From 03e0c67a0406260b0816abf290bf9d5be7a2c804 Mon Sep 17 00:00:00 2001 From: Lee Fine <50836957+leefine02@users.noreply.github.com> Date: Mon, 9 May 2022 11:23:30 -0400 Subject: [PATCH 01/20] Create keyfactor-starter-workflow.yml --- .github/workflows/keyfactor-starter-workflow.yml | 1 + 1 file changed, 1 insertion(+) create mode 100644 .github/workflows/keyfactor-starter-workflow.yml diff --git a/.github/workflows/keyfactor-starter-workflow.yml b/.github/workflows/keyfactor-starter-workflow.yml new file mode 100644 index 0000000..f2ad6c7 --- /dev/null +++ b/.github/workflows/keyfactor-starter-workflow.yml @@ -0,0 +1 @@ +c From 284a48dd88cc411e93b4edd118a713eab81a103a Mon Sep 17 00:00:00 2001 From: Lee Fine <50836957+leefine02@users.noreply.github.com> Date: Mon, 9 May 2022 11:23:46 -0400 Subject: [PATCH 02/20] Add files via upload --- .../workflows/keyfactor-starter-workflow.yml | 27 ++++++++++++++++++- 1 file changed, 26 insertions(+), 1 deletion(-) diff --git a/.github/workflows/keyfactor-starter-workflow.yml b/.github/workflows/keyfactor-starter-workflow.yml index f2ad6c7..a3dab32 100644 --- a/.github/workflows/keyfactor-starter-workflow.yml +++ b/.github/workflows/keyfactor-starter-workflow.yml @@ -1 +1,26 @@ -c +name: Starter Workflow +on: [workflow_dispatch, push, pull_request] + +jobs: + call-create-github-release-workflow: + uses: Keyfactor/actions/.github/workflows/github-release.yml@main + + call-dotnet-build-and-release-workflow: + needs: [call-create-github-release-workflow] + uses: Keyfactor/actions/.github/workflows/dotnet-build-and-release.yml@main + with: + release_version: ${{ needs.call-create-github-release-workflow.outputs.release_version }} + release_url: ${{ needs.call-create-github-release-workflow.outputs.release_url }} + release_dir: EXAMPLE_SOLUTION/bin/Release/BUILD_TARGET # TODO: set build output directory to upload as a release, relative to checkout workspace + secrets: + token: ${{ secrets.PRIVATE_PACKAGE_ACCESS }} + + call-generate-readme-workflow: + if: github.event_name == 'push' || github.event_name == 'workflow_dispatch' + uses: Keyfactor/actions/.github/workflows/generate-readme.yml@main + + call-update-catalog-workflow: + if: github.event_name == 'push' || github.event_name == 'workflow_dispatch' + uses: Keyfactor/actions/.github/workflows/update-catalog.yml@main + secrets: + token: ${{ secrets.SDK_SYNC_PAT }} From 6444e99a1e8e63b536af6497388a23ab2412d7aa Mon Sep 17 00:00:00 2001 From: Lee Fine Date: Mon, 9 May 2022 16:27:13 -0400 Subject: [PATCH 03/20] changes --- Keyfactor.AnyAgent.vThunder/AnyError.cs | 15 + Keyfactor.AnyAgent.vThunder/CertManager.cs | 86 +++++ Keyfactor.AnyAgent.vThunder/Constants.cs | 16 + .../InvalidInventoryInvokeException.cs | 12 + .../UnsupportedOperationException.cs | 12 + .../InventoryResult.cs | 12 + Keyfactor.AnyAgent.vThunder/JobAttribute.cs | 20 ++ Keyfactor.AnyAgent.vThunder/Jobs/AgentJob.cs | 65 ++++ Keyfactor.AnyAgent.vThunder/Jobs/Inventory.cs | 59 ++++ .../Jobs/Management.cs | 222 ++++++++++++ .../Keyfactor.AnyAgent.vThunder.csproj | 117 +++++++ .../Properties/AssemblyInfo.cs | 37 ++ Keyfactor.AnyAgent.vThunder/api/ApiClient.cs | 319 ++++++++++++++++++ .../api/AuthRequest.cs | 11 + .../api/AuthResponse.cs | 11 + .../api/AuthSignatureResponse.cs | 9 + .../api/Credentials.cs | 11 + .../api/DeleteCertBaseRequest.cs | 11 + .../api/DeleteCertRequest.cs | 13 + Keyfactor.AnyAgent.vThunder/api/Operation.cs | 9 + Keyfactor.AnyAgent.vThunder/api/SslCert.cs | 15 + Keyfactor.AnyAgent.vThunder/api/SslCertKey.cs | 13 + .../api/SslCertificate.cs | 27 ++ .../api/SslCertificateCollection.cs | 9 + .../api/SslCertificateRequest.cs | 9 + .../api/SslCollectionResponse.cs | 9 + .../api/SslKeyRequest.cs | 9 + Keyfactor.AnyAgent.vThunder/app.config | 33 ++ Media/Images/CertStoreTypes.gif | Bin 0 -> 18181 bytes Media/Images/CertStores.gif | Bin 0 -> 10374 bytes Media/Images/ConfigWizard1.gif | Bin 0 -> 21043 bytes Media/Images/ConfigWizard2.gif | Bin 0 -> 23568 bytes Media/Images/ConfigWizard3.gif | Bin 0 -> 26551 bytes Media/Images/ConfigWizard4.gif | Bin 0 -> 20245 bytes Media/Images/ConfigWizard5.gif | Bin 0 -> 14080 bytes Media/Images/ConfigWizard6.gif | Bin 0 -> 9307 bytes README.md | 97 +++++- README.md.tpl | 96 ++++++ Setup/InstallA10AzureVM.ps1 | 66 ++++ a10vthunder-orchestrator.sln | 25 ++ a10vthunder-orchestrator/AnyError.cs | 15 + a10vthunder-orchestrator/CertManager.cs | 86 +++++ a10vthunder-orchestrator/Constants.cs | 16 + .../InvalidInventoryInvokeException.cs | 12 + .../UnsupportedOperationException.cs | 12 + a10vthunder-orchestrator/InventoryResult.cs | 12 + a10vthunder-orchestrator/JobAttribute.cs | 20 ++ a10vthunder-orchestrator/Jobs/AgentJob.cs | 52 +++ a10vthunder-orchestrator/Jobs/Inventory.cs | 59 ++++ a10vthunder-orchestrator/Jobs/Management.cs | 228 +++++++++++++ .../a10vthunder-orchestrator.csproj | 20 ++ a10vthunder-orchestrator/api/ApiClient.cs | 319 ++++++++++++++++++ a10vthunder-orchestrator/api/AuthRequest.cs | 11 + a10vthunder-orchestrator/api/AuthResponse.cs | 11 + .../api/AuthSignatureResponse.cs | 9 + a10vthunder-orchestrator/api/Credentials.cs | 11 + .../api/DeleteCertBaseRequest.cs | 11 + .../api/DeleteCertRequest.cs | 13 + a10vthunder-orchestrator/api/Operation.cs | 9 + a10vthunder-orchestrator/api/SslCert.cs | 15 + a10vthunder-orchestrator/api/SslCertKey.cs | 13 + .../api/SslCertificate.cs | 27 ++ .../api/SslCertificateCollection.cs | 9 + .../api/SslCertificateRequest.cs | 9 + .../api/SslCollectionResponse.cs | 9 + a10vthunder-orchestrator/api/SslKeyRequest.cs | 9 + integration-manifest.json | 7 + 67 files changed, 2498 insertions(+), 1 deletion(-) create mode 100644 Keyfactor.AnyAgent.vThunder/AnyError.cs create mode 100644 Keyfactor.AnyAgent.vThunder/CertManager.cs create mode 100644 Keyfactor.AnyAgent.vThunder/Constants.cs create mode 100644 Keyfactor.AnyAgent.vThunder/Exceptions/InvalidInventoryInvokeException.cs create mode 100644 Keyfactor.AnyAgent.vThunder/Exceptions/UnsupportedOperationException.cs create mode 100644 Keyfactor.AnyAgent.vThunder/InventoryResult.cs create mode 100644 Keyfactor.AnyAgent.vThunder/JobAttribute.cs create mode 100644 Keyfactor.AnyAgent.vThunder/Jobs/AgentJob.cs create mode 100644 Keyfactor.AnyAgent.vThunder/Jobs/Inventory.cs create mode 100644 Keyfactor.AnyAgent.vThunder/Jobs/Management.cs create mode 100644 Keyfactor.AnyAgent.vThunder/Keyfactor.AnyAgent.vThunder.csproj create mode 100644 Keyfactor.AnyAgent.vThunder/Properties/AssemblyInfo.cs create mode 100644 Keyfactor.AnyAgent.vThunder/api/ApiClient.cs create mode 100644 Keyfactor.AnyAgent.vThunder/api/AuthRequest.cs create mode 100644 Keyfactor.AnyAgent.vThunder/api/AuthResponse.cs create mode 100644 Keyfactor.AnyAgent.vThunder/api/AuthSignatureResponse.cs create mode 100644 Keyfactor.AnyAgent.vThunder/api/Credentials.cs create mode 100644 Keyfactor.AnyAgent.vThunder/api/DeleteCertBaseRequest.cs create mode 100644 Keyfactor.AnyAgent.vThunder/api/DeleteCertRequest.cs create mode 100644 Keyfactor.AnyAgent.vThunder/api/Operation.cs create mode 100644 Keyfactor.AnyAgent.vThunder/api/SslCert.cs create mode 100644 Keyfactor.AnyAgent.vThunder/api/SslCertKey.cs create mode 100644 Keyfactor.AnyAgent.vThunder/api/SslCertificate.cs create mode 100644 Keyfactor.AnyAgent.vThunder/api/SslCertificateCollection.cs create mode 100644 Keyfactor.AnyAgent.vThunder/api/SslCertificateRequest.cs create mode 100644 Keyfactor.AnyAgent.vThunder/api/SslCollectionResponse.cs create mode 100644 Keyfactor.AnyAgent.vThunder/api/SslKeyRequest.cs create mode 100644 Keyfactor.AnyAgent.vThunder/app.config create mode 100644 Media/Images/CertStoreTypes.gif create mode 100644 Media/Images/CertStores.gif create mode 100644 Media/Images/ConfigWizard1.gif create mode 100644 Media/Images/ConfigWizard2.gif create mode 100644 Media/Images/ConfigWizard3.gif create mode 100644 Media/Images/ConfigWizard4.gif create mode 100644 Media/Images/ConfigWizard5.gif create mode 100644 Media/Images/ConfigWizard6.gif create mode 100644 README.md.tpl create mode 100644 Setup/InstallA10AzureVM.ps1 create mode 100644 a10vthunder-orchestrator.sln create mode 100644 a10vthunder-orchestrator/AnyError.cs create mode 100644 a10vthunder-orchestrator/CertManager.cs create mode 100644 a10vthunder-orchestrator/Constants.cs create mode 100644 a10vthunder-orchestrator/Exceptions/InvalidInventoryInvokeException.cs create mode 100644 a10vthunder-orchestrator/Exceptions/UnsupportedOperationException.cs create mode 100644 a10vthunder-orchestrator/InventoryResult.cs create mode 100644 a10vthunder-orchestrator/JobAttribute.cs create mode 100644 a10vthunder-orchestrator/Jobs/AgentJob.cs create mode 100644 a10vthunder-orchestrator/Jobs/Inventory.cs create mode 100644 a10vthunder-orchestrator/Jobs/Management.cs create mode 100644 a10vthunder-orchestrator/a10vthunder-orchestrator.csproj create mode 100644 a10vthunder-orchestrator/api/ApiClient.cs create mode 100644 a10vthunder-orchestrator/api/AuthRequest.cs create mode 100644 a10vthunder-orchestrator/api/AuthResponse.cs create mode 100644 a10vthunder-orchestrator/api/AuthSignatureResponse.cs create mode 100644 a10vthunder-orchestrator/api/Credentials.cs create mode 100644 a10vthunder-orchestrator/api/DeleteCertBaseRequest.cs create mode 100644 a10vthunder-orchestrator/api/DeleteCertRequest.cs create mode 100644 a10vthunder-orchestrator/api/Operation.cs create mode 100644 a10vthunder-orchestrator/api/SslCert.cs create mode 100644 a10vthunder-orchestrator/api/SslCertKey.cs create mode 100644 a10vthunder-orchestrator/api/SslCertificate.cs create mode 100644 a10vthunder-orchestrator/api/SslCertificateCollection.cs create mode 100644 a10vthunder-orchestrator/api/SslCertificateRequest.cs create mode 100644 a10vthunder-orchestrator/api/SslCollectionResponse.cs create mode 100644 a10vthunder-orchestrator/api/SslKeyRequest.cs create mode 100644 integration-manifest.json diff --git a/Keyfactor.AnyAgent.vThunder/AnyError.cs b/Keyfactor.AnyAgent.vThunder/AnyError.cs new file mode 100644 index 0000000..331594f --- /dev/null +++ b/Keyfactor.AnyAgent.vThunder/AnyError.cs @@ -0,0 +1,15 @@ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; +using System.Threading.Tasks; + +namespace Keyfactor.AnyAgent.vThunder +{ + public class AnyErrors + { + public virtual bool HasError { get; set; } + + public virtual string ErrorMessage { get; set; } + } +} \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/CertManager.cs b/Keyfactor.AnyAgent.vThunder/CertManager.cs new file mode 100644 index 0000000..f4284c6 --- /dev/null +++ b/Keyfactor.AnyAgent.vThunder/CertManager.cs @@ -0,0 +1,86 @@ +using System; +using System.Collections.Generic; +using System.Security.Cryptography.X509Certificates; +using System.Text; +using CSS.Common.Logging; +using Keyfactor.AnyAgent.vThunder.api; +using Keyfactor.Platform.Extensions.Agents; +using Keyfactor.Platform.Extensions.Agents.Enums; + +namespace Keyfactor.AnyAgent.vThunder +{ + public class CertManager : LoggingClientBase + { + public virtual InventoryResult GetCert(ApiClient apiClient, string certName) + { + return InventoryResult(apiClient, certName); + } + + public virtual InventoryResult GetCerts(ApiClient apiClient) + { + return InventoryResult(apiClient); + } + + protected virtual SslCollectionResponse CertificateCollection { get; set; } + + protected virtual string CertificateDetails { get; set; } + + public virtual InventoryResult InventoryResult(ApiClient apiClient, string certName = "") + { + var result = new InventoryResult(); + var error = new AnyErrors {HasError = false}; + + Logger.Trace("GetCerts"); + + + CertificateCollection = + certName == "" ? apiClient.GetCertificates() : apiClient.GetCertificates(certName); + + var inventoryItems = new List(); + + Logger.Trace("Start loop"); + + if (CertificateCollection != null) + foreach (var cc in CertificateCollection.SslCertificate.Oper.SslCertificates) + if (!string.IsNullOrEmpty(cc.Name)) + { + Logger.Trace($"Looping through Certificate Store files: {cc.Name}"); + + var privateKeyEntry = cc.Type == "certificate/key"; + + try + { + CertificateDetails = apiClient.GetCertificate(cc.Name); + + //check this is a valid cert, if not fall to the errors + var cert = new X509Certificate2(Encoding.UTF8.GetBytes(CertificateDetails)); + + Logger.Trace($"Add to list: {cc.Name}"); + if (cert.Thumbprint != null) + inventoryItems.Add( + new AgentCertStoreInventoryItem + { + Certificates = new[] + {CertificateDetails}, + Alias = cc.Name, + PrivateKeyEntry = privateKeyEntry, + ItemStatus = AgentInventoryItemStatus.Unknown, + UseChainLevel = true + }); + } + catch (Exception ex) + { + Logger.Error($"Certificate not retrievable: Error on {cc.Name}: {ex.Message}"); + error.ErrorMessage = ex.Message; + error.HasError = true; + } + } + + + result.Errors = error; + result.InventoryList = inventoryItems; + + return result; + } + } +} \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/Constants.cs b/Keyfactor.AnyAgent.vThunder/Constants.cs new file mode 100644 index 0000000..8a0e70b --- /dev/null +++ b/Keyfactor.AnyAgent.vThunder/Constants.cs @@ -0,0 +1,16 @@ +namespace Keyfactor.AnyAgent.vThunder +{ + static class WindowsUserAnyAgentConstants + { + public const string StoreTypeName = "vThunder"; + } + + static class JobTypes + { + public const string Create = "Create"; + public const string Discovery = "Discovery"; + public const string Inventory = "Inventory"; + public const string Management = "Management"; + public const string Reenrollment = "Enrollment"; + } +} diff --git a/Keyfactor.AnyAgent.vThunder/Exceptions/InvalidInventoryInvokeException.cs b/Keyfactor.AnyAgent.vThunder/Exceptions/InvalidInventoryInvokeException.cs new file mode 100644 index 0000000..f183a59 --- /dev/null +++ b/Keyfactor.AnyAgent.vThunder/Exceptions/InvalidInventoryInvokeException.cs @@ -0,0 +1,12 @@ +using System; + +namespace Keyfactor.AnyAgent.vThunder.Exceptions +{ + class InvalidInventoryInvokeException:Exception + { + public InvalidInventoryInvokeException():base("SubmitInventory.Invoke returned false") + { + + } + } +} diff --git a/Keyfactor.AnyAgent.vThunder/Exceptions/UnsupportedOperationException.cs b/Keyfactor.AnyAgent.vThunder/Exceptions/UnsupportedOperationException.cs new file mode 100644 index 0000000..7615ae9 --- /dev/null +++ b/Keyfactor.AnyAgent.vThunder/Exceptions/UnsupportedOperationException.cs @@ -0,0 +1,12 @@ +using System; + +namespace Keyfactor.AnyAgent.vThunder.Exceptions +{ + class UnSupportedOperationException : Exception + { + public UnSupportedOperationException() : base("Unsupported Operation, only Add, Remove are supported") + { + + } + } +} diff --git a/Keyfactor.AnyAgent.vThunder/InventoryResult.cs b/Keyfactor.AnyAgent.vThunder/InventoryResult.cs new file mode 100644 index 0000000..f6d3010 --- /dev/null +++ b/Keyfactor.AnyAgent.vThunder/InventoryResult.cs @@ -0,0 +1,12 @@ +using System.Collections.Generic; +using Keyfactor.Platform.Extensions.Agents; + +namespace Keyfactor.AnyAgent.vThunder +{ + public class InventoryResult + { + public virtual AnyErrors Errors { get; set; } + + public virtual List InventoryList { get; set; } + } +} diff --git a/Keyfactor.AnyAgent.vThunder/JobAttribute.cs b/Keyfactor.AnyAgent.vThunder/JobAttribute.cs new file mode 100644 index 0000000..e779f87 --- /dev/null +++ b/Keyfactor.AnyAgent.vThunder/JobAttribute.cs @@ -0,0 +1,20 @@ +using System; + +namespace Keyfactor.AnyAgent.vThunder +{ + [AttributeUsage(AttributeTargets.Class)] + public class JobAttribute : Attribute + { + private string jobClass { get; set; } + + public JobAttribute(string jobClass) + { + this.jobClass = jobClass; + } + + public virtual string JobClass + { + get { return jobClass; } + } + } +} diff --git a/Keyfactor.AnyAgent.vThunder/Jobs/AgentJob.cs b/Keyfactor.AnyAgent.vThunder/Jobs/AgentJob.cs new file mode 100644 index 0000000..0161d3c --- /dev/null +++ b/Keyfactor.AnyAgent.vThunder/Jobs/AgentJob.cs @@ -0,0 +1,65 @@ +using System; +using System.Linq; +using CSS.Common.Logging; +using Keyfactor.Platform.Extensions.Agents; +using Keyfactor.Platform.Extensions.Agents.Delegates; +using Keyfactor.Platform.Extensions.Agents.Interfaces; + +namespace Keyfactor.AnyAgent.vThunder.Jobs +{ + public abstract class AgentJob : LoggingClientBase, IAgentJobExtension + { + public string GetJobClass() + { + var attr = + GetType().GetCustomAttributes(true).First(a => a.GetType() == typeof(JobAttribute)) as JobAttribute; + return attr?.JobClass ?? string.Empty; + } + + public string GetStoreType() + { + return WindowsUserAnyAgentConstants.StoreTypeName; + } + + public abstract AnyJobCompleteInfo processJob(AnyJobConfigInfo config, SubmitInventoryUpdate submitInventory, + SubmitEnrollmentRequest submitEnrollmentRequest, SubmitDiscoveryResults sdr); + + protected AnyJobCompleteInfo Success(string message = null) + { + return new AnyJobCompleteInfo + { + Status = 2, + Message = message ?? $"{GetJobClass()} Complete" + }; + } + + protected AnyJobCompleteInfo Warning(string message = null) + { + return new AnyJobCompleteInfo + { + Status = 3, + Message = message ?? $"{GetJobClass()} Complete With Warnings" + }; + } + + protected AnyJobCompleteInfo ThrowError(Exception exception, string jobSection) + { + var message = FlattenException(exception); + Logger.Error($"Error performing {jobSection} in {GetJobClass()} {GetStoreType()} - {message}"); + return new AnyJobCompleteInfo + { + Status = 4, + Message = message + }; + } + + private string FlattenException(Exception ex) + { + var returnMessage = ex.Message; + if (ex.InnerException != null) + returnMessage += " - " + FlattenException(ex.InnerException); + + return returnMessage; + } + } +} \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/Jobs/Inventory.cs b/Keyfactor.AnyAgent.vThunder/Jobs/Inventory.cs new file mode 100644 index 0000000..920bb57 --- /dev/null +++ b/Keyfactor.AnyAgent.vThunder/Jobs/Inventory.cs @@ -0,0 +1,59 @@ +using System; +using System.Configuration; +using System.Reflection; +using Keyfactor.AnyAgent.vThunder.api; +using Keyfactor.AnyAgent.vThunder.Exceptions; +using Keyfactor.Platform.Extensions.Agents; +using Keyfactor.Platform.Extensions.Agents.Delegates; + +namespace Keyfactor.AnyAgent.vThunder.Jobs +{ + [Job(JobTypes.Inventory)] + public class Inventory : AgentJob + { + + protected internal virtual InventoryResult Result { get; set; } + protected internal virtual CertManager CertificateManager { get; set; } + protected internal virtual ApiClient ApiClient { get; set; } + protected internal virtual string Protocol { get; set; } + protected internal virtual Configuration AppConfig { get; set; } + protected internal virtual bool ReturnValue { get; set; } + + public override AnyJobCompleteInfo processJob(AnyJobConfigInfo config, SubmitInventoryUpdate submitInventory, + SubmitEnrollmentRequest submitEnrollmentRequest, SubmitDiscoveryResults sdr) + { + AppConfig = ConfigurationManager.OpenExeConfiguration(Assembly.GetExecutingAssembly().Location); + Protocol = AppConfig.AppSettings.Settings["Protocol"].Value; + + using (ApiClient = new ApiClient(config.Server.Username, config.Server.Password, + $"{Protocol}://{config.Store.ClientMachine.Trim()}")) + { + ApiClient.Logon(); + try + { + Logger.Trace("Parse: Certificate Inventory: " + config.Store.StorePath); + Logger.Trace($"Certificate Store: {config.Store.StoretypeShortName}"); + + Logger.Trace("Entering A10 VThunder DataPower: Certificate Inventory"); + Logger.Trace($"Entering processJob for Certificate Store: {config.Store.StoretypeShortName}"); + CertificateManager = new CertManager(); + Result = CertificateManager.GetCerts(ApiClient); + ReturnValue = submitInventory.Invoke(Result.InventoryList); + + if (ReturnValue == false) + return ThrowError(new InvalidInventoryInvokeException(), "Inventory"); + + if (Result.Errors.HasError) + return Warning( + $"Inventory had issues retrieving some certificates: {Result.Errors.ErrorMessage}"); + + return Success(); + } + catch (Exception e) + { + return ThrowError(e, "Inventory"); + } + } + } + } +} \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/Jobs/Management.cs b/Keyfactor.AnyAgent.vThunder/Jobs/Management.cs new file mode 100644 index 0000000..d43657e --- /dev/null +++ b/Keyfactor.AnyAgent.vThunder/Jobs/Management.cs @@ -0,0 +1,222 @@ +using System; +using System.Configuration; +using System.IO; +using System.Linq; +using System.Reflection; +using System.Text; +using Keyfactor.AnyAgent.vThunder.api; +using Keyfactor.AnyAgent.vThunder.Exceptions; +using Keyfactor.Platform.Extensions.Agents; +using Keyfactor.Platform.Extensions.Agents.Delegates; +using Keyfactor.Platform.Extensions.Agents.Enums; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.OpenSsl; +using Org.BouncyCastle.Pkcs; + +namespace Keyfactor.AnyAgent.vThunder.Jobs +{ + [Job(JobTypes.Management)] + public class Management : AgentJob + { + protected internal static Func Pemify = ss => + ss.Length <= 64 ? ss : ss.Substring(0, 64) + "\n" + Pemify(ss.Substring(64)); + + protected internal virtual string Protocol { get; set; } + protected internal virtual ApiClient ApiClient { get; set; } + protected internal virtual CertManager CertManager { get; set; } + protected internal virtual Configuration AppConfig { get; set; } + protected internal virtual InventoryResult InventoryResult { get; set; } + protected internal virtual bool ExistingCert { get; set; } + protected internal virtual string CertStart { get; set; } = "-----BEGIN CERTIFICATE-----\n"; + protected internal virtual string CertEnd { get; set; } = "\n-----END CERTIFICATE-----"; + protected internal virtual string Alias { get; set; } + + public override AnyJobCompleteInfo processJob(AnyJobConfigInfo config, SubmitInventoryUpdate submitInventory, + SubmitEnrollmentRequest submitEnrollmentRequest, SubmitDiscoveryResults sdr) + { + CertManager = new CertManager(); + AppConfig = ConfigurationManager.OpenExeConfiguration(Assembly.GetExecutingAssembly().Location); + Protocol = AppConfig.AppSettings.Settings["Protocol"].Value; + Logger.Trace($"Ending Management Constructor Protocol is {Protocol}"); + + using (ApiClient = new ApiClient(config.Server.Username, config.Server.Password, + $"{Protocol}://{config.Store.ClientMachine.Trim()}")) + { + if (string.IsNullOrEmpty(config.Job.Alias)) + return ThrowError(new ArgumentException("Missing Alias/Overwrite, Operation Cannot Be Completed"), + "Management Add/Replace"); + + ApiClient.Logon(); + InventoryResult = CertManager.GetCert(ApiClient, config.Job.Alias); + ExistingCert = InventoryResult != null && InventoryResult?.InventoryList?.Count == 1; + + switch (config.Job.OperationType) + { + case AnyJobOperationType.Add: + try + { + if (ExistingCert) + { + Logger.Trace($"Starting Replace Job for {config.Job.Alias}"); + Replace(config, InventoryResult, ApiClient); + Logger.Trace($"Finishing Replace Job for {config.Job.Alias}"); + } + else + { + Logger.Trace($"Starting Add Job for {config.Job.Alias}"); + Add(config, ApiClient); + Logger.Trace($"Finishing Add Job for {config.Job.Alias}"); + } + } + catch (Exception e) + { + return ThrowError(e, "Error Adding Certificate"); + } + + break; + case AnyJobOperationType.Remove: + try + { + Logger.Trace($"Starting Remove Job for {config.Job.Alias}"); + Remove(config, InventoryResult, ApiClient); + Logger.Trace($"Finishing Remove Job for {config.Job.Alias}"); + } + catch (Exception e) + { + return ThrowError(e, "Error Removing Certificate"); + } + + break; + default: + return ThrowError(new UnSupportedOperationException(), "Management"); + } + + Logger.Trace($"Finishing Process Job for {config.Job.Alias}"); + return Success("Management Job Completed"); + } + } + + protected internal virtual void Replace(AnyJobConfigInfo config, InventoryResult inventoryResult, + ApiClient apiClient) + { + Remove(config, inventoryResult, apiClient); + Add(config, apiClient); + } + + protected internal virtual void Remove(AnyJobConfigInfo configInfo, InventoryResult inventoryResult, + ApiClient apiClient) + { + Logger.Trace($"Start Delete the {configInfo.Job.Alias} Private Key"); + DeleteCertBaseRequest deleteKeyRoot; + if (inventoryResult.InventoryList[0].PrivateKeyEntry) + deleteKeyRoot = new DeleteCertBaseRequest + { + DeleteCert = new DeleteCertRequest + { + CertName = configInfo.Job.Alias, + PrivateKey = configInfo.Job.Alias + } + }; + else + deleteKeyRoot = new DeleteCertBaseRequest + { + DeleteCert = new DeleteCertRequest + { + CertName = configInfo.Job.Alias + } + }; + + apiClient.RemoveCertificate(deleteKeyRoot); + Logger.Trace($"Successful Delete of the {configInfo.Job.Alias} Private Key"); + } + + protected internal virtual void Add(AnyJobConfigInfo configInfo, ApiClient apiClient) + { + Logger.Trace($"Entering Add Function for {configInfo.Job.Alias}"); + var privateKeyString = ""; + string certPem; + + if (!string.IsNullOrEmpty(configInfo.Job.PfxPassword)) + { + Logger.Trace($"Pfx Password exists getting Private Key string for {configInfo.Job.Alias}"); + var certData = Convert.FromBase64String(configInfo.Job.EntryContents); + var store = new Pkcs12Store(new MemoryStream(certData), + configInfo.Job.PfxPassword.ToCharArray()); + + using (var memoryStream = new MemoryStream()) + { + using (TextWriter streamWriter = new StreamWriter(memoryStream)) + { + var pemWriter = new PemWriter(streamWriter); + Logger.Trace($"Getting Public Key for {configInfo.Job.Alias}"); + Alias = store.Aliases.Cast().SingleOrDefault(a => store.IsKeyEntry(a)); + var publicKey = store.GetCertificate(Alias).Certificate.GetPublicKey(); + Logger.Trace($"Getting Private Key for {configInfo.Job.Alias}"); + var privateKey = store.GetKey(Alias).Key; + var keyPair = new AsymmetricCipherKeyPair(publicKey, privateKey); + Logger.Trace($"Writing Private Key for {configInfo.Job.Alias}"); + pemWriter.WriteObject(keyPair.Private); + streamWriter.Flush(); + privateKeyString = Encoding.ASCII.GetString(memoryStream.GetBuffer()).Trim() + .Replace("\r", "").Replace("\0", ""); + memoryStream.Close(); + streamWriter.Close(); + Logger.Trace($"Private Key String Retrieved for {configInfo.Job.Alias}"); + } + } + + // Extract server certificate + var beginCertificate = "-----BEGIN CERTIFICATE-----\n"; + var endCertificate = "\n-----END CERTIFICATE-----"; + + Logger.Trace($"Start getting Server Certificate for {configInfo.Job.Alias}"); + certPem = beginCertificate + + Pemify(Convert.ToBase64String(store.GetCertificate(Alias).Certificate.GetEncoded())) + + endCertificate; + Logger.Trace($"Finished getting Server Certificate for {configInfo.Job.Alias}"); + } + else + { + Logger.Trace($"No Private Key get Cert Pem {configInfo.Job.Alias}"); + certPem = CertStart + Pemify(configInfo.Job.EntryContents) + CertEnd; + } + + Logger.Trace($"Creating Cert API Add Request for {configInfo.Job.Alias}"); + var sslCertRequest = new SslCertificateRequest + { + SslCertificate = new SslCert + { + Action = "import", + CertificateType = "pem", + File = configInfo.Job.Alias.Replace(".pem", ".pem"), + FileHandle = configInfo.Job.Alias.Replace(".pem", ".pem") + } + }; + + Logger.Trace($"Making API Call to Add Certificate For {configInfo.Job.Alias}"); + apiClient.AddCertificate(sslCertRequest, certPem); + Logger.Trace($"Finished API Call to Add Certificate For {configInfo.Job.Alias}"); + + if (!string.IsNullOrEmpty(configInfo.Job.PfxPassword)) + { + Logger.Trace($"Creating Key API Add Request for {configInfo.Job.Alias}"); + var sslKeyRequest = new SslKeyRequest + { + SslKey = new SslCertKey + { + Action = "import", + File = configInfo.Job.Alias.Replace(".pem", ".pem"), + FileHandle = configInfo.Job.Alias.Replace(".pem", ".pem") + } + }; + + Logger.Trace($"Making Add Key API Call for {configInfo.Job.Alias}"); + apiClient.AddPrivateKey(sslKeyRequest, privateKeyString); + Logger.Trace($"Finished Add Key API Call for {configInfo.Job.Alias}"); + } + + Logger.Trace($"Starting Log Off for Add {configInfo.Job.Alias}"); + Logger.Trace($"Finished Log Off for Add {configInfo.Job.Alias}"); + } + } +} \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/Keyfactor.AnyAgent.vThunder.csproj b/Keyfactor.AnyAgent.vThunder/Keyfactor.AnyAgent.vThunder.csproj new file mode 100644 index 0000000..29dbb99 --- /dev/null +++ b/Keyfactor.AnyAgent.vThunder/Keyfactor.AnyAgent.vThunder.csproj @@ -0,0 +1,117 @@ + + + + + Debug + AnyCPU + {7A68FF2A-DACD-4E5D-9DB9-BCBFCF179D43} + Library + Properties + Keyfactor.AnyAgent.vThunder + Keyfactor.AnyAgent.vThunder + v4.6.2 + 512 + SAK + SAK + SAK + SAK + + + true + full + false + bin\Debug\ + DEBUG;TRACE + prompt + 4 + + + pdbonly + true + bin\Release\ + TRACE + prompt + 4 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 1.8.1 + + + 3.4.1 + + + 3.4.1 + + + 1.6.0 + + + 1.0.1 + + + 5.2.6 + + + 5.2.6 + + + 5.2.6 + + + 5.2.6 + + + 4.0.1 + + + 12.0.3 + + + + + + \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/Properties/AssemblyInfo.cs b/Keyfactor.AnyAgent.vThunder/Properties/AssemblyInfo.cs new file mode 100644 index 0000000..ddf9467 --- /dev/null +++ b/Keyfactor.AnyAgent.vThunder/Properties/AssemblyInfo.cs @@ -0,0 +1,37 @@ +using System.Reflection; +using System.Runtime.CompilerServices; +using System.Runtime.InteropServices; + +// General Information about an assembly is controlled through the following +// set of attributes. Change these attribute values to modify the information +// associated with an assembly. +[assembly: AssemblyTitle("CSS.Integrations.A10")] +[assembly: AssemblyDescription("")] +[assembly: AssemblyConfiguration("")] +[assembly: AssemblyCompany("")] +[assembly: AssemblyProduct("CSS.Integrations.A10")] +[assembly: AssemblyCopyright("Copyright © 2018")] +[assembly: AssemblyTrademark("")] +[assembly: AssemblyCulture("")] + +// Setting ComVisible to false makes the types in this assembly not visible +// to COM components. If you need to access a type in this assembly from +// COM, set the ComVisible attribute to true on that type. +[assembly: ComVisible(false)] + +// The following GUID is for the ID of the typelib if this project is exposed to COM +[assembly: Guid("7a68ff2a-dacd-4e5d-9db9-bcbfcf179d43")] + +// Version information for an assembly consists of the following four values: +// +// Major Version +// Minor Version +// Build Number +// Revision +// +// You can specify all the values or you can default the Build and Revision Numbers +// by using the '*' as shown below: +// [assembly: AssemblyVersion("1.0.*")] +[assembly: AssemblyVersion("1.0.0.0")] +[assembly: AssemblyFileVersion("1.0.0.0")] +[assembly: InternalsVisibleTo("Keyfactor.AnyAgent.vThunder.Tests")] \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/api/ApiClient.cs b/Keyfactor.AnyAgent.vThunder/api/ApiClient.cs new file mode 100644 index 0000000..83ad924 --- /dev/null +++ b/Keyfactor.AnyAgent.vThunder/api/ApiClient.cs @@ -0,0 +1,319 @@ +using System; +using System.Collections.Generic; +using System.Configuration; +using System.Diagnostics.CodeAnalysis; +using System.IO; +using System.Net; +using System.Reflection; +using System.Text; +using CSS.Common.Logging; +using Newtonsoft.Json; + +namespace Keyfactor.AnyAgent.vThunder.api +{ + [SuppressMessage("ReSharper", "ConstantConditionalAccessQualifier")] + public class ApiClient : LoggingClientBase, IDisposable + { + private static readonly Encoding Encoding = Encoding.UTF8; + public virtual string AuthenticationSignature { get; set; } + public string BaseUrl { get; set; } + public virtual string AllowInvalidCert { get; set; } + public string UserId { get; set; } + public string Password { get; set; } + public Configuration AppConfig { get; set; } + + + #region Interface Implementation + + public void Dispose() + { + LogOff(); + } + + #endregion + + #region Constructors + + public ApiClient(string user, string pass, string baseUrl) + { + BaseUrl = baseUrl; + UserId = user; + Password = pass; + } + + public ApiClient() + { + } + + #endregion + + #region Class Methods + + public virtual void Logon() + { + var authRequest = new AuthRequest + {Credentials = new Credentials {Username = UserId, Password = Password}}; + var strRequest = JsonConvert.SerializeObject(authRequest); + try + { + var strResponse = ApiRequestString("POST", "/axapi/v3/auth", "POST", strRequest, false, false); + var authSignatureResponse = JsonConvert.DeserializeObject(strResponse); + AuthenticationSignature = authSignatureResponse.Response.Signature; + } + catch (Exception ex) + { + Logger.Error($"Error Authenticating: {ex.Message}"); + } + } + + public virtual bool LogOff() + { + try + { + ApiRequestString("POST", "/axapi/v3/logoff", "POST", "", false, true); + return true; + } + catch (Exception) + { + return false; + } + } + + public virtual void AddCertificate(SslCertificateRequest sslCertRequest, string importCertificate) + { + var certData = Encoding.ASCII.GetBytes(importCertificate); + AddCertificate(sslCertRequest, certData); + } + + public virtual void AddCertificate(SslCertificateRequest sslCertRequest, byte[] certData) + { + var strRequest = JsonConvert.SerializeObject(sslCertRequest); + var requestArray = Encoding.ASCII.GetBytes(strRequest); + + // Generate post objects + var postParameters = new Dictionary + { + {"json", new FileParameter(requestArray, "a10.json", "application/json")}, + { + "file", + new FileParameter(certData, sslCertRequest.SslCertificate.File, "application/octet-stream") + } + }; + + // Create request and receive response + var userAgent = "Keyfactor Agent"; + var webResponse = MultipartFormDataPost("/axapi/v3/file/ssl-cert", userAgent, postParameters); + + using (var responseReader = new StreamReader(webResponse.GetResponseStream() ?? Stream.Null)) + { + responseReader.ReadToEnd(); + webResponse.Close(); + } + } + + public virtual bool AddPrivateKey(SslKeyRequest sslKeyRequest, string importCertificateKey) + { + var keyArray = Encoding.ASCII.GetBytes(importCertificateKey); + AddPrivateKey(sslKeyRequest, keyArray); + return true; + } + + public virtual void AddPrivateKey(SslKeyRequest sslKeyRequest, byte[] keyArray) + { + var strRequest = JsonConvert.SerializeObject(sslKeyRequest); + var requestArray = Encoding.ASCII.GetBytes(strRequest); + + // Generate post objects + var postParameters = new Dictionary + { + {"json", new FileParameter(requestArray, "a10.json", "application/json")}, + {"file", new FileParameter(keyArray, sslKeyRequest.SslKey.File, "application/octet-stream")} + }; + + // Create request and receive response + var userAgent = "Keyfactor Agent"; + var webResponse = MultipartFormDataPost("/axapi/v3/file/ssl-key", userAgent, postParameters); + + // Process response + using (var responseReader = new StreamReader(webResponse.GetResponseStream() ?? Stream.Null)) + { + responseReader.ReadToEnd(); + webResponse.Close(); + } + } + + public virtual SslCollectionResponse GetCertificates(string certName = "") + { + var strResponse = ApiRequestString("GET", + certName.Length == 0 + ? "/axapi/v3/slb/ssl-cert/oper" + : $"/axapi/v3/slb/ssl-cert/oper?name={certName}", "GET", "", false, true); + var sslColResponse = JsonConvert.DeserializeObject(strResponse); + return sslColResponse; + } + + public virtual string GetCertificate(string certificateName) + { + var strResponse = ApiRequestString("GET", $"/axapi/v3/file/ssl-cert/{certificateName}", "GET", "", false, + true); + return strResponse; + } + + public virtual void RemoveCertificate(DeleteCertBaseRequest deleteCertRoot) + { + ApiRequestString("POST", "/axapi/v3/pki/delete", "POST", JsonConvert.SerializeObject(deleteCertRoot), + false, true); + } + + public virtual HttpWebRequest CreateRequest(string baseUrl, string postUrl) + { + var objRequest = (HttpWebRequest) WebRequest.Create(BaseUrl + postUrl); + return objRequest; + } + + public virtual HttpWebResponse GetResponse(HttpWebRequest request) + { + return (HttpWebResponse) request.GetResponse(); + } + + public virtual string ApiRequestString(string strCall, string strPostUrl, string strMethod, + string strQueryString, + bool bWrite, bool bUseToken) + { + AppConfig = ConfigurationManager.OpenExeConfiguration(Assembly.GetExecutingAssembly().Location); + AllowInvalidCert = AppConfig.AppSettings.Settings["AllowInvalidCerts"].Value; + var objRequest = CreateRequest(BaseUrl, strPostUrl); + objRequest.Method = strMethod; + objRequest.ContentType = "application/json"; + if (bUseToken) + objRequest.Headers?.Add("Authorization", "A10 " + AuthenticationSignature); + + if (!string.IsNullOrEmpty(strQueryString) && strMethod == "POST") + { + var postBytes = Encoding.UTF8.GetBytes(strQueryString); + objRequest.ContentLength = postBytes.Length; + //This is for testing on an Azure VM with an invalid certificate + if (AllowInvalidCert == "true") + ServicePointManager.ServerCertificateValidationCallback = (a, b, c, d) => true; + using (var requestStream = objRequest.GetRequestStream()) + { + requestStream?.Write(postBytes, 0, postBytes.Length); + requestStream?.Close(); + } + } + + //This is for testing on an Azure VM with an invalid certificate + if (AllowInvalidCert == "true") + ServicePointManager.ServerCertificateValidationCallback = (a, b, c, d) => true; + var objResponse = GetResponse(objRequest); + + using (var strReader = new StreamReader(objResponse.GetResponseStream() ?? Stream.Null)) + { + var strResponse = strReader.ReadToEnd(); + return strResponse; + } + } + + public virtual HttpWebResponse MultipartFormDataPost(string postUrl, string userAgent, + Dictionary postParameters) + { + var boundary = $"{Guid.NewGuid():N}"; + var formDataBoundary = $"------------------------{boundary}"; + var contentType = "multipart/form-data; boundary=" + formDataBoundary; + + var formData = GetMultipartFormData(postParameters, boundary); + + return PostForm(postUrl, userAgent, contentType, formData); + } + + protected virtual HttpWebResponse PostForm(string postUrl, string userAgent, string contentType, + byte[] formData) + { + AppConfig = ConfigurationManager.OpenExeConfiguration(Assembly.GetExecutingAssembly().Location); + AllowInvalidCert = AppConfig.AppSettings.Settings["AllowInvalidCerts"].Value; + var request = CreateRequest(BaseUrl, postUrl); + if (request == null) throw new NullReferenceException("request is not a http request"); + + // Set up the request properties. + request.Method = "POST"; + request.ContentType = contentType; + request.UserAgent = userAgent; + request.ContentLength = formData.Length; + request.Headers.Add("Authorization", "A10 " + AuthenticationSignature); + //This is for testing on an Azure VM with an invalid certificate + if (AllowInvalidCert == "true") + ServicePointManager.ServerCertificateValidationCallback = (a, b, c, d) => true; + // Send the form data to the request. + using (var requestStream = request.GetRequestStream()) + { + requestStream?.Write(formData, 0, formData.Length); + requestStream?.Close(); + } + + //This is for testing on an Azure VM with an invalid certificate + if (AllowInvalidCert == "true") + ServicePointManager.ServerCertificateValidationCallback = (a, b, c, d) => true; + return request?.GetResponse() as HttpWebResponse; + } + + protected virtual byte[] GetMultipartFormData(Dictionary postParameters, string boundary) + { + byte[] formData; + using (Stream formDataStream = new MemoryStream()) + { + var needsClrf = false; + + foreach (var param in postParameters) + { + // Thanks to feedback from comment-ers, add a CRLF to allow multiple parameters to be added. + // Skip it on the first parameter, add it to subsequent parameters. + if (needsClrf) + formDataStream.Write(Encoding.GetBytes("\r\n"), 0, Encoding.GetByteCount("\r\n")); + + needsClrf = true; + + if (param.Value is FileParameter fileToUpload) + { + // Add just the first part of this param, since we will write the file data directly to the Stream + + var header = + $"--------------------------{boundary}\r\nContent-Disposition: form-data; name=\"{param.Key}\"; filename=\"{fileToUpload.FileName ?? param.Key}\"\r\nContent-Type: {fileToUpload.ContentType ?? "application/octet-stream"}\r\n\r\n"; + + formDataStream.Write(Encoding.GetBytes(header), 0, Encoding.GetByteCount(header)); + + // Write the file data directly to the Stream, rather than serializing it to a string. + formDataStream.Write(fileToUpload.File, 0, fileToUpload.File.Length); + } + } + + // Add the end of the request. Start with a newline + var footer = "\r\n--------------------------" + boundary + "--\r\n"; + formDataStream.Write(Encoding.GetBytes(footer), 0, Encoding.GetByteCount(footer)); + + // Dump the Stream into a byte[] + formDataStream.Position = 0; + formData = new byte[formDataStream.Length]; + formDataStream.Read(formData, 0, formData.Length); + formDataStream.Close(); + } + + return formData; + } + + public class FileParameter + { + public FileParameter(byte[] file, string filename, string contentType) + { + File = file; + FileName = filename; + ContentType = contentType; + } + + public byte[] File { get; set; } + public string FileName { get; set; } + public string ContentType { get; set; } + } + + #endregion + } +} \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/api/AuthRequest.cs b/Keyfactor.AnyAgent.vThunder/api/AuthRequest.cs new file mode 100644 index 0000000..5727b24 --- /dev/null +++ b/Keyfactor.AnyAgent.vThunder/api/AuthRequest.cs @@ -0,0 +1,11 @@ +namespace Keyfactor.AnyAgent.vThunder.api +{ + #region JSON Request and Response Classes + + internal class AuthRequest + { + public Credentials Credentials { get; set; } + } + + #endregion +} \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/api/AuthResponse.cs b/Keyfactor.AnyAgent.vThunder/api/AuthResponse.cs new file mode 100644 index 0000000..691a42c --- /dev/null +++ b/Keyfactor.AnyAgent.vThunder/api/AuthResponse.cs @@ -0,0 +1,11 @@ +using Newtonsoft.Json; + +namespace Keyfactor.AnyAgent.vThunder.api +{ + public class AuthResponse + { + [JsonProperty("signature")] public string Signature { get; set; } + + [JsonProperty("description")] public string Description { get; set; } + } +} \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/api/AuthSignatureResponse.cs b/Keyfactor.AnyAgent.vThunder/api/AuthSignatureResponse.cs new file mode 100644 index 0000000..ca9bcb4 --- /dev/null +++ b/Keyfactor.AnyAgent.vThunder/api/AuthSignatureResponse.cs @@ -0,0 +1,9 @@ +using Newtonsoft.Json; + +namespace Keyfactor.AnyAgent.vThunder.api +{ + public class AuthSignatureResponse + { + [JsonProperty("authresponse")] public AuthResponse Response { get; set; } + } +} \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/api/Credentials.cs b/Keyfactor.AnyAgent.vThunder/api/Credentials.cs new file mode 100644 index 0000000..31fff6e --- /dev/null +++ b/Keyfactor.AnyAgent.vThunder/api/Credentials.cs @@ -0,0 +1,11 @@ +using Newtonsoft.Json; + +namespace Keyfactor.AnyAgent.vThunder.api +{ + internal class Credentials + { + [JsonProperty("username")] public string Username { get; set; } + + [JsonProperty("password")] public string Password { get; set; } + } +} \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/api/DeleteCertBaseRequest.cs b/Keyfactor.AnyAgent.vThunder/api/DeleteCertBaseRequest.cs new file mode 100644 index 0000000..926ad09 --- /dev/null +++ b/Keyfactor.AnyAgent.vThunder/api/DeleteCertBaseRequest.cs @@ -0,0 +1,11 @@ +using Newtonsoft.Json; + +namespace Keyfactor.AnyAgent.vThunder.api +{ + public class DeleteCertBaseRequest + { + [JsonProperty("delete", NullValueHandling = NullValueHandling.Ignore)] + public DeleteCertRequest DeleteCert { get; set; } + + } +} diff --git a/Keyfactor.AnyAgent.vThunder/api/DeleteCertRequest.cs b/Keyfactor.AnyAgent.vThunder/api/DeleteCertRequest.cs new file mode 100644 index 0000000..b3d2112 --- /dev/null +++ b/Keyfactor.AnyAgent.vThunder/api/DeleteCertRequest.cs @@ -0,0 +1,13 @@ +using Newtonsoft.Json; + +namespace Keyfactor.AnyAgent.vThunder.api +{ + public class DeleteCertRequest + { + [JsonProperty("cert-name")] + public string CertName { get; set; } + + [JsonProperty("private-key",NullValueHandling=NullValueHandling.Ignore)] + public string PrivateKey { get; set; } + } +} diff --git a/Keyfactor.AnyAgent.vThunder/api/Operation.cs b/Keyfactor.AnyAgent.vThunder/api/Operation.cs new file mode 100644 index 0000000..fb926c6 --- /dev/null +++ b/Keyfactor.AnyAgent.vThunder/api/Operation.cs @@ -0,0 +1,9 @@ +using Newtonsoft.Json; + +namespace Keyfactor.AnyAgent.vThunder.api +{ + public class Operation + { + [JsonProperty("oper")] public SslCertificateCollection Oper { get; set; } + } +} \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/api/SslCert.cs b/Keyfactor.AnyAgent.vThunder/api/SslCert.cs new file mode 100644 index 0000000..983fcc0 --- /dev/null +++ b/Keyfactor.AnyAgent.vThunder/api/SslCert.cs @@ -0,0 +1,15 @@ +using Newtonsoft.Json; + +namespace Keyfactor.AnyAgent.vThunder.api +{ + public class SslCert + { + [JsonProperty("certificate-type")] public string CertificateType { get; set; } + + [JsonProperty("action")] public string Action { get; set; } + + [JsonProperty("file")] public string File { get; set; } + + [JsonProperty("file-handle")] public string FileHandle { get; set; } + } +} \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/api/SslCertKey.cs b/Keyfactor.AnyAgent.vThunder/api/SslCertKey.cs new file mode 100644 index 0000000..335c3be --- /dev/null +++ b/Keyfactor.AnyAgent.vThunder/api/SslCertKey.cs @@ -0,0 +1,13 @@ +using Newtonsoft.Json; + +namespace Keyfactor.AnyAgent.vThunder.api +{ + public class SslCertKey + { + [JsonProperty("action")] public string Action { get; set; } + + [JsonProperty("file")] public string File { get; set; } + + [JsonProperty("file-handle")] public string FileHandle { get; set; } + } +} \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/api/SslCertificate.cs b/Keyfactor.AnyAgent.vThunder/api/SslCertificate.cs new file mode 100644 index 0000000..c08d640 --- /dev/null +++ b/Keyfactor.AnyAgent.vThunder/api/SslCertificate.cs @@ -0,0 +1,27 @@ +using Newtonsoft.Json; + +namespace Keyfactor.AnyAgent.vThunder.api +{ + public class SslCertificate + { + [JsonProperty("name")] public string Name { get; set; } + + [JsonProperty("type")] public string Type { get; set; } + + [JsonProperty("serial")] public string Serial { get; set; } + + [JsonProperty("notbefore")] public string NotBefore { get; set; } + + [JsonProperty("notafter")] public string NotAfter { get; set; } + + [JsonProperty("common-name")] public string CommonName { get; set; } + + [JsonProperty("organization")] public string Organization { get; set; } + + [JsonProperty("subject")] public string Subject { get; set; } + + [JsonProperty("issuer")] public string Issuer { get; set; } + + [JsonProperty("status")] public string Status { get; set; } + } +} \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/api/SslCertificateCollection.cs b/Keyfactor.AnyAgent.vThunder/api/SslCertificateCollection.cs new file mode 100644 index 0000000..5489dda --- /dev/null +++ b/Keyfactor.AnyAgent.vThunder/api/SslCertificateCollection.cs @@ -0,0 +1,9 @@ +using Newtonsoft.Json; + +namespace Keyfactor.AnyAgent.vThunder.api +{ + public class SslCertificateCollection + { + [JsonProperty("ssl-certs")] public SslCertificate[] SslCertificates { get; set; } + } +} \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/api/SslCertificateRequest.cs b/Keyfactor.AnyAgent.vThunder/api/SslCertificateRequest.cs new file mode 100644 index 0000000..86b45dc --- /dev/null +++ b/Keyfactor.AnyAgent.vThunder/api/SslCertificateRequest.cs @@ -0,0 +1,9 @@ +using Newtonsoft.Json; + +namespace Keyfactor.AnyAgent.vThunder.api +{ + public class SslCertificateRequest + { + [JsonProperty("ssl-cert")] public SslCert SslCertificate { get; set; } + } +} \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/api/SslCollectionResponse.cs b/Keyfactor.AnyAgent.vThunder/api/SslCollectionResponse.cs new file mode 100644 index 0000000..ecd4b4d --- /dev/null +++ b/Keyfactor.AnyAgent.vThunder/api/SslCollectionResponse.cs @@ -0,0 +1,9 @@ +using Newtonsoft.Json; + +namespace Keyfactor.AnyAgent.vThunder.api +{ + public class SslCollectionResponse + { + [JsonProperty("ssl-cert")] public Operation SslCertificate { get; set; } + } +} \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/api/SslKeyRequest.cs b/Keyfactor.AnyAgent.vThunder/api/SslKeyRequest.cs new file mode 100644 index 0000000..3522ff8 --- /dev/null +++ b/Keyfactor.AnyAgent.vThunder/api/SslKeyRequest.cs @@ -0,0 +1,9 @@ +using Newtonsoft.Json; + +namespace Keyfactor.AnyAgent.vThunder.api +{ + public class SslKeyRequest + { + [JsonProperty("ssl-key")] public SslCertKey SslKey { get; set; } + } +} \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/app.config b/Keyfactor.AnyAgent.vThunder/app.config new file mode 100644 index 0000000..75fffaf --- /dev/null +++ b/Keyfactor.AnyAgent.vThunder/app.config @@ -0,0 +1,33 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/Media/Images/CertStoreTypes.gif b/Media/Images/CertStoreTypes.gif new file mode 100644 index 0000000000000000000000000000000000000000..1b5a9995f4b67db0f2ff0f233abd9b54902709e7 GIT binary patch literal 18181 zcmV(;K-<4ZNk%w1VaNiz0(SraA^8LW00000EC2ui0LTKn0*C(q{{R3005F6AO=|#E zlmJns0ByAZb^ic;#ub477%V~B^V_oJUt;{ttmlsD~$grxdkzOy)=>k zIV1o)JUl!+bUQnfIYUN0S93XGYdmyyJam*ibh12^lsuKQJeAWzEEqyWK|)20LXOTx zn%+tPN=hhuN=X<{0DMxR-BhCgS}Yh^EG1evIbHx~VQXe*t^aF90ChY(bv$)-Jd|xp zLUV0Wb#y#+b#--gly!8oag3{Vm6Uar({!@ab+xl~we5QdYkd!beGi;{53qd?#C;EL zdl)f$7&&_wQhP7}eKDzhG01&TzI{{BeP5$}U%7o}u77)WeRn^*|AYWFgaA^9A$fp-fQ%}Cj4%L4ml$Df_s@{~Yl#;CIl(n;z(f*foZJ)2~ zpvnK7-~Xi#Zl@20rBwi-QkJTP(W9fIr>f|swDG0i|F2(etziJDbUdxCt*_Ybv=6Ve zKyI*Yr?YfCvvhT{bdeI98?X&9txDRf)568Gr zZoFb{y?GeDf=a!$@3_MDw%Gr~50u9-ZpK<`#)1IQs>{r&>cz#y#?Sn~<^IV2|IH6> z%@426$IZ>n&CS^U(*M!bQf}2yxz&ko)0I5am37mVl+(3!*TdD*(UjQO*w*L%)9SO^ z@Bh>P{@G`4-FR-@eSzV}-r(Brlq*q=V|E znd+;B?yr^Zuet5Db??KB>dMgV(Uj@d=I-6P?%?e1=Kt;Lv+(fn?f=v4{_pMn{`b6i z_rkCD&y@Phy!+(Q_UZBW@%H!c|M>U#`Tpnk|L^_Cg#XH&|Iw8G*v9|cod4vf|K_>> z>a+jv*Z%n4|Muhm|HuFT(*OSK{{8s={{9I50RIUbNU)&6g9sBUT*$DY!-o(fN}Ncs zqQ#3CGiuz(v7^V2AVZ2ANwTELlPFWFT*5Mat8G%=Aa>aU3TCDY)%YZxf(k1l zvL6yV(3L9ciYlid%BtwK-Z6?~gO4th>ZB-I3N47iruyn4qLM?ZjiyGctc_x_`XjE< zjteZG1-Y8+K=iI?ZiwYlo2$LScKD%~DNafzrZyHVZ?z}>3o*77bLZxf3~^WxvI%|r zkFnFWOcaHO`pgo~e#VD~ot~46;G?f=lU?EAyGEznm5<^T7(u%;bz9(;2L- z%Ho(RjwUBv@zd2^{N}a?X-p8u2sQoB(8PE=va=zE_2H=n3A*9SeE>zKqY z{p`J7Z!I?42+iEG{<0&|31r%SM!DjZ)n@&dlZ$VjKE_LI@>DQTRP0;d}8=IBHwmC4JuLdJxTlMhdzpR1Cayh%)@=P{C z>@nnZHTppf3g)-3nTSw%`;evHM?%|}r*Z#SkNxfk8%S+zSWQwIrw|q`0Fumk1dLY7 zPQWDbZl^IEgCPAfA1fwFWBgT9+3q*ayl+P+Rt7f$;b2+rszb1vLAvDcZGm_-!{D?$>fO1D?(j+CX zHZ1W$@dDtgQR|S^BUwR9R)Ff`B6o?LMoOr9fD{oghbbUmM(9eGiykqTDIQ}E=$2*T z8#AXl9%l;ZO0HBUHMhyg$8qzU;H-@`!%5C^T4tQ)Os6^vgU)rj^PNm-Cp_m#Poc=O zp7{RECr<9E&wl#TCH(xSKnF^afD-he2-S!|6UxwrLL@sAh^Ry-O3{j1^r9Hes75!+ z(T;lbqaY2bNJmQ2lA83SC{3wKSIW|sy7Z+mjj2p$8dHHR)S)=dsX=b4)1Km#r#=lT zLV+sOqW+VpMolU{k*d_DzLTj=jjB1JD%Glfld4wDDl@UF)voT6t6mLj39ZSOvYPd* zXickH*UHwmy7jGajjLSG;t;Tk^{%_KD_-|nF}?EjuZi+2U>@1$$tMD;B%taTW?U9%@A8)mJFD$4W`UJH|4MeA2z`CzyS#?pa2q-z!qLWL`B>o z2rew-!F!GHWF`!UI>ZPYrn{Gi^kBd)o=9I(jj$?MAdr28c*G?>F@L{{KNorn4xEU@ zh+w=mmE9^5gS(N3aHNYT$-|XKb*~~$Adqq_02cq)agVzo0}?oZ$MskN{+QuW0Ai?u z12`A~1Wt607d&7CG%)cwU_gQhnBpJK7yu4TfMUF=STZc`gpQcJswd;<9yd6VE{3ov zmnk`_?kxuch~W=Wa5>C8{>MJLz%(_ddChHB1qH~l4>54z9!uE5KkU(jS2N)c|A0pZ zVBrh`q^Hn#J+xvHO{F0)8COs4TcnFEG2LaEAo~~t7wQoMe2H1qKR)%TbDe4)lb8$e zXuyfST@C}VC?9XwgEJ5y5MYZ{*oh(bJ#0{i*u6N}ms<9u`2mMfV!9yfc80kHa%~@r zSlepmwwt|O;&6|<#DPYG#L-}ib+>!S=LIiB_>He9*&C1ehP0&qseDCU7FE9VK!FPW zR`6__y4ry5_CLOT4<*Q&)?A=R3i#BIWB{7o|8RF$;f)w#XYom?%D^u^Fpf)$yx3Vx zRic+f z=w7vZat=J-h3I`Gc#kiUTiExB{9Po0$M4{EW8}goyX%kZ`i(4C^|epPZ*zYUNJKaG8s~jM zY%BbU=$5y#&wXsQTYQDUcD1uje(o9TSkYSl`q(_n> z*npRDehwIcHUWVWSb;G?ffks7EP;VibrrNgfFKxxB3M?m;1{QLfTsrxv>*+UVSnu) z4JAl_MfQG;QGqp>8XTxpH)w;7fqUf_4z!?w|3C|Wk#RGKe!w6NLMRPA2z*Caezeen z7T69!XoQ4^ehhejSvYJcXn9*We_vR1UFdjW_KPkHnn)t zu!iOmO3UUDllDIeHZm60P;FR#fjAYpQHK+;DgHo$4JPt*dT2Qm)^UHxP)3$v8`fbT z_G1(=cH1?GQc;L!IB)n;X^?gacatj~vI7@T2U3SBEp~6KvnMlFW5j}E@YH@SCt{fx zWSdBbXILZq@+DM8HVEV)Plhm#h-8<>WM)%k9uj3kFlAI?Wmq;<1hHjZ_GO?pW@UC} zTbFQb=4NmvXLM#~c&2B3=4XH=XeKaNoH%*~VTcp~Eq!AHd?F8nlQ||52|%)k1Ho~N zW-~AbjZe34>6S$%S5B{?X`JS1ST|;+1`FHvjjG0Kt_Ev2S8MlhYq_>-y+$>A)s9f% zi5LNjPiK$hfDNz`X_p3d{n&5Cc5IIn{&M<8X?f&q)Ho2)Hf=DMjo5Z@rsj=e*Kp!C zb0t=8=az18$Bw)>5%Mr890-kAlLFM&y$7R&RrHZ%>(TBgb(|1#k!;aJq7f z-3XCDxo|`YZbSKP5jSxa2Xsnlh5rDL5m9LZab=wlmE`ax)DsE##*$araj>+NAlH=x zNpiw+kmQsbDYtS1VV2qkbIuTyuV!pS2ZTaMgzVX#@EL(S=!60hp5?cn4G5s|Nf7?|pDQSZ^7n!r~G zSh^8cnx$N75nI}&U>Xr`IHF-%rC-X23MLU|(=pWIMP+J#XWEZ%P+@B7rqhy$cKW97 z7pGV0VlX2nR}v$%NGJYwfIH2SO!R0(1xY6}A`cx<10S#mRmn7_7zwDzn8aicYyeqC zKn(WK2Ctx}(ea`W!EZ^nWXD2}#2AfRLpfCTK}Z(|W#Wr`I3l_*IKjeX90!WTxT@jA z4}lP>2cfA+Pz1s%svSzI4&jfmYM5K|0pd`QPx*8r$7pmUOlBi;W}_n}iIP?ln>IO3 z@zANmx~cW!9>|)kJ1P-iIcZGxFd1MAHJPpY21#>5kK?i@r^#`92(QGjlHfG15km+A zL99tI1x1vuMyjk00hU=AJK)lq(z9%g$cm%Wl>DM(r}-?Fq6cRDP0*(0{ah2iy=(gv=jKU zxmUJkdmsqQ4+N{WHNmHa=eBRlvbm75bi1(YT7G!@589wBd)v2u`?To?tj9Vlq2LFG zI}^F#17u2A2K!if@VJm$5PUGXn2VyhQ3;&exg`3zp)0x{O1h@2wy2xBExWp`o33{I zx=FgFI9j{5d%L)sySlr(boCu$$)CyiMx7 z(hH*0{#(5qdcD|todp4h+l!?WCNQNLP4PHFE$MGmQY(?Ru@`}t-Mk_`0tNX#m5U*r`l*ZizZVg}gK{kE>xxy@s(V=jAE%ek+H|<8JTA#EAj=OtOTaa& zml8ZEJkSaK0J6LanCVLnOmei>qPPe_tj0>h84

b0P$M!gx8YiOQ^M1FjZpzxU7s zETRj_Mhy1Ybe85xE5ZxEFa%wEl9^+)BkMkaTd?N3LQY%}CQOnk{HM+KbpF`JWW2@x zHM}}b;+6Iot&@twwlD|a00bBdukvbXNUSJjE4OldA8A|1c07jDA}G_E$I-~ei3*CR zImVa9aT4pkyPCp(42`>>2|&OPb6^RmT1k-nJ|%myDQmEojL8&n$MmSJl=CDj?3ci3 zn4|2*rX0v?I%PUM!-KK|II;^oAjL(?#zrhmaNMb9Yb3kO%M$^`?K6;4atTl3Dvx#p zbU-Y}{Kp*UAzTD5iYN?uJgA9kty3FyA0W%NOs?B($qDPt->k_anTJ;8w%Z)Ha|_VD zEYKH0zfy&_N~^bgtIz?RhHXo(12MP)QMeRc(N9QzN<2P|+tD6)JVNnI{MK-&AmU} z)DpZYJ=I}V)mGhASe?~bl^a;W)k3({U@cW*J=RWD)@H3#Xr0zZ1DH&w3RI!I4ZHD19I*ZPq3% zkg7_=D}2O~9h(Rvjf%$EAiFB24cd=3jDYE@yDdJU&5Zguv%yUcLH-=w)7`_^@Wa#X zm#YfcJB-cK5z_fG(zealc@!^gY{&-L+f64!kj%aXVJ^lf+D-Pa?ES`t^wxvPzWRN} zX}rdxY%1k^X=6JbaXb(lJ=OsXih?X9w&0SToW(|r%r!|VwdqJyh9lnUm8Cr4puJ$w zlB-gu*{Bi+iM+^-oRY+_hgA%)&{5zUJ<(uo!iva45i6~cy=>k}%4ZbFwA_z8Ti8(d z-~YPf=!+sYgO?IJ;9c3uuN=z>gpVnXBV9S*EsoI!ao{mt5MThc9gN$2QnTF+mB@XM zf6S_Wd2GYo;fi|Ui`lCyIm`$|5TUK8OSUIy-U)a9%+Wl}{%x+?i5O+E{TnX+4_MCC zxp4sn>&X&vjOyH~zG-UOlR=m*}6>$t?u z)Xg{B_fgvj&d`ZXp3*+;ptsi6u2a~a?LSrR+)jqx{_TCY?cxr<@t4%-p6=?t?(DAa zOKsBSzMTW{)$zWk;a>0IMeg`6Q2M^_{?zaOu1^3T@L~DX1fO{WfAI5^@CyG__ulY_ z#ZPy5*Bar_1z|fjX}=2LM&UXV84mHs5x#gz@dHi%@&{5X_7j> zH41#q7~rSY;p|BO?OAT{uk?$i>5S3nA&W?lV7tTPYm(Fb>5eqR?M%dA*~3e}@}lfy zb5Ch5DZy)e4?A$V5}fwVtldx+*UW+J{371b4)zXYuab?2^o=5FOtJV1`R)zch6Iht z48+e(CDfDV!PGvDcFKY5k6SPY;~>P8uV{_h#)gj^!@l^;E)jSP;ioBbZ|+Gm(#Nxd za9I^lPv(FG1Yf3lH zLxa<(`6%W3NUiva;u*Uyb3U@dzmhn73A!WmBjbvG*l1f51d~7vyMPHOOwG|P-vA-+ z1G#?%4IV_8P~k#`4IMs&7*S%xct(gV%!Os*Mvfglegqj(j9FPgl=@|L)x&hE2r3ev&#J42p2)Onz{V zdfjSJmraC4uO7rUFs6v77qJa#`|qvO9X-g&+rjls(xrEs#?;A^pi07p3s=0TFr#6{ zjU7LR99i;Y$_if^bm=kXg$rcmcK*iH(}SD~19#ftJkx273mGm7BpB0mB+f~(a>gw* z5?8R1FmT#!5O!Ik2sdZ=H4q!;rprqc+?h1)>ejED{_}Z3kKM}MCnLtF(ffGv<;|Z* zZ~k(@%!G#*3|n58?ez8SlLW6={C)oY{r?AWvi1IHPo?*$3U0ii1`Dvk2J=g3F$X84 zutEzb9I(I(H{`HG2oaL7LlH+LvBZ%w9MD7+SM-jbKweR(pHTc@u|^wjO{wgG`a&pI|CDpz8{P z`A33_jgv_ts0$KVIHW}a1`USL5EpHxvGXh;nnAj|p|;H(b5 zMR$ucva(y-*A{5xx@)ih@nd3v%Rb2TpPaHmhYWLKzbbErxM%45h5km{E9#J54ujChff?;CSA(8( ztRS5m4SoI!_mRWFhc-NO%IF$*0lw(QHD)PVUm6xcVnoj>1|i%*7^j@6@FNbXgGvSq z7#PqTnz;>j^Ko{E%=*dBL6YUhwQ*1zH}f2 z@%~t{wutcqw2WaQ69-B0$!{URWC%3mQOc$LE) zp7H=b1mf@@n6^cZE-vpBN7=UG$f!_rHoT!?L)eH#Ee2DBkAx>wjG0k(!o{8jO(R4` zst`BktSMQ+4mE9J$t5O5fX(qJG3e>caY{sx^7tHrxapQNzGgN)Ri;HXnNq=3O)d%3 z#Zs@zpc=L%lbsk2C;tgXu?&HB__L(ZlBzr2ow5SJ6CT+h=*p;G1eQ}prcxP+{>`<9 zg_jPY-$LvczO{USDZXw8r!yfwc_y5`w>?F|#Q>-K9+M*qpU0C7ea|h#=F} zFe5I=CqR)RIWWjH4N_Hno?M!3j+VNd)G;Y0L?JO$=$C#LGP68O3o>u1mN&3vbT>Y1^)``scG0 zx(va@b)Rf#Yq^{HGchg%=pG2F+c&f(Ih8cvup~w?ixnhe3rX7+-M3f%=dI2(wE2J~ zj(7nfoG_=51F!ySCfS3iEFs22nu19KRP^0=#`ZkUiHWKZnK z81Z{>mzd6F;1U8Ja6`%&kpo#Z%_KsXy4d9|jge?y^>T^7*sRdV+__&kBMBtmJSABb zrp;U&G>M)St!Y7*MBmaDwD4}$s3$tcTciPkA}e_x`z-{_1f3J26nK8J#1nZ+t|lOcCwW{DOD93*UyIb zpK2X#YFFDy)3$cDwT&ZeZ`<479#OZ!J#KP4NZjQ{ce?9yZgu{*+ucfX_PgahZw$qo z-uK4$nCzWze)qdO?DluS1uocqMRyAn4{QTzjm$B@ zjJH0NlHAij8q$!8Wb#j69Jom=;R*F9f>9z@=94sve%WG|d+eY{Z;|5^Gh4Tu1}2Q; zqprk_u4xy+=*Tl-x~H8^Sh*DT;o|7H2m|WA;gHN0UXjNZ<}ePca1_L!siq61BC?;Z zJ<%UJNQmM-=((%)fbP>-brR~a#MPIBS=|LECSi*cX8s3$ln&f*7GL6pkDSzyH;CjX zpJqW;4X63*M8@fkxQz?vvMmh4B#5yKOps4zs;3V>>mFX$j~ey`k^SsJTh6|$1}L|c zdU2K_JGUsX^N6eM9_eBiyy#^nv-R)B(a%}38nOAJe*QnAFMUv>JRy2rir7r75j&ZxtJFVqEK|a zpP`M;I*BSnh%1wuP|T}|z@H(znT7C)q|&e>+l?A>Gnx>^%rc;}IUt5>x)*GSqLGXH z$~#RYo?zslv-!VoQ?9M?9p@68Ad)0a^fAJaFNG*C#Sw{HjIZ$$$3n!84)~|b`NUw# zM1*KSxsffRc*kfHq|O5j+OUbCLmuV+*|6M+F)`Yi<6s`=Av>(Qii23bBQoF9u>;bBqN}^D;78!#CWM3@Cv&jy2_1qWN|_8mm_ePG)U?`rAfnNq>AH!W zXvyj$$KOhvzws*T(n{XDim*T`rLYM(Lc5ScHHLDihx(z6+@jCPiiQb0a;Tx*+Mv_g zi5AM8HM%02Dyf!?Bu|ou+bWwm3cs5ChnY%yPpXiF;yWO@ zq`GHpHHx&z=7K9A_5Q28gQVoNtEnQ0uyRho>K>NdP_hhx4}zq=Q_Pz@2$n3-N)iIE zaJ``5Q5G%Fg`6t9Q%j^|kgTGlzHnC9%Lz%y3MI zaeU0Xcn&-|%i?;|hp{dt+DuA~PT9I3d(t}3!mkftsb-8h+5^-;#m}AS$Bvwi$|1WA zMUc+WgcOpn$@EW0rK0K3g&#mk<2g`IBSlkmu{x70mvkTs+p?<|C7tt6EhSZlfW;yM zv@hL_1Q8!;{ymHA*bYBEh=K|pb>uxOT z_1do$!#t$gu~oxmCEK&b6RAbpwPg{tW!twU5x0fgx!n-C-N2kx5t;qN3BlVIv|9>1 zSrY--MMT&C2wcBK2s-SDP3)|lh1siH4OhfBfwf7LB}Uv3MUY9D4Lv-ODAyLln8K}A zmr;oR_40_vH3-W62ZEg@YU)O_xyOYFAyylZM$kiv+Ek8sTv)=&fP+n{E8n^QzMh4GGl!hu=Mj;PpIfI$o5R-BhdH+bv$tDhlP9%mjfM=h!I< zt2u6sv6}NQ@`Jf?GgE^=(^Cb-^+}%PX`TWs9om?l9kZU-z@A7z4NimzCv~eR-95`I zpN^uS^m(%OaWM0ZpK*=fT**m0#XYFJFmTeVN8&kJ4M3&1fCP%Q?p<8s0gR8kr4j-> zH1aH&(=y)Mgt>v?J*v7PxZ!cb&>JLC`USbW2+1Q#qIBXfCrTYC+9T7-*n~*XQ(FGe z+{Ip>sGt`fBOty?Gr9{Gmfju4j2^~d?5#^Z(k7_tFS3|AWc^H6GhvvJ&M$(cZlX-O zD_;r)KX%S)hV=@QMCnzg1@G`qBF);gT{-#74ge7YUG;08n zUT-^GI7=5rq%(=g&c;~nK&xwO``e9J5PIv|64BdCZHU-zjNPVffc3W9rrYBV5aUMf z<>n9NX71+}l+%Xp>8@Jorta%D66eP5?S>4i{o3ya@9-Ay@h0!`?%J>|2&d)l^?nlV zX7Be-3HOHY`Hq#1rSJQ;5&6dN{oV-uHo4wz5aH%;a z$S}uSo}+tQab!X2=2B|7yyeL%=OKlNn=XjpWyTDDn%I5*?#d(97jGJH=sg)HP5k7) zF%ut=$vKN%M*^Z%44_E{0kNW(;nuJO*|N{{wHk%aMg;y|Trx`S#ZYo=9JX_KEg#qUqO~26Zb0W#1q^DfR?pnHMna<-zF}2WEw7UcKgZ%cN=&YL z1F{=APx2}x&Szv{X5V?@@BMT*g*u3K(;z#i{(J~7W{<$!-a^8zsLL(9xTK>bSp>CBY-SR+qWMqGPnc&$dWauEVBi|CdL0DB(QoM5fS; zQ&Er-^5<*_Xi`tcS}P%U^otOyT~}Hr*J-T#@*@5PMNZ^pUIsnUBfSoiP-0F%Y**C& z%&NJ#rJ%B!QSX{kPiO2!W(CZRIUn~b%H}SH(Rw0MeA;Vwn$QYW@~4G&e|8|VqNlg^ zJcKiO@(I4-L(;Dz(=1IGfAC+Vn*yU2^oy7a%0iQJa){2HB@psJQ8ZeiJRO!aZB zBzy6ZdMzXNR^M47{|6(VoBYajr<6Ku-Fl99_oH27Xq2Q4ef#jKlyKITH&_9%EB%?aPHgak9Dm4c5QR>LU*0 zdqPKuSNQcOG3uf^aFO+o*=}(3wih!=V^0I{01@!rC$I-6{^KtX|3-e~SN`QE{^oc7 z28aIW=kMvKe*E@s^Va_D=l<^Z{_h8WMB#lLy#De}e&aX)^p9`!SO4~}Z-Y>8_m}_3 zu>SeS?)tZX>c;>4hwlC7f93{=R{sVL3@4Bv!h{MJGHmGZA;gFhCsM3v@gl~I8aHz6 z=yWMU8ZQan zym+UOi)Vyb%v^f)=J}TkOWMR~%_?r}m}5J-4A-vmRTry0H-H!3P4f3;HN*@BClUSl z^i{^FSF>iQF786gaN9lP2dC3VT|-7zhI!Dzoy;J8$sF8BHG67Q8#bj_6!m1T$-Ug5OFpmM1K7rbKN}z zopjW^LJ)O+MC9K<@?^l@coCKqo`e;WRbFJPaPyCP617L19oiWO-#^$GcTWu$Jot}1 z9>{S42AyPg!EW+smmG2aJ6wQAa{t`Z!+#F-MvgsfBvF`srYWS$9wf2|V;wj~asdd< zJr~_S)g)2GfeA{)Ab_{|nBt1^d|-)+!lby{lNTg+&kcaJ_m3{xv1wsz6ymvOSLJ#0 zmRsw2cpGua$rGcQ{z$Y6LW_+^hQKG>+LZOr5m#BZ0^0}Ix$0|EjdH?+RmY{=n zLfmfc-D5*1a1!IIk8yHqBAqq%=xZcwGTDzL?m;x9VS|O5kUYkri(8^BelU)(|15fC zVXqE0>zCWXNbmlN+Hwn@!Q(!t%cRr}W zY0V))U2~l8oG7l?C^o&4Jn5L0iqN+%F;3+2K)wuAcS2wW7$B?3d&6!7__?C>Zd^D@7mDQfCTvM+U-23u7E^+%EON0iMRbU-wB;jgfiO-@ zRL-b=1*E%W>SlXGU>D;k$2n5$iw*G=x7t%LG4`icOxjfR+9MOr;3E;7=wQe;l}S4*+9fojDNURN1sJ51 z$(#Z?&24hCo7C*(O<+k7K6Ukxva_8>QKviODbIPz1fKLA>51w?H3}o zj&ZQk6J~OBqe2*MqL5R2EQ?$;u#jannp@@ScNUAFpmGjdnzP;As#q>e&Z%e^WKUdU zN>_-ia#7j>R~l=Z!s$s$Y$Gxb291@ddEr*B|4=QRriwi)YoKcw)*^(Q1o@T||I?oN>g;|FNi0It+mPN0>$m>5>}0*jHH1Yq z%D1jfBg+t*+oXDwre!MF(wvB|YTbs7jwNGv*$CX*lyO@t0#|vp3QqK1O}$`^2phkr zoEbTDTO#WOeFb*ah2R&Z9(Bkn10+V8IftrDBZi5z#T*&)@sBg6@q(ec+vw_Rwr$c* zj95%U)K%DwdE{`0&A8!Cgbd1DeqD)5YuXW$xMC(|@Bf?(p#8+JcvhP4ZH(Gn-QIY= zjl~u@^$5NIKL}30Fpg3AC=W}jt2Rki?2?(NT=A8+V^s#sg}4-u>SsKcZyaiKDshU_dRre z6D{3Sn!3-Veq*M@xLsXk88BOR-nKF=W@vJ{(~e1~|Na*W=i*0d4Z2{9OQfA32#Yvv zjoOi?1JQ(7lp-|!Y@CMt);96=tR;G8UbPu6icoYR?Uw3tkQmGuhU`I(&X!9-YgI9B zdEgRUF>)!pQ!-l{pGNxOx|0&nSPc{@a`u})eO>XJRD0wmH;On<{*{ueyyY&BBgz3EPWI@F^s^{G?6>Q=ux z*0Zklt#iHWUjI7S!!Gu*lfCR_KRepfuJ*OFz3pzN{<=hpj`X?Hohov#JKppDPNnO; z?|xr7-~TT7!Aqr@*CagR6JM0OD;_4&cst}HFZsz+zVcj`#zl}p2{P!j^Pc}a=tHkh zGEf2;7h!zkRnm%Zq<$&kcs=Z6FZY^I`Y`CA1Rw)-R>@#OKNE zlOKEID`XIy?>+RR4}CHWq9Uk2{)DiP6y2M4aCPZUh5v;7LTF?7g1_j$ruyWuX3fU`})(3X+8K6@vRs1PR7q@0s8N zuHfR?AWkG-A?#oP!XOD+0Xd`ttN`Ia_yaX0ffoGFF_0h)wuB1eAWA$T6nez$?VuG( zpbw7VA*h2pph6N@fjh)P5*z|Pc!Cy`VG+2(JTRdGI^h)dgcQEvM#!EO)?o-{VFemN zFkHhhFvAyyArhA18G1qzl)@U0U=sp`9PUIME+R&N;PT<20Y1Sv6hkSX!yk&_AP!<7 z9-;*%;y-AVBi2MCj$%bXBJ7Fa2xdVUvZ5z|p(YAq8FnHYMuY~MB14oSE=mL{(w-z1 zU@81hF~DLVn&B)OVl5KU3GSjv=pz0zK145yqCtA+~PU@gE{7-<@BOD${;{~o;dC! zKi*?OibOj8Vn8mWUJT?xmg7T$L_$gg1u~>XCIJSvp&~|PGjb#q`r||l;6+*_0y?Be zk_15>R-{XgVEM%)O@2g57UW7wg!APj2~wZ+En`m} zWl~;5P)fw@5g<|0-|r=$`61;}YUEY&qD@wW=HX;iMjz?npHjMER&vBo@?%p*jNz4~ zS+eCsq@~VTrCa9WTt)<3D*g*Tp5s~O<6Rz0UXtTpo?~C~$zMKWV3OltHbhr`<@kl= z>B(hXCd6SrV`47EQ!?fO0-x~JU}SD)XQJa)3Z++K<^@(?RdVKMf?{g6L})?;_>pD- z?j%-@<7(1nZT2H7zF$kirUAm_Y)bK2&066Zij=O-%XbuQg^hT?NJ1b2p`cZR1z2q!LT=RZ*6Fc5?}5aB<}qah|C zd?Mm`q9;PArzx_hd-@?>Y-1TBBQ4saLlh=6^5-b}rv+9cfM#Mb5-5S@b|XEUMm7D-N>fZelC+`R2BcRJS%6jA%mRpp}aJ0+Z?sy_TqnerLn}!%#x3=o#f{5`;BTY{h0LiaNw)YHa6CrDu{T#V+g$ zUhF_Drpd;NW2Wqkg6u%BEDE~pB0*+q;;aYital*jF8b^S0&Sk~>}L|~0~#%B2rVuu zZ38kbvLJ0|LaqPlEX>BNUd-%Rs%(i`?f$uJ$!hIjplsLHtj&V$`dw_slI`f3rj_ca z+M@nn!#=FrjviG`EXdBS_Q|XK-RPsxtf;n`kJT}9B z-~%DZqcO~1>3-+wwqEM)9*0K3I2Z#b;)U#XC?G1Y7!qUs_3m~4Zt4ZE?r|s*6z}mS zLGu2n7&0$}KCh(8ZRSSc=0>0OV(%;>@9c7~UJ#@6(jW9Tr}Q=+^@`s48t;8>?-yRj zA-XUB!f*I~?)U;=`9k0QX0QIfFN7-a_{HyX&adLtZ|Ds#`Vyl0daw5~u=qLfZT>=V z;z=;*t?oax?(6nL>=ML0%<1m>ZxQZp0|&6_4siPw@aQ%q4EwGOci*GdFkWzQZF(@` zNiGk|tPigy5EGuYChib3uH|~{5$9+Qzo10S>kub_;5M=2im%0vtY!Kt;7V-cqV3*B zaSu{N+m0^B7IDv#F&0+D*aEKEc5D_4@D@9&MP#kpa;+STapBhS>(${EM&i{tttmdS z;8md=-r*oqZDbnq-{~L^wlUQZ@+dm8-?g9=PckFdr6u>B)S?C@J7Op6-6x+$C@VTOEUG#Liabyx#L!Tk5%|lif+)gqg#U7QGRT5O`L0 z$TnjKQe^F0=h(rwuJz7x^<-16pFPngRM?)5SFlh@cr^#ASl3!Til8PDa%EQyB+;7` zcEG6;b|I=MjT2xi&g)o_{HPlB=t7^>z;U(Lc}I_RhYKn_2ypGkaRYQ@-|$}FfGt#5 z57ZKR>&l1SlAh@eIk?e;1(I%T>K?FBq6jv1^G&(15lQ~Vb^J^Y$S4dk6peAUSBlin zZ^f5pLDJGp+tebrP|xv0Xv-goKy7VDxJI0pxzU0T5-}*NxoT=!*@+lUIC!@K;RYW0 z_K}{roILAqe;dU4>wzOHj8mAV+|qCVmX7O2htbKF?)N|Uw>-PGw}b$va+nA)8^kqA zf|pIB@i<^S__G4{ck@T00FQ;IkZUnEQKix1{Fj#^mxs%mn3UI)r+6b#8l)BWlFBlR z%d}R5b)2XUG3e2^);Q~+T7}D!qu@)quDN!vtChX^I5qmQ=?ZtplGzLutYOf&&dC*l z3$VaWh?{qzX$u?Wif%ZJdw+Pf=y%W-b#gEIe-i_yc+CF3_A7{uTfW!`24F(HeQT!g zTfPPPbkQ}g?#^p>%L=h}3rQT7XTT-ccr)4f1VOoN!+LvJS-2rgiU`4e$Xk+{GOxEd zALqm>p&*wlUcF;+ywk*67gJKdyP^*@<|cZDQ1w##`@lQ3Ox`=dG}kmhx`wPknk0J=I@* z_TfC%Z~ZrEJ=cHzOh`T0H@(=8ebSe`*%v+9r~W;}>owcIeL#CX+|Rv7tUcZ1v)$i4 zJ?FjNi!=5M|} zT0Q4;{p5c>7vb?&>ak+lZRwX@Q_H>R%iJ4dW*jrb>oaETdo{zi{+^uiai($ed2#8( zt?lDJ(xJX|g7H8Q|L*5)Uf;g(M+g-|>J>kKd0w%9H^1vEad|TFwU#OqSHJbUobU5y z<%U0OR<8GdzskjILa2Z6qkqq_KS99%^1J{0o9z1AfBVxv&dGm!;{VxdK0y2vIFMjL zg9i~NRJf2~Lx&F`MwB>_VnvG=F=o`b{*hxxj~_uMOfr&WNs}j0rc}9dWkHrNVaAj> zu~orvHACjqxszv4pFe>H6*`n?P?;wU4MYbhNs(Iqm?g3D?p6{c%BE=<*e}*mk}hFF zQ6{k8v5{;3p&MzX-7>4=j2#Ik&>yuU!v>nO;;!pVi8u$|EIOEQVZ(pqR+}uD4Tyk!-K)K7lK~zB1d5q`gpt2{?lMGf>7EX{^!48zBNOx@5>X&4^&8 z`EfHd#=%9IsI(FYGttCbsl$>EnTL%i+1N{#VV*HjzLD-CD;5@i`ztsc$t=^%GtpeE zxg(@Y;t9B-AZMV}?s~=@RFc3Dye3t8(hzih97rEeSX84Of8djkKKoY8FQyj*<1fug zDXrAfOC4Ght0agtW{uaf$R{*c){!mG*Y?~HCeu(;?M-8>I+Dd75w$G|+!*bx#g`xz zC`L?y4OZA;YXmP7r2zhMMJ+esN&>AVll*5(ulP*KiMgabCe+ZJ(#y9r5KWLSyYN!d z3OWBl)I~92l$6+a;f+_`!ZNJ4xoYjrSEXM2b9df<0S;K;i}Wp+S5*y8_#}RR9oXTA zA&&S!g(?0D;ffXJcNKpn?%3mxDaE*Ad_}I8Utc%|S>=^kCa~m;FMc`SlT&Wl=9_U= zOlE^g-q|sla}HYQp$YR@-=2-u4{82SFG@5sr|AB{bm)QJ6v%u8@T- zbm0qO7(*G(kcKt1;SF(^LmlprhduP+4}UldUt~~&MKt0Ok(fj!E|G~%bm9}C7)2>g wk&0EcCgK&bm_;pak&9jQ;upafMlp_&jAbR@&Et; literal 0 HcmV?d00001 diff --git a/Media/Images/CertStores.gif b/Media/Images/CertStores.gif new file mode 100644 index 0000000000000000000000000000000000000000..89dbdc17f3be01dbdf62d233dde869b3b154e4f8 GIT binary patch literal 10374 zcmV;1D0$aMNk%w1VL<|&0e1iZA^8LW00000EC2ui06_ws0f+wp{{R30003hE0CxZz zDF7Hs04Rh2Fo6J3YXDQF0C&F_0DBl17z`>}7$j>DJ46^Zc^EvD7(s*>OP3gRy&(V? zAsj>@Bsn7(052~uBr`uLELJH&ZYf!eEQZb~xdkx*V<{LRF&J|(7<(}+h%rZ;G=9N5 zJUlx)bUZwiJxOvrUTr*HjXZR9Jam*hbhA8_lsuHvJpeU5C>T5`B|`0D4j|Qc^_# zQbj^iX=72L-dY$fTp3SZ7;9P>7+NeMT0uEpT0&i<++rR8V_h*|dw^qtt!AFPZaM&J zOG0aKQg^54a~L^wJ3Dneb#*+Hb4DX|bUbx*vvjrXdjKhW05N+2Qhg6@eGh|u51V}t zt$h!_dl&$F7$bWaE_)bKeKDbZF|Bk`INF z51o@dJCrUv83Lxs;VWl$Df{s^^r^{-zIZrw@gv51pe_0HIQrq*)xLbxx;= zZl{TboUo9jyzr>RucpiVq~89oUv8~m0H}04uXReYgk!C$W38%tv=6VgN^Y}j9J6yg zvvhT`aj3Jkb+WVUvdQMM>HfX-|F{pwykc*=a{#@07{7%!!Hj0U$@#<&Zp06i#xZWj zT5HCE0LG@2$f)GNtA)kI#lz+P%@426h8WI^G0>P_&Yp9|rn%0}&dcYm)lj+CSZ>#e zZqt=K)~;jLu7uaa)YZzJ)6taH*4EkV{?Y#a-FR-@eSzYlPvWOq-oAw3;o#Kgvfljt zkk;mz&gy^Tz9?Ee1v#k2ROv= z(3Snuz5n8-{pG#?>a+j;$Nv1&{{HFy{{9I50RIUbNU)&6g9sBUT*$DY!-o(fN}Ncs zqQ#3CGiuz(v7^V2AVVTV7Eh$flPFWFT*+h&ZRqhmPAUms@1DlvufRnZt2pdPrY7}y0xs?vuM+*T`Mr`*KNAI zGUYjP>P3ICPUt;>$>O~f-2_%U@j{;9y=4X$_6t}d-n}Qv6#N^Qt>w#@GrM#v_bc7H z81F&e8-t>|6OI2VHY|ECrqvZsr+&Ea%jgrO1krD#2OcD;-LB}ZMkAEXm|@}fWlx$tW1dI7`! z=N>V^)BZiS*JA62_Ng4BDuoUK<{m7heYTSXhfIN{6J6qgB`= zh0=W}<&;z|G@NG)kvLIu*d1izKaZ8xUy#(n23?e^J=WM@(e>9Cf`&QwWth*6cH()d zv8m*HN4~e=oOzYTC4cYTS>>UKa(E?iA{wNnM1vx9ra+hA|(2or!ODtryh6-73&I!xqv6w1XA%3{wD(<+Lb;T%uafwA%MX;h6r?}+i|S%MmA8(2n}YS!#wvq6ivROOL4^);W(OP zm##K*vYoOPa?=2x$5(47N4sjcP2=>Qaw}u_Ad7s;Gjq~R5_w*=KBujAS-?sJZM0HD z*4NT1+E?$>uo-RR{*uwwEzh)ib@{AvX8X-|V@m^0<-fe?(K1Sd$r z3R>`j7|fssH^{*bdhmlF450`|NWv1D(1hJHAOTm%!mR|bg)od^OI|3$8rl#fG`yh> zcW99u^6-cLK+KW~gGj_8UT=s-OrjErw!|hn@mENEq7;ef!zo(ve^tDq7V%d_WO(t5 zU<{)e$4JI9n(>TiOrsjt$i_Ch@r`hdqa5c*$2!{aj(E(Y9{0#cGCCxSTMXp;04c~q znval%Oyu_vsmMlJkCBdy>V+WnM_3*(|5~s zq%gHOP4-n2ml3(<6t&5-Xf~3YPXuSfys1cWHqo5qBIhnEiOzAU(~#{fKSv>-Pf2t}*J$bEnzO3zwT zY4WL_pWNG?bN40P5xbu zh&rtlkmIL^y#=TWtJ}r+Ll(DSssE5DT3KE;v<~I0XKxx&%KoFdIgRLLsfXItvNm`Y z9jH^ND%dy;HLxe*ZEh1=)ZRMC9a*62a1{d6=^nSHV^wZyFWcPIsx}^VZSOenJJ;!f z)xOt-re2|%vZVIuyX94leUiG=ram=6Ux=(^C%aI)ytgFr-D+Gbdtc;Ya;uo-aQ426 zkk(3xk}Aqge^Q{0!kosVts~S4vS8Sfk}5rTX{l8g^3`Ns7_%B)>wKBp*0n;T$P10> zbjxRA`!zWupjrrd*DJ{}E?k+0KqOTWT%sYP%5H*3Pz8s2$F_8vEPe z4!0P?itWsByNUTFwG!)*Urd+#iC9hKhI{#LboW<~OFmz{m8jN89+}MAMo7L5IdDYp zJBiRxH=&^c@PIq2lE`Sd!wC{`Nmg9Y6MwkHC7$trT-=c#FZIFxjTmx8mfYYVQISEt zWLSetxrQeKJzBzMdBm595gkAqrx3we=LY1u@xC@$%F*jTGpxWjbGus+!V3)nxhWIuP*?fDB9} z9vKJ#9w^T7jJ*72%L0scc`IJ0AXcNGlB#>&6bnqiHttr$d)+aacf0dlz#e&gLAt9R zjW#~F;#E;}n7*~)LW3=yKT3SR5!iqQhi~_WauV2C8rVqxwt*b@fm_spw)B9q7H(I+*n`7HZmooaAvlC^CWJ(IguQ_bMu>z=XcFT_h*uwGZIjD(Fgo(;ziMEDJ&g6(^!HE-Rir}M)Y$J-Z#){kni*GoDvZy_^h!v>l zaJOhZyJ!`;7;wEvJ;6v7zo>1)2tCJm6vdcrQN(U=1%nbXZ)Vm`()bV=n2ZR)Zm@)D zt|)8G_;1x1jnKFe;TRF+$Pm}q8|?OR*qA%r2y5fvf^LNjM^;xmm~iQ+R+rRJJBVT1 zK#wGrP&+7A{5Tck;6+5vzB zWCHnw8K_WCs8%MKbqnPa^GFh(6;UPG{*Vkc9vZ2HoAr-28Iwx5gAV18nY4|H7=kLv zN?4VSrS)7K>5&PiR&C`_MagbMc9Y0df)NQbyBVDAxIDwTY8K;G7zU1v`Iq|GmDV|y>lv8Fbd;Orn41-rV+oO^ zWn3I7m}0qMFG-+}nU?USn7iqgtQnZs8CIN0knky;m}Qlig-jWWoY(kFS;vjESP%lq zN*W1M1IkqZ`IyallK`2K|M*sIiH{ShlxMY$6&9ZfH<3LSqzy?D7KxESwvlkPqhy7U zGI>^0iIWxDP+o*gJ%*ABg`^azRtyQBBA8^;>7zNxr6PKqGD%j!8G|Y3ADi+5@$h*K zK~zEa1vnN9TQ(W#kuv^WCXB+Po7;&N`#BWLND<4YUGP^O$l_CY5GDJ72Vl1lk(xe> z3KWR?nrG3eLD8s=p#{-SWTc84e0sFB1y0I=MVaEfOfF`moL9!6>sBX8gz2^>qVYAZe zvbA9;BSjfxN3POQ4KZM|8hc|0koEzxgvqNn%lV@!MUCrx|d72qFcJZLb|4#y4{1is%yHSyKMKM zE}LQpSql>VkO@mcyAXj6y2}vy@Ce=TyB_-w)G!tS_qw-s4{DGMV4@3SaSy#~yP06T zyj!~q{!zURA-oDvyadR)lH?E0I}pMPy}pnJYY-T>yA*ox55EfvOHm2}(G_YC3hN8L z?^_Vq+q|Wq4~{Si=c^BmV7`?RyYoxC_L~Oq+rICczH2}Z!21v8vb@AQ7Sy1=)rP#Y z#=p!v83+u%dH}v-p}_!5!L+Nvx4XX7u)fN>!Od&D1OdSCd%N&U4JF(Nr2xLPo5Gv2 zydzA!B@Dddd%nbr!j}NOM5hZZ+-w*uYuY;*LW~aU>lB)h3>rMU@&Lv0s|PZyzZs$n z@LLd7d=ElAzPby&TMWMY>j=zi#KPOeSvY$ABEeQ|!oB z9K}%F4^xZ~`AfX}%g51c#j|V5Ni52347}Kj#oQ|pXe@1W3~MXgyejO;TZ|5SOe!U; z#wR?)>}$guGrjTqzYiSD=PScFEDt&i!?Fy-v`o9lT)bEezDc}nyUfd85yf$g#pc2Y zUM$L$yavZmzv<$_P7%ms{J_ba1`@m}OF;^haKx4@%D3CVz{|kdki(a7!0@cZnA~xi z+`1VN&PZs;QOwYzE724^(G`8s*OSl~U55_6(W2YY9__gx9nzYsY8MfPD4qV&D!tMy z-O?_NMt_72Bt6q3A=5N{(++6UIDON|pwl}&(>?vuJnhqY2)Ram)JV;^lDmmSErEn9 zMTVO^K~02#drpVT5>qXdSFJWxZA(o(adkV1OYJjR-GDq>NMVg=U#*K{ZA5A9)ie4{ zn6}oyh_1av*T!hq*oD{3sMpZM*VeYxk0aR81K1PMB8Zc7!m%}Adk~35f9pfofIHV7 z;U2Tfw6PTty+^2ytx=GzKHwCWZQVbTy}5>steG=?NhctE;ZsxB4Xf%D(>D-AWveSj z4zW5rku8pi%0s0c5@oFsk0ChRT6Wg=1#>go&MMp3v3QTyU5_oUSpNGyh-s2yb&wZ% zNe{`73CKIYjYFsHHm;F=pLbFI+88f)dV)GKo{d{7%c%sxmLiEvGu4^5sYBoW5y72# zKSg-64Ol`)EkL!|FasfvjkDHkK8R_MSBaxamRbgi-;~`Ekd->jdUoYKP;r~!gkm`} z>nWa%;M5)8=((08+L=8n;gS~K53$)$Ross?dVN*2vq9jL0vJzw;8r{0p?R0}XkYP$ z;#H~Qcl{A9B2dx6+MQP!v=Uo3&N^$WQSM<|BJMubO{LR`S4tY;HI-Fq(R zxN_De*l}HL)vaXc*|X^KAXnag?nkpL+DAgxJljVp8n~j1n9Cy=|asznqKPQ zOzNn9L#Mv#w$|#dE^A%%(zIUdwtnllp6hgkY_Y!4u-@ye_UpioYQjG3WmfFQj!VeC zLprGI&K_()DCb8=gI9!|8hvG|4m~bdNau(<%U(k&ctzp9iP_#f{pLu&S!!(VaN{oS z*UlZ^9z%KQOe3goL#VDngztzF?=YnAKjiN`RqoA?^^dx@FE8i>!Gt2 z9xUwI*~42t3D4>Sco76P-3fty5b@bATYm|`4}Ng|0y#hf9gqz5;0#KD1028z|3LC4 zp94C;8{iNCd>|0-umvZ;0^iIZt6=g#kOe%U4qK1|Cx8Vv!3+sd4g&!W2M`TKkOL>b z1Kf}gL*M}e!4HGb^!3mSP45q@kOMZr0jA&)#J~g*aT+y{*+nu7KW`EjA8Q@q@q~&O zct9l9@vWp_8zo~KjUj)x4F<1m+wTDwt9nv?%Hh*9bNmnpXaDsHpbv_`8b)vnkALMQp6$7FNg7-k&%6Ft2L2wDk8M#5_pFd7O5|n!;?xaF{CCU}d zC+5TkM*m{YteMXU7ah@d;;_&~Au%TZ;QcW5uh|J3JIb|N$#4n=4PEph$`L}O(I_W4 zAcIul1SWr~G| z`@(E2=q`r8SY<}W8c2|`<$jTF-Tq6l(Q!A)3P7xGR&{)hT=XvVc|-^QI= zcig^!`2|W^uNOjtI5w2}$IlOttZDy+GZBvyACg5!ag=->?418t)uSxcx#FTVtH$H4gMLxUV> zU;#gZ;5h=9dY(z@?d`v+e%5Cx;wnP{2Fz3KDN0H_DjMvV4d* z;mjSl$tapdd7)swmo!z#9hV5Q=fUnKfNU2g(z8h;f`}@J7$KV2gP>h312i;d6dRr4~0HdpxqBBeTs`GaGZmWqQw$#4$jL3o9 z39TB=BKP+8!HLsR%MBu;(4FcL$VlM07aVh7nF zA<8It?mj?=IN(s3Z?H~c7B#wOh?6otsht(=8KIkXxY5s{{z^Acz>!WqK_=>1M;_rbBn+=;d6T>PFrn^opD&io z`m)R@i!$3JW7~deBBLA+ipxZeoE`sGeq|umJ~Z@{ems zp-GJJ*}VSVVZb!`#UH+qLJol7oPVfe3rkvp4>AK00pQ1Ssp>{OJYgBmmBSyaU43k&%ytB-0idNlG$ul9iO3BQd#2 zPFkyzpHw6$@ux{qmeQ02x#THT$*xqc@=K(2Wh^7vN?FztN3^u%ZeW>9UcM0;_2^|V zbN*BhXbAIqV>D(m)i{oEDASpYVdgV+v`cALlUng8rZu(c7ib`Jo3^3mH^q6QXpYmG zRK!rYUf2mMDp_K6IJ zHq@aHg=j=2I#G&N)S?%~Xht=Hr1(5g=$o#I#sF`H8Da3 zYF4$n)vI#Vt6v2xZ?GCxvX+&mJT+@t)!I(9uGOt?t!7){T1kaMqpC&)Y2501{#U+A zG_Nj|>s%ozP=D?*p!{?iVRL!dfvz;Lf*s^LBRNl|N!FN@W$9xf>qm4Bwz1RdtT01c zQq67_kJ#K~H>-u(XQ~#Zr8O-ZNBhXx_NcbKyzM_>8(TI0a+AcYmT#X4+}Dnkx0}SJ z9+P{U<+`%D40u5)UTJc-yVWDF_0k)d^&;1? z#yu}2+Z(s}k}$%;tytdO}xD@J=Mh=P+H7<$+OL#<-V z40!Mf95^6EzySvWwqOGZz^*7H*+W_=e9Ao@t7iOpla+~_h87~!iP6L1Oy6?tgNACQPuKAwOP z*8Kw!XYgHwZ*+5JsqJcpqMc$_(V(UBmA~@E&t6qgP!&6D4@-H6&y$EQj;x-A z=~+S_`bh(gbRC&V2fGU9o^|5A*dRdE=ZJ(7@8R`-f%7nmOSEekh)Q@I6Z-nC;7e?(;s8n!H;$I@O4@Eeo>F zGoq{+vLZXOsUyO;@UJU_jHRQpu*))9@vkf({u_h1GFo^#|AId3oY&ym9H_Yq1WNO7)LdEz>up(jNJ>&jJnG1Wbf%A-y?oqAHnJ?*qNjE_$zZ}PcPvRpQY=4Wti<9c zfdnXl0xXhz$u-)mzUrvIa+;p>$)N?*9(%B|#!s8pJv1k11#%dsTOvNX%HM9Z{{sI275w!BJ+bj!G0E4Y-)x+E*Qw9CBY zD!kOozWgb^^vl4+DZmuW!i*`xG|a>VN5y1JR`klogv_2o%*donwtCFU#LS$`%+2(w z$>hw>bSBRP&Cv`d(Im~&^u_+mM9tNNF4bhs*DOWXgw5GhCex(N+k{8i#LeAIP2TiP zGSki9l&*D{g+fS!<3!HnRL%`9NOwQ<>&K(I(;f$@~ zv`+0L&+>%M=o}33G|%;1&q6>?Yxz#_gse^&PxiD=@+^c-2n_nX&;HcT{De>We9GeV z&jQ8H_lyeyHP8iRP6V~5_!LmLT8H{%&zdm{1Gl&w?e-RVxMU&G*|>UmD6&lhe4fFbZ}ER?Sg*5(=2_`?9>%uP=jB9bH;vO#=m%HehIT;CNIg~Uq|{1{uS=DOHl2fKc!f031Aj1ve#nG1 z9n?!O)lwbSJWW;X{DoPqg;$-^bC8EPebag{2VC_AUBS~u&<9@yRzj6j@+?+k?JoOV zgS?3cY-rXr{%}=0h=(|})=Wr-LB&=t-PY^u)@+T`VBm&Kjnrt(1w>U>Eta?3{x>{nJH|RB8>{ zP4$NUHIOkz_1S-bRG;x%#T{D4JuWb{Pd$}g%>_}|t=HN$PukVp>s(yig{$5b+RYVS z*L_gnjosos+k;hJ=losdU909bUc8mw=X_r1O{?m)Ugp)_RsR4Jzv2}(e6Fb`BmRpFyHv~stpxi4~+}{?OzPdU;X7O`)ytpMbY*Z zUIY#=Atm6J;!pL}Pr!&^_nqJYe&DTAPvvz_{1uE1F5V9I&I}f;>I`A&q)r3wQts3Z z+azJ!b>SCg+!&T&qNU*)rq>(B;Y!uv9p2I&_TeQ3;vm-1AtquGHR2-{&?Hu3@MMVM zCjQM`vPmf3;d+@?!X!kv4YYH-_Ul zmg705<2ttEJI3QY*5f_q<39G|KL+GL7UV%DWOUC3()?`iA;!gJDPX^^s7UfYUz?}01iz6A~*mdR{$b(0694TKWG3vjQ~QO0A^+YYH9#zw+9Fb4o#gI000>PA{hWf z7#J8CB6JxxQ5i*D8AF~Lv;iR@As!w+A~-lANnavYY9VyMBew!8D=R0s1Sz-RA@1~7C8VpIRIuj86rC(N;o(fIXO8wI$Jq8 zk~m$NIcK*xYHBoet2lJQI*^b#lG-`FAx0S)Nft&xKtM@aZ8&?CM4q}sp5j2jDnr3B zPdGSFSDs30YEN{(OT#%)HW^V-PgiPBQ+<_Fo!wK$Jy<~>TwGjTaBy15NMry2W&k>5 z3|M3t0A(2>Wf?*Ga_g>l4?&GYf3q2Qa5U90BUM8YHMn2Y?*C@t!tUWYM$b2&0KL1WOp+} zZDUSva9?n6aCDV^a+|?)tEP0o?sL#)dJJoR8E|wm0DUWQd_Qx3OLcyP!HFw;g=T|< zZEb{vt%Q|jh1Ph8h=_}cmWht1h?%sDrooKfbC24Ck~9F4Ga`~RL6bd)l1*}$TpE;K zIF@}gmWYUukY<&YYLk?cmY1@eq=A#L)R5b@m~3j3Y?zsNgq)q7o|dedxssl_-=W63 zn85#?-s76yjGy0?n&1DSRhOcOjiZR9rj@~^!S1Hvo2`Uxuz`fDq-3h9sjJE6uH>Y( zWf`_*H??I~w0Nzvn31uUrMtAcu-5al=BT#jt+@aHxM%>ukh;2#GQXpWz3H{Wm~6ns zmczos!Q!^Z?7zY8=E3j(&CSizv6k1;*4Nyn(d+Hf@6FhfGuV?++@~Pgq)pnWeAu>S z%Z;o*6r=>^2Sa7 zwr2mmYyZNT{@9WK>9+s>xBvgx{{HFy{{9I50RIUbNU)&6g9sBUT*$DY!-o(fN}Ncs zqQ#3CGiuz(v7^V2AVZ2ANwTELlPFWFT*)NwX4^!U@2xTI5w==vuM+*U5m5qK(}n; z%AHHMu3fSQ;ojZLx3Ay7M)m3iOt`S&!-zu)PRzKmykO}g~U(56$XUi~$I>({VJ2GC|uTL6iuGxF17>t8=j5E|YKz#v^mXK4iP?)~o` z1bs1>CtR*^xa%Jbsl)v3y79*ZcGaxIPCXD&=L~k)WszKV>N(_`K>C<~AUFszXkJD45YXFi6(aPWg$sSiP=pKW zBa1`)D9DkB5Iy)$gcEis5sUHFI8%KE;TY0>0`Z93WCzvrOec+Wa*Hv~1h`H;1Rk^; zIKeeUqd`+1qz?|pfpdlqzHxHlbPZbc+k!93(2PP=QW>U)Yc4dVdu?8n=0aCyxn-AM z78s|Ee7>aPK!1X?pN~J{l~6UE9Ae0#h8&VeB8xbZ3pWMrHi~x;nh-z%*l4ogJql@pV@*uBS1b2_D zIsXHWhDn$A;5{~AN1==DV(F}>Jo~0eg(((ybgt^bOf}9~beL~%O-GmYKy|XLv)V;B zhcv#tCB5{$XxCjf{y}F$46TYg$Ne=yJ_9XuaN6n0F45T8t)az`!zQ`L8evR%M;!B4 zC_#f2R81lzo1F4FY`!vHs|_p8&(GRfr{TIc3)}2JGq>s7gA`KeH_p7Zy&UYcr%@*{ zui$`=moOFtJf6qS?zi9NhMWBJt-Hpw?6cNx-trL6uKn(G+v0oO;a4BP^?8f$eHy%* zcYAQTH{Kw6%~_B4i&oDG`TihTZqlF~o5;ruk_tT#97H!QH9oZcS?zIHIOBJ9J2Q0~uV_sIx}u z=}ksT`$7AflSZ}S%Z*^W&~Qp5i#$fMjzmk&-QJX;`=K!%J1ZX~7kM=~W`T~p!qs{j zc|XVHNs6%Ki2p`{MJzgGfCi~YGMc17<~SpbqKc9;qC`k-Ex?Qd^H;ILg*rLLDU8OU z9WlvwM%PemSdV+rc-mtfIugV>D12TriM7abL7L^E zMais$eih9K_d-h2l6F)eof}EpOlpx|Mw6v5Eh#QR6317@G$E++=1q4R%bD`@r$7xV zNqj2Qq8jz60z4^Fm&(+pCWNR?jjB|C3e~Av^{OG&ixsfS)vmI1tA_HbSjWo0s*?4r zX!VR)Dt*y>*S<>iu6f-IU;Rqhr2-bOf-S6K4Xf0D zD^F6SH|B~PZZ?M74(Jp}}%;CLMc!LbqB!C6{ zQnVDfBjt1a|nvEcx(;F1#RcN!P?QS;s9HwWvcp1I9p3iFg@v;*vZ=QH<(@ z7lX{?q4GAcqP5A6d+g#STNxxnPE3(eEHXpff+qf8l0QbmBwk+Gs#!+N{%G6rjW&M+ z9S1>&o7;?zG1p_xc>V@2**xbu|HBxKTE{=`jOQ^AB+q>=h@9ta=7h9E7-|3l3`zh5 zCrIKNX70qG>+NXfv^aT5n(vjlKpD zY+Y+f5QrAM4)z8lVQ6W=G7oCG3(0lEc(4kx@E9l2Y(OhE8~?1Kvg2S)<35s`rx{3P&oP1z%I@PrTL z9TRxX00s%oIP&&>xzzc-b0}GUgx#dF-1EkkH+(XBCy`2vA$M?M6C$Bm$ zvwri^pF9bY7pVyXKM=e#TpuUkyV}_f5x1M<>}$`iCbItdkh*8&9T%W}^)_$RlLm4sIDlZs z3o!66*Vn>*L z-G^}B7k&}}e;Lt)A{BirfrZ!gWQY}I2=Q?g*CgLybD_6`J4bmUfCbW!XAbBOd+>ph zFlb0{a~mLe?I3g_APkIS5kK}ZEb*nb4U4E`l>a#X+!=)fdw7Ij@m0=VW6-*63X zwg)dqahB+2^?(joAcHVK3*XQVOo9$ACxbw6b;KueC9sKY25K^hd>avk)OU7Fz=cLQ z3=DULe)o1GA%6zpep5Jq3;}-P_Yhuq5!2TZ?AL|l=NR<|822}E6;}@)7;gp=2E z9JdhYzt|kmIC<4ic5Z@4i5(fmQIB{5D5TDp{RFIBFm#Z?xnD;Z{sQGN0oiwiA_+<;Fbf*Vk^g{qa`$$q5&%bV zc6vt$@W(Lw6_fxLcL6Y9aVLc_Ig>n@j0a(pt}$Tn=aYLElCH6LBv~#E01ep(j1a;iHjI%0$cfnxtM+2@poJRV85|;M+jgx$$ZAxjQWH~XMOtqpa%kBjN0b`Q_y_jX_07GaLL%4Yo#y$B-T9yD$sFLYm2det26`5F z=@)vrZQqc4F&Bty7=#oE1NEqAXxMWgw*j?aX#PM8GI$OCu%ay5ZJ3yIV27ePmk9(> z3oyWq6~USRcxdwoa~w!>7uR!ecABlmqV=$EJqHBuHj6FkcEGrdN|SvN5`X{ceFa*c zO2csO2aNmR1$97hG3gH8i4e#ML(0jKP|7yT*L?p;lJa+w>PHY`TAc>*U&fJ)W2!Y^ zIt)Aspb258X2%7ASDpUCn4f~GHRVT(J^7zy8KApJ5P*uORZ4{~X&n2RoX2>VV7O({ zm=I)G2)CDUFwlB{8GEue&6ua`S5pNsry$9auYsEgimjOXu2uq{1wobX zdY%<&sDVeE*}ACG(TrMXl^a=~;rgVz2#k5^mS7QA!!?GWSqRpUgCal$(z>BjCjzN@ zZ7&*fqe>7phyI7cMskB@aucV9)|iQ;`VaWXinNfUpt+-_$&R_2tdbCV*6@HmC~P-Z z0>Vlj(dV5pDG!Ibu<{yx0Q;@(K$5u#lfw`K?Jx{OiIP@Ilq*@O1`($IinS0zsoW}k zle3jp8GlxYsE`@}Ww(r8sD;z#uLXg&fm(i9o0j3Kow&HAjJmLH>9FB?LUqfpRB8)V zo1ndMv4xwljrAE7Dvl?|cm=_8T^DR8d#n1_b1BENA01@WT-L98qrq!VX|2BB-my1Kt> zYfC2rw(1c_xB!Tdz9>)!47b02dbnig4v$-?C=dx6kR=T834W`6Rjf6;2(bS8xZ&%k z3X2ecioSlTHH?d?>&nFN3td@U1gT{^; zM{Eai4SV2_{MfUZCJ8baZ9&4BYG9haXKsa{1~C|V_V|z!zd9O@vE0vo7ONXOpmi^S|3(fP}{Xp)R@wcYHzb)1Y5+MnquzjUmq zdTS8o`*!|7419OZwrQ|shp=|cpAk#O+B%(XOrCXn&s7VI3kpNo^v4HW5MX5*mn#qp z2#PKon4{|u^$?;}XAmvhbC_0UOmb+Zda7GzvOkxz!P;owpmZfb1vb2ys$BjM#!8Pa z><@*I!5i>%L|PB+z{)2V%OG)n@HPzD8>QO1yts%e1VEABt1UkXso6x$J{bT#U8k_& zx9J>|2@BM58g~%N1+Ou8Ho13HSuRHarNaW88i|%H$*uq)RwfuifzUBb)<+6_$Y%LfXXOcyWA#pCl`v1*bd9EYoVtGhDM|UfxE1D zv#$n2>KY$Ef63Lb53xN$4=32DE_S-{9t%*5{NAv$?%Lg8Uex6=r3onHXJWs8{N! zj?qDa(WI{GRaxo^A?l`1(ab;#BA5xhu#d6M>I~5i*T4&zAcD2Ph`a0R1R?9Q-szrh z5Waold=X}(NM_Nl>{0dUj=`zap6xqf?Tvx$+Wze}Vd9)4-{4;EM8WMuX71`P6zHyH z>;CRO(e7#n@AR${@-A!jp6@n+?)cyuH^vZ9A`$Je6yC1y2Hz3f4m&1N65wD5Q4$i| zH4+7X@Dz^`y=@Wr@bD$k51t?mss!=nCGizM@+xuu@fE=jYtSLe5?~OZ2?}sJ$N@;; zf*sf*UoXNX^t1B)j+Uq*Of{AUwbEXsQkNw$@g#rr4`K2Z!5zt=U5bMbkE1(^qdNf) zAy$*|1%Vz|PdgO?JZp3y!J|+>Z_NCaP9ZN6MvwGruMkRa5h%|-Yw#Kxvh{U>4^s03 z8Wvz|`BI7_FuU^ciF7kRWA*7kKgeNW?{xMdk@jof_+Ty&&5jWn-}eKt^|dk!8$={zm8%@Wu*>9)&T|(0(ZpWJ~7$;?c*Yw zA-Dh`+;OCB`=34)!oh_gEQuxCNQZWWsYe?X@~4tj8>f za-%8b1ILKy8t4u^^9G_V6yFBotv7kRpiZ?SxNwb-cP0qn!qoyeB2@9vgY};tBcb3y z`w&$$9s7QD0h(5+gRa#`noE$iSxG#zA5XFg_0xZL3{IaGJ`qnJ69N#g(o4H5_O*Xj z4WI#eP=)oKA`meb-6K?E4O4AXwUrZGAB4Bo?SwUNUUA>yVYPm#jMklSK?J7=QaMF+ zx)yKqqKygGWVyA?T5N?&Q&!smUJbczWuxtv2@=5O+l|Fb(9&|do0kDl zK*Y}5nF-2Qw(ThXW(~PuhXpTacRYrl1W%Q=)9Ey&PUj<5 z6?a@#rz_TCa;<)Eiaj-*rDCDYDXv~ydZy~JKO&VfAq2r8+rbD`Ebqwg_WLflJjZSB zOi)q&&{hYblUAU8NM%l*+P?eM1lf*@+BeAE0mo|i+VQa;P*})jJIeuV)JT0!aBp(K z`zFLm+OYAFQxa)BQp{{B)CUFXWdD4i3SHMc!N~1aE<14h`&07HBt1gp z?;s+Ip6LGK^Dv&Z$3&|6)Buwvx!m|pPU(o>``pnY|8%T4PSTKwob)9J4dhQQXa}Kw z=D*xY1xk3c$fT-NrFl6`cfa`0v|g1S<~1imWorQGdWX3tIEOhxEXaPsL5TgRkURPL z*|P+4#A4XUNOfvL72lyY_PJ9DkyR% zU*gfw|Dx6!SZT{j-qKACITo7=DTrLJ0bFg8WJMnV2}p|+h>@^UA;ayiIg~^f{B(oG z-|R?xGmPXM5edND)p3ulIf9UAwLBD7F_N5^1));3Em)ZdjFP(?lm14_LCWTY=~$vb z_Wmgq$+if}z-9&>e5ET=2www-OLDi8A1R^$|?opw@_epNc$ZMcA`H6p87K6>L6;@HAh z_Rf@9@?9Pqi9%VLFKhs99FPztk1}-UJ1yEznSuk!d0ta?Jd>v+FG;9Mj%=lbIO!*; zsUc4$u9_xf=mmc%rxb!nqYEq3&r%9YhSGwTIGddmB?6cTEoai=zXU&&uhQO8YTd+Vm>oLwrJ_goQASP74++9xudCL zW%gA`JCkMw>P!<>Y*Pp#SGR6Ts~{d&hv`DrycUp7v0>_v?(u5bvL)gE^sx#AwRy)2 zPz5vlI#)aMzfYFkZ~RaJG?w>}E1as7{1@7mYD26jqxjq6?q+t|lOHbsVg>tZL{+0Tad zK$bo0W=GrF*Y@?a7h(@`Wal)8$=A}9=k1iNYOQ!5P@L4Z7G^~YL~w*0TpZ)5N0b)+ppPrWsqeiI%@`7J0ZYmdcwt z8wSy=_em~4W-cojz-x#6#?MQ{nOEVq#w>fMAm6|&_0cT!gQ>dmoAJW2pwl7i$d4lmEF&{07HN*l zB0;9fz2Xuwsal`*$p-9DDd;OJu-hQQ%AWIb{+|l!F{CP;F0zyU!I@mqtjgNKJOPpx z{Ggl)4l_)hxKR_I5uM11*Jy_wAGC~(ZQ<_b&Ac2Ug{ivfOyfO_rB0?d?B7&!P zs+Q!zrZFLxiD@AWL>zJQ7-jDWEDRhb*ADsgpS=BRV{&BT%nGg+YDWCL0{zIttAQXVa!EA7nedLlYf+L)gpNVuzq?E_0q(`@c ztb7tk7uiRp^GE(@BJUx}zC;{?6b_mcGQJc)v$O>fIjX9h9%P9~ev}&pAxXZln~6BM zb@&HvGZ^~=NlqYzwF1C$K?nX#D8K}PfQtEn8d}ZMY=CmOs}XE*~Bh{S>52ROi> z-P{=e8$hB775^)nG&oL*IKc3*4NwG+wF1QKsxOyhE4_rT+*+WiR4*gkzy#?)1iVIK zEDi{|#gHN_4w;|E62l~dsOWUCfl$M!EUtM39T@x&v$Ctw+D;T%&&WEGJ@LvRY@|n< zpAK51?JP^W91bE_g7Dc+|2oG&w8F!Zk$oToRp_1L1IHt2k^a2K!{m@1T&yyjP{3@$ z2|cpw@{JyZ!wAwOPzuHb-B9(`JL1Qy``I_dS&m>#2Tr55t!!aNm5A=Y%^jI4%n2wJU&_Fa* za=EeJd9sbUC>?#r5LKGjfY9c&m`n}E`jSh>JTphtA0TvxfJ9Xoqf_&_Dm}G6VBMG? zO4K2wQzzuJI|Zmqt(}5YLSmKE!a)@!a}P1Q8C>le)_}h^^HIFONQmeM(KLw8T(4J% z0UII50Du5~{%C_{&<9Q26K7zJ0%(RZB?y!3O?%WtXHZi3dPF7t*ZUCI)_6_b%sb$m zh-$+$IxLGm!M2O=Sj^Z5M$o#LSUSy|y8lDCf#67i&`57H5_}+7FEyVu0EYs6#7N}V zW?gWi3I4rb0XE-|48|`F=HL)UU=I!}5KaiyI5+UY!;Mh0 zlAQ?pFgIwBT94B~h1j=!6X6_g2ojDa6Lu3~xPhQdtWC@arXu2z%&E-$r;ETWi8%gQ z9fsn9;9(fj;Cg_92v`Aa0JtwRqP99>CT6EE#1%ejzMG~y*@ykU_jO{J?TPTnt2@%dzU|+>Ho~Z1hltm(J;a2_2RpEX zJE&cP$cH?jh(1`_whY2}f{bKDci>2mL~rO;i1l6w0T+n&e(!;Z@4T?@1^>0}=1g($ zOwcUum@5c=Pz6+Il3q~m^Iq?1P;LzWhvc>cJlF>11_Wgo2m>bwa!_vQw(t-C2M-_d zZgB5^F!1*N1?HCS<*rf|w*vr|6b2XaTN7@H;O!wT(jy1{New^me((hp=Lhmm?*w;p zWfQ458NOe}PbOguncyI(1PjG%<1r#TTN-y(k zw{tOX^O1<tE?vQ9#`&4x9~+TbQh8F6W{SO*!B?Tav!GzSvPbMw*yqj z^Hsm~l&E*zNUDMu#HmhqBVTuhXnBq+p?=VX`uq(X@v8jb5(Jqan|I+s0g;eBh@%5| zuMqhCEBM~^OwQg2D-Hk-==7AUW7}AHBcuqTcZit>IZNMI<@lloi>jWVlQlkJmDBoj zs^Oz2i=_A8jj#hb26iQE7AfKye+dLTf+$4EJ&hSXLI}7ZE0}#Dnl8(GUm2RP`8`b~ zd?M33Kt3~Z0c7^*V-M)7+mXoj8`S_<*Z${PtAU`2 z_SApx=C2$cF(_!D#{H?#eP#oQe*y;*ENIXmpa2Rv6!b@o&_8`H+Ih;R&xFDN2`suu z=aA4lBNf9D($~bDz;`{`akBN#VT}+d2l^Y9F~AXt=^{=n=8|VRoi87f6!=l6P^2CI zfg|v9;Kd^;CuD5U?x8?%NBsHx{@AbOzpu7bq7-Yerp$rwE@U%n)aSr`VzLPoN)YYL ze`E#r)0A;Q$)z9v$;~!c+QkBzeg+o)(g=s!?3pDQBx=Rbr&ngwZWkL;B z*kLQh7m*5dy+>Am1N9|dY!OO0A%zuMc%g->6{I1C9eP;WY!wbh7#J*MvriX_>9^B9 zW84vx5|5z>Q9qjyV%A6g;56_YQ#(or6gV=~w4**KxTH^lYte5NnPpb30Tj`PWy#)(X=AJ^ z)Ehx>U%RKXh`vyVt!zkmtGtWKy{4>xS8iYa6{_0#b(n%}5G}DIe zYeCbH9vwB+Ra<>E*866FwWM5o{WaKO&up{U7EWC@+G(r3c8B}=!FFtC!#y|Mb=$2P zYj>X}x88mG{WsSV13ntxgByN0;y4SQcxQz({y5~3FTA+qmpNWJ=9z1bA?2G3bh+oD zi#~d2oqG;C>8Y!}I=^{~jymhH%U-$Zo5Mak?zs&3l zYY5PUkp5VN2X|(l?$syGd*;4l#?C>NR!WecJHcbiK3=%A4=RpzELwx#yCywn)LTD4 z;MilXy+Q1(5I_XU=%yl9wB;Xy5KMWbXzk=8yBN3>_T?!?w zUPa^tD(XwG444%o_(eS6C;}H`lB|uu3ou$446BG2ESEiJgOCx!FD5`drYNKc`59pO zT#~SD?dU77zz7FtxFg_6MISBr!~tfYm<3T~M{)@T0cLTk|2(jZCX1ltCP2%d3?i1u$RvElx+7gu@|btn z{$L6p*^5^CQbZd$C_XT3i9S52KCwXZ2$5;xe!M8kkbyCBVsunS7?MF1f$uQ}p^}5v zs6Kt5w{w zrA1Ei%m9R7Ty!Di`bH^Ehm{g?rxZv%05Jk6m~oW{nIlu!sFOL?vM{)WOITX6%a2Ge zGB4AMbNHE`KSl?EXjlbBsG&_Zy2XJ0tPTMM^AJ+8u|dIN<2W-qIoE~moSJc8SSUG= zaJZyX`p`p4oI_6^+3`Po0%$t+Ssz&z#6BFGQ8DKdK1(GsB}_nRIBWosVu8p0Qz9kE zSG3qGyXb=mOV|lfu^CYwX|$^OD(B-onwd(q45KX*(y4$YtYCtJ2^eANe}E?*nL?yx zR`FIvC4+!D5F)3BIh7B4N*MDYD3QZUQyqebRJf{9AseyFpt7P6V&(@^Z?r08@r6~! zX;o3Rj4Wm|+d83*uCj@`tY$;2(a9#xvxow%Xj3an(jv~Zs(meNUBlYLxi+@8y>00@ zdOFJ3x+u;ruxPuceag%#n;{p!3%6+bCJD^+JLAScr?Tji3GO_zzx4Ygg zNOm1XI_G}3yk3+pXJ2RD^+FfD+8r-@<4auk4&(~(l`npAOJ9N5x3m8F{cmiU`#16e zxWJ(ku;0jA%TBS$3tGgeAOkrXkcudQ)pDZ%QM1#}0FQ$VJgR7dRGk4yhM0T}F@z1= zw0#lbzOCWjE0+S!`!G<#qM>j+QA0f(qxLi_^9;xSu?@Xes4!yj3MKoY3wOYCGd)%@ z(^%}{)98ILrfd&5t>Q;|dM&$i4g_o8bJJF+&+? z2=1FlE2xkQx|1Xi`3RtiF$l?|WroW-pJW>Io*?RF3h;Vtpa;!OcdW2m)?^9_Lr@ML z*hD-`wBdOiB54&GZ-%$JViq}Z#4L82E~d5xrpoge;IWj1H2wtNmk5ZFjW{F_CTI?e z!~jS{&x(hWjv)ZC;$}h&={a2GvZgA6Y^K;cn1qqcvv%DUPDFwNQE(16AMKJ8rVvxs zt}~?WtT&I6F(d61^YdDwl{_(f7%Vg&EZ^~^8HE%ii)>_$APi`GpNOyTF^fHcMS*(r zl142lbG`39?m)4nub))oj^43w2CL;ULP1QOP+~`?d`j1s3eHM~QADsP#}*~e@grS{ z)b_MwM9iDXWyR7DP?(51e!OKJdv)25uS64?VtEg|2_#;d8QqIg_uV`?iB!f|9%bl` zdOY&y-8^K7`GoaJ6ge(zD3h5L(Ksu&Gnm0FI?=PL{^ec}<1K4KeC-tdhjs*dCa?(Q z;NBt<%9|NyXSy`SN}6H3pcl^oa%n%n3tm)eN^@IyFXTBEb55GzlZ5$_GXJsY!lzOd zh%VkI(Bf7tOXYNXLEUazRVOr+)P{&<@J)7^wszDgC_vOiGV>4tO^G9$W8>=c;v*K0Ei5>6$47(1o~gP0burE z2vH%D+Ie8I99l$#N`oCqoFvOX9UxX*1PdkFjwl~W2#U9u(4>VL7rIooNYw~hpYSLI z6O5lG$eKGy3tF8Ss0h}!3`?OD%LpP5<(-OC%#gJmT+NY69ZCDW1jxNs0ZfBHFZG-4NJ+DIsPs8Z4@fEYb}v=Atj^ zVk%0|FAk&X?Bd+?A~7ao-~?kBDWm=~YK}3&4Kh9>H7*U=_*XS%3DrN);XM3+1yLehXln$v5X0|x0v4g3cX z_8*OTMn)cxoN?qchL=EWmoTOVJB$GT0E2D}LVld2MuyV#*qCXwqDv0r4SZx)wT2Z~ z&`6#K$MB@M#TrOdkw$wQ*$1V#{#M0DjFC5udm8xc{} zP%HlU_s zme;#&P(hn{a`+z*(0>5+;R``IV!9AweO}jn zs@H{XD9G%~en}>W{)Q;UWN1T*sELx3LC_|Co+yi6l|g)H0Jf-%x@bYb=oQW=j_ON_ zVrP!_DCZa@W%;O(9!f!`%|Q-njut7}94V5{sFIcqlQwCKKB?G5sg#~5m4=O#Ua5#? zDcEc&mvX3=ehrw0>4lD|*OaN5RwtTrjhe2hW40;Q&>~)Rh+E*|hW&^}Dk5lXB%DT; zoL)_3iR5Lp2(x$y+=brdO_jm$75d1GQ2wbu0%>Wr#yQwz1hm3CO#z+723a^n6g)-) z{aBibOr%O`)=+9|A*E6_gz2ScSBeXvnaimV31i3*RXmFen5AVHnI~AoT`+}=Y(o}ZE;3m%0g2}*IM!-gT8umR=Zt*a998=7Qm z3MJ-pDoBcbtJMUm)ks}NSmqKA5DDHNw0z#x;hka}MT8QBRt%9=ywIsYo!TF^`EoU-%QvCa){kP1#8cqNR}xo#4cmF-soiFrf!1AO`Kqkamg5p z%1=n&H4%&xfx=K7+V=>EnaM0GX)Pg~;Y1urKPe}?{h_>ZQG@KPV<=r=Wa|&n-_WLN z(W?Gp#;B)_WGp9*XTzz*yC#ULR10^Kh>0MfoQPphom5I;;y*E!QzfY4{zhUoADuLj zk-%V`#wU%~NPDt{+v-)P#%<9^Y}F_j8wCm8KHPvdsIVwn9saGUqy-3}1n{IvtQ4E6 z7#3a3F0831P3c63L53PuXk&cl0vxI%T3Taltmr)`(0&th;shsxZp5l8ZAq{7zSrE& zyw=u*v_Zm&IdZ`6D*_`;+3HVyff?>e3@)147L)^8I{VuFbq>~a9Jt` zD1@fE6Aqu*=khR=nQ+f|R8nTdQnD)!8gc19t6#`a5g@_=q(DhY;-o2S0$@WG?=TXl zmJ;&}yWK?60?!Va$D*B>RNY@;C}57+lf9NizrNxa2bd2ZS8J3)#a?C+8(SJ-9E-SJ zBf8Q&Inv4EL{bQ59^+OS?~GQJ0u%tk6GL&k3gRo7KsU+RUL;i{c5Nt~-y`dB_BLaM zr5zi)uq}Zx8=1#DFhSVCr*t-1DFf;rHy1@(*eV-LiM5p)0<6r{pzeO${;#0qEn`+B z$J8!5q#|$^eGlr@&p4oGV&NIx^vpz!?Kc|d8|Fd!hw8;!KK@*ojiwr_1v~MkR z$TYM=^A<#(%tXg#MSqM$U$kvyw8x-u(}jjD8cL~x%DJJLPcB9R{DNY729%tt%yi0* zHK)#jn5W_~CO@M`V~keSLp8kH6p}_scgV`%NJyu~%B z#vE1k1mp9%wFWm>fI^f4AdkjSV@OetiWsX*O6T-vFf}p?9p{=o0DT*xa>IJ89OGI@gSw6{F-iWt6_M}ys zUR-els7I`V<)ksu8MVr*Bq6%+N;xdjV^dQYlcKAHlD1OCCyJCUid**)5ooh6WWU2> zhXAHv6tcCa26QF2s3kZgwuBmDnjBGR_mRtSf)**n0=&T#*@+RE0INZERTdTj%pRo` z9t^d1wC18-Q_LA>L>eDr-&#bRTr3IJ>Bza9jlj=K8Pdizr>-@T--gn;nl<4XQm#eC zG!@+LvL&B18!i=}`ksL~t?!1_wrw%9;S>3d2_Dkm!rlcwoo36Hiw5TQ zFNHa5|IoZa=yO1cj-w`lXn9L~DpnwqA&=V*y@zHJo`1~Pj{BZ-FB>*N$sH!)Ctlz&sR*Ny1qm)W9iQ1n*a?(x`7GTD$hHH18<|;; z`kW(jmp9Y|aFJVZtviuLnZwzvr@3EA1xc()sb5|_DQEti|HPIL2%Jd|+F`6u-nOqa zTtlrypog+R^g1gQdOUf$7yxS`E&Ae3AAgW7EdF@T?6Qi0V3Jgv4~E=(TV6{EVuRGT zN-dxL!4kYq1SKhnQ6Jxi3p1A+x@V?jCH^HXlexU7OX-5uKk*x*>4Ow3f?m}iOhxW` zD#*Umd0XN75lX~}w~Kr-J8N3D4r_^^M?}Nxm9?8}T8J2a$8PulidP(=6NY=FyBzF9Hx23cDC0Mb<8$i*#3ykj%zf~3gzZ^gEk5=%fWAhKB@*7R`3*_|Y3-ee1C|y6kWWV-%5%=GV z_kaHbg}=RwKl#%SiNH6*`nBO@T&)1LYc!wgM4s&_S^joQ=T;DXfsH z2xXhl!VNhj3d7el>`=rJb^4IC5J^l?MU_lk4aF5tN4G%K;}(m^dlA90|XN^G0995 zKQli=Q_VNmW0NyC;jGg;IWwcv&ONKc6Ei*e43s%PF9TH2LxUsKGD8t<6gNdHW7N?} zUxQRKNh!_LG)o`DRMSsCH07lT#STl=CFF~P#@J&WH8%I-k@upwxsFLr`5=b@Ls{jQkD69wm}&kgTYPKI zSu>e&*4gKsZl=!VpD_+PVWN??$>@rcZrY`#Pj*`BgG26l>Z?U!xv!zI)>mu2xbB+X zuk#99Y^VJ<>72ztLLFtQ~Io^ub#~7&(i*E z?y1V&`!2zsO8oJ!EMKbg(T`I7sMv3R$@ig(U;ZNLf6D&*f6U*h{rQ(8|1|}G0ld)w z=VHL5AuuTgR3MBPNE8P?P(=|O$^I8{NToVnA(?loA zXNfnF{^AtbQ$?Fx5sT{4VokW%Me=+xF=CV$8DA1cGj<1!E>YteuhYhsyb+Flf}(Qj zXfQdlgpPT1&K_6NM?W&h4tJE!Apb?JdkGDZUNfY28ksLZszi{H3{Dju86Hc{3zG#= z zm%`j-CedR|R3h^|$_yMc?c>a6(Q+Ugi=s4@Ma`HM6PvNJS2cs#O;Bm`AJ)X9IDJJ< za~=|%y;5g5+exW+ax@Rd_zF5m5sr)TJQxct%YUQ}?9QkK7chZjmZSs9IIF zTy-N^)v8*!su8b#)huDn$XLk=A*Vhmt!XkVM$p>Uue|jlag}RV=xPzW-c>7kjmTd4 zS{1*-Ca_o<>_Y%s*pgKZpNgH|TC3z(_d#|`l4a6i9gyik&i-hiWJJelp(i6N567Mz}Tiz5>w@~Ws5OEJ; zT=%8~z6O!+d{0u}g4`Fs4P)=3`dcCW3MarW{BNWR{Gb7ECBY3^ut50R;Ez1`9}$-D zMks9I3unx`+TCyw4}7T)mnp=Z8Zn5o8?_TFvBaZVF^f~o!58Nz!!v$jjB99PDz-RP zI^Hpkuj%6~^7vIk9x{;6Y2@^PAxuXF1QA&ULo)o$;J!J@1*%efIO80sb9mK@XbHg*Nn| z$$S+=FPhPfcJ!km9cf8Vn$nfF^rbPKX+>w6)1CJ8r$HTRQIDF`r8c#nH+^bVubS1Z zcJ-@a9cx(|I@Pnb^{sK8YhCY}*S)rLt$iJAVGo=Z(VcEblUv>GcK5sC9q%)_X>ynkP|q zwUd47Y8Lz2;U0ImpFPk5FDKaXp6$2Go$pF#dfx$m^tPvY?}0b`;fGFlKzlv!jSqI= z5g&NPn>p=~NBrQ?40+3MUhb1ewU`|rdS`2%^K<`u>HCiPGm{?mt;f3O`^ zzxu;JefO^(eKK<&{JbZ=o{g`4^^=Fx4-q( z%=!MW>E`bo{BHme5C8B?|M;%~G3@}0E*@}UD0jmV36&oj_9_b6>JddR`BTN0T)=X9^zpaoDKt1 zQ0?Nu6t3{QLzJa2|3Y1!Zs&D4`FxfdbJX z1C6i}GSLm05bLV28-!pM2yq1I0U81z0776FL!chaK?qL41Oi|HKoASvP6%x<8qBaB zq9GP0FbDJS7$%_-qHqOq&;r9S4J}a=MPcO3kQAvw95Ha@P~i*DkrIHR8K2P^p%EBF z0ToUW1>+$cCt(-hp$lDb2J!F`tT6}8?)o(56AiNe)NlePK@Wd!8{q*Ke~u4paP2s- z><)1pB)}U)kRFIZ7e9dz=AjQ};Unwe5Y4i=9P=rFJp7?SKNlI#wV9zJp-HK7*+KmbNi9ZVn?OVSEY zG7E!FC+h();gJm4P!e_W3yJb7zY*x*VGL^$Fm-Y$ZSok>5Gvm>DWCBi{n07+kr5&B zFvpM*fi5fOY%9C+H23T)d6Edp&=s)ZEQb&qlrSQrp%j*qEobrSOi~?G;1{LGBF&ok`R}eBEQ8EGZDUT8wnbRr> z(;GPR5_C9iTDqw+e%@*iuGC4r$m@9`PoVHbKbFmXW{xDy*B^Cj!S zD5X+FnX?-&^gN-l3u#gkMbkYAawg_8M;om^$xtC7aup|`69k(U>4>95s>jX{Zc)5vKynJ6-G`*TOk~&aSR`FCl^#9yHGjD z@eu>FJ1H|m!w?nQQADrt6qs`+N3Ipv@ErBg1~v0cf38LWP|!?MM-|o0cy#%e6akSA zIgxHKfzD7Fb1nP+&QcHWJ>x7<7xhyk6jGb+QAJhiy7cHMwNTp=Esxpdt_Vr-dtY1-YUY}K92UhY577!42VhQi&EcRk&PUKu} zV>z~CJ+|av4r4`jWJ%UyBbH)OHe~@$UsbkcUAEa+_GM*uW`iweY4&DucGhe*XL+_~ zPi<#?Hfa8Zw$p%iXpQ!0BdutWc4?Wm(3G}mp*CuZFI=UzYOPk%p7v_Bc5BfrYq|Do zx7KUHc5J0qY{~X)m)302c5Q|BDgfba;WlpNc5dmmZteDN@iuSuc5nH%Z~gXf0XJ|3 zcW?=}a1Hlx5jSxacX9L94(z}RAUAR)H*y`<3K;itF*kEHcXK&6Zw=xcxFK}4VRW^j z8cg?eQ8#r}cXe5}bzS#$VK;VVcXnyFc5U}|aW{8$cXxTWcYXJFfj4-CH+7RC8A{=J zkvDmfw|HA&c%Aoop*MP^cY0Zubh*JG*kQ~b9p%upvF0028>>W4T0 literal 0 HcmV?d00001 diff --git a/Media/Images/ConfigWizard2.gif b/Media/Images/ConfigWizard2.gif new file mode 100644 index 0000000000000000000000000000000000000000..8feaee33607daedbf0449acfebd0049a9699f515 GIT binary patch literal 23568 zcmV(+K;6GbNk%w1Vfg~D0(SraA^8LW00000EC2ui0Qmy10*C(q{{R30002P%0A~UM zPyix003KTaB6I*bIRH9l06CEWLuvp+o&acQ0A{uTYMTIRx(6wJ2v4LGQ;i&SoD+-$ z7ytkT03jC_7a18w86tEUKUf((h( zG&CtPcPK$yC|F}JnjJF$05AYRG#f%QB6KrDoiI;kIRIuj7yvg4AUGLAGciavHy1cK zTQxm?I#+2oYi>1dlQ(9yI&{G}cC9*)kT{arMl3HoIgmd;KSO3~LW7kb{+aht$%!0vhwY-l`tKyfk(vi3Sm$kx~NCcfq z8=5~hnNcyBZEcroikNbenS_L$maLkZoR+G_o4S#mxZj)0)0)Eno#FnZSDB_|8KQ`w zqlt*1mCB-{o|)0Mq`~c~R}rs!sI7!;t&@zck)NxiWvZ&Gvc;>c%IB)s)~wwB!0!IF zWEiz%IJRY1w|FbKkWaYnrM&z8xM={pku-*wd`t-rnGxLglei=)QL5{{HB-WbD7A?aZs};<@Yb((Uc-|F~%U z! z%AHHMuHB+_)~&0z5boW-fCCF295S!ozHtdFUd*_$V#DhYJDyCrvgNULz8zNR_p;~D zphG9kyg6ZK(Wq0aUj34EWX_3M%brcUw#CevCEMQ3yEkv#uT97HO}w~q%fNLXU(UR_ z$^g)#OD7rNo561ZBqmq*ZFt6gTonHO>$k{3Lwf-fyz8i}j6m?>|JiepuSNWX@HL`` z9)w|jnB+mH-b3gqkd1vD)pwsm?Y$SCK=Ua$(SOcW7*cizVJH%I)(ym=cG~2|op%GR zBaU8tJ(Qm^{rR_rd;UG>(0l^r!$OPWv>4-p71<+zc;xAb5QRG~L?lBt!kAAd4(;E4b_;&WZJ;Xb^nk znAcF2cgomMK0~ZG&J{h3*9edJ`B@QpFj6T)G79l|kfaVGnh>KCDvA-M3jr!9p@v$j zqNZDxYSEVip$Za*W0Gm+LjGwc#3mlJ)(XfTdqfgTa1LfNV2vyUFhDYkz-SKw!3NNu zGSKN6U;uV((JYn8x(6N`!wS^Tq1)DCMl$<+3m(&0XX2~wCe_7Ef?5A>Zrs7HT-b7$}XI-y1}N4 z?}Ot)JS@TrOPlb!)&4`Sx%P6~h_~R18{Rn4nMbn9A}6!1$ENmtk*fay{SkK6RaE9T zXCf4@`Pmc1lg?aW2 zJN7^0{5ZFQG}=Q%{(m`6S#hBD7Hjr+i|FX2dU1pMpw@niy@ik=i+8tugAe3sL6hVA zwtRAf9Nye@e=Pauj}sI*&YF`=`R0iegtppjoA+P16uaFY=s)_*nsmGitr5_^cSLm6 z5FJf?K}$3JG}Ke`YC0FHAV_V^wC|JlfBXGNZ|&;V`%l-J&PQX8IifChc$dSsy+G}G zN{lK)&~s>&1+A~`q3?Q+I_eE4O#lAagO1(0Co%9X$bOddo&nA0IYp%Ja}5k&00uZZ z2P&`(=Ub5Y%tOB0$*4i{5uoU(1UOFV?t}&bo=I3$w22rGRwO#eGs19&Fzi7bkqS@i z5JgV*~BCKq4VgiA>Czp0+1P@jMZQfNY2gNfM@3 zJ>-QWatJQMKngnz=|SUAPvvTa12L4*9_mpL*uHqTE^3NAxpPvsPUklFgszj28pqz~ zmIWb|Zy>E3Tz)nQK+;{QhZ&SlCMgH9CvERY=uuK9PzlEh;!Y8m^3ez}`Hr$h(3hSp zW8gx$g;9R)TM*ji2#*=aZYE@q8)~6I4A~GwqA7+4smC)M`N;SvBa_L}lQQ%)OMxZ8 zk}Cc)S-TQ8y-<=WlI!^%Jt25W=3ZU#8s3H)S9(vf*k`m;Z zH-}1)-c4sD;`C7P4q{HFp_3#aBr1}^DAlUgrl|)>-bpTJRfW7Wpj{0sYp{Bqr-B5O zqO$6<94gkfriQG@Gpk$YN>{7Gl^|NJt6ujy)Vq2}u6zxwU@PR;aRPR*h)ry73M;0= zD)zCERSjc%k%h=w_Oi3d0xD?H3m9Vdv!DeHWAhr?(wbH~PxFiZ!*fVg9Xa zXDe0M%0{-d&21oU%NpG3_P0Lc?P`1r+~R6UxT+zpahJ;+xC`Id6)hKp%T*@w{(y{379^AT z&7&c3SuKKQFT)675*CY_;ml{En7J`~?z5nO@@K{<*B`@>&IRr;4kR>b48l;E7aYwH znvDRg8+n!hsH~7iF9jYPz_dc(;R8_*3DOYB2MkOd5>>N0B4MV|3nJZ-SnmT2oGyu{ z|AA;q-`W+!pmd9Kt&(wE8Y0gUpeu-RhYQO&t^huWtHmg6BSE?!jA*uhP+jS2H+T`g z{(`m>vg=3FIwAgG_D%MIYEr)%bKG{wv`sQ^iKM&Pu?|VTRWj{;c;VRf9`Tch;%;86 zJ1vD?40q>UZfi#)*ye6X!z+F48m+q1-nRC+5pwT!x4YDPiua%XE>3Tf+gsiH{z%GE z!tO}JLkCQV^u&ivl!A90;m^jafhV(Yl8@sE0%O2>{5`>3v)d9CxA6$(foon5!w6mo zz@p({fucJdI!K^d01hAwq6fgy+Y-d01#R(5@+V75aL_l*vf=PpL5k6;;;_VnA^E-2_E-Q9~9df4!e1bF-a7F&WosS$yg6n~A_Owk8gJoDf^{dBp>{aG@3yhuYiEg|6 zV(e&Flb+KsX2GTt&2_q0o$y*8LGn4@a#h8#fCeJ%U{42V>~;5QHb)G05Ov2Ue_xSsiqUfc zRW~n|Z7oM7Cg*R2M>nCzZ0-kX5jYT#mvrtYZsU<{$O%(Z+~Amv~6f zKh0-$ys&>)7ah5{YVH<+&%yvPND!Wu44 zTDNH(2M=(tf{-Y37D#R8SdDlnYLJJENXU%qL2AkNd%Q<$$(Ss`sD>_30}pm{wD*qT zNNr)*Oc$qW^-v5{R&U@ajuAM7O!#CD=4$XDkN3lV7w3Nh({}Z6a8>4D)i;nZP!GX} zbt8p!=~xh(w~H1x4`d*au4aA?>0${9{$(*~f$SCy#h?n!7>yA*ZtwALaTgt%wrlQ2 z4$anRL#TDxcMt>EZ1<*%8z+nG6<)oS5DbTlv1oR}aE6HJ4+d$F^Eid7HV-0~jLQg* z1Gj?SCyb?rh}9U2{w8$WC@7caVBh$UG)a!tc#iByEss}fc^Nhz_m0hYmhEVPfhcp8 zw~SQc0$f;S5-5=VD2@RchR67r9B7wDiE0dqaxdu$(}rjjsA1FAXkZBgmAR2F){*N$ zkQ!MrD!6MlQgNrah+$W1M|XjDpka?VkuzzE#6Sp@Ko60S4Il@a#71@FxN*D2ZrXrq zjaF|nXAnziaCdN(U7>)4!GPxeNRuFVCpI_?hA4R)cm*ptkMDv!QLMneo<;UFKrYDQu!yk&xJQXLyDa31zDJ zm@--ra7dtlNo!L`pBtBMM8K595Tw+pn<}b;mPn#>R|Vln4n!)Bw&+vUR&L~A1^-Bz z;KqUVd7wmCoa%OO6q;qTXjrvaKeuR(4U=>W`EMYpY%0^85vX-Vuxigzd@KNa_UM@T zd69%ya5m<4?3ku?dUgJZxthVU0PE*`YgcuGhnJKVAOgS!1xjs1Cz0#8oxqoOAm?t+ zf|C272WcR6_$DxsYNthKeE;@;xi@cY_j_{6dLOE)Cg*&jdZ3F)b;j74cKCN-)uO3r zV{?jz!6$v4S)(l(e4$CIl3J-e$#x(Rb2wU`qFAJzX=Cd5V6Ccc?{}Dgs)oTbcU}jm zBT8lN7j^ds9gDVz3)*ovm@G-h71%i#fwn2+xL1BUXxBNWja8;6QHFyxh4@-#`bt{c zr4n!XZeqoDoENYH8O49s98)TN0C1 zSrA(h>bex%O8$ii+iJ5)bCJTK^%{aaX%Heh9?|F#h&X>q`49kG8-Dl`D_a$s#aRoH z1Q>7-cF?pV+ZH2Rv>ex(5Eip7@q$*XZ%<~OTSl0Xa&2DA5b1UUkGiwA__F9mwPJK^ z-td$|(X%NbwObKzpjfjlLu^Tb1sFg9$3qa%5JOJ;v}_Tzc6$(Td$uxxwP>4ZTbs3A zi?^pH3@ewmc7STo=(d(Q5pa9BMZviyA-7sVw@(JTlUo#e%eU=S5P|C%*5!3z*9c;l zoA&2|z2~ag_kV;Ce7PFCT8F2ix_xwGcmc(3pLYP!0CzUVb$$qizgT=#NO{(Gd-O*o zuD6Ru{^|;wx1Mr`d>1(a(TjcE*Q<>XV^3(JU8jL#aJ)b3WW+}hoj8{}dwhYHd$YNc zu4^b_H-2}3Xedd8Bgu8?)(0%`0iniw(J;E(t906@yX*0P%@%;q5~5!!h2tA6sK>y8 zlYIe9h&?Hidn&5)S!(NY0NOx#v^sauYj*~SY0)RFBH4P9Pymf-fzz0M2zV~P2f?#@ z!W6lh!gzU^_k9s8mY+9vu@}MXaf);oYP*LI7w5!_n-Ztnx3p*wt9u#HMWODw2qC(M zl6Gluc!)dOe6!T4#InYtS-ON1EW3a=YtIIjf-PlSBKMvDT8zc8RzK#s6T= zH8I7hOAuFV8PKJS0cDms7;g)iz9IQ_rx%5LOl4koX|8s;SUGWV*>U}BhN!2J@mQU9 z42vG=Q_-<#qMM>^=#$d}9VqFm64<7|D9FqxmXWr|=qtH|S!ZWSioz)jPAUG*cK{DZ z5RF6$&#Q>a26qGRN`(8Tuo!u8rf86V98jC*!RPXIM=5OkP@Wk*%h!vDMIBJA$;#a* zgYg!^W=MDuNR;|Kny<^fl9$l^25In2${OjEKAU;vHiTA9o!PvpBFxRBYrZEb(z&Le z(ukQzV9w}F6V%ntt0iq^Dbw{<&(WZ^GI?R;~K%bS;h2vpUK?U=6Mye$fci%&1|AM!>Ij zZ}-ZNF!0YXxr~R)tXWf)8s;9t0 ztdo6l>88K4?c7#7o9P?YCRg3#{Gn2f*?%(RU;DG~nB6x&83es@x;iWCniKwk&kON)U;r*5cZqQ6iV4M1#n@`q>0PYX6z<=4c z;mOQv#Xtx99Hw+5;;Sg3NT8#uSf4t2ie>nqN!^-Jp3AMtpI-Qf!giPk?$e6cZo*uL z*S&8wdEpkv)J=fN?s%g}ZZ9T&(@@^u!Ccvb2%~EU-RfN z-EzNf@JaXOtH`L@#tqOBtTv(Og1Z(UFBJD$vdiKAxjo_WjII?yOY+MB$wPtiSiBX; z$@0u$oJRrk?o9JKFB3Sw*E|37Ez$D_2J}P^vKq^@_q`Ap6%pf5V-X?bNfGizKlKVB z^o&?9OQLIa;PfG3Vj>~++H!;(y%5o<5H8QPC^7Op>%~`5x+-Dv4gvQR;mQc%uRhVc zu&jz>?-I<5%sFB81z`_dUlRRbMcCB!jY1M&|6^f$5M|$BAI=hSxfPEu5u|MrZZG#@ ztF~t`fCy1e;q)NX9@Doh0)prkvG|^C`lSA^_mJPisPA%$i4~O(Ya`wGDyRLYe-WAw z7Hal6JXTK8o~c(xpu=i~cRh8Lm#1Ieo~4cbanDXjV-Y3^~%}TCEwm8W|(Z zE7;aiPl_aogk{&tVpl7er1l~_9*dglWO~xI%;U+QDy=Iv^3mM~w2k3q;Xv=E{tzSe z&DEq)gVW9132Jit-n`L~VsCtLb!n_xVanVG45G|a4x@e|5hgXKLVL_6+0b&Wp8E3p zZzciXLhB}jG%QHLei%_JA0Ot)EiIbDEA1j>T9RnB037NlMj2(SLz{2Dkud-aHnO9~ zk7k@{i!%1vq9v{DfuNwN-mxd4ae^@HB72MsKq9xyAZQ;fwInFCgbLaR4X2j0=%0q7 zjIvB1*NpMUj1Fq*!<7~>{^_8j@DfhL)C|j~1)SjVlP2R}SnwkD#u-Y^r|v{-$tWq? zY&}Nr$cKgk?;0jEj09B>%-kj;)U8k9Q3+21HzW#Frvz1XoUl%vsvgAfT<$c@Hahe* z3sW7ZvH#e+6;W3d1=i4^fHLX7PE(V$z$nLZ?j#UdU2-|XkP55POAUi_q8EgDG}P4Q z`65J1F#_~YTZ=VppK>QV*I1m!8KGHJwOwnyL_s8w)tNpGO}Itw%oMM%0(7NX`d*{= z9bpyKXh}$s8X?L~QPoI6e+`AOseHa2>!wpfR+rqwKtz*6Rr6WmG^04RHQ$$F!pNdN z6`6?(oY~~LqZ)7il<}K7c=VA?B)P;0N!S`;MZ+hNE=cK(rlhhAh0TOC`^h6^A?nHx7UEMOHR=Z<~>R@^tYf-31*)0~2vD8qm~G_%%i%Mhm} zC3mdiTPkU=g`cPR_ zkU#>vZ7;u<+2-2be!b8YHUxcVT~oia8{BOqm}kDAQ|rGq2BQ zfeiJCo1p#}$EuBC?H^6L2s^$+HVXa>M==r_(Rw5!d%$QM5ID#LADE=5?Vtx{mSniYq4HjijDsvP^ao=#+s;1irhPm_o_#k z*KpEdNLX9j%vU{~XzD?;UHKM-j1DsJDm?k359rto#QiGQ@HsF-sdx z{{EO0Swy24wP2gSws;2yg3f^uEQkbuSV0?Iup>IsU=TGj94irtMNCqm4pBIqgitL2 z6NFmMT;a_ZDNZ8nB%wD4u!bE9Q$tg-(lpnk&Gw)LWndc^rtVY>Iwa;MAB$X|-ZjWe zIgyRMT2K^S3DGJR%1*1~4hwTJanCi^|Dems$?ZT=hHWndGSYdz40Z1+Pmj%cT^1 zWw{VW)u%LuULlR>_C}RST^7h+sT3H&=64?EDJ-T<{bcW81EQP|#+7grMBO&!{)Nos z0}dD4>MiY=M5mSue|W9iQ4PW`R@M|F`Dnr$UP6S#f^J-&YM{+pfU|w*OrK-3V9Hy$_VaSpWj-MHqs-> z0(=4;ySONQe2L2*Pct05D2XI(ac*3d#KKdVr8Hcz9A7SAh3Q)5D9lY`eeA*#0kB~+ zuHz01s@qf95lXz|m5}Iy>y*~&1#`1mWlM0wRN5Fo4Z|BOdXja#^X>#WRgD>VnHdxV zs|7j_eo7HY(irLz*rS@9u<*RA7WTyU9rtV0b;CFuufi8yI{^U`2wbiH*(MG)R$%}Y z1^QU|+GMb1sqkX*(^Am5sISTOiGk?4RZi{XV3>6#KAB`Bv8gsjp~c{6Gg4YBciGEd zmJw?$31%{v+017~bDDW3NHtTCr)`GwMlKd-bS;w3cg_fwubF{t;@Qt?7IPT?JZM4} z+R#0t)uCtfW<`@3Vt#&fqt&cuj%1LuMU!-<$rfl$ciPjR?s9fPy|+5W)=%a~SmtW6thTG!gvx5jm@bzSBvR8zEl-nFJ@9c*G3+t|lOcCzW*1Yc(v*vcOC zu%SI|YFFFZ*CsZrHR5WIz#7|amiD*BJ#KQB+uUHTkv1gp>r4J`@Z4q&H=z;wSmXL` zE$-`xPKNw$e)rqo{jS3^BtZdozuMjZ?sB{hO|5z(F47(OV@DW`aEe#l;-IbrHk1I2 zf_MAi7hkQa8Q#U~u@XoTZz8@yzH*kgoX&Ny#sr|z@r!WTsAMHO7@}SuSfKKom)-1V zzp}YU?uicATMwdJgQiMB@Sv<3U-_wtHEeWJXHO)jTRcnt zoo2mLteo(&@3&Xp@?