsONc>_KYiK#qn(Fge~3AgHPm6B2W)ca~Xr56862J7*ov zWwhOLA>+R9XUyw{qzh8U!2A+=7~p<=~K??q=ph(|S|PBNbKJNp53_;raQ6tUuCC z)y?yPi;({0DewNhGXq#rIk#y^^fT!K-k&FF8v3`6&R2_i{XzcbvIXNbZze=>i*!H! zn8w__L#osJms=C143RaM_}>LEU?_9fhyx;NaCL}e3thH%#Dp*`PRw)r@bbqL=I7FW z_ilbgHd)}Wv^~tcILKs_{7-Pa0x&svo$rkRriW+n;Naly?oa>5(!9JpN8Jqh^tGH21Y^1p zBB5tsV4$bBpystDg!63EJ+YywUw{T#&!qXBCJdmng8b1Qf0M$WMr45+psdVHeV>!D z4!+=lXA59;i-l^H{J)EgA{mClU>Uh4p!N|{$IY!RRaMorh6gF1pi!lfUl5;1wnV_B zuL(k(Cw68l8^+p+Ft-*|4vTSp4cu~~yioI#+v^ACcC)%va5Xv#F880&W_TA&2e)=` zDRV8j*0uRfMB8@AZPIa+(2;%QN&%H!xUNAz%3Xw_+2oSbbv~*WuS3(z1rxbBDlr1d zememg-zG$176BbVr3mhI+q57u%Vvu|v$z{XDM&PePuJ?Fjj0Xv5^{h`9OvLOfutlM z`ZLw3lFA@!G#W1FX`DrO| zv*qzXFbtK6J1ZP}bmrmV8pl6DRv;h~e!*0Q;`v=By5-ovyYxmihexdtPXw7)NfA7! zvi=>ZL@<+b)9zh44g55Su~%aEg&yqIn~`5qK9!2x>vS@+vQzexmY5K`?^DcEC0~-k zp&hQdh3LC*;oQrgvE9(znxYC~xIH4O!B{%TOySA zkf_^Q`^~{TVqumc_O>WQHNUE-OBJQ%be%evwKcpY4LtFzD6_8baYf+StDF?Jbg^j;SYD3Hly(d@cC1ItBpHsqQ^nw>Lv&;4^e|w0{7_$ zmzlJ1g=_f|@4S-Cp8hBDW7UU}X#y>mqxorjT;*V%RoA)XvRBjZ7DS4;srgl|rxmtt zM{6x^npL62l92R<+}cd2hvd}2#%91tjOLS@aa{wzL?T6}eEEimp|A$|=+%u0?siD? z%+o>jr**nvmIm$lEpsrkvKcEq+`ON%Je}g5JKG0AHM`U<^$Fr)nGP51v&&>EtLkY& zCpFmhA58Xar@&^moJ5Wnu z;)WU!M}zQRP7OudI}UMCH6q)>+O#U|gN*YwyOMyi#gn-X^Fj)*-IA47(hZCeDUor7YbU6cvsyQNYz_nc1Dw73BV9>v z5>(d0$RDKIxF}Hjl-`;=V_u&hi$0I)`2Zmr$iR(i9lBp)f04nB_ z$qoZ`w(OcgaugjjmJWJwPq7AZl9f9hZ7|BJ*jFBB#<*L3uZ`VCcUG;Fy(nh&(M|FX z!!T|I)|7&D1gCb?(|F8Gqx(vk(&dkm$F9oY%D7{BjBo4T_fc#nk6+4qNflMy0e={5Pptv4i;lROrdMx8FWdgaVv+P3iJ5d4a2nDK%?MM}sLm*Hv+Pb|=ls zo`9vbPi+|eyrAuftB{nb*LRVFHkPweIw5JgU||P+?$tpgGGl! zMDi=w@){N5sasw=!g>~8DuA#|VkfWEd_isHTHkapLgV_SYjwS_LWZggBtb^<`o>?h z+rh3&3T$%i^6iLkPCh(B7-;n>+4vc%x=z$C-@q62vP-+6=^jwiG`|tQVF9ZQ3#32` z(BnDber`zGe5DWM`|_@tyMKFvt@mZwf<=Sjq!?WuI9UF7R^^aL-zo40ECm^rqE+t;?2 zdf!DM83jC>P(3ieA%m32^|RqromP-v^?s7K?ceQpDbTfMLhPpFchsme<%lZn72h0e zu^v4yWL&6^tQw2ovuXbIn{JaUq)&1&`a?r|qe4e9mAT;^F>st_Obj z_fgAv<@}%Lgdgl0;b85rXm8gZ%s#sx88+BgHZnf&c1`Oj?K=r(m8%Vvs0x38N$oWa zpG8e~uxO0}CEG;}a2e!x zV1Mf&dVMHDgGIo+ZdnTAS6blb_P9#^IqDCOw2P#+710__-7j&K{rU|HL>2N&?Wjza9P2@i^I)9u|Bqq}=cdt)vBd!T(tfWM=;8f#%(+`Dhx$bw|w_bJ?%O zyPLvL?lNqH>)W$42u7}|YKR*soQL&A=ls69()CTyXEu5KeeC>8`-bXH$y|eku%a|& zi`I?X`ZnXwWZgjukJ6@EpbS;WTriJN@a&RPR5hw&KpZkSn`5JHD$5{MrJS+>Uyt8v z_0mWoQK)EC`34-hG#Xgc=nXTs9B|opJ>iB3w6t7w*t|HJDAhwl)53i(3sW-=ltM4k zgpz76bL{Von5Mkb(ODYsc!t-;FxWCe@oTf6U(}yIgrA9rJvFeM_>4*_cN?so)bN9X zU~gyRjVH`=a%ztO%Ux@Urt2MW>^s9IHcfF#ZeOV}nvDDG3-)Jjlfkc9X{Xm#hC)n6 zJDa50c+~sH$9VtP;W*P6-+8+ZA2E|qP5Lr=64w5b>o@L6zNAD$LjaWGey(F@%e;mDl zHD=ytftFTOJ$?AOjp-QTQTGtreHR{Qo@x5f%Qr3h^9~J6hrGb`No<)hyreHN<3rBo z0jID-(Vya`lqh~F#cjUd55X*L2xTJ$ah2Pl={YtD7E=~L)byx+hrTXriS)+TUycMr zy2fw*n+2}tG1+gUA^CDBC(}B1mO(vDJLhxqe7QGhk4&2V-;hKazR+09l`0tOO6?ZNMO?wZxk{Xz0&Bd%lH_XHuRH|@a8ExJq@<$e6~tyink{+VNpn0 z0K5rPv&|fH9apz;+$>sz#SZF16#HVand}Q4Dzczb`F2vu&G(?32im=!r`(B?J`e7k zV6)fpez+|Z`*_E?=Rr|QUPBf3^y@AK!~`0;WT{7&KPOIKSz5f~azaH~jJO$Rj(XX# zyXaAn38BqS1QHhXjkcoD81)yD!mw8ZjMaa;BpmPvB<3Hd#g_^pyeTgBY3#(X6Eb|Q z;;XBiyPgCy%*ZyqbdqXLRdws}STq0LGmbc(>yspU7IK$*c=h6;>;|t=A2k>3K^IF- zM4{=h-rea;9HzEbgM-p1HW#;WilAcArEDl0bHMOd1~x2JX!V|^V&2Qa-_-!mC0^yI z`rg%ZT3uG0;5n_m5LB_9MP8rm%cF;b+D9vpOw2=eyxu-f6_0XDRgtn4&cvD>B#?W{u3dTTrO5T~sL@{TR zslVucawP`ks-vF$p}E#s|mwBiDk87 zKX%~>Ts=6Z98sj5`O@usE&kSqc`k{9Rw#KJtnazMtz=Q*q_gwL3%?xq6}C8SL)sI) z=yD4GMBE@Z!#t^4g)BP1D9iSamB1F@hb9GK0JgekmSo8NgB8p?l{(KbXiU0&@QZ-& zPJJ$2sHW(9HH8z^#A~4RDoW{z`HR4bQ6X^QL7RtSaTZ!cvLFU&+AEIj^A5%g5pH#C ztCKcoA2gO(hYaN{`G_UQ1iH1-sf`7kM2S;OWgxN{`E`HGGkF?qN?C-CW7Mno-*1aB zYT6NLu4kF0p_C7_e^XtBkgN&SDRh+1AQ)%X#`gR+@*$h;4WMAkth@UqGHeHoZ0Ctn0*V!Sjwjk`#i96A_c#T?`w10Hc=~ZW$H4;_QiTX^>i-% zJFiB1>?Yo~BS1iqkr`+?gDz5^Re_Yi{KDzQcZOlY7j+JRo0(r6as4R{W&GB+P_Ya> zhrT`M9r?SCW8Psq2Vf4+m1*=%<<&bF4nb)!@{ z8lC$@CNDHaY*O{@b-CqTxFbVHX&c}nZ&{71c0-R^E`hLWrV5<7O_4}1Pw(`trIT1| zY9Yj4D-MrsQXxF;OxhKK6ZoV|rB1kA+dQV9b;W(w1YgdD+tvkrp|pYK7h#k88FG?8 zs6pmpQ`f#>?5%S16!RpQHgo2xq!{LXvvS>|e^U~q=E+2o3!I(`LREpdn6fV+1mW9n zB<2Swf!t0e2Osr-6NSj0-({6r-;fVjs4}FuOFiz6D=GPuR6SH!D!TjWM(p{jv?HqO ztLiA?jFwG%Ck~m8st{t`{O)&PeN?v=C$}?2gQNfB_;@^gTS#GHi%6oRTSQ3Q^tuJa z7$wZ?yRu(ZhN(ya$5M&|uXIkOkS!-@Yt0rQU1@XNqNVCOvYYf5zuL01 zazc2HR!}oPe_oSHW-`(2e%#)aHx&gLu|I;OhB3Ac>>!$D`xmR8B+x=9i!pgNot^zAugzYSQS1ySb zEN7*f?ePuHhH0@I3I1|q!aENc(cd0WFQ~WZO5g8n7D>#icq^3f()C#3_gf&}c-LU~ zGg~-RqsB*p>&?yJm{74L)XePdG!kgc=TXQQDpUsnuurb!^a(lMTY(h(Eaci#ul*Q0 zqKWGSrK`xvL)vn4?QT+Cr(a2s^YF^LWeq;c>wedpUW`8TWXa+rUOi`Ka+|JeWiRao zaRn9(i(1HTS@Emt=k=$2ngCXlf(mT{N=KT-BJ$j}+n>n){;%XHyL>irmtP7W5WMa1 z=1PlDY0Mt!6rs&*NV|AN5~^yTVJ^BbuuQjZE%H-SX+e-Iaj1q1~2eJ@sX`nOAoQC=mvjj00#*TElUFoNB!LtDblySKhuC$4{LNbNik-b!^Q zLH|~?BC)SoP!~ONu{-pCg}-yyVjK$)+PjT04~Ydmy(zsrX`!d5r?SJxG+@d}hZw## zHlaQ*?ZAMpkTS+vbhp!TQv=+c0U{26THTwEQbaDZ9yLdv?_sK5nA*|yN)OBh4BSir z@|c1A*~OeOH#bL2Ow87F94&tM11OediuFC{AeE4i_*=2rwNy?3Ug15Am01;g#4BMS zJMm%SZ$ar#Dv993oi~ZU?5c6nrqDYSlh{~Ce8?ca-*71^DSv_VN4 zB6qVX8c8$W9|?~uwdR?gQ{4lJ4vzR5ZZRJbSE5q^Gi&LjM|5~`B>z%$Wh!`B-?*eX z@kbnt+Hocs=>BJ!*QC!PX|?#Ps@O^`G}7fJ2g$S*Y1IY141w-FA`S-C$>>QFO2nW!sf z!WZAcSQXs4Q%6q0=<)8}89zZ%a*^TV?+gC{XaGadX7kAAgCiLFNPta$E-t)*s4Ope-B-bi{>5J$0uZ&cuQe`?AKz* z!tURD*H^OMLauF2o{}}ti{vTLB4mneh%A?g#n!$II};>;Y})pOiTVr)Ulj;Pdh2q!>##pr_s~h!maV(&m(o6UCo}gS=WxZ z-16Von?!I0bu@WA!8oK>r%A|z>|RaN6vyx9=h{D$UmCP>;?{xijABGQTXrx;x~uAk z)~SB)ds%pV?ulk^`3@_Ew+8;8V{u9b;Q6&>DEO?At%bFqW&g-rSv)C~)1?>#pJV~* zVx|S&aWEQH@oKX?cWH_K%obYm!9dSruB;^Q-HXY_35C$@bfL=Xk+CcNP)hCJ`Gizn zk>+^Q-4~mUH3U!JZr|*$@5X0#vW>5uYfKpNe64GAQ z>*~fI5QR@q4R9Qbjv70PGuNel^zc1Vbh-DaNq2`}|C>6LnE2;6&X?=f#e!?=XU^Z$ z*K3lTVIJ_}Y7_QB)oayei%7qXlEOUqp}j|i|9W3)Uj{r2jI|s$%TpT`i!*r|*|{$A zq6CT*a??%?{KiQy%e}hI{*DZo2TDpZ$LFaH#{yq@T+rjo!nvn6Q;x-@2kPhrf?bJq zk_8HR#4KhO>kHi`h@8#*dS|rFtY59Ht6(zdi~o;gp$?kD?Lx)M>bBY2#uijc3=D8I z7-*{Lm9e_)D$_xCW~4wJ;qrERem3Tek_EsZnbR3#PDe*SYrF8W3;!RXVq#*jW1U&u zqN-+kL;hHjmJ-D9aZ{XnF|x*r^Sxx?*CU>)-zI~ilBfx-r*85;f=m4ETYS=YKg`eM zq-3>)b;mSSRnnDD9Ra=-MR9F;l#$IAlY^QJ3-Sa7i0Udwy``t-(+{Dw3koDQ#qSdE5dhTDa z`ixCCO%qz+3nF^*2MvikCV@V&QW0tx+Md~Q!l*6n8X|dpf=&fS21^dA#dGZ*JH#jc z!IfGmHj_{?>jDcGM6hST0 zaFhGjv$Lz@hlf{xtUv3?%z*}laI)%G9?$hV+@U=r+^WISV~Gh>YveO9CPBdTU#|Rtgb@-WAmYiBXQ5s z?j?xqzo6Q`r6PrMl8ZXK(t`!pkJCF|+Wlh3Tf9HpkIAg#hj!aE;u%_HVTe;xO9;?{ zWaBb_%bd+=Yq#3734kO%{4{2NTr3nOW3P75{6;}WOz;n3;+JnuGK7|<4FmY)o-l{S z9xFV0_13Xv^v1Y_E?1(SaSxy$Jz3yz#E7{#+G1KI0vjy4&4a193@vsrDccmEU~ z^9w2cpAuf>g;oNhX69>SLIVe3Y81Xy4kY&HA1AkXeBL8`zyLV0`e3qZ?-f{}?qnyQ z%7$X{f9t{pRRvdTy#Kn7oGa7kJ*G2P1-&_!>o{5ls`ze5N1QWNAG~DwEy|qJ)a5Sr zvr?DuEJp}UaIU+m11Jge7$w++#o6e>+VE1>svH#bcu#ce?IL3>i7kZ zfp7Xstk490I@sAjLL0~c^?2(C-DXa4Wm`!k5sjc?$3BYV&Jb;IQ|57L<~Zb+Uc!dRN-)$Kmxg(rcoug@z<5W)~J@vKh3#RQ($%Dzh&l}av$&S&sNu_31sk} zKX^3%Zr?_*{7WDGU(b{FE1!Ei^&4ON>vm4x^5-`Q^m0%!YyT~(dv5+U)9 zMzrFK8HvX5+MhIX~9kshI9d9Zip;3-R3w~{k!1N*y_eJUyW@OEb%lXr!K zTNqUtmNb?X2i#~udTAI&nsRANoMdDDQ)gQ%C zmK=6=92h^FV_t5iI++sdSd+P7JpttD)Kz1pQFL?Pl$K&C*6ujsv2jhz$#(a*7ySJ5 z^BZAdX^f3g`8r{y*=N^}6OJprzI%r~$Z?pYfvn<^>r!FDR94uQGqR7IsZ)fz z0Z*2VpUcW7Zd=l`WQCYqg1j=L+aiWIeh(EVog>rK^SZDQQN`3RL${INJ-<<0G^-q= zs;Qhh$J8il)y=G6qfof9srD)8``)&DQz#)URN zn;x#$M#Yc{Q_4>K4{lEk4@;>Do(`!V6inN!C@p7=Plt z4~+M_6q1O@)e|vR`&2~rI?=Ot(V@toB~>Vf)WEyEsR_)=YUlaY!Ft#o1fM;+Rp1as z)NMk?k7w)!*oB0WxDX>KZb3`VAZ3-Fx!50ptFx9nFeJI7^xhxqR(rPDWAlr2r>>`9$xruNuSwJg;y%3<6BAR(j}d-NKu3lL z4D$#bBkwiyn&$Sp5#7V84U#Z(b8>QWc0T%R4Fj%b7H+ddE@=~gm- zN+M>@0VZ>}yEM4l$`A`W-JKH@_PrBaA7JL>jCL#7n?eL(j%fw6FdVmjo8XtN=wa7k$2tkG!M zN_p#}SyZPD?O57n&)!v&%ewscVu~hF?gjPNyh!^fH3J#aeRX zF#b(-;#xB|r&?}LO40b+>;j>z4#1UKNooH0^G|&jGZjS}iG{x`xUIIfg{W}^v@Lh+ zs>Z6_t~x(ea`Mv-Bxl5O>Kcsgh8USh>b5u!?h!nb51dNQAucG(5b(-E0Oy^Dwc=tW z{1fShPyW|jAf>EiJLVkGd8xrr%ny5Ckcd}j=X)|{d_@choViVSY$=DPwbEn&2 z@zq}ak-n6?N6HA2IT}%ccbl7Nq*^uh_9V@^$ky!?|LI86*yf%l@)5=v)^2=-pnieg z**HJ|^%HjZZzPTS2KWM0!!(?cJB>rSK1IO$_qtQN!{l1kC+X5!)lObEhE`nl6%%_WZPX zvrk?Hy<3;N8gOW~qZ98RE4!W3BUM;7g})=9X8}Bz{$c0ItsPFKW0?1{#hUr6$?NwcN5ZKrryc+eT%{yaK*) zfzM(?QPsQxV7oGu`Pn`u>rHi$<**Zaze`R=mXORvN5lK(BQae96e9cwO_m_(2-H~7 zqFqnUiE}f$9#dbhtkAP~3=M#){ZSs`WqpoD5Dj2c$}rKNqmCtsU=_tgoMyjznE0LD3!<@HE4}s)!C~ z{|K$A-_9`M=9Q#PjFo}JDHkJ4^)ZGAtT=iEg8)He6#C~+F1lf@tDZ+2M`pb3v%^hD zSL)vR84eO(8eqr101@bOOX+_ia=Vz!fp(l%I%99IsMtUmE#6t^2#^B*r~b~`1af>o zo7DHoY&c)`L29n;9EaDypZ)Otf9Qb75avQo5;e*r{?eJ%^Su13%&a;ZyPM|T`(P2F zmtwu92%D^Q!H($AaryR;CrSTCbF^WTcRY zhsh-b6KbMO0XLh=NB$eQx^YoV+1`;eNV9KDtwr>O+dj04Nf9Y0JU6PLAjLkgF;9;j z{#kQFv18q}l-U^ev<~xbqttnP%C3L4W(=QWp!b$=lZ>R0Ye1Z@(;e81Slfj4Ci19~ zgp{{hfXl^GfJeY}Au6q?p(@1pEXC_Jm%UbEvW|x*Ak{ju7i zf4eHULXamY!2ejdAB?_s)W{gZ84Yo0<#coe?Va@<(;X#?IGio6gvE@1cpz+G=;_G% zhhSFOKbP2C1mn`@v@!(|QJAgIA zHTZQ53<@r&J@|O8H+WW!iqX-4oYLlZO;LXc;>Btu+ABoaOz$U0L8Cnq@0c3OI_G!r z2dA^Mc7NoQp;+Wcd$cr+2AS`pE(I8Do!4&WTmu4DBN`%Gqw~Xq!y5AE=cTeDk0zPj zbT;el@6<_b-oI-y=7P>< z@>kfjEw7r=uSonT3hcWdHu9Ky50IQkSDF$G)zv-|I_`)=>lneA`zMZ4q!ye;)A z%BnNxQMP+hycI$U`6>*%WhCV751P0Ii!{bHbP!(7{K2XWlzkHP#Nod#&c1ZxVQVy( zRF{9YW}#-8Sa;t>5>u4e_sD9%qGGozni?)hO%uFtQY&a|RXt*Jey|LrLIc9u)G8zG zZQOX(Cz(6#Saqo2!<$D71MGo7U=iKOsq46gK{MjwAyItZz&lRLfE11O@R0FKcfK>z zTlt)!bj!+Eo1MF%Uozl2K1rAv>O`G;cTQVz$)z;m*s+*Tv_U6^I!{ESHeY<**Pz6= z*g}fat`D;U|6k?v#v1huKRspTa?g`Z4~+f&=<)kdcl-$!KI$o0*n%z$>0BmwUxntmHnlGSyEVf4(IE3f3wrXD&fC8AiLP+aq)oV&M@I7-5MkDeaZP+ z?Fd_BR04wFJ<$}@7UeeDH`mVY+O~E_*wTX|#vX;@pa0oc`kH$BK*u1V^gHdMcY@IzazORA7DBC28w5(a9`PB&x^bE zN6((to19Xe4YIR&*B$4+f;_}twycUdOJYLe4PWi%D4~k$Q$_on3}x@7Zdy1+8r&Z4DQY{%H0MrhoDBo>!>%HhdCfY%ov5Ua z*d9Kpv5!4FJ$}|C4c^{9BYGB~gYtEUtlSG(%i`AC2BuDrd~(-QDU#+8qfiKH&eZy4 zv^|?OMt#)NGkuLJ;AZ+Ufd%}JU-~e&bX)iKEMoy{9`cYq9PsNw^|EQI}YSnV~0A@@^!&6j-*=`shg7I5S zx9)h6)!V$4F)s@;RY&Oxx0`&8DyX~^uV#4m6I}RDa!0`FZ=Z2IiW+CC1!c1D@cgn# zVz_bOjjss6Ft)>vrp)m{P`md8HlHbucvc4&GGogA$hu!|M5IhFlQVT=gHl-^`Pg{y z8>q!_=!`w5Nt&?b>v=`ovVKNsdc@1}Bw$MN>>J#xly`NNQo69C)3y}!$@~GvdlP>p zhf!e^u1}3+BZul0cOb2#|4_LnPfTgqQ)knCk7WeHXPm<;M+XPWd&dRdC6BoXh8$Yj zo~AO?^J_^|Say{mmtNuxE_I#oOj!k-n`^~#FburiVr1QYG8WA5-oM*Ml~R?+`};Ax zB9i;6h(7mfoUj8&{^N}!4iL%bxS;5I+>p*|p{}A`013BLtcox(1sy!z%P1``Lk;~^ zVgX%ezbN09HNl+rInV)F<&UT%o;ZI!BGb&RKQs2!d4fOA+$_;~?6jO__O`ZmqN8mZ z?OaUlZeV+Rm;Pew!A%E=WqcDzd(Xqd4N2<&hl5TJZKQROiv(szp_)01`{ZW*gSG&D zTjn(7sX-;Z?3Rs_BO$%M`B}C(JFruBJ;15B<$5}+5}HdVM{H3sHaXzh&?LGM)%)!@ zw_k<0n#u!XH-(LP9Qx|mezt#Ks#xE2*sW-A7m3rnK&<_I&-KJv#y>CtN+4EBM&n{k zcmK-q#r`oKp+v>zyu5=uBc69FFruX9lbs>JSJJYpWwF%Pbu)Wx#vx`h-afKQ0ZL>yIFbz;)lx9?vpE*P; zug2N@#`Edw^-X(N4E0N##|?{5yIlq%Sk`gxM+#nM@ZjekF>Npwfm9dWjxRP&Ow|KY zru3&A4nIZBYeKVZ{m+Dl<^mQh0Yu%>p~aBhJLGFO9X;wSHN-u>CZW{_{=$-y-eP_Z zi^gMConFvj8jM2+ukffK@`c4JlNiljrFxY>!iT7LRCfOz$da54|P=8}8nP9*g#v@jT?=v$r_9 z^^G?$f9xv8$<(CWaTWMEfHy*8>4C0cch_c^Osc+TAgV05fbELp7{K=Hq5=na=(%CG zG9nVgzFxale7Tx^R>(&e6dEcm!FG7Pg83MA{<++CD~*ZMx7$ySAEV?E<;Y$ADDUlm zFJD1A(4tVuuv>n#Q+$a8XCghao5*Z71+M$X0uq4P-N~cSJ5H=dLT)FJWYZxsf7y;N z2ux3tKDJjW;4~w*0B(|E^Gz#VVdyomQJdcXk4B7*<^>;FA~;Rs%!9f>4UBS&|3@JX z6^B3Ud=IpunHDbn5A!XNE+#LflKA6CRG}6;Amp%A7*k=9-1Mk!LqilvS5c!b>~#E% zc_q-jqJ!V2VWC{DJ{o)E7)!2eSle>iPd%={mOYAXCu4c7*rZmV4`127(Wl+mSR5_2 z%x=6wfwTMND}@kwh9c(QBAR;dv&e2ennUH95US3Ifs$Dbn3tA{_(L z%~okC0byvQn<0k|=^VOSy1N;;8_zlS{?1+Z{sDim7MoeKVSk?I9WS23hJdNH{Wz8H zQ_jA~P^M(fse@%4#@%2!2AHG!ReD$u8!f%xrGKrSQ-HdOm^=@`5qP_z71Vs}12`+J zlGAdkJ~`te-feYE82ktgIe*A|v*F)6B;6+ZP@=6)-XTSLWbfSERVS5V&MMVYz}t|I zP1i`cmAkR{i2jEl*HV~$7$9otIJrYsF(yB)lOWXkxsX>{C0mVMdkbQ2r>1F#|M=8I zZTRO@`pD&yJv`-RHsR)H==T$Tz7qG`7NQd`1!=>}vw!$Et^U=P`aB9IZftgyD7PPMSFbSIXr^2aH%#K;WDb&~5#ExQqSp&lVT z><&IJ`$zSq`mmI_ey>CC_tVoVzI-OWZ*V>On1d2GtV98(Z&6*xkkOK=#SwHUl=rnV zLYaNS{o>w2N0ReXbGXY{?>{ai1J_%QnWTnghG9qbA>xuC&|FH zA<{N6*BmBF$MC||Zg6_2As9~lLP-tT&-{oF(@fPjqmH9Y($#I68&*RxFpy$LGZcrl z29)8|)YhglUC>?p4Uuear;+TsrBao`bM4`)6J~DZP(XLq_s{zpOif4~*4E}aBs0n_ zHo|b-Jd`|g@I=%vIZMP<%ar`#^o(_?X4d20%$dcishWpjRreA+lAL*WA0Lu@tPsKoTlo;KGB$7AUv_>h^xb5HusZzp+XTx1dQ3?dut4Q?`D7s=K%*eu6X1as1l?&^LK zu#wQ;(L+C6mR};HlYP@dX5q48?ul$$NHI-xPgvXeh9sZ|TM(p=aC_DXjfSfgzACYK zhk6Ofy)n*^g3cN4(gjKxv?bDPM32~dlTXlFWX^u+Pn!^GAPg)yFT}QO@^~+;*>~H& zi(K4JM0K3Srb1$?TP4KY`oexl%GUt?9TnN1I_?>kYfj-M((tFyif@Oe1{1~8fRCvM zdf|#ce`C$eib5S9FRvFA|qHDVdQWK;1)a&d9Ay>Yk@@l8e&(U`_!5?cn5>NJwS z3gkVZ>056xMeP4SNq_1)G{k4XE|JA%?g`ArjNx%chL8#LXW~q*;wGMI2}_Dx zUQE`ze!O5Aiqm23k~%Lv!Yb*Sni=frJ2^VN)t1gXM?Y1uxF~#Y1xOo35%RvG1;;cl1Azn6CO@Klj>f9{fPL|; zk+R46B>pAOWe&1e-C~uBE#`E;prD+W*gT+%oyXHlGg=`diU>)}-%kIQ{K1u1=*a5! zP>~Yt9G{LcgGZv%_-B!F!{p%bH#@dKYE3(Bub1}r&e*-L26Fppo~}*u25VKaazu5u zA0`J)NZyPQG3gveXG0|!JQTm5wXJ;L%B5Ja${mFqeAsPd>x%~O@w@-5+ZhzoaYv-x zZ%%6)J_Pq$6<)-0==xq_{BFj+n0&hOa@Ze$x;*?(%BTN*yQst;ep%n;B$?@xg+TvO zay~6mQqtQ*&ftluw2HPBxlQr2FXBEYm0J~A+jJOVkOcI6-j{|=Fqr=8Nr%;!){iQh zBe?f5=JO(-WwAsMe4 zd;-HSR_gAUsxZx{oa~-gs_#Ihb6x~(Rp`VXf-xd# zp{c%ts=$QB9~p(b??t>%k@&j;OVoi?#(mQTbk7}O?r~q8g)1{Y*8bxyKn9~ zCOn6o{>?48V8=%BcuW80V(bvpi7-)=;MHjheOa3hXMe-g&VgO05@-LIin7fvgk;5c z!&z=NRH2T&e~ez{_{>EOOf@udO!CqaRkqC_i%Fx5F(I<5HO5(tA1~rJJaDCf%KEsO zm-YEldEv+07FHps-wR-&;b$krbp@wDMPu|+*ibhnsi&2iaYi7wCA~$0Fc)DJD%*6W z)4)1=uG_-?&~80C+erDVSb_a{`a<+w6bw`D;P2a9dwTz%kjsr6w0#1%@JZlV7kAZmY#i)prWaGfF~ zm#Hj$Z`I;^9_C^Ry?g?XVl2(+aMV~r+K78f`Q((~i;A?8lpgBCNti0rsEB3%h{;UR z5Qm4US*cysPx}f^sPGh)tYQHh5qnv^3^T^}AmaAthk5b|XH%3^wkkg>+z4Sp#^Fpn zJL0<)iL=S(v94E6*pdBLXL)H2YPnqHB_2lE?v|dC!s^X!AuRjU0nR{Fw{f)* z>0nb!UVdWh^9=bX+lC|p?B-eV>cU3n%*q3E6G4%QtV=1F_-Uv+CZ-tes!U*jtb~H7 zB>ustl$7zEs0}+a0I8y{kh7A(no=wT0u<|YlCp;&!L;6c zcimip{>7srzYBEkA>)FJ*e)-4t>y8V>;z*A2QP4(dM(L)zC#$=++Hi^YQ8nfcf^0LWA z;M}wB@ntkIBR9v%L`=$ZxF>{n?oQr2aKb)Mn44L&g276*(H-~&T-v7)Zp4ir;s%&G z3NwN0GLdHHQJ=OK4X!7_{4%1z9^q5vP_}vvp!R z!e`(^hvKcMNqZ*nF6R0bvj#pq&W5wgoQl~X1Izalea_vPvh`~5;36+?2WYz(%D~2xe zl55)Kb7TD1aZQYggz?cfVPm%0MY$sj1M9+6Tl9IQDiwt`1`YT%Y|hQ@9_{r5CSUo* zgU@H{$>2kJQyQ&=-SpTI1S+wh;8}d(ePqg(FI6Brily>BR%plr+{Lfw_rv1l+r0i3TQrlpAl=Ylhe^7F_MPOg z_}K)T7{fnH6;CEJv5S51w34!-_aE#$ax?fbk&;;tCG9BlLxi)G(Zu(|el*S>ajuno z#i$4%*Jm5(hG>l?0a~O5qnBAu!8??6!SifJFEtpj%XGplGi^x0f^Q~S7K>S#P|V87 zKe&>!?uGjV0<Te@}5LS ziQ1z>T3c05?8_Pw58bP`IbMc%i-m;JT2J{~h<^Pu#0Dxw| zd;DOFb2e%{BdP-rav2@ntBMrO#bffpPQ#!Y_DG|p#qzp zBGS7=-mD&U;~876#YW(qmby7+199Pyp#1bUHTBB!KP#XiyGUla!?OTf0A+6+%dwSq#dy<8KN(xz;SItVYSqH=<*(~yOq z?H_>BF>ckRUAcq0Mma_JPxadM(cL_zcu$YlhXM~pGyB-$>8(@+cd|7Kb&`!0+%J7e z-z^b5*a%fM8hgxt)BWe@+*s@-2soIx-1!eDN1^Fd2o!;lOmpL6%m)q*4D5rD1m@hN#K_1)kbAf@U3G|Z&*~>S876^zqNI`sMZy4%||x+^hHoeni17RTge>h4L{p*{03v z?{j-|`4TZj!9V0cf3Q%;`fBfEY@JC#7&x0WDph{gyMEs-s9_?wHVKA+Kj!>`k$`Lh z1;8MX&E4bI^2g3gMqPEf-I$j->?^x-$%a3qA7SvFh%u4zDrmXpIv=4lS>kYyx)W+R zqrvK)g(RDMdR>c-CkF*1o!}o-?Eg{vC179LbwI=6O?I+Qd{Q#&9Naa%Vpb`K2gdQL z{7${nf01Z7fn5UEbk7#eKU;|!3MQANz7sFeTv^HBVIRzU;6(W1t*cAzoSv2KdVyMG z@Y}m!M@nOCYvc5+Erz@NUr_}q$m|^Wi*uv}5ytmE<=plv^)lO-C^5?bIc;+yWAfKO z?yh=ifxI;J*o=$jorfNx-_+fwFauI7cCX77fy3UDau=DACw-L^oECR1Yr56__@w@w zHLe^}<96;vHC&jTMVoKbCaatDoaR2f`8MbFJWbzt@uZe?(+C(x{4=JmtRa0{e+YuY zo5)d0CMQcR;51fwO8G*Q5DeqK!S=u3=Q?vT`Td}6O*D#K%%p@fri1cd3|9HldS+vEO%m+Qf1NnJ!?~CPhHWFvI{!QH+RmuWJ2d| z;)!(T;pa^HkmgjT#N7&6Fhd-hFR3=Y>fYRvv4gnotiA+l&KiY1ew)gD@@O2I(bBgp z?R;TO`+&(~VIlAn4pB2byBko~vjdvjTG6NAv?hzblT@^kpL#d)d#1~;n!@RoJvOCS zB}qSzjnuBUg(lAY$||u4gU4gKG<--C995r<3Aa9Z#$J(5oRc57Bj4W~@A>+LN+zFu zw3-y6VcW5tM7W98C@_;m3xvQ$@81Ewyq4jCtr`8&f?JNnJOa9_wS$Oty%VxxmR`Oz zgStl*I4ZbQeN&6H$Hm&2_C#{uTt-_2^RmwHmwW1=UM*j0t;-$%8=`mg4UIxC*(633 z*N)f)b7+GS{+z*trtm?SMhNTd5QzCRQCpEtJe`)WYp~tOreETdSGhm`yZ0t4Jp4;( zWq(p-9}p*m=*}W1u8R8*FJJhoS+5}(4mtR47a8b{G8`WK(nmf|=;&AV%G)c)6;awY zIxgHG5-cN*jZhTzAzCU@+E|Z0drF*sW7GceSJqjUhoZHPykY4O!7HDTA=4ET>N!CN zbm*rb!>YJ_+{fA~Aj&VeMUMsj08l;*Iwc*D0t!vvF{wh28jLSL&_O;lsQR{gL!u7# zg5D{OROfGd^Dlb}lk{4FiSzpMx$ga@`uM{TEXpzwkKx_LwFtX=Gt!Lin?Ff;^hIsM z0t!SVoUG-Kl-(63ZhT8_exfPc;y9M}J2pRxc2-YuV2MI0=L2d_MDl%E5-nxp zIdDlL>%>e2FU1jGEZp}i&R;O{9&rGV^UmIZ7VCUx(N(o%tL&a39QP|e_ca^ znkd?wit<_~33UgbdTz_AX0cN)2kO+JF@rh?aAdnXBl&*!{>)mb<0 z@G_Qs8}GX={$f6CD=kH|4&9Dhvg-AS<( zokH+)Ib4R0&vs77hQF3aF<%CLtqlDyR-(UlhrnTisYbXV|KR8J*8_8tlkI)y-`XGP zKTmdWUk*>Mw^lhsqx$JxZNh?-A;YI;d>_|ttg)ndEH*C|?Lg#%%4*9o7pK!hFarrx z=~vH4HB>~oY9UJ7i7R1JH?qEQxc$xI%wI7*gM-g}Y&ceT$xT4f-X4(#ZV-p;Am9TM zg^N2PdJ(TD7`9syz+WFL8)O2Gq-XbpE=HZ>+Z@h~&pVY+i$qI~g3syegPZn<&~25q zcYvE$2zKg08|=J6Vvf_@*M@{*K%Cj|5E0KVLA^Qcy*hJ+rA=3zLZ|C_iTh?*@a%V5u-MKdzQ>2QG_g{ZWwV)w@wzN~Ih5E>zL9Q@KwyjOhz zU3RPMzizd_!G!d(EOfyQR56=jqEQBw*ZSNjSEv}0Nl-;JIf#7c?ZlNg#N4+ag+bk5 zlgHo)he25~me`O40Hy@MwD`JJPTQ{~cOT|=yW6`9FH$1=ugo&Js_tSXMi{? z?w$$|9jWkuCWjA#$5VR~Z=jdfBFtv$%u4-7#mFbyj&*e)0ADhc`0!H4eF$Kw({Qku z#}uE68P8#GHaS0d;M+ZX@IO-7o?t3FlIT=J(sD?Ac|x_eEk=4OLAAnTKr^cN*Wl~g z$+;N~MMYIqi>iri-_l>Sq|7!hgYo$SF`uT_F5_TTY2K>8yOlQZ5xX}?4a5{20LO!S z++^Bye^cPaI^s9sg*AqPyD_N>bR{Sug!%^6h72j>!mML+*+VAPy!ANAeTU99CJpNy z;=G;}a>(3OG+-}9N#ulUoDw@W|gPALnGa+|!`jN1~S*U1A$YLMv z`Qo(UfL0>1rhWSukBh)mfhA#cR@@u=vk?^Ux^U=$CZ@j0Gdv*x;H>MJE_D7$ZXd%A z!SV}&@^4RLEmr`Tpw0}C& zTuI*ff;!ax=yaO8Ys~0v)u|WOgy*W_0~ZBnbk|#bP?R@!{XHxk*It?tswd;uwR%Jy zx4_;7ADWMSlW?>VK{YT~!&xyjX|f}aQ+1SDkvVPx7`_+{rXjhHkF~Ak-)$=#ur*~l zVUIb8!g3g!(6O2gchVX<;eG2Hn)4F!*G-7c&#g>Vqjw0J<1{9Ru~}~4YV6zitTgSD z?ic4QZwhwUraeP3`2&p1HqNm8;U7CH13>t$%l+~*(Usp8Y$fd1qhjjs%`#=F(M|?M zfUm+~eqJiNI$wry^Vw-RM}bo zw3l8^%`$<-AuN2FfPC-1M1m4+aD_dTWu(qOjK>(rz!eLr*V0&gvj@&s+k7) z%tEEehw)t45)^hBuM&1l}Jin+3i1-DnvGZSi5c|7c7XgqZ^L9utJI zQdEYTPAsmybBfFOA9%x$*eB}_90Re59`!x+5V)W>cu%(aB(czi)ni9tL0))KQo}c5 zXSu|9Y$vAa9qXh$zeGcht<)O^)vj|gcR@*&F2WT7aqn>YsNjA{GM;QwG+`X2#eb{j z=hn^h=BNLR07xH+gMW-JwlmeFl_Ry`h#AG7iiV{|T!WNgAo)A186twSnY#3+&5Qz- z`ucMY)`hX&U>O@FB-vylOg+buha-^_5HePU{6|s0NcZEr*WK~IQ|WgmnXTTfqN?Pg zX;*i;VSG;cpOyFjR`1r>PNE=yDh{4P`#z0(ssAB;LDfod?qrh{F;`D<&I2_!Xzz@B z(5WCs8EoJ+1Jhh0W297+TcnVhx@oEQA=@$C>P{9-wgdK~+#Bg4C*(z7VtO;=L*V>gD5TYVGuq7;m_hUR#z_=b~bpr%cB zGxeBs~R!C*oCH~H~uqrT{E1ja| zRn^{__hC7?bs`WEZ)Chf?6dk2%xTe)Vm3OIbq-lIRLfdWH={}nb6EovfM*}@^g>GfeLd`RR7|~5< zjm6(8PIwAYylkv*vT~hlCL`tsKiBhm^`9694Sg&pB46IEBA_@LlI*h_^}XsMo?mcu zaHzdH=$4*JW>ka~d)Bs!VZ2{TeU1e7^0x2qgdB2*LAf21@W0~fKUTaF0Jr91Vast| zE_5aBukMNPV0;7Jy%CK`q%F9mYPf}^!a)8k2HDFhCfz^Wp?oJA(VpuW@arky(q`@)<-DT%r9ScIdhX_uF4=>Xhet|;5^U*ma2z*W z!Efv;xQ^f75(@R@nc$XFNEir16`@}9ebBpji;2Ag)punjCF}T0FfeaoYO1cPI*|8c zd|ZR_ITaOE!+Ea_z{l+*Et53KFZTl%X>I&Y0rq&6l!!@*q7Xp3S{Uy;KB zg_qSngkGJN$XD5cI^9x}UWC_iUV(PS>`5ls-M>OYc3IhxbHgR+GrHv3*je+rjG7?F8RkZl+@~}_PS%2+p z@1vZQN6S&|qve$}xF1tu*FeAIv$zChxBxVUi0yLn(K7NWvxkzg%=Bj!7qpIW7V-^M z2NnKN8QjWK_43NTk00UbIK(@$oix8y`*lNBt6;scb$|U$J+fe9Rj-)a)Xz4otj^Fa z4`?OuV!cJ$9(^xjI^IyPh}%pMFwp%SM1$aS&RgXgasBo?=%Jox>vaA2vjuGL9!v}j zdP;L`^M%R4Mf^A$E#=?)1LeM|yO1m;UP>>Rmdx0GVStJ^YlO@bXx|f&d|COp$J>uG z47@FxCI*iYJ~A#^vx6u}&gGRw;jj}Yz)DD8`?vOkRYT;6lTP)KB+PoSW&c}+R2H7A zN8`lHQW`q1`K`vYt(uVF*w3S7J#A+_)qL#-NHRi&I`^YUY511v)RHiVtLt&fGUW#X zCi_A$FMA$!8VY@y+g64`I7@Ce=s}it^Mh~yu;X;eNLhJ{EyqtJdqfD!Js7~qSQnnN zPERzco(Q}5?9KYnOIw3_3m?q$`{(xv$+`9B80Ie7Hc!fP$2HC;8Np_s?xnTG){&05 zdb)wMmR3*W#O%c6XDcN+HzRG?sf3HlkLh{Uv+$CJ(YWgfK2EiAr<&ttymIJc#iji( zx9^_Cr(ftRkwN#-x+zXVWq_UKS){tZpIGzpV#j@N7Q4m)-r>!)5Q&K&?}gpV@-m!R z14qlKJ{%5(*d;gb`v-2#j}#U@Q>~`(LUu8P6AunO|B%8z=g9Y@Bk0jGGZDF%_B$Y^BfwQVN8D|SkH!3r-Qxm{teirmW3S{|hYusv(tl&KFRW*{ zoQ|%Ij_MQD>fBr>(3zra)4-j@>%Lh$Ww9Pc(guR4-j6ShpyDccEd$<>zz)4Oz49E7 zHi$Xu({ar$^&=3ZJ&9U9;(23cs!r#egp~a4i9?B_Wr8&ymA@`BTw;$s zQ)DSq1U^wpeA*3w>8ned!WV~wvJRU1s62HA(mbm183Sd3&dxv}FVpzr&2V}^M|MDG zc;I=>oG^MK3uaz1D}2l#3mXP2`tJ#iqe~1*6(JBW&H?w0#>>!w@$|Ef)rdj;IBujW zziO3=O)jydgmen*Pubu$i6Tsbi%|bNiJ83~8oZdiq(=n(hw-mas#ec!M@PB2%B(yX zd&WtV0}ypHsJJL{IlXK~Rc(8UKd45910kRvQ_Q6vF=8$V=_7TVRr9oxQ@whM6$|nM zRD3MD-PJ6;EX*`CMbc>*`Dq5nF6FnR*Cm(!SgCW!Zs%?VrAiqPFVf z3Pz4Nhxp9Cx9UQcN%$`p3`Pgl?