From edb50f4d4b7efcd569f3b1768e77b9a3731c5f5e Mon Sep 17 00:00:00 2001 From: Roland Gruber Date: Sun, 11 Aug 2019 09:39:47 +0200 Subject: [PATCH] login attribute for 2-factor --- lam/HISTORY | 1 + .../manual-sources/chapter-configuration.xml | 5 ++ .../manual-sources/chapter-selfService.xml | 5 ++ lam/docs/manual-sources/images/conf7.png | Bin 33744 -> 74071 bytes lam/help/help.inc | 2 + lam/lib/2factor.inc | 38 +++++++++-- lam/lib/account.inc | 2 +- lam/lib/config.inc | 60 +++++++++++++++--- lam/lib/selfService.inc | 2 + lam/templates/config/confmain.php | 9 ++- lam/templates/login.php | 6 -- lam/templates/login2Factor.php | 7 +- lam/tests/lib/LAMConfigTest.php | 13 +++- 13 files changed, 119 insertions(+), 31 deletions(-) diff --git a/lam/HISTORY b/lam/HISTORY index bd9b08dd..b770a043 100644 --- a/lam/HISTORY +++ b/lam/HISTORY @@ -1,5 +1,6 @@ September 2019 6.9 - Group account types can show member+owner count in list view + - 2-factor authentication: user name attribute for privacyIDEA can be specified - LAM Pro: -> New self service settings for login and main page footer diff --git a/lam/docs/manual-sources/chapter-configuration.xml b/lam/docs/manual-sources/chapter-configuration.xml index 974cb3fb..5a7c9c25 100644 --- a/lam/docs/manual-sources/chapter-configuration.xml +++ b/lam/docs/manual-sources/chapter-configuration.xml @@ -636,6 +636,11 @@ Base URL: please enter the URL of your privacyIDEA instance + + + User name attribute: please enter the LDAP attribute name + that contains the user ID (e.g. "uid") + YubiKey: diff --git a/lam/docs/manual-sources/chapter-selfService.xml b/lam/docs/manual-sources/chapter-selfService.xml index 240ba73d..cab1f47a 100644 --- a/lam/docs/manual-sources/chapter-selfService.xml +++ b/lam/docs/manual-sources/chapter-selfService.xml @@ -334,6 +334,11 @@ Base URL: please enter the URL of your privacyIDEA instance + + + User name attribute: please enter the LDAP attribute name + that contains the user ID (e.g. "uid") + YubiKey: diff --git a/lam/docs/manual-sources/images/conf7.png b/lam/docs/manual-sources/images/conf7.png index 718b077369c580aded30afab5d58a63f1fae7d5f..3b5d7891c7e64f200d377d2a756caf5d9c9bb10b 100644 GIT binary patch literal 74071 zcmd?RbySqm+ct`=fFdm*AcJ&wgXn-fQ>zoH%%wis%+56siUiWny@KO5xQ&d7!6cm)FVjrM#C@2qPP*CnEJiZHl zgMKEV1b#fR{-A1yg7U2O_TQaox@SZvD6de&pu!5yNn5i{&N%RkM|)0&l?G*9Kf~X? zef$mbX-)C@x=0}V@1W1R4b6%>VP?O5x4j|M5XJA5uZATaKhH}e%6N14{@ce-?hiYa zbx}@ovcZIW>ljVwzu=7Ru6C6T^v1KT*0Z_oe%(!BGkOsY69x;pz5cwNn0of_B?<}& zt3L8SuL~be3jTZfIbXOEk{d-wW`2WpY6HI$g?CczFl8-%*p)$xZv+b3+ z^5sPjBhLdVS=oI7nckie*vUok1sU;jcYEWp8V0do&4sr+4vR+4(dp@vj8F~MzY=Q7 zNUtru+8nonmJ{sl_qrGjXbr9(NKxA9F2I?t>wX|3Gthm#y9bgl54@Bv&+J4+EBg#b z)(>z|&)=cbQ&CxMRdbQ(euWo=-q(oK84Z_s`1i5S_KM1tH`kBsSlP+~)@p28*sN~C zBONS)IXc3xMfcz;Ymj@IYCN#%CfBE|$gN7*$_ngSaX5RyOlkww6@hDl0 z0oP5b{?S@?)@<(0g>lz#syLj0HFLL+SjhIJa-|Kj0(NvToj-2QIDKrl=v$;+^?8xI zW5V0}l8v=AAjb+p;`i)QExu znqlJw2(7$uO!9}8h+2&Vb{(rcyVc5)l2viI#`)q*EM-`o(Tfv_oXhJ-Y^V0~#+^;N z{H2ZV%6~ihbJuk3se3?xve4OH|Ke$Mrb<>yU*)c}7xK{CyE#lKA;txXk+|%dM#e&G z`xNtu_ueEvLM+;8Cpbo~&)>fTtDm&DCm{A>@GFfCeKz&M^6fj1B`@kH(W_55UIX@7! zNPi|UGDhV2eVr5Kpv(;QDp9fA>tdZN%h^kT!xPfsr;{~ot}O$6;vCU2j%J%H2JPNG z>s-3qLU_G5JMWE}zt0?A^Vu0CZEbqOO2rHRIlU$dcOh`8 zI+_^LTqluCsl_iR+oRWhEuS!cb>%%UcR8M1b;Y1jeoD_(uUuuqY{@~ z6y5%ynJ#cFzT_$}ZxXG_;#_Am=lAf*_O$Bnr@WZqqKjI_AMESN#tTWTW~#|B4fOTl z80%2z6;jCM(~WN+BP|65L;ZRrbZO-$EhptH8+z_wJW_j^Pd;x?xUsZU`O)9w{NtJ@ zFb(tI%U3_eZ~NGuYXLwlCHP2S4TRwTGxbC2}B#SXmV?a{b<)A<8u(WY5t)S46N) z`9*B6F1I4joW-U&6Qv5xC86{^2V)A5Jp4gUE@fp)=j&@vRRS-i(Wo|E*;)=8LG;yK zujpOL+-BreH!bWxCN)l;KQ<;IE;$hFt}1?fb#-;JrDY*=yxZfO>LeM*9pcX&x{0{y z629m5bnQmJrvu45#`0o^|7oF8-K_GWi_7`2=$p@}4TFuEDk=(jjYUPLU*D@UCibnk zPe7NJmrW3rOy1Owz01?aiD-FCw#Yhu;-I#9_>kGGTq~dVN7=%(C%ZAX)w=Y zVrW@8QBMo+Stv*_!?NZhss@bp64B-LS7f zhqSbGUuS1TB^7M%SNT4OqIHhM)YQ~76`M^|sh)JW;%2i#N5<-v=Cs?5hdaN5gMTe7 zM9kJ2@|*ytzJ{+=Zo%Zyq9CtYQ=nR$yB7ML(0Cw8Y=KbDN(< ze%H}={_dbUZbL0=w_@Dr*I7xD(~t!1Zuu6k#pak*;!*QWbRORGk4$uQe*XPQQ}8Sa zK8Wjiv{QGZhedB3St2K6%)=$*k=xGNki6XaV44THQ$b86BJSXKDd|{jh<@{7##rIG z5^q%m*Mq19$@0XiErQdTC^-jSd;hb=u=^ca-A^aFaIgK14%N!+gwc2m=T78cZ z%J$+l%hJ9!1AkXrTJ-3=JL!h@--1bG;T)Bu9DhuJ9?UHnw9dbYD;S};~75$l+*)Q?R8RD$~fGVTl5 zsb{VKc{$Q1sEI{>z-7w!ZwV+U&T-6*zwSMJ+mR zr35#)`GU5ylRznzU|caZ75V@L<;R${h7b0%1*f`_l9H|M!DmkfGuF%v-}p;#KjUU| z8$B17gWoga?;D`tP=HcK(%_)x!yV7XEiF0@n8|LB#9Fn=a+T9!s=P7-{7ue?t*xz6 zp+ucBP(6+};c*VMfbCli$bC%2F=@U#!VnO*TqG(g zYD0a!DId_Y&%CdNgkTC?-O>5}AF@Zz&(8Rrk@audv6PfsH-cYcy3{^tB&p9<`wl<* z$akv%IUaaH90CGt0s@EQaT5+^s~1S*m?IP{XYW+EM1^F@K0m~A(}2KrlA%FTyH(X3 zJpc-YVD<#g?YMuA!8opXh&-UJIkSc|;@_52ANgMT^)cY}!1GPCd)1PXk}BQXeufDq z$?0i+J%m6Y{?ue-X_fbA3d}#r1rT@G5Qb3F)0_Wk`m)#_B2SHDAX5a*m0+Z$1!f%E zr7xGOz{0{}T5%!F1QtYMkp97tD1%O)DT@xcj-eQkzMvno#AQk`~>Si+(G$+Ngk-bOd}{o5Sh~$PjxD1 zC&QloTwAp3Nji1l-GJ8<(7BKFS_3hp(%;*%X=>RyPAwIGMaeo)UEbQK3 zmv2p!U2Q!Fc9yMRd{i794HB`Oh+dCWf2eHmjGaC*^j=q&33N15tYs+U;WMHsKYz>F z?w35Sc|}FzJIOsuwl#W-oQW0_Y(<;)zRAF)z$iw7(^H(ys8Qc!<)JN zY;$f6=FZ5BFpJ4rCK?(=oVLBa!P`fYj*WYkryFaE5x;~NB?){AYSU$Y(VxV_2E@=4 z%QO(jqSqBcfveb?=7YxF>-r>Ec6&6mmXzj{e&^3b>xCm#fU6k_~H_YmnX zJXh~Wl)IEfjm7kRl6D2ppEWexZpI?ndEdA5`$R#!SbpIg&DB34RNK?U`)|PO%)TTs z88S4wpA%x9UpQliQwOpMsTNy#1vfPNpo!r#zD^c!Gg;}l0Y%#uqR8#&%OdiG)K0Q3 zz}V|(Kk4P{A7PmX56)vZ#tqA)JPymgeWM%Rne$+I;L|SWu+opT8Cju5?z9CdGilWm zl6qy0zI&9F?!)^w?c->^veiVf4kjk%Vn>*e=j9ox*X0m6Vp{g-*jT5PUV;$O!+Af_ z_SV)UK@VOgrh##MIw=&COX5lAVWLTSF-z5lKB8@vW>CQ$NY7(bX@xExrVvS-E>rBl zKJO5!iohoaKji~-Yo${>zL;%U*~zQm!sEjiZ{xv7WN>>rn^C{VH9`bB3eG6h@8ICT z$z0ubWi-YK;S%kij`0#vB_x{mUFHTBn|@j_1#?=4Wj9dA_Bg#K5wzaBk13VF?d|WW zRwa+Kd(q%Ndyx!1YR()ky7wx5Hrx*ztI*la44*OXd^7x5+v|9z#x9na?j_#|@@Jpy z@85S08&hnS24&u36sa@cWE2;FPp*4L!ed(-VZ8av|Mq$u)ON6*o$9zbR^YTdS7tQ8 zNKa3%NJdVsw>43c%?I1gCT5vq=P8>rdz0;^X6o)AE&z zM4?drtD_O`R}-6vdKWebM7Qbl9mVRs;^Ja_E$1)(;6s#sMgpjLc@tL81wAf+8=h-$ zJLLBQ&LfWl_~Woz`g=}{QqeJV%5*i3AuoLIhi1L8;v7^jRIv8d?PiOZYP5;uYo!?3GJy}Ze=St`9WZT!KiCbSATDm(=p8n_0XJsvtO%>MTkX0h~$ECYF zq5P82qI!PEOCet|3hWfGc70YRq|V|A@uP=FyF>LZi-nrgDLi&N6D5e$3k1d^Dw%7W z?WqtF0bX{K;bQabM;OVFbT6so!2)$Y$i_&vx^UV)tn4~ry}{x=J7!<8C_i*pS)Ab=b-s} zQBke7U3G61^CJUVv`LHolftMH}PZVu!-oh6^55); zuZa8dGbs0?o$lmx-+KHv+x|hbIyZbIW&5$IFt^Pd6G;27w+uyUoWc44)QxS~2bvLec|AFao+ zud~t%7PUN%;W{n8F3!$J8}Q9OF2w6}xyWGza5O*)-TJH@cf7jv0HRT#UKJG;rR{YE z*K)o*+XwOnhf@Z2iRuF(yS?V4m9_SdkE6Tv@7%c~$8>&vej*QUA$MT6U;BuG5e5v$ z>-u~ZYJaw;llvBUq07rl5cTY~r#K)BF4w0BFQXSfC1M#B>rB^=-9+`)vj~z(Ku$pO zdfm5k`QZ8rIo$(tfN*BVt%(j2H^~B}GWvYDDR6KK6^_9azxq2jg6TU-(mR)8zo&ic zqtj(OprQF{xe}fhhb~gzbVwN8S)xy!o;j^+UK(fpRczdD@&T&{rV({vd(=y|bD-SP zdOMzcA$4`?!e3aZ-s58(jI-BoZSg}64ld|MQrK;lkfgopb(Zg^D;d1hsv>DgCa547 z7)}jyKSl`d-rE$T;7$Hr;;mLdOHV&l=2p|-9XT{+6B^cdx<%6$R=uE-c7Q(wI~tbA zmPysBFjd^0YsiY=FdKV5)WZbZQrQOn6?wV~b3HZ{78bU(WyR!?e)K_H9Fm@$;@Yh> zT<>DnvAl1|FJP!|m@T0|yn!K@5QPenr6B839dL7SR4BjlXNhlgqReh&pW%2G* zaiOjJ-X%)kGI4(xS5}xMI_`n+pLZTU7lOf6z6`8G$L1{84-E+7u+UUpd{=Wjd-aJ_ zNTnP?cJ*$n7!r!%$ityW(%g7EVS=JJZeLO}Wp)e6$i8%hbzGI241{MG0S_|K;O2u? z%w;v_?;lEhGplu=zI9$l$4;4kHPk`c&oN36dicV_-94w*zpARri6R>qTZLl2(rSNl zWXczq^S-XRxj6`L(^XbXip+!|Y=*rr*o_B48hN@kX}2}OVzMsyewf>9*=#C|fX#QY zy0f#hxw&~HTV~`Qf4K~FyhxiW{rmUtNP+#~ED7L>mr2CM#A@8nZEO5MVNp0_T0zX` z_=4Yga4_xNBlI;yy2!cw%?=IBzd}Vd6jMrxH6hMhmlEb*6W;SWQ&#QSdeHsQ5}%8J z-;Kd<$?6KS^W*Iqf+X=Ex-YPJl*;#l`&B|{cy2Rc=O}d2F+YE$!l{G9_Re~K53Ll> zmVr9uqDg7!JHMk!mFwHPk7_?Q43J`5+%4rx!9&%V~E zHcr;_!5lauPd5-U*C=xYHBe!np@c-;F+x>>*OBD>q)uD0$6@SogO(Mdzpsx1QlPY{ zGM^%ktL45g0#U0l#f|1F7BcEj0$C;#QxPV)sAQ_3X7_p4yOVhjlVHv45yjyk7|bhG z&_i5Y{Mk$HR|ZH$PvcboOx!!ul@@LT30WWRA<^*YKU7ZxxvzVLy+%Q4A}8bKt_D_o z@6j{!+1iR!Z8##GHV}P4UYKP)Xy>Ab2~we9EUW$aB$@?1HiBk{@4biN+A>!e({GGt{Z3j)nEOjJ^8%gRfo!xJ%0SNW_v%fUz&lG9O<_VTRZms@#^OK zsy5bSo$2etlbJfEm812t-Tt$wIknL_ZDKl*K60Aw76suIX_ucBiLBhadwG2|hK8|R zYudIxlD$p0ArXd97Ic990=|XIc<>b^r6GvUk1$Bg$9_#l$_SbWxvmY8L8gjzzLqnS zU?y|h7|Hnp#E~`{I$CZrB6M?kIGQV;Av)_a3gO{#0hNl5j!t-Z_{q-{x1E}=k1#A} zs#$n=Cj0sdP-|+JfVP6zL77hW&Ua=!!28wKbk#shOUC;!lB{RPTazO#EqaJX51^t( zs==Td#x<7!&&>Su9Q&(3DVnV7H=XRM)c645@ z0&OZ0*EfGkY3H9?5WB3YOT(SuE~e0DkN4zrqkvr9z1oE&;O9q?Rf6&7hMQwyAOldK zHE8ku4RSEU?G2vLo=5z)jmVukY$|CSJUkK*0QVQ#pzQ8vdq~qSi`?tS$95~d^DdqT zOI@KOcNA!GF|RH*i$p|3K!`}>v~XQbcFKJBuq8PfGsW}51fo{_>5Bpb4UNf4Z#;Cg zNL#2Ql-FtJB?*b=ayM?uD)9HOV-X0nzyc*RC8aTtXlc9ew*lJ*87VlFl}0uHkdVIq z{+;QnqVmpEa-X+DAXaT{ZBmX{LXi>?$s0Ft}po%%@I15@|bwVA4EY=ych=T#H7FlW4f`clC3kAS-K zd6tp3=enwqni4gRe70m9ufbaphZnvCoaF<>X&yUVQ?>N$>_;J7bH%$So8v_aq1(a0 z*yuHD*@4-4UR`{B_|%pk1j#`V3*4_j&f<0DkXy#6S-Z5mD+ASQ59R^yfy^;;`GR78 ze%=7Tfe0Y*Ao#9(l1wo<<-N^UDrh`gK%=6Qz{0}HG`SqM!ZvtH!q3gh%1TQMS~mUC z?EsVtZprV;bZe_gHp~fHQ^HJA6~xOy79!ohw2gx*G|^Y zx-dDFG(RJGahvy{T>r$QR~f8xvWgam{}BFaGV-$zq#LLq)Y0AhiyhcQK}?M*rq9|E zts2kUiLAbT`v#)Rj~_ok@&)!`Ki}*FEw@<|&3)Ek6NJx{!s}q#;`{V38n~Myo1s*o zw!E^Ul$Rmsv2!^p=RHORy26^=Q#}vXnG41O!<@zS{gli@DC|D^Dqcg=m<14P^tW1V}(;6c<0dJ1oe&S5C_$=mz0}+a(jWV zEZDmQAgRx_bX;8HBO`~P-As31NRpWp0AgBATlf3Ld4^0BqUA((`on1PYS$&~c z&SXuAW|JTLOBBovBFavp%Z>kw3(#p^SH`NX)#yXUGSM-{Gc()?Bb4`e`?nSEpt?Kf z)u3W?wl@!|h`a_Bu=$YtN*+Ma2BxzLjz4JRV`3ueYB%2;uJWS*=KP)AV^+m4tGBADG1ewAS>w_!oy-e&dSArs!=U>)*4QBfz;JHT{8(G)1>|bSOt{AkWWz ze0*qd4z4}a6>2**SnBJW{ zL;9EXP#C=0R<=4)R%+kYMo~eG28svGOr^R94=yUK@ZY``bT+Gh1R+v`o5P|Y3c4Mw$<~2_3T0F(H#b*U z_zSf4P&||&ciWnT@b*>(*^Yj4K1UMOii|(6GfIs2BaWkEqw+_uy!MJ(x;!@tkxhbf zApU(0{O02$Mg-|HS;q`(}?^?o?@iUz_azK ziUPf4koH!Z&w{j^Hc;2ud2LPho*%}hnGmgjW24dOK@}o7G9h6uOCr%~rBS<*JXh_g zQBfk+g5ML;|B2ds@YUWV%hwJ;WO;+MhDP(41rnR__44v^kG{r-51(#4XSL(lOF6Z%MAtO(Q zMM2OjrNEsf=s^R)z_X)QDsbE!KMn9|yiW4-`)U3)%hFKfO6fcg804QJia`BJ zmfE)`a<#1cF$dzlrN!SAJE0*FM*hK+m4oz$3e(M(y)cZTv#IK`^im>dgo&R8tm^Y3tm_U>d6C? z+x`5219EV@pO*=$`m0w00`gOho&r~!HFPR5#B8q5G5e4!9on2%@NkeJOG|_Ao<2D2 zbjK_-q!($p4CIxyO(DSraG&W~i<|Sq*Z_c{ID@Qwc1GdG{fhJy_hxpRk0^jGsfLZz z{irVh+v~ZkSOCa2a?ZZ>Lb>IE0W}@_LsVS?W#rpm z=UJ_EHH^++_tCV*%G!EU2d2M)JmC!I!U-BLTlT}&-!}FnvM)A_Bac1aX2=qu`-HoN(yP^9cSI*Zqg;7CxrkEy--VZA5WIR$W zP@?&r!fVjX)`E0(HMQq$sXgZ7x-MP)lNOm}yM@plxG6WZZ1FvgEt)8wU!5&8WO|DJ ztIBeF27s8PF*l{2Ero0MIbBZWD_fJTMTW513bW}lBPNfF z^XAr8Gd?Hc2+#Yu8Z}o+^M6$)+_03@D>H|2M!^7|`t4Qqn}Qcx+-3joqhc!DG&K>TxvvuC@n4X@U>rvKnVzVPKjW%9wG~%Bi~DObNL?T zImmL3o6_CLjX7?RnC+n(G!J;X}DyT+HZh(7ZCaj z5(@v`r{!@m(bpo3&rWbq4v*#IK+~<|$bQAd((_8lRyaADscgcO_tUMLZQWoR z=FZb*!v#sNVUu;(I;-|jC)}x=+_}J~Bqv8U{l@O<;zA7(884juabRdrWqB1>KEJui zU{P)gSC|?Eu;8@4;B_fb1cLsVcr6)+5-Xvh0s%}4iY%oxrmn9V9Ke0@+m@owoU<#c z70$eGsW5}0KY1x}N9&hgAg(_PPGmGyR`9;{;*8?2xep?SB_j8He2f^gru%==2BaAZ zk0qeL0O9TpE=@FQ*`%C;g1Pp3U%xRu1QH_3u-%C4&)3pQnXY_~kMm+%rWr6vJlLFk zqcZUD@DxWSgue{gD2tcvcClp2>CK9Wv}t=DzXJ`9Q^`C5{+X<&$N@Y;sdcP?!+m82 zEF*3^BX^G**G$CpbfmwyxFoJ(jAv;s6kb?67LDv|(9@Yj70s{##R@3y7^$gWu;{i% zP)L}v>)xhvWb#ZwGV(MANlH@UJbH@(dR-$S1}{Xd^jQxB@IMqh_n3Jg#E=~o`BwDh zdrMT=tWW(}v;qqJx90!;U4yIO`g**HNfoJAy=v~e@uF<(@PV6{pvazOP-i$_RjguR zMRNPb#zx`-jE^t`sfP1z|uh4pamX8O#T&}i?ivEop=#6yE<3A1PGc3E|wjBs= zFjcM6kFwWmb1JKTH1AF!0C_jYyEhcK~Ez;G#JJ|)2UBJAd%i#OmD_6 zTlrGI!9&t(I_;Y3QC6E=5l#CQkxzA#vT1%4KPG@ zcub2vQAKu5RhXSmd)xers(5tqHa8g4#_MJ!sY0!mng z8c^FjPYOP@2oS4?aimT=h8ulb0;mq5Vuhr;1`z|H!E%Mv&$%1G7c_mdgDrcaC^ zrZe0MdCUv(p3w3wzYw!A%bxD;ib->z8`pehVjvenc%J6_5mhE8M)-%Oo@G>5w|=6Y z0l^GO>Pb#aOPynF>bjhV2V)EWaEO+vys4DQ<$zeKL?{a9$ zM-8++Ax6CuH~xjN{x5!9_0ErywU8B8&Sa@9AgBUt@!m?;6n78OcJ&tA_%+wc7hYdW z(IwLYSX2p8i~@TlE7O3aZVRBCbkHYd5==ZJM$j!WyN zcAa}9FKZ3eDdRqfJ~|&QN`)FNYFTwTK$|B)vKmmgjK_ybqfjqTCT&U zljq@fw^gI2>c&Uig$mbW_q;(v_<|E9mX{Zzw>RlY_>>MllP%(LN|5rZ0ReWt@!b*i20Ta(2X)L(x^lvT#lK_y1VmZK7GO5q;&vl z)p0FQa*n<Jk1@R>d*XwF# z<0b!V_D~QQfGeqY>6sfb>NhZ24M<;GU7ano=rQU*Hyuh3Xiy6yA&#ZLI9k<)FlkE< zt)ml$++sSQzp{MRbd#N04=>Sc4NZPjq$Pzb!U81GMM6x)FEleyM7!=p@w1*qD@$%? z_SDR=vVVL$Uo6sBuLHeu@@(B|V6NW5Y9J*!Z_FGQ2q%JIxAA1#DIeg6O0>Acss<8C zTp$|}k>z(^Di_TlIj}Dp*CIC3PW*Ge-x4j}26~)aR)(%FE&wlG)Rw2>HbgF;sOurr zD)QU~nlCTiA$iKXMHNo~@Si6@dFvkE;}E1|d+X93GYa_Tq!kUOH$LCW*MGrDAwT1l zB3If)$?OGp9*mC7^Ts?Usu*Mdl2w2WG^$WoxF2*;4f~cSrNK=rir&Y?#!^x2Ef;o? zK7al_IXO8d29MBn^>-v_lKFi5_E8ZL4QRz5AI0}MX^mt=twyPn@yL6gdAqv(djA8T zX4wfP@_1el1};n1;EGz{cbhmYvtU3D^f4=qQ(na zOn|9_hJs|qP%trH<$>a9dl;z@XljB(8_IZZRx$M(0Gltli+_59j&BZ~KK%nz3kGin z^cFO4&@sG4UB1gP(k|bX@P>B>-5p>_m+Q~L2~PCR6q0>jpwwvKPw^{7u^n#Q`xQboK{eV}#Xpb+=F}0F?_$j6tZ`2z_JK zDD^Hf3ETfee*kSwj@(hFstMp}jV+p2Nd51sp1Vbg z(a}t+nOWCRFq;b%kM2FB!