From 09c5b22c6aeb726f6d8cbb8945c4e1126bc27b68 Mon Sep 17 00:00:00 2001
From: Mark Payne <markap14@hotmail.com>
Date: Wed, 1 Mar 2017 13:30:04 -0500
Subject: [PATCH 1/5] NIFI-3541: Add local network interface capability to
 site-to-site client and remote group and ports

---
 .../nifi/remote/client/SiteToSiteClient.java  |  40 +++++-
 .../remote/client/SiteToSiteClientConfig.java |   7 +
 .../remote/util/SiteToSiteRestApiClient.java  | 109 +++++++++-------
 .../apache/nifi/controller/AbstractPort.java  |  32 ++---
 .../nifi/groups/RemoteProcessGroup.java       |  24 ++++
 .../apache/nifi/remote/RemoteGroupPort.java   |   1 +
 .../remote/StandardRemoteProcessGroup.java    | 122 ++++++++++++++----
 .../nifi/remote/StandardRemoteGroupPort.java  |  27 +++-
 .../remote/TestStandardRemoteGroupPort.java   |   1 +
 .../apache/nifi/web/api/dto/DtoFactory.java   |  66 ++++++----
 10 files changed, 303 insertions(+), 126 deletions(-)

diff --git a/nifi-commons/nifi-site-to-site-client/src/main/java/org/apache/nifi/remote/client/SiteToSiteClient.java b/nifi-commons/nifi-site-to-site-client/src/main/java/org/apache/nifi/remote/client/SiteToSiteClient.java
index 3d7baccf2cd9..daff70d6625f 100644
--- a/nifi-commons/nifi-site-to-site-client/src/main/java/org/apache/nifi/remote/client/SiteToSiteClient.java
+++ b/nifi-commons/nifi-site-to-site-client/src/main/java/org/apache/nifi/remote/client/SiteToSiteClient.java
@@ -39,6 +39,7 @@
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.Serializable;
+import java.net.InetAddress;
 import java.security.KeyStore;
 import java.security.SecureRandom;
 import java.util.LinkedHashSet;
@@ -168,6 +169,7 @@ public static class Builder implements Serializable {
         private int batchCount;
         private long batchSize;
         private long batchNanos;
+        private InetAddress localAddress;
         private SiteToSiteTransportProtocol transportProtocol = SiteToSiteTransportProtocol.RAW;
         private HttpProxy httpProxy;
 
@@ -198,6 +200,7 @@ public Builder fromConfig(final SiteToSiteClientConfig config) {
             this.batchCount = config.getPreferredBatchCount();
             this.batchSize = config.getPreferredBatchSize();
             this.batchNanos = config.getPreferredBatchDuration(TimeUnit.NANOSECONDS);
+            this.localAddress = config.getLocalAddress();
             this.httpProxy = config.getHttpProxy();
 
             return this;
@@ -223,12 +226,31 @@ public Builder url(final String url) {
         }
 
         /**
-         * <p>Specifies the URLs of the remote NiFi instance.</p>
-         * <p>If this URL points to a NiFi node in a NiFi cluster, data transfer to and from
-         * nodes will be automatically load balanced across the different nodes.</p>
+         * <p>
+         * Specifies the local address to use when communicating with the remote NiFi instance.
+         * </p>
+         *
+         * @param localAddress the local address to use, or <code>null</code> to use <code>anyLocal</code> address.
+         * @return the builder
+         */
+        public Builder localAddress(final InetAddress localAddress) {
+            this.localAddress = localAddress;
+            return this;
+        }
+
+        /**
+         * <p>
+         * Specifies the URLs of the remote NiFi instance.
+         * </p>
+         * <p>
+         * If this URL points to a NiFi node in a NiFi cluster, data transfer to and from
+         * nodes will be automatically load balanced across the different nodes.
+         * </p>
          *
-         * <p>Multiple urls provide better connectivity with a NiFi cluster, able to connect
-         * to the target cluster at long as one of the specified urls is accessible.</p>
+         * <p>
+         * Multiple urls provide better connectivity with a NiFi cluster, able to connect
+         * to the target cluster at long as one of the specified urls is accessible.
+         * </p>
          *
          * @param urls urls of remote instance
          * @return the builder
@@ -717,6 +739,7 @@ class StandardSiteToSiteClientConfig implements SiteToSiteClientConfig, Serializ
         private final long batchSize;
         private final long batchNanos;
         private final HttpProxy httpProxy;
+        private final InetAddress localAddress;
 
         // some serialization frameworks require a default constructor
         private StandardSiteToSiteClientConfig() {
@@ -740,6 +763,7 @@ private StandardSiteToSiteClientConfig() {
             this.batchNanos = 0;
             this.transportProtocol = null;
             this.httpProxy = null;
+            this.localAddress = null;
         }
 
         private StandardSiteToSiteClientConfig(final SiteToSiteClient.Builder builder) {
@@ -766,6 +790,7 @@ private StandardSiteToSiteClientConfig(final SiteToSiteClient.Builder builder) {
             this.batchNanos = builder.batchNanos;
             this.transportProtocol = builder.getTransportProtocol();
             this.httpProxy = builder.getHttpProxy();
+            this.localAddress = builder.localAddress;
         }
 
         @Override
@@ -931,5 +956,10 @@ public SiteToSiteTransportProtocol getTransportProtocol() {
         public HttpProxy getHttpProxy() {
             return httpProxy;
         }
+
+        @Override
+        public InetAddress getLocalAddress() {
+            return localAddress;
+        }
     }
 }
diff --git a/nifi-commons/nifi-site-to-site-client/src/main/java/org/apache/nifi/remote/client/SiteToSiteClientConfig.java b/nifi-commons/nifi-site-to-site-client/src/main/java/org/apache/nifi/remote/client/SiteToSiteClientConfig.java
index 5bdeee45f09b..83e832847180 100644
--- a/nifi-commons/nifi-site-to-site-client/src/main/java/org/apache/nifi/remote/client/SiteToSiteClientConfig.java
+++ b/nifi-commons/nifi-site-to-site-client/src/main/java/org/apache/nifi/remote/client/SiteToSiteClientConfig.java
@@ -18,6 +18,7 @@
 
 import java.io.File;
 import java.io.Serializable;
+import java.net.InetAddress;
 import java.util.Set;
 import java.util.concurrent.TimeUnit;
 
@@ -36,6 +37,7 @@ public interface SiteToSiteClientConfig extends Serializable {
      * for backward compatibility for implementations that does not expect multiple URLs.
      * {@link #getUrls()} should be used instead then should support multiple URLs when making requests.
      */
+    @Deprecated
     String getUrl();
 
     /**
@@ -171,4 +173,9 @@ public interface SiteToSiteClientConfig extends Serializable {
      */
     HttpProxy getHttpProxy();
 
+    /**
+     * @return the InetAddress to bind to for the local address when creating a socket, or
+     *         {@code null} to bind to the {@code anyLocal} address.
+     */
+    InetAddress getLocalAddress();
 }
diff --git a/nifi-commons/nifi-site-to-site-client/src/main/java/org/apache/nifi/remote/util/SiteToSiteRestApiClient.java b/nifi-commons/nifi-site-to-site-client/src/main/java/org/apache/nifi/remote/util/SiteToSiteRestApiClient.java
index 89da6a0f9d84..e6777b0eb258 100644
--- a/nifi-commons/nifi-site-to-site-client/src/main/java/org/apache/nifi/remote/util/SiteToSiteRestApiClient.java
+++ b/nifi-commons/nifi-site-to-site-client/src/main/java/org/apache/nifi/remote/util/SiteToSiteRestApiClient.java
@@ -16,6 +16,55 @@
  */
 package org.apache.nifi.remote.util;
 
+import static org.apache.commons.lang3.StringUtils.isEmpty;
+import static org.apache.nifi.remote.protocol.http.HttpHeaders.HANDSHAKE_PROPERTY_BATCH_COUNT;
+import static org.apache.nifi.remote.protocol.http.HttpHeaders.HANDSHAKE_PROPERTY_BATCH_DURATION;
+import static org.apache.nifi.remote.protocol.http.HttpHeaders.HANDSHAKE_PROPERTY_BATCH_SIZE;
+import static org.apache.nifi.remote.protocol.http.HttpHeaders.HANDSHAKE_PROPERTY_REQUEST_EXPIRATION;
+import static org.apache.nifi.remote.protocol.http.HttpHeaders.HANDSHAKE_PROPERTY_USE_COMPRESSION;
+import static org.apache.nifi.remote.protocol.http.HttpHeaders.LOCATION_HEADER_NAME;
+import static org.apache.nifi.remote.protocol.http.HttpHeaders.LOCATION_URI_INTENT_NAME;
+import static org.apache.nifi.remote.protocol.http.HttpHeaders.LOCATION_URI_INTENT_VALUE;
+
+import java.io.Closeable;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.PipedInputStream;
+import java.io.PipedOutputStream;
+import java.net.InetAddress;
+import java.net.MalformedURLException;
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.net.URL;
+import java.nio.ByteBuffer;
+import java.nio.channels.Channels;
+import java.nio.channels.ReadableByteChannel;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.LinkedHashSet;
+import java.util.Objects;
+import java.util.Set;
+import java.util.concurrent.CountDownLatch;
+import java.util.concurrent.ExecutionException;
+import java.util.concurrent.Executors;
+import java.util.concurrent.Future;
+import java.util.concurrent.ScheduledExecutorService;
+import java.util.concurrent.ScheduledFuture;
+import java.util.concurrent.ThreadFactory;
+import java.util.concurrent.TimeUnit;
+import java.util.concurrent.TimeoutException;
+import java.util.concurrent.atomic.AtomicBoolean;
+import java.util.function.Predicate;
+import java.util.regex.Pattern;
+
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLPeerUnverifiedException;
+import javax.net.ssl.SSLSession;
+
 import org.apache.commons.lang3.StringUtils;
 import org.apache.http.Header;
 import org.apache.http.HttpEntity;
@@ -87,53 +136,6 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.SSLPeerUnverifiedException;
-import javax.net.ssl.SSLSession;
-import java.io.Closeable;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.PipedInputStream;
-import java.io.PipedOutputStream;
-import java.net.MalformedURLException;
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.net.URL;
-import java.nio.ByteBuffer;
-import java.nio.channels.Channels;
-import java.nio.channels.ReadableByteChannel;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateException;
-import java.security.cert.X509Certificate;
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.LinkedHashSet;
-import java.util.Objects;
-import java.util.Set;
-import java.util.concurrent.CountDownLatch;
-import java.util.concurrent.ExecutionException;
-import java.util.concurrent.Executors;
-import java.util.concurrent.Future;
-import java.util.concurrent.ScheduledExecutorService;
-import java.util.concurrent.ScheduledFuture;
-import java.util.concurrent.ThreadFactory;
-import java.util.concurrent.TimeUnit;
-import java.util.concurrent.TimeoutException;
-import java.util.concurrent.atomic.AtomicBoolean;
-import java.util.function.Predicate;
-import java.util.regex.Pattern;
-
-import static org.apache.commons.lang3.StringUtils.isEmpty;
-import static org.apache.nifi.remote.protocol.http.HttpHeaders.HANDSHAKE_PROPERTY_BATCH_COUNT;
-import static org.apache.nifi.remote.protocol.http.HttpHeaders.HANDSHAKE_PROPERTY_BATCH_DURATION;
-import static org.apache.nifi.remote.protocol.http.HttpHeaders.HANDSHAKE_PROPERTY_BATCH_SIZE;
-import static org.apache.nifi.remote.protocol.http.HttpHeaders.HANDSHAKE_PROPERTY_REQUEST_EXPIRATION;
-import static org.apache.nifi.remote.protocol.http.HttpHeaders.HANDSHAKE_PROPERTY_USE_COMPRESSION;
-import static org.apache.nifi.remote.protocol.http.HttpHeaders.LOCATION_HEADER_NAME;
-import static org.apache.nifi.remote.protocol.http.HttpHeaders.LOCATION_URI_INTENT_NAME;
-import static org.apache.nifi.remote.protocol.http.HttpHeaders.LOCATION_URI_INTENT_VALUE;
-
 public class SiteToSiteRestApiClient implements Closeable {
 
     private static final String EVENT_CATEGORY = "Site-to-Site";
@@ -160,6 +162,7 @@ public class SiteToSiteRestApiClient implements Closeable {
     private CloseableHttpAsyncClient httpAsyncClient;
 
     private boolean compress = false;
+    private InetAddress localAddress = null;
     private long requestExpirationMillis = 0;
     private int serverTransactionTtl = 0;
     private int batchCount = 0;
@@ -239,6 +242,10 @@ private void setupRequestConfig() {
             .setConnectTimeout(connectTimeoutMillis)
             .setSocketTimeout(readTimeoutMillis);
 
+        if (localAddress != null) {
+            requestConfigBuilder.setLocalAddress(localAddress);
+        }
+        
         if (proxy != null) {
             requestConfigBuilder.setProxy(proxy.getHttpHost());
         }
@@ -916,6 +923,8 @@ private void startExtendingTtl(final String transactionUrl, final Closeable stre
         extendingApiClient.transportProtocolVersionNegotiator = this.transportProtocolVersionNegotiator;
         extendingApiClient.connectTimeoutMillis = this.connectTimeoutMillis;
         extendingApiClient.readTimeoutMillis = this.readTimeoutMillis;
+        extendingApiClient.localAddress = this.localAddress;
+
         final int extendFrequency = serverTransactionTtl / 2;
 
         ttlExtendingFuture = ttlExtendTaskExecutor.scheduleWithFixedDelay(() -> {
@@ -1197,10 +1206,12 @@ public void setBaseUrl(final String baseUrl) {
 
     public void setConnectTimeoutMillis(final int connectTimeoutMillis) {
         this.connectTimeoutMillis = connectTimeoutMillis;
+        setupRequestConfig();
     }
 
     public void setReadTimeoutMillis(final int readTimeoutMillis) {
         this.readTimeoutMillis = readTimeoutMillis;
+        setupRequestConfig();
     }
 
     public static String getFirstUrl(final String clusterUrlStr) {
@@ -1336,6 +1347,10 @@ private void setBaseUrl(final String scheme, final String host, final int port,
     public void setCompress(final boolean compress) {
         this.compress = compress;
     }
+    
+    public void setLocalAddress(final InetAddress localAddress) {
+        this.localAddress = localAddress;
+    }
 
     public void setRequestExpirationMillis(final long requestExpirationMillis) {
         if (requestExpirationMillis < 0) {
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core-api/src/main/java/org/apache/nifi/controller/AbstractPort.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core-api/src/main/java/org/apache/nifi/controller/AbstractPort.java
index 1177dad1af86..4d061b872f30 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core-api/src/main/java/org/apache/nifi/controller/AbstractPort.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core-api/src/main/java/org/apache/nifi/controller/AbstractPort.java
@@ -16,6 +16,22 @@
  */
 package org.apache.nifi.controller;
 
+import static java.util.Objects.requireNonNull;
+
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+import java.util.concurrent.TimeUnit;
+import java.util.concurrent.atomic.AtomicBoolean;
+import java.util.concurrent.atomic.AtomicInteger;
+import java.util.concurrent.atomic.AtomicLong;
+import java.util.concurrent.atomic.AtomicReference;
+import java.util.concurrent.locks.Lock;
+import java.util.concurrent.locks.ReentrantReadWriteLock;
+
 import org.apache.commons.lang3.builder.ToStringBuilder;
 import org.apache.commons.lang3.builder.ToStringStyle;
 import org.apache.nifi.authorization.Resource;
@@ -36,22 +52,6 @@
 import org.apache.nifi.processor.exception.ProcessException;
 import org.apache.nifi.util.FormatUtils;
 
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Set;
-import java.util.concurrent.TimeUnit;
-import java.util.concurrent.atomic.AtomicBoolean;
-import java.util.concurrent.atomic.AtomicInteger;
-import java.util.concurrent.atomic.AtomicLong;
-import java.util.concurrent.atomic.AtomicReference;
-import java.util.concurrent.locks.Lock;
-import java.util.concurrent.locks.ReentrantReadWriteLock;
-
-import static java.util.Objects.requireNonNull;
-
 public abstract class AbstractPort implements Port {
 
     public static final Relationship PORT_RELATIONSHIP = new Relationship.Builder()
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core-api/src/main/java/org/apache/nifi/groups/RemoteProcessGroup.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core-api/src/main/java/org/apache/nifi/groups/RemoteProcessGroup.java
index 64e2ca098904..cb1e6c874857 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core-api/src/main/java/org/apache/nifi/groups/RemoteProcessGroup.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core-api/src/main/java/org/apache/nifi/groups/RemoteProcessGroup.java
@@ -17,18 +17,22 @@
 package org.apache.nifi.groups;
 
 import org.apache.nifi.authorization.resource.ComponentAuthorizable;
+import org.apache.nifi.components.ValidationResult;
 import org.apache.nifi.connectable.Positionable;
 import org.apache.nifi.controller.exception.CommunicationsException;
 import org.apache.nifi.events.EventReporter;
 import org.apache.nifi.remote.RemoteGroupPort;
 import org.apache.nifi.remote.protocol.SiteToSiteTransportProtocol;
 
+import java.net.InetAddress;
+import java.util.Collection;
 import java.util.Date;
 import java.util.Set;
 import java.util.concurrent.TimeUnit;
 
 public interface RemoteProcessGroup extends ComponentAuthorizable, Positionable {
 
+    @Override
     String getIdentifier();
 
     String getTargetUri();
@@ -154,6 +158,16 @@ public interface RemoteProcessGroup extends ComponentAuthorizable, Positionable
      */
     String getAuthorizationIssue();
 
+    /**
+     * Validates the current configuration, returning ValidationResults for any
+     * invalid configuration parameter.
+     *
+     * @return Collection of validation result objects for any invalid findings
+     *         only. If the collection is empty then the component is valid. Guaranteed
+     *         non-null
+     */
+    Collection<ValidationResult> validate();
+
     /**
      * @return the {@link EventReporter} that can be used to report any notable
      * events
@@ -180,6 +194,16 @@ public interface RemoteProcessGroup extends ComponentAuthorizable, Positionable
 
     void setProxyPassword(String proxyPassword);
 
+    void setNetworkInterface(String interfaceName);
+
+    String getNetworkInterface();
+
+    /**
+     * Returns the InetAddress that the will this instance will bind to when communicating with a
+     * remote NiFi instance, or <code>null</code> if no specific address has been specified
+     */
+    InetAddress getLocalAddress();
+
     /**
      * Initiates a task in the remote process group to re-initialize, as a
      * result of clustering changes
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core-api/src/main/java/org/apache/nifi/remote/RemoteGroupPort.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core-api/src/main/java/org/apache/nifi/remote/RemoteGroupPort.java
index 8cad10343418..f8f4b20922cf 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core-api/src/main/java/org/apache/nifi/remote/RemoteGroupPort.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core-api/src/main/java/org/apache/nifi/remote/RemoteGroupPort.java
@@ -33,6 +33,7 @@ public RemoteGroupPort(String id, String name, ProcessGroup processGroup, Connec
 
     public abstract TransferDirection getTransferDirection();
 
+    @Override
     public abstract boolean isUseCompression();
 
     public abstract void setUseCompression(boolean useCompression);
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/remote/StandardRemoteProcessGroup.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/remote/StandardRemoteProcessGroup.java
index 855dab754932..67c8f11839f2 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/remote/StandardRemoteProcessGroup.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/remote/StandardRemoteProcessGroup.java
@@ -18,14 +18,15 @@
 
 import static java.util.Objects.requireNonNull;
 
-import com.sun.jersey.api.client.ClientHandlerException;
-import com.sun.jersey.api.client.ClientResponse;
-import com.sun.jersey.api.client.ClientResponse.Status;
-import com.sun.jersey.api.client.UniformInterfaceException;
 import java.io.File;
 import java.io.IOException;
+import java.net.InetAddress;
+import java.net.NetworkInterface;
 import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
 import java.util.Date;
+import java.util.Enumeration;
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.Iterator;
@@ -40,12 +41,15 @@
 import java.util.concurrent.locks.Lock;
 import java.util.concurrent.locks.ReadWriteLock;
 import java.util.concurrent.locks.ReentrantReadWriteLock;
+
 import javax.net.ssl.SSLContext;
 import javax.ws.rs.core.Response;
+
 import org.apache.nifi.authorization.Resource;
 import org.apache.nifi.authorization.resource.Authorizable;
 import org.apache.nifi.authorization.resource.ResourceFactory;
 import org.apache.nifi.authorization.resource.ResourceType;
+import org.apache.nifi.components.ValidationResult;
 import org.apache.nifi.connectable.ConnectableType;
 import org.apache.nifi.connectable.Connection;
 import org.apache.nifi.connectable.Port;
@@ -74,6 +78,11 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import com.sun.jersey.api.client.ClientHandlerException;
+import com.sun.jersey.api.client.ClientResponse;
+import com.sun.jersey.api.client.ClientResponse.Status;
+import com.sun.jersey.api.client.UniformInterfaceException;
+
 /**
  * Represents the Root Process Group of a remote NiFi Instance. Holds
  * information about that remote instance, as well as {@link IncomingPort}s and
@@ -99,7 +108,6 @@ public class StandardRemoteProcessGroup implements RemoteProcessGroup {
     private final AtomicReference<String> comments = new AtomicReference<>();
     private final AtomicReference<ProcessGroup> processGroup;
     private final AtomicBoolean transmitting = new AtomicBoolean(false);
-    private final FlowController flowController;
     private final SSLContext sslContext;
 
     private volatile String communicationsTimeout = "30 sec";
@@ -111,6 +119,11 @@ public class StandardRemoteProcessGroup implements RemoteProcessGroup {
     private volatile String proxyUser;
     private volatile String proxyPassword;
 
+    private String networkInterfaceName;
+    private InetAddress localAddress;
+    private ValidationResult nicValidationResult;
+
+
     private final ReadWriteLock rwLock = new ReentrantReadWriteLock();
     private final Lock readLock = rwLock.readLock();
     private final Lock writeLock = rwLock.writeLock();
@@ -135,7 +148,6 @@ public StandardRemoteProcessGroup(final String id, final String targetUris, fina
                                       final FlowController flowController, final SSLContext sslContext, final NiFiProperties nifiProperties) {
         this.nifiProperties = nifiProperties;
         this.id = requireNonNull(id);
-        this.flowController = requireNonNull(flowController);
 
         this.targetUris = targetUris;
         this.targetId = null;
@@ -354,6 +366,11 @@ public String getAuthorizationIssue() {
         return authorizationIssue;
     }
 
+    @Override
+    public Collection<ValidationResult> validate() {
+        return (nicValidationResult == null) ? Collections.emptyList() : Collections.singletonList(nicValidationResult);
+    }
+
     public int getInputPortCount() {
         readLock.lock();
         try {
@@ -606,7 +623,7 @@ private void addOutputPort(final RemoteProcessGroupPortDescriptor descriptor) {
             }
 
             final StandardRemoteGroupPort port = new StandardRemoteGroupPort(descriptor.getId(), descriptor.getName(), getProcessGroup(),
-                    this, TransferDirection.RECEIVE, ConnectableType.REMOTE_OUTPUT_PORT, sslContext, scheduler, nifiProperties);
+                this, TransferDirection.RECEIVE, ConnectableType.REMOTE_OUTPUT_PORT, sslContext, scheduler, nifiProperties);
             outputPorts.put(descriptor.getId(), port);
 
             if (descriptor.getConcurrentlySchedulableTaskCount() != null) {
@@ -672,7 +689,7 @@ private void addInputPort(final RemoteProcessGroupPortDescriptor descriptor) {
             }
 
             final StandardRemoteGroupPort port = new StandardRemoteGroupPort(descriptor.getId(), descriptor.getName(), getProcessGroup(), this,
-                    TransferDirection.SEND, ConnectableType.REMOTE_INPUT_PORT, sslContext, scheduler, nifiProperties);
+                TransferDirection.SEND, ConnectableType.REMOTE_INPUT_PORT, sslContext, scheduler, nifiProperties);
 
             if (descriptor.getConcurrentlySchedulableTaskCount() != null) {
                 port.setMaxConcurrentTasks(descriptor.getConcurrentlySchedulableTaskCount());
@@ -741,15 +758,6 @@ private void setCounts(final ProcessGroupCounts counts) {
         }
     }
 
-    private ProcessGroup getRootGroup() {
-        return getRootGroup(getProcessGroup());
-    }
-
-    private ProcessGroup getRootGroup(final ProcessGroup context) {
-        final ProcessGroup parent = context.getParent();
-        return parent == null ? context : getRootGroup(parent);
-    }
-
     @Override
     public Date getLastRefreshTime() {
         readLock.lock();
@@ -856,10 +864,75 @@ public void refreshFlowContents() throws CommunicationsException {
         }
     }
 
+    @Override
+    public String getNetworkInterface() {
+        readLock.lock();
+        try {
+            return networkInterfaceName;
+        } finally {
+            readLock.unlock();
+        }
+    }
+
+    @Override
+    public void setNetworkInterface(final String interfaceName) {
+        writeLock.lock();
+        try {
+            this.networkInterfaceName = interfaceName;
+
+            try {
+                final Enumeration<InetAddress> inetAddresses = NetworkInterface.getByName(interfaceName).getInetAddresses();
+
+                if (inetAddresses.hasMoreElements()) {
+                    this.localAddress = inetAddresses.nextElement();
+                    this.nicValidationResult = null;
+                } else {
+                    this.localAddress = null;
+                    this.nicValidationResult = new ValidationResult.Builder()
+                        .input(interfaceName)
+                        .subject("Network Interface Name")
+                        .valid(false)
+                        .explanation("No IP Address could be found that is bound to the interface with name " + interfaceName)
+                        .build();
+                }
+            } catch (final Exception e) {
+                this.localAddress = null;
+                this.nicValidationResult = new ValidationResult.Builder()
+                    .input(interfaceName)
+                    .subject("Network Interface Name")
+                    .valid(false)
+                    .explanation("Could not obtain Network Interface with name " + interfaceName)
+                    .build();
+            }
+        } finally {
+            writeLock.unlock();
+        }
+    }
+
+    @Override
+    public InetAddress getLocalAddress() {
+        readLock.lock();
+        try {
+            if (nicValidationResult != null && !nicValidationResult.isValid()) {
+                return null;
+            }
+
+            return localAddress;
+        } finally {
+            readLock.unlock();
+        }
+    }
+
     private SiteToSiteRestApiClient getSiteToSiteRestApiClient() {
         SiteToSiteRestApiClient apiClient = new SiteToSiteRestApiClient(sslContext, new HttpProxy(proxyHost, proxyPort, proxyUser, proxyPassword), getEventReporter());
         apiClient.setConnectTimeoutMillis(getCommunicationsTimeout(TimeUnit.MILLISECONDS));
         apiClient.setReadTimeoutMillis(getCommunicationsTimeout(TimeUnit.MILLISECONDS));
+
+        final InetAddress localAddress = getLocalAddress();
+        if (localAddress != null) {
+            apiClient.setLocalAddress(localAddress);
+        }
+
         return apiClient;
     }
 
@@ -886,17 +959,6 @@ private Set<RemoteProcessGroupPortDescriptor> convertRemotePort(final Set<PortDT
         return remotePorts;
     }
 
-    private RemoteProcessGroupPortDescriptor convertPortToRemotePortDescriptor(final Port port) {
-        final StandardRemoteProcessGroupPortDescriptor descriptor = new StandardRemoteProcessGroupPortDescriptor();
-        descriptor.setComments(port.getComments());
-        descriptor.setExists(true);
-        descriptor.setGroupId(port.getProcessGroup().getIdentifier());
-        descriptor.setId(port.getIdentifier());
-        descriptor.setName(port.getName());
-        descriptor.setTargetRunning(port.isRunning());
-        return descriptor;
-    }
-
     @Override
     public boolean isTransmitting() {
         return transmitting.get();
@@ -1216,6 +1278,8 @@ public void verifyCanStartTransmitting() {
                 if (port.hasIncomingConnection() && !port.getTargetExists()) {
                     throw new IllegalStateException(this.getIdentifier() + " has a Connection to Port " + port.getIdentifier() + ", but that Port no longer exists on the remote system");
                 }
+
+                port.verifyCanStart();
             }
 
             for (final StandardRemoteGroupPort port : outputPorts.values()) {
@@ -1226,6 +1290,8 @@ public void verifyCanStartTransmitting() {
                 if (!port.getConnections().isEmpty() && !port.getTargetExists()) {
                     throw new IllegalStateException(this.getIdentifier() + " has a Connection to Port " + port.getIdentifier() + ", but that Port no longer exists on the remote system");
                 }
+
+                port.verifyCanStart();
             }
         } finally {
             readLock.unlock();
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-site-to-site/src/main/java/org/apache/nifi/remote/StandardRemoteGroupPort.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-site-to-site/src/main/java/org/apache/nifi/remote/StandardRemoteGroupPort.java
index d8c055b889e3..92931f28596d 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-site-to-site/src/main/java/org/apache/nifi/remote/StandardRemoteGroupPort.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-site-to-site/src/main/java/org/apache/nifi/remote/StandardRemoteGroupPort.java
@@ -24,6 +24,7 @@
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.Map;
+import java.util.Optional;
 import java.util.Set;
 import java.util.concurrent.TimeUnit;
 import java.util.concurrent.atomic.AtomicBoolean;
@@ -93,7 +94,7 @@ SiteToSiteClient getSiteToSiteClient() {
 
     public StandardRemoteGroupPort(final String id, final String name, final ProcessGroup processGroup, final RemoteProcessGroup remoteGroup,
             final TransferDirection direction, final ConnectableType type, final SSLContext sslContext, final ProcessScheduler scheduler,
-            final NiFiProperties nifiProperties) {
+        final NiFiProperties nifiProperties) {
         // remote group port id needs to be unique but cannot just be the id of the port
         // in the remote group instance. this supports referencing the same remote
         // instance more than once.
@@ -167,6 +168,7 @@ public void onSchedulingStart() {
                 .timeout(remoteGroup.getCommunicationsTimeout(TimeUnit.MILLISECONDS), TimeUnit.MILLISECONDS)
                 .transportProtocol(remoteGroup.getTransportProtocol())
                 .httpProxy(new HttpProxy(remoteGroup.getProxyHost(), remoteGroup.getProxyPort(), remoteGroup.getProxyUser(), remoteGroup.getProxyPassword()))
+                .localAddress(remoteGroup.getLocalAddress())
                 .build();
         clientRef.set(client);
     }
@@ -407,8 +409,19 @@ public boolean getTargetExists() {
 
     @Override
     public boolean isValid() {
-        return targetExists.get()
-                && (getConnectableType() == ConnectableType.REMOTE_OUTPUT_PORT ? !getConnections(Relationship.ANONYMOUS).isEmpty() : true);
+        if (!targetExists.get()) {
+            return false;
+        }
+
+        if (getConnectableType() == ConnectableType.REMOTE_OUTPUT_PORT && getConnections(Relationship.ANONYMOUS).isEmpty()) {
+            // if it's an output port, ensure that there is an outbound connection
+            return false;
+        }
+
+        final boolean groupValid = remoteGroup.validate().stream()
+            .allMatch(result -> result.isValid());
+
+        return groupValid;
     }
 
     @Override
@@ -444,6 +457,14 @@ public void verifyCanStart() {
         if (getConnectableType() == ConnectableType.REMOTE_INPUT_PORT && getIncomingConnections().isEmpty()) {
             throw new IllegalStateException("Port " + getName() + " has no incoming connections");
         }
+
+        final Optional<ValidationResult> resultOption = remoteGroup.validate().stream()
+            .filter(result -> !result.isValid())
+            .findFirst();
+
+        if (resultOption.isPresent()) {
+            throw new IllegalStateException("Remote Process Group is not valid: " + resultOption.get().toString());
+        }
     }
 
     @Override
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-site-to-site/src/test/java/org/apache/nifi/remote/TestStandardRemoteGroupPort.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-site-to-site/src/test/java/org/apache/nifi/remote/TestStandardRemoteGroupPort.java
index 2d48515e0d47..31cd1549c549 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-site-to-site/src/test/java/org/apache/nifi/remote/TestStandardRemoteGroupPort.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-site-to-site/src/test/java/org/apache/nifi/remote/TestStandardRemoteGroupPort.java
@@ -110,6 +110,7 @@ private void setupMock(final SiteToSiteTransportProtocol protocol,
                 connectableType = null;
                 break;
         }
+
         port = spy(new StandardRemoteGroupPort(ID, NAME,
                 processGroup, remoteGroup, direction, connectableType, null, scheduler, NiFiProperties.createBasicNiFiProperties(null, null)));
 
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/dto/DtoFactory.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/dto/DtoFactory.java
index 8049c1252093..113d491241f6 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/dto/DtoFactory.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/dto/DtoFactory.java
@@ -16,6 +16,32 @@
  */
 package org.apache.nifi.web.api.dto;
 
+import java.text.Collator;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.Comparator;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.LinkedHashMap;
+import java.util.LinkedHashSet;
+import java.util.List;
+import java.util.Locale;
+import java.util.Map;
+import java.util.Map.Entry;
+import java.util.Set;
+import java.util.TimeZone;
+import java.util.TreeMap;
+import java.util.TreeSet;
+import java.util.concurrent.TimeUnit;
+import java.util.function.Function;
+import java.util.function.Supplier;
+import java.util.stream.Collectors;
+
+import javax.ws.rs.WebApplicationException;
+
 import org.apache.nifi.action.Action;
 import org.apache.nifi.action.component.details.ComponentDetails;
 import org.apache.nifi.action.component.details.ExtensionDetails;
@@ -157,32 +183,6 @@
 import org.apache.nifi.web.controller.ControllerFacade;
 import org.apache.nifi.web.revision.RevisionManager;
 
-import javax.ws.rs.WebApplicationException;
-import java.text.Collator;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.Comparator;
-import java.util.Date;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.LinkedHashMap;
-import java.util.LinkedHashSet;
-import java.util.List;
-import java.util.Locale;
-import java.util.Map;
-import java.util.Map.Entry;
-import java.util.Set;
-import java.util.TimeZone;
-import java.util.TreeMap;
-import java.util.TreeSet;
-import java.util.concurrent.TimeUnit;
-import java.util.function.Function;
-import java.util.function.Supplier;
-import java.util.stream.Collectors;
-
 public final class DtoFactory {
 
     @SuppressWarnings("rawtypes")
@@ -1550,7 +1550,19 @@ public RemoteProcessGroupDTO createRemoteProcessGroupDto(final RemoteProcessGrou
         }
 
         if (group.getAuthorizationIssue() != null) {
-            dto.setAuthorizationIssues(Arrays.asList(group.getAuthorizationIssue()));
+            final List<String> authIssues = new ArrayList<>();
+            final String authIssue = group.getAuthorizationIssue();
+            if (authIssue != null) {
+                authIssues.add(authIssue);
+            }
+
+            final Collection<ValidationResult> validationResults = group.validate();
+            validationResults.stream()
+                .filter(result -> !result.isValid())
+                .map(result -> result.toString())
+                .forEach(str -> authIssues.add(str));
+
+            dto.setAuthorizationIssues(authIssues);
         }
 
         dto.setActiveRemoteInputPortCount(activeRemoteInputPortCount);

From eb2ccd9f3925d04bec1198df230f2f0e7d20d97e Mon Sep 17 00:00:00 2001
From: Matt Gilman <matt.c.gilman@gmail.com>
Date: Wed, 1 Mar 2017 13:51:34 -0500
Subject: [PATCH 2/5] NIFI-3541: - Allowing the user to specify the network
 interface to send/receive data for a Remote Process Group.

Signed-off-by: Mark Payne <markap14@hotmail.com>
---
 .../web/api/dto/RemoteProcessGroupDTO.java    | 21 ++++++++++++
 .../RemoteProcessGroupEntityMerger.java       |  3 ++
 .../apache/nifi/web/api/dto/DtoFactory.java   |  2 ++
 .../impl/StandardRemoteProcessGroupDAO.java   |  5 +++
 .../new-remote-process-group-dialog.jsp       | 34 +++++++++++++------
 .../remote-process-group-configuration.jsp    | 34 +++++++++++++------
 .../canvas/remote-process-group-details.jsp   | 34 +++++++++++++------
 .../src/main/webapp/css/dialog.css            |  4 ---
 .../remote-process-group-configuration.css    | 13 ++-----
 .../nf-ng-remote-process-group-component.js   |  5 +++
 .../nf-remote-process-group-configuration.js  |  2 ++
 .../canvas/nf-remote-process-group-details.js |  2 ++
 .../js/nf/canvas/nf-remote-process-group.js   | 29 ++++++++++++----
 13 files changed, 133 insertions(+), 55 deletions(-)

diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-client-dto/src/main/java/org/apache/nifi/web/api/dto/RemoteProcessGroupDTO.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-client-dto/src/main/java/org/apache/nifi/web/api/dto/RemoteProcessGroupDTO.java
index df01b82e1a9c..ee64b69f526c 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-client-dto/src/main/java/org/apache/nifi/web/api/dto/RemoteProcessGroupDTO.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-client-dto/src/main/java/org/apache/nifi/web/api/dto/RemoteProcessGroupDTO.java
@@ -39,12 +39,14 @@ public class RemoteProcessGroupDTO extends ComponentDTO {
     private String communicationsTimeout;
     private String yieldDuration;
     private String transportProtocol;
+    private String localNetworkInterface;
     private String proxyHost;
     private Integer proxyPort;
     private String proxyUser;
     private String proxyPassword;
 
     private Collection<String> authorizationIssues;
+    private Collection<String> validationErrors;
     private Boolean transmitting;
 
     private Integer inputPortCount;
@@ -349,6 +351,25 @@ public void setTransportProtocol(String transportProtocol) {
         this.transportProtocol = transportProtocol;
     }
 
+    @ApiModelProperty("The local network interface to send/receive data. If not specified, any local address is used. If clustered, all nodes must have an interface with this identifier.")
+    public String getLocalNetworkInterface() {
+        return localNetworkInterface;
+    }
+
+    public void setLocalNetworkInterface(String localNetworkInterface) {
+        this.localNetworkInterface = localNetworkInterface;
+    }
+
+    @ApiModelProperty(
+            "The validation errors for the remote process group. These validation errors represent the problems with the remote process group that must be resolved before it can transmit."
+    )
+    public Collection<String> getValidationErrors() {
+        return validationErrors;
+    }
+
+    public void setValidationErrors(Collection<String> validationErrors) {
+        this.validationErrors = validationErrors;
+    }
 
     public String getProxyHost() {
         return proxyHost;
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-cluster/src/main/java/org/apache/nifi/cluster/manager/RemoteProcessGroupEntityMerger.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-cluster/src/main/java/org/apache/nifi/cluster/manager/RemoteProcessGroupEntityMerger.java
index 3209e025c1b8..69437deedacd 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-cluster/src/main/java/org/apache/nifi/cluster/manager/RemoteProcessGroupEntityMerger.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-cluster/src/main/java/org/apache/nifi/cluster/manager/RemoteProcessGroupEntityMerger.java
@@ -75,6 +75,7 @@ private static void mergeDtos(final RemoteProcessGroupDTO clientDto, final Map<N
         final RemoteProcessGroupContentsDTO remoteProcessGroupContents = clientDto.getContents();
 
         final Map<String, Set<NodeIdentifier>> authorizationErrorMap = new HashMap<>();
+        final Map<String, Set<NodeIdentifier>> validationErrorMap = new HashMap<>();
         Boolean mergedIsTargetSecure = null;
         final Set<RemoteProcessGroupPortDTO> mergedInputPorts = new HashSet<>();
         final Set<RemoteProcessGroupPortDTO> mergedOutputPorts = new HashSet<>();
@@ -88,6 +89,7 @@ private static void mergeDtos(final RemoteProcessGroupDTO clientDto, final Map<N
 
                 // merge the authorization errors
                 ErrorMerger.mergeErrors(authorizationErrorMap, nodeId, nodeRemoteProcessGroup.getAuthorizationIssues());
+                ErrorMerger.mergeErrors(validationErrorMap, nodeId, nodeRemoteProcessGroup.getValidationErrors());
 
                 // use the first target secure flag since they will all be the same
                 final Boolean nodeIsTargetSecure = nodeRemoteProcessGroup.isTargetSecure();
@@ -124,5 +126,6 @@ private static void mergeDtos(final RemoteProcessGroupDTO clientDto, final Map<N
 
         // set the merged the validation errors
         clientDto.setAuthorizationIssues(ErrorMerger.normalizedMergedErrors(authorizationErrorMap, dtoMap.size()));
+        clientDto.setValidationErrors(ErrorMerger.normalizedMergedErrors(validationErrorMap, dtoMap.size()));
     }
 }
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/dto/DtoFactory.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/dto/DtoFactory.java
index 113d491241f6..f74840ca9f83 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/dto/DtoFactory.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/dto/DtoFactory.java
@@ -1564,6 +1564,8 @@ public RemoteProcessGroupDTO createRemoteProcessGroupDto(final RemoteProcessGrou
 
             dto.setAuthorizationIssues(authIssues);
         }
+        // TODO - set validation errors
+        // TODO - set local network interface
 
         dto.setActiveRemoteInputPortCount(activeRemoteInputPortCount);
         dto.setInactiveRemoteInputPortCount(inactiveRemoteInputPortCount);
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/dao/impl/StandardRemoteProcessGroupDAO.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/dao/impl/StandardRemoteProcessGroupDAO.java
index d022b15b0b75..52bbde51794d 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/dao/impl/StandardRemoteProcessGroupDAO.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/dao/impl/StandardRemoteProcessGroupDAO.java
@@ -144,6 +144,7 @@ private void verifyUpdate(RemoteProcessGroup remoteProcessGroup, RemoteProcessGr
 