|=Nf^htMCndc+E#LQOY=jN7mk&6S~!TC##ttjk0dL&fa38;@EU(1Geo) z2pqf?t@~+zWM)1%($zaR_BweeU-0wDNAxdt<5YCMytPCeThd$3&R@?zTt;sOWtT(G z-#klG#{E-ldFu6&nOXL1`o(Z`?VnFm`6UC-S3Dz5eh z_;(PC&3PihxT5RuuLG0N8#D5ECN=Q)OtcIz)}%D)<2&q` z&SGIfwD`1^}Zn+KhexR%@+hVmnS#F<9gyT1NwZbLR!$YbO>XuNmb<-wzXC7$rTux|q4M$8+M1cx z`ZXLlC-{50*nt5>q9F#g{8tN?A-5oSG#Y)&&>&-D|79-YPmT>@gn=RXJeAzpS-rpC zflJiOT)WrQGv^k2QKNTzTavHWldlDD`fj|%?7$x+$W7GF{_}PSD0$1vwx4qg?nrb! zXeH3c!Nmm;9V|F_5QwBVA0_3t+ZUh41%*o16e9E+P=|bIIA`G8$(V{w=T=d1aWRN6 zbiO$ewYhOxYzv9!vbp_dD=tUTjM_+#^8>-hkDv0?^xlwTVBFjYa?gQh3EHT|h)Y>Ae?~CS5v&CQ<@~-fOl>lO{qWbdcU_LT?JvI{`v~ zfPnPgg7hyw-~0Z~^__FB^WWhwuGy2>d(WP^@3q#w=F`H>$c3AgIx+x_x$nZv{FS%0 z^>3cKN4E$FeB0GEHOJ_;Vi?4rr~MYt-GKQ390uI0WAt(0>f&%%Sy}n|fbTk<0RPAG zfMxz-Ma*6wHsOMA3_qIhGly;XD1h&)52Aac^(W1vodsU+i<7 z4%bNi`Ctlv?Zp0t)j9L^K6BfjMUraqsJ^XX*>m+god@`9^#!}olO|!|-bHRsM0a<$ zG4;thA-H2vo%D&3y=U%R>o{IcQQC{FvA7pT zeeX<)e0Msj*sNi(sNgAAO;PenN4hTJm5@_1#Gvn~XNKcM3UX^b(ae6T-aV#<@6Y3N z>gF-bEOhyUIsSR}#Er)WGB!c;3tKUw@0^|aA%U9StaZGDhSy?elRH6Vw@;Q^ zVW(zj%nVM#RZZ?=&UBvMhWNp~iEtzxCN{SpGKbl=z#U{f{2aFq=pgx9?(1E`9!;6j z(Z3SBOUh0UMDTZdtP}eb5&Y^c7!=%;k~#=6xJ!AF$Y%k|%Nspnr@*AdOj8;1nr5B) z4epWyeUsMCxe4o3@l;$j3{K#)vlJhDwx9F%JWh!T8TPefDY!@~F0`Yt7}7%AO2y=* z?PlMP{&18n*X$K;OTWb1%RC2W-(FB2ukuvTX`0uhKyJ;Y&f4Trn^mxH$d?PSI+$W(%T3miM*c<+uVn{flX zS6*9-klyg|NzKWfnyd?Wo^8JBP!fWNY&)IiECjwu#bs|IPIlN2maMQxh&dPz81F~w z+hZ8ecM-c0gw=V*2L3;oNzeF<(5B9^9>(zo4ucm6xf$O->Ih@Cv-@CMv5HD0@Xyrf zKLiB-5U41;)H^Y2owYaf`q8Y`i#Uw#f~`9(f8q2LoY4LP*7nN*lxJsQJ?_VxBTh672jB2>K%h zU0EQENV$%Czm8cpFn^f&s~v)zhk4FR?SP1{PRznM*-4Yq`vu%#F7G(go?O4ip5z6t zOApiGNQs}LIFo|`IBZSJjokm9@xCj~J^aL3gt84g!eDOzKs-Qisms2kuIxwkqPlnO zo^AzI$z;z*nxPO#^N;@Y?L@W`J19|wnRqjohhc}OBZ}0;uDr7zE+^IOjzq;C&8^khrlekSA)Mg)>B;lP zEG9LosTgjAF!PY9ih&*x6Z4Xz!geMjtxJAtCldYyNBeC~wTtWn|bF5vYK z2)JJ4yTV78j3-fusq=3#=fD=i&CTtT6FzYHjeg2Ceh%aLk?Cjtao#^@(_}syeV-Y) zs8Y>)XAH+xDJv-8SMqy~iQm6}|NMD-yCYv?5gFF<^n(U`;{>xXjRR)}tsI`NnIA}N z;qRBBN7^w$@2ICYUQ*H8_=kO;PR(13YPzmWkMr-^lBUOpRRY*ePCnQh&c{Fp$~xlC zY?&Ok;rTX^+@F`zn^HXCAnb?GHu%Yj#QBBVo{zL&1tOn6;1)ItNrq{P+Dx14EEjg& zDZn(PO4pT!ZI(UT^lAeYvThrC zUKwtuZ`1Rdy|UIjiTq_9%z(h=11Pv5ub4wJXRD`3SGlixJZTKQIB zb+!aSWlD6(K?6rMlOj?jok>K)%fv(#VLRJH*lQ6&`D(}3FWH0W?nl3sZ6=h9xuQsKB=%SE zFVjxA=QNbQWki`7j`mp_F=%F#&M{$ibvM7&xP+}XcSNcK5c%MVp2n0%It!M`AAEww zmogFNfEMt=a%2$mEa$aosjiBBir9qcspkqS2SX`c^rlgXNg=UN+Whc^orRaYybbkI zsnZsTYfwz>BtusX2DNKX^F*)CJU`DowE{CEv+{c?x@ve!PUUbf~N16R(I|UD<}`w(Uh`Z_pEPl zH?k<@>#3bCRE_l07O84crYkiKeS0En@m^)l;{Z7UJOs7q^t#Wz@Rdm35y>%N(OuUd zq}x5jwr!{C(|HbjL&&|TczR}U&F~KfA653?l}>4v7`yh<&-R>9h$BFsT! z%&6_}-`1t6MVW_IR?@8Cq@oE`W9T13EjVff9>zWf(Ec#PeOwN*^5o0)8CbnsrFS~U zG0g*H3mA9o5m!EChH-1!!Y%1xKU1$7uc51j5%L z_p~Dp^8<{`7#QI0@_=S7HvgJ#;?^GWO$TH=!m9V@JTx?rvb$c>8$^^*npX#jZ5QWl zgSuMa#t~Wmnj!`MO7ddD(v;HGy(UfEG;_kyQH zkdDj~1_AJn|a zSF4z-^~9S)*luXO|M}debkBr4Jh;|Z%Z%#wnN-N9)fO2|z7jpb>y3N-s%&INjcx(t zW-7iCLs~x1AD50U6Th}UypZ{PJBS%rpc$>pw!&&?I8(=w5fDTnkSBU^bi|x0Ic4P+ z6|xi=ys%A={sB79FjsaNtLH;IhV~T44pf_z&}Rv865~b|ragCV-Y}1=(&B?1Y>2m7 zyWm{S^F+{T+WIC*PD^1DqBY-BxYtitvaVZanP8TSM4MiwJs9O-Z)&_)XV%&R}9$hH}@!@=Zsm8AJy~-R+*nSvRLvx zksGnSA+m|Ip1CPq(#y}V-n5Yl5YZNys`ztO`}lKld5CbfXihqSNBQsL-|OgW$AVEC zRK`!oEl4D^=4pld&~RyD3NUY3C4OvU!+z02f)6d4%F5mSd~MCYPhJL_xXyXRltJ^f zW4{v;yjOf>EB6W-u#hj-Pn00#y_Sbhg>T(5j@llyI~>M7Vu}4UpoejOf{#yXHvu$$ ztQU`dCSuyIFL&k6w-EdL`aJ33tf$L^2 z+e!EW&u8ZIyFXg;SO0w=DWobM>bos<#aQ5%<=?ED5ri|Ye)#h%2A_LR*Vfi7u9ht* z@aeIewoC^q6f()rXV!SMoM-{X=g}uo>?v+b$S{ptCM6U2P6YeD`<*o5;o$)OCh>}t z%C-PX)^YmjXZ#xy2xM1X#$Nx4wFun5WBka?`fpmz*D1P-A6q==q-j3SSczKsQL>Dz zEbqmo8h$Xh?B_~|XztJAUEj>wpqI(u3>JLr;(yr*zVH9AlYcnEEU5vlI5uYnW@fu8 zN6_VkhY!ff`4G6HGJ<;NSEAti7g~^8t88Lex7k)UO77W9oYtWuSSh1tq6KoC;B~~B zWN}LwZtm?Vyoq=?Kw$JOZ(u8KuC_cPW`&d8SU(hu_D+Hdjr)xP%vU>bC3QLf8?r6_t=!`rz%hCFnn99RYQ*s+3=(KIv zZnpXoSY0q<(5>Mzls^7yohK@S3amfu^Q@3ex9>Ma=&)xUT9-`b+Gw?HsdjWFKuUwi z$IqF7e~Hu`MjSq&k25LS#->$NJ=#inOld|m4?TZ@{m@*eCZ!xo7xz2>0`Z{C?$K$S z^brrpiAhRj7?`H|4Ju$mAo-5>Li-cXCDm*Oo2to4;sVMLo{7utky{<2}rpdHXU~qPagPhej59;czv)8sYVK?%qcuEL1;HE_Jwi@%T=6SzQm*q#2^J*URA%# z^Um2;x3DN0BkzuR;C8*qxu{76dL3n^K zbG_zO>TwYaJ3-h?MZWt4n7#jM<;S+6PVAHo&pDLdZ$?SUegW&SpZ1D|lT%$YHwnRL9 zN^-~Jy2JD-HY;NT2^1{-LJX3_Bh>pHa5H;8=qdvj5-G{!3ED8X^d1_qUl&oT4BWBS$o56^*-EqiZI#iS@@Y$9` z9Jr#vR#sM-5`#aLJc5dE_ye6OX5lk@M`o?K<*B#wpuK26)^s*w7TCyaD~{i)%ODpt zGyJu@*|C4T&miA+m~NbUE)imQaebun;fz7+Uh96k*v!>%LjTl_xu5?ftFPo+LP~w> zqwoR2H=D=CR+&AwC!(MQeQ6shFlgxd+`HSRVJ_Q6gX znG&cmI@J|O5ZKPc*EVHDq~)Crp0|{gn|&i&Za3NyLXriX<&}uSr@5!!&WCcv>lcA~ z?|}3(r0lqT8!!$|tN-Yt372?(9N#{iNg$seXfz3DqtI*B1yr z@F~NqvIU?Af`7=nYRMRi3F^(Jd$-_XqQk2(V;@3JN@pnG;+1y)|1wwL|AV^zKbUI= zXu9peE8Q8~J~hLsLz$74vv?pIj}(dc9wo`dx&Ny#Ui<^j)(h}U@I{(kkz+%dW*mr-d|r+giK*jKhp0hGiLOXu_xP>C`Q&SCLhn-Q;6iD|h~XXf4h2|DmJ0X6g@8fw&(-wE~2Am8?O%ztR9Yb{5X{UtJ4hdlge|! zwY9Y?TF*8XQ-6X#?f#R&iF7e3()*kLIY@Vc31L5YX<%RS)qw^3YVqUaaW8;-T$>fvq zZJ_q3HaA+yV1lS>?fAN}{m=j#h*n2TVlR`;-O!oSc1Q#59l7 zy0r~wUXxG6EW1U7nR=AJ{1N6;G^aTu>T6Imky^XUZ%+->;4_#-UMCJL$FEczPZ8TP zx}Lm4Z%fsy6pS8jaKCxMBwkW%Ue4 zf3Jk(JDB+8Xr)^OZHy0}Bu{0e95gy>PThCm)TzJ=a4qIou;= zx~8KD>71=q&*OIgzLF3qq`aakd#G$`|0)7DF|!=}`Ks!Ux8l4L(HdvCDQ_3DVqtuK zM}>6Csiypn-asC`)srP}+#jIB5*|>K!h+&jk9^9l1E&&4~Q@>c^!wdIwntl zwHfcp6^s#(=Q}*9zeua=9_?PM-M!0`?${^5c~hpmNQ1wR+2$!%F1M5q_C_os9A&*s zUqftp+#umUHb1Im_3QGvRrB%P3gfT zv?wKc6TV|{GxG&TB7iWRi5{~cc_7$e*%YzEWM&qo-FaN!oYsaPajh#f=2^UuJ3=_E ze_`d%i^tzlDb0F)W4*=+91O%rZhWxOHjbS4*YITWWgQj}0ITL!;b7!rY=?Y9J@JUX zc*LLg1v8j4ZC$5cK8Hk(6{G&@hdwg|mb9Y0&YV`X27L!WFjVt3zY;x1qNe_cFi6h4-1z74dzGn=lVRQ8YUwr>N?}9y{dfYojpeR3x3CUdPC;; z=Cmu1RY1?pJ)fBy5weN1;(mc4dXfJ?@-k#`JnMHwb?IF4-AgX&Fk97g@dVs8%Y@);GH9A~P@48V>ts zcvN+5TqxsqVC#!N_mm4z#2(Lr{DyXuK~%$|8$4VIN~lH-ryZPDOU8R|NAP+tBg8o>G z$Xf)T`VG@DNR1@YX|71}8cFONfif5Lv!sa`z+5o$Jg-!pjrHp4C5yFq-BM15093O5 zG<7FmNjX#Qmkio-p!4}r#6mtcRsOS88Fub{+l=|{QNJfr1*9Y&{O~s(S}5 zSF5@_GTzT`7rGo*O16AVC<=W5(Kz<3SWn%b;_^1xXuQ>o)~*UTVF@>^fBUOB_!8=G z^CR2s5y1;n>Iu;+EWU<^7sFd-hFjJE?#A!iy2eh<7^eKuokGMo*?fHiH>iBnW~)TB zj1r2@9q!#lh*0l1X7?9)`RAcILTdLImc?5#+#b5%H~Hws@g3U*AFUgb9Gc)yn?=3| zXf(HB{t8VfC;$^3WRsg;YkOiVsb4OVVC*vzwm8F?pua?vY`xME&}%laptrMbC0_#ApOzO$DwyHN3Z49Q!$& zvA3P-eb)Cr^n@t2OWE>z)da9RmDu!o@+xNKN%>CF@^Rz>12WvC0Xi((@v#mM)?&j8 z9^LQ8*BN@{@68iA4QI$4&JmSmXTLk%m^hpz+P<-G-jr9VZ)}hbK&~NpxZrX|d;^?# zx(oJzMjL>OBTgaLzpujkuaEeyah=;9R|;7s1u=;iGjf+5-~WhROS3>vnIF6lr#eC! z!XFjxK1yj0(p2C0fl{vPj;&?pw%77SH?qBaMLt&ycDNuS_(RFHyU@lk<<+9eA=T8cz3Zz9Mf$0ae9-Ij^HRJx zIc?Uzs=upZ+pDv98N}PBUXdVh`=>+T_l2V(Z}blKNoGNAj72F_$`kicU6a=?rWtK+ z3K*?UQ0ea)bF^6H7Zg>_!i-O05{R3tP|#HAv|)1ItC#*1+%|DJHej&I>eLa+#?3+A zz`RujfdotbY4lIwPM@E@cqbZpx`{47L<}p*UFr{y_!f3vXk}=aUXImW^CvjUjvQ*2 zp!zBQsp{?B$8fxy|Ni~8>k8(3RdXFV;H_~tmQ@$WR5ob#Iwt%Ccl1w-ipEib#mFpHxtCewVuzS!^Gw3``pu zYVYP!`6*=$3$3#E-~9Y8%Bmq{pX~J3qnti|8oG#<>`{>(zep8x?GJE-AqGTrOWKm^ zthCuQ_@mT`u9}dxV6aS^mP)gCTyGiaL}Q4mQI)Qt?ckelI>)|r%;E-nlXF8oX*nD? zhIhdk)C-tGevT*4ukE&X60@nRsR5R1Kdd)wR(n4R+V+w?F^DYhzvP-k%Tq5w40l+n z#}1aLHcg^lE9a_{xQN!v|8gj;{lIsTTO%&DvrpJRIJ?MxWViw*h=+?-kPRA5)s52Z zo3O~EiHDQ-xt3=~zI6}VsnbP3!#zfZRgN3Z56A?=PBJ0L36crmAEjc^(GAH>&RTJ= z$-Q1xyYf@Z@Ko{|%hL|nY2!+t>nkn_*N!uZn4sxs1EN&t_e#b_IO$w)H}tNqglTq-J$ zdpz(EuXG4@G6Oi6y$Xt0mF|dqv>6x1su*!KIVo#y)hAHAtmI+*Lo&aqJUgMcQgp=7 zF?Oe@$ScHQKF#M7Z9o0hnFb6_Dv8ydaXroRWO%j`o80?h39i$vFSuR~oI9!EYv?9- zz!k(oPlP3uW2wty%%&W~@tAGoql#9>!TS;pz590WW&rviLeNI>$>pa9yfmRdolAWb zR}I93^;XzE``xlD^E=?y#!oWQ>}U3-)E+&ZFeOJb#U(QTD+$b7kMKEoov0z#f95lStQYTw65Z+#+n3sd0@>2ZctfmE{ z@!xxp3-8=J=H+_0$RgT5a<*u*Dt_=iz^_x*ixIv#jq4A;!c(t{o!?}b7$}&KNyI|F z0O-rtg|~%>J0K1j856z>%>|RAhs><{eKvwN*&k)U_9k#M{}NxAeJVt2C%|@8YNxl~ z%A%<%FZGL}c%%L7^^=&b5#zD1k9Zf^sap7tS&@pHcx_Sb9fbj2>pUgVm6;N*%xOi~ z9&qJW`n}pavqpHuS56vm`Pc9KtJcQ9 zlUc62s#x1HhcO+te*sNHggm@+ZQ@B>72t)5wYa16W4BkypkzX29O`_W*)1a@JL0u})>lKGf$@18no>JBff_!~ zZREbwaoecKG}DqtsLz(>Kx(Io5I>G+<6&Uo(P3I94ZC{hnVuaNsbuZ!f~SCN5tIl& z6I91zJJUIoE^XQoTbfx?|>Q~G!8f*KoC=wB;{I(kVFL^QZuMS0d^320g zJf2eS&H?)AhfFbY()Y-ubYW0sX0vF#?cmJMrtm=!Z{w%WUSc8*#xf3=*o04?Othk_ zAoEgZ3v+`K`uNg>p-Rv1KVMuv@*=x5>B3;^%5aCnAN?g*)rM$x26mqCQ7Bad-@N?T*yUC53fAD^vj%g=J?=6 z$AWFB^@R{r25P~^%K`M2E?JY~5Gi`R7x7AtIWFuha4YDQ56iCG__(spf&W!Qzo@E0sza>6o&RpDkV9 zUWBN^3}}ICCr7$pP*F*3o4!plw1Lyf>)W#+^So-(p7V{b zXy$GL2ZJ5@we4v8c@||oDcnK``@8?@n0fo>o7dxL)GFikyVhha<>%&O_Dh)$MzO;e z_oF(C__&0!c31Z)j%t_(xC(dElYGj@eD}cmGn7nw%3=g3@1GC>c8rXScxZbtW{X1; zugVzenh%5ZuYNxM>%sxV7Y3jYpSB&JN$$;%h_x8Y7S2}5|69Q9zIjExdSRX4=S}%n zO$>y&#c%`RiZ-~Oo}MiE@GJE7nFU^kB(Dp@H~dA>cu-zdMSg)^#COklhW9I84`= zTJbXKdyX4jF?g@$r(1&f!upFxU+^{rg2g>yW1Xd2JaCPYOkhW|WYDSg@jZVKw@bp^ zSORL6HG8?rYCiaUrof#BV2TN_FnAa`{nwLj@jD}`Hh}DbKgrc z>KkBMciK#OJ#{^Ig*@G{7hUAOcc=EPySw|1O_F*Oh@(b%R#j^M;@4?~CEP4&%vb5J z@6Xf1H8c(QZ~t`p7eNDmA++GG&HSI!-b251nhIyNH`r@ZdhrufI$OF`R(C(VyU3Hy z?=Bj2R z#%O5{L@c@u6O?HTOG{Z?dYiXM2}{lS?gba~oRnC5>@>bpLm9n;9!KaF6dy+S6K!%Y zmzifsN57w$+oD~(8_1)s`I+x+a;PbF7+%+EnaA~8Tm_i~iwwVbv$dz^HseTf2iOVb)1FQb(#r8aE(RbrD=KisfuA3X| zyjIBYTSa-Zvyq|RLt@7{NP(jF8z#`q`bJPiCmGM8-o4lsWg$YR-+^9pGekrbIH<4Z ziJJBj&E~WG;bjj&;o;?a_SMF(R`ardTu z2$1f|;i&>-m%P%U<8yN$EG$nK?~Bp&&(2*nrA+_X7|ElVK9RzL+;+w4H*H2VRKHku zDyy!!@9y~=&$|QvU)aJdLX%#SoQ6iq%Vr_510C76nuM+3D&{q!kvu7kN8q+u;fr1D zb>%Na5f51beLK>I^RHuzi?)fDnQo1bTr(ykBQxq}t7rF$xJIz!8yeh&-25Tt{l$~Z zCL(l?Sml45rhpa&>{wV=A>2ew>^%zTA9eGxZ+sr_ZjTLVTPj)i%}r0wh7_Jxd}Q$S zOIGNZ#W5Cjy?uS3N?~Xd=3F6t0DE&GI>!$eNpq|OQk;P5`(TIt(05<`P5L3>o{FB%Hk0n*W#v*Y2y6uey{ZT1QM;Mt`G3p?aRME! zeXPoV;r6z7174%CEMeALVU(Dtg-sCe3P)gk>;# z`j5Q3U-yPbTNP|qU9^^Ybs00XVF`k!Z(CO!!>A%z`3ACEru0P^vjl|>9WqvZ zl{m@d$i<_?E*@_kr^u#ZT7e8EjTzsq>66b)>9c1zJ#xI0{(s8$OcS7qAdl34-DVP? zH@nhKqX&$#$@{ZO^Q+UTS5fN{qeVA9Q@_hf7@J#aVo?W`r=II%91;bVAC$>G%S@?M z7gJIbEmyH5)H(!-7x1R~^P1IltAbKxIfu&^MY?9w7yr9u1Jzx1p`VU$Y(UIcJjEVSJbn;& zS@TmtnFJkj)GTCz%I{U0ZJz%6>yLN|6RgY#dnz}S?mtimUEk8Ps7uumUuxjgi(O*eXBOZnI1R`$8| zy*JkL$I7ht`Ij+aj$k@b&HO-~3PB4glS%s~o2n62zcJNwTA8xY1sI9;leXJq@X)03kReOgb) zhK}`jfjXD>6>w;nUY7n|%zdB7ez@5cFNw=i5KqezD|tPm%ne1jWMCMqs~4~l!~-lw zd3Yqf#xhfIv}I_`gxAqIjO-b|R#=`RL+rN|>4YAXs@9{y`83`04t_`KQDVNr5Zf?48_w_{k*Eez`tKO2$rJ5RA z-;l_4>x{{KCRuH}b802)LWx8(+OL|vu{rr&3k_ugU-j3#@KSW|;D$EP4=u$DVX$>` z)C0qYyuO#iPNv^yuzKdEyZTA5Sna?gLdJD1#r3njwvOm|9a`GZ-n2w5}G(r1Yq z=0g0~aPIJ}AoFQ{6^j+e(gH&QpH1W2RVID@-qx=o(;m6(dMb4dKb-3s=TQa@ke^ryGI5FJJ0%xN}dfnQ<<}f{H7b><(1Vw z_!{!*a0oZ_C!|MeRr4<@U#ActX=%A5cNFDQAZ3(IX~9*!LJY_mBsC^k33sUnVU?Fd zk8e!hd@hpYpWjQ2c*D?oc6%yH56IJm5Z(%$U5*|KM$i z{W@zg`{S{aP~i}snG|Hqlg#$kY~z@2@PGqUZJ2Y zztQy)^JI8pG-~-P)xBU3XVx4x`^qL3I=OHHh4ekZmSBz&z$9m2+0K)Z82s4UL%0%X*P@DY)*AA5cJ>g)u!Af}CxOG14+IX{xC; zd9G93F#7hb;_|Ke%b-6e!9H&Qdh)AMhk*8vVN$ZrA@hQg|J#YUxqooXF^sCsXa?D_P>p@T7`gqzwo4<$-F$Dzs}$uT0|4< ziTtXgarQ?9zG<)uXJUPN<1I9*7_9a*J}Zl*NKcjdOE?87K)6oNbhb=j!62w>(}XuQ z%y!_d{t^-m4GpJ%t$=Np+b-9m%$E=RULeCRG2l!QF)`HfU-w;o0iHPkmlfB?BU$nR zCp(PHZP$!Pt5kG!DpC_CTNrtKpI;f&37D#?s@=A0Sv-e$ue=+FCBlpU1n`Id!Sb*_ zd2X;^&Ib=;Mas`dHdDFp%lRoV9iQDG_|;nt+lhG$oW2@bDlBnwZwRsy>#eqHP|6Xq z-QjmIIxzZm%Ne{>WnefzGNsYz!x=M#3<}rooZF-dDu)_?|A8;e4l%{sjl8~Bf~l&A zPE`5pb)dj|9nL$*b> zg~9=LF=eJ(X-%U#MiXtbZ_B0KHWX?wPfupJB1?wu?Cht!(DKL$;{Q%Ue!dk`Rz4!% z-X}~S`t>i3QG2U>yk&8HhCU?prcGC*sSn~rqxClLK3%zRGM@AtoOmltU*qMSL4Jp^ z4C!4r?O@UrWc3u3oE8Tj8d0SyuW<0`tONvD%jYH5PKZ9ScQ_7>5$jLANpBg&$OT&Y znP#(~(;#muL-2Nk|F{iuo)y+^NGMwcmB1#`RMMvFJJJHs4noYd^hauB=Ld**d8*%D zbOFK}zcb!*KWb?{F*S2)`Riu*uNh(CQ7DG$QcPtyRqoxJKvD3}mprXjBiu!OwgwzDULZ!LvOnWjsxSM(NWU} zbx;eN4;jo%_oI&u9WO0Ax7t;;-dnt|9mc-^^WNAdO{ZRo6qhbn-hIn!Yb0H}wswus zOgWkXy*?2^PbJxTgW#=-pp@uk@Q= z;T$VWRVmhWVFB~l$$HbP9H4sR=5`sC&m8MTzvjuy8LqxmarsuSOmjBYjK)`Lat+rR z)x>22iC5izpePaslXN;snRNQ}#@!yRNi0aQ?R-e)OR^ZZ#!#7b3+u0SZwaZCNGE-I z53gjE4|tQ9Z+p+EK-U%7Q7ykx}gj)S83+vIw2_(_2684&L`#9V*w>aL^; z`F10dkH1BnW{+s6@Fj{EkvVE>O(!AQD(SllvVN8e=Xgm_`~B1-n9S|a34|l!_}8dzfP>OuwGxL{JB{t_?%i1Bx4q+C3SC$| zm))GvZoe(6CLS+r-8E-aty;KyswN)mY4Cn#x$xAPYXEe-OAE^Do4ZE0_dU|)gUV~V zY)`5j8a;FpUUD4QPKtU5tWP!%6}P`i)va&-Ms}4IMe=zG2<-w`JZ{Yf>B8gK*!wPq z`~$?WU(guqli7#t9?k*#JMAeRS)0^DYE5&=^>&0cj(EXn4qv%#JI9yf@isP}^9Gu~ z!PlcvFV(`VsIbWCqNnzRmBE;)K(C0>$0#a#;e&Y!qX8GBqzu#2koL0(Mz-<<7TNXd zBH)E}7;uxz!f?i@xdt8!ha5@amWj#Gb-&q4dV5s8F>}}pl4|uExp;3$faWnoXgWv76&ZbRxYV4LumrE5s zyHdk`nKG(VeF)NOMms-uj2x=l5qRcX*D=>!av(5Hia!zfPW#x=h&#hOl7@L>5Bs!# zaoit;n~k=ndxe+boDsMGURAQ3LcN{(o9cH+U=Q*IA20k63>XA4|4sIJt_#fclz<^ntfHX{uAk&zRzB2 zoqs5+7%=>q5pb1I#^%KImFG`K{W)e=;+V@tU&?Jdn5{DRcqf=s*kG_#@r zlToJu$gM9fete9d^9B7JTS=B$aAT@`WEhl``ab)PMO9PgWnpi`2Y7tEk^VMy+VNXA zd;wh9f2NV00@qe2$K&1FFckmhEeSgZ$1Z}mEyoocY5`RGYgG#iv;4X!>WnkB73u4_ zwRGk{3{f$+X@$3--~Dy}S>d2{F3}2HHIhIFL`pE;hV(;s_n-G2>$=?}>VQ}9e##iB18-VAwW}ZaJ%kkq zhz+nyqG>htM}6iF{^_^=Z*buG9*m4-Nh+ znA45A!wqZ}X1^<#Sr6N`COF^@l&>0)b8qq*+AB`D4Kk{3dwKo2aKZ*2LdwgqJJa*DXh36;q22=RMqV1W+r<6{=a5AK3 zq7-aGQ}WfEVBX9Hfgi8+K|xPuDDMtr=-(V#d=;=L3qS~CW+Y;FpOOAV=^1TB>I!r~ z+cIGr-bsfsW38CjCTscm^8$OBnV%C>llM!OXMcUkWEBk3)GqIn*GdeQt!+-@zj4cK7|aNNI0ZpKOtZ910Lk&jXQ?EBia-Jk?=SX(u+fiONCa%f~!JVlBI3{zqs zl|I2Bt)^_;?i1SWFP)`0*1QT7D(y>xf#Z)K(wu~B{7h@I^|6c{0%_Wrvw>L zqJkh1??UsxU5SUbb*I+v7D%3%y!W+nN#zs-gim5Y`I3hF&lp#loJ7$a`eL9Sa?-Yn=o7m zINBBRj?EvP`DO6hy6hx6*D*=xm?ak+O9nU>DWWLyiG?u^TdR#&^Q@!SHn03qwnfAy zvC;)+zk4^N{o2Yzo5j-599VO|-vt%d%6H~>iOW8nG@eQ1z3do3gl8F&K9H=U_;4vs z?CVb$@x<6`m%YB}A))NAHv4DAvSV-30S2^%54W(}$`aK1tU4)6U~^&Jos4Xfv}9UtL)$_2Cg_2-cOz`hOL6mQiiJ+q$p(t5_+exD+T9DehXNxD*IbycBnLS#6P) z;$9%QOK>S(+}#5KiUkkFf(6c^d+&SC8F$=q_`nB9R@PWa*89$9KF@E~n|D7yy7#%8 z0yB~nG~pR{^h`6pz(MHz^2n>AunicpDYfDE%$7wJRgTuQdZ%sdwV|qJ^&CB`Ecjwg zpESTqB2)`!KP4Na9()$3qNQ!lc=OYt+=^$VsZt6bG~5JDdQQqbu5yZd5#b+By?i||o{@sVhmm-_lzEeKOWmyZFr|auf zc5wZdu?$bs$s$RV+5!t9)|^0J<53diy-t#aqGp*?lEphG4CY9o)%&77N@SRFjI;k? z>B!2RgYq^!%rfGL>LG8-_6McJ`U~v%pVmh2HYQw1X%)EhNm>{jjISb+HNPE`W=P4e zImM%$57Xo8D`+mZC3VGV^`^y zDr_Q><}*^03BFk8Uw#=!q_#D(Hh@7?Z6#^(D?#mFzINXxlcU=^JF_#1JpG)&FXQVw zzHSX#@(OHx9z*?GVWb(v;|J;V&8?pxd32Ih8n4(_>8*@u9I*neM`TumIroOtOP*8} zx1~=9kusQWKV}NS=1T#TYL=<&F~5US#B6u50{9p;5-YH)t_J%cobdWy=fhO?-zEQx z;`_xpIrXecn}k!LvfVfy@ho@$|LDDMGu7`JL&cVy<1c8tZG1fFFk@Mbu!lh$!0J{&O6<*CTZS|e~?89bdpEtZ%$Ft5O zQro)2m&1LPXTYRUs_t~+R~mJ6a>bQ_p{j?X#vw=*9v z|L&AqJm7)u^t4ND`_;ecl{uRj-8GUEpg!b71@LiI6FqmBo7N1|x36!$T*(Mc9)@cFmD(;&0xnml>U)_I^`u3ggNQ;Nhr5K5sN@b zfHxPjRiEwHmhVAb{|I0|1jx(0y`ZF=718*J<1Ln-Q|{~YE!CCxUja7$ed*8UbHNXK zY-lF*vFDV+4~%g|Xnne{$r#j|0k`dkS_>;NOw&kh^Z%SY#1;df@MoT^f@db7@p3q49rBFa_;HbO;DZIM7_Dxy~TwR3Fi+4(LKP!J)^PdY34y)lhXG3@u!dEw*j6w2}Nxv7^&IJio-v36JYcNek= ziCk$`c2K{&Gh+z9^9xw+Z5np<<2+_$*4-fbhw^S!VcXaODLh+P#12}6h}_tCR~K!m zbni$E9;|O*ph|=x@C7{~fO*>SiE6mJ$Y|88!em|lp$&Hv9LkE4a7@?tFAg=hcXE7$ zJucs**js+Y-5nukc|p@Ytez+zV~N-7vbMMe_L5}xFH1{;2Hi) zpT%^};~ySmfmEud*RsXcIuwpqZ0YnUk^DGJG5XsBeP$RXS?%^609PiBy)j;6lR&Pe z>1#Z4{?C`at4VbCs@k5!9n`{g=>4I^w1StL3z{rVjeA@m|SK)%PcO!$7cG8rcPc;D)- zZ99SAo%gQF7A9tdRyvy6^sE!WM?4e|2cvo*qokVoDA&Bo|Xx?!l)tj}~HzmaHq zPOB-JRNUrKaI95NG!;5!=hoV#8#bmk3s7i+o zMuT^$JEc9Z`aT5Op)#TM-w$>)jglrJ%|8T|eEJk7|6cLTHcXtE>EuNl}!VTYLcps#-<>#-5N7)f*x&-#jNgW zM<;Bb-i_nNHn`5^l`tV^CEt_&{{(v5PN;O7McvSkTKliO!c}nrV`J2nM>u8<<>W|M)#5aBzLXw!lD z?&3ZO#4M7D7(6w=feP#<+@$!tPj>3K$`}Qsh6Ej#JA6uYO9swBmrzdnE^=yKYRIui zZJL5Qv(;NS#GT41x?{c~EltqX#4tYE8O}n8i$WCjL%SV|C)benz(5a#H163Ah5}ui z?{!iNV75K)3WW}3Vnup?B-AlxCEHlEb@!|@VI%`KtP2Zj(b%|$630Re_A>bfq#M?R zxn4fPMWAWnH|Z_~0gm2^-P}xgAE$q4ZXu##{5d;D$+bD?rJmv7-eW_}oXH+9a-JG# zbp3n+ppSMub=+z# z482NwjwXY-WWfUCQ#)AJA}bfE9zIFr$g}9K-%qwL%(vLWDkC+XvVNQ}NLgE2|3+c{ zBY6$@6-Inqj;k=d&|Ur-r{H znEg^t$sdUJ-s-a+8r^Cd(b?Ul`aY*R`_3%dbGL?x$U2i}!>ZD5W|Op;t4bTF)9b6# zO@?OJ2Il5Zk>HT(80He)>g)_N4nCV?P`dzUuGIajKKo-RL=4$HHAFHBwW=48HX2~h&vv0u zPS7e`Oo&rN%NW7!oLu-2<-?&&){B(QHG3n;Ew2n&RVFsEK{4Lrc9Zaiqt|=MSzQ0` zqA{kcI1P^}lvRS{>m!Zv^Soal3DT$+=J;GYe8T%j&mT%3QW8!X=JARlkXZ3Qq5J4<;B6h$IrP+ z+o#wxptXJS;OUttTh>+7mw(Rh3Kzwzgt;1LJ36uesI1?4xhgXo8zU~FZ?=cjCLuyx zv^hLh>s=|RPa4Drupply)ShEa4e#uUpGnA6GVB5yIt{c>U)!C_RQ9tb;EroVUl_mN zbQ$JtAM2|ckz(iVs&o-+kJ0wb{DRM!Jo%&I2*VRUeNnBBGN3Ja;R8l+p2X8s8jp(+ zD*`|y5le`|ARpOURa8QmTA&0+9OSbd+y#*}qYAN|D9pZX{%5a##6?rmIy(1LUTGd^ ztWn*LT7&3Ravv%|@+XV4hF8`u1kNHLk2RI`{0;Eoh6%O3J_31rE{JfGxGiQq4`W{o~K)R(U`|65m*KV#!#)}_^C!V>Syc16cWHtVi zs;fGK4-X4PY0xnR53lV!lC6FmuVJzL(=VYYEymK)giEa+_G!3V$$p4$fCF$m(0yP# z9{9fP(d%LL{?j|||1`1p?7UN7gyNd$v`_aC!=sfpcx690c#*lxzWJov5mB1Bv4#z^ zR)K|UZe!Giq}`(kr1wcG9v8>m(<$lZ8LtH~IiM3|oR}L!GJT3gMev<@ zXghzV=^~O=xMo0T29;OWcM2dAWpyKSm|!#`D=u8}F9$zr78o^^P`0pNh0<4YkER=) zCvA~ewazb^m)g5l3bxy}6quO=dj+PsmAiZ2T@bzC_<1pUo44Es0&GD}!~frQ05w+EtD{6|@ABP2D!8o6 zN9DxX;+nYWXPP?&+(eG9-7KYA*yE{drhUiWCnV1vJ0Ychf7Mbm&5U(ETMOpoJyMhd zf-bb11SiA>dqUr8su>qC&+9lkgFRWt2p;#8qZ&7BX;V(5H`CThv$hI)xf;8v(KVE) zJ{~ER>7p;LExy9xZ4K*`=4%mFE*RbAe{X_~neT&0*Q)Aj{jB=}O36XuossbV`I_1e_& z{E{>4F$hK2=RwCPv62J(`(So`Z`se-)bzd`^!}}Vsm+ZI50Ichq%l0y+j|BE{oVKG zJ&{f77C7G9Q?Q3SosV6#2sN=c(Q%{j`j)vpuz_qf&x-^0<*V|&czy0!7`oq^!4);?pLyct(SqP6P3T2sVB`eQio{3FKmaT8L0ioRP(b^dz1|rR8Gl&&4Le% zdi-oa`Wh8WC6&uA_=hsc2rurx(FFoPSqI1%8gVLH#l)8s#kdcAhmankQNtWPFaNnk z=}k)%LGcPEJSpUbEG8bje{MRYPo@B-^s2KHMaB$1mNX|t#>Y@OA_xAj(x1)y%a|4H zEcP92#<*_vpAk8v%IRrgtzT{ze*lg z0oV2}3Qr;I$MM3#3-)X^KaVtv(oiGSgdy}?F6anWoT6jiJ8UvqRzquD zn;(VvnJm;W9|?&@9#@-+z&G%By9o=%-q3t_UnFcaCeq_ zbxY;FtETE_xwq=VBl=o)&Zi^=iUo9%qOPi@&$TKWQW*;erpp4hOP*5das@F-9NRP@ z^Wx1iP40Wk-fZ#yx^gdFe3{f!1r(TbrWa4@jl*9U5mZR2WT;7A6G$}`lbY5HR_2M_14|L=e{SZ3%&ML;OU}B+)IUv zvYAI7_`+QB{*6G?^J?`&`W@6N_r71S66i{T)sar2%65uhoXHeRlb|d?NFx{XVa|~E zUf#kYzbk~$DV2fg&i>N+bzhI{FKs;wm3ebuFnxM$JR(d_DPxd9E7GWRakwAb^KD&k zhd7eM%JLTy&mmN>T`y9+WukFf+t_+1!;nTgH!E;DpGE@5={@7|k>cf7oU!X#WA+jC zOZDbgd?k71vzu5?+PXHmoVlV=RP}x`<(=hvgQr0OuM0sCqx8qpA6H*m3eGw&!Yy6` z(_F*}h2-ap6}}lU*cpq3ZOg5peV(Oni3_asr%qZ^51LQR}D>;4fVQzF;gaA*x?HD9dr$qy7DqLq)4q{iqH|ld$;6 zH`S2oT%^JaS+@)l@k?z&)kYuU;@3yZ$4t!W7zkxE3rZM5tLKf1wsD`d6wQj7&1iY9 z${sgUl_OZ)Kb!=HvW!w6@@h`-4;|NSCWM!%k@T05s)wt-=1b~-JoV`Fe4h#M-!PH; z2k5!wJK>-IWltX0(&oCcC!aT?=7;C!We3`Cqf>SPUZoZ>wh9mzDmr5vN>nVkVIrnD-| zyBFuor^y`-kZf2kt>RaDl?|DpM}B7RPN$O9`^wm$O!fw3V;PVMn2tAk|C4mt{@NtX zbBL?Br<~G~UoCdS-gb8d>CpE zq^NeqI0}H&heGG&b274qyU^|hV4e+Om$Nw6Ck&gOUBQ{>&AHB%7`(snJ1gOhzo@jd zPg`x$AsVj|6z%J#N5P80Gsy}xJog0!ZP8$qO4GXCwL2&m2Xfz5f;-U5&(yx#4NAuK zmlc;Lj7UeEgL*~ju^E1w zd*XBo_LYd5=hXnXCWrL)CU^5)wcX13CUi`)XyJfF1kxqd7^qW|fyMPlp8Nix>pvXU`pcO7f7fL8vFly4ks}+) zX>}8*3Nwd0@!aEWu3AH@+NMV0ippG5*u8?{3bF^nIKqJzTPo1|?NS3Ves>_!M)U)H zf_C^mB4^>pJ)W$0J5afo^LuFDIL^IZwcju+QxlsX2JvMbi^lFpXJ9$P@`{~lW-jkl zoFF`aU#g{9(k_#i{wez1r!4#A9s<+P-c&eVOcY>~qfINN8Fn1JVMb8hU2E%8!`w3m zW*=6Mm;tE}y6&(u-;$=ymLCQzf;@ZVipzbRRF)R> z^Ue9$$-{P$8kksF;QCu;kW_F6cv*UoN5B?tJlzBDOR}zIrxE38?ux4U1lq{-Y35^m z*W7SyU+&doCsF#*s%5WX5p<03fa<*;(>{iYp=U&}2de<$+^ zgeNCTE3hD z^i5_8?z@q~t<+Es7dh=Bw{ui|b;*O6DUZQq&YB<`-z-}fdDj=lQw=N0;4t!mb5@6g zYE1>FrMmO(Ue_mx#T>6C3Yt06^#>Vr>9|*J0aKnstel(&Cx>w56A!tfvRd!)S3n;D z)05Icz4V{55(z&(&&{vsw?=v!vG46OH?&|LmLJ>~|glUov5{eMOZ-`yjkA z^y*{Aw47+u)P_ZnT?8I1?LIe~BK4(jEx&n7Zg={iIN-gU_2M;HT6f=&!%;TJ{=sh< zV5IPjMVe1ys4r`-bQ-gZydtU>3vw^-m#^I`rS;rs?a z(|9&el&@<1u=QeaWmZjwjb3ui+3V?`1L<17<^I4kWiQv>D2q+~6W{-K6X1%P z8hWbCg!P^F$rTYbiPe8Kb~miVXyaWG%;k?*O*F}#sEj|Q6eqWss#p}sbQHYv?yG`DckVd! z_S=es8uE`4M0dbl6o{e)2%Bv}6?3A>SsH#cuA}muurg9)y-0Tr&gwhv;RGP>icWZ*043I2_svdnYhE;1YO^2>b#)31+TG)B}_mK#mnW$H}z5%6;;l{&JxeT z1FEOUuFpCX?vA-RNqgzHKFNWeUSw-a059Z*c<>gD#gLR5P0Gwb*PH4_|?@oIt?=X|gdcApVuk4!qn0izb*WpO2 z;_>GBvV`)f{436rO?wJn%B|r&D3?*4ouR*Hs=IipQC{;B3Ii-nk&q_+z)i41+_?z0 zY%_aBq0vyOo1<1Y^Z~+CqgjQTwT(_GeC_7YMtpJ8iO}kOmfPA@r@k?rpxQ5&#m5?D zP(O}{a)ObIRF2lRTkQFAzYk-S)Ufb&RyT%9Hd^rqDvBkR-;cYc%lL_S#$WFH(qET$FcO zmg$5=9H8ezo}6!HBYCzZ{MK;x_XPz74Z!&vIlII0`86}53m<83Q9G$VniD&nbi0G@ z@`QGiLj_ereg%~Vyz)x}i{zOMo}H9rKRtqxwH?{6=Vh#?RxGx2{9s|q(j+s=3(6w5 zA|6-%$x*o-v-DgYFw~Wll)OG}xtdl;V09#yq4Z|yZ$27RxZZ8S)S`TlLWitx7Keaq z)HNnXMU;es;w23}0YOYs(z)SPKTtQ9>_rWd3O|)HB=lF?&eedtTAHUvZC}>^+>m_z zKt-LAk+F6VWaz6@R#p}j7H(+B+Sst*2S-Ik-Ao_>5)%^{l%ekmASRBfVA6KKTCylx z$Zh9|>WATn_x+F5R{G+Yof(2aHRTYgRci1$^H=W1LWy?ex>n2iU$V|`Xh{A>0{b!KD?c}o z@H$)U6i>DQ;^yWS-6;<6f(lFItNSU4b`aBu6a^y-gjzADDa*^t7K^;vDU}tzK`q9fE!0B*QK{7#k&0-__q0&%+LK?YZSfa0O zfYaPpBGCd)dOLomM!%8_^|@I5ReUTjxI#^Hq3=~4GIhGSelumuO~t`&;mt8UY|3S6 z`Sj?S;hg5NbLo31SNl&H_yR}MB(RJnMshRPVe&9} zOSpBZ^KNPLM?1rvZ~KAbHF`g6jJFU_lU@p2f_*vU zn6naM)j!YX<+EJ&Xw}Ub4;B_(+W9^kO(5pr_QB@_A>F0OZ>?iy>|>^%YV4_thn>G5 za^9Pxa8hV{kdf5bcs}BUpMjMiphepvkWv&KS^D%QNRi(|tT6%h8E4lh!OOoTXg6yG z*IE8aDz8i0+x6pf4G