`3|Ji+F?xfrMzJaYZ2ifch`*u4Xs4y#gY&3uv6;fg9KL z;9o-1?JBCde95wcdD%I~Pb>cc9xz*V%DwcYMFnw!aO27;aY;^J1ERCZi;7A|WAofy z@|>ks=8ESG|5ezcWHY0?R0oLHge+2jFf-Fi<%o~RqBAP7fxccf7mruW`gFHk_nnt| z4(aaCoQjX(|7!OiZxF$~{E+VMZuG~Ge{EZXm25y#s>F!URg?Ke$TId&)SW+v;CFuP zUBN4@c|ecpQiFD#QXgBV(!w-NhyVA(W8vu{Dx!vShl?G~E-sVGL;$$_Y-^LW+$f{d z^`899_?w|H9CPU2@4q6~m^>c!zW6;~K@4>9jb_JpMY4gSZE6zAe+WxR$-b$uLZB{j zocyi%pE9Eluo@C5D@=dk*N^K03h-wNN}vo~GQD|li=ss9nep9<@Ah);{O{xVpHHcT z!*BBll#e05l&0s&ZN!wVHjaJ%1Nkg%Zx8)4`ReJx*QKxVf6&ql=#)ha4K~gGGRkTt zikL1LP9joMy*i$SnDNEeBo1omGAIWNU9+uL@mSB!Ie$RP2OEA#Vn zr3R5*Ou?4Zl|F|IvCZlQJ_J?EmX@?m(LC$l7=$9_%{mbXUDnt&2a@Bj2I6oJE!Dmf zj4g6FsOWM&sHntEnnNJrOBKXDE#GdzIDdcVlz~1tDX;s+SwJ)mw49;Ew^S6f?OpA@%?(g^xzSP_I4y z23)z?jKuYpE{KA07s#{;k>KGzty?nFnA~8!UmF)UAtEv6bu-&hL8Jobel`xs-=m}I zhxoUNlgjntPaiZxr8MC=-3pvF{VFE4gJZm!RI3q2R2d;H99wJ|TVMMM4dzE26d_!< z+Wi?u^}mOddUpPr5N7z>w8v;@E;kM1db+v;$r8YbNbY9IO#*VufKc+u(V#L&`18j6 zH42o*(YnXjm8MGFmxE{A6YXp0nJ%22acrO3sn%$JdY3h}IWKxUo#2oJ7p*!jMQ_-O z(fY}>K+ow51p@Uq5V3L+eADB1q4w3oC0gTG!K>Q^G--2(l0%%FxH_7vtG^XYpHOLh z=?W+F%y$N*MV9X|&y*jcNdL5pKdWYQ#Gp?hHyD~CT`ASml0(_ZfD;0aaC6|rE}W9gQ#RI@v(mwKI_qd-GY zGnTh+G&`C!la;a$jPbL$KP28FxbS;JRH0;jR((VoJ-rStt8B&+0VE@UfxU+xUdb$U zxR^%Y5x?mIBCHCX#0BJ*(FuVh_Qj;6)EIZULR<}Bve+9tUKv{!>|(B5F*@R3Mv$_a~0YPFibJ9+P(lTE`-Dw0rzLiu>c=5~v!4 z-{8=_Gy;V4I6xKprCLTylPd`N&7hH!mX-zrJ8tw$k(-unfi-2`M$qN&U0R@ok<<~< z*=OtqlIa(QDKip%0z*k}-3chD{L`sXUq^hxc6nFgETHbmEsU4?b8UEZrcSX$PLv~c zj~oc#Or5SS>MCyNtCoksuX2kDwJZg%ji@IB=)0Tixgb~E9NV2a>q!Bv)v2;8Qe{iB zbb{T6xuRWc!jP#?)VB=Cp@n0i!Wnu4WJl;#qluk@wRO{tRN_pdhlH=r!eUXccCq1V z;a3@Zv+-=1s*Spr5L-L>E3@uzc^oPcMNG9eigw7T?Gw2B*ZxBrQXe@69F;?+)vmyT z>z8`cR}=I6J%vckJ^Vjz(>0FsJ;9Br6qbX3#V7R?7JIfRkX=j0*| z^FL|p-e7KYJTPthM9R{ccxp`^orEp2@PJjlZRW0QJBw{-T>&=J+;ak~Iu14yILB2T z+pVcpOPEd-NW?~D;chM4y5x?J{zGeY7Ma}8ec!sJ4XH>%@q!f7zW3;}YHRNTh~{bm zEn^$Ea@(IWy~b{?jOiEwFrptnT=h~DD?L`f_{D9a-ssXb52tz;H!X1VDE&dR=MN} zuaNZ++ZH|k%ll;I2Usd#@b-H*zKzY(XC?$S0$1~^8 zRh0bBl`M`k;&8BqrlIGRnAn_`GkHn$&ua<9S52Dp@YI51Wz?+PukiA$cb=yLsa&aY zPiH3}E<$Y&Lf+~P0h?Xh(J=V)nFN66myXwYfIQ&tx+gD{=zenTVQ}duXEHQ$N1j6QebzfZ(p=wtd%L;4vl?6GRiWzjRo?BPJ+aPw?%s(M?DHocyd|#>_l3D#kEmOiJ&-2_ zIrm9k?$DyVf$I}gADZNqYt)4KnvMIvz~YX%Td#tFOZQxlnvzaNoM3Ujy(V9!Av~~G zH|QZM+JJ_56`&4cz3cP-#X(?A?0j1sjNW05r>E}p8g30w^|*+En?{rTp#s#|g)qSs zA@^1xd`7h@E3e)FY#RcC$*g{l(`02Tfai_K%WG(qI!s?P!PHLLM`e7&&WzqRgOTbM&&(Kr-H;H7(x#-Dev;d26sN37qr7cTAKsk0L1f4Fts69bM*+v zS0{73l;Xq!5J0EQicBh|0ACOWa{q^4f0qOS_R5!gk9_~ORhycc=3D$oxviT@y!F0D zfYg``^pPDl$F8rhmt$tiv~!#L61n*7*Z%D62#zyvT&e|5S5yhF9wWSN!0~L)&dz#xcyxr3rlzDY z64yHKLt2T}r=i-<(}tr4!h@jOkZz2tk*6Ybe7H zTy=GBv5cBZMOvD9-fZEq4Fe$c3YKi37nI71vQgupSq=`N3Z;BYp^N`+PYr5WuEA9hJYqoV9Jr;<zMkJr zaFT|ezFPRhN65z$531-^H9c5}ABSYDbug7dTvtF`wWSgKQ)0P&zc2_w|;yf=P(BtgFa~Z zQ%-t+FM!8105(-_YkVhNZ9YhTdHyH(;Iry~XC9H1Bnl-V*%{seEHZ!NzPuts&&wh) z?Dv3X3uY+fc@<1QD^Ny)I{ctQIrWxf-3Oz8l^zvEG@Q25M}$3ey|#FYE0#DGhB*WP zk{*)48M{%fGzidWcgNmW5Vdk=j~eXzJNPX&s0CHsTyK`;!=eSItY(7(0ww_+cgR>$ zOf39BhDNVk=m%L~dbwt0E9i zJkW!og+~4-0kp>9zqkO;hXBLUN=PJO3Y;7Y?EqM!bgJO??k>#h#`Ej%V!#pw1RicB zf1q#G);fUa?6fnJJFgC2Ix^00VpkRkbhAZ1E1G=Owm}xQ6cMy$PRFTy` zkm&r_ynEFjqiru zX7oGEiG6^n&2l*M;FgikD3|ts1z}dR3Elh;z|p{kcy^mi4Ms!-a?mK1sos{NO`kPU zawRi!Q@ih62V^wpEx{xl#Rqh*$I&)G$Ij0mn0Zafy7a*k+k)@`i?Drmwm~*SR8BM@ zDajoc;(j*ohfOItXj%ajAhL7@I9&<9%*kWJGSys#ZvE2FpFaa~y$ntppdTrXCUoiZ zx*TM_OJ-ed8nCKbTNjT8NoSX(mg=-Tgd_mg(BXhk5!{s2ZL1`jP8n+mu%xeJ zIZa1%00ZZp-!lqIN-WHQL%=gLP_0aVznmp;cF@E0=-JD)^>rR_m&@S_kCIBIIRT~x zqVX!;C}scT1fZc{@T8bs_}xWTd)I$VxMt>UVQ1@Oh~9GU#9Lq8VO*B+vUPJ>3WGt5 z2W4Vd+zjgwJdcuMA4$JuoAcJ`)QU z1Dx5b@)a|aluPg3@j`W2*^DWoANj**KpJYl0G$Cauf01o9*pVU8Zuz_i`S*P*S-Rj zzAUxJkN1!|>#JmB!nh)~YlB@fLfXcx@efD<8yWcyS_HeUjq-MNc9x7|PLoRH1mD|Z1&N7?>LO_*{La>3 zY6387cwLW-|DJQ+_sGb_)m3HLO8^q?j29sQtK8;bNh~)L_(*Ul0yYa!FfXuel$DhQ zteOVwsc2lg-kF7i16~pivf^hLJt z+^e!Kl(34JrD)b@JE`|q`v&rUPdcHV?1iIYS4sNND`L7o>TK(E_cBd`vE@0mmVPv9 z@@I_DT{z@6I!P}6t_2xAcZ)vj&&<~+n{M!AY^%`FP*fc0Mz4B+nv~eS)6p?8|J9(^ zQ9j)s@=fW&xpGj85}0eW9W*uE>`Q>6*R4GF6}Tf zvz@d{?fb&Xd6EvleXBNmm?@LQOv}jlGxR%f>xe7~v?r|3*5=Yk2 z-Q7=Toxm7}VSkdUn%V^zae9afCP`u#HKza}oKPL@YSzu+i0C;Hk^1`yV75{+G6*15 zKrXugtZ=jOLMzynBhani3NVn+UL$u?L7=F3q@wshvl(>$M zx!V2;XCdQDHM*3X^vT@ViY0`nVz58>OV24+sR-FtRiU_L6js;{sAw2&MbIZ~)u z2U0=#Z0QI2xp@~?r-&kLm|$^uO3QrpMqa)nn3B-T5pX-X-0vU-LrP;{&TmS5W4mfD zA5EqB({C`UIID-CSK=Ehy4X)r$ZN-*IhF z2c#G`*QYRi2DMQzLqud*P3G)4lr91-2k`)e4WW|>JwO*01fJzj)PR$rtQhbc>sy@2 zJHVNL3f8pkDsl`>Vl_a;Y`D2bf|RgWtpE_3^BFS1q}P2Ws!x3h9IHx?x9~qEx{?r+dmily)Ft$uAkX%^7P2^*g`6(dLNxHf*&ve%47IX5D`~&!ecA>bwxpRPFQ`Zc34U z%O_p7jgE-{lOl&F(^eQssFqG#o|n!LFfLAY4-PsYP6Gm`&xgPuL%t)s^WGnD@LBVRSRLpn+|q|(%pt_YUx`)`)p6Ep6$7hF;KK}_qo3f3T)*#e|rsE9}i0o%{|dUx;{ zzsnEX@U?M7Y`{1TUXTb*8=%d`YPpI0=`z7Cz2-4y7f3fx!P*r{J+UQn6 z38hQAySqUI1f;t`knZjjq(Mp=lxBk=obU5K&-+ZG#-_biAx8lap*<_?cmSd_>fA6=Z+cM7%gcKTCIa+bR1E$1 zjthQg&qxGoii<7Bid8^)B`86IE9n6E0J`c8YZ64mpRa0RK5WL|eC=WAY;0^~LhiQe z>SN)UROPVSOKaTS#w}LZf|%Rp7(k{3Pu~OWuJ7^iEAXr!@6H=JENj=m=M3r~th}-E zZvRehgEiVmT+dUx#ii4T%nZm4RJhA+D3_$u(w_F&e)^6-(U5C7r+RIt$DleYY9nO0IszQ%!&w7CiMyNjUG? zF!1p`dRgjir>Y9->^29OW-9U)hSKBQ>tmHAb58|w{hM1nhvtJ$P~qd>O_M?_?8!b0qISZgdaoQpT`2qj0Uxgxl77dtA+cTweO$)DX*YnX%H z?g(mKA&i^YLboU=?`Lxe_qX8Shp+`0i0eTuTw1sxaC~xng#dxTl3(PW)7#1L?G@Nv zXL?E%te%z9>eQzrix-?va2QeHlmu&EE0*k~cor(D{gNxxI+mV5y2eJsJ!1i~-tJ%K5?)y9ljGe`9KXK~S2nTYY7Y zP2tJ?muBWTe#yKe`7${;Fo5O(IHDnXf;=QHz8)yOs%p}7LG7OtjyTFojrj1lDm*~3 z@f|DIQ@1&tuqf@>8&q8QSBOU?ClUAv!a~APP!7Q=y!8c6zF>}U^EiH&K|auXisdGw zEJR(Lt{5x#`I`j2JBsAn`ptv*^tqmlb2A^FdoA{miQCTfsjGi?$iWg=6&&l|fEzB3 zr@tJ$(nE->+~DACaZxpuJkI!YZ)(9ZRY`2IwT!kH3qq_<4W{`7%ZHAyhCkdhRyDTr zOTy*}~tf`+qyPvHaV`BJktC{ocf1Q-$7hX_k_axgfIVI{Fn+ zRTb&j1ukibSnAa)*WEGm$)Qpj*{2@N&+geQ@z=aQ1AK^~X8+vQ1tU}GWb2Z+zP_*b z;OSy)0mU15X^?o-$y{g7y`jU{R{DdMMx%MX(f&oWe2O=4H2LYLpy$5!A7fDQ2}DXr z4)A;IR|5_(s;ZQjR_Q7@!i#7{ZN~7o>INSh=8gKq*mJ~iC;j;kweWO}-3+hecUd$W z@@M~+Q;Wa;XGRC#^{L=K7KJxKAnNChXG1p0g7v(iM3cT7uziStl+}{&WWKIDOc2!KWaA8%~{gNa;YJm86J*} z{4lQ08d*ixx-5aXH0>>E`9EZi)SJubxV3&G((7WVwWg*$csV&uVaF*!b&pCc%x&kJ zqr!zr_pT9p&$dO5ySFETl@R7rZx5~!VKvnOckwq@aiEm$Jgtb1uN!0$AmaQ^ilWKM znn+I$qn{`dqUZ2xdLq2*u#=9#Y-pAURf?=Bwp;Q|DL~0xx553a6P;Pf9uj%q(xOr- z4@+*7y0INddAK=8G<7%6ucHcF)>!m_K~1e~z}fD*ik3sm98oRcAn@k`e_q6Me|@Cl zcPx=mW;n0?^_$z^mF{ljJJ0>y((=ttf|=^IeZ4*3#^X|+o6FO0r_-&A4Z`3GEwM5a zbBD9_mpq=Z(8;}RlG>gKRW(Ud853C3r&Da~;dwB z4(~AWUb^1H0g~6yk3ih7m?rGB+iZsRN~*T!>~1Fx=w9h^ZOR+GdzO(angv}>())vK z1BMecB#%35=mb6N@r!3+0fYJZn)P!BfBqJf-qU$CwuYfQJ-jP3C+d&AJo_!NJEb{JwVCQNP! z`I5H!Fs#iS%ey9zfC)d<9-~1PZ-+O+MOD3Jq^OioN1mA>y^eI*tH60tw9>EHnwS24 zVL$AC^h&kul>464>Xd3a2=cX5(DME!6$X%tnli47=v-T6v3#c~Q&H<>2wXqkuO9UB zT3{kckGX5IgLEf6o)sm@7@tx;Sg}tW)ex|Fbj^muiom^=y%amF= zD>13?Uc?E}$0;04&8oD{n`VnUK&K`Yc zSSEKC^J7xe@ughJJo(2FlJR|y?K!{ZI7egBKD(dB+x6~tcquPk2W%J^WP=jE=mk6_ zKELtL8zv}gSPBzquOK7fpZ~V;gmQCarH}CjV79&420qjALa{q5`9vu=)%vDrLwz}c z^XQqC6V4mjiX7@7ev4r8Z_VoKpJpi)Gi_-N)N1KV#iKVelN)7*8^(X3fnximw+d(B z5~Dw7Lkz$?91=HWOP#Bb;h~}FO&l8;8pWCI>n;5!Y4oD>;=%!Tv@ww7BSN~@=%!~e zkp4=N>ODG2X5-508%b_}K9$7u)RmRXpw{-g-6@8*`Syb<-d4}DQc@$f+`ZRa?am)3`T8fSy7f9)m9l=siO8o1`c~VB#P8m z@ko*t(gW|)uez~d${b{Qy4@*ea{g%$rY*SCKgBhlY4GJo8?Z(L&Kv&QqgOpJ1^?5O zIKT4dHyvrV0p}-=V0Zp!hqy%ZK6g=P^LLcmbQBc3pP$^01>(cItzXV5bp4bwi%Tj` zPRvUKi$Kkd(Jiq$L0HsaqIOKX#qDWS9kM+e3DdGqtXj}Juj_nE`O#lHrlDvQorQcl z_d23Kx$GCW2egS!KYN~qh89#-p2m`l+7t0fXw-(0`I)u-zBqoPVm^uR@0BKOP% z8(~UzwxD3QY}-<(aA3wWZ*t)A@Wj$|p*())S{6vwU6hBIZ!OtD;G{wh>y$H45Ud;g z=HAQz5?+u%+M^2mH3T$xVd%azd=<>R@U@tSnI=V9mwnwTKDd(a-4yw_%x}*56Qi?dtuVe5!_Aw7XPb4*mW`>=`@zAKJl$^`~Oo6 z20pG_Pmp2G;hdG4i&?~_Bf18EQzt^T%JJofHpNbld8D-D_V($O{%FL1MuPBD7r)Mz zisQ6#uV(xplSx38%XNoKARxlbWu)xp-ki!$7a#BFUIiPFHO4X1%=-e5eK^hUB|7jA zyTv2OMXNT^Ud7=Ox*B{<9YmXTQS3k*!Ih$tro@gutf>3z;`J?e{U0QeFj>RFXXOC@ zAUI$zBZjAOt>&Atx+_qseo0Y$ofCB$V0p~)BcJH4rmdMK)kY>irc?PwrprKsw^w?F zpG2bK65YSgeIi#=Dl#)V*zi7)rg5Tc8?%a;<8Qu=w?xe(ivk`ZR9##1!NnMt&{1;I z)$@a8f?BO70ZpE@5s#$*6)GvCzmq&rnf_ouKPT}1k=Of3xqkBzDwgQ(U?sB#sbKOC z?JpmvagAgpd#6P)rO#8m*ccy9!79~>Rv=-&S3H5c2)s-)o3D=w zC_ng)e6i0UJMoPw^dS*v7hi`TfTq3tk?mBv9;fq`}Wa}^l zjnQru1{^J1dm-b`rP}i~FOgz`*Zrk{|cFE|)GDj$bQ_ zvAGoY3OCECRH%-t{c`j3Xt+!6|GyFLJrIKs1{Nm5=gUyl6dB2Qa}i#NsG4;wY2Z)> z`Eh@r5Pg2B0yVRd4bF|XX<&}LVWd)&?1(@J0<&NUJqwSfZ0xu^C%VU1@Ckg(`{CwD z!B3adBgYi-$gA@mT}+q~5tDH6i@&^io#Fb1pMTIv>5kPowf3qasvOrw4lzp)Xn$J* z;qT)Cf0>#!HV1MA`YwhuhYvsPclsxwbVC4QVCyFMIi zQl@X*_+pt>r)GwFKvv~ME~ni3Ek|X(<+S&Qwd9`AtB%tH=+q~I{U-okiBq++!Dmx` zF+{Y3HGMVvN@7!NpBgIZMtbF7gK&0aL5^2641~{V@ZR8kq5a$^Wly#@-T7x?GDz6X zBQ~DEO;PoSA13$$7UKJ7hhOZ%Y$RJhQ3WfH`E61fG@f2LU&lB)xk1}sz)Dc(sc zODaM-?I~6SW!kgZx5i>C1XS{b_d~z)Jv_?#!N9h6+>f{gxcjd5$al;MI{lm9GNZt#?u(7U z=#)g^Wa-6h?^_A*DE@X;LV||@-$U<_*qfu3AIV^O&4X@EJv1_3t?cVFy*qK&p?8V6`$<^gaOY=Oh0V#kf zAOJW;j&@-@`@oDuV{gt>G-{^4O#O-`zFg;Rzxm%>aWp=&?7u>>sy9Efp6@BC(CVdP*0goH`?Aa~KoS$>Gnd;gd+eRk zPswmhY*tnVtZDk+x{5TTkqnRsoyO(TH_Yt{LL+iPrf%qG)Y|)m9ek~Dd$v&lHE!r} zq83dMhenYqp8!+$(x{uk>zHx9uCJCEe@;g#C0f_`arslblp;I1V`fD)*Tvy8@X$9n zIu$1X&NM9?H>Q-{2ccom!ebF{*RA2a8PKmFuoT%jiSs^dq@?X6ZDkKQo3)Q?GhS}a z=9_mKh>^~l*+DMocdq}Vg%Iyl@k5eLNKZyxUXnV>J6cL1#TIWKIZc;B4)WHw zP0sh~nNv?MUxB&}j*OTIv<)E;t?*{>cz*P6F~6NXIm$e8`1r-B`K_C#CM%}fb}BCz ze|&SEc3&m_=xKh*JX-8)$l%>`Z7;=rbx_1(h`A_6-J{If@Z$Wl0{m>$=# zQS|d28Tx!<%WI>mdYy;9@LG~iaTz`HygmvHywproVH+ z5z;3@cm^tv{p%F-%8FveghloEbq4)D|9AViVqJb)OW2=-z*~`s^Y)X3xx|vB+>}Gu4Oi_2Z2n<2Jk&W+WAk4S-8kjA7Sn zeZb>sn;;&cVmcpQ(hJwvLg_gH+VF%wn+Dy3BE1nHRIxp2Vn@T~w6UlbD1=)`AQrgi^U$qcjy7 z>f|&mxqNUA#gmqt4DK4|MRaUpGV-(g4IR%&ckwn-SXVoKnL_ZzAbz!Uk;e z^iKSviUv>~w9LyOOCp#b`dgX#2RVcrTvZvB2@@EIb>AH$r1kY!FmY$q}RSE)o1}DA531(fFF!F{! zR9c%F3;6MX$xs(|>r*<;X>$G@x-wIDha-HCoEwiv6e&(88(f5d`Ou{n(VZNUd#KDKqc@R7PA7rF?qACwq@xi4I z+*=EV09UQQROkywJ*8Ymo(C;t0kdNE+xq}2hQr4kfZHD{CdDO{g#C?dZC%Iryw6$& zmrU~5V9mYgV%u2)Hl&y_!dGZwFECsU#9Y_cX;NH^E4x(q44Pcl=BHd*xib_d?%qH! z!Hpev7ez&^cgDYzcsgUt+c=jDrte0tF=Z*0iL$xFU7wsMiUL`?Ks{)RS8By*N~to} zEiANvd}p3^w)6K*^jb=k8S7j{c!$&r92DZ^?!O7*tZZ61a%H22rwB>;zZ;4ihcLcOxdi9Fsbq`+fK%v>9e$(bWVe_2- zLuA6q)4KwnC|EGyAsSMK3g5FGx04l+Mzy{1KPyoS%{&4*wuz@QWPZJFz=1JSFQAi1 zsrCHuYNq~<7$4v7sQ8VCVzYp!_2yFIyzf<_S`kW&^vf7Oj!r|bi}>T?-PbVP#4JCF zgnY%Uk6&HqN~z%QHc)3DoS5|EkzaRyVQn_X~)m9CwP2y zd-P9oegO3pZXyFe{!{AyzTO4?+o6&B^f&y+PX+(pmF2(6_^W<{53j(F;-lRwm~wLx zC9kP-WvWSuK1=DkB2&SMp2hq13BsD0J5s{A;hN@JB@g08|71)$%DA;SR2Iy$PT*qniT~Ankn^m?Oq>}19u7Z`A?IAlI=v3Gh$Ji~0;w36 zm@SYi(RWqf>_YK!f8c;y@~?a^B{jU-Ljht6A~%TRd^5^SvfZ@D5A}8K{LY976=8w* zbW%2$=A7M>Yxx_?YMzyeuPGCy4%8VI0y4S&`U&~uF{h5eBhU4FUgZ0Q3J;?TvL07I zBHFut>SN1S9Ga}`bL7s6%+q#QYx%|A1xi{xRjJyl+;$?rj^tK;_?cXJj@v3fJ%0oO ztxxfbDRA9#X3oQ~bC+_4dhOWC2$5+_Dgzw)Hde`0gsjxO1e};?tSI&<%|zu@%KA7D zJJWreZSm|zp)Q$dK{|%TRsgI5@zDN*(E2}5ftteC8yMF{i?r4asF@qLR($=s)n5Bf zuj^TgS%WU{d-}-jx#w0hMUcgdlhS)L6_6sICd{GjY+r+j_;Yk2^QIl$M?<4!6Z#tX z0mKttIuAU{i|6i#Nx9tO(@`pn*4r(3tUJce?0m^fAGdDJf32G{pAwO)9FQT1+mPSq z`%;%!Dz$ryPL_NijU0)U4Ofu9J{+4aLv}))rH2v2RM4V;Rn^s=r>ebZWsF~ERD{A6 zlzl<);kSO>YL&j~+IYGv((JLfxWdHScm2l*@F|W@#^vWY&7Hj(s&~1srq&jwYHf@r z+XLTM*pICnQD}bGu0Zx-oBuB z;?fhyV$GwZ6JU&R?WeTi#l}Z;{>E^Gv*45@$EaOkMDMDarst}T0@%7mRvd6)(EA2` z-S$}>$ZTUHNyN4<&YJE-eEF}^EEfFNzF0uVg8~noEou{79EP(+!Xnle9PX;MDta|E zxYD8(FdlPfzYKE$MHqSXa`yF2vDUftW@KU-x{RU!pHUNg6dJ^T;jK<=R8+&8jz2nN zt(Mg~fM2f#VY}m#6QM$S6wH&InU@LqoiZn%BO2yN-?jbn5^-qGI5_|&VFv;B^>j(R zz5hyyHZ=F?bob1G$Zsa&b%T`p>TjvS!p?(bZF6>+qMmgbQ4$vNikxr)Dpr(PIC{E$ z2;v7zeS(=Mfq0ZGEM9*@RJbhq4QjpB;z;L;3xWME-|bi9#YiA_Nl6xQA z{`6|bXs_7xLc9|iW5lWtypG!i_J$|`#@c!{$6d2)GwkLEpiHaIsh$0RF2JnvqZ7Hs6OF4z> zz(o_8FMq&d?vZt(%YPfD!M(OD1s)r^ob>6qc-*NUP2T>cDK+$RGv7D0vbrc#5aP3& zz5wdBS$=0EOog0-0|15J;i_x&_w;}l3oEP7-ve2V4DZdf=NWu^lz`R|3TQhN@j>_F zysEWULU{NuBCz2<5rGr#xS2<R9>>h&it8uUJ*w zSuEy8KX~Llf0i<{`E9;X-OV`Q==a{$$p#CO#QxaKUJDHDbaZ6R-UIEe+8xy{h~v)6 zvD=i#a`>R_9Bs^rG=*q8O5tDjfl*lAnEAu3*8xbBE zDQ6>mb+FAAVY!JNV9<0~ZKns*uXP?+D3Yhnjk91QrvzlB)g~Y-wJdzA?6y*vKKfmE z3E5NU^4Qd?+gSg@Rj$83F>2;nDk&}wfA=Jg^~QRqLBxLcyd9)K5)-itVWMs~(|7(& zyGI`L-i3BENdPqKz;3Um%S}N41G#9;R2f_A{t);UX8rwLnv@zbuPWmKI@H1Xsf2_> znkdmpfFirdn%MXwTV1*m2tBxqbq)2h8ck7GNPkaCQOy+x8Z@1PeM#~%S~IT36VQFm zT7$#!*mOv|VHBqll9@+ZMi~u`DxIHRw9KcThO`+MvmDZPHjtjD-)vZ@(}xWwMKQJU0Cws=+L^;E72|5PE!~i8qS~x7PF7cGkd(U#K8>T171j z;Ag-nVJ5K+iSRbSBk~{|!^_#5)*xFWwh_qx>N_qJXBOuGEbHV$g2}FOHSJ&BP z9By+3(B(St*@`Wg7tM+Rc`mhVf_0{czT%Wm6>c&@kPe<3| zNck=Gd*HF$Fe zgvX(k#{z&}kW~U6qcdZ?vOvyNQingcF&YX|5d%GfhKtT*BHo$)BA9~4`=939mi+xH zD06{^&BbRHc87!+lXJe`Py}SJpqHLwb$7OWQ^se#-+gbspw5t0zNHc| z#2LNRI-dx4sC0rYqpv6*7!