From bf8231a835f0df2fd39ad741306edbd3d832042f Mon Sep 17 00:00:00 2001 From: Ulf Bjorkengren Date: Thu, 21 Sep 2023 18:14:23 +0200 Subject: [PATCH] Tutorial update. Signed-off-by: Ulf Bjorkengren --- tutorial/content/_index.md | 25 ++++----- tutorial/content/build-system/_index.md | 24 ++++++++- .../server/Access-control-servers/_index.md | 46 ++++++++++++++++ tutorial/content/server/_index.md | 50 ++++++++++++++++++ tutorial/static/images/fav.png | Bin 0 -> 1953 bytes tutorial/static/images/vissv2.png | Bin 14154 -> 14301 bytes 6 files changed, 127 insertions(+), 18 deletions(-) create mode 100644 tutorial/content/server/Access-control-servers/_index.md create mode 100644 tutorial/static/images/fav.png diff --git a/tutorial/content/_index.md b/tutorial/content/_index.md index 2c658e67..a8d6412f 100644 --- a/tutorial/content/_index.md +++ b/tutorial/content/_index.md @@ -1,25 +1,18 @@ --- -title: "W3C Vehicle Information Signal Specification ver 2, VISSv2 Tutorial" +title: "W3C Vehicle Information Service Specification ver 2 Reference Implementation Tutorial" --- -# W3C Vehicle Information Signal Specification ver 2 +## W3C Vehicle Information Service Specification ver 2 Reference Implementation Tutorial -This W3C specification, soon to become a W3C standard, is developed at the [W3C/automotive github](https://github.com/w3c/automotive), -and this Github contains a reference implementation in the form of a server that exposes an interface according to the specification. +The W3C VISSv2 specification, soon to become a W3C standard, is developed at the [W3C/automotive github](https://github.com/w3c/automotive). +A reference implementation in the form of a server that exposes an interface according to the specification is developed on this repo. -Also found on this Github are implementations of other components that are needed to realize a communication tech stack, from clients to the underlying vehicle system. -These components can be categorized as follows: +Also found on this repo are implementations of other components that are needed to realize a communication tech stack that reaches from clients through the server and to the underlying vehicle system interface. + +These software components (SwCs) can be categorized as follows: * server * client * data storage * feeder -## Server - - -## Client - - -## Data storage - - -## Feeder +The tutorial describes each SwC in a separate chapter. +It also contains a few Proof of concept (POC) examples, and information about installing, building and running Golang based SwCs. diff --git a/tutorial/content/build-system/_index.md b/tutorial/content/build-system/_index.md index 4704230a..cf2697d3 100644 --- a/tutorial/content/build-system/_index.md +++ b/tutorial/content/build-system/_index.md @@ -2,10 +2,30 @@ title: "VISSv2 Build System" --- +## Installing Golang + Most of the code at this repository is written in Golang, so in order to use this repo Golang must be installed on the computer. -## Installing Golang on Ubuntu +Searching for "install golang" gives many hits, of which this is one: + +[How to install Go (golang) on Ubuntu Linux](https://www.cyberciti.biz/faq/how-to-install-gol-ang-on-ubuntu-linux/). + +For other operating systems [this](https://go.dev/doc/install) may be helpful. + +## Building and running + +As several of the Golang based Sw components on this repo can be started with command line input to configure its behavior, +it is suitable to first build it (in the directory of the source code) + +$ go build + +and then run it +$ ./'name-of-executable' 'any-command-line-config-input' -## Installing Golang on Mac +If the SwC supports command line configuration input it is possible to add "-h" (no quotes) on the command line, which will then show a help text. +Checking the first lines of the main() function in the source code is another possibility to find out. +If there is any calls to the "github.com/akamensky/argparse" lib then it is used. +As the configurations have a default it is always possible to run it without adding