~#=zzNRw%TJTjz=aU<^!U+NlK!q@Xq%i>geNLvs$y~oTGGg` z_%B{uD>7#(Cfg!fwAG$%frJ|8NhC~9`noyXEg1h8Ok#5{zk z1U({=4b>1z_E$?~d4k`$&Y{ZrRIwy`eh<>%C*S?=$F{aJ!fp7^X!*_qr5hnCIiSiE zLNXPp<*0(XAqOG|5$_|sPyxT(cq@w1k1N=N!nld8f+z>PmB`~4wraonEgHTlB` z`tv{@0STYNKgB5mLXn*O8n4sv3!{^cp>qp2nzto^E?4p*WXZ4ExG0R_iWEGt`j86w z(ha2oP1QL7@#(XFTbf`s^i^hVehi`a>UU-IYct&bO$8`K5Ym||GXvSx3 zhjOr{HvuRWiV-REGI5GFD_e(N(1vyX0LX9Xg?UuRf;32uV8wp=x;{{#t~rd6I{~NSxfX z)B;Jv6v~fG%%iMHk=UN4tQE|Zk*2gs&4kX)R)Wmc2n(Ns zLFZEqk|+(7xBxymiZ*dLjIVfBoM=UF<)61fpMx&X}$?`qy2o&4HZ*7t4f|>$ps0~f>_An z90!Ro(Z}KeM<57p$;}6%p*M{h*!+@(aGomihgcC~U5&O_)}f%9J0;I9 z85^IxPy8gxy{Mj%;iM}>6Gkwg(W^7(If7z3rb^W-&G^(|_<+Zg$s}^0XGslAg;ybR z)q5Q@ScQ#R{^eI@%u1dK(`1WAam3GOXjI$qm8+tOXb7rzRT39)f{Bo-FM=$|0=&AB zQUUo?#IV4As008JkQx)Bet?857%a!almNunm956zZh)gf1R4yY1MEGmj||F@ zEXnUxUutvRI7BT29ybI|;80v(;j_=6%mN68;F0Ww3g*usd`j!ej-85% z{h&M1%Za(Tir}D+*IJ723XH*!zjJ z(yl`}+AmsSQ*7eP+h21O(kRXXJ{Dl3L_+Xc)dHEb_5mMNIVIoep7YokWC0M;(TdGE zjq-aL%Q_zWa7w1oF}I2vI&!f((%?J(T$kOp#;sh``bqd5O6eULZe@W|#g(LUvBr@K zLRnmc zZP=HRs+?k}R zHD$pi-$WhAo6TA4Bd(rZJ*#!vs$Giq0wteKj73lh79+jx0-a_x=;$aGlr1rb4j#!c zl$HR($QVMch>Z1GX!o+CqW}se-sef|;H@OaE(_bS^+)M#>6_lg@a;uZUK3yx#+b(G zpnkUnW=8BpJJ=QKq~_3mX51fwNzy!OrIu>&UEC++>2~bOHRXtVsDnCi18T*Hdl*E0 z2!yWwYFb0;sa9)3Yu|-z$cKzbjnIcmAP9YEg^dtvAjxZt&<8|dPK~gJyDqe}UhBfX zGuJ&+m;6wT*z1mH>==3Mf9UJK&WOM^G{QFQ%$_u+w(6@ahpgPn{_C{qf8d8v7z6{! zg|5Eqy|#v~KJ9Nbm;0f2!@N8Y>YUEuKtM9cI|&?ZP``_zm{yj?rUE7YO?lf zg4pdk_(sgu?C35t)P-u%q>gPQxqe9PyY2^BxNUx*>%6w??hb~zrq;+-ZrOf^b9imb zE(q`@2+Pjx$tLT&&TX-VZ!d#x>E`b)dt1@Y&d=tE(ryLcuI*qDYwhl8)n@Oo4x-#H zh~WP1=C*C%wr}F5Z{m*au6_f0$OXwtxc(OLSbN*W)=Hy3)2+6H{Jw|;_il`E?}9*Y z;*M~^E{JpZ2=cb@;+BaFmx;)h>_B+#5hrqtG7Hk~X?$?&_ zkFW-_xrei^@{EA+e>evakMPshhd#J%%jO4Cxa}{0hxsORjbL%q+V3Kl^PWjtS?$+Z zZE^)yZ_*wG4u6Nd*7LJ&ZpkX`3NMH*2krw`?l&-n+vaM?YVJcYZW`b4K`?L|hx0kt zbVbuzcf9jj{a0_?^igN)BUi&DAHg^$^;O4+Xa;IlhxN_Y=}JR&4^;J7Cv{hcMqKB0 zGt>2`?)6~zvR^;DTNm~sCw8+l_G2IMWG}mAXZHTC17Dza85w{o_~&TXb~;~y4(I?G z0S9bv-sm)hayR#LNB4AB_jPCYc6ax8hxd4w_j&%O_jD*Y|zr_jZqwd_OZQ zr~ncmfzee$XzxQq*!DP6_>M4yMTPi!X!tUtf({_~Fst4%~PO-p6#mYS)y3b2qX_-`O?#2-2CWxi98iRAfcud& zdwn|j6{uj{E^Cr%mI(PEy>GLPhphAZdEjrYYPDAyU z*6T*(sULSwiD>Djg=sycMtzDP{-N#L&Tn`*&5^TAlT&&!CFY+>r`*T@yw zePHnJ+k|#)+k*SX5d3TStk#6>jC`3`5Mx4qj1<+3=(r#?MIC9*w7D5_LCYp9GPIm= zTL1wQ7osLW5M#}nhiB8SZTmLve~E7@W$Kg&k7)EJJ*|3`>2BI0R;W@Hc5LqG(#@*1 zIhY_k9ZU$0>&(+G-mPo@bzN=Gj(U)UjM)Y$6Kj|_fJ2I z#6{6K@x_%-4w4i=LyiA*H(r)NMk&CQ|CD!Kl>uB(X;9hPHGF@T<~zv(s|{n8JKy5WeYE1^VTyA zqE5aku6JT8iRS)Wak;y#wgRKKo(}|e23lwmMeG=U@x>QGGVL6=(Pj;X^p8oSfmV~K zmX*rTsR0AKGRrO7l&fx7IThkkBT{7|a=3}m0nfg={Bu#lQpDCgWW2-HTs+eFkB(1< zc2_?hmwnq4Q`Zuc3@ z+V`saPLx0{3EsT#l&NK+w=w*WK2J;p@u(C_j5vT)-ZG$-996d&eg_gb-)NFKmeM=; zv_O!@C%=<2(5b7QD$KC{Hq}(dors$inl$J0>bdJAbV7CsqU~Uo%%pUU-%bj()Y+;{ zNG0?{lKxG?;-U$d+F{1M(u_FP$QC_!B_uCJ=ha)-IB&|UW1$IWJ5Q7M{_Xu-;97XN zK^G_jUjP_4KJlXzY5Y#b@)wfL6a+Q#>C9*hqCb;?;76_@%}Pv#kl3h9cNV;0tCAu! z*uhQ<+Q3RyaFd0vfJG-_!5|6~!n=aZhzP|ah6|aNqotke1=x`mwWxG0CshFsHi}_F zqW;8Sp*2oQ$wHgzB&?%24x6&8w&kPBhWWzxo z{t6~y(-T1+iKg;MF>sIElHIB(7$o(}P=0Egma3P&Ao*ZlZnA>5!WcM4dQCcK)FUio zDNCNTj*hmpgl%lOO1V%He(T#ExnhVVdH7lAM zh>Dbr96c#YQ>xOHvb3cxeJM<1D$|+Lw5B$_DNb{m(+lR)m%uEkZAc2#p%S(Js75tR zPjPa>qy9yxOnoX;qZ-wu-ejp#-HKDMs@1J>Ri0F}iB-EAl&p%itY$r{9>2Pgu%dM* zWNj;4<0{u*sg)vZo$E&4ir2mJwXe0QYeMeYSH1eRu!cQsPykyH!Sa=`h{bve+R>7>w5B~RYE!G))v~s=u6-?RZK;!9(6+X=y)ABg z;Za`hBpfby>}Nq+l-LrtxW+v$a+9mveVlH;GtKIE#x4YhD zigQm3UE55Sx`+*~b%pZX^|H6U?tO1}!)w~{{`I3c>BDc&n_l$5x4-`W{V#w6d`tP3 zmcF!^>?bl%-Tg{Ozz%*egd?0>0@vdnVt^wNegHxP&!)WjJuG?|>=Ox-xWpztu`>y5 zVL#AuIJc??hY#c71&bIrD84a{a~xm-zYcbC#Mx3}j8yyH#2gCNZ;frN<0Uh>$=T&G zhHv&_A^!!zM+Wgtzy&bD>}41g+z8;v0?O$DrHf_cN#EcW9r>llmgvA}DwraVOBf;% zOreJ^3~`8PEQKD;!00cS@@7NCc`0+Q^PTg&=RW`05P@FGpbK4(L)+QOmcI0Bp^RbK zF@?%#nXD#0Y}gf+4K8w_*G|H0ltlK$Hs?8*blA*a5FQ$%tNy6RJYwm8{*cv-gP~CjnQA%BiI-nHl1yaYhA+`)7HMWX*C@?7Xul_yOm~D`B~T%zFIrn z`SRDiCmvM0I$z?;jjX3bM`vTy&VycdG>)CoU*K7zx289u?`?=*>l@Jh&gj22YHy7) z8`}4($c-GwLNWtl2E>TQvYfB)TMnrZc&j(bq8rHPNwN`>zQja`f*$8tswurKBZ!2Tp`UT1)6>KF{ z>KAy(VFxnQqZqDmTDgz_xP2Hc|5Oh?00tn5X&VP|+VMpfxPg`OH5N|z4)Bb@)J0$7 z9Z$1V-|{ri^F+@u0Nv1}&DtbU_ACwes9WX!ZN$5onZl%8XS59%9f2%ZO)VG={s|1= zl!xL)hXCfF4gwefcF+fH9B$A-39v!}uGIos7EZL#3&oHG-T?|miz`eE;nfH{^w1Ak zPYS9D5gm*ZeGk3l!xEjE;2@C{-o(2dOeIyG*)+i$Y)iMO$+L(a;3yr-p`McMARgwS zclBT#&C!P8h8hR}Arzrq9ieCC1U&eWm;e&V2~wG?-1;F>lb~RkAkpGM(j`t3y;M@t z5FI8FPC~p}n+O0KfS%hB%#S$T4kc2`xk)}k#om&836ZU_Mt`~V>a zmLbknh$Wd$+@diaV{B2_XmOlb*Z}@7pa3-3-SQEmZ6KpHUL$HLqi8W>S)>3qL;)*E zBLh-nZD6B0o})NvBSLW_S?ItshypuxmN1fIIijOI-eWzeV?D9sR#bsD7{d;TBNEc% zY~Z6on&WKcmO|o|M_q#u2;?CWB!U$|W^N{EO5|jj!v=h2Xg<|KrlxAHCTq5)YrZCI z#-?n}=4)Q$R^mhelqO1^rdCZ{MdBDgvWjF5ByaZSZvv-nDrQ#_W^o$laiUmouF7Nu zfM@Pzb3&DGKBtLAr>YERL|$i9Wv6zM7FZ%{uXCNvMm|D0AMZQRV24(x)>> z8|x)Pek$9--QL0JCq3+fa4-Wjpy`LcYmDpv{@?dFYZ#YLaT*D$wUTFIL$1b|Hv}vl<=QU*Y&3XluR?0LN-Cr&99HzIhT@D!h)WTbAm)4pfFFsj8N&qIxTT=Bcv&YspsZDU9o+okFG_ET8Erv@UG2vFtOX zLX$$Q>p`f%-fD^V*)FUpu;psddh5Jt)SiiK)9N0|8d@T#?AS`G%R(y3ds z;oceBqQj#xsNf2$pwU91DXO1Inmiyb2zhL?rNZX!Uc(8lpZ(k2HY=jCDcjPW+bSnx zwv}Vbtt@4z+Ev;-phBQNTBWM1p1tU_?U}xTYO__EpD{1elB{qv8l86C?HL-g{jIV! z=)w6ewb`4bS**zdsRX^Wo1N)fp&i>HFss^v>zjcpm1;=5;;!xj74H^k z(5~lq)o+IAfXpst+~#jP?XS@CsQ+>o0AtAgqE+r1FdHE-2wCj{GjMzIrFBX$LH<$j z1@~72U&sTWRRnWz3VHAczgGxb$OxNN37aqmp>PVf*9xbH0KY9wZZHhX6K(de5C1R_ z2eA^?k$FWJe@$Eve9N%#_p|Mt}F&_7^1Jm&l`>`PBjvikX z9}hAjBcBoLa3VKy%;GRrGO{C2GSC#VR2?!UXEIq>a#UfmCV%o!a57YRGANg_Pl)nU zk+LbTa!#N!Q>ij5$1+8@@=?LEEX%SQ#778>u^r#CFQML?&{ zKo7;1y@deOLX%8~s-YPdTt*vXGpXt@`b=JJn9B#^-7H$jL*pGF?E>}`Ln-dWc%-yV zfY1JIo?#qxU63FmN)1^Al8ZESP{=ff;Is+abWq3|P|q~GN%YcWv`_RyC~!1gm9tCA z$kIggVURQyX4y%nhfs%)Q40nc5VaSQQbCtBMbz{^p9NW`Tbkhh#8)$Q$!+z8B=t|k zb$Yb5^mq%aV+P5tv%f1<~CQ!^y?P zBOywesF|Tm&zL_ipgYy5#bC5FId0kVUx5J0XUhrE1&mNX3E&vr_qffQ zgf=F2wlMH>XvFpiP|a!+%Dpu9(C{{#Kp-kg30o|Klw9J={Twh5H`Q1Inh+hL%yydq z$(+y)m3Ys=_=Ej*hfkLapd^Wq5K7;?+!!49_Aqz3#D@{&i=kNJpS<=;05`FSq0A+O zZ_X?5#(P! z(kBH*Krb|8D~X?IHI@vI-<9@aqnqLVi_t^P~FHO=($`pkSzc|ti z;Xo7;26{JQ5TT;Myh|t&M*E5M7;(pFCk&f)`RMIX5ba&Q9812)OV?1L5ox&-8hI%_ z`9)I+q1!o@JGSJh`6_9(KQCe#(cvfw44^all9N z*{z$Io$rH<6ZSvY!;e$DdAhM04Ea^>g`vcUC33p|DU7)g-2pYZAfZnrX5nyyJHnWC zqhn#Yj}53}hqmYl|FuNBtV?XWqJZ;s63s>XZA46~5AYz#mbCewC%gOL^9+hQLCDK^ za8JMYw%4e&`H{=L2M=9rW!y5|BffoFJ;fd~t7{ufuoC2Tb22JOEWZ z7DnQE@ZBroMf`;czPsDBN40s_cs>llS+no}L;gb@7jwAK5RJrjmF!89H=dk-db-mH zCAwT%@6f)RHUAY&&7nG2+xt7KNk26DEVK>s{Y2Y~!K2OLf1o~}Ay2be&=dZzSIq|!KlKZ? zBApxWD|@kf{aq;ivERYgkG*5CLm9xobW-(BzCE1mMd&4A+`o$yLAHM5JwW&)cIThK zJMcKX>$eEWzi|!!McfC*l|u&a;Q4s>{x9P@f5imBi8%6M#Bmo#?i(YFqeg=Z8~Pj8 zu%pZo8%IWziLzfMdW|ZYycsbc44nUpZtU1H-wR=UK*CHP1*9& zj#6EZ#O!c$%G41nvy?dZ?N)*%vvx-66lzkao-xDRz4|Fv#c`8Q7dCd^nPmM!DI&_l zQ8Lx<;m4Q%zK*tU-{gO*GoOF{fB*jh3{b!U?NCjo00OwcEO;zH5F))0ylJ5T1YjdK zhz_JMD56+6AR4Y-T7*Iik?K%6hY&2nDBm>V&aILl)NrhtxZ1~y2sg4(0Kh~HptzjI zL2yT@h~(9>Xfj20>tAGz5*9E6php`|Q9A zpv(*0oy5#jy>HBpurWZfaPf;zKYZ?y?`aP$yjydYC!46yO zvB@S|Yt^_ed*iRwZrkm*;f_1uvpq{&ZiU(I7Ti_pnL<^NOgsRZ8dP(m3_~5}fSny5J*Sj&3iQ`uc0~Q|*I~z64FnAk zIrfC}9&m4$_f>7Fz~vjsbyr;P*PR|dzFqzG2mAnq7KeSUMt7%iK7$F4=-;~QLcr7ZBE?YUxn+1rrg z7T^WbUGHN9{09R~;;QjEL_v;2iT6$yKm(1heEd3J`sNox5vryN_ECrYMmR6FQAH36 zn$VO2l^}vlst@S1xcPtsEjs-lJ9{4g?1Qy)HfTTjgIHuIWh&Zr(;?v$DOgD~CIj#URaFCZi z(4dRBk$f5)i8~r3fPh_#OGs1?A&bKfZdr?4>^QB|#?2;-} z%|awpl`y5{9j@8QQEYURu#BZBYe5M-T)2omI^`;X3tV(qBAQfU1W!7tQEDEBoc--+ zH;Nf$46_KTEfy|Gpu311T`{=hsZ4sGYU3EUM8${{?k0|_;Pe=D6Exm|k7|s_2i@TT zob&?}X0evX{*lgiC^91SWQQQxNsteAlAj@TAN)|*PjszNlyvH05%fxI5J6tK*c5pYno4_451$B`6K#t!qkX3b&>Wg zEw`qsRn@wUZf>#LY6-+uXys+Jwn@%7$T*Bkk%giZ*~f7}dKbP_^rN;!0xtf=BiGpc zk|4pvD`?)LAA1tG7LnSx$5sYgWyma%$klqEfe_1I+mbaO#{&_3jF zNRP1tp1d6ieK#UcdE%^*r;R8200vtDhpn|adF_DzL(rg1(YmS<#tUnRNVaLZG#GUxckRKcu_ zex;rOfYGBQu@?#M%?TlQkW_yd14sGblpvRkpyJ?+LUibFJ-MYLMR*p$U8Y)rM{-~< z&!>Ln+UuC(#Z3^Rnayo>3z#D!W;c7L%;Y-robjAzJ);ZG|B&;Z>;CMmJMWp$g*J42 z`ut}-2l~*BcJ!mmmFS;2n$eK9^rbPa8cAEa(wX-3ryIR#NOv04r8c#jMg3?}pPJRJ zhHa`T?P^)in$56o^r~r{YhA0))`!ORu7MqF*4n3FO`G(sg`I3=^P1RMHT18S9c^hR zt=G?<_O-DMwrUp|+S&H@w>MTFZHU6z+y?i#(H%5#lbe&HPWQXvoi%NYyWE8CcD(VO zZ*#4?-hkHkzX6^vez#lI0XO);*)?!ua~k0dcldx5zO`ff`r#F~xO^gxwuxK&;vM(+ zKQdmojhp-9C4cy~?QL?EBOK-aUir)a-SS1loaXqJd7kfG{&Stn`sR4f`OblE>YmT} z=Rr4mribq4q92{-#7y9XJj{4NGj_0bQ`RZBsI-0jW=B|I8>;vv|05-tz zvacQK%{G`6)XsLfJKgO~n?u~^o_DI(eQR{UyWRn>b-ts`@9qx#;pd!axEmhvjUO|( z!Xcjk=-}^;xBP0u?&Yyxp7UzUe3v)hdC?QtK9MJQtVf^vPC~xlGgtlVN67lqBOCU$ zXP@jB&UoAJ{&l#Qc;$H?{I>aCgG@x}Ie1cx5^%_o`i2h4ouPakB17rF7NpM7du z-?bx8x%R;?wM5@t_u)5x(Z-Mc^RK^U=`TO~;opA#?i-l=1&{yzY`_z~AsfVy>)MbFQ{a6zDfjHJ4!Mv8waNwgaQghPssJ$%n{N=Qst^tF z_z+Q`6mb!QuMzv{5g~E+B$1yeu@YLDv91dFpmx-d3|1|?f2gA9Ph6R-)9cR z&K=Pa1>&(BNsb=<4<6UC_}Wn)*N-3NQS$)O|GM#YzOf*I?jY|bAr(^R7*cK=@*!z1 zBI9NvDe~nk5^gXuBUNrA-=-ryvgAP0ZA5Y;J+36%<|I+_;#5*?Sh6K6?j_46CS}s$ zXp(Gf@+Mhs0~O5%d6N2aa%^@oDE^Ab%Bu<|g6aRZeB0~V7pkvElPps+@a)oR@bWcjEjFuWHffXR0&@*>Q#A(?^m-FE zchek$bM9=DYH+hSg>E?WQ90S}IHx8#o%7S6Q);AhI@>NY{Sh^>6YHw;X|A(7E$us% zCOpNH?zFQnx$``kjy#jb{yf?9(A*Pg;4?n=EPABG0@pRZ~^a1s=Pr*%3C5BH0wQLAAVhr_A$0kuBW>FcH z^!}6s12s~w%~2cv22w2*YcLgWHkBzS^(PzjQ>`*oZ!`)?wNzJgK`S*?ldV&6$5rDE zRuM*1W%X%jRbXuOR=3YoTa{OJEm!?zSAo@NgtcFYwOEPfSm{Su2Q@}V)mgEPS@R`X zrPXGrwPdcfE}<1iw{_aGwO*|CTk~&KZS+^kwba6uUdAb$Yg`cKPyFZ+liS`!>(! zwm;Z5a5Zgjqt9^nY;gIba1}Qv7?;c*S8x&60w*^?gO*Z<_Hwl zbm4<^AJ=r>19cTwbyb6P4cB$)jB`<~az~JM+e~)d0(JvecXNVw`_^|y0(kRQcq4*% z>(+Sx0eRzAd6~Cuofmg8^ly1ndb=!otv5t%7X`Cdd#RT=yZ6<$w*|x3M923J%h&AA zm;MmbcSYAX5!+XMzqdK#_ebB?5$jjAus470*HqWxe*rjv1$cl7xPT4#fDt%>6?lOe zxPcw`fgw18C3u1|xQea#im^D0B{+(;xQo5`i@`XI#dwT6n2X8yjL|ra)p(8B*oe)zjo~+i zxQ-q8jqNy(^>~l@xR0wCkNr511$mGOxsX*DkPSJJ6?u^vxseALksUdbC3%u5{+W#- zxsowClQnshnfQ`9`IA98lttNvJ$aN(`IJ#PmAAMlRk@W5*$`kkmSuUCX}Okd`Id1x zmvtGI510si`Imt?n1y+miMg1K`IwQ}mk+oXn7Nsq`I(_Pnx%P~skxf1`I@mgn?bmg zUAddv*bwR=oW*&Z$+?`(`JB-?oz;1r4WXCU`JLf8p5^(RiC~%M`JVAPpY?g4>!BC6 znU%dcp!FD>`MIDCnw;C&fQjIs8QP%h*?@bYp(T2vDcYYun41MUqs5q@DY~QIIiU-9 zp*?z})A^wbIHE~9rBxc8E!u-ITBBjQi#d9wRT`uTSfpuMrA?ZEQ97soeVU|Ox{Luj zrinU@XZoi*+NK8>r;)m&cY1((x~Zl5po5x&U%IHVT8fW)su^0T1(>P1nxUUsfTKFB z&3c}zdV{YztJ!*qxB9I2*{cH>tl@f}$2x$^x~}#5oYR_!hq|o+8;jq1ujg5=0hq1{ zd!Fwafb%-B6T7c7c&!6_vVnN89s8r*`LgkOvH!QRHM_1M8-pdAvPpY~E&H?4*|7f? zu~ECE?YXrHJG3u&v`f3TY526~Sspk=P2QOvM8OXxTD8}Kwei^ zJ^=~V*|(9qp@o~c@7WzrzyzWpxtDvL-2n!)`=FcKv%P^9z+0ZFJDul27OJ}*5Ce>=D{+n@v768>Ac-#NfFyr2u* zoatc~pdl9eJDwLDoqK$qDcr&j8pCIty#LvMK|INQSj6F(#OEOoT%jH&>9~_ykJjP0 z;oCzF`o0-Dz_S4gBpk-;fyt_5%#$Y{pgx&{3g8XUXJlXv~xg$PtmfIb$3EGR? zuBUz6b-W(PUC!y8$a|dJ7yR7?zR<@x9v=ME{yCxL$=%&K!RGg!-X+}9A)e3iJl{wC z#&=xiANHe*ncdle`|aBtqRW}+^*y`!UCy_Cy!~D0!Mz96nkwvi#Dy=vvst6`}Qxc+`0e0)me)-uim|U z`}+M0II!TsgbN!!j5x94#dr-_d<;3V!KQCT5_Vt`Eug%Ope&yw9n@fH!G5W-wWaWGFNu7Ln zD4>ODVF;su9G>N2jXG8*B4Z?$cw&n}4oPH@Mh3TIjK?Jz-;EqG31x9TF81SrK^}=^ zmRfG%Xr*ZqikP8vz1e7}qK>+vPo|!VYO1QP z%4(~wo{AX}vd&6tt+w8ZYp%NP%Il@Q{0eNa!VXJpvBn;YY_iHO%WQ6*B1meq(oRcl zwbov%*Ryhgify;vehY56;)X^3F?dz4m7LF1PpY%WuE_ z{yU;u-2oXdzy=?TaKZ@ZTd=|oKMZli-ZCt4#TH+TF`X1=%yGvaf6U;vzYLpO>!|$CIt{~&bIv+DT*q58t8DYmLJv)Jzde8RbBRG0&2-aFhkJC= z2QK||)mC5K{%Fq`(QI=aUVjaC*kX@OcG+g1jdt2+_y{7U<7UfBn~A zVSoPEpG9;3{{Iia019w`1T3Hd4~W17DsX`eY@h=l2*C(SaDo)9pan08!3=6}gBtf38Wh{GJ}aECnXp$~ru#2^ZB bh(s)+5s!$(Br0)bR;QiGec@Pm1<8J zYEL+7PgiPc0BUM8YH4X{X>@97eQRlsX?LM&gRg0epK6f3b~6BTL@IT4b##?}b(yMi zo56IergOmXdJt@VFLQe@K7Caye}8{^hP!sC(2HO(`X(wq@+jvGCcm?B%=d9+su&j0_r{{G+o{{9I50RIUbNU)&6g9sBUT*$DY!-o(fN}Ncs zqQ#3CGiuz(v7^V2AVZ2ANwTELlPFWFT*(_r#tA)O|Y-<NfO#iupS|a%?18G&*%@Bw}1Ya9cqY=5G0T3iU}-#{vW!C2zA57_4_ufP8K{Ahi9Obv4L-EaLo32XQEpcijC0B6z9s zX3#p$tg}vt0#2AtfC9=QUyBbebe}-{$O0ogFw&S2K6ad!UXKW2=%YeLGL++t{M5*w zj2tBi(T)G)xFeAgNvYwMa(P&gmm!TP;&u~-_s@6()q_nReDHC}CdpvK&5A4zL?1ls zHKe6MdmhA3Dgwci3n=Ja<7AN&UX(G5IK!ptKRbWq9hnrFiDp6Ed_ijw zMdXk}4~vw@Yp{&=hfgR}#%H9s%=FkF!tyzYFqT$3^N%{-+$gRr>)~@Rl<)+}b(Q+v zhz}|O@<=5?fAU)F{@3VbZKo{nsqM0TROeZ;kUH{e-quiho%ld`7xcE{Y2VB7;%vKp zIk%5XIQZFJ>xXdV4~9K<+3OAH&$p0r9^l(;SDN$e3t?w_&l>HFdq+Rl`H;{IIr9b5 zN$0T0u6zO$4TB2DygIjH5BOh@5VziFeO70B-;F%-c=*=lMNVJ!|HPNKI?<$3kD*o; zM1G-zzYo4Q=^EVr;rQEUo#y9}pZ$aH!_mCTSB&}1Pkf8pob>khx$q6}fBB=(A-ER` z?+qwI`XdDYs?;e`(e8sX(Va(J$>ZOM;@*ehVB z{-lnstwL1(9TQUcI_SV0cFP%Rnn$NRr7k-a3vxBYq4mZ$z=6O_heGUM4eKRE0$%Nj zczYlgzqdIAHZXo$Jfr`{Xe1u`5Qr0^62!LEE+Wbfgm`?32uUKQR-MLa&T&X5au5jL zDegS*cn{womx@|s(LV3-n%_K!p2kJ7M(GJsC9_4wEW*xhmP91oJY@?ad2b*uZ8+(WE}I&y*Lif1)vx{}*vXC&Dah<8j_9F|~^rXmR- zP=`v?kaRO8kt^y)#HrM#I#nY_HAyD#_*92H%b!)vs#X~i)vbEv)h}uYkR49X|1@z#8_jV0|lM7t2_p zDt0yO769C$f~ytY*)|*P&$yvzrYqV=WsU(2Dl7fh8?;OpDsq;#IZFVg9Xa zXA4)@Do3`o&Fxujn;hKg_P2@cY|eZO+~Q`Hx5y!`ahI!9ouk4C})o^O2{+=>P3m@_oCv5+@|bwvSSKuXd&WS(t(1klw!_eeuMVDFfjuX5k(0a;o9{$Xb zcQ8Q49Pw}fFzu21ez_x%W{5sI0A|T$n9m&92M-qPmo?*txcc}&eL}quLl1h<3PChO zXboyqi(1wT@rR-}VrX3}YSNbe66+-Qd^!p&}E)udcQfxdY z8rKr}ccmSj5_bzk;r}2v#OFg_aZp-7+U9q@4>EC#1U%aFZV0;mJ6`UPlPBYVarJHF zJ!=-^VbkZ)a{vaw>VMo>5Et*ThASYCRilR$E6_olyI|>=8~M#G&~$!fZeb|1p#iv7 zx_;kL0xO`n=qMJ4%VBPFq0=134A`_gDlBKJTU{PPx3HTvjABpA+2%hG#MdJ(>ucLw z2=t(D!Am{gr+2|0FMqq+yR7L7)T0$#5PHth^YQ@v`Nukz`ap{Q^>>&669E7*;AhST zhEG21DBir|(Svx!Lz%)&k9dVaEb{?`qVX4(I@3`-c&)$u#hZV-o%X(uH)dpY+gA`qq!nfVa=S`SM_J$VYeOS93q1a<;*84`+Xb zhG^`jXLCny!Zv3Yws!=%y6}STgc58sQcrJDx-sTPO-~jbCYNaL)3|MFe7i)RP zYUEaeHD_zXrVkuYU#eyadWLGn<^!_UXfJ4i^D${qhJywt5b@`GKeu!~H-r~F%k4$HD3t5w(2yD`} zl5b{w`zDSI$&ff%YRIUNjwWpmDU&ZLfdM9Q8fJg6h-dIPABq-hY~htcp^LP^i`#gN zCg+NH7J~gaAFdDz*7%6GMt1>NYV_8TPT7oXd5wEWlV$mFde(NpHgb<=ZRUuMEpU{L z_6wFU4rJhtIwpig_=t8giuR^${5Wt?36YNYW3(2RO(~9Z>6CVYnGZ>KFFAn~`IA4n zk7q6vr77Ltc~gpxyFvPcbUDG>0umE9+N0aIn3eC?WfKUNU>Ou*2^(Z7n{0@1 z!H8#W_Gck@fi>`u#pZJ^Ru5PRlke$<@o0ecIfCeRo6g9P|5=+i8JLb{cQ(n0HfeLK zc9i=71X7S|wLK>aZhH2E9rRj*JADNvZ)SMImYYmRX`dRZst1nfm#AvW zY^~RM#aXGhI-(<5kzi+hnEG{o27itEsFITha(1b$x*sg*l5h5PMH-oiT6eR$tB00$ z&WCWtim9U)YC2l2Uh1rbN^Wc_XT?Z!6siL>cd37xrt3;>#oCYG8K)^$VW4__ju)Eb zc!GJFo}IC$rE+E!ag=G+a445%>-icCOA#6Pur1Mw7%LtM%Ow>X5r0`_8`}|p$EzDV zv99s4BfGMCTK-rXqOvR-vps>btpT$#d$Tw}v#epWINP&C!B>72Z$`RpHL-6Fix8bT ziZY?GK5JHk<+7hOv>HbdKS^xNd9<+Ei!_0?O&eBPkPT2v9k`{220?P1_@!1$ms}f; zW@{2_+qGWxwP6cc)rNYM_I^>ibEHU_rHOpS7=Bpi4Z_%e1U7qccM4%wfi1XtOi6Zg zwsoO5Y=t+h>6dnJih7ERxVjg(m}&shV7YtvW>a=~nMap!3shPF4Rd>0mU3d;(ts@} zYed?nvw3JfsHUPhpAVOF*|>@@_J_r$1Amr-D#@T}+F>g=fex#&|LK9Qi-NvOpw)Sp zO(>a-{>Gn_mVs6HcS?J@L!|{ByCq|*WQ{g=u%PRwCm*TjY8~TWvwsYt3rHF=*U>1um>b;H?zAr1a<$Ijz zE0YGPn2Z^}xf{R6rlR(nmg1SewOh6RE1UgzUl-?Y1Pp`%se>a-4YVf0lS&UDyuT4F z!9b<64#p=^+JI;}yQXM!7K)*08@k!cyEH19_BN+C_@Bg!XF3X$vB{8Y8NxEwymT1D zfx5p$ip9m3evE;rB!WBpseOfpA{&s^D&BXNf3rukd!NDU+k#< z02`|N&;v;@bk=*3sCI`Gh{c*Hba;4@qX(@O`N!z@c15>{r?!VJDS|GFmud_`K5QC1 z`^ls{85A6~rJTxWb;@F^%C0OEp}b$OJj*T-%cL>Nw4BS8#maQ6%f4I^?DY=7_z>d2 zVe4j+c7e;kyv!Wy#^ttR5l0CnAr4Mp%puWWCZWvC{LAL`4%S=}{@@44Km?}S5!hT3 z+PuxWY+n7aXS~vQ-$wy?Kmf=*V33A%ool-KU;-Fsp70D~l`4A1jLic!VHI{^qARi& zkymf6NE(+0o&&rb5#r6>-sRq~jNYpy-|J1^ zx@F%n@!cV&-~5eT{tXiV9%kx2;MY~)FLB^Ymf#8=T?}5!_#NL69^vJE-tc`}0*>Js z{@y3#u^sN=?XBS^fk^Ihe$b>%3L( zeNJrETW^UzDqWn$4o9}bii;o7k9oZ3MEkxQ;fI#GamOL&z)Znfp5GUK5f!SdlOC}T zVQWE(B&c4tobGS04iS*<5@h@6tsbA{91`eOiLbe9zJ|gT@sksmo3`QUZUyRNF6vw! z<06-Iv3?=9&Ja)h?6Y2+&u$TI8*I_O617f^(f+m^A#uJ+>@#Ym#jSC8$A5efb$+#$ZZ9}L7z5R=Q!ke}IUb@L@+TGWdG%v73zpi;}@SeA#b|-n4>X8^| ziS~!jcTB97E5D}E?jqsjP@e1-zU&#Xl2vJo7b~Py&urb9hW@&}SD1x>O0TT;oqDLD z<5_c>exO{;y_}}8MS6u{SeHLIi;4(|5gdtViJNsgi_jbNOlxTWroZ|XYN(m?yC;UO z>wyRSfbvW@-ctCIVSvRh{mJo1!!kL0Cwko45f3|A}MBumVSj2HnLd zc;eiNdag|R6KIg2PK^~W>VzoLV9lEXH4;49@&ZR89 zegzv=>{zm8&7LKw2JKq5|4?!Bit6hYx?9HfD_2fkTfTk${w-^_Z=HI8qoxdiz?;aB zACn4?h%3EfD{DE3Ucf8Y{1I%qeU{7hm*HFun)_ti9H{sL!#EIFM~P zoovKPH_f=Jhn0<@TIo89SXpT_-#V(nqSXZ2hr5#$a}uJX_Sqpg*M#FJ%hmEY(n#Ti zJ4&dhPI4%`C0EiZGTM05{tY<`LlUn#1g)DbDDfg|4v;0fLyt`7AY6${0LfhKODenk z>OCfrYI45q1`@NhckYbuq5<_lVIY4J;qgk4&RguyNqaJK%p_Z?p*K?tdJ5I3ES=E6 z7B+qJE8!Gvw2M7qB(_+vL^SrS5?PYVtGZduZzl#A z+SS5aJt|TqqynhmTW^wEY9Ac}7=VqgI*mw&3eu%lR7R)7lpz&9icDRF+FU4rBXP@( z6?NrR_e|WvLleypkCVN@eeCf59C16*xm};p8 zsF@@0jDDwqMH}+8AO;lsSYbY~g?mI~;|6P4j+$lZ*|7Xsv9No}fy>wDqEeu&cZzng zA014iJKMopY}{B0&B8G9w!*bMbIs{?dUMY|Cu{D_?S=?%j`RlWZ*J}}N1k%X0ZX@5 z$*Mf8cM4zYoq?as99p)v1>M6cdo&Bx;LDQpc;%P(i#g_>4_=haSzz>jYZ(w0~`ET5QZRN8hJ2{I4B?$g|*EzhfB;kPG$+B;f@tl*Z{8j zfrOD*ie-gUT)$4jkirq|Yyp@bTH1$}_W{s{KLlbBg*Zg!3D9x`v>rjQN1t+3D& z7WkyXxbyj_hUHlwW%L08Po3{p1Zfp3CfFy&yu*J{VO&yJ(S<4&WPE(t;aPe}L^{^d zj(5ak9=&43$RW{y?Q>(1Rnqf*5&<`R|LnP|ynrLu!z7_gLBx@|BsGft# zj_Bwg79*EJ<|9hK#L+Bs)MF}Dxk^^H5?g$193ui?B4?q9CEkMw_XwiBOul0>lM_c5 zg8uolRxy$qoZJZvS=dQ$AhRP0BNv9+_{kj3FoQURqqYR;N^W-3o8JT{OJGSiKi2Yq z9N}dyA4m|@<>om~@@3leQ35Hk27?80NIY9o!+(V_hxyr}X#A(RG>$Qu`^@I!!nsg} zHq@a(9B150p#xgx&6c@TQARbImv#OuDp*QMaQ>wm5GJ6JiByc@N)p2Wm~eg=LgOcC z2s9a5tRx`JC)yG^qisIar#}U1P^}eFxb=Vx6+PWWSF=&3sz`xoshu}XSr$|Z)v8y; zYF0xOJQ7F(sn=7gvCPQ3Z%&mgRn=-*)ws#c8MY+VP2P&KkUGkzrkm>DRN|tu5Sg`&==gz{5_6t}PHeAO*vS!Nmf~hafCr7VD3~F0yccB`ah8ul)B#&3 zJnUiUnhw1aiwL60cB<0bENZE;?Pfk`11h|O10?CHtahZUlJj!1HpaBla>+ZPEt7E%;PrUMGma)RUR`GzpS~p` zXCvt+ktZ`w{mK)Ap2RBUXE1M1kV$deqWTH(jUY%>wSDs;$K~9;&2w=**6Z2&_D6^=? z%QGw^bHDNY@x1TTG?+f@NEPmI!-~RXCD(K{IU;5+U z|NjpQ_~VQHtFQh8zymx$0c;Bbv@Qcgzz4iP1!M~b{Im6gzzftq30w;b6blBbEC~7H{Ih4ywHmovp^AaL9rvjvtR@hNI$bsk&Z$v5PZQM^t>1}3%II5vhbcL zQY;;$o6#z*)2crnWI}NA!Lk4Z8wf(N2&4r9{+zJL2PbfXD6p%4$cHN6i+C^tE#$%= zGD5hyt=!tJ-fF@&?4~Cq3r1LgDGUqMVI9|jov(-oGJHLS^(qEu4aM&_XEK1&AO;jz9-31Vdzu#(#iDCzt|vFvNc##X^h)E)>Hpe28vz z0#N*rR5X?VV?`u<#S$A4SriLe%%s2mkiEX}M_>FcUQhonIslMyGI{WHXvgcuJM`cIE8V6 zH8wDt!mEmPvlyNm7wwQT$6%Qx5wpn44XJ=OG1HDG>zBI|rj39Y1K^LZ!y>*ECban& zssK#D%d#zFOQB>dqWlVk42k{~WT$mXCqS%%m(h*BnWf>!`VE= zlr+R`>`0H4#~5kBVu8z>v&m#jFh;uwN0SYCNfhotlAqx?K%o?|F%V6|l7+#MQ%g0g zn4N;S6E`6xt$RG1VHA0>nRg?hJjfr4!7`h9x+W1d*C5TrGR?R!O0;Or1?s4Ff{1)j zMBb!IX|zo+{DtDohcZl1mf*^NK!>%2h+j~~csPS>JjH%kglwEpZ%D}u%^s7S$Kxax zV7o_rWKI&BwaSD$xjF<-e^azSW zml8_~3<(z?#R?%!&-O4(Q7ujMLqR-a)f0USxRblwgN(Yn8oc8my^Dw*NP=ezj`E4K?wpyTK^lT# z%)^r!?SQ;8{sWD9QMVD|HY7_=BI6I53KejHRQMC8B(_MVG}h zm_<$gqFJ2<+NPlIpb=tP#*1N&Jwiv&swOUtF+HOTzqrKX$ z#oDMvzTM+muO-`5%37%v+dM7XwRJ+Uy}q=~KDL!xZ#vtswY8?5+q{LS;BkTsSX$u1 zTfG(B|AARgxPZSsuCX25#eE)_RRu6WTntm&#z8{ULM_I{-1F1F6GYp)Roo9rL*0ry zHq6}q(&Y%A&4$SJ*~vx2`H+^KU3sh9xAk1sy%u|9MPy@9Ux8GeTnmx)Ntj$-l6Bhxf?KNfSYn|`R$R{N z1)u9R41L_*?(MTYNU)5?}@O|F6rJMSNuJg4^cLf%GXf-q$vR(w1 z8~LbIp$OdI3GQs6J`o3XrHtwji7Y`CYfGLD{zdqm+TR&p01LM1CD%m@imgbGkyHM( zkTAJ}a8KbF3P4q08}7JB(&6F|5P*RfAP!>vBU$A5emmanWB#&WhsoUk;*; z&GV=^u8KIhS9_%y2A&Twn*bNEvLmaQ3Kr#2W~~nP+wdh~&Dq%2dp!qJX720YU32DB zMl9f~X7cM`QZQv6LS>+0KJ4vg;_Kj22xmDO=W}-F_xoOT&Sr6b=X!pTYyMv6Q)*{> z=I62K;2Owhs@ms%Cg?p9;(2E0f>!9ZC}o7!=Y@vovuNlK7T<`rXnzi#6vzeKT`k?c z=z4}(jpk_8^5~CtXPC7B0T}7eDruAM=8)cKt)1EVb!mu(>6ON;magehzG;~*TAJSJ zg6`?g#aN&Y>VAgVD^O{lCS$67JJE&esFv!frs}G;>Z``;tk&wS=IXBY>aPatuommF zChM{`>$67dv{vi2M(c?#>H++OxR&d=rt7-4>$}G5yw>Zz=Ig%p>%RuAP?c9!=p3Pm|_U*sAZT|c1;U2EwEfNqlR?(hyq?FL-&HgEpK>C581^Um$> zW@+|@Z}-k=_-1eUR&V+~Z~L~a^~P`2*6$DOZ}I+b77Xz29`MED?*a$y1200PP0ck;Kzr zzi1nS>dD|qugQTuv`F$V2lFr&^D*~v+n#X%Pv5`XMeD^$uL#O$sWp9=gcoVLotRa@ z$ywW>=14hIs8TR4-}AE|^Fb%{LN|0HUvj%eZ8c^iXGrb#@D$arw`rkRLGjVB||8>kzXoY9rmBF;STkqe3 zD0T#}bs0imqiJA$IbgmBIC_8uVnA_pz=P*vcVqr&ck-GCMTi1-k8pahhImg=c(?Fw zB!d%=hc#fud1!=gV8wQDgMxpqc#wlo*mrAi0)PK-ejoT#*Z6x(bq`*3yR;NYbC)Kb zpFNf@!mCd!dTRjt4X=9%C;JC?eF$fJdr$bAi-$s}hk{>+QOJGZH~6ogaM<5{ zy0>_{A98CEX&@KwG_P~mgM7$WVx=<*TtR${b5gM2j6*HAJy4%Yo*&Gy^q#y*okhA;gFT>rtdg50)@9PVmsP z=ETXASRbpb!>Ex=y^bI8%xlywr7~g^=RHaZix|CERkVE!IkF|KD8oEDsglxKsEZjl zR;-5(kJBhPiLzWIvtt`YPN0NB{`XPJOO+dm8l9(==|xpsDaKn<&+N*#jfBOe2rg8; zcywYxwMaD{ny{l#X_V^K3D}gcwuT~`SL0fsQt8EPTe028Hlt+5(+IZXDy=9FOPNNs zDeBa!SF>*I`Zes>vMEZeZTmJsD%>KX!tMJv@ZiFS6EALii$s5|x-fh|O&pgFxcsx6cpM6qFxB5kTnBL+Q!a;CJcGXB=ud83kB3 z9pUAoVn)$3N+_1ioh9aEk4WYCW|bUSGbD`hoFS8$#0UwdO`P3X zPdifC*p3?=ft9CIP}w*eqm4THD5R+wH=Gu`LDbu%nQFQzr=1RjTtozFC*V5_1Q5VM z1{S#7Kl*GCzyU`HRB8YM`jdwM+2wI6hawJiE3f+PqeHMK{y#QzD)td$mJy2PTW68ca7A?%a#^7d!+Drg z3G>)aUu|h))Wjcgbuo`N!sP@R3A2f^k}Tnv=#Efb+$UxfljJ6hQIZ)c(n%|ww5PXW zkPB~3OFcE!oq}2%fmLh0HP>DHX0O9jy-4)FKVvpz!avWL#+L`ZwcGbr}If?KSMNOMNwQ`gEY7?78c{yKrFROEl51Ks6&?U`mNIOft2J zrP~-Yss5OpNzr|iWlMh6IBM+}QWKgicC<0}Sqf z;AqEN8T=p!W9K`LVa6yWEJ-Qi(ita|tP#`b+grHzJFt+hgjC823ri6_jy0@$KH~}w z5%ZGviAg0;AOz@w=(D0I3@zu=pGK&_2|aDX6O6H6@!-@Mj&Lq90F<9cjtDxqtfhp2 za@pH(M7kY~CNrBkXrfU=QWGQoL98v1Bm%hZ!Dep*2N126X!+ca{>gULr8S|LVjASP-^~-7ghL_a5 zrZ1nV&24hCo8H7@G%JYBaYDqJp zk&+ahx0Gf{3;EHMvb3cxeJM<*c2aT1G=nRxDNb{$)18)drt#!y?rsXyp%S(Js74*7 zPycz;t_gLiPJJp=qw1-oI#jAtYpPYVs@1Jpm8u-&Dsiw1R%)VaTV(J9?rtNFT=k~~ z`w)VDg!7L05XT>`kdAHq5s2}yqC9G4>!z&5q1w#VkcGvKvFeJ}hh(ib{#Yzw-I}4{ zJT|Sn)5m=-=+&`mO01lnrd_WC*}RUHK5m8UZ$iruy8f!P5UH$cZ=+Xl_$oQBjaFuH z;}1P3E3s|;&0FItk>Gmju*4y*Zf~1h%l=k4!L4kkper2AVsNvc-Q{&bs@lg2A^`b8 zmj}TciThM`uE^!?y3my?ccJPXHP8WI)!T(`Nk_eKa0MF}ARux9wm|-Y$i_l|Wq@fU zs8uGwL;wa*31aP+Rx4mIHQ1XUeZW8m3o&kJ>m!0L(5eOQg)eiYRi07_fDF3|7a)>= z0C&6!0q;q$C1@p}eE`7%Q6$1vqh5(;96iOyCc=4)_D+gf2 zQRc9z2F$En4J!a_?Q?#NOkK_PQK{Jt>!B&SUHD+9u=^OpfzbM7w3-*ST0V%eFk6o= zGw3#y=K*ebV*4230!C8Yb0DvP>R_x=&JL2Q@S^&IG~@9 z^?i0(b3F$8<~G7}4RIvz-Q1VYP+`|y_DRFLT3u$9L7>fTy4(8s+wu3#C(mKlettXw z_kHpe&U041yTI)?b?Rluc*q}z|Mrx8*_Bm%z!tL*011TLX^mVWguuG=83Bk#sQ{k2 zt<`+J%6=h)0NfYKvDb~wmUb{%)3wU&5wNWej`7rEtufN)^oW!T zA3?BP?DZL!J;$q}j_wsl9tPAN{vkp5p(84qas|?@Tp&;t;y78$jnz*6 z$x|anA|ytlD2^g28pkI(VknlPDy||c`ca`()hec9E6yS<@*yL*4oaz_EY>0~_TqJ= z0Mz7SDej^#Hcfb7-EfSs0_@u3#0bsB=CA-lC6LUtr@v`#^SqDS(MLMq!` zIV7uv7D}3(eq7{2(Aoz06|0RTP2$EW{^3E^WNnn>c${Q5D#Wp5$m~H^l@ZrPIs~@h z-8bqaQ(np|k^(E{WK%xGvzcV9sbGX{-3T-t%k7;Mx=IC{0}7Z*3Z~axoySx*B~>v( zRHkLu#1?MM;irlx9k%1!d2RIVm$ zE@o@`-)qLEZMx-b@?UMi9|GDn2cONbH_hQ_FjYLqR#;#Z;KftIL3 zAP5^YfUa=m51fLS$%_*L%X*#4fbBt#@*R?TVbhgWuRK@>?m;M=-*fFsooQYq^jMY3 zoB)m*P#Q~P6;z54MPz8jS~StWpaaX`kW{D!JuCyoY=K4m!bd#8B-DdE(7{WTPNCT8 zR_KDB%0Zr9k|q>tJ+Q+R3{fUH0iLQ(oFXc0#Hka&!HixiYG|lI{wKZ2hr;DSd2n0S zjhKfdM5A@8se&p*B*cTL3R(t;Wns&NSc17>%dO*W~-hChCB=c=u|{Hs6n2} zgBjcbpT31m$U~B#PNdGpp7v>LV5_!bs&{ItNRlWK&Ru~KD8jv)&7q2`#D}TcU!P@Z zt3npE)mE=c8*0%?t|aB{S<90mTZ{G@UXkgrj!hPk&@0&wD!9cBp%OblYg4d8wNk{q zp6pC)LW_8-z3!$MM>8Xope@#g=HmHe6wv z2U{JiK+I~wwV!k~ENdm@ZgBxz{hIqRq(D@x{Sh3rWGumrAbxf%oA8NKd_|wOh5qOW zjCB4?&vwku8mcbr?8OZ2%+i52Kr5jHgU$vm%Mz}hdPa-LDM-8oJG4P2YyqLjDHPmm zq{iuI*eRa6YgqgOVFaq;E^10(t|R~|owfsH2- zvM$j&lhNX2ZNTcXd{==@S@rrF6iQ|MJz+Ls%)YrhUw<%{TA>fAn?$p?lAo9yzZ<6$0^F%Z<1*4JpN{=)9$*aZO}@VYMyjVozoHTwy8@H=9z}LN|Ij3p3MMK z;>wSDoWt7R2SOw~DgoHuU#cSMG>le+#+(O*@34Nvn^wdZU6Kp^kNV0jQn+qW4DC#G zLO1+xN_gwZrtaptEdZDCB+TpoS}@DX!M!5u&GxApyDYz0M9;>l8dPfsQ_SREjLYsU zx_$&4s4?9NYC05Zq$;ulUlJJ?t{cAv%ap7N@iIir{t#Vq$H>Ak z{BkWP$;ry`&^EFIL-HBlD=YUY9OtPbBWor%XN`vB(Te9kfO17}!%UoslKhKhxDp7b z#`qNKHFq$y$^)U+X&u;X-L~~;$g`qG zI^Yi_-|q;I@FD}s1_y>B=kWkrbP50LHjisJdo$M*C&nG8PLgx!pwUr`1Zv2PR;&qX z1hS(#GN3MQ>vnWL>#Z!u>nodXO;o%P=(84uZ$EaEZ zCtHtmU1yI-GYSUp^`+jmappB(H-%io2D+|nVPmLZpEO}FHe^Tk>XfvNK4*4HHfBq9 zV^gr+Ai?pDp8UB-SG475E827U*bd0pZ4a z{Omhf)adRmu!2a#w{6N!5Dbl+N=JkzUFDaa%_AJ#py44g zk!e`9sEd1SnTBwoGzeLi3Rqh8+^o&Oe{|S~v6YCCi-IxOG^E&ywb(nZi;>ZojkTu` zxB-nPa@d280$M$wI786D2K@LxHUX-*OA`{=oMG7j-Xn?6SdE3tuJ|6Y3|4SGh^8@l z^PL>98~_mDPKT!%nq`@JoJtFrnU9fWq)|8*QUj5Dd6og1aM5s%hgqHNBZw6tdwwQ3 z^KM=*8bz+(u?*Z37T9?VUoY4o^b%!uteg;p-gV<6Iep0gL)U7`B`!Y+8W3)DjOCyTZP~%#EwU|Pb9KCowB>zrhgf)QAt=oz_(#^Zq2DZ@Abw-(4~m!snf(Ej-{AmZsg6YEfRt-(AajC6*?j-c3WuXCWE< zmkksj$y@ut$DYxN7BmEWcqMq zlP1kAHF4(Dxszv4pFe>H6*`n?QKLtZCRG|#CCjBxq3*mHm1;I(Wzz8rd7L^ZCkf*(S{W{7H(aaXYJfl1$(y%U20dDAMmV;$N*^$Oz@ut!_x-_ z9V#+zpx*SU!3yjC8K(<>SP7tjB`gu~AL3TrK*If8K@TJf8}bK`Bm{t?LA4?I zS`J91avPE~iXhss7iz?jjztkw)Q60Hc<^mMR-F7mo()est~+l;>g}BesQGfgJSuwU z1b2$_ClD}2qG+ETM%=>^aVql1P8R2^Gez#m(5HjdG&JZmeK;ua2WmuA)3_?5jDa46 z{vii75~afvz83t^ql-ROi;@f@N%d?cu}U>7RozHz$RmkVJZKs}rYSLi1h<6KywfK1 zLmDm%9B5OEBFYa*;Dr7YD4Xj1o6yz@a%GR#5WC=$%TR1hkWJ`-Wiiw)Vm&QVc@_## zzuu|dS$a*n5=vQ4;3^9vQ`z>^&*SOPiQ9Xmz)l7euB=}fi zC$w|AHH#Ywoj4|r_B2fqw${);En<<_gZFF`p+--5^v*O-V0U0%DY|%KcHI?MKYZss zbuOHPx|e6h;!CqS`ue5PAqw+bZ^`{y89}1|0z|=*R(%7|IsgUO?qN9nNhAdStd7?s z2~N;>YVZVH@IhdauC`)}u$J1}lSc&a!~z#0yTxYFrD*Jy5vuuYbKi+T*PltF7jdZ; z$9JDGj6}Eb$^KnZoN}8k&wMt?HSgS1r#z3z=g>(n-SoXIKfR>URd3z(*R@I=_J3HP z-S*pY2TSL{a(}4y-hmHZ_>yFY{rBOKPyY7eUq4>?=bU<5IkL7}Ju3>CcH1vMB#5#r<%qVS;YK$yXLtb-fR z;Kn-YF~Wzeu!S#-;RrvWjT6o;g%MnbEo{g_TdZS*KMW!_hKR#w?9g~J%*i^Q0mFJs zaf(q4{vi~lNX2?sF@&G!pJ)De5=_CwOgJgr;aWnX48_E1w*t|s>M=wuYVjF2+|M?2 zrH*2BMUNKYM=el+id#gbk8X)$7Ux(;lK7(;fz-u6@PUhez(bNc!ABrbfku?@V-;Y6 z2P$x(j!M>xfu1YUK7eopD~)6yi(1hKG})3?66z(6(#b6G#lk7BLku#&f)u&2JAdHO zB8AinKL+W?WKt3;#$<~w=San1jszdGfYUs@5y_b#lO*a$ray>?5`Q@3aN~^SNt}5b zR7it~%{vK2G-VQ8mN6!{jEOCCVo!P5upVMS!9Sg_%O#qJm=8(kRp7BlWj=(PPdRA* zTKE~w6%O={Xw;@m8oJP!m@`b|l*vO$!w3enlX@oM5G*J55H*qORxRj`FP=uCmcA0E z>M2(XY#FwC*or>!89*ptW1O2#s1;mTNW4bYE>AtAN$&UnOa(NZp`G(Gb)2FM{`pTT z+9FH^{YM`^2}*-H@*kXR#wym~3~mH+kAGxqS#O~ZLDHj;g|LKoU(WLqWaR#fb9oO1PsTUW6Sg|@}25}hJfH7XKq!sC&5T`VNyii%DucCwsZ zXzj|~;D`@U!!9-1Vc znzE&%=84koe8-LXG1HftdxGQMY;PcvE^I_Lu_Y6g$;NTzEWflc*tGFQqk-l+oPdHM zaATLk^r{{i`OUwwwV@p4=wL^?%+A8MwW2+oI?$-tN?ww!jI`@~EB*?PXxyS6c*aM8 zC;8$3juND0fu=-RC=vh%c)=fDb0#mU%}JX!Oqccsr#bp!k8+ly771%6zq&_02hzSc zCh7J{LLoQyG-bkd<&nK3v5*NFmPw|Eu2(du|FDe8QC8EG38vlEK&fD0B3L|c6GzK# z(T?sdrb7RS3lMA6&CV!vXUW-6*}}Kgk}kK2JDkiyUb4XKPBfX-v5r9=+SG~$lYkpd z7HL~nk>=?yH7i|eN)LR}^_}tIK>goA!dMpoW+sUHc;m$7IE*AIW2dS$s4)f^Ox@Wj zQgKa??WRl|^iiqd7DVjn(y6*5LT*r@2}3f@4;i;Xmi}`K-&Z6Lk2<ZTqow1o?+ zO)cn+a{BKX{*TOL2=OxK{@&ub^v{VPaB*;84qi=sNJDK1g`OgC1LfrgD4+t~98fPz7snXKpYDeQ*O6@NyXN2Z<1S zf{=2Cun3j#d5&;$l5h#3PCA$&|?6DYCK`u4&E_;z9!I5dY zzyZ?;<^&R@V8S3*sddD07_8wd9nu*qk|7zAirA4Ft+6p#5-PK?9j3A#z`-81C>rTe zCRI`<+d(c>5-!o88^F>Gj8Zh+fE}r*A~CZaH)y0Spn zF2Y3&pjI;E9UuTfaAm0W#sHwfMe;+Y0>I?NVFh#`UI=sbc!c%dp#-b|0i3F)ZVozQ z;~h)@6ST!eGQ=YYax{o>{uI(6BD)ePr=cEQ^D)g*F5mGr(~%yOff?CxKYg+grl=}$ zavgv{9?Mc1X|pBM5iFn4C!f(XtsyC=2sS6O9*%M>8x$g`s2p9BH$^lSeba(stwh$y zOw`1w3<5Sp5+W8QyDkEj#%Q_zqdl!`H4r8{XXzarU_6Tpx%CBT_@#avVoAPf@W%KPc9Uishtg)_zS<+6CsUrXlc2|AZq)7cWQm!%h~& zlv8N10_h_pdPy(;8%Q9yEb73ltcFfioR*R7=%1C(|L(p)#*j zK%o*3BvV6kGBK(06at1(3NG+I58Pf^HE zt0hr_Yg3RU*+3Fu7Vozxg;B*TVlGA3Fala+PNgiB*LI2{7DZEYG*M+EB`dTW=Cdbb z^+UgsD5ZcC?9nWf(k)5I3`Ap*CtM5h?JHXG9~}t_!@FB~Ngc%J${} zR4GtrBoCsKL8x+$948oNyIA^1#UghPSDuxmqlWL9h#PUgcMJOo4{A|OpTI$fa& zKmu#PB?~s-Jy5tr9%LaNWIQw?hTXwM=)-D`^g=R3LHb6i;{;ou7 z@j z7ivXk1!Bt5mQw%|No?+Cc|~Tt_Ge`_TYGk;lw@BnqBv+-m1h>E@Fa2#cpuE53g{sa z>ftoln3aTJP~nzZR)h@t#evH=B$l~sltf4KARtABMJ~pD{YEfZ#7wGLIBR)7D8*9F z=t=rgl<8rq^kS2Tq?5mge$fB2vPbQrDOP4p?CRJOWYEWIbbG zTZlyn(7_P=02;_ZOf(ukR@j--#g1>K0={ELSfPX`m^+5rMV@9t0wEhv4qhf@R@xN|riBVTTR0+0Sio!hXi6kMA|+4}fTeCY57y>pqXuur zc&hg~P7LR}nEJQDBfaO?Q{A|2s5oduqJF_es}-DU}c#j-ql|0H@C%d0xyQTcf z>*vWI7t6U^bEw=oth~#`oG-qdIl_F*(Hy(A9COpW&6ju0L)Xpa9DLv$b?5xfhosDt z~U)RqCeK+(RIr#i}kRj0(ebE`c(H;HKA^ttmC4JHWqsCZz1D60)^R=8b$!=)z1MyH z*MU9Q?I9dU9R^LE9tNE`h&^yEv4M*48<0KOkz?79qR@BaYX32lO=2K*jwfWTgq1>G zNdwxYecFrt5>wVjUE)PiqR7QaVyrpbm2@`9z1($!+Ks~6bpzY`(r`kua8JVBO-f=; zGAYD;H0s^nX9M4hLf>x#+k-O$iPJb$DmkZ`rQV1=pVM5VlRB+4UVzJ6Z^cLAqo;;O z9$cwg1BXErq!p|<#uUrkSkmd9yDs6>o)`Ehr;1!gWp+JUMXT*7h6H> zANE{(dt8U+^=7@P)$gWrN?RV`Y^V zB3u?`M)bn0amYm*u4cjNR?|1wmcDRjQn zJ37F?7`&z?SW0E1mN+A%sL)AXPqTODv*R0kV6dEN zGNj0nBuftbM$e?ml`LDjdaeH+m$+_`k?+I?6S=GlR1 z@7itaH!xVaf(siyyfp92y#o6pRtxyCK95+rF)KHOv0ixMBDH{jfIh;lzvTUdg*SR^`RNA$txzy7cMPt6RU0 zJ-hbp+`D`K4nDm2@#M>!KmYu=%H+&v#%?d$p8War>)XGNKfnI{{QLX=4`6@-4oF~u z1|EoDf(p`SlR{L%=N^O-PDo*eO|fU8O7CUJVTT@m_z;F5g0$g?CZ335aU!NjQHd|r+l1eTql94_l$z+sLPPveSXhjJn zm0E5|q?0>l$z_;1qq;^vAiN!sGbt+(ph6eu`{{7DZppadF^Bi+!&=OR&)Q854{&253f7Z+Mp=Ra5wFoZO797 zmXfu?2e*@VJy4^9_b|*X95~cy=TgeT4d0FS!1c;v2gn|`{3qlBtL=z3k=Fx`A&m#_ zH^SgJ?ztLv7(TD!YP@T*EoVmzsLvo({Bzj4e><|hm;bpo-1dT#cf5i7$#%>yZ|&#Z z#}_SlC($VX@6q*OZF1krv&=a$GiS~D()F~%J-%kY3r@q}2%J6imjj+O+44d?Z~LX> zjc=f~e}sFCK<^H~iGZtUDr=kSyeGVAFau?5JKO=Gce;huEpv|uM#BWh2?+|!U053* z)#CR4I+FPbdg(w|*+kZ{j|HlPBa|1(_O&&4xejfikQboj2a0%5&4cTR8T4w`wMl&~ zfJD@ophCAmh(!;9E1O2s>ZQPUT@He@3zWasQ3@%l@K5qEg)~e7uz%&xUDhL^30;W7 z>&XIq^Fb8^ zoH#G?5d(UX9F)rFSFkF^3l)%PUiFHXMfx#qV3jmq8ppS}HtM33isYCa{lvj6-tc&! zgWddSrpCGP(Q5nCNdI8;zd;JqGlR-x^UijMR<6vEjjO}k?1oJ4olboVOB)3Nb};_e z1+J1FWG31^@vgXSZkmj&rsPhkwzItsmgWp!_+lu<464qN4s4j&R%b&H!fu!P`{S$v zIn01w1YF}vl=TXVP(MngXS5QiLn%Vggc2%y60K-GdO1*r0`#FAbx1@lnz=z#5v1e7 zs6~GHqF{DZcONCGODk&9ilCH5DqShqTKdwQmeijyJyA_<8Zf3;s3sv6Mwo zWGgh;%4+sQm!(im9*R53U@TWO;T`&i`*H>inO&&u5&rm86&{T0(x*OgFqw+mjk zbQeP34X=5_(iuHW_q^dTz_`ggz!y%T>4 zjNr)tSUCbtu!DiMU*JA?!h%_FaT-kF3}@8964tPX-(q3nVEDr%_GpBSTjCUhCB(xS zv5H^JV&J&=#VL;QZ)Qwm65F^pIL@($cZ{1J`#8fuzKxKFJmDhS{^rO?cCeCX!{jC- z_{p+~vXlo*<=0sG%Kgo9YPQT}{CXKRU=Fi<$9$SHo0+|6CXJfcY~D7H=FM;hube?c z=Q?Zm&Y8)xo~g@c%=r1w&JFZs22E(>8rm|5PPA|rJ()&3nzxXajHD-R+e$y?(wL5| zrV+#GPOtXUhY7W)O-pLSnEKS9O?6>b&1%iMS}?GVHDzZVm|EM~vAFh&u6K>tUf<={ zz!t2q|59vGAG@c??*h?!xz4@CbKm^D#GMhudWW9ipex1aNH11v)&cdXOMU88ue#N*j`gf- zed}EBy4SxB_OOe6>|`&y+0Tylw5xsXY;U{U-wyY<%YE*2kNVT=j`zIleeZnlyWjr~ z_`nN(@PsdX;qPwv#4CRBjBmW-9}oG+OMdcdM?B>(kNM1Ne)F8~yyrhJcgur*^rSDn z=}(XP)T>_XqF=r1Ul04(%YOE>Z+q)&kNe!~e)s;o?>*&j@B82jfB3{NzVW>d{NpQs z`OI&=^Gl!n=SzS3)UUqv^&b7}Yk&LP@4ok^p8fBOfBfVxKkvhD{`9MV{p{yF`r8lx z_{)F(et$px?~nid>!0;K+rR&^*nya0fmer9Ay`l&_;whmfh&l69B6`!@_{7yf{y}%Ge}Y> z=yoc|f;$*{E@*>@5`$J(f}*9!RLcVNGL&Abwl`rNeF&Wh=doo zgiXkWy7z=w7${OmbyR4BRw#932!^_1hW?eegtArMreoEqJ<0b zhJ7e|aVUp$c!qgcJ9tQl%Cd%Or-OdTh?ob6X()(xcZj}Xh?CeWiHLTK*od1Ld5;K& zkqC8Y_=1=yik7G|dq@?WsEVZLiC74V>rjdzNQ$P2h^UAbtB8x9*NTne4muD30e}GF zGbrMs`00AHX^Jor7 zi2&52`EF8f&vd=nU)?S3}`b6^Uyf2Ly&@rHmU%QXsMQI84QGT2;CSt zdkL8BAduNOPxbJYqa%zuX?8s6lb<p)e1fFbuN(z>EiViZUoDib13ZYP?Ef|2!L z4yoymzZjLg0FQn`j3WS>vH6kx@-Ml0o0cgz<1+|e*-ff~lF}JH{GyokaFa0UG2K9r z-07Zq2`KGAJJy(?6S|#;;GxA?p^90dhB;5>Ntr6?Fc}JyGWjYI=^68hqk>nThjO3m zXbkUI4?fzF0E!3_keaI^o1OA9fFlgLG?u`_2@VRJpHhjCSxt-?o);Q1GAc!nAPpvo zoFfIIeJf963%}Tu9mxv=@T8oQq?~dz-*Y{dNe9DVL5ZXb^S}vWnJN)F zq8)RW!SD$Slb&~gH**;=?Qood;yMBenRU>YW(uol8c&C5s~JQGrGTrLxiEK-H-gEp z#mS;>8U8UeN{R5P>4tM0ig))_9tI(EgXvOPO>ESpmTnlzy`?V<>wj?#SP*}ERo31vB zwrgv*Z3|LwdxUW-x1CbA$XBs;E4W#Qw-%+hM98;&OQk29ii7L8glmb1TZILxxMaz= zxA?f3TXhP^xt;5|pSyr0Sb?JpClN@xr;EC8LbsaBx~D#sEtG?~)zE?*Gwh*=NOTYC?b@96psjI*H%fJ2W zzyAxs0W81+94DXf33Y(L39P^gY{1SGCxkErgdo8aOu-dw!556d8LYt@%)uS(!5<95 zAuPfpOu{9MzXeebP{$1`%ni@r!Y>TNF)YI~Ov5#7!#9k>IjqAw%)>qG!#@nfK`g{W uOvFWO#7B(8Nvy;)+`%sV2|WA>GC;snOvP0!fwq9fSo{o4$HlS{5CA(x2PIbk literal 0 HcmV?d00001 diff --git a/Media/Images/ConfigWizard4.gif b/Media/Images/ConfigWizard4.gif new file mode 100644 index 0000000000000000000000000000000000000000..395f44c6f66b81e427fd3632ea591439aa4b00a3 GIT binary patch literal 20245 zcmV(@K-RxUNk%w1VekT`0(SraA^8LW00000EC2ui0Pq5)0*C(q{{R30001EX0672v zLjVF$003wJA~*meSO6k)04RF^IXM71W&lHK06&@lW@Z3pv;b;q0BX7gPM{Acdl&!! z7yu#}07DreBpD)f88uNEI#d}$oh2$SC`4T%S85?ssUmchB6PtZc)TDJNGKe6Dkmo? zTV^x>05Sj}GXO&}8$>fAbT2V6G(l-ILYypq$2kBwIsj%k0BSTDA2v1>H#j&pJ5)42 zemGQUI9`}JXt+CSYB+S2J9Mi#biq21kT{dtLqkJGUT{N%l|!DoL!RPK00&A4N>LL4 zOBOLsH!V#ycS}o4PgiPBSDsIFl~E2)RycuIOC3~ZZdYngUy74co!nJGE?ADeX8-_Z z06Aj|S7i-ZWf=fv86ssFLu4CTWjHuxICN%IZDm)UW@b8HU}0$hX>AQ)YBKHXiYe6T}N$XQfg`dYHBlQV1#O(;%K=4aS&v8I1+DfUv6%0a+|<(!S8zyY=0jq zc^7PZC2xH(0DUuaeMNMBgu!^d4_# zm$Hhbz>+fnk~1QbGeeU&0FyX4lQ?LSJBE@^SCUV3m1S3zY5&sj8{AWf`_*IJRY1vT>=leuTG>L9myIv6h#$m8!Y7xU$pjw%d@n zXaK%@9=&@ix{@=$qlvn@YQE|1xc~pav6jKXro_a=!N`)r;<&)>-@)(y&4eM%wq?z> ze$CCz)|F4uv6k4|melR-*pf5ZpmN%!Aljr&-=kO9rj_5am)f{!*SEmk$=TiA-QfTK z=d>W@zIx%)|LExD<>de8|KjTZ|LL}6?7yS!(Xs8;m+a%K=jgWW?8fcw?eG8p^2SZ~ z_xJy{X8*cs|IUB^*pmO~wg3ON|Nr3r{{9I50RIUbNU)&6g9sBUT*$DY!-o(fN}Ncs zqQ#3CGiuz(v7^V2AVZ2ANwTELlPFWFT*$Mqezn~UCOkn)2C3QN}Wozs@1DlvufSSwX4^!V8e8p z((S1}PbPq6>C~`?Fy8J?=l~^9+ zp*9pYgs4HM9<&G8~2x7=9;}ql|A~BMQLI4IpL&=x; zEbwjsD-Hu-sV@eghZg$|dM}3#nqk1M%=%M_ENCdxPs1LrtD?IB0MTQa0CKqFiTmu( zFRuIOI*`Jv6nyZ<4ubM7ml&T+34s6ZYqB!>1^_{y0b?8h!CM%NaL5P~q%+TmsE9MZ z9KUOE$vsBg^T9RW46w~fXZ(-E_!302!VEhM@q^j~NMY1hKdlVLOGm4=X4U@F_D2X7 zSP`WQRig;FcG!^y{uf+?k;*us4umtVC*l)?pc~HVA)JCY?I(_X8k#s8<>0c)m=SA1 zAwCE9$)PrGdOj$LW8!1Oif9TdG^-=e8+nA3q}eBioIBj3;i{kbdgDw(C_3a?#F?zR zkCWKv=AAeFpy;6YUUtdB6Xdk-%NGwl@=pLJ$EcbQdcj19K!oGRd$G6Lg*h zSvNfihRJ~bI;7wYb4U;eQV4?M3)7BV7yuYTsDi~hpA>J>K9gKaZWEy!Lx5q2E_6W< z%?O;YE_W~m5(J4X1RBXiNWul;Fj%YN1&8*b16ld-giu7`4Y|gKbyz|etoujUa5XF& z+U|)ZWT6EUDUd-DQH`={qd;b;wRwebh{_8h3VFD^Otz6^IlLex=M={|*71ZODitK1 zm&Yl(GAC6e38b*~5G^tU7Jf@doqD7V4DF6gE)WAM@qr;6G0ucndz`N9B%$*4sf<0$ z+~-24%w1{Ybb>rXoFX`o+9flIZ;D+4#b*#S5s{eXfSlvzxXcFbj7+5XT{};hL-MU+ zSZ)4t9y--Y&uS8}bl9@9Udd3J#4<@(WKu+HsV#wUiy`y?20iGc zy<*<0RKqCMiC)A2VJ6dR`l1lVoLQ`1W=MM??c^{4l(vqx3F3rN!_HuSA3QQv?@GEs@jk2@<_B3wmM!@c_TuOV5`N`?p6j|`(-g-xttFCti! zG_zTYl}NvK8rjNPmLZM3tY$aM+0JCPv!D&FXm9e_(VF(Os5MDxQ_I@cx^`|A#s1H0 zXG`1KDrB{`&8==xi`(7$_P3htEpUfR+`kI z&F))b%OLA&_q*D4Zg{Q>-tsQ@K2x9%dCkjS;7(x?1xfFG*4y6t=JvhuRj+;bt6TgM zM85K&FMkJ|TK^6N!0{0R)mu!lzs zR}gnc#3W9!D@~jo6s!2fYh!UiNQRIyQPwsthOv$lC1b7G@gRD|O^$a=Wd8JcWIr}Y zkZ&{OB0G6LM;6G|Dq)M2X%9dW5F~(Z+?pmo`OE5wa>6K4%o!N_q@9Ck zKhOC~HRCdCB0cF&7e~y{;k2hm4IEHEN5L2)K(h#25q^vz8maLIF7}|cTNuF~leniO zXl)TzGo&3A0FVgku@G0o8Yk`GKsnm+gL-Jg2sPoy7kCYkWF`C2|6n$;M|KMU34q!O z(Kbx>!GdEKMBFIh2N)px5p-*f7K!+bshuNWbwh|BqEJ;J72<1L-}}`cF}6!&4epWU zdStVPh`$H5?}fA@1IHd~LInPhXWyye7tyxG9eZ$uw1Wy5zc{x32jXsj++x@fiUhP3 z;%MGtPx7I{uKYXS>-XSN1@zer~io1ndaOI@jGE5x66p z?jz&5M|K|Xo>x~r0`^BFP%hnhLQ+eDQ z(ZJZZaetv!5y1;6Upl#AZH+x>yX!)GR|28|`ewJo2d98~5b}Qk_Z9M=84WI_X zwrvE#4`omeS!Zt%GHdEbYu46mokswOKzCW^Z?4t}s#bggNPq#be-UDM&_;p;pbC?> zc<_J&r!ammIBe*re6)uPhkycJmv{hzf+qNU(x-pvS8gU(1T|O>-luz$V0+M(eS08q z7x)j`hk4*ug*4cHDc68o$bmnw4mrnnd`E>z5C8>`Bl-XW#Sj1!5D#St1NFcUQUGgm z7!CYTh6RuetN6$oyL=mk%RiUQFN*T;&5 zm}`;I*=2yb=x{ts#Bfcj7Yx5f$zV24q#3NcxS(%^Mt=y!M( zUtBshD? z;t!c{Y*OiUi?|M%PzzT8fy?H9+31+s@O=HJglOk);ud_l5NOxfndn%Hb4f$+cm*l= zgXss4U$~h2=z)&u51|>0k5-8h@#&npPzKYWn%L-U1KOPYXP}lzY@SJ)s$iU_nVhTUmUwA!V|P!%sFAKYi?Qi| zA&H5vrkz+yr0Y|d=$WYM`GoD+lke#dtZ;_)NfP(D90Ilvbg+*c zu#~U2kdL;JCGwv&TBDk15GN^pMktRbnu!oMDCO3mr^#)E_l$8kZK+z4_NQz{DUbe$ zqQD1>(`FDy7or&gst2JB&Up*IC!H$Srvb`;uiAD%I;->7jP;P1tZJ()Y7JCC2(oqq zG0K_MI%5{Nsv!BQ#Hg;yMvjn3nko8dF*kn%@o^f6ikg^#OZkNKm~tpreC$Yv!+NEJ z%BtyjYh#Lww+fv6ijq!8pzgYC>>8>Zsf-hOaHo2lvl^STD5_NGkpOpeT>5*@%8J3b zlJy`BaL5lzaQ>(;*|G(^}pPz7ITcq-X#(585)C#zs5dqzNl2;c_RCrC~ zRS;|{sg|xdfED0Tlt;A%7dFc$qPk~zLb#8?7JV;Af_NIO(D!-4hJs}>e$r{RSUZpF z_kuCPqVyV)KPrh@3yhxExb2VwWe9|vdxCN*w6KP5c*}e*)pYuZi359jAHW2yS($NY zd>!bA?3Z~ImukpKr1Qv{iWj*s$U0C?+evGO`LD9uYR-OR>hl@&VGuxj3;0?ic0VD*VEs!NS22c%>N<^h%&biH?FN zwH)!l8XWKr&6BP`@-yy@mLBs4u5(KQVBqzW1LG(QN%{v9Z38e zO574nys-oe5>|{6RE(KYoDys|V>P_R;L*jpLBqBuz5=*9s~36uAcI8=OUazLzap!$j`d2u!>X$&tBmzni=mjAx(04pnu?zo4U@>t z;HbQq&oAdF2I0a8%Vz?d1uXx;3vqfLcP$p%hyb7I{xFJGsd?(NqS{V zYl^&aAE>pyhQ9DR4qwd{9% z0J6(rtlQ1O+c<_1|4qRpI>l+65D(kU0KQ^-?Ohj9;JLBj8xe|cN1PPi;4${#fJfj# zCmb1W#ys2*3m)Pc4lM#+8!mj}EdCNHP8%!U;xeuhFFqSFKI1sPzXJUb`LJc#(-7K_ zWf1`+J#phXe&iq_X8T}fgR&X89oHCE*X2@C*et<+x%I zR*vN)Ob=+D=4!s?XrAO8o+Z)KI#!bp5I_kF@IM>EO*OM3{w?$49fLtq_A>9(B7C5IZvJ+LIjSomJyE*>7+L4wqEH&X%U`tG)=S$rk*VMfI2}SX#YUyjou*zB|u>= zNU}pY?uh7hU};M=<`psPwC-uPKIyn#9vZRb;6o6mt}v=#N9MHbrfv|%o-wSZR|9m@ ztOD)Q-s+Bi?O2}elD_Q^RuTE|B|&~n0&(v7zyq+t?AjycL{93sqGoB8Ci$>atByKZ z<~i|B*8*a_*u-@cpv>BE~K|%bqz_)4SzxG(wIu1`r3) zu4s1D<8mnx7Ju=DHtEe^B^v(`H9lw@VGBfG^hRIwI{##n4h*1R3-=E6Z;l=}?)2Gi z3rX)}Y~BpEPz|=AQER^O-PPe6LG`w7^;b`1YtHrLKo8_#3(fHLP;cqaHT3pw_Cr|5 zVq2=5I21G!LjC`Pz`C$^>FVIK@VwkU-b_-b@+D9{_qRs zz;*%`_%HFW;rgIrpaVl!Y*>u=)UoDoujY(T>2aUyd_DPPFLb5}t;E`nCZ2AAT7iwb zk5;hz4zb3l-y9kL_@fc^$R+!eZukD`fcgGx`&MU_y{MKdxP_5-dLuY>@|?DLdg!v0-2yTiX4#qau%kNk5#_5eXo z;6Q@(Z2d!s(BG{9MiREG;Go<;eq*8~Ojz+E!gfE_;o7tB#l(LL9dgWYaUY9l+8kDd z2D0R&Rr^xx`PZ?YKbjbMuJQ@e<-dJD;EimTk|@i4C>&}NQBSAFf7&GGi?h8$iGQJwAzx$p; zia6ttdv7`FyrNK^`KHUwJP}7Eu|yM3%x=BG!b8k36kqHMJ-^iZt}=x7p@Sn1*5PC# ze!y5IK7^<;t1Ovrd|{nPFiT1$mU5zkxP{O{lB9j05M-kvA581MoGNf=HKkUHhC;0@ zoKG{X&diNN;gYZ;+hPe1?Ulg07$B=oV!RJ5@qh5|_7B8UQr zjUq2#Q*gA`8cMLK00;oe(nz&=jng5&K+UYz8g=iov{SCb?vj>E-xOk56VyWR_osIcAwfOqp56 z#B+A$yC_yLdJ_X{DEDdFViIZV_FkK4aYAQ;x8g!#jv(e}5O{@vw&Kp935;_|}+60k1$;6Z^#YEJjNql8fMp?#l9z2dG8QxfNsBpzBhYrJmmb>X zhuSbAT!;vleB^O1xKITEOT@&rIFT|0B8hxV=)UIg20Aj?T~xd^lt@-FGh=iOrED{l zpFHX{4&aS{-WW$x&TNi(sbgLKhX@4z!+-}|2PGI-6$nt`H9^o+0A~402ZZA_16YLs zU;bmnVORkLLQF_M*ia5_AhRmN{D%Sq0L*6wfPli(B{pYyH1xR+Bl22R1uk{4Dv5*_ z_7RO6buvjKfU_e;F-c2uwE5H&*hAAvbCQ&6Tp#sH|V>~KOnnJLpRu*GTwaZiG^22<1wJOfcOdYhr zz_beSs>)DnNX5F$Dy3GgZViG$MLN-KCInQoye(cxnik4U&Q4ykY;e7X*}7mIR_56{2fD3p|FZDVhtkZADdE-Mj2oTx1e%dap)Yx)@iF zXr+Wis!H1HmPC-Ri~v@vDG>z%Q<~Q7Xl)g$QLX}5Q`BthG*|J;>2`Iw+{~D+M5SH| z>o0kOi`wI?qtJ?(x56I=F7x(rhAL3n@heN#L5RX_cCDw}oJ&Q5^6|>mJ>UD8k zIERJX-Pp%Jc1w=o!nrr}7|2IPvXI}xIXoB{$xptqlHCI1snrLVy_hr|?0Iyilcs0GOxn+JxrgK?(~Ksh<8`~k3|%}` zKTWq9TbxFhr{yM>Ga#C`g8{}Fgkb7baRnjNa|>|kgA;$mLMqsEb+Yjl>C?%Yd2u;| z4Gtmdf{;VkdBAjrpqj<_;8WS())TDxA1EK znoy0CBGM;|dX0W&BkZF`h2`9$O-oehR{c1o=2u_L%_V-GieJrT)e!m_#Lft6+d>FJ z2gV^Y;zpwi&o)f|rbV8<5sh#%iy(@G4F5tXc7+7@5H-L>3d|{yg+!i-EE)pg669GOHiDzz6d{6!15& zO0CnPt&8Fi6ks6R=p!^-j0dE`IRp$VJU%RJ3k9l!|5C6%!lu^{EzoMgL`pCpoD~FX zLnWMzSNfz_LNUIOL)P)V%AvzKw8M$R!?t)s{R%4%bFD#StJ=b&Elfi*alhyI$E2}&?v(i8>|1E4S<`Ff2cf)J8m z#31-D7=%Q|00m%>3u!#MjDothFcseZd5ff?#yhjdOf(uZ0|j#6vnB#P;HZJu>qkT~ ziIVt*L~09x9LP5-NLs|d#Q+6*NQZ?isfJ7qJ(!PI(GrQAC%C}Kj6AcAjKqLJNN5a6 zbpsvUa5mvJr6{>I(k~qDIK(Ca0iZSX5jgX$DyfT;!zo?`Ks-(87Opr!`m0a4D3DS)FiKLs_ z9a^zGv}DSm(Hl(U$TqV_U`U6!(8sn@lp>hRdYd4gz@kb~C*p94ZbLS|{4uqJ%E&lO z#3V`J;s-InfoR|d;sGju=n?*k0FoxTk(!D;Fj|t4yG+dd%bE$yS&T`4$xVj5NyW?z zg2|<_h=ka{E7X`3Q2MLDqNGXD#=fM@7Hdj?ddmMRk4dD&=bS&yq)zPQPMeEPr<%_6 z>(24~3+)t7@Zm{G-sdywC#ezTEq?4GqxYE579^HxaSU zX#~-4%h1gvkHk#Tnp@HB^o!2)%-(!anv2o%{EK_c$InE%r=XM@#j_k`Pryh>ksL`I zMY$yvQi5zy5_`}Jwf;wtL{f}!(Iq{O^=VQxBht07hiza7nVHFds7dGfObhx)D%sMP ze9{+-QXJ$4ZV(4CozkhSN;6ebT_Gn`SyMIzOyzODyD*11?FMy-nVED;tMn${T$S1E z(OD25?M}1Tv>(T`=heG`ad*Fs~hzq(rpn2d# zya1~gF*94BQAM>YMqLmu8dWUozB;=LRUHR==mvS<1~8oqwQ9z@m{k<9(1f^BVMDcE z{jy)Zi+(s(b|6-DsMI-?3uTQ}W(BPic~*otQEF{9Yqg6(MTb-cQ-3&BL-mR1+O9N= zCNw|>K;*&k{_3N)@+@gGfKP}hA6&u)+>UZZ*S%BM1;o_c(1%PViiTCeYuYMh)dB)K zv2p;Zf-)cm3L;$muIwT$0BQ<))DDDASgc#v&5GBxU{_|us(sjjP(%nc>_Q{rSe%uB zu`;MX)TIwR*pz+F?rVa&=+=bT)|$=MwD73Z0@sGRS$@@7_h=>#1KN`nTH5Ts7N84k zMOK7JTCiQ!wAcq8V66bFS^YY#Fq|li)mZ||!M6QH@<7?Fb-3__NN;T@WEZ^-Jgd_)G z2sP;~JjDc~IH5?36yK#HU!9rBbU)-LU z-nJk<=fzKtgvMsL(+4_J57MBBfZqh>r}>?knUvtSTvYu{HSf~ke&S#{^+;Rw)DRY> z`x%fDHsJ*xGwdbI#ZciD&Q%dcO&?)97%rs~KGasM;5RBxAC6(>l{5z?P!qLIBWC_F zAcmRUbz)ML;WeY-q>Y7-ZMg$QWGUfOwKb+?lex;(7%XYJpEKqhNDKNvBK=pJpIvX+EeM+tCu2M z7X%(MoUp?1q^roK8Cn#v$fQu=UsWCvR=ya749WCGWfm4TxVt2dumIx>-;2^6H{u6T zU<}A(p+s`Ie*m^AGUj9vQ!G*wj;kmWv#r|Lpok*3t z6X$V85oETQF{KB5Y~~!s(o9m*sC$+6Ax(?W6&5lE(esJ3pp%Ct3Vk~O8ldKCii(Qp zgk5Ginb?oBlub?b=Mn+v4y)55H3EmIh&ihUR|OB35w;*c_+c0M*38q^-6MjVOw- zpgJL0rx?Oz*0k!TKIU>Bx3uukSxe!TPEvQ~XRFS)4$6rhh@X1CsH%pJd0IR|012iu zYbogopam|bX6x-3zR#%Kw0p2E_?&GQMgn8ub4l}ooxN}}z@7A>KMwsp<@6j=DnM`jL z1#dRP;`a93_oighmG5L*Z{56aSIh5vLGS%eod5k$03WpO^8f%QaE+wzv{(TIPjElA zO+ZD61|RSThcg3ra0?$^LH0Yi&hYC9UJVDF{%@`VbPg_+=AfPEk4jPO{!=7_Y+xC(+pTNc&~y zc6Meoy=z+rhakabZT4{~ao@MVry_5QP3ma((emVYTqnmH4mUsXKHk1i=ld<_7spa~ z7E62n^41pBP^A+xZ;xMbpQKuIHh)hj57ZK6%YPVX0v0(&O;b$`o&}+3KaXcVj}Anb z=16~(1b_zkm=77Uq7^baN^+k`zh^^NPeixAXM^CWq-$vP(I8a_na&6=m@r(?pxI=( z`j`_{naH3HlG>P!cf#ddI*HvOnAICcTvm0yb948D^XyIMwv2UI&+WCCIii{uRq=6g z!ju8w2QHx}VK+-~ccFv3WvzghBIowCdUn2$@pk^0l@NMa=0I*CG$ciUri?{oFZw)cC_->%L|jM#<%iW3~s5jN3xZ3A}qHTT*m zs&yYiGVzRzSCoZ!_J*em0hep@h*k@l)^B3YvRD*?@ua23o)^wb5E=OScq~oX<-aD2 z7owD(w`P}z_6T2$Gl1+5w~i2Jda{{!b@}hA&zh?rm#o+N^?LZoF66J@;;@%`vgc#7 zuW+;nF|HREuV;IuareV^$*DtP?4XmLk> z#nb*Q&+>5E$t1RsaEqtX93MO(|2PX^lFC>QCUm zgH5$2_^MFv%)o*N6E1A{Fyh1`Q8F$mlch_=k`>p4dGlYjbUcG{-gy-5+@q185+q7j zVcWX{KP&AE_G{N@`%pmD##Ebwa%Xe5-D(=}!nb5sx2pg*Ve#As5l(LI{5kaK(x*FY zZ2fV|mDIO)tgP~8W{EvH1NB@wD?{K~Nh{pC9;;D)U{=L`-S%JAbyEqp%@10s5wo#Z z*IA^g=ah1JF~=Q)4LbNBgwa{o7Coj8&-Jkr8SbQZpWY2%=Bs zxyWN_lJJNWQ(O%Kk5yTo)}nl?_@iZB8ORo9Z*kqin^m}-_}7B(X~h(9{%~?tnFI;h zB%px`I;dbtqO@c|FA>V!lZlN-rIjrb#E%yMMg>}5?h#~LQ)el)qo2loz{HwYrIwUh zHtGgiS;Yn5T3wTVv4^X#M&l}|e%84tuf6*EYjuX2geXCZ0{dK}h}p6%v&}MlEVR)| zJ1w;Z2|H{|kSTOVwUl-HEx6%|JMLoFRwL6HR{mowxicl(F1+!|JFlSTrj%`ViP8(x zyZie4FTepKX7B#F_*y71NBttaFvATy3=zS^uKO@X3R8SB#u>vKvB6Ag9FfHzi##&P zi*gK;w)&RbP{=F0{4&hjovc#I#l~Dv%Qx%1GtV>4EKzs4XMH_vzML&lWG`lbp zjWpCzN3AqSOz-@()LCnNGu0niJ@nRLi+yz09({c?)?=%^Hp69ibau>XtK=-*%d&kp z-VM6V5!_BY_b7wIcVikUH?Yi2O)KKZjfzK;WW)phY@P>g4juoMDAK%~wfu!L_8Lnatx|l{r>f4kNz_*^Kcq&CCyo#iTGMYjH z{^&k2LP&mcM5z=JKoz%uRT(q+oEKUoh9jF{LqO4!iRdpxC`u8W++r6ly6!#b+anPD zI4Atz02Ny7f$$PpBShvXhdAQVeTYJctT6F`USXaWR;bBk9)^<@@ubK=$&fbo?v2V* zpAzS|$|jl!DMm=-5WgZtSt^7dV!#1x&iNHNDNh9hk)rbGP`YxklRxU)hZCM)syHRc zn^74fGXqK(XHo>3ACu-rO8FBjCC@fsQYDK7A{PS4A&|zglyDYE&d+p-O9?4tS@z)q zHLQ*`wxXg^LW<4N*mG6KnPdPQu#ThzU_b)BY30myxvTxHZqC9fPzguSi5OJ=V+ai@ zQj=<}GombCHUpbdqbgO63{@gQ;}%q>s@1JRjHxO~*TLe()v=OwsX9gDQ`K13wQ9Ah z5h-fMj>^`#3e~GXbE?qPO4q&O)U6PKE5_u?*TIU-uMYw2#RN;(#Y)Yv4nZu%6wBDj z8qKi{f$YO1OWDop%(4u@tiv?R+0nYpvo66a=4?mW)zH#1GSgD$Vr4|(cmFf}z z4Vr!vG;;hPCJoHoF?6CVFs)5%q9K>1d=yn$G>%69$YA;kw`vg1oMmuAVK?^Iq&tdD zYycxZA6;O0ub~v4IPlA(NHi;|*+&-P$d&m}3M%}V6^qd18%K6h}4E3F@r#as7*K+)J&!4G^BJp#hq>;AO{s0e7qMg91w_ z+=nCX(j-B3=v}s(&aS0dvgh|VR9C#?7kanH@H?5=Hp}BCe-OyiDDsoD{9!3i>&ja$ zbA-J-uQ8uF&iz&M)G9mYKG%7j&4yR3e)s1_Z0DFxKqD+ za4&vWc;gxCUO!gVi~jYo6DsUCCp+4kWOk;fz3oO?{(HRLF83k9z3Y-8`LpJ(cY@Ts z1yR2{$M-(>y7ycq)nInB_a~xA8)Y}MtS1LkYGsUAS0<{0&j zDPKelPig>^fb|*}SW=hR#yUupDWFp^DHM_ZobTnCsWAit zo?v_J0kQoO`nfZC!tHlK-%)y3V@1>)(Vd+>{-Z)9ox1QG z=K-WaF2p@X){8xEDmf51wuY|t#$8cn6&av_ibu_UOOWBlM16&&D4h!P;4 zS~Q+uUZ^1X2xDnP0>p{JdXWj~=n_z}P|a`GO7nOe49 zRz^?Fkw8~=L=AzZ7B1yjzW#<;E(lhpWqiz9FSTX+Y-L<>L;^CIvoR%Jo{#M5-j0=p z4{qCE0w(m-Tv0;gQBK&r1)^9clCRZ@Fa9N8lG|NMrdtXn456bt=2vEFrZpiZr~C=0 z48<6=NH9evX;Kbl4(3K6rA)TwSkhjh?aBjr!RpZgUs91>*ye3Yj$m4*N5rH`F4R!` zM}qtbi_lbVINCR%$3D0dRxan{xTL_Oq+u!^c&?Us1`K&x*hroydYWb@q2@fgCpM-h zz^o^Iww!(b3x4M3$?d1V^rwG%9DweNfDUNI6)3$ND1sWBg3b$rHt3u^sJuj|gfbXE z>gI)}oj`J3;cckk{!wVWSSX18mWaX&iI!+>ooKtHsEWR))(w}37UbQv=Zmrxi;_!< zw&IPBRgR8}Vy!0V*`<59*_c@ptI6glS_JxhCq+aYTlOfq{HVB)n&X^&7h} zpGP#Qa!MbX_(Lp|rEp4VxKL@hkQy6lMtQE}Yve@^kctUH#1vixm_}(t2$*%EX|>c` z2WV(U)R3F9W|n4{H4IZBE-F#z0RbV0afE>I3?oLF8R>w}BstIuW|#`O6p4AzDZq;3 z)uLn4R9xV~A(UPo>n01A=sdikGZv2c6u2evMQjss@Pqo_9Ufvg#k`UG~|LU{J=WUpYdRcvR=|xK;aUx+gacVLin0JZJE7VYuUl)GZCerVnpr;Dd%|W zT_D1~(pYjX>Xj5J7wsC35W**Bf-^A3S!k-HND8IM)U9=Cl! zh!QI*EH2nUxytO7z##nY)Rw#v}zSF{y*qFUjD+$L6fs|RW*mdR@ zq)GnXFxuF|oe+8$+!Rgi+f^-5U2V1=29NSBP+_Y-8pcSHB;jU~nu3dqE-sGxtyRe< zK0>b4HSV`OuH}*y=5~wbZZ21KZnb?W1$ zN(=4QZcyEBwB)Yt_SNbB)zGo*?_y~1K7`V#9NQJI$?-0<_%8D@lk*YZ*mS&6^*^I`ZywPP?wk9KGkb=3BL0r_S>go4V%=7|_m6~r|dao>^*QS|I zQ#|E%!f*UK%>4cen>ItC8tP$Q6Yl-ac}36!`9)rCSpbX70Q(A?>e&G&tX(c23jY0A zOtIgmx+{7_aF|YT!&GpuT=4zOD%a+aZs0{2jZuBHNM4?hmN=;i3vl*c*7jm#l5Hys zV^~WuVI|S)q$C;=7urQVYz}J-3iAr7=?=Gc>jv*q^nGkOa9E0@P@Uj#6EDmYFN&4E zY!#nMvI>N*29b%VhZldbz=ScOC|2W;G5$IdG0v2wcnT2!SedYK3A-`C!118$sJ8;L z=I!uj^)N@umh~EP-UzawK(8Z*CnBHL`1;`_n`kBH)+Ik)7C6mKm|CpCagN-|~fG1W=}b#YH)v{VB%RllHBtL}Fw?gAqIwGOdV?xC?)fYTb2 z^+l`nS^r8)Ux*w#4qWre9mB02^YMK6abEAWMhA5^+ub%7vSP1HUpt94l3Zl#VOsOy zT66DZZ`EW&h%Hfv{$YcmLJ$M(g{Hlx^f>@v3U zYO`(wZ)Tt3X8Z7O?=Ek{Ts0TB#l`Y#HTH)pw?N_ccGNa>)7){-vTs+nCP_DSRPQxv zxBOl=HD|ZrLN<86aXBY1a+5dWf=D_r0!$BQioA+VOP5)nH-vEabZ8bifI{M>LmmhL zIgq5pF6l%>HGVUQeoKdBRYMC9MXmWVgO8I<^D z0qhPF@z?@|(*rOxfe?&`m81rG6lo;z#=6n?5qY2_dejw_nU8Y^kVA)D4fz=q`G=4L zliLE5-$V;nAivs)=zQ7#)c8KVD+IeMJI~nOb~$u>IkJdEI<$a_Hvx%H2_p!Bp&tUA z4ibA5IJ3sNA8A^hOYjlrxt==*pF77<(ZfkNbX}Tx6I6Jj0}mOz4x`5!>Bxy6k)d5k zWj#P%^i{g0dpPmN#G{Y{Ii!Pma@1awI$j6|52%V2R|@_CB|r8h@7j+PO?u1b$5F`2lqB^`$CI5C6oI(nmbCOJ8o9{ z;kx_Ue7j_XyS%eByeId)j}5(h%f6R#zO(nghfTjHhP@9wUkAKnBRsz={BturFsu7e zvinOGiL^s}-%9*xQv7&Yym@1MemgvkUPvjW!y#C>e}TN-i1(~RhyDP#fZH2Lw6V%l zReBF(%Rfiwki#KRILbHR%>QxCV?@CthH3YNg`+q5aT~ps36#?ca}d&$ACT+NCi^xQ zaqbe$*L=|*#?jM*nKyZw(<%_zEDoY^9toPQ7F?HU(G}Fi4AV8GhdtkkJo#eCcoe#! z!?)qrtk^!qRwU1xKYm_BJ|H<4_?)ZdH^ko?M&Jv+po9A7lWT^FdZBsk3N{)s-%EmuutAGvk#$uvS2B;7VU^+dQ{ELl{3{AiqpYM&A!T z_YcO=H}YiAq4sY-=7V_2Y%K9x{`d>V!KXiw#D8GSKmB8f{ku#4BhCKH1VHHdH;`aK zg9i~NRJf2~Lx&F`MwB>_VnvG=F=o`b{*hxxj~_vX6iKjJNs}j0mJFGvnZZ0GVaC)b zP-ab=H*x0Fxszv4pFe>XOgZ%A%9aIR236XT=2E9mp+=QDm1@zmoZyp+}80w$eBe>20fZ|Y14T(bM5^3^hVLGVaJv|yJzaHt7*?PYm0Yp z-@S7O7d{-S?YAIVekD%vwNzW1Z7r8RojPCRU6CIJTpeQbsL$Jy%ablTL4UU#lq;w$ zJ$Lu-;a|u8F?n403%x@HzcpR{9wFq)8^|AAZdipNe#Fp0J*fB@BbxgljPNJ<=)q0G zgYtW7zpThPM2PVM{Aa)_eyC@lcC094!KWI0@WK~iv@WY^wxaPk`m`J9j2H>Z(5dIh zvk?>_nxHYn0rhZD#7S&S?f+3Iy2WAAY=$(ufl)2q1(t4BQ8W01}7> zNiVY0CIA8q{Kw5H>)Gc8W8PeaOD}os(@%`H0>wsp0K5&PGeY#tPal_h&Xy19d9;aU zusRZ#J+%39pC90H(!5FZ^n%KEI9Rd8eN-^8oeNg6Q@wV6Sm%~B&HPduDl--F(pu%D zvc*4v4HlxUnz4l(ddU6*#!wuU zA5guOG5`m*)$&(ZWmPu-BV7H*)nA3pS6_p;0>)TdlwH=N`nK!y*`UBb1T%}y|F5OZ|cta+r-g}kYSLJ-$0tOUY(orqDW@9`UDDb3h z;*hPd{l{BPoy3@*FZQq)np-qYbsrWUT(#9yL3VfK64_hvWGC@mS!+MrN(Y#jWoFhs zXLrjg9df|Vs%L*PdGOvY5pbhuB~LxG0W#&3a!ggjoOeK}n=bJ@DdD{O$y?^#TJabu zw2PrIl%+J~DG4b^RIZYht#supVHrzV&XSh3wB;>viAz=Hl9#>oswB|LjnN4kOlbhYFWHr4RPH~QtoaHpOQ?$tPWMPyp} z8d$;F##p0-t6ULVPQ4D6v0xQzVk+m#e3oFXQCYH0_T($+M zD7kH2Zf~0#U7o#lxW=`vVx_Cr1(vU4=Dui}LT`@qTIURDuHIRbdEWD>QHkij{COUQ zPz62C@vRbDBTN$@hliQ008Hz4%46j+HlpzAMyI0~QW^oVM?epFL;)0M5VPg;a9305T zIWmB0C==t@Y}Kz?AKeWNpP1MvP6sOpA&)hv0_L#pvdN{5{uO{LT<7A(c8sslVu$k> z#_8rcR^YvBtgzU{=SDM+%bjjBAA`sBuJ*s%e2j==h3BEB2hXXF6>mGd#r3|n!^V46 zi?1D*7;np;>0u2GGg(TyCWe+fT!WJ1{LpND^vems@>0kP#pgglvTZKvuSz;ANvDV7 z0lsEBYZ~6rF!R*Uo^GwUL(L8!h2xVh_0PkZ>sQx#)~~H^ZhKwfl*V-BHO*e zUd^zN@jOED3_5G&7@g;O=Zk*n$6s3Xj{mypwGVLqvr9f3tcQf_kq!&Xt6BDyqWxoT zF92gH_n=S7;%)-wp$|UH8Ymzc7*OOqj2Mis`j8LhZjRVm!1;<{0_j2KXzs(P@5|7N zD@@8dY{C52Ec?E07MSkwULhDjkNrq*>b|cRh_32h0rhOq#jc^o z><`<>j0O1*1|#MFJVOAXu$2fN_}doDFPWAp!?3n(L)H2D`qA(O6X$rIJ_YZkQ4jj z=oqX2BFhso2^2-K7Ax=+-NF=cF~4%oEmqO<++zM1>)cdJ7B7hwZ7~@Oi4>(v7k5!B zQn4?75f;Dh-UjO$ul@h-lftpN#*rMO z@fptg7}rawQM#s9f?TVRE}-awciAr;=)_ za55)#awmC`H=K~TSTZPulB6JVDE^J|C^d@Wka8)R5}}H+DWNhd2TCcWvMQ}IDcA8T zwQ?)X=_$GLE5Xv1yfQ4wvMgC?EX^`4)l#^!axLBREprJi;c_nNvXSJnF7Yxi2PqG# zp)K|DF98$J`cmxzvoHG+{F~Wpg%Zvo>w>Hc68T;9vzz^9@on58i+V zav(DC01G;x1#W-}ax)Kh(=@RF19G4^JD@f5U^ydm3O3+2wR1bUvpc=>JHazNKQl20 zVvtgz8PGF5)pI@BvpwDOK0V9aoV^FHx2KlO7z`LjR$^FIMJKm~L_*OM9U gAPWdIK^1gC8MHwi^g;XcB*+1fD6~SYA|L<&J8%)Uwg3PC literal 0 HcmV?d00001 diff --git a/Media/Images/ConfigWizard5.gif b/Media/Images/ConfigWizard5.gif new file mode 100644 index 0000000000000000000000000000000000000000..4b79f7f633a7551d2e3294e7028b910d2b3c9ece GIT binary patch literal 14080 zcmV+bH~+{-Nk%w1Ve|s10(SraA^8LW00000EC2ui0Q3T=0*C(q{{R300RSNY0672v zO8@|7003$L5>^2wdH^{&05)U*IFkTNY5+^30A^+YYH9##l>lhC6aWAcG&B-LV-rrI z8xBnw85tQiQ5i*DBqn?(U1KI%Y9@P?CVj*w00AlhODY*KDljl9OQJ1gp(uE~H5o=T zAQ?0?4=_(?G**{1R--up0673RIsj%k0BSxNC_6hlI5?9wL1H;)kvM8I=W(-e zhgyMuwZezI(tyM4iz)z%Dkh66ON=ppi%WZoe@BRjh>Vh}j+?iMq`;Fn0F*d5lsIXW zJ&2)f0GDf#m3k_Ul4O;lq?M_)l&Qv-veJ{dlaSlCp4Zor+W(tMESX6OvT>=HgO{3^ znwzV!o44Daz15^wnWJ76q;4UkZ9ArpilURKq@#|dq@|#sx1_PLsl|+>#k{4$?xNN0 zqvzqH=l`ygm#V6%v8=|a#^bSG6|r78yI57WW&pF0LAINcwY|o++U>e(0Jvy5x^*JC zb2Pbsak`5tyO2z|o{hYskh-{|y}7)-^}M+M|G|qy$g6F{sgB3Aips{D&CRLA#Kgzc zy~gA2!tLzF^8e1Rl+4V`(u*qBnn=~QnAOzP%jwhFlQ`O&{t4w9qew6EX4fCCF2OxPeDa^&>#EzG#FIO`)2LIcUX4(+V%D%@%brbpDV=QHUf15uySMM(CU569*ljWJk^0=>5I;q7)Fnhp{==k`SW0wei*WW7V?lF*q~n{Qa*^JMf(}4 zrVGp{G^wPYGTLcEp{kfFM*gQRROzLeZo2A2vBs$@O?3{`D@ZfusVATHB{WSTdf=g~ z9(wGt#~XfpGTcD-O`_qFECf)1HH;XEPXgHnK;bUvJ&IufTToH1n&B3BUls+FYHL4@ zWYPsQ{M>tBwG(0+fDR@yiC%#uLa2`o=ZdNisRPlw$-D6;d>WNjG&ipxezl$ zZU7OGxvszgxLXCh@-8edK_r_z$%G<{YjCyzKWyT@C&&A7$m)VT^T7Y`D=t9}(`zrj z`Zk(ge>(@AGcy9$yzA6E{rZp9AHmmNMSJEr(2fXYQ;4#7tl@FY@+18RP={Wykr*mO_hnO*`Sj6#6aPbX|il-!`|yrVS41+}>s4U#A-hX2 z&(Gf$N?4`Jr;jQx-LERBHrun zkTFnq7)%g)7#FYz;!i{lT#^U5@W0#%@NzhtVD2;+01m2ffFI1@i6XGS9rVvaBx0cp z)r7)VN$-dLF2SBjg0(fu5Gy=>LWnZ-Uu1f+YhKqPs~jXnM2btM&suGR4b`DtsRBs`w4b#Ze1b>fb=9s5uDP5`)b% z$dgK#AX>&QZ^6^0l>P&zJE%^Z!1Q04aMvm-_9Qg+0J@aBbxo|XGcrg(kdjhlLf44SIgSUqV^xFi2g!r zXG>eiMgbJ7m}_l!%iFlVma@GKu5hFGTh;2b4#Q1uXN$X6x#A53B3MEJM|sfC6&%;61J_`|EYaCI|W zj}n{s#Pz5Jh*x|X5i^*?C`Pf0SxjT=C>T^_q!bGbKs@ERw-zy$aYFX-glkYFA0uD~ zNsz4Mfe`r``OtuoSF#T$%;F&Fs6dlrlI1Orq#uO1vO%8w5P#qz07&?9{+K0_4je>r zB4$qWcwMXzham(QqKeLsgM8u{AB4;kVe*obOb|e;SO9|X_T*)yL@?B_8*I?#k3Nu>W_=)kTSCacCtrAQR@vAci(GdK#eQbVwio1h}%a1%QZD>qiji z@xVQ#jb?IF8r%Zt!#}if1aKq4+UfoWl8X_5ct2Ut+6ebO`hjkBH>}_C{y@FeO=M?C zAl>{9_db$Rm;ehi`y{C0Q} zIKJ*QpC0&xkcHe)&W_{jdKS13x$^}Q`D$x99aASh_JRH{2x^NyAFXG#mBD}IbXcJ1 zkGB2GFFom7GnwDwZv3Ji&->2bqsy#!y_JjqZSPB2&}}9Uf}nRew|f`YW%#Fh%a>`# z7kvK^XJ+PdueW!cMiE6*Ms@~jfg=!}1{{bNWQylxr`8XKFlA3hcMWh3x*%q&mUQW6 ze;B8C3zr_*mTQ&9WP)~l4|fh!*KoMEcsR##lV)^9HftWodACPsOh$2XHiV~^YXU)T z4Hs~F_kQ4p9_c1%OvZcEhXekwf*crTy_R|t=Vs3LWa%J;?;N32C<2@@(+WjA%%w=9~fgH7>`ki3y$Xj6Q~W;_IPGS zdAWBF`_KehcX;rDvO7-p+Sex%2IOh}HtM{vVO z5HZ;>$+vt=CVyL}gsFCX)i-h1cWGoekgRrlH#vS%HgV?{loKaqXqc4+5ozxDfEqb} zAg716xMk!gepfb+mKT28SP)OyWkm^3|SuiO`6N6*v(NnSn-fY|7SSzEP1v zh7dD2a42YX=ph72mT=tWZ8N9N;l~9&s|sg#CMvqP?qG!ZwPmVE~kYDNp-q6Zd508 z-3WPRxO_-=Z9wO7Lsx#+#sNkCMrIzDg-+LKWBF~E|$@OAIFW=V%; z`^bRJX=LQ)0Ro6^V<3ESCzSf;e3wXD3`sRV)?oyCkuCC{HHKILIyDpaRRNixjkTb= z(x9DmnvDjbge9T6LZKMip_-wgal)Ynhzg4H(C5rx|R;Y%0sEBHye@dc(YNrJOWQZE6k}9c+x~Lwi1*;H(-5{vp zMW~bdsi10NiW;hER5ReM1s5+{;+N-|$ ztH2tp!aA(PI;rvHq?~$Qo?5Ji%B#%!tk4>*(mJiws;bBO9Lf5lcUrB9rx4uwt>7B2 z;ySLadab6UtlLVi&PuNA+OF>UuHR~|j5Vm~IyN;PK69f--T_sXvX zTd)Ruu=2WD^!ljmIkzYuFte+QvnA%T6Z^1=K(vO+ zva0H_8ymAc+p#dKv?VqUPYba{Tc`;uS__M-h3c{qy9hl?toMqtGb<0a(6d5YVl{iS zBFn66i(*ncYE&DxEE}>ad#Gt^sBc@S6??I4`wJ**vxSpegv)1(%V&LC4=8)L56iRekO(Gws9Bp@w>l8H8f10b3xXT0_nNseHV!uX zwwD{Mvm3X3CJ&8U4DmxC9fDDLW2?gA=C$_ir+qex3y7l0(Jo~mJ ziwu)%!FH>*m4FHnD+&-Rv1+wK2<6bbQ=14Nys-_e zzf(KI(V(%vpu#-c!ZusCsXz@S%d$$G3ds<$iW{+^(6}Rv2tnMv<6yDGJHjz+xFxo^ z8BE1qOT`GRz!Z$KA*{POObt0~319pR3jDL?;IS#Z#w?5s1N_3>`>>VJwk4**w{X4w zCx*UHnk4A4Y!Kln5|JXC5wJsBvhmQk-0;C*%MB=84f4$enZv5Bj*77NH2tFia1yeyl!<(s>@%L*6k zwO6~gn>)8SOSp4;#k9P(uk!R>OU))`w-xIR z$~(78ytC`z%;P}8*Z{ikY_gxrySD(nzp%S`{J^VQvo6cA9o)nB9Kb32w-DUD|9oPk z49%@P&d5-a5mmebyK&!W>((YrDiPTe5H6)zxs=$;`&Akh0@j!xVgCT&%Vu zE5Tb_wIG|rPMo-XjL^Be!-1XFe%se>eYfzC)MNa#VJxweEyx|65S3FB{on}8Fi$6) zXE~wL?mNj(d(oGC3+=E7kDLsmaN6te3>19H8tcH_8q|^E4i~ft$qpb+ejMk(a zxQP9{QZ39CY_oMe*%TYf>TK9p?AH~13va#5ZF|o9{N2M`-ED1ReT%d64BwIs*ng|t z7R|ZfeA@Dj-fIoO2fW7^IgjqOUfJG%C?KU-hk2mI;23tJD3AB_y7TnkO1q0XUasF6e2K&JP-#1 zkw%g*EEFK;@+c^cXT(-95Sbx{cN4nZxGej=J?q<;{K(W`3#ZKuFdGl3kO(^M-=gfT zC$`G|YYS;B(bL_%;{3{O`_H7@!Sl@BDm&HS?aL)wz{|Vf{?%L!EDO2ofDO>?4pD5f z^ot4;E9h|?!wk)_4$Zm5Ys$79*+aVutB|wGE9de|>B`*D1TE&e3knnr529Y!elF!! zJ+tv#4flP$D0}H4OX+z_&1SB&E{n~WUBmEOvlT7HW8KP)F3qIe#oUFtE|OWq}z}Aa=Gq<`hTHb1(ga$V+lLu`T2Yg5*&0(eh$Tz(65M&IS7cc!G!9 zI1%M0%MHBUvoKu`GF=bIunPOz3!s3#zx@ngo2X>2&~Kc=dCanFUbJESv=jX4J&XvH zVAWAw=iW`#N;}2Hox^Tj+)}=?H4MZz+sfJNv6OKB-u+v^pu6yO?B5&C=2{)c2JFgD zE3_jV@h0oB7HiBZKkNiQ^X!b+wqCMMUFa1I@YJhSe=3NAi1&mIlYUJ;2CGcANX-Hr}%gY6x-QUH=y z%M&#EV%ykGEq@dD>27C&*%P{*!!I4Vpd8uvF7M&o3;nCyPmR4GIPixH>XPd9(F)+) zyXUToyOKX@n18UM|GN<_yg}v;ws7{l^6bvA_EQovd>`%{*a(_XM$^Ri-@Z)LQ$TP8 z?gsMrJcJH`kAa=&?oht0-|Dcv`px)y-PQie{G%WJs><`uZU?P@t`dO{M&c;XB>N{) z1DewJz+lpfTo5Q-O;`mb_+ZH9J~_!#B!XZ3gpd3JOZmF$)KsjmI!o!&+Tqgw{{T@> z;6Q=}4Hk5V$kMuj{~SJq7*XOxiWMzh#F$azMvfX`*oii=8=a03`!Na-U;(;+{HUZ{ zi7&!Kms}iv+wt#Y%AEL82FU4=&7MV@R&Bjn7T3Oo8&~dJx^?Z|#hX{}UcPE3vHKzHKW~#++I6X3m{GfBptt@bPHUr8&}>hFIcA)2&^<<`_BR~Q>>j^ z_io<3edmT9TzFyBsw1)}K6rZ~bn4ZuU&mg1`F8FVQA;J*OUuup{jTe8K?x_M zutEzj4C}z-62!2>@+7MzL=i_Mu|yM3L@~t?J!G*(7hi;NzSQcAvBrNIv@u5=cjU3h z|1^XMIUha5aY!SNL^4SwHv;k@A(xb}NGPYIvPvsEY|^18uMAL1F24jbOfiSc@}Dio zjL%Cn*JQIzH!&*n%r}=){&P+{@5HmpI62I7xH|g;G*Cfb+;dRj{xmdEMHl^XMg$pc z4N*uZrL@x43boWRNi*fNQ%_HGbi+>z+jLY@4MikXRaa%TRaakyHC9OLw$&;f2UueD}>!-g$Ye_py8V)t6s`Uo>|fP68PS z9yeksXd4ge*`@+>2$J|Nc-Tm3V!Gb>!5V_z;UN}~tx-nuw;<<)4i0OJ9R(dX&83C$e2~y_+#u-*e1ye4s=bgnH@B9Z|82|d@lXs?u;{ZI^*__8CA6x*m z1%i9As^Pu*Zrua)H{;d^3jA;n=ILbOjl<6PnAwh^&ItLzbVZt!p!xor^1{%;D5L|&bUMNFh$j*GmqEXE_=s_kf$6pki z01i4=vd7g=cr$z&8$6J`Dz-3WT|CG({x&{hyrP5@E1)_o0I`%waC&QehtZ~}J?qu* zhi(I(Ff0bPBTg%QW?G*{u9B6LMCBq~VM$|ZvZEz7(UHMjDgfoDeA2m2k`kt!*?DJgvMHEtT4X07Rc1eT zpv*xc(;@nBraoR!lzVoR5kV;?G3{y5oZyrt_^{_mLRwK`av`Q%8K+1~I@S1`^k1M^ zX<%Afk*i>$1>w9XM~A`;qaqU+DKP*unA%f`CeorZwd{?MTC z^*DzAsDhP+byx!nsJYXoTwjPE677eGN6iFts^Jd$#zieKNS*m7rtjFVOV8L3}w_Xmde`RZ2_c}Pb<`u7fJ#6rf8h6A-HjIFMDq$zv+32e< zARYZ|YENj{rfPPzwOx{Hk1E^S26sku9bf`S7cBe@fQYN~?Qs6LnNHy`lXX?2~m_;*Fnactq?)Cd4U?zv6A+#B4>e3 z?kba>FKFc~5BIWb@|26qWT8q~YsBrUaf$Qfz5W$?$a89Ne8NPZ&>hgxk-qI~6WzVh zZ7^~R{!HY06XtdO`PPpbRe`4buVcr%aA=K>(?%e@5SjTmgKKV_Q{A>~FX~rG%a5b< zb0t4ld_;;K_Pkf#HMCx+SDq3RpAPuFD{+ZNIh*1CZvKM53cx~E5P8vNq66Pu-@#Mj zDj>02KH1&=RPAj~Y}|WF_q+FX?>qH-;Nx2OoFablWqtfiC13fhX1=AI|9n$Nzf#ku zzNhyb?O>8R``_<~^(lpY@IzYslOlil6@7k4rChj18&EY!l? z%fT+3w0t?jiU`AS5QlZhy)raIF7(2R$Okdhhj8GAd+phf!RII~+ra zpevggtE(UbWBLX(h((C-tbn`4iMT9;3k-bAh;6hMVnjM)gorRShkvj_b{NDrbjDP4 ztgbS+p>T#q&B1%(yzO!tcl7f%6cejj3~JRseaM{DtLf>OvsG@ zLUI%=bG#`%G6zhnccRnh?g!62^=pJ)wI6YbY*aiany>2P|+V zvnz_Xf-Zdq%3GWipBCfte7s((kyhyJf}Fjyi&K) zi^|c1D}2a--GVH1OE+fFx2ThfpGYXC`bmwL$e^4mi)6-!P)4CZMu>REhO!E*=&D$J z%BAu<-!iJ6tE`lS%FR+qnE;1P_y#rDEpQ|)z=N(^M9Y-yh_z%(k}^jyJVl3yOU*n) zx`anvtSw5EI=j4yw9-Y#qe}i}z^}o>tC0FTm~4qXFay_vMX87@on(Zl;Djs7(U3={^H(tV*)K(W#*g_kVtlP%>^cJb0Y0n;!YmodeYGBs0d zLDM@?(>1M@Hno#Cg;Qpc(>bBjIt7+HeUm)ZQ(oayH}TUyHI+bZlR+g^HJi{NP1Hm) zR5n4>M&*=8U6V+a)HhpHPP^1Vqf|7p)J>g~P92j^1yx3&187JBD6PR#tv_fW0#%Js zR+Y0;Edp4zP+6T-XsA^n)l^(fGg`G(BlFe&)749fWi`N_N*CEqaE8*9G<&uG2H-lBdf8|kyr7?u1l7e+uDuLK3k=Tia zl8S|ri^W(a(by&7*p5Y#k5!V86@m0Jp-+a9soyOof<<&nMR zTLtl3Mhe_@8eAO#+`=7@!`(NE&JOjaBRAm*;hn=+)lW;NBnn-r~jHTOD6~ z311fR-t+yX%++1?y_WPP68P=X@)cJ46;t~?R{T9v{RLY71sD14ko5&%+wtE5Enqf1 zUI3&;a<(*Nu6L3?O{(5U;3gO}|{)aD~kTC9IGL8~44%H^cHZ_J6G&VXn zHdQtzLpdfgI*vm-zT+r9UOg5RI93od#$rG&5J8^e3x-({_G3fYVQpRHK569EedIie zWagdZa8+Rp?%GR+vKf|QPPQ^n?qg6kS5a1EQpV(6P2>|sWhlerK5S)kedXbcWm)Fq zQ?BJUA!GtEzG-{^WB`l5$>Wc0Q6akp>tLXLv^0Vg7DDd$tlp z)>&NE=ZpUC@hk%KP)1jcUT$?jXXzCX?0Y^|1L{?8T=wH^*xnA=j$zuS6VVo2&gMVeE)d*S4%=>F;7$(VMq%Ri6W=Bf zS|K<5q+<_-?yCSmG^4eS13eoop^mTvp-XvzNWRuk!|9&d&#@2x)XS%YYc zUg`Dbj_}T2_-5~l?rwjkZ}E_C^UZJlPVdm}?_7g!0}Sw48}J1z@c2IP2Tbtp!0y-3 zZVi5L*NE^6p72O%a0Lf#OV03LTktCFZ~>1tO&DnL4sj13@e-f!69?Z9*HRXrUhac} zgog3B+3<$0adr745~uMT&!9ib1{LRTA8%jGu45uE^2lEPaU^$)%D!wRA95y-8OV-k z^Okbk;RO;f@;ttBf%$I^@A3?i284$4`werd>FX_roVWpIRA0E zrt|-`b8T|*FWqx!dvjv`b3VWEj~?{!>vJ+abe2l=G+lJ9YIHY!bi|7EIi2*_Ds&US zbS9~EJl*uKxNy^`@CXid2KjVu>-0W7bwtnfC0}(WZuKaCbyyGde4cf2OLalLbzF~i zGv9UZ_;MWobuSKfLm&1rE_O{nc4D{hsrBwy& zuk&pm<6J*fafgUfCyh~WV06z!b0vd3X6?gn5+rRF%*6r=Izhr|Xud`BAm`JZJfU?|EVLx`f2g;nU z`>$qvzlVFkZ~U=-e4__&x1apCu6(9Hdj6*m{LCKw&p&d>hy1xGeai=P&(HkM-h8Ql z@5CqkeKmX`w|2c>{oZbUXUA{bFMYm0ea^pp)$e`5?|alo{9(T`tzY#x@%ne(b$RXq zO#O)rxip#6HkcCIgffaiVVH+JNYeS)3+@V|7$ zSIhVx`>lWfgw1`n-~IE?|A+;Me*y;*ENJi`!h{MJGHmGZA;gFhCsM3v@gl~I8aHz6 z=xu#BG$8N*RpNv_AN)T1%tw^`!B8C zyn6TY?Hje^RKIHR3NCE;Fyh1u)Nkn}&4u6d@OZTmLv$FODRwpqJ3@ZiGN?oK&8=I`UmmoraVy!p!H(5F+c zuJXBckJ7Vq@9y0p_U|smlP_=nVEFSAx2tdO9(elq4cW`DZ(nr$`v~dl@9#fxe*X=` zpMV7#SXY1r5_lkk4T1$5Bq=y3(1H_McwtkprD2?d6=L`yh&#cS1BVTI7$S-(js}=P zU6f(ri7LuCqelq}7$c4TIqFD}jsM}eBalHV)T4ht3V9@w#gVfllTAALB$QD~IVF`< zT6rawS!%f@mtA`KC75A~IVPE9nt3LgX{xyyBDX5`}Ix4B9cG;<^ zsj9jvtF5~FDw?RmIxDTU+IlOlkII@Wuf6*EE3m<4xvQ|n8hb3V$%0C(vdudCEVR+q z$*i>1T6-+3s zxFS*y$|x&3(fPIBbR*itS1Y-G}A8A zEM+ZCOFcEwQARyA)>&(va@A=XjWpP-D!nz?Ha~53*=fhz^^;et{Wjb?i;Qn$`i6Zs zuVcpz_t{Xoz4zN}JNY-@g_kY3nP20*c&K_CPIljIKdv_7OcFjh=1f;krs9lyuBqdh zPaXN-qHn!9IhUKhI?kwz+4<+OR~kC&LX+O4>a_!ndhWXWzOw6K!Y(`Uj?(_S&bM2R z{L;KL|NcDibN`fY@zsxdJoGd7oW0J@bN_tsU=D9R`GsQtz0=#HZ?pI7`yT$686mqdqE5um~CAf_ntRrUs z3t-j;n7S$|0vQafM-OH8!yszThA5LqDwdIo9pWsBFY}|$q)0`nS&@z;%py>>*u_O6 z{_2Z23u8R;5Q}=K;{yQ@02;R;f&F;{fG|YBAeW}b0_yCC@BoDbdq@v#_{$Qjv_w5l znT&rWP>6PPA}os!HY`Dl4(^bGBJAH1sVGR69nfD1j7KV>;Y=y|>k>(% zCL(G9LS3Sao5*MdA}+x}fBmAF2yDj@FZj!P1ap{IR9Ok{HNCnqvYv->q|NZBzY>%& zW$GA#In<#6Wdcwb{2bjafi}l+0C9n&Ti_k9>}O5DS2!Wdf1$&U$RLkUZVy5l6~SM7)sx7PW*Y zBB^K3r2-0{G7Dopwow6dz)*jn6ow4%$O#l26roUKqd6i9iv>m$U<^DUEG=qCEPi!m zDXqs_x#`3V`Z1+Roas@Qsj_x7k)4-#Yf5E$3B7JquHLLAHZ$l`bmEbZc5Nacxt3IV zGPSaNa%#+=+Cp!{upXPG;T=06f~jI{lwh4}GDacRmB9lQX`LfR+q&0)<+PTCtm__= z2u*LKf{q_u8DCRILBQ@&uy6gTM{%0mdPp&Wg^H3aL?3fh#NAY5W?8!S@AjEH;{0E2Av3 zC>!yXV8aa)q`1#-S~2&0>^_<8*JW}Q?t%Au#JAabZ+O-cYyw~bKT~>5fX<$v2Mx1A zx9re$PPBcOT()FR?$N`_u0Zx&=~bWU($LGarsXEvn0cDaEdJvlsIkUMXJXFOSSs

?sLPf+g18@yHosb-^F{`^QJfD(p{Q$=eyue+PCidjqHB| z{BQz~4Z#gA@q|&l;ugPnz%mB1jdOfs8t*vBLoV`~(PFZsz+zVep8Jmxd6`OPQ33}uJ{=tD31 z(0e`#jn{$}V!-*;v%dANr^5_hpZRXMz3=3peK*W*_G$3G_rCu<@PjY>;S<03#y>vt zldt^cGr#%He?Ii1Fa7CLzxvj{KK6gF3}qy2`=C(%DpnDN?32Iz=0E>5n1Fui>z?-H zILJDfg!|mqjGEnXBme;0De6?w!OF-;mmXdF?M9A2p$ zY?l#hv>Sl{9t{B@Aq*WRJR(9`BSLE?hR!Jf04M-7FEBGMO@AzLwkLuBD3PZqk;y2L z>MopREvv;fbE!E105R1|CRY`hO zUy4zPyHTUoR<*}l1wLI1QdR8LkTF&oe4OwIx0$^;NX^y>RkzQu5gJQMTW5eTS%co|`$!5ywX#fCf061y@YHkf- zZ60iGHUwxpd1yi%YHDg|Xq{?mx^0OBXqn4umD*^n)oZisYP;KPyY6bb{%OYPcTF&K zT%d4!vu>2YaG=h44{Locfr~k5d`O9Ya&mr)0er2wL}qe;)vZF9L=% zJ%u|4ggS?Tm2ZfMh>DWVj+#M=snLzH$CNh!m1+Q*V@j23m6f`clDpoT%h;05?UmX7 zmD;+T;s2RE0GU`Mqe}v(TMMI`9H!Lssa_neWFe`FTCDB=uw4YQb3(O$O|q;_wZyfu z)#Z~3$=vD5=k&wx{>znD(y%emh$q>UIMb|u*SnR~#h>AvL)w*U z*shA&x@y?YpWN7$+V#TQ{{H5vRp7OM>DRmE;>_&CX7({Vj%YIG9v0~M@bL-yCySMM(z=I1PPP{Se*~pXAw!N^p z^XJf`OP@}?y7l14m1~z>yYcPo;KTllA5Xr#`SXyoZ(rZKJLB)@e+91 zzZm}g{{RLk;D7{vmY;sg@t22x1vcp5gAhgt-hr_NV4-Uk29O|g3Q6eUhaiS1B54#> zcwvUxDahc6EVk(4iw>4(B8n+;m=KIGn&ALra|95AW@ZFX02aOlY2lEZ1v#V?Nan^Q zk)27gBV$r1zy_5&J~^6>IEE+VjO(e`T$e3!nFk#k;Gh{D94MjL99DLQ#}7@;q2`)x z>IUbPqRr9doCCO-$DDVTW+s`{eF+8t`&WVj=m7N%-s060it?PA+bIj0RUG?|B{g*q1QVsqZ`LjcgOD@C*3 z20-nOcf`P|r{k831-ABHS#JPYHoNYiKe!98po}pKt^?BM5$e1W-%9YA8)SQBzev`5 zZ?eTakO#vh_Akjbvd}t9uk5Qs7HX)rp9?$a zvy0vs&zvU@!<}E3ou}zm&W?M|mlG#4g6$=KP-SxX(Z~01WKl-V)t9HE)l*x{ZSZCq zpU1XVQhj{b=5qeC>8`i_sr^5^ny2v;b6=)lXSV(|27Wth+mGZYJSE%@R*gZ|o(KiN zX3Y*<8H%0(Yxh3El}|X=!`{hmR2ek*;SFyXLmDji!SQfOOA^c9(%P^=(P=7d@yp-u z>Zh;!H3owI$K#;`YxuvQQH+5D+}-_dn7}43=7>Uk;PVyKL8^i8Rkdl zxv7GK#8LzG_rRdxagV_RVj&Z$E(C1QPtE(<95h!uJW7#a)N5mJ#;Bh%ZqG7`K!YMg ziMc6hs%}WaLlF2R1r`X-j{n<0oV1j*7}i@B zk}}amKd*60OAb?}W6-2IO>vT9n#vojsM*C00#0nK6eIS+q&t zTfqLS7qsSdvG>svkbi90yEKMD3vp_iMm*?19bhI+3CRkoE0mEG;InrX%vt|LnE#{( z$W*~FcmuQ0jwU)mbMlj5vU+E3NXZ^kx>Kbi0v?2#2h*BTh735(sZMvw)1LCQodvNe zh%Wdb1`744!dVeg2jne53TR+5T&h%cqtvNd^{QB{PgS$Z)vkJ#I$Qm!SjS4%-GsHQ zXickHJ9E~xy7jGa)fLL(O4qu^)jx{JgkJZ`*S`AouYe7#U|<96RDwJPD4-3kXh%!h(wdefkYUhiSIgSgy7slO-Tp~x zch#TR+V-}%&8=>COTx|$gDu5gD-+~U$?wsV!MahJ>7<~sMe4nb~jl?&bKTKBrx zwXJl`=&0;^_q*T?Z%(#*%I=Eyyy#7@dOt$mmzsCI@Qts0=NnYuCbzcq&98p<>)rO& z_r3fLuz&}=TmO32w+^|-JA}btVQAwX1dgzTC#(_!{}#atL5C?)0D%sBxWf{7!Ye3D z;u4$qA{G{ieIMeFVASBlFoy92uCR_1+xW&fJ}`z?%n*NIBV5)U9t`O6TP04K0a<}!y@%NYI#{yaDg<~B>9 z5oV6FoS%zk02^e@ZO$_U-h5hptU?7AdVoKau>k^%*(ZZ8^r5la4?S3@0Y;v4gzHRQ zgXDte5YC#-(7sY~K%P+Mr!rKU-v zWnB_*WQY-x<}Ic1dk}wMBGZ}1z^p0ak8Xt8Vg`uDNBr>#i>D{p?#sTi1>bH$?n#4M!v)BEGf|u!F7JVJ|2l-at08mw*v}AVYl_I=4sok?H_w zfExnwM>RHZ09f3F92O#gxBsDVhCAFO{sy>(1TK?ZtJ@(2x6r%(A+nEO)4SeV{%@rR z!jCHGJH|P1d5|m6i;KkDLOalgK<+UPOGw)zB^UWm;w|x)+&lm|-+9k}-tly2yCESD zz{npG^Z`u#JABd(XoD8dn2SDQ2u&{!!D4q$Jhc)m&i9VB!V7)I%5K8!6_o`k5p_t8tsUJsAo{+ zf2{ph5|8==2;yfz695sY7WzMqaruN>J^<&YyE)NGAZs3H zF(^=Dy(eqHClK`j2LN{f{I_}$HwxvpcLw1P4XAwoR}c^ga2i;F8+U=X;sEIofugnu zuD661BLGtP5AIiZp`bnkFlP3bAw}m8yP!S-&;=})YCs5puO)y6;dO#Xcm+`pGWTH_ zKoK6taR>2*7NY?*hJqURZl4E+u~38hfP)&xcK$q=f>Wr7FX(&g(1;l#0Khhb;Z}qF zV2DUafyt+F)MpTPn0N-EhquCqN~m!HP;MgChp(q`37~>b*N3*CaRy)vqF8j)pmBQ_ zas^OxY6x3wND%#yfG-D!!G{Y$rfd@tb#-SDzK|g_0DfC2Z>1OjCa?|)mmwdxfvWcp zHF$F+Kz}!wAtl&)r5JnZW^nWeVf|1Er~qOA5RL)Ri9|PXH7I=n@QoCw3*smco2UWw z#}3#gZptWb1JR5Y@{IqW578I^z~+ZB=!b^(5AslO=jMn0n2-wzY+1MutyYZ^S#U~F ze@lLMg-*Ki4BumY`?jq^y70Wf<0KnqjZey^B_ z0?-MIsFEU?fuIPC>GqRe36`%nlt!7223e7F*_5sJZdo`DW2uyZww6c94i;i{1L2qI zmXd9`lBU&?0{X*3yxHyLCRfR+;BaRe|62@!Rjh=u7Um*j|o+2)jSiG@Sx z06;mCiFktACzT(UaJ8UuTr<}4`cmEau2Y?FN@D9;uH?r ziJV^Ns!&STHnbILMEBwiD^qvlb0D~=NS6Fl38ei#=xH2IHe^jY+83=c7~!c zwrK}Z52)axZMJ|D(GUJZC~90lfB$d~;s6NJW{?3;1kiYE4QZy&IiEm^lu^2g9yyUf zdUFq14FT7mt$C2v2&z%~4>yMdsre7~Xae--5Bg}NTk4>mSf~PUs5`f)jhZ2lijk6P zp_qD<&gqAnT5z3-rLV@OC7^TvfDhro1zw4x;FbWxkgJ1WWcpBTAV7h2+L(8$V(kQ( zLB^*IVUu|lqY;sMvM6op3UIvHqm}xYms*41_J`kwf$FoQvk8f+HV|w|gGrf?n5aGq zpoz0ejt9}M`O2$%8FB*AsIPT*i?`ylr+SIE@_PY0 znFE_43D9|o7@P>(r%M~EFsnW?3$d=rr6@=M1I4rySdFelPlE6i}QNAr6kP0vX}~Oi+GR$qSmNetw&l`{|pOx{Wvc5AYWN&qohB zI(7c=3#MlX_+X|*nQ+b)03M(Qm3yiQDSiO!xz;CYBajKmcd$^Y5O}M%7Q(lKn~;Ee zYcBA*@EWlhs(sHOxtf~>k#@PGi)*Il55N#=dnbIvXCW*w1&Hda+p4xB%eHnFj8cZO z1);Ke{)TwM<)!F~WAN&{0`{H%;D#srf7Y94br@V2%am5uz23`T;7fpXdv)cTXM!4A z{;&$|C=l+@g7>+;l-j=TOR^~kcwk1Z^V??FYg>M3F==>Y>TjU9Y(!J9K|s_!vcY4P7GpjCdFDj#Uh-< z1!2WPECF_~#bgY@R6Gz}Cd6V^#%%1pXIzzm_jOd(#&j&QZ)|=)rf)<>qIKNICwIsG z!RKOmHe<`{$A+wifNT&N#%3`#0Y)%lhaAbhn8*lm5AM)l4(5)MyvYDa$(;Pj?d!>) zJj&fF%A|bCD{0E8yvkUo%B=j#bLPshJj-Mz%d~vUNM_5pyvsJG%e?%{6z0poJj??o z%*1@m`en?>yv#D(#Xme+`@o$i5ps-h49gf21h>7zbqv|45&X~taZ3}dcg^(&&YmaD z713zh+h}-45&O`<7NO1}QF-m`6UuxNn<$9UyqG2-&#OnyACb+?#myb@&EYH)-~iC& z%xU{f5tPUX{_K|ZED`T~&=C>Q)0PSo%@g;W5(yn?4b2h;Z4x70T?E~edZ7NzpJ~oI zandWz(CD0Z9EZ_!m(ugB(W2GSDDlz#7tcmc9B=1#bJ6C~CfE#TosAN155Rg!pxK-) znzAj}6`|87!P+JFYT#gw^VZh|QF8N^4AD?|+NlT0&32UsqAY#V=1p*I&2mgF+W$}v z-d5i%J<a_Fsu8mR~EJkpI;bR(_a6`0xP+z*6s++oNHkLcba`EHe0biStHOFF5) zncN>((V}VCBRAgCX5ymRzz81U*zI~4o(iwV4~MXU=^YKV{d*4{;SDY0{21b>ZPTh9 z4R&qZ4FTH<&I1KLiLbT~=z7w=2IA+OcmO`*o_FM@8HSd(y~hxHEKcPjZr{=-;=yNm zC3tQl9p47Qdh^!e708!*aO5f-5#DVQ;JtV93=VE>*=>H_{v6lP<{jnB-QNyAaSe^< z_|4Gp4Cp02(nL+rXfCC7S9!p;4=gz8d%fGzOw+9W(Nry(BPY-7eCVysjhpS_BmS5_ zuGr^^)J;w5+1=`$&U<+t3$4!DJ&x)|mfB41+XAl81_9e-t(!Kj)Rzrul_vJzPSv4)>liWTz4mk=z3mKqb^Wjh zZ)fQ3=kBAf)zVhd1bx~decuZW=)6a@iw@3`UhLM0(~v%E1Pu;JVCdYAp|W;<6V2w$ ziFerD>HZArM855#7l>@<&ojsf5RcRj&vK={=kOl>?{AmSL>TfG8>1(U@6sORx?N)n zPj$?Go&=rRJdo%H-4A>K4es9JP5tM=%8-Fhl=3d^0w0PI_}45Q>(Sok8my8o9qu?C z(ZoIx=1vmeEpXeu(MJF7-Q4b+=F&Sp-x-hY`d;+ut_MqQ=Kl@w$}aG+ZtLg#44^QG zKH&45MsOdP)w_1!BOmejx!DwN+!pWE!+!S5#__K0>Z0!KY)AF)R`Oq85Hki+00h%W#HXYG^KIqOqZ{D8U)}Ig`J>-ChhXCO( zRg!-N3xaE~&fvm>2^SuFP!M9leFmZxkLdNxXo z*z#pTfdm-BF zh81S~nQ>!F0v}g?{n+v+RHqqj?*6Mxb)dn!D31k59N^?)9trooEWHq1Xn(BMwLB?V zbl;&-k%q<%Q?$c>gm)9wbF#L=W1IDaUiiA@l0p@*z)p{q`l3apW6OQk!8n!Cua0oemfKbjKU zD7(O3;%B=B%L-5{)a)axF0=m)SL=_hzku4M7`n6bNk45&_`jTa~S!bW>^;v1BO;$o`uf;Z7ZBYz1t`oNfH{4&n z61UuG$1*qFX{S=RU3cFd@!PZHg|}X5{i#Hx*-Evy-?q^8H{iC&6}Vu7lkIlcwGL)j z#7qHg_+Wq|4mhwcDaJTswCLrEV~sxsIb@MXCb?v36P}k?lUHWBWtU%u*=tFOk|Wu#N`ndkZH z(rrClrzN;WktnY6*R)G6TihWHfF>z$!ErI`ZMXhet);)FE9|zVEqmF9*G`e}k^kOy zCBCtx`)s?j#han7AGhjNYy+=bMZu{xe8r33op@k2$9DU3Y7wXW+Q@-bI(4qBJ)QK; zMVwvQ&g;6p+|bYR3iWJrXV!PupIzOc$s3;2)<9z%^`J13n@o>B*F4LpC>5MAiA=xD zbjDhhN08~JEWW-6cfL^G4pK;$~6`Va&o z5}R5PM}P#>-|)P3yq-x-W9E^F{SYLlzbqws(F;x3QsNZY`6zmcSxsmZC%5?wNp`jZ zkFTy|7WeQaP%#`5L13gsru+kkT5-r-!d4m~c4aevabgY?GM>h9CydUqNgAbCnX4EF zS~>cOq#nYi4|Rx)U3|zHxdR*EJm({0Jj_s<*uhkg&>;j04+dZ2mD21>B0sU1LfR<9 zxfHL4dMg=#UInnKoJnrN;R+EgH=(kK(Fao+h(H{<4i*J&My`aVQUK#3a+NJM#~=>o zF8+d$bXXB6d%zRH*mV#WEfX^!flg3r84-TGGJCswk%64)D=^|EB>h09qMBl$<797A zs4R^%xfc;xx{o=g8&E3~GM1oB5k#C+m<_qsx{rOzBH+Xm2%l%l9Ffi-s??=9r^CQE zLGVZGIEF5TX(fv=)O;yfNjt6dxnGWsH0m440*slf8rdj193{?FYNbRC4ke;{av5ymlXd*u zr#>mx68rsAsJP_V>8xxkjz{ke2>~==iv{N9=>l`864mEV%WZ| z1#9L2{7F!zOu!MFAd~bpCR909R=oP5IB|j!grbB>4)NecKb2AfYHxhapc4R7_*GR! zCWC|xEjNuyBsIsEKOXXF`eL*Z?H*}NtvC{6G5Dr74U~Oujp-zxmy$U}L`NcdSZ^Qp zk{05{!J*|$pF6D@(+VXOl-Dx6Hy#U~HFE z+wq1O1li3reZw2y@QOCQ|2=Sm7hG%eKC{6UzHo*|EZ_-mc*G?>@pL`B%oN9X#x;&D zi_doB9|w8JxrOkHi`?WVM>&~29^jRy+~qHyc*lhWbDGzD;WD>*&UKD&obTM{Kj&o6 zfj)GiUrp#mM|#qWc66mT-RU=D`qQO8^^!%M>Q~1)#jKunu6Mm(Tlad{#a=G3kKOEN zpH|t?zIL`3OYLokd)#3QabXKw?sv!gRp~D7y!V~$Z})rP(GGaQ7apIaKz!mAzj($s z-tmuz{Ne{}_qx;F@RuJRDekd(&UfDPp9g*DML&AZlm24zd#60+RsT56liu~Ohdt;` zulJI(eCDgiy$o9)d*1gx^s_e}$y=U#;$v<1zDK_Afv@u0C(ZK3hrZE{pM2`Se)*M0 z{qv*0{h&?1`rrTk>1!|B=5yct(g%O~MSp$5pWpp4^S=7k&wk;T|NZyRS^VV>e)?0M z@AwBmlF`5YtG@orzVQpd1Z0^3483X~l47t2P=Eyj>^uWRK-#lE1=K(Rj6Hk!1Qgi3 zdMJemoIncPJPRB?4BWsKTp0%RJaz!V&Lcq+JVEhG!Qj(A7Sut3aly{Jg+%bY8I%VY zh!G(4z#_bddQcMrC_(G9!3A}sL{y`a(KzZna39N@NfCU)jym|u+ z0D^6RJrsmO9K66ObVGls!p-}^Ae2CMKmyLI1|%55J1j#Ye84n(!nwP_HzdS&iNkxS zh8W~L60}1+U1k11#%dsTOvNX%HM9Z{P%dE7-wRFq3gv+>;%ekb>y0pu?#LK+Y zOQ~$jz4Xh!1kAt`%)ung!Zggm?90Pc%*ABP#&pcbgv`kF%EXk+%CyYO#LUdp%+16~ z%H+(?1kKPC&Cw)HwTufHK+RdyRL#|7&DM0y*M!a3l+D?s&Dylh+r-V>)Xm-G&EE9Q z-vrL!6wcu!&f+xA<3vu>EX422hRL)XweX&hGTi?*z~A J9GQRs06UGiI-dXl literal 0 HcmV?d00001 diff --git a/README.md b/README.md index 0776d5f..06b3315 100644 --- a/README.md +++ b/README.md @@ -1 +1,96 @@ -# a10vthunder-orchestrator \ No newline at end of file +# a10vThunder +## Windows-orchestrator + +A10 vThunder AnyAgent allows an organization to inventory and deploy certificates in any domain that the appliance services. The AnyAgent deploys the appropriate files (.cer, .pem) within the defined directories and also performs and Inventory on the Items. + +## Production Ready + + +*** +## **A10 vThunder Configuration** + +**Overview** + +The A10 vThunder Agent allows a user to inventory certificates and manage (add/remove/replace) certificates from the A10 vThunder platform. + +**1) Create the new Certificate store Type for the New A10 vThunder AnyAgent** + +In Keyfactor Command create a new Certificate Store Type similar to the one below: + +![image.png](/Media/Images/CertStores.gif) + + +- **Name** – Required. The display name of the new Certificate Store Type +- **Short Name** – Required. MUST be "vThunder" + +- **Needs Server, Blueprint Allowed** – checked as shown +- **Requires Store Password, Supports Entry Password** – unchecked as shown +- **Supports Custom Alias** – Forbidden. Not used. +- **Use PowerShell** – Unchecked +- **Store PathType** – Freeform (user will enter the the location of the store). +- **Private Keys** – Optional +- **PFX Password Style** – Default +- **Job Types** – Inventory, Add and Remove are the 3 job types implemented by this AnyAgent + + +**2) Register the A10 vThunder AnyAgent with Keyfactor** + +Open the Keyfactor Windows Agent Configuration Wizard and perform the tasks as illustrated below: + +![image.png](/Media/Images/ConfigWizard1.gif) + +- Click **** + +![image.png](/Media/Images/ConfigWizard2.gif) + +If you have configured the agent service previously, you should be able to skip to just click ****. Otherwise, enter the service account Username and Password you wish to run the Keyfactor Windows Agent Service under, click **** and click ****. + +![image.png](/Media/Images/ConfigWizard3.gif) + +If you have configured the agent service previously, you should be able to skip to just re-enter the password to the service account the agent service will run under, click **** and then ****. + +![image.png](/Media/Images/ConfigWizard4.gif) + +Select the agent you are adding capabilities for (in this case, vThunder, and also select the specific capabilities (Inventory and Management in this example). Click ****. + +![image.png](/Media/Images/ConfigWizard5.gif) + +For each AnyAgent implementation, check Load assemblies containing extension modules from other location , browse to the location of the compiled AnyAgent dlls, and click ****. Once all AnyAgents have been validated, click ****. + +![image.png](/Media/Images/ConfigWizard6.gif) + +If the Keyfactor Agent Configuration Wizard configured everything correctly, you should see the dialog above. + +**3) Create a Cert Store within the Keyfactor Portal** + +Navigate to Certificate Locations => Certificate Stores within Keyfactor Command to add an A10 vThunder certificate store. Below are the values that should be entered. + +![image.png](/Media/Images/CertStores.gif) + +- **Category** – Required. The vThunder category name must be selected +- **Container** – Optional. Select a container if utilized. +- **Client Machine** – Required. The server name or IP Address of the A10 vThunder API plus port. [Azure Test Machine](https://portal.azure.com/#@csspkioutlook.onmicrosoft.com/resource/subscriptions/b3114ff1-bb92-45b6-9bd6-e4a1eed8c91e/resourceGroups/kVThunderA10/providers/Microsoft.Compute/virtualMachines/kVThunderA10/overview) port is :1113 for ssl. +- **Store Path** – Required. This will be one of the following based on what you are looking to add to the store. +1. **[DomainName]\cert** where [DomainName] is the name of the domain in A10 vThunder you are looking to manage and inventory. + +2. **cert** - This will use the default domain in A10 vThunder to manage and inventory **domain** certs + +3. **[DomainName]\pubcert** - This will give you the ability to Inventory the Pub Cert Folder on the specified domain where [DomainName] is the name of the domain in A10 vThunder you are looking to inventory. + +4. **pubcert** - This will use the default domain in A10 vThunder to manage and inventory **public certs** certs + +### App Config Settings +Keyfactor.AnyAgent.vThunder.dll.config (Deployed with all AnyAgent Binaries) +``` + + + + + + +``` + +There are 2 App Config Settings +1. Protocol should always be **https** in **Production** but you may need to switch to **http** for **Testing** only + +2. AllowInvalidCerts should be set to **false** in **Production**. It is set to **true** in **Dev/Test** since the VM we are testing with a vThunder VM that does not have a valid SSL Certificate on the Azure Platform. diff --git a/README.md.tpl b/README.md.tpl new file mode 100644 index 0000000..90db2b4 --- /dev/null +++ b/README.md.tpl @@ -0,0 +1,96 @@ +# {{ name }} +## {{ integration_type | capitalize }} + +{{ description }} + +## {{ status | capitalize }} Ready + + +*** +## **A10 vThunder Configuration** + +**Overview** + +The A10 vThunder Agent allows a user to inventory certificates and manage (add/remove/replace) certificates from the A10 vThunder platform. + +**1) Create the new Certificate store Type for the New A10 vThunder AnyAgent** + +In Keyfactor Command create a new Certificate Store Type similar to the one below: + +![image.png](/Media/Images/CertStores.gif) + + +- **Name** – Required. The display name of the new Certificate Store Type +- **Short Name** – Required. MUST be "vThunder" + +- **Needs Server, Blueprint Allowed** – checked as shown +- **Requires Store Password, Supports Entry Password** – unchecked as shown +- **Supports Custom Alias** – Forbidden. Not used. +- **Use PowerShell** – Unchecked +- **Store PathType** – Freeform (user will enter the the location of the store). +- **Private Keys** – Optional +- **PFX Password Style** – Default +- **Job Types** – Inventory, Add and Remove are the 3 job types implemented by this AnyAgent + + +**2) Register the A10 vThunder AnyAgent with Keyfactor** + +Open the Keyfactor Windows Agent Configuration Wizard and perform the tasks as illustrated below: + +![image.png](/Media/Images/ConfigWizard1.gif) + +- Click **** + +![image.png](/Media/Images/ConfigWizard2.gif) + +If you have configured the agent service previously, you should be able to skip to just click ****. Otherwise, enter the service account Username and Password you wish to run the Keyfactor Windows Agent Service under, click **** and click ****. + +![image.png](/Media/Images/ConfigWizard3.gif) + +If you have configured the agent service previously, you should be able to skip to just re-enter the password to the service account the agent service will run under, click **** and then ****. + +![image.png](/Media/Images/ConfigWizard4.gif) + +Select the agent you are adding capabilities for (in this case, vThunder, and also select the specific capabilities (Inventory and Management in this example). Click ****. + +![image.png](/Media/Images/ConfigWizard5.gif) + +For each AnyAgent implementation, check Load assemblies containing extension modules from other location , browse to the location of the compiled AnyAgent dlls, and click ****. Once all AnyAgents have been validated, click ****. + +![image.png](/Media/Images/ConfigWizard6.gif) + +If the Keyfactor Agent Configuration Wizard configured everything correctly, you should see the dialog above. + +**3) Create a Cert Store within the Keyfactor Portal** + +Navigate to Certificate Locations => Certificate Stores within Keyfactor Command to add an A10 vThunder certificate store. Below are the values that should be entered. + +![image.png](/Media/Images/CertStores.gif) + +- **Category** – Required. The vThunder category name must be selected +- **Container** – Optional. Select a container if utilized. +- **Client Machine** – Required. The server name or IP Address of the A10 vThunder API plus port. [Azure Test Machine](https://portal.azure.com/#@csspkioutlook.onmicrosoft.com/resource/subscriptions/b3114ff1-bb92-45b6-9bd6-e4a1eed8c91e/resourceGroups/kVThunderA10/providers/Microsoft.Compute/virtualMachines/kVThunderA10/overview) port is :1113 for ssl. +- **Store Path** – Required. This will be one of the following based on what you are looking to add to the store. +1. **[DomainName]\cert** where [DomainName] is the name of the domain in A10 vThunder you are looking to manage and inventory. + +2. **cert** - This will use the default domain in A10 vThunder to manage and inventory **domain** certs + +3. **[DomainName]\pubcert** - This will give you the ability to Inventory the Pub Cert Folder on the specified domain where [DomainName] is the name of the domain in A10 vThunder you are looking to inventory. + +4. **pubcert** - This will use the default domain in A10 vThunder to manage and inventory **public certs** certs + +### App Config Settings +Keyfactor.AnyAgent.vThunder.dll.config (Deployed with all AnyAgent Binaries) +``` + + + + + + +``` + +There are 2 App Config Settings +1. Protocol should always be **https** in **Production** but you may need to switch to **http** for **Testing** only + +2. AllowInvalidCerts should be set to **false** in **Production**. It is set to **true** in **Dev/Test** since the VM we are testing with a vThunder VM that does not have a valid SSL Certificate on the Azure Platform. diff --git a/Setup/InstallA10AzureVM.ps1 b/Setup/InstallA10AzureVM.ps1 new file mode 100644 index 0000000..b3cdce5 --- /dev/null +++ b/Setup/InstallA10AzureVM.ps1 @@ -0,0 +1,66 @@ +$location = Read-Host 'Enter the location' +$resourceGroup = Read-Host 'Enter resource group name' +$storageaccount = Read-Host 'Enter storage account name' +$vmName = Read-Host 'VM Name' +$vmSize = Read-Host 'Enter VM size' + +#Create new resource group for deployment +New-AzureRmResourceGroup -Name $resourceGroup -Location $location + +#Create storage account +New-AzureRmStorageAccount -ResourceGroupName $resourceGroup -AccountName $storageaccount -Location $location -SkuName Standard_RAGRS -Kind StorageV2 -AssignIdentity + +# Create a subnet configuration +$mgmtsubnet = New-AzureRmVirtualNetworkSubnetConfig -Name "mgmtSubnet" -AddressPrefix "192.168.1.0/24" +$data1subnet = New-AzureRmVirtualNetworkSubnetConfig -Name "data1subnet" -AddressPrefix "192.168.2.0/24" +$data2subnet = New-AzureRmVirtualNetworkSubnetConfig -Name "data2subnet" -AddressPrefix "192.168.3.0/24" + +# Create a virtual network +$vnet = New-AzureRmVirtualNetwork -ResourceGroupName $resourceGroup -Location $location -Name "TestVnet" -AddressPrefix 192.168.0.0/16 -Subnet $mgmtsubnet,$data1subnet,$data2subnet + +# Create a public IP address and specify a DNS name +$mgmtpip = New-AzureRmPublicIpAddress -ResourceGroupName $resourceGroup -Location $location -AllocationMethod Dynamic -IdleTimeoutInMinutes 4 -Name "myip$(Get-Random)" +$data1pip = New-AzureRmPublicIpAddress -ResourceGroupName $resourceGroup -Location $location -AllocationMethod Dynamic -IdleTimeoutInMinutes 4 -Name "myip$(Get-Random)" +$data2pip = New-AzureRmPublicIpAddress -ResourceGroupName $resourceGroup -Location $location -AllocationMethod Dynamic -IdleTimeoutInMinutes 4 -Name "myip$(Get-Random)" + +# Create an inbound network security group rule for port 22 +$nsgRuleSSH = New-AzureRmNetworkSecurityRuleConfig -Name "myNetworkSecurityGroupRuleSSH" -Protocol "Tcp" -Direction "Inbound" -Priority 1000 -SourceAddressPrefix * -SourcePortRange * -DestinationAddressPrefix * -DestinationPortRange 22 -Access "Allow" +# Create an inbound network security group rule for port 80 +$nsgRuleWeb = New-AzureRmNetworkSecurityRuleConfig -Name "myNetworkSecurityGroupRuleWWW" -Protocol "Tcp" -Direction "Inbound" -Priority 1001 -SourceAddressPrefix * -SourcePortRange * -DestinationAddressPrefix * -DestinationPortRange 80 -Access "Allow" + +# Create a network security group +$nsg = New-AzureRmNetworkSecurityGroup -ResourceGroupName $resourceGroup -Location $location -Name "myNetworkSecurityGroup" -SecurityRules $nsgRuleSSH,$nsgRuleWeb + +# Create a virtual network card and associate with public IP address and NSG +$mgmtsubnet = $vnet.Subnets | ?{ $_.Name -eq 'mgmtsubnet' } +$mgmtnic = New-AzureRmNetworkInterface -ResourceGroupName $resourceGroup -Name "mgmtnic" -Location $location -SubnetId $mgmtsubnet.Id -PublicIpAddressId $mgmtpip.Id -NetworkSecurityGroupId $nsg.Id + +$data1subnet = $vnet.Subnets | ?{ $_.Name -eq 'data1subnet' } +$data1nic = New-AzureRmNetworkInterface -ResourceGroupName $resourceGroup -Name "data1nic" -Location $location -SubnetId $data1subnet.Id -PublicIpAddressId $data1pip.Id -NetworkSecurityGroupId $nsg.Id + +$data2subnet = $vnet.Subnets | ?{ $_.Name -eq 'data2subnet' } +$data2nic = New-AzureRmNetworkInterface -ResourceGroupName $resourceGroup -Name "data2nic" -Location $location -SubnetId $data2subnet.Id -PublicIpAddressId $data2pip.Id -NetworkSecurityGroupId $nsg.Id + +# Define a credential object +$name= Read-Host 'Enter Username' +$securePassword = Read-Host 'Enter the password' -AsSecureString +$cred = New-Object System.Management.Automation.PSCredential ($name, $securePassword) + +# Start building the VM configuration +$vmConfig = New-AzureRmVMConfig -VMName $vmName -VMSize $vmSize + +#Create the rest of configuration +$vmConfig = Set-AzureRmVMOperatingSystem -VM $vmConfig -Linux -ComputerName $vmName -Credential $cred +$vmConfig = Set-AzureRmVMSourceImage -VM $vmConfig -PublisherName "a10networks" -Offer "a10-vthunder-adc" -skus "vthunder_500mbps" -Version "latest" +$vmConfig = Set-AzureRmVMPlan -Name "vthunder_500mbps" -Product "a10-vthunder-adc" -Publisher "a10networks" -VM $vmconfig + +# for bootdiag +$vmConfig = Set-AzureRmVMBootDiagnostics -VM $vmconfig -Enable -ResourceGroupName $resourceGroup -StorageAccountName $storageaccount + +#Attach the NIC that are created +$vmConfig = Add-AzureRmVMNetworkInterface -VM $vmConfig -Id $mgmtnic.Id -Primary +$vmConfig = Add-AzureRmVMNetworkInterface -VM $vmConfig -Id $data1nic.Id +$vmConfig = Add-AzureRmVMNetworkInterface -VM $vmConfig -Id $data2nic.Id + +#Creating VM with all configuration +New-AzureRmVM -ResourceGroupName $resourceGroup -Location $location -VM $vmConfig \ No newline at end of file diff --git a/a10vthunder-orchestrator.sln b/a10vthunder-orchestrator.sln new file mode 100644 index 0000000..d85f138 --- /dev/null +++ b/a10vthunder-orchestrator.sln @@ -0,0 +1,25 @@ + +Microsoft Visual Studio Solution File, Format Version 12.00 +# Visual Studio Version 16 +VisualStudioVersion = 16.0.31702.278 +MinimumVisualStudioVersion = 10.0.40219.1 +Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "a10vthunder-orchestrator", "a10vthunder-orchestrator\a10vthunder-orchestrator.csproj", "{0E9426F8-B45E-4266-BB6C-7942D1B6B650}" +EndProject +Global + GlobalSection(SolutionConfigurationPlatforms) = preSolution + Debug|Any CPU = Debug|Any CPU + Release|Any CPU = Release|Any CPU + EndGlobalSection + GlobalSection(ProjectConfigurationPlatforms) = postSolution + {0E9426F8-B45E-4266-BB6C-7942D1B6B650}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {0E9426F8-B45E-4266-BB6C-7942D1B6B650}.Debug|Any CPU.Build.0 = Debug|Any CPU + {0E9426F8-B45E-4266-BB6C-7942D1B6B650}.Release|Any CPU.ActiveCfg = Release|Any CPU + {0E9426F8-B45E-4266-BB6C-7942D1B6B650}.Release|Any CPU.Build.0 = Release|Any CPU + EndGlobalSection + GlobalSection(SolutionProperties) = preSolution + HideSolutionNode = FALSE + EndGlobalSection + GlobalSection(ExtensibilityGlobals) = postSolution + SolutionGuid = {C9CA0496-DCB2-49B7-9D70-A6B1DACB282F} + EndGlobalSection +EndGlobal diff --git a/a10vthunder-orchestrator/AnyError.cs b/a10vthunder-orchestrator/AnyError.cs new file mode 100644 index 0000000..331594f --- /dev/null +++ b/a10vthunder-orchestrator/AnyError.cs @@ -0,0 +1,15 @@ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; +using System.Threading.Tasks; + +namespace Keyfactor.AnyAgent.vThunder +{ + public class AnyErrors + { + public virtual bool HasError { get; set; } + + public virtual string ErrorMessage { get; set; } + } +} \ No newline at end of file diff --git a/a10vthunder-orchestrator/CertManager.cs b/a10vthunder-orchestrator/CertManager.cs new file mode 100644 index 0000000..cca001c --- /dev/null +++ b/a10vthunder-orchestrator/CertManager.cs @@ -0,0 +1,86 @@ +using System; +using System.Collections.Generic; +using System.Security.Cryptography.X509Certificates; +using System.Text; +using CSS.Common.Logging; +using Keyfactor.Extensions.Orchestrator.vThunder.api; +using Keyfactor.Platform.Extensions.Agents; +using Keyfactor.Platform.Extensions.Agents.Enums; + +namespace Keyfactor.Extensions.Orchestrator.vThunder +{ + public class CertManager : LoggingClientBase + { + public virtual InventoryResult GetCert(ApiClient apiClient, string certName) + { + return InventoryResult(apiClient, certName); + } + + public virtual InventoryResult GetCerts(ApiClient apiClient) + { + return InventoryResult(apiClient); + } + + protected virtual SslCollectionResponse CertificateCollection { get; set; } + + protected virtual string CertificateDetails { get; set; } + + public virtual InventoryResult InventoryResult(ApiClient apiClient, string certName = "") + { + var result = new InventoryResult(); + var error = new AnyErrors {HasError = false}; + + logger.LogTrace("GetCerts"); + + + CertificateCollection = + certName == "" ? apiClient.GetCertificates() : apiClient.GetCertificates(certName); + + var inventoryItems = new List(); + + logger.LogTrace("Start loop"); + + if (CertificateCollection != null) + foreach (var cc in CertificateCollection.SslCertificate.Oper.SslCertificates) + if (!string.IsNullOrEmpty(cc.Name)) + { + logger.LogTrace($"Looping through Certificate Store files: {cc.Name}"); + + var privateKeyEntry = cc.Type == "certificate/key"; + + try + { + CertificateDetails = apiClient.GetCertificate(cc.Name); + + //check this is a valid cert, if not fall to the errors + var cert = new X509Certificate2(Encoding.UTF8.GetBytes(CertificateDetails)); + + logger.LogTrace($"Add to list: {cc.Name}"); + if (cert.Thumbprint != null) + inventoryItems.Add( + new AgentCertStoreInventoryItem + { + Certificates = new[] + {CertificateDetails}, + Alias = cc.Name, + PrivateKeyEntry = privateKeyEntry, + ItemStatus = AgentInventoryItemStatus.Unknown, + UseChainLevel = true + }); + } + catch (Exception ex) + { + Logger.Error($"Certificate not retrievable: Error on {cc.Name}: {ex.Message}"); + error.ErrorMessage = ex.Message; + error.HasError = true; + } + } + + + result.Errors = error; + result.InventoryList = inventoryItems; + + return result; + } + } +} \ No newline at end of file diff --git a/a10vthunder-orchestrator/Constants.cs b/a10vthunder-orchestrator/Constants.cs new file mode 100644 index 0000000..5715d6f --- /dev/null +++ b/a10vthunder-orchestrator/Constants.cs @@ -0,0 +1,16 @@ +namespace Keyfactor.Extensions.Orchestrator.vThunder +{ + static class WindowsUserAnyAgentConstants + { + public const string StoreTypeName = "vThunder"; + } + + static class JobTypes + { + public const string Create = "Create"; + public const string Discovery = "Discovery"; + public const string Inventory = "Inventory"; + public const string Management = "Management"; + public const string Reenrollment = "Enrollment"; + } +} diff --git a/a10vthunder-orchestrator/Exceptions/InvalidInventoryInvokeException.cs b/a10vthunder-orchestrator/Exceptions/InvalidInventoryInvokeException.cs new file mode 100644 index 0000000..a9fa999 --- /dev/null +++ b/a10vthunder-orchestrator/Exceptions/InvalidInventoryInvokeException.cs @@ -0,0 +1,12 @@ +using System; + +namespace Keyfactor.Extensions.Orchestrator.vThunder.Exceptions +{ + class InvalidInventoryInvokeException:Exception + { + public InvalidInventoryInvokeException():base("SubmitInventory.Invoke returned false") + { + + } + } +} diff --git a/a10vthunder-orchestrator/Exceptions/UnsupportedOperationException.cs b/a10vthunder-orchestrator/Exceptions/UnsupportedOperationException.cs new file mode 100644 index 0000000..54e8b60 --- /dev/null +++ b/a10vthunder-orchestrator/Exceptions/UnsupportedOperationException.cs @@ -0,0 +1,12 @@ +using System; + +namespace Keyfactor.Extensions.Orchestrator.vThunder.Exceptions +{ + class UnSupportedOperationException : Exception + { + public UnSupportedOperationException() : base("Unsupported Operation, only Add, Remove are supported") + { + + } + } +} diff --git a/a10vthunder-orchestrator/InventoryResult.cs b/a10vthunder-orchestrator/InventoryResult.cs new file mode 100644 index 0000000..f40a380 --- /dev/null +++ b/a10vthunder-orchestrator/InventoryResult.cs @@ -0,0 +1,12 @@ +using System.Collections.Generic; +using Keyfactor.Platform.Extensions.Agents; + +namespace Keyfactor.Extensions.Orchestrator.vThunder +{ + public class InventoryResult + { + public virtual AnyErrors Errors { get; set; } + + public virtual List InventoryList { get; set; } + } +} diff --git a/a10vthunder-orchestrator/JobAttribute.cs b/a10vthunder-orchestrator/JobAttribute.cs new file mode 100644 index 0000000..80adafe --- /dev/null +++ b/a10vthunder-orchestrator/JobAttribute.cs @@ -0,0 +1,20 @@ +using System; + +namespace Keyfactor.Extensions.Orchestrator.vThunder +{ + [AttributeUsage(AttributeTargets.Class)] + public class JobAttribute : Attribute + { + private string jobClass { get; set; } + + public JobAttribute(string jobClass) + { + this.jobClass = jobClass; + } + + public virtual string JobClass + { + get { return jobClass; } + } + } +} diff --git a/a10vthunder-orchestrator/Jobs/AgentJob.cs b/a10vthunder-orchestrator/Jobs/AgentJob.cs new file mode 100644 index 0000000..fcab17d --- /dev/null +++ b/a10vthunder-orchestrator/Jobs/AgentJob.cs @@ -0,0 +1,52 @@ +using System; +using System.Linq; +using CSS.Common.Logging; +using Keyfactor.Orchestrators.Extensions; +using Keyfactor.Orchestrators.Common.Enums; + +namespace Keyfactor.Extensions.Orchestrator.vThunder.Jobs +{ + public abstract class AgentJob : LoggingClientBase, IAgentJobExtension + { + public string ExtensionName => ""; + + protected JobResult Success(string message = null) + { + return new JobResult + { + Result = OrchestratorJobStatusJobResult.Success, + }; + } + + protected JobResult Warning(string message = null) + { + return new JobResult + { + Result = OrchestratorJobStatusJobResult.Warning, + FailureMessage = message ?? $"{this.GetType().Name} {WindowsUserAnyAgentConstants.StoreTypeName} Complete With Warnings" + }; + } + + protected JobResult ThrowError(Exception exception, string jobSection) + { + var message = FlattenException(exception); + ILogger logger = LogHandler.GetClassLogger(); + + logger.LogError($"Error performing {jobSection} in {this.GetType().Name} {WindowsUserAnyAgentConstants.StoreTypeName} - {message}"); + return new JobResult + { + Result = OrchestratorJobStatusJobResult.Failure, + FailureMessage = message + }; + } + + private string FlattenException(Exception ex) + { + var returnMessage = ex.Message; + if (ex.InnerException != null) + returnMessage += " - " + FlattenException(ex.InnerException); + + return returnMessage; + } + } +} \ No newline at end of file diff --git a/a10vthunder-orchestrator/Jobs/Inventory.cs b/a10vthunder-orchestrator/Jobs/Inventory.cs new file mode 100644 index 0000000..da66c04 --- /dev/null +++ b/a10vthunder-orchestrator/Jobs/Inventory.cs @@ -0,0 +1,59 @@ +using System; +using System.Configuration; +using System.Reflection; +using Keyfactor.Extensions.Orchestrator.vThunder.api; +using Keyfactor.Extensions.Orchestrator.vThunder.Exceptions; +using Keyfactor.Orchestrators.Extensions; +using Keyfactor.Orchestrators.Common.Enums; + +namespace Keyfactor.Extensions.Orchestrator.vThunder +{ + public class Inventory : IInventoryJobExtension + { + public string ExtensionName => ""; + + protected internal virtual InventoryResult Result { get; set; } + protected internal virtual CertManager CertificateManager { get; set; } + protected internal virtual ApiClient ApiClient { get; set; } + protected internal virtual string Protocol { get; set; } + protected internal virtual Configuration AppConfig { get; set; } + protected internal virtual bool ReturnValue { get; set; } + + public override JobResult processJob(AnyJobConfigInfo config, SubmitInventoryUpdate submitInventory, + SubmitEnrollmentRequest submitEnrollmentRequest, SubmitDiscoveryResults sdr) + { + AppConfig = ConfigurationManager.OpenExeConfiguration(Assembly.GetExecutingAssembly().Location); + Protocol = AppConfig.AppSettings.Settings["Protocol"].Value; + + using (ApiClient = new ApiClient(config.Server.Username, config.Server.Password, + $"{Protocol}://{config.Store.ClientMachine.Trim()}")) + { + ApiClient.Logon(); + try + { + logger.LogTrace("Parse: Certificate Inventory: " + config.Store.StorePath); + logger.LogTrace($"Certificate Store: {config.Store.StoretypeShortName}"); + + logger.LogTrace("Entering A10 VThunder DataPower: Certificate Inventory"); + logger.LogTrace($"Entering processJob for Certificate Store: {config.Store.StoretypeShortName}"); + CertificateManager = new CertManager(); + Result = CertificateManager.GetCerts(ApiClient); + ReturnValue = submitInventory.Invoke(Result.InventoryList); + + if (ReturnValue == false) + return ThrowError(new InvalidInventoryInvokeException(), "Inventory"); + + if (Result.Errors.HasError) + return Warning( + $"Inventory had issues retrieving some certificates: {Result.Errors.ErrorMessage}"); + + return Success(); + } + catch (Exception e) + { + return ThrowError(e, "Inventory"); + } + } + } + } +} \ No newline at end of file diff --git a/a10vthunder-orchestrator/Jobs/Management.cs b/a10vthunder-orchestrator/Jobs/Management.cs new file mode 100644 index 0000000..305a38a --- /dev/null +++ b/a10vthunder-orchestrator/Jobs/Management.cs @@ -0,0 +1,228 @@ +using System; +using System.Configuration; +using System.IO; +using System.Linq; +using System.Reflection; +using System.Text; + +using Keyfactor.Extensions.Orchestrator.vThunder.api; +using Keyfactor.Extensions.Orchestrator.vThunder.Exceptions; +using Keyfactor.Logging; +using Keyfactor.Orchestrators.Extensions; +using Keyfactor.Orchestrators.Common.Enums; + +using Microsoft.Extensions.Logging; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.OpenSsl; +using Org.BouncyCastle.Pkcs; + +namespace Keyfactor.Extensions.Orchestrator.vThunder +{ + public class Management : IManagementJobExtension + { + public string ExtensionName => ""; + + protected internal static Func Pemify = ss => + ss.Length <= 64 ? ss : ss.Substring(0, 64) + "\n" + Pemify(ss.Substring(64)); + + protected internal virtual string Protocol { get; set; } + protected internal virtual ApiClient ApiClient { get; set; } + protected internal virtual CertManager CertManager { get; set; } + protected internal virtual Configuration AppConfig { get; set; } + protected internal virtual InventoryResult InventoryResult { get; set; } + protected internal virtual bool ExistingCert { get; set; } + protected internal virtual string CertStart { get; set; } = "-----BEGIN CERTIFICATE-----\n"; + protected internal virtual string CertEnd { get; set; } = "\n-----END CERTIFICATE-----"; + protected internal virtual string Alias { get; set; } + + public override JobResult processJob(ManagementJobConfiguration config) + { + ILogger logger = LogHandler.GetClassLogger(); + + CertManager = new CertManager(); + AppConfig = ConfigurationManager.OpenExeConfiguration(Assembly.GetExecutingAssembly().Location); + Protocol = AppConfig.AppSettings.Settings["Protocol"].Value; + logger.LogTrace($"Ending Management Constructor Protocol is {Protocol}"); + + using (ApiClient = new ApiClient(config.Server.Username, config.Server.Password, + $"{Protocol}://{config.Store.ClientMachine.Trim()}")) + { + if (string.IsNullOrEmpty(config.Job.Alias)) + return ThrowError(new ArgumentException("Missing Alias/Overwrite, Operation Cannot Be Completed"), + "Management Add/Replace"); + + ApiClient.Logon(); + InventoryResult = CertManager.GetCert(ApiClient, config.Job.Alias); + ExistingCert = InventoryResult != null && InventoryResult?.InventoryList?.Count == 1; + + switch (config.Job.OperationType) + { + case AnyJobOperationType.Add: + try + { + if (ExistingCert) + { + logger.LogTrace($"Starting Replace Job for {config.Job.Alias}"); + Replace(config, InventoryResult, ApiClient); + logger.LogTrace($"Finishing Replace Job for {config.Job.Alias}"); + } + else + { + logger.LogTrace($"Starting Add Job for {config.Job.Alias}"); + Add(config, ApiClient); + logger.LogTrace($"Finishing Add Job for {config.Job.Alias}"); + } + } + catch (Exception e) + { + return ThrowError(e, "Error Adding Certificate"); + } + + break; + case AnyJobOperationType.Remove: + try + { + logger.LogTrace($"Starting Remove Job for {config.Job.Alias}"); + Remove(config, InventoryResult, ApiClient); + logger.LogTrace($"Finishing Remove Job for {config.Job.Alias}"); + } + catch (Exception e) + { + return ThrowError(e, "Error Removing Certificate"); + } + + break; + default: + return ThrowError(new UnSupportedOperationException(), "Management"); + } + + logger.LogTrace($"Finishing Process Job for {config.Job.Alias}"); + return Success("Management Job Completed"); + } + } + + protected internal virtual void Replace(AnyJobConfigInfo config, InventoryResult inventoryResult, + ApiClient apiClient) + { + Remove(config, inventoryResult, apiClient); + Add(config, apiClient); + } + + protected internal virtual void Remove(AnyJobConfigInfo configInfo, InventoryResult inventoryResult, + ApiClient apiClient) + { + logger.LogTrace($"Start Delete the {configInfo.Job.Alias} Private Key"); + DeleteCertBaseRequest deleteKeyRoot; + if (inventoryResult.InventoryList[0].PrivateKeyEntry) + deleteKeyRoot = new DeleteCertBaseRequest + { + DeleteCert = new DeleteCertRequest + { + CertName = configInfo.Job.Alias, + PrivateKey = configInfo.Job.Alias + } + }; + else + deleteKeyRoot = new DeleteCertBaseRequest + { + DeleteCert = new DeleteCertRequest + { + CertName = configInfo.Job.Alias + } + }; + + apiClient.RemoveCertificate(deleteKeyRoot); + logger.LogTrace($"Successful Delete of the {configInfo.Job.Alias} Private Key"); + } + + protected internal virtual void Add(AnyJobConfigInfo configInfo, ApiClient apiClient) + { + logger.LogTrace($"Entering Add Function for {configInfo.Job.Alias}"); + var privateKeyString = ""; + string certPem; + + if (!string.IsNullOrEmpty(configInfo.Job.PfxPassword)) + { + logger.LogTrace($"Pfx Password exists getting Private Key string for {configInfo.Job.Alias}"); + var certData = Convert.FromBase64String(configInfo.Job.EntryContents); + var store = new Pkcs12Store(new MemoryStream(certData), + configInfo.Job.PfxPassword.ToCharArray()); + + using (var memoryStream = new MemoryStream()) + { + using (TextWriter streamWriter = new StreamWriter(memoryStream)) + { + var pemWriter = new PemWriter(streamWriter); + logger.LogTrace($"Getting Public