-CbJ%hK$#RTdetKKaOra{15;Ct`75#@(`cj>n`(sTTW zTV}lxmQtNi5udZwEMeSY_Qlwly&PAtLC&+v7qXu^=xc4N?zBI@m_UrWNO5~0sSnqO znNV}K(cf7sx2-Hj=6bw7sJAPSF?nY|4%z_-(Ql+4LiY8RmzRg9qIdP<#N2b{NE<8< z7>h=09aW@1vD0>nF2$4tl}-MeorZcmI+~m``q=jB)hpFxgequcr0#+jhy*r8aj~&A z^g@R+Vj?4pzpRFq@YN0N{nP(Y`%l^|=;#ID26X^P8XNoF6_?|^_m1uHv(53c&QpPj z2$0*QBlD5`xbl7M#uzH*Jyy&Rkg!Jvv@|6z!^Sw43NbL( zGAoVTu_^#9o;i0`4$=VOl$2#_r~io-AFB9a%iEy8Tg7Q%*VGy|Z#$k!B-v6K>i6hv?t{$bK45} zE_z+P#>~v-@!tD+Oq|x@fhVc|pSu_mKUB<^MyKUGbdmJ~&tQv}4x{8MzDd0K8D}HB z{))}Hsz+BEiDh~U!AiK!Q6ZU>ZHsRnr)5wpXe4nKK`p(*5bna6L>Ma5e`*K7^AP() zfJO;i;M34RMScB|)D+h$3VmTW14TeldE(i;_1o^BECqq+`YfqK zgBJm2eUyUFHzG==@kLO0}NBk zhv|izf)j(#GFP$Vv+hB$qhr%M&tFR=!g_r?JJ;qD8E}4c4eH)XkWpwAX*3+}^1>Jq zZ94v^hxtL~Ljx68h0*KC)e|Q73_#M}P4BkSqn@q-uxE+#ADrNKFL2e3b!tFA?0Yx2 z7Q9vSi02&<)Na1{2#Ed1PmEet^l*N{S6ihVrik^dfPm8rd>)wRHOTcoBldLr+E4Tf z4cWFEZ>VT6`Og0;Cy2UEw`fr0ZU6`qptT=AVDN3VVuB|QGGbvtYEo#qAk8aO2_g|w~cFR zg{|#oNH}D=ID1WPa5~)+xdKc^BRs58x!v@bPC2>W&5YO~yiV3<>ID`)0b2wj(@;=< z4>zhTehw0G-}f@ek>ca)KsM|BvmKA4;?Hi|vAo9OmrwRY?qFUE#DYl%x|<;Ns%1EJ zGUyT0uw69}gp#;N=D_(}t87+TTbq!`W^a;Xr_PB=UBl;mSPPF?AM=;`qe9UGt$~Zi zlZ6@EkAU*Yc3s#BQoqw56gw05_CBL|JwYsx&@P}P6W(Mle%XPX_xG=fb(GqDXI#Q^ z*bFKUn?M?din0utNnc(iMQALLI6mmd8XoJSYq>b3D^kQIjKM!=Jomm2ZV047aN|8b zvv+aoJY|;E6+?0hSTKi{qm8CLVIptp7*J@C1gayvTMSjoY_NS5Kxkei8iQb1U`?sYJ}`3-Ie- zTcaYR{Ts(jk=Y-ulUF`oUt!);^skqWHl_q{Wh3x>l8ARfLI#qaH^Le4Ccge<6OxWO zkXlyOEYrdF;=?b>Tw=|?1V6cjNAT7}a;=bhgbIC-zPIA|B*nmRk`Ya*3T{2H@nOpoD~ zzMB@+azANWfv8pcKFcyDuCk$?=GrJPs6(6FAO-6Q$HsJ`eDP;klZ8U=b&N)WDNkZw zJIQv%x*&4@i7ZI0h*z7iBl!nJ`N`g!+91gq8r}j$q3zVAslPwqph$!Y!EPlkvy+SF z)g^C)oEv6yZalg{)c=kKBtWo-0V70MmpASBKT|x`PCoMkm;cA(UeP+{Fn?_ZR9k6K zXj=jZ*TD`3VE;h2tkX?XP#R(N=+vz@wHqY;pi};8e?cPabeRw)WGSFRIm2QCV@<;9 zjm`y}fS}WeM!5jvMWuw-oFS06efFSR`0$!32J0pk%O7Sk#4S4^l@+ykzaLr*m3I{W}bax9SDgHCb+mdISym?mVOMbWXNyM+xuLe_vesuDoiZ87*Qwe@1ntH0%;Ju+uWOi0eR}>A!7iys9 z)WK0oKD_A?pqj6*=Ia@0EL~Y&4gm(J;l`*&3^VOV90fh}!)Db6$DBz~LmncWmq)iP z(5>JZ(-nR4Mwz=^VA~xP*@;-+WzN%t`1vR6Km~Y5DHtg~?4}MKaHXDmwf}*Z_y)c_ zx$7q$e@BjsLc>qzXocQ8JRvg z9Ger6HW?ErxoG|QYGP{Y-eK9Kt>Mq9b{Ss%ch*L_Ie2>b6D!y+k}?;w{mHmz9jKN| zBWuRE=J)IDI$C8z_gB~8VPfKAVygf4Z9AfiPUEH%j2pHa>t~n^bIGW!`jvOzbTm91DoG(!BP6gbySoizv`2f>dF-PBR?fESSUuvWu-zwW} zYy@EP(}^~mawbWk(VS{LScs9_sL_?2_`Pg&3UpCHUD_w#=!fYOUr?%0R|jQ0-7X?F z4Ux4Om}-T}H4d=DJ&o{*1`suppE@7ikj%;K2Z9l{nUG^7FPWl0(mJ0WnTw!$1E65} z!1>#m-)vgUSLbmavoex^b1%{KGVAQbzdiW_hwTD4CBI~5Zf{<--kOtWJpaDXU@B|Z zd!qGazJ_y2=-mtdbF#BCT>(1NpW9)i*VW9uMgi6KK=G?#<1O53RUumU<_3Skm!~w~ zE?bftJY0k`)RYQElqpGR4&hbGA!*J2hYTG8*a&TKi6W4Dc>TOqFELym!b!%a%Bohy zS97f*oLU@pwy!MXS@H^wWDFAm!!U4Pc`V8)^U9>z955eQqZ@D^8&wAdosXp}YXB;% z(JEyMIi$6#sC+pT@rY}A(_u_W$iKhYeWv7TH(dtCU+i-~KY9wpY}D(O`I*kUgF^A{ z4rD%`me#cDRaV2QOZ16nNWU{L&-1}Pvlze#+3$GK2c-Pm{!04W^*0KG)IPl%@(wn^ zn))t<4u;%ppQd6_Z}BhLSUF0A>R;*o9a2HW_C3NsJ%|euP&7C2QL^sEp%T$w(#)@+ zo%~(jfe=wYTK&X?clm<=|0h)|xkj4?5_G7f=<5rKz{Rs0 zx$>qx3{>Wmm2VljQ<0 zeauwr#MaFI+$j?)jGBQVJA8Jx2P9fRb!DM<*N3Gg(|29N!|{^K&KmCtR6m)QYI10x zF8$4o__cJP!4e(*6)|pW4(HP>%Q^0gx3i_}!@UD|Sh(1j-MOTuDr!sG&Sl2zGF>R= z@xFq(;!tVHXiR*>Lz}X(ao;dB{vtuV9n@gsTHScU7e~N)fIhN{nds@`lwRDweK^3p3=ZiVm z8%A9{J>jso34((9dZ09(&}o1>CNp{Y?&K-tzY>`o_>gj8AhelRBTF3lsXxHyQo#XQ zC4JVE@(C`d$70>jD36KIApQ5!uHxSPttbA+2f-kfuYVV2b9uU>a-y!HvQc)|N0keB z!DmTj|H6jGq^)jSaY2t@3l7|b?-rWuu9VvLrr~1kd&>F!Sc41L8|$oGx8-8q$Nm`} zXq9{3Ir|JZ8`o^yOy|t1Y~)qCzqv9K|G^-6fNdcwK%AQxXc8IQ~&L*54iaoL3vly;*1zVR@R#cE@*?k&sXYUcl>P0+h+8hT9Vh zEC*L`{|_}M_{8GhepN+V4Gvu+(xy$QJOKStIuGv`GI+fFiS%sVrLu4qwmuVAdp4xOg5tVECxMY+-s#l8K$mVf#3f-_e?bSUvtl>t$i|4 zq-MXj%{9p5`4K;oAlx#sJ9}%Jw|?6E5539a_LyH*;&=L3A~4KNO?N=pILB)r0<}gLyX*-LWqJ&cU0nV<9JJj5*pHeDE;9G8 zr4_mgp_a`OEQoo26Gj9|&%Uw$XSvEz+6F*^l>e(@g=^q{$(Z$fzOAgYC2Rk@??WN0 zN`l>ckU0BivlTr5*Bt+$7Inn@ms}BRSKQjMS^ILa*y$pU7seta zI=%5&N7z?)HjQQTAEk72O|aHwQpU(!i_j&To!S=BZF*npquAa?sVqH1eQVMB58`iBxkL$u{I*D#fb!xb4?Rp$9;X!UWwnu3}hH)YU&~s@FwC zaXx2H7JLfE(j@S90k{BXb3O>Y#Q$CU$1n)YO6wNVmYx*#9;O8W|EJKGiC2vlJ`-Qr}VlWG%wbr&Ndo!ly zS&P$_#7S1VGkTW6ZCE%_&zui-S_kc&1Z$daIWhB0aY;T~DGSl_v8n?^f9LnFDIQQe zcFTLbs%Slfo)=~kQyf1I9Tt^9qBu@3rgd0Y!Ju@ZDX>HlQx<1b|6Fb6I3SZ8ywOAc zA=5<+qkM2C;kt1LIAV2kv0fSO)LyRhj(Btt)Dy=c%4C(XC{lHSf}4;wov!%%JbgFt#fA%?Ob&ZEUW2}U;9zY6TdeC zzZ}UDH6z8+$)`N}zIZU=VU&&tSuLH_yM9h+2CcE%D9 zGyqnS5z@AOS+ff>&|CX0u^t%$Z-viMn}@`eMlX>h)%m}UZrPZIby0TF)g+EW|EQ|r zP~|?9VKa{HMJkvPoUG8tC!X9mGYkFPh9^&X>bGzrJn-nDgqK}R@NXKd2w<0zJd=ij z_5JK-G%t^+{H==F?(B8LyG0wRIQQMj9CobUo@g==-$NK)%7^H}X?y=choYuS)}zLu zMnir(zq1BP$ojj)31LS<$RVA#1sV&jW)kzMgIM<#V>j*C-OcZT*3)MqoxQj>)m)?y zdWLGdVg!gHhkbv+j~3B)OW3S5#_P+|ZQ8Szm5DIx#|zi<=ONfZ>YC@wrPCysS2&?m zMSWG>{x^08b4;Q?OGp0(C_aXK4Nz{dI5WE|#-bQwj6TH#EiyrYkf8E>I5k(?A$?~v zul!Y}_(9r3Ncs;-Yvc8NA(ncN$~H7o1HX;H-hsliVW$DV!AA_pkf4>eR*b5*0*z4W z+?ZHLWsUJ6T=t?MA8{U;h(M@-JERB;)=$GtifeT?wjEZ_k z>n)eIg9=gZD_ARRyxlTB_-*s|DojuIy@kFa%QK*3E^2yF*>BxDg^O36<@Xi z@<*r9v~ys9zeT5oYfkP@|F_I6m)F76)90sk&H)J?v^BB3-u7~t8ONjnQ%bC&hLB`A z16&BZ=pdcT1C`{@v2LWJZx%!)94rZTs6sF#N{2KEcFo)8qEYE*xQz-fP!I#<^<4`* zX<6CUex9;EWS}vfMNiFDen^gxQn9dwSoT(+GW@qED4|c_f^kzcqZB_LqFxt=&{M=N zr4}+2B&j}b`+IJIOde89Qc53L$a~ywetOJhXOJ~F^B6+De@za-Qh(5K=p6LLYB{}4 zhPNOU?QSaSZilPj!t(C#_&9&pk!=^^hhZ6NJOjVV_oyAH4;c_Ju!d`*ge$UF4!Y2i z`^&p;g_JfM(I;sn`x!^( z+xIRT#F}p@>kJP94P;Wwc`M0rLTm7LVD5^H?`KM91dr?LI$~c8@vvzj847P9xj8*l zd5Oyr^CJn4FAE?1xd3hhVq`7xCNrX(^4{tx`<+K-L{zNY)Ie|U$L1fu4VZRw+`GVql#B`czMfB5FUt^r#6;jLRH#Kn>;GtWUVGvl8|0RxP z&_j+y%=SmZdEg!S2UYLvy{iYG5z?RH;z;$oA9oF&&7)HAn+hYjw#yW#_M*Io%&~_g zJur1aMXeRREBqFlk&`XKQpW(u{irG@*I&8o+nh`KRUS=?8zU>>uQ#?uP6#R($JJ+AtMpY^^+Z`70b!?mY zh9+@PU7yB4Wyzi;;DzJn$G?VV7mv`O&izP8$x?}NecnXr1xC%Meu=7*+}R485NQSt z9+uo!NEDC+4pIdFDP$b%6c)*Kl(74;Q$u6xO_qg#@kX3g@;kxW>`};?S0-wllSH_L z<@)q;`fq9JY#E=n~-2!pSN z$d?7ygqhqo-1BHdXk8#VRBGGGvZvQp%9hki+jQqXEKviiVeM{U;ij<33GRG4hl82S zfR`eVTMp@U&K;Iv;hqDJTcP=y|LJwx!Bi%K42^1~wr#cIJca~ix;axM+1HXO0Z4dP zu0p|ay)RKtCZ3q!s?kl|f#;P3OHhu_<~GyJwl8otQ7!43t8TD9kZN^cpH{Cis+nAG z9_3XZ&K1Q#;zFV>au>zqFYP~i5oq0Pdof>Ts|1bzIC_!Nm-7Ot#6Uw1mkLXkIspom zWAIz3W=17O|J`G!{qX7()B9z+B^gBs#`K78@A6tEHUkbuG_usF8fJTq0j0oNG_nK| zk1I=Z`1APHgv1+iehy9(0mUzr4?m2ZsBz}s=p*?&L{TzZJSvubUmxs)sYQ}xE$0x zb0u)2kSO}yE0rlii?Um;em}C?Sdo2J`g=si)KI|baJVQtyL;_XCs%hz#e&De_)NV~ zpQEDIcxjzOPG%NKM)soW@}bwnQTcpjOK8$S;jE~8E*B$7D$eD5gA*SW;IR6n%2H#oxGBG;$hX)`va(b8$wEIiS`5{s zu>a5+f~uwztcAdXcH<#V{W=`$);jW4G9K0!t>0$Bt6n;<$v#Ek7^Tw0(<_*vn1_Cg zrF{5%zK~0)fz-X1^4sNoJ=wmm%8 z3e|h~bNbhA0=p-|nhWj1UO0Z&uGD>=leS@P(`(KdlUcnoqfL={ZgP9R+ZTJ#SBDHK zUgbok^Le;cODAN`DsnNa0r{}bVpg}7XZJCCKl39L)#orK8e3Kn@@EFKo&dYe#>MBc zW=EeHaAWX^&(D*7D7C~y3phd(2!tZvPA_|n#XeCrT(|S-XYTD&x)^;qU%bE}B0}ja zB#Mxsk6+`Bc0>~w^*ylyA)fLB8fF-dFU=k!CL>EAtOaA_(yM=#lT^d5)HL@tVoD@~ zq*A*uTV0|+0`(qf%g@n4zDQk>hdM(42qg(biWE8G8#~ePF3u!lD^-o~6X<->dhr9I z3?av}ISCt$Y((f_#;R5miEj=1j?W!WDKfKtA)v}ooV}F)_-{7DTb%?2nI#Wl2W$IV z3$|wVY`v!^55kwu#e~kIbgu%DAmQ}W22bp_ceZ7IE=5*-HlyQT`)H>$Fpys7a*N)0 zjh00IsIzcwRlG-=`L~Q*KyN+AgU1ijgz8>7(qtPb=avg34zwIMTA}vo(?)+6I#c{P zt-!NduZa&qQrropmdPc2py6dKRdzA4VtMY~QBMWI=uNk#Mnbo0X#9}Wu?XE@8hd}; zOmZ#?L4+tI_ui%kDccqzR}SF#1%eUl;P_7oCzEY z9n-?GLm{RBQY4Rr;B9T&#&zX>F{AQng;~=EaK;aD+fBrh=rix#Mq5sAaiwLvoJ%lK zP&;URehW3+7K@!t%wT+|vG`M%KG|{X`%e7{@weLg-*qu#KLZC|6rvokDyY>PDc~UD z(EOf%kj6WZsuusC*oo?A();%kV{F*8`)hcI(bY#3d_mKJhf)X--vL8@f7^2HYok41 zAEmCthOKl?E&AxeKJD0csjOp!hi_26{|Mgl`qDpQq;^Ni{`n#pjD}e zq_W{;o&8x8y3;c6rd3%G*2mx7j%xR@DDbn{N+M2T)h4>P`OM{N}tc`y*TZ zN!_BjNxT6y#M4mOt#98d7%yVGVPm?rG{s{F?J2eHxpL|66+uN_EVoC$))+TVLkde( zgI{U9P)8G_ip@`#{WEU$ihX@hTDQ2qkSk+ONLas?c@RBBn9K+Ev5RGJFp!+)SEP;z z7sqX0QI5!0kHL)cR%qxZfhpI8Z>x5h?#E(}2^RMyYzfo%!}Grjx!K9yZ24WaQFACU zLS{|IBNZt2G~_oqK0kXD6TENb`0>|KT$;Y4EiakQK4aY~<_Ctraq|hisILq;PauE3 zr#cq*`bjrna6fx{Q2HW7A^-Wu#i-|J-*E*+^V}`evh3{o{l(w>UsRoSSXA8??*~Lc z5g7zQKtQ@fq}!2@&Y=gC?i@OmkVaZsT0pwHLAsJgsa>L*AQmY2s2b8-wzJy#o*;~q%hU_)leLA(!$6*Q)$h=;wVXnYRA|E< zgIJ%`czPOv83!o*+m(CFn9tSomd@D;Q(}9x<`2>28{Hl5Z+Ow3%S8&vZ!LlAdrBOy| zEg0T2`ivb{bckc8JPO&%>vacSZ9E;)yD)fJIVRlEYURxsmk#4pv{L+$2yeJN^f~3% zHy}&s!C^!eRT=h2y4&KaH6OXqDuB|4>$zy#U%H`~!*8BRfjMUwig@VZdwAhrFk<}y zLg2;cQ|r@Vuv1xi{DW4MU9xLwImWBFNiUKIG@0ZtmM)XUgWdy`T8bgwdEmb2{fHPO z`JA(ML2mN$M;tOvnqP2AV|0zuNZO2EE+sOUvMG_QI5b{WoW#KdQ9LVbt2H4MMWwP4g)F_H#Y z#8L^5n2|u}zVFFfW}A-HsEALV5j{S6*X4A5V^zBcWI2&~ZW8FAD0b`f-)inTY3@b9 zZ*(&cNy7wVdIr9PJ>XPXG;7`Co1UsTJ7JoQ?Ll;AWg~fkS;@omP%8}-w+i{draPRs zS9e#Q3^CENlpcuLz1^+tCtQN|>w}&*1ChB`FTIdo`Tro9aGiYsnAV_7MQ44t?M{}u zuPm`WSr@;sJgoQnxb8Lu&e#>lQ~e~uGrSbzCFOfbcUhW4SuUKN9K&bHI`dEZ ztM{(TD?^vh8wOrrh_l&s;7Mji$6Y^a^c@;uq&;zcZh^MJBvMC(Qf!#^ikWBp=j`p*oXdD5pvn(paDX3vOr1hOo-R!!{4eI zS~MoQvmNr1wI!1`wT^boPf47s@(0|Yeh)3^AX9!=+AU{|DNj9x3&#BUx@Jt~fP7OLz zzhfa2p%mPOqAX?xhi7G#js~TDD&h~M%6E<)UH1%Bt56Gh3F(xy1zvw1+e{PL2p(RH z;^x*gM9LTtzXI+M@CYA>^&oZ0d&S@ptC2}>q_C_^o{O}XqzJ-)4VD43$eUoUdE3ae z!JNs9Tmx)1BbRGlbR0is%+lN*OUmK{T>VrrNvQfS?jtlp<`TWe;LTYB#cY1cDow+@zFq(f*sRvkEvl z(%Sob)u2kYV#=`N3UQax@UDm1%GkofqrOoQXpfD2O2;}u_>6hmHPyPs6;#`h>?mq` z;<5gfY#$T`-fN;_%1@rv{)f#e~zr90DC zSGwU)KQeg;9M))RU37qQ8^TxQxCi5!JKsNR;1b}X$<&9uoTxpkw{q?oW{Xxdfx~e@ zw3&-hpU?{GPYZ6Y?k=Y1EprQY%_|D?w$3L@W0rlw@@l50uWHdkWmrdG0!~>#%m*$r zU2A8QqXDeLLrVw|^i-<YQeaa_15-#u5{<9u}CrFVig2xtn+2} zp>4x26bju3dCn&(DT!9jM?UCU_&~dtn+&%c-|m-#$%9Xc2KY(qPLeWsIb-;AHFKBW zcWQ21mqXjP!WAW)mN zz1zs&Izi|m>qx@if2OR?of{Np9*eUR3va)Cq2^%DMpA1!-NZ6)Yv-z&)$Rrs-Pqd< zUJtMO$Y_?3M(duG z%@D1{Y{VNHr3kocS65K4cZCfa7*j;%Kp^C(oqU=9d06(dfJxtn(>7~CzFzGhZCAe* zlmS)x1}hv8kc)XA8sQka1I3Ph=WV&tC>&mYuG z{({LFD`$e`k%_zBj~e(&zPj-95Zzhd)3J92qX6}arSx9V8CbC1>H3W5o8Bx~G{*Ct z9|hQmuvsMg2X*awB!i!L9cdHwh}<319?l%fTVYA7f$ zbcD$(c8}=kWp{P}IH}as2epnVFNyfx2zu!1>l-W<=?SHo@YU32Q{T;}Ax|vHg%tq3w%1Y~V79GO|*IHq9E}eVZL>bAiu7GRN0|u&gxs$;w4TH@^HqZR z*1kVDtPy^w-^7Ct0Xa3WWIXBFp0BTMuJNn1V1VXb=wgGk=CRTp$ucEhk)-BKn0d;C z&_@Y#2MDWCC&rLRN;_1PbKGv|DxCCB^X5YFLg;ha);!U$Ay!)db32w#x8Bp>!a^9M zkcGgxkcyM_oO9}*=@r4?mSg@No9|i$I=0IcF+9tw)tl?Vj^-yfo5Q5CL_Zn$`5WcC zS)#`1Bc&+`ujMtfA5@gvTD`zXx3t8N*T4_@F z-Im%)Zm*r#31dw5$+57W1k19xV>SPm3m`YZ%*Z%hkh59RXm}p;2&r&DT7u@8Dp0if zeEzrpAfMHan#&X_mU-J)bvd|(9J{NN#hwUwfMjJRp(HGO(+S$uH#6&-1T6r9Q8KTz zkOKbNrXPVoj86qQ9%kivHe$fxro|s0lP+db3V_B z#)`Kt1HFC-DED}OVXB|e;al9H1zY&luhGk!Y!Z0`R)KSBF7aQI!7o}H?mLjNl-)}- z*Zsj&7IfrJn@!v%K4-gp*Jf-;tPs%6{#d!Z?r>j7YJEL%Cx3bm9->Z-v0!>2*zwTN zWdAdT53}7w<$WyH!hTWru-TwukPDLf3jOc`pk>F3YCYOpkr_IFD2@(WE3*0%QhT=P zIN}>=)v5a$HV%c3vTKzS!F1n(Sv%b3D=lgd()VR8)y?j2kmqj<4iaQO-9dV}{@BZr z4T6sJHxPpN>7Dhx=)&}{^N*fz-x3g2!hd&+^6wq@@B4it`xLPMyUj=c-s%4JB;)Z~b!3-0Cm#4Mp~(x61m^e-E8q^O zuVe3j*wnBxl=$UKW!#6^2k&CN_x*r!46BLbbeycL!gTfDxR^5GA3l5la3-<@*PJjn z%sEzc3z>gy)S|H{&QCIKe?!iNn#v1@g>^35`*mlJY)D1WSiKOVkIo%o1wQm_>;6OP z+%$iBUuLFaj?^rQPfVVtrglrhX^F)I-WOGpROsK>y@d&P?2DQwqUl4tu6o52qGl3G z(B(?NiSulIRc7$72WMhKtbd`mfK} zigWT#P2O&VV&F;5>vTVCEACcKbmaLn)!BAmV2%}<@fS(ML@21{jppRg$&9G%Jd08+ z7=_YiKKcATJKIPp&Asz^R_S>)uH^8eT-t;gQ3C6EBf-V^uTj9Ba8V@a^C)Ym0-c4s zB#(14_g!|*d_GVl-UlqXA&Nfma-dX)l!uhZ{gP%t5CimlgfXfIwzG2sgDn;qQ$DNR zpIm6zOX0QeX74MfKGJ0Eo4J@=s{&^k%-WCqd72vk;atzpN}t?sSpG2jx@ zCeqVBKLf&_d7<8&KliT9Uzhb{MbEpdy6VJM9E>n?sK0QxKdjOq$W_6ik^)4&vAwNw zrGUwPxQ@}p9smmai>pPiu7Jbv%z1WMJ2?-KI~*=RFZg`Q_P@e!%G3p02bSg&`rDFU-_(R2q*a z^b+h#0XO~Ce_@l6lEBqNOxLpxJ->w*>w!;N+l(jNXFj+sS;@j7>I5Af_oG%W5rZ@ zkUd&imF;mn_>z+MwRxA3n{r-T@ss)x;Y;7PB68z0p1t{%WEE)itXnLXmN~euKl$lW zK%FM-B*r6_)#C3h%G351xsTpiVc`G?MfF;?&?tW_zUy5Yssc zKEuAkH%{@#)i+RrQ!monhj0ge@7|*x&v!k-yZ&ph_>+cLi2D|Ke{gT*;^Xbpx zRi-S3Ofn_rm>x;SrQ15Hw83&%^V-%r6Y_&3sEo=JJlvw)ae-RC%_?n?^lGR{mK6nG zEvD`4>@e|wS@FQhEq`}Q3?0cJh*WULZ7YBcU6#@qaWv_!bA5J1^=dF&;p&Zb-zgCO zz1%BN~Dw7qZNaPdnwPbryiHJ;A|#Ol0L+yCKow@ZcdJc)$~Hw-@a0 zZf5Mpwk97p!L}tYdLIT2?Lk*n3z!7Y z)aJdFBx4^HxzM}8unD)f_&ZnQDQbdZphTlu?}UG}nU~~>0`<^`tl{`5pA6LVp}6## z*Lh)ha>1^zsubwt@faC|p`s|8T#bUBXF%fHywISn=qKs(v_dR$PXC8wj5I%#jmslY zNR~qt?Qf#c)%XxLnYs>gVO^0%VwQ~-tVx#eCGXs0dpT;tnJvgeN9f>6Qg-{cgP7 zYD`W{{As}huy+8U!hM4cxUIeM_Vy++r-Q7AVEkLC@`Nb4XBd!>Bg&#Y-UZ7S#cn_R z(j|Sd9dZ#1li=+}u&tJk2apn3a3!i#s)I@v!+Sr%{8D%3it{;R<|=?f{cqx=nLIr> z0Y`7V)WV|tRjC#;06P>z&?6yaMxQrW!zvHDE}pNJZ(rj1DW)XvC-bbmB(={EBswA{ zbZYf3HYCZTqCV-2+u4JqMUeD}ZrZ5#V1l|(>y zON+&%LFZRTevB;4S|b0ON5)wh37evgLs_bunJzXgRjp@bML$*kLoi*SVuBS*;+`-R zN`|5rY)7)TQ|N*^aD<14r$H3nu&Ypx9Ncq}tB-v7rqI=A#cl(rQ{pU#yY^rl$2I^j z{2BD1F)M0JTH25I0=*MOPV{zt%ePupTJZ9b-|~P79uS*Q|SwTAfuy$z`|9*#vYmV zZW*4JSD=OS56-p&#{=j_zM&!tC58;cfO1g)1G=4C0^rD8TmujYvxB?iWBAqa@&3Lw zBhaxub#<5a!zmDJh?