CV*TBadwM_YCeC9J=*;KliiRB@={bB3X|x1 zp`&3_?6Vt>4o@xd<>PVlD#>CVD|`9+wb_yl%Ep$TmytoF0+ws5?5oE2FMkCt|v5aXmPjmX9(< zC^tofo+QRUEtQuGL01h1xv@($zZCO5@ThL*GuK~99l9MInM#wE@+|IyEMGol%!u^g z6Y-o>JqI*f|MX@<(S^#uJo0L_eGDf_)=1f;EokB)>2y{MLDi6aH17!SpI%UfX^MH2 zk>qCbW%S9m&^GxGd5_6>ymK?MNCcJW^4?DGpV1FeiY6V6unF2G+teRb&*}m+i^m~a zbM@JWum1y)B2Y7L>|DNV;9rtnAxcLfAXQQI6? znGepT@JJDd*Lb$LwoD3o9fy$`js;a!v-M8nt}DM@&zjs;egLx+VkjJ&W@_*u!;VT_ z8QN5~hNtP575w@WhY8&NmQM`N7vsRED|hdxDJ{yW?04MiRQLRijA~|0Qx(+@iSNh- zz_A%E8snU0fR&n*38Z7Sr{fZV%DCDYuc^{SWt_+5@@|2tdg@S4h1s&%{7`JM&yP>?CaHNF)dPLNX1-&l@19c?KH{f0mSqusP$*X1_A8BOtBQoF zE@Zf%eUT_{9@Eu>zyUDw&m>X3CQ`&B#=~9ALZcQFpZauj8^dstb42IlSW}cl@5&}8 zj~D1x+WtExZ;hCyUZ-CA+5spKVlp~>?ulxxeY`c~-Q}N=W@TGlg^kbY1vC#5rNwiP z3n(Rb$BBM*wy?XBe_FFjCOx;+AT41}&15B_5fcX>4Ym{b1v}$f}8#Pko8}yqG_o3-I!5d zI^gfZ$J0^4f?o+vd@1;muXcx-w_=T79ryeW3N3p|y?==Dm zA}G!#3e;(-q&iZM}P1c2}$`@rfd-HlC{o{_~L07Ux{IhGWh7Fa&8WeKMcSD108fW^Ate|cHCluyIlAyuRYEV)>=PA zf)Dy-9E?0G@N#o;;fA?f_qSYP{XN{k#>T6#O+seP$bC%L4Xgj^$`5Ru--;k19pTPx zj|d#_I|nxNG?+B(?b-f5<9^sWIHJsG-M&c?qhES6h)3o6NaZ^18hI^FD*(O_6?vF3 zY2VEzKs!Dq@pR&bwJ{`owj9D16cm)1nMoWJ92%M}PKl2%esl7p$xvvv{`7RIA<{GT zN+G$!{=&Mj*2HZF{JEJo23)+Y1scHF0)xqXU^?!WuvdTlYu#p_v$TMK2Pug4YrI>x nuCIL@7M;L<-oL2^@7`Lg;LmI}2)|*C+>(2%EL9@$;mdykz3u3% diff --git a/docsource/images/K8SNS-basic-store-type-dialog.png b/docsource/images/K8SNS-basic-store-type-dialog.png index 3425d444d5f67b3962939791fe9f884da857b690..4864cba7ed112cf9d0eee820d6195ee2eafad62f 100644 GIT binary patch literal 44502 zcmdSBbyVA1v@S|_jiLn#6ezF@1$J?#c#9Tqi+gc*CrAs$iWMksrD(9AK|%;toCKEu zNh$7{pn(_mxo5n0?l^bcH{Q7aJjUP;)>^-%bA4;hZ_Y`~J56O$B6=bM0s>N%w+bH! z2>wdK|F#hRg)gxO|LG$jcub(8@J7c!X9q`aKot-rW#kQ2fx0PT#Y1Y-}tv+w&6Zay!vPbe+x6wX>>@&g24JUUu$W=vg;&$mKk`+MqVf zB7@e<|2Ydwn9Se!rUz$-QnE5KA;)VYum66{{LhoG>-nJ}SQ4R34LeWBBB=eMT!H2J zZNonKiMdU0&Qw*Sh`hX4nR5+vQoOtg_?nKCl~}&^vtF@wia>6iR)>_c()3-jIzm&iA<;k0kRv-~vt0DqEE>$hWa1GDo@ zx0+ApMgUitRp^`QrsYtwIGHQvB{^vZ0)me(7q3Qce2&!9_t7^eVqz%dVXvRLfp1?0 z?9@!c>u6tw{9EW*Iu9f+l&*2-d0JecD1J|pTW}CHyDuFjal>%AFs6O7zY4wmFTh|YuWH#DASi?R_b8pN~bqjg9f3*WwDK+inSJy9_cajCs{MmH!gpsYXS`}I!kH5iQAd_uqJxOqfxUFUwJ{P+OO zJeO*`-^xnGp;S#ieiJB(n4YwonPwX08v)<1o_E3dX%Z!BN_*>xtIsgeP%#UMdkilI zIPjnS<7zeaFp6aCOHa?YHgdRYQ2;H?OKtA+Jo;@Ie@ibLzcb$)_|gn;B8LO+GUo|x zbI3aVzF;$!l@^L&Cm`TweL8=GI{J(;`sb&EbN-c^X}v9B;w8D;uK#QYdt&mO@N=YT zS9r4m#vkMq)Ydc-61+^dI>U_YPES~Y-}7yd5En3`lkaWAndVkgSd9C-1-rgkXd(Cd zLksix{DywcZzjFl>U)LNcR$VSr_4;`GK48?9GsRc@)c>nKq*OmR+VV5b&|9%u*BLi zQHg{81L@0wx`U-_wOn80QnfRK@KUlFXLYFt-eeiFxD#Yx-vHI$+%i@CTH=D|&X&zh zyUzLth9-m9$+Kvn@dHH;PF6yKju{I>@9}9-ljZi}qL)ouAK zS0|@k-(T&RO}$9Ico!_IUR#V!8Dh@A?64Fy4)M6KTA!*fj%@yIvTTa+$(>zC5K(Pe~ z%6oztb(ys-hj^c&02|UI1c=A<^KN@*V}p>bUi2iN$6}K*4<5wzb>ZhTTVu$ zdP2Lqul3LL-ZSi(Bxk*qez_kkxX4K`7zB|(r1|>#(6j7S10S@xl(@9mm2Sm^L&2S> zYBTw(yMRwo00g*2j-0B#f~YLkq)oWt$v>iS|+J1rNWw2LOO z=ms&s&TDT){Iz>t(r>1%w#l2NmUlL%d3#q6$~t)&aG+H=R1|Z&AEHTf|Fq^n5)SHG zuGb1mR{Cip(20At!EtKlaicOJSxoz&lvd=8*sIwZGay{X9gC!1q({u!r3SGUAX=q1eTmYo{%i1F~RGmo3-W@@~kf?K77(XmM1*}Q;6-HbV zHd_8u`$#j$6SKv^%tYvl!w^TIn>6$^x;eD1exB+C+hsflm4m@p=m=2xI^-Z_{GD`4 zkBjW~#h+Mo-caT|!{d|-;&obm*#%0m77Jw=x~o62pC^oMys~LGm^fcPT7A<{aI&*n zq0gt|qW^H6K?-n&dpFVH&ao)jsYRERgM%7HQ@}wQ>$5xbC~;Vr;Aezo7MEL zd;$@FNwNq)z{^{@OSmrOXPcGW4j!_eJfeagRz~*Z=1uc~rN;NFPc@Z%y$7ci=rSFM z=xcLZ`IC}^i@@Nm4kbl4##1yzRvNdkkDUGfnFei1Vn5U+9`(c*)5 zU^6W20B*~>U*>~P%q=BooQPnAM z23Rc>v`zYFI-45#I{x!Rc>#*L?CCOaQ@dPw-CVWLh-{T;zPcL)eu&<2l$-}7p7y@5 zgEno9LkcTpyCHBk5H1EL7Gs=i$nNs_^w$E?(U#(AmgOgsS3}06*LK^4 zr=I6!NqJSv4-K>q+<5@SLVCFtS}OY5pxQPZGVetjHz^Lc<)oj5L!mRw(hbxX@dXpT zoxoA1y+$o1undpD8hnmwV!VXjy=!^8m@QIH(i?oTaf?MEVzS%KLN&1St+a)k?~rBL zo{^rx_|R9EpD_him(MTi@6PP<6f7G*-E;v;JsV6o99WVHKl!!fQ&91#w-od?Avz`_ zwTwbQfTBmlt0(U%L#BFOO>{<0W};mF*zz)AOJYql@V*xJ#@2ewAux`)68*CpcDd@o zSEX1oLO;jI$Pw!w#Ja>03DOEa*qCDuA~RwJ1>JmyqNV+D77y%+B}Gr{+v-2=s@?a4 z$^0paH4aY1L{1Pb7m$OQh)5upi+i2d)oP|tQ}9PX|Jxa07|))-wzTpeE%o4n6G%dy z^y9y|*?HOHO!5hXsr-88av_11L5`1R5PKn*og8Zahfu1O_k14+O9yf&#~c_qx^xL5 zwx=~l`^nOTvex{RMHj0xALJZF+tcBsI@R_fNKGc09(*dzbZ2fzxj|HRm>q7VF?Je% zS90;+=8-ec-ddvB3#Ym6%DY*9uJnyhs{U>Rr*wb~!hb*F0tGRLp;Y9J`6kH+h9?E13vCYeIDv9DBHR+5jyt;tXO*XM z-vh?lyy4&Ga*vkC6>0ZozIC)2M~o>x-s%<%NcHK}kNh z?be#;jRB1h>!z>7?Dl}8nn2GmVHI}X1>Bs-!`JvZwZ?Qr!N2n_DBkb zB)<9@osd~+nn+G8q_L0JKl!Bu#MK(yt9?PHj5GqezJI_$_Kh1>{o`L%G}U4t?pO&I zru`i;g_8%6ecXQhR(QoD&$UVI#Ow{9)hvqcMpO5!XS_CyWRc(Lv8R$RbnWvH`Hx;>Gk|x<( zm1rvN5U5;MkU;JWeweN(sjyrs3JeX@Xo$@N-vmbWF|kx~{1pqMcJTKOvMh7T4>>>q zM;5P)nIQcmz(@a=zpZgs>Oh4&vvXS$)X%nN z&H&_6moF*to;eiuti-e{B|9Xz#>qCrw5Gsp_DC^b@7D{rT>7vv&jRh)Y>Rq{YP*(t zb*vVdF6)?TK{jp-%TFN1kfsPkEga{2-c013-#F67@0y-WEmW!S$>@9}$Fl*%!#kVV z`4qoe#dRqSEsgAZ#{KoPO`kr0!qf!k7q_%K&>2VqUoX`zU4vOmvLIYrT_W`zvT16`ps&T_lMG1l$KzA6pwQh4Cv-Jn)O}_1$4@)A!1E}1 z*$87{eeT_daMl8?-%!uGm4k?PnNK3q`|hP55#GKkjOgePfr|)$(vjHDz0)n}w^mlP zX>;0Qve{yF@&$}ifm+_CgeXcLlguorPaVsqL@H!S7gNFDsdb-Zou`)>iJXg2ROo%dPSywAbP8G;RG5S^j?ZPS_0Q{&5+pADw!qpaT+t@!c4WC@>LmD=$K<-gIBZ?rA|^mL;?&+VVT`$q zGq-J8&A#x5q;T}!6fn1Z)^lTVV6qrWY}^9luEy69n*x?Cub5j-nWP` zUQ65|^zk&&KcK42mAN1Hc3>#;>Ld{yb%%h)>P@C}@NxY)tK?JUKxeo2L7KfBCXopz zTQ)+b@q*&(%C0gz#8SG!V=DwfrM=s{G{~sSp-Ng{toP*?8~u@^q=crkRzham&&@l# zqYdqj*JmljjSsMA-t_tTkZ7)v!#8Tvk0&nO%0?pT+N!`g(MTGNYO4JHt)+_7nm zChGofd)H=Gd7bu?6z0E;Xqx&39G4EoIVw4hNVYPEkSvo7Y6#z)S=z5`tx(-{&1XM^ z)KSB1;+H)w$egN6)Z(jv^T3=BWtPg-T*AzAc~Xti9(C`+UmwJk_}a#H|D=wI+%0DI z4LU=$0@hVlwsOd2&Q}yRedT}tN$@~-wGYa8_Q_CdhL_vQ5bO>mkOkK;Hcpe1JFDk3 zMs0{e4m%!gM_uaiz3{L)iPFrk$~u4RJrT~;l-F+v-RNPj=bNN~vx-*7W}nWJYr8g$ zR%NtrXq@?K>g;BSw*VUOM)ko)Uj3XigQ)Z01c+}-*q~+CB^oa;rEmA!IQ&9yUUNw6 z#-R-64`YSD@DWH+NJvQNa89va@n{lw5T7(nMHy``lgw-LuP_iO+|49K#C5ob!T@K1 zZbO$TVnkYSxQdb@JweZH)z^-X*$!%(Cym5-i6wI}4}(>b5garIY{2qK|JI`rAX0RH zZT^LY4Ki(%9p3YRz@zi2Fag0Q4#wUecL)fg9|_`#%Gb}n&Ee_HKmWmPKD5Tuke^=t zU5~HtxsypsK=3zNzcaqx3$s z7gCIDw)HZ-q0*@%AlP%;6v}2|5rbWgbKmknSDHQ$zzzis4X=?$!9fxUZGBxZvj(Hurn7hhp0N$8; z_P!`n>zQio<%Md$JRQXIEIxfrP!GLs{W;{J3szY|0|Vaquy{T{Zz~btaF!ToRyWCZ z=eHsD4B1N^xeFYOj`47FyNswNR&H$#tf*`>wjmF&jyG(wLQ5Qp5H;`e;3x)SdQju3 zO}rwJQra7j^!L{8iYB+Q&0kduhK;&`ssc~f)S@)ACz$ps81|$w*T7e?7Cyt2whjt8 z&-dT?2KAhLsd;N-;_vT&<#?nJ`_5V1-M&K5*_LS0{gL}6s!?A%Xp5ooAZH!m$bK?oxhn|vUhFaiOoWWt= zDEvTva{e}FA55>oV)oK|HdEX4szw(a74>)gB&*O>?=`0O!Y1||8JKU0?q`*MIoiT} z9^HR1&(~}PUR$jq-gey1a=2#lYRZV~5_Lk&>P|?q2Yt&2^U>*HLKq}80dzGGT>S25r%m(t@hXHi%PPoTdV0`aATq^ZJ(NO z2fP-1V~e%op%;Y-rsC&th7`5xeP#}|A;6Nmja?6xYMPwq5?oSTQsOcq?)@iR{=(hu z=I!gU?y7)p;i;?F*{suTOhGh1=3%iRUVOwnoaYUSZ2Sv(u%%t?>S|VoC!IZXljQT@#xw+fW99%_-83d+9G0HTSb2Uk3i9%#74Y$gl_b z&Y!JRKhYC*GKc>FG+G~LrHAt|Z)Tluec_ASn@$f`++Ru7CvuPjwOc{L8Dv6}eo!?9 z!5Sufd`~ONOt`0aoZEe_6u%Wud112%I+;%0`FW{Q91tE7lWwFw zZx4uD!*H?Kg`ds#mi&oUabF)hff6-J1s%LaNWlH;S zJ_OOTGo$&^zKgp|1wN!UKe^Rk$$ei*%iCoEK1{IY(Da_BZSzvtNMeL|ThHvVnoXF1{lORIa;@fMb~+KWKRu3jkEQ^Y$D^FtD6OW%!$@gOJH)7buMRC5y*!GO$Gkr zQPloprOTQ?BhDM_(+dT3U3m0uJ{$jV6q0^00GfRAeYWs4_-tU6{8Z7L^U)r;gFRGheS!=J0LQ(H^bP&7N2^{Dhd7?x8IFER`n|?e%@?ldJVA&mW3{@Z zH7Y%D-v~T|y|%E>mTd`~x`^Ffa$$?&Q!mQUN@rK*VA^%)?&P_sLc_nbmT9s@5r%8+Vu|4v3vezr#q7ITK=*t5R>+anW7dEJ>g<^hA zKiS@pV3Mj>V zc<;TXM^fwxH#BjkE_Fk}YE*}p$u>&@V^Q$j?C5WgG(J1b&CeszuoWgWCl$SS_mhjA zhTj6ByfTKOW1CFmFUay;PC4rCuJFNMvCnNg$tg5sAzG6^NkN*wk zkRT?gjOWm|@g%Z1gLp!3!q;Lh!SB?^HRMLl&EluC=Ljfe6g6C6spaK~b>VQ136 zAe&vBN4&DAYQkxjlU1%DZj2TsR_8F%)ZXsJa{ZbG_n~`+IuEQ#Gn}zIcR{1gC!Lu< z4xSw%nHTGQh#2~?XBxPCQo#2QuNfVqKpt4caQ1~w8%t#|T9S!y)>-ZiiphCQYe;ew zojPv|Yxmf$tZE6_lneFVifPlaD72Z|xAAj@j84O#?+n}&uCP^sOR;nzJLV5RMN98p zJ1<3V_?U0*RElN(EOa`pN_fZFZN!NVy?ooL(;N(x|4%NU+x4RqKSi}cIwkY;6u`Rh z;%x)+TdRmmp^TBQ^26CPci4e;f)-hVGI1jMFxE@5f1G~Lu|+uP%(afYIZQabGJ@$n zcpN@nyKVJCiGpe?kpxd2{OtZxMIPa6x8JX4^JU&Q;>CD>NeV}`-!yZz)3#^)7spNy z;}X5cG<3A$Q$RWzC3bf9{xi%{O!O;5g^fa`-qMm^6EqQOsHE-O`%cvNC+2C=HW=w1 z6&@>TAsDFmVrx>^6vSTc6ri6lrDx^Z3az^Ovx;-_pfboptlP^EtMLTy(B}seW;1jDWZAQn_zhhiJ7M)Hm zWr3?v+XZMdg~7=|dtes*Y5-!Kfrdt?1!xf#9X;SeL|h8VqgkN<`4v^1Tz(zT)Og=B zk-sziK$C==EU~#&6n;%qSg70^!`-ZGDMuW1_3zPxhsm&ZTBJ+#t^hmvy@)J&W8`zW z>|PhDn7Kw<`JVoWyN=G6`zT=JN%m`D! zbH703Y{Yfj)M01gjFblriHkO1|1F-xQ>{tk@phU>`v|G48O%z1#w>)wCL9JI5qA9t zkG22wuGj+8LR=JLD&kS;!_^uJ6JGAg6o|#h~HM&rH^gO)`_~SdY={0>5aPGO=`$}-H zB;K>0hLVCxi>sBY0nDRL+H8Cz#?X|BY*U*mV053Kx1ZShOl4OZWYB0TZRxhjNW=Nm z+S#4^MBp#hz0LuNxBLyPi@R7jar&3`os8cVdxy;pZM%UM-^Vf_O`$98Nz@dyRH7ld z;OGbW@tCH3DF^15Zv!m74=LM515_&YKx^`pMIJWv0z+s!}hL@jMhIwSdc zye057BuwViddos>pIh$k=$9t6q)2Fu!9t@&L)BN`RR7Y@X)C{A`IP-9V>5RSd;rdw z(&Ok40S51qVJ>&8tP@A|z&&UCJ&$;Xsc>K#%Jy*Nx7ae~1t{8VCb zgo#=sq6#V7b{h9fD7E(_OX^K=R79&EOq&^>I?K*8CuKpUeIy>A zFw}cd_CbtVmHtc@{{w2$&1+p@#F{w*T|Kmz`|a&Hl(Bi`^%MP?Bzj+2?Ju8e_ym4` zyLr;vK6e=041|r$CwPxkt15An^lHs=Iw2RkQCvJC zrGeqhAG?A(8v^QI3inI#&(5y~uV{Z|qoi?mWn!XZ%H|mBq6RY9;4m1d00ZW0)Z8Hd zg%`aa#6gUFcU4ArhB`VU<0%u&={~t(pq*R#__va04!}z1{ZgB0C)p$H+Fus-$jao` zf2Lj3b2frtb*qE!fAa?wOZXk{WkLGrALKQI?*3LeI@_8H2WyLjUDW5YQp7~=loPL$ zRmQ$AS#!~kiuapZS({FDsg&@rj?MDUE%ylGx}?>ePsL&GySdHPU3ScEf8|kDt=C7- zF|n%&zP;sjVbLw$+jz4YnCry%gX}!m&+LA z>GoD|2m5?h$zwQsm~vhJ+4mm)^w<}8Uu`otn_ER?#qZ0n=}&sK$L7}L0}fp$*22Jm zRi~A$HuDV3GR7@5ba#ILl%xGJR=z>`x#!|%a>u5~Mr!AG6*GGhieNoP%B*LsGt}dH zTBk|zPUeg6#`Bw{Bd{a94jPgsErr;Hn6@4Z< z=DljA{e!-nTf@yuG~1;+lJp)ykHxGjQcn=Pf5JEZ*oFX+kdQ!@su}^K`0H<`2E~@* zq9W;_?U*O`L_35CGfDrZ?BW^6JA2~i4KSUHI3AwpvrXIFP1sRS^1orJ z4%{=LzPahqqpNDoY1DW&h#d1Tq2pr&j*xKIK{_w#pD_paPF9}3G6MRxN z!k+E6h9|!|v~AvFoU;Z^O-=g}nL}4o_4fidC$wax15Y;e&4W`@QoQA?>fMtVYooq++|hFsU%}?r5>nl-J~*by;IPP^LY6ECYN1+ zh2AW5lx!$mjBieqt^?4XidgjZA}AEM4RdlT<5o>4oqn=+-m=)20ysVu7BhNyb($TK zT0Z6Z=-;m7LNn2IWy9AaZXrT$AEQRoH%LwavfZkwD!qTzi|6`GPKt+(%(bms#=mr0 zCJ#9XpB%YNFfx7iT*lZ!Pcg9xag@Tm>*RC%#cSSC9UxjdZiqta+jx0(U9LG%uA593 zMi_ecPL3ExC>ule0Y>=QA6OeZhhjf`OnnfZwGY|AQib|ycqk%{PU_6_aK+-vq6YeA zK4W|$-!swQ71>s9j`qtZQhRKw$~+W`(?xP{HioT5rR8n#fsrNylvRb>v+ujY`3{o$ zxgf}tBXAo_g&!ly=&Q%_X8}Cjd(cz)(n8?yaIpU%g7=e!O)d96$`ag_x@ zt@L2?W`5&HA%1TsPqGk{sGFY4@FZp`1GP1=feCa8Q!PxZ$A`SWj=OHM+5TYdtB!nl z*TI^?|K>-!74`d}^ms~k&eh+C`BkubwCet|*$WdWCD zIen{E!kd{78o%4v&yt^=0phur#q;x7D@_U!-2D19_RUODQLOk?vz&DKT^}W8%}K3$ zAh!oKbTu6UuQf%~UZ_I#{y0>*>|otb6al&x1#JElPrJWRW)#v5Kk%B@ibmTwdAgra zGmDu!Uoz@O00xaClGcT<9=1v=u-JLnjbL zK-=W*qrEiqB%3iNV-aKMB|%xSVh8q;Uks*KN0xk>2ppq0sqE1M+~J~lZ)JR+hDtS z8S(w55g~j3Z|}fg`JvZZ|9S{03|fxn|2MvZsPzHLqd6k6>)%y{i`T$MA(x2L3}>0! z;Of}MqD&3KZtnF!O>pb0+Y&WL;CwHeV`17WO(coUrl+l~;QqF2m81j1!SNSedb~Sb zg!1NBVTrBTb2@tWfLD6idAxKrnC751ll)MAJ{38%XKnRQ)KYf9L;QUGBY8Zevk&4v zz~uXk85rx0d&KPui!o^hJ7<~8HV@!NZeGU?nsBeY=K+x|1)a_x88t*>4r4L9dpP4`LI)$?zwlZnQOAVqg=f6xIX;&LfVsQsIONFAY&+eKL~rG!GHdf3ux%$ zcg?YQku~fM1kSC&(@|s^%L~|6qyzvx%ClrR8M!G=$9{HmA{&{xm&#&K#k{KUj8C%PrHfNn3tTT~;|T1UF&Ws{8UPh) zpU<>~N(a{Bwj)fZfq!Q zACkJMI9H23s;sPR!Wuk_Q%~^qz#j@&+OB?1)Oq$b{=9#yOpT2lBAq}>sABw|ERQ>I zw}Pgy#Qv}E=E={bTSt{;t#u|YO7?209wEcPzyJw2Uc1Y;ikBDvuL2}g6emYRe6lxJ z$)-OWg)?!t2?D(7+o}3y=h!BghS*_(aTdNyDJ%O$pP-=E9!NPzO^FX z-@PKthK(`Ph=?W?{o);$4R7Bp?IQf1{{~{73QGQV#s{agCryny6Fm^6ZufKZn>)Ja5kCTrEl|nkBzh>5`u*4R}S`% z2DzfLLwBTt(Txmuvi9Y+@S4J>(wSsCFlh06YUuUxYyY#ahT7dCfDywx6BX|f(x(ft z7q$)|4!wi!&xeHQB@h!dhgKy}ASh&=flE01XrFL{+NplnaOJ7SZpTh)rGb+K+QAS| zIOjb0_Pt`Tm5u7OH?8>XmTep(ZX5=LB!hJIjvJkJ4exmMqSk;S;Ek_Hrd#%?!=OaTP_a#Rj=|>*-W+?EvJkeejlBW+L(NH%H5sm z(jU7bTWAh)cI!n&0%uF;P^0cH_jfPb>z%Snd>y_b_Y)+U-u0nZ55l{P5o4_ zZ8RJ%&#!c!M&Of*v_R|5qVtiY4E?N|8yo&Br}+CMrAl9R zF&>m;aVP&~H=QajCr7dy<|x`=j}fvr(EZ^3t*MHCk*A=k>6Gv0h%Xe$Z6lSgfiM7iQUc&@#>K#dG;oIful5~&KJ6l_?Fu1kVp0OV~ zsQGG9Bb%z;{e!>!1X4`Ri~68W<1RMU+_5CdM)~-mArRxUCji8 zg;M8`W7A)WD%O*((?s|8&&#G{)}bWzIoslMTY=425Aoj+aXZYv5|bEI^D&Ay>3ZD7 zUd$|2y=?fh8)E+;5j(k4QA6&Ye9y}DJv{JbcT1IS+VmY+ErS+bAu(mXb>8cRN%beg zuMx~2LJmx#tUh_srY!sn!;EL@zMWL!@yKbQ8ysI99=1l!EE@TZ)0kw9XJqFClg{{< zL`05>21Y*(b=M+Kyazs2^{p@F1q3 zatUr}o(*#x2v-zO%z?@b>e-?)q&3X!H}4!NYYWM@XyX_#a-!4h-Ww442##lhg0g6zpKe{@A_M~NKN-qrvqoE_1g39 zb8-00^6&3T&@8q%9jD3KyS`$``8x!^W5AQky>u-yh)NE*sD=qgU>VoCRmHLWgZlSF z@*;b`VOK85ukiki0hP)xt5L3p*5bK|HcZV#fq#9=r(DR29l*!(Rif^5S7t$<7L#>!y9T6xue%k)BwVTgh^}Ovf|U92I3C^e0UUpPoyTs}2nNU{ZTijaGAWgOgHv@? znv}8xi!NF6W}Sd#%nDKwRVzm;c~)?`VvDG0w|emiJ$LvzR*1+#(c5C0iCmh_zvH71 z@^8)gZpmkIFtI~FF$hUcNI`p?_=Xxdm?<<26fTi&7D1`dRw;NPMG? zXZS?htB6;=%o*@HU>nM-w`4&FQTF`_ZQ!YHjKa&4#02%jO{LpYtl$3A+$M72f*q5SiBx1O>R#5TECxf2+N8 z@x2Jyhxnq}Ub=_4MFJO<@w=91l!#A-mHTLyaTk!CeLPeBnEkBU6!Kg{qj*!JtJq1* zK`$ue+$-ysSWx>XZRC6!ml`479g^@p?QtLL2HL>XrBfqO0MW|LxS$7(`) zk;I01W1|6i;Am!{U5#LjB-)^0?t7^6Ymh;<4VzDoS<25J%0g{@=%x!FJ*kOY#3tD96 zF54`3QC7R@xihXoA`+wD=wIc-94?9n($&NkUx}7hGq!uCv}EeRgFoXlt%n-M4YQJL zJXjj>*t^-dlBoeG)~_~r-ObaQpZui;V<}*pH8NJQN}P(jJssbNn1M@emt@}fv|sgZWb#pe{sI* z^z_TW8d{%-YYsTjm|mR=ZfEl-J+R84QIEbkNXDB^|F@CdW#fUaFzl`vFY|nMZIcBj z*dbC(*u?nFW&8e4RteBF>regY+Wx?!{CqJRn@qSlu`cwkjGdSKdVK0jdJ?(2x0Zkv z1Rouod|h?)pIpEc-0c;3zz*K;hOHW|%h2<&4YG^yp5oL{s-K(;;ZVeJ{Y!FT*iI1o=Z5{ALCI693D=?(sHJQmx4mH$9hRB3c zD;3}qz$do<2N)i`#nVen=TN+OAin?l!XCWu1cF8a(((8GzlMF*lnL0AbgQeY-)7}E z^ZgIh;H<|ZMg$%l{{vzU4-ccG3I9c&{{DXBCRaQF{+Gshdss^r_Z?r_5j@shRG@MT zFu1E@MCd*M4GF|>;sxjvU}JX|Hw3#HTF(O{aKkP4!?Ay2`FiorGcdk-O_4R(wpge2 zUek!Busp`7mgQ% z|Eh-nHx~DQ_k{c}d9ed2L(35TZN#awCa#k_Vv1HFLzc;%Ja%j>Xz*gOngH+ z9^k@~ti7mLeg=Q*X}e$f=SAiQ@*3XMN8%GD7_^T-=!5&4%^2bT_5~b)+^JG;N^0$ z`s^I?O!vlDe7V zRD#**vR%FYOGVqI?-Q)FdBtdFJruE`vuDmnQGPxB#}Wb_&S6^M#*0W)<9Cd+YsZoW z<;hm&)eFi-v-}sid`0%h7!`(d4@1o1)*uTMy>u`TKldPY_?x+2P2Og8g}u%A2&o-h zXFqxi2y7ffigo|@G~V?-R|~C+tc&`jd|a z$y~%7`#(ufO8#bcKYJlj_2ia0PPBg{l)e7SC^WT>Sc5Hc=_14iva$4Z^P(-x8{^F& zq@mnLpu&IeuI8-@ov*gBYWoz(`364jQ)Zo<8AYM5?6nQgoO;7A|Pg77MKA9I#gdGN%KB(+qDLbE{tl-%{w zHZ_n(=;QwJgiwqO{am2JEw9kZ=FDJcAo|r^=D95GH}$v$|No1)w~mUl+tz%)gd~JO zLIS}pL4vzWL4rHM3U?{2aMutl1S#ApENI~lg#-xh?iSpGJKUFV@7-s2pFZ8U?;Yb_ z{((Wg1Kui%wdQ>0?|D{fDAdA&tI@=OV{3YPYbSSS<7Sg)unXVRz6>jltiC;ZjiZvP zB^aooZDB?FZU;2;FS=7E-4@%$Wq@MPL&mjQoBuRC-yagk3~?12bg-7tfu=Uv(D3Mu z1?FGo3`lI!ZPq;+?2JN9&q)0lH+${*Vq`CR8~gQx>bV(L4oy+b%hrbV^IBHoZ2-lG z4lz4@dq8P&ieCQUrN(KZ!}zqKb4WWM`$gzPbmG>u>j1S%3ZAw{{D&@lSR-WOGuMJc zS$^=u2FO|F_M`A{qTc=0q|bRxT|vGq-VEvoHK!fiLFv|pe<-)Se0sBs4fzSh_dx>^ z!UyjP{WX4mD65QxJI(ICLaJqo7z2f^A%lr2yL~FF??E0-aT(H+xMI|l^=s2w9neFQ~s{(E70d( zfT3eD+D`3jMf0RdWht}nV=4y6uj4M}y|EAx<*ilfTtv`AxB&g1bEoHT20h$&Nx>QV zcjJ4Iw=W1w9oHsE>m!CdQ()Fndg_^N%ke|&m)E;!SG>YDnPg(U^+`$E4CFv3fD17{ z$R{7iQ;8Cn(Ye&~q7=~iFuE4AmP=32O5hZl&x26NmmkWHDO9WdOb0S5Eo-WcIKIAZ z5V%d3r(0Gn^X&F5%$SpQkoR_1g&M>K5dEHtdF&A7&u}q93vL{>iW?i_BE66*`XeBH zYWhiIz#XlP0Au9$k(Y*2u;}{}smXB-O+DGH4UBD?Tob+MLFP~*1+`xF%HUxCCainPFWkVXaGUhB9^U(BELe$OPgIQe4pqSGd9i#&mE%2` z2E@SA+WObdTKGGKGoXsH#(u(NLZ%^!TqY5~KgnycsXOhL&EXY#16L z6by#m1In>}WW+Qqa!|AOl6np0dn&&Z7O)AG@(f-rJ~!ZW>x4yjidqy}aX$$DRKCqS zK=bnM)$iWj2i+Qwn5UDvNC-p4{bkzy^qPI+Q4js!JxY^4 ze&{Z6Kh&>^l)_=K#s9HKdCF>X1~e2E#PvdeztO+-(9<9Wvt5wdJk0ywj67ciLu=;)@OU`{mDS*^%y7uUgrW~ zK7g$BaIF=5;~!i87amrOiVKhL40f{@>OLXn0Q|0(WGUyJ%>D84KJI8S*78F+A`nAW z1i`F{Uscls;G+Q~Ql9vY&6M>wQgik_Iv##W`MS<7bB82`6yVyQj~Pu&G0&@=!aB*^ z4?bJ;d6vw`eD!5aNJw}GJp6|RSP(o7J;85bb=ULkD61Vzss{r_E>HEs*@-XHE$HbU zW*3-ihuS-wvJ^A5Ew#w2@2_W#)VA#%U?;B#FDeXxyXEK*L7;VB-eMSh=DHYW-we!qcdbm*ga1Q8*IB5wkJNf*WhsBCK znY5!9-HgsgIF+%jd6MNc@-5Y*+S1VV$}FH3arx73e!!i0-jYg~V(JyJl57!DujoiP z9|&r@@VK~`Z+!bBEPCWSGm~;5Ssr7}12ch^N8GFjdiKAt&l-(U+?M5azMSENK=Lcy zY$jN#!`6vXvpwYE)r?7Y8n~`J^dKTlW9Bn&-Gd|kOyM+{MqeJyG2k8vHMhho&Fr4s zF1YM9xG68)EMO=jVGlPl58Oy+VK4gz)w7_CFvszj3IE6Z46FyDdreLlTB<$A_M9x9kI2axIr*?WQkBd>FW7v;+y9$LQ14?sm(l1<>{6M(L;?kw=z zk!yk2-34SDZ+`{1irTM5d6c>MCcd%d+U;jq?6NT9dWw?#Laz>(f0Q&HCq*;~LXhm~ zXzMi`R1{PjMNmRmHb-NAxXf5%V7H1)&)I8|#giodcui zI>8zGD;9^D|QCjc4J5lQCbgu-V?_lh=Xa!DIIJN$Z{-p?kM? z0-o)K`O8U->xEyo#`A!Zcwfw`f}@$k$fP!6jo@YKhIz;Z>*&ImTJv!jPLkZE%afDu zRT}FI_MtgvB=O-T|K)UG(t?(qe|NwmHlSBYMj@?hHcIE(msb^6{)2c!8@6%xzA0`K z9pZAP>a6e!uaV8MO6W5|n+4?gO^=aIT3C3vx9K1?ZqiP4;~@RSK4`*w+HJ2xEeqvk zzVGp6a*ke-XPx6{n32Qw%rZT9VzT+#9Nxw4LA@+}YBqreF0~S{1vEJWV$hqzZnodn z2bFqBBRgS|(-z-I_p@PpdwbU8GGOuO>`(t6ba{Hn?1o(FT6@Ih{DOgS3&Hf@k^oIHz%viOiB_zS1IqrL}*0 zZph7OP50%qhsJEu+WcPpxg4~&Q;TtRr^*oO-BvcJT)}pfz1LaJkkd;*u&7b?`@YIv z?4n0SnSF04=XjNyBPf~ik~VwbesM^2wPx~%RgZ=BpmbyuGVr^MvW$%K?EPTJ=Xp(_ zBNWur0Tht{%e>)%_#a9~Gq2L`rAMn-RDfm>qYs5A4I z%9gR6v}D!U0UAQD5cm(zo5N1&>?jkBnM9urGAtBeLnH^<*H9R2RM2XM5*XylU`>fS zPC|k#W*?@rlRMc+zYVvCmBHTtKM>3S%uW_vSHjx4gB7qBL8@kp)xsI?fO{Fl|F0FW z|L)cKFWbNW4dV4)d;}2s{*fK{PY33I!o6~X7Ihmgi_-K?q9xkvw$H2Rz3UD!@oVSL14WYpbhsw_F1b!!uJ>J9Zv6^SY#n&mZvF zoC%|UU|jMYHd!OJ3iO!uZY;d2TMNH8&7MRutk}RdXvmsPKXR9T>{AEE`*`9+4EIey^FDPx&Mc*^pOOV#+syAQmIM0||)ahYaM^2TS_cQND z?|W~Er5rTc$TkMNqFUc~BfyvFGP%con(t@@>nAy%2qX%-_lk&UVgyxZu9*7$awsdV z)>ZE-r-}83Si=<=8G;vtO3b8*+0k z^vb;Szy11v?+{`?G5FmGTreT&hm=%*o2z0TOlgnz+snn+`_~C-z*GQm5dV>XwQZVFR^B zxr&V!6#)Hs!N*uFbe+M9mF-_!6y|)cGRZ=(z_!VGj*wv!;5MtlHqvOD)=Og7kO*tv zUPkjm5gIc;-T5A#2D;_uEpMs+{sE7gLshGXsIj17y8`0lHq>=C7BlJO(CTiM<+&I^ zet&WJoBKQgGy9kL)+>0UK9}U}JZC!&sCTs2TMCbvA-6$#vt~Ud49AJ-a^PGcEq~!X zQR!(IQz`wGF40Fk-c4JU4!@U>duN}oix&A#4C#hUibPoW@r|8$nn;_U`-WI2Xsugq zpJC9?iCSLkyNkGHw{kdP^WGVYjRm!)AFD?_lZpjE1tkTw!`;Ibu$-Bk4FBD2b|{3d z0=vP{lo}9oKdQu$SD+Z})5q@vK2_Y>&c4vO&yKdao~7HlTHd9HMPBWyMR@a=@|dP| zA3(|_F_No(dKP*J*<+pe2E_f7R{oQ6RyBGth#(i8}x1jKD zRhI8$xzycM4E!F`-ZcQ~2U*AGus1m5o#q>v9G1Xa-8}4lN$@O8g_)sUC|>BY~v|y>%U!_7Y9d^8bn)1x)Wm|gfBQ4fMr%uJ2R~+W zswGhxCspg`>uyx@<>SEt$!NCTC^oldX`}*xd!j&V6*>_?|`cl+2@DEMgH=FE5VC9r$KOAN4_E!)Y142&;4#O;E{!LEUC9e9wY14 zi^d)vw$DuKqXc34IPf&xhR=#;XfT3c{|vdFxm8UsCbG`Ojf$cE?6ASgncg`M6j!)+ zX#Q4~h<2&7Ebf=c9W!)~w0;XB{VMmhv7lv$m;20Fzo^)-sXf|C+NnY9P!O6IjeAmz zao3GTHm}xJ8NX+(67gRjwVU?)a-gloKQ$FSE64YbE_gK$E5-KWQ2De)hqA37e$hKv!g9zOR4BC;66CE{Q?;-kZDAf=852mj z!9$B-f9z48ybUD{w*Ihg%H@ytEH!P#j1f$KSUJJv?7@?Cb5_tQ95UZo;Yfw$vLj__ zR@4t_nsvZq9WyE_s^SB|t+gC5smBW_F&xrf)`Di{RUi(RH`ZE4S_y zyhzA+Arf45AY-9v*WtbMI;+znYcL|ZLMfKTuqYpH&3VgWZP_lUtW%SAK1Fx7$8T}` zoEjqql0GOg$e_*2gy;~l51PIC3T z0=d~`whGv(3fbed0=n-j11w{VocKDx4gK~ZqWN5JSJ5Xyms|8@nqF24?F!ox-S%SA zx{9S$@p3}y;uaQ`XV45~6GEdzH)<$N6GDmh&DX1sdkTy8t7P0n$97c%0LiEtT&>{bj=7Pc_ zOy5eE1+T=lM$|SkaJ3|)A)=$6VhL+uubrUP34mDXK9w9z+&T8X*1$!~YgDpJ@t_Rh zC0y3ebo_=^3C!2jr=mJcjLtN_Z~lhhH+M%EZsP7OgRQ1~J~uBpJxo%U|5YeT3ZH+P z1yJyY^G}GpJoO6Geu48(9+C~67IapsF{&H$)A!pocnA4fV3pg7ACP5XqXAWAbpf-4 z2G>-<1Ht-SLq|x}^q1YIf4OcuIXX6+%~*yMK!6V)0J`%y+fDR1c&pjAPz{~^jY9M! zWfp8yb~xkbKG*j4uchg#DZ3TkPftjRG7=47*)XXtt_=`2BY@1ozyhJ7mSTqs=$7@h;6r5c@rMIqi$)+fkttnAb7$@0GZFv`4Ngk6b)Vx|gp8T7r>! z!ScNJ`@h0#BhM(P_6`q{YC3|jzqE@)`cbz=nL00}-DjMS`h<8YUiQrUHZUBu$1(?