any comand line configuration input. +The configuration possibilities of the different SwCs are described in the respective chapters of this tutorial. diff --git a/tutorial/content/server/Access-control-servers/_index.md b/tutorial/content/server/Access-control-servers/_index.md new file mode 100644 index 00000000..96474cde --- /dev/null +++ b/tutorial/content/server/Access-control-servers/_index.md @@ -0,0 +1,46 @@ +--- +title: "VISSv2 Access Control Servers" +--- + +The [VISSv2 access control model](https://raw.githack.com/w3c/automotive/gh-pages/spec/VISSv2_Core.html#access-control-model) specifies two authorization servers: +* Access Grant server +* Access Token server + +### Access Grant server +This server is in a typical scenario running in the cloud. It is built as a separate executable in the WAII/server/agt_server directory + +$ go build + +and run by + +$ ./agt_server + +It exposes an HTTP API according to the VISSv2 specification. However it is currently not TLS protected (which is a must in non-development scenario). +What is also missing in the AGS implementation is authentication of the client, which according to the specification should be an AGT task. + +### Access Token server + +This server runs as a thread within the vissv2 server, so it is built by the vissv2 build command. +For it to be built, it is necessary to make sure that the "atServer" line in the serverComponents array in the vissv2server.go code is uncommented: +``` +var serverComponents []string = []string{ + "serviceMgr", + "httpMgr", + "wsMgr", + "mqttMgr", + "grpcMgr", + "atServer", +} +``` +If it is part of the vissv2server build, and if a VSS node is access control tagged, +the server will then forward the access token received in the client request to the ATS for validation. + +The ATS will as part of the validation also use the VISSv2 specified policy documents if they are found in the working directory. + + +### VISS web client submodule + +This submodule implements a [VISSv2 web client](https://github.com/nicslabdev/viss-web-client/) +that exposes a UI that is considerably more sophisticated than what other clients on the WAII repo exposes, +and it is particularly helpful when it comes to the client interactions with access control involved. +Check out the README on both repos for more information. diff --git a/tutorial/content/server/_index.md b/tutorial/content/server/_index.md index 502989c9..577d7acb 100644 --- a/tutorial/content/server/_index.md +++ b/tutorial/content/server/_index.md @@ -4,3 +4,53 @@ title: "VISSv2 Server" The VISSv2 server is the Sw component that implements the interface that is exposed to the clients, and that must conform to the W3C VISSv2 specification. +### Build the server +Please check the chapter [VISSv2 Build System](/automotive-viss2/build-system) for general Golang information. + +To build the server, open a erminal and go to the WAII/server/vissv2 directory and issue the command: + +$ go build + +### Configure the server + +#### VSS tree configuration +The server has a copy of the VSS tree that it uses to verify that client requsts are valid - +that there is a node in the tree that corresponds to the path in a request, if a node requires an access control token, etc. +The tree parser that is used expects the tre to have the 'binary format' that one of the VSS-Tools genertes from the vspec files. +To generate this the [VSS repo](https://github.com/COVESA/vehicle_signal_specification) must be cloned including the VSS-Tools submodule, +and a file containing the binary representation must be created, which is done with the following command issued in the root directory. + +$ make binary + +This generates a file with a name like 'vss_rel_4.1-dev.binary', +which then needs to be renamed to 'vss_vissv2.binary' and stored in the WAII/server/vissv2server directory. + +If you want to configure the tree to include access control, access control tags as described in the +[VISSv2 - Access Control Selection chapter](https://raw.githack.com/w3c/automotive/gh-pages/spec/VISSv2_Core.html#access-control-selection) needs