Key for {configInfo.Job.Alias}"); + Alias = store.Aliases.Cast().SingleOrDefault(a => store.IsKeyEntry(a)); + var publicKey = store.GetCertificate(Alias).Certificate.GetPublicKey(); + logger.LogTrace($"Getting Private Key for {configInfo.Job.Alias}"); + var privateKey = store.GetKey(Alias).Key; + var keyPair = new AsymmetricCipherKeyPair(publicKey, privateKey); + logger.LogTrace($"Writing Private Key for {configInfo.Job.Alias}"); + pemWriter.WriteObject(keyPair.Private); + streamWriter.Flush(); + privateKeyString = Encoding.ASCII.GetString(memoryStream.GetBuffer()).Trim() + .Replace("\r", "").Replace("\0", ""); + memoryStream.Close(); + streamWriter.Close(); + logger.LogTrace($"Private Key String Retrieved for {configInfo.Job.Alias}"); + } + } + + // Extract server certificate + var beginCertificate = "-----BEGIN CERTIFICATE-----\n"; + var endCertificate = "\n-----END CERTIFICATE-----"; + + logger.LogTrace($"Start getting Server Certificate for {configInfo.Job.Alias}"); + certPem = beginCertificate + + Pemify(Convert.ToBase64String(store.GetCertificate(Alias).Certificate.GetEncoded())) + + endCertificate; + logger.LogTrace($"Finished getting Server Certificate for {configInfo.Job.Alias}"); + } + else + { + logger.LogTrace($"No Private Key get Cert Pem {configInfo.Job.Alias}"); + certPem = CertStart + Pemify(configInfo.Job.EntryContents) + CertEnd; + } + + logger.LogTrace($"Creating Cert API Add Request for {configInfo.Job.Alias}"); + var sslCertRequest = new SslCertificateRequest + { + SslCertificate = new SslCert + { + Action = "import", + CertificateType = "pem", + File = configInfo.Job.Alias.Replace(".pem", ".pem"), + FileHandle = configInfo.Job.Alias.Replace(".pem", ".pem") + } + }; + + logger.LogTrace($"Making API Call to Add Certificate For {configInfo.Job.Alias}"); + apiClient.AddCertificate(sslCertRequest, certPem); + logger.LogTrace($"Finished API Call to Add Certificate For {configInfo.Job.Alias}"); + + if (!string.IsNullOrEmpty(configInfo.Job.PfxPassword)) + { + logger.LogTrace($"Creating Key API Add Request for {configInfo.Job.Alias}"); + var sslKeyRequest = new SslKeyRequest + { + SslKey = new SslCertKey + { + Action = "import", + File = configInfo.Job.Alias.Replace(".pem", ".pem"), + FileHandle = configInfo.Job.Alias.Replace(".pem", ".pem") + } + }; + + logger.LogTrace($"Making Add Key API Call for {configInfo.Job.Alias}"); + apiClient.AddPrivateKey(sslKeyRequest, privateKeyString); + logger.LogTrace($"Finished Add Key API Call for {configInfo.Job.Alias}"); + } + + logger.LogTrace($"Starting Log Off for Add {configInfo.Job.Alias}"); + logger.LogTrace($"Finished Log Off for Add {configInfo.Job.Alias}"); + } + } +} \ No newline at end of file diff --git a/a10vthunder-orchestrator/a10vthunder-orchestrator.csproj b/a10vthunder-orchestrator/a10vthunder-orchestrator.csproj new file mode 100644 index 0000000..02e9deb --- /dev/null +++ b/a10vthunder-orchestrator/a10vthunder-orchestrator.csproj @@ -0,0 +1,20 @@ + + + + netcoreapp3.1 + true + a10vthunder_orchestrator + + + + + + + + + + + + + + diff --git a/a10vthunder-orchestrator/api/ApiClient.cs b/a10vthunder-orchestrator/api/ApiClient.cs new file mode 100644 index 0000000..7fdf17f --- /dev/null +++ b/a10vthunder-orchestrator/api/ApiClient.cs @@ -0,0 +1,319 @@ +using System; +using System.Collections.Generic; +using System.Configuration; +using System.Diagnostics.CodeAnalysis; +using System.IO; +using System.Net; +using System.Reflection; +using System.Text; +using CSS.Common.Logging; +using Newtonsoft.Json; + +namespace Keyfactor.Extensions.Orchestrator.vThunder.api +{ + [SuppressMessage("ReSharper", "ConstantConditionalAccessQualifier")] + public class ApiClient : LoggingClientBase, IDisposable + { + private static readonly Encoding Encoding = Encoding.UTF8; + public virtual string AuthenticationSignature { get; set; } + public string BaseUrl { get; set; } + public virtual string AllowInvalidCert { get; set; } + public string UserId { get; set; } + public string Password { get; set; } + public Configuration AppConfig { get; set; } + + + #region Interface Implementation + + public void Dispose() + { + LogOff(); + } + + #endregion + + #region Constructors + + public ApiClient(string user, string pass, string baseUrl) + { + BaseUrl = baseUrl; + UserId = user; + Password = pass; + } + + public ApiClient() + { + } + + #endregion + + #region Class Methods + + public virtual void Logon() + { + var authRequest = new AuthRequest + {Credentials = new Credentials {Username = UserId, Password = Password}}; + var strRequest = JsonConvert.SerializeObject(authRequest); + try + { + var strResponse = ApiRequestString("POST", "/axapi/v3/auth", "POST", strRequest, false, false); + var authSignatureResponse = JsonConvert.DeserializeObject(strResponse); + AuthenticationSignature = authSignatureResponse.Response.Signature; + } + catch (Exception ex) + { + Logger.Error($"Error Authenticating: {ex.Message}"); + } + } + + public virtual bool LogOff() + { + try + { + ApiRequestString("POST", "/axapi/v3/logoff", "POST", "", false, true); + return true; + } + catch (Exception) + { + return false; + } + } + + public virtual void AddCertificate(SslCertificateRequest sslCertRequest, string importCertificate) + { + var certData = Encoding.ASCII.GetBytes(importCertificate); + AddCertificate(sslCertRequest, certData); + } + + public virtual void AddCertificate(SslCertificateRequest sslCertRequest, byte[] certData) + { + var strRequest = JsonConvert.SerializeObject(sslCertRequest); + var requestArray = Encoding.ASCII.GetBytes(strRequest); + + // Generate post objects + var postParameters = new Dictionary + { + {"json", new FileParameter(requestArray, "a10.json", "application/json")}, + { + "file", + new FileParameter(certData, sslCertRequest.SslCertificate.File, "application/octet-stream") + } + }; + + // Create request and receive response + var userAgent = "Keyfactor Agent"; + var webResponse = MultipartFormDataPost("/axapi/v3/file/ssl-cert", userAgent, postParameters); + + using (var responseReader = new StreamReader(webResponse.GetResponseStream() ?? Stream.Null)) + { + responseReader.ReadToEnd(); + webResponse.Close(); + } + } + + public virtual bool AddPrivateKey(SslKeyRequest sslKeyRequest, string importCertificateKey) + { + var keyArray = Encoding.ASCII.GetBytes(importCertificateKey); + AddPrivateKey(sslKeyRequest, keyArray); + return true; + } + + public virtual void AddPrivateKey(SslKeyRequest sslKeyRequest, byte[] keyArray) + { + var strRequest = JsonConvert.SerializeObject(sslKeyRequest); + var requestArray = Encoding.ASCII.GetBytes(strRequest); + + // Generate post objects + var postParameters = new Dictionary + { + {"json", new FileParameter(requestArray, "a10.json", "application/json")}, + {"file", new FileParameter(keyArray, sslKeyRequest.SslKey.File, "application/octet-stream")} + }; + + // Create request and receive response + var userAgent = "Keyfactor Agent"; + var webResponse = MultipartFormDataPost("/axapi/v3/file/ssl-key", userAgent, postParameters); + + // Process response + using (var responseReader = new StreamReader(webResponse.GetResponseStream() ?? Stream.Null)) + { + responseReader.ReadToEnd(); + webResponse.Close(); + } + } + + public virtual SslCollectionResponse GetCertificates(string certName = "") + { + var strResponse = ApiRequestString("GET", + certName.Length == 0 + ? "/axapi/v3/slb/ssl-cert/oper" + : $"/axapi/v3/slb/ssl-cert/oper?name={certName}", "GET", "", false, true); + var sslColResponse = JsonConvert.DeserializeObject(strResponse); + return sslColResponse; + } + + public virtual string GetCertificate(string certificateName) + { + var strResponse = ApiRequestString("GET", $"/axapi/v3/file/ssl-cert/{certificateName}", "GET", "", false, + true); + return strResponse; + } + + public virtual void RemoveCertificate(DeleteCertBaseRequest deleteCertRoot) + { + ApiRequestString("POST", "/axapi/v3/pki/delete", "POST", JsonConvert.SerializeObject(deleteCertRoot), + false, true); + } + + public virtual HttpWebRequest CreateRequest(string baseUrl, string postUrl) + { + var objRequest = (HttpWebRequest) WebRequest.Create(BaseUrl + postUrl); + return objRequest; + } + + public virtual HttpWebResponse GetResponse(HttpWebRequest request) + { + return (HttpWebResponse) request.GetResponse(); + } + + public virtual string ApiRequestString(string strCall, string strPostUrl, string strMethod, + string strQueryString, + bool bWrite, bool bUseToken) + { + AppConfig = ConfigurationManager.OpenExeConfiguration(Assembly.GetExecutingAssembly().Location); + AllowInvalidCert = AppConfig.AppSettings.Settings["AllowInvalidCerts"].Value; + var objRequest = CreateRequest(BaseUrl, strPostUrl); + objRequest.Method = strMethod; + objRequest.ContentType = "application/json"; + if (bUseToken) + objRequest.Headers?.Add("Authorization", "A10 " + AuthenticationSignature); + + if (!string.IsNullOrEmpty(strQueryString) && strMethod == "POST") + { + var postBytes = Encoding.UTF8.GetBytes(strQueryString); + objRequest.ContentLength = postBytes.Length; + //This is for testing on an Azure VM with an invalid certificate + if (AllowInvalidCert == "true") + ServicePointManager.ServerCertificateValidationCallback = (a, b, c, d) => true; + using (var requestStream = objRequest.GetRequestStream()) + { + requestStream?.Write(postBytes, 0, postBytes.Length); + requestStream?.Close(); + } + } + + //This is for testing on an Azure VM with an invalid certificate + if (AllowInvalidCert == "true") + ServicePointManager.ServerCertificateValidationCallback = (a, b, c, d) => true; + var objResponse = GetResponse(objRequest); + + using (var strReader = new StreamReader(objResponse.GetResponseStream() ?? Stream.Null)) + { + var strResponse = strReader.ReadToEnd(); + return strResponse; + } + } + + public virtual HttpWebResponse MultipartFormDataPost(string postUrl, string userAgent, + Dictionary postParameters) + { + var boundary = $"{Guid.NewGuid():N}"; + var formDataBoundary = $"------------------------{boundary}"; + var contentType = "multipart/form-data; boundary=" + formDataBoundary; + + var formData = GetMultipartFormData(postParameters, boundary); + + return PostForm(postUrl, userAgent, contentType, formData); + } + + protected virtual HttpWebResponse PostForm(string postUrl, string userAgent, string contentType, + byte[] formData) + { + AppConfig = ConfigurationManager.OpenExeConfiguration(Assembly.GetExecutingAssembly().Location); + AllowInvalidCert = AppConfig.AppSettings.Settings["AllowInvalidCerts"].Value; + var request = CreateRequest(BaseUrl, postUrl); + if (request == null) throw new NullReferenceException("request is not a http request"); + + // Set up the request properties. + request.Method = "POST"; + request.ContentType = contentType; + request.UserAgent = userAgent; + request.ContentLength = formData.Length; + request.Headers.Add("Authorization", "A10 " + AuthenticationSignature); + //This is for testing on an Azure VM with an invalid certificate + if (AllowInvalidCert == "true") + ServicePointManager.ServerCertificateValidationCallback = (a, b, c, d) => true; + // Send the form data to the request. + using (var requestStream = request.GetRequestStream()) + { + requestStream?.Write(formData, 0, formData.Length); + requestStream?.Close(); + } + + //This is for testing on an Azure VM with an invalid certificate + if (AllowInvalidCert == "true") + ServicePointManager.ServerCertificateValidationCallback = (a, b, c, d) => true; + return request?.GetResponse() as HttpWebResponse; + } + + protected virtual byte[] GetMultipartFormData(Dictionary postParameters, string boundary) + { + byte[] formData; + using (Stream formDataStream = new MemoryStream()) + { + var needsClrf = false; + + foreach (var param in postParameters) + { + // Thanks to feedback from comment-ers, add a CRLF to allow multiple parameters to be added. + // Skip it on the first parameter, add it to subsequent parameters. + if (needsClrf) + formDataStream.Write(Encoding.GetBytes("\r\n"), 0, Encoding.GetByteCount("\r\n")); + + needsClrf = true; + + if (param.Value is FileParameter fileToUpload) + { + // Add just the first part of this param, since we will write the file data directly to the Stream + + var header = + $"--------------------------{boundary}\r\nContent-Disposition: form-data; name=\"{param.Key}\"; filename=\"{fileToUpload.FileName ?? param.Key}\"\r\nContent-Type: {fileToUpload.ContentType ?? "application/octet-stream"}\r\n\r\n"; + + formDataStream.Write(Encoding.GetBytes(header), 0, Encoding.GetByteCount(header)); + + // Write the file data directly to the Stream, rather than serializing it to a string. + formDataStream.Write(fileToUpload.File, 0, fileToUpload.File.Length); + } + } + + // Add the end of the request. Start with a newline + var footer = "\r\n--------------------------" + boundary + "--\r\n"; + formDataStream.Write(Encoding.GetBytes(footer), 0, Encoding.GetByteCount(footer)); + + // Dump the Stream into a byte[] + formDataStream.Position = 0; + formData = new byte[formDataStream.Length]; + formDataStream.Read(formData, 0, formData.Length); + formDataStream.Close(); + } + + return formData; + } + + public class FileParameter + { + public FileParameter(byte[] file, string filename, string contentType) + { + File = file; + FileName = filename; + ContentType = contentType; + } + + public byte[] File { get; set; } + public string FileName { get; set; } + public string ContentType { get; set; } + } + + #endregion + } +} \ No newline at end of file diff --git a/a10vthunder-orchestrator/api/AuthRequest.cs b/a10vthunder-orchestrator/api/AuthRequest.cs new file mode 100644 index 0000000..69dfb21 --- /dev/null +++ b/a10vthunder-orchestrator/api/AuthRequest.cs @@ -0,0 +1,11 @@ +namespace Keyfactor.Extensions.Orchestrator.vThunder.api +{ + #region JSON Request and Response Classes + + internal class AuthRequest + { + public Credentials Credentials { get; set; } + } + + #endregion +} \ No newline at end of file diff --git a/a10vthunder-orchestrator/api/AuthResponse.cs b/a10vthunder-orchestrator/api/AuthResponse.cs new file mode 100644 index 0000000..6f3395f --- /dev/null +++ b/a10vthunder-orchestrator/api/AuthResponse.cs @@ -0,0 +1,11 @@ +using Newtonsoft.Json; + +namespace Keyfactor.Extensions.Orchestrator.vThunder.api +{ + public class AuthResponse + { + [JsonProperty("signature")] public string Signature { get; set; } + + [JsonProperty("description")] public string Description { get; set; } + } +} \ No newline at end of file diff --git a/a10vthunder-orchestrator/api/AuthSignatureResponse.cs b/a10vthunder-orchestrator/api/AuthSignatureResponse.cs new file mode 100644 index 0000000..23fd6df --- /dev/null +++ b/a10vthunder-orchestrator/api/AuthSignatureResponse.cs @@ -0,0 +1,9 @@ +using Newtonsoft.Json; + +namespace Keyfactor.Extensions.Orchestrator.vThunder.api +{ + public class AuthSignatureResponse + { + [JsonProperty("authresponse")] public AuthResponse Response { get; set; } + } +} \ No newline at end of file diff --git a/a10vthunder-orchestrator/api/Credentials.cs b/a10vthunder-orchestrator/api/Credentials.cs new file mode 100644 index 0000000..e6633b0 --- /dev/null +++ b/a10vthunder-orchestrator/api/Credentials.cs @@ -0,0 +1,11 @@ +using Newtonsoft.Json; + +namespace Keyfactor.Extensions.Orchestrator.vThunder.api +{ + internal class Credentials + { + [JsonProperty("username")] public string Username { get; set; } + + [JsonProperty("password")] public string Password { get; set; } + } +} \ No newline at end of file diff --git a/a10vthunder-orchestrator/api/DeleteCertBaseRequest.cs b/a10vthunder-orchestrator/api/DeleteCertBaseRequest.cs new file mode 100644 index 0000000..5dfe79c --- /dev/null +++ b/a10vthunder-orchestrator/api/DeleteCertBaseRequest.cs @@ -0,0 +1,11 @@ +using Newtonsoft.Json; + +namespace Keyfactor.Extensions.Orchestrator.vThunder.api +{ + public class DeleteCertBaseRequest + { + [JsonProperty("delete", NullValueHandling = NullValueHandling.Ignore)] + public DeleteCertRequest DeleteCert { get; set; } + + } +} diff --git a/a10vthunder-orchestrator/api/DeleteCertRequest.cs b/a10vthunder-orchestrator/api/DeleteCertRequest.cs new file mode 100644 index 0000000..e174cd5 --- /dev/null +++ b/a10vthunder-orchestrator/api/DeleteCertRequest.cs @@ -0,0 +1,13 @@ +using Newtonsoft.Json; + +namespace Keyfactor.Extensions.Orchestrator.vThunder.api +{ + public class DeleteCertRequest + { + [JsonProperty("cert-name")] + public string CertName { get; set; } + + [JsonProperty("private-key",NullValueHandling=NullValueHandling.Ignore)] + public string PrivateKey { get; set; } + } +} diff --git a/a10vthunder-orchestrator/api/Operation.cs b/a10vthunder-orchestrator/api/Operation.cs new file mode 100644 index 0000000..29cc9ff --- /dev/null +++ b/a10vthunder-orchestrator/api/Operation.cs @@ -0,0 +1,9 @@ +using Newtonsoft.Json; + +namespace Keyfactor.Extensions.Orchestrator.vThunder.api +{ + public class Operation + { + [JsonProperty("oper")] public SslCertificateCollection Oper { get; set; } + } +} \ No newline at end of file diff --git a/a10vthunder-orchestrator/api/SslCert.cs b/a10vthunder-orchestrator/api/SslCert.cs new file mode 100644 index 0000000..1f4828a --- /dev/null +++ b/a10vthunder-orchestrator/api/SslCert.cs @@ -0,0 +1,15 @@ +using Newtonsoft.Json; + +namespace Keyfactor.Extensions.Orchestrator.vThunder.api +{ + public class SslCert + { + [JsonProperty("certificate-type")] public string CertificateType { get; set; } + + [JsonProperty("action")] public string Action { get; set; } + + [JsonProperty("file")] public string File { get; set; } + + [JsonProperty("file-handle")] public string FileHandle { get; set; } + } +} \ No newline at end of file diff --git a/a10vthunder-orchestrator/api/SslCertKey.cs b/a10vthunder-orchestrator/api/SslCertKey.cs new file mode 100644 index 0000000..1d935bb --- /dev/null +++ b/a10vthunder-orchestrator/api/SslCertKey.cs @@ -0,0 +1,13 @@ +using Newtonsoft.Json; + +namespace Keyfactor.Extensions.Orchestrator.vThunder.api +{ + public class SslCertKey + { + [JsonProperty("action")] public string Action { get; set; } + + [JsonProperty("file")] public string File { get; set; } + + [JsonProperty("file-handle")] public string FileHandle { get; set; } + } +} \ No newline at end of file diff --git a/a10vthunder-orchestrator/api/SslCertificate.cs b/a10vthunder-orchestrator/api/SslCertificate.cs new file mode 100644 index 0000000..fe19b0d --- /dev/null +++ b/a10vthunder-orchestrator/api/SslCertificate.cs @@ -0,0 +1,27 @@ +using Newtonsoft.Json; + +namespace Keyfactor.Extensions.Orchestrator.vThunder.api +{ + public class SslCertificate + { + [JsonProperty("name")] public string Name { get; set; } + + [JsonProperty("type")] public string Type { get; set; } + + [JsonProperty("serial")] public string Serial { get; set; } + + [JsonProperty("notbefore")] public string NotBefore { get; set; } + + [JsonProperty("notafter")] public string NotAfter { get; set; } + + [JsonProperty("common-name")] public string CommonName { get; set; } + + [JsonProperty("organization")] public string Organization { get; set; } + + [JsonProperty("subject")] public string Subject { get; set; } + + [JsonProperty("issuer")] public string Issuer { get; set; } + + [JsonProperty("status")] public string Status { get; set; } + } +} \ No newline at end of file diff --git a/a10vthunder-orchestrator/api/SslCertificateCollection.cs b/a10vthunder-orchestrator/api/SslCertificateCollection.cs new file mode 100644 index 0000000..ff51830 --- /dev/null +++ b/a10vthunder-orchestrator/api/SslCertificateCollection.cs @@ -0,0 +1,9 @@ +using Newtonsoft.Json; + +namespace Keyfactor.Extensions.Orchestrator.vThunder.api +{ + public class SslCertificateCollection + { + [JsonProperty("ssl-certs")] public SslCertificate[] SslCertificates { get; set; } + } +} \ No newline at end of file diff --git a/a10vthunder-orchestrator/api/SslCertificateRequest.cs b/a10vthunder-orchestrator/api/SslCertificateRequest.cs new file mode 100644 index 0000000..140dc7f --- /dev/null +++ b/a10vthunder-orchestrator/api/SslCertificateRequest.cs @@ -0,0 +1,9 @@ +using Newtonsoft.Json; + +namespace Keyfactor.Extensions.Orchestrator.vThunder.api +{ + public class SslCertificateRequest + { + [JsonProperty("ssl-cert")] public SslCert SslCertificate { get; set; } + } +} \ No newline at end of file diff --git a/a10vthunder-orchestrator/api/SslCollectionResponse.cs b/a10vthunder-orchestrator/api/SslCollectionResponse.cs new file mode 100644 index 0000000..c1f6af1 --- /dev/null +++ b/a10vthunder-orchestrator/api/SslCollectionResponse.cs @@ -0,0 +1,9 @@ +using Newtonsoft.Json; + +namespace Keyfactor.Extensions.Orchestrator.vThunder.api +{ + public class SslCollectionResponse + { + [JsonProperty("ssl-cert")] public Operation SslCertificate { get; set; } + } +} \ No newline at end of file diff --git a/a10vthunder-orchestrator/api/SslKeyRequest.cs b/a10vthunder-orchestrator/api/SslKeyRequest.cs new file mode 100644 index 0000000..8889a07 --- /dev/null +++ b/a10vthunder-orchestrator/api/SslKeyRequest.cs @@ -0,0 +1,9 @@ +using Newtonsoft.Json; + +namespace Keyfactor.Extensions.Orchestrator.vThunder.api +{ + public class SslKeyRequest + { + [JsonProperty("ssl-key")] public SslCertKey SslKey { get; set; } + } +} \ No newline at end of file diff --git a/integration-manifest.json b/integration-manifest.json new file mode 100644 index 0000000..de7261c --- /dev/null +++ b/integration-manifest.json @@ -0,0 +1,7 @@ +{ + "$schema": "https://keyfactor.github.io/integration-manifest-schema.json", + "integration_type": "windows-orchestrator", + "name": "a10vThunder", + "status": "Production", + "description": "A10 vThunder AnyAgent allows an organization to inventory and deploy certificates in any domain that the appliance services. The AnyAgent deploys the appropriate files (.cer, .pem) within the defined directories and also performs and Inventory on the Items." +} From fd5f33e93d3122721eaa53d7002d0b1d41afa288 Mon Sep 17 00:00:00 2001 From: Lee Fine Date: Tue, 10 May 2022 15:58:30 -0400 Subject: [PATCH 04/20] changes --- a10vthunder-orchestrator/AnyError.cs | 15 --- a10vthunder-orchestrator/AnyErrors.cs | 36 ++++++ a10vthunder-orchestrator/CertManager.cs | 21 ++-- a10vthunder-orchestrator/InventoryResult.cs | 4 +- a10vthunder-orchestrator/Jobs/AgentJob.cs | 52 -------- a10vthunder-orchestrator/Jobs/Inventory.cs | 38 +++--- a10vthunder-orchestrator/Jobs/Management.cs | 130 ++++++++++---------- a10vthunder-orchestrator/api/ApiClient.cs | 31 ++--- 8 files changed, 156 insertions(+), 171 deletions(-) delete mode 100644 a10vthunder-orchestrator/AnyError.cs create mode 100644 a10vthunder-orchestrator/AnyErrors.cs delete mode 100644 a10vthunder-orchestrator/Jobs/AgentJob.cs diff --git a/a10vthunder-orchestrator/AnyError.cs b/a10vthunder-orchestrator/AnyError.cs deleted file mode 100644 index 331594f..0000000 --- a/a10vthunder-orchestrator/AnyError.cs +++ /dev/null @@ -1,15 +0,0 @@ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; -using System.Threading.Tasks; - -namespace Keyfactor.AnyAgent.vThunder -{ - public class AnyErrors - { - public virtual bool HasError { get; set; } - - public virtual string ErrorMessage { get; set; } - } -} \ No newline at end of file diff --git a/a10vthunder-orchestrator/AnyErrors.cs b/a10vthunder-orchestrator/AnyErrors.cs new file mode 100644 index 0000000..60fc478 --- /dev/null +++ b/a10vthunder-orchestrator/AnyErrors.cs @@ -0,0 +1,36 @@ +using System; +using Keyfactor.Logging; +using Microsoft.Extensions.Logging; +using Keyfactor.Orchestrators.Extensions; +using Keyfactor.Orchestrators.Common.Enums; + +namespace Keyfactor.Extensions.Orchestrator.vThunder +{ + public class AnyErrors + { + public virtual bool HasError { get; set; } + + public virtual string ErrorMessage { get; set; } + + public static JobResult ThrowError(ILogger logger, Exception exception, string className, string jobSection) + { + var message = FlattenException(exception); + + logger.LogError($"Error performing {jobSection} in {className} {WindowsUserAnyAgentConstants.StoreTypeName} - {message}"); + return new JobResult + { + Result = OrchestratorJobStatusJobResult.Failure, + FailureMessage = message + }; + } + + private static string FlattenException(Exception ex) + { + var returnMessage = ex.Message; + if (ex.InnerException != null) + returnMessage += " - " + FlattenException(ex.InnerException); + + return returnMessage; + } + } +} \ No newline at end of file diff --git a/a10vthunder-orchestrator/CertManager.cs b/a10vthunder-orchestrator/CertManager.cs index cca001c..074eac3 100644 --- a/a10vthunder-orchestrator/CertManager.cs +++ b/a10vthunder-orchestrator/CertManager.cs @@ -2,14 +2,17 @@ using System.Collections.Generic; using System.Security.Cryptography.X509Certificates; using System.Text; -using CSS.Common.Logging; + using Keyfactor.Extensions.Orchestrator.vThunder.api; -using Keyfactor.Platform.Extensions.Agents; -using Keyfactor.Platform.Extensions.Agents.Enums; +using Keyfactor.Orchestrators.Extensions; +using Keyfactor.Orchestrators.Common.Enums; +using Keyfactor.Logging; + +using Microsoft.Extensions.Logging; namespace Keyfactor.Extensions.Orchestrator.vThunder { - public class CertManager : LoggingClientBase + public class CertManager { public virtual InventoryResult GetCert(ApiClient apiClient, string certName) { @@ -27,6 +30,8 @@ public virtual InventoryResult GetCerts(ApiClient apiClient) public virtual InventoryResult InventoryResult(ApiClient apiClient, string certName = "") { + ILogger logger = LogHandler.GetClassLogger(); + var result = new InventoryResult(); var error = new AnyErrors {HasError = false}; @@ -36,7 +41,7 @@ public virtual InventoryResult InventoryResult(ApiClient apiClient, string certN CertificateCollection = certName == "" ? apiClient.GetCertificates() : apiClient.GetCertificates(certName); - var inventoryItems = new List(); + var inventoryItems = new List(); logger.LogTrace("Start loop"); @@ -58,19 +63,19 @@ public virtual InventoryResult InventoryResult(ApiClient apiClient, string certN logger.LogTrace($"Add to list: {cc.Name}"); if (cert.Thumbprint != null) inventoryItems.Add( - new AgentCertStoreInventoryItem + new CurrentInventoryItem { Certificates = new[] {CertificateDetails}, Alias = cc.Name, PrivateKeyEntry = privateKeyEntry, - ItemStatus = AgentInventoryItemStatus.Unknown, + ItemStatus = OrchestratorInventoryItemStatus.Unknown, UseChainLevel = true }); } catch (Exception ex) { - Logger.Error($"Certificate not retrievable: Error on {cc.Name}: {ex.Message}"); + logger.LogError($"Certificate not retrievable: Error on {cc.Name}: {ex.Message}"); error.ErrorMessage = ex.Message; error.HasError = true; } diff --git a/a10vthunder-orchestrator/InventoryResult.cs b/a10vthunder-orchestrator/InventoryResult.cs index f40a380..ee612a5 100644 --- a/a10vthunder-orchestrator/InventoryResult.cs +++ b/a10vthunder-orchestrator/InventoryResult.cs @@ -1,5 +1,5 @@ using System.Collections.Generic; -using Keyfactor.Platform.Extensions.Agents; +using Keyfactor.Orchestrators.Extensions; namespace Keyfactor.Extensions.Orchestrator.vThunder { @@ -7,6 +7,6 @@ public class InventoryResult { public virtual AnyErrors Errors { get; set; } - public virtual List InventoryList { get; set; } + public virtual List InventoryList { get; set; } } } diff --git a/a10vthunder-orchestrator/Jobs/AgentJob.cs b/a10vthunder-orchestrator/Jobs/AgentJob.cs deleted file mode 100644 index fcab17d..0000000 --- a/a10vthunder-orchestrator/Jobs/AgentJob.cs +++ /dev/null @@ -1,52 +0,0 @@ -using System; -using System.Linq; -using CSS.Common.Logging; -using Keyfactor.Orchestrators.Extensions; -using Keyfactor.Orchestrators.Common.Enums; - -namespace Keyfactor.Extensions.Orchestrator.vThunder.Jobs -{ - public abstract class AgentJob : LoggingClientBase, IAgentJobExtension - { - public string ExtensionName => ""; - - protected JobResult Success(string message = null) - { - return new JobResult - { - Result = OrchestratorJobStatusJobResult.Success, - }; - } - - protected JobResult Warning(string message = null) - { - return new JobResult - { - Result = OrchestratorJobStatusJobResult.Warning, - FailureMessage = message ?? $"{this.GetType().Name} {WindowsUserAnyAgentConstants.StoreTypeName} Complete With Warnings" - }; - } - - protected JobResult ThrowError(Exception exception, string jobSection) - { - var message = FlattenException(exception); - ILogger logger = LogHandler.GetClassLogger(); - - logger.LogError($"Error performing {jobSection} in {this.GetType().Name} {WindowsUserAnyAgentConstants.StoreTypeName} - {message}"); - return new JobResult - { - Result = OrchestratorJobStatusJobResult.Failure, - FailureMessage = message - }; - } - - private string FlattenException(Exception ex) - { - var returnMessage = ex.Message; - if (ex.InnerException != null) - returnMessage += " - " + FlattenException(ex.InnerException); - - return returnMessage; - } - } -} \ No newline at end of file diff --git a/a10vthunder-orchestrator/Jobs/Inventory.cs b/a10vthunder-orchestrator/Jobs/Inventory.cs index da66c04..3250bf9 100644 --- a/a10vthunder-orchestrator/Jobs/Inventory.cs +++ b/a10vthunder-orchestrator/Jobs/Inventory.cs @@ -1,11 +1,16 @@ using System; -using System.Configuration; using System.Reflection; + using Keyfactor.Extensions.Orchestrator.vThunder.api; using Keyfactor.Extensions.Orchestrator.vThunder.Exceptions; +using Keyfactor.Logging; using Keyfactor.Orchestrators.Extensions; using Keyfactor.Orchestrators.Common.Enums; +using Microsoft.Extensions.Logging; + +using Newtonsoft.Json; + namespace Keyfactor.Extensions.Orchestrator.vThunder { public class Inventory : IInventoryJobExtension @@ -16,42 +21,43 @@ public class Inventory : IInventoryJobExtension protected internal virtual CertManager CertificateManager { get; set; } protected internal virtual ApiClient ApiClient { get; set; } protected internal virtual string Protocol { get; set; } - protected internal virtual Configuration AppConfig { get; set; } + protected internal virtual bool AllowInvalidCert { get; set; } protected internal virtual bool ReturnValue { get; set; } - public override JobResult processJob(AnyJobConfigInfo config, SubmitInventoryUpdate submitInventory, - SubmitEnrollmentRequest submitEnrollmentRequest, SubmitDiscoveryResults sdr) + public JobResult ProcessJob(InventoryJobConfiguration config, SubmitInventoryUpdate submitInventory) { - AppConfig = ConfigurationManager.OpenExeConfiguration(Assembly.GetExecutingAssembly().Location); - Protocol = AppConfig.AppSettings.Settings["Protocol"].Value; + ILogger logger = LogHandler.GetClassLogger(); + + dynamic properties = JsonConvert.DeserializeObject(config.CertificateStoreDetails.Properties.ToString()); + Protocol = properties.protocol == null || string.IsNullOrEmpty(properties.protocol.Value) ? "https" : properties.protocol.Value; + AllowInvalidCert = properties.allowInvalidCert == null || string.IsNullOrEmpty(properties.allowInvalidCert.Value) ? "https" : bool.Parse(properties.protallowInvalidCertocol.Value); - using (ApiClient = new ApiClient(config.Server.Username, config.Server.Password, - $"{Protocol}://{config.Store.ClientMachine.Trim()}")) + using (ApiClient = new ApiClient(config.ServerUsername, config.CertificateStoreDetails.StorePassword, + $"{Protocol}://{config.CertificateStoreDetails.ClientMachine.Trim()}", AllowInvalidCert)) { ApiClient.Logon(); try { - logger.LogTrace("Parse: Certificate Inventory: " + config.Store.StorePath); - logger.LogTrace($"Certificate Store: {config.Store.StoretypeShortName}"); + logger.LogTrace("Parse: Certificate Inventory: " + config.CertificateStoreDetails.StorePath); + logger.LogTrace($"Certificate Store: {config.CertificateStoreDetails.ClientMachine} {config.CertificateStoreDetails.StorePath}"); logger.LogTrace("Entering A10 VThunder DataPower: Certificate Inventory"); - logger.LogTrace($"Entering processJob for Certificate Store: {config.Store.StoretypeShortName}"); + logger.LogTrace($"Entering processJob for Certificate Store: {config.CertificateStoreDetails.ClientMachine} {config.CertificateStoreDetails.StorePath}"); CertificateManager = new CertManager(); Result = CertificateManager.GetCerts(ApiClient); ReturnValue = submitInventory.Invoke(Result.InventoryList); if (ReturnValue == false) - return ThrowError(new InvalidInventoryInvokeException(), "Inventory"); + return AnyErrors.ThrowError(logger, new InvalidInventoryInvokeException(), this.GetType().Name, "Inventory"); if (Result.Errors.HasError) - return Warning( - $"Inventory had issues retrieving some certificates: {Result.Errors.ErrorMessage}"); + return new JobResult() { JobHistoryId = config.JobHistoryId, FailureMessage = $"Inventory had issues retrieving some certificates: {Result.Errors.ErrorMessage}", Result = OrchestratorJobStatusJobResult.Warning }; - return Success(); + return new JobResult() { JobHistoryId = config.JobHistoryId, Result = OrchestratorJobStatusJobResult.Success }; } catch (Exception e) { - return ThrowError(e, "Inventory"); + return AnyErrors.ThrowError(logger, e, this.GetType().Name, "Inventory"); } } } diff --git a/a10vthunder-orchestrator/Jobs/Management.cs b/a10vthunder-orchestrator/Jobs/Management.cs index 305a38a..efc97e7 100644 --- a/a10vthunder-orchestrator/Jobs/Management.cs +++ b/a10vthunder-orchestrator/Jobs/Management.cs @@ -13,6 +13,8 @@ using Microsoft.Extensions.Logging; +using Newtonsoft.Json; + using Org.BouncyCastle.Crypto; using Org.BouncyCastle.OpenSsl; using Org.BouncyCastle.Pkcs; @@ -27,100 +29,102 @@ public class Management : IManagementJobExtension ss.Length <= 64 ? ss : ss.Substring(0, 64) + "\n" + Pemify(ss.Substring(64)); protected internal virtual string Protocol { get; set; } + protected internal virtual bool AllowInvalidCert { get; set; } protected internal virtual ApiClient ApiClient { get; set; } protected internal virtual CertManager CertManager { get; set; } - protected internal virtual Configuration AppConfig { get; set; } protected internal virtual InventoryResult InventoryResult { get; set; } protected internal virtual bool ExistingCert { get; set; } protected internal virtual string CertStart { get; set; } = "-----BEGIN CERTIFICATE-----\n"; protected internal virtual string CertEnd { get; set; } = "\n-----END CERTIFICATE-----"; protected internal virtual string Alias { get; set; } - public override JobResult processJob(ManagementJobConfiguration config) + public JobResult ProcessJob(ManagementJobConfiguration config) { ILogger logger = LogHandler.GetClassLogger(); + dynamic properties = JsonConvert.DeserializeObject(config.CertificateStoreDetails.Properties.ToString()); + Protocol = properties.protocol == null || string.IsNullOrEmpty(properties.protocol.Value) ? "https" : properties.protocol.Value; + AllowInvalidCert = properties.allowInvalidCert == null || string.IsNullOrEmpty(properties.allowInvalidCert.Value) ? "https" : bool.Parse(properties.protallowInvalidCertocol.Value); + CertManager = new CertManager(); - AppConfig = ConfigurationManager.OpenExeConfiguration(Assembly.GetExecutingAssembly().Location); - Protocol = AppConfig.AppSettings.Settings["Protocol"].Value; logger.LogTrace($"Ending Management Constructor Protocol is {Protocol}"); - using (ApiClient = new ApiClient(config.Server.Username, config.Server.Password, - $"{Protocol}://{config.Store.ClientMachine.Trim()}")) + using (ApiClient = new ApiClient(config.ServerUsername, config.CertificateStoreDetails.StorePassword, + $"{Protocol}://{config.CertificateStoreDetails.ClientMachine.Trim()}", AllowInvalidCert)) { - if (string.IsNullOrEmpty(config.Job.Alias)) - return ThrowError(new ArgumentException("Missing Alias/Overwrite, Operation Cannot Be Completed"), - "Management Add/Replace"); + if (string.IsNullOrEmpty(config.JobCertificate.Alias)) + return AnyErrors.ThrowError(logger, new ArgumentException("Missing Alias/Overwrite, Operation Cannot Be Completed"), + this.GetType().Name, "Management Add/Replace"); ApiClient.Logon(); - InventoryResult = CertManager.GetCert(ApiClient, config.Job.Alias); + InventoryResult = CertManager.GetCert(ApiClient, config.JobCertificate.Alias); ExistingCert = InventoryResult != null && InventoryResult?.InventoryList?.Count == 1; - switch (config.Job.OperationType) + switch (config.OperationType) { - case AnyJobOperationType.Add: + case CertStoreOperationType.Add: try { if (ExistingCert) { - logger.LogTrace($"Starting Replace Job for {config.Job.Alias}"); - Replace(config, InventoryResult, ApiClient); - logger.LogTrace($"Finishing Replace Job for {config.Job.Alias}"); + logger.LogTrace($"Starting Replace Job for {config.JobCertificate.Alias}"); + Replace(logger, config, InventoryResult, ApiClient); + logger.LogTrace($"Finishing Replace Job for {config.JobCertificate.Alias}"); } else { - logger.LogTrace($"Starting Add Job for {config.Job.Alias}"); - Add(config, ApiClient); - logger.LogTrace($"Finishing Add Job for {config.Job.Alias}"); + logger.LogTrace($"Starting Add Job for {config.JobCertificate.Alias}"); + Add(logger, config, ApiClient); + logger.LogTrace($"Finishing Add Job for {config.JobCertificate.Alias}"); } } catch (Exception e) { - return ThrowError(e, "Error Adding Certificate"); + return AnyErrors.ThrowError(logger, e, this.GetType().Name, "Error Adding Certificate"); } break; - case AnyJobOperationType.Remove: + case CertStoreOperationType.Remove: try { - logger.LogTrace($"Starting Remove Job for {config.Job.Alias}"); - Remove(config, InventoryResult, ApiClient); - logger.LogTrace($"Finishing Remove Job for {config.Job.Alias}"); + logger.LogTrace($"Starting Remove Job for {config.JobCertificate.Alias}"); + Remove(logger, config, InventoryResult, ApiClient); + logger.LogTrace($"Finishing Remove Job for {config.JobCertificate.Alias}"); } catch (Exception e) { - return ThrowError(e, "Error Removing Certificate"); + return AnyErrors.ThrowError(logger, e, this.GetType().Name, "Error Removing Certificate"); } break; default: - return ThrowError(new UnSupportedOperationException(), "Management"); + return AnyErrors.ThrowError(logger, new UnSupportedOperationException(), this.GetType().Name, "Management"); } - logger.LogTrace($"Finishing Process Job for {config.Job.Alias}"); - return Success("Management Job Completed"); + logger.LogTrace($"Finishing Process Job for {config.JobCertificate.Alias}"); + return new JobResult() { JobHistoryId = config.JobHistoryId, Result = OrchestratorJobStatusJobResult.Success }; } } - protected internal virtual void Replace(AnyJobConfigInfo config, InventoryResult inventoryResult, + protected internal virtual void Replace(ILogger logger, ManagementJobConfiguration config, InventoryResult inventoryResult, ApiClient apiClient) { - Remove(config, inventoryResult, apiClient); - Add(config, apiClient); + Remove(logger, config, inventoryResult, apiClient); + Add(logger, config, apiClient); } - protected internal virtual void Remove(AnyJobConfigInfo configInfo, InventoryResult inventoryResult, + protected internal virtual void Remove(ILogger logger, ManagementJobConfiguration configInfo, InventoryResult inventoryResult, ApiClient apiClient) { - logger.LogTrace($"Start Delete the {configInfo.Job.Alias} Private Key"); + logger.LogTrace($"Start Delete the {configInfo.JobCertificate.Alias} Private Key"); DeleteCertBaseRequest deleteKeyRoot; if (inventoryResult.InventoryList[0].PrivateKeyEntry) deleteKeyRoot = new DeleteCertBaseRequest { DeleteCert = new DeleteCertRequest { - CertName = configInfo.Job.Alias, - PrivateKey = configInfo.Job.Alias + CertName = configInfo.JobCertificate.Alias, + PrivateKey = configInfo.JobCertificate.Alias } }; else @@ -128,46 +132,46 @@ protected internal virtual void Remove(AnyJobConfigInfo configInfo, InventoryRes { DeleteCert = new DeleteCertRequest { - CertName = configInfo.Job.Alias + CertName = configInfo.JobCertificate.Alias } }; apiClient.RemoveCertificate(deleteKeyRoot); - logger.LogTrace($"Successful Delete of the {configInfo.Job.Alias} Private Key"); + logger.LogTrace($"Successful Delete of the {configInfo.JobCertificate.Alias} Private Key"); } - protected internal virtual void Add(AnyJobConfigInfo configInfo, ApiClient apiClient) + protected internal virtual void Add(ILogger logger, ManagementJobConfiguration configInfo, ApiClient apiClient) { - logger.LogTrace($"Entering Add Function for {configInfo.Job.Alias}"); + logger.LogTrace($"Entering Add Function for {configInfo.JobCertificate.Alias}"); var privateKeyString = ""; string certPem; - if (!string.IsNullOrEmpty(configInfo.Job.PfxPassword)) + if (!string.IsNullOrEmpty(configInfo.JobCertificate.PrivateKeyPassword)) { - logger.LogTrace($"Pfx Password exists getting Private Key string for {configInfo.Job.Alias}"); - var certData = Convert.FromBase64String(configInfo.Job.EntryContents); + logger.LogTrace($"Pfx Password exists getting Private Key string for {configInfo.JobCertificate.Alias}"); + var certData = Convert.FromBase64String(configInfo.JobCertificate.Contents); var store = new Pkcs12Store(new MemoryStream(certData), - configInfo.Job.PfxPassword.ToCharArray()); + configInfo.JobCertificate.PrivateKeyPassword.ToCharArray()); using (var memoryStream = new MemoryStream()) { using (TextWriter streamWriter = new StreamWriter(memoryStream)) { var pemWriter = new PemWriter(streamWriter); - logger.LogTrace($"Getting Public Key for {configInfo.Job.Alias}"); + logger.LogTrace($"Getting Public Key for {configInfo.JobCertificate.Alias}"); Alias = store.Aliases.Cast().SingleOrDefault(a => store.IsKeyEntry(a)); var publicKey = store.GetCertificate(Alias).Certificate.GetPublicKey(); - logger.LogTrace($"Getting Private Key for {configInfo.Job.Alias}"); + logger.LogTrace($"Getting Private Key for {configInfo.JobCertificate.Alias}"); var privateKey = store.GetKey(Alias).Key; var keyPair = new AsymmetricCipherKeyPair(publicKey, privateKey); - logger.LogTrace($"Writing Private Key for {configInfo.Job.Alias}"); + logger.LogTrace($"Writing Private Key for {configInfo.JobCertificate.Alias}"); pemWriter.WriteObject(keyPair.Private); streamWriter.Flush(); privateKeyString = Encoding.ASCII.GetString(memoryStream.GetBuffer()).Trim() .Replace("\r", "").Replace("\0", ""); memoryStream.Close(); streamWriter.Close(); - logger.LogTrace($"Private Key String Retrieved for {configInfo.Job.Alias}"); + logger.LogTrace($"Private Key String Retrieved for {configInfo.JobCertificate.Alias}"); } } @@ -175,54 +179,54 @@ protected internal virtual void Add(AnyJobConfigInfo configInfo, ApiClient apiCl var beginCertificate = "-----BEGIN CERTIFICATE-----\n"; var endCertificate = "\n-----END CERTIFICATE-----"; - logger.LogTrace($"Start getting Server Certificate for {configInfo.Job.Alias}"); + logger.LogTrace($"Start getting Server Certificate for {configInfo.JobCertificate.Alias}"); certPem = beginCertificate + Pemify(Convert.ToBase64String(store.GetCertificate(Alias).Certificate.GetEncoded())) + endCertificate; - logger.LogTrace($"Finished getting Server Certificate for {configInfo.Job.Alias}"); + logger.LogTrace($"Finished getting Server Certificate for {configInfo.JobCertificate.Alias}"); } else { - logger.LogTrace($"No Private Key get Cert Pem {configInfo.Job.Alias}"); - certPem = CertStart + Pemify(configInfo.Job.EntryContents) + CertEnd; + logger.LogTrace($"No Private Key get Cert Pem {configInfo.JobCertificate.Alias}"); + certPem = CertStart + Pemify(configInfo.JobCertificate.Contents) + CertEnd; } - logger.LogTrace($"Creating Cert API Add Request for {configInfo.Job.Alias}"); + logger.LogTrace($"Creating Cert API Add Request for {configInfo.JobCertificate.Alias}"); var sslCertRequest = new SslCertificateRequest { SslCertificate = new SslCert { Action = "import", CertificateType = "pem", - File = configInfo.Job.Alias.Replace(".pem", ".pem"), - FileHandle = configInfo.Job.Alias.Replace(".pem", ".pem") + File = configInfo.JobCertificate.Alias.Replace(".pem", ".pem"), + FileHandle = configInfo.JobCertificate.Alias.Replace(".pem", ".pem") } }; - logger.LogTrace($"Making API Call to Add Certificate For {configInfo.Job.Alias}"); + logger.LogTrace($"Making API Call to Add Certificate For {configInfo.JobCertificate.Alias}"); apiClient.AddCertificate(sslCertRequest, certPem); - logger.LogTrace($"Finished API Call to Add Certificate For {configInfo.Job.Alias}"); + logger.LogTrace($"Finished API Call to Add Certificate For {configInfo.JobCertificate.Alias}"); - if (!string.IsNullOrEmpty(configInfo.Job.PfxPassword)) + if (!string.IsNullOrEmpty(configInfo.JobCertificate.PrivateKeyPassword)) { - logger.LogTrace($"Creating Key API Add Request for {configInfo.Job.Alias}"); + logger.LogTrace($"Creating Key API Add Request for {configInfo.JobCertificate.Alias}"); var sslKeyRequest = new SslKeyRequest { SslKey = new SslCertKey { Action = "import", - File = configInfo.Job.Alias.Replace(".pem", ".pem"), - FileHandle = configInfo.Job.Alias.Replace(".pem", ".pem") + File = configInfo.JobCertificate.Alias.Replace(".pem", ".pem"), + FileHandle = configInfo.JobCertificate.Alias.Replace(".pem", ".pem") } }; - logger.LogTrace($"Making Add Key API Call for {configInfo.Job.Alias}"); + logger.LogTrace($"Making Add Key API Call for {configInfo.JobCertificate.Alias}"); apiClient.AddPrivateKey(sslKeyRequest, privateKeyString); - logger.LogTrace($"Finished Add Key API Call for {configInfo.Job.Alias}"); + logger.LogTrace($"Finished Add Key API Call for {configInfo.JobCertificate.Alias}"); } - logger.LogTrace($"Starting Log Off for Add {configInfo.Job.Alias}"); - logger.LogTrace($"Finished Log Off for Add {configInfo.Job.Alias}"); + logger.LogTrace($"Starting Log Off for Add {configInfo.JobCertificate.Alias}"); + logger.LogTrace($"Finished Log Off for Add {configInfo.JobCertificate.Alias}"); } } } \ No newline at end of file diff --git a/a10vthunder-orchestrator/api/ApiClient.cs b/a10vthunder-orchestrator/api/ApiClient.cs index 7fdf17f..2544660 100644 --- a/a10vthunder-orchestrator/api/ApiClient.cs +++ b/a10vthunder-orchestrator/api/ApiClient.cs @@ -1,26 +1,28 @@ using System; using System.Collections.Generic; -using System.Configuration; using System.Diagnostics.CodeAnalysis; using System.IO; using System.Net; using System.Reflection; using System.Text; -using CSS.Common.Logging; + +using Keyfactor.Logging; + +using Microsoft.Extensions.Logging; + using Newtonsoft.Json; namespace Keyfactor.Extensions.Orchestrator.vThunder.api { [SuppressMessage("ReSharper", "ConstantConditionalAccessQualifier")] - public class ApiClient : LoggingClientBase, IDisposable + public class ApiClient : IDisposable { private static readonly Encoding Encoding = Encoding.UTF8; public virtual string AuthenticationSignature { get; set; } public string BaseUrl { get; set; } - public virtual string AllowInvalidCert { get; set; } + public virtual bool AllowInvalidCert { get; set; } public string UserId { get; set; } public string Password { get; set; } - public Configuration AppConfig { get; set; } #region Interface Implementation @@ -34,11 +36,12 @@ public void Dispose() #region Constructors - public ApiClient(string user, string pass, string baseUrl) + public ApiClient(string user, string pass, string baseUrl, bool allowInvalidCert) { BaseUrl = baseUrl; UserId = user; Password = pass; + AllowInvalidCert = allowInvalidCert; } public ApiClient() @@ -51,6 +54,8 @@ public ApiClient() public virtual void Logon() { + ILogger logger = LogHandler.GetClassLogger(); + var authRequest = new AuthRequest {Credentials = new Credentials {Username = UserId, Password = Password}}; var strRequest = JsonConvert.SerializeObject(authRequest); @@ -62,7 +67,7 @@ public virtual void Logon() } catch (Exception ex) { - Logger.Error($"Error Authenticating: {ex.Message}"); + logger.LogError($"Error Authenticating: {ex.Message}"); } } @@ -180,8 +185,6 @@ public virtual string ApiRequestString(string strCall, string strPostUrl, string string strQueryString, bool bWrite, bool bUseToken) { - AppConfig = ConfigurationManager.OpenExeConfiguration(Assembly.GetExecutingAssembly().Location); - AllowInvalidCert = AppConfig.AppSettings.Settings["AllowInvalidCerts"].Value; var objRequest = CreateRequest(BaseUrl, strPostUrl); objRequest.Method = strMethod; objRequest.ContentType = "application/json"; @@ -193,7 +196,7 @@ public virtual string ApiRequestString(string strCall, string strPostUrl, string var postBytes = Encoding.UTF8.GetBytes(strQueryString); objRequest.ContentLength = postBytes.Length; //This is for testing on an Azure VM with an invalid certificate - if (AllowInvalidCert == "true") + if (AllowInvalidCert) ServicePointManager.ServerCertificateValidationCallback = (a, b, c, d) => true; using (var requestStream = objRequest.GetRequestStream()) { @@ -203,7 +206,7 @@ public virtual string ApiRequestString(string strCall, string strPostUrl, string } //This is for testing on an Azure VM with an invalid certificate - if (AllowInvalidCert == "true") + if (AllowInvalidCert) ServicePointManager.ServerCertificateValidationCallback = (a, b, c, d) => true; var objResponse = GetResponse(objRequest); @@ -229,8 +232,6 @@ public virtual HttpWebResponse MultipartFormDataPost(string postUrl, string user protected virtual HttpWebResponse PostForm(string postUrl, string userAgent, string contentType, byte[] formData) { - AppConfig = ConfigurationManager.OpenExeConfiguration(Assembly.GetExecutingAssembly().Location); - AllowInvalidCert = AppConfig.AppSettings.Settings["AllowInvalidCerts"].Value; var request = CreateRequest(BaseUrl, postUrl); if (request == null) throw new NullReferenceException("request is not a http request"); @@ -241,7 +242,7 @@ protected virtual HttpWebResponse PostForm(string postUrl, string userAgent, str request.ContentLength = formData.Length; request.Headers.Add("Authorization", "A10 " + AuthenticationSignature); //This is for testing on an Azure VM with an invalid certificate - if (AllowInvalidCert == "true") + if (AllowInvalidCert) ServicePointManager.ServerCertificateValidationCallback = (a, b, c, d) => true; // Send the form data to the request. using (var requestStream = request.GetRequestStream()) @@ -251,7 +252,7 @@ protected virtual HttpWebResponse PostForm(string postUrl, string userAgent, str } //This is for testing on an Azure VM with an invalid certificate - if (AllowInvalidCert == "true") + if (AllowInvalidCert) ServicePointManager.ServerCertificateValidationCallback = (a, b, c, d) => true; return request?.GetResponse() as HttpWebResponse; } From ff4ed8b83dc9fe3e13527a98b196be0d40aacdef Mon Sep 17 00:00:00 2001 From: Lee Fine <50836957+leefine02@users.noreply.github.com> Date: Tue, 24 May 2022 22:56:07 -0400 Subject: [PATCH 05/20] Update integration-manifest.json --- integration-manifest.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/integration-manifest.json b/integration-manifest.json index de7261c..d66f42e 100644 --- a/integration-manifest.json +++ b/integration-manifest.json @@ -1,7 +1,7 @@ { "$schema": "https://keyfactor.github.io/integration-manifest-schema.json", - "integration_type": "windows-orchestrator", + "integration_type": "orchestrator", "name": "a10vThunder", - "status": "Production", + "status": "Pilot", "description": "A10 vThunder AnyAgent allows an organization to inventory and deploy certificates in any domain that the appliance services. The AnyAgent deploys the appropriate files (.cer, .pem) within the defined directories and also performs and Inventory on the Items." } From c0f97ba1ae91a3d009f0c11647b63f5955388512 Mon Sep 17 00:00:00 2001 From: Lee Fine Date: Wed, 22 Jun 2022 10:52:42 -0400 Subject: [PATCH 06/20] changes --- Keyfactor.AnyAgent.vThunder/AnyError.cs | 15 - Keyfactor.AnyAgent.vThunder/CertManager.cs | 86 ----- Keyfactor.AnyAgent.vThunder/Constants.cs | 16 - .../InvalidInventoryInvokeException.cs | 12 - .../UnsupportedOperationException.cs | 12 - .../InventoryResult.cs | 12 - Keyfactor.AnyAgent.vThunder/JobAttribute.cs | 20 -- Keyfactor.AnyAgent.vThunder/Jobs/AgentJob.cs | 65 ---- Keyfactor.AnyAgent.vThunder/Jobs/Inventory.cs | 59 ---- .../Jobs/Management.cs | 222 ------------ .../Keyfactor.AnyAgent.vThunder.csproj | 117 ------- .../Properties/AssemblyInfo.cs | 37 -- Keyfactor.AnyAgent.vThunder/api/ApiClient.cs | 319 ------------------ .../api/AuthRequest.cs | 11 - .../api/AuthResponse.cs | 11 - .../api/AuthSignatureResponse.cs | 9 - .../api/Credentials.cs | 11 - .../api/DeleteCertBaseRequest.cs | 11 - .../api/DeleteCertRequest.cs | 13 - Keyfactor.AnyAgent.vThunder/api/Operation.cs | 9 - Keyfactor.AnyAgent.vThunder/api/SslCert.cs | 15 - Keyfactor.AnyAgent.vThunder/api/SslCertKey.cs | 13 - .../api/SslCertificate.cs | 27 -- .../api/SslCertificateCollection.cs | 9 - .../api/SslCertificateRequest.cs | 9 - .../api/SslCollectionResponse.cs | 9 - .../api/SslKeyRequest.cs | 9 - Keyfactor.AnyAgent.vThunder/app.config | 33 -- a10vthunder-orchestrator/Jobs/Inventory.cs | 4 +- a10vthunder-orchestrator/Jobs/Management.cs | 4 +- a10vthunder-orchestrator/manifest.json | 14 + 31 files changed, 18 insertions(+), 1195 deletions(-) delete mode 100644 Keyfactor.AnyAgent.vThunder/AnyError.cs delete mode 100644 Keyfactor.AnyAgent.vThunder/CertManager.cs delete mode 100644 Keyfactor.AnyAgent.vThunder/Constants.cs delete mode 100644 Keyfactor.AnyAgent.vThunder/Exceptions/InvalidInventoryInvokeException.cs delete mode 100644 Keyfactor.AnyAgent.vThunder/Exceptions/UnsupportedOperationException.cs delete mode 100644 Keyfactor.AnyAgent.vThunder/InventoryResult.cs delete mode 100644 Keyfactor.AnyAgent.vThunder/JobAttribute.cs delete mode 100644 Keyfactor.AnyAgent.vThunder/Jobs/AgentJob.cs delete mode 100644 Keyfactor.AnyAgent.vThunder/Jobs/Inventory.cs delete mode 100644 Keyfactor.AnyAgent.vThunder/Jobs/Management.cs delete mode 100644 Keyfactor.AnyAgent.vThunder/Keyfactor.AnyAgent.vThunder.csproj delete mode 100644 Keyfactor.AnyAgent.vThunder/Properties/AssemblyInfo.cs delete mode 100644 Keyfactor.AnyAgent.vThunder/api/ApiClient.cs delete mode 100644 Keyfactor.AnyAgent.vThunder/api/AuthRequest.cs delete mode 100644 Keyfactor.AnyAgent.vThunder/api/AuthResponse.cs delete mode 100644 Keyfactor.AnyAgent.vThunder/api/AuthSignatureResponse.cs delete mode 100644 Keyfactor.AnyAgent.vThunder/api/Credentials.cs delete mode 100644 Keyfactor.AnyAgent.vThunder/api/DeleteCertBaseRequest.cs delete mode 100644 Keyfactor.AnyAgent.vThunder/api/DeleteCertRequest.cs delete mode 100644 Keyfactor.AnyAgent.vThunder/api/Operation.cs delete mode 100644 Keyfactor.AnyAgent.vThunder/api/SslCert.cs delete mode 100644 Keyfactor.AnyAgent.vThunder/api/SslCertKey.cs delete mode 100644 Keyfactor.AnyAgent.vThunder/api/SslCertificate.cs delete mode 100644 Keyfactor.AnyAgent.vThunder/api/SslCertificateCollection.cs delete mode 100644 Keyfactor.AnyAgent.vThunder/api/SslCertificateRequest.cs delete mode 100644 Keyfactor.AnyAgent.vThunder/api/SslCollectionResponse.cs delete mode 100644 Keyfactor.AnyAgent.vThunder/api/SslKeyRequest.cs delete mode 100644 Keyfactor.AnyAgent.vThunder/app.config create mode 100644 a10vthunder-orchestrator/manifest.json diff --git a/Keyfactor.AnyAgent.vThunder/AnyError.cs b/Keyfactor.AnyAgent.vThunder/AnyError.cs deleted file mode 100644 index 331594f..0000000 --- a/Keyfactor.AnyAgent.vThunder/AnyError.cs +++ /dev/null @@ -1,15 +0,0 @@ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; -using System.Threading.Tasks; - -namespace Keyfactor.AnyAgent.vThunder -{ - public class AnyErrors - { - public virtual bool HasError { get; set; } - - public virtual string ErrorMessage { get; set; } - } -} \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/CertManager.cs b/Keyfactor.AnyAgent.vThunder/CertManager.cs deleted file mode 100644 index f4284c6..0000000 --- a/Keyfactor.AnyAgent.vThunder/CertManager.cs +++ /dev/null @@ -1,86 +0,0 @@ -using System; -using System.Collections.Generic; -using System.Security.Cryptography.X509Certificates; -using System.Text; -using CSS.Common.Logging; -using Keyfactor.AnyAgent.vThunder.api; -using Keyfactor.Platform.Extensions.Agents; -using Keyfactor.Platform.Extensions.Agents.Enums; - -namespace Keyfactor.AnyAgent.vThunder -{ - public class CertManager : LoggingClientBase - { - public virtual InventoryResult GetCert(ApiClient apiClient, string certName) - { - return InventoryResult(apiClient, certName); - } - - public virtual InventoryResult GetCerts(ApiClient apiClient) - { - return InventoryResult(apiClient); - } - - protected virtual SslCollectionResponse CertificateCollection { get; set; } - - protected virtual string CertificateDetails { get; set; } - - public virtual InventoryResult InventoryResult(ApiClient apiClient, string certName = "") - { - var result = new InventoryResult(); - var error = new AnyErrors {HasError = false}; - - Logger.Trace("GetCerts"); - - - CertificateCollection = - certName == "" ? apiClient.GetCertificates() : apiClient.GetCertificates(certName); - - var inventoryItems = new List(); - - Logger.Trace("Start loop"); - - if (CertificateCollection != null) - foreach (var cc in CertificateCollection.SslCertificate.Oper.SslCertificates) - if (!string.IsNullOrEmpty(cc.Name)) - { - Logger.Trace($"Looping through Certificate Store files: {cc.Name}"); - - var privateKeyEntry = cc.Type == "certificate/key"; - - try - { - CertificateDetails = apiClient.GetCertificate(cc.Name); - - //check this is a valid cert, if not fall to the errors - var cert = new X509Certificate2(Encoding.UTF8.GetBytes(CertificateDetails)); - - Logger.Trace($"Add to list: {cc.Name}"); - if (cert.Thumbprint != null) - inventoryItems.Add( - new AgentCertStoreInventoryItem - { - Certificates = new[] - {CertificateDetails}, - Alias = cc.Name, - PrivateKeyEntry = privateKeyEntry, - ItemStatus = AgentInventoryItemStatus.Unknown, - UseChainLevel = true - }); - } - catch (Exception ex) - { - Logger.Error($"Certificate not retrievable: Error on {cc.Name}: {ex.Message}"); - error.ErrorMessage = ex.Message; - error.HasError = true; - } - } - - - result.Errors = error; - result.InventoryList = inventoryItems; - - return result; - } - } -} \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/Constants.cs b/Keyfactor.AnyAgent.vThunder/Constants.cs deleted file mode 100644 index 8a0e70b..0000000 --- a/Keyfactor.AnyAgent.vThunder/Constants.cs +++ /dev/null @@ -1,16 +0,0 @@ -namespace Keyfactor.AnyAgent.vThunder -{ - static class WindowsUserAnyAgentConstants - { - public const string StoreTypeName = "vThunder"; - } - - static class JobTypes - { - public const string Create = "Create"; - public const string Discovery = "Discovery"; - public const string Inventory = "Inventory"; - public const string Management = "Management"; - public const string Reenrollment = "Enrollment"; - } -} diff --git a/Keyfactor.AnyAgent.vThunder/Exceptions/InvalidInventoryInvokeException.cs b/Keyfactor.AnyAgent.vThunder/Exceptions/InvalidInventoryInvokeException.cs deleted file mode 100644 index f183a59..0000000 --- a/Keyfactor.AnyAgent.vThunder/Exceptions/InvalidInventoryInvokeException.cs +++ /dev/null @@ -1,12 +0,0 @@ -using System; - -namespace Keyfactor.AnyAgent.vThunder.Exceptions -{ - class InvalidInventoryInvokeException:Exception - { - public InvalidInventoryInvokeException():base("SubmitInventory.Invoke returned false") - { - - } - } -} diff --git a/Keyfactor.AnyAgent.vThunder/Exceptions/UnsupportedOperationException.cs b/Keyfactor.AnyAgent.vThunder/Exceptions/UnsupportedOperationException.cs deleted file mode 100644 index 7615ae9..0000000 --- a/Keyfactor.AnyAgent.vThunder/Exceptions/UnsupportedOperationException.cs +++ /dev/null @@ -1,12 +0,0 @@ -using System; - -namespace Keyfactor.AnyAgent.vThunder.Exceptions -{ - class UnSupportedOperationException : Exception - { - public UnSupportedOperationException() : base("Unsupported Operation, only Add, Remove are supported") - { - - } - } -} diff --git a/Keyfactor.AnyAgent.vThunder/InventoryResult.cs b/Keyfactor.AnyAgent.vThunder/InventoryResult.cs deleted file mode 100644 index f6d3010..0000000 --- a/Keyfactor.AnyAgent.vThunder/InventoryResult.cs +++ /dev/null @@ -1,12 +0,0 @@ -using System.Collections.Generic; -using Keyfactor.Platform.Extensions.Agents; - -namespace Keyfactor.AnyAgent.vThunder -{ - public class InventoryResult - { - public virtual AnyErrors Errors { get; set; } - - public virtual List InventoryList { get; set; } - } -} diff --git a/Keyfactor.AnyAgent.vThunder/JobAttribute.cs b/Keyfactor.AnyAgent.vThunder/JobAttribute.cs deleted file mode 100644 index e779f87..0000000 --- a/Keyfactor.AnyAgent.vThunder/JobAttribute.cs +++ /dev/null @@ -1,20 +0,0 @@ -using System; - -namespace Keyfactor.AnyAgent.vThunder -{ - [AttributeUsage(AttributeTargets.Class)] - public class JobAttribute : Attribute - { - private string jobClass { get; set; } - - public JobAttribute(string jobClass) - { - this.jobClass = jobClass; - } - - public virtual string JobClass - { - get { return jobClass; } - } - } -} diff --git a/Keyfactor.AnyAgent.vThunder/Jobs/AgentJob.cs b/Keyfactor.AnyAgent.vThunder/Jobs/AgentJob.cs deleted file mode 100644 index 0161d3c..0000000 --- a/Keyfactor.AnyAgent.vThunder/Jobs/AgentJob.cs +++ /dev/null @@ -1,65 +0,0 @@ -using System; -using System.Linq; -using CSS.Common.Logging; -using Keyfactor.Platform.Extensions.Agents; -using Keyfactor.Platform.Extensions.Agents.Delegates; -using Keyfactor.Platform.Extensions.Agents.Interfaces; - -namespace Keyfactor.AnyAgent.vThunder.Jobs -{ - public abstract class AgentJob : LoggingClientBase, IAgentJobExtension - { - public string GetJobClass() - { - var attr = - GetType().GetCustomAttributes(true).First(a => a.GetType() == typeof(JobAttribute)) as JobAttribute; - return attr?.JobClass ?? string.Empty; - } - - public string GetStoreType() - { - return WindowsUserAnyAgentConstants.StoreTypeName; - } - - public abstract AnyJobCompleteInfo processJob(AnyJobConfigInfo config, SubmitInventoryUpdate submitInventory, - SubmitEnrollmentRequest submitEnrollmentRequest, SubmitDiscoveryResults sdr); - - protected AnyJobCompleteInfo Success(string message = null) - { - return new AnyJobCompleteInfo - { - Status = 2, - Message = message ?? $"{GetJobClass()} Complete" - }; - } - - protected AnyJobCompleteInfo Warning(string message = null) - { - return new AnyJobCompleteInfo - { - Status = 3, - Message = message ?? $"{GetJobClass()} Complete With Warnings" - }; - } - - protected AnyJobCompleteInfo ThrowError(Exception exception, string jobSection) - { - var message = FlattenException(exception); - Logger.Error($"Error performing {jobSection} in {GetJobClass()} {GetStoreType()} - {message}"); - return new AnyJobCompleteInfo - { - Status = 4, - Message = message - }; - } - - private string FlattenException(Exception ex) - { - var returnMessage = ex.Message; - if (ex.InnerException != null) - returnMessage += " - " + FlattenException(ex.InnerException); - - return returnMessage; - } - } -} \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/Jobs/Inventory.cs b/Keyfactor.AnyAgent.vThunder/Jobs/Inventory.cs deleted file mode 100644 index 920bb57..0000000 --- a/Keyfactor.AnyAgent.vThunder/Jobs/Inventory.cs +++ /dev/null @@ -1,59 +0,0 @@ -using System; -using System.Configuration; -using System.Reflection; -using Keyfactor.AnyAgent.vThunder.api; -using Keyfactor.AnyAgent.vThunder.Exceptions; -using Keyfactor.Platform.Extensions.Agents; -using Keyfactor.Platform.Extensions.Agents.Delegates; - -namespace Keyfactor.AnyAgent.vThunder.Jobs -{ - [Job(JobTypes.Inventory)] - public class Inventory : AgentJob - { - - protected internal virtual InventoryResult Result { get; set; } - protected internal virtual CertManager CertificateManager { get; set; } - protected internal virtual ApiClient ApiClient { get; set; } - protected internal virtual string Protocol { get; set; } - protected internal virtual Configuration AppConfig { get; set; } - protected internal virtual bool ReturnValue { get; set; } - - public override AnyJobCompleteInfo processJob(AnyJobConfigInfo config, SubmitInventoryUpdate submitInventory, - SubmitEnrollmentRequest submitEnrollmentRequest, SubmitDiscoveryResults sdr) - { - AppConfig = ConfigurationManager.OpenExeConfiguration(Assembly.GetExecutingAssembly().Location); - Protocol = AppConfig.AppSettings.Settings["Protocol"].Value; - - using (ApiClient = new ApiClient(config.Server.Username, config.Server.Password, - $"{Protocol}://{config.Store.ClientMachine.Trim()}")) - { - ApiClient.Logon(); - try - { - Logger.Trace("Parse: Certificate Inventory: " + config.Store.StorePath); - Logger.Trace($"Certificate Store: {config.Store.StoretypeShortName}"); - - Logger.Trace("Entering A10 VThunder DataPower: Certificate Inventory"); - Logger.Trace($"Entering processJob for Certificate Store: {config.Store.StoretypeShortName}"); - CertificateManager = new CertManager(); - Result = CertificateManager.GetCerts(ApiClient); - ReturnValue = submitInventory.Invoke(Result.InventoryList); - - if (ReturnValue == false) - return ThrowError(new InvalidInventoryInvokeException(), "Inventory"); - - if (Result.Errors.HasError) - return Warning( - $"Inventory had issues retrieving some certificates: {Result.Errors.ErrorMessage}"); - - return Success(); - } - catch (Exception e) - { - return ThrowError(e, "Inventory"); - } - } - } - } -} \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/Jobs/Management.cs b/Keyfactor.AnyAgent.vThunder/Jobs/Management.cs deleted file mode 100644 index d43657e..0000000 --- a/Keyfactor.AnyAgent.vThunder/Jobs/Management.cs +++ /dev/null @@ -1,222 +0,0 @@ -using System; -using System.Configuration; -using System.IO; -using System.Linq; -using System.Reflection; -using System.Text; -using Keyfactor.AnyAgent.vThunder.api; -using Keyfactor.AnyAgent.vThunder.Exceptions; -using Keyfactor.Platform.Extensions.Agents; -using Keyfactor.Platform.Extensions.Agents.Delegates; -using Keyfactor.Platform.Extensions.Agents.Enums; -using Org.BouncyCastle.Crypto; -using Org.BouncyCastle.OpenSsl; -using Org.BouncyCastle.Pkcs; - -namespace Keyfactor.AnyAgent.vThunder.Jobs -{ - [Job(JobTypes.Management)] - public class Management : AgentJob - { - protected internal static Func Pemify = ss => - ss.Length <= 64 ? ss : ss.Substring(0, 64) + "\n" + Pemify(ss.Substring(64)); - - protected internal virtual string Protocol { get; set; } - protected internal virtual ApiClient ApiClient { get; set; } - protected internal virtual CertManager CertManager { get; set; } - protected internal virtual Configuration AppConfig { get; set; } - protected internal virtual InventoryResult InventoryResult { get; set; } - protected internal virtual bool ExistingCert { get; set; } - protected internal virtual string CertStart { get; set; } = "-----BEGIN CERTIFICATE-----\n"; - protected internal virtual string CertEnd { get; set; } = "\n-----END CERTIFICATE-----"; - protected internal virtual string Alias { get; set; } - - public override AnyJobCompleteInfo processJob(AnyJobConfigInfo config, SubmitInventoryUpdate submitInventory, - SubmitEnrollmentRequest submitEnrollmentRequest, SubmitDiscoveryResults sdr) - { - CertManager = new CertManager(); - AppConfig = ConfigurationManager.OpenExeConfiguration(Assembly.GetExecutingAssembly().Location); - Protocol = AppConfig.AppSettings.Settings["Protocol"].Value; - Logger.Trace($"Ending Management Constructor Protocol is {Protocol}"); - - using (ApiClient = new ApiClient(config.Server.Username, config.Server.Password, - $"{Protocol}://{config.Store.ClientMachine.Trim()}")) - { - if (string.IsNullOrEmpty(config.Job.Alias)) - return ThrowError(new ArgumentException("Missing Alias/Overwrite, Operation Cannot Be Completed"), - "Management Add/Replace"); - - ApiClient.Logon(); - InventoryResult = CertManager.GetCert(ApiClient, config.Job.Alias); - ExistingCert = InventoryResult != null && InventoryResult?.InventoryList?.Count == 1; - - switch (config.Job.OperationType) - { - case AnyJobOperationType.Add: - try - { - if (ExistingCert) - { - Logger.Trace($"Starting Replace Job for {config.Job.Alias}"); - Replace(config, InventoryResult, ApiClient); - Logger.Trace($"Finishing Replace Job for {config.Job.Alias}"); - } - else - { - Logger.Trace($"Starting Add Job for {config.Job.Alias}"); - Add(config, ApiClient); - Logger.Trace($"Finishing Add Job for {config.Job.Alias}"); - } - } - catch (Exception e) - { - return ThrowError(e, "Error Adding Certificate"); - } - - break; - case AnyJobOperationType.Remove: - try - { - Logger.Trace($"Starting Remove Job for {config.Job.Alias}"); - Remove(config, InventoryResult, ApiClient); - Logger.Trace($"Finishing Remove Job for {config.Job.Alias}"); - } - catch (Exception e) - { - return ThrowError(e, "Error Removing Certificate"); - } - - break; - default: - return ThrowError(new UnSupportedOperationException(), "Management"); - } - - Logger.Trace($"Finishing Process Job for {config.Job.Alias}"); - return Success("Management Job Completed"); - } - } - - protected internal virtual void Replace(AnyJobConfigInfo config, InventoryResult inventoryResult, - ApiClient apiClient) - { - Remove(config, inventoryResult, apiClient); - Add(config, apiClient); - } - - protected internal virtual void Remove(AnyJobConfigInfo configInfo, InventoryResult inventoryResult, - ApiClient apiClient) - { - Logger.Trace($"Start Delete the {configInfo.Job.Alias} Private Key"); - DeleteCertBaseRequest deleteKeyRoot; - if (inventoryResult.InventoryList[0].PrivateKeyEntry) - deleteKeyRoot = new DeleteCertBaseRequest - { - DeleteCert = new DeleteCertRequest - { - CertName = configInfo.Job.Alias, - PrivateKey = configInfo.Job.Alias - } - }; - else - deleteKeyRoot = new DeleteCertBaseRequest - { - DeleteCert = new DeleteCertRequest - { - CertName = configInfo.Job.Alias - } - }; - - apiClient.RemoveCertificate(deleteKeyRoot); - Logger.Trace($"Successful Delete of the {configInfo.Job.Alias} Private Key"); - } - - protected internal virtual void Add(AnyJobConfigInfo configInfo, ApiClient apiClient) - { - Logger.Trace($"Entering Add Function for {configInfo.Job.Alias}"); - var privateKeyString = ""; - string certPem; - - if (!string.IsNullOrEmpty(configInfo.Job.PfxPassword)) - { - Logger.Trace($"Pfx Password exists getting Private Key string for {configInfo.Job.Alias}"); - var certData = Convert.FromBase64String(configInfo.Job.EntryContents); - var store = new Pkcs12Store(new MemoryStream(certData), - configInfo.Job.PfxPassword.ToCharArray()); - - using (var memoryStream = new MemoryStream()) - { - using (TextWriter streamWriter = new StreamWriter(memoryStream)) - { - var pemWriter = new PemWriter(streamWriter); - Logger.Trace($"Getting Public Key for {configInfo.Job.Alias}"); - Alias = store.Aliases.Cast().SingleOrDefault(a => store.IsKeyEntry(a)); - var publicKey = store.GetCertificate(Alias).Certificate.GetPublicKey(); - Logger.Trace($"Getting Private Key for {configInfo.Job.Alias}"); - var privateKey = store.GetKey(Alias).Key; - var keyPair = new AsymmetricCipherKeyPair(publicKey, privateKey); - Logger.Trace($"Writing Private Key for {configInfo.Job.Alias}"); - pemWriter.WriteObject(keyPair.Private); - streamWriter.Flush(); - privateKeyString = Encoding.ASCII.GetString(memoryStream.GetBuffer()).Trim() - .Replace("\r", "").Replace("\0", ""); - memoryStream.Close(); - streamWriter.Close(); - Logger.Trace($"Private Key String Retrieved for {configInfo.Job.Alias}"); - } - } - - // Extract server certificate - var beginCertificate = "-----BEGIN CERTIFICATE-----\n"; - var endCertificate = "\n-----END CERTIFICATE-----"; - - Logger.Trace($"Start getting Server Certificate for {configInfo.Job.Alias}"); - certPem = beginCertificate + - Pemify(Convert.ToBase64String(store.GetCertificate(Alias).Certificate.GetEncoded())) + - endCertificate; - Logger.Trace($"Finished getting Server Certificate for {configInfo.Job.Alias}"); - } - else - { - Logger.Trace($"No Private Key get Cert Pem {configInfo.Job.Alias}"); - certPem = CertStart + Pemify(configInfo.Job.EntryContents) + CertEnd; - } - - Logger.Trace($"Creating Cert API Add Request for {configInfo.Job.Alias}"); - var sslCertRequest = new SslCertificateRequest - { - SslCertificate = new SslCert - { - Action = "import", - CertificateType = "pem", - File = configInfo.Job.Alias.Replace(".pem", ".pem"), - FileHandle = configInfo.Job.Alias.Replace(".pem", ".pem") - } - }; - - Logger.Trace($"Making API Call to Add Certificate For {configInfo.Job.Alias}"); - apiClient.AddCertificate(sslCertRequest, certPem); - Logger.Trace($"Finished API Call to Add Certificate For {configInfo.Job.Alias}"); - - if (!string.IsNullOrEmpty(configInfo.Job.PfxPassword)) - { - Logger.Trace($"Creating Key API Add Request for {configInfo.Job.Alias}"); - var sslKeyRequest = new SslKeyRequest - { - SslKey = new SslCertKey - { - Action = "import", - File = configInfo.Job.Alias.Replace(".pem", ".pem"), - FileHandle = configInfo.Job.Alias.Replace(".pem", ".pem") - } - }; - - Logger.Trace($"Making Add Key API Call for {configInfo.Job.Alias}"); - apiClient.AddPrivateKey(sslKeyRequest, privateKeyString); - Logger.Trace($"Finished Add Key API Call for {configInfo.Job.Alias}"); - } - - Logger.Trace($"Starting Log Off for Add {configInfo.Job.Alias}"); - Logger.Trace($"Finished Log Off for Add {configInfo.Job.Alias}"); - } - } -} \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/Keyfactor.AnyAgent.vThunder.csproj b/Keyfactor.AnyAgent.vThunder/Keyfactor.AnyAgent.vThunder.csproj deleted file mode 100644 index 29dbb99..0000000 --- a/Keyfactor.AnyAgent.vThunder/Keyfactor.AnyAgent.vThunder.csproj +++ /dev/null @@ -1,117 +0,0 @@ - - - - - Debug - AnyCPU - {7A68FF2A-DACD-4E5D-9DB9-BCBFCF179D43} - Library - Properties - Keyfactor.AnyAgent.vThunder - Keyfactor.AnyAgent.vThunder - v4.6.2 - 512 - SAK - SAK - SAK - SAK - - - true - full - false - bin\Debug\ - DEBUG;TRACE - prompt - 4 - - - pdbonly - true - bin\Release\ - TRACE - prompt - 4 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1.8.1 - - - 3.4.1 - - - 3.4.1 - - - 1.6.0 - - - 1.0.1 - - - 5.2.6 - - - 5.2.6 - - - 5.2.6 - - - 5.2.6 - - - 4.0.1 - - - 12.0.3 - - - - - - \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/Properties/AssemblyInfo.cs b/Keyfactor.AnyAgent.vThunder/Properties/AssemblyInfo.cs deleted file mode 100644 index ddf9467..0000000 --- a/Keyfactor.AnyAgent.vThunder/Properties/AssemblyInfo.cs +++ /dev/null @@ -1,37 +0,0 @@ -using System.Reflection; -using System.Runtime.CompilerServices; -using System.Runtime.InteropServices; - -// General Information about an assembly is controlled through the following -// set of attributes. Change these attribute values to modify the information -// associated with an assembly. -[assembly: AssemblyTitle("CSS.Integrations.A10")] -[assembly: AssemblyDescription("")] -[assembly: AssemblyConfiguration("")] -[assembly: AssemblyCompany("")] -[assembly: AssemblyProduct("CSS.Integrations.A10")] -[assembly: AssemblyCopyright("Copyright © 2018")] -[assembly: AssemblyTrademark("")] -[assembly: AssemblyCulture("")] - -// Setting ComVisible to false makes the types in this assembly not visible -// to COM components. If you need to access a type in this assembly from -// COM, set the ComVisible attribute to true on that type. -[assembly: ComVisible(false)] - -// The following GUID is for the ID of the typelib if this project is exposed to COM -[assembly: Guid("7a68ff2a-dacd-4e5d-9db9-bcbfcf179d43")] - -// Version information for an assembly consists of the following four values: -// -// Major Version -// Minor Version -// Build Number -// Revision -// -// You can specify all the values or you can default the Build and Revision Numbers -// by using the '*' as shown below: -// [assembly: AssemblyVersion("1.0.*")] -[assembly: AssemblyVersion("1.0.0.0")] -[assembly: AssemblyFileVersion("1.0.0.0")] -[assembly: InternalsVisibleTo("Keyfactor.AnyAgent.vThunder.Tests")] \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/api/ApiClient.cs b/Keyfactor.AnyAgent.vThunder/api/ApiClient.cs deleted file mode 100644 index 83ad924..0000000 --- a/Keyfactor.AnyAgent.vThunder/api/ApiClient.cs +++ /dev/null @@ -1,319 +0,0 @@ -using System; -using System.Collections.Generic; -using System.Configuration; -using System.Diagnostics.CodeAnalysis; -using System.IO; -using System.Net; -using System.Reflection; -using System.Text; -using CSS.Common.Logging; -using Newtonsoft.Json; - -namespace Keyfactor.AnyAgent.vThunder.api -{ - [SuppressMessage("ReSharper", "ConstantConditionalAccessQualifier")] - public class ApiClient : LoggingClientBase, IDisposable - { - private static readonly Encoding Encoding = Encoding.UTF8; - public virtual string AuthenticationSignature { get; set; } - public string BaseUrl { get; set; } - public virtual string AllowInvalidCert { get; set; } - public string UserId { get; set; } - public string Password { get; set; } - public Configuration AppConfig { get; set; } - - - #region Interface Implementation - - public void Dispose() - { - LogOff(); - } - - #endregion - - #region Constructors - - public ApiClient(string user, string pass, string baseUrl) - { - BaseUrl = baseUrl; - UserId = user; - Password = pass; - } - - public ApiClient() - { - } - - #endregion - - #region Class Methods - - public virtual void Logon() - { - var authRequest = new AuthRequest - {Credentials = new Credentials {Username = UserId, Password = Password}}; - var strRequest = JsonConvert.SerializeObject(authRequest); - try - { - var strResponse = ApiRequestString("POST", "/axapi/v3/auth", "POST", strRequest, false, false); - var authSignatureResponse = JsonConvert.DeserializeObject(strResponse); - AuthenticationSignature = authSignatureResponse.Response.Signature; - } - catch (Exception ex) - { - Logger.Error($"Error Authenticating: {ex.Message}"); - } - } - - public virtual bool LogOff() - { - try - { - ApiRequestString("POST", "/axapi/v3/logoff", "POST", "", false, true); - return true; - } - catch (Exception) - { - return false; - } - } - - public virtual void AddCertificate(SslCertificateRequest sslCertRequest, string importCertificate) - { - var certData = Encoding.ASCII.GetBytes(importCertificate); - AddCertificate(sslCertRequest, certData); - } - - public virtual void AddCertificate(SslCertificateRequest sslCertRequest, byte[] certData) - { - var strRequest = JsonConvert.SerializeObject(sslCertRequest); - var requestArray = Encoding.ASCII.GetBytes(strRequest); - - // Generate post objects - var postParameters = new Dictionary - { - {"json", new FileParameter(requestArray, "a10.json", "application/json")}, - { - "file", - new FileParameter(certData, sslCertRequest.SslCertificate.File, "application/octet-stream") - } - }; - - // Create request and receive response - var userAgent = "Keyfactor Agent"; - var webResponse = MultipartFormDataPost("/axapi/v3/file/ssl-cert", userAgent, postParameters); - - using (var responseReader = new StreamReader(webResponse.GetResponseStream() ?? Stream.Null)) - { - responseReader.ReadToEnd(); - webResponse.Close(); - } - } - - public virtual bool AddPrivateKey(SslKeyRequest sslKeyRequest, string importCertificateKey) - { - var keyArray = Encoding.ASCII.GetBytes(importCertificateKey); - AddPrivateKey(sslKeyRequest, keyArray); - return true; - } - - public virtual void AddPrivateKey(SslKeyRequest sslKeyRequest, byte[] keyArray) - { - var strRequest = JsonConvert.SerializeObject(sslKeyRequest); - var requestArray = Encoding.ASCII.GetBytes(strRequest); - - // Generate post objects - var postParameters = new Dictionary - { - {"json", new FileParameter(requestArray, "a10.json", "application/json")}, - {"file", new FileParameter(keyArray, sslKeyRequest.SslKey.File, "application/octet-stream")} - }; - - // Create request and receive response - var userAgent = "Keyfactor Agent"; - var webResponse = MultipartFormDataPost("/axapi/v3/file/ssl-key", userAgent, postParameters); - - // Process response - using (var responseReader = new StreamReader(webResponse.GetResponseStream() ?? Stream.Null)) - { - responseReader.ReadToEnd(); - webResponse.Close(); - } - } - - public virtual SslCollectionResponse GetCertificates(string certName = "") - { - var strResponse = ApiRequestString("GET", - certName.Length == 0 - ? "/axapi/v3/slb/ssl-cert/oper" - : $"/axapi/v3/slb/ssl-cert/oper?name={certName}", "GET", "", false, true); - var sslColResponse = JsonConvert.DeserializeObject(strResponse); - return sslColResponse; - } - - public virtual string GetCertificate(string certificateName) - { - var strResponse = ApiRequestString("GET", $"/axapi/v3/file/ssl-cert/{certificateName}", "GET", "", false, - true); - return strResponse; - } - - public virtual void RemoveCertificate(DeleteCertBaseRequest deleteCertRoot) - { - ApiRequestString("POST", "/axapi/v3/pki/delete", "POST", JsonConvert.SerializeObject(deleteCertRoot), - false, true); - } - - public virtual HttpWebRequest CreateRequest(string baseUrl, string postUrl) - { - var objRequest = (HttpWebRequest) WebRequest.Create(BaseUrl + postUrl); - return objRequest; - } - - public virtual HttpWebResponse GetResponse(HttpWebRequest request) - { - return (HttpWebResponse) request.GetResponse(); - } - - public virtual string ApiRequestString(string strCall, string strPostUrl, string strMethod, - string strQueryString, - bool bWrite, bool bUseToken) - { - AppConfig = ConfigurationManager.OpenExeConfiguration(Assembly.GetExecutingAssembly().Location); - AllowInvalidCert = AppConfig.AppSettings.Settings["AllowInvalidCerts"].Value; - var objRequest = CreateRequest(BaseUrl, strPostUrl); - objRequest.Method = strMethod; - objRequest.ContentType = "application/json"; - if (bUseToken) - objRequest.Headers?.Add("Authorization", "A10 " + AuthenticationSignature); - - if (!string.IsNullOrEmpty(strQueryString) && strMethod == "POST") - { - var postBytes = Encoding.UTF8.GetBytes(strQueryString); - objRequest.ContentLength = postBytes.Length; - //This is for testing on an Azure VM with an invalid certificate - if (AllowInvalidCert == "true") - ServicePointManager.ServerCertificateValidationCallback = (a, b, c, d) => true; - using (var requestStream = objRequest.GetRequestStream()) - { - requestStream?.Write(postBytes, 0, postBytes.Length); - requestStream?.Close(); - } - } - - //This is for testing on an Azure VM with an invalid certificate - if (AllowInvalidCert == "true") - ServicePointManager.ServerCertificateValidationCallback = (a, b, c, d) => true; - var objResponse = GetResponse(objRequest); - - using (var strReader = new StreamReader(objResponse.GetResponseStream() ?? Stream.Null)) - { - var strResponse = strReader.ReadToEnd(); - return strResponse; - } - } - - public virtual HttpWebResponse MultipartFormDataPost(string postUrl, string userAgent, - Dictionary postParameters) - { - var boundary = $"{Guid.NewGuid():N}"; - var formDataBoundary = $"------------------------{boundary}"; - var contentType = "multipart/form-data; boundary=" + formDataBoundary; - - var formData = GetMultipartFormData(postParameters, boundary); - - return PostForm(postUrl, userAgent, contentType, formData); - } - - protected virtual HttpWebResponse PostForm(string postUrl, string userAgent, string contentType, - byte[] formData) - { - AppConfig = ConfigurationManager.OpenExeConfiguration(Assembly.GetExecutingAssembly().Location); - AllowInvalidCert = AppConfig.AppSettings.Settings["AllowInvalidCerts"].Value; - var request = CreateRequest(BaseUrl, postUrl); - if (request == null) throw new NullReferenceException("request is not a http request"); - - // Set up the request properties. - request.Method = "POST"; - request.ContentType = contentType; - request.UserAgent = userAgent; - request.ContentLength = formData.Length; - request.Headers.Add("Authorization", "A10 " + AuthenticationSignature); - //This is for testing on an Azure VM with an invalid certificate - if (AllowInvalidCert == "true") - ServicePointManager.ServerCertificateValidationCallback = (a, b, c, d) => true; - // Send the form data to the request. - using (var requestStream = request.GetRequestStream()) - { - requestStream?.Write(formData, 0, formData.Length); - requestStream?.Close(); - } - - //This is for testing on an Azure VM with an invalid certificate - if (AllowInvalidCert == "true") - ServicePointManager.ServerCertificateValidationCallback = (a, b, c, d) => true; - return request?.GetResponse() as HttpWebResponse; - } - - protected virtual byte[] GetMultipartFormData(Dictionary postParameters, string boundary) - { - byte[] formData; - using (Stream formDataStream = new MemoryStream()) - { - var needsClrf = false; - - foreach (var param in postParameters) - { - // Thanks to feedback from comment-ers, add a CRLF to allow multiple parameters to be added. - // Skip it on the first parameter, add it to subsequent parameters. - if (needsClrf) - formDataStream.Write(Encoding.GetBytes("\r\n"), 0, Encoding.GetByteCount("\r\n")); - - needsClrf = true; - - if (param.Value is FileParameter fileToUpload) - { - // Add just the first part of this param, since we will write the file data directly to the Stream - - var header = - $"--------------------------{boundary}\r\nContent-Disposition: form-data; name=\"{param.Key}\"; filename=\"{fileToUpload.FileName ?? param.Key}\"\r\nContent-Type: {fileToUpload.ContentType ?? "application/octet-stream"}\r\n\r\n"; - - formDataStream.Write(Encoding.GetBytes(header), 0, Encoding.GetByteCount(header)); - - // Write the file data directly to the Stream, rather than serializing it to a string. - formDataStream.Write(fileToUpload.File, 0, fileToUpload.File.Length); - } - } - - // Add the end of the request. Start with a newline - var footer = "\r\n--------------------------" + boundary + "--\r\n"; - formDataStream.Write(Encoding.GetBytes(footer), 0, Encoding.GetByteCount(footer)); - - // Dump the Stream into a byte[] - formDataStream.Position = 0; - formData = new byte[formDataStream.Length]; - formDataStream.Read(formData, 0, formData.Length); - formDataStream.Close(); - } - - return formData; - } - - public class FileParameter - { - public FileParameter(byte[] file, string filename, string contentType) - { - File = file; - FileName = filename; - ContentType = contentType; - } - - public byte[] File { get; set; } - public string FileName { get; set; } - public string ContentType { get; set; } - } - - #endregion - } -} \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/api/AuthRequest.cs b/Keyfactor.AnyAgent.vThunder/api/AuthRequest.cs deleted file mode 100644 index 5727b24..0000000 --- a/Keyfactor.AnyAgent.vThunder/api/AuthRequest.cs +++ /dev/null @@ -1,11 +0,0 @@ -namespace Keyfactor.AnyAgent.vThunder.api -{ - #region JSON Request and Response Classes - - internal class AuthRequest - { - public Credentials Credentials { get; set; } - } - - #endregion -} \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/api/AuthResponse.cs b/Keyfactor.AnyAgent.vThunder/api/AuthResponse.cs deleted file mode 100644 index 691a42c..0000000 --- a/Keyfactor.AnyAgent.vThunder/api/AuthResponse.cs +++ /dev/null @@ -1,11 +0,0 @@ -using Newtonsoft.Json; - -namespace Keyfactor.AnyAgent.vThunder.api -{ - public class AuthResponse - { - [JsonProperty("signature")] public string Signature { get; set; } - - [JsonProperty("description")] public string Description { get; set; } - } -} \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/api/AuthSignatureResponse.cs b/Keyfactor.AnyAgent.vThunder/api/AuthSignatureResponse.cs deleted file mode 100644 index ca9bcb4..0000000 --- a/Keyfactor.AnyAgent.vThunder/api/AuthSignatureResponse.cs +++ /dev/null @@ -1,9 +0,0 @@ -using Newtonsoft.Json; - -namespace Keyfactor.AnyAgent.vThunder.api -{ - public class AuthSignatureResponse - { - [JsonProperty("authresponse")] public AuthResponse Response { get; set; } - } -} \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/api/Credentials.cs b/Keyfactor.AnyAgent.vThunder/api/Credentials.cs deleted file mode 100644 index 31fff6e..0000000 --- a/Keyfactor.AnyAgent.vThunder/api/Credentials.cs +++ /dev/null @@ -1,11 +0,0 @@ -using Newtonsoft.Json; - -namespace Keyfactor.AnyAgent.vThunder.api -{ - internal class Credentials - { - [JsonProperty("username")] public string Username { get; set; } - - [JsonProperty("password")] public string Password { get; set; } - } -} \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/api/DeleteCertBaseRequest.cs b/Keyfactor.AnyAgent.vThunder/api/DeleteCertBaseRequest.cs deleted file mode 100644 index 926ad09..0000000 --- a/Keyfactor.AnyAgent.vThunder/api/DeleteCertBaseRequest.cs +++ /dev/null @@ -1,11 +0,0 @@ -using Newtonsoft.Json; - -namespace Keyfactor.AnyAgent.vThunder.api -{ - public class DeleteCertBaseRequest - { - [JsonProperty("delete", NullValueHandling = NullValueHandling.Ignore)] - public DeleteCertRequest DeleteCert { get; set; } - - } -} diff --git a/Keyfactor.AnyAgent.vThunder/api/DeleteCertRequest.cs b/Keyfactor.AnyAgent.vThunder/api/DeleteCertRequest.cs deleted file mode 100644 index b3d2112..0000000 --- a/Keyfactor.AnyAgent.vThunder/api/DeleteCertRequest.cs +++ /dev/null @@ -1,13 +0,0 @@ -using Newtonsoft.Json; - -namespace Keyfactor.AnyAgent.vThunder.api -{ - public class DeleteCertRequest - { - [JsonProperty("cert-name")] - public string CertName { get; set; } - - [JsonProperty("private-key",NullValueHandling=NullValueHandling.Ignore)] - public string PrivateKey { get; set; } - } -} diff --git a/Keyfactor.AnyAgent.vThunder/api/Operation.cs b/Keyfactor.AnyAgent.vThunder/api/Operation.cs deleted file mode 100644 index fb926c6..0000000 --- a/Keyfactor.AnyAgent.vThunder/api/Operation.cs +++ /dev/null @@ -1,9 +0,0 @@ -using Newtonsoft.Json; - -namespace Keyfactor.AnyAgent.vThunder.api -{ - public class Operation - { - [JsonProperty("oper")] public SslCertificateCollection Oper { get; set; } - } -} \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/api/SslCert.cs b/Keyfactor.AnyAgent.vThunder/api/SslCert.cs deleted file mode 100644 index 983fcc0..0000000 --- a/Keyfactor.AnyAgent.vThunder/api/SslCert.cs +++ /dev/null @@ -1,15 +0,0 @@ -using Newtonsoft.Json; - -namespace Keyfactor.AnyAgent.vThunder.api -{ - public class SslCert - { - [JsonProperty("certificate-type")] public string CertificateType { get; set; } - - [JsonProperty("action")] public string Action { get; set; } - - [JsonProperty("file")] public string File { get; set; } - - [JsonProperty("file-handle")] public string FileHandle { get; set; } - } -} \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/api/SslCertKey.cs b/Keyfactor.AnyAgent.vThunder/api/SslCertKey.cs deleted file mode 100644 index 335c3be..0000000 --- a/Keyfactor.AnyAgent.vThunder/api/SslCertKey.cs +++ /dev/null @@ -1,13 +0,0 @@ -using Newtonsoft.Json; - -namespace Keyfactor.AnyAgent.vThunder.api -{ - public class SslCertKey - { - [JsonProperty("action")] public string Action { get; set; } - - [JsonProperty("file")] public string File { get; set; } - - [JsonProperty("file-handle")] public string FileHandle { get; set; } - } -} \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/api/SslCertificate.cs b/Keyfactor.AnyAgent.vThunder/api/SslCertificate.cs deleted file mode 100644 index c08d640..0000000 --- a/Keyfactor.AnyAgent.vThunder/api/SslCertificate.cs +++ /dev/null @@ -1,27 +0,0 @@ -using Newtonsoft.Json; - -namespace Keyfactor.AnyAgent.vThunder.api -{ - public class SslCertificate - { - [JsonProperty("name")] public string Name { get; set; } - - [JsonProperty("type")] public string Type { get; set; } - - [JsonProperty("serial")] public string Serial { get; set; } - - [JsonProperty("notbefore")] public string NotBefore { get; set; } - - [JsonProperty("notafter")] public string NotAfter { get; set; } - - [JsonProperty("common-name")] public string CommonName { get; set; } - - [JsonProperty("organization")] public string Organization { get; set; } - - [JsonProperty("subject")] public string Subject { get; set; } - - [JsonProperty("issuer")] public string Issuer { get; set; } - - [JsonProperty("status")] public string Status { get; set; } - } -} \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/api/SslCertificateCollection.cs b/Keyfactor.AnyAgent.vThunder/api/SslCertificateCollection.cs deleted file mode 100644 index 5489dda..0000000 --- a/Keyfactor.AnyAgent.vThunder/api/SslCertificateCollection.cs +++ /dev/null @@ -1,9 +0,0 @@ -using Newtonsoft.Json; - -namespace Keyfactor.AnyAgent.vThunder.api -{ - public class SslCertificateCollection - { - [JsonProperty("ssl-certs")] public SslCertificate[] SslCertificates { get; set; } - } -} \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/api/SslCertificateRequest.cs b/Keyfactor.AnyAgent.vThunder/api/SslCertificateRequest.cs deleted file mode 100644 index 86b45dc..0000000 --- a/Keyfactor.AnyAgent.vThunder/api/SslCertificateRequest.cs +++ /dev/null @@ -1,9 +0,0 @@ -using Newtonsoft.Json; - -namespace Keyfactor.AnyAgent.vThunder.api -{ - public class SslCertificateRequest - { - [JsonProperty("ssl-cert")] public SslCert SslCertificate { get; set; } - } -} \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/api/SslCollectionResponse.cs b/Keyfactor.AnyAgent.vThunder/api/SslCollectionResponse.cs deleted file mode 100644 index ecd4b4d..0000000 --- a/Keyfactor.AnyAgent.vThunder/api/SslCollectionResponse.cs +++ /dev/null @@ -1,9 +0,0 @@ -using Newtonsoft.Json; - -namespace Keyfactor.AnyAgent.vThunder.api -{ - public class SslCollectionResponse - { - [JsonProperty("ssl-cert")] public Operation SslCertificate { get; set; } - } -} \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/api/SslKeyRequest.cs b/Keyfactor.AnyAgent.vThunder/api/SslKeyRequest.cs deleted file mode 100644 index 3522ff8..0000000 --- a/Keyfactor.AnyAgent.vThunder/api/SslKeyRequest.cs +++ /dev/null @@ -1,9 +0,0 @@ -using Newtonsoft.Json; - -namespace Keyfactor.AnyAgent.vThunder.api -{ - public class SslKeyRequest - { - [JsonProperty("ssl-key")] public SslCertKey SslKey { get; set; } - } -} \ No newline at end of file diff --git a/Keyfactor.AnyAgent.vThunder/app.config