^ z7V|ToyYn1P_s<%qJ}Y|(Gus`B{2H}TJGR>}hSUxIoMSbQ&uuMKPG7UY`N_Q#CD+nr z3I9b%06D6{x9q;%FZWl?bKy537tJ>lo=>@0PMYuUUc9twi3dWXQR3R2)b8@O#MRp!sE7to8JnV_WyEC%fsQzmYL5nI6*T>{stgKwe zluLUDWUpj}c7zg<*OHU9e|X3*e+JK_1dO@5DkxwM6R3)u36ecZFbWPK&bm0fhBm*l zu;ekT9oJNJ7*_ZTcj++n6MCrU%<=iHQRLyyL<6~jYcn!8chN`7m5O1Vd4jU3!Eo7k zui15MtPeq%g+fXuv3fO^nTn-laQM;PBvDsd?|eE$u82-^Ig)3GZhNnie6Y)@?vhtZ zskvy%SgY8u!B0@AlVNj+EFx~lTbQb(AoaH^P*J-1ge-@QEaG>u`(DV?4C`q!4oRl*mfm@5}~16Evu zOQ!SUc2@v{*f%R(WE)L|>P^95ZoISzHdJ*j%u9eivPV6f0WaqgxzoeQMMe?XVL8uSdHa-bN56gZf8#c2k8*89zS9w9L6 z*|6-Y__d^Jyc_YK2RA1q{F&|+7SNU%?hOLU!1BQ6yI@6;XS>DSPCTAi^{?I@Q}>D9 z(<@hA1pu%5KL35w#)T@gcJC#0U^nW6dCp&JvTU^|ue+Q)>3t+;C6lG5 zAft2ILdM>@l^HP=29Q%J+kt^SbN-4jvLenwI2D~eyK8grgt60`e5KZ*Z$${R1~Hfr zFbNXZytK9-j>x`sBkgz>^NTniF}}?mM`FVQVFL+!yf2bh8N;M}OCscuvz+c-nV&h_ z{$X=fP$G@lmBWGe8Gfv8_bh_0urItPki9d+ae*%chcS%&jE9Y1;0mXoK58k7`fhF1 z=Yr$y)S!&6MwS=V)v_NfgF1qbs_1|XOM{`!P9STHs?-lJ;NvNh>D5SAoP*aZ*qHv< zP#q;<)~D?t6ypobdNiHv8?&$R8pBG+VS+bNMpJhJ3gM)y#=yRb9gv+S+yNltt z<^rOKwHTaXu*kq3{!*0?E?rBg_I=LxTnSEHp8fpFlZ#Htw`}<;k?(Rbv)P{ZUh~TH za7mrIYs#X5=m=vPTq2@}hR*o?3+hV+qCQgayT)*Q2>4#BC&qmwWc>*M1E(5<9;(tSVPVnfw{^sYFSLo@7zbgaa`O zi0pP%BCZ?lJ1I<2e(+_t%CdnvZEvl4cUEqQa=V{K6Ypn8wm{G|~+MiW^%y z)-;z_KbzqZpSqEtj(Br&YN>p`k7IGkqhw>p^nNHXqKB?|J5uytSZlFJQAX?k3F z)~mlScZkKXAv=BPcsCA9%8er;62m6xUm-u8+Rw)#C2AJGUdwL253Qyvx8F-@{^sRf z*u2xzAG<>;Sh1lWkW}41Jlg3&H6zR0b^&mF@zzZ2k`U9Q>HUf)ALzbw)gOD7o*bvZ z@IJ_PTp647o@!RlnYys(23u1DuLDk#;k?b{iF^c4TjZ#!`LG|gOS8lKHN4BqCAbpW@a*4Bwk*M9OV_U zm1E*!QrP8~Np_KK$_BKv9rvpW@H9~Mu0ov84)a8jn^^Hs@wlhuWm*I?O3h=vsB8iz zrm@Pzriq+Kaa`W${j-%Z?pDt6Lwj9yg{n?x*Bp0$D0y~e#jdR6`G^i2X0BYtO5b>K z@rA@WadOtFlUPhE#FUouV}?G6*@w%%jMJ)QDtn&;ql3#n9q^=@zYjS&b;Ky2Nj!+> zD#^PbMJ6leQ3@||;n9%_n`<(uc3=1|b=l8snmO1#--C2w;nwl9O1Hftu@RyTCC4rx z|1n5tRlDwmw^N|0Gk3elpt|)#5INtE76d}}w^^uG(y%KPfw!%p+soMg-h$+4XP4@! z!Y=O*s>jEs=4g<=f$90KN#x=U`_bh=U|`(s^hy5Da{S8>$|W+i2xgnRa0;Ifkoa{| z6ybHYelQn5{xnBhm{^^5fC((@?6++p*T&LKV_2aIPH#MM7hz8k$Hr=|+BmMMM(z7> zIa(HKsV*I%*H_ph(pp6fgdJ%tk>#rwr7~w{1GN|5wt|DTUK$tPk5I9(8t#z5(Y+!y$UlJxCgUYNKJGV8nOiq0*9 zYx^d=G+0c@gvD>&*TeIJo?Ox0#q{*-nFoN83OL=Mn=$WzB<)-^V7ZIA!1|(N>60192&s#%9MHIMTsR^*v_ZX;Xn^&hgj(%N-GEc`Yj=;V?lUZF5+s}^ITLh1+i);9mv_(x+ z1kK7EAxb)PO*aDOPo+g043O{LfAm)(mUiFqu8~sY_M4YWklDN%tSpm}cp>e+V)jX< zaVPe-O3pS(tbw=`-h8wZN0OEzzaf#k;ae|{W++R6<_uZ3#!;l(i))ZUS6m! zKD-b)AdyZzfSb0RMd|CK1Fq-I%&OFrt$WZwq)L|o$Si=ORE449IqO` zV}`7fO*RJy4C%Nhy(>-8R*ELRfr2YuXIVM*S{>znTdg5L>!vnq<`NK>GeOA4_7div z=TAKkz{U!pgM7l_b=T%l_p9mb#1*rYxVf1d+wXh_QWKYuf;qOHE6y34^`S(VDVVPT`u ziw>LdYVjkYP&B#UTO9uFdgeMUKW?UMXBWLwOcB4Rp{C3IgOLuf1|5`*kn_JoXWG*~ zZQ(XT#j^vR*}@8eAD3r-5-IQX3Z|#4Ay8_U(L2@ENx1uU4sXVcU>1|S`rMzJ~&HR?jy?$n60}au`K*#dJWa_{Qa6$s~ zlYi`v^XdlWp|i~2@Y2PG=dd?uR7XwmAiWtA{5SiwXC zT{BInj%i-s6iPRJ!w2mcLE;^K7+hx4TJxWg_{iG7C zp^3`F7w-&Fg#S;P6acV7BMk}(*_$aJnqAKSy~AsMY93O6K7k4Y_5A4bLk-TaE$hx^ zjF2B}2efmqflmQHYHO!6gv=7?P*adqnVHmFxeU~fn@29(Rqj|X=+IAE&dYmF-AtYM zIwcit;Yuzq=a=W^vols`iY~@Rz7IYQ&zk$v)<(GrsX34w zbN5mzeP>TvVl1(CnD%s~<}eO$Fv$8%yCSNDdET#S%T>wgLhtPO7*p+1teg(*y`0^@ zGSHUnLY@WZRy8<())Lh#>eIHa7<0Nt`!@c+?g?N=5C}j}Np0_J9m}aIdxo3tqS8 zw$%}%gi4pJ?y2H{O(jg)5?93dY*O0^3(@W1pM-n==-vOydynF*R{HS@l~^!XK4fKI zx$9uxIr>T4ZqH-H*jD!3(ia=~`Gm+1l%>|4A2(Urk44Usj=+MAc^`$`*gESxp1H;f ze&V~9!^-!k`V-?$oJdl^G?)^PPaMcKqN=RPj{IF={RxK*4v2ahJp(>nhLmW5l)N$_ z2%|5Pcj`2ae^=TE4z8}?RF@lVr<|nhcAboFoh`IsS4)V0I${l(Gz|`C zWiWq;qGM9KE5wr4y(VPLn9{v&dF0iX75>Z+KhV~D|7>h@t=G)O0MWL$K_!)V&CXd^ zGPoQ~I1;^zmH#34NY*K5j#+kiCjd+;p3hF>cJPimBV*6yx!gx#UMe(>aveNWjZ{UR zL*sGxtdWDw!$U`CCC|>LmPWR2FUHjMO=ZH!n$*d+-CQgm%b3zAei#&^O&WhdNY8<* z?L~Veo^EF2lqx4l3mf~bHGIQWoE!~wJ{!V)_inX_kUHE-A-8jsi?m|D5u5r$^&XrM zO_W}6*1VlMQoC*yT&yg}QbQ0IMxFx8dg`=q5E6GV)DpTO?xox5Td614h!y*L!|Xk- zCT$UDL96x0+RU`g8gJU-4$b13-%&SOZ)H}c@k)wHA-USd7(8L>_RJWQ3#X>+%+Xx> z*HZS~rqdxzX?WdS7rk@LBzll)=R8@;a#UhXL$zThBDzsoViRr6J}yy}&26!ew(n>y zv=qbqtNe&G{qBD%+81z%)|wf!+HH<5!usKt3tW-8oF7i`_e@_}p z-~_ABe3VGT6d8cy004x+SYhsR`Pj%P^-;C)q_@6&Y(RAIn}a`3(6oj!@#_W>e!8f< zot)CCeARYcZz`FK?b61Kw;f2vwl&*P498m%4>^Agu3If#o6EgGjg2-Gt#X85-b}`ir%e_A=`2rkE;7HNc7cNXnZ%HMmPEO=rK(+Bs@!4*GK+=9-pJd! zRbNgF@i`#UY;lZzUP4ZyNFEcK@WZBpdt#LRi^nO$*C|GmSyxfd^3W8EgGz~Ca(D|s zpw=_CIS=y$+1lB8(P~wK#?k<()2FdNhLzOr)X2~j;=3JrO)j^jJGgn+F=Z5ZM=cq0 z3dP+ESJ$@0wkk8a^doTN4|=1dDPN>2G8Z8#D(Q}JUW_P5R&^?C)K$CVaNAK-`t5;S$tzS$H!U{g`*#^ZBph^8C3& z`gmL0Uqn+ogw8}{Ag=QoN*5Hg-ceoM5L3}dZa_TfzH?8$n%B*7uVB#WmyQveZi>ev z5C4}I@claoJRtOop1nsnk=eicM{ykcdSG}*)T!I0h-zGGjfMFZMNcZ~R>sAEgSb0k zL2R|A21lrn!8)V;s6RRPrww)e$Y@F&mAGz8OT^u_8cypm%{VNC&H*Ds(WJpA{VrFi z0JEO}(a%JW^=xBKOj>5-W5$rEu12YDv=NsK5U;y%iw1oSi=v`5bGkHbbJxzfh;bh< zt$PXzqI0a9i=VTgbc*gUGtW(ePe>>&C)fBu{Hvz} znYxnuAb!oaffUVoGjHx+Pr8A4{VfUh{sBz7mkTtCz511zm9+x&6m#YuyVvP5uB$aD0-QfOdYma9{Z$JSGjUc@QgU!OPP^Mm zdpH&GE?Vdk`zXTfu5AK_vUH~XzWN5hHbMFN}CcwdqD|Ifkz!wah|G&j=4@S4=my{?-Nx7N7;)`q& zg_~)g57%%dTL~T|2<)!`v!06oU5*g@dD!2@{i>~-giW-GB3qTFW!IGX=Ze+fpVvBP z9nnRvHkLM_^-j`N69AC#se9poL|%dnF^+z0%jAJ6HH4t@S3M9=?~tJax;K3^h64EQ zauC`6VzZC6zOo~^*Vf6_sDs{-i`w3`d3%Ycl9&8&iwG*Z^S0sb*>_=JMWImmYhc`r zu5eqc7;qSQojE!+DXv$5->T`HEN+1A;OpW$U()bM`HI4d!k0u^rN=Gm{2%^kGWv?A zyNfsL+{e$HpL+!l*q*BlOsiNPQybqyHP%)7Rc%=CIh??7%x5G;mCiMq7Fx*0EK2Ff z7RxI!#Lr0I1aTK04JypyCk37tV-N3j!oXx-TKUvujUHbH(YX?7FCrR zI#TN(58y-xW#ciE)1U?cT6X0F%K`#6aB>*dVtdDoDbhjzn{|=+dAg<`z`_#Y&Zga# z@+c_4VB<}0kms!SBD!$a7{kgWE$g+Hm*cq#YU@-NTD|mUKhW3@MdT4O(OPZ|85w;` zmgOA0=8bbUC3M9E5kM4@;B~LxmZFzxd)R=!Q))J1n@DMuOvw8)wVejN1+n6m$xDcj zMjX>tK3$2!0z!UJ($J)Ead>WKZ-ts#YRtXuYU%6>Y5ASrJuWx?_Gp*6|A9NP*SwD- z?CG=V$;3MHxpe8gTNEnk12d`_-|Q`NuFemS2_1ACTN@zNMWzn}%Q4OjqyKy&$S7D) zw_G_D>ztk0Jel(43mNYRd_JxdjP13DKNFD6KCXrnF{KF?t|rD80>?+*WSx@ZM;@v~ zys)fJYHr-@619<&sQo^tQ=D0MPj?hAXrgvnaV)#=FM1WM0sdca7QYn1%#O|Vc=|oe z-3QDDo5YhXbHynbLKJU!KvGO8&+|t6J5NJZq$lY(jW?~@QT)7h*?lC~lVg;@9~qob zt2voNl=7-H{aW%SpCJB$iU6rl&lT1JQ>-?czK07gx-+_!x^clbu8B#(J}m4~QzR#A z;2_Rgn7D+wXayEpFB{PAjPE?~UV!t|bz`~40lHF=BZ_Y!bomb2)MuK&U++@4pQVAy zCoZC3Y;z~)v>q|(V)?MFCvmO|OknSlnyQ2O#(5cT$e=PCH`e!?pB1{}1`_MysW1ZE zqX~jl*xW3Bj#dKg<{kllJx)^k(t)y_No?R(3lY){J6$!*{~gr#m<_AW|G>_z_C)__f+{4g(Pqhfw5+iy$HqQx4UM<6UwkWddB0&2E56rT z8?2LFSMhrQ8Q?RWFKA{d=7ya+$WAs!oBc~i&1{g_y=I38|NGO+OOQ-7Tn8r{5HZ!=Lo{J9`#kj>9@g5VL zm~x8*Oa?v3OaUfVMVihD?DjChL!*UW}@o2@*mM!Lsf3OssRDGNL%+$L^poa zc*LFPVfVu8S9Pd43>0#b5m&pX6V~I%y3AFJk&H@t$CBVjS7QHr)78JOj1Qk*ZpE*q^ z={4nE;$kPK%P{wFKPO_GBv>svJ+R*DzDSn#)15b?ot`*fp@`+P_X*`=7wXg+cGcGc z1&=qGkF{4Xys)-bgg4(AFRx=|Tzl1R_h+U`)v}@k%j-X5j!30811~x)x zxt^SP9g-sQOKIr_8}yhrbhr@FYU>7h1b|f9mbpD$sxGkimRWFSxlt~zy}+@9gm+6y z$scfB%$cA)JQ}Lq-2Cb9LPX&8zn_ZnzhP1T#h(H}U^7m-4|R*o@)6avNdLWU;%%wS z17(r@wfa9Rtp6{M7Xc!}qJT4uS)sbeM=}mY-8RS1B!A8u&Zv?LJa(mgt^(3-)++Td>qefa6R(q`Xg0F95co6kr>^aa(bV!YUJ; zaZ*SqbLWg!D|zK`<^Lk>naZYkO4Vpr`7L|kc)NDid&*Jz(m-C|JFaK{zSl|ChmLD4 zX=%flDlNM)zjlqDKGJ>Y4k1kFWFccL;ZnCM{t1c}3oGm47ZX4a^`P^trx?GErfhjg zIg_jY!B+7}nv`&(khYMjF4m3k%)0_e9O0xc@?tum305+zyyAArp_U?etPo!2oji}2 zQ}fWj6Iq?mZ8l#VgQ!xoS~`0lXB_j(k?!1vX%)(dbbuH|g?A9!E z6eYdU#q)h)zlWyWhoA*3uAanhG%zr4U{4-h3%Q$t;CTqg^w^ zS;8!Bzu|dn^Q{cXHm2CsB=uZ}#+tZyqtqzTY?wk74wdfk(_Y9-a|yBv(tq!qyRGB` z-R>%#?$5ca{aFJBbASMJxXUS$n7w6Vm?)jbKukA)J{R zP{rE{2H4guOa3^adD21r%4M1HIwb6*lkDQpucqE1p6?cq`Nnkn_K5!5;Dda~@e@Cj2rRH#~uR|;-h08MXXIDR91#5Tw5q*<_ zDBI5xWR}1WmQ9O{E>3hh>j(=!Qc49=#1F-mNo}FRc3ipC`_EiPO=dwSI`%r&-ttjn zHtdO3iZ6;G@3_R4Zx@d;dx$yd3rh!7mV5JV5<7g(ai1v=1%D;je4iLQnmhQ%U!PJs zjLCQJ@EQ_M=j~ya!MU8yo7%Bg*y->B#f}>Xm){UDs}63gP|l=Y0=X>?>pM)-o1XW? zMG&I8dVu4I4JE=qu@f!mW$IC^-&(f+*&7#sEGD+au1fO0+->hwRv-8fA(*DiXEPf0 zIf2np#TbaZ#7vA%ga$?cTQLk=NUCMIh7le`P6u%Eub^qzj$0eywx81PQ ziAS1W)$?0RDLOyOyu2lSU|U)h<&YILunE%xk8~g}l$yZh6|d~sBOylbl!|U8`d{2_ zbT6mt#LX4#>=a7n`|2#taL&y7$1C59^Tc@l5H#arn|Fz$0h_(p4vD>X7eGVxDb8+w z8mpTXGo;jC5O$5IBBn42*1EtL=xF8BN=sASayUZAI63EBd{44(65N^o^yUBB9@Q1V z7zl~EBH>$@*-X%xOdntV-k}B1A?zzE1+00dQPjR$SlL{8>(0qOi2H1jRdVx}^pmq_K<_1Z zcSN~%o4mBIi0|5bP~DVw2Ziz4U9V_lOti2K%!!vLZg|T zT`I2hc&X)NT7q@}dhlMeNU30=`z9RjHtX)sm`^5|E_Nr|_UYD4Su9H{DqX+9?*zZ+ z@+uG?O^9U^kE?Ah-a?O9X9)8N-0?)ll2Bz0JR+j55jbb!aJ6}9tQrtItvGGF?ix9u z1<8Q=oeK@k`wd!`@fbRo4_nj7P=jSsqZRYin?vC6qq|4U6jTeJeDZ9|=x|mNwKAW# zUC)aY%x$kcB}`OG`#H;~T6AWeJ4>CSCQX$=F7NXMr6FTib~f>5s_6s5_5yzY1?~I~ z0J)gzzUZkb3A5_|N68gkOS-Hk%`&(-r2};9R=ZSU{ z*zv@s!2jo}C+L;D`PgVZ6U8{8)9#n~y>m>Ai#7Kml>`Ok`%gT$>=-hhAh6~Tuedc0 z4a;04+;QZS1KgquY(sm~9Y+RTP@{^W{+&x7K^WQ^Tp()1AqhH3QAyB>(wB^?5RFP# zv-R>ik!bO_5{?87;*PNOK0g>*esUDt`XCiml0C0(urvxIm_fyetA!XuSgJY_QpgP< z@Y7~}EbmH^!QY%LGDM|~+2YRaj>)9V0Z@i7W3}9(@q03NrJG(Fz~G@G-veoU>8p)? z4cgc;^oQO9LYpR4&z>qMfczw;o~)@2JiYz66fA*hKpF%9z=wr=jqhw4#}4Xwy0$~5 zGJYGXj6@5N)gAcmzw*u<-;Nv_>3ykvQp)G2Nz+j&koV2yC-X2}*E=ZA5oZ0jo`{dy z!pnqzur$8LBztt>e2t6UaZ1u(`QhmG$t3cwy0Kg7W)vzkQ@gQIB=2Jui##Dcv(V$wWd4#^tNOkZ6JDW6}6fkvF5VN9ZlNmS1I zj8|ACkLmh4KBvno)-16PgN1k#!Xf3^nZ+rvBH4`_5w9wtOU1o0*%w9k)&2m$p+!}2 z`eI;agEaz9Du0@z*@|4Zeh;fO1tS|s|p989NK0NWwV{lqpfU4 zy@8>l0W;1haQv)9igw}qPl99In}?--4dfIStxf4<&jrf-%gKpFICxD^p>q8=*A}jI z-jFl-Mq|e@?x9OHAq#jCJ6Dgw$bnBfI=mn-T%p$p`^4>1d}f24rH5Tvj7vTAmRM%+ z@nwi#llr7tj5uOz-_FhRS9|+*EXGEHR_52L%tXUM$*2d9fK(oLMP|+%dA=Y`G6?hb z{Ol&kQKj-=rEFfAO5A73Pm^#q_t};rL}m{)`>OP=%?7WwCe8a>-v{A&vF0{2dLi>s z)>fCk(lVv?WS4N;wRzoOLy=;)`@)uhhTK>xzvwCl_qW-%Lah|RGZAX0U0DHn1+|%A z;cJT=3vk2W77%qc^jz1yK)iC3;;kN#qhf5)PX2DojeLwIWEgm|uR{A~HSK`V;B#+$RLRi7AFd(=Zp) zYjt_}Ur-PR>OY|%{sYapA#NU?I;Hw6txAt*u(k?XXk$qbS(tQGuaU`*x?CFq=FwiN zLdOiD*RGF;3SP)~Seiv2jRC=gz=4CAU)Q7ySaFB$&8VH-+{ARo1|1bg{CEAHx8HAI?4xNbwrsay(X+cP@ zb>^8ebxU3~$s#))oEg8$Z8pP(?>8l1q0% zI{TMmubC{h=p`{1GeWT({nqy|z%tg) zf)HT}c6znp@*cLbmOE_A(&fb5(`mxwWKySnhjb+Bj4sUvF;~104@<7m7e#Zwr_${h zQ&$)20sgTx#-6Y$7$uEA-g;afKW^tsz`vH4c=MMq%oO$3fKqaUpZV9L0W)mecwe$K{^UtAF(-e>$ln79&9|;@ z?uvZ$jvja>ld3V0su!b_SK1)@P*qtqTutxtI#zJ;I8~Qdx1>aJ1WjaA;R zG3|wSSM<15zm60C!N4oH8`apz&Ln8KkHDs=UO?lMI1#qdVnsxC+gf2t#3IMUc;Vsz zkqTCZn%O6z*XsV4;oj_DC4|<_E~WQ8e*p1?o|cw-aB;#+r7Cc|S{$v4In@=(v-9p3 zqY~a}Fe9fr)bT?9?q0Hj^0!T5{8l`fb8eq|B-hS)hvp%%mx3~TO*J=n@8$1S{OVe> zSx%-tP=vwN-$TvW!~HE^;uO2dj1~UC@um^;G;$CFkEh#msG6VFwJ0pXA^kl1f+_#X z?;Lq;Eq4{ZRcN_@c-=OpRp4zPul!r^scNZg3LbkwF? zm{(EXANUC+gS+uuwXFOz1DO%(;|$o4*H(&fAOA@hB8?ZB7!!H2gyxq;=1KC$k+@7l&%PZfnKyf`B-bB>{VgT;}EFb!qqs6!^E}5(`@!y_s*N0{eD> zc9V*{wQf(2T5E5>H$$s8u9I$Dvn@PTylU0krgrlW{i&3a>6sDOoPlmsW)%bQz`1?_ z<~$Du)!Xay!IxIwfx{9~1-;yx&H))2V0&&ght6aiItB6(wB+++aCKfV3u&_&4fhjf+F*RE%OeL>X%4n*K?zU*)CB@x!k zWRJKuTq6{DwR12FadNGtMB8!U8Xwd0coyiIag~~iWLIZC<<|*|V_p{*At^oBuP`a; z?-I$%8KJ1sSvZ4`LLwi@{GZJ=%R}Ow&q~Pf2WRXcxDgyK|x}r9Ew5qqZ zOqQ|P!>l~+9(A&oeFKYia3|G0w{tZS|Ayps^|a#|n{B~YAbDP;*oE`s--3RL#g$b< zW6=@$_?73EH{Rr&#&~<$WLJOWaB$@0g%DiEO|&lRg=MG+bPnK{gnXMlJ2zf1fOoMw z6Z&}oE*!XF$ljo?k~d*oQ5M?e_yfe1e=}hp^4aNcq(%g7dK@w{pkhkx3P3HXa{}1& z%oeM^R!(e1B~^3vuzE57uky|^s?D`u^WD2{uz?Cvpv4`E1cxHUAuU=6S~R#jp)Cc9 z6)Us>LZG-ya4k^WEl7ZtBEf?N0zuA0_kQ15=gh1%bJona`ND^XWQ7R1@B4pU*Y6@B zKo@tLTK>?;*HJ!sXct~^?X>_W7%6E4XLp-Om@v#7_e-yw9u=mnN0q1dvEg5F>yV(8 z?1sjVrk~WC+c?^w_~Gx}DnV00>$fys77MS8S2U@CFNH_YC{pa^gOO(#hRbC-pQ`Jq z)Pb!jh~oelFd)P~nI*waP?@>G4b&tUweDOw8I=e#l1vLo&K<%}5&3$XX&Xl+{Z8W<*%DoB`MW+ zj|oh97*VF-)hVfoG-)G^Ys3@s1eG5A_~CX^%A<@V-RP_k1pFW%iZ}}YRd@*ZPgyCzeVnCDAYS{d%^W5?szbK;YZ=Dgmn9`v%Ift4 zrZgJkq~f!&B%-$*JiY2P%VPq_3IYTOQVcq|OhC>Tc}S$aoFW#_^KmO45APsJ?v*pa zo=P3B-hZiiyc)*RxS=NY2f(zO)BK-QiOp1afL-Z@{y?QoSJ2Dbt4yvLb%-BcL$xi@ zHq!bta|G+UG6R!yb)VTLF2y+Gk_nbvK^1lZoIF6B8WH4M!FHv6X5)9)bSmn_f`20D z6!7MvJBLR;y3EOs);pA5o9oZ1wt=4`OJBZhS#3a~5zIZ^o>mI7c4K`-wa7OK>wA62 z5(C(^vg#_3K8e3Y*vL{c>6&OXF0mRnTM=!wY{WzLHG+w>qckor72s4RK-0ra0Vn>d zX9x?b{E8@}1*iaIwRUW)=7fi`NH-c7$`OFCF*2^_R-Ksvd@%=nPOly$$9;B+8CEcE zRataBvd}!LhmLwg`&+-Pl*#x+*lZ`Ry&KgRDpICCb+iUY7gc^mbN3euTIXYv+4S;W zC68{-6Gf(?6I^u_9$lsr7FN0k*e%98XR&b{%P)O{^z#gm%I6qd87+6AZDnm`-On5K zJ!@(omQ~dLJqtkeLMF#wySWKhw7XSBfo^X|J9h1f_&xHpb1=Ve&Q`#sWbne04p>Ll zqDPSZr78(5%8W01a;~fIoyqX>3T^PQ+`QY8(z%-2H)*QM$M}+kia$^nIsjN+?dYX( z^17*MkBvhcftIE&ecj@ZOUI8sN@?V$$M!3&)SVdf3RjBZ{_6bRv-PM#-TL)S)(Q#m zzyf~ormtDd)G!OSki^2EO;43-I!=8>>_ecbEv>t8GZON>eL`)_H3VJB`cSa|-_(6K zBf0A)BViwYb-CxyyAumvwjkGmPt{nw;I$~wjnNsp%qQJ`JfO3l-YW~?dw*v-Z%1+O z-Pu2~DdunTVHtT~5vIv_csOYkDJz5eqLZtCq3uOVXLNG`f-{x179tAtg_wdq)_qto z{=-9E2sl!A2UJ8fVipcXidY?h5NcI?f`UsxRC~J)I-;T(u~%DPBy>OOvb-`FlxYwY zhjYwa-yR*kWv#U%rIn#Nsbsb|x$>8~^VUG;A?wRxJ#uTUjDB@uRXs#{jpnY#fq4F{ z!%x-M9`+G|?hz)!D&V`$tIDm~xqz}Ff$EV)p2M#I)u8L$Q&*#q76bdE?r1J1jwkh8 z(k7PdCG3ThCUBGQ;|RekWIiu_1=VSlQtXb5$ak1FbP666C=%zPDOHh`a4Hq8uC`Z3EUNK0$ z9~OtdYI!w^6$sw4+%`JheHCm_zo!)Y#Je`3EV4MGs@PfeDlo9#7rpK#=&toDLF(-% zy_4@*;;)QAdjy+~%bwxdpOc*mOSMlcGG5odmdiF?TBQIzL+UM-i0jAduj3sorHwd8W-wI-vqM$ zv3_Vvii?XA0l3sO%6f3dFK3AQ0LX^^H5svlE9NMq9HZsRsPr(Y9^Z;z(W!9&?umi| zHAn>NA&s5gUEg#@zgjLCAUtUP;#WBjU`p>JA4ARCJs!5uP3>g@yyAUw|NXji@0vd2 z`TFQm(OxOsh===YqR8uK)L1_~8zFZ&lI@}oliFm)XZq>Wx|9&_}& z&cxEj?{nf!X?+J%w@@6%j$lb6o>6Mg<*l(^{oNIBWaZ@I5WHW3UH{6QS6Nx{)G+qo zBYzo3B|4@IK>qOohx%=04{CO~2SJB|n?&W)pNoLYE?gxd!UPrGC`Yon41vWg^c$-4%EBD*k-t5-6L3$}UY@)Ln)?aN`P=P6Z71VLM?r z$vw~Y*~|B0uKY4MzinqN6ec=r>%3}+eob-=CV0HPoTYP(Xi9M?J2u^)d^1KR-sJMHpAcln! z1wDlw>va$VU<|^xLM=gWT?0PqJ1}vr+j2Yp7nJAxrmKPaz;JJE1nH}V6C~s-Xrs>= zKPD!bV%#bYSyjLviJ0Yy@4BtrB+hIu;!@(88phq@`h~H%`pEu@oRCFYVVcZ_dLWS2 zo!b{biK|D5nJg?CC-i!!vfcdFmVD02$oy~ZBK0#^667ot{GdclBSb=qo_8GkV2O#0 zCLrpi@`*7LX|BC`bai!KvEOe)D6xa?nDKR{fr0m36^60Lq4&tW1_^vG zOLrz?XZTIZS!f*OQ+c#+wCvvDQl0?Ys>S#m-Wx>PS)8Q(H4lr9h*vt%AT@#qI=_i$ zeqOWHj3^YS(4$!~R;R=heE!_Nv3%Y=!e*ZYwg=!M|7A z{IE~zjx${+0CBYmM)`zwq*(^=%x@f?*)>drxH=LQB^zWJt$|Xq9k+3Kix;~#KyLlS z<38Xy0B6v$VQS?yBDkp9K-$@gaz+UUs)D?(hd(qNZA&YgDM@XE?0v z9~S+_yyiUZ?5Vuj@-81_!wjqL#JTLdgx?iQKaJ2?$7?2;x59bbIPk~y;T&zw0nOz` z`_7T>0mh}_QZ&+I`sGX4M>TIlf~<>Mrz=}msC4r`@l`8`o)tT&@i7g5X0~m7ha-c1 zYse`HjlWJRyO#l%ex5w7F z)UPjWpcKCzpB|C?El~u)KEmu7RAY{D&B80`?%#MPZcBR{mw}kllGVpjXR3DK#gD-S z-4^k~$iKMb9tp4QiIHTU+S*p--aF_1SoO3l-g*o0(BHoGx%V<_pW>rS|!SfBc!8LbfLU)wEtCNxgof((4-@THrQ`5!Rc-_KYB}Ck zl6p&!^S-pS>Heu0L`RCXB#-2DJectk@6OoJdE?W67_W>B)D4MB(pdvgx1)PwtM9so zZcx_+BrnvgLMy(HXsL;ra0O6$=*d_vb_7}4YiXfYxo>AE4-ROU1S)#%Hk?jL&Cht$ zvA@xMg`1NPLD-w-q!%&ZL7&0=V+(qe+FtEuxxZf01Kn%cS+r)?>OALwfKr}=$DNP2 z7Df~ED&D`eN=#5rO0qi?I%bx|RJ|1N3OA(aHF>n(UZ;>DXrS&D-MhfZ!=qbbA<}tz zcnyo~a%I_v7=Q!n*Gx78kM_$R&MBDhFTNq*SSbQhu-2vP@;XdEN1cD9UsdOiD@-m9mAKLWOePh zB-fZKc%_)1Z-`BOuy#usI#mj$En7gmbNHrF#*2X}Wv01xi9!2pxhYaxI2ZHg0{s>bOszsL<^AU%GUcLRnr$`)Yzt z_P_Ll-uM+aJQpKiNL`cS;4M5PLYqsaq^;3D=5&JallB?r!QFrHl+y*)vOGK<6o~T5 zd08EJ=970xK#DVsracFq4RTU`jUhv7#j)={jLS?pNhjK4HyZOtZ8I-lNu>hd2|MLs zJdhlO{NSEB9nR@6q}?fjd-2zX-?@eNG~QM$DPcTcca{9p$Z)p;U7lDEbZTO8@Ag7R z@EP_AutTbe4nNc;h=86*ny_YBe}X@U3nl(4WN8lkFua%)JYYD{Cq@;fCgaOdeqixv z7MU)lXJXiOQ~IXQvCJ%@tt04k3V~wbnxM1qLSnUs+$Ou}34YQwdsl_j)sp3EVL+Hb z&}{U6Repee5qX$efiN2lgmd~3C!jKjet;1%iwtNT2vRP{bX|D1u))5M?aj5w9HvNq z2A*AAR;tncNH?|8X*PEFgQjr$OEFi)iG`bap<#h)4DrT?iGR+(7SJ2QVBb!6v=GiR z`8RfyFNd8TXEfw|Nctv=4;@%;I`Ibv?_(0F)K{D@8B@1dEtrD)NMCU}X)%%9AJXX~ zdB|{u7vbIvHSW@xyA)mgub{-)hVzo{1xfVEC3zlxSm*V?=AdtR6nB&^%=hc_0edcOXuK%2vF^S@tg?tz4CiF^a2W9#RZ=G zF=)8=s;Z~}4Oi;F9z+CxpmKOZSZ_YFD;N3uW?o*xWC8|H5vQN3;JnI#+w`%r=_?x> zOc6n67c-_9wrhylP5_5)Elo>BMWz=|Fa(O6Dx8wJNd9*Q*a_c1EeDxPlGY^+)<#Lq6k%wnVY2mkoxCxWG(ca|snYZ5(+MF6ve>6>! z&EF2{1NuogxLo|8^L0B~EJ;q(<}G=#9>F>|Di$qqE=MC<_ldmX(tC{z@6_&0^X`Wh zsj8-sZ1M%eGF)foM(`!?BkLiaP%Gx-*S&cyoqpm~Z>oz-^;)u4HY;g?{!`85coA5> zsottKLo^;!|Fznx6K}FYpL|q7HoS0W_NfrlR?@RjSd_H#pTBT=;=|CAFl0BDtuOQ0nL`*ey~szut*q7OAv3Ic?g zt=4oPdhcO&wzlr)!E^9wXSLU!2J#SfOyO~jX-z@hT(W;II;G0s0Y!#kb=%4O>huOd zY1iWSSCr7)4;WNpM{@7&Ce7XMwUyGa^`Ice^kWzKhPl6noz`hLD)AxAPLVn3k|X0I z;;~A0(`GFbqj&gA`VTt8HooDDi_I*Pq#Uz*Xn00*vO2EI`PCfC2FlyIrtpgj4a|Zl zrr+{Sp&Kf~w8lZWLd&RHaiX%nLAkw^rbUC4dWpZREX~CWGxpsBvReF3iy~|ar-L9) zt{yM8jYO^8m{0gXh+;PrELLRcfFcr@95Wq$QB3$@d|7`532lDx4wCBdYnhXVZ}$|@ zi&#^~7|}~DZ*7E?#XfuGE>!I`3WZ zL?vrSCrj&VhUFh~VPP$(dK1JrqH%N4sB*uPWC1ASeQfc|*SddefSTcsBF44LzssJk z_RKR%*u{LUZoJ&%vS>WY2a2y7Rj`{r*vYT(2_!*SHn&;Z8Co z9kQ7yIf)Dyi1WotYB!_D6eIy|IB=}!rm3d9N0x5A&}dEC>_ii$92w!w{?q|a=yu5O z?#Z%sn|1cL<#(XSNpK{Vx|%1=m5P0B?uVU5xu+1y;2P%+vnCdc4QOG~``35^%z={Hpoq*Y&Tttpa|A}ETj zTmyC^qRfSAud>!Q-*|qYrg~U|@w6;w^!xh5aZiC$*~t%AXmDV3I#uBdsehUzp%Ghv z0;jO4HyGD05pCO5*Y1XvtoPG@Vu`Lc+3wj7Lv_TrGp!}a+Wc^Vk=62u^NQMAl*>q1 z&AuhoSY$8x0xH(wyjS9w$BHS?xL5q3BW-pTc{-w+WaQB1mQ7PYq=#gk{6mfeG*U2G z60Q8A%`{j#o8J0BE7qVd=br!s-!XM^&6D+dqn-HU0z*Z@fcH|-&C{)G8Zpr!W_ z8BJY(QBe^;-2OoR*hK>=rA|Zoh~&D11O{vqph?RUh;Ytnr|eUOF`rbH0?%>hrxySmK;?KoR;^AfJzoesiT?eg z{W_@ScQbaXf6WgOAa?QPKfM?ipT|os-l=9^fOY#KrU7Q69u+KH4Z=3>L^;hg_{0O( zzEMDd{_DZBjX@bgJVWBS0;4GK$n>;P=F~kG0ZjcwL@HsX`E0#eL;46P1_2_u z0DPS)B<#b7G#R=F4-|ku>*r4LmoI5X6T(h&i$1Ams>$DR$9DN%7M@+e+Yam&h=IiF zznc}q2X9{A<8i{sJdOF~!176pqo RA;6VO%Fi|Ai)BsU{Ra|URDl2h literal 44504 zcmdSBXIN8h)Gmk(M4F0H1zxF2l`dTYL8&SN(xrDoZ=qPI(xjJALA&gbRg%O3vfM{TcAM;#>hpL0**gTf_w)guMb3%MenJ`bEZlO>0<&zg zb&9Ge!I~^`k9sFmMqF6egL#(`zv${J#BNp6?8-b-VzlO<__pM*sz@^j?r8k1@V&zQ zH7+U>FKmenP|ll)qEe@}PhUh+PC%of^dF>en(c;p7UPNhOI6>0d`Kun!H!qBQ#JGp z4>g0gvBh7Nh%=!CL$R5^fB&{?H+gN)ULhm<*a!Ii^?s-r4?n*Xks3BUvV*!HV%yJ# z0R|Puzn=_IiL~CnbLTn7ZPJ|l&;4^bI5;krV??fgA`AZh`cZBu@oY|f$VMt>0PWk3 z+bX*o9Y%VvgM(JvzIdYK9lzuKz`$i2y9vAf#>S_Y-$geGrgU-6iaJ&MTl0FeNP9Ui z=#cVq9DG9^9UbWwAs$6G}X! zTl-=8SF~H|)Ya8DS2jc>a)^h6RX0g;`NXcSE+QI5j8pVCFTltA{R_BD68m$$P*pwO z^=mJnBl`a~^s`IgqPXn$R@^3{0Wd)k8niLOX1vLJ*|O>nQMP8GO%8g}#qDc0Ql#ge z%IlIYJ{ScbY^KHw)9hr$_J;1o;RH&dr?wqAbOPCV4dou)ab#_S1z8(vnA445$63{@ zZuHX&EGj@()!Dgz_&FHu{%%N zDkAMwWqQ`dAm+1r;O3Z?1nT1Pr~ z4qv$|i$>L)vL5){3$NjY8ii#v!&ML{>j68qx3a-JUE!ULl1Avs`%n{;J?~p_-u2!A zG-5_i&#v9{M6yKap~nJ88xZ@!R-Lr+{(I8ReAd0Z@2n9;G$ zuD%fi@v63H`rl6f#lGhgmw<)L0o;&<=QtJM>7SbU%#L^iKE7T7>;8;}_Ob~{PA!(b z3Ybt-%f6+~`M9+3lb2lhU7V+XtfyYR+u$(aM>dvUIV z40G0oP8vlg4&FZ=PJK%fq~h3ZA9rl zbqChsL|4YUoPr+qOP^An;v8DHTZ7#{sTsk00^xOijk{~<=H}Sm_;cA7;O8)*)_zFA zo=c$+LZr-GdiSy8ro}tjShF&b61pjD_dSG@QX6iNisSu|-5_j)I37R z*lff5i^GS;cId7HG53Rbv&L*`fzV8^orqU0msx$mZ?v1p98T8N)6DR_Vf8N0?;`8` z)CGC4wl*lHVY=y>AJ(3(p}inrbE*M`q84`fu|0~t-}xdSa&Ih8Xy-@4nOtmVC7@Zs zBpm8(IEZ(57a?tNDPpNar-DTNaGm!1qohES;77G)lAtimu(!eJ?}m3E2LWj_;$YTH z!>;Jm92D!UNH@Q;N8=i#dRRlXq4b1fHZ={Ru%R$$v>mPz-6%OjHPC+jfExXi4?S;s$L&-;zHwV`0F#x_LPv9BD||5uo-1JPnl$%u2;#a=sOTdx*Yf-U)0`*-?RBF_*@V2^maeQb!7Uk`e zBZ8I9d=AwI%dzPVm;w!{DJW zzL*8{5m#lU=5f1}$>yA1!o1yG=60hhMe&z|L&L%*7a59no{Xd9#F5w6G*k~yY>Z}m zCUb)Npy?XE*_p)8raAT+atJw1-Kq6*8YpJ$NmC+Y) ztlzD2q%(pQB`!REVA_3m;`ks@G}^HTRmdfyTN=+n0A%u8EOe`e*%w9>n zJv|xnocU|JX3^)-(jR(A8%TptJfEjPljraG!Y+d#XUPtW=XRx8*(<6%`P1abnc zDCr}H?5~W!R!Hta%kSaNk5H!lnJCuV$vE+ijTxnR2I(ftK1KHP^P^8-gzXWC@h?07 zW6HJXb@|8VQ`<8l`sjBQ8?5r7$As4t9qxP!a-F)&iP?UoEBp)6pf7{D?)6iCeD^TW1n>AX}cN5 zlzBfxKv9cRBedtK#|}Nd>*J~#CpB<*sS4IYVRXGs)T#I zsQc#DyCWr#*_1A>xj4R=32cxTjUVUt=NUBx>%oxKVgCPj+VwjT0>fiOnb5uhkvbCx>qm=KEM6@h<6@r zo33=2fxg0@JP{EOv>4y|n7g9yD;ixAO~>+8UQ|@k$kt-sf``=)+pGeJD$pMokPPqp%}1gBP5apI zBw;8sbgO*z;AZTxZ#eC#<-tJo1c*Mg0|$cL7|AQ_9nEQx+OTIVpA64i(}Hk^z36?R zBlS38p&0-1M3YV@m+CQnar?)Yww}Kjf{%=6prvI?f6(=8>7}(a;;4?O7%AuUbvMLu zsWNzK(i0srrm&7~6`OjPnr+(deYJ>FtjjbjYO8z(&s$_!H=U(Y4X|Q zJCR6G0z3Q`VSUtbW$~Q@9Tv{VWs;Z1B<^?8Q&(3)p1t2l;~1SkN}D63fMX~BSd3!K z^Btnu0kky>VU^Z)adaNyHJ;lXBcUIH|IUU)5qCPYftr6$8Pozz_!A;(t%E$D!u|>N z@K^cE|NUT7Ac@P0(~ieURZHu-$MAz1zFsxnWIjPoUYGTPQTyZ5r^>rrf>utQ^fAr2 z0IMMW6^iYKlI^{afO$>lL`SfiuX^7ACp+rpY4j3Ek3&B2gd#6;x=#S5WWDD{hYZTN z0`H2aQDE5+)ayf>yuUy&KX1tZv`dFa)Fv&9aM)`xJcu z0fz!%iKp~>7LN#(1@?5;Z^lH&P;yE0DWiI_pMqM-_g$YhA^1PC%;j-=j<5H zaQCdC$9Hld9-O8(UN>5HUys}QAXDHN;%75~&T{OaOo&PwgVDFHn$LFdT%PkRO6+qv z!o|?79sMdd#QoM6j*~?VNY3N>5_Y#GMTaGk9lR2|)%CMwak*z@@wmg6BAl{G=TCwS7NF8-T`Py^33StwDsMl;B_ai!r$}OmkQTWAeSqB>r~> z-9NaBdy%vWut3=9{=V7pkIppYhc##a>4$E(yBk0%!