to be added to appropriate tree nodes. +This can either be done by editing vspec files directly, or using the [VSS-Tools](https://github.com/covesa/vss-tools) overlay mechanism. + +#### Command line configuration +The server has the following command line configurations: +* Data storage implementation. Select either to use an SQLite implementation (-s sqlite) or a Redis implementation (-s redis). Default is SQLite. +* Data storage file name (--dbfile 'file-name'). Only relevant for SQLite configuration. Default is "serviceMgr/statestorage.db". +* Request the server to generate a pathlist file, then terminate (--dryrun). Default is not to terminate after generating it. +* Pathlist file name (--vssjson 'file-name'. Default is "../vsspathlist.json". +* UDS path for history control (--uds 'file-name'). Name of the Unix domain socket file. Default is "/var/tmp/vissv2/histctrlserver.sock". +* Level of logging (--loglevel levelx). Levelx is one of [trace, debug, info, warn, error, fatal, panic]. Default is "info". +* Whether logging should end up in standard output (false) or in a log file (true) (--logfile false/true). The default is 'false'. + +#### Data storage configuration +To be written... + +#### Protocol support configuration + +The server supports the following protocols: +* HTTP +* Websockets +* MQTT (with the VISSv2 specific application protocol on top) +* gRPC + +The message payload is identical for all protocols at the client application level (after protocol specific modifications are restored). + +The code is structured to make it reasonably easy to remove any of the protocols if that is desired for reducing the code footprint. +Similarly it should be reasonably straight forward to add new protocols, given that the payload format transformation is not too complicated. diff --git a/tutorial/static/images/fav.png b/tutorial/static/images/fav.png new file mode 100644 index 0000000000000000000000000000000000000000..25d01eca20ac32823242e5f7554a11c872fc2fcf GIT binary patch literal 1953 zcmeAS@N?(olHy`uVBq!ia0vp^3LwnE1|*BCs=fdzmUKs7M+SzC{oH>NSwWJ?9znhg z3{`3j3=J&|48MRv4KElNN(~qoUL`OvSj}Ky5HFasE6@fg!CBxDSE(HYzo1&C7s~{IQsCFRFRw<*Tq`*pFzr4I$uiRKKzbIYb(9+UU-@r)U$VeBc zLbtdwuOzWTH?LS3VhGF}m(=3qqRfJl%=|nBkhzIT`K2YcN=hJ$-~i&zlFT%OO?kyo zZvj2150cS0)HBe>rY*H16NfgC3`85)Ul8kTK!#cQ7iFdb9Sm}oouLib0u(WX^K3w- zSUKnCT( ztv33ga77AdNF;(qfw5@EWup&I5q4Z#Gq*$l^M|{qi(^QH``+o^8g;QE$EN=-bWFmpGl%Nx-8{U!nmaE{ zdSU9pE6+Indw1@wqVqyKvr0-!J?rcDf7`2~#ImA`#ogWg z(%rkd$B!SEIx}fip@zZVGiQ8u?%LI*!dh8b`S4!7!PXDjT3SJ-KxgjLT*{*J^Uj?) zJUl!TmDmpshROF67;mo0aq`g7 z)ALGBUVP>1)st7QOqnu$`suGhE1NanD17L4*w>58yk`D7z(0 zYgzpC(5kXr$1Syj9;c)CvhrFb&1q6Nk|n*Sn>qR4>?wNxj(iK}UVTr%*Gpja8$BhK zGnO5u@^daW?ER@wec`3yjJdk3UaiOe$v$y)TDpGy`h8xD=5ib;Ulgqwf7($&bK8>@ z>(}%5w|Q)wT>0x`*`rWS?RSL+MS31$TMjZj-u90zN#OLe6N&jwwX*FJFPUy1@RwI% zJGQrzA^Bke*Ayka#~1B9lvJaXc%1J4_$A5e!)w0qt8RztR_)I}9&lS(TbrtFJo!-T zx4ZmOi>j+1nBs2>Z>*W}OYA1ohgVM|&(B`JcCGJf?x4f1p}o3xKPJtIIPyh}-HtV8 zN6+@{+kwt~zyAM>A0h>bSprM8Z3{CqH~;#*+ofmn47aOy%+1YL^Pc?J8TQqDfrAdm zNr`uV&)YB8TXAC5qtZRww=aJj8XEd*vD4L@kn-vOc_!8~L>)Q)rupQQ98ksM>FVdQ I&MBb@0Grb3yZ`_I literal 0 HcmV?d00001 diff --git a/tutorial/static/images/vissv2.png b/tutorial/static/images/vissv2.png index 8ec3aebe9c680e8e6d64fc14fe6afb129bee3dae..e1d85759e893dcee59ff7f33698652e4d2a520fe 100644 GIT binary patch literal 14301 zcmZ|0byOTp^eu{qV8I=NySuvtLJ02e1b27$1b1g}cXtTx?hxGF;Wppz-gn>oYJDX7#R2_@P8954DgrNTd);)fpQR$Qi273 zJYkJOf%o7J3X&pV7327aA0L_u{}2WPtB!$x(T4`!f42Rm?f?dcN&fK*E~P+r0S3lt zASEWOaf%t0d8T6F}TbEHxynXmm-AEO0|*N045^xj>5LN-Z<3^_h{ znnT*}_o?UL`QkY*Yvt?m@rJj+w8!&PJ-_#c+eX?s-vr8cCbEn@F6W-7r6Y~ zzlw_DV(MmQgkC0@)+#X0ElR=1&+T{17IhX24DM^kI{Wyy{ztw0U;@4Vqf7|BP=3&A zqMu6`KwNjz-x;Sy7(40i8QU&ITDHS!53WWST?FKJ=2UePHm=buKf-|1bukcSVrkj> zU56hu?`P&wW_iYDdfll%?QwQWZM?tTABG6N zIA}Sph#T~N+4(wito!cXJOP}_6ds19*EsjQ%jlC5O~5O`*zsVXZAsjPtftn^0qz`8 zRpWly?8+zmh3^7P+if?&5|I@+2?mX}tH~0Uv`n!n;k@J7`e{0;gDi$NN2yy`*bkN# z941M}y%_yQ)23ay!