         // if any remote group properties are changing, verify update
         if (isAnyNotNull(remoteProcessGroupDto.getYieldDuration(),
+                remoteProcessGroupDto.getLocalNetworkInterface(),
                 remoteProcessGroupDto.getCommunicationsTimeout(),
                 remoteProcessGroupDto.getProxyHost(),
                 remoteProcessGroupDto.getProxyPort(),
@@ -359,6 +360,7 @@ private RemoteProcessGroup updateRemoteProcessGroup(RemoteProcessGroup remotePro
         final String proxyPassword = remoteProcessGroupDTO.getProxyPassword();
 
         final String transportProtocol = remoteProcessGroupDTO.getTransportProtocol();
+        final String localNetworkInterface = remoteProcessGroupDTO.getLocalNetworkInterface();
 
         if (isNotNull(name)) {
             remoteProcessGroup.setName(name);
@@ -391,6 +393,9 @@ private RemoteProcessGroup updateRemoteProcessGroup(RemoteProcessGroup remotePro
                 remoteProcessGroup.setProxyPassword(proxyPassword);
             }
         }
+        if (isNotNull(localNetworkInterface)) {
+            // TODO - update the local network interface
+        }
 
         final Boolean isTransmitting = remoteProcessGroupDTO.isTransmitting();
         if (isNotNull(isTransmitting)) {
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/WEB-INF/partials/canvas/new-remote-process-group-dialog.jsp b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/WEB-INF/partials/canvas/new-remote-process-group-dialog.jsp
index 4af046e60971..49480016e69d 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/WEB-INF/partials/canvas/new-remote-process-group-dialog.jsp
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/WEB-INF/partials/canvas/new-remote-process-group-dialog.jsp
@@ -26,16 +26,28 @@
             </div>
         </div>
         <div class="setting">
-            <div class="setting-name">
-                Transport Protocol
-                <div class="fa fa-question-circle" alt="Info" title="Specify the transport protocol to use for this Remote Process Group communication."></div>
+            <div class="remote-process-group-setting-left">
+                <div class="setting-name">
+                    Transport Protocol
+                    <div class="fa fa-question-circle" alt="Info" title="Specify the transport protocol to use for this Remote Process Group communication."></div>
+                </div>
+                <div class="setting-field">
+                    <div id="new-remote-process-group-transport-protocol-combo"></div>
+                </div>
             </div>
-            <div class="setting-field">
-                <div id="new-remote-process-group-transport-protocol-combo"></div>
+            <div class="remote-process-group-setting-right">
+                <div class="setting-name">
+                    Local Network Interface
+                    <div class="fa fa-question-circle" alt="Info" title="The local network interface to send/receive data. If not specified, any local address is used. If clustered, all nodes must have an interface with this identifier."></div>
+                </div>
+                <div class="setting-field">
+                    <input type="text" class="small-setting-input" id="new-remote-process-group-local-network-interface"/>
+                </div>
             </div>
+            <div class="clear"></div>
         </div>
         <div class="setting">
-            <div class="remote-process-group-proxy-host-setting">
+            <div class="remote-process-group-setting-left">
                 <div class="setting-name">
                     HTTP Proxy server hostname
                     <div class="fa fa-question-circle" alt="Info" title="Specify the proxy server's hostname to use. If not specified, HTTP traffics are sent directly to the target NiFi instance."></div>
@@ -44,7 +56,7 @@
                     <input type="text" class="small-setting-input" id="new-remote-process-group-proxy-host"/>
                 </div>
             </div>
-            <div class="remote-process-group-proxy-port-setting">
+            <div class="remote-process-group-setting-right">
                 <div class="setting-name">
                     HTTP Proxy server port
                     <div class="fa fa-question-circle" alt="Info" title="Specify the proxy server's port number, optional. If not specified, default port 80 will be used."></div>
@@ -56,7 +68,7 @@
             <div class="clear"></div>
         </div>
         <div class="setting">
-            <div class="remote-process-group-proxy-user-setting">
+            <div class="remote-process-group-setting-left">
                 <div class="setting-name">
                     HTTP Proxy user
                     <div class="fa fa-question-circle" alt="Info" title="Specify an user name to connect to the proxy server, optional."></div>
@@ -65,7 +77,7 @@
                     <input type="text" class="small-setting-input" id="new-remote-process-group-proxy-user"/>
                 </div>
             </div>
-            <div class="remote-process-group-proxy-password-setting">
+            <div class="remote-process-group-setting-right">
                 <div class="setting-name">
                     HTTP Proxy password
                     <div class="fa fa-question-circle" alt="Info" title="Specify an user password to connect to the proxy server, optional."></div>
@@ -77,7 +89,7 @@
             <div class="clear"></div>
         </div>
         <div class="setting">
-            <div class="remote-process-group-timeout-setting">
+            <div class="remote-process-group-setting-left">
                 <div class="setting-name">
                     Communications timeout
                     <div class="fa fa-question-circle" alt="Info" title="When communication with this remote process group takes longer than this amount of time, it will timeout."></div>
@@ -86,7 +98,7 @@
                     <input type="text" class="small-setting-input" id="new-remote-process-group-timeout"/>
                 </div>
             </div>
-            <div class="remote-process-group-yield-duration-setting">
+            <div class="remote-process-group-setting-right">
                 <div class="setting-name">
                     Yield duration
                     <div class="fa fa-question-circle" alt="Info" title="When communication with this remote process group fails, it will not be scheduled again until this amount of time elapses."></div>
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/WEB-INF/partials/canvas/remote-process-group-configuration.jsp b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/WEB-INF/partials/canvas/remote-process-group-configuration.jsp
index c8af6d3ed1d4..36ecd48b1f18 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/WEB-INF/partials/canvas/remote-process-group-configuration.jsp
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/WEB-INF/partials/canvas/remote-process-group-configuration.jsp
@@ -36,16 +36,28 @@
             </div>
         </div>
         <div class="setting">
-            <div class="setting-name">
-                Transport Protocol
-                <div class="fa fa-question-circle" alt="Info" title="Specify the transport protocol to use for this Remote Process Group communication."></div>
+            <div class="remote-process-group-setting-left">
+                <div class="setting-name">
+                    Transport Protocol
+                    <div class="fa fa-question-circle" alt="Info" title="Specify the transport protocol to use for this Remote Process Group communication."></div>
+                </div>
+                <div class="setting-field">
+                    <div id="remote-process-group-transport-protocol-combo"></div>
+                </div>
             </div>
-            <div class="setting-field">
-                <div id="remote-process-group-transport-protocol-combo"></div>
+            <div class="remote-process-group-setting-right">
+                <div class="setting-name">
+                    Local Network Interface
+                    <div class="fa fa-question-circle" alt="Info" title="The local network interface to send/receive data. If not specified, any local address is used. If clustered, all nodes must have an interface with this identifier."></div>
+                </div>
+                <div class="setting-field">
+                    <input type="text" class="small-setting-input" id="remote-process-group-local-network-interface"/>
+                </div>
             </div>
+            <div class="clear"></div>
         </div>
         <div class="setting">
-            <div class="remote-process-group-proxy-host-setting">
+            <div class="remote-process-group-setting-left">
                 <div class="setting-name">
                     HTTP Proxy server hostname
                     <div class="fa fa-question-circle" alt="Info" title="Specify the proxy server's hostname to use. If not specified, HTTP traffics are sent directly to the target NiFi instance."></div>
@@ -54,7 +66,7 @@
                     <input type="text" class="small-setting-input" id="remote-process-group-proxy-host"/>
                 </div>
             </div>
-            <div class="remote-process-group-proxy-port-setting">
+            <div class="remote-process-group-setting-right">
                 <div class="setting-name">
                     HTTP Proxy server port
                     <div class="fa fa-question-circle" alt="Info" title="Specify the proxy server's port number, optional. If not specified, default port 80 will be used."></div>
@@ -66,7 +78,7 @@
             <div class="clear"></div>
         </div>
         <div class="setting">
-            <div class="remote-process-group-proxy-user-setting">
+            <div class="remote-process-group-setting-left">
                 <div class="setting-name">
                     HTTP Proxy user
                     <div class="fa fa-question-circle" alt="Info" title="Specify an user name to connect to the proxy server, optional."></div>
@@ -75,7 +87,7 @@
                     <input type="text" class="small-setting-input" id="remote-process-group-proxy-user"/>
                 </div>
             </div>
-            <div class="remote-process-group-proxy-password-setting">
+            <div class="remote-process-group-setting-right">
                 <div class="setting-name">
                     HTTP Proxy password
                     <div class="fa fa-question-circle" alt="Info" title="Specify an user password to connect to the proxy server, optional."></div>
@@ -87,7 +99,7 @@
             <div class="clear"></div>
         </div>
         <div class="setting">
-            <div class="remote-process-group-timeout-setting">
+            <div class="remote-process-group-setting-left">
                 <div class="setting-name">
                     Communications timeout
                     <div class="fa fa-question-circle" alt="Info" title="When communication with this remote process group takes longer than this amount of time, it will timeout."></div>
@@ -96,7 +108,7 @@
                     <input type="text" class="small-setting-input" id="remote-process-group-timeout"/>
                 </div>
             </div>
-            <div class="remote-process-group-yield-duration-setting">
+            <div class="remote-process-group-setting-right">
                 <div class="setting-name">
                     Yield duration
                     <div class="fa fa-question-circle" alt="Info" title="When communication with this remote process group fails, it will not be scheduled again until this amount of time elapses."></div>
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/WEB-INF/partials/canvas/remote-process-group-details.jsp b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/WEB-INF/partials/canvas/remote-process-group-details.jsp
index 6f7f99271078..3388a681bdd4 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/WEB-INF/partials/canvas/remote-process-group-details.jsp
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/WEB-INF/partials/canvas/remote-process-group-details.jsp
@@ -36,16 +36,28 @@
             </div>
         </div>
         <div class="setting">
-            <div class="setting-name">
-                Transport Protocol
-                <div class="fa fa-question-circle" alt="Info" title="Transport protocol to use for this Remote Process Group communication."></div>
+            <div class="remote-process-group-setting-left">
+                <div class="setting-name">
+                    Transport Protocol
+                    <div class="fa fa-question-circle" alt="Info" title="Transport protocol to use for this Remote Process Group communication."></div>
+                </div>
+                <div class="setting-field">
+                    <div id="read-only-remote-process-group-transport-protocol"></div>
+                </div>
             </div>
-            <div class="setting-field">
-                <div id="read-only-remote-process-group-transport-protocol"></div>
+            <div class="remote-process-group-setting-right">
+                <div class="setting-name">
+                    Local Network Interface
+                    <div class="fa fa-question-circle" alt="Info" title="The local network interface to send/receive data. If not specified, any local address is used. If clustered, all nodes must have an interface with this identifier."></div>
+                </div>
+                <div class="setting-field">
+                    <span id="read-only-remote-process-group-local-network-interface"></span>
+                </div>
             </div>
+            <div class="clear"></div>
         </div>
         <div class="setting">
-            <div class="remote-process-group-proxy-host-setting">
+            <div class="remote-process-group-setting-left">
                 <div class="setting-name">
                     HTTP Proxy server hostname
                     <div class="fa fa-question-circle" alt="Info" title="Specify the proxy server's hostname to use. If not specified, HTTP traffics are sent directly to the target NiFi instance."></div>
@@ -54,7 +66,7 @@
                     <span id="read-only-remote-process-group-proxy-host"></span>
                 </div>
             </div>
-            <div class="remote-process-group-proxy-port-setting">
+            <div class="remote-process-group-setting-right">
                 <div class="setting-name">
                     HTTP Proxy server port
                     <div class="fa fa-question-circle" alt="Info" title="Specify the proxy server's port number, optional. If not specified, default port 80 will be used."></div>
@@ -66,7 +78,7 @@
             <div class="clear"></div>
         </div>
         <div class="setting">
-            <div class="remote-process-group-proxy-user-setting">
+            <div class="remote-process-group-setting-left">
                 <div class="setting-name">
                     HTTP Proxy user
                     <div class="fa fa-question-circle" alt="Info" title="Specify an user name to connect to the proxy server, optional."></div>
@@ -75,7 +87,7 @@
                     <span id="read-only-remote-process-group-proxy-user"></span>
                 </div>
             </div>
-            <div class="remote-process-group-proxy-password-setting">
+            <div class="remote-process-group-setting-right">
                 <div class="setting-name">
                     HTTP Proxy password
                     <div class="fa fa-question-circle" alt="Info" title="Specify an user password to connect to the proxy server, optional."></div>
@@ -87,7 +99,7 @@
             <div class="clear"></div>
         </div>
         <div class="setting">
-            <div class="remote-process-group-timeout-setting">
+            <div class="remote-process-group-setting-left">
                 <div class="setting-name">
                     Communications timeout
                     <div class="fa fa-question-circle" alt="Info" title="When communication with this remote process group takes longer than this amount of time, it will timeout."></div>
@@ -96,7 +108,7 @@
                     <span id="read-only-remote-process-group-timeout"></span>
                 </div>
             </div>
-            <div class="remote-process-group-yield-duration-setting">
+            <div class="remote-process-group-setting-right">
                 <div class="setting-name">
                     Yield duration
                     <div class="fa fa-question-circle" alt="Info" title="When communication with this remote process group fails, it will not be scheduled again until this amount of time elapses."></div>
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/css/dialog.css b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/css/dialog.css
index 40a520f013f7..4aaa25360c62 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/css/dialog.css
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/css/dialog.css
@@ -18,10 +18,6 @@
     Specific dialog settings.
 */
 
-#new-remote-process-group-transport-protocol-combo {
-    width: 160px;
-}
-
 #fill-color-dialog {
     display: none;
     width: 240px;
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/css/remote-process-group-configuration.css b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/css/remote-process-group-configuration.css
index cc235b64ddc8..58dcfcd005b6 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/css/remote-process-group-configuration.css
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/css/remote-process-group-configuration.css
@@ -49,22 +49,13 @@
     display: none;
 }
 
-#remote-process-group-transport-protocol-combo {
-    width: 160px;
-}
-
-div.remote-process-group-timeout-setting, div.remote-process-group-yield-duration-setting,
-div.remote-process-group-proxy-host-setting, div.remote-process-group-proxy-port-setting,
-div.remote-process-group-proxy-user-setting, div.remote-process-group-proxy-password-setting {
+div.remote-process-group-setting-left, div.remote-process-group-setting-right {
     float: left;
     width: 49%;
 }
 
-div.remote-process-group-yield-duration-setting,
-div.remote-process-group-proxy-port-setting,
-div.remote-process-group-proxy-password-setting {
+div.remote-process-group-setting-right {
     margin-left: 2%;
-    width: 49%;
 }
 
 /* remote process group port configuration */
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/nf/canvas/header/components/nf-ng-remote-process-group-component.js b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/nf/canvas/header/components/nf-ng-remote-process-group-component.js
index 5e6e116a0088..08f1b1a216da 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/nf/canvas/header/components/nf-ng-remote-process-group-component.js
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/nf/canvas/header/components/nf-ng-remote-process-group-component.js
@@ -78,6 +78,7 @@
                     'communicationsTimeout': $('#new-remote-process-group-timeout').val(),
                     'yieldDuration': $('#new-remote-process-group-yield-duration').val(),
                     'transportProtocol': $('#new-remote-process-group-transport-protocol-combo').combo('getSelectedOption').value,
+                    'localNetworkInterface': $('#new-remote-process-group-local-network-interface').val(),
                     'proxyHost': $('#new-remote-process-group-proxy-host').val(),
                     'proxyPort': $('#new-remote-process-group-proxy-port').val(),
                     'proxyUser': $('#new-remote-process-group-proxy-user').val(),
@@ -155,6 +156,7 @@
                 init: function () {
                     var defaultTimeout = "30 sec";
                     var defaultYieldDuration = "10 sec";
+
                     // configure the new remote process group dialog
                     this.getElement().modal({
                         scrollableContentStyle: 'scrollable',
@@ -167,6 +169,7 @@
                                 $('#new-remote-process-group-transport-protocol-combo').combo('setSelectedOption', {
                                     value: 'RAW'
                                 });
+                                $('#new-remote-process-group-local-network-interface').val('');
                                 $('#new-remote-process-group-proxy-host').val('');
                                 $('#new-remote-process-group-proxy-port').val('');
                                 $('#new-remote-process-group-proxy-user').val('');
@@ -174,9 +177,11 @@
                             }
                         }
                     });
+
                     // set default values
                     $('#new-remote-process-group-timeout').val(defaultTimeout);
                     $('#new-remote-process-group-yield-duration').val(defaultYieldDuration);
+
                     // initialize the transport protocol combo
                     $('#new-remote-process-group-transport-protocol-combo').combo({
                         options: [{
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/nf/canvas/nf-remote-process-group-configuration.js b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/nf/canvas/nf-remote-process-group-configuration.js
index 06cf866af5bc..c616bc5571d3 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/nf/canvas/nf-remote-process-group-configuration.js
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/nf/canvas/nf-remote-process-group-configuration.js
@@ -150,6 +150,7 @@
                         $('#remote-process-group-transport-protocol-combo').combo('setSelectedOption', {
                             value: 'RAW'
                         });
+                        $('#remote-process-group-local-network-interface').val('');
                         $('#remote-process-group-proxy-host').val('');
                         $('#remote-process-group-proxy-port').val('');
                         $('#remote-process-group-proxy-user').val('');
@@ -191,6 +192,7 @@
                 $('#remote-process-group-proxy-port').val(selectionData.component.proxyPort);
                 $('#remote-process-group-proxy-user').val(selectionData.component.proxyUser);
                 $('#remote-process-group-proxy-password').val(selectionData.component.proxyPassword);
+                $('#remote-process-group-local-network-interface').val(selectionData.component.localNetworkInterface);
 
                 // select the appropriate transport-protocol
                 $('#remote-process-group-transport-protocol-combo').combo('setSelectedOption', {
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/nf/canvas/nf-remote-process-group-details.js b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/nf/canvas/nf-remote-process-group-details.js
index 7c6d66702495..6c613982d411 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/nf/canvas/nf-remote-process-group-details.js
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/nf/canvas/nf-remote-process-group-details.js
@@ -65,6 +65,7 @@
                         nfCommon.clearField('read-only-remote-process-group-timeout');
                         nfCommon.clearField('read-only-remote-process-group-yield-duration');
                         nfCommon.clearField('read-only-remote-process-group-transport-protocol');
+                        nfCommon.clearField('read-only-remote-process-group-local-network-interface');
                         nfCommon.clearField('read-only-remote-process-group-proxy-host');
                         nfCommon.clearField('read-only-remote-process-group-proxy-port');
                         nfCommon.clearField('read-only-remote-process-group-proxy-user');
@@ -91,6 +92,7 @@
                 nfCommon.populateField('read-only-remote-process-group-timeout', selectionData.component.communicationsTimeout);
                 nfCommon.populateField('read-only-remote-process-group-yield-duration', selectionData.component.yieldDuration);
                 nfCommon.populateField('read-only-remote-process-group-transport-protocol', selectionData.component.transportProtocol);
+                nfCommon.populateField('read-only-remote-process-group-local-network-interface', selectionData.component.localNetworkInterface);
                 nfCommon.populateField('read-only-remote-process-group-proxy-host', selectionData.component.proxyHost);
                 nfCommon.populateField('read-only-remote-process-group-proxy-port', selectionData.component.proxyPort);
                 nfCommon.populateField('read-only-remote-process-group-proxy-user', selectionData.component.proxyUser);
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/nf/canvas/nf-remote-process-group.js b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/nf/canvas/nf-remote-process-group.js
index 9842c71d335d..b91afd1e952d 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/nf/canvas/nf-remote-process-group.js
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/nf/canvas/nf-remote-process-group.js
@@ -667,6 +667,21 @@
         });
     };
 
+    var hasIssues = function (d) {
+        return !nfCommon.isEmpty(d.component.authorizationIssues) || !nfCommon.isEmpty(d.component.validationErrors);
+    };
+
+    var getIssues = function (d) {
+        var issues = [];
+        if (!nfCommon.isEmpty(d.component.authorizationIssues)) {
+            issues = issues.concat(d.component.authorizationIssues);
+        }
+        if (!nfCommon.isEmpty(d.component.validationErrors)) {
+            issues = issues.concat(d.component.validationErrors);
+        }
+        return issues;
+    };
+
     /**
      * Updates the process group status.
      *
@@ -723,7 +738,7 @@
             .text(function (d) {
                 var icon = '';
                 if (d.permissions.canRead) {
-                    if (!nfCommon.isEmpty(d.component.authorizationIssues)) {
+                    if (hasIssues(d)) {
                         icon = '\uf071';
                     } else if (d.component.transmitting === true) {
                         icon = '\uf140';
@@ -736,7 +751,7 @@
             .attr('font-family', function (d) {
                 var family = '';
                 if (d.permissions.canRead) {
-                    if (!nfCommon.isEmpty(d.component.authorizationIssues) || d.component.transmitting) {
+                    if (hasIssues(d) || d.component.transmitting) {
                         family = 'FontAwesome';
                     } else {
                         family = 'flowfont';
@@ -745,20 +760,20 @@
                 return family;
             })
             .classed('invalid', function (d) {
-                return d.permissions.canRead && !nfCommon.isEmpty(d.component.authorizationIssues);
+                return d.permissions.canRead && hasIssues(d);
             })
             .classed('transmitting', function (d) {
-                return d.permissions.canRead && nfCommon.isEmpty(d.component.authorizationIssues) && d.component.transmitting === true;
+                return d.permissions.canRead && !hasIssues(d) && d.component.transmitting === true;
             })
             .classed('not-transmitting', function (d) {
-                return d.permissions.canRead && nfCommon.isEmpty(d.component.authorizationIssues) && d.component.transmitting === false;
+                return d.permissions.canRead && !hasIssues(d) && d.component.transmitting === false;
             })
             .each(function (d) {
                 // get the tip
                 var tip = d3.select('#authorization-issues-' + d.id);
 
                 // if there are validation errors generate a tooltip
-                if (d.permissions.canRead && !nfCommon.isEmpty(d.component.authorizationIssues)) {
+                if (d.permissions.canRead && hasIssues(d)) {
                     // create the tip if necessary
                     if (tip.empty()) {
                         tip = d3.select('#remote-process-group-tooltips').append('div')
@@ -770,7 +785,7 @@
 
                     // update the tip
                     tip.html(function () {
-                        var list = nfCommon.formatUnorderedList(d.component.authorizationIssues);
+                        var list = nfCommon.formatUnorderedList(getIssues(d));
                         if (list === null || list.length === 0) {
                             return '';
                         } else {

From dbfe0598f3d205fd0e5751b4012efa1ddd27b9e9 Mon Sep 17 00:00:00 2001
From: Mark Payne <markap14@hotmail.com>
Date: Wed, 1 Mar 2017 15:15:31 -0500
Subject: [PATCH 3/5] NIFI-3541: Updated serializer / synchronizer /
 fingerprintfactory to account for local network interface

---
 .../io/socket/ssl/SSLSocketChannel.java       |  7 +++-
 .../client/socket/EndpointConnectionPool.java | 14 ++++++--
 .../remote/client/socket/SocketClient.java    |  2 +-
 .../RemoteProcessGroupEntityMerger.java       |  2 +-
 .../nifi/remote/protocol/ServerProtocol.java  |  4 +--
 .../controller/StandardFlowSynchronizer.java  |  7 ++++
 .../serialization/FlowFromDOMFactory.java     |  1 +
 .../serialization/StandardFlowSerializer.java |  5 ++-
 .../nifi/fingerprint/FingerprintFactory.java  |  1 +
 .../remote/StandardRemoteProcessGroup.java    | 35 ++++++++++---------
 .../src/main/resources/FlowConfiguration.xsd  |  1 +
 .../StandardHttpFlowFileServerProtocol.java   |  2 +-
 .../socket/SocketFlowFileServerProtocol.java  |  4 +--
 .../apache/nifi/web/api/dto/DtoFactory.java   | 25 +++++++------
 .../impl/StandardRemoteProcessGroupDAO.java   | 23 +++++++-----
 .../nf-remote-process-group-configuration.js  |  3 +-
 16 files changed, 86 insertions(+), 50 deletions(-)

diff --git a/nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/remote/io/socket/ssl/SSLSocketChannel.java b/nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/remote/io/socket/ssl/SSLSocketChannel.java
index 7a09f5f1c605..7e5b303260cd 100644
--- a/nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/remote/io/socket/ssl/SSLSocketChannel.java
+++ b/nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/remote/io/socket/ssl/SSLSocketChannel.java
@@ -18,6 +18,7 @@
 
 import java.io.Closeable;
 import java.io.IOException;
+import java.net.InetAddress;
 import java.net.InetSocketAddress;
 import java.net.Socket;
 import java.net.SocketAddress;
@@ -68,9 +69,13 @@ public class SSLSocketChannel implements Closeable {
     private boolean closed = false;
     private volatile boolean interrupted = false;
 
-    public SSLSocketChannel(final SSLContext sslContext, final String hostname, final int port, final boolean client) throws IOException {
+    public SSLSocketChannel(final SSLContext sslContext, final String hostname, final int port, final InetAddress localAddress, final boolean client) throws IOException {
         this.socketAddress = new InetSocketAddress(hostname, port);
         this.channel = SocketChannel.open();
+        if (localAddress != null) {
+            final SocketAddress localSocketAddress = new InetSocketAddress(localAddress, 0);
+            this.channel.bind(localSocketAddress);
+        }
         this.hostname = hostname;
         this.port = port;
         this.engine = sslContext.createSSLEngine();
diff --git a/nifi-commons/nifi-site-to-site-client/src/main/java/org/apache/nifi/remote/client/socket/EndpointConnectionPool.java b/nifi-commons/nifi-site-to-site-client/src/main/java/org/apache/nifi/remote/client/socket/EndpointConnectionPool.java
index 6f08f73f9808..926e4b4d759e 100644
--- a/nifi-commons/nifi-site-to-site-client/src/main/java/org/apache/nifi/remote/client/socket/EndpointConnectionPool.java
+++ b/nifi-commons/nifi-site-to-site-client/src/main/java/org/apache/nifi/remote/client/socket/EndpointConnectionPool.java
@@ -23,7 +23,9 @@
 import java.io.DataOutputStream;
 import java.io.File;
 import java.io.IOException;
+import java.net.InetAddress;
 import java.net.InetSocketAddress;
+import java.net.SocketAddress;
 import java.net.URI;
 import java.nio.channels.SocketChannel;
 import java.security.cert.CertificateException;
@@ -87,9 +89,11 @@ public class EndpointConnectionPool implements PeerStatusProvider {
 
     private final SiteInfoProvider siteInfoProvider;
     private final PeerSelector peerSelector;
+    private final InetAddress localAddress;
 
     public EndpointConnectionPool(final RemoteDestination remoteDestination, final int commsTimeoutMillis, final int idleExpirationMillis,
-            final SSLContext sslContext, final EventReporter eventReporter, final File persistenceFile, final SiteInfoProvider siteInfoProvider) {
+        final SSLContext sslContext, final EventReporter eventReporter, final File persistenceFile, final SiteInfoProvider siteInfoProvider,
+        final InetAddress localAddress) {
         Objects.requireNonNull(remoteDestination, "Remote Destination/Port Identifier cannot be null");
 
         this.remoteDestination = remoteDestination;
@@ -97,6 +101,7 @@ public EndpointConnectionPool(final RemoteDestination remoteDestination, final i
         this.eventReporter = eventReporter;
         this.commsTimeout = commsTimeoutMillis;
         this.idleExpirationMillis = idleExpirationMillis;
+        this.localAddress = localAddress;
 
         this.siteInfoProvider = siteInfoProvider;
 
@@ -440,7 +445,7 @@ private CommunicationsSession establishSiteToSiteConnection(final String hostnam
                             + " because it requires Secure Site-to-Site communications, but this instance is not configured for secure communications");
                 }
 
-                final SSLSocketChannel socketChannel = new SSLSocketChannel(sslContext, hostname, port, true);
+                final SSLSocketChannel socketChannel = new SSLSocketChannel(sslContext, hostname, port, localAddress, true);
                 socketChannel.connect();
 
                 commsSession = new SSLSocketChannelCommunicationsSession(socketChannel);
@@ -452,6 +457,11 @@ private CommunicationsSession establishSiteToSiteConnection(final String hostnam
                 }
             } else {
                 final SocketChannel socketChannel = SocketChannel.open();
+                if (localAddress != null) {
+                    final SocketAddress localSocketAddress = new InetSocketAddress(localAddress, 0);
+                    socketChannel.socket().bind(localSocketAddress);
+                }
+
                 socketChannel.socket().connect(new InetSocketAddress(hostname, port), commsTimeout);
                 socketChannel.socket().setSoTimeout(commsTimeout);
 
diff --git a/nifi-commons/nifi-site-to-site-client/src/main/java/org/apache/nifi/remote/client/socket/SocketClient.java b/nifi-commons/nifi-site-to-site-client/src/main/java/org/apache/nifi/remote/client/socket/SocketClient.java
index 1d3cce7d48ab..ba6839ce4366 100644
--- a/nifi-commons/nifi-site-to-site-client/src/main/java/org/apache/nifi/remote/client/socket/SocketClient.java
+++ b/nifi-commons/nifi-site-to-site-client/src/main/java/org/apache/nifi/remote/client/socket/SocketClient.java
@@ -52,7 +52,7 @@ public SocketClient(final SiteToSiteClientConfig config) {
                 commsTimeout,
                 (int) config.getIdleConnectionExpiration(TimeUnit.MILLISECONDS),
                 config.getSslContext(), config.getEventReporter(), config.getPeerPersistenceFile(),
-                siteInfoProvider
+                siteInfoProvider, config.getLocalAddress()
         );
 
         this.compress = config.isUseCompression();
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-cluster/src/main/java/org/apache/nifi/cluster/manager/RemoteProcessGroupEntityMerger.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-cluster/src/main/java/org/apache/nifi/cluster/manager/RemoteProcessGroupEntityMerger.java
index 69437deedacd..a426d939e1fc 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-cluster/src/main/java/org/apache/nifi/cluster/manager/RemoteProcessGroupEntityMerger.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-cluster/src/main/java/org/apache/nifi/cluster/manager/RemoteProcessGroupEntityMerger.java
@@ -33,7 +33,6 @@ public class RemoteProcessGroupEntityMerger implements ComponentEntityMerger<Rem
     public void merge(RemoteProcessGroupEntity clientEntity, Map<NodeIdentifier, RemoteProcessGroupEntity> entityMap) {
         ComponentEntityMerger.super.merge(clientEntity, entityMap);
         for (Map.Entry<NodeIdentifier, RemoteProcessGroupEntity> entry : entityMap.entrySet()) {
-            final NodeIdentifier nodeId = entry.getKey();
             final RemoteProcessGroupEntity entityStatus = entry.getValue();
             if (entityStatus != clientEntity) {
                 mergeStatus(clientEntity.getStatus(), clientEntity.getPermissions().getCanRead(), entry.getValue().getStatus(), entry.getValue().getPermissions().getCanRead(), entry.getKey());
@@ -47,6 +46,7 @@ public void merge(RemoteProcessGroupEntity clientEntity, Map<NodeIdentifier, Rem
      * @param clientEntity the entity being returned to the client
      * @param entityMap all node responses
      */
+    @Override
     public void mergeComponents(final RemoteProcessGroupEntity clientEntity, final Map<NodeIdentifier, RemoteProcessGroupEntity> entityMap) {
         final RemoteProcessGroupDTO clientDto = clientEntity.getComponent();
         final Map<NodeIdentifier, RemoteProcessGroupDTO> dtoMap = new HashMap<>();
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core-api/src/main/java/org/apache/nifi/remote/protocol/ServerProtocol.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core-api/src/main/java/org/apache/nifi/remote/protocol/ServerProtocol.java
index 43660688c722..69ae396c8d4d 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core-api/src/main/java/org/apache/nifi/remote/protocol/ServerProtocol.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core-api/src/main/java/org/apache/nifi/remote/protocol/ServerProtocol.java
@@ -145,8 +145,8 @@ void sendPeerList(
             Peer peer,
             Optional<ClusterNodeInformation> clusterNodeInfo,
             String remoteInputHost,
-            int remoteInputPort,
-            int remoteInputHttpPort,
+            Integer remoteInputPort,
+            Integer remoteInputHttpPort,
             boolean isSiteToSiteSecure) throws IOException;
 
     void shutdown(Peer peer);
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/controller/StandardFlowSynchronizer.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/controller/StandardFlowSynchronizer.java
index d8654756a582..db9e68b821a4 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/controller/StandardFlowSynchronizer.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/controller/StandardFlowSynchronizer.java
@@ -45,6 +45,7 @@
 import javax.xml.validation.SchemaFactory;
 
 import org.apache.commons.collections4.CollectionUtils;
+import org.apache.commons.lang3.StringUtils;
 import org.apache.nifi.authorization.AbstractPolicyBasedAuthorizer;
 import org.apache.nifi.authorization.Authorizer;
 import org.apache.nifi.cluster.protocol.DataFlow;
@@ -1126,6 +1127,12 @@ private ProcessGroup addProcessGroup(final FlowController controller, final Proc
                 remoteGroup.setProxyPassword(remoteGroupDto.getProxyPassword());
             }
 
+            if (StringUtils.isBlank(remoteGroupDto.getLocalNetworkInterface())) {
+                remoteGroup.setNetworkInterface(null);
+            } else {
+                remoteGroup.setNetworkInterface(remoteGroupDto.getLocalNetworkInterface());
+            }
+
             final Set<RemoteProcessGroupPortDescriptor> inputPorts = new HashSet<>();
             for (final Element portElement : getChildrenByTagName(remoteProcessGroupElement, "inputPort")) {
                 inputPorts.add(FlowFromDOMFactory.getRemoteProcessGroupPort(portElement));
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/controller/serialization/FlowFromDOMFactory.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/controller/serialization/FlowFromDOMFactory.java
index 6c39f167cbcc..f8d38bc81546 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/controller/serialization/FlowFromDOMFactory.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/controller/serialization/FlowFromDOMFactory.java
@@ -262,6 +262,7 @@ public static RemoteProcessGroupDTO getRemoteProcessGroup(final Element element,
         dto.setProxyHost(getString(element, "proxyHost"));
         dto.setProxyPort(getOptionalInt(element, "proxyPort"));
         dto.setProxyUser(getString(element, "proxyUser"));
+        dto.setLocalNetworkInterface(getString(element, "networkInterface"));
 
         final String rawPassword = getString(element, "proxyPassword");
         final String proxyPassword = encryptor == null ? rawPassword : decrypt(rawPassword, encryptor);
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/controller/serialization/StandardFlowSerializer.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/controller/serialization/StandardFlowSerializer.java
index b8936ba1c3e2..f6e3d2b2881c 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/controller/serialization/StandardFlowSerializer.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/controller/serialization/StandardFlowSerializer.java
@@ -69,7 +69,7 @@
  */
 public class StandardFlowSerializer implements FlowSerializer {
 
-    private static final String MAX_ENCODING_VERSION = "1.0";
+    private static final String MAX_ENCODING_VERSION = "1.1";
 
     private final StringEncryptor encryptor;
 
@@ -261,6 +261,9 @@ private void addRemoteProcessGroup(final Element parentElement, final RemoteProc
             final String value = ENC_PREFIX + encryptor.encrypt(remoteRef.getProxyPassword()) + ENC_SUFFIX;
             addTextElement(element, "proxyPassword", value);
         }
+        if (remoteRef.getNetworkInterface() != null) {
+            addTextElement(element, "networkInterface", remoteRef.getNetworkInterface());
+        }
 
         for (final RemoteGroupPort port : remoteRef.getInputPorts()) {
             if (port.hasIncomingConnection()) {
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/fingerprint/FingerprintFactory.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/fingerprint/FingerprintFactory.java
index 3634850b3b31..3679b9819f72 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/fingerprint/FingerprintFactory.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/fingerprint/FingerprintFactory.java
@@ -679,6 +679,7 @@ private StringBuilder addLabelFingerprint(final StringBuilder builder, final Lab
     private StringBuilder addRemoteProcessGroupFingerprint(final StringBuilder builder, final Element remoteProcessGroupElem) throws FingerprintException {
         appendFirstValue(builder, DomUtils.getChildNodesByTagName(remoteProcessGroupElem, "id"));
         appendFirstValue(builder, DomUtils.getChildNodesByTagName(remoteProcessGroupElem, "url"));
+        appendFirstValue(builder, DomUtils.getChildNodesByTagName(remoteProcessGroupElem, "networkInterface"));
 
         final NodeList inputPortList = DomUtils.getChildNodesByTagName(remoteProcessGroupElem, "inputPort");
         final NodeList outputPortList = DomUtils.getChildNodesByTagName(remoteProcessGroupElem, "outputPort");
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/remote/StandardRemoteProcessGroup.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/remote/StandardRemoteProcessGroup.java
index 67c8f11839f2..286b2dcef167 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/remote/StandardRemoteProcessGroup.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/remote/StandardRemoteProcessGroup.java
@@ -879,30 +879,33 @@ public void setNetworkInterface(final String interfaceName) {
         writeLock.lock();
         try {
             this.networkInterfaceName = interfaceName;
+            if (interfaceName == null) {
+                this.nicValidationResult = null;
+            } else {
+                try {
+                    final Enumeration<InetAddress> inetAddresses = NetworkInterface.getByName(interfaceName).getInetAddresses();
 
-            try {
-                final Enumeration<InetAddress> inetAddresses = NetworkInterface.getByName(interfaceName).getInetAddresses();
-
-                if (inetAddresses.hasMoreElements()) {
-                    this.localAddress = inetAddresses.nextElement();
-                    this.nicValidationResult = null;
-                } else {
+                    if (inetAddresses.hasMoreElements()) {
+                        this.localAddress = inetAddresses.nextElement();
+                        this.nicValidationResult = null;
+                    } else {
+                        this.localAddress = null;
+                        this.nicValidationResult = new ValidationResult.Builder()
+                            .input(interfaceName)
+                            .subject("Network Interface Name")
+                            .valid(false)
+                            .explanation("No IP Address could be found that is bound to the interface with name " + interfaceName)
+                            .build();
+                    }
+                } catch (final Exception e) {
                     this.localAddress = null;
                     this.nicValidationResult = new ValidationResult.Builder()
                         .input(interfaceName)
                         .subject("Network Interface Name")
                         .valid(false)
-                        .explanation("No IP Address could be found that is bound to the interface with name " + interfaceName)
+                        .explanation("Could not obtain Network Interface with name " + interfaceName)
                         .build();
                 }
-            } catch (final Exception e) {
-                this.localAddress = null;
-                this.nicValidationResult = new ValidationResult.Builder()
-                    .input(interfaceName)
-                    .subject("Network Interface Name")
-                    .valid(false)
-                    .explanation("Could not obtain Network Interface with name " + interfaceName)
-                    .build();
             }
         } finally {
             writeLock.unlock();
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/resources/FlowConfiguration.xsd b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/resources/FlowConfiguration.xsd
index 4607320270dd..02a9ca51d598 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/resources/FlowConfiguration.xsd
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/resources/FlowConfiguration.xsd
@@ -205,6 +205,7 @@
             <xs:element name="proxyPort" type="xs:int" minOccurs="0" maxOccurs="1" />
             <xs:element name="proxyUser" type="xs:string" minOccurs="0" maxOccurs="1" />
             <xs:element name="proxyPassword" type="xs:string" minOccurs="0" maxOccurs="1" />
+            <xs:element name="networkInterface" type="xs:string" minOccurs="0" maxOccurs="1" />
 
             <!-- The input ports and output ports of the remote group may change without our knowledge; however,
             they are persisted here because on a restart of NiFi, we need to have the Input & Output Ports' IDs
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-site-to-site/src/main/java/org/apache/nifi/remote/protocol/http/StandardHttpFlowFileServerProtocol.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-site-to-site/src/main/java/org/apache/nifi/remote/protocol/http/StandardHttpFlowFileServerProtocol.java
index a35b1600215f..57bebda678f9 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-site-to-site/src/main/java/org/apache/nifi/remote/protocol/http/StandardHttpFlowFileServerProtocol.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-site-to-site/src/main/java/org/apache/nifi/remote/protocol/http/StandardHttpFlowFileServerProtocol.java
@@ -228,7 +228,7 @@ public VersionNegotiator getVersionNegotiator() {
     }
 
     @Override
-    public void sendPeerList(Peer peer, Optional<ClusterNodeInformation> clusterNodeInfo, String remoteInputHost, int remoteInputPort, int remoteInputHttpPort,
+    public void sendPeerList(Peer peer, Optional<ClusterNodeInformation> clusterNodeInfo, String remoteInputHost, Integer remoteInputPort, Integer remoteInputHttpPort,
                              boolean isSiteToSiteSecure) throws IOException {
     }
 
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-site-to-site/src/main/java/org/apache/nifi/remote/protocol/socket/SocketFlowFileServerProtocol.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-site-to-site/src/main/java/org/apache/nifi/remote/protocol/socket/SocketFlowFileServerProtocol.java
index b67276ee6eea..6c22ac79ae12 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-site-to-site/src/main/java/org/apache/nifi/remote/protocol/socket/SocketFlowFileServerProtocol.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-site-to-site/src/main/java/org/apache/nifi/remote/protocol/socket/SocketFlowFileServerProtocol.java
@@ -156,8 +156,8 @@ public void sendPeerList(
             final Peer peer,
             final Optional<ClusterNodeInformation> clusterNodeInfo,
             final String remoteInputHost,
-            final int remoteInputPort,
-            final int remoteInputHttpPort,
+        final Integer remoteInputPort,
+        final Integer remoteInputHttpPort,
             final boolean isSiteToSiteSecure) throws IOException {
         if (!handshakeCompleted) {
             throw new IllegalStateException("Handshake has not been completed");
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/dto/DtoFactory.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/dto/DtoFactory.java
index f74840ca9f83..f5c1b8855b47 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/dto/DtoFactory.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/dto/DtoFactory.java
@@ -18,6 +18,7 @@
 
 import java.text.Collator;
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.Comparator;
@@ -1550,22 +1551,20 @@ public RemoteProcessGroupDTO createRemoteProcessGroupDto(final RemoteProcessGrou
         }
 
         if (group.getAuthorizationIssue() != null) {
-            final List<String> authIssues = new ArrayList<>();
-            final String authIssue = group.getAuthorizationIssue();
-            if (authIssue != null) {
-                authIssues.add(authIssue);
-            }
+            dto.setAuthorizationIssues(Arrays.asList(group.getAuthorizationIssue()));
+        }
 
-            final Collection<ValidationResult> validationResults = group.validate();
-            validationResults.stream()
-                .filter(result -> !result.isValid())
-                .map(result -> result.toString())
-                .forEach(str -> authIssues.add(str));
+        final Collection<ValidationResult> validationErrors = group.validate();
+        if (validationErrors != null && !validationErrors.isEmpty()) {
+            final List<String> errors = new ArrayList<>();
+            for (final ValidationResult validationResult : validationErrors) {
+                errors.add(validationResult.toString());
+            }
 
-            dto.setAuthorizationIssues(authIssues);
+            dto.setValidationErrors(errors);
         }
-        // TODO - set validation errors
-        // TODO - set local network interface
+
+        dto.setLocalNetworkInterface(group.getNetworkInterface());
 
         dto.setActiveRemoteInputPortCount(activeRemoteInputPortCount);
         dto.setInactiveRemoteInputPortCount(inactiveRemoteInputPortCount);
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/dao/impl/StandardRemoteProcessGroupDAO.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/dao/impl/StandardRemoteProcessGroupDAO.java
index 52bbde51794d..a93c41084fc5 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/dao/impl/StandardRemoteProcessGroupDAO.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/dao/impl/StandardRemoteProcessGroupDAO.java
@@ -16,6 +16,14 @@
  */
 package org.apache.nifi.web.dao.impl;
 
+import static org.apache.nifi.util.StringUtils.isEmpty;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Set;
+import java.util.regex.Matcher;
+
+import org.apache.commons.lang3.StringUtils;
 import org.apache.nifi.connectable.Position;
 import org.apache.nifi.controller.FlowController;
 import org.apache.nifi.controller.exception.ValidationException;
@@ -32,13 +40,6 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Set;
-import java.util.regex.Matcher;
-
-import static org.apache.nifi.util.StringUtils.isEmpty;
-
 public class StandardRemoteProcessGroupDAO extends ComponentDAO implements RemoteProcessGroupDAO {
 
     private static final Logger logger = LoggerFactory.getLogger(StandardRemoteProcessGroupDAO.class);
@@ -393,8 +394,12 @@ private RemoteProcessGroup updateRemoteProcessGroup(RemoteProcessGroup remotePro
                 remoteProcessGroup.setProxyPassword(proxyPassword);
             }
         }
-        if (isNotNull(localNetworkInterface)) {
-            // TODO - update the local network interface
+        if (localNetworkInterface != null) {
+            if (StringUtils.isBlank(localNetworkInterface)) {
+                remoteProcessGroup.setNetworkInterface(null);
+            } else {
+                remoteProcessGroup.setNetworkInterface(localNetworkInterface);
+            }
         }
 
         final Boolean isTransmitting = remoteProcessGroupDTO.isTransmitting();
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/nf/canvas/nf-remote-process-group-configuration.js b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/nf/canvas/nf-remote-process-group-configuration.js
index c616bc5571d3..271271319774 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/nf/canvas/nf-remote-process-group-configuration.js
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/nf/canvas/nf-remote-process-group-configuration.js
@@ -84,7 +84,8 @@
                                     proxyHost: $('#remote-process-group-proxy-host').val(),
                                     proxyPort: $('#remote-process-group-proxy-port').val(),
                                     proxyUser: $('#remote-process-group-proxy-user').val(),
-                                    proxyPassword: $('#remote-process-group-proxy-password').val()
+                                    proxyPassword: $('#remote-process-group-proxy-password').val(),
+                                    localNetworkInterface: $('#remote-process-group-local-network-interface').val()
                                 }
                             };
 

From 38874aab4953c0a70b0041d46c525a3443cceb49 Mon Sep 17 00:00:00 2001
From: Mark Payne <markap14@hotmail.com>
Date: Thu, 2 Mar 2017 10:04:22 -0500
Subject: [PATCH 4/5] NIFI-3541: Forgot to add SSLCommsSession.java to previous
 commit

---
 .../apache/nifi/distributed/cache/client/SSLCommsSession.java   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nifi-nar-bundles/nifi-standard-services/nifi-distributed-cache-services-bundle/nifi-distributed-cache-client-service/src/main/java/org/apache/nifi/distributed/cache/client/SSLCommsSession.java b/nifi-nar-bundles/nifi-standard-services/nifi-distributed-cache-services-bundle/nifi-distributed-cache-client-service/src/main/java/org/apache/nifi/distributed/cache/client/SSLCommsSession.java
index 7576c5f4e43c..7808d214588d 100644
--- a/nifi-nar-bundles/nifi-standard-services/nifi-distributed-cache-services-bundle/nifi-distributed-cache-client-service/src/main/java/org/apache/nifi/distributed/cache/client/SSLCommsSession.java
+++ b/nifi-nar-bundles/nifi-standard-services/nifi-distributed-cache-services-bundle/nifi-distributed-cache-client-service/src/main/java/org/apache/nifi/distributed/cache/client/SSLCommsSession.java
@@ -45,7 +45,7 @@ public class SSLCommsSession implements CommsSession {
     private int protocolVersion;
 
     public SSLCommsSession(final SSLContext sslContext, final String hostname, final int port) throws IOException {
-        sslSocketChannel = new SSLSocketChannel(sslContext, hostname, port, true);
+        sslSocketChannel = new SSLSocketChannel(sslContext, hostname, port, null, true);
 
         in = new SSLSocketChannelInputStream(sslSocketChannel);
         bufferedIn = new BufferedInputStream(in);

From 83e111ece8538ba2defdc869eb15539c93a8ad46 Mon Sep 17 00:00:00 2001
From: Mark Payne <markap14@hotmail.com>
Date: Mon, 6 Mar 2017 10:32:17 -0500
Subject: [PATCH 5/5] NIFI-3541: Updated User Guide to explain the Local
 Network Interface property for Remote Process Groups and updated the
 associated screenshot