=m!IGLHpnyO)|5C)jDEPe0ps zRVc!LNE`SVd~^r_+>D9Jo#*yJ7E&Fp=ir94)@^8Cko|;F$5>b5j zfsVK?9W%7E3Cg?kJ0d{;u920oL(jOsA;^sB;XU?-&L=Wf_WN1`H4x%b%@Pq}U6j=# zu+=3APL4bs(a?kDusl^2z zWD#%H$ zhaP}-2cA*pWdW)Qu@!l4Of<3m{wk%i5;cWCSH0cOx()eJ$huAZ@roONy@)r;74Dv$ zBX#EE&4y?tV%WSR$;Y70uG_0L?;N&t;svOwVlp0RYJ*5zNK2Tn8u#8jGt0W9l|Vk~ z7bpbd1~mJ$skM*4sRw}RG=)yd@QMn_q(ngNH4^Gg3pzRWA?dp}L*6)9uca2!_S2gG z(hd`VjpW@C=D8Wu-sj$ZFk+pry9o7dUj1A6I`dvcdf)Z*!<#@RvRpP)REQ`p9H@3E z{bLuqrSQ_)nlXJ&Pg=?3Nv%pgn|z?Ix7jV^T_MxVENE~o=ca6O%cef24CD#BPA$hL z?%Qm|kl82>Jmkzu9I*yWd^yCq783sCfbPf4miE_E=$QS2m*fV8R-v_mwF#M;IZ(am zs#yd4b4RCNb7H2Dv#0;4d;s_i&wdCIkK zKDw|^nXyaTJJs!NtGTDGpuAh@hz>by!i=yLFMcc#HUG_?HfKzWI#=nQDX|Rkc|*%G zIzT@h>);tb#!kr`Q1D$&B5HT4B&T%NcXeT4vJi7I0EzKf;%aR!`RSDr*0(1w z)^u};m7qx2YQOL;aXsWeQuac^DHdF~)h=>nbA7MZot zLky8G1n$zvX)5iU?n7y?Bgy^sG8{qY2PNY<5vsqlJy2b3e-x$c^KKPC*B9sbcw(y_ zsW@9{yd4=S#Ww<1IR-5R{Y}AiUvp+mZWP6F*~1KngSeYFJ5x<`*UHU2t&-;$ov1eM zfTVkbPSKH%{fz$_XjvTd2FVqd`VME$E5O;w$^5-xb1o2Vkkp-z_Wka_HjgUzn5F=( z{;S9dV0-AVEcYfG8ykP>)*T`P-^a!qIK-Ap1;!&H=P}bE4cU)R zLlO3BB*Fuw5Cm>mBMh*H^Vx537jV*$EnnVx@u7OSuEHA!506SwQTG+@wlJU|JB7<1 zqhRE>%c7XVIiG$PQBF)UbFLVEZguTr;|FRM5+$2VYduOLFng|N(vXq;L)-5{y6|{r zN8&7_u8Fadkv)6xZH^>b{y0QpByUsv2j}?@m_*I?T>1aeD;@TE0g0Cr;j9j)DK0}(j@78^O`zqoU<4r8hc!i@=ALVBq~4!jH3wqkdS@iN{C*kR&+CnQq7z4M_2LkSN}-iA z)$i?YZcVq+gaW11?>VmPsgEzWwcR~@-CM~Pyi#};JB5`o`i^=IA|&eQL4|d7M$NU|f{=D%(JOLPqXwhLTt+I=Tc4&0L2&UtJ^PT?`|Jwendj8#m%9=Uu9* zc2Sw-hKhgMsA3R7e{kaYtK<>*7Wj5N`=HQ2j5_GI#7{a-?3%C0{0$T!kb}Rc=;s#T3cx>&0NjIhf&tM49Rb1?S@%_PJw-4bcerFlcen$ z251pS78VT!zgcgFbS>JE`0+M9S1kF)ckM=#8T8XY+~3@aUTJd+5_egUEHY}_Fs54= zc*bKHTBj{6vgoSRtUjyh?dLL_NBm_yqtkxWyPC9(?;AKgG?z7=W3D+$!Ke&=LOYg} zI3m2_vq^li;ygm>?(Hr2ZR8VeNu|;CD4!~dyc>T{_VQ8lgUT@)imq=csT(!`f%w?6 z?OEOz)o-#w07VsDh5|tidy{6&v>_d7Y*nn9Tk&mROq>rtZmbMF6Sme`6CctrfnOK4 ztUX<&0hh-mQ06U2DK-g&-yepji~ltjnrq%&TO90bwri7JqAF;?tbG`hgYKj%XN@{< zxcIquGYa4JUWV+Y`!G2!|_b3N8ZWz z{S1FXB^Ieox!r(?zwQUCpD1DjlvCYbDM07Ll;(*e+kjRt3DmDQ&^OBM<@i)&bCQC$ zQi%j$ROCP-#*xA`VXU>S7^mToeD%1ZbNp<4Fuy93cyE`VvWs_>B6O{bS4-IJlzhfj zh!neM=AYd-ZfvI|yMt%Jf&1K=7r5#w^R-gKDb=Hr=EslBxG|$OJ3Y}OxX*s^lnS-h zhVke*V7UM%=Cvz2f3n(K7J69u=jp`tRX3QLs3Q8W(q>H6La2yz0L91(H zxE`-l8CIDjaK}$FrkG|?e~(Tafs8cz=^BO3c}PXprL>}Wf)1S}Z}6P_y~Ys|MA9r{ zh8myoDzj|7z@8Bj@nonJWGLf*oRf62XkIG8wyn>Q+a8EfwhRi@+!&^;jg0`Jq4d#m zenmr-ZzBaJ;xp)eB3shX_0Z6Fvy%x`77aufdw-LGF-`i%>)^tHvFJ!y^3XFRoDyH- zr&0MEieJ*lSspIq1gPS5)<<3ffQ&iB!Gwx+e{2o(#z_y?M(EkWoXfaxT^n{uw?6`* zEvFHf+VxdYF_mpT-RsZm4q!>oq*$VcbbSH8YdJc}Sv5o6w}SYdFr0!FHf<*!%yp^y zK}*)1w;3}nxO-RVvT^R9&jx8#bV1)3)I-JScg_8VTI}UQ+5paKocYB`$&>*{Ux(SC zowqrfe%%k((6wzpTmTz}Cn${>d?=->hec}7@1SW=0gx3J%k!RK4S*pqboma>)vP~e zQ*gm#9Pq1_2usj)<&g0z4;PNw?S(dB=n-WOnF<%?V!>sbNz$A?zOQZ;C@n!HrIQm( zzbpMLmGCV3zBpvV*y(?9AFzCO#{>abu+~_%mTkWWC{=XxL}IWgZW7}Ini!u}D=Pf!7a#e1fODW+m6jR~^NUNq z`Q=Q|)hh3=k}JQAlHy-BzQNgb>1kkFuxY?E4n}rns1XOa;kRO=5iW0jV#l@Ovt0?$E0}pUWQ<>TwV)dWUd;_+n4> z_4G9AfCyT-a`)`D$uin$lSWgNv8bXD-BoM0$NqO7M=V5ksm@JOAK%MY5?q6}zT?TU z#J9+xb9j_BfA^3$gzJyh{}O6 zLPh3*Vr(2PHR;U0Zt--v>4ozx$Gw{>7OzcP#bmAIU4gaLum1SIc(2*+Cx5$oF6?uw z`0S6oG{0Z%0u933WQ~4*w6FrZo?F z6wAx7vv!yohx&&;K)79Sor?~|?5TVEzFxd8ZM-^F0ty4BYUw{@*>!3XOFVU}6>R)0 z@ufVR{S9PdWV{As&8>Eaev3p@81Vn-4y&LG_qE^a_q7c}_{MRM_ZKDex%p0WR5)*Y z#)Ua`dLW7nZZj}5%1o6oGpOYE*;ZBh@lHPK9(#ILj-B|LTOgN=q>vDgjHrycjGXf|F7rU% zZ@)6AIh(OIcj(;$V;RNdIC-t?LbdiD;C7>wxt$Hu)$LlDU?yHFk9$vefo}T6v0l@tp zsVC#Wbq8$|!@c2AfC#6plWpBQ?YP5M`%N0En9TXfC(l)TR;9wjC(LxI4x?t|#`ST* zFE)pY9xZR``r2LNi=c>9H#GyQh^H#++lZgB z1juc|0r4A^?J05!t~+l-k?_;SG3QTDsUjdHP(N-SxUbOrL5AjfN6l(8qxZJjn(+zD z0ASy#V!(Av4}@Z!@v&EL2TcQo^vaT#k4M+$a~YQ~DgW!oF(r#SY_>s&37PM9q%0|X{Qg524U}T%c#EjqQ41qsjWM~g4e%}62QPz8&j!4hMPNzBV zCq)K~oCs>1hpmBC%pD zUf7d_dFfitWvi}Uz&OL$BDjWlGEt1?x+7-PbNb<;f6|_c8W=w4!}-Iyi&rh8c%7|C zC}|L$$Cms{mwFpevYidp+sqB=Yb>q|)%sB*Z52FTOG`7x!@|kY@u-*Sm?~a@F2;aYXP14g zoFJ|^EB7ELOPjSQT&EZWB}i}NX(_mD=Dctq%i2Ey7O&GW#I#7oLiEQf@9rJL0(U9_ z4u?6MI9akbw*(=uI*t?|xTSIE=kg!jzj#8Qmzz z5iqR!PrE&>9NO!I^_}dVgUYnZ#73IOe?YFO_LcsTP($NVllch>F&6khBGi6sN1~Sg zOX~7Xc*sk=9Cq8Q$dfE_f~AC=I`3}4P;@LRjb$Nposi~izE=;?(0diUr}|!N*)BM{ zh3EiXP++*(h|rSry{Yo4EA=t!5Bzp`K;*)Sxa0}QCg3*{Qb>zgsoie^;uoLmR$vhh zU31u_)#H1^I}T2ZdTM;cvU7M#+S$TzhcaJ4IDu3>A-O;#k z_)=m`O;k@^Pj%(iqQL|d8xkB!3Lf|Lx!=i&6;7-C>o9m9@XwR!(B==@@z!SGvZS%- zk^_3kpDbT&HP%>jI1{-@k>PG3=DOf?i$;u&`ouSY<1EE0GwcQk6saE3$MCYw{l%7@ zQD|^5V8{--YzYyIC1&?7xWR{2fK9MTpBtRKyb*nS#+@o@$T>uz#Lvg-#{2>ZykjN? zo&bf`KV!<0D&zjvNCTqhlSNgzG)XJ2 zH?hbHQ8T_%?}g~Laa;%M%O!UQ!Y1=-Xw)Y7J$YJPIdn!19M&y)4FG3&pTy3hR}i-V*te_mNc z5Vr`@6>dE0TNM;%3c`wmLt2UGy{b?=f!O00>Kk_QNY(A>@pJS^HRQ9l69%VX-+xld zrJQWN8leo|+Ej!D5XwLrIC{UL(Y86;3dcwRzbW&lsp(H$%4AaTClF|nxcM4zLkZHx z7j%Eg*)MJVw@)Ud?EqIapY|m9tFi-EKEftIx(%CgFqLi|NJ>9J6dcixi3rQPb)WPc zhy$vm4Nla5W-2|cJz2*CszNdNCd>-1lx_&u=eYpX;ureI+i;iArc59NnG9VS%$E_k zmF^k>YgH&$z~ZYaQHZ+`nK-F`biX}WTjyFw)7zhvhn^Lt-veo=9q&Qyza_5Sd+UbcA17^1uy8-x-SrNz2cF=*(E%+41+=UGnaf z^vbCVPk4GnmAL!QR-57*?skZ35*hx445v7W|ZeUAABz;!YhxsBAvmtlPz)gke6 zu_U_Vf5uhOrO$0k`$yk2gMM~4xlS zH;u_Iwxa~g-&Le(GF>)x4|jB)#$$U@6-wB?aZN6)P1U{;g=aP>)e>XK7~U)|C>pur zGP16a?yO}53f=$0@zYJgeST~C=E2-8Fn?fca2m(O{f1pe!5Z1E;95(yvS{sUmgh$Moo~q{K$uRiwCD)E0bWF3_{s96f|}_EIlQDwx+t(D@H994vmv za~KS@{&2?!ptFq#ZomacXIRH5dO+s%2BOudUQ}yJ_naHz9_+lQfuUcU$s*&+4rJFCb*2Aqn(`#gCyT%|z+5;zlWSR3;W8Npc zs0}EXmdHw*E3q1otw7sS52^VonxfCZ{fczNKK>2jL+{g%<_!aPicJ*W=DgvuwGNl^ z+&ezqe|>cFAiHnPT4FPkygtR&VV3Un6c{JCB9oWLRc=}U6MSOG;Lyk(8Oe1?rKriEfgb+!|1WWycEFofG%t7eIZ>d>;QhOx8lujf9+0<~MM1%7{>yaQ~> zc`ix!o-G;BFvM|!_wc1M_PNPEgkPdsfS-T5!o&|7d`Z_YKJ@YSZaslJYnIxR{w@zM z{savQ-MeSpjjXYzxJqi|LzAG-yuZ%vf3vx%Lt{uu%m1&)e0E{*3}F9qJG`egtmb_8lfD*$9{u@A z-mdsu5Gh@jEX~PC9CSOvXaJM#=Hv0NWXiK4PIFRC$RiuV{AYY^XvhXRvtaB8ms;GQ zER$GYw|C+u4)$pew!jSa%1}Ry)hA6KQHO*~TmAL^gzCr5jdgS`LV@~#lyviZ9m&%v94%sZ1yGxdt zxqd;DD_q$v^{u|IO}r0HRczNaK!t8aoou8P$*h~t)UNq+9D5z0r`M3TQOwK3Chynj zk^&A(<-aGmaX?k|B=%kE?d+nYS9a`T*?B8L3bZey$wSTc0N-f?Zlyh_j zjXz{ldX$%4tt_V@4!TT+hn4nuRWNc*?TNwv=pwu&;vBEGRMf|*;A*K-H6pyG?it8e z{~4-&8*QamdA6u_Y(-km>k1K&gMZWAPSEp zwevEqvq#M4WFs$BQB3TRG4z1(avOfe>;TBeN_Q~ZGnZ8jfZ%Nto06_HW6NSm7nWI; zxQNT4%U8AGwnj%s0ik%4S{uzjF7QZgP|uxN(mm{RYdpur0Z04!p=Paw=ARwXz~7a; zyF6QsReK@W772-galyynzTV#V4A?8AIs|_*mh^vxj?{2Qi=cxpDv`^Qi^i&`sHlSj zkIP0}ayPoWx-Kgm<{7)6XtoDX?tUQ|HUHgMUK+Z0?Xw9QKU0nz-=CY*E9UXRYzZ-J z2;sQh3+C!xfYquMyT^$}|2);~mff3QaVQ49z5R zGScCnOr(Qsh8c{N7?HeY$+hkI6LXF_iKG?!SUhdrzw;4n85(hBV4wni%ryJ%bPMyi zEEt_59d?Y7LF8P~e$rm}nECM%;}KYk2AyM=qg-%WI#pJm;3eO6e%eun_VGe&=Uz+sjW}Fna;c@`w<1Pbv^rL0d_L<;*$}IS&IRT@3q<76k zEzy9qLWw`V;(E7I$~T2QFDEi;pGTOewf8;EDqm-nhJ&xJ#}bD1L|IPD11^X$WxC$M zva+(c5{10?4wbqmidDw#7pi#ujW`pFI9iFHaouM-4$SS0jTT!Z) z#iCz3TCBo1&CbRs`=u*s?`l+-6VSFW7q|e_4zraqPCgiD9}-a_&eYzJ&FJXmueODo zDkIes<8N7iEugY{muI1Q)0jd?}yZl0rOYo2N)R*bC8$O33-V`N06 z8g!Kk*jDjE>(ra}hJX*ZNpWm>DEmyK2Yk!b@kvE8_d4bK3dlK&#MRVnoSo5i@es-TFQnpNo*x)@zaYZJ$4kN~TwAarpB`%&hfJX&^<= z$a=(xNtvDmQyA$y=~ngmR-})X=AhiIVqn>cs2!6WThWTmq0en=04V>)W#ua%z-pm;T!)o5^wp+ zdXy<5Gb7_4(k61ZkPvosNGddXYuCQtMMVOQ8ko`r)WAu8%0P4Lg5_}JLiV7%17 z;vXKbRFVaUlf>|A=@!J*WZnNjk~mG4EE~tPl)1~gENmMVx;;~MS@zTzi9{lmE{>E! zcbhi)#|1Hp4kB%*RxU1rR+l!%a|upI1C7E#cOcrfaeCVXg=0|gJ6#hAB^7-cr4VQk0ZjtEhvoc1(U+VJV{dA$hG?QSKdrcs!vCH5XaX$lahM!3g-PC6n=& zxY*dBl{o1%B)6jL+-`|79&-QIzmw{_hJ8-bSpRGD68v)o1=_)w;&3AqJ(8C(S%KH; z12qTBKg=$(L$#HjAC3s1)P>d898noEjUHp1A}k!}AdEOlGV%j?*4 z_fS`RShbV-_*`*~0_O9S{HdSlfDr%eqa34fRoBV8eU6}fL9>w|t@YrA3ZG)v&cerW zO=p=b(HDmvdg4{zsA(GIACzh9rc=)bnkt%C!j!Vpx$^-{riO3!_J>=)kQQFPGp#;X z=*?y-kykSgPkBSYb(8&rIKN0;&XCQ6;X2~ZUS*ks?f5Xw#)$sj*R7J0 z`WxGm+4kR<{;&`OQ6s_RsYBl^r1+}CZ-{CTgxLVD-a~G8HnQW=rV$af$s0Op%uk)6 z!`h6!``Pv{b1mH*p0K`GPuAv?7o0eXPY4VO^J++&p>>MU$#woUWa9F}M#Z2|ej zG)XXX(^9pJuB1&_!#$!ug06x6SFH}jN}S{;t*gllYS@USVLd_;tUq!y)xBleyc_p? z5a&RX0SOXMy8cCH0O==GE~dcMiI|*3Zxm;Z%>DebA)FECnO6Na{PS8EJ$e2^vr>(l zI(h@#;&jX-FpoBNieibaDM8Dh#s%?g)h%O4S`tpwt+7jw^kV|-6z<6W%rVe>VJ5?2 zlA|u35ogR?>Opa_wl`|vt=6lhW5pw=d+sh|2X7bQZlzbl8&U*UYS2> zhRXs`qpnLvlSP{{U&_8;Jo%hyyPpl)^GVq|eSWqYb|3yGYfg}Ki2dIR+1pK!yGMei z+^DCM9jjTq#DTZa=1Nsr(%WBuJ%W1+O(ti4_;^U2^GtbaogzXi=S3;Xwk|afvYD}X zb$%M&`!IMeT!W{($?28=`+Hlv_a&+|k7t71xdLlQED3iS*fkrAl^83nU!ec0)jsHk zeIgd_{pq&dn(X~eFeRhc*v|&c!L5p*5T0~C>;tcnM>H*UA)w*Mb)UTy8}i=V6!<{} zKJouM&~c5tY=Yba&W>EVje|zFx0IApUeYW3VJ0I(b|hY5!&$xJw^51GX(yc&$5Zs! z8t6!ZO6sX*lIP*X*?Lzw$pcEkJ{I%i8?M+NkKcITw({D*vJB6DFzEEZTb&d9(D?ey z6I--E-SMM1*`ngM-jlQTWV~yc81#|cw0Ul7DrQ%b7rRRl) z%n6Sf=ME7!LW%b2gP1=8RY7-JrS<6%HZvVm=tMLTiI(1K)lqBu1nlegq5EGIgq9V9M| z)Aaz77Z@245kl%FiO1xv-GrhGoIAdQq`MmFSP&Pd2^Xg%i2qkHgyJ@fH42kRZ*>F* zV_Q&#`LELKUS%psN%ht?>PnNu*G3zE{wuT|y__VYx&NnspC%Q{#wH{rUuu^lc@72! zHIj6(jVZziH>~N-AwjzO?`4lwyGRQ&&O4#n?J#K(u%cX9p^`E~K+RLY7~dz>;Ub|d z$3@G1C^1$J?6pb)H?vA88?uLs z$|o_-KbK(PRmNaN$-&8;))%DSbFBum=D-V{x&3gfhiAhyXIc8I2E~sHCNn*kx8hhw zM&6R}x13&wWw=3B6AP-W{3AOSV14Y@HWCq3GEv8KeD~o}OF}*$QO~q zy17k!&R*|}qqL6S1m+@Nj>|LWq>wg5d-GF{CG8HtZN#EoBV)0}V5;`%;@(DFm9F5go6uDWn<6*R!kGQDoEL#fKVdS+cY{JBqptt8|Uf&U>v7e^$Zf zcBvgcp9yIXyrgW;$g_2F*lXRo$MV~-!d!?Z&-m?WR_r+8XXm85VGFiYl9@RRHiSRY zHT}8Q;vw+t$n0hCr9*sdd@^)W52`&B31PTNXCdkA)M(c(Bk&Dd<5=$fC-ysl+^=ID_QQCrg=z4Q?TN9mFTA@mJgNuIY~TUYS!J>6mJ-y(Om|^q;%z@%8Bt}LBH#f!l zpXQ*XTQ(%nghi`N*v^(RJ+Q(UY|hdcDC*5@xTt22kK31&XusA_nLC?T({9NRag30b zn1BBQ-?rhaJuxY)ePHBpgk24T31`*TYB2)BN|9Icz)kr_(_8mw$n#0H*c00|X4?!_ z@+7nBKYlNOr_O0ZI(v3m+xb)$*2kE=9f_Q=dE&b8}|Qj$N$^R&-dd@5)qc9gn|EJIEu9H zcaae7`M&_s+tT)` zQ5J~_J|ZC@bT4=hhuOY_xZV7Q1}yC29F_;%l_B}QP&zotS7%~njhQ8(-22;cFSAnL zZi>yD1DPu^xao$r7cjPvvq1~~RE;!SM-Jfo_e_^Z*FalKiv(i-;-il9?BLy5o2E(_ z?G!|baI9A~quG$O5pa1b%B`3prazFzi}GKIE0m7bHGu$2N84P(mH(a8LC3#b+<*Hu z{=cTq=JE{=?Ku%P+baH5f^Si9ds*bxp$HM$3Ul0rEvN08@0WnUwD)G_ z6g16#T^#CyX(gIA1S7l*&Mx)rS2Y#+$$1XlH-E7yAZugkAY_MOn`sAxxAK8X5Z_|q#EF=HbqWvEjrt(c) z|BOt*SCe)t3j~ZgaD2TZE_f&Yx>(?=Q3>jN4$lOsm%Qn`bXtl9>$kErpUzG8LQbjA6nq2JC|0 zB&K|+Pk~=G-FiY!uv$86opE>bw*W%I5a+?6&CX%c7V&>SXarj)f56WByefAeN~JV+u(s(xO1rQkT8jW%yS!}aw5^_lGr*38}JuLise^X|K*n95(dS;njt z!Q%28%t`hctSm$1(_=QtH|YkCTUQF$QRQp6K-{?})OT8gIUp&d;H~mRYYAkaY*;Cv zvNL<+sZK+4Sm~4Qv!I~_T0?1xcXnbYaJAw*FDYYV0P7!}Tsb4V#c~YfGWfyFq}^Yk zh;N{%4>55~#|TrZ982h{V#ntAb{c8oZeS z{q7<0dC>dv^!MvW4XU?VlNn3JH@`BKDDx~us(k@ib8E0^d$XX8p-KMG5Z=wjCMr8? z_k&wE1_RFX&wj$CX;_-xm56T@w$9)eApnDt8L?|8ib@Lq8*y(P)#mo^4OXF0q=n+v z;_j|36e#X)rMSCW3k8aoLU1WAAy^0$Z=q;#2p$}QyX!nX=lrg`b7$UlXV%>L3)Uhe zd6H-C{r%`pSkH@x$eIJoe4asPtxK3i-V+r5q1*GG-`z3c@X5kL%TWVDnS`v&%odl1 zz=62f!{}&JdLkCni<}uzJvk`@yo`5urjO1hF_X?>M<8GO{4&ps9Bal5{F>@Qtyo|h zdnxkXmaFn%XGfwa&oRXK)KysUk+efvn$xEL=knkzvVDJ6pL?X!820tegGDcq;w9qu z;{oG*oTJc8r(URj@5y8aRL0MR-7W#q!39+}eA3u+0lLh{*352H&7`oX(=Fo(8MGEl zP0fly`Ac^A48y!^f};;6{VcI9mc^3O)2svL%<9H)XYR?sX#4CS4&)=rM&FNMH~s068<#=r{mglA1pK(B5%W6? zRhUdHhEW#KVZyy0=z}1W@Mi~2MP0k51ej|k$UvE#@AnmS9Cvb_V)S=itkYkF(g~9X zVmM^A4rYDNra7j+RI4cim-KW{SKq()-X`fRi&;J34V_KR80Zcm+crwTZKSLh*zoOD zhFVujB=j?$knH9$^|wrNw@6m_ioXrS-*eSDP)bxwnA)N zpk0<^JaxK96VLQcMS5IZ#lj+1zhqS20K!Vz30zi07Iex!o!^0aka<8)Ls!9-#mdOC zdDfplp{JaMg=dMH16WXafnB$v`Eh)ihVZxmB+E>PKV(b3l(Cf9$+81LX==2d|ZYwROnw>AklLDaRJuvMGqk_Z5M zEN>+rDK_w+XK?^}@vydD2VR6tkK4tZf2SR2`*{MyPM*>HN09Pd*7Dy$%9l~E)+?hl z3v-*_@l$4IW^MDWz&P-XA?*V%ynEz}*?;23T_V4HA*P~YP@swJTk{cTWsL@|_zV6Y zYP_hMyDlc~q%Nhl-0z~`VtlpE=OOKaBi9bob4uXN{gl!h_dRv?lM6iQKL_wc+$@fS;0pkE75+@8GJ=OZ2&WMk9EY=^3>VMV8Z)4{tO6+u^yK;(-KbxM?_%! z8DenFfE9tE(@OdvrEy-2=e6Uu{K?#`ug?CeV0#sAX>Hy&;49r%r5uDAxAW%4q(}RK zD=@0WJR$4?XSz<#KMdXFH_){jmy(Gm>!#0uakgL)T2iE}u(^paU>z_xmRpd4+C*8# zyblN~xPhup`24@*>nHYH%un}0q@z{kF5Gh-_Iq=A9;%MO; zNk?zT37_^jId)H!QP&A8krWIh;_EogI(sI`r=MA6I*(YlAoLo5S`Mx8hyk*^)*}!8 z6@|<~ww&ZA7;#3ccKoRo1A`x4-5rtnGZpkJ&+qvQu&32MV&5I)gk1p>=d>v$17Xa>8Rb zYL$j=Lc!U?tSzfYkMp;9YRgR6j0jq6VU_^fIy%*4f?u{5u27e_R?%QB%*6qFSm$`& zoyJxZ$lj#XKyMKwRRkT)p#GzpnbdWS@>4<=n>C865j=Ta?PDS;naql`6XidWeTh;? z?pw9rVjV%s!Ynm7D@*nfTN>I|(;`k!Hn!YqMINTT4^+_LR&V22vq~kM7O4;pl{wG? z>nIc%tOMvLahCzRFsyO98K8!{hx{$)vV)eW1Lk84?x*cZZUPkR#|orbqnAze?GQRl zgy2_Kqyvm9akKrB<&1FbjQxb2Q^S9!uXjVe9CZfW6LyHp>oEN60!xb(g&7rdJw+WJ?iQ#m;?C}*bRSVtXgQsu zgz9m!#t|?$)R51-Yt4!1cB)XA`i7Xz0#Va>VG|@5CM6Zt-et$+G{68o;=@mS@%Wsc zh65Ed+S5CjI3KtsAgJ?iMWO=vFGZqfe0ca^#fkP0al}doU-vTs*fN)EHf7+h`A^V? zaz;!miJ+bH{3!E}KZUo$Iw`&YSk(W6B=M~1;NalPmnYS{OWoT*fg4b__D5lG$z_s( zMzh8U{zpaPqu}t1JUy8t8S>PdKUFS!e)EliH^P5*l=S~3NPMAzmH?=ei=Usc3Rq#6 zBom@!QZyT|yqXC|VaD?SC|sB8hylB=Fe0+RhpR2)5=Z_dA zJ*|Gk{~UQTl{5XPb8hp*cVlw)bA1M`_pk0ifE4(bnPXp6FYWU3GBGhRc`XNjLt$lOv5p9kri+qq zR@7X|8v+b)Ya0H-vyA^c_m@{|%#mR&KmUyH?A(l(b|-TpMp!hmla@)UMY*YBW;bb5 zpf|ZiKO4dc&fUWapoO2$Bnb7&8c?Ikrp|U{rH%?KR9Cag6qAFR{Q&Vg>op*8<4RmR z1C-VJ?+|p{UEnJ=w!GRV2wi2rNEZr^s*zvXsN$bM5c*wg_A0JUq$o6X&CRax+Y0p3 znU~N`U-zDgJ*3jx^j`rgkB-~-wyfDQQ0uv*0n<%}&C#Y$+ItKBj1IaVEblHST8%j? zrPdYP!y1cR#f!pqEY?uO!CJBruT)A#gwaT}t;NcPR7I`Jc+u@ZIaV7W%ZF8Im=0AN zrLVxvPG92GNe&|qk6k;hIK)-!sExd4EVmBkj7#42Ffns7Z@7M$pVHTuSs^AbKzM`L zc_iYL*N`6QiUG_NGiGjG&9DvadeJCy(B`GdWU5@A()Dq`v?jLzBIj2P%r z3aFHCWPu%zu!Bh}jdqc>Gw7m7uW%+6WYMW=WN<#o$8uPTg+yn|^S$Y%Bs0Rr2lulw z_l`YbcnNsmbY|XpA$CAj7?&B>iv6GtLX-cT4zGpZ5o>(J)o1HMFBR zQnA&8yp&v|2YZjJvqw9g!kH@YE+IlzX407oEmt>CRH;`FntecC)OKXc1lo`^jxc%j zfphyst60iHoxUwaRB?*JSlFXZi@k%;@m;dY#*{|^!OoYQV`gNUYuec&cXf~TgEXYg z>P*(XDwxYjzV7g67qFO>^0vPjZiPzBdpaaf%j=1 zv0we9?yMOe8kd{(43|CseS5z#UB zo{{{%>U_nyz1`Znz%fmO!>DNx#?)H1;zhIeYvQn&n9M%nFi_?7$2fev==k5gv^1p&Q%kJx%#b_5bcbRMh-&Gm9yqV$jSm|C+44 zz#doc(XBDr%RDM6>V(ijo^OmKaNNs{uCJoSb!l3g9_o$AUH;yJ0N!fY1!>Pp^=g6> zp(kd0TA-TYF))U;zQ`=v7(X>@)N7Ls^5#D|_vk zdtd}hkvNvb*63)h6FqYze}V$>T^VkBsJP;~)bMCNt<;(dbN`fl9CEQ8v;^#(haOh^ z4*2vB$0L`PA)d)ygTs;8kO6hn%8Gs{U}`J)Jt6S&GZv~kV2r0%MOrYZ3o&Nxc6prz zS1O{&Fid`CJKfAZjHnKVDa z5^Xxulq>t6nZvt!vJw#%U`)J;B9T<;4Tc95%x|a_}fu?Gi=O46Qt@c9vjAMtD~-1hE}P4-p}$~EYp0vk)-vuo-9O}{=8b%@=@ z^vTlec2`YdxlzPcu8h4sWuCwKb;Zsx2{t6$(&%--rcG@v5{k*2S&SaVZV= z#jObl2!M)Sg9UMG+=w$>rBFyDV0f*+sR;BtXlWpjMo7r{60-BI8S;g8goO1(O>7+P zE?+Urc_@2xQ^EU8s7VMslimney4*ZH{L+7ntA9D)VbyfS>22tWq{5Fd2ixQ`f}$^*Xhc5BmKKQ?*;oEc5*4x64jLj zjH--Oiv9WPWRdtF!aLNwe(_JVu-mhFle|xC=Z9ylK|ia1?3O-+`8%HcqD^9Dm_xar z=L^RqzIv%`cEjJOXk>-A`xmKGpt# zK`3}C<67&FlgAQA_A3dkdnDvfYg6ueqA<3`1Fvv3de&~ls9@7#qW7Ptrx2(6;O(ED z;i4C2pJWdp{mSeNy~*SK*EJmmKG=#j6%~cAN0+|x%Z|I(2kn!NRl8olsWo{F<0I#v zb%YexZ!_GB+V}4K{#ZtQ>~#ih$-K6G zHAItZ?oD>KSt6iWpnZT?yJI=;e)wjf`F*iWD{1_`go z1bjy$Ggsyi7<&$$w*5p>>gZ~*rkGymr3%ru&=^TP&~ExXK=CJ%T9oX$F@{2)h?d`b zhm{XW)NlDKkQRwk%z?wGQH6q>h}zP_PVp?zI}27>ZOqYYq{k{@dR+XwRqiYX`3Hj; zt4yvux+VHW$pU=X=jSnaVQw?FtV#iGZ{$FFn(sC7tdvZ5zDjmtVVztalB`0EM`z~2zWuW!ggT$y8FWKz(D&>G#Nb@RdD+WPN`i4x-26|qSW&|sdq!vSBon^q>4EXGW_0UIfzd= zS2O;anBH7LblQi=TXu7>Om@3ZXw`6Utf5`T8mWo#!D`>{q#t47N$Itl+)Wn0dgwW^ zB1|rhVT2xefp3|67hN*unV|S%^K6$7p+&UK^ut}l`;{V4Cabv^meRond^~sgL=YHg= z6qGlSYXox6J@|KrJre$SnA<42in7rbyqo=BT|@ZqGQW*`kwma2Eed9-ZQ@P-f=hnC zG)hLdF^AWShs)Y>+O8Yo#SFhZnGA^^=!WSFv1GtUOn&dEITq%-Qg+>w<9rmNo6BXb zmmQVl8dlEo>$^tvXRS?G-^b=bl^`x)=sWqc&7h)tJuo80G~Cu6F~?KT#g2`}z~VU` z==_cfI;r-WxB4n&fr$h>4*sEPeTDA#`G{8^kGON%b=}cuBk}CodBy~R-R;^NX$^jb^2FMorosTdmnjd@=orl-ZUm^KlXO_UYSXqjN~sBG@&Qe^B13n(V{{>57~XhK>ixO46ic>Jy0>Wj4PHbWgN0*ND<^4&(e6 z7hv(1kBo@)^;D17(2(+bxXoQ*u={AX^aJWExfk{PMWklEsL?8p zWu3m5C_=)=-N+w`QQe$}C-q=NQpTw%4`TOdE}H5x!GGBFD<2_zVt-+FJ zAImn<`)(Rq-rUv+(qCLrwI(7z@u3JG3FP84(2TsR<@741<>tW+iSsdi$F>7Y6&D`i z?zs@6RvMDi_q+6O(0x_y2EuZpI>C0oMc}3vC6SRy<5To6Q=d%kmf%s6wJKk&f?Dqq zYniKEcN!$30s_lgx2B1}0;2wwgYB4n4pDhUacA;1sjguMP`p%jq@m^4fxZf-$dN{EU>F(vw>XDDe4W?$dG`@RVe>G<|Ef!THE)3nC2-+cK-=1Z3_Gb`{& zF1pHI07|`g5O0}C?I0&!jB)VBr+r2D@qnI|u9Fv843qDN{s|_XUev6;I+EQCyx|U3NXWA!;nyzp=BeXW;ocuXrVcM^bFGcJ8>SMI@Ux$yf?SVhJLsN88s->PT#WZh zP@AARqPNh(c?=DUZFmA8N)K5bt_joXY?w|ax7l-M;@$MXo7-nL*Nbw_lc|x%QyK33 zbEuk=gUI(Zm-g<2Y+JUru2sTg)!B@urf#^=Tx4@1CyO}_Q(9D-JL+Kx5mj&Y1T$^8 zq7F~ov8tz2_mcT5iq9z<)76S;CFl8xm?M^QTuJpF=d+n*P@@1#IsBM zk-tT_Y|i-VmGerL)6;<;=U+A=B4)77%kFv!xVb)TQN$^0%1HdkKcFNXEc2Wwvy{9n z0DJ3?0;XA&%A~v1@p0XH{UY`1YYOV&Lb8IwLyB}e^BQyO{D+US2;kZ)YYEmPqpP7x zO2~!~GQP&B5j)nxGMOA))hy#gWrM-JGh-PW*4|Ss&26ab?JMI{HOnX31))PpV+hyI z+4t!p@%DXis?zEgEz(ywLb-*A@&7kmeCXlu6dyAL8Pe*$Ch^eGjB z0k`_XrmVrT>j+~>V3fUemQ1}7EI;uD5&)qFL5AYrCz}nzf1&~L$OpHCsJ8shUQe1o z3ZLtLr}!-#@bB#J?;k98-A&wGngHZ#T6HNVrxN3(2&VsvdZAL)QLfVf@nfSlmM zDVJ%br)hP~<|=^-5}2f{34TQN$;N>|A6Yt?1$GM#Tz`<#k)x-gg(N#IlgJYop#Li+ zkuso3NOZKboScPmBPQ=L+ex_&bt2P@Kv&G)XH_VDojdqBHEndjXkGdCjNLWZrS7J9 zBl@tN`~{!)EFh7D`^_|TF2^-_(R$?grD4w~1b<>nNlDTDeRy3yPO6Y#=6pO5sT)fF ztCEGmi0xI}@4bd?%Y<($SoaUew(6#udmqBWYdPGf1%M)dC(g>pxUANHe4FvvSsU%ICN#GH0UwuW%SupT>7RX862nRDTk}0fssQV zl0ZLA->$oxS9CK6FUuW1#V^h!zV$?CZMO)v0mM8kWAlJjn@ZCmNR{rtHZh&-uc)0H zja$yVlwBy{lv`em>oLrW#B)%Yb1H}8D-$^r1*&cpap z+)jRLJC?d!V#M2D%SrJ)APZi5QSUbZO-Xz5oVvE;N96!`(!tT%PQ+>eF;|;JL|Jzg zj4mLP+j~3Hn%8jv*rbr9!-Y#r^bDZl#hswV_-L6TWSeCgar$}Xy!f$iQ!9!V|Uo#AinmW@%lw?CBRR6O^>6NpRi2q z^bX1`?Icad-VahaP`Str@hxmD&z*Y{L{&DDlAc}iYoqu}%tL$FT6tB`G!j=w>DAR(?m<{=Yl^+{5{Sf~1*znCM^*T^e(VLuTIsE9U#uL}D zGox~FG3@k04;1L-n5EV~!W5I_DB9Ecv%p+xwLw@ef&sI-FQj`3s1$)XXktEmlplh`Vq^LtyBDG;D}qELiHIX?#0si z#tBUwqe|cm3#G+SPLI6Qii~(!z7{{&BUN#oh!4Fz(%#9nT-v zO6Z=gk&nmmYwjC57}m5cc_mTGM-WmfA7?R% zc{1_pOIAToL!>TKWGS$Jb7C!C&t{esvFHr#wrPjY3@Uu%#XIFVVYx72S+-l)G=Ow_vEK@K)yu7?I zZS68XTvsjMoJ3N2c45O+08dzdKBYo;d&+1^=N9LH)hsN&OOc1fTnYMh;^pw-8Q1<*5 zgrGJZRCG1fNs~Z58~8^*KCZRc8w7v z4APO|rpeij%C72ZHBEm_Xf}{t$5@q5O4Z`_nJ;7N>jgzuV%Y>MkI1uZ|DT5TIYP44 zR+_vHr^9n4DUnZXb!QhZ^3$^((7vqBmRHnFbXI;BC&I($kk)jZ$Z7iN;qyVCA0=O` zbd|D%Oe{G#DvA?QkAnF;e2dM!@64wajxCapB^#AvdL;kcM4MA@xGtrr#&$IyQL)q_ z0#!?Kw<=~0ROcIuTWk86$JEQa)-n*T{qjF{P z>|5mgS}CoYij^J^V%g}v*zl@J$5wyvfw2Dc^-f8TWhP+2fojLr$500ESjOV4W=Ly*KjG>mHh3bg{vd!EF6TQ)yf zVaMAgO%78qsuT^2Me`58MMU4U5yBW{%6aJbDF{0FJc%If`z^bqz}ko_(dbHZ{DAJO zxLus8VW`?0U@niPl)9nSeq|BTfn3Xpk(V^J{H&p8Z2hcgXORM@jeQ30OlkUM8bJ0F+OehxJZjo=&B47lS_r9Od@q5gD@x|f{>F2`F>=eJ>z zZn_~1xlJ?L8fI?u9^Wlih5tq?0M>^ir5zW22z6Ef6DaJrnqz78uo)TZ%v}IPG~u_> zx$tD#=J?&X1B98q4!Y6k?uPl0Mqmv^k2S7YgQ-OvajGOX8ZhfVyLmhmCU?p2XC@~0 z@Q2PI^%o?7wPb%Yz`IjVmHpn%x-Z7On{s^F-mDYW^SKeJWIh8LjxtEmG*Oi!W%F1K zI*H$R4^>RoNXjlZ_YdJYsyt5QY3}^cYn$ICZ~SMVCyT^FvvIlj#9Hz;cZlRPA3>D8Wptih{1+FXm$(Bip0rxMmTKb8V@r_;Zv#}MwKjsn=m@70RN1_mcO zt;Nr>WJ>}yHB-%=#4s=4Jp5CEaXFMxHN9O;ZR$K=lwU)O{Q^^I1@xGVPskElQ(n7^ zq#8v#VAPWg)=qZfxBqPssZ#P!%Bq{@Pf7{!@Bl8pBKjwF^Z{M&bFc-E$iGZAJVnTW z(N8%!Ib&mEfAXdur7?j++g9hGdD5nWr_fTP16-HPi3F)1NyC3TCMy`=qXsLlS^ti0 z!B#0k2+L<3FIGLVf{Vs9po&fW!(lz!pg+X{en5u6 zb z*k8`7^81wKHt4oC=MIgnEOq05bmL3I1Yc@z9D~M2`;mUSqV4CxT0zpEOrpF!k7$eka3s7rCcC=WiGGSFN^LKGO zP~3C>z+C0Q!NIX7T9fZHn}_EF-2E)-7Dgc&a|M7+BW)u~5b=l5mkV!_*eoeN*DjaF(^!?1^*PRFz>#)n=8gSUKw`() zSJOnxC67nf$ZDhXGVH|#g9_!ioZ)yRsjQ~2Ui(FMa)E+xY429XS?MUxH(in~FWx%O ztMeW?JlI?%*N^7g-L$31EYOC9gv6bj+aKRa#&~N%823?nb@Aux>^o${-I)ptREvdx zBd8p+u0eeN?#ftAwE?_G?vMG<2fL`QlcMNVM~K@IX++M%sq~gPct4t)|a<@Fo;ue z`d$I~x-|-OmHFZwD&OW4F1SQidGg#reCKJA4~Nnq$&S#FwcF0P^=AvNNU8#co>2Vz z9t{`yS@H54`UPQFnGo;yLxXmNyVjNouDzIF3U-HL*9g=wVcK?_#3yO*`DXTN&zv`r zLTHO6|DhR*4!8Da=aGMQd;2D?6+K2{NXzVICED5WI%ABrHnpjqOg&eH?;pBGH>;0w zPxR8W+`)f5@rl$<7gau6;uIE7kzewbc$P=88SnAi)3td`D;%GII`qxE!*FP4Mwf3e zvK++7Wp|x)rp%XUY=eB+dHk+qX;7QP^wM}|HX9x zb9vc_s;WcxvM77_PF~@7Wb9hxq*6G`Q}^qkuR%2xAG&Z^EG@Nv++0(0`+bT*`Lu>- zwRSTYAoWV*UsYkuFckDZtBouT(9_Nws8lPGS7jMy0@AtgZ+~}BvAG({P$%z;vEwFF zmfeGH_En!@i#iC`PD~st4ODZ#Lgh~}W|Hj=__4VZY|C089;ek4c+Ih0!