b/Keyfactor.AnyAgent.vThunder/app.config deleted file mode 100644 index 75fffaf..0000000 --- a/Keyfactor.AnyAgent.vThunder/app.config +++ /dev/null @@ -1,33 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - \ No newline at end of file diff --git a/a10vthunder-orchestrator/Jobs/Inventory.cs b/a10vthunder-orchestrator/Jobs/Inventory.cs index 3250bf9..4d12bcb 100644 --- a/a10vthunder-orchestrator/Jobs/Inventory.cs +++ b/a10vthunder-orchestrator/Jobs/Inventory.cs @@ -30,9 +30,9 @@ public JobResult ProcessJob(InventoryJobConfiguration config, SubmitInventoryUpd dynamic properties = JsonConvert.DeserializeObject(config.CertificateStoreDetails.Properties.ToString()); Protocol = properties.protocol == null || string.IsNullOrEmpty(properties.protocol.Value) ? "https" : properties.protocol.Value; - AllowInvalidCert = properties.allowInvalidCert == null || string.IsNullOrEmpty(properties.allowInvalidCert.Value) ? "https" : bool.Parse(properties.protallowInvalidCertocol.Value); + AllowInvalidCert = properties.allowInvalidCert == null || string.IsNullOrEmpty(properties.allowInvalidCert.Value) ? false : bool.Parse(properties.allowInvalidCert.Value); - using (ApiClient = new ApiClient(config.ServerUsername, config.CertificateStoreDetails.StorePassword, + using (ApiClient = new ApiClient(config.ServerUsername, config.ServerPassword, $"{Protocol}://{config.CertificateStoreDetails.ClientMachine.Trim()}", AllowInvalidCert)) { ApiClient.Logon(); diff --git a/a10vthunder-orchestrator/Jobs/Management.cs b/a10vthunder-orchestrator/Jobs/Management.cs index efc97e7..17b5506 100644 --- a/a10vthunder-orchestrator/Jobs/Management.cs +++ b/a10vthunder-orchestrator/Jobs/Management.cs @@ -44,12 +44,12 @@ public JobResult ProcessJob(ManagementJobConfiguration config) dynamic properties = JsonConvert.DeserializeObject(config.CertificateStoreDetails.Properties.ToString()); Protocol = properties.protocol == null || string.IsNullOrEmpty(properties.protocol.Value) ? "https" : properties.protocol.Value; - AllowInvalidCert = properties.allowInvalidCert == null || string.IsNullOrEmpty(properties.allowInvalidCert.Value) ? "https" : bool.Parse(properties.protallowInvalidCertocol.Value); + AllowInvalidCert = properties.allowInvalidCert == null || string.IsNullOrEmpty(properties.allowInvalidCert.Value) ? false : bool.Parse(properties.allowInvalidCert.Value); CertManager = new CertManager(); logger.LogTrace($"Ending Management Constructor Protocol is {Protocol}"); - using (ApiClient = new ApiClient(config.ServerUsername, config.CertificateStoreDetails.StorePassword, + using (ApiClient = new ApiClient(config.ServerUsername, config.ServerPassword, $"{Protocol}://{config.CertificateStoreDetails.ClientMachine.Trim()}", AllowInvalidCert)) { if (string.IsNullOrEmpty(config.JobCertificate.Alias)) diff --git a/a10vthunder-orchestrator/manifest.json b/a10vthunder-orchestrator/manifest.json new file mode 100644 index 0000000..ae853b9 --- /dev/null +++ b/a10vthunder-orchestrator/manifest.json @@ -0,0 +1,14 @@ +{ + "extensions": { + "Keyfactor.Orchestrators.Extensions.IOrchestratorJobExtension": { + "CertStores.vThunder.Inventory": { + "assemblypath": "a10vthunder-orchestrator.dll", + "TypeFullName": "Keyfactor.Extensions.Orchestrator.vThunder.Inventory" + }, + "CertStores.vThunder.Management": { + "assemblypath": "a10vthunder-orchestrator.dll", + "TypeFullName": "Keyfactor.Extensions.Orchestrator.vThunder.Management" + } + } + } +} \ No newline at end of file From 0ac9b311951fe0f7226343d5d5728a24170446d1 Mon Sep 17 00:00:00 2001 From: Brian Hill Date: Thu, 23 Jun 2022 13:35:20 -0400 Subject: [PATCH 07/20] Logging Updates and Refactoring --- a10vthunder-orchestrator/AnyErrors.cs | 7 +- .../{api => Api/Models}/AuthRequest.cs | 2 +- .../{api => Api/Models}/AuthResponse.cs | 2 +- .../Models}/AuthSignatureResponse.cs | 2 +- .../{api => Api/Models}/Credentials.cs | 2 +- .../Models}/DeleteCertBaseRequest.cs | 2 +- .../{api => Api/Models}/DeleteCertRequest.cs | 2 +- .../{api => Api/Models}/Operation.cs | 2 +- .../{api => Api/Models}/SslCert.cs | 2 +- .../{api => Api/Models}/SslCertKey.cs | 2 +- .../{api => Api/Models}/SslCertificate.cs | 2 +- .../Models}/SslCertificateCollection.cs | 2 +- .../Models}/SslCertificateRequest.cs | 2 +- .../Models}/SslCollectionResponse.cs | 2 +- .../{api => Api/Models}/SslKeyRequest.cs | 2 +- a10vthunder-orchestrator/CertManager.cs | 134 ++++-- a10vthunder-orchestrator/Constants.cs | 3 +- .../InvalidInventoryInvokeException.cs | 9 +- .../UnsupportedOperationException.cs | 7 +- a10vthunder-orchestrator/InventoryResult.cs | 2 +- a10vthunder-orchestrator/JobAttribute.cs | 8 +- a10vthunder-orchestrator/Jobs/Inventory.cs | 64 ++- a10vthunder-orchestrator/Jobs/Management.cs | 284 ++++++----- a10vthunder-orchestrator/api/ApiClient.cs | 455 ++++++++++++------ 24 files changed, 620 insertions(+), 381 deletions(-) rename a10vthunder-orchestrator/{api => Api/Models}/AuthRequest.cs (72%) rename a10vthunder-orchestrator/{api => Api/Models}/AuthResponse.cs (79%) rename a10vthunder-orchestrator/{api => Api/Models}/AuthSignatureResponse.cs (74%) rename a10vthunder-orchestrator/{api => Api/Models}/Credentials.cs (79%) rename a10vthunder-orchestrator/{api => Api/Models}/DeleteCertBaseRequest.cs (79%) rename a10vthunder-orchestrator/{api => Api/Models}/DeleteCertRequest.cs (83%) rename a10vthunder-orchestrator/{api => Api/Models}/Operation.cs (72%) rename a10vthunder-orchestrator/{api => Api/Models}/SslCert.cs (86%) rename a10vthunder-orchestrator/{api => Api/Models}/SslCertKey.cs (83%) rename a10vthunder-orchestrator/{api => Api/Models}/SslCertificate.cs (93%) rename a10vthunder-orchestrator/{api => Api/Models}/SslCertificateCollection.cs (75%) rename a10vthunder-orchestrator/{api => Api/Models}/SslCertificateRequest.cs (73%) rename a10vthunder-orchestrator/{api => Api/Models}/SslCollectionResponse.cs (73%) rename a10vthunder-orchestrator/{api => Api/Models}/SslKeyRequest.cs (71%) diff --git a/a10vthunder-orchestrator/AnyErrors.cs b/a10vthunder-orchestrator/AnyErrors.cs index 60fc478..0a7d506 100644 --- a/a10vthunder-orchestrator/AnyErrors.cs +++ b/a10vthunder-orchestrator/AnyErrors.cs @@ -1,10 +1,9 @@ using System; -using Keyfactor.Logging; -using Microsoft.Extensions.Logging; -using Keyfactor.Orchestrators.Extensions; using Keyfactor.Orchestrators.Common.Enums; +using Keyfactor.Orchestrators.Extensions; +using Microsoft.Extensions.Logging; -namespace Keyfactor.Extensions.Orchestrator.vThunder +namespace a10vthunder_orchestrator { public class AnyErrors { diff --git a/a10vthunder-orchestrator/api/AuthRequest.cs b/a10vthunder-orchestrator/Api/Models/AuthRequest.cs similarity index 72% rename from a10vthunder-orchestrator/api/AuthRequest.cs rename to a10vthunder-orchestrator/Api/Models/AuthRequest.cs index 69dfb21..e26a38a 100644 --- a/a10vthunder-orchestrator/api/AuthRequest.cs +++ b/a10vthunder-orchestrator/Api/Models/AuthRequest.cs @@ -1,4 +1,4 @@ -namespace Keyfactor.Extensions.Orchestrator.vThunder.api +namespace a10vthunder_orchestrator.Api.Models { #region JSON Request and Response Classes diff --git a/a10vthunder-orchestrator/api/AuthResponse.cs b/a10vthunder-orchestrator/Api/Models/AuthResponse.cs similarity index 79% rename from a10vthunder-orchestrator/api/AuthResponse.cs rename to a10vthunder-orchestrator/Api/Models/AuthResponse.cs index 6f3395f..aae18ad 100644 --- a/a10vthunder-orchestrator/api/AuthResponse.cs +++ b/a10vthunder-orchestrator/Api/Models/AuthResponse.cs @@ -1,6 +1,6 @@ using Newtonsoft.Json; -namespace Keyfactor.Extensions.Orchestrator.vThunder.api +namespace a10vthunder_orchestrator.Api.Models { public class AuthResponse { diff --git a/a10vthunder-orchestrator/api/AuthSignatureResponse.cs b/a10vthunder-orchestrator/Api/Models/AuthSignatureResponse.cs similarity index 74% rename from a10vthunder-orchestrator/api/AuthSignatureResponse.cs rename to a10vthunder-orchestrator/Api/Models/AuthSignatureResponse.cs index 23fd6df..fba6575 100644 --- a/a10vthunder-orchestrator/api/AuthSignatureResponse.cs +++ b/a10vthunder-orchestrator/Api/Models/AuthSignatureResponse.cs @@ -1,6 +1,6 @@ using Newtonsoft.Json; -namespace Keyfactor.Extensions.Orchestrator.vThunder.api +namespace a10vthunder_orchestrator.Api.Models { public class AuthSignatureResponse { diff --git a/a10vthunder-orchestrator/api/Credentials.cs b/a10vthunder-orchestrator/Api/Models/Credentials.cs similarity index 79% rename from a10vthunder-orchestrator/api/Credentials.cs rename to a10vthunder-orchestrator/Api/Models/Credentials.cs index e6633b0..08d4b57 100644 --- a/a10vthunder-orchestrator/api/Credentials.cs +++ b/a10vthunder-orchestrator/Api/Models/Credentials.cs @@ -1,6 +1,6 @@ using Newtonsoft.Json; -namespace Keyfactor.Extensions.Orchestrator.vThunder.api +namespace a10vthunder_orchestrator.Api.Models { internal class Credentials { diff --git a/a10vthunder-orchestrator/api/DeleteCertBaseRequest.cs b/a10vthunder-orchestrator/Api/Models/DeleteCertBaseRequest.cs similarity index 79% rename from a10vthunder-orchestrator/api/DeleteCertBaseRequest.cs rename to a10vthunder-orchestrator/Api/Models/DeleteCertBaseRequest.cs index 5dfe79c..f6771c9 100644 --- a/a10vthunder-orchestrator/api/DeleteCertBaseRequest.cs +++ b/a10vthunder-orchestrator/Api/Models/DeleteCertBaseRequest.cs @@ -1,6 +1,6 @@ using Newtonsoft.Json; -namespace Keyfactor.Extensions.Orchestrator.vThunder.api +namespace a10vthunder_orchestrator.Api.Models { public class DeleteCertBaseRequest { diff --git a/a10vthunder-orchestrator/api/DeleteCertRequest.cs b/a10vthunder-orchestrator/Api/Models/DeleteCertRequest.cs similarity index 83% rename from a10vthunder-orchestrator/api/DeleteCertRequest.cs rename to a10vthunder-orchestrator/Api/Models/DeleteCertRequest.cs index e174cd5..d5c2b90 100644 --- a/a10vthunder-orchestrator/api/DeleteCertRequest.cs +++ b/a10vthunder-orchestrator/Api/Models/DeleteCertRequest.cs @@ -1,6 +1,6 @@ using Newtonsoft.Json; -namespace Keyfactor.Extensions.Orchestrator.vThunder.api +namespace a10vthunder_orchestrator.Api.Models { public class DeleteCertRequest { diff --git a/a10vthunder-orchestrator/api/Operation.cs b/a10vthunder-orchestrator/Api/Models/Operation.cs similarity index 72% rename from a10vthunder-orchestrator/api/Operation.cs rename to a10vthunder-orchestrator/Api/Models/Operation.cs index 29cc9ff..047f07c 100644 --- a/a10vthunder-orchestrator/api/Operation.cs +++ b/a10vthunder-orchestrator/Api/Models/Operation.cs @@ -1,6 +1,6 @@ using Newtonsoft.Json; -namespace Keyfactor.Extensions.Orchestrator.vThunder.api +namespace a10vthunder_orchestrator.Api.Models { public class Operation { diff --git a/a10vthunder-orchestrator/api/SslCert.cs b/a10vthunder-orchestrator/Api/Models/SslCert.cs similarity index 86% rename from a10vthunder-orchestrator/api/SslCert.cs rename to a10vthunder-orchestrator/Api/Models/SslCert.cs index 1f4828a..5e5daf0 100644 --- a/a10vthunder-orchestrator/api/SslCert.cs +++ b/a10vthunder-orchestrator/Api/Models/SslCert.cs @@ -1,6 +1,6 @@ using Newtonsoft.Json; -namespace Keyfactor.Extensions.Orchestrator.vThunder.api +namespace a10vthunder_orchestrator.Api.Models { public class SslCert { diff --git a/a10vthunder-orchestrator/api/SslCertKey.cs b/a10vthunder-orchestrator/Api/Models/SslCertKey.cs similarity index 83% rename from a10vthunder-orchestrator/api/SslCertKey.cs rename to a10vthunder-orchestrator/Api/Models/SslCertKey.cs index 1d935bb..5168f7f 100644 --- a/a10vthunder-orchestrator/api/SslCertKey.cs +++ b/a10vthunder-orchestrator/Api/Models/SslCertKey.cs @@ -1,6 +1,6 @@ using Newtonsoft.Json; -namespace Keyfactor.Extensions.Orchestrator.vThunder.api +namespace a10vthunder_orchestrator.Api.Models { public class SslCertKey { diff --git a/a10vthunder-orchestrator/api/SslCertificate.cs b/a10vthunder-orchestrator/Api/Models/SslCertificate.cs similarity index 93% rename from a10vthunder-orchestrator/api/SslCertificate.cs rename to a10vthunder-orchestrator/Api/Models/SslCertificate.cs index fe19b0d..c4067b5 100644 --- a/a10vthunder-orchestrator/api/SslCertificate.cs +++ b/a10vthunder-orchestrator/Api/Models/SslCertificate.cs @@ -1,6 +1,6 @@ using Newtonsoft.Json; -namespace Keyfactor.Extensions.Orchestrator.vThunder.api +namespace a10vthunder_orchestrator.Api.Models { public class SslCertificate { diff --git a/a10vthunder-orchestrator/api/SslCertificateCollection.cs b/a10vthunder-orchestrator/Api/Models/SslCertificateCollection.cs similarity index 75% rename from a10vthunder-orchestrator/api/SslCertificateCollection.cs rename to a10vthunder-orchestrator/Api/Models/SslCertificateCollection.cs index ff51830..7f00806 100644 --- a/a10vthunder-orchestrator/api/SslCertificateCollection.cs +++ b/a10vthunder-orchestrator/Api/Models/SslCertificateCollection.cs @@ -1,6 +1,6 @@ using Newtonsoft.Json; -namespace Keyfactor.Extensions.Orchestrator.vThunder.api +namespace a10vthunder_orchestrator.Api.Models { public class SslCertificateCollection { diff --git a/a10vthunder-orchestrator/api/SslCertificateRequest.cs b/a10vthunder-orchestrator/Api/Models/SslCertificateRequest.cs similarity index 73% rename from a10vthunder-orchestrator/api/SslCertificateRequest.cs rename to a10vthunder-orchestrator/Api/Models/SslCertificateRequest.cs index 140dc7f..9e47ab5 100644 --- a/a10vthunder-orchestrator/api/SslCertificateRequest.cs +++ b/a10vthunder-orchestrator/Api/Models/SslCertificateRequest.cs @@ -1,6 +1,6 @@ using Newtonsoft.Json; -namespace Keyfactor.Extensions.Orchestrator.vThunder.api +namespace a10vthunder_orchestrator.Api.Models { public class SslCertificateRequest { diff --git a/a10vthunder-orchestrator/api/SslCollectionResponse.cs b/a10vthunder-orchestrator/Api/Models/SslCollectionResponse.cs similarity index 73% rename from a10vthunder-orchestrator/api/SslCollectionResponse.cs rename to a10vthunder-orchestrator/Api/Models/SslCollectionResponse.cs index c1f6af1..bcd7fda 100644 --- a/a10vthunder-orchestrator/api/SslCollectionResponse.cs +++ b/a10vthunder-orchestrator/Api/Models/SslCollectionResponse.cs @@ -1,6 +1,6 @@ using Newtonsoft.Json; -namespace Keyfactor.Extensions.Orchestrator.vThunder.api +namespace a10vthunder_orchestrator.Api.Models { public class SslCollectionResponse { diff --git a/a10vthunder-orchestrator/api/SslKeyRequest.cs b/a10vthunder-orchestrator/Api/Models/SslKeyRequest.cs similarity index 71% rename from a10vthunder-orchestrator/api/SslKeyRequest.cs rename to a10vthunder-orchestrator/Api/Models/SslKeyRequest.cs index 8889a07..996e415 100644 --- a/a10vthunder-orchestrator/api/SslKeyRequest.cs +++ b/a10vthunder-orchestrator/Api/Models/SslKeyRequest.cs @@ -1,6 +1,6 @@ using Newtonsoft.Json; -namespace Keyfactor.Extensions.Orchestrator.vThunder.api +namespace a10vthunder_orchestrator.Api.Models { public class SslKeyRequest { diff --git a/a10vthunder-orchestrator/CertManager.cs b/a10vthunder-orchestrator/CertManager.cs index 074eac3..a09fbd5 100644 --- a/a10vthunder-orchestrator/CertManager.cs +++ b/a10vthunder-orchestrator/CertManager.cs @@ -2,26 +2,48 @@ using System.Collections.Generic; using System.Security.Cryptography.X509Certificates; using System.Text; - -using Keyfactor.Extensions.Orchestrator.vThunder.api; -using Keyfactor.Orchestrators.Extensions; -using Keyfactor.Orchestrators.Common.Enums; +using a10vthunder_orchestrator.Api; +using a10vthunder_orchestrator.Api.Models; using Keyfactor.Logging; - +using Keyfactor.Orchestrators.Common.Enums; +using Keyfactor.Orchestrators.Extensions; using Microsoft.Extensions.Logging; -namespace Keyfactor.Extensions.Orchestrator.vThunder +namespace a10vthunder_orchestrator { public class CertManager { + private ILogger Logger { get; } + + public CertManager() + { + Logger = LogHandler.GetClassLogger(); + } + public virtual InventoryResult GetCert(ApiClient apiClient, string certName) { - return InventoryResult(apiClient, certName); + try + { + return InventoryResult(apiClient, certName); + } + catch (Exception ex) + { + Logger.LogError($"Error in CertManager.GetCerts: {LogHandler.FlattenException(ex)}"); + throw; + } } public virtual InventoryResult GetCerts(ApiClient apiClient) { - return InventoryResult(apiClient); + try + { + return InventoryResult(apiClient); + } + catch (Exception ex) + { + Logger.LogError($"Error in CertManager.GetCerts: {LogHandler.FlattenException(ex)}"); + throw; + } } protected virtual SslCollectionResponse CertificateCollection { get; set; } @@ -30,62 +52,70 @@ public virtual InventoryResult GetCerts(ApiClient apiClient) public virtual InventoryResult InventoryResult(ApiClient apiClient, string certName = "") { - ILogger logger = LogHandler.GetClassLogger(); - - var result = new InventoryResult(); - var error = new AnyErrors {HasError = false}; + try + { + ILogger logger = LogHandler.GetClassLogger(); - logger.LogTrace("GetCerts"); + var result = new InventoryResult(); + var error = new AnyErrors {HasError = false}; + logger.LogTrace("GetCerts"); - CertificateCollection = - certName == "" ? apiClient.GetCertificates() : apiClient.GetCertificates(certName); - var inventoryItems = new List(); + CertificateCollection = + certName == "" ? apiClient.GetCertificates() : apiClient.GetCertificates(certName); - logger.LogTrace("Start loop"); + var inventoryItems = new List(); - if (CertificateCollection != null) - foreach (var cc in CertificateCollection.SslCertificate.Oper.SslCertificates) - if (!string.IsNullOrEmpty(cc.Name)) - { - logger.LogTrace($"Looping through Certificate Store files: {cc.Name}"); + logger.LogTrace("Start loop"); - var privateKeyEntry = cc.Type == "certificate/key"; - - try - { - CertificateDetails = apiClient.GetCertificate(cc.Name); - - //check this is a valid cert, if not fall to the errors - var cert = new X509Certificate2(Encoding.UTF8.GetBytes(CertificateDetails)); - - logger.LogTrace($"Add to list: {cc.Name}"); - if (cert.Thumbprint != null) - inventoryItems.Add( - new CurrentInventoryItem - { - Certificates = new[] - {CertificateDetails}, - Alias = cc.Name, - PrivateKeyEntry = privateKeyEntry, - ItemStatus = OrchestratorInventoryItemStatus.Unknown, - UseChainLevel = true - }); - } - catch (Exception ex) + if (CertificateCollection != null) + foreach (var cc in CertificateCollection.SslCertificate.Oper.SslCertificates) + if (!string.IsNullOrEmpty(cc.Name)) { - logger.LogError($"Certificate not retrievable: Error on {cc.Name}: {ex.Message}"); - error.ErrorMessage = ex.Message; - error.HasError = true; + logger.LogTrace($"Looping through Certificate Store files: {cc.Name}"); + + var privateKeyEntry = cc.Type == "certificate/key"; + + try + { + CertificateDetails = apiClient.GetCertificate(cc.Name); + + //check this is a valid cert, if not fall to the errors + var cert = new X509Certificate2(Encoding.UTF8.GetBytes(CertificateDetails)); + + logger.LogTrace($"Add to list: {cc.Name}"); + if (cert.Thumbprint != null) + inventoryItems.Add( + new CurrentInventoryItem + { + Certificates = new[] + {CertificateDetails}, + Alias = cc.Name, + PrivateKeyEntry = privateKeyEntry, + ItemStatus = OrchestratorInventoryItemStatus.Unknown, + UseChainLevel = true + }); + } + catch (Exception ex) + { + logger.LogError($"Certificate not retrievable: Error on {cc.Name}: {ex.Message}"); + error.ErrorMessage = ex.Message; + error.HasError = true; + } } - } - result.Errors = error; - result.InventoryList = inventoryItems; + result.Errors = error; + result.InventoryList = inventoryItems; - return result; + return result; + } + catch (Exception ex) + { + Logger.LogError($"Error in CertManager.InventoryResult: {LogHandler.FlattenException(ex)}"); + throw; + } } } } \ No newline at end of file diff --git a/a10vthunder-orchestrator/Constants.cs b/a10vthunder-orchestrator/Constants.cs index 5715d6f..ab64a03 100644 --- a/a10vthunder-orchestrator/Constants.cs +++ b/a10vthunder-orchestrator/Constants.cs @@ -1,4 +1,4 @@ -namespace Keyfactor.Extensions.Orchestrator.vThunder +namespace a10vthunder_orchestrator { static class WindowsUserAnyAgentConstants { @@ -11,6 +11,5 @@ static class JobTypes public const string Discovery = "Discovery"; public const string Inventory = "Inventory"; public const string Management = "Management"; - public const string Reenrollment = "Enrollment"; } } diff --git a/a10vthunder-orchestrator/Exceptions/InvalidInventoryInvokeException.cs b/a10vthunder-orchestrator/Exceptions/InvalidInventoryInvokeException.cs index a9fa999..d393678 100644 --- a/a10vthunder-orchestrator/Exceptions/InvalidInventoryInvokeException.cs +++ b/a10vthunder-orchestrator/Exceptions/InvalidInventoryInvokeException.cs @@ -1,12 +1,11 @@ using System; -namespace Keyfactor.Extensions.Orchestrator.vThunder.Exceptions +namespace a10vthunder_orchestrator.Exceptions { - class InvalidInventoryInvokeException:Exception + internal class InvalidInventoryInvokeException : Exception { - public InvalidInventoryInvokeException():base("SubmitInventory.Invoke returned false") + public InvalidInventoryInvokeException() : base("SubmitInventory.Invoke returned false") { - } } -} +} \ No newline at end of file diff --git a/a10vthunder-orchestrator/Exceptions/UnsupportedOperationException.cs b/a10vthunder-orchestrator/Exceptions/UnsupportedOperationException.cs index 54e8b60..c80eb1d 100644 --- a/a10vthunder-orchestrator/Exceptions/UnsupportedOperationException.cs +++ b/a10vthunder-orchestrator/Exceptions/UnsupportedOperationException.cs @@ -1,12 +1,11 @@ using System; -namespace Keyfactor.Extensions.Orchestrator.vThunder.Exceptions +namespace a10vthunder_orchestrator.Exceptions { - class UnSupportedOperationException : Exception + internal class UnSupportedOperationException : Exception { public UnSupportedOperationException() : base("Unsupported Operation, only Add, Remove are supported") { - } } -} +} \ No newline at end of file diff --git a/a10vthunder-orchestrator/InventoryResult.cs b/a10vthunder-orchestrator/InventoryResult.cs index ee612a5..70fb23d 100644 --- a/a10vthunder-orchestrator/InventoryResult.cs +++ b/a10vthunder-orchestrator/InventoryResult.cs @@ -1,7 +1,7 @@ using System.Collections.Generic; using Keyfactor.Orchestrators.Extensions; -namespace Keyfactor.Extensions.Orchestrator.vThunder +namespace a10vthunder_orchestrator { public class InventoryResult { diff --git a/a10vthunder-orchestrator/JobAttribute.cs b/a10vthunder-orchestrator/JobAttribute.cs index 80adafe..035ac32 100644 --- a/a10vthunder-orchestrator/JobAttribute.cs +++ b/a10vthunder-orchestrator/JobAttribute.cs @@ -1,10 +1,11 @@ using System; -namespace Keyfactor.Extensions.Orchestrator.vThunder +namespace a10vthunder_orchestrator { [AttributeUsage(AttributeTargets.Class)] public class JobAttribute : Attribute { + // ReSharper disable once InconsistentNaming private string jobClass { get; set; } public JobAttribute(string jobClass) @@ -12,9 +13,6 @@ public JobAttribute(string jobClass) this.jobClass = jobClass; } - public virtual string JobClass - { - get { return jobClass; } - } + public virtual string JobClass => jobClass; } } diff --git a/a10vthunder-orchestrator/Jobs/Inventory.cs b/a10vthunder-orchestrator/Jobs/Inventory.cs index 4d12bcb..d07052e 100644 --- a/a10vthunder-orchestrator/Jobs/Inventory.cs +++ b/a10vthunder-orchestrator/Jobs/Inventory.cs @@ -1,21 +1,22 @@ using System; -using System.Reflection; - -using Keyfactor.Extensions.Orchestrator.vThunder.api; -using Keyfactor.Extensions.Orchestrator.vThunder.Exceptions; +using a10vthunder_orchestrator.Api; +using a10vthunder_orchestrator.Exceptions; using Keyfactor.Logging; -using Keyfactor.Orchestrators.Extensions; using Keyfactor.Orchestrators.Common.Enums; - +using Keyfactor.Orchestrators.Extensions; using Microsoft.Extensions.Logging; - using Newtonsoft.Json; -namespace Keyfactor.Extensions.Orchestrator.vThunder +namespace a10vthunder_orchestrator.Jobs { public class Inventory : IInventoryJobExtension { - public string ExtensionName => ""; + private readonly ILogger _logger; + + public Inventory(ILogger logger) + { + _logger = logger; + } protected internal virtual InventoryResult Result { get; set; } protected internal virtual CertManager CertificateManager { get; set; } @@ -23,14 +24,21 @@ public class Inventory : IInventoryJobExtension protected internal virtual string Protocol { get; set; } protected internal virtual bool AllowInvalidCert { get; set; } protected internal virtual bool ReturnValue { get; set; } + public string ExtensionName => "A10VThunder"; public JobResult ProcessJob(InventoryJobConfiguration config, SubmitInventoryUpdate submitInventory) { - ILogger logger = LogHandler.GetClassLogger(); + _logger.MethodEntry(); - dynamic properties = JsonConvert.DeserializeObject(config.CertificateStoreDetails.Properties.ToString()); - Protocol = properties.protocol == null || string.IsNullOrEmpty(properties.protocol.Value) ? "https" : properties.protocol.Value; - AllowInvalidCert = properties.allowInvalidCert == null || string.IsNullOrEmpty(properties.allowInvalidCert.Value) ? false : bool.Parse(properties.allowInvalidCert.Value); + dynamic properties = JsonConvert.DeserializeObject(config.CertificateStoreDetails.Properties); + Protocol = properties != null && + (properties.protocol == null || string.IsNullOrEmpty(properties.protocol.Value)) + ? "https" + : properties?.protocol.Value; + AllowInvalidCert = + properties?.allowInvalidCert == null || string.IsNullOrEmpty(properties.allowInvalidCert.Value) + ? false + : bool.Parse(properties.allowInvalidCert.Value); using (ApiClient = new ApiClient(config.ServerUsername, config.ServerPassword, $"{Protocol}://{config.CertificateStoreDetails.ClientMachine.Trim()}", AllowInvalidCert)) @@ -38,26 +46,40 @@ public JobResult ProcessJob(InventoryJobConfiguration config, SubmitInventoryUpd ApiClient.Logon(); try { - logger.LogTrace("Parse: Certificate Inventory: " + config.CertificateStoreDetails.StorePath); - logger.LogTrace($"Certificate Store: {config.CertificateStoreDetails.ClientMachine} {config.CertificateStoreDetails.StorePath}"); + _logger.LogTrace("Parse: Certificate Inventory: " + config.CertificateStoreDetails.StorePath); + _logger.LogTrace( + $"Certificate Store: {config.CertificateStoreDetails.ClientMachine} {config.CertificateStoreDetails.StorePath}"); - logger.LogTrace("Entering A10 VThunder DataPower: Certificate Inventory"); - logger.LogTrace($"Entering processJob for Certificate Store: {config.CertificateStoreDetails.ClientMachine} {config.CertificateStoreDetails.StorePath}"); + _logger.LogTrace("Entering A10 VThunder DataPower: Certificate Inventory"); + _logger.LogTrace( + $"Entering processJob for Certificate Store: {config.CertificateStoreDetails.ClientMachine} {config.CertificateStoreDetails.StorePath}"); CertificateManager = new CertManager(); Result = CertificateManager.GetCerts(ApiClient); + _logger.LogTrace($"Got {Result.InventoryList.Count} Certs from Inventory"); + ReturnValue = submitInventory.Invoke(Result.InventoryList); + _logger.LogTrace("Invoked Inventory"); + _logger.MethodExit(); if (ReturnValue == false) - return AnyErrors.ThrowError(logger, new InvalidInventoryInvokeException(), this.GetType().Name, "Inventory"); + return AnyErrors.ThrowError(_logger, new InvalidInventoryInvokeException(), GetType().Name, + "Inventory"); if (Result.Errors.HasError) - return new JobResult() { JobHistoryId = config.JobHistoryId, FailureMessage = $"Inventory had issues retrieving some certificates: {Result.Errors.ErrorMessage}", Result = OrchestratorJobStatusJobResult.Warning }; + return new JobResult + { + JobHistoryId = config.JobHistoryId, + FailureMessage = + $"Inventory had issues retrieving some certificates: {Result.Errors.ErrorMessage}", + Result = OrchestratorJobStatusJobResult.Warning + }; - return new JobResult() { JobHistoryId = config.JobHistoryId, Result = OrchestratorJobStatusJobResult.Success }; + return new JobResult + {JobHistoryId = config.JobHistoryId, Result = OrchestratorJobStatusJobResult.Success}; } catch (Exception e) { - return AnyErrors.ThrowError(logger, e, this.GetType().Name, "Inventory"); + return AnyErrors.ThrowError(_logger, e, GetType().Name, "Inventory"); } } } diff --git a/a10vthunder-orchestrator/Jobs/Management.cs b/a10vthunder-orchestrator/Jobs/Management.cs index 17b5506..64636e9 100644 --- a/a10vthunder-orchestrator/Jobs/Management.cs +++ b/a10vthunder-orchestrator/Jobs/Management.cs @@ -1,33 +1,33 @@ using System; -using System.Configuration; using System.IO; using System.Linq; -using System.Reflection; using System.Text; - -using Keyfactor.Extensions.Orchestrator.vThunder.api; -using Keyfactor.Extensions.Orchestrator.vThunder.Exceptions; +using a10vthunder_orchestrator.Api; +using a10vthunder_orchestrator.Api.Models; +using a10vthunder_orchestrator.Exceptions; using Keyfactor.Logging; -using Keyfactor.Orchestrators.Extensions; using Keyfactor.Orchestrators.Common.Enums; - +using Keyfactor.Orchestrators.Extensions; using Microsoft.Extensions.Logging; - using Newtonsoft.Json; - using Org.BouncyCastle.Crypto; using Org.BouncyCastle.OpenSsl; using Org.BouncyCastle.Pkcs; -namespace Keyfactor.Extensions.Orchestrator.vThunder +namespace a10vthunder_orchestrator.Jobs { public class Management : IManagementJobExtension { - public string ExtensionName => ""; - protected internal static Func Pemify = ss => ss.Length <= 64 ? ss : ss.Substring(0, 64) + "\n" + Pemify(ss.Substring(64)); + private readonly ILogger _logger; + + public Management(ILogger logger) + { + _logger = logger; + } + protected internal virtual string Protocol { get; set; } protected internal virtual bool AllowInvalidCert { get; set; } protected internal virtual ApiClient ApiClient { get; set; } @@ -37,24 +37,33 @@ public class Management : IManagementJobExtension protected internal virtual string CertStart { get; set; } = "-----BEGIN CERTIFICATE-----\n"; protected internal virtual string CertEnd { get; set; } = "\n-----END CERTIFICATE-----"; protected internal virtual string Alias { get; set; } + public string ExtensionName => "A10VThunder"; public JobResult ProcessJob(ManagementJobConfiguration config) { - ILogger logger = LogHandler.GetClassLogger(); - - dynamic properties = JsonConvert.DeserializeObject(config.CertificateStoreDetails.Properties.ToString()); - Protocol = properties.protocol == null || string.IsNullOrEmpty(properties.protocol.Value) ? "https" : properties.protocol.Value; - AllowInvalidCert = properties.allowInvalidCert == null || string.IsNullOrEmpty(properties.allowInvalidCert.Value) ? false : bool.Parse(properties.allowInvalidCert.Value); + _logger.MethodEntry(); + _logger.LogTrace($"config settings: {JsonConvert.SerializeObject(config)}"); + dynamic properties = JsonConvert.DeserializeObject(config.CertificateStoreDetails.Properties); + _logger.LogTrace($"properties: {JsonConvert.SerializeObject(properties)}"); + Protocol = properties?.protocol == null || string.IsNullOrEmpty(properties.protocol.Value) + ? "https" + : properties.protocol.Value; + AllowInvalidCert = + properties?.allowInvalidCert == null || string.IsNullOrEmpty(properties.allowInvalidCert.Value) + ? false + : bool.Parse(properties.allowInvalidCert.Value); CertManager = new CertManager(); - logger.LogTrace($"Ending Management Constructor Protocol is {Protocol}"); + _logger.LogTrace($"Ending Management Constructor Protocol is {Protocol}"); using (ApiClient = new ApiClient(config.ServerUsername, config.ServerPassword, $"{Protocol}://{config.CertificateStoreDetails.ClientMachine.Trim()}", AllowInvalidCert)) { + _logger.LogTrace("Entering APIClient Using clause"); if (string.IsNullOrEmpty(config.JobCertificate.Alias)) - return AnyErrors.ThrowError(logger, new ArgumentException("Missing Alias/Overwrite, Operation Cannot Be Completed"), - this.GetType().Name, "Management Add/Replace"); + return AnyErrors.ThrowError(_logger, + new ArgumentException("Missing Alias/Overwrite, Operation Cannot Be Completed"), + GetType().Name, "Management Add/Replace"); ApiClient.Logon(); InventoryResult = CertManager.GetCert(ApiClient, config.JobCertificate.Alias); @@ -67,166 +76,193 @@ public JobResult ProcessJob(ManagementJobConfiguration config) { if (ExistingCert) { - logger.LogTrace($"Starting Replace Job for {config.JobCertificate.Alias}"); - Replace(logger, config, InventoryResult, ApiClient); - logger.LogTrace($"Finishing Replace Job for {config.JobCertificate.Alias}"); + _logger.LogTrace($"Starting Replace Job for {config.JobCertificate.Alias}"); + Replace(config, InventoryResult, ApiClient); + _logger.LogTrace($"Finishing Replace Job for {config.JobCertificate.Alias}"); } else { - logger.LogTrace($"Starting Add Job for {config.JobCertificate.Alias}"); - Add(logger, config, ApiClient); - logger.LogTrace($"Finishing Add Job for {config.JobCertificate.Alias}"); + _logger.LogTrace($"Starting Add Job for {config.JobCertificate.Alias}"); + Add(config, ApiClient); + _logger.LogTrace($"Finishing Add Job for {config.JobCertificate.Alias}"); } } catch (Exception e) { - return AnyErrors.ThrowError(logger, e, this.GetType().Name, "Error Adding Certificate"); + return AnyErrors.ThrowError(_logger, e, GetType().Name, "Error Adding Certificate"); } break; case CertStoreOperationType.Remove: try { - logger.LogTrace($"Starting Remove Job for {config.JobCertificate.Alias}"); - Remove(logger, config, InventoryResult, ApiClient); - logger.LogTrace($"Finishing Remove Job for {config.JobCertificate.Alias}"); + _logger.LogTrace($"Starting Remove Job for {config.JobCertificate.Alias}"); + Remove(config, InventoryResult, ApiClient); + _logger.LogTrace($"Finishing Remove Job for {config.JobCertificate.Alias}"); } catch (Exception e) { - return AnyErrors.ThrowError(logger, e, this.GetType().Name, "Error Removing Certificate"); + return AnyErrors.ThrowError(_logger, e, GetType().Name, "Error Removing Certificate"); } break; default: - return AnyErrors.ThrowError(logger, new UnSupportedOperationException(), this.GetType().Name, "Management"); + return AnyErrors.ThrowError(_logger, new UnSupportedOperationException(), GetType().Name, + "Management"); } - logger.LogTrace($"Finishing Process Job for {config.JobCertificate.Alias}"); - return new JobResult() { JobHistoryId = config.JobHistoryId, Result = OrchestratorJobStatusJobResult.Success }; + _logger.LogTrace($"Finishing Process Job for {config.JobCertificate.Alias}"); + return new JobResult + {JobHistoryId = config.JobHistoryId, Result = OrchestratorJobStatusJobResult.Success}; } } - protected internal virtual void Replace(ILogger logger, ManagementJobConfiguration config, InventoryResult inventoryResult, + protected internal virtual void Replace(ManagementJobConfiguration config, InventoryResult inventoryResult, ApiClient apiClient) { - Remove(logger, config, inventoryResult, apiClient); - Add(logger, config, apiClient); + try + { + Remove(config, inventoryResult, apiClient); + Add(config, apiClient); + } + catch (Exception ex) + { + _logger.LogError($"Error in Management.Replace: {LogHandler.FlattenException(ex)}"); + throw; + } } - protected internal virtual void Remove(ILogger logger, ManagementJobConfiguration configInfo, InventoryResult inventoryResult, + protected internal virtual void Remove(ManagementJobConfiguration configInfo, InventoryResult inventoryResult, ApiClient apiClient) { - logger.LogTrace($"Start Delete the {configInfo.JobCertificate.Alias} Private Key"); - DeleteCertBaseRequest deleteKeyRoot; - if (inventoryResult.InventoryList[0].PrivateKeyEntry) - deleteKeyRoot = new DeleteCertBaseRequest - { - DeleteCert = new DeleteCertRequest + try + { + _logger.LogTrace($"Start Delete the {configInfo.JobCertificate.Alias} Private Key"); + DeleteCertBaseRequest deleteKeyRoot; + if (inventoryResult.InventoryList[0].PrivateKeyEntry) + deleteKeyRoot = new DeleteCertBaseRequest { - CertName = configInfo.JobCertificate.Alias, - PrivateKey = configInfo.JobCertificate.Alias - } - }; - else - deleteKeyRoot = new DeleteCertBaseRequest - { - DeleteCert = new DeleteCertRequest + DeleteCert = new DeleteCertRequest + { + CertName = configInfo.JobCertificate.Alias, + PrivateKey = configInfo.JobCertificate.Alias + } + }; + else + deleteKeyRoot = new DeleteCertBaseRequest { - CertName = configInfo.JobCertificate.Alias - } - }; + DeleteCert = new DeleteCertRequest + { + CertName = configInfo.JobCertificate.Alias + } + }; - apiClient.RemoveCertificate(deleteKeyRoot); - logger.LogTrace($"Successful Delete of the {configInfo.JobCertificate.Alias} Private Key"); + apiClient.RemoveCertificate(deleteKeyRoot); + _logger.LogTrace($"Successful Delete of the {configInfo.JobCertificate.Alias} Private Key"); + } + catch (Exception ex) + { + _logger.LogError($"Error in Management.Remove: {LogHandler.FlattenException(ex)}"); + throw; + } } - protected internal virtual void Add(ILogger logger, ManagementJobConfiguration configInfo, ApiClient apiClient) + protected internal virtual void Add(ManagementJobConfiguration configInfo, ApiClient apiClient) { - logger.LogTrace($"Entering Add Function for {configInfo.JobCertificate.Alias}"); - var privateKeyString = ""; - string certPem; - - if (!string.IsNullOrEmpty(configInfo.JobCertificate.PrivateKeyPassword)) + try { - logger.LogTrace($"Pfx Password exists getting Private Key string for {configInfo.JobCertificate.Alias}"); - var certData = Convert.FromBase64String(configInfo.JobCertificate.Contents); - var store = new Pkcs12Store(new MemoryStream(certData), - configInfo.JobCertificate.PrivateKeyPassword.ToCharArray()); + _logger.LogTrace($"Entering Add Function for {configInfo.JobCertificate.Alias}"); + var privateKeyString = ""; + string certPem; - using (var memoryStream = new MemoryStream()) + if (!string.IsNullOrEmpty(configInfo.JobCertificate.PrivateKeyPassword)) { - using (TextWriter streamWriter = new StreamWriter(memoryStream)) + _logger.LogTrace( + $"Pfx Password exists getting Private Key string for {configInfo.JobCertificate.Alias}"); + var certData = Convert.FromBase64String(configInfo.JobCertificate.Contents); + var store = new Pkcs12Store(new MemoryStream(certData), + configInfo.JobCertificate.PrivateKeyPassword.ToCharArray()); + + using (var memoryStream = new MemoryStream()) { - var pemWriter = new PemWriter(streamWriter); - logger.LogTrace($"Getting Public Key for {configInfo.JobCertificate.Alias}"); - Alias = store.Aliases.Cast().SingleOrDefault(a => store.IsKeyEntry(a)); - var publicKey = store.GetCertificate(Alias).Certificate.GetPublicKey(); - logger.LogTrace($"Getting Private Key for {configInfo.JobCertificate.Alias}"); - var privateKey = store.GetKey(Alias).Key; - var keyPair = new AsymmetricCipherKeyPair(publicKey, privateKey); - logger.LogTrace($"Writing Private Key for {configInfo.JobCertificate.Alias}"); - pemWriter.WriteObject(keyPair.Private); - streamWriter.Flush(); - privateKeyString = Encoding.ASCII.GetString(memoryStream.GetBuffer()).Trim() - .Replace("\r", "").Replace("\0", ""); - memoryStream.Close(); - streamWriter.Close(); - logger.LogTrace($"Private Key String Retrieved for {configInfo.JobCertificate.Alias}"); + using (TextWriter streamWriter = new StreamWriter(memoryStream)) + { + var pemWriter = new PemWriter(streamWriter); + _logger.LogTrace($"Getting Public Key for {configInfo.JobCertificate.Alias}"); + Alias = store.Aliases.Cast().SingleOrDefault(a => store.IsKeyEntry(a)); + var publicKey = store.GetCertificate(Alias).Certificate.GetPublicKey(); + _logger.LogTrace($"Getting Private Key for {configInfo.JobCertificate.Alias}"); + var privateKey = store.GetKey(Alias).Key; + var keyPair = new AsymmetricCipherKeyPair(publicKey, privateKey); + _logger.LogTrace($"Writing Private Key for {configInfo.JobCertificate.Alias}"); + pemWriter.WriteObject(keyPair.Private); + streamWriter.Flush(); + privateKeyString = Encoding.ASCII.GetString(memoryStream.GetBuffer()).Trim() + .Replace("\r", "").Replace("\0", ""); + memoryStream.Close(); + streamWriter.Close(); + _logger.LogTrace($"Private Key String Retrieved for {configInfo.JobCertificate.Alias}"); + } } - } - // Extract server certificate - var beginCertificate = "-----BEGIN CERTIFICATE-----\n"; - var endCertificate = "\n-----END CERTIFICATE-----"; + // Extract server certificate + var beginCertificate = "-----BEGIN CERTIFICATE-----\n"; + var endCertificate = "\n-----END CERTIFICATE-----"; - logger.LogTrace($"Start getting Server Certificate for {configInfo.JobCertificate.Alias}"); - certPem = beginCertificate + - Pemify(Convert.ToBase64String(store.GetCertificate(Alias).Certificate.GetEncoded())) + - endCertificate; - logger.LogTrace($"Finished getting Server Certificate for {configInfo.JobCertificate.Alias}"); - } - else - { - logger.LogTrace($"No Private Key get Cert Pem {configInfo.JobCertificate.Alias}"); - certPem = CertStart + Pemify(configInfo.JobCertificate.Contents) + CertEnd; - } - - logger.LogTrace($"Creating Cert API Add Request for {configInfo.JobCertificate.Alias}"); - var sslCertRequest = new SslCertificateRequest - { - SslCertificate = new SslCert + _logger.LogTrace($"Start getting Server Certificate for {configInfo.JobCertificate.Alias}"); + certPem = beginCertificate + + Pemify(Convert.ToBase64String(store.GetCertificate(Alias).Certificate.GetEncoded())) + + endCertificate; + _logger.LogTrace($"Finished getting Server Certificate for {configInfo.JobCertificate.Alias}"); + } + else { - Action = "import", - CertificateType = "pem", - File = configInfo.JobCertificate.Alias.Replace(".pem", ".pem"), - FileHandle = configInfo.JobCertificate.Alias.Replace(".pem", ".pem") + _logger.LogTrace($"No Private Key get Cert Pem {configInfo.JobCertificate.Alias}"); + certPem = CertStart + Pemify(configInfo.JobCertificate.Contents) + CertEnd; } - }; - logger.LogTrace($"Making API Call to Add Certificate For {configInfo.JobCertificate.Alias}"); - apiClient.AddCertificate(sslCertRequest, certPem); - logger.LogTrace($"Finished API Call to Add Certificate For {configInfo.JobCertificate.Alias}"); - - if (!string.IsNullOrEmpty(configInfo.JobCertificate.PrivateKeyPassword)) - { - logger.LogTrace($"Creating Key API Add Request for {configInfo.JobCertificate.Alias}"); - var sslKeyRequest = new SslKeyRequest + _logger.LogTrace($"Creating Cert API Add Request for {configInfo.JobCertificate.Alias}"); + var sslCertRequest = new SslCertificateRequest { - SslKey = new SslCertKey + SslCertificate = new SslCert { Action = "import", + CertificateType = "pem", File = configInfo.JobCertificate.Alias.Replace(".pem", ".pem"), FileHandle = configInfo.JobCertificate.Alias.Replace(".pem", ".pem") } }; - logger.LogTrace($"Making Add Key API Call for {configInfo.JobCertificate.Alias}"); - apiClient.AddPrivateKey(sslKeyRequest, privateKeyString); - logger.LogTrace($"Finished Add Key API Call for {configInfo.JobCertificate.Alias}"); - } + _logger.LogTrace($"Making API Call to Add Certificate For {configInfo.JobCertificate.Alias}"); + apiClient.AddCertificate(sslCertRequest, certPem); + _logger.LogTrace($"Finished API Call to Add Certificate For {configInfo.JobCertificate.Alias}"); - logger.LogTrace($"Starting Log Off for Add {configInfo.JobCertificate.Alias}"); - logger.LogTrace($"Finished Log Off for Add {configInfo.JobCertificate.Alias}"); + if (!string.IsNullOrEmpty(configInfo.JobCertificate.PrivateKeyPassword)) + { + _logger.LogTrace($"Creating Key API Add Request for {configInfo.JobCertificate.Alias}"); + var sslKeyRequest = new SslKeyRequest + { + SslKey = new SslCertKey + { + Action = "import", + File = configInfo.JobCertificate.Alias.Replace(".pem", ".pem"), + FileHandle = configInfo.JobCertificate.Alias.Replace(".pem", ".pem") + } + }; + + _logger.LogTrace($"Making Add Key API Call for {configInfo.JobCertificate.Alias}"); + apiClient.AddPrivateKey(sslKeyRequest, privateKeyString); + _logger.LogTrace($"Finished Add Key API Call for {configInfo.JobCertificate.Alias}"); + } + + _logger.LogTrace($"Starting Log Off for Add {configInfo.JobCertificate.Alias}"); + _logger.LogTrace($"Finished Log Off for Add {configInfo.JobCertificate.Alias}"); + } + catch (Exception ex) + { + _logger.LogError($"Error in Management.Add: {LogHandler.FlattenException(ex)}"); + throw; + } } } } \ No newline at end of file diff --git a/a10vthunder-orchestrator/api/ApiClient.cs b/a10vthunder-orchestrator/api/ApiClient.cs index 2544660..891fd87 100644 --- a/a10vthunder-orchestrator/api/ApiClient.cs +++ b/a10vthunder-orchestrator/api/ApiClient.cs @@ -1,267 +1,418 @@ using System; using System.Collections.Generic; -using System.Diagnostics.CodeAnalysis; using System.IO; using System.Net; -using System.Reflection; using System.Text; - +using a10vthunder_orchestrator.Api.Models; using Keyfactor.Logging; - using Microsoft.Extensions.Logging; - using Newtonsoft.Json; -namespace Keyfactor.Extensions.Orchestrator.vThunder.api +namespace a10vthunder_orchestrator.Api { - [SuppressMessage("ReSharper", "ConstantConditionalAccessQualifier")] - public class ApiClient : IDisposable + public sealed class ApiClient : IDisposable { private static readonly Encoding Encoding = Encoding.UTF8; - public virtual string AuthenticationSignature { get; set; } - public string BaseUrl { get; set; } - public virtual bool AllowInvalidCert { get; set; } - public string UserId { get; set; } - public string Password { get; set; } - - - #region Interface Implementation - - public void Dispose() - { - LogOff(); - } - - #endregion #region Constructors public ApiClient(string user, string pass, string baseUrl, bool allowInvalidCert) { + Logger = LogHandler.GetClassLogger(); BaseUrl = baseUrl; UserId = user; Password = pass; AllowInvalidCert = allowInvalidCert; } - public ApiClient() + #endregion + + public string AuthenticationSignature { get; set; } + public string BaseUrl { get; set; } + public bool AllowInvalidCert { get; set; } + public string UserId { get; set; } + public string Password { get; set; } + private ILogger Logger { get; } + + #region Interface Implementation + + public void Dispose() { + LogOff(); } #endregion #region Class Methods - public virtual void Logon() + public void Logon() { - ILogger logger = LogHandler.GetClassLogger(); - + Logger.MethodEntry(); var authRequest = new AuthRequest {Credentials = new Credentials {Username = UserId, Password = Password}}; var strRequest = JsonConvert.SerializeObject(authRequest); try { + Logger.LogTrace($"Logging Login Request JSON: {strRequest}"); var strResponse = ApiRequestString("POST", "/axapi/v3/auth", "POST", strRequest, false, false); + Logger.LogTrace($"Logging Login Response JSON: {strResponse}"); var authSignatureResponse = JsonConvert.DeserializeObject(strResponse); - AuthenticationSignature = authSignatureResponse.Response.Signature; + Logger.LogTrace($"Auth Signature Response: {JsonConvert.SerializeObject(authSignatureResponse)}"); + AuthenticationSignature = authSignatureResponse?.Response.Signature; + Logger.LogTrace($"Auth Signature: {AuthenticationSignature}"); + Logger.MethodExit(); } catch (Exception ex) { - logger.LogError($"Error Authenticating: {ex.Message}"); + Logger.LogError($"Error Authenticating: {LogHandler.FlattenException(ex)}"); + throw; } } - public virtual bool LogOff() + public bool LogOff() { try { + Logger.MethodEntry(); ApiRequestString("POST", "/axapi/v3/logoff", "POST", "", false, true); + Logger.MethodExit(); return true; } - catch (Exception) + catch (Exception ex) { + Logger.LogError($"Error Logging Off: {LogHandler.FlattenException(ex)}"); return false; } } - public virtual void AddCertificate(SslCertificateRequest sslCertRequest, string importCertificate) + public void AddCertificate(SslCertificateRequest sslCertRequest, string importCertificate) { - var certData = Encoding.ASCII.GetBytes(importCertificate); - AddCertificate(sslCertRequest, certData); + try + { + Logger.MethodEntry(); + Logger.LogTrace($"Ssl Certificate Request: {JsonConvert.SerializeObject(sslCertRequest)}"); + Logger.LogTrace($"importCertificate: {JsonConvert.SerializeObject(importCertificate)}"); + var certData = Encoding.ASCII.GetBytes(importCertificate); + Logger.LogTrace("Got Cert Data Adding Certificate..."); + AddCertificate(sslCertRequest, certData); + Logger.LogTrace("Added Certificate..."); + Logger.MethodExit(); + } + catch (Exception ex) + { + Logger.LogError( + $"Error In ApiClient.AddCertificate(SslCertificateRequest sslCertRequest, string importCertificate): {LogHandler.FlattenException(ex)}"); + throw; + } } - public virtual void AddCertificate(SslCertificateRequest sslCertRequest, byte[] certData) + public void AddCertificate(SslCertificateRequest sslCertRequest, byte[] certData) { - var strRequest = JsonConvert.SerializeObject(sslCertRequest); - var requestArray = Encoding.ASCII.GetBytes(strRequest); - - // Generate post objects - var postParameters = new Dictionary + try { - {"json", new FileParameter(requestArray, "a10.json", "application/json")}, + Logger.MethodEntry(); + var strRequest = JsonConvert.SerializeObject(sslCertRequest); + Logger.LogTrace($"sslCertRequest: {JsonConvert.SerializeObject(strRequest)}"); + var requestArray = Encoding.ASCII.GetBytes(strRequest); + Logger.LogTrace("Got requestArray..."); + // Generate post objects + var postParameters = new Dictionary { - "file", - new FileParameter(certData, sslCertRequest.SslCertificate.File, "application/octet-stream") - } - }; - - // Create request and receive response - var userAgent = "Keyfactor Agent"; - var webResponse = MultipartFormDataPost("/axapi/v3/file/ssl-cert", userAgent, postParameters); + {"json", new FileParameter(requestArray, "a10.json", "application/json")}, + { + "file", + new FileParameter(certData, sslCertRequest.SslCertificate.File, "application/octet-stream") + } + }; - using (var responseReader = new StreamReader(webResponse.GetResponseStream() ?? Stream.Null)) - { + // Create request and receive response + var userAgent = "Keyfactor Agent"; + var webResponse = MultipartFormDataPost("/axapi/v3/file/ssl-cert", userAgent, postParameters); + Logger.LogTrace("Got webResponse..."); + using var responseReader = new StreamReader(webResponse.GetResponseStream() ?? Stream.Null); responseReader.ReadToEnd(); webResponse.Close(); + Logger.MethodExit(); + } + catch (Exception ex) + { + Logger.LogError( + $"Error In ApiClient.AddCertificate(SslCertificateRequest sslCertRequest, byte[] certData): {LogHandler.FlattenException(ex)}"); + throw; } } - public virtual bool AddPrivateKey(SslKeyRequest sslKeyRequest, string importCertificateKey) + public bool AddPrivateKey(SslKeyRequest sslKeyRequest, string importCertificateKey) { - var keyArray = Encoding.ASCII.GetBytes(importCertificateKey); - AddPrivateKey(sslKeyRequest, keyArray); - return true; + try + { + Logger.MethodEntry(); + Logger.LogTrace($"sslKeyRequest: {JsonConvert.SerializeObject(sslKeyRequest)}"); + Logger.LogTrace($"importCertificateKey: {importCertificateKey}"); + var keyArray = Encoding.ASCII.GetBytes(importCertificateKey); + Logger.LogTrace("Got keyArray..."); + AddPrivateKey(sslKeyRequest, keyArray); + Logger.LogTrace("Added PrivateKey..."); + return true; + } + catch (Exception ex) + { + Logger.LogError( + $"Error In AddPrivateKey(SslKeyRequest sslKeyRequest, string importCertificateKey): {LogHandler.FlattenException(ex)}"); + throw; + } } - public virtual void AddPrivateKey(SslKeyRequest sslKeyRequest, byte[] keyArray) + public void AddPrivateKey(SslKeyRequest sslKeyRequest, byte[] keyArray) { - var strRequest = JsonConvert.SerializeObject(sslKeyRequest); - var requestArray = Encoding.ASCII.GetBytes(strRequest); - - // Generate post objects - var postParameters = new Dictionary + try { - {"json", new FileParameter(requestArray, "a10.json", "application/json")}, - {"file", new FileParameter(keyArray, sslKeyRequest.SslKey.File, "application/octet-stream")} - }; + Logger.MethodEntry(); + var strRequest = JsonConvert.SerializeObject(sslKeyRequest); + Logger.LogTrace($"sslKeyRequest: {JsonConvert.SerializeObject(sslKeyRequest)}"); + var requestArray = Encoding.ASCII.GetBytes(strRequest); + + // Generate post objects + var postParameters = new Dictionary + { + {"json", new FileParameter(requestArray, "a10.json", "application/json")}, + {"file", new FileParameter(keyArray, sslKeyRequest.SslKey.File, "application/octet-stream")} + }; - // Create request and receive response - var userAgent = "Keyfactor Agent"; - var webResponse = MultipartFormDataPost("/axapi/v3/file/ssl-key", userAgent, postParameters); + // Create request and receive response + var userAgent = "Keyfactor Agent"; + var webResponse = MultipartFormDataPost("/axapi/v3/file/ssl-key", userAgent, postParameters); + Logger.LogTrace("Got webResponse..."); - // Process response - using (var responseReader = new StreamReader(webResponse.GetResponseStream() ?? Stream.Null)) - { + // Process response + using var responseReader = new StreamReader(webResponse.GetResponseStream() ?? Stream.Null); responseReader.ReadToEnd(); webResponse.Close(); + Logger.MethodExit(); + } + catch (Exception ex) + { + Logger.LogError( + $"Error In AddPrivateKey(SslKeyRequest sslKeyRequest, byte[] keyArray): {LogHandler.FlattenException(ex)}"); + throw; } } - public virtual SslCollectionResponse GetCertificates(string certName = "") + public SslCollectionResponse GetCertificates(string certName = "") { - var strResponse = ApiRequestString("GET", - certName.Length == 0 - ? "/axapi/v3/slb/ssl-cert/oper" - : $"/axapi/v3/slb/ssl-cert/oper?name={certName}", "GET", "", false, true); - var sslColResponse = JsonConvert.DeserializeObject(strResponse); - return sslColResponse; + try + { + Logger.MethodEntry(); + Logger.LogTrace($"certName: {certName}"); + var strResponse = ApiRequestString("GET", + certName.Length == 0 + ? "/axapi/v3/slb/ssl-cert/oper" + : $"/axapi/v3/slb/ssl-cert/oper?name={certName}", "GET", "", false, true); + Logger.LogTrace($"strResponse: {strResponse}"); + var sslColResponse = JsonConvert.DeserializeObject(strResponse); + Logger.LogTrace($"sslColResponse: {JsonConvert.SerializeObject(sslColResponse)}"); + Logger.MethodExit(); + return sslColResponse; + } + catch (Exception ex) + { + Logger.LogError($"Error In GetCertificates(string certName): {LogHandler.FlattenException(ex)}"); + throw; + } } - public virtual string GetCertificate(string certificateName) + public string GetCertificate(string certificateName) { - var strResponse = ApiRequestString("GET", $"/axapi/v3/file/ssl-cert/{certificateName}", "GET", "", false, - true); - return strResponse; + try + { + Logger.MethodEntry(); + var strResponse = ApiRequestString("GET", $"/axapi/v3/file/ssl-cert/{certificateName}", "GET", "", + false, + true); + Logger.LogTrace($"strResponse: {strResponse}"); + Logger.MethodExit(); + return strResponse; + } + catch (Exception ex) + { + Logger.LogError($"Error In GetCertificate(string certificateName): {LogHandler.FlattenException(ex)}"); + throw; + } } - public virtual void RemoveCertificate(DeleteCertBaseRequest deleteCertRoot) + public void RemoveCertificate(DeleteCertBaseRequest deleteCertRoot) { - ApiRequestString("POST", "/axapi/v3/pki/delete", "POST", JsonConvert.SerializeObject(deleteCertRoot), - false, true); + try + { + Logger.MethodEntry(); + Logger.LogTrace($"deleteCertRoot: {JsonConvert.SerializeObject(deleteCertRoot)}"); + ApiRequestString("POST", "/axapi/v3/pki/delete", "POST", JsonConvert.SerializeObject(deleteCertRoot), + false, true); + Logger.MethodExit(); + } + catch (Exception ex) + { + Logger.LogError( + $"Error In RemoveCertificate(DeleteCertBaseRequest deleteCertRoot): {LogHandler.FlattenException(ex)}"); + throw; + } } - public virtual HttpWebRequest CreateRequest(string baseUrl, string postUrl) + public HttpWebRequest CreateRequest(string baseUrl, string postUrl) { - var objRequest = (HttpWebRequest) WebRequest.Create(BaseUrl + postUrl); - return objRequest; + try + { + Logger.MethodEntry(); + Logger.LogTrace($"baseUrl: {baseUrl} postUrl: {postUrl}"); + var objRequest = (HttpWebRequest) WebRequest.Create(BaseUrl + postUrl); + Logger.MethodExit(); + return objRequest; + } + catch (Exception ex) + { + Logger.LogError( + $"Error In CreateRequest(string baseUrl, string postUrl): {LogHandler.FlattenException(ex)}"); + throw; + } } - public virtual HttpWebResponse GetResponse(HttpWebRequest request) + public HttpWebResponse GetResponse(HttpWebRequest request) { - return (HttpWebResponse) request.GetResponse(); + try + { + Logger.MethodEntry(); + Logger.MethodExit(); + return (HttpWebResponse) request.GetResponse(); + } + catch (Exception ex) + { + Logger.LogError($"Error In GetResponse(HttpWebRequest request): {LogHandler.FlattenException(ex)}"); + throw; + } } - public virtual string ApiRequestString(string strCall, string strPostUrl, string strMethod, + public string ApiRequestString(string strCall, string strPostUrl, string strMethod, string strQueryString, bool bWrite, bool bUseToken) { - var objRequest = CreateRequest(BaseUrl, strPostUrl); - objRequest.Method = strMethod; - objRequest.ContentType = "application/json"; - if (bUseToken) - objRequest.Headers?.Add("Authorization", "A10 " + AuthenticationSignature); - - if (!string.IsNullOrEmpty(strQueryString) && strMethod == "POST") + try { - var postBytes = Encoding.UTF8.GetBytes(strQueryString); - objRequest.ContentLength = postBytes.Length; - //This is for testing on an Azure VM with an invalid certificate - if (AllowInvalidCert) - ServicePointManager.ServerCertificateValidationCallback = (a, b, c, d) => true; - using (var requestStream = objRequest.GetRequestStream()) + Logger.MethodEntry(); + var objRequest = CreateRequest(BaseUrl, strPostUrl); + Logger.LogTrace( + $"Request Object Created... method will be {strMethod} postURL will be {strPostUrl} query string will be {strQueryString}"); + objRequest.Method = strMethod; + objRequest.ContentType = "application/json"; + Logger.LogTrace($"Use Token {bUseToken}"); + Logger.LogTrace($"AuthenticationSignature {AuthenticationSignature}"); + if (bUseToken) + objRequest.Headers.Add("Authorization", "A10 " + AuthenticationSignature); + + if (!string.IsNullOrEmpty(strQueryString) && strMethod == "POST") { - requestStream?.Write(postBytes, 0, postBytes.Length); - requestStream?.Close(); + var postBytes = Encoding.UTF8.GetBytes(strQueryString); + Logger.LogTrace($"postBytes.Length {postBytes.Length}"); + objRequest.ContentLength = postBytes.Length; + //This is for testing on an Azure VM with an invalid certificate + if (AllowInvalidCert) + ServicePointManager.ServerCertificateValidationCallback = (a, b, c, d) => true; + using var requestStream = objRequest.GetRequestStream(); + requestStream.Write(postBytes, 0, postBytes.Length); + requestStream.Close(); } - } - - //This is for testing on an Azure VM with an invalid certificate - if (AllowInvalidCert) - ServicePointManager.ServerCertificateValidationCallback = (a, b, c, d) => true; - var objResponse = GetResponse(objRequest); - using (var strReader = new StreamReader(objResponse.GetResponseStream() ?? Stream.Null)) - { + Logger.LogTrace($"AllowInvalidCert {AllowInvalidCert}"); + //This is for testing on an Azure VM with an invalid certificate + if (AllowInvalidCert) + ServicePointManager.ServerCertificateValidationCallback = (a, b, c, d) => true; + var objResponse = GetResponse(objRequest); + Logger.LogTrace("Got Response"); + using var strReader = new StreamReader(objResponse.GetResponseStream() ?? Stream.Null); var strResponse = strReader.ReadToEnd(); + Logger.MethodExit(); return strResponse; } + catch (Exception ex) + { + Logger.LogError($"Error In ApiRequestString: {LogHandler.FlattenException(ex)}"); + throw; + } } - public virtual HttpWebResponse MultipartFormDataPost(string postUrl, string userAgent, + public HttpWebResponse MultipartFormDataPost(string postUrl, string userAgent, Dictionary postParameters) { - var boundary = $"{Guid.NewGuid():N}"; - var formDataBoundary = $"------------------------{boundary}"; - var contentType = "multipart/form-data; boundary=" + formDataBoundary; - - var formData = GetMultipartFormData(postParameters, boundary); - - return PostForm(postUrl, userAgent, contentType, formData); + try + { + Logger.MethodEntry(); + var boundary = $"{Guid.NewGuid():N}"; + Logger.LogTrace($"boundary {boundary}"); + var formDataBoundary = $"------------------------{boundary}"; + Logger.LogTrace($"formDataBoundary {formDataBoundary}"); + var contentType = "multipart/form-data; boundary=" + formDataBoundary; + Logger.LogTrace($"contentType {contentType}"); + var formData = GetMultipartFormData(postParameters, boundary); + Logger.LogTrace("Got formData"); + Logger.MethodExit(); + return PostForm(postUrl, userAgent, contentType, formData); + } + catch (Exception ex) + { + Logger.LogError($"Error In MultipartFormDataPost: {LogHandler.FlattenException(ex)}"); + throw; + } } - protected virtual HttpWebResponse PostForm(string postUrl, string userAgent, string contentType, + private HttpWebResponse PostForm(string postUrl, string userAgent, string contentType, byte[] formData) { - var request = CreateRequest(BaseUrl, postUrl); - if (request == null) throw new NullReferenceException("request is not a http request"); - - // Set up the request properties. - request.Method = "POST"; - request.ContentType = contentType; - request.UserAgent = userAgent; - request.ContentLength = formData.Length; - request.Headers.Add("Authorization", "A10 " + AuthenticationSignature); - //This is for testing on an Azure VM with an invalid certificate - if (AllowInvalidCert) - ServicePointManager.ServerCertificateValidationCallback = (a, b, c, d) => true; - // Send the form data to the request. - using (var requestStream = request.GetRequestStream()) + try { - requestStream?.Write(formData, 0, formData.Length); - requestStream?.Close(); - } + Logger.MethodEntry(); + Logger.LogTrace($"postUrl {postUrl}"); + Logger.LogTrace($"userAgent {userAgent}"); + Logger.LogTrace($"contentType {contentType}"); + var request = CreateRequest(BaseUrl, postUrl); + if (request == null) throw new NullReferenceException("request is not a http request"); + Logger.LogTrace("Request Created..."); + // Set up the request properties. + request.Method = "POST"; + request.ContentType = contentType; + request.UserAgent = userAgent; + request.ContentLength = formData.Length; + Logger.LogTrace($"ContentLength {request.ContentLength}"); + Logger.LogTrace($"AuthenticationSignature {AuthenticationSignature}"); + request.Headers.Add("Authorization", "A10 " + AuthenticationSignature); + //This is for testing on an Azure VM with an invalid certificate + if (AllowInvalidCert) + ServicePointManager.ServerCertificateValidationCallback = (a, b, c, d) => true; + // Send the form data to the request. + using (var requestStream = request.GetRequestStream()) + { + requestStream.Write(formData, 0, formData.Length); + requestStream.Close(); + } - //This is for testing on an Azure VM with an invalid certificate - if (AllowInvalidCert) - ServicePointManager.ServerCertificateValidationCallback = (a, b, c, d) => true; - return request?.GetResponse() as HttpWebResponse; + Logger.LogTrace($"AllowInvalidCert {AllowInvalidCert}"); + //This is for testing on an Azure VM with an invalid certificate + if (AllowInvalidCert) + ServicePointManager.ServerCertificateValidationCallback = (a, b, c, d) => true; + Logger.MethodExit(); + return request.GetResponse() as HttpWebResponse; + } + catch (Exception ex) + { + Logger.LogError($"Error In PostForm: {LogHandler.FlattenException(ex)}"); + throw; + } } - protected virtual byte[] GetMultipartFormData(Dictionary postParameters, string boundary) + private byte[] GetMultipartFormData(Dictionary postParameters, string boundary) { - byte[] formData; - using (Stream formDataStream = new MemoryStream()) + try { + Logger.MethodEntry(); + using Stream formDataStream = new MemoryStream(); var needsClrf = false; foreach (var param in postParameters) @@ -293,12 +444,18 @@ protected virtual byte[] GetMultipartFormData(Dictionary postPar // Dump the Stream into a byte[] formDataStream.Position = 0; - formData = new byte[formDataStream.Length]; + var formData = new byte[formDataStream.Length]; + // ReSharper disable once MustUseReturnValue formDataStream.Read(formData, 0, formData.Length); formDataStream.Close(); + Logger.MethodExit(); + return formData; + } + catch (Exception ex) + { + Logger.LogError($"Error In GetMultipartFormData: {LogHandler.FlattenException(ex)}"); + throw; } - - return formData; } public class FileParameter From 9121cf1111c7f2557969dbaa456dd422f7cb1a0e Mon Sep 17 00:00:00 2001 From: Brian Hill Date: Fri, 24 Jun 2022 12:19:18 -0700 Subject: [PATCH 08/20] Refactor Changes --- a10vthunder-orchestrator.sln | 50 ++++++++++----------- a10vthunder-orchestrator/Jobs/Inventory.cs | 2 +- a10vthunder-orchestrator/Jobs/Management.cs | 2 +- a10vthunder-orchestrator/manifest.json | 8 ++-- 4 files changed, 31 insertions(+), 31 deletions(-) diff --git a/a10vthunder-orchestrator.sln b/a10vthunder-orchestrator.sln index d85f138..7504fcb 100644 --- a/a10vthunder-orchestrator.sln +++ b/a10vthunder-orchestrator.sln @@ -1,25 +1,25 @@ - -Microsoft Visual Studio Solution File, Format Version 12.00 -# Visual Studio Version 16 -VisualStudioVersion = 16.0.31702.278 -MinimumVisualStudioVersion = 10.0.40219.1 -Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "a10vthunder-orchestrator", "a10vthunder-orchestrator\a10vthunder-orchestrator.csproj", "{0E9426F8-B45E-4266-BB6C-7942D1B6B650}" -EndProject -Global - GlobalSection(SolutionConfigurationPlatforms) = preSolution - Debug|Any CPU = Debug|Any CPU - Release|Any CPU = Release|Any CPU - EndGlobalSection - GlobalSection(ProjectConfigurationPlatforms) = postSolution - {0E9426F8-B45E-4266-BB6C-7942D1B6B650}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {0E9426F8-B45E-4266-BB6C-7942D1B6B650}.Debug|Any CPU.Build.0 = Debug|Any CPU - {0E9426F8-B45E-4266-BB6C-7942D1B6B650}.Release|Any CPU.ActiveCfg = Release|Any CPU - {0E9426F8-B45E-4266-BB6C-7942D1B6B650}.Release|Any CPU.Build.0 = Release|Any CPU - EndGlobalSection - GlobalSection(SolutionProperties) = preSolution - HideSolutionNode = FALSE - EndGlobalSection - GlobalSection(ExtensibilityGlobals) = postSolution - SolutionGuid = {C9CA0496-DCB2-49B7-9D70-A6B1DACB282F} - EndGlobalSection -EndGlobal + +Microsoft Visual Studio Solution File, Format Version 12.00 +# Visual Studio Version 16 +VisualStudioVersion = 16.0.31702.278 +MinimumVisualStudioVersion = 10.0.40219.1 +Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "a10vthunder-orchestrator", "a10vthunder-orchestrator\a10vthunder-orchestrator.csproj", "{0E9426F8-B45E-4266-BB6C-7942D1B6B650}" +EndProject +Global + GlobalSection(SolutionConfigurationPlatforms) = preSolution + Debug|Any CPU = Debug|Any CPU + Release|Any CPU = Release|Any CPU + EndGlobalSection + GlobalSection(ProjectConfigurationPlatforms) = postSolution + {0E9426F8-B45E-4266-BB6C-7942D1B6B650}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {0E9426F8-B45E-4266-BB6C-7942D1B6B650}.Debug|Any CPU.Build.0 = Debug|Any CPU + {0E9426F8-B45E-4266-BB6C-7942D1B6B650}.Release|Any CPU.ActiveCfg = Release|Any CPU + {0E9426F8-B45E-4266-BB6C-7942D1B6B650}.Release|Any CPU.Build.0 = Release|Any CPU + EndGlobalSection + GlobalSection(SolutionProperties) = preSolution + HideSolutionNode = FALSE + EndGlobalSection + GlobalSection(ExtensibilityGlobals) = postSolution + SolutionGuid = {C9CA0496-DCB2-49B7-9D70-A6B1DACB282F} + EndGlobalSection +EndGlobal diff --git a/a10vthunder-orchestrator/Jobs/Inventory.cs b/a10vthunder-orchestrator/Jobs/Inventory.cs index d07052e..0202c0c 100644 --- a/a10vthunder-orchestrator/Jobs/Inventory.cs +++ b/a10vthunder-orchestrator/Jobs/Inventory.cs @@ -24,7 +24,7 @@ public Inventory(ILogger logger) protected internal virtual string Protocol { get; set; } protected internal virtual bool AllowInvalidCert { get; set; } protected internal virtual bool ReturnValue { get; set; } - public string ExtensionName => "A10VThunder"; + public string ExtensionName => "VThunderU"; public JobResult ProcessJob(InventoryJobConfiguration config, SubmitInventoryUpdate submitInventory) { diff --git a/a10vthunder-orchestrator/Jobs/Management.cs b/a10vthunder-orchestrator/Jobs/Management.cs index 64636e9..076aa07 100644 --- a/a10vthunder-orchestrator/Jobs/Management.cs +++ b/a10vthunder-orchestrator/Jobs/Management.cs @@ -37,7 +37,7 @@ public Management(ILogger logger) protected internal virtual string CertStart { get; set; } = "-----BEGIN CERTIFICATE-----\n"; protected internal virtual string CertEnd { get; set; } = "\n-----END CERTIFICATE-----"; protected internal virtual string Alias { get; set; } - public string ExtensionName => "A10VThunder"; + public string ExtensionName => "VThunderU"; public JobResult ProcessJob(ManagementJobConfiguration config) { diff --git a/a10vthunder-orchestrator/manifest.json b/a10vthunder-orchestrator/manifest.json index ae853b9..ef7f4ad 100644 --- a/a10vthunder-orchestrator/manifest.json +++ b/a10vthunder-orchestrator/manifest.json @@ -1,13 +1,13 @@ { "extensions": { "Keyfactor.Orchestrators.Extensions.IOrchestratorJobExtension": { - "CertStores.vThunder.Inventory": { + "CertStores.vThunderU.Inventory": { "assemblypath": "a10vthunder-orchestrator.dll", - "TypeFullName": "Keyfactor.Extensions.Orchestrator.vThunder.Inventory" + "TypeFullName": "a10vthunder_orchestrator.Jobs.Inventory" }, - "CertStores.vThunder.Management": { + "CertStores.vThunderU.Management": { "assemblypath": "a10vthunder-orchestrator.dll", - "TypeFullName": "Keyfactor.Extensions.Orchestrator.vThunder.Management" + "TypeFullName": "a10vthunder_orchestrator.Jobs.Management" } } } From 51f1eed8053dece32626dd4b8332a551f7da9c3e Mon Sep 17 00:00:00 2001 From: Brian Hill Date: Fri, 24 Jun 2022 15:27:32 -0400 Subject: [PATCH 09/20] Fixed Error Handling --- a10vthunder-orchestrator/Jobs/Inventory.cs | 16 ++++++++--- a10vthunder-orchestrator/Jobs/Management.cs | 32 +++++++++++++++------ 2 files changed, 36 insertions(+), 12 deletions(-) diff --git a/a10vthunder-orchestrator/Jobs/Inventory.cs b/a10vthunder-orchestrator/Jobs/Inventory.cs index 0202c0c..d144f8c 100644 --- a/a10vthunder-orchestrator/Jobs/Inventory.cs +++ b/a10vthunder-orchestrator/Jobs/Inventory.cs @@ -1,6 +1,5 @@ using System; using a10vthunder_orchestrator.Api; -using a10vthunder_orchestrator.Exceptions; using Keyfactor.Logging; using Keyfactor.Orchestrators.Common.Enums; using Keyfactor.Orchestrators.Extensions; @@ -62,8 +61,12 @@ public JobResult ProcessJob(InventoryJobConfiguration config, SubmitInventoryUpd _logger.MethodExit(); if (ReturnValue == false) - return AnyErrors.ThrowError(_logger, new InvalidInventoryInvokeException(), GetType().Name, - "Inventory"); + return new JobResult + { + Result = OrchestratorJobStatusJobResult.Failure, + JobHistoryId = config.JobHistoryId, + FailureMessage = "Error Invoking Inventory" + }; if (Result.Errors.HasError) return new JobResult @@ -79,7 +82,12 @@ public JobResult ProcessJob(InventoryJobConfiguration config, SubmitInventoryUpd } catch (Exception e) { - return AnyErrors.ThrowError(_logger, e, GetType().Name, "Inventory"); + return new JobResult + { + Result = OrchestratorJobStatusJobResult.Failure, + JobHistoryId = config.JobHistoryId, + FailureMessage = $"Inventory Error Unknown {LogHandler.FlattenException(e)}" + }; } } } diff --git a/a10vthunder-orchestrator/Jobs/Management.cs b/a10vthunder-orchestrator/Jobs/Management.cs index 076aa07..d0a4f51 100644 --- a/a10vthunder-orchestrator/Jobs/Management.cs +++ b/a10vthunder-orchestrator/Jobs/Management.cs @@ -4,7 +4,6 @@ using System.Text; using a10vthunder_orchestrator.Api; using a10vthunder_orchestrator.Api.Models; -using a10vthunder_orchestrator.Exceptions; using Keyfactor.Logging; using Keyfactor.Orchestrators.Common.Enums; using Keyfactor.Orchestrators.Extensions; @@ -61,9 +60,12 @@ public JobResult ProcessJob(ManagementJobConfiguration config) { _logger.LogTrace("Entering APIClient Using clause"); if (string.IsNullOrEmpty(config.JobCertificate.Alias)) - return AnyErrors.ThrowError(_logger, - new ArgumentException("Missing Alias/Overwrite, Operation Cannot Be Completed"), - GetType().Name, "Management Add/Replace"); + return new JobResult + { + Result = OrchestratorJobStatusJobResult.Failure, + JobHistoryId = config.JobHistoryId, + FailureMessage = "Management Missing Alias/Overwrite, Operation Cannot Be Completed" + }; ApiClient.Logon(); InventoryResult = CertManager.GetCert(ApiClient, config.JobCertificate.Alias); @@ -89,7 +91,12 @@ public JobResult ProcessJob(ManagementJobConfiguration config) } catch (Exception e) { - return AnyErrors.ThrowError(_logger, e, GetType().Name, "Error Adding Certificate"); + return new JobResult + { + Result = OrchestratorJobStatusJobResult.Failure, + JobHistoryId = config.JobHistoryId, + FailureMessage = $"Error Adding Certificate {LogHandler.FlattenException(e)}" + }; } break; @@ -102,13 +109,22 @@ public JobResult ProcessJob(ManagementJobConfiguration config) } catch (Exception e) { - return AnyErrors.ThrowError(_logger, e, GetType().Name, "Error Removing Certificate"); + return new JobResult + { + Result = OrchestratorJobStatusJobResult.Failure, + JobHistoryId = config.JobHistoryId, + FailureMessage = $"Error Removing Certificate {LogHandler.FlattenException(e)}" + }; } break; default: - return AnyErrors.ThrowError(_logger, new UnSupportedOperationException(), GetType().Name, - "Management"); + return new JobResult + { + Result = OrchestratorJobStatusJobResult.Failure, + JobHistoryId = config.JobHistoryId, + FailureMessage = "Unsupported Operation, only Add, Remove and Replace are supported" + }; } _logger.LogTrace($"Finishing Process Job for {config.JobCertificate.Alias}"); From d069df197f1fc0631683c83b2b38ecb059206f53 Mon Sep 17 00:00:00 2001 From: Brian Hill Date: Mon, 27 Jun 2022 15:14:37 -0400 Subject: [PATCH 10/20] Image and Overwrite flag changes --- Media/Images/CertStore1.gif | Bin 0 -> 13757 bytes Media/Images/CertStore2.gif | Bin 0 -> 14542 bytes Media/Images/CertStoreType-Advanced.gif | Bin 0 -> 15281 bytes Media/Images/CertStoreType-Basic.gif | Bin 0 -> 19143 bytes Media/Images/CertStoreType-CustomFields.gif | Bin 0 -> 14708 bytes .../Images/CertStoreType-EntryParameters.gif | Bin 0 -> 13016 bytes Media/Images/CertStoreTypes.gif | Bin 18181 -> 0 bytes Media/Images/CertStores.gif | Bin 10374 -> 0 bytes Media/Images/ConfigWizard1.gif | Bin 21043 -> 0 bytes Media/Images/ConfigWizard2.gif | Bin 23568 -> 0 bytes Media/Images/ConfigWizard3.gif | Bin 26551 -> 0 bytes Media/Images/ConfigWizard4.gif | Bin 20245 -> 0 bytes Media/Images/ConfigWizard5.gif | Bin 14080 -> 0 bytes Media/Images/ConfigWizard6.gif | Bin 9307 -> 0 bytes a10vthunder-orchestrator/Jobs/Management.cs | 21 ++- readme_source.md | 135 ++++++++++++++++++ 16 files changed, 152 insertions(+), 4 deletions(-) create mode 100644 Media/Images/CertStore1.gif create mode 100644 Media/Images/CertStore2.gif create mode 100644 Media/Images/CertStoreType-Advanced.gif create mode 100644 Media/Images/CertStoreType-Basic.gif create mode 100644 Media/Images/CertStoreType-CustomFields.gif create mode 100644 Media/Images/CertStoreType-EntryParameters.gif delete mode 100644 Media/Images/CertStoreTypes.gif delete mode 100644 Media/Images/CertStores.gif delete mode 100644 Media/Images/ConfigWizard1.gif delete mode 100644 Media/Images/ConfigWizard2.gif delete mode 100644 Media/Images/ConfigWizard3.gif delete mode 100644 Media/Images/ConfigWizard4.gif delete mode 100644 Media/Images/ConfigWizard5.gif delete mode 100644 Media/Images/ConfigWizard6.gif create mode 100644 readme_source.md diff --git a/Media/Images/CertStore1.gif b/Media/Images/CertStore1.gif new file mode 100644 index 0000000000000000000000000000000000000000..01f7b691d2e7f270adad6917f6d56c6eb12c5f45 GIT binary patch literal 13757 zcmV;uHA2cqNk%w1VK)Nz0e1iZA^8LW00000EC2ui05<~n0f+wp{{R30002(_8!rGa zR{&6^0CvV3A5j}JLl-1;7dK}BCx90`j29Od9~nJ2Cnqa<$152aFE1}RTaP$jvpEcM zJ3T!*J8C>ZOFBS zz3Gj{^^hfZkUedZK3SJf0FhZem2QKPcwm*4n39~vn!>=6&-|Z57n)`~pLkoFgt(QM zt)ip1n!eMfP5`M|53681rFA`}lY*nEl%=oGrN!#9$EB_+%A-_Nsb5>GV05u|KC5zy zuZ?T5ijJ$5ov4(+vY()`rL(Ki)2Y<-u;l-=HFC35aN4BilvuM+*UCXwu+qZDz z%AHHMuHCzM^XlEpx3Ay7fCCE_OiwI5X!HgvUd*_$({X3o{mksw(Z-vbL&<+d$;f3z=I1PuD3VwK(`Sa-6?&Idj9a?|hGPz$%KE3_>__6OZ z=ERAa`DFQHO@IHCaBUedt6SvN-slfvBM<YxyG5dK#BS(l`PCdx|%Nw|kk7ZuFm4?UY|pe0_k(s_=RR(v&% zExZb=DW{`?Dy@u8=6ENGYTctn1sVu*);wvT@MT&1AjuXz?i3qfJ0kug51Wvh+K!G# zw(}m5MUoq6t!DX14x(%A;|sR{6B-Mo&vq)MSOupwWV@y^oL0I2PHS;=)jm05j6H5z z0VHW924*pBR)I}`$7+C#m|yU@13k-BumiY!K631#WUaR+xAAi6sFgNg^K6?th^X_G zD8!4FqTCMKuR46(Dd+@{SHNIkHnkNCrlr4@hxtjq5RjJT{)9$rBPjx_8K)NLNh zw54+p8YrXXI8Jz?gI55 zxU$+$%te#KO{$K7b#pm}TWJRLyThOg-YF&OaW3r)Uwk{!Tc0z@UZ;8pC_qXVa{?tr)Xkexm>A=$Cz9&Ae8THf_B zv&cgW_rsg8^fjq}98YE1Y#%2}6gl33u7A+30)A3g)}#QjtU>N9Q)?3p z93i5Fxu=BwH6$JlXV@+xf+(I=AfzTWEn`1+c&tyj36$ zw+Q1cY{90&J&%L6`e4!A1us)QkAfhZm^WZGIZTu>QTrkb1)(6uF%r*&0s96b+7u!m zvay1Bidm2lqN?fB_qK7yuVF7PA%UK>h zh`bQC5tZeLN2-+8FOO9~27kk22W45x#GUPSYqC-<49QDcKI>47EDJA734+Fv>`E|r z#4j^R&Ew#SX}KGvwPb5QTpc=`hdfKy_vGa#MZ1J-jR`a34!IM5KumT%H-{Bs%Xh13rk07mfa=pk`N7Q zY)U1%6*%pDR+2*2R!}f1-L0dv`V~mm2}{R`&s5y7f;!n0$A4%mo>8R-?!1+=XI#xJ z_#mDNlqR}i_R}2#8Q4|#;W0nulyux8Yog4WsA9;WUC)x6PzSr4QYDIP84!csaFr=_ zuqgv^umvJgl`B}1%YI@=LOWU+Qgq_19>lAF5!|3RDeU7`8OQ`Qm=&wTnl7{M0RAnO z$^@(O;gD=FQ0$c|D>*R`K^gVnm1y0d1S{nVYXdclY%5R&+7gVHCjiAQEMZE*S{FBl zedo@ubfy5QgN|2P!O1L(GOEEK7@Vc5IDOhCclxbnZZxmA*vqK1ngwiaN&>(r7^^9T zcDM7ntM2N?tuGmlY5=~jf@zc8oPpyOiUoUa*#5)8H+8`OBi|GML9qX3B`U%xF%t{$kFo<~F;z zIvjhmoaYP}Hq-gec&-o@^UUWy!^qEo4)hh{Ea*b>+0KSew3ZRA=tdKk(T>5pn(iRYx>iV?lh=JZCy;0`qWD@HL6!FBUQ8d)f#d&tY@ttS=0K~_pvpu zcWoYB^ZM7{@inlAjU8bV``FPjHnNwkoa`dw+0c%*w5Lt&YFqo-*v_`Lx6SQtd;8nq z4!5|+P404=``qYGx4PHO?siujF3M)MyoVF-dE47J^}e^hZ{^z_L596% z1o1?-gW@NTxy)xy^P1cI<{+;z%jMx|dA}UzKo7dmhfegE>l{VU@I=pU~XPdm;jj`V^fyXk6=yWHmva;l#Q z8n+-jvEfelzWaUdb`QHZ^ge99|NZcY-+JIn)N(-^KJk!`e9#vkYquZ!@siKH=1)%f z3^hK`nBTnUN8j}4?f1n0Sg`g-54PtJW*UH*Ee8BzrUy_8j+y5JXXNaa7{? z*GPWF)qnEg*B<1?M?Ua1K8~P6U-}~NgVuY}2aHpHL2SkkgRluwq7FsC1S*gX_rL@g za0JyQqt_XACw_ao|94 zC&`8~Kz`%k3C{PI$q;|upae|*K#M^jolSRt;{bQV=YwmQe3Cht8;6JLm~rfgAgFf< zMc@Ql)eqBv1gFpj_s9=|AOpI94~I|#P7pg4c!3$XflP1(h!UImAOuS}mK?W&7Z8JJ z*_-YchBJT!!`YU}H-x;m2S_LjMOXuC_?%q`21Qs&6bhJYd6sFYd#eJTvY>k++J!~% z24fJJNE&(VnIE6m4@y`BH9$)a0}K=BWw@E7 zSbBC#iXWc`Xjhu0U@CQ6nroQ}Y+o9tXj*h*Y9C$dXJ?wGa5{ZHs&8)^r*=wnYnmQy z+Gl2Wr+zwgY=@ah$!q>u_os#mbkIN!NCyIg%4>CcsF2EWd8((3>Tf?6shC=FU>A0k zYNkNt*WuC z;5x2%A+F?lu5w|n=(?`g@~iCnu8*OveZ~`n#L+D*RQ*lu%yPYb4sVEHmT_0j{8OqtqN-Gu(6)!u(zfesFoQMYj4mX zu&3q^?%Hc0Oa5yXTWBv^9tSIDF$;PnJ8w1Xr8g^YIqRl7%XF;Pv%%J~x}$om*D!2> z53h$7=pX_{I%Y!4XHmNy)`xwjvVB0MhzdDX<5&6I5pFWp5Aw5+E}4 zAOQjJ24<1C*TH7-cozLo2#)v#y5P1Ta}PR@4T?x&hKPv&=(%1Mx}`~p_TYe?h_s07 zXphUd0s*;=JGnpW7ME)lMQSS5kOlo9399J@qWgXGK#%s=iFzx%l}NnyAOaud3akl` zC>Uw8{wo2t8@AAzyKSMAXVJU<@Vmh~yv6$tP5G4fc)HA+55#+YR*4DG5SxTWxn4HA zw2Kz>I~`TanJdr^tw4Z}*tzTLybL*-d8@qR+q~Hzq=O5j@_U<=_PDo;zufBc4>#>!$vbXlH0XwktP_PZl#<-TS^@^`}oX6ruacUfPVGOVS zfczIl9LVT8$b?L;hJ482n#hXWtj?y#kQ~X9Jjs+?$(EdO-Ac!eyvcRJ$ediPp8Uzd z8p@)~tE61YuX@U87OR)s%J_P#sU~XwcB-GMs)ov{srGWST+6nMshiqrx_rjG+{?b) z$FUa7bV|(1oW#wB%=T8O%G}Gp9Cpq;Z+#lgsv4-ktjVkPsMs8*%#0j0#?2M`&AlAX z)+EdK=FR4erszx@d(t&isCQ}!AGJa zcb+%r4N(|#4E=F!38uf;qbx_zZx@lpsn8-9(KYAMAqUbNH_=%7i!or)trq?b}@ zP(XuYaDxx+f^LX|G-}fk3X8Hx1!EY7P%5EeO@w5f3}SuQK4^m`00(U#1j}g+7oZ8Y zU=1jZbSf>+7srgwXnbu63oU4V#MzNQ`2o(@2~og&EjSLp5CTA*gD{DVAnA+1$cEo& z4LX1f+8CT<7=3@a3Te=d5{iqpcMIak+M$iwW(|gG&4z3J4c`cpKK_`4;xL@Z7!FJz zq236N!BBpvt%DlLmTM4&ZAp#YEqkk-VZV^v&^U|N01T!b4$>H&AbHt$m)Xf|aV`0h zYyH{bJ=(@Oj-Fkda2NvKP?9PrlI%AQB1w|Lu#-Ire3gKcw&&Yt{Q*8`2K&c@7YBXO zxQ1}K+;PZ}%hHq5IML9@e#HpkKB;`f4c==B;4)c$yB*d9ZsQ<6p2caCH{ONz9d`J= z&KM_{(dXYWF5&_XjRX#T)<6SqP?(Oe;B#4+ihvB~*M+v2n2WiF_h+3u2?k?WaVt2I z6;7TYiQzi^lQSuepzYkEfZ`#b;^^m?SRQ=Y8H0Y^mV{ZD{xN9g<+lboj^@2>#3OD&Hn02KIkMao9Y~ehr7bM+It*l0tY07%!ilgS5} zqQKQ5>WVdbqqq>GP`ZZV_l2I&p&x(@xi{G2=LlTQdtYsnhE3td5bkF!1Q)v2-p~eb zKn4Ac20%F1R#?|2UR;ztB&<@P|!fKJgWdRSg86eeQ0b9=& z5A60ABlcq-lx1I7XTKKSYZl|nzS*FCy2k?|q76vU225}Rj2HtPtdJfM1cRFoXb=Wm z1c5h5fE(EI?f`-as0@Xl25->$SDW}xiz0mA_daj1fv*<3TNZ`yyf)yPhxiZLp!lJ< z32?8FBR~wCXbvFo3tTi0T4E1GfRNwE4x#=pH{lDsP@e|g(wg>g`O{s7TW zlCFGSvi-9M;$1aJ|NiA`^3LHziWMzh#F$azMvfgle(ZP++BK3TO`b%VQsqjPEnU8Z z8B^v=nl)dJ1esIkPM$qMLTd+YC%-|PDhecM5Y`h+O*6gIhUK3>SeuYigg2sJDJLkh zMePSm>N*|Sh&7y;)gjn{1rH{qx3npyr#|i8#haHSxsf*g{skOZ@L<9)p^?*@Sn=YH z&~6Fc2``1PsohqzYikf44~hHA{r-zOwd&QhBmSYYAQkMSTn`PxQ}~bFJGG#(Aa#pS z;pWbt8UF?zd?K>K#f=|Fp4=uf;mw`%1PXcQyh}x#SSg3wpg(IfoEV`Tn(8Khzc5I3 zsFt5W+yB;mfwQNqziu;%Tq#$ZZPK?2xqAoiIROXEDJbO*L@+@G{Q`{B%1ds4}ik~i4rD)VrH^mjB zMRTq691SS*hnvet4Gy0!;Y!;K+e zkYXxsf>1&saK(jT4u{kMLWU=}5GL3lf=EIlhy0ml2aC>`0FfT-#kaFpU>E`sSMkwf zh!a}Fhl@UffB}+wC?=vEQteIm9b5I$Lk1v_)mGDNOHTA27!In{kB08qBAb4Wd8Z#< z<^cEQnDYUGvWSKLf%YAKdzh%7ZvWljv!I6_TIgv+u(_d#mHGJ}bvSq@Xj^Bl`DR2v^IkhSni zrm%n1BVa6o{w<4l!5$pwUB?kTxSWQ8-0( z;-&ggjC&1%Sy99yrpA;-E_Tt29)aQ)#W=^cYG~mU2L&G-WDPxfoQg@;N<Ha8k4)81>SZzFg6a zjQ)trTrws@zeHv-TlAqas;HPXI;JwEIZY2Gk$TXe#}=OnBH~cfo8LSRbIO>_ZI*~H z;6!IS0mDqtVN;vsq>xC|IZt{T<{IOCCp;n4&3g9JpC=J#^xUaWZvNAt{|sn5$w^QP z@$;Y$O=m(oH&BLF$e|F$C^aQ&Hi}ksLKn?wNRheGv31m=4+5!3Rr(^5qRgZqkw+Vf zK!Z4B=N7)%Nk0Zr11B)S1~{dNJRad1Ch{?*F!@FtR=QNdw6tU|^+-OH04#6hf;2fD z$W*own~JCtqLL27L{tsgm zfeGa*T2>LFfoxdAuQzzdI+$RBE94^$ZzzHZMrX&1hJy_=pn)T<@eMZ2RI}kw0u^X5 z0}L1e7iUFnOq{AMsCI-tF-UIK80Ig=nTGrHdw{-iSSZI+bc@C9CEjT3A#g6@OF%J^Pq#a7TPx@BPEc$4zm6xr#^U4kEhW zm@XPbK@#HN_!0(<7*2vb2 zJeR#}oLuwR&<4&qr#odPLa6V zIlGMaj%8#`Z`)g!KB8s71wQa6U4!2We73(8j>m*A+~IL-_`@ZR#)wbc;$N)z#Wjw_ zgcIE39|w8JMLu$pm)zuv1Y@~3zH%{UoaHYUsLEkJ^Cr5S<~OIX%yGVRj_RD}7wM6V zPCj&^2XZ7->i5qxlA?Cd!yn)F2R)dcbfsIQ9rtv&!L8lys{iBa6W2PsyPlD8i@NNO zvN_Aiad3yXgYB&K`OmL0EsN6w>pkbX(xLHmi~A$*ppHAw&u(_HkKH1JKPlo9mG+e@ zzM_sl6yrAzd4f{DP?FcU<>9IMK)GC}^c}KB`f*d9T>kZwPUS}(01YdlaRY=5IE%hn0?cSD^K zM^}o+JRwJmn@3f;$2+OViOWY*>c=|%*++@nyNmO?cO1L9yEwZu$gW$vi*vh$?7Dvh zC5fC9H{7|elen;(sAzD$pTo$7)5wXsfsXXZ8F4zOlR9DAI(5{Ds}s7SgUOgol96~j zykp6m^fi*i$(>|Ai{#0lq(`3w%Au@Cog~Vmbd!#g$)#kB_TIO9DyDwRFqoXv?>hOU8)HxwOl?sLQ+5 z%bv)~z4XhUD9gVTOc4pp!8FXf=*xw}2Q8?8#&pca%!Y`m!o#eP#PqiU!idFe%*muo z2(e6iOTnUY2+gd34*;spoRI#sW5Ntj1}W2p+5o~5BKS|DQj4&l0Vmjl>m)LwIf}meE4P|HB)EjQY9F%+&2xB6$3#x_v=Eyk3ab!= zhIq~q;KUK+hxOtIHXwo(l*9K_ua_x{Qm8-ywZVr-17&cFtY|XavMmS=LPnejbnq=$ zpo0h$4I>?!;q=hQ4E|9Ot<1t~&x0@rg-B5;+%Sc3GJCiISI~uO04y5KsvlJdPxOax z00m^ojBLmX(tyn(Jqj`1FsPwD@DxrJTpSSfnBt_;Jqb)E!~iGgDc0Q5JzTDJ2!UVN z1bB!7J9W*ga0`CWgJ4*%AbkfP;*U5LEZ7XvqnLybYYImYE;p|i7oCXLD)btEY zsWKp{kb)HLz$DWxeo%u9ct#=EfVA1qGu@7AaDpRbLcZaLHwDsaAeteih*0VrHhW4N=sV#3@h1qq#0VLga@NYH<{ zhc*&orYfvH-tZs+_cpV$ed_!K))^L4}&$Ktv{Ll(O z4~caUiq+V+!J<6K3*`dVQ zoc+n2<=LI|*`K}1pcPtmB-)}KJEfG$rDfWtb=s$eT1jdQnMGQ=Jld+&JF3N6kJZ|( z4cV^sT9O4@wG)Y`HQQJ^x*>uFY^chcW4e>Xwy2xBYl?!low<)xxRA6-p2S;_tjX}Q z+n1wAD}+d;YeZ0N)(}dq{xRgvR@9MS@sGez1e#!%pYrM(7R1QGfs?W?}{6 z!5vgX<6B26wg@X`A`J`;BNQS^H3)mao43M+QaFPsL*Lq1(>6`744Xoz$k;PNJv%^v zRh;Ap-i8RU02MHV`=o{-CWR3|WWIq1ZY%*DIL9K+hI{ydA6{ZHY~lk-!$)Mp&jkqw z-WUC94^aLy1xe9F{ z3bi=aym@8C2}Rw~vluSLCQD+3=9&&<060wmmMP{Kl!DHn1Z6hjb8NBzFldBM=vriG zmy+4mwGP;A5Aoqexf11rkOwfZ4o9E|!*YUxRoEV=jeE^kwxYA!P}lK0YLvzZESw5r z06v8Fhi&X-W$0ld4(4~*2VhWM=4IsnBZzkF2U6(iX&xeQya?~b%FBH?zwRT!RusT? zIKsYN2EIwe<}yvjImT`-$G$nprYy;(xyhZlf>dmlY}|=c$jw&A{==QP#N{Zq{YlD> zBh(h9y8X$%&D+1txyoHR*LF9(ZRnwVTfT!fxmC%SlkJyt$+H!1N1{o!HSDm}%Bw~0 z%RcVqMoQ&&?w5n^=w3Oc9q#MK?(Ej??Or6Rr0&ji+3z;Y=@xH`Bk%GS$mT|GoILMm z3Oepi+XwN7Pw)a5xY+x~@BG&9{pRof&Tkm-f=|%x%Tw=#%WXX2ZP;dvW2k^yz$QD% zrdp_gV~D&0_cz+k6Wa!kV{ijN5d#V*@ZWaG#|0D(UknZxln)Q_(?*nd^oI&ClnNN| z2DET<6YWAF?cex>S}>Ga_yj>|?^NpSLiudq@B$GhlVkAy0wAyPZ^P_D(QM#=0ZaxI zdVm2YM{>+%6mf*{L+NtaYjSK;Z3p3UMEUZb%<{nAa^X00L22`G40C83a{?)IF9&kd zM%^_JjyDGsKBq_4)(P{?J=@)hn3^f0rU*gzy)FA@UTMaQU_HAKYZ9sR*{ufPdut0I zfe8rCfacyU@$)Ag+fr-~wWOsD$<_ms)R*CpJI?lwyadbc^tZV_1h-KdvP18-m|Iz6lEnAOX%0 z>p;x+6A%YNumA~&g5QAn#L;{Rg8ok5m-0FH-PK&F zsj9l_NJ+B#Dpg75(}ZYd#hHdO_ZX3lJtCOtiZ1ZDX<1s;EcGX>$-4BZvdxa#Y*qIZ zafPPPT6^tPu3`&qlJXp)=i!jQ#ZlXf`)DguW-xssYrr}#N&N=hvvChEpY??i3c|>#1R}o$GOE)9EG}9tM z<4@D7`IB*K{s5EQM=+2X^;Pu1!1Yy1gFUv+*KAETRrFi~suxtF{n9aByv>x@bKCtd zIRxMRQagGd`AIE%yHv|3f;$bM;fdS(v*L{3=g-l0NB(x*id&v+J8NI=(KUXDd5jpF zbL7P_qH|Qa>8Wp;x#^v&3i{@xtB$(rwHMhAGVRa<_1^x_gS+RU9#cUr$DB1zz9;Xf)?!A1po29 z4RWx99{eB(Lny)#lCXp(JRu5GsKOPpu!SysAqWk4!5Px9hBeEe4Rff&9fk^rJp3UL zgNPL$3bBYrJmTq|hr}f^k%>fXA{3(t!6!K&!4d=x$lCg|n z8>1Q1sK%V3agA<#ZmX(T}^ z{<4vd{0Ac+DM>;`a*~$ZVC9=m51L^^ zrZThn5^8eOeK6@JIMa7bTWYhMAqgiszlqLnj?yLtY4UTRz5HiD?`cqf&U2v$y(T#ms?1n&02@%F$2WX{zV67Q0u(t%`a19q zd8oo4CiRCt{GiH$wyzQ8Fljqpfj$^0!yn5)pGf8L0`%cvA1d8IG~8j*boc=N5+_Be zAB53S`5{!I=8UB<^pS=NB!L`~sDK7u>eC8DRSW3Df)h4dh}U zR}}%&>VZ?ysDr0I?SMPxp$DqELmgu+EBcf=zot4>o3T`eKDw|z9QcD7@8CuS7<*Hi z;-jc!<>gsJ`i{D?FBke~L_c;>0g<-DAJT}dPdBlTNTBty=@TqdAzIjX#&QSl_(wa` z8raHqbqnR_C`BOKoRg+>r44N#V@10@k#a+%brq>IqOsbZ2I9AXMc;5uno`)tkFc{% zCNIfwjd!e;xskPL1yt(?)w1@lm_080lFPn1gth{n^@B*4fmeNCVITh0m1}FS%U$?+ z_q(?orbxTdos<3pxbH|uHgsA6_nH;H%iZkyXxb2{*)+cu*ugvKk=m`QkHUdnYIkL8 zV8f~s2Ia_T1*Fhe>tc7S!Z0Z>uf&D@PtQ$Uw71Fs!8ap ziMfhm0;_n%6NM!i2IISL$oRDA3vOipQCaM67^%jES^QiI(_XZdwHxgRE8cO_z-|?& zLiI;Fx{zI@-q@t{m~;CIY-LY6beKIZ^kBnwi-->Tl8AmUnja0zAwq-Ejh>{Wd2HcK z$JQ#9w)CYR$>}qDXVj>qG^j(}NK>DB)2t43*eb2+QNB9Sk<703`%pb=QQ|tqx9&Cj zbiHdr1KXRfF1E0Ttx0JXJAKyd2(z2L%493slERdB1&ryDYfD?(o|bjBHTlYB)6$jE z#&x-4o$7G28-L(#H@pM*>3Gw-fAg+4zM*&TeDm9M`|dZu75DFe6Z~$_K*qWYu5b*# zd*Kd0W5XXV@udxX;udFP#4oP#kA3=h8~-@Jwo++wcpT&=#}+-v@#&SbyyY%`Im}}& n^O@7U<~F}M&U3Ewo%6isKL0t;gD&);6TRq0KRVK59uNRKy7pKk literal 0 HcmV?d00001 diff --git a/Media/Images/CertStore2.gif b/Media/Images/CertStore2.gif new file mode 100644 index 0000000000000000000000000000000000000000..e52ddbe0008f48887e211a6bd3a7b43228577443 GIT binary patch literal 14542 zcmV;<`k5XKAQDMJPdeu^lzfzvzTSKT^ zTwGUjrCEcrTa43XJWXRgWMeygU_gpsLY81b#b8ZIU{=UqSeRf~s$^toVPd6WX`5hd zt7CD0U~iIj|omz;*W?TZX@j|`}a49JNp%7`*?ib6b$KUR!L zaE(@qjAl}cVR?yUm5FO*j(4h#eSVIAn~j~diKWYnvEquf(~ZOTlR9pZPh62%Je8G{ zmb%N5%=w%_ikv~RnPohjWQUo2W|@tuo}sjxsK%MS)tbZRrYfMKS8}XkJ*jn6qITP; zcRi$bilB?0p`xOsy3MD==%>%=rquYQ40EYmS+ZMlsa%ApUy`e8d8~Y6t9pE{hm)<0 zqOO&SvX|ehn!%^1k*KQGtGSk~yxX$J->%WVveMeF)bq3|%Cc6-v}c;OYl*UXJhO&q zwTVr)ie$8rcetL7v!<`Ht-Q6hy}7&6zvA|{D{{b4a=>kJyoHOuhRVK*Ou&*_zO=T$ zz{I=Fw8L+P!EVmQeVE3GJH?QW!Dv zLCKJP(UgnMl%>y_VauO%&83#iyS>oR)6$KX(2u{=kv!Cpde*C()~&44uYJ?EkJh)O z+OogV!kg8{snp88($KTp-QU`seBP>J;N8&TrHJIHnB=gn<+YLH!^Y#qt>@Il?6!03 z$D8ZdukYs0>g?_F#IpL%ko(@Q{@}{~{{9I50M`i|NU)&6g9sBAR7XeE!iEYXN}Ncs zqQ#3CGiuyOu$dN)AVV5-7YdI^i_aXMTxqc0B#G`kQ7Ra7Cd-=wn{~m-v*$yV0~rGK zNwlcZqYBl{88Z}VPjpp2I-QENCQX@CGwRG5k=wAZV8e({Vj%bpFp^txfRbL-yCySMM(z=P`^HW0V)_X}YikoL>eiXk|~XIOdd%mBVMBX(D1-K7+W>#bA)SfP*gj7Vg*BRQn9F&FZsitFU%EXqdC|h^S)t@M%M+akha2po3w_Wnx&4TG%>- z(E|mjguR8gEhL6|l-ubWst z1!sF$IgDPKsWLa`3~;1&)Z&8DM5k%Au_EJqO2uHOH)N4U8Y*s*i&e_)V)gLcr_$1< zsdCUQyYO<%Y0hkL{-y;p`hug{pvvkxK&L4*(x`TvSl}+qaLB`hG2Q2-rV8$8rfy%Y z3*vtJ%DD?lq=`q^q=RQ;*@Nk5wqdmz%O|OdA&x_+a=OsNVA9%csJPQRwe$u)!`FQ8eVC?wE>X(A?r?J^4#Xj!>hg2W zz-FZ`vW9A-bm{zG*P_|~%NW`eV=ounfid<{T)pnard!S6U;)zy@brVXOejn~9wwN7)q_u-gBIo_rNKyD?t8=Q)87cQun}f3T_lWP1V@O7W4XX=kn5ig zoueU)vB-!1+|k%!%H@L5E#_7)FvKmEcne$b$x+9nln5ngx4~2pcLpn<#}LCSoJrz| zBP3M;!@$HQ!odYEgx51Rm8!wCFo9bfOu<@JsRLS(Ph@1GEzZb+gaKd<3R-l70he?O8Niu?!WFQtVl|XhC#)fHR zoTCC(z#9;An5$cibO9hT~nBba>p~yh$dX>@}1$~r9KoztnYo| zLFoRtmoshUJy24yk(Q*H4YNr>Wf}`v(-ff%jp!J981jxq)D|iAVMExB@OI=pXha=T zyS2gdquY@u=azsjGoh&q?uZl*9##)fIO~{GOeQOjSFr63?F#GAB4LP_P!h`VYUs*` zGPq|L8~zDk1$)6aTS!IcQ3_}wG+<$p7Sy2*Mj2*fDoD3_9eHL-WHX=xJL@@5KFy#G zwx9!=xOL2$(g6!~1E@idXG0eRlbv>ONBa&j3|qu(nr_7cMPo+BNSNzj0Au3|gxRyf zFwP1~&_!MEiYCF1FqVT=(=7~pwRPkZXG%O3LAgrW0trzuUF?(D=o!9$N%E3u0{)du zE$F?rt;~vJ?bGGrhA-RpNot6(8LFaJ&`;7Mx6_)MRG*nSoB`^QY0^Szr~4eQ0&E+$ zD8wytk;6=3SG%V%)^-n*4qM!UP3gD=pz0xvTX=B1g(LP3S@!`p}3*bnv<(m_$4J(U6X`q$f@3 zN?ZEUn9j7O<4l_3Z2Hrn4z;L9P3lsc`qZF452{zq>Q=k@)v%7WtnaMqS=;*7xX!h% zcg^cJ*Sgoh4z{p|P3&U-`Parywz8Ma>}Izb+0Kr(w5Lt&Y9HIv*3P!Jx6SQnL%ZAH z4!5|+&FXKH``qYGx4IK;?sdES-SE~n@*d=7w_65I6(&4tdDF2 z+y`lfbH4k{@P<2_)ddfDzz6=1h)bN}ZeIAqH_q{nU)taj7x-ZQKrZnv#98AWPr1rh zE@+EOTnn@axyVnB?K|tkT?q$v@aWa-oU{Dr({{PcC+_o%*PPDz@I(NXzH}7mLe2R| zLjb%m>q{Pi=>aIfy$S6Psgps`pO9{ydl7&P0R8OJ7JA4ruJFaxzqBIeF?1r+_yT@S$511*oNKm8x?SUT0|Om?%Q{qf9J`^@J&3@|w4?R16*)1~4L zZ2)2EiMadXU!4y&Ed2o7T}L`Nv2+Lgz0ZLkJfI6-fWzNI?td72*&)ySWJ{jy3U5d{ zFfZqRe7^Q=&PNdrfC|x9JWFrh`Rmmjyy;h8&exwaG?xB8grZj?077f?Ukif7MAYbKqy34#PkT#207V7XXP6eNZQLLcn@V zhX-s%52nX-PN!!5Aa`{Tfmyc-4|sK_7YZ6+0q|E2MZk0gfCzDBd}a4~372>WAPlD0 z1W<>8;OBGsz<^md1|ukYrH6Ilr)Fe_0v^b8-G_o$w+a;)02)|vz94r?X90ERgS+<+ z_#lG~0Dt;-g%HPoL+5{NHVh3B3Iq6NJGcPTmw<8F&u4{$|Q|h%0G@ESP2>xn|qvcd?j~6-kLumu3mK zlQ_A1_(*X7n3SI;bQH&w(`Smdkcw@Fg4-Bp&PRQj5CAcGNrG4aeIR#V2aju(e(d0r zi0F}b*8qlK3v6i%Z{U)Dw|#LqXE#ZGWLE%d*_KKNg7|=YY!-X^aF=<>mV5bhWH*v) zR+c>ZeiR6l`p9%Q@RmH8i4j-;b)X7LnVFmRZ$w9MAct@#*AV3(m25VXh-sBlH+uSz zl`)x%0dN6W7nY8ReqQ$v-~g9wc6%T=lZMEWYj&GRNSC--aan1Ix|ocfNSlJUn#QS% zj2Hl?`45VjW{mlh!RZep7yuRiPyu~cl#XYKrZ+~ZR{it!w>6>nLmBgu) z7#RTFS8>(=me%QsWNDWFpqsi7cm<#Y02-i5a0P#tj4>H!by;x?D4+ovS;^>(Y6h4K z%AiURS5va9 zlR0>wV_BPpXMnlsk<96Mb*2w{$D?g_4;GrBw&{{q$Yxaem$iADa|vgM$z~Z^o$&ah zY<8O=3ZxH6jw<@4D|&QrrVk9L0Pt6X+$W=~DTRJ1k%uUj5n7ul7^Ql5j8CVB`B-t` zFpzIX4}u7bY8DR1rwjf_3W@UhfN~&|Sy=#{s0~Z^b%x4{YDN!<3WXRN0E_99S4wuS zr<0iKo#;0Rl(1$(dZ=J}s-uQ-3QB@Xz=0{Krtn#+1#k%5U<=tPo52~Uho}z)7yuyP zs&!bZ0WbrG@Ch6Up>EcqO9ui_kE&+US_jm+blW(k ziTSDfDR;m62V%LSD3A-=pmgL4lE6u^NsOWL`nJD#6=x~jXnhnBjm`?|2( zXRaH&v|GEB2e`JIyShtjxVyW)`@3y6yTCiVrz^a~d%TouyvVz}eXG38`@E=19ORG! zqzS#&{#&`yOTE{-y~Vo@(_6jV8@~6Nz2Gap=KH1Od%o(+vgy0N?hB^v`@Zsvy56h3 z^LxKa8Nc|uzgXzJ{QJNB=Dz?u!0#r&1bo2gX21x%z~QFA4E(^_mak&4d_#%A2cZv4hrT)wKS#?V_OaD2yjoX15Bk!jq!A*{## zfE>tqth;plylgDUh@8lAOvru=!iTKLkQ~WKEXSr>$jtl5lAOt!yv2+x9Wji_n;goD zOv#;V$;%7MqMXWrOv;=)yZ0~!C-4DcS7`cx2`3N(6mS9|P`ZAL%G^K>7k~&qd=4v+ z1p!9@A8-OGa1Je?3RkQSP9V%lybKQT!_X|vK^zR#T*l1o%y7)g*xSe_*aC+~4#-+) z_7DNZTg2(W2PE*r!O#HCe9hI;&CeXoN=(hxjL&*(&)?k1x3OpaZ~;r|4{mS*7qE*( zkOecq2ld(x5TFm^5OA&X58sdjQ^1k`kj@q90#Bz8jNk?KkN|NI0}1favvB^)3yHc$ z%nTDS&uZWU)k4qQa1JaG1SdcNUBC_c%nh*M1M2VuIPC#4%?-^E10RqBEFjFY@BuM^ z0@VTwAs}!++|%4}%{GnG6o3aj?EuUm&)k3xPtXPEAO#<=)ir(7AV3UJ@Btqn1ix(7 zXzkBc3c}@(_;LK+2-~l1v2SSMnxz`UzpbPy_1Zmg~>I~9(zz>~@4JBaFB=BY& z4boKC4<2m~ooWw$*A5P;53r!oN$JaBJ=VV*%rni;Hth%8kPQvc)lm)9rcDknO%6-_ z%S$~DugwjO@XoLR)j(|3Sj_^g{ncHK4o<+@x;+eTu+uh;2sX{tvi|VS>0k)l;0%+% z4dVa;szBFG3d*-kfUY)>aLAAc{a^%XrhJAC0{SrD z6i5U5@C`&j+3LK}en$-s$;H;Q657 zYhVRf?tm<9#K0^GD=^|$t=i43-7CJ$KTXdbzRe&m2s!Wt{(QbBCJw~Ru+3qe;&Gng z`b-WjUC&J-`ioAk)q8(mwvoZg7*y8M6w2}cbP zP( z=yT2u=>X$)-psZw%+s#Tyt6xhKFln@)!Z-(udU*+eeBhY+^o$F+fdVSe(r=BF{MQ>U#LgfE6z~B# zgYM33=-bQ;I$bT~(AFma*Y@lTNZs>BeF9Z51)Lt|aU5`-3@)3kkhuxlZ*~KlXX7^(|}4$Q$8gzxIpV$DRzsYR~p^-^6CmzFfb+ zaXo`OZW$j_>RBCec!@%{P>hV#C&YKXrK0# zzxj#Z#f*QzV9fcIkH(n)`3F43qL28bU;1y)!=a!0f4};yAJ9C!W;J}nxX%_j47{0N z`@Sz~z5n~duW7+Q{Kj8t#ee+D4{6E2{LcR0x_6)Z(m(ywU;Wm9{n#HD9&Gy0-~Fi8 z{N5k_ezwEnU;eTN{^p1>{zm8Ij*~!R_$801=pE{8+T?>fpYEM#S63TUcP;G<^>!$Bi*cm4IjQM)$d}) zehVXpOqOtD%9XV$Zk$=O)yI}SGya|YS@dX`m^YtBt+O*})}>e0Z5>;-N7Jco-&VMK z_HL2Gh{;ia~wQ(QEEu8rBl>QrolArt&*Ey*4x)$P}32_ z2R)gXwcdL{P^FwhxJeTcSx9)(kOwigP(5Pya1)(fGv=n8Ngi!v;fBdHGvF@BL6sYt z5mCouh8=#wL3N`3=t57QfiB2mjB9>VkRA@|HD1wx{m>hKr#2W>Z#pu7i-|#v!J3@WEjPJP+}J1n-)@G75`LiIc@fA58~$Sv^!yNnK!88+Lje}) zp54%=wjAy-hH$}52~Pka`-SRX9K(|SAhjOf?Q0m1SlXL9gdtqmjD7@ZqaYwAxor@H zUWkxjd6vPiHgY2y>uDp(RQ9OACGCrX>e&l#R=C>rEKfia+9Mql$2rzV9VSc&@veB7 z(42%EQ~1CMtdlM`VBiEyxZ8E41p$m?Ba}DTj@`JI#B@F35BjJ^4*DPk^QAIxq%8c3MVRZ#DD@JNP-v@_oha8-~&{sQ>RXFgGoq^93F7fr9>IKDdZps zs1m0TY?iB3bi$h097ZfcNvUs!GX|K_RD3w)DRtV+nb34lGpulwyRtLd(u&nCgwFPZD~w7 zLQ<2~^dKnBlS+94Q<<6tq&)>HNoZ1R=2LxwQhE`yHxD<*1O*YZ+OK!Uh|d#av1S(MI2-PtyF*;FUf@k zXk6SG@7O67_^?UzQ2`$Zx5q_Z3XoqiWF)Wl$W1PalBGsuC~x-3Rkn$gQNm;_L-xvD zo{5$(l8FG6+012jQ6`#z5iWz7uwQmFOvDV1HFt!}0jP7E<9yu)i$ouK5K;F^B9G~W zpbHlvG@uUsXAyx|%laro-!^jR03_lfdfqcz5zJ^LmV_T5_)ju)@##?Og3~d6bfhoR zjnGnBM3~O>ST_ymPV-|@?R(ORxL1Hi+k@8`IrWHB?ILglfCCnBHL$51Yfbk#B*FI9 zu>|A~QzI)~@VfLY2#|wQWP97)jux#^9a>1|!5=_4vzZ$mt!4f*Th`773A7_1Ehb!N zZx<;Wu+!m&CS7{pO$xT7$*t;hr+eM(c6YOtauR7{q#fA;&=gLjKIJj5Bgmj7zUM7& zVGq1-1uyed{hzDQl$jOY^+v{{i}kVLf!D!kO$K znRA^t@{Wun{OnSV?c0AGWJ;%d0UH^+++%8Xy>CR!LT-28Wy*KKW9088$$R04NqEH{ zo+OD^{1q8rcpKwb$C2NA(J_yb5}%mGpI@fPX1o-`ar^kIlOufdzkd4*Zk{c z-`v>G-u67M{q1!x-Q4fq_l-6E?}Z=I;1A#UF)aS^l^?Iq3Y5w!2ub|w=*ZSAT ze)hG$eeQSP``-t@dFR{v>6ahB&wzWI+ZzLCuoA7L>smq(Kw>F9j^Q8q~oZEWrdU2pD`l9u&eM z#K0GnKO#iJBs@SPWH^o!G|cnA2hfLIP`7>P{s3}&g)3yUV=yxg*bZn2fE~#Qf6zjV zV23ligX_o#O(?^QV220Dh&5aVNHa4R5d~m_1~|lsd{_iCyFxHTGk?&41=t~R&;UvM zhkPi5MvI3-{0CkrGcSCHNc_SwyFxlNw(ZyjJ-jqP+&?B1GAC@i!i&NwtinGG00A(y zGtdV>