---
 .../images/configure-remote-process-group.png | Bin 49004 -> 52661 bytes
 nifi-docs/src/main/asciidoc/user-guide.adoc   |  14 ++++++++++----
 2 files changed, 10 insertions(+), 4 deletions(-)
 mode change 100755 => 100644 nifi-docs/src/main/asciidoc/images/configure-remote-process-group.png

diff --git a/nifi-docs/src/main/asciidoc/images/configure-remote-process-group.png b/nifi-docs/src/main/asciidoc/images/configure-remote-process-group.png
old mode 100755
new mode 100644
index 9a13c2708b7c9770362ce28d5b88137966400aa0..a1477da231f4dbd1d478b811374b73c851eb583e
GIT binary patch
literal 52661
zcmcG#1yEeg_UMbdCc$lR65QS02?_2V+}&M+djbT4y98%&cSvw|XK<H0`OZ1t7ta6Q
zs{87_M{TNR_U>N2)@s?keyb;3NkI}72_Fdp0s>W9N=z970_qn0&x`;EzB2<~kPQKW
z)NC#)sw6Ec3Q%&eH8r;~fq;+-PfCGT`ml%H*XC)<gGi6T6SSNwo1zO%BL)8+Q5qpT
zC^jGh71JJeCLjzU8A~IArU6?B8w<0i4&ka55b0OVfNfRSg3Q<HX}di7<vQz@s_iTH
z_2yT`70&ZEh}h6HC}AEtbRjrBIu!Ji{J!3vpQn!yPzV4BWFh@(F{p~lN{o~GJ3I6d
z3FigF;^~#0N42+=++^4gO1Oj4R+zNVTOW4!O%a0(A!5DQ%G*TfQr9&TlY%}4($vc{
zyM}n?bD4)cr;diBTnpd6hJay7c)JND)ceiegCjC>nv~$1)ri^o4UJ^Z;i!y3^?L?k
zcU=jI?Kkz`t>P~jog1E2S*0}-1~z5fO_R+rz1+!!c^s#n8;PE^@b=>8R>nnfxW#dC
zqkZtRJypLX<I$P;Oy-PhY*!VW7jTQe!et+#i&K1{t4V9^sG*aNJWDspw>#FzOvU6L
z>KwK+_m1vo6w%D;LWsMHZIv1v;PdUJ+sPH{9d_Vg^q8QFoFog_aq!Bu&!*6xcdQ=Q
z<1q^PRL+U*SPpM5W4x+uTQx~MOQ<Jk{*{Ds1Sbrb#}2z^FzKb>;m5`>7#%A>D}g>s
zSHKe3xxF7GeGM-b@CE?s)ec7pfRP5g&V^?F2Cdf)O$HEZV}|tL>;9UwUPS7}0$UQq
zXA_Zn9K1}1meFCRG5UQ$bAbzr$(h>h>CE-VUNhW8`AARoJft0iSm0tK?gtV-Rz`?#
zKB<v=ZQ?OQXb_`Ul@y(aX|unoVAX}79E1=HA+5im%Z+Q<A`|-2p1}A35Q1_Ny8TW3
zf=3hl6{?|1Aqj*aX`p!9ZIsZ^0=m9o6GBr9v3`QaX*aPWy6|gWW!{AjT*bnLCTWL(
z5q1lMdQZwO1<w*ROsdt7=n(qw4TFX-BJdR{Lw6{}IQ}Q{k1$xGTjQjKXm_wY&^mtQ
zBEWIcLK1xcWf47n7^*IrN^C0_tqz4s96}VyPFVwnudqAqw<jD8DCI#ho$@EJH#}ZA
z$ANks8wf(i82CAn>Hvi>^j8tx<O5+C8li8<@}wvy{eF<?^jqhm<B1Cx+2OtmiLPpI
zFoa@$kBd!(T!U7F^&z^bhs}V8xt{qkm3i2e4z?tmy{}0hZ&sZSrx{AikG@CMNYRMV
z0AvVXMPkQAh-wz)*bTeBZdcSW)lk;(*dU?JTaLr&N6@!%YT@SCLLl&FtUK})_6B(K
z{pS2e>qhv2IsipDRA2Uly8HD_5TD4~HH0<7HEe@0CgDVC{8u_**<u{_SoXYC5wkKa
z(u5QWv2Ub$DL9oW-X{I<|0rPr&>`a|1t!GBO(fVSYtVHi3?#ix;AU_X&)3^#)rhl_
zxFV&FrQEdM#CPDmCA}pI7GchDQ(k{-ILIMGv_-asx0OJrGOe6UI+U!#s71O!;VFAn
zOZa|NX;juGO*>k<Xi>WHi^KObF?Vuz68HQEo?E0_*0bxaKCD6{4y0@(JR~iwXc}!5
zT-9z`{I_>+tFg|p&}nr)5`H85=v|DSB)%k7mZO`4_HHdPDhXGnNJd<yFR>}9HxVmo
zhgOod;$yjzK*^${=qCv_IQopb43_|xm@9E{*&f;8@73aY!duCMk}9YwiYn0-*%sgT
zb*30CoY)0x*=jQ^Ml2MknD<ThBd62~NtD`h1&XtC*NQtPX?}5KpGv)+X8VaUqh02%
zejc*jkX)zgmn>viF)d#9-a5Umz@^wF{EGVslc+el8BMW3Y^P;ZwuxmaGE;%^yX$11
z6T36CGi6h#Q?oPmMbu@^#n}b^W#)duMaD(KrR)XoMIVY23O0Tzb0Mdju@svViyZT!
z(X7eMME@*J@28sgH4~Lp#mrq?eGSVu;fOumT@*vPlbg|RM}G~ljX1TL$KY9++9n&S
z8o2x<<Zxx$Nds|$GD0(U_+kVr9G1P2tAkU->%@WLZImM{-7I6(b7!?l{wgg~3MC9B
zpy{jWy=j%{80$CI0aj;Ln%2wn>2uXqv{s<m_lFNh(+jn;z%*NdEY|1t2l%Ux_rX_R
zj(88-xVd-`i0}y|2vG@N6J2vJyDB>%InM7p_23;G9<?ktj@;Hn21d?q1r6zyW0#wk
zOKOMW;4-e#6>2iA=I``6@orA<D7Y#*Jr4lKL}vo`-tV0*eppF3(m3MYG}%wucm8!y
zTVGp0e*fcIk_0EKR^X^L%+}8~+qOO{M=w#YafQ{F-?!Ws_^j^d-M;U4C1j;<w>sK>
zk3tU@`MwVq*#Sk9;1`}8S~LO!x(~4-HW`Y!4gw>JW`pHgf_O;eO=P;LFb%nr+U`%L
zjmpwWJ)8~fQ2KK92eL&fFL^gL7<NPV?zk}YxaGJ7auUfjG3gwhoUNSKIR`m{y*IsY
z`Yw7jd&)lpi3^DPA}z!F`Xu|*`eGPQwW>V_^aH#_ggb$Gy|QWyz$Q6wjl1fap{-=r
zlq|V!s$L3W>4!lS6IGVJ1YGI+_+E8^QvOmkD@7MX&!COox7#R`&6GIQ=#EPb%?;#l
ziQneE{mw_C%MFsZ(BJR)6=R-l&TgKt$GrC$FDR-ziq%Wp2fvN=1FxfrX+^uX5@2`8
zVPHOkoeBk8H4-qP{6110kzJ6Jf+}7<{>ke4Fyc^=Hb?ENc2Q+~+gb0s8Wk;7)UBJH
zhZg*r^x7t)&&TPgmUlBAW&A(TG*f<*8v&p09xekLAscH6qzEQC9+J&6)V^N(7!CJM
zdzC#bKKRQ+e%VJhMh=3#=4`eRxPjh=Uq)ZjI;=ZfIs?Y)xRv!c75>;gP@SH(6r6uh
zzuMTW+q7O<AgUvo^<U^%v9~Sg8=W@{UjMr8uY>H$o-{6tB)bgKZN0bHdzcLLl=7tT
zyc-l5)V#t!T&lXZbeFkZLIOqfdZ*vl9o{!&0iUNK$DmQ+YtgWY9?o8a3gAPb(AZV*
zRg#H&iADt;a^5u+AD9(n9TZQML>9MAomk#kbXoEq5FYGDe<GgKMW2z~myD(&JmTK=
zEY0i4SyLh}tJ>w_V&Hx{OX=1-&Oi{Du%FyB?t0tx;a=f`A`XYJd`Wt5`iJy;&2>$W
zF_?_KPtMl-k0o0b?AA@zSY}CMHiD8oDZVymUZc0CF2eV_u*bpv(OX0@jJ>)oKN}lr
z?v+pSXj2{;^$ySWd3<}0WENCXO3cc+bu3$t?SOkBkDq_G%{{v`Eo3+E<!_866YpeB
zFT(<NY}^-{>=v%Cws@m>XFv>13!aSo%YpZZ*Z0JgBq)M%zBk+NufB)(H7ZsrB4rH<
z(tGFMmY%u(Tp_q8yc@l`zglr4K7BZauw0!Y$q{Tt+iv^TLPIo(S4>bxWJ7RDvgh8o
zxwT5$Q4&58Ac*y}cs;*)S=7e&+{BE{%W)%dV|sQp?P>wCSRV6TVJ7ByIuz{<4UY-V
z`Xw;s<8rrnNx3~V-W^eKQ(>|q*H-I;{`6$bV&tIQ{)VNX3?hJmiyP0co*hDIT?yoO
zXAyrGWtNG}wsBs7_&_vvvv1A~p|pW0^pOFAv`~`UkD+T3&z9dLjf@}C%8Xj)Igw^=
z)FmGq&pC5eF(Co;1ERei>O`K4o4d-_;Y<r_{!kQRzQ(lWF41n6K(4AP9WHZn!6FIy
zN%R?_t`$kyur?nLyr+dR|ETVyE-%MpWNXb}U~Fq>!r*3Y2j1pFK=8TofInKBI2i!k
ztgUPudEEHP{wl!({`~tkBN^bYB2Je4Wa{!t08v{96978{8v_%W01^NI;BzoG<xv)s
z_;+>iH-55DPEK|_jEt_Xt_-fM47LttjLh8J+>A^tj4Ukl;1cwX?lw*aZuB;e<o^=#
zA30(sjz$jVc24HDHh|x94Ge9ao%qSfemC^@-@o)UaWns?B^$?on*}zI@%Ix(W(Fq4
z|6MgFbJPDrwck(vRqZdk{?#1cZ(%%2=58id8e-<wCN_>>)dbi%nEC!{=6^i-N6|lO
zs{d1y^JUFHp8Qesw<bJ_4(29cC;fJX0JydPaqr*d`51ru=?}mCt5g2E3+@#GBtFK!
zdsqO;$(3RZ0zwEvT1@z(8{}aIyxT|d>t6KOpk+kLi)BwnGL;CaDy43QT{Fp^=oONx
z$aOQd^nd`JT(v#m^|B|3-Ty=oByGABBwyVQC*n4CPSNZMT728q*nB^l##-}MclReK
zXI#n;=Fcl0)<2>LS$5EP;uS~0izia;2w(YKqsg+ap%7ys{<$cqp*n<x-`oxqiOyla
z0zm$Ag|*oElV#OI{!<oQ4_q9F<}BfZYc)NE5Y#^xz+tV^-Q&!i{7>1jLJnj?iarke
z@^!&4lu3jzI&&v@S(Js`?sQ!|<ba|^z{K%Sn`|7Q;^N}o+;ZOXw{Iu>sX8ar#U^z<
zv5Du4;x14)SVDteh@ch}|4>i}YTz@3xR1lZ`?}CSbXm=(7K-!zxdH|Ar!}#Q2ulAO
z$rey+n3z!mZABmmj?6!V0Ol|e5Yh7c6<vUXaB+WVxOf4BTkiOODcu8#^K-vqwob;o
zDfyp^U!HoYApYr$hBQPNoycBzcv$HWC-cqS(}V!M)uv?CypPQ0>SY0&!^s)}%6ah#
z1!Mi&I-Vvcg}&wPI^`zK8rX>4;t<fwbZIR8d#pQ~U&~ty{??E}5GwrLnPn0q<t1%O
zf)dv3+Yh<1H9MUqJ5Qo4&JzwAH71fdKTF@&1vxd8`9wLe<jT@EIvO_{z&?FA(vpsA
zX*BwQ$T&)~(AB5VAMgCdc)EJ(6|wzOJe%|$1e|sQHPdb+m#?!keX?K-pZ)cbz!%r`
zUwCuAn}x&b)iSD9i~Fo2BMwY#mZs)2m34216J#fYU<mHXJ;wCMc|E3~xP8tpMgjtk
zDE>7n{f!j?Do3Veo^VY`Z$IQG!fUZ}p!4wEVD2!cj?0vFlBr$ML4iD)*osV!rZfB*
zcqDwTmzJd_3*^ZQMl)H*9#=l>40cWteEfCDEKEp#ih4%&9Zk8~SjzTDB#Cr;Os@e@
z^dVF#|6(s!tfNIaM@U!Whv|1Q-InQdswYveAJ(jUv!$&cX>|MHD4+D)%?A_TevnR%
z+M|?AmgBGsi;7}nz`4M@)~J)i%Tpd88>Bl0HOgA1utg`*YAO*o*EDVpCQq6EKqC<(
z#f30YiScRG=7xbj1BOQT`;+&@O9X2m|EI(KX{lo0%2!fEP(M$<+sgH-5}{)08`l1o
zd5`75tZ6r0rY>=8^-*&FBOSf3VuoW+lH#ri3Y&<^MMrYk%3&Hem-BXMcv?`oV(|_&
zqdHZA^SFazf`@9)m=Ced(LiZun?dcFL*(e!H~mEKriQRnxQAw_rc7ae=)%VkCy+=e
z#6KT+R2UD&DyZ7bQw6dSA}33lS!@0(qcVwn6YG&QI5_G2#boH%8<JkI$SlO)MlxeU
zrp$BunA=TV<B?n+t_x6T*=*`DwwWm6?l8DNvXJ26s4n;)>mUUYV6-<yl@?V?BCvoT
zMJ4m;w28mtpX7>e_SMNyMo2Bmn8+mxciXHq>q#hNG4?5BR_87qTN@Eewaoh7q(-H4
z>&-7~%0_Gsk@qQPB-_{E44k2A(OK8B^yCRooyCiE3F~7;;3Rh%G#)lyx3y7?)hWTc
zqAZX0vcE&@#IHM=qxO|cr$n!{AuDof_xmyDJnjb>RRh^Y-H)kb=BI(I4K3<@k4j)W
zM$%jp>@o9m{v15B20sy<EH34ii%ICd33J3XWiMTts~Kdr?!(8@Fsh|bA?OTn=o`@}
z4J=?$U8y9TqxZdL47`%HJegD?39>j;t%5g2nDPU<tz-<+zPro}lr%2B(ki)Qr|>OT
zdL4pWYQ5qrq&ZVj6wvrBS1wItyG)z$^)|y5%BmeZoSMAF$3zElWa;SAG^<`1R*sEr
zy7+UR?}2GyeIN^iW#`<nWbW@yZO;k>v4CNOWF;N?xU6S@MV}=v>6t-r?PG)Fmzkpd
z0fWv(%0bGMkF*~|LZUJZp*t_$`DmGI+4G4uIaRBjr?puC>)bPTc=$T_rwct`34U!4
zCyN6&3QTrdMOkzgnpcKs(QMsiiL5q1WbUx@nJ;8MvKY?uaXYN%QVSBqegejFNX=9c
z{yN}1o+bau)`D8|o~hDYwYhj?7I1MG=CSE|%=-yc;~g5~adzetaBZY%jSe@Di$cWb
zvFL~oV!uEa6F><R5A!iYC=umNpDH(m&VA3iy-*aiTruWsL9ZSOElS*Q9l3>`P={(U
z$NbRc-6{ibysAvq<ZJgZgZQ)TbMOU!WJmud><~Z5`s*Kyog845Oi*w1@YO5Aq@zVF
zW?0PPz+fM}Ck~mM%iO6-^N~SjF*Qw8{(<s!bOUO=C!R?$iTPhe^n}njLScMG%(DpW
zex#4k_~}1APqLu0p-EvnHc={0aTYKHHcLNdKb)-+$<r-D_nq9$MVF1RM$MT2K<SR%
zQD%;o#9bdWC=wOn+j8Ft-zg`?VGz?KBDGlZfI*=F*nQnX8KC2Kwu{%}Kh=BteW>;j
zKREyr(Q3wDG;@fwGz+vi-Ov~)?re9l$zOlqXZ*Evp>Bw;3Blc;l(5ig?V%T|f|&_|
z0O12l(AOo^l4`U{1$R>vAy_EP$8D6OK0SLZx2$KLPB_SD#7RF=U9%`+l-mz#DfMkJ
z2xbm&@1xre(^%b)e`3EYB^@`wjUqin43t?k8wGHk;$WxChsfW$!WGLdEF9|E?<t!N
zlwO;gZu~OaWtwx{Eeu~M$IpE8=8bdPE|C$mV%Rb|{G&l+hy4gE5s1l_x3iQ<o#tES
zWx!o1JABqNOQ-td&T(?4ClWO8FM<cAO7Ei~VFCD18`QqLqh><{FEz8U-MOI|DYqN<
z<}p@_`=xu>w$#vjsB0|K4*jPVJ!S~u)Hf&wLQE~z7|L7SzC7NF9m;$Bv9b&PkYtCa
z&6*y^{3tA^%e|{GtZZz5uQtyJFnm;PQ6BEHSc7JHT_0Q-9wwJ~ql>R6-I++YNg9Av
z?jfg?%g><GYE6FM6KwKCfMqXAQ>s(Vuy)g+n71yGSo;vS`SPpt@+@vw1%Nu~V&#p~
zM)Xp((X+68+x#@lH?p5N6^WoHeA?$vg+o_B_*{p99M!fSOHOyOG2jS+x<<cI`^hP`
zVIrrR%j-a?DA+QD%l2prjP^<mO*p>NFyFC?Wi_{Rdwy*9&h3&JPW51-mcA3OtdDU&
zgv?klUio*7ik3MkWp~1nd5#xKQyl^xnB3;d$d(pfTj5DO2Nuk@=f~_B4iFAvSX<;9
zVhv-cp~hIcT?9<4*8hrKf7il1e&f9EbUrD{C!)0TKIWMa%S|5!5)Ko24VCe{fA4(w
z02MP_30>?4ef+5-3h@p;2g`8Oy}l%wA)l27t28;4^2Ysv?Q%1VO&8(2|BPE;o%8-W
z7DufAxP;CM(M^e!atwQSnV|Ef>DnV<4JWR;!MA!V?_Z^8-S0Y`#~E-<lT~f!7=Hdh
z!zf{5>f#Ua=~y|sEMDLbo_llH3B$<7x8^QdV+mx>6|d+!eBbjb*m@h@UGCStegABc
zs*45@LbjfL8=(s6lhi>zhdx(sq&BIly>FLeh6H@5a8nsA-`*@F5;W-|4ha2W#8k?T
z(dhJMfYr?SIHGns^b`5vJ?87JYiU-KXyOXhriNP2vrd!gzGT2137oF$qUKLA9=Md&
z=?=FFgZ6u@8m>I#of@9N5$ud3jcSf}o2b_{f*`dP`2D?MLbwNv+aXS?&*@WhbssD&
z9|TcA*GuqdLmoitlh*D>=q|c>A?p<u;Mm~X0{sza5IxhkfA(8)fcJ)HI&Mf2g3cU+
z=Qw&Q?<`WI7utMsLga-I*3d<&O&jB(I$+k|PS@7&NLw*>&;xO*-`7S^ab=j17*2cI
zK`NGe9tBmnW&l2tdKl2Sc3mx95gPU_(0&fYk>8&;uQ2oA^B58SmFD~GN%FiM!<>2Y
z{SN<XgRj}h$?SDl1`wa>Lz|5IxnZZ}Va(2?Cly2<F~7Zxz=sM@+U^M&p{NvwRR$7W
zkZcF`r`-V}{Aj3CWYQ4W77S0O!vL5u2CM06_Do^SZoY0@s}dyUVHbVV&a~I&4a9*=
zC`e3PC3=me!8~hxaIbffgXlWi`z}#+@3qu&KM#$YF+3n-+Hf{Q#v#L1Mow&PaCh4I
zeBpvtv<@kfDJm3R^#G!4lSF0IDixR16XrBVpcP_}ZR|&QS_Fj17{mq$6N;o;ZA-$t
z81M)=u;SFP6Po`V<yS>J3mBIa>{={Uie(@h%@5>r+ryNB)unb?P{W0(t0|qR;h24e
z4UIzg$yH7VpHCz=R4jC)!E4dIG-jYQkkM>cYeqK(2hO0ucFB9O(4%L_r>*JXbocC3
z0Q>$XF_@N445cq+U%$*HSUH~242{6a5Bc+dcK!eZsQ32lhy~}ou!g@fOeWP$57#lX
z8r5A8T)V@016Td}LxU}7x)d%)?^(1%J77d;wNqm&oKA^`@QLyR*zA*DuUtN5c9jOQ
zx{YKk&E#a8wXedY5mYv?+4CC;IdJeTioC;^_ZyE0W&Z(3{Arl5J>jz*mAWuiVg;X5
z48P*{On0+X`f%FJ`|&E@je1hM3<Ch1BPotsv`+x3i=a&Bg6v$rclagBvDdE&*=Id#
z9i3>5*-^(BBiu~`Q}_dTFFaGduO{!Y8NR|Ch<p{+HjI=Wmf8%{^<6vGLGY<hz=V^r
z_2Qq^F<th#hKkIwl<=%#j)a2t#D&AhsG+&vLv!sX{rp8QuLcP>v2mRCg5A{B!QwW|
z+O~L2In}+r{a2Y;<#5YW#&q2pe}EV3zJl7a>UV9#*JH=Hd|L{e%|>QGxEZePd9OT>
zT1rJ*%rZ!_g_`E<k+RR}Uy&sztH0f66oiKUzRb<hRh<jUvnm~ub;qjv$a4k5_xa}(
z8y>cxa@mbD)C+R4Y*s5;H+qyc#!(EU^}{G67xkd5`$eNrGMw`$qR+(2{xK(%R(Oa8
z1UWT;(ExT7_)Hx$T$oh%5?9wVB;uuEu|xhl9lcJi&y~duEsg%gv@Kf*IGsY!RY#%D
zt9#zIJu_@GaJk$C%=^nOsw+&m>5caj{7qNx1<qr@dpuTU245=>;**V^KWt~#1DhNU
zy&4O;Ae?yWQKPt-Fos8P8g0;-S2=RsntWfU+Hj7(1cdJmD#Rhpn=kabM%nbHuNRx3
z)i~+6deJ`CTXLmnnXQlZT<*?$l`U5wL^_1PZv6d5^AAGQm)B_*7idXG!1A{X7P60&
z({Wx^>Ai}<;KsOxj}~)}h$HTVBbLK8T+ARknMds=Lf#}7(f%52zUb^Fn7&D`zvkXL
z>D>c#<=QJbfOXl63DPO+K#uH*o8^Z)fB>AG(srE~i|X6XwhkF)RMdTKD3|<F`Dv;d
z6wBdzT-eH2SOZlhUg)X|b`x%cPGHOV^$xd>5{j;Sm@ddgAF$gp3;!LY@dGDP7HEdb
z6lNcpz)Y~^4Kk#HT;ps-2_QO@*yRb+V|PM0(5&PD)H7W4l6U4a2?^bxcji|rKwMhp
z93UwX!@2b!2WfbD9zJj$En1S17|5l<+F9~f)}WS}EbTYlO|``>Z?)(xdBR?AB;ijB
zbDjHSH5qyRJ6?o*bs`V2;6+~9Dc_~Zzpm0DD>d%$!p=He|4jN7@Bl>Z{HZautNzLD
za535A#E$Hkiy5^BRs9W8iBe0f<ZuT$@j~UNS-gD&bC@a+%s1YY@eMegk9#P{LUHgY
zB51nvw9E*fa2SFsU*p2iiV>qAhsf^7m~aQW&S;4>Zm8Xb!6q^VDKrx4D8U829d53`
zG=vGPbhczEH_<7xBY9@JStKOlM4ve9w7>`j88f*Q`5So3;?76%ZyR7NrpkAa1o2`k
zH6Jk^e5A2%?gtQ^iTF08CG9tPQ@ikr^rM*)VT1(2E-}%q_jr<3lxGR0H{;LLZtyw@
zJ&rw?ToFEN>t;evC{pdOLb1Z(`teO}a}aPfu;FSS7_^NvqrdiOGn`;XS#acu4(@WG
zR#)xd%T9)SsC=YH$)aTt8%8@J`49OKYJq`jZAOy`<Rn=~TUa+RAjR%AWG3%~0z4S7
zI$xvG1#~m;o&=H6yCiqSa0y?KUE!@^i}uOaGP=64Vg>}9z@uP0n2nh>+b+&jXCM6v
zFv55hwh#>P!*H+%VIa@O!Jlr-n!|R!3gHn^KURvN?Zi+Lz+MxHn)=xhwm^wsUe%1&
za@FVD{=UXaS_=im)}0>9B<!<7ftHscd`9dy{ecYflG0x%;UV~{?`yQ*Y6XS!Rl3;~
z^p=QTbkO1z-}mz>;68ku(owdVxl>V9orUdDdteq}uhgG(mpr$~Oy!;<0ZQ_48DcVH
z3yBhvIl<Pz)czpG_(=m@HM{%za5n(<Yvhd05Ag;p6(s`?crAR9RNJ{)Mc<?=RdmV2
zkU(7Tun$4nqz^Din9Yy+qzrHj2t*y_%(IhK=?p($q3OKDiK-OZ>AgnN=xdIs0)<hp
zt|Z$Gru(v*0`lq&?g!BBj1&#HYZie1^Z;gZ=<GwwZHQ}eYU>n&)NHH6)%BKV1mEJK
z=J|F{JxSNFj`QMqV%*6F;JWLP;I292{O1fiivu9EC>=N7^-ZlA3ZTl5&^u&BOz4@T
z;={=FS0S&BzD6dR&PO#RSbJiiZ)IV9({?B%%cv0~E1V4tbPYW0`DXR~YtM^7&OzL~
zHrln89o6t%U;Su*E4(Al%8tiCA{#r9;l0uYC(8AW>Jk+esEF*=L2EA6UDR9EX3-QR
z>AO<Vj}HBsZd8Kc#HUHzHwq;X(4wfHtx+?}ADsrfsMTPmkE=cNPH*y9vHtTO8>*T^
zWIjFS^WU4JZfS_-1B!_LP%gdVHkL>?O@!i$rd9NHya0I5vW?I@44HMSp8T>pCX4_a
z5uzN3fV)2C1b*J7AC~HUH6RYYcmyNAu!#9lMhg+BNaQM3#4D=nOy<fmBo(<%*@L<<
zu{j##Dv){uf^ekMEI7wTEh4JDy(c18e}ERm)X7?T0A>=1mtoCbDZ8p)XOGd>Fff=3
z7jkc9^BSK%#ktbJs|&gD#86<XcCN~YHiRGqNquRv$Y5w%-2PBm`>O*D4tcb49J_PK
zJq7a>bPR(S+gUe9X4s>IPXih>;lnnB7(KQVnHLOnP&2_4J7&072TmKjpLo{n+g`l0
z9`v}i(4NYE9Jt0142%m-5gqIjr69MV>>O0@@^=fSukH@&a%Yc!;_)qFl+D!`{|N3-
z?+?!~e<&&$>f#SzhV#eW?XV+R)$Oc+{yt_zFzODH3G(S?*N5%$MixdycQW0IbP=U7
zk|aan(aChv&N&(_vsA1$_nh#>{Rpty-?9J6cY1}}aLDV`eFY5tB*F9RjaI>^PNV7!
z>enhyBw{a=kAMs76*p`2I`^I!(QL0_vTWb?zK7W{F5i!F-B2bx+(Z2|L|dNbIFflz
zy4&Hd`S<+<9~dBl_+4-U`a}5(wVIpeI8jjE6Cay#>YwdAMtD^ky%FP?H-_dX8rQd!
zbK8mYg?rR)$1cGo^oV@GlU3cnX9}%F<uw`6sFLt~u<<YO+LR~%51$VE0wLxTfpd3p
zzKlS5{7cOqj<?rXY3vLW%l{M$4xD`z=V|#e8*=J_+l>%J)Tw(yn`Ogz8FL{S+2Z=m
z-kCp-Y{0#sBENOk1Qt578%-X3KqDCj8XBRno5fB{kN77ZGKl1RgbwjO^zsQ?U-?*V
zvE?C;dt2`?CR|Yi$=Ci%0Z^tW%6D|;*bYBRhAzfELw{ydhxI}9b%GiMjLWLD2Cu4w
zH!y524;=xEL(GfKsU00QiZ*MYEp5<b)3uNYNR6pm2=Q85I|P!&2N5qsFRB+Xbd>)Z
zC$Qmc-TvRPYr`Dk=Ezru6J%R&;aWRLtQ$l;I0%M(zU&|2_QY$nCn1K|kOr6tL;k|C
z?u_5MtAu9Q1t5dYpiFinZ}?jM-@)tJ)Q9o3^1aV$z-H7dY3fxIMA&ugdxbrLk@I9H
zUYHy?5mTZ~N9fYVK%j;{eAC@SUv9Z*zu4UB0(97U^uD;}*GGAc8|DVG3!Xzm@nd2Y
z`@07kSfC(Rban=d?H?;dZXh}>7qLUjB~AvPSParvw3wO>Zls_nR!RJOo2(06Z{AG9
z02ZxUp4xH$-afAmf+4%4V;9t7R-a;mLl4qC57c2?G?yve4RX-T`CwD1TAa`swcW`s
z^Oy(3jArTMKarF+x4-491mCTxjii5a5PuQ;6j2D~TgVmaXNPy~KmO~PKbZBCxaAMW
z{bvXNSMsEs7Bb@DAR;UH&)h<+&?=(RCVb{w$G<ldzjGu02ND47`ttn#Hk%s_rvJPj
z|04b{nL=St7?k2ZtBov@f3t_*9~#PGXwE8VeXtc?<RkvS&_>3O?73;(Z0&`i7;aE+
zZvD*$38nu`4y`u5`qtl8ext$lUuuK1BCBct?^O1GgELibiK_lmbgWQ2!UZ1J$K3&R
zTm@6H7sk(I3Au^Eh(BF|;HLl7(hmko5<tO~N+xK>mG=6DrWB}9C^ORdkL{W-6G!df
zVFZst$x8O0wc)Rh$`$q_6EweowiJHRE+jd42rwlMhrJjA@o?ZFkUN213j3l(m?*Gs
z+Lc(yUv#GwKDav*Bm^t5UwWMh>~%=dfv7)|QBnYNjBovl|Gy|*F6e&}hLGLg_Vn0}
z|KBbNf`R|A2_HrEUtXaQ@ymRmn8YlFdueC{*wAlMEF>=tCHrltlw>9TOG9aX4==I-
zua|~~V}Ro{&`Mj|$KsFD^L5s=;H2I3Fr{p=6wu=`*J`f%Y~HehGA_U7rL<T+#N7QN
z?EZX}B4zP9o27R(rX%r$+zwK=XIqqtnS59E?&qc*06&Qr-AED31+z`35$C4$Y1!xg
z=<KL|Ww6Sq&uiLevp;UK$=R|<7udx2{BX{}B-E)|rYZeh;`8QCmTz(hD#4(2{Ss9w
z;?3PbMV`%4)7gGW#b8GuJimLnE>Ls6){=UvSS8_jsd*@k)r@cFCg{aTv5|m+M4z$8
z=<4j;EN?!JR}_5wMHF#*GiR11U2n5wJeeyU&ta{(H&c<7@%(tbVlq>%Q|-8;fX8AS
zmPo6nK<s(Q%<Xkk`Ec=5vD*9I1&`S<C@=V1A2$lk)6E7tFQ-9g5boB=%W=491@lUN
z6WSOo%VhqCd9~?Cx@<$|5W1rG_Hf$PC@%<{h{{*TNAQ{Dzg{HArCId8UUFFPMs(j!
zGt0GG>zpjrU`^w+&CE*^@NUv>ahu?~?T6n{BK~_R{%Z!>m_iAM&$%I7;pn;vgS~3q
z2x`4IeB-><3F{65UK@7=z&dR9V}^%?h1o9y5l~T+z|GF<L-d_^fR=$S9@oc9*l13D
zM6L~+92h4ptFK=SrUpbrisF8FMFhK`IRM<sLgkRc&wP24-SO;dpGS}LJI}1^9rs`)
zEGuD9clhf^=~1>9gU;>)hSV=RBFRe07-H<`z;S$B!#z%`SpdCOUE;5z4@0{X-*qO3
zJW912tH1I%%b1RSHJ>qv14R?@GSH$^QN36iHpKwi<i=18XI0|cH>Vrcu3rthLhu-^
zzK46CXOKqi_`?&&UL7qgDDaq1=EfyZD<WZ!kYSUAz}Dg-@ZD}E1dL}YWbn)}@FJYf
zHQ0Y|dAd8m?mh1%u$?{T3+uD}ng3b8o(TWN1Y0bH5eW#S1gDa|FCNVJch1$AQL59%
zy;CVJc}FDA<#ADHJd%D{e74r}((3Q8cUkQUDLmwSykb{7(1Y@%;sT%qF#u`se~1^V
z24I}nWf%(wfBrLn5AY{Qg%E#21+y-mKT1O&-jE5!fg+J&{@!~3UOd`S<-qR}xMM!m
zj28pm3-eq5wRmvfi^;wUM}=V**XDZfvUk72X|gb1JM(79f2nzMd>N>^eH&&smvg@*
zx&L(6=5<vh_pr4iRx(ty(N_kf-5IH6xoeyHupLG4<<nMA5_28qQh6I;i`fE4mb8oQ
z5?SGfzfLm)x38`*lR;OtiNnK*LDo)PsRn%s4qfbP$!Ki{V)&N1dpQhmyT^FSYR8`v
zit$TYb^WX8g0YI3-V%404;6>MRs_SWm%Z`s3HAPbsozjxoY1q4WeCuJQLBjmKplNg
zhiPcv7jijyxIF6Oll3HWv~K<(&*dCDo>CGmYv#uB<lc29Zu@$fdd_htd8@{3D6#D+
z5l8S|WN03MxwiIXY%gvOh@DujuC<uEbjxhk_op4CEsuO<_`~&{<8}?`x|RF1&Irc=
zt{&It0i?&PF|ML}zS)=6;4-O(*|UB1t@Sg=oKc?F>4#%vfqcT+<Gr-;ChW$?CJT1=
zlc|}*MZ8D<>L;MbVEM?Gqxm;)KgjIhG|3hfs~CNp`r;k+x=J_d!ROoNJ0+pxgQxhU
z%M3KQpJszJTb46%8=+{@G9+y&t4k?W)f=*Z%tn7M1enDH5=rjNt}m)|DSPB0p1LH9
zK&|{oemP)&C|@7LHKHl10+AqTUWr=0Ec2&A2g|^r5vqZF#juIPDx<B=+w(JzHpt1x
z$coLAC+}*zGr{T1ql1~W_P%fX&v1`4wdw3BZ+)LgC9gpB=We<Ua^`zQ;H2XH*HVoJ
zp}Mlj^x!mJgBHYxz7-!y-N(9$&9~}GfL}mgL3)n+8-T$1d)vKVNA9vv6_1Uq1$kSK
z=u(mQ$0=xI&Iy&B!HkW3jh9=LsGEPxYAF~f$m`8!9vkge?OxPdX|mCb1dGpKq&AvC
zae{5P^DT!Mxg`9zBt_GORl~%*y$rW|8_ScWKY>)L1*jwpTfbOaPqKU|oSS}ZXICiI
zm*)}OC@@NAaFjXuoKmVKj=&_&Ty&6<Vmnm3PrYkA2ruB<0cKgL*L?&&_@=pyq%mgw
z@HioTt6rQ)DJ(VA4+#yEc}li5D4nrQpZDqZ%*AGU_dSd4It;h>dair*L}n?sqlej%
zyN~fRB(mUKvvqS~(R)$N!dUqf(m-kwx2YInE*kN{<fQ2sm$>1%ngwnYpX8CRq$l4}
z%2k*6j!U-35>7=!XWjc~WIrk3-3|1ejT6{PJsI|xfa=QP<;|Fs;GR}HR%)C}bOI|W
z)u-T4KP&clTpAzW*jMYAeV8;GqzJt_Qc?7<md1KR0V|vQ<3~fC{(y3|^9cSIEE?^m
zC?ZCUyy9R1gWmR$S3*I&SIr!@@uc%HQ(xGU@>uhS=2*>gHM=A-H3CVNeHBH{x094r
zig$r0pSQTZgnWf((fA%VE`9dqYf?gKJ44qGWQY8o|6D^DNMk=`dLf7f1;0_M3QN5a
z^}JS>Qeeg!DPp7hzO?ZiSIurIJ+hFlk!NH5Qx(=3mfLYZF|P-(#)0)nTJ*CYr01P&
zK=q!KGq3n#!YeFVPy7H#Xc3-wlAgyY#Zn>aBl!6H(i@pV-RMudqNvEyZ>^i0;v(^L
z&Wu3lTLB>rU#FP9LjsrM9nHp4Pg-%^--le>&JG5Thrl-*0<|`esk7oQWmEc%Fa7#V
zF!GaZiWr@>YU5#_<>FNwzpr2J8~_Y9(O16sNi4WnEdt2luIjDqMp8Qhqa+U`n~Sf#
zBZhIgMIuxR-4MT9@ifpBbn-dY6?O=hnbOnInGeSVZdKT}RaIu-zx!d(#~v-f<!mvK
zNdE<hHu4(VS-Z<f<N_y@^l3*i{nMJfug_zW@pNnv%ao;99=C(KL(o>$&dp9EhsQJ}
z$Nl*lCQoFg-n~&W+oZ74+GO5V){1XUs<*c9;ka<w!ux>&=!AKC&DGdnZQpCFcnYAQ
zv?E*Xu=Vts*!}^fzoV2yp&a)!f_hs<6U$$TUgDAIt{#CASDNp3>5m1(k>2W7#ZOU{
zDt!!-cv|l<>fRKbgg%{5qp0_AYuh_*@<^H~UM&MSYt}_gMASxNOH0kOZDaKzx+Ndf
zHSkN|UmM<*YG5NT7cC$syDpQ7Z~fe17c=Sb3LjT@rpq}xvEqFDz9@bQJuo5A^D33|
zxfXPnc75j;g45yI>Tpb$LGLzcLbOpO69}iQW5%d|l5VSBB?nxPr?a9`dwQ6xJ20Bq
zW1L@I>z?=?(BNryaw53UT;Dq*Ij`S?^W7ze|2SUueTFl{%$$*gmYmOWPR~avoSJit
z^|y)jtT@-iczEWa?`GOmuoW{51F?sj0AHz%rb{PgbjK~9iQo<GU_=)M={P)j3!l?}
zfH0P>dwzWv6y;#hBh5B&Uozj=6>&T>Z!?lGIhbe9JU^E9^4^;~`7_D{Q2E<U)rM1@
zWmL*#P?aSiLAp~W7ub<Dqu8%w+*VniUKA;70Jmw-d4~W#K(7p*s)V@%e*Ecpel>>I
zH(U@MsEpTld9svWh(ovNmAi>qjYq9&P~H4b62WhbVhkP2Y<B8s!ld(enHwyO^48hn
zm^(S9q)Kfv_zW8;B7_0%KO?YsXg=kN_%=sP;ss*jcPh(>8fo%BgvsKA$W6&7^A#Bt
zeP^{s56Ctcb=?O<zVo!r>X?Zr55XRNN`&^039e`QL0}*Zz3d}fY%%+h0F^-GzH&&u
z`~lW!I<HZeAZJb0jNc?HCd|UIa<sg?WzO@}UV`tvz`Kku!KVrd<L5zlEZGO{f1H}L
zQH3IHnj37hnWvEHaBnyl^Lzl7AjTotvb0Q8QttOK>XfDDN~etSrtP>>T`H0A+X;1k
z52h6fW4b{=MLu_{xCSkn@2x?)F31=fFu_5MT|J3q-Z#XQ;hY$I;3+CSJ!L%G7&N+C
z{&GplcJJEko-hiC&3k@glENuy)epFz8GBCAKgJm6<+QG5hY9PGR97I?F{)Il2L_o8
zU|NterTY6Be1q=d@gr)w!8(Fr?cOw!0C@MxF_-r=L76Sj^qPVuVfLA`TTwo85C3td
zFrM7slHrV01k)90z9sW|A+1`nCxSeLgxJx{_xgZ#Hp_dmqAeXloKDaxjzLq0!!n;=
zl1`xI^rkDCF>I||yUjo2{IWtBc&B=Wpraj`=06b#H#Z$i=}h`5TqcQL!h2B9ch={8
zBjm|g*QONHFNHAE&TYO*RevNW_*K#RtY-?I-d2x52$y&F+SoX3ojL@c<1o#_8LMlD
z2#e)~)ZWh{jk#L$nxH)^C^#65#md>JN`UjBqM)YRdnLQDp23Q*tbK5lvpH`9UvDCI
zMT?%SD&CkBo_4S6q69?j-N6S9=zGI-dT9eIFU@V1#Nk7%g-<=!E86;-C?n~oiJ>7+
zPE2jXp>M{rT2b`vha>*kPsS7Ziy_a1N4{|x=@3y23g)|Ah7SP$9KvJ}3Hvjd!eX$8
zP#D_ND)i@UK{G8n!#El%NSDQlCFgh3WoBz+HYIXFEr2($0sIVI3f$oJymrZ=vd1`@
z&wW#O>6+iH^}z+PQ>zkse5Rt!0*WBgirKGSfh7!&<f7vqJ0`2%4pYP1uJ!Q-+vVbP
z27lST;PKlpt|j`NoI0$kbM%&nV#Fh=Bi{LFUhgDi6yEuUl~?@*do6gu=C?IY^;s-U
z(CE|jizS!f(<KJH!uxTI1<2_HmfCzM$gx!}`kU>L)fUTq!nn$PJDHpzt6`QqyVze>
zTAtF4Cw|n|SyNwX)mK?|;I^4FInU~CpZ3lBxx@$>>|hjc%r5vtJe?OXLaP(j`~xxk
zjU@rW9`cO3F{&BUN(A*~6oZmClK7VxiX>0<?nNtvH-ShKZ13(qq*Jd<O{n1Pos!F;
z@1k=G2Yta%vE{9+lk1P|({S5mZ|O<N5U>}SG#PdqcpG#DNPe_HWyK522<?xyM#$<Y
z^{;RsBu5Ei0>~5zDr{NfZmy<kX&-o_SxYoC(VUp9nT^fMg;Y2eGLCiyqKgVFAA0LJ
zviC6*FjnLf>dO8TmJh@UW%-M4HHAMk_>nykWz%5X+9OUjlyCiqX8tQU0W(dZ%|0hs
zYDlu#Iap-#KqnQZmw~9%>KUT;dFn$@v3jwE%Dwnp(BvuKiwGvx&lXC0Gy&9{&L{Ja
z0>4A2RYu4NFJEb9q8H^C0br708yjuN{sM`$>w!teQ@kP1AA4i)i%=L0lvV&lJr?nQ
z9OaGmYXi%8r0n^3YWm-CnjJI-LLYkWGQ_1Z)(hEwFb@<MIc=QcaUg0ss=uk}Uu=pX
z7#x><p8QZs{X)wdX+N?RMJ2hHsDl#;%%%wP3e*)}XnB$VA>NwxEj8+&*#+KS*}MT;
z#3`d#mH8r$T%`tkMNpU-??royG{3!)m}$uWLi2V-C}E#`WU1<<X4j!uQc(({-l(&z
z=Lc$lJIl+M9^jt}19dzA0>h5q(5G0ff}tw}HS)dY)!`ha+344^^D)6bu2Gy9x(Gq}
zlVjK^`uv6&;L@+Kv8j&cYa`$P1c&jm;jbtS2{-;e2K%oKzJL2GFj~4+0S+Wk5AlLp
z$iZZ3@|!TUp0wLb>!kofFi^zhubXvo7<CiX^t@Fx>#W`iKHYpL<Z+^LdDZ%Y13<n)
z!1ztjq@Cj0>^CI*$H5e%d2=jF?-+dk9zrE+?gdkWK<uW%ct!a2hRk;&M_f5yE^XH2
zoc)DAV}-~trJNK6Tz(paDUe+f*HHcupa39AU|#8L&Xj6=_)WQFlj*9~cgC_n-|_ig
zl2Hl_8YoDd+gWPg_3rSi?`po!kM+5VS-MS5dt@2Bu5}sCE=Ti}@Mwgw1(_c2l&tjy
z{>#0(Fv`0*vyr+LuaEYAa|ZE<Hvzyi^ZzOpF8Xb(J=;P4YC!VxXRdStSDAkKe-&W{
zpPSRBmN@o$iBKu*M!;xX&vBD3_QlwHl>&x{>t`m%FU0&mEewW%E+ev^8SG-7q^9E@
z?<pOx4l~~cW%1H3OqV6SmW+|fx0<tBkRKa>$s`2Ftaar&v_(JjYXwuhR(XM&7vZm!
zzlkBb_U~+@eJC*A>HYi)d_Hl*BP)D^%k6GcdalJHk8o-Qsy~*yCU>&MaAEFe0jx>h
z)x7;~cN}@O=MZ)?+RQrRStqP?3aRMf(4)`i19aMzS$99~eYdM$<^!qhmMFbD<YdMR
zcg_K=(g_Spl!Rbzk@HwHS}vXSHbKvs+jILzopsHXV>IsG#y%rOr?($ZCSU$F<bEoP
z1z(fpxheM#Ges1I_obtjysW+bD?l#y!_@6snRBT%R(Y>WJNNGE-2;JW#>e3EolAiQ
zK<L$R!Z5c(_bRAdG~IilegTL}_{uPpytB)sx!Uy_p4eV5Fh(%M(=pOPD69GY%<svj
zCpN}YcKU1M1!KXORproeG%5kijM;E}j~PDk-w6#Vp5F}B{-|y|YUvQTP(P4T(L!Oa
zl6r~DG_D}J>GOQN;2;w$D}&{{$6}hOFxCbLmQ4xwc8{9DAO(XRK@ASa5Exkag~n)b
zT<%b7v2adbq9%K_=x(UJanMuQx-xjCQImUQ6eC-<kbW!k3RI=@g>#_2eg!*B6XB39
zJA1NrM=M?)_M@?JZmC|A7`Eb<cO{o<zMzM(*UDSdaG4L-3Tbp;jB(o1o6tmWo5D-%
z&eqH9t1E=Sn8_oa{4QovrDR}9k^iXCszWfrSbYT)#R%hFg@m=a#<`sMu}FCU56k}1
z^YV>0dNjs#hTbkiUa@NJ!EgQ|%x{l2!_is*WIGz4NN_!*#t8QHzW-eMmA5bG@V@QY
zT>901MaCBnnU&}J3T82G@xjET&}BDK5#@s4JVD0g0D>aK{CUQ5N=B3aLMp1u4RZN+
zoEAQBhc(cM{3f<<#X}3!j1sTJ&oD6D2dQ^m6=R$!3hv4{AO2^>Xd)hCXQT;#-TQ*9
zOQv3LmfM&Wlff+Cepp~AvF|<6*khX{y!y&xeJC{}-+)f#H>dl}pSXQqKwRc;ZNnK%
z0y2xV6%wv1<fx#Qq2sBM614#^U-Q<X`m}-$0+s}p8BLS8k?>C+SVwqg{c!uwM2&|7
zhark7O=%UvOMvpHhday0Zvnjvy{L}^L0bfma8kvqfZO8{Viu!rgqZ$Qg@Z@0+d~bi