^9#Pn6A7`K3Hq{dQ=o5kNrPbulv@Ga?RRPxJtxGl-^$wDbM%k zg#`uV+$IPp12&}_2Ea;C#D$^iX_eHtS9dlweT(70OZNPdXu%n{5M|FR8oF^2%sDA3 z_$2Q>$h%Iw;ot%RoRU0bXaI%1T>^sPzaC}1dAsk_jlP9Y%Ui?LzZfkWg7j*f&y_u=;3wI{fRnjV&qjvt=)UGk*KcdjI;A`?B=5Piy|9t!g)12u)3^n zk@aArTEyUUN=JSwuc*45))o)#=U$9!E*oC00@9o$ zEGHdlr5OJ7SxoKqZFCfY|LQNP{W??h)@podI*=6{-2qwOgeH-`-|cWJ=bRmvh;I1S zI!zuS(8h>6p6?Ga?`jf;kPX2&!TJMP)u?)nw)BjQBVyQ1d}In3GKW4f#5&rdgMyT8};?p( zc0lnu5dE6#()ql011!r=9mWcRME+hVQZe|j(Ar9>nc-hT&9C zC$qNqXUCuQ8xZGEr)$)X>&AerIBv#gW5nM2=$jOu8%ZCr_vg-c+92$VKRPZ@ z$;?D`LLihjk@Bcbl9Z>k?3{%Sxm4+jXqE=gQMVZV;Lsc_y_bD?6~;Tkhwd-a9_!bH zIHzTSjaVv--tgOS)&06glTS%Lk62IpK5wSnmDoO)xPy!>2f0uCvp%lI?aq+oJyh2> zhch+Te)SPkINf#)!6|!=2f+49v3-Wr3eWu1{(wq&ZKpIxd1*uy2=- zUOV5P1)nC~Uw+~!N0}LQ{_sNbx#YK8J44Ur+l6*LEJ&hCk(vG^Z~^WXS*{PlP~p5; z3a>RCbQGjK1k;Q~m|+iA@g=6B`3#LI=ep0kA+19?3lc zJa2wfH|M|?{uNYP*!Gqs%r<$_q~D{$h#KCn>IhqyQuD>Com3lV~70L2On-BB;RlNbn?NV=$AHnDVajwhEOYD3%<`53Mij%R3v6lS{JwFib(Q@j6BGxO~vn< zroe)K=KM$M#e5UyB7BMIvTbL6a8Awq6x42XU(z_nchr#cLDo7EyqOeb@qg*Z(v8m` zXbTzt!kQB}?Woj9!f$OB@w}AkUL##fn+n~`d2(_XI8>Tu{EHbf+-xIL?>cJ4v{+f5 zqhx=a%LA$7vxG=IgOy@&d|_Kvv|-L&f8)MWeBQkPXs zIc$}9_DFYCcwV9iY{nC&tv)2|Zt-D6g4x$LMGbOreOz1ZC`NuPy-=_+df4-9Ou1yo zcv!>d<%Ny`cwQMkW|ke zswGFU<+)k?NXn~B0efU=AU-v5#aC65$-kKg|2xuv*#gE4uRBSXt6BV9#H%-bc2}K5 z7!#c?-HB~4BIhL9Pd;K^DX#JPi$FaGQC^(=Beoy>IJx}K>DnRk_6fl^afPh^IA_Bj zdsxVgX(am%>I2M$^R!iE&JS9^N?`~Q-8-@5^!#%`zFV1k`T*wY6^w`HEs{mk?2Ys7 zM=amUa<2*27srY|J3XP4(nQPfC zDR70NBc%Vg`&CZZwymo7pMFcu8kE{2m2+U58);xDv1v^eDjrvJVqw*!P`G`+zPcrm zgyhYrMv$u&Gt_>8RyJ{oY2}fvmS_HP_#uWiiXPiPWHq+cU*JKW0*o7mr7lg~?cFfl zuXl}|^k})O9_Q^>{0+f__z`$5vJnX}zXGYe6eiHg>BRNPx7|vtXcky7ajE1eqWfVK zD%=JGdK1;ZGX!Uk6Tq__)FybM2G*I>0f7*CG5>omxq$~wLEnGAN4`J(Hx!o{L@@h2 z+O)MF94*IDG#ogsBr{b~*3*(fy z{U9dpA#c7AQK8D?Qf9n$*Z?W4Cs4L1O0-lYTeFhmt~My6B39Q#0*{nx!@+!_yqp1D z%=M{HXQr?$XNT+U9sm@Q=fbbp&}Ea6$O{6#suX#{pMYBrko&;a<(C+G#&de$&~!MV_~Q>$ zxH=8)lz4oQ$QpcKK43LMPwVZx=B|e;2T>nzxQqh=_`vsF9fkzy_#vYM!M7d3BSZ$x z_DF~c*vwCSc**Y>VmuzM_HuoHy&rjO2b)KXV4Q*LgWKe8KFEzQ(m7mOQvZnn z4iJ!?0s$W=O!z)5VRmHQU3-&DWB+UrHL=NN!-{p>(o{Uv$Gj+}Ayg8jtJUJeFo`;B zsaqlqgFgr2VtF5HZb<9C9;xnH@JYIYK2SVN>!g~9XEnpgR&U60?#T9tqd)FI7fXC{ z11S1~kLl!t1w5a%#^`uI8ZWup2MnD+xhi#Syo_y3vQF^zR+s@x3Ew)&Wq`N=fRxUC zW?hhl9v`;#e#lqvMeZJ8?VA1wt7SconjXzaE#8hgLK;I0zTV8-{CvOpd7@q|FEb=7 zZ5W|Yan!c(y+nMtAQ%1iH6ayCWEk_-V>Eoh67RAwv|d%rf}aE`@=Jhr9RyJ%|;W=NR7r zJ40Ld{b^yB1fIq{LBA#FXqF$qnpcd$ylR1;q!R20;eszXLMPX&YDXLq%5)s<#lD8< zr`Et9Qh;+t$~4L=E+M15R=z(~USSKG2IPyFI>~>lkQZM?TTMDWMJ-qYTgREhUt=g+ z7h1-XRxH-Juc!a&ux?1q(K$td$qkbo|^wyr@iLpr!cSPJPLfIvlp)D6l8`dY|z_ z;)w)x#r^FHK66KLDxC|`Q!+h-u>Dlby7gxc4P>_Gur+uGEomSBZN>0K=lZYl$9CtV zraY>HjMa!UzMnGpi$SaHzR<~sbi#dg@Y>B46gBTC=9b9$|ufUnI_t6Dg8Np+#eBHaq;kWl2Dq8q40i=cWYubl7DdnlrVcx zZR`lQS@lB|BPMr5Rs|MXl7DGeTDK?<3LlQOADmzJB}XQM*-Y>JwB&w9Vr@OtFkO%^ zcyFsMWbVv*A?Ff)T4>00)p}{cBaRnwRaH%*Viy!;9hV;(MHnkg?DG%_MHAjtaAXj3 z+gDXJr)Fmizlf(wNlB?p@F0YkVBu>PqiR;M3y!9#ON`5*BDh>534CR>gQ}H zTS&j}Q?U;bf{$P=YaIPUSFSv}Pu~fTg0QO4TG@T|j7d@vdODoyMj!r7#cN!J(^x}& zF26W6&rl<#>s7OU<2%neo9%)fm3E0&Lk16$wC=h1@qXALAt^drI?P_Zw1d54?p%05`8ORoAXh5vmQbR^;8QjwUI2vRan6KBB#ea zO7uBXC4%xm6vNka1#|nh(UMZ{YLAxvOAcL**>HiB--kkrzMVD-Q6*A}2Dm5zOK{tM zFnHbfz-$j8LtALRwp7k6%DJ&kDvC*LwfWw@q-lMpQMZltb0L;{?i(HarPCcGQ)k_Y zjg_dUs^aoFv=N1PDg9gq4lT)N4O`j(GBJ-k?$+=t^=Tstu70#sO$D}T$&;A`k!n&6 zLv7G#n996DAnKkt8+oi6leb`-s%qG>oBQXuOJ+P`*q^CaxI;{Xm6<{S88Hr!Rp}Gv1}L zY26l_@I{-d8XO+`k=AMFVA;sc)E&_JcX{(_k+v0=Hj84sLM8u zb%}RVnH(6_y4j42!}Xz3yz}@Zl^L*GO;(#NgEucaH(PE7FF3;B4Uv%NNSa#JwT>fW z^e58C_Zm^}sppknGxK(6kI>Q_JOgQYlNR*IGgj{Fp8U4;i7^bxn}H;-K@fp39;8YuttUc zC+fti42bhlV;XVk_SQ*Xv!%+ba`)l<+VRP@LuDRQdS-P-;K14bzG$BRwj)U>p`L-PndToMNFmD66B+Q#4d z*_DFQgH9P7$e4F|+ebkUHs$*T#~%7Q&1S4JwsZ_D4dxsDd~&~$NfBrl+)hbQr4%?? zDM+K~{U-TMAkO;(nNuMwaX!tjRSj^R&ZFHt?7?Nsd-gtkWVXS8Lmx)jYWJKa=yrK6 zbrSv+(Lg#NA%Km(&*yB@?