|&a+nT>ttWskD#W3^DZu)?V@V@avM;x&Py_Jj7sp@?7#EHg_ zeQc}da8NqQ|O^9&PPSw(`@qcF&p(XUA>Ju(PPh!M7kOJv@Vz#eFqz`RE)($uRM_Z51 zqhui$xSNB+YC$O6<*ooGm43sU3_vmf^cMi+^1MAt2@}C19h(6NY*sEK34#}0a{ax% z{I}=JdoJU(poRK9cNUNvf^R;DxYoP}0C~3pNS|RT774n0!od8^?7W4UrqJqQZ`_+Z z0LSeC@H~|1?Sa5cbBHQDaNjJ@r%wCLg@X^{sZ zAe+h2QWjJtiZ>OgMOzUSF7Eg=k)F=To(rN8-Bt~r2&ig3-caW9vE$s_>4?rZA*Y(9 ztSNZs&-l?o&*hm}$5Zy`;Q`;o3f~>WDdl&LQ_I?n3#QDh(Ow;*8tac<<;pinU@&z* zMB$Xa`~XGPO%j-$U$vSZlV7SdP)|HEkb3c$Oc^>`@9OC3*_dU5hDDMXAD^pCZ*45_vJ6ZC>?>-zhYDfF{ejn){oOj@wSE@My{HJn7AP0g=_r`O5WHH|4WC zV2VBPUVX;{5{8cM9%0puo%~jkLu&HI5>&%Dc~`8q&E`4 zzo#nLdL;MXW14_@5CB=kwtjcFwA?LCx%p`^4YEF7A8Ne2YMgh{149`8Ggh|{Bp77A z=v8Gr_GEdI@309#gZW((EeeV+PwI17a`d&Vn;%FZld18n@qg^{ zNi1Ml1gPY&=w*#{3vxuI__O$64j+GKcJm1fz!`}=e zzTsu)YAK4n9rD+~rH)jVOw)+E6gmI?Oh)WSIvY*V=O(iv=6+{xp84U!k8*;U>&;&0s;a&JaIj%z^JpBmKwPw&|}K(8|T@)0#I9)wze*oPy6ozS|zK#Qc1Cqjl5>l z#PbtlyMMEM6?H_TpNKfTc-I-`+HluYe`aaf3Xn3N5?H(6MUP}}=^t*zS5)=Boy}wC zWA~0`IvWCeO4ZJ9v&V5=I6fQ<>+p@RU2&g7n(_L z_rH9+yX$`Ab9dA4*sxr)3(!uk1LWM6R%3N;ryFmkz0t7zY8y`St)hEY0W7eb`=%0T zKa<6M0{}73pLcKxUJivJH#s(5!Foyx8ZI~QPY5ms{x226g-Z7Oe^V%OQ%0FDN-BsF zDFQTTm?D9%ZJ$9N&HlbCuJgr_dw(_ZD`e5|zOyyk{-E}>W$yAyEq^yboh^c=%Uy~& z%F~JrGx2tjkwU=4f{HQkaC72LOiYx+TxLgm!Cd zMNWLofUEWi47I?Spib;uyn^Cq-s0d0Ue^#5J(!%pWcKXeWQK;cFC4RI|6m#a*?2P1dR2FlzpX0B@%kA)62`S} z3w*)VP*_09qGDcUqzv$E_1WUu>4Ak656{Kb)r_DHh(O5G`rLFZ#sId+%tf#c3J79b zszD!n7?=gOFhlF^%_Z1CBMe9WPJ#Jb&O1(;=G)dqKG$8h7oLT#fMME_ohz9rmY$WcV>WA z(`Qp>#LF8s-O*H1%2z@9o?eVlDlIJq?GL`gVw&aV;DFx!@b!HNTHo1$RhxNukbwOB z{8}o3o#iNA8nzzix(dFuh>i7h)DM zK*jgih266JM4p`lbcN z=by}u0<*=239%#g9}f|XKT(|u?2{4wqBdVpaavJFnG5)( zjCkI!)bKXHjGO=oKX(<$BpomCmweO3&8Vuqyu72pKoJKq!=7R8JLH&*EOCnP1i-{- zbUg#4XpAy7;ShWj@&3e|$SzWo?GC`)(=1lwci5gFcAP18G91823H2RWCg!&Ou(7xZ zc~q1!;A!CJ37Ga~eXXPo1qMbxU4_0-L7|xQeq8S?XvLW}(hoXb`4E2klZ50mMu}7f zR+J=DZ^HXBV)rQPd-B)U-6#4#`SAr5zK-vxD4I|s4NqDk>$AmD2!rC+dsY=MgR7Gf zHI`LW=*VOSV3hLaxkNj<`-6=c0yCGjyG&G9*DGE=BF6125Bu_cbJ$~F=?G@!AEUp9 z6cw8vz0cj)kOl|kH+-JeK+h~TCdcObam@eb!{Z+WqNsvgFitBaiayLmrAA83XgZrz zm!aG(6G0QA?Tro7Fb)k2vOI_1Ux)yJDG;+sc3z9y*w~nQuBoD}5QV|MF*VpEOdk%U z6_(hl-bmkm`*=Mp!)2k#W_9gbY6)ba;2rVH{luT21At+Lb%)*KjkhO6R&}qXoi2hJ z&x4fdPg1em*NNuO{R+0Q`1gg?BEaOCWsD4Q(#TEg>+8cuWtEixyT@adL1)AKdcyqtoW2-svOg>l?% z45kGWdQOsfl!%I7q9Ey+1EgF$TDFcBrt)*4#Iag~c3m46mzw65Vzr+!N`q1GM2~fg zxD?_NkMpAwGzFz*is*+LMZsm4M0>Lh@VVO#b!HpJukwK=*aPXd@V7D}zxriqji2k_ zISD6{D+J(Y{(OO*^S)dhp@9=-*m4~-Wf%7~jTYh`Nh9Z{)VXR~9SysTRiTKx#_z0& zyKdJ#*siwQVpeq8t3SJ4KofdFN_y98BzV*e2-^e60)T~%c6UH}cYu>}jsoI89(-3W zeG3q|81X!>mq{C!iTA!GBwQgpZxNY@NdOTW=5d_vd716$vYz_oNvjh8^J_dUFN8VH z+Dm;IDJ-*^Z%Db>Hk!X)<01u40WfA80A7m?bPZe~yI||;Y|j$_iIIAoFA80^3ZZy? zA@z6xx`&SKH$6amDlIGfXC=%QJfRa+XsIVMe*!V4`Y+@`Muh_b`F}{}V;Qf&@p|7x zm0g;wQ9>;W`NC6kb3Ly+ zJ+G?=+%5I>SL{-*W=ddEXh-uloy0sc`hTA`?78o`0t7su z4AAvKm}i~C`MpWnczV`wRxg)=Z@ICxg@HDHJym!!1yIi1*LvgTuj=P99D(TP8Q?rD zZUM%}tQ`MA8^9qay>2E2H8EArlpO!H^#3l7z)AoVJ9{*9B-QW>np6y+t-Q3HXB@n9 zcQD8-G}WllKx9oA?9@1loLn*5fOVXl{OKs?_sGadg@q#={@dj@U>3l}VKu&Xw;Dm381Wjr_5!a4UxmZZiE$!sCh|$2k&~#E?WjRrl+IoB~-rC+_D#IZ{1! zwi){)G+B{0_VW$f341&F$`5)Tn;H;)6!|@E^&*&dRQIE z;`TR4peihp?h3()dI|@`se|#_kc6CEn1TA@tNl!D6Q*BZj+*Z@4sr{&HsF`Ym|=yO zcUi9@vA-Rud-Q)A^*GOcTt<}xG1&PU!Y^ccF%h7(O9NPQg{{)JnKJpFQ_0E6EFK3z zLVyLA3=rieC)Hu&l@`+u0H`jJ+hz$v=ez~rUy>AjI@4@C(F`s&N_G}Qx49p&r&f2T zXMq1T)m1vVJ%8Od&wu!ff~E1A4FtrDmLC8X&F*aNR@n63-rn7j(A^O*pq$`v_Gn4p zxQFF9w8EqWraVayv0{J3H^*M6-|6e^}3jm`ol%dB7e5^4dZlh<%n}P91p{Vayt- zBiY3xNBJy|*}kGck^?YR`z=VN8&;Xz_wG(ofvnz}jRC`kgZ!b|-SvjOhTBX7*^~mx z178@toF1VD*+ETQ%)f+*k;3P9IE(6VSSUgPOrV%ndgl~8t>N3 zD$iI_`rTmw|F~UOVT8Ry&Fr-ree_hhnJNYvCza(_N3B8^*Cj^(0;m}Dd##Lsb83R( zIMdZBCe{7=irO1yvP@}BGbm8k$CwGyzm@2x`HYOV7z*5EMrZ9USfiB8jp z_jWiF)BN=GmAL1zcwVxnNtc26&SWX#{#oUUpPZbyUyh_`=k)==X3hAxKMq#NKb7ai znxq%shzc9q-MORm>+s1pu;P2VOnt4(WE3y2@)s*;Z&_ap?k1*;_p!@NSJ2SVn9c4n zRQha%RGJ&yk8U$2g$DTTU6wVqkUV>ax+WXs(PA_?-6nvUFyAhTsv;IGwLPt}g11W!Q09r&2Ko#bWvK z*_o2$@6DI&pjszMtEmx-R>+7%JBwb-6CML!#X!-((f&X(d^$#DQNHa!p zLszJxGDHjVKN4S4f!i`qFF9#5 zO#!*%WI$&BkTG1Hd!?qpK;4Y^xq|_hCVnQ6v|-0{Hfe-tVcOY21+^`i?(lz%v%Wf5 z&a_U?qLb=je=msyp>HZAkQOQbpsSL=B&ix{s;r0!N3M}{DJ>JoKXDM_peN9a0z(qi z-T_*mK(r(#CZ>AKsSErfarVQQ()R4r136&o zT#uAvp0#vM-r)|CA*YOcZ;TlCsJ-zc^0*k&B;s*4!_?Hm_-ZGFo?B5b&sd;g?qF$Y ztD819wVzwS=i(_<{d3J-WS#Breg>b-1NYUHxQaIvicma?7BCq|I3{cJ4Ko4GA}ZOd z4_jehbUH9T<18;nDUxMANBLR&N*w)T0hj%SK=zjgU(sYugv1TkT;s@D ztY@OWqD8JWMFwt*U7Q|T=*Un^Kxd@)gN9X<0tAmX>jc*0XzY-RN-Djf_adqU7(XS| zv%wNsk1TXsc%e|b%$kBPuuDwTu8%Z#!__y;iCYELhDDW*8!_JEq1We=My=yrB1>Gm zwS{^0?gti9c}(mK3vMN9{A`@3OL>I_+Fr#PrUBp<-aB(-G9Qim3}ryG8-tHlSnPQm zX_|hTDS?hjRIOf5Yj`>`ZRcT%TDG0u-s)6u6-?#ukIguFCH4J|eoyJ5Lkf&(Ezbg* zKuAsPcvp;7hBO8GePTElyCg@SzeM=qwJMsji zeH8Tp%Gc7y>WW=;0Qo~JTX%}VubJC|Iz#RC*|=b?JJ9LMY!=JS2JC>DA}gIyEjzqm zKrBs2E=MBsf&5hqjb&ONJdhFHCVD+F&NVUaXtNpEx!fnV4QP?_Opx;T-_*&F#99`g83xlS%6Y{I^X40Yu!yyufK?8?V?|h4hzKC>_2hO zS|N{tNWmUDx^=hU+B*Ay$i$j6>9)61u%bEg=PITn)x7^cImPd){6kv&ds#S7HyE}_ z{i;msX8Q11zlLg~DIitSJFQ}CJpU*CR*ae2p~E02R#J%JKG^?zg5lx)ZZ*w#1NEVG zYU!t62B~vP(RHi192Bw!b;>s{T@R+=62I?i0mbsx{uz+8`?oH@{Z=;nesTUNk?K6&2j!N&QsfVBJe-xF3S*J#%nSPyAu@5_Q51fe#{pr=Yb zeRJ_A^9T@>QW-G+u7&r#7*Nyy`Um$9V_ovE{sotmDOQ)CTHui zhU!4GRB>4qiwth_;ol?7$*pm}a)1K)@Ub;a=r9+6jr{a!XmGG~|5jA9RbMV)wF|Ht z_P=}qrttS4bY4QFHfoaJQv%5pRx-p}+5$dfQyo?2yr=~(m5h+&qo0sGxPKRz7!{7=pmKQ z4-LHKI)`k!z=*)k=c4Lo6FsME=4l@ly>uRS;mzkN$m`+%fJ!M`k`nQIM`68pZp~sx zC4=Yu_sE!|at++~I)#$ICD={qwk1eV3!V2np2Fc;Q+_Z?4`}iws#Wqsw>oio@l zDj>>&|9U9D!Q=K=q=H&G%9~LEV(DBn)~(b9jRv*5kzcUz8J<4|vZz2P!p|2rcc#zw z=IRfQ!a_obg>2FuzXAaQ$}Es>q&|GUPcZw}09<xZZ%xB8a`3AVCuI5FBd-*`ThK{DroJz0w?j+RFsR1bIFHWs=cgQ@_GRhox zFJl_vO=vt+?%Y<~MkB4u&CWhKIKt$V_9L_3$p;Igzpp-T46;1dx?aGTv{5?Z#=JV7 zrZ6}9;yTXKS8kwMtsA>j_Xs@|_1{KMYHJWFsHN-_R@)L1v&?@nER|^*ZR6o$X<4N; z_j40hbYp9CQ#u<8!c)o51@bT_;Vz}QRg^CfcD@kaxS5%eP+6IJm(!m;-ykORg!Kng zW=a7*%Qas@NeeYp)C|Qv?{<^;xU|P7e*exh8n{eUfc*qW!&HmFj&nRo}MH@l(eYx^C%c<>)RNi8D;L+Ow95j{*A!kcKo;A}Qs#4yuPB z9skcQ0%0%Fqd3)$F3|rct)g>?AX|HBe1-QdEO?(W^>cCRFp>zkRw(B`24OVSez5Qt zBj1S&&T0tvXsSv!;^`k|8hW2mVU}9!^Xcl*x9TNKJrOn$FZEZ#v8Ng717;4(&Pq)+KijS7@BeJGY^hbn%0gqbZjUaHb1tXi zik0jzU(ZfK)B4JXybFR2i4b)STiQIRtUQG$p1>s=oUW0!_pt5xaK%H&F&gI!OYw|5 zSdJ2TzT20Zus@aA;Y@vFyhOC)T36#xncA*b^x_G1$k*rXEIqS=GVj9XmPfiv22Gb$ zh(R{C95(|%4aqjGm982OQ4__eeg-}intC+b1$&78qmOr%00?I@2fg@1M=4E$p>7SCwMtz%yE_^eV_6Z~@ zEYzx29lvu_^6YP7bvW6%#>>m|ua<&{5dAQ2vzXScokOkL=FZi#JOg50=ffk5X^p9A zMBg_XgbbH&#_<`=p^F1|1{bHpH|d&MOKG`Mljox0`kCqC2VD^K#aNM@>aj?1qG+3H zv3G&i4kF`G-ao#jp^Jtah(=snev#TcjmK@@ItwDHB=5m<4HSz(m0p{#b=<4nYalAI zZvOlbppg@sV+siF1ei*_3!3~nvcW+ZDK_?4C!6wua&kGEZ#qOEM=);|-`1z;t)C(e z2%s|oHO$CY@yS`Q)eY=VY7;nfMr332S{GR#g-1r%zBAeAoxs#83=QZDaRd(JoGPcdeDue7US0=c zO-wtcPdASJV~fQ&OjTRm`FeX&s;}>hTr&LZxXjV<>Up~^CkrzjT^uh5HNv1&t)Oc_ zr`X9x)L^x%)QBiPAuN%9V{>D}n)|xM{B;6;bX0FVTW06ZoRT(>TiR8VMNKB6q&eLX z_?WD1a=_pO^|bGg($g3p4= zQj8I9z}A=iI{o|iS1OrRS_MG$>^xHBDnjumW;^Ren)yKm^(sj_+q;79i=R8UfCHc& zv$HgaTc)c*W; zjuaCU@B|_LvS0KNi>-lR!hDDIq1$K_kAd*gWO2&@X}M9yYTOhZn=4-(_q@FW$Fh?| zfypIKb^GPcvT;84r-iIfZ+^EP*7{_>qtFL@tgpK9MZ$VLk?yimi~NPZXGa|B-Z8K% zhAmm*LDY`%@;F7|4v+7mlaKI%iZn*M7FhWV$k9P~KX- z0iJi7mCegTDv6SP-TS@)r+WXjZqpCWiPsmc){kv&yT4sa#WEAyj^5VGXM=Yj=j3@} zxSd$Zp*!EM?+)i&n@b}o%kANCz9f88v(ZN!k@G_%%htR?0KKko9IfIJ&Xe0-2o;v=+IZ0jm4Smg|rcjv3SoP4xjAc^>{O==9*wM zZ>ww#cCM)6oWD`T44X-gi!2!5U`I`&?n^VVp~Xxp0jKS{CB!$eT%GKkJZ)5EJ02bM ze(s@@S*_)IVAehhI5GN-t*+a!MoRq@9V52QRg%WpXrc;Sf1)dh+5J zk~j1o!d{d4RELz5=?R_XItLQiNCY6wydo3@u*4%-IU@p=XZ`8o)3r5;#UznBRF6JN zOQ@@85S~94cKZc^KN@=DL(!YexuffT1N1WIH%3$WDzTk*>umu)%gR~~mPa4iH`V1{ zUIN`q=`n_qcLhPWnhR%;0g!F}wouh)zo!IDK57`WsChG3Qd087rT!-^B*qu)kjKG_ zo+6vA)VUH?4UE@!MzapJZ>=~J&2SJ?x9-Z$*_tMf-J!B_MhUMuz64X;k5ScHN4Fr7=jHp7z|DZ-qoY38~ei2uf1T+810 z?{PC`E%~#t-uUOXb-oz*x#14*c*2n9offj$V+;~4uMh|xHajh`boMcF`}h@=$_@&% z`1oFgY-SkCHe0sOl}0nz4Ea^RKTvN>nB66;YkqDt)338&-&L%4#{q~IzmK5wDT?o_ zWYXq;&B7wq8Tx*IW8KGJxAzb#6>B+JTUn4}GFE1yS6a$fTPv3&q{HoTErWrdTaJhwY4GuWR>d@xz6Diwj!e$xcU*j;BA%Uf2%>VD@Vw|I(nykx zH7wtR*EFXrtx`xu;MQf7)=nE1i#Rr+L&sb=N#S#znku#8wWVzAj!lT@_&nYaI@GO+ z?NgU8^Q&)uHM~r(g-ebdYIb1hE{ZYM{Ls;1V~4jZH&)YERv~IFD+;Hx zJg%DAu6y5I@qut1Hb7(Z!rp8Pz)9e;vb3_2gNype`kRv}rq9kU!acN9@O}+rF$y`X zNz1(R2Dc22q+jh8S$u*X8TAFaN#8Eaa_vlw;zjA(EcM1Y3M9L#{`}R~z3IR!M8}Y4 zV!2x#@gc>sQpl~7*jb_8N62HXm#fy{VahnLYRn(G>}faf1GPf~ABf4Sh!}+}9iN3m z3!=${0+cNi-aaCb#7keNy@qSM;3!lG#zRl%}1<%=asdWGD6U^nsFLz3lET zdzD+PXN#$w=>XRzzK_b|rqK{%QjnJd)27E&HjDNXlE}vTT0WO3rnDw!!_B?E|AU&A;_%d@b5@q&R?_8B*o6JFv#4 zXUjr4*qta%Y&~u>uCLuYL(BPIX5U|9HwmV!%y8TFD2!j02g>V<#<)eW8khUww)3iFXzjiu<0Imi{zZECvBUPYNC7oo2{^yuRO zM$%85Ku(!LW8bC7@{%;}`m~`O8|UMQ`RtJ%T_+N*|JGs!br?(?MqDRC;qx}TRD!NKnB^j^p{^O6~tAPER82n^wVPvY6mX`Ltl$4p7NqBDFmWvDL&g6(| zf>vaX)AmH>xQ-BYZrGj7OCgV?b3w&Ut8ZL|13OB+Yqu(xzjhAT*}1Hy8}C|xmRGNs zHqR6lz@Zn; zWqYSi%p6>M6OE0zsm%;M4tXb2X=y}jy(Y#M0y>)0yYO9pr@`;zSX5J3auhutg@u<9 z)5e?Wjb7WQk45oH%)h!%qK+r#OtvO8dHU-1EBgF=UqVj#Q4-%JVes1Zgq=5CJwx{*@!2^Z$6JLi1Eu-`&X?l3`b-8GjO6u{_ zDSg0!KX%xwG(xl`mZ2iqsvGO9hS^u!Idf{j#$(+-!+xUZvBHPq8Rv1B61D8hrPP;C zJN+<;n6(HhrO}5rtm{tO@hchCtQ~{JuCR(G&GS?X`{ydHMoxG7Am^?Yta=^6dn}qj zS_;9m?U&YrQX^n0fX>bUy!Rc>X$r@g*ZJRH^_jXGkLKp1J$0)#Q>`389A1r538u&u zj;xBgYSZ*5-x!V;#K+);QBLNMp{eG_Ysh~!Ef=h^U9Ip&zh73!>jjR_5q&D!QoMQU+`)(k4|35mCk*Yq_@zZ)aL#rkp~HKp6sR*QRR#<}F^S zb9L1@<&069^f_u6(Snaa9 zjBz2-T?6B$<;x`{K48Es0Gf%RKba$;Z#+5%PbMDsg2ym3dw`jlIfhbQfzj~jH-kY) zS9d&@o?q7oFhsh0fV2T?R))E3&UtGB2}`$lJzKh>o$`}VTA(_M5g5helf2NGqqA5F zd7R>Ay=1f$5ZKKAHk3~rA?LK^i&$Ed(Rmg^JQZWvP9fnT(cNd?Pq))c zw8x%6RqkcxQbtVd=Vz-K_HOwkU?etp8RNvRz%A8!Wqu#jLNSE~0$~?_>#Jneewk9z zYk0I&6}4(xOUxV#CU3V);q&zHOyH=j#2{ldv@^fLZqxdxt^H9bh3Q*FiV&5MkW)a< za*l=hOqrvVrV+yDwVtI`(X0K*y7#y%tIv;>##XMcyXKk9xPiR*n|L!n$6xh%Nn#Xc zy@HW4dh)oU*f`Y3(##F~-_kDiL{vf@FQ15udcQUM>I*Ir+ZxANe9+|$ECZlmZ8X{B zYxr~pI#&Z=ztvjS*{E&d$bFGbx-`E!T{}I!7|EWu8<7Dl@_+(tUB=Nh*ZokJ!advM zPqTzm#VzKi2svwhhp=fH6CZGVLj{uc3HkjGPgji{aZYUzYzZ-XI_+g=Gq&uo$IK!G zzl6h-BEf0Z_3i`3dJuoQi;L21SsD0FMB*rAOss!@au4?T?_$XM&lZoMBCQLpG&)Y1 z??dSI+QB`K#vkeA;n49q*Tsci3fta)%?D+oRhS)`>t&Zs^-BSPgtNWIiNWvv$vHVZ zN=g(yRXa6Xl3CIc#-j~-ZQ47j%8c!_Dp77{#^j^IjM$?>ef$3Zr& zwZQHKvGUzrOYJtKW_}VmM@PqRn7~J0>~A9Z6W#A!5UcIz5Nn)IS=Rtje4gL4GBqW% zev=$8DC%?qYD4=o9+QB(DlA06s1{CKwzjq?9xXeYx&&PVSHQXiY#k6#`xFLL$Ft;0 z=tK2xHfE=;5fi?4s@F~#KseN*MSt#BN)Oxx&VF$Jeb(xZj$EFF54>BH9(-sc2Pz8z zFE9Of_kJV53n(GGf2e?^J_)|RGzj$7{NDZqUhg^YEqLHX`RBfYgNP8pq36Img{Yxn z7LaB_7-Cq;Gh~kh7P73I-a6q;>Ie4QiHtuK?)`JEkL-jr(%*!?Vg<_@mI7Jp*}xK{ zudh|-G_-d{QzHh_^^*1g+Jg_6U~HB|AnqW;Qs?0e39{*iXcf5On^#~*b0Io0wMyEgMdiR85$%S5CkO$36g{4*hB>Z5y?4&PxDF)w%IK^AzOdTpA@T(oYiR59>TYZh@}Ll%HXF^~PXjX1lH9 zbLQy`_%Zgd)Y&r`?59>5eA|o)`b=S9^K~|v2P-SA3m_*xKE5`kJHZ)7jP;LEpX)Nx zj2JhcNKq0Dh=Pd@9u55v_U52**~HVw67tdH^e3Kx1hD2&A_+-$6l{%1sl;=aL^tJQ zMPSHl<6h4Nxl`_WHMBD;^|RO~`7()@tzDZQI@6zceX3e1&;eHWov|7x`Zy8U_p0M} zPK^$MGbXzqItBU4+HRqcW@J}-$L#pyP@yP2e)aoOLb+_xVpSvhy!B%~FGQLT6S3Vq zFsQ;q9oxd^-(%y@?rEih7x}PbT^S7qFDSJQ4jZK9_k@KGTTKMq6mjo#J43Io&Rtjl zzMalbn^{juxmMVSE$Q$vlnD`?;6d7Po83#dK1mvAy2{eNc`Qk2TvpnZoXq1@%O8)? z7|KVTaZ(K)L8q0Lmc`$ViD~QVg559XT+lH_map=r&vj^_Zx)W!J$fSayXmioG98pJ zv?Rov9$r@oocK+!C@=4?HGM9Z+oEYHW2|PFNiO??k?)a@)Y|d-^y@?_7m>T6djH+D z(xB}^&Iq&PRCc7doj<83!S`j*cL_~AjV<@gYe`6_i=|KsIuo1JMlk82(--N?J1 zLBs#{yAf~GoAEVA+<;6@$GHtJLi5#F18n2sY6&oFY8hSq*F*2T2)L1<_p~5m{Kv0) z8718!>E<6-B6C@M+uX&MQgyHL2EVwWY;dTA{s3GU{k*~z8y- zUK?F6YmF5;Ef!K$48#?lHvLaKsd?6e=35a7KO6(qRRhe-XkYv~p8hel`LHG5K@cF$ z4}TPqmWHD<2;5SK=iZzkS*P}`noT~kE7}kO-y^9+q4=KJcT&%P_|mibidnlywgiXj zQ3*+$Zz3OCbF^m`I_*DA%NotK^#_lby1Th~juMxh(qtRK<3i))GH2N!;eqw6OYDIzz&3Zfr6i zqiMk(p?AaDT|R&2WvBilTIXiVFxpu8VCOw|)liq5wTHnOaY_=@((Gu9wyDkg!7?N2 zw&#|uuDu19G=@C<8|f#)%^4ra$N?1?_VM`qZgtS?uIP`6**mf?x^pA5@WXoBxy{y?4`O#GO*Bf2c4@o#uoS`FI<8+v7@WzlF zLs%e7bDo;>N^QIfOYkE?&HKg??RZZv)(=U2euHyfX5+&{@(GuDPsuJWDg-v723v1= zeDFYGy7$DUGi98R(#T-6VgA(gANmbv?1}v539C)=hZ0HQEnd!yLlf3!!^PYyM=J-y zu15$uS*LVd*}>~>w$ItVRGxqA_jaq?CqwDBF`qb@>M8fFs+{(S4QEWBK6ziAKCf|M z|K;W~@r%1Y7mmHaJU$&?Twj?cO|kx`z~FcG$w$L4)1uW8mg?NFtZ(P`=l z`92QgNA6hnllii~Lt3{C9-1~xGQSr$VW3Z73PBZdkm=|j*vwdxY8K^?m0!>N;?nGu z0Zh5k_&24I-B_ye6`15$=%scanU|623P|jpwXNLwem1PuPdY6PexjjdVIlr>Qo%=x zz7+enDjF@d19nb6zmgimBSSv4xjYchQZ|{T4ZW|Xe8)0AnB$Luk8b|6C9O)=hbFdm*;JMFqU*U&39wf=qx|{|Z`UIi+c-%|#dP4{`&(8SoBpL2 zz(cjkSZ%GezrX42S&H?wwT5>J4vj4c7M0p|BWAd-c`i{41sHA3+PZe(lOBImKz;oC z#<<{%A~A1puU*{UJSYu*oz-YdNmmalLx+ukNoQvPRi z^{~`eU9uGlj1|M+VfJFkZ7XTd)ourYk}Ap1B{Mp{3@nN+HNRd8{doFqUxn#dZEt9M zap&tdiCPm5#`gf|9wvKVd&SXhRRG& zfT(?