_8y}r z(XMJ5PwsemiEL9SbtEx+1bU>Z#R54q@6G_^%~Z4|801#d=t8YF7sMa%QR~bpW?|~H)5_}@4vkMgByG`g+m-Pq_wk;FOEC|MR8^r?k(`yhE0tDmrv>5tK@ZJ;Q`gvm$t0ISiri#Y$ z%F0>Kz2~~>pjV$<_z(t}yqAJ?u%(YB$q zN5?8(tz%u>vVS=o!bb>B)*6mUU_AN9ry(`5R`r)pqiy4{!#-}7p))xL@9opnEfi%+ zbu{m*H=EE2gT{?W(NlWxRV-(!n_d*|i*ZAotU71P>63xqGF-(L5ATT{{TCjK>kT|5 zV~>KS!rB8GcupLvxkZ^|iTtDkJNIWa-x9C%{<4DFwV$=FcwqSv6cGuC7maA{0X2ds z<)UG_bBO}xpQs3#2@sUE{*jfCTqZ2W(_`x6HN(-3IaL^9A)Quu$gJ_oAPe^M0ZDz; zI_LbPy;EtWcJ!QH6}NWD@M?3m;}aY`h1{L3vVs^~-s>4YuZy z;|T`>AhhO&VfE^~J=rd1kCj_u56i&Vy4-`ISYJGFz-V!lLo>zfY_4d~%|;u9PV($Z z9+3_N&792$fz9)ut|QTJLjgmCO%P1%ZGg@6*cxZ^rsCE8IB)F#-O=K9 zpxtP;9cbpO)D+!$!681k*es>}yVSkYNN7V&{WD;)p0yzP^Vev@pvpHvUx6)F^x1#^ z$dCVVO9ZN?8aTz6%faaEP~ivycRE6Q_Y?VHT7z2jfj8}aud88-3J%TR#=aLP6m$-b ziEQWXKhB2t=nz|er8|P#zqob(Q^upR(KzCZz&7vOxSG_{7a3HvR6%??z7(+UZ~mAG9CMesFjW?fB=qm!4LHuD@4NykDnBH`W?aTX3iJm0fP+%E zNaG|9=iK3Xnsa*z4!C6L;Sbke>x&-=`Z-jMb;bGs@j9pPr;iPtZ) zYVpi`Fm4)FtmZJ5>NW*s>1EG6_KB$b}t@Qqnp363dY$ve<2Dq6kgs{ zY|e10OY6Og23h#_Jgie^L|Hnh9Jt;RXJh`&?y^L7&EC}Ti{1R^Xbh#HJBcOTgj)lm zBfbLtzid(QexUL-BBDyV@8~;zn+@Qt+^f6U1X>gt-PY_w>q=@7ujkKURN4DV4wMc)qlXB0->R7?j3P7)(D%&HoauNdL= zX{<3J)kYTB4h}@6QOCcHwdRgt6!2`vI4i8_ebDA?bJyiEZh-gZ&*|rhiQ;KkaiK!QbTM7*D8JOyEL6ca16;*>GW?JN+{?<$iCOfeY45KpI@zLsDp*wQ ztvC7WBi>RcbBU@wLfMvG6%WFn%TSM6t>oKTW;VP0s}siE;-5|!Y;EWb(tXMkHz3(C zIXydp_GCtp-XJk}i{y)vn)h8@Q!%$}KPF2VkJdRib5QQVd~@ipQJLKLXuj_(SC2P% zL|+j{sOKrX_q)DL&5N8jHndg}v{x>25!pIuYI{Aa6xtE1OUJWvbRihw=@ppuW+~&M zL4jXnzV-FiluUVfrRO`kWi+$^^7zf_DAzR+l)^~}_^A>_ zg|e?6!#wD(l$Y`>SDV%_oW(E0cPmeO7%Hak#^>pKen>TGu&Na(!#jfqL?T|k={_;*-(;yw6s{TjEezbb4LYDy<1$2wFM%ZxJ zdq#EKx%`)X6H@5^EixN?pT&r^HTeTtCJ%4KigOGI4nX5FV& zQJ-tY*rg2pbau779#yKsuZjA7ipa!K&bVzbNfTzXwC-#05jK$u5z2Jooe}#M)5w!x zj?suqrJNm*xHNl8nTud9u+8k-Ti2_E$WDIyLq@L*{)>#J!@%qmc^8+HQQ`C@e*a-e zpec`GV99C6u=LIA1v%N)n!-0)j&x$5K^EOc{6%qDD%x7QsYW1dlrrH)lLz56zxUlk zq}cg3VH6F2GT}~GwfhIym=H;5w+#4a9WAw_d>+= zzQ;42U^F4s5w?4t4FPRF1)6xwOUJUDKgoIrV43i^9lL7G@V!vn6ldHx8mJlnO6n0_ z$U`of23vVM$xjr2B#_geVbW-xPr!;xR)?r{;Y=a}?|yzXDW8xJy{JjY`)tP5Uio{%tl)7b&>bE8pgrR_KLIEG zNK>lTS79-(?#6lR6LXH}a|xqQWA9%mYtoVCz1hq`<+sg#dnENOgYMg-=HRWZJPFLX zQKHE0$F*OR^klrlaTva;ya?PU+AF+yUAbdKX4f|){=V|J*wYY0aPBCvO|Wst`Rwh? z(;#GxWSPcOI(6!Vs-`%D^LO$zjd8;mbjey49{a2UdKz4Z&yNA&Ojc$)(Wi?G# zKjO^o_6-M^kI~zAlSH(Qp0U-HeG~nGim30CBf&Dyfc!w$TK-0 zSLz=F-Tk%OpZyI+yA()OgtREW|;gXW{LlD4<5JCO$UZ|c`)3uVQXEE~qg?A=fb zdrvgH9mh}}+k-q)0jJqUBi|GpyMGDLo9gp@$AmTsiIJ0-KT85Ns$e%;+I{&?^9p^AIx)|dsH}K{DZ@k_}XRP6sM2cEIJ{|Jn z#nnqBpwxXER-1o~GP$Yru^pIXl#pw^`^4^DN-8W4iB=jyt&-Vf5B_8vR3w;s&voj? zD)w}R1NZWSQJxwpq_DAT_24-X5m<*i!z?fYb3D>AQjA8fmsO#cHfOFcGR-wA|FY8l z6gXy12i_yZI&*>}f^d}xfH|%+k>l&r5 zC-YqGo$>@u0~CwBjm>x+g@#AJ^g^EcsIVxYG1#Gw8Rf5nKFi|4URCscm3^wF00Gd+sJl|BtN zc-Qz_iYn}9!k1GkC*EDk0t&yHD_uSzmkvyBL__=2;PC2;&`(}x&u;mN{EZlGYJMwI zU3RzU{mT+WjPs8r$ZH{{S{QfG5U5BX7yN9<>UD?tjPP44P_=cY1`X8pa_$aVaS#^My-~7yA ze#(GPGq;F=cUq}XfG}%khs;~LVYb`p6|jFg*7LLW!NCy)+j_Xvc!co}xC_ooMjUww zXbso8%jBwZ=46r2jgG#;a(XG197l9JMqkrd=?b(SlK!b$#iXjYX_Z&9bO3}8qHX^RU_GGS{<>Xp^ zC}yg8VcJUzp*o%OUH^y3oDZ++Wli@RcW`p%2Pdqk7A%-IdZjD0b!WB@SGG2Y&0!d$ z2x{#ToddDc#;y}?b&&EV6uroey|KUDR!cohS!-Xc_I_^CaEkJmLm_)(?L2d$tB0TH zp7=S}KQ*u)&JTY+ogQoB6Y0%Y+a4W--RG2cRC20MIQlr$ z+z7j{{mn~?Q?Kty##y4@n9{x@66W}Q|L7H)m6!;%xSq^Fjn_2IQel+k+g{IyB)iSr ziuAKPj?^>d(e$`62=iU}%H-om>E!?BC(?i6?c=K^%;N4xWHF(YXa&O@rM)y1V~N&M z)FIRlY=UuVmm}!918NYAOrwHBx(4>k*Wwa#lL3M@+6o=vhk|3izj;-U!tqC(-N>-Ex#!9h*xZ{izIt;WI0>8Cr+I&h{MX;gIp z0l`&SO?{S*WgR#h;qwB~Ylfx(%h(vqB$YT%#1thvv>X&hQ#{?Ry?T&P}pyWe-Zs+tYH z90G+LF=BNEYQtD=bI^p@pYJ&`vwB%A)Zz|`lHV*GZ2p7%>m)=B>yd}>9l{6uDMOUW zG~;75j}|aO@~HeN_Pv?`@cyTVsPaWLH?-js5Nn|L@5CDZXHNQTKQg!3+}hGmS2s=z z2iW`PRm%-=Rt|hq{wrLIh8|b7l-3?cfMl|8|9_WL{r6J}j*ke`B59>8JqwKo@SZQu zo)(TmJW)WeJpqdu$QEKc;h3lI+A3h^c@DayW#YNw0`n4rHt1Z#{;(ZC|L>12ptHWJ z7h?DXr4T@PTt!&#XN@mC?AoDyRkV#l4Q7jGlq_r$YJ~Q??QL?SYBL=@&d(dEc+?B@ zncn!$-3Dxx%2(?6DNmbn4}xP9RTTgaz;@pENb}e^NC2h?dBf>wMq46U;s%` zmVB8BY16DrwjvdrH$>Gf~(DmMC2K&qgCAVpD7I^obkn)D7LH9$}ZLPAw(qO?#2LJ*MN zTaYeAkQyM=1c>w=dT-AU&pH49?(9C#&d%)Y?7rbe%4A5pbKlqZ`h13ChfOmFy;3W1 zSP_Prn$py+`#XjY^r(iE9eW24aCd90?0xOa1QPc=W??VsuzSD^*gb zoW=YJ=x`AbRU9scaMi7t0%iTTSre|-yRiAbN+@KyEK{DrLHhL0Dk{OptN2vFPgE#d zQa|1zE}HWz)7o<-^L-G%no7^siE=1L!|j#h*_4kgkE9!Os&*ST$eIif=*d0KkvKFuW^V z<>gn0#CFGwM&Gv@XdQJrEEO2`Jtj$C7qok@4NRM=0((C?&)=Ui{Kpo#S-f)jy?Y}7b&so4=LPu4n$=Kk_EvQKOk1ceVFgc4P_~(|W z7mK?i#EQ=9ejdNFv91kZiD_A)?oRR)V z7pjjqw73`r{j|Y7`u%f`Yz@EU^-*8$m4UwovHgH zXQbkp{U&YRyZnGV(OsirsSIq5gI_)Leqz8#xI_acFO|eRX4KL&nR+x|s$G1OA|5o2R zHO0GZgCq1DjExT^er&y%_LZAiyFjMhL!|%B{vtTAENB01PTxJJua8`v+&*xLitKHi zsKhYGwu}NLS#13(aVX+Y(LeemJh#bbwxIFK*6BNEYEoZMAREYikOMicA)FAoQ@mY^ zI_m(Y!PQdxP}6wJ;#(%b#*jSZ+0Tca7z3jYM>0Mt{kea-n0=^Oy5C*QSyw^7wAYid z@`yW=EFh!zF_a*k$W)Mi7TK<*khUBmVZd;S%tLp~h%xDfsD01q{i?k2L@lPRtueYc z!M>)Nl~dhr$@y<$=&R%G6w<7%WQ=5{!H$jv?Xm_9g8HdLM3BDqb#rGM{`BSS0=_YQ znKW7^pPoq;%5hr#49z>UbkgpNR0i?gk|5N^+hq2^**RuDem%cYtrG1L9-X4iZBphh z7{1Nnoj%19ReT?=x(M&Er?SmECJfwjwEU~5 zus5ZB77Pxr>qXRQ$9=(^k14wt(E}I{TOb%&e;R2o$R}V83~0dS?*8u^&m~Q5iwM8Y zaYDr`h2{vUfn&fvMP1_tTwwUno*Af&{-4E`8_snB{$erxO<&dF?hv?u!hH(3Qn>Z9 z&E(|^C|L8b2HS%INrHsnS%&?N?V(lA=pS+yemPd;CrFK%M_Kp?fu2eTIGui?nFie1 z_a1lPR+S-dxlMs+g*Q88Br-0(wl@O)t#U#)r}o7VN5#c@{mz8Z<~oSk^oG)eL{#-J zYWO#w5%ZU8w=HySkDLOH=zKgfQH3#J%JYC=mLKj`i!pX`UFfn+kKw<#Rx@Teys`lG zQc5t41?Ij-Aic^A|LTRRHhLve9e?wEy*c{vejre2#3;vWo<<(W`x%eqOPVI+95*{( z^H#qk;)Op9sbA_vP$J0dRv<3Sc@W}bAGI0wIQNJY3OMq(u+v$XN5!|H;&ox7kKayT zFA|(PmST`8uw58@_6{TUp)aM>(tt<|>z7{9`~V%I9f}(3knGkD&sYyGLncT)20fN( zB1)4h+zLiymv+kDZG^JMSD@2sA3Lbr3qvqSlC5v)#qr#0nRlu%?0Dex zCLw&=dtm7lp?fuOl_qGzc0#~+pODCPQngS!HE?W8tnb{x&5s*{q!ozGjA{XP3D4{@!KuX4mYR6h54q)bt6wqSIg*mDf6 z-W>2N@{Iv$ME9aUU85(u=j87>Y|gTNrx(@Byi2!1)sh*HMWl5&Qs)Un)mXHQC0+kz zE8zly=2-`<0i!viSil8)^xV1Yab8$}jak8uu<(mLW@@gV$etj9pOfNuYRxqA+QmG@ zJPs~8n(jjZX2&>VA<8%_7^@1i;~UTZ8`Mc9Wtq~Dd_2ap$Y-LSHR=rwPuv+*J91E- zP$`q?s7X?zLxpxohMd&nbGDvp5cR4;=R=|{NY)1W0jIx}^z_CwR7u!H_`!e`iGhy& zM#qfx&*`lVZ69YXjhiKX!wj)4YdZ&Gim@n*NDaS%+BS15@JgyQyJBue;P4ktSxQ&s zyDod7XTjZ3XIWO?2|C9*_4m2aStX;y9h#=rB|+EzXjYbLkV#29TKfm=THsS&?A9lW z7URb|Bxfau^lSJuT2suQP9I;c`>9f2qZSM}%_aMEt)GuxlHQWDBP^ljs%J;CKTEe$ zWkF$m1*UnU2|Yj0I3sT#vJb>OePTAA)v-+O#F%m8R|+l>h=*pfCfBHFckR0e%P+|> ze^>h*U9`Ah>KYllV-+WiwfbhbZibk)uFK2(S&rgn|9*f(bL9mi+6{x!U55Xgz@cwu z%KoLukVKkmF6OE3TyF3f2<7vuC<TMXG5$*w<7OwBFxk7Yj;~3~J;`|! zbb~rNj$7;0#?$P(@A7^#O0(7kvxLI21=~;zp{FJbcB;!UeJ$|%o|h?7e#*mhq2t(} z1j*0S^yX~UIytot_vfAiP;|x6yj3b**PKH^p&+)c^k&(TPV1G5FbyW-?d#ujpnT^U zMc&nz15njj~J96h`ttTdzQi9~eom+fOP@#jfN^9$+gecGp6F@0+VT{t_Jw zK?qI;xALH#qX3IUEltgsMbca#hv>DqQ|5YQ9$g_m=4&1m1Apx-^;s_~K6W*Z5wLyCr&6`MnGuvRn1Z)d$N^QoDvdi|IPy7${zPX_AgftTT5@!#ul( zqFyyMYF#efEp-bGouEyS<+$Oy*c4$Ri|17YOC`5fTBN}dHD~UwI$p6xE9O@Wd;NU{ zp?$nL;pkK>p;Ety)4V99m4$DZ>oR#R?n~_cIBP>&UmK6`V!*C|e!;LRIGoh3o+58x zd5t%hqIu_}$$hl>aeo-Rk@wK)__noUjhffFUFip+7CEZxp9N4sf^b#}i7{kSnw z-Xbo0hpb*{|Kb*^o>hZY^7?~NThHibfni=lMU*)_HT8}PySHvwOej?!_Ga9^XFiZM z{Z3^3k#$}lWm7ZMKlpFYOZ=5kP#%gMmW1%jEH#`>d`F}n4F<8`=JJtSa(1yn@1OavJ6m{IDJbZP(U>HN?XXLWcL)jEx;h$? zc2bYewRap9A?n4;V7}RHrPJ5qemQE9nR#lVG;T7rS>;sj!d{UJi*i8Y8YsvG#OwG8p*uK?$pz5v2wfZ=$}&hfil__1#p}e7xvgvTZqFb|n_UOdVgMuHKzl$sfukB_ZK6jU>)oIV$sM zs#{bIXnc>pFV0pstMhjO7fQ@l>UsKoy}n(@@^p8#mn8MB!)9CS z*7lDB?s(b83~A6`jx)0c`Xr=~6Ow%JmGnYI}$>ys{4HSFy zG0>cQbU-^jjiDL@`sU5lTl?tUI<@I^{%RtVzcBe~UDtsCG8IfZRO~iW)f)8H;a~Z6P4}9XT6en)0RTNe9 zP0}ZVX_Qm+7@Y17NG|8vH$3D6D!~`MQZ(&V-A7CtQ3i_ac5qy=BHPipl>e9%d$6!3 zc4(0**aS9yUMm1ZDrV}LP2#u+u5z;+>nO4Lj9QG$GHKX22(;Y=hVFBcetdqq$tj9d zRXDUyy2a*Q5n*6IZ<>nkWojqc@U2W~;r-eKlZfwD^oq}c;}6Du9Y3&}B`xs{?rzSV zy{TVlTj%C)MPqMuM1tNT)^*%1Pr3K$AT>yU*ydf7LLpaE0YnM*_x32=Fy(PaN8+CL zBu^n~XfMM+*;4kANo#t=*xph?v&vJ~5YzbYRPLey?oQ&}#CUEVV#i%B82g{!h>1;8 z`jc&~%CW%QUa4xkqpx|a$@SIC{aE{*pTb=H4tFHi_BQ;cThZOrPmA1;8UjUqi4^Q2*}cl4b)O+MTJoEY#NneS z3IlOvsM|ME_&Mxw600{{$j5^k$BA4W$s0FjZYaO02`$LXOKQ&&e1OE?l6bQ<0a^eJx`X zyQnbwhHloVplS0wKIl~bSI@u~Cy z(Z^X;DjUjK{Y2;{HqU{)jDPHpwoKa3i;GV@&Ypr`*Lu+k{^j3}|BTaR*IEem1e+!Q zaOmmmO-`yy&b?gvJ&q3?k4_fq-69LRZ{0El^}e_mLleZac!)S#IEMK2?bxO-M7M-0KpBDvOLZwpzAf8KQaZYiuu{RN1Bq4L>c@P-NGMM19QnVQize z&3-sQPw(2KDU0$o6!92=6-(DZhXP`8&6Ee^-ejIs5(gxHYuBI_&#^7#VlmA0qnc_o z!e*9v;*o>Ah@a)2{-q@qX(zufrf+*gO2TMbN4Qr&$Z|zq5vnIWC|SSy&}WKFQYEC@ z1IfF z6_8o)SJ_LN`(ZjuxxVmEOJWs6W#C+S>{=6e;q6a_*0sZ5YaTbgN%ugcA=A25OqYed zAIQ7-0K0LT;GyC@$Vn$tgRqy!&7e1p!&Y$od1d;=fmHZ!+7Zn3|Gk{y|4y3m|Ieeq z94M)%PUFuuEeb6fdR$oGQziU0?yI=poqLb^t>i0qU)bgwPAboKH`>?$qW2$&58>e& zDk=w233K0z&x@EkODImG4$kXlQ7e9R^Tvls>@#d{@{~FYh98yhed`1bgY-1*yUPl`@R2 zCWQ}@&!8~hq*6m3XzUl5HTa$o&Q1txBPG*?)H~PD-({Mq{r&yGshEd6av?50CZ-D| zo7D2)7WoY!ob39r-^s8w_^+E0iO%e{0X^VHRp2B_?pn6#4Fh^mVl{4KvSelE zTXD{C6D?lDjIGueWTMU;m{W$aINLXTw%z5`Oe-N>d*~8-*K&(z@}!IsMaa3%5n=Rw z+`M#}vb$5DZo70YtYA&IvW7&cXvg5ypna%PQJA{=272{*-F9_5NGjCp+v@FU)U8(w z?S_7zz{|@`rMk-#BM1w-J+e+RQ$F}fMwR)5@jTV#!rMO6JIA{j;nyu#fLHCpbITA3 zRdSKgl*fJESO)T*P^bI(o|s1oI7=61?ev-+x4?`Ax*OIndwp}Ho#c$C-0XvSwv%F~ zcjF5E?pcqGmnsSIjnd+KC_oeVk}I{4D_&%U@@x64-+WJ|aY#T|f5q!r)=hXmVS=ts zN}}*g`)s5uE9?Vn<#2gd%l>xhSQgZSW!0eGYiW9UxIjBV%_2;aAQY0Zpo@K};vt>JmBQ-rH#-^T0c zq#p_F^b7=9-7Leh;~a3dgKbxu%?5WSW;iP5$}37gGt35=%~4~9Y}=HgxPO1Tvo}t6 z`KCkG5~x?loRsyIg4M@ZSXf90BRHmZfe%h^2S&y@_LkQ zBpia4Rp5sD9C-hPUw4>)U)R8%8 zxZMNCuJKXLDQuLDP&E7W4%l;+<|gj<6T{_qdSvU#2yp_ zGiiW=Qow_eXHsMMxo{2jxIpa3H@Ta(Cd2sw;U5U7I?Lkv(~fmFGq0E4PVD?#FDF-% zKQl-+>^`)znt!+HbvZ<-OQ~xPk@RX9MkA8tY{-Xy z6e%Q@6t7<-0V&UfuoXSSe_7ac9#Z;-8Oaha0Qu`DZB)HwC{ups!r5)fBA4-ig``SZ`%j2toG8hMKuKM*rvJmTwVX6p2>31v`#cQ zNwmNX9~_&6-43d_aRS**^2?S!Vq}farl1jiF{JGB%F8TyTw;#sz^qbOC$2Z!;M?(N z0^|k4eQ*{nPA(t3F4r2^@#d?bmRO&v<8+x)a;07hN{{Z$U-n!~OqV%!iW)`6-(=Ch zbt_dvT{V1t_mrka_yNK+X)!lbWnA?p_I>KOV;S5gXY{bRFs=|GJ!Y{K9!fx)4S6|f z%8b+P8Qy{A3{mNH-nq+RfU9-M3Be{~%i*Sz6{FYe=3l{%cO_4hO?-x5uamTJuBn9; zC+xTt&Ow1bb<@pjR}ugWcDb2%@ekeS(owLP_phHuFHfgHSo7K+ zh<2YC-7mE>u5KGgJ4W9gr8#j=5;0cs#CzEdmaZ*fG6(Uv?!Fn9kETfgwhTPg-2ovO z@R@7B68F@3b^7HAy!Ir@AX5|h6vfY_RYWW6)pMXQ6SPu0Q;cZ8y78GZ7$h2-Rcni@ zH7|HxTU~%!$rsoArqAH-?%}tqDgfRsr^F;V=M(*$VmJS7;geLbcmD&C4wgRo?28=L zRB+%)N&8y{&G4W3<^DUs;;%y|AZh%gvsAvz95xv^s+pdi9vs|&lGZx;MnOsWqopM> zLk4)6Bm)5`rBaJia}Z@&%F@mu;do9&zH7``wn#7LsHrZ6aMjIS}f7;Al~mTaL@GsMn=Ze$8`>ayf>=}`<(&}W5dHrz!kqp z6YrrKJR1`Gi3uRxt{|^sOk1+rM diff --git a/docsource/images/K8STLSSecr-basic-store-type-dialog.png b/docsource/images/K8STLSSecr-basic-store-type-dialog.png index 37d40bac6652fdec876a318be407ff02fc6d6cc0..1002e88527935229ce5f7502426b0f016f28ef7a 100644 GIT binary patch delta 446 zcmccnl*fD_Xutpe-}jSoZLO_=3=9nZt2;Y6gPQl&{{EI<_j$Jb-xu!Z z?f=_sm6@iv+5Z2Z&l4w3-2bC{{{o=WhDC>(_Wi#5e$uKpS67Gc|MhD1``Y)_S0?Fh zJ>-{lLuEs#mMAMw+4styPp7xHwblLqeLvWH+mbVCwKtY{$~5vaFc@U;3*G+zqyPVp zr_E!|M>ZAKUBtky8#zV4*-f~Y!2QK0dyl&U2y_XZ2sE1 zpN&)CV)X?;G4sc#mZkZ^#kw1SVpZSvUR);y7n?o-D3+YL{$sBRTx{_IpjdQ<*7MC_ v3=B*>V7IK_z{8~UdR7(((D!U05oU$}&n0>yGnXv{iZFP(`njxgN@xNAOHIVU delta 447 zcmccpl!-(6z5IRuf1QiVkyv|6HU@?dQ)bSXpD#yx3p& z<=v8r#Ir%nKh?Rx&X4JMYHxq0CNpjggL zn*$6COne}>L}zSXyMc#ENlH%dFVI75ATef!8%j$Izy1?+1d1?ty85}Sb4q9e00`>B AC;$Ke diff --git a/kubernetes-orchestrator-extension/Jobs/Management.cs b/kubernetes-orchestrator-extension/Jobs/Management.cs index d771d915..c1c13252 100644 --- a/kubernetes-orchestrator-extension/Jobs/Management.cs +++ b/kubernetes-orchestrator-extension/Jobs/Management.cs @@ -688,6 +688,12 @@ private JobResult HandleRemove(string secretType, ManagementJobConfiguration con var splitAlias = certAlias.Split("/"); if (Capability.Contains("K8SNS")) { + if (splitAlias.Length < 2) + { + var errMsg = $"Invalid alias format for K8SNS store type. Expected pattern: 'secrets//' but got '{certAlias}'"; + Logger.LogError(errMsg); + return FailJob(errMsg, config.JobHistoryId); + } // Split alias by / and get second to last element KubeSecretType KubeSecretType = splitAlias[^2]; KubeSecretName = splitAlias[^1]; @@ -695,6 +701,12 @@ private JobResult HandleRemove(string secretType, ManagementJobConfiguration con } else if (Capability.Contains("K8SCluster")) { + if (splitAlias.Length < 3) + { + var errMsg = $"Invalid alias format for K8SCluster store type. Expected pattern: '/secrets//' but got '{certAlias}'"; + Logger.LogError(errMsg); + return FailJob(errMsg, config.JobHistoryId); + } KubeSecretType = splitAlias[^2]; KubeSecretName = splitAlias[^1]; KubeNamespace = splitAlias[0]; diff --git a/scripts/store_types/bash/curl_create_store_types.sh b/scripts/store_types/bash/curl_create_store_types.sh old mode 100644 new mode 100755 index 45f8391c..d4ee47e9 --- a/scripts/store_types/bash/curl_create_store_types.sh +++ b/scripts/store_types/bash/curl_create_store_types.sh @@ -1,233 +1,576 @@ -###CURL script to create DER certificate store type +#!/usr/bin/env bash -###Replacement Variables - Manually replace these before running### -# {URL} - Base URL for your Keyfactor deployment -# {UserName} - User name with access to run Keyfactor APIs -# {UserPassword} - Password for the UserName above +# Creates all 7 store types via the Keyfactor Command REST API using curl. +# +# Authentication (first matching method is used): +# OAuth access token: KEYFACTOR_AUTH_ACCESS_TOKEN +# OAuth client creds: KEYFACTOR_AUTH_CLIENT_ID + KEYFACTOR_AUTH_CLIENT_SECRET +# + KEYFACTOR_AUTH_TOKEN_URL +# Basic auth (AD): KEYFACTOR_USERNAME + KEYFACTOR_PASSWORD + KEYFACTOR_DOMAIN +# +# Always required: +# KEYFACTOR_HOSTNAME Command hostname (e.g. my-command.example.com) +# +# Auto-generated by doctool generate-store-type-scripts — do not edit by hand. -export KEYFACTOR_USERNAME="" -export KEYFACTOR_PASSWORD="" -export KEYFACTOR_HOSTNAME="" -export KEYFACTOR_DOMAIN="" +if [ -z "${KEYFACTOR_HOSTNAME}" ]; then + echo "ERROR: KEYFACTOR_HOSTNAME is required" + exit 1 +fi + +BASE_URL="https://${KEYFACTOR_HOSTNAME}/keyfactorapi" -# Check environment variables are set -if [ -z "$KEYFACTOR_USERNAME" ] || [ -z "$KEYFACTOR_PASSWORD" ] || [ -z "$KEYFACTOR_HOSTNAME" ] || [ -z "$KEYFACTOR_DOMAIN" ]; then - echo "Please set the environment variables KEYFACTOR_USERNAME, KEYFACTOR_PASSWORD, KEYFACTOR_HOSTNAME and KEYFACTOR_DOMAIN" +# --------------------------------------------------------------------------- +# Resolve auth +# --------------------------------------------------------------------------- +if [ -n "${KEYFACTOR_AUTH_ACCESS_TOKEN}" ]; then + BEARER_TOKEN="${KEYFACTOR_AUTH_ACCESS_TOKEN}" +elif [ -n "${KEYFACTOR_AUTH_CLIENT_ID}" ] && [ -n "${KEYFACTOR_AUTH_CLIENT_SECRET}" ] && [ -n "${KEYFACTOR_AUTH_TOKEN_URL}" ]; then + echo "Fetching OAuth token..." + BEARER_TOKEN=$(curl -s -X POST "${KEYFACTOR_AUTH_TOKEN_URL}" \ + -H "Content-Type: application/x-www-form-urlencoded" \ + --data-urlencode "grant_type=client_credentials" \ + --data-urlencode "client_id=${KEYFACTOR_AUTH_CLIENT_ID}" \ + --data-urlencode "client_secret=${KEYFACTOR_AUTH_CLIENT_SECRET}" | jq -r '.access_token') + if [ -z "${BEARER_TOKEN}" ] || [ "${BEARER_TOKEN}" = "null" ]; then + echo "ERROR: Failed to fetch OAuth token from ${KEYFACTOR_AUTH_TOKEN_URL}" + exit 1 + fi +elif [ -n "${KEYFACTOR_USERNAME}" ] && [ -n "${KEYFACTOR_PASSWORD}" ] && [ -n "${KEYFACTOR_DOMAIN}" ]; then + BEARER_TOKEN="" +else + echo "ERROR: Authentication required. Set one of:" + echo " KEYFACTOR_AUTH_ACCESS_TOKEN" + echo " KEYFACTOR_AUTH_CLIENT_ID + KEYFACTOR_AUTH_CLIENT_SECRET + KEYFACTOR_AUTH_TOKEN_URL" + echo " KEYFACTOR_USERNAME + KEYFACTOR_PASSWORD + KEYFACTOR_DOMAIN" exit 1 fi -echo "Creating K8SCert store type" -curl -X POST "https://${KEYFACTOR_HOSTNAME}/keyfactorapi/certificatestoretypes" \ - -H "Content-Type: application/json" \ - -H "x-keyfactor-requested-with: APIClient" \ - -u "${KEYFACTOR_USERNAME}:${KEYFACTOR_PASSWORD}" -d \ -'{ - "Name": "K8SCert", - "ShortName": "K8SCert", - "Capability": "K8SCert", - "LocalStore": false, - "SupportedOperations": { - "Add": false, - "Create": false, - "Discovery": true, - "Enrollment": false, - "Remove": false - }, - "Properties": [ - { - "StoreTypeId;omitempty": 0, - "Name": "KubeNamespace", - "DisplayName": "KubeNamespace", - "Type": "String", - "DependsOn": "", - "DefaultValue": "default", - "Required": true - }, - { - "StoreTypeId;omitempty": 0, - "Name": "KubeSecretName", - "DisplayName": "KubeSecretName", - "Type": "String", - "DependsOn": "", - "DefaultValue": null, - "Required": true - }, - { - "StoreTypeId;omitempty": 0, - "Name": "KubeSecretType", - "DisplayName": "KubeSecretType", - "Type": "String", - "DependsOn": "", - "DefaultValue": "cert", - "Required": true - }, - { - "StoreTypeId;omitempty": 0, - "Name": "KubeSvcCreds", - "DisplayName": "KubeSvcCreds", - "Type": "String", - "DependsOn": "", - "DefaultValue": null, - "Required": true - } - ], - "EntryParameters": [], - "PasswordOptions": { - "EntrySupported": false, - "StoreRequired": false, - "Style": "Default" - }, - "StorePathType": "", - "StorePathValue": "", - "PrivateKeyAllowed": "Forbidden", - "JobProperties": [], - "ServerRequired": false, - "PowerShell": false, - "BlueprintAllowed": false, - "CustomAliasAllowed": "Forbidden" +if [ -n "${BEARER_TOKEN}" ]; then + CURL_AUTH=("-H" "Authorization: Bearer ${BEARER_TOKEN}") +else + CURL_AUTH=("-u" "${KEYFACTOR_USERNAME}@${KEYFACTOR_DOMAIN}:${KEYFACTOR_PASSWORD}") +fi + +create_store_type() { + local name="$1" + local body="$2" + echo "Creating ${name} store type..." + response=$(curl -s -o /dev/null -w "%{http_code}" \ + -X POST "${BASE_URL}/certificatestoretypes" \ + -H "Content-Type: application/json" \ + -H "x-keyfactor-requested-with: APIClient" \ + "${CURL_AUTH[@]}" \ + -d "${body}") + if [ "$response" = "200" ] || [ "$response" = "201" ]; then + echo " OK (HTTP ${response})" + else + echo " FAILED (HTTP ${response})" + fi +} + +# --------------------------------------------------------------------------- +# K8SCert — This can be anything useful, recommend using the k8s cluster name or identifier. +# --------------------------------------------------------------------------- +create_store_type "K8SCert" '{ + "Name": "K8SCert", + "ShortName": "K8SCert", + "Capability": "K8SCert", + "LocalStore": false, + "SupportedOperations": { + "Add": false, + "Create": false, + "Discovery": true, + "Enrollment": false, + "Remove": false + }, + "Properties": [ + { + "Name": "KubeNamespace", + "DisplayName": "KubeNamespace", + "Type": "String", + "DependsOn": "", + "DefaultValue": "default", + "Required": false + }, + { + "Name": "KubeSecretName", + "DisplayName": "KubeSecretName", + "Type": "String", + "DependsOn": "", + "DefaultValue": "", + "Required": false + }, + { + "Name": "KubeSecretType", + "DisplayName": "KubeSecretType", + "Type": "String", + "DependsOn": "", + "DefaultValue": "cert", + "Required": true + } + ], + "EntryParameters": [], + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": false, + "Style": "Default" + }, + "StorePathType": "", + "StorePathValue": "", + "PrivateKeyAllowed": "Forbidden", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Forbidden" +}' + +# --------------------------------------------------------------------------- +# K8SCluster — This can be anything useful, recommend using the k8s cluster name or