(k{dl6o1T7E&XURK`iE7O?z=(752 zh@}ckFM{tP_}DCMHf~^XUn($T zH1I{S=ow-oqT0j=dJ+GVwahK^pq*~EJHo6u;z-H& zV0MeF0Mi`svrzP+n~9nK+3FwvGUyj&XE<@6>Q^io#oY=YvNkneU#5&l*E0(1Hydst zC7NPX^S=CxTMb>v!9}7*38xujS2UhO;ny6dt6V9Beh$Q`w1ryX!y=S+0tRU1^>wgA zX1qO_PeRRi%x+V|0CD7ol)lMaTvd-7$r9)N)K<>fVV7v^Gm0~79M8WL8ly;Y*3sW6 zBS}TEKVs)^H2*Zmg-{15@&09tE3ZI(j9sXcQG{kuBwK-M_xl6GN`&UXND+yGsplG3 zZ>KjJQvXA6+Ue#Ii*BbYBj#Phe4FHxiLAwl5{;nI*#Y9RnhvO6EToiySq4nxkT1c= z-<$Gh4c;YBSkM=m6{Tr=${1XQO&W{0g{COaA!b93-%fuZh!520L>OuPYwma$dGr*{ z`pKA`Zs$~EE=0OMYY24yLtUj`UQX>c5JPOZs$+7|iZIG7=#NtViAh5?pPc3Los&i3 z)X2Ns+nOsONJ6ZR{?pBqe(K%lW&428V`ciF`KK*&xQn@t>z0LfS=s%j(}tCUzA&_# zqteQ0Xe_PGwh^F&+Zr|pYr=SyD?Opv|#Pq)a<<(_8BNPZs8SRo0--a1iDg*P1Iq6a`1>h}AcPM<772VvA zICHTluBuNyTO4~R@Ow!dX4M@RZ**e}40sF%X$il^j`>)Beot;88+O3!t*!m6vEGH- zH}1!Cd}DU}k^sQq(cjEh5SB2!&1M`?fA=6NX2hB}W6%_sJx~&lr%Ofyo!(wbkab1L zy~<{P@OZ1PPoosk|Ldd~DYYss?YWv`*RJwTz7_(Yc_c|5V^`v1SNL9YLRwR$=IFaN zw;2QHB6^l%JSy>l13U+cHKKn@F!Mz?P_s54!-lQO`rR;IezMmyQy>yXjQ5M+?aH+N%25zv8l>m0 zLLD&mBH#hxSWVCs7177l#1>-g{aExH;BY`2K-5t#c^Ub(&67qc;>_IY*-fBCyRyPU z9JzeOyw4wuL-cVbhZ42RsM5wa=O`MCN-$*_i}*;cuSJU4ik8rYT2Ta+hg>fTuyE3K6h-n95q3n++XfZWVn7RT~v~jHkEYl!GLar8OC5)UtPCd zjO9j~tn2W@cptX%S z!|^$i-MTB}`f^G7pX>zL3<}cEZTmYJV!}IZ3fp|S>*ret`C3rRvMm4!6Z5q3ol=pO6!dDM>_`vx5r>a&5RZ%pC;?kA~asm4LJn`@8E_ z{QHCBCAu5IxfIXjCAN*SBYL3Tb{pJw%Z(a`UH0$pdXdmHZ41Vu2prBQimnK}{lgcx z`v&2N+VM18HQ~YU{)zk>7%KxLLzR???SpCYnudv}5hHcg)j3{2Ew>j3u1M%9QZe;% zu#C^rm-97-F+0*T)NrGMWj^K5jmTdQmF7p)W@5@>AYg>JLj`L_OF`r`)k2e z6+4J-raEZJkEb)yU9Zn$vC7{3@a6pK)6;6!uD7?R38AhZ_8R;Gqs7)KY@iOSFii5> zTPR;;V#dD5&FUkA$xGtPYTBqh$8FZZd|4`lkS6)C1&8@(9dq*5O5_7$HTud9{}9VC z4HT&5dFHWck@~L&Y?k|{$zu7X+*H-A4O$?QRLztbm0ScRQR^l>u~$M!GA8$A7a$kY z7q&&Hb*Ff_pn3Kh{5`aEM_s2nnK#D#%FeJu2c#!yDy=IZHw zK|1lxh9>5hXw<#iR^z}Ub*t$*rJ5+7;WO>XAnLpyHs?^VvbHvH3>|q)EWIpkeru$a zfjM%H7;Akb0db{lg1I>De`A41?6&-5h`+SIDgqymypJA6MonF|Qx7NBa@qWmDC-+$ zSc_U#&bt2Bwzq>zj@1c~_%pTyds?4lOiYludrLJv9X`nE6}`XmoO8AY%h=g(N%O!& z+pBT@u*n;i80^aVuXW zn4c^D@2=3ao-f;=9|q8?iq?Kzvwiv=(y=M4D7`f#YiwYCYb_a+p{Cj|izO8UEzszx zwQ3P}r5X%kbK&f4Bh%p$qvkku^a%#bZ2F`~kHt_DtD{I%l8Wk3o(n;1R)4|~)-noz z1*6HyK`EH#+T`_fT9YCD+5YX!Y~q`SYtHnjH>Uq#jb8N_fsK`oiw>v?bPIb43g|Nt zbA8=Oz%sM2C~erP&norab=2j78bv0it5;h_G1SL-4!6V7&e^q2c8nfb_|g42WPYuE zDDQB5bwX4`6?j}wKhbspva#3I%ts4j@8V}a$&4iP;y9BG)I3>SLccKp(QiA5E3NB>T`fFqp+ zbF58hK1wcQ;dKv_CU%i#@AdX1v{nm`M1*zqEUmHp5YFnH!AvPz7{c8BYThVeG6q)T zoHv|83^2kQgbLxkB;2Xavzr8ylmNRpjXfv}DZW@E7LZMWz0wUC zCr;v%fke<7ysaFt&800|&TKNqb{tjLX_634Ow0u8XOYKMQc7F2_QET=8vYu!%km(P z_g&E(DkiN&(3l2e7_OIr6;qYFh4lLwFo??=p7y{tL%Kw>Yqiy z1Se>NWcZgyqF8mYXBy#f!bzK@>QI_E=x+NXVIYz9u)E9GCWA|zLR6ObF1er4@$rzy z!GORTd&8vv<{TWt6Llz0O(4J1*(5t8Eqs~jmR*G#y+9d>W6q}y6x$`ZYbxy34>yI& zB%%ltu$g1Q!kS5F8{$oW8B#>{$ZtF87J(daV>@s?s|>*=nDP;tO*?7hVzhvlOg?1g z@7C=FQvZz!89ey*p-3S3$WByqb%G#2bM}v-EeI>ntYSt5c@E(>b%}>@Y9_c1s7f8~ z+}WA@)D_Cac)o(1pMPE@6I0D=FkEfDVcbS2kX)U4fLJtMpqTR3Hr8bpT6_0r@FM9h zIaKFL#B-X1zlEc~z3QjWGB-$(CvCI5^lDr^Zld~X8y~}#FL*ME%J5prj55! z3?dz3FNyaAT>{1V8ivhtQ8FougqLXlTuW>R|8Atcx8=}XT9Lp2?IN2DMBvN3ccKew zkpoM)Ij8m1`_9-QP9>VRhq_EncgvDeaaMM?4yx#X;^8%xhgJTmz)d_~?T&_6PL>x^ z(|?Sm1xg|440d7#ie*X-#bk6FARY>=i@~~rGGxr}Zd{3@!?Teq0s2+}&$- zf~}uFqe!fk56MP0(J|g0TgsdE%IS_yvVKqi8{TKH!aYnUoo|849A2q+S-MwhUB@AX zuY=Up_&J5Y>4zCd<$YIiI!41;RN3RI54oX;Y*PkqvtX`m|7S+|~Y0Kz6z`_oaWV>dJw*EtJ9uM9&#tuHj7Lf81@hTZu=yROHvm$)Ss z{0CShmwYi>u@8m0iLv3Lh0{lWYVPUwVVQ+L_rnPy(Xx zN;YCna%~GZ4HDT$-Om9-v}-jb*Igcjr}^mAa5YPJKX9^5IqKFC;<6X}K@?ghga&=d z2a*fZzzj3M2Ykn>_c+uAWoDN3tQdzaH_`aW&3J-ov36`+_&0Ieaq;$;^?%DBGH;zW#?lsz&(wn?f7R^I5<&QpWyoBX>|i26}ICE zRE8tyTy{nl78&!`B4k(~b6K_Gv7Z2z;8ELy;v9nkQ66ElFaSm<(-c%9X+ zd}D|5 zn=vquUnk40E|sf(2|Y|}Fqn*dv`5@K(S(4q5vASvnAS<{0>ce68cB()$)`FqGjkKs z`4I6@8V8sGyYm_#7&<=gCe8fxzCvq|O|F2b?swja;vDX*3ReG!{OiR3f#fys7aa~r zQ%?<2lSF=GW@rLneln2eR}^tl+_E82cv2v|qHp`U@3*>zx{nFEe+V(f#9}CwY4#M* zqa=2*N3zdIM_dI*HES#(@g=U#_TKya6bpYB zm!KOr*%!1#JD*!SX>HCPIAUc4g-wy>&;O80rjzbSv45IEROD04wr@VccOs4ks@KDP zy&{p~qP$x?_@TK6qk%i|)S)d7NYuZa_$VUw!(}CCc*ONDPtu)`nB)2x*w3B;PeU?8 z>q!lBqf)YWcA0KdrqAhu_mAk;=p9yNnVieI(2B3S5XL>0-E4)@&4#(GJ8djsAG!l? zPuGz+rRWWF@@EriHR=@_ZjoxWeBQGrQH`EqfBj@<-^uNz?zW9e@7vNV_DoVfMZ=(~ zY0x(GzIZE{xfSnE=6#GE3AG?ak>qsM*nhanSJiga9v0TSwgWRm-zu!)n#4?ce(y2% z-46=BG4~rVKg9_?qAlr_P?I5`p_6xf7}&hd9J1mnx8!j;_lryl4#jFjsA%fDSnK~k zJZhylGmmw=g2YWPvM)(rYj&TY{q43gDQfq57GSil2G4r4CtCseJ7zR&iGtz$!0ud^<0@xsfct)U_qC-2LzSFH2oZ`rb=A(a`i}E@dA|M7h zy&BQ=+e}bQUbHaOz_73*2Mdp}j+*v*?9le?D89`&3=A(9k0~7ZBMPg$kHe z_#nz?FcL4G*Y5?