$-8@QsOmPA{JkP(|^&E9qFRhpxmkjKIp&2KW-|68cSL-JO|7Fukg*7q{IUOpQ zLm+{NWv2!%zpE?eWP`f4TcPc61uOfsUp%|WuB(_`clWh;w`VV(kfZTgSmhA18qvHBCk{X+!q;}Tem99AKE)(Bttm1wD@eTz|OY2-vr5}yfuGB z*#4-b_VlzSJKA>o=xF)@&Z)h5?l=#-EPY&5#xFTKVf*c-_E}qr1$R`zcmTa(q-jeJ z-A`7NcGIFp8g}myVIUHdA3sn3de-RYtoRH1%{-iSc2QA6-dg{70`iWEvZ}oFlCAV` zy7xDCc4m|4>4>*RCn=Q?-gfQQs`|HDr?X&sM9slzEd+-P|9nRf(|r4dZl+TO&mTIqgwt z#}(rx&i&I4v=xf6aN9AEkdY}HB8;Xh)!~*z0baO3*skj_VR@HaR0JHoBn^kX;Cav2 zK)0^A1T;6kzK|sZfi$fk)d=E_o8hdVDlN@x`jGt^rHtB?z6Oytw{Y@HaLHtzTOpZk!=Tmf|IlB#EH3u4U=pI#n0u@ zzizlh$R_tDUsC`1XJNw@BX?HhCi}H(ds;yAdWUtTJk8)Mj9aCy&3yBEj4q@K^^ChhLxb z?&^(<e?KVJEebm@Nh`&i@rG{%Vl5-*|n4rBPE(WujiR|4hk+C*P@ z@+|cmBw&o$?CxIU4Q5Cy{$Y{j{gLnEBf{lh6xB+8h>Jd+S&(|U#n8oNqJH!eu^~03 z+haF7N1L1;215pn7Rt5nPdemYu*x0e6wig<->GeWn7JL;$V`x$<1ACZW^N!E)5z?1 zpQQT19R#7*9+Q*N5^>p_gx%~k`o;FR>XRqtT3=a$4vPw+v{O0)7%yjuo_z8sIkSKl zBNwJ`a4A$PhndIFBZu@L+hn%g-sK0G<4-Nz0<${=D!3!sk6T-%hutGQv(h?uou<0$?O(tQ zP30Be>MYgyyOpBn7?U6EUJrR1J*Uav&3B%ZIp%N5m0)s6C)Kf-lBn9Kr?>aE`QU9# zY!&&9cgZO`$rRcNCZ3)dJcT1;-051I2vogndQGkRpJnQg9s#zeFG(?+t4N!ifc zb6dJ&ieM8W$ai2=KWDfq>pp#An-R1f0Y)^pFg5+i_Oe>j=v8mRu~X)}0(VbOpFB=_ zkRu3#?fqjJ^jh_AO-)T{mf1EgZ~67TW2Y12y;~dbhuwc=&{J2u3dvFVV&nv1vWIP# z!sTAuJQg$xx{P=6iEr8I%>TZZ4&FOfXGTg?oobl->^O-;g2{);<0M|+^=2(NWvNL2 zzKaaKRJ|fyJJJe?<|K?JNF_?!at6miZ@}&I_^gCu;~wk}O4B4)6Z@O*$-Fw0 zn@!Fhl2)a}d)M{%kz)dpQ7k`8iR+Nv<)I*((s8MbJW)J+{t?YLQrRHO#L{EIgd;a^ zeQ1QIom$_kuu9D?6T$9J32T;Ma#&KqH$}*c=i7Ud#v%Db7tib$96XzUFUdtx>l^89 zQM_YDue=kFo#J{#^IPanCt^nMx|27Cq-S)`+}zwGB_*FfPi&p$iE5ds4~Pcd`2Vg)Qd&3G`|4K^su3 z8*#OX%ZP=6y(3Re*t%HFYf(qXPHa+>IlXdrb}q6Q(bCq=>6m@<=1pFHz87=x-C2Br zmS(iv^lKW9bbw=JWd&+xQd0Hr&haEaiU^)@K6LQ_7$>T+spd`pirL*9uprKd8BzGV zFq*K}^ywN53HeaLsn5MI&Ix0d#P>~1O;3wY{`r$G)7f|Pd415w0d=;XNf=O!gW2Zr zo6i#l+)4txg^o);ihZ?0Pfzbng$P!xsQHN8^*hO!o|dMN(cj+wL_vXiujItT}6p=#BoIjlCG>Nt4|Kb97V@Ro%uD?B=^g@f#hk=fo69T*+%0 z7A{il9cj#S9jiUc`ps=?C@dxhUqj05zbt0%)xP@@qXq-4=7S{)3Ln!HQ+`GAUE|>a zRv}i{!5rp+K7INGzb7Dx)kDGOz<rSZ*dbE$0RYeaw+RDiwi@1Vh!o~f#) ziQSEJU6UT&W_H_9&=K0UGO@5gxo)p~kqHxF3T!bf{}X8fvVm%eZN0mr>c!@=^78Vs zvL}Y|=`7Oie_EoT`>?=B0Um4F-pB`f{Vr)7lo{DwpcXkKe+!N4lQ7%Oqx+cu+$iTA>|f#G>HQNTFJ@J$QG@?E0u}?KWaO+Tq51#uDKw) zv39wCzhSJ-4<>q*GoQ8Xj=o6%7ZR=!bX(xAl9G~&ii(z&7E32(ILtRi3)&pc=j7xR z_y76xr$yyXa#@+$afu5Odlo1bp}+9+gKZep`4}p<$KS$z!NJq<1qB5qCAU}VpOCGt z)KTVWS80*0!XPZrbFBBksU=)4EiIihgdXO+>w)KZ*d22+`V%DIdQ;V)m$;vOWtl^5 zTzq*rq;ccN#lSt7##bvgAF^;?j~cy}wnPAgJ68Zj{gbL_s1wzfhz`&$C z^O$J_%+-M`z`5hT)u*aP_80P7nS^X-Fk8dB@K?iM(K|h8d=Jdp?!tAoMhhk~m1btb z(i^r!O1?caYg@KH-MT-;jTW?DcxG8RF+watkfkDAS#bn(w9sZ;C@^H(!PldqsI9%< zrJ@bDItC*zu_bF{WUTL`CK3b1`oSZwHZTkD^QTV%Pf5<&-{1d4QL!geH6$VeYIcl{ zuiQ8D;}(Z8>Y!q*(e z&3*0K?pibVa@l-#P~qG)oXavs#mx>4V^hf0%+-2KHHVS<;l%yBGE~&Fx{p$vsem?7 z_o{seLfOhHrAZM536tW2md#iMzOzKAB^X>=6Jo}wlA z(wrV)mrc{ce7C!IYg%Dtsw<7@(eCb*xODA+Jv*V8GG#YB+`Mv*RudLN_lrh-}7 znt{~Z$2a&qzz5D{;$-eV@Z0sOezyDH-)^Q6}{G~Q0+ol&l9lZ|dmsZz^4hCd&_ z04Cmt3eNq4A2`wi4W~&V=+R?O1Rm$(B$xzpddi_i88+pE;L{pD&7hM90tkMcJRNzb@LBlfcWz_p(q8`}}#{b(j!%$s75jO4OcKwZd_A{QFx!$DjvXZ_5H| zbR1#Y6a)cK+1gbE3&J0ZS1MQDB*>9617k_rnqF6QltT4Xdzbjo77Rkd77UIPQenuK8}netp7eM>n8 zY3TK4uCQivU<$!e@2jA(D&qdIo46~t^s{ z?@XQ5c5QJb#Za=u50DHckikx z^p8uryAxpIaJaV@272O-a<~5cd0M=)yE{F9PRF7~Vnb4P@#IQ|Hhyl{Wm&Vp=mRdl zHuY4a;%9r;$BG*g@FY?LJ#hDakY>6m^GYLIOyEt$_Q zUjlbV3*%HU9y}*($@eLFt46}U>P>3SQfrLx**uMwD6;4e&P{NsGLZ`69`OfJ5C7!( zyOt;ccVFNb<$@W`&dwect4?GKKzW*Du-)KXv($@8xTD3~%BaS{ zs~N-NGdBmxn?N6`@87>maLdX1WoKq??6`vK&B1K;{|$XVrLMP{+i zl#D_f<8Qgmd%xb*q-{S|6(3(Sj|H@noRs9hyxB-;%JM4q^XLg@l=Mtg`Y9`8tBvXd zwGbkEEJSmzM zD7xGpFq(;qPN`N7Om@$A-8oLp1gQ77$@`i3LGTjQ!si(WU zOoK}`bkW}B?%lh9nQ(@;L`B^|gXk=`R_CnkTyPNewuF}H1$Nka4&b}pU~79`0w^et z!f!M%qcs4pbs4{X`*sncy5J_zOoup9-5;FF5hIh=0J1!A$I;{L(G zrve)kRaN2nH@rKS4=%oXek#ZTJ10*96}Gv|$W-P%E}_X|7_8MGKEoc53055&Z8`^7Y>+A9{LR|noFF!OkHrCbEm6m?pWqiUk znQ;5m%r?Dzo`ExdcvQz?pbHc@NN#`%BE&i=KG8FY{cvP%bR zwT=+i$>G(s;*4HxfBu^ghue_)QZ6492M5g^5;AUF^)CJO-}B5_d8&&v2M$>ckkzEXqG7|Kp|K ze@k5?%G(}=XL_LpGO9KuxUNtTI1Qb-`i>0ACWGgg@qv|E*^iZzRnwEx9k`HgIWGgjWkutx0BKF!24Ua*Bbhiztz#p^`PAt zFPEvB{|B&iYg1FZaUt;%pY^*v`ona&2PNbM?AZj30HSt7(qf448g@dOI!aDXI}?E@F7F@B%}5gA%$%Q?I04884og*$l?|vH zgO;zOM~}*cURTXGlvM+4P&g<0TW2Nsj=4Ax4q&gK41qv>NC}}O1NxmHc{gYd9fDkv z#EbP2^_v9KkxDlJoPfyyWpIVbWKDy^SIK;)prJ8XPS2XpdgYXt==|tY3TPkeR<{5; zp{u6{a0leQK509|lp>a!3#zQ&U}|euc&Q|Div*O*b`UKPGFISh)&QA%XMSQ!%gi)| z-vY9&78VvgM!cZZVgmyo`Gx_`-3pyNY-Vh(>)3AXJZUzwB>IIID&1yZdB1ZH-|pfG zfbcEqd{2O*amG}Zlx%yFGL-;jfvb8zlzr=fkgxgE8ds%TN5cAzfZz2>#6z|V+Q+Qk zbz`@k)+XUm9?sZY9s!kD=)*MaTPq*IbFHL_u-*ezHh94rL*5RTKf z@{(XU6N#jo3r_p^Ektu_aBxt}Au~JsK+pu(hNIjI3k#V@kW6*NV|z#k`gAY97y@Qv zGDIG@7r7WlOPyDruBi|pr=u2k-I)q=liJmG-}xfc=3)j92aS{8pM@l>hQb7*im|a6 zP(BdZ#XwrFrfT8%msknjRQ@+OIsg90YJ;=3h)^G-laF;8Vb?$^zw%alZyb#Nt(oW{ zHgY6*u+%_MXYo}z>i2{--a^M7hFMte55R*u$X}^0hu4j5&x5L;X1V=|++QCcZ~uwt zPyEOmbb-vf3$PabDXEj+sakR9y}*5HvUne=HwoU{=2K0djFT|veL`qxXi%Z7tgNx3 zF>fTm8Bxcs?{Ci{TAM+SQN8dF_`UVkhV)no>N5r+X7@Wt_2S@=dp|b!M3by{zNEK?O2?*KHu&|5{*5yqXXJ?QeI%g*Y zB6%r5b;t?~eFO{a?=J%@Mu75|<>fcX6Ez1DxpL)-t}(6dRcyh_4g^aA!FT%1nSN7# zzd8lTns-1{Z+pxym<^6N2dful6IKgOLWFIAJ|Tk)01`d721bWRQT#1>xiDGs_AED( zh$9R*$=3LQ^2hI1=lSj|#pFjjpogiTrbgemas;>pNTP);M?J1LGYFWw!pD2{AXHpH z-P!BUfSICs#?`!Lf!u*qA&8fV~$%#hFKpKYrDyc+S=MtohM|uz|p*af0EVvyPnhRmoTV?BylmrBr?Fi>DIV?kYM|9(5dfA z*qH{>U11ZOzKz|PNV zIo{3bp)y=Bmp zBpm`k3LeZ4evI}{Wba1_tg51!vE)p+zs=0fCN1`e93YgSXBMEiL*c)D#y%l zkG@NYZF{ZD;8RMIz`t>3zfs;j!54R^c*s6VNI_klA;bCbgX_acx%nG}PQra=H#YCy zD)fFUnqXsfDL^}58lDxx6ySHaAT3kzUM$cCEG>6ky(qKwRVcSM0W?C7S_s-I&El4z z-|eq1fRa+2J8l-JIdDhOaxX?hEYiEXyMq?xqi@H{Z3tFsp7wR`22%69X*|sC&9;9r z=HFG(cEf@n64zvM%&oGWg{esTisszs4V}lZF68468+M0>mKhiro-4J^-0P9@!W`UB z6(lhdp`Z{C_iAw+Iu{xL-U~&=7nJ*6N%Pbx6>(?2Se5;Z`hD|aVJhBVuw^E1LmEE! z4M^qP>z7d|lzua-^F)9EveH18gC<{Qem)OdHH~;`94%S*@Nl*qZ2kHq#I$C7-%_&8 zkqXVp1Q$Sx7F2l1(^92UT;ZeG{eHz|&u3jcG%SH8H_n9hl=m|%% zcpN!s?06j(5s}8u2C)e2CBtbKd=@NmOH@jmQRg7x;{ErjR-GTODBikt>y-K;crk>m z3TC@hL@#kRxRWs+d}M|!NZ%u60czfRXeej^<0xLljPrSu9cvZD>u}gZ|Cadv_ao3@ z*YfHpMW;M^aij{0pKt=)__!YSgg%4^1%)=SxA*4-Pi;Tcj!R5S`SOKNK!AdEZf?$b z>&2P7ZowVx?Y>&m#Ut+OG2#4X{WS6-5W}NCeKO#sFI3AKS=O#_w2E^v(AVeX zGo^o?C<;g@r%4D+Jws|~_qT9FeYkBGiN77&UOgnruiX>ycXW!tON+@IdslfTZkkynsf(s#i3s)5-Xp`KZKQv}3vi_6DyjY#=rq%d2aC{rXw{P6r zhbXsS>>zsoV@;8Qt-~w2RD<1+YFH!MgY@m9IEY|CaDu-71dS3)a7nEZJRD!`!LtFj zfwNv2#Q{)U=Hn~ex(m@LCN`GK8|XDeplf%zYNWGsa%&g1(+HrqxV=dZt806AGCs3~)-L0q)u^TV!(SoW7r4!|Oung+$+CeCwNQ8Qq0143*M*?I9QW-!L ztCZp1Gz|9`mqUby?h-Hnjv`20;{_X%DQv;{-BEt z>_CU^+~+nU!rnCMKH(S7qZmZr6MTGpD+ZxYAdxStVuYd(lgq+QzdGvV!BNbsoJVm3 z_Z+&%qArSq))VkoDl5UQV!PL=zWLq;wPV;V)P!#?JsiQ#o5ix*ZgrWAPZ=cLIF9$` z;kztvtBJ605#Km*%tv6NPK~@EnzB>k|v9*@MhtR|ET21N8Gwp`-%zV^H%EmzprOXOioRG z3JoPOgvho_f%Tz+Fyy{i*mD83dW8O8FGyPFEpdt34WuQP?h5e4i5;_@t>IWEZwtVD za|7-%a%azLZ5EmKCIHD9SQqekg|QG+)5@mS5+%Awg^*8oq8|izc6M$+3_;ZGz{NkZwF?p< zaWS#8w+H54>?AGmKVoa$5>Tv=&p<}oBg2icZQ<*I5*zs7n{A)U-lX;Lv=!39ha$PY*Hr_+KQ%+pVeg$d zg1kKg>YWsb|;y1%V@eVu-d=5w)0@sSiFQd_I36dYe+N0=~5j{C5&LMeFRAeOdE#!lDM#>J5 zZ0qO82s?Y#c=)mX9n}7GLP7#uui{3R&%pFL%r4F|@S7SL8#h5^8R}9$>a zkPU`W;Eu<>glUog1Q3}GrF1A_gAnXPmf#%_syyEdH8Kov0+3?Q_vA1`|5+R<5dD2n zfdofG-1eO9%f@uXi`X5A1H{6WE436z`ZTh?i}o|!+(Pef0nR?Dng?*MdI6e6pbBjT z%IJSp7D3;BAAZN)Mu)sa0v^cZr_>4+Ui3E8}BvM1z<2B-BUho0C()^WeTM!g^zHDUy_qIRnK9+)+iwgyw20^_pO?s zcmrO5Mn&sS2KYTr)^Cw~CU9YF9JD?`^JnTmn`h~O&1)1Ie`1s7u2>Pb{j?y9xdnFE z%F`;MsG(sBClc82o)8$MDw)4fs$AC-NhHO9#L_#_Muq**Oab+He(W=a2}Z2~ zqc$kI)6OI@>R!Pgb84xyo@xT;y}B{m!5Rf67B)wiVNsl`uc1)M(ZVC3ZW9A#L`Y8x zfN9`}brer*J91&ae5ov>swvg)L|Xe?SB6(dg=9g>9&*?SK*51BJCo&YMUVD7NKP{!o0eNy|QvGG_eDB_(FhhP=d(m8c#j)ZkLJs)~E=N2HjtAEd^uA<@q z;;Rr&nQvQu&dx?Q+I|(rg)%!`jOsR_*~^>g80#IDwMV&GcC?=)?N8f#771O@$?Z=# zqE1yTEG&~kxo`ABsDto4X7;08gB@`O8W0O5{3pg7+HLpHgybpjf4q6oY3tlcx zH-dQJ0cV<;k>N6*RU8YP1L9TV{g~9ib5QoQ2S7%=e2U_MST@IO^n9)`w?Mo$t1 z>*w%a{Zd%SCrCiqx~%S2c=J(&wVbY;4t5w_r7Z-bb!ipo}3j(cHlF2XZGBZrfPz}3>3YM_jsC<4-N zANb%p3X|cReXZ{N-a$fz1Xm4cs$un3%219m^Nn>?K8qVTa?208&~Tx!{e7vRR?!HW zCptiP!G9(Ye4+g$#~qsid3!B_+dj%XnWsVlcd1q}Zen4@arqOKyNT*8ZS%Jb2ydcb6 zEj4i4RUZVOstHjFy0Nr(`+FjzqEa43JOShhOMrzXn5M{&Yh`bZL!rD^pd{iaH~nSH zGBFzf9#t*WN+8=n4%!M}5a0r4Yxk4Zc_gMFU~;MwKdkmu=Pp@1AgCzdc%c$P&%hAK zBwF^eBN@8=*m*W4^UKIa*n?Q}`sM7bw&aLLPZi=@u_~H<-|_Xu`=#@V$vI_n=@de- zTcX>g%}&bM8asgXP^#ys=Y{8YAvlRY zf^yiflU^9={n$cP6t(5B7}4+P>(9Q9Lc4(`1Y{`70V@b+KuHDABPbgV6yk`8Pe`}` zjedaA1fjq6<;z*<*8@-(-Ra)+JWy0wRdokC6rL(6K?B97urP$QfEG5zR@mVdZu9Di zQUPjJ?rwH=cJPycn$B{nb+)8ouORCHq$^Sg1ei`G4&@mDg-?2lisaI8@cTG*+}P z6=*auP^U+lE&x0Eo@5k);y?5j6t9a?bO5>@2SmQ~N9eGq1E_gxK<5T@H4Xyn1dY+q zLKdGAn{O!X<{{&A5n}S~jLs=a=+ZdDsrIoum*_WzF(kW7larGl z!@`h*wV3#fpO!Toz9XOJM&zOOqkw0V$IRtW!of!p`3E3vr5?ShNEg9>eeqvw@SnvF zCX-#Dw?fDa>Tp96L_}hau#ey$OgkZ0C;BG!fAz)hwk`MVkY)S|hnvkyqC4{cv^oC% zVrILF+||Cb?l!6EWwzU2BRZ1bpI3-I;PuQhe*E!n%rPG$2KrQ9?l&mn(4=#VAxtj{f4UMesvAs zCr}Gz2%fzk$f%BQZmL=y?6O|dZ*B}h50siEAuMYPW3VYv(uc%NV-d(&_HGp|xVPY~*@bc@@npW5tS~ju~fD2^%+X8t5A}yFJO=$6LzQ?Aau=km|wnn_52eJ5x2R3 zw4nNjSzQ>4gk=Y?l$8#B2Rtlnc1enn`$DV%hV z50w^rJ&UR~duTaU%*}Z(ybanJF!ay*{HZmw={D>tz;jatPTcJ)kTlHzH!$As3gg!9a&nA9> zo$Qn+nbOHwPt#(y&}j*^wN&CtcCu>)>B;QgH;hKBCtt2co)&HvQ;@2MyXjDXoL0TIzdK8qB}>D+_$VdM2Uz#2VVWr zir&tpT^8k5V_(cvQuU|@?Z(Oc?TPd z?LZ{??O=bIzpR+Mxd-5u-yn?O!gZ9m>rBi=CTzt5Tofn9A-P;?Oj;U)q zbYM*Ky)a2-YrEgR|A^`5{ze7Yi_7Pph*)f9=40H9q#Iv|@fEMPKiOOuKm+L=%qrm< z`Z2n0q{q6N1Xtv-)JMws2;v*D^i9Y)!xwirU7#-hf zYYpX~eCT(gd@Ye#dRd34q~HNwOJSF&`a2I;15HcIb1BWu#&aF{`I;y)kJw-w=F7on zqRya~T!)8uKonO0a2opLo-89Ehf0~bI0o2xM0c1kVOt{*H1U}`7&nciJwepg)_I`l zDzkN&==0gX*!>q8Y+ZG_DoEzN8}bfv+;ox)8Bq{Z#LmUk%|k2~Pt#&$wy20$L~pI% ze+<}2>hihZu&`+dW{-CrC{(%r1Ff?AA4uG>hgcNfF$l8=2++uD9ASAr^~W&a91qJ- z;sZ*!nurT1?ib=apZ8p=2t@kcdwUDVro7hHZ>=WbMaFkWK4Lp0R(30$R>@5z?dm3^W^cQ(#9BdvS6uwGQ3 z1_v`?D#bSNFcH@wpcmh7;|jqaB($SY(~i$g%I+T`3iFrq7>GG0p-*&mj=%aB`+NU|cHD?)JL6Rj*zR z5_Slcltl5f-_nwk6|q>(6uH6x2H~&TRpDsnE-|8e8GkI-S0}PsI8)TrG`=tsiSO@4 z!-9Dd+sOFdb18Fw^A{n0a~%YgAR>Ks|TU_VWe*>!zI1c~- literal 33744 zcmce;1yG#bvMx+WAPJU0aQ%P~BuH?VB!j!VySvMf;K72s2X}V}9~K;f%V2}M`@nsN z?0xPz_wK5*Z`Jw#sYx-Jd1t-7di7e}&(qx#A}1q?jzWlnfPjE5E(TISKtMuAKzI`W z0ugve`vr?O@aL)HCvl}0FJ8>A$Swo_eQ77A?udZ!Iu-cm{G`y{AqoNEF9dPWMS z72H(oTlt}2&ahq0Qw3Ky0)lULQHhLBgI!j8`@>KQXSr_s!PXX+=f$2vN;sL|eS)qJ zxBH2a@a?o2+XJ`g`&X(pvH_p;<4FJ9`ezGpYuAGXZu?bG2xt}fCiwpDa}Y+H6=j@+ zGY=$@+0clE0F#QEI+B#1hlb`?Utgi~?$qt&At%SU8Cz6T)WN|4AfBX{SSENlO(ItT ziab!2;d4{i-rinZy!-RZQ!+j`y`6`>*=ipjAK2|B6Ni(!Ar9|*OTvOJJ5Y@cq)DYz zqtA#%RJ0eEZSoxW{(2LgknQO5GD8sDrc=)8Tm@W{C!K<8ty?0iI6_6OsZwWruD1c9 zN&3g~B&r%apFo;j_xJX~=6TYFXJ;FYh@iA`z&sc51%13S1iZ_%8c&ux{Fn`U1{0Y( zXRP|7srWrFq-13umi=BWdhC`)Kli!auaAg`;IvtAJ6itO?gMMPT16dyy*pLfY!B_3 ztF;V8*Pc?#rQ;yR6c!adTxet!6np^GOCade!hE$`-tOV%_V(R7ofbD{8XB|CK=eFP zm%SNGBBJ*R1Je7F7wS_+1O0U+q=PL)RO5fNk8qmkz_g@{!`I~HajbhevRl(1?Mb;w z%0zHyzCRW8>OtqKuQ@lY*Y+m?X>6D!n}(+O>tb2TY?F>w=?}DY&>dTEktP6?X?Z1>Na|8x{l|DNUqJsR5zf%V!{$4ylq6*!bNw|RNk zpSna9@Beo~PZjt(iU1 zrx9HmlH}TX!uDq|(*?136XHpF*=+G#t|ur4BI!20PIND!pFb^CR+JA8?!6MwsyT|e z+?jOb6p?7{nloAy)uqznS=-+J2;#I|WbYqJx$>*Gi(p%DJ$yIoc*b?_bT2oGj zCnBYevpeI~OF4DttDI#&exZ23yN##oGf(Xlc1(mA7@?2ue1vJqbfIhu{|xP zWQD1DI?1?FSALtn!vIqux^iK2%yMSlonq9!o3y~I$F&8uU4jo=jlZ??-VRyMU+^@t z>E2E5NE5YlAn`g8u9D3J1iurFa6hBz9B9^tA@4J3H`SS{9#57skXhc=O|D=nKI8E5 z3upexVp8<~7SXpVwtDe= zs$5fVi29Gv1>;kUJKQcC?5ISlv)BK07n=zG|9Fo7DPM$WNsZtf_$jN|ft{a{bwKZf z8gBwm*vMvcbK|q;p4>B`C26RS^NmGxW>EuWjgs*CbS^Emi;r&@RL;z8PlzD54riMn z`(+E+@0`Ug@~23?y+V2h|4M@v%#vZmZjEcTPru`PRx{x+4;+;YQDR0I7@+&f3{2ocA^X|uyBhi@qHEA1 z*SM8<9^X|tYCqvK4?i*gTl3;Dg~EyLv#DXY7u4Z;&Lo)wH8xlO#3V}c*-21RZAlmp zGg`2w^zXUCCleHaPp9v;C&pw(Gu#Kkg`krv)Xz51Qef%I`P?9b&RrX5td50pPD`*L zE4mMEH)uA}s#EGx=au%=$fDa_^UWmfK@Zgbp)fxxpuORJ6%iBD2|m2g`TcSLDu;^n z{JCzsPivqkn+<+1dnHOT@smyMw(7B^lJ+U6dPk(u=z_^_=uBqa&U30YGa7rGXJIAd!^%R zBgGXBxy%LdawHO2`IU*XlJfaWXH|5(z8=g_oXzQS-Ayi;T!q}+ToM5!zw`qOZcpDf49k7o zZQ#d!DoMlHw9Q;f-ep89UklB{xnUU=FSVsN)FVW?$j{Cj+>SMZWIB7>IAVg;; zq>MZZ{mMjhb!2nQMqR3sQ(NaZ3eS=B@I@%1*vx+$^@I@sx|(lschu5KrF!1KesXnn zHTw8yXlMYUr5za@K#iFw!o34L9BU{OVIsZU1JB$gzDfS@$8K^{{S3lTxQA+4tXryq zKbh=HJ+TO|@M4VZ(EBc7EzMMKy#&6SnKG6Xc$@9Kn?piu)EjBt>O@}Wd5KZnHoLrK zw$!Q_RN8*PUi;uY-{#}p{PJ0VX-mBoWcT3Uq<4%#lM~!