IhceT{eelCpv_xCfKRE0L4G;iI2nSR&GbyA(1JDP57=eE%He=I=eHZ~# z3`SEVMnSwqPc%0#^oKME03BEdJuo*7I5Sw5Joi92Q$zGY0Q>r$jE2>M}#bcX{^u_?d0#t~W zG+;?}%ZNraw+(O+Y0!m96wR6}gDaGVWxORvaLn55Kgk@4hIIBLUM7*N|l%!j_6KFbM zf;tk7v;PwTRWigDWiw^ifI0lpFnmbUEK4)%MKxr@uFOcRl*XNu(Z_^KDkRk13;+Yz zA#+ekCA~C5)XPN-$F<>w;5ATfk9l~6FK3)Y@9rRV_3)W(l!C_rKV^vlaL{{Zn)@K#LW<5S= zrB)4;R^zMIY?Z)k9X@UKRtMx(`x95*K-F!_Br$#7*c(bQ{QC2mq`UQc1nbyv&Gs00P(K zgrD56S^JM*V5O~C+5&4@fPBhT#Kl*PMIc?<8qLLj*u`G_MIMdIV@$?lW5(Ld$Y|Wn z#)Y*0pi4;Gyj)*A#?%dmail^4(MmW3hhvO~6otiultvvm(2OjA{FG7tBU*X{y8_UM zrHg?KKrvasfEe%reaMGW`hYIrhXb$(WXP6$aDt93r38zzIBUT-BH#xSXaq};o*F)6POFv!31Y<^ zVxRQPvjt6ZTu!!}%dOnM)LhNhyiM55%Go5+Q8wF4dxgcE#B8zK008CNg=N*e-2uG= ze_%y#$jUW7Gpa^$8~I~Gh=J+p5n1>Hd+-5F zumnfOOq~0^v^QGPyO`Y{{G}&`#m!; z#E7*mGx+q{e}=SyTt+Xph+eQpMulK*L`hS_Mhu=?4ZbhJ<(|WZ9u$ifM!2PvO9NfV z2Q}a|aG~C!R2EaCwH{7HAU@yzJJA$f(G~^77mZO$q*3`j%`&^u993h@eO)7!+#$VZ z0rly2_T1e>NHo^zhQ!fS>_`p3N@NUxwJ}oK^~P5WheH%Zyw!k=?8SVRX#1jQHtU2P zn1dwHn-V#J9?%ErppiqP9#)bTAi>8{3W4rDwSE}i@)hR*gHt)x06M)iJMGl8-BX+H z(=z*0x7FG~MaxX|YAiOzMfK#5T;P9*2TB0c#7;!q+({~gL%Gyj{(Znp-1SBv0SDJa z+mbEjlYLd89ogV@S=aVh*iJv$p6#E-S=+u?+D2L3-fi6GS>OIv-fnH-*47&=*x)wq zY$fhmU2f(E?i74(YHe;^oo?!m?upgzz1rCA_U@sm*zex%@D}fhCGYZn*z-p3g;nqM zKG^nl?}3Hy_@3AKrtf#P@B3cY{MPStLC;6BHbzN}M zY?+2-H0p$OQ1Wzm1cdnhbCJu1&pXu8BK}%PyZ9v4hj`$4pckr6AA0aOz|ao>k{*Zvse{_Y2{?+1Sf6aVpdu<|#51w;SzH?Z|*e*&WmZV0mX zw?BROEr4%K`X5()Knsu;dDsGoVFCvdENJi`!h{MJGHmGZA;gFhCsM3v@gl~I8aHz6 z=*I`Zes>vS-tFSo3q~+`4!3?k#f|x8Qeu6EAN3_+{M4mosnfJgxHQ(x+3e z9yGf3?Ao_y$IgBG+S+jCb`39{E&1Z!zgNc!mh{)H?nlR0e|k83@IZT~m->@;f4i-h zpL72a7vNF`0{C8U0}{v_e!fM>)P%ZKSek*4Ge;FU)WM)iY{p5`Jv_Li zCwnsHqsJ;P)pLkYgBFTcnKRkAj05`QLrV=O?69Xk_!xnyVvRo5d&WR`r4BI(@L@X-qUO<3Xh3bdeG^x2B{ir+V$WQm?;K zi5gCN=JSRabyi|(oSodEPcv0efrq4nWLpCs`FK)86_tRS0~L0ZD~1(>9IMYgmoBTs zqAJxxNS&y#c`p9BnbN86yH)hzCpKQBG)p3Yl2b($TXZ)oq4*S$MGY4ua?c4A+@MQ6 zanumPsv2jZ1RrFi)Q$u05K_Yj$L2~^9|WB6-a01`;Hyf&dKQx~=O~-fJqPTma>p*` z6AK10Fd-?SnQp4`4eGdo!3p;&mGjOi_58C_)2`WOK5(EaPY>&Kl1QdX=rYdK`ouy; zK8wJO4-&cnnoZrYc#${U_l&I1EMDs~P7OOu0+zaP=fe%*nf49nJxeU!LrUZ@>@eaH zw|S2cDP^O$bb@AFguCNJYOAD;xQx#cx@hcfI}pT9Mm?xx+JfIzS2gy|#N#QnU^2nJ z5-=pJbpHF|kp|;K>_5=TEcDC#AZad48E<^q4dz%a+Hkn}D%*=Qq3)vh_yB0yexp4| z`#rc5Yd&vt+fq8A)KJN*@`OM0xi2N^QU%12_PK|NP8G|5Tc)mH9o4OZS@?Qgr0`*b zI3dFe7Sxz7?lA*5Jwp=2NW&^_Mit`uENtOxij9_+l5sQuQx>$9JNDo%eaItbRm0w< z^wEwQ`lp30#FIXdml#k9&~N6$m!H^_3i{=343fCwB;aR0YjL7}_lwgwdcX|oy(En2 zz(J@6s0(uJ;EGp7AOv64Fb1*-fmXaCqN+o|8)6V&3Am#qC}BZ;0OJRRBqa6FQG^r< z{?967(-{(z7$xN?iy0y4*Rq0$Lmj51hwk{{)q? zTI8S#VUV9LpU4b!y(?b1RLL?p$C7f)p`>@x$G>u51%at?lyRUKB2v-}b}cOaQ^N#< zH38*}l3D>(dc;@-y(uX*OkfrC*jf#=V6`~qgAcc&2NlHdg%&UplaAb`Bvs;xy_s(u zWQ@f%@ufL(qyQ`d-CtT^Vykt)f&dt(K@B#j5`;eO11Hd`KCRu>*f`- zuJSOg6wA{f7^X=gXE^wfU`iesKYT19gk)qNImjrF6v$GtmF<+-2t$u5Aa=8y1(Hhc zkpnkM!gsc0#37zh1k<*xI(UV=C98-lJROX6l(@(?@Dm!Z2Lnfer{*yS!h-mt^&8b`c=x$Jl~V_#MpC4l}x^X`l`n%^Ro zcPO-=XFS!z+yVP$MY(B_QXEX5{RFs54Cal9LWI_$WLP&HCJlZsOqu-_hQuTW%!&OH zVi8LQ!n%<#QCv(K7%NG@EPgPBcSGYC=eRUG&XSF9%%Z2T2rKd-vS{iL800XMxy*qYvzgPZ=G38i&2E14lH2T*D$}{n zcD^&7^Q`ARH{>>QhBKf89U3nSy3mF$@t+T^=tZ+K(TsjHr1?VVNK?AfQF64UGp%W= zOnTFv{`8hG4eC*oIwzejHL6K{>Qu9O)2nVZtSSBKSkrpZ!2S_Vt#hsGS?jvjZ|1eH zgKcJD3%l4~CbqGYEo5XXyV(q8wzH#cTWCwW+C-wZwX^*oY-_vQ+~Kyj89fRlxS-tT zJ~z74t?qTRyWQtT!YEuaZg7DPD_&eYRKX|zZj+1@! zyU^rDIK&N(1eQEJ;ug2}#7!;ghQs>e9=A73J}&Zh>xAJP2lU8Op6-yVyyY$^`NmJ4 zYL~a1CIMSbf@TE7s*aqhT zgTw)aa>I=tE>Hn>%`F3c&|_69aR(p(9(8oTzz*+m{>LZEZ2~v>qTDbb`_^4xy|m-N zcPTLk6f~<3v|F{_RIhr`0Y3M748jFiSV!Ywpi4k3KJN}IMk4BwcZ09p+%JHeGN3>M zfxY7EDVc}eQ&Ns{?_CEtg@fbuA&$&%-UWrH_u&!W>wqu54d_1BFZ7`e7aXhZm8U(z zJ6~?sub%CdsK>W7;Q|~mxd8kDg7=Y}#_3%6#oEEWz!scBx!@o1 z=|kN`O!no2^l=~O%^$nfU%Ex#3)B-JP+v0sxE}Q70|0v6_G#X^9U!}b-vTlq#JQd} z2p-v)o;lzh0kYuKap1Z!AG*yQOZWl_x&Zk}$_1v~xoM#7so?h|;LycjtMQ&LXx#*Q zLjdNT1qz`)6a&}s;0CHhyM3NMgx=`oLn-Kk^|`>@%|j6qAQGBj<6(j9F`)~t8w^Sz zs~OxDWSzVmgSoli1oB`3%AXjHq1%-oDAbehah*Q2!aA&>38(`0xj^5kggLZ90b)|! z;UN?X1qdU3)JZ?!iuA`?FoI5I9O6cP`@*^+aBR+1L zKW-yH_MQ_Zxq()9gL~f)q)g^TN6w^8>P1c7q)tLdOzxyljzv%Yq)C7XT+8CnYdDB0y^whsQ4fPb+b^D7ghN04p>DJvTRBH(!@E zYMeHV$U6W5ISX<>7gsqCg*g(FKPMMCC3iUzygDr-IWUMhFqJzqqC7l1J3dl8J##xd zls!a^IZdTHU$Qx1)I4c`JaDx^@PYW|uClXRTVO3b6PJfHo|BW4j+3m3m&}NwuZ5|UjmPtp404n_0FXRAkUMOeQgV@4Jd{^bm3Whvd|i;M z(3Z2RkG9s4z~zz8{hwbSrcMB(R6VC_c&2rfr>A$Kp`xg%#;LWGr`GhTTNbQdTdrPm zt7bi_bx^E;VyTmtsFcC4r?0BO&a318w{0A@ay+?tLbZ8!wUBkStb4MtvbMe1xaa=8 zYIC`10KAH0yN`{&lBm0>f4#oKyV&i$Q^Cf3dB=tU#+;ABt*^+kj=RX3&2EFsi$Kqj zR?n1#&6J|jr*F=tde5kp(9qM!+U3&Zx6Aka(vEc0kv!G1pw_;t*4Eb7_5RtTRo$Y8 z->+`n*XG{edgJ|+W!62{{8L#{{9I50MQ8?NU)&6g9sBUT*$DY!-o(fN}Ncs zqQ#3CGiuz(v7^V2AVZ2ANwTELlPFWFT*Dr?@%xwGfb zphJrujo2pX)2LIcUd_6-Ytg1(%brcUw(Z-vKgZ6^ySMM(z=Px7Exfq# ztDo(B`~U_hpm+KlQid>N6-b6FYyBsgKl5mnPGa+*vma;vY-Qnq9CoOhf@B;R7KjU~ z^`Ae?sG#DCD;8mxSpJlwf)3;S(+(sIw#APzRj?>TFnYa{3Mhu{vx$l=0OJXfllkLJ zk1Iw2 zq^SZL7rup}3OnrgCkqVn6U&M@Aff`Hbp07xtCgjkmKz_5UwSEGsA&Bu=codu)25vM zq+?jDWx=W9C}J5ZgD5X%h>oiK$qVg;8D1z)6^shIp;!@~^XpgL4jk6DVMRzVo5K`) zELi)b!XUlMsU%ewVqElnKBE8|1 zt-`-e3wtOIIe+E0{)+U1BR307{uB;=5zDnI?@yt6((HW|#R@>@$d-@8?#s!0$g*vzRrD zThG|_*I_f8rXKVxe5J8_4^8ZqOt(I*44_D^x7Onfnr2u#E|Y4IK(pfhf>HkK{S8TK|~G=a@#TAt-|${zxGo z_#wg>mGB?_&SRdi6qvNm9V%+9xDXFV_(SKNVH+_thKiOYJ{1T;91;tnS8~X{QKe6C zgrkCCB4xp8MPX_iRFM>L*fGxi;~htO75?UEo11~DEj!cG8rqaJ?=etzUcuK`#J9$? zi0^#=(ATnp_d8)7>?L(y`((!~ z*|Erp&sVqWSSa(8B2u#Hi{5h<5PQV0%ZV;_#tNP#!a}PS?2nGfM2#JBhPrnBPk;lA zoy+Fcy#~%n1$80|KM1!bvjp!9w*ZDXZ^0`uR;`bZoFvZ{*08X>l0WXC9}6VGD^EUB zd_(>S=Q!h}y?#AIQ7d9zuns8}8OcBx;#<~N@TpH=+=8Fz15}@mmL+%9D0yJ1()&~- ziH2rQ1qw~3NR@erFC7R}Ch8xXR@YC89m0{G%U{3lZ(z-rfo&Coo>=c zt+GUx^{FTbnzN@w#YDU3=`LS9T9hk-B~*}#WqpK7C|IhhCtcohskdV( zvS8Xqy7ji4=@K)yT2e2C^ej7L-NjPm)tKrPo5!pw4yJaoYGih-pcPAD!+O|tN-}I@ zoEdb%5-G_(?xl4ji##SluHbd{k**3@$BZ@FM1t2XECVaWjx+>bk;^k+hui*w zra-6TZGeHR($=xGEY9Q8qtO#Pn~kwFC>RH zt@E|x4hSXO8n}BT$#&0mjm+U-6Xdlsa+h~gh1QERcsrx|s=YAIPc~+pT1&Z3MP-`S zAPi&FSBZ}Zk`vM~{Yz!X^oLCsEK45KX}{s98rSvcC=KzDBsC>&BI`UA7JrNJN5NQ1|3C2kK|b8TF++7S6b6P zj<_N(h#8QHJd%pU$R@>ENefY?-->XMBMt*kbA!+`h{d*#wXJ9fo#r)*!1wGGEsG!4 zUQys+1hr#}EqGHDT)0(W!-W#=w~1W03da3a)pppbsaBD%B^~2-G*tyrfTFDj?wS+1 z;}!@{c*3V7tba;*em)4fErURY)Qj>99ChTE25(dE66}2!>|4dvH<M~$ zh06`&51i{fV9x-?#c%!$q$@ow6}NeFJr)*L1>NVkXemF!QHz{Io#1d+jf3J|nXz&^ z-@>K4-fc7Yy;~U^k>Hgv3rbhN8(ubjKfGdMhoy&xo8CF3KfUT#51iDq{`Ih@jq77i``Sysz_!o5?prha-TVIckLf+| zhfjRK2*3EqPrhA_ul(jaznRaEzV!9N{OMai`qjU__LKgf{q1`n_}%}$_;Vlr@tYs^ zf<*{lrVs#37yur?UyzYF zx3G0#u@ATKREJ>?Npu(dKnpJ5gs`+2_0WV&7y(!)7R>+wW08h@;SWnlhD?AL{Xhs! zNB~p7aYyKRNeC>a5QmBM3J7q9Wbq9Ouyl2y5B_lw03mQe^*{n=mKgpp4F@n~ZGjI> zumc{{1r&gXVUZ7WK#6Nn4`z5Vx}X8!#fE68hI`?Leux&H2#R7chl}tPmIwriaSvXV zhi*}QtOyqMFaWu*7W_bkdch7B5C8@cjQKGS^w5Zp*g7m!O60;1Miz}1V=s~ji)qmh zrcePWCx~Q$4@aPkb0LaPwGYGy7N{5&>zEh4m=@wlj%p!`V4)79co^oWi*Uh64X_{kzzN3)Wp=?2uW$gWkOBoMEZC3&Oo#*m5DHB| zZ2q7N37`$U(1Znvh!Y@?0g#dQ;0R2}{s6+@55;hd0U(k5Fbhm50AMhQb#V_Q0EPd6 zin8br2bqwgFosMRhxK3u1IcabumGR10R^xI)UW{rz*u3CkL;+5?T`jFa05BQhW>Ds z0dNA2poR~LkjPdS?+6xicm`l#0R>E=@pA93v?+8yg-*{W)FT)10}F5>d=I#0HOd5 zT_6CXK$6E|iBwQI;e@C^dM2K4X^fw-0X z`4wy!4+$`xfH{QWsh0q57kdICJq)`f_ zv1yxPlAC$Rk7T$2Im3$LxMcO%kX(5ekvIUP;1A>=0DZuw0&r&W;E3@s0&P&1M;Z>R zzzWbX0)v2vzxfaBfC2ulFsNtd4mS+MB8R z4|77xGD}K}rtWNw1E`rWlY1 zeoB$Z`44p(uyHW3gX#*@5Tx8yk+^^=>7Wa5>#!$!7ToBK+;uDyn;+y5v$?vdo!Si> z8>$oPv8;*-QksfftB$HTIfc-Qa`Be^IhZhutHHRdt*Q%z`?6t?wOfk`J*$eU3#_aw zw949$#L%o_v9z_jhM9Xii5s>yn61J>4Z!%iT#FBa;1%_t0>ZGHz4@E|5S(;Dkp>_N zr$P-D{=fwCU<4lJld4=J#{@9+ttKn()mEBxRL zqd*Vxy9VhH4qfoDb76^?2t1ky58uE5-E$2oun5MByvi$%q(Bb@DkcXywEMxakvpL$ z%MKoZAUhV!{iUV&;dZp1YH;doHzyCw{%OWP~3zAFbe!o3JJ?J`v8+nxB>n<7hU*;6Tof$ z`2Yq1Pym(C1dC9`S1c^A5CEpwluzjuk9#Z~i@{`B4pxAW3PzS@X#!~pL|_oI64|n( z$^^E$w2Q0(yNWDLpaA5Ov%(U^Q!KPlEX6!4yF{C#^6<$u(3boFlj5q&ZHbDATmsKH zggv+y{2&hf6d_(Q56@6S;-Ey)%w50$bkPhUs*=oxF%P!@aUC~tqVx{HunqGtLA7?d z*NS*mo6d4!v+~H!t8vUG*qa4Vx$w+;>wM4pjDz{S&;HDV{rt}Y4TJ+-(8nRq2A$A+ zfzS%w(09Sm4js{Q0nuwA0v3JI7@g4?z0n-q(H{NLAkEPd{d^Ry79oAoD4qV&D*e$T z?RR^eI=$08-P1n((?FdR?2=MJy%RNk)JUz;MZMHa-PBI~ z)KDGOQmqq1-O^Sa&jEeaT0I#hz13d*6yEo1vNmuATnx895MJLPvLb7Xu04LK_XV>(7U%EW84p7++&W%*0^Sdoz#=VBBR&o>{=N_f`EB3G@`+O31`r;@ z)6k0L9WcL*kip$g|IOv*4d`Pr<`90POfC$CF6C^n-@tkb@;&FV$Kz$O=VQ?ivVa1B zj*F6m-kHwbN$@3NfCHkW;bj*FWMBq>V2hBxMYJyF=}ivBJq-$;3G$8J_h189@Fhra z-=L0uk4@@g0qq+j?DRn2oX*{ZPV8TC=snZx$kODIs_TND=)&Ud{+-_W;03sl3B#1> z<<167?z_#ddZJDiq<#-bum<~K4{7kGyTDjQUL!}IEVtnY7mU% zuJFD--&i0gX%4q+4#mXA4-7Z&uh-nqP218fU7v9N;!5y4@qh$nzTmp;;0G?>_V5Qv zfaBUD@sMQexNeJ3Tm#h^>E^zm=?%9vpp_6#2{At7{n_UiE}R}u=Z_uRA^#P%ecQQ# z4{Y9_1>f}G_t^iC+N(|Vxk2q%|LI!4<6Ms%_<#g1KlWw6^=(htrTz8>82557fOKE? z{&)9yuYY>K_x9KKelLH3ANcM!_=K;1eV5dVzxa&b_>TYhkRSPyKlzkj`IdkAn4kHY zf7Dfd_;hXfp3mH8ANmOm`lRoDrhod{m-?!2eXQU5()aqXPtv15`+i;fwjbEIpZkQp z`@DbHzW@7*E&N(7`@}zdy+;qX5DCl=4E_H78OqQ6k>LE15&g~o{KtPEvnLLUpbZm} z4%(my;*c8L@BRM({^I`_<^TQRKmOTIfm|;RtMCu>fDYOajjQ1PSg!uFs}!yhcd%b3C1fnRV)ujI!iDjGaAfE(Aw-1VZV)UOuLdcF9{<@J z^$*{dZVJD(0a?)ACo)*hjO(WfCC7{#a~?&SROwQtO`Sf48dd64s#UFC#hMjlvSd!_ zDf)*_Q6932(EU?n^k2}SP5td+ne{8jvwvFV0J4TjMpR4nt$f7h(QDI zpTA;Q!tmjZM9CoDNy4nz_|43pLCXJxIpa%AkeVD#b7bwht;c?ySjHm)&o*w|{bnU0 zljx&$ZP;4_CL?6rzk5)`kh+_XPB)MB!X%kOKmL07LyX7%VN9P#uu#Gki5iK^u0|9g z1Bt<2s>48nTq^E3dU*4V579;>u|yM3L@`AZNoy*SbkIpHMs(7N#4d^~BEuE%=Bp>X zf2d*NA9kqtke5E*Vu>0qip1%gDUu@+A1`wGXPQ1ha*-n%ZLH`bm+r}en>mE(Q8yr~ zT+$zE)>|mcg|-B2jZ==?{$&cd^4rfPmjsN*2i@Y?0iK)ufyI)4@)^^hdvK^uLPKX7 z2T_9Vxq`os$Vv0GA&b0HMNdBkHB?bY?TkgHYSbpi)Y_}Dpu1pOZ<<94!e@+hV4?D# zdVWB%pGI=6#|L^CLl7qci^VdhR@ZthrS-_EVUQ|kmC063a#c*BW!pUHCU$n<#tUWc ztc=gZJ~G!;p>C>Gw`mn+6d^qM`@vONNa5~UyKpUNS5p54IADPX{?yc^T!c~8JZ4<> zRcCkGWs68Ao+OIKBYeUTf}1>hc!Y-X_K1p1 z4VH=z$JxpkpH>8CVEM z5)sj;5FseMO13&ULmJl5hP?BdQ^cVNZICP-+E4@w3AV!?{^N&1ED;fX2t*;qaD6v~ zVict~MXP*pDf9pa#(-fpfniaLTm+35C$>c@meGu7M5Ab|m_|0X(T#6}^Kg zj(5bPR_2&TKK9X%f5hV+0XaxQ7SfO%6yzZlxkyGf5>$zFWF#dyNlI2Rhn2)+CN;Uq zoIsM3p9Ezn0qIFmmeQ1`Od}~#xk^^Ha)YXLWh`Ym%Yea>mbb)ZE=OcbUG~zKzpM%` zf&Mv6ViuDl!ZcK75n}y`&H^n*5JBE{- z=R{{JFZmP_a>bqRgl9bEIZt}l)1LRlXFm10Pk#2(pZ^4CKm|Hbf)>=E2SsQ?6}nJ{ zHgujPoJup(kqm8A)S?%~Xht= zI#Zg~)T7BDol}sB4vN~;r#}U1P=z{Fq88PtM@4EeA2vX<4XXGLpTYx>os@REdTg=<{pI#;^Z)vh!>OH+7x{#U;C z)vtdAY+$eIRhil z*<+G+A(0hrYE`>h)*9Bd3W02EWjkBi*0!v#O-O8QyIbD&*0(^#EkbnrTjCbixX1ly za1SzE`4Z>XLR@b`MwXAdtLS5{3*Sp{Ct9JjvUGSFIyyqROc*%=i_O{o( zM^&$S-#cIW*4L-;Ev$X@yI=mA6u)}yZ-50n;EVp3DX1lIf)(6e11|-^3x;rnvD;v< zO4z~|t}cb!ieV0Sn7A57%7Z;TViJoM#78M{id8IH!ZzitD~5557n|4q1B-XOGRAR^ z|7zo>ide@#26B3H>R=m(#m7NLa*{DSWFkjpqDqExl$F}mr(Cn04#jeowY+66ciGEd z26LFjJZ3Wg6QWWvXFAoq<{PG&&2NVD?%W(_I@kGXbGCDy^^C(k_u0=G#Pgp8J?PB@ zn$U+vG*t|pXht_0tVMQoq$RCaNKe|*mp*N!F}-O_FPhVz{U64_)vp$(t6@FsYzosBUr<4=b^Qff(Aw9r7OyStaE^qW;|{$}2tTA#10@JzJ_wOi zROC^I8YJNijrw)A56R0f5L+SV_(DST;fE>Ahabi00YUVE2%i2W>M8ZGfuZ<8jUhZc zA-pjZzW%R<5$14ct4(yt>5D$&`tv>8lDC!z-<~D zkrF}p!HHR!nMh$FmhUGa8Cu-72#VdaFi4b8v=FkC9GJza5ounQ@sEIx5j&;TZ zjN@y$gsxT4g86j)>j%k4*co zu)vM5hd)pPpO_C0G&pP!1Gy`|eV~OTzyhm_{s$z;0sg?kbO1o^qmSl0l%)%TRu~g0 zq{1?23ma6!QVF(UE4E|1At}MOHKfDOur*whJQd)z8R~~rfDCHTh&mKRJJd8ODhDx8 z0&By#L1e_tkhMmHL_d1ONTkGaD#S{}#BIC8OytB-+Qd!-#XOqCP$Weu8pTpX#Tq)r zRAj|h`ova*#f`%)5un9dw8dM*#az_IUF5}H^u=EU#$Xi2VI;<4G{$2@#$;5+Wn{)? zbjD|d#%PqrX{5$zY^zs{#cXUdY}CeXL?mwX#&DD~a1_UKqzI0g9t zzx|*;e$=>Y%7-c0jdEB>tB4zp$Oko$mY1-DTmgxDXuo$;f-vwm0r3YgvPfFHCVY@S ziCCHeDUbt+jhuvx=J5~&S&j-B4*zhVg`5VuL5RJ$3G-Mb*CE$@TD9V^zHEuEoBv=Abn2&kslRpWRxkQ;jQ4%IW zkSFOCSa1*%w2=sbm4dj5UHK4gfCrQWx=t_@N%0j!VFy16owmqGVF<|z+>b$V2Qy)U ze(=kG08F(!wQ%x>cc29*z>of$+zYl?O-)dSs0o%~xjVQhj6GPy6-)@FY=gsFJjJ|+ zA#fKfxeJ%*9&!+tw+Irk#EE&R1yHyKAgImT6irZbv&fW7pb?7Jd`)2SnAv0re*lL+ zuu6kC%G_KJ#+V0R2!q`4P2emD;j9eeY!--AKK_Z6%xr_oD;tyx(6+o z4}X{jAn=vT$(+s!56?lF@R*yrxf_UKiJ6H_g9yoyv6(RnPMq=Y^I@MF*y3;-N(-7;^KNZwW8`MG#4Sh6JH$~J$1<*xh zRMB+QM~%ryl~jJD)Jnz2OU2ZB)YMIl$4>Rsb_CT>RmV{!RdWn9dbouz(j8T0Rf2KV zF@nicEhRitA|qlV+_}{wYNCJH)m)|3R+=*xItUngy)Ma-oDiAas7Ut{%h@fs&1&1{5fk$5b0m5IZkuH(>}JD!GR!7>Bv6 zIF2aWggD!%JqWNImcxl#?>UtH$jgIk5+Z>}{0N2*alL~*2!v6Xg*n^1P!ppQ9s2Ow z$kYw~u!IM!6$(Ugki8Y%aUk8=NJ+7^A+lALzi~fmfs~KI8~t#;Hn;~LL6X)alcw>^ z={rw*O^9vL7I?un#3dHq^%;xdPT8c;m#76?u$!b^-c(T-R^bvdIM;6Qm$mRq`k{}j zJ>IOnp7HfeS1{j+mEGBW#lc00&TW>rz}+wCUBcX5I_TZs)s5iAPGN|Rq9Nep#S$hn zh|WzK_Zy7o_21})&F-Yo!|Miqkc9~q+!xtghS3gvP=oL2fub1~*+XCcRo|K@V2ml@ z?u*^{&Bs@CoSMzpld(&-#h!0a+>cnwq*=SW&D(sal-(d1-2{mlP6(St86h~GfYttC zxILG~?S=@2Tx1E}K%52*=9{ol6|(so3l`#<@CTB4UDJ&R4+Wjny`C^8Vj)R5(}iLA zh1d4+SBEt?m@@XL05vQ*~!jgy(n$#d)S@PX4s#d&b0k z)@MrO=YEF7e+Fnq6zG8##DX?xIz;G%R>Os6=o)nBhgQIdmT2>%=!)jOi^gci)98)9 zx{mhfj05SA{1;FUllHZgR_R$|>6U)Amxk%J4Ahyf=bE-@e8%aV-e*lKSMWtw z&|FuJ@P}iNS)0HcYWQW4yk*8^ihL1epBli&2C!*al6A2AbFnS?Gg(m<8(_1kV%>R{)XUD2X<343tn125|+5^tZ?~ z3b1Bervpe4PK206AM{X<6poF?HcJdSSwb#rWjgDJ^_7?i3T2Rm{>G#UeOMk8C5TNq zxK1HVGtkK0D3n7P6T>EK3{3-M4TFzRJYDfyz;(T8NRu^@Y(JSey8YqIPNu59k?_3> z))W>@*$r@zgk%s3wkY0yX&S<`0WrXvc6rZ50O4FXJbOcIm*9tNkc4pf85GtR?~&}| z1>ov6?qb?(n)C=8sy z9N3xL^@i$nDVF!n*Z2me`Tm=`mg3ybe>gMT~%{N^;Z@37}kn!&SoB3B5V#ASZ{R>8di~bA#%Nu zi>OzFYgYLFaj9r#afRlDh~#TM>Vwc$xOR$VHi%<3)}IdFr%+cl&xvrpb*Fm8enkjW zCTnh9KYTUcVTX!R4xWYuoPdoCf;CTr?dF5<_JjTa_lG@oqL$dD-gZjE3Ytyg8g7e? zg$|Eh4v>A0k!6gMz3f81AC}E!orKxSW)G%S4X4f628Ngi4q3nR4*+pVpA1@^CEDXT zT91u)gYb8Rcv`e(l&;;4sy*Qex6C=%+Hr9C;_&6L-S-;93i>^W&h7Oax#70$$|wF2 zx$R+jv)jsqZM_ZMzWrO_cD)Tw7*+9L0c>86QCzw8nQnO8?0w?N?T5;(IB5R|pI=~; z;q0d$-8YW;rA*y9SY5VvUANcyoqx2RuU&H&ahcFx-JQt)1zxxiUiQV6M&=goRTb~W z`opE*#{JvPk=~A>-ng-c>jnFhF9_vL-u~|mU&D7_6F%MaRpXif{rA;(yuZetSKxxM z-=XOH+^wGe75o4u`~hC!i8){|r}_?NV4PKO?15g%pWw=e3k$|zEtZ**`QQ*nnGt4T z)E|BIwq+HD{)uVf^Syi3e=Hep4~(_l&@+>^t)3m8TO9}Drf1_Zc51T+8;UOri(mI9 z-azy3dMeI*3O(bE$l_5(2qXrGe*y(+12(XqCSm{T3F(&aO1FRh(*0xS1KvM#7vue) z=WkaVgu?RCiTE($#EKU)t{mv{CCr#IXVR=`^Cr%mI(PEy>GLPhphAZdEou~IvSdf; zDVnK>-ob<}{as5E=FGT%-`WWL{${357%f@1{~4jY%Q0r$6~T+V?1j7IP&Dmmosnf{Q2^v#>K6Q zxk?=LqtyS=L#GWL)ay7$XaBbyrud)tT9$9`{yqHo^5@h4DSf&kZ4}dKQ-r;KPvYda zUw{AIL|%CU>h}+S{spyOaR5ppo=>CD5PCB8Y!ifT59B^muk8xr!i*QDX5`}I^U$o-ts@jyE#u>~iV2xO5tcvZ$PA113ED#{WmY%aR#3KUNbT(CGd z#rdc~iar0<6Gb|({Jf7c`jk{wH|(%R4iRtV9hJKogPGG*{A;>m( zt3;31k>kY<6&~?o^xCao>Mgk9lFP75)F8p$+&0XsL|y!3BS|Vw zPAskb!2a7ViwLCrIQSxzi|8-SgG?A)0F9SEYUILD^+5Ck3-$}K<~sY4wjGtk@aB-t zE|t4PvOltLRnHgQ_yf)#g77nbK;sWf5Jo>b5ehBz!w|pt!AGQbv@ewJAJ@wsOpqpw zflY%7yXe?mjHieafvkNdT-5te(=vhRO>BC@7zQoah@bI>A`4-c4a=sq8gy(LH87gw zFhaTSsitz9JIE$}wvZfjV_^6|0uzZi4X*JcLMOc9pi*eT750M@TwBNu;zzR9*dY>$ z=pQ!bQU+J_qZn#b2tJ^Iy?TUEB2~FcRt8qJt8vaApWvCljux46$-;X?Y@@u$g~de* z{wiBcGG6)^Dak}R5=rq0!y4{3$xSlqP@McED3epkP?9o~qbwyVCwa4kU=lM}!z?B;adpgOGV@i-Y$h~O^~`8elWm?f z3O#O7q7zjpo7>c6HN)wnQ!0o+4w_Io8B`!~vU8l*9LjdO^PTV*$bzxM!WnuKlX_s` z3h|rCUHp-af6C-MFGC=d=&X;Raf>~w6nTWUm_ngpS31FC~)+Ep;(l|Nj?7h(v4K4q%bom4Us z=|BfgF^Z0KM1rR*d<*JS*N2em<6rrB3vd3>RHng{CT^VxT?O)yFAgNI>oHtJ?BPF{ z2Js(5{6^}KhP`R9ZmpiB(K~}uS8c=T~!#rzbXTL0;vZCVfsHwBqJe?-3Vbz z8k5w{B(;l$$!(2?JjIeUg43fQSptio&ob9gM{z4$OFLKI(k>o5NJk?^=pj&qG;{Q@ z2Vj|s+mIU8hA~O3Rjr6s!Cr)b1{B6-j61<`B=>O3Z7zO)6k4DF!>0a!!Rb?~xP5v~9%Vee1D<~%ls*P^NtwN@W{U1NDCulaJ?r!4b*{P2 zY(|cXOa#vQQ%!>)vSK?OhparS$9j;wEn*Jj$DoFT^mK$y#94i zd=2bj^F-LhKK4zFjqGJRm)Xt^^|PaGA!SRO+0?E!vagM8VrzTb!0xuUc@6Gx<9giW zrnR}x4eNBPo7L=YH>%$aZ&J&9-k`3xy*Z8Vd}Dgw{HCr^{b1 z&X~)*nl!I@G;facX6k(B$?Un$iwX3g2Xp8|@1@a?p39^wy_QUGdMuv~^;SxK>Zz={ z)k}%>tef)VT+g=Gzs~Kji~ZYVFT1$Uj`nh^eeLLO{=3`P4fnXad+v0Px83hf@4V~% z-hA)7zW)yRehYr^0581Z2afo}8+`GMPq^bB&+y1g{^69byu>e$`HE|P^BDI$+d+Tp zt&9Fzq%VE7PLFzDc7FAqRlVz(1^d_wv-Px(>FjSmtlaC~n6~ddJ9!U$UI~Br%KW|Y zsagEw&uaP1cP8?m&rIh_|76jxzR<6a{i17s`$+G;_m>X-@H>6{x5C5*u|IgH~|Lf$B|4rV1|G(0||1nbk1>mC$AOWHf03P588K43p3IjGEu_Pb_ z%8~?5;MzQ(1^NjFW+0zzAP4G+2Yz6(RG5H8CP4k4Blp%E6E5GLX7Eg=*7-VP9e59 zp%orq7JlCr@=_Ic;gNhH7-|U?j-jiFp&8a%8lvAC!V(&`VWpKJ9Gc1-&S8$!p&e$L z9OfaY;2|H%h#&r8r|qF2YDyp$Vv8IiB0}3DsuCeKqWe4|Bo?3~P9g$Y;vy*`CQ67V zZeprcq9;aRD4I|wj$(Y2qA7|AD5hecpdu@lhbz9~oynrf#3C(9$tvDro!Fu-{z)$O zBAoCdFdm064&zZ2qcIi*GA83tEF=Ci2HP(_V+}^5G~ysNR^tv{BR2Y=Hg01OdgD*1 zfH;mLIhLb2o+CP@qdKbNORS?iz9T%wV^26^)5W7b-s3&Cql>7(Ja!`x;v+x?Bs%J2 zi|}Ky`C|_Xq(UkrL86F3vK2z=;6hF$J~pI?Jfu$0qta0%N5Z2;VhBdUN<`jZN0uZz zxSjfDrA**M6-3lOc*76K z0}W(_KDdD*;6OyACTPM0Yz~BM)&y-fTTSi+K=J`p%)>D>C0ZV*Fhu5HLZws!XIB2h zJZz;sYUVoVfO<71BX9;Ih|P5}j}-hvTlPbMdZ%5AWnP9SO^jzu*yhd!pOoCEcgHTDsIBF;ps3vCC=Y4YJK=|cXhUHj}gEy?`K&%4| za08U$saqO@7hJ(y8t8)JrCzowbpC^(>X(k1Cs4kmW=_bg3Iw9c+^ym&oPs1x)@n}t zs!8UmgzW0ZKlJL$8EZ)*D}X2~v$CACb|kdchqSh23|1>gUMqcME3prIR+xd!V@9wfS^tGY5IyYA$$zUza=>zigOz8)z=+AHyCtG^P-wCd=BN%+4&$)~wCmEY9Yv&h9MF_N>qTEYJq6&<-up7Ol}9Ez;_&Hi$zy1Oxy( DOm8tM literal 0 HcmV?d00001 diff --git a/Media/Images/CertStoreType-Basic.gif b/Media/Images/CertStoreType-Basic.gif new file mode 100644 index 0000000000000000000000000000000000000000..3a21c8aa19a8833842f5d1feea7727a3219a7c00 GIT binary patch literal 19143 zcmV(;K-<4ZNk%w1VUYr~0(SraA^8LW00000EC2ui0FeT;0*C(q{{R30001xm02}}t zH2@h|0TzP*O``xJ3Ko!g*rBtJU~!6 zNuoJbwL52lIbXCqakV^y$UBhGLN+cxOJhDsctA{%KVO+ZVy#R72uA=fP5@3*6*5IX z9ZEkvOHEu#O>9YFhE8LcL~X`KajZ|I;#C*`O(hpmJabk_N>^2+S6zBhdA(AF$W)Qd zTr(nCHi}(Ge_BbASzKIRafV)dpJf0rXgvU9KXGDJieOr)UtCOIUtnKireS%lV2HnA zq1b8&0CN`?UJi0=Mk8rULu`n%ZJNq#vgU3JacvBacPC$ZD|2x?Ja9Z#ay)TzJdk!+ zo^@x8a;4REx9olZM}A^FcwbX~U|)A)cz=X?e1(&Du&agu0E#jMf{UVnleCZwa*qs% zi$Oe*M-+-ja*Sd}h+u$;XZ#=heC%J@Ax{719mWHyNnYF32wzrG1#lW+<*R;*lw9)Ug z=+w05{=02-x_msok&M5Oq_&iOxT$WvuFScq+`YcSy2jDF#o@r`{K{%_y;H%)e0j!( z0m7n+!_?Z!`u)vrgUgFQ&ZTqAud&RtmeA1C(v5S}j-JzzJJXm|+n|TmxSrLr%hklV z(bKus*4otg{@<%;+}_;Z;N|6|P2i)&=dOz8%*X53%Io0S=luTcwsGyqnC{ZA?d|OP z$%y>Ynf&3a{prvC>$m>-%l`e>{{HO#{{9I50M`i|NU)&6g9sBUT*$DY!-o(fN}Ncs zqQ#3CGiuz(v7^V2AVZ2A>G52%lPFWFT*({Vj%bu;eHSOEDbL-yCTdnQhz=I1PPCWJR;>eRLU(THG z@#fH@OP@|X>htQ@vuocD`#SgU;KTllhwOd4`Sa-0TbF0mAA7Fl)ytnxANsyIMxar> ze(T!x^9ms@SA0()DAFv~yv zsM28!Ioes4oN#KTkDgqLArGK?9oeRmO*T4TmC!)?Uw~I_Swb*PWx7;*B%0U{Eg>Ai z-kE7qRgaKZJhP5E+w{4GSpJCm<4p)?{*%v(i2P&EthJJbXjqD7VNFv((hAM5dD){* zQ|9D&!mtcFDs6feMhPW_lWMtPnOYKP511x?X&_XjTBQ%DA>=C6pd?(9;DY0}_w9yr zLN(xf^t^cIm+|;WV7yW(yQzru`a5uY#gKW;x~!~-Y*hbZ#A{^?n7fRRRY( z?Z>fIdu^#&Ww`B$?TsU32w0dBrauWIQ4bkN?kkm|OH$>Yh~lgq!-`Ph^WrI^ga8AQ zWs-P;Ic$2EiP9+hGfvYXkf82A@D#o0ii&o~t<+Sv+n%1iPSrJsUr+6!jZo>cNC;va zL+ip|cPO@&7_*mW{sni)~jXlZmpa9qnFPJE(MY4CG}EL*{bl7yit$grNuqhSi8ts%rvq&?Me zczMkB#FGq%sGJkxxz9^XA_+47qtCVr6I#^_(Uh!_$r=WNT0Ghpf=f8Xb+i*!#S*rp znaRK!uj9}d>|wxX8Hjd<%3ufzw=S)5s0Y7;3I~hk!P&hi3kHgZ+|uR0w}oI22y`Lb z=u|lp>MU>mZOc&-qVlN_fT(gm(9i!k1R~6x0BBgN^p^OKrSH&t}QgmbHLN`MX zsq2qn5>dkDbVfxQ@m(82g2aHB!Cuj>bb(6~=FoJi5NJXwGb2Igs7T7rSaD>K%aX)4 zB);;Q4|9D37dkLk#($KHDpB-UC$r#+Uik7AY6!s)1!%Kh#nDgyfLbG~;*WatDFk{5 z<`5BeJQ?)zmx7SoRqU~iY<5U?)O=g>Y-z0Hz2Qc0v!*Y5@rrD6%Xxi6-x$7hvSeyA zD%1X}+#c513tr%=lmO)nq$GtUO0}n+R4HO0Gx)yDg;9G@+1opP4lcuMLBe|4o&lo`k-3v7M7J3327G8WYamNGSXR?^F}Jo9!r@?NqUw@9w`k$ z&RiFjk;-CLiyCJ@mkJqz5)^!@tQ10dr>BL=l9mtsUhb|Y(ig?RmF2S$Mg^I%V|r9_ zK@I6tia3K4N$o`^&0kPS09NvaVRBhf)EHtaRI^phrf-|6|JX#=y56-?J)Iqgo+ieP z;?<~?8(&@9$kfU{=1HiGiiHwUP;K3lcN;3(Rl!J3h(aYFY|`F{?wZ!CjMb-Q)&6Ej z=UAq_Efl9AP-_w6S})sr43v}zQ78BMM&CN}1lPD}M63GSA8NF1pz1-6YUx-J@d_F> zwXAk6bDzg)7C+ysO5`Rwm65(Fh+lMQX^+Ls%9Wshc$%RK*73PCwWy7+1=Lf_O50gh z&JFJw2OFTVO#gw3xAOQ_8)&@FssG+r_9S^8LV%}A+$6nLV znmCk&S3u%L$o)rtBijUM@VB~y;?P%pY(#soau3gF6^EutWdakb2d`j7{xCg>OG0r7 z$s7_@?x;{@eQ0fbeL8^>1G}y>r+Ljq=IL|&#-YB!Zp$448tq7+hjuctxiF5jWwMwg zDcTuHQ%G+uu_w%wt=U6an4B}S2ej9sXl01FGEpz>p&2OAgdQ5=sXLS_RCMl zE|R_8!3#Z{VjbKD#-Ym53vv5z8j)E8Ly$f&*h6<#0ve;8AdQ`-9t&sKmqmx2f+(?BU*1;kdy? z^p1#6Tq^$9MlTfi@m_>{`{(#!vcfYPP%8}qjbgu6^&6L zYSX7)8*NivLF0%-jzl>XsbBr;p9*Uw zFl@iO-uDijyz~9P-TR*Mz5l)N z7a#oL8=vsSKfdz!p8VxIU+v9*zVxpi{pnjj>D9l!_F?{<{q1|dvfcl__)8i7@tc2p z%erw-)md z02g2t{D23X)ff3-1EVw+`k)I!5C9MmLVa-$0WgF^XaGB971WRbRFQ;j;SZufghL1f zX)%LDNC4+Gf}#O?V1W-b0EI9JY5gDy24HP}QVRjF0K`xgGgyOsaf3M+7WohaAaEk} zAO#Ijcl)3QX;>EbV1zJd3l{(51dc{dw4JF5-;_zbL*iN`9K4Azy)e06^&?vIA|7O7=t%LiC5uX7=szx2 zh*6=7X>o{KL5p3nivPe41|W-VVT+ac6~%{%_F@bLU{j3K1}k5v7j< zU;zuG52P>xBXEWJ@C5U*v4l$a4{PWT>EHq*@Bx`1gi$yp{)GNuk^=w&oS=mI&0KPNEWa75A)yv{^5jyIFk{O2=hPz3)2sI00jGB2A{-*oJ9=#~hOh}A(;*AO554FGoUosA47$>5Dh*2?v z4KPdAi4L?_iYp)w`_Kh5#SZ8Ao;2u)Eijs;Ndu>unp8rXQbwTvfSNF63u4KdcZd%i za3}hZ2lIrC5=x;Kx}XL+oW*&ZB1o4|H~?F4DBJJ~u)qx)Fb2~Z21uuk2e1yf(3E&l zixa?{Tz~<{xi4!7niom|i})q&xu6lbhQJ6FeTXvqfP*S|q+{`$5D67)hz~W8inK@# zI*O#8$)D_jjMcSf31ukMiK7Kv{)X zXfH#`i$W@egUF@BD5m~dN}1<~j93~K^B|@XNu?R07MV~)G3ff zC=4*F4x(^}Ye5Zu$eKo|l8wlvfcPchPyr@j1X2K~MM{HT3Y`Q=keex}J6ekl37oUa zS@Zw~6CeRs;)XxDqk`(CO^Kw-x|InqgAZ`4LcplP$b|jCgCA)Y$10`&nUY3Gr~Bfe zof)LUXfLh$s=IW}jDyvW-sQhUUq7bbFi36u8`gtXCp}!jgMp z!Hi$R4gz2aib- zgLB%7z?i113Y3vanSPk2>MFG*>#l7F@Uj z!!iz1K&h#Kuj#O&>2O!HX#ldInBforN3ag{KnDR!7V{tgMFyG;@QR0$4jRB&=2-#P zxw2F{vxxwqi5sVRP@+^KBNv;Sxxkxe5r=b#B6cVb;J}Ukpbd+g4`I-yKzf6pq@2v@ zoLTFw3)8a|8=ex7hA}6zN+_P9Tb|x!EJ&;cYy5BhNrXqb}Pdt&-Ah^ouFL8^fwN`xdT5A&b_L`a?5(1ih@07;OT z+^C5}XaK$GleN&FQNa#qn2zh%jx{(B5rByPkPGaZu9Ax<{s@r%69^UXk^y^=30Vg% zTNXRmgFna~`+$%HaEh?03lsbSjGGED$dMj-UOQX6&FZr<=?+Rjkmn_nG-;DcNDp7I zlWoeLUI+woimxbq0Y`eV{+qPCqrm8jwF$hySPQTHslz-hk$*4%QYghEz>`&bttA|_ z8Yl+qkhWmq56hA%|JH7+!X8BT3*!KhC0FOGznE?f1jL3{U93j}qkQ`%L7|E3E8joDbm>d_EoXMQb7MtA3pnMje z9Ll6T7n3X%8Ia1VyvnTH%C7v%upG;&T*{=(cCviSxSY$bOv|Bc%ewr_!2HTdG0enV z%*K4o$ehf|yv)qp%+Aacw5JupJk8Yn%+`F(*qqJUyv^L)&E9+z(ag)@oNa(f`2F9-Yx39nuv&(j*9&YIGxk;0iwt$~)}}Y=Cd;zy?MQ zbGLA-J75TMj1}MjiAOzuJG}(>1{LeD1iW(#GbNBbP_{QB2;s#Ke!y8*oz+^s$Y2oy zSRvO?Em;0=3+QPTig*=z^bc+A*6+8|bZr%bZ7*Vtog}a@{Gba?-~@((54UpM89x-4A?#BqvhXUvk)*W!m`gPKvnKbv@gD-2!(_UAz5#q5gdp!hP4xb`Oco zmr>#bIiLx9eY!+&1y2wMZ@}Dbtq-k01TVl<(QSRxP1vI?B6yvWHv0zTl% zx7A(!(O?bLQccx2vI;uj1WzEm#xMd%AS*f`-sElGkT?!<(Aib(;kK95OTE!ft>c3n z&-hFgLQT|94di?5(@37lO1|Wk+~iIk$xt5UjXdR4j>uMi<$j#yT5iW&-sP3}{^oEV=W;&hbYACne&=|e=X$>9{&>z6Wp3sh_~(Frf$Go= zLq6z?oC70p=!ibZFHi}L-spRb2yiXwpezfOZt0wi3Yo6ym<$EM5b2&if&?k*qyB;V zX6jOL*=mIk_j&39IOUgZ0wm_@IS%XIC+mv<3PX^FwyqDQ-~>d#oN7=9RsaLBFb70{ zM(N-LRzYgJQ5GiVKC)qGW`LG1&a1TGg9^p{O(QbUx&frO4>rzt* zzpx0zun%jnFyJsx@_r53P=onU1-E|gtT*jcf(CSOpWSXNdU)@CZSV7b3s5i#4j)|p z{^6Y-7X1M4(K`YwU=O#zS^NO+2w(41GVkdiNqEx!?-7rB01p-6aG&`w2X;^gQxNa- zp70^BJlYWBD}M64J@Gmp<~-l?Wd8F&|A9h2^n0AnM(=w_pY*!ddxieZP#^VDKlM~! z^;UoNNYM@IU>2qq#_Ld{OyBfgPZpfF4(AZ|%GV7cZi!%F_GrI+YH!M>uIg`(dZylZ z>ag~8uY0Q!7TsXzeh>D0FMM_p7L7;ugHL**e)x&6e2d@CRe|`8|9Ouu>XJYComcr` zaru~^d72Lv1_ch+X)m?V0My`x0gwoO3Kr$66}mdR`_To5{J9z2`NQ$~Utv(D85N~C zQ^&gcU(xzm@%pb1bMIjCTH&O&FC4h<6$bt_neW<^zmEWefCCROPlD=(GYAD>AOgAj zB_uooPvDLYJOUL^Ji~|pfe->aMf~S@gLMD~9x#V%$hD-eqb)fC5^yIoXa_=olmPK% z#0V|&`so_s0R*~#`E1Pk7g6FwiWMzh#F$azMvfglegqj(UYYi66yiW`wyf_|bx|BLHT zr|1x^mzMpFcB$fjK!L>F*M+QEYCenCI*un%aa(>ZrhSN6`*!Z#y?+NEUOdLm9XX3E z4{mAov&B!#PA!_XYsInu&9)!+-hhE4Tr8NywTT1_Yq;!;iw&F$Y8wNn2l^8s0s9UT z;Q=?~(Z`Vybcn;i#l{0ML=i_Mu|yLYE03e|YO3g-4KU$?EYpO7Pqq1et4})k7>p<` ze0l?}JsYi}E;Zs1)bSn)e4&6Cz-W}nK8f-X;tj4MQcoV@PUNynFTVscOvzH*Xho39 ztE~doCNd7SA?LcrpKt)Q{%^Lh*2GGyR9IlD9$^X;61O~}@@Jk6raLmI*wVZ}HN1-J zMV{FF@dhFWYjG~iEyd)tQ%^qyl}j=;GV`Mp=Lx{M8Qqlc8h$!?;DtJz((%63{L!U? z5uV^;x_(H}H3g%Bn@FEdA_xG2>0Wa$x@G4PKog1RQDPu5B(0Smfe6y_iw8LLFjR5J zCAVC2Uy5la^v-3sU3cGwH{O&+&8Sq**7sqG8qSPjjW_1F<8m#Y2xE;v_PAt|PeysnbV-h=8+%fQIcAw>R>_`j zRu)N}b!g_fXP0t7mq&8?>6@$Ox@)h+ z>}F`3Nm{3wbzc5DZME0t&YrT-##&vI)aj-fyYI$3Z@u^CyKle$20U=V2PeF6!w*M1 zam5#Bym7}Lhdgr0C#Sq}%lGa^os+t$n{CfO2i@JQLnpm-(?cBnbk$d9eX`VBhdp-L zOL~2F+i%DHV!3nYy?5W6-u-vshi|=h;*UpuYU7huZut?;9CXki_8TddFmhd0dlOH~Y z@S&YBq7GLeLTLP<4IO}?AXiDjAf5mQ6WnkoivYzCbh1DUmBI-`Aj>|~PzNi(AQp2V z!WJTu4kuW_hbF}0@t{|cbmV{smS9Rh7=frIpkp2k3`Y{KvI2&1(0~EVMpTHXk3T69 z8cKvnHq@ApGT!3{ObG{+vN%ZJZLuQ$Fvlu%fWZL%V;^g{#x0h`M>BTNjUEi(tCB!O ze~hCNzX;$XtpbkFh%y_KtU{m&xysoY@*?S2K?WTONl8W|A5ExaL@pT-S?&W3bcl)` z8~&mOVu5yH^M4(0<4F(8sGBNC3N zxw7&k;upVQYD3UOxf+^GT_O%EY1P&e$nnXnh3Sba{ z1ayKcUGd6Sq!>X3lE4&pARrLEc~7%$yIt=vEe)B_?N#XFkkY)iD0f0fai0>E+E4{g zS=mZg`tg;pj77Vq%`SKKYZ<1EW3ZErNOG3*o7cu?HP=vYt!Bd`+(<_^s_BhuXq(^t zRyZ=b1u&KtWE=cKDYOSp@UrkzEB)|iApZ#vfwNm%3%9s27#6EUl*FX|-4u98A>I*( z8=QzA5lJEfYK}zQvMd)D*(ESO6Ga%csv5OwA5kC+K7!z^8dc>g@ZD3N{v;q5k;Naz zpo@{kyb>hel_Jmz;eBm2BsqCtS5lzznwh(+UhM=}BM=s#rlo`c3;+Z^9&?~gQs#RJ z+R*YMw7?F%=yxT$wTyAHSH-(XQZ&326bhaHdB$rHPojzQC;22 zG_<1H)guy`UCsPzT8qc5tmOz-YrSjkm>ML8T*uaUJ?zSWRn}BB8{CM!?3TE#8OmPu zNpgBrYFFFZ*T#0XwY_a_cN=qUmFlONJ?`+ll-%d;j=9mj?#uo(0N3n>w~2Bh?s(Vx zF;Peaz3sj4mWZMS`sR1QQKBAz3*6u%p$7#DesG3+WFL4~c*7-LuUbTW;uqJQ#WB8d zb#L6`A$#}7MIP>vm%L^n|42PPaRny~bbtjUi9f2rawEVzBns^jBWA%tYyzQ^&@lN` zKROQ{0No$y_~QmUC=z}If-V2hM<9s&5u7*eDuR)RKW>rcpxgAG{9pvvf2b2t(gO@m z;K3}+-a~oR0}NJ3I}Qf{h94+{e=LM$p!8uxBsy}5{43xLodAZzi1CF)aKqT$NJ?Gg zKnIgpf>pFGqpqX$p7hh*V4qGpmag>#N`#JnzoQx; zvX3;(q94mB&Mn>`#_7B&5gA;3gSI|-1(v?@DZPB=mE1^C-r_ zq$fc+Q6go7EcM_8DvU7(g>n%1U?HW}r8SQk$U~UNw>-)@0(Ps@4E*Xa1~M@zec*c^J^#d!wp8j1lfZ>lp?j0m*8ERJfh0w<`shIpum zDyF~N0Yun|Rd@nOhy(I#ggQ8)!~??6=%PJJ1F<_ok&-`7LBN%`hxXe;Bm`9qYz zmHZn-Le#iLT(^#MM08zQ5Z*odB=Oi$9&YsedNb}^haI(ydHWG$MK+>e>BL0M973x$c1FcS_HR`XvTWn zh=!!dinPd!#K??{#$)S_RMg0i1j&#T$&pORPIEXi2!WJT$&_q8dnC!1gvpqc$(f8s zljMkg=mQP<30jyshoQ-z1j?Wk%AvH$jrb9Uun2E>L7yDTrgX}ugvy01N{u+mi%`ll ziOQ_h%B|!|bDYYIsLG^V%FJlRaxjHDr~^Bw1X~;jJqQM11Gnr&bAW_PV8vaq zgJ7rzJ+KD742HIR%dRBM!Zb`|{7Q@n%Zj*4Q(?t%fCN2ohHl^nNZ5l~qu!HNg154l>Uf@pe zY)<9017Ju^zf{e>G)}af1Uoyl+F31&)1|)i?Gd!z)hEgPeLe7-Mq`++ylEb z1kiK^Ysk#EtOm{G20}muy9~}cDA3G&PtMs*SFDBtEeA*_Q0@H821SK(aM0A;OS`1Y zU2x0vL{Gm=P|hsSZrFwCtj`&xQK-DnipWoi*iWY9913kk-|Pn9ak7){X?-BMf~%yCG|NcGiurB{O- zwa&4%vOG(){#?t{#LhsCPT~a3>nzadt=EqQ*>?n16gfy(HAaOE*_2gTbR5|uD_M^fMpGb!7hTz!wOMU!*_QCg zo8{S_t=XJ?37-|(p{-Y-B{QN$+N2#*qg9EWRobV8TKnY4UW?kQwc4(n+U+RFtL56R z4a$e~h*PWyuO-{ECCOWp$c-o)vt`@1t;l%%wL-LvwRPLNwcCD#Taa)82uRypbK1KF z+`wg7v5ARr=-ZB%woz2v#bw;ab==1t#Zsi5eK_1pq&0h>T+1CqdoWzh-NOoyfXemU zQxn_%(H*wZHQil9-PFBYxn*63Tiw@1wb+&2P@~=2-L%`qT}#v5-Ho)~^<75Wz~JRL z*CpOcG~VOI#N>?#S6BjK4S^+a1?7D;=y3%$Al#r~gXyIRerUWAFoH_}k#4dG^0f#R zw1@-hkN(g@>g65iS%U19h;>*3iqJX+st2iy41Ev;pyLShJ+l$22=v8>18QIQ?H%X| zfs9z-U`2xib_@d62mqc43Jz9c(g*`aU@cCpi6MzD%P$EnKgGuO*?;8X$v^jTZ;T~uO0j^*M+PfOQVZUQx7xw;N zB{Sij=!67{qj`{lR;b}HIE#At;W3veJNWNo8-s4-|4cdbUe4wC+s0X0ChZp!fPY~dHD2RM`Ln&rzM@EBd ziDZ>#V<~om70@LU*yK)DpsD_8pc97*G6q4q>7;>Q`3;)-r3jTHf)Pl=h%h@B_63V> z;ultf!(NOewqYE`z?Ij5b2IO&>2jzol*FK#sa$e|_-jc9w+wPQpxP@X)WZwQ9 z;H8M+#^q1BhY|2*T}p1{W*g?V?$pBW?5?cs=5ELG?(aUV@D}gCBJc9ftMf+hxl-@- zR;%`QZ?a0A4507&w(tAK@BG&9{pRof_V51&@BkO^0VnVRH}C^T@B~-z1!wREckl;? z@CcXi38(M~HxK5GZ{fw)4CgiY=5V3I@DCR>4;OK#BJmQhsS`(Wm{Rc-XQ>u<@%R(n z822g|r}2=o@f+``9M|!B`Y3-`h9DR6AZLcGTZVax9!-V*-jvh|TCi#D@rET2fzU`( z91roIAcuJZ@*qd@=JAFnSMn)8A9ol_9ZktH-|;Jt2z@B>OcnBH=f0pjxzpz{hg0hSBwEDH1@_Xl!VhCeZML{D^`BncvNbUv64KK~0lPf1wM)LXa$ zK|Hfe-@4Y}ba%-0fB5uJ$8=lDLsM6Cs4H@P81gs2$s3fzMPffo4m(_#!xlQcH^>Jo zFaa$13tiBGo;C;3Q0w~ggR%jv|4g@FIflRpLWy!mI*q@^Nol|EDXdiM{--ryt zqc!4(M#ziyONUX`J>FBGGLrQ)LU=JMAa?(Y@$;ESkN1_FcZ(3FY!D}5l9LvoKNt-7 z&*5}}UrB>M_bA!wj`a%us55JXL1 z9ZuhgRc7*kaEG41iBYF`H9RF-N~MaTsQxif{Il>rJHiKCx(EJy`vh)wL3h1Fj|h19 zlUFw;BFcv~Fo(z!BRgQGNw@^LXRi?yjl16sSPBOt=bb=h%y+%O% z&(FQ1_Z-K6d{B3!GN6220t<%9x?5PLW|9ZaA0^NCb?@83Y>=XPNP*m+guTZdvX=EtnPi z346G&jKhxeTKwzR31&JZ5Bm`W{s(j4nrr{O_R|Sbjl+8{rclgBMXbMdM(5J4Yxk~4 zd-j^m^+%2%Mt|>Ga%4yhtXO<22+lL{v!5;0CSxBFkhNk{jKv_al)-8hIp=N#cd0l1)1KB$QFo$fT52 zT6rawS+Yl^mR)-JC75AW#HE;Jnt3LgJCd0un{B%J=8b#7IVYWU+PU7Ecj~z(pM74G zr=NieI_Q~z5_%}2i9%_pqK!KGXpW3RIw_@7#6Fcr^(fd;A_hg zMbfVqt;C?TLm{QAMNjdX?S#!{bgf3-MB7n4pIqTY7}$E`&p7ryO0Bc*Vg$|$>ps!c zKlv;nmbBYyY*SRT&`#)p$skQXGJ3$UjKg%F=%Nsb~!*M}CAgcAwTwCOILT`X& zPFVlcgZ{f&`UnHLL-;gtO*$+fL`ovR6BLf{;2!E{${W2lL z!oh;%(Mf&Xf=a@demSTQVEwBc52 z*F}eXaS^h(MITLx$uaIRhdDdrP}0~l3Tk8?FvwUsX0Q$n@&gc3lnX2)smB3or7D07 zWJ&7f5r*l*69++zT&UK9vg|~9{rle(*Fur3Y^5to@rN-+V6!$Ekv5?OTve_@wQ6!j znh()OXfSxi=AH9;vos%748u-qj)j*EyhXJJ1;MTCDkHuENxII{F45#85a$6+KUVPs zNW=jvIY`2Esw2fi2`eMV;s`jDc!ejR!YON5$Khsbw(b}qZD1fm+rm?tl+N`2I;^<| z2_6Qgm#Pj{_>1kH3GM-yImDaqzsUNDq7+(Wxl!*$qu!eF#WFTfgl#NjBYUOC zO183=O%i14#3>!Qn$Jr$p;yxYu)W`Hy)zU zE_cK0Tzh~6yy87?aP2V<^P;!CxV^1=<9k{7%D29drLTSSYgqj1x4-^*<*$DOyet3< zxWKC-uz?fIDV@1u38-3vD-Jj zgiB1g#itd@5;A;|bu0lRxJiL5c#;bX634_ANl0nx5r~LdBp;K@U`mpCO&2q{K#3Jf z2sjeui-aQvB>qcrd`ufO%xok0C_zfToDzLlqseB@P{gLJ5j8&~GpEA{ik;vDF%SfD zm;muHA5xE__4Fa&Sb;7$*3l4$?p*!w!w=j=4>>qtU*;PDq(K4c5olr_ip$5+5XU;CLO|$A&&(HN>c@R z^x=o8X}Kc3QSl`JV@I*nCKUby^RrW8X?ZjTJee6_p6h{zaq80_+rTTT!~GFelVm~v zV6*==GwVse0Usx53HADCzQtricn_I&v5!ZUd{-nM$pFJW!eAA84pn@(gx`b>%>ZXu0~V{HZQKfAF19C&)kQs)bK!#sbl&RJE(Vu!gxP|w6HC}VP4;wTd)xj%hFIRF_RVJ`VlmbTjV-DT zD}>k%{L;rNbkJ!2K^@`sU^Kf@f^s6PJnI%o*QOCxkq^t+)F+eY@5d1Ngd;>7pbmrJ zd0*-!b6(sLyReKOvf&OtY3j|te&^Y)kp@4Q`bfHm-QVYI?32GDP_PDj!=#T=jIGb* zf4?^nk^cA7zfjt*KmN8ZXk$AN(Ou&2!@~tjvxvCmY@lqAPT0S3a%gvwxA2XAPmN!49*}8 z)}RgEAP(lB4(=ci_Mi{`AP*KD|8XD@)`$icAreB!5hfuM8pskhAry+p5Jn*tcHk6N zAr{7o1ZE)@I>?iCAsCj(6NVuf62%ynAsULr8Kxl{y2ll^Asn8@8pa_VKEz|K)m^dA zXTg<%Btks}*GkX|+HDqL>58k-#;JtBA!=4j1qLnrM_c9AQ`n0kmKI?NlT#!j2!I=8 z2@*m);(ve#a=C+CRm2}^)+N?TKNJEY3J4(egCekoVldy2`I1KTLn|PTqX~-0d_zmX z)gm5Gz95d>iAGWQ3yCdVyx3SL#6bQ_)QnxsVwaF2)|_IuXw_H|1-@K?6?}(X;G!-z zh5KxTVPH`OzG3l{8&%+8DcYDKIEG4$$6MKAM$p7RNdhgp3BAk;IsoG~DMhmxqr_Ph zJywKTfPsEMV_it2mQbTbeNso5V>S*2!_b3l)P+6%gFfKnINoAINTiRXB09K(tF)ty zEdnUCn*Wpr=y=-UBu>AW2XN4xM>&De!BaI^L`&Aq-Q*3>7!A^}p5$<%l28jCDo8MP zjZ*N#BDhUMxDR%81~DoQ<0KB`NDlJ=Pznr!703WOK#kP=SO^giLXFkgc;nRZLmD{S zJuF5(FdATWhGf)%JYtDMI{soL(grqShuDzKY`mot09JVf=1OHFEH;p5&{rH$Eb<|fDyL^ezfYbIPd zc4m)=6^|% zN4{u`MyFp%5fx=3O*IB8f!XBp*_Oo4$jUa8Vm zC_LRkSd>EkEEEB?r9i4$14PARJ|fAP{#crBM1I0fg;s?kVN7JEDm1{093;*0s7hHF z>S7oJvR;F-GV8a_5j1pUn}I5!rqU`QYLP7JL%aiEJgP@V#XO9F-0%~HDg{8jrcVGA zPcW%Jls06H*>%1lcbZU>_NYX!rh5+%zknt)2 zL1{u%%RN}xR`@|81d#1~+&zqd_N2oI2#;I9gG7|Ou%Emc+?eu#;RgTBVGhkX+%t|%V(hN zuIVjI*sWFBX&p=@%a*NKr3^f!%)qU{)0$;>c;l>@gv>m|V4{cN&>me*>yb=iMzrnE z{B7V;)pp5=W`XnN%AO>e}0{(6= z2NR$Nf3W|Bun6ZL372sFDM1BLFABq!1+5>b?cxxR*BgFbMuc81o=#8Pkb&e|W+cJf(!&&t zUq+meFMdx(VDAjNo-*d2iCKe&UOx!)eURUco(A8T>X)Bl`=T^n)oF|r)dnO0iH$z!z};T8%9~V1xQN# z@e*@#7CRhs+ye~cSVd$5Rb<1u;)9jpa|D$D0Eu1Mxm-Q8LJoN4?S#ip-0?Oq^lKbu zu5HE6L5C=wGdfEky4i9PzuD4h1MLCF)c73GCCs9k0N&n138;fDLDa3mG4&waVGi_0 z?1LYS0X~?(d2Cz`5Sunv1vfwR&e@z#@5G+vKu}q9w$!pk-10>Pb5)Q6N1vT3hQmOp z- zM(ZnnDbb$Kv!UP zOl#R;g7e(+tPUB1N(@1w#jMTxQLH9 ziI=#EpE!ww1T@ft4qLbbj)5(-xQino18jhd&-eh+zyacT7IMNE+&GV$uzd#sqY7O0 zIsH{Qk)M~5A9;8sxsq=elQ(&FJvo#=my}O=b5*&OAJ-jPuYzE28zyIfc)0^7ucAc}F;EnG$&lO?oN=!pLlYl5>aNG4Q;MArlSf#FO$=>Ftjtj; zgq|5fsEfpaDiv|O`m!`SonM3|DUCaH8C}r2pJA{0LazQ&Sfs2Ehp#)zsH?`KF9nl! zHDJbNRmCo$eq`iK&a?Nfc^q{VV;Og}C=dqXkD`+4{1Nc44-XR&pg^MW(=KOk&#m99)6v45qeEBvm$!!l^=OzOL)B>SBAdsSf2sq-g3yrW+OUx=K@G6K=$!}S!X z;1oT=@_Mbmxyw_HQCq@SW0hB%&p;sD`CvV(7ykXn6skrFs7z%#b>a^?SccY{#rc%o zu*=5M13}Y257d)`)R#roUp@W6#NF=%Y;Fq6J9??dT;os%m{tXxlIf-0eAvOg5(Wj)5ViK|(`m55zU=3O z4AuVaKW*;sz75$ax&nXR9DAcQ{;gYoZS2Im$`Q0$zRmwSzSjRFgzJZqD?t1cIPhP- zDY9;9@^>qdz6fgAI$A0s=HFkT`k{*j=;S^jdhpjb@~4`~1NwF09>9=;;V#^76F zEK$W-0`IMm#}VHQdH)t_A~=+2QKLtZCRMtWX;Y_9p$^0s0-aHBBAupN(Qgs4fBV*4 zn}?NO*RcZ24r6rlU(THqg905VX9rt>90zjs3ig`be|QbXYI1Gk#DN|`itI39*cu$0z5S^U1x1CgNzJ zhKO?uJHrI>i!ZS{+aNW3MZ0}KKuIX(Z?S- z8?Cg@`su?fqWqzyp``r!C!5{q0mF$a5CKXTBCe=ICw>Ca;fXkU>*}|EqMQ;Df3%s> z2)q8N=My5FctV)ka!3MAB8Uj1D!ls9MTaY(AZ$Z|{7L2sNaR3JmnolsCZ9p3WU0o? zvN6sdKZ$VTC&0k)GLHLz3{})oIVsWA}6b7-Pv0HO( z>{1;v-PEvj>P+*BH8=h;;fiIq@GvX`O&BA)duS|-P(u+_lu<_^y+YD(D76$*P2nr3 z(=S0KRo!*-6Ed`Y$Ou8+dF3rJKbfv$SKod4?blzV;H8&ddp$dgAcOx+XSaVDZrI_X z;$daThnK>a;)^lPSYvh(7O3NW`%$H_jY%$9zkT4C*yNR2ZrSCRVUAhmm;IPP<(YBL zS?8U3?%C&+QNH=-p@}Zq=%bM~I_RXCZrbUmp^kdgrKPUg>Z`HNnrW)F?%M0G!48{Y zdr}cv?6c8MTkW-va+mG5;f`DGs@&vWJ+^wCK#9b?f=PhIuZNA0E?vssT__Sr*2 zo%Y*t&wVJ{b?@Ex)p`G2_~APbp7`UDZ`}CgnQ#7a(wvW8`oou>-ummst{(gCxwl&T z?!gZq>4;$$-~98F<{JI=*)O{0^4pJJ{+HFC-~Ri7P8t9G`PaDq{s9<3ef>{>1vH?K z$OgXyE|7sif?fk57(oXrP=Xb-;6J{1K@9>hgB$eV{W|zT5w=R+)Rv4~pa;un+XMKF%BiDD$<8KZ~~9iowqh9ia=+Ze~my>X3lv}4}r zct<@RE{}WkBjAW(#y<{HZdN4ZA(3WCMA}bajdbKAAsI#7x{Nk7+?=PV+?X?&V$5iQkDA@2mo+tp&828_o80r}Il-AR zaVkX;lBi=j4R}s(rW0f9Ov*Br@lJROFqA&Hjy;euuZGkk1pai#yig#IdZbGqeE1~( zJ>?<@CNMz^*YQU&LU59=kU>@MSeQO`!GtMLVNUKK!9I zHUxJ?YH5#h+I$TJuvPJf3cgZ?*PLMtvu$l+7q-}zLUgS8{H-)uxz=ga*0b_x$4%ws z+`K~9D0}TIP%t{tDP&ZzgrSEQ+OQkM4n?s7(d|)qOBCOp7lNQn=r`o`2DZXCzWo3y zP-qcfyxx+&MNukKfievr)Pt`ANzxYjYv2&bgFtZF)$kg4yd8GRf*H)fP#)r+ z$k>8EurV*=0s$pyZ7x9?`cNAqX&iKzXhpA^FL#u{9NIOpDn7c4DKLSg|G4c$b9+)I zG(n>-jS7x)d_Z}2le`a0@KDg4<^rynnr(L2n+XzUIR}u=)3kHL@asH~WmH3^d!}Wd zllfKzu#lr|g>7#r_wujh$?LAzRta9u>2l9c>>$ zTiVsu54EkG?ayFa+ueo=x4j+irGQ)9 z9UwOyG(8zCSsgrYBL!9;0v97AKo=*6Bu7ysRFfHSyCa9lBnJQ|A15e0FfDVwD7ghR z04O&XS136^(kIy*^aybltIt_?944F9+ygVU!JT4tLDJVHKi#axyJUl!-JyAP9 zW;s2bJW+ob0tyy`bS%hmTv1%UhYuU#F*I00379b6*<)Xg>gEKRaV+R%VW;W1-b#vF&XD zO=$%$Y7CKQCkSucEtOGHyV0G5~=ta)?I&h)EQK zQ9OcRUW1H`g_p92p}~c{=8O??iaK(RNpg!?I*(j)hH8|KYekQHoQ{m5im}#;#`uyp zH!#iM zrc-jSTmZ6X8?Iq13BGP~x`ltZjhVxpXuYL~y1=Krzr(xN?!j)(zVx3Ay7fCCF2Ot`S&!-%cwvu1Bu;>VC9OP)-*vgON|`7UdmxwGfb zphJruP5Sa?$E8!NUd_6->(`V|!=6pMw(Z-vXUopbySMM(z=ONpExfq# z^XJf`17>qhHUyz5A;6drf`19+( zo)6L%Y*zJ`MJ)DlR+&EovBMXF>nIo*gAMK{;e?3*BNTY~F05h0B?u_VU zh=EWjrG)roVdaGY{-fa*1aj5kKOa6xB9T*}s3JT3T%sa2OtMfzmRI=$4;*5$00x;~ zg~@|_VY(2^KmF7q;toFgd6u4ddKGA$cgTb2f=$*5<&>1>wH7yeDH!;P9O+@V)kkNN|Sn*iqHDkc8dv+Js6Jt|h4EWo;s zI@GwD1Dhc3*;hXUsiP(ju|`6yx8RoRrGcDA>oQgTkmKsBx18BeF{jdVWQYZq8L6#`-D>2Z zN=oH(3%dxagOe+!s}3V0w(v>1S^D!1ogv1sqg3?>iZrq!@&I6qT(f|$!V3#p!=EQc zTK3uGr0um{{8+-m{v^ln3MM*fuf5fx(h^Q&K2+b4A`PzmyhGAb^^>!RT+FQU<+OPl z?pI%uJ70=olFD-xK93l5#PiO!y(07Z&b&8**`%M&n+|tAdOMi|+?c07o932l z)j5bPY|+R3^po;WJ+3~k&(WfvYR@{;V1WyEu?{lHt3(}Joc#c03>NGFK&A7VK-3|! zri_Xm0GyX6)?p8<{lj-$=!QS)kuyN(!)HZchCcKGxm8QI14lj5f&Bf1-y4hblpsVj1VDv|Wm zz(t;E5>TA7H$PH1a%8%* zALWXZvH|Sd$7|935LF0C6b)cG}|iYgO2jGz!2fw;-jQjgjaa; z7e4+v^Jy~d(Q+#IV?mV2#mIrSAQmZVfh6qN zO zoZfMyCp=Fdj|ys?s=3b@aWAQ^I;e-X=O=?sMX6$9YTF*VNm?R~1%OCrxo`=KT}eu+ zB28;$N?Ovbz|m~`Or?n~_)=b{eTDy6@r7@X*O$CzRzsOLM;G%9;oR-w~FgUy{!#k#0hUX^N6 zmDgh*x+s=*3>}joQ|SVMNkOsHk% zx3`;0<|9w!JLqZYS}rZFs<7cn;?V#WTm+>N*pWK)_2U>f(y1Y7iB!U_c1^^qq1O5k z41og5RNLKChv%hNDgrh@R7>H)a+X6xt+)jX)EbR!rQT@fbt*2F*}GSFb8W3?GV7oiA|b*D^g(!jA!2+W7r zjC=)YrZJF)ZZP1U#D!4RgH|GX@as-jx)4!f&-CTTu0vD=07+X+TO8!in8>=SeJx&2 zb&?kx)NDasdv;m!G@vFYB6RkaWaa``gyOJrO+aNpQ&d zBOSWvgbxS43rD5n7m(wpE*h>CeLUP1qF9DyE&dBmyaE^|>PI#HG)}X6=t300&__Lf zL2-Wkg5>vO`CQe}@sEED;i4em!;?0`lc(H6H0OjQd^os=3w;^=_K?X@t`~m<-R29c z#w(Iurl1eqvZ8wUF4$JbiqZQ_2v@jeMXn2vQ~lp)|IC-t{+O>CkI!t6`*H#zxmK-{_~?x{ozl)`q=0F^|SuZ{n>B7``}mo_rp*A(T~6U z=-2%D)6f3IufP59ulxJsPk*$}zyA22^8NGAf7fB-aA72$vYSf>{LFbe@d0RB;CO;QLLRd|JEK@W`(01Y4l0WbiZ z#TEY04ib=v$Knibc!UR_3}pZUiNX(y@B@eQ22t=9de{~D00*3?6;XI*`%nfe&=>Qd zRd;AoLs%BAC>8iX0FGE%YxoxXfCPUq25WE?v&e{6h!**<2oF#%TH**FKvVtTAep#{ z3o}IV!dM3bCeCmGd&dos!!M?Yic%3D`JjrDq!z!p6^#fM%_tS&U;ux}7Wg0l`M8T% zk%y_UhyM_a0D=!w5C8=b24FG{HedrdU_b4k0P?{Pm>>cTuvls#4){n65}8G)AOa3x z2V?LFv+#scAr5|MkO--e{{RgOzzP<5{sfT&lMQf0R^3V^oFaR8Kp^vg1bnHKTCxlO5Rvk5l>Oif!#EcGa0*X&4;4TlMOXrkq75SO3HP7@ z*0u;y0GqN&n=SbOFftE?=?}F20GYZ%3Bd`6{tykXxd=yamAoK~SV#-xs7I%Wlu9WM z(`XI7zy;iZ2?LM@*We8IX$`(00%3ra4bTP3;FU$742|H2Wul*H5Qe)D52qLpjc@?F zAfFFV3hCII4=@Sb(3DZojzw?{+b{>S1)Kp{6;Vh5Y=V;5FpvA71jxw`cpwP&*pYWh zi?%48A4HwdV4cwun>kuY&~N~;pq&oz3EBw(@~{s~Kp^}u2+O#S0HUN!>ZH{PBluvO z`GA{u2#}wc04}44`>+I;n41!b4}+5*eAu8$*(l7!yFa%}*hx5P( z8=!>7s+(=$41?(p#DI^@>ZXMx4iZTWPpGZj>aB1nt+Uv!%US>p*^tX=uB#fTWZ@5D z$)4(XsQq9IN0tp@-Mlgc8|pr`&I4w@>C85=#Pcn*~Ki4btA=WqgN){bvE z4_?^-ze4;`#Y(R_d#}Z6uDY2D7tpUVz>iQ` zghktsM~e;8`a$AKu3Op-y+{`E*rLpt0RZxyWnvBzfDO!grfLDBpD2lf(5B7Er@PPw zhItQK3n-@mw0A17_kf^OaSvyTr)A->swx%g&<%xpsF6bsX5fdK7!2+Bs02%n6C0iu zi?QWYu+{{sN&p4f0=S^M1P5iZO4kY-(6_$WvWE$b{CKNfQiM?;uO@o4Q{lE-8@D_w z6|M`na%-%{N({mgp-k1V(h%uux?x`!8wi1%;+uPX)nPzUmX4=ez- z63Lss{)ra%FaU;`MT-Cd$LT2Ju$*8r3n_r0%iFxM>#o|#o!~$TO{xa+k)_dt2j$rh z(qNldxC$zJ4eEdlN`L_0&Wp#DVnj1 zJC+aH2ovxp^w0?fb&AnA0n88&z2KJokO?rd5AKMCqFbY+yP`=@3i^Pj?ce|>u)U*u zx6Dhs>3hCDEUiLYrYO)Q=HECVJH1%(1tTfDZs{S?u*LS8zRlPVG-;Fkun8Ps14Gay^w5+3 z96$#G>xn84B*Lalg z(8vW408tPRs^EqR5Q{M)t8ZAV{D_rKh^PB724@VzI4j3HE3I1mv*|m;@-Yu`kODSP zY|-Ng4X}#BOw7hCtzG=ZyQp!-i+25x4pUckNcTULlnzMeA@D$Q{eTXyKzSSkDBegd zL=q1LL^IlAaor3i>hMF=a1H;%Sn8k**IR^eIxW*GZ5%8e9XlP=LOs+(UDQ0?)55WMO0m>TZ4^fR z)KDGOM%~m@UDZ~7)mWX?T5S|q<|SMG)mtsqVm;Pm9n)Za)@Ys9YQ5HM?Gjy$)Nt(? zKONU}ofUIk*LY18cb(UHy$r8_(tI7*ez6Se0N8?k*mFVHhK<;aJsgGI*pU4fiXGXM z{dtyEf%9)+NjMTm+jSU-P*4G+OQqlvOU|hUE4Wf zAFJ(F_ORQ$-P^wX+rS;%!adx?UEIcf+{m5W%Dvpo-Q3Ro+|V7}(*8Z&)Lq@yecjld z-P*m~)(zOFZP(l#-r_ypu?fTZ4De0+$6ye!#(2pD>h0&fZRg`X=k+b< zd4A}Kp5S}#e0_f0^I!!>z}w?+16HC1p1=HU82y>1T; z|Jw+^+Y=AmhR*C5kLb}5?ZG_{l@sdJ4&3x$1%QD5>Amnk$nEXh(dhXO2f(ljE@Ths z&fD?u2$b;d@oo>&fQt4m>%UF#y&dtY{tGUpak~xl#clAtUGeqcLqbpS5C8PMUGWu9 z<{5wWSHJPYjSn=C^S(Xp^*-F8`3Wg+;VTa2#%&H0HV!Ky^Xksq8;|q6&GlXn-1lzi zqMj0^?(e(J4a^|$N5AjJt@Kmh>+8Vlzpm?5pZJB(+q9k%scz+1Kl#kA^}BrznmGjd za+)^q3H{It4M_ySkm=Mu@{}OlBOms~t@3)!^1~eusNh2NUG|4uvlfU+6<2N#Qo?(U?nyX=`+9EHGlKDzuP-654>;n!;SR5&iCP8^Z>!m zp1pdo1|CG1a9zTK3lmloII!L>cIcQrj5yFDLwgVpdgN%&VMvlCO`b%VQsqjPEnU8Z z8B^v=nl)_>jCRCczg2+_jx)jz9}R2?hhnP-Czi=^H$JUg_D||ms#KS)i&|By)MYoJ zp3Hgh=(ryPgm9vNA1zuBt#1xqDkR~JZA+E%dA_gUaf6= zs$9L|01_OsA zOzk^Gjo+66v!{N0clYoIMwSm=VQ>EZ{r?9rKmi#FizlB30!k>Nc$&?gb6Qi1q;Z^R z5Gvhn!|Fn-{;STv4hN!)zYs(GkHi5_L@`AbSL`n=2ZJz(o--)1XQ*I`Yw$s&lOHlKNM-e5mhviMJcDGvPvrxa?!yvY#725@rtuS4SM)cjkO(P zp~s3LNwc9%H;1DRNv^V!{_`IuH@nj_CZpu+$rSm#GEhMWCA3hPiq!2$IrGenQO@>s z53_%$fmZoh#B>|6Da! zU3ca6B~7<-)yNWGA+}g!k3}|FWtT0M#C5KLHd<+?rM6mYuf4{^XR+nBTW_N^wO4V+ zC704)wF)-Ta@S?IU3cGwH>7hhoOi=`@5MJ?efOQR-rX`>lwW}dCb(dOVe*$NfIB_7 zVTT`v7~h2LT=><9FUB}yjV+xx-A%OvIb@MXCb?vjPewUql~-oDWtU%uIcAw>rnzRD zZ^k)iop4!TWTHT_RhB|7g9cH>?J*UPxYpvhy*cz*! z-a2ft$40ed8@_&&Y_->ByULCyK^xDu=cc>v{;F>EYPwYZ^0&8tz)!hCPXXc}!|P zxk1)-&0XSCbkfBu37t@+OUb+G5=!Tl;RjM3_4rnQX`CW{L_QQh{4idnbdI-@b98l~ z95Y8{bhFJO5|icz^RB}L4CPIV2a_8B;r$#Z){L4@Tf%QMsM}xS6a4VUCy9)PpoQ}> zB?!TohnoHn5}Pn&-g=ctS3}={;93Dh|1(ae*#&N&|(yur@_z^FH0GBQjWQUWnAU)<#z+T+o z5D`fR6`nU3-jVQy=_s8@+BlfTByn?qV;JZ{;zHi_!xljR#u$SEk008g2f!fV5VmB4 zIZ`{l+JpmA$f$t>>4gr0VHWpU@*+c23?JImgNrl;4Q=Xz3~k^Aft+KLM2H=} zn*R7ic9=3EsZ_=pvM@?gh{u<00_N@dhs8!da+Sz%lNY*y%{Hk)9ijwcGs}p|9&}@j zd2Evje%Nn%=&0r#Ej}mzV6jAAvc_@>a&Y9&m?pcvX z$ny@Ke1s-#a03m7@`KInO$x1|(IhF7BaB=pDaHs4Ui4rW)@TJF?0JJppwtE`O`koG zL4;j!0~0;CMlWc2nlqe|IG89xGOWPMA;yChU0B98&S1iE*nkMjV1-kc(TX6-s0b%z z1se4=O#SKfBBn&g8Fa7i7TF*nT@BIpJp<>WQEQNnbz;s%BQ#!PE^{!?s> z(;hlCXAqVV&onTPr|N79CC;IRmQocKpR^}F$B3pgT-6#`g&qbqc#yERbs!G}L_x<| z)*$R68E2rWI_~MjAWWhfqEzW4SbA98~w1zJ_nNdVq%%cnesar(~Ni}+6IwZtr z`;4HD3a&#w$T(nZXf)Y_D0dxo1OzPWF}h{gq6qAu?m0j>#M{CpP4tTwS9__z$@A++*!p*=@&5O;uUlzt5BFj*NX3rU zu?e?kfa(Akwiv6lz`Mp*$9lj+DzKf=OPp2cz^tqEwS&|&Xo3EWk;3;i_CYk;LsGAD zAdU=Tv(+GCNt0NQe!a3sLOrCSl1!c zeb+O|0+EKSNoa$AE;%Ai6;g@e=fo<@I@s!_#5)>Z6mCpniR(%>K^nTpf))W7>ZoJP zXKs(0-@I?rbU4H%Zr?lFBN?Q~XDleF&X5OV(d$4*!2>&BK!hhDP2HkBO8QDD3waeq zV1_zafrD7c+zT|f`9b8^X_?v}+b$h*Wq%%Y|> zaFZWoPCkKg=82Mmgg0chhe3 zmGjWQR6GR@A1`6wCfQqVn&AsV0n{Yu0Gdu%EJFqIcm5q5rO!-1OVZ2cDig?HcFHs3>>Vhr|8#M$H9UGo{hy=QW z!-hZ_Lqx<%`9gcBzsfM0MC2bz+zdgq#Flu(Nc4(H%*0OwMRKtkPP_?E48>DK#Z(zZ zP*a>#bj4Q`msPyOR)ob`w8c}A#YAenTja%F43u2-tzGoRVI;;B0Y(|a!(vp%W#o`n znH*NE9A=cpX?&Et=@_8F#%$EaZREyo^u})l$8Z$KaU@4@w8mDclXScgdr-%AbjNpu z$9R;-d8EgBw8wkI$9&YsedNb}^v8ex1jvB2lXF}YfgDJKM973x$c1FchIGh>gvf}L z$cQ|~L@~&TnaGUP$c^O4j`YZn1j&$0$BNvPixkO|M9Gv?$(3ZumTXCq1QwHY$(f|d znzYHA#L1l84T9_xnbgUj1j?Wk%Aq7md4x%HL6Ux;hDcz_rgTcCoCJAzm7=7|sP22YsEtTfBBM9Z{POMKi)tI&{sz=dEyl6(*askF$o#LK+Y z%e_R)w%o}J=?7Q9hPf04b}$ko;Ri%W0UMBk4;W0qJch?~M}A0zSm4WuOiT!{OMjRJ z0gz0pfCee>hiQ<@aDafVpiKVD+=_lc1}gv}vTO$i&=7uTgHpK6drVEL$cLyLO}R|R zeISF++)a7t&D#`6zvPOy6imW2%)7jh-1G-$(9GwoOnA&q<7~*p901ka2PN>#tq9G2 zNCiRo2Y;~3s<=+{9E2l~%6yOmL5NKxVMpww$MpOMd{6+s7*BNs&d%E3feToJ_=JWbu!6?KhTO!x43JB4 z$j_>1hXmjQ8OVUa1pZMGl?Nkj0vpHx%RExwY*EydP#f5QD3}KsD1ac?gdY9T1ULgI zl}miMQV+0Asn~}kxFrq{gfT7CGxgCXT~j3O(t0G&dO1+$Jj@2Q%;-hgSr(5+C=LVZp|xBwey z0yN4^e3$^k{sdMjs8vOXQ*w<5WR(hi<=0?k(RJlV$^?c~hyo?0hgFqL9o5lm{Rbe; z)JJuJ2#tk%IL&|P2T&-5UG3G04NZOkSg8=$%DhpP{n(I=Q-#gV{xnx?omhTggIGv~ z5v_{;yw7sYPm8@#oK;PQZO3*6%;nUOcy&(Qu+Mzm*YZTz%0$_KRRBeeS%Z~Ye-%}u zU09ZN03cX{{$$lmbyb_CSdHb_CUweSP*QchSd;bFl>LX5jfHmjSgBy!rsUFfo!Q{5 z*|?PoqV0#%;((a-+5ZgOq0L#ZJzAbDO9NHf3t?IYrOu*V(dyh#@&wh~jD`{bSxnVb z(Cv%<(BRxiO<2dpO{&F%1HcBd)lBg;TPYA)*@T8zrBo0w))*K}e^`eVT?F?0hkO`> zAC=qD4PCB{g?(sTW!(qfEzjTe+P|&VpgmV@rGN=k+5BY3#06Ray;yY3Uez5*$dy;y z7}TXL%=5L4r*%*Zy#N&;h4Q3@0-#-6uz(rx0usgFU6Kd*mEX+8T=HFA%ZvtI?N5Gi z1PcfPGnn0f2!{v=0U*^RBF)z;eIF7<2G7F**gRfG%HRF9QW99B`@~@QncnK`&wMC@ z2Z)6To?ta)Q-3ft94Li-7y~KrUU^_)7lvUzWm5u1$AIY=cO}%O6=DI+(Io!Jmfije zf8d3f)et9U;>fj_B2LG;q~faRhi*v6F%Dy-B;p}9(6}T_xaG<; zmg705W0yo)-SA3DSfauuOZKhfKL+GLrbzQe;?-Qrr$l5gv0_1HWOYUNZ!Qz0VWK8ztPiEvho@7uaSrc>bp6eAefX zwC8-p=Y0m~fR@O92H8VKWT%YEMHc9VW@wM>XRidykPyp0F64%`=!<^Hj;V)DMqf8p zUpRJ4j27vUUdWDF0*+qI$<+-mR%4QO>6h-ujwu0@){69{-1V*KC!PfY@J+Iv*mg`^ zBk=ZhZ%^0z7^bk?wCNJX);#n1jT7d zzK}Tu0$zPoiG9bQ){y?x2X#GasW1mW^#^nKfCcr^0nW?oYzG9;V(d z>3r_$uQuwihS#yqWDSW15V(g97)+lASz8Fv5p{;5&WGBp+a(p?{yDAFPr!#71=&wowMihv57NdQd)8I9;utWs~l1sj%sl4(~YDkbCfJ zP1Q`FuG;O5hnyvbKfr=)pxe+E@&CkId5DIhF5FH~hT!!6Zz;fs@r~;NM^Kn`+1zAs zw1m#LorN`!(~YIu;nwhZw%8+2@()K@6n@kiI9M&;WsP2Okp1qeU}+e~<5?(xHjx3I zw(%~{Pht=QJ-`N37zH$+3S$lO{Iu0&0N8#wg-pGN8eQ@xC(->J+-QZ?FKEh1hzHH> zTD`nZan15A_i?M0hcB1sYgKecuhIBqO*uePe0TsmXi9Kh^GJT|l>TeoeDRPj>-uJK zhqdg_P2Rc}Qcc(E;C9e^ zkN_L~RbU79^-f!TzE)>PZ|N0>5MWlRkltBe<5>Qd+*_ZDIM;REh=%FZTLkb1wFY7R zl}a4e@_kqW6-D;tEp(~G2N6*7*q{SGaP;7G?J2kb*|zNwS86F`1rD&JBCSq;sNcZe zYkFl&447Yk(1sD1f#VMN{XKWV-cN{^_z%aR50XoIkb}jn1CVCrer|EG#%uA0>7qA! zqoj4BuW66IX`fHdqlfyaSI37Y2R$wcK2~U{*ZQr0dQE0y12yP_W=ci&W3D%Qs3+)q z{O7Z0dwouOdtCdrm-}{pdqAE0yLaijr^mR*`@XN`S8j8B9B02Le1P`lZ$|vYSNz3i z{Kj|u$A|pLm;A}6e8<=O!pD5Gzx>SS{Qjul{LTk`nEw3GCw-9~{nAH$hCcn&XML_t zdO2_X*w6dd&v)6keT?pyM+p4e=Y4wam?PNz-WUFL{{7$|{^OVTPMHGZNB-t-<<)oo z=(l9(m;UMx{l5f=e*y;*ENJi`!h{MJGHmGZA;gFhCsM3v@gl~I8aHz6 z=kYk}YfYELxgg34&Fb_AT7Fa_7>$x^`e& zhIi}o?d$h1;J|oIq6{neFyh3D7gyc;FE3BVk|$HHY?&ls$Br*^?(F$9U(JQxf-Y_P zH0rXVHK%Uv`ZesFs}0AlZTmKEi?d1R?(O?`Z_UA2121m;cxla)h$Cve zZvFaM%?hYv@9zD3Qq3B;gD-FXyiSvN$fIxX{yj#`v)IG0Z~wm3%(U_I?{9y%Uj7L< zAbJ2sMj(O-T4&%-3Oe|paSSH38H5#D*qMY*UAQ5Kr)8L5harks*@p&EI3kKErd8rs zD!TY$T`aN%BaJm?XA)HY``Nf7kB#ZaTaQ5sS(J=}4S6JzHx((+iAg&7q;5Y32ql$O zcC_SUR%*FrMOZe;C74xu877%!nkeOgW~v$Hm}|PZrDkE!_a>b~YPQ6jb?UjJW~t=4 zC!jCh`DdVojuUFNdI;(TC(t2xgw&J>LZo2aNYiye32qdt@_L}O1#wvTPN~2A=EVQus z8ZEUXBCBDw*_t-3w%tZ|Er{NVYi+ZMj(cuj+@iZKTu37HFJ1Fv1Eu92CF}KRj_wn(eD2#TgR`?wJ~Uym7f0e>`%< z9Jfd^$~M`XGRqgO+%n7(y&N;m#7^jJnlV>?{7*$Jba_P}ei-LKnk-y65w^U_`S zyLaQguHJi}+qd810v>p`gA<;u;fGV3xZ=<<-ng=lLtd=plmA+|<-1~@`K?Kd%=yQg zgAS|cqqADN>8GNe`lze3{;BJ)ZyLMom(pJQq_^Y#sP4Nj+Pm+D0v~*!!xO)!@yFMh zyz*}{-~RlX&qHsf^wX1Bz4c&XpFNx=1I<0X+k-Er_ePEnulVObnZEi-vfuuZ@53*o z=R(h~t^D`%n7{ru^4~v={s%xom5)gS^p*e*n4$zK@K6QJQUj~SzzB9|f)r%b1HW`Z zQ(16>73!b|9|Xb>DrkfxQlOq%0+BPKnBGd2*FdQl%?D zQ@>5dl1;6wC6Zu?%gg9;m*mn5&Q#?~P~LKwJ?f<~8H3DZDrT9?M2s_^DHzRkBa+gj zlu0~c&1+sLn%wk@H@_JglPu?u;`E#<)+n3|Rn0#i>L7frw5k<2 zW^F4|npjV`dgrZljnY)Vch~mVb*~fYt6z)8*1*=rOUpPcViT*_#WJ?Bj(sd-BP-d- zQns>|y)0%ktJ%$RwzHo7ENDY3+R>7>w5C1nXdg(}1VLuClnSP6y9wLaesH$56(I>U zcw180cDJnUt#7Rg+~AUQxWoljZjXy8<0|()t!?gro(o<7NO!vYsjhXM%iQepb-Uah zs&~IT#qf&PisUVC7Kepi?do>D&%v&H%>&=~CiT4ZeXo7*+no987d!s^?eBu}3*cM{ zc)-8;uYqe--~{(79_?i?Zk7Q_2q%>m52kQoPjF!jOKSof=CEs)v4#(WI5h|^ac~xl zVpFPk#i?wui?;>i7=z}-G!E8`Z;YWF>zJ23?lFme4CKi?g~US+vXPHWWFafLnM`gn zG@lIRX-av@fU&WaJ%i;eb7sq2wv3m*OqpfiBFSRDaw5!pW^ism&1()#n%^AaILq0@ zbgr|9?u_T;Sa{DKsq2uCFZ;YipY*-0rqez76hLAA8(0 z5x2QjmhE(tWZmp$io4(KGEd9f(dDi;OVEw)tj2raGV8a$A)@bqe-+>a&+Ea7WblOl zWZ?{Vio+jnqKHeJE%Uf{#p84FjJI^-9EYjLKfW+}U|i&Xr8vh2ZgSnAT%s&^Im}}& z^O@7U<~G0i%?pC_o%6isK0kTMtLpQi6P@Tfw+ah@?%tv^z3DYSdR3DC@1RH3=~lNo z)Ttu%qP6^?SO0p^v%ZwA3%u(L1v}b%E_S7m{UIt3{%hLfo^yhK^_9}$1q$F41wf>44)W?JANRLe&AyETL8vC z+!2G>Ux5qq07oDg^7x-b9`Hnm0XE>FhZY<{9gJWB_Vv*ZQ@kJ;y?^-{aQ}((H@)%y z@CP_}z>fDnqY9Saha2Xg2HulF_W}w2KjecRc!EICLmUJH01^cBN#9>pA9@uX>A{2M z#atBlLo>)jIj}$lJ_8H905LgFmdpF=$@-<%1iT9~oeu=Yd`Z{$A>dAL|XB`?&)T*j_>K z10$3IKUBi+8DTcaLKVc|`2Ai%C?E4x!Sh954mM!oEmhOiz$A3TKhy&mFrfzG9t(WJ z81{oDF zgD_;@1nMFA1p^Qc!^@3g`vu}bz@Ps7(O(tNgDL()Kgfa_up<1ifba>R8X90M*q}h* zASJS)kY*8!Jh2V-t!p&A-Y2je1jXXAT`!P zBod$T!9wz-;uWAFIHV#L2&6&WqKV`pcP-xDxnEI8?BR>EXYrZCI z#-?n}CT-THZQdqs=B94$CU5qpZ~i852B&ZiCvg_1aULgfCZ}>PCv!HZa~@|v0028p C606_< literal 0 HcmV?d00001 diff --git a/Media/Images/CertStoreType-EntryParameters.gif b/Media/Images/CertStoreType-EntryParameters.gif new file mode 100644 index 0000000000000000000000000000000000000000..277e052922bb2badfebc8a5e6889fe1d43917b76 GIT binary patch literal 13016 zcmV;}GAGSPNk%w1VUYr~0(SraA^8LW00000EC2ui0FeT;0*C(q{{R30001Qb0aySR zCjb>!02oIADO>&|0AsTRcf}L{02cr=4*^36A3F;-OA0E9 z7CCPfSECnqryBqh8yiz34ge(|Du) zc9`ONwdRHa0f!enk1sEaGXRG-7lKhdf?r>LihG8T$A+KJfwSC)#rTRlJcl=Oja4U( zT04ntM2Ta5i+G-lj(Cifu8*USi?7d$z~+_=a+D);l}iYfTL70(a+GpdnR^TK%8WVDl}pKySkIJ$&YoG%q-)Njl*_89&AO<}<@L~tan_J}(#yWv?aiF;)T!&(!te0)_`q}e z$cgmh#Psaj_4@k$G->+&Nu5fys@1DlvufSSwX4^!V8eVx3Ay7fCCF2Ot`S&!-%cwi&pPg;>VC9OP)-*vgON|`5tSWxwGfb zphJruP5Sa?$E8!NUd_6->(`V|!=6pMw(Z-vXUopbySMM(z=ONpExfq# z^XJf`17>qhHUyz5A;9;$ihC->drf`19+( z&d*R7WLEV@g)H`QR+&Eok;9ii`KVJLWC#lM;C>WV*qMM-{6`gr19o+vRQ@dE!iXf2 zSj2==`D2a?H<05`I+E-XRzA+0QKAj7v_(%Tmgt2KCnL__$|#ATC|Ex=mdJ#Rg89Qv ziBOJchlNy9hz=E4W(eRv9EK5#hX!U9Vw5Ht`HzY$l9LaREjsDK3|n6HA{}J9fQ6Y| zjd_E7{wOmdFaPv23yC)D@#k53;>lG$gOb@sJc%y&WSvr0X=#34B9m!>sEH}!47(gO z--;~?>OvEcJ_%=5^VsM@75+`Bm7A+xwdRPI zz&Fbbp*+~GI_6@fPr4%R38J?D$YX>HfSyTkiqzgZ6}A1I88C_ws-smuzPL~WHB{we z%a_s)EYP{`rZ|vSrV1R^z7cmUA-6CG=PkH#g4yYOB9<#=H?F?wNt*rm*+i>QCY<7= zb~r4RKDYM6&A}tuz~n#k9Q+C@F4zENxhvKnP9soW(zUt%xI<@7q|GJRb`WF43>?o*BEEN5m9l(~Q-u%MS*$q2Do|%V z^*v;h7g9~jhFQwnx4JIF^L0UV#b zl=O=Fz%YaUGaR86dX*1ijOY*9b3q%LqK^^UkX<>v*q~I#56bDqR3~EH4~SU56Wxw| zQu&b!PV~Mqwq|Bp0?X;fRHrdOPlwEN-KkRbCizLFigVNo9&Pn7AR%#rxkH`6IH;fz z0*a8gTi4Porm%SELq7AeRitjWz^U{@L``U15qB53cTFr%8B-)ESrm^wUNK{p#2Y3X zhqo!#hk3Q5p$jg7rdW=$SQ9h_Ra&JtGy1YLXr!6x!i2LC-7kOmyF?-%q%Lv<~G@+x`%Zm z5+(kU@ zsrj8NXZ6G)GfCx4q0up3jvJKDvf>U-mgqzi4Cf~aDa%8S4Ig@N0Y<43z7f$NbKZ;; zPAP@BML7d%u@GubciK~4{BtTpty5945;?s2X-`9)5>2PlQWwBtcy*eRM#p-Yj&^h_ zYXs?4M7lZwLQ_@JgkB)8GC~_5Gk=NrCc;uQ({b*Vka&E|z^xP*PH*t73bTO;eYmu1eIHi{--u$;w*ETuGQy;r`HE zvyxWQJ}-i8l_RR6iIt&(k*D0~!#9Sy)2hUjub!o;Agw}x$CK|#7p9-n3$E(RT+rR=K@`p6NMYL(TVW*gMQ(o6z!9* zk_i(ZtTb6%AElHR8#Mzy(8{ge9U&9a;A8%R)dh99GPM3dkF#NO6gC>O{)B%VhAAM! z!pv0=qejF8E01V__3MK)x&fpRL$A%qn6nF*;EGk8O@|L_)QG}NqTR9%(1NZrt;Q@~ z&NYhAhK{HdJuA7KavFMB<3k-t1hTHqpbxr;#KFqDTE`PUVq0Bc>khxi7Nw{Jc56TBLB+gTM=zv z9`Y0!JmTtj$HhV9aggi9-?}J8#2x!EapXMWpgU8|TYjdMU%YA1aK$v9cW<4a{9Fcq zh0>Te<{fM78!r#IRWzOpi!YttU>D8l!u}Zb@zLu0CA->PGxoI)rfifjl!MXEbGO_5 zGi|^7U!FN4ML4XzdJjC_i7EKP_@f(qpv2d!GI9nM{_&5=JLD%%`RYi%@|e&3aW1d< z&U-#Lod3M&N8g&zlm7Im2aV}d&-&I+X7#R*z3d4C``O$6_H?N|?sw07wdlV0zz@C} z2`~KO8$T_-KfdyfpZw)JzxU05zVvM${pnl3_0_+=_DTMq{q1|d^WFcx_$eR$@ta@p z~`^IDiI7B?WkZ3aB3m zxPT7W9u4?_5@;R~IDr=U9Tj+i8i*YkxPcxR9Ub_ABB&f8ID#fv93^;yD(D+2xPmSy z9>n*8GRPh+IDI#_QpI2QeI3IPy=0^k9NW*GJm01to_`~V1x02uoq1O$>6 z`EUy_5C9(VM1OG)LAZqtz%g3E3=CiuVE7jKfN%SjWMn}P`{oLDw}X+Bu>HxPq}bi?s+K_n-s; zKmb{ACfh&+F(3o=vJMI$AN=qL8z2BhrWT?|4Zx6)3FHV6Fad6028%!oNhlTTP>22a zj{*4)%&-8e(2&;{C?_cZHo!6Ypb9Y%{sUG}AN!yN0WblTK#XT`4Mt3KF18{jdppITe6; zCg-pMKyVH)UlSVKXLekJJp*9>Wpb|57{Z0B=8T* z7?g|fo4|ORH4}#<37`H?oG7K&ao4}BS^IEU>I;eNVgrLfs1Q3%kxdDstua8O=JV~4m%cljSulzcQg6gPH*r{0= zu@O6{OV|Mv`~Cu?$^gRHs(~^LFE9cAWfp8Xpe-O+1DmU(sErLkApXz{2(SydfB-eq z4jJGBpa2R4XNnX61rYF`)Cwt3E45TR2i3~0*eVW~iHhG4kA^6!2%xRy$T_ueiU?4I zt@#Z%V-_Q;r$G>%0&1MIh^}2Ir-`Z-f+?y3un2o9jQr3AufPSm)Tnmbv6ZTmQqibX z;kX&=gQswe57R4@%7iJR4PA(-nwpfHN|7h)o`)*Bt!kX7TA+z5vrsh%vse~6I~BEh zCb&utx+;oMNSi*O1n5Z>H42Xkz%l3m0&h^YtoXbC5WK^ywZ5qdT-%D;ngUPp6w`pM zi3z>Y{yPm~dbSBPqVc+>yzsVVF|z(}4Sv`T2tb{p-~{{dD4vT9z4@ELIh^b%0A2Q* z4v-J0(40fL0^vvtCm^8ai@tJrxr^|fj2NE%KnPACANY_Xf{C8}5Ddzh7KVt3RI`Zj zfQK%!4g9;l@&Tw%XbSpZpZKYtCi|(Ro3dlr4i*3)hsQAt>Yx`aq2REbw9vV(8w5KL zz0yDqvD>q>+W@ej4z`OoKq#73(YtdPul~>u!b`lgz{F0Ryj$y=t*8#TPyqFU539fn z#XAjHti`_4#Z~JM=gX70f)f2XEB9U zNCAlHD>i8W8QG_|kjDlYD13N~O39S+al#yfvZU*p)yh}aYQ5HM-PUfc)@L2n zQ=t@eUDtMf*Ld9%Z@t%i-PeBI)p;G*f<4%T?GsSO6@{JHioMv3{Stru*pMCBW8K)4 zUD=jR6o)<4n$3eUz1f~^8gl*Fq74~nJ=&%{*RIgnr@h*RLC>nq+ORzx^&H!@eHgA? z+qezXvz^<#P1L*H+rW*~za8AfJsiVb+{lf5$DQ2F4U5a&+|X@0&;FfXmtEb~ecjld z-P*m~+}+(eVIR|N6`N5H9{`S4*Xf@$FPT_%W-gqwI zg-+gwPT`5p=ZxOyj_&7LG3X91=|djp7oO;gZs?A_>73r^kWO2GZsV3d=cDf7ncnHB zp6W{e=~zMO4DRX=?&_z`;Fu2Lv##p6p6fi$>iHGw?=25R00iZI4l)2PmOu{mFb`{x zCBpUIvhLn$m=YM54ym2m(?H(&U<~R24ab0QD1q!_Uh3H14b?7jp3kjFnD6#H@uIu`~@9>=uj6kszy9o4c4Lz{l^w0@JKm#@;-@Go~zV6<^ zKm}5O4CH+d1z!*OAPhP{4)c%(6kiX|umrK--p}6t-t+(q=ba9_fbHI}^4SjVClBAX zZrb@#w7$EmHAt65kE4;92k9+pq)V za1N0l_T^3RW?$a-fH-R}?&=-w?j8?;Uk@!m_j-@=?|t{!{`Wyo4(&eggn#=!5A^k( z5p7`~E4+tLvpX2W_x$*M=2{HbO#`WOz+MqXhp9;cG-cXJ7s|E?=rQB0F8G zhp$jeYdz}G3l(qR$Cd(lMm+XU=uo0WkEsh%hs((Z@c2jrJMY&al-=X>6%urFyh06mj@m!xVz%m<;|Z* zpI-g?hnKPHpzGPQz-Mcy)PZDkw8vCex2_2ZqSjpdhcyC?N^drV@IfO$kskTu92uwz z!xEF`v5%@g#w&}uv|KqRMCZ~0F~n(fg3da-96F95kGd(*7_>+X@t9rmfl zw7@gjOLNE~+e{KpJ2&ODQ%@^%FQ!h2h@pz^&LP4EUd*8iKmBadW(HmkqGwbZ>@YOU zNRI(=*Gbo_R8z_@MN-&Lk3}|FWtA0EH8RVrbh2n;3-(eEk2H2!ZMWsN+w+=T>e&OQ zjf`B%s%4K@Y`tZ-U3cGY3|yteCD7c*qRAGrXs%UHT_f{_H(-GW?pEH_Aa&GU$JBA9 zVTT`vIAVz>rr2RO)sZG+jW_1FV~;-uSsFMo4!LBLPu3V&m_WjYNu3SnqnrnzRD zZ^qeWm|v55+?;>@20Cb=hemSeM~#-0Xr-5Cx@o5c+_mR=pQgHMtFNvZX?n-Rx@)h$ z2K!U3r5>|Jv(H95ZMD~CyKT4MhC6P#=cc=EyYI$3Z@u^CyKle$20U=V2Pb^+sI{gx zY{eI6obj;{uT0^_C#Sq}njiNya?3a8yz`c|jt25`Jtw_%)3wz)2GONGy>-`Lk5g+( zR+mh2*l))@_lz)4IC0&72R`_Vc%NBw;g3f?`Gbh}*?8sOe11KZqj!pIXQiRNTv;S$x+A~mW> ze*+O2(XzFY-mu7hc?2L2wWt$%bn%Nmna2Ilv4j<=k&OZ|A`+Eo5ESB|JNc*u4XU)p zt)%dg^#J73su;5?Iwp%-6p1Qmu#0UR5gw2DAP#mR6BhyfKoScOh}&6?5JNtY zhB#D_OrU+UH^T&KFav6XP!t0an!IXOx5~iez0*)8MO7Q5;f+Exp`|kD!!B^D{!^ZQ zBcKB<=r@c=)fk9jeFAx?Nlc0kDOh5rG%$rlF{%@d#v-j+1$=I+%q5r*9ZDRo zl+dumoOuO{59|t)a9b16Z_@7qyz^G-M*oTBM-0S=enfrFld? zwziL*>iD@2xNL+?vjMxr>yc2L@8k7hpBH6*~+ zDTJyFERb>3rwJDori)XkC_QOo#1cA$k}+(ObZE1o0ae6vQW4@YFS5kQm4PKT2EKN& zShR75NsK|uP(h~*$6nU4qHHh?RoLJagRU%UP2y%G8kwL-mSlTlk_sD~b)LaJOdO|- zmHY;J&{^)UvwX)83|S$otGhV^!SfKFO$;J>C)RB%tfEv#y($WXNh{b-m>S%6QsvME)uDd9OUCwc`xVL^jHe^h~*X%J=W0B7uu5Km#}Hki5v@^gOKML zPnedIcE0y*4B>Xvi8`Qh6d7Xyd+ig5H1ronk-a_HXL-9wq(K*P9Ag^lI1%Delt{tT zWgNvYyk;Y!_<{WWPqZz3;2$6P@CnfE?t=$30EzhM9R8#4WXZhZF=mo5-q9eGw~pvn z4@&*P!|t>yTg0kBr)R)mg^aE+Y9@ z#nK@HO;hQvd)yxnJq|%c=)b=FlaYQssP7c(pMN5RcK>wZ|Csczza#CRfByCFF2vcN zBlzFH02IJv>A#KBo&iL_1Z*lzzdv{32dGU#J~>pKw$9| z|Jw)v{J;`4!Qt5z>@h$NI>8onK`aWvT`8Oyq`?}r!5hTE9Mr)b zG{ZAQ!!%UGHPpa*S;IGk!#I?~Ii$lnw8J~ZLucv2amm9z^us>{#6T3pK_tW}Y{M}r z#6(oYMP$TAbi_xD!b8+UNTkF{w8Trq#7s;>NemZF^u$jD#ZVN*Q7n)>bVE`^#Z*+q zRb)jqZREyfgvL_r#&8tJag@bxL>h8L$8=Q3L^Q{BbjNpu zM?!4Jc%;XAv`09c$9vSredNb1%*THI1jv9CNF@Bnfi%d2M966D9j!^ohIB}PEXaqH z$ca?Ph@{Ai#7J$l$c*I3j#S2t^vIADNnO+$6&%8mM9Gw_MUYg~*K%CRKNTuhh|5X-VuORv*tqIGo(p*Qcmb;yw2?8PDa$4La5E| z6i-#u8XySI@kCEiEYI^y&-Ti#gbLAQ*s|{RfdHSv;6oe*gvth=(UcS^}|$3P6T`=!aX7g`Mr$Al(&h z2wKQ$2DI&sd#C_v@P}W>TYl&Q zqgB`bUBQR1ZOxq}hf^4VqkRB>Xoj)q2U>7~wQXCbb%1dIiGSFKB#?!vC5Lu60TTFJ zC$I(}uv%j<+>!0wnY{-Z*xG);g$(cjzu;XVm|1&JfOuGk3y25U9RYsG15@A!FAxE0 z(B7vt*n~MQJ-G?J^0+H>9KK>*q2_1gfL;B^Rqyv>KFHQ=H^+ChHat!;-Lc-nr@1Si1a?fu*DZHCt6 z2QwG|WEk4c9oSIS)b6BVtEGjJHCqlyTlMAPrTv8omfH?M0lU>(GZ^80Xn`O0Iz%Dl zk^Kk6?SRF_;9(eo4v>MIedO=O22$>g%cX@0uHd}gWEPcSjZIXJg=R*T=4tL%PWD1; zrp}4gW|!pVZdS=}24|EM=W!OvayDm=%+zd7XKKb~K5S>?MCW++%y<dj7s|HN=zz57i|)sa*64lY z=#IX}j|S;_6zP$U$C5VbcSPxw#!Y+9MwU)!m)=a6W@woPO`4v}mB#7Sgy@|f*Pixi zbG2#R3~Gti*Jm#3xYX&S)<~dcYIq&$<9uprb?T{x%B8kyX~gQRZpN+VYHzISuRcnz z7VBap>#`okvqo!QRO_|o#kO{9k__v(uGpwvQMwjteP(C8=1REc>vEjyzn)3I7Hn1| z?7}9`z((wrJnY3L#m07Q^;GQ09!bci>`%1p%YM(v*6fa4XL#;x{-n(8(6+?UCT;EH z?9--5(^l=8OzqZ=%-4qPhGgy8R>a!2?Lx%u+#bZ;=53vn?cWwi-xls;4DRCI=;KCi zk5=yG4(aB0Zjy%X=sxM`rf!wC?(1%8y#{UVuI%jgZgeE>@Ww~*CU0>Z@AGy=^Hy(e zOz-w4O7@0tkGZ_i+u0>7Q_DbZ!iS#0N=s^CvXPMZ%;k&gf#F4x55T@ za4LlG2*=S~`35wm@YnQD49{@-PM9&Z?+$0~gh5lJ7IAvinl9k*6W8ipF;)|2aqLbQ zYgq9ZXGX2LhZ?u>kCg8nx5WwfaS!eBAfH7bC-Pey@*{8lMI%@8z2+JnZ}PWJ@+f!C zDW~$sw(={N?1V8%C)aXvWb!YU>ZyTpF$e4fH&rtS^DI|$>typbzr-+ab2(RYIyZAW z7jvzdhBAlq#7-DR;PXC5MLhp8B`@|PKXxKd_8?z&A8+;@e|8&>_86ab7O(abzjhJN_730n4DWUd z|MmzEcLyK$1uyplKX(F8_W)ma|8DpFe)s#v^_Twcbz+S7`M!7f&iD4-clGY~^EO8y z6!?KB_<}e1gGcy;SNMewoKmfK^j5!zx5uVXb&1!=h`0EY#`ug^=@Y1Uj-Snq2lgzk~jI)MER5t$7AS#k7xOhT=|%P&6%fp<+S;mr$&m`d5DMko@eWv2l}oS`l0v6 zqBr_VNBX3<_oZigVKlv;e|lQv`Kb?iski!Atop1cdaURARowcomwB%j`$2d5vM=(p zM|-VT`?WXhws(8-g!{N3^n4(Dx`)Xe$9t%!g}dK-Ogx5Q{rlid0KXsn`gF^~-^H+3 z{Ioax#;?h_hkU@7{K+rv%C~&&#Qe;EME=I-eCOQ!&-c#I7ya8N{nFR%E=T>xKK<1n z(AIbT2!;LFKgQXo{aUyE+rLB4*L})={NCUF+z0+S4H zmw$hx|N1}C`^Wz(MF0KA!~O?|e*y;*ENJi`!h{MJGHmGZA;gFhCsM3v@gl~I8aHz6 z=GLPhphAZdEt)dtPNPbf zGHvSgDb%P!kxH#<^(xk^TDMNs{>k+#*sx;9lKo1xEZVec*RpNv@vPgpa_7>m%N4HO zyn6TY?duY+-@t+g6E0j3u;Ijt7c(AvY*o_6k|$HHT=W>8$d)&A?(BKwu?(6&lP+!g zG|tSZSF>*28S`k@vS-uY3%fS%+`8M|-tGH0aID8@#SU)#IP#u|lQVDbT;=lT(x+3e z7`;07?Ai%l-|qc;^X}lsliw}AJo@yk&#Q0mo-_OR^5-j#PyarCzV`F;@9)-RasCN7 zAY1zpcp!pT8JHl04KB5ygAq#T6ND35cp*#`Vz?oPB5Bwmh#_M1p@=1#Sdv#Ks<@&? zB(nJ8i7vu8BZxB6c;kis$H)^PjyamRowMkPBgoIVPE9nt3LgX{K3_nr*uICY%#>`6Zof!g(j2ce1IJ3v#Ad zC!ibUIVhoL?rBt?63rPXorOB;=%Ga=8quPRdif}(c}7aqq!3kVsg{|F`sSuXb^6e! zpjtU9t7{T;s!*^tl&Y#wwt8!srN-)Km9_dR5U#<7scTTOGIY!*z5ZIOu)z`wl(7pP zV~n!Pf;wmsj%E090w>>-5|ZNx*b zFD@V>5I<*xD-ixWJP4EzG59hO%RlVQfUgu*!~@P73`MKZwAEV6Xr48Y0}mZ8_(6{z zE_kd@Kk@RC&lzF9;g2ti;PWk^^ZFCc4dnde&oWJHyU!U?i~(@Vybx?KK5-}_&^&4I zQgA^OTP!EF8(VGXo$10uvzSi!lZ?48c&&^JB78Hm%v@{wYC=F8ZBRHoxKjf)|L_CH zBy=~-gFoOjVGz^=Nxjg;I8}W$;)D93k3Z_*jcfqFv?gGRT4-O{P8YBKCp)(*d%|G;Ws1g(H;l?N>iKcINJiOKv>xsQaz*HG6)L z+XW2|vA@;-Baab#@a;F?3?{gW5w3RSvs#|YRgQ1{!5_UK$2(}Yh?Kd27mVvy@@BTY z`5EM9IosJXiZG8eysaOz7=!+9<^rU};SWqpLoB=}5bz;Hd{<2^tS`xHbB!jkkJZPvXd(Inq&8c5D?Md7{UG9OD_b>*JFC$f`iz zp ak&?8eCOs)iQ>xOHvb3chjRryk0suRi_GEJa literal 0 HcmV?d00001 diff --git a/Media/Images/CertStoreTypes.gif b/Media/Images/CertStoreTypes.gif deleted file mode 100644 index 1b5a9995f4b67db0f2ff0f233abd9b54902709e7..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 18181 zcmV(;K-<4ZNk%w1VaNiz0(SraA^8LW00000EC2ui0LTKn0*C(q{{R3005F6AO=|#E zlmJns0ByAZb^ic;#ub477%V~B^V_oJUt;{ttmlsD~$grxdkzOy)=>k zIV1o)JUl!+bUQnfIYUN0S93XGYdmyyJam*ibh12^lsuKQJeAWzEEqyWK|)20LXOTx zn%+tPN=hhuN=X<{0DMxR-BhCgS}Yh^EG1evIbHx~VQXe*t^aF90ChY(bv$)-Jd|xp zLUV0Wb#y#+b#--gly!8oag3{Vm6Uar({!@ab+xl~we5QdYkd!beGi;{53qd?#C;EL zdl)f$7&&_wQhP7}eKDzhG01&TzI{{BeP5$}U%7o}u77)WeRn^*|AYWFgaA^9A$fp-fQ%}Cj4%L4ml$Df_s@{~Yl#;CIl(n;z(f*foZJ)2~ zpvnK7-~Xi#Zl@20rBwi-QkJTP(W9fIr>f|swDG0i|F2(etziJDbUdxCt*_Ybv=6Ve zKyI*Yr?YfCvvhT{bdeI98?X&9txDRf)568Gr zZoFb{y?GeDf=a!$@3_MDw%Gr~50u9-ZpK<`#)1IQs>{r&>cz#y#?Sn~<^IV2|IH6> z%@426$IZ>n&CS^U(*M!bQf}2yxz&ko)0I5am37mVl+(3!*TdD*(UjQO*w*L%)9SO^ z@Bh>P{@G`4-FR-@eSzV}-r(Brlq*q=V|E znd+;B?yr^Zuet5Db??KB>dMgV(Uj@d=I-6P?%?e1=Kt;Lv+(fn?f=v4{_pMn{`b6i z_rkCD&y@Phy!+(Q_UZBW@%H!c|M>U#`Tpnk|L^_Cg#XH&|Iw8G*v9|cod4vf|K_>> z>a+jv*Z%n4|Muhm|HuFT(*OSK{{8s={{9I50RIUbNU)&6g9sBUT*$DY!-o(fN}Ncs zqQ#3CGiuz(v7^V2AVZ2ANwTELlPFWFT*5Mat8G%=Aa>aU3TCDY)%YZxf(k1l zvL6yV(3L9ciYlid%BtwK-Z6?~gO4th>ZB-I3N47iruyn4qLM?ZjiyGctc_x_`XjE< zjteZG1-Y8+K=iI?ZiwYlo2$LScKD%~DNafzrZyHVZ?z}>3o*77bLZxf3~^WxvI%|r zkFnFWOcaHO`pgo~e#VD~ot~46;G?f=lU?EAyGEznm5<^T7(u%;bz9(;2L- z%Ho(RjwUBv@zd2^{N}a?X-p8u2sQoB(8PE=va=zE_2H=n3A*9SeE>zKqY z{p`J7Z!I?42+iEG{<0&|31r%SM!DjZ)n@&dlZ$VjKE_LI@>DQTRP0;d}8=IBHwmC4JuLdJxTlMhdzpR1Cayh%)@=P{C z>@nnZHTppf3g)-3nTSw%`;evHM?%|}r*Z#SkNxfk8%S+zSWQwIrw|q`0Fumk1dLY7 zPQWDbZl^IEgCPAfA1fwFWBgT9+3q*ayl+P+Rt7f$;b2+rszb1vLAvDcZGm_-!{D?$>fO1D?(j+CX zHZ1W$@dDtgQR|S^BUwR9R)Ff`B6o?LMoOr9fD{oghbbUmM(9eGiykqTDIQ}E=$2*T z8#AXl9%l;ZO0HBUHMhyg$8qzU;H-@`!%5C^T4tQ)Os6^vgU)rj^PNm-Cp_m#Poc=O zp7{RECr<9E&wl#TCH(xSKnF^afD-he2-S!|6UxwrLL@sAh^Ry-O3{j1^r9Hes75!+ z(T;lbqaY2bNJmQ2lA83SC{3wKSIW|sy7Z+mjj2p$8dHHR)S)=dsX=b4)1Km#r#=lT zLV+sOqW+VpMolU{k*d_DzLTj=jjB1JD%Glfld4wDDl@UF)voT6t6mLj39ZSOvYPd* zXickH*UHwmy7jGajjLSG;t;Tk^{%_KD_-|nF}?EjuZi+2U>@1$$tMD;B%taTW?U9%@A8)mJFD$4W`UJH|4MeA2z`CzyS#?pa2q-z!qLWL`B>o z2rew-!F!GHWF`!UI>ZPYrn{Gi^kBd)o=9I(jj$?MAdr28c*G?>F@L{{KNorn4xEU@ zh+w=mmE9^5gS(N3aHNYT$-|XKb*~~$Adqq_02cq)agVzo0}?oZ$MskN{+QuW0Ai?u z12`A~1Wt607d&7CG%)cwU_gQhnBpJK7yu4TfMUF=STZc`gpQcJswd;<9yd6VE{3ov zmnk`_?kxuch~W=Wa5>C8{>MJLz%(_ddChHB1qH~l4>54z9!uE5KkU(jS2N)c|A0pZ zVBrh`q^Hn#J+xvHO{F0)8COs4TcnFEG2LaEAo~~t7wQoMe2H1qKR)%TbDe4)lb8$e zXuyfST@C}VC?9XwgEJ5y5MYZ{*oh(bJ#0{i*u6N}ms<9u`2mMfV!9yfc80kHa%~@r zSlepmwwt|O;&6|<#DPYG#L-}ib+>!S=LIiB_>He9*&C1ehP0&qseDCU7FE9VK!FPW zR`6__y4ry5_CLOT4<*Q&)?A=R3i#BIWB{7o|8RF$;f)w#XYom?%D^u^Fpf)$yx3Vx zRic+f z=w7vZat=J-h3I`Gc#kiUTiExB{9Po0$M4{EW8}goyX%kZ`i(4C^|epPZ*zYUNJKaG8s~jM zY%BbU=$5y#&wXsQTYQDUcD1uje(o9TSkYSl`q(_n> z*npRDehwIcHUWVWSb;G?ffks7EP;VibrrNgfFKxxB3M?m;1{QLfTsrxv>*+UVSnu) z4JAl_MfQG;QGqp>8XTxpH)w;7fqUf_4z!?w|3C|Wk#RGKe!w6NLMRPA2z*Caezeen z7T69!XoQ4^ehhejSvYJcXn9*We_vR1UFdjW_KPkHnn)t zu!iOmO3UUDllDIeHZm60P;FR#fjAYpQHK+;DgHo$4JPt*dT2Qm)^UHxP)3$v8`fbT z_G1(=cH1?GQc;L!IB)n;X^?gacatj~vI7@T2U3SBEp~6KvnMlFW5j}E@YH@SCt{fx zWSdBbXILZq@+DM8HVEV)Plhm#h-8<>WM)%k9uj3kFlAI?Wmq;<1hHjZ_GO?pW@UC} zTbFQb=4NmvXLM#~c&2B3=4XH=XeKaNoH%*~VTcp~Eq!AHd?F8nlQ||52|%)k1Ho~N zW-~AbjZe34>6S$%S5B{?X`JS1ST|;+1`FHvjjG0Kt_Ev2S8MlhYq_>-y+$>A)s9f% zi5LNjPiK$hfDNz`X_p3d{n&5Cc5IIn{&M<8X?f&q)Ho2)Hf=DMjo5Z@rsj=e*Kp!C zb0t=8=az18$Bw)>5%Mr890-kAlLFM&y$7R&RrHZ%>(TBgb(|1#k!;aJq7f z-3XCDxo|`YZbSKP5jSxa2Xsnlh5rDL5m9LZab=wlmE`ax)DsE##*$araj>+NAlH=x zNpiw+kmQsbDYtS1VV2qkbIuTyuV!pS2ZTaMgzVX#@EL(S=!60hp5?cn4G5s|Nf7?|pDQSZ^7n!r~G zSh^8cnx$N75nI}&U>Xr`IHF-%rC-X23MLU|(=pWIMP+J#XWEZ%P+@B7rqhy$cKW97 z7pGV0VlX2nR}v$%NGJYwfIH2SO!R0(1xY6}A`cx<10S#mRmn7_7zwDzn8aicYyeqC zKn(WK2Ctx}(ea`W!EZ^nWXD2}#2AfRLpfCTK}Z(|W#Wr`I3l_*IKjeX90!WTxT@jA z4}lP>2cfA+Pz1s%svSzI4&jfmYM5K|0pd`QPx*8r$7pmUOlBi;W}_n}iIP?ln>IO3 z@zANmx~cW!9>|)kJ1P-iIcZGxFd1MAHJPpY21#>5kK?i@r^#`92(QGjlHfG15km+A zL99tI1x1vuMyjk00hU=AJK)lq(z9%g$cm%Wl>DM(r}-?Fq6cRDP0*(0{ah2iy=(gv=jKU zxmUJkdmsqQ4+N{WHNmHa=eBRlvbm75bi1(YT7G!@589wBd)v2u`?To?tj9Vlq2LFG zI}^F#17u2A2K!if@VJm$5PUGXn2VyhQ3;&exg`3zp)0x{O1h@2wy2xBExWp`o33{I zx=FgFI9j{5d%L)sySlr(boCu$$)CyiMx7 z(hH*0{#(5qdcD|todp4h+l!?WCNQNLP4PHFE$MGmQY(?Ru@`}t-Mk_`0tNX#m5U*r`l*ZizZVg}gK{kE>xxy@s(V=jAE%ek+H|<8JTA#EAj=OtOTaa& zml8ZEJkSaK0J6LanCVLnOmei>qPPe_tj0>h84

b0P$M!gx8YiOQ^M1FjZpzxU7s zETRj_Mhy1Ybe85xE5ZxEFa%wEl9^+)BkMkaTd?N3LQY%}CQOnk{HM+KbpF`JWW2@x zHM}}b;+6Iot&@twwlD|a00bBdukvbXNUSJjE4OldA8A|1c07jDA}G_E$I-~ei3*CR zImVa9aT4pkyPCp(42`>>2|&OPb6^RmT1k-nJ|%myDQmEojL8&n$MmSJl=CDj?3ci3 zn4|2*rX0v?I%PUM!-KK|II;^oAjL(?#zrhmaNMb9Yb3kO%M$^`?K6;4atTl3Dvx#p zbU-Y}{Kp*UAzTD5iYN?uJgA9kty3FyA0W%NOs?B($qDPt->k_anTJ;8w%Z)Ha|_VD zEYKH0zfy&_N~^bgtIz?RhHXo(12MP)QMeRc(N9QzN<2P|+tD6)JVNnI{MK-&AmU} z)DpZYJ=I}V)mGhASe?~bl^a;W)k3({U@cW*J=RWD)@H3#Xr0zZ1DH&w3RI!I4ZHD19I*ZPq3% zkg7_=D}2O~9h(Rvjf%$EAiFB24cd=3jDYE@yDdJU&5Zguv%yUcLH-=w)7`_^@Wa#X zm#YfcJB-cK5z_fG(zealc@!^gY{&-L+f64!kj%aXVJ^lf+D-Pa?ES`t^wxvPzWRN} zX}rdxY%1k^X=6JbaXb(lJ=OsXih?X9w&0SToW(|r%r!|VwdqJyh9lnUm8Cr4puJ$w zlB-gu*{Bi+iM+^-oRY+_hgA%)&{5zUJ<(uo!iva45i6~cy=>k}%4ZbFwA_z8Ti8(d z-~YPf=!+sYgO?IJ;9c3uuN=z>gpVnXBV9S*EsoI!ao{mt5MThc9gN$2QnTF+mB@XM zf6S_Wd2GYo;fi|Ui`lCyIm`$|5TUK8OSUIy-U)a9%+Wl}{%x+?i5O+E{TnX+4_MCC zxp4sn>&X&vjOyH~zG-UOlR=m*}6>$t?u z)Xg{B_fgvj&d`ZXp3*+;ptsi6u2a~a?LSrR+)jqx{_TCY?cxr<@t4%-p6=?t?(DAa zOKsBSzMTW{)$zWk;a>0IMeg`6Q2M^_{?zaOu1^3T@L~DX1fO{WfAI5^@CyG__ulY_ z#ZPy5*Bar_1z|fjX}=2LM&UXV84mHs5x#gz@dHi%@&{5X_7j> zH41#q7~rSY;p|BO?OAT{uk?$i>5S3nA&W?lV7tTPYm(Fb>5eqR?M%dA*~3e}@}lfy zb5Ch5DZy)e4?A$V5}fwVtldx+*UW+J{371b4)zXYuab?2^o=5FOtJV1`R)zch6Iht z48+e(CDfDV!PGvDcFKY5k6SPY;~>P8uV{_h#)gj^!@l^;E)jSP;ioBbZ|+Gm(#Nxd za9I^lPv(FG1Yf3lH zLxa<(`6%W3NUiva;u*Uyb3U@dzmhn73A!WmBjbvG*l1f51d~7vyMPHOOwG|P-vA-+ z1G#?%4IV_8P~k#`4IMs&7*S%xct(gV%!Os*Mvfglegqj(j9FPgl=@|L)x&hE2r3ev&#J42p2)Onz{V zdfjSJmraC4uO7rUFs6v77qJa#`|qvO9X-g&+rjls(xrEs#?;A^pi07p3s=0TFr#6{ zjU7LR99i;Y$_if^bm=kXg$rcmcK*iH(}SD~19#ftJkx273mGm7BpB0mB+f~(a>gw* z5?8R1FmT#!5O!Ik2sdZ=H4q!;rprqc+?h1)>ejED{_}Z3kKM}MCnLtF(ffGv<;|Z* zZ~k(@%!G#*3|n58?ez8SlLW6={C)oY{r?AWvi1IHPo?*$3U0ii1`Dvk2J=g3F$X84 zutEzb9I(I(H{`HG2oaL7LlH+LvBZ%w9MD7+SM-jbKweR(pHTc@u|^wjO{wgG`a&pI|CDpz8{P z`A33_jgv_ts0$KVIHW}a1`USL5EpHxvGXh;nnAj|p|;H(b5 zMR$ucva(y-*A{5xx@)ih@nd3v%Rb2TpPaHmhYWLKzbbErxM%45h5km{E9#J54ujChff?;CSA(8( ztRS5m4SoI!_mRWFhc-NO%IF$*0lw(QHD)PVUm6xcVnoj>1|i%*7^j@6@FNbXgGvSq z7#PqTnz;>j^Ko{E%=*dBL6YUhwQ*1zH}f2 z@%~t{wutcqw2WaQ69-B0$!{URWC%3mQOc$LE) zp7H=b1mf@@n6^cZE-vpBN7=UG$f!_rHoT!?L)eH#Ee2DBkAx>wjG0k(!o{8jO(R4` zst`BktSMQ+4mE9J$t5O5fX(qJG3e>caY{sx^7tHrxapQNzGgN)Ri;HXnNq=3O)d%3 z#Zs@zpc=L%lbsk2C;tgXu?&HB__L(ZlBzr2ow5SJ6CT+h=*p;G1eQ}prcxP+{>`<9 zg_jPY-$LvczO{USDZXw8r!yfwc_y5`w>?F|#Q>-K9+M*qpU0C7ea|h#=F} zFe5I=CqR)RIWWjH4N_Hno?M!3j+VNd)G;Y0L?JO$=$C#LGP68O3o>u1mN&3vbT>Y1^)``scG0 zx(va@b)Rf#Yq^{HGchg%=pG2F+c&f(Ih8cvup~w?ixnhe3rX7+-M3f%=dI2(wE2J~ zj(7nfoG_=51F!ySCfS3iEFs22nu19KRP^0=#`ZkUiHWKZnK z81Z{>mzd6F;1U8Ja6`%&kpo#Z%_KsXy4d9|jge?y^>T^7*sRdV+__&kBMBtmJSABb zrp;U&G>M)St!Y7*MBmaDwD4}$s3$tcTciPkA}e_x`z-{_1f3J26nK8J#1nZ+t|lOcCwW{DOD93*UyIb zpK2X#YFFDy)3$cDwT&ZeZ`<479#OZ!J#KP4NZjQ{ce?9yZgu{*+ucfX_PgahZw$qo z-uK4$nCzWze)qdO?DluS1uocqMRyAn4{QTzjm$B@ zjJH0NlHAij8q$!8Wb#j69Jom=;R*F9f>9z@=94sve%WG|d+eY{Z;|5^Gh4Tu1}2Q; zqprk_u4xy+=*Tl-x~H8^Sh*DT;o|7H2m|WA;gHN0UXjNZ<}ePca1_L!siq61BC?;Z zJ<%UJNQmM-=((%)fbP>-brR~a#MPIBS=|LECSi*cX8s3$ln&f*7GL6pkDSzyH;CjX zpJqW;4X63*M8@fkxQz?vvMmh4B#5yKOps4zs;3V>>mFX$j~ey`k^SsJTh6|$1}L|c zdU2K_JGUsX^N6eM9_eBiyy#^nv-R)B(a%}38nOAJe*QnAFMUv>JRy2rir7r75j&ZxtJFVqEK|a zpP`M;I*BSnh%1wuP|T}|z@H(znT7C)q|&e>+l?A>Gnx>^%rc;}IUt5>x)*GSqLGXH z$~#RYo?zslv-!VoQ?9M?9p@68Ad)0a^fAJaFNG*C#Sw{HjIZ$$$3n!84)~|b`NUw# zM1*KSxsffRc*kfHq|O5j+OUbCLmuV+*|6M+F)`Yi<6s`=Av>(Qii23bBQoF9u>;bBqN}^D;78!#CWM3@Cv&jy2_1qWN|_8mm_ePG)U?`rAfnNq>AH!W zXvyj$$KOhvzws*T(n{XDim*T`rLYM(Lc5ScHHLDihx(z6+@jCPiiQb0a;Tx*+Mv_g zi5AM8HM%02Dyf!?Bu|ou+bWwm3cs5ChnY%yPpXiF;yWO@ zq`GHpHHx&z=7K9A_5Q28gQVoNtEnQ0uyRho>K>NdP_hhx4}zq=Q_Pz@2$n3-N)iIE zaJ``5Q5G%Fg`6t9Q%j^|kgTGlzHnC9%Lz%y3MI zaeU0Xcn&-|%i?;|hp{dt+DuA~PT9I3d(t}3!mkftsb-8h+5^-;#m}AS$Bvwi$|1WA zMUc+WgcOpn$@EW0rK0K3g&#mk<2g`IBSlkmu{x70mvkTs+p?<|C7tt6EhSZlfW;yM zv@hL_1Q8!;{ymHA*bYBEh=K|pb>uxOT z_1do$!#t$gu~oxmCEK&b6RAbpwPg{tW!twU5x0fgx!n-C-N2kx5t;qN3BlVIv|9>1 zSrY--MMT&C2wcBK2s-SDP3)|lh1siH4OhfBfwf7LB}Uv3MUY9D4Lv-ODAyLln8K}A zmr;oR_40_vH3-W62ZEg@YU)O_xyOYFAyylZM$kiv+Ek8sTv)=&fP+n{E8n^QzMh4GGl!hu=Mj;PpIfI$o5R-BhdH+bv$tDhlP9%mjfM=h!I< zt2u6sv6}NQ@`Jf?GgE^=(^Cb-^+}%PX`TWs9om?l9kZU-z@A7z4NimzCv~eR-95`I zpN^uS^m(%OaWM0ZpK*=fT**m0#XYFJFmTeVN8&kJ4M3&1fCP%Q?p<8s0gR8kr4j-> zH1aH&(=y)Mgt>v?J*v7PxZ!cb&>JLC`USbW2+1Q#qIBXfCrTYC+9T7-*n~*XQ(FGe z+{Ip>sGt`fBOty?Gr9{Gmfju4j2^~d?5#^Z(k7_tFS3|AWc^H6GhvvJ&M$(cZlX-O zD_;r)KX%S)hV=@QMCnzg1@G`qBF);gT{-#74ge7YUG;08n zUT-^GI7=5rq%(=g&c;~nK&xwO``e9J5PIv|64BdCZHU-zjNPVffc3W9rrYBV5aUMf z<>n9NX71+}l+%Xp>8@Jorta%D66eP5?S>4i{o3ya@9-Ay@h0!`?%J>|2&d)l^?nlV zX7Be-3HOHY`Hq#1rSJQ;5&6dN{oV-uHo4wz5aH%;a z$S}uSo}+tQab!X2=2B|7yyeL%=OKlNn=XjpWyTDDn%I5*?#d(97jGJH=sg)HP5k7) zF%ut=$vKN%M*^Z%44_E{0kNW(;nuJO*|N{{wHk%aMg;y|Trx`S#ZYo=9JX_KEg#qUqO~26Zb0W#1q^DfR?pnHMna<-zF}2WEw7UcKgZ%cN=&YL z1F{=APx2}x&Szv{X5V?@@BMT*g*u3K(;z#i{(J~7W{<$!-a^8zsLL(9xTK>bSp>CBY-SR+qWMqGPnc&$dWauEVBi|CdL0DB(QoM5fS; zQ&Er-^5<*_Xi`tcS}P%U^otOyT~}Hr*J-T#@*@5PMNZ^pUIsnUBfSoiP-0F%Y**C& z%&NJ#rJ%B!QSX{kPiO2!W(CZRIUn~b%H}SH(Rw0MeA;Vwn$QYW@~4G&e|8|VqNlg^ zJcKiO@(I4-L(;Dz(=1IGfAC+Vn*yU2^oy7a%0iQJa){2HB@psJQ8ZeiJRO!aZB zBzy6ZdMzXNR^M47{|6(VoBYajr<6Ku-Fl99_oH27Xq2Q4ef#jKlyKITH&_9%EB%?aPHgak9Dm4c5QR>LU*0 zdqPKuSNQcOG3uf^aFO+o*=}(3wih!=V^0I{01@!rC$I-6{^KtX|3-e~SN`QE{^oc7 z28aIW=kMvKe*E@s^Va_D=l<^Z{_h8WMB#lLy#De}e&aX)^p9`!SO4~}Z-Y>8_m}_3 zu>SeS?)tZX>c;>4hwlC7f93{=R{sVL3@4Bv!h{MJGHmGZA;gFhCsM3v@gl~I8aHz6 z=yWMU8ZQan zym+UOi)Vyb%v^f)=J}TkOWMR~%_?r}m}5J-4A-vmRTry0H-H!3P4f3;HN*@BClUSl z^i{^FSF>iQF786gaN9lP2dC3VT|-7zhI!Dzoy;J8$sF8BHG67Q8#bj_6!m1T$-Ug5OFpmM1K7rbKN}z zopjW^LJ)O+MC9K<@?^l@coCKqo`e;WRbFJPaPyCP617L19oiWO-#^$GcTWu$Jot}1 z9>{S42AyPg!EW+smmG2aJ6wQAa{t`Z!+#F-MvgsfBvF`srYWS$9wf2|V;wj~asdd< zJr~_S)g)2GfeA{)Ab_{|nBt1^d|-)+!lby{lNTg+&kcaJ_m3{xv1wsz6ymvOSLJ#0 zmRsw2cpGua$rGcQ{z$Y6LW_+^hQKG>+LZOr5m#BZ0^0}Ix$0|EjdH?+RmY{=n zLfmfc-D5*1a1!IIk8yHqBAqq%=xZcwGTDzL?m;x9VS|O5kUYkri(8^BelU)(|15fC zVXqE0>zCWXNbmlN+Hwn@!Q(!t%cRr}W zY0V))U2~l8oG7l?C^o&4Jn5L0iqN+%F;3+2K)wuAcS2wW7$B?3d&6!7__?C>Zd^D@7mDQfCTvM+U-23u7E^+%EON0iMRbU-wB;jgfiO-@ zRL-b=1*E%W>SlXGU>D;k$2n5$iw*G=x7t%LG4`icOxjfR+9MOr;3E;7=wQe;l}S4*+9fojDNURN1sJ51 z$(#Z?&24hCo7C*(O<+k7K6Ukxva_8>QKviODbIPz1fKLA>51w?H3}o zj&ZQk6J~OBqe2*MqL5R2EQ?$;u#jannp@@ScNUAFpmGjdnzP;As#q>e&Z%e^WKUdU zN>_-ia#7j>R~l=Z!s$s$Y$Gxb291@ddEr*B|4=QRriwi)YoKcw)*^(Q1o@T||I?oN>g;|FNi0It+mPN0>$m>5>}0*jHH1Yq z%D1jfBg+t*+oXDwre!MF(wvB|YTbs7jwNGv*$CX*lyO@t0#|vp3QqK1O}$`^2phkr zoEbTDTO#WOeFb*ah2R&Z9(Bkn10+V8IftrDBZi5z#T*&)@sBg6@q(ec+vw_Rwr$c* zj95%U)K%DwdE{`0&A8!Cgbd1DeqD)5YuXW$xMC(|@Bf?(p#8+JcvhP4ZH(Gn-QIY= zjl~u@^$5NIKL}30Fpg3AC=W}jt2Rki?2?(NT=A8+V^s#sg}4-u>SsKcZyaiKDshU_dRre z6D{3Sn!3-Veq*M@xLsXk88BOR-nKF=W@vJ{(~e1~|Na*W=i*0d4Z2{9OQfA32#Yvv zjoOi?1JQ(7lp-|!Y@CMt);96=tR;G8UbPu6icoYR?Uw3tkQmGuhU`I(&X!9-YgI9B zdEgRUF>)!pQ!-l{pGNxOx|0&nSPc{@a`u})eO>XJRD0wmH;On<{*{ueyyY&BBgz3EPWI@F^s^{G?6>Q=ux z*0Zklt#iHWUjI7S!!Gu*lfCR_KRepfuJ*OFz3pzN{<=hpj`X?Hohov#JKppDPNnO; z?|xr7-~TT7!Aqr@*CagR6JM0OD;_4&cst}HFZsz+zVcj`#zl}p2{P!j^Pc}a=tHkh zGEf2;7h!zkRnm%Zq<$&kcs=Z6FZY^I`Y`CA1Rw)-R>@#OKNE zlOKEID`XIy?>+RR4}CHWq9Uk2{)DiP6y2M4aCPZUh5v;7LTF?7g1_j$ruyWuX3fU`})(3X+8K6@vRs1PR7q@0s8N zuHfR?AWkG-A?#oP!XOD+0Xd`ttN`Ia_yaX0ffoGFF_0h)wuB1eAWA$T6nez$?VuG( zpbw7VA*h2pph6N@fjh)P5*z|Pc!Cy`VG+2(JTRdGI^h)dgcQEvM#!EO)?o-{VFemN zFkHhhFvAyyArhA18G1qzl)@U0U=sp`9PUIME+R&N;PT<20Y1Sv6hkSX!yk&_AP!<7 z9-;*%;y-AVBi2MCj$%bXBJ7Fa2xdVUvZ5z|p(YAq8FnHYMuY~MB14oSE=mL{(w-z1 zU@81hF~DLVn&B)OVl5KU3GSjv=pz0zK145yqCtA+~PU@gE{7-<@BOD${;{~o;dC! zKi*?OibOj8Vn8mWUJT?xmg7T$L_$gg1u~>XCIJSvp&~|PGjb#q`r||l;6+*_0y?Be zk_15>R-{XgVEM%)O@2g57UW7wg!APj2~wZ+En`m} zWl~;5P)fw@5g<|0-|r=$`61;}YUEY&qD@wW=HX;iMjz?npHjMER&vBo@?%p*jNz4~ zS+eCsq@~VTrCa9WTt)<3D*g*Tp5s~O<6Rz0UXtTpo?~C~$zMKWV3OltHbhr`<@kl= z>B(hXCd6SrV`47EQ!?fO0-x~JU}SD)XQJa)3Z++K<^@(?RdVKMf?{g6L})?;_>pD- z?j%-@<7(1nZT2H7zF$kirUAm_Y)bK2&066Zij=O-%XbuQg^hT?NJ1b2p`cZR1z2q!LT=RZ*6Fc5?}5aB<}qah|C zd?Mm`q9;PArzx_hd-@?>Y-1TBBQ4saLlh=6^5-b}rv+9cfM#Mb5-5S@b|XEUMm7D-N>fZelC+`R2BcRJS%6jA%mRpp}aJ0+Z?sy_TqnerLn}!%#x3=o#f{5`;BTY{h0LiaNw)YHa6CrDu{T#V+g$ zUhF_Drpd;NW2Wqkg6u%BEDE~pB0*+q;;aYital*jF8b^S0&Sk~>}L|~0~#%B2rVuu zZ38kbvLJ0|LaqPlEX>BNUd-%Rs%(i`?f$uJ$!hIjplsLHtj&V$`dw_slI`f3rj_ca z+M@nn!#=FrjviG`EXdBS_Q|XK-RPsxtf;n`kJT}9B z-~%DZqcO~1>3-+wwqEM)9*0K3I2Z#b;)U#XC?G1Y7!qUs_3m~4Zt4ZE?r|s*6z}mS zLGu2n7&0$}KCh(8ZRSSc=0>0OV(%;>@9c7~UJ#@6(jW9Tr}Q=+^@`s48t;8>?-yRj zA-XUB!f*I~?)U;=`9k0QX0QIfFN7-a_{HyX&adLtZ|Ds#`Vyl0daw5~u=qLfZT>=V z;z=;*t?oax?(6nL>=ML0%<1m>ZxQZp0|&6_4siPw@aQ%q4EwGOci*GdFkWzQZF(@` zNiGk|tPigy5EGuYChib3uH|~{5$9+Qzo10S>kub_;5M=2im%0vtY!Kt;7V-cqV3*B zaSu{N+m0^B7IDv#F&0+D*aEKEc5D_4@D@9&MP#kpa;+STapBhS>(${EM&i{tttmdS z;8md=-r*oqZDbnq-{~L^wlUQZ@+dm8-?g9=PckFdr6u>B)S?C@J7Op6-6x+$C@VTOEUG#Liabyx#L!Tk5%|lif+)gqg#U7QGRT5O`L0 z$TnjKQe^F0=h(rwuJz7x^<-16pFPngRM?)5SFlh@cr^#ASl3!Til8PDa%EQyB+;7` zcEG6;b|I=MjT2xi&g)o_{HPlB=t7^>z;U(Lc}I_RhYKn_2ypGkaRYQ@-|$}FfGt#5 z57ZKR>&l1SlAh@eIk?e;1(I%T>K?FBq6jv1^G&(15lQ~Vb^J^Y$S4dk6peAUSBlin zZ^f5pLDJGp+tebrP|xv0Xv-goKy7VDxJI0pxzU0T5-}*NxoT=!*@+lUIC!@K;RYW0 z_K}{roILAqe;dU4>wzOHj8mAV+|qCVmX7O2htbKF?)N|Uw>-PGw}b$va+nA)8^kqA zf|pIB@i<^S__G4{ck@T00FQ;IkZUnEQKix1{Fj#^mxs%mn3UI)r+6b#8l)BWlFBlR z%d}R5b)2XUG3e2^);Q~+T7}D!qu@)quDN!vtChX^I5qmQ=?ZtplGzLutYOf&&dC*l z3$VaWh?{qzX$u?Wif%ZJdw+Pf=y%W-b#gEIe-i_yc+CF3_A7{uTfW!`24F(HeQT!g zTfPPPbkQ}g?#^p>%L=h}3rQT7XTT-ccr)4f1VOoN!+LvJS-2rgiU`4e$Xk+{GOxEd zALqm>p&*wlUcF;+ywk*67gJKdyP^*@<|cZDQ1w##`@lQ3Ox`=dG}kmhx`wPknk0J=I@* z_TfC%Z~ZrEJ=cHzOh`T0H@(=8ebSe`*%v+9r~W;}>owcIeL#CX+|Rv7tUcZ1v)$i4 zJ?FjNi!=5M|} zT0Q4;{p5c>7vb?&>ak+lZRwX@Q_H>R%iJ4dW*jrb>oaETdo{zi{+^uiai($ed2#8( zt?lDJ(xJX|g7H8Q|L*5)Uf;g(M+g-|>J>kKd0w%9H^1vEad|TFwU#OqSHJbUobU5y z<%U0OR<8GdzskjILa2Z6qkqq_KS99%^1J{0o9z1AfBVxv&dGm!;{VxdK0y2vIFMjL zg9i~NRJf2~Lx&F`MwB>_VnvG=F=o`b{*hxxj~_uMOfr&WNs}j0rc}9dWkHrNVaAj> zu~orvHACjqxszv4pFe>H6*`n?P?;wU4MYbhNs(Iqm?g3D?p6{c%BE=<*e}*mk}hFF zQ6{k8v5{;3p&MzX-7>4=j2#Ik&>yuU!v>nO;;!pVi8u$|EIOEQVZ(pqR+}uD4Tyk!-K)K7lK~zB1d5q`gpt2{?lMGf>7EX{^!48zBNOx@5>X&4^&8 z`EfHd#=%9IsI(FYGttCbsl$>EnTL%i+1N{#VV*HjzLD-CD;5@i`ztsc$t=^%GtpeE zxg(@Y;t9B-AZMV}?s~=@RFc3Dye3t8(hzih97rEeSX84Of8djkKKoY8FQyj*<1fug zDXrAfOC4Ght0agtW{uaf$R{*c){!mG*Y?~HCeu(;?M-8>I+Dd75w$G|+!*bx#g`xz zC`L?y4OZA;YXmP7r2zhMMJ+esN&>AVll*5(ulP*KiMgabCe+ZJ(#y9r5KWLSyYN!d z3OWBl)I~92l$6+a;f+_`!ZNJ4xoYjrSEXM2b9df<0S;K;i}Wp+S5*y8_#}RR9oXTA zA&&S!g(?0D;ffXJcNKpn?%3mxDaE*Ad_}I8Utc%|S>=^kCa~m;FMc`SlT&Wl=9_U= zOlE^g-q|sla}HYQp$YR@-=2-u4{82SFG@5sr|AB{bm)QJ6v%u8@T- zbm0qO7(*G(kcKt1;SF(^LmlprhduP+4}UldUt~~&MKt0Ok(fj!E|G~%bm9}C7)2>g wk&0EcCgK&bm_;pak&9jQ;upafMlp_&jAbR@&Et; diff --git a/Media/Images/CertStores.gif b/Media/Images/CertStores.gif deleted file mode 100644 index 89dbdc17f3be01dbdf62d233dde869b3b154e4f8..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 10374 zcmV;1D0$aMNk%w1VL<|&0e1iZA^8LW00000EC2ui06_ws0f+wp{{R30003hE0CxZz zDF7Hs04Rh2Fo6J3YXDQF0C&F_0DBl17z`>}7$j>DJ46^Zc^EvD7(s*>OP3gRy&(V? zAsj>@Bsn7(052~uBr`uLELJH&ZYf!eEQZb~xdkx*V<{LRF&J|(7<(}+h%rZ;G=9N5 zJUlx)bUZwiJxOvrUTr*HjXZR9Jam*hbhA8_lsuHvJpeU5C>T5`B|`0D4j|Qc^_# zQbj^iX=72L-dY$fTp3SZ7;9P>7+NeMT0uEpT0&i<++rR8V_h*|dw^qtt!AFPZaM&J zOG0aKQg^54a~L^wJ3Dneb#*+Hb4DX|bUbx*vvjrXdjKhW05N+2Qhg6@eGh|u51V}t zt$h!_dl&$F7$bWaE_)bKeKDbZF|Bk`INF z51o@dJCrUv83Lxs;VWl$Df{s^^r^{-zIZrw@gv51pe_0HIQrq*)xLbxx;= zZl{TboUo9jyzr>RucpiVq~89oUv8~m0H}04uXReYgk!C$W38%tv=6VgN^Y}j9J6yg zvvhT`aj3Jkb+WVUvdQMM>HfX-|F{pwykc*=a{#@07{7%!!Hj0U$@#<&Zp06i#xZWj zT5HCE0LG@2$f)GNtA)kI#lz+P%@426h8WI^G0>P_&Yp9|rn%0}&dcYm)lj+CSZ>#e zZqt=K)~;jLu7uaa)YZzJ)6taH*4EkV{?Y#a-FR-@eSzYlPvWOq-oAw3;o#Kgvfljt zkk;mz&gy^Tz9?Ee1v#k2ROv= z(3Snuz5n8-{pG#?>a+j;$Nv1&{{HFy{{9I50RIUbNU)&6g9sBUT*$DY!-o(fN}Ncs zqQ#3CGiuz(v7^V2AVVTV7Eh$flPFWFT*+h&ZRqhmPAUms@1DlvufRnZt2pdPrY7}y0xs?vuM+*T`Mr`*KNAI zGUYjP>P3ICPUt;>$>O~f-2_%U@j{;9y=4X$_6t}d-n}Qv6#N^Qt>w#@GrM#v_bc7H z81F&e8-t>|6OI2VHY|ECrqvZsr+&Ea%jgrO1krD#2OcD;-LB}ZMkAEXm|@}fWlx$tW1dI7`! z=N>V^)BZiS*JA62_Ng4BDuoUK<{m7heYTSXhfIN{6J6qgB`= zh0=W}<&;z|G@NG)kvLIu*d1izKaZ8xUy#(n23?e^J=WM@(e>9Cf`&QwWth*6cH()d zv8m*HN4~e=oOzYTC4cYTS>>UKa(E?iA{wNnM1vx9ra+hA|(2or!ODtryh6-73&I!xqv6w1XA%3{wD(<+Lb;T%uafwA%MX;h6r?}+i|S%MmA8(2n}YS!#wvq6ivROOL4^);W(OP zm##K*vYoOPa?=2x$5(47N4sjcP2=>Qaw}u_Ad7s;Gjq~R5_w*=KBujAS-?sJZM0HD z*4NT1+E?$>uo-RR{*uwwEzh)ib@{AvX8X-|V@m^0<-fe?(K1Sd$r z3R>`j7|fssH^{*bdhmlF450`|NWv1D(1hJHAOTm%!mR|bg)od^OI|3$8rl#fG`yh> zcW99u^6-cLK+KW~gGj_8UT=s-OrjErw!|hn@mENEq7;ef!zo(ve^tDq7V%d_WO(t5 zU<{)e$4JI9n(>TiOrsjt$i_Ch@r`hdqa5c*$2!{aj(E(Y9{0#cGCCxSTMXp;04c~q znval%Oyu_vsmMlJkCBdy>V+WnM_3*(|5~s zq%gHOP4-n2ml3(<6t&5-Xf~3YPXuSfys1cWHqo5qBIhnEiOzAU(~#{fKSv>-Pf2t}*J$bEnzO3zwT zY4WL_pWNG?bN40P5xbu zh&rtlkmIL^y#=TWtJ}r+Ll(DSssE5DT3KE;v<~I0XKxx&%KoFdIgRLLsfXItvNm`Y z9jH^ND%dy;HLxe*ZEh1=)ZRMC9a*62a1{d6=^nSHV^wZyFWcPIsx}^VZSOenJJ;!f z)xOt-re2|%vZVIuyX94leUiG=ram=6Ux=(^C%aI)ytgFr-D+Gbdtc;Ya;uo-aQ426 zkk(3xk}Aqge^Q{0!kosVts~S4vS8Sfk}5rTX{l8g^3`Ns7_%B)>wKBp*0n;T$P10> zbjxRA`!zWupjrrd*DJ{}E?k+0KqOTWT%sYP%5H*3Pz8s2$F_8vEPe z4!0P?itWsByNUTFwG!)*Urd+#iC9hKhI{#LboW<~OFmz{m8jN89+}MAMo7L5IdDYp zJBiRxH=&^c@PIq2lE`Sd!wC{`Nmg9Y6MwkHC7$trT-=c#FZIFxjTmx8mfYYVQISEt zWLSetxrQeKJzBzMdBm595gkAqrx3we=LY1u@xC@$%F*jTGpxWjbGus+!V3)nxhWIuP*?fDB9} z9vKJ#9w^T7jJ*72%L0scc`IJ0AXcNGlB#>&6bnqiHttr$d)+aacf0dlz#e&gLAt9R zjW#~F;#E;}n7*~)LW3=yKT3SR5!iqQhi~_WauV2C8rVqxwt*b@fm_spw)B9q7H(I+*n`7HZmooaAvlC^CWJ(IguQ_bMu>z=XcFT_h*uwGZIjD(Fgo(;ziMEDJ&g6(^!HE-Rir}M)Y$J-Z#){kni*GoDvZy_^h!v>l zaJOhZyJ!`;7;wEvJ;6v7zo>1)2tCJm6vdcrQN(U=1%nbXZ)Vm`()bV=n2ZR)Zm@)D zt|)8G_;1x1jnKFe;TRF+$Pm}q8|?OR*qA%r2y5fvf^LNjM^;xmm~iQ+R+rRJJBVT1 zK#wGrP&+7A{5Tck;6+5vzB zWCHnw8K_WCs8%MKbqnPa^GFh(6;UPG{*Vkc9vZ2HoAr-28Iwx5gAV18nY4|H7=kLv zN?4VSrS)7K>5&PiR&C`_MagbMc9Y0df)NQbyBVDAxIDwTY8K;G7zU1v`Iq|GmDV|y>lv8Fbd;Orn41-rV+oO^ zWn3I7m}0qMFG-+}nU?USn7iqgtQnZs8CIN0knky;m}Qlig-jWWoY(kFS;vjESP%lq zN*W1M1IkqZ`IyallK`2K|M*sIiH{ShlxMY$6&9ZfH<3LSqzy?D7KxESwvlkPqhy7U zGI>^0iIWxDP+o*gJ%*ABg`^azRtyQBBA8^;>7zNxr6PKqGD%j!8G|Y3ADi+5@$h*K zK~zEa1vnN9TQ(W#kuv^WCXB+Po7;&N`#BWLND<4YUGP^O$l_CY5GDJ72Vl1lk(xe> z3KWR?nrG3eLD8s=p#{-SWTc84e0sFB1y0I=MVaEfOfF`moL9!6>sBX8gz2^>qVYAZe zvbA9;BSjfxN3POQ4KZM|8hc|0koEzxgvqNn%lV@!MUCrx|d72qFcJZLb|4#y4{1is%yHSyKMKM zE}LQpSql>VkO@mcyAXj6y2}vy@Ce=TyB_-w)G!tS_qw-s4{DGMV4@3SaSy#~yP06T zyj!~q{!zURA-oDvyadR)lH?E0I}pMPy}pnJYY-T>yA*ox55EfvOHm2}(G_YC3hN8L z?^_Vq+q|Wq4~{Si=c^BmV7`?RyYoxC_L~Oq+rICczH2}Z!21v8vb@AQ7Sy1=)rP#Y z#=p!v83+u%dH}v-p}_!5!L+Nvx4XX7u)fN>!Od&D1OdSCd%N&U4JF(Nr2xLPo5Gv2 zydzA!B@Dddd%nbr!j}NOM5hZZ+-w*uYuY;*LW~aU>lB)h3>rMU@&Lv0s|PZyzZs$n z@LLd7d=ElAzPby&TMWMY>j=zi#KPOeSvY$ABEeQ|!oB z9K}%F4^xZ~`AfX}%g51c#j|V5Ni52347}Kj#oQ|pXe@1W3~MXgyejO;TZ|5SOe!U; z#wR?)>}$guGrjTqzYiSD=PScFEDt&i!?Fy-v`o9lT)bEezDc}nyUfd85yf$g#pc2Y zUM$L$yavZmzv<$_P7%ms{J_ba1`@m}OF;^haKx4@%D3CVz{|kdki(a7!0@cZnA~xi z+`1VN&PZs;QOwYzE724^(G`8s*OSl~U55_6(W2YY9__gx9nzYsY8MfPD4qV&D!tMy z-O?_NMt_72Bt6q3A=5N{(++6UIDON|pwl}&(>?vuJnhqY2)Ram)JV;^lDmmSErEn9 zMTVO^K~02#drpVT5>qXdSFJWxZA(o(adkV1OYJjR-GDq>NMVg=U#*K{ZA5A9)ie4{ zn6}oyh_1av*T!hq*oD{3sMpZM*VeYxk0aR81K1PMB8Zc7!m%}Adk~35f9pfofIHV7 z;U2Tfw6PTty+^2ytx=GzKHwCWZQVbTy}5>steG=?NhctE;ZsxB4Xf%D(>D-AWveSj z4zW5rku8pi%0s0c5@oFsk0ChRT6Wg=1#>go&MMp3v3QTyU5_oUSpNGyh-s2yb&wZ% zNe{`73CKIYjYFsHHm;F=pLbFI+88f)dV)GKo{d{7%c%sxmLiEvGu4^5sYBoW5y72# zKSg-64Ol`)EkL!|FasfvjkDHkK8R_MSBaxamRbgi-;~`Ekd->jdUoYKP;r~!gkm`} z>nWa%;M5)8=((08+L=8n;gS~K53$)$Ross?dVN*2vq9jL0vJzw;8r{0p?R0}XkYP$ z;#H~Qcl{A9B2dx6+MQP!v=Uo3&N^$WQSM<|BJMubO{LR`S4tY;HI-Fq(R zxN_De*l}HL)vaXc*|X^KAXnag?nkpL+DAgxJljVp8n~j1n9Cy=|asznqKPQ zOzNn9L#Mv#w$|#dE^A%%(zIUdwtnllp6hgkY_Y!4u-@ye_UpioYQjG3WmfFQj!VeC zLprGI&K_()DCb8=gI9!|8hvG|4m~bdNau(<%U(k&ctzp9iP_#f{pLu&S!!(VaN{oS z*UlZ^9z%KQOe3goL#VDngztzF?=YnAKjiN`RqoA?^^dx@FE8i>!Gt2 z9xUwI*~42t3D4>Sco76P-3fty5b@bATYm|`4}Ng|0y#hf9gqz5;0#KD1028z|3LC4 zp94C;8{iNCd>|0-umvZ;0^iIZt6=g#kOe%U4qK1|Cx8Vv!3+sd4g&!W2M`TKkOL>b z1Kf}gL*M}e!4HGb^!3mSP45q@kOMZr0jA&)#J~g*aT+y{*+nu7KW`EjA8Q@q@q~&O zct9l9@vWp_8zo~KjUj)x4F<1m+wTDwt9nv?%Hh*9bNmnpXaDsHpbv_`8b)vnkALMQp6$7FNg7-k&%6Ft2L2wDk8M#5_pFd7O5|n!;?xaF{CCU}d zC+5TkM*m{YteMXU7ah@d;;_&~Au%TZ;QcW5uh|J3JIb|N$#4n=4PEph$`L}O(I_W4 zAcIul1SWr~G| z`@(E2=q`r8SY<}W8c2|`<$jTF-Tq6l(Q!A)3P7xGR&{)hT=XvVc|-^QI= zcig^!`2|W^uNOjtI5w2}$IlOttZDy+GZBvyACg5!ag=->?418t)uSxcx#FTVtH$H4gMLxUV> zU;#gZ;5h=9dY(z@?d`v+e%5Cx;wnP{2Fz3KDN0H_DjMvV4d* z;mjSl$tapdd7)swmo!z#9hV5Q=fUnKfNU2g(z8h;f`}@J7$KV2gP>h312i;d6dRr4~0HdpxqBBeTs`GaGZmWqQw$#4$jL3o9 z39TB=BKP+8!HLsR%MBu;(4FcL$VlM07aVh7nF zA<8It?mj?=IN(s3Z?H~c7B#wOh?6otsht(=8KIkXxY5s{{z^Acz>!WqK_=>1M;_rbBn+=;d6T>PFrn^opD&io z`m)R@i!$3JW7~deBBLA+ipxZeoE`sGeq|umJ~Z@{ems zp-GJJ*}VSVVZb!`#UH+qLJol7oPVfe3rkvp4>AK00pQ1Ssp>{OJYgBmmBSyaU43k&%ytB-0idNlG$ul9iO3BQd#2 zPFkyzpHw6$@ux{qmeQ02x#THT$*xqc@=K(2Wh^7vN?FztN3^u%ZeW>9UcM0;_2^|V zbN*BhXbAIqV>D(m)i{oEDASpYVdgV+v`cALlUng8rZu(c7ib`Jo3^3mH^q6QXpYmG zRK!rYUf2mMDp_K6IJ zHq@aHg=j=2I#G&N)S?%~Xht=Hr1(5g=$o#I#sF`H8Da3 zYF4$n)vI#Vt6v2xZ?GCxvX+&mJT+@t)!I(9uGOt?t!7){T1kaMqpC&)Y2501{#U+A zG_Nj|>s%ozP=D?*p!{?iVRL!dfvz;Lf*s^LBRNl|N!FN@W$9xf>qm4Bwz1RdtT01c zQq67_kJ#K~H>-u(XQ~#Zr8O-ZNBhXx_NcbKyzM_>8(TI0a+AcYmT#X4+}Dnkx0}SJ z9+P{U<+`%D40u5)UTJc-yVWDF_0k)d^&;1? z#yu}2+Z(s}k}$%;tytdO}xD@J=Mh=P+H7<$+OL#<-V z40!Mf95^6EzySvWwqOGZz^*7H*+W_=e9Ao@t7iOpla+~_h87~!iP6L1Oy6?tgNACQPuKAwOP z*8Kw!XYgHwZ*+5JsqJcpqMc$_(V(UBmA~@E&t6qgP!&6D4@-H6&y$EQj;x-A z=~+S_`bh(gbRC&V2fGU9o^|5A*dRdE=ZJ(7@8R`-f%7nmOSEekh)Q@I6Z-nC;7e?(;s8n!H;$I@O4@Eeo>F zGoq{+vLZXOsUyO;@UJU_jHRQpu*))9@vkf({u_h1GFo^#|AId3oY&ym9H_Yq1WNO7)LdEz>up(jNJ>&jJnG1Wbf%A-y?oqAHnJ?*qNjE_$zZ}PcPvRpQY=4Wti<9c zfdnXl0xXhz$u-)mzUrvIa+;p>$)N?*9(%B|#!s8pJv1k11#%dsTOvNX%HM9Z{{sI275w!BJ+bj!G0E4Y-)x+E*Qw9CBY zD!kOozWgb^^vl4+DZmuW!i*`xG|a>VN5y1JR`klogv_2o%*donwtCFU#LS$`%+2(w z$>hw>bSBRP&Cv`d(Im~&^u_+mM9tNNF4bhs*DOWXgw5GhCex(N+k{8i#LeAIP2TiP zGSki9l&*D{g+fS!<3!HnRL%`9NOwQ<>&K(I(;f$@~ zv`+0L&+>%M=o}33G|%;1&q6>?Yxz#_gse^&PxiD=@+^c-2n_nX&;HcT{De>We9GeV z&jQ8H_lyeyHP8iRP6V~5_!LmLT8H{%&zdm{1Gl&w?e-RVxMU&G*|>UmD6&lhe4fFbZ}ER?Sg*5(=2_`?9>%uP=jB9bH;vO#=m%HehIT;CNIg~Uq|{1{uS=DOHl2fKc!f031Aj1ve#nG1 z9n?!O)lwbSJWW;X{DoPqg;$-^bC8EPebag{2VC_AUBS~u&<9@yRzj6j@+?+k?JoOV zgS?3cY-rXr{%}=0h=(|})=Wr-LB&=t-PY^u)@+T`VBm&Kjnrt(1w>U>Eta?3{x>{nJH|RB8>{ zP4$NUHIOkz_1S-bRG;x%#T{D4JuWb{Pd$}g%>_}|t=HN$PukVp>s(yig{$5b+RYVS z*L_gnjosos+k;hJ=losdU909bUc8mw=X_r1O{?m)Ugp)_RsR4Jzv2}(e6Fb`BmRpFyHv~stpxi4~+}{?OzPdU;X7O`)ytpMbY*Z zUIY#=Atm6J;!pL}Pr!&^_nqJYe&DTAPvvz_{1uE1F5V9I&I}f;>I`A&q)r3wQts3Z z+azJ!b>SCg+!&T&qNU*)rq>(B;Y!uv9p2I&_TeQ3;vm-1AtquGHR2-{&?Hu3@MMVM zCjQM`vPmf3;d+@?!X!kv4YYH-_Ul zmg705<2ttEJI3QY*5f_q<39G|KL+GL7UV%DWOUC3()?`iA;!gJDPX^^s7UfYUz?}01iz6A~*mdR{$b(0694TKWG3vjQ~QO0A^+YYH9#zw+9Fb4o#gI000>PA{hWf z7#J8CB6JxxQ5i*D8AF~Lv;iR@As!w+A~-lANnavYY9VyMBew!8D=R0s1Sz-RA@1~7C8VpIRIuj86rC(N;o(fIXO8wI$Jq8 zk~m$NIcK*xYHBoet2lJQI*^b#lG-`FAx0S)Nft&xKtM@aZ8&?CM4q}sp5j2jDnr3B zPdGSFSDs30YEN{(OT#%)HW^V-PgiPBQ+<_Fo!wK$Jy<~>TwGjTaBy15NMry2W&k>5 z3|M3t0A(2>Wf?*Ga_g>l4?&GYf3q2Qa5U90BUM8YHMn2Y?*C@t!tUWYM$b2&0KL1WOp+} zZDUSva9?n6aCDV^a+|?)tEP0o?sL#)dJJoR8E|wm0DUWQd_Qx3OLcyP!HFw;g=T|< zZEb{vt%Q|jh1Ph8h=_}cmWht1h?%sDrooKfbC24Ck~9F4Ga`~RL6bd)l1*}$TpE;K zIF@}gmWYUukY<&YYLk?cmY1@eq=A#L)R5b@m~3j3Y?zsNgq)q7o|dedxssl_-=W63 zn85#?-s76yjGy0?n&1DSRhOcOjiZR9rj@~^!S1Hvo2`Uxuz`fDq-3h9sjJE6uH>Y( zWf`_*H??I~w0Nzvn31uUrMtAcu-5al=BT#jt+@aHxM%>ukh;2#GQXpWz3H{Wm~6ns zmczos!Q!^Z?7zY8=E3j(&CSizv6k1;*4Nyn(d+Hf@6FhfGuV?++@~Pgq)pnWeAu>S z%Z;o*6r=>^2Sa7 zwr2mmYyZNT{@9WK>9+s>xBvgx{{HFy{{9I50RIUbNU)&6g9sBUT*$DY!-o(fN}Ncs zqQ#3CGiuz(v7^V2AVZ2ANwTELlPFWFT*)NwX4^!U@2xTI5w==vuM+*U5m5qK(}n; z%AHHMu3fSQ;ojZLx3Ay7M)m3iOt`S&!-zu)PRzKmykO}g~U(56$XUi~$I>({VJ2GC|uTL6iuGxF17>t8=j5E|YKz#v^mXK4iP?)~o` z1bs1>CtR*^xa%Jbsl)v3y79*ZcGaxIPCXD&=L~k)WszKV>N(_`K>C<~AUFszXkJD45YXFi6(aPWg$sSiP=pKW zBa1`)D9DkB5Iy)$gcEis5sUHFI8%KE;TY0>0`Z93WCzvrOec+Wa*Hv~1h`H;1Rk^; zIKeeUqd`+1qz?|pfpdlqzHxHlbPZbc+k!93(2PP=QW>U)Yc4dVdu?8n=0aCyxn-AM z78s|Ee7>aPK!1X?pN~J{l~6UE9Ae0#h8&VeB8xbZ3pWMrHi~x;nh-z%*l4ogJql@pV@*uBS1b2_D zIsXHWhDn$A;5{~AN1==DV(F}>Jo~0eg(((ybgt^bOf}9~beL~%O-GmYKy|XLv)V;B zhcv#tCB5{$XxCjf{y}F$46TYg$Ne=yJ_9XuaN6n0F45T8t)az`!zQ`L8evR%M;!B4 zC_#f2R81lzo1F4FY`!vHs|_p8&(GRfr{TIc3)}2JGq>s7gA`KeH_p7Zy&UYcr%@*{ zui$`=moOFtJf6qS?zi9NhMWBJt-Hpw?6cNx-trL6uKn(G+v0oO;a4BP^?8f$eHy%* zcYAQTH{Kw6%~_B4i&oDG`TihTZqlF~o5;ruk_tT#97H!QH9oZcS?zIHIOBJ9J2Q0~uV_sIx}u z=}ksT`$7AflSZ}S%Z*^W&~Qp5i#$fMjzmk&-QJX;`=K!%J1ZX~7kM=~W`T~p!qs{j zc|XVHNs6%Ki2p`{MJzgGfCi~YGMc17<~SpbqKc9;qC`k-Ex?Qd^H;ILg*rLLDU8OU z9WlvwM%PemSdV+rc-mtfIugV>D12TriM7abL7L^E zMais$eih9K_d-h2l6F)eof}EpOlpx|Mw6v5Eh#QR6317@G$E++=1q4R%bD`@r$7xV zNqj2Qq8jz60z4^Fm&(+pCWNR?jjB|C3e~Av^{OG&ixsfS)vmI1tA_HbSjWo0s*?4r zX!VR)Dt*y>*S<>iu6f-IU;Rqhr2-bOf-S6K4Xf0D zD^F6SH|B~PZZ?M74(Jp}}%;CLMc!LbqB!C6{ zQnVDfBjt1a|nvEcx(;F1#RcN!P?QS;s9HwWvcp1I9p3iFg@v;*vZ=QH<(@ z7lX{?q4GAcqP5A6d+g#STNxxnPE3(eEHXpff+qf8l0QbmBwk+Gs#!+N{%G6rjW&M+ z9S1>&o7;?zG1p_xc>V@2**xbu|HBxKTE{=`jOQ^AB+q>=h@9ta=7h9E7-|3l3`zh5 zCrIKNX70qG>+NXfv^aT5n(vjlKpD zY+Y+f5QrAM4)z8lVQ6W=G7oCG3(0lEc(4kx@E9l2Y(OhE8~?1Kvg2S)<35s`rx{3P&oP1z%I@PrTL z9TRxX00s%oIP&&>xzzc-b0}GUgx#dF-1EkkH+(XBCy`2vA$M?M6C$Bm$ zvwri^pF9bY7pVyXKM=e#TpuUkyV}_f5x1M<>}$`iCbItdkh*8&9T%W}^)_$RlLm4sIDlZs z3o!66*Vn>*L z-G^}B7k&}}e;Lt)A{BirfrZ!gWQY}I2=Q?g*CgLybD_6`J4bmUfCbW!XAbBOd+>ph zFlb0{a~mLe?I3g_APkIS5kK}ZEb*nb4U4E`l>a#X+!=)fdw7Ij@m0=VW6-*63X zwg)dqahB+2^?(joAcHVK3*XQVOo9$ACxbw6b;KueC9sKY25K^hd>avk)OU7Fz=cLQ z3=DULe)o1GA%6zpep5Jq3;}-P_Yhuq5!2TZ?AL|l=NR<|822}E6;}@)7;gp=2E z9JdhYzt|kmIC<4ic5Z@4i5(fmQIB{5D5TDp{RFIBFm#Z?xnD;Z{sQGN0oiwiA_+<;Fbf*Vk^g{qa`$$q5&%bV zc6vt$@W(Lw6_fxLcL6Y9aVLc_Ig>n@j0a(pt}$Tn=aYLElCH6LBv~#E01ep(j1a;iHjI%0$cfnxtM+2@poJRV85|;M+jgx$$ZAxjQWH~XMOtqpa%kBjN0b`Q_y_jX_07GaLL%4Yo#y$B-T9yD$sFLYm2det26`5F z=@)vrZQqc4F&Bty7=#oE1NEqAXxMWgw*j?aX#PM8GI$OCu%ay5ZJ3yIV27ePmk9(> z3oyWq6~USRcxdwoa~w!>7uR!ecABlmqV=$EJqHBuHj6FkcEGrdN|SvN5`X{ceFa*c zO2csO2aNmR1$97hG3gH8i4e#ML(0jKP|7yT*L?p;lJa+w>PHY`TAc>*U&fJ)W2!Y^ zIt)Aspb258X2%7ASDpUCn4f~GHRVT(J^7zy8KApJ5P*uORZ4{~X&n2RoX2>VV7O({ zm=I)G2)CDUFwlB{8GEue&6ua`S5pNsry$9auYsEgimjOXu2uq{1wobX zdY%<&sDVeE*}ACG(TrMXl^a=~;rgVz2#k5^mS7QA!!?GWSqRpUgCal$(z>BjCjzN@ zZ7&*fqe>7phyI7cMskB@aucV9)|iQ;`VaWXinNfUpt+-_$&R_2tdbCV*6@HmC~P-Z z0>Vlj(dV5pDG!Ibu<{yx0Q;@(K$5u#lfw`K?Jx{OiIP@Ilq*@O1`($IinS0zsoW}k zle3jp8GlxYsE`@}Ww(r8sD;z#uLXg&fm(i9o0j3Kow&HAjJmLH>9FB?LUqfpRB8)V zo1ndMv4xwljrAE7Dvl?|cm=_8T^DR8d#n1_b1BENA01@WT-L98qrq!VX|2BB-my1Kt> zYfC2rw(1c_xB!Tdz9>)!47b02dbnig4v$-?C=dx6kR=T834W`6Rjf6;2(bS8xZ&%k z3X2ecioSlTHH?d?>&nFN3td@U1gT{^; zM{Eai4SV2_{MfUZCJ8baZ9&4BYG9haXKsa{1~C|V_V|z!zd9O@vE0vo7ONXOpmi^S|3(fP}{Xp)R@wcYHzb)1Y5+MnquzjUmq zdTS8o`*!|7419OZwrQ|shp=|cpAk#O+B%(XOrCXn&s7VI3kpNo^v4HW5MX5*mn#qp z2#PKon4{|u^$?;}XAmvhbC_0UOmb+Zda7GzvOkxz!P;owpmZfb1vb2ys$BjM#!8Pa z><@*I!5i>%L|PB+z{)2V%OG)n@HPzD8>QO1yts%e1VEABt1UkXso6x$J{bT#U8k_& zx9J>|2@BM58g~%N1+Ou8Ho13HSuRHarNaW88i|%H$*uq)RwfuifzUBb)<+6_$Y%LfXXOcyWA#pCl`v1*bd9EYoVtGhDM|UfxE1D zv#$n2>KY$Ef63Lb53xN$4=32DE_S-{9t%*5{NAv$?%Lg8Uex6=r3onHXJWs8{N! zj?qDa(WI{GRaxo^A?l`1(ab;#BA5xhu#d6M>I~5i*T4&zAcD2Ph`a0R1R?9Q-szrh z5Waold=X}(NM_Nl>{0dUj=`zap6xqf?Tvx$+Wze}Vd9)4-{4;EM8WMuX71`P6zHyH z>;CRO(e7#n@AR${@-A!jp6@n+?)cyuH^vZ9A`$Je6yC1y2Hz3f4m&1N65wD5Q4$i| zH4+7X@Dz^`y=@Wr@bD$k51t?mss!=nCGizM@+xuu@fE=jYtSLe5?~OZ2?}sJ$N@;; zf*sf*UoXNX^t1B)j+Uq*Of{AUwbEXsQkNw$@g#rr4`K2Z!5zt=U5bMbkE1(^qdNf) zAy$*|1%Vz|PdgO?JZp3y!J|+>Z_NCaP9ZN6MvwGruMkRa5h%|-Yw#Kxvh{U>4^s03 z8Wvz|`BI7_FuU^ciF7kRWA*7kKgeNW?{xMdk@jof_+Ty&&5jWn-}eKt^|dk!8$={zm8%@Wu*>9)&T|(0(ZpWJ~7$;?c*Yw zA-Dh`+;OCB`=34)!oh_gEQuxCNQZWWsYe?X@~4tj8>f za-%8b1ILKy8t4u^^9G_V6yFBotv7kRpiZ?SxNwb-cP0qn!qoyeB2@9vgY};tBcb3y z`w&$$9s7QD0h(5+gRa#`noE$iSxG#zA5XFg_0xZL3{IaGJ`qnJ69N#g(o4H5_O*Xj z4WI#eP=)oKA`meb-6K?E4O4AXwUrZGAB4Bo?SwUNUUA>yVYPm#jMklSK?J7=QaMF+ zx)yKqqKygGWVyA?T5N?&Q&!smUJbczWuxtv2@=5O+l|Fb(9&|do0kDl zK*Y}5nF-2Qw(ThXW(~PuhXpTacRYrl1W%Q=)9Ey&PUj<5 z6?a@#rz_TCa;<)Eiaj-*rDCDYDXv~ydZy~JKO&VfAq2r8+rbD`Ebqwg_WLflJjZSB zOi)q&&{hYblUAU8NM%l*+P?eM1lf*@+BeAE0mo|i+VQa;P*})jJIeuV)JT0!aBp(K z`zFLm+OYAFQxa)BQp{{B)CUFXWdD4i3SHMc!N~1aE<14h`&07HBt1gp z?;s+Ip6LGK^Dv&Z$3&|6)Buwvx!m|pPU(o>``pnY|8%T4PSTKwob)9J4dhQQXa}Kw z=D*xY1xk3c$fT-NrFl6`cfa`0v|g1S<~1imWorQGdWX3tIEOhxEXaPsL5TgRkURPL z*|P+4#A4XUNOfvL72lyY_PJ9DkyR% zU*gfw|Dx6!SZT{j-qKACITo7=DTrLJ0bFg8WJMnV2}p|+h>@^UA;ayiIg~^f{B(oG z-|R?xGmPXM5edND)p3ulIf9UAwLBD7F_N5^1));3Em)ZdjFP(?lm14_LCWTY=~$vb z_Wmgq$+if}z-9&>e5ET=2www-OLDi8A1R^$|?opw@_epNc$ZMcA`H6p87K6>L6;@HAh z_Rf@9@?9Pqi9%VLFKhs99FPztk1}-UJ1yEznSuk!d0ta?Jd>v+FG;9Mj%=lbIO!*; zsUc4$u9_xf=mmc%rxb!nqYEq3&r%9YhSGwTIGddmB?6cTEoai=zXU&&uhQO8YTd+Vm>oLwrJ_goQASP74++9xudCL zW%gA`JCkMw>P!<>Y*Pp#SGR6Ts~{d&hv`DrycUp7v0>_v?(u5bvL)gE^sx#AwRy)2 zPz5vlI#)aMzfYFkZ~RaJG?w>}E1as7{1@7mYD26jqxjq6?q+t|lOHbsVg>tZL{+0Tad zK$bo0W=GrF*Y@?a7h(@`Wal)8$=A}9=k1iNYOQ!5P@L4Z7G^~YL~w*0TpZ)5N0b)+ppPrWsqeiI%@`7J0ZYmdcwt z8wSy=_em~4W-cojz-x#6#?MQ{nOEVq#w>fMAm6|&_0cT!gQ>dmoAJW2pwl7i$d4lmEF&{07HN*l zB0;9fz2Xuwsal`*$p-9DDd;OJu-hQQ%AWIb{+|l!F{CP;F0zyU!I@mqtjgNKJOPpx z{Ggl)4l_)hxKR_I5uM11*Jy_wAGC~(ZQ<_b&Ac2Ug{ivfOyfO_rB0?d?B7&!P zs+Q!zrZFLxiD@AWL>zJQ7-jDWEDRhb*ADsgpS=BRV{&BT%nGg+YDWCL0{zIttAQXVa!EA7nedLlYf+L)gpNVuzq?E_0q(`@c ztb7tk7uiRp^GE(@BJUx}zC;{?6b_mcGQJc)v$O>fIjX9h9%P9~ev}&pAxXZln~6BM zb@&HvGZ^~=NlqYzwF1C$K?nX#D8K}PfQtEn8d}ZMY=CmOs}XE*~Bh{S>52ROi> z-P{=e8$hB775^)nG&oL*IKc3*4NwG+wF1QKsxOyhE4_rT+*+WiR4*gkzy#?)1iVIK zEDi{|#gHN_4w;|E62l~dsOWUCfl$M!EUtM39T@x&v$Ctw+D;T%&&WEGJ@LvRY@|n< zpAK51?JP^W91bE_g7Dc+|2oG&w8F!Zk$oToRp_1L1IHt2k^a2K!{m@1T&yyjP{3@$ z2|cpw@{JyZ!wAwOPzuHb-B9(`JL1Qy``I_dS&m>#2Tr55t!!aNm5A=Y%^jI4%n2wJU&_Fa* za=EeJd9sbUC>?#r5LKGjfY9c&m`n}E`jSh>JTphtA0TvxfJ9Xoqf_&_Dm}G6VBMG? zO4K2wQzzuJI|Zmqt(}5YLSmKE!a)@!a}P1Q8C>le)_}h^^HIFONQmeM(KLw8T(4J% z0UII50Du5~{%C_{&<9Q26K7zJ0%(RZB?y!3O?%WtXHZi3dPF7t*ZUCI)_6_b%sb$m zh-$+$IxLGm!M2O=Sj^Z5M$o#LSUSy|y8lDCf#67i&`57H5_}+7FEyVu0EYs6#7N}V zW?gWi3I4rb0XE-|48|`F=HL)UU=I!}5KaiyI5+UY!;Mh0 zlAQ?pFgIwBT94B~h1j=!6X6_g2ojDa6Lu3~xPhQdtWC@arXu2z%&E-$r;ETWi8%gQ z9fsn9;9(fj;Cg_92v`Aa0JtwRqP99>CT6EE#1%ejzMG~y*@ykU_jO{J?TPTnt2@%dzU|+>Ho~Z1hltm(J;a2_2RpEX zJE&cP$cH?jh(1`_whY2}f{bKDci>2mL~rO;i1l6w0T+n&e(!;Z@4T?@1^>0}=1g($ zOwcUum@5c=Pz6+Il3q~m^Iq?1P;LzWhvc>cJlF>11_Wgo2m>bwa!_vQw(t-C2M-_d zZgB5^F!1*N1?HCS<*rf|w*vr|6b2XaTN7@H;O!wT(jy1{New^me((hp=Lhmm?*w;p zWfQ458NOe}PbOguncyI(1PjG%<1r#TTN-y(k zw{tOX^O1<tE?vQ9#`&4x9~+TbQh8F6W{SO*!B?Tav!GzSvPbMw*yqj z^Hsm~l&E*zNUDMu#HmhqBVTuhXnBq+p?=VX`uq(X@v8jb5(Jqan|I+s0g;eBh@%5| zuMqhCEBM~^OwQg2D-Hk-==7AUW7}AHBcuqTcZit>IZNMI<@lloi>jWVlQlkJmDBoj zs^Oz2i=_A8jj#hb26iQE7AfKye+dLTf+$4EJ&hSXLI}7ZE0}#Dnl8(GUm2RP`8`b~ zd?M33Kt3~Z0c7^*V-M)7+mXoj8`S_<*Z${PtAU`2 z_SApx=C2$cF(_!D#{H?#eP#oQe*y;*ENIXmpa2Rv6!b@o&_8`H+Ih;R&xFDN2`suu z=aA4lBNf9D($~bDz;`{`akBN#VT}+d2l^Y9F~AXt=^{=n=8|VRoi87f6!=l6P^2CI zfg|v9;Kd^;CuD5U?x8?%NBsHx{@AbOzpu7bq7-Yerp$rwE@U%n)aSr`VzLPoN)YYL ze`E#r)0A;Q$)z9v$;~!c+QkBzeg+o)(g=s!?3pDQBx=Rbr&ngwZWkL;B z*kLQh7m*5dy+>Am1N9|dY!OO0A%zuMc%g->6{I1C9eP;WY!wbh7#J*MvriX_>9^B9 zW84vx5|5z>Q9qjyV%A6g;56_YQ#(or6gV=~w4**KxTH^lYte5NnPpb30Tj`PWy#)(X=AJ^ z)Ehx>U%RKXh`vyVt!zkmtGtWKy{4>xS8iYa6{_0#b(n%}5G}DIe zYeCbH9vwB+Ra<>E*866FwWM5o{WaKO&up{U7EWC@+G(r3c8B}=!FFtC!#y|Mb=$2P zYj>X}x88mG{WsSV13ntxgByN0;y4SQcxQz({y5~3FTA+qmpNWJ=9z1bA?2G3bh+oD zi#~d2oqG;C>8Y!}I=^{~jymhH%U-$Zo5Mak?zs&3l zYY5PUkp5VN2X|(l?$syGd*;4l#?C>NR!WecJHcbiK3=%A4=RpzELwx#yCywn)LTD4 z;MilXy+Q1(5I_XU=%yl9wB;Xy5KMWbXzk=8yBN3>_T?!?w zUPa^tD(XwG444%o_(eS6C;}H`lB|uu3ou$446BG2ESEiJgOCx!FD5`drYNKc`59pO zT#~SD?dU77zz7FtxFg_6MISBr!~tfYm<3T~M{)@T0cLTk|2(jZCX1ltCP2%d3?i1u$RvElx+7gu@|btn z{$L6p*^5^CQbZd$C_XT3i9S52KCwXZ2$5;xe!M8kkbyCBVsunS7?MF1f$uQ}p^}5v zs6Kt5w{w zrA1Ei%m9R7Ty!Di`bH^Ehm{g?rxZv%05Jk6m~oW{nIlu!sFOL?vM{)WOITX6%a2Ge zGB4AMbNHE`KSl?EXjlbBsG&_Zy2XJ0tPTMM^AJ+8u|dIN<2W-qIoE~moSJc8SSUG= zaJZyX`p`p4oI_6^+3`Po0%$t+Ssz&z#6BFGQ8DKdK1(GsB}_nRIBWosVu8p0Qz9kE zSG3qGyXb=mOV|lfu^CYwX|$^OD(B-onwd(q45KX*(y4$YtYCtJ2^eANe}E?*nL?yx zR`FIvC4+!D5F)3BIh7B4N*MDYD3QZUQyqebRJf{9AseyFpt7P6V&(@^Z?r08@r6~! zX;o3Rj4Wm|+d83*uCj@`tY$;2(a9#xvxow%Xj3an(jv~Zs(meNUBlYLxi+@8y>00@ zdOFJ3x+u;ruxPuceag%#n;{p!3%6+bCJD^+JLAScr?Tji3GO_zzx4Ygg zNOm1XI_G}3yk3+pXJ2RD^+FfD+8r-@<4auk4&(~(l`npAOJ9N5x3m8F{cmiU`#16e zxWJ(ku;0jA%TBS$3tGgeAOkrXkcudQ)pDZ%QM1#}0FQ$VJgR7dRGk4yhM0T}F@z1= zw0#lbzOCWjE0+S!`!G<#qM>j+QA0f(qxLi_^9;xSu?@Xes4!yj3MKoY3wOYCGd)%@ z(^%}{)98ILrfd&5t>Q;|dM&$i4g_o8bJJF+&+? z2=1FlE2xkQx|1Xi`3RtiF$l?|WroW-pJW>Io*?RF3h;Vtpa;!OcdW2m)?^9_Lr@ML z*hD-`wBdOiB54&GZ-%$JViq}Z#4L82E~d5xrpoge;IWj1H2wtNmk5ZFjW{F_CTI?e z!~jS{&x(hWjv)ZC;$}h&={a2GvZgA6Y^K;cn1qqcvv%DUPDFwNQE(16AMKJ8rVvxs zt}~?WtT&I6F(d61^YdDwl{_(f7%Vg&EZ^~^8HE%ii)>_$APi`GpNOyTF^fHcMS*(r zl142lbG`39?m)4nub))oj^43w2CL;ULP1QOP+~`?d`j1s3eHM~QADsP#}*~e@grS{ z)b_MwM9iDXWyR7DP?(51e!OKJdv)25uS64?VtEg|2_#;d8QqIg_uV`?iB!f|9%bl` zdOY&y-8^K7`GoaJ6ge(zD3h5L(Ksu&Gnm0FI?=PL{^ec}<1K4KeC-tdhjs*dCa?(Q z;NBt<%9|NyXSy`SN}6H3pcl^oa%n%n3tm)eN^@IyFXTBEb55GzlZ5$_GXJsY!lzOd zh%VkI(Bf7tOXYNXLEUazRVOr+)P{&<@J)7^wszDgC_vOiGV>4tO^G9$W8>=c;v*K0Ei5>6$47(1o~gP0burE z2vH%D+Ie8I99l$#N`oCqoFvOX9UxX*1PdkFjwl~W2#U9u(4>VL7rIooNYw~hpYSLI z6O5lG$eKGy3tF8Ss0h}!3`?OD%LpP5<(-OC%#gJmT+NY69ZCDW1jxNs0ZfBHFZG-4NJ+DIsPs8Z4@fEYb}v=Atj^ zVk%0|FAk&X?Bd+?A~7ao-~?kBDWm=~YK}3&4Kh9>H7*U=_*XS%3DrN);XM3+1yLehXln$v5X0|x0v4g3cX z_8*OTMn)cxoN?qchL=EWmoTOVJB$GT0E2D}LVld2MuyV#*qCXwqDv0r4SZx)wT2Z~ z&`6#K$MB@M#TrOdkw$wQ*$1V#{#M0DjFC5udm8xc{} zP%HlU_s zme;#&P(hn{a`+z*(0>5+;R``IV!9AweO}jn zs@H{XD9G%~en}>W{)Q;UWN1T*sELx3LC_|Co+yi6l|g)H0Jf-%x@bYb=oQW=j_ON_ zVrP!_DCZa@W%;O(9!f!`%|Q-njut7}94V5{sFIcqlQwCKKB?G5sg#~5m4=O#Ua5#? zDcEc&mvX3=ehrw0>4lD|*OaN5RwtTrjhe2hW40;Q&>~)Rh+E*|hW&^}Dk5lXB%DT; zoL)_3iR5Lp2(x$y+=brdO_jm$75d1GQ2wbu0%>Wr#yQwz1hm3CO#z+723a^n6g)-) z{aBibOr%O`)=+9|A*E6_gz2ScSBeXvnaimV31i3*RXmFen5AVHnI~AoT`+}=Y(o}ZE;3m%0g2}*IM!-gT8umR=Zt*a998=7Qm z3MJ-pDoBcbtJMUm)ks}NSmqKA5DDHNw0z#x;hka}MT8QBRt%9=ywIsYo!TF^`EoU-%QvCa){kP1#8cqNR}xo#4cmF-soiFrf!1AO`Kqkamg5p z%1=n&H4%&xfx=K7+V=>EnaM0GX)Pg~;Y1urKPe}?{h_>ZQG@KPV<=r=Wa|&n-_WLN z(W?Gp#;B)_WGp9*XTzz*yC#ULR10^Kh>0MfoQPphom5I;;y*E!QzfY4{zhUoADuLj zk-%V`#wU%~NPDt{+v-)P#%<9^Y}F_j8wCm8KHPvdsIVwn9saGUqy-3}1n{IvtQ4E6 z7#3a3F0831P3c63L53PuXk&cl0vxI%T3Taltmr)`(0&th;shsxZp5l8ZAq{7zSrE& zyw=u*v_Zm&IdZ`6D*_`;+3HVyff?>e3@)147L)^8I{VuFbq>~a9Jt` zD1@fE6Aqu*=khR=nQ+f|R8nTdQnD)!8gc19t6#`a5g@_=q(DhY;-o2S0$@WG?=TXl zmJ;&}yWK?60?!Va$D*B>RNY@;C}57+lf9NizrNxa2bd2ZS8J3)#a?C+8(SJ-9E-SJ zBf8Q&Inv4EL{bQ59^+OS?~GQJ0u%tk6GL&k3gRo7KsU+RUL;i{c5Nt~-y`dB_BLaM zr5zi)uq}Zx8=1#DFhSVCr*t-1DFf;rHy1@(*eV-LiM5p)0<6r{pzeO${;#0qEn`+B z$J8!5q#|$^eGlr@&p4oGV&NIx^vpz!?Kc|d8|Fd!hw8;!KK@*ojiwr_1v~MkR z$TYM=^A<#(%tXg#MSqM$U$kvyw8x-u(}jjD8cL~x%DJJLPcB9R{DNY729%tt%yi0* zHK)#jn5W_~CO@M`V~keSLp8kH6p}_scgV`%NJyu~%B z#vE1k1mp9%wFWm>fI^f4AdkjSV@OetiWsX*O6T-vFf}p?9p{=o0DT*xa>IJ89OGI@gSw6{F-iWt6_M}ys zUR-els7I`V<)ksu8MVr*Bq6%+N;xdjV^dQYlcKAHlD1OCCyJCUid**)5ooh6WWU2> zhXAHv6tcCa26QF2s3kZgwuBmDnjBGR_mRtSf)**n0=&T#*@+RE0INZERTdTj%pRo` z9t^d1wC18-Q_LA>L>eDr-&#bRTr3IJ>Bza9jlj=K8Pdizr>-@T--gn;nl<4XQm#eC zG!@+LvL&B18!i=}`ksL~t?!1_wrw%9;S>3d2_Dkm!rlcwoo36Hiw5TQ zFNHa5|IoZa=yO1cj-w`lXn9L~DpnwqA&=V*y@zHJo`1~Pj{BZ-FB>*N$sH!)Ctlz&sR*Ny1qm)W9iQ1n*a?(x`7GTD$hHH18<|;; z`kW(jmp9Y|aFJVZtviuLnZwzvr@3EA1xc()sb5|_DQEti|HPIL2%Jd|+F`6u-nOqa zTtlrypog+R^g1gQdOUf$7yxS`E&Ae3AAgW7EdF@T?6Qi0V3Jgv4~E=(TV6{EVuRGT zN-dxL!4kYq1SKhnQ6Jxi3p1A+x@V?jCH^HXlexU7OX-5uKk*x*>4Ow3f?m}iOhxW` zD#*Umd0XN75lX~}w~Kr-J8N3D4r_^^M?}Nxm9?8}T8J2a$8PulidP(=6NY=FyBzF9Hx23cDC0Mb<8$i*#3ykj%zf~3gzZ^gEk5=%fWAhKB@*7R`3*_|Y3-ee1C|y6kWWV-%5%=GV z_kaHbg}=RwKl#%SiNH6*`nBO@T&)1LYc!wgM4s&_S^joQ=T;DXfsH z2xXhl!VNhj3d7el>`=rJb^4IC5J^l?MU_lk4aF5tN4G%K;}(m^dlA90|XN^G0995 zKQli=Q_VNmW0NyC;jGg;IWwcv&ONKc6Ei*e43s%PF9TH2LxUsKGD8t<6gNdHW7N?} zUxQRKNh!_LG)o`DRMSsCH07lT#STl=CFF~P#@J&WH8%I-k@upwxsFLr`5=b@Ls{jQkD69wm}&kgTYPKI zSu>e&*4gKsZl=!VpD_+PVWN??$>@rcZrY`#Pj*`BgG26l>Z?U!xv!zI)>mu2xbB+X zuk#99Y^VJ<>72ztLLFtQ~Io^ub#~7&(i*E z?y1V&`!2zsO8oJ!EMKbg(T`I7sMv3R$@ig(U;ZNLf6D&*f6U*h{rQ(8|1|}G0ld)w z=VHL5AuuTgR3MBPNE8P?P(=|O$^I8{NToVnA(?loA zXNfnF{^AtbQ$?Fx5sT{4VokW%Me=+xF=CV$8DA1cGj<1!E>YteuhYhsyb+Flf}(Qj zXfQdlgpPT1&K_6NM?W&h4tJE!Apb?JdkGDZUNfY28ksLZszi{H3{Dju86Hc{3zG#= z zm%`j-CedR|R3h^|$_yMc?c>a6(Q+Ugi=s4@Ma`HM6PvNJS2cs#O;Bm`AJ)X9IDJJ< za~=|%y;5g5+exW+ax@Rd_zF5m5sr)TJQxct%YUQ}?9QkK7chZjmZSs9IIF zTy-N^)v8*!su8b#)huDn$XLk=A*Vhmt!XkVM$p>Uue|jlag}RV=xPzW-c>7kjmTd4 zS{1*-Ca_o<>_Y%s*pgKZpNgH|TC3z(_d#|`l4a6i9gyik&i-hiWJJelp(i6N567Mz}Tiz5>w@~Ws5OEJ; zT=%8~z6O!+d{0u}g4`Fs4P)=3`dcCW3MarW{BNWR{Gb7ECBY3^ut50R;Ez1`9}$-D zMks9I3unx`+TCyw4}7T)mnp=Z8Zn5o8?_TFvBaZVF^f~o!58Nz!!v$jjB99PDz-RP zI^Hpkuj%6~^7vIk9x{;6Y2@^PAxuXF1QA&ULo)o$;J!J@1*%efIO80sb9mK@XbHg*Nn| z$$S+=FPhPfcJ!km9cf8Vn$nfF^rbPKX+>w6)1CJ8r$HTRQIDF`r8c#nH+^bVubS1Z zcJ-@a9cx(|I@Pnb^{sK8YhCY}*S)rLt$iJAVGo=Z(VcEblUv>GcK5sC9q%)_X>ynkP|q zwUd47Y8Lz2;U0ImpFPk5FDKaXp6$2Go$pF#dfx$m^tPvY?}0b`;fGFlKzlv!jSqI= z5g&NPn>p=~NBrQ?40+3MUhb1ewU`|rdS`2%^K<`u>HCiPGm{?mt;f3O`^ zzxu;JefO^(eKK<&{JbZ=o{g`4^^=Fx4-q( z%=!MW>E`bo{BHme5C8B?|M;%~G3@}0E*@}UD0jmV36&oj_9_b6>JddR`BTN0T)=X9^zpaoDKt1 zQ0?Nu6t3{QLzJa2|3Y1!Zs&D4`FxfdbJX z1C6i}GSLm05bLV28-!pM2yq1I0U81z0776FL!chaK?qL41Oi|HKoASvP6%x<8qBaB zq9GP0FbDJS7$%_-qHqOq&;r9S4J}a=MPcO3kQAvw95Ha@P~i*DkrIHR8K2P^p%EBF z0ToUW1>+$cCt(-hp$lDb2J!F`tT6}8?)o(56AiNe)NlePK@Wd!8{q*Ke~u4paP2s- z><)1pB)}U)kRFIZ7e9dz=AjQ};Unwe5Y4i=9P=rFJp7?SKNlI#wV9zJp-HK7*+KmbNi9ZVn?OVSEY zG7E!FC+h();gJm4P!e_W3yJb7zY*x*VGL^$Fm-Y$ZSok>5Gvm>DWCBi{n07+kr5&B zFvpM*fi5fOY%9C+H23T)d6Edp&=s)ZEQb&qlrSQrp%j*qEobrSOi~?G;1{LGBF&ok`R}eBEQ8EGZDUT8wnbRr> z(;GPR5_C9iTDqw+e%@*iuGC4r$m@9`PoVHbKbFmXW{xDy*B^Cj!S zD5X+FnX?-&^gN-l3u#gkMbkYAawg_8M;om^$xtC7aup|`69k(U>4>95s>jX{Zc)5vKynJ6-G`*TOk~&aSR`FCl^#9yHGjD z@eu>FJ1H|m!w?nQQADrt6qs`+N3Ipv@ErBg1~v0cf38LWP|!?MM-|o0cy#%e6akSA zIgxHKfzD7Fb1nP+&QcHWJ>x7<7xhyk6jGb+QAJhiy7cHMwNTp=Esxpdt_Vr-dtY1-YUY}K92UhY577!42VhQi&EcRk&PUKu} zV>z~CJ+|av4r4`jWJ%UyBbH)OHe~@$UsbkcUAEa+_GM*uW`iweY4&DucGhe*XL+_~ zPi<#?Hfa8Zw$p%iXpQ!0BdutWc4?Wm(3G}mp*CuZFI=UzYOPk%p7v_Bc5BfrYq|Do zx7KUHc5J0qY{~X)m)302c5Q|BDgfba;WlpNc5dmmZteDN@iuSuc5nH%Z~gXf0XJ|3 zcW?=}a1Hlx5jSxacX9L94(z}RAUAR)H*y`<3K;itF*kEHcXK&6Zw=xcxFK}4VRW^j z8cg?eQ8#r}cXe5}bzS#$VK;VVcXnyFc5U}|aW{8$cXxTWcYXJFfj4-CH+7RC8A{=J zkvDmfw|HA&c%Aoop*MP^cY0Zubh*JG*kQ~b9p%upvF0028>>W4T0 diff --git a/Media/Images/ConfigWizard2.gif b/Media/Images/ConfigWizard2.gif deleted file mode 100644 index 8feaee33607daedbf0449acfebd0049a9699f515..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 23568 zcmV(+K;6GbNk%w1Vfg~D0(SraA^8LW00000EC2ui0Qmy10*C(q{{R30002P%0A~UM zPyix003KTaB6I*bIRH9l06CEWLuvp+o&acQ0A{uTYMTIRx(6wJ2v4LGQ;i&SoD+-$ z7ytkT03jC_7a18w86tEUKUf((h( zG&CtPcPK$yC|F}JnjJF$05AYRG#f%QB6KrDoiI;kIRIuj7yvg4AUGLAGciavHy1cK zTQxm?I#+2oYi>1dlQ(9yI&{G}cC9*)kT{arMl3HoIgmd;KSO3~LW7kb{+aht$%!0vhwY-l`tKyfk(vi3Sm$kx~NCcfq z8=5~hnNcyBZEcroikNbenS_L$maLkZoR+G_o4S#mxZj)0)0)Eno#FnZSDB_|8KQ`w zqlt*1mCB-{o|)0Mq`~c~R}rs!sI7!;t&@zck)NxiWvZ&Gvc;>c%IB)s)~wwB!0!IF zWEiz%IJRY1w|FbKkWaYnrM&z8xM={pku-*wd`t-rnGxLglei=)QL5{{HB-WbD7A?aZs};<@Yb((Uc-|F~%U z! z%AHHMuHB+_)~&0z5boW-fCCF295S!ozHtdFUd*_$V#DhYJDyCrvgNULz8zNR_p;~D zphG9kyg6ZK(Wq0aUj34EWX_3M%brcUw#CevCEMQ3yEkv#uT97HO}w~q%fNLXU(UR_ z$^g)#OD7rNo561ZBqmq*ZFt6gTonHO>$k{3Lwf-fyz8i}j6m?>|JiepuSNWX@HL`` z9)w|jnB+mH-b3gqkd1vD)pwsm?Y$SCK=Ua$(SOcW7*cizVJH%I)(ym=cG~2|op%GR zBaU8tJ(Qm^{rR_rd;UG>(0l^r!$OPWv>4-p71<+zc;xAb5QRG~L?lBt!kAAd4(;E4b_;&WZJ;Xb^nk znAcF2cgomMK0~ZG&J{h3*9edJ`B@QpFj6T)G79l|kfaVGnh>KCDvA-M3jr!9p@v$j zqNZDxYSEVip$Za*W0Gm+LjGwc#3mlJ)(XfTdqfgTa1LfNV2vyUFhDYkz-SKw!3NNu zGSKN6U;uV((JYn8x(6N`!wS^Tq1)DCMl$<+3m(&0XX2~wCe_7Ef?5A>Zrs7HT-b7$}XI-y1}N4 z?}Ot)JS@TrOPlb!)&4`Sx%P6~h_~R18{Rn4nMbn9A}6!1$ENmtk*fay{SkK6RaE9T zXCf4@`Pmc1lg?aW2 zJN7^0{5ZFQG}=Q%{(m`6S#hBD7Hjr+i|FX2dU1pMpw@niy@ik=i+8tugAe3sL6hVA zwtRAf9Nye@e=Pauj}sI*&YF`=`R0iegtppjoA+P16uaFY=s)_*nsmGitr5_^cSLm6 z5FJf?K}$3JG}Ke`YC0FHAV_V^wC|JlfBXGNZ|&;V`%l-J&PQX8IifChc$dSsy+G}G zN{lK)&~s>&1+A~`q3?Q+I_eE4O#lAagO1(0Co%9X$bOddo&nA0IYp%Ja}5k&00uZZ z2P&`(=Ub5Y%tOB0$*4i{5uoU(1UOFV?t}&bo=I3$w22rGRwO#eGs19&Fzi7bkqS@i z5JgV*~BCKq4VgiA>Czp0+1P@jMZQfNY2gNfM@3 zJ>-QWatJQMKngnz=|SUAPvvTa12L4*9_mpL*uHqTE^3NAxpPvsPUklFgszj28pqz~ zmIWb|Zy>E3Tz)nQK+;{QhZ&SlCMgH9CvERY=uuK9PzlEh;!Y8m^3ez}`Hr$h(3hSp zW8gx$g;9R)TM*ji2#*=aZYE@q8)~6I4A~GwqA7+4smC)M`N;SvBa_L}lQQ%)OMxZ8 zk}Cc)S-TQ8y-<=WlI!^%Jt25W=3ZU#8s3H)S9(vf*k`m;Z zH-}1)-c4sD;`C7P4q{HFp_3#aBr1}^DAlUgrl|)>-bpTJRfW7Wpj{0sYp{Bqr-B5O zqO$6<94gkfriQG@Gpk$YN>{7Gl^|NJt6ujy)Vq2}u6zxwU@PR;aRPR*h)ry73M;0= zD)zCERSjc%k%h=w_Oi3d0xD?H3m9Vdv!DeHWAhr?(wbH~PxFiZ!*fVg9Xa zXDe0M%0{-d&21oU%NpG3_P0Lc?P`1r+~R6UxT+zpahJ;+xC`Id6)hKp%T*@w{(y{379^AT z&7&c3SuKKQFT)675*CY_;ml{En7J`~?z5nO@@K{<*B`@>&IRr;4kR>b48l;E7aYwH znvDRg8+n!hsH~7iF9jYPz_dc(;R8_*3DOYB2MkOd5>>N0B4MV|3nJZ-SnmT2oGyu{ z|AA;q-`W+!pmd9Kt&(wE8Y0gUpeu-RhYQO&t^huWtHmg6BSE?!jA*uhP+jS2H+T`g z{(`m>vg=3FIwAgG_D%MIYEr)%bKG{wv`sQ^iKM&Pu?|VTRWj{;c;VRf9`Tch;%;86 zJ1vD?40q>UZfi#)*ye6X!z+F48m+q1-nRC+5pwT!x4YDPiua%XE>3Tf+gsiH{z%GE z!tO}JLkCQV^u&ivl!A90;m^jafhV(Yl8@sE0%O2>{5`>3v)d9CxA6$(foon5!w6mo zz@p({fucJdI!K^d01hAwq6fgy+Y-d01#R(5@+V75aL_l*vf=PpL5k6;;;_VnA^E-2_E-Q9~9df4!e1bF-a7F&WosS$yg6n~A_Owk8gJoDf^{dBp>{aG@3yhuYiEg|6 zV(e&Flb+KsX2GTt&2_q0o$y*8LGn4@a#h8#fCeJ%U{42V>~;5QHb)G05Ov2Ue_xSsiqUfc zRW~n|Z7oM7Cg*R2M>nCzZ0-kX5jYT#mvrtYZsU<{$O%(Z+~Amv~6f zKh0-$ys&>)7ah5{YVH<+&%yvPND!Wu44 zTDNH(2M=(tf{-Y37D#R8SdDlnYLJJENXU%qL2AkNd%Q<$$(Ss`sD>_30}pm{wD*qT zNNr)*Oc$qW^-v5{R&U@ajuAM7O!#CD=4$XDkN3lV7w3Nh({}Z6a8>4D)i;nZP!GX} zbt8p!=~xh(w~H1x4`d*au4aA?>0${9{$(*~f$SCy#h?n!7>yA*ZtwALaTgt%wrlQ2 z4$anRL#TDxcMt>EZ1<*%8z+nG6<)oS5DbTlv1oR}aE6HJ4+d$F^Eid7HV-0~jLQg* z1Gj?SCyb?rh}9U2{w8$WC@7caVBh$UG)a!tc#iByEss}fc^Nhz_m0hYmhEVPfhcp8 zw~SQc0$f;S5-5=VD2@RchR67r9B7wDiE0dqaxdu$(}rjjsA1FAXkZBgmAR2F){*N$ zkQ!MrD!6MlQgNrah+$W1M|XjDpka?VkuzzE#6Sp@Ko60S4Il@a#71@FxN*D2ZrXrq zjaF|nXAnziaCdN(U7>)4!GPxeNRuFVCpI_?hA4R)cm*ptkMDv!QLMneo<;UFKrYDQu!yk&xJQXLyDa31zDJ zm@--ra7dtlNo!L`pBtBMM8K595Tw+pn<}b;mPn#>R|Vln4n!)Bw&+vUR&L~A1^-Bz z;KqUVd7wmCoa%OO6q;qTXjrvaKeuR(4U=>W`EMYpY%0^85vX-Vuxigzd@KNa_UM@T zd69%ya5m<4?3ku?dUgJZxthVU0PE*`YgcuGhnJKVAOgS!1xjs1Cz0#8oxqoOAm?t+ zf|C272WcR6_$DxsYNthKeE;@;xi@cY_j_{6dLOE)Cg*&jdZ3F)b;j74cKCN-)uO3r zV{?jz!6$v4S)(l(e4$CIl3J-e$#x(Rb2wU`qFAJzX=Cd5V6Ccc?{}Dgs)oTbcU}jm zBT8lN7j^ds9gDVz3)*ovm@G-h71%i#fwn2+xL1BUXxBNWja8;6QHFyxh4@-#`bt{c zr4n!XZeqoDoENYH8O49s98)TN0C1 zSrA(h>bex%O8$ii+iJ5)bCJTK^%{aaX%Heh9?|F#h&X>q`49kG8-Dl`D_a$s#aRoH z1Q>7-cF?pV+ZH2Rv>ex(5Eip7@q$*XZ%<~OTSl0Xa&2DA5b1UUkGiwA__F9mwPJK^ z-td$|(X%NbwObKzpjfjlLu^Tb1sFg9$3qa%5JOJ;v}_Tzc6$(Td$uxxwP>4ZTbs3A zi?^pH3@ewmc7STo=(d(Q5pa9BMZviyA-7sVw@(JTlUo#e%eU=S5P|C%*5!3z*9c;l zoA&2|z2~ag_kV;Ce7PFCT8F2ix_xwGcmc(3pLYP!0CzUVb$$qizgT=#NO{(Gd-O*o zuD6Ru{^|;wx1Mr`d>1(a(TjcE*Q<>XV^3(JU8jL#aJ)b3WW+}hoj8{}dwhYHd$YNc zu4^b_H-2}3Xedd8Bgu8?)(0%`0iniw(J;E(t906@yX*0P%@%;q5~5!!h2tA6sK>y8 zlYIe9h&?Hidn&5)S!(NY0NOx#v^sauYj*~SY0)RFBH4P9Pymf-fzz0M2zV~P2f?#@ z!W6lh!gzU^_k9s8mY+9vu@}MXaf);oYP*LI7w5!_n-Ztnx3p*wt9u#HMWODw2qC(M zl6Gluc!)dOe6!T4#InYtS-ON1EW3a=YtIIjf-PlSBKMvDT8zc8RzK#s6T= zH8I7hOAuFV8PKJS0cDms7;g)iz9IQ_rx%5LOl4koX|8s;SUGWV*>U}BhN!2J@mQU9 z42vG=Q_-<#qMM>^=#$d}9VqFm64<7|D9FqxmXWr|=qtH|S!ZWSioz)jPAUG*cK{DZ z5RF6$&#Q>a26qGRN`(8Tuo!u8rf86V98jC*!RPXIM=5OkP@Wk*%h!vDMIBJA$;#a* zgYg!^W=MDuNR;|Kny<^fl9$l^25In2${OjEKAU;vHiTA9o!PvpBFxRBYrZEb(z&Le z(ukQzV9w}F6V%ntt0iq^Dbw{<&(WZ^GI?R;~K%bS;h2vpUK?U=6Mye$fci%&1|AM!>Ij zZ}-ZNF!0YXxr~R)tXWf)8s;9t0 ztdo6l>88K4?c7#7o9P?YCRg3#{Gn2f*?%(RU;DG~nB6x&83es@x;iWCniKwk&kON)U;r*5cZqQ6iV4M1#n@`q>0PYX6z<=4c z;mOQv#Xtx99Hw+5;;Sg3NT8#uSf4t2ie>nqN!^-Jp3AMtpI-Qf!giPk?$e6cZo*uL z*S&8wdEpkv)J=fN?s%g}ZZ9T&(@@^u!Ccvb2%~EU-RfN z-EzNf@JaXOtH`L@#tqOBtTv(Og1Z(UFBJD$vdiKAxjo_WjII?yOY+MB$wPtiSiBX; z$@0u$oJRrk?o9JKFB3Sw*E|37Ez$D_2J}P^vKq^@_q`Ap6%pf5V-X?bNfGizKlKVB z^o&?9OQLIa;PfG3Vj>~++H!;(y%5o<5H8QPC^7Op>%~`5x+-Dv4gvQR;mQc%uRhVc zu&jz>?-I<5%sFB81z`_dUlRRbMcCB!jY1M&|6^f$5M|$BAI=hSxfPEu5u|MrZZG#@ ztF~t`fCy1e;q)NX9@Doh0)prkvG|^C`lSA^_mJPisPA%$i4~O(Ya`wGDyRLYe-WAw z7Hal6JXTK8o~c(xpu=i~cRh8Lm#1Ieo~4cbanDXjV-Y3^~%}TCEwm8W|(Z zE7;aiPl_aogk{&tVpl7er1l~_9*dglWO~xI%;U+QDy=Iv^3mM~w2k3q;Xv=E{tzSe z&DEq)gVW9132Jit-n`L~VsCtLb!n_xVanVG45G|a4x@e|5hgXKLVL_6+0b&Wp8E3p zZzciXLhB}jG%QHLei%_JA0Ot)EiIbDEA1j>T9RnB037NlMj2(SLz{2Dkud-aHnO9~ zk7k@{i!