~PpStGN=hqY5n;sCpe>mZx>$2~%&|MVlF!f9S_>X}@>rzMx1)kf zER>MROG(Ny3}ZEnocK;sV-5SmYNAYwvL($%4oayXu&!LV;WAmWS<#f)%%y zeol!`j#)Lx;$mDQ#S$XuF6;PVSKH;eMnPtMy#knj&_-u(p4o>}n0~M`mxfbMWq+cE z-6tK!9T;fBTkvIBhI7Z-t!q$e{X}OeV-Dw-aNsHK0G_GHw@_Z$y0O5+@Q_+(CN`C9 zAj1e)=m3kS)YDTVmuQ zjqk^hdM_xb8$s79rXO<1AE$`&8k09`;!ITgzOQ#@glaXWEthaRphmAIWr#)bEg*op~h# ze89xLMGFCA=?l3; z!;L&ye$xdO$oH*Eeiug6I4D`@+s+DUxIsMZY!9Q&46dRY^6Yt6Q`}Sq#dag2=x79B zd2w=Fn0g2KcQ0(2qVZ0#k%OI#3p_e?Y=%=sxpv~D5p7dhZ#RX9fWd5{;20%}8Fx4A zmn$Xm97?bA>+Qlw_447)G+*xvs57 z!{()=lvan+=!$A7vPABwXyJ;sa zH^l!dnc&6JqA$3LIH16HqkoA$eF5~ARNF*qhuolDT&dsc#>C6D6HChR6AJxH#{MXa zF_99OQS@c{MqE!JJ`bNRt0ayPSv7liLXJFz&6xk$PVnDPVs$=O{Q~#3TM2stNwWenkMvqxz1J-CPaPz~&~Zg;g*9U7KpGDJWHwbP*8SBu z?|D98>x7GtfFWSS03UlGT8ody9?`@2$_(&6-aP~-(niT8D+pGdk}CT-HZreYi`hl7 z*8duRUYibX1oWK5N56)Y5KH7mmPr=MX2h!3f#KRT1WSH#nwV^U3etUmc7M4X-2Eki zY|!A&n?pQc5?Hpd*6MI4Kchu7IxZv<$yBDbUk@LNXS&;T*?bRgz81N)R+?!cXT9{QAI|#z}Jr5vRz5=Hvie}LHd?ue#j>m8GW#X*~jjF z1xrf8RbslD z?xigqS;hSiYa~%`?(&oyrb$a&{Ee)Ob^T96hppRM!`IA z+0bSC>Vwz&LPXcjtx)F@V?^nY0Dl;iRImvK;8s3?5^D{ z7xDLwnyg=m*9I3Se%!8-Su0uJLSxZy%hhT#a31_jMetku<<5?`>T8SN5R|;^%Srtf zZa$56f(8=E>Hld^dtT!5xn=F+5lFE5%W3I8)`{AJ6FD6}VZ;!_xO+haEs#e@*>A4k(14n;WwHtST@y@$Bt+*87?UzPZVDJL zdyv58oglY%q0s>rB@xmgA^ZtE7hKqnDvRGEar%%=ndyf}Iz{xB7YL>gYaQ}p{l23y zvloW|2UF+2_yjv)!c`W=Z?@0M!QN9Cypg}KOkKq^77u`{lX%VRevQQdcW`hD*E!}^ z$NjLt@nn(t|GDaNWIS-y?b?q9%h^m&^r3XaloIe>TgN0Kmywz5q@r`2Ba zLuJYv`3A?-Wln41nvUr#L!wig#juvwP*=|ZteHtVfIdTQguEl) z!UtPXV_WSj!jYE1oj#Q!*YnXg6#0piu?tKj0ukcwqg#U|1%V&1qLCUR(%SVu`U}3! z2m%L#|2LnVAvM^l9(t9Lk&&A&$S>dEU6af8T>`J`7j(WiYsv1}s_aMHe<)^`hGkIL zO+m+L8!sRkKLDw9s9Ggl{wzO zBf%FX8(AqSe^AC3v|Tdzf*lM?fij563yvl@%-LpvzWSoDdb{s`Q%%tt&;X`t=kb4f zXuQLjyx}vzmF|JaChiYgA#VR|-p?i^P}o9d2^RM$rkQ_^5$`SZKQ+#c{I}tm^njL~ zO$FsEq?3Dh{ZH{>h}#j+=tOPju7kY)JS=ZNN;e#641gX_f6Kn;1;v9sX8-89wGlwO&DMSlYLL`{0AdCV!R zP66bev=F`h_0%S*@_!anhE>g%U5=nCn7C@V2KxWMX$-O_;=GvpCosH^XicAyHPl+G z3|^s>KXXiqrvW7u{TDrOq|g!y7bjs$b=!~Sm;K)gXou*{yKbi!3Wz8t5NN>zlM!fgNm literal 14154 zcmYM51ymeOu(p9faCdiicXtWF-QC?Cg1cLAm&M)P2@nDc!QI`RfAih@pUXM0?Cwl; zPj^qxTUAd*DJe=L!r{Szfq@~)%1Eeyfq`#<{%?o*3i`_*AlwCdfpissz{50)y@zc|NGKX^qVLcSVIE*n=usVJ*<5D zH7|qnT>n^8P4Cf7ZLwZFN~j`?DvKkxbNj}1Wz|x3U4CN~4n*68REICPm1!haiz|q- zr`pTkbSxxg8u4X32Uj9R&Ic>tL#tGOGbLGchbkYToV_KfA?CUj*XAOv%aG6@mfEL6 zkp8(P*fcfVM1Eb_brcppzR=sW&42AUidx;)O4mwGPTfj}Rp*DJxGOQl3u(oo1?h_il}DpiGs^U@51 zg7<7%>uC1ATI-_0Vp7Kl4ZWXMxNIW ztoK2d<=)TDw=%!a*Ub##kE@6ky6}DjkH6+Fi|U#aoJ)G-+-puh-hhtp=^qG6SPYg7 zAXAa(aP@;)JyL$cpU<H9*Bah{ZPc~+y3ZV_9Z$$l#oYU3qHagpkD{g3V*p`?ZESkK<9qF;N945y z-f=TYZ;c2#$(gkkB6cdAWsomS_xYmhGM(A~Sl*`#RSsPb6C<)7)yV0%G{Z);?;fao zZ>ci`>LG$DZNEpgr>UuUJOMA+=KFb%lF?e1N$ycq3Wgh8GAiqIT1GQYdx(=rO1PTETo~a%%-IM54}s! z#C}SRe*p%U;ftrx@lb^$=K;4rHyMzH-|8ibm3tEYJC>N7u^&Yx92ZQsaJFrQ!87yH%qRa*B``h zA|G4GA0p)`!*0P($O)fML%`Ocr=7Kiw_V|n;ynH1ru=t6>keseyMdTaF+-Nser^?` z@rks z$thfKQEk_iQqvZL;Btf+d2JU_vhr0+(ZoC^m0;@|e10d7Lc&El1#G@!xXaypZeTPP`i`wUVdC$-nE$W*QOP!7;n2LqPhtTWyw-w5_I z5*1lEAne+FSc3=SxHl>+nFqNT)|-8lKSr<(89@6$NB4D{V=8yg@wXRdAyfVb-v-qr zDbqo%A*UL0{{!Op-^3H2AD5ptq*A6OtBBxi5TOUd_KE7Id&tXB}Rp8}&NBQMaxPomzlz8l5Gxp7w>Lnk8*B(*5IZ<1eY0-rMilL9{u z1A)8I*Vy?D??o|8RROba5!^sqY8J9sw%HusVtnGvE}S@2yK+tiygz05D?{%&JlRFB zS&2xja}ai+&|eHT&4qcM;k$#ISD^>g= z2w*yK<;co#>Ca@Q-gnthx8TT5^(%&0jgr$Co1j?i;45xeY)Hv^nB7cpSfgk2L&yOW zHzKJ=!B8l;TJ3vZO`cM>331Tv849ru+7do*>%C`u?%8}5e7=eh20Y^0W+wV{ug&rD zo>MCrTv!_3Vw3TbZa;N6L0?1P4r3; zi-B)zW6Asb(~oWKjt7%um>=_+x641L8{(ygKu5WhrTZK4Fn1OLVFMCbTt_ zCz6KRUIXrwWU#*4)`t_==GzjlWa={#X-_)D3}nZgwAy2IEyp!&54EmcKSrD4TWyaABo0%LihRj;5E)e>TMZe9vk#8H)ZI0HpD z_02$$Vc};{lAA1Cr558PKSqijtv++~$qa$*7~I885806HCL~S~*zX__BN@~e*2})n zfF49LvFbK=1yiU;Wbu-@z>muB{#7geg`5f@?f<_AiBPRLotVysAO2QviL8{V$;FEFjWdYn+W`*>g4*ee zm=RDN+;%m*u<|_)Sfvv%G)exxA#vPHd1)4s-pWFcIV~33KaD6TDhFFJ;It>`PI<6w z^!>U5>c;2hRl&JxRbU1x6be`>aK1xeDV~X(4I{N${c+2GRs<=3sFP3tE;&8;>Z z+_`#~bUl2r1*YXtZ>opC8YEr(W(VgA0ju_0pi;t7i{*@cb)fPP!D3ZBV>tj>35kit z=c{=2F6WSk5VN^5h-1>nHi`rTFv2+Yflly@g)x0zS?V2)A{@=jY>zW)FI>N{EX$)P z@pV)GxAJYPm(Xbvea?XO{wC0XpL>LEp9#o$4o4+_-q&dEOPcCbaHoz}60^(X^DU*F zpj=!2W)Q?