z6Ohl@+t*iuzVm%SR^fw5^0*!apAT;5#UqVx59jPNt`2S*!0!n#JUP3N1a5sr^8Q6)
zcvMcE8PC1ZI|vSnDfFrgsbY=H+`u$%027<)dG9iM=i>?1gWYVV^}=RkO7lW#Pa_z&
zyRRX(Y#70zbF8hb&FvU(wYZ-x;AHK!o92Hk_bmw*LhwQu8n0|&x#_w#*}R6%GfsN9
zKcHg^)iwvrP*GYT{SN=AZ(TB78K;QOba!*_x}3Zr8PiXME=UF@VyC|-v!CuRYsN|+
zLRWT4G3ua~k0~AdJ}2B+&kxoB1y45vsR`8RQl4xtf86zPWitZeL$5)Ml<(ByMj2ZR
zJMStl+>h}z*qn<|kzN%`9zGbhMT6&Q#_0WJ7#R5I-leqN^}^wMKi}ue5nZK7ZpILt
zB@E;956){=>GBgLzPZqjzU#_-zF?KEfYw)+A^J*bjH@(EB&d+?a!B!ekJxp8nPl#Z
zp5RemFSDzh#_v)(b?xk}m^n39pqRMQIq*CSLD~_S_IJW;wFv{^eW+DVm={9D={q;{
z<2m}^U&y{gM6ObC)mwa@zw(>@Amn#z@22X6_*(0e8yRu-YrRtlz*b+bv!U?iCXLfR
zAcW>C+xuVYz&HfvS!|*l=rJxa#afBa#!K-%+i@;65RzzzoQx;$E^{_!b$9@F26St8
zmMvX(-qh^rY)QB2ZS}$c;awZuMiG`zg(5Wy8F^MC>C4i5WA)`4^uMu*##A6WGOe;$
zUAczk*wDucQWXNW#EnpN=`5SEIcAVA4YlPb1?dV>0UYO(4f<s?&<gcQH`zz>P!{2P
zB{jW}YQ5WS-jc3`7``{;1Fb~7Y;wD~i6uH(tHR~EWM^QCGR;%Y92X_&W<gXFuTnhN
zt>?qR$Y3g}{|UNN5+FoMSYL8;jkR56@x(WmP5PF|Ng~hcGrotsg`&>-L5241*>7;2
z+v9z$)$rjoB8j4aSgW80@H;4<U-6aAR?efejmxQ0oI5C3er|6W749I7r&nY6LNuSp
z3R`)z4+*E{K|*d@*#V63p$8+3AA4u1x$;@Mok%#zNY49isaSL>GRbmTrZq?ibDf^h
z*Y>Y7NE>n8AvN4l+zqfP&04)UScB$pY`a$5XYQdNqwxYBdLkB36ns#%M4QO*k2g@R
zj{|(EH2c+6h#J^IURfiphf8%T)mx+1AgmTWjPk$}iocT$LX%*`9bBJ!MN&wt-Hq>h
z{1or;W2|3q#oLk$jwYIzk7mP{*usDYgMT@hT#+~uN5ZWSM!v>$4XS8`M`l)-O~gvA
z)HSl*C}uomV4pHncvj*oZ$UQv`%KF)?pb>*@lk*>sRQ`j86*Tu9P2RP8^a~&(-GR-
z2AKKd6|RYf&9!b!FvQdP`rKZgKNnF8@JaBr2u1N5=8H}dfaoMMnYi<Fh(mbDdifaw
zZ$fA8G9*coIeA^<v%LkF$9N~7Zze(=+*W*0bv)kpSYh63by>Ghq-3LT_J?^B*T7aP
zmEoX3BO+WFP4vZ(bXb9Z$0W}{wC|z~OJj;%sQ|Ujz0)(RAoeVJ$O*G|M=85`6iO1G
ziN454yDc`7*gd0HRQqK9(`=j_PZB&B1WE0T2&UnGQ{4SMz+{Rrj3`Fe_cl2*TA$}L
zNA3dXCe4v_t+Shbd-iK)vHO*Mdd4DF1dO4B6ow>jqdxVtR7C%<kTqbH%Y=w*3Yj=k
zq^G3YtLV08b+ucNcZT&<->U<`3+TfQv&>{-qJ^Q9iq=x-J$@Iu)@#W%78ANscvk6?
zRU;Qf15N!6tM6!rC5!V)5y`Z+=9M9kswEo8B{Qic@LIcAoi6M6`b{mr4^;f?SBiFz
zh+u#pBVJMA^;qVy!J5uQr`p;gr(}Dgi%LH5p)fXN!iyGz2y6eBihs@SE2tB$Xk0F#
z)u|u^S};|~ds}?la-}19PC=|Rf!Yz>(XOM&_twO6Dt_XfzR&%-W0BVoJ&TU0m%e!m
z943Nf(ZmG@Z>!~y>Fdxi>XlX>podQ1&}&c&?b|>@4+&SR*-w!qRSe(Uf+OM;fjzW4
zqe=3#YMNfvuSLRu6}f@vxZUZjVRGHu_eKb29flicP0{*C>*6e16@u1vP`XQ@x}IIw
z?PSB`%D`rXM-6t{@^F<PSFVzYA4S294Kr0FIy#jQQ+PoFXF)n#zQPC3paw>h;=-K<
zG!xJIkrB3UZC9YhY~58~?d0uX!5_9+!Iar!C7d=^hFD~;kD@Bt+EKh))kQ5Tao-%k
zw3GWz7-l{!CG2%QPhX;O!`4uMPp$*+VJz|W)wOw)L2nU01`%f~fM@paUhmZCM8cYe
zv>>2`|6kO-byQqS_cn-2fB+%Ef(1yB;KAKpg1ZHG2u`Cx13?o)a1vY_3GVI?+#Lcm
z(pcj%hx@+wUh-SttTnS{X07@D>5%RtyQ=otRrNg2-siib4L;LPZV$eUI~>SyeTh>T
zT6ByC@emSUg9BIq#VT(W5!_&n7znT_a>c&~?ewL-k7nC_w=-*`VVMh<DbM#xHyV`i
zhGHjs=IahmdXxN`;lK=Y*l_{JZ`>MdU_yHzxx#$%8(2N)bxKlh%tqk(%n2RI*C%|1
zdx-woAX8Z3-OHg%NO25bPaKmy4eCr*{_unn7sF(V(ZKdQ2G04xdqZw=<9FmQuyCSq
zJi%vs%rxo;k8igSlb?BP_k-6P!oLHU;p{%obmV47Z037|;~-;W8ynb9u`v1TJ<Z-k
zE^r9MwtVezbG7iGZcSLHh{=oJ>BJ>*%^ptr9v-3uME2F|gfYT3@1zI`-vKIGN^*m@
z3_pU50}AHgU+N)$dE;S*i@z5ALSvRllv|@9tlJ-fa><<Rr(Le=*N#1Lq%;C%NiT@M
zP5bbzZdHH()kyGwM{d18FXV%UmNW$CnZJcVLP~Vl>hq#aT*=^{I9^*cKe14tf=A8_
zj=Mi@jjIsf&7$l7bm*ZW*F}3~P6b49b9!N=RBn5Os*I3Tid%l0l5c#?6yr!Xv^tA-
z8NnGDdJNNUFvt4CWp0#s0TgcspUaKc%yXY`P(lwExHO%~P2hRV-Mj>@DZ-=KNUvWo
z3@l(%HIo||TuXU1Y-@KA;|`uY#?oycc!I(rcOp<BJEb`Pqe7l=pavcbiF;qQ=(TWq
z$JwpFW%rMLP?~R7TlsSD-GyIzSJ;_*ARmKA_dA1KN93!rvrvtMT%p}!v!H&0I<4Db
zho(u6#|xRWop=9inPlRG0bO?+ws}59qo$bL@-y);lnzo%)*)bzgSY7;NbWm?za;9|
zFj);|_{ObVZbK`R2$^8KZ4}S$W0R5Kt3nt52H!?j=XV(2QW54DCQ%pose+eL=h3Z^
z)<D>=^xezN{?kGWE;WfubSzaKFADlyWLJO7kXAg5*x*zxqqD}7@?frMjGItKPTaLf
ziQL7IZ)UratC(f|ieKtYn#f*+-ScHHD;tO8!ru}ESqL*c9&^l1A~qifF!(Br@Q6w&
zQZkPX4nyrr{;x0Dtuf@raoY%f90SZSWFcx+fJQFrty9@qk5P1&N&7F96tQUxb7h>W
zb)UzsQTo_umL2EqHlG6g@fNi3;3B}yI1t#ujsOE`)kw!Dg?xJDH@t3d?*>VD+E%X%
zIc}@5e~~Zxd`QGSF{861M<EH@8_rF$ETVG6*AyuEE!b5TzDwM_DB-Sg#919fT)%1b
zg0*d?VXDBN$hMlvH^hQ$KxNBj9+9PpptVHU9`_9jrH6x2%d;h59?lqJQ7JKJe2!y0
zmH)B%_T3GhMpo&@-mP)S%5up<)o+BejUk0(TZKs7W)*4FjIgB#nTB@v8~Cu?kQWSa
zizl9Vucl>jR($@h1z>}QyUP|RWPt__aCFzTESYqSxZ!h?m4$JO;uvE{hrP7TMjye7
z-e@A7W0drbeEf=XFxh9MO`5_jhODets|W)g8JzV7t+SlN+8S-d7)wIy6$i&pWY1>U
zniA8;eY$2PL9ZipjCA2$!PRnQPX2T&7e@qTj*H<X*XnOlCLM3;G5ZR_M0w=Q<++?9
zz8y-sFYGCHU!avW>7V6vSK=H^ub?0z**b+KVg*G}c%ygEw{&@qt__TLf7H9c(Bj6f
zQt9~ddjexqcN(pO9CPLMHxYlh4u?lAa+uMq(+QISQ+XmwHd_;K=k!sHsl)D=HJUy|
z$GHU9w}-I#jf!J57U(rMh5u@{6RCXOK|OAWb9OLp!ihLVfo(CJgr^%o$&Y^XBmsG6
z0LiUHBu~CDl&m~B=in{Xe5bY^tS0HI=0`}^_3@PhZv}f7N)au&4Q6R62^2L5JTd;O
z3^S2!Zq;xcIYL)Xy|ADHKk<{0c?-Tm;=2mUZ1xVckR?q*So@h5IRrDY!0$vU;K@rn
zH;SgS&|sQ;kM#4M;l8qf5-B39iw(LH=#YTco0ykUZYIInPcciK4Bzc__VGApiFfu@
z{YHYOUU$k(!>*<No|0o+(2=gYOL5YprZ+w5saLQDbHB6Hk3ZMSFzuCd6AqvVrK$Bz
z&YRw#H0w|L7R(Z8#H>?N6mse^p|4S%cUI#s%uc028iDoV*FCSXf{L?B$nZ%6K4?LR
zm;X4$NE6=zXB#abu~^i+_hg&?*KyL@=tdlTvN7#UDH{fFj^lGmab&*gqPK?v&f`6n
z%IczGmiCclSCOxCGpd}D!(l`aGlSe0Ptb}jJ?{{eL7$~)+FFdGyqwC!q9d@n^Bd}R
z`qGN$Y`LE6>52ru>qjMHfk$0IC7Z@YuCEZ@H9@63<AW=?o{mOKZWCQ*tE<Ptd?EL0
z5mpUXdO)~B7S>rZnh}s18cLStmePKEGy?$Ur+uSX<-e+{Y(AYb@}F>Tn)5Lrg8jbP
zwc3j>1CnHVedsTM4b&i~1|D-qGGodbuD%^b;pzQ1>IHt?nS@5RdQI}YZXg3x3gtjq
zJ-j)V=PJU;+xx}I@jJ};A5<jVQLRfN4D~(K|8fh$MSEMWk06vY65pSYNzOfnYm|B-
z;}Cd6qXD*>W|F!>+>&;3-!-G0(^g~ssb7%R&;i8gsuf?J{4?x^Q^Iv48p=|UJ0Oa;
zKru5K0kKJGCj<woFy~%+g%?pqAfIG<#)Cg)uT$A){s_lBxU{IvixH*yn@`IX5#q*N
zr6Qr)zqL5xUIp-6nrP9vc#*vrhv$-qNqLgsIy!oWl;YS@p~vFS>77gMu33h-&-?5i
zdqlG195J1=XeQM}t?*up7VA0^Yx0sv5q@${@%6ScNf*0vwA-!9+}CP`3&2MU<RS?q
zfzCWmU_Q^pY6>EOz(cF&evj+pO=Yr9l~af}Vs)?WfP;oWn;XN<*OG9P)E!K3zQ4bZ
zhCkMwAwE)JgB!$zYjx8w3BewMy+e)&+^MVfcxWS23#oIo)@A?^<p4=1CrNkX>hKNu
zmCnDIX-yT<B_>Id2j$%?XK?l(;vqP6e>m~mW|19J(Z8RE|14Bv7yvAtCc@s7>LK?p
zy?hV6-<2=F`2*6H#=qAaN^q6q{xcok|A8YxLGs)j=TF6AjPTJ5oF9B@D(f`qx2AG`
zT>V}UdMx>;6v|W*kb@?=(k6@jVc^q?2Gl>!rAP$yPD<vaeZT)ie<cK=e}K79q|NV*
z)ebG^`NLS@*kRB=+w;Hvh$8~<d(+A9wvYb+ivbhK{@*llejcffijsPn^3Lz>DqXEe
zOWAs|h;FSrnyXDUS213v(pm;k*R8i>3w^o0xsr>gSI>IC(Wg>vuWvQ`Gyi03M6Ako
z=H2$@P^wLLfBb720nlkfE$Cx0&BJB~^iu#BI77ag_*ugzn<w&*Sev~s-djx+#Q$_y
zS{x;ySCa+=kW|1$J})+cl3PMEz^b`X=)PIHW$%JNk@9KW<MDv7^K+4QMIT_sMj^OK
zwp9Mr9~}YzB#e^9qBpz+bOc6XLV;6AVvhx+n0=iQ1b74QdgES>X3G)e>r@uFZ2c1X
z%A}vP%pw0DZ~Oa`3nRckbVu)T%^QoMo|X1cvzc<Udx@xQ1U@4*0EeTSj}&S$TaD+%
z$|rLUiuwbh(69fii)8G~{95w8Qjm-$W6V`djRP2px#J)RqLL5_Dj_CNid2!z@7igm
z+QCpX;eRkx^Xy0^g*11qsN`P&48Fg?^EgYp!hEz?w;HKcY`*zwzn;x{oEGDdNYK0H
zDU%*|>&~}7-Nqgt;Uncyg=sJ4T$No!D-MPo&=``nZ=is0*MO>V_QOI?kF-1YQ1_FU
zvONGxv)<3#{N*DajqFmB&zgKc-XC7+Sb;13G}bUv5-X9#_`~je?U={@beUM!CnBm!
zo2jVJ4r%<J)ciocsgw6ho!a-=7S(B9Fo<@TQX-q#`d3~1Sp9mpi@KoyAp*>yj-h3}
zu$!xj4@AZ8do#>WMWdAVMLv<Omnxc{@@(EYTBJ+xVp>dymbORK?p|37j6+3mwU!!a
zGu6G1Cf%D7P;*w^962cm*+ZfO;4mr4K|3bNgP25YTIW%z%l{S(`A?jX`HrEDw^(sR
zFPtjqGmGD2Ab~H)9K0n2IxR9C_%^cX`7gHp7tfab7bE#n8K9Y2$`BRbX_el_5!_n-
z(KW&dtmxFT^1cI<=MRYL`<Sq-b1#_x`V%Oj^Dq|ZAp)^$3XUz}52p>Vk)Y6<Dp6TC
zd_BwXKnws}s02O$N55J&)(=a#0_~50SMwDKP@$gLFEQO?hPJx(r#e+)k9QYe0x)qU
z+pttn|JRAamjD-Wu~DI9w#qC-qoWU~^6dBYc^pdONA8N#*evF!#a}a*d@93(oWgd@
zl!^?A-L~ET(ow>b3z4`P<hpP&=)UU4CU@%<h~};~8?@GLGzv)Je&69dfAx_I1YIjj
z2OE})yV=if@igfAA$uN#lK0RI3sT*9-D<koU!SGOtuG|(6Oun930G<UQc`X=o&Tex
zB>F>1Nxc7mM@e}pSNG8jr`6J7MyIj}jel6bR9HAdE^K6RZ*D#GY%%_GchpSFE6_gw
zkruf6rO8(YjcB2!OO<<iK!n#d@bYgUe~2-SQz7IGN)sDP@JV&MU}C*h)3CzX;v{t7
z@(e-;NZ6`uRI}vi{!0Z!jtDxOvMP3Xu^wFo#1#s|*MhI)G$!473FXu2GQWWJrJ~4r
zsp(X+!(D?rw)*81kNzNpmF^{nR}7sy%Q?^b%`U@M(x_0~p<e+2SC#qb#c)}_&j;;5
z)ovx}ZOFu)3MO&E{Ot1k3Yqe4ym#!NU9DQj+lGck2Y;8l)z>@?e(4M;*U^<0SC_7@
z4p{Rpn?;0Vi_HiBA_V{%Y>z*UfJs%y3sU=dSda!lB4X@zewZ8oRwQ&lxI3&~iq&l1
zd+qrM|0$X)bV(^<P*5;z*n3=;*A=uF*J9(hKVW4Atoue+o366kofoK!99QI+l<a*x
zWe`0d#GNMr!Yu+9B~i~4m=m1DeB;8LH?wrsUX7mbgVurFD(5f*(zcY+tyBSrHA6*r
zRGFObWlc3Z0AYNbuxbyL<AHr*zTPC4No6Yb+<HA;Y_pBhG$yB#tMEG2(7X4U*&Fx`
z4j)J9u;3J1gG$+buT{EXPbkgvuZ-%<cZRPFoPYPz6q9*NKl(~<CWAA|_Pzx!z@kCA
z_Pt83ryQM5Q$uPphu4>ZWNs0~bZ)CO+n+QxLn({epfvIszm_(oQ~Nn4Gwbmfe0tL{
zv!3N%R0CKh>SNj1a<gn$ram>mBf32fOgDRDfyTd;U8v3#eN}LAY<m6ch1())-;*TO
z5Z|LR{*$ifam`vzfFiTdbc_h|OMsBa!I|xX^%R9Ix<;jl*qSN;<tOs_rr1u+d^rI^
z-FF|*#AgFt6=Y<Y*0`69j3ta(<zH;|D<mx>kEB;d&2~L{>D3ue(1AqDuW*#}WlNQw
zpD{;#ix#u;8B$sGhthbcCWtwY28gc@Zb46yxWHcuR3xCm4h+L9h?f{`Zp$m=;4`_Y
zv_^hCT*0S?hB_$!?m2+@&JjI8{CHiAf|4Q2KU|`tgM7BWTl9T+zNKQeG0`5`UG$e?
zZ8_`3$pLy-o8&6`yw^PdEy}=%f?l1!g)NgR>3avkz<TrXQ7xT%cG8zTt(h?#OhTMA
zRi0VrW;F@64(rKZZ<UD8kSKi*q{ywcq-CwfvLp1yapK8AezXMaZg)i?L|9v}uPJ<>
zuAsBdo(Q(A;cgA4AWr`2XFCg&?m`z|?y0?3g{b^Yfh@%?az6QU1@R2$7I8&M&!2&X
z3{lak{LUAV*k`Lu)=-F8OPkFCf#NG<ru;fWv+9jdRnx8>T$LixPB}ueu~rG5XTK9G
zB(NS^bJ!Rg%b56*Fx<0t!F%Ixzhm*0IGwZt8UlbH-gUK1E6rOYCc}$+75VY*;`1vV
zkFj(^zn6&|rUmjaVr8o+lCLDjp1VA^o+XiKt{(?)y*+}4D0ioBzrBof!BMMmvAWni
zTe59LDiLzq%9z~CTOSLM*~4dal!h#g%xa~M!NZqG7;;B|ne~YUAL>N(WGR63ipaU@
z1Ym<M+w?<Xkgrih0>t?21m8WKGWaQ2tJfM&gO*;L%I|QM_1zKqc7Vs8e4MU8!_tX|
zeq*1F`hi9aFQaakWhcO|QB&IyABV3Y@%Ovx&XZ9^g37!n86uFO<9o>cd;l+Tw0%tc
zqui)T+_H!lf5gqBD)~#ES}!EDwYOCOG?08Z>wYr;@)2&2SQaqkagQ3p=ie@mI@HP*
zLCi0yAYkzr<SNq2S=@Vt&-od^?5*ZtWm_i%b_b5DTgoEyjc+{8)Ats1*LJAvN>?M4
z>$}O^d$aR~c>Q;FSu+`52|0|sqtA+%@kBd(+BcUN0gC?g>8Duy&Juk@u40)8hPgh@
z&}UYg$t@e^t;)M7L{{z(#v*V2pU5beRS^ES)KHSPWRReFGc*K$UqHhkJ~-7?QE$(g
zwVcM84b``QzrmbQ!88b)#lfoP-J!ek7FSCSbag}iJ-GN;I{kX?OnG~r;gfq(P#Vp6
z0=hm>2=ecBF16zuyz?oAWN|ufZ1*(F=w^407b+_XAzZ{&;*IA(jQh;KJ?cqw%s-q(
z1_5HBw8u|J2{c?3^6$pRWKh^`Dj%Z&|FXTV3<GAD@bb)JdXF>tSs4r=O`drTy>F@6
zIbk!rQMY>L_*aAR`_(O0k)BaMKf<gCRYR86o1M+O<E+RXbflAe91IJ7^$_=~s`M10
z?Svh(vG)5Q9W+dH3M0a;meR*Yp-jFKe65(Q7vFHD(^*wN*_4&EB%W24&D668c**B6
zBdR|>e(}#nBVb*6IVr+B>}`j>gHG*ehg;6Ba@lIwN@(}|%+k%}?CtJn-<t^}+IJVm
z5iTQ;a_u*JJns%yBD=}myhSkGH!iVuQ^0=lkcsMYsjXF=0nATi>^)T>4EY!$a%u&(
ztPs`P%l6Y`a;_7a<M$?!a1HARLG5Evl?XQYj9;XmbuZQroYOO(vUY4!J@yM>D(ysA
zPBf96`I=sffgcCpEwTV}*;k^F{8HWmkA=d2Ii%A(2sz)x?{cIq;=>0q1`Xeh6dq36
zR{U(j6bdCmH<Ayier?QRku>;c?{L)Qr-UfvQFf?sey>4-i<O*rn0Q%iF~X<t{B9&B
z8MST8P6^TcL%Be5BrSfoCuVRFCK~?^c+4&uwN8zqURJ5iV|*`4hV|YvL7a|N0y<TV
zQp=}Kt4!mFqAmxh<d&E>Jag}GBgBm{O4p+HOH|A31uzJlbj>K&kpW@et`m`49}vk4
z_cQ_-UpcS$Qk_AXpghML)p9tCA4vV1d~ek8rnO8X;E~+oL<Y_?uotU6t{Z|QdLV(v
zd)?KgnbFOY2Sa>&sM%fH_B;fY#bK#_%Nv>smRwd#BX0BCg?dKQBV9LNg#{Hh2WjQ|
z)3fVuzKoE1l-jQt6my}_pv|GHM0@k-|C-lYTQ%15|5S-ch59%~{rER}TMVz@SpzGQ
zlpdc{_44&^*c5d{PGhAVU;a{Eq&`O1xk6xm`z>3v&?L%F&^0<==v&h6#m7ho=|Vn4
zEvw(2{kvGF=0l(xxA8jk`U&|NGFxN!QdzJ~Xf!X><MN<+Q10e;3%OcYj`B$QC_k{|
zDXEi=CO7sH_NzgsoDa(Lnk%a`6Aj@XY7+ymFgEQ1x}rEHlP)>M7e7(Ub~SCj^$PFu
zi@Vv1onx9~dB?928dC(pE6d(E(L1zLpmxu%>Oh?>-^>P!1TbR=fhNt_yi>(|oXE($
z36BoVp*u;1JZ?Nbo*WwoI{)qnq@(Tu7WyfL^={;+hfp+$fSzc%m@Zew=!Z#6F)f3N
z%Yjf78F@{|Clnu2^-E(oX}P)4$3xWr+>tzw5DtTE*^qrs$N8b6UO3C#_v%a3=EGGy
zusQL@lYXD(y)?0|{I4B<UB(a4cwNbbZ~uXgETg;ts-*_HJS~*@14g+8c1mXnPsjcM
zg<7yg?=#A_X*E9op%c4)38bGf)8+gRO=Qr0uG*+_(W`$45ZHE|%K@55LlyadaMr(K
z9~auaCNe8iOW_Zz4*&&PQ*+k0s6Xy!j{|JjxTK}ZlKy>;fUEqUC`IA!VU!@i?k!r4
zhYEf`&-oI-KI8$@8UCl~!EgfqOVMQjh0qx543?r%XZSNV`+06Uy_(Yd+{}cDBxm9&
z4iJo($9px1J@2hSxkaCg_S75J`?h=F5xz11RHRcW3z-5lbJ$Ft2)c^#Hzy5`b=WTl
zV-W0C`0mfw9(CX;No#3oy(8Fua|dj^`@Wd<Q>)gwsDN#?W$>P?z9Gd1mL=3=0sf$)
zIUuQHqEIuT&UHr?*wJSJV9;qpQByClT~F~~l<7zTzzup-Y_f)|pnGg6TQ+_dd(ZAy
zM!<b)<6qgPqnFM`Kz=71=+xFP&cH3{12RTmt@Ebo?sS>2A;_Saq0aX-(X{c3%<2SE
z`2MUODmxUFnzbLn+*cwNdOZ}14!B*MAbgmpcT_x(1?zRXo0#{kYxDPNXM|Z|c+2!D
zkPbWN-VKO5*LYxS(L%EK_>}cT!M%bM6m{kG{`UaURZ8Hr0>kmy@yT?V$@@9GY8e0v
z$_9`LU-eDvX4D*|bf&wjrMr8aC5};-v$+q`^oNgBlx$#vVJyiWUynY(SSuL%iIp#o
z8IWC{<9+1z6O55yWd^ePk?!k}641UC_B~%gP2{lo`h`|m6hJ`ChF1iJ0B{9iLMAEq
z(5wRZN{)UCfS;@u8*2FvS`a6@(D7bLAFg(8400_sP!|iK;xlMbr2Agx3&}9^DZGL;
zWjb7Qpj{7<`%vF>M<%3bm-p0T3(^WTUdR2+*Pm;+JjcoXb(ZjIELM1w=53({qo*?J
zfnyJKRZplp59oAP@VocLMnc?cO(x(ULsLL7`}Ozj6*OV8ShqjbeUUDe*Y(IVmCxg3
zOL=>;I9YrP)AU_pb9ycSn0<vuMA727&nj*%aIRcJ1n{FTx(<!%kcmPXAhGqZa6tIw
zhZcwPzSnFD7Ew0wOfL-uU|HU0yKhwJ4F!p=hlSn`gP_V=sE;^-$@#C6t$x>s-KQ^c
z>vyXcz2rFUW~n2IIpUNAFT}}w&y79TBDvNZqIOqYE$3^>d}u}9rVD^3nV`SE2WFG=
zywCc$U1c}d2PF3jXp?h03LB_nI|HZhUZ?xr(s740@Vf2N`dprr<r{gk0@>o7&ZMI+
z6oBTfQ#~smT0?A&y1W50wpDaH8TjeX7TnVXnoehJj>eRPJdX}w)Z)2RhsZ(qi}Hn-
zr3{h4fx@G+B|lwl=r$^8)7xZrE6Vmz?CK&GVGkfH+YAsKkN&h$<qPq;kd63!bp}n4
zBKH|@&~=}8lETFH(c7z#zq#gmyK_8uLKMenBAGaOMdi7@U!N8K{&r`OY*faAfz$db
z?Go}@$k~JqaG>X@EiY0VK|uEmCi_n5yKC1(+Tb-D+0Fhe8>T`#a^0Dnp$n>PLH|Ic
zPZA0Tn>z5srcu@l8P@jbj&%nfEMzioZ>BmCVE~{++F0Wd3~j!<1@%MHK>M*05%|3&
z`t`dYxFuwJ$rmNViiS&Ai!iU-i_Kz8&8jmV=;pbBFyI63Ux6(4Irl}AXn|KdQ{ZY-
zCm(F@^Oew30aWPqC!#kDjOOg`{L)wJU8YNoPu+o(ZXI54zjyvYL~i5GJCnt3BzLP2
zF7LB*`Y~r?5~VcgoaW^2^b1#4e7_@9@}8U7NmLlfUL##8%QB6h&3j1i!g@T9yX3bq
z(0<{2RYElQ!#P|BDhWS3+KxyAg*cBmho~WtozHc3(1}Wlxq99cOT}h4%TC1Yn6WH&
zhj_E>I0-fss`WVhfqrL^=Gk=wB$Zc+w8y=aqn3&yVRPAf+xsKUGR$)t0FxEC+s6>2
zM*yWVKO*WlBKh?}mN(D^zZEWjCp+wx0YKsh=FlM9+v^KJgo1yd)>yd0Nc&urZ1Ltk
z<sV27-;3C<hc@BK%b6SmzNJV3?bmMFzH0IGUX_jDJ=tH-9nDo@&OAZHTjcsl!^Xz8
zc=}S!9eRv+BKO=)ZH>N}h(pI(;O>K(?<Eo6WR4pnD5c!Cwq;ETn8l=Tk(SwI64|na
z(b{DWkNTNG#8`)D@VsVyPxFC%^oE<$Ik(56KfN!GKE!m-IW!9xjO_O^T%reY2rl^q
z6N>&4BcW3AHn3l6(m!Yn7`|?zXE#3Qm+GNSVMJ5+-ufPDYYvBq6BPA(Fj?~+K(C&E
z9{~XTtc!oS!pOu=)b)4{8;z^SM}lNmJWT`#`bbWsWMuYBp5LCe>~alEoxzF5Q|z`L
z#Y&NtK{2ynFrRP{!nQyP$RR1>mAn|!;f+7E?x)q*qb9D@&It#n`0bKonB`LE$kOxI
z)pnnUVIc4_B6c6%r9d*1tF@I*cDX*MvGTZk1epI`flpD2RFdB#H8HkLN#Y&T+K<4B
zsT_sP%z)O3O3^UQ<VLO<d9LF5R!qY2@!|!*EA%{uJ#9G<Ne2{D0jQ)G#^!J#Y>uS-
z(txMOCm49i;4|r28WNsA5uK-NSPDB7Pb=XMGbileY#_@AN}PX!^mb7VWlv($8=gih
ziZvayVQ46g!>^Kt?7Zdjuw!uz&)5Bejg8Ty#$wsZfP})@+S;n&pcm*;S~Ds-K(+tG
z?1LO4tjNS1se8>P-3+qXY}K!+)hB%ucXM#I^zzy}$jf|js{5GD^yn#{`}K*HcAaNM
zIu9F=JJAv;3y1Jnlr)_Opi<bn+nRi?b}I-gqR)3dk9ukLDlpO=&gDO>RNxGe1X;J0
zA<{fDce&y4P7{5)R<SsDa1qMe`Z;=74wL18Cw$n)+q|73?a(t^1O<tsugevuMH)jF
zz}|g0*F3$`Q=6KeJ7S?=6Y5=;q{lj9*1B*LB#2n9f#6rt&aWk(&+9N4E+G<jP++a@
z9Nu{72)Qo|xa>kz6S$fRNkSc(Zzh|ZThS|KEom5<d?UaEHM5mEs5+?8<ke%{0F#k`
ziuq;kgzr?Yk@=KFkYNp<soeREODo4^6p(xpbB^@kNpqN-oIi^@{?n(_x~`W8JK*N3
z{E7BUW4M65eu~S(6<7Yt!1esxG`46?6s+@QUugl3CQKW|1LFoDm*T$Igr~b6F9Tcq
zr+{kDso^URz2U>`P;5hw_w&mXB|mA&1F<c_{5n5y$@_Iz)r_vnVZ2bFog!*bXYrfe
zEcpm6bKIX#!?w)=Nm#HR?f4f}d7Ti5D=`MDwx;l`^@nT%%hEXbfI;4G-J47)uUNvi
z0a9pg6AQ@$a1s9Ef#P&hoKluBMUVU!?^sPfvfu<+UfR$iK7O(p?>6;f7db*_rN{|I
zDwbJHAJ-RM3Me{lE_ld;K7t(!bvrxUtax+k-hQ;vZ&!i5`vl41HlENNH1f3u(=Pa}
zd)bXNYAkg2dA(xUv6FH7x9?p8HM)iVQ%*2lQL`>4MDXDaPF5g2bY>yC-YwQg#~ij<
z*ZX}7x+hxuKFN7VlZ+qeVjL}mDIf#C{xa-1$Q_M*5=}rPrM4MG39C&*@)O~U+;M0B
z8hOJIW*YA@qe(b&>u<BJRSLP!8ilsz5Bohk2*}N!umocbD|?5Ozs;#Q?~8t2tSh|J
zxP}d6^yBB9*5<2g4sXBK=p*QxLH8yBt7U}+Ne=VYxZG#_O8X)mZ4NU#_E5}^Bwp>d
z4YAt0J=;9cju>_&?BHoL!C^y)=Hj17utDPxq0MzCdPc7n!%w^x*&2BDoXu1^MO$p$
z<PBPw3AY>ZmOLT~xx~qv0nY~TdIg>$X;Ed{GW?smkH(g-+XVFa4#Tv({jhd=Sup&6
zsh<Q^oL}zA_H}3^a>#yloS9quMW?#4CUkd%=1pR&Q!D$4{XWwq#sjIOzNec2u7g+9
zk_GGIFCxF(BbH~Mu=i6S3X)qG4cIt!Ed1|S@s30>>G(wtzAd-oPAy|RS|xXaenSr%
zW*H<(&wbfs0}$uhT4=7KXDQv7T`4@y{N&TL-GeI2bv2{!BoPrG$>V0GhCw@ia8Aen
z9A^3i!;Z*qIBR#%td4R~?HXDZ@G{7axlfwuO@QNHK&ue(K<9_x%-t<5`uNKz7ugZs
zqSaHN2#c@;qQ8yJprHI=DuRqh>ovfW5k^)))|uig+KFZ^{vn(Yjs8^}g(MD+1T_`q
zF2c=}?)35S<BE!a#2F$FNSzU=4pdMG4JiN@7Jw$+6nW{mMoUt{bmWj>USu*d&Q0w`
zD%d{@5_Cx!l61ia>#LK{?*)r(nXv&|p>7;dLsGsK-ihHA1^*nB{EC-#OzKxZ5;$q6
zHHVuZ8pxZMBsrs#sYz}Hs6ntxQw8JMUr*;A2Qgb}?WaYnjJ9`lDiE8EJP$wF4UlY|
zSPZ5caeckVIwASR-A?SAS1s=8K5F$NAsr5`Js9TM0313z(kS&Z{rnf|DG*LgXd1#4
z3lb9=tecSC^6m0s5KfIdHEPL=gB?Av(sB+M$-al(@t7Ww3v~<%EIm_N6q?cX9K@FC
zmxR+R(*^58-4VIQiEB`c5V&#$xL3od5Hvp`m*5_H)>-lR3ULvzJA$8J=mi2dilW@y
zCJV!wPdRUawISKBQ#eKjEd2&j-MA`g9I=^@OGd(Wp^G1u``5ixDR+KmIRC2MN^!9-
z>un5Sa*Q-uUR=eiq2uwb05$3^lcgPXyEVQH00oMy+w8xhag4WF_DV!>4}3yBJB5V@
zBDkpY{2E}hOL@`3Cp1Niy5B|NsOp2j)y+}v@FTeQjXBcX3AbQrJ1=Ub;ug`kz@AI9
zUWs!;#!~a-$EIOUB%B^H_zC5LLN$k-+}k|Bm0sM))GXcM)>wTE!1&~oy6O8}eSLkN
z#NKeYZh2-ZzW^NnGa94xhWw1B1PoRes!jG6hNVLs&g3pBFDzRd#eu56Y)$(b0(tAd
z$FEH4tHBq;m;I5~m+$kMGz7>~qd^(t31hB7;-{K3dNDgfuZ1cx_PeOd^)U`1ip9}(
z&)@B+lIog$O?=MyOVeA0wB#sX-{}~FcqX6d&^#Vh%T;~hCcl>~Sm>iFJN`ItPqlt4
zC;gI>rb@sy6YsV`501QsK=1roZK;1|!4`Rc&pqII85$6xR;r)5E&P~E+cLRies(y8
zLGDcmcuml3ByVmS{`kJ<55p3-U8jKO=uE3~wvuoGrs(rm1O6E)Y;t2a;%)7D1cunS
z@$C6rG6I~CZ0yfuyYB;<@3Pe(teQ<_W0vEYS)pa&#~ELa)WNY{6|!&UNxr_mv@pKd
zexIjFf9d^bPV-{>x^3n6*0r3M@5oZ5LE2glJeJci=BE^vk-M%rHw9u{0xt2!<|`jK
zY9yTL6C^dD7#N2eQw`)DjHG)qUk7aQgI!2yMh2FRA$@cFw#<`2V`%#3oe)jo{-?oe
z>h!frL~AOJN6Ja=OFKkNmHK6S8GUNgu47fBWX?Zq0z>O#Q?Y4^uOh4W^y^0^A_b2z
z6VznTvZR)yXws`cp&xyA?JF2K;Z<xTQ-xkk)F;cJQTX4#T=f3KmLA~@Ms8^)NFy{e
zoy1&_W+z~qWq|hNzdzp}lbqBdIrX_YUtf5L03HcP81Ao+0Ly^LavGsaByGw6d~yG+
zk?Pawt(+a(aDrIp2VYa@P;56Jy4|j}`8gY&1pMa==_cVph`L-novVBP^!fb_W1a?#
zPA+_Wtf=HmNm}*d9~&uRf)S7|v^_>>*&dkn5ee-GZ@U!hfk_NcDSC$6A|zvR|7#@h
zn>4j>OuBTa-GerpeuoqB#W!FN|MYh+Q1}Z|!hg6H=d~64w=onL$Y@6u2S1ce|7kQl
z(j&Z{{$Z{U*KICZ(GSkXf3*I4{fkeGkZT_or`4+Xoy9)1nV_%6^zhx)$`usDHvM=9
z%n67C5O#bMS=;d$b+n8Y)@4510&ooS<RScnMntM-ywgsf_Pf%v=CGdpSzI;ScYA%T
zRH&C<PU<?q>SlXJh8%usduL(Wvs`U^@M}e*Qir42Zr&n&7L`hB_Op@@-ptvNU}G`t
zMd<X)1cTpGH=Gtx`YyM%oVyFS=IRCFrzU^ikAf;^N6%528Fcc|_w+KO)eXp9m_|HX
zuz6!~`-F9PxW6KnYOzA!eQr>);mp9)C$mdox0}4Fx}ibcH?=8~?2cLJj<P&j@)2ab
z_<1dBn61(M^?Tp~%<R7$4rj|f`MSPY8yx-q)ivewzea{rJKz)AQ6@~6{C%EX)r>i(
z#VI&;0?6&HB6XV{Q50HZc+PpU*K@gWHr)=?r7~SoxEcaqdCzn6t^eYz^5}hc1>iE*
zbq-AzT`q5gMS&q>Q!pAa^wXYd;?fSaDJe6&Ev|UiKYg|l;Pz`HVeXjR7pMN?@PAz3
zDSeES$nEq<rrkzge3eprNUSI}Iqx{H>%J|cPSsCj4E*V{rD6<7e*&`u)|s8DYE$Cw
z*$p6kVAQQF|2>FZ%G`WD4^~z3U3-Oefh&)XBTQj}gc3z;HfBCtRcnuQl$U%}La_C^
z#jj(+PXuRrkh$6RqEOR9eufV1-hGA5F-*l{mY^TI_u>o)bcXl4XY8s^D(_&8GX?74
z{S9DiWr0VdSb9pzs{?q)&9JdpsJPm*7A2=fSRL!z(xq#E{K?gpul9XIo2LM<kWAKL
zH=ku?>IYZ?7a)(z4VEL=nfwvVtZ17-j&eR*BeBtUdh|?FC#n$fzfb;CDGI6&*HwG7
zb9A|B_Itc8r4U_*z1;brU_bYBmO|ys5TEOj(9_9ehiO16v)3LAmHNHHWj#NgQ?qz^
zXy|7KgG`-aA8<N2`703KRbpRO&-sGxZdinTDS?MJk@9VsC^D!`;IoTb1foxDoABLH
zZu+UfxlTUZ-9%wYl{siXk*+g`<gfA2rij56Y5F}0t-iZ;yG*q3EEjQTSn;zCyCfx8
zhprG;Z;$0(3C(7Bo@WZ)PD53jTMerEV5``qM^%;ldGUtTu*tb^AFf_FV4D|25v(u+
zj;9vz$bNQZjX+<G;+J2mt2Hg|vIRsvQ}4d>e`A=APdgw_6}k?2Zq5m~FIc5w3(fo9
zZqw-2nSNZ@%7L!`)(E#Ou<$!C{XSVXX6*YY`ZqNC>O__AtO0}aie%ZV3#IAghrZJU
zN31KueSA!$#X-5GpIaX8zMy=vY_S^uL;n6wr)Z|)O1|ux$yIx{pec;I)#Kq>Vc#&)
z*&Mq7IKwM9-l7VHB$n3SH&>jG8U>`Fv*7xjlGviB>tHwR{KH>%K|#nsTZ{r&eoc*&
zBA<ix2cM>5Ht9XR4|qKu0q^Z)<zog^h723n6K7%x0M9CwK`(L|CLJ`a8@Il@ItqwO
z^S%$Tm(QAo{zr%nCcSRDMPyv_I>LC(ume1j0SY3*0+-oX2VBVHL%8?BD8mB?xt-4M
zfd2d^mX?cBFbk!pT^H4;Jbm&YV!gW$emLs{W8n+`9*omN44<=OI+*<<<F9f4&&N|G
ze~M-g#ogcsv2zj)XWioe^W!q!9lE`~HQ*@JWV{{P{dj->7+i$$1tKRRTBQ5`u)})+
zr8H$EA6RP|0!$R<dZ@Ai56m3}=AHj5$EhG49UVtf2+@5p{qW#)bF{xY%c3hg<LQH2
zQ7Zw}FxR!?@a{vze-9^m0Zd)E2?3)2d;^%t56n~lKRV7(GGPVUe8-eY<vbmSh9qM2
z*?gcBp4`v&4N&TU+R)4pSn;4C1LzpJE>KNV(!;!$C%dyhVJ<^Ss1o~?;?H<b&)(iI
zdVs^JAv}|V6(bpXU2f;@-NQpEDJ1omkixxhCQ)S{_k}=UgGO5b-gaA$mD0IKYdZ-H
ze==50w|%XDBqG!Q$UB;EpS#&E*{<qvhX8<W0DQSJp4o5_K*5ca_z#2h-4|S|OnaXc
zY7{3eSuFXSRRZYb<ZQJAR4CLh*lc7IfX(L<^3D3cx&a7^ZXgO)+rsGOF@P(S1Mff_
z)+o{2zWZrC(Z|$${eJF!KjWBAlm}}4){ltY%xJ;#Bo3RTzS_++(4~zN0P6zi$%gkm
zXifwzlqh-5Vf|&VVp#BYmY~)-WcL67J>Ayi5N&Tqvtys^>C{&VEYw$5TK#k|CB;Cq
z#Y6yL=vsZZ8MCVK8<3`eHvneO7N{2%=~mmH0@BK9`}#d|O#{zteaBYhru{)@_!P)4
zfTSmXy~m6VyRDbz=k*MiH1kzDfyr}yX9u7%#>l+3UL*r-LcXtN>JKQ1+qAJ8BtQ3(
zSI`BsUnRv$@LI9J&-b7emD8vNE}7501pCN+(bJ+HAYF=q0+acIF0mJ(uGO<VGY*v#
z8j~gZe0(=2V~wt{L>;>aSJ39Ufy6foduC2!4V`kk=W`C#WvaQeI#WD9)MnzdyIWD~
zd5@p;=YKnK%&d_x5klhBho4eSJXt6HunfFjk}(Dfn26`HH#-5o$3i~@AfjGw0OQ9|
zvl8<B`sles18xn)BD5N)Hem$lHUlu&122v@ul4|>+@<tgXZSKObeLWzTPsuBU~tnV
zy(OUhUACvB+-VEmDz8C#y|vWrw``BrHfVLj11NP{)RO}0oesNQu}mCCWoVEAI9|zy
z=LzZVFEMPat|(GnqlCK~s9!5%^}LFazKl=}3Jsxvmy1lZhWV8cw}+!qsOw{T_dR^Q
z+wrm1{!B?^pGz19y$cV2-soQ5a;D7Z{vulv!T>e&j>%%)s2#mSSSiMB;Ne;~YRPdI
zIq+`V0E}NZN7zEwIC|cPodNYSXgP|hkg3|_K<R}X-rES~CN!X!>e{i&Lhd@kZHDva
zP{0mADreq>Gs^w&61)WEYq^Oyluj9dkPUq=%&4z`PNNxhlhF9OBI>fRXCL)Jj=7P&
zW~ZcHR{ck7$*nV&SLf|Mc?3Qx){tQLR3hWm2|Agp-NNURK?m>FU|;>}Wcx=zu!=|}
z=cDv*3Bj1Z?Qj-Jl%G-tD>RT9!@AOe8=RibIb0c}P3wY1fErNd$#(elv!_dbesjQ6
zG{Et6$1cL)JK1AWcc3V2PTC_FMWx-`q=64ioe!X<Zg{cU7v1LUCVxm^2(e|9(^|QR
zUIBXL!`q4>k@N{Z*Og#`OEb;<q<Wsir7=!eh*U1X5ndU*kCdmi`YE<qNap-9zJH<T
z{8$;<6cQZ28n2p(&l_TcW_PsS>#Hrm^=5wj3CuUu@AhKyo=Z9Gz_SDDz6holmeln@
z&#sS$bpcv&Kz-fUN9Hbx%`BXG6W{_iK`?gF%ys)N`EE;qLu0P!%Q*pR%XH6Kn{H+&
z7?jWHJ4E-DnAtf;eii_zD__H#Y;Tuahy?HTLHk}Xfx*F?@8vel5}zwj+IDuqeQ6II
zTe1nLtBb04^r!NA0<i_Rz#`ugOVW>owlV^Dduh@!HEFId+EaMkdhvEneQuI$cK0iW
zex52MO*dMk+ePcUd@puvOzvLrvdOBZH#WBwH==s-Huc9PD`)=Wu{!~R^I70&A+4XW
zuiJiQ$lPK7)}aPcj!PxkVGmIJE&}9Wrq@OLx9gvkC}ElPy)2RP1-Hrz-+6WV=>waV
za+S#Mv|YViR2mINVB%B7x?JTtu9Z!NYH_?=$_vG8c?!y;1-!GaHRsp&UggIy<@p=5
z32r>qX>KZQF3>23NR4n<7pZ-VoFz$Z_uNdi0K!cu*kQ@<&c{#+C=GKq`CTlu?Xj}a
zP4>;@jC=E~HR@hvg3tO9&rGF6F7KEUw0_EM&Ylkhn%_LldrtK7g}?A6(tG_++Jfq#
zs=|d79M_pE^J*{EOYh6%kUF-&OOUm}I?i9L0($vH)U)QB)8tw*N}*4B05|E}2+5HY
zf&U&NJi%?16!XCxIdxXb3SeR@0gmO;=mcP5P6K{xTcmD;rf`r-k42yG@Vah~cCz0{
zd)AV%Hg6koeW?Yc@1R`gA)ao{a(nT1)ZYcR@h*5zbcbG-)U?rSmh9%zaafP{pq|)g
zb+|3KY6>aHimltPxA;vyrFqF^y&5|6?A-cWtwJ)Vug|VwoyLmmm=Xuhhz!=si%^nx
z^cKFpP1R#=9N+dA$0VajwsS44>b}Gwc+^@YsRKNlf|;gC{_*=vBtaIBlM$(#NdMEj
z-HPGeVWGQ|DN(FNfSli~-j-C{Amg%6!KP++xt%ifo57VLSs9kt%<nn?7$jBBQ=n@u
zub+LfOlko{?`xs6H(f}6ktr;!<&{hI&{;Yr$9z{&rQ~h<S9O)#zZ`Veqpm8ixTHjl
zOz?i)t!&-hC6#|J$f}cofqAvVWk+D%4RuAOb-G-4_Fq~p!1)q<dp|#`=e=!Jx=|x7