}u}PA5b-*74Sx6m8owMKi z=^-e1NHX?Zk_5X*#m>&o%j?enFK%HpRWfl;rBRmdw^ZCva(7u*eWgPvYzKpZD5%Szvb5B? zT&EQnR`q~9e)P7R z1@H8}(YCn{q<55`;f4wW6U+G<*=DY#dE#SMKM;7e-ySrZ4yUTun2l`=rMx2HF`BD2 z=>8@i^Dd3wlY^YR0~-wm<>csy%k?0Y7K@DRaC@5oAK%QY5&UqEgo@kM-3^4R0}u$T z^Hm1y3lxaP$Ma>$*vv+4+hIVwR!ROjaBs1d_rr(Lfq~t@B-Xse;dFjYARP4dML<10 zoGR5Evn=(K{IJiW<7B-+%52b8rrq4X-(s1MVL4U8+^SV=B0VibLNA5(XqUOhFW+)l zm3`}rRrJ89K1b7*$t}@xKGfs*IdE}6$#H>IN&FdPKu%?vDT7?Fa~l&rEq3b0XKEU> z*vbQDJ0uxrWMX!)&?H^70UKr5pfIHTvH(^7BQ< zhGSyJfsGP2Ka`A|v`S0+N~4z4$b%MZHkOA*snK{Ko`Cb~*RLDHY0XA`(NCTt<5MpA z+*%g~`3D5-FSa&2ZVvY(R905zh(>bk!?yD?!iWqiufPwty1?lb#-v)R!43e6d)O_J zF5EByO9Ww)l9Il8Gv4ayYRLEQU7nfkx`Ts5|G)riEB)^M+U|7u>Gj<^>12Fe4%@|4 zXafoQ&-l7I!zl}Qse2!mC&n* zibZw=`SVh!a=(~xS!P`&W^x^Ogw(5O5<#1;=v=`F6rv-jYH_nREI!b0{TfcK9fqe&oK&q>%Y!+M8Evl>5Ha6zw=M(0wHiy$F zMI-15378E)Qc_Zl&MYuRx*RchjQak>e*C>tn3i~#T^BR4D7`3ps}&oMMpNV%0se|$ z{`WWw#?jBVlSWT0kalCE1O#-huTh|sIcq0~UzTUfO_oL(GraHj^M*XJQIsPOx+Oyc z(P0jb>t$s!pxDGjg&&+FdwZz{)EQZU=CyO#oTLfeQ&V-oiU80Id_JiPY>bI|TV24T zF5uwcoSzIZ)!RS-q38Sh`W6=#-E6Dn3uPH_UpxbV$~sX2Ptj|F%2MgD;rWrWll5e9gm%zFdQL(%z-{3(|1*2+G$GCiN72=Z& z^1xtnfw6AvFA9>#@s-#4VpBWZvec!`pRbp;5Yjy-8zK@23@L#9<*1gcP^`40-3&gx zwABkkefCwg7el*kb@OP<&#h&(G2GMoYFN9yP-*AvtTzMPIEPKfYht#ym?M!(M@?;e zewor6o}ul?`UR}jV7IcKpj-DN_xQIZ#kcTq5_XGNTA!<<6+r5Xy;)XZBX@V_nsv|D zn2%?>vg7SqkEHV>`;l{SaM05ap7@jTd(>D=7G=MT-5JgL47kTuollns5b*6j=RnX? z_yn_=(@v{T)jeMlfQ=0N7<9Fl#5ZZE6hH7w3KptFFCu3IIJ4H zZ(VW~3dhXKbXs{#hl$6_XchD5)vMNyRywaAAJj6biCp&C_NuKO=fJ)P?0+ot<5MQ4 zatBe>LM2*ST40pm;9z{fdI5MpSijWhxCwk&vL^_gsLpXyMsfol3+g$4o~QGI)VMpu zRlcozL(o+F-No#!SKqdJ)ZJR)-_z10q}f$2c?h+LIdX}f(N{pw3>xOwF`N}D#c5^r z8O;R4jw!gf8h``%`1lwlAlrOA4>)PqA>~BG#9CI;B?eJ|+8F@g-0>Aj_}1%eYYb1< z%l>#(n8ISNX1l>2YBHFp&$9z;L_ye@qJl!S7UL@njDxAtltLu|kFza+H)#XB0zebs zkc>6x?{%F023+UlWG!&umABnk{E5LVrpvSy^Q5j}mrIg5ke^jn@Drh2hXnh~N}StI zM-;SeUTEAF@-TBW@Q%V_zOAz$ie$hVem==jVH286i6o?YxT?nnop5tKM9&Ig>O^ZxzNvK(AntrZt5)#=h4}23`O(3mBw?N;UgS zXBJ@02_NRoTuqtTof_oAuK3^>Jen)Sj)nueRPn$~oq!!9`se7lm@lpf!+UBrR7xFA z*81dgMAYlW%4kAB3Qj{Vz!1L4m{T8tXH-(J?6BNx`OF|vRM#i5{hFz*q

j!#vt^gW9^_@cn zBLBBsGrMbrnxM7ybt>G@?TlNW(&6szbzlvqhQIz=rBJ7cy1KpP<>Ib?QKtJ;{gE;g z5(YxcP_CI!k4r0`^_@=7%V=jFKJPXqsrid_K|1xnUN2rT5=x@FTQ#_oc{Nc1F)Sb<@DIYID@ZAagA0prWH-vgy;ese<3Y_AHORhII3dtfl zwJwYZa?BJ_(t4SfKcA#&LsI|XAR+4@U?rndQraEXRdN-q0rZf`!bZ41lyce9vU9n! zJ$S@rnGZiE%;Ts&*7ip#3UpnI9=N0h@ekuq?M`}?>oV# zX2HIYq1DuK79@KJsdd4v6*EvE#LN;yF32G!CZ4M?{|rKYdd~-ES>-S$`nqA>`zV+= z#M-3-FiK4Rwq(8iFbkwo5lIkD^phRNz+Os<2*Z-J7YGPyx-J5OD{WgNx7j6LZMBY1 z3c~FSR&=Wr4!AQk>>meSDloqvGUc)2eV#cce@ z%Tv{V=RVKT;WOs#1KbWoct`(Ad!M<>~V{q7qHJ2tq)dqW+G7-_4O-l)NYD8$^gYt4I@X z_@l-#?DkJSUv5#jFwrDg|Kh6SALV@bDK| z+?LA`!ary_z8&70^b$C%9%-*$6FPJuA$^W!TX7e8yV+ zzU%l6RswA5>XrHR3b2L6@eJDj>8YY#3IazDjoD;;U-BjVa^?ejL zY6U}OBX3NUC-zfL!?fpRf*sXHm zf@ZO^@S__{e92wsHkLiz6W)Af`uBE&n@_6MA9hI=wmzmrqSWXKaX9RLW`-E{V(a$Ld_qF%Z+{qu zvm*d@EYf-ym^xc5dWk~Pb`!+j6W$X}1a3Ks84=UQr#DCE3nZsl4X##+MyQp*nT8(@uQ7Y=udl!HR|bLAs*SHI z+IqABzE(D!CnNe~`6e6`;dw!HHM!atvvjAoKQezC=#s|a%$G4jogEwdyi@~EXP+Kx zR*5YHV=f?W?dCor5d#svqj3A z!`gE-)|U4(DV#PR_;h0OqzBLmwcA}7emHJsM-6K?-7hsC64nE@;dKdnMHTsb*GaPN zX6IzxKQ*7*-M!J>-F5oE#mu zrzjWj4=1a~J7Bw{rhL~n=XqZdyG2j)u%bGCE;iZEc)43yz6Y3pgUVl53b_iBZ|m|} zdmLaZo$Z^0+AVtbH9g@^i}d4<&^qt(Mfc6w2;+^z=lyit*Vm^?UAw!qnq8bBbG4^< zUVIJ{G_1X4nwO_UF%%3h3GInZZ-~Na70!$c9g}!XW#)mjT%GN7=9kFO>T16n!|&}G z*Wx()y?2>7Y48Y7NVu^dEj@xK9_Pgs8Z!v(ID|3pMXUx(Mc9y_aFxo4JC8YpM6LK8 zD!}YPPh;XFYGY#j>^)~sYTIqp2`~j3l#BE7MA-<~E!N;9ROIG}T040UJ`h3=4iD2V zLfWsdCjs7vwN*++=JfKCajIv&d9f)24}847^SM3kt~};RXb6ZRO~zC}LFum1(R#j? zwG{{oQ+d2^A}zu9`@hCU1hmaeGWSYK2424O{`7eOJsDtCRtL8gg(*!(QZa0f_e9Q? zmzP=dWfS;ze%^cQ>+5G_c@qH=?QFa&Stgv@c%EC8Z*}keh?5o)hp%U^OIrQI1X(IO z;>*hpe>lcQ(J& zsrUC6zut2Xm~JE~>a&sicy^b;(V13Jz(dQ(Ebbg~MiL1&8$AFZ62zdDl$x41W@fu2 zqjNP|bPN@VwR(pe+NQyGIUrmNWF3{ztNj(&EGB3?Ze9F3^xmEHRvJ1qYGuh0^Lm_} zjtIbxa;|%>D#-mJiMh4DXOt@x-g9}>m{)`Oql#y$Ml|cJNLgJ zrIp=0j92n;OL#v~edTGeO{^jBLK{aN5E-ji>Ey zHvh1xxjB~D2FldTabIe54n@jxC9A8Gkk>A<`0 zxzFN`8zpbEyCvhXqRL%i29g#y;aZJe?gzII38|@jTU$=sC+pFex`#LAXrx%K7g9j> z*De&73|s|_6W?Q~3cj^on5{mh&f)R?XDz_-CNVJyAnN@}OQaTLL4riMeEfVHVtIJ~ z^y1=b(l*H{~Fe&bRJixc71%K77No2o;$dHrg#p4ZUJeW)tb@A4po}6gZSxgqY z9@al_u9u&kA)N|-i;Ses1}vHLowNrl%kP=2Leta3kfe`8QjKf8FOSI92Tp^Pa-eZ}8!LVd~YSpAUxxA6eOOE?Vj6<2#M3_MLp1-U-XS1-Z}#heJh99~h%F?X zZVucOm&@eDG&V7D*aO2tq2Tr{LIk>RhU&E%!XPh!HXL}69{Y4Nri0=svXjkHTc;%H z0TR;n)G!hPU5GwcRQTMSI&cZXgi8T%jg5^=8Dp46F)RKv;$Agg5`+T$z?Ca6zh5Fl z(3N-abf~WbKxaxa^9`$n1-yR5hRfVRxBnj&R=fnNIwlAj8?SFK)7nyEfn%W*$YUvm zi5b1Y-{Q9uGF9cIw%mlPRc;=R(*W#OuGOeqsHDk@iBNzBKY}*+naXckJ$P98hUc~) zCu;$pEHI!7-DG$Q8v!%RU`Iy>@R?9I92G-a=L_UN*Q%JlS5XIa08Cl~{Srt}Va5Co zej&^vM6$lTJens>M8Sf8v?>3nlx5U6YM|mVEX;34zD=Pk$HBo+d`oITs;Pvu5!nGO zJCHz`2SBF*_n6@MM;(d|_J5z-f=inYmOy`l1C5R*CnfpY+2U6rJN-bkT!C!gvJa2N z!!6D{6|^dsqU8LAkW%d>926BO??0~0Pa3+OTp?>#!LYl9GmSKkUy>8QG}qo5?{GWF zV|saF@_Ock);c~bV5o?A%-{WVJouA2iXw5BJw<=Qbd0zYlKyL3pJP_?ddLez$iQ3B zx@KQCG<>RHX^JBEegc%1nw)$;HGlf4$)DY3E`Q1QrD$Xt`@YA~@>p0Bs%9IX-73)` zKt7FN>o!_^p1=6a8yI$F(MQ;-qx)1GzGw)1<=IeU5+VmA3y~aXs_|Dos%|QUPbk_g z#pD#vX&>wvYfsoq1j(!6G}I^QiN0|Ykn{fB!Pbg&0^=SD&s(Sauj_f*wzAh|J!jKQ zU55l8GH>TH>WTcCFNs|o9R(aMdb6JH!tPpJL1ZOg-aaZOT@pw@PEdbJVu+#5M{8WZ zf5Vd^mgLYsIM&psM$r^I*wZy$D$4PyIv~m2%W@M{&zoJI`Y=@ccCNVdEtV!PulU-J zBY?$Ac40^q99nAsB4)&z365+QzYOmf(!4*0Ynr=DJ8Lt<4KCgbFQ|C%nS(y;Lj!%JwO3VG!nMFvt)HUt9-RWB4 zDZuuZEs3o){B3;pHHDMKM(pisO-*~){6De)7L-`C6H?LeTOf>(MNq~YlWt;*;AaP8 z@H}`_@ow*BtNkW)L;DQs!klVG{;Md7$6fU73)z&Fx1$4Sgp>rbpw)E#f^&cMI6ZCD zL_NYd0|w-(_DYF@#K*Xtkpmm;WXIsU8Xd=qtY<2=YYRRsmQ_ML z?fD#ik6UjP6fQEK=X}~7x`FSvlJlHFv#rkZ(ymlxx)3@r5I$tc#NChPLKwXo`<$q#X*-eKfC^TA( z3Txjy@$DZ-*u;z)l(B&)x__elKQotFpLew%Rql%;F1!$FYto&XV8d-(JZ|v=OOrxI zCvzF~8MLX`?j1oU%|su3;Srd=RbarMgM2;?fnS3W`OnlEP&407^yy&|MTM*63=Ir8 z+SygWDK-M)0W8eU<&H!kK0d%ec75(wTa8fAYGKf7>4xzP$>WW@iAmmZF$cl~1Mxu7 zBpt=->2WEX*T^L1%0R;fwyops1&Pjy9TUy3dia3iXq_Qe6MxD8GV4C4q2by)IyyM( zPiUld{I$&0^LSi;K0M|Id{S1SM%0LZyoDch*ukW0KiX zt6XsPWPHJRlF1NBZbe8ETn3?Bk{0^#hy);e*h=h-HU^{D_r}u(iQSLZp;+c4%Y`c0 zr`1sWdwCUm#B;GuMFYaq9d0);p)Nvlk)GnzMIUnM4vzwy znb?QC{19|AlKY;)??MOAa{qP_#G&kzSq)Sd9BDl3Y}wxAvOWqRFb}6guJtq|iQN9X zFB+x8HQ~wdEHXl7zi@X0c7gRqP*g^WPVqRhdkCR>XzC9seo;ocueMAErnXL%E)fW| z!pc*9yPRETJG0xJukxND-@FJw4C$)#zK!=oKG!;hmiHh(`N&^)IJ49St>D-X^s2Ip z6Ukvm4u44I2n$#Lzl#n&I9FNU-XHK&ekDA&nD}wILYW_a{4Yo?E1W-+XXXJwd3sz% zxfzKrj(dInDcR!dkxlL3ktltk;KNE5B{G0v!Q`H5S$*0v@rYmmLXnKi&1)_AzWXbA z+8i;rhTF(a)A^VtXE~p@Lvw2@1Snz{6{P-tNR>w8^3EM{WA^;{?6ILHlXftWV(l!l zP|db{&vFfcymoUPuZP=sE~;k`#>+IINa8}ko68f(Y%CH0WazgqoNd*ByX6ntQIm%JVIyP%>YiJuFgPH^Eh|~HquR< z=;DpVK0Y#%qMz87rG0*5ih8#HfBP~O$RK=y5q669ynJ@vWDUjxiS0lwyN8!)(m#Nb zfekZ=5k021go)uQfYeihX8#`KYpXp)s%WFr>6OeMM-6z`i7}qdX40&+vRJUQxA!=s z8JAKuHwX6_jWFH;r^G;iKlA>{d8zIW`F|xmIw>BF79lpC>ibMZBOPgBaPX{0U~q76 zQRnAh?dkgvQL8;F1Ma}!u1^xf%gwyY;_^q?#r-_9BO|=;cg=yK1Ytkfj13@huFjRd zJWE!<6~T%>2t%Hmc_BSdEXtF%cvhuGYg0pc^YfKuT^l!dwrOO9jSVBj!(Y|r(XJ6j z-aI-^ymV)ZK$>j7;r8@B8J=dE_!?x=&exds{)*BFAZ1U;`6#(}wjl;Cs!oGjt?c1& zUILISXSFdh=6AOH;QHVf8L8@XU)|f#w~myD*h~*(sbJ0n{lP~aK!TmYHNYCKVP8D| z$P}F{!!?QMVy?#M6YR4ZUqX*rGp8CSvK-bUe=nAMnn|t9ptd{GC+V)hvbPJ6@7-M& z3zkCSqoQ)BcL5wEn;N#%d^w|O8^K(AeK&CUdz|cjToF*tVm;o}$ZTdxEiNPDdBaw3 zX8SL)vOZ3QN?5LpA9KbQTawszAtOb0I&i@doD+%%m$wTH)gwgFBFP0J{k@tJDP|t1 z3DkN5WqZh0x!@_^r4OhwW{bADf8W#SwMEd&Ilu1xe}m`Qhaw zt+A{d^YHO}m8H~oi#|Z!jT}sxJcedI}rY&wxZy=^q@3 z%Tcy^Ube!GyS!_-j}0FoGdezOAiZ{MefX(!3PPKlK{bqi_J!C_%0eMW#<69y-m(Z# z6xtCQfazYyV8b2Egt-FdB{W6-pUFYO|C}5wI(l8=hbmVfvTLN}^q8^H6V@le2A)ao zcWY=!m`EO5m3DYS;()7!-~PzJ-t|KRFMdfHlF+_#+&}y}a1-Z$U<(9V)H;i4)Tj2An{y zsvG+Ag8p-rm-;#R3vKQ{W-@~!Q`0&4i^OAo@;6T@F~(#=R5apRUdFpRFtL}WmU(&K z8^Vb<1Uczg!gq8%R8*h&c>H%KzAIX)#ZzU;Wkh$toF?us-`7d@7)uJL){Z|bz$v=& zav1xzdlWTZy#({Ru5#~DXf)}cqsyP%k($q=l}aH!A1W#kXysKj-c+v9gb(k#gZt0y z(|=#H2j$W6{@lz6l)ucK(Lg1~XE!=UWjHNVo(6aN)DIzL_R$RS|G zs{=AuU7U;Uj+;7tUsTHGM(bdsK%HHiMwLkUbb?jp_d)L)#_3yWv=S zM*+1vdM?T$%V`(USGG+~`iGHC&eHQRpy%;=MP z00uC~zozkS^WI#Mx<$}czVW%ueA~lSW$8e?ml>a`7hpJJF+I7+1B8z=%=)ePSGMvp1O$>5=yf+RGB+t8qI?9Vhq|NYdNiW_6Bl!>Zb=Gy7? z(;L?Z=oYS_o$lV;v<}I;sF}H0aSG}HLHCo137?KT^ZR>r5Jk!pnCF6YlWs}g>0|0s|XrK2#YO9#>*l{-hT zPs&X_FENQcL)0S3DJs85vtAuwxG7+_Y?a7SUjo76^1X8;Yr0pxhvLUCt2yq9A!h#y ztJZD;SoI8!RYRwfke_<)_N*vaO1=@u82J#k{v735oV(_uTIu_`yf%9p)&Z;N8`2bK z=2dwGl;{A)d2qmJ^80bi^8`VIjgxx012F#&zn^|ANg=9sNa$P8RNgG$wN@h}CqX`4 z5Cy)pArVLyG=v4>8yfu=PG2Io$PD`9hZ3}BJiier=jv`cd8G8otNHjLlNQoc7$x5o zM44I3QH&KVHjQbEJF9ryo%iIDqcm}ce0IKf$*{jK{JJ<)D?*}hfhVLGQb zk4}Rwt}9J))U1Zn_T7-jWp(y`yVjkziAkM8;kO8G{NIJnm5V(Q1cc3(1qy}zeSMlR z*oHmSG-1%_=zXhfdQ;|@*(+i`0RZX_yn0IkupSN$bHL2jhwCTg`;%42Y~J$+RK-qa zUCW3>61v^Woa9PQ52Vq;)jC05#^RTs6Jg9v%FGvd#fNpWZSYO+A;U#yNW)PrbHmjDx24a*Tpr{*HyM38 z@pXA<%pU~abwLuO+u~+DH}SID1C@-wAX8|p*3+$?6ceyUjXEctzLIyX%pMQ-f;u** z{XpbLuX&QS{v1mlU~g6^mkt&kr5YWXoMWptlxyZCWV7gvoz2<+BYNmqco1gLGXJm~ z0eAMkoBjWN{v+&D)`x1(-Dw7jP15p8tIR2sqr*q%#nC2ksW3btB>-289J%6D6P@xJ zESdq6z-ewor*?(8hASRr0tCAJjq{1T+1}zBPabhX-V*PenD;a}AiNad<|gEyv)?wA=cWG@H4T^E z7ccaYe3q<7j4kxY_zzfJ58Ms@IZzJrKh;hLFuDKUh>!H}lM^p(mpYYPjtY9yeJ%JG zmv!CvdQ=8oopJj1jv%C&7R#q&m_|1@wh>|bS6)iL z;CHLVjO?8m@K*@=i#u0{0y9yt*z2f@jYlUwp6bkDf*EvK?SHQAgh_r4P(c>-`o44J z-*$}}TlCh8&fCcZ(qdvZ4-fg*!BFJ0L!HL5zeQvly-$PfdH*WtZT;~^Ii5<5{=KB) zAr#E7ZR$!k+%^ZufkxPK!aYUso8EwGqAR-jWh)Ja=`LTf!YUx9TNcwL7d z1a9xBCx%Q#C_Oy@+RtQhEOJ7hFGnRwt6LwJ*vCYQ^2O0iRbpMY39bob%Jaoo~* z?k^^JO53QI*uuwdhJE3^y>LeMBnBaCl{n{r;b=cMUV9D8PSK8t;*^iH-O97=e?*uss@@mQqNtmfO=Jx78wMOq2jx4nTH7P{2w&@f}}g&25rEJuCh zrZiPl46y5m0$7oIzdVy|U$}+f$;qC9WL{PG>Ga!fQ2sWX1==7Y9j#r`6Q=Bj5o#5c z)9LQ^FJp?^wbj_LfU_|_f{Ca;e<&D*4A%c`ovf1nav)C|2x<<;o2%`o{}2ObXHL2R zm!Zp`&iasJ4kY(uJxb4kk1#N*puKfiV;c;f0F$GCoXy>%?RiNGsjvwtw}nxPjsRy} zoLh7BW@QJKho4+APGzcZXDv5eECS7(lSN` zZ!sn185&0U#b%r(T0XWva8y0DQ9>^G&BM(PtE{g#t^BK#kC&*C$)%JQpPSa}`dfxH z)28>8j9%s|%+cy)nk&8GVl_BW(?zHve_m#*Y0oR;Xxk1%6_p3 zVX0aU4kjjMkr5!AFJZTR7nW{$bg&g01yL0t9;rwj>a^+~gaW9&nXP3DfCLK4L}HW4OBEt+rD)WmI2jS%uY0{ ztgfDI$>$}J{{DR*-IuP7zWP`dZ#cKUtJxmy{#ken{crH&CP1hl3|HyeB%GmdygAop5ssCZBP#-Rm5JDz&B;kgk*p_O2@rpA z)q@@ZMMHLMkLTd{G|tf*C6mwDij7japd>wNX2qpt1xIRfsAg;&h~n4IERPi+sInh0 z|Ib=?x4%O>C%+LKm83N>6LXFTcl_So?v zt0l3z%-Ui@@u#Ua9qJM;g4>vy+sWU`CPz*al_f$yO@qk|f@PhUg)=9jzZhHH(?-{N z43CTN9{g0%{Tsm<&MyMZj6~B+FpIwA$t7Er!U^dVE8ucj41}2js8r}J1+(*kzSEqb6{$>d;FSU0T_vH-O`uaSUn%4 z5{9k8YA|)2jaTtB?kwu`xbt&!8dOPmZ#q99ei8cXb%7FHZPVE#Z+iQy_3l(>Yem)! zM1fre^^-aTghb{%$NOYTjF0IL3;Vwat*$Lhsfk1jN1d?NB)<7bv?CVhzK~1#fD+Ic zw^Z)~p>Q}jwiwEs*cAN8U=LN%InBcmrj&JjI9KBTBBW<(s#-1nG3)DB#MZW}Zut>d z(22otQ(a+_?2`=VLJ4n8gyn$sy{mGjQ>ylsr2n4Qn9N}Db^b?s8<(SJPF0S%dzd;D zq;@-(45EX)qD|EHdWdOGTM+I;%_WXRA$$Uz%wVg!`^ls6wyU>SbEe9$H)1kboY|uG253_U*g_c@nRnSgfBpn|XV8eb zAtHks+u%#uPmLijm!hZJW2+%&W8H1+>S1y*)lf zDnO)$k##oWiXthPXZS8Hc(wh&6pe6TLz@g)L%_fClTYFLQwk5S^I7ODhSp%#H>H8Y z7T1qcS&ceb2Ycz)&u68sxsIC)0)>eN!&R`xvgNTPJ>EM{k$GJkSN_sP%4LFH4{T;6 z5OU4|oqd&JV>`tK>!%w@+d;vfK7IPuW~3gkpJ*V<@hvp8cnj>%x!7#GFjGBI{^>c^ zSgB?`@Ph%9g^Kw=AIg&3?jg|Ob8)yNXxJ0BJ)X}Ag!w0BgFpDMp^=iv;Yh5Qu(LjD zWtM)R1Mi#Y{cK{Toj&A77#=ph2NF3rij7Rkba4{DHg{*hI8Sl41HB&*Fr$|Kf)@8i zlBqgv?LJT7uoy2YX@x%L#v1FHHSA}Ivt$?$jKb7?Tc6l6ph9PY9|(2p$t*M>Jr=GC z$UW(hY-Ai#c!nszj0R(EC^Qjpqpkl$9p9-5xja7JUI-C@eH1wEHFXtf6n6ssP%S|E z{d>ezLtwXD;6|*tZ;Vg zT>(7py#+Jpnp>ZqCMKfli>qt*r*HYlkSYiE>@R zC^0sman9f0A83Q4*J`LJQJ6iE)j#PaODXpsVk@BXRmo%;@1;60Fra9L#-gdC zBO}A_if8y?y@N93*Mb5Yaj!kG>s1sb=2%WOXyWH=Qm{@{J-}#1R7wYwb=^B3k3gUA zv$3Wo84jdv9G~J51Qwqmtx%;k*nOc-Q4Ki2PY}xmDLH_9liGX1kdeP_7m0gcUU{vi zqbr^1M&g=BmUC3x5%CqfUpNuvDscMe}m6J?5)LA$!s*0fz#m^{;Q1`%kZ` z=}B;vo?%w%hb7PW{e|C5!Q6A-cJbCCOx%Voq$9a&MjBh1Z3tI-v|y~b;IbAk3>}9J zm(8QQOspJLau(t)NSs7cKa8t4_HgJooXYRGk;M9RuiA8DPn67i0+0yk$YTO3+knof zaH14``VmeWX=KYO5>DJhBw#hAKBc2=RPGI_GmG<26cM|VS9(?`(@`kICEnkU1fKx# zRc@gjth*~?Rfh%iSN{57aIt|kCaB*op#3T*X%+;kPdk7ug@J?3<~idBr=9Qa+;cV7 z-^OWFlwumwIWIK&A7qh)slIU+3G~TFgE^52Mh`AIF|ZjO?~|~m;MDVwBlxDw1FN&4L(&(y0J(`TjJ%#zdlw!KH`3b z8fR?_F6!fDDaakK)WZ<<41&z-6c?ff`;aGy`FFh95!a7 ze?f*AuB<#)&zu=S8(*y?1_|#NBmpwHfP3C5ybO6!FWqqgibEkK6%u^`T z63?YkL3)P#gwpgVy4G^i4Pz zNEkggYFA2w&Fm(Ws|k%(hpA{L>8cD|m|L3y{D~t3iatg8hGp>{O8(R~{4C z^tKN@ZSAWj$H1bXaJ|fbMUIEPR?RmHG)s0I*$g&eNPaUSAT{I zzyQ<`6c-ejU7xJCwYB}7HD)rDtli=^mdtkz<975f-j&5ADyrLg@c2K8;i+(r0Rd%Bby;GRF0DH z=FOXcAj2w>2ZMA3ohkU z=4ixQVMGh3Cfb<_jUgc>S7O5`3G0+O!3{r9XmDs2ZEO<74U4`nfXZFpP7HzGi19r;`rp;Ch-C9=JL9 zk5zI}YNe-A7H)hc!