~_iBR9mkhd|$En6X?a3Ai<`|1)VK7uUa~eYA9^Xw6uEm#KRX???Twod8r-s z z$EK!^&tM|U^Q^oquN8v2XzQjHr0h&SiRHIPPP`2X_XR000yboK7-=_R715r$e_FbM zTqU1dEDFbkik`k9Jk8b{0v(ZpGKDyG;;V_vaF#YbcAY}Fk^cfZheYn*>XkEW;uBxV zPDyD<986wFEX=kn5z?Q(PW+pFpz#Ip8Bo?717BD9NGE$9H>w|h;}JOvtj(!sPy4Bn zQdFwWC@4>=sA-UGluw$tFq#$x=P(Sj{uP<$x@ZsdG6&A5kY>7$K_brlmJ@;%%VuAD zjCPA4ga<8M(&iiyW3K_%LH1!+e)ki#^PL%wx@jh)mV-nDspbcJ5>8p*Ns!WuV==bhKjmZkdmb{Y=M|o1) zDfD$FasN7*@+>7xhbg+K=w&UbOp)#722-6xW#wJwFwdvpSKN?T%TCWrg9$S>G^B{? z*`>RCkV>^qNQcBpW5!aO!BKHLnj!6b@-W{QBTekF@w?~RVm(75#a;Rz-d^SC`P&%7w=)wbbN zy%FL0MN9$YqOdZ7k4oOg}2)QWY7dMr)BOhWE zPD^UB)w=5N=kM=WntzT$F{6=b<=(A#t`+zWd`8hP9x4iyGQ+1DNB?TS`)b3*{A;4^ zT(VFU6;o_F`AFu2FhRd3Cv`X4-V#Cu?yqHq!}Xj^aiGBw)Cn5!e_W?#?t5#j70@)x$#;jF7X$M21m>zyxixE!|D69l2qIgt=>M{XN; z7Ar@I7tbuCD9yM;gXM~b9DxsGeR>pB6jeX`yY84LZ-r!JErhSE3XtXkDO`mnBVp1t zWB9(ii_Cm{WbaNib7X&CtS7)=%s7u3jC2Y{Q|J3fW()9YLpDs90q69-czV7ih$QEk zC+WCJt@7QSEqvQZ2a9{=v>@-Kv7w@s%P64ZUFFr9i4F$H!t#iF3WJG?2$9mg&>eG-!8!L-0g%2 zx|DymsO=KnncWPcn>InP*Stno;XK{8MxFWKaaP9`$>K4l4{|o<)>1b?xGdg58nzT| zV{wsEc1Cd`wMCtsld@@ovgJGMwVzUlS{%Ik#`B`Ow%kk=*@@hO!na=>

GP zsIq`GKy7g{pp+c=fY%@!!sf^kMVH@SnrZ+jr41C%>>B^nEZ z`C40fzO?1+hfLNQc|M>0s)LZ!{G7McLpwQHC7wNr%X?sjx}2cSYcRN?Iuwu~UMaTU zRkOBRaCfK85eS-Z95!$bG(DdI9rm;I`Z}zRux6?ur@mI9yZzoHRtsL%lO3tt59&DP4@l|&fWplA)*9$yLZqi28otj+I%;4Z` zvH*4>&mUM-=%qoxhMw~V8= zC9yAX3LA53YY<8zKs$kzN?AQz)6#TG_P;%29-{8Q>F(aT5%c9QTo=fWxM0=8NF41e7<2b3NU zu()suAI`445}fbu}>C z?V4lm8OJY8M+2`CZ@6OM4@b}&gbz+5ic^f-+zs@CflGkTrJlg|t5^a<*3ISAUG@k< z4L+oOWBXa+-V+}Ij$c~@U@$ww0xy($opu{!90qa-C2C9{-P!El&!+^BQF z%gb#?7;diBVewyEtFLm8`I3*D)bo*r7)EsgMj71R0euTotLfcNH?a%yZLgl+UIWwg zI~!f}kcb3m*xA|Hc#lalnNT&yT3_o2?ihF2=9Y+)b`^6y3K`C%7Z&NSH+5!hmLAvi zOn*~R@DMSrrdzL%tZ62qkR#A9z1We1ToJyWGV*vqh{CRE9HAIiQy!@0V&diFaQFK^ z4uVVx_O;`<5su5xT^8?szcTYYq1ElpFJ0hITe=9v>h8EBX%RJ$CQHyhvwn=VoccCZ zTA??7$-W~`&$ZB*VmkOp7T%sVz)Wi9WGGh}m!rdMk|cP{LJh>)9ZiIDY6>v=3|KqN zoz#EqvWDe+Y2ppOn3WE&U`rqCrLEF!K}#}jtcn033Myv-jx%$@Q0QpBsa0Io`0k9CA3FJ zm~EeJ_>_x=h~FjOk^Q2Ne|};xiAO)HM=M*-Nc9HuD?$pc;F{Pv`V)gxb|I#br?8WK zMM4+xBUI(6h<*CoYp}k9@#-bsPHWD<0z;EVk}(C9bWRoy;4Zwy>@yRCgwFVIIcNAc z=}*;VLB;lVr!J!q=r2@sk&0gBvu>y>oUjIhAoo!*v^y&8t zu5My-pm2TlX8VO_T>o70O6GdU(1X>f9Iy&8ngy3EQOB8aTZJn3tdC6>i3-Z8ouAyA z7I8iHhE%pg#YUaVi=_#|xCmk_P2-ASXP5G*3{byzaVh*@?w2?6#5xRdb^%>W0ldNq z*n@G(@+fhrNK}HL zQd96pfvZbyPu{@QEPFDFU$QZyV9BX;0AYMt0JLNxp>Q_Lq=i{VhkOu)T~3Z}nZ545 zv~7N#%6`G-bvkT*z>(XJm?7*T#h;pLs`$cI9bq)y6-QXjS5P^>EFqh~%9G&4d; zU+fu+!|Pf9`owEXV&*--!`kDO4MuZQz}jY@4{3bRAzm@k%NyZgbq0kNk*_8CZyWsr zCaBtV8(TQTCL(R@%*`DR+R2l>LC;u?(?%uIhS4*CerHmW4fU>V?qRrUR<)#r?|zVh zFhh!vsICW!bI*xPVM~CQ3dCFUVfTf5-Jc;|hpuxjUgw?A?w6BlmjNhjEniR^)eqMO zet8}F48<_)k)`OHGw!VWPW9FCXKtQhy1BWxN$&>Y^tUr^a^;~Y5{#b-QLYqe(;KwE zx}p#F6X^rZ>+SSFYUpbODYj98Loojyb9yQ){PDx2XK*vVaSKYrU{PhcVENe9pLAWH~1 z;>`UQM%4Im;i%pnLDd{67r%Bx)TZxgrrfR7EeH7m1JtAHKU5a8k%YQrweW)FUAMKRH2E+W=~MdrULba&JO!uFHWg;12vI4%kk|Zzw^n(q1|Qi zGNU>mg>-&py^8+lsz`|hy@xh?JD3YUy5C;+(YwsK?)Y<~Oq3=4LNQJ~&V|9-RG|R(#|wpGx2d$zv$?40@Z>e4ykleWYsr7n|aR9 zlp$^QrFuey2Aw(uVXJS;-$8M0FWejFezUo49wRZBYYPen&%6wTl4!jmB_clfwU5>0I1)=`E>-|^>!oKf5({tQ6 zS3-$g|BkdsWk*@BAI5f3VZf@X;aX@laS+AYF{T`qoq(J(7Lz$u3WCKYznOrAW%i1! zB_7FP2(|u&I*$lyEEfK`WY`tx6SKD?d%ds)a*|h9`Tj<0H?rCila`QT7>SLBfMk8g zB6qSuib|z{hhN)A=!0%e}6x}*w$-wuQ4mo7%9$@H} zKsKW!FV&s^uu1!*L9PkLqRR;ir{aa#r`smz(6~G)~rSH-CEhjgQqRD^3|e&aBKl z>LOuW)n>*|Zi2~w-p}us+p2WsC^%#^3`H4w1U*K??SGM7!1vHZhoqRL;c9BD2Cm;r zK&}FzJ**uxpoz7;ZB#T(#4dcYtAsmt3~yA#5ZZl@(rMdvJHuY|{h@iVjI%`8*pOT- zE}9~r%q*mr^KN&Ju%jWDne)oZF&O*N0z31Rd!PE$XwgyrEc241qmo0Ib(W!CdR!dh z*yTb|t33nrF*-#$X*n@fL-a>!h+C1JSNlOTQsQNEtZ_D=%bRp#W z-vY8)G!Q`onW|zq2QRbN{Su1E$bX z0i+UAQ1G0AU4S2=Kd z!;=0wDg=9NFZ49Dt?}OV5U!ib!nEZ?S(I9>Z#3{RT#57}>)@|kO`eDJMD%fKRK}@6X+;?XmUoW)&T|ch1Y@nc5;lg-; zMu>HjQNuKWql06cVOe8YF6s^xj6!8~|w7SeN(+d(Apx{zx00%ofy$KAaMi4`Y< z02JT!Z$*uwpvW~yX_;^3hlxo<`fUmxj(X-HKKnv*HM2fzBss(LOAwN%hVHcC{JK7u z(e?I;94Tg@PkE=4`rHdrkF1xHS-`O-8Fe^IP>vD&Yg4!hG+$!;JULF4D28*#>Oo`N z8|-2GUSvs4p+cCLhDv3o+LvnBV+cX)tt|(uwpVX@-$wTaWkAjyi~xj%0E1o!K7M02 z53v>xziyfCoaN_lWMT`Rx?(s2GV1imPwLe1e2=(w`<&i+d`*^A zO^(JghHCnr8}P&ZW?QQTT3KahS>)p$FlcviUoGpJ`1hJdZ@r62pGot$O4_V%OpBpS z+6Prg867)nMs?