zwn~R!j_^*j`qfxCT%PXfW^nWEmIi{4$6HwjkPGRnAvzO*vXB;9`_$yT{YiEW<kN!g
zA?`KIrCVCRg_u0N&3H`%R<7{9Ih<mpFYFt1E{p?Rk&5T#^~xGTd$L@()&xwo>ra-P
za(J8a)_1Pa@viMv7u1SE^{&eM>2hZ;N=%BvZ9;k3?N+NBg?twTB{sU<fDL|{aNn!m
z{Aw)`t#9LaKV(_8WsZ@b*%rVjEz=XKd(YL91$t})xhCweW!e@Er86KW#jrW~H#2>{
zsA?zpqzu%e@~jEL;zn61j9xgBE$>X+S>1JB=JTryTvQHBNTS0+UF9}6q>~s>LSXZA
zY_juOQHx*&C6}y&4qQKH@RTMMmO%5$)u1tHLT{O)q6#lc5Bu`NwKie{`%0kA05j}M
zR`h$KkoA|hR=n=87_CFRy4l-|;t+5tHFo?9`A6#uKPm5&eIFG~IG1FlLtrYUB`w06
zMJ6>bJX9Ux;?lT&mAR5xqXFRDkU~Ix9Ol!8!Ul+^=2{ktwx0{B>Gu%DO=^b)7P@>*
z`OU(HFYI+0T?$hoR6@MN2Nw}QeeMfyMeY@(W(Q-xNH?ly#>AJM1Xb~TzkB8!DtPxL
zH%>JTF}P+3xz2uiHhRSlGf<QQuM)~qq)N<}F9=lE1V$38`Ifv}?jz)4x{g74!Dn1q
zDlwU9eMgscOkwWRxDte9#2bV>Q6Qy$7Bn0rksw0_M|?9L)(P~vEphDxZJ{KaoXRG?
zhWn1zqk;*PyeL)Xx~Oam64R_Yr6u(R9W9m3FOWuH%`+2iY2Bep7aMt`PV-4JzCFve
zprW0ZUymHR$<C$HU^K(lY?Tj^Tno3joI5NL@a_<(XLTQ;1VMLPNp(#0b0cQIPrI=i
zq!o$51+1fGG4yCghkjULY25J=ZztPuTnM>VgGSJcAV(JTsL?(9dSdkDRJ|onSSeo9
zCA`FC94F;{A6@L=Bm8IV^ylMhFJRMK^J*88LJWlzs*NMFIU^sY(=u4Z)RP|ls5Io(
zm!LvT63jwfJTZFz?MG-xB~x8W5+qYtvn2947bg~IhkpW8{FHCLsG%J-{^l|It;#Uy
zM8Th|1>>{#_!VBxC2Z%)z+C}-l+~4S94CK;fA8m5+d}wtetG^USuaa@uCVtb3c)#R
zc?7QwM#b7ju*%6G8cHc~@~&$cbVA1A99UCQcSX9O1xtmRlKSU%Ry+3WmnWdUeZQSz
z$I6Lfb-wZe1fcSuzkz9naurLya~3tWQOJ_qiRxXtdZ^W`0yi(Q!(H6?@kfaLhEHU&
zS1wTCFYs-y=r=VX%cK!Xf|!C#$yD^ixLK@9#5!Zg;ctl$iFjsP)NtLu#`0T1#kivN
zIIFyI40w3NPPj(kGB-yxUr}&Qff19B>t`cv@)o~rUBl<Xz}LLV6UtOgXDL2k2c5Zu
z2AQ_)Fzy=R^Hgo-DEkdZO)7*C(5UgHwPVuHOP@EX$J_iMi`=5xD#qzt(0rD)c)Lut
z4%4>eDPrIt{+{-P1LtO*q@(ovXp}MZQ;4>!Nyf^;bk=t*1-#KS_Ef23iitc+!2)89
zNO8*oIj7GERtnEX$G;x@7FP9hY0q3tncY`l=~X;J&t0K)h>Xb#HP|dveujLJw3wAl
zF<9u1t(8!N25}wb_g-Mn&o$%{&z2#kQ;z-?aw-?c%Wh@u-dwitiQwZ<2TJa07Yms-
za&O1UIVvG2w_B53kpch^VRWQ%#1f<GJheD4L11ECqjl7f3PW(2p!2GTj^lmAj%v`j
zl@v<mpeEuFHpWh@aHU)dzSOvC+OWTz_^vw2%Vn@oT%JezOChW(;Z;7~>$<>K1DUkR
zj?JUj<I)z#UZ7cvu}Ou`YGjB)WM&n5^-odGb#lGpgWwRhpPk?F5N!+CcabTy*8MKG
zkqr+CpTHv#)Pqf%L|<rj<|oKyA|y2vzKW!^43G3OW|!hOP{FP^nmm3a`)DXvDSaOl
z=%V_4Y9#+mN2YPMxehh)$xGO5UP>J+8mLhH@!;{43+dqViFC&(uOAKJ^$MyM^UtHa
zdE%>c(6&9S&rdMhbN6q0ybMGd^&#=2k+E@-ENy9*KcZm33jMrG5xyxT73TOY#8WPb
z-7C{dunt#Q#UM#VO^w$hy|H+v8C%T8ki)1^FSEV^1EtNyt2;_#VIeOTfY{z3J(*a5
z^lGH$DH1F6kI*`6VHchN;lwGE=M>`qQDI-f;g;wH?DTc;n7BGPK4&OW)BUyKg3(rD
z{=vj(5^wycFFmgeZh4tgot;!2G?xn3sN@Tn>&dV0R7DGGqcYy;rOJrH1+Zh(EYs!p
z3V0LMY*Ph*@I;rrKKm@%KQ>+VBDj9t(>4XR3fzG`o+q)syOf)9*3BR(L3ljx^7O8b
zV`>Ml=B)2(&mQv04=a0z5qsXzDgfHy8>abn%SVp_atsBuV#^3`n|lT3pVdfGI0{e(
z?5Ly92d4YpAY$|5)GWrd2&nA{)qC!X0I#Wd)Sxpez(QPO;CI(oyR{b7@70-Wz`FT6
z<;vL^OK#b#uzfHf84O)eBb%B=+V_NOW;EbwXRh`9(bTYFapNN5vuw}pO~wR=tp}}J
zVqmV_=16=0Nr9Ip-mu#Zo9$|_j;TaMggCh7?^*yyQ*_>Y+kn9A+Jeh{f?Ntbtol9@
zXm$sJ`{%XcVTG4RJFtYKk!JL>W!nt4evPX-<xedFT7bQ%xrpxVPip9RZzsI_mKr;0
z9mjGJxJc<8xx^P0r&=RFoNK<Xt8EY1DZ`#met~dC5_VUe<)><_y^!qfy?DvBZXe`L
z7AyKvOY3^-C}XBG;e4vu&hvz|b>AX|Xr0U{>(0Ax;S9-U{<VP&nyoy-Aw*-M-u~(M
z)aQa|b>`Q#%WvK;{J0c#)v;9(0Bb51ENb3>vot9S?Z<3l)pK9U9`-$H^!saFGdGxU
z2KxZPBgjIv7k6!Bt9guX7#-wle^U0d=-ACc3qvn78Z4!UD!QEZ@n|z^FFW6PZDL_$
zb6L_ma7>Yp(UI$E6QlY~ewF&3j%~Q6yA%{J)xo7c$IAfLSdzJu_0d}bT;Rq<($s`C
z_o1gt6yM-{xjn;slc_1H$QfcKvX@44xnbQ+M&J!|0IBq7YDdB$(BagaCBlpFY$X4_
z3NPYL@tS}cX*z{`X~$CmSCNfRi0OZf>zP0V*KU@{%;^R1N<Dg49e+~cH8k=1*%hX!
z%<;$S=Dz$iGT6B|4Q$?~F=WO>RYsxG@BEjOt-;HSA~L>6!H#3aFT?MrcEG3(Qgz=i
z9V`Z`zU~v`RXU7L^VYvO+%hN>_q-=kMqj@j^^(jUYjAID5TVM4Br1JTYksDYKwUVb
z?vtHBzJ+DoEB~@gnG}5dQ8R%+Bj=;NsaFl?)n2>I=Nk+RHA6R7Y$xcdq&t8!#~1`$
zU1GC;xTa3ru@fcUpU`t@98Ls+6!6mpf)|RkL;r{x(G92JJ@W%BIcR%^XHgyA>>=cx
z={K{y_BP@g>yz^Q3s0OR_!WV0a@pg7JzvtyWpfX6@8V|A2!TqTy_EQuugQ>xhpivG
zrBWtNKjb%dp8%v#$&Q5815$`qg<{+JXp`CCOjj;~pN;P?fQ?!|!yNX(p@DuMKCeFF
zb*C?Y#0eiE%j&ulXv8&Kd*|#t4Qcm!h=(duOx<WW0VwBMeCEKvxE&fb4n>cWfBUOH
zj`gPydJZNwdq|4~0PrFL3FkwmD-wWRXFMio-#owp(eIhA<x+t2{u^Emu)Sxxx(X!|
zA2bRmIU17=7pm~U5YtTH4x9!YeGi!~1OP!q;<mk~P5yg5is$!C*I|LO`QP6FzX2sl
z*J)ae9|Dpyw7?xAH6z)m{)Q;gDBgw%8~8Tit`mG{w|;PTxiSS8O(@W0W|BXe91G}^
zKe|kZJU~S89|8F9ibQ751H-9-K~u_V2T1IH(dV~74`MJAOFZnsSfG9XTXKc>O?LgW
z$xi{7eu4cThU`Dh?hy<K?`3)qp!lCtUtav>CRtkkb$p#IruXDymNtMHvj;kJKj<YD
zMqr4njgO=rjP4-dQ&uROjt}}bO9$x8iMI8J9A*;W1Y?*(EB|&mj&vo^zXid)<o~$J
z{S=9_o=cR{{?Kc!0hdz4_zbM${(-8k@PQG0!yWpNP@Mn_$;W@?_rTs!+L(lN2f#k0
z&A0!ajFzSIANQH)`NPCI<gH$%YVPib7wrTtN{8|a^zfqhonY@275c!-!jb87xc$n9
z9Rn!PY>xmGwYtK5CIE|gx}?&^!s8<y*}d(;R>;10H}20_jQs6tH@><pdTz$kCadq;
zk){I_B>oL7fway+Y|gx}SoXxn4bT#tJfarp@%tOGCOK1sPG}n1b(1)MQb^$*xtDE6
z5HME(Iq0K+K-HMJ>HLRXStouKP^rMLO9v27H}BP~MIFxp9O(0A-<7uDD%hm1E>M-g
z4tT@SDIlw#cAe6<xG&HP2+%KlP8Zw_`A(-zihZt5kx$ynEjIv|W50jA+)R!Sco|S}
z0EXpQsv_SW`xO9r*<I~bpKaE(Kjxdh--*#%+-vD`lI_cfQu%U=wW6_}n{zd>xBLdO
z26=KmT<3z$syHK0Ba80IVNPH8355iGw?sx)SO8=N0ANReH&>Z0)VWp|>PfZy4*<Hq
z|Jc<H2ANRk=i9Hz1e;Vk*xQ$Yp@nMst2>+%Qvi^hD{%5ljI-aBHqVz?vn1ti$T*bL
z9H<#w0A3T@C}rr(-)x6w9a-d5zI^_^q<jg03XA>jZaW_zX@a#){*U&~GpecWYxf@P
zC}IIo5Ks{mP_a;?grXFILy_K*CcOv*B#<DYVxtHsDou)X5<q$gL9u{HCj=5guL(^c
z)P%e%c+UUi-0^<6<9@hhjQfQT5O(HXYwxw^`psuPdjcH*uhS4DD$QDmzY4^o)WX-7
z2~zl;1B`M!pTWi2=gfzw52Q*{4|!@2(=eHBt#+|RUIn;1)2jiIzjzFYd~IvN$cFQI
zReqAd{`$rjwr`k@aK|G#USF_0It{q}C)(N~eHoB^IkRGWwRteEyCATodCC$VcsFxP
zx^|rLkva4d3IMCQRXBI$Gms1H7#c5ScmUox50YE1Ye@7T>`bP~Mlqldefku>UB19i
zzskL0a3MS8fQ^8Z*kmWlRzIz2NadB6#!f+<cS+>aG2o7Ie533^${Vg~;kM;O4=No~
zLWB&;d57dGtqz9Q?VLocMF=AHT&!Ikt|Oh<0sJ$ll)h$_OChU1*a8+->?^Yqf!VjZ
z9bbItg)ddl<2Nc^M(3_3xq3D}P8xAeg&!>i?-(;PA4S>lFICP+57<om{>c4QD1kj(
z0|3;gcDVO4B|vH9=k2Hsnd=}K{&{#SHF^89(G;cAngYS2oo;#4z+kxpQD^zw*i({S
z+j|vo?IwOjmV+0J4S-9N(~sjTjF@hk6R7z;S=#fRYl8vgCh%n_1H*_rpfInD^@^kv
zSI(3Z3xLKJ;i&9%t7G!vG83@Uos+{A^8?AB_em@@0r72aRpJo_#4{MwDQLCAYfbbc
zmjlBcBLrYMRa!k>SbBir+jt|dz>JaB6(Dr30Py!aDmqXAapP1d{Sr_-EPRPWP$)>A
z@&5+01_H>MUkG(N#azYG?o%@7sSc~Mv?)1<Y2cGl3V8STWx!f}prhI9qKPuz0&6EO
zPS-59)YhK3Y_D3G*OuB&r5T%Ak5T%-tK9nKpkzm2Jh4o5tf}6J(^LGlQSOd!>C<^k
z0$g<SBY_Rqo|iAhUH~iCOI6(bNM2GEEx!QTU!Elc<WTF?eX}^~xJaa9Dzw|Y9JqX}
zEjxe;2Ewq0>Xu-n`%04-N~fAqdWtg&t*ScuIO1#v(r)Y?XmN?RocXX|Ok86^zz`<1
z#ikNof;I#al1Xhh!PUG#!Ig7;mp>oMSQ)6me|u3@NLos14;*k}KxWP4KU+7c;BB2D
z);3D$E4HhX8AG!))oo$>4}-lp7Djawd?<DhC&)38CFXi_<-1^L>GlKH-Z$J}wt*m?
zm>J&T>SKVaz&Pv)?UHYyMOlbi9{W1L+@;SiRyXLSwM(XfmYD%boW{mE*UFFJ#b#Nz
zH^7Zm9<(^V_ROmDnNg$r`b)9pSP|ndf}ylx%)$@x<)2qu-*|aQHfuhfNb-x~2Td^J
z>IxnJ<}cUghrAk2)<_?TV&cuJExd`eLvG>CmNd)f+v(EHRW!oeSRg~{Jgl#A!wl%&
zvZgb|M2k%5`MR&u4g4W<>i6mKr=Xv$z<_pV=_FpK%z}08EuYhTue)12SUDYm!gStH
z$ymdkF!A(k$|OEFiVn0U1>OU-YTVz`iHCP~yK#24XUfT~Z&;YLDZ-XqI=ebR3rf=j
zzc+^P;fU_FPZMM6*`7b&T&`8{;`%ZH%APu*Lg@kHwHvdGhDm)-BIe?&ho6au)K&+z
zM?N4Nlo_5OUbHqO9b@8YJ#HMw^}C%LM?_Yw6Do7dqB;4zE?k^((78w+!$akZ9x>K_
zje7rS2)hZ=Xmd7hL*o<FqRF9@OSuujpx1*#$!oq9^xLfe(B){`VY)Z>3K6W;!{Zx6
z5rXRiCyYI=g6b?|a|Me~YVI_x9*xxw`HFJd*^@U9N|d9F8c^u0^)=CZ3R9IdHO4^5
zk+-&Ie7oMdKL>C9{g%XQv2mfOYo}*j9!9-9S2cCBcGyH1+5S|+n)9jGu`cDDbQ8VW
z^4t|IilnV{f6y7ZZ!UNWS5_MGSI>{;ME;-+Pm}MYy1q@a`;Z9VRcM|R%2Z<EEf6{M
ztnTa*FMRpaNCfxkT^y<!4VJ0evylE@hjEK!9i|n&=o3>dqd-Au*R3pN^VSoSZ{9`Q
zl(`u*ATp6%eO*HGBQLIokP7*t=HFhz-srM@R3=P5NcaJHm{)D#`BDx6`mtt-3Z!#W
zR@9IOuzuVruKt@}k@&O&a+B|G5_8K{$2#>213S}c94~88eC#q*9JwoZq*Xf^LSDn`
zyomb1mpXqO1zM>Z1r3u8wA@DeN^fDUx@<GB=6D+y$CVbmZ3Ub>Z7)c=iyo_rQfO{B
zwHPN9Y9c*J17+qw^w)4AEPm%2=qt(Md|Yn`$5W3{(s~_*skJUW2Al;<)L&~Le%{;o
z0l^e=t@)kQVpz~pZJtYg=40i0q@6(<GNO)a)IBdoK%~3M)y2a5?4Gy>o;ybgSpq4O
zDM>!5!!#qkroaLCM0nsUV-7taY@!>Th8)b^olu|o?XsL&s>afK&scRCK2rT51uYm-
zR0frig0DlIRv5&lOi!r$udL*@C#g&|AlcKT?wANP%7yFdTTMtaOg0>rP~YBuZ!IA+
zMb9Wue9pbEOO<qR(&->*IM5sQAqU|lGr&^57WM9)p=N#ZK6mXd>2retekA(7(~{TI
z+C6ZMyik1<I%`+5e}^XGhl?ErdIH0Bz0=P>d?dwt9<t!JyX#X%)RniByFNocjtf5S
z4($4sG1sW9QfuHJJecyK2(wIRLP<>7LP<@>j#fH6n$ik%D2wB}b*+s$846r~QBh^j
z`A8z5o^)q#rbo4Io}M9hGE7u*f1b^ARZZ_lZMEcNfM3&%un0I~Il@N}v-dhBUXnM>
zRl)5f0I|+%vrv0G1Ju)TL$@9inO!hH-I~mPA>;mb&5V6^s94@z%`^B?{$@MlG2{;`
z4wSlB*OP~#=^9$;i{froH{!B(2E0`aL_!oCpKu7sTr9Ei)^#CP-Wt8SkC{`J>{vSS
za`O!PJhb31-1=cE8VXQD@ZN`ly*N2xov>Th`K~d{LRwk|JE5YeTy^FFtQWVI;Tm5Z
zwl^-tRNuOAqMBJlA|CJ*_rS2-i4@6+Y!BHea<&orPHr~ssD8#RzMiXqc(fs2UC54q
zq$GtYJ!9zqd2Y%%B1<P-iSS0$5FUI8$iaGgNFiOcK*!9wmJqO!zQWx=IH_dp#@-!q
zfZr{&N_L9<+xMzEQ<=kB(U9dgq2<aLD_-ula2>mjCl9jPTuQGSLfN%pUdoYA*#d<*
zE{ivqqA(pm+d$!Cr|x%MQie#9?K)_GV(cYD-fLsldEZ^o*@Am--S2(ws_9SZZsOQG
zH_eN_lsqf2oHzS8g{etXmfmwF4~?rYlqIu&!`)36O(5&<jm!FSE=O@R<_0Z3(FcAv
zR5wMTSFg8=BV4@@_eZ9vlol^UpH!H#6i&*?P1&wpYD47uNx7pscB`XmYG~L;Rn72K
z{G2-qGcI_{Bs)efZ5XmtFqcod6`U0j^h%Oo)#slVd`@;9zN#VE)d53K>DhJYG=A`k
z4+D_mt#C|sl#A&hVX3N9jqmS{eA{Ay0=(29v}{aRehiywqnZsiivx+5_knP4QWGR<
z=C6nOR<d97F*K!7x~-!11|Lh%17x5gKHS!WVjt@;U{nL`mA;5;FDZJZWVH@pFelq6
zL-Bp})?w~D*m(SRBUcoByjy=!1n&)o)ls>2&Zb!~%u$#EQ<RNQ(}jxF)^%-^u-}cW
z%~yUeUtQh@YtF76$>QAU)j$wz!c3hk!2`ay9e;3#*Ph<Fk;g$oL{JGGw>GvhUE4hy
z^au7re~@aeQN!n9?Cagl7i+&@**u#vqW3QGmi7rnEv4#JZKT|e41OdEFoQII*ga@I
z*%~u!fVyG=FMydhHWOE<@nm_7^i}C8sl>cF<GK7z(+=^M#(|;|IP<3lH6^NZsA^l!
z`vkU`d?Pc`4BPF2Z<YPO>Y#6S%m$VgnC{|vxO?_f@6BXh`1uPwxYv{1?H4btg!YBd
z>LT~=fI&)QH!y5rQ5Tdj>%Gm<dX+YOq{#c;wx97D=)t}U4H$?2o4!)r0rhj<WffxK
zu>@<liF|=?L?gzyp+e71zVGTGgt?Qr?mGns^&*|<5%|WSO~=9ih~n!oHEGw(i#VB^
zW@S{{`D}+f-58BK@#+u>@`a}Y0T=Qd$;R#B)v%oWoHGH<=oc$m`fyVS_1z*Wg*KTv
zH+A6%uVznMX&>ZZ789cNCvQPCFJ0#ik;uZ2e8z45{96)cPqq)aXzIS2rMd!jEh#a}
zcbO^vm_4U$l94HJ+)8`v-Kk@b3MCqU;Y=pe1}0@!AHi*%+7KUPHC8T$@C~QvbrO4*
zmdgT=g_FYsc7gH>e<o7*#241V>AQJV5V6Rxev!-}o94!@jildN&bJcpMdQ|+M_{J4
zh(rk{BI-G|gKIQ<dPa_KyS`?N3aEY+Y57h3{&erD_XFYSrj}w2XPJpFUmTz@e4V&a
zpuhT?7f1&IipG;P58iOI?H|em<cwh3@63=I-T%)=51u<2vn0E=$RlyVXPe^I&OcKR
zFtof6a>xD$#o_-UQMVmi(Apa9O2KEJf2p;le+w3!M;`qf+a11Lt^0p1O**_6@VE{;
zJ{HDe&g5~Acp^`;@VJ<pfb6_HKxCPwhU);&oUd`=I?jS|KL3^{VlVM`v;OxZwkla!
zrr4hJFR}ezCU|M6S7(7NB|yrlw1GS>%*x}K%KGa9(o7lfUo<BM&Lo<F&F3!v{TuMN
zy#O^GSt#04n*P4<!lsV^qFL*%{*;wyGS4q2BJ!_8F%RmP3cg|4`l=Qy(PW<ALj@1j
zzpr6XFWT54CW3ANYEPYj*P~k;D8~K|@+{Z(I0%R%<_-{h{?D*3_R+BkJ{1J-Cs{6*
z@WDI6n;TCx=t*5!V;ws$=0PvC{9+mUo5dj9XJL&3EF<sF1Zb8?Bdh?;9-P5nvHd-C
zQ%r#NzskDyEEw+pbD3q_GA+Suk%mujvIN4#4CL6GY1R?10P$9TmEEFYf6bxj(VMO@
z*nk;}4Y1WU2w~4{MF4r)GLRXGP?g=g3yOgfg~&9&><ZD2GZ%UFL2@j5vt<~xEVgBX
zo`fT32|sFTCUwpW-LKol&Q*cD2OJke=*vL9SrGU|0!!=g=2Hw=g%N+i)b6%QydBGI
z(aI7D0?FJK8sx6$Y^1F*r7t=%BuAz)(m3CwS<Ixs1r*6jfFe+M@sewk_#U<<V%_~;
zKo2iNI$!G1d&R(OEVsrm8K?s7u(XBeW8>ol;P6lg+#F1D4TLRA9G^mfjw_(yRK)6{
zwubpLKjg21XY2i}`b9#hjyQU8=I;EbW&b(t^WW)wXFya#Y@l5|#oDh~$|UXjPBhrG
zG8x`SCR*yhH^RYG&vTr()>aO7UiLU{AO<Msu?=Yl`YE^FCw!E{!e_xoa2ePK5W%^)
z0=9E6%#+93|0NtCnDVvp#EpO(P-Eb;In$vnL8Y36CCAO%{fHN>wPEG~XDa-0O<m@P
ze3@MbJDIoY>(~^)`jiI13(veVG@{GFF1r^f^6mipg5E)8*`2$-{wM+4sZEg&X7W5G
zoq)nPfiVho%;)U@sZsa94mFc37dtQ`<$#p6C_*89fPG|BXNY)-{6how&o6{zq##SU
zCb%35pRGsnHc4MRcYKC-`X~pPn89OnThFGii9A=CfteqQ=%$ww&xcaU=_PjZY>B0H
zfboq}&fxZH@I&J(t}*!}Xggm9r_~!Z%P_o4DP+pJnDnSJg{jq@DXKqkw*s=zAY=mc
zUACrCd@?NpA@eE#V-8FMCiDW$c#LGC2T$NJ`qJZBFyf^|yl<FXe!Nczs9kBDiCH?y
z0Ey^FAhg`jGUv{U6{CG@k!zAUxK0DqVI7DO-39<o%{tY=+{vNj7k^%*>w5v4g97K)
z6lw2%1qxGz3lzSltMAw{{l6U2SQQX3?qC`xFkMbnWz=rSaP8*zkFkd0jLUC-V#Cgf
zqiTj%_~ra_7zO?A)B_mMUY}*-5P2yH>~xkv%&Q|wKwh>C2*Nr%TPJaR#n}9_q}}Ho
zz~UfL%9GI5wP$m_o)ZxVd!#En#zh3Mh`tUyEWV(aa=MuSd=m{|HA|40)8wRb#OnL1
z{OHcd`^F#KN)Fsuo`Lt44guXEb;C6g*2`pTOu6p9KNpWH+$-Yu`+2#$CdkiFuLqD#
zc*>A1(*$(}(9xmq4SJE~lk)9OqEk@)JH844&0>O=O0$5U3xNsuz<{Un2TvDoY0Dfa
z3jVV|xxJ7IZKj$F@&78I>F(XEF11zKn8n-9yvHn;M9)^%>jvN#jht7f;41_#<ixL;
zyQ##C**kF{lYY9Bt8b#RKb6Ty=2llnqBp8_`FCoyLmw&T_g4c>3x{;%8lL5o4=6DC
zu9Fvt%MS&20uh)*49^}x`=-K|i-C}}r3;yZ&@)P)pzYR}s#06iJcLAnO}D=$4n<(%
zzm<psSi$b5M>xB@R%7R>@d+iyS~QB`XxyioY-}aE3?xAuhi<}RQ19<a@OZes)AjH0
z=if;Oyf%XK4tHffejMmEi(Y~TDuLkXp>R`b|GAU=pbX$jh<*^X^A}S<F8ZDUY#Tz#
zd1s9|TR|5ut=4TnSCWK9X@hCaN9We4r8bx9XRwIZ=rw{CkCjiDU_iGs>HehpjWG0M
zSKHtjDWY3`VMuGmGOo%BPQ|^vZAFpvFW5B$u8wjMpaBIGxd2xi!oeq9dMiVH&CZ4T
zMm(36VCDN%NrM9}o@;k&4R=$_6_Mw~&UHpy-*g)?F&?n|4ZB64$X(m@=fyY?orUk+
zE2Ys<C<j-80>%8ZHD^St&kJJ?u=g=mu#7eLb)azW1wz3i#np4Q8zB<!y~zHHzF)ab
zSM6OxrE2pTGuF(}r(>Uo$b_CxF;4eu=gN3FOAyt8%5ZR2@kLqd%HmoA8RdDEqMH2g
zq<<0n1+iX&j4&)%kC6AtE;w9XgnvD1UACGBQjOH#^)5D}&IY=8+&O88Qh4upzR+l|
zb1D^@OSXjG<C4jZGD&>Da3-(mm93c~E-WwFXfEI57ugB-kv!P06G0|U&P7mt?VxYS
zS0d-h_wri1UZ%tTq*~m1DwlumRJjmyZyhTzn$IH(LpXS-a39OhrZ)&hFF}URCiy%_
z4bP=ZG7N51Sy%fPlLCm%D=zK_a$wEeU-C7~7HO}fi5^!OAA?tB74`95M@U>bVFqLQ
zClx{_wd<STMGJ^XIku<1N>Fq!RpEFh2B)5Qq&dbO$9pzXWKvyaQ3qTRssqn6X51tt
zjWz2@ZZEjL0Jck7c_GTlZ#r<RBdK%p49^%Y=a!I?5mF#PC(xiHP|B^X8tP62ix8aC
zz)X?!CPxLxOp{V&^6%R&+G)qyHyOlI-Y0TKmPop^)g=@H`=HuBw+8=@8Lk#ka#wNF
zMfA_;A2c$okE(G02Vd5YSK<-R?-ris8#(`{pN!wW*B2HoUvJVYtbhF(N|`JWxQlm2
zqKAM!?iYe+7I-yQwDrUnSq_s^F_+oiokgwB1G(w4(8IhV^<0*wIi1(3AIP4O21v8w
z&q|CVvx1vOZG|r_Be`;fRG=Z6u_=4?`_*t`c57X^>D4!(UUpPpvpI@Y{oErZ<8oD~
zS<mAf&yF>hB@@qhx!h-3UFK?gi~0Z95i1PVWm}HVqm6O<E~K(~Q==j@xgCzZh@gB<
z1%^`RFQE*%G3so?!ZZ21PVP^qRu#cV;7YJ$^;7J@lt|uufM+xUP}b;jtZW;*6z{tY
z<ZbKvTK3xdesTj3yLpVtQata42pP#@+jiND8!|;eiZtiqI0_b;mChIGd}BRxugCq;
zDeqInBbCoxY7^whb@x}R|0R~;)gABe=`W<;Q+83OYAHFn4~m@RU6}N5?RD-|Sh;_<
zeo><6tygt|L9zw$Xl3z}{#2(O2UkP?pxYWdKa%rUx_YaF5gJ)SX4I-%zgmh3_2{_i
z>W>jbV{%&G5qP?1)MoN$+LQNuC`{0{h!A#@NpJcynY-{4XkpC+>I2k?TY9DA(e8vN
z4;C)vYMA=TaG!J+(|KbQq_MksXx))vG<Wx!weyXI?sJc_em>Mxsqxyg6!Z3RB`z2h
z@s;bC`;*E_&0QsJOM=1|#Lrz6n^M1yu_x;owqnOod8RskE1fU>qvZMvEBY-4eR%EK
zEMNI&aQFMG+PYIyghyZ=W9qW+@Wf8V#Bwj*1oq4GBe$fRFjWpiSefe<_%uyJ`bm)L
zT;8!1GXp%gr?Sy!2yoCcL&ea6$(2rNq9=N$JZo*{gC={qbM*vtsbkxR*zPfKu7L#C
z?1xY@*A}&bv=*_#69Zu3jb%TBIcsaECRwQJcf39*GVi_AoK1Zy%uLfe=vG~JicPZ`
zUSZlO8??N9ZAIga_#i*|6wh0BjJW-X;T6YF%%?yT&VmZ&wbX+&KhyiD-PMxc6_QRL
zCT$?$4srXJZWm>pXw<H+EfEugFE+~rfDqPFe8<vK{75dD;;v6@WO&FJ)AhB9RQjB{
z{y~(h0_>X#<G_-ILT^L{ceMaa*;11s@Htd`-75ao@>5+5iR=Ett<F$b)%}c(Plcz^
zMt+7FEk2xg;=n3b#WtkP_L(mLGRiCA`YdaFmJ(({w>51=+>MpfU%Fplv&d&1IJxn)
zu;~b{i45n|P;+Q9G~z#s4%JjNbbh7!9DYdoeJLBamw#@l?ZxR}*c(li<nahfnl>iX
zJfgi%je0LX9nW=y`oz5jGu|$K38%+#h+?M;q2(P4o4=!sk%etUKJcSnno=>`NpZWj
zq@O+BK*7ub6|%Caw@<r%$%1i^WP-H}FHBkMkLs-6a|iK#fjZFkjS;C=szHx9=iS_*
zvW~c-`=<)lR(W4{%T7W%V3Tfu8E-c47ekHv<*ASduvlA@UhYxB>3$q?cimEoD<mXq
zm)`fbs;J{vzbW~>KlA{!9jwk#A~|5)%Jl=jU3;Feg*I#A1o>~=7?vyVH%UtjN6d0u
z{bBq4R*;mlq;#XIB0Eyb{$#K)W=-V$b9H;k(ArA8N+il-$*06dExTf5GK9)*{FX8#
zL(QD(Te|;lljB@&!k<pvI<dTPdSaWAAjI;JyKztcYKZzQ3Pa+kN0w2KCg05(kh@d|
z8JH(eUM}xjJ69(N>I~iYDy-{CYoN(*?+(e1ymh0DV)mGf;HeA>d$We=9L&r+SF!6k
zk7P+sgg&)fVkaGTHJYqI`Z+MvkN6<7GRgfeqwlKxJKoHwxJ%ZcMQ2kUrmkryNc|a2
zJ_9+HU$J=(h@$en6scW?LeRHAvTYcu)ROYtsE+&;YKYnNnyaLg4gYf8cFt9pY4Uk;
zkv=I~VadGpWbTWnhoL50ghBbrj&C|i_G4BD-<1q}%N*3f{xacA|0Y89b=T5Z3fC>(
z$Q=IoV03b~t9I~y>glOI`z90>w5~l<ICdf#n}fT`y)m9P3EvFhjLzFF>d}^7A#8C#
zQ0qD3iB$V$V}F*bwph4VfPGwxIVEGF@$p83zTX`O!@C9c*sJZ3QH4HI9sHVWiQr-H
zfy`nkRK^osnac(W6*rTW?@|OKjq+NIe6VS`XP`mpF!PxhLPk%uLUqVfa?vDRtNPDm
zV}r}f8r#B#+57OJx81^N!$%*|S$4h3CuP~#7i4PWg=L*i@vtz1gEwQr{xbGt<1UtM
z=%0tc&OcsUMV93VHy<dc1b06<skAr7k+u0UYtLx4Osp_H!LAuJz8bbf`!capV$znC
z0JNox^uc~an+cQ+b^zVhS-ETfuc?ic)px8hXp7PCUu)MkfYVX8kX5;VZsf+aVd5o3
z4Jfj@VP*=pVBI;(u(wx3%~9Ldf`X*)e%`UM6jxmC_-mM2{*jG2x+lv(c`y;)UZu1-
zDYU#9JZBM(St&<*VVeno(~c9i_g*rF^^`VUFcP&5Zg}Jj-%~MT=?V>j(9d~b1Lps2
zdTZQcu7rVoLC=%GfwI8I93MkXHXXbV2ppE}2Gt5r9@~4h7c45<+`9X^5p-xd2|hpv
z9rbXbjiN1z5n~Z{Wu`IpGQ652WJ)b~x-omYTz<CXY-&(<|GgR9&1eMhS}OtOeT1v6
znA@nD%MIno;z$mJyS|%R1IQgfSLn?!M6{CEN9X2}8-!AG?}4Ek5d_d{IgOLqZI0b+
zB@~l_dphasg%yJ0TbGZ45K~X&#5;=jg)B+b(w=!%(3dy&SM=EL6Su9cX@0wy&!El3
z=az>qjw58xp8aki(Dfq=zTs&FOojSOKk6#sss;VxA+$PrId~~a1EM~Hqs)-um(Jf_
z6-R<k@V`!2VRRyFf`Z;BhYarxxW3{r^EP{(d)4O5c4h-UaERDr1t(DhaAkP&aLn?>
zA{)UhxIAvzv#ZC~Pkha@kW;p+Hd)RILoc<b;cbay3CrNU(Q=jpd<<u>i+DCI11uyE
zs_*?G0=g$+pL_P#1ikd^A{}DiYVW6leyKjIER{{LqxAwQp%lkPUOINM+|qLn&TBzm
z=kNf2f}qRQp7=pG`R1p5FJs)%^KS%!dcj4}1$$PYg5q7%C@{BD3hWGV{Q|Vt1GL6B
zm%9gc&M`0xV!?fp$7u8PKxy(wG+mnGDt2w%J)rRed^#*buuSvF*`E0{hSKPX@m4+N
zJsmc@FGm*zno>viSsE9*!Irf`(+z7WuGKT+iPQ5!(WMEtq4izui$H#~X1)1F9*?Y~
zU6D_Bm*HC_Q%wAb@0LRt&NONAtc%)ffS|%w*?<d)?bmh3X)`4qjT>0FcU3dUa3>;Q
z+>@p``lk#Q7RK;}(FLo4c0jF@_07KhvsyWj<!)4^4&A5*O`K&>5zqjceH7lLdbz;j
zyQv5_etG^of-gb_7=75@>h=eU3AT0vI*CUUA*ox;OY3AzDwgo0>Q?V1*M}yqK*BVX
z*D#?rn`YHaLYWn(Tl*JN3K<U8-t;%^8T81{VHY?THUxsLIMKr;+Vm^Xz(3Ttu=m}a
zS57y~1$4D%DPe!UvCB>liG{2TZ_6Kng&9pz{y<)$k7NxRA#2Q6FE1FXz)<}Ogz%LC
zieQ^3u@;jIpIt+s1^Sam`{&=wrrQ}r$8`L(y;E70PO8V51mdmfsSR6`4;aUJ{ajyR
z%R|P2D2uX=z<wj7Rh6<0=y-lhVhq+VCsEQus|Vt`fk8w-x9r3^9I?5kA+xZKN%jwk
zW*fN0348$lIQ&<{o7jBe+3_x9l9c<MutE9#CE1lhZ^+H4TOYINtM!~OuhT|fyLaUr
z0+-Ht%krOuQqKu+<A*F=HoP4=M+#hT#^oDV9MM&1d|b2WH5x52YD~D3$h-ONbEr?K
zs{q5>Z~UPk^9c+TqU>Q{*;<2Lqvbt->h!jMG;Y^~&bFYZr?a#b?Ip0wkB#$fNU)Xa
zwmE}l90|s!=T9meBM?0`Nc@ovOv@LbF@3vhEuR!Kn_MwK9{5nOkb6qsds85IcItVs
z59P*m_=-jk=q;t!n*kNfqcXWlDl9vFx4Xo(6%Xd?er8Iv`H7w@kn`EY)!#C8&;eO9
zouQk(p?Y&f&Iw9|;*!3SlSUXOYopH(&kw9svhhu++*|PUD~}5<uZ%$wA!pt?`?KMY
zkQE6&4?F(zoor{+OgFA;C}SH|vomYc&RPej@CDa;<m`);PTBC2%ofJ_r5{cg3<FUb
zjqKodxeW=sl8pRFoJA9Hc$+!#*($%#3IcdjIk%~`0|)Q)*ghCx%DIOFZ|wkyk|jW%
z@R>#E@{@v><dK1gH3a<%=A`7vPcE8#(BftkAs39vcdzR))E|Frxz=3XXRo~yMbAU@
zW6P7<7F7rQLKmJwNRschHZL4vpmR~upo0ReOj@FCc~EygrA>Ev;H+Ah9*orDmoNn^
z0#=2~w;j+aRA_CHr~C<Yd$Gm?Fn0>P*J<;DJ8W-#D5{#^H4~g+>|-eNDmu%_Ek2<-
z7@}pueD+fI#`|GTe}cKo-2MvQL#Ivk#6VRRuZ{>)+a@Zt6wk`Y^p7{lLApLD6)!55
zh4=RsI84rP6l-Eu*KO>+N0U;Swk*n7>|F&mWkzb^o}}c-+j*AM!w>IKy_QzG_Fu5A
z?JMu|ZJNX(%!!-68GpQ+J(8G%c2HXd6@XqbeL^+5Xc2>AD2sQ3O5Fot_9C3TZBpiL
zDD|vOhb4^N-9=JQG63mPqhPjG2G9=)8}2S7Cr9%PQf?BCO4Q-YhsRNHW__$KOGH1*
zZ$U=N<6lNc{y+$wedDdeR)OpHj~I2p>m}{|&N0`)zfzeFrdz`SrzqBRg_kL*ebSuv
z&!>Q-7GyT)<3LvX>ff?jc97X<93IU+lyrl&GH?KVlm9ut{jA@_EQ_dn9AGukkOLa=
z&a|JGS-&Ym`KzN~KB&hvw#3r5{$OxknUrjQyM(C@?l`Zkhj{l%_Qbym8=&S;cIjVL
zjXTU!{ogJ!{{Mv+plW4SfG%I^WvwykhJj85p$5I|Yu{M~{9k{U?L?*jt%JS@rkKzu
zdy;jExxqmTC8}5t8UUuaG|o?%<r*^(2iKT|tuL#Ne1@qbKRa=MYi0cXBhv(wmC9;I
zqyDNDG4Evp^P<;n`Gd8rR0z_3H+bV#PWStU2`gn*pOTZdv(^eNKp<V~vGOeOy7GW{
z<z;uX7Wc}SI&!LTAWOU*Vt?t#g(q(RE56@4^0F`g3UQrT&cw=UupaaSQ%61~?8kag
z2`~r<zo;iHXQu_u&hUr!IO~_#f<d5<pI|L##)GDY?D&MAtb>3BgRtH#dz$6!M47W8
zD)E+eHV|MCmJ<C`SpqQ-1A!RWTw$FJI*4~lX5tBJAVwgN4>gXgvjN-r+lB@+euC91
zE&g{2Jlp6EYl!EzgA!)bw&WYElcELUF(Svxu!QXdT1{+sO`c$N0WxBqu|Yx&%Nc{i
zJ)m7to`_+M(E!Bws(KW(KK=b$<>O$5P547Df^|AxG3U5T*qdb(ekcR;p#5#KXa4h_
z+t_kJBaGgMi$N>{sJ{#RtJD3KQ!J6(`~b#Y4BE)YvhS4K_q(|JuKnL@AlL8WuJEOQ
z9rP&M(rCgXx$mqoGHvNZzX-dt#&{jXc)m+kge68%W{jsUnzP1ulo?}M%VpLWnZ<MV
zyN$doF_s+6F*~|@?9G3Ms<bXCXkWTgNm3fy3g?NWG~o=hb~bsV!q34A87gKhrTE(p
z2X9xmeDmR!-OUnSI(STETry)h3Glg-4FkuJrzid{JcI92jt8M|?Rx(A*MhlnM1wvb
zMb7>^8)}&}mfx%H+wwEg2rpu($k%;4S?8Y|IV9$Lfc2w5!JuJR#Bw)*&nd@XFI%a#
zuy$;n16R$t{YP1b254Huy!M~{B>SIdFrV1L9bu3w9&aMwT<Z7r6SKgN?>1|_aR9u_
zOGnsFj=s53FdI-d^Z1DFe$!q`YE)Ua#)~2ZkF^Kd16^p#7$kZVQTxV;5a*OJCF~*&
zFMWIIyR>(sy}SpOKCKi{UPi#>Z_F(RuaIuqSWJ$VQ+jw5H{U>r=;#@<4E3;?kS7vt
z?`L%b?&aTE?rY=p_!R4e$R-etDj5E*BMGFjvbWgQkD5v?MN@v`7I(|3p~0CKES3{y
z%<>;6w-uLR7B-J1UiA)Zool1>T7*~2TVhq_2=B_=M|kq~<2&MPAFrPH`#QLyF*vK@
zP53BS;|)3B<>VYN?Wk8h7(6(6>m{4+Td7XP^*bdPV6I*c?CVccxOeC#LWoGjW^Y4v
z)pMTSY0%d&(QcS!HkX}J1P|!{id3r2hSNv%0_yMc(52ylv*}+0=zAeTp<II~|2bI(
zqUD5TnVeGW*?muU9_XtG15KNA7-z@tNzb@F(7cw!H+u~|dwL{1U-?0>8$%`;7RKT&
z<<GdgAN^pTW|+Tn=0D&vyoj_C#S_qDuGpU~4clxVooR@sUEOj8WTs2f#(z+Ul~#s!
z2dGCx1!xhM16DVi3tB<dFZ1}-(`QhT$0@<R?o|S-r)&|2%u$cTUWxTSoa*#!b51>K
zhT?2Rha}FJw<2fT>kqj0w0TVirO)x()X*fbD0L2txz0-q&aM0bRuY^hXO8xi{J7Ko
zz9mZ9jRwlAC`f@-mG92l_X0G*JI%ksHdFT{m@Q&fo_Oe$UMPvPyf+bt@|Yt9{F31)
z<ehWMUs#ywZ0t-AY|L?bKzmVrg6nT=_2c^O?$l6%t+<KVa~Q|zh`E09?cn(&Kl%hs
zD&KQ{Vq`jJyM;x?(F@aM#STInu6Bz*Ud=2xM3vP_aFz;(N=Ovx2yMGS#zhwp-6xV~
zBHfW?WJ`}JysOdRw=fB{&GQ?<YL2!?pPenT4JXaCe%1CIoj6jcHKtWQ(LzM6s67I(
z1?5CEB6i%NNu%nPRf(VZL+{G4ci#C~-m-hfyD)LuVJ=khlL^Y^h*wKx>d(g3O6}`m
ze<g<}No?-~GK?CjdEd3?^pafi@yOzUNWR__c`t8Hj^p-9t#nerz$_!Yv6C1$4_T|I
zS$Jk#pnod1Sqnd6nQKoADKljDC_QhMem*VOxtHI(_4*K7b01go-T}Rp&bzhHuu4V7
zB}zpD4^p8JZQH$+(<&0`tn`zHYyF7-p-Mb`oQ8hiPixXs{5Fo}dxol|Uk>n7hhL=G
zTB&o#eg4l)o_nMR6X4kd4O{(kT*<Ot4oVACWDEswkiQES;$K?NlwEf4aI#6^Z_5tM
zJcx>>f6@E2*VM@8(|U4ts-5*lza!eSBH5Gftw--iP9TO~ObvN0Z=^r!4jsLTo_r!i
zlhdJA(Iy>)i00?s*6EhHtyisjt_<KUWJup_zc0+{x?Yv>R{S%%My_id9dS1SwaRc7
zefIG}A8_&c{`o87%OG*;qeo%NX!D?IOzJ0|i1fb_cV*ZPvFdGD!_F+}+g;~~6}r~M
z5-o1@-8${=@>>oYevOCuAkb%=gM2s=j%TtEXclC?!`)0z1X_i$N%wt-O72e!hfw>2
z18&oyhM@<%yMNB!8-enzk0p2!bRp=8W)*3m`6wWaTdvNLgYG{HElf;BakpbOwO>m_
zdo)2awu|xPzP~R}O2<KtZR7<nM#i#*K&*(Fn_kNlL5cukb0hWD-R&VWsV<3Gn;ymH
zPBY``zTE_^mH9%a0FSw*JnWtYA+9ZVL$H3=Wu5nFed~;_7*ueD%vO?Gi|4xhmE_Te
zXM?{|hfRqge)8pGDlc8HWtX};M`Pvtb~B3akY9yP<fBgK>v<7d#xDkVw*~zQ+6W%g
zlJ_4_59kcljq<Q9@^~vX3$+_vd^tNKHvyd*RuY6ZHNT|J@Jf|TT*RCQ%>g_O)qJTU
z)PS->UI<#>&gZAk7$Q=p1dz~A46F*m@y1>rSaO@xLgXA`4VNOIaC$*Dj%T57>7(!L
z>}Bm)jVo_sOa7XZy2pDS&It^}D8y2&A&!={RzaOhiH;(Vtb+1QdG5_2t}N<l*f1Zd
zQT0AAIJkP!+_+&2GHo%azn<E4>LM|Qr=*VXFIjw_v@IxmS$tRSxJXQ&W!HXr*=OPZ
zWHWVHV0(rYwSl($Be%Pq0aE#a90`fD|Fk3)iGqa5`<ZDni&Jh-4#+NL$W2X+|7-z0
zo`F;$aoBhw>7NIpG_&C{a(%(q_n*gWV){0f&8&MkS?B*e@53TNn`dZ7ZB5cYo4o%%
zJnnN^7(=0L+qQ*is;U@Gv=j^{>nS(~1?8Vtl4u31h^ITgp!lSjyE}f@PF;o2W;gL>
z6tIWdc}z&q=czuIS>1<i8l&4U9(u;Muaax<Nl2aW^;@_9NMJkhlCx6v9Q*k}gZn}Y
zb{xNMe>n|HE7-)uOW3vmw&y)2Zd3%M>lV6R$gy#gD-|7^oYR99q=cV@+aQ>2nrgbL
J$m_Qs{1@do_<H~V