identifier. +# --------------------------------------------------------------------------- +create_store_type "K8SCluster" '{ + "Name": "K8SCluster", + "ShortName": "K8SCluster", + "Capability": "K8SCluster", + "LocalStore": false, + "SupportedOperations": { + "Add": true, + "Create": true, + "Discovery": false, + "Enrollment": false, + "Remove": true + }, + "Properties": [ + { + "Name": "IncludeCertChain", + "DisplayName": "Include Certificate Chain", + "Type": "Bool", + "DependsOn": null, + "DefaultValue": "true", + "Required": false + }, + { + "Name": "SeparateChain", + "DisplayName": "Separate Chain", + "Type": "Bool", + "DependsOn": null, + "DefaultValue": "false", + "Required": false + } + ], + "EntryParameters": [], + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": false, + "Style": "Default" + }, + "StorePathType": "", + "StorePathValue": "", + "PrivateKeyAllowed": "Optional", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Required" +}' + +# --------------------------------------------------------------------------- +# K8SJKS — This can be anything useful, recommend using the k8s cluster name or identifier. +# --------------------------------------------------------------------------- +create_store_type "K8SJKS" '{ + "Name": "K8SJKS", + "ShortName": "K8SJKS", + "Capability": "K8SJKS", + "LocalStore": false, + "SupportedOperations": { + "Add": true, + "Create": true, + "Discovery": true, + "Enrollment": false, + "Remove": true + }, + "Properties": [ + { + "Name": "KubeNamespace", + "DisplayName": "KubeNamespace", + "Type": "String", + "DependsOn": "", + "DefaultValue": "default", + "Required": false + }, + { + "Name": "KubeSecretName", + "DisplayName": "KubeSecretName", + "Type": "String", + "DependsOn": "", + "DefaultValue": null, + "Required": false + }, + { + "Name": "KubeSecretType", + "DisplayName": "KubeSecretType", + "Type": "String", + "DependsOn": "", + "DefaultValue": "jks", + "Required": true + }, + { + "Name": "CertificateDataFieldName", + "DisplayName": "CertificateDataFieldName", + "Type": "String", + "DependsOn": "", + "DefaultValue": null, + "Required": false + }, + { + "Name": "PasswordFieldName", + "DisplayName": "PasswordFieldName", + "Type": "String", + "DependsOn": "", + "DefaultValue": "password", + "Required": false + }, + { + "Name": "PasswordIsK8SSecret", + "DisplayName": "PasswordIsK8SSecret", + "Type": "Bool", + "DependsOn": "", + "DefaultValue": "false", + "Required": false + }, + { + "Name": "IncludeCertChain", + "DisplayName": "Include Certificate Chain", + "Type": "Bool", + "DependsOn": null, + "DefaultValue": "true", + "Required": false + }, + { + "Name": "StorePasswordPath", + "DisplayName": "StorePasswordPath", + "Type": "String", + "DependsOn": "", + "DefaultValue": null, + "Required": false + } + ], + "EntryParameters": [], + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": true, + "Style": "Default" + }, + "StorePathType": "", + "StorePathValue": "", + "PrivateKeyAllowed": "Optional", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Required" +}' + +# --------------------------------------------------------------------------- +# K8SNS — This can be anything useful, recommend using the k8s cluster name or identifier. +# --------------------------------------------------------------------------- +create_store_type "K8SNS" '{ + "Name": "K8SNS", + "ShortName": "K8SNS", + "Capability": "K8SNS", + "LocalStore": false, + "SupportedOperations": { + "Add": true, + "Create": true, + "Discovery": true, + "Enrollment": false, + "Remove": true + }, + "Properties": [ + { + "Name": "KubeNamespace", + "DisplayName": "Kube Namespace", + "Type": "String", + "DependsOn": "", + "DefaultValue": "default", + "Required": false + }, + { + "Name": "IncludeCertChain", + "DisplayName": "Include Certificate Chain", + "Type": "Bool", + "DependsOn": null, + "DefaultValue": "true", + "Required": false + }, + { + "Name": "SeparateChain", + "DisplayName": "Separate Chain", + "Type": "Bool", + "DependsOn": null, + "DefaultValue": "false", + "Required": false + } + ], + "EntryParameters": [], + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": false, + "Style": "Default" + }, + "StorePathType": "", + "StorePathValue": "", + "PrivateKeyAllowed": "Optional", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Required" }' -echo "Creating K8SSecret store type" -curl -X POST "https://$KEYFACTOR_HOSTNAME/keyfactorapi/certificatestoretypes" \ - -H "Content-Type: application/json" \ - -H "x-keyfactor-requested-with: APIClient" \ - -u {UserName}:{UserPassword} -d \ -'{ - "Name": "K8SSecret", - "ShortName": "K8SSecret", - "Capability": "K8SSecret", - "LocalStore": false, - "SupportedOperations": { - "Add": true, - "Create": true, - "Discovery": true, - "Enrollment": false, - "Remove": true - }, - "Properties": [ - { - "StoreTypeId;omitempty": 0, - "Name": "KubeNamespace", - "DisplayName": "KubeNamespace", - "Type": "String", - "DependsOn": "", - "DefaultValue": "default", - "Required": true - }, - { - "StoreTypeId;omitempty": 0, - "Name": "KubeSecretName", - "DisplayName": "KubeSecretName", - "Type": "String", - "DependsOn": "", - "DefaultValue": null, - "Required": true - }, - { - "StoreTypeId;omitempty": 0, - "Name": "KubeSecretType", - "DisplayName": "KubeSecretType", - "Type": "String", - "DependsOn": "", - "DefaultValue": "secret", - "Required": true - }, - { - "StoreTypeId;omitempty": 0, - "Name": "KubeSvcCreds", - "DisplayName": "KubeSvcCreds", - "Type": "String", - "DependsOn": "", - "DefaultValue": null, - "Required": true - } - ], - "EntryParameters": [], - "PasswordOptions": { - "EntrySupported": false, - "StoreRequired": false, - "Style": "Default" - }, - "StorePathType": "", - "StorePathValue": "", - "PrivateKeyAllowed": "Optional", - "JobProperties": [], - "ServerRequired": false, - "PowerShell": false, - "BlueprintAllowed": false, - "CustomAliasAllowed": "Forbidden" +# --------------------------------------------------------------------------- +# K8SPKCS12 — This can be anything useful, recommend using the k8s cluster name or identifier. +# --------------------------------------------------------------------------- +create_store_type "K8SPKCS12" '{ + "Name": "K8SPKCS12", + "ShortName": "K8SPKCS12", + "Capability": "K8SPKCS12", + "LocalStore": false, + "SupportedOperations": { + "Add": true, + "Create": true, + "Discovery": true, + "Enrollment": false, + "Remove": true + }, + "Properties": [ + { + "Name": "IncludeCertChain", + "DisplayName": "Include Certificate Chain", + "Type": "Bool", + "DependsOn": null, + "DefaultValue": "true", + "Required": false + }, + { + "Name": "CertificateDataFieldName", + "DisplayName": "CertificateDataFieldName", + "Type": "String", + "DependsOn": "", + "DefaultValue": ".p12", + "Required": true + }, + { + "Name": "PasswordFieldName", + "DisplayName": "Password Field Name", + "Type": "String", + "DependsOn": "", + "DefaultValue": "password", + "Required": false + }, + { + "Name": "PasswordIsK8SSecret", + "DisplayName": "Password Is K8S Secret", + "Type": "Bool", + "DependsOn": "", + "DefaultValue": "false", + "Required": false + }, + { + "Name": "KubeNamespace", + "DisplayName": "Kube Namespace", + "Type": "String", + "DependsOn": "", + "DefaultValue": "default", + "Required": false + }, + { + "Name": "KubeSecretName", + "DisplayName": "Kube Secret Name", + "Type": "String", + "DependsOn": "", + "DefaultValue": null, + "Required": false + }, + { + "Name": "KubeSecretType", + "DisplayName": "Kube Secret Type", + "Type": "String", + "DependsOn": "", + "DefaultValue": "pkcs12", + "Required": true + }, + { + "Name": "StorePasswordPath", + "DisplayName": "StorePasswordPath", + "Type": "String", + "DependsOn": "", + "DefaultValue": null, + "Required": false + } + ], + "EntryParameters": [], + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": true, + "Style": "Default" + }, + "StorePathType": "", + "StorePathValue": "", + "PrivateKeyAllowed": "Optional", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Required" }' -echo "Creating K8STLSSecr store type" -curl -X POST "https://$KEYFACTOR_HOSTNAME/keyfactorapi/certificatestoretypes" \ - -H "Content-Type: application/json" \ - -H "x-keyfactor-requested-with: APIClient" \ - -u {UserName}:{UserPassword} -d \ -'{ - "Name": "K8STLSSecr", - "ShortName": "K8STLSSecr", - "Capability": "K8STLSSecr", - "LocalStore": false, - "SupportedOperations": { - "Add": true, - "Create": true, - "Discovery": true, - "Enrollment": false, - "Remove": true - }, - "Properties": [ - { - "StoreTypeId;omitempty": 0, - "Name": "KubeNamespace", - "DisplayName": "KubeNamespace", - "Type": "String", - "DependsOn": "", - "DefaultValue": "default", - "Required": true - }, - { - "StoreTypeId;omitempty": 0, - "Name": "KubeSecretName", - "DisplayName": "KubeSecretName", - "Type": "String", - "DependsOn": "", - "DefaultValue": null, - "Required": true - }, - { - "StoreTypeId;omitempty": 0, - "Name": "KubeSecretType", - "DisplayName": "KubeSecretType", - "Type": "String", - "DependsOn": "", - "DefaultValue": "tls_secret", - "Required": true - }, - { - "StoreTypeId;omitempty": 0, - "Name": "KubeSvcCreds", - "DisplayName": "KubeSvcCreds", - "Type": "String", - "DependsOn": "", - "DefaultValue": null, - "Required": true - } - ], - "EntryParameters": [], - "PasswordOptions": { - "EntrySupported": false, - "StoreRequired": false, - "Style": "Default" - }, - "StorePathType": "", - "StorePathValue": "", - "PrivateKeyAllowed": "Optional", - "JobProperties": [], - "ServerRequired": false, - "PowerShell": false, - "BlueprintAllowed": false, - "CustomAliasAllowed": "Forbidden" - } +# --------------------------------------------------------------------------- +# K8SSecret — This can be anything useful, recommend using the k8s cluster name or identifier. +# --------------------------------------------------------------------------- +create_store_type "K8SSecret" '{ + "Name": "K8SSecret", + "ShortName": "K8SSecret", + "Capability": "K8SSecret", + "LocalStore": false, + "SupportedOperations": { + "Add": true, + "Create": true, + "Discovery": true, + "Enrollment": false, + "Remove": true + }, + "Properties": [ + { + "Name": "KubeNamespace", + "DisplayName": "KubeNamespace", + "Type": "String", + "DependsOn": "", + "DefaultValue": null, + "Required": false + }, + { + "Name": "KubeSecretName", + "DisplayName": "KubeSecretName", + "Type": "String", + "DependsOn": "", + "DefaultValue": null, + "Required": false + }, + { + "Name": "KubeSecretType", + "DisplayName": "KubeSecretType", + "Type": "String", + "DependsOn": "", + "DefaultValue": "secret", + "Required": true + }, + { + "Name": "IncludeCertChain", + "DisplayName": "Include Certificate Chain", + "Type": "Bool", + "DependsOn": null, + "DefaultValue": "true", + "Required": false + }, + { + "Name": "SeparateChain", + "DisplayName": "Separate Chain", + "Type": "Bool", + "DependsOn": null, + "DefaultValue": "false", + "Required": false + } + ], + "EntryParameters": [], + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": false, + "Style": "Default" + }, + "StorePathType": "", + "StorePathValue": "", + "PrivateKeyAllowed": "Optional", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Forbidden" +}' + +# --------------------------------------------------------------------------- +# K8STLSSecr — This can be anything useful, recommend using the k8s cluster name or identifier. +# --------------------------------------------------------------------------- +create_store_type "K8STLSSecr" '{ + "Name": "K8STLSSecr", + "ShortName": "K8STLSSecr", + "Capability": "K8STLSSecr", + "LocalStore": false, + "SupportedOperations": { + "Add": true, + "Create": true, + "Discovery": true, + "Enrollment": false, + "Remove": true + }, + "Properties": [ + { + "Name": "KubeNamespace", + "DisplayName": "KubeNamespace", + "Type": "String", + "DependsOn": "", + "DefaultValue": null, + "Required": false + }, + { + "Name": "KubeSecretName", + "DisplayName": "KubeSecretName", + "Type": "String", + "DependsOn": "", + "DefaultValue": null, + "Required": false + }, + { + "Name": "KubeSecretType", + "DisplayName": "KubeSecretType", + "Type": "String", + "DependsOn": "", + "DefaultValue": "tls_secret", + "Required": true + }, + { + "Name": "IncludeCertChain", + "DisplayName": "Include Certificate Chain", + "Type": "Bool", + "DependsOn": null, + "DefaultValue": "true", + "Required": false + }, + { + "Name": "SeparateChain", + "DisplayName": "Separate Chain", + "Type": "Bool", + "DependsOn": null, + "DefaultValue": "false", + "Required": false + } + ], + "EntryParameters": [], + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": false, + "Style": "Default" + }, + "StorePathType": "", + "StorePathValue": "", + "PrivateKeyAllowed": "Optional", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Forbidden" }' -echo "Completed" \ No newline at end of file + +echo "Completed." diff --git a/scripts/store_types/bash/kfutil_create_store_types.sh b/scripts/store_types/bash/kfutil_create_store_types.sh old mode 100644 new mode 100755 index 1adad442..c447a8cf --- a/scripts/store_types/bash/kfutil_create_store_types.sh +++ b/scripts/store_types/bash/kfutil_create_store_types.sh @@ -1,29 +1,34 @@ #!/usr/bin/env bash -#export KEYFACTOR_USERNAME="" -#export KEYFACTOR_PASSWORD="" -#export KEYFACTOR_HOSTNAME="" -#export KEYFACTOR_DOMAIN="" +# Creates all 7 store types using kfutil. +# kfutil reads definitions from the Keyfactor integration catalog. +# +# Auth environment variables (first matching method is used): +# OAuth access token: KEYFACTOR_AUTH_ACCESS_TOKEN +# OAuth client creds: KEYFACTOR_AUTH_CLIENT_ID + KEYFACTOR_AUTH_CLIENT_SECRET +# + KEYFACTOR_AUTH_TOKEN_URL +# Basic auth (AD): KEYFACTOR_HOSTNAME + KEYFACTOR_USERNAME + KEYFACTOR_PASSWORD +# + KEYFACTOR_DOMAIN +# +# Auto-generated by doctool generate-store-type-scripts — do not edit by hand. -# Check kfutil is installed -if ! command -v kfutil &> /dev/null -then +if ! command -v kfutil &> /dev/null; then echo "kfutil could not be found. Please install kfutil" - echo "See the official docs: https://github.com/Keyfactor/kfutil#quickstart" - # Check if kfutil deps are already installed and if they are then provide the command to install kfutil from GitHub. - if command -v gh &> /dev/null || command -v zip &> /dev/null || command -v unzip &> /dev/null; - then - echo "To install kfutil, run the following command:" - echo "bash <(curl -s https://raw.githubusercontent.com/Keyfactor/kfutil/main/gh-dl-release.sh)" - fi + echo "See https://github.com/Keyfactor/kfutil#quickstart" + exit 1 fi -# Check environment variables are set -if [ -z "$KEYFACTOR_USERNAME" ] || [ -z "$KEYFACTOR_PASSWORD" ] || [ -z "$KEYFACTOR_HOSTNAME" ] || [ -z "$KEYFACTOR_DOMAIN" ]; then - echo "Please set the environment variables KEYFACTOR_USERNAME, KEYFACTOR_PASSWORD, KEYFACTOR_HOSTNAME and KEYFACTOR_DOMAIN" - kfutil login +if [ -z "$KEYFACTOR_HOSTNAME" ]; then + echo "KEYFACTOR_HOSTNAME not set — launching kfutil login" + kfutil login fi kfutil store-types create --name "K8SCert" +kfutil store-types create --name "K8SCluster" +kfutil store-types create --name "K8SJKS" +kfutil store-types create --name "K8SNS" +kfutil store-types create --name "K8SPKCS12" kfutil store-types create --name "K8SSecret" -kfutil store-types create --name "K8STLSSecr" \ No newline at end of file +kfutil store-types create --name "K8STLSSecr" + +echo "Done. All store types created." diff --git a/scripts/store_types/powershell/kfutil_create_store_types.ps1 b/scripts/store_types/powershell/kfutil_create_store_types.ps1 index e909e642..fe6bf043 100644 --- a/scripts/store_types/powershell/kfutil_create_store_types.ps1 +++ b/scripts/store_types/powershell/kfutil_create_store_types.ps1 @@ -1,23 +1,35 @@ -$username = [System.Environment]::GetEnvironmentVariable("KEYFACTOR_USERNAME", "User") -$password = [System.Environment]::GetEnvironmentVariable("KEYFACTOR_PASSWORD", "User") -$hostname = [System.Environment]::GetEnvironmentVariable("KEYFACTOR_HOSTNAME", "User") -$domain = [System.Environment]::GetEnvironmentVariable("KEYFACTOR_DOMAIN", "User") - -Set-Alias -Name kfutil -Value 'C:\Program Files\Keyfactor\kfutil\kfutil.exe' # Comment this out if you have kfutil in your PATH or somewhere custom - -if ((Get-Command "kfutil" -ErrorAction SilentlyContinue) -eq $null) -{ - Write-Host "kfutil could not be found in your PATH. Please install kfutil" - Write-Host "See the official docs: https://github.com/Keyfactor/kfutil#quickstart" -} - -if (-not $username -or -not $password -or -not $hostname -or -not $domain) { - Write-Host "Please set the environment variables KEYFACTOR_USERNAME, KEYFACTOR_PASSWORD, KEYFACTOR_HOSTNAME and KEYFACTOR_DOMAIN" - & kfutil login -} - -& kfutil store-types create --name "K8SCert" -& kfutil store-types create --name "K8SSecret" -& kfutil store-types create --name "K8STLSSecr" - - +# Creates all 7 store types using kfutil. +# kfutil reads definitions from the Keyfactor integration catalog. +# +# Auth environment variables (first matching method is used): +# OAuth access token: KEYFACTOR_AUTH_ACCESS_TOKEN +# OAuth client creds: KEYFACTOR_AUTH_CLIENT_ID + KEYFACTOR_AUTH_CLIENT_SECRET +# + KEYFACTOR_AUTH_TOKEN_URL +# Basic auth (AD): KEYFACTOR_HOSTNAME + KEYFACTOR_USERNAME + KEYFACTOR_PASSWORD +# + KEYFACTOR_DOMAIN +# +# Auto-generated by doctool generate-store-type-scripts — do not edit by hand. + +# Uncomment if kfutil is not in your PATH +# Set-Alias -Name kfutil -Value 'C:\Program Files\Keyfactor\kfutil\kfutil.exe' + +if ($null -eq (Get-Command "kfutil" -ErrorAction SilentlyContinue)) { + Write-Host "kfutil could not be found. Please install kfutil" + Write-Host "See https://github.com/Keyfactor/kfutil#quickstart" + exit 1 +} + +if (-not $env:KEYFACTOR_HOSTNAME) { + Write-Host "KEYFACTOR_HOSTNAME not set — launching kfutil login" + & kfutil login +} + +& kfutil store-types create --name "K8SCert" +& kfutil store-types create --name "K8SCluster" +& kfutil store-types create --name "K8SJKS" +& kfutil store-types create --name "K8SNS" +& kfutil store-types create --name "K8SPKCS12" +& kfutil store-types create --name "K8SSecret" +& kfutil store-types create --name "K8STLSSecr" + +Write-Host "Done. All store types created." diff --git a/scripts/store_types/powershell/restmethod_create_store_types.ps1 b/scripts/store_types/powershell/restmethod_create_store_types.ps1 index 7182d625..9cbe6ed1 100644 --- a/scripts/store_types/powershell/restmethod_create_store_types.ps1 +++ b/scripts/store_types/powershell/restmethod_create_store_types.ps1 @@ -1,229 +1,582 @@ -$username = [System.Environment]::GetEnvironmentVariable("KEYFACTOR_USERNAME", "User") -$password = [System.Environment]::GetEnvironmentVariable("KEYFACTOR_PASSWORD", "User") -$hostname = [System.Environment]::GetEnvironmentVariable("KEYFACTOR_HOSTNAME", "User") -$domain = [System.Environment]::GetEnvironmentVariable("KEYFACTOR_DOMAIN", "User") - -if (-not $username -or -not $password -or -not $hostname -or -not $domain) { - Write-Host "Please set the environment variables KEYFACTOR_USERNAME, KEYFACTOR_PASSWORD, KEYFACTOR_HOSTNAME and KEYFACTOR_DOMAIN" - exit -} - -$uri = "https://$hostname/keyfactorapi/certificatestoretypes" -$auth = [System.Convert]::ToBase64String([System.Text.Encoding]::ASCII.GetBytes("${username}@${domain}:${password}")) -$headers = @{ - 'Authorization' = "Basic $auth" - 'Content-Type' = "application/json" - 'x-keyfactor-requested-with' = "APIClient" -} - - - -Write-Host "Creating K8SCert store type" -$body = @" -{ - "Name": "K8SCert", - "ShortName": "K8SCert", - "Capability": "K8SCert", - "LocalStore": false, - "SupportedOperations": { - "Add": false, - "Create": false, - "Discovery": true, - "Enrollment": false, - "Remove": false - }, - "Properties": [ - { - "StoreTypeId;omitempty": 0, - "Name": "KubeNamespace", - "DisplayName": "KubeNamespace", - "Type": "String", - "DependsOn": "", - "DefaultValue": "default", - "Required": true - }, - { - "StoreTypeId;omitempty": 0, - "Name": "KubeSecretName", - "DisplayName": "KubeSecretName", - "Type": "String", - "DependsOn": "", - "DefaultValue": null, - "Required": true - }, - { - "StoreTypeId;omitempty": 0, - "Name": "KubeSecretType", - "DisplayName": "KubeSecretType", - "Type": "String", - "DependsOn": "", - "DefaultValue": "cert", - "Required": true - }, - { - "StoreTypeId;omitempty": 0, - "Name": "KubeSvcCreds", - "DisplayName": "KubeSvcCreds", - "Type": "String", - "DependsOn": "", - "DefaultValue": null, - "Required": true - } - ], - "EntryParameters": [], - "PasswordOptions": { - "EntrySupported": false, - "StoreRequired": false, - "Style": "Default" - }, - "StorePathType": "", - "StorePathValue": "", - "PrivateKeyAllowed": "Forbidden", - "JobProperties": [], - "ServerRequired": false, - "PowerShell": false, - "BlueprintAllowed": false, - "CustomAliasAllowed": "Forbidden" - } -"@ -Invoke-RestMethod -Method Post -Uri $uri -Headers $headers -Body $body -ContentType "application/json" - -Write-Host "Creating K8SSecret store type" -$body = @" -{ - "Name": "K8SSecret", - "ShortName": "K8SSecret", - "Capability": "K8SSecret", - "LocalStore": false, - "SupportedOperations": { - "Add": true, - "Create": true, - "Discovery": true, - "Enrollment": false, - "Remove": true - }, - "Properties": [ - { - "StoreTypeId;omitempty": 0, - "Name": "KubeNamespace", - "DisplayName": "KubeNamespace", - "Type": "String", - "DependsOn": "", - "DefaultValue": "default", - "Required": true - }, - { - "StoreTypeId;omitempty": 0, - "Name": "KubeSecretName", - "DisplayName": "KubeSecretName", - "Type": "String", - "DependsOn": "", - "DefaultValue": null, - "Required": true - }, - { - "StoreTypeId;omitempty": 0, - "Name": "KubeSecretType", - "DisplayName": "KubeSecretType", - "Type": "String", - "DependsOn": "", - "DefaultValue": "secret", - "Required": true - }, - { - "StoreTypeId;omitempty": 0, - "Name": "KubeSvcCreds", - "DisplayName": "KubeSvcCreds", - "Type": "String", - "DependsOn": "", - "DefaultValue": null, - "Required": true - } - ], - "EntryParameters": [], - "PasswordOptions": { - "EntrySupported": false, - "StoreRequired": false, - "Style": "Default" - }, - "StorePathType": "", - "StorePathValue": "", - "PrivateKeyAllowed": "Optional", - "JobProperties": [], - "ServerRequired": false, - "PowerShell": false, - "BlueprintAllowed": false, - "CustomAliasAllowed": "Forbidden" - } -"@ - -Invoke-RestMethod -Method Post -Uri $uri -Headers $headers -Body $body -ContentType "application/json" - -Write-Host "Creating K8STLSSecr store type" -$body = @" -{ - "Name": "K8STLSSecr", - "ShortName": "K8STLSSecr", - "Capability": "K8STLSSecr", - "LocalStore": false, - "SupportedOperations": { - "Add": true, - "Create": true, - "Discovery": true, - "Enrollment": false, - "Remove": true - }, - "Properties": [ - { - "StoreTypeId;omitempty": 0, - "Name": "KubeNamespace", - "DisplayName": "KubeNamespace", - "Type": "String", - "DependsOn": "", - "DefaultValue": "default", - "Required": true - }, - { - "StoreTypeId;omitempty": 0, - "Name": "KubeSecretName", - "DisplayName": "KubeSecretName", - "Type": "String", - "DependsOn": "", - "DefaultValue": null, - "Required": true - }, - { - "StoreTypeId;omitempty": 0, - "Name": "KubeSecretType", - "DisplayName": "KubeSecretType", - "Type": "String", - "DependsOn": "", - "DefaultValue": "tls_secret", - "Required": true - }, - { - "StoreTypeId;omitempty": 0, - "Name": "KubeSvcCreds", - "DisplayName": "KubeSvcCreds", - "Type": "String", - "DependsOn": "", - "DefaultValue": null, - "Required": true - } - ], - "EntryParameters": [], - "PasswordOptions": { - "EntrySupported": false, - "StoreRequired": false, - "Style": "Default" - }, - "StorePathType": "", - "StorePathValue": "", - "PrivateKeyAllowed": "Optional", - "JobProperties": [], - "ServerRequired": false, - "PowerShell": false, - "BlueprintAllowed": false, - "CustomAliasAllowed": "Forbidden" - } -"@ \ No newline at end of file +# Creates all 7 store types via the Keyfactor Command REST API +# using PowerShell Invoke-RestMethod. +# +# Authentication (first matching method is used): +# OAuth access token: KEYFACTOR_AUTH_ACCESS_TOKEN +# OAuth client creds: KEYFACTOR_AUTH_CLIENT_ID + KEYFACTOR_AUTH_CLIENT_SECRET +# + KEYFACTOR_AUTH_TOKEN_URL +# Basic auth (AD): KEYFACTOR_USERNAME + KEYFACTOR_PASSWORD + KEYFACTOR_DOMAIN +# +# Always required: +# KEYFACTOR_HOSTNAME Command hostname (e.g. my-command.example.com) +# +# Auto-generated by doctool generate-store-type-scripts — do not edit by hand. + +if (-not $env:KEYFACTOR_HOSTNAME) { + Write-Error "KEYFACTOR_HOSTNAME is required" + exit 1 +} + +$uri = "https://$($env:KEYFACTOR_HOSTNAME)/keyfactorapi/certificatestoretypes" +$headers = @{ + 'Content-Type' = "application/json" + 'x-keyfactor-requested-with' = "APIClient" +} + +# --------------------------------------------------------------------------- +# Resolve auth +# --------------------------------------------------------------------------- +if ($env:KEYFACTOR_AUTH_ACCESS_TOKEN) { + $headers['Authorization'] = "Bearer $($env:KEYFACTOR_AUTH_ACCESS_TOKEN)" +} elseif ($env:KEYFACTOR_AUTH_CLIENT_ID -and $env:KEYFACTOR_AUTH_CLIENT_SECRET -and $env:KEYFACTOR_AUTH_TOKEN_URL) { + Write-Host "Fetching OAuth token..." + $tokenBody = @{ + grant_type = 'client_credentials' + client_id = $env:KEYFACTOR_AUTH_CLIENT_ID + client_secret = $env:KEYFACTOR_AUTH_CLIENT_SECRET + } + $tokenResp = Invoke-RestMethod -Method Post -Uri $env:KEYFACTOR_AUTH_TOKEN_URL -Body $tokenBody + $headers['Authorization'] = "Bearer $($tokenResp.access_token)" +} elseif ($env:KEYFACTOR_USERNAME -and $env:KEYFACTOR_PASSWORD -and $env:KEYFACTOR_DOMAIN) { + $cred = [System.Convert]::ToBase64String( + [System.Text.Encoding]::ASCII.GetBytes( + "$($env:KEYFACTOR_USERNAME)@$($env:KEYFACTOR_DOMAIN):$($env:KEYFACTOR_PASSWORD)")) + $headers['Authorization'] = "Basic $cred" +} else { + Write-Error ("Authentication required. Set one of:`n" + + " KEYFACTOR_AUTH_ACCESS_TOKEN`n" + + " KEYFACTOR_AUTH_CLIENT_ID + KEYFACTOR_AUTH_CLIENT_SECRET + KEYFACTOR_AUTH_TOKEN_URL`n" + + " KEYFACTOR_USERNAME + KEYFACTOR_PASSWORD + KEYFACTOR_DOMAIN") + exit 1 +} + +function New-StoreType { + param([string]$Name, [string]$Body) + Write-Host "Creating $Name store type..." + try { + Invoke-RestMethod -Method Post -Uri $uri -Headers $headers -Body $Body -ContentType "application/json" | Out-Null + Write-Host " OK" + } catch { + Write-Warning " FAILED: $($_.Exception.Message)" + } +} + +# --------------------------------------------------------------------------- +# K8SCert — This can be anything useful, recommend using the k8s cluster name or identifier. +# --------------------------------------------------------------------------- +New-StoreType "K8SCert" @' +{ + "Name": "K8SCert", + "ShortName": "K8SCert", + "Capability": "K8SCert", + "LocalStore": false, + "SupportedOperations": { + "Add": false, + "Create": false, + "Discovery": true, + "Enrollment": false, + "Remove": false + }, + "Properties": [ + { + "Name": "KubeNamespace", + "DisplayName": "KubeNamespace", + "Type": "String", + "DependsOn": "", + "DefaultValue": "default", + "Required": false + }, + { + "Name": "KubeSecretName", + "DisplayName": "KubeSecretName", + "Type": "String", + "DependsOn": "", + "DefaultValue": "", + "Required": false + }, + { + "Name": "KubeSecretType", + "DisplayName": "KubeSecretType", + "Type": "String", + "DependsOn": "", + "DefaultValue": "cert", + "Required": true + } + ], + "EntryParameters": [], + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": false, + "Style": "Default" + }, + "StorePathType": "", + "StorePathValue": "", + "PrivateKeyAllowed": "Forbidden", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Forbidden" +} +'@ + +# --------------------------------------------------------------------------- +# K8SCluster — This can be anything useful, recommend using the k8s cluster name or identifier. +# --------------------------------------------------------------------------- +New-StoreType "K8SCluster" @' +{ + "Name": "K8SCluster", + "ShortName": "K8SCluster", + "Capability": "K8SCluster", + "LocalStore": false, + "SupportedOperations": { + "Add": true, + "Create": true, + "Discovery": false, + "Enrollment": false, + "Remove": true + }, + "Properties": [ + { + "Name": "IncludeCertChain", + "DisplayName": "Include Certificate Chain", + "Type": "Bool", + "DependsOn": null, + "DefaultValue": "true", + "Required": false + }, + { + "Name": "SeparateChain", + "DisplayName": "Separate Chain", + "Type": "Bool", + "DependsOn": null, + "DefaultValue": "false", + "Required": false + } + ], + "EntryParameters": [], + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": false, + "Style": "Default" + }, + "StorePathType": "", + "StorePathValue": "", + "PrivateKeyAllowed": "Optional", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Required" +} +'@ + +# --------------------------------------------------------------------------- +# K8SJKS — This can be anything useful, recommend using the k8s cluster name or identifier. +# --------------------------------------------------------------------------- +New-StoreType "K8SJKS" @' +{ + "Name": "K8SJKS", + "ShortName": "K8SJKS", + "Capability": "K8SJKS", + "LocalStore": false, + "SupportedOperations": { + "Add": true, + "Create": true, + "Discovery": true, + "Enrollment": false, + "Remove": true + }, + "Properties": [ + { + "Name": "KubeNamespace", + "DisplayName": "KubeNamespace", + "Type": "String", + "DependsOn": "", + "DefaultValue": "default", + "Required": false + }, + { + "Name": "KubeSecretName", + "DisplayName": "KubeSecretName", + "Type": "String", + "DependsOn": "", + "DefaultValue": null, + "Required": false + }, + { + "Name": "KubeSecretType", + "DisplayName": "KubeSecretType", + "Type": "String", + "DependsOn": "", + "DefaultValue": "jks", + "Required": true + }, + { + "Name": "CertificateDataFieldName", + "DisplayName": "CertificateDataFieldName", + "Type": "String", + "DependsOn": "", + "DefaultValue": null, + "Required": false + }, + { + "Name": "PasswordFieldName", + "DisplayName": "PasswordFieldName", + "Type": "String", + "DependsOn": "", + "DefaultValue": "password", + "Required": false + }, + { + "Name": "PasswordIsK8SSecret", + "DisplayName": "PasswordIsK8SSecret", + "Type": "Bool", + "DependsOn": "", + "DefaultValue": "false", + "Required": false + }, + { + "Name": "IncludeCertChain", + "DisplayName": "Include Certificate Chain", + "Type": "Bool", + "DependsOn": null, + "DefaultValue": "true", + "Required": false + }, + { + "Name": "StorePasswordPath", + "DisplayName": "StorePasswordPath", + "Type": "String", + "DependsOn": "", + "DefaultValue": null, + "Required": false + } + ], + "EntryParameters": [], + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": true, + "Style": "Default" + }, + "StorePathType": "", + "StorePathValue": "", + "PrivateKeyAllowed": "Optional", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Required" +} +'@ + +# --------------------------------------------------------------------------- +# K8SNS — This can be anything useful, recommend using the k8s cluster name or identifier. +# --------------------------------------------------------------------------- +New-StoreType "K8SNS" @' +{ + "Name": "K8SNS", + "ShortName": "K8SNS", + "Capability": "K8SNS", + "LocalStore": false, + "SupportedOperations": { + "Add": true, + "Create": true, + "Discovery": true, + "Enrollment": false, + "Remove": true + }, + "Properties": [ + { + "Name": "KubeNamespace", + "DisplayName": "Kube Namespace", + "Type": "String", + "DependsOn": "", + "DefaultValue": "default", + "Required": false + }, + { + "Name": "IncludeCertChain", + "DisplayName": "Include Certificate Chain", + "Type": "Bool", + "DependsOn": null, + "DefaultValue": "true", + "Required": false + }, + { + "Name": "SeparateChain", + "DisplayName": "Separate Chain", + "Type": "Bool", + "DependsOn": null, + "DefaultValue": "false", + "Required": false + } + ], + "EntryParameters": [], + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": false, + "Style": "Default" + }, + "StorePathType": "", + "StorePathValue": "", + "PrivateKeyAllowed": "Optional", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Required" +} +'@ + +# --------------------------------------------------------------------------- +# K8SPKCS12 — This can be anything useful, recommend using the k8s cluster name or identifier. +# --------------------------------------------------------------------------- +New-StoreType "K8SPKCS12" @' +{ + "Name": "K8SPKCS12", + "ShortName": "K8SPKCS12", + "Capability": "K8SPKCS12", + "LocalStore": false, + "SupportedOperations": { + "Add": true, + "Create": true, + "Discovery": true, + "Enrollment": false, + "Remove": true + }, + "Properties": [ + { + "Name": "IncludeCertChain", + "DisplayName": "Include Certificate Chain", + "Type": "Bool", + "DependsOn": null, + "DefaultValue": "true", + "Required": false + }, + { + "Name": "CertificateDataFieldName", + "DisplayName": "CertificateDataFieldName", + "Type": "String", + "DependsOn": "", + "DefaultValue": ".p12", + "Required": true + }, + { + "Name": "PasswordFieldName", + "DisplayName": "Password Field Name", + "Type": "String", + "DependsOn": "", + "DefaultValue": "password", + "Required": false + }, + { + "Name": "PasswordIsK8SSecret", + "DisplayName": "Password Is K8S Secret", + "Type": "Bool", + "DependsOn": "", + "DefaultValue": "false", + "Required": false + }, + { + "Name": "KubeNamespace", + "DisplayName": "Kube Namespace", + "Type": "String", + "DependsOn": "", + "DefaultValue": "default", + "Required": false + }, + { + "Name": "KubeSecretName", + "DisplayName": "Kube Secret Name", + "Type": "String", + "DependsOn": "", + "DefaultValue": null, + "Required": false + }, + { + "Name": "KubeSecretType", + "DisplayName": "Kube Secret Type", + "Type": "String", + "DependsOn": "", + "DefaultValue": "pkcs12", + "Required": true + }, + { + "Name": "StorePasswordPath", + "DisplayName": "StorePasswordPath", + "Type": "String", + "DependsOn": "", + "DefaultValue": null, + "Required": false + } + ], + "EntryParameters": [], + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": true, + "Style": "Default" + }, + "StorePathType": "", + "StorePathValue": "", + "PrivateKeyAllowed": "Optional", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Required" +} +'@ + +# --------------------------------------------------------------------------- +# K8SSecret — This can be anything useful, recommend using the k8s cluster name or identifier. +# --------------------------------------------------------------------------- +New-StoreType "K8SSecret" @' +{ + "Name": "K8SSecret", + "ShortName": "K8SSecret", + "Capability": "K8SSecret", + "LocalStore": false, + "SupportedOperations": { + "Add": true, + "Create": true, + "Discovery": true, + "Enrollment": false, + "Remove": true + }, + "Properties": [ + { + "Name": "KubeNamespace", + "DisplayName": "KubeNamespace", + "Type": "String", + "DependsOn": "", + "DefaultValue": null, + "Required": false + }, + { + "Name": "KubeSecretName", + "DisplayName": "KubeSecretName", + "Type": "String", + "DependsOn": "", + "DefaultValue": null, + "Required": false + }, + { + "Name": "KubeSecretType", + "DisplayName": "KubeSecretType", + "Type": "String", + "DependsOn": "", + "DefaultValue": "secret", + "Required": true + }, + { + "Name": "IncludeCertChain", + "DisplayName": "Include Certificate Chain", + "Type": "Bool", + "DependsOn": null, + "DefaultValue": "true", + "Required": false + }, + { + "Name": "SeparateChain", + "DisplayName": "Separate Chain", + "Type": "Bool", + "DependsOn": null, + "DefaultValue": "false", + "Required": false + } + ], + "EntryParameters": [], + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": false, + "Style": "Default" + }, + "StorePathType": "", + "StorePathValue": "", + "PrivateKeyAllowed": "Optional", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Forbidden" +} +'@ + +# --------------------------------------------------------------------------- +# K8STLSSecr — This can be anything useful, recommend using the k8s cluster name or identifier. +# --------------------------------------------------------------------------- +New-StoreType "K8STLSSecr" @' +{ + "Name": "K8STLSSecr", + "ShortName": "K8STLSSecr", + "Capability": "K8STLSSecr", + "LocalStore": false, + "SupportedOperations": { + "Add": true, + "Create": true, + "Discovery": true, + "Enrollment": false, + "Remove": true + }, + "Properties": [ + { + "Name": "KubeNamespace", + "DisplayName": "KubeNamespace", + "Type": "String", + "DependsOn": "", + "DefaultValue": null, + "Required": false + }, + { + "Name": "KubeSecretName", + "DisplayName": "KubeSecretName", + "Type": "String", + "DependsOn": "", + "DefaultValue": null, + "Required": false + }, + { + "Name": "KubeSecretType", + "DisplayName": "KubeSecretType", + "Type": "String", + "DependsOn": "", + "DefaultValue": "tls_secret", + "Required": true + }, + { + "Name": "IncludeCertChain", + "DisplayName": "Include Certificate Chain", + "Type": "Bool", + "DependsOn": null, + "DefaultValue": "true", + "Required": false + }, + { + "Name": "SeparateChain", + "DisplayName": "Separate Chain", + "Type": "Bool", + "DependsOn": null, + "DefaultValue": "false", + "Required": false + } + ], + "EntryParameters": [], + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": false, + "Style": "Default" + }, + "StorePathType": "", + "StorePathValue": "", + "PrivateKeyAllowed": "Optional", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Forbidden" +} +'@ + + +Write-Host "Completed."