$6hl1APJck*YBfM@MEfp?ovBPWD^=@>N6)MJ>Rb~=k*CEhk0pzCMz>S=7Y$RV5&K5`4p3}*UX-aQdpz;-IL9>S7uNr^bzegl zRlLLL*G5aU>zg#sYBSZYKI01;zzrKS#bVgr!*mTp5!zbYemEP*_bm7`kJ!K5py#x7D;F_U)ufUsZ*_cQ&!84)^1!F1UbaP#TeGPsz)o!}Zpq!tt?OQm-{^W}>B~fKw%J&N!Lu@|M zn%~6W8tr$6N;HCEfQ|H*>C7K6AHs%n;#Zr)$Zl3m8v&@GeW`ia01Ty@-a zdu8T+i=}elLb1#`%FZ)Z)z2h!?=mQ#EdNsZCWY1roJur3$F%ZbPBiuTl>}s?R)GG- zC%Or_Y|BvPEbh7Tel~Sb1|Vn)Rn>0j9sDa-R*{=}j9OrE5yd_sRUfb#{nR?k21p=_^elG$$tTWU|sb3@*S=)!E8(}32~X z7**-3OgF&3)eg@?EvOCYqA;c>YL}B3>=qIQ!a;mibuM`^+bZrwivf)j?2VsqD!EYI z0bcWc`DlMoftZbye>-qt6ZwZStkn;yhRp1|kicQ|%1(WpzAMVLE6Oy~WCfW>Q9PC) zq{Zs@H2Jc&P=vd$d92#I>r3;PwGRn)0mhPd>&mF-#5YsdG1eRzbi$w>LsgJ~$nfwBlIp+`-bG9kZ# z>7hTwiPSE-A}1D}+Y47;j_=cI5a5~aSTC<{dl;_v~@Xn71uN~(^UA7Is$l;W%P+umPhwwU1M6BR0nq%w(vI5 zp|6)Eled^h=po0COydczJ8QDD_|W*0eVF@Ye3%uxYkw*EEoO9~1@AEsAAq>#tN<+rX*@RSX6kz3&>oui+gOhnI)H0&yf3 z_EaV8nL=A?bd(WDgeJrwEv+~#}bS--2mHq)jugg;dCVlAdea+r{Na zZ9sdmu57YF$S46|lUzDpOIIqz_QEa7AJ?M!#(HaftY%UJt}^kvmi-8W;f#+w%g? zmjb>$zQ^zIr+qKFLC9XyQU)l9h`^Vjnokh8DoiR#OFV?vERufJV8+9(iW42pgf%a< z`?&}6>}PP%zKdiJiw_^3s1Y=`vp&$iSr>3${ldOM-mOX==DPEgE;GKubu^ zQ~*+cGx;X>cll@<9-+;}tFSgHNoy6$J<4o)?tpptaZLE5Vc3NAIYsyxUEesHlp+*z zB=SFSEdO=w@XpdpP3lsxO3PZ2%$gFT^yO_d(~o33+mnR4+#1SPRfsyC_W3@ie;VnV zRMJU%@lxN%eP`o8fQ=a%nFyf6SbW4skqaHi6Upon^Lf7cQPUbEy?D={lH7!}WK5x- zEG7pVCQi%pEYey43gFs#T@dj9fW`GZ`T8+kc zW8Y_~3cIYjdHTTlBDv4a(}tJX_V?lEiEqV&SGV+UE0r|ttuoZ_Cy>i)YFdLJ9_)4R zw={8Db#14dCJu@*dc7n}Kff`a^--@#{^iAbSIg62F`MGvPD^x^X(|e(Eg7K3K3mSr zUBC`Mc{d8v9N#c8hh0op+H#DNz(egRuL4dVb|y4R!J{f-B~e#I8>KclW>RMWixF<^KmQhtFa|hdQSX-r zzLdL{!Y`54Y+pkT!pC4=4yM>T$t7btD7nzy;iWQRFZf(So~-pwr?074)JvdF>Z@K*v5-5k!M8k3XNfOr z0rU`e-VQzW%SN5bzFAv}fH8L6a9Hwp<#R#YkLB6DAd8&gGOvJoT#%i?vd5Og1njzh z;4OafM2?CnF|WbH&`NG;-mMscf`!)j_Ue12oIV&(LxF>+j*&*|z(cpxZWCABD7hl1 z)_;ai#2jl0dHIEEDR3(odhZ_&*M0oWvFhP*hu>73hO%6Mu8=P}UH4C<^PHkC{y)gY zv;~eALtb`3J@{}hbKS%>DhzECgu}S+o9Q3s^B*)v-na}ZS8D$F1(>ZOnc(8j@0~BS zRhsQm3b`twL{;8Y+wquW<$!x!C>@y1Jq_Y6!8P|(6T*WIOI;xHmNBUU-?E|Di-$Vm ztLzqTc|`X2c5=jIT^kFDHCPU589XsLIbMp{Q2 zcYM5@x*J}0ZN57Y(g%evx8FbF8U6OsF3A&#)%_J-O7~1|U@D%5L*TwpJd(C(v#)8O zU+F1M6(60Uj44N0)Aklk-)JM;24d$h1%(gQ=W?dSQ^;UtX{KDh!K&+O=y4zIasFTO z!d|3SNq-kMB1Q|g%*VNVh8cr@2W6&+A;-$3L+W6}e@d*;GQY)!CNC|yMJ@!CMv9fg zN@D~VoAJCv1U^CEH%e7uve#_?9^&XFX+CmkKg{#pi!ppF((}Jx>=X^R6uQtyT_Ia% zQrGJgP1Uj-g2SrE%*wy5*&FgDgs#>I_!p$s^6RZE9#k<@P@Y+_nY-Z~i`1Kq#tEfR zUrrYzrPnss9?darc#-*DTd0@bjY+!Z;gC+4D16RSamg8yI9*t3T%NVx>6mcnd*lNx zJJqb_Thz!2yqbNRo*f5qbx?w46IwFO;nL6oszFjq%LiG+J1_Y(Fp|uAPFLc%hI3KPjC@n?BWw>h#*$^hU zI2Z`h+citP`>s$Gew?ls?yqpKuo;4=o@g9d{;lM05D8obtgq~zxC(|F(dzL^_uTL< z2h`NaYN@kXd1b*^?fmdi)iDA5Q1=^NKE7CIot33_@x?f&VyP?#WgQU2U62q@vCWM&zq7YXM1G zwz!JK$?73J4(#&voDs6lgbzJKpcsZ3nrsnT73p)FsLnBHE*)|#jPKUk&f{b9A*0Fk49IsjraUP06bmL-)OgMZG2 zZ&C_aQSI0i-DIciSf9KIun5#FRcwkZ)R1vsPLiO= zEo5Ix#MaDFeNkJluMI$RwFt9b?%76~w*^`%bV^G@E*k-iuLh66%|h=bNwTJ zK<7c@$!Pr}Cr_L=BJHHb;bvp~pEug+1fW!ueGW9FLK)`2bPk&Sn6^D-&jZrahBBJ0 zxCaD}`uJ=$uDpi>v`p<;7vL(9k|HUT(o2cv{@6OfyMMpxkg9V9wD4fFnX1Tk>c>i%m#{dP#zor1$Y z-y;W^S!$kE+7hhXSJkp%0N$Om*4&lQ$lM5f)yC zH1@XHo+jtKeGElNV?$Lr~~ZBh`_@ zNz`4)i?gngz&IY#I2`|2*7oAsUG@y}_8mB4FG z59E3(X8P(XOhTPrakY}*bqFo@MfW(?rue*fXI04Pq}aX?J9{y`uj1Jpu>v;OMOT){ zHuJ|0^Iqc=Q}N;|R_0+F#W9w;)*&)drX=iuDrLF3sx+l=oh4zFDs}6eOeBcD+QYbk zYp|Qp?|7Y?yuVK-H2m@4!|^JZH;Z9!Qg;H%d6tua+H>ZO|Uy{Oj}Zwp-XJ;s&)vN<1H z7MX4te4kF3>J|`D52v>hT_W+Of{;}=zDpg(KbguYR-q_+dnLo%_Ty#Y=e8>NF_jq0 z?@vz&K_kQH)TzAt)bIkxzvRl3p2mbc{4W*s=qjmP1?T}raKRWa|0D{$VCwS8`|_SM z8Uw3Nt2qjP4@Lkds#9?lc=dz$KbBbA(6H_S@h2G5Jnr0+=S6Kl84JDjWvKHWQuS?duwU(CZj1 z1}NuHf80fD1~7(!r1J3EiK5=i08!S}7pmlR!^B;SF}@a{@sv~IaGF~#)C>mYieiGV zB=LfSwBFukKfC>omQm0j_DZz>tGD1*1hUj(!VfQS5 z)ZZsTSYBn_dVBG|yce@LZ9iDKJz!fodl@_qCX&7uISxUw0EDF#Pt3uAIwwa@Pw#Ts z^9ZVG=q?IFFcDD5fF9t)Vxm%#DgOhy5Il6LOpu}2ub>1P2(g2Lc=%T`frW*&S6QBi zhiAJSNk4=AcAWoF`Tsj;#fJ8;gNvX#41ufuFDnp4X12>j+kWRQOL9~xzjTzB`upNae5BkBA5iMlyx(D^|etP=zjXo?M`bb=5) zoPDnbpeaFU=)FNSOMKWUn8PEeT?_B0?Fimr2v8%eph6cgFJ#M*ZeD=3RZZ1JBg4ht_di_LCw@;l#P;zoA26rs?N81G0F5c=`P(>b%5%>)dkj z<>RrhZhf&n{P$Rl(E2|QthVC-Pq5_Z+%d50V?*=xWE)VjLZmQrv-pY6nNr(dw!