literal 49004
zcmeEuWl)@3*JVP`0KwfoxCPfha0~A4ZUGv1cXtTEg1d#r-QC@TyW4c$`+jp1@^5}k
z)lAh>O*h?VKl|7|d#|;+gFj1)z`w<Q`|8yzcrnpWa<5*!v3~Umi~$-F^dBT0c{9+T
z*Y<KE0<TJkad%(6;(sOf>7xSR^+7t6Tlfr4PbQ)(sgeZ}*Huu-RiTvW?)pk0)zrAz
zZid<vm3YB76vfG6Ro7!Q*Um7s7!^i=GfxkS<<!*uZE{i38=lO_MW?iD;EvmftNZeb
zd&W6#9q&qHI4U+w)T=)){uuHoVzIi2aFW-^gnwQP;P01j2>)upM96=d00$W?Mf&H*
z315e>@xCGD2m9lSf`k4HB=h~Kha%<$F8ar{9zOEInO88RZ@^Hk`*fmaKfUzkD`129
zg>8PYKCf3@>P(oVtkExQ|8gDf{|VQ<d&GgclBX&Ti85?|PHij6r`E@h7hOv{xd!5i
z(gJjv9*A|Jwvi!ZZzbGYD%azu1Q+G=;s$h;$p}xXAFhsLFt_Rj!6H$-X_A@x<IQI_
zg>Qy>3KkBi|FuhM4i-$cT$o5nS3@0_fJ>DoSKrWAv(L8KIcHz_WkPz+eiQJ`w@9w=
z`xgrhu5NdxJQ<3HO5<=_8jeHYa#jOsf8u@wxwc|$8wOopf_tFBWi5~0hS9hOrA#uD
zzcV>;4F#L^@{epjC;P9W&5PsNg3S4e8b9n5hXefjLrNOEo>!6b4e=9wIk=f68eOKk
zxMZZoQaR(j+=F<TZx}aL6jL|X<I8&>AnwKfU5I@#{QY}UYVIkcw1J=Z$1A-j<s+55
zFHFfaw1-E2!hXSa*Bwlz4OKX!rP-axi*6E;CcP-ppS%`0zl$N#RJ&x*NL(?dkH#99
z?(gP-B3<n?g=q#*3eRm;#)>(+81?Ji`LlM|+nrC-ip7%G7z{^gg}Cm->)jzdhJ|(R
zJC9c@&wogemNJuQ_y%D(b;WZ%)r*S#4wigQF>Q4&G$`nUhLzB#q#YXbZArN-0FhWG
z-DzgS{hlbXmd20rI^dmx{Q09V6!r+8pJl=z7Mb?&fn13s42J`qijM$2xgNC&%fB-e
z)%u7iiaMg6E}ok!8SR6dwXQo{7+z@++j1LE0AHdwtUNzeM#OSqe^=>nJ>i%*vrdMe
z0Xcj1_?lIQz;7}6Jd3VOs-FUbdVt|jFi=<~$>`m!dETzfcGxZpcXin57xdnE!NLR@
zD)WbHvaM25m4)Gg)f<N^z1xd;X|Q)sff2pObsc*4h9ks7=67NR0uY<QXSoLZ%^h}|
zo5|pfPIlkl`#yahFE~YsAy=g0C;&TTGlVcI|Kd`rzR<m%J|OXS`!r@L5M_lV12?H6
z{NHF2g$hGj59kQhi#0=&(ylXuUXeq?xvJH@eoeA`5UJa!!ARizO+&0NoumkfqDMMC
zKAD=Ww`)K)OT(SBCMJ&4=^Z+%+ef3a#rKx`N>hmKi{y*u%PF*#8?Czb%OiC`E|2{|
zsc+d;=DzXX>7`6qEIi*D_o;Cd6X_?!%N>8prrIJEK}X=Q+Y6Iatya@AoBF&umz-x<
z<!lhg8Q-tcWw;pjJjmTVOuLtAZnNILMa^V%Cm_E)<tRlO>(Zg4++J#GGB3P4TAp_b
z2mffEz!AaWT+?sfGDYJ2v19rQ95<H3oOQ+FJrVnmG9*hp5pvaLU-ZzV^`kdbr4-&)
zJX<16a)-o&2CemF%kjCT&^MdDU3;QRgNb*hij5(gBgq{A14JdKhc8jph4Mn;7-#5p
zs8*G_JG`ppjzv;Q8(N4%@I?u+O#ZOqS2W36z<{l`j*!|m!JzV~qrKPtdCLqcN|BP|
z*Z#GYRy|s&P;{lWDX<&2Q0~e3+(gSd{%6~9Vg27s!@nD&_Mn$8<n=V=*!Af#c`P%{
zWrIOxtSQMTpcA+^GnuB!P?udcUJcx(-`fTcc@=-$s@(2*TV|1QN23+r%DiK+JWq>^
zYS*Sjm#OTC79CHT`F7t1-jpX~$Mx0)rs+$U5_w&~IqQUD8_M?45#7$koo|m!|M(Es
zkP{e0+jid`TDTJ$&DzI~N5Z`kNUmquZ(^5kg>%|aV541^hZ`LgJ)vjwH{P5=p7$nw
z)RJX1p3^e472da0%Z_=w^6FN(#i_i$xy;(pjIy8_fnm~nCtvi5dtA7sDq%>yN!4-p
zd|9#~4#>mH&SttMZd&MmF?LLY`PF*bY2img=D+LlgdJJb<}^WBn_E6Vq|h<la}Y!G
zm2lF^Ny~E$3^lH~Mh(!Jqmz{;J>ZqmM52q|^W#^;Q)D=V*X`>%8FxN&@;mHAo3H_A
z>8UfZ)=$uk^yOF|suAhi6V?pzo^j#NJ!q(988RPa1bK*fb($g0C5|IX!YH8b-|y#r
zd!HCWQxw)Xyihs3)!@!|&pDAJO*?(6UPoLVei^Rf&F;mbkTomWB#_{odxc1k7I=FJ
z;n}&#F}()x6o6L6VtL~`yinR9@uWUd!@5}P>#rCGEQJ%1(I&i)gv74!85LAP-`d}g
zU9sun1t*y0w;_BOuI#27C&E7Daa&R-N2iXOp#lXs$gYbn_t~5|+4gZO3&i%ob41bd
zo9ZbgXKpqtD%XL**#;qT$H>9j9aNt_>Y{u~A3xS)rkq&bk?u{1(@0O}iyr@7iEN&3
zO~s$9sueVW##9@p5czE=Mwn}F#>S;OK1J74^p6MSKYjhI5Q*?$S*X$MGQ_=L{l!8T
zsDGlO|D@`@sI^}5Y}2HhKeAwcm|4vuf0IR+UyJkbFgY=A-FYl6<e3F*7_wv>zG@#b
zJO38WWpH`bWXHp;F~0n+rKXwwWO}Wk)!sp90VZ_h8f_!kMsXGkZIr>S$`0W2{d?$o
z6rH7+{UY8<QSn{VI03j$8P8?T;arE)>y<-oBaz-xL6ITnC!+tI3wig%^ZSfAQ!Bo2
ziK~BP;&K`yZ}1>_cvpMEs*+4W#Lmg4JeEUm#f5+$pJ_}JxAeLvS78lI_B{Tg3#sL%
zY_V3o@~5NLrA{k#g~_8*a^Z5h`AiwCA2iTHG{|oChLR&IBS=vV-~LEvpza`U?0GP;
z3#WEK_7Y!l@>Zst))ir{y(hz5O=N%Mz32m@(n9%{sumai%7UOU<goXRme0B{6BsJc
zIGEdJM1HpC8G?IR{Z>HhdXKJY&24Vr2Y~FQ?5Xe58ku{x3%---b8D^y>;;$q0hdd=
zU!^7-EHnKcVy^ecwiFYRd3${-;3GwgGV2x!**C(BRz!CnCvbd{pe5BkBJV(`X*nKI
zL<PjCSoG4*WhpJF3bI}p7QmY_*)j}F!}CD{Zbw7~=1J-g=3S6|-!DHxZ;;_L|LlIB
zdbqbnQ<8xkgcMZbu;=ZoC`bRT%dOd^k$hNNms@bv-=>=Zj~Y72a8HaXin>uZwAO>e
zsuGvowtsLeR7QPhDD9!3s2$^+YK?NfR3E}O|1Ca!5FO^-yVEe%590*zIywQya9V_6
zQUhx75MrMhlu_0aPgt`gwJwd&KO>-J$OIMHQMF<#1s87cx#RbYsMF>93Wl|I)vr6l
zOu-e=*IAixtDOk6pVz1#%gbdRS5qBD*Bc&3^KVcFB>8$_p9~mWLRu-7El?K76(;er
zDI1mqwCcg_FI_!Eq}KET0%rDRZ*S3A9<{y^!<|3imc+Yg5H*il8=p%a?m(|M_|*aZ
zWOzxg#;gIxb$jP65@msGw7e_IZcwYT-3T1{BZ1#{4uYJ~ZJzfGC6dVRiZHnfMsAz+
zDTc0*@$E5z%Ns_I`6F{k=V`g)oWRLYSjZ3m=F)&P&>6Zj^cDqtvb<<!!$4iDgX|Ox
zR{bk|Yj0AJCv<F~+K+l9O2l`7f*LIeB5_1<NZ*;S&DtC!q}<FR&JibIu2KW)0X94u
z2(V5u*mzoy0CpWja;Ogq@BtX^uJp(eU7}!miHM}#wx~eMlW!_l8<P#S45RaC;&a@L
z_DYtl_R-S25?1LUhG8>pB0B_!VS)K=%l3iy{Fo%9D8%EHA!OgQLWq#r4mnKTk${&w
z92N>s=1gPQ8RUmeej;E9(g^~?1UG{~Gc0#_a+Uf?T8pp`%gQZ{7?Ge#zf$k9c4xWG
z@QLj%MXD)}y+v=J^m_%+o!+LZ8xo_lu4I}g-5p&yTHoKho!QWtgh;FP6*`hBkCa|J
z5yf*|zf$~Ez+(@Xr9OkQ-~&~W6Kr#qIN96e;sR0Nn>UTO&;(P>7V{4L^Y4`b<*QqQ
znB`j#S~c!<xN^~Ni|mTO!=PRC;h_zuibF6D@(77<RQS9XLGMMQDx@!D8%?WnKKj%l
z%{=RYs8a3`x~ViWMcc@m410mliP4SWxa-JcB=W5DMER-4utz$x>T<>fov>6yI@ugH
zyrhii+v#KTd^5_Jws+DB!G8ChDIY#!B(&3%MiQ0R8-;`0x9!qM<1p4F;s4e__{w0i
z)($YU_p6~}<_$y-G@Vu}bC$p_9$0W%5%PD`K*OYS$WzFU#e&wVF<mbuEH~mI?&+fT
zP`ppeO-Vb4ClVT=w}QcjGo?bXg}Cz+16n3ZGgo#NO(yC@SxU*Xya?ZC*5|`<x+Q!N
znf>Z@Gw`P?1e0*MWuU43iG<vq=?;e+)wq;?dRm<4uF_TxzQq6?C9E{=DIc~`JQ<V`
z9S<a<ZmXYK7hp~UqBxWtTP$n#0&FU|E!iPYo5guP!hW$zWp2z{mLF&xdAr}iY=ZUa
z4LDk-^wq*+^&PBC8JPm%^a{akzC-fquqv0sm$|ULlqn=5|6sKZpq3E9r?*Fs-ORL-
zfDP%(QQe65K>6}FROD;nT~2vYOMBy@9ZG9mzKOQs0X&?{gQgu$u$RQ=MNNv7nu9^a
z`?G3jI}v=C8uBt}=~qnG!ndxE&1%;n#}u<_kRx1OsY1U0<^ho;-ryM4qU3s5+kqS?
z)>D_cNV*Y8)P~NuR)yE?%MuP#!}dmGyybgRKS#b`Hyh1Cz-zi88qt4X%p9pKqUzKc
z=Jr#<x*sw9@!%cLgM!7&$Of;QvlV)ubh&(R{AT*3Qzd{wT4hp_WZ&c<bF7(a$FP_~
zlg;Xrzqwj&>B<pGJEJYVE2B<)o3TL6<yV)ws8(UL_)|4qTIPG>fv1d!h3WI4jVt_*
z2OX)feU`yo`zT-(tP<&*chmt<(xFJej#X=C(dfMAM!x*y&(fsFUb7|g71gI|!{ePi
z15*=Wx8F_*i9d?_>-mSxpe*x0bYMI767Tk+-+#=)kOWu^(_}EF1RF3zi&#8;LR;V-
z#)L>aP;tYbyuS1y_o{#!&>j7^?q9VfM|?C&=0}a#Ctkd%A@Iqm9d@pWu~(Vup!WH2
z4RH1cCHQ1;ThTe4XBPnT1i^tQTRKMg^B9_e{PPq?d~Tz|<x}S+x&tQP;p-nW4i&{7
z8<0tn#+f>s5vkqht<vt^bwEphhYURQ{q98pKn7vjYD1ewL1(2s5yp_3{p}at)TTBP
zXfCI<b-eZVW(|QFG`M1#l&i}g<9ncywcn_3B2qFdtspV>z(jyYdz2M{7{}RihD@M7
zVt#H2YHMCVQpSu$u&iN4i_Q`{3Tud^h#*h$lxrAVTyJd<I4A9wQeux+rm96D<fwD{
z9zXff#~e5l?IMh<KPmNhbMBOWL9&iLto$AjN<29+2Bt8WlEawt3fi6jJ?Y@!>BNW;
z3w3BtSf*cH#=?!8HW90?DB+i~gb`{^^F4^h!L(~Ng0g>+8t+X>LbFO$u&Y-v2-~Gg
z7G^Z1^j}L@mVhiGkju58nA=^y(5#<taX*bq40vBWxppF|f={g82ENSyodP+swIBVo
zq69&iRJ)Yx$RKkbuTND6`npQ%;JBVJ;SJQm-BP`pvpiIYfB_NweG?{-CLw=9KDMkC
zaoBjM>g<wIhY65^atCE!anJ!<vT=Q93Ik>EMkqiWb6RyEmS+!Qku!1w`qEEV*VbHm
z-q)h2p&^z}bXoV5N{uj5tk*{`>DssthjiA9C<_{nsBt>2Z+!33t-z4voW3X^n|Kq+
z9JbxeOeH6N3i+Nqd&g47BwkKP5^@SVW$?{9(te5Mbd(ro%o1S(400affLS0U%b=|v
zD&2hjlEp@3lk$|~XEsE-w+IByo|@`xOg^KWkx^>6k!4Fm*Hd?;gnh8c3$5h}f*MK;
zPH`pyU%QwH7yxWUPo}>o_$Z<$7O`H=>x0f{kgAf{_BqPdUtxrzf)O+P)|YSLtOq~N
zyM7oo*zon@*MrIVRHjk*J&(9dXB+)vnB*v&$4NI!*%k%bhiqbjeMw^IOHslG=<U$9
zDqsC1kvJg~4vj{9D=nLnT!<)zH$+yZ4j$;!aXva;S>e%puetN++m4PX2Om#kf@{Xj
z3VQvnJD3bo{Sx8#0g6*_UWiGE?|ai`>eV2auVLxu3YO%PU7Sp|2O)n<Yp|qmfLoKm
zWgsuY3NR|{eAcBS;3odb72~2X?uS3bGC?%$v5>8LOZO9(T0}6N#i7C!S{M_V!*5rE
z(|j1a^EH#$x5yNo&+jtWOZr%bB`(Lw!h(dy5eFUGlXPggfrQr6&AL*|LEV%6Y`Jem
z%Rjb<8K+Lx(vEpu-0gg!5vRhqfQ7plS}~aCwmU0!xsndaj3DrXl$*)sgFf|T_hmyr
zKPiSwN~(jf^<!vH*~=O#+^F3-2?o?mMZ<JAWYY<xi!^-zyc>1mmgjmCL2P&SPEd5+
zUTSX^oNfCdciIsgT$py*{Z8Y1vURX+k?QhH7~9>OHz?*M%-lNwt+5rVAHo`FO93}N
z>7NlkFbM|~%`i*u80hW33d3Sz5P;?_Nd8!~$F4D99~h69LB{=z=&ciJ{AvT7(NhHj
zP2@@e0c{g-#bAWFu?}%gwPLsZ1js|wGIeg0B(ZvaeZC5tID|l)6sRVT60dWl$zn;}
zj4&NZz3@e|n}l=Z*q>s5?=HAuu!-ns6yMW5L-$0kXXieo@<b_NR5JT#2g;qhi@^Q6
zcQ+ZWzz<<4BkbF!ZTk@?GMMciMG2I2q7h)aaO!z;+Sj|!7%wun5Wt(yIbtm);30u9
zsXp%oV%`*^1$0%MGMQm%!9~mAW)MO%01t?&_aiwZERzWqri!ez)NJ9oA)qNh8D5VH
z7rg15ZW0cZb&shOnznkZph`fZd5|Bpdvxh%ZYn{-;WaH26uFp<E<E~F=!y0L8m%AE
znqz0*bvR!6^|evkNoo&<nnR~3(vN?)mM01xi~}$VEufp$3gsNtU0ZxKAXFH73%}$5
zy_Ou^oeehTm*@&~v!1PynW^U7z7PU71k`^7R|^2g0c0(EF5vjF>ScWiVxJ7&dW$F=
zbZ3L-C&h_YA=(o0d1x!;5vje*-8UuWfV5xT_;jiI{wv+2=G2e)(*tl*Rf5Y56(WBC
zd?4aN?Qyvn1VZ$F{8UGAwh^+ycYqItc^I8Z#Km2LE+zPg<nGWS9W=OsMJLnSQ_~{F
zz)P6daAUA*kRA43#-<f6xvOIKAL8mp#)ECa5zJp(Roh1z<z7q^Kyb&=bF1aKr(~h<
zk*n<9oCcFY+U>0`A`)Qo0T80WJlh|($jvE^!VS1U8TnpSTnB07M~-S#J}n*EPX^xH
zrQh(eFo^gobXdXN-`1fTafG&f2tx*g+Xy=qS}BLb<+e590w+tLY;BmOq0)TTMJrAo
zvX5k4T`|<;#xJ;ip0-F;ucj}j<FrOz`H0yJTThT-Oid}_)?8M9<;Sai(*8{b@kDp;
z@m{FIaZO6_5y0y+l^U?cbI`RAQo=P9iTo2Mp-!byKN4xsDT4G!;I~7gC(uhh^SFon
zjtdE>l{}u$Mt^Oa6|QD}_yZ<3q{u=qE%4@SFiExpfnIE44~->T8^S)-yX9H`+)DLY
zNWB6Q1AO%n`x7RUF}Y*V`))A%A^{eKNo1ny1xMo<Uy_^Fjv$PaS-8VCSY82TyoK|x
z^VsSOHn@CL29klr1&JENGrsKJPzZB~j1d)BeuTgtM7;|4Q^Mx8OTpPJ5|kn>1G3A}
z!9)xN6VCHm)h)gIPYDu!a(b$P_Z6TMu?_LDw*7tj5`vZr%`p7EDn`Uge#Q>Xo-X*v
zEGBzVV9#&4hAes1DvU&0n@>H=bmGcQQVqb#t)Ki0mLF0EY?A@d16s8zfvQy^zbc0k
zW==_&z7}RqCalXD13$&@2L`uRLg1KUx`~X1m^QwGx@HYR`+IioBV!CO5?&3YWs{+@
zu*2pg662xR&=NRq?+V+{L+tyF=|$0d{p(7+%;Q&>-DC`h%*}aHC^dv`ZqFn2iH_&k
z|5jq65#abi0Eu@xi1=3qm*TYwM@p$ggimVa?S2w!JvSiqI?4tdTZs~bB<!-w=#or%
zn$~FT+^-SVocLd?VN=Fy{qPD?xG>+O-DgWq3580>3VZsdojWV{N3)WEGiA*4Mmv5K
ze>)2F_!erdStY7#2T<{M7KmRG48dSneNf#l^54?ozhk&+1w(qnY3;P|DuLpE-}8T-
z1f_zgm&Gs@pO?+>IbVm=1@eMh{6+3`N_nl*S_#v9{1=)3=deXcf7P`hNC3wA2S4=7
z@H#pFDLNZT!V7AO&^u5X)blKa*EoN1LbfPh0imf#5--`GRzV8>)2q=yFZjQV)x&%S
zb`1rQ{kwMlabz_MWXtuZU@PQHWBiLChH2fX6Zzk4;U7m%MnSfCE{JsAyfj8=1){cW
zne|})T?79(0{98Cg@1=w{`#dcL^jY+)?-zG{|4{>XH>brfLTSGAvB@=J;+gB5?~j=
zhR%-Im)4>_{G#H*ZFQ($y4Fet;_eawfS8wa83PG&Acygt1;k4a>Ph)ew~-NKVqVNL
z|M)L@@I$wE$;(lGoe1it#`>Dr%l?aEgWibgW-mv3>G5jJtFBZDZtmZxoPRzd<_lVU
z<Csvjf2}?Z<gWnx;6RF(Y$Ks5A_%NyH5$aE)NTe=TP>*(6BA2<z?>zj8ndYwxm<Cv
z=cmV5;gPwwfB7d2F6U905Or9hP!NO5>!zYqrbRnfWt_-l*e`mt*g&RSs<C}jZ@Ynf
z=2#s1atQHZ!C;P@tG?Hmj0p&bW0PfNWld*cW>y&u#VD1i1!rbvUhGbYMBsAh4R8Fo
zyWAh>3`WV-YH}H`x7DAkGz<;H<&ZO*E~b3EyNtEp8J^plZ*r}xHk}YA#J;~eq*gA|
zs!88~d^tVbRN%-`z^%Smk@-4ndcnYV4*h1c<+^9vsn-49ghEL*e|+(=k(k}=izQ=V
z_$-~qPPEYz$(EI{^ur<cd}m}J)ANb4Cz1dInh(<td-&stR63_(1U?THEIJLt&Q0K7
zog@PbCSQKF8?USty)}?Hkip}6q{HfRVX~onesK}!csSn|Lna}a4C-p?$U8hv(Pf}B
zL}ntLW(=sOVp#(IIUwS!(rSrQ-l!`C4H*lI(sH2|ZE~X8RNlUY%c}ctT6qwrp2FyU
zP1be4q;4~mzBy_q)04Nm#A+Ex`34d$DjbJRTvRkjXC-;7H(F3GPtvp#YgqqzFqt{;
zXJ0JER=YoJ_qmbg{>FyB<yq`s-NE|Ba`G1#4kVC2jJ<WJ?rpkWb~WO~*{;Q7w`m3J
z7Tcdb(x}%Ki~0GCO8g#9|Jj}W;K(c%<6zfofdu{Ixe`)ABoY4p{#b3(#j4Dpj)sHW
z=y4qWLC%|rMx_u%tz6pMA5Sf1ODfWq#{Rc8GjL=LU^pI^5;~oRNu`i<ChyWoyWQ(v
zXj8218i%7r)eMh2Q|4n@%lT@%+cQIZyqL6BE%!^sxfahB;MKgj-TpM~?qor1ALs3q
zvUXpaFBC*ZBPyjFv>%ZGGb6@3^8uoJ(%*oif1(3E3z${P3CWqR!`^(2`TEh3)zgv;
z&L{+6snVd&j&JHj?XP`O365U~kf>CcW%%nYJ#b`h3#Q=9$f19c@_$YeZxJ6*@F!sm
zJ9rW0TC;zJcv%A7s~0EJYBVUsT#3SwaJ@K4PQL#N*OMYikN;*n|G5c(6dJ@FHrk!~
zJUpC=*a;@S27E@(+Hb{MsvB|Sx_^|CNa+36=eaOUcG2C}@%n7%t9Raf;FwbppKc;u
z-;<>}*+Vz{e$*lJ%>mY2jYoRg=;bM{azN|Tn7ixNK`=_~*>v~Ni4Dwbjl`A3Jn2sm
zZe@4+EiJgG{b$zBaNlmWh@~PpJ}2pfaCjWS@)3!=2wb8%oAvy#t?!>pZ&ex$hHlv^
zU?r}j(J95h<`|gX8_nZtu(2*wE05vpYuMHaQ~T&TH{0l3Rh)!WL&#oQw-RW>frDUc
zOMl(PqD-$Ho$Y#^G_bLE-?ZEjovhDe|9qnv(0rL!oXRKDy!#Ylp;bGnWN<!C##FB?
zqgu4n?RFO}iOn?Yc(hm`e`Xn}Y}n=p!?f0DZSbkZ$%1%KO(iMJ<(cQ!b@sZ_V9((8
z=n|h1yi&0*#xt+q`*5LnNrlg;Se3TOXrwYdliTfk&QR1xHAi=$w+S?4lnzaNFV-{v
z!LQZa<x%vVxo7IWN`Hz<y<z}EKoKBSb+|Inoktd$Blmb$D}i@yNfEOfK*D@))p}mz
z_@uFWdP(S9@q9mC>x!VtYFS7LW<3q$dyab7v>aEO=|+AW@gVl@V3tnADs<=)c1L2&
z4lQS4M_V*AtAk8n;J!@Vywv|^XjnbjaTq2U57fJuy&<*UZ(^QvEA!Ai&n!hb0*9Q8
z5nKxeONBMno=u4y5cDezu@t$s`Nmy6bvZY4;ptW8&S8Jf7eDFPB3^0&O+wB2c8DvL
zQ^DM~cm>NzmAvN<;$3anDD!OJMVtz*6<k#>uC<YokcehIw}+PPZrdT|D!&xuh$Tw%
znBb7fC(w-VZCT0HOJX&6To#789c%7R=9g`rU9oOBQGWOY_6BV8)`^N^$q9E8KJ+Q}
z5_Vh6<Z~1%m8Ozf%eWMi3m{3a&3L%CrR9mZ=js^k7`a)lNJ!#TwhR$&EfF*`sD2da
zWh%1R4hN*kRYuG^xX<kST>W1&Pht+WT9kNVk>s?5Wb{j*v?!oUZc&~l?f1zv^CX24
zr!1D&-x;}!giSgQDxIRdKh)YMYBQFW2tlQ^aPLiF&i6~>p<V;gQvzs6M=I48921>z
z$vina!7=kKk9WI8_<bmHqcbzp55*kzbHKQsny|XJ)Yp>*L$~9KMg4o8**wPV^{yL`
zr*v8ZOa{Xi{b9G8B$R8)LbW9-bcq5!xspR_;}2cKF~o-Ass)z9>Jp|rv7VS_DsIn4
z^rp)Vp?*JA(v%rzek>H_;s3_L{b$qH$MS!3ULJ;k>^IkTr-jdSR)QE~Cz(|<4bn(w
zJ<Q=BTOT*>WhhXn%izAhY7}<UY2hE!Gb&wdE=kQbh^HD?k3^$VRm*!~U##YKn6Gwu
zl#l5e7?_S7qPpnkIrT$=X8&1lP5m9`$$SR$Sl0I)UU)v00FMMpGoC?+j>k;d8{R}3
zDi0S=KFNNCG9pjYAfiubox{Zy*|{D2)}ooZ9b0O%imHs%c~KQDkyXtb4+q-aeT?a;
z*AI=4x%$VvmDcCvs@#T^4X8fHo!-9V`m1c?(oM#QHAyl%y>J30Dz|4;4`!+RXXtdq
z4NdM}o@OI`Mmy&=y2av!rAQT1KG;!yn1rU5&{*@ipn{|K_e(M_VzH#c!JtKjo;RGx
z?>qH{ve5bvq*vy4E6K6XIjCQqIZ$tUs&@%sEsuxc!64;QDpRn1OaNYtQBbWX6eL=g
zad=+#8#a7v2YxOXpTDjPf8UvOuT)B`T&58%;SwSIXI_uU<^2i8S}N1?Ba^dHbR~<K
zC^niVXniu{=b=(Ag{%11dx?-M?kVIs%sR>If}QuL%7`l$S#hfm{dkZO5)A?`!2Duw
z9~<JZk6o5V`Q4M1UXv#N5ZrI0S@B)w$<O!#)d}bhiw1j%DvZYO^|K`~Y!O(;c-%@-
zneNg|E-vD?6lO)n<-R)7TFt~ln;R=V63gxWiuL|j)>F$;IEO_M6^F&g(R&UHKimo?
zO&65TZcv%<n^N}X1b-6KTs$~8WGyoRuFh_5OfWYPV#oq#@CHAlYl#FAVs_#R2-lTq
zkxAr9MxzA26Yb)37~+7I2`%9G>e-6;4GppkYdf9x-Z%tClQu_77;vOhXBCk8V<_Uu
z);<(FRXqh4((&Vh>s2QsS`6A?^JTu(f@2Ji4E{uS``#RP^~4INA@7*hJ!22=i(?s7
zLj<F<7FgfcHa6yqZ+(FMR^k;Ju7F*eSj7K2mWD)R8OSJ394!KQNxJp90?K|dQdY%D
znt+QKZF0d_wN|4c%=oRY>xu9hFJg3pqV-+Q9IyZjca6oDLEz_FxcQ9KY^LH-gbal{
zf@~RTJ1=a)dtGX+uPU}A)2l;fUx{)MCH4946~>JR-+RDgi-j8vSs3as@Fxt-wS>h#
z@r5%I<w4b2Cyo(#5)wq*O9{!D*~=Kj`I-3ouhd(0Qr1$yKWcTz4ip3(T5yN8z~77m
zz!))xcpR`B@(yd@bd$;_>uz<VHE!n}^r5-sS0kE5G>wN(5&leWTX|4K&#Vvtkx{F}
zPHjF;Uy!o`;`i99@thXx((9X|WqG_$Dpetmk&rzMM$&trGYQk3{O?sEWpKGIaXxSv
zc^Qo!aGa>4yi;kE!YL93@-aIDQY!N!g;of3qmw2AZ9e<GWA(_3y&&KbR%?C;A;(MB
z6X4(Y@zKkr78rV;;_|uHq`@vmyo-rDJ%gh%wZVD^bb1(izYd(tPM)H{LM%7WcVREW
z(uML4N9-1S;*yjdv6$P6s~uq)r2f=Pw!QNauDxSdxvbeC<zE)*pSmVka@9MO4bb0C
zr(Nv;>+>p@n^21e7KYOt94CULizg<LFb*+*rH`<DwPe1|Fg9)?2a}=4-F|dU=9Xfw
z_ezm^b8?I%k9*sBYw(!%q?O1Uid%6XeGsD<C6LK?<)<mPemx&JY&-VYuoTrcD9vcd
zNa;A#J7~{VE)-{xx;rh?m~JpRxw5>m_9j31Zq+Y!Z<;fRdtYS)2>Z;aqyeGiND^l=
z9*rfy5nY0mAm8K<{RsD#TldPTRNWY8Id{H^Hgdr6!L8zJ@f2^HYf#)%TfU4$a7cWZ
z&OkC>i-mf##yxVW1inUsW{N43viJ8-49)S>60O7OM$4K>84I;`4L4>?$g^upjh%uE
zfur&-l807bq9}lFY(+IeA1k^{GHIrhhgOrMet7G9*)bW&=6OYC;VWk4T&YYgp<#=v
zpI>ITB*-6m+MiY-aPH?Q#ven=HaDX?QZC0v03|j^+ir8mT#fDyQls7uE5cWvGtew$
zZV)*GPz2aSzOKa1{gX%?2B({1M!d`NJTA!`I{0&yeMj*7Tl-e@sSItPfR@Z4aleT-
ze6#~79x7Tg>^~te_&jp7UW#9g9RHBxKfLQ(<JM4A+Q#~+*{z^TY+E)*Qk7DfT0Du9
zNu9?jf{?Nw_VG?a>@tC6Jcj`V%F`G*ZnHO4g!9T-eP>{c;j;F4PJ-NnO%!6sQ`oB(
zP*6m>HZWm*!Fs+4xvOTKG_k#}JePCa<Ny8oYfFpK^?~sx1FLl7z)w^RLCP(VWB4-m
zQJybqedKtrRF^nnl*@P0R6Vq7ZS9M61FK77`F+f_B^pH3#=}u;kO+)Ko|G(UBfJF=
zK-<|&4#%**FqN+=jPm}V&|6j|12|f>^br|K&Z51ttm@}4CUR(YcP+MeIuCY1^!RC^
zYi5sdp&HvTn@YkA_=y`Ey{hJ?!^uo4@LIda927wtQ0MWDAHj-jco1x1JD$qkG)E0T
zu0%5Ojizl9{8>48e<C^g+?iUmY%#^sPIJ0lh&vMf0&r;E__XRh;v5P~H*G^*y5{#A
zWd2_S!rKH)Z1@~~>4VkFwy$7Rz+=*OhRiVeUg8B_;NL(%j!@Mq`k&DUBvDoc;W%QB
zCVy8sLBGJNAs_XZFh-OC$Q0RJmTt$3$q*$>0pS=QVE=NAKZXp1q8J1Qz`v+u2tl1e
zwH~9X7y9$8<p&c>0GW!x!)ASvqW)jpk)yHH;1-9oO|fJKT_1z~II$m2#~C+ln|LpW
zX%&emYBi${1WKs(C(_e<cz7_m-(6rPRT>VEbJ%T01*1@Ovk&9_xpsaffivL9i|5lN
z>TDc<ldqe@>FV>fmN*+nrsFx$>s_He?A?F2@vi@+GPQRc=nBOc@Ou4b6VzO;OpC`@
z2=Ld)inc;{gCnGV0V*39<N!es!8oYE$Kvw<rg1q9S3qC?y{Og+qkgU*wtBw-dp%QU
zt=*T&*TQ|hXm9%=IREbt<HC^s04#topg0=U@zdtTzd_h~Sg>HaWgrl^`EYygG)9U}
z_D@m$+oKIB=#C|3Q-yY$y-0IE9EuvQ1K@FR7h2u_8ZK}4UuAL!r}gvWb*AcoWp@}>
z43Qw@?tD#A^1f2OG#(5bT-?{Mgu5W{3s-8x^e+RiL%mYTQG%--k<ZV6fd<>#<SP5&
zFVaE~PHF>^i6sFV8;vSHyxd(;UOc~sw7M*9;pH~s2ZIp=0m!=SmFO?;EUEz76~Q5i
z@v$$W1AjZ>SAYa&M6v&$g_{>Ray)3id|Nl%dU=~DhX25Q42oUFTif9{b|(2PzX~<E
zd?}m_gV|gOJChmd2Ae0K!Py`&rF`Cp9fad$vaBDFX&WtHu$V$z3l$jmY-)X75RT_)
zLDg2(lxe&=&yM!(^-RStB&JU}Cus49vwXzS0`-neW{jljw*{}WtR0`tI64}um5AzH
zX3@gQf|5NwH%LhE-U|2oL7oZYe$)+IN8*bNP?;CB!BNff;b-w7?@Xy5CBg{iOdxd+
zp(YM}cA!Yu#;~Kna0W{nO@<Pd@*ym*t1y`3Q5?>XxHs%N98d#R0f7V2O|DxP75Xu}
z`jBGj<lF3OTPIixN$VOKm-S|uMJ}>+O$~bzzh3wjxs=>zKZOzz^;2d$^txqmIfxIZ
zvD0PDRd(rw#@3V9?yv}x)j5@F00~>*F$oO|XQJYcj)p^eYswioezpjfYBhgb@hx^*
zM8QZl_B_V7G|$6ap$<DgeRD5Gpb=g(fpbpy+x+u?L$P^+1Z37}p3Hoj0~$ncQfnw^
zLtcxWhIouO@9gJI#|9z{)Q|8XjT~s*ow>9@H(F&PFwlodJl|4ur=P}Pl@DkyW3y_E
z=gAOkq-_i@@_8g$QYY^7g!XO{1oX$!J4TB;>?iB>AmB!k$v-9REbme@0Ac&%Loo~|
zp&rSELQw6fAM)z+rO8YL0|t|&Zl~<GdlPa)$$Zmw%vR3fDL)q{ZCGw)M)UR8DpLQd
zbE$kBMMD#Rh+pQ(q}b(0;71QhB=*;$4a9#G+C90$sof_^@Ob+9rZ0mc@(_Z{I*a&h
zFttev3#9OSHqE&yQ>XS9k52%>7e<ZKAd%>u!>M+o(s5O1xr@`LN#FXGA@zEpd%aQ0
za!0-a<@vbQH$Af53nlG^#~!z{3XNt&z0Q+{Snu&I-^i{;fUWw{w6KN#+l-%qMJ^gO
zBZ^JaO(inQ?!iU)%9b{Y^hbE800DA%JSvc%2`(}YQNkl%K1hWG1w}Cuc#<k#V2x}h
zD|(W$Q>L#xf418{hqAu}rhrL5ElwI=o*bobLqSvIZ_PeEGF?qXl3K5|Z}$YQqfyOw
zPc%P(z@U_4!Ryy=h5*85>J%Q&>AWpZF|<xr=lUNl^ewd!>VA)I_zbUU#?zzn1Sl(?
z<t>SQM>1HZw3-pIZ`+s;Nv2#4uAXnU_j`Bw!kHHKqJweIcYC5k^QCR)!O?i5v-$2u
zcRB8T6X`XA9?B;sqKQ6!+&&q;+$V0?pXyLDSj%Z4rf|D1vGnXt$|Ui8cHz%)=_D>;
zEq=DnI(*O;gcPC6<mjj+SO^I5>AmKx4u#`!8b;+P*LU5_r{~6Te%w>6dKO%%BiWI`
zv_9f-zA49?^6KdsaR{>=^w`;n<O_SSA7zWCh{UbsbL+YK0dY>^iF0DO+1(YIU7yLJ
zPrXs-{_`5+c^|jIVe73t{>Fvs&JM{GiouogBNvz5ta=lPB5sO1+Geyq-(#l**OM(v
zUg@6g6z^h(V$+pnP!avFR{`~V@QrSBVQjM+aPMlZ<u;GPafn;oA6XVER9nKr(^$=N
z<|6l<Ycw~@y?5YNXcuRa;ddX6HqWqRM-FpGM|(#cxP7HF!elQd$Fiffom}VKD5i?c
zhHuL>^)n#$8#Ebg1vYbtR(k3qxPFg+2${dM%Yp#?eXAuhi3nWb0HfXmB7E%bpi$=8
zipTpLo4HCOoGk5=e!Lm|h&&U6u0brhB14G<N<aK3#uM|~v)tid=;@yStl=<3CWj@^
zM9D;VI*kK@$nQja=>8l*mD#xVVBv=<<mFGgL_xtVKbLiJr2;CeJ!e52am5ny`#Ot?
zr5!z+Ab?2{&ircsC`K9ZR#G*NT8_L>8`|FQ^6rYu^z6WXJ(?$VuI|~Mk#yEEeZw75
z-04%tyqc4H*QB*)`iA3Fx71|zxp%<0q7%2FO3yTJ`6o=RvC6GM2TTe8!djCz-i(a(
zO3Yq-*jqGO&6+}7dHO<T`(INL91048hYLu`+8R?Eh48jhjYdbfcpbRo_4@f-0(v93
ze5EViX|+a1m;GeMGHDF=r5VbopU1vy&B!vHOqDY2Jw8>M_UWnf%&Ks>CVYRz{H!#X
zVmjOw`>Wii)GSGv>v77mNw%vTIcf+9Jj{$H2~+0mI{a*i%A1!J)77tB?$4H3bm@1n
z(yaJ7<M*>O>I*a}VAg=n+8SQ!qV^JzcvEc_jWQ?88Gr?}Tk`>I4Onw!e%uMtlq1?O
zxv#Z~PGz$WvL@rRe@kE8^6o|>MDaW6;g1%h?aS|hl6T>EsvVsnqE^-f$*g-KAka;9
zdMJ}#5t}7i!E{`7LwZE~Qzvahj?X~>K2JENSSpe4_rzhxfrEzg-u1p%i+c>g;eimW
z2}$>)vYGE2RdTtyBn!^wf=xJ#cRm}tU+|H(dADlbcAXVuV0Y+=9&2ICInDbCJN~>3
zNPYt_xVG|sg?D{xY<Hya^{e~H#Zk694W@+UFhZjl!8S2*@z`55A^4<NC$WWhji}h)
z)`w;+HV}qC60T-G;&#_}Pb%`1&L{5BWuQ%>sB5oVX&>lgVq}xJUi}2*C%)Ev&bJ?=
zlR!di9|4Z3M;gXevY7YJJKG!fO;VB{d^rSijH~!_4^EwjoKJ{EB0qSYob_b(J8V7P
zD{Jp@4}FV~&Q!-dnlc~NdHkpsI*7@vCccY+bW=f^`()#Dn*wmuf%fJuTxm%eN=<!K
z#C``St6XYCOR_%r@iA6<$3BDIW^|rqM!U&QXm~FYk>gy%Q`r)t{&%wC<nymgtLhkn
zo68g7QER^CDGy01sRNQ8WjjT6JE2_)#bxmp_BjNL`69O}_cS7l23fo{by`8&i>SY!
zPgecJ2L{QHLo0r7CJ~G8nUn&7K$d>R)bvWv*d7)zEtk{Tg1XI#OOvaWV>po~?%_@(
z9m|_8W)Q<^$tjQTN%&A{mJShuHskz-+HiU{a|rgB$kUU=>~o$;!x{Ohue-Jl?kz7N
z`bK3M#9Ps!gpynk`pH0VF<sB-)8HtT>AFnH&;|rP@8VYBI-mEat$4%>#gg}dYT1D!
zcpSazHWyhZN4}GY5_fi}k?bZS)!?Zsb+!(Djs0zO#j8B6I)^o|1;ec=i48MJ{UWGf
zeT^Cf`)<9WYrPZaxhm6G(>H#|$n%}k7|NGl!IUk7LS;=xvCzztw=S)lC!9^#w#ts7
z2DS|)a+N|8IP;kUPt8ixSUR9xNME%r3SoAW*6yGkUTRmVX&pQ_N4WFKKNa9Neew7y
zlnUrTKt{BS-<wK2EK=$R@j64?12K0U5E-#Xnm>{Vz?F)68Z5%q^4<ZOl?T(vd7wPZ
zuMVH%MhQd{o|uKEhchX7_bfF(+*+RtN~C<Lp!i<VlJQ5HiV(m*Sa%H$q~QJl+HrDJ
zlLZvb9<s~Ker9W#!zC3<y8!{LdD5xfwUO|om>lj0K{vYt1%}2f`r348+=x~QM2ygW
z3$jBO?DvTk<Inkw<F37*o!6GG4K8{JI_o1H;CYK!OwGXOeS$X(`!@U5)f)<p-V9n%
z%QeP_6q-#*)i%$UsN;;xWJuwVT|97H`lWw(9)&W<1Uj+|I^wamm#x?&$B%)~V715m
z`Jx@VOff%DUaLOWU=_{*PYz%l(XRe3HYt~H$>siWMGvSIVOhRsf3;ia&K}4+8)y-*
zGFnleE;|lF><-m0*onZ=64c77FjrB`rlyj*)gmLZi>?}6l&s$C7r~!={jnEX<T6U|
zpWLIgi+##<j}ql6Wr{jqLFxEFS_=P-I<NkZTE@@3nD<4%^NshXC2~UKZd|=-puB^)
zgOVw1J@CzdxI&=;ipMnLK69N6QS2`2J&1!SSgzF|*BxmdN)4NtCvly$=W(BWU$FQ!
z8Y$wYO%Q6?Z)hE>SF`*p_oFbuT!mS@<W#vhX}LG%a2i>W1CGb<k_FP&V8QFozCC)t
z=I`567!m*&8eiic!HGmD{C5nyceW34E|W}#!5kED_DhAVR@j2yiNc%6wHY#ysiio%
zZBKxN5*bdm+Od214(PPX(sHKISli5Pg4=_8b;pD^P^p}H^_KV<<h~3U2!mu*G$k%O
zQM+Z`u|vgz+b9Dt#q!qvhR{fzErY66DuH^Bi;bXf6LJiLNa=nZN-%?FKj%V1o=R#n
zUV^JJZEF7(eH<HJR^Mxi+AAVbM4tm-UZqI4go;ip(J37g8Wjwqt9VZz6Mz?qGnm6>
zi0gTT(}Gts+|=Uot4!(q&Yo&t>6+J-CI5FF3wK*Z1ngtb>BiWe#`-Y2T7*xZ)aXh@
zVo(vjg~5<Hk;1G}D-5q%x~xT$wYKMcNv8#tn7V~ke2|y2`l)6*ec3dQ%l_c|&EnP1
ztR|Vup#Hs(<JD1KYf+X*?>Aa?QTE0|EqLZiYfL1F#u2xwW_4EC_($kQplz!CZds6E
zMXt6v3HA>e0Z3{iYBPev%^@1%h0({lq}7z|OEx)BBPiHJXcslR(RyWBo2ZQ%kOZPW
zH}C`szJ|O72z+S#rpg9ydIQxmHc=e!kJw4#>Xcf2_+5YJheLN!9FNQa^9W)_0D~xL
z0RJqOmX0p8NQXx5;hw*ju9o~)I%}`b5+c-U&1rs`&7=#;WlZ1fmV6+Lnxh`mczeu?
zA8}?%QyZk9lRI1BpK0TmIAz`{H7n6_c-XY?uj-brm}zFe18egrO;(I7l2JbNHR;P;
zZmH=<@d4XFEVe%`*LXEpXJ<&lFJ0*63z8SZHG3$gEe}s6{V42Fytg4yzMN+xEp4s`
zy~0^9taD4}tQ72VhBUePpWgz&?-N5L4(lXN+K2354n|Zi-hw2mF`Q%SOQB9gvInId
zVT>L&Dr}ymFtFVZtV7&|!6LQuKf;V5>~EvWcY?_4D6<AWt3XDwWoQoZ7mnyzZ3y`)
zmmi-*Gd{KXJ{~L_&t|x4c;5Y#RsBBTHu!w*l)f|9R~YjLCN1XYl^Q}jLy2}=nboVr
zzW3;1bgDg|?nh;}eVvf80>@-ttZRkHgs~1$tx+;Rel>MeD->w_z&#I;jRJOzflcDD
zICL_QI3m8A0S*kvWjR{PTXYR3S32Cvq4{TVD!-4MG?{LvF$#-4?|v?Tkr*~NQJKUx
zV`tsD);1jJ4&O7SB9dty<>)4!tw%skO5^Yt^rK?ky8v?QCSD@Xs0SpTscv|%t_7ZC
zIJoRv4$Whx|9rD$Ll5j+C_4{m9+_^iaAhrKUWfKMZfHKnltC=@zSgfD_U$+!Jm0Fa
zZbBhJg6p5fX<zx03}&mbGo*OGDwTQz(v%mszqx)5WggC1Z9PrDVX*Pd-^jww964p@
z?yAa}?eIAK*100w^uIOp;c=wpzjc<!tE7@JR$5h3&M8?z90{==UU#YQ)Zh(yi-}FC
ztlt5RWDt|tN-gfLec8(<Nkuz~iQrK!f$nAJYzQkE1T&+9YoC~~489iUX_*$&LT4$}
z^u>bc;nF<m2dvxWMyl=(7RjnYn1LGLWGz@7+n40GQbA|QmP@?QQiE7S8}gt17wnBn
z*n7<DWq!j5LFxoh#t~}mM96xg7n}=mG`$KVUbYr9JjjUit%~WCCjjH*!yb&SWWXAL
z#}9#<6q*{S?)!>AHJw)A-I~4P0;0P1hHF{<Jd`d>WOkKDySX2S%JBRSz*AX&uP~#2
zey32YhqeA!$Y1}39IW99J+E3ieh4EPUKp9Grr+3e?mCCEu3~;2z$n{=XWn#my~_Gq
z@!y*LaWyNrPUH=N>+gxue?)blQx#N|xH1fFYyO1{o)Uw!Ab@Z-SBc*`3u+Z5`3rNM
z@Yb*Tz48P#$EOEDMUgXrs=D6`AJFr@I1nJjgvZXB`X^Mh`u}h7kF@cB9{*1U3bgic
zm<)pAXw{Vpl}i32BU4GBRVSY+RE!15=z2kjsNunEg<OT6P{HRcAJA``$YZlwyeIIu
z$pQxlPdYQ7DUHVlG03~)xmy!5d{TKPa~6Mrfb73Skub`d3Q}cFS1AgG3SvJT56y~P
z9&S!60jGMmmowT!6&{awV#8@1TP1bNF(9jbk$g|@0}%)kkVu4+&L{GuVq2b{79Oe;
z+u>i@2T1<<?&P5sd!AJ4G+^bI3NZL9*>SEIFyPM>;{_gr`uaL>E~QAhOx(t%9GA~S
z!{ct3!gRj6puVAjXOR4K`NiTRjUt8NRybvKJ~OzzUhyQOp^+TV5!0`YB_(4Gd1)P=
z$vY66b*{nQ_@iCS<^GIBEV)#U)A2F_7L@hxd;UKYCI*s01hF9?AaH=>cwzV?u{rtq
z#$o!?@3w&s2eYz{2eU*-NJ!JVf22kK$Xyr7qu#H>4}jBX)c=wQ>RS17Sb`*op!~V0
z=Pj?((IPTFK3x*j&fvr2V=hQzI4pgN`P-KMM+<ibj%+xrp2})T`u@GBmgl2GgWGLo
zE6Vk_1pQnm#<a6<y+kro?#<1O=t8X}nfY|_*=DRvKS<4Ibp?fhPXm%m8sV{rf%)Nq
z<G&!oL3>#QEVyzwm8TaZp%V>&!#Y5)eX)5#I^I>fUod*(z*RZ>OXs4zP{4wjc82=g
z0YNVZS#*^bB$r)+;?@%XGqUi5A%uVwYre!o_b*k!t?nSSxe);XjC*Mf9~C5|g%V1+
z{!9LLPZ+hje%Rjydv@MK&<En+kFr&roJ>1Q)a|~k@Gb~l-GlT+(L%A$wdoQ+!(#*A
zY>s?<BUOWteXQi!4iZp4F4T(OgyT#TEf}B7F;|*Da&p+7eElRWJRhO|=3eCbFutk|
zL!pk(S$<|3_Ju%gOlWqaa@2lj^I|N!R?j=|U0<~<$yQ+9eJ_am+?pOrt+ii#A>#$9
zYJ5WLQrFnFK#-uF1VlVDSEX^Jg$A(KaZk^toF<9At=5ws$Cb@G0gX9tfv)Di@-*GX
z8#*=+AWSTBeZ;8THFe!sJg>AEoqX7N7~bIdKqt83A`b!}C|16B3bE3wn^9Lf?;>L@
z7UdUD+3WK@iju=)S#UWWO;X<0_7qj>w1X#~EU__tTj63wa-gM=6mELXc;Gp3Rb_Ih
zbh~zm!~~lwH0a}#-vZ^0(^kcqT+_t~idDvQ!!r213gdfsp0th4#1Ik*F>y!1m0G|<
zk3akAy(vxD)}^k&A5nB|+*7DntCvXcS9p?Qw9t|mE+v63mV0+;naFvxAWb>}FJg4H
z<h5gd_|P!EvH$T*@A*2{@*2O=VqQTWe7V@!^N9%0rHN9L?^bdd?=}{9wn8&v5j}Mu
zV>t2K7L{n-NJ|v2V4#Fw!nJnYv<B=L29~YFG8Ut_%R5}ssnnV%q1dO&mKr3NCvzn+
z|9J;JT&G(3Mn!YeXBT?=w_45i6f)u<v?e6dTI{q6hs${8?8P4R68+Y|1xiO~%y)*+
zt`&~ts)VQu=D$}+KAXmc__B~!TYru`k~=QAs{DD}LP|_5Q2q?UsJG7iVJi)H<-}s?
z(hrt^vP_13#3fos<o*M3(fi6}{k_-A@zU;h;vh7N*&|Uvkd%RtKf^OWX2QMa<8t{=
zKGhbT3_nN+v8-{!+)L^u((J%MN_4mFu!sA7dOM3}ty8)+>Ke6bRD#R5ZHOKXW>=CQ
z0eYt)Xt}aI(lMalL9rh`1&N}v;qGAQ=Z-GTr<k#bwiGWuOuMW)_>89Tt;z7zX^k89
z8-U9WZPOm<OgnXoTJ~6=@p+FQ)!-w$ZCB@rMz>D~f`n({y>nH_9*;i=6_C~<ga#6r
zr3Rzs1m7mSFL+!i%WU3@<|cx0ceflGNnuVLl5o}-02Gzm$)wMx(SvZo;wQFw`vBiY
zHY>#Abuv;=VV5_UB*Pnn?4f9|5VB=QNvhI6Sxh#heLzDgmlqd5Z&Y0qH_dz-m=(}<
zZG9E9o!%%K6w&33W?$0SWVW~VlHcZnAx+si)X@0~yqcOBKS?%LL=0#4DTxp0oid$}
zev3*==N<qT3t}z$s;pbgJE5*%QE82~`wu|~DhM_uZn{*-ipe$Hi|mjZkk6MYn&Bf;
z1p+O2=86T%7Exp{y}f)R?*A8gZygm?`@W9~0ul;H3P=bl0s;yGB2o$h(%mH`LyR;?
zhoF*@(n@!Che&rbbaykvFmRsH_w)Jc`(5Y1vwrKGb^c-Lo|(O${p=_1>$<P&-eq1@
zbM^Ltdo*0Def^GE^h3o@=3v5U*vk&cXR|i#N%QH)$IU5HN0j?fzPDZ|32$~$@@YJ)
zx$r%t;MU6fpdCS4{05f-fdHDpp56<ixZ8u3PQCRo-DmJ^1_U=Wv_<iLtmK^&ncGhv
z@MF0#Yz;YM$@`z$26fR5eU4zyZ^|#LWP{Gphr(cDE5XPI*wS(QmT^j^Lm~>P5)5GI
z1QrziAY~KJZ`xH5|5#b3F_>0l)&Iitn>M#=%xyu(hGkLj2k?%l-tgkQ=I5^vl>xD2
z>?*+~S2d&iY=nypj$V_FLfa*2U6bf7qu-yxV-A2EEs}+~3on8>*VP^N@kKx-bcxye
zsDrdJW##R^Hr_&F@h5vDho|Is!%WDSG?RT(<ooT+F9jC#Uw;{x`pESW&(TmJRmMoe
z&y|Pt{v$v}r`VRR|12KP>AY0(@evRCEX>2hlc`pox7QKvb!Kuf(4sIdBlL7zb7>bR
zSSLD$EAUZQBwzUx=R*I_{!=mU7QXIHHyR8dj<4KJPEQYaPbzzl#fQDTxWu9$B5>ha
zv&gEY_CfROp32r#Nq^n?Em+SPO{PwHZfDf%c(6eR%idY&&(2KX_hD;#(VG}Wwa)5o
z!X6wP?ECnFPTksZs`0wfoShH0mvGk|LtDhUa*<&N39r?vhf<E>Xq@+M$=8^xXV<RZ
z(a_(G(VreKa!>o(H~eDV$Y%xLe#5u|RQp<`<tfi7EL`T$>4PWmTS<K|#LWJ9ngc6~
zH|z~-Eh#K`&rPs(7;HteRZ45KIry)LeExpOTm7)JGH7)*$b`xi(@o%3jESe}J6Gb8
zJZk5#UhJkyzDwj}C?~6cPwM=r6?yA}-O6DhgMx6aYot+UL?^IXmR*CAY+t=;s*cL4
zb;rgu-qhj5X7HhzuCSl-L8>oppV$r@6CS<3vstY7iKuKIP?<b$ZcOK3QNF-!d;%|)
zz32KfV1D%57l19hRJhA-7>>swJJr@M2X7I-d9R1Cr$Fvq+n=kLQM#MTeJt`y;v=`(
zN#Mq-xHrxNeLGyYOXEI|_55r;fqAe8G7{SKPb#K=F`LloB=p6Rbd4og{t=O{&Ewm^
ziMhS%JY=_g`|@9Lz$B;V-5t2cF*XjHHTgqFF~*w^wM@5{FsoKq*e4hj#V|28d#uqe
z&7C<h_@q<7F3y0HYDJ>a?vKX7GT~wathZR*30Ld6<~&MaC54}VAUMPP(wUsk)DDq1
z$v*MAVqX(o)mt!mCUMzskh0X7|90RD(|wF5c~lq~CY{w4`I*;@{3BTyGnF1T53WTs
zR7WH1b&6kWkllJG&L5-RO@xM4ZJ*^=9COp2a12}j`C@%D$x&CNwu~v_VROw3AFVfT
zG(YH`$GIJ?Yo?$6%X$;ihCx%|=$-y>b6-@moDMsr?dp6>QOLLAR|RuV6($*+a9-f(
ztA$-h$D7V_)#R4omHv!oGs$y}`T~sfAamW)7c$iRZ#oPTRC~^+(Ftx7IW{PkS~j{g
zKC^njc@miLlhYURvVbn<=GJ7&n{DHh_>D~7Nw%MC&)=tJDGjF3UUnG8`(r_8d@sq~
zq6e?1O_n6S>gXyIH1lo6CN*eL)-&RHfx}20eJ7lFoKl~6So33F@3#hGV|NrI1dHUC
z)!FMxc-c&j*P*dRT;nIcM(c7`5}u*fj$IaadeB+6)LF_tXMMD9G@crL--h(#Ym5cW
z$|8)-Nz>)24{Mbmo9v%|pTU!Qx>oXei7PgL>c1pK&u^iBBIl-%M0_zf*bA4~cUoB)
z?tC(W9Y92iG@Q-W<}xr8v{9ZoTvJ}`;`W#E)2=fdm|@r?&?zWPbfurFKY1-f!<(Z{
ziwqdWCD-qXLe>?-R7WwW)s8I;FC7Bq4mwnYs$6!z-{h!Z3{97!ek?^Mn_#%Sz(1TE
z6@7L23v2A=bb(IYHoORj_@QQUBu;UO?DX8GTTtsn&4hN^^-E!_qfNH$^+sm-c3F+p
zI03cJsOoh}^OuXAQO{xxX+%51Bdkl4d@>n|hiz7{Lz8Oy^6SHupy~|LxSUqI4)=v6
zf@+*n3=+%j>a_3`p@@W9!+8g9rFR!57;ix$e1fPBu&z)}S<8^TBVS&NI=2YvGdHb|
z?+MNjX7;^quSAwdob1I@(7hdx%m}yko?JWqmzju89;YHxjEO^jXEwzeAdH7yTSeEW
z<85P}8^Ah9i>#NgI~nW}67NSTG@ovUX*5vzA)^gizjl2Ds{p4mSa*+}A;4lbecy2?
zj$-1?40rbRACw9!u=3Vt4m^n&*XI0s$kMovg%Y`<{cCwSy#0C}Q{d!@VyAJwq$k<6
ztHCmwi;(=jWi`THfIE6XSpI19^4Toj+T<nj*1^?oiGQoi#h;)P0B7@hw~97H7ZEhC
zWAFCAQO0u_44RX;@`~9vH_GQJWyJq2=|Us=ct2$EIkaDT;eUzELOew2+MT9zeE0sB
zN$LOR;<5h|D!5si+V)(rXpj2(`mRJlU0kw<52&BnR%GYt5D-KSS35}Vrb;U0o2$1+
z@*Zew_cr}2wm6mrAcD%Lajx0#p56Ko5hW!v;4i|Sm=3gkz$0Juqjd|xx<NVVo=yAi
zMrR~z7|Mi*G6GIIb$xxjzYr`KW3V=u9;KA2AkiJewe*2phfr5{=9bYyG4ZWi55$6L
zP?X4z^b_rfJvclPkQo$c<hpzIpbX`jfQ!$0m2IZTWW`N8K@gv4B>9{lTsVjFIK!(U
zSMmNOlbYm1X|5j1ee*bn!=OdR-IPokB^fSzE#$`4t_XPOV}qa0(6yH}M6P4G35;US
zOA)Fl!`}Y9KYNV81>h^vdTCt`zZmp8Zb2t2<m)ak5RMVGuouz8npmJo-tRUJyXh#(
z^*k5hUG%#4+YjCA4uVSZbfiai#u;R5V6y1F@%~V|hhl#t?RSYNuh0#e=W4H`*j&Ym
z1rVE@IM~=Bz$J;-VY@aUDsVD;6=yW0=FUssTfthn8l?ea-hSBdF3#Ss`^6@`k$|Xq
zy)lxDiQZlW{`<P#4Vm&ff_eE|@baADDb|ioYY=rHVU|W|R*3~{WD-_oxjvMcCUvwv
zyc7$q`=ZILq*rlm;uzeYB=Cr0BowS9ILpYyKfAY6dz=tJD>$9iw8mHy82`*JRJ+=~
z9ry~RVRAD&^_P|+(*YEmi_6`y`@nG*ebz5?+nW`TC|LNnA2=UxM*sm{j6q>Ui^So<
zQj~7wXHu5e;Q1Q?FX=Mn`KMg>GW5N%TjhG+rL-#*I5KB-kXt<amWcEeqhV%_mmk(R
z?bh4$jrJ#k85ZP;{r?qw+{HkZBg&)1)W6!uVLEWv>1-{1sdQ8)%x1mTQ|$%zJn(!P
z9V~Yj3DxpH`j`+BLMS{o56r76(y`pHX4Q^w@!98$`+VCN&W_TX>FkvB#iwT0EVqo<
zq#WU~nitsvc1~e$tmvY2*+lO7Ou#yEy!nBxUgKDJQ|9R>d!d5HtK2Rp@7g0+qRtNo
zWkWelWKMUR2^P3i&4Gh8RM6cGbW`y4TaOwhotL|!(V<$va%uz!xgrJ8{?-0u=~(b^
zY?{9TU+Df%D(J0VYLN#I%Zi>JZ<WvBzTg7NL|rGuR(Yyyq5#TIm3QX1F>i)fX8u@|
zUAvN=;WC~f!uj|M2fr>)>qN%t2iD2Lm$ToK|Fuis74XDJJRnmIdwdQ5MXGwSaoU6D
zP<P}}6riELB7sY{T_N58lU;M7#I!|vMXgaXiU+E*Fzoe~*X_LGra182a*gWcjfcq!
zFk#>D5gwX-=EK=E?Ru<TOie*yy8aWC(aYA`?VEF}pc!qPb~%t%6fEO3>bT3KkP>p8
zg5ztY^V8+G{$#8i7P$EM+%$D{u80`=?d@&jZQ2*F=9GPeKQ_ezQ!(!W6!>J9Z*|OG
z0HGlX;P9f1V5Me^EGjvV-VoE@yu3KBzoa0bKO@q-luF$@FBTz=yQOICohEftcgL$}
zKGxIvWvf}u^i_NQhf-zKxP<j@M7st49j)G_@w~R~R9uCoZ$#lk9%?J3CoF{AYo)y(
zJ^+-UIFC*42{!HlLvKtGwzNo_{#?_CEq_?q<752qUjac!;`lSf<p+m(zGivP1Xm(_
z%ioGVk{Vm~W6$<fHPs!gIa4V7XbxCqB1__5ePo(g?0UoEJllXanCKP5J5Y3iM8x_q
z?X4x+1!ng)t=pB9A17F{pK|F-9@Xu%-L8heUpXvd|7r0z7waiPkCKJE>h>fGvO{Z+
zB1_)(H~CztI~<UNr)yg_v%seuX4-Sqix)rp9;?%^xB9c0es=DneR<0Wr#l?G@GV7|
z)u!9^q?-vMUEjS|x+3OKOF=QImEGl72mKy)%|~Hj;j;Gyfd%b8>$+jMq~>-81|KeE
zPW6``0?1Uq<*2^p5CqeC0TZ_T_w>W{^kbWbZ^2BOsBfy=O4E15M)>E~UYu<dL57(*
zdv6@fh1|tJ$HKDmuG;&AL9=Ub)E?U6W1go|JAqx{PtG1ALc2Rz$<Y=4a@^<9Bp!|$
z-GjoECZML3j+Nut_Fjl=Q6ZxdzpEr%->2I}T=GKXX6XBJWbwAi<+x~AnxTr7xw@uy
z-8Wen_ekEU3rt_|r^NQZ+xWm!B=!J)f!K+C)RJF+F>&`oNaY9EYGN_y+qTtG#BT~`
zxf*)=FyffS3fG*Ro<{rJW0Z+|B=KTa{-yQJyX?aDud$zZNgxh-1q0JJsHJs-@7~KG