%1vq9v{DfuNwN-mxd4ae^@HB72MsKq9xyAZQ;fwInFCgbLaR4X2j0=%0q7 zjIvB1*NpMUj1Fq*!<7~>{^_8j@DfhL)C|j~1)SjVlP2R}SnwkD#u-Y^r|v{-$tWq? zY&}Nr$cKgk?;0jEj09B>%-kj;)U8k9Q3+21HzW#Frvz1XoUl%vsvgAfT<$c@Hahe* z3sW7ZvH#e+6;W3d1=i4^fHLX7PE(V$z$nLZ?j#UdU2-|XkP55POAUi_q8EgDG}P4Q z`65J1F#_~YTZ=VppK>QV*I1m!8KGHJwOwnyL_s8w)tNpGO}Itw%oMM%0(7NX`d*{= z9bpyKXh}$s8X?L~QPoI6e+`AOseHa2>!wpfR+rqwKtz*6Rr6WmG^04RHQ$$F!pNdN z6`6?(oY~~LqZ)7il<}K7c=VA?B)P;0N!S`;MZ+hNE=cK(rlhhAh0TOC`^h6^A?nHx7UEMOHR=Z<~>R@^tYf-31*)0~2vD8qm~G_%%i%Mhm} zC3mdiTPkU=g`cPR_ zkU#>vZ7;u<+2-2be!b8YHUxcVT~oia8{BOqm}kDAQ|rGq2BQ zfeiJCo1p#}$EuBC?H^6L2s^$+HVXa>M==r_(Rw5!d%$QM5ID#LADE=5?Vtx{mSniYq4HjijDsvP^ao=#+s;1irhPm_o_#k z*KpEdNLX9j%vU{~XzD?;UHKM-j1DsJDm?k359rto#QiGQ@HsF-sdx z{{EO0Swy24wP2gSws;2yg3f^uEQkbuSV0?Iup>IsU=TGj94irtMNCqm4pBIqgitL2 z6NFmMT;a_ZDNZ8nB%wD4u!bE9Q$tg-(lpnk&Gw)LWndc^rtVY>Iwa;MAB$X|-ZjWe zIgyRMT2K^S3DGJR%1*1~4hwTJanCi^|Dems$?ZT=hHWndGSYdz40Z1+Pmj%cT^1 zWw{VW)u%LuULlR>_C}RST^7h+sT3H&=64?EDJ-T<{bcW81EQP|#+7grMBO&!{)Nos z0}dD4>MiY=M5mSue|W9iQ4PW`R@M|F`Dnr$UP6S#f^J-&YM{+pfU|w*OrK-3V9Hy$_VaSpWj-MHqs-> z0(=4;ySONQe2L2*Pct05D2XI(ac*3d#KKdVr8Hcz9A7SAh3Q)5D9lY`eeA*#0kB~+ zuHz01s@qf95lXz|m5}Iy>y*~&1#`1mWlM0wRN5Fo4Z|BOdXja#^X>#WRgD>VnHdxV zs|7j_eo7HY(irLz*rS@9u<*RA7WTyU9rtV0b;CFuufi8yI{^U`2wbiH*(MG)R$%}Y z1^QU|+GMb1sqkX*(^Am5sISTOiGk?4RZi{XV3>6#KAB`Bv8gsjp~c{6Gg4YBciGEd zmJw?$31%{v+017~bDDW3NHtTCr)`GwMlKd-bS;w3cg_fwubF{t;@Qt?7IPT?JZM4} z+R#0t)uCtfW<`@3Vt#&fqt&cuj%1LuMU!-<$rfl$ciPjR?s9fPy|+5W)=%a~SmtW6thTG!gvx5jm@bzSBvR8zEl-nFJ@9c*G3+t|lOcCzW*1Yc(v*vcOC zu%SI|YFFFZ*CsZrHR5WIz#7|amiD*BJ#KQB+uUHTkv1gp>r4J`@Z4q&H=z;wSmXL` zE$-`xPKNw$e)rqo{jS3^BtZdozuMjZ?sB{hO|5z(F47(OV@DW`aEe#l;-IbrHk1I2 zf_MAi7hkQa8Q#U~u@XoTZz8@yzH*kgoX&Ny#sr|z@r!WTsAMHO7@}SuSfKKom)-1V zzp}YU?uicATMwdJgQiMB@Sv<3U-_wtHEeWJXHO)jTRcnt zoo2mLteo(&@3&Xp@?~#=zzNRw%TJTjz=aU<^!U+NlK!q@Xq%i>geNLvs$y~oTGGg` z_%B{uD>7#(Cfg!fwAG$%frJ|8NhC~9`noyXEg1h8Ok#5{zk z1U({=4b>1z_E$?~d4k`$&Y{ZrRIwy`eh<>%C*S?=$F{aJ!fp7^X!*_qr5hnCIiSiE zLNXPp<*0(XAqOG|5$_|sPyxT(cq@w1k1N=N!nld8f+z>PmB`~4wraonEgHTlB` z`tv{@0STYNKgB5mLXn*O8n4sv3!{^cp>qp2nzto^E?4p*WXZ4ExG0R_iWEGt`j86w z(ha2oP1QL7@#(XFTbf`s^i^hVehi`a>UU-IYct&bO$8`K5Ym||GXvSx3 zhjOr{HvuRWiV-REGI5GFD_e(N(1vyX0LX9Xg?UuRf;32uV8wp=x;{{#t~rd6I{~NSxfX z)B;Jv6v~fG%%iMHk=UN4tQE|Zk*2gs&4kX)R)Wmc2n(Ns zLFZEqk|+(7xBxymiZ*dLjIVfBoM=UF<)61fpMx&X}$?`qy2o&4HZ*7t4f|>$ps0~f>_An z90!Ro(Z}KeM<57p$;}6%p*M{h*!+@(aGomihgcC~U5&O_)}f%9J0;I9 z85^IxPy8gxy{Mj%;iM}>6Gkwg(W^7(If7z3rb^W-&G^(|_<+Zg$s}^0XGslAg;ybR z)q5Q@ScQ#R{^eI@%u1dK(`1WAam3GOXjI$qm8+tOXb7rzRT39)f{Bo-FM=$|0=&AB zQUUo?#IV4As008JkQx)Bet?857%a!almNunm956zZh)gf1R4yY1MEGmj||F@ zEXnUxUutvRI7BT29ybI|;80v(;j_=6%mN68;F0Ww3g*usd`j!ej-85% z{h&M1%Za(Tir}D+*IJ723XH*!zjJ z(yl`}+AmsSQ*7eP+h21O(kRXXJ{Dl3L_+Xc)dHEb_5mMNIVIoep7YokWC0M;(TdGE zjq-aL%Q_zWa7w1oF}I2vI&!f((%?J(T$kOp#;sh``bqd5O6eULZe@W|#g(LUvBr@K zLRnmc zZP=HRs+?k}R zHD$pi-$WhAo6TA4Bd(rZJ*#!vs$Giq0wteKj73lh79+jx0-a_x=;$aGlr1rb4j#!c zl$HR($QVMch>Z1GX!o+CqW}se-sef|;H@OaE(_bS^+)M#>6_lg@a;uZUK3yx#+b(G zpnkUnW=8BpJJ=QKq~_3mX51fwNzy!OrIu>&UEC++>2~bOHRXtVsDnCi18T*Hdl*E0 z2!yWwYFb0;sa9)3Yu|-z$cKzbjnIcmAP9YEg^dtvAjxZt&<8|dPK~gJyDqe}UhBfX zGuJ&+m;6wT*z1mH>==3Mf9UJK&WOM^G{QFQ%$_u+w(6@ahpgPn{_C{qf8d8v7z6{! zg|5Eqy|#v~KJ9Nbm;0f2!@N8Y>YUEuKtM9cI|&?ZP``_zm{yj?rUE7YO?lf zg4pdk_(sgu?C35t)P-u%q>gPQxqe9PyY2^BxNUx*>%6w??hb~zrq;+-ZrOf^b9imb zE(q`@2+Pjx$tLT&&TX-VZ!d#x>E`b)dt1@Y&d=tE(ryLcuI*qDYwhl8)n@Oo4x-#H zh~WP1=C*C%wr}F5Z{m*au6_f0$OXwtxc(OLSbN*W)=Hy3)2+6H{Jw|;_il`E?}9*Y z;*M~^E{JpZ2=cb@;+BaFmx;)h>_B+#5hrqtG7Hk~X?$?&_ zkFW-_xrei^@{EA+e>evakMPshhd#J%%jO4Cxa}{0hxsORjbL%q+V3Kl^PWjtS?$+Z zZE^)yZ_*wG4u6Nd*7LJ&ZpkX`3NMH*2krw`?l&-n+vaM?YVJcYZW`b4K`?L|hx0kt zbVbuzcf9jj{a0_?^igN)BUi&DAHg^$^;O4+Xa;IlhxN_Y=}JR&4^;J7Cv{hcMqKB0 zGt>2`?)6~zvR^;DTNm~sCw8+l_G2IMWG}mAXZHTC17Dza85w{o_~&TXb~;~y4(I?G z0S9bv-sm)hayR#LNB4AB_jPCYc6ax8hxd4w_j&%O_jD*Y|zr_jZqwd_OZQ zr~ncmfzee$XzxQq*!DP6_>M4yMTPi!X!tUtf({_~Fst4%~PO-p6#mYS)y3b2qX_-`O?#2-2CWxi98iRAfcud& zdwn|j6{uj{E^Cr%mI(PEy>GLPhphAZdEjrYYPDAyU z*6T*(sULSwiD>Djg=sycMtzDP{-N#L&Tn`*&5^TAlT&&!CFY+>r`*T@yw zePHnJ+k|#)+k*SX5d3TStk#6>jC`3`5Mx4qj1<+3=(r#?MIC9*w7D5_LCYp9GPIm= zTL1wQ7osLW5M#}nhiB8SZTmLve~E7@W$Kg&k7)EJJ*|3`>2BI0R;W@Hc5LqG(#@*1 zIhY_k9ZU$0>&(+G-mPo@bzN=Gj(U)UjM)Y$6Kj|_fJ2I z#6{6K@x_%-4w4i=LyiA*H(r)NMk&CQ|CD!Kl>uB(X;9hPHGF@T<~zv(s|{n8JKy5WeYE1^VTyA zqE5aku6JT8iRS)Wak;y#wgRKKo(}|e23lwmMeG=U@x>QGGVL6=(Pj;X^p8oSfmV~K zmX*rTsR0AKGRrO7l&fx7IThkkBT{7|a=3}m0nfg={Bu#lQpDCgWW2-HTs+eFkB(1< zc2_?hmwnq4Q`Zuc3@ z+V`saPLx0{3EsT#l&NK+w=w*WK2J;p@u(C_j5vT)-ZG$-996d&eg_gb-)NFKmeM=; zv_O!@C%=<2(5b7QD$KC{Hq}(dors$inl$J0>bdJAbV7CsqU~Uo%%pUU-%bj()Y+;{ zNG0?{lKxG?;-U$d+F{1M(u_FP$QC_!B_uCJ=ha)-IB&|UW1$IWJ5Q7M{_Xu-;97XN zK^G_jUjP_4KJlXzY5Y#b@)wfL6a+Q#>C9*hqCb;?;76_@%}Pv#kl3h9cNV;0tCAu! z*uhQ<+Q3RyaFd0vfJG-_!5|6~!n=aZhzP|ah6|aNqotke1=x`mwWxG0CshFsHi}_F zqW;8Sp*2oQ$wHgzB&?%24x6&8w&kPBhWWzxo z{t6~y(-T1+iKg;MF>sIElHIB(7$o(}P=0Egma3P&Ao*ZlZnA>5!WcM4dQCcK)FUio zDNCNTj*hmpgl%lOO1V%He(T#ExnhVVdH7lAM zh>Dbr96c#YQ>xOHvb3cxeJM<1D$|+Lw5B$_DNb{m(+lR)m%uEkZAc2#p%S(Js75tR zPjPa>qy9yxOnoX;qZ-wu-ejp#-HKDMs@1J>Ri0F}iB-EAl&p%itY$r{9>2Pgu%dM* zWNj;4<0{u*sg)vZo$E&4ir2mJwXe0QYeMeYSH1eRu!cQsPykyH!Sa=`h{bve+R>7>w5B~RYE!G))v~s=u6-?RZK;!9(6+X=y)ABg z;Za`hBpfby>}Nq+l-LrtxW+v$a+9mveVlH;GtKIE#x4YhD zigQm3UE55Sx`+*~b%pZX^|H6U?tO1}!)w~{{`I3c>BDc&n_l$5x4-`W{V#w6d`tP3 zmcF!^>?bl%-Tg{Ozz%*egd?0>0@vdnVt^wNegHxP&!)WjJuG?|>=Ox-xWpztu`>y5 zVL#AuIJc??hY#c71&bIrD84a{a~xm-zYcbC#Mx3}j8yyH#2gCNZ;frN<0Uh>$=T&G zhHv&_A^!!zM+Wgtzy&bD>}41g+z8;v0?O$DrHf_cN#EcW9r>llmgvA}DwraVOBf;% zOreJ^3~`8PEQKD;!00cS@@7NCc`0+Q^PTg&=RW`05P@FGpbK4(L)+QOmcI0Bp^RbK zF@?%#nXD#0Y}gf+4K8w_*G|H0ltlK$Hs?8*blA*a5FQ$%tNy6RJYwm8{*cv-gP~CjnQA%BiI-nHl1yaYhA+`)7HMWX*C@?7Xul_yOm~D`B~T%zFIrn z`SRDiCmvM0I$z?;jjX3bM`vTy&VycdG>)CoU*K7zx289u?`?=*>l@Jh&gj22YHy7) z8`}4($c-GwLNWtl2E>TQvYfB)TMnrZc&j(bq8rHPNwN`>zQja`f*$8tswurKBZ!2Tp`UT1)6>KF{ z>KAy(VFxnQqZqDmTDgz_xP2Hc|5Oh?00tn5X&VP|+VMpfxPg`OH5N|z4)Bb@)J0$7 z9Z$1V-|{ri^F+@u0Nv1}&DtbU_ACwes9WX!ZN$5onZl%8XS59%9f2%ZO)VG={s|1= zl!xL)hXCfF4gwefcF+fH9B$A-39v!}uGIos7EZL#3&oHG-T?|miz`eE;nfH{^w1Ak zPYS9D5gm*ZeGk3l!xEjE;2@C{-o(2dOeIyG*)+i$Y)iMO$+L(a;3yr-p`McMARgwS zclBT#&C!P8h8hR}Arzrq9ieCC1U&eWm;e&V2~wG?-1;F>lb~RkAkpGM(j`t3y;M@t z5FI8FPC~p}n+O0KfS%hB%#S$T4kc2`xk)}k#om&836ZU_Mt`~V>a zmLbknh$Wd$+@diaV{B2_XmOlb*Z}@7pa3-3-SQEmZ6KpHUL$HLqi8W>S)>3qL;)*E zBLh-nZD6B0o})NvBSLW_S?ItshypuxmN1fIIijOI-eWzeV?D9sR#bsD7{d;TBNEc% zY~Z6on&WKcmO|o|M_q#u2;?CWB!U$|W^N{EO5|jj!v=h2Xg<|KrlxAHCTq5)YrZCI z#-?n}=4)Q$R^mhelqO1^rdCZ{MdBDgvWjF5ByaZSZvv-nDrQ#_W^o$laiUmouF7Nu zfM@Pzb3&DGKBtLAr>YERL|$i9Wv6zM7FZ%{uXCNvMm|D0AMZQRV24(x)>> z8|x)Pek$9--QL0JCq3+fa4-Wjpy`LcYmDpv{@?dFYZ#YLaT*D$wUTFIL$1b|Hv}vl<=QU*Y&3XluR?0LN-Cr&99HzIhT@D!h)WTbAm)4pfFFsj8N&qIxTT=Bcv&YspsZDU9o+okFG_ET8Erv@UG2vFtOX zLX$$Q>p`f%-fD^V*)FUpu;psddh5Jt)SiiK)9N0|8d@T#?AS`G%R(y3ds z;oceBqQj#xsNf2$pwU91DXO1Inmiyb2zhL?rNZX!Uc(8lpZ(k2HY=jCDcjPW+bSnx zwv}Vbtt@4z+Ev;-phBQNTBWM1p1tU_?U}xTYO__EpD{1elB{qv8l86C?HL-g{jIV! z=)w6ewb`4bS**zdsRX^Wo1N)fp&i>HFss^v>zjcpm1;=5;;!xj74H^k z(5~lq)o+IAfXpst+~#jP?XS@CsQ+>o0AtAgqE+r1FdHE-2wCj{GjMzIrFBX$LH<$j z1@~72U&sTWRRnWz3VHAczgGxb$OxNN37aqmp>PVf*9xbH0KY9wZZHhX6K(de5C1R_ z2eA^?k$FWJe@$Eve9N%#_p|Mt}F&_7^1Jm&l`>`PBjvikX z9}hAjBcBoLa3VKy%;GRrGO{C2GSC#VR2?!UXEIq>a#UfmCV%o!a57YRGANg_Pl)nU zk+LbTa!#N!Q>ij5$1+8@@=?LEEX%SQ#778>u^r#CFQML?&{ zKo7;1y@deOLX%8~s-YPdTt*vXGpXt@`b=JJn9B#^-7H$jL*pGF?E>}`Ln-dWc%-yV zfY1JIo?#qxU63FmN)1^Al8ZESP{=ff;Is+abWq3|P|q~GN%YcWv`_RyC~!1gm9tCA z$kIggVURQyX4y%nhfs%)Q40nc5VaSQQbCtBMbz{^p9NW`Tbkhh#8)$Q$!+z8B=t|k zb$Yb5^mq%aV+P5tv%f1<~CQ!^y?P zBOywesF|Tm&zL_ipgYy5#bC5FId0kVUx5J0XUhrE1&mNX3E&vr_qffQ zgf=F2wlMH>XvFpiP|a!+%Dpu9(C{{#Kp-kg30o|Klw9J={Twh5H`Q1Inh+hL%yydq z$(+y)m3Ys=_=Ej*hfkLapd^Wq5K7;?+!!49_Aqz3#D@{&i=kNJpS<=;05`FSq0A+O zZ_X?5#(P! z(kBH*Krb|8D~X?IHI@vI-<9@aqnqLVi_t^P~FHO=($`pkSzc|ti z;Xo7;26{JQ5TT;Myh|t&M*E5M7;(pFCk&f)`RMIX5ba&Q9812)OV?1L5ox&-8hI%_ z`9)I+q1!o@JGSJh`6_9(KQCe#(cvfw44^all9N z*{z$Io$rH<6ZSvY!;e$DdAhM04Ea^>g`vcUC33p|DU7)g-2pYZAfZnrX5nyyJHnWC zqhn#Yj}53}hqmYl|FuNBtV?XWqJZ;s63s>XZA46~5AYz#mbCewC%gOL^9+hQLCDK^ za8JMYw%4e&`H{=L2M=9rW!y5|BffoFJ;fd~t7{ufuoC2Tb22JOEWZ z7DnQE@ZBroMf`;czPsDBN40s_cs>llS+no}L;gb@7jwAK5RJrjmF!89H=dk-db-mH zCAwT%@6f)RHUAY&&7nG2+xt7KNk26DEVK>s{Y2Y~!K2OLf1o~}Ay2be&=dZzSIq|!KlKZ? zBApxWD|@kf{aq;ivERYgkG*5CLm9xobW-(BzCE1mMd&4A+`o$yLAHM5JwW&)cIThK zJMcKX>$eEWzi|!!McfC*l|u&a;Q4s>{x9P@f5imBi8%6M#Bmo#?i(YFqeg=Z8~Pj8 zu%pZo8%IWziLzfMdW|ZYycsbc44nUpZtU1H-wR=UK*CHP1*9& zj#6EZ#O!c$%G41nvy?dZ?N)*%vvx-66lzkao-xDRz4|Fv#c`8Q7dCd^nPmM!DI&_l zQ8Lx<;m4Q%zK*tU-{gO*GoOF{fB*jh3{b!U?NCjo00OwcEO;zH5F))0ylJ5T1YjdK zhz_JMD56+6AR4Y-T7*Iik?K%6hY&2nDBm>V&aILl)NrhtxZ1~y2sg4(0Kh~HptzjI zL2yT@h~(9>Xfj20>tAGz5*9E6php`|Q9A zpv(*0oy5#jy>HBpurWZfaPf;zKYZ?y?`aP$yjydYC!46yO zvB@S|Yt^_ed*iRwZrkm*;f_1uvpq{&ZiU(I7Ti_pnL<^NOgsRZ8dP(m3_~5}fSny5J*Sj&3iQ`uc0~Q|*I~z64FnAk zIrfC}9&m4$_f>7Fz~vjsbyr;P*PR|dzFqzG2mAnq7KeSUMt7%iK7$F4=-;~QLcr7ZBE?YUxn+1rrg z7T^WbUGHN9{09R~;;QjEL_v;2iT6$yKm(1heEd3J`sNox5vryN_ECrYMmR6FQAH36 zn$VO2l^}vlst@S1xcPtsEjs-lJ9{4g?1Qy)HfTTjgIHuIWh&Zr(;?v$DOgD~CIj#URaFCZi z(4dRBk$f5)i8~r3fPh_#OGs1?A&bKfZdr?4>^QB|#?2;-} z%|awpl`y5{9j@8QQEYURu#BZBYe5M-T)2omI^`;X3tV(qBAQfU1W!7tQEDEBoc--+ zH;Nf$46_KTEfy|Gpu311T`{=hsZ4sGYU3EUM8${{?k0|_;Pe=D6Exm|k7|s_2i@TT zob&?}X0evX{*lgiC^91SWQQQxNsteAlAj@TAN)|*PjszNlyvH05%fxI5J6tK*c5pYno4_451$B`6K#t!qkX3b&>Wg zEw`qsRn@wUZf>#LY6-+uXys+Jwn@%7$T*Bkk%giZ*~f7}dKbP_^rN;!0xtf=BiGpc zk|4pvD`?)LAA1tG7LnSx$5sYgWyma%$klqEfe_1I+mbaO#{&_3jF zNRP1tp1d6ieK#UcdE%^*r;R8200vtDhpn|adF_DzL(rg1(YmS<#tUnRNVaLZG#GUxckRKcu_ zex;rOfYGBQu@?#M%?TlQkW_yd14sGblpvRkpyJ?+LUibFJ-MYLMR*p$U8Y)rM{-~< z&!>Ln+UuC(#Z3^Rnayo>3z#D!W;c7L%;Y-robjAzJ);ZG|B&;Z>;CMmJMWp$g*J42 z`ut}-2l~*BcJ!mmmFS;2n$eK9^rbPa8cAEa(wX-3ryIR#NOv04r8c#jMg3?}pPJRJ zhHa`T?P^)in$56o^r~r{YhA0))`!ORu7MqF*4n3FO`G(sg`I3=^P1RMHT18S9c^hR zt=G?<_O-DMwrUp|+S&H@w>MTFZHU6z+y?i#(H%5#lbe&HPWQXvoi%NYyWE8CcD(VO zZ*#4?-hkHkzX6^vez#lI0XO);*)?!ua~k0dcldx5zO`ff`r#F~xO^gxwuxK&;vM(+ zKQdmojhp-9C4cy~?QL?EBOK-aUir)a-SS1loaXqJd7kfG{&Stn`sR4f`OblE>YmT} z=Rr4mribq4q92{-#7y9XJj{4NGj_0bQ`RZBsI-0jW=B|I8>;vv|05-tz zvacQK%{G`6)XsLfJKgO~n?u~^o_DI(eQR{UyWRn>b-ts`@9qx#;pd!axEmhvjUO|( z!Xcjk=-}^;xBP0u?&Yyxp7UzUe3v)hdC?QtK9MJQtVf^vPC~xlGgtlVN67lqBOCU$ zXP@jB&UoAJ{&l#Qc;$H?{I>aCgG@x}Ie1cx5^%_o`i2h4ouPakB17rF7NpM7du z-?bx8x%R;?wM5@t_u)5x(Z-Mc^RK^U=`TO~;opA#?i-l=1&{yzY`_z~AsfVy>)MbFQ{a6zDfjHJ4!Mv8waNwgaQghPssJ$%n{N=Qst^tF z_z+Q`6mb!QuMzv{5g~E+B$1yeu@YLDv91dFpmx-d3|1|?f2gA9Ph6R-)9cR z&K=Pa1>&(BNsb=<4<6UC_}Wn)*N-3NQS$)O|GM#YzOf*I?jY|bAr(^R7*cK=@*!z1 zBI9NvDe~nk5^gXuBUNrA-=-ryvgAP0ZA5Y;J+36%<|I+_;#5*?Sh6K6?j_46CS}s$ zXp(Gf@+Mhs0~O5%d6N2aa%^@oDE^Ab%Bu<|g6aRZeB0~V7pkvElPps+@a)oR@bWcjEjFuWHffXR0&@*>Q#A(?^m-FE zchek$bM9=DYH+hSg>E?WQ90S}IHx8#o%7S6Q);AhI@>NY{Sh^>6YHw;X|A(7E$us% zCOpNH?zFQnx$``kjy#jb{yf?9(A*Pg;4?n=EPABG0@pRZ~^a1s=Pr*%3C5BH0wQLAAVhr_A$0kuBW>FcH z^!}6s12s~w%~2cv22w2*YcLgWHkBzS^(PzjQ>`*oZ!`)?wNzJgK`S*?ldV&6$5rDE zRuM*1W%X%jRbXuOR=3YoTa{OJEm!?zSAo@NgtcFYwOEPfSm{Su2Q@}V)mgEPS@R`X zrPXGrwPdcfE}<1iw{_aGwO*|CTk~&KZS+^kwba6uUdAb$Yg`cKPyFZ+liS`!>(! zwm;Z5a5Zgjqt9^nY;gIba1}Qv7?;c*S8x&60w*^?gO*Z<_Hwl zbm4<^AJ=r>19cTwbyb6P4cB$)jB`<~az~JM+e~)d0(JvecXNVw`_^|y0(kRQcq4*% z>(+Sx0eRzAd6~Cuofmg8^ly1ndb=!otv5t%7X`Cdd#RT=yZ6<$w*|x3M923J%h&AA zm;MmbcSYAX5!+XMzqdK#_ebB?5$jjAus470*HqWxe*rjv1$cl7xPT4#fDt%>6?lOe zxPcw`fgw18C3u1|xQea#im^D0B{+(;xQo5`i@`XI#dwT6n2X8yjL|ra)p(8B*oe)zjo~+i zxQ-q8jqNy(^>~l@xR0wCkNr511$mGOxsX*DkPSJJ6?u^vxseALksUdbC3%u5{+W#- zxsowClQnshnfQ`9`IA98lttNvJ$aN(`IJ#PmAAMlRk@W5*$`kkmSuUCX}Okd`Id1x zmvtGI510si`Imt?n1y+miMg1K`IwQ}mk+oXn7Nsq`I(_Pnx%P~skxf1`I@mgn?bmg zUAddv*bwR=oW*&Z$+?`(`JB-?oz;1r4WXCU`JLf8p5^(RiC~%M`JVAPpY?g4>!BC6 znU%dcp!FD>`MIDCnw;C&fQjIs8QP%h*?@bYp(T2vDcYYun41MUqs5q@DY~QIIiU-9 zp*?z})A^wbIHE~9rBxc8E!u-ITBBjQi#d9wRT`uTSfpuMrA?ZEQ97soeVU|Ox{Luj zrinU@XZoi*+NK8>r;)m&cY1((x~Zl5po5x&U%IHVT8fW)su^0T1(>P1nxUUsfTKFB z&3c}zdV{YztJ!*qxB9I2*{cH>tl@f}$2x$^x~}#5oYR_!hq|o+8;jq1ujg5=0hq1{ zd!Fwafb%-B6T7c7c&!6_vVnN89s8r*`LgkOvH!QRHM_1M8-pdAvPpY~E&H?4*|7f? zu~ECE?YXrHJG3u&v`f3TY526~Sspk=P2QOvM8OXxTD8}Kwei^ zJ^=~V*|(9qp@o~c@7WzrzyzWpxtDvL-2n!)`=FcKv%P^9z+0ZFJDul27OJ}*5Ce>=D{+n@v768>Ac-#NfFyr2u* zoatc~pdl9eJDwLDoqK$qDcr&j8pCIty#LvMK|INQSj6F(#OEOoT%jH&>9~_ykJjP0 z;oCzF`o0-Dz_S4gBpk-;fyt_5%#$Y{pgx&{3g8XUXJlXv~xg$PtmfIb$3EGR? zuBUz6b-W(PUC!y8$a|dJ7yR7?zR<@x9v=ME{yCxL$=%&K!RGg!-X+}9A)e3iJl{wC z#&=xiANHe*ncdle`|aBtqRW}+^*y`!UCy_Cy!~D0!Mz96nkwvi#Dy=vvst6`}Qxc+`0e0)me)-uim|U z`}+M0II!TsgbN!!j5x94#dr-_d<;3V!KQCT5_Vt`Eug%Ope&yw9n@fH!G5W-wWaWGFNu7Ln zD4>ODVF;su9G>N2jXG8*B4Z?$cw&n}4oPH@Mh3TIjK?Jz-;EqG31x9TF81SrK^}=^ zmRfG%Xr*ZqikP8vz1e7}qK>+vPo|!VYO1QP z%4(~wo{AX}vd&6tt+w8ZYp%NP%Il@Q{0eNa!VXJpvBn;YY_iHO%WQ6*B1meq(oRcl zwbov%*Ryhgify;vehY56;)X^3F?dz4m7LF1PpY%WuE_ z{yU;u-2oXdzy=?TaKZ@ZTd=|oKMZli-ZCt4#TH+TF`X1=%yGvaf6U;vzYLpO>!|$CIt{~&bIv+DT*q58t8DYmLJv)Jzde8RbBRG0&2-aFhkJC= z2QK||)mC5K{%Fq`(QI=aUVjaC*kX@OcG+g1jdt2+_y{7U<7UfBn~A zVSoPEpG9;3{{Iia019w`1T3Hd4~W17DsX`eY@h=l2*C(SaDo)9pan08!3=6}gBtf38Wh{GJ}aECnXp$~ru#2^ZB bh(s)+5s!$(Br0)bR;QiGec@Pm1<8J zYEL+7PgiPc0BUM8YH4X{X>@97eQRlsX?LM&gRg0epK6f3b~6BTL@IT4b##?}b(yMi zo56IergOmXdJt@VFLQe@K7Caye}8{^hP!sC(2HO(`X(wq@+jvGCcm?B%=d9+su&j0_r{{G+o{{9I50RIUbNU)&6g9sBUT*$DY!-o(fN}Ncs zqQ#3CGiuz(v7^V2AVZ2ANwTELlPFWFT*(_r#tA)O|Y-<NfO#iupS|a%?18G&*%@Bw}1Ya9cqY=5G0T3iU}-#{vW!C2zA57_4_ufP8K{Ahi9Obv4L-EaLo32XQEpcijC0B6z9s zX3#p$tg}vt0#2AtfC9=QUyBbebe}-{$O0ogFw&S2K6ad!UXKW2=%YeLGL++t{M5*w zj2tBi(T)G)xFeAgNvYwMa(P&gmm!TP;&u~-_s@6()q_nReDHC}CdpvK&5A4zL?1ls zHKe6MdmhA3Dgwci3n=Ja<7AN&UX(G5IK!ptKRbWq9hnrFiDp6Ed_ijw zMdXk}4~vw@Yp{&=hfgR}#%H9s%=FkF!tyzYFqT$3^N%{-+$gRr>)~@Rl<)+}b(Q+v zhz}|O@<=5?fAU)F{@3VbZKo{nsqM0TROeZ;kUH{e-quiho%ld`7xcE{Y2VB7;%vKp zIk%5XIQZFJ>xXdV4~9K<+3OAH&$p0r9^l(;SDN$e3t?w_&l>HFdq+Rl`H;{IIr9b5 zN$0T0u6zO$4TB2DygIjH5BOh@5VziFeO70B-;F%-c=*=lMNVJ!|HPNKI?<$3kD*o; zM1G-zzYo4Q=^EVr;rQEUo#y9}pZ$aH!_mCTSB&}1Pkf8pob>khx$q6}fBB=(A-ER` z?+qwI`XdDYs?;e`(e8sX(Va(J$>ZOM;@*ehVB z{-lnstwL1(9TQUcI_SV0cFP%Rnn$NRr7k-a3vxBYq4mZ$z=6O_heGUM4eKRE0$%Nj zczYlgzqdIAHZXo$Jfr`{Xe1u`5Qr0^62!LEE+Wbfgm`?32uUKQR-MLa&T&X5au5jL zDegS*cn{womx@|s(LV3-n%_K!p2kJ7M(GJsC9_4wEW*xhmP91oJY@?ad2b*uZ8+(WE}I&y*Lif1)vx{}*vXC&Dah<8j_9F|~^rXmR- zP=`v?kaRO8kt^y)#HrM#I#nY_HAyD#_*92H%b!)vs#X~i)vbEv)h}uYkR49X|1@z#8_jV0|lM7t2_p zDt0yO769C$f~ytY*)|*P&$yvzrYqV=WsU(2Dl7fh8?;OpDsq;#IZFVg9Xa zXA4)@Do3`o&Fxujn;hKg_P2@cY|eZO+~Q`Hx5y!`ahI!9ouk4C})o^O2{+=>P3m@_oCv5+@|bwvSSKuXd&WS(t(1klw!_eeuMVDFfjuX5k(0a;o9{$Xb zcQ8Q49Pw}fFzu21ez_x%W{5sI0A|T$n9m&92M-qPmo?*txcc}&eL}quLl1h<3PChO zXboyqi(1wT@rR-}VrX3}YSNbe66+-Qd^!p&}E)udcQfxdY z8rKr}ccmSj5_bzk;r}2v#OFg_aZp-7+U9q@4>EC#1U%aFZV0;mJ6`UPlPBYVarJHF zJ!=-^VbkZ)a{vaw>VMo>5Et*ThASYCRilR$E6_olyI|>=8~M#G&~$!fZeb|1p#iv7 zx_;kL0xO`n=qMJ4%VBPFq0=134A`_gDlBKJTU{PPx3HTvjABpA+2%hG#MdJ(>ucLw z2=t(D!Am{gr+2|0FMqq+yR7L7)T0$#5PHth^YQ@v`Nukz`ap{Q^>>&669E7*;AhST zhEG21DBir|(Svx!Lz%)&k9dVaEb{?`qVX4(I@3`-c&)$u#hZV-o%X(uH)dpY+gA`qq!nfVa=S`SM_J$VYeOS93q1a<;*84`+Xb zhG^`jXLCny!Zv3Yws!=%y6}STgc58sQcrJDx-sTPO-~jbCYNaL)3|MFe7i)RP zYUEaeHD_zXrVkuYU#eyadWLGn<^!_UXfJ4i^D${qhJywt5b@`GKeu!~H-r~F%k4$HD3t5w(2yD`} zl5b{w`zDSI$&ff%YRIUNjwWpmDU&ZLfdM9Q8fJg6h-dIPABq-hY~htcp^LP^i`#gN zCg+NH7J~gaAFdDz*7%6GMt1>NYV_8TPT7oXd5wEWlV$mFde(NpHgb<=ZRUuMEpU{L z_6wFU4rJhtIwpig_=t8giuR^${5Wt?36YNYW3(2RO(~9Z>6CVYnGZ>KFFAn~`IA4n zk7q6vr77Ltc~gpxyFvPcbUDG>0umE9+N0aIn3eC?WfKUNU>Ou*2^(Z7n{0@1 z!H8#W_Gck@fi>`u#pZJ^Ru5PRlke$<@o0ecIfCeRo6g9P|5=+i8JLb{cQ(n0HfeLK zc9i=71X7S|wLK>aZhH2E9rRj*JADNvZ)SMImYYmRX`dRZst1nfm#AvW zY^~RM#aXGhI-(<5kzi+hnEG{o27itEsFITha(1b$x*sg*l5h5PMH-oiT6eR$tB00$ z&WCWtim9U)YC2l2Uh1rbN^Wc_XT?Z!6siL>cd37xrt3;>#oCYG8K)^$VW4__ju)Eb zc!GJFo}IC$rE+E!ag=G+a445%>-icCOA#6Pur1Mw7%LtM%Ow>X5r0`_8`}|p$EzDV zv99s4BfGMCTK-rXqOvR-vps>btpT$#d$Tw}v#epWINP&C!B>72Z$`RpHL-6Fix8bT ziZY?GK5JHk<+7hOv>HbdKS^xNd9<+Ei!_0?O&eBPkPT2v9k`{220?P1_@!1$ms}f; zW@{2_+qGWxwP6cc)rNYM_I^>ibEHU_rHOpS7=Bpi4Z_%e1U7qccM4%wfi1XtOi6Zg zwsoO5Y=t+h>6dnJih7ERxVjg(m}&shV7YtvW>a=~nMap!3shPF4Rd>0mU3d;(ts@} zYed?nvw3JfsHUPhpAVOF*|>@@_J_r$1Amr-D#@T}+F>g=fex#&|LK9Qi-NvOpw)Sp zO(>a-{>Gn_mVs6HcS?J@L!|{ByCq|*WQ{g=u%PRwCm*TjY8~TWvwsYt3rHF=*U>1um>b;H?zAr1a<$Ijz zE0YGPn2Z^}xf{R6rlR(nmg1SewOh6RE1UgzUl-?Y1Pp`%se>a-4YVf0lS&UDyuT4F z!9b<64#p=^+JI;}yQXM!7K)*08@k!cyEH19_BN+C_@Bg!XF3X$vB{8Y8NxEwymT1D zfx5p$ip9m3evE;rB!WBpseOfpA{&s^D&BXNf3rukd!NDU+k#< z02`|N&;v;@bk=*3sCI`Gh{c*Hba;4@qX(@O`N!z@c15>{r?!VJDS|GFmud_`K5QC1 z`^ls{85A6~rJTxWb;@F^%C0OEp}b$OJj*T-%cL>Nw4BS8#maQ6%f4I^?DY=7_z>d2 zVe4j+c7e;kyv!Wy#^ttR5l0CnAr4Mp%puWWCZWvC{LAL`4%S=}{@@44Km?}S5!hT3 z+PuxWY+n7aXS~vQ-$wy?Kmf=*V33A%ool-KU;-Fsp70D~l`4A1jLic!VHI{^qARi& zkymf6NE(+0o&&rb5#r6>-sRq~jNYpy-|J1^ zx@F%n@!cV&-~5eT{tXiV9%kx2;MY~)FLB^Ymf#8=T?}5!_#NL69^vJE-tc`}0*>Js z{@y3#u^sN=?XBS^fk^Ihe$b>%3L( zeNJrETW^UzDqWn$4o9}bii;o7k9oZ3MEkxQ;fI#GamOL&z)Znfp5GUK5f!SdlOC}T zVQWE(B&c4tobGS04iS*<5@h@6tsbA{91`eOiLbe9zJ|gT@sksmo3`QUZUyRNF6vw! z<06-Iv3?=9&Ja)h?6Y2+&u$TI8*I_O617f^(f+m^A#uJ+>@#Ym#jSC8$A5efb$+#$ZZ9}L7z5R=Q!ke}IUb@L@+TGWdG%v73zpi;}@SeA#b|-n4>X8^| ziS~!jcTB97E5D}E?jqsjP@e1-zU&#Xl2vJo7b~Py&urb9hW@&}SD1x>O0TT;oqDLD z<5_c>exO{;y_}}8MS6u{SeHLIi;4(|5gdtViJNsgi_jbNOlxTWroZ|XYN(m?yC;UO z>wyRSfbvW@-ctCIVSvRh{mJo1!!kL0Cwko45f3|A}MBumVSj2HnLd zc;eiNdag|R6KIg2PK^~W>VzoLV9lEXH4;49@&ZR89 zegzv=>{zm8&7LKw2JKq5|4?!Bit6hYx?9HfD_2fkTfTk${w-^_Z=HI8qoxdiz?;aB zACn4?h%3EfD{DE3Ucf8Y{1I%qeU{7hm*HFun)_ti9H{sL!#EIFM~P zoovKPH_f=Jhn0<@TIo89SXpT_-#V(nqSXZ2hr5#$a}uJX_Sqpg*M#FJ%hmEY(n#Ti zJ4&dhPI4%`C0EiZGTM05{tY<`LlUn#1g)DbDDfg|4v;0fLyt`7AY6${0LfhKODenk z>OCfrYI45q1`@NhckYbuq5<_lVIY4J;qgk4&RguyNqaJK%p_Z?p*K?tdJ5I3ES=E6 z7B+qJE8!Gvw2M7qB(_+vL^SrS5?PYVtGZduZzl#A z+SS5aJt|TqqynhmTW^wEY9Ac}7=VqgI*mw&3eu%lR7R)7lpz&9icDRF+FU4rBXP@( z6?NrR_e|WvLleypkCVN@eeCf59C16*xm};p8 zsF@@0jDDwqMH}+8AO;lsSYbY~g?mI~;|6P4j+$lZ*|7Xsv9No}fy>wDqEeu&cZzng zA014iJKMopY}{B0&B8G9w!*bMbIs{?dUMY|Cu{D_?S=?%j`RlWZ*J}}N1k%X0ZX@5 z$*Mf8cM4zYoq?as99p)v1>M6cdo&Bx;LDQpc;%P(i#g_>4_=haSzz>jYZ(w0~`ET5QZRN8hJ2{I4B?$g|*EzhfB;kPG$+B;f@tl*Z{8j zfrOD*ie-gUT)$4jkirq|Yyp@bTH1$}_W{s{KLlbBg*Zg!3D9x`v>rjQN1t+3D& z7WkyXxbyj_hUHlwW%L08Po3{p1Zfp3CfFy&yu*J{VO&yJ(S<4&WPE(t;aPe}L^{^d zj(5ak9=&43$RW{y?Q>(1Rnqf*5&<`R|LnP|ynrLu!z7_gLBx@|BsGft# zj_Bwg79*EJ<|9hK#L+Bs)MF}Dxk^^H5?g$193ui?B4?q9CEkMw_XwiBOul0>lM_c5 zg8uolRxy$qoZJZvS=dQ$AhRP0BNv9+_{kj3FoQURqqYR;N^W-3o8JT{OJGSiKi2Yq z9N}dyA4m|@<>om~@@3leQ35Hk27?80NIY9o!+(V_hxyr}X#A(RG>$Qu`^@I!!nsg} zHq@a(9B150p#xgx&6c@TQARbImv#OuDp*QMaQ>wm5GJ6JiByc@N)p2Wm~eg=LgOcC z2s9a5tRx`JC)yG^qisIar#}U1P^}eFxb=Vx6+PWWSF=&3sz`xoshu}XSr$|Z)v8y; zYF0xOJQ7F(sn=7gvCPQ3Z%&mgRn=-*)ws#c8MY+VP2P&KkUGkzrkm>DRN|tu5Sg`&==gz{5_6t}PHeAO*vS!Nmf~hafCr7VD3~F0yccB`ah8ul)B#&3 zJnUiUnhw1aiwL60cB<0bENZE;?Pfk`11h|O10?CHtahZUlJj!1HpaBla>+ZPEt7E%;PrUMGma)RUR`GzpS~p` zXCvt+ktZ`w{mK)Ap2RBUXE1M1kV$deqWTH(jUY%>wSDs;$K~9;&2w=**6Z2&_D6^=? z%QGw^bHDNY@x1TTG?+f@NEPmI!-~RXCD(K{IU;5+U z|NjpQ_~VQHtFQh8zymx$0c;Bbv@Qcgzz4iP1!M~b{Im6gzzftq30w;b6blBbEC~7H{Ih4ywHmovp^AaL9rvjvtR@hNI$bsk&Z$v5PZQM^t>1}3%II5vhbcL zQY;;$o6#z*)2crnWI}NA!Lk4Z8wf(N2&4r9{+zJL2PbfXD6p%4$cHN6i+C^tE#$%= zGD5hyt=!tJ-fF@&?4~Cq3r1LgDGUqMVI9|jov(-oGJHLS^(qEu4aM&_XEK1&AO;jz9-31Vdzu#(#iDCzt|vFvNc##X^h)E)>Hpe28vz z0#N*rR5X?VV?`u<#S$A4SriLe%%s2mkiEX}M_>FcUQhonIslMyGI{WHXvgcuJM`cIE8V6 zH8wDt!mEmPvlyNm7wwQT$6%Qx5wpn44XJ=OG1HDG>zBI|rj39Y1K^LZ!y>*ECban& zssK#D%d#zFOQB>dqWlVk42k{~WT$mXCqS%%m(h*BnWf>!`VE= zlr+R`>`0H4#~5kBVu8z>v&m#jFh;uwN0SYCNfhotlAqx?K%o?|F%V6|l7+#MQ%g0g zn4N;S6E`6xt$RG1VHA0>nRg?hJjfr4!7`h9x+W1d*C5TrGR?R!O0;Or1?s4Ff{1)j zMBb!IX|zo+{DtDohcZl1mf*^NK!>%2h+j~~csPS>JjH%kglwEpZ%D}u%^s7S$Kxax zV7o_rWKI&BwaSD$xjF<-e^azSW zml8_~3<(z?#R?%!&-O4(Q7ujMLqR-a)f0USxRblwgN(Yn8oc8my^Dw*NP=ezj`E4K?wpyTK^lT# z%)^r!?SQ;8{sWD9QMVD|HY7_=BI6I53KejHRQMC8B(_MVG}h zm_<$gqFJ2<+NPlIpb=tP#*1N&Jwiv&swOUtF+HOTzqrKX$ z#oDMvzTM+muO-`5%37%v+dM7XwRJ+Uy}q=~KDL!xZ#vtswY8?5+q{LS;BkTsSX$u1 zTfG(B|AARgxPZSsuCX25#eE)_RRu6WTntm&#z8{ULM_I{-1F1F6GYp)Roo9rL*0ry zHq6}q(&Y%A&4$SJ*~vx2`H+^KU3sh9xAk1sy%u|9MPy@9Ux8GeTnmx)Ntj$-l6Bhxf?KNfSYn|`R$R{N z1)u9R41L_*?(MTYNU)5?}@O|F6rJMSNuJg4^cLf%GXf-q$vR(w1 z8~LbIp$OdI3GQs6J`o3XrHtwji7Y`CYfGLD{zdqm+TR&p01LM1CD%m@imgbGkyHM( zkTAJ}a8KbF3P4q08}7JB(&6F|5P*RfAP!>vBU$A5emmanWB#&WhsoUk;*; z&GV=^u8KIhS9_%y2A&Twn*bNEvLmaQ3Kr#2W~~nP+wdh~&Dq%2dp!qJX720YU32DB zMl9f~X7cM`QZQv6LS>+0KJ4vg;_Kj22xmDO=W}-F_xoOT&Sr6b=X!pTYyMv6Q)*{> z=I62K;2Owhs@ms%Cg?p9;(2E0f>!9ZC}o7!=Y@vovuNlK7T<`rXnzi#6vzeKT`k?c z=z4}(jpk_8^5~CtXPC7B0T}7eDruAM=8)cKt)1EVb!mu(>6ON;magehzG;~*TAJSJ zg6`?g#aN&Y>VAgVD^O{lCS$67JJE&esFv!frs}G;>Z``;tk&wS=IXBY>aPatuommF zChM{`>$67dv{vi2M(c?#>H++OxR&d=rt7-4>$}G5yw>Zz=Ig%p>%RuAP?c9!=p3Pm|_U*sAZT|c1;U2EwEfNqlR?(hyq?FL-&HgEpK>C581^Um$> zW@+|@Z}-k=_-1eUR&V+~Z~L~a^~P`2*6$DOZ}I+b77Xz29`MED?*a$y1200PP0ck;Kzr zzi1nS>dD|qugQTuv`F$V2lFr&^D*~v+n#X%Pv5`XMeD^$uL#O$sWp9=gcoVLotRa@ z$ywW>=14hIs8TR4-}AE|^Fb%{LN|0HUvj%eZ8c^iXGrb#@D$arw`rkRLGjVB||8>kzXoY9rmBF;STkqe3 zD0T#}bs0imqiJA$IbgmBIC_8uVnA_pz=P*vcVqr&ck-GCMTi1-k8pahhImg=c(?Fw zB!d%=hc#fud1!=gV8wQDgMxpqc#wlo*mrAi0)PK-ejoT#*Z6x(bq`*3yR;NYbC)Kb zpFNf@!mCd!dTRjt4X=9%C;JC?eF$fJdr$bAi-$s}hk{>+QOJGZH~6ogaM<5{ zy0>_{A98CEX&@KwG_P~mgM7$WVx=<*TtR${b5gM2j6*HAJy4%Yo*&Gy^q#y*okhA;gFT>rtdg50)@9PVmsP z=ETXASRbpb!>Ex=y^bI8%xlywr7~g^=RHaZix|CERkVE!IkF|KD8oEDsglxKsEZjl zR;-5(kJBhPiLzWIvtt`YPN0NB{`XPJOO+dm8l9(==|xpsDaKn<&+N*#jfBOe2rg8; zcywYxwMaD{ny{l#X_V^K3D}gcwuT~`SL0fsQt8EPTe028Hlt+5(+IZXDy=9FOPNNs zDeBa!SF>*I`Zes>vMEZeZTmJsD%>KX!tMJv@ZiFS6EALii$s5|x-fh|O&pgFxcsx6cpM6qFxB5kTnBL+Q!a;CJcGXB=ud83kB3 z9pUAoVn)$3N+_1ioh9aEk4WYCW|bUSGbD`hoFS8$#0UwdO`P3X zPdifC*p3?=ft9CIP}w*eqm4THD5R+wH=Gu`LDbu%nQFQzr=1RjTtozFC*V5_1Q5VM z1{S#7Kl*GCzyU`HRB8YM`jdwM+2wI6hawJiE3f+PqeHMK{y#QzD)td$mJy2PTW68ca7A?%a#^7d!+Drg z3G>)aUu|h))Wjcgbuo`N!sP@R3A2f^k}Tnv=#Efb+$UxfljJ6hQIZ)c(n%|ww5PXW zkPB~3OFcE!oq}2%fmLh0HP>DHX0O9jy-4)FKVvpz!avWL#+L`ZwcGbr}If?KSMNOMNwQ`gEY7?78c{yKrFROEl51Ks6&?U`mNIOft2J zrP~-Yss5OpNzr|iWlMh6IBM+}QWKgicC<0}Sqf z;AqEN8T=p!W9K`LVa6yWEJ-Qi(ita|tP#`b+grHzJFt+hgjC823ri6_jy0@$KH~}w z5%ZGviAg0;AOz@w=(D0I3@zu=pGK&_2|aDX6O6H6@!-@Mj&Lq90F<9cjtDxqtfhp2 za@pH(M7kY~CNrBkXrfU=QWGQoL98v1Bm%hZ!Dep*2N126X!+ca{>gULr8S|LVjASP-^~-7ghL_a5 zrZ1nV&24hCo8H7@G%JYBaYDqJp zk&+ahx0Gf{3;EHMvb3cxeJM<*c2aT1G=nRxDNb{$)18)drt#!y?rsXyp%S(Js74*7 zPycz;t_gLiPJJp=qw1-oI#jAtYpPYVs@1Jpm8u-&Dsiw1R%)VaTV(J9?rtNFT=k~~ z`w)VDg!7L05XT>`kdAHq5s2}yqC9G4>!z&5q1w#VkcGvKvFeJ}hh(ib{#Yzw-I}4{ zJT|Sn)5m=-=+&`mO01lnrd_WC*}RUHK5m8UZ$iruy8f!P5UH$cZ=+Xl_$oQBjaFuH z;}1P3E3s|;&0FItk>Gmju*4y*Zf~1h%l=k4!L4kkper2AVsNvc-Q{&bs@lg2A^`b8 zmj}TciThM`uE^!?y3my?ccJPXHP8WI)!T(`Nk_eKa0MF}ARux9wm|-Y$i_l|Wq@fU zs8uGwL;wa*31aP+Rx4mIHQ1XUeZW8m3o&kJ>m!0L(5eOQg)eiYRi07_fDF3|7a)>= z0C&6!0q;q$C1@p}eE`7%Q6$1vqh5(;96iOyCc=4)_D+gf2 zQRc9z2F$En4J!a_?Q?#NOkK_PQK{Jt>!B&SUHD+9u=^OpfzbM7w3-*ST0V%eFk6o= zGw3#y=K*ebV*4230!C8Yb0DvP>R_x=&JL2Q@S^&IG~@9 z^?i0(b3F$8<~G7}4RIvz-Q1VYP+`|y_DRFLT3u$9L7>fTy4(8s+wu3#C(mKlettXw z_kHpe&U041yTI)?b?Rluc*q}z|Mrx8*_Bm%z!tL*011TLX^mVWguuG=83Bk#sQ{k2 zt<`+J%6=h)0NfYKvDb~wmUb{%)3wU&5wNWej`7rEtufN)^oW!T zA3?BP?DZL!J;$q}j_wsl9tPAN{vkp5p(84qas|?@Tp&;t;y78$jnz*6 z$x|anA|ytlD2^g28pkI(VknlPDy||c`ca`()hec9E6yS<@*yL*4oaz_EY>0~_TqJ= z0Mz7SDej^#Hcfb7-EfSs0_@u3#0bsB=CA-lC6LUtr@v`#^SqDS(MLMq!` zIV7uv7D}3(eq7{2(Aoz06|0RTP2$EW{^3E^WNnn>c${Q5D#Wp5$m~H^l@ZrPIs~@h z-8bqaQ(np|k^(E{WK%xGvzcV9sbGX{-3T-t%k7;Mx=IC{0}7Z*3Z~axoySx*B~>v( zRHkLu#1?MM;irlx9k%1!d2RIVm$ zE@o@`-)qLEZMx-b@?UMi9|GDn2cONbH_hQ_FjYLqR#;#Z;KftIL3 zAP5^YfUa=m51fLS$%_*L%X*#4fbBt#@*R?TVbhgWuRK@>?m;M=-*fFsooQYq^jMY3 zoB)m*P#Q~P6;z54MPz8jS~StWpaaX`kW{D!JuCyoY=K4m!bd#8B-DdE(7{WTPNCT8 zR_KDB%0Zr9k|q>tJ+Q+R3{fUH0iLQ(oFXc0#Hka&!HixiYG|lI{wKZ2hr;DSd2n0S zjhKfdM5A@8se&p*B*cTL3R(t;Wns&NSc17>%dO*W~-hChCB=c=u|{Hs6n2} zgBjcbpT31m$U~B#PNdGpp7v>LV5_!bs&{ItNRlWK&Ru~KD8jv)&7q2`#D}TcU!P@Z zt3npE)mE=c8*0%?t|aB{S<90mTZ{G@UXkgrj!hPk&@0&wD!9cBp%OblYg4d8wNk{q zp6pC)LW_8-z3!$MM>8Xope@#g=HmHe6wv z2U{JiK+I~wwV!k~ENdm@ZgBxz{hIqRq(D@x{Sh3rWGumrAbxf%oA8NKd_|wOh5qOW zjCB4?&vwku8mcbr?8OZ2%+i52Kr5jHgU$vm%Mz}hdPa-LDM-8oJG4P2YyqLjDHPmm zq{iuI*eRa6YgqgOVFaq;E^10(t|R~|owfsH2- zvM$j&lhNX2ZNTcXd{==@S@rrF6iQ|MJz+Ls%)YrhUw<%{TA>fAn?$p?lAo9yzZ<6$0^F%Z<1*4JpN{=)9$*aZO}@VYMyjVozoHTwy8@H=9z}LN|Ij3p3MMK z;>wSDoWt7R2SOw~DgoHuU#cSMG>le+#+(O*@34Nvn^wdZU6Kp^kNV0jQn+qW4DC#G zLO1+xN_gwZrtaptEdZDCB+TpoS}@DX!M!5u&GxApyDYz0M9;>l8dPfsQ_SREjLYsU zx_$&4s4?9NYC05Zq$;ulUlJJ?t{cAv%ap7N@iIir{t#Vq$H>Ak z{BkWP$;ry`&^EFIL-HBlD=YUY9OtPbBWor%XN`vB(Te9kfO17}!%UoslKhKhxDp7b z#`qNKHFq$y$^)U+X&u;X-L~~;$g`qG zI^Yi_-|q;I@FD}s1_y>B=kWkrbP50LHjisJdo$M*C&nG8PLgx!pwUr`1Zv2PR;&qX z1hS(#GN3MQ>vnWL>#Z!u>nodXO;o%P=(84uZ$EaEZ zCtHtmU1yI-GYSUp^`+jmappB(H-%io2D+|nVPmLZpEO}FHe^Tk>XfvNK4*4HHfBq9 zV^gr+Ai?pDp8UB-SG475E827U*bd0pZ4a z{Omhf)adRmu!2a#w{6N!5Dbl+N=JkzUFDaa%_AJ#py44g zk!e`9sEd1SnTBwoGzeLi3Rqh8+^o&Oe{|S~v6YCCi-IxOG^E&ywb(nZi;>ZojkTu` zxB-nPa@d280$M$wI786D2K@LxHUX-*OA`{=oMG7j-Xn?6SdE3tuJ|6Y3|4SGh^8@l z^PL>98~_mDPKT!%nq`@JoJtFrnU9fWq)|8*QUj5Dd6og1aM5s%hgqHNBZw6tdwwQ3 z^KM=*8bz+(u?*Z37T9?VUoY4o^b%!uteg;p-gV<6Iep0gL)U7`B`!Y+8W3)DjOCyTZP~%#EwU|Pb9KCowB>zrhgf)QAt=oz_(#^Zq2DZ@Abw-(4~m!snf(Ej-{AmZsg6YEfRt-(AajC6*?j-c3WuXCWE< zmkksj$y@ut$DYxN7BmEWcqMq zlP1kAHF4(Dxszv4pFe>H6*`n?QKLtZCRG|#CCjBxq3*mHm1;I(Wzz8rd7L^ZCkf*(S{W{7H(aaXYJfl1$(y%U20dDAMmV;$N*^$Oz@ut!_x-_ z9V#+zpx*SU!3yjC8K(<>SP7tjB`gu~AL3TrK*If8K@TJf8}bK`Bm{t?LA4?I zS`J91avPE~iXhss7iz?jjztkw)Q60Hc<^mMR-F7mo()est~+l;>g}BesQGfgJSuwU z1b2$_ClD}2qG+ETM%=>^aVql1P8R2^Gez#m(5HjdG&JZmeK;ua2WmuA)3_?5jDa46 z{vii75~afvz83t^ql-ROi;@f@N%d?cu}U>7RozHz$RmkVJZKs}rYSLi1h<6KywfK1 zLmDm%9B5OEBFYa*;Dr7YD4Xj1o6yz@a%GR#5WC=$%TR1hkWJ`-Wiiw)Vm&QVc@_## zzuu|dS$a*n5=vQ4;3^9vQ`z>^&*SOPiQ9Xmz)l7euB=}fi zC$w|AHH#Ywoj4|r_B2fqw${);En<<_gZFF`p+--5^v*O-V0U0%DY|%KcHI?MKYZss zbuOHPx|e6h;!CqS`ue5PAqw+bZ^`{y89}1|0z|=*R(%7|IsgUO?qN9nNhAdStd7?s z2~N;>YVZVH@IhdauC`)}u$J1}lSc&a!~z#0yTxYFrD*Jy5vuuYbKi+T*PltF7jdZ; z$9JDGj6}Eb$^KnZoN}8k&wMt?HSgS1r#z3z=g>(n-SoXIKfR>URd3z(*R@I=_J3HP z-S*pY2TSL{a(}4y-hmHZ_>yFY{rBOKPyY7eUq4>?=bU<5IkL7}Ju3>CcH1vMB#5#r<%qVS;YK$yXLtb-fR z;Kn-YF~Wzeu!S#-;RrvWjT6o;g%MnbEo{g_TdZS*KMW!_hKR#w?9g~J%*i^Q0mFJs zaf(q4{vi~lNX2?sF@&G!pJ)De5=_CwOgJgr;aWnX48_E1w*t|s>M=wuYVjF2+|M?2 zrH*2BMUNKYM=el+id#gbk8X)$7Ux(;lK7(;fz-u6@PUhez(bNc!ABrbfku?@V-;Y6 z2P$x(j!M>xfu1YUK7eopD~)6yi(1hKG})3?66z(6(#b6G#lk7BLku#&f)u&2JAdHO zB8AinKL+W?WKt3;#$<~w=San1jszdGfYUs@5y_b#lO*a$ray>?5`Q@3aN~^SNt}5b zR7it~%{vK2G-VQ8mN6!{jEOCCVo!P5upVMS!9Sg_%O#qJm=8(kRp7BlWj=(PPdRA* zTKE~w6%O={Xw;@m8oJP!m@`b|l*vO$!w3enlX@oM5G*J55H*qORxRj`FP=uCmcA0E z>M2(XY#FwC*or>!89*ptW1O2#s1;mTNW4bYE>AtAN$&UnOa(NZp`G(Gb)2FM{`pTT z+9FH^{YM`^2}*-H@*kXR#wym~3~mH+kAGxqS#O~ZLDHj;g|LKoU(WLqWaR#fb9oO1PsTUW6Sg|@}25}hJfH7XKq!sC&5T`VNyii%DucCwsZ zXzj|~;D`@U!!9-1Vc znzE&%=84koe8-LXG1HftdxGQMY;PcvE^I_Lu_Y6g$;NTzEWflc*tGFQqk-l+oPdHM zaATLk^r{{i`OUwwwV@p4=wL^?%+A8MwW2+oI?$-tN?ww!jI`@~EB*?PXxyS6c*aM8 zC;8$3juND0fu=-RC=vh%c)=fDb0#mU%}JX!Oqccsr#bp!k8+ly771%6zq&_02hzSc zCh7J{LLoQyG-bkd<&nK3v5*NFmPw|Eu2(du|FDe8QC8EG38vlEK&fD0B3L|c6GzK# z(T?sdrb7RS3lMA6&CV!vXUW-6*}}Kgk}kK2JDkiyUb4XKPBfX-v5r9=+SG~$lYkpd z7HL~nk>=?yH7i|eN)LR}^_}tIK>goA!dMpoW+sUHc;m$7IE*AIW2dS$s4)f^Ox@Wj zQgKa??WRl|^iiqd7DVjn(y6*5LT*r@2}3f@4;i;Xmi}`K-&Z6Lk2<ZTqow1o?+ zO)cn+a{BKX{*TOL2=OxK{@&ub^v{VPaB*;84qi=sNJDK1g`OgC1LfrgD4+t~98fPz7snXKpYDeQ*O6@NyXN2Z<1S zf{=2Cun3j#d5&;$l5h#3PCA$&|?6DYCK`u4&E_;z9!I5dY zzyZ?;<^&R@V8S3*sddD07_8wd9nu*qk|7zAirA4Ft+6p#5-PK?9j3A#z`-81C>rTe zCRI`<+d(c>5-!o88^F>Gj8Zh+fE}r*A~CZaH)y0Spn zF2Y3&pjI;E9UuTfaAm0W#sHwfMe;+Y0>I?NVFh#`UI=sbc!c%dp#-b|0i3F)ZVozQ z;~h)@6ST!eGQ=YYax{o>{uI(6BD)ePr=cEQ^D)g*F5mGr(~%yOff?CxKYg+grl=}$ zavgv{9?Mc1X|pBM5iFn4C!f(XtsyC=2sS6O9*%M>8x$g`s2p9BH$^lSeba(stwh$y zOw`1w3<5Sp5+W8QyDkEj#%Q_zqdl!`H4r8{XXzarU_6Tpx%CBT_@#avVoAPf@W%KPc9Uishtg)_zS<+6CsUrXlc2|AZq)7cWQm!%h~& zlv8N10_h_pdPy(;8%Q9yEb73ltcFfioR*R7=%1C(|L(p)#*j zK%o*3BvV6kGBK(06at1(3NG+I58Pf^HE zt0hr_Yg3RU*+3Fu7Vozxg;B*TVlGA3Fala+PNgiB*LI2{7DZEYG*M+EB`dTW=Cdbb z^+UgsD5ZcC?9nWf(k)5I3`Ap*CtM5h?JHXG9~}t_!@FB~Ngc%J${} zR4GtrBoCsKL8x+$948oNyIA^1#UghPSDuxmqlWL9h#PUgcMJOo4{A|OpTI$fa& zKmu#PB?~s-Jy5tr9%LaNWIQw?hTXwM=)-D`^g=R3LHb6i;{;ou7 z@j z7ivXk1!Bt5mQw%|No?+Cc|~Tt_Ge`_TYGk;lw@BnqBv+-m1h>E@Fa2#cpuE53g{sa z>ftoln3aTJP~nzZR)h@t#evH=B$l~sltf4KARtABMJ~pD{YEfZ#7wGLIBR)7D8*9F z=t=rgl<8rq^kS2Tq?5mge$fB2vPbQrDOP4p?CRJOWYEWIbbG zTZlyn(7_P=02;_ZOf(ukR@j--#g1>K0={ELSfPX`m^+5rMV@9t0wEhv4qhf@R@xN|riBVTTR0+0Sio!hXi6kMA|+4}fTeCY57y>pqXuur zc&hg~P7LR}nEJQDBfaO?Q{A|2s5oduqJF_es}-DU}c#j-ql|0H@C%d0xyQTcf z>*vWI7t6U^bEw=oth~#`oG-qdIl_F*(Hy(A9COpW&6ju0L)Xpa9DLv$b?5xfhosDt z~U)RqCeK+(RIr#i}kRj0(ebE`c(H;HKA^ttmC4JHWqsCZz1D60)^R=8b$!=)z1MyH z*MU9Q?I9dU9R^LE9tNE`h&^yEv4M*48<0KOkz?79qR@BaYX32lO=2K*jwfWTgq1>G zNdwxYecFrt5>wVjUE)PiqR7QaVyrpbm2@`9z1($!+Ks~6bpzY`(r`kua8JVBO-f=; zGAYD;H0s^nX9M4hLf>x#+k-O$iPJb$DmkZ`rQV1=pVM5VlRB+4UVzJ6Z^cLAqo;;O z9$cwg1BXErq!p|<#uUrkSkmd9yDs6>o)`Ehr;1!gWp+JUMXT*7h6H> zANE{(dt8U+^=7@P)$gWrN?RV`Y^V zB3u?`M)bn0amYm*u4cjNR?|1wmcDRjQn zJ37F?7`&z?SW0E1mN+A%sL)AXPqTODv*R0kV6dEN zGNj0nBuftbM$e?ml`LDjdaeH+m$+_`k?+I?6S=GlR1 z@7itaH!xVaf(siyyfp92y#o6pRtxyCK95+rF)KHOv0ixMBDH{jfIh;lzvTUdg*SR^`RNA$txzy7cMPt6RU0 zJ-hbp+`D`K4nDm2@#M>!KmYu=%H+&v#%?d$p8War>)XGNKfnI{{QLX=4`6@-4oF~u z1|EoDf(p`SlR{L%=N^O-PDo*eO|fU8O7CUJVTT@m_z;F5g0$g?CZ335aU!NjQHd|r+l1eTql94_l$z+sLPPveSXhjJn zm0E5|q?0>l$z_;1qq;^vAiN!sGbt+(ph6eu`{{7DZppadF^Bi+!&=OR&)Q854{&253f7Z+Mp=Ra5wFoZO797 zmXfu?2e*@VJy4^9_b|*X95~cy=TgeT4d0FS!1c;v2gn|`{3qlBtL=z3k=Fx`A&m#_ zH^SgJ?ztLv7(TD!YP@T*EoVmzsLvo({Bzj4e><|hm;bpo-1dT#cf5i7$#%>yZ|&#Z z#}_SlC($VX@6q*OZF1krv&=a$GiS~D()F~%J-%kY3r@q}2%J6imjj+O+44d?Z~LX> zjc=f~e}sFCK<^H~iGZtUDr=kSyeGVAFau?5JKO=Gce;huEpv|uM#BWh2?+|!U053* z)#CR4I+FPbdg(w|*+kZ{j|HlPBa|1(_O&&4xejfikQboj2a0%5&4cTR8T4w`wMl&~ zfJD@ophCAmh(!;9E1O2s>ZQPUT@He@3zWasQ3@%l@K5qEg)~e7uz%&xUDhL^30;W7 z>&XIq^Fb8^ zoH#G?5d(UX9F)rFSFkF^3l)%PUiFHXMfx#qV3jmq8ppS}HtM33isYCa{lvj6-tc&! zgWddSrpCGP(Q5nCNdI8;zd;JqGlR-x^UijMR<6vEjjO}k?1oJ4olboVOB)3Nb};_e z1+J1FWG31^@vgXSZkmj&rsPhkwzItsmgWp!_+lu<464qN4s4j&R%b&H!fu!P`{S$v zIn01w1YF}vl=TXVP(MngXS5QiLn%Vggc2%y60K-GdO1*r0`#FAbx1@lnz=z#5v1e7 zs6~GHqF{DZcONCGODk&9ilCH5DqShqTKdwQmeijyJyA_<8Zf3;s3sv6Mwo zWGgh;%4+sQm!(im9*R53U@TWO;T`&i`*H>inO&&u5&rm86&{T0(x*OgFqw+mjk zbQeP34X=5_(iuHW_q^dTz_`ggz!y%T>4 zjNr)tSUCbtu!DiMU*JA?!h%_FaT-kF3}@8964tPX-(q3nVEDr%_GpBSTjCUhCB(xS zv5H^JV&J&=#VL;QZ)Qwm65F^pIL@($cZ{1J`#8fuzKxKFJmDhS{^rO?cCeCX!{jC- z_{p+~vXlo*<=0sG%Kgo9YPQT}{CXKRU=Fi<$9$SHo0+|6CXJfcY~D7H=FM;hube?c z=Q?Zm&Y8)xo~g@c%=r1w&JFZs22E(>8rm|5PPA|rJ()&3nzxXajHD-R+e$y?(wL5| zrV+#GPOtXUhY7W)O-pLSnEKS9O?6>b&1%iMS}?GVHDzZVm|EM~vAFh&u6K>tUf<={ zz!t2q|59vGAG@c??*h?!xz4@CbKm^D#GMhudWW9ipex1aNH11v)&cdXOMU88ue#N*j`gf- zed}EBy4SxB_OOe6>|`&y+0Tylw5xsXY;U{U-wyY<%YE*2kNVT=j`zIleeZnlyWjr~ z_`nN(@PsdX;qPwv#4CRBjBmW-9}oG+OMdcdM?B>(kNM1Ne)F8~yyrhJcgur*^rSDn z=}(XP)T>_XqF=r1Ul04(%YOE>Z+q)&kNe!~e)s;o?>*&j@B82jfB3{NzVW>d{NpQs z`OI&=^Gl!n=SzS3)UUqv^&b7}Yk&LP@4ok^p8fBOfBfVxKkvhD{`9MV{p{yF`r8lx z_{)F(et$px?~nid>!0;K+rR&^*nya0fmer9Ay`l&_;whmfh&l69B6`!@_{7yf{y}%Ge}Y> z=yoc|f;$*{E@*>@5`$J(f}*9!RLcVNGL&Abwl`rNeF&Wh=doo zgiXkWy7z=w7${OmbyR4BRw#932!^_1hW?eegtArMreoEqJ<0b zhJ7e|aVUp$c!qgcJ9tQl%Cd%Or-OdTh?ob6X()(xcZj}Xh?CeWiHLTK*od1Ld5;K& zkqC8Y_=1=yik7G|dq@?WsEVZLiC74V>rjdzNQ$P2h^UAbtB8x9*NTne4muD30e}GF zGbrMs`00AHX^Jor7 zi2&52`EF8f&vd=nU)?S3}`b6^Uyf2Ly&@rHmU%QXsMQI84QGT2;CSt zdkL8BAduNOPxbJYqa%zuX?8s6lb<p)e1fFbuN(z>EiViZUoDib13ZYP?Ef|2!L z4yoymzZjLg0FQn`j3WS>vH6kx@-Ml0o0cgz<1+|e*-ff~lF}JH{GyokaFa0UG2K9r z-07Zq2`KGAJJy(?6S|#;;GxA?p^90dhB;5>Ntr6?Fc}JyGWjYI=^68hqk>nThjO3m zXbkUI4?fzF0E!3_keaI^o1OA9fFlgLG?u`_2@VRJpHhjCSxt-?o);Q1GAc!nAPpvo zoFfIIeJf963%}Tu9mxv=@T8oQq?~dz-*Y{dNe9DVL5ZXb^S}vWnJN)F zq8)RW!SD$Slb&~gH**;=?Qood;yMBenRU>YW(uol8c&C5s~JQGrGTrLxiEK-H-gEp z#mS;>8U8UeN{R5P>4tM0ig))_9tI(EgXvOPO>ESpmTnlzy`?V<>wj?#SP*}ERo31vB zwrgv*Z3|LwdxUW-x1CbA$XBs;E4W#Qw-%+hM98;&OQk29ii7L8glmb1TZILxxMaz= zxA?f3TXhP^xt;5|pSyr0Sb?JpClN@xr;EC8LbsaBx~D#sEtG?~)zE?*Gwh*=NOTYC?b@96psjI*H%fJ2W zzyAxs0W81+94DXf33Y(L39P^gY{1SGCxkErgdo8aOu-dw!556d8LYt@%)uS(!5<95 zAuPfpOu{9MzXeebP{$1`%ni@r!Y>TNF)YI~Ov5#7!#9k>IjqAw%)>qG!#@nfK`g{W uOvFWO#7B(8Nvy;)+`%sV2|WA>GC;snOvP0!fwq9fSo{o4$HlS{5CA(x2PIbk diff --git a/Media/Images/ConfigWizard4.gif b/Media/Images/ConfigWizard4.gif deleted file mode 100644 index 395f44c6f66b81e427fd3632ea591439aa4b00a3..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 20245 zcmV(@K-RxUNk%w1VekT`0(SraA^8LW00000EC2ui0Pq5)0*C(q{{R30001EX0672v zLjVF$003wJA~*meSO6k)04RF^IXM71W&lHK06&@lW@Z3pv;b;q0BX7gPM{Acdl&!! z7yu#}07DreBpD)f88uNEI#d}$oh2$SC`4T%S85?ssUmchB6PtZc)TDJNGKe6Dkmo? zTV^x>05Sj}GXO&}8$>fAbT2V6G(l-ILYypq$2kBwIsj%k0BSTDA2v1>H#j&pJ5)42 zemGQUI9`}JXt+CSYB+S2J9Mi#biq21kT{dtLqkJGUT{N%l|!DoL!RPK00&A4N>LL4 zOBOLsH!V#ycS}o4PgiPBSDsIFl~E2)RycuIOC3~ZZdYngUy74co!nJGE?ADeX8-_Z z06Aj|S7i-ZWf=fv86ssFLu4CTWjHuxICN%IZDm)UW@b8HU}0$hX>AQ)YBKHXiYe6T}N$XQfg`dYHBlQV1#O(;%K=4aS&v8I1+DfUv6%0a+|<(!S8zyY=0jq zc^7PZC2xH(0DUuaeMNMBgu!^d4_# zm$Hhbz>+fnk~1QbGeeU&0FyX4lQ?LSJBE@^SCUV3m1S3zY5&sj8{AWf`_*IJRY1vT>=leuTG>L9myIv6h#$m8!Y7xU$pjw%d@n zXaK%@9=&@ix{@=$qlvn@YQE|1xc~pav6jKXro_a=!N`)r;<&)>-@)(y&4eM%wq?z> ze$CCz)|F4uv6k4|melR-*pf5ZpmN%!Aljr&-=kO9rj_5am)f{!*SEmk$=TiA-QfTK z=d>W@zIx%)|LExD<>de8|KjTZ|LL}6?7yS!(Xs8;m+a%K=jgWW?8fcw?eG8p^2SZ~ z_xJy{X8*cs|IUB^*pmO~wg3ON|Nr3r{{9I50RIUbNU)&6g9sBUT*$DY!-o(fN}Ncs zqQ#3CGiuz(v7^V2AVZ2ANwTELlPFWFT*$Mqezn~UCOkn)2C3QN}Wozs@1DlvufSSwX4^!V8e8p z((S1}PbPq6>C~`?Fy8J?=l~^9+ zp*9pYgs4HM9<&G8~2x7=9;}ql|A~BMQLI4IpL&=x; zEbwjsD-Hu-sV@eghZg$|dM}3#nqk1M%=%M_ENCdxPs1LrtD?IB0MTQa0CKqFiTmu( zFRuIOI*`Jv6nyZ<4ubM7ml&T+34s6ZYqB!>1^_{y0b?8h!CM%NaL5P~q%+TmsE9MZ z9KUOE$vsBg^T9RW46w~fXZ(-E_!302!VEhM@q^j~NMY1hKdlVLOGm4=X4U@F_D2X7 zSP`WQRig;FcG!^y{uf+?k;*us4umtVC*l)?pc~HVA)JCY?I(_X8k#s8<>0c)m=SA1 zAwCE9$)PrGdOj$LW8!1Oif9TdG^-=e8+nA3q}eBioIBj3;i{kbdgDw(C_3a?#F?zR zkCWKv=AAeFpy;6YUUtdB6Xdk-%NGwl@=pLJ$EcbQdcj19K!oGRd$G6Lg*h zSvNfihRJ~bI;7wYb4U;eQV4?M3)7BV7yuYTsDi~hpA>J>K9gKaZWEy!Lx5q2E_6W< z%?O;YE_W~m5(J4X1RBXiNWul;Fj%YN1&8*b16ld-giu7`4Y|gKbyz|etoujUa5XF& z+U|)ZWT6EUDUd-DQH`={qd;b;wRwebh{_8h3VFD^Otz6^IlLex=M={|*71ZODitK1 zm&Yl(GAC6e38b*~5G^tU7Jf@doqD7V4DF6gE)WAM@qr;6G0ucndz`N9B%$*4sf<0$ z+~-24%w1{Ybb>rXoFX`o+9flIZ;D+4#b*#S5s{eXfSlvzxXcFbj7+5XT{};hL-MU+ zSZ)4t9y--Y&uS8}bl9@9Udd3J#4<@(WKu+HsV#wUiy`y?20iGc zy<*<0RKqCMiC)A2VJ6dR`l1lVoLQ`1W=MM??c^{4l(vqx3F3rN!_HuSA3QQv?@GEs@jk2@<_B3wmM!@c_TuOV5`N`?p6j|`(-g-xttFCti! zG_zTYl}NvK8rjNPmLZM3tY$aM+0JCPv!D&FXm9e_(VF(Os5MDxQ_I@cx^`|A#s1H0 zXG`1KDrB{`&8==xi`(7$_P3htEpUfR+`kI z&F))b%OLA&_q*D4Zg{Q>-tsQ@K2x9%dCkjS;7(x?1xfFG*4y6t=JvhuRj+;bt6TgM zM85K&FMkJ|TK^6N!0{0R)mu!lzs zR}gnc#3W9!D@~jo6s!2fYh!UiNQRIyQPwsthOv$lC1b7G@gRD|O^$a=Wd8JcWIr}Y zkZ&{OB0G6LM;6G|Dq)M2X%9dW5F~(Z+?pmo`OE5wa>6K4%o!N_q@9Ck zKhOC~HRCdCB0cF&7e~y{;k2hm4IEHEN5L2)K(h#25q^vz8maLIF7}|cTNuF~leniO zXl)TzGo&3A0FVgku@G0o8Yk`GKsnm+gL-Jg2sPoy7kCYkWF`C2|6n$;M|KMU34q!O z(Kbx>!GdEKMBFIh2N)px5p-*f7K!+bshuNWbwh|BqEJ;J72<1L-}}`cF}6!&4epWU zdStVPh`$H5?}fA@1IHd~LInPhXWyye7tyxG9eZ$uw1Wy5zc{x32jXsj++x@fiUhP3 z;%MGtPx7I{uKYXS>-XSN1@zer~io1ndaOI@jGE5x66p z?jz&5M|K|Xo>x~r0`^BFP%hnhLQ+eDQ z(ZJZZaetv!5y1;6Upl#AZH+x>yX!)GR|28|`ewJo2d98~5b}Qk_Z9M=84WI_X zwrvE#4`omeS!Zt%GHdEbYu46mokswOKzCW^Z?4t}s#bggNPq#be-UDM&_;p;pbC?> zc<_J&r!ammIBe*re6)uPhkycJmv{hzf+qNU(x-pvS8gU(1T|O>-luz$V0+M(eS08q z7x)j`hk4*ug*4cHDc68o$bmnw4mrnnd`E>z5C8>`Bl-XW#Sj1!5D#St1NFcUQUGgm z7!CYTh6RuetN6$oyL=mk%RiUQFN*T;&5 zm}`;I*=2yb=x{ts#Bfcj7Yx5f$zV24q#3NcxS(%^Mt=y!M( zUtBshD? z;t!c{Y*OiUi?|M%PzzT8fy?H9+31+s@O=HJglOk);ud_l5NOxfndn%Hb4f$+cm*l= zgXss4U$~h2=z)&u51|>0k5-8h@#&npPzKYWn%L-U1KOPYXP}lzY@SJ)s$iU_nVhTUmUwA!V|P!%sFAKYi?Qi| zA&H5vrkz+yr0Y|d=$WYM`GoD+lke#dtZ;_)NfP(D90Ilvbg+*c zu#~U2kdL;JCGwv&TBDk15GN^pMktRbnu!oMDCO3mr^#)E_l$8kZK+z4_NQz{DUbe$ zqQD1>(`FDy7or&gst2JB&Up*IC!H$Srvb`;uiAD%I;->7jP;P1tZJ()Y7JCC2(oqq zG0K_MI%5{Nsv!BQ#Hg;yMvjn3nko8dF*kn%@o^f6ikg^#OZkNKm~tpreC$Yv!+NEJ z%BtyjYh#Lww+fv6ijq!8pzgYC>>8>Zsf-hOaHo2lvl^STD5_NGkpOpeT>5*@%8J3b zlJy`BaL5lzaQ>(;*|G(^}pPz7ITcq-X#(585)C#zs5dqzNl2;c_RCrC~ zRS;|{sg|xdfED0Tlt;A%7dFc$qPk~zLb#8?7JV;Af_NIO(D!-4hJs}>e$r{RSUZpF z_kuCPqVyV)KPrh@3yhxExb2VwWe9|vdxCN*w6KP5c*}e*)pYuZi359jAHW2yS($NY zd>!bA?3Z~ImukpKr1Qv{iWj*s$U0C?+evGO`LD9uYR-OR>hl@&VGuxj3;0?ic0VD*VEs!NS22c%>N<^h%&biH?FN zwH)!l8XWKr&6BP`@-yy@mLBs4u5(KQVBqzW1LG(QN%{v9Z38e zO574nys-oe5>|{6RE(KYoDys|V>P_R;L*jpLBqBuz5=*9s~36uAcI8=OUazLzap!$j`d2u!>X$&tBmzni=mjAx(04pnu?zo4U@>t z;HbQq&oAdF2I0a8%Vz?d1uXx;3vqfLcP$p%hyb7I{xFJGsd?(NqS{V zYl^&aAE>pyhQ9DR4qwd{9% z0J6(rtlQ1O+c<_1|4qRpI>l+65D(kU0KQ^-?Ohj9;JLBj8xe|cN1PPi;4${#fJfj# zCmb1W#ys2*3m)Pc4lM#+8!mj}EdCNHP8%!U;xeuhFFqSFKI1sPzXJUb`LJc#(-7K_ zWf1`+J#phXe&iq_X8T}fgR&X89oHCE*X2@C*et<+x%I zR*vN)Ob=+D=4!s?XrAO8o+Z)KI#!bp5I_kF@IM>EO*OM3{w?$49fLtq_A>9(B7C5IZvJ+LIjSomJyE*>7+L4wqEH&X%U`tG)=S$rk*VMfI2}SX#YUyjou*zB|u>= zNU}pY?uh7hU};M=<`psPwC-uPKIyn#9vZRb;6o6mt}v=#N9MHbrfv|%o-wSZR|9m@ ztOD)Q-s+Bi?O2}elD_Q^RuTE|B|&~n0&(v7zyq+t?AjycL{93sqGoB8Ci$>atByKZ z<~i|B*8*a_*u-@cpv>BE~K|%bqz_)4SzxG(wIu1`r3) zu4s1D<8mnx7Ju=DHtEe^B^v(`H9lw@VGBfG^hRIwI{##n4h*1R3-=E6Z;l=}?)2Gi z3rX)}Y~BpEPz|=AQER^O-PPe6LG`w7^;b`1YtHrLKo8_#3(fHLP;cqaHT3pw_Cr|5 zVq2=5I21G!LjC`Pz`C$^>FVIK@VwkU-b_-b@+D9{_qRs zz;*%`_%HFW;rgIrpaVl!Y*>u=)UoDoujY(T>2aUyd_DPPFLb5}t;E`nCZ2AAT7iwb zk5;hz4zb3l-y9kL_@fc^$R+!eZukD`fcgGx`&MU_y{MKdxP_5-dLuY>@|?DLdg!v0-2yTiX4#qau%kNk5#_5eXo z;6Q@(Z2d!s(BG{9MiREG;Go<;eq*8~Ojz+E!gfE_;o7tB#l(LL9dgWYaUY9l+8kDd z2D0R&Rr^xx`PZ?YKbjbMuJQ@e<-dJD;EimTk|@i4C>&}NQBSAFf7&GGi?h8$iGQJwAzx$p; zia6ttdv7`FyrNK^`KHUwJP}7Eu|yM3%x=BG!b8k36kqHMJ-^iZt}=x7p@Sn1*5PC# ze!y5IK7^<;t1Ovrd|{nPFiT1$mU5zkxP{O{lB9j05M-kvA581MoGNf=HKkUHhC;0@ zoKG{X&diNN;gYZ;+hPe1?Ulg07$B=oV!RJ5@qh5|_7B8UQr zjUq2#Q*gA`8cMLK00;oe(nz&=jng5&K+UYz8g=iov{SCb?vj>E-xOk56VyWR_osIcAwfOqp56 z#B+A$yC_yLdJ_X{DEDdFViIZV_FkK4aYAQ;x8g!#jv(e}5O{@vw&Kp935;_|}+60k1$;6Z^#YEJjNql8fMp?#l9z2dG8QxfNsBpzBhYrJmmb>X zhuSbAT!;vleB^O1xKITEOT@&rIFT|0B8hxV=)UIg20Aj?T~xd^lt@-FGh=iOrED{l zpFHX{4&aS{-WW$x&TNi(sbgLKhX@4z!+-}|2PGI-6$nt`H9^o+0A~402ZZA_16YLs zU;bmnVORkLLQF_M*ia5_AhRmN{D%Sq0L*6wfPli(B{pYyH1xR+Bl22R1uk{4Dv5*_ z_7RO6buvjKfU_e;F-c2uwE5H&*hAAvbCQ&6Tp#sH|V>~KOnnJLpRu*GTwaZiG^22<1wJOfcOdYhr zz_beSs>)DnNX5F$Dy3GgZViG$MLN-KCInQoye(cxnik4U&Q4ykY;e7X*}7mIR_56{2fD3p|FZDVhtkZADdE-Mj2oTx1e%dap)Yx)@iF zXr+Wis!H1HmPC-Ri~v@vDG>z%Q<~Q7Xl)g$QLX}5Q`BthG*|J;>2`Iw+{~D+M5SH| z>o0kOi`wI?qtJ?(x56I=F7x(rhAL3n@heN#L5RX_cCDw}oJ&Q5^6|>mJ>UD8k zIERJX-Pp%Jc1w=o!nrr}7|2IPvXI}xIXoB{$xptqlHCI1snrLVy_hr|?0Iyilcs0GOxn+JxrgK?(~Ksh<8`~k3|%}` zKTWq9TbxFhr{yM>Ga#C`g8{}Fgkb7baRnjNa|>|kgA;$mLMqsEb+Yjl>C?%Yd2u;| z4Gtmdf{;VkdBAjrpqj<_;8WS())TDxA1EK znoy0CBGM;|dX0W&BkZF`h2`9$O-oehR{c1o=2u_L%_V-GieJrT)e!m_#Lft6+d>FJ z2gV^Y;zpwi&o)f|rbV8<5sh#%iy(@G4F5tXc7+7@5H-L>3d|{yg+!i-EE)pg669GOHiDzz6d{6!15& zO0CnPt&8Fi6ks6R=p!^-j0dE`IRp$VJU%RJ3k9l!|5C6%!lu^{EzoMgL`pCpoD~FX zLnWMzSNfz_LNUIOL)P)V%AvzKw8M$R!?t)s{R%4%bFD#StJ=b&Elfi*alhyI$E2}&?v(i8>|1E4S<`Ff2cf)J8m z#31-D7=%Q|00m%>3u!#MjDothFcseZd5ff?#yhjdOf(uZ0|j#6vnB#P;HZJu>qkT~ ziIVt*L~09x9LP5-NLs|d#Q+6*NQZ?isfJ7qJ(!PI(GrQAC%C}Kj6AcAjKqLJNN5a6 zbpsvUa5mvJr6{>I(k~qDIK(Ca0iZSX5jgX$DyfT;!zo?`Ks-(87Opr!`m0a4D3DS)FiKLs_ z9a^zGv}DSm(Hl(U$TqV_U`U6!(8sn@lp>hRdYd4gz@kb~C*p94ZbLS|{4uqJ%E&lO z#3V`J;s-InfoR|d;sGju=n?*k0FoxTk(!D;Fj|t4yG+dd%bE$yS&T`4$xVj5NyW?z zg2|<_h=ka{E7X`3Q2MLDqNGXD#=fM@7Hdj?ddmMRk4dD&=bS&yq)zPQPMeEPr<%_6 z>(24~3+)t7@Zm{G-sdywC#ezTEq?4GqxYE579^HxaSU zX#~-4%h1gvkHk#Tnp@HB^o!2)%-(!anv2o%{EK_c$InE%r=XM@#j_k`Pryh>ksL`I zMY$yvQi5zy5_`}Jwf;wtL{f}!(Iq{O^=VQxBht07hiza7nVHFds7dGfObhx)D%sMP ze9{+-QXJ$4ZV(4CozkhSN;6ebT_Gn`SyMIzOyzODyD*11?FMy-nVED;tMn${T$S1E z(OD25?M}1Tv>(T`=heG`ad*Fs~hzq(rpn2d# zya1~gF*94BQAM>YMqLmu8dWUozB;=LRUHR==mvS<1~8oqwQ9z@m{k<9(1f^BVMDcE z{jy)Zi+(s(b|6-DsMI-?3uTQ}W(BPic~*otQEF{9Yqg6(MTb-cQ-3&BL-mR1+O9N= zCNw|>K;*&k{_3N)@+@gGfKP}hA6&u)+>UZZ*S%BM1;o_c(1%PViiTCeYuYMh)dB)K zv2p;Zf-)cm3L;$muIwT$0BQ<))DDDASgc#v&5GBxU{_|us(sjjP(%nc>_Q{rSe%uB zu`;MX)TIwR*pz+F?rVa&=+=bT)|$=MwD73Z0@sGRS$@@7_h=>#1KN`nTH5Ts7N84k zMOK7JTCiQ!wAcq8V66bFS^YY#Fq|li)mZ||!M6QH@<7?Fb-3__NN;T@WEZ^-Jgd_)G z2sP;~JjDc~IH5?36yK#HU!9rBbU)-LU z-nJk<=fzKtgvMsL(+4_J57MBBfZqh>r}>?knUvtSTvYu{HSf~ke&S#{^+;Rw)DRY> z`x%fDHsJ*xGwdbI#ZciD&Q%dcO&?)97%rs~KGasM;5RBxAC6(>l{5z?P!qLIBWC_F zAcmRUbz)ML;WeY-q>Y7-ZMg$QWGUfOwKb+?lex;(7%XYJpEKqhNDKNvBK=pJpIvX+EeM+tCu2M z7X%(MoUp?1q^roK8Cn#v$fQu=UsWCvR=ya749WCGWfm4TxVt2dumIx>-;2^6H{u6T zU<}A(p+s`Ie*m^AGUj9vQ!G*wj;kmWv#r|Lpok*3t z6X$V85oETQF{KB5Y~~!s(o9m*sC$+6Ax(?W6&5lE(esJ3pp%Ct3Vk~O8ldKCii(Qp zgk5Ginb?oBlub?b=Mn+v4y)55H3EmIh&ihUR|OB35w;*c_+c0M*38q^-6MjVOw- zpgJL0rx?Oz*0k!TKIU>Bx3uukSxe!TPEvQ~XRFS)4$6rhh@X1CsH%pJd0IR|012iu zYbogopam|bX6x-3zR#%Kw0p2E_?&GQMgn8ub4l}ooxN}}z@7A>KMwsp<@6j=DnM`jL z1#dRP;`a93_oighmG5L*Z{56aSIh5vLGS%eod5k$03WpO^8f%QaE+wzv{(TIPjElA zO+ZD61|RSThcg3ra0?$^LH0Yi&hYC9UJVDF{%@`VbPg_+=AfPEk4jPO{!=7_Y+xC(+pTNc&~y zc6Meoy=z+rhakabZT4{~ao@MVry_5QP3ma((emVYTqnmH4mUsXKHk1i=ld<_7spa~ z7E62n^41pBP^A+xZ;xMbpQKuIHh)hj57ZK6%YPVX0v0(&O;b$`o&}+3KaXcVj}Anb z=16~(1b_zkm=77Uq7^baN^+k`zh^^NPeixAXM^CWq-$vP(I8a_na&6=m@r(?pxI=( z`j`_{naH3HlG>P!cf#ddI*HvOnAICcTvm0yb948D^XyIMwv2UI&+WCCIii{uRq=6g z!ju8w2QHx}VK+-~ccFv3WvzghBIowCdUn2$@pk^0l@NMa=0I*CG$ciUri?{oFZw)cC_->%L|jM#<%iW3~s5jN3xZ3A}qHTT*m zs&yYiGVzRzSCoZ!_J*em0hep@h*k@l)^B3YvRD*?@ua23o)^wb5E=OScq~oX<-aD2 z7owD(w`P}z_6T2$Gl1+5w~i2Jda{{!b@}hA&zh?rm#o+N^?LZoF66J@;;@%`vgc#7 zuW+;nF|HREuV;IuareV^$*DtP?4XmLk> z#nb*Q&+>5E$t1RsaEqtX93MO(|2PX^lFC>QCUm zgH5$2_^MFv%)o*N6E1A{Fyh1`Q8F$mlch_=k`>p4dGlYjbUcG{-gy-5+@q185+q7j zVcWX{KP&AE_G{N@`%pmD##Ebwa%Xe5-D(=}!nb5sx2pg*Ve#As5l(LI{5kaK(x*FY zZ2fV|mDIO)tgP~8W{EvH1NB@wD?{K~Nh{pC9;;D)U{=L`-S%JAbyEqp%@10s5wo#Z z*IA^g=ah1JF~=Q)4LbNBgwa{o7Coj8&-Jkr8SbQZpWY2%=Bs zxyWN_lJJNWQ(O%Kk5yTo)}nl?_@iZB8ORo9Z*kqin^m}-_}7B(X~h(9{%~?tnFI;h zB%px`I;dbtqO@c|FA>V!lZlN-rIjrb#E%yMMg>}5?h#~LQ)el)qo2loz{HwYrIwUh zHtGgiS;Yn5T3wTVv4^X#M&l}|e%84tuf6*EYjuX2geXCZ0{dK}h}p6%v&}MlEVR)| zJ1w;Z2|H{|kSTOVwUl-HEx6%|JMLoFRwL6HR{mowxicl(F1+!|JFlSTrj%`ViP8(x zyZie4FTepKX7B#F_*y71NBttaFvATy3=zS^uKO@X3R8SB#u>vKvB6Ag9FfHzi##&P zi*gK;w)&RbP{=F0{4&hjovc#I#l~Dv%Qx%1GtV>4EKzs4XMH_vzML&lWG`lbp zjWpCzN3AqSOz-@()LCnNGu0niJ@nRLi+yz09({c?)?=%^Hp69ibau>XtK=-*%d&kp z-VM6V5!_BY_b7wIcVikUH?Yi2O)KKZjfzK;WW)phY@P>g4juoMDAK%~wfu!L_8Lnatx|l{r>f4kNz_*^Kcq&CCyo#iTGMYjH z{^&k2LP&mcM5z=JKoz%uRT(q+oEKUoh9jF{LqO4!iRdpxC`u8W++r6ly6!#b+anPD zI4Atz02Ny7f$$PpBShvXhdAQVeTYJctT6F`USXaWR;bBk9)^<@@ubK=$&fbo?v2V* zpAzS|$|jl!DMm=-5WgZtSt^7dV!#1x&iNHNDNh9hk)rbGP`YxklRxU)hZCM)syHRc zn^74fGXqK(XHo>3ACu-rO8FBjCC@fsQYDK7A{PS4A&|zglyDYE&d+p-O9?4tS@z)q zHLQ*`wxXg^LW<4N*mG6KnPdPQu#ThzU_b)BY30myxvTxHZqC9fPzguSi5OJ=V+ai@ zQj=<}GombCHUpbdqbgO63{@gQ;}%q>s@1JRjHxO~*TLe()v=OwsX9gDQ`K13wQ9Ah z5h-fMj>^`#3e~GXbE?qPO4q&O)U6PKE5_u?*TIU-uMYw2#RN;(#Y)Yv4nZu%6wBDj z8qKi{f$YO1OWDop%(4u@tiv?R+0nYpvo66a=4?mW)zH#1GSgD$Vr4|(cmFf}z z4Vr!vG;;hPCJoHoF?6CVFs)5%q9K>1d=yn$G>%69$YA;kw`vg1oMmuAVK?^Iq&tdD zYycxZA6;O0ub~v4IPlA(NHi;|*+&-P$d&m}3M%}V6^qd18%K6h}4E3F@r#as7*K+)J&!4G^BJp#hq>;AO{s0e7qMg91w_ z+=nCX(j-B3=v}s(&aS0dvgh|VR9C#?7kanH@H?5=Hp}BCe-OyiDDsoD{9!3i>&ja$ zbA-J-uQ8uF&iz&M)G9mYKG%7j&4yR3e)s1_Z0DFxKqD+ za4&vWc;gxCUO!gVi~jYo6DsUCCp+4kWOk;fz3oO?{(HRLF83k9z3Y-8`LpJ(cY@Ts z1yR2{$M-(>y7ycq)nInB_a~xA8)Y}MtS1LkYGsUAS0<{0&j zDPKelPig>^fb|*}SW=hR#yUupDWFp^DHM_ZobTnCsWAit zo?v_J0kQoO`nfZC!tHlK-%)y3V@1>)(Vd+>{-Z)9ox1QG z=K-WaF2p@X){8xEDmf51wuY|t#$8cn6&av_ibu_UOOWBlM16&&D4h!P;4 zS~Q+uUZ^1X2xDnP0>p{JdXWj~=n_z}P|a`GO7nOe49 zRz^?Fkw8~=L=AzZ7B1yjzW#<;E(lhpWqiz9FSTX+Y-L<>L;^CIvoR%Jo{#M5-j0=p z4{qCE0w(m-Tv0;gQBK&r1)^9clCRZ@Fa9N8lG|NMrdtXn456bt=2vEFrZpiZr~C=0 z48<6=NH9evX;Kbl4(3K6rA)TwSkhjh?aBjr!RpZgUs91>*ye3Yj$m4*N5rH`F4R!` zM}qtbi_lbVINCR%$3D0dRxan{xTL_Oq+u!^c&?Us1`K&x*hroydYWb@q2@fgCpM-h zz^o^Iww!(b3x4M3$?d1V^rwG%9DweNfDUNI6)3$ND1sWBg3b$rHt3u^sJuj|gfbXE z>gI)}oj`J3;cckk{!wVWSSX18mWaX&iI!+>ooKtHsEWR))(w}37UbQv=Zmrxi;_!< zw&IPBRgR8}Vy!0V*`<59*_c@ptI6glS_JxhCq+aYTlOfq{HVB)n&X^&7h} zpGP#Qa!MbX_(Lp|rEp4VxKL@hkQy6lMtQE}Yve@^kctUH#1vixm_}(t2$*%EX|>c` z2WV(U)R3F9W|n4{H4IZBE-F#z0RbV0afE>I3?oLF8R>w}BstIuW|#`O6p4AzDZq;3 z)uLn4R9xV~A(UPo>n01A=sdikGZv2c6u2evMQjss@Pqo_9Ufvg#k`UG~|LU{J=WUpYdRcvR=|xK;aUx+gacVLin0JZJE7VYuUl)GZCerVnpr;Dd%|W zT_D1~(pYjX>Xj5J7wsC35W**Bf-^A3S!k-HND8IM)U9=Cl! zh!QI*EH2nUxytO7z##nY)Rw#v}zSF{y*qFUjD+$L6fs|RW*mdR@ zq)GnXFxuF|oe+8$+!Rgi+f^-5U2V1=29NSBP+_Y-8pcSHB;jU~nu3dqE-sGxtyRe< zK0>b4HSV`OuH}*y=5~wbZZ21KZnb?W1$ zN(=4QZcyEBwB)Yt_SNbB)zGo*?_y~1K7`V#9NQJI$?-0<_%8D@lk*YZ*mS&6^*^I`ZywPP?wk9KGkb=3BL0r_S>go4V%=7|_m6~r|dao>^*QS|I zQ#|E%!f*UK%>4cen>ItC8tP$Q6Yl-ac}36!`9)rCSpbX70Q(A?>e&G&tX(c23jY0A zOtIgmx+{7_aF|YT!&GpuT=4zOD%a+aZs0{2jZuBHNM4?hmN=;i3vl*c*7jm#l5Hys zV^~WuVI|S)q$C;=7urQVYz}J-3iAr7=?=Gc>jv*q^nGkOa9E0@P@Uj#6EDmYFN&4E zY!#nMvI>N*29b%VhZldbz=ScOC|2W;G5$IdG0v2wcnT2!SedYK3A-`C!118$sJ8;L z=I!uj^)N@umh~EP-UzawK(8Z*CnBHL`1;`_n`kBH)+Ik)7C6mKm|CpCagN-|~fG1W=}b#YH)v{VB%RllHBtL}Fw?gAqIwGOdV?xC?)fYTb2 z^+l`nS^r8)Ux*w#4qWre9mB02^YMK6abEAWMhA5^+ub%7vSP1HUpt94l3Zl#VOsOy zT66DZZ`EW&h%Hfv{$YcmLJ$M(g{Hlx^f>@v3U zYO`(wZ)Tt3X8Z7O?=Ek{Ts0TB#l`Y#HTH)pw?N_ccGNa>)7){-vTs+nCP_DSRPQxv zxBOl=HD|ZrLN<86aXBY1a+5dWf=D_r0!$BQioA+VOP5)nH-vEabZ8bifI{M>LmmhL zIgq5pF6l%>HGVUQeoKdBRYMC9MXmWVgO8I<^D z0qhPF@z?@|(*rOxfe?&`m81rG6lo;z#=6n?5qY2_dejw_nU8Y^kVA)D4fz=q`G=4L zliLE5-$V;nAivs)=zQ7#)c8KVD+IeMJI~nOb~$u>IkJdEI<$a_Hvx%H2_p!Bp&tUA z4ibA5IJ3sNA8A^hOYjlrxt==*pF77<(ZfkNbX}Tx6I6Jj0}mOz4x`5!>Bxy6k)d5k zWj#P%^i{g0dpPmN#G{Y{Ii!Pma@1awI$j6|52%V2R|@_CB|r8h@7j+PO?u1b$5F`2lqB^`$CI5C6oI(nmbCOJ8o9{ z;kx_Ue7j_XyS%eByeId)j}5(h%f6R#zO(nghfTjHhP@9wUkAKnBRsz={BturFsu7e zvinOGiL^s}-%9*xQv7&Yym@1MemgvkUPvjW!y#C>e}TN-i1(~RhyDP#fZH2Lw6V%l zReBF(%Rfiwki#KRILbHR%>QxCV?@CthH3YNg`+q5aT~ps36#?ca}d&$ACT+NCi^xQ zaqbe$*L=|*#?jM*nKyZw(<%_zEDoY^9toPQ7F?HU(G}Fi4AV8GhdtkkJo#eCcoe#! z!?)qrtk^!qRwU1xKYm_BJ|H<4_?)ZdH^ko?M&Jv+po9A7lWT^FdZBsk3N{)s-%EmuutAGvk#$uvS2B;7VU^+dQ{ELl{3{AiqpYM&A!T z_YcO=H}YiAq4sY-=7V_2Y%K9x{`d>V!KXiw#D8GSKmB8f{ku#4BhCKH1VHHdH;`aK zg9i~NRJf2~Lx&F`MwB>_VnvG=F=o`b{*hxxj~_vX6iKjJNs}j0mJFGvnZZ0GVaC)b zP-ab=H*x0Fxszv4pFe>XOgZ%A%9aIR236XT=2E9mp+=QDm1@zmoZyp+}80w$eBe>20fZ|Y14T(bM5^3^hVLGVaJv|yJzaHt7*?PYm0Yp z-@S7O7d{-S?YAIVekD%vwNzW1Z7r8RojPCRU6CIJTpeQbsL$Jy%ablTL4UU#lq;w$ zJ$Lu-;a|u8F?n403%x@HzcpR{9wFq)8^|AAZdipNe#Fp0J*fB@BbxgljPNJ<=)q0G zgYtW7zpThPM2PVM{Aa)_eyC@lcC094!KWI0@WK~iv@WY^wxaPk`m`J9j2H>Z(5dIh zvk?>_nxHYn0rhZD#7S&S?f+3Iy2WAAY=$(ufl)2q1(t4BQ8W01}7> zNiVY0CIA8q{Kw5H>)Gc8W8PeaOD}os(@%`H0>wsp0K5&PGeY#tPal_h&Xy19d9;aU zusRZ#J+%39pC90H(!5FZ^n%KEI9Rd8eN-^8oeNg6Q@wV6Sm%~B&HPduDl--F(pu%D zvc*4v4HlxUnz4l(ddU6*#!wuU zA5guOG5`m*)$&(ZWmPu-BV7H*)nA3pS6_p;0>)TdlwH=N`nK!y*`UBb1T%}y|F5OZ|cta+r-g}kYSLJ-$0tOUY(orqDW@9`UDDb3h z;*hPd{l{BPoy3@*FZQq)np-qYbsrWUT(#9yL3VfK64_hvWGC@mS!+MrN(Y#jWoFhs zXLrjg9df|Vs%L*PdGOvY5pbhuB~LxG0W#&3a!ggjoOeK}n=bJ@DdD{O$y?^#TJabu zw2PrIl%+J~DG4b^RIZYht#supVHrzV&XSh3wB;>viAz=Hl9#>oswB|LjnN4kOlbhYFWHr4RPH~QtoaHpOQ?$tPWMPyp} z8d$;F##p0-t6ULVPQ4D6v0xQzVk+m#e3oFXQCYH0_T($+M zD7kH2Zf~0#U7o#lxW=`vVx_Cr1(vU4=Dui}LT`@qTIURDuHIRbdEWD>QHkij{COUQ zPz62C@vRbDBTN$@hliQ008Hz4%46j+HlpzAMyI0~QW^oVM?epFL;)0M5VPg;a9305T zIWmB0C==t@Y}Kz?AKeWNpP1MvP6sOpA&)hv0_L#pvdN{5{uO{LT<7A(c8sslVu$k> z#_8rcR^YvBtgzU{=SDM+%bjjBAA`sBuJ*s%e2j==h3BEB2hXXF6>mGd#r3|n!^V46 zi?1D*7;np;>0u2GGg(TyCWe+fT!WJ1{LpND^vems@>0kP#pgglvTZKvuSz;ANvDV7 z0lsEBYZ~6rF!R*Uo^GwUL(L8!h2xVh_0PkZ>sQx#)~~H^ZhKwfl*V-BHO*e zUd^zN@jOED3_5G&7@g;O=Zk*n$6s3Xj{mypwGVLqvr9f3tcQf_kq!&Xt6BDyqWxoT zF92gH_n=S7;%)-wp$|UH8Ymzc7*OOqj2Mis`j8LhZjRVm!1;<{0_j2KXzs(P@5|7N zD@@8dY{C52Ec?E07MSkwULhDjkNrq*>b|cRh_32h0rhOq#jc^o z><`<>j0O1*1|#MFJVOAXu$2fN_}doDFPWAp!?3n(L)H2D`qA(O6X$rIJ_YZkQ4jj z=oqX2BFhso2^2-K7Ax=+-NF=cF~4%oEmqO<++zM1>)cdJ7B7hwZ7~@Oi4>(v7k5!B zQn4?75f;Dh-UjO$ul@h-lftpN#*rMO z@fptg7}rawQM#s9f?TVRE}-awciAr;=)_ za55)#awmC`H=K~TSTZPulB6JVDE^J|C^d@Wka8)R5}}H+DWNhd2TCcWvMQ}IDcA8T zwQ?)X=_$GLE5Xv1yfQ4wvMgC?EX^`4)l#^!axLBREprJi;c_nNvXSJnF7Yxi2PqG# zp)K|DF98$J`cmxzvoHG+{F~Wpg%Zvo>w>Hc68T;9vzz^9@on58i+V zav(DC01G;x1#W-}ax)Kh(=@RF19G4^JD@f5U^ydm3O3+2wR1bUvpc=>JHazNKQl20 zVvtgz8PGF5)pI@BvpwDOK0V9aoV^FHx2KlO7z`LjR$^FIMJKm~L_*OM9U gAPWdIK^1gC8MHwi^g;XcB*+1fD6~SYA|L<&J8%)Uwg3PC diff --git a/Media/Images/ConfigWizard5.gif b/Media/Images/ConfigWizard5.gif deleted file mode 100644 index 4b79f7f633a7551d2e3294e7028b910d2b3c9ece..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 14080 zcmV+bH~+{-Nk%w1Ve|s10(SraA^8LW00000EC2ui0Q3T=0*C(q{{R300RSNY0672v zO8@|7003$L5>^2wdH^{&05)U*IFkTNY5+^30A^+YYH9##l>lhC6aWAcG&B-LV-rrI z8xBnw85tQiQ5i*DBqn?(U1KI%Y9@P?CVj*w00AlhODY*KDljl9OQJ1gp(uE~H5o=T zAQ?0?4=_(?G**{1R--up0673RIsj%k0BSxNC_6hlI5?9wL1H;)kvM8I=W(-e zhgyMuwZezI(tyM4iz)z%Dkh66ON=ppi%WZoe@BRjh>Vh}j+?iMq`;Fn0F*d5lsIXW zJ&2)f0GDf#m3k_Ul4O;lq?M_)l&Qv-veJ{dlaSlCp4Zor+W(tMESX6OvT>=HgO{3^ znwzV!o44Daz15^wnWJ76q;4UkZ9ArpilURKq@#|dq@|#sx1_PLsl|+>#k{4$?xNN0 zqvzqH=l`ygm#V6%v8=|a#^bSG6|r78yI57WW&pF0LAINcwY|o++U>e(0Jvy5x^*JC zb2Pbsak`5tyO2z|o{hYskh-{|y}7)-^}M+M|G|qy$g6F{sgB3Aips{D&CRLA#Kgzc zy~gA2!tLzF^8e1Rl+4V`(u*qBnn=~QnAOzP%jwhFlQ`O&{t4w9qew6EX4fCCF2OxPeDa^&>#EzG#FIO`)2LIcUX4(+V%D%@%brbpDV=QHUf15uySMM(CU569*ljWJk^0=>5I;q7)Fnhp{==k`SW0wei*WW7V?lF*q~n{Qa*^JMf(}4 zrVGp{G^wPYGTLcEp{kfFM*gQRROzLeZo2A2vBs$@O?3{`D@ZfusVATHB{WSTdf=g~ z9(wGt#~XfpGTcD-O`_qFECf)1HH;XEPXgHnK;bUvJ&IufTToH1n&B3BUls+FYHL4@ zWYPsQ{M>tBwG(0+fDR@yiC%#uLa2`o=ZdNisRPlw$-D6;d>WNjG&ipxezl$ zZU7OGxvszgxLXCh@-8edK_r_z$%G<{YjCyzKWyT@C&&A7$m)VT^T7Y`D=t9}(`zrj z`Zk(ge>(@AGcy9$yzA6E{rZp9AHmmNMSJEr(2fXYQ;4#7tl@FY@+18RP={Wykr*mO_hnO*`Sj6#6aPbX|il-!`|yrVS41+}>s4U#A-hX2 z&(Gf$N?4`Jr;jQx-LERBHrun zkTFnq7)%g)7#FYz;!i{lT#^U5@W0#%@NzhtVD2;+01m2ffFI1@i6XGS9rVvaBx0cp z)r7)VN$-dLF2SBjg0(fu5Gy=>LWnZ-Uu1f+YhKqPs~jXnM2btM&suGR4b`DtsRBs`w4b#Ze1b>fb=9s5uDP5`)b% z$dgK#AX>&QZ^6^0l>P&zJE%^Z!1Q04aMvm-_9Qg+0J@aBbxo|XGcrg(kdjhlLf44SIgSUqV^xFi2g!r zXG>eiMgbJ7m}_l!%iFlVma@GKu5hFGTh;2b4#Q1uXN$X6x#A53B3MEJM|sfC6&%;61J_`|EYaCI|W zj}n{s#Pz5Jh*x|X5i^*?C`Pf0SxjT=C>T^_q!bGbKs@ERw-zy$aYFX-glkYFA0uD~ zNsz4Mfe`r``OtuoSF#T$%;F&Fs6dlrlI1Orq#uO1vO%8w5P#qz07&?9{+K0_4je>r zB4$qWcwMXzham(QqKeLsgM8u{AB4;kVe*obOb|e;SO9|X_T*)yL@?B_8*I?#k3Nu>W_=)kTSCacCtrAQR@vAci(GdK#eQbVwio1h}%a1%QZD>qiji z@xVQ#jb?IF8r%Zt!#}if1aKq4+UfoWl8X_5ct2Ut+6ebO`hjkBH>}_C{y@FeO=M?C zAl>{9_db$Rm;ehi`y{C0Q} zIKJ*QpC0&xkcHe)&W_{jdKS13x$^}Q`D$x99aASh_JRH{2x^NyAFXG#mBD}IbXcJ1 zkGB2GFFom7GnwDwZv3Ji&->2bqsy#!y_JjqZSPB2&}}9Uf}nRew|f`YW%#Fh%a>`# z7kvK^XJ+PdueW!cMiE6*Ms@~jfg=!}1{{bNWQylxr`8XKFlA3hcMWh3x*%q&mUQW6 ze;B8C3zr_*mTQ&9WP)~l4|fh!*KoMEcsR##lV)^9HftWodACPsOh$2XHiV~^YXU)T z4Hs~F_kQ4p9_c1%OvZcEhXekwf*crTy_R|t=Vs3LWa%J;?;N32C<2@@(+WjA%%w=9~fgH7>`ki3y$Xj6Q~W;_IPGS zdAWBF`_KehcX;rDvO7-p+Sex%2IOh}HtM{vVO z5HZ;>$+vt=CVyL}gsFCX)i-h1cWGoekgRrlH#vS%HgV?{loKaqXqc4+5ozxDfEqb} zAg716xMk!gepfb+mKT28SP)OyWkm^3|SuiO`6N6*v(NnSn-fY|7SSzEP1v zh7dD2a42YX=ph72mT=tWZ8N9N;l~9&s|sg#CMvqP?qG!ZwPmVE~kYDNp-q6Zd508 z-3WPRxO_-=Z9wO7Lsx#+#sNkCMrIzDg-+LKWBF~E|$@OAIFW=V%; z`^bRJX=LQ)0Ro6^V<3ESCzSf;e3wXD3`sRV)?oyCkuCC{HHKILIyDpaRRNixjkTb= z(x9DmnvDjbge9T6LZKMip_-wgal)Ynhzg4H(C5rx|R;Y%0sEBHye@dc(YNrJOWQZE6k}9c+x~Lwi1*;H(-5{vp zMW~bdsi10NiW;hER5ReM1s5+{;+N-|$ ztH2tp!aA(PI;rvHq?~$Qo?5Ji%B#%!tk4>*(mJiws;bBO9Lf5lcUrB9rx4uwt>7B2 z;ySLadab6UtlLVi&PuNA+OF>UuHR~|j5Vm~IyN;PK69f--T_sXvX zTd)Ruu=2WD^!ljmIkzYuFte+QvnA%T6Z^1=K(vO+ zva0H_8ymAc+p#dKv?VqUPYba{Tc`;uS__M-h3c{qy9hl?toMqtGb<0a(6d5YVl{iS zBFn66i(*ncYE&DxEE}>ad#Gt^sBc@S6??I4`wJ**vxSpegv)1(%V&LC4=8)L56iRekO(Gws9Bp@w>l8H8f10b3xXT0_nNseHV!uX zwwD{Mvm3X3CJ&8U4DmxC9fDDLW2?gA=C$_ir+qex3y7l0(Jo~mJ ziwu)%!FH>*m4FHnD+&-Rv1+wK2<6bbQ=14Nys-_e zzf(KI(V(%vpu#-c!ZusCsXz@S%d$$G3ds<$iW{+^(6}Rv2tnMv<6yDGJHjz+xFxo^ z8BE1qOT`GRz!Z$KA*{POObt0~319pR3jDL?;IS#Z#w?5s1N_3>`>>VJwk4**w{X4w zCx*UHnk4A4Y!Kln5|JXC5wJsBvhmQk-0;C*%MB=84f4$enZv5Bj*77NH2tFia1yeyl!<(s>@%L*6k zwO6~gn>)8SOSp4;#k9P(uk!R>OU))`w-xIR z$~(78ytC`z%;P}8*Z{ikY_gxrySD(nzp%S`{J^VQvo6cA9o)nB9Kb32w-DUD|9oPk z49%@P&d5-a5mmebyK&!W>((YrDiPTe5H6)zxs=$;`&Akh0@j!xVgCT&%Vu zE5Tb_wIG|rPMo-XjL^Be!-1XFe%se>eYfzC)MNa#VJxweEyx|65S3FB{on}8Fi$6) zXE~wL?mNj(d(oGC3+=E7kDLsmaN6te3>19H8tcH_8q|^E4i~ft$qpb+ejMk(a zxQP9{QZ39CY_oMe*%TYf>TK9p?AH~13va#5ZF|o9{N2M`-ED1ReT%d64BwIs*ng|t z7R|ZfeA@Dj-fIoO2fW7^IgjqOUfJG%C?KU-hk2mI;23tJD3AB_y7TnkO1q0XUasF6e2K&JP-#1 zkw%g*EEFK;@+c^cXT(-95Sbx{cN4nZxGej=J?q<;{K(W`3#ZKuFdGl3kO(^M-=gfT zC$`G|YYS;B(bL_%;{3{O`_H7@!Sl@BDm&HS?aL)wz{|Vf{?%L!EDO2ofDO>?4pD5f z^ot4;E9h|?!wk)_4$Zm5Ys$79*+aVutB|wGE9de|>B`*D1TE&e3knnr529Y!elF!! zJ+tv#4flP$D0}H4OX+z_&1SB&E{n~WUBmEOvlT7HW8KP)F3qIe#oUFtE|OWq}z}Aa=Gq<`hTHb1(ga$V+lLu`T2Yg5*&0(eh$Tz(65M&IS7cc!G!9 zI1%M0%MHBUvoKu`GF=bIunPOz3!s3#zx@ngo2X>2&~Kc=dCanFUbJESv=jX4J&XvH zVAWAw=iW`#N;}2Hox^Tj+)}=?H4MZz+sfJNv6OKB-u+v^pu6yO?B5&C=2{)c2JFgD zE3_jV@h0oB7HiBZKkNiQ^X!b+wqCMMUFa1I@YJhSe=3NAi1&mIlYUJ;2CGcANX-Hr}%gY6x-QUH=y z%M&#EV%ykGEq@dD>27C&*%P{*!!I4Vpd8uvF7M&o3;nCyPmR4GIPixH>XPd9(F)+) zyXUToyOKX@n18UM|GN<_yg}v;ws7{l^6bvA_EQovd>`%{*a(_XM$^Ri-@Z)LQ$TP8 z?gsMrJcJH`kAa=&?oht0-|Dcv`px)y-PQie{G%WJs><`uZU?P@t`dO{M&c;XB>N{) z1DewJz+lpfTo5Q-O;`mb_+ZH9J~_!#B!XZ3gpd3JOZmF$)KsjmI!o!&+Tqgw{{T@> z;6Q=}4Hk5V$kMuj{~SJq7*XOxiWMzh#F$azMvfX`*oii=8=a03`!Na-U;(;+{HUZ{ zi7&!Kms}iv+wt#Y%AEL82FU4=&7MV@R&Bjn7T3Oo8&~dJx^?Z|#hX{}UcPE3vHKzHKW~#++I6X3m{GfBptt@bPHUr8&}>hFIcA)2&^<<`_BR~Q>>j^ z_io<3edmT9TzFyBsw1)}K6rZ~bn4ZuU&mg1`F8FVQA;J*OUuup{jTe8K?x_M zutEzj4C}z-62!2>@+7MzL=i_Mu|yM3L@~t?J!G*(7hi;NzSQcAvBrNIv@u5=cjU3h z|1^XMIUha5aY!SNL^4SwHv;k@A(xb}NGPYIvPvsEY|^18uMAL1F24jbOfiSc@}Dio zjL%Cn*JQIzH!&*n%r}=){&P+{@5HmpI62I7xH|g;G*Cfb+;dRj{xmdEMHl^XMg$pc z4N*uZrL@x43boWRNi*fNQ%_HGbi+>z+jLY@4MikXRaa%TRaakyHC9OLw$&;f2UueD}>!-g$Ye_py8V)t6s`Uo>|fP68PS z9yeksXd4ge*`@+>2$J|Nc-Tm3V!Gb>!5V_z;UN}~tx-nuw;<<)4i0OJ9R(dX&83C$e2~y_+#u-*e1ye4s=bgnH@B9Z|82|d@lXs?u;{ZI^*__8CA6x*m z1%i9As^Pu*Zrua)H{;d^3jA;n=ILbOjl<6PnAwh^&ItLzbVZt!p!xor^1{%;D5L|&bUMNFh$j*GmqEXE_=s_kf$6pki z01i4=vd7g=cr$z&8$6J`Dz-3WT|CG({x&{hyrP5@E1)_o0I`%waC&QehtZ~}J?qu* zhi(I(Ff0bPBTg%QW?G*{u9B6LMCBq~VM$|ZvZEz7(UHMjDgfoDeA2m2k`kt!*?DJgvMHEtT4X07Rc1eT zpv*xc(;@nBraoR!lzVoR5kV;?G3{y5oZyrt_^{_mLRwK`av`Q%8K+1~I@S1`^k1M^ zX<%Afk*i>$1>w9XM~A`;qaqU+DKP*unA%f`CeorZwd{?MTC z^*DzAsDhP+byx!nsJYXoTwjPE677eGN6iFts^Jd$#zieKNS*m7rtjFVOV8L3}w_Xmde`RZ2_c}Pb<`u7fJ#6rf8h6A-HjIFMDq$zv+32e< zARYZ|YENj{rfPPzwOx{Hk1E^S26sku9bf`S7cBe@fQYN~?Qs6LnNHy`lXX?2~m_;*Fnactq?)Cd4U?zv6A+#B4>e3 z?kba>FKFc~5BIWb@|26qWT8q~YsBrUaf$Qfz5W$?$a89Ne8NPZ&>hgxk-qI~6WzVh zZ7^~R{!HY06XtdO`PPpbRe`4buVcr%aA=K>(?%e@5SjTmgKKV_Q{A>~FX~rG%a5b< zb0t4ld_;;K_Pkf#HMCx+SDq3RpAPuFD{+ZNIh*1CZvKM53cx~E5P8vNq66Pu-@#Mj zDj>02KH1&=RPAj~Y}|WF_q+FX?>qH-;Nx2OoFablWqtfiC13fhX1=AI|9n$Nzf#ku zzNhyb?O>8R``_<~^(lpY@IzYslOlil6@7k4rChj18&EY!l? z%fT+3w0t?jiU`AS5QlZhy)raIF7(2R$Okdhhj8GAd+phf!RII~+ra zpevggtE(UbWBLX(h((C-tbn`4iMT9;3k-bAh;6hMVnjM)gorRShkvj_b{NDrbjDP4 ztgbS+p>T#q&B1%(yzO!tcl7f%6cejj3~JRseaM{DtLf>OvsG@ zLUI%=bG#`%G6zhnccRnh?g!62^=pJ)wI6YbY*aiany>2P|+V zvnz_Xf-Zdq%3GWipBCfte7s((kyhyJf}Fjyi&K) zi^|c1D}2a--GVH1OE+fFx2ThfpGYXC`bmwL$e^4mi)6-!P)4CZMu>REhO!E*=&D$J z%BAu<-!iJ6tE`lS%FR+qnE;1P_y#rDEpQ|)z=N(^M9Y-yh_z%(k}^jyJVl3yOU*n) zx`anvtSw5EI=j4yw9-Y#qe}i}z^}o>tC0FTm~4qXFay_vMX87@on(Zl;Djs7(U3={^H(tV*)K(W#*g_kVtlP%>^cJb0Y0n;!YmodeYGBs0d zLDM@?(>1M@Hno#Cg;Qpc(>bBjIt7+HeUm)ZQ(oayH}TUyHI+bZlR+g^HJi{NP1Hm) zR5n4>M&*=8U6V+a)HhpHPP^1Vqf|7p)J>g~P92j^1yx3&187JBD6PR#tv_fW0#%Js zR+Y0;Edp4zP+6T-XsA^n)l^(fGg`G(BlFe&)749fWi`N_N*CEqaE8*9G<&uG2H-lBdf8|kyr7?u1l7e+uDuLK3k=Tia zl8S|ri^W(a(by&7*p5Y#k5!V86@m0Jp-+a9soyOof<<&nMR zTLtl3Mhe_@8eAO#+`=7@!`(NE&JOjaBRAm*;hn=+)lW;NBnn-r~jHTOD6~ z311fR-t+yX%++1?y_WPP68P=X@)cJ46;t~?R{T9v{RLY71sD14ko5&%+wtE5Enqf1 zUI3&;a<(*Nu6L3?O{(5U;3gO}|{)aD~kTC9IGL8~44%H^cHZ_J6G&VXn zHdQtzLpdfgI*vm-zT+r9UOg5RI93od#$rG&5J8^e3x-({_G3fYVQpRHK569EedIie zWagdZa8+Rp?%GR+vKf|QPPQ^n?qg6kS5a1EQpV(6P2>|sWhlerK5S)kedXbcWm)Fq zQ?BJUA!GtEzG-{^WB`l5$>Wc0Q6akp>tLXLv^0Vg7DDd$tlp z)>&NE=ZpUC@hk%KP)1jcUT$?jXXzCX?0Y^|1L{?8T=wH^*xnA=j$zuS6VVo2&gMVeE)d*S4%=>F;7$(VMq%Ri6W=Bf zS|K<5q+<_-?yCSmG^4eS13eoop^mTvp-XvzNWRuk!|9&d&#@2x)XS%YYc zUg`Dbj_}T2_-5~l?rwjkZ}E_C^UZJlPVdm}?_7g!0}Sw48}J1z@c2IP2Tbtp!0y-3 zZVi5L*NE^6p72O%a0Lf#OV03LTktCFZ~>1tO&DnL4sj13@e-f!69?Z9*HRXrUhac} zgog3B+3<$0adr745~uMT&!9ib1{LRTA8%jGu45uE^2lEPaU^$)%D!wRA95y-8OV-k z^Okbk;RO;f@;ttBf%$I^@A3?i284$4`werd>FX_roVWpIRA0E zrt|-`b8T|*FWqx!dvjv`b3VWEj~?{!>vJ+abe2l=G+lJ9YIHY!bi|7EIi2*_Ds&US zbS9~EJl*uKxNy^`@CXid2KjVu>-0W7bwtnfC0}(WZuKaCbyyGde4cf2OLalLbzF~i zGv9UZ_;MWobuSKfLm&1rE_O{nc4D{hsrBwy& zuk&pm<6J*fafgUfCyh~WV06z!b0vd3X6?gn5+rRF%*6r=Izhr|Xud`BAm`JZJfU?|EVLx`f2g;nU z`>$qvzlVFkZ~U=-e4__&x1apCu6(9Hdj6*m{LCKw&p&d>hy1xGeai=P&(HkM-h8Ql z@5CqkeKmX`w|2c>{oZbUXUA{bFMYm0ea^pp)$e`5?|alo{9(T`tzY#x@%ne(b$RXq zO#O)rxip#6HkcCIgffaiVVH+JNYeS)3+@V|7$ zSIhVx`>lWfgw1`n-~IE?|A+;Me*y;*ENJi`!h{MJGHmGZA;gFhCsM3v@gl~I8aHz6 z=xu#BG$8N*RpNv_AN)T1%tw^`!B8C zyn6TY?Hje^RKIHR3NCE;Fyh1u)Nkn}&4u6d@OZTmLv$FODRwpqJ3@ZiGN?oK&8=I`UmmoraVy!p!H(5F+c zuJXBckJ7Vq@9y0p_U|smlP_=nVEFSAx2tdO9(elq4cW`DZ(nr$`v~dl@9#fxe*X=` zpMV7#SXY1r5_lkk4T1$5Bq=y3(1H_McwtkprD2?d6=L`yh&#cS1BVTI7$S-(js}=P zU6f(ri7LuCqelq}7$c4TIqFD}jsM}eBalHV)T4ht3V9@w#gVfllTAALB$QD~IVF`< zT6rawS!%f@mtA`KC75A~IVPE9nt3LgX{xyyBDX5`}Ix4B9cG;<^ zsj9jvtF5~FDw?RmIxDTU+IlOlkII@Wuf6*EE3m<4xvQ|n8hb3V$%0C(vdudCEVR+q z$*i>1T6-+3s zxFS*y$|x&3(fPIBbR*itS1Y-G}A8A zEM+ZCOFcEwQARyA)>&(va@A=XjWpP-D!nz?Ha~53*=fhz^^;et{Wjb?i;Qn$`i6Zs zuVcpz_t{Xoz4zN}JNY-@g_kY3nP20*c&K_CPIljIKdv_7OcFjh=1f;krs9lyuBqdh zPaXN-qHn!9IhUKhI?kwz+4<+OR~kC&LX+O4>a_!ndhWXWzOw6K!Y(`Uj?(_S&bM2R z{L;KL|NcDibN`fY@zsxdJoGd7oW0J@bN_tsU=D9R`GsQtz0=#HZ?pI7`yT$686mqdqE5um~CAf_ntRrUs z3t-j;n7S$|0vQafM-OH8!yszThA5LqDwdIo9pWsBFY}|$q)0`nS&@z;%py>>*u_O6 z{_2Z23u8R;5Q}=K;{yQ@02;R;f&F;{fG|YBAeW}b0_yCC@BoDbdq@v#_{$Qjv_w5l znT&rWP>6PPA}os!HY`Dl4(^bGBJAH1sVGR69nfD1j7KV>;Y=y|>k>(% zCL(G9LS3Sao5*MdA}+x}fBmAF2yDj@FZj!P1ap{IR9Ok{HNCnqvYv->q|NZBzY>%& zW$GA#In<#6Wdcwb{2bjafi}l+0C9n&Ti_k9>}O5DS2!Wdf1$&U$RLkUZVy5l6~SM7)sx7PW*Y zBB^K3r2-0{G7Dopwow6dz)*jn6ow4%$O#l26roUKqd6i9iv>m$U<^DUEG=qCEPi!m zDXqs_x#`3V`Z1+Roas@Qsj_x7k)4-#Yf5E$3B7JquHLLAHZ$l`bmEbZc5Nacxt3IV zGPSaNa%#+=+Cp!{upXPG;T=06f~jI{lwh4}GDacRmB9lQX`LfR+q&0)<+PTCtm__= z2u*LKf{q_u8DCRILBQ@&uy6gTM{%0mdPp&Wg^H3aL?3fh#NAY5W?8!S@AjEH;{0E2Av3 zC>!yXV8aa)q`1#-S~2&0>^_<8*JW}Q?t%Au#JAabZ+O-cYyw~bKT~>5fX<$v2Mx1A zx9re$PPBcOT()FR?$N`_u0Zx&=~bWU($LGarsXEvn0cDaEdJvlsIkUMXJXFOSSs

?sLPf+g18@yHosb-^F{`^QJfD(p{Q$=eyue+PCidjqHB| z{BQz~4Z#gA@q|&l;ugPnz%mB1jdOfs8t*vBLoV`~(PFZsz+zVep8Jmxd6`OPQ33}uJ{=tD31 z(0e`#jn{$}V!-*;v%dANr^5_hpZRXMz3=3peK*W*_G$3G_rCu<@PjY>;S<03#y>vt zldt^cGr#%He?Ii1Fa7CLzxvj{KK6gF3}qy2`=C(%DpnDN?32Iz=0E>5n1Fui>z?-H zILJDfg!|mqjGEnXBme;0De6?w!OF-;mmXdF?M9A2p$ zY?l#hv>Sl{9t{B@Aq*WRJR(9`BSLE?hR!Jf04M-7FEBGMO@AzLwkLuBD3PZqk;y2L z>MopREvv;fbE!E105R1|CRY`hO zUy4zPyHTUoR<*}l1wLI1QdR8LkTF&oe4OwIx0$^;NX^y>RkzQu5gJQMTW5eTS%co|`$!5ywX#fCf061y@YHkf- zZ60iGHUwxpd1yi%YHDg|Xq{?mx^0OBXqn4umD*^n)oZisYP;KPyY6bb{%OYPcTF&K zT%d4!vu>2YaG=h44{Locfr~k5d`O9Ya&mr)0er2wL}qe;)vZF9L=% zJ%u|4ggS?Tm2ZfMh>DWVj+#M=snLzH$CNh!m1+Q*V@j23m6f`clDpoT%h;05?UmX7 zmD;+T;s2RE0GU`Mqe}v(TMMI`9H!Lssa_neWFe`FTCDB=uw4YQb3(O$O|q;_wZyfu z)#Z~3$=vD5=k&wx{>znD(y%emh$q>UIMb|u*SnR~#h>AvL)w*U z*shA&x@y?YpWN7$+V#TQ{{H5vRp7OM>DRmE;>_&CX7({Vj%YIG9v0~M@bL-yCySMM(z=I1PPP{Se*~pXAw!N^p z^XJf`OP@}?y7l14m1~z>yYcPo;KTllA5Xr#`SXyoZ(rZKJLB)@e+91 zzZm}g{{RLk;D7{vmY;sg@t22x1vcp5gAhgt-hr_NV4-Uk29O|g3Q6eUhaiS1B54#> zcwvUxDahc6EVk(4iw>4(B8n+;m=KIGn&ALra|95AW@ZFX02aOlY2lEZ1v#V?Nan^Q zk)27gBV$r1zy_5&J~^6>IEE+VjO(e`T$e3!nFk#k;Gh{D94MjL99DLQ#}7@;q2`)x z>IUbPqRr9doCCO-$DDVTW+s`{eF+8t`&WVj=m7N%-s060it?PA+bIj0RUG?|B{g*q1QVsqZ`LjcgOD@C*3 z20-nOcf`P|r{k831-ABHS#JPYHoNYiKe!98po}pKt^?BM5$e1W-%9YA8)SQBzev`5 zZ?eTakO#vh_Akjbvd}t9uk5Qs7HX)rp9?$a zvy0vs&zvU@!<}E3ou}zm&W?M|mlG#4g6$=KP-SxX(Z~01WKl-V)t9HE)l*x{ZSZCq zpU1XVQhj{b=5qeC>8`i_sr^5^ny2v;b6=)lXSV(|27Wth+mGZYJSE%@R*gZ|o(KiN zX3Y*<8H%0(Yxh3El}|X=!`{hmR2ek*;SFyXLmDji!SQfOOA^c9(%P^=(P=7d@yp-u z>Zh;!H3owI$K#;`YxuvQQH+5D+}-_dn7}43=7>Uk;PVyKL8^i8Rkdl zxv7GK#8LzG_rRdxagV_RVj&Z$E(C1QPtE(<95h!uJW7#a)N5mJ#;Bh%ZqG7`K!YMg ziMc6hs%}WaLlF2R1r`X-j{n<0oV1j*7}i@B zk}}amKd*60OAb?}W6-2IO>vT9n#vojsM*C00#0nK6eIS+q&t zTfqLS7qsSdvG>svkbi90yEKMD3vp_iMm*?19bhI+3CRkoE0mEG;InrX%vt|LnE#{( z$W*~FcmuQ0jwU)mbMlj5vU+E3NXZ^kx>Kbi0v?2#2h*BTh735(sZMvw)1LCQodvNe zh%Wdb1`744!dVeg2jne53TR+5T&h%cqtvNd^{QB{PgS$Z)vkJ#I$Qm!SjS4%-GsHQ zXickHJ9E~xy7jGa)fLL(O4qu^)jx{JgkJZ`*S`AouYe7#U|<96RDwJPD4-3kXh%!h(wdefkYUhiSIgSgy7slO-Tp~x zch#TR+V-}%&8=>COTx|$gDu5gD-+~U$?wsV!MahJ>7<~sMe4nb~jl?&bKTKBrx zwXJl`=&0;^_q*T?Z%(#*%I=Eyyy#7@dOt$mmzsCI@Qts0=NnYuCbzcq&98p<>)rO& z_r3fLuz&}=TmO32w+^|-JA}btVQAwX1dgzTC#(_!{}#atL5C?)0D%sBxWf{7!Ye3D z;u4$qA{G{ieIMeFVASBlFoy92uCR_1+xW&fJ}`z?%n*NIBV5)U9t`O6TP04K0a<}!y@%NYI#{yaDg<~B>9 z5oV6FoS%zk02^e@ZO$_U-h5hptU?7AdVoKau>k^%*(ZZ8^r5la4?S3@0Y;v4gzHRQ zgXDte5YC#-(7sY~K%P+Mr!rKU-v zWnB_*WQY-x<}Ic1dk}wMBGZ}1z^p0ak8Xt8Vg`uDNBr>#i>D{p?#sTi1>bH$?n#4M!v)BEGf|u!F7JVJ|2l-at08mw*v}AVYl_I=4sok?H_w zfExnwM>RHZ09f3F92O#gxBsDVhCAFO{sy>(1TK?ZtJ@(2x6r%(A+nEO)4SeV{%@rR z!jCHGJH|P1d5|m6i;KkDLOalgK<+UPOGw)zB^UWm;w|x)+&lm|-+9k}-tly2yCESD zz{npG^Z`u#JABd(XoD8dn2SDQ2u&{!!D4q$Jhc)m&i9VB!V7)I%5K8!6_o`k5p_t8tsUJsAo{+ zf2{ph5|8==2;yfz695sY7WzMqaruN>J^<&YyE)NGAZs3H zF(^=Dy(eqHClK`j2LN{f{I_}$HwxvpcLw1P4XAwoR}c^ga2i;F8+U=X;sEIofugnu zuD661BLGtP5AIiZp`bnkFlP3bAw}m8yP!S-&;=})YCs5puO)y6;dO#Xcm+`pGWTH_ zKoK6taR>2*7NY?*hJqURZl4E+u~38hfP)&xcK$q=f>Wr7FX(&g(1;l#0Khhb;Z}qF zV2DUafyt+F)MpTPn0N-EhquCqN~m!HP;MgChp(q`37~>b*N3*CaRy)vqF8j)pmBQ_ zas^OxY6x3wND%#yfG-D!!G{Y$rfd@tb#-SDzK|g_0DfC2Z>1OjCa?|)mmwdxfvWcp zHF$F+Kz}!wAtl&)r5JnZW^nWeVf|1Er~qOA5RL)Ri9|PXH7I=n@QoCw3*smco2UWw z#}3#gZptWb1JR5Y@{IqW578I^z~+ZB=!b^(5AslO=jMn0n2-wzY+1MutyYZ^S#U~F ze@lLMg-*Ki4BumY`?jq^y70Wf<0KnqjZey^B_ z0?-MIsFEU?fuIPC>GqRe36`%nlt!7223e7F*_5sJZdo`DW2uyZww6c94i;i{1L2qI zmXd9`lBU&?0{X*3yxHyLCRfR+;BaRe|62@!Rjh=u7Um*j|o+2)jSiG@Sx z06;mCiFktACzT(UaJ8UuTr<}4`cmEau2Y?FN@D9;uH?r ziJV^Ns!&STHnbILMEBwiD^qvlb0D~=NS6Fl38ei#=xH2IHe^jY+83=c7~!c zwrK}Z52)axZMJ|D(GUJZC~90lfB$d~;s6NJW{?3;1kiYE4QZy&IiEm^lu^2g9yyUf zdUFq14FT7mt$C2v2&z%~4>yMdsre7~Xae--5Bg}NTk4>mSf~PUs5`f)jhZ2lijk6P zp_qD<&gqAnT5z3-rLV@OC7^TvfDhro1zw4x;FbWxkgJ1WWcpBTAV7h2+L(8$V(kQ( zLB^*IVUu|lqY;sMvM6op3UIvHqm}xYms*41_J`kwf$FoQvk8f+HV|w|gGrf?n5aGq zpoz0ejt9}M`O2$%8FB*AsIPT*i?`ylr+SIE@_PY0 znFE_43D9|o7@P>(r%M~EFsnW?3$d=rr6@=M1I4rySdFelPlE6i}QNAr6kP0vX}~Oi+GR$qSmNetw&l`{|pOx{Wvc5AYWN&qohB zI(7c=3#MlX_+X|*nQ+b)03M(Qm3yiQDSiO!xz;CYBajKmcd$^Y5O}M%7Q(lKn~;Ee zYcBA*@EWlhs(sHOxtf~>k#@PGi)*Il55N#=dnbIvXCW*w1&Hda+p4xB%eHnFj8cZO z1);Ke{)TwM<)!F~WAN&{0`{H%;D#srf7Y94br@V2%am5uz23`T;7fpXdv)cTXM!4A z{;&$|C=l+@g7>+;l-j=TOR^~kcwk1Z^V??FYg>M3F==>Y>TjU9Y(!J9K|s_!vcY4P7GpjCdFDj#Uh-< z1!2WPECF_~#bgY@R6Gz}Cd6V^#%%1pXIzzm_jOd(#&j&QZ)|=)rf)<>qIKNICwIsG z!RKOmHe<`{$A+wifNT&N#%3`#0Y)%lhaAbhn8*lm5AM)l4(5)MyvYDa$(;Pj?d!>) zJj&fF%A|bCD{0E8yvkUo%B=j#bLPshJj-Mz%d~vUNM_5pyvsJG%e?%{6z0poJj??o z%*1@m`en?>yv#D(#Xme+`@o$i5ps-h49gf21h>7zbqv|45&X~taZ3}dcg^(&&YmaD z713zh+h}-45&O`<7NO1}QF-m`6UuxNn<$9UyqG2-&#OnyACb+?#myb@&EYH)-~iC& z%xU{f5tPUX{_K|ZED`T~&=C>Q)0PSo%@g;W5(yn?4b2h;Z4x70T?E~edZ7NzpJ~oI zandWz(CD0Z9EZ_!m(ugB(W2GSDDlz#7tcmc9B=1#bJ6C~CfE#TosAN155Rg!pxK-) znzAj}6`|87!P+JFYT#gw^VZh|QF8N^4AD?|+NlT0&32UsqAY#V=1p*I&2mgF+W$}v z-d5i%J<a_Fsu8mR~EJkpI;bR(_a6`0xP+z*6s++oNHkLcba`EHe0biStHOFF5) zncN>((V}VCBRAgCX5ymRzz81U*zI~4o(iwV4~MXU=^YKV{d*4{;SDY0{21b>ZPTh9 z4R&qZ4FTH<&I1KLiLbT~=z7w=2IA+OcmO`*o_FM@8HSd(y~hxHEKcPjZr{=-;=yNm zC3tQl9p47Qdh^!e708!*aO5f-5#DVQ;JtV93=VE>*=>H_{v6lP<{jnB-QNyAaSe^< z_|4Gp4Cp02(nL+rXfCC7S9!p;4=gz8d%fGzOw+9W(Nry(BPY-7eCVysjhpS_BmS5_ zuGr^^)J;w5+1=`$&U<+t3$4!DJ&x)|mfB41+XAl81_9e-t(!Kj)Rzrul_vJzPSv4)>liWTz4mk=z3mKqb^Wjh zZ)fQ3=kBAf)zVhd1bx~decuZW=)6a@iw@3`UhLM0(~v%E1Pu;JVCdYAp|W;<6V2w$ ziFerD>HZArM855#7l>@<&ojsf5RcRj&vK={=kOl>?{AmSL>TfG8>1(U@6sORx?N)n zPj$?Go&=rRJdo%H-4A>K4es9JP5tM=%8-Fhl=3d^0w0PI_}45Q>(Sok8my8o9qu?C z(ZoIx=1vmeEpXeu(MJF7-Q4b+=F&Sp-x-hY`d;+ut_MqQ=Kl@w$}aG+ZtLg#44^QG zKH&45MsOdP)w_1!BOmejx!DwN+!pWE!+!S5#__K0>Z0!KY)AF)R`Oq85Hki+00h%W#HXYG^KIqOqZ{D8U)}Ig`J>-ChhXCO( zRg!-N3xaE~&fvm>2^SuFP!M9leFmZxkLdNxXo z*z#pTfdm-BF zh81S~nQ>!F0v}g?{n+v+RHqqj?*6Mxb)dn!D31k59N^?)9trooEWHq1Xn(BMwLB?V zbl;&-k%q<%Q?$c>gm)9wbF#L=W1IDaUiiA@l0p@*z)p{q`l3apW6OQk!8n!Cua0oemfKbjKU zD7(O3;%B=B%L-5{)a)axF0=m)SL=_hzku4M7`n6bNk45&_`jTa~S!bW>^;v1BO;$o`uf;Z7ZBYz1t`oNfH{4&n z61UuG$1*qFX{S=RU3cFd@!PZHg|}X5{i#Hx*-Evy-?q^8H{iC&6}Vu7lkIlcwGL)j z#7qHg_+Wq|4mhwcDaJTswCLrEV~sxsIb@MXCb?v36P}k?lUHWBWtU%u*=tFOk|Wu#N`ndkZH z(rrClrzN;WktnY6*R)G6TihWHfF>z$!ErI`ZMXhet);)FE9|zVEqmF9*G`e}k^kOy zCBCtx`)s?j#han7AGhjNYy+=bMZu{xe8r33op@k2$9DU3Y7wXW+Q@-bI(4qBJ)QK; zMVwvQ&g;6p+|bYR3iWJrXV!PupIzOc$s3;2)<9z%^`J13n@o>B*F4LpC>5MAiA=xD zbjDhhN08~JEWW-6cfL^G4pK;$~6`Va&o z5}R5PM}P#>-|)P3yq-x-W9E^F{SYLlzbqws(F;x3QsNZY`6zmcSxsmZC%5?wNp`jZ zkFTy|7WeQaP%#`5L13gsru+kkT5-r-!d4m~c4aevabgY?GM>h9CydUqNgAbCnX4EF zS~>cOq#nYi4|Rx)U3|zHxdR*EJm({0Jj_s<*uhkg&>;j04+dZ2mD21>B0sU1LfR<9 zxfHL4dMg=#UInnKoJnrN;R+EgH=(kK(Fao+h(H{<4i*J&My`aVQUK#3a+NJM#~=>o zF8+d$bXXB6d%zRH*mV#WEfX^!flg3r84-TGGJCswk%64)D=^|EB>h09qMBl$<797A zs4R^%xfc;xx{o=g8&E3~GM1oB5k#C+m<_qsx{rOzBH+Xm2%l%l9Ffi-s??=9r^CQE zLGVZGIEF5TX(fv=)O;yfNjt6dxnGWsH0m440*slf8rdj193{?FYNbRC4ke;{av5ymlXd*u zr#>mx68rsAsJP_V>8xxkjz{ke2>~==iv{N9=>l`864mEV%WZ| z1#9L2{7F!zOu!MFAd~bpCR909R=oP5IB|j!grbB>4)NecKb2AfYHxhapc4R7_*GR! zCWC|xEjNuyBsIsEKOXXF`eL*Z?H*}NtvC{6G5Dr74U~Oujp-zxmy$U}L`NcdSZ^Qp zk{05{!J*|$pF6D@(+VXOl-Dx6Hy#U~HFE z+wq1O1li3reZw2y@QOCQ|2=Sm7hG%eKC{6UzHo*|EZ_-mc*G?>@pL`B%oN9X#x;&D zi_doB9|w8JxrOkHi`?WVM>&~29^jRy+~qHyc*lhWbDGzD;WD>*&UKD&obTM{Kj&o6 zfj)GiUrp#mM|#qWc66mT-RU=D`qQO8^^!%M>Q~1)#jKunu6Mm(Tlad{#a=G3kKOEN zpH|t?zIL`3OYLokd)#3QabXKw?sv!gRp~D7y!V~$Z})rP(GGaQ7apIaKz!mAzj($s z-tmuz{Ne{}_qx;F@RuJRDekd(&UfDPp9g*DML&AZlm24zd#60+RsT56liu~Ohdt;` zulJI(eCDgiy$o9)d*1gx^s_e}$y=U#;$v<1zDK_Afv@u0C(ZK3hrZE{pM2`Se)*M0 z{qv*0{h&?1`rrTk>1!|B=5yct(g%O~MSp$5pWpp4^S=7k&wk;T|NZyRS^VV>e)?0M z@AwBmlF`5YtG@orzVQpd1Z0^3483X~l47t2P=Eyj>^uWRK-#lE1=K(Rj6Hk!1Qgi3 zdMJemoIncPJPRB?4BWsKTp0%RJaz!V&Lcq+JVEhG!Qj(A7Sut3aly{Jg+%bY8I%VY zh!G(4z#_bddQcMrC_(G9!3A}sL{y`a(KzZna39N@NfCU)jym|u+ z0D^6RJrsmO9K66ObVGls!p-}^Ae2CMKmyLI1|%55J1j#Ye84n(!nwP_HzdS&iNkxS zh8W~L60}1+U1k11#%dsTOvNX%HM9Z{P%dE7-wRFq3gv+>;%ekb>y0pu?#LK+Y zOQ~$jz4Xh!1kAt`%)ung!Zggm?90Pc%*ABP#&pcbgv`kF%EXk+%CyYO#LUdp%+16~ z%H+(?1kKPC&Cw)HwTufHK+RdyRL#|7&DM0y*M!a3l+D?s&Dylh+r-V>)Xm-G&EE9Q z-vrL!6wcu!&f+xA<3vu>EX422hRL)XweX&hGTi?*z~A J9GQRs06UGiI-dXl diff --git a/a10vthunder-orchestrator/Jobs/Management.cs b/a10vthunder-orchestrator/Jobs/Management.cs index d0a4f51..1c91a19 100644 --- a/a10vthunder-orchestrator/Jobs/Management.cs +++ b/a10vthunder-orchestrator/Jobs/Management.cs @@ -78,11 +78,24 @@ public JobResult ProcessJob(ManagementJobConfiguration config) { if (ExistingCert) { - _logger.LogTrace($"Starting Replace Job for {config.JobCertificate.Alias}"); - Replace(config, InventoryResult, ApiClient); - _logger.LogTrace($"Finishing Replace Job for {config.JobCertificate.Alias}"); + if (config.Overwrite) + { + _logger.LogTrace($"Starting Replace Job for {config.JobCertificate.Alias}"); + Replace(config, InventoryResult, ApiClient); + _logger.LogTrace($"Finishing Replace Job for {config.JobCertificate.Alias}"); + } + else + { + return new JobResult + { + Result = OrchestratorJobStatusJobResult.Failure, + JobHistoryId = config.JobHistoryId, + FailureMessage = "You must use the overwrite flag to remove an existing certificate." + }; + } } - else + + if(!ExistingCert) { _logger.LogTrace($"Starting Add Job for {config.JobCertificate.Alias}"); Add(config, ApiClient); diff --git a/readme_source.md b/readme_source.md new file mode 100644 index 0000000..e808335 --- /dev/null +++ b/readme_source.md @@ -0,0 +1,135 @@ +**A10 Networks vThunder Orchestrator** + +**Overview** + +A10 vThunder AnyAgent allows an organization to inventory and deploy certificates in any domain that the appliance services. The AnyAgent deploys the appropriate files (.cer, .pem) within the defined directories and also performs and Inventory on the Items. + +This agent implements three job types – Inventory, Management Add, and Management Remove. Below are the steps necessary to configure this AnyAgent. It supports adding certificates with or without private keys. + + +**A10 vThunder Configuration** + +1. Read up on [A10 Networks ADC](https://a10networks.optrics.com/downloads/datasheets/Thunder-Application-Delivery-Controller-ADC.pdf) and how it works. +2. A user account is needed with the appropriate permissions on vThunder to manage certificates. + +**1. Create the New Certificate Store Type for the A10 vThunder Orchestrator** + +In Keyfactor Command create a new Certificate Store Type similar to the one below: + +#### STORE TYPE CONFIGURATION +SETTING TAB | CONFIG ELEMENT | DESCRIPTION +------|-----------|------------------ +Basic |Name |Descriptive name for the Store Type. A10 vThunder can be used. +Basic |Short Name |The short name that identifies the registered functionality of the orchestrator. Must be vThunderU +Basic |Custom Capability|Un checked +Basic |Job Types |Inventory, Add, and Remove are the supported job types. +Basic |Needs Server |Must be checked +Basic |Blueprint Allowed |checked +Basic |Requires Store Password |Determines if a store password is required when configuring an individual store. This must be unchecked. +Basic |Supports Entry Password |Determined if an individual entry within a store can have a password. This must be unchecked. +Advanced |Store Path Type| Determines how the user will enter the store path when setting up the cert store. Freeform +Advanced |Supports Custom Alias |Determines if an individual entry within a store can have a custom Alias. This must be Required +Advanced |Private Key Handling |Determines how the orchestrator deals with private keys. Required +Advanced |PFX Password Style |Determines password style for the PFX Password. Default +Custom Fields|protocol|Name:protocol Display Name:Protocol Type:Multiple Choice (http,https) Default Value:https Required:True +Custom Fields|allowInvalidCert|Name:allowInvalidCert Display Name:Allow Invalid Cert Type:Bool Default Value:false Required:True +Entry Parameters|N/A| There are no Entry Parameters + +**Basic Settings:** + +![](images/CertStoreType-Basic.gif) + +**Advanced Settings:** + +![](images/CertStoreType-Advanced.gif) + +**Custom Fields:** + +![](images/CertStoreType-CustomFields.gif) + +**Entry Params:** + +![](images/CertStoreType-EntryParameters.gif) + +**2. Register the A10 vThunder Orchestrator with Keyfactor** +See Keyfactor InstallingKeyfactorOrchestrators.pdf Documentation. Get from your Keyfactor contact/representative. + +**3. Create a A10 vThunder Certificate Store within Keyfactor Command** +In Keyfactor Command create a new Certificate Store similar to the one below + +![](images/CertStore1.gif) +![](images/CertStore2.gif) + +#### STORE CONFIGURATION +CONFIG ELEMENT |DESCRIPTION +----------------|--------------- +Category |The type of certificate store to be configured. Select category based on the display name configured above "VThunder Universal". +Container |This is a logical grouping of like stores. This configuration is optional and does not impact the functionality of the store. +Client Machine |The url to the vThunder api. This file should the url and port of the vThunder api sample vThunder.test.com:1113. +Store Path |This will be "cert". This is not used but just hard code it as "cert". +Allow Invalid Cert|Only used for testing should be false in production. +Protocol| http is only used for testing should be https in production +Orchestrator |This is the orchestrator server registered with the appropriate capabilities to manage this certificate store type. +Inventory Schedule |The interval that the system will use to report on what certificates are currently in the store. +Use SSL |This should be checked. +User |This is the user name for the vThunder api to access the certficate management functionality. +Password |This is the password for the vThunder api to access the certficate management functionality. + +*** + +#### Usage + +**Adding New Certificate No Map Entry** + +![](images/AddCertificateNoMapEntry.gif) + +*** + +**Adding New Certificate With Map Entry** + +![](images/AddCertificateWithMapEntry.gif) + +*** + +**Replace Certficate With Map Entry** + +![](images/ReplaceCertificateMapEntry.gif) + +*** + +**Replace Certficate No Map Entry** + +![](images/ReplaceCertificateNoMapEntry.gif) + +*** + +**Replace Certficate With Map Entry** + +![](images/ReplaceCertificateMapEntry.gif) + +*** + +**Replace Certficate No Map Entry** + +![](images/ReplaceCertificateNoMapEntry.gif) + +*** + +**Remove Certificate Map Entry** + +![](images/RemoveCertifcateMapEntry.gif) + +*** + +**Remove Certficate No Map Entry** + +![](images/RemoveCertificateNoMapEntry.gif) + + +#### TEST CASES +Case Number|Case Name|Case Description|Overwrite Flag|Alias Name|Expected Results|Passed +------------|---------|----------------|--------------|----------|----------------|-------------- +1|Fresh Add With Alias|Will create new certificate and private key on the vThunder appliance|true|KeyAndCertBTest|The new KeyAndCertBTest certificate and private key will be created in the ADC/SSL Cerificates area on vThunder.|True +1a|Fresh Add With Alias|Will create new certificate and private key on the vThunder appliance|false|KeyAndCertBTest|Error Saying Overwrite Flag Needs To Be Used|True + + From 64993d77570b8870d8b2869db3b028f9c820faf7 Mon Sep 17 00:00:00 2001 From: Keyfactor Date: Mon, 27 Jun 2022 19:15:40 +0000 Subject: [PATCH 11/20] Update generated README --- README.md | 177 ++++++++++++++++++++++++++++++++++++------------------ 1 file changed, 119 insertions(+), 58 deletions(-) diff --git a/README.md b/README.md index 06b3315..8ad40bd 100644 --- a/README.md +++ b/README.md @@ -1,96 +1,157 @@ # a10vThunder -## Windows-orchestrator A10 vThunder AnyAgent allows an organization to inventory and deploy certificates in any domain that the appliance services. The AnyAgent deploys the appropriate files (.cer, .pem) within the defined directories and also performs and Inventory on the Items. -## Production Ready +#### Integration status: + +## About the Keyfactor Universal Orchestrator Capability + +This repository contains a Universal Orchestrator Capability which is a plugin to the Keyfactor Universal Orchestrator. Within the Keyfactor Platform, Orchestrators are used to manage “certificate stores” — collections of certificates and roots of trust that are found within and used by various applications. + +The Universal Orchestrator is part of the Keyfactor software distribution and is available via the Keyfactor customer portal. For general instructions on installing Capabilities, see the “Keyfactor Command Orchestrator Installation and Configuration Guide” section of the Keyfactor documentation. For configuration details of this specific Capability, see below in this readme. + +The Universal Orchestrator is the successor to the Windows Orchestrator. This Capability plugin only works with the Universal Orchestrator and does not work with the Windows Orchestrator. + +--- + - -*** -## **A10 vThunder Configuration** + + +--- + +**A10 Networks vThunder Orchestrator** **Overview** -The A10 vThunder Agent allows a user to inventory certificates and manage (add/remove/replace) certificates from the A10 vThunder platform. +A10 vThunder AnyAgent allows an organization to inventory and deploy certificates in any domain that the appliance services. The AnyAgent deploys the appropriate files (.cer, .pem) within the defined directories and also performs and Inventory on the Items. + +This agent implements three job types – Inventory, Management Add, and Management Remove. Below are the steps necessary to configure this AnyAgent. It supports adding certificates with or without private keys. + -**1) Create the new Certificate store Type for the New A10 vThunder AnyAgent** +**A10 vThunder Configuration** + +1. Read up on [A10 Networks ADC](https://a10networks.optrics.com/downloads/datasheets/Thunder-Application-Delivery-Controller-ADC.pdf) and how it works. +2. A user account is needed with the appropriate permissions on vThunder to manage certificates. + +**1. Create the New Certificate Store Type for the A10 vThunder Orchestrator** In Keyfactor Command create a new Certificate Store Type similar to the one below: -![image.png](/Media/Images/CertStores.gif) +#### STORE TYPE CONFIGURATION +SETTING TAB | CONFIG ELEMENT | DESCRIPTION +------|-----------|------------------ +Basic |Name |Descriptive name for the Store Type. A10 vThunder can be used. +Basic |Short Name |The short name that identifies the registered functionality of the orchestrator. Must be vThunderU +Basic |Custom Capability|Un checked +Basic |Job Types |Inventory, Add, and Remove are the supported job types. +Basic |Needs Server |Must be checked +Basic |Blueprint Allowed |checked +Basic |Requires Store Password |Determines if a store password is required when configuring an individual store. This must be unchecked. +Basic |Supports Entry Password |Determined if an individual entry within a store can have a password. This must be unchecked. +Advanced |Store Path Type| Determines how the user will enter the store path when setting up the cert store. Freeform +Advanced |Supports Custom Alias |Determines if an individual entry within a store can have a custom Alias. This must be Required +Advanced |Private Key Handling |Determines how the orchestrator deals with private keys. Required +Advanced |PFX Password Style |Determines password style for the PFX Password. Default +Custom Fields|protocol|Name:protocol Display Name:Protocol Type:Multiple Choice (http,https) Default Value:https Required:True +Custom Fields|allowInvalidCert|Name:allowInvalidCert Display Name:Allow Invalid Cert Type:Bool Default Value:false Required:True +Entry Parameters|N/A| There are no Entry Parameters + +**Basic Settings:** + +![](images/CertStoreType-Basic.gif) + +**Advanced Settings:** + +![](images/CertStoreType-Advanced.gif) + +**Custom Fields:** + +![](images/CertStoreType-CustomFields.gif) + +**Entry Params:** + +![](images/CertStoreType-EntryParameters.gif) + +**2. Register the A10 vThunder Orchestrator with Keyfactor** +See Keyfactor InstallingKeyfactorOrchestrators.pdf Documentation. Get from your Keyfactor contact/representative. + +**3. Create a A10 vThunder Certificate Store within Keyfactor Command** +In Keyfactor Command create a new Certificate Store similar to the one below + +![](images/CertStore1.gif) +![](images/CertStore2.gif) + +#### STORE CONFIGURATION +CONFIG ELEMENT |DESCRIPTION +----------------|--------------- +Category |The type of certificate store to be configured. Select category based on the display name configured above "VThunder Universal". +Container |This is a logical grouping of like stores. This configuration is optional and does not impact the functionality of the store. +Client Machine |The url to the vThunder api. This file should the url and port of the vThunder api sample vThunder.test.com:1113. +Store Path |This will be "cert". This is not used but just hard code it as "cert". +Allow Invalid Cert|Only used for testing should be false in production. +Protocol| http is only used for testing should be https in production +Orchestrator |This is the orchestrator server registered with the appropriate capabilities to manage this certificate store type. +Inventory Schedule |The interval that the system will use to report on what certificates are currently in the store. +Use SSL |This should be checked. +User |This is the user name for the vThunder api to access the certficate management functionality. +Password |This is the password for the vThunder api to access the certficate management functionality. +*** -- **Name** – Required. The display name of the new Certificate Store Type -- **Short Name** – Required. MUST be "vThunder" +#### Usage -- **Needs Server, Blueprint Allowed** – checked as shown -- **Requires Store Password, Supports Entry Password** – unchecked as shown -- **Supports Custom Alias** – Forbidden. Not used. -- **Use PowerShell** – Unchecked -- **Store PathType** – Freeform (user will enter the the location of the store). -- **Private Keys** – Optional -- **PFX Password Style** – Default -- **Job Types** – Inventory, Add and Remove are the 3 job types implemented by this AnyAgent - - -**2) Register the A10 vThunder AnyAgent with Keyfactor** +**Adding New Certificate No Map Entry** -Open the Keyfactor Windows Agent Configuration Wizard and perform the tasks as illustrated below: +![](images/AddCertificateNoMapEntry.gif) -![image.png](/Media/Images/ConfigWizard1.gif) +*** -- Click **** +**Adding New Certificate With Map Entry** -![image.png](/Media/Images/ConfigWizard2.gif) +![](images/AddCertificateWithMapEntry.gif) -If you have configured the agent service previously, you should be able to skip to just click ****. Otherwise, enter the service account Username and Password you wish to run the Keyfactor Windows Agent Service under, click **** and click ****. +*** -![image.png](/Media/Images/ConfigWizard3.gif) +**Replace Certficate With Map Entry** -If you have configured the agent service previously, you should be able to skip to just re-enter the password to the service account the agent service will run under, click **** and then ****. +![](images/ReplaceCertificateMapEntry.gif) -![image.png](/Media/Images/ConfigWizard4.gif) +*** -Select the agent you are adding capabilities for (in this case, vThunder, and also select the specific capabilities (Inventory and Management in this example). Click ****. +**Replace Certficate No Map Entry** -![image.png](/Media/Images/ConfigWizard5.gif) +![](images/ReplaceCertificateNoMapEntry.gif) -For each AnyAgent implementation, check Load assemblies containing extension modules from other location , browse to the location of the compiled AnyAgent dlls, and click ****. Once all AnyAgents have been validated, click ****. +*** -![image.png](/Media/Images/ConfigWizard6.gif) +**Replace Certficate With Map Entry** -If the Keyfactor Agent Configuration Wizard configured everything correctly, you should see the dialog above. +![](images/ReplaceCertificateMapEntry.gif) -**3) Create a Cert Store within the Keyfactor Portal** +*** + +**Replace Certficate No Map Entry** + +![](images/ReplaceCertificateNoMapEntry.gif) -Navigate to Certificate Locations => Certificate Stores within Keyfactor Command to add an A10 vThunder certificate store. Below are the values that should be entered. +*** -![image.png](/Media/Images/CertStores.gif) +**Remove Certificate Map Entry** + +![](images/RemoveCertifcateMapEntry.gif) + +*** -- **Category** – Required. The vThunder category name must be selected -- **Container** – Optional. Select a container if utilized. -- **Client Machine** – Required. The server name or IP Address of the A10 vThunder API plus port. [Azure Test Machine](https://portal.azure.com/#@csspkioutlook.onmicrosoft.com/resource/subscriptions/b3114ff1-bb92-45b6-9bd6-e4a1eed8c91e/resourceGroups/kVThunderA10/providers/Microsoft.Compute/virtualMachines/kVThunderA10/overview) port is :1113 for ssl. -- **Store Path** – Required. This will be one of the following based on what you are looking to add to the store. -1. **[DomainName]\cert** where [DomainName] is the name of the domain in A10 vThunder you are looking to manage and inventory. +**Remove Certficate No Map Entry** -2. **cert** - This will use the default domain in A10 vThunder to manage and inventory **domain** certs +![](images/RemoveCertificateNoMapEntry.gif) -3. **[DomainName]\pubcert** - This will give you the ability to Inventory the Pub Cert Folder on the specified domain where [DomainName] is the name of the domain in A10 vThunder you are looking to inventory. -4. **pubcert** - This will use the default domain in A10 vThunder to manage and inventory **public certs** certs +#### TEST CASES +Case Number|Case Name|Case Description|Overwrite Flag|Alias Name|Expected Results|Passed +------------|---------|----------------|--------------|----------|----------------|-------------- +1|Fresh Add With Alias|Will create new certificate and private key on the vThunder appliance|true|KeyAndCertBTest|The new KeyAndCertBTest certificate and private key will be created in the ADC/SSL Cerificates area on vThunder.|True +1a|Fresh Add With Alias|Will create new certificate and private key on the vThunder appliance|false|KeyAndCertBTest|Error Saying Overwrite Flag Needs To Be Used|True -### App Config Settings -Keyfactor.AnyAgent.vThunder.dll.config (Deployed with all AnyAgent Binaries) -``` - - - - - - -``` -There are 2 App Config Settings -1. Protocol should always be **https** in **Production** but you may need to switch to **http** for **Testing** only -2. AllowInvalidCerts should be set to **false** in **Production**. It is set to **true** in **Dev/Test** since the VM we are testing with a vThunder VM that does not have a valid SSL Certificate on the Azure Platform. From 5ef56810276cbe41a319feb6211c16dbc9b20204 Mon Sep 17 00:00:00 2001 From: Brian Hill Date: Tue, 28 Jun 2022 06:02:09 -0700 Subject: [PATCH 12/20] Overwrite Error Message Update --- a10vthunder-orchestrator/Jobs/Management.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/a10vthunder-orchestrator/Jobs/Management.cs b/a10vthunder-orchestrator/Jobs/Management.cs index 1c91a19..a3b6050 100644 --- a/a10vthunder-orchestrator/Jobs/Management.cs +++ b/a10vthunder-orchestrator/Jobs/Management.cs @@ -90,7 +90,7 @@ public JobResult ProcessJob(ManagementJobConfiguration config) { Result = OrchestratorJobStatusJobResult.Failure, JobHistoryId = config.JobHistoryId, - FailureMessage = "You must use the overwrite flag to remove an existing certificate." + FailureMessage = "You must use the overwrite flag to replace an existing certificate." }; } } From 0f4257941a2666731fc5286573bb1360537bcdac Mon Sep 17 00:00:00 2001 From: Brian Hill Date: Tue, 28 Jun 2022 13:31:48 -0400 Subject: [PATCH 13/20] Update Readme --- Media/Images/AddPubCert.gif | Bin 0 -> 43736 bytes Media/Images/CertificateInventory.gif | Bin 0 -> 40616 bytes Media/Images/NewCertNewAlias.gif | Bin 0 -> 11323 bytes Media/Images/PubCertReplace.gif | Bin 0 -> 43676 bytes Media/Images/RemoveCertAndKey.gif | Bin 0 -> 38034 bytes Media/Images/RemovePubCert.gif | Bin 0 -> 37040 bytes Media/Images/ReplaceCertSameAlias.gif | Bin 0 -> 15262 bytes readme_source.md | 49 +++++++++++++------------- 8 files changed, 24 insertions(+), 25 deletions(-) create mode 100644 Media/Images/AddPubCert.gif create mode 100644 Media/Images/CertificateInventory.gif create mode 100644 Media/Images/NewCertNewAlias.gif create mode 100644 Media/Images/PubCertReplace.gif create mode 100644 Media/Images/RemoveCertAndKey.gif create mode 100644 Media/Images/RemovePubCert.gif create mode 100644 Media/Images/ReplaceCertSameAlias.gif diff --git a/Media/Images/AddPubCert.gif b/Media/Images/AddPubCert.gif new file mode 100644 index 0000000000000000000000000000000000000000..e6e3db1ebea7675f20b21eea4f24af3f8f3ee640 GIT binary patch literal 43736 zcmV((K;XYeNk%w1VUh!r0(SraA^8LW00000EC2ui0Fncf0*C(q{{RRf00@8p6fyug zgaJut085+zak>Wp0163A31X`fDs2)lUKBBZ6hDU&QJEPP5F8XX9U?j)HasR4U?&!Z zBr;tlF?u0Lj3ZK-B7nXm00Sc+B`Yq9C~vhWxdk!|Kra{uG9w``A8Rl$HZ5DKG<3N+ z3voIOeK!n^ISiXQ4yrs5$T}bsJ0&7IIXXExU^qC5J4aVIM{hYwn>ka2H<FT)I4B zhB#@ZI&H5xb=x_J#YX^6K@SK&8c#wfZa*-ALu9Q;6EZ_H9a2dEOG{@;V`4~Wno4@G zNq4_h1R_lXd{Yz#QWii_5Oq)40hpb|o&1(h>Zwx173vyx_ zTWBG2X(<3{J635pYHT}-XhAz?U`TIbVQXY{W_EgNfn9cguxYK~a123kH~@4{Qgc+B za8^8YS9WT1)OCV`d6uYglD%=b?SB9RegH{+3wD7dVSPDocWR7!oy>f#)qyYofHD<^ zL=1&GIE7d{fLVNjd3J<}hl0B0i4Am&IB|+WDT`rBiECJmbC`&Nor|2gjH1nn#qW|t z6_7z|mR~27gj|)e%#ys{na}QXs$?jlURb7RaHn*8rF~ncr>LH%i>0^Cr`YbaJa(*FZ>wMitZX`~ ziC=zMOo#pOm_vvA(m3zP8KCa)rovb-;xy!i71)l3K@{X~U?b#K6(W>h92&(oVs*0GG?q*K_WbKR?H-n@|A$EDiSvfSRs-r(fnrHbmjf$X<&?Z%Al z(4p?(u=ags61+DOja}YlG+V{?wIh6cPekfc!y{agqLW`u%vGj;w^d3lRS8BN=23zFW1g1 zY8M6_+L5hWh3`6TW(ZGG6|Ra~zrLb)vOvU&SL@!*yLV)}oN+-GEtIIylSq{=WQr?> zRc)+9D!N471}E_;!LE4@^gVkor}i{!mq zqxo=R#gm9(j1`E`XdbDjkbnc;R+vEN3__S;84@^)R0IOF${(a5K)-%(>pr?AzzMvWD(DgRs1pB zavFv6#B~#e^HdPmg|kK-TO@J<5R2f_1uH-RVFoT)h+`!XK`bK9FfI17)d*K;a}8Rg zXca{jSZ-9_ZHH8{(cFLX7jMGmADV zk9%ksYNH^3a4L{GPxUxz4gP=d*vyYXIH(dl{1NttQRc)j&XPb1Y3LTc{6~!qbCQu9 zutAQaj<50nqr_!vYKOre=JgmH?ZAs;npj==x zZn*`hjK)9J!Eb?0?$`g%I*!&cY67YDz*E#hnHjljJKvoV7<4`j#yLrJJU=ZWn>{iX`KB>?~ z)X*?pM9f?wmXxGud0lnap{Y$MZlbwNB5sD`i8iuW#fo_0iL>Z+)daD1mQ<2Ql5OW1 zQ_jw;lzNE2DZbN&{$lEE(ae6D;nwoYe91(OPCL;>O%j}4QVHPt?H!=sq#~x`vE#s# zn0kE&4H+<{o+6)1glW<8E?eYml+K*hjaYuT2|cP&$+6CJJcyJ64;(0wqsUJfIVV*yH?NCiy!t%QJJ(bW2Y?^1m9}Df-F> zn3RGl>b-CG)D&7wP3nk?$7%VGus>Xg+X)J+HL?O4@PH^OSu}W{pICH)7$(5oB9sE5 z2sNgut`aWa0y%C|alz zmHQ9#5~B_&G7&g}f%Jf$HLM99bNspu>=>y1}!K z2dLT@=8+GiT~gffJ9!AQi!=~NWY7_dC`?Nry!54qT8Y478uOS9IT8Hc@dR2d$tY}r zLysz$lnWlB7rC?JhU8%mOp1_%jXYsSq|`Quq)id%RD>s72t(`C@M>AJp>uLLCFuB2 z9Mt}ZK|0l`jaa||2<5y;d9b&$LzICN2<^lZdEmtYhF*75k{p*%AxqtpdeL^RH<67s5bMN zC3FY0Y>5U4DM}Imi_B38a#WA~2bp-y>oG6LidjOdDDlvxJgmV3Y6k6hH_KW1Y&sg? zKo5FL*+_Gq)7NFRfl9?t(+kb!&KbsYYhCk1udGtGvOx_yna!+LaEOsVVMayKF#ZfW z(uX%j;EHd4tK#MaOV~?Q)S(c%?c|!VQAy(F9a|`zE;UIQ5|R!PC(w*KPT;)7;*pHa zlw|G7N39gpYpp;Xi1129yvy`Lt?5!KG!p~8=Rq|dZc$@N6l4a0G)Ol8Ym`PKQTuf0`UiL9tT)ekc80^G8U&m#VTv6f)Uw?9afCsOj&?u z4b}9|HfaMFTOhG`t`UVG^n%Je!GktD!>52+CMn z9*ayq#_e(gQyk1lx4PHO?smKT-SCdLyys2tdfWTn_|CV!_s#Eq`}^Mj54gYwPVj;o z{NT(mcSFL>@P;>h+znPZx6y$Pef;C%7|*!IH_q{nd;H@d54p(xM^5sRoBZS`Pr1rh z&hnPK{N*r@xy)xy^P2xd;!tw9&UfxMocr7*;;^{QhfegO8~x}=PrA~V&h(}`edRw# z2+yZZb%{j%>MCKz)3?s`u6zCKU=O?4$NqAx7o_TF=egO}P7v#Y9+WY?Zzz=@l zZ=ZYI@4ofD7ryeB&-~^io%qF1{qb3!eCJ#L`q|2}G9*{EI=F*8*n>X!gFqOBLO6s(ScFD+gh-f#O1Okf*o02_gisiT zI+%bLrw`GHxF1i2nZ4n;m`&rV2UUQhi=G)N?>vL;EEWi z59M$IzM_YG=!YVQiYL$ox`Ynb;EFi&4~7VgiP(&zSBcOVjnX)c)L4zyD25X^@zwaSXYR80m~2$#mBk zk|H^hBw3Os>4;S550`KPO0XX%kO$;g{tX?70)o(nB^Zbt7z49_iy8-qXsCw%uz@n@ zjU2a!C}0W)nQ{7H4rgeO7>9~9ur()82ZERd4w(h?h=yYbl|=at+=zmufN?~EhFu_s z?jVQ|>6INA17UfP64;9yca~@fk<2!ej1ZA4xd_$p1iiSFO?i)VxR*1z2<`Zhh8c4w znV5>Xn2gz&(@2GKSqc7df;O;!4k?Hn=!QOtnWK1do5_I~n3aMU1QgkmD|v|ec!h!p zi^AA}REdUGd4*W%B{TU6TzPTkfSD7xl)5Pd`XHAbn2foJnTybIyU2^A@PNQshjMtF zRcUc5iH5#%nOdoi!x<@?c$nJ$IdqQMo!db59p|gpXhP9X>6W(ALdzyti%{6kOc_x53-qmOo;+& zp%1s2iNh#|8h8SCiHhr~4>FmB`miL_rAwHoiSg-|SqO?J*nwBj3qlv7foKCHYN2H* zpE4=B8CbRXsikRZrq)z&zP#TR1XrXSH53b0G zb9jZ78Ij`{iUDe+IQpNkn29LRnE(lk8E2uL35qKjpm2zRs0f#DXpR=0?CyQ znH2q4r2Z&$>3DGp>5%@unQ?oFrQax+Guf6Ed5C*znOEqW(fNs!nsIN+g^bgWOS-8r z7p0#1sh}FFN0@-SD3BEy10WckFxijeNTx^`k>^N?VyKRBN|ZV3o*5U0F9~uMdIrU? z48XbzUc!mD>6vuupbL7Z0V$7MS*ZuPC^^Xqny7{f8J$S*tHDZ{%%~6HaEBe}hSj=~ ztNN7P7@ecotJt~>!kVnDSq3i3sqorzqB^hiTCbjZf6*zUz%-mNnGev_nOsPL_OPs$ z8mqZFs~5M65b2o`h^QqvtROeAy2*hiK%qezk;iJMm`Jeyz?J^Gs~qQ?Rq&I7YLOp1 zv2xmwf|;TU`TntMII;Xg*v3Sa?L3*@c=!%3mhfEo! z)#@cdz_sXv2Splk3;2@y(6%5;t}(lk=gNRv3%A8th37B{-^#OwJ90srxQe^D(8zvt zII%}LnJj6U<9LgCYmQEPuw%-xcdCgsTZO7A1Xr66I7x_Ch^i4;4L{nk z7i+9tXmMi8v9~FVfor6F;0&&caqq~szi4sinWXw~4*xrkUNVCbxq&Qu!1jv*jB18m zXuMe(kMmo<^H5*u*^SLR!p9Y#7ykOSs4WW zf=~>@z<@_g!iJo}h@8mL8-Dp}tK_h#*{|IQ)h~yvg3E z!K5sRJ#uk+BZz!z$cL=R&>YP^8-Dq)48;JLJsA$gpbdgM44t423ycle><{7K&CRgD z%;3oVcn-60JnK9RoS+SJ3(Dw#4Ic!~--r&ounD_x&LxNq_?&TUQ4DhU4&v;Y%aCx# z3()?T5B7Y`N_h_6tV`jL&LwyavVhIi%n9FInEFu9o6rdsJ&zcT&GGQi*o^+p>ip6B z+|T~U(jo27&iu^MT+=okrI$F*biLPntq*pc*MJ?^{n*!pz1Dv%*ob}Cg}vBfeb|Zp*k{eyl8x1l z4cV4$)svmsNnP2O-Pud6*`WQ?obB19z0;w6+BH4erM=oDjM}cP$g0iSvTeApUE3%e z+q0e9oNC*=y~w)#+nC+k!mYTt4cx}M1%)cteejnmv6-n9MQ_7qT?cRhK)?7WY^j+Wfec$+<-}=4Z z{N3OF{ok0G-XFQ%C+x59ec%-!q**=R0N&sZ{@@TE;S%oO0*>5Im=DCj1u)>=GvE^< ziQzy%0W)9jA#!=K%_coOCvzyIhYT8KmitD1VP{o_8>04@QC>k3N>)$iwF)QAmr{%J&xJp zNB9lz9pC!U-tMgd3yyL-{^oEV=W;%=J>HB>Smo}G1I(aH{_$`PZ{Xe@fS*xl4-}9A zGp-MWP62G5gXKU0IWXgDP6$|z2o%8NQP}7dPy?*g=TA-n9dPK0N#;d}4{YGxB_QbX za0~7|0$dK&H9qIC9_zC1;B}seOn47bKmiv}3O$$;6i~5JNa%*HgC=+Zw2*_TP658# zY$u8;8XyBIqg!DiG70~KCm=A)!nAtvrW`5wTj_3!z=&mmA=Kk;y zFYD<3+)CKqBf#rOcn)>2;WH5LJV@pkUIm13@CWYx;`*TP`XKEwPU6zO?>LCzM&RBx zpdvh|@gbh+$DV_Uj^OUDgBs8A9xsILT>(8`gzqp3Ar1p&Q1k(R;$Ln7OK_ z2UEU-=kNy`4)shA@+U6y7|(+wzvgKk;|%}QuO9JgzxFsj@inM~`Jf6E5a=)7=`&yi z8?Nj-*y8Sx>l85ZLT>UXukr`Z@}=(bz8>QjQ1o#R=D@D-F;4VNZufZa-pdYziH_z% z=)N3o1UIh*JlOYOj_){_?2JGS?k)K^h!33}uw)_N{H)!U-uM%1VvvCxla0JZvjA{>FoZf@WbBZly2$wu7fSFgP0!lCP)FNo`0%N z138}$sIT|Z5ADSM*PW$>G{M!HI|BmdcJ_93g1^^*W zo<4&4_)w@pYM{JwQ7BX*$c};q3Q3w3JXpaQL5}+Hv7r$1p+0*eDU9&dQRPaOEnU8Z z8B^v=n);ai!{zTdJC;OgRvCpH13S|D(P11%i4@Sd!NxPRo%R#E$vi*cD9p z0z5Ln2$YQc6w)r1;z8}hH-ELFu@N~fattq;5+b%0ddk#L=pomiYyy%#4$%5cjU20 zAG?xHB8_T-Ev4Ql$YVGUQX`3iy=wa_FoFgv%s9^US#8Pa7ONn#&7>r#NS4-05~h4` z8Nnokc!P4Jl~&^+rq!OC{*tgVjT-^XmL&3EB`OVDX|s@+6RAt;4n;Ik>a5!eJM9eg zXAKO)Q(+@yo}ghIe*l@#C-;7e4?OWwSmd91PRQEJ8A4yK&be>d!Y7hlN{sD1T z2k+SxDEBJW=h965Ipl;qaB`=;PCpH*QhySGRh|oHMd1^Dws|6k4T0&^R$O%*k2`1q zk+#Mk&qX&~b=PIL-Kc`3U`U!I%8Vs?DCjdHd|A@#w=Z+6k|V^V%qJ8#q5DYQR-^2Q zUM3~mccybDfx)ED2r3DK-xP~NW0?2^7|^#cd${3vxTQnO$eGsCqNR^K)(7O3`fU@;lm!M! z%7pcP2_9A|hM^2+5_WCjEA`>qZ#Dp@DIa1Sa?&lq14Tq(ebnJ1q!|X0XY|8Wqacfz zMi2R=xHj;E|>_#|xaVBUT7aSAK?1ZmM5+V-M`wMb=ii(t%R*OD2O`RIf_ z%=+4@{=ts+oxp5AN!xbr!A(h3Geqk&7a;YyPk#3EUGSoSwPvE6TK=%04}4NzBxp+t zdL(fLF&J|8R7jO@sgnyuB`;k@rF=;wp)aA*os>jLj@&B)hSb+V8S2Ymw$!CB8KzZ= z`7@kw16V5>7N?MxwnU&{5!YfKivDp97ikkHtjfo@^zn|R@ybJI`=ZpsDaMPUXRK9Pf}68venvIG&(dV?BYk^s%A_J+-V?{AyUyN)&(A)vk9H;B*Q`{(%ml zP$lI^0$=Wx!HKH0NguVG;cjUqFl7m)JzNRp6neSA`n7X-DA{IwNE$t<45KL}X(a{f z5=idwrKd$LM`Bu)nHmdM6f#f#e&HbqxpPG7TSGbja}8DD4|@FZ4}jX>Tl)FrR?U1X zIDIuC^29bDwa^s%P_Q*ip!0k_A=iw&xIGj(cSUPEE^)K_9~#jWujfT?de222(u|-y zD=9~sk}#0Hnt&zws0<_z8^J5>(1Kxdh)6#PnOsuzH6py|+SHb~rK_dNQ&hZS7Pr{NFNU#s)jMPU8rRq>hq4Fg z5`qqS#N!&bp@0w~Lz)a!P9Eln!bwLuxHLh8$B8BBe+g2KkOa0MtO%VxNF!2%aI!B3 zi&H-MLS!Q&S;?eL6GD2y<9M9oAQVu7W)1>NS@NN;9HH_B7&preH?%JYxxjlF;t<-D zmcu4SbTCmol^8eL(T|37q>o}_N>|#_JV8`GG~q%Du&$y&wtx|g5RyQf%&>bENnkwb z--mW2z6+#tMA8I<4$@%+lt3`-MB+m&gId(24zWw#@n#cJMkRv`NvMsGCJQVAFEI>B z4Qf~g3=pHwEcFPnO>!5|I_A)c2DcCwEfq0C5GH~Jg{VZo9{HdJkT923e_P6ZAx0IV-HFsVu3|F~#N;rDLU~Z5Vl`kBNARt0 z)AV~L@5sfdRVRpxwB#K&oCv+`eY(^kgyF9H_DarSYYIdz<03w!pToWLmyJ6r=>~ex zh5qPv7v1Ro^^wHJ6i9DM|_R|zj($s ze(`e8N#P|wc@-z#@|XXL<2Ao|&Tk#^IH7##ML%iGm;T=LRq1@{Rlj=Fe*W~YhkfkV z&3f9`-u6A0eeQL?`*z>n_rC{zOkB@<;uqieb_;&;l@I*kAK&@Uhdz&%KYi+}zWLF| ze)hGmmFjoj`;Xs#_{Bf|%zxkf=V$x%$-jQ~7a#rahkw)6-+ubn|Mc<4fBv6tfByIX z`T7UI06a1OBftX8Jpn|(1k|1RGr$IPKpUG5d9a2#cmWw8rFOU&zkvhBITUY5f^V>a zxuAy^IHf>=gwYBneAqyG2!dsxg3ekA43q~IN68O#Skj6yQ( zh$oAVbkKr!Fo78igHC{i4C_J^1ST4^hbw@GL{LMHFhfM_K~Q{&IedvHBSko5!$hmY zm$^fj$wNMb#aOJH=)ea#s6v8}K_JYBS9pOJID>KUL41e=G{}b&EJi`dgbHMndx(Sz zqy$k^2S&Juz9EMg7>7S}i(RZhL7+lmC_!?_6nBt=Ud$ah%mH1Pf)^;qd_cz+K!S~s z2XL?gD<}iL5JqR*KzzW1cz~|j(1l+9#DR_Y#FSvibi{&K@`gto#30y+TKt52$b@;hL{LuTy7 zGe`|>v_O^=D0`?#c9h70Xa^i1h9Izpiqx`;tROg`gmJ_HBN0b(oU(c3g7Fr8Dbq-fJjZk_M^D6oQJ4Z4V1$=^MOkFaw%j}Dum>2Z!9i>bLQDn9s5oPw zK_!$Ok1R$&)CX|P8c4W{e3%BgR2i9+48)WNVVEy0d4W%0!Hvj=R3OGg;Ei_(18eaH z7~qY2xJY3D%yNJTZ!orY$dvwKEX>24OM)N=yi|s|YzrS0&ADiY8E^)BU`Tz)!Xyd9 zc(BY*!UivS!@#Ud&(tzGNRpLAK_9G4W1EIdkwfIf2S3Oi=JZHZ9K;z&iFc3#9L$GX zfCx9_GFNy^aEQ$8BnfNG2UjS^Y0v?AXa}_HLfRmQ48(^pFt%@CPt07Z&9sLqAjn?O zGBQ*`->d@OfQLxv%K7|E<%C1z1Wi4e&+;G#`dmx5)X)vZk?4raxy;432*ck{!Cr_2 z*{MYJ|6zcmqv>Ltc}?IBdl=?NWL8 z(nej+xyVosrPN9V5`?iumIzV#?8^M?McVL7FO1YXJW_)22BSRHaad6~wU+yI)HsPp zD&PV;@Pi&@)m6=l7q9{@;MFO}15y>mii!jo;DSl8#(~6D?Yu#H$N_kW19W)9g51c; z2vA?3hb>gkNPScnrAxOER5HyAYeZAdR8vvaPFIryF2I6Fz(HIM)tx-n7vNPcu!6|E z!)m=&6p}(g{*BdHt<|N{gcmr-#w1o=wE}D8Qe4cyY+cc9?bb-O2}_mOiG54x_`^W# zRv8r23erz-*uoSQ)fE-fQZ2@i49QA>(?9h>e0T$9fP}!H2PSM4SFqJeTvElT0>2vB zVC@U{B#04JQbcUb+-Zjzc!fM@OiIYv*T~eKMFSmVRE2$2R`pZKFiJoLS6n<(ADz=1 zY)>}D!JB>4I0adFWzjo@)R}!+Hk3j@jah=D*^X!japg5PEz^Zf*lu-LAY9c+rP#j( zTq8unR$0O(ludbfPI<`7y%bHvozqBFO~qwRO??3{smw<-&w(h1DG(@Oumb5UTDYy* z?5s`xjI4ylG`4&o(8!gCZ$QlZ3Qnsv+!-Xp(!I@wlmo;hhZlInd?2u56tH%X0i<-$ za>dYPFor}%=gzVHoa^TLTV%M`E+c|8{^Gwg+ zWJmTKM*1SqRuo>O6d3&+2>xtBnf+RPU^tS<*#Kpeci4z)6Ky zV6lk639LXou+7756_or%=RDDOrPH~f$r<1Up5@K1yijMrNp2LV5iCb}n1)@Y)zS6B zf-K2ap$4gZFPfBrXKYO^>^fV|YVeW<1mvl$PbhTYwS2i4BFU-mp5Xzp^g?aqpR;)!P z78s>u%2+~S6|U8Mh~ZtO$~l`ILMN>k-p6y)2A9KL&?11>OvL5QvVh=bd@ zihAIIsPKnL<_doZh3?