{ZGJrnz{l38`qyZ$u{*%qUPgt&fm=)>jHDR3YW|EK}{3J1&LA zeV0priz*&mAeDRbp1eb@i2fuDyU-GIY?A%6X6u73M0LbxDJZv};<&KNrtwN75#p-B z#pgobpb}FW5%z0E_nY^qg!S@<7putF|7z|#gR0tsHBl~l$$|<30)ixoa+D-V<&Z%T z2@)jdoO4jgq97nSD@YEKB!dYKStKj@kfUVD)0=yz-b~HZ`}5vZ&8b_K*Aw^JYjuD9 z_1E3ZQA9s(llLBG>q>^A-)L`ygshI%E1(xSd&g;7NzbzCRDG|R={+do(W$ytx29z* zv-735w=6w99nOdUdD8H(Feg{nE)2%r)pciMV`@nzOT{&~gqzpQpfg$M^SZHX@%E%u z)?uSo4A-x)*VWioR05}fz~JCuT%oCniHD~rb#7WxlCbl>8`ENUOP=G7!bog)x z2?;GX;FFR@jErQD=fUng$E=16hA+`lG^-E0qgot-Q++CLF^Y^#Pb8s^Qrn}Q zNK~X5L1u#QK}IF>vXfeA_2*=T*&`FislV`Vxd|Q@U{v=oxAgKk6skjCJ#fP(p`cG1 zOMGCVNB)qiXWXeZa3I!Q=^A5PU4=KEdY8jbz0AyS8Pn9-GU7@k&WbaK&Md|j3oZr~ z{$^}%4@amTx-T@7%0CYc34%r((X-6O@|KFSs@b!>5`RoHvp+pEe8gOL`&%#RHI*0= zG)coNT=74WHOo&(841jXmOIvMNXT;wOG$WF3i$W4KACo6O$y$d5x2?njy*Wq-;M@> zzrVj4yBYvAfVQlPiK?}(D^RoxBK45|YOh^eef@MkGXsDRO3A_+f1>O~62>jz|Fr#z zTIV-gp#lqbxuKz=-hp2*XjNt9CZ2ZV(*Ar6`S!W%-}72|+&w+p zW*iOjmS<+vR8*!G7un<5MMcwehoJtuKnLzZ`Jb}sRAG_#%hD4_7ks$}^ zz<$mvN-S?}89vSAq6YJgq#F(~!%od~ll@o=+e7Q?W}z5a_LZNXhPXxyyD&Kkw?fUm zwtCkhkH>S^#3aTjXcf^K#VnmCM*`vI(;W#(E)7ocZfs(yA&kN-wt+@2*lE>?I)j)nM7KnA_ilNaiu$ajOW!f+fvBi^5rXf$EiUr{6%u|p-bwP z6itzdtK&4%YmvRzLquLIRcP22hPXb^4&7`2*!LF&Yoj z#75Ka`P2Iyu0vY_mbY+oTUuIz0|RNHw-~sp0xcOCOwT*%>x_(0h;K2#{TflDsj^MC z>eKOJTia9^r*_i1O!G&z2F2`Ig4@~zDThDEFO2^B^J3)T!-r(rrm`p+fdM!?BSk5# z>&73q2)C@G6z+t6SidK7eZ_6%_fI{1d=vJH-#4aGGZ;A4D2`OK6GJ>*mNA1T91PE} zf~>jzk&(s{9~KIE7^r`@vRV%hw}vXBI?2A#iXZz}b8;}f{ZWd#UTeg2G_L3OK`qzc zzhnd2NN|rfbhd@cWT}VMIW!s5@@i9Aurh0J#yk*H*WOgubxKQd*#Tj4pVFNa1on@ZwGZ+LVXy!TQ?y`&=OY#b>m zoX_IaU155kkMk69J}Z(zgD-27AF9mHPh~8RH4Cgdo{M}J7F?S7T2Ah(uA|b%MygIV zBWLc?isEbp>n$x=)WS&3vP&BKO?Qm%pnvn`+jA@N#_3`#TM@r`nfNg$$UNVegK{1M} z#J+@(xX3K}{nra8>5kA@?;W1_CGhGdgbWM}ha-bN`ywgCW4*mj`&$cIT+oa~!YTu* z`o~3So+_{$Ooj23^E$PsoxHwS5ua}YeJu>EMW0a=K zJe%W{O!*SmG54hbE?-R!QT`vZOVNH}4O0?~;|CE0sp=$H!Eo&pD^gF_KV6ur^49oT zS9isaT7x9Tp(2k*6PJH;(M0rXqo7zQbUxdn_qf7X_M|o1g~PkAn4UwR;ZZD;o6kx` zBe%|w*VJFt7Giq({;lY~JO`s#rZ6h};_vIm6P8xjTGiXv~Scc$7LxtEUlV#Q-F^yVvs zQE)B$l@A_cs_;_AyIzn!+rl&slr zqoOc7iJ_6C$t-S^l;lhum!%I~+~*(rFgkLkk;^hh3d$Z0m#P$+R!5@^_i3AtH|Ijx z$__Pg!l>vKD7wGj{jh$<_=#o3&+cwJfOoUu%XBMbJJHjI9$ zW+SmWegpB6|3*TGI@Qq&PN!YR_2Z*3sW}<1)NB6%KVs{JjB-)hCGLYYZid>ku2c1- z<#r)Ou~ew*vo8-nnD?A0q{yMYgX(-1R4RXqKgxbTGq=gN=UDF<9QdKS_Jy3>mimR* z&0Zg>(v4q(3R1Qqn5EwzH}De*%AK2ulFBa@IK>5sD(ClGR(O6-zb6qyWI#`4e>Gb@ zzdiLxL^AGM?$5m8GVyo;C50&K0bOgC#5}xdL^6GuzylR8z0{eYRY-A*LK;m*Tkj$u zAU`)q^j^)BuhwL;-L&H3rAx*i?PUA+XWM>wsZ?@lGV08HM5)@!q?x6WQVs}gMA?Lj zTV7Dg?K@HH4|?oD;k&oU!K?9iSB0);EfULHV>0q^pDuPzhg?);tFP{K@>9|6cvmS9 z<3wR!w2j)8K=KkdDVq_T=6@wHFc2t5waY}98OKqBthwXNx_D_DJN7xw37w^^kBIQ8 zDF{K%=?7 z_C6^o$sae>-ET6d-!kxiWOVc+Wo7+LYHsozZnW+XTU%RHLdWp%UUgk&zom{*3U#nP>;~7V*1=zJzD)N+Q3# zhgxX|$~M>6KXne>MT?1vNlHpWp<(`2N_^EvLEIK@Zf;&Or0l^TKe|B|v4;;MOD-V4 z?+e{`8Z(y@T;qA<_nk$Sq)?o{0$SbV$uyAwog%->!mGoi?6XjxSzlMjL@pci6~JwM zJs}}sAoKj0t*1UaPi>RCKha;SZw$mqCs&P_yWM09zf{fTZ++=4UD7I<^!*=R+ci~H zs=iEWnBif~{J)TI?xy?xYE$SB?$*_-XYcX_u0xQFX3TB)c&mN_$d5D%F0G+T#riLV zJKmA1Xx1TRyg;)#X&a3#-5)BsXm5obIHG zpPh;othc+!Odbl`LUIj~1L%{YBxoQDT)>$3W+(ndmdDjCi1RWtb6fctvrC4`=6cyh7ra;HKk3Lf8__;}Tw> zB_)|J_LR{qa(R=KFzxN)5svL`wBG>pe=-%87cLX=DvVkXC!>~AzshB=dk!+~}7k&U6&l1O@EpqL>n*^cOf&1|xedB&x=@s^$ zcAIn26X`^>De>><#O5+=GdO3ue)2t$JZI$1bC@4QF0-B;gcT&D=G`Etk(fQ{*Opc| zKJ1FqEA8eSYV=&XLcJqEJ~lVgdQ!TfblzE>h_}yLS@|_IR8eI&v3njPm!-q~aoOw@ zw(4d|*TY;@xN3@%-wj(oS(R>%PR&mbSsKdQb7YP#6aIc127NC z<*+riTEltj?`o>50CE8)#LmtxGFYb~B|14d848@Dqp{P| zeSk(^zkbc`9k1EZy$yH4$Hxc6?$E%`3A+0Lh|(%+fg1eFl$2!>+&6CIK74oXfGkI^ z@fcvVj*bpk6jk<^xH!sH3~q@NCOQN4HP-B#|N95bxUHLE*iFf>(o3KS1KKsD+or>2 zZnU_eG+i?TSemYro3HhJ5R#H>Jf*bi(+g#X>*bv1DUPkEVsQyiD#qrXlR3sdTZ(=B zeHn5p#oD0r;xvaQRCd63dFquG++);g@UAu~ToC0Z{Aob+Dw7s^W|Z4T%gD!3pxD(r}caQIyOT5c*vNKSCI_barqb6 zwM;vNMzn;~)zv{1Qks21;{JVz0Hx8;Ptf3`;pF%LYW`6P1#m(a78an6T79*PBr7|6 zFkeF{AITs9L(Rd)1|74ZJ7H3AF!}%d<^YV?drD& zAgcoB2ae%j&co{lDG+7TiMYSkTY-j+(9DvE595%mRp@GOugo4p9*V?z*5;!SH-Gu^ zuArc!wKcT=L%IV_jsh@I?2LA~v~2Fmd(3Z{DMtB3T^3atr#Mrdhj5H5R8^1Nm+)ol zwgiw zpMw;g_0;nFO-xL{12Z0!0KW$~qN}S*tMJ1?mSm9ed{u`{Fz@ZCogeZ%D{z?LDY5R`#S(A3m~zVDNhlVD<@!Dv3@#L(yffB!EZj9RE~n_r8R z38xeNne*_Sn9shksVSYH{WUf=nW22weq7JuXThZOx;4%gO;67_Rv$vYImN`=3~ymC zf%OXv4$fE2gT3O&EC2a_Y5^KH+BmdEKNrOcjJaP2%LrW#@$m2t8J1i_?0|0mLnnyrRo-n?e{qgXXgBTe>E8!nVK~6TLdt-c60vax@7X{i*JkA z58ajZvclC`U4AQy+MYx|`8K&f9mA-`1KKjaT>ZHw~rt)N^B%^2A}1IHUG z{u)iE(ZVDcm=u*9_wdt*M^P8P>PIu2uu^4xjtB8;vo#7i;Cr;`EC0`8G) z6gCQQKm|}PYzDs&oIj)hXzw_e%wid6Qg6&c_74650u2DhunN#kFjs-a=-m|9mzr7% z?kk_WC%y#@0N_+XyZ19McoM_vMcdI8T67$Zi>!sF~&HMXZ<1a6WI+^xOeM^v( zWU*7axwQzLJWb4_0jp43DCaxC{Y^~VZ)HuJZ&;k32CvN$sYpg9&j8$vwW7XMczc2C z6$!hoEENmL;ryzwa+~}dh-@vSx9b+TDu`ELv&Ygv1_r!GBA-?1FlHHX_QGtDcD>s> zcTG)A_4W0kmtsI5bd!W`sf77@>gvrwTTp*S&2No4cNw-4E-tPndwfE|!ra{4%1URf zRbS2|v@cCgzDh~ivZ~3&&JH^?PKL?5Sj%T#X*d(v8?PfHKe?Taj)|FBT3VW!kwgy< z4@2&+1~CL6bOMMq$*{C?VX`vTC0x-n9ZWt%AdHcJ;oA<%cu@o@_;|PR#KqBZswKM9@+uB{H0@E!xtoSSOb{HRWlt;)W+ zx!GwW#~!nPaA4Kx1fG_VfPnLF1(s-tCKt}d#>KIkI@PzB+!K~6fY<=6HdtzKk`S-( z^70lO0zqf3n-BJJM*)@ewY_b0IC&dalZuL}hV)5UHt#SpPD3*g?oY#c$ha>K6z10^ zCnU7S0@)|5--J^+3I1f*|DAX7&)3_c`t#Im92}d!e_t55q>H=Ud&aX;`%gYI4^ITw z@8E)u5&^%oMuY}-p8{&v;Wpb7k4{W%TV;V!BI~=mA4`3j)%}aW5x`+ZC0GNhfJWG8 zrbrnC_<))ayuOx55~bIhcje{I;4;w8zb8IH7WU#p;M!|kmiYCXo(2+9-Vqf1-OY;o zbQIz&b+WzTIsFvQ!RMrk(Ojdi_aK7^kRi3;Vuw5$8XgzMn`#iOF3bo%uu^;c$=K>q z<6h9rm!-Kb+THCzO#(?cP4Z?P7br@}+kf(Ua5iH_ybD$Bsv&Y&R7p!>&rX( zYjk34$%Xloyr_gk=P#Yd*}o#Z9|egWmrT^wHg~1g8;pq<;Ej^|Gf?GxX%^iw#MVsh z?e8CNMIS4j@346h0=Z>U37$}kPK-lBe>fR*`L6faG%Yjj6bwIrEWqP%4OP`la6`d( zz&u!=%?1@Qzi7V`3m2E-E=T&|(Gd(g=mWqKZ{b@8Xu$4r zl&l-W`9eHw-b!*Tmv*YSU#bs{`n`Lfpda+O*X}BGy)XMaiO))XkAZ5>$9;K-7wmUJ z!f>UH_A&Q7fWqaG>av`id1zD)E~8RE!g{0%G#PM&!63u?O+MO-`yN)w$8m%GhpX@G z=zw!~MfBWhbW{4FuCGAxy;52i4{3s!PjEug<{wqf{O_d$oGc2qvahE$m@jM3dYFmh0m?ak>!Ekj zq%bB2w&m(-1GGzqmagyLzjs~i19}sBO9ll547D=p#`e&7dwSLkjDAD+fm{vS5&`m! zZy;cRkcHC)kg35gdGth)5o23N$Fw%4qXRhjL1uDUX#Gn_i$OY&LvO?*UR&05}H7)MF3rNWQrNUr8=2ik*#8|LCT zL(aIXtFk~7+6$}a~V z>R+q%sw8oiU*%qkKF4LZa3VfoW6T9a2(x+rBJ|~hpd6K;B<6eQKHHHXMTfpLOcK^I zI{IX7;!17x!wlsR>z3~h3D(lPQ3JGmKC7cu4iZ%_5CX}D)cl*~UgM-j!Q*vMRlM5;(EUNy>a4Dd|qNUz?YE@cC8m zO{#r<_{*s{QF4vB(?Q2&uiorpP0G`MDZA#}UD69lii%8x?~BS;%39o`sM7O>M%M&$ zbZ^Sx-uEm%{}1Wtd0D+XR-=BNj>i*6R6k8Lou=RE_xX7t!M~nb5&)eW16Wb`kWo2@ z9ReOtLWjt^d|A6uU2SbY_V0|$X{)Qp+TtVc42E~k!8>Kv>=OVIT4CmnH?&|IqaHOFFnpoGo~l*I&CcG|)kV=Yz!89~iY#gT%d$JiXUI3T|HfgbhBZGEc>kH+jQ&+_a`!Gc zy;nT-j-THpO+TL}PdY(*0q60A(BWUF739FW8=i`d5a#ptY1$Y0oB3&$1NqzcCJ|lz z7_iUkE~lMLcwR%=GmqrV#9lBYd;WP4|I3Br;86ePpLMDuL*A4AOyu9mXm@cvPHU>6 zs^i?h1T2hw`~TnrCm;8pX$s>I6dW>6`TF&%Tu3J11E94b#*>wof0U~lQ`Wl}n8N8b zpCA|h)tBTda$W4ia1B}?ZJ$81e#vs3l~T?F{40Amk*8EIPq!+YlsiVTE2xstiO8Vk zV>uVVg8}guy|b71qt)LDguJRlASP8AHf0kdVr9e#dSh?rmo8^c@B?LcE; z66)I+<+GgLQZ+D$&H5QJ0}?C)#{+sMh`S-`hggf=`!}#A#N}F5p4*FX_d$2{2I9EY z)iI!uK%(HXJoIp=%ATjdf!Cq55cCE0Fe3v-6&RbD(NO=obTMyi(zEdX^)t61bp>$` z{6_Fa1wb|eMCtVJ&*QX0`ETr&jc#Dmox%hy}ggDvgf+f1b)1Ul-Z&S zi7dPJ-ml|l${#1Q!z)OoT$3$>(mCPF)YQ~8GzUN@mWk}8`5oWj;J6OhVhbpo5~eu_ zN()#T`+$*{!I^UC7tHNcp6@}8Usn;9SHmc zIO1?UA1EABP(ZE?d^zxx2I`Nd5=00qSLoO0x`J9xPf!g0I3b=ZI}=kt2)Aw>MqN{` z!;whr#2~PMg^X6j{Wo|~aE{PP-k=?sbNB8Y7J_1smle42z#a0o3Y{6Uba(#)f`ABm zabMtr5%C~Ir|IeXu+oQ>(5caQL36yp2ej(WQ(r@2jtvCusr1c#HVHBDm(8G6I}l$F zk_8QzcKNCDWP;AlrU*J10vF@p;DBtJFKeJ>oYWHqR08-HX5cjJ%_hOUO&0Tk+qGR> zx6uaC-$1cmaRm=nG2vx^*#>9G0{wdJt)&qvaVcc8muQ2Xd=MBAAj1^ZcygRns9Ws_ zqqGzg0e1&@l%g3YH>Y8DU+jT+7!K3|7W)Xc2#~Cen_a?a;Jmq=a36yt71&vbNdR3y zmYIU{@m(}*Q!K~fdJFy47UHXd_P~|{F9O(lzXIKsq%k)6Cbop zIhl3xB6@|p%#hXF;kbQ!3+C6rW_Tl)1(7XGQbb>(ps0kC062Z5)-58{M^KYH?qXzd zad8P5ATN}-xDbc{U^K!faUjIFxMt!Y2n@wMH`D2SQ3itjfnZAxU0vNn)WKP<3a!pK zXi{hq^BX>1Q!x~_z)+=M#~ruIJEt2U#~3z%FKhrXorfTC1)4E~pC_SW36{m-s(>-(HE3Y=UfWio&>nQ!m$H9jO<0qB++F{puJt)vS5tz~8osrWDU>}Gqcfu6^ib+hQ zhT$jx(fQ+IRN0B~@j+Gg8Fmru&d#931R&%u_Q1A-*&R{9XT`)+z|VuI^Hs<>qAU6X zMN56T5@-m*LEQ~3CY&yVXmNbl-*SwR%aA?>QXYl@asudOV-p0*9fn7A3>vs8u8r1y z1XIB{b%~0dtbTtnA6*V=z&CF$RqOapV9uV~C{tr-8$ON)Z7NA2OUxm!4%lp*?%t4=VgXs*Khn|40B>L*B|wO7E= z#{V_`{R`qFPBm&EzkLvY^V#LqpA}(Qcj$e#BGu3GJIyML7SDygeA$;oO*QNSrWVX# zpbO+n75S~%3MyfcCgful#SYpAHEW!2B;jc-G4nbsu3UJ+C;_z!9bnJ{`@w~FH;igL z?o@8_^zY#s0ZkQ>mfF3c(~yXH|5e)XkTYZ%%vsr=kx-Eg*e}rOg&AMNWjxO!1_!5X zHEH#_cs*k&Dpl!REd@1o+lKL^_mjih0H;lX+ya{T7o@}?=b%q;w0n_LYxYzLy(yPPeDq<|FZa|#Sf-jRZmEqK+HU; zqh1N=#T@W9u-9T365<333#cFM>WJzU?X^YQe#YzL`p-PgT|&z3%=0Cn)=W z3mb>tfy6J5B;%~;xU?CsRSn(~WI6^8KLE1yx7R$7)+abQ;aBtT;J9b3Cl~_@0xJtr z{;8FfClw6C%AlN83)WA}cy!_F)s86`Awxn)s142m%}8deCM2z4A$;0cW5Pg$D(^A8 z7(6kcDLFa0SnelU{gZVe3aMvdcn(ay((u(sz6?k0tOsfc56XTZ8wy!vs~D&c((^m2 z@H;t%k!|sSX6|R`&p_HLp5I0b9A1s<${je<5Zb8w9v|+3{e*-^Be6DJdR>g}LNZK9wo$UGn3EK#U8q_i%c#Vuf z^n-ASfQQwCRX}{bz}p#shTyJ$0=@x?AFx_eoE{8%0yCf_BXjNT_R=8WCojN*@FIB4 z0GM0Io_g*qQ_;}04?-tda9NpV@iMFsWe> z<|2LuR4YIfEqX(QzzI$`jOOcvnQytO)VZefnHL_y06!QL2e*Wpj;_JHhf&=;N85cl z+=_psQ|=}GA0XAB%c}@NtX-FS-Lu+HLwdRrAVgWdFC``A?CflAo}=zzZN0p;&GOBd+rp&IF?1oRLWA*d%xIXhc1s7pvf0)oSeND88qON@y^PNsM7K21vc z1qKjg4W9^zUBbwuNW3B02T)JzgP|lyLNr4o|Knmk>e63)(6+Sd&jaj#$E592p$0&7 z(1Kp@?f*2nz$y&WDNiPY=|Mr!YU@7R4i!ugU)1nf4Y+%GNlQw?L7=ff15I_U@pWoy zSKPtD!6w3CdRG7H?58>pQiawh|fEHrdRF)|u% zFZTaa_K}})^JOoAEauOR37PRZh&!wZsw5dF*U&&*Y1G|9M@^ z4+9}#0pKtr!hTR&XmK6v?cvi1csSpGQsWFLR?io}biPJ$SHi6p_bUL0fHC5X0~Un5 z^128C7bEK%S4YQ0K#Z`n{7#PC>Mz6XlOS>li!33g6(oag?g}9WDq(r$t!sx z`0c)s*qQb?fc)^_(Q7z-B{23~8_CA^^z;;H!A6I?{9_NW8Z(Z2Kutrw4>CsYE7Txg zH0}<%r`C5Dqhy%iPK1SqB6G8$B4YifR=N2H04gBBgTUE-^1hL%RU|~hFp3U_nW5M6 zgC4wK2&$3Hfm9R_s52VKg@KVPgkuWu5p=7J-L)4QHcop0{te9099VPQt zA)UQgxH;yvR`~dXAs{PsABd)4t8MatD|hU9D+$GWeWRA3`+@R38ZqxGhz8+qcc+Ql zsq2H94PtbN$Zkx=c9|tuzg>_RW!!=h zvEeiVMd|5Ji9Kl+{1`X3x1Yc*I8X1Lu96EsL^N{rlx|3uRC)Z^e0ru6ngiHL>10Xb z?yxL)>b7gtRmcV8!`Uhr31OFm1TE%Q1jjg3y+I&){i-ksL!VNr!w5BdwcWx*b$pzg zOAQNR8@(Ki97ZBkO}@GPi?C&~GBdXz!INi%0AC#Uhrl+K=z&BVSc`G*%~u&hHK$KB z%>p5HAvATfI%?QV6?rKLEQwT3pZni9s{bOd6ydWJgoA@CA&b7Jdg|o=J3sut@PRFP zBsh6g=g)^~b*|?_idpRnqB3m?>-cm}rJn&uBn{x&tb@%?zi!*}T*Cv{R(3d|@-u z5Kbi^w3qOc+6ZIRXc3h#PCN?_=NEW}A9*JC$uDNEdUV$3*9g9R`s7h=RbRPb$5Uec zi}2}J60+aLb@1+mi|{lm6c#O-Bk#W(Ecb1O^37-iNAcv!ODba=>$BoA`e(&!x3QP- zQq>ULS|VV5Zn@^TDE(cvTi;Vru^Wck{DHl!Zy( zefN4`GR?zNfV?qg;eQgU6W^Zg75)3F|0|*UUpy@T*?wL>SxzUF_R8RbW*s; _('This text is displayed as footer on the self service login page.')), "527" => array ("Headline" => _('Main page footer'), "Text" => _('This text is displayed as footer on the self service main page.')), + "528" => array ("Headline" => _('User name attribute'), + "Text" => _('The attribute (e.g. "uid") that contains the user name for the 2-factor service.')), "550" => array ("Headline" => _("From address"), "Text" => _("This email address will be set as sender address of all password mails. If empty the system default (php.ini) will be used.")), "551" => array ("Headline" => _("Subject"), diff --git a/lam/lib/2factor.inc b/lam/lib/2factor.inc index 0cbaee92..417e6831 100644 --- a/lam/lib/2factor.inc +++ b/lam/lib/2factor.inc @@ -53,8 +53,6 @@ interface TwoFactorProvider { */ public function verify2ndFactor($user, $password, $serial, $twoFactorInput); - - } /** @@ -79,8 +77,27 @@ class PrivacyIDEAProvider implements TwoFactorProvider { */ public function getSerials($user, $password) { logNewMessage(LOG_DEBUG, 'PrivacyIDEAProvider: Getting serials for ' . $user); - $token = $this->authenticate($user, $password); - return $this->getSerialsForUser($user, $token); + $loginAttribute = $this->getLoginAttributeValue($user); + $token = $this->authenticate($loginAttribute, $password); + return $this->getSerialsForUser($loginAttribute, $token); + } + + /** + * Returns the value of the user attribute in LDAP. + * + * @param string $userDn user DN + * @return string user name + */ + private function getLoginAttributeValue($userDn) { + $attrName = $this->config->twoFactorAuthenticationSerialAttributeName; + $userData = ldapGetDN($userDn, array($attrName)); + if (empty($userData[$attrName])) { + return null; + } + if (is_array($userData[$attrName])) { + return $userData[$attrName][0]; + } + return $userData[$attrName]; } /** @@ -89,7 +106,8 @@ class PrivacyIDEAProvider implements TwoFactorProvider { */ public function verify2ndFactor($user, $password, $serial, $twoFactorInput) { logNewMessage(LOG_DEBUG, 'PrivacyIDEAProvider: Checking 2nd factor for ' . $user); - $token = $this->authenticate($user, $password); + $loginAttribute = $this->getLoginAttributeValue($user); + $token = $this->authenticate($loginAttribute, $password); return $this->verify($token, $serial, $twoFactorInput); } @@ -360,6 +378,13 @@ class TwoFactorProviderService { $tfConfig->twoFactorAuthenticationSerialAttributeName = 'yubiKeyId'; } } + if ($tfConfig->twoFactorAuthentication == TwoFactorProviderService::TWO_FACTOR_PRIVACYIDEA) { + $attrName = $profile->twoFactorAuthenticationAttribute; + if (empty($attrName)) { + $attrName = 'uid'; + } + $tfConfig->twoFactorAuthenticationSerialAttributeName = strtolower($attrName); + } return $tfConfig; } @@ -385,6 +410,9 @@ class TwoFactorProviderService { $tfConfig->twoFactorAuthenticationSerialAttributeName = 'yubiKeyId'; } } + if ($tfConfig->twoFactorAuthentication == TwoFactorProviderService::TWO_FACTOR_PRIVACYIDEA) { + $tfConfig->twoFactorAuthenticationSerialAttributeName = strtolower($conf->getTwoFactorAuthenticationAttribute()); + } return $tfConfig; } diff --git a/lam/lib/account.inc b/lam/lib/account.inc index d822ae75..9e36d88a 100644 --- a/lam/lib/account.inc +++ b/lam/lib/account.inc @@ -881,7 +881,7 @@ function searchLDAPPaged($server, $dn, $filter, $attributes, $attrsOnly, $limit) */ function ldapGetDN($dn, $attributes = array('dn'), $handle = null) { if ($handle == null) { - $handle = $_SESSION['ldap']->server(); + $handle = getLDAPServerHandle(); } $return = null; $sr = @ldap_read($handle, escapeDN($dn), 'objectClass=*', $attributes, 0, 0, 0, LDAP_DEREF_NEVER); diff --git a/lam/lib/config.inc b/lam/lib/config.inc index 5c7b4db6..540a7d69 100644 --- a/lam/lib/config.inc +++ b/lam/lib/config.inc @@ -598,6 +598,7 @@ class LAMConfig { private $twoFactorAuthenticationLabel = null; private $twoFactorAuthenticationOptional = false; private $twoFactorAuthenticationCaption = ''; + private $twoFactorAuthenticationAttribute = ''; /** List of all settings in config file */ private $settings = array("ServerURL", "useTLS", "followReferrals", 'pagedResults', "Passwd", "Admins", "treesuffix", @@ -610,7 +611,8 @@ class LAMConfig { 'pwdResetAllowScreenPassword', 'pwdResetForcePasswordChange', 'pwdResetDefaultPasswordOutput', 'scriptUserName', 'scriptSSHKey', 'scriptSSHKeyPassword', 'twoFactorAuthentication', 'twoFactorAuthenticationURL', 'twoFactorAuthenticationInsecure', 'twoFactorAuthenticationLabel', 'twoFactorAuthenticationOptional', - 'twoFactorAuthenticationCaption', 'twoFactorAuthenticationClientId', 'twoFactorAuthenticationSecretKey', 'referentialIntegrityOverlay' + 'twoFactorAuthenticationCaption', 'twoFactorAuthenticationClientId', 'twoFactorAuthenticationSecretKey', + 'twoFactorAuthenticationAttribute', 'referentialIntegrityOverlay' ); @@ -868,14 +870,33 @@ class LAMConfig { if (!in_array("pwdResetAllowScreenPassword", $saved)) array_push($file_array, "\n" . "pwdResetAllowScreenPassword: " . $this->pwdResetAllowScreenPassword . "\n"); if (!in_array("pwdResetForcePasswordChange", $saved)) array_push($file_array, "\n" . "pwdResetForcePasswordChange: " . $this->pwdResetForcePasswordChange . "\n"); if (!in_array("pwdResetDefaultPasswordOutput", $saved)) array_push($file_array, "\n" . "pwdResetDefaultPasswordOutput: " . $this->pwdResetDefaultPasswordOutput . "\n"); - if (!in_array("twoFactorAuthentication", $saved)) array_push($file_array, "\n" . "twoFactorAuthentication: " . $this->twoFactorAuthentication . "\n"); - if (!in_array("twoFactorAuthenticationURL", $saved)) array_push($file_array, "\n" . "twoFactorAuthenticationURL: " . $this->twoFactorAuthenticationURL . "\n"); - if (!in_array("twoFactorAuthenticationClientId", $saved)) array_push($file_array, "\n" . "twoFactorAuthenticationClientId: " . $this->twoFactorAuthenticationClientId . "\n"); - if (!in_array("twoFactorAuthenticationSecretKey", $saved)) array_push($file_array, "\n" . "twoFactorAuthenticationSecretKey: " . $this->twoFactorAuthenticationSecretKey . "\n"); - if (!in_array("twoFactorAuthenticationInsecure", $saved)) array_push($file_array, "\n" . "twoFactorAuthenticationInsecure: " . $this->twoFactorAuthenticationInsecure . "\n"); - if (!in_array("twoFactorAuthenticationLabel", $saved)) array_push($file_array, "\n" . "twoFactorAuthenticationLabel: " . $this->twoFactorAuthenticationLabel . "\n"); - if (!in_array("twoFactorAuthenticationOptional", $saved)) array_push($file_array, "\n" . "twoFactorAuthenticationOptional: " . $this->twoFactorAuthenticationOptional . "\n"); - if (!in_array("twoFactorAuthenticationCaption", $saved)) array_push($file_array, "\n" . "twoFactorAuthenticationCaption: " . $this->twoFactorAuthenticationCaption . "\n"); + if (!in_array("twoFactorAuthentication", $saved)) { + array_push($file_array, "\n" . "twoFactorAuthentication: " . $this->twoFactorAuthentication . "\n"); + } + if (!in_array("twoFactorAuthenticationURL", $saved)) { + array_push($file_array, "\n" . "twoFactorAuthenticationURL: " . $this->twoFactorAuthenticationURL . "\n"); + } + if (!in_array("twoFactorAuthenticationClientId", $saved)) { + array_push($file_array, "\n" . "twoFactorAuthenticationClientId: " . $this->twoFactorAuthenticationClientId . "\n"); + } + if (!in_array("twoFactorAuthenticationSecretKey", $saved)) { + array_push($file_array, "\n" . "twoFactorAuthenticationSecretKey: " . $this->twoFactorAuthenticationSecretKey . "\n"); + } + if (!in_array("twoFactorAuthenticationInsecure", $saved)) { + array_push($file_array, "\n" . "twoFactorAuthenticationInsecure: " . $this->twoFactorAuthenticationInsecure . "\n"); + } + if (!in_array("twoFactorAuthenticationLabel", $saved)) { + array_push($file_array, "\n" . "twoFactorAuthenticationLabel: " . $this->twoFactorAuthenticationLabel . "\n"); + } + if (!in_array("twoFactorAuthenticationOptional", $saved)) { + array_push($file_array, "\n" . "twoFactorAuthenticationOptional: " . $this->twoFactorAuthenticationOptional . "\n"); + } + if (!in_array("twoFactorAuthenticationCaption", $saved)) { + array_push($file_array, "\n" . "twoFactorAuthenticationCaption: " . $this->twoFactorAuthenticationCaption . "\n"); + } + if (!in_array("twoFactorAuthenticationAttribute", $saved)) { + array_push($file_array, "\n" . "twoFactorAuthenticationAttribute: " . $this->twoFactorAuthenticationAttribute . "\n"); + } // check if all module settings were added $m_settings = array_keys($this->moduleSettings); for ($i = 0; $i < sizeof($m_settings); $i++) { @@ -2280,6 +2301,27 @@ class LAMConfig { $this->twoFactorAuthenticationCaption = $twoFactorAuthenticationCaption; } + /** + * Returns the user attribute. + * + * @return string user attribute + */ + public function getTwoFactorAuthenticationAttribute() { + if (empty($this->twoFactorAuthenticationAttribute)) { + return 'uid'; + } + return $this->twoFactorAuthenticationAttribute; + } + + /** + * Sets the user attribute. + * + * @param string $twoFactorAuthenticationAttribute user attribute + */ + public function setTwoFactorAuthenticationAttribute($twoFactorAuthenticationAttribute) { + $this->twoFactorAuthenticationAttribute = $twoFactorAuthenticationAttribute; + } + } diff --git a/lam/lib/selfService.inc b/lam/lib/selfService.inc index 5e35c503..bbf379aa 100644 --- a/lam/lib/selfService.inc +++ b/lam/lib/selfService.inc @@ -451,6 +451,7 @@ class selfServiceProfile { public $twoFactorAuthenticationCaption = ''; public $twoFactorAuthenticationClientId = ''; public $twoFactorAuthenticationSecretKey = ''; + public $twoFactorAuthenticationAttribute = 'uid'; /** provider for captcha (-/google) */ public $captchaProvider = '-'; @@ -510,6 +511,7 @@ class selfServiceProfile { $this->twoFactorAuthenticationCaption = ''; $this->twoFactorAuthenticationClientId = ''; $this->twoFactorAuthenticationSecretKey = ''; + $this->twoFactorAuthenticationAttribute = 'uid'; $this->captchaProvider = '-'; $this->reCaptchaSiteKey = ''; $this->reCaptchaSecretKey = ''; diff --git a/lam/templates/config/confmain.php b/lam/templates/config/confmain.php index c79e62be..ed87aa79 100644 --- a/lam/templates/config/confmain.php +++ b/lam/templates/config/confmain.php @@ -466,16 +466,19 @@ if (extension_loaded('curl')) { $twoFactorSelect->setHasDescriptiveElements(true); $twoFactorSelect->setTableRowsToHide(array( TwoFactorProviderService::TWO_FACTOR_NONE => array('twoFactorURL', 'twoFactorInsecure', 'twoFactorLabel', - 'twoFactorOptional', 'twoFactorCaption', 'twoFactorClientId', 'twoFactorSecretKey'), - TwoFactorProviderService::TWO_FACTOR_PRIVACYIDEA => array('twoFactorClientId', 'twoFactorSecretKey') + 'twoFactorOptional', 'twoFactorCaption', 'twoFactorClientId', 'twoFactorSecretKey', 'twoFactorAttribute'), + TwoFactorProviderService::TWO_FACTOR_PRIVACYIDEA => array('twoFactorClientId', 'twoFactorSecretKey'), + TwoFactorProviderService::TWO_FACTOR_YUBICO => array('twoFactorAttribute'), )); $twoFactorSelect->setTableRowsToShow(array( TwoFactorProviderService::TWO_FACTOR_PRIVACYIDEA => array('twoFactorURL', 'twoFactorInsecure', 'twoFactorLabel', - 'twoFactorOptional', 'twoFactorCaption'), + 'twoFactorOptional', 'twoFactorCaption', 'twoFactorAttribute'), TwoFactorProviderService::TWO_FACTOR_YUBICO => array('twoFactorURL', 'twoFactorInsecure', 'twoFactorLabel', 'twoFactorOptional', 'twoFactorCaption', 'twoFactorClientId', 'twoFactorSecretKey'), )); $row->add($twoFactorSelect, 12); + $twoFactorAttribute = new htmlResponsiveInputField(_("User name attribute"), 'twoFactorAttribute', $conf->getTwoFactorAuthenticationAttribute(), '528'); + $row->add($twoFactorAttribute, 12); $twoFactorUrl = new htmlResponsiveInputField(_("Base URL"), 'twoFactorURL', $conf->getTwoFactorAuthenticationURL(), '515'); $twoFactorUrl->setRequired(true); $row->add($twoFactorUrl, 12); diff --git a/lam/templates/login.php b/lam/templates/login.php index 2188a989..31968804 100644 --- a/lam/templates/login.php +++ b/lam/templates/login.php @@ -572,12 +572,6 @@ if(isset($_POST['checklogin'])) { } else { $_SESSION['2factorRequired'] = true; - if (($_SESSION['config']->getLoginMethod() == LAMConfig::LOGIN_SEARCH) && ($_SESSION['config']->getHttpAuthentication() == 'true')) { - $_SESSION['user2factor'] = $_SERVER['PHP_AUTH_USER']; - } - else { - $_SESSION['user2factor'] = $_POST['username']; - } metaRefresh("./login2Factor.php"); } die(); diff --git a/lam/templates/login2Factor.php b/lam/templates/login2Factor.php index 9f4b4383..7088338b 100644 --- a/lam/templates/login2Factor.php +++ b/lam/templates/login2Factor.php @@ -46,10 +46,7 @@ setlanguage(); $config = $_SESSION['config']; $password = $_SESSION['ldap']->getPassword(); -$user = $_SESSION['user2factor']; -if (get_preg($user, 'dn')) { - $user = extractRDNValue($user); -} +$user = $_SESSION['ldap']->getUserName(); // get serials try { @@ -69,7 +66,6 @@ $twoFactorLabel = empty($twoFactorLabelConfig) ? _('PIN+Token') : $twoFactorLabe if (sizeof($serials) == 0) { if ($config->getTwoFactorAuthenticationOptional()) { unset($_SESSION['2factorRequired']); - unset($_SESSION['user2factor']); metaRefresh("main.php"); die(); } @@ -104,7 +100,6 @@ if (isset($_POST['submit'])) { } if ($twoFactorValid) { unset($_SESSION['2factorRequired']); - unset($_SESSION['user2factor']); metaRefresh("main.php"); die(); } diff --git a/lam/tests/lib/LAMConfigTest.php b/lam/tests/lib/LAMConfigTest.php index 9a661b2e..58e94bf5 100644 --- a/lam/tests/lib/LAMConfigTest.php +++ b/lam/tests/lib/LAMConfigTest.php @@ -3,7 +3,7 @@ $Id$ This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) - Copyright (C) 2016 - 2017 Roland Gruber + Copyright (C) 2016 - 2019 Roland Gruber This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -587,6 +587,17 @@ class LAMConfigTest extends PHPUnit_Framework_TestCase { $this->assertEquals($val, $this->lAMConfig->getTwoFactorAuthenticationCaption()); } + /** + * Tests LAMConfig->getTwoFactorAuthenticationAttribute() and LAMConfig->setTwoFactorAuthenticationAttribute() + */ + public function testTwoFactorAuthenticationAttribute() { + $val = 'user'; + $this->lAMConfig->setTwoFactorAuthenticationAttribute($val); + $this->assertEquals($val, $this->lAMConfig->getTwoFactorAuthenticationAttribute()); + $this->doSave(); + $this->assertEquals($val, $this->lAMConfig->getTwoFactorAuthenticationAttribute()); + } + /** * Tests LAMConfig->getLamProMailFrom() and LAMConfig->setLamProMailFrom() */