zj%Iu;*j=RG>>EvTNvNaJ6bdBPFb-9EK0|eF+bXAn<z*r>B&VTOT+%^J4zDetulPgo
zZLF{xgITmV3L*E1rn!A&=(AI6?=&y>#PbEF->`wxRcMq#j4+sq%C+j<v=dz6>P$)*
zA(hu3_7Pw|y8FaRnG8px0TV~P&mHv0jKK!2$X?qQhCn}}hlFYC9iNvvSy=3XV8lR~
zB1#(0?jk6{ks@JHZCG+&)kz*9^sh+F@e#)45GU!Wp5@XR8=<K<u5~$9FEQB_Kh^Fc
zKyOnB`<5Vf4b?vh<s6)dBmq_JuC2??C%EvYevr-!HS;6=rv(+2uI_JG{O!NFW7FD|
zRBt6N9F1JybYneJTv=nCEK>G5(z($Y6}23}!YT0y^W$H+*1NkN*mo)RBIS^xZ-^X!
zgsjt=RWzEt`d1_AP~7CRpN}e!7wr)@?XhJ^nz(Pik@#QV67y_eSaEVD!TR9(FAA3q
zO$<F4xE>0<|CgfNQ_K@k+sThUZ(jX7ifv#3u}l;$Hg4r^+e?FMw6y5FMUKw};*Dhg
zOs|DLL3=+PdbnF)^{+_iE}^K$e4s4)-zWY5O1bw2q(1%b@ys1eTt|ODKfhcGP&I<+
zk{Xukh@;Evx*o1oK?vb9ssF+#t5a#c^ttmOn!_a0)%kdg4eaXGi|ld@Wxf9^n<UPL
zF-bp6R8%N@hkRaJyZGmgrDR#buyroTL>`W!@JNL)|EX(}h<eGp@8&aQ-EnwNZRI$O
zyYA}nUd~L%H>h)6SlzxXB_EKvqZCRn!dw*onN0GtA?uHsNNsp-hIv2pi^w(^rijl9
z<3OX!!&D+UQGL0Bc$ddl&ZlXU&dYh=RFmcmKZrY~Sc#r-imc906im0!)O_Ub7PFD9
zlnbF|uWJj+a7`h7sMZJS7Fc}1BP|=Tm{5ZqOo;ZjW1wf^C_Ols@&7PXrq7FxP3Ljt
z_n+#QbYf=H1Jw<e+BO!pVX@Fnb1`bW61$r7&#OgapF}oRx??wZoU&wfS>%&^5--lO
z^Eb&H9u99(%U9cP-uc?YfX-*XS<vEsuCL6jB6akc>;fK3UD7KckRfZwpz`1AVAB!O
zd%BFS<mw>L?1h#(xJ}?Wgi}~Wp%2k8Ek|$MetQJ1pAtBO$NKmUTj!42PbB#K(?ZZz
zAxpxxy_j;|ViV1|Ceb7nAe8(pW77I#f2nhGG*vQpzzt#4I>&2_k0)g(Z8{VGynQ7J
zIC9|wfjnxRRjr~nsSVPd76|V8Dbns3^{MsY<c(;dD`*&mzyHwXp!3qyNS_=MgR~c9
zh%xjA*Bx1bi?5*AL!U~%hJ|2voIa~YX%QB9$pb$lv6GmP=NLnjeSx!%)A+Twg=kvl
zvuP}#%9*9p%CybB|Mabp4td+&>{eEGzQj{K3641e!Fg;Jjg*WCR@IRzyB&StSCL(w
z<5g+H$TOdwTzSClQ4K10ZU{oc306xKJT(in+lplE|7jwsvEmOx78*61wC*|SACR#o
zUyZzb+IO2R1zlK=4C5VA%;i=$lc#357tVif>x!q=-H;uuhwY-rzB$J7LTGX5rDGzq
zWZ8{R{yPAKEQ#nGJEa}`Ym7C7(6o;6sgZ7H*CC4>u5|W)_K+W@^`T^y&B+9>s{ql7
z-SBHzz1FFe?ql77cvFr)zS(vk4KiJX6WQ!5si%rw{!SaMQux0e-L`{{0X;?Xcx;IM
z_m~i9<sG5jNES=tXpujUp0k0YGwxR_-2Qt%pby$e!6_=|xxYyKb@cxwCzhj|S8x-X
zJ-hiw*In@}z>_;5gY$`8{P8To7Z`<hf99k8_er2edk7u|_Ox}QG`;_S2GQ?1&`4E(
z^{*pBY=q#kVe))>NdKRS{OfZJ=sEr$Qx1GqDdaKBN<MkF=;QxPC-5)AnmxY1eu=$^
zj^<Ua^)9T9{;wv1M(+Ie%m0IoB=NoCS!y;q@lDt}NACLz`%c#KEAtp+mwSHFF^>l!
zDgq7bO4-Jkc>4+7y4O+T!SfP>8#)D1bUSNT$=8Jj20tI@*s48tXNi6RhE|cpH=!S?
zhBTVOLZEa|?z_1r`{OAGRI1w?0EZEfp4Tik4ve?@Nul!n1*Y@Su&PBb|8dC;D(<gE
z1*1C7<1_A;7NE{eDS)qPpwy3R8ITlM7<Gj2xj)a>DD6maTBfK5rZNkFkW{jim{<Tl
zAI{T;_3$5SnSm>Omc-dl`ry1-=ts(=@B_#t-bQIze;NiBw3f0{C*y1uk5@sr*R)N#
zzJ7V~8ANx^2hI3=4^3OUwy(Nw<IYPaY#QN3vic`Lc0%uMUBFjhx!VrWV3l+dqkF*c
zAb-Dyzk4&ne6pfn0C}j$hddla;&laV)>|O#tE-@bRGV;Ep;4z`bw$1CdUX+q_IHYq
zol(7Q`eRsNVvTX3VM5zwK%Jpa&rcV_nD95eyxY`G;+LWTo`1T3wvmrm6QgmuYYh+`
zVy%3}jc?wIvwkXwnvdT7;?!iZ?<GNCj#^<;zTirn4L#eKe+^>0`U@x|bZT_A0?_%V
zp-e@_dGy-VB0YL;cCdg4)tt=x-z2BQ%04|;odx=VpxbUIa}q}t8+q0A!TfMFh2ZG;
zYq1<Q#wn}37W5-EqA9MuVhrrTROD-?Bbr|nwt9{`pGd#B;#qT#Q1car>MJKw@kL}W
zr~!0Z&#6Ti_1%A}%0hE-QmhKWp?@jK_lkz*?A7A%UZP0P_QWuIw)ObZm(<IP?$Ga7
zi*BMOpM>XaQ@oKv1F`B^FFgCt+{(`OU<|+t^qXA*HO{e6BtpKhzphTXrFOPXZIyJ~
z)5mVgpHD$~rn3V8hzBRH!eV%!mgx!avuaP5V@JLTUqt{33m7pLBel*Bf-@-+#E4mM
zg7e3K5Lqd=6HZRt>HF@TxHDdyuI(^o=XM6FJ#mxU#=r-y5}mgzNmd+=e`?8@1yXVq
zg~>c?e}A|-*P9;bX3Zs#t65%V5X?VfS-r(Q2op*@c^*W?(?hGd@>S5iuJ(Mt)9qrj
zxEBsHIec0*BC?hmrL$ie26&GmfSpBo<a1Y)Rke*;Z`%aqQ%C5B7%rll0qILZ`AIVu
zudQ$_xM0V$<H8Mh{%48%E^{BqCs^`p-Y_OOCJ9b&ju(43kL}JicVnKUA(%Qv{mD-4
zvT`HR@lJBB7Jk}Kn5K_|M{UvIfhLgeFlptNt5wPIK5poG5>*OE|JmGjSxe>2JY>vw
zy1zw(+9A%)sy<9tV6S3kp@;k$?6@Zm4Cqrax~?T<Nbk}nTmE5}DsNik!(IVI&ZSYG
zjcV`OC343-%^D2lNI0O}?$_2RoF)~e0NQILTa`Uqx4w?uo$R3+Au`ovCEnqjyOq|x
zhW~6exom1UoT()$UGRL@TQFz@l=o^H(zsiD*z`4cD_$ZjC&i5Q$<m&fHbwtPPmXS{
zK*f##-(|R>`P}}Jz4Rs88ny2cSYjL4@C-F~)6yJqg}f43g$KQ~dm!t4S-i_}yf)`A
zpC9F3s2>0dNqwm!!lE7tKM;=f!d0~~0j(<qtkK!Bci5!2I%a6hdoVMGuVIa9*#ySF
zYr=7(qBc!*h3|E9k-oLt80mJqL^@Q@e`awx=#gZv9pbrKyWhd0XlMeIQFTtf=rQCv
zj*TP%S@qEYB)6Ev<-ZpLxfB(ralnkKr;#}gY0auwqb%1bx#UXdQM|)+bmqdU#zI(7
z@{68f4-G(Ry3%-CD2Zpu#$_KJdTs%xW?Pl%ZRi&_fwNVHL0aM&H$<*BpjYa4mE?}W
z#2yF8bLZ+aOzksmM^L^CbX8D>-ed7v=i@ReXiY!Kx5x+bO~=iH&n#HHQzfI$?w98I
z_BpR<LEI3X?DZ!NvamFx%%jXy3N|^dLgP|h<lLw(>}7tf<x(#cnjdia1K*~eeVE{B
zLq65QzU;3V9irKpJ(SQnuC9}5iu5KBSk<+LuMM_F5qD}gC}gX!+T^mHODfsf$xR2@
zA{#=rbuu?y0deN)5U`);l%%tsSu=q5G8NoN_sUjUtR)9#A+v+v#fd>ZTitWz1n;OE
zji@i%B*GL0({`t~9=%DSb{OndK~!xZ_cW{Z<kt+yOR`Mw;h+Kzd{1+{X{G9<iJVz6
z<WOj|5=-&~#qj&Jz-Y)1X63B#T@qZZl3Yk<IKftOirc%_xVM6AN+06N+?V>QN3L!A
zh1zaNzV5zMXQ|Z2cI65USosnJM;vBcO$Y?f3wB`X7fy_cE=8{U?Ti<WU<gD5<`R-V
z@e-4a^5lhJ9&ZM_+R&&hEL%m!GYI!iE%kNCP2weaF572O@P3%g5n>S5+C|f9!o5s;
zgrjsNt3f3}*Jba6ZuUW&kgsx<QlTcacKBL0ZVbuC%rg1W6fY&u&3-Z3EeqvA^&GXw
zGv)Hv6ok^8hS%3_uM?b}t|W@teDhF;S{i+`^EA<WH|?}?N+*}Np?%E?b5uE7<;az^
z?tEX;J+9<>665PfkMAr8ZfKF;6<9sf7O*m6+~_O$ByC+9U=zi9>?|F3p&Mx6)m(s$
zhGG3($nqhW%hFqwaq&wLI?u9xN_z$+)H5>}bY{CAPmPY&VY<c_C)X%Mf3uclXFnnu
z<Z|VTXlKqIa+f~kJLuwcl_VSPGmTb|i^MRh>!_){q&5^uTt|G>IlKFSWwMgShW%N&
zIm|MVe`2t#A}aCa1%I#csQV@2^l}&@%|U8}0Yp2|H^na{BBGO9%(Lm}>=$1QcVKk0
zyy1o|NgzFEz&1>KeKjx^OHhK9X|}KIJyk}UEA!Z!FkDYMChR_s`@+xWKQc&_+Cc^~
zXJ2|3tWF#*%W{bcE7%BfEr6k)KaqBlLZ{dmS*9$&R)22IqEk}=ZOTMbQ#v5KyTr@g
zvMhhKWc9tWf2zidt#mIfX<<&AxUq#+S+hsChH;rQc|Qj^x83nOaf+A3EYBekXQETl
zR|A})?pNk_-QokhTJ=9y(;!9bXF_K&a>Hp50r>$Bo+`gHYPo?Lh(H9#n^~R!MEYwj
z>BYuvQ4g#KPQ92>7PM>nWebVr8Oki%ROO7tV3UJkS{pb;jM%8>N){E@3>52j(|eO>
z>a;{EYt-{~u-L_pm6(RPS7z<2=5l(atc{V;XwW3K>cIkBRBVh|hQ3;F<k_!i7^z|n
zSD%u_u4`PuT>IvFjC21K6}*QshgdXfD%eEN>YX+7m+gudNZ5Xv?lQ8~tYy_IGW@gy
zOTC(bW6&4=f=lY^HT)--wv?$-$(rlk@u83aCC>Eww>8`w>bp13JKQhj!$dGkvK|k>
zBr&1yZL-qtL4IaXHU-?r^nhsa0@>xvb5X=rhZTpl0P@ba4J8|r;jc{XqAIurhS@P3
zwXPAK5c=U!x?%}w%b`SRUm$}lJuyzF;GNE+d}57ONNRn_XMV}3H@P^S1gGGh^sN@e
z@M@4=f!a&O2N-%=pn}N^A^UJuQ~oHs`Asl(lVsQ@IAV&bYZN4}M~Fg@->oH<6hpj<
zn7{U}udLavr(h2V#0oU4<RLg)iWsJ5Zj(-SN)Vyq3TpK65pxbcj%vQ3OuEfx0>Q&>
zPy<S9H5NasyDk(mGQ{)3bwtTOy;007W!ZxgqSmNwenX=`C($xoTCtvuYf7#lx!nDX
z8G}b5?Xm-7IEg9qr=&E|;A`gV5wgQxnB9u@OHWPX8Pw93gCV|20%*8G-uGj16^8HB
zCR2I5It>YftPJr;Gu0WhKGjK*b(Qu(=f?CZ8d4?Cz>zW@%%j{~g9znAhw0x}Av+_B
zsd@xDDM!wBSndVAEB!959VYkdE(Xy-S45O=GUp!-D6p@4t<+QzWk?EXFo97MK|s0t
zI&qyP@4}2ZN*P}|nxo~~JIMHV6+z}vMalK5Z~H7|q~Z`5#7WEnd3N@dE`H&xX~son
zLvO@=nvy5+%{@-Aw+g9XPI|LvwhxPoY9*$Bq~dx!4~aT2)IO;DNTtUxPm_0(r{LA0
z3t;vFEBf(}k1q3ig>5VEPimHYG&5fH+qH9TpwE-=(cL-I7oBXl<EG|3YWl22V2|_D
zK2dcb)%SkdnPIqyR<Tfh2d2!IPPXcY^AmewTC6fZ0%Mk<s*OXxfb^V*R@iI79Z2ta
zUEYl5VMyMk$`4G1n>-)IY}Ge?HiDO^wThcQvRqMgiEsLNlY!ncyyfHm{8_K)t6-Wf
z2kG$E*{_yAdOqTjd8=Pmvb0)B<1<(uvVlO#_`C)`C!gq@v@Am&L2`XL<!jCM8+VE1
zX|z4p4z^!W`meH3gijtLM74CEUk(%Gy>$LT`t9O2xvop$4Et9HB-uIqOapB+?#cYC
z`GDtpKZvJc!)#~y_I;|aR?qVaf|iGmj6PPl;ol@zOFNl*-QAFQH_&}Dc3nJux)%Aa
zcce%;<ulcOrATa<+r>w-yuh6EV~4weFAH$N;`~J@iG!XeLN${=s<^twn&BQ|U*4$L
zd5+AAffiv>+`$&%nWuXyQ;*rsoNuc~{^+de$Bix`-lcHG^BF>e)}X)yMP1>=vs{Gr
zB-f`SUA~lv%!qW$cf`77m5qf-t>R|$ewcXl&WWQvQ8$cWy0<bXzb^<b`66PXO#~?;
zM)GoAqR`pHkVE#h9>^n#NaWGd-1}mRC;naHbx)X+d|Op-Xlh7snXTW>Eq5(!pOV(y
zNGtbKmuP<`ll1(-PGeMZYhF~;+4oEWUGo8t`&qeC*|Kjo;p^q!WELpap3+q7o*(8>
zzOC=iTR@Cu4w{E<B&rqfqm6V82PAA^&5R>v&@AVBTb`pPYZyA{g~1L*mCkHEpB}x2
z;F6w*kt%H`l?^lNp>hpfljQqhkZz)xDD6|l)3E*`#$sQ|De=x`t(p2@ZS}&5CE;9-
z!y^tmg4~3Wr6PP(1W|OQQ8N<flGmdSDt)!+?W&=xECnjG087jx+{NYn*X$<=?iWs%
zM*?T~Jb}g%D6G04CX`2AaMzqi0=ji}yt9MI|G)}ey!QK7LUcS)s_PE9UlO?Xi_cz%
zq0V%EU#MHtt$IO={ZIJ5_}Vi(KF@mTUWn<Re2Ea<4jy6664JSg^iTdkh=x%7ePTJO
z*~k(a85<hvVsu^Tq#cGx$q=UeCKtbUDpVKoV1&x+w7dqS#-B_QiX<RZ031Td^sS-~
ze^CZMa0zQ#Addq7I_RSWh=~*)U-LVE@eqZ8-zlV&LT%Uo!+6{wrE|nv3%sNGKZj83
zMGolL9IU~=4~k=APrrC?&_?#h??KC0gm(Y$n)`LkoPTOV0%1PyGbZ}`%8MQiGgRDT
zQMxXc8>9KMN1Og+Y*H1L?ei`01%eqEK)v=F_4ZpDh;@H<b6`T?%Qg6i$?+7L)AQ=x
z#qEmbhv7fpZP+yqi9_AtsnBfn1=750RbHi7h1EGnjKIwPY|XygZWO_yTlwaL?s0$H
z%`&G!W9JobefcjR@W|AT{i-K`=fVP*BZ_q0wITd8u9LK4R7V?wu%Cg*G04!<t}6aR
z5AD%YEVKUgfYl4B-_#EwV0SQyTz)^<kk1V@PBvSms=9^c(})Hj7Z6k|7`dn^v)@al
z&M|Bc<zB7yRB1qtX6$8h8xLiWh*9+A=PPGw3~$#RyVck94%Tkw^7u|%)vk_)OisHW
zQ#&Jb%PnSHS*ldXh%IJ4+%TX_7}38-K5Pu@Cytt>)~VXgN6I7X0i0X>s*X&h^|SP5
z?sFg9st!t35j<ZOS_6ym*z3l6`08tK(84|0S1(SG4%s%Fh4!5m+BxRqMI-sggJq3e
zCY1}@&gXRwc9m20!w<F70;H`!%q`R=>~}`7Y8vy{)%7H}UWl?Rj9{9A%F6Hn7Ck`<
z!D(Dl=GFaoUrPD&<6Y-__z#cnj5st1p`x+cvwcbUU{~}AvcJ_FfO7aI=T-A2#zeI*
zNurzKuL4n2ZJ`$?UJR}ompkC`J-g4GBB>Q>tEQ|*r{MDk-ka6X`ofn}R3n`LNl%mp
zmmJ>qdXAOI;7d?mKJ$KXtGr3Z%KgFQI{+mB6{2T%s3;96;<bC4Rfpt!Ybjw{^v7bp
z7prowyXD<Ov=H?yTV2JPd@BwXVupU&@8(*zgFm~vP8&@gmJDvLo8=dyW8#YRwqT&<
zTofj=a*p9k-#Q9c-|aO>A8v&SazNK@&!}7bcyfi^eLtnw9(OuOa1JBermIjsVcl<}
zfMD`Kc@0I6%gr_AJ!jrnVcAk`kF2(aEc^^qNfN=S4{!%72bksHxs~+BqTeUg0_dcy
zG5>m@B%kde^fsv;6LK59gjVa)<65<yO}AnUES;_3y?&pK{Wxj7%Wi4&mivyj!<hwp
z#R<_2`z8!pS13;#_=Jn=`6#At>u~l8f)S%tiB7f7<pYUlEdHZ!P}*2NhoB>>lbk8n
z86<qN!Lw{WSTM&b?7m8hxIEQ<M`vA#+i7a!$lgAS%k2Kojr>y~^Vx4JxvGH8Ut?Ub
z=vb5x5CqDZLiRK%06r^+btv~^EF3(i?~#`|oMuAV>$!*UGqlEa-1bE4E#Bk1C4)$E
zh6mH5+<xs%@AKoD?u4Ua>9}3f&HHZe8@*294YkK-4JV`yb#Gey)i3L6kyRzP!SFUN
zngFGjYEL?{N7gzn)n}$<$2FmK`usG`lQi4?g945_{D{-^MEhrqc&OF4hWVS`)-1EK
zOJHnAv{<#^8=w`cpjIh1u8Nvmo;+~rj^z#zp@;8%?cZ+EG^kI6=c{ZHy4UP2{M6Xd
zsol&OSs|=Q&F;WLt!ft}ZT+*XbgHaTkVd5jYBv!J#921Gw{o7uYcam{)n_VIwx)`@
zUW&0#O2cGL7rhfVp3SWCxwFVIspiEIgeSb;x6<86rL5qGPYyCGPxJ;oUw^C0$30DJ
zGhjlTYg%mFzhL&_LuOE}OU7yEoneB~vm2CSD~Ymu!V^=+(<VE0$VfZaT{ph`sZ*7O
zg68v!3Aa9fc6AEXgK{IF!3d$%Pn1o#&0n^k`9i%^TY8e0;MuAk-$G8Yi;gnvWQ#`^
zVRMZyWr@(7a{@Chz5J~{fT3K&%-qm^juu|;tu(0^L*;DcVil8wwJj1K>h)=OR@o!g
zR=vvunC|TH-~~s&-Hv+$+Qp57eh^hxh&2lQTFRWX^*%c@jlyowr$*VWl<@KlvJxKB
zzgzIF&y9Ef$qaHeZ5mY<7Pym#FQAdmchXm${j<l4pz}_cbIAKbs>(w+(`3s>R!a7=
z4PuvBzY5N1l$euFNjLg<Rn52~x`ETpIK6VBGU{6WD%SDSw)NqB+9{dFo?U|J@<=wl
z7+!-ayNzjvDjDK>WZ7i!?U98qeu@uO-=(Bz6y5KZDVAqzaIS)0u5!Cq#8lSF3N9Vz
zuf_~L)F|o0{46Fq+A2fh(5?G=b5ED}7MG0@U24N)`Ogm6Wzl>lLDI3$hF=ApJW^YP
z5Os>Bdw)XlYUNFhHR$8`QQF%kgVsv*0b_SB-{e)kO{!_NY(=GTLTE91>`ULAMGLwo
zXxq29aGwm{xwxnOD$jMZ)nIeVVVb*i<iTdlYi8-hi{vAF*V$<&_pcH8a*egO5FL5-
z%kJ<wv1BA(Tfpro6yO0-N3hVU7mpn-^xcbQABS(|l|^NJM|bc-&uTM^fxA`-?tkCy
zER%N0tbJY-jx5Qvw~aSA-~XA;U6`Ke(ll-JA?=L%2i$HDEA@2*9LB%t^=x>cB^?x)
zA9v&-QZphaspCDgn=w~}U0)q-eI3DO#82zqw38%ciPX&`prv-7ELm2xkrQ(Iscs^6
zwQwltyPL<sO1FQWN=U|BHo@~%I?3M0Rm8-<HhdkuLgzba<o=MrZz(FI%2T~v6r3C+
zHLeFoqa&>mH)W5vOx}-^r<ek!MQkW<>nacHpnofhtF;-nVHFbp9W?yF^+_5}!5WcM
zXh>};6!u;)IJgzB(j7Ccl?9EdGc)-}bt=hanMI*Uc>KeFe=AKBYWI@I!M>Tpp%`U5
z+{rd}Z{;yxy+&oaj0KZZNMx(sQ<?z8Y)<1IV}+YVJ}7TMvYHW{GGeCTN;TBA_uY~J
zwvm5hZ-oF3TlaMvDRfgW`XOK=&B0Zl&BTCD*>3*BuQ}Q2WE%#x_?oS(G(bz9t&+Px
z$jAd(j19loMLrSCM|*8qzho@<^|eNjo597ejaU3mfzbxp#yC<xcHN6Lb-dVk99<Qm
zGR0La%brP4R);QhRhwzmUmCLY2<b<AexTWTM5JJ(y5x-?Fco0>J2I>hdH|U=zC16c
z^-`btkn9FsCrNk^KM2=SWF5QAtC$SVb1c|6J~~m9Jr%en%fDAKEU+)m*B_Xbkz)LT
z5@&x|6MArv&I4V;B8;9#becBy3SJtPPda)-W0G#xZri#p(pb$j+vvoOl%<=!aa8Np
zsDnnMC*SjrQaervKE3~N9dD#oQ*~x^YhLo%$r@RAOvQ4nQO^6oms>z`cXF`RAxL2*
zCx~-n(Rz3(O1-`IxNIPAWEYL+o4>+N`uj=&Z?Q2_Rh=cV!l7e=DYp$)m9e8tx%%ff
zo+cTGnDTDFt{X>%&uts%xC29%>dhx+Puf05FjwC6+4<zAs;Mz5_)f@Ov)VXtYVtI3
z#|N*h_VRmPomAC)*5x?zc+vt8<om48X*SOacJissTN!_cm!3jss>R_IgUSV>_w9{$
z&#zn&#Fr2eRuWXrQIDGAAKEPJ9ybBztp#M8Mpk1-TVLCR<whiH^g6+}7{+09CTzUW
zS58VMdt)g)36$%)x_BY|hf!wCm7_ZMIIB)&U|XNP&pN@20v@+G5o-rq?tsjJ1(bZX
zC0*MpKoIKywO`0!D?LzT?o98Naw2u+C_R@GoHtD0d}dj6(7yL;R&%h01ne`z&A(?j
zDf$jM@vSyc$2N)#g6e5j&Bx>tC6II@+?@N>U&wWBn>UUf5BEqm7OwK-DiL>drR88)
z?yYoWc$fJLLX$S+r8ScPNzxr);35!>%Hi&33xTwEQCHr=@+jhm9V%*flBW|x)R>Yq
z55|_az3VGu;n6$F8n!I>QaEz@GnQkh#z?j2%do4x-%FK)wu|4>@ORuAQv7SBHeru1
z{uTZ&s(2bcc{x6899B6T;PUIxrkkf>xN2c#Pk&7LSirv!1zkuL00isYIscP!MlEVD
z7(nPBqbdCAcd+v-;sIOs5Woov<@z`Nh6$7a!1PVxa(Mj-Kd@6!x#+4JW`Ccd55(CY
zmQ_M-{td0{z$u0-)V%*XgU>6vHQfQ~7#0SGKX2JXh=%CfGAqH96dUF*Z1>Nf{XB3d
z)3xPV6n{2v@eVlkb6d_zl0UE5Rt+GN)A6*m(Vu4y@dK&k{l4x+g+Cijw*#Qq(v)*&
z#Gj}OGy-IkU-E=W{@HV$H2^b3I_$8j`u=$<PT~N!{lB%ra!*0wD%Hq@hIzq@0trrI
zjqZ+XYVnZa96e$1zWXk<VAP$2RAan9S~r4~L(73USUsA<h$F(Oqg~3X@G&~}CYC4q
z&8SeP1R$DK|9>t`yhU4v`w+Z8#;EuCLBN#rPHh=@c?t_iACNwfYk-XASpcbW9+$<$
zla^Err~W2>_*gS2+W!XRo=YUzDt~|%%0$0`oj*A^l@%PnCkrpa?2Hs;cmAJ5u-g~#
zm_5(w2*YoNt2!Yp-9ehx{^E26Hdbh`)o_)dtFJ{t#`xo>Kmh5lVc_zwDsc3IOmyo6
zc(KaX$wF{BNYqTyRslu33b6Fop9AfB0k6%nTJo#F&9(GIIGQ$4S-Uo<)VVm(2IOj2
zj|dtb6}W<ghB-({37jB+ba=~`%Cf)}KHdtzkAAXPa2ZQpMH8)NCs4qe+<P7VQAZ|(
z9Mc@^3N_lc{i5)V{Q8OFUV)ABK+CVe_m$|l>W&38*U;DC+ccAImYQbo#`L*CK4Pnx
zy{>?$<@3ZRKiY&~kqRZSgy*9RQwTdnl)GO&Y*J&7V6Qz?xE$cA%}$MzlKlv>bb!R+
z9gxWb%#?j2Ci$lAR2F~r*?P7Gc%hEKNB@~w@N$>~uD5%gKx%G=dj%*ZZ`Cumxb!E9
zBArZn;!HcWautE#dTU5gwv=baWsvg8+u5ttAdRbjygh|<0p|TpkdfMLT^-F&oKZnb
zQt-p4K6mL&;NPm+$U7JWKPlcCD{L-F49afc<VGbLM;}6>A^4?Jyeo0UQz9z^F17EE
z&L3aC>!yrQGGK}_2;%+8R<rv;6Hw&3ZmrY~CkHhkhYR?Dbg_eV)wF%t4ZmtwWFXZR
znQAllVG!HMdc{JHzs=?Tr&c75L*3J{x<o<2h+6dkFuWJpJs(A>LISOal~qrRgmYDt
z%9!qf#0nm1gn{=p0yw)S6_4enZr1t<P>Gj<WOYZBJ}R|~N;`5}Or$8MSxXv)bv%wJ
z+^Iw4>E@Af%L<&P2#!cF#vAg#KYSEXex^zHG?;s625rXmIG$CzYKT^MX%S?zW`p;7
z_;yZ=aLa(XKz@cqfrThy2`FUYOS${sjl-fP!o#Bb-)I7@!4&#9S<Tv9T|XvHV=tgM
zinb<5CNsG6L9K_igoW(<x+3s?9he(pYsH&;_=oF3H_r$tzN_oaW4$OI`@}RfKVDI>
zH&45I0(@;N#w@RpSmtRXG&w8-F5Aro1vzoucSw-4tRs`_<~y>N?H0<f+3z4Ztpt<I
zr7z<HWIxk@UAJx$nr!n{M-b(NfYP6VEa;gX#7(2d(TYmIr9wGZV;IQ)SEB^?+Za%g
zi*|DwWbNwY4p|gVO@1bcmc8kQ)We(e>&yIfoToYxXQp*1E<aH(OJ&i%^U&onULR5l
zYIuX9&~|VZNA_O}qh6cj;*mlg0>l&5^}Ov5@`p4;rzqX*b2)}0=1K--iurbG2J62m
zIi*G=K<v*(G@++@X24l;F*zYCAx)y}i**1IP9EWe*6jIaVg~8_%!&vM%50Do-k+?r
z0c^&2U1>L3-gC%!Q7Tg(-+D&!Cb-f8y9%^w?LKYXx+AUod7)s`K9O#uAbiZA4)LK!
zb-)g<?QK$AR|W~}4u~Xh3}GJkKwo`E>7V;I6intImU01xsiJIz^3qXWFKSa21HZ<Y
z+<y%igkoK{)0QE3%SJCuf!P83^=s+23xPam9x{W(_oa5bS(MdQO@=b$-J++lm`?^^
z(($TLbmf;Bbwull4j|bH16j{EVz;e)z=~lqlBJv-4<R7+Xh|D$()NRFk(_6qW=tDq
z$$mpuq*lcYS+;W{{rKKL(<Yl+-f0lldpO{;HkcgSWe4S=wZ+^gR<$p}myR8~d;HUW
zyT~2A{nMby1ocWh`BWqh>ItypE&kkpZRF9xG8~|ssnB9sd!(W(laVus*O3#c+VYw7
zVChST3Z?>Xk&=Jf?0U#c{KD@q{mu^7kCT94Lf{b}VzU^Dr^%{FYg5WS4pwijji_vw
z!QStFH0xI%)h-T6%3=26)+yPq-#XhINcER?FdAtg*WEl;olR#WG)ZtuON7qU)e5Hf
z+|-TieC1AF1C;L<AJTPFveF(ge6r?Xcx?{i1zx5Q3ohuof7%tslYY$t!~4TeGaLFm
z9=yNmFskj4`reV$d_qN<KzS_l-A8H4!@J_(5u}2OEG%D-8oxp|!iN%NO7*fR2B~_+
z%AHK&?IPU=Gk78<bQ(2{Lm}u~g#PFfM@Nd%Ns*aO=>x!GvN7{wUD2~(S`CYd`?9e}
zBvDzbzIn{H0MDLFsNES<^k8(T95ipWudjl%xEk;nP@>}JLG;SPngM@tu6k9v)Rb@H
zSFJLyE55dOO0|B)&X`^mNrBrn^iUox(u)zZ9=9QUC{Sn+f}3fH*(j-Lkv=PFlzNuI
z@^lDKYDu%y7h;<9O}a4&GCyRl&@JRm#>K2k5WE(gyEdzV{4^yfte)X^40H&pL-*AZ
zzsPp92RtYQ@!DdFP#Gq4+*KZTdI-D)Xik|SLPcTjyT!1Kj<nRkYro1yJ}&{I2^q}r
zNTy6<DQPlgkIYJOIW^OGT;^I{C5z;d4QV461^v{UTy}9MDP@-($uXV}+LXfD*e9>h
zGk-l&*+U-B93N<;C3fLE<Q#BWL!ajMxku#2YN5eQ#@<mqdSm$H-JpGUP-Zd#DmUgK
zM1)ZUme{QruLoR=*A+NAvuD2+CPLUU*{-geIRM$(Nq@3fz^$9qaZ<4L)MaAX=X0^A
z8%AkWWDnL-li~7`L`N?NJ&b{nDqT074M#CeYLC@G$t}x09@2d{&*dnQWvw<!o-$^3
zBN8(aNJ|cuHUSXu7NxjIiR*eqN=5G>gpad0G0R$AL*nClGUu1(S2sP)B&Q&p^hB@W
z3T;6qPO=xHT^)WXI_C|_q*)nVzmNx80KwKpugF^d5W81vbbSC6)>(y}Z?LBHq<@o!
z(%5NneNrMOC3VByAG)TmI*_o<x^k4OA>uGqZ_Zmiw^^K{pL<!yJ%_ET#trl}tK7fY
zXCGN1>1E}x)C(PEDiV^+%5Pq@sbG#ZlJ>@Mb;?32Tq8bZ-BTQt;PO)%PazM54BScq
zk-+qQ*@R8+8c@0&F~aa(KXW-Ah)dw?48w0;l^U*hd`sDoqvgf45~j#Nt9e3uH^Lux
zm!yPgRT1x2#OSBcv+!(VnX7Sai)N#(e92%sB`cWwf$4NF<ZxCxK1|s;h4R5L8Pl5c
z^pm2Y8m9w=Cr~BA6z)UZ$irG_p~QzTF$Bz}L)qQ2JP1>+FuA^zWfB7Z!w}ub2|-lq
zaLefuzM&8nJ$vI@jP0s^J|#ct^O#Y(JIuCEyrR6AYPXau5^))ZLog*^S#*jAAtDm4
z3qxHZ@$Ggl!;_h($<N|9vPp(^q(6M|5*jYU?B*N3E*jrhDuekIOId#4sQ2sRX6GL~
zv=X*%tQ!lEqi3aWw^iMFpn1x*=eW-2NcUGmO0(SGO$Zd{M1Q4*s{TpW;f4>fYYK;V
zka2CO%7p`nS8==!`Nko^K%JeVB>gppgT}T`SfE0IH!CU-H{`HMo>gloSIBjc#&H%+
za6bi|15<IGF)u2X8Fo0#e~s3qKrpb*S$b)KDLrm}CD<mJj%8L+jywe<MNj1KmFCwC
zD!bNsZ{vLGu#PA`(@`6L+dzsLdltGq#&)f-a6yoXaY6K}7|3bi+(k-OHQQRLxBJI9
zuXd-Qmj>JqtV;D#64usWdTSZII`%9-#{MV1G0|<w4?(y+hcRwguylCltZm6g7r*`b
zlh{QFni)`c#tdf~m{jv*IbZU9l!PFPZlll<ofbMXl@g5P@D#kvkwZa;iEvQ7E2~?v
z@+N{m>zQ9iw#XD2iDRaqPSP^6BO9Fw)3!QP$!%TKB<bKMtt`9e(F?A(?<wj9azV&n
zVylK4Crkk6+;w#wjj21Y20pd4op^@d@QCo0XF#|rh-KjnQV=Dv8{wn@loUTV?#QC%
zyc^L8^zie!?eO@!-1o6#_3rN33y^|;h$SCoI)<eP$nat5)7R@}K&1$pj_r4a3p!Up
z0F<_W;x}<cy-~{ebSH6@KXY*)lDn(vVI0;@w&eH=*L^4N^B`%IUFDR-`Xw*6PW8YF
zoft-oQK+6xxdvq!$&uXBdiYydO~(YXcHt9C3lH87e*Dm)nONM}swejQq8#*u6i4!}
zxI1^bB?zWDT#UJY%dP<|AgRgKt)EWh9sdBq*TPT#bsRfW$dimUEP?Z^=3adG)n85Y
zQ5R~20k39Loap{<Y$)^sAXA@*4}YHub+ag#-E<Ei?>vOC<)0Aril-02t2pXve+!a*
zBmu0{I`*FYTfU3~P&!dj0pVXgh8+daamDtvf28Gl<=7z5Fes1n3;XrsyRzU^PLa2N
z^S}T3WgEAroV&zvPNI7mE@IOFwTfOL7DNuca(yxYbi784@h+dW2fiDWHNMmP^YIAL
zNuhtwb8>dt^@q2FGfkTfcSOMZt{#uKr#~sm&Z`^AQpqN}FSh?TV_=vqlwmgg{yE(7
za9%L>X(N8NdZ$K$)hk<y-|Xdopt_LT&9?p+p5e4ov%v{p*WJ4K6#;h0Opolf6M{+S
z;6R$AFSYvvdd`-!oZQYMy>5sI7L~8MD=~7Rzx#BI8XbjW>o3k&S~5rSv}516HT&Ku
z1Ht@ikq9D3vz)C;hj<V1R{h*+;aI|U^2BvMIQA`Vy#FtEMTj#hW2Y!wWIoOjyLDD}
z!)4p4I%!aOWF=Fl%yjTRdqoqbse858u9rVsnf(@f0Yk9BgpQj<Mg)uQv`SS2dmUjn
z|K=hIs*mY-a6m!0=AL(~f&eh-p=6f5XF%Fz0t%j$gLhaWPJ!V;6EqGb6Ro=~S<(xH
zwdVprS8dVcTJq?kVh?fmndP|vMZ16RmCIiba*^5d_Kj)u%<TN?>1&4Rz?%VZWI;5i
zF-G>e$rpN2DZvl8WcwR<Bo9K~@N@p|Qp0o)NMYnd^?9>lVCP+tJt}tI%Xnfo^6;|q
zZ9hG%!YX;KCE1N=i_@g%wm(S8fZ}xbCdKd;f~o3dlNNsNgng+wxxP#AYgf-B!WK;|
zAJfZu+yAD_sB>BCgShdpxwl^?1m2Ij1%PoGCP>r*XXtqgO3?W;h}sO`#G`{OyXu1;
zzFgpWR;jc$s(<K~2vWuxd-E+QtSxJoc!Ii8&fizsjm-Yh_VCw*>qy=L3(x0`Jmu`j
zHAZn@J}*PbRlXi2?je*i<QktjY~P-`-!HJ&8aN}y*GkLdmM8-L$ryuk|JSgv4itJ2
zBfU(?%JKP6>IQo;1WX+KMjMU42RJ7>rdI2kxUs!B6h>;MfbSVM4bS;!B`HR&BpsV<
z{aaiEd%$m#yC0#d{==18+D)1ZGE@NGEV44%xl#qX#nYVpL0^*5Kqm!ofFR4P(Eq;3
z2AK8gJd4=>8Tr2&CR7G=2u6I58Go~KbS~&mqOZ^J-w^}f5_%7Qv4&Gf^Pd^~>pR$<
z;1;kg(bfOq@&5U6fSArv@)!93LpUIW4LGnD?}*#bQN8-#o(M?*r+EM3pF8}|V)cR!
zELL8zLS%n0R)^pe1H^Cm|2hL9x@Xg!wyXcNfldqqx8!X!!^%?1@5^j{7V`WkSzW|{
z_<hw7DojwePaiPIsNpgOK&#Edy$};r|9EQA$pKCUe59jb^LjT@Ne2Jdib`mYR$Dv?
zUL}KCkpV0xfp3Ni{{8{89Dt~bSE9N^b|a;vgMLXZLRc_J8ZZSb>6;CSeoe+v91=h*
z;gU&h6EXn9%=W0q^*<#QLT)7DmJhztVpbae^_28@0H?WyWhmqM-`+y?o1rpTQM0`^
zf6-_E?Z{0mu;@>DbTR$iV>y6gG*S*h{%wMp0^M6i6~c@8S4V~@gHz<-776}!w15h9
zy8Ts-^uM2R5i{7Qm4)GdnupLZ?7gov!YqZBN&bAqC@mTGbP@C41hYqjC9uuFZnVYy
zy#u#p36)_%Q8qRZ67yv{b?qU^Sv3rS=G<K20KCw}-uZm5)naR+RD$2~6+z_SO7B|%
z&Y~$4$9N~v1v1keZ+7-OWN0U9Ydg^Gwc_t}K3b31ErEhWp{^i!_mR(r_Xmn8wlRV1
zM3l(a^{`(|onI;qzTy<m#K!#!3_^RNw#Zov;JLR466=X}#zb>)!D7IW0kH>F`Cz+E
zCpspEW|?`rf;|cnA<hqa6>l2=o{H>~h{D6pJPKt0BT$Wz#BU~kMb>H_gY%OMk$L2s
z{uM!_;c(un;WdZVw^0>>aqH9Xk|RvrJ^4?koterEP~H#mySrls!Q=XV)W#^U0eEfG
zxL`0KDy6dJlYL8}Gt)bvUsf&?oVQJfvsKH1B<*p(X$~;_bL%(x#3wZFQJL6QpCCD&
z<v$0q2l}c?oq4bbvOY_UCw`t^tQcj$fC`o##8H!@JT;o2G=|0ek54KYa(BS(L~}u>
zC+m=KO%{!kxAt)yn!)O&5akWPXhinxb@R-Oh1_|$=|e2D+xn#w@OH7O2FAuK0Gw+8
z+V-55c>?N?C|Fzb6OmG0dqMctWyiJ5XyKLF&c!Z7{#Z@3?tSTz<BE2*Mc+YLH&WiZ
z)oCTw;T8}B3ki^|0-z2`P;>w$cD?hVyw<x$OgJcVdAd@%%(;Kgu8<;rIG*J?KPY^S
z+7RS3KkL>Ey1XifnYLbMTOG-bodOiAeFsze2|p!|Wn3eFaT!JLM$Ty=4;adXEFp(r
zQ)dI)pM(9B-RS8RVMZ7j3!5D*`6XVMm%LMe>M@Xxc~S@*4AV4#EgOW@1G@FZNL9<~
z!<xlgZ>$?Gcg_$y^)P9kDMJ)JceFjlH}P;gfU~DSQI>xgRhUx|&Grws#Ylnv%j$(7
zK64P+TxiSy`$qj1uxTJ&X6js#=ODb-%i5FILD7t;av<kUc~$GovHZ?uGjK-oyQ|Nc
z`@B;&6fNc-x861YPuS|vA`4Q^2AEYoz!hzUO0pG#0wSl{0zgB*0sJa6d8UJDZqZ)q
z)DEZnOKv()!D@${?R?Es`RVYX6j7Mz6mYaGjm`kd48?TU>s-Et+4S(X)=xzsX!9ua
z%|ll*<ddcF%ctyPbxEBsx+XTRJWHQe>3miuk$FKFnrIH*{AC6<>BAMpX*+5Zi+E7g
z8>1SQA|l|H{N%zE`Obm1Vrn2Q@J4O2f9bRBryJJWmGC9vU_|Y<i&cRuC|p4)rbh}M
zhF)FH0Owm2P4y9&YF5sR0OhTjv~n54WhTY`;3z<`vJl9i{;&4FJRHjQ?Y}&sNZOEO
zX;b#H7FpVmh!ABPg)o!IzKw}C*-OYe%5KbzeJl@?5G5vt89T|A8N0F1c(2j(dwP72
z-}~SD9`Ab`@7G_Bd+z(X@9Vm+`#R6_bACSO^)yVNFEm5oVOdQayRWo!XZ}%Q4->jo
z*D6U%SrHdl$TMx@Jg<5g=|6Xk(piw!=SEOf+t62~y&1S+ml;$7s&TAL%2bRWgY=Kz
z$>V!j!w^plN|((8o*1JWQ?+PDED=uz0Y1ZmStA#*4>jiu+@+d_KLh6eyb%}7#k2)s
zoMrd@uIXV0L&1LWq8&CB)+Y_KZX^eDrXRzIN`t-1ih?-}))$dr`|vu2yDz~`^Rlv_
z;)FIx5g(J@8}cV8<MIlCd}j?o;gnzri}g~BNZ1kI@pt?9*007&TONM2J!PO2kY`@4
z%#UeV<n#CdY0rA8^trGy(KD}rBi2l))cB0`VttD=RkM(bZv?u#W72O!dtIBPUNNyr
zEKwa}9a*Ln)4BrmNMdbR2tHV%^B86@tc;}>>-Owk9jneh@&oxHj!(gy?dz`O;WlIs
zPsl#9(nlF$*4zeD4C2GL`>KTo&kBHN>9jA63eK|>z;6@=yeYuE<wH10yU=<ZGD=%Z
z=UR&;Y^#t1vjYg*k%R(Gi;F@l04Z2+Tb{T7WVJMyofZ+I3y8)8wP4aq4?#`oj{smj
z6}(m}I>gvJ$2%3tjqjyz|Bf|Xy7ifU_s4Vz=aJ(t{ns^f*5%;eKL&$P43X<qAv-r1
zMP6UHZqu-$TC7X)tEQQVYgvOtkjM=3F{l4A46pPYkY%lo<$nnisaM~i`B%<<5}+5E
zul+2?4kuV@?g5^zHLel#?Z_h;9=e<%feea2X!YyN=<2{!mRQaVS=nkvG8yZTJ#3sp
zK;xzj^nr9ah~3MSTJcl2*m5P^E}C4i3vC1IF8?E$-t|&nAqhu>rB{@N%b`a#$N{`j
z){R%-1OA3>n+HOs$VI!fFXrS6@<S{Q);M`}AFHg-wK~9zix63^VSS98;y85-!-Xu5
zj>2H=SPcc^3DZ<N9j52(I`ZXCQ>+wN^q`E%chJcN(QiEd0c+Um)i2JK4MKj)gn0{M
z8Nj{<7ILaRq5awSrL&L$74VgjxB!8U<$6W3adb_mPcrUy!M#xq3CQ*FAi_a9G05$w
z^@P&s8+u|_TgLS@CG16FG!xUofa*9sFl?1SL|uW;<5_mjweW~{^K5$d_abwC<jMr~
zhgGCDLa>~{>#}GghHXZsbcJHF%(!}1wf98yJD4P-`cDLLg5%C4uby%o#+000&95^%
zMhK((Ve|nPv0dI|<)&4~6%*--h(zb=u3Y1sApil4w$pEZCs?Lx1UjUI@X3H$b;pq7
z&v%K6mf>nICRDoTsE+p^Q~z76q5yY`qZ=ijf3&Jz5>QjRNi}-8W1&|_)wek3*7Gk>
zsWHK&;c$~&(FssKreKet^0Ix78K1*9Zq>D+=!76jJjNc!nLrIb9uYiHN60EkPKhoM
z3$P+M#juOZai1I924TzA)Far%Bu|Yv6#GlvDNM&p$7~npd{c~wGM*o|np%mK?jB&x
zZiPP?D}gQ>_vfArF$*8>O0gR9Nlw{IVY=2|cb!o6Mj7Y4ri0o%Iir_q;`~(jEwMjE
z8bhSlz3u^*q5$lzsL3aBZUy8q-p>~t0DP#KnpZ61Cz~Z)I%CqeHC1KkmZ3PzJY2X9
z0pJb)mgU3qbVA}?raXsG$3a85nCxp?1F(>cXNr$M(NL(E8Q5iM^X-8lYw>DJPU<Zp
zuR>sZVP0l2mFG=`nbHRP6NZC<+pQ%<l9GyH^`7&?dlA0$?djWOO4ce-K6yi5ZHP5f
zUQ;G~F8HwoYD(|OjUvGw`a~|zQur^%iO9RhEc>erdI6ZOr^jP--FHze=i0jz_^NRc
zB3zLlxnL0n&uqYQkIGe8=EK+RXZGth(T?fr5j*1a$?q`R;>DgU{JH1#m-8|2UM4&f
ze`~bu(3{IOYA@A%tWFu;Wv0#ZDJ%fsFs7t+XLjyGzftY@l)d+6;NAtlHdnm{w##O*
zg4bBX`^E1o<d~dYbV|cqqyPD)ed)S_o4z`|c$zykNIvZvTfsA1P0NEK6OlV<T?Xo5
zKml7<4RotvDV}kqDj+k|tl&r+Yb{?$t9Fl(FkM7ksAKCaAiv7<`_|a;(d^yEr|z!d
zsf%FqaHkK!uUbFo@sX%+l`GxhRHn>PUqitZI=fF`cfG`T{Tt|zg%RT*L7j_@2f4r^
zd0JqIT;IZ+Pw}f2$zcJkAuVGG^u*Ptk%!KH1OlVEPNR(Tf)KVG^)l$s!d2O*F^>dl
z9ut6(m5P$8NvuAmk(^1>G;{<7fYjdJB<@$3H9&_mvP~yV&WLDbx}|&;1pH(Tpngt}
z*+El0dnoEe^ov<NYh#T7I*lAa28!H%c38sA@HC9&vjU97Vt5v`sXb4wBt2qmVmHQV
zIOFkYhlu!YHM6PJiui=W?AYr)lt|8wp!%$0=z$+NJ!h*YnCy647a?+FbNhLSo?J&#
z8%<z#$*MWjo$zGz(&1}*PpVG;^b%R7fAjZM>lW4atH4#0ajVml%M81wE-rhd9T$wg
zL|WcSeo*9SG2d#9P-A`!mir9OWCUuo%iko(R9zsN?mnU8%Paoaa3&)z-WPL9$I&V4
z@I{4i@&_>;==*pR!}84T%Of|(xGGNUSQ|f|XolKf<=v4ge%RqUd31Fwo-*Kcxa_3F
z%P|j=g-$-;4tL&3jiN-Y54MCBm0mf1?<cocxO>K{lMP|~Hp=1E>{@!l9VS-CMJu*n
z(QTIOXwYz8k(Z6r)JZyP^E?M$4Sf|PqCYv?vEzz@xp<P0@Ay$Xn&U9}VviE!CXt86
zYUBr3a(TWH!oqrpL$O%5#7O_b>{I86?9qscAE^v8sB2j_mmK!7Zkh$O_zJ7TD)bKp
zO1necm$(+RQo=-BR;wgWy2A;X4rMWY-{Ytsl*#~kbb>sqjQBR-Y(fxK%p5O-FV!s@
zk;-8c-kUMaV;E43w`lP=ekzxrusr*NKAtGPeCrTJ3&Mu-Vb%SD)og9w>3G=3C@>9r
zz5_3<m?Lb3RD=6J&Sr2-p!Ov}=u~$u{u0v-E+^E@CijPZ5X-cFwWd3C&CUEM?Dj+|
zcRF;`Smh_%^I62g_>#u<5{yE>)+fgdUJpt)b}B{BBk+eSnR|q1Y+-guy;ISYGwXxX
zC4!L2!~g^CDEPtygl><mN^|O;nuVWsX<b5#<?#Db=OO4L3t?_gwBrT#HYr7uL*=UE
zi90JM4rK8;`&Nt3w9PZ(?NesqfgP+Gc2Nn26L$`!7nc%?j7lI6t@lBsvt<e*u#ay@
z9g(jnv`YEu1NQIEJxL4&^?mc=0(~E4%4)8d@MqAAZ=ki>htGN<lxAKc_EgqXeC2vS
z)TAFn6fdF$8QA52F^!oPFS^C%Xhokew#tg}w#v$=Rc4x7HvpTs6u9YAz6u`iK;POa
z{=r~yFVa{dBk05-jpG4u&t^*VJ=vC=`;rx<%QlYX)$7Wo$Gu&o-kUs*&wi<wA3m3L
zIPa@`d3$xYKC8F?i^ajR)i=1_AM-~l_3meSNb-+I1}&#kjGZ9wMYTCJY}mK&Tx<^3
z&qu43&>c*pl{S&`eqC~&|6>J|QA3O8_Q`%}Z&4<6-E}h6J}D@6na^%^jOdv=t0R+9
zV)-rPc-qJ%vk?nlyRZ}#2UYg<*aAk(Q<Xru&6T<NVevJR2A#-7^(k9o>1`|pEZ3&z
zdHr0NXZ;1ZY{vYr0ktajh*reEVxItCDV=k5*#a$yoCk2u=SRb*x3sNM%3(XnX|dnd
zsXoDDS8O5BiZVUnVNk3FaN5|@{`?|)lzsE2+FBy~Be$qx**>8i*33-g??>6018%78
zyt``?X8-&6JpcjRQ+Ue^u796=34jQ^Z334|e;;Dr@HW69evQKKlLMmwlJRWeQ<T&{
zt_Sbk1b`tXPyV7!{?&{~I_TZes<XD7zpn@X1q0#A|L1WvP6y%eN)PgZKio?KUi1MX
za2Y2<30a+90|79wBzHTiGI`~oh0bIaAXO;Jz^@k)#l*0l$L?+lO*CEuZGeT&=vgMu
zFsD|Ph)0I=tA2r!a_x!`DR#{_)cY{yQ@)6>a<|dWW+e;fHEJamZC=@;^XBwjI-42{
z=(Jnf&vzbTKCX!Kui@r<(=`X3>OHUMJFLCt{nY`5Sl{J2P3OKcui?X!VZ8~Oh-flj
z!`JVUplT2RSb=-D8p7r68AbD6c;q+rjBm0JHxNSlz!h*eD!DDYplW#zwfIS8+H8em
z#Hn*_x_%V-*T8v(YDB)MywiHGo;t4FKy_F9f=brDy$LQwaj~2~{O7IQ+n=BBh7*~R
z6@;VTR7o7q>Dy<zkJy22j!l-zd;=^21Pq9_Tuzzhv8Ssx`YTC43-^#PdN9h`g3%(V
z0;#1WaMr)fqip$@O4^F!;&Pg*6TnMaJ)C#L`=qO8SX4H86&F9Ijy(W$hE|Wi)idK)
zhc+<fq(u+(#UUflI8%U96g2p{;}q?a9ZkI|J{n_~WGg^^L~2B^IdhQqU<~U`Ft_gl
zvPHORH+`SV`b_O)K0rA@jk?nNG$>xJObQHlA<$2=6}1wsa`JVj1`;~q+!uynvj+#c
zHU|H|Gm2gwpw^GEccCpSI^_te&PDe02M131PmtmA_nuabL06Rr+>2;a<bi6WVu#w{
z*}Ds6e?4$i%7>}bSRqPRZLAdJzCP_IOsU@$rK;lcxEWO2tIGQYpo&E9I=H8n1|p`e
zexG?gKs74xfR|M=>1XXnE&66TDiX>ZT$^yt1N)M>L`}*Dol!jjfLma)^5Kuk)>D36
zu?QGh6CvMr!@2b%aJ46tocrHrz}0*TlRbUi1XMi36jUeORWSYPC4NeMzKPRbd`IH+
ze|<P@2Rgxq^QEz-dI^d}yO3cxp-9!c?1KLJgchJ)p{xaE#VKtHw090m1sd#dw#TV8
zETrLr<1AeZxB@(a0T-v4gHJl?{YqMb3a^Znf0jz>AZk8b>5eej!gaD+!4n!S%G7DB
zOt!!D?{3dgl+Dyc`>)Ie^u1^0oa_Y^up&*--A6NpH?#HISonDi?!+XIbO1<ZRLk6?
z>5WM8x0yQY*PG89=zn6b5xQgz>pT1Ys^VPjMuM2QOYTHKJN0IXGjOW`FYdmUoT5ER
zQr+R2dky{oppg|ZIq-27-^i8Dh(tNR2%7KQE_|tbyex_FG4#Q5<IPrKnz=#Sw$q%W
zgeBst7JWFtvO->&z|{7DDgSeqt(VWOPcb$+oV=33_w7n3Ci&2jmcE_u1<q_Du~Da3
zL87Lo&?A&aW#sG8r&J<UdRXl_Ehf!r6E9X*o}Ws7@Iy`L2j^*4UkHL8lk7coO{Fh5
zQZphShOKB@fIos78cs%C&I|TCklW6bdJWZn&petE1AeJh^B&Mg`s*AQP=A=j-3j0t
zXjO`LFB^V22-2YbYqhpD7Ex(JF<FTbD98X)1*U#@9>lAT$=IrHxcUSif3px^5CN!o
zcwgWVC&e6*$tl0-qQE~^yXNeg^6q8mcs5urEl>MLJ2y08^Vz4WdRo-6=t&niM?#8c
zf`X%G_l*TK!O>>kV!n}NpL|z*c#rb9NF@+}(LrJbVhw=VN=uIwI}_LGDztk}+oA^U
zVL;yspT+nexa-mnrW0*Qc^+kbOM{nH1d*)29y<MGRNqKPve$qOcOL>@;slT7ahEbO
zOMaB8;M^sPmMmbZGc`oGIfj?x+}Sg86?$w4s!zHOBF#)Y;kPsZAJ9lL5_xknKH%Vo
z`cqtw3mu7?AfA0ai&|GR?>qA~CmE3?_}7Y+#`1Z&jrcX-nwO^ZxymLK7lJ;5huwf6
zFaJvY;x%NypgK{z^=5bz#r`s*+Sf(+pWXG`;p{jP&vb#95dm{?%`=Nw^a*X=N&MA~
zzcUv(AXk#{u=em)Ya|a0&%1IS+a1i#{B7#AErF5p5Fq`1@n&1^_5mGbGg{<dILH&A
ziJYE%CKUX;g`MHRs5(4k<^Lxqc>4}RK9FeXd#<qM*)$xOi554B#+|?B^It#yXMAjC
znJfp_%UcQA+js2eFqn^xdiHE<(`BIPj~?ocTZ!6H2B3dOIXSmDB!MowfWf8&L<#(}
zBN`&_Ku<35@@`G9e+QgrPBL9YY3uF&CllHK@9pgee#c4MyGOSS=3Z&wqPX;NyKW_x
zpEwBKN8`s!TYGE)-stxV;o+^XRQoh=*Zw`g%$fG@0cK8^|8gqEzi04&GuP$c1N?t#
zfKy#QX8e;>C9;d<Isy{^G|eTL$~#V5&8ModHs}WdUfDH`;k{cenJ1H4fjiT%HC_H1
z<l$p?T-oz434R<fk)E7x{#(t+E?`Ff*EX#2ovOC|pS=?~#d_>jFir66M@>CCDTGJt
zo;?}m%$MXJ!XslQpMcI%J9IzVzPT7z+3U#4$uPptl7_D>_JaCvD=p-nnl&l~2lwq{
zFSQ-fp?F+9rLI1gh;?eLBT#V)u)L9ihR&1Wht2B??ey0698neZ_17ytml=_K2VZTu
z_Ep1gB~t+Hy22qwl8e5bI$9Gm85TX!9V#4wy9L__d+7dy)!wZ2<Hl1tMBW{H^{;nq
z)mzLRR6MUpR(T);RB8i~D!+vsl(r=&^|V#5IAY+lKO_;<Tz2DP#qda69FStyCCT^>
z9Z3ReG4|Q>3V*u>8jGA47W-8e*UJh>jJoJNBO>v^hw+<>t983t4>)&KbfgF>eX34T
z?GdHR%T@T(kQApynb66WII9q8^V0hzQg>!wAdzS2T9uyPL{RX-z(tL<`N_ocd1^n|
zYMxR&-KKz|GUf@9jMFYX#XhKJ%ZfTsW0O}^^nfF0l1uwtlL8BV6vCT!P{2golr%~&
z?0pVjERnKUO-$|?-hncwAf4LGai+5fmL+sgX-{uG-fW(&;r91S&(>!Xm9lMMjCBe3
zz(iTCX7dop_WQp*(7D%-p?z%O0`^L!P&>f{d0JfQ-6qk*b)tT2(~&j0yo5z+YKc?l
zw~n`ZrA86if|jP)4rkYV85jJP=EX>hPoKArBzQZnd#il^cG%Oa(lfy4nPG;-jA9)r
z4>CO#$|rp<9J=8pDYYI@a|s`TkQL1*3!T(ea7G3w^|9Yi%k;N@_0|#rDfu*7Hh5i~
z=SyrM+Y4bRgz)wUP8(+V^(gg#7xh2{#*PLPhT<6o-MNAWpM`|y0;r<z;xk93<Z(e^
zzrF7h=GL>q_@2>l0rbW2+V?NiHtM3$)3;2u#s-q)KPzNB7<^L1jbCeFtglUvS5#ep
zlV91L1Y6=3gu*sfB`Pcq49HkLXdq|rv-DgJWbaz@>a(%aiCt(SmCyH22bB-n_dVxo
zb&79%`{9uSs!JF}?rwnGC{hjO!%eVHB3&9>Gjz;i=n~yQcKGRHHMB>!_k1i`aSG)~
zN}sw(T3=RH^dR}KIgKPFM;v(0y2JTy8Rzh30hmpLBVxWou|oZ8Oh|=U{*|AR9<WIw
zzg(Wj6JOFyeu9Z_r0RoCQ%Gj#!rcAlJlAqp60KRuP;#Kmu83z1N4OQjv(a);+}fm#
z6;Y!f$ntQzm=Q}uc|vhc(O3^J`K$YAP`!#m@&(+_mn6!l1T~hEu(+LUPh`Lr6G#=y
zy1I<-_IT}*hiPia!+2%+dHKZMTSJ)7yywylPf8f1XTvb(1|o6|>xCJicZ#T#^KR5n
zMJ<J1S-NL?3i^~6emb%CB62<aYCGyI+m_oMOgPH7>k3i4<4Y!1Qw0qj5fY}Z`uM5r
zKe$VCrphjwl|o~x&P>@*dM9-84%nfS)I~+7CmsIx4O8c;N8k{g5k<)Hl(5@V;iU9b
z&c~sA5)-R?9?oj5xwMfNC-vta)PB+{tyOpxuIGpj?Ylwj!A<8Qc_j<zOH%d|*h8c%
zGrS~~%hkVUe4(U4T}N2Sg;fVXkB?VW+E|@WUZ>t&!ZQ*SR423%RHfeRD8A(GI^}hN
zyk?+Z!tj41j51bXA#TDxGc}}~F2}|7x2+~q`G^GT(p+=0kk68n0E1?VxpSY(k4pD)
z`aUg@w_xSB0{3Fl(HQH_?se}UrZ<V8`({ktljq8CsM+Hg2eYT4eE}=*3@-Yz9R5;Z
zkH=U^p$*KqL~J8scX=1<Bg#hqTh|7}Seuz?p2NPLqARnAQum7k&-D^5A<BH~8DSgy
zg_KV5?f-KmU2W_)`r7CjXqBwo#YNyMB&qtDeZE(}9>p+CCiP~Pn-u{)W7h{5rX(Ro
zV$FYi{=3&=iISy(Y4vcw*qo<dqT=Fr+`yGM4~Mq80Q1W3DPP*HHQ2l;%xq1Y;@Nt&
zl|~_LIBE^Jz}*?Umv~q=Kt*!`a^3|uKKDsW$PU}<3Ug1{RdneYhnXN>dicscXb8ie
z*f+zVSs3u`aIS=UjDDu+sp~*r``F{-yl4iM9(b0AJ5r(=;wn3yL~jBco8R(@o7Op~
z^SiFMnX(*ot*t@v+sZ~WlKQC;f@@WeK3`x=oio9bUra_2T_Plz(d<<X&)?>^QIMse
znKwG#hU?1f#6NJhW-fVD9_=aE3u?23*6-6cp+z*X$JJFdi*tW3^h|6;6oi1i?zl#Y
zEl174QGY*5`4+srQ4iSe@}Cc1nf}wHH{!t2l|_=<_ka2dQHdbNb|v;5!)`h14Dj>0
zN%Yvqe+Jor<_i?WnUz<qwj3P*5!FbKIpNtBmf^$w%j(!?g_8R^oTRsbziU@-T)|wj
G4*Cy#+$kOa