@Be84IlQHK$+WUS!i4dIDWewSM~0sc{Hx5dOucN4j${Tr*Ar5lPzO|&WJf~|prNpR!=VFxal12d54S186X2qY3PT3qoda9TcCm?@CB>RX|vwyuHFfuR#yX|X`3c%O$davCIfls zWVxp6d*Ujom@zw|Yek1)R z5Kep}?dERp&H?jS>UExHk(O}Y)(36)4`H~Kd+v@3k1c(G?l&?J`UY?3u7?Y6Z}V{O ze5mKr&MO7P@f@#?%!3DAFalFJ=SXJnrS^sa!H2@$=5P-FZ{sL@;E01_9l>RR^^X|^YDHVZ07R+@N!koaQ@zAI~V7iz=vVzg)qP8LvL_Y=FOj) zZ*Ud{BhT(YH*zwlaT~vJ9XIt;hl%-X2OYQv0f!N#hG$_YgIS<;hD-8N4)c(1@^O%L zTAzhZh-7*&foU*>de8#s*78ZVYG0p)|8{dRzvMbMbM{ViI9&5hSMnwAhZ*1mU#I4E zmi9Z}?mXY~@a}U>{&RMA^KI{TTBl}gUUpx1cAWlLbna;MVt@4DW=T3+6PZ#H2uk}$UbpS&3hllu%aJ_!$g4ohQ1Ly5(Z-*=(5tSxw^)*Z}bN6 zdT{j^NAdjT4s@S$b&vBbPx7IMkq&qH+k$y;AF6`P%{qS)~Lu=Xo>#hjw@YE%aMHYd$!Fv9^4yx^qatO-5gFa2D#|=MG&c14^jX z(@%Za=haZgiN@xFI>_beXNS(t_J3&nz#r|mA0R=B$k{$N*f!*C?lE1DXBn z=2s&Xp!&$^kcUrBo{SbT zCiKPwVZnn!^+lZ;RGu;%wIU8zYoY#azjUrWg(V^3>T+<4i`|#cs zwBC}0rR(=ESaN3{RwYbUAK0|?V!$(K*DJ@Lk|$H1sqdB*G?h1V?(F$9=+L51{?!*( zUtfoh1)dgISm^7&@`NQ_UD{z{u?Dw_yL~!!Lffr{+O}F;puHGq^EJEeyerszy$SE8 zelT}edspBka&|muy zCbF1Vf-8pQjvpd2LeG2tFXRE^EAJtZAsn;RID=HE3G-fj^VN4>esl5XAAtI#DC0w` z$@An4`L)>Jj~0O_B8daFljA3GwS&VbQ^3H;lUlV%rI^YIbPq-PlvAJ#Zl1OpjW#02 z5RdPjF-}$ZM1saZ_T;!D4#aSY7Jc^Nmk>U9#8b;SOL-Zh4EbHTpo9X|7v6fMntCd# zsj9kas-?xn6+JbebN8DIRSA;=TDUr64~F_2 znbcyC8d)18%nn6Ero{?`Y+w1Lf~Y*$bZacQ(Rq7pQT9+lVm_P@x?6Oq0DCOA`25RYkSS}XonxE{1C58{$*Zk6*5L=O^Zfg|U#Xq8imMcR_XEkeoZ^;A1Blrq$s z+n)PvQ3F{NCOLq@kl#IR?dh;S?!qfCSoH!c4>iU_l}{vDP)cvf_&`FftWwshk*3+A zwedLZB>he=`Up%at66KkHP>Bxt+lI9Ej3$G0;QAiMfuP+&~SyVY!Am&85Gq$)y;;6 zril>q)No|$$CSr#L;4!A_aYZ}RA342nnA&<<6V z7}=ZabN)8dY0u{|JueUBH`ZTkzdiTed;h&kVgGHB3|yE$g@@7u-?rVfjcGm?R=n^@ zRIUe)IXyYR69+n!Bjk7Ml=D9G$q#s2%9A_>7{B@D>;>?XUnSNC6?y?mcGt3;1@G6i z@|`bzo^#l%bTI`4Hq3xqc}4l`Pz7JuZ*qV$9&%s@GTFJ#V+t%_$5vQ9?>Nk3zq_6U zdzZiprbb`y3DX22*ATLi4}RzyoeKkq7In0?#HT4&fG&z; zWSj8ZMmc)KO+da_oj~q}m>Rqy53`{}70LocY`t(CY_yg}VpfSiDkO4kyk8RkBoE2y z{-<))xg5YecSeMa5p=^5WC@!hG%2kRjw+iT3}^Q-MT%0Cgj7ngUKK>J{1A>5(T zVQmwixRF7f5M#ZVB_$mjoq_@N8Ly}j5uozmna>=vtRni8d25qeLZkP=KH9_nP3_0ZL?8oA=uP*T(1S$yf=~%W7=yXT6v{X}`1H@0 zG5Tskrb?x^h6+X|B5R-WWTY1;Ay8HXl2jm>IjK^$K~{Yd5~3v66QLD}`Z3-7@}VLw zsPG^V`fEp3=86}fA*7{r9bLN$6*&w>Ab0W;RU#oGLC}moHPS2bxY?r@4C+D210r92 zTDHZq$Sp&SVW#fd)u}4=sm47na+3?1=Po?KzA*D84F-5yk_Up$rRYs!a;*_lozC|X7JJDmgOXma!kR=(jpN#L?)^* z7%Ml^Am>2v0!Xh6`njSerJJpC4>*5h#@{XSo?|WRl0esSh5ovogiFm_d5D8wgB40U zVvr46A_oRmNLi$mI6=0VQtNPeY3f(a+N#9E@=!_{j;#xTEMlzWWTVp8DkaD*-j1iFqqHeUHMPY= zCfACnw<;6s6~8nhQ5A@@`q8LX8Pj_{aVAGu5mHO?GD3t7@wpMSAy3zm zHx{1QUO|m*3y*g%bRi-w^?Qj0|2e1fgO6|jLmTmB{(HIO9^lec3^6k(i>-GvOMX=d zjzB9TvG}47a6}fACu3IvOSUqBw5%@>li09swNja_lp-Qm=ckJ_8${b<3fv-A9;yN` zjU7@-Qy`Hy2IH}Bpf1_}N|`V!F&p9G4wl~nHE?V8uB}AE;sdEWN1bM}d?X@2?+C*O zNe|6-<|FgOLRX`6A2O{N4QT^2^e5XXkIZ9mkx8SKp}k=}$vyvHGnkP0^V2VNt_xg` zAAIDMzjm42G`{thJN}RS7f;GD?+59=H~1cQU=)I=4{$Bc)b;aoIwi05V0WI%9)MJZG|gHB115u1A2_} zyoR+&(UnjEW%cNVh09R`lR6#wT4T9RP-4XDK*doMV1{_ zmK0$jONhgN5hEBLqlWEY`yfgg0-*lyIRpVlk>Q<^5P@80(VjP46dtBc1cDS3enJnj zPAUY#7CajcT%s9%;2~NKWUZV1AYD?l5Is=DYyi&gMVp}|206sQEzw}F*dVU)VA6md z4<4aGP@_Wx;S%lOE;&RvVo*FZBqAwIFZd4>o}q;p(x_$QoNQws3FAt@9Wsd|GL~dh z(H%J5oh}lDKXsoRYRNnFW8gIe;d#z=B?w8ilSyGmJD?Qy{hl`ZLcvU4QvA;4Z6EHL z%?o7C3mBT{RY+!)RU36)9r8q>Ln6Z5K=2ldJRH#t9+&8X z?7-(rn%OfV5@T|caLwj;*5*f2=6_vgW*(>)Ss1pd#&wAoM)f1NDcFOWS8Vu&9736R z5vY6_D1vtA_b6y<{?UbcO;0|=OcNccl40I7IzsD~b@_JF7fky0GXPKSTlvz`!W*sG!D#I)nicSb!-A=>|+djz;PW zkN_j-#3XE?N9Y43fJB?VsjI3AoyMxH&Z>FY=||vcA@IOI^uq?^Xg{0)p)5g;w!;9d zX*&==kN&{^quRp=pam-Es%cni4>-e1l<7L~Xqv96KY&80I)b9!#3Ud9381PzkN^Tq z!bh~~tFCLQ(5kz>E4(t7t)?oDW^15M>%BU|rS2+^^6NNsgRXW&FlfQP`fI^<#HHG6 zKQus@{zE+&0IJqRxr(bmnCrNvE4yaw7sV^bcC5!{#JqL{uCD36Uh2M*slTFv1ms8v z901B1EWUmN3CI8)Osl=F!vN$65%lX#Oe_glY{Yhix@s)Zj>pFyEz-hk$o|8~=4-y5 zY`>DJG>EB36fBuuYCSOQuG*}cIxNJhn7LAHNDOV!mhEySE!w7SoGxwCmh7}bZJCm3 zKPdhy(_(`_JZndIgS0wBJs|7WQfna)!aw+fBZz5C0>#e;tw)fp**5NGs4e71u8Xm4 zy>_kJ>MOpYEXvx07?1#GL8_!u>fY*uGDrZ;;%ho^fDq_Iq?AEUD>O}4aukaq&?kZRB{x0%L?C>rx^U_!GCfD&Muk^A+^H#6*j@R=d zSM*LV_mal-elPgKm`rT%*N|`bo-de&ullYphRMX4!q@wvul#Zb`_`}hf`?3KAs2e# z{PyqT`UQvN$gniWLtKuQ-Y){D+PB@`doi&8KCqI}#cJ#Y6d5p#CNKuK7~7fe*8XrX z1W)f@Ot9FP$Rc25C~^TFVQ2=gu!yl;xV@UmdybJF%?UgNO~Kc9haTO@DX=0_13TnIfbH( zryA0fd@#inSFsu!SY^&wjR_eX$FUsGv5*lNo_R4I^BEX71rOZA7C`7iL^0#|@ER8~ ze|c~oC$e&dunqITY;00Y>TuG83?Un`B|EPoXEOdVau|=W5m-SPltpwXgD9r(C7<#k zYqBbv8!ESQydv@{$FgR+GA+|8EXy)3CulA2GM(OXF8}g}^0F{fsV@Vw{xK)%FekGD zA2TyMm@+@}Um+v_T&HHWlzNvsxfu{NKy*Q5oFi8M>E7u=x+O2@SK zcttn2v`yElW!$k$?{rFc#WLJ9P-E{*@GnmnHP>_nKL@o^SJwiYv{65`sdUAhEj3j~ zS5reZR>P`QECWbawO6Obw-I$#kM(-^^jDv?bA&ZnueExZHCn&^b$jJ6ThFz5xHVkg z^_$5xUGMd1*fn1N^+TvNUk~YnV2iY16SienhG8ef zJv4!~yn`E52r3{zuSE7_hje9MHfl$(Q2ew~pn?MY4{D%-41hqGkalTT^J%BHZs$a1 zhuRW+Tx@HBHzdG8*!FEdb8hdpa??a_3j{q7w?oJSj^=}7kAra^cQPmUa&LEdZFM01 zc68&Ylr(`BTsL+Lvvza0dMlH6xAtpaPjC-U1hjx;pLcfa^?K*G_f7?CXT)ZAwi^_M zc(Voq)VF=3H-784g4<|&GYw)R0G~Ft@8Lru82Ewja(ezRxPmwLg;#ZkYj}Qhc!w|b zhl99!i};8Kb&20;JOphQ0(2ZntWKLmi>K<0PewjCwTUAcil_KZuebnVK%T!#Jc0+1 zYbz8$6CePRBR~M;K{}Lxj+=xx3^_{p!xwz(Kdb`=H0(#*gA)j@PWXc@Q0?+fpnue4!ZTdoLm3su1YdNa=!!l@jo`WgV zy7-`n`Iyg|Pj|JMpLv3#gqv%|Kd5=brb7l~x&$P40(2_!wK)~|LOOIh0uc8<*u#+r zKnn~xJNST-3ynX3!3%u4pIbSW%fl*6zy=_I0gQt`gn|Ab{Q0G006K^Qk~6?T?0T<$ zL$52lKL`VoI{>gVdZUxMRZMlHd-$Z2hAlj{KRiOfUizkYL^?14DZm3Ln1H^lDV>ly zx~n@6gnI@w!#nJO2f)J@AlmU&f_`A{0HO7OqElL(+#T(+B$}fO!(wf(J-<0>IB0G=sJ4LpF%PlAn7o zoWp0E{m7$ziqW(-u)R{FIY^{~l3RJqn|sdpy`r{*vhIDqu=mVyUGB&c++2?HVsOfYo#{*Plvj~_vX6giS)Ns}j0rc}9-WlNVYVaAj> zlV;75`f%pdxf3V4W$5I|<2jUQQKLtZCRMtWX;Y_9p+=QDm1nTRC>ktM4D(wqgI-4XZcsS-ydR>h)`rabw4i zAxD-xnR4ZsPtj>xwwZHh&!0hu7CoADY15}sr&hh1b!*qJVaJv|dvsQocrEAFy_F_apT94Cs)3ld2{E+ZLh>VoO*TZ*Rf~Uz8&Us@87|P7eAhSd7aT!PUpU! zeS7!s;l~eYo_>A%_wnaXjy|RSdinnW3{b!U2~_ z%`vBJ)6D^~j8o1zztd7AF4xRc&pr9#q?{9PzNL z)~V%r>-8oFUH+zcA=`W?e*p<+(5@J5d?I;421;s{2OKM`D5G(3wJML*Rbhv0jGX6HXc| zvz32=`G?)%!wM{D+3D|`+NojXd)}y|9UMlf{EU^Shhr8w@-6@T^pm%|=Dn(Lhf~}E z5tuH4$35f_xr5d4T`YW;3+vU68NBNqa)8@Zo>w%nNl#+<2m=WnXaafI zg9`G>{s$+<(LKGvEQmuao)Psy5BJ^h4Z8E&%w8r89mFFQTF@B`tk}HiJy9rPd|w%L z=EWi&kxm6n;2#0mwFM64aXjIo12u>*AL=B7t-}{RY^RTX`C?zh(?>p15jB1MD_}<; zm^a*rlcc3X2OdlX49%u9i5ZNCzzd}+4+%UzMkR?mi5}9LSTk4#O^ZU|Vm?x7uvqFN z9WKjQz(ROQNLWE{-rHmloRPnG4YQcQtd}fd<;Os7lbg^QBu@&tlS6tAUnz8CzR39r zXHN28vf~05rf^N1u?X zHqM{wgMt>s;LK)d!6|%#gF*R52w?`reDuPWwu70(>`?^(zQdC3kU{Q5X+s?9lpa;w zq-Jr#S$&X0kCB)qRJfWGuR?XAx=b1st%$|$#ejJ32t&PCOGMY|Y3_@wg3|J+mQ9)&*VSe>{!GFQ3j}W7d#2sdEcCi#w@9vn# z1d}52^YP%f~^P1rtXF1QA&UMyNnC+ZrJ@1*%efG0e@c#T~K@XbHg*J4V z1AS;kFPhPfcJz|k%#k-gn$nfF^rbP~oJ41u)1CJ8r$4=ELk5M^r8f1cQJrd4uR188 zcJ-@a9cu=O`eg}Hnyhi1YhCa9IJ7RWt$7`6VGou znR);E+x_r12O*x5chnmmo2_>~b`kVi=bY+Qw>pA$o^Z~r{NMwZ$2pn-k8-bE=JtO2G62eq zmF0uxhP?XQ;U0JJWWD4oLwjmTPVjtehI3?ZxlXK0@20n|?c$XC;Srzss?Z(elQnnV zSJrS3a{b{-Px{{PKJ%hrT=AXv{O1{8@Smf*?)rd7y7R$xv&5U^=eT^-H$!sHf1dWW ze>>f^ZF}AC9`3le&+K_0eBpQ7_w@n(@R6VVVi%u2$5;OIp)YIZo5%UlxBm4rJ^k`j zAN$?+{-U3)kGqVY{N*?Q`O%+#^^gDi?RUSW!~cH%`Olx~@u&a&$wM3c@1Otu_y7L^ zFaQN`08_*M@b3V>V;NX&0U59X9q<7mFajlT0x7TpE${*{FatGk10T=;5%2?6 zF&qWa94n3c(D7K&XAt~bl8^Z1@XW=W$&D73e7Lt-A7p^POk}G@B)Z*b9$TBJ4 zk}Tt47Mh_ecOfv*0W4RJBAJ?HmsB(GpT2U4?xi z)LJqq;vo`}pei>qBTsVyM=~A~ffj;79jeH5KC{$9^CevpG+mN4UDF*;O%bP(Bwc}o zYBM9>U^nBz6*?%z0y7?zp@OCo9wMQGbW_y^vMcA(I^z-^ilG_Kk}|s!)yC2|uX8f( zvebO>JHHMi&p|RtZQV%i{vFh_Ez^@cCGYFl6V<|D7ci1MEAuk#Z5Sp&5a#U~(kC7Q z2Z@$J?d)wCNX{r+k0;Qfagq%w&S4S)p%Ww&K|3QudE!AeQw?p4lPXn{ zH$}5Gm6B?}VK!}(Hg8i#S9CW~%_mb694crygF+ZcNFLmw3XI_$gtRMDp%OF_9jK~C zsk1!eVLatBF4Ge|(bFw^K|9TIJgf9BB@r*{k|Z&7Jx%Q$Fq9-0^GT&tF}V{P#GyXz zQ`Mdn9l~KbzceT;Gt&M+8dyQzvjp28bqOen%;qvuf}G z5|kiAfX{72r*dHapcJf9lcEBLG$vCathgTaL%oADGtePF5_MSeHjfhxOw>e0QbkFU zMKh9Lz#&y7GK*%kC{c&Gf}%DRDkgcd)Nqt4k5f2flDX7@DO1dJDu_0D;2q##4oXur zAwgKTvP(;CEWc7L#}ghp0Uf?{OGOhc^Kv=0v`)D+7rm4+&p|!c(lNgiP2tlmN#QK@ zv(y@M7v$4U%k5qH(@yb}KC5y+E3+5! zGA!#>Ou=(7qjXE}^fo?1PmkgqQub-0QyxY&d|qs2lwk(u0AP{;9b5rmlIeDOCz&ku z1@_B&UH}IysfYk(A~Sb$UmytpYI0wfb5{mB0cHl+Z9GnP3Tg}|P!?cFNF917b<^!0 zroawTHXd{VUQpGz9C>3p>|`JLwhz6m2m-IbVP}h7K#={kCtk; zRsLzg!9|;vD4!P9fK_SLw|-I68G>{-wN@TdY$>UdNZFH(kaQ!F(rjgw)Xo!1=hk1T z)NQ{mUUva57dT+owSp(pE8UfE<+3o*HBINVJKy0t4fio2I5HL2KWm6nFNt<5h#jWj z48-9a{D6d%;l;Fp8f2gp&LI+J07KbI4zOSfstRS5ml5*e7P>$i&Or`_cnZou8?s?` zYWNIpSW#W5gQmEOF~}8apcl}A8fKvIwgo9H6$S+Kl8E8O!cGomfD~kSc#yY;n*oFv z0Ufe|3N-eHq8BHiGY4pL5X8Y6rhpOP;T6nS9I_aP$?JQs;%6@~XrmT7N$7kT{%|#E z6*fb1e1+C&HsX^Ip|;aiybikpdh-myuYQa;Zj? zYM>cL6^DLjVxjj86xN$-U>W29x;8@_UZIqf0SBsPRPiC5ub6UG44mHqk6R}b7)Cst z?;22dB3<^4IL030DW9Q>s&Zl)ZdP%c;enn*rw)3@q7F4DtESNRM5$xk*zT$PfN{`&l2r`&}Z{v@Kf2 zQag`V8+=%Hu4IX5{dz}OLZWV^nL6FBgBvE!EnHL5=0e5<4 z8g%!PhQX*H{HwfZo+&zvhg*_Vd%hbveC?a00rI|&+-`TVzo+rGm4bK!Mt40NpfU_} zLz2POJ7e`)$mIo``B!5qsC122x~p7|e+PE~1_?~OIV$za2@0SfA$74=V@Qm~Tc>#e zrUu%MX0J+P79x0)K)Q*%$m=@?^V`TnImwZlzZ>1Zq5ga+7*QO;*-64bv5L^={qON0u2rT_-{v zLRaqB3tXa zUEmG=;Pai}Rn61Iq2V3=;UPZaC4S;5zT(MI9vHsjHGbnczT+c)-Q6Ak;GGajzT{1Q z4M9HS>2KsuzU5v10N&3i{AS(@#&#H>ZN|_slMtpk?5Nq29LhkmA>n}UI&>z>#uL?k^Jk;{_MN`wzqKY z*}m=F{_WvD?&W^&>Avpm-Uz#p1<4-m`M&Q@jR$)y@CBbe@_rlr{_qi>0|9^V8NczV zqwrO5?-PIWyMFN<|MD?kHy}R+C7<#=Kj= z*MAJ<-{0vSCF6k@?0^&i0v$0sq~sYqh%n*7c-j;?R2VPZtckOFjeB^I*}sh(J9_Mh z&ZD-EBt7aIHtwG^EhSreTz9~wOqu4K&2$O#rpJB;^y&Nwl%zjTL5mtaiZrRxrA(VT zeF~MSzNu8JR$YcMt5%FywZ033W~*3?>Zp`jsO*JWwKZtTi~>OBqd>&lJw;jtV1r(_oy{8!uAj z8Ezkf(^xcQ$B{w(8SJ^fbM3}bJz$*Exs^NU4>?OwmHP;%Do2f-T@7hZP>#WS8m z=nVE5f9UA)f?WMAgkXQ<;rEb!+JQA-Byy$Zpg{$GH&w7C?FZuKkx$p$2tBFzzUw2*;5w&8{k6XUE?fFDFSkdi;5NC3keG5I6M z3l^C24?aE25kpGrU3L^| zrK&@I#Y4?ngN*ZzYA@hG3p|kAB@Z|-xRuSNx3VWsi)wLU8d~ceq|OwVr8Pyeb@96D zeHK3Cm##8g3IiosCJW9BR;V>YL9njXR0s5o@96nJv<0Y3H#q5(e zL*HXlJsrpc{t1`<_~KjAO8&!BJZq#xHAn5p{LeZ1?)X>W^nlPd(ufFyh z1`?fT^5R!BbaIUx$#SP2vGVAe13Kzij6*ZiLVn$~u7ag241(}NnINqv(d!FXEJMtD z&4h~t^DaJr>qLI6?y4BR+wTH8{g&Ea@80l*F5r_zgGzfC)ZmP#kFxqD~yq;YRQggQ;AD z6WLG_DzZ?VuFVZ>28f3m7;(3M=pz`w;RsCp=Cpbk;DzI$;zp3OoPMC~X)%#vDonu} zFfMM5Y;2<&OVv2X@h&TpLkQ)ja6s<7Vs+#Rok2!7I)k|54UF*BY0jf8*{R5O>jB3U zl3+4w%`q?Tn;h_VRlyCpf-r$p7b!LeBVUmskc~+Yh7J-gMnq&5yU2!UN?DfCR8W%D zs-zt$gBVq6XdHg*T!Z`=))Xxkbo(a z$V1}j!y00+0H3B<#d972i%;94-0I{-CPvXX{b<15m?Y0wI3taPd!t7`3eu3CDvs5e zC_?DXg{VV2(#M%qgEK7eCe%F@lh4G(}TP zS}amS`l`(9Di|{JI13)C5z-5C@H`OyM1&+PiI<1~9B{f&4_w0MlFGP}p#I_PA4Qwt zM&vO!eTbum8raBG7+NRH-m@pa>C)J0*b~vNLj#)qM>`&+Hn!pHZRKoiKJA8DBc&uC zJ`tf({DFzYHUl3(5EEuOI#H1-ce%{{C`n6N)P$hatOYxVCfFyCN6K_`$z+5!zN-y! zbP|!U%W3kSwJg4>g_hCHN?GZ0$-6AIso8vLEM37sbrsT?S4C>PB9XC8E+&>>Jp(hq zJ0XF+S9_V{B__KIUTx?rzk-BoRn;|#SJJB&2ri6@<`R!R(&Cs)1*|q%#?6}qg8*Vm zMgX)BStX`}11~tjZ6V7NDM>&ER{F<1B=rI$)~Oy8NXa+yGy~j({w5G}$mhsj00S;~bn2W-a>?hGHX_Lk_;nraL_dWWIpclc0r&#Outu z+-fl+n-z-+@=P3bZWpQvcWA<*qQKH9#f9#-zyA&JfQR({(1?chK^6^`UatiS3t9_H z#qDspK3OfE=~YryJX{{- z2rJ1T&WKuRoUGWkDYun6@o}3RUB*y%4T$m7wEQK+EPp0qW*|#@AtndTP={c3LRf)o zed}EBy4RmV@I(tN(G2lUJeIMH36ZE5YES!k=7Nr0uzfGfkT8Ju65-E$NJ1dj%6rQm z8S;FnKnYw1GZK6bxeIP?7J?20e`guJc>7x%f047N-K2kye1yF-c(p4YA&Gx{ zWZcg9yC0{(FmGRNBwP z_PcMs^Pdm>#q}QKzem3H@pJsKs6!FfzJ7GG?|p$OUnb0tzWL9O{`5O#`UbCl_}>rz z_{)F(cp1M-%CG+X>wo|Jm*Sz_j~@U?e*;K>1!#cnWq&P!fBnaR4d{Sg$9}LTfCor{ z6=;DMh!F``5)1f%9q54{xLgs~UK5CcC1`>t7=Ic_5*!GEE$D(TXgDGmT_lKtHE4r3 zn0)&-8!*U&J?MkbA%jIlgE&ZpMQDV1p@JVlSVzc&P3VMA2!+5GgeEnFQD}u%NP$V{ z5iIzFUFd~h_!Cn&NmYo2WoU-*r-dNFZ~kD&hHdDE9T9eDCx>%LhjnO&cZi31sE2#V zhkfXWe+YsB(#~D2ua5i?wKrw}^|mNK&Wx52?tCzX*)b z=Zd!&i@Iox$B2x{sEo__iM;5G!3d4f2!a2Xi^a%{*NBbTsEykwiq5!((g=>>*mc8b zi|D|O=ZKE!sE*s{jXNlg?+A|o7k21CkM(Ge_lS@AsE_-|kNxP6{|Jx)DUbt6kOgUw z2Z@jgsgMiFkOJ9`HWH5!DUr=Z{*JY1j_Zh#8L5#Q8Hx|-G7|}sA^AoXNsHFVktd0g zDT$IEIYJ`ok}r8UBsq&FsggBmlQ(&dELm7E$&)>~95N}3G>MZ#Nt8wTiaP0&NvV{^ z0hF&Oltu}aQ7M%Khm=ccl~*}Z&-Ii}Ih9@Mm0xKURf&~jNtQCvlvI%q)es14$(C)o zmYpCEB(;@bNtbn*l44nwd8wEFro>m4J)+ zz#uLFoKvw5JfIIXrzO;>55s90RM8D|@=_uYW>euvw5dooadRI`cR(k37=Epn=g=^-FYeVITiRIo%BhGrkOxzto4koC_V5G$lnzir9rQ2)t%(n6Pzm^82>+ys%xRo# zPz1P{51@dX_uvGdaErlU0&#f`ps5e8@Co-Y2Krz3>}Vkq@YVoA_X@?yw9wN)Iqv72awU=sFIsYMfX~71*k+%{mp&iiwk2sSEp# zm#U#E>i#&-MGq7}t;U(7$*`L#Ivwlq0QwXT@*uBM0kT?9qbG_Fy&9fBa0gTn7BwmZ zFF>pMkPdGaqYcuYo}AesB6QW7HbOW@Bp{)0wN#;`ee0StFs}i z4;PsfziL3=6pN=&+Qzp_nPL6l)bY>Q0T|0UBEsVoMcvTen!dt1^24 z`Ctn*KyMk~u{7!iJJbWdKo1u%4)>sD%xStoiw|$`Pt2*e;cB!40G_sBG)`I-_b>$1 z{)xGo8ws474_aCk-q5jIYn+8ZpXnf`x0|~e3AqpIr&D3OXqyhA8n0ULyVQ!j&LFvx z`>4zNx&{!J6Y94u8Mx&ej)R-2g&Uik>Zt>}tM+LHO=PO5N(!jZz65GC0jsMznhqM! z4hj&y<60HWNi#z8sHZ!m`Lq)05CCcs0t3JU%<8OXON;mL1ed9s@L;XEIRyOqzX7ZT z{5lo+APo8{z~wp>-oOCnI;tJ4k>7!VJYn+^!Tw^lJY`T(f@W&5Jz zP_oA92zh|FXq*T6APF@31=QIN6VRdutWT(`z|eWHKpL`;st@s?PmDLYVOCEF;Ll+)&-EO(zd`;F8_>YS8NF!x zsFC2#mjS#5ebD-3%*foD39S}J8qVV!%iH9Rv~1FkXv@@r%c*jWiW{0Q4buvH(lhOY zDLox4Jsp{Oi!Ke*J$;xmP18Z`f*8uex2(P_?bAuE)VK)LLhaNY_?Y_ym{}1I#6Xyv zy3|>%)uY(dPwmzH7uET24Q@%+fdH36zk(15Y zT3y+f4ch)Tj}1xMrES`$joPWL+N;gltqqW$9on%iXqnxKoBrL|x9!ugE!(>-Qnby9 zk&WBIEtR^>+r>SS)QF3~E!@jZl*Db^&n)%YFXB8dDd8+-t~=>>)qb@tsGJPmw`E$Xl>sCUX%E( z-vthK+f5yjS=1_h)HyBSo;k<_SDH&bn$I=i$VlJ@uHi~y(}~;Q5qoH}S(~?+o537M zg}TF^S_m0!74jeqYtaJfIvvj0%_L>aP^PN4XrK$)wDJj_;>n)`YMyO7pzE2QJ0716 z+R5l>pZKYtLEg0g`A_&DpqE*o*SVkxx}ZM(pb?sh{u#dEVO|s+{;3~+6&?DaAv&TZ z>Zy)<;t;T#DL%>shYHa8sXkicQtSl(bPqqU;ID|JO3I{8s;G==rTUwtTiT^xst;j0 zre%7jg<9xss*d&vr}!YJbZVzgnx}i(r+*r#&M>IJY^Zfy#*^NtLki1%OVW!e=C2+d zWInKFULCI4sflX{q54mxI=`o?s;ue)gnj}>svi_j7J{3AWvEqKQ8EfL&*|B1* zPbs>?_y7sT>9Q~@WPARoSL~&4R-^n$4?v5$ZTedBkPJzx543x;kogGtON&RFv@Wo; zqI|btE43?org1yMSX&5MTl8}KwH14g%}cgzipYwqwruORaC^UAI=9fty^RjF-wUyE z1m+44_9lVg)4`e#OW&vx@wmRYja%_dkD_s20DGXv;o!N1Am_?Uoi4q)ty|-y%2-p8 z;_c7^6Ho)1VDqy`53)NIw0oy`51E;}x#MuX!8^Q1U%bbgyi|d^^3IJ+@5s;@y--iR z@;dock-ghXx7|yf-y6P5-0FWD_Obqd;C&fKWly+WU+e6v_K(^G@ms2>N(uE_^%_3_ z@e8pF{AO0s4chF|4D7%VoVughM1OC&Rw2L@e8F$8!LUih9t^-!kt01!!X^xzD2%2* z%)vqK$@Lz?Gi;n2jJ7ze!#v#Y=RcVMKg2~W!3V3vhxYZd4-o$Z4kTF6;6a256)t4h z(BVUf5hYHfSh1i!j2Sg*T(;3;zF5vYdc?;llLsR{nj58Q(Rc3z(45JR>a%sgC(seT z^vOdiGTupXY*)_p7>p}f9{%fiWF!ZoQpR=*mO9GQ%_`DIIdtj^EYh0-dHGy95Xsjs zUCfy^W0r@CkUn=q&}7t`5v!?un5^alRrs)E${FoJ)tAn}$-aLv=0nBxo|8|TF*2Ko zuAnxH$(1i>-rV_f=+UK5r(WIq_34^bt^`?mZpp$aqBd+D7ynw+7qdO=jn1Pns2+(OgjkfCQD}90*Cp8IV@WU){q#$9y1`((v7zN^K zga>;r6OOw~NFbpLd0YvuHUtKE;l<#-A%cSm(1-^Sk@9IIfC*mIfvpNBKw=zuRzaZ0 z7h<5V#TQ>#aYQJi{>-Q|Lg?8bfF{vU(X_1YF^>craa_wtB$Wis!Wu-n$we6LGp|1= ziId1Uf{?@RPCWC}b5B0|^z%(G@F)%4Xx>-$I?SZlTQR$O!4NY04p9LP>ngB5mI zVv9BQ*o9E#E*43@GYL^$qm_1AYOA%DQeGkQRUlxI_4ZqE!xeYjiIiQ*96`{LXI*yN zjfa>;=yLU1dh50KUVIzP_MvV6>6To80~UB-f&n!brF^alWMPIIUbqvvTFrN2iYvAl z-+dkG_uqp4JNEcvkV8&3vw1Zw`C^n)R(a(pGj3>OkzB{^5u zWB2{{iDxgU_S}m%{`iqG>z&f&fp`A-r#Y0cn;!bg8Rd3yeoK z;sve$MNooL3gABmXg~~R@NTYr zQVjh)2|i6QQV^i`}CMpHYV#ULXN0>Z3ID06|T%xWz8&!!Tl8;(wk< zMl(k7Dv{t18aLy@PRUS_iyRjXL-N5JZlrfDA&@@4k%4#=A^?YR5N61M2DY>(lK!s? zh6&hm4ixG`MfVuPNoHdTdW>KxYWPb&aHI_X=pz|sX-5MbqX2z;GL$)Cr7LM;F*QPf z5crV9RMPMnRepjVAxHpf9C4SQAO%Ol)Q2eT@q?P!W*o)T$17Rm8{muxk<(*jJKb3< zM|x)^tU`(F@S%poaOn=!3}QTDK?#6Tq7?d=h6G%o7>(3J04JFS30$CqFk(UiB$yCV zBuY`DtYQK#NWw|l;er<&0V??rh6G+P2cbM_EB1I15dvVySKXrr^0dzu!b6ox(4zwp z{R=%xu#t2aKpu9%h)kQM4~5<|4KU5uJ9^<6jqrvm_^_!vmO&GG+-4&_{@qAYyYZ-d z8WN}UI6-Bkp#gPD?^o|+Yg(CSGa?qo@U@$JNroxO zVwS?Pr7Z1$j6Se2j&IiFmFW;{Q0b#mAc`eou%ZV6Mo~lzoTM}wX^cL=@q;^10hD^o zCsKOjLukTQBY-8XU{FRSjl5Ehd$A8qD0_=73gIM%*@$L)gOSbvkuid?tWAWNnRTw! zt<$CM>NvP8nvR5?;=v4E?MjpTctEdHf~rT-;Y)o4<1qG!K|J(OliCpFy^ab@CF6S) zL(rnU4w99E7=zwh(PIF*DN8gpa*rX@(iSz?MIENeSZ7EL-Cl|TLEoy>mTGEr|1RoNeK@qe-k0ZgT9Tf0| zHwfS%OIIo%B|1@xR1gHgrpytRtiEQlEIU-BsMweww|#PmR_W#Ck6RS zVG>D^LjLnJk>H3hZxcS=luO~fn`86lde;f!>3Q;)yAzW&Mv|f2`+B5=_9$!FYXeLX z#@$j{_j=v!{tvLDWV<+|m^=0}@f*r2s=_!A4E_ds4~f?x-*RVsTIZC=yGK6Wjy$T~ z#m@J}XI}1fmwe|njlgs*kb&^xpXN<3LC$+#_0+AO!t&R!{ek-QvsYj0SAY9=o{xF7 z=Y8!l4R72Bzn!|DRQh^9-|9$dd ze^H*}e)-$xeekEBdU%su``!P3_{U%V^QV9P?O!Phd-LcL(~ncE2KDy!ZK{dm^nj|NJEau z3`&9tOwuGy3OJ9T2f^|PZ-BMI8j(G0kY3yfwpbTxDWy|NrB!OBa)OFjnx$I0rCi#j z|N5n1S}jo`C*4A(CQv43awcg0Qjuw@rhNFYv(P4I;3jVZr`os;ZX794K&N(tE>?6! zeDoMt1TtCFw^jKujlhb1s)?W|vVa<>f;y;daH;m{lCLPQdq9D4>VY|U0Se%SDQJPb zFc2}T1O=goAK(R-f&n);jG%&tuNX!$n<*euGt*cqo#Lqm`6-qVs$|2nj7X}0T&jz4 zs`A>6<03Sx!m2u3Gn&lFg=(~p+{v7pG<`TL$Lkfy%SWmln0*Y$e#8jZ@h%{v3A`Ey zI7~Ic`UwXKvag^ma;PSms)=BLHG4n-c$lwt2(7L7jh+$;p*qJr@QQIzNnGiy&vJp# z+O3T!t)M>jj!kiv^p+nI07ih z#c{xgAuxqr8mE**yT2STj3}@WYcU05Fb9J$dGdw{D}>mxu#CX419P#VgC_ex#}LEJ z66=ibo9qEeVX~tl z(UkeKKpQldJpK({M6?4?v~JQfJp!vogHf_FD?y|S)67pJ4VC@8ivFA=mw<^L+Ad=ON40l3?W`{0UBvXTW*3l8OqV=OjWIW|p6He1LG zOUpJlvn_lejB(2cX#>q}0=9C)2s@2YsN%Lw3{Y@G3UPalKs`6D8q{@5C;Jpb={izN zO--xz{C=p^1i zD_5<{CeVVBE4h>VkXKnb6G4#>qdK9J5gK7Sq_{aB0g{~?5~nK@po_WkEV?YIPNg#u zW}Vi9{yPc3lR7nFlB&D9RixBRyHs^Gl_a%~C4C)yxH69rhDyZ3&neP%%~w2W*S%B2 z&>;sG$O0KdE-kcI*uhtQP1x$FLVS}wgMHZVxle_i*gZMIBxIL&VZt7RSdNWYbOk<& z4Ou;DJs#}Af%VspP1(7VSdnd6>VUz`kU^E5S$#lQm%Ul6QB9noS)N@Ko5fk6Z3vhh z+MeaupAA~1MF^tJ)S_+LOZ!*{Oj@ahh^3{A|8rWbMTw)G+Nou~`}rRi>u9Ax6KH&P1~Sd+fIF3w~br5#aX)DSi9|8yvz*~&d!i@jKRSi;idT&$(s&&^kc z4%;nl?JZIC*$59Yn1 zJg{ESC`F9OUN=$2sMMCJ#9h$U*^OXL%X3XyWPnP#q)gf*+YDae2uJ&PCVX&$sQ3Z3 z5WL+$$DjB&xSeSr`Vs*I2-y*j&gXn_I90eGOu7|4dA6fu^VFi1cndSFpoktw@!$*X|L zowBH&I!fmnsym}&q*SVUtrwp(PuH5Ns=6vzYU7#gs-*N$v4Tmbgvv=p;!0Iwz|~y= zrVFkNNUzMRfLn*Lqz}RR#f(_X+=2>K=2Nq%51AUM%oG9Px+fWU0SL$fq*w(lum!_1 zJGiSAzyvMPqC>+(E!AQR#Z2VJ^v>CW%sb7le5uXKBuo*TW#MA2;{Jj)7K=}3qfZ4M z3DnhOBjsd=-9^|0W!Y>5@j|uQ?2Pr2NJUkyJiUuDo`4$AgjY5T-z2e`2)1xo3OD!+ zd}soWw9WvN&ciaWRCcj^Sg;0ru=bR&=KanK12BXxPt!op6;aQBX3q$-iTCVg7L(7v z0B6nB+S?^(q&4Td1+pl1V<985DmKt0Bd>Tq3CdawKohjO;0jn~kQ;Rrt?&&WkW4)S z<2p981QyXXi?lbxh&VgS6xE3pZBZVz%}CSeu9(r9Dl}L+G)K`<7ri1$)@myXQc4@r zxfo}bMopJ~Vw4ayC!Gl>9p#?*i77>8kc2PL*y?nQr3vO|{su`@)`(xFu#cwD%k~(w zsz9!`(1&A-i%OAGI<*WmDy=+)HpD=vX#P`ciw(@ywnE)%Z=(srUew)aRN6o{NZn8) zcDI#&YrXZ~sM^%lJm-=4RDTmyQ5uO-Whf4C#Lh4}9dL&$$r7ErkV>+L7HEKTSWqwF zR<_U&{$K=o_{GRLu5{o?klT)}!rE&#q z@++U)EN>kyXL2k5@|F&B?HO~L^>Q=6S;*a7HLr3VZ*!o1^NeWQI5$`}r*p(58MFO! zKo4|5A9O;0oIU6B$3^o>!Sg)F!b3-N%T@HpLJRX^-M>J0az-h)dUjV z(RCmt*L5Id^TQsPI4Uw47R*hYeGK|ZI$k{?~5B|pCt5`56NPX!V&{T-BC&!{jj}|>hh@OCP1(}Yc zSE69M787b{8d-ATPnzirIQ3~j-cCmep+0Sj6eF{LZr{R<3m2W-x_0m4&8v4W-@bnT z0uC&AFyX?641i4_C!Vo^#>sZ_d= zW%JNu5J+{Y(D^_mYw?m>gbvLW>_vJTCcJnNLc_vj9@awNc<)JAdIsQa$xLqu z8mbD&>IO^4Brw!;MLa_{$O-DmZ63la@e7VAA%U7h$E8d7i5xAX4GYwWwcpQ=`dhS zLEm5y&p-vGg8*?C^~R7ZH$_+wI{MhAhe`MBmdEj%ccghr0I8M_7CkHZ-z@FRD2FWJZUCJxBj3%mnsY5*nw+)PMcso0gd&Dqr(^=h`>YmK?L z-+u!h_}FOkrFPthBc8b8iyuCBMw9Kk(XMz4Ub*F$W1hL@X9s3D5}rmG|be(_Xvnw`WB7UY?WQyYIgP@4M+3<#SCS$0MKo@tu6#BJR&a zAHDQ?>#i5?!DFAj_S-W(yx6i&AHMkGlh0P?+@qhq`s;`2ec0faAHV$bZ(e;~*R!9$ z{`>P^m-}GDkA4CiAOQz=zWyOFfeKvT|F#yu0zxo?5`>QZ@PfYuVlaamY}`>ExV0fo zFoYr;p++irmkVw%g(_U(tRRDq7s4=xGMpg|YiPq8;xLCg+#wHp=))fZF^EDOA`y#d z#3T05gmyt83!CV~Cw8cTS_2^ot7ydtDzPq1gd!Ka=taRuF>4;YA{omFy)4RQi(gzL z8~)q)mN1%ZjAoo89W#fxGTJq5hM_Lm)?{FsI zh-u7Zf-{^;TV{&v#?6HQ@>ee)fyQzou8tflBi1?RZ}d?O8Cm8@M!9E3iWRtg=;8$~ zs6kLLRgNjVzycrv2SQn5XSHlFQID6{TwUJY&7@3@Ajshc^>Ejz2h({p; z0HAqt1gaSM4WshOpQNC|B16?D;DTWSvYg|ZHM_?coMMk2n4(g3QiDonq6|h9BpD-V z2T=48C_@#^8(<-;SjwEpxY`a>g^DF~l7bKoIMkMm4L+hcG1Yf;kXp8YFOm4xI8E zVT6ET_=v;{ARw-GxZnjx@T)t@WdRwbqX2Rs0-=B_T;dv+Nczl&Dklm?L6E*b0+mwRzE7F3w(p#kPpkoq&6uhI9M zMe$~68|+|L1+|&KjH;GaYl>umMXFr6iCD(b4i0;RK~&AEKJHP960^r1KOo3iO%bH@ z@`gAFVU&qc>4Zp8j_Y%b zOsDA4g9hWMr#_slrzRPK5(rgkq!!X*v~;At3_-|69Q8@hUQ!>j=))6EVCOsIInR3D zGoSnH=RX5F(1ITHpr6nOSv>fbqorDDC3jlq6@?xZUPy2n;Q{^)8-&F097iw!WDk&y z*dp?%1|@bekRFAm9SYDBCO*-lQ0rsVr5;GJ^0A-2c?2XPso63bQ6`SK*=m=u8x{*!lJI6il>Ow#tDjXrZ{V(7$?w1 zq7@fmb52-ts-^UeMpK&Ds)iJrw$4Ftpc>4;db09x2U<~m>H^5t7_Zg>qXbTH7eC3? zBs1G|s&gFzJw;U2{!T%}<6hdHr{m(1uY2ILkoib29Y71g0C@0m^EicLAPJ3^@8KW_ z-P*t)XOV&K!{AC5qYudJ1H0SJL8ExEZl+amLF5P{eE!nNMiSByH^1T(tEa;QWXXqb z8J^XHd?qw4)<=u&0feBOY2iu%yLKUNihR(d8_$skGvv`X)lt)AYO)2J++?UYDdfnd za`K+~6!%L)IttLzIqa#Pk!QXJ38R7poEG(RDRTF3ZI$93$?SUs-!lAo=l<} zJ#Oz_db~OEt6&YwpL*pcZ6R>m+}d_#`lzQjAfN$v$l(Zc@M~2juv~(;0}4Tt$HMLE zd*BNntpcG%Fa%}WB*a5X_QIFGvX&2j0ZbkO%Td9SgD{0L?D7zkSaK?cWQ=L-W*-Y# z`41Mp-;}u_?57x6z99t?)POO(jBx;sLk$hf{wQ9=Oiaae%>2FC=pm9moPan@VCuci z>Ny(I=>s%HQwKWI&mEF16oWVw1EN`A+hCxsJlZpPU<-C22=Y-Mh=Vwl-U*`MqR~w( zM2-q-AP2hO50ViK?$HzIgE;BK6WAcz;8N=B(k{7OhtjXzkz zC)mY3sK7Xo$Q&kVdB7IEW*kx-bXFo;ys>`xW$D(sDdfLg*TvqH@ss%Xqi7yq7nGQ zKllS2Ou`tr!YSfI6%b;Z)B_G^0vZG(J;;F!n882b10Qe!77${H;RP{P9t2qRu-qZTMmJj(tfgnc2|P!T?YKsKV{D+p8;uqJI*KqiEM1n59HzKvFHC96P&EHGztI_GmjXLL&EbW&$^TIY3Q zXLf4mc5-KTdgph7XLyR|c#@}f=3-eEC0e?rDOe^>kO3xo!za8XA(j^~@It-7q+kB! z8~UX^2%}pjWL}u0T>glnUigEvd89;2CLx}~EHHy$wnLxbg(3C>2>3!hXo*q2p5%#;GZ5*KB59H;>5?*OlRD{>LTQvr>6B7wm0IbQCTTAE155rR8){-*_QMQt z!Yq)fFU;pN-oh@JfjnG7Ht?q~`emHr0GX00W7frh#zleVMJeVa7fb;mEU068Bpf&+ zK8%7DyrWzgVlph{XJREj^nf$|15qxBTi|Fnext^e=!tS;Q~pCY9DqF}fTY3&q)KW( zRKPf_CXT|R{*Edlk76m3E<>!+YOUJpt>S8~>gulYYLDjPU;g4h_#%D6!5jc$Gr9$0 zo+&rJ02_LPDek8(zNtsTWU?wGV%`OwN+L?$1u`aTJqUq3sN#GILnSDrDq><_Is<3+ zq*E?|P_6?t5~W)ZKt``>!>lsw z!$NGtO6IR6 z1`7^2W7Z;(%#DKp>#5ct^$kU=lV zYV(3`_=@lN3aRKq(ezdl`ciL(SnrThgAj;A6SfX6D8cuV@BQL${=TjGK2aR*13&)! z13&z401vPL1F!)T@BtU_0xNI>C-4I!a0D|j1Y7RE`OM z{w{+oG-)_=!U$XGFo1B7qVWDcFB{FF1UoPdL+}LKa1P_}4m&W}TJQxUovd!KihS^q ziZGE9gBXwi2h;#5oI@JufR9oG0kp7>3c~>W3kj4#k7mOVEP{}_f&uhsIQWYQSim44 zDfW6oke-7ZEC4CEEg6%52+RN+YlAZA05jx*6o`NXps_aS!W;vPkBUMTT!S1eaSecQ zATzP|$}t_ou^#iWA1|*p_&^qDgC%3KHe^E(^nxz9fXu9Mj~4PFCo%|A1O6Y^@fagA z3H+BGvK_D@OYUsRnbfP%#>6jyPN z3WFFoEGAH~HW=xVTEh?|L5~u{5BzZkH^L_W=rl+`2#B-VGQ%TeK#vZ?8Z!eVEP^#O zaVCR6JX^pTU&9ihfi|228+1Y@n1MAvf*4Q38*76oh_NmpL65ou70WXmTSGl3uO%Zu z7Etsi~d76z{?x)In6&{=pzbvyX;@8)U&b z=)o83f(Vd+4D`SvRP`#rG?2c+9MgdJqJj*R%LYimHW%q5=zuU(^EG_I1aJTn9CHMi z@hI!+HS~ZT`)DUu@j2+THC%xAE<=@MG6n!CU8i#tXL1iP!jFD~00=fe>vQr}gCK-+ zXNR*j!*f+PY$NQmH8}Q<(seH&bdMS~8dw7b*fA=20AOeKOvmsVpEMnLlZ=CA^#|W>i~pHwui4aG!pd@A44mL#M+7sE4`{4>P(Sa|7(csoyaIR5Or|F(knG zR$n)IXLlxRGdJV8Fu*i6sI{+;vyN}K$zyp~7XvguKnW*%3h#obPpP=Oxd-?;AcMd+ z7xWs30~ln1hGRJxkhhOIxF|dTy=S(6=l*%}?zw~$cEfH0oxd^B2mR5HyF{OKN*6fD zyR=+GdU#7ZoF!7g*V1kie8C5?5f3p#Tw!rj+Kun>k|y!LG;woF`Ed(F0Az6)c(2}f z^;d^AX_K*6FN-y2LIjXN;y*bv_9pfuA!&CWrtB%z!5l`V&jc?t5=4i!v*7012Fd_NzW_oBi3Bn>HBdA?ZW9t=rlw zticEO+cO0D4;9@bcg4PZCjY>R{;P2Q>wm@m`xDJsodLuNfddH^GC7 za^=gJFNZx+_HOCZsaLoDejWS9-YiWI?%o`Hc=6-OZ|#~LeR}ol*|$fzedYJS^2^t^ ze;>c!=OUxK_x~Tj00o>3K7Hu>>%jaJT#&&Awb?JE{sx?o!U`?C(4ztq>}x{@J^TLd`m-geEbo}AcY)~$RdqA63HZ$ zT$0HqoqQ6?D5ac|$||j7l17hg+>y&Jz5Eg+4GSFeGIYp16U{W$T$9Z<-Fy?yIOUvk zyDU4}63jgH-19~;>5OZcKLs6>&_WG86wyTMJde*t9evb7KMxI5(Mm176w^#KebY{k z@Pri9P(|HMQbYbJ-4xYSRb7=;IXm6x(@|xemDa{eE%ek@b={TMUQ>NlqgZPlme^v$ zx|PseeO;E>W}R&l*o=fVmfC8q)eb&ob;_rjK)n4HTyHy(r#Ee%Jr~_{pN$ryX|H`3 zUSg5W$s9q@0S#Yy;;Ckla@GA8;DB3Y_ab-WJs4p~=WQvUSnRqCA5O-(%v^#0%|{$E z^J&K7I5CEA<4g&*$l!!cKH1BKS!&ps?IND|u8MPdCz2OPKw=zx3ekckdJKShJ8-7B z8R(VpF~pRd^0~$48EDaGX%b%OV&Z%-nSh6!gnr=#H1xUWgrXD8N0%2|sG((j*2%h@ zDPFLklKz#p?wX};^1vsP7ev5W?xFc6+ibK~YWwZDm%XP6LiABbju#~GdZo4Xp$CMd z@z$Gfee4GO?6lo+TX1~{hui3yVKAJ`kt-@0<ESM=U7OL`sxGAJZU#3v@8CU~uprJ-|sj zT=0S;^ne#9Xjwi`p@nW_ZG}M?2P!6b4-{mB2muJfBhYBPY;>S%mUbxe~Y}9R`rc6<3nQhv}mp0x%>Zef5rBu#sV9+({wbu?(cq z1BEW3$0J*k$#Ha}e>1`G!{!-^9t0SL*)T9M$+e^%3uxIp<2gXh5m9z!tftWlF~R+v6QBZJmOMbo5*Dfr zjm%5O1DGZPAxz9}E-@!XIY`ooIwO)WOKIv(!a88S6sFPnaX4yJ{sYH zXSyU9M6^c?d}qxmUW|43p~PvR^CgO7#&*a*c_GaFIt$Nn2X<%vAoFIw@uli8;jO zA?<5Tu!0hq=tNSW0tZf%7$v`^#iSYyY535?GV~zBpc-urm$U~8#_`NZc0+mXP{3!e zD895J>K;#kna|)+$es-Wa?+))7FM}3VWd(YytU*?yupA=(gVEBI&3AuzyosO!@G^m z-e;3qUY4}iF0eG(Ea3||dfZYU(m*3<-!od%J{ZEeL2XTq*&EzJaCaDp2W&fwfS=_g z9o5Un!~zOHd0h0O$#_9O%UQko;RA~KSOxYzjE^QHK!zpWi6inr&#yVb6rO=v%i=My z&d7l(no~(+~>$ln3zBWRDozFH6%ELdH?-zPNrd1a_R#d zQkX#I+R=gud@*VC*Z>FfkqHrSfSmYady)0I|`)*v5Ws)Feo@UaNg=u4!8z?vMfr1jlV+%TUxLfPwyY`4!Jx3E%-2 z_`nHXaDyKl;R#px!WoWmK>yID@#)yM)=Z{*AmOtU{@3`#L+fXcf7~$-zsqU|y>a2W z;L2nwvdLL4u#STq<}pvpOfMN1lFOy#IoJ8lUGj37{~YMN$<}u2b+3GVCLYA-SA}`r zbf;U)=RueH)WbCN-sIyN;nI2_#^tZ4e;w@TiaOQFUUrM@P);%n``X!#s|Jq{_~Cd+3Y_OZW9>Q`TTl(n8si!A=BLT|*%yD# zx8Hs9E6n%#BxD9}0k1B7E(HJukOFf=E@y9GMreozYF;pOMhDDz1#uLIaU2JbB!_Y=CvSET z2lIe)Lg#Z{AP8sBa766|PUrC|kPGAG0#z#mb7JvuM|XI~cYsHD7R|z9sRY@Om^kdZ zmWK_BUOR($e;=+h1_R_5~x=esDU0Rf+lEv zEC_=%h=V-Hew-nMtY?HusIyRL593G8UMPn8tqV_)TD~wRZcYq^2%&)Mh%$|~oal+7 zXo{++(gq+0;$amgzy*?E+hR!tA?*c-pvyX|0OWuO7yyE#K?bIv1#*CC7Qh!0%^S?h z8KIHI%1H}`F_3ydr}E2a5J{2pC~o{Kup~*nw5XLdsfakKS3Ier5{hT=YaB}Hl+deZ zScxTENx=N@9c?LXa>*1?(I9I@6_+OrF$1TP>9tIunVL%tSt6Py=6X775T{EYupt<) zizCZPmsTpyqyc&^>WVaq#r{Z=fRu+GXkZ+?5ufylpZsaTRzk-JN}kAt%IMLr{OX}x zLdSe%zAP$%{z;=aN^d^uphOCKL1i%t22wf~ z49g@+%iOFbSoA#Ojm$8LmXHR`9F)yu#}$roCEzTTa5S=h?Axl6KbzG42vBKgD$pX% zKnQKrUf|GBkQ2wJ(O!U@?4bo3AR8Lz1+EMqFhK%lfDZFP8N^8p;4&FSzyfeWLnp>A zVJjU3N*a#-Kng@)8?UP!D8LuIfdFnTKi#C)NTAe!P1x>jcUaBUlx>U}q1m1-+9VBU z+6~*xvQfP)%m_i;$j#gm?H7k1WH|^VQLNxsWkkMm0Ek{SC6Q)wt5sap>>m0%O4U;hXz4^~iI!=5gJ+NSWNr3Vo0e+nA9yOwN=7HrRU z=8{%+x`kcECF4r2Y~$8!(Uxw>Vq1+a|Mmr3;Z|<@)@kb&aP3xYpY;Iwc4QwAWFj!| z5Lf*aw^FV)aL;vES&<<(ux5zn1A7KR83}91L`!vo9-Q+9q*E+Yunt|K8Zc~7qA+bF zM+p0dYXB(+n=o^F@Na-HZC>|q5@&H5N7iC+33q~aVP@qNH(1)7UD?T?m-MDKmy{%9iU(WW&jKnhl{)@ezK^KD1aBBk;aPVJFRLCwhB#2 zzz_Oo80p~$Xh9gbCIk$?6+*z(rV|{OM;s$4krv5n&JjL4OC7O@9sAK8X$c;AMIIdr zYDCE%@lk&CQFxx%AL$d!YUw_4Ntfm}g4Z}h23JaT^<6>NA&ZEaoN051{wE(GA#U)Y z7ldn%-GC6VX%S7q$AY0GnTsAIz->afv!p4dlEHlRp)gethERu|%J)z5X`ftx#h9!` zAq}2#aw+MILm%_6wAh@0GB3ex9tW968*8IFN-1~pp*|BT{YNSnjVhg&je8ko-8i*Y zaeBS-A$iKD?%0{QcY7!1u!572H}q@5CLg-49m1xfd?p^U$~|@X2%rF=M)4`Nm`((< zt=?)$LlbHe^R76Py&Ti1B6G0tqOd-dmIfFzk>;_ICbHPMvpmx&L36WonKYTymkYXP zfw^!s5Mo@5j_XObX3>dCVR$AKJ6Wuml?rL4ZAd@H)RMytea-(D6IbOFY?2K3!VAD(W86bCh6)Js*I-4gekFGr-7LcV>}}a3MVSmoqwGc7Ohze^Mk91cy=>QVT5-lK3C+w$F(J*?3`PT+C=*!D z278N1aY=cZsV^HY5PC|VdSW#bcZPa9SsWF?4ojQ&!1(W~8 z1pT(#uHlD-Z1Qtq2h@>{=?wZ99R<`TLU3!K4w?!XaTZS?{Fy7gPPw!s;kzaJbG z(GKg{)@?2P!u31DHM|SOw!TALZbzKNE6~IN9K}<7#n-sS75c^fR>fmH0B3x`Yuv_h z9D;S+C2*F<$@a#5{QOcDW|LgWmz>F)JV}b&$h!~7TSCZ(oNLV_$^m!ES<}knRvxfC z%h7hr1GLM%JZ6~z&C^`X*PPAU+|Az{&f{Fp=Utr6>)g)o9MAJy&-a|q``pj}9MA(@ z&6eWKZEprw=jv5;- zASpc_C{rXiTqi?y9ZZ@d4gf3wFDnvsB^4bi8D=UOkSi-KEG}{@E{P>vt0!)|Eq}%> zGg3HLTrO3QISigR8V@`sAvhXIJRW5`J3Bi)NIW}sJUo#-LSj8eb3I6eJ5r%MR(U&H zkvn0lJAtGSIFPb@G`K0HxGiA_;+OJSf*bgNQ}$yNYgSr$cF7AjpEWL-BKTRu`- zU0qsXds1&}UT}(AdZbu@w_TIaVgM&=76@lS0A4$BXFQT-U2kP&p<{}+W~SF>v+ZX9 z2WbFBbQdgaC=YH%C1*iAYLmZv0TzA$D{vckbuIvOCslJRDsenFs>!g?yggFwQWcgB^5znPWLk2=bcT+Nqq%&UvbwWZ3ix6H$|%);8v==j>7PSmDr z*{^ia(bd@7-qQQb*8Tq7w2I!vso&AE*mPm`rG8EQR>2p>#$+% zwsY;&tL^^&@A38g&W`@(um1VY{{HL!{{9I50RIUbNU)&6g9sBUT*$DY!-o(fN}Ncs zqQ#3CGiuz(v7^V2AVZ2ANwTELlPFWFT*(?FoB|GCHa}-6YVahJ@p$4#j`i%DTc1H80h=>A(8a^!LL-q>>hC8D|1vmKhJ#C8*$n3=)P<8JP_sO+5O%;|+u#l;EF6`+Pt`ZUS}q!Eytc zt*5Zp9HAlsU0@Z^B6+HFmkbxf{c#n%; zZpP%EeD>+*Q~kX1fdQWm))N~IlnZqiaY7=H1v?7r|>{L=44gPX43gB*;bb12zfvg$^J-FYa>^j;_$sh}w9nA%f*bauLAz|%) z*|i+-(o8qq^sYENgx&{Je7g>iQDc^Y3p45y-lAGkobv}!`-*0aA0R3wc0$fuBo5QC zi;bS=iG5yrRS$GE{@Dimti!hneF^tKHUlltu4yY znFt?%5x3%$t~-#$5dYJx#!jcM`s#dki26b=>%itdSm+q<2ip|{cHO_4OOV;4XI`!@ z-|iE}hW_l_wwQL$%ghI|>t1`czY{&KGX?)+VhW;HTt@HMm{QQxVSYIRngR((0^tAP z(@VS^L|rk~2j#nBvk0=T|Ni_}cWw6z0baSD$FQJj$RN98Uhf?ByNtbPX9twXkD#MK zGzkz|1Y}4*iqSC{*(YrAJBW#lwh$9p=}StRU#b>@nG!ULZw6^j=|Dxn{@L(`IPA>- zAcC3Y=`KV5@v;&@5_mGZ`7U^p3RDOuGC`0vuZIQekP92aDob?GhaJ*DwSHs+>IG3e z3@k`JJe0jJmMe@gG);DDn8P-@@r{RZ9r_j`AQBpci@Dhpvplq;T!9gWhjSqFOr{Wd z#G*Fc8b=d(ho(9r1dq%~28Nc`LWGotaqOtq4HS_NIUSK8JF{a#^yoG~9_=(Kgrh1~ z$x6FG?IC$W8qb0z#64z-k$)_kAm>L&gmA1kqZmbT5`hJi`EhKroaL&X2g7_JO;RsQ z)+jDfh7lw~USpHrKOD(IY(fi-tqi9)$ElZrMbKqM8bUDF$<9%TB9Go2A|FBMC2$Jx zk^ufJh_4u-rNudMfzoUzJKsr>=HyR6DG+EoErl5ke6URrIw3d(va|dtgp{8or$#r* z(Y2sTRSpqQEk_woTlUe2_T1&bwAnC%>9d&sY-C9{@+A_D@s`;gNj)Hi7L`7*CeV#^UK^4s5!0H{3%(Lsy2y=*&KbzA zYHVPC^+!;@#62nP%&jlOsd)S|u$`K*lq^+WnecHhjQX^$s7Zy8cjR zrU0V5u1`GcD1#3L>w*=!gFA#xsm9O-2IQQKZQR+FX9s3XK_RFgxv}lH{E=H99^{v< zrI9}L(W=b!b#jAxD60gqRDqbNybxXMX{QDyc6oz-|1hm7S4-de+P5Xwc_t_IiKF!h zOFj3B?@U2wq~8SBlxL-G2Q!m`hyF4KhY+R+Mgdb$7HxF>jlzFL5MYGh14sKg-uQgx zUvV*FNX%3xHB)d+iO%;tK66g)1U%BX-uK2h&T(vJBd#crf_>sSmU_I<3pPphWR*}4 zxelz$*X<@kq+pXFYf}S6EmAz#s0|JR94+36fXG2DNIQ!0-w#9~aR8#^E`}xm+4z!>LP3S@!`p}3@w4xWy=tevG(U6X`q$f@3 zN?ZEUn9j7OH_hozd-~I$4z;L9P3lsc`qZdSwW?Rm>Q=k@)v%7WtY=N@THE^8xX!h% zcg^cw`})_w4z{p|P3&SD``E~)sW%Amf*Bw}HTUR`Limvfu&(MFR47LdRI`s4Saf`+ z$m>a{O^tfgARJnlW5fDG?xSqu+YNcQLF8SNc7G(=VZOJtr55h6blal-SjN6hCj)f^ z`~?WV4f2XnsD2veocpPgwsHLzpJ)L`f-dWz<>)K&bYPyHBt{PNI@Nvv(~^5 zr}2y68#MH$$jdtt^HZ&yAT=M&%q=n{W;+|&H`iy&%Y|)it79Jp=SV+5F$5I#Llrns z2fpdC?St4`Oo1ROL*9*Ve?;R2G00~>`kfMTBOM+?k1D&9!=;ty=+J8)kQJG++g0>dHQ;L9jrKX8GA zb@2l{_=tmupH2jBCtZ6*5O>}g0(f;_>J!KFN6B5k`keY5BK-iwZ^+R_wX>=A64`r8 z8vk9M96s>}p*r&aQ4XNp{UO57$n#^e_v6DxLIZSst)TPeuz~7PW zapwWPFVB%{RGnSO!FNB<@kqA+mLlXpLOs|W2uys!v*$5*<5q3_AO-S(e(RPGz=wAT zIB(d85cg+y5BL%bh!Nj65?z;h^KuSkC4dxhf9%%~_m?I>1`+(wfB!dmTTle%ad`o^ zQvnAj0znRI&=0jBgJO~jG!ugUPz&Eyfd}Ca9Ow}HAbA3ja_0wk(4v7p(sD?cfI_E) z3~_-f(GMkv6CwBz^A~UVGkpy~g%#n2FR^#*Cx#wjhCgA2DFKEJ;eH_E5AoL@LRc^h zn1B114_Sy2{qP4Yg>Ns%aUPcj>dcRiZGBj_^}0BKqiOt zh>=JQ{eTGbKnyz)i%;+ZLr^IA)^5TG14CdR+aPWAAbEw?3XW)t6Bl2YcsPN#4spiwFa9z$X153!Vsy;7D+) z(GSgFi-^D-_do>L00ri7jTK{l6_W?7u#Lqi5T=NVs`wAFUz0^%Mf+`_<}f` zP<-sNl|k8%g#whgI4`m|1?W(dFEDWaP!7XL18CB12-gRH7?4{qkntsLg1L*(;)=vr zDAdLZ%vJ-IQV$?0lE^ceD3XlJcrvGe35Db4SbBAbjvlvP!nm3Z$qIwe3i8Hr zwkU{_>2bN4h>ti&B*~H{nT`|w*OVNIajY1X3RsW#sFVoDls>m#MhOKVa*Pi7n(K0K zFHmsb>2X&HnT#Tv%1E2(X>hVQojS>rAqS5zAdmTTo!wZ34abM`at%Dtn(kRK8@UD5 zI4_#{0-Twg5Bib$IdJ6p0?c`m_INpriHp?9h&4k99Qi@>2?J^Xp9N>1x~YhsRh1!H zF18t+%4i>n*qgr@oT|Z!+Icyu8Ii5IoXvR*-?siV7Dojj$Gt#_Oe$({@)ZQS{k zm!hBsL8T{?j)F*tpukT9F^QGvj}H0*u-T=y_z(!Ha-Gy4HW+)^@C@X(bYY;Ih`SMg8yz+u;w~V1)is;)A9$1HTb)V2}^^;h{*^aJ5i_lVBhC5D2QW4KzTh>DG9A zN?odQ4I*|AC)W=;$f$#AZTAp++|VCX%BiZ6kks&~jrRigBLnGB3;g5{-~b|j`Y86W ziS>}F6+?IID1d}`gQog^t0=7eFbJGcta*B=c5(xS5_;c8B;vDlo~5Xa>XOkKA}@*y zxw@*IGy~cC3BJ0Phm)9$S`L`#c9d$VPSSAiGp{ED3ipGTOSf{tY9A-KBABYFXmSrT zpep5noqalpEhm$Vs)2QS3bgf8EC`OEN{}b_J6fPB{jdsBXRdhakKWU8_*!?udWhJ1 zugjH{1y>JniT)4HaDDORvAxQzje3@Sd8mn+dHf)Hamj>-W2qGb9`|s1%o27XXb!0- zayGaog1T*g8mOmAZm#O72!WqRU^xO&vGH|s?WVP&YH-)ksq4@Raydk_g&#!gn5D_6 z;yN$nDu1OasDv6{s>*Kc%Bgs$ub_aLVQX+>>#EuVn`1{?e_DFIO0xdytaNLtcH39) zMtt+a4&wm0usU{o%6z>yrp!vL%&NHdx^w_5tS76jAPaaavUD^tGjBp z24@Zh{H8>*wKr+k{ZA%X)a!ViM*8?p<&?3+Kes}7bMjKh$v zps=ld>#4h&lZ5*ThKsIw^Bh)pbRIroSCR)&P!A7q@ySP4=* zEUf9bwrtr4bL@dX9K=Q=m%sbOFY2=u69=k7gYlKNrem}f7jdiWm?7A_P)rTv280BG z56JKYQFqD1+;aWk#Ca#iNm$0~cgNMXey6v9j;z6kJaA0ha#sA48Yq{BtgL3*a`M)U zZdS$1P=j@x#5lrC&>VA@ z*T((!ZjGID+PKz~@NH!Mt^Rlqay{2i&#!R*R@^O?hJ+C=z_~Y+jA|Sy#Bq}Z2fH@ts3k= z2<3<(^7e8s_}MER*0Eeb*H8oAFy3>?i^0H}z&j9nd3jHpgfsVor%jl#ipv2M2x@@b zq>ajcJ=%2L2YCq1CnF1LZ3rAJ&8!OGTTt3oebTwO1$qtKtg8>WJ#cVMw3yv*F|EY- ze7zev;R9L+4!?c(b2+_nAU0zuuK-LpG|$2Ygndl$PU&EEmO z+yc$W8ouIr#dQc51HUkM8=hA@Y^&9_44EKr6V1HG%#s_Dj|a}d6K&xP-MvZo)(l?P z*ByYh9S05F;`Th|ebCr?69=5_*=eid;LI>G4dZ#e*CTGz{{CR%C{Dv5(&Ri{J;1OJ z*O=#g-Q_YK-Hft_eVD;}cY;~H5H-EFeSYE);fCT7hXb95Cm06iKm!e@!*v|YuUByh z2LqXq%2WvmzMy-i1D7`F)+Nov2|h&E+<*ZmruC5M_C0x=!LqW@2LU$$0dS^ zM7`1(JtWQk*rxp3d%m{9?U)Cx?3R4%2a(Cr*4$w(N;dt^+|Hn(Jm~Dg4V&2A(gw)4 z?&g1r>Zq6rWxI4RfZmhWAA${BH>f2#2(tBns8J~X?XVnO_D#%in8Xe0?~ske&@MUz zz6~-6^J+WIWn#@J|DMah>l8l5@gDPi{LLI5&K@4m^U(8c^7A#fbZg+!Wj=XdKF*m) z@cwMC-43#p&DTf`)d9W4E)VZT{c=!Gb_gvV?2f?Ao_n*vsydJgf9Lf-8#Oe4I9v|Z z+YIJETI*pS_485-+C;`w-uJ3}@O~*eWe?LvPwPmp^gqS))(r|zuhV`%FVV27hPym7d$U7k(!*ehe$Z{y@Uj7I1J%>Rc_qfNH8S+$J#a zA~s0T%dn`_Roa%n1--|z|H#MCI<@X}rw>b;tUIy|H;}lTLBW1o+HU+0_8`3Y01Do|pa8++ z-@t$VmVwFV&)kbv{c5TC*RPojb^Ty5$`{euzk53}4!nm#3owEM`2`A-uv`sw^>C<* zSgQ{|QW^I_p|-Egvw`@={o6N#WIt6NOV*>o^JJ!f+XO~D)v9Din-qak>=%eBQIAv& zs?o_~wiaA}+;UX>q$VM^7}SFMyLQ&!y0+hb61+E~RK|LC-NM!Q@A=!f8=*_5 z{#74A=u}K9raM-1K8qN`Q|*_0d2@me84aw5qToRCD5#-|`iL>~+KLV)b7~+fs)Cl8 z4Yh5O5^s<-`~y%x`3(EV8=l-k;yec-WNRSaU?K=9rL<}aLw+;_YNwul%1k`?pcBY1 z!0Orx6o~ek%A*12D`^`O*2|Ht@5(C)D4}rcYO@Cac`(AW{z;28g6x5fFi-??Q9Kx- zdtnXn;^6Pdj{MQ)r+!jl{%WB1-gE9lstlwuL7@K9r^%?E3@^p2SOjT^pZoy_CPAfA zQXfL);w#F;7UQub6Q^Tv%Pdnw%|aP9IKM#6rHvL8?s#qA}kf^#S(f3kVzxn+KfQpHmV%tuv!qQzEIZwPr|21H<@YOj8d zc>;zs)EQ9NFxWD5Me#y;fd*DS)HIqL{IsXJeq`x(kx!%oDos1NDPjvRD4Ffif|@CJ zibb)}Vhb*SeYe|D=#7>iLbf==5Q>hK&mV?i7-BHDj$3oKf7aP}3q|}C?+=s*S|^Tf zD~kx;88G>`-WTBh8n@gpt|Mq09ms{@<(#|axgiNN^QRo4WpRw=h!3thB7SG^SE_n! z9wHg5#x2+jo`{TjX5jK*1?&+CHW*=lAeNY7dz*fSfM=|-65*BxU_qsO;%M>VRy!n9v?#_E}h1a>7lB~aeA#ALUDVwLv z_Cjr6rhB&2UVNLQuq19+TjmAfqfi8Go;fSOccnIc3Gt)H4|J@j#e(`VbFArL0#Mg z61vfKPHAYPmYV=q8=)wye07T!0f(?SB5e>Vl#3U|G$pm_Q7v$u1Id*9VVaD{Fdr<- zoAVx{iuftUi7V^d4gtqP8>X*P&m#yFU6v7r(GVCn)SRI{n7XVTFo7dmAgFq0p%Esn zi2$VFkuHe03@)r(afFq-N|K*@nFNm?GfLtRxH!V_@m$bRo1M1Rt#8dIT}V4uxTB`mHsdWrnmt(ZHr1(5g=$o#I#sGx)v8y; zYF4$nRjzi`t6v3cSj9S4vX<4XXGLpT)jCaF6oC=z$rd%Cc_dNNm6ovjB@EZu{?@m4 zQm$F^>nVgcSb&XkrVZ7rr7)JQ#D=mSH3-K@4!g?7Ms}DtCFnL_P$#HxvT*s>$6#UL zg=rwuuHsp2w(N@8a-O!Tu4O4~k#x<*rc$r9l~q4wnhMVjgc~n`CvKG~+q%Y~kRYMK z`y_Oa!Oq|iM5|^$u(5>~Y@w1+5v?3x)}OY5FIvLQrEBNZ+fv%YNPkdSwEh~Ocd9nE z`fSEl@ajwO4ssHUp$9%uY2JMB1HEyb@8AFn;KHWTp!h(8I@+_{;Cdv#h+=PC?>pO4 z@+NW-D)1~t#uN)n?U^2fxqD~>5#&H9S+wz~Z;ly$iewV1>%^K7y%cO2wwk>drU z!Ojb2mLl4fqX?XR%!G?6EHK0)BFzYsq4*I8_w)xw{Do_j8H_DmtrE6W9_A=>lxOt@ z7)10VC6_~4J45F(%RG(d(^-i=`70@AVe)e0;S3&amSufDdYEM?9~26?T!roy+J{yUqA%&C+4AH2XSlZS) zR7oUnh-hNS;3zwz)Pp}+0a#gtw}W|{0uwr`lgF(Kv;9ReF3tFOM#P2lnfIh~r3kI? z`d~ky{Y2y3+O?g6_X3AQd}9)4pdv3WkeZK?&jF6w6XHc0H+s+IFrNxxXSc&AXh)H@ zk~zqy!V)W!1cXQ=9BqC+AEKM9f{PJW^n(6^p%Wn)4P#Nn2h$%!%!3#eiAq^s-Yt?S zByVQ(xx^;^azzN%#PTTo;geKHr9EotGPp&&@PUML4+s>BAU9$gF4?^IrBrmo>;&3D+vR!2e#7;b0~tlST1PE z56;@V`9m6$Vh@HHzN34Aq2v zJ`03Y%8V4*2OKauL0F6B3X|H%I66}amhcB$_>bZ+lCdxmEP)W-pawMIu-)sOve=Sx zxQt%>#c>+HTKL6AfyRQ6Mz8QiY&4Q9!;8C{4~HNQ<3JZ(+_xlIAqk1aS*%5=xQAPe zgW03Tf@qYh%dmZz0tGV%)@Tq;VMdt#a7GAom)V&CsVE1}3CL>%#_{`vINT85K@u0;@`$rJF43~fjeAtL}G|5`r5-`M; z3sDLhQ5ac!iim^}nQDj$_=$h3v}x@E@O?5jBBHemKb$NklF&G5Yuyg_Oo)5*DV& zj*E&*_V7P*EH}Ia1vD#*eB=_fNJ+aqjb#9z$HJBV(t;ovlK$%h4#7(HxCZy|2X^?0 zYq*Vjkb;U3O2R107~vp|ObGst1WY3AN9ssPXHgl?)Va`{Gw|4xd{l^J0}9;SN5pH! z%Q(xg^q*}D$+&FGlT=FLD7WKWi;=8{xy+9c^oWOyi;={Rtt^l#6PD~83f${2_{d9N z>rTMoNv1qXT9HkT2+dBq2N-yQ*#MG=5E3Mz$z(~*XXuB~Buc0GO$e*Vh`7k&Y)F3? z2EGJ^+1N{wWC}1@3|u5hcGQ%=R8AuS&%unfdzrI3=?Hy@hL@-}ep`l&o1WoVj!4qV zIvb>?$r?bDPYo=~angs(EC|jtMGR3)`Up$3WKUO2$F{Jxe;|k1 z8cAm70zf+vE70vXoX)*Hf803eb@nbFoSfkPEY-!a)kl5b=yH& z9_?V9z7<=y4Hv@A8@EMSNW;jF;Ea6*kxXS} zM-hnry*QkYLEN@2uuE|#HLBQGEi6%OTo^iua#on4Q#B+!WK$!jFqHL8 z+=gh##2|@;O)vGW)_xdYO~HmZ=t9ua-_DTUgP~q(p)s_PS9?9i-r0u@cA|ap+*8t; z6~-`WIp2AOVVMovydm2Jk)f88U*1Ru`^DeV)j*6hh-tl^38Dy972xzrSOU(QBUb+6 zTzy{HJz>9v*-`yp^sUy<8ltj67}33AEk=!+Q6U;WTP2lWzr0q2-2nk+;w{k4>>!PN zsUO3E0ZceVhD0;mJ>DWV-+k=|OH2(+l!|M>CsV8%Fg#qpZHo)eU_%B8{cT@<#idsq zlv+SDIi=Z{MKlG~TKYMXD&-O!kOf5@1)R89K<(sCT8dPj4_01N`MA|L#a2I|E%snQaWcCCfJ@9$d#4}FLqR! zJ*G^-=1evWpw5T>f-f4hr7Ks`q; z=vId4K{{!}9%!DLPb58#>G)gV@WzX*68b>RWoeds-C1F>?P~4qMX5&u z160be488De!~+=hP^cTYNi`vd?Oun!jg+QX5-yREo~&MXfG(DdiI!F)=$Kf3c!Eq& zBj&1S7Ax#QQSCY5tWxRc??For7tYqE6b~QEB*E_tk?Z;X6TmJ4cYC7;vV9-7Ponaketa>j) zJx35950MdJ6~hL05pRw{ZzafHnU;AOP$8l(Fru~DxCI);*nu=3S{0O;vnp<%8hE(h zt#XW%$9U z_Xu~NYN=K2_YzstcZr=Ji( z+zT!&cU<_gM7V|7DEgjoBn|SS;^5+z#(2Af+zEsgQga_P0+tk}B7kS%fB#&TO?s$r zSJ9#Ix##kXD0(<92&^X(FVkiTGG8oOLjKMN#YPf9zUllAvKhFmUcncS2d_!TVEedm zdl-QGDyE)Cy7?}Sbf2^MYE2=m!St*%7mTABW``NafgCFzdxD5nfm90-{#zI9mgkDS zX!w~1EILa$ddQ843$Cu~3TG$|C>>%Xr{{XZ4)=y%eC<*FwNig%x~27(rh5=V_s6Ko zl7FJAHIA--WV-15=l}lKsig&oe*y;*ENJi`!h{MJGHmGZA;gFW`zgyO@gl~I8aHz6 zh_TGLPhphExkt2M*a(4mYxgeR zyn6TY?d$h1;J|_h6E1A{Fyh3D7c*|`_%Y^G_O=+b1H!{nz0XSvYi5%T-<0=hukHN?-ZEkmonb#Z*lj@G)|Q3BPo zpKDL%&^EOtuzNEQO#_z z1tJ#RLj*QZm{Ws;7Y^i4IZv#KQ*-*+S&Bg0=-?#`zVQ=^ove^HkWG-*($YWV>;MmG z%Z!=MDVT6NLu&=C#6v%ytP!6K?L5JVY&hEIplqWW7a}=102^#eM-r9fK*!xC5pPyQy-rLZ3CS@{>^I8;Q1VR;EYRZWnOFjfWn__EUS}W(RACbj(5x96G-M- zZBDk?2_mgDHzWUQq|=|Ywhs>DkSGX-NS4hwHT*&cyX^eX{twv8?Sp8rw+g=X%H-mF zbJDVtDZ9W;fp^$btSHJYs{d2s(U`$kZR<}I*S+8 zp7-r@H;JSvn|M)58Wdhs>QkWh6)Y-&E0MvVV~;ev0vMxlVBA7fzhjk(c>CzluZjX4 zUj?pGIRnz+3X-^X4d-5t175*aClCa-NGcudRUamJK+@bVQJ*^D;&3FuQl(IZ8oS|h z^x-RkkRwDfs}*hJN068ui9$78;SHfkjS2oxJQPZwvdE{!EpoAoi0L4U(kI3IS#bwK zoWY;|#3U8c&uI6#2Mp4<1)?cSe*0(~RAd1bL+q@Lv4PSNLsG{mlBf*Rs6{Kbp@w@H z{%b^XbK|jURlrY#h)*;N0|(dWwqzBoSjXBV{PICFpE+)a2z=oL83h(EP$Gtq93(a1 zC`Y0Zgikqir5tTkAz12e9;e79bkb+4_Nk7E@S%__(?~Qr?Xi!LtYU$L=)Wv_v6|Mr zCN|w-zGa}Vhh+R_DBYJ3CALt8_-mGw(k4dWQDKG7Y{d?*Siq3XP(ehg#VCNZk0HpS zC61IJBx{Kr zUz?|%K5@IV6@(lwkl-g^kg>R#KpzuC>p9n!iNJ{|q4?2{+JH0=0Lf`UzBy7qV6juz z)L)k5SZM-ZiAZi4mL=sjKOLafQPbW{9lSjSq+%If2mMjC?b`~i+gmKJyY@ETE6 z!8F*)X0|Z>Sv0ng)8F1SACUzsQJk?dwZ0QqLHg+cUjr#nafAmx!Jat8LtEMEHoq41N*N75>3^KU>BQFdBy(AtyJxF_JfdBOKxgH9lvB3M?}9 z8);E%v(~~EBoDO8R{qt%G(a$Yx8Ma6qBv8o{l_{8@uwDpDqo)(8Vsf&GK&Ox$SdmM zaVS?Qn;sKBIo@$@``g@KL6fW>Q!;cWYESNxxy)uhGfW^9k)l}GCFCU8n`6R4iSPr1 zPtneG(X8h^^SRFqQ8PsDIOdV~!x*JmTAnvl=tDnmCv%R-_LjmAIfS)me!euOGtFl} zH>4;5N=cK8klrnYden|4Bt+IWgh211|7^69yy$#adMjLd{1L zTtoPfg>aOU6L%!K;fqn!K*%v%PFwsi>sfA|7mn(VUuU7Eut+_$FeH@R_N63O3@D*e z3n{no<(+X7OuO_aUWHPXXSl@9Y>u5;@mwI>S+S0n1CmP=q6noh#}*)VkC4S$PV4y7 zs!0S0pi3B@%~)k@)kQ5!#Ud=V6Z&23LA=_Kt6oun{!~atbQ+y+q3CGO3xq(lvM|U7 z7p zZN%;$jV^p$-0DGnFrzg0z*^it6~Jro9ceB{eOwHVoM7^xMEhVGOI?4k8 zd?QOw#PIY_=J1;xA_|$mBV)CA68D{P<+&c*r_4&VKT>`(|jfYv<_UJ*uy$)Ox(C0=bb zSM%M2($pbC)yc-!Z9yf-VEO6ES8Tzx zP@|{suq)$$TGz?{06s1QX zrBRlJQgTF7E@e}^!#qM|Sx99^SS3|*1y*jvR%Yc=0Hs$_g-~JyScaujjO9g?rCA1r zGI$rCurpUrNMZ_9a{5rC<(bVKPNvLPTO7CQmG; zLpUa5o&;n@W=u@xLRcncrUYgt#AasZMs%iUmIP=T#At>lVLGL0R^~#`$qEF(1)Q8e z(1HU1OEn}wYDPq95=3C`LlCT-oAtoi@#0YC=0FhVZ8Ah+^1~ABfb8G{8JIw91^^F4 zM{OSGLm1~j1g1ZT!y1wVKL95|(1QbX=SgBGc3LMwXeTX{K!y0j&Cmi01VOA+r*#^F zN9uzm6oh$>6L1!e1-t+b*b}2TN(zVvKET16P{MeMXHE2{H#|WIV1P(`XYJer3k-nY z45-C0qkWQKe(L6F{-UQz1SUTyfp5kp5^O^Rlm>m?rXd7C2ppY0gg^io0*Im}djO|B z7=Tvb1CQAQ1(XIoP(YB3K}+-lDlF)Dk_d2mhmaCLkbvhvFz7!FX=&7h3!L3CzG#dZ z9gW&(afYaflEiKbfR@SzEg(T`&Ss0I=8VFqKD=p{hAEDU25{a(1pLBK#isG}gCu0a zJurZSFesH$sLTMTp-$;|qUg`0=`zY`oYLr=3dDYnsc4Rqi5di>@gFkpf77PFpBwRldba0#l8QYjfDzaxdcG-~l4i1kO0V{VFtBH%`j2r4s;|~6lLEs%On~C? z>e(?UqoV2iC?mB_DxH2NvXZGnC?|9N1{sv0qsqoM1c0xO&SpL=ES8=rGR~;LQtGwN>s+p;EVQNt z+|Ird1tuI{P>^(u+L zfdyoOhO!AX#%X$%?@ru+@(_%uHh;K;(n&$F0MeRCFCju zT1tfEPVPZeZbV$}WVGvlCD8$F6?ryM9A*v z(r!f9?&9h$?ZAfP1Mna@XV(#*~BuOBz@%}?SG9>n9 zul8;)_jd0+3ZzS1ulJ5G`IfKwo-aUxZ%T+S`nIq8zAyZeZ}rYE{noGj-Y@>oX5$o3}43xXT#1W^k6EDU-sKD_FL^lXA3_S$L$qWsnl!Kh2Z$?BDBSaWq zL_cW4?M3kv3#S-cu@SQ|5`S?+&_jMf#27!Z9TNr`BSaM+1PrgH42#AVSCoUejT;kj zA+NDXl<^r$@j<9@8yj*A!||V?!$s8b9bfWa^jn;4tZauT)1+=Bz!wr`)OQ@j%Up5eqj6j{v%d4LE=08@nk8a=!~tiaMY&mb`Q(q&7uUC;JgSaeTYaeV|eA^mk< z+feQtVny#rJwQxTFG@71fjC8V`_O^sTlj0mmTz?j&ZP~2vouk>GIDGH8X|OOK2g3{3H&mpCC|}EI z^uqv1K)1iEU_zddh>;x{HozK*3GxaB0R-6 zn>mj!dR%O9348DlYsm;ddIxLyS~xPJXSz>fx~6yfNpiZUhq|bbI;oessh>Kkr@E@I zI;*$3tG_y|$GWV~I<42bt=~GX=en-%IiRouRFW9ySu+T zyvMt|&pW->yS?8#zK<{8#wow|yTAWCzz4j*4?Mvayulwl!Y91KFFeCHyu&{{#7Dfu zPdvp}yv1KU#%H|7Z#>6$yvKh$$cMbhk37kjyvd(D%BMWY@4L#kyvx5l%*VXU&pgf7 zyv^S{&gZ<&?>x`18=+|NDT*S+1}J>EzC z+vh#s_r2f$J>Unv;17P>@4d%kBtyPKz$3o)Dn7t7KKDBQzh9(OR=(w5KIUh>=5Idd zSH467Jmq)3=#M_>mwxAe{^Xm!>aV`$qdwukKJ3T7?DxIlcYH>k{6hx(?W=t51N`p0 zeDD9e_VnvG=F=o`b{*hxxj~_vX6giS)Ns}j0rc^obUrU!SrL7zo zQ)WS$25;8Hi7=C{w3Tp+=QDm1H0#jZj4g-3#M@?g3zuF3 z@tL8Aj zeW?$J;g%!bKyx^JdutsP??SULzHdVN&pT%f!e^HR&x=nW zb|~Bqzk}il=ey9v`)-_ec-e)$4D~tZKxq;*u)AsEVdocu*m-QJzi`Y^#~pd>(Z?U{ z3e2UlN+MD;9ttu|AbDV+B09++gVG_*2I>cpXD-wt6Mf7<61CF?QqmwXt;F)SpKyb6 zo?Dz06EZD;5opcRxFI6GW_F0@Ieb9DtjvV8V~9RM%~Q{}`xHD#zzN$LbRa~H+OQx* zYt#qBf*2gAo&IVxuhRZv@iVW0C$%R@r5l{Y%J}j2tQ2E|UZ^IzWJVE=uU8JhRFxjmu#iYQHRZ zOfdiS);5B)<&roz1zN_*=*oBopL(lIC6ma|0VRy$(nXV1LJ7X`mv|tBl%RHg=~X^k zK^-{KN#pBv)q(H{Rv-oiv@q1rz!|o@3rh_uSVR@RSVM_b9kt+>1=^HWeH^|uL3~gx zw%MI|?%C&`fet#MXTKV3A#*H4OfhTMWTf48GgDWefbRtcY0{QPjj=7PC3CjJu$xJ0 zZP#pb>(lD7!8dO5G>15XuHgZnJPM)0yy|FMcjBPf5w@d+ll<=Th zRs6!o9Bgl%`~Et{nN}IkJGH*ZUA_=P%p)ebah*3VHAKJ7OI+2G!`Vd|bTqY*ozB}5 z+V`OA-(1CB(_e0WI zP<1jg{+#0q!VdOyCp-|-U+wsZ9$h6Ug91VawVZgTJUwR~xX65sf<8c^ED{12|mk&nc4> zl0FQHBN){uR<*7*XjvVLSFJacuR0~HQz`3T?rK-I?v<~7^(&Cv zs*(mAv+4v5NicV<8(^$zCO}DH$yA3Y$oQ()F2h>Fiz_>)FYUmb9fc ztw<^x7R1hzvp$4MUDxtiy@d8DXFct0ahu!QruHP&TuD60GBck5mnXtS3UU4wW!&20 zN4c|Q?p187Tj@@hx@+aFNfu=y?QWO5-SzHw!P}j7rpIuZ+F$p zA#|LBzV)^5ees)L{qC2)=Rk*Y<1yd<4w%3NHZXtxi;w^xn86LkZ-T2EVF^#zs@J9P zg)y9A4R4skPqA=^K^$TckC?GnsF^k<0d&&ULo)onahjjm#O(efIO80scK*J!gc^fj0D^ z5uIqPqR_I6cJ!km9cgk78Y6|4^rbPKX-)Hp(igGxra>KQQIA?GowmrQNu6p{ubR~z zF?B^y-D+9Sn%1?}$Ezt4YumxjguE`HuSp1OLJE73#1^En1Bq;)DZ59^RtT;qqHCc! zJ9pH^owaX=Z4hdkcii5cw{-{ZWQlt(NiV~7LT!g{7evXhL@(T7@u))N9pY$i zLJ&6ak9$Po-F2g)JT4L7^70{C)Gon0qHuqcB;W-JM=}gy{s>Yqa2Iw=W5OM>@RNl6 z<*DmAjehPEZQtAwhk!W9!Lu<#V1h*;X$O2qo{^HL*K{f8xYr-@4sF<|Ek{>X(owQ? z6Fv1ac1|k|{?*zYL5O5$g{4N9y5Am2n`+}lSW+onf&>f5|9w-lc zz{DMp;RWob2Val_X@=eqf(L`5N#bGkmXLmg>mAJF{%FRx1|lBLLAX}W@!r83o&Y(R zP#|KjhQJW}3PK7U0tf>KVuZ!lDsYSfCk$E8AYc$nhJ^-Ct|E941+VWRRxkx!P&8g( z3gUwu;vfv#0rQ3+J{<5M`XLg`faNUj0>S=-5Yv#~jH^DzFjveFIRJ1H!>{@hk0_!6 z1|;eoj^PH(>G+vd{+^g4~P|87n3m9|9PqvG)i<2sxw}Inf~E!5mYt9R;EY!@*@} zF}VoB6Dh*@;-MQfFCIqlAxd!bu)+CUF&^51^9Wd`86T}Q(z%pi_ z?}Skw>f!f@@C9CDfDUgJ7b5R?4+WfW21Wt%XkbRl!7~2t24>_P0aib1-54(MsfOJ0F&6EC=rqy0FM!1()qwr6QeL4g8~<7ph4mw4OVgsWHKJE z(q5jR3!Weh+#wX0&lGaw?{MH7N{=Z24hGhb_ih0529hB9a3C`B_ymy?;~^#ovLK&Q zA&Y|{^}#72QXnLfBEzO1ZlNygF*@P^2CA|+DiJp#feCE0|26_2IkP!D6Cy#AOJ<-U z9}*#><1Yi#JjOEo%JO_*v+!nfD5#Acj57MKqc$PpI* zE+u0GEvF$P|BedU^6$cu{)l3*J>RnUv6!4%`*26$lxE0QuV z@)+|326rJ4CNVc?6goMP_htYSyx}zwAu8=g|AxR9`m_ek;R(J#8j|4*3G@YSz(lrl z=N7Pg%0U3@;S5OrAsmhY^=9w}NZ}k{;Rbx+9Gam3{f|nAAicz)PaicI;$R4P!4b+Pzf~-YOpW;b5EUt8-}14!T}U;03G@iR@vc_n1lv0 zl`z9}5M}@oX!RoP^GyfA2{pp_tQ1SNluNx7OvN-f$<$2IR8845YPqjd_<;TW7X4yXVLU!Yg5^;m_A8)9&4 zvDFQ=RW6A#2k?_P>B#|u~Z8%qe-b0Oo);Q!l7j$b{rgWP$#xTgLPbjmjI|QV6;|CL zR7bT`e*tFSE;AdKAPzNA7Zo{f6>cx-Z}IjQI`vb7ln9AdQ8m)<(m)zO&=d|fOW`su zsgxuo@7DCKw>VKcdvz=EH9i{l7b?|E?yoRXuO5oPB5P<2(V;^R6A% zD*jLUQZ$Od6f##0QLlaNlVEl7o=l-bx+8AuH%1h9N&E#JsTA_c(h9NjU#`~|g?PdXPDP8*h?DieTr;CM$kA@UA-M+StacS&{^IITB0eNlS_f_uXTPK7J) zN*DE>Gdez&3bFxYb(Z#?7g2{e8j84)j#zsWxPeJ;amDh2Cp8k)V2XdCiY+kzOcgT1 z_8p0U_m+@`OD}WVFA~w1em1y+$Kn1!7!A2ZgyHiU3OPO~c#9{Z_5d#g@whlz{&;bN zHGB=3l4-y|uW^O*w{>_SZuQnR+ZYz8xcc-rlMvNgG#Sr_5rkN5 z2?CN8ka>k9-KI2|<3S>4pcM3kFtaux$C!%uPZ7MfoDUPYQ#=C+^}7ou-K zq6^qxF!(gedXrU~wN2rlElO5gsT~X(@M>U|QI!?qfHk=q@D!mLn6im?x%5mF9aLHZ zf8i`A@-fNLq5*FQ@LFW+Q#BD<3l5rAW_zOhS0Q!VS|nKVvibh40Ti9@(X(UW1tdyJ zKhC0cLU9s2a5+Bu0owZ8cBmgjkge|jG)llxxaPL=L_{{^6Nn|-fwscY4J6?*XO zccb~FE^$Hf61sn-Qx5D43cJ}xleMFFw^H|;zR=;pF@~g7u`n*-k_5U2oWZ_Cv85}j z`XE?7ZlR_XnJ#0Tzke7Z?$Q-hbp?XH z&BVT~wt7ii#>;q~4{#uUMJEr{C>iP<*ntV=MIf>`e={1$HyX?7=f1fdarwJM)0hKm z++Iwu%+LD3LoyJSmuA?R2*km@esi%+bR61mm-~J)TDcclYyvOOQYw?-KWxPhM zTr7`Rw3i#j)o_!G{CzLnHxhc3$=vx;^3*YMl@t871$qZO*U;_Dx5@cXH?Pb2yVP5O zmroqVH=SmX;iW5Z!#f<$+d7%&(vUq_)CC&D_c%|cxsFY*E@SzK;sA~19M|O=gwL5D zo7W`%u^kQ}G#(op(0SI;0Tzg08rnfxpCKc`;BZJGM&e)!cx6-jjs|++9KJyoUZ4i) z`9d(yz~k7TcUQq@oiD)>9om5s>QevY03FV9;uo3-h|x8{;2dra^Aus3AKN}PzI2JR z9ah1ItDJ;8p1%zkH0j;m9lqk(!4kYxanYfD{*_YlRt$^j5F%WcV5I_#EohFbAPa+fogn{003T;03-0 z-{Bkj;~Vas9YjIp-;fi{9o^qo-50#w-#y-gGv-4j?(==$a~d+1cE6L53i?_;{O-@? zLmjcZaqoUK^M2i3iSOZE-T@!(^+dVTSm=p=(WLn8fwoAsZCI(UG3A8DZ&t-Wz~^`iPwAfqz);9p%$Q7XmRMb~?2CQ@Jyj;w|11 ze3jI#UgEbD4If+8O_21P**CU-;bndPpjn@0T;J&rV)1JH7dHRiGcpYz9v4VdE6)-+ zdR|t5-yLRQfO_xiO+GXLqTQ--__UbPhcKbSg$x@iMCVW;zBpjcSwvUvg&cJ32Gy9B zaU(lR&Z6NMr*B=6gVBhbb2li=J6tnL#rqa#N4%COCo*bxXj;mZ5hFq@s&Aqiee!7j z`Uf?tRB1@7T1`k5snU)wx=umYtm}&z2Q!MD@l0Pgu^Lfgdvdmw!f0$?d=aWIT8*>_ zGlsbeIPk-&O6A3j*AEw!cr$foggf@2J6vaNmZQPfETe=I+18Ag67mZeWxM_aC6)+Y z!AOr5?aWq<7|UAht^zm-IY`z zIiLf}N70bQ+IJ3ZC7f4aomJXdY30_{Zu-0x*Fy3f!&Vvu#i3kMpcuzmiViv05QJiV zWnE zJ3GRl$U8Bxf3$Y`1YnBL0vxOmnDMi5`~NVvWV~p;%7}W~W4r7Dxm-7`El5XRXvH)=6uQ zRf;@izL3H+Q$C|*YQW(~q)~(=nc6v&nW@j8FZ>p1SES9@)gp(r6X6RrEXh++aWKM_ zS1571t8(~&QiD|9{*zU%SA`o_1*`5m=RD^QIMRIQjx^%P`);rn zS=6sP^D5-dwc_U5X+q|rR4_vB9Q81JZ-yg{!TN-=OE1^*i%>l6z8jCg7cEq;Gw2NL zvAg=DD^9-$Bb0E*BL558!wwr<@4X6z!;8xBPQ&qX11IE8&o28r@RP3

v-d;9!z(13S5G{OIVcep}{D{i+{=|T=~-E1dR z_SpkB-EiJIBeXO+sH+<_=$cnvw9oE{vs}w)cV2Gl1h>6=(-%w4@77%t4UWmDWA3}q zH79>^&DWytn%GBI74yoz3;g`*4(qFuTo*H4{o27M|6J*m>kHcMoWo4@%;y}1vBo>E zU2^m*f1J9Ar}K52tmbV4>0YCpamCq!3=6}FfXg% z20vK-BoK-agcBU02@!U}6hg3s5cHr5#l=F_)T0REdtm`>D8d*jM1fIppap%1!ywj4 zaqKvR#f11i9U?J>N{mPmkGRB_H8F}doFWxfXvHg@FpJ`Pq80(e#iEQvNMBr085uZ5 z9zq3(5M<*S-w4Mz%5jc#tfL+8h{rtYagTiLqaTZ+MsR)5jejhpArFbjL@IKTjBKPM z9|_4u29l8Pqhus6iOEcAa+93wq$fWK%1{bsl7kebDNl*YRH|~7tZbz#SxL$bTJn{& ztfeh)iOXE-a+kS`r3Poo%U}v~n8YlmF^`GN4Ei#Iz)Yqyp9#%qN^_dj#N;wB*v$TF zYIB?1?4~!r2~NdLQX1qer#a7w&UC7Co$PFT{p`?598f z3DAHFbf5$+s6h{k(1a>U5_(?Ws>?s?nJS^`}HFs!@-M)TAnP zsZ4FEQ=baes7iIJRIRF0hZ<9?T6L>j?W$M53f8cSb*yA9t69&A)|zVdrE5*ATi*)T zxXN{|bgiph?~2#F^02KfjfY9I$o@)pvXrf? zWiN}_%xZSCob9YigvW5Ev;!!i`vwxcD1Z+t!rNk+t|u>wzRFSZEuU)-0JqV z6`iSH6ARqn3U|1~Ev|8oi`=F1m8Hu~u5+IY-RMepy40<%SevU->{@rb-0iM+zYE^* za#y=3C9inTi{A9AcfIUwFI3HIQuw-ezVxlHeea83`^uN3`^~R^{|n#%3wXeJ)viCh zaft*gc)b!W6Esg)h8Q?D}IJn7Cd-`k{?dKp4X$F0qMEjN%k?6ubS< z1vM_p4^gP2xAX0XI3B#weoOS{> zkWTa(UhU^kgZagn)^xLT{nYxL*~i|pGoYy94_a72J*eg=KYjq^Y%d_vWuA1Ze?^0C z`*g}LsPdKL{EscWS&gz5v$rHYZ8fub-WG*(ROVb~TqAk@;4|e%l2)*78KlDz>i%f9 zJ^fRCJ30mSRv?RA4C5!$IFR&cz%%~g4{~TA9gP?O#N`cRA)uNb6ySHfMet&NxZzX` z52?RXeFr0C*&nXRGC!=)ikSLC7$$fyJ3j7@TC{>6Xc$MlPrVPA|3l_M?*}BP!HrVn z!ynK{z(4Lm0c>w00r@BgqRGK!raOHf!q)W?HqeKDOd{rE@O08!QI8cU02uv{1QNCm z4oY9$><>n}I{2aTf3W=UO@BHtcDk_JrgFXL{ouqJ6gc$1|AQO{cz8&^4P|;`27x@)5A|1Vj*x$-wq^bIe*rjv>X3y8n1Bn|fHW9^6L^1|V1WmKff~qx9teUW zXbmKoWnKssDJXu)NK&2nbqp|L0`(Oab;An+NYUe0t z6M${yaF7Z4V2VbDOn7AwH^nd`A!2&xlV=!rx&|m^( z7?1$@Zz}1LP!W|$b$&gGYCma@LP?ZH`431LkV?svO9*dYr;|@vaYfY+n~-NZrjAh7 zmenwPzejfcfC@KI2sMChw7`%nV3hsf2dH)rBS#0GW_WuD47itcdI)YcnQDy?ces!N zp@11aMUSU=kNF6a`{;=N=#&CEn5m|V28oagNe2wcfDQ?ft{{;VDGU~gks8U7iU*QY zsf@MhQGscQ&=6Y#&8S5x)~a_dKJ8KqF~ahR1ODwYs>qInr-VY#Bv zmZ3|v4<_k+$%X#i$qC%Qmh00O=&YHmgIX2@YVc>dI;B;JWB#xV6yS8s_=6y~4Gqw6`%tY;b$3% zZzzk-cmA%_y01zlgSW~s>-UY_^LA7um(u0=6S2wiilCctGfBCQ^%*m3TMP>tjMaY)$p%| zDzysqkPnGt#ld8vj6L3a-rka)q0v_{IPQ2KL0CqVz;4qGP< zDb z{<(4{xw=gmd2vXUW9Yhn2D{za3A0$aJXNmxLKRDjeB#C%aoBzxqel-{&2ZdOTiOq1onrujT^2WDS}C8v+*gB zOu%e@wWi98x=z{tX&$6Wz|kW6Zr{Kt~K#!JNy za9{x^kj2u5Xw`58gQx*cm&hRy0z#~8qag>sHUMi`rRQt5={v=ecE`iU0wFM&KXt=7 z+-*BNX58Sz{IScre0>UN#7OMMO-yU70>zvl#f+PuRvd7Vp~YP6#b8XqQ#*9dNVJWL zz=n7Y6#xT;5S)?^jg>Be}jo68;*o)2BjqTWv4cU=RTR*K*cg@$AjoF#K)^*+2 zn(f)24cb=C*-IVTrES`$ZPKGn*{IFht?k+>rrHht+OtjDwf=o!u`SWIt=qfJ+xTVF zNS)L#Iu*T5+{JC&;f2#3Runx=+Q;qO&kfzh<F3wq~L{Z`>*tEFgs60&r6tNc)f^Gl0-8g=|a) zXwL?6Cw62Zm?I+vsx8~*^ z($uMBrg)~QxPLmEU;rq9U=k1DP!D--aK%af();kw8K7?au~LenK1PB_Vp z@LKlpk{IzLNbwqI0T-X~8~=PBukMM(jQ8Nq(71rYs_oW@joQeK-UyE3NRAC)j%C|z z>d21suIB09<|5tS+i98js1D$XxBdR8jZ5ASpJ1&E*^vBz1zG!XAosp$MhA$v4;xAG zSGj{qxpfBGy#3$_-`-LpNs@#(W1O3kE7_8W=9M?i7u}2@;sK5*_U+ z5b4q9PoP1C4kcQ2-vVkt6#|2%GNrnp_Ei1@2lXkv1pPj#8Azwd3lCKC@xxNnqCsdm zS+4Q8FNeBnNIr)ACp90mjQ;+tC9pZrQ-Y#_1rH`%*zjS*i4`wq+}QDB$dM&8zNbN* zKWK9Q#r4S2B}|z=tg5W0mQ$vFegyWjlhBXIeKOS1BRN^{QiIkGbR;S*a6es11M^!2 zwYT7-!hJ67$H~M~p#Frp{CO3D9nJp0C1u?QYfyelS`Az{@Z@H>{6xQWknXj|@8*`g z7$OU>ZJ_%U2-KUvU#;|plIe)fMsh>uu>t_yu;G;mfkCdnozsL@v zZXikI`Y*tx=n+7qgOKQF!Jp{4Fh!4G^k~45jH8V=4jc1uxeyHku(O3sM3EL1S@g+8 zYGjl#!ws3t@v(g@{`<*8g$kKKIDUHRh&K0n@<}fewgk+dYvg(gH}z(_k2zE-fZ>uh zynGU|>k>Y|7Whi(^I?Y5)s=)^2+_&FO3)}IdEX4XK z-(~j+6He)2``QI(hjP6TmZ%&eFl2Sop}6l2i(OF&W#6qRQ9Nx7B;-+N)Y?l z=Gy*#P_~otpxdS+snG5!{t*W5bT<&*`R*eYnUL`0gr1KW zPaVkX&+`7!yyuBSdjFu_2+ep#G^SCFi2;cbKD0Qkp{fc=p$%Lhmyoe_hh7Vd2j9j> zJ?mjFGPtqFmHIKd&j|}W#X;m?@BxZ*Nr4(&YY^-V!i^BTfCvv+;y^fo1b=uV4*oBg zK`A=2kNMERBIGcDak}=l;*Dk{Z7KpG{8Nr6yg-#Nc|azFQG$7Jf(QG0AY=NWigTqw z9Y3ne1Mc>MR`{bFSqQ-i)UYD%a3TQbdch7fg3A|7VI0y4K(1aO8+$mDo5ds?tJHZe zMlh3H{D343uE`>Dno~Ak9OV#_lFnx$3X(H0#TniC%y>EtP4&Fz!h})IbM3Pp{ru-U zp$X7+nvoxHu)qllN~Q9cZj#8<jchm8)#!vVg)UEvBymwY+66cWI9ZP-7bg{z!)~*Z5Vi zhE=SAlMVxl1;_nn zGuFn~Fh;?+B4Qo;Sja|JvgDd;BZEbs7+*YczN&($)L@`>Q>^8TgUbDiycXFPvc&IrzPpZ)x2KnI$~$}QKYeOcr&`sZ4vat6fr;r_SJv3o z?wMD8Yh34A*Ca-7XnhM@k7&BS{Se1{!&VUE65H56Ibr^Bm3qw-3#R?F~A>i;x$}r;0H2UKm=ET6W;?#x4GN> zf_I~lA4#C=C@r9d34W0-$JEunFR})7ms>a!eSyD^8t{P(w0?vec)?$A@PyZ6;r4d; z`68}vk5Js=?&iSB zal@2>{l`6C6taADy(2V~3EE#mml5(~2^&br6aM)z1^@!69xLEUKSHDt+F?`gUzZ6@ zATqSGr~P@ZXdpWSCwRi=uI-5TQ7abT_{V!u@?PirOge~pzpD@!ng4rZM=1J_kX~>! zpKa9*GDNIv9qd1uJl}tQ{KB9$d-ww!ZuD}1dDt4X*CtA~rH(A6DP#{kVb9s7^$UM+ zBUcV@3jr>}jdSe)D(SNT3~V_NRJ7lg{ji0us1Q>YykMr!i$?p~swR(!i+!k?0C+ju zP#8mzna-e)*jPVWd5M8J5(mf!VMv%cst)sGHVVn9Utqo%A(D$x2Ym2_h1iFo$&Uyu zKXnM1&KMaD%!GY7nE*6_5yFQKR2CSC{uvP@L6kVb>PW$tFh3UTiU*pICNV;df`b>h zfF{YoQM!NtF^BxyzkiTI{R@eD$Uh7i4^+~nxl$@G>;rb0hh;dI4Vb`cK!J&nlB63O zW^;t?gN+_tzsFOEj z3a79n*`bPJ!HkTkjLX;t9?-?)@eeNA3wwx_<#D~a00!f$qe3Yay#T@-*#`qa23?U7 z{`raak){?f1TFBo4EjJ7iIC3z5XX4Q2y7%DGeWv#tPAfc5d^>mT~WV>>l+hL5)fpc zE2$&+7(TF3$G*5mcZ5e4kjHOCi+a4rC8;}f^oaJky-iq+XiG+aNClT53u-{d9kM)- z_=N}Lhi6EQ)o2Zn927Csq8Xu!($EOJ`x{y8A6it0t^0{vq@8li2VQKDUmQkZ%nM>P z#;U-`kXXh<48ZKbiDh#{7rRNnS)7)5iI`v)xG)XWPz{ny4cL$k+EA^`0W94(N^5Jn zpLoTfh_9Ah7Cec`7~zwkKoZQj7Jk4Qcfks)gp~1lhMHLuN2nIz1HehNJFuJ#{ooJf zktZkdhXOf}1i_{+aghF%AV(y$5DcLagYrPf6A@-AkrOGJBEb;0M96z|5`7$rqYN6P ztIX0{79r70#XOQ1@yu|O%o))TGm;#o=#jT{6=+xkt_c#n?7;hL3n^ih;6ws(invUGy1Yvu(aW|N%Dyxpq-3*C36)Vn&UtDa zSz49I8O}a{6Hhn4EDKpqWhSa2boy z!Hn6McexpZNdD2CX~CZ9ml#ADQyiR@d6^K5(YvJ4kGWAIY>O4mABeFZ6FedpJ*5H= z(A{JRynG%}vVc~Q9N}~o;xtL)n?!m6wp(#Sm;6t&p+jjI(CDzy15MBc#m?(=PzY7O z-K5Y?!XgYEPd7W9#6eFSf=c%611&`esd{GH><>;g&QQ^zpqvV3G)5v3yBHCp)FPuagADD_3+|yH5o$=sGavL( zpJK_z_t6MU{hshqqX^QU*r6ci_#cD7plcyf<>(6!5}_P)pmf9^2`W~Xw4h`ipk@74 zXO$8W{`#O`J)?dop@ArfY8?o7d55te)!Ad$cVNh8$s>`JS24W6I@$;4c^mlYRltGN z)RENIF`}rjRA%)FO{JSo<;k54#!&SKR~XfrC{?I9RgFm1Ch{0oot{_KQxj{WH`0th zwO6-7A$r{-gXkl!(bz!xE0HLqNpe(XYsF#N&#@#7o8zgT@Ts5(zo3eThtj9>%avVX zKdOSisj?+}7$r?A#QpP!{)2)4V?R$sf_-=Zb7}>w(kiaxuun_8v-!KibIrfI6C zhVrCsO22Q)C2`89h*Af!g(eoQT7;6Pg}SS=b=z}d9*SzFfXX;hDyV4{REtWeGNmW} zyj4uSm8iarTdcJx&-*-%@+i9HCbqx_CA_JQutF-7sgOWFQsTn-kgLxa-MJzYwsL@Z z5Qe+)rfN8XHPp(#xmikL%$>y~P4ZcY+FLu+B`S))qLnJDO4@VTH_iWBJ0EqM770p{OK zg~tD_V8LNjsFUBq0mb4yBE@prbD4qh2)c8@0ok=+MFZi`_0K5*T^L}5OFI6S7bY(b zURnp<*=Pvi5ms6gMqwYm;HSg3--6j6E@C4-VkCwP^l~-nlC@dOuKP@4DV|~~uHu?) zHT4=bv?(FwJb}>8-ijD1KK^|m6p0FA#Gek~gMP6h^Ze&M(WJr!=NuFd%u4GHTWK7OvP5v@6 zmW)6yWKa%eQP!_NhObdRWmHb(@+xJgQ)O3vWmqmQRt~OMu4P-k<<6SrV8dlz?qy#N zD_#DFVE$!dE@oqn;-L^VEpD&T9Oh$wW@sknC4RM7b7JbEHDr!vZT{Y7Zoaf2uD&5& zV+?yX!e};UD>i6LHgx`ti0o!}<}?h}PYre?o4UD12)E}1EmU}c9`%P~NG35A3f@Z} ze$I~{pay7|UQ6M*b^Aq^Gl+Qex`(T`hRe5H+Bb$ah=)F-j^n3~lW6`CIgwzvdovD` z>$iy;rIiD?3aKel%Fw^*=$Hd(l@aNIAUTtUIFwE~m0p;K{x^(UqkDLPe9ezh65+$J zA#$*Q8Xy|C%hH4XDx3SZd(OFlhQET2j(`5z!x-p&HpP87=!AY}!vERgFPUJiEw3VrB^=vgDGv%0*_ zy1hmYHuUR#RcNB%y}|a0!ai)Wt}W$LYYzk)=hKbo6K7ULZn3QE{(QqY>^?N5mfj_T zEW8>bN)zVeho|g;LU@4)V1+nX0q&U!4CM@bWd*CDf!4^>1Aqt7;5|%1z_3(6;DNz? z>W2rU(S4-A6U9KHc})AU!Sc?*d>O$K^g)*b!aQ95L7sWR9i71%yum2}K^;W#9y}rr z4?-8m(HH#jz*E8tFok8<01H@yK;1fPP!UI{LpOVj$k@1jeq{qFDo4)6gl@bz?a+Q(+H6F_0gp#x)PLW1xWC3e5#cTv0 zZuCY1O%Vu@5OOp~aB0ZF4a*g3#~^vfc!Y|A)J1##wBPm#&CrCP^8QC?X9#JJ(0Tk4 zytwvr#1LjLoNx@eCvUyn3m&ZQ9be4a^D z$Dvf;iFSRSUvhOIfOX4|bt|BCm9X_&O%n+pbk|Z!&0xyUcuFlw$>x~KkaUf!oQ>MJ zbQI}IO^07Y>2z9-MNpr`vxFVt#+Fl0E2(;uIB689TETi$o7Yv;+M#z~F!a#S^-T%P z-0%;=q!Gh35Cl;W24T!&U%(APlCYFb7UdDkB#|J=Ok+0^$TauZ6bNmfz!56V9vKnT z6ni3B&9Zk*0pa?ypUvxT_qURi`pAlq0>u6?AC-L=f!P2QrwW;afVh9ZYQPcrJ8@2% zSIfP|p`C}5*;|jF#|Y_Qi=p33qeps-7j%tpt@4zjN&M50zoS8Y&wrVfT6y40sZW$^ zdG?0+UH%O+b*h0oQvp>QtHz@Ko z5M2WzEtrFG{*So8B6X=GUHkn8QW%{X8MT=awb6@saV0ew9&L7tc~O~3q4Q4wB31t( zWQiR8nI+v|71w)!_~(ySpMM4gLPOHe5wL&s68u{T%wIxiJRB<6;y_(QhX45aVAX+| zM1DUw9!#lnCCipBU%Kq)reI2mAO4dRaUgHjrJk3530sqL-$t7zQ5xh2MBUMU)sTEV zX%gNKYEA{fF_G^dQFRne2!nd`Da^8F&!SDMb}iesZr{RYyq z9&Or{?7%+zG;l0TuYu1?&mP__Tk;Ccm(pPN(`6MVzg0+CUM@>-!ZU&7G^F$B@WIBF z_F98e*R`LYR{!pGVERj-u!~K}9vxVu#MY<%I6>{obprvbW1;HH=TBV3asS-Ki_9CU zKWjYfT{Kv(MW%!ICRpt!sn0f{5mDtpdY+oUZN&X8qp(>#dF^)#a}|Ude1Uh6ME!J9 zkUyxb(Vjv0>30x6Jv2lQ{$l@(SKfoPh-HOs{>260J^~UL-d_kR$e@D)<+tC26<(NO zN-}~dS3jE+)Xy{kdKZx$efSgGKlQi(j7^Z)bPonXRG5H2!f0jFlL1^*(n&SeHCk!@ zoR(TctF@-mYaGQkTWz=H#?Nj~`gSF7CkaPfU&kfa+CI!VcM@6AO;_D@*eTX~Jr4|E>kF;;Q%)8koS;TOkfg^+0P^l2 zT{%y@FvU1iT41XT>bx7Ttsf>@R$=?VD=#DM8t4%}wZfn;zq|#I@CyqM8OIAlSkP(4n(&~ZMH zJz2s$=8padv0YL^lR&AUvAUm2udWI?U9^3vl0VV7uDkHV6JNaX$Kxd@^2=l9NAJA? z&%E^0Q(wLH*Ow)0OPSf;67DW(kG*RwP%-;KeTtvH`s=gbct4+H@O=Bi+e5zj4^lV3 z{`>RazyIN{gnOr~yfeKt80~_eT2SPA{5_I4Jd$kTk#6uq%+#m=0p^Z|& zq=FM1Aqh)p!V{t}g(_Sj3mqrI^Le8&GV}>4?x&I$wlIe}+#wHp=))fZF^FcvVO@wQ z#3LdxiAr1|6PxHn@fmS0QG6m5t7ye5Vlj(abmA1_(#0);F^pmyBN@wRM&f<(EonR> z8~)qq#y7$-j%-|GTL2};JK`~qdfX!)cPI^I05Xt*93&wNX~;t&GLed0BqJN?$VWml zl9HSxB`aykOJXvUn%pEOJL$W-z9I~7xEo*7Z zTjDa8y4)o%d+Ezx0yCJx940Y~Y0P6HGnvX*IW$DmqLbRhI9Vtmm{%X>b zqBNx{U1>N!D$S6xG^R40DNSo?)0^Tnr`>d^EzeO5Cj20%LLI6Iz~GEs!c?b9T`E(X z>eQz~HLCyQX)Un1mp5918 z7{mcu(MDGs#}x-QdQb{+R2R0z6~}b9JKXtVCjAEKHc)}u`l1aj9;P%r zQC@Qb8CdttUrQpJR>j_~7awt~F1<|4Xj}lV;y8u|cEN@LT)D=`{6-!YOx|x;A+_ER z!h54}fLey*4KvooWu@#(PmrLRs35^nwK3mMD8d_1D6Ti$i;eyd6!#lfU~V|>Knhi? zRvf7KGdCtsTw6F`%~Lq)EjlY{O1pQ!D|kQ{=xpaJLmC?%U~!-at>HVA;uxzIN2{H& z=RPyQ*pn7VrArYGNodv^K}an-y)o-r*BQR#m1VAX?QB8IlF;Jlbg+kA>|?7p*{^1{ zd)M7;f(o0}owWs{>6>Ud({j;`F0P+_X^YOX6U}O7vzy^eV}Kvi*4nOho|(;O_5PWb zy$*Mwr@Tu>sR6~>IiVQ6Aj`O4w+c#BbCfESv1++b#G9T+iY8`Co7@V$b_5!;3> zuvi?N-9;tz;B!5s78ey@K?;g1bfWhnx3<~xW^b&g=?x!PoY_q9EN1zDjS(C*9Aam$25K3Nle=QZ@17+$dMj}@jD4Nj zz=V}0{&clFLmRA+ayPb4OKjAgmVN()Eg~KcF$BKt*yw;MWJ!xeyO{7b569uXv3A8X z-tn`9d@UzmdBkG=@0kbufbV4i=6b{S%x#8|bIx}H_@eO4{y{QWFaX;M0|id-0^02! zaao4FywUhN^py~JbZWZhMz+b*uLP>sn`f z*VX&=u#a8A8s9%g4=;{V-xkNgUJ<-jwE4ho{?%CWIl&5Oz)@ub3xvQ7G(mak7zXrN z13bZuSrf_8*aG;%VX53=eMHM81)0GWFLeV1bRO3!g2_1pzMUEM>4Gy%-%-)qEL9pK z&{DJIporPQpY>a%rPkfmiU-($Gh7}F6rj`XfWFNVDx?}UHC`cb7r$wsEOA2w6xT7d zz!o@xQ8}2zal#H@)|HiEzJVU!Y2iDC+z!UtdTn1R5aDYbVHl!emCYC)N}d+p-COlx zJGCJWzG25n*&G_74W8H&l7JqH10!PL8mi%Zt&`j_*Ef*DH@E@rJscC((xQojFo0e& zu$Y_)Ljz7>6{=SOH~|YZzAL!w*6nyA7cM6yXsj;S#Q&6Uq`4@?SMp6gO-gD$JMwj++>impA;tFPt3$b`~fi zp&jsnrd8q_Fq{rzg9!Y>-AUpGew+(}U}9NCbVvvZmLSZ{lFZp6ph?*`*Z~P(L(|Dp zAU2{WoESLX*0WvVH-MWsOkD`j03iV3pN*q>2|#MCpE%?~rm>^8F#wWD+x0+71Q*r=da(jKUy%9l6nxE!-p$K;BtkBv$W>WGhU2(F8!Z{7 zELG%1W+by6AV+egW`!htjpR2ZK}q7^SXyIgG88559XE2|IBsMDYF5aZQ5TwR`}pXH}41!#-CUN;IDfkxNnt>EXm(}8m5 zQJLObk(_u!+=CLEfJ&F;#U6VVXndv@J9UEuJl2caXSBs)iKd-({(@aHTYDayXKf@Z zcz^~1C6cLAavCPHB|&pO=g&!JA~vQlUZ*UcC46*XO!pB9!1E}X8&fp*3AU3qXlvyY(iQA?18J0dI9+cO!Jy;%O+NK2>6%-qM zjlq?b6F9tO{&6V-p$3ySP9q7x;hNoEBzk5TOqVQygCsN{uA&+e?&mxn!>t-<;a#e6 zX&}kT-KRxqTKvWboF5~DC(w-o3^^sp(g60wpgP+D!@gm zUnUx*TI#ooL#BSfrmpF@c`CVrgQ(6NAC&5;enYA@VqJj)FNoMYj_JzUQ>C$h$f>5G zv1ar2p#X+la!O z-~;dh6ox}VdIJXxB{6}+AcQ~&5P>uxWuulDa~%Tmsha@WJrfO6P`C?k&w~<(_D*Ry0KJ3!DHc_^z#JuI>&l5qMYg@Yil?*!}c4)bsi`|wJ^@Jl#tnUU1V z{_qhaaS|)>5+Bq(u9d5}6%jM>6jN~(Tk#cV90;;k4q#PQZO}V#l~-Z$7?W`soADX5 zlop>uHUQO7xv>bO0j$CUbHpi`6B2awv=PD3fwES_V3xa{el-@+z}( zE4%V5!*VRk@+{MGE!*-f<8m(R@-FjoFZ=Q@19LD7^Dq;0F&pzSBXcq<^D;AYGduG$ zLvu7s^E6X)HCr7kjZjcn}C>Gf1;^OS|+-$1@HI5N8n3N}EwX zh=UDn&oq<}K3E4!;IvLdkWaIOKb(V5!*o(BbvxINt9XV@y9CnJ?LnHVFSMbU~ z(1XLwKt{I&Iaojq6i`htgg>-OO*8|+%z#QSN45lzbGgiJ)JQ+@9t+^WW`IXUn+yh& zN4*e?=@>+N@I$(=01+ex)fjd})b(8pgg5N9h6qo$-~(Gf$U2w|v!KM2*!J{DwG>dbRUd?MsKi#= zN>>XtSc^4gl=WE~NLsrLTi=OWFSSGSgUPHw!pMM^xCMazC=PPl3ekz60W~#eJT>^3 z#bRtpmo&lv(1duW1gP}GnHCW5n8ksp#$`XNv%rCZKm!bngi7#(5?D4qXo39L#gk~o zKd{4=v)wwLw6*gaftnR5(L`4TcLRKWsQcczFJR&$mHW&V{c9f18bzSi=F#15~TT zObc;=cbR0&#H>5Q9w!gvLB5> zX!%O;LmT`8EtEN$4+=j>3W(!&P0T?i>;uX4!ztJXl+O;OL-ym~ z!?yQ9wtopdym@5~xxX-(6e7IA{w?J?RzhnBF4^O@m1j9STze6`axItfIjDeK< zJ{){CB>X@qglZ6largIyQ;Jt`gRSg7ti4*K0_?NYygA@7ce5Bh(!vSPcn9U?L0p6NV&VL2?K3(G!>wW=xqgY1XuP6K77HJ9+l> z`4ebRp+kul9ePiLI)BhmDs0-1&cl5`)baZf2Su zAPrY6c@n1AH4w$LD%h{l!?!f|DHto4VJ*`I`6+pA3x_XQB-HhTL|F1Rfv8pYn=_Um zJqo}f+FrfdAFV!u{q7_Fpl%=6f996F7$Ph7?BvV;x%BHYAHjZ-P*NvoUGejx(Wft{ zem#47vXVysv&SQ$+Qu?3IS2GxuPJ`uu%L)bu9EL9k_h6b2VkJ-53-IB^2eJ|e5r^e zt28VRA%k8@$sPs<+J-I&pA(EZvOwenu@e_7@uSBgo2;_SG8@sU&MYFxq^1hvWHf$C zbCJm=oqQ6?D5ac|N}2lUBoltB7!oA)JQGpGe-i7GzI~FCOuBm#NY9^BT45|o)GT;` z1sr0839y;)x)Ub8;=|LXe%w&)v@eq=!U1_^xrEV6et~nn=?ZAnQIY&{1&Ms_=>SO1 zK=e!{8{gYt&KLeRFrg%9Owi9sewe7v0eH+%Y@Z<1AjqCIB@f~XBvs>6J>Hq;o_+oqXeY@@ zU}*iil+hwE9~={+iBv94kq+E#bSVPr%2lL0=E7V92A1hjMC!T-Y(OaDP zK$DAy{|YLn1>`iEK(9!vRS%UM6uSrXW4ZDNSmrqQJm`ezYq%>(&iYL1F=UKgHtrs5C9%mi8*S2B+n?G-mbdjLZUmWI`|c(&y$w%D zM+zK223NTE94;m)K|Q1_eQ=er(pRE> z{Y)Wg5Q0+&G1Cm?QwDT8ljtiAnLq zjy`0;#S37tIA1x^jWl@1yi5a1Q4XXZN}Pcy#8gU+v2T^F^cVP2*^gklQac)nz>t1N z%0-$cms8~BK79Ft(cohctX$j&<)pD8OoK?=n3F8qhL1ROVG9-`hX-EJ1&N9NX$2Ah zjz88B2Sc)mRq+zxMU?mgCQ9gu1dJjct4NS5W^s%E=;9Z{IL0!bF^y|%;~V368YIy% z9h~5!9|0-IeSQ?AAr+~MOroO3JmpJQ@y9hP0E0qkrD@U;(-JIj12R0M9!}6^OEx5o z63j!RwK}Cy;sOm_ZB2+>tBIe2IMSZ*V+zA`>Qt#(RjXbVtNeqiRI}PuuYMJ*VI{~B zV=~00ehsN&O^F88+E%x|6|QjwA6w;GSG(R7uS6khXp~A5ek`o1c@^wn30qjh9u~2Q zRqSH#Pd&wduPp%v|DN$a!C%Fg~9lu~V@3L4nb zz81EzmF;Y4TU*vwIQudE0@V!W;37p#Ji;@ YCL~)~H(xfhBu4X`>0Dz?e2Qo+;8bLRVKuw81U8+K4l0b5@ zI(FMl08UQ;08A-OM@JV(K1xYTVM<(JM`eOYaF$Gz)la75QVDWV49Za*08~6ZP&{H( zJa|(@IaET6P*ZhNT1`=KXHkW}T~Co&U0+&lv|W9NUV-3PlgwlY0A(x@WivctJ&k8i z0Af=}URtMNVqRcgcV1(VUv+h1ex6~9yJDfwWUS?H0551WaA!X}YDXk*UO#Q8)^4`y zZV7OFKwNV^a&kP7Z%IjFaL#dvp?D0)eJXNwH2``?J9S=IdVhR-g>8UIx(YLi|%my>gpm6e#4td*I=rmL}^vCNXY;h8)+ zo>n2IO#rJ}0i#q@t6v+Wb55hu@u+4$tz%iIY&5Hhf2^38uEg50Q*^avi?nh)wtGpw zhefrEV70PuvazPO*6y<6{<$l1yKV}G>`%yo3kj4{lP zZq1TN%#~Zum3!8(d(OJ6(C75gkUY|-Z`iD$*0zn&(bUxX{@%Za z^XHzKOWz5-y7kD@v)>$SN}m;E^gjOWg~3i53m351)vFf|6?yY}mDEed7nwX3$o#FZ zm(33gQ~Iq(PbYopaLj($SOMUE11?yPKk5_$PCfqwC{1_Y1y~P0SCn^Ndh4~fmki+a zL!T+@{j(lE^6gg-eCOe^-#VxqNa1?-4Wf;J&{*+bfDro8;(pTTu%n9I_?Ve?Ov=Qa zcgXyskALsEa11@bSaAa~`V`_}eDl?JpM84`0?w2e0=5G<>j1*SAnbILCSPfqQI9!$ z&50qId{ud6mRnBAf*t<+gHE4c%17T{cJu=b3pX4CpQ2!*gGURG-1(n(EZAudrF*%+ zrJIA0gNk5Hrux#8-_cW#JpNX^r-VN+j`t-CpyD^?ePB{Er(dUp=hv^B`uKu2yy^)h zueM4vYpr`7D-SLMHVfvWe)Zw#UzCc9kCOlK(@C1r=IVkr`WV8Rs_d%7s(pRX`kpDm z_VpfLxsu5z3(}gRVu%Fti!8W#{>$FDoO+rkr^V*CA3pQe+t;)5QDZHxF22Z@4BDvJ z%&FJ100TI9;`?HqcMiFpv+VpsPmhDOEAvV3%420eqLgQfxPILm@?QEf+b_d?N&6SE z{;mh1y2UR19kU|q%(GwAesU~67w7ty8@_-;Yse#)4CaOZF0C~SEezsIJre&l^V=iU z%mT+NKil)IJFxRh{;0?ty03iK5X)Dv0noy}L?+@K2g=^n|AF|9X08mN~r9=nbqm}<2@u13wjuo{hi6QY;gZ>r`k-H< zryhI1jJ#hwosiM-dP(A^p*rd&4RC=rs)su8;J<^Vi3hVdE(wR^cQM555fxAxM4 zD|JG88H165W(2Za>4--@I$#1-_97kqD}U!pp9(2*off)qG%JjuL|#b48tz4gIDCi= zci6%l`fwrsJPaaqen`ZF2=R!>DWVbwg2W~cXNgL5q7-oh#VAhkipr@X5wXZc)M#;w zT?`{_zDUM0n(>TiOrsjt$i_Ch@r`hdqa5c*$2!{aj(E(Y9{0${KKk*GfDEJ{2T906 z8uE~cOr#%8;wloMYC(_D_gtH_42*xS?aZZL%2$iZlh$wZrkaVuI zog4nS#}8VjpLzZx9>PorJ{dAlYl7q+TA=4Y@-d1iKmiw`RKy#ez)XK|V+?JeL(BMa z3n+{s6Q?YvJ$Y$SjB0cs`2a+e%8`V6@S_%|*hU!=(S{^|avq6zgA{5h1x&O73B7zr z8=#=kc?jYQJ0(a;7vY9=#8aQ_kSR@*(6Y%9g9}lBL_2!=(~k9n8W`mRLHub{q(*6} zZ-7EH|G^JkJRu6WV5md88BsVysUKI(>Q;SyONGN1p5O*> zY@-ftg{wLjN?2TM^9?@*hfs;i4xH+gp73acPLHwKq8>G=d#yuBGs=#B| zvmk|6fbymO(#J7G>92XL0UY+Asz0nz1%FiI3=gtKNL@KnRR)(G!-cItT)VSccmWyt z`0X~3>)KQJ^B#?DhfVzv3|9`smMM+WJ;cz8WlztYQFg4mOt<85U>pt(?$`nMLjJ;sC=tWx&|c%T1h1H-FO8CJSzKZDvbP;T0OfO|`_F*JmLdI62Qjp8ihEG?z-LwE zHlmpiH_+poG#05kdAVePG`W}O2tq!{Fbq@JQp%^WhcPFNjBu9oyr&Fj{&!ItPx$T= z%maC_nYE=0Qi>VLYR<(e#u;MsvUQaAI07jBAz~=o_nyXV<&`T`Wq}yEstbKFp-tiD zmK7Qq_Ixx!;?av&a3js9yz}JhJl$OI0n)b2^C@gOX)C|@#}qk765t_dBrjBz!I;A; zcHN36lk&^VoieU<&FfySw-|l6M;L8;QLbh9?*{VF$SV;ddGX$$EdWoN15qbTUn+3P_DJ_y$W6S zqZ^ngY^uksXIrL|*sExTk71pVdyrw!)d<2%*Qr~7^70&Epb$O&yms6Q3H-5arSHc> z?lNKWBNa7320tuegD8PHA7bd3KgiMTbJKVq78WqJYuwB?2fMzLbGJZRXRKjW?H9C;>`wAbTSb9{nU`qu>RIev_B|;06@l5Qlkl6bf(v=|Tk&g)&@X&#FxP;u~L( zatNBxM}{*z1Tls;z@i>=CdfSUU<7cKRSNSSx<9D#gpV3M=}2$p6R41Sye@tY9UFI) zUO(@YW}=g^w6$CdkM4q;WA~|->l-)$>A^E!`qUriJ}mx$17w_ivdhQCSIe-9M4WQ< ztsi~qPe0v@z5x#1M8E4#J8v~Bp79#aMIHJsGnX2g{{Z+BuJr|HP<;V-fC!j?3b=p_ z*nkfBfDjmg5;%brSb-LJff$&98n}TR*nuASfgl)yA~=GDL=NB33@Dg_D!76y*n%$j zf-o3^GB|@Q_ziGJf^b6)%|H(7@fG#J4mx;)ILIz0cosG|gzZvOn?Z;DFbmQJ68jJddzJ>(#&w0L68?FphmXOBekc-wcnT0QaeerQERl$c zm=}x)ThE{XqksZE;0$d*1R?+qfmjB4paFEi4P1}`#-tCaKm!^eR+D25C_n>cfCi`V zi2nc&d4K{M014?-0v143t_X{=m=TIleeA#p1!0Moco&)Y56_SQ+Q1K#&;j6JjeQV^ zE5Hu+KmxF34<8_Np#WR^PzkP74%Em_C6J4P*blYPP43_UnAV8=P>%m_j)yoAiVy%a zP*vvJdMDPS)zyzlNk~`UxH1LxXXObw{lPqa~FA0-zA(IRVTQ#{(5Gj#mrU1g!hZ{+h zf_M)&nGd)Kk{2137jcpSP?ZL8m00-}T1k_B_>gHCk^E2z(uEEywT|x4j*n;$^q7xp z>4z@mmjVHp9C4B@c@T72mu+#E4VjlV`IR{-C8?kRGyqhySc|vlj*w^#8Gw{Z*-R)f zimvFHp!t|3`45vxnNV1nw7G}2d7F!vo4SdKyxE)3_?y6qkYb1yWH_97p@nPFg~)jq zSEv@x*_;Sjo6>0)N@#>tSe@q(QuH6|1sZRgfyFl-f)50Atwz zrv>2;TX-YYC#*2Wsh-LcWjYT;uz!q-0HpK|DWFZ&-~c5M01psXYTz%IiVN>B1Thc* z1Rz%FfCb_j0~o*#@Q?;^*#X)BsWboq^_8mvF{vV;4b^(B*_sb(pb2W=O2#Du$iNLk zAg+*557mkV7(fiyiU8tg4cA%#JAJSPlz^~le z1l~FXb?^-t`~D4}&;iGg4TpdM^dJj9@UF6;Woh68zJRNdTCbFfuOU0KTBZiD5DeI; z51~K>;?M-A#|4` z6~e0hunZ-;tpSFz?+|m%Bm!3JFO2#F^NEVJo(LDiKQS1G1o~0>QS%g^h0; zw+Kmc|i4nt72vM{=(Yq~T+w#F3z1K@P6JFRUCyNmm;{%{T_K)X?5yWc>v z?4S>_fC2Fk3f%}H?^?JpW(x=~Z{_;D>?^zPTLJ_SFXsTcQqr@m$`2`)PCpP1F=t#C zK)RhOzNae@^MD4>N)WEAy!2oThFSpfd$-zf4%Zr&=^73~FaQA{u_jv(eQT)D`no03 zz6+KHV#!t}EWl;LE<>O#1IEL;4$YvZX8fjVED-Skr~c5zU}wf$tfqNPh3xUFQoIuW zWc$bI6Uc&$I)q%vaC69rJTr>C$nDa|j;tz>9LY^G$&{Rhms~_aIs%;B$)5blpd8Ag zJj$e8%BFnEsGQ28oXH=t$*TOyupG;>Jj<%g${yj$w4BSjyvw`{%I*2fz#PoNJj}#g z%*K4o$ehf|oXjDC%f0-}&>YRByv)>G&DMO)*qqJUyv@qo%(m=9mi*1d5zgZ58{}Nh zwsFqr>>BF4&ZW`L?z|cB9M6w2&-9!Z_I%HGkE7yR7Ma}lK6JkSJP&<1_b2%XRh zz0k+(%>|h;5FODHJ<$|h(H4Et7@g4?z0n-q(H{NLARW>oJ<=py(k6YR^eD=iQ$ozp)3(?A{6LOs+(UDQUMF*_}rN4?Zc-PBI~ z)KDGOD4o*od9jioMlt4bkNA)Q`Q`l0Dg! zP1KE@F_GQWnO)hO-PxY)(wFTbo4wSd{n@5{+Nh1up}ilaZPcxu+OQqlsJ+_jG1@PK zg2vzrJ2DQgkb=JOGChkRukb!>jDp9Y9@(%q`!No`4Gk)|Bcd(a(*8Z&rcK-RVB5_A z-RjV@;}Ae>0}ZYK-7hoT0u-_XrAze*3;U?b}=-23g`m@VH9{@`p)-x(v|>#^PV-P^{!-zUi4C&&)# zVBYJ&+~>_72XfmfIN-Gn;VQo3VJ+eM?c6A++x3v&43gakzTG);B;a3$?c;R5oj>yg|R&Nl5GPA=YAF43>u<#ImfGX3RcUgg}4;mrW${yU-$CI05cz2|#v;N<T*us3|`cS&FZoa>DJwaA@BB{W``+&Wuj2m>>8c*^x<2rWUhoDl>jH2@3oa0zvg>l+;pujrIepX=N(^z|_HAz$-oee6d61dgyH z@gNL5;0r&m4QkG&uP(;wVf0AvBCAIOh5zPXjz~ zCA(h(d(e}GKM$8M{UGwwnV$v0zaLKDlRcmf-f;a$a3JuI1#)ovGGS)W*!Ba!bne;4{bZOVar12TeeGK*l|PHELxU2M0vQy%R8Njt|-^QI= z_io-7WBvyIa%Rh#9R>cq2)CyXa>B+^ELKKMMAUo@flBAq;KexulMx?4qcw`|@K)r{~&} z4zyGlI*1N-)@i1^V0hxDvi9CfB@F*gL@`AbS5z@L7l9j&rQ$fk<_So0@@c1U3d3+9 z_a=f*nCzs=qYiJfC?k(EAmf9cVQ7fLAk%Ug5;`0vq9>Q@a-44-`?A82h9p?T2tbh3 zxrK&05LD0_5$l-;ktJ=c{wK>Y2eR-fS6oR9FB;^?g9Z>q{IO0g$wV|!MHfZ%MMs6B z$)h;uqiCIDl-r4%V0iH58&AJE>dNX$#7;emrdspDfu`ak9z=|y#~Raunb1lswTy4M zsJwizj!(ZaGtpo*q6bup5KQ8m1Vcp*)p6*gXVXqUW$)Njs;nm+8x`ASP-I5D)kH?e zCAVC2MS3*dm110J#*OGp#i5rp+Tr0CE_ z9a4NLG|MgJ+toh25~@cXR!kMvqlM^b<{M_1Lin2_4P2)#Q{bVqy?poW*FtQWR4f$` zO}kfAiO=P^XP?LZRX1IB|8e(SZvs8YG)#FSjiDO!Ez~-K8>)8Tc@nviRd#@4=t{yE zk|<(a?S<1mcILT+p(!R>bl8lVW{9U~4fBN<3^io=#_G~M=;>-l#g-ns?Yw6QGE5^-^hIU=cm7Z|JZlYef#(4zkmP#4+;K)qdx!^ z(0~U-;Q0Oo2%|_P(18zxUZH$g*Zea7SV`DL}C(^xI`v4(TPul zVict~MJiU&idV#97PYuVE^Kg zj(5ak9(xE!J@(O$e*|P81vyAP@{y2-L}VfrxkyF=(vXdWWF#dyNlI4IgJHB}CN;T9 zPIj`5kMv|HML9}Rma-+FG-WDPxk^?F5|yolWh`Ym%Qs>&UHym#GX7Bx2H=mEVuS}Q zeE!)>b?rkEy1ZjQdZ7(kHq)7Ad}VO@F^f~|l9=H8u_H=j99a+WZf zEa?X=s<0AwNFWs@*nl0%fdE0EKmy1RXFjX|j(jWuA{8*jKlmXF4WwWXz3hivP(X!$ z>|+vdsDUp1u@EtV;~!I@0YDoXiVdjg95Haf59YDYf7n9->^O%8Xutt*_QM(~^#M43 z*^gXk00mdcCrQsi1R8*03E&)KKJ>7G6a+LMfl5I&`}qbOAc6uLsAf5(I#r?B@;C07 z066@ij4DjCn&nV{R=Ju}el7tQ|2W4^>7)QU%ZhxYkT< zRNJut*lzW%|F}nB>A{RuIAfn+W#&qLIb4%Ev@0!1=X15o0DeqDxe6d_HeowPdt{X* z_b`G*ojct1&ep!NJ!eaJS&jw#W4GD#Em^r++~e}np=DS_f?EOGX(A!Pt6&8?Hv5lu ze88gV7{x*lJ791KP7n87NqF^3Uh}S`9q0vaV%2+G_FllEE3wA`8u4KMT+o-r_rh*hcZ;)-?wgco&V4WIKJ5rP{oxU|DXprhAmXm$R#+uiS`AiLo`Z+h38 zwlcDJzV*Ft8`hTJ{|5NG7rdDRH+aGoo=Su-+~E)3WWymoaf&xm;uXhu#shhA zjd$GRb&Oo*L_Ttom)zthM|sLszH*kg+~qHadCX-#bDG!O<~PTA&ULQ{ey)v>;Hu2bFLT?c#E!T5EtmwoF{ zH+$M4j&`-TJ>hJ3d)xsIce&R+-*mTo-r9^|mMeeOSxd)@bb^t|_d@J|nX;TM1P#5aEOUr%=BH=mHScYgH22Yu;RA9BdI ze)iW$eeHMOh4}V<_~XcZ@q3^A<=6iC(QkeAuV4D@cfa%DAAjY~pZ>1Q^F;*x+Zi&se{5Obh;^|{z9g+!Yf3&EYw1x(#wtX{WW>T{ zWX3IY#%J`xXq3hgvf}L z$cd!LinK_>5~HC($avgHckIZ#)5wp!N0F?%kR-{pGs%-IyOdPPuw%)V?7EkP$+Mfu zwv)-4Bu1R`9%8Jv^7^vZ_=%dlLyu_Vj4JIkXp%d{l8wPee=drNDKORAhpZmdhYyvuLQ zOTFAnaqLUK{L69-OtBnH!7NOLbIZe2x5QM;Lu1Uw%(2IW%)v{z&$-CU#7rOpmiv=T z*&>H#sGfpbkIxh|_v=im`kel+EKT$~O{q%FHe5~dYt3@P$cn2?*#x-E$vE9Czu8>8 zE5kT;@Xgd4PG_o#jH`#+G`~vfhhJcU=Y-DZ)B)gZBjuzx>rB5&q6RyN33Jf4>g+h| z%)a7WBYx~KG=sp0IElU&xLEy=zGa_7>j@KhY%Ui1@eb_ps?>$m;a0j0eumgdV?cqw7b&K z$5GC5pf;AU2LZUy7nz0t;7;v2DQkOCm)M6$SOIjJ1$5J-2bDkI;0IJdPk#soJ8%aQ z6(}Orhfx>=+zeYk}&uo3?fhA3zQ4O!C@Z5Nj)hX7zS7<19b*#}BM z0X5sDlj4VCaFiS!fEk@8AI&5nZ9bN~hazClb4UU_EvX-12VF2KKxi#MIIDBut8(~) zKAh(`sD?B6hi%ZdJ4J;&rBo?J26xy`e^7@A z@zp}ruLDSf9WALv)rSkw06r+G2v95t(4~ITrFJj?XArGOWd}0j2fIOm9AOaDvD1Jzjo1)G<;?(*Bj!zBMBxqMEFw#EA z2VSMnZ7_v=2!wfE1912SV+aC|1qWQsRa~_PZR-bJSWuV%)&LdO;7HJF!ctvQR^7@5 zR%nK0wFe`h)Za)^1rP@kxT_Y`vQSv3eW(Nky@P6+1`4>V69b2IVt{GVHZmi#cc9p5 zIx}S;EXvAJQ?La_)7Nq^)_pjHb$W&b&<1{>1j&M1SzRmtk_8UMqlZmCmgI*zWeFqY z&U{#daR}La;DHBQg<~*TfvN>pAOm_pg<{|a0e)PgEz>6 zyUN-AVuce`{fBtqg+Ogs@M8(Br8cCs2NyFjwHmTmP=y6ZGQJ8nv@(D(J1H{LFSY6b zU(L}|P}>#I*OqvO2Iwv4)z?flR~QR{88P_unN1Mbw?lhOxS*Z?Tl14$(Y6R?1;INpDFharH3 z9=)iciUKxp-sbf$7tU0B7yt|**FM7D;*(EI7=t&sPrRyusLF>?h=MoJ7xTRbEztfY zd$56X)izw6iukIJAclo{7zPsoj_vGDynWLwWr=+dgj2}bdBB85$OJrSEhl{gLFHoC zrO_+P2Q;7o2!>Ra(5F%ef__kjMyTFK4S+!&x$2O>bwNU&1}h=H!M zVP%+M=(XV%=5)^JgwE-VqoD=PcPIfD<%ddmGIY?TX&Qj93V>d6haF}o za_!*VU5RZtDQeIqegK6>jw;OxfFYvf!wZI8$DU%i`8l z2(=e0hu?)RA&^yC&|Q{*+aSngZWG~?dWUesDM)5yELbOaNP`XV0vUeZW&Xxzg;gmY z=wv#Y=HMewTKeaG8|dB(=vgZ0d`sxuJ7`&2=z4qT+H2@ois*T(=-8WRSi0zU+vwKI z=vF#Tj7!c>{x?v`IN>B|e&fxGTj}uoXpqjhj`rw)drj3`zn5;Mns&I&yy=1?P4*DY z+X2n^!|7PE%*;e;isWgco=k%)>ZWF;r-o`(lIp3xJgbIFtme0>)@o7W>aO;ruLf&Q z66>+vJ+rR2vPSDlQtP$;J-6OFxQ=VNo;isfYwN)# zq%t$?`$Fu*o-N_57RL6>&-s*{1Eg;U@0lHtyp_?&MbP z89@Lw(jf3?(5d=?dI<8_U`Wn@9-Ay@h0!`Ht+LB@AOvh^=9w( zcJKFw@Ay_DQKs+uw(tAK@BFTB`F0Wg_V51&@cZWP;0W*nH*ozPaNs!b1!r*ROz_`m z@CY~X2agE}xA6a_aG1F84ae^ce+do;ar*Xfmk99^f6fta2@@}I6lV$iHiZl|olZao zdiaFrgaLMt1|_HnEOX8l(2rvQhUY{Ed5BI^&<86(a2Egm2Nyr`=+q^B@BptdZ-6^u!1SqaVuv5Q=kV? zUD(@=G7{=hSgUpYs;L1sZPwE)Q}r@A6_-bz%?pRmqi^uqk*Z7U+coq)`06T=}$kPA- literal 0 HcmV?d00001 diff --git a/Media/Images/PubCertReplace.gif b/Media/Images/PubCertReplace.gif new file mode 100644 index 0000000000000000000000000000000000000000..a10a42d8ee2ece300cd8bfb284e9544829e09a0b GIT binary patch literal 43676 zcmV(_K-9lSNk%w1VOay$0(SraA^8LW00000EC2ui09gaq0*C(q{{R3m00I{P266x; zV*o3H0Y_*6N}K>-Zvb(+2><{A87u~1r4#^67au$n9a_ZD7ghS068cI0yGP1G#U;uCMY%!o;eG0Hzd9} zE|EDoI5#&)I5~qkKVUdRpEp&7H&LB8Rj)Wx%s6SLIfTVLk+DQ8k9gHJUwP&+wQI7n4DR8lx=Q9yH6R##J1c3D@aRa%%= zU|dsjqEdjuSruMaIf+EIc<_iUzJO9lVnJde5;p+VVg<- zpHOR^Svj0^SDJ#2oQ$)Zo1UAg$Dp;%p3%mhQ=_I@7Nl8TreZ6nY&)fZTcxd^rlzc^ z$HSz?->uv3qDX_QVF0OZO{ZvWqiKGtgMqM zT)2dOxhrzIP|CV|0J?o@x|3_Yo0GkwgT1M!zPQM|$fw73bjostz=bQpgg3;CO2U+4 z%a(k^!qd);ddP&L%bH`%osiI@W6Yz0%&x7^xsT4fr_a&R)|^e)vV`5LYu&e%-O8up zsfyyUs^z|e?6z?2z=Q7HuIlUT{mqR2{{9I507D2INU)&6g9sBUT*$DY!-o(fN}Ncs zqQ#3CGiuz(v7^V2AVZ2ANwTELlPFWFT*&LWd(=SP*N}Wozs@1DlvmOQH)Tu44V8eiH+qZDz z%AHFW?3cB#>gwIgx3Ay7fGyf`8n12O!-x|rUd$Nj52uoVvY9;D@JY&*8*ARox%1ms zphL4k_#?FGSB6ik25mV6o7GT5NMh=3;Oe{tOW!taQ1|K45G9>k+wYvD)&hO+ULE>C1F zN}nn2^!?G7UwZuY_n$!lcI8ZL-ZkjpgAgtRowgJsx{HKRmwD(V^h1g><_IE>O$`WThDQp-B~v~MY37+|>P6&0YOPf!k{Omc-8R*;Mt zJ{hG#9rCCpo;>FFWri0LG$vCUrm5(njDodh2y-fk;Eb02P@q$mwb@moAz*ppKy?!L zAwu`9<;|(|eFf-@>{S>Ys{ZDYXXv3dHfrmwxC*uAlwB1%t5fG-CTwe^Hih1*OvyUX zeb))=EJ4MNN1A!ZL3?SkA^hO%m(Ip^t$)ORtKqN43Jb`fI_9eGy6nD0q@~1#DJFgo zY3kHy;+A+XM4tBZrH+v{rDbne2Afd8OpzKdLSGK}s6ejv*zUv>S8NiIgT9F&jSnIF zBEtU3x35FIHuZzO{Tw*ZwZ0PEkH#X`cTm6m$V(8){aE&}K>ez0@y|d99npjlH>K>P z96vOudHRmr5R~K<8;?OHley3j=@JC;L7}F6wVN9^<#T&ojV<)qXrm2Y*Zs6y5UX6f z_-3EuHq>=wU5~nK{;wKsZ4k0q4+M4CA=?Lb+K49}Gfo!Uj=iP=}w1y3? zbyrnh`?7>C*1B?loO)~?rzlrhbk3VQWwu10_ik)M ztCD``)T<}2{GxbOO&jbP$_{aVop0%4qIr{BxIhU19#QbNaZWtF^Ny+a^5~}zA$XE| z4>>}Ov-S6ki9(6I;CzSg)X^4!FHo`P5FPp8#G~q|?|=v#QrQI3I8JGgHm8cl*eUUqZ$=bMpbA%bmt$#|u1k=z zx|YIa!3=c%O+kpX6tX)XamjluOrjF!LZscjNQeWBNY~7UtY$eYQ-^|K2yphp5KPHn z2U`on4tEgeY4JRiVcHVc$VMhE5Pv(9;Y4;O!cBcGi#~E4%!=iVbcL{vCcG1II!7ee zA+e2!Ok`E)BrXT8M}m+%)eq^2EC=c-i}%|iapGY`;cOBie+&WLn8Hcyd_fZNYt5SS zB@q%7gDL#5gFs%8qIxJnAg*M}ItD^Zrl3QSzzilx9%V)?o^VEHqvTpF`M{LjhGrWo z<_$q9#%ba4ZEv*U{v?uwcx1wr^AJcS_>l=1^dlSM^kx_O@r)3ZpcwYB10DKd31Qmv zo)-RjnB;17sAOhSkakQ+w0gL^&gC#bT?{243y3ta6{LX+ab-P1z=7iMLm-5>Xb6fi z(Tz^@ox6OeIzm8#cz}bXCdH>pSK5%BHSR$Dgre^dQb~p2?0gM18MKZ_ooWh{OB8$* z+cJp|I>f^fs^Etr*lC1w95n=$@TL*^aZy*6Lm(UtfeF}2(qdedrC<#!;k?$H+l@6t z{+#JSYHCfHCFDzQVuQFuwGf30R{BQ(GiE&ta zxU(1|1u05TTGEq>^|C9aqZ45m(-{7fAZ&Gx1{1P7qGn5SULm1f^_QxwJ?w=GdHyF; z98rSNxDp>VP{IlP5P}!g=S$!E+V{Tr&98p<%isR` z_rCxRuz&|l-~t=?zz9yTf)~u-20Qq{5RR~fCrsfATlm5l&aj3z%;64u_`@I$v4}@Z z;u4$q#3)X2>axh<7P~k==ZLY4XH4T7+xW&f&asYnY~vUE_{TsFvXF;N!;cam3>)TlvaZ#_^Q5%;he7`O9DqvzW(B<}#c4%u3F({+id!<{qQ@ z&2WyhoaapEI@|fqcqVh3_sr)j=lRco4z!>LP3S@!`p{hJv!WO6W<)#s(U6X`q$f@3 zN_U0Pm}a!4H_hozd-~I$4)u#OO=>=i`qZdSwW?Rm>N%JC)oX6GtY=N@THE^8euA~G zt&Hnl`})_w4tAt>P3#>D``E}%wz8Mq|ekw5Lt&YE${y*p9Kax6SQtdmGo; z4)?dmP404=d(z>~_PN*1?smHy&gsVXyXQ^sdjHxSKd^$nCo$Kq*aN*zF-Lh{Tn`uY z8(39lh99a>1vq#^$KH5FF3uqf9h_quPbfkpy1?UYOhVBv&V~y9^!)=<_&6S~c;%Bt zu5T->lS=|Wrx;uuk8Lov$l2HcQ|fWtwyk0g{fUPqZq5{YK;jF`F!-0VG4mF?gA)C) zhaOZB<#;T^3RS>@VFUDUmAeS#UN?_D_&sKOq{0eM&;n!4j&`-nyeUE_y1nrn^R^{J z>0AeRQ|eA|yu+Bs$*94^y^)L?=olV$FvU3{$cjOnqZe2*j{Q84h8ElJ~BNZ>{eCk8@SgQEZmO}G^Gzz0@P1B`WlRZs)xkPH*JR74g}sz7>JP*Lr00#5aQ@fQzQ z_yxl-bn#FPH_!|rm<8`(aQZig^#F(N$6fJcg#JQ?dx0o_Mpu6|r+vlH4t*GRc?bkg zzy-r0hTBJaXcq>%mmucw0tHeJO8`&f_XSe;h2b}T^=Ef6*fz4ziSe)sL8uB!=m&$4 zePhT`Rp3SNM1ST7guZ6;CSwU3lTSQ$zXAl*N=L@kJ|tR!;lFF*bOFVY?jw_nMVxfpaXO$ z3r1xLCUlhEcFbAY(dPQcA{}v2*Rg>pbj5eXAawUeza$B4}1WJ z^S}am6=b;gmF75$CT9=1K#kVOT``xHfGCwmnUw9Y0d(jLpBQviNf?fRldczada!oe z*bm(p4<8wlbg-9wNr#>Q`t77WMuUaf^u+kqxl1+$rLf! za#m0RFZqmc#&`W7jr{-*wLl8XzyVTsfJFyzwWoWQpbMGsdW#tk%n%B}fL?W3dOO#D z^Z}3ZNMqYzhcPA#gU}6RFme9=NRR|J zrgGe6csDJeXt!dU*#5aIWf~3>t=VI&|ol zs;TOc6l#TlT4X%u20)h$U~pU?nxe7l2ra+|OlhJ9H=~Q$4la-k3mOKi@OnokqagYY zTUvB)8mC;Draelo#So-32M@|{iGSH2p*V^viJ%eMo3B)RmVm0N8V~LYuT(m7_E4_L z(3M#_u3bue>lF#{2W7S-cMmIl&bX#@rh9jHu$jmK@sJ|=X{U?{j^~G#Qn{zi+I4m3 zj_2o`=22zI!2SY*S9skJkul~BkC&bO=%@e*sTOFE2#E`lN~sU|kP|t0G)uGRU=C=h zk)$fHdSH4hN=i=U2ql>bgjtmE1fY1xvD`(g%V?{mM|?Y352(1S=h~7gd06Kva~8^b zv_*B{q;w-I3rZ=XL&tNxiluQ2bn)~~_Mls7sg}u@w>KGe#Gs`aTed@ot#pW&!@9As z$doPSO^g_PQ3r54X%FG&n+Er^hvm3S8L&9Gr6wwlgG-dK`g;?5WX;+SZ&;D9_lCtF zv1&@OWTtv8x2k1Y1c%@U8mkQY_63=nuXmb$W7vLjD1Yt12Z#^}eo9L3X9batzJjjGx$cB8#h@8lZyvU5)$d3HTkQ~X9Jjs+?$%!0lckFC=oVt5VN=xw%pd8Ag zJj$e8%BFnEsGQ2GyvnTH%C7v%upG;>Jj=9P%eH*WxSY$nyvw{S%9xzV#Ma4CHXOZN z%*K4o$ehf|yv)qp%+CDG#r(^_tZTvyW!?bI*qqJUyv^L)&EEXY+$_!0{A$(wWY-MN z=$y{#yw2?0&hCuM;ylizR?bd#&hLEB_?*xBywCis%keDFm`2Y{X3zax&<1_b2%XU1 z{LcWrXadb-1g+2#J<$|h(H70h4BgOu_Rvcf(HH&EARW>oea{)K(R;?xO6LC2BfZir z-O?_N%q4BoY=+WFrqVBc(>R^eI(^D9Ez@d7(@191J3Z7yUDP1m(>{%5Kz(FFZPZTv z)KIO@NS)NYw$w$|)KQ()TD{fVJk?Y^s#YyzSWVGwLx=sq%x!bl>Ri@p&DCy=&tCo2 zIu_PMHrAqSOC{i2s?1I$AO@#QP9<;($Q%#KPy&W+*l` z*Ui6G28Ue&YWLQh-OhCV*&W@={SXa@t=Or|*M4ovfGyah97};+%XppHhph^;{MaQx z2cT@*dd=5{%>t2N*rrX(;E>mC{mQc`+lRe;|1jKo-Pz8q&7d9KO#a=TA!$gSP(4du5!=8#?H7>?YOZsAZa!l!NPvd!9-ZrFLA z*?V3BeSYkL4$AFt>q|B5$URlbUIIP74%BYS)~*6lJj&VL;|?y{Gw0rZ9@$J`?0*i* zsAt$!aM;(a>TliZ_C6+d&DTA?=)n!^GU(pbVA!e6=BdsPz24#OJ>?}p3H(9YL|Sy* z-P{}g-7S8~(@vzh9q{|!+i*&U+?{^}?(A)I>h#(E57EvKnEl`GEe$2G>HYoh=Lg(v zL)su4-H%K@^xY4B&TsMX4;N1i8L#b3k=?}Z z=zM_i^d8mszV)%Q%C0>JB#z$mKH9XN+u7~cfX(IcE#{@n;UtdPksjZ1j_^Zo<~+^a z6>r=0-QU5^-l5FrBp&Cc9q42)@l4_2?oHy~&DsS{_EWXy&Th)^HR^_4=zmY^h2PeW z&lKDZ_PLGsz6{x>NA;SY_4Us6s4pO^?BKyY+!C(zB~ay#efBo5^S_SuZvPK_U))b# z0-itdu@B;yEeFm}{LUZ@K!&4d|^0QN-<3DsISoG7_PgaR89yhXd z>5<>XgEedF=y%T~%7^`0m7oI=988NCAL=~05MfM`HLchjIrIfer8aGz;K{V-Hkuiw zQf25+W4(*T`i1>S)9OJT57((JK`EOU*5#4<}Q16#05FTVscOfkn4vq7z3 z%Yh&@?C)-R^sf0US>Zi#PZrH6KWe%#2%0#yz zrpA+8Ob#U(HPo><+H{HwB6|QS=18M7+_G3>k42V0GM8nxS!bVx_CPb4igVANatoEA5{fvazJn?%s)RQV z@uMbdq4X^hMgAeryF;dHNUK6?@~+&2-h8P9IE1NXx=CBSwgm5tFmJg`TYQjPZwX%M z1YF|ThL3|rnoV3b%$leKEreml-rXv!>4$D>!nfi#E)I0tk!jntwS)HUcPFJ(2*nv@ z+!QZaopL3-S1D9R6RJiC|QxE#F9wcotrLODX zI!LaMY_q9`=4ew-G(n5GltxV_jVKwbZUAev4?{Z0p?R(9I;OAJ3WF!u@{W6M)>(SOk9)id*@DcBZBUt!WLzk7W?SqbWL!gF9LQB>0vv|Ai-K`=R3g3PgCqiE*cl z8)J_LN0kdVCJZe>fT@%1?2!JR*}l`RF}sBeRbZnR z+>VWE1;Ws7sOs3m@I1w^?Hu5}yxQOg?`N!KeHpjv7O3o zc*7Uk%H}hz55tVc-s4S%$;M)f?eKm;T;heHxQ<6mY6~DC7m87=d1vnMY*ZQAnW(^` z`$5_ZSeq~qXRKlBVG6>emDeAyK)|h>(161jv8xs^gaWPvvuKM61tS4%d$J1XTB9aq zj}Sk;j+%5#EG3q($qUR95qy+kPyMjO$MCUs)PN&Yqteiu%pP{0^kWqVF#$@<-adTD zASFXN2n-7E4!-vU96exqPZkCEf8aw2cejM(ueY_)DE>T-n91>Z6@zEQKpfHT1ngln z4sDJP2H789c3I0DQ!fa*_9_B->$BaMcqGHC32lMVRRr{>C$<7JXpCa7KJ=g;Cb=Py zx?-gJ+X{HR*Z>zer&Vu9F0Wh(*wjiRp)~;0KIoz_X*j_UniDi@)?MfkMC)2&}*Rvxz0>I+los z!xM=GRKRdhg7*7|iTJw`KtOOPz!LDl=jehE1TWKjBh=fh@jEq@Lk#*Vv+V=4-P$;Z zyFK7rHuB0o-t#?&gT2J?LCBync#6Hj5Gl);K9WJLfh-U#E_{# z)4@6_KdU%Ds!)RUbG&e{3J&DJ{3{p*w1gM5i4TMd5;VXP_&QE0z`t8T`=h@%TniFV z5wn2161YDOtO-PX4mBh}$>Wp~K*R=I!9RRKNYs{lvcVf` zZ6m@lOg0fqu6JV$9(%GM1Fa?8s!}9FES!vZV1`N)LUzzE#5gFh`s6FP#^3wt_0en7x*SigW1K@Ai~{8PI+WJK)%y@R+!umQal>_!D- zK+fZbvIEDpctgjFlSX_zlCchVAU*&7n}L6*KRa~Ce+UQA!xz#az0&){GnzG5d<^VL zHStSD*^{=FJ2r?kLWa7Nk{ZMZWyYzYNUEScvBvjIzRj z%B;*#U?_L8!off{X4J^d)J*=y7|dqurJ*#J1^m0jvlPdJJf@VqjPby|Ge>ZYOZ@vv zqRd0191Oe}!FU|Rv7}9_NIZ`)yGAU_dV+y}pa-p#ym@#;6)8$c^pLBxiRhfpxw6Z< zyo|I;LdMX&>B>vO9I=$t$i(aiBvj43?8qV9s`Dfe(!wn-EX>6KuEP*U)8tA0{K?%5 zN@sFScw9lp(+&xg29uD#=e$IQm_KhU82vg$T~HCyQ$&62 zyP61=(bLNP%e;u#yn=iN(2G>mSxBGyQ6SBX*xD?gBMjSOuJ=sOYD~{nl&=ECy^zba zk#oK?olnE0EHbMM(i+Xe*fi`Tj7Hnf#2_zi8;t*CQsE2MdZ@D1JWXFZP=te4X#G@B z&5XOctd`O!zp4PGaw@#afc0vJCn(Ip+=q?|IQ(i=G=0UbYBn7}SMu5|57V|Y<1F%m zu6SrSZv|Iz{$&i1yw=|72F*HE6@e-YFuHp9gR4?3&MM7gwZ49avWkd|tw54Z_ z){J$vY2~7z8md$q1nbi*sWP!qWwTWEGf})V_H0s?)3bycO@CE^k^BP-5QUR0j4Lxm zei&IRDB0QCG0pm_z!@<=BUvJQ%wNr`nydm0fCZhj*g>1AkPTCZZ6=J>*sLuuj@_aF z;Rj|IvZ%rWkWvg9t2tay)iZ^*p@K42%*d8KE)vt$k2(xmB(y|0hgu~JZRn`vGYqpu z0xS=<60^zsL;J4 ztnJ+X(p9a`ts>D?-6bMj({T9$-6ZPW z;zgm~4c_DpsNqE-<8|H*LSE&SUVdU;QF`9%Wgv8_-t9Fa?Dby%(O&KqUmg11^5vZH z9pChoA@gP5%RyiDg=nVtI&R>sw*r(uC$iVi{luiTecY+W5Vd;W@+L9dE!o*;zGV4%oqo{DGb?pVtiF$%4%H6kcT9o z2b|!CH5dg=AXdV-;V&6tekg)?-~%A0V2Ub zH4I=tfp<2GCk|wHhG#xzE_zsFez@Ugo@c5>t2I`UDKLw6Sc4LN%slR7D*R^@2(DiK zWiFsBboS*GpjwO$xK3W;a#&|B0Ot`?W?;6yZ8qU!mO3~djCcTsc@7rGLIQ250d9b3 zevoLV+5=Ij=z{JCayDmX`-3aM0tT~(PH^ffn}?$Yh7@MDie7<>PUm&TIJ9a3SdfAh zCb$}d&HmYf0YsHua=*ow`?uTC> zu6|$#6gY)^faqDE1Ac%6-?E1_2)J=r0pAj8vzP{nYX{mIhm)g+{=MFWz9wwMV25Dt zhs}1ZQci8Ww&r4hW3x!(OJnSKaO}b81~Ha8cAy)2xNH?!gG)1M;gVyx9t?8$;=!48;vR-gIJthHX(|M7#wKdj;|D1SIE6MfRPN+i=;-=3j9&;YlZIt}7-hnkg;SVt zVP;{Q7HGPz<6n5}h0X+6fUYDqZp1+6@D45&Z@RD=?hYURHt^=;B+TQ`=HnyI@FX^J z<+g6a=wtdesSIE8Vf*4CmgOPu2NNgmEpI**=Lafyx^XbYCw_9QuJYB6@+N09iJR~R zZ}2>K5X(?#GM00<#_CJ{oQ=p7c$y?it5$@78d~+H_7=Y*4p#h~{;ZGIDK@bV?7dsD5YP z`h^wX^fpj|c!+afZ}t}h?_HPkM#pnKhj#_CjBNg10fr)T7LR76qAU)-cECO>9+vY@&T)C7hZZpMUjPLw*s4n| z&sms*B|di~zw|P1^ufq=NOvsA8TL6Rb1P^0)V6MecX?;;@_a~c6fO*t|6>xb1crBb zZL?-lE0kS-^?y zW;PHXj9(an81DF^hx&k1?SAO&!alipxE;RU%+fv#@y2*mZ*AFm?STL5#AdE#V5m)K zKHnZ{#~Sbe_u{or!axpkKp<%j0(hyKa8d$xye#GY<@PW^Soi_&Z^QU+;1=$cKk{eqhj*`f zc-M>(E@9N>dKDSzV8(9?H)fun@MbRITZm@D_=WW@R`{0bZkD@i)iWFRmi5wRLWr~LqJFfT`5@f$|G6ZUqqVm_yi0y`40kbJ6M1HO^ zCc-%nBa&t+4ALSBhFCv(F(OW^{>XKYD5xy^QM0-!Vc9EKR0*`#siB;60xzOK0&A;C zx*7%QgoqQOR)PDb_Vf1dFyh3D74z$~g~+6Si~04Dy!i4zeKRgowu~8bzg5LPlRnH( zRq529>y6f|`d>dzqZhlr+z;87IjZ}0lU(~XaDKU9%l=1?h@51nRI>(txViJ_(x+3e zZv8s;-6FSh@9zCOc<}tJj16!8Jo@zN*Q1|BhduoG^0)tu?|wf1{16RG=f`LEJhLU% z8F0T1SebO82`HU`*&#N~at)H^nPL(i=8s9QDVW)24km`7WFg8jT09hf24Qq4dblEs zExP!kbNa~$o-$)iW73TNIqJA0MER&t9*;r7S08&m0x2Yt0`V6eKUFOFPh(q<$Il+0 zY_Y;}#$C~dAR!_{gd3l1CQl)UK}aAyTXu<z=0KipZ+1t`ZNewxUR?qW`dSMWy{< zswtGgF6fW7(=K=18glsdCmmXHDUf?GntLv~=O#I0J8cj#gtzO;J1=*$tWXKP`F2O7 zdiLV0Z;(qyN00s#NaPY?FU$3Fj(?-=qr*QS{-aK~yzO$izMb6KYqZ>hGz{!38_i)T-?trS(+JPhT|-9+sZnJ zELzSx_cOC^H+TkOY)u#A^V6**y)-gfBgPLTu(I@W#4>LcF^-~bcxKs9vSe64HFK;m z+A&+!PcNhOGa8CiPaLN{YkwTBK9ad*zZgv*fst;k z;?W#pT>c0@vc74wg2VG}d~F+EXp%oxAEq>cT|55|nbBLudhi`yNPO?LVeK~V5H`pU zGr7Qicf{=Xef>rcE~g^Prq&_!LCJNEJ0JoRC@RY_uz?PIAOs`09n4LK9y;KM_dq8Z z5KTi4xA>qfL^d1LE$EH)%5kkZ~On!6d+o&qTsTAJAch9@oW~^7d;~^+{K`UWm z0{6Sv*+3L26j1fphrJGIk8LN*Aovg@zS@wAkS)pLJ*orfp)y(izKMWJ@T=Sev}UdRpSpXScV)k;G4o27CL%d z{tPyfu^7h2gt(%0hLOCZP(L&=m97W`cb(w}Aoeys;GJ$WKJ$kbde%ceNXCNw03P%3 zN5w+)18uMo71aI{u~Zh$H#xW(juHkXorRBgxSM4yXG0;M@k1h^c zrVj77tY_XbWZSD7(j=pfi`B-GjyxwG)2Ytv{IQ+xd?!2~7)a*48JZ`1m?$@(W|jk5Lm5d$gj8wpFy$CRn10wi z#L#01Nw8>?+&~Fj!ipinLP943b*&63MW3*eB4Wsqf<>UzF)C$DqQKD7El_m+eEryj z4dMYmz^yE(ETP65K+%RWl{8MwDk@^yaRoQHVKh}W4pF={K7YCaphOGTI@7Aw7|BN| zcmfZ1%@?jNC=zQcxDAJ-oa~l`ih=; zsNfq^V98#=GtaehmT^t&ENDY3+R-LRKJ3`aL;%Yj!Oj)3;c;zzsPV7N&PTH5;YTD` zA`h>u=d==8gKFusScnYPJhX-Da7Dt8RMrhg4-Cw1?^@Tp=C-lw8O%4Pd))49mbBiz z&TX#H$nTQ3yyi{oe2N>`BAu&afz{T;=ic)Cp&43ll{xyo@Asv zIo`1*jGU2wN%^p+=nFks01GLspcHLJ@{FS#5g(6*A5&n7UN+KRf$+=9ShjALVd5>w z@?#V45zLn9fdo4LQXnKYv2sHZk6lpuCVF1MiM2uFtC;!^-Tvh;u5+#HUGo|=@);~n z^3ej8@Z%4d4GBHSthqI`b`4!f@sID*4|13UveSrxT-foW!LWoR`0|lR=1Xa8_d^{O zkv6qOBJJLsRUql^E4r&q1-9@b6gPJ8ES^2>f=oo;H)=^xf<0`B7#qdOW{EwR-EQ8< zStR+$fn3x{DMcBo-b+4l?^{G>xv*`_Z zNW?7=dF%uyTA#E*rc3Ec?87T~J-gUPLWiK6FcYxY{z-qe{+9xmo##NxcSPzQ_F@D^ z?>Fu*WcyB-R=f7Tz|OjAxsKwm_XY28J#3xb%iy^WUND3KG+s7NceAHGCwQ4fLcSgt zmk+nUG~dd`c|MFy?A-1S9!cmEKUd+RxE}@12dpC^Zm3ti_rCu<@L6>AqidoeG+qOd zaZ(@k!gjtsr!kFDV8XhlzP&ohM-1%I2NCmmAoNXafu9e3>2oE=dl7&1PeJn(K>rFT zP{r5xj%mljzVP&)wDOG)t>oWiv3=o(`AOPpC09*t0U|g_^&Oq0WTn-|HC!Mx+3H1)gL6iCghOAM&kN?QNWusRU*<1n&i(49*}8 z)?mo|8rBg__Z=PR5m#%aozUe2Z|z<4y+@#l+b@6ud4${dSzbQ~;cczKDL|n}1O^pG z1mN`?>Qx>{*dM_0;0~f#4>}-MNTGnWguYqef##Dc2f^0XwX~k&qxnh}$fLVZ%|LNRYz~#KR#Lh7CrdBu--R4WGdcTtB$O(XoTF z*~3wkp^cTpk967`7{tm=*R^Haj|H6|_5(YV#CH6G7${(Yk)kPz#4?Pj(TL_^5LU-X2VxtLf`g;ks)j_FvR6k6%Z zp2S9qghV=oMi#{{;)R!`WItHiUW`OZ_|{3J1ekdt7Up0-tRzJymPNAIP5`AuNWl&Y znV&TV5g4F1_QRchq#|;~ET8}#m}3OCB(3=&Z$%nMctoXL+4T(fDq>6)#aJwaLOP^f-u@+C9uQ;gC11jmwDqNo)MZ`{CSevPI{_wQCZ+>npkm^O zU>YW5My6!?T4PqGWzvhkTqYn*CTDi0XMToehNftarsX{5XPzc%N+M~lCTq4Pl9*;{ z#-?ogo@>^oZQdq(z~*f3CU5E*ZvG~42IqcYM?C14HykH&CZ}>PCv!HZb3P|@MyGTp z=Q$K-Z(ipN?ub&XKqd1YOrf$N9HzbZ~7DgRmCxQ0bj^JccR2PFuP=3w_%&|l{%wh)K6-GGLK7d$x zh+FE- z=V-zvjpF5v<|vus8h%7&w;9&pU8rFZ0+onaZn?U>U`4{+gvBmwytd-LqO6qlYtRiHu@#)jbtg3lq8BedY*(M&2Zu0a@X+}FWY zmQJNMm_Pgs+S;A{iP!?`ZR+CT{S8)MtzY{|UjZH<_Wq)y zX`Vx2f^hJTFldc!hMKLrqNOt8VW}?IQ=(Yt(ywjNVSkN7H)8J{f*s$o?sv`tBDBmt zAi*z8DrA*!0%{rLVQA{L>c=)|l^TyhNNK=UXmJaGUF$?>H)L-M;M;^6&-H zug|`oAtItch;HjPmLrB?aZ$-I@QVfGg%#4T4I6|v?(TG$Yq^rJA9t91tgE&au5zjH zSXf~doR~cviM>iI`OzVb0>dV4f}+0UItFSX-mt;FBmU~J326euI_%b=z?*5p;*zgP znB?aU1aBP#*;O7%G_gfUK`C|yM1Uw;^uvgjC`_^*IT9NctZd81D>#ay{u4Ii7sDke z@9fr4@-3n)OGuWuA+tal#4^_n(h8kKYyuw!ChM_u@Nw0# z^B=!6cATk4jzxdjQttMQ3UWw zGBjFNg-a?|N=tKFG6YL1SF%o*I(Q^7;DuYN7ky&%=905O&%{CJ@i@xp9v7xN!!uPo zjyr9sx*;`>jEB()=TBN$BrF}7pB_6=gTY|pl0ineV4wrV578jQdo zu)`W?fK}~497ur!P=bm%K%V>qq0|}g%mM|h04xwTKkUG0JVg*#0A_&z1#AYo^HF;%hJe4v zYC{QioA}n8xM@cWVT*(M9K+i2z-*ZIbT7(*m$*M%fMw{z0rYN+jKG8ogoTd)g=qMO ztMvdzK)Jt%C%KX{P>74ld#}ui*LaPy_y!SnEI7bni9iCZIF(O%IZyyd-S~3I!vY*u z5D+#y0l8r*0FjsXk-vF7FS(r0xxO@c$UHfUqxh7sxM^cUoD7JJUxCzcZarI;9JVo%0T!Pq~z1cnTsmxIdX!W5o_9K$?}Pptq=at3hI2#rpx2E9g!yQY z!w6Un(NF*i{F3nX?yS@L2;;i8Z+m*^IzwJNwgWG>k2|?@hqo^zxQ9E~mOHzb`?*tM zx~u!SwmZFV`@2tKyvsY8);qu3`n^kHzUw=V_B+AT`3Hxvz$g3y6+FX#IPVVT?<#!4 z&xcZi7>#D*9u_iOH$2Bn&co;B*Gjy;Q+#s$8+Y87UU$68N6xqoX26SlZ<72MLM4qE zBwqaQ6@UU+uRPDQJat68Lv}69%e&0?WZmf7BL)ULv_Q6ra?d|~omU6YFQm{9y}DC8 zH*!Q({2&j((pOTcl)xUYs`~KiQ6!4ZvApd=R*w6iI#GH2&wm{&%sy?DM7T!@li@*6im#Jk|c~_r6-` zKJfn$@B2RSr)%&Zza9;L@h?9DA;0rOkn%IX^efKuS3i?aKlWFh^>6>=M1S^wf3?F$ zJa~gMl)w3(Kl-P?`maCxx4-+pKm5nP{LerA*T4PWKmO;x{_j8k_ka7FD?s#%H;`aK zg9i~NRJf2~Lx&F`MwB>_VnvG=F=o`b{*hxxj|}^T6giS4$#~8NmQ=ZtWlNVYVaAj> zlV(kuH*x0Fxszv4p5Fci6*`n?(SHI%8dbWKX;Y_9p+=QDm1*gK zAxD-xnQ~>zm$lY(wwQBg&!0hu*4cP!Jj|z2r&hh1b?c%uQ;L>7n|5v6jH^C&y_! zv=(ft!3a6*(8K8_REZx~L{Q)XN>Nli;qqA0yo)m0-jv`8&E^|T*)0uUn1QgO|7H1}BT z)z=PP?eWJT)7YR$S^NGOM}b>)ZPrQ2_@ANfB9oE@AfBamf`a zTA`-3R^4@b!?xUa;f?9spwea6-g{4TH{N~u9ckWw>cv;!fdSLE--F@(H(;a+MMxy9 zbkndOp(4JkVuCSV&0vH%epX?r`niOIiI3vNfF=}3Spfm)kjL1o#(CK(e$*gDD0wg- zc_@CISj4M-d`TkXpj?njl5ik~y+2#TDh%g%sgc^oLwPJY%n3&QH zL5y-TpZ%AVF}O46xq-ioCgScce%!pF0(!-eWw=@JvLDFB9#mvNTye%7kA8Y0W69tg zAvf52b9>NOgda18eOmO_OUK}xdVDAZaaDdXwjWgJjNr~`1UGpY@>S7~brgdip*ROW z@CUcxEpRfhDUR_Vm@DK#B_DCpM+KY~xWT<_9MwzQ;u?pwe{_%^XaHTz@}U7a2;&w* zvfj?t_Ya)K<9Geo1R<=qj}#OmA1N3HFEDV6U;yI*#He8`93Tg$^@A2DI6@jm_B#en z@h_T*{@@i!HNmIcF9yDNo(9XtK@VOpgkmh=2{%9w5UjurZKT8tg~E?V^ergk$XN|< zXg#3iz!xJ!;uhNYhI2@u(6HR(B(ZtsK`RtZr$p>AZ);or zN*?&NuSJw=DWMnJ2(q@Y0ZgJ4v#3}q>YSrcG;0DiX>M>r7H6!Kr7d;oOJN#Qna-4^ zHMQwYahg+|?v$rJ_32N68dRYUb*2hE=}|L=P^C(cS4eg0+?E>EQ5p5ARb7`ypGuR<#c5tZlteTGtv^HMy0p34*I!@hYXd?o~f`&Ff!3 z#8<(xXM!Fu>|qg`Sj8@uv5j@?V<8(^$xfEBfQ95>G3%tJ3Wc(r_3URs8`{oV_K}%2 zZFUMPTGg(WwXI#OH((oE+0K@>wYBYSahqG+?v}T`_3dwg8(iTIm$=0>E^z)&n_T3i z*0s%b?sFk~T4YD42*G*LdtN$3RTk+@?+d)k z7VwIfzVpcmKP+)4mB?aKCHVy*W}=DywuB#h&~HojfdU1iU4_GZ9X3~7?n_}|hq#h(-Nj5M{lK%#n#49QAfmyN-6^Mi# zDX4LTV;mC`?}Q(Y_;Ej4yb=v_ILIs+a!CYy6M4A6CQpVDidCFt5aA@rD}nJ!W-OB^ zzvRX*(eX%T(PSXk#L74+@{zlo;SI~A%_FIENX9%CAhB7^F~YKz0sb8v7Q5KXeV*|+ zVgL*&q@bQ5Q8WsWaHl9sILiF!1cOCk;E-tJ3Ri%`o<(wIk)%0Dowx!P0!R-P=$9W; zxKlgUz+e<53rXr|!JX`3YE+A)9E;|{FZz66Bd;XRBw2ESMPUdO*g(JaQ1%K?M9L+H zB+R`|!LN~2k3XE67*HlLJ#PIeDx3n`uvoMlLUQaqBwJ3}<~FZ=4QxwpHqiB!&!Asy zXaJ961>J7-{^s0{08Sdi0_Mji8a<5_+-V$LNH>*7BIr}w1l!HSR!Ol(a_luYydTprCF25E{y{5jHthJu`B=5m`+MebqyPn#PkyJDACEjM zo+gZcx#Nw!;W7(8@TwO)wE?_+B58sMz+Xep@%&@{d7xn9qQ7zJ@!bASzhC?P<-T28 z@AU*w(6|izNP_nK>+EuG{Bm#S;?Ma+0`9CJ=^}2&K91p#Wh8!K4h+xd4sXN8!3Kt5 z6OOL~(QNqsPbR#tBxEn$#82%cFUTm5=>Y8SM1quNVdGX}>E7fIKA{DGMD%p581Szj zaNFr|qTrJ%|4sk?|Nb+Ia(r^v!;ZE2g=r&>XY+?mTq6GzS{Em$ZaxN5hPSx(@ z9o7KA_7KRvGNCb1GHjt~7Xp_tGKQBh;uEWcKQ zzs$}7q0iBz0MaB)PArYVMxoL!Z3Qw-zo=mdPR+qW%>qNN)Y?xD_AKK(P9$JW)|8O& zjPVMPans_h6l;RQR^q~x>=RuuB%I9|AW!FvUto=EvAvo za$oMUB-~-8x?vbX!X8@cPTXM)LjoRfK_pbl8TJew6f;POAs&Q*r6%(%`*JfmGhy6P zCDL+|?4jH8kR$?gB)Xw7DN`gyQy{J*B;0|3GIJ#KvNLV-Hnr+Ap|T_{sf;mZ|HThu;;UVj; z(-|_eHls5=)l)`v(Y@b3idPL(8N+X_Gg-@;VgsLHi*!7ql=Hb3a|v zLA~=WHMB)tG&u@%K20=8$}>9)Q@?uC8&(R`U^72Ir998`MTK-oWg|vK<3fovNtF~g z0+J|h(ml~~Nu_j3yMsfWGfJs6OSP0MtrS49bW6cBOoyXOH4`kw^i0u|CCoBS*|be> zV@;!SBiwXO#dJ;S^iJ^u3W_e4=CbtfnO^-{yiCONWGJ@r#THB?1)R6n(DG!+1wbSR$mR2h|3D-}{*H77GQ zR<8_JX>}%N^;Rv!QgxLjbG0oV6H#A^ctBG}g|(>UGFXolS>G~FIigveHCoBSR(rK2 ze^tJaR4uwwC5W{%wv{)t6)wKjB*L{Y42oR0gIBAyB(HTX+SM&)^<4=gUT0%g%hfQF zl{?gRT}M)0(ZXNdbtM26UIn&ZS+q9tHC?HdU)eP=1~x6|6*MANH0;$j5>`9*^@{G5 zVPoQ9d%|PSVq!f*WF_`szZ6O_c3~@NV>$LEKz1kEl^w3{3b-I1_^s29AV2M)4~n52 zu3!jKpws?ljU`A{`}7YE)=*}FuV%-g(Yj`4#lRl6O$w4v3yc={gb_kZqEUse)21K{ zfaGR7O$^8(1|o_bZY>_TVcV`C5sG7Hag7Qp;c7cAYxxs2P2v`WVQ+=u9O6N5_m+6# zp&PzuZvl5UyTKOrte_l|a7`9vy>c7&HW+XLNZ^5Qg`qP0)-gBNGWT{32Ny^Nx7#k4 zZ)ejUZUJ;1S0vyeV|^91d;^lV@R~Xft6A-(d>AgdJ?x&YaeG zz4CX7wqW&>cjH0cnpQul0CZ=eo~B_~;^BJZ0dDO9;RHf?nRhp76D7v?f$X7gL)R-; z*Zw4gAs9fHeASmnI}~qeb9LciIVH1xPZSs8fiWM*e?xb0^D}?nvKxefe+6QF>62IC zp&1Y%6xMJXx-A~$_a?fbQ7^ZGS>k@h_c)Lg9zX#RNI`>j!hrV{GGT&)mvnY>qIO9l zdJA)UbvHi#T;Lpt_l1uahJ6@^mscgYwuafkY=KxH{;?japcw3-i5+tj zDq&|wPz;JA9>AA~AJ;X%l5rO^7t%L@HTZsg^NQhDjJNno8+UPSp?@>e9uRnREfdt_ zm~guRj2H7ix!7^Tcrh&%7!+&>6l@UUfdqGH5@W*Vcw`MWF#u9rs){=t+y z7$$y!!Dg|+?7>DZVxZzCV7P&_9c1@_`<+uo%ZSIV1{SdC4Bcp4J?&AZIzQ) zY_H(>lI3>U4{J$+WOes>9Zr`wXCA_>Y~$gGzp{huVGr7%3m%AWufT3AmNo(RGX3_9 zq61K?*9&9zcPBJo%h0R7BRG z!VV7pVvdwadPrFqCtMhLy>b>_xrSp|c5nE5X}K7Bn5DbscyI7_vv_O%XIkjmZwSD) zmw80vGH!TXpqXW$YbOzl_4t|{^Nh*aEBW`E6}T`FIG?%ss?`{B1wwN7wsPrnHt~5m z;W?tg7_31}qD_L26<444ROoowkvFH5&r!k9t>#vs4HV4jGMT{+453NR2pc*`l#Lb( z^RQQW8f+jC`ubB0S>gCPp$qeomrakw^(8L49Yf-x70lrnQNbcjb>ct@tQe4;@t{Lm zB&MMS;(-elEDZXg92Sfc7~8Qa8>LU#C2o4BS#uAF0hVi6mS@_jd2EM!JEw7)rHy;0 zMWTp{;T_aaxk;jIwISS|_`nKziskNlMYpGed5gXHLnBI_7nlC4y8&>6;jOotgfBLJ z=Qxj{(wjwhbJe#p2^Wqd^FL9SZ&MepZB^=O?BMEp!{$K>kP#j>!QrL>1?0dRw4uQi z+y+QNwZUKwHs_+_pb`548N$FD;9=&FYz?@;8`f488vMZ{e4irQ!6AI=X2Ax)IKnB= zTrru!5SI3dTmK?rnQ(h!S@~HcH)W`%!8PwhuEi^_fC|VsK1j6+Q4bO zTOhO-ZlBj|oBPZ=n7qq(G11qm3%S7GQ=MH