diff --git a/nifi-docs/src/main/asciidoc/user-guide.adoc b/nifi-docs/src/main/asciidoc/user-guide.adoc
index 2fe43742aae0..085785eee8b6 100644
--- a/nifi-docs/src/main/asciidoc/user-guide.adoc
+++ b/nifi-docs/src/main/asciidoc/user-guide.adoc
@@ -367,9 +367,9 @@ image:iconRemoteProcessGroup.png["Remote Process Group", width=32]
 *Remote Process Group*: Remote Process Groups appear and behave similar to Process Groups. However, the Remote Process Group (RPG)
 references a remote instance of NiFi. When an RPG is dragged onto the canvas, rather than being prompted for a name, the DFM
 is prompted for the URL of the remote NiFi instance. If the remote NiFi is a clustered instance, the URL that should be used
-is the URL of the remote instance's NiFi Cluster Manager (NCM). When data is transferred to a clustered instance of NiFi
-via an RPG, the RPG will first connect to the remote instance's NCM to determine which nodes are in the cluster and
-how busy each node is. This information is then used to load balance the data that is pushed to each node. The remote NCM is
+is the URL of any NiFi instance in that cluster. When data is transferred to a clustered instance of NiFi
+via an RPG, the RPG will first connect to the remote instance whose URL is configured to determine which nodes are in the cluster and
+how busy each node is. This information is then used to load balance the data that is pushed to each node. The remote instances are
 then interrogated periodically to determine information about any nodes that are dropped from or added to the cluster and to
 recalculate the load balancing based on each node's load. For more information, see the section on <<site-to-site,Site-to-Site>>.
 
@@ -995,7 +995,13 @@ link:administration-guide.html[System Administrator’s Guide].
 
 image:configure-remote-process-group.png["Configure Remote Process Group"]
 
-By default, it is set to _RAW_ which uses raw socket communication using a dedicated port. _HTTP_ transport protocol is especially useful if the remote NiFi instance is in a restricted network that only allow access through HTTP(S) protocol or only accessible from a specific HTTP Proxy server. For accessing through a HTTP Proxy Server, BASIC and DIGEST authentication are supported.
+By default, it is set to _RAW_ which uses raw socket communication using a dedicated port. _HTTP_ transport protocol is especially useful if the remote
+NiFi instance is in a restricted network that only allow access through HTTP(S) protocol or only accessible from a specific HTTP Proxy server.
+For accessing through a HTTP Proxy Server, BASIC and DIGEST authentication are supported.
+
+*Local Network Interface*: In some cases, it may be desirable to prefer one network interface over another. For example, if a wired interface and a wireless
+interface both exist, the wired interface may be preferred. This can be configured by specifying the name of the network interface to use in this box. If the
+value entered is not valid, the Remote Process Group will not be valid and will not communicate with other NiFi instances until this is resolved.
 
 ==== Configure Site-to-Site server NiFi instance