)^n4TBnSbONPp4hK`ir0XU3t}-Y6x0q*2gZKl6khU=J?Azd z2mH42Wxc|9EalFA)gAxU@%}LMUZwe7G5mgH9sM%|e?O?T9U!eT6?_G%nB048*0`bD zf*sb)mdR&@vMt}~Lt+*-j2%#*TQpk!=*xZBcmGRfVYKbR7B~Yv)gc9tQEjC_?5DsK z;-Mba0Bqv{7*?R-(mo^rqMQw4{o*kz)-Pc{erxC`Oh|79LVkwC^rJU0-n1AADOP$2 zGNj0nBukn+i87_il`LDjdJP^5Za_PJJ%5YSgQZy`57| zG@jCU&aNlau3WkI@FBN*)4sj?_wC=;lmBj=`O%c|+^L7}Jzlr_1&_urKh$~V6~vx= z1|EoDf+GD!8-uwCr(i-5M%dd>6eeZig)2D+U5C;^MV*Es0=L|VCZ335iZ3}R+j$4Z z6Cy}1DhT69Gg4S%QY9t`o{lQo*kO<#J{9ASM#i+`kxDMfq=78P7LPEuOi5*xR$hr^ zmRjB-Oo>r$31*mLR@voHQjUpcnpl>p<2i1=31^&g&PivTcAnE?dGXxIXPHHV#TH+TamE^N%yGvae++WSB9BaR$tItS za>^F7WUxyuCk%6n3qyzMzc$~DbIv;N%yZ8^{|t1{LJv)J(MBH)9n1R0%(TBb*Nk-3 zQcq2F)mC4P{&m(`2d(sjO@Gbk%+Eo+b=hX0jdt2} zy3;t5-FfP&ug<#TpUW2duca3|JEWCEg?j6{@6LPgSic@y?7r46yQ;UJdbsb(FVB4Q zIs?xbi}Bo&%WP4O*N;0@=Ax84!i=XMK|G!`ef7M>6AYEY40B=W=vzsUL5JWXKm9Dh zNW600Y(M((|Kx6}er%&3|G-8PdM1wq9Bm!NK%fF~=8ppqaBch`h4U`hJm@inMfO<3 z9A-2A4=Q-(JJY}m3R)1q5{AJ$9qa;)PSU{-GA16shynIGXu=#|&onjMp=?TrL%hsE zBPrOz8(dLDIrvZ{^`Jr};z5lSjBq7_F`;NiQV#zC&{F+qL<0@zK%?~|7N-a!1SQC} z2u=`#Y}}m&m%>30erJb!B3~Vk5|0p0Q6n}$hCM z=y*p)_V6Jcv`9ffqXVR%=R1>};}2oD21_bu7MT=G7c?13>?EX#AK}gt=a?M9*svhl zkU}8EqmV4>Y>QGk#sUAa4+v-i1SmKKHgK?pAY>pRUi=3?l+X`(7{CxghyVfm;S2r> zq@WE7qzDQu&_I6dAP_Z}pgOjq0|I)}0cG5W557r^X^4OVgm@+a)kqHtpa266go--! znS*F5uph{vzzD?fk1mE2nrCr93Ic&fsqsS%-z=j)SOd;~NYfBU2*Lu&*~XBv?u|x? z;}A1L$V9{g9*8+1G3>F4Q}%-$DJ( z4cx~G`k{$%B7}_2gyugY$PYUR7b^N#=0Dsa(0_u(LytUPcdLW9MR7N@&lv=EQCFwf{j8vg&)5aU?{!;%~)9EDS$5S zJr58MJk;fJ$A~Rd66o1~=tF|og=VRrqDHCt1Gi7n#{*wm3__ciyXoz9Z zE~4QINWsFG^0%htC~`mQF@;jlbcA{YDuWBMW)WrLJJLi_oEfEILg3wYf`C%_*B zK!hl6P8s8d76~^Og)RDl3e@VO1PN)!8Xhp*GCo?3{m_OQAkfc#97EElb}c6QxoVfc zde^eH=BW+Pb5Z2_fwA_r*%=3Hp)hrbfL(!p?a>LpzEs&Wt?6A%I0#@cxY`R|Ojte4 zM?p>_1&Hu=g-LQ@ag$OzRW#1hyiHJP*Ab#$(=HMF+UaJWe-0|@cbq@Y8O~DbgV#AW3?&KX3rw}B)^3VqQ z>cAwruE7Y64zM->{17jvJ>8FUXcV*wO$hVtIl-*QBDVbCK?AotL3wl_`>IAGbO|jE z=~uV2%-@Ie(TM(Q60lG{%ky_B^8-<*QDk>sXJ>$YlXf@(N;0G$uHbC(Fk+cRcm36D zr2sK2=4^ad5J9yVS!Gm01yfr=VF)r;L!@}*76Y0mK9k3831M%QCvTXi5HOWklQeOl zcMk6$1#)nKMrL|Pad7dFaGGa<4?{z@q!6%IWP|ky`$j`T<}i-*9cz{!zfe>D7H`34 zXCU$~$4~$h1PuZ}2Y*If@}L1I;0Dh3K>mN`3l6XX+~iCYg#w#lPx^p#|4M#N*5KtGz0$d0c9jK6GZ`11Wac@NQ5welV%2Yc!0C0Hwj1+CIt_NKoIRf1*NbIrJx;= zw^lAd4DjH9#6VOlq#vXZ4?4&N=Kv2ownx*j0=VD}!4MgN6nLwo6(jf}3%Fn7#&{_R zVoJnP15u99_+rEWgE8Mh#51>E{&_)U8Fjxd({ttGQaS@jSY6XFDg>8xD4b89#8QF|e@Ih;(g}X$2 zw5XCR$&xu^i#4%;@Gx1D2t{L27FlJJX0=!-phTF#8f`U=Cd36P#9&$FjRsPJ;kbB~ zXKr}00;Nz8Y_%1Iq=E$@i2wF?P6>?t&<;QOc}UNc(rm*34~z*9w}1=zA%*qf4BG)CQFs*H zV42t9n%UtE-H|_yVMh`EW1F@aNsS3UkNF?26q&H}5RW+wJ`|hps1T=#C*A>=hEkZ- zX`L&1mN0;CGy|o=qa2=1HIR={)G! z62db%`^gmZX`lZIpy&B2OT(W9N+JFkpb4s=n1i1UYM>9w69~GX6H1|cY-?Jp(&xC8cL!l!J!|DqA6N6A&L?sTB0usBqlc<=s}}3YNI!bqdBUhJIbRy z>Z3mjq(LgALrSDYYNSVsq)DozOUk58+M_Hg6EG^J&VrJ6rlMDhrD8OoUNfa#S`;Um zrC}V521jk zFxr{rQT~>>^040#vA{vE1>|bFc|35)0d~C=r4=MH!6HSqZTZ5`+?>hlC=b4n6fj z{J;qMgaRtSu_a+>384=lP_mUl7E?qUXN3YIfQ0fO16+wwBh<2lBt!im4)uf@BcMYG zk+e|@v_iWWUHMHuYa;y61clHK^Pm+Ju(U+`wY9YnPaCyNO9)kqgerTrN81sIfqS1S zu+*8ccZ;t0N)iZr5*{0NP6#0n)+7@908R^W27Bg3 zFLAT{fCfTPvZ&Bm{NMzERvWxPdiAgvv#@7xfDrpoTar5wmAep`Pz=;y7N6)^^bi3E z{xJ>=&=2ac8T~*G62uRxtGH%+B3wHGjur_MVFrndy7M3c4L})>P_o@H5wh#M2@$*t zVYZLE5X8&62;sR45xOjKv3QHVnzONe%dmfI68wM%iK`I&&59MY|6dpb&aSzkbILmrxhc!~piN18sl;4Q8e%OpS(kp_;|x)(qhIc#VsY(Nx&5RTl-kQ^KP5CCrB z3$BH_qu~VboXy)DyYD#;nnlVT!3aN`5Rco#_535!yb#oz5c9kcUL^hx1F#r$EV~aO z&|^f+xeU4=!OP}bx8o_y9c`h+EE2|C5`Ig@?;F1?e7RgZ1o_LqppXl(Fu}9zS_?4- zmb)10M-RN45T^wahQ?W{wGia|x#nj;@~{9~Ap#2^16Z68C0rZ)00oP2vi7jT3Xu;q zAVWE=5U2IT3gHX6yVEm(!;3)(PPzHy|AnB25w`{jVnxxMYn1@nFsJpa9S;*C-2JjT=qY)WUcC2!w#j z2VGCgyAXH~X!%3~6Cu<=oyfV|$R#Vspc`m)gcK9Y64sRvzWyKsWb1-7Fh!ls51UQP z3xNuHq073f(_j6b?4a96vdVfb*O>g){D27)9CW{pO<>&--3z(M?X#_2z8kX9f(_p4 zOV}V`*a|zwi48+7g#?sg&HXSAlC2Q`D~Z=J4^ePJ6H&iGOJU^@1QTEZGSm+C?RFh; z2|A6!tBu+>+tfQNx3zl-GQbaKKnL`IbVk7scNqq2CA#dO07tzQfyUqdJwy>5!2%$& zdZ7+cKmk$93ko2!G|S;0UQ8-7#QV_UV?hTB{nm$(R`C$g)#c(_L9<_L-?tRwV-aXP zTNW(=*x~KuTNB13ect(kAP)?%&C=vguH{w}<%d1x{yLE$R(|EnlI2@&=26q-=8eo_ z&ZuR6=5J0kB-IWo#jniZuT;+FZT{VG&gW^9uI>uxh(HSQn&*S+=6#OnI}@&yTId9G z=!p*LHnZrBZs>a+>6bn=lTPVg`skSM=~JQUn?9wT{^_OOeHfY>@hR$HL+YmP>7?qa zu`cVgPV2R9>$fhXt?ufV9P@5TyAJ80{_BKl>B5feI795k-l)f(?9a|c;~hQB z{-VJS?Qg#9)c&B>e(h$S?b=?T+}`b4{^x<-uJF3%;BKJeKJHE~=ll8?cAoC)&Y$ew z?%9Zk!&i{Z9K2e&*vw}0*I2jA@p&%*nTtcoqT+FQ7Xo465Q65}ud5+ukS z(cUHz3x3@Zo9po-eFqcKXQNxXr<=N~+q#n*;YlvLw3`snaJyi=yS@9n+dI5&|M3cf zyvobG&U*^bE4{s4z1Ld|*$ceFi{0Pr_dxf#-R;Xa!%Iw`>`p%#P#>)$ebS>*zxR8x z@u0u_>%Rb;g559=T<==^5CxSW=2rgwP8I-GSWLfLAQ7LK1m%3eDBu8hj0)PsO%cyo zPo2Y~;noEF!VK(vGEBn~EkQSo+B&@P^XtMuEW|`i(F=jZN(|RctPpgKvpjs)Rc!q) zJi<*a_9tQRm>+`*9E0f-6v`AWdAfx zWa^aBqLuO@h(4db`+oo*>dL%F;v!EhvIcM{DSqH%Nk4|(5^%Tv`nk(4*|r+YvB3J; za5E4?6mdinOEmFB6jM~OG44*gDzvOfGc86uXhUwGCWbg5o?1Zh5tLkFIf^CQEDWHH z3|G>qESJQQ=tg-K{y+f*5f+evALnG+Q98S}d+3u;?p5JZc~Yu zsrZS+H#|-;$v5B57?K}dSz->$=Rj&}B$c{3r=NK;HIJcqw%s<+hj@w07a78Oh#eYK zk;}J72w7_&RAOMMs(!|KvQE+1b(dU#u^Q0Q{C0x27=ADr5*0e;9m&qGa*ANxc3FDs zyz=l8RWVTh_u6<>kV6)EWRgoZd9PNnf)T4&W196Udp4O83527~x7UZr83BbHwk?u6 z*EVV=3KUkL#G>m~AjZN196GqAX|pVnA5<1dp$(PPAzEpf6sUw32I9FyhJ8NB7*KxB zLLrQJ4y;ZADW^QHoFFE!V2*ekbWH#XrnI*ottsfaA6^vb8wC}LVF&IhQ8+tb$lWSr zAI7Jo!|faSkvWAy@^+~3!xQJ0=oT1SJZ{Gal6eJFy89Thj{kZ6WZG-D{dU}QN4c|? zUt0O9mSO5Wa^eG~?j=@UEq;0Cn|J>C&Sp0(cIkDu{(9`Q*PgPJUsRsB(qx5xeD02K zDO~>Y(^r3e_W!G%FzUCLe}4Mwr@#A{ejhD-m)rOMe*gwhfB}5pU*cy!1SU{{3rrRM zVA766#N#UQV8+qJH$V(#P=g!fAXWNcCGKU5Uu0t&-FTuf7H^Daq+=cJs39%x@Qr)qV;@Vb6 zWhqU0N>rxulZaHLBVGAQH^z~8f;40;ZCOWF>JgT^VJd@CodE-9#rbtx@Z>lsMASEJEVXD3;atRPfY<)ib9CAp=DfC{^i-WlsW>W z_QR=A{TB`S(S)YVV+|;vfK|gXkCS9|1cSTkSHn7wr-pT`QFY4d%BnGaQq!h`CG2Bx z8YBJ*Pb;-*DLFC_4@Lw4DnrGJItGz5oY|5WI(SGu96}y`yx}<=*@p$1b({tjgBq=a zh)U>TCw&3#vU>taXh)k<0iJaNg)o+H%m5Yg%tHhXKv;nu(hc9h$Fi8^h{OgWTA7># z6&t}=J~^t(!e&>yggGqB5^GW#*$7&JAg-2p^dnHXOJ_ld!Ategv^}AKy-q;|1+JzN zs@WH7BcZ?uI9nYbpa2Ia`Go_nCai~OWFJ!sf&lRIJZcdKQRb=s!y@)^ft6t5IE{J` zNWhdQ(Y%*G6{ev*hA}9(3wb$;nP0f-j&5g(wc2&{OO~8#KS!Ry0I0nALT#vYchEY8g^grXnG?gsCbQvQTDY zGE*T(I=e*P-;7YB8sfC(HL-a~pYvmgkTd)^bD`Pi9054I4*oU&^hqL?4X%{Bgll`%Aa$4cacb(=!xba27poiL z>d7KFBhNkd(@WB+7p9DPI;x(Q~ zrT!$79dF9I+uo@*&`E;6exPCz z%L;Q{$o!Oq( z{XAmDrr2LE=7h&(1=26)yFX*@lAVrwD?UX5&HkSDka1*IXFQ7s=%ysPY3z(^`Moc_ ztcEpvtd(c$3h;m#Qs4vAivlaq4do7Z3VJ-C7~?2_*xU@TtgfwXrLH#o;5PH~k>T@AZJIn-S)V^7l@3OJ{G!Wr)I44DV%OhK~jL&n7vZNTIVtq=LA1?l3G-ozUzm~= za2I~iys(l#26P|#Td4bsz*u6Y{Gqjh*gwx`Kn=vGy^}x>+$D&Lpb4rV^4mZYT&E8F zKox8xfD$Nyf}s*TK^f$x6kI_YM@ zq9Fv7B0NGUETSY_LMrs3CKQt=j6yA>p((6FFC?KW43LT1LNY9)F8o3?R3J!FB{pnB zH+(}lj6*q`LprR(PCCOh%)|SkK<635GW^3T!b3eA#Ow(}0Lel?Oho??L_%!D+%d%e zKtx5H#PnfAN4!MZfyC~RL`v*L=dnag3`H>FLm~1+Q|us66h&236-{i#Q+&n9NySy1 z#ZqZO7i=Mdia}W1MVWd)TKq+mfhdU@L5or>UOdKL>^{K)MrH(={4);>><3Of!j~ed zm|CZ5gb9{fL|<%1Z)_k^bcvDvk~v+33BohHpjrthyNddHy@x=CDG7t_Fte3t#~5>t zEn^?MVk)tED!u|7sY%eqtF>yYg5j395;VFp3WVgAymAPI z?5m<#NUe~?Zw$$s3dfchN5G55np3r$d926^IIZ}&ml%hjvoh|WN10fZ4ce^E`YdIE zu6-aa(;A2~KrQ%Ktuu2i*pi6lqOIq;EwgHZ-RiA@_^pQsuHh=KxInI7TS{`MEwGpv z+lnrRn681qyOnE!;DG-5lDFFVbNEYVE2Oww$y(GOMDGPgW4x1#O2-B$vvoQ<9u!qnvnV6Ff zdy}}>%!d#$og%RrGBHoPm=$ZWVt6r^c({I`F-f_x)zmRf=`p}kMj%^D;VhB1yufmd zF-+5`v0ySS;W;R4PUgeMpkoK(V!C6PihU@7Z{QLt8@Tgum!GMvc%hce93M5a37l9v zs_2tA8wx^03Z%2TqBFiok{=@PQ$jnhm9g3*gXVC{O6I zwe%1V%qhzl?fy0QNG+C-kNLC@VuKK!Lbm%P5CbU>K!dhK!_jF=v=low@W3`lJEQ|m zP$_*Vl4J>!9KQ2YSd9e)t!uqqu>C)mRvUC(($YX-=5{ z0cfLBmZ&!5h7~1l~h|zxlmw3BJT>*y7`}$ss=F zgHYetoX(Lpjio;8dmGfrzM|Q_-wfB_Bv+Yb40FxWLb|u_nTEVW#zF$gndQ`)y{JNB zhY@hcmB>b(?b#^(S*9(Fpf$#%joRk%*``g<5cETqsHk(5TCN2Ys;%1Lw8dL|p@QmK zvt_5H1zWInMZB2Cv+dfiRa>=W+pTchx0TwsmD`Y{TdlC$yG`1>)mv}m+p_&z!v)v= zO!Yp&Wm>|;3amX`$bE^xU0h&XLp!`&%*|ZQ-CWM?+&G+E%B97|ouJ4q-KzlI&|SsR z6a*bT+ig<9KfUEIyxOWa-X>Rs3UUEpm*;XN|q^rKO_9p0ox+L+izm(mLKO-7ilzwnjP z@m1ceNY|whsweFXwPGux_`i!tpHf)(aC=Btg7tE+bXTo`Zc3$EmciQ*X?4-G{hR{oC5c6t6~*OY>Sc zAF)gJ+7_MRw{0Ha7b$a-=KeWPHd9Y#{fVG( z&#Qt@VH379t52~*RGk6~L)lNW=+ANfPbHm@Z+6nNWMjqEwguUU-XN5w&|y+8j-4eQ7{#?2tq}EKj~kUX#0xh0 zT#6nwHX6-1uUNJrbv7eq5Rxu7YFpBkw&yiojI`9}%H?N&c1wURH#_c9bwjT(<%(x% zzhc&@LV1Y~0~)Du)F0;8J#&)r;fFgllg`9AK7A8ErISFNxXrXUi%`2DB@~VmS(rpM zNQD$hp_H<&)ZV;joo-{EZbn|_zs0f@av0TJ5$3u8mJ5-|{(!cML+uA`;TCU!YTvL{ zhRNY%K~{2j5`J(NodOqeft+AP7j>zQib-c={kmo4I%iesZVl2y?d*d|n1#XCmC)9& zgw_=M)|X9OalPwr%=<}pxDE?*eDR3jFmp&<5=*TPTn6o~H5fVeu+I z!Yjve(VcP~?DDt$axhn2F(*PYKU*_Db5Ts*^I3Bu*Ks$WMa%VEJkN7I-*Z0ib5d&a zIuG772b3R|b65oQKu6v|$3jDYayn0R-Cgtm;qpc|K}3gi?3MIGtn{e8bW9gtO^-xQ z&v9J-^hnq8W*T*#^>kDBLg>9k>1AD2KlDd$^#Lm?)YU=EUShoQSqDT`xAi4laj7+5 zZM;TxvIk)o_DZaEUk7zmuRt4ba&)yx)`AA496P0)t*&fJv3$zi3JH`r(GB2XeprYkCgZnDV`bT5 z9d3#(a}9T+YmQ-fOayk8*-{9_W9ZQ1^fDi)ABeSb09D`zO_%@*IEBnZ0S9Q(SW}8d z(1o%;`~1L}NznyFJLmL4%}m}+P7X~^7C`|(u9%eRcoL&9Wa{e7SDsBv zCFc#b3vHJA#E2cL&-7-8iJvx3XjeypMh@m&$1af;mC%HvD0(4AVtrWAGIM(&w&@3v zi0sxW`7}?OK+iT?PjHqq|AdQjzI}*5XJfVG|2aM*-3J9ptz}LLZ#J|>oBMU1&Ez*y z0dL>T&qJ%fiX=NXg61@fmzECT2NhU}Pg#&6*81}0HI8T{Qe##`PgwFNRJpLdiy7IDAA%s;~7n=bScxOPM<=J zDs?K=s#dRJ&8l@P*REc_g8lcip)-uNd{*Qa>SEc8{O|~D$gdGYeoclPh*t{~Ur?&# ztsHoh&^`i)`l_1C5LHfkA&LPWh%Jd?#V=<@+y{aJ3KSqZG=#=sENQn;JnlPS?@Pmc zH0BJX#{l6mIwKqUS~&3748c4+l7oQOHSE&Hk6YBpZ;VHIv&9jTc#JY@guziimJFI; z8X1C_4|I-vU{I<^!=g{Gem(p4?%%_YFW;&0wieG~RLl0KJmCY$VGs{p;VFPwM3MCq z&nyxUbcaXr5JcBoF7fl5{&*QtCgFfKUE&=V^=HKFSy+avJp`;$Zw_;!!s) z&huD~2<3)WEIIMBVn4)%Hrik^mN(UT^T8RXoO9Ayr=53lRi9aCQKX+m_FZJpCY>Qs zjAa9jW8g~*bhZL12-%|sXJJIh&^%Mb(Z*x^phCe4X=KO{F9Otv5HL}oumUB^xg^*n zNno=RKeROJV~6~lK?gk#@EIjPu5=cLf~~Tn0Hd9`R89~RSTILCSrT-K0Gy#Dil-x?6D}cDy6v>Q5labBcuS^Z3AJODlsgz+U>V>4Z4CU9~s*j3Unm6 zZo5&oDb<^JBAl?o3p3oX!$j$M5q@s1_2;=4V>}i=T4da@#~*_nvdE^2;+n-tS2T zU%d3wQ=i`P9iQF2_S+_v4?x z{`>RazyJT&?|DW6ANdMsKm%ScW7+E-0~@G40TzXT2b>@Ui(Ar>);QY6^-m}tc-imfy>{M+EVI0}qFaf)IbBSwyxL@c5)jq*ug zJN`zoK#8PnZ5AUV9qTx^DylJ$dc0Eto0gV})y$4Ri_uu(F|Q#SvNZM}q}0r~$45eP zK7Eu~M4mPgAqt96hGImiQgabcPGmCuUo$;>bv%Go9Ac;-2yYNT~4#0*53=2I9ep0K^59713uzL`fy5of2Jf zsboNV#tR(`q#hn=2|wPzkbUexBo?U487Pz`YV4~@E1`#Olyt2@{AVT&eP~1%{>KkA z2%$z;Dh5Ue0*#I8h99}$$p-iliMp6UAkgp*KQ0lSmTL5)Aw|wP)oIkDW@VD@G+bKX zLeM~z=p%XA3u5~53kRg24VWPZ3W8v*$^2q7bl}IJCQuxcpa2IY%?GL`nh*o5AqWwO zM_4H^*0RE8l~$#|2)Zz`3h{{_)v-w(7O{^DAOsUGc^6G)G9BNbMIRxNOJNrW4OrEP zvEj)}ETR*UAvI)7%W2M%8XFPGmXjhyMJj7s`xK>8jHwjaM+E{)7ii3cpEO}mLS{k_ z-i`w_{uBs5d<0m2loYv!a?qK;RTB(lgt*52%__y=p)eu`B(QiT24bTAquBUI9Vv*z z6p8~{gou_AaVf|^t2CM;`6qGta6vyr*^l!MM6`_%MJ*p-Txi)Oq8vfZPS9H_m%jIo z=7Hq-&f$#*LpZ_`o-l2|#{vm>r7FV^alE%I zIy;-Wr9>ku<48wO`caS`K?u-t%39z}(vphpq#kunlprtCk$6jw3p~ps%|W8wJxFIV^?0KrTKW+ zEAo7g$ZA>kgGg7UA3u1{5wBQ#NyEEOmW~K^1?l@Jwti)=fA{R$V|3O!`sn3LI@3yQ z$xHt}`qB@+%7$+h*}LcXNF}=Rp^|%5?w%~tAHN`}pEB#mzWD67AT1K|Ii!aqC%Aq)lf{4KUJCjk@2ucI@Pj9~!4*sb?0E$}$bb;4LR7Ti3kpR#z@7{i!vU&aQRo8-EP_z< z!zvgGYg9!J`j8l^(+Zd z`~w}fWF7WHDpa9AWC21Hg*FOdHwGX$hNDrCgBVoe5*i{p62vc#q&!e!Km1(s4MouO z!>hd10nUP_z(OSc13jc27^MCIB@SdI4uCzuAT}gGB^p2{*pdNeL_i)O7b3$e0VP?w zLI}8m2snU29t}fAQhnIMUh-vM`sH5&W?%~DU=n6w8s=dlW@0MlVlrl9I_6_SW@Jj{ zWF{s>S|m|mWIyzRNE!+pMA|rPV>${UYdk|R$N*8g2IFB<=&R2w@X&WhbU(KQKaAj-@aKjR&rb|*N5+taCCPi$@<}dQ0 zZDL^xY=IkWffO9XIi}-J3gI67A}kES1{y`sKm!Aa#j6P6ZwSRcVnZDwCs$q~CTb#e zTBkn>g*YU@fEfi~-DnB))<06>LZ&BuXwiOF7<)=-m0IbQVriCY>6UUSg!LyD#*$FL zp`rm}8w_Af&LWwLW+ncMHEN-1s-{cw10Y0NA60==eQYU} zc4?}r>Z-D8{;RsGdwwZFdcqaB!4c9TeF?=bhA1Tn;hOS870e{Kz^Rh!mjp%vNmN=SYnR~z&6_GBSvD5a$!GG zs#sX+KVWKC5@}jOj1ZQz) zdK3)3uIp$dr%;Rob2_J8M5iRuXir^dcH&Ago`FGX+i36tHu6Ii=4%q5C#f!lss5|M z%IwV2Y|XwZ!eZbizShH{N5K%McednCOyvqxrJ`Xa3TWlVVqp+GT`XK@S)Szqexd?6 zz#OptC1-?bSJJ}>T;^T6?92LVmIAEJl5N?V?b*I3&a$A+(g)9m1;2_A-0l&~Vwf@j zK?vY&-s)`#z(IzME!qNZ;0kWps%^vY-&E9~ddMvZEp8sst%YR+7gStB#6vQ40fznU z;A-yXa_*`YF2nd7&P}cUSc3Dl?(1$CGpxY~z!ENWLmlV$azhh{0r`UP zgK@(T(ey*09oi57aH17&>3*$J zDDV6>Z(7V0KRmC6!LEc&!vnmpH~hi{1VbGJKnQ!o_TDdqrSJM~0{42u6O%9vD6ls$ z0}V{EgvifoZ z4N!tNOhW|ZLN`1@_O|l**6|(7uMYEE8o6I<{c;f>VAxg|^HLH&=)u}BaTiY*8L#gd zxbgaqK^ru{D{pTw5TP4r^CW!n`kFx(bi)|DGBAk12&@1ge{n8P*t(2>3%G79tN^NP zM)pS7CFsBz4FE?*LYBvM>B^H-y4A6f_zObd_oY1hlURTmb+2 zuY^&<1Mn{`jKCJ4z!@{JP}}qMYO!KRm^wq)U*|B*rgcdpv^G2dA%Af89yWw^gFUA- zJ%2VnKiDM$1744SUPpF(?z9N?v{5moFc0&3V%ShuQc>GP6HjS|DK%4DusG9i21K>@ z!t{ex^;J&;OkZ{Sdi8|G!W?tMDO>b|rS$@f@g@B4B};HOoIx0HsWt?_Dtm(-A2baV za5tcW3V^~I$Z{%2*etAf9W1s-L)bJ#@_2W!%}#a*_q8|vxWWX$QX1$0dqbFeqcv#T zvuIOs0eClf)8}f(t!p7~@)C3ECh;@)6+zhcZ8NikIkN>r^Zbgl2%|s&V6!%FGfHbW zIE(XfOEV>;vmHy=CD?$8zd@+c^K@IV8G!F;+pjk)gCU4O3|O!y1c3$AwUi?C3l~5$ zn6UP00C&Uka5r~EbM_|GH&tKsT0ht?oTUGYr}R>b9NGIW*68)hHE%dV^|c+?=M6^FoZZPD*&ChG;(jk zdW-W`Yc*GsFAYF>8V|xRz<4+CZ*-@0G*d$bbT9t>f-@@b04Y%EFED^N(5|OjaB9~l zD$p}3Y`}hd12Aa7eg8Efr}$=fLmFT}4ny`>OF)`m`Ge{DeUoi|C%HGgLjOWQE&#i* z=P;$i@_KvrEqep4KbWo8r-O?S_ob7b@A-r;ub*pX2|$@#;5LPI_=8C=1Y7T-kF}$F zu>eqS3cvv>hd4Q#v!z?`4X3~qyTU(P!25za)xmg5|1WjJf)7w{4s^pNgfAsb!&3VK z0SJQ`JUo7OLklB;Gl(~%@AwFuFD)!f0<$;$P7C$A^8_Ps1*3wuQ12;EgRxLA$~U_f zw=u4>vkH_#%bUT=x3lZQFa{fRH%xB|bpCM2Q!f&1c-ro;<2D-GS`nndwh^N{5~IcB z9<>v@DwT4>o8#`;qkX`N`wJzAgQY#qei+sZGoP=oy0h-oLs-05X~l;xnZNzt13s3n z{nisc_0YWquWp~bdou@q<2!!i4}RfG{_q^WH)O*N1n)pp?i`E#<9q(+cW&fQ{^-k2 z<@@;E?(N<}IiZ7o>$^VTRz2y<{`i=_ed_(|<9_aUsp!vs@0(87OX=i~qee**~?G*~d+L4^w$Hgxz9 zVnm4(DOR+25o1P;8##9L_z`5tfBi_7G z`4gy4ffW;qGcg8bgSwCDIM-cdpopWZU-j`xkIv!GjCFg?klmV#SLYH-@WMB45IjDOa|98S_EI zU=cg^{26p;(fuGtl$;rLYSpV*gWT+L8zR}WY0DlZv-4=(yLtBpS{mZ%*29SxH?I0M z%XXvUxs1n*Qq0`GsaLoDejWHj;m5gm_x`bMG`gQd*&)JMeZ2i{uGT-CP z?r=MJ{rma%uP7cR^2|feDw^!s1O*h3D25+Kk|=4P18P!73KVjfuOxmNDet6sTuE>R z`1(O6!7xffg#sB+q7a1?=IDnX9yp{c9$-)yp#=`*QL&v0El`Cd7F{e!976c{aD)qk ztWe1sZ_JUT9#Qy_H-4HZq@Q`#K!Ji6N!l^X9m+fMMkV_x(n%aSoTox4`;n4L7!h0n z$eZqKC_n%7+>=lJ06a;+n9fU2CV3zbk(>v} ziWz6qe#YtGQ3?K5+Q))1&p0K;{G%#P?rWRP*6M^&9IR`zJ2t7cxnL!Vo-o22ZbPFAn6!! zTkVG(A5g$yhh{?HFcvz*QSng~;)%sketLK(hy_%LWd=?!c;|wWFky9vHc)VY4!Jfq ziJvbntz(gWawci#M>jZ09tkrhX=sx4DIimRkk-wfVOTyX7I}@XXP6E5VfUnco;K;~ zV#FyH#{N3$r5fpdMkWaxQth=U-+ul68}PyYEh*rZ27XDVeJXGjQ)ncF6eW606}5u~ zTV}*sY5Cbfmskjav4mpc`DKMpLhJ{cP}%tw(oV~xxgT{>h+~QuHy_gpSGn4!09bCs zpgb^5q6dQVWT)NBBEe3=a;h;mDfN?x*B!L4GgKF4Oyyw!$s9;h9{NqgE@}LdrjNQL z^!K(X&%oV(AAY0;C#i6j4rggPlN4usLw+vdARiJ!$uT|$qZ2IZa*L1$+_Wblagd51 zXploQ)F3ZZEFcAl7(+22AJ`DrSN0KrN|3}C#i|w2obbXB z{*JJOzRJ`%Ow~LXF=7$vn-mRgxEt%iC|o3&A&fR8j{%U3dA~Brx?Z=!^1-Nv{ZOA4 z1z3}N;j16<6XO`k=#lyLqkb#7-%9eAA%k6NLojN>5E}Ndh~**{NQhV{;&F_cov;`S zq+0*(po=^7>KH+Tkr%QSI><#$9G0Sor7%W^p{Woq{D1<7B4iJvl_VcD@X{npl1R0g z#1}*ChaahiLUI((B%$;YZ>-0UG-U6SOyuC?w3vWXmgJQjdK=ZoP%l}M#BLnQo1HMy zw=zBxn$cXy8PkZ8HKL@A>4RlI$bo@)#8Hb1=;9PZ6_55zPgIt=9gL&}jTB7&E_zuS z89(a83l%}mN&)BK zmX(5`DoMf)hf?Qj$NUn?bjc4)6c80AD_{sYy3TcV^rPgH7rmI-%;tnqnmN^}7^z9U zOA!chGdWO#7KEvijANW8nZ^iEaJtwG**l6qtx%rKDs( z$`OPKSip8Y``L@I@kCxQARd>H!9G4Px1W&dtMOPOI~1^h1fif;Wj*U0;vq%<34j6# zx~Mv!sw7@0Ah9S=K{5F1*96&BG%VXkU;j#nCF)X6EgD2&IrP}bPB#8aQ9uEdD*M-7 zb+xI&s%b_@5)a$n7Pq<8?QVJ7Ti^Z`xWN_faEV)7;~p2e$yM%hncH0FJ{P*t^=(fF zM5y?<1Qjct2|u)OUGIK(CSTm?c*z@0>Iw>|_yaFW_F=J`5Olrqm9KcqTVMOS@4Ny_ zFB|3CU;qAhw)YkAfZun*7Ke(GH0DI8P9>fvzz%`XgK>hCx908qMuA?LqD3z zh{lPc8C~fhI~vlNHnOBSZD~(K7}J^-HHtA>q2Z}Ut5~Uwx6<3 z0_348h(Qj5P*Ph`582{GklO_(-d4yq5VYGXX>t>o;8Z6e&9X>jO458-)Fd0JDM~(i z=xD5jB`tAjmSCEP=DIf@H2vF6Y+5ac>P@vd4V)&{{>Jvk$*65La@!;|HWZ>1#VAKX zu2678x5@>z?i9isMraTM%(((9S<%W?xYAXsV6-Y725VTwI#xPkw=8Zt%U#kUcoV91 zt!!=U6y5q(KgC5Z9iHpx>_3%Ef%d_jQ`#46pGR7b^zC=UayAqcR<1`ebkf*5@00St;`qEg6s5dd#k zNx&pnsz$Y3(k*FA>qpamnLep$424$18qu~knywv@B;zYuKgeb_wCQhcC289*<7QW_ zCGBo0)SDN}Ui=Yz+?pUSNs9Le$6`1xtdX1k+^BkKEJ}8x`Y#{Xut=r8mttd6?^-4E znuvMulVlvl%7+WI4;J3}ZUmTTD5qd~yxM(FyZs284}CbSP+`=kJOlPzDtnrUd&&g= zP9l1)=!zgJkh*A#GS2uWkid{n?Ha5ln$PVR8w{a5Hjjl|2!>?H_p<1QNXUfvL5hy5ho0w$g6K;)3X6(J zH;#zvl&D^`=ZRu3iZX?Y^v{Y`XkK1uiy|<*C{PUT%L0i;`QoBr4rY+XWRB`+?(j&D zAO=0s%^qA~1TMw|*C~dw&jsZLgkt`X5g;H69Hj<-02nMQ??|dEG>MZAz>{K0lsILq zOeyzRibGflkeFqgNJ6A&sby}-^AKj2(#Mx7F_^xGfr^O}Bk@s!Z<*F-3}aEJ$}mID zupdNjo4V89P(gtxDQwQ>OIT2V$4D9WOSC!;7Sl`;h!K?+Mck)bffq)pJaMxu3k5uDZj1`HQed=-FeoLfJmx{QSc|i261G<0+=$N~yRzfXPA1aM z4A+j?$}+;d5-sBgAYnux&C)GZEiL0RaMtpgy6r9R62QhzF8A^>3=F}1jlqHnF9&nI z^pYe?jF(>mcN{uE?4Kg#6F(i{RJ98~8b0#oTGe`3-IMXvv z(=0%YfH661xYjZJPGd6QGDQ43-Y|}SA12=V3I733r*vvSO6FHMp zIhT_;jVm~Z6FND9{x@5q&VJK6?czD3Q#<<%EDz&4zq2&AQ#=7e4b3E76 zALWZmR7G9mKwCmAYY{_D z;@gT!+>nXfNCHJ%vgHEsQIOIlQSKyka3z?5M}I=zbc9C)Zb@1M-;AW;mek*#gyNKR zHwrFGwxmnaM@1HHOrG>i2;oRcLgL({;zEl~aDqcuG&(;tM!)1xn5ErRvJ17$7xW?r~7XFJ7=H>^4+QQ*|TQv_aWU4Vg$`aK#NHMigRZviLy_D8K=L zBp-Z$0w@woI_6`l>@RupZ~u_6|4`@u=&wi_V*s&d4Y#Lz5-@zU zP^QfB0ZlK@2$pHv(_qJ=XX`TL5@&Io&wl{uMj>S%>U3+#rx04Of1VML_yHFVFpIu0Pg^2Qn-(=$RWJ>w?L<+I=t%A&MisR7Ub{B-zLtT)79=wfVTi$c;%;q| zF@**|4gQa0M|Tl7$wnU$lvt6JDhXZdah3jPXihPAXK8S$1{B3r6h*g}&{cSOkNzK2 zu^&Y0UxjaJDc5=n<7opVYC$w64245<5uD_q7um~MFab*@wqnm0W7p|+VDKaJ0jyld z`y?cuP?mWv;XxMmYxrTH+QUS1f*V7~8%tsxc@~K#s(>o$q6}E0EYTzixHm$I6}5<@ z;PIqzbRIWqMqCPQAlPW<te=X0yyBUT9U3p7$;y-COhgXi&C&~(y(?i zvKH$n`yncavWlVDF*K`+l~Qw?@+nITvV?LftFk>)1cD{ufZTw@tyK zWw9dNH1sU(*p5y3Jr$#mtKyFVIWGlykntE`^te?OS&~s=gc(^b{jx$!;zA>Nk~^6+ zESZEAQ$b~;F*(_jCApG887=>FYERjfKUtM2mz9_Am0dZNW7!{P84YW>lW!T9Wl@)J zk(WK$mw$N-gE^Cj*+Glhm?^M0n-iL&S(>MrnyZ<&n7Nsa51EyDlA9x&Q#F`HlbdbR zws7j3J2affS(0tb8`{~O-x;3cS)S*ap6l73?-`%-S)ccrpZnRL{~4eITA&A-pbOfd z4;rBp`km8Rog3Pr9~v*kIhY}uqAS{>y-T7U`Jy+PqdWS;YAiwi7n4CR*P~0?q)&Ri zQfxVrxgR!}q){5CV_K$11MMLBrLXgUR{}+&Z6AFqqx=zY;H0WUjTwrQ!A{HWR1zyLo z%R?Ke6u^?YMxzfUP~@q5R)3~is;inLt~#sZv#8N)k4Fwp7e!7nTYq{8suL%v9M&Gn z)>u4+Hvn~3q;OPsj#qweQH9P?lf~#Fb+xy@y`Lv^|(l~9ZO39*DvWx`Jf&=%Gez)+i;;xujP6m@CB zVP%`PT?al(Tff>gec>op8K!d~rdDO<8$iexVx=Fjbp%eG z%vXyt02&}j73o1jgte-+B3x(BUqz4f@)dm+yYt#LLs}1By+&TehW6?e8Pg_T_mysZ zuWnp1U_T>Xmj`)k&tBPU$FatF`!&Yjm0U-ITfLQ9fuKAn#=T;PsW7j-=ay=`Ko>5d zfTE^U^Faj?ygVWaiL51BhuAX$-0cQD?(E3GZ6VdnLx{m09K!#Owf9_qEF8mOM8i2; Q9y}bx_bGC)qyTZc0yJn81OO5#Y7;Ph9U31MJBS!Uha69u7iO&=1p_4(UMClZ zA0{{`ENUSyPZ%{}C3Uwf00Jy2Eh;dDEMTZ8xdk!?H8dCiG!;cL6J9VE6)YQUH9=@K zPpmXnh%$4zI16w(3xqcdlsOKmJP^n@CLuT{ia0qrI6F}}J%u_-YB)=nH%y~BRL(hS zs5gYgJB`aj14%*>GC&s(Jv5d+Icq{-gF<7QL2k87098pPXh|h|Mlu&jFfd3uI!QcH zQb_a%2mTVGny^7yx4wA7v>kXeLTyFAQcm zB4=YmU0#!1XRKp=nrDP)V}!O~le=P^&Ts%2ZWSk*ID%hEgn^udf2)L% zjD(c0gPp&Aqos$$>x&C-jVf`BKyHs#CyiV{iGrPwtDKC#?U6tTlR$2fQVWuSTbY}k zldsK~&hDK`0Gm&2oLeBCSvsItW1enFoOEHCdN`Vbjhu|Lo|0^&rK_7$hn`cTq*n~2 zTq~wkH5Lg#Bg%Jf-A>*d%&x* z%I56Nk3P+pQOlfT%$$GHq;JZyoy*S8)|^V#oPyc1iPpHQ+rN|A*1X=OSKi8{-{9op zsEpvPY~{U!?ZAZW&YJJvv+eEe{mqR2{{9I5096PaNU)&6g9sBUT*$DY!-o(fN}Ncs zqQ#3CGiuz(v7^V2AVZ2ANwTCzdni+?T*=m%#!-x|rUd*^LTEdVc*L6&}vgON|Gixp@xwGWW zphJruO}cbq&!`8RUd_6->({W2rk*V~w(Z-vbL(DAyLaK;z=I1PPMoUm<3EclU(USw za^%o=I-gFxx^>afv){bVy}S4Cd$sPkqF zqD7Rsne~)`jY{gI;1oPI{3laa&*&k=4{rcf%rW8MQbjo55TV5+U;y<^A&@P_jeb%T zA&XPRKx5X3`$S||k0L&zG*2X2Jd>bXGcLuB zCHBno2PDO!N4M*F3mLL4+H}L|NvUX*Ovjk-5c)(lSeKDIkFc zHie*qF>$rb3=~#~gHPosBFjxchEqNvT+FA{Aq%N!5Z$Rq(Jd zU^OZnVoyC}P$?vwDaE)alm0;_B_~=(_VM45vAV=1QI^K^>Rq)2$xb2m1dGzJ=49F{ zZnMsl$tCuDvtJDZszZbnH6T-u8H1DvtvWMABE<|oE>i>%a{L#MxJ7&$?u*M@J4l^< z{=|+MhvHO@9zPUeNjU6~F^Cp=sPKa&#C(AZ5kJU5Oo!#<(XS}sO!J@*$4o;+2|-}! z;0%X;gT=W2CKqXt^Dy%1GE!h6N0f?mi|(;`jC7ePP{+l3e`NR7CVT6@A&Yax#*e`wHC*~ zNsbNHU{S&wudkQ!EwHewRxBV6C&i@2Yt{u1I!GF%Ulpv-gWiZ6oss3=I>Uq!}*wfwxadC(^ z&T)q~QsN=e2)I2t3tAqGAva!Rk86m99d?sLIF6OcP0ENw`%%FOTeG}nP zLR)5U8FV0MEm$#0tSD=ubkLB(AWcreMHp0qM}FpMrguV6 zJ6y3&c--`kaB@>iRcW9-c~L&j%G7n>5fs#?O>Wh#!O4c;%S@kHwjh2z8XXJrg zuuPCF6>*GAc(fhHQirH~3Cv&B%O?SgU`@W!0ZRCl5~5(HGYvIO{qc{Q$gBxFOjIFm za&rcMrNp6%p$C5fWrCPn;*i|niO!0mojK@dJm)!}Wtp{UCe3G%_IW4K{s~wqjU`a#%Q+4aPEKHm|F!UbSXzF#H}Jhqh0;ckMaFlto~zY zOyHMBer{@l_8iGOwc}RFv&xaQ^bQ!bBNC*B0X7)SEE4rcLCw$tCG=pREAdBLk+vLa zzVoeA=JSsys z71^>i*^FiP$Hz&L6rKH61Sz;dxG^(Rx_m7$KzVphC76S)wb0e4q)-Yg)aR7x{R4Yn z8K!Vr+J0P_+i8>la8+4`s!v4*tnxZtYu=ibHN7?>^cr*UbOprz@$BlcdVJoxlfsE& zJ!=DD($sL$7!fG9Q5n%;UHhRqQ>=s~Ed_XKKY-hX+3jv*;GEfOD*+wc#By2#83x({ z-idaVwf!hsD+9h3ngmQ>cely9p}vn)Hc}tjQ;efzfb8slls=X9zCn?%XkfG>E1LO6s(ScFD+gaG)1O1Okf*o02#f=C#J zQaFWFScMDtgjkq`TDXN=Sbafgg|E7Wjo^*oJQShH!X=YB+~< zSci7leQX$qdbo#t*oXgchkzJ}f@p?$=!b@Qi2jIJhJ(0>jM#`fScr)jiIO;pBIt;g zc!`)efsjavoY;w;IDnZLilR7*cTT_7HzV$crf9izA2Y2#p9427dSs1R(_Q zID-9vj|P!Z1;`I%paQcXe+H=nRiKcWFc3lT2WKXZ2Dp$3Nr3xskOtuc(C~+^LkGxM zk0LpeO?Zzg-~&D~56^IrbjFAMPzx#m{s#Zhi!>OJ0s#YB(hkoc5Hv)97U__sB7gFr z0tDF)$)E!Mcz{0%irlyYT4E&vaR?r%0w76?Bzcusse>k&AoMqsK{ZIuPyImhjn@M_Qi@sgM^+5H!>e z13D0gaG3?+mKJId)N+6P@Q?)hq4KAoQ_7t_s*pP>p}$w=I5bc ziI1%CrTSS95_t*oXQKYt*bgRJ105Nef_kGwc?{HdIA_)m3n`@hAdw<^kmuPC??479 z3YYO9ku)Ny2Z@ut$f!5xd7i~Gk-mnhrK+4^s+ura1^);SJ32Mh*$+n&lhfL$ zs2ZstdYs`}t>uZW8HtTDh38XKoni46b0DFIT*{S%q zuh>9;{;H%9oBpu~xr*^AfBaaO_Bp9!>5Kg!j=p%EDZ7--X{#WrYWOFocuA35T9pS& ze;u2&Y`OwKYmln8t{eN0H7KuEd$nH3e`pGk*zmAE@C(-vw%4$mLTjH1OOz=)l~TE{ zANr&qIg~BQr84=XK>)U4`wQ%-sucT>0ot5&%C>OHjUY*w6j`Yld!`avk?GkFC@YscDG))BokF{mB^wHmyOI{0e=3Ou^qI0p+pj0t zwt@?yom#r5dywyWp)(K)X8NvJ`@45)k}wbozi^=eYLp4ll4i@XlB>4=khySqlnwc$ z`nay?{%E)ep*DM)x_&!<&DWnW|ln9}`Q|hvo8?(7;v#I;No6CXoLDNkOF5(VYQ*W-e=q5x z=1{;YoWuIqy)r8hSq#Hl{0}NwjzasH6#T}asi*V%mEU`RAS}YKbEzh~kb(-bDgX!m zW{|p!O1b+-!%a)4>&m!%45Wo=xITQo_1B`3IgaRPz`cu}?|ZTF+r;#1pVoVSbsWO{ z`?4Hs!~WL~#gN9B>@@|P$V#jNf=b4vY_j?XsFQqyaGc9nDaXi5kPC^R^&rE$I;*0b zwj=z9+?b?YES?Vw!PQx^2-^=&GPHbq$S2≥A%A%fo*B$Utm=_Hd!;GLGHZrw0kl z!konL%fy)5$pp-e)!Glz;F_HayQ93x?#d6vkhb;5k1KGV^0zGz`?|r3&CA@grp(0o zyw86K3~AiO0gTJKJkj+i$K~3>lDxamFbGjO%)yDrUwIFsdc>>?%Sx+}2+IDb_4*49 zGO&z0j@7KdDm&7YP||(O&5k^OKdhE2ss-JqrSg~2p|H^%tzCi$6yJQv|Pmmu>y!aq%keah25qm z4ZDpjk>0F-jJ=`{{nyu6qM3}i0$~H;%*iyH$?-theQekT(Z&L)xA9QY7%HX@tet7h zs*=mv1A*9*O`Ng~x;mSsR5`>lnAgUAi_SO?J9doyP!7v2fA&xg&;Ae!$MB)boyL{q zsH+$c*U+}o9SY&_kCn8Em81&bJ;cr3-K*%_@Yvkb9p2>m+<)lY)p_0g*WACL3cmn} z(LLSOO@H?7slDK+=}nR2?TZ1v-tW!a0rU(1aShu2hw(7r!q^Y-@C=`z-uu_zp0MB9 zsFDs2mfsEEB7P0+ec>5yrW~%}MR?pU-ipo`k1{^vVEE!TE{ZWu<2t_MEq>!Zo{Kyl zF+S$O7Y{^m)}=AyU`6j0}N9tL>o=5W5}{yQ$`n8*)|VCRBf0bg9f ze17O*E`Ii440%ujbxs5Rv4i$74L?8uCNK+h7%f~d0*@Z)SxDy^Fn)k8=%h~QhK}f{ zuIAsjj+{>FcMgI3AO%-*eamnGm|lJS00|Uu0po%V`#=O201Xnjnlm8m4yX>T?&@-c zg`hru-eBi=PJMJ<=Q(idsebKo?tQ;r=O|F!C}9mzQ0JcGfciiI5m4yVrw^PS>eWZ* z<1X!W{+54?1G;2@M{LPwMq9saMeV*T)aWAO(-^n%LL&l}-UbK;Y@_>J?!0)z|iKANSrz=Z`;r16JuK z;00RGi_gaC7r^=0_w@Zx50l`q)+hP9?gfzF4|D$wn@#~Vu=d$^_tftCq(1fxZ}z+| zi$Y%u7f*h<{^++;=a+DOpe_#*PXTuC>UsXp2z|fzUytbo5BSw*@uc1XkiU+u9{i18 z>f7J%G*J8$aQxk;?i3L1-)9fRQ0FG_AUtn<%HRD^Pkjh~3EaTxmrs4e@9OHG`~X3O z!a#yf`W-~rZyiB~4Jm|47*XOxiWMzh#F$az#(v@ceFPa&8aA5`_D2~}fsE&U|Sc<+nmLq$N zDQsEhk~PxNe%RrHEE+^Pw^@mPEVd$6#Wb|ah6J>=Uw<{i)mMQBCb(cab%Ky1u3}{< z&wB%n&d3~1&G%Wmw8dy0vSt7U6hTI)Z;cU#xT?d+jS9 zz5A0cN|b^QP>$%GFRIFC1a+5J-9}~)_sYwDex$LYp1VYQ;`GaJnz4?s(9HVB(~QlI>N{f)~VK1~KP74vqvPL!!V1{v#1}kYx$81JXq7 zp`NU@ZflQ%UB%>=n6f3L7*)yAr*bE;^Mvnq5n16y*g`(^G$=bNdm%!W<1`8o?@tLl zQ1JSZ4+h2yUx3$-(X68xtfuRBldVUBRX1v;6MkpOvP(SQ(lpX2ufm*~Rt+;3sG4|4zzr0`> z$^NJjv^=RHCFnzGgc3q2NP#RDh$R9g626ydg=FyK(Zu>uLWe{NlN2xk96VM6Q0#DU z1qtOqF3`+pMzbRISZ1u2P#?6Ylbs>7L_}hiMw&$d1vm>_D_t3@WJ)t4x6EZiIkd}? z0Mnrlh3Mvl*+GuX!x(vZrW8bR$xi+tgg{v1sF(+oNsK@~MY*QV6j(r@7$XTX+h|0n zWi3Nw%bfkels6I5(T|3-Qq6GYKxk0Yio|0OFTDT|Vk!}KkwvLiRB1&zNtST-&6WaH zXjVG}lZbZJt6iNa2emp@vX<4XXI&FRN%B>;wpEN_^&VQ~I#;^Zm8@zViCgu${#Oga zwR?62Y+waD*jnLLBz#3|VyWlX(Gk|MkA-YxqsLXtvBDl?AdM*==YoESLj^22-AC-< z3Jhffa;1eFHu%9=ko2P%k7Gqh`caC=ouDZH=tn%r5Zl(40vjQT2Wwj^4%MpQw;-`c z75ZUX(Dp;LuGp+|O$!Z?#3Ki?_3YzrU=A||*SW)8L3czejmI7LBf90S8B4LpLuHQgpGe?-fe5+;r=?|AH;_3 zY>SIzF}Ir5$nJ--FK6kbZQ9%41~EXMPlV+5CR=uuCpE;ey1pG#+$? z|ACJlyVt_+Aau4sZF6QXTXHuT`g<{MFpgK<>Q?qR$RB-O5vQ2E1?~req21_Atbj|S zb}+Tki|@!;IL8^zEzMCL;WX2`#5s4j*Hr-aArpJf?k;%b`m9?Ogh9+je{gKcD`XWL zdF~RHv^fZG_&rl@>Quja<~0x5tXFo+IX{GmKO0*90{(;RANg<`+uQSge8aug2K3`> z>)hP_0rn<_vC45CIn*{+w82pN<5uvPQUKl9k3(>K5&vNE@|V1he=(6^pM2aB9?F*= z*ygpreYIPt4yi$1 zO1}v-!e6SuU1=Il0D_{Jhg7Je8Z1Fk0Yb0X{sb(_h#Xu894HEAh=CsDfYC%}gw;Riezg-u{2AR0r(0m6OIf_cybI7Emwbi{<(!$Oop zi-1HsTt!!G!&79FKIF7N48&W+ph3(P0Kx+-s=*=Thg?8{7&xCQK5vzW$ega-fqu?OHw2z#hUAb1Q@d<=pdMj&vD5j+Td07Ia_ z15%JiE|`LXdPr`(j403wb;tq@%qLhBLl)GB7%)jL3C3Z>mWb#ECJ;s$m`5K}MpBqb zkxU1b+=W$?Mw65SdJ0DwFob37L^CW3g3QN4;J|;HfpySGpx{WW$OBOLNP`@Vb%e=- zPzNsH0xA#;X`BKos3CZmN?-86i10{|bVqoUM;ZhIUqAvGu!Nh8KwP9t?a@U$sR(`e zfgt=vMZ5)2ng(P5LVn-`<(f%l(6qzHSs1q{gt84wI+IHYxm0aD0^ z86XYGqyv741h=S%iL^r#aEtzZcuHnSOm+B=ZUCiq2o-zagvNZ#AUue4kb{G81`kBY zeqha_SO+jPL(=dJ-Y? z#1MR-fyXG#Rm6q=Ak0lXh+D`^B%sNmNi(2RY!LBd4NBybDDEXz{-f$8*#Zs< z-}FGD^ol$)PVJBa@?i!pk;xTIMSd8?x3~pT zP*EGi&FA1ogxo`B2>wkXjRar7kQ|iE0PR7)rtAi8T+*8KPamX) zB;bNBkOU!R(-mCOO^E@m)Jh~cgj20igz!o#fQ2XZz%pz~Sj@qEz=3+$gLbIHCdmRC z2uZ|1(0l+x>m*Z19my3v$WMjSIE@N!4AYv#(oRHEtjvO0l>|9#RT$mY{Nze*obY3LOjGE>eO77 zNGll5goIb3oY65YjZHAgk=@KXjZ~n3glm8Vt(Z~z1W!^(#RDauk44pl08|(>)nf(0 zC~Zd=+=VU$g&$3b(iGEvxCJ`!!Gi_UTNTqPeAhEwR5dMEH_ZW;71uybSCbt{>-5;| ze8^8d+B^hVWyFM*1ymU!SD!&sMpasF)mBd}RS=cfxusjCsR-I^!hU$dC`8de1x&%b z!Qdp-ZDmZJflN-7f$WgX6p+kA^2iZlhAB7}oc&WB+qofG;)I>a&m^!5>FkHn^a*sxi^pA2t;kaCRF7_ml4EQ~ z-7Sj8HCGHthw{ALc102dy;_8DPvP85(4@!tOoe$=P`E8c8K7MN!GqltP*c@N`s4?A zsgNJd2PqJYcpwdIjnGv1RQ#;a+ojHh{nEI7*t+Fky1l>*l!2avTVNDMV$7Bsq|GWA zTov6(8i<8pWrjnXA219?aSX~4I>CAD2WOaqetlVb9LBtWiw@?>gJ@uXe5XM8%3{sg zF;&PI2-t&Q1~t`=EMO#fP~nR#4LqP>bwx{{a7Gg#$B6L46H3V#SV=r|$+s*hehB_z za!lTXpaz^=#dYXlT3y8o2FfuMOBgl=jpPSi$j2^l3tGIy9)?P(gkizp;C>z9t?bGi zKBR4$N?4d*I{sn&{aXF)-#+%^l+Y@feLy7DU@Lpu*05gA`{PAs&X zTaGeX*5z5YWnA{kXTbKg&oF;UgQ#q_zG6`1K zNM#LS)S;2gXl@#6j$ZH)S&}WSh4RW`@1vi-18H+-8ed=4Q6%qyDjobU0Q# zkmg59=RCaT(r9OmaE9)f=h#?h0D8lIn8Mf4XNm0RlVwRcRl#%4hltSQwY{=VzNYph=F*HdWV8$RW8>5^8q>PA))M2#F>qLAD4*u)G2!v;} zgcCeT0#-@2UWLMDUWCZ%t?opx{z|t9Ybw6oPOwOf z+3;rG^R(LLtmxy&3-kug){Ia4_F5HHZ5im$54~^y*6+)B&giUP-2Gt0hyns{VF3Tz z!E{k?#m^6=L*(@CpqRl(Ma=UK70Rs#&3JI@#_l6G5moH|)^J6KsvW~{jcGf*LOnf; zowafoky8E?O)E`T`sP|z-P2S2%jKYQ8ij@$EORCm+on#@GTj7LU_(aT?kC^GCa*~- z$B;1(XOazFCQZdJR}T;$&$3j}JPmVU@l%&=TRrabi=A&5Y*FQ6=L47FF0FH*USJum zU&!VXBS-R24-qAA(+<|kETC(6O;>%DS6+orWL*v(T-IiN);dgxnwC#f9avTuQ)$KR zRqs_&_{CiR^>8)w-mdjSi1YcK^Y|onE->}Mg+*Sk*3JfyT#(gDKv0YY^n?&}?k)5u z6?S?R(|gTUbX8cUJ$4%GTSmP^Q59%PZ&YP$c2oX;>1}6+!p0VP=K@a$^?v6KQD4Se z*cl$(#3&ckeE8_WbVMn|&l&hx;0#(IatoVtZbhv%mWaoGu9r%DR zcsV563&%rHs?$Heb#B*4)h2X}?Ak~S+Z0@MbZ>BX_V`D~1C8zTG3~=3l}s!Q>TO2| zZwP{+ms^+Ehe_D%@7lFJfclichcFunevtZ?=m%FYub1G5A-fHB_^qm6iJ+jaks$lu z$OSH-1C_`&=Sut9;0IagGDx5zxS*ya4khuhKjeC>E~peS$`)Cw6- z@HCWj3<+-_DE#K`&NH+D9{1GupBVSc8ISxM$%EFPP%kC?gRpR)j!!)0#(fA$dg zvE-*KXBVbMp~-XxbZJXwHq74+7BO& zrcdj-l@}<62}>-Q#aOZ~@7!EKy{yec^)BL;FnQMO2UjO$pNofD#);W0CYLi~kS0xv zU#BTtDoLSg&uWYy=4Mt-%eAGwTQTTN#>>(+TD5cc+6~JO&(@aelF|@7w-ew|XIuIO zEZDd2#6Z88n<|r2m9T^jM`i}LbKJ0DY196#mMs^oox`al$WIDHgQ%%UL1wfP7gC7y z&pKRe0Y*l-OhE-K1D)dsNVD*>he8D&=+Q+sDAbJ;|L_xuIj#Vh1cV+65+6kP05QoH zL13uQ7Ba};VIW%ok)M73c~tVoJQQA(&^cYOxCDmWAVCEtDzYe>hm!;djX@4U#7~Vk zMzo@hIPw$Y8_xxZjE6dQ`A|DfYwi6Kqc4@Sx+ zOC}`Hpr!@1c|jr)KiKwj3Pk?60ojHn5+u=w;cBs_eR@FoEV1WULFO$3Mi^0E|8(O= zKg4hw364^xd(r;7zD1N!K^T?!FE;$R8|6j@@7piK1r5v(SKwYWuE7dFB;`NO0_-7I z^!3Axq9uJB?zjY%`7T5y;e#+b9d=Cfr5$OyGp4ip{4>x&3q3T^tmg9rHbpBPbgezl zLrfC0L~Eaq7@fn4eO+!85wj6Kdv(?rKIl&q#6a^P$j|zdgUidHInX~38YB@uY?E0M z)e6CDb+h({ERsZV`@zqcabxZBLv_0xQs5vTl#o9z67(Rv1%Vtm<%NTNF5Cy%-H+RW zdz|z}jCXF|Gso=v_eGz(y*O9}mBh^9-QETF=7eL&Gw&xY{X6i%3qQQixyf(|@yVCk zw5Ie3vHp+bc@xVF9I;s6i{lc>{r80CP;Y%K*cT*hH?!a~2QE}?^sI{D$AS&!=5ig; z=XiVQ_YX1X%=G)<4{FseYtFLKIRW6ZNx+_aKKQ>!VP&*!3v?&21n9 z6BoPgr#E07tRLI6AM4_`GM7QDVIxDM!Dfabh4IQm0IM7U=O?&1l1V=!!&n&UC_2P^ z{;YHoI;1%&D7QVWi;k9i+{r{DtYTd%a9AXhLUcyMQ8I*wraUDoQ>jYj`4A=Wn1pI} z;-OSffeQXXVue)W28i?{7fE1{83RFuE=aM)G^Hs>esF>YAtGJOxb@GZIRg&7kOYLt*`a_=vmgcH!XTg|(M3(cQG#3)GLvR0 zQj*kit2`-6Q>xOHcB+*neJM<1s;LCZw5B$_DNaYi(w*|Or#>B?OLHpJq4w_nWLt<7 zQIo3FrS9xhxk&=7)Z?9$wkLU2{Zuz%P#LtyV5=tsi#|#tgW|L#A5pD`AdoOtx7?*P zN?~iOt}49j{4`ZTWh!3ts@J{pwXaMpRXQTmltCnIswkB!(e@FAS@a_vVaUvp4OI1xk3ZZY-zi^-m*qa|olX;xGO*a7#T>Lj~j+ zCl@i0fgxy8Rp7iPCxwtL3Vbnxb!e6!i*?CQV(?$cE=R-8=>`s9b5`ik02GcXiW(T3 z8z-;?9XP0mW9(a&O^gCMCLnNFZjl4! zO{yaUxrhcfvYAPZ0YhMU;Nifq!m^DS+m8Ti*u<`JhJ(rbWYgdy!bt&PKm4*FxUz)I zC3ehIvm<9)A~(cAUsu3J=zdhM59pz%Z5{w}mgJGp*@O zqvTV}zyVj*@m$~*<;2HX0#~|`g07gF6QOa*Ex6N40-T z@&Uqh+`1?D_yJSufrrp^!vsuGtb{i4<PbR#*o z@rDVgVxH>01ToC0382*jVsf#B+AaZ(VnajF$GYUxTv11@z0H+$VDm%C#zVlrP4MnW zTPD=Tb-kzC67=#KyrIbl3f8i%;5NJ;)XsBWFs^aNHk&E=5KeA7+mDj3Tn0>0wM=f2 z>x2k<;Kf#W!7t6}o%6is?)8*mnE@+OH^tN^CKrdCEZBXtX2=RYi*58V=(#wCuJeXC zr>4@Lb&Cbmz@^Q}Z!_G$HkJvU@DH9(-0j+Ewk7Bg{!Tt*z*yVl1_$<7w~+fhmpyPL z-eH;dnn}awdkcruc^|H=!)>0#hrQ^~kh<89K3;l%wel?vbg(O&_Q&Am?&3v9OupV^ zre7AhM9GeCAn*9#IwtX!_BrfhFZt(;(GVAp+M@%bJXARj;e_)_#igX`(s?5!XRwjfCXo#Y9f2eO{- zQD9yqU8gLc(*+#cnL|EIozlS?Z(!ca5lL4_Ur*#8UYLXRHJ<(@StYECJ^;Zku$cJu zAOGcpTakuZ2-!O57rU`Ucb!aSY?n)nVRpQo^Rb)ZwH@LOpAVv(%rTzkF&_}#pK#FC z;@!flaf%a8#qRN;yak$39K&>&-UpJ)4~APe7~%4zpbJK#Bu?TCdD^#$TGHU2QB;}@ z23voyL_Dlvtc99ZrCe3qS}H^pKO6()-GvN9jd(aB64u1A9UQX}1#R$Hy`ffEphFDA z1bE4v{=ppiWd#so8z$r(VPw{AaMu3bwH9cJ7HK7-J#c~%?qAa6+gxx0zh%X@0o(w} zAp`cHE_xhl*+VKe1uGI>(&!;rsK{lN19|D9J$&4<^}{@*LSDclOUUC44#pJR;S8c) zUZA5YvLZ9cA_~Ic>rtXZJ|slekf+SoTOp!&6b6iO9%9skXUJM`85n}~1Uw`K5Ez4S z(1l&h)^W&RQ>4ZTR#k^JhefuBoyCIWsTLBvS~m=ucX)*i7-A0=1sG1R(jph zotar<0Ywlv17ci;ToB!pb^fDdoE~Ci2TDqXOR~m7lA{VnBw-e&&zX{WiHa#I4e6;@ zPcA=5KZ2Wo{;H z#^$DVrdO5ME%4gVsKXZIgh!etO6ewVhMUr`=BQvB5Lo7G%BFHICvW+tb3P|@@)Tw= zCv{e5O+_bmW~X-Q&~#FSJ+wnOgr|6pCwZ2qd7dYFrl)$YCwrD>JJ^GD#wYJ=Cw9QC~Sf#il(SsVI%sC`%!zhQ?<< zV5p34sEz(8kg5`bmMDq#D2E0qk|rq*4QYT9sgXjYl18bN0uPe{sFOaaLr$rdZYj`I zseE23mQEsfI0XB2>6ZVY=WK+Rhp`4 z3r^%FxYex*XCjswa=NLa(kGloiJZn%ovsOwHUuIZj#B+8pst{x)+WqxN_r9JqK0a8 zHmc>wX+IzW9Atq7%)vTjfdh01KkPspWB~@yfj1z51(b+BBt^Q}M=Dsr55R(*^1~27 z#7MqC1~AtCCQJYZz-lVQ00tZa4OPPK^g|^q1g2)H>}~4bjUSp#fpcWX|4{*8imJJ4 zC#kxOsUiZ~_`?QVia)48!#u&I(1QSw!avYM0YJ+LK#4w-K+@0x+nmg>7HdC@3_aNC zsbWn(w89iQg8XPoB?LeWctk(MKmc58L1e48!XCH2L`*P4c;rTC_(nQp+^q59xvuPU zrYo7OE7lO}loYGXUWA?6tT~KB=O}{{)GW^WtbG`4rCvk>cmzHiK!XY>2T&|aU@Qmh z4##$E&k3qq-QbP^ix}>s-3j6ovaHvtm&^78%z8+%l5NA3ZKUEXEm%Nlgg^qM?a!7i zI#~X|SnWX43@tqnKxr7k&Cci2l12bLEw)N6b$)DKhL!Ja0rA=0S%B)-KCViI?bz0= z%+_q$M(Q@qsl}9S++u@1G{BnpgWWFdKj;I}mQ+71ZQwR&)DkYI8LsK=gBGk|=W(s$ zLN4wKDW=?&*s|ErQZCJ+?afB2KlCe^lmkl$EJ2Jz!NSkJUc~4k0>1WxBP2^bn2_HJ zEuMV8dZ5UHVmsyqI-snmC2H=bFDgl{@5XG|R<7`d?#=208+e(o0;{lghru!f z-FAW9Dhmg=2tWL4Y@|^oChb3PZ}(!__a+xHk51Zx+ z$7T!jFmC;@5z`iqBCu@kC=nax5kGNHv8an$CyX{RVR{O9UV|2IF&B5S7k@Drhp`xs zF&US!8J{s4r?DEZF&nqB8^19e$FUrXv50=D6&EI_*uyovClvQF4_PP^XQ&e2u?uG9 zarrSKbLUJ=s%+*cAw#KX9C9L0vJI7JKkVlqXQ@5>=OagCSX=`ohcYYi&Udz_DW5Vb zr!p$PXD8!vOSA)nin1&R&k(n=Eu(HrVDc>Qau40IFK3!dfHE%+vvK{h{xN?rO9(SD zFSF0o@-aWNfVPA(Gcz@_iZeqqHm`&;yEaP)Nhx0z?aVtmw zr_jO_fWWIAG(v~6LN9bSH?(@}0}rr5L_5JaFaT9p^hHmylgh+*!ZJ&@v`fD zwM%$3NUMjb_OlZ>^;7rph{^<2kF`ZuHEuj~NV9~!8bLjOHB@K*idd7iT$j=|^Rqv5 z1wh-KsUlYZw6$Ac~P zWb1QXU-m__=w?fHVS9Ep<7j9P_GptfGn@8l%XMn2HZikyYmfD7!!|F=_H0kJOX#v~ zb2Dz|_CmV^EcbRd|2A-Qc4rg!YGaCEA2&lsvT{?iaXU9S8*+3n^K?@;Hs|pkcf@ty zGjnTqK4Wn>%&~c&H+rYHdapNox3_!0cNk~4cpvk3le2u!_b=CXafdg4SGRtbHh=f` zcK^3@2e^PgGl3U)eKdCs@#lrUXN$HdOBk?#Qn*F%r?39tl!G7mC?)uEFL+AuLn~;2 z#oB@aJV5}Yc#8W0I(UF)S420sxJmE>8<-0{K!Ans0~9C<4fVq?XfB6$xQEBKftv(6 z0AE0$zc4_4=r|qN!#ps90$_5BM|M?jN{m}9UE4>Ej}wkx((zh&7BvJYMTy1!c#yx~ zkPq{HPXs@p0aBrZ0_2A~M1V)Qg9WrR14szM{exmb1D)HsNbJKI1b_e-0YtAuI|qOj z%*7hS08(SQjpMj2V88|hzyWjz9*ja7l!!Y(Ks(q%iYowB41=VHfj3M*04P9xr8op6 z4Vjm@ke~T3r+FzwgPe=F2gUiEGr%#-Lo1}fap3EoyMz9&^Lk9Qf(MvGJph6P)I%Cv zTN+>jKdgZVX?FrUj|do26{EL;FGbo?t2037fVF&qIE1hkI> zxxMoYzQ=lzuS6^0fGx;*K?Jqqq#1i5p3 zhj={5`#25^!>Z8&0r(zkwR%5*gCqz5i|aZ&(EfbA-#pIed_wQMNw|Zc%a70}y{~6_ zM2G;=6TLn3I!oBXvUB_KB4xw7Ou9n}ps!lTfBe+b!vqLGXwdqa@I$C)y)b{8H-Nj> z*Sy;o72J!mtgHDMytzT#J< z{nYaVAXK`C073vPfB?V>ne)RV1i%a2Yd>Rv5d;9^+x+ME4A7B*3T!|3Z$D9{Z!&a$ z_n&}%kN!m11BGX}%ZO1%e5XuI_?LetSFnrxd&Gv5iToFYDCx}pV~9+&13;Mj_s?Fx zf&J{YGx)DxJ9G8~792Q{VnvG=F=o`b{*hxxj~_vX6giTl#(pPJqU5ItTFR8kSh+;W z?2t^GC+%$_b<-ukJS};i)E9$j3>ue$CPmpThfN@CA+;Y=r(T2R zEJ}1ISFjY+t<-QM+m)0%mu_9Vck$-cyO*zAp88mryU7i!Oqx=2mQCstXi$AK z1ovAfL-E?QQ7^YuSt_PYz>!^Q<(l~>X_txDqN@Q~s%g!yVRL;eGHzenw{hpzy_?D4on57?evM|aLw6IDC2y8CQa6^>R>CcN@%4@5-&Sb()CeeIaB@m;4 zlIKSgPJ~LdlZuNmh8eLEQbS};D=?*XJlrP=Qt$x+mj1pFjK@4y!DA;Usetk%C7DD| z%{66G4Hi&M@y>8um4`h>eFKNFy|QbcBO5KJ9XQ1dD=dpN1e9&dhVshcHET4%MC zD3pw{eH!G46HNHo1e24{84#ZzpsWXvPoY|;(S9&(Nz+g9p`j&HYh>%j>w?>HD}L}; zLa=U9VD-v=`1!;fBenkP=df63#iOZwP!NnCNJK;lyqSb(E{uNgp$s7ldF)j%Xr-l= zTUjr3md$n7bn_!P?TlC6dFhoCPn!tSvnE4zO3vB>`6Z=N#`w{L#cwMcs;C#caRMdL z(AlcFnu_B#P^MG`s^N!mu&3hb)VkHPTtnNnL5mG^3E7z_t_ekDUG4{+;lwIxRZY1F z6lI}iz~)P!DxMkUrD|o@XtUh)2;O>`ZrbUm>$+E_d~M3_K%FYZ3E-=-OqQ{sxComI zBx3GoxlXrLRtB-RfQ+$xAOml?Zel<}XSLa$p&cnxMo;7%NlxkKleF@l0}H`l>X3(;nSUo{b}&VAMcoNkdF>MsiZqv8tT(gPd#<1U835seYy5m>zx9I zJ2J-hk>X&_JRB9ujSUL}_=>eU)`W04u>viJQ<|7)HUD-=$C5J#O0>&XM)DBnQEcvV zo38y3l1ZY){4t+RZpr)8ZiyLm(cy0sF4gI;-~M@7zfa%3Q3F&^LJJfsL1lpyo%#=> zTEYxSA>om8O;+|Gd79i<~Pk_OO4?2nB_F*InkNU zV=9xK@&V^N;Tca_dQ+bDl;Zp-qE3D8lb`+kWjFvDP=OAVpanJPK@plzg)Wq#4Rz@L zLm?W`huV{(6}6~Z=y_3%_CuT*A*Vk<8d8xCQ=%m`=}A$VQkAYWq8oMTOJN$*igpwu zRcz-?ahlVE$dso&_32OBg-@Lhm8k3l>QRxJRHfR4rWdhkQK1^ur!AGLRkf;1n`)7# zN|mc!tSPeT6#4eVym95BQF`HSXM)n_*wd`jXt69;GR;HZw zEND^dSJJMQwKElJYGM1?*3Oo;-!yGSSejei?v}T`_3dwg8(f6embk@*-);UWG9KeD zm$}V#?sJub+=(a`y4AJrb+LNFoL~hnn86J$aDX8kVF^QVz~HNB zK_;AG4R2U875>hJIUHgUk2pR2b+5HROkx$USi>GZO^R6@V;Sq$#m$59jB%Xf_0|~0 zE-A+~fZV_f0U5|GDTkR(5)UCGgvgPJ2a+#@jCuTm$mYecj zuD$3{kMYTGyz;A8{nlasP1(<0skg7T@v*)8iz`3ly{EbBUElOZBc$-vxBlISPyD1J zpVr*BHuEbE{^kFE=FsQ*^tF#)@5|cslM!2&y0JF?4auUw_1FV8yupPn#K3XeYcTld zVG|rDLXe@r+%Ih4j}8tj{=~)#>S%1%#trtyal(cb5DffG#c`0p3m$?2!^R4{Ay5pA zO0dBmzQK;Dpbs9x{z|YOqTmt&kOH~D0uRjj4(u0j5CN}cXv%o-7!r&f z%FMue;Rg%MhsY1XH18X7&40o}?j8GPS&=seU4ckz@ z-VoN}a1ImE1(9J7^-vNW><=+fQp~{+sSyzwu@2|q5p$0e5eysG;bIc8z!a#!Q4d!5WrP4W02B;VT+nt^L*p0gt5}Z-EZ55gWJh997XA z^)L^R;Q+ZH0T-|(xxfkxtPx{SZ2oA_z#_2(C(#}}FevQ-9(ra`0%aXGQ4w>X9`c|K zd_@%n&?qm^A)kQA$`4JK$GXuF` z3OJA{+tCg;0R~I65UY|YuM!WYASxv@GHWrx0+KBaY|74(A?>gtbCEU;^6eZF3disv zK+?bf6EN@czyK3Cm2fx_EDMitFxyMGq;oo{vpTKwI`zpB%6TrBW z)x6U^?GO*mK|K91GS3qpUa$}?lSOe~aWg}Y(LvoZA>gtug%duL@dty^9)|HD;^7EAlrJ%nB1iNjPc*$! zbk$h${f?z2sh}cZl+*yQE4cs;(2ytLk4}-HDTR_ni?RZFbU-Il5^teM1=YZqfm9Cc z1T{njvr#E;VF?QUbp{XB2@@t> zQO#Q6bXoPSS;NmEGcH=QZd$4JyRg;N$~D!vRr0iz-=0x}kjk#^rSHoS&b&Wbi^p*Cuzw$|8m9-g5RJi$yZ5+PJ5JkE?Y zE^X3+;^>(A3 zlo@(vG=!ih@IVH>M^j?paDqZVSVL15NTY^Nk|?P^D8mIS!&dNMEPh~fQGx`!;%=C$ zZu9nZQTJ}0(HUgmL;wT`!a;Dsth>SvG`it%Q-W7wKnNmZ9f%@kAmYQ<5mO*<8Xt zf>-#ILLSHlSN=m&?grOH7jpZ-ZCT57Q#X9Yx9ixj9k& zS1?G3C}^PN;%E4n7nV+fd5Hp2;9-CPm{qc%3(l8sDamzJ0uQFC8=?gqN`!zbhbS&# zfe#puiYxADxQ1=`hH*HDb$Ew)_|VvJGO8tg6*y4f0SV-w9oRt_8|*sU=_l_8)N`gRTwEs_&@4_6M|qKCZP}7{-GL> z00whG214Oj_Lz;0%XGnad_{SbS?z~^Ac(C+eJ^H@xTR;hVUPAJ`#r-_z0_5>R^dM%||2KgSd04XFFB|;E1 zbhjvo2+W9#6Sif0O^KL4+1o;yl+}5i8;lL%!COv4mCeC^$3g}IRcCkwDQ*{W>EMd- zzyWtTaAlwiIyX?5ftH7Nn2TAQM^{?r2!qFBa-Eqg=7AXeLvv-OaEV2nF`9A5qI~if z2tIYAX+RK4WSk3^d-=hfXBeH?`K4j{-q;X(K?5QJcZlbC2H@E48k$)CWO<)+*MyrR z21tch4nYu$$bXoDl@pp+h}oF&IhnJ7lI_lWk0$$SniGToqp1Wathb}J`tBmvgk54C z&_z>FnnhHarHKoaWBRS(8rz)FcYy$ollTXYL7peWb+=Zfe;NlAqLC$Icg?}5O{IvI z^c!P91?Qm>?pdLs+M$d27J`69%F?QhX86)U2AX&zkw7M2&>U*0OE^&mSV5Zm!5bnN zA)cX&thcQ9msiF)f{z8C*}AseI<9qlw_oifH@GMw_@*1$a*5)b{TeBJHwGBlr>kP6 zKgFo~!5PLv1Sjc#p<%5T8mE04n^U1EIMABvc)AOl69mK@^tk>gKnb-)I0k?K%3eEt z$6{M*Ctc*FV<-iGidIuaQ44i8v z9Kumz*f9I5jpN5^n!s`5YhA9x1N$_(7Qr8a!ApF>@tfPynZH^5XqOhenpVqlyTxg| z#b5lpVm!-cyv7}@XZ731qxQxdwsc*Z$4L#ycN@u*R>+4u#kXz6@m9&>TFPBKXq$Y! zc6`CCmR7B8$|zJAhfoR2^a@**-++9}>rDuAkPG>h)YN><3(Ob>K^Epg&iB&RvUD56 z+`*Xq%5l5M8_ay$lh$aIPz+4EKN=0Co3!TSCoR_%M)zUxed}+ zxF{5mb-BO`GMNkBx73h&QP4QmKv9%}d%@D7&;5M1vRuI;9YSj{&ohq}9iq?=?3U3G z9Pj`II19isJUQP*8h)9WvU?NAr!TM3ul9YwJ9s65p;y+|k0ML}^Z znLWX-{nRfF*BiVHIU(CEIgk%b318jHW8GK*oxvhKlVm^zADF$Rj1#s}RSHmr{}&DW zC3i^{!Aqgk)6~89TaJxKTH4=O61|~VYBzoC`>hzjG_QHTM%ME zeu)|r&DYxt>=yWBz58GuZsC5BAs!?Ff=#v7{<@vg2Y4)I02&0I-}!QYy}%mU_Y0`O z1b*S4e=rwjz=@Ck3PCa3QN5T2_83m5v8g#)D z!u=rt-c*7h?NcF;`}h~EK@t$26K5bz*S#H_fd-ad*dzYYDLxD602C|98nPhq#U&ls z+wQYK*xA<$uA$w{!SR70WF>(HHhD6oy}&k`6yQM$MBy580k6Sf^Ftwa{rDQ30aA6o z@H2nStAUVX!5FeYqy;$cuVL=70Up4(@~2=FsND;WA?c4H7lggh=YV~`ARJO(-0g7P zm9T>6L5r_J@xQ?IxxVX1>+93e@N3Ba_?upef3WQfkyO&*w{VzCX9Af$d+UtzYU zk)e!B_R9VGWi1LxjppQKv9xd=Co3Uq+PsOg9nO#*WB80QQl>zm2NN!o7v*8ZkVr{h zgck)SH511mVq3V521a`_Hy+Jm#oWA;*LDRt81A3iwQSq6ZPzxO+_`k?+P#Z6uim|U z`}+M0II!TsgbN!!j5x90evJEF+X*@H&c~5G(y>=93s6g9JNXO(jVQw($GrXg*~i-q zj8I91bhesfJv>6}!B*%@My38NOCaN&?Wf(&V#Q*YDf=Rjww(%!{+se;H9(#|dC$>3T{ zoOmT262);60~MN`l}=i2P1qJ(Y)MFAh8k|jVTT@m2x5pLj!0sOCZ335iYjKQWHl&`RKICdd+wHL%36)ROkFquG<9KD*GAr4nal za#_Y8M?3RKq7^mRw!;p$$cX7Hb{>5ZPC3Tl5knvLKqOH^EBVTwtoFpC3U<(PB<)S- z8hWQWx8}NRtKMcC52}o|GnGQKA$t`?eGF8MEbwuH!ZFuaBT2h0(a7JUBTA|krJkOQ za>^>N%yP?Zfx7Q+r20!-xIYEajx#@vWRJH$;n?$OatuU`c|HZpkD&yCvC(@!R}YL7Zbix+eZmc-NXXIn)*bxmdewBS%y zx9!u=$NePh!zlP-lx<1Il*`VXaU|1eG{_R2(w_-za)%`UQ@P8UZ_at=p05mZ)RE16 zQ#jFGb4@t>UUST$skdW#OurNg-|MmSYiLNY>)VdLqQ6*oO|kbLt#Iw=gwQeNT%&J1 zvtxIANv-QXm$dV+zWYMuOm7eB(Tg5D^|>D(?V+=)&XM!nU$1)f-;c$;_~G=+KKb@! zzTxHgf6jmZ{{Ig^wuJ6?I3XPY4~Rf$h3`eyNuUGQ^S}tIXMY*eUjQ$N!3=5;Wdn?$ z0VN3j!VpF)YNwKj2v0ad6squkBa6!hUkJk(%Fsg{eBcLHh{GJ}aECk$Aq6R9!5Ip1 zh(yF-4IOyH9x8E(Ol+bP7xKdi1+j=!tfCb`*O(-VPK!_Mq8Gmi#(hQ6EmQo|GtBXi zZ8*V1^hiLazJU!kx-mrlI6y!6#}83lagS;_Vgk7s#y|>kkb@j!g5BV z=;H`6$N(~!5dsYOA(v>pBt0wuF}9$?0!P3>KOor;W?0|_R``b^8A;A~60;3<>=ZxP z5CdiYV;`C^K^%D*2p|}N0MFcH6+3yrPmXe;6s;%$OSzUZQb-@Q{Kq()aL+WRz@DvO zMM%j>kA9}oqd8E^I1)Jyh*8f?e_RQn+eKd@!Bi)ig@@fq9H_7+qAcz|hn z*l9eAtxG#3+IA90I5L7Lyvz_mZ z=R98{&wTE)pZ^T#Knr@%gf6t94~^(VD|*q4_VbEQxgli~0F%)mKp3Dq$tQCl23@!@ zb!R-xVjdHqF_=R?$cYaM#BrV9VI)#2(FXOV!zVvj<~baYgMM_w0mZaq;=Y58RIhr| z)P$!z>3K(YY`W9yWd^VL*$-t%pu9Tp2MBViqJLsQ2HDg{8h~<$H&gZu6u7ROWk}~n z_j%9iZnwMN4exl%d*1Y}cRwC|p>ykd-wsW8z1eN=fD3&7-~=zY!R?LjN%4E(3@4($ z=?(CMOMK!Kueiknp74@2eB&I~;KS!_=8KDboU=tM8N(U0!)lpnX{Om8}hJ}&Q&pM2_6ue#OUt#qer zed}S(V!$JQ^{|V5>|}3D*13-Mv_IYJ_6B>|-wyYh}}0J&>_{J~!Xb&p&wYe~*2R2frV~$A+KzkuN@<-p=)i+gbR52#_+ywaM@Etss`? zbeKm5bU1Y#elmmh|GB!1!N&&F&kqbD1DIfMhVuem!Wi_R1O1>5nt=fX*bnjt6!pg# z<1kLC5Cbo87K|Z*8)$$C$bb$Afm62+Pv8gr@O~CRf$y|{@E`)SaB3K+fyrlqALxB3 zs2L#GfB^-80SFW$7--j*eM87^+t+>H7k`;8SKnnZd z2J58{S@?xvIEJT|3E1Eam%tdx08{wT0N&RP2oQm$)(_`!0Or7lewc+M_yh|uPJ?h% z{BQ^Q5jlmCgK!wPd2z+3QRd@jNzzd>hQr<96XYo>u!4GvnhKsNTG2j48P=y_^ zUiP2~WN3!S*a%d34hT>WJJ1F(KmoCk1tgGb{1**QP+j_<0ynq~R5ounC5+mr1^Ty* zn4k~j$bIKng&t66Uu6!d#2EW9{shI>e*-X(2RU{1a16AtjNC^HAjJ;_$qv_GhWfyT zb*2vv*&_IWk=bZ}CWVZ3fRO#j82`A7EtGG*$dmg9j01^h#3+7#rVkidXJt4G%20_` zSZDMQ0qa!`<`9yN5t3$gg8c9ZCzuW*5C;lke@Ot2;&=`)<%WKMg)pcLRHhFrfDP4^ z4>e#8)di7^F_-eD4+U^62e@7eSZDaa0N%HiT}go!*dn-yepGmvEmDVl`IlAaku7qT zEU1lU=ne>wI4@uj{Xm$CnF97Om5lM3{r8u3S(kvui#>^&4^?<~c7(>4gm`w0>t~cL zf|OX90{KvhcJ`Q5seY3F6@IGn|KoaVra1KABvnV9xBg6PnQ7bkRlSo*M+jnYr@R9rpgC#fx z(KwBvCkywfnJ{%~V}OolIA!zziHR5nbyi)eqznrvo!%Fn)9D26Kma}w0tAo){OFIl z7LY}de6Cdw1=$$+zylPBqK%;pVX%^oF`U4Zi0Vg?#n%l@SfodKb-T$AYaouNMx+?Z zQOUPlP1+b$3Vr?|s*NPd7)DBgJbIHp8iWk0aSuwTRurMGIiahGXXwBHXNnFGFc0ad zoeQ9#jgeAN8H-v7Oxt*sj^GD=8HSF^4}=hgX<$HsFe93_#FoKYZpMJ2JSm^=nC#&5sZBIIoTUnn|_n2&Is0%omeWeK} zSeBc~tBnzvf4W}2>ZGDdsyQhlELNx2`a*X)jIViTvDp~q_Zc=NsJd3Djo}TOwt?># z5&RjC9MDq{VN%o(uk&gT0m=`J5CA`snd!hy8z>9`fKD-xe-9h6F(8w`>IeET0Vhib z`-!2a7B_Qnu{Rj9Bb$FXh%85CvOi%`J~$GDcAD5qv;d^7c_x%fC~?3UeNF4Mj4`xD zE4809IbH5wB(YqG8duY4cyVuLL&?~*s zOTC5`yVwi9h^M{V3%uQ1Xx|&Y>AQF1OTM;izJ!Lp>MOrx$G+{$y6-z^@jJi!dv*0| zzoLu3f~LRxOTZ`RzyFK5f%|!cD|)4edj$-^e0RVI?6`3|dy!##4;;Z8{B{#e!G1fo z-)FXX%fZwa4$gO`X*+#=R(%HN!5{3lReNVi3!8ujt}$?a>F0&zif7$WiOWTs_vaHi zTW8Gh6E85EE%|?=YLk5C65o-sAg412c!PYogAd4o^S6Q)sIVEhfe~mP9yrDRIw*ow zSAr*)f-A_EE(n8NJcAYJ2R6tU>Ux7$+=Bx6tB%IFFwDpHq^EV(n%kPEjFGiW=%-L9 zg;dCte70*pETY8e+)cxr>Vo`;x- zi#VT;7>SGli80jS zk|&vxEmF`Ii48EhjZu7%Zpx_u8K>0>Y0qrG(R`FwYm7v>&={(e=CH_yikwjijbPSe zn^1q-2$tb^YMFd$DJ*TLwg{!w4{sTlaF~gQ>dE05nOOPA@phMai2{2`tc@Y7f$5c+ z`Ot6pp6{86lT6i(Np&C^nXZbIm3f(&xtU7ZnFac(keZ-_d}q!~(%5R!w29IbT9iOp zn~!jtJPe{U?G6S22)zkMr?#9xTxa{h13#ON)p?zk?0wqYU%}ZA>(B!vn+r|No!-e9 z;n@!`yUgZEoW|*%0a~W+i3o^ElZ`Q;^l5eX`OE6JpJnZzRsLz(PB@=z&8+3Ao!Pma zdMwgAIoBoq$AuY;5_-17Xrb4fp--@(+w7r#&3^7609(MrYE+qaHV*n4vo?yOI=ZQn zZK9gJs`AEWL3#i~+J3_NPAM8~Ov;knHw;i3ZBkm1jA5oN!rqRFm|RMb$%m9-8k`rM z-)K6bGRfW^y$x`>puyds!`;4hjf{6)+;zsMehR39>JEfjjEC9}GCkeG`3iP8sg+8G zICW~DxZE+@BAq(ZNexq~h=T0QeW!M+>(vg8wyM$4s#6WEq8X{QikOdZt6%MiyE@;! z3aeoktXP_WQ(c?K%6+XMCd4@M9J2{DNU0N~^LuS^`-mBLj~f z>dLdEjAT*6+P>$=XpW6phLF34xTd%<3qa9!+` zC)dc1njvg_BV5DN&h1oJ?bgndaXYt>VYeFG?dLvn-wy7*sK5*?dWLK6=q~SbckJul zx&a($13d5h&S>gx@7ag%fTr*KPVkHC;B)%^@At0k>NfBN@9H zb*%ZCh{l?sg2Re}FBpSfOoMSe`g8uAgQU-c+K9)v9`TKf_}Itmr`Gs|Y^6^ag;O~B z(*DYmNcpJe$)Nn%qKt{942GxtvxTV2(ZP$7uN(YL6CJe*R9`T}w1e--D+UwGuTuPG{7GP^Icq!E~F3w-dwtqg>hY zWy|d@PsZHY^JmbZMUN(3+VpAEsa3CL-P-l*)cBJ+JP`-Pu%E;_oKIVJL(7!7h{_(k;< zfRzzNM0z?1Gq{*eL>wgOkZ2sbCbFj$C-_06Km`kwNV|#f;V(W4D=ccRp~&keKeYOC z2Z3BN+Nd7_iE_>^uq3*xEdIKB%0>7%J54joWQ6TT9COrhM;?3h@kiKXqs_LqayyQw z-q!l3;D zD8kZ03iT1-lIujeg_I1T5XzomQ1~Sk<@m|uwr&bt5G|=Dy7IPt{G@YI3fmmXkremr za29tc5C}y>Z+o<#6;(`eJV{{;bIQnUERDv>Tm^DgT5GlSR$Ox(O~|!sW6~%i*Gdw% zJF09_pnaa0qM(BklEu=Ay2$`dQh`Y56EDFOlguzhsz(=%a5^jzHVZUPP4@V)LoG_* z;-`qG2&%`aiSpq=zzw~7FpR+@0u+L$z6xtBiKL}gB75;|cVV{LH(}jEhXHEQfnc7#%3Ofe zq3D^Cxqr_(=RJEO(hj@op4%>gr29D#6Aj5bXG-*N@(#tOhYCmPh~_!6U4ggDfkTP> zV^_k9_;JLK5=VN(gTUC9P6DZif#5c^8TNZE3_nIrzfJkkgsubOF0kl{G}JkwzWqfI zRX#~Z&E$Vjc6oEoJNNu^(O^DGX10PwYS^{vk>sZ!un`VS>3|-}8xCTCNSFX2<6g{U#Y0SxG{=g^TF31IyZ(>cQSh;Y}PcY366eTn&70ZHWteM~@oKcU0< zjy00i#b6HeV~YQN!n=OJBMUJ=0a*gLK=zG<6ETnhp5mjq&|nUQpkrYRUHHNuiOwjb zTZ`$Af;t0QC~DO?Rhe``ly-!L2-w)+Iq;T4BqmXbOJrgb`?12$s1Sxzq+%7Vm>L-t zg@(AH+3B1ZpL}ePe_Z*Yftc|V8Ssf8$m8JHzW7Es#!-%cgQ91octt$sQIAy2B2j8X zmeP5`jS|7(91VF$L?%*^ajau!?zl%tMpBY0>myOrVF+{BLzA22q&=Qt3APk+k^ZA3 zWhqU0N}@CpGmo5PD_!}@995Di-$+O;Z7GVjh!T~%pv>o9kp}I}I34 z%8b*T^Q0#X(fK!Zx>KL~ljaE%5m3lI#W>u@Z{z~Q-rCL?6 zhLwp|&D>VadREIol~P|7Yg^sQFtYv=t#hTPS|`QUx8_x^mYY#b>H6288kCl{By1>h zxmUy{wq0=rY-4|VPj!SMlb!73H$Yi4#b#EsZ(*!sJsVMU{;^1c#O!9BXpgT&#vTWA zD{9@cT0?gBv$L&dXo*z1F5d7hs!N`NPGy|7oFoR|Gf;?PP`>!Y$zQe@E>ZL`0&FOQ zaB;MUGwj0@4yj{<7*I<(kU&C(5lDO)fk@iETi)tkS0dVt0e5|wEV^hg1{P2lhu|Rs zfsFSdPa#lxUw{Ip$QQut-L6{rF+v%zt5qfQD{UQ2PTT&fC^qE&jme7J>c&APRI21k|H3C;p;Rn3R{@q=hP0!OB3kG87k;O)P+v zh*^@-s9nYdT3kc*Ui$Kv<6x}T7BLK?2so0(G-f^TQFH!Zed=at7Zc97m9sjR6rAA{ z=ffL{4s(q2y77$qJ?Ze2hLiyreXL*}b`S_Y0LBwEyU83zcAFpeG3p+EaX$6=FMg(5 z>k0V>K=_KAEJq3v}a3Q@R7WULdFic~#ho2pdBSq48l+9Pk} zv}>5#3i}2)NpTXCq;w=`eYC_jg62Cpb7RH<8DWHBCqRILht0u{od5X9 z_?DxcOvp3`qUuk98dRa^7cE6G2-g^%Q{yD%OG{;0BIlcUog$^LvA1DLWxR7Mup$a|@&A*dVnN z-xaR|%quX0>&`@!!LL{64PXyS(X2DZTET&xK@gMJQ(hNh9}3%G8$(OS5Oyz+DSIa+ zZj0RM{(CFh{U{VJNbZ~$e;DYKK zq2r2(?F+Yypa%h{oWmG3ta?L01f4hxjybd|XiA3{h?t{DEk10-K3p@A z3q(nD8QY>Y+#oG4azss3EZ>_%Pt+C2!X(P-q)!T^O+3ZD>cmf6#hU7>wiqnJswG@9 zMO3WCwo*k_%taqDL<_+yTl__L!bM#i##nO2Ch|pKOh#`KMq+G6*WkqpK}Kbq#%E$i zXS_x%GDaqnMr!QFUb04P3`f%bfJO?zDQ`T-VD!VX5=VAa4cX`gc#KDRoJV@BM|-?S ze9T9E+(&-wM}PcBfDA~197uvJNP|2`g!D&nY)6K?4A}?=h>S>yoJfkSNQ=BkjLb-l z+(?e>NRRwTkPJzY97&QaNs~NDl>A6_l&gls#)nMFjJyVzoJpFjNt?V$oXkm`+{uVs z$(H=d(0Iw6lu4c}N~1hVq)bYsG)kWYN~gpOq0~vDTuQ2}N~^p|tUSu5d`hnThp5cS zsmw~T980n+OS6>7t?Wvt{7Re*%d>n-xQt7=oXNCQ%b#RRiY$j^AOaQWOTYZf5_p4S zh{?GuOv5}(#I(q|w9Ed6#LJ1~1|gWNQPiYmr~<-FOw7zo%^b_cWXyJS%!n)pQ?SJ0 zD}%wjNVnWf%`Asr@W^ry1=UPR*4)U~q{`0pOmPHFh%5(1AWdK~O^i%Ui+lz=-~bMo z0a;)NF~EU{q=o`G&61pkBj5lF_yUNmh9me0OMu8}kOPWjhd?mS88`-Zr~?Zy&JvJ? zi7W?BFis92fdNp@oGgb<;D8q}0r~6(4=4v+ID!|zfIfgoU5Ekdv`&b$g(~=l@I21b z98d-g2l}*6{Djc{{LcV|%Wvp`FbD_fEYOJ5&v2jy5ZF%e6wlK{&ri|oG--HTT7zyA+&5g_j41mpY$b|>^1u+l+D}YGngwBy< zhdh8yYj}b%um&jD&TrU(?PP`nm`HZG10jG=UP#U{*iMZshq=+oa%cq<;7;`{hfT1A zZ_onutcDS#h6_+nETw~RUa(IO=^#%q|PgMBQTrf~(c+NV#(-D2k3|)XQ zkWwnOQV5+>Y9Ijtu!Jxj({d=&KMmAIg~&%ehH4Oj?aYM+IEF|K2RyZea&Uw({RSRD zQ;)n+9Cb$BgwWm`zCQpZeh5;F6wZkR2PkM#iDZW{*n&?D(E|8|L8#VhErcU=2oyMm zY$bth{$)?&oPg&HO(=QN15E*EAOS(Mh8>uK67YprZPqiDNF*iCG`P?ZWmTQrQu&NX zYbXLJEl)bo)4?o*iu~$2XBbaW~~E1Ja!rA7 z_}622hFCaLYKT{fOxTI6SXr=zFa1-Dz1V@J0Qr0c39wN}q`+SNOdZ8Y9tD;^Fri|F zQi?>@l%-iPJ=0fsPIH~eZg_yfCYLl-!792jksTG`(Eu-A=b{UwTbc(S=Yb!C$gH-O@!}XVcl$ z4ae3E*2+YS*p*$PoygjSNN_*{X6@g3&CnQ_R%@+RLwE$>Rbb$)2H_0{s)hc}Z!iLg zoyb=J*|2?H^`wTXh2fWt$X8&_4832@J>8uA1|nF|0ub5e1c4=hNN4!rR#*a+-Azu= z-Zq6;tqq4;z<`Mr(I<{e{*71~hDav|!)^Ss8_bj0IySz1>%cTa`@R zb(~-d?%9j{*?y?ZddOf64$dJhQV4a`Uzpc$$b|(k;tw5HsqKbwz1n=$RXUDHsSQyI z=u+o}-akzP-&NBkCZ+;UJgyfjo4hp z*$7r$KEB2ZrnO~I0W~aSA>BygJWu4j+=xU4NZ!p{aDd~Kg(Jmh$H*tWE))P7LtQV+LIq)?R_`gI0)uYiI-yz*Fxv$#PiGAUK9O zh2nuW&Q^T^2dK_#2-H74gWLh=!2}lz=;ue6X%6TBS#XAw=75PUOUV`Je>To9IB6Lj z;fMZ$myXk%KF^)r;q07HpDt>k{!<$DPH|>KHY;ahJZG=@%?*~w4vtONgoL0rYqj1? zUiIov1nbh7-J)Gc)oyV= z;)Na!4ouXo8uu4Qd@a^;t9o!F*GeP{$8ifB#H1)h9XATz;ve4x*)Q`NBRFRY zI#)1Mf-k8tE`oAbHa-9GaxEqr@#0@7=KD2NIMdSxIC=g|c0p0UDe36GJSakzpF&86+F`F^Ju(6TA z0SXlL>#>nIlpT8z9|JNWBeH%lvS3%TL4SfK>zXJ2F&7WuhbusqEBJLUd-j`vKs0-@ zD4Q~Ce*|M$!&kxd5Z82n;q<#JE!?mJJ4*yS69|IXvxHy;HK`xESflo01%B9s31FY& znJ>44lLScwlP-7yGO`I915%irp@5JkGPU5C7)F_js*svi6Sh?`2U#PS2wAy}=OtZp zvYaaueIXFw;<=H~c#5!ykXg36xC^Ay7JaFZOK11=c6X_P_u+$bLTZa^W4T!%4(K!W zq1Xnf*#x@Shi(Tqc0dz+s0wsh_*wWsQ!xrq!wE`*ibhCxCE7Rp@VEWwkN*ge0jUx* zYY?Tt52u?J)D1Z!xFtbZM@-?#~D1fk;xC?KFEB>N zI<%9HtULL%>$F9cstj_l!5sDy6?RkNBrnke4)?4 z#wV6~=euRmcZA^gAF4NfPyjxA9SB?p&sTWRcXe|%5B21`oA;X3a8Pf8@Z_F%#?hy1F=SQJ3C;YUSJJ>A) zGJ*P3U=z44hd_R7mb9d35#z&#;r{;N%&Bvy&UQS10u3s3DAA%uk0MQ~bScxOPM<=J zDpe=KYY*-5O8JnVs*nw>)v?M}9Q6eB|M+?3CRk6dnfQazEFwOCwLNJYqj(Dfl`%#4nRpb|K-7fVO(B z@XPjEIl&B=pk{&2p&wF?@TO9qQ{TgnFMmG$`u6Wbt$Hl#JlEe^05ZLsk zRzKairI0%W6exozUhTt1{()cIr5HR>#IXfR{AgkU4N4$Z(J%yrcaS~K91(*ImP`a# zON}@&&H%K*QXmbie3t`1X!t=71<G$5$f( z6c_^zA*It|5FrT@fCUB4U`~@y#t>zZZ@$T#J-NIfgF*Uu&{~T$l(eKkWu6&BntXBM z;wAm)GXb0F%~@x8MY5Nad-zdWsil`E{qu#4+TbLjl5Bs;Q>#Gv=wQvf8Sv zufiH@O_3rs>87{hnyaq6^7>Dw4Sm{QSEI^WY^$Leo2;_SGTSU^v>s(^uhUXnt+m$% z^(#YI5xJEo|0zWNsdrx*psim``Yu2B@c<4 zuD}BmT(H5bu3J>Q@-p18!w+YBP{0d)Q;EeFV{EY~HBEf5#~*_n^0^5UwJ^jdqnvWJ z^cvf-$S=bjv&@h#WwOdQ)W1Tfs5;yC#)L(-gHmg(zWwq94qm47uvDzcH+i$}SC)q%mownU~Gh9_Wd-L75 z-+u!hxZr~mUbx|hBc8b8i!$~%QaO^wHZoBZqN2R)}y7!*E@>7>iyz|e; zXMC&3FJHa&#s1zC^xJdql=Q4pf4%tQo0@%2!FQiN_tICKvHPKLOuqc{!)iWG=&PSU z@y4qY3cmdE>l^@gbT*n=$9%V2Wq0j_Z+ zaDfdRq2?aQpREk*E2SAwfyTrSM5G8&4Qhx!W|)v|gr^$aGLm9Qqr-(H$XqLm!3$8J zmF=h_3o*dJangYV7nMgNM%$$ePUsL(sW2=g5ePaWFb_lsU?Vd8AVO-$NF4Tq zIe+Y7O(dC+AeQSq{a{D8mb4EyghU@Zn1wzrKpQkfX*$?&#-W-c7ko6pHyBCB90YO> zw|p{`ql6hh)Ig#%uCkTNkPAIx$ro9e!~^^o1d;f0hK-zuF&kl}dE`P%TiOsgA=D!` zoo7N&0WpOP@fttupvZ&tg%1>{NDb$~3ykrI8E0xkgS z=~M^uaa(>gk~jfW6MfKhF=s?5iBv(l)|(vn>j7D-d$t0jPXY%s!qlg#)+~W3m{oTWA4idygyw>*a%pN1yI3zO zwl=q+tZsOd+21gkIK}}QB!$YD-5i7-VZ}!W+Hu+>(Ay?Qv;Inf(t!kC6if`JS=(`!ETqW(kuUHrQj0Qu!FfHghq2YhwvXs-L4h?ru{%+v~n5x1S2`a^Jhu=x+DFTMF-{ z(mUS^A2h!MKJmA+bnXoA_|_p_@sf`o*o*bK$73FDk)J&0izhM4fj;!2A3fnr8?>WTjJyKk%n3IzM&=TzmJ=Kb@7EP)CfKl_JY{)C8q>=uKc z+0k!*f~mhS?ce`S_~*Z>?~4G{-~AEb$SlqB{_!9G9bE+ZTmdG81tkXuiBCD;mIUIT z_w0rBCE)n+oI(K7I4N5T-31I$MsTgglSoKQ*nx~B#5vFeKjcUZ>_|=g&?PlO10dVD z)X@>K#u+uy6Oo)ij1d)ig%dSgVK@U3*-=0EAk1{wMm%9lfW$hq2oUVh5YCZ6tWgXs z;Xk>^aqQr!s2^42i|U!-8KPkts^J>4VFof@9|7B9$ei?`!IpRZGwp$kf9zM8rT!(vmYKs>t27y{$|38Ne~;6o(XbIk%*nS)oY6hx{-0wf5c z!Bt!!93qlcNSIYV!I~ur1e77#IIxC290NaG0g=?hJHpCf6&4B{7HcF{X1PXVJr+>m zVrB7#d|B3CVOAU#j3lKMNa+4UW;s)Md=@T7QVbo&T{R>;5S9|=;InMxS{6k|q7yN` zAr1YbNHWH6?IB9$(?vEHM8=p(HUc6R*G(ccQwZ~+y0SMV!;M$RyhLYuDmpNIAK-p%l*+5iT%#>z7lvit!)Ores zS3G1)Oe9LEgpd4~9{#4~Lulk~UY}dG1Y9OtSd0ZBokb6^#a(hodmY+aStDj>24|2$ zpv?uL5hhS6Ry5i}NEB5Ddgy4B=%p2?a&VezAmyi3C3K8hZoryAC>E;y8bYj^%##9GHlS!v#v31RSBhOlf+WJ#is4Se&AI$#p1E$F)SE$UrLrYKuC=fktWY zP3Z?(6}n{L{-Rl>13I3mp6czTYL%i(v_;5d!fNly>a4cj0(#3w?&`2AORxGW=S|)J z0ARli(9#j>v&M?C9;@WBkNlBc{6K5AzKXO?YvO62a&VuvYAd&P>)(BAa)hh6LMyqJ zYu%kIa-^%e5-Yp5>)O3*X~e6%?kc_3YuDW?Y5bwS3anc8YXa&`8zOAND(u2CY{Nnh zzZPuK{cBAG?7&(qLqKfA>fFQ*;Kh2ZLS(GQx*W#_=f|3?K!mKw5*x`n>&cpI%Bt*} zu`CF>tjoe|%u3kIu4>J`EY6BwwOZ@^VJpvm?9KY@Z26zE0-ykvEYS|E(H^Z+0qY+r z9nJ3kDgh(JZiQ59)~ z-)`X&Hm(=Sz-SU|*rIAN7RFS?9N9KR9p0HCA(A4Q zELbC%5?`Rw-e%HYJ)(V*LMVz7DgEw`T%s%vlP1dUHGLv3Nn-Mf3@R>DGd&X|k^(%C zz&h1NidY9MVuSR8;*mxa@{ST%E@^CuuJDa*(|X`BYLzm|5OP{flxQP9@gtFd=??zH z0)T!;80e%))RiRd!wP`I3lP8zyaH0f5;&MtVW5;-wLv;MCP#VHCCwv1lGFs-14`}G zO0|@G_G4_!rAUFU!5E}d!X`+u!!@LZK15VPFr-Y~NPkA8n|Lrqs)V3v)BBEYZz{xZ z${Fe|L`ZrmNxp7ul$DQ2WmKLbh9W~NKp~^msR?v~381NRR7=~EJkRD?L zS+0c%mZ}irUi`Lf63?ZV)+KO#P+$fI3>=bY!dP0+gF`;YKBxf`SOXh`2mU{x!kJV8 zML5z+LRosPmt6?2wk-=}-lp*)glGoGWwuvqawb%&FoQW5Wzy$4g)jFu=QbCPk{ewv2~M_GJQSq6WMB$1gEdPRcpu2;kb zLrR$t^5qz~39k8YKHcp#WAm?Sv+4F+Hz$OhL1>;?#GZYXpsi?*0tZX(k}|}Ampx}c zzym9)Rbjls?luTNh=BkAMyS~aOG1HyOd5;!gBxyIlfr0gyvB@*{u+_qs3I>2y>$nV zMzxP_1g^Dl+s2h9Y{YleXsQ`$EqYmxf>the#)E~lNE7h`lC%ffDruN)vnhy{DukJ4 zTX8h%K#`ldA<6~_6knvm3vfWTd7;0B(hMoXVG0DnSxKT@aOB#EIm}y+=mQAw@T!a| zzzu4f6l%dCYRM@aqaI<(2};DVNoRvhM1WkE(7}BM5kD;39F+DrKHO^Kbf*$Yq>8rZ zwvzk4HL{L0->NE|#SK{}N2-vj(=tzSPo5-Ot=s5B79t0-KzI5{_jHf6P%cK*?(B98 qEZBDU9>sM+*o)Fu-PM^id9UkvD<04WZP~pye9xkWxdk;6L@^XzFBXmPfkjGDOGj-;VPZ*{&rSz% zISZFN48c(n2vZ?^QY&9lM2k~ZR#aGaav_}TYPqCjCOg}b%KL%eZ_H%ymYbSd;kY~04aU|NqrSVd>3AK z7<7I%2zEg_eOg+6kF0i<%zc`@eWlKV3w41OG=?Vtfh=i-I5>z%D1uWufnP;~b!UWx zhJlrjg}~{IIV_7iagSn3h=HDnuhfmm^^8Lkk49aSL2Z*;IFMR%k#ByJfmM``j+3Cg zmA>7ZN&uKlIG|c0pH*s}Z91E6Oq+p^n~SrXpP-+!%$?2YqDX_NP_m&}2%}kEq-b`c zd0DVmbFE|ysb)H=XlAl)d#r_Cu!VW9jf|{}ov4?Bs-vc>ro61i-KpH~wtY;sortir zwz=Z)xhrzIeE_<9F1vqdznq7;ov**IpuerTzPQQ7baujpImn!4#jmZzz|qQ;P|THl z%%+0O&d<-|=hvJ{*RG(|x{}hqu-T<^-KUD$r)A#7o#V%@-qNhx-pAkI<><3+>cEBQ zyO-^|eC^Pk?%%KN=f~~s?)}e>{_e{D{{9I50O<)FNU)&6g9sBUT*$ED!Eq2HN}Ncs zqQ#3CGit2pu%pM1AVZ2ANwTELlPFWFT*ibLzxcv!~CWK!XY$ zO0=laqezn$-O046Q;tfbN}Wozs@1DlvuYjsw5!*gTf>SSOSY`pvuM+PUCS0~+P84y z%AHHM?%B3@+uGgBx3Ay7fCDGYOW3R6!-x|rUd-5M;m1uIOP)-*vgO5)GlRX%xwGfb zps8vetueIe)2LIcCP})r#nrH5%bxAowQY&CbL-yCJ7KvIT(~@`gsx${GSvu{GlA0G zjN%M&F2gfq2peb_z2)LH&eo4{+J^o-X;oz-Gem1kW>XQI$f=X_m?i(YJ~)>uAeYn2 zCdTA4XfI_`fUY%pqt?g(V`VT#qI>2i-z92@?Z%-n7y~ zM(ogW$~fLsxe6uYbi zrZ&OFkX(3N>;R3OgK(jOhW_R3&<7VV0632@)xA+1JAD|T!h5j}QpK(84FV*R8gY}v zloN^5#}KcM!_66k5Yfj8Ls)W56|JZ+1RUE+OPvapjI#_EL%_hxGDD0I1$gMH3tn|F zShA6NfHs)Ot<_Q5V5=%nO3ylY7y*NatUhtA5wf7F>P%|x$HTKWpp$Sl1RLyOnqvIx z>Lh~FlP=6)$lunuKzwkjf3=jW5YDhkoXy0RXl?2}T#WEUHHrHAUc%?}Is_s#%|i;HI8I&=r$Bp( z5U5Qvw@q=#{2-4U2ePy3o%9%4PKD*fuxST*_0&+2Ip#$^oHN#qSF zSaQ?EDbv~;<&@icbLBYOvZD!>;>6+&GuYX3!#G`zBaW2d5kZY6_Evu{n1G7eOF2Kp zZc7{u-rYwcb{@D65s0In4l0N4vhlPFzRw&bC=L%vB0GZU%T6AW#~BV3kJEWbb?swQ9FVBQ*a3}z zUF_l0j5H5TEN+TW+)sbz@r;_Rqi}BU-y25|M}Yv)K3q6~)HF9Ff;f#H?8wC=lwkr1 zS^_$aQeBT41Px8#iHyrIg)@+&9}Nm*h6>q;GJrRc4+hT`aNtH6WHFBAL9YtV!_v02 z!O4hl!xfWog_pXgjTt~>c$FZ<6uf~G^#ss833_A+^t2o#;%F806H<;0**lm->_QrB zlra&6Oa=n2k`8jmfT$@8LGj0uFDXX}kSIA`kYZnsyyOhZ)F48zz<>I2P8lEhoMVW= z9XBNvbu&0x+5$O9=3rA6Z4wAPlwiRg@n>oNBa;iAc!^{thff4aH;?StoMYJd9ScVhuBaoQRRE;6c93Kk;sxl@59!-d# zFqkus>C{T2=nxbm|0&N^P|6$(tz<$?+K`PXi&+uT1`G(nRYFigl%zCe^PacLce?U; zO`7E_x7t-+Xa^6`Dh>MB^t1-80Tg(x1TlXw%>-E#hzBYv9%==#8sapXLh5TZne)wS z5;cfBz$;#%;mwXs)g=WI#DcQ11_RAgo$S2C4)8#tc&?MF&oPG$+EflVkOEK6r2gDz z0lJQqDm19KGU#Iwxe2|SV@wej`>b9>zB4}DZIl**});}8h@ka|Jh5z$BROD8-i*`xX% zE0Y^h5|e&J4e*WQ8PXbMDZw{ZRaQZI)Qg2S%-X%~8IMT_Mlg76Dc6x)C}wW5XHC5* zzeGsUe)wzDGUL0ur~S{c&}>tqPOQM+HugZ+>;*i!;J^4*7MvW^#0jo=f(qSNi=pks zI>uz$P1W^%P&+|1#>=#rsOiWV%ppCh=-waZ*c?VKqC-1Y9KVvuP*$VV{*0%%J2h~pkF&M`&+2WUoo(i_r*3i#ZIhc8Y@8RNpCXu^(=4M9eLG&<51z38{x=IJu& zRMV$U^{R*F>9>ixPOZ-Mu6tcEShvmB$4>UL(`tEnZ8~*T!rwQRRllaCv{_!PQJY*nG`N~^f)siR7af+(1RD!76y*n%$j zf-o3^GB|@YSc5irgE*LjI=F*8*n>X!gFqOBLO6s(ScFD+gh-f#O1Okf*o02_gisiT zQaFWFScO)2g;|EYPg1M*oJQShHw~%ayW-{ zSci6ahj^HWdbo#t*oS`jhkzJ}f;fnTScryri2jI}h>Ey~jM#{d_=u1giIO;plvs(D zc!`*piJG{HoY;w;_=%txilR7*q*#ikc#5c)imJGZtk{aK_=>P-h3y~#v`C9%5R15& zi_fI6gjN(Xr`(O*!_>Hzm57~DQM$iN5=zC3b0nzAt`|t-6U;#!z1krF0P9Trm zw-2kZ1JRIu<#3MZC_?wQjm(z~wRnrYH;c4r0^>N5&&Q9n$O8z5AjL+D9q^9UXAcs9 z0qF31_h60O=zFusHYiDpiSUn(Faq;v{(bFWjWxgvWi}0hK#La;jP<9G%BK%kz>ywF z55Yi-BQTH@nUu(v4^AKf7a$A5SCA6m0oVtUBKdpe2m>+MG!hU8SZNDlA)PIg-Ukmn}Jdyf~I0 zDFH`0eET4nJ;|2K$B@4`kRVx$5_y-H`FpcC0#Mm}>L3WnC5C_M zn9&H7;Mkg1fS6dR3`RhUG@v2Dw+@0Z1Q*$vy;qsP$d|qMnV~tF#1HK7-sTq;{@RsVCnVFfF zQ|Xb(w-1s)i!xvY$S47Yxsn;M4o#__=}C*L`I4~tn*0Eive|o5`HdHVl>7jn=tz~n ziH_med-Q3a_{oyTXAjoskjS?W$AF={DFI>-eDLs}-?*RrK$zKJjTL&J^@)xp`jBkt zpXi7L!pENISeNdJnfVZuD*B=J*aMDf4o#_|vuFWMP?G{Np;t+d1PYHusiFuPlj~`X zqgjp;(2*-zlr{hj7OD)^=#@~Kpbt8vMS7&h2cZ>ne00eHVA^{YiKD*vqY{v%^|_e6 zN0%}X0&Wmr^k|P9U~>K|YNQe%3N&f~Aut7TdZ91sd#+iFhzgvF>7YHTlpv|6%Eyo+ z1AO*y1v|Nt5-*kwwW^XNc?zN$q^{YlwJNEm>Wi0osdkB+ z%lD&Z+ItMSpR?!zrP{4eYN1iOr&G$Ru^E%$5TDLRu6&8By+^KA>U-yUeET2_21$!G z5U2F035QCobXt7%+Lm-lrt(^@q&bzrhn>OajkGwawfLyuN|EBKd?~rE-72B$37Nrn zs#y81UAn4}I{vQ~s+ZczdHQO zv&3h#s*1Gkx}zN1u@jl8mU?^)xv;cT z!snWn{(zNvTDn_Vl*gOA${V-yiLg0fuEpxT=F5|_hyhk=qYfLdz*n#1+q;wtuPht9 z_DiD@fC`)HyT#YM?E1W>TfYbDvJVQgy-U2mhp(6Gul#F$ba|5L3%=LszM7f46x_8+ zOStoUwD;S=@ENK_8A#lit^rJ?1T3_#YPhl5doEn6 z3QWaT>cqmg4>?S~#wvUaDVrfmt%mEE@QJj4YsBQs0lRt+zS+FGd&E*}krGgoH^~M5 zv`D0o+LUw*k4CDr{#%j>ODGQty%)^FS1JJ_tfgFPrx5#~*-MXlIlhf4wuJ1M^l->! z9LarblL*2MIVk~WX`%Lr0S3ztx(UK1+n~S4zCrA)PT85E+?36V$8xO4Qd^D#>x+Gx zwf1~$0Jj41GLKp9H0yqEWoT9qu)p=Ks>?x49vh=jMRyb*(iLU z$(t6y12#Fa8!Wbx5CY&CjMDtb)EuTGN&^YqduaQNXtTL{stm|j1Lw&P3w{2N4lTjL zCtT+&0Y(r<#J8Lb&C%eix8>QlaXiqq9J)JUDwO1;!f-PBI~ z)T@XN=TIe7UDZ~7)mWX?TD{d=-PKS*La=RdcD_t-PeBo*MJ?^f<4%TUD$?w*od9jioMv3-Pn%(*pRK)aov6A zK-ZCd*_fT#n!VYa-PxY~*`OWTgFV^Y=MAEL+Nhn{s=eB*-P*1l*`&RFrv2KqUE8*O z+qj+Ex-HqUoqe;t+rS;%!adx?UEF)!+rDkw%Dvpo-Q3Qd*~pE3zyAH))Lq@yecjF- z-PbqW*xlXU{oUZ5+S+Y>+#TNLectGu-iAHi)mPr?{oe2$-{;NV)aTyvec$+<-^xwj z(`VoM{oeo{;I2)5Spx_zAOp+G5AT4G#HSBG;mMcc!N=n8cjCY2-vU14G+yJ-Eq(jY2|QrYtWX2!P~zm! zroji}VjBsLdweNg;{0F?2M*!;pyB1$;U6v!4{m%VPUP>W4})OCzvtq{rw>NX4_@wj zW8QvP&JQvU-z#d_tG%M=Fp{5559ol~ZcYz2KHt&@4nqE*{v%o9`!Eh~TjjsU$j(O& zNKg;Vp$};g3!C7yPrl*c*WvjP1rfsK3NAutZsvk+d}U62jNIv+zJ6z(=Kt^wCvfVh zegZqd3)amK%7E%{z~-VI53P{uCjdE+tq!Iz=XISZr#=JRU<%OS+WS!JsICH(VCQ%4 z-O>lf|n6|)X%Q0-(24n2?z)gJ2)>hCTPo+}y-P~Zh3tPkTJ3Ji1yE4T4+-)@E8_fM4*Bjfz31YO z?z1jX^IrMxBtY<8-UHN50st-Z8b0$b9uCz$1-GE${2=bt?gpj$?(rVVv7f%knc4xkfd(vwvOszP~CHa>OLUrpUn?wpY|*e4T!A| zbZ`QwP}g{W0#s1f`ygbeE(O;z1Im8)dB69EeGg}l_9uWd|KJa+Z~}3#?9?rN_8{=&;2*cU1 zh)`deDi*`RsOIh8PM$q?emfBZ8aj06mYq3qBAQR8O`Sf48dYjff3{9g`L~bWRIXkB z@dJ7S#wm34j3xx#5ctR{xUN=@5EEH?eNT!^F5@H&&nlOn+Q1SIdI6V*QF?72Z6 zKh9}spJcR}el+ z@6Gq86ModV zYWg3JPw==es*|$%%gFAHLajXChC6OJ`J@{h3SUEQPu*5-1=L))0&~bc!Ola&##_e0l}*CC6KeE!ZwrU5-KXAV z%dNWd5%^%gbUwKJgO|#xWuuoWC#WT*X=|T72$_Dc7qUO6oEpk6C&oY#UEqz05#?i#d<8Vk7uxi zikZTq;b=h;Mv;a(ZOoetEa#^!(#Hi}+y^s+*oopuq#Z>N0vGEcgUQjZIOL#^7@2j4 zUSx}x%Lm>Q!M<<+z9E3D)bQG~kMurm+UxDO@u2V=U z8~(+QM@DipGoj)|aH2h@a1VY-5yg!vvXgjF>`Y-nghj$K1GT^dDLLYY!B`**gjCZ? z-*HRC;xd;UjV)jNa0gn@$0K&Q1rB8yn+nKc5pj|emK3`Z0NwZx0IGnT{8O4wh!iFp z9cG&UFy}SFHV&ew11Xk3&CvKU4`l>pC}2@xI8C+^e$?|{AhpDrtnx2_r8BJnUj#n}SVuI8~~0rH6E* zhc*D=f+9>JZ$~85K5*dz5}1%WKdeF&Ytt$h$Y2*7+Ke$^5~yR1^#!4b9;y&R{*P>I zs#BS(l&=sc1tBT}3SRhvKiMjSP{1`efPez5WaUTT2-XEW;37ZdiW=QC(j1V5LM4VJ zlQc}v9BOE5N*&^fw&E2~%W=U;#7b7eZU!7Z7%K^qsSnmN)_4uU6h=rOgQeHE0H<_A!hicp(hJBot{y`I}HYcXG^ZN?6uF2trUSDIuzo2un7DzW_yn z4@2M3TnI6Tp`{^wQDBu=U^(~J$%0HF;hDy!&iN7;N%keE`{E+60lK#-0Gy{&(!0|H zvv+|fC;^bbRG0|<@0>cr%7AMoBYrGNMt9loKQ=sHhPEZeO^L_NM)p4bHknAoBSP?v zS=_z-I+aIN1#*z3a#bQ1*~pz~knE1UWF|M+$w%JhlchXmA|s2*QSKplwH81d@YiIq zphlRt(a{wD_rNb^Q;zgY;TzElzW-noR&Hd2XM~v=&ajt-eG=fEjBTE4rpjUHRi!Is zWiAAEFjF856_Bz3%wi_9TFk6sC~+7^9xim!;At`n^Jp1CNJ_kJttBcKdr$iihUKhy5@R>p+0T|% z9-%$$C0lvP>AI?xeF78}!~)OIl#>1C*NY1$ltgHbOpe-D=)(T+Mb5T<7`f#VKn3ra zoqa~iJl9<#f4F`<~PT=4{7lN)#lvi+p%_$ zhr@FsYa4|h*2i2*uoaP>fV@wCx};TjQ*>WCy(fgTtugLCpkx@%bAbWWpFW8ref`oU z_izlb-e!ldlfF6w8Gw~8RVj%~>`^aw_Xd;ovlIH^HNARMh@?)hahlS52jF<`PVTA5 zOzkyJ``T^o=aQX3@nUEEKjy&gXML&Adm;T=LrkEE>JR@`{4z!9CqdZIF!MN~2IBSK>lNslu{=X~4jQ!KXE#$&3#J~Q#Fm@A+8~BTi z+W~JIgrtxtb4!A%JClbAJ3`1GgL{~Hp^A)&f?Z$+^Xk5s$-pMODX}20Im9#(0YSKX z3jRro9Uue;vIHPJfirZ5G(5XWBcUA_ggD4P*88tI9Iqxw3RDmb8{mbrFuY65MBDo{ zXK)3yP@wv{7e)ldq#(E76N^D$gQh}@I3&d3Q^iSOMOWm9jEjP2__pN3!ep!rFJ#7M zbjD|#GB9)|NUV!t1hs>Cne79=!eBtVcp=2tGpo40f-#>{z`(NuL~kq~b1X!+6F3nB zFb<-i^ZSZ&xW;?Q#=JYa^O}bj{5~`O^QLtSL>6+Jt+B9s2%k`cz2}p$ipxBAxW*K_ zhi^OqcJxIgNyrn30)>&s6Uawp1WCe>vVACpB7hddxfTTR7SZtxmb|i*EVg0tIg&KV zV}nU-@u5vf9K-<>o9szw43zBZ3^0s`ZSaOV;RkVehNFxNabSj1!@8oR$9?Dqru+(a zcm@hf%BS>(vdfBXphutB2X4rPSg=YRQA!$9%Cg(aN$AR&F-j6k%OM0ysqhDJa0XL& zhOm4-r-VustV?=ghG(#dx%^72lu91)%eRafr+kKxs7exJhrwi#l41tETu7$a2dC7_ zae$e47|auDOU5jWwSE_Br+>14%?hE znas^Wu$)w4ve^8N+4KzCR34wKwwp|deAvk5V74vv4&vMlFm%oA)XweX&h7+BDf5rf z+6?7fNypj_-Mp&Q@l7cM&OJFR&t$Uj1iG7C&iVYw9$L?D*$2X*&i8=N>-5e570>}C z&;qT$CW9>(fPs0CjdcJ7F93s5LKfkgg5uhc?s9<|c#vd(0w~BPN3kr-Y7Q?_ok;PM zMA1nXxB&*8gx(@4U+K^fl?Zu|gqag9h2T&RwFnD=Q5{7H2Td(|NSss&tK6zB)!2ot z%A*8b&<1_b2nC*tApWZgJqQ}LQSq!4iO3Yhp`_PHhQX?ajcC!fBB}pS9Q$~O8u(J4 z6E4;2Q5i*uc8Cr#1Y;b|%5Eb>@1UI^f0Lj$pRERxNj%^4D z<|v7iKq6Vy)O^?i-Y^ApXqNZ*B#Q_oUbWN_9WC5xE=P3;NNov8B?yCvGJ1g3&Imet zK-HT-jZTH5ji^>pstq)K0dfilqI-#0B?(QfP1$$}dYGh2N`vCyo#)I|h1gZSNunxJ zhCxNteAU-|{^i%udop8X8C zlH~}#70PHK57iwV*45gC@ZH4iNpNtD<-ytL8QYz0rJkjfp9Q*+z@39F+APgeqy;OI z)6WrykXY7Nils_Trke;;h?t{N`Xf|*2SIX(NGPOtIHb{9 zjxop(>$GUf+9O)1#=0UkBdK|0yw1z3c@<1B88EhesmXk>cm ztmfTGUGjv;YTSXaEW(1^+GGV(;o-`i<3G0JJ}E8!ywg5it=57`LC)JEB`ZOl;##)l zTYfp9)a6~~WhisipL=3l7Up3lW*zC}V@Bp=UKDA=xnM5lXNKllR_1A@=4Kqap7S|p zj^=IV=F+X^ZwBXZUNUX&=5jXYeHG_)R_Aq22y#B>cZO#IW#@UO=V^B5c>c!ce0I%x z=I4F}%6r!5fEH-bgSH_mf|ub8^xVJvyg7!xkc^NPL`jI$5mLk%u2c31goX!6AgeI& zCqqgcQYtowp0@UUGJqcFlvZgfem3JA7JU#-++;?QrZQZeoN(|Bhn@))jR_&0Q;Mb( zde9bVF@}ct8-H2{;nOE;f{2>8r--Jb||19SDWiKboF0dKd?b zSmZr<2N;+JEV73ePy=QIYW}o`A>bl?@PlgDV9+t9>e&Qn;Tx#F&uOa-lXfzz&g#N8 z?8z9(GsY|?C7g;z6(m(sE{ca5{em*BO}la}$bHit<$+{)0{&%?{yLp#jA*OLv0~I> z<=gsF-I|@=YAoD%9Mh%+-$12Yxea4LoF*Mp8L;fvFouHVBN$kREQpA=u1#a0?RGc_ z>-25k(Chg?V4e)*t$KkQ9i21wWVjnUDH?sDOQX3zo` zK-KAnP>kjW@^;wJAne1&@BC)8C+pM!wj8eR8}gBke z<~U!3@bJjxta$w)+D-@?)>hOQ*YcR0f`|!1_vH*2cdkPz;R&Sm5xRcTHDHds4Trk+= zDB_M~Q5DB(5NIfBa2SK(p^iS!-i;`pgQ$&sNP{;p^syBQ-%xIZVD5=#;2wc91tW_#KvWO?Rx}FoZ5Z2YcXwTkwr!FX3;ImP=O9YQT=@jtEh) zhe%qEj<{=S$!kLSb0yQ>NSB@KCHTs@oH)pIphcJMa`#Uk59aNRIloyB!SZ}3dVQ9% z{w83N_23b<2QJ_uc2F_|&n1m;)n0mFU;<*Q9^%cIVFp?F3NK;|r^eBnOrVY?z+T+7H|w`Jf(ZhwuabJnA1+Y94Kk%>Y$O*6~gNc+Eo9Y;|BXs`;Gd za4R|%2+sN({!{UYi1|f``knF)xAH$xi2f(0x6cRt&=>vDC;iel{nJPN)F1t#_vR-H zQ7&3eLY9YDCkW88xzWMw=6bH^DrGXpu9r^b@yuji|N4$tW!2)H#d<64K=BKq5bC%G zV1Wj=CoO0Zi5n1=nHc%Rx#<76o{jG4k8YHb&#cSQD_%Y;#XeU#yZ29u#!kSyQWlQUYrOo`zd4W>I z4LZ@PR~II28a3;dhpAePZ2LCu+zc`E?(O?G@YuqK6EAN3cx=Tabu(}7+%fRz(x+1= ziTpbD?Ao^vS3dGN`0(N#RxfY zCnzBcKNamm3J&~OGf<8GHwsiuJS(Qfj6kSd8gv=qaHBH5Q!-QT#d>MSg%2u?$ZmA4(q7zK+Xz0aI0e`{Ovxz9_)^{ z8aHGv$|;|EITnYi=0IE~xecLCw~E9+_)@#H!QEb@wAcKAt&qxb%Z<{@b=$pY zyB)pDW2XQ7!s5+D@0>5F`}(|f&;%2-1UmW{^l#Mv3@SFyB3m4|LD8TnvDSo}O;8Yr zjPnnQl#^{XiAzVxq~ZdFK6>e2%{@Eq4BmY^?hWS6(cZnbkQ&es|5|vBdVYHkzpLW> z??9;|-TpeM=uq1H)4ewAx$pyxiP4SBV(jWa?NIJ<#?|a&Vvo{S%KSh+ggBX%0?=id?nsu z7Rp)9l9aZ@kSX255^&_eCdq&T6hgy~O45TK;V8lvK*0sXz_OVT>f}XeDa}ycvYH6W zB`SMqj4IfK6^R(8CErnl)Py50&OGOXplOk5va^uZeCK^k=|~q?l9&4EgH!Ag&Ku0b z7~kYaCebO-{;0De?K~)j;Hl6=Eu}Lp;iWxD;Dw2L0g{!R$0-5o%7Jp!Jq7&-LPJ`g zg_2Y{*nDUX^3esSu;ilt#No0IM`2lUwHO4vaZVv=M2oWnHd zOp}_OkKVMYIMpdsEyL55@X{v3C;}9uFjPzKBN@n4CNq^PR^l+#sbs|vZ*irhmuq*@YU=yp@+8MU7oLnqqBYR87 zQdUujl`Lj6tDwqqmP41-ENDZ^P^Fy18`L;0YE!G))v~s=u6-?RV=LR)(zdp?y)ABY ztJ~f3wzr=ZEpUT-uB4oU8s{ixXOo*8;WD?m`5~@1lq=okI=8ykHR(}GJKgO%>bl02Q!AF=wHGN%G?w1{g7AOMK!T=QPDG$p;g9kQ#WP!36Y}#Q{vf5*y>#v2V?X zB)nh*MBHgeevlJL>X8GD_~XhY@y9A6M-qK>5H0F}l9of_4^@~cBWczMKcwLWF@VHv zRC=>n{J{&-vH2hMFv1&#AvBJhnIwhgF-LsNl6}m=0WI0fk&B=Mw=lWMhW+SaD&mf8 zVWi7g{s^9}{Ao3Z86}}Ei!p?B>W)+yBde}RKW@TmC*vtglGARhVfXv))Lm zNfK;CZ$!~6$;YH$a%3ccV*yjCw59#}(S9tm)1^3q5h#X-Pe{2*?f8Nh;1DB!48sUt z_{5gefvSI`+SB0!x413Rj~T=W947P!K2>1|Fce|k`iL?Q(98pF^8m~C@In#Z@DF_e z!V3W((ze+!4=?9B9a0d47k*IXY-r&KqNvBf9quN7lmZM!X!D;+&2Wbc9NB7aSoPASd|9OMY^Uto-5sX1SjSZitw(fgWMr`4M^%?4m>I+ZpEv z$34DqmtQ0w4d+2LvM!476~PN{h|$mE@a}N0#26;@{;#q5fsX*N&?U=e^o*e$ZM(j; z9WLMjFRmC2A^AgkeJ~R~Zt#y>|AQPR1P7fPpYCmloZfMeYiNi)8o)Q=}%8Q*4dcg5+<4_XK<*s8DhH;+Mhd^#!2v0psx zfA8nj!&=sBCOjTaboe2aTKTQ#hww>9{67)D@XtDZ>Q|rZTGyK0B^+Of@3_~=eLmZT!r}e|FVV}?4nz~&?n&CqW z4jbus8Scqi47#61_#O-97FvWpFas~Np8K)jn{eR~hDHwx$*_$cKfKuxTH*g0#dyU8 zqdD3D@&f@5Qvis-jU^!8g+(RhgAG(!4z8aYz=9*jg44BGn(bf*8bc#KVwK^;4^&`1 zyaD~G;FZ+_4LG7BR>Pa^pa%X!7OtP4xZ5I9V(+Qi5B38MgaRp|T&=Al65g5;%A2h9 zLm~=cB19n(`q?bj;w@Ul82Z^LlA``8-rD$qq5Yx4GWJ8k`NJ)sitjaJDPF`nNW#zs zTO5+!n^__$#=@`7SKJj~kPR6cl)xYI12!DMAQGYinnXWL!4o0@KMWq}NY4b$VdSj@ z>qQS!=3%03~t%+p0H|vP)tCQ9T=>^q+Askp#Iy!0m2c4K_Dz7m9#?<%%zy|Qj!=0*;M2|cpVsk!6_Ic zN?wFS?tn!CLRLji6du!E>LBF_%{#aN66oZ@T^kr!0!!v)WhPxIAe}FcTPZ+6w%y>U zfx`IYJ2*M~;vh^FW}LDz{YSBR=8j8cbEpo4Lt!-KXch{mXn zBGOZoR&V_%kOrxc4k?iqsgWKjZN2D@E-7Z<=!hvPlSb)UIq8N$sgz#neo(1~St*uw zX-a76mWBmAoWnSHgPEQwnx?6mt|^B^X4I2lq{_{tGHOW_lU#Xfrb5`J z>eolPmt66~IfSaHjw*b8)acCBtE#GEv1)#O6sBIPtS%Oft8LlM7^PVbp7Y^eVJUD~2t_JtzTV& z#mdS=)Uw6K#>CHltja!ZOiZm!WYkgY!#E%X*FHtd!r9AKhRi}qtah3r-0W}cEYEI; zzr&9Ih~(YdF*ZQBbZIST0M11K&=;Eod#Za_rT<1TjU$E&#&e z%Eda^t_*}mRS}aPDl9*!E(x&iyXLMJfB`g+tk+8H4iLrWih?-30^h>M?Bc;Ls6kE` zFY>1D>b7ool|;Mn!^`@EA{c@iPyif+gBnZ#+2{ihw1F19nCd=&+Wo^lq`~d}2`fB+ z47|e3y04kILmH%j1&|0WK)?eWCM&o=1=O!t7(%P@11Mkw+{P`5&MnZcgxw~rPyT>| z46xAVvXC(d*=UG@;J#~H>_aDno!!?!bI%4#O$U)4D$mx7}@jMgejmy@3Ion4$~6z zLlgIsJ&-Oy-9g<&?(+Wb56lBA@Z-eh#6GY>FIDjspD|JBgBpu56Fc$ul0^89uOe(& zKSY2D^#hjZ0~46gI|P7`yh8%eLqCK7;;8^p%)*w*|Y&D$o@5=K*x^qtj@<bH?4q60;Nk>7A4Wt`loz-FyDsfb@Z(RF9YsNsQ1pU7d+XAI0}0R*I~(;x!2m|- z(%2fsI9qKwx0EGi5;0jbIA8Pc#(}r;(oIOU8nBWu!vs0xtHi4Q^-X>Aziv?u^GPSZ3oOGQ(JYsA*W3$PG3zl7UyGeN(#2g(37bb=UAl`}`KHD7g6 zWVIA;wQPHJJ%#K#k9BNgaSk-CJkv!Rr|~Bk6+ip4T)z}&>~=V>MP6fs_$G8IKeS&n zG+@gtJzN9XTtr60S|>*XK8*6>F}9H414*OBNuzW|V0LDYR#Hr{!FqNtuk{G0hB=t< zDV;2UXMuo+r7^|DPhIgoJcCO>?oU~gJ#azY3DrsfrV#$rT|EG?JP0vz_wyFy#DrJ) zP>pdsbi#Ebg>S!vesi@&ZWJ+X@ji5MRn`vvR|GbscRfsU zduxs&w4Xnmaz(_0n1KZ>uXKIicU)1cwfdngRP1Nd^xwKb;GR<99&RX{k~|nL;=0m4 zC=w4P27vf^JwJ6%$W7Y#0;YN`d$O#k$6XyT$}Si*@d5 zdR6TMF7WLeu!2v3IthsSyPCtKR|0-9(maU*fp={jMDPCerbeodMy^Ae@Y*_+hlG`P zH$#8->1}yL--8yA014EuKkRS+rgxkvHW)B8IZS{PX8U0Gz^F~OR@yh6Psgwpt3ebk zcO~nx#w&pE^M7QwTB-ZGr^l`;ioN>>zNeMG@B44`yT7aTz5DB24Lrg3hQX6pz(*Cs zH++*m{B}h=R82g^OO?fwr%9|WT!H+?!&Aq5d`XyUou}%^^Hs^as7Zh-T*3UxlYGn9 z=SgV%+s-`8*F1kVs>&Z~N$Y$f@w~I5grh=7~5ak+s}O57na-4{e#uL zwBh~8>wS*$J;nQdAp(BG3w~YQJ>iF^;j=5Idd zcfRL;KIn(O=#M_>m%izrKI*5w>aRZQw|?hCe&o~5g*v{J!oFB7VA#{Xj@rIby_Fy8 zK9=%+QoYsB1AmkX|4e<H6*`n?QKK1=V%#{BX;Y_9p+=QDl`6@a5^oySx|M5JuV2B2 z727pwS$<2ard7L^ZCkf%uSU!|mTq0Uck$-c8`f-6v~K|i7Ce}6+PDzs?p3^)abw4i zxAsN)w{T_4moZ~L{4g1KzWN5_^un|5u7rIiLgM~!!H z-@kze7e2iAIgz`GCs)4wxABn3nMao{+&M^e=dfqjzMXq_@87{^MgYZM@*!BI#ScA2L7w=KUb6L+!fbL^_Y5^xR8O!37!o2|kSilg}*)C5#Zi z)FccLH4QuBkRt;ZLa@ORNi5OCe;%x;!m3uB@50L{#E`(%Jfx>a5ET;f#2tC;akLcA zvXHPCVSF*O3|Xu3Mw@(W(#aNg8LQiAgBI3{y<7q!f~*a9)5y z%_-0UCrv1h;DsZ3x~L``HC<5Cl9IBdXP!;egklY7I6^Z}Ho=L*BR2!BLLNz=&?3z! z&H*$~Sw8Aho;1`f!j175RkI3mY^aZ(aCWGM9&H4H!U#mhqf=FQ?l|SoK%v0Yqb)m{ z$C+Q9c?KO{f%Rs*dA9yRC!Sw-*~J+`KjJ2q`sNX~*JQi=NJC$D!7(8n#|&58aUm)b zuqnea;iE)3nunDt=#h2KI#23z9!+}TXq_!YIaS?7743*!kOsatUn4X9NZxsFfp=hz z;Mw9}cg3JbnjVgo<_2_Rm8TO$4IYWtcCGET1mjwdxq!*9xe{{la@s2Jf{;lj!m1tnPK**aE{pFMP@%) z{wVQyruDOA#{Ny!mT;TDbjTk_JYbriS_WX^fYA>SAP#amV0t2ON>E)Pf3S#SpmZ>x z$Dn+&-~%XsYC*#3-=TzhLX*NF;n25xy(NyUv*uInkRisq_~XqE6$&`0Zg-O+E=_oF zj~15OdhFXtl^$|7c6-qrHw6mQ+nC1_06b*zM zL=gvlmcrfvkA^-HUR$I#w&X2uYt17`*Yb9^UWn~%*&|rMp!YqHP-at|`c&EACXYz) zZHlKV{?+=LXg)s)Zi$4Ooa9Wkzy39@Bm1LA;=p*V%F&E)&gfR=9HI{> zDsteDRCGXDoRbF@#J~@DWI+`EutNvNk-|;h(UT2;#yU>HWIqfLH5G2kX2|VS!WLrxM3H~Ktm2LOOO$A(v!Y( zX&nBDihB?eA1{DLEjHk+S4iNsrkw=>++at448sLSK!XWBXH=vP*F8#A3%dS{x286| z2@Jf5RWVh?wdcuCP|%v5azph6Xp9e<)Xmj7!Ang)v7%z!<;X2$khfI<0t#P%m3SFe zg+FmmO}c_>8{?TWH~z|41@v!6&{)P;oMXSwx}P)Tm zc?iJi7Ql;j{5H76H8OjQYo)^UX-I0rk^%h#WqLHYAP+7`I!Z@E##%UakBzME5=+@G zLv|ksrDQEUAP*}f0!7}S&Jo)mgYlcC>7g%%UYbc`!__Ok6XgqyoY5A^I@G0_<4fe_Z%;q(gw1dj?s4)FYIm z>)b2_aDV}j63zqB2O3B>>p{O5&y^&A?eqbO13=)%MGm$AQV;-9iZJ=wM z(=j*t(TOs1s1UeWO?Ud!p&oUqPrX^rP?8&|o^`Enz3Emz4%WFIcCka<>mj+$IMAMU zwXdD+ZFl?I;XaOeljj_5-?%_Jj&!~6eIZI`&EEkZ_{`k>A9?5d;StZl2a#Oxjd%Rx z)k1i~C!X?0_dDbLt0$I@YE)e}-(BV>WC04KnZE*BnFa~wd(PmI3YVZbu5b|@R&$q9&#bUq+(g1g(Jkl z>71)07I7SU}wvR!3AiM7HMFBW|2)eA|BEJUJ4@*SFshLVjheEV?1INYmpXvKobq87=v!< zOad8`5e{UL1iU~BUV#)%aT^l^6-6c*S+QLpk!GHe903F!UNIJ>K?Vkh8`Pi%_G%Vg zU{C0Q7k!a1fH539q&~(0ug0-g>h3w5@fh{-9C%9?Ib!boWFQmrAE8kd^|4o2;RlAL z6SR>VF;YFe5#>4}80R4wXz>MLg&jJ97U9uj;OA6i08`8%4QP=Epv4@rfEK;r1=Nup zJ3=O@Q65*a9(!>UArcNerU+(I2L3`p4P2lni^mISQ3mAXBWsZcFa=HYzy$)KDeWs5 zlZPFlk`@u+99RJ>+2Jaa6007PB(xH&A|V-F;36~fEg=mJfe9SpU|-(A8>V4UZh;1P zff_!+5>RqH!eJ#>kq3CA6l$OvR*?o`VHyI#CVOQa6H$tK;2hR*7v2#X>=7u@k`+DX z1twt{(f~Bwks`yv1$dw_(*Pb%Qwpe|8L}WTPm>0kB@kp_5=F_cQXcHFF-~vzZIJ5O*UCypTN zG7F@jzZeEN$1yNfQWgeN{#W+J63|3f%s~ilG7;yY6K=pV+3_@|fE#}D7wIxE-Gw3< z24e>EV9?|gZXq#u(>;5V7>%(bBl1*Uz*gXC7p7qgEI~riVI8u79`jQe*$^C)kpw!l z6WGLKtP@CF^hIGbMrCwHX|zUd^hR+sM|E^ZdGtopPzvdCRc7)9EJ0aHffl78r=UtO zS5h9QaXDiW79$fUcQFzwQ!=a35CRk*2Xsl@g-s3=9R?Fx_N5YTVM6OuK5^1R$J=7f7(gkkdEJs2&+eJk=#v(b*&3bfD3AIoS^-vKtQ5AJj8PzoAGAJFf z6qxfIL~{z*^F7i2q!RXT9Nv>7(s4=?@icc5Cq0H1?{P5lQ7FBX6~OdN#gt0Zv_Ye5 zLC16#C6EavFayL2_aXV!HDyQxuw^*OHB>WZ<1JXvuF(3z%7sTNi9FiTJAr>~* zapyrC8nInQG5?D79Jrxzj|Fv)#T!6ZWJi`0SC?2dHz8XzZ+-W7fj4-CcSiR%74`5X z@-QW8_5G6fBzkvvp*MP^cY5!(c)#&@k+&(Zl^MCOc}?PZkzzHdcYMjWd|lRhITCx- zxBfD~7bD#5W#89)<#&GRmr&7nJl8jW2cvy2B7R%ef9p4Z1$cnP^Q-jtfD40vEdqe0 zm4ONPfgw18@7I74xPk#gfh)p+p;dz;xPv{|d?z@(EO>%ICw+Y zt4KJ84a0=PHzUNMHwc9vPzHzjK^&mrBG9NJ=Ak!2iXYhFhbk`9YPvfgau%Bf3}~kobtzxQQ3| zl685P8I>9i)t7lWm>G4HG2(_%+1&&gBes|wszDy)c#@sCpC!7V_jyn&dZIB}GXA-sOIe4R7?oRj zpvO3&cZP_InHMZ#A3oZUDLJEEdYdnrN5%N1X&Naux`Astr!Scr!lS4Defpqcxj#I;tNyrgwCvrJAOldV{Zet67+;b=0f5`ku4;S)n?t z&6;|_8b{OmthsrtQ<$ycx_;N%M&~-NdD*R-wXE%WudCOa`P!bbm}r=Ku&w&94cmqN z`mo!Yh84T9b$YG$K^qKVvMIZ=C%Y0nw+8l6m5U0Ts`a-imdxbkY zwOL!3(|R9rAsQs(rwUss_Vrb_(2`M*cebDAJ#z7>;VXRLB?s^#>ZF_ zqCpx=n;(k709K6w1PvP;fFHsEdpbzEogB)gJZ6~<0{B2520^wxjnDYWI>GbK@jTD< ze9!s3&$UxZgj>UBJ7kZ0w&#G(Eds~&KmuMVy5|8FK>i`pK|vNqoB{wG9k9X6xqA_A zd=Z#30w&2GSb*O4VH9pW$5T2J5}_i}K>^?a2&z&7LLm!KV7__0&yaw}?coHz_!=^R zQ1jsmWcwoYp$n|KyG23NN!`@>!5$RNBGTd4ilMyo0SJcOyg`lF72&>N79MzE77%@m zXW_Yvy}~d2+`Br^Hyk56+%F^pA0&Xdal99bLAq5uBi=y)=xv3@J%h(x9~NQNgKgEr zK?vF)3$O>^i@*gyogdP{%gZbgs{NIUp~iN-8g#u>cs$z0nBxZ(9}>V`Q-A{mO};Ur z9|Cs26llJI*A{)fyV9N&8^)YE}$CnAqfPH$Il+) zss0aMY2%yT;eYMp0|4qXou7)_A|U9#v0m%BzM8T8BCtWx1dJC!{RJd=DLw#vP@vHX$L@$2%k~qAE zgri50{7Uj8xo=j;d_Yj~n}?1cJ9_lSnY@WJr_P(jLh{3w<6RDu;Xqg{$#9}VY;j8N zOJyS_(uO}B(A#G$fkUE3cY6H_Hf&gWv-t3{r=w{}q5Qo4dkZ(N+_>lDdJ~H`uim|U z`}+M0II!TsgbN!!j5sl0YGC)}+WJ+WDXBXdi-p(8g$o|l^fB645*q=^H_1(K(Icik zEiP(IWTZ#Kgevs-g~KwT0-XNZ=2*Y5gU#1-Tn8bM} zA)4WRr8H=mg3g#re(4|}(CotE?c8wYY0@rTfCkMsYKL>7K?*v0zz#gn3_~^Lou}DR ziVa2nUP(q;P9uhh&}S^Z z2xE+gxg}wZ|4;~*g);8QV~;-m2xO3Wt*BFpVWIdHksx{onvhOD$svt4Mu_8EIzowM zmRfGfrISkHH03n(#|G;R?oB$E1e1&l+mnS_ z^0*RBJ`~?{{?5`SeM%3c6sZ+3&qedou|pv9qczHEgJrT{ZLbZtj4Ip6vRCk=0Y^>& z*L(JTn!OQ|G&1O+*%aqAoUxb)rIGPQ`yk#FJb`G&SxN9jqL~}$2u`>Q;O$Kh=Y_{4 zPi7f!{NmGD>}C?wn$fln5CIlgtaUu+s?**!FCD8e;HsPZoQm z5yw8mxZw>qX;eYKG)%!8+VFxb%*Vg!!2*zqCRId(b@C?h(s{ZU~Ejp#9p`$RtyY8%`?a3 zjE4@ZS)?7>vs@Ys>B8uA0)Qncn9eSSo`1c>STdVm*^CwwK)z6j&V$}xq{qrwX2^?F zLKRpjSuv-SF*U}(n8SMU$2RT^j`&+g77QUj5ay2+BnX2VP!k@Wb<$v}9AqlnXiWZJ zCX7X})SV0BFfsLbEIN@8LpTwFIgGgmemvNPGrXmbPRL*n5HqF6{uoGE#?6&};io?T zIT%__$d-|bgu$FL4r>~t2GBU7_pa$iX)Z1f^JrKFzjn^Y@e+-|qh=tjiI6tl4Gu?y zC1OHGnSlM^oMIG{J|Y3ms|BnF<1iv=es`0WqSKyc^XMu8`n-|>b*ND?RhtO<6?4q) z9O4Ls3`+UXaJY;g=Ga&;-PnVy!H{e&sL$8raR=aN6dm^gTs%OLLZ5a9Y zlOASa;UGcy&Vj?2o&p_r)7(51D9MsgaAW&ehKX=$l6H*orKXetG&bi`qW%VTL;jSk zWy2!SqgDtnu|rP4Ma- zoTD4#_!P8WLYa9`0~()dT1m7j6ZT?FDmsJjIlO@m_l~l>=rxH}&#Pbf^5ed8Jt|HqtdQkJj`M4es@vf4e={YjA9MR>QbC) zu^~LgwiL@)EF*pk7-yW90^@kcl?lt9`t&D2O=D1H;<1rUQsYx?{`SaBZt{U(6{aIi z22@Vo$v%dKmwh-_Wcx_+jjIgiFy{rzkCF1U%!L{Ja7G`BNDe+mBNox1BOM0lmm=ol zf&k&fUg${yRd7-d2pp%kH(3X3G`1oAxgZ7WSi~M3z)3m?K#!i3 zgeBNcik)-mBY5zlEH_C>Nc7PKgy)FiY?rme$8_r+g9RTFSQe9tF`A*{>6HO^dydnTVeO#g1HY-NG3!)Z#Ln#r1m_-+{yZ81nqid@6Dz66ZTEVroS|02#+|pfGleBz-IN4^6NYZzc~)*E(sj7FJOb#V`g`XDL~+6+y^#B>@gDmxL%7 zBoCMmXz&9xsB{$AC>KbED3*acK_+qs7XIY00KA3)^RR5?(Sjynd430YCASZ?PP5UX{nYzsg*nN zV?h>VfkI?zD3(G*mTQTZd8wCs$(Lo>mPLXoF19H!_L6n!Ja^fbiK&>2$(W64RDbzo zhRI5Z>6n#inU{%~W(k>!5tfoEDU_L+p(&c9Nt!CTU6kdS)B~EO$(pU{ny>i}o0%A$ znVN^Pnl{1@%uo&ga1CSr@R4+ulIF0R9toTp*$)K34`t~Ou>hORshF~9V6_=Hw^<|p zzzEU6o4!e$27r?MP!_+*oyLirWqF**>73`8my5wg>&c$&>7MTipYbW5^XWv?`4&C# z7Wl9Lkq`kSfC|^J0cnr|RcD>psSh5J4g&xPDbN7B=?}H=056~i-02UPQvs;(5BdNE zdH@6T@D}7iAIbSrEL=L@o}g@55V~`50C<4 z@DBx=q2(tH?5GFhxs&>k2PANz|8Q~{vzrMD2t1Gi2+*PEX{BiiopU9f(|MD2!6x|7 z0Lf`{Kza=(@T2~-fC@nRqF0xkPWTT%@fP(*3w)5F*QTMp02lb60LcjsIl!d5i4QD5 z51W9Y{-7P-`J(@Dobx~jyQvSu`49C_b^pK)Zj%A*=oxCji?IK%fP5O0d1^4=kIm9E-5N zi4A7@rUp=|#pLz)5rw7a0ou^;ohMamD3#}BEH1O1=_=sJ=} z8lkfA5BI=wFAxU-`xgFS2idW>>C2Oi>o$;kG61W-@hiWJ3#%+9n3_VExaPj-0>AU? zzyFJ#u=BOI!1TW^c8DZ;?dC<7Poa%mn`ya06FxVw}WG?8krns;6m`PYi)kY!b3E zh!baydSG$pr*RzTaUge4oX8I#ngTZfbv_4lb=Gq~7j${30V(hUG4T#4dIaQ#6*F3- zbM|>4VGo*-0sZ9bWR6#Qg;?rcN15abv{vrCgF9sJj*g7c4TKMDv@-3 z49L$6%|YqJ4@bc}fqWm>3wVbPS-ci~#}9u;dlxYfKjCa&Tz}?l0Pnzr+Ym__!4c$^ z4&F=-C5MhU>;W5w7@;?MDNuU6XL}BzdaTDfpSa9OV1NeLgo{Ybx3~U<%Di=z*LxfM zCecjM6>XK%Ji&Bn&2@*(%h!AwaVMA)SGW;m!2=vO2`cS_EbY?CCJ(r9$*gRSy+G3`xP2rs zh)!)7Ls*0aaDbb@oJf57$11XFP*lK2kwwAo*oie78Kba7b($6rrASIohQ{>$(eg}k#d`9R_Q zjOAIrkvQ4qaW3aZF34NimA=#8{P4JKjwP2p=YQ_U0?a1_T)={Yz>C(+PU%8o>6i}c@vG^8!Reh2B%dDYss6L0{wk*4DyXjN zvEHhz-cPR1DzGl=x$c~_-WNJ%>s*5Cx-RUksh;#{?8lDm$*%0np6tOs?9VQmyv`TC z{_9%e?9h(wmMQIZUhR=`?b#0Qi@EI|*6pG4?ct8@dpYi7R_>E>?&%KiYPs$t)9&7` zHh8h@3sl>0?+W6Dd<2(zy>^*N}lkA^6m|f z@jw~EcW!H89%~ky7Z{8(8vN#7n(-&km|u?P9&b09al)OE!ZqE+dcz4CuuWx$3-bXU zd$Al&QS&!n67~Rd#em`-0>fJ&!;v;=nsLLIro$n}!}#IDiw49qeBCfY#QczIF0g8J zc=0F?_T9vBTaU=N1 z8yCqTw+>SZ1EMVw)u7Dz5Cqkbb1wcM0ilouC=e8Iw$~(K4?@rkQz`>?@Ivtn56A%` zwcIba41u})bkV`fhiwwTOofb%dJN5GS05tDtjNBNc9xI%-S3f_55;GX6W8q3+RV+4 z=FNXcY$;b9*szG$(F?n$i1c6&Cm;_!SPugM5+`R7froYb01%K8|GlptmJ}aX5?WD8}i|8II-h;8#i zj63)teEM^M!sLsYNf83(fdv!-LE&WNX7Ch zE0G#DOk|T)c3EbdWp7NJQ=d*W zaKVj|3?w+RytW|<0}&`Y9YceXR4Rfrw$_ago}=$#a*sF5K|?e_a`z*{prs^^W{Bni{XR2_;JNNu^(9>hwA#)~inI61 zd#`GAhqW7i-L{=JkwMIAQ5sYI5ARYbq zNAcLvQ+U*4A&w?VopkTI@PIe9{$sC zU9~KE%00rdgPUY!E4@-d$4!ff3Lzva?Y56hrDY$`uq8wGfk{^eQ<%T&q|@f}kjN>| zTG-OSwpwDMeR*mfYH+~=;E<4YXu$h=W^M z%Ly?2Rkvc8pd{*eOKtM828`HaDE1h^s^*}Z;Y33kr7Xs5P=gU{EGir%{uz>Bj+)e= za8FwIpvoR0c-+_WG1I%cXdx{T zg*{j>mwk*vH#lNQIu;8m%mAUZw9*T6xCf5|?WeJ4?ZR5ydfY|6^_UJx=3I4hmt!iX z7=lS@u#m$KJf-8h*yvDhc`6jjgmoW~m`zP{D=6*aBB1(ML=jvNfhr6N3D^+oOcqr) ziBQBM7$Ma{Xay3HaMe{hT1iZnvmct+WVy?0l0v{+6yqXS!hTf#t}IOn5$N8PFMa{c zw-VwL(O3#WLHW~eQemRA;xr-eK!FBmfQ$0ZrZVY308xg!jaAv73wR6Np z*a;ZcCq28tIv~(97ocRIGBA=oP{4q7IOweH;%7zS_u<6WwIzwv7MqF0ie^<|X+3WXKs&l>GUl)7ZX-9Um z$DMpa{A4IY$+}WX&h2}5AKc~scPDD}ZIFy)@%|<$X1*uhd430c<8>#Wgu z=Y7{|e|z9JON2Tke({ZeeB>uz`O9bi3V$Db=+{y3VB3A~t>3HXM_>D0%6<2*|NWd~ zfBWNakM|o1e)NCO@?<1``-MOKuf;z7^G}HQ-G6`bm_IG@r+@nGkADCx3;p8>{_8*R z`@aB8K(G*^M=CtyIXt~HKnb*+_3I-Ayuh!ZJJYc{Q6eQunm`bIp9;i45)>WyONm@a zyKw3{wFp6#%O#%JCAUMs60E_g*t!*5{yUz)w`KwqMS!M$qp@sx0SIh}z(Oa;;fsA( zhGW`?WEjG{id}YZUUQkil=$nh=szZgwQ8`aO9X zXsT^wiABsBpFpv2)H89^k!A#({HlnHC<+DJwvZSJflLy9VF~5XM+EDxgy601xsD7Q z4ZIi*f-J}qJV=;G$SCT`VeE^)2#kodDMrbFe1L($D29LPk9}wcP?&~-=t#xjED;mQ zk?{%>vvAHq8hMU-jD&!`c%K?30 zf;cD`6|9bxll~ZrS<9Exm~E3ekP#W1E17J`xq;$2nE6ba$@^T+o0QAPL$M z&;iB20@XoF%7-YhHW#!TDV9 z4`kCe9lpxDlps6@G=w5_E<3$bu81Q&9nb;Xi2@u{%5&301-?YpiA7~p#dFk0 zwY^BKQ%VIvOTARq%hWL4RQl^wPZd2-g^21C)$1eGQpLRCYd%Jayl#32_AH&A5;)SgjgcFjA@X?GPBr*s95G=M8HYIgkniH zG{b$GsFMJwGSoSOf~|x4*pOYHdVl~EDcNzl*MjXbFy+^W2q`uJ#FH}3i1pctMFK2C zCXRiGp-sxl*+hOIs)R5qSX8QBU@E7ADpRDYRKzN+YQk%8$duE4}iNG$RmM*b&Ik19Pc}8<>lOFa{BLfPcc42slT)Ntdv)2YV8!bQl2s zHAsQf&|AJ`m-iCOZrO)h5G=g`n{`YrcWkZK+6{Sh&3dGV*rc@hT&;cN9>`)1&m~)e zHCqBbShy)Qdi~Dm;){o@F5R39auAGq&@7YimxE}Md=Qi%$%k9>u9&K|BmIyO0bb$N zEw7|6)aeE-&6$+kFP8MLn*cDFGzpn(tht;^(QHZXu?JaUjR70jLR}@+{Y}?RShb5? z)8xyfo5BEEstk(P`rZDdhiL$XUEm8oQ;d4Juh>F`j%*VD1z_yl2SoH6v?Q|a zhz_Xgjo*07CJPn0tVtGYe@^pHb45_VfnMsqYB$xjfu z$Jx9z+uR-@Oe_RAIeOfY6jtGjVqtZK2;%fZ1M~U35qX4}dnj723jRGw6IU z@Orbi$dn>Z1U&9aCB&+lpa1Wwgd?``@~vvv*It@&-S?t`m}*D zCgWi;V`)85ZAs8j>9-x301}|vxsV3PU^vS_2ylpi3|NOW2m>z&D;Cp$BN$vP$QF|5 z$RUwsTDIk(kS<%9ToXT{mnqVpLsIrR z2)O)F4d`S~4kl2})_VOub3SLcYTpIR!-ZXE>uYCs-Xwj6U7V$7*|X<+&Lnt^S9+jR z_~qxx^XGq7By;^!;z`#~HfY{M=!6C&Y~4eMj_B2$=-{hpV7zF1&1j9jJ&smLkM3uX z4(Zk#=}9eVHj-$R9<_rVB9=})mwxFl!yjG9X`S9_p6+R%{%N2NYM~x#qAqHqK5C>+ zYNcLkrfzDde(IjCX`9xf_wWX*zG|$_YOUUCuI_5D{%WueYq1_{vMy`0K5Mj2Yqef$ zw%+QKo@!UcpSBijYM5)gzH7YBYrWoUzSirvhHG7w>%PY7{<(GN$;NEZ4sFpM?X%YG&4$*_9_-I1ZPspW*A8vd zK5eY4YOodt6*vLh&TZWu0X6{Z)qZW@4sPMz>)4j_=7v}(Z@p%Q@Rn-q{vhqg%NOG)Bh6fOV zDj4ll-~g*$hV}LaPM`#B0PrIR0ZS+c3pj-%w*ole@j8fwQgCo@NCh=d1`ziKR;ch{ zpmT4yg#%yo@YV)L4{mKhfddeOR)2M?MsaPh04IO)5JCYu5XJBAte$dYq662t@-xqB zEx&3A=ko_A11|^w4mWUT7=%4|_B}v^G$(dDka05p;P7NRC_#Zn$<;=WsdicAhr_W4G#LV1V#u1#kxj z4B!PlFZ!PkdT*!&0;dL3n1+7$217sWY#0DN@bQE91{BX~PY>^500A#>0aA}~!ftl~ zPx80N>Tf4|iwEwfe{+uqcwWec1-SK*FQERC-*x-8l)cf1lvnv+Cv32O`ItX;OYrax zxcRKkd8^*}p0@;PP;(x?_B422PLxP{@M==Y~3Hd{zj4qJMBRsC|2{`y%V^N&wg(Re5~g6W0-;{Ief&|@2@WQtiJpsX95>UfM$pGXs7&mw|30e{LA-taK~yr zmjP&B1JXBrkEeEkK%hYbiUqv9Edvyxhc|JrQdF?yZ6d{r7B6DV=uMl7gWj?wm`22- zH)T4eOq51|;;bL#Fi@n%iGjyiH~uDS10vDet%wy(qSPpKDAA%8yFn7;4XIL2lq&v< zDs?K=spqO<&8l@P*REc_f(TL2f`QJ)3w-K{s6uV|jCC+33(zH@(&BAnm!gVIUAuOt#>Z zH*RRE)T*Kx4F;0h53*|DO(xBX*0D2>FTW^lrrJg>HRX-$)wllt0~nxy0}@!Efd>{? zmx6R5rcqvd@ny>if(=%f{!k4L)r=YxXs`n>p6%ofE0tYji~s|X;6`ted6NtZ8oWT7 zY2A5(B7CKA_yS|H2^T>J6hZPMMYSZLObP?_z)dGPS|W`Er`)o@E_MhxpHSRHLIDLl zJmXYK2M9FKQ@Ers!2?rpQwMjs3Gl!`92_)E3J-XQ)B$d4Faj@=g{i?)Rsw2eeMwD6 zQ7QY4)gOY3GTNx4k3t%$q+%^tDL)uu^q^e(jH4i7%T|SDGTW@PM9G?~w9`^st+m%m zwX1@?RwRxly=a^MkA)g>`>eU=qMNR|qehFZyYIpque@k!TUWUhWn%+6^zhrSzw-$5 z!%+9GTd=_gBdlz@^D^A9!w*+mFM~xPqrwRnW1R5_ZV*Lq!XJYivd9-L46(^4qnxsU z63^vvt1gcmv&=I)Te8YG)`lz;wZx#q9KZa3SiS4s`-x8t6>?z{7jI_qA!9=q_vV?BHCw)dXA^2;;dyy(Ao z6+H3NQ?Ih|yd&?t_SQ%CUWhH5V zMB44+g;j|m4V&o1veX1F1qXk7hIG9xZGQCLG@q&6|v!f!ML$5*zf=Z z-$6}qaFZX{Fu^k$5KViGfQtHjxyp?pZx6KDj~oJeGFnR`Y?ktjbTfx>@uVx4NEWi{xZcX z3iF3MoP#sv(ndW<09<682P{BgQ&7l)ALLl%4M0~6F%l98dwE9+TyO*+G~)zR+{Y}& zfDK6U!yYg|$1I$gk07ig1qgt_EPy)Ab+AB>qi81(^xy&t#36b4xPlJjqK__^5sad+ zM_BnX)~I%XF6kfuJ$@ROd_W>?#|(@KLGYa-@=VVo86A(rC6! zTlkQ`JK5;QVw4e@b*YCr#c2XCIuo_|00FoF+lyHwf{-ex#y)Pbfl|;>oF1TMOre=j zegH#^;SfR_vd~c164DB9+#Nm=@QOupfQpZ#%V4QE+~PJ=oN3)uS5fQ!Rzs}Hu;c($V5 zt2O!Y4hKL`ykl4~KU&NBF2)$_kyrj-8Y2ORRI`ZV0*+(O z<}pIl&kD&@?H6|!>kuM7Jy6)%p;rpNCyN0tk-bv19a6DC!mpw z++w((wBv=KJwousoRS!lqSXfz0zl_s_cz27buGX6LdAK2ZXAI&otmFI-AjTXl?XL& zwm0d^ROm}C!?q?p_L1p#h9lh;WO7s?Etl!C`qcubEaxm`+4^GEE?L~73%s~rP5PQH z(#UXb`GH0aNWq8ic+pY8We*69!Iz~dQ*QOqi95Ohf}$0#0sNFHgtYX~5~1xmN%%VQ3QdH(qL!zWVu4Ip^&jMD=ccTzeG zs=@1|FP+qU_&C^I5C<9ueBf%AZ^0{d@L(pqX-C}EK2i~5iRB{-i1K!GQ zU(nktWyM+dy)O1h0Vr7p?!-gBYkv@^Q*5l=a&xp(%-)4sc-%7BMtkc(?0jhpLp+sKm9lp|LEdw{`b!v{pz3p z$=D{j`{O_V`rkkQ`|tn%6OR1R-vBPn<>ik1{=r`YvXB50U<1Mn`-u+uDc}TB5Cb~k z1zHOPhK>YMULBjWpbh%q+8AJ6)ZXneQ0^h#4kDrV^xzLNA%T!y2#wI`@rwzm-j*fd6>iTGHsKcj z$9%Qbf*juFVIdNA3d4g5l~#ncnWXWfRTeaT?02s zqj({~evv~&7FsxA!$H}DzEu9C?ljkPr9gD~8B~#^brF|wL6Ey~S5$)6cZJt@QCCUw z55K9`M6nk)!sK0&g-n7WO)`j0>erk37l1|6fc;fiwb@`9QC#Gs7|8=HOhPgolppSw zp{-bpy;MmG;#Hl)AArkN<_1mR_Gu7zG^nfpoLI)zt*5fYfCBbk{Qnhj-K$OD=5)MBnyFVKTAL?(kx zrWjSGT2=rSI8$Z@K{9}y2q1u1<_@AM8UZlc6^R-x0a{#8+DBrVroksrbs9f>+BCN3 zl9k%2r5arACO`P*fc~BZaMnc_uAZgT+O6f<8}V8mDkiXjPMZZAU!;P90UA>w0X~#g zo9z|oEG0TnrXdwtRJxHpuvS%`E@MDf=)P**)sn z(OHx713f@#{;PV0l$IlvD%=>-s{fe9s=8{fW(BOel&s2Ktpe-rG-*`u!#Tu-t|IF{ zc%kMcXs|kK>I|z?@CyJ^YqeVIwPI_wYU{RgE95+(=}F-frk?ISYq|PPvZ5>A^o#@! zArU&z-dUl!%IgKCYrW>B8`2I8&g;I`MYP(huIAvn^6S7djlce@s|GB~=qthUtHB;D zlqRgiEG)y$tHVAlfkte-ARxsuti@ieZ`xnCitNaeY{{Bz<9O`H;$_Ba%f@o-z^1Iq z!X(R*>&x1#T*R!*dLzxI;>~hw&gyI_@~k-eY{v$z%nog{7Ol}9?Z+l9C)!fe+*Y(M}2J7@bxZ~y=R literal 0 HcmV?d00001 diff --git a/Media/Images/ReplaceCertSameAlias.gif b/Media/Images/ReplaceCertSameAlias.gif new file mode 100644 index 0000000000000000000000000000000000000000..9253a824373dfdb295c7eb46360d8e7b5f3d8160 GIT binary patch literal 15262 zcmV;PJ7L5}Nk%w1VM_y}0(SraA^8LW00000EC2ui080a-0*C(q{{R300012T0EGbn zH~K`$~!9|IWnv{EW$fHJUlvOK0Ap!Ku|kG zbv;vgIZwenX?#0sq&sZ1Id5d{HO#rM}1*ltAqgP|3aaE>#U!$L%rmDiHw9&FubE#t?sc1f`jC!rFtEs=*u-Emd z;r_H_inetwsPyouI%B*?Cb3I$A|gftMKvm{MD8F z)yDqnwg2qI`Q_36`{(`q$Nl}*{{Hm-{{9I50RIUbNU)&6g9sBUT*$DY!-o(fN}Ncs zqQ#3CGiuz(v7^V2AVZ2ANwTELlPFWFT*({Vj%brcUw(Z-vbL-yCySMM(z=I1PPQ1ABiey1cV9k z=O2Iq2}q!U3|gdMiw-$R;zRpTqhTC1DDz^56<#sUaQ8NEpjN^o$Y6 zLMGP3o;lh5SI{?4GDHt72x0jmlV!jNqBzPhv=1~C(!u3ITmC~&nEe<-1uAridC)%3 z*jbQ1xXkfJ8p8NPrhbGDR?j90Z6e-3{issrKkK})q>BqiBx8g@2n1v-?_^34K8Gy% z&JlVJbZDZBHu`9!lUDR)gZ>Xzv`;Zgw6mk9oBmkoKE8bMszC4100fBI(2ylUr<$_~ zBFt{0o}vU{*-)ol2J-7aixMkkPV*8IhNVK!hI5Q@sszSUvA`m^C z)Kd(%h32~#Fen-{PBZ~JI?y}m`V)>6L!M)g5$A+>#XtE}l8h>w%ppZ5|Ga20!bG}> zNrg++D8(F`#43wkp)SO4i2$c4Ft7z5obbX87xQq$ z6IXn3#tUwou*V?(BQnV*|AVs1Qn&oFLGKiS;H?75tSf`>^gvIg1MfganfMIS$FT?T zdnmJXEBbG=fi$W#{>J*4Ld6u0l;g$?cGSbo9Bz#GkC$jO-OV>>V3PPb)I>o=Cr)=f zP&$eeWN?9YKnOV|n+$Hp+0w*ugBW?}w!xbMmH6aRx?jPMV7DJ?$km_CUN7{SG`@R>x z@s;m<>04iz+}DooeIb75qMzdKH<0}8uYVl`U_n4NDX?X1fMb(duYg3LIUwmBN+`w$ z!SMraz|A23(lZC$hG-544g^aXbW@nX@u7VHj9UFbhPsM@F~+s%Mc?>BJ317LZDDAF z1KEc&e)x}hyzfKb@Php^^&%N@@E__phY8!JjCYx_gWLEJllU-&MySV&62#*N-@$`( zl<|xaLr^?Q1-(YT#Ci&WB%^+|KWB_fiQVvF|86miZ>-^6FM5$B=M|=XSfdrvSdcR& zb*ZqOG8&`cUlH_I5FS~m9W)DLF{1Fng-8-1l6;q@v^PpjYElWD^du-3B+5&&&y=WC zB`d22O<2m3mIdjM7B#gXTfSmOH1rdZuGOh|*kBx?@PxDyV!d$;k#6q!B@zYpqIB?} zMdkj2M=o|zj3-%fY|`46K#R$~u#K@G{?LXq<m7Ko#W0rHK2jY*I-^r{Z z$}?|iMG!nR@diL(C{yzwRX^PNPrnBAULR#^i_%dwsTCs)+-XHav-HpfxpA$;QvRy; zR5dHqT1T}9p~u=lJ63AdHnr-i#v!VJy_Fi5CDG_tLGI?WRY~fLf`k|&Y|uVFFpQ@h z^kAd(SI-feOpN2=hokmk$j!D2uzzP32$+iW_148_W$RuxE>{0BL_mJlu<#LJ8V^BlwsqTrR8R%iyR<22@I zNWD4E-I!XPnS^IOe{4e}5@P`=Bn%fCskq4gM^5sRoBZS`Pr1rh z&hnPK{N*r@xy)xy^P1cI<~Yx}&Ueo9p8NdgKo7dmhfegO8~x}=PrA~V&h(}`{pnDT zy40sm^{QL_>R8XZ*0;{}u6zCKU=O?4$4>ULoBix)PrKUJ&i1xfy#;WOyWHna_qyBt z?s(6;-uKS;zWe>}fd9MO2Tz&68~*T!PrTw6&v?5N{_&7$yyPcO`N~^9?~u+3+9`#^{Dzd+Qxci_U z%ZR%$;L(CWfxjN=h(rrK;g9$0L;i8sfiT_=4=m8%{*my1_3%H7a1Pl~fAw$;(noy= zSP%D*1=`1b-Uoi-2X`}Y4*QUPsQ`Z1;(%7r4)2$MapwZT@P6!23Hz5F;KzPvV1V_2 zCs;6l2>3sd-~%A|e%GJ_-JpWj5QC2Qd_cGs(KmhibAK&BelAdb#DE1dpbYv@faTW$ z=a+tPw|?!%el5^~_qTv`rvvA}4x^BT?H~?Z7UyczA|sIE5qVgq4tm=Aa69 z7lfFI7DGsVAJ%{5=L7yQh;m1MaR-T2$bN3PhtyDpbJs=JCwHtkf790jFVGEG$c99S zh1jQkpeTxRSBvn_MfgXGdq{B zk~r~=@Q{T2zzo_)j`){{QD}`;n2PN<{)=-5jC2=^?l^$z@QS!deY$vrDY*|Tseaj5 zi}z5F4|#WT5DX0?ijWwQcvy-Fc$5D#3DyXAE?@`Apf1`7k|NoaGeMGoxPu7@icx5k z=GP9qV3o?Sj!@|hu^4y4ICnOw4<@ONJDG|;c@1PacNd6&QUj5CSe13xj76D_gb9tv zs0z|om+9Dr?GO%^=#`TB5@0EX9dr#Q`G-yTgy>j{@h}OCSPz5fhAnsxlkk>s=Y{t$ ziD%Fb@GzHHaDn}|hBDcPJqd@&2#8Mj3K?jD5=o4LNt=@>n=xpLAJ~7PDGvTOeZ*;v z@z?@u5Q>pGnbfHgmDvK0;1ApW*L~j?e!LKo0C)xn0)9Q%ehrwD^GAS5y+hsNDAHXjBtkn)fWlCiIEA(o+jv!*4TpJ2ZQ=(i1m4p3wjNA zU`XWok#bj^7>W|ix1k)mjT!o(BGI8DI-+m~q9zIwB$}cddZH}K5i0tk#n+-TiV-kc zqrEqyI7$&Vx}&(4qdxi&JQ}2}_oGD05JGySrB|d%iV#TJq@A~c@kI;Lb=re=DkXqu*Kx~6Q}rf&MCa2ls_I;V76r*?X$c$%kr zx~F{Fr+)gUfEuWRI;j4HTBtL6YZcN6eMJz$G%Z**SQ6oC5YZ+cAt+@6SP3yc3U+FO zMG)jL1$Dv@mU>wqkq@rWLE7*kpNa>!5NHZPsSg3GhPrb2Kn4mXDCyQ*4}qzW8WEDZ ztB;BifE26;;c+o!5Jct>!}<}IQh&+H4vVS~yeh54I;$k7TbueLelrEapf?utB*$|= z{csCYFbA5DDW4S!l%_inR3<#MMXL}CqvHnY;wHF8To^(;&C??DU^;Yl2yuX~5TpsL zQz#+Io zG2FUB9}6)k%l=)1pb2!KI&$zhf55TA@M0eOH-SubN;v;I2LdY)ks`Fh@Ux*q zu>pIj#A7_UgFIX03wmU&j$|-UPzA0~UbV0!`p~WFgGqPPJ<+KRTGT!0+G6+eB4L|H zVdM**Ks#KZ4D>)#SroOg5Ml~8Kj$DpMFTevWeD;^QxL>m2Kyj&%SE~*DoM~VD3%Ud zG%FelR`>w8=R#9$qhO$tt*VkfOES52bW+;lWQ&_n<+imML%AEvwbf_3p4&G1b159Q zEwrP${tyifvkebJEqEJ3ebo<21~K~cw}Jatg>*=G^db5XtyJ4c`=AcEAO*32F1r(1 z3Pn=M{z|Ip`XbfqCJZ$YS4IzNPz;`cLn&r#{j;&dP%ackE#zxpt@0&ba$Q!TqgkwmSBCAjX!@v)rfCFWcy@Klx>Y=`V z%VSJs4}$Ag*@GbWldg$dz*s`MVKcotQp%P)2$*XKnmc5y3%FkV#6`Tj9LcDNEDXS0 zW$|0D5gZG%Yc;}vE{4RuJod@cgFsbgyd$GUw_hd_V;QAo;)uoSe+%Od!=q4QRj$evl~y-3|ZzO<}_gae&V~ozV$h!1pX|n>DrH+@kdm zV))k7QjHe069;*4!c(2qTD{d=-PKN?@O_6-5At9R(NN8a zJ)`o_aELJulwH{;dfAbo*__Ry8U`7o9oiULM3aHqrk$anEg7D@+8C;Fk#TXb9ov;r z+O^%4xcwNro!i~m+l>L-zKw~(y%@zk+|LKx`!EX+6B7LJ2%dlsZ2quSys}j&aoos_ ze9Fz-BJtex7e{x(-7bOM*&Te_{V>x|0j3ZGM<5M-Fa#jb4bPnhZmm_~umK~&-~J8Y8LnCGa8hU;=d{3LnA`qVOc>5aJke0tXJ=`%nw|GY=jx z49op6{UGE2K;zaO5t|SIEKtqzzybk~;R3PY96oy;5$x# z+n@oKJ}&7H1Jq^i=i<&#nIB@cEV?-(7Q^0T+{i_!8f z|MHCO*oFbwlD*k8uX}lI*gpUBKp*r!kJvk3^hSU5NT2jdzw}Js^iKcuP#^VDKlM~! z^;W<0kv$Gtzx7<-^;yIxiTQ{rG1$`F)}9l;3uk zKNwV!`E4g9g)t7s>iLCl`Fmmdq%U@;pBJm2`d`=jcLDpZ&vmk27qvh8S$F$$q5HUR zb-W)Jzu)^)7yNHQ{K5})#@`mnfBa3i{A>Q<{LHU((4Q95AN@yH{bzyw)=zZWZywvP z`l0{*Vb}d+LH^?JbLOuT>3{w^xBfUG`|A>|m+kfE;P@0_{|n&{g6j%|L(PKy*83PfVwd{bYSX8CB|3s#UFC#hO*?R<2zq zs`NS)tV4g>BnTU5uL&S?X3m{GfBps?I`ml497#8%r)6ka3Cae}Q-QXugA)M?z{1DJ z(?5Gogv}E|B!B=w|JH>GKwyPScr*iq=oXX)fmj0t6E)gx8*SUT`JfULh_F#*;g%$K zRBs!EAsvp@mH=xXwb}(bT`rwp|9<}c{r?9rqtgO}Xh6Jrp`aU^9{H^#_@%MaX{%HnRN;g!6^~CiANSC=n;g6WbV3dyrUqLP?Qz<=)@VF^bzHY zb(~109&Tz7W}5;yv1X}#su8B2UxG2mmk!K%ia;x`#4<}Qx8$5bYjy@Pv-IMo!HDm z1(;ui2!t+uXn`OR*~Hm`3Ns8Cr^+u!CACyjPem1^FiBlCAs%^kxD|g7Vp8u%2eTRZ*vS=%t5qv>|{BW9NW{F3GCdLx4bj zB}k^pQn`cx-IP zA9bP|6sBIzGA@iC+F27<-Tpm+fKL9+SD#=o)~O$4>T;%sa^x)Qf>1GgH)feYfZcingAz4y^@_dR&whbO*x0f9F@dF7X9o_D^pe7DMpc#*e0d+oR9 zUcczC{Jwkf$0xu1=jL zj-t6^9rd_JK7J&Rp!s7T1vyAUf+>xKL}VfrsgXc>rjd(;WF*!2NX}4Fl9$9}{Vb`O zO=i-QpB!H&!y-yhmeQ2cBV|`oc}iBcGI*=Bqbp@O%l*MpE4HL%E_FFGTw;YZW&~z1 zh5k8AViwbw$3$i_mAOnIq7i)tiAFu7IZbL-)0)@BW;V6CO>TD6o8JUyIK??ma+cGa z=R{{Z)wxb~w$q*Ogl9bEIZt}lGoI0K=DL1qPk#2(pZ^4CKm|Hbf)>=E2SsQ?6^c!K z7NnO~+2=wfI#G&N)S?%~Xht=4y;Rk#XGLpT)r!!oKC>Vqy{0+Jy3oR{)vkBNYhLvV{?4}Q z6Pnp{9Yq7XSHc$7u!n_eU)}guYz|hUjzw%_B|BNll2oy&aw;_;tI*9>*0Y}lZD{>@ zSyW|qnw>=`YDK$R*0$EQJk94~-wN1j%EKBhv_>$_Q4e_N!iCAOt!|}hTV3o{9-M1o zGR_fPYQh6bw{_ueHTzoXR@b^S)ki33uwCwYLY&$FLN-?>jBk?mRHl_CWaV+PddS1M z=YU5ts7c&zNK-Mzt%o{rm(GHi)*(M1g@K2@{93{=n(!(*&4;2aevz@Z*?cT z*)*PZzV(e`9f!kO!{srz+bfPY%mEFT2rsy=S?fPE z->TTQF}81^HLc`*m)zvnt@gF;t8IbPgUIbIM#6u*aB&+M!=;V*vnvYillR=`h!r)d zO^s?*uR$K`c)2`c&X@4cnwkv1HAu@nkaO!?us_Fo)+KA^c%WI$z77Wzicp?{A6(}3 zxU;XP3H5PH-LJFN^+b8Db-LI6(+?ljpm%O}zV}_)c$Zhsr+an37vAtV27H$WJy(U+ z_3)2}ymb@Lr6kM4a+k+^<~6^0&UfDPm}h+CML&AaPX7LOa3_80Rlj=EYbnXAhkfkp z-g@W>UiP=gz0YZXJ=Evk_rKTo?!jk!;1}Qch`;%Hp~+0>KYi*~Klw-| z{_(ZH{pt$eO0VaB_{CrP>kB&j<41q`4eNaZfnWXahkshx55M!r-~RWH>ihxZe*E{} z|2x$`{HeeHBftWjsQ~m3{xiS@WWbI>KmZ!R1Dm@Bq(Ig(hX=f%2)wQdtiTTZtP3nZ zi0i#D<3JBILCFF^a(g>-^Ctev1w=>$;Ib`OI0tqBu5*e9Yd{8Un>SzpHf~af9jqoB z3_ZE)CfnKsL_h_#QzzR3h9~sFBDAI;fj`p+UogXq;<l|09C7=x9hLu#mkU4TkdE5|g5hH5wjSeVKqSj#a$M0G3%c#MW)xPeqy z#2ko=W3VuR`oloHff$qreXzM^ zwM0lSh=yCJfkv22l8nnd5X%14+~7xqQd7~s+-wFYbpmfw8N$3 zkVfps`LmzpA2-`ygB~Lh91+7E{$@H&PxPduv0~%n*`pnQu^93)^&mw&%{&Yu4lI|l^qO;^kVb6`Z8WJ5rR!%~xns_27|QHF-*k;MZ~F$#V!ppFg=Dmq*OdG2X)wl z$yC%KO;aXa(?vu{{%VCP{3o8Hh8u9oaexLWNYSVq2e4FwabO3(tVutW2Tt`=gA`Or zvrd6rg&*Bab2!r>ZPac(r$=2usyjlH?U^5!5gf!p{)m~MTT*J#t@U)WKgfk zsV$k63%L^7ZYWx2unh1ZW2G>9b1-OX*4T*Jlh5z+miQorF7>2Ou zhi8}-`gLG+vEN%#Ux(O-S=bE#wg?RV2o0tP4t|IOPGGM9;Rhz+REglMh~LJbg)10{ zcbEWEH~|g_1avrnK8S(V7-4$Af^MJ(CaA{^*bS%HfE(xo|Lq53pn({G3Vx7;IjH`D z1TKptPJ)-P5E=mDtq}zdV1Ya!hZt}GB+y}`m{9AJbJ;DG8V;YJ>n6ZWMEK8Saq zfQD&?E2!WLCS!lN^8ZD^cf|VrPTsUvx+S$*|yw{s(*Zg;qERSs03UFae~1GbNsApmrQ+FasP=<9(n7SoUa; z7HN|9XOq5wS(%3j*aWAB1(!bSn3n7Rm}#J@>4Ly!A`p*x#$bCE>gu3s9W17XF%Z0AYXd9CR1~$T^3Yl83xT9^RF_y!Fafxc#8 zaL@o6n1dD&Y%v~XAtquY_Js`~No4?Gdk}(HD2p@B!+!uvM2Lf`o`;X6fjnpjdl-VW zHU2VwSyUSNR1=|jo1nUm8CN8^`e;?_M1z2_E^Es#UI=AyX z$MZbb^F8PDvGQ_{aB?mebWr;9jtKNYNAyc7bkorCM0fN>TJ()L^hc+3LW*=oYV=Ci zbUwQD^C9s~2X#ol-N3`&P&f5L>U4~l^iyYb5K8rw$n;j1_5OKvi&*tp$94Lt^@_Ol zT=(_$*>#HO^Gy^B_kcI}bs2btDENbCcvDIEgjo27m-sGuc!Y@fiN|>GUH8-b^o;j-nW^}LxcHAJ zdHx7_4C|?qS9youc-L$9m52HBZTZ^E_n5c&Ejf7=q`I5ud7Phl-s||D7y1Cn`EZQX zp+|ZEDf*(U`J{LH5dZn%Yx<|BdiRa`?|b>G*LtZ~`qrHKtq1$9==zZl`?9}?vCn$5 zSNn}X`>$X7wtWzyFB7KYG9?e73)P`g8ljSNw+% z{FGn($LIUQ-@m+v{J(Gf%E$c3*ZH-b`~J-L{F?926sP>pfBVZP{nPh*qo3Q(M}5pU z{nr2d*N6Sgm;KqV{Mxtu$H)ELSNz@QeZu$s-?x0p7r?|9{<;tT<41ntPr%Vvexy(S z=P!Nchd|?(ezlMO>o@!C*Z#2Q{_fxU?+5>?7yt2p`tmpbq(}esANuuY|DJdM_rLl0 zm;acj|N39~`^W#1*Z=+h`2Gioe*y;*ENJi`!h{MJGHmGZA;gFhCsM3v@gl~I8aHz6 z=C+?3fi8cN94as<(WFY3 zGHvSgDb%P^og)2bbgIRxRk3pI{_6EB*sx;9k~LWMYFUL^)3R;r_AT7Fa>t&XYjCaI zyn6TY?d$jNz`A_#0xoR$Fyh3DV+!6&croP2k|$F}+*t49%9=NG?(F&L<-D0clP+!g zG-{2Z?T$|E`Zes>pI6UqE&Dd^+`9A9mTP-A@ZiFSgHGA^H}T}kmoqQfJ1+9((x+3e zzVJER=+?J$?>-#+TkYP*lP_-?yj$_+*RyY*7=2sy?&s654;MaL`S$no?>`lPTKf4n zAb|zy1YlVL8n_^X4TgjuSqeHhA%zt}1mRc`TDT#H9AYSzh8>DHqJbZV6(Wf#sz{%S zV4=7oj4^uG;#V)qcq5Mf%+ctTjXC=Gqi#EP)gzEa8i|^aToHLBlTB)tBvwm0IVF{r z88=u#TUEIwmz+U4m6TnIIc8g5N);xVX{za!nNgv+CY*6L)h1ML%6TWAJJI=+oq78C zCu3JSmL;Ht8Vc2(PW5>xqm5dWXj6+iIw_?LLCTb*m1?@_QG#MdD5s%{y3wUeWjZRV zfR?J%sj0ep=c-Ay`YNqz#!A$zwd&gCtv}_uE3i}c>eH{m8f)aRJr#Q_vpFWq)3VJ< z3*)mpMLR9FBUY=^wb^=W;kG$-`z^T*hKtj<<*G~Ixi_V|F1-7-Yty^&+UwrDHPw4B zzvbmi)4u%*%-#OKGienK!U-$9FvATy{4m53OFS{f6B`I(w~ej4X) zem?qVq1Q<|>YJI)XX>p_wz{IO%f1-wk&w3T@w4oxK1+ah{86dF?sKARLP+1Fn;6xe-EeKNZAriD!1v9vi z3$9Ot9=r?uf@6+xu&jh8)Yv%8@j=6IP+VN8M<$*i!x_@BhBnMZJz^q{XqZDDITTJk zJg16ti+1d z8Alei__8f75-sUSjh|wpQruXPIGV&9DzuIt?Z_G=K1Gid;bTeAxE(VJ z{_=Rkn~EVPf=H4?1B}!WVoJ1DWJV=-3=pX7YKDlu9K3 zK@C$L#FL<;B`QV2%H`~`m3qTtQX<)pNW`L+pKJjNU?GrPKBzmr^yTzki4b^TVh(d? z#5q1f4kfgM9?EoxFo`J;Z*)T-wnU~fPANx&yn_av7|1sQkq=7@V=3I426ysm@yZVh%`Xhd|=_4@+LCAm}JSJq0q4 z0Sr_k*$4nF|A7t!wBs8FD5*mD@dzLcWFND*LYefrJZTn$AC@SlK>SgRHN4~gqW|z| zEb>v!DG1{q_!xvH(xx;h^(y!wu}v%|pzg3d#`b4=_3qh2kR; zq6B3`3&PBQ(1Q!(_-RH1(GOK9Lm#)8gB0Gm4`Wc_4SzUCG1B@Hj|N}@105+$AHoko zuz;lkS!p};(bR^>Q~+x*=S_2}Q?6~%9yWmKJCeW;Rn&7HNH|9=iireXh1pVVS#$mg9-libVmcE;or-$ z6tn#}1`T51Pp9sI12hn;Or`LEdfF7H`7i|yG>`<0PNM>*P_Q)mFa!{kv$qNUf?9o& z&(WT)w5KIVYTE&hF9@|0^pFEauj>hX5Tcy)D8o5;0SqPZxEsSIE<%S(UV-$Z79lOj zbD;~@bdr-G%$#R2tD4Su?o}E4utqDQF^cgPVY3LS%1X;o0#ib^AENjyKSU7-ekh`t z+0cL~-C=-s_=6T0=*KL$i&@OhW5a;PfIpgnP=8pX8#3(#EnZq-mBLvNIGu)L`$35e zv_sQ@NHk6RAq(!Rn8jh+B2uke3{&Ex4ALk=H|&uER?wOi!u}}oKbnjRHS}W?(8%qP zhb!zI)S49%g>o8)2~_CD)gBJDa&-mLPAXUv3h(4HU$NWGL8LPtzj%XK4}#_bgA}s! zxWGW&fq-)~;|l!<#U>Kaj%Lu*9zrN4fXg{(%MJvy&B#DWW$KB^0%6hwnT7)Xf$)D! zy2AYpsXb5-*#nu{Z2T-jIsv-ieN;5J#tmr^ajjb#tl_%uM6$G#OjCTo;h!pGF0u!r zY=Y=xpw5PAE;*jkqPEn#%5a7!j>^}4WV5%ifcatxVqjSypd2JchXZIJ^%#&;-RrPH zJg_hhN!Z!4GBxGC+mVk_a9|33VCjKZK;L!<+`dBS{zPc$(cm1kA>j*e_)X^_0I5rT zzdu=V#dn8CYR2K3>3zoyfJzTjP@5C&5IH@j&{`a%GuQ~FhZ_XC4zkYS74;|vH=X;& zSt3Lnq+VvUwLB1f@F5o1Rt7yVv58GsHTKrD17bt3UZq7lPsCD0%+*JXn_68LNx|1D zYyb@`m`cr{JuJbe(Sp3m94G)m*x^HinH@{bgBdv39k3k*3Isib0Z!Qi8*l*Ki66sx zU}*K0gB`)KnIH=O5>FM<8?|7xH50*n;oqpBPp}|FxFAqC6BDdK82xEz>p0+A|&DvB5nsCDk8cNQfySxc3_ev zUJoO}h9X%9BXwened22b5+MB%DYDKVl13%U#w)I(!C+!+jG}aeqAbQvE0TsS9?lr% z;`o?iE%J~L4Mz|S(JumH{p_M?jL`lGJtH(mObRKZ=rAKSy3Q4y&ox?4Hqy&Baw9E% zqwsX&`-o%okR!mD<2i<-I^qsG&SE<%&pXP*JjSEa)Z_fvWAfl5{^+Ce@S{lpq(AD6 zKo-S7jw3rBBggKO?Nor0#sG?ppQA?tZOeW+^8cs@Xgb>}N=kyR@>?BW8j!zbb75NZL24&mS zLlEJjVF=MUJS9{{rBqHORaT`{UL{s$rB-ewS9YaWekE9jrC5$7S(c?)o+VnQrCP2f zTehWJz9n47rChq@P$H#W-u@+C=A~ZlC13WXU;ZUv2Bu&RCSew)VIHP*kbq(?CSx|H zV?HKiMy6y=CS_KpWnLy`W~OFtCTDi0XMQGVhNftaCTW(YX`Uu(rlxAHCTq5)Yeptw z#-?n}CT-THZQdqs=B94$CU5qpZ~i852B&ZiCvg_1aULgfCZ}>PCv!HZb3P|@MyGU6 z=Ul*_bzUcSW~X*;Cv~39c77*#h9`D*=h%p+d7dYClBd_8CwsPMD5>Xqx~F`aCwz9z zeBLK`)@Rn>Cx2$Aeqv331}OafC)Eh3fr1i&PR)TDXo5aXc6vfVDWyI{f-vmEB!ChO zoWnKvKszYqKj_0J{<(l77$rLp11JdtJcyDf=mQp{XM-lqgR-b7HPwW+K!$E;JuE{D z$UryT0~UC~K41eD$UudD5{jy*jB4kLDou>GXebGTJhTHmV8M<0K#qbEkdi_>cta?? zKsTi5k%rQWI;npyY0*6BMoB1z!o#OwLzP}BkKV%??1PSq={~F}l9K6onkmsV>5RgI z3sfjGXeftzs6G(G70{`Q-f5U(X_A&HpZ<)WK52^bs8ZtSGPG&@ZE2T&DHb$p3yi6Y zMyk$C>WQXk3vj4EU@8h!s4AcUkeVow?t_Vfs;DX{sqPG#DrG%PXrns9s#>Xz&Onc1 zfryf*iMD{VFhuA+Ttm?DYB=m^uG-9k3h15R;BN%+4&$)~wCmEY9Yv&h9MF_N>o7L_h!lJEQtrRsaA1 literal 0 HcmV?d00001 diff --git a/readme_source.md b/readme_source.md index e808335..34949e0 100644 --- a/readme_source.md +++ b/readme_source.md @@ -29,7 +29,7 @@ Basic |Requires Store Password |Determines if a store password is required when Basic |Supports Entry Password |Determined if an individual entry within a store can have a password. This must be unchecked. Advanced |Store Path Type| Determines how the user will enter the store path when setting up the cert store. Freeform Advanced |Supports Custom Alias |Determines if an individual entry within a store can have a custom Alias. This must be Required -Advanced |Private Key Handling |Determines how the orchestrator deals with private keys. Required +Advanced |Private Key Handling |Determines how the orchestrator deals with private keys. Optional Advanced |PFX Password Style |Determines password style for the PFX Password. Default Custom Fields|protocol|Name:protocol Display Name:Protocol Type:Multiple Choice (http,https) Default Value:https Required:True Custom Fields|allowInvalidCert|Name:allowInvalidCert Display Name:Allow Invalid Cert Type:Bool Default Value:false Required:True @@ -79,57 +79,56 @@ Password |This is the password for the vThunder api to access the certficate man #### Usage -**Adding New Certificate No Map Entry** +**Adding New Certificate New Alias** -![](images/AddCertificateNoMapEntry.gif) +![](images/NewCertNewAlias.gif) *** -**Adding New Certificate With Map Entry** +**Replace Cert With Same Alias** -![](images/AddCertificateWithMapEntry.gif) +![](images/ReplaceCertSameAlias.gif) *** -**Replace Certficate With Map Entry** +**Add Cert No Private Key** -![](images/ReplaceCertificateMapEntry.gif) +![](images/AddPubCert.gif) *** -**Replace Certficate No Map Entry** +**Replace Cert No Private Key** -![](images/ReplaceCertificateNoMapEntry.gif) +![](images/PubCertReplace.gif) *** -**Replace Certficate With Map Entry** +**Remove Cert No Private Key** -![](images/ReplaceCertificateMapEntry.gif) +![](images/RemovePubCert.gif) *** -**Replace Certficate No Map Entry** +**Remove Cert and Private Key** -![](images/ReplaceCertificateNoMapEntry.gif) +![](images/RemoveCertAndKey.gif) -*** - -**Remove Certificate Map Entry** - -![](images/RemoveCertifcateMapEntry.gif) - -*** - -**Remove Certficate No Map Entry** - -![](images/RemoveCertificateNoMapEntry.gif) +**Certificate Inventory** +![](images/CertificateInventory.gif) #### TEST CASES Case Number|Case Name|Case Description|Overwrite Flag|Alias Name|Expected Results|Passed ------------|---------|----------------|--------------|----------|----------------|-------------- 1|Fresh Add With Alias|Will create new certificate and private key on the vThunder appliance|true|KeyAndCertBTest|The new KeyAndCertBTest certificate and private key will be created in the ADC/SSL Cerificates area on vThunder.|True -1a|Fresh Add With Alias|Will create new certificate and private key on the vThunder appliance|false|KeyAndCertBTest|Error Saying Overwrite Flag Needs To Be Used|True +1a|Replace Alias with no overwrite flag|Should warn user that a cert cannot be replaced with the same name without overwrite flag|false|KeyAndCertBTest|Error Saying Overwrite Flag Needs To Be Used|True +1b|Replace Alias with overwrite flag|Will create new certificate and private key on the vThunder appliance|true|KeyAndCertBTest|Cert will be replaced because overwrite flag was used|True +2|Add Cert Without Private Key|This will create a cert with no private key on vThunder|false|NewCertNoPk|Only Cert will be added to vThunder with no private key|True +2a|Replace Cert Without Private Key|This will Replace a cert with no private key on vThunder|true|NewCertNoPk|Only Cert will be replaced on vThunder with no private key|True +2b|Replace Cert Without Private Key no overwrite flag|Should warn user that a cert cannot be replaced with the same name without overwrite flag|false|NewCertNoPk|Error Saying Overwrite Flag Needs To Be Used|True +3|Remove Certificate and Private Key|Certificate and Private Key Will Be Removed from A10|N/A|KeyAndCertBTest|Cert and Key will be removed from vThunder and Keyfactor Store|True +3a|Remove Certificate without Private Key|Certificate Will Be Removed from A10|N/A|KeyAndCertBTest|Cert will be removed from vThunder and Keyfactor Store|True +4|Inventory Certificates with Private Key|Inventory of Certificates with private keys will be pulled from vThunder up to 125 tested|N/A|N/A|125 Certs will be inventoried, more should be supported but there is no paging in the API so limits apply|True +4a|Inventory Certificates without Private Key|Inventory of Certificates without private keys will be pulled from vThunder up to 125 tested|N/A|N/A|125 Certs will be inventoried, more should be supported but there is no paging in the API so limits apply|True From 61a47be56b6e7190b82d6ec112d2d9f95aeeb618 Mon Sep 17 00:00:00 2001 From: Keyfactor Date: Tue, 28 Jun 2022 17:32:44 +0000 Subject: [PATCH 14/20] Update generated README --- README.md | 49 ++++++++++++++++++++++++------------------------- 1 file changed, 24 insertions(+), 25 deletions(-) diff --git a/README.md b/README.md index 8ad40bd..d5ecfaf 100644 --- a/README.md +++ b/README.md @@ -50,7 +50,7 @@ Basic |Requires Store Password |Determines if a store password is required when Basic |Supports Entry Password |Determined if an individual entry within a store can have a password. This must be unchecked. Advanced |Store Path Type| Determines how the user will enter the store path when setting up the cert store. Freeform Advanced |Supports Custom Alias |Determines if an individual entry within a store can have a custom Alias. This must be Required -Advanced |Private Key Handling |Determines how the orchestrator deals with private keys. Required +Advanced |Private Key Handling |Determines how the orchestrator deals with private keys. Optional Advanced |PFX Password Style |Determines password style for the PFX Password. Default Custom Fields|protocol|Name:protocol Display Name:Protocol Type:Multiple Choice (http,https) Default Value:https Required:True Custom Fields|allowInvalidCert|Name:allowInvalidCert Display Name:Allow Invalid Cert Type:Bool Default Value:false Required:True @@ -100,58 +100,57 @@ Password |This is the password for the vThunder api to access the certficate man #### Usage -**Adding New Certificate No Map Entry** +**Adding New Certificate New Alias** -![](images/AddCertificateNoMapEntry.gif) +![](images/NewCertNewAlias.gif) *** -**Adding New Certificate With Map Entry** +**Replace Cert With Same Alias** -![](images/AddCertificateWithMapEntry.gif) +![](images/ReplaceCertSameAlias.gif) *** -**Replace Certficate With Map Entry** +**Add Cert No Private Key** -![](images/ReplaceCertificateMapEntry.gif) +![](images/AddPubCert.gif) *** -**Replace Certficate No Map Entry** +**Replace Cert No Private Key** -![](images/ReplaceCertificateNoMapEntry.gif) +![](images/PubCertReplace.gif) *** -**Replace Certficate With Map Entry** +**Remove Cert No Private Key** -![](images/ReplaceCertificateMapEntry.gif) +![](images/RemovePubCert.gif) *** -**Replace Certficate No Map Entry** +**Remove Cert and Private Key** -![](images/ReplaceCertificateNoMapEntry.gif) +![](images/RemoveCertAndKey.gif) -*** - -**Remove Certificate Map Entry** - -![](images/RemoveCertifcateMapEntry.gif) - -*** - -**Remove Certficate No Map Entry** - -![](images/RemoveCertificateNoMapEntry.gif) +**Certificate Inventory** +![](images/CertificateInventory.gif) #### TEST CASES Case Number|Case Name|Case Description|Overwrite Flag|Alias Name|Expected Results|Passed ------------|---------|----------------|--------------|----------|----------------|-------------- 1|Fresh Add With Alias|Will create new certificate and private key on the vThunder appliance|true|KeyAndCertBTest|The new KeyAndCertBTest certificate and private key will be created in the ADC/SSL Cerificates area on vThunder.|True -1a|Fresh Add With Alias|Will create new certificate and private key on the vThunder appliance|false|KeyAndCertBTest|Error Saying Overwrite Flag Needs To Be Used|True +1a|Replace Alias with no overwrite flag|Should warn user that a cert cannot be replaced with the same name without overwrite flag|false|KeyAndCertBTest|Error Saying Overwrite Flag Needs To Be Used|True +1b|Replace Alias with overwrite flag|Will create new certificate and private key on the vThunder appliance|true|KeyAndCertBTest|Cert will be replaced because overwrite flag was used|True +2|Add Cert Without Private Key|This will create a cert with no private key on vThunder|false|NewCertNoPk|Only Cert will be added to vThunder with no private key|True +2a|Replace Cert Without Private Key|This will Replace a cert with no private key on vThunder|true|NewCertNoPk|Only Cert will be replaced on vThunder with no private key|True +2b|Replace Cert Without Private Key no overwrite flag|Should warn user that a cert cannot be replaced with the same name without overwrite flag|false|NewCertNoPk|Error Saying Overwrite Flag Needs To Be Used|True +3|Remove Certificate and Private Key|Certificate and Private Key Will Be Removed from A10|N/A|KeyAndCertBTest|Cert and Key will be removed from vThunder and Keyfactor Store|True +3a|Remove Certificate without Private Key|Certificate Will Be Removed from A10|N/A|KeyAndCertBTest|Cert will be removed from vThunder and Keyfactor Store|True +4|Inventory Certificates with Private Key|Inventory of Certificates with private keys will be pulled from vThunder up to 125 tested|N/A|N/A|125 Certs will be inventoried, more should be supported but there is no paging in the API so limits apply|True +4a|Inventory Certificates without Private Key|Inventory of Certificates without private keys will be pulled from vThunder up to 125 tested|N/A|N/A|125 Certs will be inventoried, more should be supported but there is no paging in the API so limits apply|True From 7754a3bf6532ff41d3e90304a607885d98597710 Mon Sep 17 00:00:00 2001 From: Brian Hill Date: Tue, 28 Jun 2022 13:33:52 -0400 Subject: [PATCH 15/20] Update Readme --- readme_source.md | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/readme_source.md b/readme_source.md index 34949e0..8cdd2a1 100644 --- a/readme_source.md +++ b/readme_source.md @@ -37,19 +37,19 @@ Entry Parameters|N/A| There are no Entry Parameters **Basic Settings:** -![](images/CertStoreType-Basic.gif) +![](/Media/Images/CertStoreType-Basic.gif) **Advanced Settings:** -![](images/CertStoreType-Advanced.gif) +![](/Media/Images/CertStoreType-Advanced.gif) **Custom Fields:** -![](images/CertStoreType-CustomFields.gif) +![](/Media/Images/CertStoreType-CustomFields.gif) **Entry Params:** -![](images/CertStoreType-EntryParameters.gif) +![](/Media/Images/CertStoreType-EntryParameters.gif) **2. Register the A10 vThunder Orchestrator with Keyfactor** See Keyfactor InstallingKeyfactorOrchestrators.pdf Documentation. Get from your Keyfactor contact/representative. @@ -57,8 +57,8 @@ See Keyfactor InstallingKeyfactorOrchestrators.pdf Documentation. Get from your **3. Create a A10 vThunder Certificate Store within Keyfactor Command** In Keyfactor Command create a new Certificate Store similar to the one below -![](images/CertStore1.gif) -![](images/CertStore2.gif) +![](/Media/Images/CertStore1.gif) +![](/Media/Images/CertStore2.gif) #### STORE CONFIGURATION CONFIG ELEMENT |DESCRIPTION @@ -81,41 +81,41 @@ Password |This is the password for the vThunder api to access the certficate man **Adding New Certificate New Alias** -![](images/NewCertNewAlias.gif) +![](/Media/Images/NewCertNewAlias.gif) *** **Replace Cert With Same Alias** -![](images/ReplaceCertSameAlias.gif) +![](/Media/Images/ReplaceCertSameAlias.gif) *** **Add Cert No Private Key** -![](images/AddPubCert.gif) +![](/Media/Images/AddPubCert.gif) *** **Replace Cert No Private Key** -![](images/PubCertReplace.gif) +![](/Media/Images/PubCertReplace.gif) *** **Remove Cert No Private Key** -![](images/RemovePubCert.gif) +![](/Media/Images/RemovePubCert.gif) *** **Remove Cert and Private Key** -![](images/RemoveCertAndKey.gif) +![](/Media/Images/RemoveCertAndKey.gif) **Certificate Inventory** -![](images/CertificateInventory.gif) +![](/Media/Images/CertificateInventory.gif) #### TEST CASES Case Number|Case Name|Case Description|Overwrite Flag|Alias Name|Expected Results|Passed From 8a2b5e2c2605c59cd775c15d9b3070772923ce66 Mon Sep 17 00:00:00 2001 From: Keyfactor Date: Tue, 28 Jun 2022 17:34:51 +0000 Subject: [PATCH 16/20] Update generated README --- README.md | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/README.md b/README.md index d5ecfaf..846342a 100644 --- a/README.md +++ b/README.md @@ -58,19 +58,19 @@ Entry Parameters|N/A| There are no Entry Parameters **Basic Settings:** -![](images/CertStoreType-Basic.gif) +![](/Media/Images/CertStoreType-Basic.gif) **Advanced Settings:** -![](images/CertStoreType-Advanced.gif) +![](/Media/Images/CertStoreType-Advanced.gif) **Custom Fields:** -![](images/CertStoreType-CustomFields.gif) +![](/Media/Images/CertStoreType-CustomFields.gif) **Entry Params:** -![](images/CertStoreType-EntryParameters.gif) +![](/Media/Images/CertStoreType-EntryParameters.gif) **2. Register the A10 vThunder Orchestrator with Keyfactor** See Keyfactor InstallingKeyfactorOrchestrators.pdf Documentation. Get from your Keyfactor contact/representative. @@ -78,8 +78,8 @@ See Keyfactor InstallingKeyfactorOrchestrators.pdf Documentation. Get from your **3. Create a A10 vThunder Certificate Store within Keyfactor Command** In Keyfactor Command create a new Certificate Store similar to the one below -![](images/CertStore1.gif) -![](images/CertStore2.gif) +![](/Media/Images/CertStore1.gif) +![](/Media/Images/CertStore2.gif) #### STORE CONFIGURATION CONFIG ELEMENT |DESCRIPTION @@ -102,41 +102,41 @@ Password |This is the password for the vThunder api to access the certficate man **Adding New Certificate New Alias** -![](images/NewCertNewAlias.gif) +![](/Media/Images/NewCertNewAlias.gif) *** **Replace Cert With Same Alias** -![](images/ReplaceCertSameAlias.gif) +![](/Media/Images/ReplaceCertSameAlias.gif) *** **Add Cert No Private Key** -![](images/AddPubCert.gif) +![](/Media/Images/AddPubCert.gif) *** **Replace Cert No Private Key** -![](images/PubCertReplace.gif) +![](/Media/Images/PubCertReplace.gif) *** **Remove Cert No Private Key** -![](images/RemovePubCert.gif) +![](/Media/Images/RemovePubCert.gif) *** **Remove Cert and Private Key** -![](images/RemoveCertAndKey.gif) +![](/Media/Images/RemoveCertAndKey.gif) **Certificate Inventory** -![](images/CertificateInventory.gif) +![](/Media/Images/CertificateInventory.gif) #### TEST CASES Case Number|Case Name|Case Description|Overwrite Flag|Alias Name|Expected Results|Passed From 17231d996708728dc6b34fe95e01a868e70a0c2e Mon Sep 17 00:00:00 2001 From: Brian Hill Date: Tue, 28 Jun 2022 13:35:12 -0400 Subject: [PATCH 17/20] Update Readme --- readme_source.md | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/readme_source.md b/readme_source.md index 8cdd2a1..166a11b 100644 --- a/readme_source.md +++ b/readme_source.md @@ -37,19 +37,19 @@ Entry Parameters|N/A| There are no Entry Parameters **Basic Settings:** -![](/Media/Images/CertStoreType-Basic.gif) +![](Media/Images/CertStoreType-Basic.gif) **Advanced Settings:** -![](/Media/Images/CertStoreType-Advanced.gif) +![](Media/Images/CertStoreType-Advanced.gif) **Custom Fields:** -![](/Media/Images/CertStoreType-CustomFields.gif) +![](Media/Images/CertStoreType-CustomFields.gif) **Entry Params:** -![](/Media/Images/CertStoreType-EntryParameters.gif) +![](Media/Images/CertStoreType-EntryParameters.gif) **2. Register the A10 vThunder Orchestrator with Keyfactor** See Keyfactor InstallingKeyfactorOrchestrators.pdf Documentation. Get from your Keyfactor contact/representative. @@ -57,8 +57,8 @@ See Keyfactor InstallingKeyfactorOrchestrators.pdf Documentation. Get from your **3. Create a A10 vThunder Certificate Store within Keyfactor Command** In Keyfactor Command create a new Certificate Store similar to the one below -![](/Media/Images/CertStore1.gif) -![](/Media/Images/CertStore2.gif) +![](Media/Images/CertStore1.gif) +![](Media/Images/CertStore2.gif) #### STORE CONFIGURATION CONFIG ELEMENT |DESCRIPTION @@ -81,41 +81,41 @@ Password |This is the password for the vThunder api to access the certficate man **Adding New Certificate New Alias** -![](/Media/Images/NewCertNewAlias.gif) +![](Media/Images/NewCertNewAlias.gif) *** **Replace Cert With Same Alias** -![](/Media/Images/ReplaceCertSameAlias.gif) +![](Media/Images/ReplaceCertSameAlias.gif) *** **Add Cert No Private Key** -![](/Media/Images/AddPubCert.gif) +![](Media/Images/AddPubCert.gif) *** **Replace Cert No Private Key** -![](/Media/Images/PubCertReplace.gif) +![](Media/Images/PubCertReplace.gif) *** **Remove Cert No Private Key** -![](/Media/Images/RemovePubCert.gif) +![](Media/Images/RemovePubCert.gif) *** **Remove Cert and Private Key** -![](/Media/Images/RemoveCertAndKey.gif) +![](Media/Images/RemoveCertAndKey.gif) **Certificate Inventory** -![](/Media/Images/CertificateInventory.gif) +![](Media/Images/CertificateInventory.gif) #### TEST CASES Case Number|Case Name|Case Description|Overwrite Flag|Alias Name|Expected Results|Passed From 33fdcb9e30c6f0b09b843c752f3363d1c186b2b9 Mon Sep 17 00:00:00 2001 From: Keyfactor Date: Tue, 28 Jun 2022 17:36:02 +0000 Subject: [PATCH 18/20] Update generated README --- README.md | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/README.md b/README.md index 846342a..08eab27 100644 --- a/README.md +++ b/README.md @@ -58,19 +58,19 @@ Entry Parameters|N/A| There are no Entry Parameters **Basic Settings:** -![](/Media/Images/CertStoreType-Basic.gif) +![](Media/Images/CertStoreType-Basic.gif) **Advanced Settings:** -![](/Media/Images/CertStoreType-Advanced.gif) +![](Media/Images/CertStoreType-Advanced.gif) **Custom Fields:** -![](/Media/Images/CertStoreType-CustomFields.gif) +![](Media/Images/CertStoreType-CustomFields.gif) **Entry Params:** -![](/Media/Images/CertStoreType-EntryParameters.gif) +![](Media/Images/CertStoreType-EntryParameters.gif) **2. Register the A10 vThunder Orchestrator with Keyfactor** See Keyfactor InstallingKeyfactorOrchestrators.pdf Documentation. Get from your Keyfactor contact/representative. @@ -78,8 +78,8 @@ See Keyfactor InstallingKeyfactorOrchestrators.pdf Documentation. Get from your **3. Create a A10 vThunder Certificate Store within Keyfactor Command** In Keyfactor Command create a new Certificate Store similar to the one below -![](/Media/Images/CertStore1.gif) -![](/Media/Images/CertStore2.gif) +![](Media/Images/CertStore1.gif) +![](Media/Images/CertStore2.gif) #### STORE CONFIGURATION CONFIG ELEMENT |DESCRIPTION @@ -102,41 +102,41 @@ Password |This is the password for the vThunder api to access the certficate man **Adding New Certificate New Alias** -![](/Media/Images/NewCertNewAlias.gif) +![](Media/Images/NewCertNewAlias.gif) *** **Replace Cert With Same Alias** -![](/Media/Images/ReplaceCertSameAlias.gif) +![](Media/Images/ReplaceCertSameAlias.gif) *** **Add Cert No Private Key** -![](/Media/Images/AddPubCert.gif) +![](Media/Images/AddPubCert.gif) *** **Replace Cert No Private Key** -![](/Media/Images/PubCertReplace.gif) +![](Media/Images/PubCertReplace.gif) *** **Remove Cert No Private Key** -![](/Media/Images/RemovePubCert.gif) +![](Media/Images/RemovePubCert.gif) *** **Remove Cert and Private Key** -![](/Media/Images/RemoveCertAndKey.gif) +![](Media/Images/RemoveCertAndKey.gif) **Certificate Inventory** -![](/Media/Images/CertificateInventory.gif) +![](Media/Images/CertificateInventory.gif) #### TEST CASES Case Number|Case Name|Case Description|Overwrite Flag|Alias Name|Expected Results|Passed From 7e713c8db95e313bdb2df5b79326fffc762dfc26 Mon Sep 17 00:00:00 2001 From: Brian Hill Date: Tue, 28 Jun 2022 13:37:30 -0400 Subject: [PATCH 19/20] Update Readme --- readme_source.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/readme_source.md b/readme_source.md index 166a11b..6b41cbd 100644 --- a/readme_source.md +++ b/readme_source.md @@ -113,6 +113,8 @@ Password |This is the password for the vThunder api to access the certficate man ![](Media/Images/RemoveCertAndKey.gif) +*** + **Certificate Inventory** ![](Media/Images/CertificateInventory.gif) From 95323fbe1a076bdc52ce493922c67194a9fcb294 Mon Sep 17 00:00:00 2001 From: Keyfactor Date: Tue, 28 Jun 2022 17:38:20 +0000 Subject: [PATCH 20/20] Update generated README --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 08eab27..eb6d4ca 100644 --- a/README.md +++ b/README.md @@ -134,6 +134,8 @@ Password |This is the password for the vThunder api to access the certficate man ![](Media/Images/RemoveCertAndKey.gif) +*** + **Certificate Inventory** ![](Media/Images/CertificateInventory.gif)